net/ipv6/inet6_hashtables.c

   1 /*
   2  * INET         An implementation of the TCP/IP protocol suite for the LINUX
   3  *              operating system.  INET is implemented using the BSD Socket
   4  *              interface as the means of communication with the user level.
   5  *
   6  *              Generic INET6 transport hashtables
   7  *
   8  * Authors:     Lotsa people, from code originally in tcp, generalised here
   9  *              by Arnaldo Carvalho de Melo <acme@mandriva.com>
  10  *
  11  *      This program is free software; you can redistribute it and/or
  12  *      modify it under the terms of the GNU General Public License
  13  *      as published by the Free Software Foundation; either version
  14  *      2 of the License, or (at your option) any later version.
  15  */
  16
  17 #include <linux/module.h>
  18 #include <linux/random.h>
  19
  20 #include <net/inet_connection_sock.h>
  21 #include <net/inet_hashtables.h>
  22 #include <net/inet6_hashtables.h>
  23 #include <net/secure_seq.h>
  24 #include <net/ip.h>
  25
  26 u32 inet6_ehashfn(const struct net *net,
  27                   const struct in6_addr *laddr, const u16 lport,
  28                   const struct in6_addr *faddr, const __be16 fport)
  29 {
  30         static u32 inet6_ehash_secret __read_mostly;
  31         static u32 ipv6_hash_secret __read_mostly;
  32
  33         u32 lhash, fhash;
  34
  35         net_get_random_once(&inet6_ehash_secret, sizeof(inet6_ehash_secret));
  36         net_get_random_once(&ipv6_hash_secret, sizeof(ipv6_hash_secret));
  37
  38         lhash = (__force u32)laddr->s6_addr32[3];
  39         fhash = __ipv6_addr_jhash(faddr, ipv6_hash_secret);
  40
  41         return __inet6_ehashfn(lhash, lport, fhash, fport,
  42                                inet6_ehash_secret + net_hash_mix(net));
  43 }
  44
  45 /*
  46  * Sockets in TCP_CLOSE state are _always_ taken out of the hash, so
  47  * we need not check it for TCP lookups anymore, thanks Alexey. -DaveM
  48  *
  49  * The sockhash lock must be held as a reader here.
  50  */
  51 struct sock *__inet6_lookup_established(struct net *net,
  52                                         struct inet_hashinfo *hashinfo,
  53                                            const struct in6_addr *saddr,
  54                                            const __be16 sport,
  55                                            const struct in6_addr *daddr,
  56                                            const u16 hnum,
  57                                            const int dif)
  58 {
  59         struct sock *sk;
  60         const struct hlist_nulls_node *node;
  61         const __portpair ports = INET_COMBINED_PORTS(sport, hnum);
  62         /* Optimize here for direct hit, only listening connections can
  63          * have wildcards anyways.
  64          */
  65         unsigned int hash = inet6_ehashfn(net, daddr, hnum, saddr, sport);
  66         unsigned int slot = hash & hashinfo->ehash_mask;
  67         struct inet_ehash_bucket *head = &hashinfo->ehash[slot];
  68
  69
  70         rcu_read_lock();
  71 begin:
  72         sk_nulls_for_each_rcu(sk, node, &head->chain) {
  73                 if (sk->sk_hash != hash)
  74                         continue;
  75                 if (!INET6_MATCH(sk, net, saddr, daddr, ports, dif))
  76                         continue;
  77                 if (unlikely(!atomic_inc_not_zero(&sk->sk_refcnt)))
  78                         goto out;
  79
  80                 if (unlikely(!INET6_MATCH(sk, net, saddr, daddr, ports, dif))) {
  81                         sock_gen_put(sk);
  82                         goto begin;
  83                 }
  84                 goto found;
  85         }
  86         if (get_nulls_value(node) != slot)
  87                 goto begin;
  88 out:
  89         sk = NULL;
  90 found:
  91         rcu_read_unlock();
  92         return sk;
  93 }
  94 EXPORT_SYMBOL(__inet6_lookup_established);
  95
  96 static inline int compute_score(struct sock *sk, struct net *net,
  97                                 const unsigned short hnum,
  98                                 const struct in6_addr *daddr,
  99                                 const int dif)
 100 {
 101         int score = -1;
 102
 103         if (net_eq(sock_net(sk), net) && inet_sk(sk)->inet_num == hnum &&
 104             sk->sk_family == PF_INET6) {
 105
 106                 score = 1;
 107                 if (!ipv6_addr_any(&sk->sk_v6_rcv_saddr)) {
 108                         if (!ipv6_addr_equal(&sk->sk_v6_rcv_saddr, daddr))
 109                                 return -1;
 110                         score++;
 111                 }
 112                 if (sk->sk_bound_dev_if) {
 113                         if (sk->sk_bound_dev_if != dif)
 114                                 return -1;
 115                         score++;
 116                 }
 117                 if (sk->sk_incoming_cpu == raw_smp_processor_id())
 118                         score++;
 119         }
 120         return score;
 121 }
 122
