1 /* SPDX-License-Identifier: GPL-2.0 */ 2 #ifndef __NET_FRAG_H__ 3 #define __NET_FRAG_H__ 4 5 struct netns_frags { 6 /* Keep atomic mem on separate cachelines in structs that include it */ 7 atomic_t mem ____cacheline_aligned_in_smp; 8 /* sysctls */ 9 int timeout; 10 int high_thresh; 11 int low_thresh; 12 int max_dist; 13 }; 14 15 /** 16 * fragment queue flags 17 * 18 * @INET_FRAG_FIRST_IN: first fragment has arrived 19 * @INET_FRAG_LAST_IN: final fragment has arrived 20 * @INET_FRAG_COMPLETE: frag queue has been processed and is due for destruction 21 */ 22 enum { 23 INET_FRAG_FIRST_IN = BIT(0), 24 INET_FRAG_LAST_IN = BIT(1), 25 INET_FRAG_COMPLETE = BIT(2), 26 }; 27 28 /** 29 * struct inet_frag_queue - fragment queue 30 * 31 * @lock: spinlock protecting the queue 32 * @timer: queue expiration timer 33 * @list: hash bucket list 34 * @refcnt: reference count of the queue 35 * @fragments: received fragments head 36 * @fragments_tail: received fragments tail 37 * @stamp: timestamp of the last received fragment 38 * @len: total length of the original datagram 39 * @meat: length of received fragments so far 40 * @flags: fragment queue flags 41 * @max_size: maximum received fragment size 42 * @net: namespace that this frag belongs to 43 * @list_evictor: list of queues to forcefully evict (e.g. due to low memory) 44 */ 45 struct inet_frag_queue { 46 spinlock_t lock; 47 struct timer_list timer; 48 struct hlist_node list; 49 refcount_t refcnt; 50 struct sk_buff *fragments; 51 struct sk_buff *fragments_tail; 52 ktime_t stamp; 53 int len; 54 int meat; 55 __u8 flags; 56 u16 max_size; 57 struct netns_frags *net; 58 struct hlist_node list_evictor; 59 }; 60 61 #define INETFRAGS_HASHSZ 1024 62 63 /* averaged: 64 * max_depth = default ipfrag_high_thresh / INETFRAGS_HASHSZ / 65 * rounded up (SKB_TRUELEN(0) + sizeof(struct ipq or 66 * struct frag_queue)) 67 */ 68 #define INETFRAGS_MAXDEPTH 128 69 70 struct inet_frag_bucket { 71 struct hlist_head chain; 72 spinlock_t chain_lock; 73 }; 74 75 struct inet_frags { 76 struct inet_frag_bucket hash[INETFRAGS_HASHSZ]; 77 78 struct work_struct frags_work; 79 unsigned int next_bucket; 80 unsigned long last_rebuild_jiffies; 81 bool rebuild; 82 83 /* The first call to hashfn is responsible to initialize 84 * rnd. This is best done with net_get_random_once. 85 * 86 * rnd_seqlock is used to let hash insertion detect 87 * when it needs to re-lookup the hash chain to use. 88 */ 89 u32 rnd; 90 seqlock_t rnd_seqlock; 91 unsigned int qsize; 92 93 unsigned int (*hashfn)(const struct inet_frag_queue *); 94 bool (*match)(const struct inet_frag_queue *q, 95 const void *arg); 96 void (*constructor)(struct inet_frag_queue *q, 97 const void *arg); 98 void (*destructor)(struct inet_frag_queue *); 99 void (*frag_expire)(struct timer_list *t); 100 struct kmem_cache *frags_cachep; 101 const char *frags_cache_name; 102 }; 103 104 int inet_frags_init(struct inet_frags *); 105 void inet_frags_fini(struct inet_frags *); 106 107 static inline void inet_frags_init_net(struct netns_frags *nf) 108 { 109 atomic_set(&nf->mem, 0); 110 } 111 void inet_frags_exit_net(struct netns_frags *nf, struct inet_frags *f); 112 113 void inet_frag_kill(struct inet_frag_queue *q, struct inet_frags *f); 114 void inet_frag_destroy(struct inet_frag_queue *q, struct inet_frags *f); 115 struct inet_frag_queue *inet_frag_find(struct netns_frags *nf, 116 struct inet_frags *f, void *key, unsigned int hash); 117 118 void inet_frag_maybe_warn_overflow(struct inet_frag_queue *q, 119 const char *prefix); 120 121 static inline void inet_frag_put(struct inet_frag_queue *q, struct inet_frags *f) 122 { 123 if (refcount_dec_and_test(&q->refcnt)) 124 inet_frag_destroy(q, f); 125 } 126 127 static inline bool inet_frag_evicting(struct inet_frag_queue *q) 128 { 129 return !hlist_unhashed(&q->list_evictor); 130 } 131 132 /* Memory Tracking Functions. */ 133 134 static inline int frag_mem_limit(struct netns_frags *nf) 135 { 136 return atomic_read(&nf->mem); 137 } 138 139 static inline void sub_frag_mem_limit(struct netns_frags *nf, int i) 140 { 141 atomic_sub(i, &nf->mem); 142 } 143 144 static inline void add_frag_mem_limit(struct netns_frags *nf, int i) 145 { 146 atomic_add(i, &nf->mem); 147 } 148 149 static inline int sum_frag_mem_limit(struct netns_frags *nf) 150 { 151 return atomic_read(&nf->mem); 152 } 153 154 /* RFC 3168 support : 155 * We want to check ECN values of all fragments, do detect invalid combinations. 156 * In ipq->ecn, we store the OR value of each ip4_frag_ecn() fragment value. 157 */ 158 #define IPFRAG_ECN_NOT_ECT 0x01 /* one frag had ECN_NOT_ECT */ 159 #define IPFRAG_ECN_ECT_1 0x02 /* one frag had ECN_ECT_1 */ 160 #define IPFRAG_ECN_ECT_0 0x04 /* one frag had ECN_ECT_0 */ 161 #define IPFRAG_ECN_CE 0x08 /* one frag had ECN_CE */ 162 163 extern const u8 ip_frag_ecn_table[16]; 164 165 #endif 166