1 /* SPDX-License-Identifier: GPL-2.0-or-later */
3 * INET An implementation of the TCP/IP protocol suite for the LINUX
4 * operating system. INET is implemented using the BSD Socket
5 * interface as the means of communication with the user level.
7 * Authors: Lotsa people, from code originally in tcp
10 #ifndef _INET_HASHTABLES_H
11 #define _INET_HASHTABLES_H
14 #include <linux/interrupt.h>
16 #include <linux/ipv6.h>
17 #include <linux/list.h>
18 #include <linux/slab.h>
19 #include <linux/socket.h>
20 #include <linux/spinlock.h>
21 #include <linux/types.h>
22 #include <linux/wait.h>
24 #include <net/inet_connection_sock.h>
25 #include <net/inet_sock.h>
27 #include <net/route.h>
28 #include <net/tcp_states.h>
29 #include <net/netns/hash.h>
31 #include <linux/refcount.h>
32 #include <asm/byteorder.h>
34 /* This is for all connections with a full identity, no wildcards.
35 * The 'e' prefix stands for Establish, but we really put all sockets
38 struct inet_ehash_bucket
{
39 struct hlist_nulls_head chain
;
42 /* There are a few simple rules, which allow for local port reuse by
43 * an application. In essence:
45 * 1) Sockets bound to different interfaces may share a local port.
46 * Failing that, goto test 2.
47 * 2) If all sockets have sk->sk_reuse set, and none of them are in
48 * TCP_LISTEN state, the port may be shared.
49 * Failing that, goto test 3.
50 * 3) If all sockets are bound to a specific inet_sk(sk)->rcv_saddr local
51 * address, and none of them are the same, the port may be
53 * Failing this, the port cannot be shared.
55 * The interesting point, is test #2. This is what an FTP server does
56 * all day. To optimize this case we use a specific flag bit defined
57 * below. As we add sockets to a bind bucket list, we perform a
58 * check of: (newsk->sk_reuse && (newsk->sk_state != TCP_LISTEN))
59 * As long as all sockets added to a bind bucket pass this test,
60 * the flag bit will be set.
61 * The resulting situation is that tcp_v[46]_verify_bind() can just check
62 * for this flag bit, if it is set and the socket trying to bind has
63 * sk->sk_reuse set, we don't even have to walk the owners list at all,
64 * we return that it is ok to bind this socket to the requested local port.
66 * Sounds like a lot of work, but it is worth it. In a more naive
67 * implementation (ie. current FreeBSD etc.) the entire list of ports
68 * must be walked for each data port opened by an ftp server. Needless
69 * to say, this does not scale at all. With a couple thousand FTP
70 * users logged onto your box, isn't it nice to know that new data
71 * ports are created in O(1) time? I thought so. ;-) -DaveM
73 #define FASTREUSEPORT_ANY 1
74 #define FASTREUSEPORT_STRICT 2
76 struct inet_bind_bucket
{
77 possible_net_t ib_net
;
80 signed char fastreuse
;
81 signed char fastreuseport
;
83 #if IS_ENABLED(CONFIG_IPV6)
84 struct in6_addr fast_v6_rcv_saddr
;
86 __be32 fast_rcv_saddr
;
87 unsigned short fast_sk_family
;
89 struct hlist_node node
;
90 struct hlist_head owners
;
93 static inline struct net
*ib_net(struct inet_bind_bucket
*ib
)
95 return read_pnet(&ib
->ib_net
);
98 #define inet_bind_bucket_for_each(tb, head) \
99 hlist_for_each_entry(tb, head, node)
101 struct inet_bind_hashbucket
{
103 struct hlist_head chain
;
106 /* Sockets can be hashed in established or listening table.
107 * We must use different 'nulls' end-of-chain value for all hash buckets :
108 * A socket might transition from ESTABLISH to LISTEN state without
109 * RCU grace period. A lookup in ehash table needs to handle this case.
