1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * Generic address resolution entity 4 * 5 * Authors: 6 * Pedro Roque <roque@di.fc.ul.pt> 7 * Alexey Kuznetsov <kuznet@ms2.inr.ac.ru> 8 * 9 * Fixes: 10 * Vitaly E. Lavrov releasing NULL neighbor in neigh_add. 11 * Harald Welte Add neighbour cache statistics like rtstat 12 */ 13 14 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 15 16 #include <linux/slab.h> 17 #include <linux/types.h> 18 #include <linux/kernel.h> 19 #include <linux/module.h> 20 #include <linux/socket.h> 21 #include <linux/netdevice.h> 22 #include <linux/proc_fs.h> 23 #ifdef CONFIG_SYSCTL 24 #include <linux/sysctl.h> 25 #endif 26 #include <linux/times.h> 27 #include <net/net_namespace.h> 28 #include <net/neighbour.h> 29 #include <net/arp.h> 30 #include <net/dst.h> 31 #include <net/sock.h> 32 #include <net/netevent.h> 33 #include <net/netlink.h> 34 #include <linux/rtnetlink.h> 35 #include <linux/random.h> 36 #include <linux/string.h> 37 #include <linux/log2.h> 38 #include <linux/inetdevice.h> 39 #include <net/addrconf.h> 40 41 #include <trace/events/neigh.h> 42 43 #define NEIGH_DEBUG 1 44 #define neigh_dbg(level, fmt, ...) \ 45 do { \ 46 if (level <= NEIGH_DEBUG) \ 47 pr_debug(fmt, ##__VA_ARGS__); \ 48 } while (0) 49 50 #define PNEIGH_HASHMASK 0xF 51 52 static void neigh_timer_handler(struct timer_list *t); 53 static void __neigh_notify(struct neighbour *n, int type, int flags, 54 u32 pid); 55 static void neigh_update_notify(struct neighbour *neigh, u32 nlmsg_pid); 56 static int pneigh_ifdown_and_unlock(struct neigh_table *tbl, 57 struct net_device *dev); 58 59 #ifdef CONFIG_PROC_FS 60 static const struct seq_operations neigh_stat_seq_ops; 61 #endif 62 63 static struct hlist_head *neigh_get_dev_table(struct net_device *dev, int family) 64 { 65 int i; 66 67 switch (family) { 68 default: 69 DEBUG_NET_WARN_ON_ONCE(1); 70 fallthrough; /* to avoid panic by null-ptr-deref */ 71 case AF_INET: 72 i = NEIGH_ARP_TABLE; 73 break; 74 case AF_INET6: 75 i = NEIGH_ND_TABLE; 76 break; 77 } 78 79 return &dev->neighbours[i]; 80 } 81 82 /* 83 Neighbour hash table buckets are protected with rwlock tbl->lock. 84 85 - All the scans/updates to hash buckets MUST be made under this lock. 86 - NOTHING clever should be made under this lock: no callbacks 87 to protocol backends, no attempts to send something to network. 88 It will result in deadlocks, if backend/driver wants to use neighbour 89 cache. 90 - If the entry requires some non-trivial actions, increase 91 its reference count and release table lock. 92 93 Neighbour entries are protected: 94 - with reference count. 95 - with rwlock neigh->lock 96 97 Reference count prevents destruction. 98 99 neigh->lock mainly serializes ll address data and its validity state. 100 However, the same lock is used to protect another entry fields: 101 - timer 102 - resolution queue 103 104 Again, nothing clever shall be made under neigh->lock, 105 the most complicated procedure, which we allow is dev->hard_header. 106 It is supposed, that dev->hard_header is simplistic and does 107 not make callbacks to neighbour tables. 108 */ 109 110 static int neigh_blackhole(struct neighbour *neigh, struct sk_buff *skb) 111 { 112 kfree_skb(skb); 113 return -ENETDOWN; 114 } 115 116 static void neigh_cleanup_and_release(struct neighbour *neigh) 117 { 118 trace_neigh_cleanup_and_release(neigh, 0); 119 __neigh_notify(neigh, RTM_DELNEIGH, 0, 0); 120 call_netevent_notifiers(NETEVENT_NEIGH_UPDATE, neigh); 121 neigh_release(neigh); 122 } 123 124 /* 125 * It is random distribution in the interval (1/2)*base...(3/2)*base. 126 * It corresponds to default IPv6 settings and is not overridable, 127 * because it is really reasonable choice. 128 */ 129 130 unsigned long neigh_rand_reach_time(unsigned long base) 131 { 132 return base ? get_random_u32_below(base) + (base >> 1) : 0; 133 } 134 EXPORT_SYMBOL(neigh_rand_reach_time); 135 136 static void neigh_mark_dead(struct neighbour *n) 137 { 138 n->dead = 1; 139 if (!list_empty(&n->gc_list)) { 140 list_del_init(&n->gc_list); 141 atomic_dec(&n->tbl->gc_entries); 142 } 143 if (!list_empty(&n->managed_list)) 144 list_del_init(&n->managed_list); 145 } 146 147 static void neigh_update_gc_list(struct neighbour *n) 148 { 149 bool on_gc_list, exempt_from_gc; 150 151 write_lock_bh(&n->tbl->lock); 152 write_lock(&n->lock); 153 if (n->dead) 154 goto out; 155 156 /* remove from the gc list if new state is permanent or if neighbor 157 * is externally learned; otherwise entry should be on the gc list 158 */ 159 exempt_from_gc = n->nud_state & NUD_PERMANENT || 160 n->flags & NTF_EXT_LEARNED; 161 on_gc_list = !list_empty(&n->gc_list); 162 163 if (exempt_from_gc && on_gc_list) { 164 list_del_init(&n->gc_list); 165 atomic_dec(&n->tbl->gc_entries); 166 } else if (!exempt_from_gc && !on_gc_list) { 167 /* add entries to the tail; cleaning removes from the front */ 168 list_add_tail(&n->gc_list, &n->tbl->gc_list); 169 atomic_inc(&n->tbl->gc_entries); 170 } 171 out: 172 write_unlock(&n->lock); 173 write_unlock_bh(&n->tbl->lock); 174 } 175 176 static void neigh_update_managed_list(struct neighbour *n) 177 { 178 bool on_managed_list, add_to_managed; 179 180 write_lock_bh(&n->tbl->lock); 181 write_lock(&n->lock); 182 if (n->dead) 183 goto out; 184 185 add_to_managed = n->flags & NTF_MANAGED; 186 on_managed_list = !list_empty(&n->managed_list); 187 188 if (!add_to_managed && on_managed_list) 189 list_del_init(&n->managed_list); 190 else if (add_to_managed && !on_managed_list) 191 list_add_tail(&n->managed_list, &n->tbl->managed_list); 192 out: 193 write_unlock(&n->lock); 194 write_unlock_bh(&n->tbl->lock); 195 } 196 197 static void neigh_update_flags(struct neighbour *neigh, u32 flags, int *notify, 198 bool *gc_update, bool *managed_update) 199 { 200 u32 ndm_flags, old_flags = neigh->flags; 201 202 if (!(flags & NEIGH_UPDATE_F_ADMIN)) 203 return; 204 205 ndm_flags = (flags & NEIGH_UPDATE_F_EXT_LEARNED) ? NTF_EXT_LEARNED : 0; 206 ndm_flags |= (flags & NEIGH_UPDATE_F_MANAGED) ? NTF_MANAGED : 0; 207 208 if ((old_flags ^ ndm_flags) & NTF_EXT_LEARNED) { 209 if (ndm_flags & NTF_EXT_LEARNED) 210 neigh->flags |= NTF_EXT_LEARNED; 211 else 212 neigh->flags &= ~NTF_EXT_LEARNED; 213 *notify = 1; 214 *gc_update = true; 215 } 216 if ((old_flags ^ ndm_flags) & NTF_MANAGED) { 217 if (ndm_flags & NTF_MANAGED) 218 neigh->flags |= NTF_MANAGED; 219 else 220 neigh->flags &= ~NTF_MANAGED; 221 *notify = 1; 222 *managed_update = true; 223 } 224 } 225 226 bool neigh_remove_one(struct neighbour *n) 227 { 228 bool retval = false; 229 230 write_lock(&n->lock); 231 if (refcount_read(&n->refcnt) == 1) { 232 hlist_del_rcu(&n->hash); 233 hlist_del_rcu(&n->dev_list); 234 neigh_mark_dead(n); 235 retval = true; 236 } 237 write_unlock(&n->lock); 238 if (retval) 239 neigh_cleanup_and_release(n); 240 return retval; 241 } 242 243 static int neigh_forced_gc(struct neigh_table *tbl) 244 { 245 int max_clean = atomic_read(&tbl->gc_entries) - 246 READ_ONCE(tbl->gc_thresh2); 247 u64 tmax = ktime_get_ns() + NSEC_PER_MSEC; 248 unsigned long tref = jiffies - 5 * HZ; 249 struct neighbour *n, *tmp; 250 int shrunk = 0; 251 int loop = 0; 252 253 NEIGH_CACHE_STAT_INC(tbl, forced_gc_runs); 254 255 write_lock_bh(&tbl->lock); 256 257 list_for_each_entry_safe(n, tmp, &tbl->gc_list, gc_list) { 258 if (refcount_read(&n->refcnt) == 1) { 259 bool remove = false; 260 261 write_lock(&n->lock); 262 if ((n->nud_state == NUD_FAILED) || 263 (n->nud_state == NUD_NOARP) || 264 (tbl->is_multicast && 265 tbl->is_multicast(n->primary_key)) || 266 !time_in_range(n->updated, tref, jiffies)) 267 remove = true; 268 write_unlock(&n->lock); 269 270 if (remove && neigh_remove_one(n)) 271 shrunk++; 272 if (shrunk >= max_clean) 273 break; 274 if (++loop == 16) { 275 if (ktime_get_ns() > tmax) 276 goto unlock; 277 loop = 0; 278 } 279 } 280 } 281 282 WRITE_ONCE(tbl->last_flush, jiffies); 283 unlock: 284 write_unlock_bh(&tbl->lock); 285 286 return shrunk; 287 } 288 289 static void neigh_add_timer(struct neighbour *n, unsigned long when) 290 { 291 /* Use safe distance from the jiffies - LONG_MAX point while timer 292 * is running in DELAY/PROBE state but still show to user space 293 * large times in the past. 294 */ 295 unsigned long mint = jiffies - (LONG_MAX - 86400 * HZ); 296 297 neigh_hold(n); 298 if (!time_in_range(n->confirmed, mint, jiffies)) 299 n->confirmed = mint; 300 if (time_before(n->used, n->confirmed)) 301 n->used = n->confirmed; 302 if (unlikely(mod_timer(&n->timer, when))) { 303 printk("NEIGH: BUG, double timer add, state is %x\n", 304 n->nud_state); 305 dump_stack(); 306 } 307 } 308 309 static int neigh_del_timer(struct neighbour *n) 310 { 311 if ((n->nud_state & NUD_IN_TIMER) && 312 timer_delete(&n->timer)) { 313 neigh_release(n); 314 return 1; 315 } 316 return 0; 317 } 318 319 static struct neigh_parms *neigh_get_dev_parms_rcu(struct net_device *dev, 320 int family) 321 { 322 switch (family) { 323 case AF_INET: 324 return __in_dev_arp_parms_get_rcu(dev); 325 case AF_INET6: 326 return __in6_dev_nd_parms_get_rcu(dev); 327 } 328 return NULL; 329 } 330 331 static void neigh_parms_qlen_dec(struct net_device *dev, int family) 332 { 333 struct neigh_parms *p; 334 335 rcu_read_lock(); 336 p = neigh_get_dev_parms_rcu(dev, family); 337 if (p) 338 p->qlen--; 339 rcu_read_unlock(); 340 } 341 342 static void pneigh_queue_purge(struct sk_buff_head *list, struct net *net, 343 int family) 344 { 345 struct sk_buff_head tmp; 346 unsigned long flags; 347 struct sk_buff *skb; 348 349 skb_queue_head_init(&tmp); 350 spin_lock_irqsave(&list->lock, flags); 351 skb = skb_peek(list); 352 while (skb != NULL) { 353 struct sk_buff *skb_next = skb_peek_next(skb, list); 354 struct net_device *dev = skb->dev; 355 356 if (net == NULL || net_eq(dev_net(dev), net)) { 357 neigh_parms_qlen_dec(dev, family); 358 __skb_unlink(skb, list); 359 __skb_queue_tail(&tmp, skb); 360 } 361 skb = skb_next; 362 } 363 spin_unlock_irqrestore(&list->lock, flags); 364 365 while ((skb = __skb_dequeue(&tmp))) { 366 dev_put(skb->dev); 367 kfree_skb(skb); 368 } 369 } 370 371 static void neigh_flush_dev(struct neigh_table *tbl, struct net_device *dev, 372 bool skip_perm) 373 { 374 struct hlist_head *dev_head; 375 struct hlist_node *tmp; 376 struct neighbour *n; 377 378 dev_head = neigh_get_dev_table(dev, tbl->family); 379 380 hlist_for_each_entry_safe(n, tmp, dev_head, dev_list) { 381 if (skip_perm && n->nud_state & NUD_PERMANENT) 382 continue; 383 384 hlist_del_rcu(&n->hash); 385 hlist_del_rcu(&n->dev_list); 386 write_lock(&n->lock); 387 neigh_del_timer(n); 388 neigh_mark_dead(n); 389 if (refcount_read(&n->refcnt) != 1) { 390 /* The most unpleasant situation. 391 * We must destroy neighbour entry, 392 * but someone still uses it. 393 * 394 * The destroy will be delayed until 395 * the last user releases us, but 396 * we must kill timers etc. and move 397 * it to safe state. 398 */ 399 __skb_queue_purge(&n->arp_queue); 400 n->arp_queue_len_bytes = 0; 401 WRITE_ONCE(n->output, neigh_blackhole); 402 if (n->nud_state & NUD_VALID) 403 n->nud_state = NUD_NOARP; 404 else 405 n->nud_state = NUD_NONE; 406 neigh_dbg(2, "neigh %p is stray\n", n); 407 } 408 write_unlock(&n->lock); 409 neigh_cleanup_and_release(n); 410 } 411 } 412 413 void neigh_changeaddr(struct neigh_table *tbl, struct net_device *dev) 414 { 415 write_lock_bh(&tbl->lock); 416 neigh_flush_dev(tbl, dev, false); 417 write_unlock_bh(&tbl->lock); 418 } 419 EXPORT_SYMBOL(neigh_changeaddr); 420 421 static int __neigh_ifdown(struct neigh_table *tbl, struct net_device *dev, 422 bool skip_perm) 423 { 424 write_lock_bh(&tbl->lock); 425 neigh_flush_dev(tbl, dev, skip_perm); 426 pneigh_ifdown_and_unlock(tbl, dev); 427 pneigh_queue_purge(&tbl->proxy_queue, dev ? dev_net(dev) : NULL, 428 tbl->family); 429 if (skb_queue_empty_lockless(&tbl->proxy_queue)) 430 timer_delete_sync(&tbl->proxy_timer); 431 return 0; 432 } 433 434 int neigh_carrier_down(struct neigh_table *tbl, struct net_device *dev) 435 { 436 __neigh_ifdown(tbl, dev, true); 437 return 0; 438 } 439 EXPORT_SYMBOL(neigh_carrier_down); 440 441 int neigh_ifdown(struct neigh_table *tbl, struct net_device *dev) 442 { 443 __neigh_ifdown(tbl, dev, false); 444 return 0; 445 } 446 EXPORT_SYMBOL(neigh_ifdown); 447 448 static struct neighbour *neigh_alloc(struct neigh_table *tbl, 449 struct net_device *dev, 450 u32 flags, bool exempt_from_gc) 451 { 452 struct neighbour *n = NULL; 453 unsigned long now = jiffies; 454 int entries, gc_thresh3; 455 456 if (exempt_from_gc) 457 goto do_alloc; 458 459 entries = atomic_inc_return(&tbl->gc_entries) - 1; 460 gc_thresh3 = READ_ONCE(tbl->gc_thresh3); 461 if (entries >= gc_thresh3 || 462 (entries >= READ_ONCE(tbl->gc_thresh2) && 463 time_after(now, READ_ONCE(tbl->last_flush) + 5 * HZ))) { 464 if (!neigh_forced_gc(tbl) && entries >= gc_thresh3) { 465 net_info_ratelimited("%s: neighbor table overflow!