Loading...
1/*
2 * Generic address resolution entity
3 *
4 * Authors:
5 * Pedro Roque <roque@di.fc.ul.pt>
6 * Alexey Kuznetsov <kuznet@ms2.inr.ac.ru>
7 *
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public License
10 * as published by the Free Software Foundation; either version
11 * 2 of the License, or (at your option) any later version.
12 *
13 * Fixes:
14 * Vitaly E. Lavrov releasing NULL neighbor in neigh_add.
15 * Harald Welte Add neighbour cache statistics like rtstat
16 */
17
18#include <linux/slab.h>
19#include <linux/types.h>
20#include <linux/kernel.h>
21#include <linux/module.h>
22#include <linux/socket.h>
23#include <linux/netdevice.h>
24#include <linux/proc_fs.h>
25#ifdef CONFIG_SYSCTL
26#include <linux/sysctl.h>
27#endif
28#include <linux/times.h>
29#include <net/net_namespace.h>
30#include <net/neighbour.h>
31#include <net/dst.h>
32#include <net/sock.h>
33#include <net/netevent.h>
34#include <net/netlink.h>
35#include <linux/rtnetlink.h>
36#include <linux/random.h>
37#include <linux/string.h>
38#include <linux/log2.h>
39
40#define NEIGH_DEBUG 1
41
42#define NEIGH_PRINTK(x...) printk(x)
43#define NEIGH_NOPRINTK(x...) do { ; } while(0)
44#define NEIGH_PRINTK1 NEIGH_NOPRINTK
45#define NEIGH_PRINTK2 NEIGH_NOPRINTK
46
47#if NEIGH_DEBUG >= 1
48#undef NEIGH_PRINTK1
49#define NEIGH_PRINTK1 NEIGH_PRINTK
50#endif
51#if NEIGH_DEBUG >= 2
52#undef NEIGH_PRINTK2
53#define NEIGH_PRINTK2 NEIGH_PRINTK
54#endif
55
56#define PNEIGH_HASHMASK 0xF
57
58static void neigh_timer_handler(unsigned long arg);
59static void __neigh_notify(struct neighbour *n, int type, int flags);
60static void neigh_update_notify(struct neighbour *neigh);
61static int pneigh_ifdown(struct neigh_table *tbl, struct net_device *dev);
62
63static struct neigh_table *neigh_tables;
64#ifdef CONFIG_PROC_FS
65static const struct file_operations neigh_stat_seq_fops;
66#endif
67
68/*
69 Neighbour hash table buckets are protected with rwlock tbl->lock.
70
71 - All the scans/updates to hash buckets MUST be made under this lock.
72 - NOTHING clever should be made under this lock: no callbacks
73 to protocol backends, no attempts to send something to network.
74 It will result in deadlocks, if backend/driver wants to use neighbour
75 cache.
76 - If the entry requires some non-trivial actions, increase
77 its reference count and release table lock.
78
79 Neighbour entries are protected:
80 - with reference count.
81 - with rwlock neigh->lock
82
83 Reference count prevents destruction.
84
85 neigh->lock mainly serializes ll address data and its validity state.
86 However, the same lock is used to protect another entry fields:
87 - timer
88 - resolution queue
89
90 Again, nothing clever shall be made under neigh->lock,
91 the most complicated procedure, which we allow is dev->hard_header.
92 It is supposed, that dev->hard_header is simplistic and does
93 not make callbacks to neighbour tables.
94
95 The last lock is neigh_tbl_lock. It is pure SMP lock, protecting
96 list of neighbour tables. This list is used only in process context,
97 */
98
99static DEFINE_RWLOCK(neigh_tbl_lock);
100
101static int neigh_blackhole(struct neighbour *neigh, struct sk_buff *skb)
102{
103 kfree_skb(skb);
104 return -ENETDOWN;
105}
106
107static void neigh_cleanup_and_release(struct neighbour *neigh)
108{
109 if (neigh->parms->neigh_cleanup)
110 neigh->parms->neigh_cleanup(neigh);
111
112 __neigh_notify(neigh, RTM_DELNEIGH, 0);
113 neigh_release(neigh);
114}
115
116/*
117 * It is random distribution in the interval (1/2)*base...(3/2)*base.
118 * It corresponds to default IPv6 settings and is not overridable,
119 * because it is really reasonable choice.
120 */
121
122unsigned long neigh_rand_reach_time(unsigned long base)
123{
124 return base ? (net_random() % base) + (base >> 1) : 0;
125}
126EXPORT_SYMBOL(neigh_rand_reach_time);
127
128
129static int neigh_forced_gc(struct neigh_table *tbl)
130{
131 int shrunk = 0;
132 int i;
133 struct neigh_hash_table *nht;
134
135 NEIGH_CACHE_STAT_INC(tbl, forced_gc_runs);
136
137 write_lock_bh(&tbl->lock);
138 nht = rcu_dereference_protected(tbl->nht,
139 lockdep_is_held(&tbl->lock));
140 for (i = 0; i < (1 << nht->hash_shift); i++) {
141 struct neighbour *n;
142 struct neighbour __rcu **np;
143
144 np = &nht->hash_buckets[i];
145 while ((n = rcu_dereference_protected(*np,
146 lockdep_is_held(&tbl->lock))) != NULL) {
147 /* Neighbour record may be discarded if:
148 * - nobody refers to it.
