1 /* 2 * Generic address resolution entity 3 * 4 * Authors: 5 * Pedro Roque <roque@di.fc.ul.pt> 6 * Alexey Kuznetsov <kuznet@ms2.inr.ac.ru> 7 * 8 * This program is free software; you can redistribute it and/or 9 * modify it under the terms of the GNU General Public License 10 * as published by the Free Software Foundation; either version 11 * 2 of the License, or (at your option) any later version. 12 * 13 * Fixes: 14 * Vitaly E. Lavrov releasing NULL neighbor in neigh_add. 15 * Harald Welte Add neighbour cache statistics like rtstat 16 */ 17 18 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 19 20 #include <linux/slab.h> 21 #include <linux/types.h> 22 #include <linux/kernel.h> 23 #include <linux/module.h> 24 #include <linux/socket.h> 25 #include <linux/netdevice.h> 26 #include <linux/proc_fs.h> 27 #ifdef CONFIG_SYSCTL 28 #include <linux/sysctl.h> 29 #endif 30 #include <linux/times.h> 31 #include <net/net_namespace.h> 32 #include <net/neighbour.h> 33 #include <net/dst.h> 34 #include <net/sock.h> 35 #include <net/netevent.h> 36 #include <net/netlink.h> 37 #include <linux/rtnetlink.h> 38 #include <linux/random.h> 39 #include <linux/string.h> 40 #include <linux/log2.h> 41 #include <linux/inetdevice.h> 42 #include <net/addrconf.h> 43 44 #define DEBUG 45 #define NEIGH_DEBUG 1 46 #define neigh_dbg(level, fmt, ...) \ 47 do { \ 48 if (level <= NEIGH_DEBUG) \ 49 pr_debug(fmt, ##__VA_ARGS__); \ 50 } while (0) 51 52 #define PNEIGH_HASHMASK 0xF 53 54 static void neigh_timer_handler(unsigned long arg); 55 static void __neigh_notify(struct neighbour *n, int type, int flags); 56 static void neigh_update_notify(struct neighbour *neigh); 57 static int pneigh_ifdown(struct neigh_table *tbl, struct net_device *dev); 58 59 #ifdef CONFIG_PROC_FS 60 static const struct file_operations neigh_stat_seq_fops; 61 #endif 62 63 /* 64 Neighbour hash table buckets are protected with rwlock tbl->lock. 65 66 - All the scans/updates to hash buckets MUST be made under this lock. 67 - NOTHING clever should be made under this lock: no callbacks 68 to protocol backends, no attempts to send something to network. 69 It will result in deadlocks, if backend/driver wants to use neighbour 70 cache. 71 - If the entry requires some non-trivial actions, increase 72 its reference count and release table lock. 73 74 Neighbour entries are protected: 75 - with reference count. 76 - with rwlock neigh->lock 77 78 Reference count prevents destruction. 79 80 neigh->lock mainly serializes ll address data and its validity state. 81 However, the same lock is used to protect another entry fields: 82 - timer 83 - resolution queue 84 85 Again, nothing clever shall be made under neigh->lock, 86 the most complicated procedure, which we allow is dev->hard_header. 87 It is supposed, that dev->hard_header is simplistic and does 88 not make callbacks to neighbour tables. 89 */ 90 91 static int neigh_blackhole(struct neighbour *neigh, struct sk_buff *skb) 92 { 93 kfree_skb(skb); 94 return -ENETDOWN; 95 } 96 97 static void neigh_cleanup_and_release(struct neighbour *neigh) 98 { 99 if (neigh->parms->neigh_cleanup) 100 neigh->parms->neigh_cleanup(neigh); 101 102 __neigh_notify(neigh, RTM_DELNEIGH, 0); 103 neigh_release(neigh); 104 } 105 106 /* 107 * It is random distribution in the interval (1/2)*base...(3/2)*base. 108 * It corresponds to default IPv6 settings and is not overridable, 109 * because it is really reasonable choice. 110 */ 111 112 unsigned long neigh_rand_reach_time(unsigned long base) 113 { 114 return base ? (prandom_u32() % base) + (base >> 1) : 0; 115 } 116 EXPORT_SYMBOL(neigh_rand_reach_time); 117 118 119 static int neigh_forced_gc(struct neigh_table *tbl) 120 { 121 int shrunk = 0; 122 int i; 123 struct neigh_hash_table *nht; 124 125 NEIGH_CACHE_STAT_INC(tbl, forced_gc_runs); 126 127 write_lock_bh(&tbl->lock); 128 nht = rcu_dereference_protected(tbl->nht, 129 lockdep_is_held(&tbl->lock)); 130 for (i = 0; i < (1 << nht->hash_shift); i++) { 131 struct neighbour *n; 132 struct neighbour __rcu **np; 133 134 np = &nht->hash_buckets[i]; 135 while ((n = rcu_dereference_protected(*np, 136 lockdep_is_held(&tbl->lock))) != NULL) { 137 /* Neighbour record may be discarded if: 138 * - nobody refers to it. 139 * - it is not permanent 140 */ 141 write_lock(&n->lock); 142 if (atomic_read(&n->refcnt) == 1 && 143 !(n->nud_state & NUD_PERMANENT)) { 144 rcu_assign_pointer(*np, 145 rcu_dereference_protected(n->next, 146 lockdep_is_held(&tbl->lock))); 147 n->dead = 1; 148 shrunk = 1; 149 write_unlock(&n->lock); 150 neigh_cleanup_and_release(n); 151 continue; 152 } 153 write_unlock(&n->lock); 154 np = &n->next; 155 } 156 } 157 158 tbl->last_flush = jiffies; 159 160 write_unlock_bh(&tbl->lock); 161 162 return shrunk; 163 } 164 165 static void neigh_add_timer(struct neighbour *n, unsigned long when) 166 { 167 neigh_hold(n); 168 if (unlikely(mod_timer(&n->timer, when))) { 169 printk("NEIGH: BUG, double timer add, state is %x\n", 170 n->nud_state); 171 dump_stack(); 172 } 173 } 174 175 static int neigh_del_timer(struct neighbour *n) 176 { 177 if ((n->nud_state & NUD_IN_TIMER) && 178 del_timer(&n->timer)) { 179 neigh_release(n); 180 return 1; 181 } 182 return 0; 183 } 184 185 static void pneigh_queue_purge(struct sk_buff_head *list) 186 { 187 struct sk_buff *skb; 188 189 while ((skb = skb_dequeue(list)) != NULL) { 190 dev_put(skb->dev); 191 kfree_skb(skb); 192 } 193 } 194 195 static void neigh_flush_dev(struct neigh_table *tbl, struct net_device *dev) 196 { 197 int i; 198 struct neigh_hash_table *nht; 199 200 nht = rcu_dereference_protected(tbl->nht, 201 lockdep_is_held(&tbl->lock)); 202 203 for (i = 0; i < (1 << nht->hash_shift); i++) { 204 struct neighbour *n; 205 struct neighbour __rcu **np = &nht->hash_buckets[i]; 206 207 while ((n = rcu_dereference_protected(*np, 208 lockdep_is_held(&tbl->lock))) != NULL) { 209 if (dev && n->dev != dev) { 210 np = &n->next; 211 continue; 212 } 213 rcu_assign_pointer(*np, 214 rcu_dereference_protected(n->next, 215 lockdep_is_held(&tbl->lock))); 216 write_lock(&n->lock); 217 neigh_del_timer(n); 218 n->dead = 1; 219 220 if (atomic_read(&n->refcnt) != 1) { 221 /* The most unpleasant situation. 222 We must destroy neighbour entry, 223 but someone still uses it. 224 225 The destroy will be delayed until 226 the last user releases us, but 227 we must kill timers etc. and move 228 it to safe state. 229 */ 230 __skb_queue_purge(&n->arp_queue); 231 n->arp_queue_len_bytes = 0; 232 n->output = neigh_blackhole; 233 if (n->nud_state & NUD_VALID) 234 n->nud_state = NUD_NOARP; 235 else 236 n->nud_state = NUD_NONE; 237 neigh_dbg(2, "neigh %p is stray\n", n); 238 } 239 write_unlock(&n->lock); 240 neigh_cleanup_and_release(n); 241 } 242 } 243 } 244 245 void neigh_changeaddr(struct neigh_table *tbl, struct net_device *dev) 246 { 247 write_lock_bh(&tbl->lock); 248 neigh_flush_dev(tbl, dev); 249 write_unlock_bh(&tbl->lock); 250 } 251 EXPORT_SYMBOL(neigh_changeaddr); 252 253 int neigh_ifdown(struct neigh_table *tbl, struct net_device *dev) 254 { 255 write_lock_bh(&tbl->lock); 256 neigh_flush_dev(tbl, dev); 257 pneigh_ifdown(tbl, dev); 258 write_unlock_bh(&tbl->lock); 259 260 del_timer_sync(&tbl->proxy_timer); 261 pneigh_queue_purge(&tbl->proxy_queue); 262 return 0; 263 } 264 EXPORT_SYMBOL(neigh_ifdown); 265 266 static struct neighbour *neigh_alloc(struct neigh_table *tbl, struct net_device *dev) 267 { 268 struct neighbour *n = NULL; 269 unsigned long now = jiffies; 270 int entries; 271 272 entries = atomic_inc_return(&tbl->entries) - 1; 273 if (entries >= tbl->gc_thresh3 || 274 (entries >= tbl->gc_thresh2 && 275 time_after(now, tbl->last_flush + 5 * HZ))) { 276 if (!neigh_forced_gc(tbl) && 277 entries >= tbl->gc_thresh3) 278 goto out_entries; 279 } 280 281 n = kzalloc(tbl->entry_size + dev->neigh_priv_len, GFP_ATOMIC); 282 if (!n) 283 goto out_entries; 284 285 __skb_queue_head_init(&n->arp_queue); 286 rwlock_init(&n->lock); 287 seqlock_init(&n->ha_lock); 288 n->updated = n->used = now; 289 n->nud_state = NUD_NONE; 290 n->output = neigh_blackhole; 291 seqlock_init(&n->hh.hh_lock); 292 n->parms = neigh_parms_clone(&tbl->parms); 293 setup_timer(&n->timer, neigh_timer_handler, (unsigned long)n); 294 295 NEIGH_CACHE_STAT_INC(tbl, allocs); 296 n->tbl = tbl; 297 atomic_set(&n->refcnt, 1); 298 n->dead = 1; 299 out: 300 return n; 301 302 out_entries: 303 atomic_dec(&tbl->entries); 304 goto out; 305 } 306 307 static void neigh_get_hash_rnd(u32 *x) 308 { 309 get_random_bytes(x, sizeof(*x)); 310 *x |= 1; 311 } 312 313 static struct neigh_hash_table *neigh_hash_alloc(unsigned int shift) 314 { 315 size_t size = (1 << shift) * sizeof(struct neighbour *); 316 struct neigh_hash_table *ret; 317 struct neighbour __rcu **buckets; 318 int i; 319 320 ret = kmalloc(sizeof(*ret), GFP_ATOMIC); 321 if (!ret) 322 return NULL; 323 if (size <= PAGE_SIZE) 324 buckets = kzalloc(size, GFP_ATOMIC); 325 else 326 buckets = (struct neighbour __rcu **) 327 __get_free_pages(GFP_ATOMIC | __GFP_ZERO, 328 get_order(size)); 329 if (!buckets) { 330 kfree(ret); 331 return NULL; 332 } 333 ret->hash_buckets = buckets; 334 ret->hash_shift = shift; 335 for (i = 0; i < NEIGH_NUM_HASH_RND; i++) 336 neigh_get_hash_rnd(&ret->hash_rnd[i]); 337 return ret; 338 } 339 340 static void neigh_hash_free_rcu(struct rcu_head *head) 341 { 342 struct neigh_hash_table *nht = container_of(head, 343 struct neigh_hash_table, 344 rcu); 345 size_t size = (1 << nht->hash_shift) * sizeof(struct neighbour *); 346 struct neighbour __rcu **buckets = nht->hash_buckets; 347 348 if (size <= PAGE_SIZE) 349 kfree(buckets); 350 else 351 free_pages((unsigned long)buckets, get_order(size)); 352 kfree(nht); 353 } 354 355 static struct neigh_hash_table *neigh_hash_grow(struct neigh_table *tbl, 356 unsigned long new_shift) 357 { 358 unsigned int i, hash; 359 struct neigh_hash_table *new_nht, *old_nht; 360 361 NEIGH_CACHE_STAT_INC(tbl, hash_grows); 362 363 old_nht = rcu_dereference_protected(tbl->nht, 364 lockdep_is_held(&tbl->lock)); 365 new_nht = neigh_hash_alloc(new_shift); 366 if (!new_nht) 367 return old_nht; 368 369 for (i = 0; i < (1 << old_nht->hash_shift); i++) { 370 struct neighbour *n, *next; 371 372 for (n = rcu_dereference_protected(old_nht->hash_buckets[i], 373 lockdep_is_held(&tbl->lock)); 374 n != NULL; 375 n = next) { 376 hash = tbl->hash(n->primary_key, n->dev, 377 new_nht->hash_rnd); 378 379 hash >>= (32 - new_nht->hash_shift); 380 next = rcu_dereference_protected(n->next, 381 lockdep_is_held(&tbl->lock)); 382 383 rcu_assign_pointer(n->next, 384 rcu_dereference_protected( 385 new_nht->hash_buckets[hash], 386 lockdep_is_held(&tbl->lock))); 387 rcu_assign_pointer(new_nht->hash_buckets[hash], n); 388 } 389 } 390 391 rcu_assign_pointer(tbl->nht, new_nht); 392 call_rcu(&old_nht->rcu, neigh_hash_free_rcu); 393 return new_nht; 394 } 395 396 struct neighbour *neigh_lookup(struct neigh_table *tbl, const void *pkey, 397 struct net_device *dev) 398 { 