1 /*
2 * Generic address resolution entity
3 *
4 * Authors:
5 * Pedro Roque <roque@di.fc.ul.pt>
6 * Alexey Kuznetsov <kuznet@ms2.inr.ac.ru>
7 *
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public License
10 * as published by the Free Software Foundation; either version
11 * 2 of the License, or (at your option) any later version.
12 *
13 * Fixes:
14 * Vitaly E. Lavrov releasing NULL neighbor in neigh_add.
15 * Harald Welte Add neighbour cache statistics like rtstat
16 */
17
18 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
19
20 #include <linux/slab.h>
21 #include <linux/types.h>
22 #include <linux/kernel.h>
23 #include <linux/module.h>
24 #include <linux/socket.h>
25 #include <linux/netdevice.h>
26 #include <linux/proc_fs.h>
27 #ifdef CONFIG_SYSCTL
28 #include <linux/sysctl.h>
29 #endif
30 #include <linux/times.h>
31 #include <net/net_namespace.h>
32 #include <net/neighbour.h>
33 #include <net/dst.h>
34 #include <net/sock.h>
35 #include <net/netevent.h>
36 #include <net/netlink.h>
37 #include <linux/rtnetlink.h>
38 #include <linux/random.h>
39 #include <linux/string.h>
40 #include <linux/log2.h>
41 #include <linux/inetdevice.h>
42 #include <net/addrconf.h>
43
44 #define DEBUG
45 #define NEIGH_DEBUG 1
46 #define neigh_dbg(level, fmt, ...) \
47 do { \
48 if (level <= NEIGH_DEBUG) \
49 pr_debug(fmt, ##__VA_ARGS__); \
50 } while (0)
51
52 #define PNEIGH_HASHMASK 0xF
53
54 static void neigh_timer_handler(unsigned long arg);
55 static void __neigh_notify(struct neighbour *n, int type, int flags);
56 static void neigh_update_notify(struct neighbour *neigh);
57 static int pneigh_ifdown(struct neigh_table *tbl, struct net_device *dev);
58
59 static struct neigh_table *neigh_tables;
60 #ifdef CONFIG_PROC_FS
61 static const struct file_operations neigh_stat_seq_fops;
62 #endif
63
64 /*
65 Neighbour hash table buckets are protected with rwlock tbl->lock.
66
67 - All the scans/updates to hash buckets MUST be made under this lock.
68 - NOTHING clever should be made under this lock: no callbacks
69 to protocol backends, no attempts to send something to network.
70 It will result in deadlocks, if backend/driver wants to use neighbour
71 cache.
72 - If the entry requires some non-trivial actions, increase
73 its reference count and release table lock.
74
75 Neighbour entries are protected:
76 - with reference count.
77 - with rwlock neigh->lock
78
79 Reference count prevents destruction.
80
81 neigh->lock mainly serializes ll address data and its validity state.
82 However, the same lock is used to protect another entry fields:
83 - timer
84 - resolution queue
85
86 Again, nothing clever shall be made under neigh->lock,
87 the most complicated procedure, which we allow is dev->hard_header.
88 It is supposed, that dev->hard_header is simplistic and does
89 not make callbacks to neighbour tables.
90
91 The last lock is neigh_tbl_lock. It is pure SMP lock, protecting
92 list of neighbour tables. This list is used only in process context,
93 */
94
95 static DEFINE_RWLOCK(neigh_tbl_lock);
96
neigh_blackhole(struct neighbour * neigh,struct sk_buff * skb)97 static int neigh_blackhole(struct neighbour *neigh, struct sk_buff *skb)
98 {
99 kfree_skb(skb);
100 return -ENETDOWN;
101 }
102
neigh_cleanup_and_release(struct neighbour * neigh)103 static void neigh_cleanup_and_release(struct neighbour *neigh)
104 {
105 if (neigh->parms->neigh_cleanup)
106 neigh->parms->neigh_cleanup(neigh);
107
108 __neigh_notify(neigh, RTM_DELNEIGH, 0);
109 neigh_release(neigh);
110 }
111
112 /*
113 * It is random distribution in the interval (1/2)*base...(3/2)*base.
114 * It corresponds to default IPv6 settings and is not overridable,
115 * because it is really reasonable choice.
116 */
117
neigh_rand_reach_time(unsigned long base)118 unsigned long neigh_rand_reach_time(unsigned long base)
119 {
120 return base ? (prandom_u32() % base) + (base >> 1) : 0;
121 }
122 EXPORT_SYMBOL(neigh_rand_reach_time);
123
124
neigh_forced_gc(struct neigh_table * tbl)125 static int neigh_forced_gc(struct neigh_table *tbl)
126 {
127 int shrunk = 0;
128 int i;
129 struct neigh_hash_table *nht;
130
131 NEIGH_CACHE_STAT_INC(tbl, forced_gc_runs);
132
133 write_lock_bh(&tbl->lock);
134 nht = rcu_dereference_protected(tbl->nht,
135 lockdep_is_held(&tbl->lock));
136 for (i = 0; i < (1 << nht->hash_shift); i++) {
137 struct neighbour *n;
138 struct neighbour __rcu **np;
139
140 np = &nht->hash_buckets[i];
141 while ((n = rcu_dereference_protected(*np,
142 lockdep_is_held(&tbl->lock))) != NULL) {
143 /* Neighbour record may be discarded if:
144 * - nobody refers to it.
145 * - it is not permanent
146 */
147 write_lock(&n->lock);
148 if (atomic_read(&n->refcnt) == 1 &&
149 !(n->nud_state & NUD_PERMANENT)) {
150 rcu_assign_pointer(*np,
151 rcu_dereference_protected(n->next,
152 lockdep_is_held(&tbl->lock)));
153 n->dead = 1;
154 shrunk = 1;
155 write_unlock(&n->lock);
156 neigh_cleanup_and_release(n);
157 continue;
158 }
159 write_unlock(&n->lock);
160 np = &n->next;
161 }
162 }
163
164 tbl->last_flush = jiffies;
165
166 write_unlock_bh(&tbl->lock);
167
168 return shrunk;
169 }
170
neigh_add_timer(struct neighbour * n,unsigned long when)171 static void neigh_add_timer(struct neighbour *n, unsigned long when)
172 {
173 neigh_hold(n);
174 if (unlikely(mod_timer(&n->timer, when))) {
175 printk("NEIGH: BUG, double timer add, state is %x\n",
176 n->nud_state);
177 dump_stack();
178 }
179 }
180
neigh_del_timer(struct neighbour * n)181 static int neigh_del_timer(struct neighbour *n)
182 {
183 if ((n->nud_state & NUD_IN_TIMER) &&
184 del_timer(&n->timer)) {
185 neigh_release(n);
186 return 1;
187 }
188 return 0;
189 }
190
pneigh_queue_purge(struct sk_buff_head * list)191 static void pneigh_queue_purge(struct sk_buff_head *list)
192 {
193 struct sk_buff *skb;
194
195 while ((skb = skb_dequeue(list)) != NULL) {
196 dev_put(skb->dev);
197 kfree_skb(skb);
198 }
199 }
200
neigh_flush_dev(struct neigh_table * tbl,struct net_device * dev)201 static void neigh_flush_dev(struct neigh_table *tbl, struct net_device *dev)
202 {
203 int i;
204 struct neigh_hash_table *nht;
205
206 nht = rcu_dereference_protected(tbl->nht,
207 lockdep_is_held(&tbl->lock));
208
209 for (i = 0; i < (1 << nht->hash_shift); i++) {
210 struct neighbour *n;
211 struct neighbour __rcu **np = &nht->hash_buckets[i];
212
213 while ((n = rcu_dereference_protected(*np,
214 lockdep_is_held(&tbl->lock))) != NULL) {
215 if (dev && n->dev != dev) {
216 np = &n->next;
217 continue;
218 }
219 rcu_assign_pointer(*np,
220 rcu_dereference_protected(n->next,
221 lockdep_is_held(&tbl->lock)));
222 write_lock(&n->lock);
223 neigh_del_timer(n);
224 n->dead = 1;
225
226 if (atomic_read(&n->refcnt) != 1) {
227 /* The most unpleasant situation.
228 We must destroy neighbour entry,
229 but someone still uses it.
230
231 The destroy will be delayed until
232 the last user releases us, but
233 we must kill timers etc. and move
234 it to safe state.
235 */
236 __skb_queue_purge(&n->arp_queue);
237 n->arp_queue_len_bytes = 0;
238 n->output = neigh_blackhole;
239 if (n->nud_state & NUD_VALID)
240 n->nud_state = NUD_NOARP;
241 else
242 n->nud_state = NUD_NONE;
243 neigh_dbg(2, "neigh %p is stray\n", n);
244 }
245 write_unlock(&n->lock);
246 neigh_cleanup_and_release(n);
247 }
248 }
249 }
250
neigh_changeaddr(struct neigh_table * tbl,struct net_device * dev)251 void neigh_changeaddr(struct neigh_table *tbl, struct net_device *dev)
252 {
253 write_lock_bh(&tbl->lock);
254 neigh_flush_dev(tbl, dev);
255 write_unlock_bh(&tbl->lock);
256 }
257 EXPORT_SYMBOL(neigh_changeaddr);
258
neigh_ifdown(struct neigh_table * tbl,struct net_device * dev)259 int neigh_ifdown(struct neigh_table *tbl, struct net_device *dev)
260 {
261 write_lock_bh(&tbl->lock);
262 neigh_flush_dev(tbl, dev);
263 pneigh_ifdown(tbl, dev);
264 write_unlock_bh(&tbl->lock);
265
266 del_timer_sync(&tbl->proxy_timer);
267 pneigh_queue_purge(&tbl->proxy_queue);
268 return 0;
269 }
270 EXPORT_SYMBOL(neigh_ifdown);
271
neigh_alloc(struct neigh_table * tbl,struct net_device * dev)272 static struct neighbour *neigh_alloc(struct neigh_table *tbl, struct net_device *dev)
273 {
274 struct neighbour *n = NULL;
275 unsigned long now = jiffies;
276 int entries;
277
278 entries = atomic_inc_return(&tbl->entries) - 1;
279 if (entries >= tbl->gc_thresh3 ||
280 (entries >= tbl->gc_thresh2 &&
281 time_after(now, tbl->last_flush + 5 * HZ))) {
282 if (!neigh_forced_gc(tbl) &&
283 entries >= tbl->gc_thresh3)
284 goto out_entries;
285 }
286
287 n = kzalloc(tbl->entry_size + dev->neigh_priv_len, GFP_ATOMIC);
288 if (!n)
289 goto out_entries;
290
291 __skb_queue_head_init(&n->arp_queue);
292 rwlock_init(&n->lock);
293 seqlock_init(&n->ha_lock);
294 n->updated = n->used = now;
295 n->nud_state = NUD_NONE;
296 n->output = neigh_blackhole;
297 seqlock_init(&n->hh.hh_lock);
298 n->parms = neigh_parms_clone(&tbl->parms);
299 setup_timer(&n->timer, neigh_timer_handler, (unsigned long)n);
300
301 NEIGH_CACHE_STAT_INC(tbl, allocs);
302 n->tbl = tbl;
303 atomic_set(&n->refcnt, 1);
304 n->dead = 1;
305 out:
306 return n;
307
308 out_entries:
309 atomic_dec(&tbl->entries);
310 goto out;
311 }
312
neigh_get_hash_rnd(u32 * x)313 static void neigh_get_hash_rnd(u32 *x)
314 {
315 get_random_bytes(x, sizeof(*x));
316 *x |= 1;
317 }
318
neigh_hash_alloc(unsigned int shift)319 static struct neigh_hash_table *neigh_hash_alloc(unsigned int shift)
320 {
321 size_t size = (1 << shift) * sizeof(struct neighbour *);
322 struct neigh_hash_table *ret;
323 struct neighbour __rcu **buckets;
324 int i;
325
326 ret = kmalloc(sizeof(*ret), GFP_ATOMIC);
327 if (!ret)
328 return NULL;
329 if (size <= PAGE_SIZE)
330 buckets = kzalloc(size, GFP_ATOMIC);
331 else
332 buckets = (struct neighbour __rcu **)
333 __get_free_pages(GFP_ATOMIC | __GFP_ZERO,
334 get_order(size));
335 if (!buckets) {
336 kfree(ret);
337 return NULL;
338 }
339 ret->hash_buckets = buckets;
340 ret->hash_shift = shift;
341 for (i = 0; i < NEIGH_NUM_HASH_RND; i++)
342 neigh_get_hash_rnd(&ret->hash_rnd[i]);
343 return ret;
344 }
345
neigh_hash_free_rcu(struct rcu_head * head)346 static void neigh_hash_free_rcu(struct rcu_head *head)
347 {
348 struct neigh_hash_table *nht = container_of(head,
349 struct neigh_hash_table,
350 rcu);
351 size_t size = (1 << nht->hash_shift) * sizeof(struct neighbour *);
352 struct neighbour __rcu **buckets = nht->hash_buckets;
353
354 if (size <= PAGE_SIZE)
355 kfree(buckets);
356 else
357 free_pages((unsigned long)buckets, get_order(size));
358 kfree(nht);
359 }
360
neigh_hash_grow(struct neigh_table * tbl,unsigned long new_shift)361 static struct neigh_hash_table *neigh_hash_grow(struct neigh_table *tbl,
362 unsigned long new_shift)
363 {
364 unsigned int i, hash;
365 struct neigh_hash_table *new_nht, *old_nht;
366
367 NEIGH_CACHE_STAT_INC(tbl, hash_grows);
368
369 old_nht = rcu_dereference_protected(tbl->nht,
370 lockdep_is_held(&tbl->lock));
371 new_nht = neigh_hash_alloc(new_shift);
372 if (!new_nht)
373 return old_nht;
374
375 for (i = 0; i < (1 << old_nht->hash_shift); i++) {
376 struct neighbour *n, *next;
377
378 for (n = rcu_dereference_protected(old_nht->hash_buckets[i],
379 lockdep_is_held(&tbl->lock));
380 n != NULL;
381 n = next) {
382 hash = tbl->hash(n->primary_key, n->dev,
383 new_nht->hash_rnd);
384
385 hash >>= (32 - new_nht->hash_shift);
386 next = rcu_dereference_protected(n->next,
387 lockdep_is_held(&tbl->lock));
388
389 rcu_assign_pointer(n->next,
390 rcu_dereference_protected(
391 new_nht->hash_buckets[hash],
392 lockdep_is_held(&tbl->lock)));
393 rcu_assign_pointer(new_nht->hash_buckets[hash], n);
394 }
395 }
396
397 rcu_assign_pointer(tbl->nht, new_nht);
398 call_rcu(&old_nht->rcu, neigh_hash_free_rcu);
399 return new_nht;
400 }
401
neigh_lookup(struct neigh_table * tbl,const void * pkey,struct net_device * dev)402 struct neighbour *neigh_lookup(struct neigh_table *tbl, const void *pkey,
403 struct net_device *dev)
404 {
405 struct neighbour *n;
406 int key_len = tbl->key_len;
407 u32 hash_val;
408 struct neigh_hash_table *nht;
409
410 NEIGH_CACHE_STAT_INC(tbl, lookups);
411
412 rcu_read_lock_bh();
413 nht = rcu_dereference_bh(tbl->nht);
414 hash_val = tbl->hash(pkey, dev, nht->hash_rnd) >> (32 - nht->hash_shift);
415
416 for (n = rcu_dereference_bh(nht->hash_buckets[hash_val]);
417 n != NULL;
