1 /*
2 * Generic address resolution entity
3 *
4 * Authors:
5 * Pedro Roque <roque@di.fc.ul.pt>
6 * Alexey Kuznetsov <kuznet@ms2.inr.ac.ru>
7 *
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public License
10 * as published by the Free Software Foundation; either version
11 * 2 of the License, or (at your option) any later version.
12 *
13 * Fixes:
14 * Vitaly E. Lavrov releasing NULL neighbor in neigh_add.
15 * Harald Welte Add neighbour cache statistics like rtstat
16 */
17
18 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
19
20 #include <linux/slab.h>
21 #include <linux/types.h>
22 #include <linux/kernel.h>
23 #include <linux/module.h>
24 #include <linux/socket.h>
25 #include <linux/netdevice.h>
26 #include <linux/proc_fs.h>
27 #ifdef CONFIG_SYSCTL
28 #include <linux/sysctl.h>
29 #endif
30 #include <linux/times.h>
31 #include <net/net_namespace.h>
32 #include <net/neighbour.h>
33 #include <net/dst.h>
34 #include <net/sock.h>
35 #include <net/netevent.h>
36 #include <net/netlink.h>
37 #include <linux/rtnetlink.h>
38 #include <linux/random.h>
39 #include <linux/string.h>
40 #include <linux/log2.h>
41 #include <linux/inetdevice.h>
42 #include <net/addrconf.h>
43
44 #define DEBUG
45 #define NEIGH_DEBUG 1
46 #define neigh_dbg(level, fmt, ...) \
47 do { \
48 if (level <= NEIGH_DEBUG) \
49 pr_debug(fmt, ##__VA_ARGS__); \
50 } while (0)
51
52 #define PNEIGH_HASHMASK 0xF
53
54 static void neigh_timer_handler(unsigned long arg);
55 static void __neigh_notify(struct neighbour *n, int type, int flags);
56 static void neigh_update_notify(struct neighbour *neigh);
57 static int pneigh_ifdown(struct neigh_table *tbl, struct net_device *dev);
58
59 #ifdef CONFIG_PROC_FS
60 static const struct file_operations neigh_stat_seq_fops;
61 #endif
62
63 /*
64 Neighbour hash table buckets are protected with rwlock tbl->lock.
65
66 - All the scans/updates to hash buckets MUST be made under this lock.
67 - NOTHING clever should be made under this lock: no callbacks
68 to protocol backends, no attempts to send something to network.
69 It will result in deadlocks, if backend/driver wants to use neighbour
70 cache.
71 - If the entry requires some non-trivial actions, increase
72 its reference count and release table lock.
73
74 Neighbour entries are protected:
75 - with reference count.
76 - with rwlock neigh->lock
77
78 Reference count prevents destruction.
79
80 neigh->lock mainly serializes ll address data and its validity state.
81 However, the same lock is used to protect another entry fields:
82 - timer
83 - resolution queue
84
85 Again, nothing clever shall be made under neigh->lock,
86 the most complicated procedure, which we allow is dev->hard_header.
87 It is supposed, that dev->hard_header is simplistic and does
88 not make callbacks to neighbour tables.
89 */
90
neigh_blackhole(struct neighbour * neigh,struct sk_buff * skb)91 static int neigh_blackhole(struct neighbour *neigh, struct sk_buff *skb)
92 {
93 kfree_skb(skb);
94 return -ENETDOWN;
95 }
96
neigh_cleanup_and_release(struct neighbour * neigh)97 static void neigh_cleanup_and_release(struct neighbour *neigh)
98 {
99 if (neigh->parms->neigh_cleanup)
100 neigh->parms->neigh_cleanup(neigh);
101
102 __neigh_notify(neigh, RTM_DELNEIGH, 0);
103 neigh_release(neigh);
104 }
105
106 /*
107 * It is random distribution in the interval (1/2)*base...(3/2)*base.
108 * It corresponds to default IPv6 settings and is not overridable,
109 * because it is really reasonable choice.
110 */
111
neigh_rand_reach_time(unsigned long base)112 unsigned long neigh_rand_reach_time(unsigned long base)
113 {
114 return base ? (prandom_u32() % base) + (base >> 1) : 0;
115 }
116 EXPORT_SYMBOL(neigh_rand_reach_time);
117
118
neigh_forced_gc(struct neigh_table * tbl)119 static int neigh_forced_gc(struct neigh_table *tbl)
120 {
121 int shrunk = 0;
122 int i;
123 struct neigh_hash_table *nht;
124
125 NEIGH_CACHE_STAT_INC(tbl, forced_gc_runs);
126
127 write_lock_bh(&tbl->lock);
128 nht = rcu_dereference_protected(tbl->nht,
129 lockdep_is_held(&tbl->lock));
130 for (i = 0; i < (1 << nht->hash_shift); i++) {
131 struct neighbour *n;
132 struct neighbour __rcu **np;
133
134 np = &nht->hash_buckets[i];
135 while ((n = rcu_dereference_protected(*np,
136 lockdep_is_held(&tbl->lock))) != NULL) {
137 /* Neighbour record may be discarded if:
138 * - nobody refers to it.
139 * - it is not permanent
140 */
141 write_lock(&n->lock);
142 if (atomic_read(&n->refcnt) == 1 &&
143 !(n->nud_state & NUD_PERMANENT)) {
144 rcu_assign_pointer(*np,
145 rcu_dereference_protected(n->next,
146 lockdep_is_held(&tbl->lock)));
147 n->dead = 1;
148 shrunk = 1;
149 write_unlock(&n->lock);
150 neigh_cleanup_and_release(n);
151 continue;
152 }
153 write_unlock(&n->lock);
154 np = &n->next;
155 }
156 }
157
158 tbl->last_flush = jiffies;
159
160 write_unlock_bh(&tbl->lock);
161
162 return shrunk;
163 }
164
neigh_add_timer(struct neighbour * n,unsigned long when)165 static void neigh_add_timer(struct neighbour *n, unsigned long when)
166 {
167 neigh_hold(n);
168 if (unlikely(mod_timer(&n->timer, when))) {
169 printk("NEIGH: BUG, double timer add, state is %x\n",
170 n->nud_state);
171 dump_stack();
172 }
173 }
174
neigh_del_timer(struct neighbour * n)175 static int neigh_del_timer(struct neighbour *n)
176 {
177 if ((n->nud_state & NUD_IN_TIMER) &&
178 del_timer(&n->timer)) {
179 neigh_release(n);
180 return 1;
181 }
182 return 0;
183 }
184
pneigh_queue_purge(struct sk_buff_head * list)185 static void pneigh_queue_purge(struct sk_buff_head *list)
186 {
187 struct sk_buff *skb;
188
189 while ((skb = skb_dequeue(list)) != NULL) {
190 dev_put(skb->dev);
191 kfree_skb(skb);
192 }
193 }
194
neigh_flush_dev(struct neigh_table * tbl,struct net_device * dev)195 static void neigh_flush_dev(struct neigh_table *tbl, struct net_device *dev)
196 {
197 int i;
198 struct neigh_hash_table *nht;
199
200 nht = rcu_dereference_protected(tbl->nht,
201 lockdep_is_held(&tbl->lock));
202
203 for (i = 0; i < (1 << nht->hash_shift); i++) {
204 struct neighbour *n;
205 struct neighbour __rcu **np = &nht->hash_buckets[i];
206
207 while ((n = rcu_dereference_protected(*np,
208 lockdep_is_held(&tbl->lock))) != NULL) {
209 if (dev && n->dev != dev) {
210 np = &n->next;
211 continue;
212 }
213 rcu_assign_pointer(*np,
214 rcu_dereference_protected(n->next,
215 lockdep_is_held(&tbl->lock)));
216 write_lock(&n->lock);
217 neigh_del_timer(n);
218 n->dead = 1;
219
220 if (atomic_read(&n->refcnt) != 1) {
221 /* The most unpleasant situation.
222 We must destroy neighbour entry,
223 but someone still uses it.
224
225 The destroy will be delayed until
226 the last user releases us, but
227 we must kill timers etc. and move
228 it to safe state.
229 */
230 __skb_queue_purge(&n->arp_queue);
231 n->arp_queue_len_bytes = 0;
232 n->output = neigh_blackhole;
233 if (n->nud_state & NUD_VALID)
234 n->nud_state = NUD_NOARP;
235 else
236 n->nud_state = NUD_NONE;
237 neigh_dbg(2, "neigh %p is stray\n", n);
238 }
239 write_unlock(&n->lock);
240 neigh_cleanup_and_release(n);
241 }
242 }
243 }
244
neigh_changeaddr(struct neigh_table * tbl,struct net_device * dev)245 void neigh_changeaddr(struct neigh_table *tbl, struct net_device *dev)
246 {
247 write_lock_bh(&tbl->lock);
248 neigh_flush_dev(tbl, dev);
249 write_unlock_bh(&tbl->lock);
250 }
251 EXPORT_SYMBOL(neigh_changeaddr);
252
neigh_ifdown(struct neigh_table * tbl,struct net_device * dev)253 int neigh_ifdown(struct neigh_table *tbl, struct net_device *dev)
254 {
255 write_lock_bh(&tbl->lock);
256 neigh_flush_dev(tbl, dev);
257 pneigh_ifdown(tbl, dev);
258 write_unlock_bh(&tbl->lock);
259
260 del_timer_sync(&tbl->proxy_timer);
261 pneigh_queue_purge(&tbl->proxy_queue);
262 return 0;
263 }
264 EXPORT_SYMBOL(neigh_ifdown);
265
neigh_alloc(struct neigh_table * tbl,struct net_device * dev)266 static struct neighbour *neigh_alloc(struct neigh_table *tbl, struct net_device *dev)
267 {
268 struct neighbour *n = NULL;
269 unsigned long now = jiffies;
270 int entries;
271
272 entries = atomic_inc_return(&tbl->entries) - 1;
273 if (entries >= tbl->gc_thresh3 ||
274 (entries >= tbl->gc_thresh2 &&
275 time_after(now, tbl->last_flush + 5 * HZ))) {
276 if (!neigh_forced_gc(tbl) &&
277 entries >= tbl->gc_thresh3)
278 goto out_entries;
279 }
280
281 n = kzalloc(tbl->entry_size + dev->neigh_priv_len, GFP_ATOMIC);
282 if (!n)
283 goto out_entries;
284
285 __skb_queue_head_init(&n->arp_queue);
286 rwlock_init(&n->lock);
287 seqlock_init(&n->ha_lock);
288 n->updated = n->used = now;
289 n->nud_state = NUD_NONE;
290 n->output = neigh_blackhole;
291 seqlock_init(&n->hh.hh_lock);
292 n->parms = neigh_parms_clone(&tbl->parms);
293 setup_timer(&n->timer, neigh_timer_handler, (unsigned long)n);
294
295 NEIGH_CACHE_STAT_INC(tbl, allocs);
296 n->tbl = tbl;
297 atomic_set(&n->refcnt, 1);
298 n->dead = 1;
299 out:
300 return n;
301
302 out_entries:
303 atomic_dec(&tbl->entries);
304 goto out;
305 }
306
neigh_get_hash_rnd(u32 * x)307 static void neigh_get_hash_rnd(u32 *x)
308 {
309 get_random_bytes(x, sizeof(*x));
310 *x |= 1;
311 }
312
neigh_hash_alloc(unsigned int shift)313 static struct neigh_hash_table *neigh_hash_alloc(unsigned int shift)
314 {
315 size_t size = (1 << shift) * sizeof(struct neighbour *);
316 struct neigh_hash_table *ret;
317 struct neighbour __rcu **buckets;
318 int i;
319
320 ret = kmalloc(sizeof(*ret), GFP_ATOMIC);
321 if (!ret)
322 return NULL;
323 if (size <= PAGE_SIZE)
324 buckets = kzalloc(size, GFP_ATOMIC);
325 else
326 buckets = (struct neighbour __rcu **)
327 __get_free_pages(GFP_ATOMIC | __GFP_ZERO,
328 get_order(size));
329 if (!buckets) {
330 kfree(ret);
331 return NULL;
332 }
333 ret->hash_buckets = buckets;
334 ret->hash_shift = shift;
335 for (i = 0; i < NEIGH_NUM_HASH_RND; i++)
336 neigh_get_hash_rnd(&ret->hash_rnd[i]);
337 return ret;
338 }
339
neigh_hash_free_rcu(struct rcu_head * head)340 static void neigh_hash_free_rcu(struct rcu_head *head)
341 {
342 struct neigh_hash_table *nht = container_of(head,
343 struct neigh_hash_table,
344 rcu);
345 size_t size = (1 << nht->hash_shift) * sizeof(struct neighbour *);
346 struct neighbour __rcu **buckets = nht->hash_buckets;
347
348 if (size <= PAGE_SIZE)
349 kfree(buckets);
350 else
351 free_pages((unsigned long)buckets, get_order(size));
352 kfree(nht);
353 }
354
neigh_hash_grow(struct neigh_table * tbl,unsigned long new_shift)355 static struct neigh_hash_table *neigh_hash_grow(struct neigh_table *tbl,
356 unsigned long new_shift)
357 {
358 unsigned int i, hash;
359 struct neigh_hash_table *new_nht, *old_nht;
360
361 NEIGH_CACHE_STAT_INC(tbl, hash_grows);
362
363 old_nht = rcu_dereference_protected(tbl->nht,
364 lockdep_is_held(&tbl->lock));
365 new_nht = neigh_hash_alloc(new_shift);
366 if (!new_nht)
367 return old_nht;
368
369 for (i = 0; i < (1 << old_nht->hash_shift); i++) {
370 struct neighbour *n, *next;
371
372 for (n = rcu_dereference_protected(old_nht->hash_buckets[i],
373 lockdep_is_held(&tbl->lock));
374 n != NULL;
375 n = next) {
376 hash = tbl->hash(n->primary_key, n->dev,
377 new_nht->hash_rnd);
378
379 hash >>= (32 - new_nht->hash_shift);
380 next = rcu_dereference_protected(n->next,
381 lockdep_is_held(&tbl->lock));
382
383 rcu_assign_pointer(n->next,
384 rcu_dereference_protected(
385 new_nht->hash_buckets[hash],
386 lockdep_is_held(&tbl->lock)));
387 rcu_assign_pointer(new_nht->hash_buckets[hash], n);
388 }
389 }
390
391 rcu_assign_pointer(tbl->nht, new_nht);
392 call_rcu(&old_nht->rcu, neigh_hash_free_rcu);
393 return new_nht;
394 }
395
neigh_lookup(struct neigh_table * tbl,const void * pkey,struct net_device * dev)396 struct neighbour *neigh_lookup(struct neigh_table *tbl, const void *pkey,
397 struct net_device *dev)
398 {
399 struct neighbour *n;
400
401 NEIGH_CACHE_STAT_INC(tbl, lookups);
402
403 rcu_read_lock_bh();
404 n = __neigh_lookup_noref(tbl, pkey, dev);
405 if (n) {
406 if (!atomic_inc_not_zero(&n->refcnt))
407 n = NULL;
408 NEIGH_CACHE_STAT_INC(tbl, hits);
409 }
410
411 rcu_read_unlock_bh();
