1 /* 2 * Generic address resolution entity 3 * 4 * Authors: 5 * Pedro Roque <roque@di.fc.ul.pt> 6 * Alexey Kuznetsov <kuznet@ms2.inr.ac.ru> 7 * 8 * This program is free software; you can redistribute it and/or 9 * modify it under the terms of the GNU General Public License 10 * as published by the Free Software Foundation; either version 11 * 2 of the License, or (at your option) any later version. 12 * 13 * Fixes: 14 * Vitaly E. Lavrov releasing NULL neighbor in neigh_add. 15 * Harald Welte Add neighbour cache statistics like rtstat 16 */ 17 18 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 19 20 #include <linux/slab.h> 21 #include <linux/types.h> 22 #include <linux/kernel.h> 23 #include <linux/module.h> 24 #include <linux/socket.h> 25 #include <linux/netdevice.h> 26 #include <linux/proc_fs.h> 27 #ifdef CONFIG_SYSCTL 28 #include <linux/sysctl.h> 29 #endif 30 #include <linux/times.h> 31 #include <net/net_namespace.h> 32 #include <net/neighbour.h> 33 #include <net/dst.h> 34 #include <net/sock.h> 35 #include <net/netevent.h> 36 #include <net/netlink.h> 37 #include <linux/rtnetlink.h> 38 #include <linux/random.h> 39 #include <linux/string.h> 40 #include <linux/log2.h> 41 #include <linux/inetdevice.h> 42 #include <net/addrconf.h> 43 44 #define DEBUG 45 #define NEIGH_DEBUG 1 46 #define neigh_dbg(level, fmt, ...) \ 47 do { \ 48 if (level <= NEIGH_DEBUG) \ 49 pr_debug(fmt, ##__VA_ARGS__); \ 50 } while (0) 51 52 #define PNEIGH_HASHMASK 0xF 53 54 static void neigh_timer_handler(struct timer_list *t); 55 static void __neigh_notify(struct neighbour *n, int type, int flags, 56 u32 pid); 57 static void neigh_update_notify(struct neighbour *neigh, u32 nlmsg_pid); 58 static int pneigh_ifdown_and_unlock(struct neigh_table *tbl, 59 struct net_device *dev); 60 61 #ifdef CONFIG_PROC_FS 62 static const struct seq_operations neigh_stat_seq_ops; 63 #endif 64 65 /* 66 Neighbour hash table buckets are protected with rwlock tbl->lock. 67 68 - All the scans/updates to hash buckets MUST be made under this lock. 69 - NOTHING clever should be made under this lock: no callbacks 70 to protocol backends, no attempts to send something to network. 71 It will result in deadlocks, if backend/driver wants to use neighbour 72 cache. 73 - If the entry requires some non-trivial actions, increase 74 its reference count and release table lock. 75 76 Neighbour entries are protected: 77 - with reference count. 78 - with rwlock neigh->lock 79 80 Reference count prevents destruction. 81 82 neigh->lock mainly serializes ll address data and its validity state. 83 However, the same lock is used to protect another entry fields: 84 - timer 85 - resolution queue 86 87 Again, nothing clever shall be made under neigh->lock, 88 the most complicated procedure, which we allow is dev->hard_header. 89 It is supposed, that dev->hard_header is simplistic and does 90 not make callbacks to neighbour tables. 91 */ 92 93 static int neigh_blackhole(struct neighbour *neigh, struct sk_buff *skb) 94 { 95 kfree_skb(skb); 96 return -ENETDOWN; 97 } 98 99 static void neigh_cleanup_and_release(struct neighbour *neigh) 100 { 101 if (neigh->parms->neigh_cleanup) 102 neigh->parms->neigh_cleanup(neigh); 103 104 __neigh_notify(neigh, RTM_DELNEIGH, 0, 0); 105 call_netevent_notifiers(NETEVENT_NEIGH_UPDATE, neigh); 106 neigh_release(neigh); 107 } 108 109 /* 110 * It is random distribution in the interval (1/2)*base...(3/2)*base. 111 * It corresponds to default IPv6 settings and is not overridable, 112 * because it is really reasonable choice. 113 */ 114 115 unsigned long neigh_rand_reach_time(unsigned long base) 116 { 117 return base ? (prandom_u32() % base) + (base >> 1) : 0; 118 } 119 EXPORT_SYMBOL(neigh_rand_reach_time); 120 121 122 static bool neigh_del(struct neighbour *n, __u8 state, __u8 flags, 123 struct neighbour __rcu **np, struct neigh_table *tbl) 124 { 125 bool retval = false; 126 127 write_lock(&n->lock); 128 if (refcount_read(&n->refcnt) == 1 && !(n->nud_state & state) && 129 !(n->flags & flags)) { 130 struct neighbour *neigh; 131 132 neigh = rcu_dereference_protected(n->next, 133 lockdep_is_held(&tbl->lock)); 134 rcu_assign_pointer(*np, neigh); 135 n->dead = 1; 136 retval = true; 137 } 138 write_unlock(&n->lock); 139 if (retval) 140 neigh_cleanup_and_release(n); 141 return retval; 142 } 143 144 bool neigh_remove_one(struct neighbour *ndel, struct neigh_table *tbl) 145 { 146 struct neigh_hash_table *nht; 147 void *pkey = ndel->primary_key; 148 u32 hash_val; 149 struct neighbour *n; 150 struct neighbour __rcu **np; 151 152 nht = rcu_dereference_protected(tbl->nht, 153 lockdep_is_held(&tbl->lock)); 154 hash_val = tbl->hash(pkey, ndel->dev, nht->hash_rnd); 155 hash_val = hash_val >> (32 - nht->hash_shift); 156 157 np = &nht->hash_buckets[hash_val]; 158 while ((n = rcu_dereference_protected(*np, 159 lockdep_is_held(&tbl->lock)))) { 160 if (n == ndel) 161 return neigh_del(n, 0, 0, np, tbl); 162 np = &n->next; 163 } 164 return false; 165 } 166 167 static int neigh_forced_gc(struct neigh_table *tbl) 168 { 169 int shrunk = 0; 170 int i; 171 struct neigh_hash_table *nht; 172 173 NEIGH_CACHE_STAT_INC(tbl, forced_gc_runs); 174 175 write_lock_bh(&tbl->lock); 176 nht = rcu_dereference_protected(tbl->nht, 177 lockdep_is_held(&tbl->lock)); 178 for (i = 0; i < (1 << nht->hash_shift); i++) { 179 struct neighbour *n; 180 struct neighbour __rcu **np; 181 182 np = &nht->hash_buckets[i]; 183 while ((n = rcu_dereference_protected(*np, 184 lockdep_is_held(&tbl->lock))) != NULL) { 185 /* Neighbour record may be discarded if: 186 * - nobody refers to it. 187 * - it is not permanent 188 */ 189 if (neigh_del(n, NUD_PERMANENT, NTF_EXT_LEARNED, np, 190 tbl)) { 191 shrunk = 1; 192 continue; 193 } 194 np = &n->next; 195 } 196 } 197 198 tbl->last_flush = jiffies; 199 200 write_unlock_bh(&tbl->lock); 201 202 return shrunk; 203 } 204 205 static void neigh_add_timer(struct neighbour *n, unsigned long when) 206 { 207 neigh_hold(n); 208 if (unlikely(mod_timer(&n->timer, when))) { 209 printk("NEIGH: BUG, double timer add, state is %x\n", 210 n->nud_state); 211 dump_stack(); 212 } 213 } 214 215 static int neigh_del_timer(struct neighbour *n) 216 { 217 if ((n->nud_state & NUD_IN_TIMER) && 218 del_timer(&n->timer)) { 219 neigh_release(n); 220 return 1; 221 } 222 return 0; 223 } 224 225 static void pneigh_queue_purge(struct sk_buff_head *list) 226 { 227 struct sk_buff *skb; 228 229 while ((skb = skb_dequeue(list)) != NULL) { 230 dev_put(skb->dev); 231 kfree_skb(skb); 232 } 233 } 234 235 static void neigh_flush_dev(struct neigh_table *tbl, struct net_device *dev, 236 bool skip_perm) 237 { 238 int i; 239 struct neigh_hash_table *nht; 240 241 nht = rcu_dereference_protected(tbl->nht, 242 lockdep_is_held(&tbl->lock)); 243 244 for (i = 0; i < (1 << nht->hash_shift); i++) { 245 struct neighbour *n; 246 struct neighbour __rcu **np = &nht->hash_buckets[i]; 247 248 while ((n = rcu_dereference_protected(*np, 249 lockdep_is_held(&tbl->lock))) != NULL) { 250 if (dev && n->dev != dev) { 251 np = &n->next; 252 continue; 253 } 254 if (skip_perm && n->nud_state & NUD_PERMANENT) { 255 np = &n->next; 256 continue; 257 } 258 rcu_assign_pointer(*np, 259 rcu_dereference_protected(n->next, 260 lockdep_is_held(&tbl->lock))); 261 write_lock(&n->lock); 262 neigh_del_timer(n); 263 n->dead = 1; 264 265 if (refcount_read(&n->refcnt) != 1) { 266 /* The most unpleasant situation. 267 We must destroy neighbour entry, 268 but someone still uses it. 269 270 The destroy will be delayed until 271 the last user releases us, but 272 we must kill timers etc. and move 273 it to safe state. 274 */ 275 __skb_queue_purge(&n->arp_queue); 276 n->arp_queue_len_bytes = 0; 277 n->output = neigh_blackhole; 278 if (n->nud_state & NUD_VALID) 279 n->nud_state = NUD_NOARP; 280 else 281 n->nud_state = NUD_NONE; 282 neigh_dbg(2, "neigh %p is stray\n", n); 283 } 284 write_unlock(&n->lock); 285 neigh_cleanup_and_release(n); 286 } 287 } 288 } 289 290 void neigh_changeaddr(struct neigh_table *tbl, struct net_device *dev) 291 { 292 write_lock_bh(&tbl->lock); 293 neigh_flush_dev(tbl, dev, false); 294 write_unlock_bh(&tbl->lock); 295 } 296 EXPORT_SYMBOL(neigh_changeaddr); 297 298 static int __neigh_ifdown(struct neigh_table *tbl, struct net_device *dev, 299 bool skip_perm) 300 { 301 write_lock_bh(&tbl->lock); 302 neigh_flush_dev(tbl, dev, skip_perm); 303 pneigh_ifdown_and_unlock(tbl, dev); 304 305 del_timer_sync(&tbl->proxy_timer); 306 pneigh_queue_purge(&tbl->proxy_queue); 307 return 0; 308 } 309 310 int neigh_carrier_down(struct neigh_table *tbl, struct net_device *dev) 311 { 312 __neigh_ifdown(tbl, dev, true); 313 return 0; 314 } 315 EXPORT_SYMBOL(neigh_carrier_down); 316 317 int neigh_ifdown(struct neigh_table *tbl, struct net_device *dev) 318 { 319 __neigh_ifdown(tbl, dev, false); 320 return 0; 321 } 322 EXPORT_SYMBOL(neigh_ifdown); 323 324 static struct neighbour *neigh_alloc(struct neigh_table *tbl, struct net_device *dev) 325 { 326 struct neighbour *n = NULL; 327 unsigned long now = jiffies; 328 int entries; 329 330 entries = atomic_inc_return(&tbl->entries) - 1; 331 if (entries >= tbl->gc_thresh3 || 332 (entries >= tbl->gc_thresh2 && 333 time_after(now, tbl->last_flush + 5 * HZ))) { 334 if (!neigh_forced_gc(tbl) && 335 entries >= tbl->gc_thresh3) { 336 net_info_ratelimited("%s: neighbor table overflow!\n", 337 tbl->id); 338 NEIGH_CACHE_STAT_INC(tbl, table_fulls); 339 goto out_entries; 340 } 341 } 342 343 n = kzalloc(tbl->entry_size + dev->neigh_priv_len, GFP_ATOMIC); 344 if (!n) 345 goto out_entries; 346 347 __skb_queue_head_init(&n->arp_queue); 348 rwlock_init(&n->lock); 349 seqlock_init(&n->ha_lock); 350 n->updated = n->used = now; 351 n->nud_state = NUD_NONE; 352 n->output = neigh_blackhole; 353 seqlock_init(&n->hh.hh_lock); 354 n->parms = neigh_parms_clone(&tbl->parms); 355 timer_setup(&n->timer, neigh_timer_handler, 0); 356 357 NEIGH_CACHE_STAT_INC(tbl, allocs); 358 n->tbl = tbl; 359 refcount_set(&n->refcnt, 1); 360 n->dead = 1; 361 out: 362 return n; 363 364 out_entries: 365 atomic_dec(&tbl->entries); 366 goto out; 367 } 368 369 static void neigh_get_hash_rnd(u32 *x) 370 { 371 *x = get_random_u32() | 1; 372 } 373 374 static struct neigh_hash_table *neigh_hash_alloc(unsigned int shift) 375 { 376 size_t size = (1 << shift) * sizeof(struct neighbour *); 377 struct neigh_hash_table *ret; 378 struct neighbour __rcu **buckets; 379 int i; 380 381 ret = kmalloc(sizeof(*ret), GFP_ATOMIC); 382 if (!ret) 383 return NULL; 384 if (size <= PAGE_SIZE) 385 buckets = kzalloc(size, GFP_ATOMIC); 386 else 387 buckets = (struct neighbour __rcu **) 388 __get_free_pages(GFP_ATOMIC | __GFP_ZERO, 389 get_order(size)); 390 if (!buckets) { 391 kfree(ret); 392 return NULL; 393 } 394 ret->hash_buckets = buckets; 395 ret->hash_shift = shift; 396 for (i = 0; i < NEIGH_NUM_HASH_RND; i++) 397 neigh_get_hash_rnd(&ret->hash_rnd[i]); 398 return ret; 399 } 400 401 static void neigh_hash_free_rcu(struct rcu_head *head) 402 { 403 struct neigh_hash_table *nht = container_of(head, 404 struct neigh_hash_table, 405 rcu); 406 size_t size = (1 << nht->hash_shift) * sizeof(struct neighbour *); 407 struct neighbour __rcu **buckets = nht->hash_buckets; 408 409 if (size <= PAGE_SIZE) 410 kfree(buckets); 411 else 412 free_pages((unsigned long)buckets, get_order(size)); 413 kfree(nht); 414 } 415 416 static struct neigh_hash_table *neigh_hash_grow(struct neigh_table *tbl, 417 unsigned long new_shift) 418 { 419 unsigned int i, hash; 420 struct neigh_hash_table *new_nht, *old_nht; 421 422 NEIGH_CACHE_STAT_INC(tbl, hash_grows); 423 424 old_nht = rcu_dereference_protected(tbl->nht, 425 lockdep_is_held(&tbl->lock)); 426 new_nht = neigh_hash_alloc(new_shift); 427 if (!new_nht) 428 return old_nht; 429 430 for (i = 0; i < (1 << old_nht->hash_shift); i++) { 431 struct neighbour *n, *next; 432 433 for (n = rcu_dereference_protected(old_nht->hash_buckets[i], 434 lockdep_is_held(&tbl->lock)); 435 n != NULL; 436 n = next) { 437 hash = tbl->hash(n->primary_key, n->dev, 438 new_nht->hash_rnd); 439 440 hash >>= (32 - new_nht->hash_shift); 441 next = rcu_dereference_protected(n->next, 442 lockdep_is_held(&tbl->lock)); 443 444 rcu_assign_pointer(n->next, 445 rcu_dereference_protected( 446 new_nht->hash_buckets[hash], 447 lockdep_is_held(&tbl->lock))); 448 rcu_assign_pointer(new_nht->hash_buckets[hash], n); 449 } 450 } 451 452 rcu_assign_pointer(tbl->nht, new_nht); 453 call_rcu(&old_nht->rcu, neigh_hash_free_rcu); 454 return new_nht; 455 } 456 457 struct neighbour *neigh_lookup(struct neigh_table *tbl, const void *pkey, 458 struct net_device *dev) 459 { 460 struct neighbour *n; 461 462 NEIGH_CACHE_STAT_INC(tbl, lookups); 463 464 rcu_read_lock_bh(); 465 n = __neigh_lookup_noref(tbl, pkey, dev); 466 if (n) { 467 if (!refcount_inc_not_zero(&n->refcnt)) 468 n = NULL; 469 NEIGH_CACHE_STAT_INC(tbl, hits); 470 } 471 472 rcu_read_unlock_bh(); 473 return n; 474 } 475 EXPORT_SYMBOL(neigh_lookup); 476 477 struct neighbour *neigh_lookup_nodev(struct neigh_table *tbl, struct net *net, 478 const void *pkey) 479 { 480 struct neighbour *n; 481 unsigned int key_len = tbl->key_len; 482 u32 hash_val; 483 struct neigh_hash_table *nht; 484 485 NEIGH_CACHE_STAT_INC(tbl, lookups); 486 487 rcu_read_lock_bh(); 488 nht = rcu_dereference_bh(tbl->nht); 489 hash_val = tbl->hash(pkey, NULL, nht->hash_rnd) >> (32 - nht->hash_shift); 490 491 for (n = rcu_dereference_bh(nht->hash_buckets[hash_val]); 492 n != NULL; 493 n = rcu_dereference_bh(n->next)) { 494 if (!memcmp(n->primary_key, pkey, key_len) && 495 net_eq(dev_net(n->dev), net)) { 496 if (!refcount_inc_not_zero(&n->refcnt)) 497 n = NULL; 498 NEIGH_CACHE_STAT_INC(tbl, hits); 499 break; 500 } 501 } 502 503 rcu_read_unlock_bh(); 504 return n; 505 } 506 EXPORT_SYMBOL(neigh_lookup_nodev); 507 508 struct neighbour *__neigh_create(struct neigh_table *tbl, const void *pkey, 509 struct net_device *dev, bool want_ref) 510 { 511 u32 hash_val; 512 unsigned int key_len = tbl->key_len; 513 int error; 514 struct neighbour *n1, *rc, *n = neigh_alloc(tbl, dev); 515 struct neigh_hash_table *nht; 516 517 if (!n) { 518 rc = ERR_PTR(-ENOBUFS); 519 goto out; 520 } 521 522 memcpy(n->primary_key, pkey, key_len); 523 n->dev = dev; 524 dev_hold(dev); 525 526 /* Protocol specific setup. */ 527 if (tbl->constructor && (error = tbl->constructor(n)) < 0) { 528 rc = ERR_PTR(error); 529 goto out_neigh_release; 530 } 531 532 if (dev->netdev_ops->ndo_neigh_construct) { 533 error = dev->netdev_ops->ndo_neigh_construct(dev, n); 534 if (error < 0) { 535 rc = ERR_PTR(error); 536 goto out_neigh_release; 537 } 538 } 539 540 /* Device specific setup. */ 541 if (n->parms->neigh_setup && 542 (error = n->parms->neigh_setup(n)) < 0) { 543 rc = ERR_PTR(error); 544 goto out_neigh_release; 545 } 546 547 n->confirmed = jiffies - (NEIGH_VAR(n->parms, BASE_REACHABLE_TIME) << 1); 548 549 write_lock_bh(&tbl->lock); 550 nht = rcu_dereference_protected(tbl->nht, 551 lockdep_is_held(&tbl->lock)); 552 553 if (atomic_read(&tbl->entries) > (1 << nht->hash_shift)) 554 nht = neigh_hash_grow(tbl, nht->hash_shift + 1); 555 556 hash_val = tbl->hash(n->primary_key, dev, nht->hash_rnd) >> (32 - nht->hash_shift); 557 558 if (n->parms->dead) { 559 rc = ERR_PTR(-EINVAL); 560 goto out_tbl_unlock; 561 } 562 563 for (n1 = rcu_dereference_protected(nht->hash_buckets[hash_val], 564 lockdep_is_held(&tbl->lock)); 565 n1 != NULL; 566 n1 = rcu_dereference_protected(n1->next, 567 lockdep_is_held(&tbl->lock))) { 568 if (dev == n1->dev && !memcmp(n1->primary_key, n->primary_key, key_len)) { 569 if (want_ref) 570 neigh_hold(n1); 571 rc = n1; 572 goto out_tbl_unlock; 573 } 574 } 575 576 n->dead = 0; 577 if (want_ref) 578 neigh_hold(n); 579 rcu_assign_pointer(n->next, 580 rcu_dereference_protected(nht->hash_buckets[hash_val], 581 lockdep_is_held(&tbl->lock))); 582 rcu_assign_pointer(nht->hash_buckets[hash_val], n); 583 write_unlock_bh(&tbl->lock); 584 neigh_dbg(2, "neigh %p is created\n", n); 585 rc = n; 586 out: 587 return rc; 588 out_tbl_unlock: 589 write_unlock_bh(&tbl->lock); 590 out_neigh_release: 591 neigh_release(n); 592 goto out; 593 } 594 EXPORT_SYMBOL(__neigh_create); 595 596 static u32 pneigh_hash(const void *pkey, unsigned int key_len) 597 { 598 u32 hash_val = *(u32 *)(pkey + key_len - 4); 599 hash_val ^= (hash_val >> 16); 600 hash_val ^= hash_val >> 8; 601 hash_val ^= hash_val >> 4; 602 hash_val &= PNEIGH_HASHMASK; 603 return hash_val; 604 } 605 606 static struct pneigh_entry *__pneigh_lookup_1(struct pneigh_entry *n, 607 struct net *net, 608 const void *pkey, 609 unsigned int key_len, 610 struct net_device *dev) 611 { 612 while (n) { 613 if (!memcmp(n->key, pkey, key_len) && 614 net_eq(pneigh_net(n), net) && 615 (n->dev == dev || !n->dev)) 616 return n; 617 n = n->next; 618 } 619 return NULL; 620 } 621 622 struct pneigh_entry *__pneigh_lookup(struct neigh_table *tbl, 623 struct net *net, const void *pkey, struct net_device *dev) 624 { 625 unsigned int key_len = tbl->key_len; 626 u32 hash_val = pneigh_hash(pkey, key_len); 627 628 return __pneigh_lookup_1(tbl->phash_buckets[hash_val], 629 net, pkey, key_len, dev); 630 } 631 EXPORT_SYMBOL_GPL(__pneigh_lookup); 632 633 struct pneigh_entry * pneigh_lookup(struct neigh_table *tbl, 634 struct net *net, const void *pkey, 635 struct net_device *dev, int creat) 636 { 637 struct pneigh_entry *n; 638 unsigned int key_len = tbl->key_len; 639 u32 hash_val = pneigh_hash(pkey, key_len); 640 641 read_lock_bh(&tbl->lock); 642 n = __pneigh_lookup_1(tbl->phash_buckets[hash_val], 643 net, pkey, key_len, dev); 644 read_unlock_bh(&tbl->lock); 645 646 if (n || !creat) 647 goto out; 648 649 ASSERT_RTNL(); 650 651 n = kmalloc(sizeof(*n) + key_len, GFP_KERNEL); 652 if (!n) 653 goto out; 654 655 write_pnet(&n->net, net); 656 memcpy(n->key, pkey, key_len); 657 n->dev = dev; 658 if (dev) 659 dev_hold(dev); 660 661 if (tbl->pconstructor && tbl->pconstructor(n)) { 662 if (dev) 663 dev_put(dev); 664 kfree(n); 665 n = NULL; 666 goto out; 667 } 668 669 write_lock_bh(&tbl->lock); 670 n->next = tbl->phash_buckets[hash_val]; 671 tbl->phash_buckets[hash_val] = n; 672 write_unlock_bh(&tbl->lock); 673 out: 674 return n; 675 } 676 EXPORT_SYMBOL(pneigh_lookup); 677 678 679 int pneigh_delete(struct neigh_table *tbl, struct net *net, const void *pkey, 680 struct net_device *dev) 681 { 682 struct pneigh_entry *n, **np; 683 unsigned int key_len = tbl->key_len; 684 u32 hash_val = pneigh_hash(pkey, key_len); 685 686 write_lock_bh(&tbl->lock); 687 for (np = &tbl->phash_buckets[hash_val]; (n = *np) != NULL; 688 np = &n->next) { 689 if (!memcmp(n->key, pkey, key_len) && n->dev == dev && 690 net_eq(pneigh_net(n), net)) { 691 *np = n->next; 692 write_unlock_bh(&tbl->lock); 693 if (tbl->pdestructor) 694 tbl->pdestructor(n); 695 if (n->dev) 696 dev_put(n->dev); 697 kfree(n); 698 return 0; 699 } 700 } 701 write_unlock_bh(&tbl->lock); 702 return -ENOENT; 703 } 704 705 static int pneigh_ifdown_and_unlock(struct neigh_table *tbl, 706 struct net_device *dev) 707 { 708 struct pneigh_entry *n, **np, *freelist = NULL; 709 u32 h; 710 711 for (h = 0; h <= PNEIGH_HASHMASK; h++) { 712 np = &tbl->phash_buckets[h]; 713 while ((n = *np) != NULL) { 714 if (!dev || n->dev == dev) { 715 *np = n->next; 716 n->next = freelist; 717 freelist = n; 718 continue; 719 } 720 np = &n->next; 721 } 722 } 723 write_unlock_bh(&tbl->lock); 724 while ((n = freelist)) { 725 freelist = n->next; 726 n->next = NULL; 727 if (tbl->pdestructor) 728 tbl->pdestructor(n); 729 if (n->dev) 730 dev_put(n->dev); 731 kfree(n); 732 } 733 return -ENOENT; 734 } 735 736 static void neigh_parms_destroy(struct neigh_parms *parms); 737 738 static inline void neigh_parms_put(struct neigh_parms *parms) 739 { 740 if (refcount_dec_and_test(&parms->refcnt)) 741 neigh_parms_destroy(parms); 742 } 743 744 /* 745 * neighbour must already be out of the table; 746 * 747 */ 748 void neigh_destroy(struct neighbour *neigh) 749 { 750 struct net_device *dev = neigh->dev; 751 752 NEIGH_CACHE_STAT_INC(neigh->tbl, destroys); 753 754 if (!neigh->dead) { 755 pr_warn("Destroying alive neighbour %p\n", neigh); 756 dump_stack(); 757 return; 758 } 759 760 if (neigh_del_timer(neigh)) 761 pr_warn("Impossible event\n"); 762 763 write_lock_bh(&neigh->lock); 764 __skb_queue_purge(&neigh->arp_queue); 765 write_unlock_bh(&neigh->lock); 766 neigh->arp_queue_len_bytes = 0; 767 768 if (dev->netdev_ops->ndo_neigh_destroy) 769 dev->netdev_ops->ndo_neigh_destroy(dev, neigh); 770 771 dev_put(dev); 772 neigh_parms_put(neigh->parms); 773 774 neigh_dbg(2, "neigh %p is destroyed\n", neigh); 775 776 atomic_dec(&neigh->tbl->entries); 777 kfree_rcu(neigh, rcu); 778 } 779 EXPORT_SYMBOL(neigh_destroy); 780 781 /* Neighbour state is suspicious; 782 disable fast path. 783 784 Called with write_locked neigh. 785 */ 786 static void neigh_suspect(struct neighbour *neigh) 787 { 788 neigh_dbg(2, "neigh %p is suspected\n", neigh); 789 790 neigh->output = neigh->ops->output; 791 } 792 793 /* Neighbour state is OK; 794 enable fast path. 795 796 Called with write_locked neigh. 797 */ 798 static void neigh_connect(struct neighbour *neigh) 799 { 800 neigh_dbg(2, "neigh %p is connected\n", neigh); 801 802 neigh->output = neigh->ops->connected_output; 803 } 804 805 static void neigh_periodic_work(struct work_struct *work) 806 { 807 struct neigh_table *tbl = container_of(work, struct neigh_table, gc_work.work); 808 struct neighbour *n; 809 struct neighbour __rcu **np; 810 unsigned int i; 811 struct neigh_hash_table *nht; 812 813 NEIGH_CACHE_STAT_INC(tbl, periodic_gc_runs); 814 815 write_lock_bh(&tbl->lock); 816 nht = rcu_dereference_protected(tbl->nht, 817 lockdep_is_held(&tbl->lock)); 818 819 /* 820 * periodically recompute ReachableTime from random function 821 */ 822 823 if (time_after(jiffies, tbl->last_rand + 300 * HZ)) { 824 struct neigh_parms *p; 825 tbl->last_rand = jiffies; 826 list_for_each_entry(p, &tbl->parms_list, list) 827 p->reachable_time = 828 neigh_rand_reach_time(NEIGH_VAR(p, BASE_REACHABLE_TIME)); 829 } 830 831 if (atomic_read(&tbl->entries) < tbl->gc_thresh1) 832 goto out; 833 834 for (i = 0 ; i < (1 << nht->hash_shift); i++) { 835 np = &nht->hash_buckets[i]; 836 837 while ((n = rcu_dereference_protected(*np, 838 lockdep_is_held(&tbl->lock))) != NULL) { 839 unsigned int state; 840 841 write_lock(&n->lock); 842 843 state = n->nud_state; 844 if ((state & (NUD_PERMANENT | NUD_IN_TIMER)) || 845 (n->flags & NTF_EXT_LEARNED)) { 846 write_unlock(&n->lock); 847 goto next_elt; 848 } 849 850 if (time_before(n->used, n->confirmed)) 851 n->used = n->confirmed; 852 853 if (refcount_read(&n->refcnt) == 1 && 854 (state == NUD_FAILED || 855 time_after(jiffies, n->used + NEIGH_VAR(n->parms, GC_STALETIME)))) { 856 *np = n->next; 857 n->dead = 1; 858 write_unlock(&n->lock); 859 neigh_cleanup_and_release(n); 860 continue; 861 } 862 write_unlock(&n->lock); 863 864 next_elt: 865 np = &n->next; 866 } 867 /* 868 * It's fine to release lock here, even if hash table 869 * grows while we are preempted. 870 */ 871 write_unlock_bh(&tbl->lock); 872 cond_resched(); 873 write_lock_bh(&tbl->lock); 874 nht = rcu_dereference_protected(tbl->nht, 875 lockdep_is_held(&tbl->lock)); 876 } 877 out: 878 /* Cycle through all hash buckets every BASE_REACHABLE_TIME/2 ticks. 879 * ARP entry timeouts range from 1/2 BASE_REACHABLE_TIME to 3/2 880 * BASE_REACHABLE_TIME. 881 */ 882 queue_delayed_work(system_power_efficient_wq, &tbl->gc_work, 883 NEIGH_VAR(&tbl->parms, BASE_REACHABLE_TIME) >> 1); 884 write_unlock_bh(&tbl->lock); 885 } 886 887 static __inline__ int neigh_max_probes(struct neighbour *n) 888 { 889 struct neigh_parms *p = n->parms; 890 return NEIGH_VAR(p, UCAST_PROBES) + NEIGH_VAR(p, APP_PROBES) + 891 (n->nud_state & NUD_PROBE ? NEIGH_VAR(p, MCAST_REPROBES) : 892 NEIGH_VAR(p, MCAST_PROBES)); 893 } 894 895 static void neigh_invalidate(struct neighbour *neigh) 896 __releases(neigh->lock) 897 __acquires(neigh->lock) 898 { 899 struct sk_buff *skb; 900 901 NEIGH_CACHE_STAT_INC(neigh->tbl, res_failed); 902 neigh_dbg(2, "neigh %p is failed\n", neigh); 903 neigh->updated = jiffies; 904 905 /* It is very thin place. report_unreachable is very complicated 906 routine. Particularly, it can hit the same neighbour entry! 