418 n = rcu_dereference_bh(n->next)) {
419 if (dev == n->dev && !memcmp(n->primary_key, pkey, key_len)) {
420 if (!atomic_inc_not_zero(&n->refcnt))
421 n = NULL;
422 NEIGH_CACHE_STAT_INC(tbl, hits);
423 break;
424 }
425 }
426
427 rcu_read_unlock_bh();
428 return n;
429 }
430 EXPORT_SYMBOL(neigh_lookup);
431
neigh_lookup_nodev(struct neigh_table * tbl,struct net * net,const void * pkey)432 struct neighbour *neigh_lookup_nodev(struct neigh_table *tbl, struct net *net,
433 const void *pkey)
434 {
435 struct neighbour *n;
436 int key_len = tbl->key_len;
437 u32 hash_val;
438 struct neigh_hash_table *nht;
439
440 NEIGH_CACHE_STAT_INC(tbl, lookups);
441
442 rcu_read_lock_bh();
443 nht = rcu_dereference_bh(tbl->nht);
444 hash_val = tbl->hash(pkey, NULL, nht->hash_rnd) >> (32 - nht->hash_shift);
445
446 for (n = rcu_dereference_bh(nht->hash_buckets[hash_val]);
447 n != NULL;
448 n = rcu_dereference_bh(n->next)) {
449 if (!memcmp(n->primary_key, pkey, key_len) &&
450 net_eq(dev_net(n->dev), net)) {
451 if (!atomic_inc_not_zero(&n->refcnt))
452 n = NULL;
453 NEIGH_CACHE_STAT_INC(tbl, hits);
454 break;
455 }
456 }
457
458 rcu_read_unlock_bh();
459 return n;
460 }
461 EXPORT_SYMBOL(neigh_lookup_nodev);
462
__neigh_create(struct neigh_table * tbl,const void * pkey,struct net_device * dev,bool want_ref)463 struct neighbour *__neigh_create(struct neigh_table *tbl, const void *pkey,
464 struct net_device *dev, bool want_ref)
465 {
466 u32 hash_val;
467 int key_len = tbl->key_len;
468 int error;
469 struct neighbour *n1, *rc, *n = neigh_alloc(tbl, dev);
470 struct neigh_hash_table *nht;
471
472 if (!n) {
473 rc = ERR_PTR(-ENOBUFS);
474 goto out;
475 }
476
477 memcpy(n->primary_key, pkey, key_len);
478 n->dev = dev;
479 dev_hold(dev);
480
481 /* Protocol specific setup. */
482 if (tbl->constructor && (error = tbl->constructor(n)) < 0) {
483 rc = ERR_PTR(error);
484 goto out_neigh_release;
485 }
486
487 if (dev->netdev_ops->ndo_neigh_construct) {
488 error = dev->netdev_ops->ndo_neigh_construct(n);
489 if (error < 0) {
490 rc = ERR_PTR(error);
491 goto out_neigh_release;
492 }
493 }
494
495 /* Device specific setup. */
496 if (n->parms->neigh_setup &&
497 (error = n->parms->neigh_setup(n)) < 0) {
498 rc = ERR_PTR(error);
499 goto out_neigh_release;
500 }
501
502 n->confirmed = jiffies - (NEIGH_VAR(n->parms, BASE_REACHABLE_TIME) << 1);
503
504 write_lock_bh(&tbl->lock);
505 nht = rcu_dereference_protected(tbl->nht,
506 lockdep_is_held(&tbl->lock));
507
508 if (atomic_read(&tbl->entries) > (1 << nht->hash_shift))
509 nht = neigh_hash_grow(tbl, nht->hash_shift + 1);
510
511 hash_val = tbl->hash(n->primary_key, dev, nht->hash_rnd) >> (32 - nht->hash_shift);
512
513 if (n->parms->dead) {
514 rc = ERR_PTR(-EINVAL);
515 goto out_tbl_unlock;
516 }
517
518 for (n1 = rcu_dereference_protected(nht->hash_buckets[hash_val],
519 lockdep_is_held(&tbl->lock));
520 n1 != NULL;
521 n1 = rcu_dereference_protected(n1->next,
522 lockdep_is_held(&tbl->lock))) {
523 if (dev == n1->dev && !memcmp(n1->primary_key, n->primary_key, key_len)) {
524 if (want_ref)
525 neigh_hold(n1);
526 rc = n1;
527 goto out_tbl_unlock;
528 }
529 }
530
531 n->dead = 0;
532 if (want_ref)
533 neigh_hold(n);
534 rcu_assign_pointer(n->next,
535 rcu_dereference_protected(nht->hash_buckets[hash_val],
536 lockdep_is_held(&tbl->lock)));
537 rcu_assign_pointer(nht->hash_buckets[hash_val], n);
538 write_unlock_bh(&tbl->lock);
539 neigh_dbg(2, "neigh %p is created\n", n);
540 rc = n;
541 out:
542 return rc;
543 out_tbl_unlock:
544 write_unlock_bh(&tbl->lock);
545 out_neigh_release:
546 neigh_release(n);
547 goto out;
548 }
549 EXPORT_SYMBOL(__neigh_create);
550
pneigh_hash(const void * pkey,int key_len)551 static u32 pneigh_hash(const void *pkey, int key_len)
552 {
553 u32 hash_val = *(u32 *)(pkey + key_len - 4);
554 hash_val ^= (hash_val >> 16);
555 hash_val ^= hash_val >> 8;
556 hash_val ^= hash_val >> 4;
557 hash_val &= PNEIGH_HASHMASK;
558 return hash_val;
559 }
560
__pneigh_lookup_1(struct pneigh_entry * n,struct net * net,const void * pkey,int key_len,struct net_device * dev)561 static struct pneigh_entry *__pneigh_lookup_1(struct pneigh_entry *n,
562 struct net *net,
563 const void *pkey,
564 int key_len,
565 struct net_device *dev)
566 {
567 while (n) {
568 if (!memcmp(n->key, pkey, key_len) &&
569 net_eq(pneigh_net(n), net) &&
570 (n->dev == dev || !n->dev))
571 return n;
572 n = n->next;
573 }
574 return NULL;
575 }
576
__pneigh_lookup(struct neigh_table * tbl,struct net * net,const void * pkey,struct net_device * dev)577 struct pneigh_entry *__pneigh_lookup(struct neigh_table *tbl,
578 struct net *net, const void *pkey, struct net_device *dev)
579 {
580 int key_len = tbl->key_len;
581 u32 hash_val = pneigh_hash(pkey, key_len);
582
583 return __pneigh_lookup_1(tbl->phash_buckets[hash_val],
584 net, pkey, key_len, dev);
585 }
586 EXPORT_SYMBOL_GPL(__pneigh_lookup);
587
pneigh_lookup(struct neigh_table * tbl,struct net * net,const void * pkey,struct net_device * dev,int creat)588 struct pneigh_entry * pneigh_lookup(struct neigh_table *tbl,
589 struct net *net, const void *pkey,
590 struct net_device *dev, int creat)
591 {
592 struct pneigh_entry *n;
593 int key_len = tbl->key_len;
594 u32 hash_val = pneigh_hash(pkey, key_len);
595
596 read_lock_bh(&tbl->lock);
597 n = __pneigh_lookup_1(tbl->phash_buckets[hash_val],
598 net, pkey, key_len, dev);
599 read_unlock_bh(&tbl->lock);
600
601 if (n || !creat)
602 goto out;
603
604 ASSERT_RTNL();
605
606 n = kmalloc(sizeof(*n) + key_len, GFP_KERNEL);
607 if (!n)
608 goto out;
609
610 write_pnet(&n->net, hold_net(net));
611 memcpy(n->key, pkey, key_len);
612 n->dev = dev;
613 if (dev)
614 dev_hold(dev);
615
616 if (tbl->pconstructor && tbl->pconstructor(n)) {
617 if (dev)
618 dev_put(dev);
619 release_net(net);
620 kfree(n);
621 n = NULL;
622 goto out;
623 }
624
625 write_lock_bh(&tbl->lock);
626 n->next = tbl->phash_buckets[hash_val];
627 tbl->phash_buckets[hash_val] = n;
628 write_unlock_bh(&tbl->lock);
629 out:
630 return n;
631 }
632 EXPORT_SYMBOL(pneigh_lookup);
633
634
pneigh_delete(struct neigh_table * tbl,struct net * net,const void * pkey,struct net_device * dev)635 int pneigh_delete(struct neigh_table *tbl, struct net *net, const void *pkey,
636 struct net_device *dev)
637 {
638 struct pneigh_entry *n, **np;
639 int key_len = tbl->key_len;
640 u32 hash_val = pneigh_hash(pkey, key_len);
641
642 write_lock_bh(&tbl->lock);
643 for (np = &tbl->phash_buckets[hash_val]; (n = *np) != NULL;
644 np = &n->next) {
645 if (!memcmp(n->key, pkey, key_len) && n->dev == dev &&
646 net_eq(pneigh_net(n), net)) {
647 *np = n->next;
648 write_unlock_bh(&tbl->lock);
649 if (tbl->pdestructor)
650 tbl->pdestructor(n);
651 if (n->dev)
652 dev_put(n->dev);
653 release_net(pneigh_net(n));
654 kfree(n);
655 return 0;
656 }
657 }
658 write_unlock_bh(&tbl->lock);
659 return -ENOENT;
660 }
661
pneigh_ifdown(struct neigh_table * tbl,struct net_device * dev)662 static int pneigh_ifdown(struct neigh_table *tbl, struct net_device *dev)
663 {
664 struct pneigh_entry *n, **np;
665 u32 h;
666
667 for (h = 0; h <= PNEIGH_HASHMASK; h++) {
668 np = &tbl->phash_buckets[h];
669 while ((n = *np) != NULL) {
670 if (!dev || n->dev == dev) {
671 *np = n->next;
672 if (tbl->pdestructor)
673 tbl->pdestructor(n);
674 if (n->dev)
675 dev_put(n->dev);
676 release_net(pneigh_net(n));
677 kfree(n);
678 continue;
679 }
680 np = &n->next;
681 }
682 }
683 return -ENOENT;
684 }
685
686 static void neigh_parms_destroy(struct neigh_parms *parms);
687
neigh_parms_put(struct neigh_parms * parms)688 static inline void neigh_parms_put(struct neigh_parms *parms)
689 {
690 if (atomic_dec_and_test(&parms->refcnt))
691 neigh_parms_destroy(parms);
692 }
693
694 /*
695 * neighbour must already be out of the table;
696 *
697 */
neigh_destroy(struct neighbour * neigh)698 void neigh_destroy(struct neighbour *neigh)
699 {
700 struct net_device *dev = neigh->dev;
701
702 NEIGH_CACHE_STAT_INC(neigh->tbl, destroys);
703
704 if (!neigh->dead) {
705 pr_warn("Destroying alive neighbour %p\n", neigh);
706 dump_stack();
707 return;
708 }
709
710 if (neigh_del_timer(neigh))
711 pr_warn("Impossible event\n");
712
713 write_lock_bh(&neigh->lock);
714 __skb_queue_purge(&neigh->arp_queue);
715 write_unlock_bh(&neigh->lock);
716 neigh->arp_queue_len_bytes = 0;
717
718 if (dev->netdev_ops->ndo_neigh_destroy)
719 dev->netdev_ops->ndo_neigh_destroy(neigh);
720
721 dev_put(dev);
722 neigh_parms_put(neigh->parms);
723
724 neigh_dbg(2, "neigh %p is destroyed\n", neigh);
725
726 atomic_dec(&neigh->tbl->entries);
727 kfree_rcu(neigh, rcu);
728 }
729 EXPORT_SYMBOL(neigh_destroy);
730
731 /* Neighbour state is suspicious;
732 disable fast path.
733
734 Called with write_locked neigh.
735 */
neigh_suspect(struct neighbour * neigh)736 static void neigh_suspect(struct neighbour *neigh)
737 {
738 neigh_dbg(2, "neigh %p is suspected\n", neigh);
739
740 neigh->output = neigh->ops->output;
741 }
742
743 /* Neighbour state is OK;
744 enable fast path.
745
746 Called with write_locked neigh.
747 */
neigh_connect(struct neighbour * neigh)748 static void neigh_connect(struct neighbour *neigh)
749 {
750 neigh_dbg(2, "neigh %p is connected\n", neigh);
751
752 neigh->output = neigh->ops->connected_output;
753 }
754
neigh_periodic_work(struct work_struct * work)755 static void neigh_periodic_work(struct work_struct *work)
756 {
757 struct neigh_table *tbl = container_of(work, struct neigh_table, gc_work.work);
758 struct neighbour *n;
759 struct neighbour __rcu **np;
760 unsigned int i;
761 struct neigh_hash_table *nht;
762
763 NEIGH_CACHE_STAT_INC(tbl, periodic_gc_runs);
764
765 write_lock_bh(&tbl->lock);
766 nht = rcu_dereference_protected(tbl->nht,
767 lockdep_is_held(&tbl->lock));
768
769 /*
770 * periodically recompute ReachableTime from random function
771 */
772
773 if (time_after(jiffies, tbl->last_rand + 300 * HZ)) {
774 struct neigh_parms *p;
775 tbl->last_rand = jiffies;
776 for (p = &tbl->parms; p; p = p->next)
777 p->reachable_time =
778 neigh_rand_reach_time(NEIGH_VAR(p, BASE_REACHABLE_TIME));
779 }
780
781 if (atomic_read(&tbl->entries) < tbl->gc_thresh1)
782 goto out;
783
784 for (i = 0 ; i < (1 << nht->hash_shift); i++) {
785 np = &nht->hash_buckets[i];
786
787 while ((n = rcu_dereference_protected(*np,
788 lockdep_is_held(&tbl->lock))) != NULL) {
789 unsigned int state;
790
791 write_lock(&n->lock);
792
793 state = n->nud_state;
794 if (state & (NUD_PERMANENT | NUD_IN_TIMER)) {
795 write_unlock(&n->lock);
796 goto next_elt;
797 }
798
799 if (time_before(n->used, n->confirmed))
800 n->used = n->confirmed;
801
802 if (atomic_read(&n->refcnt) == 1 &&
803 (state == NUD_FAILED ||
804 time_after(jiffies, n->used + NEIGH_VAR(n->parms, GC_STALETIME)))) {
805 *np = n->next;
806 n->dead = 1;
807 write_unlock(&n->lock);
808 neigh_cleanup_and_release(n);
809 continue;
810 }
811 write_unlock(&n->lock);
812
813 next_elt:
814 np = &n->next;
815 }
816 /*
817 * It's fine to release lock here, even if hash table
818 * grows while we are preempted.
819 */
820 write_unlock_bh(&tbl->lock);
821 cond_resched();
822 write_lock_bh(&tbl->lock);
823 nht = rcu_dereference_protected(tbl->nht,
824 lockdep_is_held(&tbl->lock));
825 }
826 out:
827 /* Cycle through all hash buckets every BASE_REACHABLE_TIME/2 ticks.
828 * ARP entry timeouts range from 1/2 BASE_REACHABLE_TIME to 3/2
829 * BASE_REACHABLE_TIME.
830 */
831 queue_delayed_work(system_power_efficient_wq, &tbl->gc_work,
832 NEIGH_VAR(&tbl->parms, BASE_REACHABLE_TIME) >> 1);
833 write_unlock_bh(&tbl->lock);
834 }
835
neigh_max_probes(struct neighbour * n)836 static __inline__ int neigh_max_probes(struct neighbour *n)
837 {
838 struct neigh_parms *p = n->parms;
839 int max_probes = NEIGH_VAR(p, UCAST_PROBES) + NEIGH_VAR(p, APP_PROBES);
840 if (!(n->nud_state & NUD_PROBE))
841 max_probes += NEIGH_VAR(p, MCAST_PROBES);
842 return max_probes;
843 }
844
neigh_invalidate(struct neighbour * neigh)845 static void neigh_invalidate(struct neighbour *neigh)
846 __releases(neigh->lock)
847 __acquires(neigh->lock)
848 {
849 struct sk_buff *skb;
850
851 NEIGH_CACHE_STAT_INC(neigh->tbl, res_failed);
852 neigh_dbg(2, "neigh %p is failed\n", neigh);
853 neigh->updated = jiffies;
854
855 /* It is very thin place. report_unreachable is very complicated
856 routine. Particularly, it can hit the same neighbour entry!
