11da177e4SLinus Torvalds /* 21da177e4SLinus Torvalds * ip6_flowlabel.c IPv6 flowlabel manager. 31da177e4SLinus Torvalds * 41da177e4SLinus Torvalds * This program is free software; you can redistribute it and/or 51da177e4SLinus Torvalds * modify it under the terms of the GNU General Public License 61da177e4SLinus Torvalds * as published by the Free Software Foundation; either version 71da177e4SLinus Torvalds * 2 of the License, or (at your option) any later version. 81da177e4SLinus Torvalds * 91da177e4SLinus Torvalds * Authors: Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru> 101da177e4SLinus Torvalds */ 111da177e4SLinus Torvalds 124fc268d2SRandy Dunlap #include <linux/capability.h> 131da177e4SLinus Torvalds #include <linux/errno.h> 141da177e4SLinus Torvalds #include <linux/types.h> 151da177e4SLinus Torvalds #include <linux/socket.h> 161da177e4SLinus Torvalds #include <linux/net.h> 171da177e4SLinus Torvalds #include <linux/netdevice.h> 181da177e4SLinus Torvalds #include <linux/if_arp.h> 191da177e4SLinus Torvalds #include <linux/in6.h> 201da177e4SLinus Torvalds #include <linux/route.h> 211da177e4SLinus Torvalds #include <linux/proc_fs.h> 221da177e4SLinus Torvalds #include <linux/seq_file.h> 231da177e4SLinus Torvalds 24457c4cbcSEric W. Biederman #include <net/net_namespace.h> 251da177e4SLinus Torvalds #include <net/sock.h> 261da177e4SLinus Torvalds 271da177e4SLinus Torvalds #include <net/ipv6.h> 281da177e4SLinus Torvalds #include <net/ndisc.h> 291da177e4SLinus Torvalds #include <net/protocol.h> 301da177e4SLinus Torvalds #include <net/ip6_route.h> 311da177e4SLinus Torvalds #include <net/addrconf.h> 321da177e4SLinus Torvalds #include <net/rawv6.h> 331da177e4SLinus Torvalds #include <net/icmp.h> 341da177e4SLinus Torvalds #include <net/transp_v6.h> 351da177e4SLinus Torvalds 361da177e4SLinus Torvalds #include <asm/uaccess.h> 371da177e4SLinus Torvalds 381da177e4SLinus Torvalds #define FL_MIN_LINGER 6 /* Minimal linger. It is set to 6sec specified 391da177e4SLinus Torvalds in old IPv6 RFC. Well, it was reasonable value. 401da177e4SLinus Torvalds */ 411da177e4SLinus Torvalds #define FL_MAX_LINGER 60 /* Maximal linger timeout */ 421da177e4SLinus Torvalds 431da177e4SLinus Torvalds /* FL hash table */ 441da177e4SLinus Torvalds 451da177e4SLinus Torvalds #define FL_MAX_PER_SOCK 32 461da177e4SLinus Torvalds #define FL_MAX_SIZE 4096 471da177e4SLinus Torvalds #define FL_HASH_MASK 255 481da177e4SLinus Torvalds #define FL_HASH(l) (ntohl(l)&FL_HASH_MASK) 491da177e4SLinus Torvalds 501da177e4SLinus Torvalds static atomic_t fl_size = ATOMIC_INIT(0); 511da177e4SLinus Torvalds static struct ip6_flowlabel *fl_ht[FL_HASH_MASK+1]; 521da177e4SLinus Torvalds 531da177e4SLinus Torvalds static void ip6_fl_gc(unsigned long dummy); 548d06afabSIngo Molnar static DEFINE_TIMER(ip6_fl_gc_timer, ip6_fl_gc, 0, 0); 551da177e4SLinus Torvalds 561da177e4SLinus Torvalds /* FL hash table lock: it protects only of GC */ 571da177e4SLinus Torvalds 581da177e4SLinus Torvalds static DEFINE_RWLOCK(ip6_fl_lock); 591da177e4SLinus Torvalds 601da177e4SLinus Torvalds /* Big socket sock */ 611da177e4SLinus Torvalds 621da177e4SLinus Torvalds static DEFINE_RWLOCK(ip6_sk_fl_lock); 631da177e4SLinus Torvalds 641da177e4SLinus Torvalds 6590bcaf7bSAl Viro static __inline__ struct ip6_flowlabel * __fl_lookup(__be32 label) 661da177e4SLinus Torvalds { 671da177e4SLinus Torvalds struct ip6_flowlabel *fl; 681da177e4SLinus Torvalds 691da177e4SLinus Torvalds for (fl=fl_ht[FL_HASH(label)]; fl; fl = fl->next) { 701da177e4SLinus Torvalds if (fl->label == label) 711da177e4SLinus Torvalds return fl; 721da177e4SLinus Torvalds } 731da177e4SLinus Torvalds return NULL; 741da177e4SLinus Torvalds } 751da177e4SLinus Torvalds 7690bcaf7bSAl Viro static struct ip6_flowlabel * fl_lookup(__be32 label) 771da177e4SLinus Torvalds { 781da177e4SLinus Torvalds struct ip6_flowlabel *fl; 791da177e4SLinus Torvalds 801da177e4SLinus Torvalds read_lock_bh(&ip6_fl_lock); 811da177e4SLinus Torvalds fl = __fl_lookup(label); 821da177e4SLinus Torvalds if (fl) 831da177e4SLinus Torvalds atomic_inc(&fl->users); 841da177e4SLinus Torvalds read_unlock_bh(&ip6_fl_lock); 851da177e4SLinus