\n", 466 tbl->id); 467 NEIGH_CACHE_STAT_INC(tbl, table_fulls); 468 goto out_entries; 469 } 470 } 471 472 do_alloc: 473 n = kzalloc(tbl->entry_size + dev->neigh_priv_len, GFP_ATOMIC); 474 if (!n) 475 goto out_entries; 476 477 __skb_queue_head_init(&n->arp_queue); 478 rwlock_init(&n->lock); 479 seqlock_init(&n->ha_lock); 480 n->updated = n->used = now; 481 n->nud_state = NUD_NONE; 482 n->output = neigh_blackhole; 483 n->flags = flags; 484 seqlock_init(&n->hh.hh_lock); 485 n->parms = neigh_parms_clone(&tbl->parms); 486 timer_setup(&n->timer, neigh_timer_handler, 0); 487 488 NEIGH_CACHE_STAT_INC(tbl, allocs); 489 n->tbl = tbl; 490 refcount_set(&n->refcnt, 1); 491 n->dead = 1; 492 INIT_LIST_HEAD(&n->gc_list); 493 INIT_LIST_HEAD(&n->managed_list); 494 495 atomic_inc(&tbl->entries); 496 out: 497 return n; 498 499 out_entries: 500 if (!exempt_from_gc) 501 atomic_dec(&tbl->gc_entries); 502 goto out; 503 } 504 505 static void neigh_get_hash_rnd(u32 *x) 506 { 507 *x = get_random_u32() | 1; 508 } 509 510 static struct neigh_hash_table *neigh_hash_alloc(unsigned int shift) 511 { 512 size_t size = (1 << shift) * sizeof(struct hlist_head); 513 struct hlist_head *hash_heads; 514 struct neigh_hash_table *ret; 515 int i; 516 517 ret = kmalloc(sizeof(*ret), GFP_ATOMIC); 518 if (!ret) 519 return NULL; 520 521 hash_heads = kzalloc(size, GFP_ATOMIC); 522 if (!hash_heads) { 523 kfree(ret); 524 return NULL; 525 } 526 ret->hash_heads = hash_heads; 527 ret->hash_shift = shift; 528 for (i = 0; i < NEIGH_NUM_HASH_RND; i++) 529 neigh_get_hash_rnd(&ret->hash_rnd[i]); 530 return ret; 531 } 532 533 static void neigh_hash_free_rcu(struct rcu_head *head) 534 { 535 struct neigh_hash_table *nht = container_of(head, 536 struct neigh_hash_table, 537 rcu); 538 539 kfree(nht->hash_heads); 540 kfree(nht); 541 } 542 543 static struct neigh_hash_table *neigh_hash_grow(struct neigh_table *tbl, 544 unsigned long new_shift) 545 { 546 unsigned int i, hash; 547 struct neigh_hash_table *new_nht, *old_nht; 548 549 NEIGH_CACHE_STAT_INC(tbl, hash_grows); 550 551 old_nht = rcu_dereference_protected(tbl->nht, 552 lockdep_is_held(&tbl->lock)); 553 new_nht = neigh_hash_alloc(new_shift); 554 if (!new_nht) 555 return old_nht; 556 557 for (i = 0; i < (1 << old_nht->hash_shift); i++) { 558 struct hlist_node *tmp; 559 struct neighbour *n; 560 561 neigh_for_each_in_bucket_safe(n, tmp, &old_nht->hash_heads[i]) { 562 hash = tbl->hash(n->primary_key, n->dev, 563 new_nht->hash_rnd); 564 565 hash >>= (32 - new_nht->hash_shift); 566 567 hlist_del_rcu(&n->hash); 568 hlist_add_head_rcu(&n->hash, &new_nht->hash_heads[hash]); 569 } 570 } 571 572 rcu_assign_pointer(tbl->nht, new_nht); 573 call_rcu(&old_nht->rcu, neigh_hash_free_rcu); 574 return new_nht; 575 } 576 577 struct neighbour *neigh_lookup(struct neigh_table *tbl, const void *pkey, 578 struct net_device *dev) 579 { 580 struct neighbour *n; 581 582 NEIGH_CACHE_STAT_INC(tbl, lookups); 583 584 rcu_read_lock(); 585 n = __neigh_lookup_noref(tbl, pkey, dev); 586 if (n) { 587 if (!refcount_inc_not_zero(&n->refcnt)) 588 n = NULL; 589 NEIGH_CACHE_STAT_INC(tbl, hits); 590 } 591 592 rcu_read_unlock(); 593 return n; 594 } 595 EXPORT_SYMBOL(neigh_lookup); 596 597 static struct neighbour * 598 ___neigh_create(struct neigh_table *tbl, const void *pkey, 599 struct net_device *dev, u32 flags, 600 bool exempt_from_gc, bool want_ref) 601 { 602 u32 hash_val, key_len = tbl->key_len; 603 struct neighbour *n1, *rc, *n; 604 struct neigh_hash_table *nht; 605 int error; 606 607 n = neigh_alloc(tbl, dev, flags, exempt_from_gc); 608 trace_neigh_create(tbl, dev, pkey, n, exempt_from_gc); 609 if (!n) { 610 rc = ERR_PTR(-ENOBUFS); 611 goto out; 612 } 613 614 memcpy(n->primary_key, pkey, key_len); 615 n->dev = dev; 616 netdev_hold(dev, &n->dev_tracker, GFP_ATOMIC); 617 618 /* Protocol specific setup. */ 619 if (tbl->constructor && (error = tbl->constructor(n)) < 0) { 620 rc = ERR_PTR(error); 621 goto out_neigh_release; 622 } 623 624 if (dev->netdev_ops->ndo_neigh_construct) { 625 error = dev->netdev_ops->ndo_neigh_construct(dev, n); 626 if (error < 0) { 627 rc = ERR_PTR(error); 628 goto out_neigh_release; 629 } 630 } 631 632 /* Device specific setup. */ 633 if (n->parms->neigh_setup && 634 (error = n->parms->neigh_setup(n)) < 0) { 635 rc = ERR_PTR(error); 636 goto out_neigh_release; 637 } 638 639 n->confirmed = jiffies - (NEIGH_VAR(n->parms, BASE_REACHABLE_TIME) << 1); 640 641 write_lock_bh(&tbl->lock); 642 nht = rcu_dereference_protected(tbl->nht, 643 lockdep_is_held(&tbl->lock)); 644 645 if (atomic_read(&tbl->entries) > (1 << nht->hash_shift)) 646 nht = neigh_hash_grow(tbl, nht->hash_shift + 1); 647 648 hash_val = tbl->hash(n->primary_key, dev, nht->hash_rnd) >> (32 - nht->hash_shift); 649 650 if (n->parms->dead) { 651 rc = ERR_PTR(-EINVAL); 652 goto out_tbl_unlock; 653 } 654 655 neigh_for_each_in_bucket(n1, &nht->hash_heads[hash_val]) { 656 if (dev == n1->dev && !memcmp(n1->primary_key, n->primary_key, key_len)) { 657 if (want_ref) 658 neigh_hold(n1); 659 rc = n1; 660 goto out_tbl_unlock; 661 } 662 } 663 664 n->dead = 0; 665 if (!exempt_from_gc) 666 list_add_tail(&n->gc_list, &n->tbl->gc_list); 667 if (n->flags & NTF_MANAGED) 668 list_add_tail(&n->managed_list, &n->tbl->managed_list); 669 if (want_ref) 670 neigh_hold(n); 671 hlist_add_head_rcu(&n->hash, &nht->hash_heads[hash_val]); 672 673 hlist_add_head_rcu(&n->dev_list, 674 neigh_get_dev_table(dev, tbl->family)); 675 676 write_unlock_bh(&tbl->lock); 677 neigh_dbg(2, "neigh %p is created\n", n); 678 rc = n; 679 out: 680 return rc; 681 out_tbl_unlock: 682 write_unlock_bh(&tbl->lock); 683 out_neigh_release: 684 if (!exempt_from_gc) 685 atomic_dec(&tbl->gc_entries); 686 neigh_release(n); 687 goto out; 688 } 689 690 struct neighbour *__neigh_create(struct neigh_table *tbl, const void *pkey, 691 struct net_device *dev, bool want_ref) 692 { 693 bool exempt_from_gc = !!(dev->flags & IFF_LOOPBACK); 694 695 return ___neigh_create(tbl, pkey, dev, 0, exempt_from_gc, want_ref); 696 } 697 EXPORT_SYMBOL(__neigh_create); 698 699 static u32 pneigh_hash(const void *pkey, unsigned int key_len) 700 { 701 u32 hash_val = *(u32 *)(pkey + key_len - 4); 702 hash_val ^= (hash_val >> 16); 703 hash_val ^= hash_val >> 8; 704 hash_val ^= hash_val >> 4; 705 hash_val &= PNEIGH_HASHMASK; 706 return hash_val; 707 } 708 709 static struct pneigh_entry *__pneigh_lookup_1(struct pneigh_entry *n, 710 struct net *net, 711 const void *pkey, 712 unsigned int key_len, 713 struct net_device *dev) 714 { 715 while (n) { 716 if (!memcmp(n->key, pkey, key_len) && 717 net_eq(pneigh_net(n), net) && 718 (n->dev == dev || !n->dev)) 719 return n; 720 n = n->next; 721 } 722 return NULL; 723 } 724 725 struct pneigh_entry *__pneigh_lookup(struct neigh_table *tbl, 726 struct net *net, const void *pkey, struct net_device *dev) 727 { 728 unsigned int key_len = tbl->key_len; 729 u32 hash_val = pneigh_hash(pkey, key_len); 730 731 return __pneigh_lookup_1(tbl->phash_buckets[hash_val], 732 net, pkey, key_len, dev); 733 } 734 EXPORT_SYMBOL_GPL(__pneigh_lookup); 735 736 struct pneigh_entry * pneigh_lookup(struct neigh_table *tbl, 737 struct net *net, const void *pkey, 738 struct net_device *dev, int creat) 739 { 740 struct pneigh_entry *n; 741 unsigned int key_len = tbl->key_len; 742 u32 hash_val = pneigh_hash(pkey, key_len); 743 744 read_lock_bh(&tbl->lock); 745 n = __pneigh_lookup_1(tbl->phash_buckets[hash_val], 746 net, pkey, key_len, dev); 747 read_unlock_bh(&tbl->lock); 748 749 if (n || !creat) 750 goto out; 751 752 ASSERT_RTNL(); 753 754 n = kzalloc(sizeof(*n) + key_len, GFP_KERNEL); 755 if (!n) 756 goto out; 757 758 write_pnet(&n->net, net); 759 memcpy(n->key, pkey, key_len); 760 n->dev = dev; 761 netdev_hold(dev, &n->dev_tracker, GFP_KERNEL); 762 763 if (tbl->pconstructor && tbl->pconstructor(n)) { 764 netdev_put(dev, &n->dev_tracker); 765 kfree(n); 766 n = NULL; 767 goto out; 768 } 769 770 write_lock_bh(&tbl->lock); 771 n->next = tbl->phash_buckets[hash_val]; 772 tbl->phash_buckets[hash_val] = n; 773 write_unlock_bh(&tbl->lock); 774 out: 775 return n; 776 } 777 EXPORT_SYMBOL(pneigh_lookup); 778 779 780 int pneigh_delete(struct neigh_table *tbl, struct net *net, const void *pkey, 781 struct net_device *dev) 782 { 783 struct pneigh_entry *n, **np; 784 unsigned int key_len = tbl->key_len; 785 u32 hash_val = pneigh_hash(pkey, key_len); 786 787 write_lock_bh(&tbl->lock); 788 for (np = &tbl->phash_buckets[hash_val]; (n = *np) != NULL; 789 np = &n->next) { 790 if (!memcmp(n->key, pkey, key_len) && n->dev == dev && 791 net_eq(pneigh_net(n), net)) { 792 *np = n->next; 793 write_unlock_bh(&tbl->lock); 794 if (tbl->pdestructor) 795 tbl->pdestructor(n); 796 netdev_put(n->dev, &n->dev_tracker); 797 kfree(n); 798 return 0; 799 } 800 } 801 write_unlock_bh(&tbl->lock); 802 return -ENOENT; 803 } 804 805 static int pneigh_ifdown_and_unlock(struct neigh_table *tbl, 806 struct net_device *dev) 807 { 808 struct pneigh_entry *n, **np, *freelist = NULL; 809 u32 h; 810 811 for (h = 0; h <= PNEIGH_HASHMASK; h++) { 812 np = &tbl->phash_buckets[h]; 813 while ((n = *np) != NULL) { 814 if (!dev || n->dev == dev) { 815 *np = n->next; 816 n->next = freelist; 817 freelist = n; 818 continue; 819 } 820 np = &n->next; 821 } 822 } 823 write_unlock_bh(&tbl->lock); 824 while ((n = freelist)) { 825 freelist = n->next; 826 n->next = NULL; 827 if (tbl->pdestructor) 828 tbl->pdestructor(n); 829 netdev_put(n->dev, &n->dev_tracker); 830 kfree(n); 831 } 832 return -ENOENT; 833 } 834 835 static inline void neigh_parms_put(struct neigh_parms *parms) 836 { 837 if (refcount_dec_and_test(&parms->refcnt)) 838 kfree(parms); 839 } 840 841 /* 842 * neighbour must already be out of the table; 843 * 844 */ 845 void neigh_destroy(struct neighbour *neigh) 846 { 847 struct net_device *dev = neigh->dev; 848 849 NEIGH_CACHE_STAT_INC(neigh->tbl, destroys); 850 851 if (!neigh->dead) { 852 pr_warn("Destroying alive neighbour %p\n", neigh); 853 dump_stack(); 854 return; 855 } 856 857 if (neigh_del_timer(neigh)) 858 pr_warn("Impossible event\n"); 859 860 write_lock_bh(&neigh->lock); 861 __skb_queue_purge(&neigh->arp_queue); 862 write_unlock_bh(&neigh->lock); 863 neigh->arp_queue_len_bytes = 0; 864 865 if (dev->netdev_ops->ndo_neigh_destroy) 866 dev->netdev_ops->ndo_neigh_destroy(dev, neigh); 867 868 netdev_put(dev, &neigh->dev_tracker); 869 neigh_parms_put(neigh->parms); 870 871 neigh_dbg(2, "neigh %p is destroyed\n", neigh); 872 873 atomic_dec(&neigh->tbl->entries); 874 kfree_rcu(neigh, rcu); 875 } 876 EXPORT_SYMBOL(neigh_destroy); 877 878 /* Neighbour state is suspicious; 879 disable fast path. 880 881 Called with write_locked neigh. 882 */ 883 static void neigh_suspect(struct neighbour *neigh) 884 { 885 neigh_dbg(2, "neigh %p is suspected\n", neigh); 886 887 WRITE_ONCE(neigh->output, neigh->ops->output); 888 } 889 890 /* Neighbour state is OK; 891 enable fast path. 892 893 Called with write_locked neigh. 894 */ 895 static void neigh_connect(struct neighbour *neigh) 896 { 897 neigh_dbg(2, "neigh %p is connected\n", neigh); 898 899 WRITE_ONCE(neigh->output, neigh->ops->connected_output); 900 } 901 902 static void neigh_periodic_work(struct work_struct *work) 903 { 904 struct neigh_table *tbl = container_of(work, struct neigh_table, gc_work.work); 905 struct neigh_hash_table *nht; 906 struct hlist_node *tmp; 907 struct neighbour *n; 908 unsigned int i; 909 910 NEIGH_CACHE_STAT_INC(tbl, periodic_gc_runs); 911 912 write_lock_bh(&tbl->lock); 913 nht = rcu_dereference_protected(tbl->nht, 914 lockdep_is_held(&tbl->lock)); 915 916 /* 917 * periodically recompute ReachableTime from random function 918 */ 919 920 if (time_after(jiffies, tbl->last_rand + 300 * HZ)) { 921 struct neigh_parms *p; 922 923 WRITE_ONCE(tbl->last_rand, jiffies); 924 list_for_each_entry(p, &tbl->parms_list, list) 925 p->reachable_time = 926 neigh_rand_reach_time(NEIGH_VAR(p, BASE_REACHABLE_TIME)); 927 } 928 929 if (atomic_read(&tbl->entries) < READ_ONCE(tbl->gc_thresh1)) 930 goto out; 931 932 for (i = 0 ; i < (1 << nht->hash_shift); i++) { 933 neigh_for_each_in_bucket_safe(n, tmp, &nht->hash_heads[i]) { 934 unsigned int state; 935 936 write_lock(&n->lock); 937 938 state = n->nud_state; 939 if ((state & (NUD_PERMANENT | NUD_IN_TIMER)) || 940 (n->flags & NTF_EXT_LEARNED)) { 941 write_unlock(&n->lock); 942 continue; 943 } 944 945 if (time_before(n->used, n->confirmed) && 946 time_is_before_eq_jiffies(n->confirmed)) 947 n->used = n->confirmed; 948 949 if (refcount_read(&n->refcnt) == 1 && 950 (state == NUD_FAILED || 951 !time_in_range_open(jiffies, n->used, 952 n->used + NEIGH_VAR(n->parms, GC_STALETIME)))) { 953 hlist_del_rcu(&n->hash); 954 hlist_del_rcu(&n->dev_list); 955 neigh_mark_dead(n); 956 write_unlock(&n->lock); 957 neigh_cleanup_and_release(n); 958 continue; 959 } 960 write_unlock(&n->lock); 961 } 962 /* 963 * It's fine to release lock here, even if hash table 964 * grows while we are preempted. 965 */ 966 write_unlock_bh(&tbl->lock); 967 cond_resched(); 968 write_lock_bh(&tbl->lock); 969 nht = rcu_dereference_protected(tbl->nht, 970 lockdep_is_held(&tbl->lock)); 971 } 972 out: 973 /* Cycle through all hash buckets every BASE_REACHABLE_TIME/2 ticks. 974 * ARP entry timeouts range from 1/2 BASE_REACHABLE_TIME to 3/2 975 * BASE_REACHABLE_TIME. 976 */ 977 queue_delayed_work(system_power_efficient_wq, &tbl->gc_work, 978 NEIGH_VAR(&tbl->parms, BASE_REACHABLE_TIME) >> 1); 979 write_unlock_bh(&tbl->lock); 980 } 981 982 static __inline__ int neigh_max_probes(struct neighbour *n) 983 { 984 struct neigh_parms *p = n->parms; 985 return NEIGH_VAR(p, UCAST_PROBES) + NEIGH_VAR(p, APP_PROBES) + 986 (n->nud_state & NUD_PROBE ? NEIGH_VAR(p, MCAST_REPROBES) : 987 NEIGH_VAR(p, MCAST_PROBES)); 988 } 989 990 static void neigh_invalidate(struct neighbour *neigh) 991 __releases(neigh->lock) 992 __acquires(neigh->lock) 993 { 994 struct sk_buff *skb; 995 996 NEIGH_CACHE_STAT_INC(neigh->tbl, res_failed); 997 neigh_dbg(2, "neigh %p is failed\n", neigh); 998 neigh->updated = jiffies; 999 1000 /* It is very thin place. report_unreachable is very complicated 1001 routine. Particularly, it can hit the same neighbour entry! 