149 * - it is not permanent
150 */
151 write_lock(&n->lock);
152 if (atomic_read(&n->refcnt) == 1 &&
153 !(n->nud_state & NUD_PERMANENT)) {
154 rcu_assign_pointer(*np,
155 rcu_dereference_protected(n->next,
156 lockdep_is_held(&tbl->lock)));
157 n->dead = 1;
158 shrunk = 1;
159 write_unlock(&n->lock);
160 neigh_cleanup_and_release(n);
161 continue;
162 }
163 write_unlock(&n->lock);
164 np = &n->next;
165 }
166 }
167
168 tbl->last_flush = jiffies;
169
170 write_unlock_bh(&tbl->lock);
171
172 return shrunk;
173}
174
175static void neigh_add_timer(struct neighbour *n, unsigned long when)
176{
177 neigh_hold(n);
178 if (unlikely(mod_timer(&n->timer, when))) {
179 printk("NEIGH: BUG, double timer add, state is %x\n",
180 n->nud_state);
181 dump_stack();
182 }
183}
184
185static int neigh_del_timer(struct neighbour *n)
186{
187 if ((n->nud_state & NUD_IN_TIMER) &&
188 del_timer(&n->timer)) {
189 neigh_release(n);
190 return 1;
191 }
192 return 0;
193}
194
195static void pneigh_queue_purge(struct sk_buff_head *list)
196{
197 struct sk_buff *skb;
198
199 while ((skb = skb_dequeue(list)) != NULL) {
200 dev_put(skb->dev);
201 kfree_skb(skb);
202 }
203}
204
205static void neigh_flush_dev(struct neigh_table *tbl, struct net_device *dev)
206{
207 int i;
208 struct neigh_hash_table *nht;
209
210 nht = rcu_dereference_protected(tbl->nht,
211 lockdep_is_held(&tbl->lock));
212
213 for (i = 0; i < (1 << nht->hash_shift); i++) {
214 struct neighbour *n;
215 struct neighbour __rcu **np = &nht->hash_buckets[i];
216
217 while ((n = rcu_dereference_protected(*np,
218 lockdep_is_held(&tbl->lock))) != NULL) {
219 if (dev && n->dev != dev) {
220 np = &n->next;
221 continue;
222 }
223 rcu_assign_pointer(*np,
224 rcu_dereference_protected(n->next,
225 lockdep_is_held(&tbl->lock)));
226 write_lock(&n->lock);
227 neigh_del_timer(n);
228 n->dead = 1;
229
230 if (atomic_read(&n->refcnt) != 1) {
231 /* The most unpleasant situation.
232 We must destroy neighbour entry,
233 but someone still uses it.
234
235 The destroy will be delayed until
236 the last user releases us, but
237 we must kill timers etc. and move
238 it to safe state.
239 */
240 skb_queue_purge(&n->arp_queue);
241 n->output = neigh_blackhole;
242 if (n->nud_state & NUD_VALID)
243 n->nud_state = NUD_NOARP;
244 else
245 n->nud_state = NUD_NONE;
246 NEIGH_PRINTK2("neigh %p is stray.\n", n);
247 }
248 write_unlock(&n->lock);
249 neigh_cleanup_and_release(n);
250 }
251 }
252}
253
254void neigh_changeaddr(struct neigh_table *tbl, struct net_device *dev)
255{
256 write_lock_bh(&tbl->lock);
257 neigh_flush_dev(tbl, dev);
258 write_unlock_bh(&tbl->lock);
259}
260EXPORT_SYMBOL(neigh_changeaddr);
261
262int neigh_ifdown(struct neigh_table *tbl, struct net_device *dev)
263{
264 write_lock_bh(&tbl->lock);
265 neigh_flush_dev(tbl, dev);
266 pneigh_ifdown(tbl, dev);
267 write_unlock_bh(&tbl->lock);
268
269 del_timer_sync(&tbl->proxy_timer);
270 pneigh_queue_purge(&tbl->proxy_queue);
271 return 0;
272}
273EXPORT_SYMBOL(neigh_ifdown);
274
275static struct neighbour *neigh_alloc(struct neigh_table *tbl)
276{
277 struct neighbour *n = NULL;
278 unsigned long now = jiffies;
279 int entries;
280
281 entries = atomic_inc_return(&tbl->entries) - 1;
282 if (entries >= tbl->gc_thresh3 ||
283 (entries >= tbl->gc_thresh2 &&
284 time_after(now, tbl->last_flush + 5 * HZ))) {
285 if (!neigh_forced_gc(tbl) &&
286 entries >= tbl->gc_thresh3)
287 goto out_entries;
288 }
289
290 n = kmem_cache_zalloc(tbl->kmem_cachep, GFP_ATOMIC);
291 if (!n)
292 goto out_entries;
293
294 skb_queue_head_init(&n->arp_queue);
295 rwlock_init(&n->lock);
296 seqlock_init(&n->ha_lock);
297 n->updated = n->used = now;
298 n->nud_state = NUD_NONE;
299 n->output = neigh_blackhole;
300 seqlock_init(&n->hh.hh_lock);
301 n->parms = neigh_parms_clone(&tbl->parms);
302 setup_timer(&n->timer, neigh_timer_handler, (unsigned long)n);
303
304 NEIGH_CACHE_STAT_INC(tbl, allocs);
305 n->tbl = tbl;
306 atomic_set(&n->refcnt, 1);
307 n->dead = 1;
308out:
309 return n;
310
311out_entries:
312 atomic_dec(&tbl->entries);
313 goto out;
314}
315
316static struct neigh_hash_table *neigh_hash_alloc(unsigned int shift)
317{
318 size_t size = (1 << shift) * sizeof(struct neighbour *);
319 struct neigh_hash_table *ret;
320 struct neighbour __rcu **buckets;
321
322 ret = kmalloc(sizeof(*ret), GFP_ATOMIC);
323 if (!ret)
324 return NULL;
325 if (size <= PAGE_SIZE)
326 buckets = kzalloc(size, GFP_ATOMIC);
327 else
328 buckets = (struct neighbour __rcu **)
329 __get_free_pages(GFP_ATOMIC | __GFP_ZERO,
330 get_order(size));
331 if (!buckets) {
332 kfree(ret);
333 return NULL;
334 }
335 ret->hash_buckets = buckets;
336 ret->hash_shift = shift;
337 get_random_bytes(&ret->hash_rnd, sizeof(ret->hash_rnd));
338 ret->hash_rnd |= 1;
339 return ret;
340}
341
342static void neigh_hash_free_rcu(struct rcu_head *head)