399 struct neighbour *n; 400 401 NEIGH_CACHE_STAT_INC(tbl, lookups); 402 403 rcu_read_lock_bh(); 404 n = __neigh_lookup_noref(tbl, pkey, dev); 405 if (n) { 406 if (!atomic_inc_not_zero(&n->refcnt)) 407 n = NULL; 408 NEIGH_CACHE_STAT_INC(tbl, hits); 409 } 410 411 rcu_read_unlock_bh(); 412 return n; 413 } 414 EXPORT_SYMBOL(neigh_lookup); 415 416 struct neighbour *neigh_lookup_nodev(struct neigh_table *tbl, struct net *net, 417 const void *pkey) 418 { 419 struct neighbour *n; 420 int key_len = tbl->key_len; 421 u32 hash_val; 422 struct neigh_hash_table *nht; 423 424 NEIGH_CACHE_STAT_INC(tbl, lookups); 425 426 rcu_read_lock_bh(); 427 nht = rcu_dereference_bh(tbl->nht); 428 hash_val = tbl->hash(pkey, NULL, nht->hash_rnd) >> (32 - nht->hash_shift); 429 430 for (n = rcu_dereference_bh(nht->hash_buckets[hash_val]); 431 n != NULL; 432 n = rcu_dereference_bh(n->next)) { 433 if (!memcmp(n->primary_key, pkey, key_len) && 434 net_eq(dev_net(n->dev), net)) { 435 if (!atomic_inc_not_zero(&n->refcnt)) 436 n = NULL; 437 NEIGH_CACHE_STAT_INC(tbl, hits); 438 break; 439 } 440 } 441 442 rcu_read_unlock_bh(); 443 return n; 444 } 445 EXPORT_SYMBOL(neigh_lookup_nodev); 446 447 struct neighbour *__neigh_create(struct neigh_table *tbl, const void *pkey, 448 struct net_device *dev, bool want_ref) 449 { 450 u32 hash_val; 451 int key_len = tbl->key_len; 452 int error; 453 struct neighbour *n1, *rc, *n = neigh_alloc(tbl, dev); 454 struct neigh_hash_table *nht; 455 456 if (!n) { 457 rc = ERR_PTR(-ENOBUFS); 458 goto out; 459 } 460 461 memcpy(n->primary_key, pkey, key_len); 462 n->dev = dev; 463 dev_hold(dev); 464 465 /* Protocol specific setup. */ 466 if (tbl->constructor && (error = tbl->constructor(n)) < 0) { 467 rc = ERR_PTR(error); 468 goto out_neigh_release; 469 } 470 471 if (dev->netdev_ops->ndo_neigh_construct) { 472 error = dev->netdev_ops->ndo_neigh_construct(n); 473 if (error < 0) { 474 rc = ERR_PTR(error); 475 goto out_neigh_release; 476 } 477 } 478 479 /* Device specific setup. */ 480 if (n->parms->neigh_setup && 481 (error = n->parms->neigh_setup(n)) < 0) { 482 rc = ERR_PTR(error); 483 goto out_neigh_release; 484 } 485 486 n->confirmed = jiffies - (NEIGH_VAR(n->parms, BASE_REACHABLE_TIME) << 1); 487 488 write_lock_bh(&tbl->lock); 489 nht = rcu_dereference_protected(tbl->nht, 490 lockdep_is_held(&tbl->lock)); 491 492 if (atomic_read(&tbl->entries) > (1 << nht->hash_shift)) 493 nht = neigh_hash_grow(tbl, nht->hash_shift + 1); 494 495 hash_val = tbl->hash(pkey, dev, nht->hash_rnd) >> (32 - nht->hash_shift); 496 497 if (n->parms->dead) { 498 rc = ERR_PTR(-EINVAL); 499 goto out_tbl_unlock; 500 } 501 502 for (n1 = rcu_dereference_protected(nht->hash_buckets[hash_val], 503 lockdep_is_held(&tbl->lock)); 504 n1 != NULL; 505 n1 = rcu_dereference_protected(n1->next, 506 lockdep_is_held(&tbl->lock))) { 507 if (dev == n1->dev && !memcmp(n1->primary_key, pkey, key_len)) { 508 if (want_ref) 509 neigh_hold(n1); 510 rc = n1; 511 goto out_tbl_unlock; 512 } 513 } 514 515 n->dead = 0; 516 if (want_ref) 517 neigh_hold(n); 518 rcu_assign_pointer(n->next, 519 rcu_dereference_protected(nht->hash_buckets[hash_val], 520 lockdep_is_held(&tbl->lock))); 521 rcu_assign_pointer(nht->hash_buckets[hash_val], n); 522 write_unlock_bh(&tbl->lock); 523 neigh_dbg(2, "neigh %p is created\n", n); 524 rc = n; 525 out: 526 return rc; 527 out_tbl_unlock: 528 write_unlock_bh(&tbl->lock); 529 out_neigh_release: 530 neigh_release(n); 531 goto out; 532 } 533 EXPORT_SYMBOL(__neigh_create); 534 535 static u32 pneigh_hash(const void *pkey, int key_len) 536 { 537 u32 hash_val = *(u32 *)(pkey + key_len - 4); 538 hash_val ^= (hash_val >> 16); 539 hash_val ^= hash_val >> 8; 540 hash_val ^= hash_val >> 4; 541 hash_val &= PNEIGH_HASHMASK; 542 return hash_val; 543 } 544 545 static struct pneigh_entry *__pneigh_lookup_1(struct pneigh_entry *n, 546 struct net *net, 547 const void *pkey, 548 int key_len, 549 struct net_device *dev) 550 { 551 while (n) { 552 if (!memcmp(n->key, pkey, key_len) && 553 net_eq(pneigh_net(n), net) && 554 (n->dev == dev || !n->dev)) 555 return n; 556 n = n->next; 557 } 558 return NULL; 559 } 560 561 struct pneigh_entry *__pneigh_lookup(struct neigh_table *tbl, 562 struct net *net, const void *pkey, struct net_device *dev) 563 { 564 int key_len = tbl->key_len; 565 u32 hash_val = pneigh_hash(pkey, key_len); 566 567 return __pneigh_lookup_1(tbl->phash_buckets[hash_val], 568 net, pkey, key_len, dev); 569 } 570 EXPORT_SYMBOL_GPL(__pneigh_lookup); 571 572 struct pneigh_entry * pneigh_lookup(struct neigh_table *tbl, 573 struct net *net, const void *pkey, 574 struct net_device *dev, int creat) 575 { 576 struct pneigh_entry *n; 577 int key_len = tbl->key_len; 578 u32 hash_val = pneigh_hash(pkey, key_len); 579 580 read_lock_bh(&tbl->lock); 581 n = __pneigh_lookup_1(tbl->phash_buckets[hash_val], 582 net, pkey, key_len, dev); 583 read_unlock_bh(&tbl->lock); 584 585 if (n || !creat) 586 goto out; 587 588 ASSERT_RTNL(); 589 590 n = kmalloc(sizeof(*n) + key_len, GFP_KERNEL); 591 if (!n) 592 goto out; 593 594 write_pnet(&n->net, net); 595 memcpy(n->key, pkey, key_len); 596 n->dev = dev; 597 if (dev) 598 dev_hold(dev); 599 600 if (tbl->pconstructor && tbl->pconstructor(n)) { 601 if (dev) 602 dev_put(dev); 603 kfree(n); 604 n = NULL; 605 goto out; 606 } 607 608 write_lock_bh(&tbl->lock); 609 n->next = tbl->phash_buckets[hash_val]; 610 tbl->phash_buckets[hash_val] = n; 611 write_unlock_bh(&tbl->lock); 612 out: 613 return n; 614 } 615 EXPORT_SYMBOL(pneigh_lookup); 616 617 618 int pneigh_delete(struct neigh_table *tbl, struct net *net, const void *pkey, 619 struct net_device *dev) 620 { 621 struct pneigh_entry *n, **np; 622 int key_len = tbl->key_len; 623 u32 hash_val = pneigh_hash(pkey, key_len); 624 625 write_lock_bh(&tbl->lock); 626 for (np = &tbl->phash_buckets[hash_val]; (n = *np) != NULL; 627 np = &n->next) { 628 if (!memcmp(n->key, pkey, key_len) && n->dev == dev && 629 net_eq(pneigh_net(n), net)) { 630 *np = n->next; 631 write_unlock_bh(&tbl->lock); 632 if (tbl->pdestructor) 633 tbl->pdestructor(n); 634 if (n->dev) 635 dev_put(n->dev); 636 kfree(n); 637 return 0; 638 } 639 } 640 write_unlock_bh(&tbl->lock); 641 return -ENOENT; 642 } 643 644 static int pneigh_ifdown(struct neigh_table *tbl, struct net_device *dev) 645 { 646 struct pneigh_entry *n, **np; 647 u32 h; 648 649 for (h = 0; h <= PNEIGH_HASHMASK; h++) { 650 np = &tbl->phash_buckets[h]; 651 while ((n = *np) != NULL) { 652 if (!dev || n->dev == dev) { 653 *np = n->next; 654 if (tbl->pdestructor) 655 tbl->pdestructor(n); 656 if (n->dev) 657 dev_put(n->dev); 658 kfree(n); 659 continue; 660 } 661 np = &n->next; 662 } 663 } 664 return -ENOENT; 665 } 666 667 static void neigh_parms_destroy(struct neigh_parms *parms); 668 669 static inline void neigh_parms_put(struct neigh_parms *parms) 670 { 671 if (atomic_dec_and_test(&parms->refcnt)) 672 neigh_parms_destroy(parms); 673 } 674 675 /* 676 * neighbour must already be out of the table; 677 * 678 */ 679 void neigh_destroy(struct neighbour *neigh) 680 { 681 struct net_device *dev = neigh->dev; 682 683 NEIGH_CACHE_STAT_INC(neigh->tbl, destroys); 684 685 if (!neigh->dead) { 686 pr_warn("Destroying alive neighbour %p\n", neigh); 687 dump_stack(); 688 return; 689 } 690 691 if (neigh_del_timer(neigh)) 692 pr_warn("Impossible event\n"); 693 694 write_lock_bh(&neigh->lock); 695 __skb_queue_purge(&neigh->arp_queue); 696 write_unlock_bh(&neigh->lock); 697 neigh->arp_queue_len_bytes = 0; 698 699 if (dev->netdev_ops->ndo_neigh_destroy) 700 dev->netdev_ops->ndo_neigh_destroy(neigh); 701 702 dev_put(dev); 703 neigh_parms_put(neigh->parms); 704 705 neigh_dbg(2, "neigh %p is destroyed\n", neigh); 706 707 atomic_dec(&neigh->tbl->entries); 708 kfree_rcu(neigh, rcu); 709 } 710 EXPORT_SYMBOL(neigh_destroy); 711 712 /* Neighbour state is suspicious; 713 disable fast path. 714 715 Called with write_locked neigh. 716 */ 717 static void neigh_suspect(struct neighbour *neigh) 718 { 719 neigh_dbg(2, "neigh %p is suspected\n", neigh); 720 721 neigh->output = neigh->ops->output; 722 } 723 724 /* Neighbour state is OK; 725 enable fast path. 726 727 Called with write_locked neigh. 728 */ 729 static void neigh_connect(struct neighbour *neigh) 730 { 731 neigh_dbg(2, "neigh %p is connected\n", neigh); 732 733 neigh->output = neigh->ops->connected_output; 734 } 735 736 static void neigh_periodic_work(struct work_struct *work) 737 { 738 struct neigh_table *tbl = container_of(work, struct neigh_table, gc_work.work); 739 struct neighbour *n; 740 struct neighbour __rcu **np; 741 unsigned int i; 742 struct neigh_hash_table *nht; 743 744 NEIGH_CACHE_STAT_INC(tbl, periodic_gc_runs); 745 746 write_lock_bh(&tbl->lock); 747 nht = rcu_dereference_protected(tbl->nht, 748 lockdep_is_held(&tbl->lock)); 749 750 /* 751 * periodically recompute ReachableTime from random function 752 */ 753 754 if (time_after(jiffies, tbl->last_rand + 300 * HZ)) { 755 struct neigh_parms *p; 756 tbl->last_rand = jiffies; 757 list_for_each_entry(p, &tbl->parms_list, list) 758 p->reachable_time = 759 neigh_rand_reach_time(NEIGH_VAR(p, BASE_REACHABLE_TIME)); 760 } 761 762 if (atomic_read(&tbl->entries) < tbl->gc_thresh1) 763 goto out; 764 765 for (i = 0 ; i < (1 << nht->hash_shift); i++) { 766 np = &nht->hash_buckets[i]; 767 768 while ((n = rcu_dereference_protected(*np, 769 lockdep_is_held(&tbl->lock))) != NULL) { 770 unsigned int state; 771 772 write_lock(&n->lock); 773 774 state = n->nud_state; 775 if (state & (NUD_PERMANENT | NUD_IN_TIMER)) { 776 write_unlock(&n->lock); 777 goto next_elt; 778 } 779 780 if (time_before(n->used, n->confirmed)) 781 n->used = n->confirmed; 782 783 if (atomic_read(&n->refcnt) == 1 && 784 (state == NUD_FAILED || 785 time_after(jiffies, n->used + NEIGH_VAR(n->parms, GC_STALETIME)))) { 786 *np = n->next; 787 n->dead = 1; 788 write_unlock(&n->lock); 789 neigh_cleanup_and_release(n); 790 continue; 791 } 792 write_unlock(&n->lock); 793 794 next_elt: 795 np = &n->next; 796 } 797 /* 798 * It's fine to release lock here, even if hash table 799 * grows while we are preempted. 800 */ 801 write_unlock_bh(&tbl->lock); 802 cond_resched(); 803 write_lock_bh(&tbl->lock); 804 nht = rcu_dereference_protected(tbl->nht, 805 lockdep_is_held(&tbl->lock)); 806 } 807 out: 808 /* Cycle through all hash buckets every BASE_REACHABLE_TIME/2 ticks. 809 * ARP entry timeouts range from 1/2 BASE_REACHABLE_TIME to 3/2 810 * BASE_REACHABLE_TIME. 811 */ 812 queue_delayed_work(system_power_efficient_wq, &tbl->gc_work, 813 NEIGH_VAR(&tbl->parms, BASE_REACHABLE_TIME) >> 1); 814 write_unlock_bh(&tbl->lock); 815 } 816 817 static __inline__ int neigh_max_probes(struct neighbour *n) 818 { 819 struct neigh_parms *p = n->parms; 820 return NEIGH_VAR(p, UCAST_PROBES) + NEIGH_VAR(p, APP_PROBES) + 821 (n->nud_state & NUD_PROBE ? NEIGH_VAR(p, MCAST_REPROBES) : 822 NEIGH_VAR(p, MCAST_PROBES)); 823 } 824 825 static void neigh_invalidate(struct neighbour *neigh) 826 __releases(neigh->lock) 827 __acquires(neigh->lock) 828 { 829 struct sk_buff *skb; 830 831 NEIGH_CACHE_STAT_INC(neigh->tbl, res_failed); 832 neigh_dbg(2, "neigh %p is failed\n", neigh); 833 neigh->updated = jiffies; 834 835 /* It is very thin place. report_unreachable is very complicated 836 routine. Particularly, it can hit the same neighbour entry! 