1002 1003 So that, we try to be accurate and avoid dead loop. --ANK 1004 */ 1005 while (neigh->nud_state == NUD_FAILED && 1006 (skb = __skb_dequeue(&neigh->arp_queue)) != NULL) { 1007 write_unlock(&neigh->lock); 1008 neigh->ops->error_report(neigh, skb); 1009 write_lock(&neigh->lock); 1010 } 1011 __skb_queue_purge(&neigh->arp_queue); 1012 neigh->arp_queue_len_bytes = 0; 1013 } 1014 1015 static void neigh_probe(struct neighbour *neigh) 1016 __releases(neigh->lock) 1017 { 1018 struct sk_buff *skb = skb_peek_tail(&neigh->arp_queue); 1019 /* keep skb alive even if arp_queue overflows */ 1020 if (skb) 1021 skb = skb_clone(skb, GFP_ATOMIC); 1022 write_unlock(&neigh->lock); 1023 if (neigh->ops->solicit) 1024 neigh->ops->solicit(neigh, skb); 1025 atomic_inc(&neigh->probes); 1026 consume_skb(skb); 1027 } 1028 1029 /* Called when a timer expires for a neighbour entry. */ 1030 1031 static void neigh_timer_handler(struct timer_list *t) 1032 { 1033 unsigned long now, next; 1034 struct neighbour *neigh = from_timer(neigh, t, timer); 1035 unsigned int state; 1036 int notify = 0; 1037 1038 write_lock(&neigh->lock); 1039 1040 state = neigh->nud_state; 1041 now = jiffies; 1042 next = now + HZ; 1043 1044 if (!(state & NUD_IN_TIMER)) 1045 goto out; 1046 1047 if (state & NUD_REACHABLE) { 1048 if (time_before_eq(now, 1049 neigh->confirmed + neigh->parms->reachable_time)) { 1050 neigh_dbg(2, "neigh %p is still alive\n", neigh); 1051 next = neigh->confirmed + neigh->parms->reachable_time; 1052 } else if (time_before_eq(now, 1053 neigh->used + 1054 NEIGH_VAR(neigh->parms, DELAY_PROBE_TIME))) { 1055 neigh_dbg(2, "neigh %p is delayed\n", neigh); 1056 WRITE_ONCE(neigh->nud_state, NUD_DELAY); 1057 neigh->updated = jiffies; 1058 neigh_suspect(neigh); 1059 next = now + NEIGH_VAR(neigh->parms, DELAY_PROBE_TIME); 1060 } else { 1061 neigh_dbg(2, "neigh %p is suspected\n", neigh); 1062 WRITE_ONCE(neigh->nud_state, NUD_STALE); 1063 neigh->updated = jiffies; 1064 neigh_suspect(neigh); 1065 notify = 1; 1066 } 1067 } else if (state & NUD_DELAY) { 1068 if (time_before_eq(now, 1069 neigh->confirmed + 1070 NEIGH_VAR(neigh->parms, DELAY_PROBE_TIME))) { 1071 neigh_dbg(2, "neigh %p is now reachable\n", neigh); 1072 WRITE_ONCE(neigh->nud_state, NUD_REACHABLE); 1073 neigh->updated = jiffies; 1074 neigh_connect(neigh); 1075 notify = 1; 1076 next = neigh->confirmed + neigh->parms->reachable_time; 1077 } else { 1078 neigh_dbg(2, "neigh %p is probed\n", neigh); 1079 WRITE_ONCE(neigh->nud_state, NUD_PROBE); 1080 neigh->updated = jiffies; 1081 atomic_set(&neigh->probes, 0); 1082 notify = 1; 1083 next = now + max(NEIGH_VAR(neigh->parms, RETRANS_TIME), 1084 HZ/100); 1085 } 1086 } else { 1087 /* NUD_PROBE|NUD_INCOMPLETE */ 1088 next = now + max(NEIGH_VAR(neigh->parms, RETRANS_TIME), HZ/100); 1089 } 1090 1091 if ((neigh->nud_state & (NUD_INCOMPLETE | NUD_PROBE)) && 1092 atomic_read(&neigh->probes) >= neigh_max_probes(neigh)) { 1093 WRITE_ONCE(neigh->nud_state, NUD_FAILED); 1094 notify = 1; 1095 neigh_invalidate(neigh); 1096 goto out; 1097 } 1098 1099 if (neigh->nud_state & NUD_IN_TIMER) { 1100 if (time_before(next, jiffies + HZ/100)) 1101 next = jiffies + HZ/100; 1102 if (!mod_timer(&neigh->timer, next)) 1103 neigh_hold(neigh); 1104 } 1105 if (neigh->nud_state & (NUD_INCOMPLETE | NUD_PROBE)) { 1106 neigh_probe(neigh); 1107 } else { 1108 out: 1109 write_unlock(&neigh->lock); 1110 } 1111 1112 if (notify) 1113 neigh_update_notify(neigh, 0); 1114 1115 trace_neigh_timer_handler(neigh, 0); 1116 1117 neigh_release(neigh); 1118 } 1119 1120 int __neigh_event_send(struct neighbour *neigh, struct sk_buff *skb, 1121 const bool immediate_ok) 1122 { 1123 int rc; 1124 bool immediate_probe = false; 1125 1126 write_lock_bh(&neigh->lock); 1127 1128 rc = 0; 1129 if (neigh->nud_state & (NUD_CONNECTED | NUD_DELAY | NUD_PROBE)) 1130 goto out_unlock_bh; 1131 if (neigh->dead) 1132 goto out_dead; 1133 1134 if (!(neigh->nud_state & (NUD_STALE | NUD_INCOMPLETE))) { 1135 if (NEIGH_VAR(neigh->parms, MCAST_PROBES) + 1136 NEIGH_VAR(neigh->parms, APP_PROBES)) { 1137 unsigned long next, now = jiffies; 1138 1139 atomic_set(&neigh->probes, 1140 NEIGH_VAR(neigh->parms, UCAST_PROBES)); 1141 neigh_del_timer(neigh); 1142 WRITE_ONCE(neigh->nud_state, NUD_INCOMPLETE); 1143 neigh->updated = now; 1144 if (!immediate_ok) { 1145 next = now + 1; 1146 } else { 1147 immediate_probe = true; 1148 next = now + max(NEIGH_VAR(neigh->parms, 1149 RETRANS_TIME), 1150 HZ / 100); 1151 } 1152 neigh_add_timer(neigh, next); 1153 } else { 1154 WRITE_ONCE(neigh->nud_state, NUD_FAILED); 1155 neigh->updated = jiffies; 1156 write_unlock_bh(&neigh->lock); 1157 1158 kfree_skb_reason(skb, SKB_DROP_REASON_NEIGH_FAILED); 1159 return 1; 1160 } 1161 } else if (neigh->nud_state & NUD_STALE) { 1162 neigh_dbg(2, "neigh %p is delayed\n", neigh); 1163 neigh_del_timer(neigh); 1164 WRITE_ONCE(neigh->nud_state, NUD_DELAY); 1165 neigh->updated = jiffies; 1166 neigh_add_timer(neigh, jiffies + 1167 NEIGH_VAR(neigh->parms, DELAY_PROBE_TIME)); 1168 } 1169 1170 if (neigh->nud_state == NUD_INCOMPLETE) { 1171 if (skb) { 1172 while (neigh->arp_queue_len_bytes + skb->truesize > 1173 NEIGH_VAR(neigh->parms, QUEUE_LEN_BYTES)) { 1174 struct sk_buff *buff; 1175 1176 buff = __skb_dequeue(&neigh->arp_queue); 1177 if (!buff) 1178 break; 1179 neigh->arp_queue_len_bytes -= buff->truesize; 1180 kfree_skb_reason(buff, SKB_DROP_REASON_NEIGH_QUEUEFULL); 1181 NEIGH_CACHE_STAT_INC(neigh->tbl, unres_discards); 1182 } 1183 skb_dst_force(skb); 1184 __skb_queue_tail(&neigh->arp_queue, skb); 1185 neigh->arp_queue_len_bytes += skb->truesize; 1186 } 1187 rc = 1; 1188 } 1189 out_unlock_bh: 1190 if (immediate_probe) 1191 neigh_probe(neigh); 1192 else 1193 write_unlock(&neigh->lock); 1194 local_bh_enable(); 1195 trace_neigh_event_send_done(neigh, rc); 1196 return rc; 1197 1198 out_dead: 1199 if (neigh->nud_state & NUD_STALE) 1200 goto out_unlock_bh; 1201 write_unlock_bh(&neigh->lock); 1202 kfree_skb_reason(skb, SKB_DROP_REASON_NEIGH_DEAD); 1203 trace_neigh_event_send_dead(neigh, 1); 1204 return 1; 1205 } 1206 EXPORT_SYMBOL(__neigh_event_send); 1207 1208 static void neigh_update_hhs(struct neighbour *neigh) 1209 { 1210 struct hh_cache *hh; 1211 void (*update)(struct hh_cache*, const struct net_device*, const unsigned char *) 1212 = NULL; 1213 1214 if (neigh->dev->header_ops) 1215 update = neigh->dev->header_ops->cache_update; 1216 1217 if (update) { 1218 hh = &neigh->hh; 1219 if (READ_ONCE(hh->hh_len)) { 1220 write_seqlock_bh(&hh->hh_lock); 1221 update(hh, neigh->dev, neigh->ha); 1222 write_sequnlock_bh(&hh->hh_lock); 1223 } 1224 } 1225 } 1226 1227 /* Generic update routine. 1228 -- lladdr is new lladdr or NULL, if it is not supplied. 1229 -- new is new state. 1230 -- flags 1231 NEIGH_UPDATE_F_OVERRIDE allows to override existing lladdr, 1232 if it is different. 1233 NEIGH_UPDATE_F_WEAK_OVERRIDE will suspect existing "connected" 1234 lladdr instead of overriding it 1235 if it is different. 1236 NEIGH_UPDATE_F_ADMIN means that the change is administrative. 1237 NEIGH_UPDATE_F_USE means that the entry is user triggered. 1238 NEIGH_UPDATE_F_MANAGED means that the entry will be auto-refreshed. 1239 NEIGH_UPDATE_F_OVERRIDE_ISROUTER allows to override existing 1240 NTF_ROUTER flag. 1241 NEIGH_UPDATE_F_ISROUTER indicates if the neighbour is known as 1242 a router. 1243 1244 Caller MUST hold reference count on the entry. 1245 */ 1246 static int __neigh_update(struct neighbour *neigh, const u8 *lladdr, 1247 u8 new, u32 flags, u32 nlmsg_pid, 1248 struct netlink_ext_ack *extack) 1249 { 1250 bool gc_update = false, managed_update = false; 1251 int update_isrouter = 0; 1252 struct net_device *dev; 1253 int err, notify = 0; 1254 u8 old; 1255 1256 trace_neigh_update(neigh, lladdr, new, flags, nlmsg_pid); 1257 1258 write_lock_bh(&neigh->lock); 1259 1260 dev = neigh->dev; 1261 old = neigh->nud_state; 1262 err = -EPERM; 1263 1264 if (neigh->dead) { 1265 NL_SET_ERR_MSG(extack, "Neighbor entry is now dead"); 1266 new = old; 1267 goto out; 1268 } 1269 if (!(flags & NEIGH_UPDATE_F_ADMIN) && 1270 (old & (NUD_NOARP | NUD_PERMANENT))) 1271 goto out; 1272 1273 neigh_update_flags(neigh, flags, ¬ify, &gc_update, &managed_update); 1274 if (flags & (NEIGH_UPDATE_F_USE | NEIGH_UPDATE_F_MANAGED)) { 1275 new = old & ~NUD_PERMANENT; 1276 WRITE_ONCE(neigh->nud_state, new); 1277 err = 0; 1278 goto out; 1279 } 1280 1281 if (!(new & NUD_VALID)) { 1282 neigh_del_timer(neigh); 1283 if (old & NUD_CONNECTED) 1284 neigh_suspect(neigh); 1285 WRITE_ONCE(neigh->nud_state, new); 1286 err = 0; 1287 notify = old & NUD_VALID; 1288 if ((old & (NUD_INCOMPLETE | NUD_PROBE)) && 1289 (new & NUD_FAILED)) { 1290 neigh_invalidate(neigh); 1291 notify = 1; 1292 } 1293 goto out; 1294 } 1295 1296 /* Compare new lladdr with cached one */ 1297 if (!dev->addr_len) { 1298 /* First case: device needs no address. */ 1299 lladdr = neigh->ha; 1300 } else if (lladdr) { 1301 /* The second case: if something is already cached 1302 and a new address is proposed: 1303 - compare new & old 1304 - if they are different, check override flag 1305 */ 1306 if ((old & NUD_VALID) && 1307 !memcmp(lladdr, neigh->ha, dev->addr_len)) 1308 lladdr = neigh->ha; 1309 } else { 1310 /* No address is supplied; if we know something, 1311 use it, otherwise discard the request. 1312 */ 1313 err = -EINVAL; 1314 if (!(old & NUD_VALID)) { 1315 NL_SET_ERR_MSG(extack, "No link layer address given"); 1316 goto out; 1317 } 1318 lladdr = neigh->ha; 1319 } 1320 1321 /* Update confirmed timestamp for neighbour entry after we 1322 * received ARP packet even if it doesn't change IP to MAC binding. 1323 */ 1324 if (new & NUD_CONNECTED) 1325 neigh->confirmed = jiffies; 1326 1327 /* If entry was valid and address is not changed, 1328 do not change entry state, if new one is STALE. 1329 */ 1330 err = 0; 1331 update_isrouter = flags & NEIGH_UPDATE_F_OVERRIDE_ISROUTER; 1332 if (old & NUD_VALID) { 1333 if (lladdr != neigh->ha && !(flags & NEIGH_UPDATE_F_OVERRIDE)) { 1334 update_isrouter = 0; 1335 if ((flags & NEIGH_UPDATE_F_WEAK_OVERRIDE) && 1336 (old & NUD_CONNECTED)) { 1337 lladdr = neigh->ha; 1338 new = NUD_STALE; 1339 } else 1340 goto out; 1341 } else { 1342 if (lladdr == neigh->ha && new == NUD_STALE && 1343 !(flags & NEIGH_UPDATE_F_ADMIN)) 1344 new = old; 1345 } 1346 } 1347 1348 /* Update timestamp only once we know we will make a change to the 1349 * neighbour entry. Otherwise we risk to move the locktime window with 1350 * noop updates and ignore relevant ARP updates. 1351 */ 1352 if (new != old || lladdr != neigh->ha) 1353 neigh->updated = jiffies; 1354 1355 if (new != old) { 1356 neigh_del_timer(neigh); 1357 if (new & NUD_PROBE) 1358 atomic_set(&neigh->probes, 0); 1359 if (new & NUD_IN_TIMER) 1360 neigh_add_timer(neigh, (jiffies + 1361 ((new & NUD_REACHABLE) ? 1362 neigh->parms->reachable_time : 1363 0))); 1364 WRITE_ONCE(neigh->nud_state, new); 1365 notify = 1; 1366 } 1367 1368 if (lladdr != neigh->ha) { 1369 write_seqlock(&neigh->ha_lock); 1370 memcpy(&neigh->ha, lladdr, dev->addr_len); 1371 write_sequnlock(&neigh->ha_lock); 1372 neigh_update_hhs(neigh); 1373 if (!(new & NUD_CONNECTED)) 1374 neigh->confirmed = jiffies - 1375 (NEIGH_VAR(neigh->parms, BASE_REACHABLE_TIME) << 1); 1376 notify = 1; 1377 } 1378 if (new == old) 1379 goto out; 1380 if (new & NUD_CONNECTED) 1381 neigh_connect(neigh); 1382 else 1383 neigh_suspect(neigh); 1384 if (!(old & NUD_VALID)) { 1385 struct sk_buff *skb; 1386 1387 /* Again: avoid dead loop if something went wrong */ 1388 1389 while (neigh->nud_state & NUD_VALID && 1390 (skb = __skb_dequeue(&neigh->arp_queue)) != NULL) { 1391 struct dst_entry *dst = skb_dst(skb); 1392 struct neighbour *n2, *n1 = neigh; 1393 write_unlock_bh(&neigh->lock); 1394 1395 rcu_read_lock(); 1396 1397 /* Why not just use 'neigh' as-is? The problem is that 1398 * things such as shaper, eql, and sch_teql can end up 1399 * using alternative, different, neigh objects to output 1400 * the packet in the output path. So what we need to do 1401 * here is re-lookup the top-level neigh in the path so 1402 * we can reinject the packet there. 1403 */ 1404 n2 = NULL; 1405 if (dst && dst->obsolete != DST_OBSOLETE_DEAD) { 1406 n2 = dst_neigh_lookup_skb(dst, skb); 1407 if (n2) 1408 n1 = n2; 1409 } 1410 READ_ONCE(n1->output)(n1, skb); 1411 if (n2) 1412 neigh_release(n2); 1413 rcu_read_unlock(); 1414 1415 write_lock_bh(&neigh->lock); 1416 } 1417 __skb_queue_purge(&neigh->arp_queue); 1418 neigh->arp_queue_len_bytes = 0; 1419 } 1420 out: 1421 if (update_isrouter) 1422 neigh_update_is_router(neigh, flags, ¬ify); 1423 write_unlock_bh(&neigh->lock); 1424 if (((new ^ old) & NUD_PERMANENT) || gc_update) 1425 neigh_update_gc_list(neigh); 1426 if (managed_update) 1427 neigh_update_managed_list(neigh); 1428 if (notify) 1429 neigh_update_notify(neigh, nlmsg_pid); 1430 trace_neigh_update_done(neigh, err); 1431 return err; 1432 } 1433 1434 int neigh_update(struct neighbour *neigh, const u8 *lladdr, u8 new, 1435 u32 flags, u32 nlmsg_pid) 1436 { 1437 return __neigh_update(neigh, lladdr, new, flags, nlmsg_pid, NULL); 1438 } 1439 EXPORT_SYMBOL(neigh_update); 1440 1441 /* Update the neigh to listen temporarily for probe responses, even if it is 1442 * in a NUD_FAILED state. The caller has to hold neigh->lock for writing. 1443 */ 1444 void __neigh_set_probe_once(struct neighbour *neigh) 1445 { 1446 if (neigh->dead) 1447 return; 1448 neigh->updated = jiffies; 1449 if (!(neigh->nud_state & NUD_FAILED)) 1450 return; 1451 WRITE_ONCE(neigh->nud_state, NUD_INCOMPLETE); 1452 atomic_set(&neigh->probes, neigh_max_probes(neigh)); 1453 neigh_add_timer(neigh, 1454 jiffies + max(NEIGH_VAR(neigh->parms, RETRANS_TIME), 1455 HZ/100)); 1456 } 1457 EXPORT_SYMBOL(__neigh_set_probe_once); 1458 1459 struct neighbour *neigh_event_ns(struct neigh_table *tbl, 1460 u8 *lladdr, void *saddr, 1461 struct net_device *dev) 1462 { 1463 struct neighbour *neigh = __neigh_lookup(tbl, saddr, dev, 1464 lladdr || !dev->addr_len); 1465 if (neigh) 1466 neigh_update(neigh, lladdr, NUD_STALE, 1467 NEIGH_UPDATE_F_OVERRIDE, 0); 1468 return neigh; 1469 } 1470 EXPORT_SYMBOL(neigh_event_ns); 1471 1472 /* called with read_lock_bh(&n->lock); */ 1473 static void neigh_hh_init(struct neighbour *n) 1474 { 1475 struct net_device *dev = n->dev; 1476 __be16 prot = n->tbl->protocol; 1477 struct hh_cache *hh = &n->hh; 1478 1479 write_lock_bh(&n->lock); 1480 1481 /* Only one thread can come in here and initialize the 1482 * hh_cache entry. 