343{
344 struct neigh_hash_table *nht = container_of(head,
345 struct neigh_hash_table,
346 rcu);
347 size_t size = (1 << nht->hash_shift) * sizeof(struct neighbour *);
348 struct neighbour __rcu **buckets = nht->hash_buckets;
349
350 if (size <= PAGE_SIZE)
351 kfree(buckets);
352 else
353 free_pages((unsigned long)buckets, get_order(size));
354 kfree(nht);
355}
356
357static struct neigh_hash_table *neigh_hash_grow(struct neigh_table *tbl,
358 unsigned long new_shift)
359{
360 unsigned int i, hash;
361 struct neigh_hash_table *new_nht, *old_nht;
362
363 NEIGH_CACHE_STAT_INC(tbl, hash_grows);
364
365 old_nht = rcu_dereference_protected(tbl->nht,
366 lockdep_is_held(&tbl->lock));
367 new_nht = neigh_hash_alloc(new_shift);
368 if (!new_nht)
369 return old_nht;
370
371 for (i = 0; i < (1 << old_nht->hash_shift); i++) {
372 struct neighbour *n, *next;
373
374 for (n = rcu_dereference_protected(old_nht->hash_buckets[i],
375 lockdep_is_held(&tbl->lock));
376 n != NULL;
377 n = next) {
378 hash = tbl->hash(n->primary_key, n->dev,
379 new_nht->hash_rnd);
380
381 hash >>= (32 - new_nht->hash_shift);
382 next = rcu_dereference_protected(n->next,
383 lockdep_is_held(&tbl->lock));
384
385 rcu_assign_pointer(n->next,
386 rcu_dereference_protected(
387 new_nht->hash_buckets[hash],
388 lockdep_is_held(&tbl->lock)));
389 rcu_assign_pointer(new_nht->hash_buckets[hash], n);
390 }
391 }
392
393 rcu_assign_pointer(tbl->nht, new_nht);
394 call_rcu(&old_nht->rcu, neigh_hash_free_rcu);
395 return new_nht;
396}
397
398struct neighbour *neigh_lookup(struct neigh_table *tbl, const void *pkey,
399 struct net_device *dev)
400{
401 struct neighbour *n;
402 int key_len = tbl->key_len;
403 u32 hash_val;
404 struct neigh_hash_table *nht;
405
406 NEIGH_CACHE_STAT_INC(tbl, lookups);
407
408 rcu_read_lock_bh();
409 nht = rcu_dereference_bh(tbl->nht);
410 hash_val = tbl->hash(pkey, dev, nht->hash_rnd) >> (32 - nht->hash_shift);
411
412 for (n = rcu_dereference_bh(nht->hash_buckets[hash_val]);
413 n != NULL;
414 n = rcu_dereference_bh(n->next)) {
415 if (dev == n->dev && !memcmp(n->primary_key, pkey, key_len)) {
416 if (!atomic_inc_not_zero(&n->refcnt))
417 n = NULL;
418 NEIGH_CACHE_STAT_INC(tbl, hits);
419 break;
420 }
421 }
422
423 rcu_read_unlock_bh();
424 return n;
425}
426EXPORT_SYMBOL(neigh_lookup);
427
428struct neighbour *neigh_lookup_nodev(struct neigh_table *tbl, struct net *net,
429 const void *pkey)
430{
431 struct neighbour *n;
432 int key_len = tbl->key_len;
433 u32 hash_val;
434 struct neigh_hash_table *nht;
435
436 NEIGH_CACHE_STAT_INC(tbl, lookups);
437
438 rcu_read_lock_bh();
439 nht = rcu_dereference_bh(tbl->nht);
440 hash_val = tbl->hash(pkey, NULL, nht->hash_rnd) >> (32 - nht->hash_shift);
441
442 for (n = rcu_dereference_bh(nht->hash_buckets[hash_val]);
443 n != NULL;
444 n = rcu_dereference_bh(n->next)) {
445 if (!memcmp(n->primary_key, pkey, key_len) &&
446 net_eq(dev_net(n->dev), net)) {
447 if (!atomic_inc_not_zero(&n->refcnt))
448 n = NULL;
449 NEIGH_CACHE_STAT_INC(tbl, hits);
450 break;
451 }
452 }
453
454 rcu_read_unlock_bh();
455 return n;
456}
457EXPORT_SYMBOL(neigh_lookup_nodev);
458
459struct neighbour *neigh_create(struct neigh_table *tbl, const void *pkey,
460 struct net_device *dev)
461{
462 u32 hash_val;
463 int key_len = tbl->key_len;
464 int error;
465 struct neighbour *n1, *rc, *n = neigh_alloc(tbl);
466 struct neigh_hash_table *nht;
467
468 if (!n) {
469 rc = ERR_PTR(-ENOBUFS);
470 goto out;
471 }
472
473 memcpy(n->primary_key, pkey, key_len);
474 n->dev = dev;
475 dev_hold(dev);
476
477 /* Protocol specific setup. */
478 if (tbl->constructor && (error = tbl->constructor(n)) < 0) {
479 rc = ERR_PTR(error);
480 goto out_neigh_release;
481 }
482
483 /* Device specific setup. */
484 if (n->parms->neigh_setup &&
485 (error = n->parms->neigh_setup(n)) < 0) {
486 rc = ERR_PTR(error);
487 goto out_neigh_release;
488 }
489
490 n->confirmed = jiffies - (n->parms->base_reachable_time << 1);
491
492 write_lock_bh(&tbl->lock);
493 nht = rcu_dereference_protected(tbl->nht,
494 lockdep_is_held(&tbl->lock));
495
496 if (atomic_read(&tbl->entries) > (1 << nht->hash_shift))
497 nht = neigh_hash_grow(tbl, nht->hash_shift + 1);
498
499 hash_val = tbl->hash(pkey, dev, nht->hash_rnd) >> (32 - nht->hash_shift);
500
501 if (n->parms->dead) {
502 rc = ERR_PTR(-EINVAL);
503 goto out_tbl_unlock;
504 }
505
506 for (n1 = rcu_dereference_protected(nht->hash_buckets[hash_val],
507 lockdep_is_held(&tbl->lock));
508 n1 != NULL;
509 n1 = rcu_dereference_protected(n1->next,
510 lockdep_is_held(&tbl->lock))) {
511 if (dev == n1->dev && !memcmp(n1->primary_key, pkey, key_len)) {
512 neigh_hold(n1);
513 rc = n1;
514 goto out_tbl_unlock;
515 }
516 }
517
518 n->dead = 0;
519 neigh_hold(n);
520 rcu_assign_pointer(n->next,