412 return n;
413 }
414 EXPORT_SYMBOL(neigh_lookup);
415
neigh_lookup_nodev(struct neigh_table * tbl,struct net * net,const void * pkey)416 struct neighbour *neigh_lookup_nodev(struct neigh_table *tbl, struct net *net,
417 const void *pkey)
418 {
419 struct neighbour *n;
420 int key_len = tbl->key_len;
421 u32 hash_val;
422 struct neigh_hash_table *nht;
423
424 NEIGH_CACHE_STAT_INC(tbl, lookups);
425
426 rcu_read_lock_bh();
427 nht = rcu_dereference_bh(tbl->nht);
428 hash_val = tbl->hash(pkey, NULL, nht->hash_rnd) >> (32 - nht->hash_shift);
429
430 for (n = rcu_dereference_bh(nht->hash_buckets[hash_val]);
431 n != NULL;
432 n = rcu_dereference_bh(n->next)) {
433 if (!memcmp(n->primary_key, pkey, key_len) &&
434 net_eq(dev_net(n->dev), net)) {
435 if (!atomic_inc_not_zero(&n->refcnt))
436 n = NULL;
437 NEIGH_CACHE_STAT_INC(tbl, hits);
438 break;
439 }
440 }
441
442 rcu_read_unlock_bh();
443 return n;
444 }
445 EXPORT_SYMBOL(neigh_lookup_nodev);
446
__neigh_create(struct neigh_table * tbl,const void * pkey,struct net_device * dev,bool want_ref)447 struct neighbour *__neigh_create(struct neigh_table *tbl, const void *pkey,
448 struct net_device *dev, bool want_ref)
449 {
450 u32 hash_val;
451 int key_len = tbl->key_len;
452 int error;
453 struct neighbour *n1, *rc, *n = neigh_alloc(tbl, dev);
454 struct neigh_hash_table *nht;
455
456 if (!n) {
457 rc = ERR_PTR(-ENOBUFS);
458 goto out;
459 }
460
461 memcpy(n->primary_key, pkey, key_len);
462 n->dev = dev;
463 dev_hold(dev);
464
465 /* Protocol specific setup. */
466 if (tbl->constructor && (error = tbl->constructor(n)) < 0) {
467 rc = ERR_PTR(error);
468 goto out_neigh_release;
469 }
470
471 if (dev->netdev_ops->ndo_neigh_construct) {
472 error = dev->netdev_ops->ndo_neigh_construct(n);
473 if (error < 0) {
474 rc = ERR_PTR(error);
475 goto out_neigh_release;
476 }
477 }
478
479 /* Device specific setup. */
480 if (n->parms->neigh_setup &&
481 (error = n->parms->neigh_setup(n)) < 0) {
482 rc = ERR_PTR(error);
483 goto out_neigh_release;
484 }
485
486 n->confirmed = jiffies - (NEIGH_VAR(n->parms, BASE_REACHABLE_TIME) << 1);
487
488 write_lock_bh(&tbl->lock);
489 nht = rcu_dereference_protected(tbl->nht,
490 lockdep_is_held(&tbl->lock));
491
492 if (atomic_read(&tbl->entries) > (1 << nht->hash_shift))
493 nht = neigh_hash_grow(tbl, nht->hash_shift + 1);
494
495 hash_val = tbl->hash(pkey, dev, nht->hash_rnd) >> (32 - nht->hash_shift);
496
497 if (n->parms->dead) {
498 rc = ERR_PTR(-EINVAL);
499 goto out_tbl_unlock;
500 }
501
502 for (n1 = rcu_dereference_protected(nht->hash_buckets[hash_val],
503 lockdep_is_held(&tbl->lock));
504 n1 != NULL;
505 n1 = rcu_dereference_protected(n1->next,
506 lockdep_is_held(&tbl->lock))) {
507 if (dev == n1->dev && !memcmp(n1->primary_key, pkey, key_len)) {
508 if (want_ref)
509 neigh_hold(n1);
510 rc = n1;
511 goto out_tbl_unlock;
512 }
513 }
514
515 n->dead = 0;
516 if (want_ref)
517 neigh_hold(n);
518 rcu_assign_pointer(n->next,
519 rcu_dereference_protected(nht->hash_buckets[hash_val],
520 lockdep_is_held(&tbl->lock)));
521 rcu_assign_pointer(nht->hash_buckets[hash_val], n);
522 write_unlock_bh(&tbl->lock);
523 neigh_dbg(2, "neigh %p is created\n", n);
524 rc = n;
525 out:
526 return rc;
527 out_tbl_unlock:
528 write_unlock_bh(&tbl->lock);
529 out_neigh_release:
530 neigh_release(n);
531 goto out;
532 }
533 EXPORT_SYMBOL(__neigh_create);
534
pneigh_hash(const void * pkey,int key_len)535 static u32 pneigh_hash(const void *pkey, int key_len)
536 {
537 u32 hash_val = *(u32 *)(pkey + key_len - 4);
538 hash_val ^= (hash_val >> 16);
539 hash_val ^= hash_val >> 8;
540 hash_val ^= hash_val >> 4;
541 hash_val &= PNEIGH_HASHMASK;
542 return hash_val;
543 }
544
__pneigh_lookup_1(struct pneigh_entry * n,struct net * net,const void * pkey,int key_len,struct net_device * dev)545 static struct pneigh_entry *__pneigh_lookup_1(struct pneigh_entry *n,
546 struct net *net,
547 const void *pkey,
548 int key_len,
549 struct net_device *dev)
550 {
551 while (n) {
552 if (!memcmp(n->key, pkey, key_len) &&
553 net_eq(pneigh_net(n), net) &&
554 (n->dev == dev || !n->dev))
555 return n;
556 n = n->next;
557 }
558 return NULL;
559 }
560
__pneigh_lookup(struct neigh_table * tbl,struct net * net,const void * pkey,struct net_device * dev)561 struct pneigh_entry *__pneigh_lookup(struct neigh_table *tbl,
562 struct net *net, const void *pkey, struct net_device *dev)
563 {
564 int key_len = tbl->key_len;
565 u32 hash_val = pneigh_hash(pkey, key_len);
566
567 return __pneigh_lookup_1(tbl->phash_buckets[hash_val],
568 net, pkey, key_len, dev);
569 }
570 EXPORT_SYMBOL_GPL(__pneigh_lookup);
571
pneigh_lookup(struct neigh_table * tbl,struct net * net,const void * pkey,struct net_device * dev,int creat)572 struct pneigh_entry * pneigh_lookup(struct neigh_table *tbl,
573 struct net *net, const void *pkey,
574 struct net_device *dev, int creat)
575 {
576 struct pneigh_entry *n;
577 int key_len = tbl->key_len;
578 u32 hash_val = pneigh_hash(pkey, key_len);
579
580 read_lock_bh(&tbl->lock);
581 n = __pneigh_lookup_1(tbl->phash_buckets[hash_val],
582 net, pkey, key_len, dev);
583 read_unlock_bh(&tbl->lock);
584
585 if (n || !creat)
586 goto out;
587
588 ASSERT_RTNL();
589
590 n = kmalloc(sizeof(*n) + key_len, GFP_KERNEL);
591 if (!n)
592 goto out;
593
594 write_pnet(&n->net, net);
595 memcpy(n->key, pkey, key_len);
596 n->dev = dev;
597 if (dev)
598 dev_hold(dev);
599
600 if (tbl->pconstructor && tbl->pconstructor(n)) {
601 if (dev)
602 dev_put(dev);
603 kfree(n);
604 n = NULL;
605 goto out;
606 }
607
608 write_lock_bh(&tbl->lock);
609 n->next = tbl->phash_buckets[hash_val];
610 tbl->phash_buckets[hash_val] = n;
611 write_unlock_bh(&tbl->lock);
612 out:
613 return n;
614 }
615 EXPORT_SYMBOL(pneigh_lookup);
616
617
pneigh_delete(struct neigh_table * tbl,struct net * net,const void * pkey,struct net_device * dev)618 int pneigh_delete(struct neigh_table *tbl, struct net *net, const void *pkey,
619 struct net_device *dev)
620 {
621 struct pneigh_entry *n, **np;
622 int key_len = tbl->key_len;
623 u32 hash_val = pneigh_hash(pkey, key_len);
624
625 write_lock_bh(&tbl->lock);
626 for (np = &tbl->phash_buckets[hash_val]; (n = *np) != NULL;
627 np = &n->next) {
628 if (!memcmp(n->key, pkey, key_len) && n->dev == dev &&
629 net_eq(pneigh_net(n), net)) {
630 *np = n->next;
631 write_unlock_bh(&tbl->lock);
632 if (tbl->pdestructor)
633 tbl->pdestructor(n);
634 if (n->dev)
635 dev_put(n->dev);
636 kfree(n);
637 return 0;
638 }
639 }
640 write_unlock_bh(&tbl->lock);
641 return -ENOENT;
642 }
643
pneigh_ifdown(struct neigh_table * tbl,struct net_device * dev)644 static int pneigh_ifdown(struct neigh_table *tbl, struct net_device *dev)
645 {
646 struct pneigh_entry *n, **np;
647 u32 h;
648
649 for (h = 0; h <= PNEIGH_HASHMASK; h++) {
650 np = &tbl->phash_buckets[h];
651 while ((n = *np) != NULL) {
652 if (!dev || n->dev == dev) {
653 *np = n->next;
654 if (tbl->pdestructor)
655 tbl->pdestructor(n);
656 if (n->dev)
657 dev_put(n->dev);
658 kfree(n);
659 continue;
660 }
661 np = &n->next;
662 }
663 }
664 return -ENOENT;
665 }
666
667 static void neigh_parms_destroy(struct neigh_parms *parms);
668
neigh_parms_put(struct neigh_parms * parms)669 static inline void neigh_parms_put(struct neigh_parms *parms)
670 {
671 if (atomic_dec_and_test(&parms->refcnt))
672 neigh_parms_destroy(parms);
673 }
674
675 /*
676 * neighbour must already be out of the table;
677 *
678 */
neigh_destroy(struct neighbour * neigh)679 void neigh_destroy(struct neighbour *neigh)
680 {
681 struct net_device *dev = neigh->dev;
682
683 NEIGH_CACHE_STAT_INC(neigh->tbl, destroys);
684
685 if (!neigh->dead) {
686 pr_warn("Destroying alive neighbour %p\n", neigh);
687 dump_stack();
688 return;
689 }
690
691 if (neigh_del_timer(neigh))
692 pr_warn("Impossible event\n");
693
694 write_lock_bh(&neigh->lock);
695 __skb_queue_purge(&neigh->arp_queue);
696 write_unlock_bh(&neigh->lock);
697 neigh->arp_queue_len_bytes = 0;
698
699 if (dev->netdev_ops->ndo_neigh_destroy)
700 dev->netdev_ops->ndo_neigh_destroy(neigh);
701
702 dev_put(dev);
703 neigh_parms_put(neigh->parms);
704
705 neigh_dbg(2, "neigh %p is destroyed\n", neigh);
706
707 atomic_dec(&neigh->tbl->entries);
708 kfree_rcu(neigh, rcu);
709 }
710 EXPORT_SYMBOL(neigh_destroy);
711
712 /* Neighbour state is suspicious;
713 disable fast path.
714
715 Called with write_locked neigh.
716 */
neigh_suspect(struct neighbour * neigh)717 static void neigh_suspect(struct neighbour *neigh)
718 {
719 neigh_dbg(2, "neigh %p is suspected\n", neigh);
720
721 neigh->output = neigh->ops->output;
722 }
723
724 /* Neighbour state is OK;
725 enable fast path.
726
727 Called with write_locked neigh.
728 */
neigh_connect(struct neighbour * neigh)729 static void neigh_connect(struct neighbour *neigh)
730 {
731 neigh_dbg(2, "neigh %p is connected\n", neigh);
732
733 neigh->output = neigh->ops->connected_output;
734 }
735
neigh_periodic_work(struct work_struct * work)736 static void neigh_periodic_work(struct work_struct *work)
737 {
738 struct neigh_table *tbl = container_of(work, struct neigh_table, gc_work.work);
739 struct neighbour *n;
740 struct neighbour __rcu **np;
741 unsigned int i;
742 struct neigh_hash_table *nht;
743
744 NEIGH_CACHE_STAT_INC(tbl, periodic_gc_runs);
745
746 write_lock_bh(&tbl->lock);
747 nht = rcu_dereference_protected(tbl->nht,
748 lockdep_is_held(&tbl->lock));
749
750 /*
751 * periodically recompute ReachableTime from random function
752 */
753
754 if (time_after(jiffies, tbl->last_rand + 300 * HZ)) {
755 struct neigh_parms *p;
756 tbl->last_rand = jiffies;
757 list_for_each_entry(p, &tbl->parms_list, list)
758 p->reachable_time =
759 neigh_rand_reach_time(NEIGH_VAR(p, BASE_REACHABLE_TIME));
760 }
761
762 if (atomic_read(&tbl->entries) < tbl->gc_thresh1)
763 goto out;
764
765 for (i = 0 ; i < (1 << nht->hash_shift); i++) {
766 np = &nht->hash_buckets[i];
767
768 while ((n = rcu_dereference_protected(*np,
769 lockdep_is_held(&tbl->lock))) != NULL) {
770 unsigned int state;
771
772 write_lock(&n->lock);
773
774 state = n->nud_state;
775 if (state & (NUD_PERMANENT | NUD_IN_TIMER)) {
776 write_unlock(&n->lock);
777 goto next_elt;
778 }
779
780 if (time_before(n->used, n->confirmed))
781 n->used = n->confirmed;
782
783 if (atomic_read(&n->refcnt) == 1 &&
784 (state == NUD_FAILED ||
785 time_after(jiffies, n->used + NEIGH_VAR(n->parms, GC_STALETIME)))) {
786 *np = n->next;
787 n->dead = 1;
788 write_unlock(&n->lock);
789 neigh_cleanup_and_release(n);
790 continue;
791 }
792 write_unlock(&n->lock);
793
794 next_elt:
795 np = &n->next;
796 }
797 /*
798 * It's fine to release lock here, even if hash table
799 * grows while we are preempted.
800 */
801 write_unlock_bh(&tbl->lock);
802 cond_resched();
803 write_lock_bh(&tbl->lock);
804 nht = rcu_dereference_protected(tbl->nht,
805 lockdep_is_held(&tbl->lock));
806 }
807 out:
808 /* Cycle through all hash buckets every BASE_REACHABLE_TIME/2 ticks.
809 * ARP entry timeouts range from 1/2 BASE_REACHABLE_TIME to 3/2
810 * BASE_REACHABLE_TIME.
811 */
812 queue_delayed_work(system_power_efficient_wq, &tbl->gc_work,
813 NEIGH_VAR(&tbl->parms, BASE_REACHABLE_TIME) >> 1);
814 write_unlock_bh(&tbl->lock);
815 }
816
neigh_max_probes(struct neighbour * n)817 static __inline__ int neigh_max_probes(struct neighbour *n)
818 {
819 struct neigh_parms *p = n->parms;
820 return NEIGH_VAR(p, UCAST_PROBES) + NEIGH_VAR(p, APP_PROBES) +
821 (n->nud_state & NUD_PROBE ? NEIGH_VAR(p, MCAST_REPROBES) :
822 NEIGH_VAR(p, MCAST_PROBES));
823 }
824
neigh_invalidate(struct neighbour * neigh)825 static void neigh_invalidate(struct neighbour *neigh)
826 __releases(neigh->lock)
827 __acquires(neigh->lock)
828 {
829 struct sk_buff *skb;
830
831 NEIGH_CACHE_STAT_INC(neigh->tbl, res_failed);
832 neigh_dbg(2, "neigh %p is failed\n", neigh);
833 neigh->updated = jiffies;
834
835 /* It is very thin place. report_unreachable is very complicated
836 routine. Particularly, it can hit the same neighbour entry!