1483 */ 1484 if (!hh->hh_len) 1485 dev->header_ops->cache(n, hh, prot); 1486 1487 write_unlock_bh(&n->lock); 1488 } 1489 1490 /* Slow and careful. */ 1491 1492 int neigh_resolve_output(struct neighbour *neigh, struct sk_buff *skb) 1493 { 1494 int rc = 0; 1495 1496 if (!neigh_event_send(neigh, skb)) { 1497 int err; 1498 struct net_device *dev = neigh->dev; 1499 unsigned int seq; 1500 1501 if (dev->header_ops->cache && !READ_ONCE(neigh->hh.hh_len)) 1502 neigh_hh_init(neigh); 1503 1504 do { 1505 __skb_pull(skb, skb_network_offset(skb)); 1506 seq = read_seqbegin(&neigh->ha_lock); 1507 err = dev_hard_header(skb, dev, ntohs(skb->protocol), 1508 neigh->ha, NULL, skb->len); 1509 } while (read_seqretry(&neigh->ha_lock, seq)); 1510 1511 if (err >= 0) 1512 rc = dev_queue_xmit(skb); 1513 else 1514 goto out_kfree_skb; 1515 } 1516 out: 1517 return rc; 1518 out_kfree_skb: 1519 rc = -EINVAL; 1520 kfree_skb(skb); 1521 goto out; 1522 } 1523 EXPORT_SYMBOL(neigh_resolve_output); 1524 1525 /* As fast as possible without hh cache */ 1526 1527 int neigh_connected_output(struct neighbour *neigh, struct sk_buff *skb) 1528 { 1529 struct net_device *dev = neigh->dev; 1530 unsigned int seq; 1531 int err; 1532 1533 do { 1534 __skb_pull(skb, skb_network_offset(skb)); 1535 seq = read_seqbegin(&neigh->ha_lock); 1536 err = dev_hard_header(skb, dev, ntohs(skb->protocol), 1537 neigh->ha, NULL, skb->len); 1538 } while (read_seqretry(&neigh->ha_lock, seq)); 1539 1540 if (err >= 0) 1541 err = dev_queue_xmit(skb); 1542 else { 1543 err = -EINVAL; 1544 kfree_skb(skb); 1545 } 1546 return err; 1547 } 1548 EXPORT_SYMBOL(neigh_connected_output); 1549 1550 int neigh_direct_output(struct neighbour *neigh, struct sk_buff *skb) 1551 { 1552 return dev_queue_xmit(skb); 1553 } 1554 EXPORT_SYMBOL(neigh_direct_output); 1555 1556 static void neigh_managed_work(struct work_struct *work) 1557 { 1558 struct neigh_table *tbl = container_of(work, struct neigh_table, 1559 managed_work.work); 1560 struct neighbour *neigh; 1561 1562 write_lock_bh(&tbl->lock); 1563 list_for_each_entry(neigh, &tbl->managed_list, managed_list) 1564 neigh_event_send_probe(neigh, NULL, false); 1565 queue_delayed_work(system_power_efficient_wq, &tbl->managed_work, 1566 NEIGH_VAR(&tbl->parms, INTERVAL_PROBE_TIME_MS)); 1567 write_unlock_bh(&tbl->lock); 1568 } 1569 1570 static void neigh_proxy_process(struct timer_list *t) 1571 { 1572 struct neigh_table *tbl = from_timer(tbl, t, proxy_timer); 1573 long sched_next = 0; 1574 unsigned long now = jiffies; 1575 struct sk_buff *skb, *n; 1576 1577 spin_lock(&tbl->proxy_queue.lock); 1578 1579 skb_queue_walk_safe(&tbl->proxy_queue, skb, n) { 1580 long tdif = NEIGH_CB(skb)->sched_next - now; 1581 1582 if (tdif <= 0) { 1583 struct net_device *dev = skb->dev; 1584 1585 neigh_parms_qlen_dec(dev, tbl->family); 1586 __skb_unlink(skb, &tbl->proxy_queue); 1587 1588 if (tbl->proxy_redo && netif_running(dev)) { 1589 rcu_read_lock(); 1590 tbl->proxy_redo(skb); 1591 rcu_read_unlock(); 1592 } else { 1593 kfree_skb(skb); 1594 } 1595 1596 dev_put(dev); 1597 } else if (!sched_next || tdif < sched_next) 1598 sched_next = tdif; 1599 } 1600 timer_delete(&tbl->proxy_timer); 1601 if (sched_next) 1602 mod_timer(&tbl->proxy_timer, jiffies + sched_next); 1603 spin_unlock(&tbl->proxy_queue.lock); 1604 } 1605 1606 static unsigned long neigh_proxy_delay(struct neigh_parms *p) 1607 { 1608 /* If proxy_delay is zero, do not call get_random_u32_below() 1609 * as it is undefined behavior. 1610 */ 1611 unsigned long proxy_delay = NEIGH_VAR(p, PROXY_DELAY); 1612 1613 return proxy_delay ? 1614 jiffies + get_random_u32_below(proxy_delay) : jiffies; 1615 } 1616 1617 void pneigh_enqueue(struct neigh_table *tbl, struct neigh_parms *p, 1618 struct sk_buff *skb) 1619 { 1620 unsigned long sched_next = neigh_proxy_delay(p); 1621 1622 if (p->qlen > NEIGH_VAR(p, PROXY_QLEN)) { 1623 kfree_skb(skb); 1624 return; 1625 } 1626 1627 NEIGH_CB(skb)->sched_next = sched_next; 1628 NEIGH_CB(skb)->flags |= LOCALLY_ENQUEUED; 1629 1630 spin_lock(&tbl->proxy_queue.lock); 1631 if (timer_delete(&tbl->proxy_timer)) { 1632 if (time_before(tbl->proxy_timer.expires, sched_next)) 1633 sched_next = tbl->proxy_timer.expires; 1634 } 1635 skb_dst_drop(skb); 1636 dev_hold(skb->dev); 1637 __skb_queue_tail(&tbl->proxy_queue, skb); 1638 p->qlen++; 1639 mod_timer(&tbl->proxy_timer, sched_next); 1640 spin_unlock(&tbl->proxy_queue.lock); 1641 } 1642 EXPORT_SYMBOL(pneigh_enqueue); 1643 1644 static inline struct neigh_parms *lookup_neigh_parms(struct neigh_table *tbl, 1645 struct net *net, int ifindex) 1646 { 1647 struct neigh_parms *p; 1648 1649 list_for_each_entry(p, &tbl->parms_list, list) { 1650 if ((p->dev && p->dev->ifindex == ifindex && net_eq(neigh_parms_net(p), net)) || 1651 (!p->dev && !ifindex && net_eq(net, &init_net))) 1652 return p; 1653 } 1654 1655 return NULL; 1656 } 1657 1658 struct neigh_parms *neigh_parms_alloc(struct net_device *dev, 1659 struct neigh_table *tbl) 1660 { 1661 struct neigh_parms *p; 1662 struct net *net = dev_net(dev); 1663 const struct net_device_ops *ops = dev->netdev_ops; 1664 1665 p = kmemdup(&tbl->parms, sizeof(*p), GFP_KERNEL); 1666 if (p) { 1667 p->tbl = tbl; 1668 refcount_set(&p->refcnt, 1); 1669 p->reachable_time = 1670 neigh_rand_reach_time(NEIGH_VAR(p, BASE_REACHABLE_TIME)); 1671 p->qlen = 0; 1672 netdev_hold(dev, &p->dev_tracker, GFP_KERNEL); 1673 p->dev = dev; 1674 write_pnet(&p->net, net); 1675 p->sysctl_table = NULL; 1676 1677 if (ops->ndo_neigh_setup && ops->ndo_neigh_setup(dev, p)) { 1678 netdev_put(dev, &p->dev_tracker); 1679 kfree(p); 1680 return NULL; 1681 } 1682 1683 write_lock_bh(&tbl->lock); 1684 list_add(&p->list, &tbl->parms.list); 1685 write_unlock_bh(&tbl->lock); 1686 1687 neigh_parms_data_state_cleanall(p); 1688 } 1689 return p; 1690 } 1691 EXPORT_SYMBOL(neigh_parms_alloc); 1692 1693 static void neigh_rcu_free_parms(struct rcu_head *head) 1694 { 1695 struct neigh_parms *parms = 1696 container_of(head, struct neigh_parms, rcu_head); 1697 1698 neigh_parms_put(parms); 1699 } 1700 1701 void neigh_parms_release(struct neigh_table *tbl, struct neigh_parms *parms) 1702 { 1703 if (!parms || parms == &tbl->parms) 1704 return; 1705 write_lock_bh(&tbl->lock); 1706 list_del(&parms->list); 1707 parms->dead = 1; 1708 write_unlock_bh(&tbl->lock); 1709 netdev_put(parms->dev, &parms->dev_tracker); 1710 call_rcu(&parms->rcu_head, neigh_rcu_free_parms); 1711 } 1712 EXPORT_SYMBOL(neigh_parms_release); 1713 1714 static struct lock_class_key neigh_table_proxy_queue_class; 1715 1716 static struct neigh_table __rcu *neigh_tables[NEIGH_NR_TABLES] __read_mostly; 1717 1718 void neigh_table_init(int index, struct neigh_table *tbl) 1719 { 1720 unsigned long now = jiffies; 1721 unsigned long phsize; 1722 1723 INIT_LIST_HEAD(&tbl->parms_list); 1724 INIT_LIST_HEAD(&tbl->gc_list); 1725 INIT_LIST_HEAD(&tbl->managed_list); 1726 1727 list_add(&tbl->parms.list, &tbl->parms_list); 1728 write_pnet(&tbl->parms.net, &init_net); 1729 refcount_set(&tbl->parms.refcnt, 1); 1730 tbl->parms.reachable_time = 1731 neigh_rand_reach_time(NEIGH_VAR(&tbl->parms, BASE_REACHABLE_TIME)); 1732 tbl->parms.qlen = 0; 1733 1734 tbl->stats = alloc_percpu(struct neigh_statistics); 1735 if (!tbl->stats) 1736 panic("cannot create neighbour cache statistics"); 1737 1738 #ifdef CONFIG_PROC_FS 1739 if (!proc_create_seq_data(tbl->id, 0, init_net.proc_net_stat, 1740 &neigh_stat_seq_ops, tbl)) 1741 panic("cannot create neighbour proc dir entry"); 1742 #endif 1743 1744 RCU_INIT_POINTER(tbl->nht, neigh_hash_alloc(3)); 1745 1746 phsize = (PNEIGH_HASHMASK + 1) * sizeof(struct pneigh_entry *); 1747 tbl->phash_buckets = kzalloc(phsize, GFP_KERNEL); 1748 1749 if (!tbl->nht || !tbl->phash_buckets) 1750 panic("cannot allocate neighbour cache hashes"); 1751 1752 if (!tbl->entry_size) 1753 tbl->entry_size = ALIGN(offsetof(struct neighbour, primary_key) + 1754 tbl->key_len, NEIGH_PRIV_ALIGN); 1755 else 1756 WARN_ON(tbl->entry_size % NEIGH_PRIV_ALIGN); 1757 1758 rwlock_init(&tbl->lock); 1759 1760 INIT_DEFERRABLE_WORK(&tbl->gc_work, neigh_periodic_work); 1761 queue_delayed_work(system_power_efficient_wq, &tbl->gc_work, 1762 tbl->parms.reachable_time); 1763 INIT_DEFERRABLE_WORK(&tbl->managed_work, neigh_managed_work); 1764 queue_delayed_work(system_power_efficient_wq, &tbl->managed_work, 0); 1765 1766 timer_setup(&tbl->proxy_timer, neigh_proxy_process, 0); 1767 skb_queue_head_init_class(&tbl->proxy_queue, 1768 &neigh_table_proxy_queue_class); 1769 1770 tbl->last_flush = now; 1771 tbl->last_rand = now + tbl->parms.reachable_time * 20; 1772 1773 rcu_assign_pointer(neigh_tables[index], tbl); 1774 } 1775 EXPORT_SYMBOL(neigh_table_init); 1776 1777 /* 1778 * Only called from ndisc_cleanup(), which means this is dead code 1779 * because we no longer can unload IPv6 module. 1780 */ 1781 int neigh_table_clear(int index, struct neigh_table *tbl) 1782 { 1783 RCU_INIT_POINTER(neigh_tables[index], NULL); 1784 synchronize_rcu(); 1785 1786 /* It is not clean... Fix it to unload IPv6 module safely */ 1787 cancel_delayed_work_sync(&tbl->managed_work); 1788 cancel_delayed_work_sync(&tbl->gc_work); 1789 timer_delete_sync(&tbl->proxy_timer); 1790 pneigh_queue_purge(&tbl->proxy_queue, NULL, tbl->family); 1791 neigh_ifdown(tbl, NULL); 1792 if (atomic_read(&tbl->entries)) 1793 pr_crit("neighbour leakage\n"); 1794 1795 call_rcu(&rcu_dereference_protected(tbl->nht, 1)->rcu, 1796 neigh_hash_free_rcu); 1797 tbl->nht = NULL; 1798 1799 kfree(tbl->phash_buckets); 1800 tbl->phash_buckets = NULL; 1801 1802 remove_proc_entry(tbl->id, init_net.proc_net_stat); 1803 1804 free_percpu(tbl->stats); 1805 tbl->stats = NULL; 1806 1807 return 0; 1808 } 1809 EXPORT_SYMBOL(neigh_table_clear); 1810 1811 static struct neigh_table *neigh_find_table(int family) 1812 { 1813 struct neigh_table *tbl = NULL; 1814 1815 switch (family) { 1816 case AF_INET: 1817 tbl = rcu_dereference_rtnl(neigh_tables[NEIGH_ARP_TABLE]); 1818 break; 1819 case AF_INET6: 1820 tbl = rcu_dereference_rtnl(neigh_tables[NEIGH_ND_TABLE]); 1821 break; 1822 } 1823 1824 return tbl; 1825 } 1826 1827 const struct nla_policy nda_policy[NDA_MAX+1] = { 1828 [NDA_UNSPEC] = { .strict_start_type = NDA_NH_ID }, 1829 [NDA_DST] = { .type = NLA_BINARY, .len = MAX_ADDR_LEN }, 1830 [NDA_LLADDR] = { .type = NLA_BINARY, .len = MAX_ADDR_LEN }, 1831 [NDA_CACHEINFO] = { .len = sizeof(struct nda_cacheinfo) }, 1832 [NDA_PROBES] = { .type = NLA_U32 }, 1833 [NDA_VLAN] = { .type = NLA_U16 }, 1834 [NDA_PORT] = { .type = NLA_U16 }, 1835 [NDA_VNI] = { .type = NLA_U32 }, 1836 [NDA_IFINDEX] = { .type = NLA_U32 }, 1837 [NDA_MASTER] = { .type = NLA_U32 }, 1838 [NDA_PROTOCOL] = { .type = NLA_U8 }, 1839 [NDA_NH_ID] = { .type = NLA_U32 }, 1840 [NDA_FLAGS_EXT] = NLA_POLICY_MASK(NLA_U32, NTF_EXT_MASK), 1841 [NDA_FDB_EXT_ATTRS] = { .type = NLA_NESTED }, 1842 }; 1843 1844 static int neigh_delete(struct sk_buff *skb, struct nlmsghdr *nlh, 1845 struct netlink_ext_ack *extack) 1846 { 1847 struct net *net = sock_net(skb->sk); 1848 struct ndmsg *ndm; 1849 struct nlattr *dst_attr; 1850 struct neigh_table *tbl; 1851 struct neighbour *neigh; 1852 struct net_device *dev = NULL; 1853 int err = -EINVAL; 1854 1855 ASSERT_RTNL(); 1856 if (nlmsg_len(nlh) < sizeof(*ndm)) 1857 goto out; 1858 1859 dst_attr = nlmsg_find_attr(nlh, sizeof(*ndm), NDA_DST); 1860 if (!dst_attr) { 1861 NL_SET_ERR_MSG(extack, "Network address not specified"); 1862 goto out; 1863 } 1864 1865 ndm = nlmsg_data(nlh); 1866 if (ndm->ndm_ifindex) { 1867 dev = __dev_get_by_index(net, ndm->ndm_ifindex); 1868 if (dev == NULL) { 1869 err = -ENODEV; 1870 goto out; 1871 } 1872 } 1873 1874 tbl = neigh_find_table(ndm->ndm_family); 1875 if (tbl == NULL) 1876 return -EAFNOSUPPORT; 1877 1878 if (nla_len(dst_attr) < (int)tbl->key_len) { 1879 NL_SET_ERR_MSG(extack, "Invalid network address"); 1880 goto out; 1881 } 1882 1883 if (ndm->ndm_flags & NTF_PROXY) { 1884 err = pneigh_delete(tbl, net, nla_data(dst_attr), dev); 1885 goto out; 1886 } 1887 1888 if (dev == NULL) 1889 goto out; 1890 1891 neigh = neigh_lookup(tbl, nla_data(dst_attr), dev); 1892 if (neigh == NULL) { 1893 err = -ENOENT; 1894 goto out; 1895 } 1896 1897 err = __neigh_update(neigh, NULL, NUD_FAILED, 1898 NEIGH_UPDATE_F_OVERRIDE | NEIGH_UPDATE_F_ADMIN, 1899 NETLINK_CB(skb).portid, extack); 1900 write_lock_bh(&tbl->lock); 1901 neigh_release(neigh); 1902 neigh_remove_one(neigh); 1903 write_unlock_bh(&tbl->lock); 1904 1905 out: 1906 return err; 1907 } 1908 1909 static int neigh_add(struct sk_buff *skb, struct nlmsghdr *nlh, 1910 struct netlink_ext_ack *extack) 1911 { 1912 int flags = NEIGH_UPDATE_F_ADMIN | NEIGH_UPDATE_F_OVERRIDE | 1913 NEIGH_UPDATE_F_OVERRIDE_ISROUTER; 1914 struct net *net = sock_net(skb->sk); 1915 struct ndmsg *ndm; 1916 struct nlattr *tb[NDA_MAX+1]; 1917 struct neigh_table *tbl; 1918 struct net_device *dev = NULL; 1919 struct neighbour *neigh; 1920 void *dst, *lladdr; 1921 u8 protocol = 0; 1922 u32 ndm_flags; 1923 int err; 1924 1925 ASSERT_RTNL(); 1926 err = nlmsg_parse_deprecated(nlh, sizeof(*ndm), tb, NDA_MAX, 1927 nda_policy, extack); 1928 if (err < 0) 1929 goto out; 1930 1931 err = -EINVAL; 1932 if (!tb[NDA_DST]) { 1933 NL_SET_ERR_MSG(extack, "Network address not specified"); 1934 goto out; 1935 } 1936 1937 ndm = nlmsg_data(nlh); 1938 ndm_flags = ndm->ndm_flags; 1939 if (tb[NDA_FLAGS_EXT]) { 1940 u32 ext = nla_get_u32(tb[NDA_FLAGS_EXT]); 1941 1942 BUILD_BUG_ON(sizeof(neigh->flags) * BITS_PER_BYTE < 1943 (sizeof(ndm->ndm_flags) * BITS_PER_BYTE + 1944 hweight32(NTF_EXT_MASK))); 1945 ndm_flags |= (ext << NTF_EXT_SHIFT); 1946 } 1947 if (ndm->ndm_ifindex) { 1948 dev = __dev_get_by_index(net, ndm->ndm_ifindex); 1949 if (dev == NULL) { 1950 err = -ENODEV; 1951 goto out; 1952 } 1953 1954 if (tb[NDA_LLADDR] && nla_len(tb[NDA_LLADDR]) < dev->addr_len) { 1955 NL_SET_ERR_MSG(extack, "Invalid link address"); 1956 goto out; 1957 } 1958 } 1959 1960 tbl = neigh_find_table(ndm->ndm_family); 1961 if (tbl == NULL) 1962 return -EAFNOSUPPORT; 1963 1964 if (nla_len(tb[NDA_DST]) < (int)tbl->key_len) { 1965 NL_SET_ERR_MSG(extack, "Invalid network address"); 1966 goto out; 1967 } 1968 1969 dst = nla_data(tb[NDA_DST]); 1970 lladdr = tb[NDA_LLADDR] ? nla_data(tb[NDA_LLADDR]) : NULL; 1971 1972 if (tb[NDA_PROTOCOL]) 1973 protocol = nla_get_u8(tb[NDA_PROTOCOL]); 1974 if (ndm_flags & NTF_PROXY) { 1975 struct pneigh_entry *pn; 1976 1977 if (ndm_flags & NTF_MANAGED) { 1978 NL_SET_ERR_MSG(extack, "Invalid NTF_* flag combination"); 1979 goto out; 1980 } 1981 1982 err = -ENOBUFS; 1983 pn = pneigh_lookup(tbl, net, dst, dev, 1); 1984 if (pn) { 1985 pn->flags = ndm_flags; 1986 if (protocol) 1987 pn->protocol = protocol; 1988 err = 0; 1989 } 1990 goto out; 1991 } 1992 1993 if (!dev) { 1994 NL_SET_ERR_MSG(extack, "Device not specified"); 1995 goto out; 1996 } 1997 1998 if (tbl->allow_add && !tbl->allow_add(dev, extack)) { 1999 err = -EINVAL; 2000 goto out; 2001 } 2002 2003 neigh = neigh_lookup(tbl, dst, dev); 2004 if (neigh == NULL) { 2005 bool ndm_permanent = ndm->ndm_state & NUD_PERMANENT; 2006 bool exempt_from_gc = ndm_permanent || 2007 ndm_flags & NTF_EXT_LEARNED; 2008 2009 if (!