Torvalds return fl; 861da177e4SLinus Torvalds } 871da177e4SLinus Torvalds 881da177e4SLinus Torvalds 891da177e4SLinus Torvalds static void fl_free(struct ip6_flowlabel *fl) 901da177e4SLinus Torvalds { 911da177e4SLinus Torvalds if (fl) 921da177e4SLinus Torvalds kfree(fl->opt); 931da177e4SLinus Torvalds kfree(fl); 941da177e4SLinus Torvalds } 951da177e4SLinus Torvalds 961da177e4SLinus Torvalds static void fl_release(struct ip6_flowlabel *fl) 971da177e4SLinus Torvalds { 981da177e4SLinus Torvalds write_lock_bh(&ip6_fl_lock); 991da177e4SLinus Torvalds 1001da177e4SLinus Torvalds fl->lastuse = jiffies; 1011da177e4SLinus Torvalds if (atomic_dec_and_test(&fl->users)) { 1021da177e4SLinus Torvalds unsigned long ttd = fl->lastuse + fl->linger; 1031da177e4SLinus Torvalds if (time_after(ttd, fl->expires)) 1041da177e4SLinus Torvalds fl->expires = ttd; 1051da177e4SLinus Torvalds ttd = fl->expires; 1061da177e4SLinus Torvalds if (fl->opt && fl->share == IPV6_FL_S_EXCL) { 1071da177e4SLinus Torvalds struct ipv6_txoptions *opt = fl->opt; 1081da177e4SLinus Torvalds fl->opt = NULL; 1091da177e4SLinus Torvalds kfree(opt); 1101da177e4SLinus Torvalds } 1111da177e4SLinus Torvalds if (!timer_pending(&ip6_fl_gc_timer) || 1121da177e4SLinus Torvalds time_after(ip6_fl_gc_timer.expires, ttd)) 1131da177e4SLinus Torvalds mod_timer(&ip6_fl_gc_timer, ttd); 1141da177e4SLinus Torvalds } 1151da177e4SLinus Torvalds 1161da177e4SLinus Torvalds write_unlock_bh(&ip6_fl_lock); 1171da177e4SLinus Torvalds } 1181da177e4SLinus Torvalds 1191da177e4SLinus Torvalds static void ip6_fl_gc(unsigned long dummy) 1201da177e4SLinus Torvalds { 1211da177e4SLinus Torvalds int i; 1221da177e4SLinus Torvalds unsigned long now = jiffies; 1231da177e4SLinus Torvalds unsigned long sched = 0; 1241da177e4SLinus Torvalds 1251da177e4SLinus Torvalds write_lock(&ip6_fl_lock); 1261da177e4SLinus Torvalds 1271da177e4SLinus Torvalds for (i=0; i<=FL_HASH_MASK; i++) { 1281da177e4SLinus Torvalds struct ip6_flowlabel *fl, **flp; 1291da177e4SLinus Torvalds flp = &fl_ht[i]; 1301da177e4SLinus Torvalds while ((fl=*flp) != NULL) { 1311da177e4SLinus Torvalds if (atomic_read(&fl->users) == 0) { 1321da177e4SLinus Torvalds unsigned long ttd = fl->lastuse + fl->linger; 1331da177e4SLinus Torvalds if (time_after(ttd, fl->expires)) 1341da177e4SLinus Torvalds fl->expires = ttd; 1351da177e4SLinus Torvalds ttd = fl->expires; 1361da177e4SLinus Torvalds if (time_after_eq(now, ttd)) { 1371da177e4SLinus Torvalds *flp = fl->next; 1381da177e4SLinus Torvalds fl_free(fl); 1391da177e4SLinus Torvalds atomic_dec(&fl_size); 1401da177e4SLinus Torvalds continue; 1411da177e4SLinus Torvalds } 1421da177e4SLinus Torvalds if (!sched || time_before(ttd, sched)) 1431da177e4SLinus Torvalds sched = ttd; 1441da177e4SLinus Torvalds } 1451da177e4SLinus Torvalds flp = &fl->next; 1461da177e4SLinus Torvalds } 1471da177e4SLinus Torvalds } 1481da177e4SLinus Torvalds if (!sched && atomic_read(&fl_size)) 1491da177e4SLinus Torvalds sched = now + FL_MAX_LINGER; 1501da177e4SLinus Torvalds if (sched) { 1511da177e4SLinus Torvalds ip6_fl_gc_timer.expires = sched; 1521da177e4SLinus Torvalds add_timer(&ip6_fl_gc_timer); 1531da177e4SLinus Torvalds } 1541da177e4SLinus Torvalds write_unlock(&ip6_fl_lock); 1551da177e4SLinus Torvalds } 1561da177e4SLinus Torvalds 15790bcaf7bSAl Viro static int fl_intern(struct ip6_flowlabel *fl, __be32 label) 1581da177e4SLinus Torvalds { 1591da177e4SLinus Torvalds fl->label = label & IPV6_FLOWLABEL_MASK; 1601da177e4SLinus Torvalds 1611da177e4SLinus Torvalds write_lock_bh(&ip6_fl_lock); 1621da177e4SLinus Torvalds if (label == 0) { 1631da177e4SLinus Torvalds for (;;) { 1641da177e4SLinus Torvalds fl->label = htonl(net_random())&IPV6_FLOWLABEL_MASK; 1651da177e4SLinus Torvalds if (fl->label) { 1661da177e4SLinus Torvalds struct ip6_flowlabel *lfl; 1671da177e4SLinus Torvalds lfl = __fl_lookup(fl->label); 1681da177e4SLinus Torvalds if (lfl == NULL) 1691da177e4SLinus Torvalds break; 1701da177e4SLinus Torvalds } 1711da177e4SLinus Torvalds } 1721da177e4SLinus Torvalds } 1731da177e4SLinus Torvalds 1741da177e4SLinus Torvalds fl->lastuse = jiffies; 1751da177e4SLinus Torvalds fl->next = fl_ht[FL_HASH(fl->label)]; 