837
838 So that, we try to be accurate and avoid dead loop. --ANK
839 */
840 while (neigh->nud_state == NUD_FAILED &&
841 (skb = __skb_dequeue(&neigh->arp_queue)) != NULL) {
842 write_unlock(&neigh->lock);
843 neigh->ops->error_report(neigh, skb);
844 write_lock(&neigh->lock);
845 }
846 __skb_queue_purge(&neigh->arp_queue);
847 neigh->arp_queue_len_bytes = 0;
848 }
849
neigh_probe(struct neighbour * neigh)850 static void neigh_probe(struct neighbour *neigh)
851 __releases(neigh->lock)
852 {
853 struct sk_buff *skb = skb_peek_tail(&neigh->arp_queue);
854 /* keep skb alive even if arp_queue overflows */
855 if (skb)
856 skb = skb_copy(skb, GFP_ATOMIC);
857 write_unlock(&neigh->lock);
858 neigh->ops->solicit(neigh, skb);
859 atomic_inc(&neigh->probes);
860 kfree_skb(skb);
861 }
862
863 /* Called when a timer expires for a neighbour entry. */
864
neigh_timer_handler(unsigned long arg)865 static void neigh_timer_handler(unsigned long arg)
866 {
867 unsigned long now, next;
868 struct neighbour *neigh = (struct neighbour *)arg;
869 unsigned int state;
870 int notify = 0;
871
872 write_lock(&neigh->lock);
873
874 state = neigh->nud_state;
875 now = jiffies;
876 next = now + HZ;
877
878 if (!(state & NUD_IN_TIMER))
879 goto out;
880
881 if (state & NUD_REACHABLE) {
882 if (time_before_eq(now,
883 neigh->confirmed + neigh->parms->reachable_time)) {
884 neigh_dbg(2, "neigh %p is still alive\n", neigh);
885 next = neigh->confirmed + neigh->parms->reachable_time;
886 } else if (time_before_eq(now,
887 neigh->used +
888 NEIGH_VAR(neigh->parms, DELAY_PROBE_TIME))) {
889 neigh_dbg(2, "neigh %p is delayed\n", neigh);
890 neigh->nud_state = NUD_DELAY;
891 neigh->updated = jiffies;
892 neigh_suspect(neigh);
893 next = now + NEIGH_VAR(neigh->parms, DELAY_PROBE_TIME);
894 } else {
895 neigh_dbg(2, "neigh %p is suspected\n", neigh);
896 neigh->nud_state = NUD_STALE;
897 neigh->updated = jiffies;
898 neigh_suspect(neigh);
899 notify = 1;
900 }
901 } else if (state & NUD_DELAY) {
902 if (time_before_eq(now,
903 neigh->confirmed +
904 NEIGH_VAR(neigh->parms, DELAY_PROBE_TIME))) {
905 neigh_dbg(2, "neigh %p is now reachable\n", neigh);
906 neigh->nud_state = NUD_REACHABLE;
907 neigh->updated = jiffies;
908 neigh_connect(neigh);
909 notify = 1;
910 next = neigh->confirmed + neigh->parms->reachable_time;
911 } else {
912 neigh_dbg(2, "neigh %p is probed\n", neigh);
913 neigh->nud_state = NUD_PROBE;
914 neigh->updated = jiffies;
915 atomic_set(&neigh->probes, 0);
916 next = now + NEIGH_VAR(neigh->parms, RETRANS_TIME);
917 }
918 } else {
919 /* NUD_PROBE|NUD_INCOMPLETE */
920 next = now + NEIGH_VAR(neigh->parms, RETRANS_TIME);
921 }
922
923 if ((neigh->nud_state & (NUD_INCOMPLETE | NUD_PROBE)) &&
924 atomic_read(&neigh->probes) >= neigh_max_probes(neigh)) {
925 neigh->nud_state = NUD_FAILED;
926 notify = 1;
927 neigh_invalidate(neigh);
928 goto out;
929 }
930
931 if (neigh->nud_state & NUD_IN_TIMER) {
932 if (time_before(next, jiffies + HZ/2))
933 next = jiffies + HZ/2;
934 if (!mod_timer(&neigh->timer, next))
935 neigh_hold(neigh);
936 }
937 if (neigh->nud_state & (NUD_INCOMPLETE | NUD_PROBE)) {
938 neigh_probe(neigh);
939 } else {
940 out:
941 write_unlock(&neigh->lock);
942 }
943
944 if (notify)
945 neigh_update_notify(neigh);
946
947 neigh_release(neigh);
948 }
949
__neigh_event_send(struct neighbour * neigh,struct sk_buff * skb)950 int __neigh_event_send(struct neighbour *neigh, struct sk_buff *skb)
951 {
952 int rc;
953 bool immediate_probe = false;
954
955 write_lock_bh(&neigh->lock);
956
957 rc = 0;
958 if (neigh->nud_state & (NUD_CONNECTED | NUD_DELAY | NUD_PROBE))
959 goto out_unlock_bh;
960 if (neigh->dead)
961 goto out_dead;
962
963 if (!(neigh->nud_state & (NUD_STALE | NUD_INCOMPLETE))) {
964 if (NEIGH_VAR(neigh->parms, MCAST_PROBES) +
965 NEIGH_VAR(neigh->parms, APP_PROBES)) {
966 unsigned long next, now = jiffies;
967
968 atomic_set(&neigh->probes,
969 NEIGH_VAR(neigh->parms, UCAST_PROBES));
970 neigh->nud_state = NUD_INCOMPLETE;
971 neigh->updated = now;
972 next = now + max(NEIGH_VAR(neigh->parms, RETRANS_TIME),
973 HZ/2);
974 neigh_add_timer(neigh, next);
975 immediate_probe = true;
976 } else {
977 neigh->nud_state = NUD_FAILED;
978 neigh->updated = jiffies;
979 write_unlock_bh(&neigh->lock);
980
981 kfree_skb(skb);
982 return 1;
983 }
984 } else if (neigh->nud_state & NUD_STALE) {
985 neigh_dbg(2, "neigh %p is delayed\n", neigh);
986 neigh->nud_state = NUD_DELAY;
987 neigh->updated = jiffies;
988 neigh_add_timer(neigh, jiffies +
989 NEIGH_VAR(neigh->parms, DELAY_PROBE_TIME));
990 }
991
992 if (neigh->nud_state == NUD_INCOMPLETE) {
993 if (skb) {
994 while (neigh->arp_queue_len_bytes + skb->truesize >
995 NEIGH_VAR(neigh->parms, QUEUE_LEN_BYTES)) {
996 struct sk_buff *buff;
997
998 buff = __skb_dequeue(&neigh->arp_queue);
999 if (!buff)
1000 break;
1001 neigh->arp_queue_len_bytes -= buff->truesize;
1002 kfree_skb(buff);
1003 NEIGH_CACHE_STAT_INC(neigh->tbl, unres_discards);
1004 }
1005 skb_dst_force(skb);
1006 __skb_queue_tail(&neigh->arp_queue, skb);
1007 neigh->arp_queue_len_bytes += skb->truesize;
1008 }
1009 rc = 1;
1010 }
1011 out_unlock_bh:
1012 if (immediate_probe)
1013 neigh_probe(neigh);
1014 else
1015 write_unlock(&neigh->lock);
1016 local_bh_enable();
1017 return rc;
1018
1019 out_dead:
1020 if (neigh->nud_state & NUD_STALE)
1021 goto out_unlock_bh;
1022 write_unlock_bh(&neigh->lock);
1023 kfree_skb(skb);
1024 return 1;
1025 }
1026 EXPORT_SYMBOL(__neigh_event_send);
1027
neigh_update_hhs(struct neighbour * neigh)1028 static void neigh_update_hhs(struct neighbour *neigh)
1029 {
1030 struct hh_cache *hh;
1031 void (*update)(struct hh_cache*, const struct net_device*, const unsigned char *)
1032 = NULL;
1033
1034 if (neigh->dev->header_ops)
1035 update = neigh->dev->header_ops->cache_update;
1036
1037 if (update) {
1038 hh = &neigh->hh;
1039 if (hh->hh_len) {
1040 write_seqlock_bh(&hh->hh_lock);
1041 update(hh, neigh->dev, neigh->ha);
1042 write_sequnlock_bh(&hh->hh_lock);
1043 }
1044 }
1045 }
1046
1047
1048
1049 /* Generic update routine.
1050 -- lladdr is new lladdr or NULL, if it is not supplied.
1051 -- new is new state.
1052 -- flags
1053 NEIGH_UPDATE_F_OVERRIDE allows to override existing lladdr,
1054 if it is different.
1055 NEIGH_UPDATE_F_WEAK_OVERRIDE will suspect existing "connected"
1056 lladdr instead of overriding it
1057 if it is different.
1058 It also allows to retain current state
1059 if lladdr is unchanged.
1060 NEIGH_UPDATE_F_ADMIN means that the change is administrative.
1061
1062 NEIGH_UPDATE_F_OVERRIDE_ISROUTER allows to override existing
1063 NTF_ROUTER flag.
1064 NEIGH_UPDATE_F_ISROUTER indicates if the neighbour is known as
1065 a router.
1066
1067 Caller MUST hold reference count on the entry.
1068 */
1069
neigh_update(struct neighbour * neigh,const u8 * lladdr,u8 new,u32 flags)1070 int neigh_update(struct neighbour *neigh, const u8 *lladdr, u8 new,
1071 u32 flags)
1072 {
1073 u8 old;
1074 int err;
1075 int notify = 0;
1076 struct net_device *dev;
1077 int update_isrouter = 0;
1078
1079 write_lock_bh(&neigh->lock);
1080
1081 dev = neigh->dev;
1082 old = neigh->nud_state;
1083 err = -EPERM;
1084
1085 if (!(flags & NEIGH_UPDATE_F_ADMIN) &&
1086 (old & (NUD_NOARP | NUD_PERMANENT)))
1087 goto out;
1088 if (neigh->dead)
1089 goto out;
1090
1091 if (!(new & NUD_VALID)) {
1092 neigh_del_timer(neigh);
1093 if (old & NUD_CONNECTED)
1094 neigh_suspect(neigh);
1095 neigh->nud_state = new;
1096 err = 0;
1097 notify = old & NUD_VALID;
1098 if ((old & (NUD_INCOMPLETE | NUD_PROBE)) &&
1099 (new & NUD_FAILED)) {
1100 neigh_invalidate(neigh);
1101 notify = 1;
1102 }
1103 goto out;
1104 }
1105
1106 /* Compare new lladdr with cached one */
1107 if (!dev->addr_len) {
1108 /* First case: device needs no address. */
1109 lladdr = neigh->ha;
1110 } else if (lladdr) {
1111 /* The second case: if something is already cached
1112 and a new address is proposed:
1113 - compare new & old
1114 - if they are different, check override flag
1115 */
1116 if ((old & NUD_VALID) &&
1117 !memcmp(lladdr, neigh->ha, dev->addr_len))
1118 lladdr = neigh->ha;
1119 } else {
1120 /* No address is supplied; if we know something,
1121 use it, otherwise discard the request.
1122 */
1123 err = -EINVAL;
1124 if (!(old & NUD_VALID))
1125 goto out;
1126 lladdr = neigh->ha;
1127 }
1128
1129 if (new & NUD_CONNECTED)
1130 neigh->confirmed = jiffies;
1131 neigh->updated = jiffies;
1132
1133 /* If entry was valid and address is not changed,
1134 do not change entry state, if new one is STALE.
1135 */
1136 err = 0;
1137 update_isrouter = flags & NEIGH_UPDATE_F_OVERRIDE_ISROUTER;
1138 if (old & NUD_VALID) {
1139 if (lladdr != neigh->ha && !(flags & NEIGH_UPDATE_F_OVERRIDE)) {
1140 update_isrouter = 0;
1141 if ((flags & NEIGH_UPDATE_F_WEAK_OVERRIDE) &&
1142 (old & NUD_CONNECTED)) {
1143 lladdr = neigh->ha;
1144 new = NUD_STALE;
1145 } else
1146 goto out;
1147 } else {
1148 if (lladdr == neigh->ha && new == NUD_STALE &&
1149 ((flags & NEIGH_UPDATE_F_WEAK_OVERRIDE) ||
1150 (old & NUD_CONNECTED))
1151 )
1152 new = old;
1153 }
1154 }
1155
1156 if (new != old) {
1157 neigh_del_timer(neigh);
1158 if (new & NUD_IN_TIMER)
1159 neigh_add_timer(neigh, (jiffies +
1160 ((new & NUD_REACHABLE) ?
1161 neigh->parms->reachable_time :
1162 0)));
1163 neigh->nud_state = new;
1164 notify = 1;
1165 }
1166
1167 if (lladdr != neigh->ha) {
1168 write_seqlock(&neigh->ha_lock);
1169 memcpy(&neigh->ha, lladdr, dev->addr_len);
1170 write_sequnlock(&neigh->ha_lock);
1171 neigh_update_hhs(neigh);
1172 if (!(new & NUD_CONNECTED))
1173 neigh->confirmed = jiffies -
1174 (NEIGH_VAR(neigh->parms, BASE_REACHABLE_TIME) << 1);
1175 notify = 1;
1176 }
1177 if (new == old)
1178 goto out;
1179 if (new & NUD_CONNECTED)
1180 neigh_connect(neigh);
1181 else
1182 neigh_suspect(neigh);
1183 if (!(old & NUD_VALID)) {
1184 struct sk_buff *skb;
1185
1186 /* Again: avoid dead loop if something went wrong */
1187
1188 while (neigh->nud_state & NUD_VALID &&
1189 (skb = __skb_dequeue(&neigh->arp_queue)) != NULL) {
1190 struct dst_entry *dst = skb_dst(skb);
1191 struct neighbour *n2, *n1 = neigh;
1192 write_unlock_bh(&neigh->lock);
1193
1194 rcu_read_lock();
1195
1196 /* Why not just use 'neigh' as-is? The problem is that
1197 * things such as shaper, eql, and sch_teql can end up
1198 * using alternative, different, neigh objects to output
1199 * the packet in the output path. So what we need to do
1200 * here is re-lookup the top-level neigh in the path so
1201 * we can reinject the packet there.
1202 */
1203 n2 = NULL;
1204 if (dst) {
1205 n2 = dst_neigh_lookup_skb(dst, skb);
1206 if (n2)
1207 n1 = n2;
1208 }
1209 n1->output(n1, skb);
1210 if (n2)
1211 neigh_release(n2);
1212 rcu_read_unlock();
1213
1214 write_lock_bh(&neigh->lock);
1215 }
1216 __skb_queue_purge(&neigh->arp_queue);
1217 neigh->arp_queue_len_bytes = 0;
1218 }
1219 out:
1220 if (update_isrouter) {
1221 neigh->flags = (flags & NEIGH_UPDATE_F_ISROUTER) ?
1222 (neigh->flags | NTF_ROUTER) :
1223 (neigh->flags & ~NTF_ROUTER);
1224 }
1225 write_unlock_bh(&neigh->lock);
1226
1227 if (notify)
1228 neigh_update_notify(neigh);
1229
1230 return err;
1231 }
1232 EXPORT_SYMBOL(neigh_update);
1233
1234 /* Update the neigh to listen temporarily for probe responses, even if it is
1235 * in a NUD_FAILED state. The caller has to hold neigh->lock for writing.
1236 */
__neigh_set_probe_once(struct neighbour * neigh)1237 void __neigh_set_probe_once(struct neighbour *neigh)
1238 {
1239 if (neigh->dead)
1240 return;
1241 neigh->updated = jiffies;
1242 if (!(neigh->nud_state & NUD_FAILED))
1243 return;
1244 neigh->nud_state = NUD_INCOMPLETE;
1245 atomic_set(&neigh->probes, neigh_max_probes(neigh));
1246 neigh_add_timer(neigh,
1247 jiffies + NEIGH_VAR(neigh->parms, RETRANS_TIME));
1248 }
1249 EXPORT_SYMBOL(__neigh_set_probe_once);
1250
neigh_event_ns(struct neigh_table * tbl,u8 * lladdr,void * saddr,struct net_device * dev)1251 struct neighbour *neigh_event_ns(struct neigh_table *tbl,
1252 u8 *lladdr, void *saddr,
1253 struct net_device *dev)
1254 {
1255 struct neighbour *neigh = __neigh_lookup(tbl, saddr, dev,
1256 lladdr || !dev->addr_len);
1257 if (neigh)
1258 neigh_update(neigh, lladdr, NUD_STALE,
1259 NEIGH_UPDATE_F_OVERRIDE);
1260 return neigh;
1261 }
1262 EXPORT_SYMBOL(neigh_event_ns);
1263
1264 /* called with read_lock_bh(&n->lock); */
neigh_hh_init(struct neighbour * n)1265 static void neigh_hh_init(struct neighbour *n)
1266 {
1267 struct net_device *dev = n->dev;
1268 __be16 prot = n->tbl->protocol;
1269 struct hh_cache *hh = &n->hh;
1270
1271 write_lock_bh(&n->lock);
1272
1273 /* Only one thread can come in here and initialize the
1274 * hh_cache entry.