837 838 So that, we try to be accurate and avoid dead loop. --ANK 839 */ 840 while (neigh->nud_state == NUD_FAILED && 841 (skb = __skb_dequeue(&neigh->arp_queue)) != NULL) { 842 write_unlock(&neigh->lock); 843 neigh->ops->error_report(neigh, skb); 844 write_lock(&neigh->lock); 845 } 846 __skb_queue_purge(&neigh->arp_queue); 847 neigh->arp_queue_len_bytes = 0; 848 } 849 850 static void neigh_probe(struct neighbour *neigh) 851 __releases(neigh->lock) 852 { 853 struct sk_buff *skb = skb_peek_tail(&neigh->arp_queue); 854 /* keep skb alive even if arp_queue overflows */ 855 if (skb) 856 skb = skb_copy(skb, GFP_ATOMIC); 857 write_unlock(&neigh->lock); 858 neigh->ops->solicit(neigh, skb); 859 atomic_inc(&neigh->probes); 860 kfree_skb(skb); 861 } 862 863 /* Called when a timer expires for a neighbour entry. */ 864 865 static void neigh_timer_handler(unsigned long arg) 866 { 867 unsigned long now, next; 868 struct neighbour *neigh = (struct neighbour *)arg; 869 unsigned int state; 870 int notify = 0; 871 872 write_lock(&neigh->lock); 873 874 state = neigh->nud_state; 875 now = jiffies; 876 next = now + HZ; 877 878 if (!(state & NUD_IN_TIMER)) 879 goto out; 880 881 if (state & NUD_REACHABLE) { 882 if (time_before_eq(now, 883 neigh->confirmed + neigh->parms->reachable_time)) { 884 neigh_dbg(2, "neigh %p is still alive\n", neigh); 885 next = neigh->confirmed + neigh->parms->reachable_time; 886 } else if (time_before_eq(now, 887 neigh->used + 888 NEIGH_VAR(neigh->parms, DELAY_PROBE_TIME))) { 889 neigh_dbg(2, "neigh %p is delayed\n", neigh); 890 neigh->nud_state = NUD_DELAY; 891 neigh->updated = jiffies; 892 neigh_suspect(neigh); 893 next = now + NEIGH_VAR(neigh->parms, DELAY_PROBE_TIME); 894 } else { 895 neigh_dbg(2, "neigh %p is suspected\n", neigh); 896 neigh->nud_state = NUD_STALE; 897 neigh->updated = jiffies; 898 neigh_suspect(neigh); 899 notify = 1; 900 } 901 } else if (state & NUD_DELAY) { 902 if (time_before_eq(now, 903 neigh->confirmed + 904 NEIGH_VAR(neigh->parms, DELAY_PROBE_TIME))) { 905 neigh_dbg(2, "neigh %p is now reachable\n", neigh); 906 neigh->nud_state = NUD_REACHABLE; 907 neigh->updated = jiffies; 908 neigh_connect(neigh); 909 notify = 1; 910 next = neigh->confirmed + neigh->parms->reachable_time; 911 } else { 912 neigh_dbg(2, "neigh %p is probed\n", neigh); 913 neigh->nud_state = NUD_PROBE; 914 neigh->updated = jiffies; 915 atomic_set(&neigh->probes, 0); 916 next = now + NEIGH_VAR(neigh->parms, RETRANS_TIME); 917 } 918 } else { 919 /* NUD_PROBE|NUD_INCOMPLETE */ 920 next = now + NEIGH_VAR(neigh->parms, RETRANS_TIME); 921 } 922 923 if ((neigh->nud_state & (NUD_INCOMPLETE | NUD_PROBE)) && 924 atomic_read(&neigh->probes) >= neigh_max_probes(neigh)) { 925 neigh->nud_state = NUD_FAILED; 926 notify = 1; 927 neigh_invalidate(neigh); 928 goto out; 929 } 930 931 if (neigh->nud_state & NUD_IN_TIMER) { 932 if (time_before(next, jiffies + HZ/2)) 933 next = jiffies + HZ/2; 934 if (!mod_timer(&neigh->timer, next)) 935 neigh_hold(neigh); 936 } 937 if (neigh->nud_state & (NUD_INCOMPLETE | NUD_PROBE)) { 938 neigh_probe(neigh); 939 } else { 940 out: 941 write_unlock(&neigh->lock); 942 } 943 944 if (notify) 945 neigh_update_notify(neigh); 946 947 neigh_release(neigh); 948 } 949 950 int __neigh_event_send(struct neighbour *neigh, struct sk_buff *skb) 951 { 952 int rc; 953 bool immediate_probe = false; 954 955 write_lock_bh(&neigh->lock); 956 957 rc = 0; 958 if (neigh->nud_state & (NUD_CONNECTED | NUD_DELAY | NUD_PROBE)) 959 goto out_unlock_bh; 960 961 if (!(neigh->nud_state & (NUD_STALE | NUD_INCOMPLETE))) { 962 if (NEIGH_VAR(neigh->parms, MCAST_PROBES) + 963 NEIGH_VAR(neigh->parms, APP_PROBES)) { 964 unsigned long next, now = jiffies; 965 966 atomic_set(&neigh->probes, 967 NEIGH_VAR(neigh->parms, UCAST_PROBES)); 968 neigh->nud_state = NUD_INCOMPLETE; 969 neigh->updated = now; 970 next = now + max(NEIGH_VAR(neigh->parms, RETRANS_TIME), 971 HZ/2); 972 neigh_add_timer(neigh, next); 973 immediate_probe = true; 974 } else { 975 neigh->nud_state = NUD_FAILED; 976 neigh->updated = jiffies; 977 write_unlock_bh(&neigh->lock); 978 979 kfree_skb(skb); 980 return 1; 981 } 982 } else if (neigh->nud_state & NUD_STALE) { 983 neigh_dbg(2, "neigh %p is delayed\n", neigh); 984 neigh->nud_state = NUD_DELAY; 985 neigh->updated = jiffies; 986 neigh_add_timer(neigh, jiffies + 987 NEIGH_VAR(neigh->parms, DELAY_PROBE_TIME)); 988 } 989 990 if (neigh->nud_state == NUD_INCOMPLETE) { 991 if (skb) { 992 while (neigh->arp_queue_len_bytes + skb->truesize > 993 NEIGH_VAR(neigh->parms, QUEUE_LEN_BYTES)) { 994 struct sk_buff *buff; 995 996 buff = __skb_dequeue(&neigh->arp_queue); 997 if (!buff) 998 break; 999 neigh->arp_queue_len_bytes -= buff->truesize; 1000 kfree_skb(buff); 1001 NEIGH_CACHE_STAT_INC(neigh->tbl, unres_discards); 1002 } 1003 skb_dst_force(skb); 1004 __skb_queue_tail(&neigh->arp_queue, skb); 1005 neigh->arp_queue_len_bytes += skb->truesize; 1006 } 1007 rc = 1; 1008 } 1009 out_unlock_bh: 1010 if (immediate_probe) 1011 neigh_probe(neigh); 1012 else 1013 write_unlock(&neigh->lock); 1014 local_bh_enable(); 1015 return rc; 1016 } 1017 EXPORT_SYMBOL(__neigh_event_send); 1018 1019 static void neigh_update_hhs(struct neighbour *neigh) 1020 { 1021 struct hh_cache *hh; 1022 void (*update)(struct hh_cache*, const struct net_device*, const unsigned char *) 1023 = NULL; 1024 1025 if (neigh->dev->header_ops) 1026 update = neigh->dev->header_ops->cache_update; 1027 1028 if (update) { 1029 hh = &neigh->hh; 1030 if (hh->hh_len) { 1031 write_seqlock_bh(&hh->hh_lock); 1032 update(hh, neigh->dev, neigh->ha); 1033 write_sequnlock_bh(&hh->hh_lock); 1034 } 1035 } 1036 } 1037 1038 1039 1040 /* Generic update routine. 1041 -- lladdr is new lladdr or NULL, if it is not supplied. 1042 -- new is new state. 1043 -- flags 1044 NEIGH_UPDATE_F_OVERRIDE allows to override existing lladdr, 1045 if it is different. 1046 NEIGH_UPDATE_F_WEAK_OVERRIDE will suspect existing "connected" 1047 lladdr instead of overriding it 1048 if it is different. 1049 It also allows to retain current state 1050 if lladdr is unchanged. 1051 NEIGH_UPDATE_F_ADMIN means that the change is administrative. 1052 1053 NEIGH_UPDATE_F_OVERRIDE_ISROUTER allows to override existing 1054 NTF_ROUTER flag. 1055 NEIGH_UPDATE_F_ISROUTER indicates if the neighbour is known as 1056 a router. 1057 1058 Caller MUST hold reference count on the entry. 1059 */ 1060 1061 int neigh_update(struct neighbour *neigh, const u8 *lladdr, u8 new, 1062 u32 flags) 1063 { 1064 u8 old; 1065 int err; 1066 int notify = 0; 1067 struct net_device *dev; 1068 int update_isrouter = 0; 1069 1070 write_lock_bh(&neigh->lock); 1071 1072 dev = neigh->dev; 1073 old = neigh->nud_state; 1074 err = -EPERM; 1075 1076 if (!(flags & NEIGH_UPDATE_F_ADMIN) && 1077 (old & (NUD_NOARP | NUD_PERMANENT))) 1078 goto out; 1079 1080 if (!(new & NUD_VALID)) { 1081 neigh_del_timer(neigh); 1082 if (old & NUD_CONNECTED) 1083 neigh_suspect(neigh); 1084 neigh->nud_state = new; 1085 err = 0; 1086 notify = old & NUD_VALID; 1087 if ((old & (NUD_INCOMPLETE | NUD_PROBE)) && 1088 (new & NUD_FAILED)) { 1089 neigh_invalidate(neigh); 1090 notify = 1; 1091 } 1092 goto out; 1093 } 1094 1095 /* Compare new lladdr with cached one */ 1096 if (!dev->addr_len) { 1097 /* First case: device needs no address. */ 1098 lladdr = neigh->ha; 1099 } else if (lladdr) { 1100 /* The second case: if something is already cached 1101 and a new address is proposed: 1102 - compare new & old 1103 - if they are different, check override flag 1104 */ 1105 if ((old & NUD_VALID) && 1106 !memcmp(lladdr, neigh->ha, dev->addr_len)) 1107 lladdr = neigh->ha; 1108 } else { 1109 /* No address is supplied; if we know something, 1110 use it, otherwise discard the request. 1111 */ 1112 err = -EINVAL; 1113 if (!(old & NUD_VALID)) 1114 goto out; 1115 lladdr = neigh->ha; 1116 } 1117 1118 if (new & NUD_CONNECTED) 1119 neigh->confirmed = jiffies; 1120 neigh->updated = jiffies; 1121 1122 /* If entry was valid and address is not changed, 1123 do not change entry state, if new one is STALE. 1124 */ 1125 err = 0; 1126 update_isrouter = flags & NEIGH_UPDATE_F_OVERRIDE_ISROUTER; 1127 if (old & NUD_VALID) { 1128 if (lladdr != neigh->ha && !(flags & NEIGH_UPDATE_F_OVERRIDE)) { 1129 update_isrouter = 0; 1130 if ((flags & NEIGH_UPDATE_F_WEAK_OVERRIDE) && 1131 (old & NUD_CONNECTED)) { 1132 lladdr = neigh->ha; 1133 new = NUD_STALE; 1134 } else 1135 goto out; 1136 } else { 1137 if (lladdr == neigh->ha && new == NUD_STALE && 1138 ((flags & NEIGH_UPDATE_F_WEAK_OVERRIDE) || 1139 (old & NUD_CONNECTED)) 1140 ) 1141 new = old; 1142 } 1143 } 1144 1145 if (new != old) { 1146 neigh_del_timer(neigh); 1147 if (new & NUD_IN_TIMER) 1148 neigh_add_timer(neigh, (jiffies + 1149 ((new & NUD_REACHABLE) ? 1150 neigh->parms->reachable_time : 1151 0))); 1152 neigh->nud_state = new; 1153 notify = 1; 1154 } 1155 1156 if (lladdr != neigh->ha) { 1157 write_seqlock(&neigh->ha_lock); 1158 memcpy(&neigh->ha, lladdr, dev->addr_len); 1159 write_sequnlock(&neigh->ha_lock); 1160 neigh_update_hhs(neigh); 1161 if (!(new & NUD_CONNECTED)) 1162 neigh->confirmed = jiffies - 1163 (NEIGH_VAR(neigh->parms, BASE_REACHABLE_TIME) << 1); 1164 notify = 1; 1165 } 1166 if (new == old) 1167 goto out; 1168 if (new & NUD_CONNECTED) 1169 neigh_connect(neigh); 1170 else 1171 neigh_suspect(neigh); 1172 if (!(old & NUD_VALID)) { 1173 struct sk_buff *skb; 1174 1175 /* Again: avoid dead loop if something went wrong */ 1176 1177 while (neigh->nud_state & NUD_VALID && 1178 (skb = __skb_dequeue(&neigh->arp_queue)) != NULL) { 1179 struct dst_entry *dst = skb_dst(skb); 1180 struct neighbour *n2, *n1 = neigh; 1181 write_unlock_bh(&neigh->lock); 1182 1183 rcu_read_lock(); 1184 1185 /* Why not just use 'neigh' as-is? The problem is that 1186 * things such as shaper, eql, and sch_teql can end up 1187 * using alternative, different, neigh objects to output 1188 * the packet in the output path. So what we need to do 1189 * here is re-lookup the top-level neigh in the path so 1190 * we can reinject the packet there. 1191 */ 1192 n2 = NULL; 1193 if (dst) { 1194 n2 = dst_neigh_lookup_skb(dst, skb); 1195 if (n2) 1196 n1 = n2; 1197 } 1198 n1->output(n1, skb); 1199 if (n2) 1200 neigh_release(n2); 1201 rcu_read_unlock(); 1202 1203 write_lock_bh(&neigh->lock); 1204 } 1205 __skb_queue_purge(&neigh->arp_queue); 1206 neigh->arp_queue_len_bytes = 0; 1207 } 1208 out: 1209 if (update_isrouter) { 1210 neigh->flags = (flags & NEIGH_UPDATE_F_ISROUTER) ? 