1761da177e4SLinus Torvalds fl_ht[FL_HASH(fl->label)] = fl; 1771da177e4SLinus Torvalds atomic_inc(&fl_size); 1781da177e4SLinus Torvalds write_unlock_bh(&ip6_fl_lock); 1791da177e4SLinus Torvalds return 0; 1801da177e4SLinus Torvalds } 1811da177e4SLinus Torvalds 1821da177e4SLinus Torvalds 1831da177e4SLinus Torvalds 1841da177e4SLinus Torvalds /* Socket flowlabel lists */ 1851da177e4SLinus Torvalds 18690bcaf7bSAl Viro struct ip6_flowlabel * fl6_sock_lookup(struct sock *sk, __be32 label) 1871da177e4SLinus Torvalds { 1881da177e4SLinus Torvalds struct ipv6_fl_socklist *sfl; 1891da177e4SLinus Torvalds struct ipv6_pinfo *np = inet6_sk(sk); 1901da177e4SLinus Torvalds 1911da177e4SLinus Torvalds label &= IPV6_FLOWLABEL_MASK; 1921da177e4SLinus Torvalds 193bd0bf577SPavel Emelyanov read_lock_bh(&ip6_sk_fl_lock); 1941da177e4SLinus Torvalds for (sfl=np->ipv6_fl_list; sfl; sfl = sfl->next) { 1951da177e4SLinus Torvalds struct ip6_flowlabel *fl = sfl->fl; 1961da177e4SLinus Torvalds if (fl->label == label) { 197bd0bf577SPavel Emelyanov read_unlock_bh(&ip6_sk_fl_lock); 1981da177e4SLinus Torvalds fl->lastuse = jiffies; 1991da177e4SLinus Torvalds atomic_inc(&fl->users); 2001da177e4SLinus Torvalds return fl; 2011da177e4SLinus Torvalds } 2021da177e4SLinus Torvalds } 203bd0bf577SPavel Emelyanov read_unlock_bh(&ip6_sk_fl_lock); 2041da177e4SLinus Torvalds return NULL; 2051da177e4SLinus Torvalds } 2061da177e4SLinus Torvalds 2073cf3dc6cSArnaldo Carvalho de Melo EXPORT_SYMBOL_GPL(fl6_sock_lookup); 2083cf3dc6cSArnaldo Carvalho de Melo 2091da177e4SLinus Torvalds void fl6_free_socklist(struct sock *sk) 2101da177e4SLinus Torvalds { 2111da177e4SLinus Torvalds struct ipv6_pinfo *np = inet6_sk(sk); 2121da177e4SLinus Torvalds struct ipv6_fl_socklist *sfl; 2131da177e4SLinus Torvalds 2141da177e4SLinus Torvalds while ((sfl = np->ipv6_fl_list) != NULL) { 2151da177e4SLinus Torvalds np->ipv6_fl_list = sfl->next; 2161da177e4SLinus Torvalds fl_release(sfl->fl); 2171da177e4SLinus Torvalds kfree(sfl); 2181da177e4SLinus Torvalds } 2191da177e4SLinus Torvalds } 2201da177e4SLinus Torvalds 2211da177e4SLinus Torvalds /* Service routines */ 2221da177e4SLinus Torvalds 2231da177e4SLinus Torvalds 2241da177e4SLinus Torvalds /* 2251da177e4SLinus Torvalds It is the only difficult place. flowlabel enforces equal headers 2261da177e4SLinus Torvalds before and including routing header, however user may supply options 2271da177e4SLinus Torvalds following rthdr. 2281da177e4SLinus Torvalds */ 2291da177e4SLinus Torvalds 2301da177e4SLinus Torvalds struct ipv6_txoptions *fl6_merge_options(struct ipv6_txoptions * opt_space, 2311da177e4SLinus Torvalds struct ip6_flowlabel * fl, 2321da177e4SLinus Torvalds struct ipv6_txoptions * fopt) 2331da177e4SLinus Torvalds { 234df9890c3SYOSHIFUJI Hideaki struct ipv6_txoptions * fl_opt = fl->opt; 2351da177e4SLinus Torvalds 236df9890c3SYOSHIFUJI Hideaki if (fopt == NULL || fopt->opt_flen == 0) 2371da177e4SLinus Torvalds return fl_opt; 2381da177e4SLinus Torvalds 2391da177e4SLinus Torvalds if (fl_opt != NULL) { 2401da177e4SLinus Torvalds opt_space->hopopt = fl_opt->hopopt; 241df9890c3SYOSHIFUJI Hideaki opt_space->dst0opt = fl_opt->dst0opt; 2421da177e4SLinus Torvalds opt_space->srcrt = fl_opt->srcrt; 2431da177e4SLinus Torvalds opt_space->opt_nflen = fl_opt->opt_nflen; 2441da177e4SLinus Torvalds } else { 2451da177e4SLinus Torvalds if (fopt->opt_nflen == 0) 2461da177e4SLinus Torvalds return fopt; 2471da177e4SLinus Torvalds opt_space->hopopt = NULL; 2481da177e4SLinus Torvalds opt_space->dst0opt = NULL; 2491da177e4SLinus Torvalds opt_space->srcrt = NULL; 2501da177e4SLinus Torvalds opt_space->opt_nflen = 0; 2511da177e4SLinus Torvalds } 2521da177e4SLinus Torvalds opt_space->dst1opt = fopt->dst1opt; 2531da177e4SLinus Torvalds opt_space->opt_flen = fopt->opt_flen; 2541da177e4SLinus Torvalds return opt_space; 2551da177e4SLinus Torvalds } 2561da177e4SLinus Torvalds 2571da177e4SLinus Torvalds static unsigned long check_linger(unsigned long ttl) 2581da177e4SLinus Torvalds { 2591da177e4SLinus Torvalds if (ttl < FL_MIN_LINGER) 2601da177e4SLinus Torvalds return FL_MIN_LINGER*HZ; 2611da177e4SLinus Torvalds if (ttl > FL_MAX_LINGER && !capable(CAP_NET_ADMIN)) 2621da177e4SLinus Torvalds return 0; 2631da177e4SLinus Torvalds return ttl*HZ; 2641da177e4SLinus Torvalds } 2651da177e4SLinus Torvalds 2661da177e4SLinus Torvalds static int fl6_renew(struct ip6_flowlabel *fl, unsigned long linger, unsigned long expires) 2671da177e4SLinus Torvalds { 2681da177e4SLinus Torvalds linger = check_linger(linger); 2691da177e4SLinus Torvalds if (!linger) 2701da177e4SLinus Torvalds return -EPERM; 2711da177e4SLinus Torvalds expires = check_linger(expires); 2721da177e4SLinus Torvalds if (!expires) 2731da177e4SLinus Torvalds return -EPERM; 2741da177e4SLinus Torvalds fl->lastuse = jiffies; 2751da177e4SLinus Torvalds if (time_before(fl->linger, linger)) 2761da177e4SLinus Torvalds fl->linger = linger; 2771da177e4SLinus Torvalds if (time_before(expires, fl->linger)) 2781da177e4SLinus Torvalds expires = fl->linger; 2791da177e4SLinus Torvalds if (time_before(fl->expires, fl->lastuse + expires)) 2801da177e4SLinus Torvalds fl->expires = fl->lastuse + expires; 2811da177e4SLinus Torvalds return 0; 2821da177e4SLinus Torvalds } 2831da177e4SLinus Torvalds 2841da177e4SLinus Torvalds static struct ip6_flowlabel * 2851da177e4SLinus Torvalds fl_create(struct in6_flowlabel_req *freq, char __user *optval, int optlen, int *err_p) 2861da177e4SLinus Torvalds { 2871da177e4SLinus Torvalds struct ip6_flowlabel *fl; 2881da177e4SLinus Torvalds int olen; 2891da177e4SLinus Torvalds int addr_type; 2901da177e4SLinus Torvalds int err; 2911da177e4SLinus Torvalds 2921da177e4SLinus Torvalds err = -ENOMEM; 2930c600edaSIngo Oeser fl = kzalloc(sizeof(*fl), GFP_KERNEL); 2941da177e4SLinus Torvalds if (fl == NULL) 2951da177e4SLinus Torvalds goto done; 2961da177e4SLinus Torvalds 2971da177e4SLinus Torvalds olen = optlen - CMSG_ALIGN(sizeof(*freq)); 2981da177e4SLinus Torvalds if (olen > 0) { 2991da177e4SLinus Torvalds struct msghdr msg; 3001da177e4SLinus Torvalds struct flowi flowi; 3011da177e4SLinus Torvalds int junk; 3021da177e4SLinus Torvalds 3031da177e4SLinus Torvalds err = -ENOMEM; 3041da177e4SLinus Torvalds fl->opt = kmalloc(sizeof(*fl->opt) + olen, GFP_KERNEL); 3051da177e4SLinus Torvalds if (fl->opt == NULL) 3061da177e4SLinus Torvalds goto done; 3071da177e4SLinus Torvalds 3081da177e4SLinus Torvalds memset(fl->opt, 0, sizeof(*fl->opt)); 3091da177e4SLinus Torvalds fl->opt->tot_len = sizeof(*fl->opt) + olen; 3101da177e4SLinus Torvalds err = -EFAULT; 3111da177e4SLinus Torvalds if (copy_from_user(fl->opt+1, optval+CMSG_ALIGN(sizeof(*freq)), olen)) 3121da177e4SLinus Torvalds goto done; 3131da177e4SLinus Torvalds 3141da177e4SLinus Torvalds msg.msg_controllen = olen; 3151da177e4SLinus Torvalds msg.msg_control = (void*)(fl->opt+1); 3161da177e4SLinus Torvalds flowi.oif = 0; 3171da177e4SLinus Torvalds 31841a1f8eaSYOSHIFUJI Hideaki err = datagram_send_ctl(&msg, &flowi, fl->opt, &junk, &junk); 3191da177e4SLinus Torvalds if (err) 3201da177e4SLinus Torvalds goto done; 3211da177e4SLinus Torvalds err = -EINVAL; 3221da177e4SLinus Torvalds if (fl->opt->opt_flen) 3231da177e4SLinus Torvalds goto done; 3241da177e4SLinus Torvalds if (fl->opt->opt_nflen == 0) { 3251da177e4SLinus Torvalds kfree(fl->opt); 3261da177e4SLinus Torvalds fl->opt = NULL; 3271da177e4SLinus Torvalds } 3281da177e4SLinus Torvalds } 3291da177e4SLinus Torvalds 3301da177e4SLinus Torvalds fl->expires = jiffies; 3311da177e4SLinus Torvalds err = fl6_renew(fl, freq->flr_linger, freq->flr_expires); 3321da177e4SLinus Torvalds if (err) 3331da177e4SLinus Torvalds goto done; 3341da177e4SLinus Torvalds fl->share = freq->flr_share; 3351da177e4SLinus Torvalds addr_type = ipv6_addr_type(&freq->flr_dst); 3361da177e4SLinus Torvalds if ((addr_type&IPV6_ADDR_MAPPED) 337c6817e4cSJames Morris || addr_type == IPV6_ADDR_ANY) { 338c6817e4cSJames Morris err = -EINVAL; 3391da177e4SLinus Torvalds goto done; 340c6817e4cSJames Morris } 3411da177e4SLinus Torvalds ipv6_addr_copy(&fl->dst, &freq->flr_dst); 3421da177e4SLinus Torvalds atomic_set(&fl->users, 1); 3431da177e4SLinus Torvalds switch (fl->share) { 3441da177e4SLinus Torvalds case IPV6_FL_S_EXCL: 3451da177e4SLinus Torvalds case IPV6_FL_S_ANY: 3461da177e4SLinus Torvalds break; 3471da177e4SLinus