1 /* SPDX-License-Identifier: GPL-2.0-or-later */
3 * INET An implementation of the TCP/IP protocol suite for the LINUX
4 * operating system. INET is implemented using the BSD Socket
5 * interface as the means of communication with the user level.
7 * Authors: Lotsa people, from code originally in tcp
10 #ifndef _INET_HASHTABLES_H
11 #define _INET_HASHTABLES_H
14 #include <linux/interrupt.h>
16 #include <linux/ipv6.h>
17 #include <linux/list.h>
18 #include <linux/slab.h>
19 #include <linux/socket.h>
20 #include <linux/spinlock.h>
21 #include <linux/types.h>
22 #include <linux/wait.h>
24 #include <net/inet_connection_sock.h>
25 #include <net/inet_sock.h>
27 #include <net/route.h>
28 #include <net/tcp_states.h>
29 #include <net/netns/hash.h>
31 #include <linux/refcount.h>
32 #include <asm/byteorder.h>
34 /* This is for all connections with a full identity, no wildcards.
35 * The 'e' prefix stands for Establish, but we really put all sockets
38 struct inet_ehash_bucket
{
39 struct hlist_nulls_head chain
;
42 /* There are a few simple rules, which allow for local port reuse by
43 * an application. In essence:
45 * 1) Sockets bound to different interfaces may share a local port.
46 * Failing that, goto test 2.
47 * 2) If all sockets have sk->sk_reuse set, and none of them are in
48 * TCP_LISTEN state, the port may be shared.
49 * Failing that, goto test 3.
50 * 3) If all sockets are bound to a specific inet_sk(sk)->rcv_saddr local
51 * address, and none of them are the same, the port may be
53 * Failing this, the port cannot be shared.
55 * The interesting point, is test #2. This is what an FTP server does
56 * all day. To optimize this case we use a specific flag bit defined
57 * below. As we add sockets to a bind bucket list, we perform a
58 * check of: (newsk->sk_reuse && (newsk->sk_state != TCP_LISTEN))
59 * As long as all sockets added to a bind bucket pass this test,
60 * the flag bit will be set.
61 * The resulting situation is that tcp_v[46]_verify_bind() can just check
62 * for this flag bit, if it is set and the socket trying to bind has
63 * sk->sk_reuse set, we don't even have to walk the owners list at all,
64 * we return that it is ok to bind this socket to the requested local port.
66 * Sounds like a lot of work, but it is worth it. In a more naive
67 * implementation (ie. current FreeBSD etc.) the entire list of ports
68 * must be walked for each data port opened by an ftp server. Needless
69 * to say, this does not scale at all. With a couple thousand FTP
70 * users logged onto your box, isn't it nice to know that new data
71 * ports are created in O(1) time? I thought so. ;-) -DaveM
73 #define FASTREUSEPORT_ANY 1
74 #define FASTREUSEPORT_STRICT 2
76 struct inet_bind_bucket
{
77 possible_net_t ib_net
;
80 signed char fastreuse
;
81 signed char fastreuseport
;
83 #if IS_ENABLED(CONFIG_IPV6)
84 struct in6_addr fast_v6_rcv_saddr
;
86 __be32 fast_rcv_saddr
;
87 unsigned short fast_sk_family
;
89 struct hlist_node node
;
90 struct hlist_head owners
;
93 static inline struct net
*ib_net(struct inet_bind_bucket
*ib
)
95 return read_pnet(&ib
->ib_net
);
98 #define inet_bind_bucket_for_each(tb, head) \
99 hlist_for_each_entry(tb, head, node)
101 struct inet_bind_hashbucket
{
103 struct hlist_head chain
;
107 * Sockets can be hashed in established or listening table
109 struct inet_listen_hashbucket
{
112 struct hlist_head head
;
115 /* This is for listening sockets, thus all sockets which possess wildcards. */
116 #define INET_LHTABLE_SIZE 32 /* Yes, really, this is all you need. */
118 struct inet_hashinfo
{
119 /* This is for sockets with full identity only. Sockets here will
120 * always be without wildcards and will have the following invariant:
122 * TCP_ESTABLISHED <= sk->sk_state < TCP_CLOSE
125 struct inet_ehash_bucket
*ehash
;
126 spinlock_t
*ehash_locks
;
127 unsigned int ehash_mask
;
128 unsigned int ehash_locks_mask
;
130 /* Ok, let's try this, I give up, we do need a local binding
131 * TCP hash as well as the others for fast bind/connect.