111 #define LISTENING_NULLS_BASE (1U << 29)
112 struct inet_listen_hashbucket
{
116 struct hlist_head head
;
117 struct hlist_nulls_head nulls_head
;
121 /* This is for listening sockets, thus all sockets which possess wildcards. */
122 #define INET_LHTABLE_SIZE 32 /* Yes, really, this is all you need. */
124 struct inet_hashinfo
{
125 /* This is for sockets with full identity only. Sockets here will
126 * always be without wildcards and will have the following invariant:
128 * TCP_ESTABLISHED <= sk->sk_state < TCP_CLOSE
131 struct inet_ehash_bucket
*ehash
;
132 spinlock_t
*ehash_locks
;
133 unsigned int ehash_mask
;
134 unsigned int ehash_locks_mask
;
136 /* Ok, let's try this, I give up, we do need a local binding
137 * TCP hash as well as the others for fast bind/connect.
139 struct kmem_cache
*bind_bucket_cachep
;
140 struct inet_bind_hashbucket
*bhash
;
141 unsigned int bhash_size
;
143 /* The 2nd listener table hashed by local port and address */
144 unsigned int lhash2_mask
;
145 struct inet_listen_hashbucket
*lhash2
;
147 /* All the above members are written once at bootup and
148 * never written again _or_ are predominantly read-access.
150 * Now align to a new cache line as all the following members
151 * might be often dirty.
153 /* All sockets in TCP_LISTEN state will be in listening_hash.
154 * This is the only table where wildcard'd TCP sockets can
155 * exist. listening_hash is only hashed by local port number.
156 * If lhash2 is initialized, the same socket will also be hashed
157 * to lhash2 by port and address.
159 struct inet_listen_hashbucket listening_hash
[INET_LHTABLE_SIZE
]
160 ____cacheline_aligned_in_smp
;
163 #define inet_lhash2_for_each_icsk_rcu(__icsk, list) \
164 hlist_for_each_entry_rcu(__icsk, list, icsk_listen_portaddr_node)
166 static inline struct inet_listen_hashbucket
*
167 inet_lhash2_bucket(struct inet_hashinfo
*h
, u32 hash
)
169 return &h
->lhash2
[hash
& h
->lhash2_mask
];
172 static inline struct inet_ehash_bucket
*inet_ehash_bucket(
173 struct inet_hashinfo
*hashinfo
,
176 return &hashinfo
->ehash
[hash
& hashinfo
->ehash_mask
];
179 static inline spinlock_t
*inet_ehash_lockp(
180 struct inet_hashinfo
*hashinfo
,
183 return &hashinfo
->ehash_locks
[hash
& hashinfo
->ehash_locks_mask
];
186 int inet_ehash_locks_alloc(struct inet_hashinfo
*hashinfo
);
188 static inline void inet_hashinfo2_free_mod(struct inet_hashinfo
*h
)
194 static inline void inet_ehash_locks_free(struct inet_hashinfo
*hashinfo
)
196 kvfree(hashinfo
->ehash_locks
);
197 hashinfo
->ehash_locks
= NULL
;
200 static inline bool inet_sk_bound_dev_eq(struct net
*net
, int bound_dev_if
,
203 #if IS_ENABLED(CONFIG_NET_L3_MASTER_DEV)
204 return inet_bound_dev_eq(!!net
->ipv4
.sysctl_tcp_l3mdev_accept
,
205 bound_dev_if
, dif
, sdif
);
207 return inet_bound_dev_eq(true, bound_dev_if
, dif
, sdif
);
211 struct inet_bind_bucket
*
212 inet_bind_bucket_create(struct kmem_cache
*cachep
, struct net
*net
,
213 struct inet_bind_hashbucket
*head
,
214 const unsigned short snum
, int l3mdev
);
215 void inet_bind_bucket_destroy(struct kmem_cache
*cachep
,
216 struct inet_bind_bucket
*tb
);
218 static inline u32
inet_bhashfn(const struct net
*net
, const __u16 lport
,
219 const u32 bhash_size
)
221 return (lport
+ net_hash_mix(net
)) & (bhash_size
- 1);
224 void inet_bind_hash(struct sock
*sk