907 908 So that, we try to be accurate and avoid dead loop. --ANK 909 */ 910 while (neigh->nud_state == NUD_FAILED && 911 (skb = __skb_dequeue(&neigh->arp_queue)) != NULL) { 912 write_unlock(&neigh->lock); 913 neigh->ops->error_report(neigh, skb); 914 write_lock(&neigh->lock); 915 } 916 __skb_queue_purge(&neigh->arp_queue); 917 neigh->arp_queue_len_bytes = 0; 918 } 919 920 static void neigh_probe(struct neighbour *neigh) 921 __releases(neigh->lock) 922 { 923 struct sk_buff *skb = skb_peek_tail(&neigh->arp_queue); 924 /* keep skb alive even if arp_queue overflows */ 925 if (skb) 926 skb = skb_clone(skb, GFP_ATOMIC); 927 write_unlock(&neigh->lock); 928 if (neigh->ops->solicit) 929 neigh->ops->solicit(neigh, skb); 930 atomic_inc(&neigh->probes); 931 kfree_skb(skb); 932 } 933 934 /* Called when a timer expires for a neighbour entry. */ 935 936 static void neigh_timer_handler(struct timer_list *t) 937 { 938 unsigned long now, next; 939 struct neighbour *neigh = from_timer(neigh, t, timer); 940 unsigned int state; 941 int notify = 0; 942 943 write_lock(&neigh->lock); 944 945 state = neigh->nud_state; 946 now = jiffies; 947 next = now + HZ; 948 949 if (!(state & NUD_IN_TIMER)) 950 goto out; 951 952 if (state & NUD_REACHABLE) { 953 if (time_before_eq(now, 954 neigh->confirmed + neigh->parms->reachable_time)) { 955 neigh_dbg(2, "neigh %p is still alive\n", neigh); 956 next = neigh->confirmed + neigh->parms->reachable_time; 957 } else if (time_before_eq(now, 958 neigh->used + 959 NEIGH_VAR(neigh->parms, DELAY_PROBE_TIME))) { 960 neigh_dbg(2, "neigh %p is delayed\n", neigh); 961 neigh->nud_state = NUD_DELAY; 962 neigh->updated = jiffies; 963 neigh_suspect(neigh); 964 next = now + NEIGH_VAR(neigh->parms, DELAY_PROBE_TIME); 965 } else { 966 neigh_dbg(2, "neigh %p is suspected\n", neigh); 967 neigh->nud_state = NUD_STALE; 968 neigh->updated = jiffies; 969 neigh_suspect(neigh); 970 notify = 1; 971 } 972 } else if (state & NUD_DELAY) { 973 if (time_before_eq(now, 974 neigh->confirmed + 975 NEIGH_VAR(neigh->parms, DELAY_PROBE_TIME))) { 976 neigh_dbg(2, "neigh %p is now reachable\n", neigh); 977 neigh->nud_state = NUD_REACHABLE; 978 neigh->updated = jiffies; 979 neigh_connect(neigh); 980 notify = 1; 981 next = neigh->confirmed + neigh->parms->reachable_time; 982 } else { 983 neigh_dbg(2, "neigh %p is probed\n", neigh); 984 neigh->nud_state = NUD_PROBE; 985 neigh->updated = jiffies; 986 atomic_set(&neigh->probes, 0); 987 notify = 1; 988 next = now + NEIGH_VAR(neigh->parms, RETRANS_TIME); 989 } 990 } else { 991 /* NUD_PROBE|NUD_INCOMPLETE */ 992 next = now + NEIGH_VAR(neigh->parms, RETRANS_TIME); 993 } 994 995 if ((neigh->nud_state & (NUD_INCOMPLETE | NUD_PROBE)) && 996 atomic_read(&neigh->probes) >= neigh_max_probes(neigh)) { 997 neigh->nud_state = NUD_FAILED; 998 notify = 1; 999 neigh_invalidate(neigh); 1000 goto out; 1001 } 1002 1003 if (neigh->nud_state & NUD_IN_TIMER) { 1004 if (time_before(next, jiffies + HZ/2)) 1005 next = jiffies + HZ/2; 1006 if (!mod_timer(&neigh->timer, next)) 1007 neigh_hold(neigh); 1008 } 1009 if (neigh->nud_state & (NUD_INCOMPLETE | NUD_PROBE)) { 1010 neigh_probe(neigh); 1011 } else { 1012 out: 1013 write_unlock(&neigh->lock); 1014 } 1015 1016 if (notify) 1017 neigh_update_notify(neigh, 0); 1018 1019 neigh_release(neigh); 1020 } 1021 1022 int __neigh_event_send(struct neighbour *neigh, struct sk_buff *skb) 1023 { 1024 int rc; 1025 bool immediate_probe = false; 1026 1027 write_lock_bh(&neigh->lock); 1028 1029 rc = 0; 1030 if (neigh->nud_state & (NUD_CONNECTED | NUD_DELAY | NUD_PROBE)) 1031 goto out_unlock_bh; 1032 if (neigh->dead) 1033 goto out_dead; 1034 1035 if (!(neigh->nud_state & (NUD_STALE | NUD_INCOMPLETE))) { 1036 if (NEIGH_VAR(neigh->parms, MCAST_PROBES) + 1037 NEIGH_VAR(neigh->parms, APP_PROBES)) { 1038 unsigned long next, now = jiffies; 1039 1040 atomic_set(&neigh->probes, 1041 NEIGH_VAR(neigh->parms, UCAST_PROBES)); 1042 neigh->nud_state = NUD_INCOMPLETE; 1043 neigh->updated = now; 1044 next = now + max(NEIGH_VAR(neigh->parms, RETRANS_TIME), 1045 HZ/2); 1046 neigh_add_timer(neigh, next); 1047 immediate_probe = true; 1048 } else { 1049 neigh->nud_state = NUD_FAILED; 1050 neigh->updated = jiffies; 1051 write_unlock_bh(&neigh->lock); 1052 1053 kfree_skb(skb); 1054 return 1; 1055 } 1056 } else if (neigh->nud_state & NUD_STALE) { 1057 neigh_dbg(2, "neigh %p is delayed\n", neigh); 1058 neigh->nud_state = NUD_DELAY; 1059 neigh->updated = jiffies; 1060 neigh_add_timer(neigh, jiffies + 1061 NEIGH_VAR(neigh->parms, DELAY_PROBE_TIME)); 1062 } 1063 1064 if (neigh->nud_state == NUD_INCOMPLETE) { 1065 if (skb) { 1066 while (neigh->arp_queue_len_bytes + skb->truesize > 1067 NEIGH_VAR(neigh->parms, QUEUE_LEN_BYTES)) { 1068 struct sk_buff *buff; 1069 1070 buff = __skb_dequeue(&neigh->arp_queue); 1071 if (!buff) 1072 break; 1073 neigh->arp_queue_len_bytes -= buff->truesize; 1074 kfree_skb(buff); 1075 NEIGH_CACHE_STAT_INC(neigh->tbl, unres_discards); 1076 } 1077 skb_dst_force(skb); 1078 __skb_queue_tail(&neigh->arp_queue, skb); 1079 neigh->arp_queue_len_bytes += skb->truesize; 1080 } 1081 rc = 1; 1082 } 1083 out_unlock_bh: 1084 if (immediate_probe) 1085 neigh_probe(neigh); 1086 else 1087 write_unlock(&neigh->lock); 1088 local_bh_enable(); 1089 return rc; 1090 1091 out_dead: 1092 if (neigh->nud_state & NUD_STALE) 1093 goto out_unlock_bh; 1094 write_unlock_bh(&neigh->lock); 1095 kfree_skb(skb); 1096 return 1; 1097 } 1098 EXPORT_SYMBOL(__neigh_event_send); 1099 1100 static void neigh_update_hhs(struct neighbour *neigh) 1101 { 1102 struct hh_cache *hh; 1103 void (*update)(struct hh_cache*, const struct net_device*, const unsigned char *) 1104 = NULL; 1105 1106 if (neigh->dev->header_ops) 1107 update = neigh->dev->header_ops->cache_update; 1108 1109 if (update) { 1110 hh = &neigh->hh; 1111 if (hh->hh_len) { 1112 write_seqlock_bh(&hh->hh_lock); 1113 update(hh, neigh->dev, neigh->ha); 1114 write_sequnlock_bh(&hh->hh_lock); 1115 } 1116 } 1117 } 1118 1119 1120 1121 /* Generic update routine. 1122 -- lladdr is new lladdr or NULL, if it is not supplied. 1123 -- new is new state. 1124 -- flags 1125 NEIGH_UPDATE_F_OVERRIDE allows to override existing lladdr, 1126 if it is different. 1127 NEIGH_UPDATE_F_WEAK_OVERRIDE will suspect existing "connected" 1128 lladdr instead of overriding it 1129 if it is different. 1130 NEIGH_UPDATE_F_ADMIN means that the change is administrative. 1131 1132 NEIGH_UPDATE_F_OVERRIDE_ISROUTER allows to override existing 1133 NTF_ROUTER flag. 1134 NEIGH_UPDATE_F_ISROUTER indicates if the neighbour is known as 1135 a router. 1136 1137 Caller MUST hold reference count on the entry. 1138 */ 1139 1140 int neigh_update(struct neighbour *neigh, const u8 *lladdr, u8 new, 1141 u32 flags, u32 nlmsg_pid) 1142 { 1143 u8 old; 1144 int err; 1145 int notify = 0; 1146 struct net_device *dev; 1147 int update_isrouter = 0; 1148 1149 write_lock_bh(&neigh->lock); 1150 1151 dev = neigh->dev; 1152 old = neigh->nud_state; 1153 err = -EPERM; 1154 1155 if (!(flags & NEIGH_UPDATE_F_ADMIN) && 1156 (old & (NUD_NOARP | NUD_PERMANENT))) 1157 goto out; 1158 if (neigh->dead) 1159 goto out; 1160 1161 neigh_update_ext_learned(neigh, flags, ¬ify); 1162 1163 if (!(new & NUD_VALID)) { 1164 neigh_del_timer(neigh); 1165 if (old & NUD_CONNECTED) 1166 neigh_suspect(neigh); 1167 neigh->nud_state = new; 1168 err = 0; 1169 notify = old & NUD_VALID; 1170 if (((old & (NUD_INCOMPLETE | NUD_PROBE)) || 1171 (flags & NEIGH_UPDATE_F_ADMIN)) && 1172 (new & NUD_FAILED)) { 1173 neigh_invalidate(neigh); 1174 notify = 1; 1175 } 1176 goto out; 1177 } 1178 1179 /* Compare new lladdr with cached one */ 1180 if (!dev->addr_len) { 1181 /* First case: device needs no address. */ 1182 lladdr = neigh->ha; 1183 } else if (lladdr) { 1184 /* The second case: if something is already cached 1185 and a new address is proposed: 1186 - compare new & old 1187 - if they are different, check override flag 1188 */ 1189 if ((old & NUD_VALID) && 1190 !memcmp(lladdr, neigh->ha, dev->addr_len)) 1191 lladdr = neigh->ha; 1192 } else { 1193 /* No address is supplied; if we know something, 1194 use it, otherwise discard the request. 1195 */ 1196 err = -EINVAL; 1197 if (!(old & NUD_VALID)) 1198 goto out; 1199 lladdr = neigh->ha; 1200 } 1201 1202 /* Update confirmed timestamp for neighbour entry after we 1203 * received ARP packet even if it doesn't change IP to MAC binding. 1204 */ 1205 if (new & NUD_CONNECTED) 1206 neigh->confirmed = jiffies; 1207 1208 /* If entry was valid and address is not changed, 1209 do not change entry state, if new one is STALE. 1210 */ 1211 err = 0; 1212 update_isrouter = flags & NEIGH_UPDATE_F_OVERRIDE_ISROUTER; 1213 if (old & NUD_VALID) { 1214 if (lladdr != neigh->ha && !(flags & NEIGH_UPDATE_F_OVERRIDE)) { 1215 update_isrouter = 0; 1216 if ((flags & NEIGH_UPDATE_F_WEAK_OVERRIDE) && 1217 (old & NUD_CONNECTED)) { 1218 lladdr = neigh->ha; 1219 new = NUD_STALE; 1220 } else 1221 goto out; 1222 } else { 1223 if (lladdr == neigh->ha && new == NUD_STALE && 1224 !(flags & NEIGH_UPDATE_F_ADMIN)) 1225 new = old; 1226 } 1227 } 1228 1229 /* Update timestamp only once we know we will make a change to the 1230 * neighbour entry. Otherwise we risk to move the locktime window with 1231 * noop updates and ignore relevant ARP updates. 1232 */ 1233 if (new != old || lladdr != neigh->ha) 1234 neigh->updated = jiffies; 1235 1236 if (new != old) { 1237 neigh_del_timer(neigh); 1238 if (new & NUD_PROBE) 1239 atomic_set(&neigh->probes, 0); 1240 if (new & NUD_IN_TIMER) 1241 neigh_add_timer(neigh, (jiffies + 1242 ((new & NUD_REACHABLE) ? 1243 neigh->parms->reachable_time : 1244 0))); 1245 neigh->nud_state = new; 1246 notify = 1; 1247 } 1248 1249 if (lladdr != neigh->ha) { 1250 write_seqlock(&neigh->ha_lock); 1251 memcpy(&neigh->ha, lladdr, dev->addr_len); 1252 write_sequnlock(&neigh->ha_lock); 1253 neigh_update_hhs(neigh); 1254 if (!(new & NUD_CONNECTED)) 1255 neigh->confirmed = jiffies - 1256 (NEIGH_VAR(neigh->parms, BASE_REACHABLE_TIME) << 1); 1257 notify = 1; 1258 } 1259 if (new == old) 1260 goto out; 1261 if (new & NUD_CONNECTED) 1262 neigh_connect(neigh); 1263 else 1264 neigh_suspect(neigh); 1265 if (!(old & NUD_VALID)) { 1266 struct sk_buff *skb; 1267 1268 /* Again: avoid dead loop if something went wrong */ 1269 1270 while (neigh->nud_state & NUD_VALID && 1271 (skb = __skb_dequeue(&neigh->arp_queue)) != NULL) { 1272 struct dst_entry *dst = skb_dst(skb); 1273 struct neighbour *n2, *n1 = neigh; 1274 write_unlock_bh(&neigh->lock); 1275 1276 rcu_read_lock(); 1277 1278 /* Why not just use 'neigh' as-is? The problem is that 1279 * things such as shaper, eql, and sch_teql can end up 1280 * using alternative, different, neigh objects to output 1281 * the packet in the output path. So what we need to do 1282 * here is re-lookup the top-level neigh in the path so 1283 * we can reinject the packet there. 1284 */ 1285 n2 = NULL; 1286 if (dst) { 1287 n2 = dst_neigh_lookup_skb(dst, skb); 1288 if (n2) 1289 n1 = n2; 1290 } 1291 n1->output(n1, skb); 1292 if (n2) 1293 neigh_release(n2); 1294 rcu_read_unlock(); 1295 1296 write_lock_bh(&neigh->lock); 1297 } 1298 __skb_queue_purge(&neigh->arp_queue); 1299 neigh->arp_queue_len_bytes = 0; 1300 } 1301 out: 1302 if (update_isrouter) 1303 neigh_update_is_router(neigh, flags, ¬ify); 1304 write_unlock_bh(&neigh->lock); 1305 1306 if (notify) 1307 neigh_update_notify(neigh, nlmsg_pid); 1308 1309 return err; 1310 } 1311 EXPORT_SYMBOL(neigh_update); 1312 1313 /* Update the neigh to listen temporarily for probe responses, even if it is 1314 * in a NUD_FAILED state. The caller has to hold neigh->lock for writing. 