 123 struct sock *inet6_lookup_listener(struct net *net,
 124                 struct inet_hashinfo *hashinfo,
 125                 struct sk_buff *skb, int doff,
 126                 const struct in6_addr *saddr,
 127                 const __be16 sport, const struct in6_addr *daddr,
 128                 const unsigned short hnum, const int dif)
 129 {
 130         struct sock *sk;
 131         const struct hlist_nulls_node *node;
 132         struct sock *result;
 133         int score, hiscore, matches = 0, reuseport = 0;
 134         u32 phash = 0;
 135         unsigned int hash = inet_lhashfn(net, hnum);
 136         struct inet_listen_hashbucket *ilb = &hashinfo->listening_hash[hash];
 137
 138         rcu_read_lock();
 139 begin:
 140         result = NULL;
 141         hiscore = 0;
 142         sk_nulls_for_each(sk, node, &ilb->head) {
 143                 score = compute_score(sk, net, hnum, daddr, dif);
 144                 if (score > hiscore) {
 145                         hiscore = score;
 146                         result = sk;
 147                         reuseport = sk->sk_reuseport;
 148                         if (reuseport) {
 149                                 phash = inet6_ehashfn(net, daddr, hnum,
 150                                                       saddr, sport);
 151                                 matches = 1;
 152                         }
 153                 } else if (score == hiscore && reuseport) {
 154                         matches++;
 155                         if (reciprocal_scale(phash, matches) == 0)
 156                                 result = sk;
 157                         phash = next_pseudo_random32(phash);
 158                 }
 159         }
 160         /*
 161          * if the nulls value we got at the end of this lookup is
 162          * not the expected one, we must restart lookup.
 163          * We probably met an item that was moved to another chain.
 164          */
 165         if (get_nulls_value(node) != hash + LISTENING_NULLS_BASE)
 166                 goto begin;
 167         if (result) {
 168                 if (unlikely(!atomic_inc_not_zero(&result->sk_refcnt)))
 169                         result = NULL;
 170                 else if (unlikely(compute_score(result, net, hnum, daddr,
 171                                   dif) < hiscore)) {
 172                         sock_put(result);
 173                         goto begin;
 174                 }
 175         }
 176         rcu_read_unlock();
 177         return result;
 178 }
 179 EXPORT_SYMBOL_GPL(inet6_lookup_listener);
 180
 181 struct sock *inet6_lookup(struct net *net, struct inet_hashinfo *hashinfo,
 182                           struct sk_buff *skb, int doff,
 183                           const struct in6_addr *saddr, const __be16 sport,
 184                           const struct in6_addr *daddr, const __be16 dport,
 185                           const int dif)
 186 {
 187         struct sock *sk;
 188
 189         local_bh_disable();
 190         sk = __inet6_lookup(net, hashinfo, skb, doff, saddr, sport, daddr,
 191                             ntohs(dport), dif);
 192         local_bh_enable();
 193
 194         return sk;
 195 }
 196 EXPORT_SYMBOL_GPL(inet6_lookup);
 197
 198 static int __inet6_check_established(struct inet_timewait_death_row *death_row,
 199                                      struct sock *sk, const __u16 lport,
 200                                      struct inet_timewait_sock **twp)
 201 {
 202         struct inet_hashinfo *hinfo = death_row->hashinfo;
 203         struct inet_sock *inet = inet_sk(sk);
 204         const struct in6_addr *daddr = &sk->sk_v6_rcv_saddr;
 205         const struct in6_addr *saddr = &sk->sk_v6_daddr;
 206         const int dif = sk->sk_bound_dev_if;
 207         const __portpair ports = INET_COMBINED_PORTS(inet->inet_dport, lport);
 208         struct net *net = sock_net(sk);
 209         const unsigned int hash = inet6_ehashfn(net, daddr, lport, saddr,
 210                                                 inet->inet_dport);
 211         struct inet_ehash_bucket *head = inet_ehash_bucket(hinfo, hash);
 212         spinlock_t *lock = inet_ehash_lockp(hinfo, hash);
 213         struct sock *sk2;
 214         const struct hlist_nulls_node *node;
 215         struct inet_timewait_sock *tw = NULL;
 216
 217         spin_lock(lock);
 218
 219         sk_nulls_for_each(sk2, node, &head->chain) {
 220                 if (sk2->sk_hash != hash)
 221                         continue;
 222
 223                 if (likely(INET6_MATCH(sk2, net, saddr, daddr, ports, dif))) {
 224                         if (sk2->sk_state == TCP_TIME_WAIT) {
 225                                 tw = inet_twsk(sk2);
 226                                 if (twsk_unique(sk, sk2, twp))
 227                                         break;
 228                         }
 229                         goto not_unique;
 230                 }
 231         }
 232
 233         /* Must record num and sport now. Otherwise we will see
 234          * in hash table socket with a funny identity.