521 rcu_dereference_protected(nht->hash_buckets[hash_val],
522 lockdep_is_held(&tbl->lock)));
523 rcu_assign_pointer(nht->hash_buckets[hash_val], n);
524 write_unlock_bh(&tbl->lock);
525 NEIGH_PRINTK2("neigh %p is created.\n", n);
526 rc = n;
527out:
528 return rc;
529out_tbl_unlock:
530 write_unlock_bh(&tbl->lock);
531out_neigh_release:
532 neigh_release(n);
533 goto out;
534}
535EXPORT_SYMBOL(neigh_create);
536
537static u32 pneigh_hash(const void *pkey, int key_len)
538{
539 u32 hash_val = *(u32 *)(pkey + key_len - 4);
540 hash_val ^= (hash_val >> 16);
541 hash_val ^= hash_val >> 8;
542 hash_val ^= hash_val >> 4;
543 hash_val &= PNEIGH_HASHMASK;
544 return hash_val;
545}
546
547static struct pneigh_entry *__pneigh_lookup_1(struct pneigh_entry *n,
548 struct net *net,
549 const void *pkey,
550 int key_len,
551 struct net_device *dev)
552{
553 while (n) {
554 if (!memcmp(n->key, pkey, key_len) &&
555 net_eq(pneigh_net(n), net) &&
556 (n->dev == dev || !n->dev))
557 return n;
558 n = n->next;
559 }
560 return NULL;
561}
562
563struct pneigh_entry *__pneigh_lookup(struct neigh_table *tbl,
564 struct net *net, const void *pkey, struct net_device *dev)
565{
566 int key_len = tbl->key_len;
567 u32 hash_val = pneigh_hash(pkey, key_len);
568
569 return __pneigh_lookup_1(tbl->phash_buckets[hash_val],
570 net, pkey, key_len, dev);
571}
572EXPORT_SYMBOL_GPL(__pneigh_lookup);
573
574struct pneigh_entry * pneigh_lookup(struct neigh_table *tbl,
575 struct net *net, const void *pkey,
576 struct net_device *dev, int creat)
577{
578 struct pneigh_entry *n;
579 int key_len = tbl->key_len;
580 u32 hash_val = pneigh_hash(pkey, key_len);
581
582 read_lock_bh(&tbl->lock);
583 n = __pneigh_lookup_1(tbl->phash_buckets[hash_val],
584 net, pkey, key_len, dev);
585 read_unlock_bh(&tbl->lock);
586
587 if (n || !creat)
588 goto out;
589
590 ASSERT_RTNL();
591
592 n = kmalloc(sizeof(*n) + key_len, GFP_KERNEL);
593 if (!n)
594 goto out;
595
596 write_pnet(&n->net, hold_net(net));
597 memcpy(n->key, pkey, key_len);
598 n->dev = dev;
599 if (dev)
600 dev_hold(dev);
601
602 if (tbl->pconstructor && tbl->pconstructor(n)) {
603 if (dev)
604 dev_put(dev);
605 release_net(net);
606 kfree(n);
607 n = NULL;
608 goto out;
609 }
610
611 write_lock_bh(&tbl->lock);
612 n->next = tbl->phash_buckets[hash_val];
613 tbl->phash_buckets[hash_val] = n;
614 write_unlock_bh(&tbl->lock);
615out:
616 return n;
617}
618EXPORT_SYMBOL(pneigh_lookup);
619
620
621int pneigh_delete(struct neigh_table *tbl, struct net *net, const void *pkey,
622 struct net_device *dev)
623{
624 struct pneigh_entry *n, **np;
625 int key_len = tbl->key_len;
626 u32 hash_val = pneigh_hash(pkey, key_len);
627
628 write_lock_bh(&tbl->lock);
629 for (np = &tbl->phash_buckets[hash_val]; (n = *np) != NULL;
630 np = &n->next) {
631 if (!memcmp(n->key, pkey, key_len) && n->dev == dev &&
632 net_eq(pneigh_net(n), net)) {
633 *np = n->next;
634 write_unlock_bh(&tbl->lock);
635 if (tbl->pdestructor)
636 tbl->pdestructor(n);
637 if (n->dev)
638 dev_put(n->dev);
639 release_net(pneigh_net(n));
640 kfree(n);
641 return 0;
642 }
643 }
644 write_unlock_bh(&tbl->lock);
645 return -ENOENT;
646}
647
648static int pneigh_ifdown(struct neigh_table *tbl, struct net_device *dev)
649{
650 struct pneigh_entry *n, **np;
651 u32 h;
652
653 for (h = 0; h <= PNEIGH_HASHMASK; h++) {
654 np = &tbl->phash_buckets[h];
655 while ((n = *np) != NULL) {
656 if (!dev || n->dev == dev) {
657 *np = n->next;
658 if (tbl->pdestructor)
659 tbl->pdestructor(n);
660 if (n->dev)
661 dev_put(n->dev);
662 release_net(pneigh_net(n));
663 kfree(n);
664 continue;
665 }
666 np = &n->next;
667 }
668 }
669 return -ENOENT;
670}
671
672static void neigh_parms_destroy(struct neigh_parms *parms);
673
674static inline void neigh_parms_put(struct neigh_parms *parms)
675{
676 if (atomic_dec_and_test(&parms->refcnt))
677 neigh_parms_destroy(parms);
678}
679
680static void neigh_destroy_rcu(struct rcu_head *head)
681{
682 struct neighbour *neigh = container_of(head, struct neighbour, rcu);
683
684 kmem_cache_free(neigh->tbl->kmem_cachep, neigh);
685}
686/*
687 * neighbour must already be out of the table;
688 *
689 */
690void neigh_destroy(struct neighbour *neigh)
691{
692 NEIGH_CACHE_STAT_INC(neigh->tbl, destroys);
693
694 if (!neigh->dead) {
695 printk(KERN_WARNING
696 "Destroying alive neighbour %p\n", neigh);
697 dump_stack();
698 return;
699 }
700
701 if (neigh_del_timer(neigh))
702 printk(KERN_WARNING "Impossible event.\n");
703
704 skb_queue_purge(&neigh->arp_queue);
705
706 dev_put(neigh->dev);
707 neigh_parms_put(neigh->parms);
708
709 NEIGH_PRINTK2("neigh %p is destroyed.\n", neigh);
710
711 atomic_dec(&neigh->tbl->entries);
712 call_rcu(&neigh->rcu, neigh_destroy_rcu);
713}
714EXPORT_SYMBOL(neigh_destroy);
715
716/* Neighbour state is suspicious;
717 disable fast path.