1275 */
1276 if (!hh->hh_len)
1277 dev->header_ops->cache(n, hh, prot);
1278
1279 write_unlock_bh(&n->lock);
1280 }
1281
1282 /* Slow and careful. */
1283
neigh_resolve_output(struct neighbour * neigh,struct sk_buff * skb)1284 int neigh_resolve_output(struct neighbour *neigh, struct sk_buff *skb)
1285 {
1286 int rc = 0;
1287
1288 if (!neigh_event_send(neigh, skb)) {
1289 int err;
1290 struct net_device *dev = neigh->dev;
1291 unsigned int seq;
1292
1293 if (dev->header_ops->cache && !neigh->hh.hh_len)
1294 neigh_hh_init(neigh);
1295
1296 do {
1297 __skb_pull(skb, skb_network_offset(skb));
1298 seq = read_seqbegin(&neigh->ha_lock);
1299 err = dev_hard_header(skb, dev, ntohs(skb->protocol),
1300 neigh->ha, NULL, skb->len);
1301 } while (read_seqretry(&neigh->ha_lock, seq));
1302
1303 if (err >= 0)
1304 rc = dev_queue_xmit(skb);
1305 else
1306 goto out_kfree_skb;
1307 }
1308 out:
1309 return rc;
1310 out_kfree_skb:
1311 rc = -EINVAL;
1312 kfree_skb(skb);
1313 goto out;
1314 }
1315 EXPORT_SYMBOL(neigh_resolve_output);
1316
1317 /* As fast as possible without hh cache */
1318
neigh_connected_output(struct neighbour * neigh,struct sk_buff * skb)1319 int neigh_connected_output(struct neighbour *neigh, struct sk_buff *skb)
1320 {
1321 struct net_device *dev = neigh->dev;
1322 unsigned int seq;
1323 int err;
1324
1325 do {
1326 __skb_pull(skb, skb_network_offset(skb));
1327 seq = read_seqbegin(&neigh->ha_lock);
1328 err = dev_hard_header(skb, dev, ntohs(skb->protocol),
1329 neigh->ha, NULL, skb->len);
1330 } while (read_seqretry(&neigh->ha_lock, seq));
1331
1332 if (err >= 0)
1333 err = dev_queue_xmit(skb);
1334 else {
1335 err = -EINVAL;
1336 kfree_skb(skb);
1337 }
1338 return err;
1339 }
1340 EXPORT_SYMBOL(neigh_connected_output);
1341
neigh_direct_output(struct neighbour * neigh,struct sk_buff * skb)1342 int neigh_direct_output(struct neighbour *neigh, struct sk_buff *skb)
1343 {
1344 return dev_queue_xmit(skb);
1345 }
1346 EXPORT_SYMBOL(neigh_direct_output);
1347
neigh_proxy_process(unsigned long arg)1348 static void neigh_proxy_process(unsigned long arg)
1349 {
1350 struct neigh_table *tbl = (struct neigh_table *)arg;
1351 long sched_next = 0;
1352 unsigned long now = jiffies;
1353 struct sk_buff *skb, *n;
1354
1355 spin_lock(&tbl->proxy_queue.lock);
1356
1357 skb_queue_walk_safe(&tbl->proxy_queue, skb, n) {
1358 long tdif = NEIGH_CB(skb)->sched_next - now;
1359
1360 if (tdif <= 0) {
1361 struct net_device *dev = skb->dev;
1362
1363 __skb_unlink(skb, &tbl->proxy_queue);
1364 if (tbl->proxy_redo && netif_running(dev)) {
1365 rcu_read_lock();
1366 tbl->proxy_redo(skb);
1367 rcu_read_unlock();
1368 } else {
1369 kfree_skb(skb);
1370 }
1371
1372 dev_put(dev);
1373 } else if (!sched_next || tdif < sched_next)
1374 sched_next = tdif;
1375 }
1376 del_timer(&tbl->proxy_timer);
1377 if (sched_next)
1378 mod_timer(&tbl->proxy_timer, jiffies + sched_next);
1379 spin_unlock(&tbl->proxy_queue.lock);
1380 }
1381
pneigh_enqueue(struct neigh_table * tbl,struct neigh_parms * p,struct sk_buff * skb)1382 void pneigh_enqueue(struct neigh_table *tbl, struct neigh_parms *p,
1383 struct sk_buff *skb)
1384 {
1385 unsigned long now = jiffies;
1386
1387 unsigned long sched_next = now + (prandom_u32() %
1388 NEIGH_VAR(p, PROXY_DELAY));
1389
1390 if (tbl->proxy_queue.qlen > NEIGH_VAR(p, PROXY_QLEN)) {
1391 kfree_skb(skb);
1392 return;
1393 }
1394
1395 NEIGH_CB(skb)->sched_next = sched_next;
1396 NEIGH_CB(skb)->flags |= LOCALLY_ENQUEUED;
1397
1398 spin_lock(&tbl->proxy_queue.lock);
1399 if (del_timer(&tbl->proxy_timer)) {
1400 if (time_before(tbl->proxy_timer.expires, sched_next))
1401 sched_next = tbl->proxy_timer.expires;
1402 }
1403 skb_dst_drop(skb);
1404 dev_hold(skb->dev);
1405 __skb_queue_tail(&tbl->proxy_queue, skb);
1406 mod_timer(&tbl->proxy_timer, sched_next);
1407 spin_unlock(&tbl->proxy_queue.lock);
1408 }
1409 EXPORT_SYMBOL(pneigh_enqueue);
1410
lookup_neigh_parms(struct neigh_table * tbl,struct net * net,int ifindex)1411 static inline struct neigh_parms *lookup_neigh_parms(struct neigh_table *tbl,
1412 struct net *net, int ifindex)
1413 {
1414 struct neigh_parms *p;
1415
1416 list_for_each_entry(p, &tbl->parms_list, list) {
1417 if ((p->dev && p->dev->ifindex == ifindex && net_eq(neigh_parms_net(p), net)) ||
1418 (!p->dev && !ifindex && net_eq(net, &init_net)))
1419 return p;
1420 }
1421
1422 return NULL;
1423 }
1424
neigh_parms_alloc(struct net_device * dev,struct neigh_table * tbl)1425 struct neigh_parms *neigh_parms_alloc(struct net_device *dev,
1426 struct neigh_table *tbl)
1427 {
1428 struct neigh_parms *p;
1429 struct net *net = dev_net(dev);
1430 const struct net_device_ops *ops = dev->netdev_ops;
1431
1432 p = kmemdup(&tbl->parms, sizeof(*p), GFP_KERNEL);
1433 if (p) {
1434 p->tbl = tbl;
1435 atomic_set(&p->refcnt, 1);
1436 p->reachable_time =
1437 neigh_rand_reach_time(NEIGH_VAR(p, BASE_REACHABLE_TIME));
1438 dev_hold(dev);
1439 p->dev = dev;
1440 write_pnet(&p->net, net);
1441 p->sysctl_table = NULL;
1442
1443 if (ops->ndo_neigh_setup && ops->ndo_neigh_setup(dev, p)) {
1444 dev_put(dev);
1445 kfree(p);
1446 return NULL;
1447 }
1448
1449 write_lock_bh(&tbl->lock);
1450 list_add(&p->list, &tbl->parms.list);
1451 write_unlock_bh(&tbl->lock);
1452
1453 neigh_parms_data_state_cleanall(p);
1454 }
1455 return p;
1456 }
1457 EXPORT_SYMBOL(neigh_parms_alloc);
1458
neigh_rcu_free_parms(struct rcu_head * head)1459 static void neigh_rcu_free_parms(struct rcu_head *head)
1460 {
1461 struct neigh_parms *parms =
1462 container_of(head, struct neigh_parms, rcu_head);
1463
1464 neigh_parms_put(parms);
1465 }
1466
neigh_parms_release(struct neigh_table * tbl,struct neigh_parms * parms)1467 void neigh_parms_release(struct neigh_table *tbl, struct neigh_parms *parms)
1468 {
1469 if (!parms || parms == &tbl->parms)
1470 return;
1471 write_lock_bh(&tbl->lock);
1472 list_del(&parms->list);
1473 parms->dead = 1;
1474 write_unlock_bh(&tbl->lock);
1475 if (parms->dev)
1476 dev_put(parms->dev);
1477 call_rcu(&parms->rcu_head, neigh_rcu_free_parms);
1478 }
1479 EXPORT_SYMBOL(neigh_parms_release);
1480
neigh_parms_destroy(struct neigh_parms * parms)1481 static void neigh_parms_destroy(struct neigh_parms *parms)
1482 {
1483 kfree(parms);
1484 }
1485
1486 static struct lock_class_key neigh_table_proxy_queue_class;
1487
1488 static struct neigh_table *neigh_tables[NEIGH_NR_TABLES] __read_mostly;
1489
neigh_table_init(int index,struct neigh_table * tbl)1490 void neigh_table_init(int index, struct neigh_table *tbl)
1491 {
1492 unsigned long now = jiffies;
1493 unsigned long phsize;
1494
1495 INIT_LIST_HEAD(&tbl->parms_list);
1496 list_add(&tbl->parms.list, &tbl->parms_list);
1497 write_pnet(&tbl->parms.net, &init_net);
1498 atomic_set(&tbl->parms.refcnt, 1);
1499 tbl->parms.reachable_time =
1500 neigh_rand_reach_time(NEIGH_VAR(&tbl->parms, BASE_REACHABLE_TIME));
1501
1502 tbl->stats = alloc_percpu(struct neigh_statistics);
1503 if (!tbl->stats)
1504 panic("cannot create neighbour cache statistics");
1505
1506 #ifdef CONFIG_PROC_FS
1507 if (!proc_create_data(tbl->id, 0, init_net.proc_net_stat,
1508 &neigh_stat_seq_fops, tbl))
1509 panic("cannot create neighbour proc dir entry");
1510 #endif
1511
1512 RCU_INIT_POINTER(tbl->nht, neigh_hash_alloc(3));
1513
1514 phsize = (PNEIGH_HASHMASK + 1) * sizeof(struct pneigh_entry *);
1515 tbl->phash_buckets = kzalloc(phsize, GFP_KERNEL);
1516
1517 if (!tbl->nht || !tbl->phash_buckets)
1518 panic("cannot allocate neighbour cache hashes");
1519
1520 if (!tbl->entry_size)
1521 tbl->entry_size = ALIGN(offsetof(struct neighbour, primary_key) +
1522 tbl->key_len, NEIGH_PRIV_ALIGN);
1523 else
1524 WARN_ON(tbl->entry_size % NEIGH_PRIV_ALIGN);
1525
1526 rwlock_init(&tbl->lock);
1527 INIT_DEFERRABLE_WORK(&tbl->gc_work, neigh_periodic_work);
1528 queue_delayed_work(system_power_efficient_wq, &tbl->gc_work,
1529 tbl->parms.reachable_time);
1530 setup_timer(&tbl->proxy_timer, neigh_proxy_process, (unsigned long)tbl);
1531 skb_queue_head_init_class(&tbl->proxy_queue,
1532 &neigh_table_proxy_queue_class);
1533
1534 tbl->last_flush = now;
1535 tbl->last_rand = now + tbl->parms.reachable_time * 20;
1536
1537 neigh_tables[index] = tbl;
1538 }
1539 EXPORT_SYMBOL(neigh_table_init);
1540
neigh_table_clear(int index,struct neigh_table * tbl)1541 int neigh_table_clear(int index, struct neigh_table *tbl)
1542 {
1543 neigh_tables[index] = NULL;
1544 /* It is not clean... Fix it to unload IPv6 module safely */
1545 cancel_delayed_work_sync(&tbl->gc_work);
1546 del_timer_sync(&tbl->proxy_timer);
1547 pneigh_queue_purge(&tbl->proxy_queue);
1548 neigh_ifdown(tbl, NULL);
1549 if (atomic_read(&tbl->entries))
1550 pr_crit("neighbour leakage\n");
1551
1552 call_rcu(&rcu_dereference_protected(tbl->nht, 1)->rcu,
1553 neigh_hash_free_rcu);
1554 tbl->nht = NULL;
1555
1556 kfree(tbl->phash_buckets);
1557 tbl->phash_buckets = NULL;
1558
1559 remove_proc_entry(tbl->id, init_net.proc_net_stat);
1560
1561 free_percpu(tbl->stats);
1562 tbl->stats = NULL;
1563
1564 return 0;
1565 }
1566 EXPORT_SYMBOL(neigh_table_clear);
1567
neigh_find_table(int family)1568 static struct neigh_table *neigh_find_table(int family)
1569 {
1570 struct neigh_table *tbl = NULL;
1571
1572 switch (family) {
1573 case AF_INET:
1574 tbl = neigh_tables[NEIGH_ARP_TABLE];
1575 break;
1576 case AF_INET6:
1577 tbl = neigh_tables[NEIGH_ND_TABLE];
1578 break;
1579 case AF_DECnet:
1580 tbl = neigh_tables[NEIGH_DN_TABLE];
1581 break;
1582 }
1583
1584 return tbl;
1585 }
1586
neigh_delete(struct sk_buff * skb,struct nlmsghdr * nlh)1587 static int neigh_delete(struct sk_buff *skb, struct nlmsghdr *nlh)
1588 {
1589 struct net *net = sock_net(skb->sk);
1590 struct ndmsg *ndm;
1591 struct nlattr *dst_attr;
1592 struct neigh_table *tbl;
1593 struct neighbour *neigh;
1594 struct net_device *dev = NULL;
1595 int err = -EINVAL;
1596
1597 ASSERT_RTNL();
1598 if (nlmsg_len(nlh) < sizeof(*ndm))
1599 goto out;
1600
1601 dst_attr = nlmsg_find_attr(nlh, sizeof(*ndm), NDA_DST);
1602 if (dst_attr == NULL)
1603 goto out;
1604
1605 ndm = nlmsg_data(nlh);
1606 if (ndm->ndm_ifindex) {
1607 dev = __dev_get_by_index(net, ndm->ndm_ifindex);
1608 if (dev == NULL) {
1609 err = -ENODEV;
1610 goto out;
1611 }
1612 }
1613
1614 tbl = neigh_find_table(ndm->ndm_family);
1615 if (tbl == NULL)
1616 return -EAFNOSUPPORT;
1617
1618 if (nla_len(dst_attr) < tbl->key_len)
1619 goto out;
1620
1621 if (ndm->ndm_flags & NTF_PROXY) {
1622 err = pneigh_delete(tbl, net, nla_data(dst_attr), dev);
