diff options
-rw-r--r-- | include/net/inet_frag.h | 2 | ||||
-rw-r--r-- | net/ipv4/inet_fragment.c | 35 | ||||
-rw-r--r-- | net/ipv4/ip_fragment.c | 34 | ||||
-rw-r--r-- | net/ipv6/netfilter/nf_conntrack_reasm.c | 34 | ||||
-rw-r--r-- | net/ipv6/reassembly.c | 37 |
5 files changed, 52 insertions, 90 deletions
diff --git a/include/net/inet_frag.h b/include/net/inet_frag.h index 9902363f5bcc..e374412ff42b 100644 --- a/include/net/inet_frag.h +++ b/include/net/inet_frag.h | |||
@@ -36,6 +36,8 @@ struct inet_frags { | |||
36 | atomic_t mem; | 36 | atomic_t mem; |
37 | struct timer_list secret_timer; | 37 | struct timer_list secret_timer; |
38 | struct inet_frags_ctl *ctl; | 38 | struct inet_frags_ctl *ctl; |
39 | |||
40 | unsigned int (*hashfn)(struct inet_frag_queue *); | ||
39 | }; | 41 | }; |
40 | 42 | ||
41 | void inet_frags_init(struct inet_frags *); | 43 | void inet_frags_init(struct inet_frags *); |
diff --git a/net/ipv4/inet_fragment.c b/net/ipv4/inet_fragment.c index 534eaa8cdcf3..ec10e05c6666 100644 --- a/net/ipv4/inet_fragment.c +++ b/net/ipv4/inet_fragment.c | |||
@@ -16,9 +16,38 @@ | |||
16 | #include <linux/module.h> | 16 | #include <linux/module.h> |
17 | #include <linux/timer.h> | 17 | #include <linux/timer.h> |
18 | #include <linux/mm.h> | 18 | #include <linux/mm.h> |
19 | #include <linux/random.h> | ||
19 | 20 | ||
20 | #include <net/inet_frag.h> | 21 | #include <net/inet_frag.h> |
21 | 22 | ||
23 | static void inet_frag_secret_rebuild(unsigned long dummy) | ||
24 | { | ||
25 | struct inet_frags *f = (struct inet_frags *)dummy; | ||
26 | unsigned long now = jiffies; | ||
27 | int i; | ||
28 | |||
29 | write_lock(&f->lock); | ||
30 | get_random_bytes(&f->rnd, sizeof(u32)); | ||
31 | for (i = 0; i < INETFRAGS_HASHSZ; i++) { | ||
32 | struct inet_frag_queue *q; | ||
33 | struct hlist_node *p, *n; | ||
34 | |||
35 | hlist_for_each_entry_safe(q, p, n, &f->hash[i], list) { | ||
36 | unsigned int hval = f->hashfn(q); | ||
37 | |||
38 | if (hval != i) { | ||
39 | hlist_del(&q->list); | ||
40 | |||
41 | /* Relink to new hash chain. */ | ||
42 | hlist_add_head(&q->list, &f->hash[hval]); | ||
43 | } | ||
44 | } | ||
45 | } | ||
46 | write_unlock(&f->lock); | ||
47 | |||
48 | mod_timer(&f->secret_timer, now + f->ctl->secret_interval); | ||
49 | } | ||
50 | |||
22 | void inet_frags_init(struct inet_frags *f) | 51 | void inet_frags_init(struct inet_frags *f) |
23 | { | 52 | { |
24 | int i; | 53 | int i; |
@@ -35,11 +64,17 @@ void inet_frags_init(struct inet_frags *f) | |||
35 | f->nqueues = 0; | 64 | f->nqueues = 0; |
36 | atomic_set(&f->mem, 0); | 65 | atomic_set(&f->mem, 0); |
37 | 66 | ||
67 | init_timer(&f->secret_timer); | ||