718
719 Called with write_locked neigh.
720 */
721static void neigh_suspect(struct neighbour *neigh)
722{
723 NEIGH_PRINTK2("neigh %p is suspected.\n", neigh);
724
725 neigh->output = neigh->ops->output;
726}
727
728/* Neighbour state is OK;
729 enable fast path.
730
731 Called with write_locked neigh.
732 */
733static void neigh_connect(struct neighbour *neigh)
734{
735 NEIGH_PRINTK2("neigh %p is connected.\n", neigh);
736
737 neigh->output = neigh->ops->connected_output;
738}
739
740static void neigh_periodic_work(struct work_struct *work)
741{
742 struct neigh_table *tbl = container_of(work, struct neigh_table, gc_work.work);
743 struct neighbour *n;
744 struct neighbour __rcu **np;
745 unsigned int i;
746 struct neigh_hash_table *nht;
747
748 NEIGH_CACHE_STAT_INC(tbl, periodic_gc_runs);
749
750 write_lock_bh(&tbl->lock);
751 nht = rcu_dereference_protected(tbl->nht,
752 lockdep_is_held(&tbl->lock));
753
754 /*
755 * periodically recompute ReachableTime from random function
756 */
757
758 if (time_after(jiffies, tbl->last_rand + 300 * HZ)) {
759 struct neigh_parms *p;
760 tbl->last_rand = jiffies;
761 for (p = &tbl->parms; p; p = p->next)
762 p->reachable_time =
763 neigh_rand_reach_time(p->base_reachable_time);
764 }
765
766 for (i = 0 ; i < (1 << nht->hash_shift); i++) {
767 np = &nht->hash_buckets[i];
768
769 while ((n = rcu_dereference_protected(*np,
770 lockdep_is_held(&tbl->lock))) != NULL) {
771 unsigned int state;
772
773 write_lock(&n->lock);
774
775 state = n->nud_state;
776 if (state & (NUD_PERMANENT | NUD_IN_TIMER)) {
777 write_unlock(&n->lock);
778 goto next_elt;
779 }
780
781 if (time_before(n->used, n->confirmed))
782 n->used = n->confirmed;
783
784 if (atomic_read(&n->refcnt) == 1 &&
785 (state == NUD_FAILED ||
786 time_after(jiffies, n->used + n->parms->gc_staletime))) {
787 *np = n->next;
788 n->dead = 1;
789 write_unlock(&n->lock);
790 neigh_cleanup_and_release(n);
791 continue;
792 }
793 write_unlock(&n->lock);
794
795next_elt:
796 np = &n->next;
797 }
798 /*
799 * It's fine to release lock here, even if hash table
800 * grows while we are preempted.
801 */
802 write_unlock_bh(&tbl->lock);
803 cond_resched();
804 write_lock_bh(&tbl->lock);
805 }
806 /* Cycle through all hash buckets every base_reachable_time/2 ticks.
807 * ARP entry timeouts range from 1/2 base_reachable_time to 3/2
808 * base_reachable_time.
809 */
810 schedule_delayed_work(&tbl->gc_work,
811 tbl->parms.base_reachable_time >> 1);
812 write_unlock_bh(&tbl->lock);
813}
814
815static __inline__ int neigh_max_probes(struct neighbour *n)
816{
817 struct neigh_parms *p = n->parms;
818 return (n->nud_state & NUD_PROBE) ?
819 p->ucast_probes :
820 p->ucast_probes + p->app_probes + p->mcast_probes;
821}
822
823static void neigh_invalidate(struct neighbour *neigh)
824 __releases(neigh->lock)
825 __acquires(neigh->lock)
826{
827 struct sk_buff *skb;
828
829 NEIGH_CACHE_STAT_INC(neigh->tbl, res_failed);
830 NEIGH_PRINTK2("neigh %p is failed.\n", neigh);
831 neigh->updated = jiffies;
832
833 /* It is very thin place. report_unreachable is very complicated
834 routine. Particularly, it can hit the same neighbour entry!