133 struct kmem_cache
*bind_bucket_cachep
;
134 struct inet_bind_hashbucket
*bhash
;
135 unsigned int bhash_size
;
137 /* The 2nd listener table hashed by local port and address */
138 unsigned int lhash2_mask
;
139 struct inet_listen_hashbucket
*lhash2
;
141 /* All the above members are written once at bootup and
142 * never written again _or_ are predominantly read-access.
144 * Now align to a new cache line as all the following members
145 * might be often dirty.
147 /* All sockets in TCP_LISTEN state will be in listening_hash.
148 * This is the only table where wildcard'd TCP sockets can
149 * exist. listening_hash is only hashed by local port number.
150 * If lhash2 is initialized, the same socket will also be hashed
151 * to lhash2 by port and address.
153 struct inet_listen_hashbucket listening_hash
[INET_LHTABLE_SIZE
]
154 ____cacheline_aligned_in_smp
;
157 #define inet_lhash2_for_each_icsk_rcu(__icsk, list) \
158 hlist_for_each_entry_rcu(__icsk, list, icsk_listen_portaddr_node)
160 static inline struct inet_listen_hashbucket
*
161 inet_lhash2_bucket(struct inet_hashinfo
*h
, u32 hash
)
163 return &h
->lhash2
[hash
& h
->lhash2_mask
];
166 static inline struct inet_ehash_bucket
*inet_ehash_bucket(
167 struct inet_hashinfo
*hashinfo
,
170 return &hashinfo
->ehash
[hash
& hashinfo
->ehash_mask
];
173 static inline spinlock_t
*inet_ehash_lockp(
174 struct inet_hashinfo
*hashinfo
,
177 return &hashinfo
->ehash_locks
[hash
& hashinfo
->ehash_locks_mask
];
180 int inet_ehash_locks_alloc(struct inet_hashinfo
*hashinfo
);
182 static inline void inet_ehash_locks_free(struct inet_hashinfo
*hashinfo
)
184 kvfree(hashinfo
->ehash_locks
);
185 hashinfo
->ehash_locks
= NULL
;
188 static inline bool inet_sk_bound_dev_eq(struct net
*net
, int bound_dev_if
,
191 #if IS_ENABLED(CONFIG_NET_L3_MASTER_DEV)
192 return inet_bound_dev_eq(!!net
->ipv4
.sysctl_tcp_l3mdev_accept
,
193 bound_dev_if
, dif
, sdif
);
195 return inet_bound_dev_eq(true, bound_dev_if
, dif
, sdif
);
199 struct inet_bind_bucket
*
200 inet_bind_bucket_create(struct kmem_cache
*cachep
, struct net
*net
,
201 struct inet_bind_hashbucket
*head
,
202 const unsigned short snum
, int l3mdev
);
203 void inet_bind_bucket_destroy(struct kmem_cache
*cachep
,
204 struct inet_bind_bucket
*tb
);
206 static inline u32
inet_bhashfn(const struct net
*net
, const __u16 lport
,
207 const u32 bhash_size
)
209 return (lport
+ net_hash_mix(net
)) & (bhash_size
- 1);
212 void inet_bind_hash(struct sock
*sk
, struct inet_bind_bucket
*tb
,
213 const unsigned short snum
);
215 /* These can have wildcards, don't try too hard. */
216 static inline u32
inet_lhashfn(const struct net
*net
, const unsigned short num
)
218 return (num
+ net_hash_mix(net
)) & (INET_LHTABLE_SIZE
- 1);
221 static inline int inet_sk_listen_hashfn(const struct sock
*sk
)
223 return inet_lhashfn(sock_net(sk
), inet_sk(sk
)->inet_num
);
226 /* Caller must disable local BH processing. */
227 int __inet_inherit_port(const struct sock
*sk
, struct sock
*child
);
229 void inet_put_port(struct sock
*sk
);