1211 (neigh->flags | NTF_ROUTER) : 1212 (neigh->flags & ~NTF_ROUTER); 1213 } 1214 write_unlock_bh(&neigh->lock); 1215 1216 if (notify) 1217 neigh_update_notify(neigh); 1218 1219 return err; 1220 } 1221 EXPORT_SYMBOL(neigh_update); 1222 1223 /* Update the neigh to listen temporarily for probe responses, even if it is 1224 * in a NUD_FAILED state. The caller has to hold neigh->lock for writing. 1225 */ 1226 void __neigh_set_probe_once(struct neighbour *neigh) 1227 { 1228 neigh->updated = jiffies; 1229 if (!(neigh->nud_state & NUD_FAILED)) 1230 return; 1231 neigh->nud_state = NUD_INCOMPLETE; 1232 atomic_set(&neigh->probes, neigh_max_probes(neigh)); 1233 neigh_add_timer(neigh, 1234 jiffies + NEIGH_VAR(neigh->parms, RETRANS_TIME)); 1235 } 1236 EXPORT_SYMBOL(__neigh_set_probe_once); 1237 1238 struct neighbour *neigh_event_ns(struct neigh_table *tbl, 1239 u8 *lladdr, void *saddr, 1240 struct net_device *dev) 1241 { 1242 struct neighbour *neigh = __neigh_lookup(tbl, saddr, dev, 1243 lladdr || !dev->addr_len); 1244 if (neigh) 1245 neigh_update(neigh, lladdr, NUD_STALE, 1246 NEIGH_UPDATE_F_OVERRIDE); 1247 return neigh; 1248 } 1249 EXPORT_SYMBOL(neigh_event_ns); 1250 1251 /* called with read_lock_bh(&n->lock); */ 1252 static void neigh_hh_init(struct neighbour *n) 1253 { 1254 struct net_device *dev = n->dev; 1255 __be16 prot = n->tbl->protocol; 1256 struct hh_cache *hh = &n->hh; 1257 1258 write_lock_bh(&n->lock); 1259 1260 /* Only one thread can come in here and initialize the 1261 * hh_cache entry. 1262 */ 1263 if (!hh->hh_len) 1264 dev->header_ops->cache(n, hh, prot); 1265 1266 write_unlock_bh(&n->lock); 1267 } 1268 1269 /* Slow and careful. */ 1270 1271 int neigh_resolve_output(struct neighbour *neigh, struct sk_buff *skb) 1272 { 1273 int rc = 0; 1274 1275 if (!neigh_event_send(neigh, skb)) { 1276 int err; 1277 struct net_device *dev = neigh->dev; 1278 unsigned int seq; 1279 1280 if (dev->header_ops->cache && !neigh->hh.hh_len) 1281 neigh_hh_init(neigh); 1282 1283 do { 1284 __skb_pull(skb, skb_network_offset(skb)); 1285 seq = read_seqbegin(&neigh->ha_lock); 1286 err = dev_hard_header(skb, dev, ntohs(skb->protocol), 1287 neigh->ha, NULL, skb->len); 1288 } while (read_seqretry(&neigh->ha_lock, seq)); 1289 1290 if (err >= 0) 1291 rc = dev_queue_xmit(skb); 1292 else 1293 goto out_kfree_skb; 1294 } 1295 out: 1296 return rc; 1297 out_kfree_skb: 1298 rc = -EINVAL; 1299 kfree_skb(skb); 1300 goto out; 1301 } 1302 EXPORT_SYMBOL(neigh_resolve_output); 1303 1304 /* As fast as possible without hh cache */ 1305 1306 int neigh_connected_output(struct neighbour *neigh, struct sk_buff *skb) 1307 { 1308 struct net_device *dev = neigh->dev; 1309 unsigned int seq; 1310 int err; 1311 1312 do { 1313 __skb_pull(skb, skb_network_offset(skb)); 1314 seq = read_seqbegin(&neigh->ha_lock); 1315 err = dev_hard_header(skb, dev, ntohs(skb->protocol), 1316 neigh->ha, NULL, skb->len); 1317 } while (read_seqretry(&neigh->ha_lock, seq)); 1318 1319 if (err >= 0) 1320 err = dev_queue_xmit(skb); 1321 else { 1322 err = -EINVAL; 1323 kfree_skb(skb); 1324 } 1325 return err; 1326 } 1327 EXPORT_SYMBOL(neigh_connected_output); 1328 1329 int neigh_direct_output(struct neighbour *neigh, struct sk_buff *skb) 1330 { 1331 return dev_queue_xmit(skb); 1332 } 1333 EXPORT_SYMBOL(neigh_direct_output); 1334 1335 static void neigh_proxy_process(unsigned long arg) 1336 { 1337 struct neigh_table *tbl = (struct neigh_table *)arg; 1338 long sched_next = 0; 1339 unsigned long now = jiffies; 1340 struct sk_buff *skb, *n; 1341 1342 spin_lock(&tbl->proxy_queue.lock); 1343 1344 skb_queue_walk_safe(&tbl->proxy_queue, skb, n) { 1345 long tdif = NEIGH_CB(skb)->sched_next - now; 1346 1347 if (tdif <= 0) { 1348 struct net_device *dev = skb->dev; 1349 1350 __skb_unlink(skb, &tbl->proxy_queue); 1351 if (tbl->proxy_redo && netif_running(dev)) { 1352 rcu_read_lock(); 1353 tbl->proxy_redo(skb); 1354 rcu_read_unlock(); 1355 } else { 1356 kfree_skb(skb); 1357 } 1358 1359 dev_put(dev); 1360 } else if (!sched_next || tdif < sched_next) 1361 sched_next = tdif; 1362 } 1363 del_timer(&tbl->proxy_timer); 1364 if (sched_next) 1365 mod_timer(&tbl->proxy_timer, jiffies + sched_next); 1366 spin_unlock(&tbl->proxy_queue.lock); 1367 } 1368 1369 void pneigh_enqueue(struct neigh_table *tbl, struct neigh_parms *p, 1370 struct sk_buff *skb) 1371 { 1372 unsigned long now = jiffies; 1373 1374 unsigned long sched_next = now + (prandom_u32() % 1375 NEIGH_VAR(p, PROXY_DELAY)); 1376 1377 if (tbl->proxy_queue.qlen > NEIGH_VAR(p, PROXY_QLEN)) { 1378 kfree_skb(skb); 1379 return; 1380 } 1381 1382 NEIGH_CB(skb)->sched_next = sched_next; 1383 NEIGH_CB(skb)->flags |= LOCALLY_ENQUEUED; 1384 1385 spin_lock(&tbl->proxy_queue.lock); 1386 if (del_timer(&tbl->proxy_timer)) { 1387 if (time_before(tbl->proxy_timer.expires, sched_next)) 1388 sched_next = tbl->proxy_timer.expires; 1389 } 1390 skb_dst_drop(skb); 1391 dev_hold(skb->dev); 1392 __skb_queue_tail(&tbl->proxy_queue, skb); 1393 mod_timer(&tbl->proxy_timer, sched_next); 1394 spin_unlock(&tbl->proxy_queue.lock); 1395 } 1396 EXPORT_SYMBOL(pneigh_enqueue); 1397 1398 static inline struct neigh_parms *lookup_neigh_parms(struct neigh_table *tbl, 1399 struct net *net, int ifindex) 1400 { 1401 struct neigh_parms *p; 1402 1403 list_for_each_entry(p, &tbl->parms_list, list) { 1404 if ((p->dev && p->dev->ifindex == ifindex && net_eq(neigh_parms_net(p), net)) || 1405 (!p->dev && !ifindex && net_eq(net, &init_net))) 1406 return p; 1407 } 1408 1409 return NULL; 1410 } 1411 1412 struct neigh_parms *neigh_parms_alloc(struct net_device *dev, 1413 struct neigh_table *tbl) 1414 { 1415 struct neigh_parms *p; 1416 struct net *net = dev_net(dev); 1417 const struct net_device_ops *ops = dev->netdev_ops; 1418 1419 p = kmemdup(&tbl->parms, sizeof(*p), GFP_KERNEL); 1420 if (p) { 1421 p->tbl = tbl; 1422 atomic_set(&p->refcnt, 1); 1423 p->reachable_time = 1424 neigh_rand_reach_time(NEIGH_VAR(p, BASE_REACHABLE_TIME)); 1425 dev_hold(dev); 1426 p->dev = dev; 1427 write_pnet(&p->net, net); 1428 p->sysctl_table = NULL; 1429 1430 if (ops->ndo_neigh_setup && ops->ndo_neigh_setup(dev, p)) { 1431 dev_put(dev); 1432 kfree(p); 1433 return NULL; 1434 } 1435 1436 write_lock_bh(&tbl->lock); 1437 list_add(&p->list, &tbl->parms.list); 1438 write_unlock_bh(&tbl->lock); 1439 1440 neigh_parms_data_state_cleanall(p); 1441 } 1442 return p; 1443 } 1444 EXPORT_SYMBOL(neigh_parms_alloc); 1445 1446 static void neigh_rcu_free_parms(struct rcu_head *head) 1447 { 1448 struct neigh_parms *parms = 1449 container_of(head, struct neigh_parms, rcu_head); 1450 1451 neigh_parms_put(parms); 1452 } 1453 1454 void neigh_parms_release(struct neigh_table *tbl, struct neigh_parms *parms) 1455 { 1456 if (!parms || parms == &tbl->parms) 1457 return; 1458 write_lock_bh(&tbl->lock); 1459 list_del(&parms->list); 1460 parms->dead = 1; 1461 write_unlock_bh(&tbl->lock); 1462 if (parms->dev) 1463 dev_put(parms->dev); 1464 call_rcu(&parms->rcu_head, neigh_rcu_free_parms); 1465 } 1466 EXPORT_SYMBOL(neigh_parms_release); 1467 1468 static void neigh_parms_destroy(struct neigh_parms *parms) 1469 { 1470 kfree(parms); 1471 } 1472 1473 static struct lock_class_key neigh_table_proxy_queue_class; 1474 1475 static struct neigh_table *neigh_tables[NEIGH_NR_TABLES] __read_mostly; 1476 1477 void neigh_table_init(int index, struct neigh_table *tbl) 1478 { 1479 unsigned long now = jiffies; 1480 unsigned long phsize; 1481 1482 INIT_LIST_HEAD(&tbl->parms_list); 1483 list_add(&tbl->parms.list, &tbl->parms_list); 1484 write_pnet(&tbl->parms.net, &init_net); 1485 atomic_set(&tbl->parms.refcnt, 1); 1486 tbl->parms.reachable_time = 1487 neigh_rand_reach_time(NEIGH_VAR(&tbl->parms, BASE_REACHABLE_TIME)); 1488 1489 tbl->stats = alloc_percpu(struct neigh_statistics); 1490 if (!tbl->stats) 1491 panic("cannot create neighbour cache statistics"); 1492 1493 #ifdef CONFIG_PROC_FS 1494 if (!proc_create_data(tbl->id, 0, init_net.proc_net_stat, 1495 &neigh_stat_seq_fops, tbl)) 1496 panic("cannot create neighbour proc dir entry"); 1497 #endif 1498 1499 RCU_INIT_POINTER(tbl->nht, neigh_hash_alloc(3)); 1500 1501 phsize = (PNEIGH_HASHMASK + 1) * sizeof(struct pneigh_entry *); 1502 tbl->phash_buckets = kzalloc(phsize, GFP_KERNEL); 1503 1504 if (!tbl->nht || !tbl->phash_buckets) 1505 panic("cannot allocate neighbour cache hashes"); 1506 1507 if (!tbl->entry_size) 1508 tbl->entry_size = ALIGN(offsetof(struct neighbour, primary_key) + 1509 tbl->key_len, NEIGH_PRIV_ALIGN); 1510 else 1511 WARN_ON(tbl->entry_size % NEIGH_PRIV_ALIGN); 1512 1513 rwlock_init(&tbl->lock); 1514 INIT_DEFERRABLE_WORK(&tbl->gc_work, neigh_periodic_work); 1515 queue_delayed_work(system_power_efficient_wq, &tbl->gc_work, 1516 tbl->parms.reachable_time); 1517 setup_timer(&tbl->proxy_timer, neigh_proxy_process, (unsigned long)tbl); 1518 skb_queue_head_init_class(&tbl->proxy_queue, 1519 &neigh_table_proxy_queue_class); 1520 1521 tbl->last_flush = now; 1522 tbl->last_rand = now + tbl->parms.reachable_time * 20; 1523 1524 neigh_tables[index] = tbl; 1525 } 1526 EXPORT_SYMBOL(neigh_table_init); 1527 1528 int neigh_table_clear(int index, struct neigh_table *tbl) 1529 { 1530 neigh_tables[index] = NULL; 1531 /* It is not clean... Fix it to unload IPv6 module safely */ 1532 cancel_delayed_work_sync(&tbl->gc_work); 1533 del_timer_sync(&tbl->proxy_timer); 1534 pneigh_queue_purge(&tbl->proxy_queue); 1535 neigh_ifdown(tbl, NULL); 1536 if (atomic_read(&tbl->entries)) 1537 pr_crit("neighbour leakage\n"); 1538 1539 call_rcu(&rcu_dereference_protected(tbl->nht, 1)->rcu, 1540 neigh_hash_free_rcu); 1541 tbl->nht = NULL; 1542 1543 kfree(tbl->phash_buckets); 1544 tbl->phash_buckets = NULL; 1545 1546 remove_proc_entry(tbl->id, init_net.proc_net_stat); 1547 1548 free_percpu(tbl->stats); 1549 tbl->stats = NULL; 1550 1551 return 0; 1552 } 1553 EXPORT_SYMBOL(neigh_table_clear); 1554 1555 static struct neigh_table *neigh_find_table(int family) 1556 { 1557 struct neigh_table *tbl = NULL; 1558 1559 switch (family) { 1560 case AF_INET: 1561 tbl = neigh_tables[NEIGH_ARP_TABLE]; 1562 break; 1563 case AF_INET6: 1564 tbl = neigh_tables[NEIGH_ND_TABLE]; 1565 break; 1566 case AF_DECnet: 1567 tbl = neigh_tables[NEIGH_DN_TABLE]; 1568 break; 1569 } 1570 1571 return tbl; 1572 } 1573 1574 static int neigh_delete(struct sk_buff *skb, struct nlmsghdr *nlh) 1575 { 1576 struct net *net = sock_net(skb->sk); 1577 struct ndmsg *ndm; 1578 struct nlattr *dst_attr; 1579 struct neigh_table *tbl; 1580 struct neighbour *neigh; 1581 struct net_device *dev = NULL; 1582 int err = -EINVAL; 1583 1584 ASSERT_RTNL(); 1585 if (nlmsg_len(nlh) < sizeof(*ndm)) 1586 goto out; 1587 1588 dst_attr = nlmsg_find_attr(nlh, sizeof(*ndm), NDA_DST); 1589 if (dst_attr == NULL) 1590 goto out; 1591 1592 ndm = nlmsg_data(nlh); 1593 if (ndm->ndm_ifindex) { 1594 dev = __dev_get_by_index(net, ndm->ndm_ifindex); 1595 if (dev == NULL) { 1596 err = -ENODEV; 1597 goto out; 1598 } 1599 } 1600 1601 tbl = neigh_find_table(ndm->ndm_family); 1602 if (tbl == NULL) 1603 return -EAFNOSUPPORT; 1604 1605 if (nla_len(dst_attr) < tbl->key_len) 1606 