835
836 So that, we try to be accurate and avoid dead loop. --ANK
837 */
838 while (neigh->nud_state == NUD_FAILED &&
839 (skb = __skb_dequeue(&neigh->arp_queue)) != NULL) {
840 write_unlock(&neigh->lock);
841 neigh->ops->error_report(neigh, skb);
842 write_lock(&neigh->lock);
843 }
844 skb_queue_purge(&neigh->arp_queue);
845}
846
847/* Called when a timer expires for a neighbour entry. */
848
849static void neigh_timer_handler(unsigned long arg)
850{
851 unsigned long now, next;
852 struct neighbour *neigh = (struct neighbour *)arg;
853 unsigned state;
854 int notify = 0;
855
856 write_lock(&neigh->lock);
857
858 state = neigh->nud_state;
859 now = jiffies;
860 next = now + HZ;
861
862 if (!(state & NUD_IN_TIMER)) {
863#ifndef CONFIG_SMP
864 printk(KERN_WARNING "neigh: timer & !nud_in_timer\n");
865#endif
866 goto out;
867 }
868
869 if (state & NUD_REACHABLE) {
870 if (time_before_eq(now,
871 neigh->confirmed + neigh->parms->reachable_time)) {
872 NEIGH_PRINTK2("neigh %p is still alive.\n", neigh);
873 next = neigh->confirmed + neigh->parms->reachable_time;
874 } else if (time_before_eq(now,
875 neigh->used + neigh->parms->delay_probe_time)) {
876 NEIGH_PRINTK2("neigh %p is delayed.\n", neigh);
877 neigh->nud_state = NUD_DELAY;
878 neigh->updated = jiffies;
879 neigh_suspect(neigh);
880 next = now + neigh->parms->delay_probe_time;
881 } else {
882 NEIGH_PRINTK2("neigh %p is suspected.\n", neigh);
883 neigh->nud_state = NUD_STALE;
884 neigh->updated = jiffies;
885 neigh_suspect(neigh);
886 notify = 1;
887 }
888 } else if (state & NUD_DELAY) {
889 if (time_before_eq(now,
890 neigh->confirmed + neigh->parms->delay_probe_time)) {
891 NEIGH_PRINTK2("neigh %p is now reachable.\n", neigh);
892 neigh->nud_state = NUD_REACHABLE;
893 neigh->updated = jiffies;
894 neigh_connect(neigh);
895 notify = 1;
896 next = neigh->confirmed + neigh->parms->reachable_time;
897 } else {
898 NEIGH_PRINTK2("neigh %p is probed.\n", neigh);
899 neigh->nud_state = NUD_PROBE;
900 neigh->updated = jiffies;
901 atomic_set(&neigh->probes, 0);
902 next = now + neigh->parms->retrans_time;
903 }
904 } else {
905 /* NUD_PROBE|NUD_INCOMPLETE */
906 next = now + neigh->parms->retrans_time;
907 }
908
909 if ((neigh->nud_state & (NUD_INCOMPLETE | NUD_PROBE)) &&
910 atomic_read(&neigh->probes) >= neigh_max_probes(neigh)) {
911 neigh->nud_state = NUD_FAILED;
912 notify = 1;
913 neigh_invalidate(neigh);
914 }
915
916 if (neigh->nud_state & NUD_IN_TIMER) {
917 if (time_before(next, jiffies + HZ/2))
918 next = jiffies + HZ/2;
919 if (!mod_timer(&neigh->timer, next))
920 neigh_hold(neigh);
921 }
922 if (neigh->nud_state & (NUD_INCOMPLETE | NUD_PROBE)) {
923 struct sk_buff *skb = skb_peek(&neigh->arp_queue);
924 /* keep skb alive even if arp_queue overflows */
925 if (skb)
926 skb = skb_copy(skb, GFP_ATOMIC);
927 write_unlock(&neigh->lock);
928 neigh->ops->solicit(neigh, skb);
929 atomic_inc(&neigh->probes);
930 kfree_skb(skb);
931 } else {
932out:
933 write_unlock(&neigh->lock);
934 }
935
936 if (notify)
937 neigh_update_notify(neigh);
938
939 neigh_release(neigh);
940}
941
942int __neigh_event_send(struct neighbour *neigh, struct sk_buff *skb)
943{
944 int rc;
945 unsigned long now;
946
947 write_lock_bh(&neigh->lock);
948
949 rc = 0;
950 if (neigh->nud_state & (NUD_CONNECTED | NUD_DELAY | NUD_PROBE))
951 goto out_unlock_bh;
952
953 now = jiffies;
954
955 if (!(neigh->nud_state & (NUD_STALE | NUD_INCOMPLETE))) {
956 if (neigh->parms->mcast_probes + neigh->parms->app_probes) {
957 atomic_set(&neigh->probes, neigh->parms->ucast_probes);
958 neigh->nud_state = NUD_INCOMPLETE;
959 neigh->updated = jiffies;
960 neigh_add_timer(neigh, now + 1);
961 } else {
962 neigh->nud_state = NUD_FAILED;
963 neigh->updated = jiffies;
964 write_unlock_bh(&neigh->lock);
965
966 kfree_skb(skb);
967 return 1;
968 }
969 } else if (neigh->nud_state & NUD_STALE) {
970 NEIGH_PRINTK2("neigh %p is delayed.\n", neigh);
971 neigh->nud_state = NUD_DELAY;
972 neigh->updated = jiffies;
973 neigh_add_timer(neigh,
974 jiffies + neigh->parms->delay_probe_time);
975 }
976
977 if (neigh->nud_state == NUD_INCOMPLETE) {
978 if (skb) {
979 if (skb_queue_len(&neigh->arp_queue) >=
980 neigh->parms->queue_len) {
981 struct sk_buff *buff;
982 buff = __skb_dequeue(&neigh->arp_queue);
983 kfree_skb(buff);
984 NEIGH_CACHE_STAT_INC(neigh->tbl, unres_discards);
985 }
986 skb_dst_force(skb);
987 __skb_queue_tail(&neigh->arp_queue, skb);
988 }
989 rc = 1;
990 }
991out_unlock_bh:
992 write_unlock_bh(&neigh->lock);
993 return rc;
994}
995EXPORT_SYMBOL(__neigh_event_send);
996
997static void neigh_update_hhs(struct neighbour *neigh)
998{
999 struct hh_cache *hh;
1000 void (*update)(struct hh_cache*, const struct net_device*, const unsigned char *)
1001 = NULL;
1002
1003 if (neigh->dev->header_ops)
1004 update = neigh->dev->header_ops->cache_update;
1005
1006 if (update) {
1007 hh = &neigh->hh;
1008 if (hh->hh_len) {
1009 write_seqlock_bh(&hh->hh_lock);
1010 update(hh, neigh->dev, neigh->ha);
1011 write_sequnlock_bh(&hh->hh_lock);
1012 }
1013 }
1014}
1015
1016
1017
1018/* Generic update routine.
1019 -- lladdr is new lladdr or NULL, if it is not supplied.
1020 -- new is new state.
1021 -- flags
1022 NEIGH_UPDATE_F_OVERRIDE allows to override existing lladdr,
1023 if it is different.
1024 NEIGH_UPDATE_F_WEAK_OVERRIDE will suspect existing "connected"
1025 lladdr instead of overriding it
1026 if it is different.
1027 It also allows to retain current state
1028 if lladdr is unchanged.