 235          */
 236         inet->inet_num = lport;
 237         inet->inet_sport = htons(lport);
 238         sk->sk_hash = hash;
 239         WARN_ON(!sk_unhashed(sk));
 240         __sk_nulls_add_node_rcu(sk, &head->chain);
 241         if (tw) {
 242                 sk_nulls_del_node_init_rcu((struct sock *)tw);
 243                 NET_INC_STATS_BH(net, LINUX_MIB_TIMEWAITRECYCLED);
 244         }
 245         spin_unlock(lock);
 246         sock_prot_inuse_add(sock_net(sk), sk->sk_prot, 1);
 247
 248         if (twp) {
 249                 *twp = tw;
 250         } else if (tw) {
 251                 /* Silly. Should hash-dance instead... */
 252                 inet_twsk_deschedule_put(tw);
 253         }
 254         return 0;
 255
 256 not_unique:
 257         spin_unlock(lock);
 258         return -EADDRNOTAVAIL;
 259 }
 260
 261 static u32 inet6_sk_port_offset(const struct sock *sk)
 262 {
 263         const struct inet_sock *inet = inet_sk(sk);
 264
 265         return secure_ipv6_port_ephemeral(sk->sk_v6_rcv_saddr.s6_addr32,
 266                                           sk->sk_v6_daddr.s6_addr32,
 267                                           inet->inet_dport);
 268 }
 269
 270 int inet6_hash_connect(struct inet_timewait_death_row *death_row,
 271                        struct sock *sk)
 272 {
 273         u32 port_offset = 0;
 274
 275         if (!inet_sk(sk)->inet_num)
 276                 port_offset = inet6_sk_port_offset(sk);
 277         return __inet_hash_connect(death_row, sk, port_offset,
 278                                    __inet6_check_established);
 279 }
 280 EXPORT_SYMBOL_GPL(inet6_hash_connect);
 281
 282 int inet6_hash(struct sock *sk)
 283 {
 284         if (sk->sk_state != TCP_CLOSE) {
 285                 local_bh_disable();
 286                 __inet_hash(sk, NULL);
 287                 local_bh_enable();
 288         }
 289
 290         return 0;
 291 }
 292 EXPORT_SYMBOL_GPL(inet6_hash);
 293
 294 /* match_wildcard == true:  IPV6_ADDR_ANY equals to any IPv6 addresses if IPv6
 295  *                          only, and any IPv4 addresses if not IPv6 only
 296  * match_wildcard == false: addresses must be exactly the same, i.e.
 297  *                          IPV6_ADDR_ANY only equals to IPV6_ADDR_ANY,
 298  *                          and 0.0.0.0 equals to 0.0.0.0 only
 299  */
 300 int ipv6_rcv_saddr_equal(const struct sock *sk, const struct sock *sk2,
 301                          bool match_wildcard)
 302 {
 303         const struct in6_addr *sk2_rcv_saddr6 = inet6_rcv_saddr(sk2);
 304         int sk2_ipv6only = inet_v6_ipv6only(sk2);
 305         int addr_type = ipv6_addr_type(&sk->sk_v6_rcv_saddr);
 306         int addr_type2 = sk2_rcv_saddr6 ? ipv6_addr_type(sk2_rcv_saddr6) : IPV6_ADDR_MAPPED;
 307
 308         /* if both are mapped, treat as IPv4 */
 309         if (addr_type == IPV6_ADDR_MAPPED && addr_type2 == IPV6_ADDR_MAPPED) {
 310                 if (!sk2_ipv6only) {
 311                         if (sk->sk_rcv_saddr == sk2->sk_rcv_saddr)
 312                                 return 1;
 313                         if (!sk->sk_rcv_saddr || !sk2->sk_rcv_saddr)
 314                                 return match_wildcard;
 315                 }
 316                 return 0;
 317         }
 318
 319         if (addr_type == IPV6_ADDR_ANY && addr_type2 == IPV6_ADDR_ANY)
 320                 return 1;
 321
 322         if (addr_type2 == IPV6_ADDR_ANY && match_wildcard &&
 323             !(sk2_ipv6only && addr_type == IPV6_ADDR_MAPPED))
 324                 return 1;
 325
 326         if (addr_type == IPV6_ADDR_ANY && match_wildcard &&
 327             !(ipv6_only_sock(sk) && addr_type2 == IPV6_ADDR_MAPPED))
 328                 return 1;
 329
 330         if (sk2_rcv_saddr6 &&
 331             ipv6_addr_equal(&sk->sk_v6_rcv_saddr, sk2_rcv_saddr6))
 332                 return 1;
 333
 334         return 0;
 335 }
 336 EXPORT_SYMBOL_GPL(ipv6_rcv_saddr_equal);