, struct inet_bind_bucket
*tb
,
225 const unsigned short snum
);
227 /* These can have wildcards, don't try too hard. */
228 static inline u32
inet_lhashfn(const struct net
*net
, const unsigned short num
)
230 return (num
+ net_hash_mix(net
)) & (INET_LHTABLE_SIZE
- 1);
233 static inline int inet_sk_listen_hashfn(const struct sock
*sk
)
235 return inet_lhashfn(sock_net(sk
), inet_sk(sk
)->inet_num
);
238 /* Caller must disable local BH processing. */
239 int __inet_inherit_port(const struct sock
*sk
, struct sock
*child
);
241 void inet_put_port(struct sock
*sk
);
243 void inet_hashinfo_init(struct inet_hashinfo
*h
);
244 void inet_hashinfo2_init(struct inet_hashinfo
*h
, const char *name
,
245 unsigned long numentries
, int scale
,
246 unsigned long low_limit
,
247 unsigned long high_limit
);
248 int inet_hashinfo2_init_mod(struct inet_hashinfo
*h
);
250 bool inet_ehash_insert(struct sock
*sk
, struct sock
*osk
);
251 bool inet_ehash_nolisten(struct sock
*sk
, struct sock
*osk
);
252 int __inet_hash(struct sock
*sk
, struct sock
*osk
);
253 int inet_hash(struct sock
*sk
);
254 void inet_unhash(struct sock
*sk
);
256 struct sock
*__inet_lookup_listener(struct net
*net
,
257 struct inet_hashinfo
*hashinfo
,
258 struct sk_buff
*skb
, int doff
,
259 const __be32 saddr
, const __be16 sport
,
261 const unsigned short hnum
,
262 const int dif
, const int sdif
);
264 static inline struct sock
*inet_lookup_listener(struct net
*net
,
265 struct inet_hashinfo
*hashinfo
,
266 struct sk_buff
*skb
, int doff
,
267 __be32 saddr
, __be16 sport
,
268 __be32 daddr
, __be16 dport
, int dif
, int sdif
)
270 return __inet_lookup_listener(net
, hashinfo
, skb
, doff
, saddr
, sport
,
271 daddr
, ntohs(dport
), dif
, sdif
);
274 /* Socket demux engine toys. */
275 /* What happens here is ugly; there's a pair of adjacent fields in
276 struct inet_sock; __be16 dport followed by __u16 num. We want to
277 search by pair, so we combine the keys into a single 32bit value
278 and compare with 32bit value read from &...->dport. Let's at least
279 make sure that it's not mixed with anything else...
280 On 64bit targets we combine comparisons with pair of adjacent __be32
281 fields in the same way.
284 #define INET_COMBINED_PORTS(__sport, __dport) \
285 ((__force __portpair)(((__force __u32)(__be16)(__sport) << 16) | (__u32)(__dport)))
286 #else /* __LITTLE_ENDIAN */
287 #define INET_COMBINED_PORTS(__sport, __dport) \
288 ((__force __portpair)(((__u32)(__dport) << 16) | (__force __u32)(__be16)(__sport)))
291 #if (BITS_PER_LONG == 64)
293 #define INET_ADDR_COOKIE(__name, __saddr, __daddr) \
294 const __addrpair __name = (__force __addrpair) ( \
295 (((__force __u64)(__be32)(__saddr)) << 32) | \
296 ((__force __u64)(__be32)(__daddr)))
297 #else /* __LITTLE_ENDIAN */
298 #define INET_ADDR_COOKIE(__name, __saddr, __daddr) \
299 const __addrpair __name = (__force __addrpair) ( \
300 (((__force __u64)(__be32)(__daddr)) << 32) | \
301 ((__force __u64)(__be32)(__saddr)))
302 #endif /* __BIG_ENDIAN */
303 #define INET_MATCH(__sk, __net, __cookie, __saddr, __daddr, __ports, __dif, __sdif) \
304 (((__sk)->sk_portpair == (__ports)) && \
305 ((__sk)->sk_addrpair == (__cookie)) && \
306 (((__sk)->sk_bound_dev_if == (__dif)) || \
307 ((__sk)->sk_bound_dev_if == (__sdif))) && \
308 net_eq(sock_net(__sk), (__net)))
309 #else /* 32-bit arch */