68 | f->secret_timer.function = inet_frag_secret_rebuild; | ||
69 | f->secret_timer.data = (unsigned long)f; | ||
70 | f->secret_timer.expires = jiffies + f->ctl->secret_interval; | ||
71 | add_timer(&f->secret_timer); | ||
38 | } | 72 | } |
39 | EXPORT_SYMBOL(inet_frags_init); | 73 | EXPORT_SYMBOL(inet_frags_init); |
40 | 74 | ||
41 | void inet_frags_fini(struct inet_frags *f) | 75 | void inet_frags_fini(struct inet_frags *f) |
42 | { | 76 | { |
77 | del_timer(&f->secret_timer); | ||
43 | } | 78 | } |
44 | EXPORT_SYMBOL(inet_frags_fini); | 79 | EXPORT_SYMBOL(inet_frags_fini); |
45 | 80 | ||
diff --git a/net/ipv4/ip_fragment.c b/net/ipv4/ip_fragment.c index 7416c05dd334..e231c248aea7 100644 --- a/net/ipv4/ip_fragment.c +++ b/net/ipv4/ip_fragment.c | |||
@@ -115,32 +115,12 @@ static unsigned int ipqhashfn(__be16 id, __be32 saddr, __be32 daddr, u8 prot) | |||
115 | ip4_frags.rnd) & (INETFRAGS_HASHSZ - 1); | 115 | ip4_frags.rnd) & (INETFRAGS_HASHSZ - 1); |
116 | } | 116 | } |
117 | 117 | ||
118 | static void ipfrag_secret_rebuild(unsigned long dummy) | 118 | static unsigned int ip4_hashfn(struct inet_frag_queue *q) |
119 | { | 119 | { |
120 | unsigned long now = jiffies; | 120 | struct ipq *ipq; |
121 | int i; | ||
122 | 121 | ||
123 | write_lock(&ip4_frags.lock); | 122 | ipq = container_of(q, struct ipq, q); |
124 | get_random_bytes(&ip4_frags.rnd, sizeof(u32)); | 123 | return ipqhashfn(ipq->id, ipq->saddr, ipq->daddr, ipq->protocol); |
125 | for (i = 0; i < INETFRAGS_HASHSZ; i++) { | ||
126 | struct ipq *q; | ||
127 | struct hlist_node *p, *n; | ||
128 | |||
129 | hlist_for_each_entry_safe(q, p, n, &ip4_frags.hash[i], q.list) { | ||
130 | unsigned int hval = ipqhashfn(q->id, q->saddr, | ||
131 | q->daddr, q->protocol); | ||
132 | |||
133 | if (hval != i) { | ||
134 | hlist_del(&q->q.list); | ||
135 | |||
136 | /* Relink to new hash chain. */ | ||
137 | hlist_add_head(&q->q.list, &ip4_frags.hash[hval]); | ||
138 | } | ||
139 | } | ||
140 | } | ||
141 | write_unlock(&ip4_frags.lock); | ||
142 | |||
143 | mod_timer(&ip4_frags.secret_timer, now + ip4_frags_ctl.secret_interval); | ||
144 | } | 124 | } |
145 | 125 | ||
146 | /* Memory Tracking Functions. */ | 126 | /* Memory Tracking Functions. */ |
@@ -739,12 +719,8 @@ int ip_defrag(struct sk_buff *skb, u32 user) | |||
739 | 719 | ||
740 | void __init ipfrag_init(void) | 720 | void __init ipfrag_init(void) |
741 | { | 721 | { |
742 | init_timer(&ip4_frags.secret_timer); | ||
743 | ip4_frags.secret_timer.function = ipfrag_secret_rebuild; | ||
744 | ip4_frags.secret_timer.expires = jiffies + ip4_frags_ctl.secret_interval; | ||
745 | add_timer(&ip4_frags.secret_timer); | ||
746 | |||