857
858 So that, we try to be accurate and avoid dead loop. --ANK
859 */
860 while (neigh->nud_state == NUD_FAILED &&
861 (skb = __skb_dequeue(&neigh->arp_queue)) != NULL) {
862 write_unlock(&neigh->lock);
863 neigh->ops->error_report(neigh, skb);
864 write_lock(&neigh->lock);
865 }
866 __skb_queue_purge(&neigh->arp_queue);
867 neigh->arp_queue_len_bytes = 0;
868 }
869
neigh_probe(struct neighbour * neigh)870 static void neigh_probe(struct neighbour *neigh)
871 __releases(neigh->lock)
872 {
873 struct sk_buff *skb = skb_peek_tail(&neigh->arp_queue);
874 /* keep skb alive even if arp_queue overflows */
875 if (skb)
876 skb = skb_copy(skb, GFP_ATOMIC);
877 write_unlock(&neigh->lock);
878 if (neigh->ops->solicit)
879 neigh->ops->solicit(neigh, skb);
880 atomic_inc(&neigh->probes);
881 kfree_skb(skb);
882 }
883
884 /* Called when a timer expires for a neighbour entry. */
885
neigh_timer_handler(unsigned long arg)886 static void neigh_timer_handler(unsigned long arg)
887 {
888 unsigned long now, next;
889 struct neighbour *neigh = (struct neighbour *)arg;
890 unsigned int state;
891 int notify = 0;
892
893 write_lock(&neigh->lock);
894
895 state = neigh->nud_state;
896 now = jiffies;
897 next = now + HZ;
898
899 if (!(state & NUD_IN_TIMER))
900 goto out;
901
902 if (state & NUD_REACHABLE) {
903 if (time_before_eq(now,
904 neigh->confirmed + neigh->parms->reachable_time)) {
905 neigh_dbg(2, "neigh %p is still alive\n", neigh);
906 next = neigh->confirmed + neigh->parms->reachable_time;
907 } else if (time_before_eq(now,
908 neigh->used +
909 NEIGH_VAR(neigh->parms, DELAY_PROBE_TIME))) {
910 neigh_dbg(2, "neigh %p is delayed\n", neigh);
911 neigh->nud_state = NUD_DELAY;
912 neigh->updated = jiffies;
913 neigh_suspect(neigh);
914 next = now + NEIGH_VAR(neigh->parms, DELAY_PROBE_TIME);
915 } else {
916 neigh_dbg(2, "neigh %p is suspected\n", neigh);
917 neigh->nud_state = NUD_STALE;
918 neigh->updated = jiffies;
919 neigh_suspect(neigh);
920 notify = 1;
921 }
922 } else if (state & NUD_DELAY) {
923 if (time_before_eq(now,
924 neigh->confirmed +
925 NEIGH_VAR(neigh->parms, DELAY_PROBE_TIME))) {
926 neigh_dbg(2, "neigh %p is now reachable\n", neigh);
927 neigh->nud_state = NUD_REACHABLE;
928 neigh->updated = jiffies;
929 neigh_connect(neigh);
930 notify = 1;
931 next = neigh->confirmed + neigh->parms->reachable_time;
932 } else {
933 neigh_dbg(2, "neigh %p is probed\n", neigh);
934 neigh->nud_state = NUD_PROBE;
935 neigh->updated = jiffies;
936 atomic_set(&neigh->probes, 0);
937 notify = 1;
938 next = now + NEIGH_VAR(neigh->parms, RETRANS_TIME);
939 }
940 } else {
941 /* NUD_PROBE|NUD_INCOMPLETE */
942 next = now + NEIGH_VAR(neigh->parms, RETRANS_TIME);
943 }
944
945 if ((neigh->nud_state & (NUD_INCOMPLETE | NUD_PROBE)) &&
946 atomic_read(&neigh->probes) >= neigh_max_probes(neigh)) {
947 neigh->nud_state = NUD_FAILED;
948 notify = 1;
949 neigh_invalidate(neigh);
950 goto out;
951 }
952
953 if (neigh->nud_state & NUD_IN_TIMER) {
954 if (time_before(next, jiffies + HZ/2))
955 next = jiffies + HZ/2;
956 if (!mod_timer(&neigh->timer, next))
957 neigh_hold(neigh);
958 }
959 if (neigh->nud_state & (NUD_INCOMPLETE | NUD_PROBE)) {
960 neigh_probe(neigh);
961 } else {
962 out:
963 write_unlock(&neigh->lock);
964 }
965
966 if (notify)
967 neigh_update_notify(neigh);
968
969 neigh_release(neigh);
970 }
971
__neigh_event_send(struct neighbour * neigh,struct sk_buff * skb)972 int __neigh_event_send(struct neighbour *neigh, struct sk_buff *skb)
973 {
974 int rc;
975 bool immediate_probe = false;
976
977 write_lock_bh(&neigh->lock);
978
979 rc = 0;
980 if (neigh->nud_state & (NUD_CONNECTED | NUD_DELAY | NUD_PROBE))
981 goto out_unlock_bh;
982 if (neigh->dead)
983 goto out_dead;
984
985 if (!(neigh->nud_state & (NUD_STALE | NUD_INCOMPLETE))) {
986 if (NEIGH_VAR(neigh->parms, MCAST_PROBES) +
987 NEIGH_VAR(neigh->parms, APP_PROBES)) {
988 unsigned long next, now = jiffies;
989
990 atomic_set(&neigh->probes,
991 NEIGH_VAR(neigh->parms, UCAST_PROBES));
992 neigh->nud_state = NUD_INCOMPLETE;
993 neigh->updated = now;
994 next = now + max(NEIGH_VAR(neigh->parms, RETRANS_TIME),
995 HZ/2);
996 neigh_add_timer(neigh, next);
997 immediate_probe = true;
998 } else {
999 neigh->nud_state = NUD_FAILED;
1000 neigh->updated = jiffies;
1001 write_unlock_bh(&neigh->lock);
1002
1003 kfree_skb(skb);
1004 return 1;
1005 }
1006 } else if (neigh->nud_state & NUD_STALE) {
1007 neigh_dbg(2, "neigh %p is delayed\n", neigh);
1008 neigh->nud_state = NUD_DELAY;
1009 neigh->updated = jiffies;
1010 neigh_add_timer(neigh, jiffies +
1011 NEIGH_VAR(neigh->parms, DELAY_PROBE_TIME));
1012 }
1013
1014 if (neigh->nud_state == NUD_INCOMPLETE) {
1015 if (skb) {
1016 while (neigh->arp_queue_len_bytes + skb->truesize >
1017 NEIGH_VAR(neigh->parms, QUEUE_LEN_BYTES)) {
1018 struct sk_buff *buff;
1019
1020 buff = __skb_dequeue(&neigh->arp_queue);
1021 if (!buff)
1022 break;
1023 neigh->arp_queue_len_bytes -= buff->truesize;
1024 kfree_skb(buff);
1025 NEIGH_CACHE_STAT_INC(neigh->tbl, unres_discards);
1026 }
1027 skb_dst_force(skb);
1028 __skb_queue_tail(&neigh->arp_queue, skb);
1029 neigh->arp_queue_len_bytes += skb->truesize;
1030 }
1031 rc = 1;
1032 }
1033 out_unlock_bh:
1034 if (immediate_probe)
1035 neigh_probe(neigh);
1036 else
1037 write_unlock(&neigh->lock);
1038 local_bh_enable();
1039 return rc;
1040
1041 out_dead:
1042 if (neigh->nud_state & NUD_STALE)
1043 goto out_unlock_bh;
1044 write_unlock_bh(&neigh->lock);
1045 kfree_skb(skb);
1046 return 1;
1047 }
1048 EXPORT_SYMBOL(__neigh_event_send);
1049
neigh_update_hhs(struct neighbour * neigh)1050 static void neigh_update_hhs(struct neighbour *neigh)
1051 {
1052 struct hh_cache *hh;
1053 void (*update)(struct hh_cache*, const struct net_device*, const unsigned char *)
1054 = NULL;
1055
1056 if (neigh->dev->header_ops)
1057 update = neigh->dev->header_ops->cache_update;
1058
1059 if (update) {
1060 hh = &neigh->hh;
1061 if (hh->hh_len) {
1062 write_seqlock_bh(&hh->hh_lock);
1063 update(hh, neigh->dev, neigh->ha);
1064 write_sequnlock_bh(&hh->hh_lock);
1065 }
1066 }
1067 }
1068
1069
1070
1071 /* Generic update routine.
1072 -- lladdr is new lladdr or NULL, if it is not supplied.
1073 -- new is new state.
1074 -- flags
1075 NEIGH_UPDATE_F_OVERRIDE allows to override existing lladdr,
1076 if it is different.
1077 NEIGH_UPDATE_F_WEAK_OVERRIDE will suspect existing "connected"
1078 lladdr instead of overriding it
1079 if it is different.
1080 It also allows to retain current state
1081 if lladdr is unchanged.
1082 NEIGH_UPDATE_F_ADMIN means that the change is administrative.
1083
1084 NEIGH_UPDATE_F_OVERRIDE_ISROUTER allows to override existing
1085 NTF_ROUTER flag.
1086 NEIGH_UPDATE_F_ISROUTER indicates if the neighbour is known as
1087 a router.
1088
1089 Caller MUST hold reference count on the entry.
1090 */
1091
neigh_update(struct neighbour * neigh,const u8 * lladdr,u8 new,u32 flags)1092 int neigh_update(struct neighbour *neigh, const u8 *lladdr, u8 new,
1093 u32 flags)
1094 {
1095 u8 old;
1096 int err;
1097 int notify = 0;
1098 struct net_device *dev;
1099 int update_isrouter = 0;
1100
1101 write_lock_bh(&neigh->lock);
1102
1103 dev = neigh->dev;
1104 old = neigh->nud_state;
1105 err = -EPERM;
1106
1107 if (!(flags & NEIGH_UPDATE_F_ADMIN) &&
1108 (old & (NUD_NOARP | NUD_PERMANENT)))
1109 goto out;
1110 if (neigh->dead)
1111 goto out;
1112
1113 if (!(new & NUD_VALID)) {
1114 neigh_del_timer(neigh);
1115 if (old & NUD_CONNECTED)
1116 neigh_suspect(neigh);
1117 neigh->nud_state = new;
1118 err = 0;
1119 notify = old & NUD_VALID;
1120 if ((old & (NUD_INCOMPLETE | NUD_PROBE)) &&
1121 (new & NUD_FAILED)) {
1122 neigh_invalidate(neigh);
1123 notify = 1;
1124 }
1125 goto out;
1126 }
1127
1128 /* Compare new lladdr with cached one */
1129 if (!dev->addr_len) {
1130 /* First case: device needs no address. */
1131 lladdr = neigh->ha;
1132 } else if (lladdr) {
1133 /* The second case: if something is already cached
1134 and a new address is proposed:
1135 - compare new & old
1136 - if they are different, check override flag
1137 */
1138 if ((old & NUD_VALID) &&
1139 !memcmp(lladdr, neigh->ha, dev->addr_len))
1140 lladdr = neigh->ha;
1141 } else {
1142 /* No address is supplied; if we know something,
1143 use it, otherwise discard the request.
1144 */
1145 err = -EINVAL;
1146 if (!(old & NUD_VALID))
1147 goto out;
1148 lladdr = neigh->ha;
1149 }
1150
1151 if (new & NUD_CONNECTED)
1152 neigh->confirmed = jiffies;
1153 neigh->updated = jiffies;
1154
1155 /* If entry was valid and address is not changed,
1156 do not change entry state, if new one is STALE.
1157 */
1158 err = 0;
1159 update_isrouter = flags & NEIGH_UPDATE_F_OVERRIDE_ISROUTER;
1160 if (old & NUD_VALID) {
1161 if (lladdr != neigh->ha && !(flags & NEIGH_UPDATE_F_OVERRIDE)) {
1162 update_isrouter = 0;
1163 if ((flags & NEIGH_UPDATE_F_WEAK_OVERRIDE) &&
1164 (old & NUD_CONNECTED)) {
1165 lladdr = neigh->ha;
1166 new = NUD_STALE;
1167 } else
1168 goto out;
1169 } else {
1170 if (lladdr == neigh->ha && new == NUD_STALE &&
1171 ((flags & NEIGH_UPDATE_F_WEAK_OVERRIDE) ||
1172 (old & NUD_CONNECTED))
1173 )
1174 new = old;
1175 }
1176 }
1177
1178 if (new != old) {
1179 neigh_del_timer(neigh);
1180 if (new & NUD_PROBE)
1181 atomic_set(&neigh->probes, 0);
1182 if (new & NUD_IN_TIMER)
1183 neigh_add_timer(neigh, (jiffies +
1184 ((new & NUD_REACHABLE) ?
1185 neigh->parms->reachable_time :
1186 0)));
1187 neigh->nud_state = new;
1188 notify = 1;
1189 }
1190
1191 if (lladdr != neigh->ha) {
1192 write_seqlock(&neigh->ha_lock);
1193 memcpy(&neigh->ha, lladdr, dev->addr_len);
1194 write_sequnlock(&neigh->ha_lock);
1195 neigh_update_hhs(neigh);
1196 if (!(new & NUD_CONNECTED))
1197 neigh->confirmed = jiffies -
1198 (NEIGH_VAR(neigh->parms, BASE_REACHABLE_TIME) << 1);
1199 notify = 1;
1200 }
1201 if (new == old)
1202 goto out;
1203 if (new & NUD_CONNECTED)
1204 neigh_connect(neigh);
1205 else
1206 neigh_suspect(neigh);
1207 if (!(old & NUD_VALID)) {
1208 struct sk_buff *skb;
1209
1210 /* Again: avoid dead loop if something went wrong */
1211
1212 while (neigh->nud_state & NUD_VALID &&
1213 (skb = __skb_dequeue(&neigh->arp_queue)) != NULL) {
1214 struct dst_entry *dst = skb_dst(skb);
1215 struct neighbour *n2, *n1 = neigh;
1216 write_unlock_bh(&neigh->lock);
1217
1218 rcu_read_lock();
1219
1220 /* Why not just use 'neigh' as-is? The problem is that
1221 * things such as shaper, eql, and sch_teql can end up
1222 * using alternative, different, neigh objects to output
1223 * the packet in the output path. So what we need to do
1224 * here is re-lookup the top-level neigh in the path so
1225 * we can reinject the packet there.
1226 */
1227 n2 = NULL;
1228 if (dst) {
1229 n2 = dst_neigh_lookup_skb(dst, skb);
1230 if (n2)
1231 n1 = n2;
1232 }
1233 n1->output(n1, skb);
1234 if (n2)
1235 neigh_release(n2);
1236 rcu_read_unlock();
1237
1238 write_lock_bh(&neigh->lock);
1239 }
1240 __skb_queue_purge(&neigh->arp_queue);
1241 neigh->arp_queue_len_bytes = 0;
1242 }
1243 out:
1244 if (update_isrouter) {
1245 neigh->flags = (flags & NEIGH_UPDATE_F_ISROUTER) ?
1246 (neigh->flags | NTF_ROUTER) :
1247 (neigh->flags & ~NTF_ROUTER);
1248 }
1249 write_unlock_bh(&neigh->lock);
1250
1251 if (notify)
1252 neigh_update_notify(neigh);
1253
1254 return err;
1255 }
1256 EXPORT_SYMBOL(neigh_update);
1257
1258 /* Update the neigh to listen temporarily for probe responses, even if it is
1259 * in a NUD_FAILED state. The caller has to hold neigh->lock for writing.
1260 */
__neigh_set_probe_once(struct neighbour * neigh)1261 void __neigh_set_probe_once(struct neighbour *neigh)
1262 {
1263 if (neigh->dead)
1264 return;
1265 neigh->updated = jiffies;
1266 if (!(neigh->nud_state & NUD_FAILED))
1267 return;
1268 neigh->nud_state = NUD_INCOMPLETE;
1269 atomic_set(&neigh->probes, neigh_max_probes(neigh));
1270 neigh_add_timer(neigh,
1271 jiffies + NEIGH_VAR(neigh->parms, RETRANS_TIME));
1272 }
1273 EXPORT_SYMBOL(__neigh_set_probe_once);
1274
neigh_event_ns(struct neigh_table * tbl,u8 * lladdr,void * saddr,struct net_device * dev)1275 struct neighbour *neigh_event_ns(struct neigh_table *tbl,
1276 u8 *lladdr, void *saddr,
1277 struct net_device *dev)
1278 {
1279 struct neighbour *neigh = __neigh_lookup(tbl, saddr, dev,
1280 lladdr || !dev->addr_len);
1281 if (neigh)
1282 neigh_update(neigh, lladdr, NUD_STALE,
1283 NEIGH_UPDATE_F_OVERRIDE);
1284 return neigh;
1285 }
1286 EXPORT_SYMBOL(neigh_event_ns);
1287
1288 /* called with read_lock_bh(&n->lock); */
neigh_hh_init(struct neighbour * n,struct dst_entry * dst)1289 static void neigh_hh_init(struct neighbour *n, struct dst_entry *dst)
1290 {
1291 struct net_device *dev = dst->dev;
1292 __be16 prot = dst->ops->protocol;
1293 struct hh_cache *hh = &n->hh;
1294
1295 write_lock_bh(&n->lock);
1296
1297 /* Only one thread can come in here and initialize the
1298 * hh_cache entry.