1315 */ 1316 void __neigh_set_probe_once(struct neighbour *neigh) 1317 { 1318 if (neigh->dead) 1319 return; 1320 neigh->updated = jiffies; 1321 if (!(neigh->nud_state & NUD_FAILED)) 1322 return; 1323 neigh->nud_state = NUD_INCOMPLETE; 1324 atomic_set(&neigh->probes, neigh_max_probes(neigh)); 1325 neigh_add_timer(neigh, 1326 jiffies + NEIGH_VAR(neigh->parms, RETRANS_TIME)); 1327 } 1328 EXPORT_SYMBOL(__neigh_set_probe_once); 1329 1330 struct neighbour *neigh_event_ns(struct neigh_table *tbl, 1331 u8 *lladdr, void *saddr, 1332 struct net_device *dev) 1333 { 1334 struct neighbour *neigh = __neigh_lookup(tbl, saddr, dev, 1335 lladdr || !dev->addr_len); 1336 if (neigh) 1337 neigh_update(neigh, lladdr, NUD_STALE, 1338 NEIGH_UPDATE_F_OVERRIDE, 0); 1339 return neigh; 1340 } 1341 EXPORT_SYMBOL(neigh_event_ns); 1342 1343 /* called with read_lock_bh(&n->lock); */ 1344 static void neigh_hh_init(struct neighbour *n) 1345 { 1346 struct net_device *dev = n->dev; 1347 __be16 prot = n->tbl->protocol; 1348 struct hh_cache *hh = &n->hh; 1349 1350 write_lock_bh(&n->lock); 1351 1352 /* Only one thread can come in here and initialize the 1353 * hh_cache entry. 1354 */ 1355 if (!hh->hh_len) 1356 dev->header_ops->cache(n, hh, prot); 1357 1358 write_unlock_bh(&n->lock); 1359 } 1360 1361 /* Slow and careful. */ 1362 1363 int neigh_resolve_output(struct neighbour *neigh, struct sk_buff *skb) 1364 { 1365 int rc = 0; 1366 1367 if (!neigh_event_send(neigh, skb)) { 1368 int err; 1369 struct net_device *dev = neigh->dev; 1370 unsigned int seq; 1371 1372 if (dev->header_ops->cache && !neigh->hh.hh_len) 1373 neigh_hh_init(neigh); 1374 1375 do { 1376 __skb_pull(skb, skb_network_offset(skb)); 1377 seq = read_seqbegin(&neigh->ha_lock); 1378 err = dev_hard_header(skb, dev, ntohs(skb->protocol), 1379 neigh->ha, NULL, skb->len); 1380 } while (read_seqretry(&neigh->ha_lock, seq)); 1381 1382 if (err >= 0) 1383 rc = dev_queue_xmit(skb); 1384 else 1385 goto out_kfree_skb; 1386 } 1387 out: 1388 return rc; 1389 out_kfree_skb: 1390 rc = -EINVAL; 1391 kfree_skb(skb); 1392 goto out; 1393 } 1394 EXPORT_SYMBOL(neigh_resolve_output); 1395 1396 /* As fast as possible without hh cache */ 1397 1398 int neigh_connected_output(struct neighbour *neigh, struct sk_buff *skb) 1399 { 1400 struct net_device *dev = neigh->dev; 1401 unsigned int seq; 1402 int err; 1403 1404 do { 1405 __skb_pull(skb, skb_network_offset(skb)); 1406 seq = read_seqbegin(&neigh->ha_lock); 1407 err = dev_hard_header(skb, dev, ntohs(skb->protocol), 1408 neigh->ha, NULL, skb->len); 1409 } while (read_seqretry(&neigh->ha_lock, seq)); 1410 1411 if (err >= 0) 1412 err = dev_queue_xmit(skb); 1413 else { 1414 err = -EINVAL; 1415 kfree_skb(skb); 1416 } 1417 return err; 1418 } 1419 EXPORT_SYMBOL(neigh_connected_output); 1420 1421 int neigh_direct_output(struct neighbour *neigh, struct sk_buff *skb) 1422 { 1423 return dev_queue_xmit(skb); 1424 } 1425 EXPORT_SYMBOL(neigh_direct_output); 1426 1427 static void neigh_proxy_process(struct timer_list *t) 1428 { 1429 struct neigh_table *tbl = from_timer(tbl, t, proxy_timer); 1430 long sched_next = 0; 1431 unsigned long now = jiffies; 1432 struct sk_buff *skb, *n; 1433 1434 spin_lock(&tbl->proxy_queue.lock); 1435 1436 skb_queue_walk_safe(&tbl->proxy_queue, skb, n) { 1437 long tdif = NEIGH_CB(skb)->sched_next - now; 1438 1439 if (tdif <= 0) { 1440 struct net_device *dev = skb->dev; 1441 1442 __skb_unlink(skb, &tbl->proxy_queue); 1443 if (tbl->proxy_redo && netif_running(dev)) { 1444 rcu_read_lock(); 1445 tbl->proxy_redo(skb); 1446 rcu_read_unlock(); 1447 } else { 1448 kfree_skb(skb); 1449 } 1450 1451 dev_put(dev); 1452 } else if (!sched_next || tdif < sched_next) 1453 sched_next = tdif; 1454 } 1455 del_timer(&tbl->proxy_timer); 1456 if (sched_next) 1457 mod_timer(&tbl->proxy_timer, jiffies + sched_next); 1458 spin_unlock(&tbl->proxy_queue.lock); 1459 } 1460 1461 void pneigh_enqueue(struct neigh_table *tbl, struct neigh_parms *p, 1462 struct sk_buff *skb) 1463 { 1464 unsigned long now = jiffies; 1465 1466 unsigned long sched_next = now + (prandom_u32() % 1467 NEIGH_VAR(p, PROXY_DELAY)); 1468 1469 if (tbl->proxy_queue.qlen > NEIGH_VAR(p, PROXY_QLEN)) { 1470 kfree_skb(skb); 1471 return; 1472 } 1473 1474 NEIGH_CB(skb)->sched_next = sched_next; 1475 NEIGH_CB(skb)->flags |= LOCALLY_ENQUEUED; 1476 1477 spin_lock(&tbl->proxy_queue.lock); 1478 if (del_timer(&tbl->proxy_timer)) { 1479 if (time_before(tbl->proxy_timer.expires, sched_next)) 1480 sched_next = tbl->proxy_timer.expires; 1481 } 1482 skb_dst_drop(skb); 1483 dev_hold(skb->dev); 1484 __skb_queue_tail(&tbl->proxy_queue, skb); 1485 mod_timer(&tbl->proxy_timer, sched_next); 1486 spin_unlock(&tbl->proxy_queue.lock); 1487 } 1488 EXPORT_SYMBOL(pneigh_enqueue); 1489 1490 static inline struct neigh_parms *lookup_neigh_parms(struct neigh_table *tbl, 1491 struct net *net, int ifindex) 1492 { 1493 struct neigh_parms *p; 1494 1495 list_for_each_entry(p, &tbl->parms_list, list) { 1496 if ((p->dev && p->dev->ifindex == ifindex && net_eq(neigh_parms_net(p), net)) || 1497 (!p->dev && !ifindex && net_eq(net, &init_net))) 1498 return p; 1499 } 1500 1501 return NULL; 1502 } 1503 1504 struct neigh_parms *neigh_parms_alloc(struct net_device *dev, 1505 struct neigh_table *tbl) 1506 { 1507 struct neigh_parms *p; 1508 struct net *net = dev_net(dev); 1509 const struct net_device_ops *ops = dev->netdev_ops; 1510 1511 p = kmemdup(&tbl->parms, sizeof(*p), GFP_KERNEL); 1512 if (p) { 1513 p->tbl = tbl; 1514 refcount_set(&p->refcnt, 1); 1515 p->reachable_time = 1516 neigh_rand_reach_time(NEIGH_VAR(p, BASE_REACHABLE_TIME)); 1517 dev_hold(dev); 1518 p->dev = dev; 1519 write_pnet(&p->net, net); 1520 p->sysctl_table = NULL; 1521 1522 if (ops->ndo_neigh_setup && ops->ndo_neigh_setup(dev, p)) { 1523 dev_put(dev); 1524 kfree(p); 1525 return NULL; 1526 } 1527 1528 write_lock_bh(&tbl->lock); 1529 list_add(&p->list, &tbl->parms.list); 1530 write_unlock_bh(&tbl->lock); 1531 1532 neigh_parms_data_state_cleanall(p); 1533 } 1534 return p; 1535 } 1536 EXPORT_SYMBOL(neigh_parms_alloc); 1537 1538 static void neigh_rcu_free_parms(struct rcu_head *head) 1539 { 1540 struct neigh_parms *parms = 1541 container_of(head, struct neigh_parms, rcu_head); 1542 1543 neigh_parms_put(parms); 1544 } 1545 1546 void neigh_parms_release(struct neigh_table *tbl, struct neigh_parms *parms) 1547 { 1548 if (!parms || parms == &tbl->parms) 1549 return; 1550 write_lock_bh(&tbl->lock); 1551 list_del(&parms->list); 1552 parms->dead = 1; 1553 write_unlock_bh(&tbl->lock); 1554 if (parms->dev) 1555 dev_put(parms->dev); 1556 call_rcu(&parms->rcu_head, neigh_rcu_free_parms); 1557 } 1558 EXPORT_SYMBOL(neigh_parms_release); 1559 1560 static void neigh_parms_destroy(struct neigh_parms *parms) 1561 { 1562 kfree(parms); 1563 } 1564 1565 static struct lock_class_key neigh_table_proxy_queue_class; 1566 1567 static struct neigh_table *neigh_tables[NEIGH_NR_TABLES] __read_mostly; 1568 1569 void neigh_table_init(int index, struct neigh_table *tbl) 1570 { 1571 unsigned long now = jiffies; 1572 unsigned long phsize; 1573 1574 INIT_LIST_HEAD(&tbl->parms_list); 1575 list_add(&tbl->parms.list, &tbl->parms_list); 1576 write_pnet(&tbl->parms.net, &init_net); 1577 refcount_set(&tbl->parms.refcnt, 1); 1578 tbl->parms.reachable_time = 1579 neigh_rand_reach_time(NEIGH_VAR(&tbl->parms, BASE_REACHABLE_TIME)); 1580 1581 tbl->stats = alloc_percpu(struct neigh_statistics); 1582 if (!tbl->stats) 1583 panic("cannot create neighbour cache statistics"); 1584 1585 #ifdef CONFIG_PROC_FS 1586 if (!proc_create_seq_data(tbl->id, 0, init_net.proc_net_stat, 1587 &neigh_stat_seq_ops, tbl)) 1588 panic("cannot create neighbour proc dir entry"); 1589 #endif 1590 1591 RCU_INIT_POINTER(tbl->nht, neigh_hash_alloc(3)); 1592 1593 phsize = (PNEIGH_HASHMASK + 1) * sizeof(struct pneigh_entry *); 1594 tbl->phash_buckets = kzalloc(phsize, GFP_KERNEL); 1595 1596 if (!tbl->nht || !tbl->phash_buckets) 1597 panic("cannot allocate neighbour cache hashes"); 1598 1599 if (!tbl->entry_size) 1600 tbl->entry_size = ALIGN(offsetof(struct neighbour, primary_key) + 1601 tbl->key_len, NEIGH_PRIV_ALIGN); 1602 else 1603 WARN_ON(tbl->entry_size % NEIGH_PRIV_ALIGN); 1604 1605 rwlock_init(&tbl->lock); 1606 INIT_DEFERRABLE_WORK(&tbl->gc_work, neigh_periodic_work); 1607 queue_delayed_work(system_power_efficient_wq, &tbl->gc_work, 1608 tbl->parms.reachable_time); 1609 timer_setup(&tbl->proxy_timer, neigh_proxy_process, 0); 1610 skb_queue_head_init_class(&tbl->proxy_queue, 1611 &neigh_table_proxy_queue_class); 1612 1613 tbl->last_flush = now; 1614 tbl->last_rand = now + tbl->parms.reachable_time * 20; 1615 1616 neigh_tables[index] = tbl; 1617 } 1618 EXPORT_SYMBOL(neigh_table_init); 1619 1620 int neigh_table_clear(int index, struct neigh_table *tbl) 1621 { 1622 neigh_tables[index] = NULL; 1623 /* It is not clean... Fix it to unload IPv6 module safely */ 1624 cancel_delayed_work_sync(&tbl->gc_work); 1625 del_timer_sync(&tbl->proxy_timer); 1626 pneigh_queue_purge(&tbl->proxy_queue); 1627 neigh_ifdown(tbl, NULL); 1628 if (atomic_read(&tbl->entries)) 1629 pr_crit("neighbour leakage\n"); 1630 1631 call_rcu(&rcu_dereference_protected(tbl->nht, 1)->rcu, 1632 neigh_hash_free_rcu); 1633 tbl->nht = NULL; 1634 1635 kfree(tbl->phash_buckets); 1636 tbl->phash_buckets = NULL; 1637 1638 remove_proc_entry(tbl->id, init_net.proc_net_stat); 1639 1640 free_percpu(tbl->stats); 1641 tbl->stats = NULL; 1642 1643 return 0; 1644 } 1645 EXPORT_SYMBOL(neigh_table_clear); 1646 1647 static struct neigh_table *neigh_find_table(int family) 1648 { 1649 struct neigh_table *tbl = NULL; 1650 1651 switch (family) { 1652 case AF_INET: 1653 tbl = neigh_tables[NEIGH_ARP_TABLE]; 1654 break; 1655 case AF_INET6: 1656 tbl = neigh_tables[NEIGH_ND_TABLE]; 1657 break; 1658 case AF_DECnet: 1659 tbl = neigh_tables[NEIGH_DN_TABLE]; 1660 break; 1661 } 1662 1663 return tbl; 1664 } 1665 1666 static int neigh_delete(struct sk_buff *skb, struct nlmsghdr *nlh, 1667 struct netlink_ext_ack *extack) 1668 { 1669 struct net *net = sock_net(skb->sk); 1670 struct ndmsg *ndm; 1671 struct nlattr *dst_attr; 1672 struct neigh_table *tbl; 1673 struct neighbour *neigh; 1674 struct net_device *dev = NULL; 1675 int err = -EINVAL; 1676 1677 ASSERT_RTNL(); 1678 if (nlmsg_len(nlh) < sizeof(*ndm)) 1679 goto out; 1680 1681 dst_attr = nlmsg_find_attr(nlh, sizeof(*ndm), NDA_DST); 1682 if (dst_attr == NULL) 1683 goto out; 1684 1685 ndm = nlmsg_data(nlh); 1686 if (ndm->ndm_ifindex) { 1687 dev = __dev_get_by_index(net, ndm->ndm_ifindex); 1688 if (dev == NULL) { 1689 err = -ENODEV; 1690 goto out; 1691 } 1692 } 1693 1694 tbl = neigh_find_table(ndm->ndm_family); 1695 if (tbl == NULL) 1696 return -EAFNOSUPPORT; 1697 1698 if (nla_len(dst_attr) < (int)tbl->key_len) 1699 goto out; 1700 1701 if (ndm->ndm_flags & NTF_PROXY) { 1702 err = pneigh_delete(tbl, net, nla_data(dst_attr), dev); 1703 goto out; 1704 } 1705 1706 if (dev == NULL) 1707 goto out; 1708 1709 neigh = neigh_lookup(tbl, nla_data(dst_attr), dev); 1710 if (neigh == NULL) { 1711 err = -ENOENT; 1712 goto out; 1713 } 1714 1715 err = neigh_update(neigh, NULL, NUD_FAILED, 1716 NEIGH_UPDATE_F_OVERRIDE | 1717 NEIGH_UPDATE_F_ADMIN, 1718 NETLINK_CB(skb).portid); 1719 write_lock_bh(&tbl->lock); 1720 neigh_release(neigh); 1721 neigh_remove_one(neigh, tbl); 1722 write_unlock_bh(&tbl->lock); 1723 1724 out: 1725 return err; 1726 } 1727 1728 static int neigh_add(struct sk_buff *skb, struct nlmsghdr *nlh, 1729 struct netlink_ext_ack *extack) 1730 { 1731 int flags = NEIGH_UPDATE_F_ADMIN | NEIGH_UPDATE_F_OVERRIDE | 1732 NEIGH_UPDATE_F_OVERRIDE_ISROUTER; 1733 struct net *net = sock_net(skb->sk); 1734 struct ndmsg *ndm; 1735 struct nlattr *tb[NDA_MAX+1]; 1736 struct neigh_table *tbl; 1737 struct net_device *dev = NULL; 1738 struct neighbour *neigh; 1739 void *dst, *lladdr; 1740 int err; 1741 1742 ASSERT_RTNL(); 1743 err = nlmsg_parse(nlh, sizeof(*ndm), tb, NDA_MAX, NULL, extack); 1744 if (err < 0) 1745 goto out; 1746 1747 err = -EINVAL; 1748 if (tb[NDA_DST] == NULL) 1749 goto out; 1750 1751 ndm = nlmsg_data(nlh); 1752 if (ndm->ndm_ifindex) { 1753 dev = __dev_get_by_index(net, ndm->ndm_ifindex); 1754 if (dev == NULL) { 1755 err = -ENODEV; 1756 goto out; 1757 } 1758 1759 if (tb[NDA_LLADDR] && nla_len(tb[NDA_LLADDR]) < dev->addr_len) 1760 goto out; 1761 } 1762 1763 tbl = neigh_find_table(ndm->ndm_family); 1764 if (tbl == NULL) 1765 return -EAFNOSUPPORT; 1766 1767 if (nla_len(tb[NDA_DST]) < (int)tbl->key_len) 1768 goto out; 1769 dst = nla_data(tb[NDA_DST]); 1770 lladdr = tb[NDA_LLADDR] ? nla_data(tb[NDA_LLADDR]) : NULL; 1771 1772 if (ndm->ndm_flags & NTF_PROXY) { 1773 struct pneigh_entry *pn; 1774 1775 err = -ENOBUFS; 1776 pn = pneigh_lookup(tbl, net, dst, dev, 1); 1777 if (pn) { 1778 pn->flags = ndm->ndm_flags; 1779 err = 0; 1780 } 1781 goto out; 1782 } 1783 1784 if (dev == NULL) 1785 goto out; 1786 1787 neigh = neigh_lookup(tbl, dst, dev); 1788 if (neigh == NULL) { 1789 if (!