747 | ip4_frags.ctl = &ip4_frags_ctl; | 722 | ip4_frags.ctl = &ip4_frags_ctl; |
723 | ip4_frags.hashfn = ip4_hashfn; | ||
748 | inet_frags_init(&ip4_frags); | 724 | inet_frags_init(&ip4_frags); |
749 | } | 725 | } |
750 | 726 | ||
diff --git a/net/ipv6/netfilter/nf_conntrack_reasm.c b/net/ipv6/netfilter/nf_conntrack_reasm.c index 2ebe515d914e..a3aef387bcfb 100644 --- a/net/ipv6/netfilter/nf_conntrack_reasm.c +++ b/net/ipv6/netfilter/nf_conntrack_reasm.c | |||
@@ -106,32 +106,12 @@ static unsigned int ip6qhashfn(__be32 id, struct in6_addr *saddr, | |||
106 | return c & (INETFRAGS_HASHSZ - 1); | 106 | return c & (INETFRAGS_HASHSZ - 1); |
107 | } | 107 | } |
108 | 108 | ||
109 | static void nf_ct_frag6_secret_rebuild(unsigned long dummy) | 109 | static unsigned int nf_hashfn(struct inet_frag_queue *q) |
110 | { | 110 | { |
111 | unsigned long now = jiffies; | 111 | struct nf_ct_frag6_queue *nq; |
112 | int i; | ||
113 | 112 | ||
114 | write_lock(&nf_frags.lock); | 113 | nq = container_of(q, struct nf_ct_frag6_queue, q); |
115 | get_random_bytes(&nf_frags.rnd, sizeof(u32)); | 114 | return ip6qhashfn(nq->id, &nq->saddr, &nq->daddr); |
116 | for (i = 0; i < INETFRAGS_HASHSZ; i++) { | ||
117 | struct nf_ct_frag6_queue *q; | ||
118 | struct hlist_node *p, *n; | ||
119 | |||
120 | hlist_for_each_entry_safe(q, p, n, &nf_frags.hash[i], q.list) { | ||
121 | unsigned int hval = ip6qhashfn(q->id, | ||
122 | &q->saddr, | ||
123 | &q->daddr); | ||
124 | if (hval != i) { | ||
125 | hlist_del(&q->q.list); | ||
126 | /* Relink to new hash chain. */ | ||
127 | hlist_add_head(&q->q.list, | ||
128 | &nf_frags.hash[hval]); | ||
129 | } | ||
130 | } | ||
131 | } | ||
132 | write_unlock(&nf_frags.lock); | ||
133 | |||
134 | mod_timer(&nf_frags.secret_timer, now + nf_frags_ctl.secret_interval); | ||
135 | } | 115 | } |
136 | 116 | ||
137 | /* Memory Tracking Functions. */ | 117 | /* Memory Tracking Functions. */ |
@@ -817,11 +797,8 @@ int nf_ct_frag6_kfree_frags(struct sk_buff *skb) | |||
817 | 797 | ||
818 | int nf_ct_frag6_init(void) | 798 | int nf_ct_frag6_init(void) |
819 | { | 799 | { |
820 | setup_timer(&nf_frags.secret_timer, nf_ct_frag6_secret_rebuild, 0); | ||
821 | nf_frags.secret_timer.expires = jiffies + nf_frags_ctl.secret_interval; | ||
822 | add_timer(&nf_frags.secret_timer); | ||
823 | |||
824 | nf_frags.ctl = &nf_frags_ctl; | 800 | nf_frags.ctl = &nf_frags_ctl; |
801 | nf_frags.hashfn = nf_hashfn; | ||
825 | inet_frags_init(&nf_frags); | 802 | inet_frags_init(&nf_frags); |
826 | 803 | ||
827 | return 0; | 804 | return 0; |
@@ -831,7 +808,6 @@ void nf_ct_frag6_cleanup(void) | |||
831 | { | 808 | { |
832 | inet_frags_fini(&nf_frags); | 809 | inet_frags_fini(&nf_frags); |