Torvalds case IPV6_FL_S_PROCESS: 3481da177e4SLinus Torvalds fl->owner = current->pid; 3491da177e4SLinus Torvalds break; 3501da177e4SLinus Torvalds case IPV6_FL_S_USER: 3511da177e4SLinus Torvalds fl->owner = current->euid; 3521da177e4SLinus Torvalds break; 3531da177e4SLinus Torvalds default: 3541da177e4SLinus Torvalds err = -EINVAL; 3551da177e4SLinus Torvalds goto done; 3561da177e4SLinus Torvalds } 3571da177e4SLinus Torvalds return fl; 3581da177e4SLinus Torvalds 3591da177e4SLinus Torvalds done: 3601da177e4SLinus Torvalds fl_free(fl); 3611da177e4SLinus Torvalds *err_p = err; 3621da177e4SLinus Torvalds return NULL; 3631da177e4SLinus Torvalds } 3641da177e4SLinus Torvalds 3651da177e4SLinus Torvalds static int mem_check(struct sock *sk) 3661da177e4SLinus Torvalds { 3671da177e4SLinus Torvalds struct ipv6_pinfo *np = inet6_sk(sk); 3681da177e4SLinus Torvalds struct ipv6_fl_socklist *sfl; 3691da177e4SLinus Torvalds int room = FL_MAX_SIZE - atomic_read(&fl_size); 3701da177e4SLinus Torvalds int count = 0; 3711da177e4SLinus Torvalds 3721da177e4SLinus Torvalds if (room > FL_MAX_SIZE - FL_MAX_PER_SOCK) 3731da177e4SLinus Torvalds return 0; 3741da177e4SLinus Torvalds 3751da177e4SLinus Torvalds for (sfl = np->ipv6_fl_list; sfl; sfl = sfl->next) 3761da177e4SLinus Torvalds count++; 3771da177e4SLinus Torvalds 3781da177e4SLinus Torvalds if (room <= 0 || 3791da177e4SLinus Torvalds ((count >= FL_MAX_PER_SOCK || 3801da177e4SLinus Torvalds (count > 0 && room < FL_MAX_SIZE/2) || room < FL_MAX_SIZE/4) 3811da177e4SLinus Torvalds && !capable(CAP_NET_ADMIN))) 3821da177e4SLinus Torvalds return -ENOBUFS; 3831da177e4SLinus Torvalds 3841da177e4SLinus Torvalds return 0; 3851da177e4SLinus Torvalds } 3861da177e4SLinus Torvalds 3871da177e4SLinus Torvalds static int ipv6_hdr_cmp(struct ipv6_opt_hdr *h1, struct ipv6_opt_hdr *h2) 3881da177e4SLinus Torvalds { 3891da177e4SLinus Torvalds if (h1 == h2) 3901da177e4SLinus Torvalds return 0; 3911da177e4SLinus Torvalds if (h1 == NULL || h2 == NULL) 3921da177e4SLinus Torvalds return 1; 3931da177e4SLinus Torvalds if (h1->hdrlen != h2->hdrlen) 3941da177e4SLinus Torvalds return 1; 3951da177e4SLinus Torvalds return memcmp(h1+1, h2+1, ((h1->hdrlen+1)<<3) - sizeof(*h1)); 3961da177e4SLinus Torvalds } 3971da177e4SLinus Torvalds 3981da177e4SLinus Torvalds static int ipv6_opt_cmp(struct ipv6_txoptions *o1, struct ipv6_txoptions *o2) 3991da177e4SLinus Torvalds { 4001da177e4SLinus Torvalds if (o1 == o2) 4011da177e4SLinus Torvalds return 0; 4021da177e4SLinus Torvalds if (o1 == NULL || o2 == NULL) 4031da177e4SLinus Torvalds return 1; 4041da177e4SLinus Torvalds if (o1->opt_nflen != o2->opt_nflen) 4051da177e4SLinus Torvalds return 1; 4061da177e4SLinus Torvalds if (ipv6_hdr_cmp(o1->hopopt, o2->hopopt)) 4071da177e4SLinus Torvalds return 1; 4081da177e4SLinus Torvalds if (ipv6_hdr_cmp(o1->dst0opt, o2->dst0opt)) 4091da177e4SLinus Torvalds return 1; 4101da177e4SLinus Torvalds if (ipv6_hdr_cmp((struct ipv6_opt_hdr *)o1->srcrt, (struct ipv6_opt_hdr *)o2->srcrt)) 4111da177e4SLinus Torvalds return 1; 4121da177e4SLinus Torvalds return 0; 4131da177e4SLinus Torvalds } 4141da177e4SLinus Torvalds 41504028045SPavel Emelyanov static inline void fl_link(struct ipv6_pinfo *np, struct ipv6_fl_socklist *sfl, 41604028045SPavel Emelyanov struct ip6_flowlabel *fl) 41704028045SPavel Emelyanov { 41804028045SPavel Emelyanov write_lock_bh(&ip6_sk_fl_lock); 41904028045SPavel Emelyanov sfl->fl = fl; 42004028045SPavel Emelyanov sfl->next = np->ipv6_fl_list; 42104028045SPavel Emelyanov np->ipv6_fl_list = sfl; 42204028045SPavel Emelyanov write_unlock_bh(&ip6_sk_fl_lock); 42304028045SPavel Emelyanov } 42404028045SPavel Emelyanov 4251da177e4SLinus Torvalds int ipv6_flowlabel_opt(struct sock *sk, char __user *optval, int optlen) 4261da177e4SLinus Torvalds { 4271da177e4SLinus Torvalds int err; 4281da177e4SLinus Torvalds struct ipv6_pinfo *np = inet6_sk(sk); 4291da177e4SLinus Torvalds struct in6_flowlabel_req freq; 4301da177e4SLinus Torvalds struct ipv6_fl_socklist *sfl1=NULL; 4311da177e4SLinus Torvalds struct ipv6_fl_socklist *sfl, **sflp; 4321da177e4SLinus Torvalds struct ip6_flowlabel *fl; 4331da177e4SLinus Torvalds 4341da177e4SLinus Torvalds if (optlen < sizeof(freq)) 4351da177e4SLinus Torvalds return -EINVAL; 4361da177e4SLinus Torvalds 4371da177e4SLinus Torvalds if (copy_from_user(&freq, optval, sizeof(freq))) 4381da177e4SLinus Torvalds return -EFAULT; 4391da177e4SLinus Torvalds 4401da177e4SLinus Torvalds switch (freq.flr_action) { 4411da177e4SLinus Torvalds case IPV6_FL_A_PUT: 4421da177e4SLinus Torvalds write_lock_bh(&ip6_sk_fl_lock); 4431da177e4SLinus Torvalds for (sflp = &np->ipv6_fl_list; (sfl=*sflp)!