1623 goto out;
1624 }
1625
1626 if (dev == NULL)
1627 goto out;
1628
1629 neigh = neigh_lookup(tbl, nla_data(dst_attr), dev);
1630 if (neigh == NULL) {
1631 err = -ENOENT;
1632 goto out;
1633 }
1634
1635 err = neigh_update(neigh, NULL, NUD_FAILED,
1636 NEIGH_UPDATE_F_OVERRIDE |
1637 NEIGH_UPDATE_F_ADMIN);
1638 neigh_release(neigh);
1639
1640 out:
1641 return err;
1642 }
1643
neigh_add(struct sk_buff * skb,struct nlmsghdr * nlh)1644 static int neigh_add(struct sk_buff *skb, struct nlmsghdr *nlh)
1645 {
1646 int flags = NEIGH_UPDATE_F_ADMIN | NEIGH_UPDATE_F_OVERRIDE;
1647 struct net *net = sock_net(skb->sk);
1648 struct ndmsg *ndm;
1649 struct nlattr *tb[NDA_MAX+1];
1650 struct neigh_table *tbl;
1651 struct net_device *dev = NULL;
1652 struct neighbour *neigh;
1653 void *dst, *lladdr;
1654 int err;
1655
1656 ASSERT_RTNL();
1657 err = nlmsg_parse(nlh, sizeof(*ndm), tb, NDA_MAX, NULL);
1658 if (err < 0)
1659 goto out;
1660
1661 err = -EINVAL;
1662 if (tb[NDA_DST] == NULL)
1663 goto out;
1664
1665 ndm = nlmsg_data(nlh);
1666 if (ndm->ndm_ifindex) {
1667 dev = __dev_get_by_index(net, ndm->ndm_ifindex);
1668 if (dev == NULL) {
1669 err = -ENODEV;
1670 goto out;
1671 }
1672
1673 if (tb[NDA_LLADDR] && nla_len(tb[NDA_LLADDR]) < dev->addr_len)
1674 goto out;
1675 }
1676
1677 tbl = neigh_find_table(ndm->ndm_family);
1678 if (tbl == NULL)
1679 return -EAFNOSUPPORT;
1680
1681 if (nla_len(tb[NDA_DST]) < tbl->key_len)
1682 goto out;
1683 dst = nla_data(tb[NDA_DST]);
1684 lladdr = tb[NDA_LLADDR] ? nla_data(tb[NDA_LLADDR]) : NULL;
1685
1686 if (ndm->ndm_flags & NTF_PROXY) {
1687 struct pneigh_entry *pn;
1688
1689 err = -ENOBUFS;
1690 pn = pneigh_lookup(tbl, net, dst, dev, 1);
1691 if (pn) {
1692 pn->flags = ndm->ndm_flags;
1693 err = 0;
1694 }
1695 goto out;
1696 }
1697
1698 if (dev == NULL)
1699 goto out;
1700
1701 neigh = neigh_lookup(tbl, dst, dev);
1702 if (neigh == NULL) {
1703 if (!(nlh->nlmsg_flags & NLM_F_CREATE)) {
1704 err = -ENOENT;
1705 goto out;
1706 }
1707
1708 neigh = __neigh_lookup_errno(tbl, dst, dev);
1709 if (IS_ERR(neigh)) {
1710 err = PTR_ERR(neigh);
1711 goto out;
1712 }
1713 } else {
1714 if (nlh->nlmsg_flags & NLM_F_EXCL) {
1715 err = -EEXIST;
1716 neigh_release(neigh);
1717 goto out;
1718 }
1719
1720 if (!(nlh->nlmsg_flags & NLM_F_REPLACE))
1721 flags &= ~NEIGH_UPDATE_F_OVERRIDE;
1722 }
1723
1724 if (ndm->ndm_flags & NTF_USE) {
1725 neigh_event_send(neigh, NULL);
1726 err = 0;
1727 } else
1728 err = neigh_update(neigh, lladdr, ndm->ndm_state, flags);
1729 neigh_release(neigh);
1730
1731 out:
1732 return err;
1733 }
1734
neightbl_fill_parms(struct sk_buff * skb,struct neigh_parms * parms)1735 static int neightbl_fill_parms(struct sk_buff *skb, struct neigh_parms *parms)
1736 {
1737 struct nlattr *nest;
1738
1739 nest = nla_nest_start(skb, NDTA_PARMS);
1740 if (nest == NULL)
1741 return -ENOBUFS;
1742
1743 if ((parms->dev &&
1744 nla_put_u32(skb, NDTPA_IFINDEX, parms->dev->ifindex)) ||
1745 nla_put_u32(skb, NDTPA_REFCNT, atomic_read(&parms->refcnt)) ||
1746 nla_put_u32(skb, NDTPA_QUEUE_LENBYTES,
1747 NEIGH_VAR(parms, QUEUE_LEN_BYTES)) ||
1748 /* approximative value for deprecated QUEUE_LEN (in packets) */
1749 nla_put_u32(skb, NDTPA_QUEUE_LEN,
1750 NEIGH_VAR(parms, QUEUE_LEN_BYTES) / SKB_TRUESIZE(ETH_FRAME_LEN)) ||
1751 nla_put_u32(skb, NDTPA_PROXY_QLEN, NEIGH_VAR(parms, PROXY_QLEN)) ||
1752 nla_put_u32(skb, NDTPA_APP_PROBES, NEIGH_VAR(parms, APP_PROBES)) ||
1753 nla_put_u32(skb, NDTPA_UCAST_PROBES,
1754 NEIGH_VAR(parms, UCAST_PROBES)) ||
1755 nla_put_u32(skb, NDTPA_MCAST_PROBES,
1756 NEIGH_VAR(parms, MCAST_PROBES)) ||
1757 nla_put_u32(skb, NDTPA_MCAST_REPROBES,
1758 NEIGH_VAR(parms, MCAST_REPROBES)) ||
1759 nla_put_msecs(skb, NDTPA_REACHABLE_TIME, parms->reachable_time) ||
1760 nla_put_msecs(skb, NDTPA_BASE_REACHABLE_TIME,
1761 NEIGH_VAR(parms, BASE_REACHABLE_TIME)) ||
1762 nla_put_msecs(skb, NDTPA_GC_STALETIME,
1763 NEIGH_VAR(parms, GC_STALETIME)) ||
1764 nla_put_msecs(skb, NDTPA_DELAY_PROBE_TIME,
1765 NEIGH_VAR(parms, DELAY_PROBE_TIME)) ||
1766 nla_put_msecs(skb, NDTPA_RETRANS_TIME,
1767 NEIGH_VAR(parms, RETRANS_TIME)) ||
1768 nla_put_msecs(skb, NDTPA_ANYCAST_DELAY,
1769 NEIGH_VAR(parms, ANYCAST_DELAY)) ||
1770 nla_put_msecs(skb, NDTPA_PROXY_DELAY,
1771 NEIGH_VAR(parms, PROXY_DELAY)) ||
1772 nla_put_msecs(skb, NDTPA_LOCKTIME,
1773 NEIGH_VAR(parms, LOCKTIME)))
1774 goto nla_put_failure;
1775 return nla_nest_end(skb, nest);
1776
1777 nla_put_failure:
1778 nla_nest_cancel(skb, nest);
1779 return -EMSGSIZE;
1780 }
1781
neightbl_fill_info(struct sk_buff * skb,struct neigh_table * tbl,u32 pid,u32 seq,int type,int flags)1782 static int neightbl_fill_info(struct sk_buff *skb, struct neigh_table *tbl,
1783 u32 pid, u32 seq, int type, int flags)
1784 {
1785 struct nlmsghdr *nlh;
1786 struct ndtmsg *ndtmsg;
1787
1788 nlh = nlmsg_put(skb, pid, seq, type, sizeof(*ndtmsg), flags);
1789 if (nlh == NULL)
1790 return -EMSGSIZE;
1791
1792 ndtmsg = nlmsg_data(nlh);
1793
1794 read_lock_bh(&tbl->lock);
1795 ndtmsg->ndtm_family = tbl->family;
1796 ndtmsg->ndtm_pad1 = 0;
1797 ndtmsg->ndtm_pad2 = 0;
1798
1799 if (nla_put_string(skb, NDTA_NAME, tbl->id) ||
1800 nla_put_msecs(skb, NDTA_GC_INTERVAL, tbl->gc_interval) ||
1801 nla_put_u32(skb, NDTA_THRESH1, tbl->gc_thresh1) ||
1802 nla_put_u32(skb, NDTA_THRESH2, tbl->gc_thresh2) ||
1803 nla_put_u32(skb, NDTA_THRESH3, tbl->gc_thresh3))
1804 goto nla_put_failure;
1805 {
1806 unsigned long now = jiffies;
1807 unsigned int flush_delta = now - tbl->last_flush;
1808 unsigned int rand_delta = now - tbl->last_rand;
1809 struct neigh_hash_table *nht;
1810 struct ndt_config ndc = {
1811 .ndtc_key_len = tbl->key_len,
1812 .ndtc_entry_size = tbl->entry_size,
1813 .ndtc_entries = atomic_read(&tbl->entries),
1814 .ndtc_last_flush = jiffies_to_msecs(flush_delta),
1815 .ndtc_last_rand = jiffies_to_msecs(rand_delta),
1816 .ndtc_proxy_qlen = tbl->proxy_queue.qlen,
1817 };
1818
1819 rcu_read_lock_bh();
1820 nht = rcu_dereference_bh(tbl->nht);
1821 ndc.ndtc_hash_rnd = nht->hash_rnd[0];
1822 ndc.ndtc_hash_mask = ((1 << nht->hash_shift) - 1);
1823 rcu_read_unlock_bh();
1824
1825 if (nla_put(skb, NDTA_CONFIG, sizeof(ndc), &ndc))
1826 goto nla_put_failure;
1827 }
1828
1829 {
1830 int cpu;
1831 struct ndt_stats ndst;
1832
1833 memset(&ndst, 0, sizeof(ndst));
1834
1835 for_each_possible_cpu(cpu) {
1836 struct neigh_statistics *st;
1837
1838 st = per_cpu_ptr(tbl->stats, cpu);
1839 ndst.ndts_allocs += st->allocs;
1840 ndst.ndts_destroys += st->destroys;
1841 ndst.ndts_hash_grows += st->hash_grows;
1842 ndst.ndts_res_failed += st->res_failed;
1843 ndst.ndts_lookups += st->lookups;
1844 ndst.ndts_hits += st->hits;
1845 ndst.ndts_rcv_probes_mcast += st->rcv_probes_mcast;
1846 ndst.ndts_rcv_probes_ucast += st->rcv_probes_ucast;
1847 ndst.ndts_periodic_gc_runs += st->periodic_gc_runs;
1848 ndst.ndts_forced_gc_runs += st->forced_gc_runs;
1849 }
1850
1851 if (nla_put(skb, NDTA_STATS, sizeof(ndst), &ndst))
1852 goto nla_put_failure;
1853 }
1854
1855 BUG_ON(tbl->parms.dev);
1856 if (neightbl_fill_parms(skb, &tbl->parms) < 0)
1857 goto nla_put_failure;
1858
1859 read_unlock_bh(&tbl->lock);
1860 nlmsg_end(skb, nlh);
1861 return 0;
1862
1863 nla_put_failure:
1864 read_unlock_bh(&tbl->lock);
1865 nlmsg_cancel(skb, nlh);
1866 return -EMSGSIZE;
1867 }
1868
neightbl_fill_param_info(struct sk_buff * skb,struct neigh_table * tbl,struct neigh_parms * parms,u32 pid,u32 seq,int type,unsigned int flags)1869 static int neightbl_fill_param_info(struct sk_buff *skb,
1870 struct neigh_table *tbl,
1871 struct neigh_parms *parms,
1872 u32 pid, u32 seq, int type,
1873 unsigned int flags)
1874 {
1875 struct ndtmsg *ndtmsg;
1876 struct nlmsghdr *nlh;
1877
1878 nlh = nlmsg_put(skb, pid, seq, type, sizeof(*ndtmsg), flags);
1879 if (nlh == NULL)
1880 return -EMSGSIZE;
1881
1882 ndtmsg = nlmsg_data(nlh);
1883
1884 read_lock_bh(&tbl->lock);
1885 ndtmsg->ndtm_family = tbl->family;
1886 ndtmsg->ndtm_pad1 = 0;
1887 ndtmsg->ndtm_pad2 = 0;
1888
1889 if (nla_put_string(skb, NDTA_NAME, tbl->id) < 0 ||
1890 neightbl_fill_parms(skb, parms) < 0)
1891 goto errout;
1892
1893 read_unlock_bh(&tbl->lock);
1894 nlmsg_end(skb, nlh);
1895 return 0;
1896 errout:
1897 read_unlock_bh(&tbl->lock);
1898 nlmsg_cancel(skb, nlh);
1899 return -EMSGSIZE;
1900 }
1901
1902 static const struct nla_policy nl_neightbl_policy[NDTA_MAX+1] = {
1903 [NDTA_NAME] = { .type = NLA_STRING },
1904 [NDTA_THRESH1] = { .type = NLA_U32 },
1905 [NDTA_THRESH2] = { .type = NLA_U32 },
1906 [NDTA_THRESH3] = { .type = NLA_U32 },
1907 [NDTA_GC_INTERVAL] = { .type = NLA_U64 },
1908 [NDTA_PARMS] = { .type = NLA_NESTED },
1909 };
1910
1911 static const struct nla_policy nl_ntbl_parm_policy[NDTPA_MAX+1] = {
1912 [NDTPA_IFINDEX] = { .type = NLA_U32 },
1913 [NDTPA_QUEUE_LEN] = { .type = NLA_U32 },
1914 [NDTPA_PROXY_QLEN] = { .type = NLA_U32 },
1915 [NDTPA_APP_PROBES] = { .type = NLA_U32 },
1916 [NDTPA_UCAST_PROBES] = { .type = NLA_U32 },
1917 [NDTPA_MCAST_PROBES] = { .type = NLA_U32 },
1918 [NDTPA_MCAST_REPROBES] = { .type = NLA_U32 },
1919 [NDTPA_BASE_REACHABLE_TIME] = { .type = NLA_U64 },
1920 [NDTPA_GC_STALETIME] = { .type = NLA_U64 },
1921 [NDTPA_DELAY_PROBE_TIME] = { .type = NLA_U64 },
1922 [NDTPA_RETRANS_TIME] = { .type = NLA_U64 },
1923 [NDTPA_ANYCAST_DELAY] = { .type = NLA_U64 },
1924 [NDTPA_PROXY_DELAY] = { .type = NLA_U64 },
1925 [NDTPA_LOCKTIME] = { .type = NLA_U64 },
1926 };
1927
neightbl_set(struct sk_buff * skb,struct nlmsghdr * nlh)1928 static int neightbl_set(struct sk_buff *skb, struct nlmsghdr *nlh)
1929 {
1930 struct net *net = sock_net(skb->sk);
1931 struct neigh_table *tbl;
1932 struct ndtmsg *ndtmsg;
1933 struct nlattr *tb[NDTA_MAX+1];
1934 bool found = false;
1935 int err, tidx;
1936
1937 err = nlmsg_parse(nlh, sizeof(*ndtmsg), tb, NDTA_MAX,
1938 nl_neightbl_policy);
1939 if (err < 0)
1940 goto errout;
1941
1942 if (tb[NDTA_NAME] == NULL) {
1943 err = -EINVAL;
1944 goto errout;
1945 }
1946
1947 ndtmsg = nlmsg_data(nlh);
1948
1949 for (tidx = 0; tidx < NEIGH_NR_TABLES; tidx++) {
1950 tbl = neigh_tables[tidx];
1951 if (!tbl)
1952 continue;
1953 if (ndtmsg->ndtm_family && tbl->family != ndtmsg->ndtm_family)
1954 continue;
1955 if (nla_strcmp(tb[NDTA_NAME], tbl->id) == 0) {
1956 found = true;
1957 break;
1958 }
1959 }
1960
1961 if (!found)
1962 return -ENOENT;
1963
1964 /*
1965 * We acquire tbl->lock to be nice to the periodic timers and
1966 * make sure they always see a consistent set of values.
