xref: /linux/include/net/inet_frag.h (revision b24413180f5600bcb3bb70fbed5cf186b60864bd)
1 /* SPDX-License-Identifier: GPL-2.0 */
2 #ifndef __NET_FRAG_H__
3 #define __NET_FRAG_H__
4 
5 struct netns_frags {
6 	/* Keep atomic mem on separate cachelines in structs that include it */
7 	atomic_t		mem ____cacheline_aligned_in_smp;
8 	/* sysctls */
9 	int			timeout;
10 	int			high_thresh;
11 	int			low_thresh;
12 	int			max_dist;
13 };
14 
15 /**
16  * fragment queue flags
17  *
18  * @INET_FRAG_FIRST_IN: first fragment has arrived
19  * @INET_FRAG_LAST_IN: final fragment has arrived
20  * @INET_FRAG_COMPLETE: frag queue has been processed and is due for destruction
21  */
22 enum {
23 	INET_FRAG_FIRST_IN	= BIT(0),
24 	INET_FRAG_LAST_IN	= BIT(1),
25 	INET_FRAG_COMPLETE	= BIT(2),
26 };
27 
28 /**
29  * struct inet_frag_queue - fragment queue
30  *
31  * @lock: spinlock protecting the queue
32  * @timer: queue expiration timer
33  * @list: hash bucket list
34  * @refcnt: reference count of the queue
35  * @fragments: received fragments head
36  * @fragments_tail: received fragments tail
37  * @stamp: timestamp of the last received fragment
38  * @len: total length of the original datagram
39  * @meat: length of received fragments so far
40  * @flags: fragment queue flags
41  * @max_size: maximum received fragment size
42  * @net: namespace that this frag belongs to
43  * @list_evictor: list of queues to forcefully evict (e.g. due to low memory)
44  */
45 struct inet_frag_queue {
46 	spinlock_t		lock;
47 	struct timer_list	timer;
48 	struct hlist_node	list;
49 	refcount_t		refcnt;
50 	struct sk_buff		*fragments;
51 	struct sk_buff		*fragments_tail;
52 	ktime_t			stamp;
53 	int			len;
54 	int			meat;
55 	__u8			flags;
56 	u16			max_size;
57 	struct netns_frags	*net;
58 	struct hlist_node	list_evictor;
59 };
60 
61 #define INETFRAGS_HASHSZ	1024
62 
63 /* averaged:
64  * max_depth = default ipfrag_high_thresh / INETFRAGS_HASHSZ /
65  *	       rounded up (SKB_TRUELEN(0) + sizeof(struct ipq or
66  *	       struct frag_queue))
67  */
68 #define INETFRAGS_MAXDEPTH	128
69 
70 struct inet_frag_bucket {
71 	struct hlist_head	chain;
72 	spinlock_t		chain_lock;
73 };
74 
75 struct inet_frags {
76 	struct inet_frag_bucket	hash[INETFRAGS_HASHSZ];
77 
78 	struct work_struct	frags_work;
79 	unsigned int next_bucket;
80 	unsigned long last_rebuild_jiffies;
81 	bool rebuild;
82 
83 	/* The first call to hashfn is responsible to initialize
84 	 * rnd. This is best done with net_get_random_once.
85 	 *
86 	 * rnd_seqlock is used to let hash insertion detect
87 	 * when it needs to re-lookup the hash chain to use.
88 	 */
89 	u32			rnd;
90 	seqlock_t		rnd_seqlock;
91 	unsigned int		qsize;
92 
93 	unsigned int		(*hashfn)(const struct inet_frag_queue *);
94 	bool			(*match)(const struct inet_frag_queue *q,
95 					 const void *arg);
96 	void			(*constructor)(struct inet_frag_queue *q,
97 					       const void *arg);
98 	void			(*destructor)(struct inet_frag_queue *);
99 	void			(*frag_expire)(unsigned long data);
100 	struct kmem_cache	*frags_cachep;
101 	const char		*frags_cache_name;
102 };
103 
104 int inet_frags_init(struct inet_frags *);
105 void inet_frags_fini(struct inet_frags *);
106 
107 static inline void inet_frags_init_net(struct netns_frags *nf)
108 {
109 	atomic_set(&nf->mem, 0);
110 }
111 void inet_frags_exit_net(struct netns_frags *nf, struct inet_frags *f);
112 
113 void inet_frag_kill(struct inet_frag_queue *q, struct inet_frags *f);
114 void inet_frag_destroy(struct inet_frag_queue *q, struct inet_frags *f);
115 struct inet_frag_queue *inet_frag_find(struct netns_frags *nf,
116 		struct inet_frags *f, void *key, unsigned int hash);
117 
118 void inet_frag_maybe_warn_overflow(struct inet_frag_queue *q,
119 				   const char *prefix);
120 
121 static inline void inet_frag_put(struct inet_frag_queue *q, struct inet_frags *f)
122 {
123 	if (refcount_dec_and_test(&q->refcnt))
124 		inet_frag_destroy(q, f);
125 }
126 
127 static inline bool inet_frag_evicting(struct inet_frag_queue *q)
128 {
129 	return !hlist_unhashed(&q->list_evictor);
130 }
131 
132 /* Memory Tracking Functions. */
133 
134 static inline int frag_mem_limit(struct netns_frags *nf)
135 {
136 	return atomic_read(&nf->mem);
137 }
138 
139 static inline void sub_frag_mem_limit(struct netns_frags *nf, int i)
140 {
141 	atomic_sub(i, &nf->mem);
142 }
143 
144 static inline void add_frag_mem_limit(struct netns_frags *nf, int i)
145 {
146 	atomic_add(i, &nf->mem);
147 }
148 
149 static inline int sum_frag_mem_limit(struct netns_frags *nf)
150 {
151 	return atomic_read(&nf->mem);
152 }
153 
154 /* RFC 3168 support :
155  * We want to check ECN values of all fragments, do detect invalid combinations.
156  * In ipq->ecn, we store the OR value of each ip4_frag_ecn() fragment value.
157  */
158 #define	IPFRAG_ECN_NOT_ECT	0x01 /* one frag had ECN_NOT_ECT */
159 #define	IPFRAG_ECN_ECT_1	0x02 /* one frag had ECN_ECT_1 */
160 #define	IPFRAG_ECN_ECT_0	0x04 /* one frag had ECN_ECT_0 */
161 #define	IPFRAG_ECN_CE		0x08 /* one frag had ECN_CE */
162 
163 extern const u8 ip_frag_ecn_table[16];
164 
165 #endif
166