1299 */
1300 if (!hh->hh_len)
1301 dev->header_ops->cache(n, hh, prot);
1302
1303 write_unlock_bh(&n->lock);
1304 }
1305
1306 /* This function can be used in contexts, where only old dev_queue_xmit
1307 * worked, f.e. if you want to override normal output path (eql, shaper),
1308 * but resolution is not made yet.
1309 */
1310
neigh_compat_output(struct neighbour * neigh,struct sk_buff * skb)1311 int neigh_compat_output(struct neighbour *neigh, struct sk_buff *skb)
1312 {
1313 struct net_device *dev = skb->dev;
1314
1315 __skb_pull(skb, skb_network_offset(skb));
1316
1317 if (dev_hard_header(skb, dev, ntohs(skb->protocol), NULL, NULL,
1318 skb->len) < 0 &&
1319 dev_rebuild_header(skb))
1320 return 0;
1321
1322 return dev_queue_xmit(skb);
1323 }
1324 EXPORT_SYMBOL(neigh_compat_output);
1325
1326 /* Slow and careful. */
1327
neigh_resolve_output(struct neighbour * neigh,struct sk_buff * skb)1328 int neigh_resolve_output(struct neighbour *neigh, struct sk_buff *skb)
1329 {
1330 struct dst_entry *dst = skb_dst(skb);
1331 int rc = 0;
1332
1333 if (!dst)
1334 goto discard;
1335
1336 if (!neigh_event_send(neigh, skb)) {
1337 int err;
1338 struct net_device *dev = neigh->dev;
1339 unsigned int seq;
1340
1341 if (dev->header_ops->cache && !neigh->hh.hh_len)
1342 neigh_hh_init(neigh, dst);
1343
1344 do {
1345 __skb_pull(skb, skb_network_offset(skb));
1346 seq = read_seqbegin(&neigh->ha_lock);
1347 err = dev_hard_header(skb, dev, ntohs(skb->protocol),
1348 neigh->ha, NULL, skb->len);
1349 } while (read_seqretry(&neigh->ha_lock, seq));
1350
1351 if (err >= 0)
1352 rc = dev_queue_xmit(skb);
1353 else
1354 goto out_kfree_skb;
1355 }
1356 out:
1357 return rc;
1358 discard:
1359 neigh_dbg(1, "%s: dst=%p neigh=%p\n", __func__, dst, neigh);
1360 out_kfree_skb:
1361 rc = -EINVAL;
1362 kfree_skb(skb);
1363 goto out;
1364 }
1365 EXPORT_SYMBOL(neigh_resolve_output);
1366
1367 /* As fast as possible without hh cache */
1368
neigh_connected_output(struct neighbour * neigh,struct sk_buff * skb)1369 int neigh_connected_output(struct neighbour *neigh, struct sk_buff *skb)
1370 {
1371 struct net_device *dev = neigh->dev;
1372 unsigned int seq;
1373 int err;
1374
1375 do {
1376 __skb_pull(skb, skb_network_offset(skb));
1377 seq = read_seqbegin(&neigh->ha_lock);
1378 err = dev_hard_header(skb, dev, ntohs(skb->protocol),
1379 neigh->ha, NULL, skb->len);
1380 } while (read_seqretry(&neigh->ha_lock, seq));
1381
1382 if (err >= 0)
1383 err = dev_queue_xmit(skb);
1384 else {
1385 err = -EINVAL;
1386 kfree_skb(skb);
1387 }
1388 return err;
1389 }
1390 EXPORT_SYMBOL(neigh_connected_output);
1391
neigh_direct_output(struct neighbour * neigh,struct sk_buff * skb)1392 int neigh_direct_output(struct neighbour *neigh, struct sk_buff *skb)
1393 {
1394 return dev_queue_xmit(skb);
1395 }
1396 EXPORT_SYMBOL(neigh_direct_output);
1397
neigh_proxy_process(unsigned long arg)1398 static void neigh_proxy_process(unsigned long arg)
1399 {
1400 struct neigh_table *tbl = (struct neigh_table *)arg;
1401 long sched_next = 0;
1402 unsigned long now = jiffies;
1403 struct sk_buff *skb, *n;
1404
1405 spin_lock(&tbl->proxy_queue.lock);
1406
1407 skb_queue_walk_safe(&tbl->proxy_queue, skb, n) {
1408 long tdif = NEIGH_CB(skb)->sched_next - now;
1409
1410 if (tdif <= 0) {
1411 struct net_device *dev = skb->dev;
1412
1413 __skb_unlink(skb, &tbl->proxy_queue);
1414 if (tbl->proxy_redo && netif_running(dev)) {
1415 rcu_read_lock();
1416 tbl->proxy_redo(skb);
1417 rcu_read_unlock();
1418 } else {
1419 kfree_skb(skb);
1420 }
1421
1422 dev_put(dev);
1423 } else if (!sched_next || tdif < sched_next)
1424 sched_next = tdif;
1425 }
1426 del_timer(&tbl->proxy_timer);
1427 if (sched_next)
1428 mod_timer(&tbl->proxy_timer, jiffies + sched_next);
1429 spin_unlock(&tbl->proxy_queue.lock);
1430 }
1431
pneigh_enqueue(struct neigh_table * tbl,struct neigh_parms * p,struct sk_buff * skb)1432 void pneigh_enqueue(struct neigh_table *tbl, struct neigh_parms *p,
1433 struct sk_buff *skb)
1434 {
1435 unsigned long now = jiffies;
1436
1437 unsigned long sched_next = now + (prandom_u32() %
1438 NEIGH_VAR(p, PROXY_DELAY));
1439
1440 if (tbl->proxy_queue.qlen > NEIGH_VAR(p, PROXY_QLEN)) {
1441 kfree_skb(skb);
1442 return;
1443 }
1444
1445 NEIGH_CB(skb)->sched_next = sched_next;
1446 NEIGH_CB(skb)->flags |= LOCALLY_ENQUEUED;
1447
1448 spin_lock(&tbl->proxy_queue.lock);
1449 if (del_timer(&tbl->proxy_timer)) {
1450 if (time_before(tbl->proxy_timer.expires, sched_next))
1451 sched_next = tbl->proxy_timer.expires;
1452 }
1453 skb_dst_drop(skb);
1454 dev_hold(skb->dev);
1455 __skb_queue_tail(&tbl->proxy_queue, skb);
1456 mod_timer(&tbl->proxy_timer, sched_next);
1457 spin_unlock(&tbl->proxy_queue.lock);
1458 }
1459 EXPORT_SYMBOL(pneigh_enqueue);
1460
lookup_neigh_parms(struct neigh_table * tbl,struct net * net,int ifindex)1461 static inline struct neigh_parms *lookup_neigh_parms(struct neigh_table *tbl,
1462 struct net *net, int ifindex)
1463 {
1464 struct neigh_parms *p;
1465
1466 for (p = &tbl->parms; p; p = p->next) {
1467 if ((p->dev && p->dev->ifindex == ifindex && net_eq(neigh_parms_net(p), net)) ||
1468 (!p->dev && !ifindex && net_eq(net, &init_net)))
1469 return p;
1470 }
1471
1472 return NULL;
1473 }
1474
neigh_parms_alloc(struct net_device * dev,struct neigh_table * tbl)1475 struct neigh_parms *neigh_parms_alloc(struct net_device *dev,
1476 struct neigh_table *tbl)
1477 {
1478 struct neigh_parms *p;
1479 struct net *net = dev_net(dev);
1480 const struct net_device_ops *ops = dev->netdev_ops;
1481
1482 p = kmemdup(&tbl->parms, sizeof(*p), GFP_KERNEL);
1483 if (p) {
1484 p->tbl = tbl;
1485 atomic_set(&p->refcnt, 1);
1486 p->reachable_time =
1487 neigh_rand_reach_time(NEIGH_VAR(p, BASE_REACHABLE_TIME));
1488 dev_hold(dev);
1489 p->dev = dev;
1490 write_pnet(&p->net, hold_net(net));
1491 p->sysctl_table = NULL;
1492
1493 if (ops->ndo_neigh_setup && ops->ndo_neigh_setup(dev, p)) {
1494 release_net(net);
1495 dev_put(dev);
1496 kfree(p);
1497 return NULL;
1498 }
1499
1500 write_lock_bh(&tbl->lock);
1501 p->next = tbl->parms.next;
1502 tbl->parms.next = p;
1503 write_unlock_bh(&tbl->lock);
1504
1505 neigh_parms_data_state_cleanall(p);
1506 }
1507 return p;
1508 }
1509 EXPORT_SYMBOL(neigh_parms_alloc);
1510
neigh_rcu_free_parms(struct rcu_head * head)1511 static void neigh_rcu_free_parms(struct rcu_head *head)
1512 {
1513 struct neigh_parms *parms =
1514 container_of(head, struct neigh_parms, rcu_head);
1515
1516 neigh_parms_put(parms);
1517 }
1518
neigh_parms_release(struct neigh_table * tbl,struct neigh_parms * parms)1519 void neigh_parms_release(struct neigh_table *tbl, struct neigh_parms *parms)
1520 {
1521 struct neigh_parms **p;
1522
1523 if (!parms || parms == &tbl->parms)
1524 return;
1525 write_lock_bh(&tbl->lock);
1526 for (p = &tbl->parms.next; *p; p = &(*p)->next) {
1527 if (*p == parms) {
1528 *p = parms->next;
1529 parms->dead = 1;
1530 write_unlock_bh(&tbl->lock);
1531 if (parms->dev)
1532 dev_put(parms->dev);
1533 call_rcu(&parms->rcu_head, neigh_rcu_free_parms);
1534 return;
1535 }
1536 }
1537 write_unlock_bh(&tbl->lock);
1538 neigh_dbg(1, "%s: not found\n", __func__);
1539 }
1540 EXPORT_SYMBOL(neigh_parms_release);
1541
neigh_parms_destroy(struct neigh_parms * parms)1542 static void neigh_parms_destroy(struct neigh_parms *parms)
1543 {
1544 release_net(neigh_parms_net(parms));
1545 kfree(parms);
1546 }
1547
1548 static struct lock_class_key neigh_table_proxy_queue_class;
1549
neigh_table_init_no_netlink(struct neigh_table * tbl)1550 static void neigh_table_init_no_netlink(struct neigh_table *tbl)
1551 {
1552 unsigned long now = jiffies;
1553 unsigned long phsize;
1554
1555 write_pnet(&tbl->parms.net, &init_net);
1556 atomic_set(&tbl->parms.refcnt, 1);
1557 tbl->parms.reachable_time =
1558 neigh_rand_reach_time(NEIGH_VAR(&tbl->parms, BASE_REACHABLE_TIME));
1559
1560 tbl->stats = alloc_percpu(struct neigh_statistics);
1561 if (!tbl->stats)
1562 panic("cannot create neighbour cache statistics");
1563
1564 #ifdef CONFIG_PROC_FS
1565 if (!proc_create_data(tbl->id, 0, init_net.proc_net_stat,
1566 &neigh_stat_seq_fops, tbl))
1567 panic("cannot create neighbour proc dir entry");
1568 #endif
1569
1570 RCU_INIT_POINTER(tbl->nht, neigh_hash_alloc(3));
1571
1572 phsize = (PNEIGH_HASHMASK + 1) * sizeof(struct pneigh_entry *);
1573 tbl->phash_buckets = kzalloc(phsize, GFP_KERNEL);
1574
1575 if (!tbl->nht || !tbl->phash_buckets)
1576 panic("cannot allocate neighbour cache hashes");
1577
1578 if (!tbl->entry_size)
1579 tbl->entry_size = ALIGN(offsetof(struct neighbour, primary_key) +
1580 tbl->key_len, NEIGH_PRIV_ALIGN);
1581 else
1582 WARN_ON(tbl->entry_size % NEIGH_PRIV_ALIGN);
1583
1584 rwlock_init(&tbl->lock);
1585 INIT_DEFERRABLE_WORK(&tbl->gc_work, neigh_periodic_work);
1586 queue_delayed_work(system_power_efficient_wq, &tbl->gc_work,
1587 tbl->parms.reachable_time);
1588 setup_timer(&tbl->proxy_timer, neigh_proxy_process, (unsigned long)tbl);
1589 skb_queue_head_init_class(&tbl->proxy_queue,
1590 &neigh_table_proxy_queue_class);
1591
1592 tbl->last_flush = now;
1593 tbl->last_rand = now + tbl->parms.reachable_time * 20;
1594 }
1595
neigh_table_init(struct neigh_table * tbl)1596 void neigh_table_init(struct neigh_table *tbl)
1597 {
1598 struct neigh_table *tmp;
1599
1600 neigh_table_init_no_netlink(tbl);
1601 write_lock(&neigh_tbl_lock);
1602 for (tmp = neigh_tables; tmp; tmp = tmp->next) {
1603 if (tmp->family == tbl->family)
1604 break;
1605 }
1606 tbl->next = neigh_tables;
1607 neigh_tables = tbl;
1608 write_unlock(&neigh_tbl_lock);
1609
1610 if (unlikely(tmp)) {
1611 pr_err("Registering multiple tables for family %d\n",
1612 tbl->family);
1613 dump_stack();
1614 }
1615 }
1616 EXPORT_SYMBOL(neigh_table_init);
1617
neigh_table_clear(struct neigh_table * tbl)1618 int neigh_table_clear(struct neigh_table *tbl)
1619 {
1620 struct neigh_table **tp;
1621
1622 /* It is not clean... Fix it to unload IPv6 module safely */
1623 cancel_delayed_work_sync(&tbl->gc_work);
1624 del_timer_sync(&tbl->proxy_timer);
1625 pneigh_queue_purge(&tbl->proxy_queue);
1626 neigh_ifdown(tbl, NULL);
1627 if (atomic_read(&tbl->entries))
1628 pr_crit("neighbour leakage\n");
1629 write_lock(&neigh_tbl_lock);
1630 for (tp = &neigh_tables; *tp; tp = &(*tp)->next) {
1631 if (*tp == tbl) {
1632 *tp = tbl->next;
1633 break;
1634 }
1635 }
1636 write_unlock(&neigh_tbl_lock);
1637
1638 call_rcu(&rcu_dereference_protected(tbl->nht, 1)->rcu,
1639 neigh_hash_free_rcu);
1640 tbl->nht = NULL;
1641
1642 kfree(tbl->phash_buckets);
1643 tbl->phash_buckets = NULL;
1644
1645 remove_proc_entry(tbl->id, init_net.proc_net_stat);
1646
1647 free_percpu(tbl->stats);
1648 tbl->stats = NULL;
1649
1650 return 0;
1651 }
1652 EXPORT_SYMBOL(neigh_table_clear);
1653
neigh_delete(struct sk_buff * skb,struct nlmsghdr * nlh)1654 static int neigh_delete(struct sk_buff *skb, struct nlmsghdr *nlh)
1655 {
1656 struct net *net = sock_net(skb->sk);
1657 struct ndmsg *ndm;
1658 struct nlattr *dst_attr;
1659 struct neigh_table *tbl;
1660 struct net_device *dev = NULL;
1661 int err = -EINVAL;
1662
1663 ASSERT_RTNL();
1664 if (nlmsg_len(nlh) < sizeof(*ndm))
1665 goto out;
1666