1029 NEIGH_UPDATE_F_ADMIN means that the change is administrative.
1030
1031 NEIGH_UPDATE_F_OVERRIDE_ISROUTER allows to override existing
1032 NTF_ROUTER flag.
1033 NEIGH_UPDATE_F_ISROUTER indicates if the neighbour is known as
1034 a router.
1035
1036 Caller MUST hold reference count on the entry.
1037 */
1038
1039int neigh_update(struct neighbour *neigh, const u8 *lladdr, u8 new,
1040 u32 flags)
1041{
1042 u8 old;
1043 int err;
1044 int notify = 0;
1045 struct net_device *dev;
1046 int update_isrouter = 0;
1047
1048 write_lock_bh(&neigh->lock);
1049
1050 dev = neigh->dev;
1051 old = neigh->nud_state;
1052 err = -EPERM;
1053
1054 if (!(flags & NEIGH_UPDATE_F_ADMIN) &&
1055 (old & (NUD_NOARP | NUD_PERMANENT)))
1056 goto out;
1057
1058 if (!(new & NUD_VALID)) {
1059 neigh_del_timer(neigh);
1060 if (old & NUD_CONNECTED)
1061 neigh_suspect(neigh);
1062 neigh->nud_state = new;
1063 err = 0;
1064 notify = old & NUD_VALID;
1065 if ((old & (NUD_INCOMPLETE | NUD_PROBE)) &&
1066 (new & NUD_FAILED)) {
1067 neigh_invalidate(neigh);
1068 notify = 1;
1069 }
1070 goto out;
1071 }
1072
1073 /* Compare new lladdr with cached one */
1074 if (!dev->addr_len) {
1075 /* First case: device needs no address. */
1076 lladdr = neigh->ha;
1077 } else if (lladdr) {
1078 /* The second case: if something is already cached
1079 and a new address is proposed:
1080 - compare new & old
1081 - if they are different, check override flag
1082 */
1083 if ((old & NUD_VALID) &&
1084 !memcmp(lladdr, neigh->ha, dev->addr_len))
1085 lladdr = neigh->ha;
1086 } else {
1087 /* No address is supplied; if we know something,
1088 use it, otherwise discard the request.
1089 */
1090 err = -EINVAL;
1091 if (!(old & NUD_VALID))
1092 goto out;
1093 lladdr = neigh->ha;
1094 }
1095
1096 if (new & NUD_CONNECTED)
1097 neigh->confirmed = jiffies;
1098 neigh->updated = jiffies;
1099
1100 /* If entry was valid and address is not changed,
1101 do not change entry state, if new one is STALE.
1102 */
1103 err = 0;
1104 update_isrouter = flags & NEIGH_UPDATE_F_OVERRIDE_ISROUTER;
1105 if (old & NUD_VALID) {
1106 if (lladdr != neigh->ha && !(flags & NEIGH_UPDATE_F_OVERRIDE)) {
1107 update_isrouter = 0;
1108 if ((flags & NEIGH_UPDATE_F_WEAK_OVERRIDE) &&
1109 (old & NUD_CONNECTED)) {
1110 lladdr = neigh->ha;
1111 new = NUD_STALE;
1112 } else
1113 goto out;
1114 } else {
1115 if (lladdr == neigh->ha && new == NUD_STALE &&
1116 ((flags & NEIGH_UPDATE_F_WEAK_OVERRIDE) ||
1117 (old & NUD_CONNECTED))
1118 )
1119 new = old;
1120 }
1121 }
1122
1123 if (new != old) {
1124 neigh_del_timer(neigh);
1125 if (new & NUD_IN_TIMER)
1126 neigh_add_timer(neigh, (jiffies +
1127 ((new & NUD_REACHABLE) ?
1128 neigh->parms->reachable_time :
1129 0)));
1130 neigh->nud_state = new;
1131 }
1132
1133 if (lladdr != neigh->ha) {
1134 write_seqlock(&neigh->ha_lock);
1135 memcpy(&neigh->ha, lladdr, dev->addr_len);
1136 write_sequnlock(&neigh->ha_lock);
1137 neigh_update_hhs(neigh);
1138 if (!(new & NUD_CONNECTED))
1139 neigh->confirmed = jiffies -
1140 (neigh->parms->base_reachable_time << 1);
1141 notify = 1;
1142 }
1143 if (new == old)
1144 goto out;
1145 if (new & NUD_CONNECTED)
1146 neigh_connect(neigh);
1147 else
1148 neigh_suspect(neigh);
1149 if (!(old & NUD_VALID)) {
1150 struct sk_buff *skb;
1151
1152 /* Again: avoid dead loop if something went wrong */
1153
1154 while (neigh->nud_state & NUD_VALID &&
1155 (skb = __skb_dequeue(&neigh->arp_queue)) != NULL) {
1156 struct dst_entry *dst = skb_dst(skb);
1157 struct neighbour *n2, *n1 = neigh;
1158 write_unlock_bh(&neigh->lock);
1159 /* On shaper/eql skb->dst->neighbour != neigh :( */
1160 if (dst && (n2 = dst_get_neighbour(dst)) != NULL)
1161 n1 = n2;
1162 n1->output(n1, skb);
1163 write_lock_bh(&neigh->lock);
1164 }
1165 skb_queue_purge(&neigh->arp_queue);
1166 }
1167out:
1168 if (update_isrouter) {
1169 neigh->flags = (flags & NEIGH_UPDATE_F_ISROUTER) ?