(nlh->nlmsg_flags & NLM_F_CREATE)) { 2010 err = -ENOENT; 2011 goto out; 2012 } 2013 if (ndm_permanent && (ndm_flags & NTF_MANAGED)) { 2014 NL_SET_ERR_MSG(extack, "Invalid NTF_* flag for permanent entry"); 2015 err = -EINVAL; 2016 goto out; 2017 } 2018 2019 neigh = ___neigh_create(tbl, dst, dev, 2020 ndm_flags & 2021 (NTF_EXT_LEARNED | NTF_MANAGED), 2022 exempt_from_gc, true); 2023 if (IS_ERR(neigh)) { 2024 err = PTR_ERR(neigh); 2025 goto out; 2026 } 2027 } else { 2028 if (nlh->nlmsg_flags & NLM_F_EXCL) { 2029 err = -EEXIST; 2030 neigh_release(neigh); 2031 goto out; 2032 } 2033 2034 if (!(nlh->nlmsg_flags & NLM_F_REPLACE)) 2035 flags &= ~(NEIGH_UPDATE_F_OVERRIDE | 2036 NEIGH_UPDATE_F_OVERRIDE_ISROUTER); 2037 } 2038 2039 if (protocol) 2040 neigh->protocol = protocol; 2041 if (ndm_flags & NTF_EXT_LEARNED) 2042 flags |= NEIGH_UPDATE_F_EXT_LEARNED; 2043 if (ndm_flags & NTF_ROUTER) 2044 flags |= NEIGH_UPDATE_F_ISROUTER; 2045 if (ndm_flags & NTF_MANAGED) 2046 flags |= NEIGH_UPDATE_F_MANAGED; 2047 if (ndm_flags & NTF_USE) 2048 flags |= NEIGH_UPDATE_F_USE; 2049 2050 err = __neigh_update(neigh, lladdr, ndm->ndm_state, flags, 2051 NETLINK_CB(skb).portid, extack); 2052 if (!err && ndm_flags & (NTF_USE | NTF_MANAGED)) { 2053 neigh_event_send(neigh, NULL); 2054 err = 0; 2055 } 2056 neigh_release(neigh); 2057 out: 2058 return err; 2059 } 2060 2061 static int neightbl_fill_parms(struct sk_buff *skb, struct neigh_parms *parms) 2062 { 2063 struct nlattr *nest; 2064 2065 nest = nla_nest_start_noflag(skb, NDTA_PARMS); 2066 if (nest == NULL) 2067 return -ENOBUFS; 2068 2069 if ((parms->dev && 2070 nla_put_u32(skb, NDTPA_IFINDEX, parms->dev->ifindex)) || 2071 nla_put_u32(skb, NDTPA_REFCNT, refcount_read(&parms->refcnt)) || 2072 nla_put_u32(skb, NDTPA_QUEUE_LENBYTES, 2073 NEIGH_VAR(parms, QUEUE_LEN_BYTES)) || 2074 /* approximative value for deprecated QUEUE_LEN (in packets) */ 2075 nla_put_u32(skb, NDTPA_QUEUE_LEN, 2076 NEIGH_VAR(parms, QUEUE_LEN_BYTES) / SKB_TRUESIZE(ETH_FRAME_LEN)) || 2077 nla_put_u32(skb, NDTPA_PROXY_QLEN, NEIGH_VAR(parms, PROXY_QLEN)) || 2078 nla_put_u32(skb, NDTPA_APP_PROBES, NEIGH_VAR(parms, APP_PROBES)) || 2079 nla_put_u32(skb, NDTPA_UCAST_PROBES, 2080 NEIGH_VAR(parms, UCAST_PROBES)) || 2081 nla_put_u32(skb, NDTPA_MCAST_PROBES, 2082 NEIGH_VAR(parms, MCAST_PROBES)) || 2083 nla_put_u32(skb, NDTPA_MCAST_REPROBES, 2084 NEIGH_VAR(parms, MCAST_REPROBES)) || 2085 nla_put_msecs(skb, NDTPA_REACHABLE_TIME, parms->reachable_time, 2086 NDTPA_PAD) || 2087 nla_put_msecs(skb, NDTPA_BASE_REACHABLE_TIME, 2088 NEIGH_VAR(parms, BASE_REACHABLE_TIME), NDTPA_PAD) || 2089 nla_put_msecs(skb, NDTPA_GC_STALETIME, 2090 NEIGH_VAR(parms, GC_STALETIME), NDTPA_PAD) || 2091 nla_put_msecs(skb, NDTPA_DELAY_PROBE_TIME, 2092 NEIGH_VAR(parms, DELAY_PROBE_TIME), NDTPA_PAD) || 2093 nla_put_msecs(skb, NDTPA_RETRANS_TIME, 2094 NEIGH_VAR(parms, RETRANS_TIME), NDTPA_PAD) || 2095 nla_put_msecs(skb, NDTPA_ANYCAST_DELAY, 2096 NEIGH_VAR(parms, ANYCAST_DELAY), NDTPA_PAD) || 2097 nla_put_msecs(skb, NDTPA_PROXY_DELAY, 2098 NEIGH_VAR(parms, PROXY_DELAY), NDTPA_PAD) || 2099 nla_put_msecs(skb, NDTPA_LOCKTIME, 2100 NEIGH_VAR(parms, LOCKTIME), NDTPA_PAD) || 2101 nla_put_msecs(skb, NDTPA_INTERVAL_PROBE_TIME_MS, 2102 NEIGH_VAR(parms, INTERVAL_PROBE_TIME_MS), NDTPA_PAD)) 2103 goto nla_put_failure; 2104 return nla_nest_end(skb, nest); 2105 2106 nla_put_failure: 2107 nla_nest_cancel(skb, nest); 2108 return -EMSGSIZE; 2109 } 2110 2111 static int neightbl_fill_info(struct sk_buff *skb, struct neigh_table *tbl, 2112 u32 pid, u32 seq, int type, int flags) 2113 { 2114 struct nlmsghdr *nlh; 2115 struct ndtmsg *ndtmsg; 2116 2117 nlh = nlmsg_put(skb, pid, seq, type, sizeof(*ndtmsg), flags); 2118 if (nlh == NULL) 2119 return -EMSGSIZE; 2120 2121 ndtmsg = nlmsg_data(nlh); 2122 2123 read_lock_bh(&tbl->lock); 2124 ndtmsg->ndtm_family = tbl->family; 2125 ndtmsg->ndtm_pad1 = 0; 2126 ndtmsg->ndtm_pad2 = 0; 2127 2128 if (nla_put_string(skb, NDTA_NAME, tbl->id) || 2129 nla_put_msecs(skb, NDTA_GC_INTERVAL, READ_ONCE(tbl->gc_interval), 2130 NDTA_PAD) || 2131 nla_put_u32(skb, NDTA_THRESH1, READ_ONCE(tbl->gc_thresh1)) || 2132 nla_put_u32(skb, NDTA_THRESH2, READ_ONCE(tbl->gc_thresh2)) || 2133 nla_put_u32(skb, NDTA_THRESH3, READ_ONCE(tbl->gc_thresh3))) 2134 goto nla_put_failure; 2135 { 2136 unsigned long now = jiffies; 2137 long flush_delta = now - READ_ONCE(tbl->last_flush); 2138 long rand_delta = now - READ_ONCE(tbl->last_rand); 2139 struct neigh_hash_table *nht; 2140 struct ndt_config ndc = { 2141 .ndtc_key_len = tbl->key_len, 2142 .ndtc_entry_size = tbl->entry_size, 2143 .ndtc_entries = atomic_read(&tbl->entries), 2144 .ndtc_last_flush = jiffies_to_msecs(flush_delta), 2145 .ndtc_last_rand = jiffies_to_msecs(rand_delta), 2146 .ndtc_proxy_qlen = READ_ONCE(tbl->proxy_queue.qlen), 2147 }; 2148 2149 rcu_read_lock(); 2150 nht = rcu_dereference(tbl->nht); 2151 ndc.ndtc_hash_rnd = nht->hash_rnd[0]; 2152 ndc.ndtc_hash_mask = ((1 << nht->hash_shift) - 1); 2153 rcu_read_unlock(); 2154 2155 if (nla_put(skb, NDTA_CONFIG, sizeof(ndc), &ndc)) 2156 goto nla_put_failure; 2157 } 2158 2159 { 2160 int cpu; 2161 struct ndt_stats ndst; 2162 2163 memset(&ndst, 0, sizeof(ndst)); 2164 2165 for_each_possible_cpu(cpu) { 2166 struct neigh_statistics *st; 2167 2168 st = per_cpu_ptr(tbl->stats, cpu); 2169 ndst.ndts_allocs += READ_ONCE(st->allocs); 2170 ndst.ndts_destroys += READ_ONCE(st->destroys); 2171 ndst.ndts_hash_grows += READ_ONCE(st->hash_grows); 2172 ndst.ndts_res_failed += READ_ONCE(st->res_failed); 2173 ndst.ndts_lookups += READ_ONCE(st->lookups); 2174 ndst.ndts_hits += READ_ONCE(st->hits); 2175 ndst.ndts_rcv_probes_mcast += READ_ONCE(st->rcv_probes_mcast); 2176 ndst.ndts_rcv_probes_ucast += READ_ONCE(st->rcv_probes_ucast); 2177 ndst.ndts_periodic_gc_runs += READ_ONCE(st->periodic_gc_runs); 2178 ndst.ndts_forced_gc_runs += READ_ONCE(st->forced_gc_runs); 2179 ndst.ndts_table_fulls += READ_ONCE(st->table_fulls); 2180 } 2181 2182 if (nla_put_64bit(skb, NDTA_STATS, sizeof(ndst), &ndst, 2183 NDTA_PAD)) 2184 goto nla_put_failure; 2185 } 2186 2187 BUG_ON(tbl->parms.dev); 2188 if (neightbl_fill_parms(skb, &tbl->parms) < 0) 2189 goto nla_put_failure; 2190 2191 read_unlock_bh(&tbl->lock); 2192 nlmsg_end(skb, nlh); 2193 return 0; 2194 2195 nla_put_failure: 2196 read_unlock_bh(&tbl->lock); 2197 nlmsg_cancel(skb, nlh); 2198 return -EMSGSIZE; 2199 } 2200 2201 static int neightbl_fill_param_info(struct sk_buff *skb, 2202 struct neigh_table *tbl, 2203 struct neigh_parms *parms, 2204 u32 pid, u32 seq, int type, 2205 unsigned int flags) 2206 { 2207 struct ndtmsg *ndtmsg; 2208 struct nlmsghdr *nlh; 2209 2210 nlh = nlmsg_put(skb, pid, seq, type, sizeof(*ndtmsg), flags); 2211 if (nlh == NULL) 2212 return -EMSGSIZE; 2213 2214 ndtmsg = nlmsg_data(nlh); 2215 2216 read_lock_bh(&tbl->lock); 2217 ndtmsg->ndtm_family = tbl->family; 2218 ndtmsg->ndtm_pad1 = 0; 2219 ndtmsg->ndtm_pad2 = 0; 2220 2221 if (nla_put_string(skb, NDTA_NAME, tbl->id) < 0 || 2222 neightbl_fill_parms(skb, parms) < 0) 2223 goto errout; 2224 2225 read_unlock_bh(&tbl->lock); 2226 nlmsg_end(skb, nlh); 2227 return 0; 2228 errout: 2229 read_unlock_bh(&tbl->lock); 2230 nlmsg_cancel(skb, nlh); 2231 return -EMSGSIZE; 2232 } 2233 2234 static const struct nla_policy nl_neightbl_policy[NDTA_MAX+1] = { 2235 [NDTA_NAME] = { .type = NLA_STRING }, 2236 [NDTA_THRESH1] = { .type = NLA_U32 }, 2237 [NDTA_THRESH2] = { .type = NLA_U32 }, 2238 [NDTA_THRESH3] = { .type = NLA_U32 }, 2239 [NDTA_GC_INTERVAL] = { .type = NLA_U64 }, 2240 [NDTA_PARMS] = { .type = NLA_NESTED }, 2241 }; 2242 2243 static const struct nla_policy nl_ntbl_parm_policy[NDTPA_MAX+1] = { 2244 [NDTPA_IFINDEX] = { .type = NLA_U32 }, 2245 [NDTPA_QUEUE_LEN] = { .type = NLA_U32 }, 2246 [NDTPA_QUEUE_LENBYTES] = { .type = NLA_U32 }, 2247 [NDTPA_PROXY_QLEN] = { .type = NLA_U32 }, 2248 [NDTPA_APP_PROBES] = { .type = NLA_U32 }, 2249 [NDTPA_UCAST_PROBES] = { .type = NLA_U32 }, 2250 [NDTPA_MCAST_PROBES] = { .type = NLA_U32 }, 2251 [NDTPA_MCAST_REPROBES] = { .type = NLA_U32 }, 2252 [NDTPA_BASE_REACHABLE_TIME] = { .type = NLA_U64 }, 2253 [NDTPA_GC_STALETIME] = { .type = NLA_U64 }, 2254 [NDTPA_DELAY_PROBE_TIME] = { .type = NLA_U64 }, 2255 [NDTPA_RETRANS_TIME] = { .type = NLA_U64 }, 2256 [NDTPA_ANYCAST_DELAY] = { .type = NLA_U64 }, 2257 [NDTPA_PROXY_DELAY] = { .type = NLA_U64 }, 2258 [NDTPA_LOCKTIME] = { .type = NLA_U64 }, 2259 [NDTPA_INTERVAL_PROBE_TIME_MS] = { .type = NLA_U64, .min = 1 }, 2260 }; 2261 2262 static int neightbl_set(struct sk_buff *skb, struct nlmsghdr *nlh, 2263 struct netlink_ext_ack *extack) 2264 { 2265 struct net *net = sock_net(skb->sk); 2266 struct neigh_table *tbl; 2267 struct ndtmsg *ndtmsg; 2268 struct nlattr *tb[NDTA_MAX+1]; 2269 bool found = false; 2270 int err, tidx; 2271 2272 err = nlmsg_parse_deprecated(nlh, sizeof(*ndtmsg), tb, NDTA_MAX, 2273 nl_neightbl_policy, extack); 2274 if (err < 0) 2275 goto errout; 2276 2277 if (tb[NDTA_NAME] == NULL) { 2278 err = -EINVAL; 2279 goto errout; 2280 } 2281 2282 ndtmsg = nlmsg_data(nlh); 2283 2284 for (tidx = 0; tidx < NEIGH_NR_TABLES; tidx++) { 2285 tbl = rcu_dereference_rtnl(neigh_tables[tidx]); 2286 if (!tbl) 2287 continue; 2288 if (ndtmsg->ndtm_family && tbl->family != ndtmsg->ndtm_family) 2289 continue; 2290 if (nla_strcmp(tb[NDTA_NAME], tbl->id) == 0) { 2291 found = true; 2292 break; 2293 } 2294 } 2295 2296 if (!found) 2297 return -ENOENT; 2298 2299 /* 2300 * We acquire tbl->lock to be nice to the periodic timers and 2301 * make sure they always see a consistent set of values. 2302 */ 2303 write_lock_bh(&tbl->lock); 2304 2305 if (tb[NDTA_PARMS]) { 2306 struct nlattr *tbp[NDTPA_MAX+1]; 2307 struct neigh_parms *p; 2308 int i, ifindex = 0; 2309 2310 err = nla_parse_nested_deprecated(tbp, NDTPA_MAX, 2311 tb[NDTA_PARMS], 2312 nl_ntbl_parm_policy, extack); 2313 if (err < 0) 2314 goto errout_tbl_lock; 2315 2316 if (tbp[NDTPA_IFINDEX]) 2317 ifindex = nla_get_u32(tbp[NDTPA_IFINDEX]); 2318 2319 p = lookup_neigh_parms(tbl, net, ifindex); 2320 if (p == NULL) { 2321 err = -ENOENT; 2322 goto errout_tbl_lock; 2323 } 2324 2325 for (i = 1; i <= NDTPA_MAX; i++) { 2326 if (tbp[i] == NULL) 2327 continue; 2328 2329 switch (i) { 2330 case NDTPA_QUEUE_LEN: 2331 NEIGH_VAR_SET(p, QUEUE_LEN_BYTES, 2332 nla_get_u32(tbp[i]) * 2333 SKB_TRUESIZE(ETH_FRAME_LEN)); 2334 break; 2335 case NDTPA_QUEUE_LENBYTES: 2336 NEIGH_VAR_SET(p, QUEUE_LEN_BYTES, 2337 nla_get_u32(tbp[i])); 2338 break; 2339 case NDTPA_PROXY_QLEN: 2340 NEIGH_VAR_SET(p, PROXY_QLEN, 2341 nla_get_u32(tbp[i])); 2342 break; 2343 case NDTPA_APP_PROBES: 2344 NEIGH_VAR_SET(p, APP_PROBES, 2345 nla_get_u32(tbp[i])); 2346 break; 2347 case NDTPA_UCAST_PROBES: 2348 NEIGH_VAR_SET(p, UCAST_PROBES, 2349 nla_get_u32(tbp[i])); 2350 break; 2351 case NDTPA_MCAST_PROBES: 2352 NEIGH_VAR_SET(p, MCAST_PROBES, 2353 nla_get_u32(tbp[i])); 2354 break; 2355 case NDTPA_MCAST_REPROBES: 2356 NEIGH_VAR_SET(p, MCAST_REPROBES, 2357 nla_get_u32(tbp[i])); 2358 break; 2359 case NDTPA_BASE_REACHABLE_TIME: 2360 NEIGH_VAR_SET(p, BASE_REACHABLE_TIME, 2361 nla_get_msecs(tbp[i])); 2362 /* update reachable_time as well, otherwise, the change will 2363 * only be effective after the next time neigh_periodic_work 2364 * decides to recompute it (can be multiple minutes) 2365 */ 2366 p->reachable_time = 2367 neigh_rand_reach_time(NEIGH_VAR(p, BASE_REACHABLE_TIME)); 2368 break; 2369 case NDTPA_GC_STALETIME: 2370 NEIGH_VAR_SET(p, GC_STALETIME, 2371 nla_get_msecs(tbp[i])); 2372 break; 2373 case NDTPA_DELAY_PROBE_TIME: 2374 NEIGH_VAR_SET(p, DELAY_PROBE_TIME, 2375 nla_get_msecs(tbp[i])); 2376 call_netevent_notifiers(NETEVENT_DELAY_PROBE_TIME_UPDATE, p); 2377 break; 2378 case NDTPA_INTERVAL_PROBE_TIME_MS: 2379 NEIGH_VAR_SET(p, INTERVAL_PROBE_TIME_MS, 2380 nla_get_msecs(tbp[i])); 2381 break; 2382 case NDTPA_RETRANS_TIME: 