1667 dst_attr = nlmsg_find_attr(nlh, sizeof(*ndm), NDA_DST);
1668 if (dst_attr == NULL)
1669 goto out;
1670
1671 ndm = nlmsg_data(nlh);
1672 if (ndm->ndm_ifindex) {
1673 dev = __dev_get_by_index(net, ndm->ndm_ifindex);
1674 if (dev == NULL) {
1675 err = -ENODEV;
1676 goto out;
1677 }
1678 }
1679
1680 read_lock(&neigh_tbl_lock);
1681 for (tbl = neigh_tables; tbl; tbl = tbl->next) {
1682 struct neighbour *neigh;
1683
1684 if (tbl->family != ndm->ndm_family)
1685 continue;
1686 read_unlock(&neigh_tbl_lock);
1687
1688 if (nla_len(dst_attr) < tbl->key_len)
1689 goto out;
1690
1691 if (ndm->ndm_flags & NTF_PROXY) {
1692 err = pneigh_delete(tbl, net, nla_data(dst_attr), dev);
1693 goto out;
1694 }
1695
1696 if (dev == NULL)
1697 goto out;
1698
1699 neigh = neigh_lookup(tbl, nla_data(dst_attr), dev);
1700 if (neigh == NULL) {
1701 err = -ENOENT;
1702 goto out;
1703 }
1704
1705 err = neigh_update(neigh, NULL, NUD_FAILED,
1706 NEIGH_UPDATE_F_OVERRIDE |
1707 NEIGH_UPDATE_F_ADMIN);
1708 neigh_release(neigh);
1709 goto out;
1710 }
1711 read_unlock(&neigh_tbl_lock);
1712 err = -EAFNOSUPPORT;
1713
1714 out:
1715 return err;
1716 }
1717
neigh_add(struct sk_buff * skb,struct nlmsghdr * nlh)1718 static int neigh_add(struct sk_buff *skb, struct nlmsghdr *nlh)
1719 {
1720 struct net *net = sock_net(skb->sk);
1721 struct ndmsg *ndm;
1722 struct nlattr *tb[NDA_MAX+1];
1723 struct neigh_table *tbl;
1724 struct net_device *dev = NULL;
1725 int err;
1726
1727 ASSERT_RTNL();
1728 err = nlmsg_parse(nlh, sizeof(*ndm), tb, NDA_MAX, NULL);
1729 if (err < 0)
1730 goto out;
1731
1732 err = -EINVAL;
1733 if (tb[NDA_DST] == NULL)
1734 goto out;
1735
1736 ndm = nlmsg_data(nlh);
1737 if (ndm->ndm_ifindex) {
1738 dev = __dev_get_by_index(net, ndm->ndm_ifindex);
1739 if (dev == NULL) {
1740 err = -ENODEV;
1741 goto out;
1742 }
1743
1744 if (tb[NDA_LLADDR] && nla_len(tb[NDA_LLADDR]) < dev->addr_len)
1745 goto out;
1746 }
1747
1748 read_lock(&neigh_tbl_lock);
1749 for (tbl = neigh_tables; tbl; tbl = tbl->next) {
1750 int flags = NEIGH_UPDATE_F_ADMIN | NEIGH_UPDATE_F_OVERRIDE;
1751 struct neighbour *neigh;
1752 void *dst, *lladdr;
1753
1754 if (tbl->family != ndm->ndm_family)
1755 continue;
1756 read_unlock(&neigh_tbl_lock);
1757
1758 if (nla_len(tb[NDA_DST]) < tbl->key_len)
1759 goto out;
1760 dst = nla_data(tb[NDA_DST]);
1761 lladdr = tb[NDA_LLADDR] ? nla_data(tb[NDA_LLADDR]) : NULL;
1762
1763 if (ndm->ndm_flags & NTF_PROXY) {
1764 struct pneigh_entry *pn;
1765
1766 err = -ENOBUFS;
1767 pn = pneigh_lookup(tbl, net, dst, dev, 1);
1768 if (pn) {
1769 pn->flags = ndm->ndm_flags;
1770 err = 0;
1771 }
1772 goto out;
1773 }
1774
1775 if (dev == NULL)
1776 goto out;
1777
1778 neigh = neigh_lookup(tbl, dst, dev);
1779 if (neigh == NULL) {
1780 if (!(nlh->nlmsg_flags & NLM_F_CREATE)) {
1781 err = -ENOENT;
1782 goto out;
1783 }
1784
1785 neigh = __neigh_lookup_errno(tbl, dst, dev);
1786 if (IS_ERR(neigh)) {
1787 err = PTR_ERR(neigh);
1788 goto out;
1789 }
1790 } else {
1791 if (nlh->nlmsg_flags & NLM_F_EXCL) {
1792 err = -EEXIST;
1793 neigh_release(neigh);
1794 goto out;
1795 }
1796
1797 if (!(nlh->nlmsg_flags & NLM_F_REPLACE))
1798 flags &= ~NEIGH_UPDATE_F_OVERRIDE;
1799 }
1800
1801 if (ndm->ndm_flags & NTF_USE) {
1802 neigh_event_send(neigh, NULL);
1803 err = 0;
1804 } else
1805 err = neigh_update(neigh, lladdr, ndm->ndm_state, flags);
1806 neigh_release(neigh);
1807 goto out;
1808 }
1809
1810 read_unlock(&neigh_tbl_lock);
1811 err = -EAFNOSUPPORT;
1812 out:
1813 return err;
1814 }
1815
neightbl_fill_parms(struct sk_buff * skb,struct neigh_parms * parms)1816 static int neightbl_fill_parms(struct sk_buff *skb, struct neigh_parms *parms)
1817 {
1818 struct nlattr *nest;
1819
1820 nest = nla_nest_start(skb, NDTA_PARMS);
1821 if (nest == NULL)
1822 return -ENOBUFS;
1823
1824 if ((parms->dev &&
1825 nla_put_u32(skb, NDTPA_IFINDEX, parms->dev->ifindex)) ||
1826 nla_put_u32(skb, NDTPA_REFCNT, atomic_read(&parms->refcnt)) ||
1827 nla_put_u32(skb, NDTPA_QUEUE_LENBYTES,
1828 NEIGH_VAR(parms, QUEUE_LEN_BYTES)) ||
1829 /* approximative value for deprecated QUEUE_LEN (in packets) */
1830 nla_put_u32(skb, NDTPA_QUEUE_LEN,
1831 NEIGH_VAR(parms, QUEUE_LEN_BYTES) / SKB_TRUESIZE(ETH_FRAME_LEN)) ||
1832 nla_put_u32(skb, NDTPA_PROXY_QLEN, NEIGH_VAR(parms, PROXY_QLEN)) ||
1833 nla_put_u32(skb, NDTPA_APP_PROBES, NEIGH_VAR(parms, APP_PROBES)) ||
1834 nla_put_u32(skb, NDTPA_UCAST_PROBES,
1835 NEIGH_VAR(parms, UCAST_PROBES)) ||
1836 nla_put_u32(skb, NDTPA_MCAST_PROBES,
1837 NEIGH_VAR(parms, MCAST_PROBES)) ||
1838 nla_put_msecs(skb, NDTPA_REACHABLE_TIME, parms->reachable_time) ||
1839 nla_put_msecs(skb, NDTPA_BASE_REACHABLE_TIME,
1840 NEIGH_VAR(parms, BASE_REACHABLE_TIME)) ||
1841 nla_put_msecs(skb, NDTPA_GC_STALETIME,
1842 NEIGH_VAR(parms, GC_STALETIME)) ||
1843 nla_put_msecs(skb, NDTPA_DELAY_PROBE_TIME,
1844 NEIGH_VAR(parms, DELAY_PROBE_TIME)) ||
1845 nla_put_msecs(skb, NDTPA_RETRANS_TIME,
1846 NEIGH_VAR(parms, RETRANS_TIME)) ||
1847 nla_put_msecs(skb, NDTPA_ANYCAST_DELAY,
1848 NEIGH_VAR(parms, ANYCAST_DELAY)) ||
1849 nla_put_msecs(skb, NDTPA_PROXY_DELAY,
1850 NEIGH_VAR(parms, PROXY_DELAY)) ||
1851 nla_put_msecs(skb, NDTPA_LOCKTIME,
1852 NEIGH_VAR(parms, LOCKTIME)))
1853 goto nla_put_failure;
1854 return nla_nest_end(skb, nest);
1855
1856 nla_put_failure:
1857 nla_nest_cancel(skb, nest);
1858 return -EMSGSIZE;
1859 }
1860
neightbl_fill_info(struct sk_buff * skb,struct neigh_table * tbl,u32 pid,u32 seq,int type,int flags)1861 static int neightbl_fill_info(struct sk_buff *skb, struct neigh_table *tbl,
1862 u32 pid, u32 seq, int type, int flags)
1863 {
1864 struct nlmsghdr *nlh;
1865 struct ndtmsg *ndtmsg;
1866
1867 nlh = nlmsg_put(skb, pid, seq, type, sizeof(*ndtmsg), flags);
1868 if (nlh == NULL)
1869 return -EMSGSIZE;
1870
1871 ndtmsg = nlmsg_data(nlh);
1872
1873 read_lock_bh(&tbl->lock);
1874 ndtmsg->ndtm_family = tbl->family;
1875 ndtmsg->ndtm_pad1 = 0;
1876 ndtmsg->ndtm_pad2 = 0;
1877
1878 if (nla_put_string(skb, NDTA_NAME, tbl->id) ||
1879 nla_put_msecs(skb, NDTA_GC_INTERVAL, tbl->gc_interval) ||
1880 nla_put_u32(skb, NDTA_THRESH1, tbl->gc_thresh1) ||
1881 nla_put_u32(skb, NDTA_THRESH2, tbl->gc_thresh2) ||
1882 nla_put_u32(skb, NDTA_THRESH3, tbl->gc_thresh3))
1883 goto nla_put_failure;
1884 {
1885 unsigned long now = jiffies;
1886 unsigned int flush_delta = now - tbl->last_flush;
1887 unsigned int rand_delta = now - tbl->last_rand;
1888 struct neigh_hash_table *nht;
1889 struct ndt_config ndc = {
1890 .ndtc_key_len = tbl->key_len,
1891 .ndtc_entry_size = tbl->entry_size,
1892 .ndtc_entries = atomic_read(&tbl->entries),
1893 .ndtc_last_flush = jiffies_to_msecs(flush_delta),
1894 .ndtc_last_rand = jiffies_to_msecs(rand_delta),
1895 .ndtc_proxy_qlen = tbl->proxy_queue.qlen,
1896 };
1897
1898 rcu_read_lock_bh();
1899 nht = rcu_dereference_bh(tbl->nht);
1900 ndc.ndtc_hash_rnd = nht->hash_rnd[0];
1901 ndc.ndtc_hash_mask = ((1 << nht->hash_shift) - 1);
1902 rcu_read_unlock_bh();
1903
1904 if (nla_put(skb, NDTA_CONFIG, sizeof(ndc), &ndc))
1905 goto nla_put_failure;
1906 }
1907
1908 {
1909 int cpu;
1910 struct ndt_stats ndst;
1911
1912 memset(&ndst, 0, sizeof(ndst));
1913
1914 for_each_possible_cpu(cpu) {
1915 struct neigh_statistics *st;
1916
1917 st = per_cpu_ptr(tbl->stats, cpu);
1918 ndst.ndts_allocs += st->allocs;
1919 ndst.ndts_destroys += st->destroys;
1920 ndst.ndts_hash_grows += st->hash_grows;
1921 ndst.ndts_res_failed += st->res_failed;
1922 ndst.ndts_lookups += st->lookups;
1923 ndst.ndts_hits += st->hits;
1924 ndst.ndts_rcv_probes_mcast += st->rcv_probes_mcast;
1925 ndst.ndts_rcv_probes_ucast += st->rcv_probes_ucast;
1926 ndst.ndts_periodic_gc_runs += st->periodic_gc_runs;
1927 ndst.ndts_forced_gc_runs += st->forced_gc_runs;
1928 }
1929
1930 if (nla_put(skb, NDTA_STATS, sizeof(ndst), &ndst))
1931 goto nla_put_failure;
1932 }
1933
1934 BUG_ON(tbl->parms.dev);
1935 if (neightbl_fill_parms(skb, &tbl->parms) < 0)
1936 goto nla_put_failure;
1937
1938 read_unlock_bh(&tbl->lock);
1939 return nlmsg_end(skb, nlh);
1940
1941 nla_put_failure:
1942 read_unlock_bh(&tbl->lock);
1943 nlmsg_cancel(skb, nlh);
1944 return -EMSGSIZE;
1945 }
1946
neightbl_fill_param_info(struct sk_buff * skb,struct neigh_table * tbl,struct neigh_parms * parms,u32 pid,u32 seq,int type,unsigned int flags)1947 static int neightbl_fill_param_info(struct sk_buff *skb,
1948 struct neigh_table *tbl,
1949 struct neigh_parms *parms,
1950 u32 pid, u32 seq, int type,
1951 unsigned int flags)
1952 {
1953 struct ndtmsg *ndtmsg;
1954 struct nlmsghdr *nlh;
1955
1956 nlh = nlmsg_put(skb, pid, seq, type, sizeof(*ndtmsg), flags);
1957 if (nlh == NULL)
1958 return -EMSGSIZE;
1959
1960 ndtmsg = nlmsg_data(nlh);
1961
1962 read_lock_bh(&tbl->lock);
1963 ndtmsg->ndtm_family = tbl->family;
1964 ndtmsg->ndtm_pad1 = 0;
1965 ndtmsg->ndtm_pad2 = 0;
1966
1967 if (nla_put_string(skb, NDTA_NAME, tbl->id) < 0 ||
1968 neightbl_fill_parms(skb, parms) < 0)
1969 goto errout;
1970
1971 read_unlock_bh(&tbl->lock);
1972 return nlmsg_end(skb, nlh);
1973 errout:
1974 read_unlock_bh(&tbl->lock);
1975 nlmsg_cancel(skb, nlh);
1976 return -EMSGSIZE;
1977 }
1978
1979 static const struct nla_policy nl_neightbl_policy[NDTA_MAX+1] = {
1980 [NDTA_NAME] = { .type = NLA_STRING },
1981 [NDTA_THRESH1] = { .type = NLA_U32 },
1982 [NDTA_THRESH2] = { .type = NLA_U32 },
1983 [NDTA_THRESH3] = { .type = NLA_U32 },
1984 [NDTA_GC_INTERVAL] = { .type = NLA_U64 },
1985 [NDTA_PARMS] = { .type = NLA_NESTED },
1986 };
1987
1988 static const struct nla_policy nl_ntbl_parm_policy[NDTPA_MAX+1] = {
1989 [NDTPA_IFINDEX] = { .type = NLA_U32 },
1990 [NDTPA_QUEUE_LEN] = { .type = NLA_U32 },
1991 [NDTPA_PROXY_QLEN] = { .type = NLA_U32 },
1992 [NDTPA_APP_PROBES] = { .type = NLA_U32 },
1993 [NDTPA_UCAST_PROBES] = { .type = NLA_U32 },
1994 [NDTPA_MCAST_PROBES] = { .type = NLA_U32 },
1995 [NDTPA_BASE_REACHABLE_TIME] = { .type = NLA_U64 },
1996 [NDTPA_GC_STALETIME] = { .type = NLA_U64 },
1997 [NDTPA_DELAY_PROBE_TIME] = { .type = NLA_U64 },
1998 [NDTPA_RETRANS_TIME] = { .type = NLA_U64 },
1999 [NDTPA_ANYCAST_DELAY] = { .type = NLA_U64 },
2000 [NDTPA_PROXY_DELAY] = { .type = NLA_U64 },
2001 [NDTPA_LOCKTIME] = { .type = NLA_U64 },
2002 };
2003
neightbl_set(struct sk_buff * skb,struct nlmsghdr * nlh)2004 static int neightbl_set(struct sk_buff *skb, struct nlmsghdr *nlh)
2005 {
2006 struct net *net = sock_net(skb->sk);
2007 struct neigh_table *tbl;
2008 struct ndtmsg *ndtmsg;
2009 struct nlattr *tb[NDTA_MAX+1];
2010 int err;
2011
2012 err = nlmsg_parse(nlh, sizeof(*ndtmsg), tb, NDTA_MAX,
2013 nl_neightbl_policy);
2014 if (err < 0)
2015 goto errout;
2016
2017 if (tb[NDTA_NAME] == NULL) {
2018 err = -EINVAL;
2019 goto errout;
2020 }
2021
2022 ndtmsg = nlmsg_data(nlh);
2023 read_lock(&neigh_tbl_lock);
2024 for (tbl = neigh_tables; tbl; tbl = tbl->next) {
2025 if (ndtmsg->ndtm_family && tbl->family != ndtmsg->ndtm_family)
2026 continue;
2027
2028 if (nla_strcmp(tb[NDTA_NAME], tbl->id) == 0)
2029 break;
2030 }
2031
2032 if (tbl == NULL) {
2033 err = -ENOENT;
2034 goto errout_locked;
2035 }
2036
2037 /*
2038 * We acquire tbl->lock to be nice to the periodic timers and
2039 * make sure they always see a consistent set of values.