goto out; 1607 1608 if (ndm->ndm_flags & NTF_PROXY) { 1609 err = pneigh_delete(tbl, net, nla_data(dst_attr), dev); 1610 goto out; 1611 } 1612 1613 if (dev == NULL) 1614 goto out; 1615 1616 neigh = neigh_lookup(tbl, nla_data(dst_attr), dev); 1617 if (neigh == NULL) { 1618 err = -ENOENT; 1619 goto out; 1620 } 1621 1622 err = neigh_update(neigh, NULL, NUD_FAILED, 1623 NEIGH_UPDATE_F_OVERRIDE | 1624 NEIGH_UPDATE_F_ADMIN); 1625 neigh_release(neigh); 1626 1627 out: 1628 return err; 1629 } 1630 1631 static int neigh_add(struct sk_buff *skb, struct nlmsghdr *nlh) 1632 { 1633 int flags = NEIGH_UPDATE_F_ADMIN | NEIGH_UPDATE_F_OVERRIDE; 1634 struct net *net = sock_net(skb->sk); 1635 struct ndmsg *ndm; 1636 struct nlattr *tb[NDA_MAX+1]; 1637 struct neigh_table *tbl; 1638 struct net_device *dev = NULL; 1639 struct neighbour *neigh; 1640 void *dst, *lladdr; 1641 int err; 1642 1643 ASSERT_RTNL(); 1644 err = nlmsg_parse(nlh, sizeof(*ndm), tb, NDA_MAX, NULL); 1645 if (err < 0) 1646 goto out; 1647 1648 err = -EINVAL; 1649 if (tb[NDA_DST] == NULL) 1650 goto out; 1651 1652 ndm = nlmsg_data(nlh); 1653 if (ndm->ndm_ifindex) { 1654 dev = __dev_get_by_index(net, ndm->ndm_ifindex); 1655 if (dev == NULL) { 1656 err = -ENODEV; 1657 goto out; 1658 } 1659 1660 if (tb[NDA_LLADDR] && nla_len(tb[NDA_LLADDR]) < dev->addr_len) 1661 goto out; 1662 } 1663 1664 tbl = neigh_find_table(ndm->ndm_family); 1665 if (tbl == NULL) 1666 return -EAFNOSUPPORT; 1667 1668 if (nla_len(tb[NDA_DST]) < tbl->key_len) 1669 goto out; 1670 dst = nla_data(tb[NDA_DST]); 1671 lladdr = tb[NDA_LLADDR] ? nla_data(tb[NDA_LLADDR]) : NULL; 1672 1673 if (ndm->ndm_flags & NTF_PROXY) { 1674 struct pneigh_entry *pn; 1675 1676 err = -ENOBUFS; 1677 pn = pneigh_lookup(tbl, net, dst, dev, 1); 1678 if (pn) { 1679 pn->flags = ndm->ndm_flags; 1680 err = 0; 1681 } 1682 goto out; 1683 } 1684 1685 if (dev == NULL) 1686 goto out; 1687 1688 neigh = neigh_lookup(tbl, dst, dev); 1689 if (neigh == NULL) { 1690 if (!(nlh->nlmsg_flags & NLM_F_CREATE)) { 1691 err = -ENOENT; 1692 goto out; 1693 } 1694 1695 neigh = __neigh_lookup_errno(tbl, dst, dev); 1696 if (IS_ERR(neigh)) { 1697 err = PTR_ERR(neigh); 1698 goto out; 1699 } 1700 } else { 1701 if (nlh->nlmsg_flags & NLM_F_EXCL) { 1702 err = -EEXIST; 1703 neigh_release(neigh); 1704 goto out; 1705 } 1706 1707 if (!(nlh->nlmsg_flags & NLM_F_REPLACE)) 1708 flags &= ~NEIGH_UPDATE_F_OVERRIDE; 1709 } 1710 1711 if (ndm->ndm_flags & NTF_USE) { 1712 neigh_event_send(neigh, NULL); 1713 err = 0; 1714 } else 1715 err = neigh_update(neigh, lladdr, ndm->ndm_state, flags); 1716 neigh_release(neigh); 1717 1718 out: 1719 return err; 1720 } 1721 1722 static int neightbl_fill_parms(struct sk_buff *skb, struct neigh_parms *parms) 1723 { 1724 struct nlattr *nest; 1725 1726 nest = nla_nest_start(skb, NDTA_PARMS); 1727 if (nest == NULL) 1728 return -ENOBUFS; 1729 1730 if ((parms->dev && 1731 nla_put_u32(skb, NDTPA_IFINDEX, parms->dev->ifindex)) || 1732 nla_put_u32(skb, NDTPA_REFCNT, atomic_read(&parms->refcnt)) || 1733 nla_put_u32(skb, NDTPA_QUEUE_LENBYTES, 1734 NEIGH_VAR(parms, QUEUE_LEN_BYTES)) || 1735 /* approximative value for deprecated QUEUE_LEN (in packets) */ 1736 nla_put_u32(skb, NDTPA_QUEUE_LEN, 1737 NEIGH_VAR(parms, QUEUE_LEN_BYTES) / SKB_TRUESIZE(ETH_FRAME_LEN)) || 1738 nla_put_u32(skb, NDTPA_PROXY_QLEN, NEIGH_VAR(parms, PROXY_QLEN)) || 1739 nla_put_u32(skb, NDTPA_APP_PROBES, NEIGH_VAR(parms, APP_PROBES)) || 1740 nla_put_u32(skb, NDTPA_UCAST_PROBES, 1741 NEIGH_VAR(parms, UCAST_PROBES)) || 1742 nla_put_u32(skb, NDTPA_MCAST_PROBES, 1743 NEIGH_VAR(parms, MCAST_PROBES)) || 1744 nla_put_u32(skb, NDTPA_MCAST_REPROBES, 1745 NEIGH_VAR(parms, MCAST_REPROBES)) || 1746 nla_put_msecs(skb, NDTPA_REACHABLE_TIME, parms->reachable_time) || 1747 nla_put_msecs(skb, NDTPA_BASE_REACHABLE_TIME, 1748 NEIGH_VAR(parms, BASE_REACHABLE_TIME)) || 1749 nla_put_msecs(skb, NDTPA_GC_STALETIME, 1750 NEIGH_VAR(parms, GC_STALETIME)) || 1751 nla_put_msecs(skb, NDTPA_DELAY_PROBE_TIME, 1752 NEIGH_VAR(parms, DELAY_PROBE_TIME)) || 1753 nla_put_msecs(skb, NDTPA_RETRANS_TIME, 1754 NEIGH_VAR(parms, RETRANS_TIME)) || 1755 nla_put_msecs(skb, NDTPA_ANYCAST_DELAY, 1756 NEIGH_VAR(parms, ANYCAST_DELAY)) || 1757 nla_put_msecs(skb, NDTPA_PROXY_DELAY, 1758 NEIGH_VAR(parms, PROXY_DELAY)) || 1759 nla_put_msecs(skb, NDTPA_LOCKTIME, 1760 NEIGH_VAR(parms, LOCKTIME))) 1761 goto nla_put_failure; 1762 return nla_nest_end(skb, nest); 1763 1764 nla_put_failure: 1765 nla_nest_cancel(skb, nest); 1766 return -EMSGSIZE; 1767 } 1768 1769 static int neightbl_fill_info(struct sk_buff *skb, struct neigh_table *tbl, 1770 u32 pid, u32 seq, int type, int flags) 1771 { 1772 struct nlmsghdr *nlh; 1773 struct ndtmsg *ndtmsg; 1774 1775 nlh = nlmsg_put(skb, pid, seq, type, sizeof(*ndtmsg), flags); 1776 if (nlh == NULL) 1777 return -EMSGSIZE; 1778 1779 ndtmsg = nlmsg_data(nlh); 1780 1781 read_lock_bh(&tbl->lock); 1782 ndtmsg->ndtm_family = tbl->family; 1783 ndtmsg->ndtm_pad1 = 0; 1784 ndtmsg->ndtm_pad2 = 0; 1785 1786 if (nla_put_string(skb, NDTA_NAME, tbl->id) || 1787 nla_put_msecs(skb, NDTA_GC_INTERVAL, tbl->gc_interval) || 1788 nla_put_u32(skb, NDTA_THRESH1, tbl->gc_thresh1) || 1789 nla_put_u32(skb, NDTA_THRESH2, tbl->gc_thresh2) || 1790 nla_put_u32(skb, NDTA_THRESH3, tbl->gc_thresh3)) 1791 goto nla_put_failure; 1792 { 1793 unsigned long now = jiffies; 1794 unsigned int flush_delta = now - tbl->last_flush; 1795 unsigned int rand_delta = now - tbl->last_rand; 1796 struct neigh_hash_table *nht; 1797 struct ndt_config ndc = { 1798 .ndtc_key_len = tbl->key_len, 1799 .ndtc_entry_size = tbl->entry_size, 1800 .ndtc_entries = atomic_read(&tbl->entries), 1801 .ndtc_last_flush = jiffies_to_msecs(flush_delta), 1802 .ndtc_last_rand = jiffies_to_msecs(rand_delta), 1803 .ndtc_proxy_qlen = tbl->proxy_queue.qlen, 1804 }; 1805 1806 rcu_read_lock_bh(); 1807 nht = rcu_dereference_bh(tbl->nht); 1808 ndc.ndtc_hash_rnd = nht->hash_rnd[0]; 1809 ndc.ndtc_hash_mask = ((1 << nht->hash_shift) - 1); 1810 rcu_read_unlock_bh(); 1811 1812 if (nla_put(skb, NDTA_CONFIG, sizeof(ndc), &ndc)) 1813 goto nla_put_failure; 1814 } 1815 1816 { 1817 int cpu; 1818 struct ndt_stats ndst; 1819 1820 memset(&ndst, 0, sizeof(ndst)); 1821 1822 for_each_possible_cpu(cpu) { 1823 struct neigh_statistics *st; 1824 1825 st = per_cpu_ptr(tbl->stats, cpu); 1826 ndst.ndts_allocs += st->allocs; 1827 ndst.ndts_destroys += st->destroys; 1828 ndst.ndts_hash_grows += st->hash_grows; 1829 ndst.ndts_res_failed += st->res_failed; 1830 ndst.ndts_lookups += st->lookups; 1831 ndst.ndts_hits += st->hits; 1832 ndst.ndts_rcv_probes_mcast += st->rcv_probes_mcast; 1833 ndst.ndts_rcv_probes_ucast += st->rcv_probes_ucast; 1834 ndst.ndts_periodic_gc_runs += st->periodic_gc_runs; 1835 ndst.ndts_forced_gc_runs += st->forced_gc_runs; 1836 } 1837 1838 if (nla_put(skb, NDTA_STATS, sizeof(ndst), &ndst)) 1839 goto nla_put_failure; 1840 } 1841 1842 BUG_ON(tbl->parms.dev); 1843 if (neightbl_fill_parms(skb, &tbl->parms) < 0) 1844 goto nla_put_failure; 1845 1846 read_unlock_bh(&tbl->lock); 1847 nlmsg_end(skb, nlh); 1848 return 0; 1849 1850 nla_put_failure: 1851 read_unlock_bh(&tbl->lock); 1852 nlmsg_cancel(skb, nlh); 1853 return -EMSGSIZE; 1854 } 1855 1856 static int neightbl_fill_param_info(struct sk_buff *skb, 1857 struct neigh_table *tbl, 1858 struct neigh_parms *parms, 1859 u32 pid, u32 seq, int type, 1860 unsigned int flags) 1861 { 1862 struct ndtmsg *ndtmsg; 1863 struct nlmsghdr *nlh; 1864 1865 nlh = nlmsg_put(skb, pid, seq, type, sizeof(*ndtmsg), flags); 1866 if (nlh == NULL) 1867 return -EMSGSIZE; 1868 1869 ndtmsg = nlmsg_data(nlh); 1870 1871 read_lock_bh(&tbl->lock); 1872 ndtmsg->ndtm_family = tbl->family; 1873 ndtmsg->ndtm_pad1 = 0; 1874 ndtmsg->ndtm_pad2 = 0; 1875 1876 if (nla_put_string(skb, NDTA_NAME, tbl->id) < 0 || 1877 neightbl_fill_parms(skb, parms) < 0) 1878 goto errout; 1879 1880 read_unlock_bh(&tbl->lock); 1881 nlmsg_end(skb, nlh); 1882 return 0; 1883 errout: 1884 read_unlock_bh(&tbl->lock); 1885 nlmsg_cancel(skb, nlh); 1886 return -EMSGSIZE; 1887 } 1888 1889 static const struct nla_policy nl_neightbl_policy[NDTA_MAX+1] = { 1890 [NDTA_NAME] = { .type = NLA_STRING }, 1891 [NDTA_THRESH1] = { .type = NLA_U32 }, 1892 [NDTA_THRESH2] = { .type = NLA_U32 }, 1893 [NDTA_THRESH3] = { .type = NLA_U32 }, 1894 [NDTA_GC_INTERVAL] = { .type = NLA_U64 }, 1895 [NDTA_PARMS] = { .type = NLA_NESTED }, 1896 }; 1897 1898 static const struct nla_policy nl_ntbl_parm_policy[NDTPA_MAX+1] = { 1899 [NDTPA_IFINDEX] = { .type = NLA_U32 }, 1900 [NDTPA_QUEUE_LEN] = { .type = NLA_U32 }, 1901 [NDTPA_PROXY_QLEN] = { .type = NLA_U32 }, 1902 [NDTPA_APP_PROBES] = { .type = NLA_U32 }, 1903 [NDTPA_UCAST_PROBES] = { .type = NLA_U32 }, 1904 [NDTPA_MCAST_PROBES] = { .type = NLA_U32 }, 1905 [NDTPA_MCAST_REPROBES] = { .type = NLA_U32 }, 1906 [NDTPA_BASE_REACHABLE_TIME] = { .type = NLA_U64 }, 1907 [NDTPA_GC_STALETIME] = { .type = NLA_U64 }, 1908 [NDTPA_DELAY_PROBE_TIME] = { .type = NLA_U64 }, 1909 [NDTPA_RETRANS_TIME] = { .type = NLA_U64 }, 1910 [NDTPA_ANYCAST_DELAY] = { .type = NLA_U64 }, 1911 [NDTPA_PROXY_DELAY] = { .type = NLA_U64 }, 1912 [NDTPA_LOCKTIME] = { .type = NLA_U64 }, 1913 }; 1914 1915 static int neightbl_set(struct sk_buff *skb, struct nlmsghdr *nlh) 1916 { 1917 struct net *net = sock_net(skb->sk); 1918 struct neigh_table *tbl; 1919 struct ndtmsg *ndtmsg; 1920 struct nlattr *tb[NDTA_MAX+1]; 1921 bool found = false; 1922 int err, tidx; 1923 1924 err = nlmsg_parse(nlh, sizeof(*ndtmsg), tb, NDTA_MAX, 1925 nl_neightbl_policy); 1926 if (err < 0) 1927 goto errout; 1928 1929 if (tb[NDTA_NAME] == NULL) { 1930 err = -EINVAL; 1931 goto errout; 1932 } 1933 1934 ndtmsg = nlmsg_data(nlh); 1935 1936 for (tidx = 0; tidx < NEIGH_NR_TABLES; tidx++) { 1937 tbl = neigh_tables[tidx]; 1938 if (!tbl) 1939 continue; 1940 if (ndtmsg->ndtm_family && tbl->family != ndtmsg->ndtm_family) 1941 continue; 1942 if (nla_strcmp(tb[NDTA_NAME], tbl->id) == 0) { 1943 found = true; 1944 break; 1945 } 1946 } 1947 1948 if (!found) 1949 return -ENOENT; 1950 1951 /* 1952 * We acquire tbl->lock to be nice to the periodic timers and 1953 * make sure they always see a consistent set of values. 