2383 NEIGH_VAR_SET(p, RETRANS_TIME, 2384 nla_get_msecs(tbp[i])); 2385 break; 2386 case NDTPA_ANYCAST_DELAY: 2387 NEIGH_VAR_SET(p, ANYCAST_DELAY, 2388 nla_get_msecs(tbp[i])); 2389 break; 2390 case NDTPA_PROXY_DELAY: 2391 NEIGH_VAR_SET(p, PROXY_DELAY, 2392 nla_get_msecs(tbp[i])); 2393 break; 2394 case NDTPA_LOCKTIME: 2395 NEIGH_VAR_SET(p, LOCKTIME, 2396 nla_get_msecs(tbp[i])); 2397 break; 2398 } 2399 } 2400 } 2401 2402 err = -ENOENT; 2403 if ((tb[NDTA_THRESH1] || tb[NDTA_THRESH2] || 2404 tb[NDTA_THRESH3] || tb[NDTA_GC_INTERVAL]) && 2405 !net_eq(net, &init_net)) 2406 goto errout_tbl_lock; 2407 2408 if (tb[NDTA_THRESH1]) 2409 WRITE_ONCE(tbl->gc_thresh1, nla_get_u32(tb[NDTA_THRESH1])); 2410 2411 if (tb[NDTA_THRESH2]) 2412 WRITE_ONCE(tbl->gc_thresh2, nla_get_u32(tb[NDTA_THRESH2])); 2413 2414 if (tb[NDTA_THRESH3]) 2415 WRITE_ONCE(tbl->gc_thresh3, nla_get_u32(tb[NDTA_THRESH3])); 2416 2417 if (tb[NDTA_GC_INTERVAL]) 2418 WRITE_ONCE(tbl->gc_interval, nla_get_msecs(tb[NDTA_GC_INTERVAL])); 2419 2420 err = 0; 2421 2422 errout_tbl_lock: 2423 write_unlock_bh(&tbl->lock); 2424 errout: 2425 return err; 2426 } 2427 2428 static int neightbl_valid_dump_info(const struct nlmsghdr *nlh, 2429 struct netlink_ext_ack *extack) 2430 { 2431 struct ndtmsg *ndtm; 2432 2433 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*ndtm))) { 2434 NL_SET_ERR_MSG(extack, "Invalid header for neighbor table dump request"); 2435 return -EINVAL; 2436 } 2437 2438 ndtm = nlmsg_data(nlh); 2439 if (ndtm->ndtm_pad1 || ndtm->ndtm_pad2) { 2440 NL_SET_ERR_MSG(extack, "Invalid values in header for neighbor table dump request"); 2441 return -EINVAL; 2442 } 2443 2444 if (nlmsg_attrlen(nlh, sizeof(*ndtm))) { 2445 NL_SET_ERR_MSG(extack, "Invalid data after header in neighbor table dump request"); 2446 return -EINVAL; 2447 } 2448 2449 return 0; 2450 } 2451 2452 static int neightbl_dump_info(struct sk_buff *skb, struct netlink_callback *cb) 2453 { 2454 const struct nlmsghdr *nlh = cb->nlh; 2455 struct net *net = sock_net(skb->sk); 2456 int family, tidx, nidx = 0; 2457 int tbl_skip = cb->args[0]; 2458 int neigh_skip = cb->args[1]; 2459 struct neigh_table *tbl; 2460 2461 if (cb->strict_check) { 2462 int err = neightbl_valid_dump_info(nlh, cb->extack); 2463 2464 if (err < 0) 2465 return err; 2466 } 2467 2468 family = ((struct rtgenmsg *)nlmsg_data(nlh))->rtgen_family; 2469 2470 for (tidx = 0; tidx < NEIGH_NR_TABLES; tidx++) { 2471 struct neigh_parms *p; 2472 2473 tbl = rcu_dereference_rtnl(neigh_tables[tidx]); 2474 if (!tbl) 2475 continue; 2476 2477 if (tidx < tbl_skip || (family && tbl->family != family)) 2478 continue; 2479 2480 if (neightbl_fill_info(skb, tbl, NETLINK_CB(cb->skb).portid, 2481 nlh->nlmsg_seq, RTM_NEWNEIGHTBL, 2482 NLM_F_MULTI) < 0) 2483 break; 2484 2485 nidx = 0; 2486 p = list_next_entry(&tbl->parms, list); 2487 list_for_each_entry_from(p, &tbl->parms_list, list) { 2488 if (!net_eq(neigh_parms_net(p), net)) 2489 continue; 2490 2491 if (nidx < neigh_skip) 2492 goto next; 2493 2494 if (neightbl_fill_param_info(skb, tbl, p, 2495 NETLINK_CB(cb->skb).portid, 2496 nlh->nlmsg_seq, 2497 RTM_NEWNEIGHTBL, 2498 NLM_F_MULTI) < 0) 2499 goto out; 2500 next: 2501 nidx++; 2502 } 2503 2504 neigh_skip = 0; 2505 } 2506 out: 2507 cb->args[0] = tidx; 2508 cb->args[1] = nidx; 2509 2510 return skb->len; 2511 } 2512 2513 static int neigh_fill_info(struct sk_buff *skb, struct neighbour *neigh, 2514 u32 pid, u32 seq, int type, unsigned int flags) 2515 { 2516 u32 neigh_flags, neigh_flags_ext; 2517 unsigned long now = jiffies; 2518 struct nda_cacheinfo ci; 2519 struct nlmsghdr *nlh; 2520 struct ndmsg *ndm; 2521 2522 nlh = nlmsg_put(skb, pid, seq, type, sizeof(*ndm), flags); 2523 if (nlh == NULL) 2524 return -EMSGSIZE; 2525 2526 neigh_flags_ext = neigh->flags >> NTF_EXT_SHIFT; 2527 neigh_flags = neigh->flags & NTF_OLD_MASK; 2528 2529 ndm = nlmsg_data(nlh); 2530 ndm->ndm_family = neigh->ops->family; 2531 ndm->ndm_pad1 = 0; 2532 ndm->ndm_pad2 = 0; 2533 ndm->ndm_flags = neigh_flags; 2534 ndm->ndm_type = neigh->type; 2535 ndm->ndm_ifindex = neigh->dev->ifindex; 2536 2537 if (nla_put(skb, NDA_DST, neigh->tbl->key_len, neigh->primary_key)) 2538 goto nla_put_failure; 2539 2540 read_lock_bh(&neigh->lock); 2541 ndm->ndm_state = neigh->nud_state; 2542 if (neigh->nud_state & NUD_VALID) { 2543 char haddr[MAX_ADDR_LEN]; 2544 2545 neigh_ha_snapshot(haddr, neigh, neigh->dev); 2546 if (nla_put(skb, NDA_LLADDR, neigh->dev->addr_len, haddr) < 0) { 2547 read_unlock_bh(&neigh->lock); 2548 goto nla_put_failure; 2549 } 2550 } 2551 2552 ci.ndm_used = jiffies_to_clock_t(now - neigh->used); 2553 ci.ndm_confirmed = jiffies_to_clock_t(now - neigh->confirmed); 2554 ci.ndm_updated = jiffies_to_clock_t(now - neigh->updated); 2555 ci.ndm_refcnt = refcount_read(&neigh->refcnt) - 1; 2556 read_unlock_bh(&neigh->lock); 2557 2558 if (nla_put_u32(skb, NDA_PROBES, atomic_read(&neigh->probes)) || 2559 nla_put(skb, NDA_CACHEINFO, sizeof(ci), &ci)) 2560 goto nla_put_failure; 2561 2562 if (neigh->protocol && nla_put_u8(skb, NDA_PROTOCOL, neigh->protocol)) 2563 goto nla_put_failure; 2564 if (neigh_flags_ext && nla_put_u32(skb, NDA_FLAGS_EXT, neigh_flags_ext)) 2565 goto nla_put_failure; 2566 2567 nlmsg_end(skb, nlh); 2568 return 0; 2569 2570 nla_put_failure: 2571 nlmsg_cancel(skb, nlh); 2572 return -EMSGSIZE; 2573 } 2574 2575 static int pneigh_fill_info(struct sk_buff *skb, struct pneigh_entry *pn, 2576 u32 pid, u32 seq, int type, unsigned int flags, 2577 struct neigh_table *tbl) 2578 { 2579 u32 neigh_flags, neigh_flags_ext; 2580 struct nlmsghdr *nlh; 2581 struct ndmsg *ndm; 2582 2583 nlh = nlmsg_put(skb, pid, seq, type, sizeof(*ndm), flags); 2584 if (nlh == NULL) 2585 return -EMSGSIZE; 2586 2587 neigh_flags_ext = pn->flags >> NTF_EXT_SHIFT; 2588 neigh_flags = pn->flags & NTF_OLD_MASK; 2589 2590 ndm = nlmsg_data(nlh); 2591 ndm->ndm_family = tbl->family; 2592 ndm->ndm_pad1 = 0; 2593 ndm->ndm_pad2 = 0; 2594 ndm->ndm_flags = neigh_flags | NTF_PROXY; 2595 ndm->ndm_type = RTN_UNICAST; 2596 ndm->ndm_ifindex = pn->dev ? pn->dev->ifindex : 0; 2597 ndm->ndm_state = NUD_NONE; 2598 2599 if (nla_put(skb, NDA_DST, tbl->key_len, pn->key)) 2600 goto nla_put_failure; 2601 2602 if (pn->protocol && nla_put_u8(skb, NDA_PROTOCOL, pn->protocol)) 2603 goto nla_put_failure; 2604 if (neigh_flags_ext && nla_put_u32(skb, NDA_FLAGS_EXT, neigh_flags_ext)) 2605 goto nla_put_failure; 2606 2607 nlmsg_end(skb, nlh); 2608 return 0; 2609 2610 nla_put_failure: 2611 nlmsg_cancel(skb, nlh); 2612 return -EMSGSIZE; 2613 } 2614 2615 static void neigh_update_notify(struct neighbour *neigh, u32 nlmsg_pid) 2616 { 2617 call_netevent_notifiers(NETEVENT_NEIGH_UPDATE, neigh); 2618 __neigh_notify(neigh, RTM_NEWNEIGH, 0, nlmsg_pid); 2619 } 2620 2621 static bool neigh_master_filtered(struct net_device *dev, int master_idx) 2622 { 2623 struct net_device *master; 2624 2625 if (!master_idx) 2626 return false; 2627 2628 master = dev ? netdev_master_upper_dev_get_rcu(dev) : NULL; 2629 2630 /* 0 is already used to denote NDA_MASTER wasn't passed, therefore need another 2631 * invalid value for ifindex to denote "no master". 2632 */ 2633 if (master_idx == -1) 2634 return !!master; 2635 2636 if (!master || master->ifindex != master_idx) 2637 return true; 2638 2639 return false; 2640 } 2641 2642 static bool neigh_ifindex_filtered(struct net_device *dev, int filter_idx) 2643 { 2644 if (filter_idx && (!dev || dev->ifindex != filter_idx)) 2645 return true; 2646 2647 return false; 2648 } 2649 2650 struct neigh_dump_filter { 2651 int master_idx; 2652 int dev_idx; 2653 }; 2654 2655 static int neigh_dump_table(struct neigh_table *tbl, struct sk_buff *skb, 2656 struct netlink_callback *cb, 2657 struct neigh_dump_filter *filter) 2658 { 2659 struct net *net = sock_net(skb->sk); 2660 struct neighbour *n; 2661 int err = 0, h, s_h = cb->args[1]; 2662 int idx, s_idx = idx = cb->args[2]; 2663 struct neigh_hash_table *nht; 2664 unsigned int flags = NLM_F_MULTI; 2665 2666 if (filter->dev_idx || filter->master_idx) 2667 flags |= NLM_F_DUMP_FILTERED; 2668 2669 nht = rcu_dereference(tbl->nht); 2670 2671 for (h = s_h; h < (1 << nht->hash_shift); h++) { 2672 if (h > s_h) 2673 s_idx = 0; 2674 idx = 0; 2675 neigh_for_each_in_bucket_rcu(n, &nht->hash_heads[h]) { 2676 if (idx < s_idx || !net_eq(dev_net(n->dev), net)) 2677 goto next; 2678 if (neigh_ifindex_filtered(n->dev, filter->dev_idx) || 2679 neigh_master_filtered(n->dev, filter->master_idx)) 2680 goto next; 2681 err = neigh_fill_info(skb, n, NETLINK_CB(cb->skb).portid, 2682 cb->nlh->nlmsg_seq, 2683 RTM_NEWNEIGH, flags); 2684 if (err < 0) 2685 goto out; 2686 next: 2687 idx++; 2688 } 2689 } 2690 out: 2691 cb->args[1] = h; 2692 cb->args[2] = idx; 2693 return err; 2694 } 2695 2696 static int pneigh_dump_table(struct neigh_table *tbl, struct sk_buff *skb, 2697 struct netlink_callback *cb, 2698 struct neigh_dump_filter *filter) 2699 { 2700 struct pneigh_entry *n; 2701 struct net *net = sock_net(skb->sk); 2702 int err = 0, h, s_h = cb->args[3]; 2703 int idx, s_idx = idx = cb->args[4]; 2704 unsigned int flags = NLM_F_MULTI; 2705 2706 if (filter->dev_idx || filter->master_idx) 2707 flags |= NLM_F_DUMP_FILTERED; 2708 2709 read_lock_bh(&tbl->lock); 2710 2711 for (h = s_h; h <= PNEIGH_HASHMASK; h++) { 2712 if (h > s_h) 2713 s_idx = 0; 2714 for (n = tbl->phash_buckets[h], idx = 0; n; n = n->next) { 2715 if (idx < s_idx || pneigh_net(n) != net) 2716 goto next; 2717 if (neigh_ifindex_filtered(n->dev, filter->dev_idx) || 2718 neigh_master_filtered(n->dev, filter->master_idx)) 2719 goto next; 2720 err = pneigh_fill_info(skb, n, NETLINK_CB(cb->skb).portid, 2721 cb->nlh->nlmsg_seq, 2722 RTM_NEWNEIGH, flags, tbl); 2723 if (err < 0) { 2724 read_unlock_bh(&tbl->lock); 2725 goto out; 2726 } 2727 next: 2728 idx++; 2729 } 2730 } 2731 2732 read_unlock_bh(&tbl->lock); 2733 out: 2734 cb->args[3] = h; 2735 cb->args[4] = idx; 2736 return err; 2737 } 2738 2739 static int neigh_valid_dump_req(const struct nlmsghdr *nlh, 2740 bool strict_check, 2741 struct neigh_dump_filter *filter, 2742 struct netlink_ext_ack *extack) 2743 { 2744 struct nlattr *tb[NDA_MAX + 1]; 2745 int err, i; 2746 2747 if (strict_check) { 2748 struct ndmsg *ndm; 2749 2750 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*ndm))) { 2751 NL_SET_ERR_MSG(extack, "Invalid header for neighbor dump request"); 2752 return -EINVAL; 2753 } 2754 2755 ndm = nlmsg_data(nlh); 2756 if (ndm->ndm_pad1 || ndm->ndm_pad2 || ndm->ndm_ifindex || 2757 ndm->ndm_state || ndm->ndm_type) { 2758 NL_SET_ERR_MSG(extack, "Invalid values in header for neighbor dump request"); 2759 return -EINVAL; 2760 } 2761 2762 if (ndm->ndm_flags & ~NTF_PROXY) { 2763 NL_SET_ERR_MSG(extack, "Invalid flags in header for neighbor dump request"); 2764 return -EINVAL; 2765 } 2766 2767 err = nlmsg_parse_deprecated_strict(nlh, sizeof(struct ndmsg), 2768 tb, NDA_MAX, nda_policy, 2769 extack); 2770 } else { 2771 err = nlmsg_parse_deprecated(nlh, sizeof(struct ndmsg), tb, 2772 NDA_MAX, nda_policy, extack); 2773 } 2774 if (err < 0) 2775 return err; 2776 2777 for (i = 0; i <= NDA_MAX; ++i) { 2778 if (!tb[i]) 2779 continue; 2780 2781 /* all new attributes should require strict_check */ 2782 switch (i) { 2783 case NDA_IFINDEX: 2784 filter->dev_idx = nla_get_u32(tb[i]); 2785 break; 2786 case NDA_MASTER: 2787 filter->master_idx = nla_get_u32(tb[i]); 2788 break; 2789 default: 2790 if (strict_check) { 2791 NL_SET_ERR_MSG(extack, "Unsupported attribute in neighbor dump request"); 2792 return -EINVAL; 2793 } 2794 } 2795 } 2796 2797 return 0; 2798 } 2799 2800 static int neigh_dump_info(struct sk_buff *skb, struct netlink_callback *cb) 2801 { 2802 const struct nlmsghdr *nlh = cb->nlh; 2803 struct neigh_dump_filter filter = {}; 2804 struct neigh_table *tbl; 2805 int t, family, s_t; 2806 int proxy = 0; 2807 int err; 2808 2809 family = ((struct rtgenmsg *)nlmsg_data(nlh))->rtgen_family; 2810 2811 /* check for full ndmsg structure presence, family member is 2812 * the same for both structures 2813 */ 2814 if (nlmsg_len(nlh) >= sizeof(struct ndmsg) && 2815 ((struct ndmsg *)nlmsg_data(nlh))->ndm_flags == NTF_PROXY) 2816 proxy = 1; 2817 2818 err = neigh_valid_dump_req(nlh, cb->strict_check, &filter, cb->extack); 2819 if (err < 0 && cb->strict_check) 2820 return err; 2821 err = 0; 2822 2823 s_t = cb->args[0]; 2824 2825 rcu_read_lock(); 2826 for (t = 0; t < NEIGH_NR_TABLES; t++) { 2827 tbl = rcu_dereference(neigh_tables[t]); 2828 2829 if (!tbl) 2830 continue; 2831 if (t < s_t || (family && tbl->family != family)) 2832 continue; 2833 if (t > s_t) 2834 memset(&cb->args[1], 0, sizeof(cb->args) - 2835 sizeof(cb->args[0])); 2836 if (proxy) 2837 err = pneigh_dump_table(tbl, skb, cb, &filter); 2838 else 2839 err = neigh_dump_table(tbl, skb, cb, &filter); 2840 if (err < 0) 2841 break; 2842 } 2843 rcu_read_unlock(); 2844 2845 cb->args[0] = t; 2846 return err; 2847 } 2848 2849 static int neigh_valid_get_req(const struct nlmsghdr *nlh, 2850 struct neigh_table **tbl, 2851 void **dst, int *dev_idx, u8 *ndm_flags, 2852 struct netlink_ext_ack *extack) 2853 { 2854 struct nlattr *tb[NDA_MAX + 1]; 2855 struct ndmsg *ndm; 2856 int err, i; 2857 2858 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*ndm))) { 2859 NL_SET_ERR_MSG(extack, "Invalid header for neighbor get request"); 2860 return -EINVAL; 2861 } 2862 2863 ndm = nlmsg_data(nlh); 2864 if (ndm->ndm_pad1 || ndm->ndm_pad2 || ndm->ndm_state || 2865 ndm->ndm_type) { 2866 NL_SET_ERR_MSG(extack, "Invalid values in header for neighbor get request"); 2867 return -EINVAL; 2868 } 2869 2870 if (ndm->ndm_flags & ~NTF_PROXY) { 2871 NL_SET_ERR_MSG(extack, "Invalid flags in header for neighbor get request"); 2872 return -EINVAL; 2873 } 2874 