=NULL; sflp = &sfl->next) { 4441da177e4SLinus Torvalds if (sfl->fl->label == freq.flr_label) { 4451da177e4SLinus Torvalds if (freq.flr_label == (np->flow_label&IPV6_FLOWLABEL_MASK)) 4461da177e4SLinus Torvalds np->flow_label &= ~IPV6_FLOWLABEL_MASK; 4471da177e4SLinus Torvalds *sflp = sfl->next; 4481da177e4SLinus Torvalds write_unlock_bh(&ip6_sk_fl_lock); 4491da177e4SLinus Torvalds fl_release(sfl->fl); 4501da177e4SLinus Torvalds kfree(sfl); 4511da177e4SLinus Torvalds return 0; 4521da177e4SLinus Torvalds } 4531da177e4SLinus Torvalds } 4541da177e4SLinus Torvalds write_unlock_bh(&ip6_sk_fl_lock); 4551da177e4SLinus Torvalds return -ESRCH; 4561da177e4SLinus Torvalds 4571da177e4SLinus Torvalds case IPV6_FL_A_RENEW: 4581da177e4SLinus Torvalds read_lock_bh(&ip6_sk_fl_lock); 4591da177e4SLinus Torvalds for (sfl = np->ipv6_fl_list; sfl; sfl = sfl->next) { 4601da177e4SLinus Torvalds if (sfl->fl->label == freq.flr_label) { 4611da177e4SLinus Torvalds err = fl6_renew(sfl->fl, freq.flr_linger, freq.flr_expires); 4621da177e4SLinus Torvalds read_unlock_bh(&ip6_sk_fl_lock); 4631da177e4SLinus Torvalds return err; 4641da177e4SLinus Torvalds } 4651da177e4SLinus Torvalds } 4661da177e4SLinus Torvalds read_unlock_bh(&ip6_sk_fl_lock); 4671da177e4SLinus Torvalds 4681da177e4SLinus Torvalds if (freq.flr_share == IPV6_FL_S_NONE && capable(CAP_NET_ADMIN)) { 4691da177e4SLinus Torvalds fl = fl_lookup(freq.flr_label); 4701da177e4SLinus Torvalds if (fl) { 4711da177e4SLinus Torvalds err = fl6_renew(fl, freq.flr_linger, freq.flr_expires); 4721da177e4SLinus Torvalds fl_release(fl); 4731da177e4SLinus Torvalds return err; 4741da177e4SLinus Torvalds } 4751da177e4SLinus Torvalds } 4761da177e4SLinus Torvalds return -ESRCH; 4771da177e4SLinus Torvalds 4781da177e4SLinus Torvalds case IPV6_FL_A_GET: 4791da177e4SLinus Torvalds if (freq.flr_label & ~IPV6_FLOWLABEL_MASK) 4801da177e4SLinus Torvalds return -EINVAL; 4811da177e4SLinus Torvalds 4821da177e4SLinus Torvalds fl = fl_create(&freq, optval, optlen, &err); 4831da177e4SLinus Torvalds if (fl == NULL) 4841da177e4SLinus Torvalds return err; 4851da177e4SLinus Torvalds sfl1 = kmalloc(sizeof(*sfl1), GFP_KERNEL); 4861da177e4SLinus Torvalds 4871da177e4SLinus Torvalds if (freq.flr_label) { 4881da177e4SLinus Torvalds struct ip6_flowlabel *fl1 = NULL; 4891da177e4SLinus Torvalds 4901da177e4SLinus Torvalds err = -EEXIST; 4911da177e4SLinus Torvalds read_lock_bh(&ip6_sk_fl_lock); 4921da177e4SLinus Torvalds for (sfl = np->ipv6_fl_list; sfl; sfl = sfl->next) { 4931da177e4SLinus Torvalds if (sfl->fl->label == freq.flr_label) { 4941da177e4SLinus Torvalds if (freq.flr_flags&IPV6_FL_F_EXCL) { 4951da177e4SLinus Torvalds read_unlock_bh(&ip6_sk_fl_lock); 4961da177e4SLinus Torvalds goto done; 4971da177e4SLinus Torvalds } 4981da177e4SLinus Torvalds fl1 = sfl->fl; 4994ea6a804SYan Zheng atomic_inc(&fl1->users); 5001da177e4SLinus Torvalds break; 5011da177e4SLinus Torvalds } 5021da177e4SLinus Torvalds } 5031da177e4SLinus Torvalds read_unlock_bh(&ip6_sk_fl_lock); 5041da177e4SLinus Torvalds 5051da177e4SLinus Torvalds if (fl1 == NULL) 5061da177e4SLinus Torvalds fl1 = fl_lookup(freq.flr_label); 5071da177e4SLinus Torvalds if (fl1) { 5081da177e4SLinus Torvalds err = -EEXIST; 5091da177e4SLinus Torvalds if (freq.flr_flags&IPV6_FL_F_EXCL) 5101da177e4SLinus Torvalds goto release; 5111da177e4SLinus Torvalds err = -EPERM; 5121da177e4SLinus Torvalds if (fl1->share == IPV6_FL_S_EXCL || 5131da177e4SLinus Torvalds fl1->share != fl->share || 5141da177e4SLinus Torvalds fl1->owner != fl->owner) 5151da177e4SLinus Torvalds goto release; 5161da177e4SLinus Torvalds 5171da177e4SLinus Torvalds err = -EINVAL; 5181da177e4SLinus Torvalds if (!ipv6_addr_equal(&fl1->dst, &fl->dst) || 5191da177e4SLinus Torvalds ipv6_opt_cmp(fl1->opt, fl->opt)) 5201da177e4SLinus Torvalds goto release; 5211da177e4SLinus Torvalds 5221da177e4SLinus Torvalds err = -ENOMEM; 5231da177e4SLinus Torvalds if (sfl1 == NULL) 5241da177e4SLinus Torvalds goto release; 5251da177e4SLinus Torvalds if (fl->linger > fl1->linger) 5261da177e4SLinus Torvalds fl1->linger = fl->linger; 5271da177e4SLinus Torvalds if ((long)(fl->expires - fl1->expires) > 0) 5281da177e4SLinus Torvalds fl1->expires = fl->expires; 52904028045SPavel Emelyanov fl_link(np, sfl1, fl1); 5301da177e4SLinus Torvalds fl_free(fl); 5311da177e4SLinus Torvalds return 0; 5321da177e4SLinus Torvalds 5331da177e4SLinus Torvalds release: 5341da177e4SLinus Torvalds fl_release(fl1); 5351da177e4SLinus Torvalds goto done; 5361da177e4SLinus Torvalds } 5371da177e4SLinus Torvalds } 5381da177e4SLinus Torvalds err = -ENOENT; 5391da177e4SLinus Torvalds if (!(freq.flr_flags&IPV6_FL_F_CREATE)) 5401da177e4SLinus Torvalds goto done; 5411da177e4SLinus Torvalds 5421da177e4SLinus Torvalds err = -ENOMEM; 5431da177e4SLinus Torvalds if (sfl1 == NULL || (err = mem_check(sk)) != 0) 5441da177e4SLinus Torvalds goto done; 5451da177e4SLinus Torvalds 5461da177e4SLinus Torvalds err = fl_intern(fl, freq.flr_label); 5471da177e4SLinus Torvalds if (err) 5481da177e4SLinus Torvalds goto done; 5491da177e4SLinus Torvalds 5506c94d361SDavid S. Miller if (!freq.flr_label) { 5516c94d361SDavid S. Miller if (copy_to_user(&((struct in6_flowlabel_req __user *) optval)->flr_label, 5526c94d361SDavid S. Miller &fl->label, sizeof(fl->label))) { 5536c94d361SDavid S. Miller /* Intentionally ignore fault. */ 5546c94d361SDavid S. Miller } 5556c94d361SDavid S. Miller } 5561da177e4SLinus Torvalds 55704028045SPavel Emelyanov fl_link(np, sfl1, fl); 5581da177e4SLinus Torvalds return 0; 5591da177e4SLinus Torvalds 5601da177e4SLinus Torvalds default: 5611da177e4SLinus Torvalds return -EINVAL; 5621da177e4SLinus Torvalds } 5631da177e4SLinus Torvalds 5641da177e4SLinus Torvalds done: 5651da177e4SLinus Torvalds fl_free(fl); 5661da177e4SLinus Torvalds kfree(sfl1); 5671da177e4SLinus Torvalds return err; 5681da177e4SLinus Torvalds } 5691da177e4SLinus Torvalds 5701da177e4SLinus Torvalds #ifdef CONFIG_PROC_FS 5711da177e4SLinus Torvalds 5721da177e4SLinus Torvalds struct ip6fl_iter_state { 5731da177e4SLinus Torvalds int bucket; 5741da177e4SLinus Torvalds }; 5751da177e4SLinus Torvalds 5761da177e4SLinus Torvalds #define ip6fl_seq_private(seq) ((struct ip6fl_iter_state *)(seq)->private) 5771da177e4SLinus Torvalds 5781da177e4SLinus Torvalds static struct ip6_flowlabel *ip6fl_get_first(struct seq_file *seq) 5791da177e4SLinus Torvalds { 5801da177e4SLinus Torvalds struct ip6_flowlabel *fl = NULL; 5811da177e4SLinus Torvalds struct ip6fl_iter_state *state = ip6fl_seq_private(seq); 5821da177e4SLinus Torvalds 5831da177e4SLinus Torvalds for (state->bucket = 0; state->bucket <= FL_HASH_MASK; ++state->bucket) { 5841da177e4SLinus Torvalds if (fl_ht[state->bucket]) { 5851da177e4SLinus Torvalds fl = fl_ht[state->bucket]; 5861da177e4SLinus Torvalds break; 5871da177e4SLinus Torvalds } 5881da177e4SLinus Torvalds } 5891da177e4SLinus Torvalds return fl; 5901da177e4SLinus Torvalds } 5911da177e4SLinus Torvalds 5921da177e4SLinus Torvalds static struct ip6_flowlabel *ip6fl_get_next(struct seq_file *seq, struct ip6_flowlabel *fl) 5931da177e4SLinus Torvalds { 5941da177e4SLinus Torvalds struct ip6fl_iter_state *state = ip6fl_seq_private(seq); 5951da177e4SLinus Torvalds 5961da177e4SLinus Torvalds fl = fl->next; 5971da177e4SLinus Torvalds while (!fl) { 5981da177e4SLinus Torvalds if (++state->bucket <= FL_HASH_MASK) 5991da177e4SLinus Torvalds fl = fl_ht[state->bucket]; 600bcd62075SJames Morris else 601bcd62075SJames Morris break; 6021da177e4SLinus Torvalds } 6031da177e4SLinus Torvalds return fl; 6041da177e4SLinus Torvalds } 6051da177e4SLinus Torvalds 6061da177e4SLinus Torvalds static struct ip6_flowlabel *ip6fl_get_idx(struct seq_file *seq, loff_t pos) 6071da177e4SLinus Torvalds { 6081da177e4SLinus Torvalds struct ip6_flowlabel *fl = ip6fl_get_first(seq); 6091da177e4SLinus Torvalds if (fl) 6101da177e4SLinus