1954 */ 1955 write_lock_bh(&tbl->lock); 1956 1957 if (tb[NDTA_PARMS]) { 1958 struct nlattr *tbp[NDTPA_MAX+1]; 1959 struct neigh_parms *p; 1960 int i, ifindex = 0; 1961 1962 err = nla_parse_nested(tbp, NDTPA_MAX, tb[NDTA_PARMS], 1963 nl_ntbl_parm_policy); 1964 if (err < 0) 1965 goto errout_tbl_lock; 1966 1967 if (tbp[NDTPA_IFINDEX]) 1968 ifindex = nla_get_u32(tbp[NDTPA_IFINDEX]); 1969 1970 p = lookup_neigh_parms(tbl, net, ifindex); 1971 if (p == NULL) { 1972 err = -ENOENT; 1973 goto errout_tbl_lock; 1974 } 1975 1976 for (i = 1; i <= NDTPA_MAX; i++) { 1977 if (tbp[i] == NULL) 1978 continue; 1979 1980 switch (i) { 1981 case NDTPA_QUEUE_LEN: 1982 NEIGH_VAR_SET(p, QUEUE_LEN_BYTES, 1983 nla_get_u32(tbp[i]) * 1984 SKB_TRUESIZE(ETH_FRAME_LEN)); 1985 break; 1986 case NDTPA_QUEUE_LENBYTES: 1987 NEIGH_VAR_SET(p, QUEUE_LEN_BYTES, 1988 nla_get_u32(tbp[i])); 1989 break; 1990 case NDTPA_PROXY_QLEN: 1991 NEIGH_VAR_SET(p, PROXY_QLEN, 1992 nla_get_u32(tbp[i])); 1993 break; 1994 case NDTPA_APP_PROBES: 1995 NEIGH_VAR_SET(p, APP_PROBES, 1996 nla_get_u32(tbp[i])); 1997 break; 1998 case NDTPA_UCAST_PROBES: 1999 NEIGH_VAR_SET(p, UCAST_PROBES, 2000 nla_get_u32(tbp[i])); 2001 break; 2002 case NDTPA_MCAST_PROBES: 2003 NEIGH_VAR_SET(p, MCAST_PROBES, 2004 nla_get_u32(tbp[i])); 2005 break; 2006 case NDTPA_MCAST_REPROBES: 2007 NEIGH_VAR_SET(p, MCAST_REPROBES, 2008 nla_get_u32(tbp[i])); 2009 break; 2010 case NDTPA_BASE_REACHABLE_TIME: 2011 NEIGH_VAR_SET(p, BASE_REACHABLE_TIME, 2012 nla_get_msecs(tbp[i])); 2013 /* update reachable_time as well, otherwise, the change will 2014 * only be effective after the next time neigh_periodic_work 2015 * decides to recompute it (can be multiple minutes) 2016 */ 2017 p->reachable_time = 2018 neigh_rand_reach_time(NEIGH_VAR(p, BASE_REACHABLE_TIME)); 2019 break; 2020 case NDTPA_GC_STALETIME: 2021 NEIGH_VAR_SET(p, GC_STALETIME, 2022 nla_get_msecs(tbp[i])); 2023 break; 2024 case NDTPA_DELAY_PROBE_TIME: 2025 NEIGH_VAR_SET(p, DELAY_PROBE_TIME, 2026 nla_get_msecs(tbp[i])); 2027 break; 2028 case NDTPA_RETRANS_TIME: 2029 NEIGH_VAR_SET(p, RETRANS_TIME, 2030 nla_get_msecs(tbp[i])); 2031 break; 2032 case NDTPA_ANYCAST_DELAY: 2033 NEIGH_VAR_SET(p, ANYCAST_DELAY, 2034 nla_get_msecs(tbp[i])); 2035 break; 2036 case NDTPA_PROXY_DELAY: 2037 NEIGH_VAR_SET(p, PROXY_DELAY, 2038 nla_get_msecs(tbp[i])); 2039 break; 2040 case NDTPA_LOCKTIME: 2041 NEIGH_VAR_SET(p, LOCKTIME, 2042 nla_get_msecs(tbp[i])); 2043 break; 2044 } 2045 } 2046 } 2047 2048 err = -ENOENT; 2049 if ((tb[NDTA_THRESH1] || tb[NDTA_THRESH2] || 2050 tb[NDTA_THRESH3] || tb[NDTA_GC_INTERVAL]) && 2051 !net_eq(net, &init_net)) 2052 goto errout_tbl_lock; 2053 2054 if (tb[NDTA_THRESH1]) 2055 tbl->gc_thresh1 = nla_get_u32(tb[NDTA_THRESH1]); 2056 2057 if (tb[NDTA_THRESH2]) 2058 tbl->gc_thresh2 = nla_get_u32(tb[NDTA_THRESH2]); 2059 2060 if (tb[NDTA_THRESH3]) 2061 tbl->gc_thresh3 = nla_get_u32(tb[NDTA_THRESH3]); 2062 2063 if (tb[NDTA_GC_INTERVAL]) 2064 tbl->gc_interval = nla_get_msecs(tb[NDTA_GC_INTERVAL]); 2065 2066 err = 0; 2067 2068 errout_tbl_lock: 2069 write_unlock_bh(&tbl->lock); 2070 errout: 2071 return err; 2072 } 2073 2074 static int neightbl_dump_info(struct sk_buff *skb, struct netlink_callback *cb) 2075 { 2076 struct net *net = sock_net(skb->sk); 2077 int family, tidx, nidx = 0; 2078 int tbl_skip = cb->args[0]; 2079 int neigh_skip = cb->args[1]; 2080 struct neigh_table *tbl; 2081 2082 family = ((struct rtgenmsg *) nlmsg_data(cb->nlh))->rtgen_family; 2083 2084 for (tidx = 0; tidx < NEIGH_NR_TABLES; tidx++) { 2085 struct neigh_parms *p; 2086 2087 tbl = neigh_tables[tidx]; 2088 if (!tbl) 2089 continue; 2090 2091 if (tidx < tbl_skip || (family && tbl->family != family)) 2092 continue; 2093 2094 if (neightbl_fill_info(skb, tbl, NETLINK_CB(cb->skb).portid, 2095 cb->nlh->nlmsg_seq, RTM_NEWNEIGHTBL, 2096 NLM_F_MULTI) < 0) 2097 break; 2098 2099 nidx = 0; 2100 p = list_next_entry(&tbl->parms, list); 2101 list_for_each_entry_from(p, &tbl->parms_list, list) { 2102 if (!net_eq(neigh_parms_net(p), net)) 2103 continue; 2104 2105 if (nidx < neigh_skip) 2106 goto next; 2107 2108 if (neightbl_fill_param_info(skb, tbl, p, 2109 NETLINK_CB(cb->skb).portid, 2110 cb->nlh->nlmsg_seq, 2111 RTM_NEWNEIGHTBL, 2112 NLM_F_MULTI) < 0) 2113 goto out; 2114 next: 2115 nidx++; 2116 } 2117 2118 neigh_skip = 0; 2119 } 2120 out: 2121 cb->args[0] = tidx; 2122 cb->args[1] = nidx; 2123 2124 return skb->len; 2125 } 2126 2127 static int neigh_fill_info(struct sk_buff *skb, struct neighbour *neigh, 2128 u32 pid, u32 seq, int type, unsigned int flags) 2129 { 2130 unsigned long now = jiffies; 2131 struct nda_cacheinfo ci; 2132 struct nlmsghdr *nlh; 2133 struct ndmsg *ndm; 2134 2135 nlh = nlmsg_put(skb, pid, seq, type, sizeof(*ndm), flags); 2136 if (nlh == NULL) 2137 return -EMSGSIZE; 2138 2139 ndm = nlmsg_data(nlh); 2140 ndm->ndm_family = neigh->ops->family; 2141 ndm->ndm_pad1 = 0; 2142 ndm->ndm_pad2 = 0; 2143 ndm->ndm_flags = neigh->flags; 2144 ndm->ndm_type = neigh->type; 2145 ndm->ndm_ifindex = neigh->dev->ifindex; 2146 2147 if (nla_put(skb, NDA_DST, neigh->tbl->key_len, neigh->primary_key)) 2148 goto nla_put_failure; 2149 2150 read_lock_bh(&neigh->lock); 2151 ndm->ndm_state = neigh->nud_state; 2152 if (neigh->nud_state & NUD_VALID) { 2153 char haddr[MAX_ADDR_LEN]; 2154 2155 neigh_ha_snapshot(haddr, neigh, neigh->dev); 2156 if (nla_put(skb, NDA_LLADDR, neigh->dev->addr_len, haddr) < 0) { 2157 read_unlock_bh(&neigh->lock); 2158 goto nla_put_failure; 2159 } 2160 } 2161 2162 ci.ndm_used = jiffies_to_clock_t(now - neigh->used); 2163 ci.ndm_confirmed = jiffies_to_clock_t(now - neigh->confirmed); 2164 ci.ndm_updated = jiffies_to_clock_t(now - neigh->updated); 2165 ci.ndm_refcnt = atomic_read(&neigh->refcnt) - 1; 2166 read_unlock_bh(&neigh->lock); 2167 2168 if (nla_put_u32(skb, NDA_PROBES, atomic_read(&neigh->probes)) || 2169 nla_put(skb, NDA_CACHEINFO, sizeof(ci), &ci)) 2170 goto nla_put_failure; 2171 2172 nlmsg_end(skb, nlh); 2173 return 0; 2174 2175 nla_put_failure: 2176 nlmsg_cancel(skb, nlh); 2177 return -EMSGSIZE; 2178 } 2179 2180 static int pneigh_fill_info(struct sk_buff *skb, struct pneigh_entry *pn, 2181 u32 pid, u32 seq, int type, unsigned int flags, 2182 struct neigh_table *tbl) 2183 { 2184 struct nlmsghdr *nlh; 2185 struct ndmsg *ndm; 2186 2187 nlh = nlmsg_put(skb, pid, seq, type, sizeof(*ndm), flags); 2188 if (nlh == NULL) 2189 return -EMSGSIZE; 2190 2191 ndm = nlmsg_data(nlh); 2192 ndm->ndm_family = tbl->family; 2193 ndm->ndm_pad1 = 0; 2194 ndm->ndm_pad2 = 0; 2195 ndm->ndm_flags = pn->flags | NTF_PROXY; 2196 ndm->ndm_type = RTN_UNICAST; 2197 ndm->ndm_ifindex = pn->dev->ifindex; 2198 ndm->ndm_state = NUD_NONE; 2199 2200 if (nla_put(skb, NDA_DST, tbl->key_len, pn->key)) 2201 goto nla_put_failure; 2202 2203 nlmsg_end(skb, nlh); 2204 return 0; 2205 2206 nla_put_failure: 2207 nlmsg_cancel(skb, nlh); 2208 return -EMSGSIZE; 2209 } 2210 2211 static void neigh_update_notify(struct neighbour *neigh) 2212 { 2213 call_netevent_notifiers(NETEVENT_NEIGH_UPDATE, neigh); 2214 __neigh_notify(neigh, RTM_NEWNEIGH, 0); 2215 } 2216 2217 static int neigh_dump_table(struct neigh_table *tbl, struct sk_buff *skb, 2218 struct netlink_callback *cb) 2219 { 2220 struct net *net = sock_net(skb->sk); 2221 struct neighbour *n; 2222 int rc, h, s_h = cb->args[1]; 2223 int idx, s_idx = idx = cb->args[2]; 2224 struct neigh_hash_table *nht; 2225 2226 rcu_read_lock_bh(); 2227 nht = rcu_dereference_bh(tbl->nht); 2228 2229 for (h = s_h; h < (1 << nht->hash_shift); h++) { 2230 if (h > s_h) 2231 s_idx = 0; 2232 for (n = rcu_dereference_bh(nht->hash_buckets[h]), idx = 0; 2233 n != NULL; 2234 n = rcu_dereference_bh(n->next)) { 2235 if (!net_eq(dev_net(n->dev), net)) 2236 continue; 2237 if (idx < s_idx) 2238 goto next; 2239 if (neigh_fill_info(skb, n, NETLINK_CB(cb->skb).portid, 2240 cb->nlh->nlmsg_seq, 2241 RTM_NEWNEIGH, 2242 NLM_F_MULTI) < 0) { 2243 rc = -1; 2244 goto out; 2245 } 2246 next: 2247 idx++; 2248 } 2249 } 2250 rc = skb->len; 2251 out: 2252 rcu_read_unlock_bh(); 2253 cb->args[1] = h; 2254 cb->args[2] = idx; 2255 return rc; 2256 } 2257 2258 static int pneigh_dump_table(struct neigh_table *tbl, struct sk_buff *skb, 2259 struct netlink_callback *cb) 2260 { 2261 struct pneigh_entry *n; 2262 struct net *net = sock_net(skb->sk); 2263 int rc, h, s_h = cb->args[3]; 2264 int idx, s_idx = idx = cb->args[4]; 2265 2266 read_lock_bh(&tbl->lock); 2267 2268 for (h = s_h; h <= PNEIGH_HASHMASK; h++) { 2269 if (h > s_h) 2270 s_idx = 0; 2271 for (n = tbl->phash_buckets[h], idx = 0; n; n = n->next) { 2272 if (dev_net(n->dev) != net) 2273 continue; 2274 if (idx < s_idx) 2275 goto next; 2276 if (pneigh_fill_info(skb, n, NETLINK_CB(cb->skb).portid, 2277 cb->nlh->nlmsg_seq, 2278 RTM_NEWNEIGH, 2279 NLM_F_MULTI, tbl) < 0) { 2280 read_unlock_bh(&tbl->lock); 2281 rc = -1; 2282 goto out; 2283 } 2284 next: 2285 idx++; 2286 } 2287 } 2288 2289 read_unlock_bh(&tbl->lock); 2290 rc = skb->len; 2291 out: 2292 cb->args[3] = h; 2293 cb->args[4] = idx; 2294 return rc; 2295 2296 } 2297 2298 static int neigh_dump_info(struct sk_buff *skb, struct netlink_callback *cb) 2299 { 2300 struct neigh_table *tbl; 2301 int t, family, s_t; 2302 int proxy = 0; 2303 int err; 2304 2305 family = ((struct rtgenmsg *) nlmsg_data(cb->nlh))->rtgen_family; 2306 2307 /* check for full ndmsg structure presence, family member is 2308 * the same for both structures 2309 */ 2310 if (nlmsg_len(cb->nlh) >= sizeof(struct ndmsg) && 2311 ((struct ndmsg *) nlmsg_data(cb->nlh))->ndm_flags == NTF_PROXY) 2312 proxy = 1; 2313 2314 s_t = cb->args[0]; 2315 2316 for (t = 0; t < NEIGH_NR_TABLES; t++) { 2317 tbl = neigh_tables[t]; 2318 2319 if (!tbl) 2320 continue; 2321 if (t < s_t || (family && tbl->family != family)) 2322 continue; 2323 if (t > s_t) 2324 memset(&cb->args[1], 0, sizeof(cb->args) - 2325 sizeof(cb->args[0])); 2326 if (proxy) 2327 err = pneigh_dump_table(tbl, skb, cb); 2328 else 2329 err = neigh_dump_table(tbl, skb, cb); 2330 if (err < 0) 2331 break; 2332 } 2333 2334 cb->args[0] = t; 2335 return skb->len; 2336 } 2337 2338 void neigh_for_each(struct neigh_table *tbl, void (*cb)(struct neighbour *, void *), void *cookie) 2339 { 2340 int chain; 2341 struct neigh_hash_table *nht; 2342 2343 rcu_read_lock_bh(); 2344 nht = rcu_dereference_bh(tbl->nht); 2345 2346 read_lock(&tbl->lock); /* avoid resizes */ 2347 for (chain = 0; chain < (1 << nht->hash_shift); chain++) { 2348 struct neighbour *n; 2349 2350 for (n = rcu_dereference_bh(nht->hash_buckets[chain]); 2351 n != NULL; 2352 n = rcu_dereference_bh(n->next)) 2353 cb(n, cookie); 2354 } 2355 read_unlock(&tbl->lock); 2356 rcu_read_unlock_bh(); 2357 } 2358 EXPORT_SYMBOL(neigh_for_each); 2359 2360 /* The tbl->lock must be held as a writer and BH disabled. */ 2361 void __neigh_for_each_release(struct neigh_table *tbl, 2362 int (*cb)(struct neighbour *)) 2363 { 2364 int chain; 2365 struct neigh_hash_table *nht; 2366 2367 nht = rcu_dereference_protected(tbl->nht, 2368 lockdep_is_held(&tbl->lock)); 2369 for (chain = 0; chain < (1 << nht->hash_shift); chain++) { 2370 struct neighbour *n; 2371 struct neighbour __rcu **np; 2372 2373 np = &nht->hash_buckets[chain]; 2374 while ((n = rcu_dereference_protected(*np, 2375 lockdep_is_held(&tbl->lock))) != NULL) { 2376 int release; 2377 2378 write_lock(&n->lock); 2379 release = cb(n); 2380 if (release) { 2381 rcu_assign_pointer(*np, 2382 rcu_dereference_protected(n->next, 2383 lockdep_is_held(&tbl->lock))); 2384 n->dead = 1; 2385 } else 2386 np = &n->next; 2387 write_unlock(&n->lock); 2388 if (release) 2389 neigh_cleanup_and_release(n); 2390 } 2391 } 2392 } 2393 EXPORT_SYMBOL(__neigh_for_each_release); 2394 2395 int neigh_xmit(int index, struct net_device *dev, 2396 const void *addr, struct sk_buff *skb) 2397 { 2398 int err = -EAFNOSUPPORT; 2399 if (likely(index < NEIGH_NR_TABLES)) { 2400 struct neigh_table *tbl; 2401 struct neighbour *neigh; 2402 2403 tbl = neigh_tables[index]; 2404 if (!tbl) 2405 goto out; 2406 neigh = __neigh_lookup_noref(tbl, addr, dev); 2407 if (!neigh) 2408 neigh = __neigh_create(tbl, addr, dev, false); 2409 err = PTR_ERR(neigh); 2410 if (IS_ERR(neigh)) 2411 goto out_kfree_skb; 2412 err = neigh->output(neigh, skb); 2413 } 2414 else if (index == NEIGH_LINK_TABLE) { 2415 err = dev_hard_header(skb, dev, ntohs(skb->protocol), 2416 addr, NULL, skb->len); 2417 if (err < 0) 2418 goto out_kfree_skb; 2419 err = dev_queue_xmit(skb); 2420 } 2421 out: 2422 return err; 2423 out_kfree_skb: 2424 kfree_skb(skb); 2425 goto out; 2426 } 2427 EXPORT_SYMBOL(neigh_xmit); 2428 2429 #ifdef CONFIG_PROC_FS 2430 2431 static struct neighbour *neigh_get_first(struct seq_file *seq) 2432 { 2433 struct neigh_seq_state *state = seq->private; 2434 struct net *net = seq_file_net(seq); 2435 struct neigh_hash_table *nht = state->nht; 2436 struct neighbour *n = NULL; 2437 int bucket = state->bucket; 2438 2439 state->flags &= ~NEIGH_SEQ_IS_PNEIGH; 2440 for (bucket = 0; bucket < (1 << nht->hash_shift); bucket++) { 2441 n = rcu_dereference_bh(nht->hash_buckets[bucket]); 2442 2443 while (n) { 2444 if (!net_eq(dev_net(n->dev), net)) 2445 goto next; 2446 if (state->neigh_sub_iter) { 2447 loff_t fakep = 0; 2448 void *v; 2449 2450 v = state->neigh_sub_iter(state, n, &fakep); 2451 if (!v) 2452 goto next; 2453 } 2454 if (!