2040 */
2041 write_lock_bh(&tbl->lock);
2042
2043 if (tb[NDTA_PARMS]) {
2044 struct nlattr *tbp[NDTPA_MAX+1];
2045 struct neigh_parms *p;
2046 int i, ifindex = 0;
2047
2048 err = nla_parse_nested(tbp, NDTPA_MAX, tb[NDTA_PARMS],
2049 nl_ntbl_parm_policy);
2050 if (err < 0)
2051 goto errout_tbl_lock;
2052
2053 if (tbp[NDTPA_IFINDEX])
2054 ifindex = nla_get_u32(tbp[NDTPA_IFINDEX]);
2055
2056 p = lookup_neigh_parms(tbl, net, ifindex);
2057 if (p == NULL) {
2058 err = -ENOENT;
2059 goto errout_tbl_lock;
2060 }
2061
2062 for (i = 1; i <= NDTPA_MAX; i++) {
2063 if (tbp[i] == NULL)
2064 continue;
2065
2066 switch (i) {
2067 case NDTPA_QUEUE_LEN:
2068 NEIGH_VAR_SET(p, QUEUE_LEN_BYTES,
2069 nla_get_u32(tbp[i]) *
2070 SKB_TRUESIZE(ETH_FRAME_LEN));
2071 break;
2072 case NDTPA_QUEUE_LENBYTES:
2073 NEIGH_VAR_SET(p, QUEUE_LEN_BYTES,
2074 nla_get_u32(tbp[i]));
2075 break;
2076 case NDTPA_PROXY_QLEN:
2077 NEIGH_VAR_SET(p, PROXY_QLEN,
2078 nla_get_u32(tbp[i]));
2079 break;
2080 case NDTPA_APP_PROBES:
2081 NEIGH_VAR_SET(p, APP_PROBES,
2082 nla_get_u32(tbp[i]));
2083 break;
2084 case NDTPA_UCAST_PROBES:
2085 NEIGH_VAR_SET(p, UCAST_PROBES,
2086 nla_get_u32(tbp[i]));
2087 break;
2088 case NDTPA_MCAST_PROBES:
2089 NEIGH_VAR_SET(p, MCAST_PROBES,
2090 nla_get_u32(tbp[i]));
2091 break;
2092 case NDTPA_BASE_REACHABLE_TIME:
2093 NEIGH_VAR_SET(p, BASE_REACHABLE_TIME,
2094 nla_get_msecs(tbp[i]));
2095 break;
2096 case NDTPA_GC_STALETIME:
2097 NEIGH_VAR_SET(p, GC_STALETIME,
2098 nla_get_msecs(tbp[i]));
2099 break;
2100 case NDTPA_DELAY_PROBE_TIME:
2101 NEIGH_VAR_SET(p, DELAY_PROBE_TIME,
2102 nla_get_msecs(tbp[i]));
2103 break;
2104 case NDTPA_RETRANS_TIME:
2105 NEIGH_VAR_SET(p, RETRANS_TIME,
2106 nla_get_msecs(tbp[i]));
2107 break;
2108 case NDTPA_ANYCAST_DELAY:
2109 NEIGH_VAR_SET(p, ANYCAST_DELAY,
2110 nla_get_msecs(tbp[i]));
2111 break;
2112 case NDTPA_PROXY_DELAY:
2113 NEIGH_VAR_SET(p, PROXY_DELAY,
2114 nla_get_msecs(tbp[i]));
2115 break;
2116 case NDTPA_LOCKTIME:
2117 NEIGH_VAR_SET(p, LOCKTIME,
2118 nla_get_msecs(tbp[i]));
2119 break;
2120 }
2121 }
2122 }
2123
2124 err = -ENOENT;
2125 if ((tb[NDTA_THRESH1] || tb[NDTA_THRESH2] ||
2126 tb[NDTA_THRESH3] || tb[NDTA_GC_INTERVAL]) &&
2127 !net_eq(net, &init_net))
2128 goto errout_tbl_lock;
2129
2130 if (tb[NDTA_THRESH1])
2131 tbl->gc_thresh1 = nla_get_u32(tb[NDTA_THRESH1]);
2132
2133 if (tb[NDTA_THRESH2])
2134 tbl->gc_thresh2 = nla_get_u32(tb[NDTA_THRESH2]);
2135
2136 if (tb[NDTA_THRESH3])
2137 tbl->gc_thresh3 = nla_get_u32(tb[NDTA_THRESH3]);
2138
2139 if (tb[NDTA_GC_INTERVAL])
2140 tbl->gc_interval = nla_get_msecs(tb[NDTA_GC_INTERVAL]);
2141
2142 err = 0;
2143
2144 errout_tbl_lock:
2145 write_unlock_bh(&tbl->lock);
2146 errout_locked:
2147 read_unlock(&neigh_tbl_lock);
2148 errout:
2149 return err;
2150 }
2151
neightbl_dump_info(struct sk_buff * skb,struct netlink_callback * cb)2152 static int neightbl_dump_info(struct sk_buff *skb, struct netlink_callback *cb)
2153 {
2154 struct net *net = sock_net(skb->sk);
2155 int family, tidx, nidx = 0;
2156 int tbl_skip = cb->args[0];
2157 int neigh_skip = cb->args[1];
2158 struct neigh_table *tbl;
2159
2160 family = ((struct rtgenmsg *) nlmsg_data(cb->nlh))->rtgen_family;
2161
2162 read_lock(&neigh_tbl_lock);
2163 for (tbl = neigh_tables, tidx = 0; tbl; tbl = tbl->next, tidx++) {
2164 struct neigh_parms *p;
2165
2166 if (tidx < tbl_skip || (family && tbl->family != family))
2167 continue;
2168
2169 if (neightbl_fill_info(skb, tbl, NETLINK_CB(cb->skb).portid,
2170 cb->nlh->nlmsg_seq, RTM_NEWNEIGHTBL,
2171 NLM_F_MULTI) <= 0)
2172 break;
2173
2174 for (nidx = 0, p = tbl->parms.next; p; p = p->next) {
2175 if (!net_eq(neigh_parms_net(p), net))
2176 continue;
2177
2178 if (nidx < neigh_skip)
2179 goto next;
2180
2181 if (neightbl_fill_param_info(skb, tbl, p,
2182 NETLINK_CB(cb->skb).portid,
2183 cb->nlh->nlmsg_seq,
2184 RTM_NEWNEIGHTBL,
2185 NLM_F_MULTI) <= 0)
2186 goto out;
2187 next:
2188 nidx++;
2189 }
2190
2191 neigh_skip = 0;
2192 }
2193 out:
2194 read_unlock(&neigh_tbl_lock);
2195 cb->args[0] = tidx;
2196 cb->args[1] = nidx;
2197
2198 return skb->len;
2199 }
2200
neigh_fill_info(struct sk_buff * skb,struct neighbour * neigh,u32 pid,u32 seq,int type,unsigned int flags)2201 static int neigh_fill_info(struct sk_buff *skb, struct neighbour *neigh,
2202 u32 pid, u32 seq, int type, unsigned int flags)
2203 {
2204 unsigned long now = jiffies;
2205 struct nda_cacheinfo ci;
2206 struct nlmsghdr *nlh;
2207 struct ndmsg *ndm;
2208
2209 nlh = nlmsg_put(skb, pid, seq, type, sizeof(*ndm), flags);
2210 if (nlh == NULL)
2211 return -EMSGSIZE;
2212
2213 ndm = nlmsg_data(nlh);
2214 ndm->ndm_family = neigh->ops->family;
2215 ndm->ndm_pad1 = 0;
2216 ndm->ndm_pad2 = 0;
2217 ndm->ndm_flags = neigh->flags;
2218 ndm->ndm_type = neigh->type;
2219 ndm->ndm_ifindex = neigh->dev->ifindex;
2220
2221 if (nla_put(skb, NDA_DST, neigh->tbl->key_len, neigh->primary_key))
2222 goto nla_put_failure;
2223
2224 read_lock_bh(&neigh->lock);
2225 ndm->ndm_state = neigh->nud_state;
2226 if (neigh->nud_state & NUD_VALID) {
2227 char haddr[MAX_ADDR_LEN];
2228
2229 neigh_ha_snapshot(haddr, neigh, neigh->dev);
2230 if (nla_put(skb, NDA_LLADDR, neigh->dev->addr_len, haddr) < 0) {
2231 read_unlock_bh(&neigh->lock);
2232 goto nla_put_failure;
2233 }
2234 }
2235
2236 ci.ndm_used = jiffies_to_clock_t(now - neigh->used);
2237 ci.ndm_confirmed = jiffies_to_clock_t(now - neigh->confirmed);
2238 ci.ndm_updated = jiffies_to_clock_t(now - neigh->updated);
2239 ci.ndm_refcnt = atomic_read(&neigh->refcnt) - 1;
2240 read_unlock_bh(&neigh->lock);
2241
2242 if (nla_put_u32(skb, NDA_PROBES, atomic_read(&neigh->probes)) ||
2243 nla_put(skb, NDA_CACHEINFO, sizeof(ci), &ci))
2244 goto nla_put_failure;
2245
2246 return nlmsg_end(skb, nlh);
2247
2248 nla_put_failure:
2249 nlmsg_cancel(skb, nlh);
2250 return -EMSGSIZE;
2251 }
2252
pneigh_fill_info(struct sk_buff * skb,struct pneigh_entry * pn,u32 pid,u32 seq,int type,unsigned int flags,struct neigh_table * tbl)2253 static int pneigh_fill_info(struct sk_buff *skb, struct pneigh_entry *pn,
2254 u32 pid, u32 seq, int type, unsigned int flags,
2255 struct neigh_table *tbl)
2256 {
2257 struct nlmsghdr *nlh;
2258 struct ndmsg *ndm;
2259
2260 nlh = nlmsg_put(skb, pid, seq, type, sizeof(*ndm), flags);
2261 if (nlh == NULL)
2262 return -EMSGSIZE;
2263
2264 ndm = nlmsg_data(nlh);
2265 ndm->ndm_family = tbl->family;
2266 ndm->ndm_pad1 = 0;
2267 ndm->ndm_pad2 = 0;
2268 ndm->ndm_flags = pn->flags | NTF_PROXY;
2269 ndm->ndm_type = RTN_UNICAST;
2270 ndm->ndm_ifindex = pn->dev ? pn->dev->ifindex : 0;
2271 ndm->ndm_state = NUD_NONE;
2272
2273 if (nla_put(skb, NDA_DST, tbl->key_len, pn->key))
2274 goto nla_put_failure;
2275
2276 return nlmsg_end(skb, nlh);
2277
2278 nla_put_failure:
2279 nlmsg_cancel(skb, nlh);
2280 return -EMSGSIZE;
2281 }
2282
neigh_update_notify(struct neighbour * neigh)2283 static void neigh_update_notify(struct neighbour *neigh)
2284 {
2285 call_netevent_notifiers(NETEVENT_NEIGH_UPDATE, neigh);
2286 __neigh_notify(neigh, RTM_NEWNEIGH, 0);
2287 }
2288
neigh_dump_table(struct neigh_table * tbl,struct sk_buff * skb,struct netlink_callback * cb)2289 static int neigh_dump_table(struct neigh_table *tbl, struct sk_buff *skb,
2290 struct netlink_callback *cb)
2291 {
2292 struct net *net = sock_net(skb->sk);
2293 struct neighbour *n;
2294 int rc, h, s_h = cb->args[1];
2295 int idx, s_idx = idx = cb->args[2];
2296 struct neigh_hash_table *nht;
2297
2298 rcu_read_lock_bh();
2299 nht = rcu_dereference_bh(tbl->nht);
2300
2301 for (h = s_h; h < (1 << nht->hash_shift); h++) {
2302 if (h > s_h)
2303 s_idx = 0;
2304 for (n = rcu_dereference_bh(nht->hash_buckets[h]), idx = 0;
2305 n != NULL;
2306 n = rcu_dereference_bh(n->next)) {
2307 if (!net_eq(dev_net(n->dev), net))
2308 continue;
2309 if (idx < s_idx)
2310 goto next;
2311 if (neigh_fill_info(skb, n, NETLINK_CB(cb->skb).portid,
2312 cb->nlh->nlmsg_seq,
2313 RTM_NEWNEIGH,
2314 NLM_F_MULTI) <= 0) {
2315 rc = -1;
2316 goto out;
2317 }
2318 next:
2319 idx++;
2320 }
2321 }
2322 rc = skb->len;
2323 out:
2324 rcu_read_unlock_bh();
2325 cb->args[1] = h;
2326 cb->args[2] = idx;
2327 return rc;
2328 }
2329
pneigh_dump_table(struct neigh_table * tbl,struct sk_buff * skb,struct netlink_callback * cb)2330 static int pneigh_dump_table(struct neigh_table *tbl, struct sk_buff *skb,
2331 struct netlink_callback *cb)
2332 {
2333 struct pneigh_entry *n;
2334 struct net *net = sock_net(skb->sk);
2335 int rc, h, s_h = cb->args[3];
2336 int idx, s_idx = idx = cb->args[4];
2337
2338 read_lock_bh(&tbl->lock);
2339
2340 for (h = s_h; h <= PNEIGH_HASHMASK; h++) {
2341 if (h > s_h)
2342 s_idx = 0;
2343 for (n = tbl->phash_buckets[h], idx = 0; n; n = n->next) {
2344 if (pneigh_net(n) != net)
2345 continue;
2346 if (idx < s_idx)
2347 goto next;
2348 if (pneigh_fill_info(skb, n, NETLINK_CB(cb->skb).portid,
2349 cb->nlh->nlmsg_seq,
2350 RTM_NEWNEIGH,
2351 NLM_F_MULTI, tbl) <= 0) {
2352 read_unlock_bh(&tbl->lock);
2353 rc = -1;
2354 goto out;
2355 }
2356 next:
2357 idx++;
2358 }
2359 }
2360
2361 read_unlock_bh(&tbl->lock);
2362 rc = skb->len;
2363 out:
2364 cb->args[3] = h;
2365 cb->args[4] = idx;
2366 return rc;
2367
2368 }
2369
neigh_dump_info(struct sk_buff * skb,struct netlink_callback * cb)2370 static int neigh_dump_info(struct sk_buff *skb, struct netlink_callback *cb)
2371 {
2372 struct neigh_table *tbl;
2373 int t, family, s_t;
2374 int proxy = 0;
2375 int err;
2376
2377 read_lock(&neigh_tbl_lock);
2378 family = ((struct rtgenmsg *) nlmsg_data(cb->nlh))->rtgen_family;
2379
2380 /* check for full ndmsg structure presence, family member is
2381 * the same for both structures
2382 */
2383 if (nlmsg_len(cb->nlh) >= sizeof(struct ndmsg) &&
2384 ((struct ndmsg *) nlmsg_data(cb->nlh))->ndm_flags == NTF_PROXY)
2385 proxy = 1;
2386
2387 s_t = cb->args[0];
2388
2389 for (tbl = neigh_tables, t = 0; tbl;
2390 tbl = tbl->next, t++) {
2391 if (t < s_t || (family && tbl->family != family))
2392 continue;
2393 if (t > s_t)
2394 memset(&cb->args[1], 0, sizeof(cb->args) -
2395 sizeof(cb->args[0]));
2396 if (proxy)
2397 err = pneigh_dump_table(tbl, skb, cb);
2398 else
2399 err = neigh_dump_table(tbl, skb, cb);
2400 if (err < 0)
2401 break;
2402 }
2403 read_unlock(&neigh_tbl_lock);
2404
2405 cb->args[0] = t;
2406 return skb->len;
2407 }
2408
neigh_for_each(struct neigh_table * tbl,void (* cb)(struct neighbour *,void *),void * cookie)2409 void neigh_for_each(struct neigh_table *tbl, void (*cb)(struct neighbour *, void *), void *cookie)
2410 {
2411 int chain;
2412 struct neigh_hash_table *nht;
2413
2414 rcu_read_lock_bh();
2415 nht = rcu_dereference_bh(tbl->nht);
2416
2417 read_lock(&tbl->lock); /* avoid resizes */
2418 for (chain = 0; chain < (1 << nht->hash_shift); chain++) {
2419 struct neighbour *n;
2420
2421 for (n = rcu_dereference_bh(nht->hash_buckets[chain]);
2422 n != NULL;
2423 n = rcu_dereference_bh(n->next))
2424 cb(n, cookie);
2425 }
2426 read_unlock(&tbl->lock);
2427 rcu_read_unlock_bh();
2428 }
2429 EXPORT_SYMBOL(neigh_for_each);
2430
2431 /* The tbl->lock must be held as a writer and BH disabled. */
__neigh_for_each_release(struct neigh_table * tbl,int (* cb)(struct neighbour *))2432 void __neigh_for_each_release(struct neigh_table *tbl,
2433 int (*cb)(struct neighbour *))