Torvalds while (pos && (fl = ip6fl_get_next(seq, fl)) != NULL) 6111da177e4SLinus Torvalds --pos; 6121da177e4SLinus Torvalds return pos ? NULL : fl; 6131da177e4SLinus Torvalds } 6141da177e4SLinus Torvalds 6151da177e4SLinus Torvalds static void *ip6fl_seq_start(struct seq_file *seq, loff_t *pos) 6161da177e4SLinus Torvalds { 6171da177e4SLinus Torvalds read_lock_bh(&ip6_fl_lock); 6181da177e4SLinus Torvalds return *pos ? ip6fl_get_idx(seq, *pos - 1) : SEQ_START_TOKEN; 6191da177e4SLinus Torvalds } 6201da177e4SLinus Torvalds 6211da177e4SLinus Torvalds static void *ip6fl_seq_next(struct seq_file *seq, void *v, loff_t *pos) 6221da177e4SLinus Torvalds { 6231da177e4SLinus Torvalds struct ip6_flowlabel *fl; 6241da177e4SLinus Torvalds 6251da177e4SLinus Torvalds if (v == SEQ_START_TOKEN) 6261da177e4SLinus Torvalds fl = ip6fl_get_first(seq); 6271da177e4SLinus Torvalds else 6281da177e4SLinus Torvalds fl = ip6fl_get_next(seq, v); 6291da177e4SLinus Torvalds ++*pos; 6301da177e4SLinus Torvalds return fl; 6311da177e4SLinus Torvalds } 6321da177e4SLinus Torvalds 6331da177e4SLinus Torvalds static void ip6fl_seq_stop(struct seq_file *seq, void *v) 6341da177e4SLinus Torvalds { 6351da177e4SLinus Torvalds read_unlock_bh(&ip6_fl_lock); 6361da177e4SLinus Torvalds } 6371da177e4SLinus Torvalds 6381b7c2dbcSJames Morris static int ip6fl_seq_show(struct seq_file *seq, void *v) 6391da177e4SLinus Torvalds { 6401b7c2dbcSJames Morris if (v == SEQ_START_TOKEN) 6411b7c2dbcSJames Morris seq_printf(seq, "%-5s %-1s %-6s %-6s %-6s %-8s %-32s %s\n", 6421b7c2dbcSJames Morris "Label", "S", "Owner", "Users", "Linger", "Expires", "Dst", "Opt"); 6431b7c2dbcSJames Morris else { 6441b7c2dbcSJames Morris struct ip6_flowlabel *fl = v; 6451da177e4SLinus Torvalds seq_printf(seq, 6469343e79aSYOSHIFUJI Hideaki "%05X %-1d %-6d %-6d %-6ld %-8ld " NIP6_SEQFMT " %-4d\n", 6471da177e4SLinus Torvalds (unsigned)ntohl(fl->label), 6481da177e4SLinus Torvalds fl->share, 6491da177e4SLinus Torvalds (unsigned)fl->owner, 6501da177e4SLinus Torvalds atomic_read(&fl->users), 6511da177e4SLinus Torvalds fl->linger/HZ, 6521da177e4SLinus Torvalds (long)(fl->expires - jiffies)/HZ, 6531da177e4SLinus Torvalds NIP6(fl->dst), 6541da177e4SLinus Torvalds fl->opt ? fl->opt->opt_nflen : 0); 6551da177e4SLinus Torvalds } 6561da177e4SLinus Torvalds return 0; 6571da177e4SLinus Torvalds } 6581da177e4SLinus Torvalds 65956b3d975SPhilippe De Muyter static const struct seq_operations ip6fl_seq_ops = { 6601da177e4SLinus Torvalds .start = ip6fl_seq_start, 6611da177e4SLinus Torvalds .next = ip6fl_seq_next, 6621da177e4SLinus Torvalds .stop = ip6fl_seq_stop, 6631da177e4SLinus Torvalds .show = ip6fl_seq_show, 6641da177e4SLinus Torvalds }; 6651da177e4SLinus Torvalds 6661da177e4SLinus Torvalds static int ip6fl_seq_open(struct inode *inode, struct file *file) 6671da177e4SLinus Torvalds { 668cf7732e4SPavel Emelyanov return seq_open_private(file, &ip6fl_seq_ops, 669cf7732e4SPavel Emelyanov sizeof(struct ip6fl_iter_state)); 6701da177e4SLinus Torvalds } 6711da177e4SLinus Torvalds 6729a32144eSArjan van de Ven static const struct file_operations ip6fl_seq_fops = { 6731da177e4SLinus Torvalds .owner = THIS_MODULE, 6741da177e4SLinus Torvalds .open = ip6fl_seq_open, 6751da177e4SLinus Torvalds .read = seq_read, 6761da177e4SLinus Torvalds .llseek = seq_lseek, 6771da177e4SLinus Torvalds .release = seq_release_private, 6781da177e4SLinus Torvalds }; 6791da177e4SLinus Torvalds #endif 6801da177e4SLinus Torvalds 6811da177e4SLinus Torvalds 6821da177e4SLinus Torvalds void ip6_flowlabel_init(void) 6831da177e4SLinus Torvalds { 6841da177e4SLinus Torvalds #ifdef CONFIG_PROC_FS 685457c4cbcSEric W. Biederman proc_net_fops_create(&init_net, "ip6_flowlabel", S_IRUGO, &ip6fl_seq_fops); 6861da177e4SLinus Torvalds #endif 6871da177e4SLinus Torvalds } 6881da177e4SLinus Torvalds 6891da177e4SLinus Torvalds void ip6_flowlabel_cleanup(void) 6901da177e4SLinus Torvalds { 6911da177e4SLinus Torvalds del_timer(&ip6_fl_gc_timer); 6921da177e4SLinus Torvalds #ifdef CONFIG_PROC_FS 693457c4cbcSEric W. Biederman proc_net_remove(&init_net, "ip6_flowlabel"); 6941da177e4SLinus Torvalds #endif 6951da177e4SLinus Torvalds } 696