(state->flags & NEIGH_SEQ_SKIP_NOARP)) 2455 break; 2456 if (n->nud_state & ~NUD_NOARP) 2457 break; 2458 next: 2459 n = rcu_dereference_bh(n->next); 2460 } 2461 2462 if (n) 2463 break; 2464 } 2465 state->bucket = bucket; 2466 2467 return n; 2468 } 2469 2470 static struct neighbour *neigh_get_next(struct seq_file *seq, 2471 struct neighbour *n, 2472 loff_t *pos) 2473 { 2474 struct neigh_seq_state *state = seq->private; 2475 struct net *net = seq_file_net(seq); 2476 struct neigh_hash_table *nht = state->nht; 2477 2478 if (state->neigh_sub_iter) { 2479 void *v = state->neigh_sub_iter(state, n, pos); 2480 if (v) 2481 return n; 2482 } 2483 n = rcu_dereference_bh(n->next); 2484 2485 while (1) { 2486 while (n) { 2487 if (!net_eq(dev_net(n->dev), net)) 2488 goto next; 2489 if (state->neigh_sub_iter) { 2490 void *v = state->neigh_sub_iter(state, n, pos); 2491 if (v) 2492 return n; 2493 goto next; 2494 } 2495 if (!(state->flags & NEIGH_SEQ_SKIP_NOARP)) 2496 break; 2497 2498 if (n->nud_state & ~NUD_NOARP) 2499 break; 2500 next: 2501 n = rcu_dereference_bh(n->next); 2502 } 2503 2504 if (n) 2505 break; 2506 2507 if (++state->bucket >= (1 << nht->hash_shift)) 2508 break; 2509 2510 n = rcu_dereference_bh(nht->hash_buckets[state->bucket]); 2511 } 2512 2513 if (n && pos) 2514 --(*pos); 2515 return n; 2516 } 2517 2518 static struct neighbour *neigh_get_idx(struct seq_file *seq, loff_t *pos) 2519 { 2520 struct neighbour *n = neigh_get_first(seq); 2521 2522 if (n) { 2523 --(*pos); 2524 while (*pos) { 2525 n = neigh_get_next(seq, n, pos); 2526 if (!n) 2527 break; 2528 } 2529 } 2530 return *pos ? NULL : n; 2531 } 2532 2533 static struct pneigh_entry *pneigh_get_first(struct seq_file *seq) 2534 { 2535 struct neigh_seq_state *state = seq->private; 2536 struct net *net = seq_file_net(seq); 2537 struct neigh_table *tbl = state->tbl; 2538 struct pneigh_entry *pn = NULL; 2539 int bucket = state->bucket; 2540 2541 state->flags |= NEIGH_SEQ_IS_PNEIGH; 2542 for (bucket = 0; bucket <= PNEIGH_HASHMASK; bucket++) { 2543 pn = tbl->phash_buckets[bucket]; 2544 while (pn && !net_eq(pneigh_net(pn), net)) 2545 pn = pn->next; 2546 if (pn) 2547 break; 2548 } 2549 state->bucket = bucket; 2550 2551 return pn; 2552 } 2553 2554 static struct pneigh_entry *pneigh_get_next(struct seq_file *seq, 2555 struct pneigh_entry *pn, 2556 loff_t *pos) 2557 { 2558 struct neigh_seq_state *state = seq->private; 2559 struct net *net = seq_file_net(seq); 2560 struct neigh_table *tbl = state->tbl; 2561 2562 do { 2563 pn = pn->next; 2564 } while (pn && !net_eq(pneigh_net(pn), net)); 2565 2566 while (!pn) { 2567 if (++state->bucket > PNEIGH_HASHMASK) 2568 break; 2569 pn = tbl->phash_buckets[state->bucket]; 2570 while (pn && !net_eq(pneigh_net(pn), net)) 2571 pn = pn->next; 2572 if (pn) 2573 break; 2574 } 2575 2576 if (pn && pos) 2577 --(*pos); 2578 2579 return pn; 2580 } 2581 2582 static struct pneigh_entry *pneigh_get_idx(struct seq_file *seq, loff_t *pos) 2583 { 2584 struct pneigh_entry *pn = pneigh_get_first(seq); 2585 2586 if (pn) { 2587 --(*pos); 2588 while (*pos) { 2589 pn = pneigh_get_next(seq, pn, pos); 2590 if (!pn) 2591 break; 2592 } 2593 } 2594 return *pos ? NULL : pn; 2595 } 2596 2597 static void *neigh_get_idx_any(struct seq_file *seq, loff_t *pos) 2598 { 2599 struct neigh_seq_state *state = seq->private; 2600 void *rc; 2601 loff_t idxpos = *pos; 2602 2603 rc = neigh_get_idx(seq, &idxpos); 2604 if (!rc && !(state->flags & NEIGH_SEQ_NEIGH_ONLY)) 2605 rc = pneigh_get_idx(seq, &idxpos); 2606 2607 return rc; 2608 } 2609 2610 void *neigh_seq_start(struct seq_file *seq, loff_t *pos, struct neigh_table *tbl, unsigned int neigh_seq_flags) 2611 __acquires(rcu_bh) 2612 { 2613 struct neigh_seq_state *state = seq->private; 2614 2615 state->tbl = tbl; 2616 state->bucket = 0; 2617 state->flags = (neigh_seq_flags & ~NEIGH_SEQ_IS_PNEIGH); 2618 2619 rcu_read_lock_bh(); 2620 state->nht = rcu_dereference_bh(tbl->nht); 2621 2622 return *pos ? neigh_get_idx_any(seq, pos) : SEQ_START_TOKEN; 2623 } 2624 EXPORT_SYMBOL(neigh_seq_start); 2625 2626 void *neigh_seq_next(struct seq_file *seq, void *v, loff_t *pos) 2627 { 2628 struct neigh_seq_state *state; 2629 void *rc; 2630 2631 if (v == SEQ_START_TOKEN) { 2632 rc = neigh_get_first(seq); 2633 goto out; 2634 } 2635 2636 state = seq->private; 2637 if (!(state->flags & NEIGH_SEQ_IS_PNEIGH)) { 2638 rc = neigh_get_next(seq, v, NULL); 2639 if (rc) 2640 goto out; 2641 if (!(state->flags & NEIGH_SEQ_NEIGH_ONLY)) 2642 rc = pneigh_get_first(seq); 2643 } else { 2644 BUG_ON(state->flags & NEIGH_SEQ_NEIGH_ONLY); 2645 rc = pneigh_get_next(seq, v, NULL); 2646 } 2647 out: 2648 ++(*pos); 2649 return rc; 2650 } 2651 EXPORT_SYMBOL(neigh_seq_next); 2652 2653 void neigh_seq_stop(struct seq_file *seq, void *v) 2654 __releases(rcu_bh) 2655 { 2656 rcu_read_unlock_bh(); 2657 } 2658 EXPORT_SYMBOL(neigh_seq_stop); 2659 2660 /* statistics via seq_file */ 2661 2662 static void *neigh_stat_seq_start(struct seq_file *seq, loff_t *pos) 2663 { 2664 struct neigh_table *tbl = seq->private; 2665 int cpu; 2666 2667 if (*pos == 0) 2668 return SEQ_START_TOKEN; 2669 2670 for (cpu = *pos-1; cpu < nr_cpu_ids; ++cpu) { 2671 if (!cpu_possible(cpu)) 2672 continue; 2673 *pos = cpu+1; 2674 return per_cpu_ptr(tbl->stats, cpu); 2675 } 2676 return NULL; 2677 } 2678 2679 static void *neigh_stat_seq_next(struct seq_file *seq, void *v, loff_t *pos) 2680 { 2681 struct neigh_table *tbl = seq->private; 2682 int cpu; 2683 2684 for (cpu = *pos; cpu < nr_cpu_ids; ++cpu) { 2685 if (!cpu_possible(cpu)) 2686 continue; 2687 *pos = cpu+1; 2688 return per_cpu_ptr(tbl->stats, cpu); 2689 } 2690 return NULL; 2691 } 2692 2693 static void neigh_stat_seq_stop(struct seq_file *seq, void *v) 2694 { 2695 2696 } 2697 2698 static int neigh_stat_seq_show(struct seq_file *seq, void *v) 2699 { 2700 struct neigh_table *tbl = seq->private; 2701 struct neigh_statistics *st = v; 2702 2703 if (v == SEQ_START_TOKEN) { 2704 seq_printf(seq, "entries allocs destroys hash_grows lookups hits res_failed rcv_probes_mcast rcv_probes_ucast periodic_gc_runs forced_gc_runs unresolved_discards\n"); 2705 return 0; 2706 } 2707 2708 seq_printf(seq, "%08x %08lx %08lx %08lx %08lx %08lx %08lx " 2709 "%08lx %08lx %08lx %08lx %08lx\n", 2710 atomic_read(&tbl->entries), 2711 2712 st->allocs, 2713 st->destroys, 2714 st->hash_grows, 2715 2716 st->lookups, 2717 st->hits, 2718 2719 st->res_failed, 2720 2721 st->rcv_probes_mcast, 2722 st->rcv_probes_ucast, 2723 2724 st->periodic_gc_runs, 2725 st->forced_gc_runs, 2726 st->unres_discards 2727 ); 2728 2729 return 0; 2730 } 2731 2732 static const struct seq_operations neigh_stat_seq_ops = { 2733 .start = neigh_stat_seq_start, 2734 .next = neigh_stat_seq_next, 2735 .stop = neigh_stat_seq_stop, 2736 .show = neigh_stat_seq_show, 2737 }; 2738 2739 static int neigh_stat_seq_open(struct inode *inode, struct file *file) 2740 { 2741 int ret = seq_open(file, &neigh_stat_seq_ops); 2742 2743 if (!ret) { 2744 struct seq_file *sf = file->private_data; 2745 sf->private = PDE_DATA(inode); 2746 } 2747 return ret; 2748 }; 2749 2750 static const struct file_operations neigh_stat_seq_fops = { 2751 .owner = THIS_MODULE, 2752 .open = neigh_stat_seq_open, 2753 .read = seq_read, 2754 .llseek = seq_lseek, 2755 .release = seq_release, 2756 }; 2757 2758 #endif /* CONFIG_PROC_FS */ 2759 2760 static inline size_t neigh_nlmsg_size(void) 2761 { 2762 return NLMSG_ALIGN(sizeof(struct ndmsg)) 2763 + nla_total_size(MAX_ADDR_LEN) /* NDA_DST */ 2764 + nla_total_size(MAX_ADDR_LEN) /* NDA_LLADDR */ 2765 + nla_total_size(sizeof(struct nda_cacheinfo)) 2766 + nla_total_size(4); /* NDA_PROBES */ 2767 } 2768 2769 static void __neigh_notify(struct neighbour *n, int type, int flags) 2770 { 2771 struct net *net = dev_net(n->dev); 2772 struct sk_buff *skb; 2773 int err = -ENOBUFS; 2774 2775 skb = nlmsg_new(neigh_nlmsg_size(), GFP_ATOMIC); 2776 if (skb == NULL) 2777 goto errout; 2778 2779 err = neigh_fill_info(skb, n, 0, 0, type, flags); 2780 if (err < 0) { 2781 /* -EMSGSIZE implies BUG in neigh_nlmsg_size() */ 2782 WARN_ON(err == -EMSGSIZE); 2783 kfree_skb(skb); 2784 goto errout; 2785 } 2786 rtnl_notify(skb, net, 0, RTNLGRP_NEIGH, NULL, GFP_ATOMIC); 2787 return; 2788 errout: 2789 if (err < 0) 2790 rtnl_set_sk_err(net, RTNLGRP_NEIGH, err); 2791 } 2792 2793 void neigh_app_ns(struct neighbour *n) 2794 { 2795 __neigh_notify(n, RTM_GETNEIGH, NLM_F_REQUEST); 2796 } 2797 EXPORT_SYMBOL(neigh_app_ns); 2798 2799 #ifdef CONFIG_SYSCTL 2800 static int zero; 2801 static int int_max = INT_MAX; 2802 static int unres_qlen_max = INT_MAX / SKB_TRUESIZE(ETH_FRAME_LEN); 2803 2804 static int proc_unres_qlen(struct ctl_table *ctl, int write, 2805 void __user *buffer, size_t *lenp, loff_t *ppos) 2806 { 2807 int size, ret; 2808 struct ctl_table tmp = *ctl; 2809 2810 tmp.extra1 = &zero; 2811 tmp.extra2 = &unres_qlen_max; 2812 tmp.data = &size; 2813 2814 size = *(int *)ctl->data / SKB_TRUESIZE(ETH_FRAME_LEN); 2815 ret = proc_dointvec_minmax(&tmp, write, buffer, lenp, ppos); 2816 2817 if (write && !ret) 2818 *(int *)ctl->data = size * SKB_TRUESIZE(ETH_FRAME_LEN); 2819 return ret; 2820 } 2821 2822 static struct neigh_parms *neigh_get_dev_parms_rcu(struct net_device *dev, 2823 int family) 2824 { 2825 switch (family) { 2826 case AF_INET: 2827 return __in_dev_arp_parms_get_rcu(dev); 2828 case AF_INET6: 2829 return __in6_dev_nd_parms_get_rcu(dev); 2830 } 2831 return NULL; 2832 } 2833 2834 static void