1967 */
1968 write_lock_bh(&tbl->lock);
1969
1970 if (tb[NDTA_PARMS]) {
1971 struct nlattr *tbp[NDTPA_MAX+1];
1972 struct neigh_parms *p;
1973 int i, ifindex = 0;
1974
1975 err = nla_parse_nested(tbp, NDTPA_MAX, tb[NDTA_PARMS],
1976 nl_ntbl_parm_policy);
1977 if (err < 0)
1978 goto errout_tbl_lock;
1979
1980 if (tbp[NDTPA_IFINDEX])
1981 ifindex = nla_get_u32(tbp[NDTPA_IFINDEX]);
1982
1983 p = lookup_neigh_parms(tbl, net, ifindex);
1984 if (p == NULL) {
1985 err = -ENOENT;
1986 goto errout_tbl_lock;
1987 }
1988
1989 for (i = 1; i <= NDTPA_MAX; i++) {
1990 if (tbp[i] == NULL)
1991 continue;
1992
1993 switch (i) {
1994 case NDTPA_QUEUE_LEN:
1995 NEIGH_VAR_SET(p, QUEUE_LEN_BYTES,
1996 nla_get_u32(tbp[i]) *
1997 SKB_TRUESIZE(ETH_FRAME_LEN));
1998 break;
1999 case NDTPA_QUEUE_LENBYTES:
2000 NEIGH_VAR_SET(p, QUEUE_LEN_BYTES,
2001 nla_get_u32(tbp[i]));
2002 break;
2003 case NDTPA_PROXY_QLEN:
2004 NEIGH_VAR_SET(p, PROXY_QLEN,
2005 nla_get_u32(tbp[i]));
2006 break;
2007 case NDTPA_APP_PROBES:
2008 NEIGH_VAR_SET(p, APP_PROBES,
2009 nla_get_u32(tbp[i]));
2010 break;
2011 case NDTPA_UCAST_PROBES:
2012 NEIGH_VAR_SET(p, UCAST_PROBES,
2013 nla_get_u32(tbp[i]));
2014 break;
2015 case NDTPA_MCAST_PROBES:
2016 NEIGH_VAR_SET(p, MCAST_PROBES,
2017 nla_get_u32(tbp[i]));
2018 break;
2019 case NDTPA_MCAST_REPROBES:
2020 NEIGH_VAR_SET(p, MCAST_REPROBES,
2021 nla_get_u32(tbp[i]));
2022 break;
2023 case NDTPA_BASE_REACHABLE_TIME:
2024 NEIGH_VAR_SET(p, BASE_REACHABLE_TIME,
2025 nla_get_msecs(tbp[i]));
2026 /* update reachable_time as well, otherwise, the change will
2027 * only be effective after the next time neigh_periodic_work
2028 * decides to recompute it (can be multiple minutes)
2029 */
2030 p->reachable_time =
2031 neigh_rand_reach_time(NEIGH_VAR(p, BASE_REACHABLE_TIME));
2032 break;
2033 case NDTPA_GC_STALETIME:
2034 NEIGH_VAR_SET(p, GC_STALETIME,
2035 nla_get_msecs(tbp[i]));
2036 break;
2037 case NDTPA_DELAY_PROBE_TIME:
2038 NEIGH_VAR_SET(p, DELAY_PROBE_TIME,
2039 nla_get_msecs(tbp[i]));
2040 break;
2041 case NDTPA_RETRANS_TIME:
2042 NEIGH_VAR_SET(p, RETRANS_TIME,
2043 nla_get_msecs(tbp[i]));
2044 break;
2045 case NDTPA_ANYCAST_DELAY:
2046 NEIGH_VAR_SET(p, ANYCAST_DELAY,
2047 nla_get_msecs(tbp[i]));
2048 break;
2049 case NDTPA_PROXY_DELAY:
2050 NEIGH_VAR_SET(p, PROXY_DELAY,
2051 nla_get_msecs(tbp[i]));
2052 break;
2053 case NDTPA_LOCKTIME:
2054 NEIGH_VAR_SET(p, LOCKTIME,
2055 nla_get_msecs(tbp[i]));
2056 break;
2057 }
2058 }
2059 }
2060
2061 err = -ENOENT;
2062 if ((tb[NDTA_THRESH1] || tb[NDTA_THRESH2] ||
2063 tb[NDTA_THRESH3] || tb[NDTA_GC_INTERVAL]) &&
2064 !net_eq(net, &init_net))
2065 goto errout_tbl_lock;
2066
2067 if (tb[NDTA_THRESH1])
2068 tbl->gc_thresh1 = nla_get_u32(tb[NDTA_THRESH1]);
2069
2070 if (tb[NDTA_THRESH2])
2071 tbl->gc_thresh2 = nla_get_u32(tb[NDTA_THRESH2]);
2072
2073 if (tb[NDTA_THRESH3])
2074 tbl->gc_thresh3 = nla_get_u32(tb[NDTA_THRESH3]);
2075
2076 if (tb[NDTA_GC_INTERVAL])
2077 tbl->gc_interval = nla_get_msecs(tb[NDTA_GC_INTERVAL]);
2078
2079 err = 0;
2080
2081 errout_tbl_lock:
2082 write_unlock_bh(&tbl->lock);
2083 errout:
2084 return err;
2085 }
2086
neightbl_dump_info(struct sk_buff * skb,struct netlink_callback * cb)2087 static int neightbl_dump_info(struct sk_buff *skb, struct netlink_callback *cb)
2088 {
2089 struct net *net = sock_net(skb->sk);
2090 int family, tidx, nidx = 0;
2091 int tbl_skip = cb->args[0];
2092 int neigh_skip = cb->args[1];
2093 struct neigh_table *tbl;
2094
2095 family = ((struct rtgenmsg *) nlmsg_data(cb->nlh))->rtgen_family;
2096
2097 for (tidx = 0; tidx < NEIGH_NR_TABLES; tidx++) {
2098 struct neigh_parms *p;
2099
2100 tbl = neigh_tables[tidx];
2101 if (!tbl)
2102 continue;
2103
2104 if (tidx < tbl_skip || (family && tbl->family != family))
2105 continue;
2106
2107 if (neightbl_fill_info(skb, tbl, NETLINK_CB(cb->skb).portid,
2108 cb->nlh->nlmsg_seq, RTM_NEWNEIGHTBL,
2109 NLM_F_MULTI) < 0)
2110 break;
2111
2112 nidx = 0;
2113 p = list_next_entry(&tbl->parms, list);
2114 list_for_each_entry_from(p, &tbl->parms_list, list) {
2115 if (!net_eq(neigh_parms_net(p), net))
2116 continue;
2117
2118 if (nidx < neigh_skip)
2119 goto next;
2120
2121 if (neightbl_fill_param_info(skb, tbl, p,
2122 NETLINK_CB(cb->skb).portid,
2123 cb->nlh->nlmsg_seq,
2124 RTM_NEWNEIGHTBL,
2125 NLM_F_MULTI) < 0)
2126 goto out;
2127 next:
2128 nidx++;
2129 }
2130
2131 neigh_skip = 0;
2132 }
2133 out:
2134 cb->args[0] = tidx;
2135 cb->args[1] = nidx;
2136
2137 return skb->len;
2138 }
2139
neigh_fill_info(struct sk_buff * skb,struct neighbour * neigh,u32 pid,u32 seq,int type,unsigned int flags)2140 static int neigh_fill_info(struct sk_buff *skb, struct neighbour *neigh,
2141 u32 pid, u32 seq, int type, unsigned int flags)
2142 {
2143 unsigned long now = jiffies;
2144 struct nda_cacheinfo ci;
2145 struct nlmsghdr *nlh;
2146 struct ndmsg *ndm;
2147
2148 nlh = nlmsg_put(skb, pid, seq, type, sizeof(*ndm), flags);
2149 if (nlh == NULL)
2150 return -EMSGSIZE;
2151
2152 ndm = nlmsg_data(nlh);
2153 ndm->ndm_family = neigh->ops->family;
2154 ndm->ndm_pad1 = 0;
2155 ndm->ndm_pad2 = 0;
2156 ndm->ndm_flags = neigh->flags;
2157 ndm->ndm_type = neigh->type;
2158 ndm->ndm_ifindex = neigh->dev->ifindex;
2159
2160 if (nla_put(skb, NDA_DST, neigh->tbl->key_len, neigh->primary_key))
2161 goto nla_put_failure;
2162
2163 read_lock_bh(&neigh->lock);
2164 ndm->ndm_state = neigh->nud_state;
2165 if (neigh->nud_state & NUD_VALID) {
2166 char haddr[MAX_ADDR_LEN];
2167
2168 neigh_ha_snapshot(haddr, neigh, neigh->dev);
2169 if (nla_put(skb, NDA_LLADDR, neigh->dev->addr_len, haddr) < 0) {
2170 read_unlock_bh(&neigh->lock);
2171 goto nla_put_failure;
2172 }
2173 }
2174
2175 ci.ndm_used = jiffies_to_clock_t(now - neigh->used);
2176 ci.ndm_confirmed = jiffies_to_clock_t(now - neigh->confirmed);
2177 ci.ndm_updated = jiffies_to_clock_t(now - neigh->updated);
2178 ci.ndm_refcnt = atomic_read(&neigh->refcnt) - 1;
2179 read_unlock_bh(&neigh->lock);
2180
2181 if (nla_put_u32(skb, NDA_PROBES, atomic_read(&neigh->probes)) ||
2182 nla_put(skb, NDA_CACHEINFO, sizeof(ci), &ci))
2183 goto nla_put_failure;
2184
2185 nlmsg_end(skb, nlh);
2186 return 0;
2187
2188 nla_put_failure:
2189 nlmsg_cancel(skb, nlh);
2190 return -EMSGSIZE;
2191 }
2192
pneigh_fill_info(struct sk_buff * skb,struct pneigh_entry * pn,u32 pid,u32 seq,int type,unsigned int flags,struct neigh_table * tbl)2193 static int pneigh_fill_info(struct sk_buff *skb, struct pneigh_entry *pn,
2194 u32 pid, u32 seq, int type, unsigned int flags,
2195 struct neigh_table *tbl)
2196 {
2197 struct nlmsghdr *nlh;
2198 struct ndmsg *ndm;
2199
2200 nlh = nlmsg_put(skb, pid, seq, type, sizeof(*ndm), flags);
2201 if (nlh == NULL)
2202 return -EMSGSIZE;
2203
2204 ndm = nlmsg_data(nlh);
2205 ndm->ndm_family = tbl->family;
2206 ndm->ndm_pad1 = 0;
2207 ndm->ndm_pad2 = 0;
2208 ndm->ndm_flags = pn->flags | NTF_PROXY;
2209 ndm->ndm_type = RTN_UNICAST;
2210 ndm->ndm_ifindex = pn->dev ? pn->dev->ifindex : 0;
2211 ndm->ndm_state = NUD_NONE;
2212
2213 if (nla_put(skb, NDA_DST, tbl->key_len, pn->key))
2214 goto nla_put_failure;
2215
2216 nlmsg_end(skb, nlh);
2217 return 0;
2218
2219 nla_put_failure:
2220 nlmsg_cancel(skb, nlh);
2221 return -EMSGSIZE;
2222 }
2223
neigh_update_notify(struct neighbour * neigh)2224 static void neigh_update_notify(struct neighbour *neigh)
2225 {
2226 call_netevent_notifiers(NETEVENT_NEIGH_UPDATE, neigh);
2227 __neigh_notify(neigh, RTM_NEWNEIGH, 0);
2228 }
2229
neigh_dump_table(struct neigh_table * tbl,struct sk_buff * skb,struct netlink_callback * cb)2230 static int neigh_dump_table(struct neigh_table *tbl, struct sk_buff *skb,
2231 struct netlink_callback *cb)
2232 {
2233 struct net *net = sock_net(skb->sk);
2234 struct neighbour *n;
2235 int rc, h, s_h = cb->args[1];
2236 int idx, s_idx = idx = cb->args[2];
2237 struct neigh_hash_table *nht;
2238
2239 rcu_read_lock_bh();
2240 nht = rcu_dereference_bh(tbl->nht);
2241
2242 for (h = s_h; h < (1 << nht->hash_shift); h++) {
2243 if (h > s_h)
2244 s_idx = 0;
2245 for (n = rcu_dereference_bh(nht->hash_buckets[h]), idx = 0;
2246 n != NULL;
2247 n = rcu_dereference_bh(n->next)) {
2248 if (!net_eq(dev_net(n->dev), net))
2249 continue;
2250 if (idx < s_idx)
2251 goto next;
2252 if (neigh_fill_info(skb, n, NETLINK_CB(cb->skb).portid,
2253 cb->nlh->nlmsg_seq,
2254 RTM_NEWNEIGH,
2255 NLM_F_MULTI) < 0) {
2256 rc = -1;
2257 goto out;
2258 }
2259 next:
2260 idx++;
2261 }
2262 }
2263 rc = skb->len;
2264 out:
2265 rcu_read_unlock_bh();
2266 cb->args[1] = h;
2267 cb->args[2] = idx;
2268 return rc;
2269 }
2270
pneigh_dump_table(struct neigh_table * tbl,struct sk_buff * skb,struct netlink_callback * cb)2271 static int pneigh_dump_table(struct neigh_table *tbl, struct sk_buff *skb,
2272 struct netlink_callback *cb)
2273 {
2274 struct pneigh_entry *n;
2275 struct net *net = sock_net(skb->sk);
2276 int rc, h, s_h = cb->args[3];
2277 int idx, s_idx = idx = cb->args[4];
2278
2279 read_lock_bh(&tbl->lock);
2280
2281 for (h = s_h; h <= PNEIGH_HASHMASK; h++) {
2282 if (h > s_h)
2283 s_idx = 0;
2284 for (n = tbl->phash_buckets[h], idx = 0; n; n = n->next) {
2285 if (pneigh_net(n) != net)
2286 continue;
2287 if (idx < s_idx)
2288 goto next;
2289 if (pneigh_fill_info(skb, n, NETLINK_CB(cb->skb).portid,
2290 cb->nlh->nlmsg_seq,
2291 RTM_NEWNEIGH,
2292 NLM_F_MULTI, tbl) < 0) {
2293 read_unlock_bh(&tbl->lock);
2294 rc = -1;
2295 goto out;
2296 }
2297 next:
2298 idx++;
2299 }
2300 }
2301
2302 read_unlock_bh(&tbl->lock);
2303 rc = skb->len;
2304 out:
2305 cb->args[3] = h;
2306 cb->args[4] = idx;
2307 return rc;
2308
2309 }
2310
neigh_dump_info(struct sk_buff * skb,struct netlink_callback * cb)2311 static int neigh_dump_info(struct sk_buff *skb, struct netlink_callback *cb)
2312 {
2313 struct neigh_table *tbl;
2314 int t, family, s_t;
2315 int proxy = 0;
2316 int err;
2317
2318 family = ((struct rtgenmsg *) nlmsg_data(cb->nlh))->rtgen_family;
2319
2320 /* check for full ndmsg structure presence, family member is
2321 * the same for both structures
2322 */
2323 if (nlmsg_len(cb->nlh) >= sizeof(struct ndmsg) &&
2324 ((struct ndmsg *) nlmsg_data(cb->nlh))->ndm_flags == NTF_PROXY)
2325 proxy = 1;
2326
2327 s_t = cb->args[0];
2328
2329 for (t = 0; t < NEIGH_NR_TABLES; t++) {
2330 tbl = neigh_tables[t];
2331
2332 if (!tbl)
2333 continue;
2334 if (t < s_t || (family && tbl->family != family))
2335 continue;
2336 if (t > s_t)
2337 memset(&cb->args[1], 0, sizeof(cb->args) -
2338 sizeof(cb->args[0]));
2339 if (proxy)
2340 err = pneigh_dump_table(tbl, skb, cb);
2341 else
2342 err = neigh_dump_table(tbl, skb, cb);
2343 if (err < 0)
2344 break;
2345 }
2346
2347 cb->args[0] = t;
2348 return skb->len;
2349 }
2350
neigh_for_each(struct neigh_table * tbl,void (* cb)(struct neighbour *,void *),void * cookie)2351 void neigh_for_each(struct neigh_table *tbl, void (*cb)(struct neighbour *, void *), void *cookie)
2352 {
2353 int chain;
2354 struct neigh_hash_table *nht;
2355
2356 rcu_read_lock_bh();
2357 nht = rcu_dereference_bh(tbl->nht);
2358
2359 read_lock(&tbl->lock); /* avoid resizes */
2360 for (chain = 0; chain < (1 << nht->hash_shift); chain++) {
2361 struct neighbour *n;
2362
2363 for (n = rcu_dereference_bh(nht->hash_buckets[chain]);
2364 n != NULL;
2365 n = rcu_dereference_bh(n->next))
2366 cb(n, cookie);
2367 }
2368 read_unlock(&tbl->lock);
2369 rcu_read_unlock_bh();
2370 }
2371 EXPORT_SYMBOL(neigh_for_each);
2372
2373 /* The tbl->lock must be held as a writer and BH disabled. */
__neigh_for_each_release(struct neigh_table * tbl,int (* cb)(struct neighbour *))2374 void __neigh_for_each_release(struct neigh_table *tbl,
2375 int (*cb)(struct neighbour *))
2376 {
2377 int chain;
2378 struct neigh_hash_table *nht;
2379
2380 nht = rcu_dereference_protected(tbl->nht,
2381 lockdep_is_held(&tbl->lock));
2382 for (chain = 0; chain < (1 << nht->hash_shift); chain++) {
2383 struct neighbour *n;
2384 struct neighbour __rcu **np;
2385
2386 np = &nht->hash_buckets[chain];
2387 while ((n = rcu_dereference_protected(*np,
2388 lockdep_is_held(&tbl->lock))) != NULL) {
2389 int release;
2390
2391 write_lock(&n->lock);
2392 release = cb(n);
2393 if (release) {
2394 rcu_assign_pointer(*np,
2395 rcu_dereference_protected(n->next,
2396 lockdep_is_held(&tbl->lock)));
2397 n->dead = 1;