231 void inet_hashinfo_init(struct inet_hashinfo
*h
);
232 void inet_hashinfo2_init(struct inet_hashinfo
*h
, const char *name
,
233 unsigned long numentries
, int scale
,
234 unsigned long low_limit
,
235 unsigned long high_limit
);
236 int inet_hashinfo2_init_mod(struct inet_hashinfo
*h
);
238 bool inet_ehash_insert(struct sock
*sk
, struct sock
*osk
);
239 bool inet_ehash_nolisten(struct sock
*sk
, struct sock
*osk
);
240 int __inet_hash(struct sock
*sk
, struct sock
*osk
);
241 int inet_hash(struct sock
*sk
);
242 void inet_unhash(struct sock
*sk
);
244 struct sock
*__inet_lookup_listener(struct net
*net
,
245 struct inet_hashinfo
*hashinfo
,
246 struct sk_buff
*skb
, int doff
,
247 const __be32 saddr
, const __be16 sport
,
249 const unsigned short hnum
,
250 const int dif
, const int sdif
);
252 static inline struct sock
*inet_lookup_listener(struct net
*net
,
253 struct inet_hashinfo
*hashinfo
,
254 struct sk_buff
*skb
, int doff
,
255 __be32 saddr
, __be16 sport
,
256 __be32 daddr
, __be16 dport
, int dif
, int sdif
)
258 return __inet_lookup_listener(net
, hashinfo
, skb
, doff
, saddr
, sport
,
259 daddr
, ntohs(dport
), dif
, sdif
);
262 /* Socket demux engine toys. */
263 /* What happens here is ugly; there's a pair of adjacent fields in
264 struct inet_sock; __be16 dport followed by __u16 num. We want to
265 search by pair, so we combine the keys into a single 32bit value
266 and compare with 32bit value read from &...->dport. Let's at least
267 make sure that it's not mixed with anything else...
268 On 64bit targets we combine comparisons with pair of adjacent __be32
269 fields in the same way.
272 #define INET_COMBINED_PORTS(__sport, __dport) \
273 ((__force __portpair)(((__force __u32)(__be16)(__sport) << 16) | (__u32)(__dport)))
274 #else /* __LITTLE_ENDIAN */
275 #define INET_COMBINED_PORTS(__sport, __dport) \
276 ((__force __portpair)(((__u32)(__dport) << 16) | (__force __u32)(__be16)(__sport)))
279 #if (BITS_PER_LONG == 64)
281 #define INET_ADDR_COOKIE(__name, __saddr, __daddr) \
282 const __addrpair __name = (__force __addrpair) ( \
283 (((__force __u64)(__be32)(__saddr)) << 32) | \
284 ((__force __u64)(__be32)(__daddr)))
285 #else /* __LITTLE_ENDIAN */
286 #define INET_ADDR_COOKIE(__name, __saddr, __daddr) \
287 const __addrpair __name = (__force __addrpair) ( \
288 (((__force __u64)(__be32)(__daddr)) << 32) | \
289 ((__force __u64)(__be32)(__saddr)))
290 #endif /* __BIG_ENDIAN */
291 #define INET_MATCH(__sk, __net, __cookie, __saddr, __daddr, __ports, __dif, __sdif) \
292 (((__sk)->sk_portpair == (__ports)) && \
293 ((__sk)->sk_addrpair == (__cookie)) && \
294 (((__sk)->sk_bound_dev_if == (__dif)) || \
295 ((__sk)->sk_bound_dev_if == (__sdif))) && \
296 net_eq(sock_net(__sk), (__net)))
297 #else /* 32-bit arch */
298 #define INET_ADDR_COOKIE(__name, __saddr, __daddr) \
299 const int __name __deprecated __attribute__((unused))
301 #define INET_MATCH(__sk, __net, __cookie, __saddr, __daddr, __ports, __dif, __sdif) \
302 (((__sk)->sk_portpair == (__ports)) && \
303 ((__sk)->sk_daddr == (__saddr)) && \