2434 {
2435 int chain;
2436 struct neigh_hash_table *nht;
2437
2438 nht = rcu_dereference_protected(tbl->nht,
2439 lockdep_is_held(&tbl->lock));
2440 for (chain = 0; chain < (1 << nht->hash_shift); chain++) {
2441 struct neighbour *n;
2442 struct neighbour __rcu **np;
2443
2444 np = &nht->hash_buckets[chain];
2445 while ((n = rcu_dereference_protected(*np,
2446 lockdep_is_held(&tbl->lock))) != NULL) {
2447 int release;
2448
2449 write_lock(&n->lock);
2450 release = cb(n);
2451 if (release) {
2452 rcu_assign_pointer(*np,
2453 rcu_dereference_protected(n->next,
2454 lockdep_is_held(&tbl->lock)));
2455 n->dead = 1;
2456 } else
2457 np = &n->next;
2458 write_unlock(&n->lock);
2459 if (release)
2460 neigh_cleanup_and_release(n);
2461 }
2462 }
2463 }
2464 EXPORT_SYMBOL(__neigh_for_each_release);
2465
2466 #ifdef CONFIG_PROC_FS
2467
neigh_get_first(struct seq_file * seq)2468 static struct neighbour *neigh_get_first(struct seq_file *seq)
2469 {
2470 struct neigh_seq_state *state = seq->private;
2471 struct net *net = seq_file_net(seq);
2472 struct neigh_hash_table *nht = state->nht;
2473 struct neighbour *n = NULL;
2474 int bucket = state->bucket;
2475
2476 state->flags &= ~NEIGH_SEQ_IS_PNEIGH;
2477 for (bucket = 0; bucket < (1 << nht->hash_shift); bucket++) {
2478 n = rcu_dereference_bh(nht->hash_buckets[bucket]);
2479
2480 while (n) {
2481 if (!net_eq(dev_net(n->dev), net))
2482 goto next;
2483 if (state->neigh_sub_iter) {
2484 loff_t fakep = 0;
2485 void *v;
2486
2487 v = state->neigh_sub_iter(state, n, &fakep);
2488 if (!v)
2489 goto next;
2490 }
2491 if (!(state->flags & NEIGH_SEQ_SKIP_NOARP))
2492 break;
2493 if (n->nud_state & ~NUD_NOARP)
2494 break;
2495 next:
2496 n = rcu_dereference_bh(n->next);
2497 }
2498
2499 if (n)
2500 break;
2501 }
2502 state->bucket = bucket;
2503
2504 return n;
2505 }
2506
neigh_get_next(struct seq_file * seq,struct neighbour * n,loff_t * pos)2507 static struct neighbour *neigh_get_next(struct seq_file *seq,
2508 struct neighbour *n,
2509 loff_t *pos)
2510 {
2511 struct neigh_seq_state *state = seq->private;
2512 struct net *net = seq_file_net(seq);
2513 struct neigh_hash_table *nht = state->nht;
2514
2515 if (state->neigh_sub_iter) {
2516 void *v = state->neigh_sub_iter(state, n, pos);
2517 if (v)
2518 return n;
2519 }
2520 n = rcu_dereference_bh(n->next);
2521
2522 while (1) {
2523 while (n) {
2524 if (!net_eq(dev_net(n->dev), net))
2525 goto next;
2526 if (state->neigh_sub_iter) {
2527 void *v = state->neigh_sub_iter(state, n, pos);
2528 if (v)
2529 return n;
2530 goto next;
2531 }
2532 if (!(state->flags & NEIGH_SEQ_SKIP_NOARP))
2533 break;
2534
2535 if (n->nud_state & ~NUD_NOARP)
2536 break;
2537 next:
2538 n = rcu_dereference_bh(n->next);
2539 }
2540
2541 if (n)
2542 break;
2543
2544 if (++state->bucket >= (1 << nht->hash_shift))
2545 break;
2546
2547 n = rcu_dereference_bh(nht->hash_buckets[state->bucket]);
2548 }
2549
2550 if (n && pos)
2551 --(*pos);
2552 return n;
2553 }
2554
neigh_get_idx(struct seq_file * seq,loff_t * pos)2555 static struct neighbour *neigh_get_idx(struct seq_file *seq, loff_t *pos)
2556 {
2557 struct neighbour *n = neigh_get_first(seq);
2558
2559 if (n) {
2560 --(*pos);
2561 while (*pos) {
2562 n = neigh_get_next(seq, n, pos);
2563 if (!n)
2564 break;
2565 }
2566 }
2567 return *pos ? NULL : n;
2568 }
2569
pneigh_get_first(struct seq_file * seq)2570 static struct pneigh_entry *pneigh_get_first(struct seq_file *seq)
2571 {
2572 struct neigh_seq_state *state = seq->private;
2573 struct net *net = seq_file_net(seq);
2574 struct neigh_table *tbl = state->tbl;
2575 struct pneigh_entry *pn = NULL;
2576 int bucket = state->bucket;
2577
2578 state->flags |= NEIGH_SEQ_IS_PNEIGH;
2579 for (bucket = 0; bucket <= PNEIGH_HASHMASK; bucket++) {
2580 pn = tbl->phash_buckets[bucket];
2581 while (pn && !net_eq(pneigh_net(pn), net))
2582 pn = pn->next;
2583 if (pn)
2584 break;
2585 }
2586 state->bucket = bucket;
2587
2588 return pn;
2589 }
2590
pneigh_get_next(struct seq_file * seq,struct pneigh_entry * pn,loff_t * pos)2591 static struct pneigh_entry *pneigh_get_next(struct seq_file *seq,
2592 struct pneigh_entry *pn,
2593 loff_t *pos)
2594 {
2595 struct neigh_seq_state *state = seq->private;
2596 struct net *net = seq_file_net(seq);
2597 struct neigh_table *tbl = state->tbl;
2598
2599 do {
2600 pn = pn->next;
2601 } while (pn && !net_eq(pneigh_net(pn), net));
2602
2603 while (!pn) {
2604 if (++state->bucket > PNEIGH_HASHMASK)
2605 break;
2606 pn = tbl->phash_buckets[state->bucket];
2607 while (pn && !net_eq(pneigh_net(pn), net))
2608 pn = pn->next;
2609 if (pn)
2610 break;
2611 }
2612
2613 if (pn && pos)
2614 --(*pos);
2615
2616 return pn;
2617 }
2618
pneigh_get_idx(struct seq_file * seq,loff_t * pos)2619 static struct pneigh_entry *pneigh_get_idx(struct seq_file *seq, loff_t *pos)
2620 {
2621 struct pneigh_entry *pn = pneigh_get_first(seq);
2622
2623 if (pn) {
2624 --(*pos);
2625 while (*pos) {
2626 pn = pneigh_get_next(seq, pn, pos);
2627 if (!pn)
2628 break;
2629 }
2630 }
2631 return *pos ? NULL : pn;
2632 }
2633
neigh_get_idx_any(struct seq_file * seq,loff_t * pos)2634 static void *neigh_get_idx_any(struct seq_file *seq, loff_t *pos)
2635 {
2636 struct neigh_seq_state *state = seq->private;
2637 void *rc;
2638 loff_t idxpos = *pos;
2639
2640 rc = neigh_get_idx(seq, &idxpos);
2641 if (!rc && !(state->flags & NEIGH_SEQ_NEIGH_ONLY))
2642 rc = pneigh_get_idx(seq, &idxpos);
2643
2644 return rc;
2645 }
2646
neigh_seq_start(struct seq_file * seq,loff_t * pos,struct neigh_table * tbl,unsigned int neigh_seq_flags)2647 void *neigh_seq_start(struct seq_file *seq, loff_t *pos, struct neigh_table *tbl, unsigned int neigh_seq_flags)
2648 __acquires(rcu_bh)
2649 {
2650 struct neigh_seq_state *state = seq->private;
2651
2652 state->tbl = tbl;
2653 state->bucket = 0;
2654 state->flags = (neigh_seq_flags & ~NEIGH_SEQ_IS_PNEIGH);
2655
2656 rcu_read_lock_bh();
2657 state->nht = rcu_dereference_bh(tbl->nht);
2658
2659 return *pos ? neigh_get_idx_any(seq, pos) : SEQ_START_TOKEN;
2660 }
2661 EXPORT_SYMBOL(neigh_seq_start);
2662
neigh_seq_next(struct seq_file * seq,void * v,loff_t * pos)2663 void *neigh_seq_next(struct seq_file *seq, void *v, loff_t *pos)
2664 {
2665 struct neigh_seq_state *state;
2666 void *rc;
2667
2668 if (v == SEQ_START_TOKEN) {
2669 rc = neigh_get_first(seq);
2670 goto out;
2671 }
2672
2673 state = seq->private;
2674 if (!(state->flags & NEIGH_SEQ_IS_PNEIGH)) {
2675 rc = neigh_get_next(seq, v, NULL);
2676 if (rc)
2677 goto out;
2678 if (!(state->flags & NEIGH_SEQ_NEIGH_ONLY))
2679 rc = pneigh_get_first(seq);
2680 } else {
2681 BUG_ON(state->flags & NEIGH_SEQ_NEIGH_ONLY);
2682 rc = pneigh_get_next(seq, v, NULL);
2683 }
2684 out:
2685 ++(*pos);
2686 return rc;
2687 }
2688 EXPORT_SYMBOL(neigh_seq_next);
2689
neigh_seq_stop(struct seq_file * seq,void * v)2690 void neigh_seq_stop(struct seq_file *seq, void *v)
2691 __releases(rcu_bh)
2692 {
2693 rcu_read_unlock_bh();
2694 }
2695 EXPORT_SYMBOL(neigh_seq_stop);
2696
2697 /* statistics via seq_file */
2698
neigh_stat_seq_start(struct seq_file * seq,loff_t * pos)2699 static void *neigh_stat_seq_start(struct seq_file *seq, loff_t *pos)
2700 {
2701 struct neigh_table *tbl = seq->private;
2702 int cpu;
2703
2704 if (*pos == 0)
2705 return SEQ_START_TOKEN;
2706
2707 for (cpu = *pos-1; cpu < nr_cpu_ids; ++cpu) {
2708 if (!cpu_possible(cpu))
2709 continue;
2710 *pos = cpu+1;
2711 return per_cpu_ptr(tbl->stats, cpu);
2712 }
2713 return NULL;
2714 }
2715
neigh_stat_seq_next(struct seq_file * seq,void * v,loff_t * pos)2716 static void *neigh_stat_seq_next(struct seq_file *seq, void *v, loff_t *pos)
2717 {
2718 struct neigh_table *tbl = seq->private;
2719 int cpu;
2720
2721 for (cpu = *pos; cpu < nr_cpu_ids; ++cpu) {
2722 if (!cpu_possible(cpu))
2723 continue;
2724 *pos = cpu+1;
2725 return per_cpu_ptr(tbl->stats, cpu);
2726 }
2727 return NULL;
2728 }
2729
neigh_stat_seq_stop(struct seq_file * seq,void * v)2730 static void neigh_stat_seq_stop(struct seq_file *seq, void *v)
2731 {
2732
2733 }
2734
neigh_stat_seq_show(struct seq_file * seq,void * v)2735 static int neigh_stat_seq_show(struct seq_file *seq, void *v)
2736 {
2737 struct neigh_table *tbl = seq->private;
2738 struct neigh_statistics *st = v;
2739
2740 if (v == SEQ_START_TOKEN) {
2741 seq_printf(seq, "entries allocs destroys hash_grows lookups hits res_failed rcv_probes_mcast rcv_probes_ucast periodic_gc_runs forced_gc_runs unresolved_discards\n");
2742 return 0;
2743 }
2744
2745 seq_printf(seq, "%08x %08lx %08lx %08lx %08lx %08lx %08lx "
2746 "%08lx %08lx %08lx %08lx %08lx\n",
2747 atomic_read(&tbl->entries),
2748
2749 st->allocs,
2750 st->destroys,
2751 st->hash_grows,
2752
2753 st->lookups,
2754 st->hits,
2755
2756 st->res_failed,
2757
2758 st->rcv_probes_mcast,
2759 st->rcv_probes_ucast,
2760
2761 st->periodic_gc_runs,
2762 st->forced_gc_runs,
2763 st->unres_discards
2764 );
2765
2766 return 0;
2767 }
2768
2769 static const struct seq_operations neigh_stat_seq_ops = {
2770 .start = neigh_stat_seq_start,
2771 .next = neigh_stat_seq_next,
2772 .stop = neigh_stat_seq_stop,
2773 .show = neigh_stat_seq_show,
2774 };
2775
neigh_stat_seq_open(struct inode * inode,struct file * file)2776 static int neigh_stat_seq_open(struct inode *inode, struct file *file)
2777 {
2778 int ret = seq_open(file, &neigh_stat_seq_ops);
2779
2780 if (!ret) {
2781 struct seq_file *sf = file->private_data;
2782 sf->private = PDE_DATA(inode);
2783 }
2784 return ret;
2785 };
2786
2787 static const struct file_operations neigh_stat_seq_fops = {
2788 .owner = THIS_MODULE,
2789 .open = neigh_stat_seq_open,
2790 .read = seq_read,
2791 .llseek = seq_lseek,
2792 .release = seq_release,
2793 };
2794
2795 #endif /* CONFIG_PROC_FS */
2796
neigh_nlmsg_size(void)2797 static inline size_t neigh_nlmsg_size(void)
2798 {
2799 return NLMSG_ALIGN(sizeof(struct ndmsg))
2800 + nla_total_size(MAX_ADDR_LEN) /* NDA_DST */
2801 + nla_total_size(MAX_ADDR_LEN) /* NDA_LLADDR */
2802 + nla_total_size(sizeof(struct nda_cacheinfo))
2803 + nla_total_size(4); /* NDA_PROBES */
2804 }
2805
__neigh_notify(struct neighbour * n,int type,int flags)2806 static void __neigh_notify(struct neighbour *n, int type, int flags)
2807 {
2808 struct net *net = dev_net(n->dev);
2809 struct sk_buff *skb;
2810 int err = -ENOBUFS;
2811
2812 skb = nlmsg_new(neigh_nlmsg_size(), GFP_ATOMIC);
2813 if (skb == NULL)
2814 goto errout;
2815
2816 err = neigh_fill_info(skb, n, 0, 0, type, flags);
2817 if (err < 0) {
2818 /* -EMSGSIZE implies BUG in neigh_nlmsg_size() */
2819 WARN_ON(err == -EMSGSIZE);
2820 kfree_skb(skb);
2821 goto errout;
2822 }
2823 rtnl_notify(skb, net, 0, RTNLGRP_NEIGH, NULL, GFP_ATOMIC);
2824 return;
2825 errout:
2826 if (err < 0)
2827 rtnl_set_sk_err(net, RTNLGRP_NEIGH, err);
2828 }
2829
neigh_app_ns(struct neighbour * n)2830 void neigh_app_ns(struct neighbour *n)
2831 {
2832 __neigh_notify(n, RTM_GETNEIGH, NLM_F_REQUEST);
2833 }
2834 EXPORT_SYMBOL(neigh_app_ns);
2835
2836 #ifdef CONFIG_SYSCTL
2837 static int zero;
2838 static int int_max = INT_MAX;
2839 static int unres_qlen_max = INT_MAX / SKB_TRUESIZE(ETH_FRAME_LEN);
2840
proc_unres_qlen(struct ctl_table * ctl,int write,void __user * buffer,size_t * lenp,loff_t * ppos)2841 static int proc_unres_qlen(struct ctl_table *ctl, int write,