2398 } else
2399 np = &n->next;
2400 write_unlock(&n->lock);
2401 if (release)
2402 neigh_cleanup_and_release(n);
2403 }
2404 }
2405 }
2406 EXPORT_SYMBOL(__neigh_for_each_release);
2407
neigh_xmit(int index,struct net_device * dev,const void * addr,struct sk_buff * skb)2408 int neigh_xmit(int index, struct net_device *dev,
2409 const void *addr, struct sk_buff *skb)
2410 {
2411 int err = -EAFNOSUPPORT;
2412 if (likely(index < NEIGH_NR_TABLES)) {
2413 struct neigh_table *tbl;
2414 struct neighbour *neigh;
2415
2416 tbl = neigh_tables[index];
2417 if (!tbl)
2418 goto out;
2419 neigh = __neigh_lookup_noref(tbl, addr, dev);
2420 if (!neigh)
2421 neigh = __neigh_create(tbl, addr, dev, false);
2422 err = PTR_ERR(neigh);
2423 if (IS_ERR(neigh))
2424 goto out_kfree_skb;
2425 err = neigh->output(neigh, skb);
2426 }
2427 else if (index == NEIGH_LINK_TABLE) {
2428 err = dev_hard_header(skb, dev, ntohs(skb->protocol),
2429 addr, NULL, skb->len);
2430 if (err < 0)
2431 goto out_kfree_skb;
2432 err = dev_queue_xmit(skb);
2433 }
2434 out:
2435 return err;
2436 out_kfree_skb:
2437 kfree_skb(skb);
2438 goto out;
2439 }
2440 EXPORT_SYMBOL(neigh_xmit);
2441
2442 #ifdef CONFIG_PROC_FS
2443
neigh_get_first(struct seq_file * seq)2444 static struct neighbour *neigh_get_first(struct seq_file *seq)
2445 {
2446 struct neigh_seq_state *state = seq->private;
2447 struct net *net = seq_file_net(seq);
2448 struct neigh_hash_table *nht = state->nht;
2449 struct neighbour *n = NULL;
2450 int bucket = state->bucket;
2451
2452 state->flags &= ~NEIGH_SEQ_IS_PNEIGH;
2453 for (bucket = 0; bucket < (1 << nht->hash_shift); bucket++) {
2454 n = rcu_dereference_bh(nht->hash_buckets[bucket]);
2455
2456 while (n) {
2457 if (!net_eq(dev_net(n->dev), net))
2458 goto next;
2459 if (state->neigh_sub_iter) {
2460 loff_t fakep = 0;
2461 void *v;
2462
2463 v = state->neigh_sub_iter(state, n, &fakep);
2464 if (!v)
2465 goto next;
2466 }
2467 if (!(state->flags & NEIGH_SEQ_SKIP_NOARP))
2468 break;
2469 if (n->nud_state & ~NUD_NOARP)
2470 break;
2471 next:
2472 n = rcu_dereference_bh(n->next);
2473 }
2474
2475 if (n)
2476 break;
2477 }
2478 state->bucket = bucket;
2479
2480 return n;
2481 }
2482
neigh_get_next(struct seq_file * seq,struct neighbour * n,loff_t * pos)2483 static struct neighbour *neigh_get_next(struct seq_file *seq,
2484 struct neighbour *n,
2485 loff_t *pos)
2486 {
2487 struct neigh_seq_state *state = seq->private;
2488 struct net *net = seq_file_net(seq);
2489 struct neigh_hash_table *nht = state->nht;
2490
2491 if (state->neigh_sub_iter) {
2492 void *v = state->neigh_sub_iter(state, n, pos);
2493 if (v)
2494 return n;
2495 }
2496 n = rcu_dereference_bh(n->next);
2497
2498 while (1) {
2499 while (n) {
2500 if (!net_eq(dev_net(n->dev), net))
2501 goto next;
2502 if (state->neigh_sub_iter) {
2503 void *v = state->neigh_sub_iter(state, n, pos);
2504 if (v)
2505 return n;
2506 goto next;
2507 }
2508 if (!(state->flags & NEIGH_SEQ_SKIP_NOARP))
2509 break;
2510
2511 if (n->nud_state & ~NUD_NOARP)
2512 break;
2513 next:
2514 n = rcu_dereference_bh(n->next);
2515 }
2516
2517 if (n)
2518 break;
2519
2520 if (++state->bucket >= (1 << nht->hash_shift))
2521 break;
2522
2523 n = rcu_dereference_bh(nht->hash_buckets[state->bucket]);
2524 }
2525
2526 if (n && pos)
2527 --(*pos);
2528 return n;
2529 }
2530
neigh_get_idx(struct seq_file * seq,loff_t * pos)2531 static struct neighbour *neigh_get_idx(struct seq_file *seq, loff_t *pos)
2532 {
2533 struct neighbour *n = neigh_get_first(seq);
2534
2535 if (n) {
2536 --(*pos);
2537 while (*pos) {
2538 n = neigh_get_next(seq, n, pos);
2539 if (!n)
2540 break;
2541 }
2542 }
2543 return *pos ? NULL : n;
2544 }
2545
pneigh_get_first(struct seq_file * seq)2546 static struct pneigh_entry *pneigh_get_first(struct seq_file *seq)
2547 {
2548 struct neigh_seq_state *state = seq->private;
2549 struct net *net = seq_file_net(seq);
2550 struct neigh_table *tbl = state->tbl;
2551 struct pneigh_entry *pn = NULL;
2552 int bucket = state->bucket;
2553
2554 state->flags |= NEIGH_SEQ_IS_PNEIGH;
2555 for (bucket = 0; bucket <= PNEIGH_HASHMASK; bucket++) {
2556 pn = tbl->phash_buckets[bucket];
2557 while (pn && !net_eq(pneigh_net(pn), net))
2558 pn = pn->next;
2559 if (pn)
2560 break;
2561 }
2562 state->bucket = bucket;
2563
2564 return pn;
2565 }
2566
pneigh_get_next(struct seq_file * seq,struct pneigh_entry * pn,loff_t * pos)2567 static struct pneigh_entry *pneigh_get_next(struct seq_file *seq,
2568 struct pneigh_entry *pn,
2569 loff_t *pos)
2570 {
2571 struct neigh_seq_state *state = seq->private;
2572 struct net *net = seq_file_net(seq);
2573 struct neigh_table *tbl = state->tbl;
2574
2575 do {
2576 pn = pn->next;
2577 } while (pn && !net_eq(pneigh_net(pn), net));
2578
2579 while (!pn) {
2580 if (++state->bucket > PNEIGH_HASHMASK)
2581 break;
2582 pn = tbl->phash_buckets[state->bucket];
2583 while (pn && !net_eq(pneigh_net(pn), net))
2584 pn = pn->next;
2585 if (pn)
2586 break;
2587 }
2588
2589 if (pn && pos)
2590 --(*pos);
2591
2592 return pn;
2593 }
2594
pneigh_get_idx(struct seq_file * seq,loff_t * pos)2595 static struct pneigh_entry *pneigh_get_idx(struct seq_file *seq, loff_t *pos)
2596 {
2597 struct pneigh_entry *pn = pneigh_get_first(seq);
2598
2599 if (pn) {
2600 --(*pos);
2601 while (*pos) {
2602 pn = pneigh_get_next(seq, pn, pos);
2603 if (!pn)
2604 break;
2605 }
2606 }
2607 return *pos ? NULL : pn;
2608 }
2609
neigh_get_idx_any(struct seq_file * seq,loff_t * pos)2610 static void *neigh_get_idx_any(struct seq_file *seq, loff_t *pos)
2611 {
2612 struct neigh_seq_state *state = seq->private;
2613 void *rc;
2614 loff_t idxpos = *pos;
2615
2616 rc = neigh_get_idx(seq, &idxpos);
2617 if (!rc && !(state->flags & NEIGH_SEQ_NEIGH_ONLY))
2618 rc = pneigh_get_idx(seq, &idxpos);
2619
2620 return rc;
2621 }
2622
neigh_seq_start(struct seq_file * seq,loff_t * pos,struct neigh_table * tbl,unsigned int neigh_seq_flags)2623 void *neigh_seq_start(struct seq_file *seq, loff_t *pos, struct neigh_table *tbl, unsigned int neigh_seq_flags)
2624 __acquires(rcu_bh)
2625 {
2626 struct neigh_seq_state *state = seq->private;
2627
2628 state->tbl = tbl;
2629 state->bucket = 0;
2630 state->flags = (neigh_seq_flags & ~NEIGH_SEQ_IS_PNEIGH);
2631
2632 rcu_read_lock_bh();
2633 state->nht = rcu_dereference_bh(tbl->nht);
2634
2635 return *pos ? neigh_get_idx_any(seq, pos) : SEQ_START_TOKEN;
2636 }
2637 EXPORT_SYMBOL(neigh_seq_start);
2638
neigh_seq_next(struct seq_file * seq,void * v,loff_t * pos)2639 void *neigh_seq_next(struct seq_file *seq, void *v, loff_t *pos)
2640 {
2641 struct neigh_seq_state *state;
2642 void *rc;
2643
2644 if (v == SEQ_START_TOKEN) {
2645 rc = neigh_get_first(seq);
2646 goto out;
2647 }
2648
2649 state = seq->private;
2650 if (!(state->flags & NEIGH_SEQ_IS_PNEIGH)) {
2651 rc = neigh_get_next(seq, v, NULL);
2652 if (rc)
2653 goto out;
2654 if (!(state->flags & NEIGH_SEQ_NEIGH_ONLY))
2655 rc = pneigh_get_first(seq);
2656 } else {
2657 BUG_ON(state->flags & NEIGH_SEQ_NEIGH_ONLY);
2658 rc = pneigh_get_next(seq, v, NULL);
2659 }
2660 out:
2661 ++(*pos);
2662 return rc;
2663 }
2664 EXPORT_SYMBOL(neigh_seq_next);
2665
neigh_seq_stop(struct seq_file * seq,void * v)2666 void neigh_seq_stop(struct seq_file *seq, void *v)
2667 __releases(rcu_bh)
2668 {
2669 rcu_read_unlock_bh();
2670 }
2671 EXPORT_SYMBOL(neigh_seq_stop);
2672
2673 /* statistics via seq_file */
2674
neigh_stat_seq_start(struct seq_file * seq,loff_t * pos)2675 static void *neigh_stat_seq_start(struct seq_file *seq, loff_t *pos)
2676 {
2677 struct neigh_table *tbl = seq->private;
2678 int cpu;
2679
2680 if (*pos == 0)
2681 return SEQ_START_TOKEN;
2682
2683 for (cpu = *pos-1; cpu < nr_cpu_ids; ++cpu) {
2684 if (!cpu_possible(cpu))
2685 continue;
2686 *pos = cpu+1;
2687 return per_cpu_ptr(tbl->stats, cpu);
2688 }
2689 return NULL;
2690 }
2691
neigh_stat_seq_next(struct seq_file * seq,void * v,loff_t * pos)2692 static void *neigh_stat_seq_next(struct seq_file *seq, void *v, loff_t *pos)
2693 {
2694 struct neigh_table *tbl = seq->private;
2695 int cpu;
2696
2697 for (cpu = *pos; cpu < nr_cpu_ids; ++cpu) {
2698 if (!cpu_possible(cpu))
2699 continue;
2700 *pos = cpu+1;
2701 return per_cpu_ptr(tbl->stats, cpu);
2702 }
2703 return NULL;
2704 }
2705
neigh_stat_seq_stop(struct seq_file * seq,void * v)2706 static void neigh_stat_seq_stop(struct seq_file *seq, void *v)
2707 {
2708
2709 }
2710
neigh_stat_seq_show(struct seq_file * seq,void * v)2711 static int neigh_stat_seq_show(struct seq_file *seq, void *v)
2712 {
2713 struct neigh_table *tbl = seq->private;
2714 struct neigh_statistics *st = v;
2715
2716 if (v == SEQ_START_TOKEN) {
2717 seq_printf(seq, "entries allocs destroys hash_grows lookups hits res_failed rcv_probes_mcast rcv_probes_ucast periodic_gc_runs forced_gc_runs unresolved_discards\n");
2718 return 0;
2719 }
2720
2721 seq_printf(seq, "%08x %08lx %08lx %08lx %08lx %08lx %08lx "
2722 "%08lx %08lx %08lx %08lx %08lx\n",
2723 atomic_read(&tbl->entries),
2724
2725 st->allocs,
2726 st->destroys,
2727 st->hash_grows,
2728
2729 st->lookups,
2730 st->hits,
2731
2732 st->res_failed,
2733
2734 st->rcv_probes_mcast,
2735 st->rcv_probes_ucast,
2736
2737 st->periodic_gc_runs,
2738 st->forced_gc_runs,
2739 st->unres_discards
2740 );
2741
2742 return 0;
2743 }
2744
2745 static const struct seq_operations neigh_stat_seq_ops = {
2746 .start = neigh_stat_seq_start,
2747 .next = neigh_stat_seq_next,
2748 .stop = neigh_stat_seq_stop,
2749 .show = neigh_stat_seq_show,
2750 };
2751
neigh_stat_seq_open(struct inode * inode,struct file * file)2752 static int neigh_stat_seq_open(struct inode *inode, struct file *file)
2753 {
2754 int ret = seq_open(file, &neigh_stat_seq_ops);
2755
2756 if (!ret) {
2757 struct seq_file *sf = file->private_data;
2758 sf->private = PDE_DATA(inode);
2759 }
2760 return ret;
2761 };
2762
2763 static const struct file_operations neigh_stat_seq_fops = {
2764 .owner = THIS_MODULE,
2765 .open = neigh_stat_seq_open,
2766 .read = seq_read,
2767 .llseek = seq_lseek,
2768 .release = seq_release,
2769 };
2770
2771 #endif /* CONFIG_PROC_FS */
2772
neigh_nlmsg_size(void)2773 static inline size_t neigh_nlmsg_size(void)
2774 {
2775 return NLMSG_ALIGN(sizeof(struct ndmsg))
2776 + nla_total_size(MAX_ADDR_LEN) /* NDA_DST */
2777 + nla_total_size(MAX_ADDR_LEN) /* NDA_LLADDR */
2778 + nla_total_size(sizeof(struct nda_cacheinfo))
2779 + nla_total_size(4); /* NDA_PROBES */
2780 }
2781
__neigh_notify(struct neighbour * n,int type,int flags)2782 static void __neigh_notify(struct neighbour *n, int type, int flags)
2783 {
2784 struct net *net = dev_net(n->dev);
2785 struct sk_buff *skb;
2786 int err = -ENOBUFS;
2787
2788 skb = nlmsg_new(neigh_nlmsg_size(), GFP_ATOMIC);
2789 if (skb == NULL)
2790 goto errout;
2791
2792 err = neigh_fill_info(skb, n, 0, 0, type, flags);
2793 if (err < 0) {
2794 /* -EMSGSIZE implies BUG in neigh_nlmsg_size() */
2795 WARN_ON(err == -EMSGSIZE);
2796 kfree_skb(skb);
2797 goto errout;
2798 }
2799 rtnl_notify(skb, net, 0, RTNLGRP_NEIGH, NULL, GFP_ATOMIC);
2800 return;
2801 errout:
2802 if (err < 0)
2803 rtnl_set_sk_err(net, RTNLGRP_NEIGH, err);
2804 }
2805
neigh_app_ns(struct neighbour * n)2806 void neigh_app_ns(struct neighbour *n)
2807 {
2808 __neigh_notify(n, RTM_GETNEIGH, NLM_F_REQUEST);
2809 }
2810 EXPORT_SYMBOL(neigh_app_ns);
2811
2812 #ifdef CONFIG_SYSCTL
2813 static int zero;
2814 static int int_max = INT_MAX;
2815 static int unres_qlen_max = INT_MAX / SKB_TRUESIZE(ETH_FRAME_LEN);
2816
proc_unres_qlen(struct ctl_table * ctl,int write,void __user * buffer,size_t * lenp,loff_t * ppos)2817 static int proc_unres_qlen(struct ctl_table *ctl, int write,
2818 void __user *buffer, size_t *lenp, loff_t *ppos)
2819 {
2820 int size, ret;
2821 struct ctl_table tmp = *ctl;
2822
2823 tmp.extra1 = &zero;
2824 tmp.extra2 = &unres_qlen_max;
2825 tmp.data = &size;
2826
2827 size = *(int *)ctl->data / SKB_TRUESIZE(ETH_FRAME_LEN);
2828 ret = proc_dointvec_minmax(&tmp, write, buffer, lenp, ppos);
2829
2830 if (write && !ret)
2831 *(int *)ctl->data = size * SKB_TRUESIZE(ETH_FRAME_LEN);
2832 return ret;
2833 }
2834
neigh_get_dev_parms_rcu(struct net_device * dev,int family)2835 static struct neigh_parms *neigh_get_dev_parms_rcu(struct net_device *dev,