(nlh->nlmsg_flags & NLM_F_CREATE)) { 1790 err = -ENOENT; 1791 goto out; 1792 } 1793 1794 neigh = __neigh_lookup_errno(tbl, dst, dev); 1795 if (IS_ERR(neigh)) { 1796 err = PTR_ERR(neigh); 1797 goto out; 1798 } 1799 } else { 1800 if (nlh->nlmsg_flags & NLM_F_EXCL) { 1801 err = -EEXIST; 1802 neigh_release(neigh); 1803 goto out; 1804 } 1805 1806 if (!(nlh->nlmsg_flags & NLM_F_REPLACE)) 1807 flags &= ~(NEIGH_UPDATE_F_OVERRIDE | 1808 NEIGH_UPDATE_F_OVERRIDE_ISROUTER); 1809 } 1810 1811 if (ndm->ndm_flags & NTF_EXT_LEARNED) 1812 flags |= NEIGH_UPDATE_F_EXT_LEARNED; 1813 1814 if (ndm->ndm_flags & NTF_ROUTER) 1815 flags |= NEIGH_UPDATE_F_ISROUTER; 1816 1817 if (ndm->ndm_flags & NTF_USE) { 1818 neigh_event_send(neigh, NULL); 1819 err = 0; 1820 } else 1821 err = neigh_update(neigh, lladdr, ndm->ndm_state, flags, 1822 NETLINK_CB(skb).portid); 1823 neigh_release(neigh); 1824 1825 out: 1826 return err; 1827 } 1828 1829 static int neightbl_fill_parms(struct sk_buff *skb, struct neigh_parms *parms) 1830 { 1831 struct nlattr *nest; 1832 1833 nest = nla_nest_start(skb, NDTA_PARMS); 1834 if (nest == NULL) 1835 return -ENOBUFS; 1836 1837 if ((parms->dev && 1838 nla_put_u32(skb, NDTPA_IFINDEX, parms->dev->ifindex)) || 1839 nla_put_u32(skb, NDTPA_REFCNT, refcount_read(&parms->refcnt)) || 1840 nla_put_u32(skb, NDTPA_QUEUE_LENBYTES, 1841 NEIGH_VAR(parms, QUEUE_LEN_BYTES)) || 1842 /* approximative value for deprecated QUEUE_LEN (in packets) */ 1843 nla_put_u32(skb, NDTPA_QUEUE_LEN, 1844 NEIGH_VAR(parms, QUEUE_LEN_BYTES) / SKB_TRUESIZE(ETH_FRAME_LEN)) || 1845 nla_put_u32(skb, NDTPA_PROXY_QLEN, NEIGH_VAR(parms, PROXY_QLEN)) || 1846 nla_put_u32(skb, NDTPA_APP_PROBES, NEIGH_VAR(parms, APP_PROBES)) || 1847 nla_put_u32(skb, NDTPA_UCAST_PROBES, 1848 NEIGH_VAR(parms, UCAST_PROBES)) || 1849 nla_put_u32(skb, NDTPA_MCAST_PROBES, 1850 NEIGH_VAR(parms, MCAST_PROBES)) || 1851 nla_put_u32(skb, NDTPA_MCAST_REPROBES, 1852 NEIGH_VAR(parms, MCAST_REPROBES)) || 1853 nla_put_msecs(skb, NDTPA_REACHABLE_TIME, parms->reachable_time, 1854 NDTPA_PAD) || 1855 nla_put_msecs(skb, NDTPA_BASE_REACHABLE_TIME, 1856 NEIGH_VAR(parms, BASE_REACHABLE_TIME), NDTPA_PAD) || 1857 nla_put_msecs(skb, NDTPA_GC_STALETIME, 1858 NEIGH_VAR(parms, GC_STALETIME), NDTPA_PAD) || 1859 nla_put_msecs(skb, NDTPA_DELAY_PROBE_TIME, 1860 NEIGH_VAR(parms, DELAY_PROBE_TIME), NDTPA_PAD) || 1861 nla_put_msecs(skb, NDTPA_RETRANS_TIME, 1862 NEIGH_VAR(parms, RETRANS_TIME), NDTPA_PAD) || 1863 nla_put_msecs(skb, NDTPA_ANYCAST_DELAY, 1864 NEIGH_VAR(parms, ANYCAST_DELAY), NDTPA_PAD) || 1865 nla_put_msecs(skb, NDTPA_PROXY_DELAY, 1866 NEIGH_VAR(parms, PROXY_DELAY), NDTPA_PAD) || 1867 nla_put_msecs(skb, NDTPA_LOCKTIME, 1868 NEIGH_VAR(parms, LOCKTIME), NDTPA_PAD)) 1869 goto nla_put_failure; 1870 return nla_nest_end(skb, nest); 1871 1872 nla_put_failure: 1873 nla_nest_cancel(skb, nest); 1874 return -EMSGSIZE; 1875 } 1876 1877 static int neightbl_fill_info(struct sk_buff *skb, struct neigh_table *tbl, 1878 u32 pid, u32 seq, int type, int flags) 1879 { 1880 struct nlmsghdr *nlh; 1881 struct ndtmsg *ndtmsg; 1882 1883 nlh = nlmsg_put(skb, pid, seq, type, sizeof(*ndtmsg), flags); 1884 if (nlh == NULL) 1885 return -EMSGSIZE; 1886 1887 ndtmsg = nlmsg_data(nlh); 1888 1889 read_lock_bh(&tbl->lock); 1890 ndtmsg->ndtm_family = tbl->family; 1891 ndtmsg->ndtm_pad1 = 0; 1892 ndtmsg->ndtm_pad2 = 0; 1893 1894 if (nla_put_string(skb, NDTA_NAME, tbl->id) || 1895 nla_put_msecs(skb, NDTA_GC_INTERVAL, tbl->gc_interval, NDTA_PAD) || 1896 nla_put_u32(skb, NDTA_THRESH1, tbl->gc_thresh1) || 1897 nla_put_u32(skb, NDTA_THRESH2, tbl->gc_thresh2) || 1898 nla_put_u32(skb, NDTA_THRESH3, tbl->gc_thresh3)) 1899 goto nla_put_failure; 1900 { 1901 unsigned long now = jiffies; 1902 unsigned int flush_delta = now - tbl->last_flush; 1903 unsigned int rand_delta = now - tbl->last_rand; 1904 struct neigh_hash_table *nht; 1905 struct ndt_config ndc = { 1906 .ndtc_key_len = tbl->key_len, 1907 .ndtc_entry_size = tbl->entry_size, 1908 .ndtc_entries = atomic_read(&tbl->entries), 1909 .ndtc_last_flush = jiffies_to_msecs(flush_delta), 1910 .ndtc_last_rand = jiffies_to_msecs(rand_delta), 1911 .ndtc_proxy_qlen = tbl->proxy_queue.qlen, 1912 }; 1913 1914 rcu_read_lock_bh(); 1915 nht = rcu_dereference_bh(tbl->nht); 1916 ndc.ndtc_hash_rnd = nht->hash_rnd[0]; 1917 ndc.ndtc_hash_mask = ((1 << nht->hash_shift) - 1); 1918 rcu_read_unlock_bh(); 1919 1920 if (nla_put(skb, NDTA_CONFIG, sizeof(ndc), &ndc)) 1921 goto nla_put_failure; 1922 } 1923 1924 { 1925 int cpu; 1926 struct ndt_stats ndst; 1927 1928 memset(&ndst, 0, sizeof(ndst)); 1929 1930 for_each_possible_cpu(cpu) { 1931 struct neigh_statistics *st; 1932 1933 st = per_cpu_ptr(tbl->stats, cpu); 1934 ndst.ndts_allocs += st->allocs; 1935 ndst.ndts_destroys += st->destroys; 1936 ndst.ndts_hash_grows += st->hash_grows; 1937 ndst.ndts_res_failed += st->res_failed; 1938 ndst.ndts_lookups += st->lookups; 1939 ndst.ndts_hits += st->hits; 1940 ndst.ndts_rcv_probes_mcast += st->rcv_probes_mcast; 1941 ndst.ndts_rcv_probes_ucast += st->rcv_probes_ucast; 1942 ndst.ndts_periodic_gc_runs += st->periodic_gc_runs; 1943 ndst.ndts_forced_gc_runs += st->forced_gc_runs; 1944 ndst.ndts_table_fulls += st->table_fulls; 1945 } 1946 1947 if (nla_put_64bit(skb, NDTA_STATS, sizeof(ndst), &ndst, 1948 NDTA_PAD)) 1949 goto nla_put_failure; 1950 } 1951 1952 BUG_ON(tbl->parms.dev); 1953 if (neightbl_fill_parms(skb, &tbl->parms) < 0) 1954 goto nla_put_failure; 1955 1956 read_unlock_bh(&tbl->lock); 1957 nlmsg_end(skb, nlh); 1958 return 0; 1959 1960 nla_put_failure: 1961 read_unlock_bh(&tbl->lock); 1962 nlmsg_cancel(skb, nlh); 1963 return -EMSGSIZE; 1964 } 1965 1966 static int neightbl_fill_param_info(struct sk_buff *skb, 1967 struct neigh_table *tbl, 1968 struct neigh_parms *parms, 1969 u32 pid, u32 seq, int type, 1970 unsigned int flags) 1971 { 1972 struct ndtmsg *ndtmsg; 1973 struct nlmsghdr *nlh; 1974 1975 nlh = nlmsg_put(skb, pid, seq, type, sizeof(*ndtmsg), flags); 1976 if (nlh == NULL) 1977 return -EMSGSIZE; 1978 1979 ndtmsg = nlmsg_data(nlh); 1980 1981 read_lock_bh(&tbl->lock); 1982 ndtmsg->ndtm_family = tbl->family; 1983 ndtmsg->ndtm_pad1 = 0; 1984 ndtmsg->ndtm_pad2 = 0; 1985 1986 if (nla_put_string(skb, NDTA_NAME, tbl->id) < 0 || 1987 neightbl_fill_parms(skb, parms) < 0) 1988 goto errout; 1989 1990 read_unlock_bh(&tbl->lock); 1991 nlmsg_end(skb, nlh); 1992 return 0; 1993 errout: 1994 read_unlock_bh(&tbl->lock); 1995 nlmsg_cancel(skb, nlh); 1996 return -EMSGSIZE; 1997 } 1998 1999 static const struct nla_policy nl_neightbl_policy[NDTA_MAX+1] = { 2000 [NDTA_NAME] = { .type = NLA_STRING }, 2001 [NDTA_THRESH1] = { .type = NLA_U32 }, 2002 [NDTA_THRESH2] = { .type = NLA_U32 }, 2003 [NDTA_THRESH3] = { .type = NLA_U32 }, 2004 [NDTA_GC_INTERVAL] = { .type = NLA_U64 }, 2005 [NDTA_PARMS] = { .type = NLA_NESTED }, 2006 }; 2007 2008 static const struct nla_policy nl_ntbl_parm_policy[NDTPA_MAX+1] = { 2009 [NDTPA_IFINDEX] = { .type = NLA_U32 }, 2010 [NDTPA_QUEUE_LEN] = { .type = NLA_U32 }, 2011 [NDTPA_PROXY_QLEN] = { .type = NLA_U32 }, 2012 [NDTPA_APP_PROBES] = { .type = NLA_U32 }, 2013 [NDTPA_UCAST_PROBES] = { .type = NLA_U32 }, 2014 [NDTPA_MCAST_PROBES] = { .type = NLA_U32 }, 2015 [NDTPA_MCAST_REPROBES] = { .type = NLA_U32 }, 2016 [NDTPA_BASE_REACHABLE_TIME] = { .type = NLA_U64 }, 2017 [NDTPA_GC_STALETIME] = { .type = NLA_U64 }, 2018 [NDTPA_DELAY_PROBE_TIME] = { .type = NLA_U64 }, 2019 [NDTPA_RETRANS_TIME] = { .type = NLA_U64 }, 2020 [NDTPA_ANYCAST_DELAY] = { .type = NLA_U64 }, 2021 [NDTPA_PROXY_DELAY] = { .type = NLA_U64 }, 2022 [NDTPA_LOCKTIME] = { .type = NLA_U64 }, 2023 }; 2024 2025 static int neightbl_set(struct sk_buff *skb, struct nlmsghdr *nlh, 2026 struct netlink_ext_ack *extack) 2027 { 2028 struct net *net = sock_net(skb->sk); 2029 struct neigh_table *tbl; 2030 struct ndtmsg *ndtmsg; 2031 struct nlattr *tb[NDTA_MAX+1]; 2032 bool found = false; 2033 int err, tidx; 2034 2035 err = nlmsg_parse(nlh, sizeof(*ndtmsg), tb, NDTA_MAX, 2036 nl_neightbl_policy, extack); 2037 if (err < 0) 2038 goto errout; 2039 2040 if (tb[NDTA_NAME] == NULL) { 2041 err = -EINVAL; 2042 goto errout; 2043 } 2044 2045 ndtmsg = nlmsg_data(nlh); 2046 2047 for (tidx = 0; tidx < NEIGH_NR_TABLES; tidx++) { 2048 tbl = neigh_tables[tidx]; 2049 if (!tbl) 2050 continue; 2051 if (ndtmsg->ndtm_family && tbl->family != ndtmsg->ndtm_family) 2052 continue; 2053 if (nla_strcmp(tb[NDTA_NAME], tbl->id) == 0) { 2054 found = true; 2055 break; 2056 } 2057 } 2058 2059 if (!found) 2060 return -ENOENT; 2061 2062 /* 2063 * We acquire tbl->lock to be nice to the periodic timers and 2064 * make sure they always see a consistent set of values. 2065 */ 2066 write_lock_bh(&tbl->lock); 2067 2068 if (tb[NDTA_PARMS]) { 2069 struct nlattr *tbp[NDTPA_MAX+1]; 2070 struct neigh_parms *p; 2071 int i, ifindex = 0; 2072 2073 err = nla_parse_nested(tbp, NDTPA_MAX, tb[NDTA_PARMS], 2074 nl_ntbl_parm_policy, extack); 2075 if (err < 0) 2076 goto errout_tbl_lock; 2077 2078 if (tbp[NDTPA_IFINDEX]) 2079 ifindex = nla_get_u32(tbp[NDTPA_IFINDEX]); 2080 2081 p = lookup_neigh_parms(tbl, net, ifindex); 2082 if (p == NULL) { 2083 err = -ENOENT; 2084 goto errout_tbl_lock; 2085 } 2086 2087 for (i = 1; i <= NDTPA_MAX; i++) { 2088 if (tbp[i] == NULL) 2089 continue; 2090 2091 switch (i) { 2092 case NDTPA_QUEUE_LEN: 2093 NEIGH_VAR_SET(p, QUEUE_LEN_BYTES, 2094 nla_get_u32(tbp[i]) * 2095 SKB_TRUESIZE(ETH_FRAME_LEN)); 2096 break; 2097 case NDTPA_QUEUE_LENBYTES: 2098 NEIGH_VAR_SET(p, QUEUE_LEN_BYTES, 2099 nla_get_u32(tbp[i])); 2100 break; 2101 case NDTPA_PROXY_QLEN: 2102 NEIGH_VAR_SET(p, PROXY_QLEN, 2103 nla_get_u32(tbp[i])); 2104 break; 2105 case NDTPA_APP_PROBES: 2106 NEIGH_VAR_SET(p, APP_PROBES, 2107 nla_get_u32(tbp[i])); 2108 break; 2109 case NDTPA_UCAST_PROBES: 2110 NEIGH_VAR_SET(p, UCAST_PROBES, 2111 nla_get_u32(tbp[i])); 2112 break; 2113 case NDTPA_MCAST_PROBES: 2114 NEIGH_VAR_SET(p, MCAST_PROBES, 2115 nla_get_u32(tbp[i])); 2116 break; 2117 case NDTPA_MCAST_REPROBES: 2118 NEIGH_VAR_SET(p, MCAST_REPROBES, 2119 nla_get_u32(tbp[i])); 2120 break; 2121 case NDTPA_BASE_REACHABLE_TIME: 2122 NEIGH_VAR_SET(p, BASE_REACHABLE_TIME, 2123 nla_get_msecs(tbp[i])); 2124 /* update reachable_time as well, otherwise, the change will 2125 * only be effective after the next time neigh_periodic_work 2126 * decides to recompute it (can be multiple minutes) 2127 */ 2128 p->reachable_time = 2129 neigh_rand_reach_time(NEIGH_VAR(p, BASE_REACHABLE_TIME)); 2130 break; 2131 case NDTPA_GC_STALETIME: 2132 NEIGH_VAR_SET(p, GC_STALETIME, 2133 nla_get_msecs(tbp[i])); 2134 break; 2135 case NDTPA_DELAY_PROBE_TIME: 2136 