2842 void __user *buffer, size_t *lenp, loff_t *ppos)
2843 {
2844 int size, ret;
2845 struct ctl_table tmp = *ctl;
2846
2847 tmp.extra1 = &zero;
2848 tmp.extra2 = &unres_qlen_max;
2849 tmp.data = &size;
2850
2851 size = *(int *)ctl->data / SKB_TRUESIZE(ETH_FRAME_LEN);
2852 ret = proc_dointvec_minmax(&tmp, write, buffer, lenp, ppos);
2853
2854 if (write && !ret)
2855 *(int *)ctl->data = size * SKB_TRUESIZE(ETH_FRAME_LEN);
2856 return ret;
2857 }
2858
neigh_get_dev_parms_rcu(struct net_device * dev,int family)2859 static struct neigh_parms *neigh_get_dev_parms_rcu(struct net_device *dev,
2860 int family)
2861 {
2862 switch (family) {
2863 case AF_INET:
2864 return __in_dev_arp_parms_get_rcu(dev);
2865 case AF_INET6:
2866 return __in6_dev_nd_parms_get_rcu(dev);
2867 }
2868 return NULL;
2869 }
2870
neigh_copy_dflt_parms(struct net * net,struct neigh_parms * p,int index)2871 static void neigh_copy_dflt_parms(struct net *net, struct neigh_parms *p,
2872 int index)
2873 {
2874 struct net_device *dev;
2875 int family = neigh_parms_family(p);
2876
2877 rcu_read_lock();
2878 for_each_netdev_rcu(net, dev) {
2879 struct neigh_parms *dst_p =
2880 neigh_get_dev_parms_rcu(dev, family);
2881
2882 if (dst_p && !test_bit(index, dst_p->data_state))
2883 dst_p->data[index] = p->data[index];
2884 }
2885 rcu_read_unlock();
2886 }
2887
neigh_proc_update(struct ctl_table * ctl,int write)2888 static void neigh_proc_update(struct ctl_table *ctl, int write)
2889 {
2890 struct net_device *dev = ctl->extra1;
2891 struct neigh_parms *p = ctl->extra2;
2892 struct net *net = neigh_parms_net(p);
2893 int index = (int *) ctl->data - p->data;
2894
2895 if (!write)
2896 return;
2897
2898 set_bit(index, p->data_state);
2899 if (!dev) /* NULL dev means this is default value */
2900 neigh_copy_dflt_parms(net, p, index);
2901 }
2902
neigh_proc_dointvec_zero_intmax(struct ctl_table * ctl,int write,void __user * buffer,size_t * lenp,loff_t * ppos)2903 static int neigh_proc_dointvec_zero_intmax(struct ctl_table *ctl, int write,
2904 void __user *buffer,
2905 size_t *lenp, loff_t *ppos)
2906 {
2907 struct ctl_table tmp = *ctl;
2908 int ret;
2909
2910 tmp.extra1 = &zero;
2911 tmp.extra2 = &int_max;
2912
2913 ret = proc_dointvec_minmax(&tmp, write, buffer, lenp, ppos);
2914 neigh_proc_update(ctl, write);
2915 return ret;
2916 }
2917
neigh_proc_dointvec(struct ctl_table * ctl,int write,void __user * buffer,size_t * lenp,loff_t * ppos)2918 int neigh_proc_dointvec(struct ctl_table *ctl, int write,
2919 void __user *buffer, size_t *lenp, loff_t *ppos)
2920 {
2921 int ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
2922
2923 neigh_proc_update(ctl, write);
2924 return ret;
2925 }
2926 EXPORT_SYMBOL(neigh_proc_dointvec);
2927
neigh_proc_dointvec_jiffies(struct ctl_table * ctl,int write,void __user * buffer,size_t * lenp,loff_t * ppos)2928 int neigh_proc_dointvec_jiffies(struct ctl_table *ctl, int write,
2929 void __user *buffer,
2930 size_t *lenp, loff_t *ppos)
2931 {
2932 int ret = proc_dointvec_jiffies(ctl, write, buffer, lenp, ppos);
2933
2934 neigh_proc_update(ctl, write);
2935 return ret;
2936 }
2937 EXPORT_SYMBOL(neigh_proc_dointvec_jiffies);
2938
neigh_proc_dointvec_userhz_jiffies(struct ctl_table * ctl,int write,void __user * buffer,size_t * lenp,loff_t * ppos)2939 static int neigh_proc_dointvec_userhz_jiffies(struct ctl_table *ctl, int write,
2940 void __user *buffer,
2941 size_t *lenp, loff_t *ppos)
2942 {
2943 int ret = proc_dointvec_userhz_jiffies(ctl, write, buffer, lenp, ppos);
2944
2945 neigh_proc_update(ctl, write);
2946 return ret;
2947 }
2948
neigh_proc_dointvec_ms_jiffies(struct ctl_table * ctl,int write,void __user * buffer,size_t * lenp,loff_t * ppos)2949 int neigh_proc_dointvec_ms_jiffies(struct ctl_table *ctl, int write,
2950 void __user *buffer,
2951 size_t *lenp, loff_t *ppos)
2952 {
2953 int ret = proc_dointvec_ms_jiffies(ctl, write, buffer, lenp, ppos);
2954
2955 neigh_proc_update(ctl, write);
2956 return ret;
2957 }
2958 EXPORT_SYMBOL(neigh_proc_dointvec_ms_jiffies);
2959
neigh_proc_dointvec_unres_qlen(struct ctl_table * ctl,int write,void __user * buffer,size_t * lenp,loff_t * ppos)2960 static int neigh_proc_dointvec_unres_qlen(struct ctl_table *ctl, int write,
2961 void __user *buffer,
2962 size_t *lenp, loff_t *ppos)
2963 {
2964 int ret = proc_unres_qlen(ctl, write, buffer, lenp, ppos);
2965
2966 neigh_proc_update(ctl, write);
2967 return ret;
2968 }
2969
2970 #define NEIGH_PARMS_DATA_OFFSET(index) \
2971 (&((struct neigh_parms *) 0)->data[index])
2972
2973 #define NEIGH_SYSCTL_ENTRY(attr, data_attr, name, mval, proc) \
2974 [NEIGH_VAR_ ## attr] = { \
2975 .procname = name, \
2976 .data = NEIGH_PARMS_DATA_OFFSET(NEIGH_VAR_ ## data_attr), \
2977 .maxlen = sizeof(int), \
2978 .mode = mval, \
2979 .proc_handler = proc, \
2980 }
2981
2982 #define NEIGH_SYSCTL_ZERO_INTMAX_ENTRY(attr, name) \
2983 NEIGH_SYSCTL_ENTRY(attr, attr, name, 0644, neigh_proc_dointvec_zero_intmax)
2984
2985 #define NEIGH_SYSCTL_JIFFIES_ENTRY(attr, name) \
2986 NEIGH_SYSCTL_ENTRY(attr, attr, name, 0644, neigh_proc_dointvec_jiffies)
2987
2988 #define NEIGH_SYSCTL_USERHZ_JIFFIES_ENTRY(attr, name) \
2989 NEIGH_SYSCTL_ENTRY(attr, attr, name, 0644, neigh_proc_dointvec_userhz_jiffies)
2990
2991 #define NEIGH_SYSCTL_MS_JIFFIES_ENTRY(attr, name) \
2992 NEIGH_SYSCTL_ENTRY(attr, attr, name, 0644, neigh_proc_dointvec_ms_jiffies)
2993
2994 #define NEIGH_SYSCTL_MS_JIFFIES_REUSED_ENTRY(attr, data_attr, name) \
2995 NEIGH_SYSCTL_ENTRY(attr, data_attr, name, 0644, neigh_proc_dointvec_ms_jiffies)
2996
2997 #define NEIGH_SYSCTL_UNRES_QLEN_REUSED_ENTRY(attr, data_attr, name) \
2998 NEIGH_SYSCTL_ENTRY(attr, data_attr, name, 0644, neigh_proc_dointvec_unres_qlen)
2999
3000 static struct neigh_sysctl_table {
3001 struct ctl_table_header *sysctl_header;
3002 struct ctl_table neigh_vars[NEIGH_VAR_MAX + 1];
3003 } neigh_sysctl_template __read_mostly = {
3004 .neigh_vars = {
3005 NEIGH_SYSCTL_ZERO_INTMAX_ENTRY(MCAST_PROBES, "mcast_solicit"),
3006 NEIGH_SYSCTL_ZERO_INTMAX_ENTRY(UCAST_PROBES, "ucast_solicit"),
3007 NEIGH_SYSCTL_ZERO_INTMAX_ENTRY(APP_PROBES, "app_solicit"),
3008 NEIGH_SYSCTL_USERHZ_JIFFIES_ENTRY(RETRANS_TIME, "retrans_time"),
3009 NEIGH_SYSCTL_JIFFIES_ENTRY(BASE_REACHABLE_TIME, "base_reachable_time"),
3010 NEIGH_SYSCTL_JIFFIES_ENTRY(DELAY_PROBE_TIME, "delay_first_probe_time"),
3011 NEIGH_SYSCTL_JIFFIES_ENTRY(GC_STALETIME, "gc_stale_time"),
3012 NEIGH_SYSCTL_ZERO_INTMAX_ENTRY(QUEUE_LEN_BYTES, "unres_qlen_bytes"),
3013 NEIGH_SYSCTL_ZERO_INTMAX_ENTRY(PROXY_QLEN, "proxy_qlen"),
3014 NEIGH_SYSCTL_USERHZ_JIFFIES_ENTRY(ANYCAST_DELAY, "anycast_delay"),
3015 NEIGH_SYSCTL_USERHZ_JIFFIES_ENTRY(PROXY_DELAY, "proxy_delay"),
3016 NEIGH_SYSCTL_USERHZ_JIFFIES_ENTRY(LOCKTIME, "locktime"),
3017 NEIGH_SYSCTL_UNRES_QLEN_REUSED_ENTRY(QUEUE_LEN, QUEUE_LEN_BYTES, "unres_qlen"),
3018 NEIGH_SYSCTL_MS_JIFFIES_REUSED_ENTRY(RETRANS_TIME_MS, RETRANS_TIME, "retrans_time_ms"),
3019 NEIGH_SYSCTL_MS_JIFFIES_REUSED_ENTRY(BASE_REACHABLE_TIME_MS, BASE_REACHABLE_TIME, "base_reachable_time_ms"),
3020 [NEIGH_VAR_GC_INTERVAL] = {
3021 .procname = "gc_interval",
3022 .maxlen = sizeof(int),
3023 .mode = 0644,
3024 .proc_handler = proc_dointvec_jiffies,
3025 },
3026 [NEIGH_VAR_GC_THRESH1] = {
3027 .procname = "gc_thresh1",
3028 .maxlen = sizeof(int),
3029 .mode = 0644,
3030 .extra1 = &zero,
3031 .extra2 = &int_max,
3032 .proc_handler = proc_dointvec_minmax,
3033 },
3034 [NEIGH_VAR_GC_THRESH2] = {
3035 .procname = "gc_thresh2",
3036 .maxlen = sizeof(int),
3037 .mode = 0644,
3038 .extra1 = &zero,
3039 .extra2 = &int_max,
3040 .proc_handler = proc_dointvec_minmax,
3041 },
3042 [NEIGH_VAR_GC_THRESH3] = {
3043 .procname = "gc_thresh3",
3044 .maxlen = sizeof(int),
3045 .mode = 0644,
3046 .extra1 = &zero,
3047 .extra2 = &int_max,
3048 .proc_handler = proc_dointvec_minmax,
3049 },
3050 {},
3051 },
3052 };
3053
neigh_sysctl_register(struct net_device * dev,struct neigh_parms * p,proc_handler * handler)3054 int neigh_sysctl_register(struct net_device *dev, struct neigh_parms *p,
3055 proc_handler *handler)
3056 {
3057 int i;
3058 struct neigh_sysctl_table *t;
3059 const char *dev_name_source;
3060 char neigh_path[ sizeof("net//neigh/") + IFNAMSIZ + IFNAMSIZ ];
3061 char *p_name;
3062
3063 t = kmemdup(&neigh_sysctl_template, sizeof(*t), GFP_KERNEL);
3064 if (!t)
3065 goto err;
3066
3067 for (i = 0; i < NEIGH_VAR_GC_INTERVAL; i++) {
3068 t->neigh_vars[i].data += (long) p;
3069 t->neigh_vars[i].extra1 = dev;
3070 t->neigh_vars[i].extra2 = p;
3071 }
3072
3073 if (dev) {
3074 dev_name_source = dev->name;
3075 /* Terminate the table early */
3076 memset(&t->neigh_vars[NEIGH_VAR_GC_INTERVAL], 0,
3077 sizeof(t->neigh_vars[NEIGH_VAR_GC_INTERVAL]));
3078 } else {
3079 struct neigh_table *tbl = p->tbl;
3080 dev_name_source = "default";
3081 t->neigh_vars[NEIGH_VAR_GC_INTERVAL].data = &tbl->gc_interval;
3082 t->neigh_vars[NEIGH_VAR_GC_THRESH1].data = &tbl->gc_thresh1;
3083 t->neigh_vars[NEIGH_VAR_GC_THRESH2].data = &tbl->gc_thresh2;
3084 t->neigh_vars[NEIGH_VAR_GC_THRESH3].data = &tbl->gc_thresh3;
3085 }
3086
3087 if (handler) {
3088 /* RetransTime */
3089 t->neigh_vars[NEIGH_VAR_RETRANS_TIME].proc_handler = handler;
3090 /* ReachableTime */
3091 t->neigh_vars[NEIGH_VAR_BASE_REACHABLE_TIME].proc_handler = handler;
3092 /* RetransTime (in milliseconds)*/
3093 t->neigh_vars[NEIGH_VAR_RETRANS_TIME_MS].proc_handler = handler;
3094 /* ReachableTime (in milliseconds) */
3095 t->neigh_vars[NEIGH_VAR_BASE_REACHABLE_TIME_MS].proc_handler = handler;
3096 }
3097
3098 /* Don't export sysctls to unprivileged users */
3099 if (neigh_parms_net(p)->user_ns != &init_user_ns)
3100 t->neigh_vars[0].procname = NULL;
3101
3102 switch (neigh_parms_family(p)) {
3103 case AF_INET:
3104 p_name = "ipv4";
3105 break;
3106 case AF_INET6:
3107 p_name = "ipv6";
3108 break;
3109 default:
3110 BUG();
3111 }
3112
3113 snprintf(neigh_path, sizeof(neigh_path), "net/%s/neigh/%s",
3114 p_name, dev_name_source);
3115 t->sysctl_header =
3116 register_net_sysctl(neigh_parms_net(p), neigh_path, t->neigh_vars);
3117 if (!t->sysctl_header)
3118 goto free;
3119
3120 p->sysctl_table = t;
3121 return 0;
3122
3123 free:
3124 kfree(t);
3125 err:
3126 return -ENOBUFS;
3127 }
3128 EXPORT_SYMBOL(neigh_sysctl_register);
3129
neigh_sysctl_unregister(struct neigh_parms * p)3130 void neigh_sysctl_unregister(struct neigh_parms *p)
3131 {
3132 if (p->sysctl_table) {
3133 struct neigh_sysctl_table *t = p->sysctl_table;
3134 p->sysctl_table = NULL;
3135 unregister_net_sysctl_table(t->sysctl_header);
3136 kfree(t);
3137 }
3138 }
3139 EXPORT_SYMBOL(neigh_sysctl_unregister);
3140
3141 #endif /* CONFIG_SYSCTL */
3142
neigh_init(void)3143 static int __init neigh_init(void)
3144 {
3145 rtnl_register(PF_UNSPEC, RTM_NEWNEIGH, neigh_add, NULL, NULL);
3146 rtnl_register(PF_UNSPEC, RTM_DELNEIGH, neigh_delete, NULL, NULL);
3147 rtnl_register(PF_UNSPEC, RTM_GETNEIGH, NULL, neigh_dump_info, NULL);
3148
3149 rtnl_register(PF_UNSPEC, RTM_GETNEIGHTBL, NULL, neightbl_dump_info,
3150 NULL);
3151 rtnl_register(PF_UNSPEC, RTM_SETNEIGHTBL, neightbl_set, NULL, NULL);
3152
3153 return 0;
3154 }
3155
3156 subsys_initcall(neigh_init);
3157
3158