2836 int family)
2837 {
2838 switch (family) {
2839 case AF_INET:
2840 return __in_dev_arp_parms_get_rcu(dev);
2841 case AF_INET6:
2842 return __in6_dev_nd_parms_get_rcu(dev);
2843 }
2844 return NULL;
2845 }
2846
neigh_copy_dflt_parms(struct net * net,struct neigh_parms * p,int index)2847 static void neigh_copy_dflt_parms(struct net *net, struct neigh_parms *p,
2848 int index)
2849 {
2850 struct net_device *dev;
2851 int family = neigh_parms_family(p);
2852
2853 rcu_read_lock();
2854 for_each_netdev_rcu(net, dev) {
2855 struct neigh_parms *dst_p =
2856 neigh_get_dev_parms_rcu(dev, family);
2857
2858 if (dst_p && !test_bit(index, dst_p->data_state))
2859 dst_p->data[index] = p->data[index];
2860 }
2861 rcu_read_unlock();
2862 }
2863
neigh_proc_update(struct ctl_table * ctl,int write)2864 static void neigh_proc_update(struct ctl_table *ctl, int write)
2865 {
2866 struct net_device *dev = ctl->extra1;
2867 struct neigh_parms *p = ctl->extra2;
2868 struct net *net = neigh_parms_net(p);
2869 int index = (int *) ctl->data - p->data;
2870
2871 if (!write)
2872 return;
2873
2874 set_bit(index, p->data_state);
2875 if (!dev) /* NULL dev means this is default value */
2876 neigh_copy_dflt_parms(net, p, index);
2877 }
2878
neigh_proc_dointvec_zero_intmax(struct ctl_table * ctl,int write,void __user * buffer,size_t * lenp,loff_t * ppos)2879 static int neigh_proc_dointvec_zero_intmax(struct ctl_table *ctl, int write,
2880 void __user *buffer,
2881 size_t *lenp, loff_t *ppos)
2882 {
2883 struct ctl_table tmp = *ctl;
2884 int ret;
2885
2886 tmp.extra1 = &zero;
2887 tmp.extra2 = &int_max;
2888
2889 ret = proc_dointvec_minmax(&tmp, write, buffer, lenp, ppos);
2890 neigh_proc_update(ctl, write);
2891 return ret;
2892 }
2893
neigh_proc_dointvec(struct ctl_table * ctl,int write,void __user * buffer,size_t * lenp,loff_t * ppos)2894 int neigh_proc_dointvec(struct ctl_table *ctl, int write,
2895 void __user *buffer, size_t *lenp, loff_t *ppos)
2896 {
2897 int ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
2898
2899 neigh_proc_update(ctl, write);
2900 return ret;
2901 }
2902 EXPORT_SYMBOL(neigh_proc_dointvec);
2903
neigh_proc_dointvec_jiffies(struct ctl_table * ctl,int write,void __user * buffer,size_t * lenp,loff_t * ppos)2904 int neigh_proc_dointvec_jiffies(struct ctl_table *ctl, int write,
2905 void __user *buffer,
2906 size_t *lenp, loff_t *ppos)
2907 {
2908 int ret = proc_dointvec_jiffies(ctl, write, buffer, lenp, ppos);
2909
2910 neigh_proc_update(ctl, write);
2911 return ret;
2912 }
2913 EXPORT_SYMBOL(neigh_proc_dointvec_jiffies);
2914
neigh_proc_dointvec_userhz_jiffies(struct ctl_table * ctl,int write,void __user * buffer,size_t * lenp,loff_t * ppos)2915 static int neigh_proc_dointvec_userhz_jiffies(struct ctl_table *ctl, int write,
2916 void __user *buffer,
2917 size_t *lenp, loff_t *ppos)
2918 {
2919 int ret = proc_dointvec_userhz_jiffies(ctl, write, buffer, lenp, ppos);
2920
2921 neigh_proc_update(ctl, write);
2922 return ret;
2923 }
2924
neigh_proc_dointvec_ms_jiffies(struct ctl_table * ctl,int write,void __user * buffer,size_t * lenp,loff_t * ppos)2925 int neigh_proc_dointvec_ms_jiffies(struct ctl_table *ctl, int write,
2926 void __user *buffer,
2927 size_t *lenp, loff_t *ppos)
2928 {
2929 int ret = proc_dointvec_ms_jiffies(ctl, write, buffer, lenp, ppos);
2930
2931 neigh_proc_update(ctl, write);
2932 return ret;
2933 }
2934 EXPORT_SYMBOL(neigh_proc_dointvec_ms_jiffies);
2935
neigh_proc_dointvec_unres_qlen(struct ctl_table * ctl,int write,void __user * buffer,size_t * lenp,loff_t * ppos)2936 static int neigh_proc_dointvec_unres_qlen(struct ctl_table *ctl, int write,
2937 void __user *buffer,
2938 size_t *lenp, loff_t *ppos)
2939 {
2940 int ret = proc_unres_qlen(ctl, write, buffer, lenp, ppos);
2941
2942 neigh_proc_update(ctl, write);
2943 return ret;
2944 }
2945
neigh_proc_base_reachable_time(struct ctl_table * ctl,int write,void __user * buffer,size_t * lenp,loff_t * ppos)2946 static int neigh_proc_base_reachable_time(struct ctl_table *ctl, int write,
2947 void __user *buffer,
2948 size_t *lenp, loff_t *ppos)
2949 {
2950 struct neigh_parms *p = ctl->extra2;
2951 int ret;
2952
2953 if (strcmp(ctl->procname, "base_reachable_time") == 0)
2954 ret = neigh_proc_dointvec_jiffies(ctl, write, buffer, lenp, ppos);
2955 else if (strcmp(ctl->procname, "base_reachable_time_ms") == 0)
2956 ret = neigh_proc_dointvec_ms_jiffies(ctl, write, buffer, lenp, ppos);
2957 else
2958 ret = -1;
2959
2960 if (write && ret == 0) {
2961 /* update reachable_time as well, otherwise, the change will
2962 * only be effective after the next time neigh_periodic_work
2963 * decides to recompute it
2964 */
2965 p->reachable_time =
2966 neigh_rand_reach_time(NEIGH_VAR(p, BASE_REACHABLE_TIME));
2967 }
2968 return ret;
2969 }
2970
2971 #define NEIGH_PARMS_DATA_OFFSET(index) \
2972 (&((struct neigh_parms *) 0)->data[index])
2973
2974 #define NEIGH_SYSCTL_ENTRY(attr, data_attr, name, mval, proc) \
2975 [NEIGH_VAR_ ## attr] = { \
2976 .procname = name, \
2977 .data = NEIGH_PARMS_DATA_OFFSET(NEIGH_VAR_ ## data_attr), \
2978 .maxlen = sizeof(int), \
2979 .mode = mval, \
2980 .proc_handler = proc, \
2981 }
2982
2983 #define NEIGH_SYSCTL_ZERO_INTMAX_ENTRY(attr, name) \
2984 NEIGH_SYSCTL_ENTRY(attr, attr, name, 0644, neigh_proc_dointvec_zero_intmax)
2985
2986 #define NEIGH_SYSCTL_JIFFIES_ENTRY(attr, name) \
2987 NEIGH_SYSCTL_ENTRY(attr, attr, name, 0644, neigh_proc_dointvec_jiffies)
2988
2989 #define NEIGH_SYSCTL_USERHZ_JIFFIES_ENTRY(attr, name) \
2990 NEIGH_SYSCTL_ENTRY(attr, attr, name, 0644, neigh_proc_dointvec_userhz_jiffies)
2991
2992 #define NEIGH_SYSCTL_MS_JIFFIES_ENTRY(attr, name) \
2993 NEIGH_SYSCTL_ENTRY(attr, attr, name, 0644, neigh_proc_dointvec_ms_jiffies)
2994
2995 #define NEIGH_SYSCTL_MS_JIFFIES_REUSED_ENTRY(attr, data_attr, name) \
2996 NEIGH_SYSCTL_ENTRY(attr, data_attr, name, 0644, neigh_proc_dointvec_ms_jiffies)
2997
2998 #define NEIGH_SYSCTL_UNRES_QLEN_REUSED_ENTRY(attr, data_attr, name) \
2999 NEIGH_SYSCTL_ENTRY(attr, data_attr, name, 0644, neigh_proc_dointvec_unres_qlen)
3000
3001 static struct neigh_sysctl_table {
3002 struct ctl_table_header *sysctl_header;
3003 struct ctl_table neigh_vars[NEIGH_VAR_MAX + 1];
3004 } neigh_sysctl_template __read_mostly = {
3005 .neigh_vars = {
3006 NEIGH_SYSCTL_ZERO_INTMAX_ENTRY(MCAST_PROBES, "mcast_solicit"),
3007 NEIGH_SYSCTL_ZERO_INTMAX_ENTRY(UCAST_PROBES, "ucast_solicit"),
3008 NEIGH_SYSCTL_ZERO_INTMAX_ENTRY(APP_PROBES, "app_solicit"),
3009 NEIGH_SYSCTL_ZERO_INTMAX_ENTRY(MCAST_REPROBES, "mcast_resolicit"),
3010 NEIGH_SYSCTL_USERHZ_JIFFIES_ENTRY(RETRANS_TIME, "retrans_time"),
3011 NEIGH_SYSCTL_JIFFIES_ENTRY(BASE_REACHABLE_TIME, "base_reachable_time"),
3012 NEIGH_SYSCTL_JIFFIES_ENTRY(DELAY_PROBE_TIME, "delay_first_probe_time"),
3013 NEIGH_SYSCTL_JIFFIES_ENTRY(GC_STALETIME, "gc_stale_time"),
3014 NEIGH_SYSCTL_ZERO_INTMAX_ENTRY(QUEUE_LEN_BYTES, "unres_qlen_bytes"),
3015 NEIGH_SYSCTL_ZERO_INTMAX_ENTRY(PROXY_QLEN, "proxy_qlen"),
3016 NEIGH_SYSCTL_USERHZ_JIFFIES_ENTRY(ANYCAST_DELAY, "anycast_delay"),
3017 NEIGH_SYSCTL_USERHZ_JIFFIES_ENTRY(PROXY_DELAY, "proxy_delay"),
3018 NEIGH_SYSCTL_USERHZ_JIFFIES_ENTRY(LOCKTIME, "locktime"),
3019 NEIGH_SYSCTL_UNRES_QLEN_REUSED_ENTRY(QUEUE_LEN, QUEUE_LEN_BYTES, "unres_qlen"),
3020 NEIGH_SYSCTL_MS_JIFFIES_REUSED_ENTRY(RETRANS_TIME_MS, RETRANS_TIME, "retrans_time_ms"),
3021 NEIGH_SYSCTL_MS_JIFFIES_REUSED_ENTRY(BASE_REACHABLE_TIME_MS, BASE_REACHABLE_TIME, "base_reachable_time_ms"),
3022 [NEIGH_VAR_GC_INTERVAL] = {
3023 .procname = "gc_interval",
3024 .maxlen = sizeof(int),
3025 .mode = 0644,
3026 .proc_handler = proc_dointvec_jiffies,
3027 },
3028 [NEIGH_VAR_GC_THRESH1] = {
3029 .procname = "gc_thresh1",
3030 .maxlen = sizeof(int),
3031 .mode = 0644,
3032 .extra1 = &zero,
3033 .extra2 = &int_max,
3034 .proc_handler = proc_dointvec_minmax,
3035 },
3036 [NEIGH_VAR_GC_THRESH2] = {
3037 .procname = "gc_thresh2",
3038 .maxlen = sizeof(int),
3039 .mode = 0644,
3040 .extra1 = &zero,
3041 .extra2 = &int_max,
3042 .proc_handler = proc_dointvec_minmax,
3043 },
3044 [NEIGH_VAR_GC_THRESH3] = {
3045 .procname = "gc_thresh3",
3046 .maxlen = sizeof(int),
3047 .mode = 0644,
3048 .extra1 = &zero,
3049 .extra2 = &int_max,
3050 .proc_handler = proc_dointvec_minmax,
3051 },
3052 {},
3053 },
3054 };
3055
neigh_sysctl_register(struct net_device * dev,struct neigh_parms * p,proc_handler * handler)3056 int neigh_sysctl_register(struct net_device *dev, struct neigh_parms *p,
3057 proc_handler *handler)
3058 {
3059 int i;
3060 struct neigh_sysctl_table *t;
3061 const char *dev_name_source;
3062 char neigh_path[ sizeof("net//neigh/") + IFNAMSIZ + IFNAMSIZ ];
3063 char *p_name;
3064
3065 t = kmemdup(&neigh_sysctl_template, sizeof(*t), GFP_KERNEL);
3066 if (!t)
3067 goto err;
3068
3069 for (i = 0; i < NEIGH_VAR_GC_INTERVAL; i++) {
3070 t->neigh_vars[i].data += (long) p;
3071 t->neigh_vars[i].extra1 = dev;
3072 t->neigh_vars[i].extra2 = p;
3073 }
3074
3075 if (dev) {
3076 dev_name_source = dev->name;
3077 /* Terminate the table early */
3078 memset(&t->neigh_vars[NEIGH_VAR_GC_INTERVAL], 0,
3079 sizeof(t->neigh_vars[NEIGH_VAR_GC_INTERVAL]));
3080 } else {
3081 struct neigh_table *tbl = p->tbl;
3082 dev_name_source = "default";
3083 t->neigh_vars[NEIGH_VAR_GC_INTERVAL].data = &tbl->gc_interval;
3084 t->neigh_vars[NEIGH_VAR_GC_THRESH1].data = &tbl->gc_thresh1;
3085 t->neigh_vars[NEIGH_VAR_GC_THRESH2].data = &tbl->gc_thresh2;
3086 t->neigh_vars[NEIGH_VAR_GC_THRESH3].data = &tbl->gc_thresh3;
3087 }
3088
3089 if (handler) {
3090 /* RetransTime */
3091 t->neigh_vars[NEIGH_VAR_RETRANS_TIME].proc_handler = handler;
3092 /* ReachableTime */
3093 t->neigh_vars[NEIGH_VAR_BASE_REACHABLE_TIME].proc_handler = handler;
3094 /* RetransTime (in milliseconds)*/
3095 t->neigh_vars[NEIGH_VAR_RETRANS_TIME_MS].proc_handler = handler;
3096 /* ReachableTime (in milliseconds) */
3097 t->neigh_vars[NEIGH_VAR_BASE_REACHABLE_TIME_MS].proc_handler = handler;
3098 } else {
3099 /* Those handlers will update p->reachable_time after
3100 * base_reachable_time(_ms) is set to ensure the new timer starts being
3101 * applied after the next neighbour update instead of waiting for
3102 * neigh_periodic_work to update its value (can be multiple minutes)
3103 * So any handler that replaces them should do this as well
3104 */
3105 /* ReachableTime */
3106 t->neigh_vars[NEIGH_VAR_BASE_REACHABLE_TIME].proc_handler =
3107 neigh_proc_base_reachable_time;
3108 /* ReachableTime (in milliseconds) */
3109 t->neigh_vars[NEIGH_VAR_BASE_REACHABLE_TIME_MS].proc_handler =
3110 neigh_proc_base_reachable_time;
3111 }
3112
3113 /* Don't export sysctls to unprivileged users */
3114 if (neigh_parms_net(p)->user_ns != &init_user_ns)
3115 t->neigh_vars[0].procname = NULL;
3116
3117 switch (neigh_parms_family(p)) {
3118 case AF_INET:
3119 p_name = "ipv4";
3120 break;
3121 case AF_INET6:
3122 p_name = "ipv6";
3123 break;
3124 default:
3125 BUG();
3126 }
3127
3128 snprintf(neigh_path, sizeof(neigh_path), "net/%s/neigh/%s",
3129 p_name, dev_name_source);
3130 t->sysctl_header =
3131 register_net_sysctl(neigh_parms_net(p), neigh_path, t->neigh_vars);
3132 if (!t->sysctl_header)
3133 goto free;
3134
3135 p->sysctl_table = t;
3136 return 0;
3137
3138 free:
3139 kfree(t);
3140 err:
3141 return -ENOBUFS;
3142 }
3143 EXPORT_SYMBOL(neigh_sysctl_register);
3144
neigh_sysctl_unregister(struct neigh_parms * p)3145 void neigh_sysctl_unregister(struct neigh_parms *p)
3146 {
3147 if (p->sysctl_table) {
3148 struct neigh_sysctl_table *t = p->sysctl_table;
3149 p->sysctl_table = NULL;
3150 unregister_net_sysctl_table(t->sysctl_header);
3151 kfree(t);
3152 }
3153 }
3154 EXPORT_SYMBOL(neigh_sysctl_unregister);
3155
3156 #endif /* CONFIG_SYSCTL */
3157
neigh_init(void)3158 static int __init neigh_init(void)
3159 {
3160 rtnl_register(PF_UNSPEC, RTM_NEWNEIGH, neigh_add, NULL, NULL);
3161 rtnl_register(PF_UNSPEC, RTM_DELNEIGH, neigh_delete, NULL, NULL);
3162 rtnl_register(PF_UNSPEC, RTM_GETNEIGH, NULL, neigh_dump_info, NULL);
3163
3164 rtnl_register(PF_UNSPEC, RTM_GETNEIGHTBL, NULL, neightbl_dump_info,
3165 NULL);
3166 rtnl_register(PF_UNSPEC, RTM_SETNEIGHTBL, neightbl_set, NULL, NULL);
3167
3168 return 0;
3169 }
3170
3171 subsys_initcall(neigh_init);
3172
3173