NEIGH_VAR_SET(p, DELAY_PROBE_TIME, 2137 nla_get_msecs(tbp[i])); 2138 call_netevent_notifiers(NETEVENT_DELAY_PROBE_TIME_UPDATE, p); 2139 break; 2140 case NDTPA_RETRANS_TIME: 2141 NEIGH_VAR_SET(p, RETRANS_TIME, 2142 nla_get_msecs(tbp[i])); 2143 break; 2144 case NDTPA_ANYCAST_DELAY: 2145 NEIGH_VAR_SET(p, ANYCAST_DELAY, 2146 nla_get_msecs(tbp[i])); 2147 break; 2148 case NDTPA_PROXY_DELAY: 2149 NEIGH_VAR_SET(p, PROXY_DELAY, 2150 nla_get_msecs(tbp[i])); 2151 break; 2152 case NDTPA_LOCKTIME: 2153 NEIGH_VAR_SET(p, LOCKTIME, 2154 nla_get_msecs(tbp[i])); 2155 break; 2156 } 2157 } 2158 } 2159 2160 err = -ENOENT; 2161 if ((tb[NDTA_THRESH1] || tb[NDTA_THRESH2] || 2162 tb[NDTA_THRESH3] || tb[NDTA_GC_INTERVAL]) && 2163 !net_eq(net, &init_net)) 2164 goto errout_tbl_lock; 2165 2166 if (tb[NDTA_THRESH1]) 2167 tbl->gc_thresh1 = nla_get_u32(tb[NDTA_THRESH1]); 2168 2169 if (tb[NDTA_THRESH2]) 2170 tbl->gc_thresh2 = nla_get_u32(tb[NDTA_THRESH2]); 2171 2172 if (tb[NDTA_THRESH3]) 2173 tbl->gc_thresh3 = nla_get_u32(tb[NDTA_THRESH3]); 2174 2175 if (tb[NDTA_GC_INTERVAL]) 2176 tbl->gc_interval = nla_get_msecs(tb[NDTA_GC_INTERVAL]); 2177 2178 err = 0; 2179 2180 errout_tbl_lock: 2181 write_unlock_bh(&tbl->lock); 2182 errout: 2183 return err; 2184 } 2185 2186 static int neightbl_valid_dump_info(const struct nlmsghdr *nlh, 2187 struct netlink_ext_ack *extack) 2188 { 2189 struct ndtmsg *ndtm; 2190 2191 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*ndtm))) { 2192 NL_SET_ERR_MSG(extack, "Invalid header for neighbor table dump request"); 2193 return -EINVAL; 2194 } 2195 2196 ndtm = nlmsg_data(nlh); 2197 if (ndtm->ndtm_pad1 || ndtm->ndtm_pad2) { 2198 NL_SET_ERR_MSG(extack, "Invalid values in header for neighbor table dump request"); 2199 return -EINVAL; 2200 } 2201 2202 if (nlmsg_attrlen(nlh, sizeof(*ndtm))) { 2203 NL_SET_ERR_MSG(extack, "Invalid data after header in neighbor table dump request"); 2204 return -EINVAL; 2205 } 2206 2207 return 0; 2208 } 2209 2210 static int neightbl_dump_info(struct sk_buff *skb, struct netlink_callback *cb) 2211 { 2212 const struct nlmsghdr *nlh = cb->nlh; 2213 struct net *net = sock_net(skb->sk); 2214 int family, tidx, nidx = 0; 2215 int tbl_skip = cb->args[0]; 2216 int neigh_skip = cb->args[1]; 2217 struct neigh_table *tbl; 2218 2219 if (cb->strict_check) { 2220 int err = neightbl_valid_dump_info(nlh, cb->extack); 2221 2222 if (err < 0) 2223 return err; 2224 } 2225 2226 family = ((struct rtgenmsg *)nlmsg_data(nlh))->rtgen_family; 2227 2228 for (tidx = 0; tidx < NEIGH_NR_TABLES; tidx++) { 2229 struct neigh_parms *p; 2230 2231 tbl = neigh_tables[tidx]; 2232 if (!tbl) 2233 continue; 2234 2235 if (tidx < tbl_skip || (family && tbl->family != family)) 2236 continue; 2237 2238 if (neightbl_fill_info(skb, tbl, NETLINK_CB(cb->skb).portid, 2239 nlh->nlmsg_seq, RTM_NEWNEIGHTBL, 2240 NLM_F_MULTI) < 0) 2241 break; 2242 2243 nidx = 0; 2244 p = list_next_entry(&tbl->parms, list); 2245 list_for_each_entry_from(p, &tbl->parms_list, list) { 2246 if (!net_eq(neigh_parms_net(p), net)) 2247 continue; 2248 2249 if (nidx < neigh_skip) 2250 goto next; 2251 2252 if (neightbl_fill_param_info(skb, tbl, p, 2253 NETLINK_CB(cb->skb).portid, 2254 nlh->nlmsg_seq, 2255 RTM_NEWNEIGHTBL, 2256 NLM_F_MULTI) < 0) 2257 goto out; 2258 next: 2259 nidx++; 2260 } 2261 2262 neigh_skip = 0; 2263 } 2264 out: 2265 cb->args[0] = tidx; 2266 cb->args[1] = nidx; 2267 2268 return skb->len; 2269 } 2270 2271 static int neigh_fill_info(struct sk_buff *skb, struct neighbour *neigh, 2272 u32 pid, u32 seq, int type, unsigned int flags) 2273 { 2274 unsigned long now = jiffies; 2275 struct nda_cacheinfo ci; 2276 struct nlmsghdr *nlh; 2277 struct ndmsg *ndm; 2278 2279 nlh = nlmsg_put(skb, pid, seq, type, sizeof(*ndm), flags); 2280 if (nlh == NULL) 2281 return -EMSGSIZE; 2282 2283 ndm = nlmsg_data(nlh); 2284 ndm->ndm_family = neigh->ops->family; 2285 ndm->ndm_pad1 = 0; 2286 ndm->ndm_pad2 = 0; 2287 ndm->ndm_flags = neigh->flags; 2288 ndm->ndm_type = neigh->type; 2289 ndm->ndm_ifindex = neigh->dev->ifindex; 2290 2291 if (nla_put(skb, NDA_DST, neigh->tbl->key_len, neigh->primary_key)) 2292 goto nla_put_failure; 2293 2294 read_lock_bh(&neigh->lock); 2295 ndm->ndm_state = neigh->nud_state; 2296 if (neigh->nud_state & NUD_VALID) { 2297 char haddr[MAX_ADDR_LEN]; 2298 2299 neigh_ha_snapshot(haddr, neigh, neigh->dev); 2300 if (nla_put(skb, NDA_LLADDR, neigh->dev->addr_len, haddr) < 0) { 2301 read_unlock_bh(&neigh->lock); 2302 goto nla_put_failure; 2303 } 2304 } 2305 2306 ci.ndm_used = jiffies_to_clock_t(now - neigh->used); 2307 ci.ndm_confirmed = jiffies_to_clock_t(now - neigh->confirmed); 2308 ci.ndm_updated = jiffies_to_clock_t(now - neigh->updated); 2309 ci.ndm_refcnt = refcount_read(&neigh->refcnt) - 1; 2310 read_unlock_bh(&neigh->lock); 2311 2312 if (nla_put_u32(skb, NDA_PROBES, atomic_read(&neigh->probes)) || 2313 nla_put(skb, NDA_CACHEINFO, sizeof(ci), &ci)) 2314 goto nla_put_failure; 2315 2316 nlmsg_end(skb, nlh); 2317 return 0; 2318 2319 nla_put_failure: 2320 nlmsg_cancel(skb, nlh); 2321 return -EMSGSIZE; 2322 } 2323 2324 static int pneigh_fill_info(struct sk_buff *skb, struct pneigh_entry *pn, 2325 u32 pid, u32 seq, int type, unsigned int flags, 2326 struct neigh_table *tbl) 2327 { 2328 struct nlmsghdr *nlh; 2329 struct ndmsg *ndm; 2330 2331 nlh = nlmsg_put(skb, pid, seq, type, sizeof(*ndm), flags); 2332 if (nlh == NULL) 2333 return -EMSGSIZE; 2334 2335 ndm = nlmsg_data(nlh); 2336 ndm->ndm_family = tbl->family; 2337 ndm->ndm_pad1 = 0; 2338 ndm->ndm_pad2 = 0; 2339 ndm->ndm_flags = pn->flags | NTF_PROXY; 2340 ndm->ndm_type = RTN_UNICAST; 2341 ndm->ndm_ifindex = pn->dev ? pn->dev->ifindex : 0; 2342 ndm->ndm_state = NUD_NONE; 2343 2344 if (nla_put(skb, NDA_DST, tbl->key_len, pn->key)) 2345 goto nla_put_failure; 2346 2347 nlmsg_end(skb, nlh); 2348 return 0; 2349 2350 nla_put_failure: 2351 nlmsg_cancel(skb, nlh); 2352 return -EMSGSIZE; 2353 } 2354 2355 static void neigh_update_notify(struct neighbour *neigh, u32 nlmsg_pid) 2356 { 2357 call_netevent_notifiers(NETEVENT_NEIGH_UPDATE, neigh); 2358 __neigh_notify(neigh, RTM_NEWNEIGH, 0, nlmsg_pid); 2359 } 2360 2361 static bool neigh_master_filtered(struct net_device *dev, int master_idx) 2362 { 2363 struct net_device *master; 2364 2365 if (!master_idx) 2366 return false; 2367 2368 master = netdev_master_upper_dev_get(dev); 2369 if (!master || master->ifindex != master_idx) 2370 return true; 2371 2372 return false; 2373 } 2374 2375 static bool neigh_ifindex_filtered(struct net_device *dev, int filter_idx) 2376 { 2377 if (filter_idx && dev->ifindex != filter_idx) 2378 return true; 2379 2380 return false; 2381 } 2382 2383 struct neigh_dump_filter { 2384 int master_idx; 2385 int dev_idx; 2386 }; 2387 2388 static int neigh_dump_table(struct neigh_table *tbl, struct sk_buff *skb, 2389 struct netlink_callback *cb, 2390 struct neigh_dump_filter *filter) 2391 { 2392 struct net *net = sock_net(skb->sk); 2393 struct neighbour *n; 2394 int rc, h, s_h = cb->args[1]; 2395 int idx, s_idx = idx = cb->args[2]; 2396 struct neigh_hash_table *nht; 2397 unsigned int flags = NLM_F_MULTI; 2398 2399 if (filter->dev_idx || filter->master_idx) 2400 flags |= NLM_F_DUMP_FILTERED; 2401 2402 rcu_read_lock_bh(); 2403 nht = rcu_dereference_bh(tbl->nht); 2404 2405 for (h = s_h; h < (1 << nht->hash_shift); h++) { 2406 if (h > s_h) 2407 s_idx = 0; 2408 for (n = rcu_dereference_bh(nht->hash_buckets[h]), idx = 0; 2409 n != NULL; 2410 n = rcu_dereference_bh(n->next)) { 2411 if (idx < s_idx || !net_eq(dev_net(n->dev), net)) 2412 goto next; 2413 if (neigh_ifindex_filtered(n->dev, filter->dev_idx) || 2414 neigh_master_filtered(n->dev, filter->master_idx)) 2415 goto next; 2416 if (neigh_fill_info(skb, n, NETLINK_CB(cb->skb).portid, 2417 cb->nlh->nlmsg_seq, 2418 RTM_NEWNEIGH, 2419 flags) < 0) { 2420 rc = -1; 2421 goto out; 2422 } 2423 next: 2424 idx++; 2425 } 2426 } 2427 rc = skb->len; 2428 out: 2429 rcu_read_unlock_bh(); 2430 cb->args[1] = h; 2431 cb->args[2] = idx; 2432 return rc; 2433 } 2434 2435 static int pneigh_dump_table(struct neigh_table *tbl, struct sk_buff *skb, 2436 struct netlink_callback *cb, 2437 struct neigh_dump_filter *filter) 2438 { 2439 struct pneigh_entry *n; 2440 struct net *net = sock_net(skb->sk); 2441 int rc, h, s_h = cb->args[3]; 2442 int idx, s_idx = idx = cb->args[4]; 2443 unsigned int flags = NLM_F_MULTI; 2444 2445 if (filter->dev_idx || filter->master_idx) 2446 flags |= NLM_F_DUMP_FILTERED; 2447 2448 read_lock_bh(&tbl->lock); 2449 2450 for (h = s_h; h <= PNEIGH_HASHMASK; h++) { 2451 if (h > s_h) 2452 s_idx = 0; 2453 for (n = tbl->phash_buckets[h], idx = 0; n; n = n->next) { 2454 if (idx < s_idx || pneigh_net(n) != net) 2455 goto next; 2456 if (neigh_ifindex_filtered(n->dev, filter->dev_idx) || 2457 neigh_master_filtered(n->dev, filter->master_idx)) 2458 goto next; 2459 if (pneigh_fill_info(skb, n, NETLINK_CB(cb->skb).portid, 2460 cb->nlh->nlmsg_seq, 2461 RTM_NEWNEIGH, flags, tbl) < 0) { 2462 read_unlock_bh(&tbl->lock); 2463 rc = -1; 2464 goto out; 2465 } 2466 next: 2467 idx++; 2468 } 2469 } 2470 2471 read_unlock_bh(&tbl->lock); 2472 rc = skb->len; 2473 out: 2474 cb->args[3] = h; 2475 cb->args[4] = idx; 2476 return rc; 2477 2478 } 2479 2480 static int neigh_valid_dump_req(const struct nlmsghdr *nlh, 2481 bool strict_check, 2482 struct neigh_dump_filter *filter, 2483 struct netlink_ext_ack *extack) 2484 { 2485 struct nlattr *tb[NDA_MAX + 1]; 2486 int err, i; 2487 2488 if (strict_check) { 2489 struct ndmsg *ndm; 2490 2491 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*ndm))) { 2492 NL_SET_ERR_MSG(extack, "Invalid header for neighbor dump request"); 2493 return -EINVAL; 2494 } 2495 2496 ndm = nlmsg_data(nlh); 2497 if (ndm->ndm_pad1 || ndm->ndm_pad2 || ndm->ndm_ifindex || 2498 ndm->ndm_state || ndm->ndm_flags || ndm->ndm_type) { 2499 NL_SET_ERR_MSG(extack, "Invalid values in header for neighbor dump request"); 2500 return -EINVAL; 2501 } 2502 2503 err = nlmsg_parse_strict(nlh, sizeof(struct ndmsg), tb, NDA_MAX, 2504 NULL, extack); 2505 } else { 2506 err = nlmsg_parse(nlh, sizeof(struct ndmsg), tb, NDA_MAX, 2507 NULL, extack); 2508 } 2509 if (err < 0) 2510 return err; 2511 2512 for (i = 0; i <= NDA_MAX; ++i) { 2513 if (!tb[i]) 2514 continue; 2515 2516 /* all new attributes should require strict_check */ 2517 switch (i) { 2518 case NDA_IFINDEX: 2519 if (nla_len(tb[i]) != sizeof(u32)) { 2520 NL_SET_ERR_MSG(extack, "Invalid IFINDEX attribute in neighbor dump request"); 2521 return -EINVAL; 2522 } 2523 filter->dev_idx = nla_get_u32(tb[i]); 2524 break; 2525 case NDA_MASTER: 2526 if (nla_len(tb[i]) != sizeof(u32)) { 2527 NL_SET_ERR_MSG(extack, "Invalid MASTER attribute in neighbor dump request"); 2528 return -EINVAL; 2529 } 2530 filter->master_idx = nla_get_u32(tb[i]); 2531 break; 2532 default: 2533 if (strict_check) { 2534 NL_SET_ERR_MSG(extack, "Unsupported attribute in neighbor dump request"); 2535 return -EINVAL; 2536 } 2537 } 2538 } 2539 2540 return 0; 2541 } 2542 2543 static int neigh_dump_info(struct sk_buff *skb, struct netlink_callback *cb) 2544 { 2545 const struct nlmsghdr *nlh = cb->nlh; 2546 struct neigh_dump_filter filter = {}; 2547 struct neigh_table *tbl; 2548 int t, family, s_t; 2549 int proxy = 0; 2550 int err; 2551 2552 family = ((struct rtgenmsg *)nlmsg_data(nlh))->rtgen_family; 2553 2554 /* check for full ndmsg structure presence, family member is 2555 * the same for both structures 2556 */ 2557 if (nlmsg_len(nlh) >= sizeof(struct ndmsg) && 2558 ((struct ndmsg *)nlmsg_data(nlh))->ndm_flags == NTF_PROXY) 2559 proxy = 1; 2560 2561 err = neigh_valid_dump_req(nlh, cb->strict_check, &filter, cb->extack); 2562 if (err < 0 && cb->strict_check) 2563 return err; 2564 2565 s_t = cb->args[0]; 2566 2567 for (t = 0; t < NEIGH_NR_TABLES; t++) { 2568 tbl = neigh_tables[t]; 2569 2570 if (!tbl) 2571 continue; 2572 if (t < s_t || (family && tbl->family != family)) 2573 continue; 2574 if (t > s_t) 2575 memset(&cb->args[1], 0, sizeof(cb->args) - 2576 sizeof(cb->args[0])); 2577 if (proxy) 2578 err = pneigh_dump_table(tbl, skb, cb, &filter); 2579 else 2580 err = neigh_dump_table(tbl, skb, cb, &filter); 2581 if (err < 0) 2582 break; 2583 } 2584 2585 cb->args[0] = t; 2586 return skb->len; 2587 } 2588 2589 void neigh_for_each(struct neigh_table *tbl, void (*cb)(struct neighbour *, void *), void *cookie) 2590 { 2591 int chain; 2592 struct neigh_hash_table *nht; 2593 2594 rcu_read_lock_bh(); 2595 nht = rcu_dereference_bh(tbl->nht); 2596 2597 read_lock(&tbl->lock); /* avoid resizes */ 2598 for (chain = 0; chain < (1 << nht->hash_shift); chain++) { 2599 struct neighbour *n; 2600 2601 for (n = rcu_dereference_bh(nht->hash_buckets[chain]); 2602 n != NULL; 2603 n = rcu_dereference_bh(n->next)) 2604 cb(n, cookie); 2605 } 2606 read_unlock(&tbl->lock); 2607 rcu_read_unlock_bh(); 2608 } 2609 EXPORT_SYMBOL(neigh_for_each); 2610 2611 /* The tbl->lock must be held as a writer and BH disabled. */ 2612 void __neigh_for_each_release(struct neigh_table *tbl, 2613 int (*cb)(struct neighbour *)) 2614 { 2615 int chain; 2616 struct neigh_hash_table *nht; 2617 2618 nht = rcu_dereference_protected(tbl->nht, 2619 lockdep_is_held(&tbl->lock)); 2620 for (chain = 0; chain < (1 << nht->hash_shift); chain++) { 2621 struct neighbour *n; 2622 struct neighbour __rcu **np; 2623 2624 np = &nht->hash_buckets[chain]; 2625 while ((n = rcu_dereference_protected(*np, 2626 lockdep_is_held(&tbl->lock))) != NULL) { 2627 int release; 2628 2629 write_lock(&n->lock); 2630 release = cb(n); 2631 if (release) { 2632 rcu_assign_pointer(*np, 2633 rcu_dereference_protected(n->next, 2634 lockdep_is_held(&tbl->lock))); 2635 n->dead = 1; 2636 } else 2637 np = &n->next; 2638 write_unlock(&n->lock); 2639 if (release) 2640 neigh_cleanup_and_release(n); 2641 } 2642 } 2643 } 2644 EXPORT_SYMBOL(__neigh_for_each_release); 2645 2646 int neigh_xmit(int index, struct net_device *dev, 2647 const void *addr, struct sk_buff *skb) 2648 { 2649 int err = -EAFNOSUPPORT; 2650 if (likely(index < NEIGH_NR_TABLES)) { 2651 struct neigh_table *tbl; 2652 struct neighbour *neigh; 2653 2654 tbl = neigh_tables[index]; 2655 if (!tbl) 2656 goto out; 2657 rcu_read_lock_bh(); 2658 neigh = __neigh_lookup_noref(tbl, addr, dev); 2659 if (!neigh) 2660 neigh = __neigh_create(tbl, addr, dev, false); 2661 err = PTR_ERR(neigh); 2662 if (IS_ERR(neigh)) { 2663 rcu_read_unlock_bh(); 2664 goto out_kfree_skb; 2665 } 2666 err = neigh->output(neigh, skb); 2667 rcu_read_unlock_bh(); 2668 } 2669 else if (index == NEIGH_LINK_TABLE) { 2670 err = dev_hard_header(skb, dev, ntohs(skb->protocol), 2671 addr, NULL, skb->len); 2672 if (err < 0) 2673 goto out_kfree_skb; 2674 err = dev_queue_xmit(skb); 2675 } 2676 out: 2677 return err; 2678 out_kfree_skb: 2679 kfree_skb(skb); 2680 goto out; 2681 } 2682 EXPORT_SYMBOL(neigh_xmit); 2683 2684 #ifdef CONFIG_PROC_FS 2685 2686 static struct neighbour *neigh_get_first(struct seq_file *seq) 2687 { 2688 struct neigh_seq_state *state = seq->private; 2689 struct net *net = seq_file_net(seq); 2690 struct neigh_hash_table *nht = state->nht; 2691 struct neighbour *n = NULL; 2692 int bucket = state->bucket; 2693 2694 state->flags &= ~NEIGH_SEQ_IS_PNEIGH; 2695 for (bucket = 0; bucket < (1 << nht->hash_shift); bucket++) { 2696 n = rcu_dereference_bh(nht->hash_buckets[bucket]); 2697 2698 while (n) { 2699 if (!net_eq(dev_net(n->dev), net)) 2700 goto next; 2701 if (state->neigh_sub_iter) { 2702 loff_t fakep = 0; 2703 void *v; 2704 2705 v = state->neigh_sub_iter(state, n, &fakep); 2706 if (!v) 2707 goto next; 2708 } 2709 if (!(state->flags & NEIGH_SEQ_SKIP_NOARP)) 2710 break; 2711 if (n->nud_state & ~NUD_NOARP) 2712 break; 2713 next: 2714 n = rcu_dereference_bh(n->next); 2715 } 2716 2717 if (n) 2718 break; 2719 } 2720 state->bucket = bucket; 2721 2722 return n; 2723 } 2724 2725 static struct neighbour *neigh_get_next(struct seq_file *seq, 2726 struct neighbour *n, 2727 loff_t *pos) 2728 { 2729 struct neigh_seq_state *state = seq->private; 2730 struct net *net = seq_file_net(seq); 2731 struct neigh_hash_table *nht = state->nht; 2732 2733 if (state->neigh_sub_iter) { 2734 void *v = state->neigh_sub_iter(state, n, pos); 2735 if (v) 2736 return n; 2737 } 2738 n = rcu_dereference_bh(n->next); 2739 2740 while (1) { 2741 while (n) { 2742 if (!net_eq(dev_net(n->dev), net)) 2743 goto next; 2744 if (state->neigh_sub_iter) { 2745 void *v = state->neigh_sub_iter(state, n, pos); 2746 if (v) 2747 return n; 2748 goto next; 2749 } 2750 if (!(state->flags & NEIGH_SEQ_SKIP_NOARP)) 2751 break; 2752 2753 if (n->nud_state & ~NUD_NOARP) 2754 break; 2755 next: 2756 n = rcu_dereference_bh(n->next); 2757 } 2758 2759 if (n) 2760 break; 2761 2762 if (++state->bucket >= (1 << nht->hash_shift)) 2763 break; 2764 2765 n = rcu_dereference_bh(nht->hash_buckets[state->bucket]); 2766 } 2767 2768 if (n && pos) 2769 --(*pos); 2770 return n; 2771 } 2772 2773 static struct neighbour *neigh_get_idx(struct seq_file *seq, loff_t *pos) 2774 { 2775 struct neighbour *n = neigh_get_first(seq); 2776 2777 if (n) { 2778 --(*pos); 2779 while (*pos) { 2780 n = neigh_get_next(seq, n, pos); 2781 if (!n) 2782 break; 2783 } 2784 } 2785 return *pos ? NULL : n; 2786 } 2787 2788 static struct pneigh_entry *pneigh_get_first(struct seq_file *seq) 2789 { 2790 struct neigh_seq_state *state = seq->private; 2791 struct net *net = seq_file_net(seq); 2792 struct neigh_table *tbl = state->tbl; 2793 struct pneigh_entry *pn = NULL; 2794 int bucket = state->bucket; 2795 2796 state->flags |= NEIGH_SEQ_IS_PNEIGH; 2797 for (bucket = 0; bucket <= PNEIGH_HASHMASK; bucket++) { 2798 pn = tbl->phash_buckets[bucket]; 2799 while (pn && !net_eq(pneigh_net(pn), net)) 2800 pn = pn->next; 2801 if (pn) 2802 break; 2803 } 2804 state->bucket = bucket; 2805 2806 return pn; 2807 } 2808 2809 static struct pneigh_entry *pneigh_get_next(struct seq_file *seq, 2810 struct pneigh_entry *pn, 2811 loff_t *pos) 2812 { 2813 struct neigh_seq_state *state = seq->private; 2814 struct net *net = seq_file_net(seq); 2815 struct neigh_table *tbl = state->tbl; 2816 2817 do { 2818 pn = pn->next; 2819 } while (pn && !net_eq(pneigh_net(pn), net)); 2820 2821 while (!pn) { 2822 if (++state->bucket > PNEIGH_HASHMASK) 2823 break; 2824 pn = tbl->phash_buckets[state->bucket]; 2825 while (pn && !net_eq(pneigh_net(pn), net)) 2826 pn = pn->next; 2827 if (pn) 2828 break; 2829 } 2830 2831 if (pn && pos) 2832 --(*pos); 2833 2834 return pn; 2835 } 2836 2837 static struct pneigh_entry *pneigh_get_idx(struct seq_file *seq, loff_t *pos) 2838 { 2839 struct pneigh_entry *pn = pneigh_get_first(seq); 2840 2841 if (pn) { 2842 --(*pos); 2843 while (*pos) { 2844 pn = pneigh_get_next(seq, pn, pos); 2845 if (!pn) 2846 break; 2847 } 2848 } 2849 return *pos ? NULL : pn; 2850 } 2851 2852 static void *neigh_get_idx_any(struct seq_file *seq, loff_t *pos) 2853 { 2854 struct neigh_seq_state *state = seq->private; 2855 void *rc; 2856 loff_t idxpos = *pos; 2857 2858 rc = neigh_get_idx(seq, &idxpos); 2859 if (!rc && !(state->flags & NEIGH_SEQ_NEIGH_ONLY)) 2860 rc = pneigh_get_idx(seq, &idxpos); 2861 2862 return rc; 2863 } 2864 2865 void *neigh_seq_start(struct seq_file *seq, loff_t *pos, struct neigh_table *tbl, unsigned int neigh_seq_flags) 2866 __acquires(rcu_bh) 2867 { 2868 struct neigh_seq_state *state = seq->private; 2869 2870 state->tbl = tbl; 2871 state->bucket = 0; 2872 state->flags = (neigh_seq_flags & ~NEIGH_SEQ_IS_PNEIGH); 2873 2874 rcu_read_lock_bh(); 2875 state->nht = rcu_dereference_bh(tbl->nht); 2876 2877 return *pos ? neigh_get_idx_any(seq, pos) : SEQ_START_TOKEN; 2878 } 2879 EXPORT_SYMBOL(neigh_seq_start); 2880 2881 void *neigh_seq_next(struct seq_file *seq, void *v, loff_t *pos) 2882 { 2883 struct neigh_seq_state *state; 2884 void *rc; 2885 2886 if (v == SEQ_START_TOKEN) { 2887 rc = neigh_get_first(seq); 2888 goto out; 2889 } 2890 2891 state = seq->private; 2892 if (!(state->flags & NEIGH_SEQ_IS_PNEIGH)) { 2893 rc = neigh_get_next(seq, v, NULL); 2894 if (rc) 2895 goto out; 2896 if (!(state->flags & NEIGH_SEQ_NEIGH_ONLY)) 2897 rc = pneigh_get_first(seq); 2898 } else { 2899 BUG_ON(state->flags & NEIGH_SEQ_NEIGH_ONLY); 2900 rc = pneigh_get_next(seq, v, NULL); 2901 } 2902 out: 2903 ++(*pos); 2904 return rc; 2905 } 2906 EXPORT_SYMBOL(neigh_seq_next); 2907 2908 void neigh_seq_stop(struct seq_file *seq, void *v) 2909 __releases(rcu_bh) 2910 { 2911 rcu_read_unlock_bh(); 2912 } 2913 EXPORT_SYMBOL(neigh_seq_stop); 2914 2915 /* statistics via seq_file */ 2916 2917 static void *neigh_stat_seq_start(struct seq_file *seq, loff_t *pos) 2918 { 2919 struct neigh_table *tbl = PDE_DATA(file_inode(seq->file)); 2920 int cpu; 2921 2922 if (*pos == 0) 2923 return SEQ_START_TOKEN; 2924 2925 for (cpu = *pos-1; cpu < nr_cpu_ids; ++cpu) { 2926 if (!cpu_possible(cpu)) 2927 continue; 2928 *pos = cpu+1; 2929 return per_cpu_ptr(tbl->stats, cpu); 2930 } 2931 return NULL; 2932 } 2933 2934 static void *neigh_stat_seq_next(struct seq_file *seq, void *v, loff_t *pos) 2935 { 2936 struct neigh_table *tbl = PDE_DATA(file_inode(seq->file)); 2937 int cpu; 2938 2939 for (cpu = *pos; cpu < nr_cpu_ids; ++cpu) { 2940 if (!cpu_possible(cpu)) 2941 continue; 2942 *pos = cpu+1; 2943 return per_cpu_ptr(tbl->stats, cpu); 2944 } 2945 return NULL; 2946 } 2947 2948 static void neigh_stat_seq_stop(struct seq_file *seq, void *v) 2949 { 2950 2951 } 2952 2953 static int neigh_stat_seq_show(struct seq_file *seq, void *v) 2954 { 2955 struct neigh_table *tbl = PDE_DATA(file_inode(seq->file)); 2956 struct neigh_statistics *st = v; 2957 2958 if (v == SEQ_START_TOKEN) { 2959 seq_printf(seq, "entries allocs destroys hash_grows lookups hits res_failed rcv_probes_mcast rcv_probes_ucast periodic_gc_runs forced_gc_runs unresolved_discards table_fulls\n"); 2960 return 0; 2961 } 2962 2963 seq_printf(seq, "%08x %08lx %08lx %08lx %08lx %08lx %08lx " 2964 "%08lx %08lx %08lx %08lx %08lx %08lx\n", 2965 atomic_read(&tbl->entries), 2966 2967 st->allocs, 2968 st->destroys, 2969 st->hash_grows, 2970 2971 st->lookups, 2972 st->hits, 2973 2974 st->res_failed, 2975 2976 st->rcv_probes_mcast, 2977 st->rcv_probes_ucast, 2978 2979 st->periodic_gc_runs, 2980 st->forced_gc_runs, 2981 st->unres_discards, 2982 st->table_fulls 2983 ); 2984 2985 return 0; 2986 } 2987 2988 static const struct seq_operations neigh_stat_seq_ops = { 2989 .start = neigh_stat_seq_start, 2990 .next = neigh_stat_seq_next, 2991 .stop = neigh_stat_seq_stop, 2992 .show = neigh_stat_seq_show, 2993 }; 2994 #endif /* CONFIG_PROC_FS */ 2995 2996 static inline size_t neigh_nlmsg_size(void) 2997 { 2998 return NLMSG_ALIGN(sizeof(struct ndmsg)) 2999 + nla_total_size(MAX_ADDR_LEN) /* NDA_DST */ 3000 + nla_total_size(MAX_ADDR_LEN) /* NDA_LLADDR */ 3001 + nla_total_size(sizeof(struct nda_cacheinfo)) 3002 + nla_total_size(4); /* NDA_PROBES */ 3003 } 3004 3005 static void __neigh_notify(struct neighbour *n, int type, int flags, 3006 u32 pid) 3007 { 3008 struct net *net = dev_net(n->dev); 3009 struct sk_buff *skb; 3010 int err = -ENOBUFS; 3011 3012 skb = nlmsg_new(neigh_nlmsg_size(), GFP_ATOMIC); 3013 if (skb == NULL) 3014 goto errout; 3015 3016 err = neigh_fill_info(skb, n, pid, 0, type, flags); 3017 if (err < 0) { 3018 /* -EMSGSIZE implies BUG in neigh_nlmsg_size() */ 3019 WARN_ON(err == -EMSGSIZE); 3020 kfree_skb(skb); 3021 goto errout; 3022 } 3023 rtnl_notify(skb, net, 0, RTNLGRP_NEIGH, NULL, GFP_ATOMIC); 3024 return; 3025 errout: 3026 if (err < 0) 3027 rtnl_set_sk_err(net, RTNLGRP_NEIGH, err); 3028 } 3029 3030 void neigh_app_ns(struct neighbour *n) 3031 { 3032 __neigh_notify(n, RTM_GETNEIGH, NLM_F_REQUEST, 0); 3033 } 3034 EXPORT_SYMBOL(neigh_app_ns); 3035 3036 #ifdef CONFIG_SYSCTL 3037 static int zero; 3038 static int int_max = INT_MAX; 3039 static int unres_qlen_max = INT_MAX / SKB_TRUESIZE(ETH_FRAME_LEN); 3040 