2875 err = nlmsg_parse_deprecated_strict(nlh, sizeof(struct ndmsg), tb, 2876 NDA_MAX, nda_policy, extack); 2877 if (err < 0) 2878 return err; 2879 2880 *ndm_flags = ndm->ndm_flags; 2881 *dev_idx = ndm->ndm_ifindex; 2882 *tbl = neigh_find_table(ndm->ndm_family); 2883 if (*tbl == NULL) { 2884 NL_SET_ERR_MSG(extack, "Unsupported family in header for neighbor get request"); 2885 return -EAFNOSUPPORT; 2886 } 2887 2888 for (i = 0; i <= NDA_MAX; ++i) { 2889 if (!tb[i]) 2890 continue; 2891 2892 switch (i) { 2893 case NDA_DST: 2894 if (nla_len(tb[i]) != (int)(*tbl)->key_len) { 2895 NL_SET_ERR_MSG(extack, "Invalid network address in neighbor get request"); 2896 return -EINVAL; 2897 } 2898 *dst = nla_data(tb[i]); 2899 break; 2900 default: 2901 NL_SET_ERR_MSG(extack, "Unsupported attribute in neighbor get request"); 2902 return -EINVAL; 2903 } 2904 } 2905 2906 return 0; 2907 } 2908 2909 static inline size_t neigh_nlmsg_size(void) 2910 { 2911 return NLMSG_ALIGN(sizeof(struct ndmsg)) 2912 + nla_total_size(MAX_ADDR_LEN) /* NDA_DST */ 2913 + nla_total_size(MAX_ADDR_LEN) /* NDA_LLADDR */ 2914 + nla_total_size(sizeof(struct nda_cacheinfo)) 2915 + nla_total_size(4) /* NDA_PROBES */ 2916 + nla_total_size(4) /* NDA_FLAGS_EXT */ 2917 + nla_total_size(1); /* NDA_PROTOCOL */ 2918 } 2919 2920 static int neigh_get_reply(struct net *net, struct neighbour *neigh, 2921 u32 pid, u32 seq) 2922 { 2923 struct sk_buff *skb; 2924 int err = 0; 2925 2926 skb = nlmsg_new(neigh_nlmsg_size(), GFP_KERNEL); 2927 if (!skb) 2928 return -ENOBUFS; 2929 2930 err = neigh_fill_info(skb, neigh, pid, seq, RTM_NEWNEIGH, 0); 2931 if (err) { 2932 kfree_skb(skb); 2933 goto errout; 2934 } 2935 2936 err = rtnl_unicast(skb, net, pid); 2937 errout: 2938 return err; 2939 } 2940 2941 static inline size_t pneigh_nlmsg_size(void) 2942 { 2943 return NLMSG_ALIGN(sizeof(struct ndmsg)) 2944 + nla_total_size(MAX_ADDR_LEN) /* NDA_DST */ 2945 + nla_total_size(4) /* NDA_FLAGS_EXT */ 2946 + nla_total_size(1); /* NDA_PROTOCOL */ 2947 } 2948 2949 static int pneigh_get_reply(struct net *net, struct pneigh_entry *neigh, 2950 u32 pid, u32 seq, struct neigh_table *tbl) 2951 { 2952 struct sk_buff *skb; 2953 int err = 0; 2954 2955 skb = nlmsg_new(pneigh_nlmsg_size(), GFP_KERNEL); 2956 if (!skb) 2957 return -ENOBUFS; 2958 2959 err = pneigh_fill_info(skb, neigh, pid, seq, RTM_NEWNEIGH, 0, tbl); 2960 if (err) { 2961 kfree_skb(skb); 2962 goto errout; 2963 } 2964 2965 err = rtnl_unicast(skb, net, pid); 2966 errout: 2967 return err; 2968 } 2969 2970 static int neigh_get(struct sk_buff *in_skb, struct nlmsghdr *nlh, 2971 struct netlink_ext_ack *extack) 2972 { 2973 struct net *net = sock_net(in_skb->sk); 2974 struct net_device *dev = NULL; 2975 struct neigh_table *tbl = NULL; 2976 struct neighbour *neigh; 2977 void *dst = NULL; 2978 u8 ndm_flags = 0; 2979 int dev_idx = 0; 2980 int err; 2981 2982 err = neigh_valid_get_req(nlh, &tbl, &dst, &dev_idx, &ndm_flags, 2983 extack); 2984 if (err < 0) 2985 return err; 2986 2987 if (dev_idx) { 2988 dev = __dev_get_by_index(net, dev_idx); 2989 if (!dev) { 2990 NL_SET_ERR_MSG(extack, "Unknown device ifindex"); 2991 return -ENODEV; 2992 } 2993 } 2994 2995 if (!dst) { 2996 NL_SET_ERR_MSG(extack, "Network address not specified"); 2997 return -EINVAL; 2998 } 2999 3000 if (ndm_flags & NTF_PROXY) { 3001 struct pneigh_entry *pn; 3002 3003 pn = pneigh_lookup(tbl, net, dst, dev, 0); 3004 if (!pn) { 3005 NL_SET_ERR_MSG(extack, "Proxy neighbour entry not found"); 3006 return -ENOENT; 3007 } 3008 return pneigh_get_reply(net, pn, NETLINK_CB(in_skb).portid, 3009 nlh->nlmsg_seq, tbl); 3010 } 3011 3012 if (!dev) { 3013 NL_SET_ERR_MSG(extack, "No device specified"); 3014 return -EINVAL; 3015 } 3016 3017 neigh = neigh_lookup(tbl, dst, dev); 3018 if (!neigh) { 3019 NL_SET_ERR_MSG(extack, "Neighbour entry not found"); 3020 return -ENOENT; 3021 } 3022 3023 err = neigh_get_reply(net, neigh, NETLINK_CB(in_skb).portid, 3024 nlh->nlmsg_seq); 3025 3026 neigh_release(neigh); 3027 3028 return err; 3029 } 3030 3031 void neigh_for_each(struct neigh_table *tbl, void (*cb)(struct neighbour *, void *), void *cookie) 3032 { 3033 int chain; 3034 struct neigh_hash_table *nht; 3035 3036 rcu_read_lock(); 3037 nht = rcu_dereference(tbl->nht); 3038 3039 read_lock_bh(&tbl->lock); /* avoid resizes */ 3040 for (chain = 0; chain < (1 << nht->hash_shift); chain++) { 3041 struct neighbour *n; 3042 3043 neigh_for_each_in_bucket(n, &nht->hash_heads[chain]) 3044 cb(n, cookie); 3045 } 3046 read_unlock_bh(&tbl->lock); 3047 rcu_read_unlock(); 3048 } 3049 EXPORT_SYMBOL(neigh_for_each); 3050 3051 /* The tbl->lock must be held as a writer and BH disabled. */ 3052 void __neigh_for_each_release(struct neigh_table *tbl, 3053 int (*cb)(struct neighbour *)) 3054 { 3055 struct neigh_hash_table *nht; 3056 int chain; 3057 3058 nht = rcu_dereference_protected(tbl->nht, 3059 lockdep_is_held(&tbl->lock)); 3060 for (chain = 0; chain < (1 << nht->hash_shift); chain++) { 3061 struct hlist_node *tmp; 3062 struct neighbour *n; 3063 3064 neigh_for_each_in_bucket_safe(n, tmp, &nht->hash_heads[chain]) { 3065 int release; 3066 3067 write_lock(&n->lock); 3068 release = cb(n); 3069 if (release) { 3070 hlist_del_rcu(&n->hash); 3071 hlist_del_rcu(&n->dev_list); 3072 neigh_mark_dead(n); 3073 } 3074 write_unlock(&n->lock); 3075 if (release) 3076 neigh_cleanup_and_release(n); 3077 } 3078 } 3079 } 3080 EXPORT_SYMBOL(__neigh_for_each_release); 3081 3082 int neigh_xmit(int index, struct net_device *dev, 3083 const void *addr, struct sk_buff *skb) 3084 { 3085 int err = -EAFNOSUPPORT; 3086 3087 if (likely(index < NEIGH_NR_TABLES)) { 3088 struct neigh_table *tbl; 3089 struct neighbour *neigh; 3090 3091 rcu_read_lock(); 3092 tbl = rcu_dereference(neigh_tables[index]); 3093 if (!tbl) 3094 goto out_unlock; 3095 if (index == NEIGH_ARP_TABLE) { 3096 u32 key = *((u32 *)addr); 3097 3098 neigh = __ipv4_neigh_lookup_noref(dev, key); 3099 } else { 3100 neigh = __neigh_lookup_noref(tbl, addr, dev); 3101 } 3102 if (!neigh) 3103 neigh = __neigh_create(tbl, addr, dev, false); 3104 err = PTR_ERR(neigh); 3105 if (IS_ERR(neigh)) { 3106 rcu_read_unlock(); 3107 goto out_kfree_skb; 3108 } 3109 err = READ_ONCE(neigh->output)(neigh, skb); 3110 out_unlock: 3111 rcu_read_unlock(); 3112 } 3113 else if (index == NEIGH_LINK_TABLE) { 3114 err = dev_hard_header(skb, dev, ntohs(skb->protocol), 3115 addr, NULL, skb->len); 3116 if (err < 0) 3117 goto out_kfree_skb; 3118 err = dev_queue_xmit(skb); 3119 } 3120 out: 3121 return err; 3122 out_kfree_skb: 3123 kfree_skb(skb); 3124 goto out; 3125 } 3126 EXPORT_SYMBOL(neigh_xmit); 3127 3128 #ifdef CONFIG_PROC_FS 3129 3130 static struct neighbour *neigh_get_valid(struct seq_file *seq, 3131 struct neighbour *n, 3132 loff_t *pos) 3133 { 3134 struct neigh_seq_state *state = seq->private; 3135 struct net *net = seq_file_net(seq); 3136 3137 if (!net_eq(dev_net(n->dev), net)) 3138 return NULL; 3139 3140 if (state->neigh_sub_iter) { 3141 loff_t fakep = 0; 3142 void *v; 3143 3144 v = state->neigh_sub_iter(state, n, pos ? pos : &fakep); 3145 if (!v) 3146 return NULL; 3147 if (pos) 3148 return v; 3149 } 3150 3151 if (!(state->flags & NEIGH_SEQ_SKIP_NOARP)) 3152 return n; 3153 3154 if (READ_ONCE(n->nud_state) & ~NUD_NOARP) 3155 return n; 3156 3157 return NULL; 3158 } 3159 3160 static struct neighbour *neigh_get_first(struct seq_file *seq) 3161 { 3162 struct neigh_seq_state *state = seq->private; 3163 struct neigh_hash_table *nht = state->nht; 3164 struct neighbour *n, *tmp; 3165 3166 state->flags &= ~NEIGH_SEQ_IS_PNEIGH; 3167 3168 while (++state->bucket < (1 << nht->hash_shift)) { 3169 neigh_for_each_in_bucket(n, &nht->hash_heads[state->bucket]) { 3170 tmp = neigh_get_valid(seq, n, NULL); 3171 if (tmp) 3172 return tmp; 3173 } 3174 } 3175 3176 return NULL; 3177 } 3178 3179 static struct neighbour *neigh_get_next(struct seq_file *seq, 3180 struct neighbour *n, 3181 loff_t *pos) 3182 { 3183 struct neigh_seq_state *state = seq->private; 3184 struct neighbour *tmp; 3185 3186 if (state->neigh_sub_iter) { 3187 void *v = state->neigh_sub_iter(state, n, pos); 3188 3189 if (v) 3190 return n; 3191 } 3192 3193 hlist_for_each_entry_continue(n, hash) { 3194 tmp = neigh_get_valid(seq, n, pos); 3195 if (tmp) { 3196 n = tmp; 3197 goto out; 3198 } 3199 } 3200 3201 n = neigh_get_first(seq); 3202 out: 3203 if (n && pos) 3204 --(*pos); 3205 3206 return n; 3207 } 3208 3209 static struct neighbour *neigh_get_idx(struct seq_file *seq, loff_t *pos) 3210 { 3211 struct neighbour *n = neigh_get_first(seq); 3212 3213 if (n) { 3214 --(*pos); 3215 while (*pos) { 3216 n = neigh_get_next(seq, n, pos); 3217 if (!n) 3218 break; 3219 } 3220 } 3221 return *pos ? NULL : n; 3222 } 3223 3224 static struct pneigh_entry *pneigh_get_first(struct seq_file *seq) 3225 { 3226 struct neigh_seq_state *state = seq->private; 3227 struct net *net = seq_file_net(seq); 3228 struct neigh_table *tbl = state->tbl; 3229 struct pneigh_entry *pn = NULL; 3230 int bucket; 3231 3232 state->flags |= NEIGH_SEQ_IS_PNEIGH; 3233 for (bucket = 0; bucket <= PNEIGH_HASHMASK; bucket++) { 3234 pn = tbl->phash_buckets[bucket]; 3235 while (pn && !net_eq(pneigh_net(pn), net)) 3236 pn = pn->next; 3237 if (pn) 3238 break; 3239 } 3240 state->bucket = bucket; 3241 3242 return pn; 3243 } 3244 3245 static struct pneigh_entry *pneigh_get_next(struct seq_file *seq, 3246 struct pneigh_entry *pn, 3247 loff_t *pos) 3248 { 3249 struct neigh_seq_state *state = seq->private; 3250 struct net *net = seq_file_net(seq); 3251 struct neigh_table *tbl = state->tbl; 3252 3253 do { 3254 pn = pn->next; 3255 } while (pn && !net_eq(pneigh_net(pn), net)); 3256 3257 while (!pn) { 3258 if (++state->bucket > PNEIGH_HASHMASK) 3259 break; 3260 pn = tbl->phash_buckets[state->bucket]; 3261 while (pn && !net_eq(pneigh_net(pn), net)) 3262 pn = pn->next; 3263 if (pn) 3264 break; 3265 } 3266 3267 if (pn && pos) 3268 --(*pos); 3269 3270 return pn; 3271 } 3272 3273 static struct pneigh_entry *pneigh_get_idx(struct seq_file *seq, loff_t *pos) 3274 { 3275 struct pneigh_entry *pn = pneigh_get_first(seq); 3276 3277 if (pn) { 3278 --(*pos); 3279 while (*pos) { 3280 pn = pneigh_get_next(seq, pn, pos); 3281 if (!pn) 3282 break; 3283 } 3284 } 3285 return *pos ? NULL : pn; 3286 } 3287 3288 static void *neigh_get_idx_any(struct seq_file *seq, loff_t *pos) 3289 { 3290 struct neigh_seq_state *state = seq->private; 3291 void *rc; 3292 loff_t idxpos = *pos; 3293 3294 rc = neigh_get_idx(seq, &idxpos); 3295 if (!rc && !(state->flags & NEIGH_SEQ_NEIGH_ONLY)) 3296 rc = pneigh_get_idx(seq, &idxpos); 3297 3298 return rc; 3299 } 3300 3301 void *neigh_seq_start(struct seq_file *seq, loff_t *pos, struct neigh_table *tbl, unsigned int neigh_seq_flags) 3302 __acquires(tbl->lock) 3303 __acquires(rcu) 3304 { 3305 struct neigh_seq_state *state = seq->private; 3306 3307 state->tbl = tbl; 3308 state->bucket = -1; 3309 state->flags = (neigh_seq_flags & ~NEIGH_SEQ_IS_PNEIGH); 3310 3311 rcu_read_lock(); 3312 state->nht = rcu_dereference(tbl->nht); 3313 read_lock_bh(&tbl->lock); 3314 3315 return *pos ? neigh_get_idx_any(seq, pos) : SEQ_START_TOKEN; 3316 } 3317 EXPORT_SYMBOL(neigh_seq_start); 3318 3319 void *neigh_seq_next(struct seq_file *seq, void *v, loff_t *pos) 3320 { 3321 struct neigh_seq_state *state; 3322 void *rc; 3323 3324 if (v == SEQ_START_TOKEN) { 3325 rc = neigh_get_first(seq); 3326 goto out; 3327 } 3328 3329 state = seq->private; 3330 if (!(state->flags & NEIGH_SEQ_IS_PNEIGH)) { 3331 rc = neigh_get_next(seq, v, NULL); 3332 if (rc) 3333 goto out; 3334 if (!(state->flags & NEIGH_SEQ_NEIGH_ONLY)) 3335 rc = pneigh_get_first(seq); 3336 } else { 3337 BUG_ON(state->flags & NEIGH_SEQ_NEIGH_ONLY); 3338 rc = pneigh_get_next(seq, v, NULL); 3339 } 3340 out: 3341 ++(*pos); 3342 return rc; 3343 } 3344 EXPORT_SYMBOL(neigh_seq_next); 3345 3346 void neigh_seq_stop(struct seq_file *seq, void *v) 3347 __releases(tbl->lock) 3348 __releases(rcu) 3349 { 3350 struct neigh_seq_state *state = seq->private; 3351 struct neigh_table *tbl = state->tbl; 3352 3353 read_unlock_bh(&tbl->lock); 3354 rcu_read_unlock(); 3355 } 3356 EXPORT_SYMBOL(neigh_seq_stop); 3357 3358 /* statistics via seq_file */ 3359 3360 static void *neigh_stat_seq_start(struct seq_file *seq, loff_t *pos) 3361 { 3362 struct neigh_table *tbl = pde_data(file_inode(seq->file)); 3363 int cpu; 3364 3365 if (*pos == 0) 3366 return SEQ_START_TOKEN; 3367 3368 for (cpu = *pos-1; cpu < nr_cpu_ids; ++cpu) { 3369 if (!cpu_possible(cpu)) 3370 continue; 3371 *pos = cpu+1; 3372 return per_cpu_ptr(tbl->stats, cpu); 3373 } 3374 return NULL; 3375 } 3376 3377 static void *neigh_stat_seq_next(struct seq_file *seq, void *v, loff_t *pos) 3378 { 3379 struct neigh_table *tbl = pde_data(file_inode(seq->file)); 3380 int cpu; 3381 3382 for (cpu = *pos; cpu < nr_cpu_ids; ++cpu) { 3383 if (!cpu_possible(cpu)) 3384 continue; 3385 *pos = cpu+1; 3386 return per_cpu_ptr(tbl->stats, cpu); 3387 } 3388 (*pos)++; 3389 return NULL; 3390 } 3391 3392 static void neigh_stat_seq_stop(struct seq_file *seq, void *v) 3393 { 3394 3395 } 3396 3397 static int neigh_stat_seq_show(struct seq_file *seq, void *v) 3398 { 3399 struct neigh_table *tbl = pde_data(file_inode(seq->file)); 3400 struct neigh_statistics *st = v; 3401 3402 if (v == SEQ_START_TOKEN) { 3403 seq_puts(seq, "entries allocs destroys hash_grows lookups hits res_failed rcv_probes_mcast rcv_probes_ucast periodic_gc_runs forced_gc_runs unresolved_discards table_fulls\n"); 3404 return 0; 3405 } 3406 3407 seq_printf(seq, "%08x %08lx %08lx %08lx %08lx %08lx %08lx " 3408 "%08lx %08lx %08lx " 3409 "%08lx %08lx %08lx\n", 3410 atomic_read(&tbl->entries), 3411 3412 st->allocs, 3413 st->destroys, 3414 st->hash_grows, 3415 3416 