304 ((__sk)->sk_rcv_saddr == (__daddr)) && \
305 (((__sk)->sk_bound_dev_if == (__dif)) || \
306 ((__sk)->sk_bound_dev_if == (__sdif))) && \
307 net_eq(sock_net(__sk), (__net)))
308 #endif /* 64-bit arch */
310 /* Sockets in TCP_CLOSE state are _always_ taken out of the hash, so we need
311 * not check it for lookups anymore, thanks Alexey. -DaveM
313 struct sock
*__inet_lookup_established(struct net
*net
,
314 struct inet_hashinfo
*hashinfo
,
315 const __be32 saddr
, const __be16 sport
,
316 const __be32 daddr
, const u16 hnum
,
317 const int dif
, const int sdif
);
319 static inline struct sock
*
320 inet_lookup_established(struct net
*net
, struct inet_hashinfo
*hashinfo
,
321 const __be32 saddr
, const __be16 sport
,
322 const __be32 daddr
, const __be16 dport
,
325 return __inet_lookup_established(net
, hashinfo
, saddr
, sport
, daddr
,
326 ntohs(dport
), dif
, 0);
329 static inline struct sock
*__inet_lookup(struct net
*net
,
330 struct inet_hashinfo
*hashinfo
,
331 struct sk_buff
*skb
, int doff
,
332 const __be32 saddr
, const __be16 sport
,
333 const __be32 daddr
, const __be16 dport
,
334 const int dif
, const int sdif
,
337 u16 hnum
= ntohs(dport
);
340 sk
= __inet_lookup_established(net
, hashinfo
, saddr
, sport
,
341 daddr
, hnum
, dif
, sdif
);
346 return __inet_lookup_listener(net
, hashinfo
, skb
, doff
, saddr
,
347 sport
, daddr
, hnum
, dif
, sdif
);
350 static inline struct sock
*inet_lookup(struct net
*net
,
351 struct inet_hashinfo
*hashinfo
,
352 struct sk_buff
*skb
, int doff
,
353 const __be32 saddr
, const __be16 sport
,
354 const __be32 daddr
, const __be16 dport
,
360 sk
= __inet_lookup(net
, hashinfo
, skb
, doff
, saddr
, sport
, daddr
,
361 dport
, dif
, 0, &refcounted
);
363 if (sk
&& !refcounted
&& !refcount_inc_not_zero(&sk
->sk_refcnt
))
368 static inline struct sock
*__inet_lookup_skb(struct inet_hashinfo
*hashinfo
,
376 struct sock
*sk
= skb_steal_sock(skb
);
377 const struct iphdr
*iph
= ip_hdr(skb
);
383 return __inet_lookup(dev_net(skb_dst(skb
)->dev
), hashinfo
, skb
,
384 doff
, iph
->saddr
, sport
,
385 iph
->daddr
, dport
, inet_iif(skb
), sdif
,
389 u32
inet6_ehashfn(const struct net
*net
,
390 const struct in6_addr
*laddr
, const u16 lport
,
391 const struct in6_addr
*faddr
, const __be16 fport
);
393 static inline void sk_daddr_set(struct sock
*sk
, __be32 addr
)
395 sk
->sk_daddr
= addr
; /* alias of inet_daddr */
396 #if IS_ENABLED(CONFIG_IPV6)
397 ipv6_addr_set_v4mapped(addr
, &sk
->sk_v6_daddr
);
401 static inline void sk_rcv_saddr_set(struct sock
*sk
, __be32 addr
)
403 sk
->sk_rcv_saddr
= addr
; /* alias of inet_rcv_saddr */
404 #if IS_ENABLED(CONFIG_IPV6)
405 ipv6_addr_set_v4mapped(addr
, &sk
->sk_v6_rcv_saddr
);
409 int __inet_hash_connect(struct inet_timewait_death_row
*death_row
,
410 struct sock
*sk
, u32 port_offset
,
411 int (*check_established
)(struct inet_timewait_death_row
*,
412 struct sock
*, __u16
,
413 struct inet_timewait_sock
**));
415 int inet_hash_connect(struct inet_timewait_death_row
*death_row
,
417 #endif /* _INET_HASHTABLES_H */