3041 static int proc_unres_qlen(struct ctl_table *ctl, int write, 3042 void __user *buffer, size_t *lenp, loff_t *ppos) 3043 { 3044 int size, ret; 3045 struct ctl_table tmp = *ctl; 3046 3047 tmp.extra1 = &zero; 3048 tmp.extra2 = &unres_qlen_max; 3049 tmp.data = &size; 3050 3051 size = *(int *)ctl->data / SKB_TRUESIZE(ETH_FRAME_LEN); 3052 ret = proc_dointvec_minmax(&tmp, write, buffer, lenp, ppos); 3053 3054 if (write && !ret) 3055 *(int *)ctl->data = size * SKB_TRUESIZE(ETH_FRAME_LEN); 3056 return ret; 3057 } 3058 3059 static struct neigh_parms *neigh_get_dev_parms_rcu(struct net_device *dev, 3060 int family) 3061 { 3062 switch (family) { 3063 case AF_INET: 3064 return __in_dev_arp_parms_get_rcu(dev); 3065 case AF_INET6: 3066 return __in6_dev_nd_parms_get_rcu(dev); 3067 } 3068 return NULL; 3069 } 3070 3071 static void neigh_copy_dflt_parms(struct net *net, struct neigh_parms *p, 3072 int index) 3073 { 3074 struct net_device *dev; 3075 int family = neigh_parms_family(p); 3076 3077 rcu_read_lock(); 3078 for_each_netdev_rcu(net, dev) { 3079 struct neigh_parms *dst_p = 3080 neigh_get_dev_parms_rcu(dev, family); 3081 3082 if (dst_p && !test_bit(index, dst_p->data_state)) 3083 dst_p->data[index] = p->data[index]; 3084 } 3085 rcu_read_unlock(); 3086 } 3087 3088 static void neigh_proc_update(struct ctl_table *ctl, int write) 3089 { 3090 struct net_device *dev = ctl->extra1; 3091 struct neigh_parms *p = ctl->extra2; 3092 struct net *net = neigh_parms_net(p); 3093 int index = (int *) ctl->data - p->data; 3094 3095 if (!write) 3096 return; 3097 3098 set_bit(index, p->data_state); 3099 if (index == NEIGH_VAR_DELAY_PROBE_TIME) 3100 call_netevent_notifiers(NETEVENT_DELAY_PROBE_TIME_UPDATE, p); 3101 if (!dev) /* NULL dev means this is default value */ 3102 neigh_copy_dflt_parms(net, p, index); 3103 } 3104 3105 static int neigh_proc_dointvec_zero_intmax(struct ctl_table *ctl, int write, 3106 void __user *buffer, 3107 size_t *lenp, loff_t *ppos) 3108 { 3109 struct ctl_table tmp = *ctl; 3110 int ret; 3111 3112 tmp.extra1 = &zero; 3113 tmp.extra2 = &int_max; 3114 3115 ret = proc_dointvec_minmax(&tmp, write, buffer, lenp, ppos); 3116 neigh_proc_update(ctl, write); 3117 return ret; 3118 } 3119 3120 int neigh_proc_dointvec(struct ctl_table *ctl, int write, 3121 void __user *buffer, size_t *lenp, loff_t *ppos) 3122 { 3123 int ret = proc_dointvec(ctl, write, buffer, lenp, ppos); 3124 3125 neigh_proc_update(ctl, write); 3126 return ret; 3127 } 3128 EXPORT_SYMBOL(neigh_proc_dointvec); 3129 3130 int neigh_proc_dointvec_jiffies(struct ctl_table *ctl, int write, 3131 void __user *buffer, 3132 size_t *lenp, loff_t *ppos) 3133 { 3134 int ret = proc_dointvec_jiffies(ctl, write, buffer, lenp, ppos); 3135 3136 neigh_proc_update(ctl, write); 3137 return ret; 3138 } 3139 EXPORT_SYMBOL(neigh_proc_dointvec_jiffies); 3140 3141 static int neigh_proc_dointvec_userhz_jiffies(struct ctl_table *ctl, int write, 3142 void __user *buffer, 3143 size_t *lenp, loff_t *ppos) 3144 { 3145 int ret = proc_dointvec_userhz_jiffies(ctl, write, buffer, lenp, ppos); 3146 3147 neigh_proc_update(ctl, write); 3148 return ret; 3149 } 3150 3151 int neigh_proc_dointvec_ms_jiffies(struct ctl_table *ctl, int write, 3152 void __user *buffer, 3153 size_t *lenp, loff_t *ppos) 3154 { 3155 int ret = proc_dointvec_ms_jiffies(ctl, write, buffer, lenp, ppos); 3156 3157 neigh_proc_update(ctl, write); 3158 return ret; 3159 } 3160 EXPORT_SYMBOL(neigh_proc_dointvec_ms_jiffies); 3161 3162 static int neigh_proc_dointvec_unres_qlen(struct ctl_table *ctl, int write, 3163 void __user *buffer, 3164 size_t *lenp, loff_t *ppos) 3165 { 3166 int ret = proc_unres_qlen(ctl, write, buffer, lenp, ppos); 3167 3168 neigh_proc_update(ctl, write); 3169 return ret; 3170 } 3171 3172 static int neigh_proc_base_reachable_time(struct ctl_table *ctl, int write, 3173 void __user *buffer, 3174 size_t *lenp, loff_t *ppos) 3175 { 3176 struct neigh_parms *p = ctl->extra2; 3177 int ret; 3178 3179 if (strcmp(ctl->procname, "base_reachable_time") == 0) 3180 ret = neigh_proc_dointvec_jiffies(ctl, write, buffer, lenp, ppos); 3181 else if (strcmp(ctl->procname, "base_reachable_time_ms") == 0) 3182 ret = neigh_proc_dointvec_ms_jiffies(ctl, write, buffer, lenp, ppos); 3183 else 3184 ret = -1; 3185 3186 if (write && ret == 0) { 3187 /* update reachable_time as well, otherwise, the change will 3188 * only be effective after the next time neigh_periodic_work 3189 * decides to recompute it 3190 */ 3191 p->reachable_time = 3192 neigh_rand_reach_time(NEIGH_VAR(p, BASE_REACHABLE_TIME)); 3193 } 3194 return ret; 3195 } 3196 3197 #define NEIGH_PARMS_DATA_OFFSET(index) \ 3198 (&((struct neigh_parms *) 0)->data[index]) 3199 3200 #define NEIGH_SYSCTL_ENTRY(attr, data_attr, name, mval, proc) \ 3201 [NEIGH_VAR_ ## attr] = { \ 3202 .procname = name, \ 3203 .data = NEIGH_PARMS_DATA_OFFSET(NEIGH_VAR_ ## data_attr), \ 3204 .maxlen = sizeof(int), \ 3205 .mode = mval, \ 3206 .proc_handler = proc, \ 3207 } 3208 3209 #define NEIGH_SYSCTL_ZERO_INTMAX_ENTRY(attr, name) \ 3210 NEIGH_SYSCTL_ENTRY(attr, attr, name, 0644, neigh_proc_dointvec_zero_intmax) 3211 3212 #define NEIGH_SYSCTL_JIFFIES_ENTRY(attr, name) \ 3213 NEIGH_SYSCTL_ENTRY(attr, attr, name, 0644, neigh_proc_dointvec_jiffies) 3214 3215 #define NEIGH_SYSCTL_USERHZ_JIFFIES_ENTRY(attr, name) \ 3216 NEIGH_SYSCTL_ENTRY(attr, attr, name, 0644, neigh_proc_dointvec_userhz_jiffies) 3217 3218 #define NEIGH_SYSCTL_MS_JIFFIES_ENTRY(attr, name) \ 3219 NEIGH_SYSCTL_ENTRY(attr, attr, name, 0644, neigh_proc_dointvec_ms_jiffies) 3220 3221 #define NEIGH_SYSCTL_MS_JIFFIES_REUSED_ENTRY(attr, data_attr, name) \ 3222 NEIGH_SYSCTL_ENTRY(attr, data_attr, name, 0644, neigh_proc_dointvec_ms_jiffies) 3223 3224 #define NEIGH_SYSCTL_UNRES_QLEN_REUSED_ENTRY(attr, data_attr, name) \ 3225 NEIGH_SYSCTL_ENTRY(attr, data_attr, name, 0644, neigh_proc_dointvec_unres_qlen) 3226 3227 static struct neigh_sysctl_table { 3228 struct ctl_table_header *sysctl_header; 3229 struct ctl_table neigh_vars[NEIGH_VAR_MAX + 1]; 3230 } neigh_sysctl_template __read_mostly = { 3231 .neigh_vars = { 3232 NEIGH_SYSCTL_ZERO_INTMAX_ENTRY(MCAST_PROBES, "mcast_solicit"), 3233 NEIGH_SYSCTL_ZERO_INTMAX_ENTRY(UCAST_PROBES, "ucast_solicit"), 3234 NEIGH_SYSCTL_ZERO_INTMAX_ENTRY(APP_PROBES, "app_solicit"), 3235 NEIGH_SYSCTL_ZERO_INTMAX_ENTRY(MCAST_REPROBES, "mcast_resolicit"), 3236 NEIGH_SYSCTL_USERHZ_JIFFIES_ENTRY(RETRANS_TIME, "retrans_time"), 3237 NEIGH_SYSCTL_JIFFIES_ENTRY(BASE_REACHABLE_TIME, "base_reachable_time"), 3238 NEIGH_SYSCTL_JIFFIES_ENTRY(DELAY_PROBE_TIME, "delay_first_probe_time"), 3239 NEIGH_SYSCTL_JIFFIES_ENTRY(GC_STALETIME, "gc_stale_time"), 3240 NEIGH_SYSCTL_ZERO_INTMAX_ENTRY(QUEUE_LEN_BYTES, "unres_qlen_bytes"), 3241 NEIGH_SYSCTL_ZERO_INTMAX_ENTRY(PROXY_QLEN, "proxy_qlen"), 3242 NEIGH_SYSCTL_USERHZ_JIFFIES_ENTRY(ANYCAST_DELAY, "anycast_delay"), 3243 NEIGH_SYSCTL_USERHZ_JIFFIES_ENTRY(PROXY_DELAY, "proxy_delay"), 3244 NEIGH_SYSCTL_USERHZ_JIFFIES_ENTRY(LOCKTIME, "locktime"), 3245 NEIGH_SYSCTL_UNRES_QLEN_REUSED_ENTRY(QUEUE_LEN, QUEUE_LEN_BYTES, "unres_qlen"), 3246 NEIGH_SYSCTL_MS_JIFFIES_REUSED_ENTRY(RETRANS_TIME_MS, RETRANS_TIME, "retrans_time_ms"), 3247 NEIGH_SYSCTL_MS_JIFFIES_REUSED_ENTRY(BASE_REACHABLE_TIME_MS, BASE_REACHABLE_TIME, "base_reachable_time_ms"), 3248 [NEIGH_VAR_GC_INTERVAL] = { 3249 .procname = "gc_interval", 3250 .maxlen = sizeof(int), 3251 .mode = 0644, 3252 .proc_handler = proc_dointvec_jiffies, 3253 }, 3254 [NEIGH_VAR_GC_THRESH1] = { 3255 .procname = "gc_thresh1", 3256 .maxlen = sizeof(int), 3257 .mode = 0644, 3258 .extra1 = &zero, 3259 .extra2 = &int_max, 3260 .proc_handler = proc_dointvec_minmax, 3261 }, 3262 [NEIGH_VAR_GC_THRESH2] = { 3263 .procname = "gc_thresh2", 3264 .maxlen = sizeof(int), 3265 .mode = 0644, 3266 .extra1 = &zero, 3267 .extra2 = &int_max, 3268 .proc_handler = proc_dointvec_minmax, 3269 }, 3270 [NEIGH_VAR_GC_THRESH3] = { 3271 .procname = "gc_thresh3", 3272 .maxlen = sizeof(int), 3273 .mode = 0644, 3274 .extra1 = &zero, 3275 .extra2 = &int_max, 3276 .proc_handler = proc_dointvec_minmax, 3277 }, 3278 {}, 3279 }, 3280 }; 3281 3282 int neigh_sysctl_register(struct net_device *dev, struct neigh_parms *p, 3283 proc_handler *handler) 3284 { 3285 int i; 3286 struct neigh_sysctl_table *t; 3287 const char *dev_name_source; 3288 char neigh_path[ sizeof("net//neigh/") + IFNAMSIZ + IFNAMSIZ ]; 3289 char *p_name; 3290 3291 t = kmemdup(&neigh_sysctl_template, sizeof(*t), GFP_KERNEL); 3292 if (!t) 3293 goto err; 3294 3295 for (i = 0; i < NEIGH_VAR_GC_INTERVAL; i++) { 3296 t->neigh_vars[i].data += (long) p; 3297 t->neigh_vars[i].extra1 = dev; 3298 t->neigh_vars[i].extra2 = p; 3299 } 3300 3301 if (dev) { 3302 dev_name_source = dev->name; 3303 /* Terminate the table early */ 3304 memset(&t->neigh_vars[NEIGH_VAR_GC_INTERVAL], 0, 3305 sizeof(t->neigh_vars[NEIGH_VAR_GC_INTERVAL])); 3306 } else { 3307 struct neigh_table *tbl = p->tbl; 3308 dev_name_source = "default"; 3309 t->neigh_vars[NEIGH_VAR_GC_INTERVAL].data = &tbl->gc_interval; 3310 t->neigh_vars[NEIGH_VAR_GC_THRESH1].data = &tbl->gc_thresh1; 3311 t->neigh_vars[NEIGH_VAR_GC_THRESH2].data = &tbl->gc_thresh2; 3312 t->neigh_vars[NEIGH_VAR_GC_THRESH3].data = &tbl->gc_thresh3; 3313 } 3314 3315 if (handler) { 3316 /* RetransTime */ 3317 t->neigh_vars[NEIGH_VAR_RETRANS_TIME].proc_handler = handler; 3318 /* ReachableTime */ 3319 t->neigh_vars[NEIGH_VAR_BASE_REACHABLE_TIME].proc_handler = handler; 3320 /* RetransTime (in milliseconds)*/ 3321 t->neigh_vars[NEIGH_VAR_RETRANS_TIME_MS].proc_handler = handler; 3322 /* ReachableTime (in milliseconds) */ 3323 t->neigh_vars[NEIGH_VAR_BASE_REACHABLE_TIME_MS].proc_handler = handler; 3324 } else { 3325 /* Those handlers will update p->reachable_time after 3326 * base_reachable_time(_ms) is set to ensure the new timer starts being 3327 * applied after the next neighbour update instead of waiting for 3328 * neigh_periodic_work to update its value (can be multiple minutes) 3329 * So any handler that replaces them should do this as well 3330 */ 3331 /* ReachableTime */ 3332 t->neigh_vars[NEIGH_VAR_BASE_REACHABLE_TIME].proc_handler = 3333 neigh_proc_base_reachable_time; 3334 /* ReachableTime (in milliseconds) */ 3335 t->neigh_vars[NEIGH_VAR_BASE_REACHABLE_TIME_MS].proc_handler = 3336 neigh_proc_base_reachable_time; 3337 } 3338 3339 /* Don't export sysctls to unprivileged users */ 3340 if (neigh_parms_net(p)->user_ns != &init_user_ns) 3341 t->neigh_vars[0].procname = NULL; 3342 3343 switch (neigh_parms_family(p)) { 3344 case AF_INET: 3345 p_name = "ipv4"; 3346 break; 3347 case AF_INET6: 3348 p_name = "ipv6"; 3349 break; 3350 default: 3351 BUG(); 3352 } 3353 3354 snprintf(neigh_path, sizeof(neigh_path), "net/%s/neigh/%s", 3355 p_name, dev_name_source); 3356 t->sysctl_header = 3357 register_net_sysctl(neigh_parms_net(p), neigh_path, t->neigh_vars); 3358 if (!t->sysctl_header) 3359 goto free; 3360 3361 p->sysctl_table = t; 3362 return 0; 3363 3364 free: 3365 kfree(t); 3366 err: 3367 return -ENOBUFS; 3368 } 3369 EXPORT_SYMBOL(neigh_sysctl_register); 3370 3371 void neigh_sysctl_unregister(struct neigh_parms *p) 3372 { 3373 if (p->sysctl_table) { 3374 struct neigh_sysctl_table *t = p->sysctl_table; 3375 p->sysctl_table = NULL; 3376 unregister_net_sysctl_table(t->sysctl_header); 3377 kfree(t); 3378 } 3379 } 3380 EXPORT_SYMBOL(neigh_sysctl_unregister); 3381 3382 #endif /* CONFIG_SYSCTL */ 3383 3384 static int __init neigh_init(void) 3385 { 3386 rtnl_register(PF_UNSPEC, RTM_NEWNEIGH, neigh_add, NULL, 0); 3387 rtnl_register(PF_UNSPEC, RTM_DELNEIGH, neigh_delete, NULL, 0); 3388 rtnl_register(PF_UNSPEC, RTM_GETNEIGH, NULL, neigh_dump_info, 0); 3389 3390 rtnl_register(PF_UNSPEC, RTM_GETNEIGHTBL, NULL, neightbl_dump_info, 3391 0); 3392 rtnl_register(PF_UNSPEC, RTM_SETNEIGHTBL, neightbl_set, NULL, 0); 3393 3394 return 0; 3395 } 3396 3397 subsys_initcall(neigh_init); 3398