neigh_copy_dflt_parms(struct net *net, struct neigh_parms *p, 2835 int index) 2836 { 2837 struct net_device *dev; 2838 int family = neigh_parms_family(p); 2839 2840 rcu_read_lock(); 2841 for_each_netdev_rcu(net, dev) { 2842 struct neigh_parms *dst_p = 2843 neigh_get_dev_parms_rcu(dev, family); 2844 2845 if (dst_p && !test_bit(index, dst_p->data_state)) 2846 dst_p->data[index] = p->data[index]; 2847 } 2848 rcu_read_unlock(); 2849 } 2850 2851 static void neigh_proc_update(struct ctl_table *ctl, int write) 2852 { 2853 struct net_device *dev = ctl->extra1; 2854 struct neigh_parms *p = ctl->extra2; 2855 struct net *net = neigh_parms_net(p); 2856 int index = (int *) ctl->data - p->data; 2857 2858 if (!write) 2859 return; 2860 2861 set_bit(index, p->data_state); 2862 if (!dev) /* NULL dev means this is default value */ 2863 neigh_copy_dflt_parms(net, p, index); 2864 } 2865 2866 static int neigh_proc_dointvec_zero_intmax(struct ctl_table *ctl, int write, 2867 void __user *buffer, 2868 size_t *lenp, loff_t *ppos) 2869 { 2870 struct ctl_table tmp = *ctl; 2871 int ret; 2872 2873 tmp.extra1 = &zero; 2874 tmp.extra2 = &int_max; 2875 2876 ret = proc_dointvec_minmax(&tmp, write, buffer, lenp, ppos); 2877 neigh_proc_update(ctl, write); 2878 return ret; 2879 } 2880 2881 int neigh_proc_dointvec(struct ctl_table *ctl, int write, 2882 void __user *buffer, size_t *lenp, loff_t *ppos) 2883 { 2884 int ret = proc_dointvec(ctl, write, buffer, lenp, ppos); 2885 2886 neigh_proc_update(ctl, write); 2887 return ret; 2888 } 2889 EXPORT_SYMBOL(neigh_proc_dointvec); 2890 2891 int neigh_proc_dointvec_jiffies(struct ctl_table *ctl, int write, 2892 void __user *buffer, 2893 size_t *lenp, loff_t *ppos) 2894 { 2895 int ret = proc_dointvec_jiffies(ctl, write, buffer, lenp, ppos); 2896 2897 neigh_proc_update(ctl, write); 2898 return ret; 2899 } 2900 EXPORT_SYMBOL(neigh_proc_dointvec_jiffies); 2901 2902 static int neigh_proc_dointvec_userhz_jiffies(struct ctl_table *ctl, int write, 2903 void __user *buffer, 2904 size_t *lenp, loff_t *ppos) 2905 { 2906 int ret = proc_dointvec_userhz_jiffies(ctl, write, buffer, lenp, ppos); 2907 2908 neigh_proc_update(ctl, write); 2909 return ret; 2910 } 2911 2912 int neigh_proc_dointvec_ms_jiffies(struct ctl_table *ctl, int write, 2913 void __user *buffer, 2914 size_t *lenp, loff_t *ppos) 2915 { 2916 int ret = proc_dointvec_ms_jiffies(ctl, write, buffer, lenp, ppos); 2917 2918 neigh_proc_update(ctl, write); 2919 return ret; 2920 } 2921 EXPORT_SYMBOL(neigh_proc_dointvec_ms_jiffies); 2922 2923 static int neigh_proc_dointvec_unres_qlen(struct ctl_table *ctl, int write, 2924 void __user *buffer, 2925 size_t *lenp, loff_t *ppos) 2926 { 2927 int ret = proc_unres_qlen(ctl, write, buffer, lenp, ppos); 2928 2929 neigh_proc_update(ctl, write); 2930 return ret; 2931 } 2932 2933 static int neigh_proc_base_reachable_time(struct ctl_table *ctl, int write, 2934 void __user *buffer, 2935 size_t *lenp, loff_t *ppos) 2936 { 2937 struct neigh_parms *p = ctl->extra2; 2938 int ret; 2939 2940 if (strcmp(ctl->procname, "base_reachable_time") == 0) 2941 ret = neigh_proc_dointvec_jiffies(ctl, write, buffer, lenp, ppos); 2942 else if (strcmp(ctl->procname, "base_reachable_time_ms") == 0) 2943 ret = neigh_proc_dointvec_ms_jiffies(ctl, write, buffer, lenp, ppos); 2944 else 2945 ret = -1; 2946 2947 if (write && ret == 0) { 2948 /* update reachable_time as well, otherwise, the change will 2949 * only be effective after the next time neigh_periodic_work 2950 * decides to recompute it 2951 */ 2952 p->reachable_time = 2953 neigh_rand_reach_time(NEIGH_VAR(p, BASE_REACHABLE_TIME)); 2954 } 2955 return ret; 2956 } 2957 2958 #define NEIGH_PARMS_DATA_OFFSET(index) \ 2959 (&((struct neigh_parms *) 0)->data[index]) 2960 2961 #define NEIGH_SYSCTL_ENTRY(attr, data_attr, name, mval, proc) \ 2962 [NEIGH_VAR_ ## attr] = { \ 2963 .procname = name, \ 2964 .data = NEIGH_PARMS_DATA_OFFSET(NEIGH_VAR_ ## data_attr), \ 2965 .maxlen = sizeof(int), \ 2966 .mode = mval, \ 2967 .proc_handler = proc, \ 2968 } 2969 2970 #define NEIGH_SYSCTL_ZERO_INTMAX_ENTRY(attr, name) \ 2971 NEIGH_SYSCTL_ENTRY(attr, attr, name, 0644, neigh_proc_dointvec_zero_intmax) 2972 2973 #define NEIGH_SYSCTL_JIFFIES_ENTRY(attr, name) \ 2974 NEIGH_SYSCTL_ENTRY(attr, attr, name, 0644, neigh_proc_dointvec_jiffies) 2975 2976 #define NEIGH_SYSCTL_USERHZ_JIFFIES_ENTRY(attr, name) \ 2977 NEIGH_SYSCTL_ENTRY(attr, attr, name, 0644, neigh_proc_dointvec_userhz_jiffies) 2978 2979 #define NEIGH_SYSCTL_MS_JIFFIES_ENTRY(attr, name) \ 2980 NEIGH_SYSCTL_ENTRY(attr, attr, name, 0644, neigh_proc_dointvec_ms_jiffies) 2981 2982 #define NEIGH_SYSCTL_MS_JIFFIES_REUSED_ENTRY(attr, data_attr, name) \ 2983 NEIGH_SYSCTL_ENTRY(attr, data_attr, name, 0644, neigh_proc_dointvec_ms_jiffies) 2984 2985 #define NEIGH_SYSCTL_UNRES_QLEN_REUSED_ENTRY(attr, data_attr, name) \ 2986 NEIGH_SYSCTL_ENTRY(attr, data_attr, name, 0644, neigh_proc_dointvec_unres_qlen) 2987 2988 static struct neigh_sysctl_table { 2989 struct ctl_table_header *sysctl_header; 2990 struct ctl_table neigh_vars[NEIGH_VAR_MAX + 1]; 2991 } neigh_sysctl_template __read_mostly = { 2992 .neigh_vars = { 2993 NEIGH_SYSCTL_ZERO_INTMAX_ENTRY(MCAST_PROBES, "mcast_solicit"), 2994 NEIGH_SYSCTL_ZERO_INTMAX_ENTRY(UCAST_PROBES, "ucast_solicit"), 2995 NEIGH_SYSCTL_ZERO_INTMAX_ENTRY(APP_PROBES, "app_solicit"), 2996 NEIGH_SYSCTL_ZERO_INTMAX_ENTRY(MCAST_REPROBES, "mcast_resolicit"), 2997 NEIGH_SYSCTL_USERHZ_JIFFIES_ENTRY(RETRANS_TIME, "retrans_time"), 2998 NEIGH_SYSCTL_JIFFIES_ENTRY(BASE_REACHABLE_TIME, "base_reachable_time"), 2999 NEIGH_SYSCTL_JIFFIES_ENTRY(DELAY_PROBE_TIME, "delay_first_probe_time"), 3000 NEIGH_SYSCTL_JIFFIES_ENTRY(GC_STALETIME, "gc_stale_time"), 3001 NEIGH_SYSCTL_ZERO_INTMAX_ENTRY(QUEUE_LEN_BYTES, "unres_qlen_bytes"), 3002 NEIGH_SYSCTL_ZERO_INTMAX_ENTRY(PROXY_QLEN, "proxy_qlen"), 3003 NEIGH_SYSCTL_USERHZ_JIFFIES_ENTRY(ANYCAST_DELAY, "anycast_delay"), 3004 NEIGH_SYSCTL_USERHZ_JIFFIES_ENTRY(PROXY_DELAY, "proxy_delay"), 3005 NEIGH_SYSCTL_USERHZ_JIFFIES_ENTRY(LOCKTIME, "locktime"), 3006 NEIGH_SYSCTL_UNRES_QLEN_REUSED_ENTRY(QUEUE_LEN, QUEUE_LEN_BYTES, "unres_qlen"), 3007 NEIGH_SYSCTL_MS_JIFFIES_REUSED_ENTRY(RETRANS_TIME_MS, RETRANS_TIME, "retrans_time_ms"), 3008 NEIGH_SYSCTL_MS_JIFFIES_REUSED_ENTRY(BASE_REACHABLE_TIME_MS, BASE_REACHABLE_TIME, "base_reachable_time_ms"), 3009 [NEIGH_VAR_GC_INTERVAL] = { 3010 .procname = "gc_interval", 3011 .maxlen = sizeof(int), 3012 .mode = 0644, 3013 .proc_handler = proc_dointvec_jiffies, 3014 }, 3015 [NEIGH_VAR_GC_THRESH1] = { 3016 .procname = "gc_thresh1", 3017 .maxlen = sizeof(int), 3018 .mode = 0644, 3019 .extra1 = &zero, 3020 .extra2 = &int_max, 3021 .proc_handler = proc_dointvec_minmax, 3022 }, 3023 [NEIGH_VAR_GC_THRESH2] = { 3024 .procname = "gc_thresh2", 3025 .maxlen = sizeof(int), 3026 .mode = 0644, 3027 .extra1 = &zero, 3028 .extra2 = &int_max, 3029 .proc_handler = proc_dointvec_minmax, 3030 }, 3031 [NEIGH_VAR_GC_THRESH3] = { 3032 .procname = "gc_thresh3", 3033 .maxlen = sizeof(int), 3034 .mode = 0644, 3035 .extra1 = &zero, 3036 .extra2 = &int_max, 3037 .proc_handler = proc_dointvec_minmax, 3038 }, 3039 {}, 3040 }, 3041 }; 3042 3043 int neigh_sysctl_register(struct net_device *dev, struct neigh_parms *p, 3044 proc_handler *handler) 3045 { 3046 int i; 3047 struct neigh_sysctl_table *t; 3048 const char *dev_name_source; 3049 char neigh_path[ sizeof("net//neigh/") + IFNAMSIZ + IFNAMSIZ ]; 3050 char *p_name; 3051 3052 t = kmemdup(&neigh_sysctl_template, sizeof(*t), GFP_KERNEL); 3053 if (!t) 3054 goto err; 3055 3056 for (i = 0; i < NEIGH_VAR_GC_INTERVAL; i++) { 3057 t->neigh_vars[i].data += (long) p; 3058 t->neigh_vars[i].extra1 = dev; 3059 t->neigh_vars[i].extra2 = p; 3060 } 3061 3062 if (dev) { 3063 dev_name_source = dev->name; 3064 /* Terminate the table early */ 3065 memset(&t->neigh_vars[NEIGH_VAR_GC_INTERVAL], 0, 3066 sizeof(t->neigh_vars[NEIGH_VAR_GC_INTERVAL])); 3067 } else { 3068 struct neigh_table *tbl = p->tbl; 3069 dev_name_source = "default"; 3070 t->neigh_vars[NEIGH_VAR_GC_INTERVAL].data = &tbl->gc_interval; 3071 t->neigh_vars[NEIGH_VAR_GC_THRESH1].data = &tbl->gc_thresh1; 3072 t->neigh_vars[NEIGH_VAR_GC_THRESH2].data = &tbl->gc_thresh2; 3073 t->neigh_vars[NEIGH_VAR_GC_THRESH3].data = &tbl->gc_thresh3; 3074 } 3075 3076 if (handler) { 3077 /* RetransTime */ 3078 t->neigh_vars[NEIGH_VAR_RETRANS_TIME].proc_handler = handler; 3079 /* ReachableTime */ 3080 t->neigh_vars[NEIGH_VAR_BASE_REACHABLE_TIME].proc_handler = handler; 3081 /* RetransTime (in milliseconds)*/ 3082 t->neigh_vars[NEIGH_VAR_RETRANS_TIME_MS].proc_handler = handler; 3083 /* ReachableTime (in milliseconds) */ 3084 t->neigh_vars[NEIGH_VAR_BASE_REACHABLE_TIME_MS].proc_handler = handler; 3085 } else { 3086 /* Those handlers will update p->reachable_time after 3087 * base_reachable_time(_ms) is set to ensure the new timer starts being 3088 * applied after the next neighbour update instead of waiting for 3089 * neigh_periodic_work to update its value (can be multiple minutes) 3090 * So any handler that replaces them should do this as well 3091 */ 3092 /* ReachableTime */ 3093 t->neigh_vars[NEIGH_VAR_BASE_REACHABLE_TIME].proc_handler = 3094 neigh_proc_base_reachable_time; 3095 /* ReachableTime (in milliseconds) */ 3096 t->neigh_vars[NEIGH_VAR_BASE_REACHABLE_TIME_MS].proc_handler = 3097 neigh_proc_base_reachable_time; 3098 } 3099 3100 /* Don't export sysctls to unprivileged users */ 3101 if (neigh_parms_net(p)->user_ns != &init_user_ns) 3102 t->neigh_vars[0].procname = NULL; 3103 3104 switch (neigh_parms_family(p)) { 3105 case AF_INET: 3106 p_name = "ipv4"; 3107 break; 3108 case AF_INET6: 3109 p_name = "ipv6"; 3110 break; 3111 default: 3112 BUG(); 3113 } 3114 3115 snprintf(neigh_path, sizeof(neigh_path), "net/%s/neigh/%s", 3116 p_name, dev_name_source); 3117 t->sysctl_header = 3118 register_net_sysctl(neigh_parms_net(p), neigh_path, t->neigh_vars); 3119 if (!t->sysctl_header) 3120 goto free; 3121 3122 p->sysctl_table = t; 3123 return 0; 3124 3125 free: 3126 kfree(t); 3127 err: 3128 return -ENOBUFS; 3129 } 3130 EXPORT_SYMBOL(neigh_sysctl_register); 3131 3132 void neigh_sysctl_unregister(struct neigh_parms *p) 3133 { 3134 if (p->sysctl_table) { 3135 struct neigh_sysctl_table *t = p->sysctl_table; 3136 p->sysctl_table = NULL; 3137 unregister_net_sysctl_table(t->sysctl_header); 3138 kfree(t); 3139 } 3140 } 3141 EXPORT_SYMBOL(neigh_sysctl_unregister); 3142 3143 #endif /* CONFIG_SYSCTL */ 3144 3145 static int __init neigh_init(void) 3146 { 3147 rtnl_register(PF_UNSPEC, RTM_NEWNEIGH, neigh_add, NULL, NULL); 3148 rtnl_register(PF_UNSPEC, RTM_DELNEIGH, neigh_delete, NULL, NULL); 3149 rtnl_register(PF_UNSPEC, RTM_GETNEIGH, NULL, neigh_dump_info, NULL); 3150 3151 rtnl_register(PF_UNSPEC, RTM_GETNEIGHTBL, NULL, neightbl_dump_info, 3152 NULL); 3153 rtnl_register(PF_UNSPEC, RTM_SETNEIGHTBL, neightbl_set, NULL, NULL); 3154 3155 return 0; 3156 } 3157 3158 subsys_initcall(neigh_init); 3159 3160