310 #define INET_ADDR_COOKIE(__name, __saddr, __daddr) \
311 const int __name __deprecated __attribute__((unused))
313 #define INET_MATCH(__sk, __net, __cookie, __saddr, __daddr, __ports, __dif, __sdif) \
314 (((__sk)->sk_portpair == (__ports)) && \
315 ((__sk)->sk_daddr == (__saddr)) && \
316 ((__sk)->sk_rcv_saddr == (__daddr)) && \
317 (((__sk)->sk_bound_dev_if == (__dif)) || \
318 ((__sk)->sk_bound_dev_if == (__sdif))) && \
319 net_eq(sock_net(__sk), (__net)))
320 #endif /* 64-bit arch */
322 /* Sockets in TCP_CLOSE state are _always_ taken out of the hash, so we need
323 * not check it for lookups anymore, thanks Alexey. -DaveM
325 struct sock
*__inet_lookup_established(struct net
*net
,
326 struct inet_hashinfo
*hashinfo
,
327 const __be32 saddr
, const __be16 sport
,
328 const __be32 daddr
, const u16 hnum
,
329 const int dif
, const int sdif
);
331 static inline struct sock
*
332 inet_lookup_established(struct net
*net
, struct inet_hashinfo
*hashinfo
,
333 const __be32 saddr
, const __be16 sport
,
334 const __be32 daddr
, const __be16 dport
,
337 return __inet_lookup_established(net
, hashinfo
, saddr
, sport
, daddr
,
338 ntohs(dport
), dif
, 0);
341 static inline struct sock
*__inet_lookup(struct net
*net
,
342 struct inet_hashinfo
*hashinfo
,
343 struct sk_buff
*skb
, int doff
,
344 const __be32 saddr
, const __be16 sport
,
345 const __be32 daddr
, const __be16 dport
,
346 const int dif
, const int sdif
,
349 u16 hnum
= ntohs(dport
);
352 sk
= __inet_lookup_established(net
, hashinfo
, saddr
, sport
,
353 daddr
, hnum
, dif
, sdif
);
358 return __inet_lookup_listener(net
, hashinfo
, skb
, doff
, saddr
,
359 sport
, daddr
, hnum
, dif
, sdif
);
362 static inline struct sock
*inet_lookup(struct net
*net
,
363 struct inet_hashinfo
*hashinfo
,
364 struct sk_buff
*skb
, int doff
,
365 const __be32 saddr
, const __be16 sport
,
366 const __be32 daddr
, const __be16 dport
,
372 sk
= __inet_lookup(net
, hashinfo
, skb
, doff
, saddr
, sport
, daddr
,
373 dport
, dif
, 0, &refcounted
);
375 if (sk
&& !refcounted
&& !refcount_inc_not_zero(&sk
->sk_refcnt
))
380 static inline struct sock
*__inet_lookup_skb(struct inet_hashinfo
*hashinfo
,
388 struct sock
*sk
= skb_steal_sock(skb
, refcounted
);
389 const struct iphdr
*iph
= ip_hdr(skb
);
394 return __inet_lookup(dev_net(skb_dst(skb
)->dev
), hashinfo
, skb
,
395 doff
, iph
->saddr
, sport
,
396 iph
->daddr
, dport
, inet_iif(skb
), sdif
,
400 u32
inet6_ehashfn(const struct net
*net
,
401 const struct in6_addr
*laddr
, const u16 lport
,
402 const struct in6_addr
*faddr
, const __be16 fport
);
404 static inline void sk_daddr_set(struct sock
*sk
, __be32 addr
)
406 sk
->sk_daddr
= addr
; /* alias of inet_daddr */
407 #if IS_ENABLED(CONFIG_IPV6)
408 ipv6_addr_set_v4mapped(addr
, &sk
->sk_v6_daddr
);
412 static inline void sk_rcv_saddr_set(struct sock
*sk
, __be32 addr
)
414 sk
->sk_rcv_saddr
= addr
; /* alias of inet_rcv_saddr */
415 #if IS_ENABLED(CONFIG_IPV6)
416 ipv6_addr_set_v4mapped(addr
, &sk
->sk_v6_rcv_saddr
);
420 int __inet_hash_connect(struct inet_timewait_death_row
*death_row
,
421 struct sock
*sk
, u32 port_offset
,
422 int (*check_established
)(struct inet_timewait_death_row
*,
423 struct sock
*, __u16
,
424 struct inet_timewait_sock
**));
426 int inet_hash_connect(struct inet_timewait_death_row
*death_row
,
428 #endif /* _INET_HASHTABLES_H */