st->lookups, 3417 st->hits, 3418 3419 st->res_failed, 3420 3421 st->rcv_probes_mcast, 3422 st->rcv_probes_ucast, 3423 3424 st->periodic_gc_runs, 3425 st->forced_gc_runs, 3426 st->unres_discards, 3427 st->table_fulls 3428 ); 3429 3430 return 0; 3431 } 3432 3433 static const struct seq_operations neigh_stat_seq_ops = { 3434 .start = neigh_stat_seq_start, 3435 .next = neigh_stat_seq_next, 3436 .stop = neigh_stat_seq_stop, 3437 .show = neigh_stat_seq_show, 3438 }; 3439 #endif /* CONFIG_PROC_FS */ 3440 3441 static void __neigh_notify(struct neighbour *n, int type, int flags, 3442 u32 pid) 3443 { 3444 struct sk_buff *skb; 3445 int err = -ENOBUFS; 3446 struct net *net; 3447 3448 rcu_read_lock(); 3449 net = dev_net_rcu(n->dev); 3450 skb = nlmsg_new(neigh_nlmsg_size(), GFP_ATOMIC); 3451 if (skb == NULL) 3452 goto errout; 3453 3454 err = neigh_fill_info(skb, n, pid, 0, type, flags); 3455 if (err < 0) { 3456 /* -EMSGSIZE implies BUG in neigh_nlmsg_size() */ 3457 WARN_ON(err == -EMSGSIZE); 3458 kfree_skb(skb); 3459 goto errout; 3460 } 3461 rtnl_notify(skb, net, 0, RTNLGRP_NEIGH, NULL, GFP_ATOMIC); 3462 goto out; 3463 errout: 3464 rtnl_set_sk_err(net, RTNLGRP_NEIGH, err); 3465 out: 3466 rcu_read_unlock(); 3467 } 3468 3469 void neigh_app_ns(struct neighbour *n) 3470 { 3471 __neigh_notify(n, RTM_GETNEIGH, NLM_F_REQUEST, 0); 3472 } 3473 EXPORT_SYMBOL(neigh_app_ns); 3474 3475 #ifdef CONFIG_SYSCTL 3476 static int unres_qlen_max = INT_MAX / SKB_TRUESIZE(ETH_FRAME_LEN); 3477 3478 static int proc_unres_qlen(const struct ctl_table *ctl, int write, 3479 void *buffer, size_t *lenp, loff_t *ppos) 3480 { 3481 int size, ret; 3482 struct ctl_table tmp = *ctl; 3483 3484 tmp.extra1 = SYSCTL_ZERO; 3485 tmp.extra2 = &unres_qlen_max; 3486 tmp.data = &size; 3487 3488 size = *(int *)ctl->data / SKB_TRUESIZE(ETH_FRAME_LEN); 3489 ret = proc_dointvec_minmax(&tmp, write, buffer, lenp, ppos); 3490 3491 if (write && !ret) 3492 *(int *)ctl->data = size * SKB_TRUESIZE(ETH_FRAME_LEN); 3493 return ret; 3494 } 3495 3496 static void neigh_copy_dflt_parms(struct net *net, struct neigh_parms *p, 3497 int index) 3498 { 3499 struct net_device *dev; 3500 int family = neigh_parms_family(p); 3501 3502 rcu_read_lock(); 3503 for_each_netdev_rcu(net, dev) { 3504 struct neigh_parms *dst_p = 3505 neigh_get_dev_parms_rcu(dev, family); 3506 3507 if (dst_p && !test_bit(index, dst_p->data_state)) 3508 dst_p->data[index] = p->data[index]; 3509 } 3510 rcu_read_unlock(); 3511 } 3512 3513 static void neigh_proc_update(const struct ctl_table *ctl, int write) 3514 { 3515 struct net_device *dev = ctl->extra1; 3516 struct neigh_parms *p = ctl->extra2; 3517 struct net *net = neigh_parms_net(p); 3518 int index = (int *) ctl->data - p->data; 3519 3520 if (!write) 3521 return; 3522 3523 set_bit(index, p->data_state); 3524 if (index == NEIGH_VAR_DELAY_PROBE_TIME) 3525 call_netevent_notifiers(NETEVENT_DELAY_PROBE_TIME_UPDATE, p); 3526 if (!dev) /* NULL dev means this is default value */ 3527 neigh_copy_dflt_parms(net, p, index); 3528 } 3529 3530 static int neigh_proc_dointvec_zero_intmax(const struct ctl_table *ctl, int write, 3531 void *buffer, size_t *lenp, 3532 loff_t *ppos) 3533 { 3534 struct ctl_table tmp = *ctl; 3535 int ret; 3536 3537 tmp.extra1 = SYSCTL_ZERO; 3538 tmp.extra2 = SYSCTL_INT_MAX; 3539 3540 ret = proc_dointvec_minmax(&tmp, write, buffer, lenp, ppos); 3541 neigh_proc_update(ctl, write); 3542 return ret; 3543 } 3544 3545 static int neigh_proc_dointvec_ms_jiffies_positive(const struct ctl_table *ctl, int write, 3546 void *buffer, size_t *lenp, loff_t *ppos) 3547 { 3548 struct ctl_table tmp = *ctl; 3549 int ret; 3550 3551 int min = msecs_to_jiffies(1); 3552 3553 tmp.extra1 = &min; 3554 tmp.extra2 = NULL; 3555 3556 ret = proc_dointvec_ms_jiffies_minmax(&tmp, write, buffer, lenp, ppos); 3557 neigh_proc_update(ctl, write); 3558 return ret; 3559 } 3560 3561 int neigh_proc_dointvec(const struct ctl_table *ctl, int write, void *buffer, 3562 size_t *lenp, loff_t *ppos) 3563 { 3564 int ret = proc_dointvec(ctl, write, buffer, lenp, ppos); 3565 3566 neigh_proc_update(ctl, write); 3567 return ret; 3568 } 3569 EXPORT_SYMBOL(neigh_proc_dointvec); 3570 3571 int neigh_proc_dointvec_jiffies(const struct ctl_table *ctl, int write, void *buffer, 3572 size_t *lenp, loff_t *ppos) 3573 { 3574 int ret = proc_dointvec_jiffies(ctl, write, buffer, lenp, ppos); 3575 3576 neigh_proc_update(ctl, write); 3577 return ret; 3578 } 3579 EXPORT_SYMBOL(neigh_proc_dointvec_jiffies); 3580 3581 static int neigh_proc_dointvec_userhz_jiffies(const struct ctl_table *ctl, int write, 3582 void *buffer, size_t *lenp, 3583 loff_t *ppos) 3584 { 3585 int ret = proc_dointvec_userhz_jiffies(ctl, write, buffer, lenp, ppos); 3586 3587 neigh_proc_update(ctl, write); 3588 return ret; 3589 } 3590 3591 int neigh_proc_dointvec_ms_jiffies(const struct ctl_table *ctl, int write, 3592 void *buffer, size_t *lenp, loff_t *ppos) 3593 { 3594 int ret = proc_dointvec_ms_jiffies(ctl, write, buffer, lenp, ppos); 3595 3596 neigh_proc_update(ctl, write); 3597 return ret; 3598 } 3599 EXPORT_SYMBOL(neigh_proc_dointvec_ms_jiffies); 3600 3601 static int neigh_proc_dointvec_unres_qlen(const struct ctl_table *ctl, int write, 3602 void *buffer, size_t *lenp, 3603 loff_t *ppos) 3604 { 3605 int ret = proc_unres_qlen(ctl, write, buffer, lenp, ppos); 3606 3607 neigh_proc_update(ctl, write); 3608 return ret; 3609 } 3610 3611 static int neigh_proc_base_reachable_time(const struct ctl_table *ctl, int write, 3612 void *buffer, size_t *lenp, 3613 loff_t *ppos) 3614 { 3615 struct neigh_parms *p = ctl->extra2; 3616 int ret; 3617 3618 if (strcmp(ctl->procname, "base_reachable_time") == 0) 3619 ret = neigh_proc_dointvec_jiffies(ctl, write, buffer, lenp, ppos); 3620 else if (strcmp(ctl->procname, "base_reachable_time_ms") == 0) 3621 ret = neigh_proc_dointvec_ms_jiffies(ctl, write, buffer, lenp, ppos); 3622 else 3623 ret = -1; 3624 3625 if (write && ret == 0) { 3626 /* update reachable_time as well, otherwise, the change will 3627 * only be effective after the next time neigh_periodic_work 3628 * decides to recompute it 3629 */ 3630 p->reachable_time = 3631 neigh_rand_reach_time(NEIGH_VAR(p, BASE_REACHABLE_TIME)); 3632 } 3633 return ret; 3634 } 3635 3636 #define NEIGH_PARMS_DATA_OFFSET(index) \ 3637 (&((struct neigh_parms *) 0)->data[index]) 3638 3639 #define NEIGH_SYSCTL_ENTRY(attr, data_attr, name, mval, proc) \ 3640 [NEIGH_VAR_ ## attr] = { \ 3641 .procname = name, \ 3642 .data = NEIGH_PARMS_DATA_OFFSET(NEIGH_VAR_ ## data_attr), \ 3643 .maxlen = sizeof(int), \ 3644 .mode = mval, \ 3645 .proc_handler = proc, \ 3646 } 3647 3648 #define NEIGH_SYSCTL_ZERO_INTMAX_ENTRY(attr, name) \ 3649 NEIGH_SYSCTL_ENTRY(attr, attr, name, 0644, neigh_proc_dointvec_zero_intmax) 3650 3651 #define NEIGH_SYSCTL_JIFFIES_ENTRY(attr, name) \ 3652 NEIGH_SYSCTL_ENTRY(attr, attr, name, 0644, neigh_proc_dointvec_jiffies) 3653 3654 #define NEIGH_SYSCTL_USERHZ_JIFFIES_ENTRY(attr, name) \ 3655 NEIGH_SYSCTL_ENTRY(attr, attr, name, 0644, neigh_proc_dointvec_userhz_jiffies) 3656 3657 #define NEIGH_SYSCTL_MS_JIFFIES_POSITIVE_ENTRY(attr, name) \ 3658 NEIGH_SYSCTL_ENTRY(attr, attr, name, 0644, neigh_proc_dointvec_ms_jiffies_positive) 3659 3660 #define NEIGH_SYSCTL_MS_JIFFIES_REUSED_ENTRY(attr, data_attr, name) \ 3661 NEIGH_SYSCTL_ENTRY(attr, data_attr, name, 0644, neigh_proc_dointvec_ms_jiffies) 3662 3663 #define NEIGH_SYSCTL_UNRES_QLEN_REUSED_ENTRY(attr, data_attr, name) \ 3664 NEIGH_SYSCTL_ENTRY(attr, data_attr, name, 0644, neigh_proc_dointvec_unres_qlen) 3665 3666 static struct neigh_sysctl_table { 3667 struct ctl_table_header *sysctl_header; 3668 struct ctl_table neigh_vars[NEIGH_VAR_MAX]; 3669 } neigh_sysctl_template __read_mostly = { 3670 .neigh_vars = { 3671 NEIGH_SYSCTL_ZERO_INTMAX_ENTRY(MCAST_PROBES, "mcast_solicit"), 3672 NEIGH_SYSCTL_ZERO_INTMAX_ENTRY(UCAST_PROBES, "ucast_solicit"), 3673 NEIGH_SYSCTL_ZERO_INTMAX_ENTRY(APP_PROBES, "app_solicit"), 3674 NEIGH_SYSCTL_ZERO_INTMAX_ENTRY(MCAST_REPROBES, "mcast_resolicit"), 3675 NEIGH_SYSCTL_USERHZ_JIFFIES_ENTRY(RETRANS_TIME, "retrans_time"), 3676 NEIGH_SYSCTL_JIFFIES_ENTRY(BASE_REACHABLE_TIME, "base_reachable_time"), 3677 NEIGH_SYSCTL_JIFFIES_ENTRY(DELAY_PROBE_TIME, "delay_first_probe_time"), 3678 NEIGH_SYSCTL_MS_JIFFIES_POSITIVE_ENTRY(INTERVAL_PROBE_TIME_MS, 3679 "interval_probe_time_ms"), 3680 NEIGH_SYSCTL_JIFFIES_ENTRY(GC_STALETIME, "gc_stale_time"), 3681 NEIGH_SYSCTL_ZERO_INTMAX_ENTRY(QUEUE_LEN_BYTES, "unres_qlen_bytes"), 3682 NEIGH_SYSCTL_ZERO_INTMAX_ENTRY(PROXY_QLEN, "proxy_qlen"), 3683 NEIGH_SYSCTL_USERHZ_JIFFIES_ENTRY(ANYCAST_DELAY, "anycast_delay"), 3684 NEIGH_SYSCTL_USERHZ_JIFFIES_ENTRY(PROXY_DELAY, "proxy_delay"), 3685 NEIGH_SYSCTL_USERHZ_JIFFIES_ENTRY(LOCKTIME, "locktime"), 3686 NEIGH_SYSCTL_UNRES_QLEN_REUSED_ENTRY(QUEUE_LEN, QUEUE_LEN_BYTES, "unres_qlen"), 3687 NEIGH_SYSCTL_MS_JIFFIES_REUSED_ENTRY(RETRANS_TIME_MS, RETRANS_TIME, "retrans_time_ms"), 3688 NEIGH_SYSCTL_MS_JIFFIES_REUSED_ENTRY(BASE_REACHABLE_TIME_MS, BASE_REACHABLE_TIME, "base_reachable_time_ms"), 3689 [NEIGH_VAR_GC_INTERVAL] = { 3690 .procname = "gc_interval", 3691 .maxlen = sizeof(int), 3692 .mode = 0644, 3693 .proc_handler = proc_dointvec_jiffies, 3694 }, 3695 [NEIGH_VAR_GC_THRESH1] = { 3696 .procname = "gc_thresh1", 3697 .maxlen = sizeof(int), 3698 .mode = 0644, 3699 .extra1 = SYSCTL_ZERO, 3700 .extra2 = SYSCTL_INT_MAX, 3701 .proc_handler = proc_dointvec_minmax, 3702 }, 3703 [NEIGH_VAR_GC_THRESH2] = { 3704 .procname = "gc_thresh2", 3705 .maxlen = sizeof(int), 3706 .mode = 0644, 3707 .extra1 = SYSCTL_ZERO, 3708 .extra2 = SYSCTL_INT_MAX, 3709 .proc_handler = proc_dointvec_minmax, 3710 }, 3711 [NEIGH_VAR_GC_THRESH3] = { 3712 .procname = "gc_thresh3", 3713 .maxlen = sizeof(int), 3714 .mode = 0644, 3715 .extra1 = SYSCTL_ZERO, 3716 .extra2 = SYSCTL_INT_MAX, 3717 .proc_handler = proc_dointvec_minmax, 3718 }, 3719 }, 3720 }; 3721 3722 int neigh_sysctl_register(struct net_device *dev, struct neigh_parms *p, 3723 proc_handler *handler) 3724 { 3725 int i; 3726 struct neigh_sysctl_table *t; 3727 const char *dev_name_source; 3728 char neigh_path[ sizeof("net//neigh/") + IFNAMSIZ + IFNAMSIZ ]; 3729 char *p_name; 3730 size_t neigh_vars_size; 3731 3732 t = kmemdup(&neigh_sysctl_template, sizeof(*t), GFP_KERNEL_ACCOUNT); 3733 if (!t) 3734 goto err; 3735 3736 for (i = 0; i < NEIGH_VAR_GC_INTERVAL; i++) { 3737 t->neigh_vars[i].data += (long) p; 3738 t->neigh_vars[i].extra1 = dev; 3739 t->neigh_vars[i].extra2 = p; 3740 } 3741 3742 neigh_vars_size = ARRAY_SIZE(t->neigh_vars); 3743 if (dev) { 3744 dev_name_source = dev->name; 3745 /* Terminate the table early */ 3746 neigh_vars_size = NEIGH_VAR_BASE_REACHABLE_TIME_MS + 1; 3747 } else { 3748 struct neigh_table *tbl = p->tbl; 3749 dev_name_source = "default"; 3750 t->neigh_vars[NEIGH_VAR_GC_INTERVAL].data = &tbl->gc_interval; 3751 t->neigh_vars[NEIGH_VAR_GC_THRESH1].data = &tbl->gc_thresh1; 3752 t->neigh_vars[NEIGH_VAR_GC_THRESH2].data = &tbl->gc_thresh2; 3753 t->neigh_vars[NEIGH_VAR_GC_THRESH3].data = &tbl->gc_thresh3; 3754 } 3755 3756 if (handler) { 3757 /* RetransTime */ 3758 t->neigh_vars[NEIGH_VAR_RETRANS_TIME].proc_handler = handler; 3759 /* ReachableTime */ 3760 t->neigh_vars[NEIGH_VAR_BASE_REACHABLE_TIME].proc_handler = handler; 3761 /* RetransTime (in milliseconds)*/ 3762 t->neigh_vars[NEIGH_VAR_RETRANS_TIME_MS].proc_handler = handler; 3763 /* ReachableTime (in milliseconds) */ 3764 t->neigh_vars[NEIGH_VAR_BASE_REACHABLE_TIME_MS].proc_handler = handler; 3765 } else { 3766 /* Those handlers will update p->reachable_time after 3767 * base_reachable_time(_ms) is set to ensure the new timer starts being 3768 * applied after the next neighbour update instead of waiting for 3769 * neigh_periodic_work to update its value (can be multiple minutes) 3770 * So any handler that replaces them should do this as well 3771 */ 3772 /* ReachableTime */ 3773 t->neigh_vars[NEIGH_VAR_BASE_REACHABLE_TIME].proc_handler = 3774 neigh_proc_base_reachable_time; 3775 /* ReachableTime (in milliseconds) */ 3776 t->neigh_vars[NEIGH_VAR_BASE_REACHABLE_TIME_MS].proc_handler = 3777 neigh_proc_base_reachable_time; 3778 } 3779 3780 switch (neigh_parms_family(p)) { 3781 case AF_INET: 3782 p_name = "ipv4"; 3783 break; 3784 case AF_INET6: 3785 p_name = "ipv6"; 3786 break; 3787 default: 3788 BUG(); 3789 } 3790 3791 snprintf(neigh_path, sizeof(neigh_path), "net/%s/neigh/%s", 3792 p_name, dev_name_source); 3793 t->sysctl_header = register_net_sysctl_sz(neigh_parms_net(p), 3794 neigh_path, t->neigh_vars, 3795 neigh_vars_size); 3796 if (!t->sysctl_header) 3797 goto free; 3798 3799 p->sysctl_table = t; 3800 return 0; 3801 3802 free: 3803 kfree(t); 3804 err: 3805 return -ENOBUFS; 3806 } 3807 EXPORT_SYMBOL(neigh_sysctl_register); 3808 3809 void neigh_sysctl_unregister(struct neigh_parms *p) 3810 { 3811 if (p->sysctl_table) { 3812 struct neigh_sysctl_table *t = p->sysctl_table; 3813 p->sysctl_table = NULL; 3814 unregister_net_sysctl_table(t->sysctl_header); 3815 kfree(t); 3816 } 3817 } 3818 EXPORT_SYMBOL(neigh_sysctl_unregister); 3819 3820 #endif /* CONFIG_SYSCTL */ 3821 3822 static const struct rtnl_msg_handler neigh_rtnl_msg_handlers[] __initconst = { 3823 {.msgtype = RTM_NEWNEIGH, .doit = neigh_add}, 3824 {.msgtype = RTM_DELNEIGH, .doit = neigh_delete}, 3825 {.msgtype = RTM_GETNEIGH, .doit = neigh_get, .dumpit = neigh_dump_info, 3826 .flags = RTNL_FLAG_DUMP_UNLOCKED}, 3827 {.msgtype = RTM_GETNEIGHTBL, .dumpit = neightbl_dump_info}, 3828 {.msgtype = RTM_SETNEIGHTBL, .doit = neightbl_set}, 3829 }; 3830 3831 static int __init neigh_init(void) 3832 { 3833 rtnl_register_many(neigh_rtnl_msg_handlers); 3834 return 0; 3835 } 3836 3837 subsys_initcall(neigh_init); 3838