833 | 810 | ||
834 | del_timer(&nf_frags.secret_timer); | ||
835 | nf_frags_ctl.low_thresh = 0; | 811 | nf_frags_ctl.low_thresh = 0; |
836 | nf_ct_frag6_evictor(); | 812 | nf_ct_frag6_evictor(); |
837 | } | 813 | } |
diff --git a/net/ipv6/reassembly.c b/net/ipv6/reassembly.c index db129a7a6192..c7d4961bbcf7 100644 --- a/net/ipv6/reassembly.c +++ b/net/ipv6/reassembly.c | |||
@@ -135,35 +135,12 @@ static unsigned int ip6qhashfn(__be32 id, struct in6_addr *saddr, | |||
135 | return c & (INETFRAGS_HASHSZ - 1); | 135 | return c & (INETFRAGS_HASHSZ - 1); |
136 | } | 136 | } |
137 | 137 | ||
138 | static void ip6_frag_secret_rebuild(unsigned long dummy) | 138 | static unsigned int ip6_hashfn(struct inet_frag_queue *q) |
139 | { | 139 | { |
140 | unsigned long now = jiffies; | 140 | struct frag_queue *fq; |
141 | int i; | ||
142 | |||
143 | write_lock(&ip6_frags.lock); | ||
144 | get_random_bytes(&ip6_frags.rnd, sizeof(u32)); | ||
145 | for (i = 0; i < INETFRAGS_HASHSZ; i++) { | ||
146 | struct frag_queue *q; | ||
147 | struct hlist_node *p, *n; | ||
148 | |||
149 | hlist_for_each_entry_safe(q, p, n, &ip6_frags.hash[i], q.list) { | ||
150 | unsigned int hval = ip6qhashfn(q->id, | ||
151 | &q->saddr, | ||
152 | &q->daddr); | ||
153 | |||
154 | if (hval != i) { | ||
155 | hlist_del(&q->q.list); | ||
156 | |||
157 | /* Relink to new hash chain. */ | ||
158 | hlist_add_head(&q->q.list, | ||
159 | &ip6_frags.hash[hval]); | ||
160 | |||
161 | } | ||
162 | } | ||
163 | } | ||
164 | write_unlock(&ip6_frags.lock); | ||
165 | 141 | ||
166 | mod_timer(&ip6_frags.secret_timer, now + ip6_frags_ctl.secret_interval); | 142 | fq = container_of(q, struct frag_queue, q); |
143 | return ip6qhashfn(fq->id, &fq->saddr, &fq->daddr); | ||
167 | } | 144 | } |
168 | 145 | ||
169 | /* Memory Tracking Functions. */ | 146 | /* Memory Tracking Functions. */ |
@@ -765,11 +742,7 @@ void __init ipv6_frag_init(void) | |||
765 | if (inet6_add_protocol(&frag_protocol, IPPROTO_FRAGMENT) < 0) | 742 | if (inet6_add_protocol(&frag_protocol, IPPROTO_FRAGMENT) < 0) |
766 | printk(KERN_ERR "ipv6_frag_init: Could not register protocol\n"); | 743 | printk(KERN_ERR "ipv6_frag_init: Could not register protocol\n"); |
767 | 744 | ||
768 | init_timer(&ip6_frags.secret_timer); | ||
769 | ip6_frags.secret_timer.function = ip6_frag_secret_rebuild; | ||
770 | ip6_frags.secret_timer.expires = jiffies + ip6_frags_ctl.secret_interval; | ||
771 | add_timer(&ip6_frags.secret_timer); | ||
772 | |||
773 | ip6_frags.ctl = &ip6_frags_ctl; | 745 | ip6_frags.ctl = &ip6_frags_ctl; |
746 | ip6_frags.hashfn = ip6_hashfn; | ||
774 | inet_frags_init(&ip6_frags); | 747 | inet_frags_init(&ip6_frags); |
775 | } | 748 | } |