1170 (neigh->flags | NTF_ROUTER) :
1171 (neigh->flags & ~NTF_ROUTER);
1172 }
1173 write_unlock_bh(&neigh->lock);
1174
1175 if (notify)
1176 neigh_update_notify(neigh);
1177
1178 return err;
1179}
1180EXPORT_SYMBOL(neigh_update);
1181
1182struct neighbour *neigh_event_ns(struct neigh_table *tbl,
1183 u8 *lladdr, void *saddr,
1184 struct net_device *dev)
1185{
1186 struct neighbour *neigh = __neigh_lookup(tbl, saddr, dev,
1187 lladdr || !dev->addr_len);
1188 if (neigh)
1189 neigh_update(neigh, lladdr, NUD_STALE,
1190 NEIGH_UPDATE_F_OVERRIDE);
1191 return neigh;
1192}
1193EXPORT_SYMBOL(neigh_event_ns);
1194
1195/* called with read_lock_bh(&n->lock); */
1196static void neigh_hh_init(struct neighbour *n, struct dst_entry *dst)
1197{
1198 struct net_device *dev = dst->dev;
1199 __be16 prot = dst->ops->protocol;
1200 struct hh_cache *hh = &n->hh;
1201
1202 write_lock_bh(&n->lock);
1203
1204 /* Only one thread can come in here and initialize the
1205 * hh_cache entry.
1206 */
1207 if (!hh->hh_len)
1208 dev->header_ops->cache(n, hh, prot);
1209
1210 write_unlock_bh(&n->lock);
1211}
1212
1213/* This function can be used in contexts, where only old dev_queue_xmit
1214 * worked, f.e. if you want to override normal output path (eql, shaper),
1215 * but resolution is not made yet.
1216 */
1217
1218int neigh_compat_output(struct neighbour *neigh, struct sk_buff *skb)
1219{
1220 struct net_device *dev = skb->dev;
1221
1222 __skb_pull(skb, skb_network_offset(skb));
1223
1224 if (dev_hard_header(skb, dev, ntohs(skb->protocol), NULL, NULL,
1225 skb->len) < 0 &&
1226 dev->header_ops->rebuild(skb))
1227 return 0;
1228
1229 return dev_queue_xmit(skb);
1230}
1231EXPORT_SYMBOL(neigh_compat_output);
1232
1233/* Slow and careful. */
1234
1235int neigh_resolve_output(struct neighbour *neigh, struct sk_buff *skb)
1236{
1237 struct dst_entry *dst = skb_dst(skb);
1238 int rc = 0;
1239
1240 if (!dst)
1241 goto discard;
1242
1243 __skb_pull(skb, skb_network_offset(skb));
1244
1245 if (!neigh_event_send(neigh, skb)) {
1246 int err;
1247 struct net_device *dev = neigh->dev;
1248 unsigned int seq;
1249
1250 if (dev->header_ops->cache && !neigh->hh.hh_len)
1251 neigh_hh_init(neigh, dst);
1252
1253 do {
1254 seq = read_seqbegin(&neigh->ha_lock);
1255 err = dev_hard_header(skb, dev, ntohs(skb->protocol),
1256 neigh->ha, NULL, skb->len);
1257 } while (read_seqretry(&neigh->ha_lock, seq));
1258
1259 if (err >= 0)
1260 rc = dev_queue_xmit(skb);
1261 else
1262 goto out_kfree_skb;
1263 }
1264out:
1265 return rc;
1266discard:
1267 NEIGH_PRINTK1("neigh_resolve_output: dst=%p neigh=%p\n",
1268 dst, neigh);
1269out_kfree_skb:
1270 rc = -EINVAL;
1271 kfree_skb(skb);
1272 goto out;
1273}
1274EXPORT_SYMBOL(neigh_resolve_output);
1275
1276/* As fast as possible without hh cache */
1277
1278int neigh_connected_output(struct neighbour *neigh, struct sk_buff *skb)
1279{
1280 struct net_device *dev = neigh->dev;
1281 unsigned int seq;
1282 int err;
1283
1284 __skb_pull(skb, skb_network_offset(skb));
1285
1286 do {
1287 seq = read_seqbegin(&neigh->ha_lock);
1288 err = dev_hard_header(skb, dev, ntohs(skb->protocol),
1289 neigh->ha, NULL, skb->len);
1290 } while (read_seqretry(&neigh->ha_lock, seq));
1291
1292 if (err >= 0)
1293 err = dev_queue_xmit(skb);
1294 else {
1295 err = -EINVAL;
1296 kfree_skb(skb);
1297 }
1298 return err;
1299}
1300EXPORT_SYMBOL(neigh_connected_output);
1301
1302int neigh_direct_output(struct neighbour *neigh, struct sk_buff *skb)
1303{
1304 return dev_queue_xmit(skb);
1305}
1306EXPORT_SYMBOL(neigh_direct_output);
1307
1308static void neigh_proxy_process(unsigned long arg)
1309{
1310 struct neigh_table *tbl = (struct neigh_table *)arg;
1311 long sched_next = 0;
1312 unsigned long now = jiffies;
1313 struct sk_buff *skb, *n;
1314
1315 spin_lock(&tbl->proxy_queue.lock);
1316
1317 skb_queue_walk_safe(&tbl->proxy_queue, skb, n) {
1318 long tdif = NEIGH_CB(skb)->sched_next - now;
1319
1320 if (tdif <= 0) {
1321 struct net_device *dev = skb->dev;
1322
1323 __skb_unlink(skb, &tbl->proxy_queue);
1324 if (tbl->proxy_redo && netif_running(dev)) {
1325 rcu_read_lock();
1326 tbl->proxy_redo(skb);
1327 rcu_read_unlock();
1328 } else {
1329 kfree_skb(skb);
1330 }
1331
1332 dev_put(dev);
1333 } else if (!sched_next || tdif < sched_next)
1334 sched_next = tdif;
1335 }
1336 del_timer(&tbl->proxy_timer);
1337 if (sched_next)
1338 mod_timer(&tbl->proxy_timer, jiffies + sched_next);
1339 spin_unlock(&tbl->proxy_queue.lock);
1340}
1341
1342void pneigh_enqueue(struct neigh_table *tbl, struct neigh_parms *p,
1343 struct sk_buff *skb)
1344{
1345 unsigned long now = jiffies;
1346 unsigned long sched_next = now + (net_random() % p->proxy_delay);
1347
1348 if (tbl->proxy_queue.qlen > p->proxy_qlen) {
1349 kfree_skb(skb);
1350 return;
1351 }
1352
1353 NEIGH_CB(skb)->sched_next = sched_next;
1354 NEIGH_CB(skb)->flags |= LOCALLY_ENQUEUED;
1355
1356 spin_lock(&tbl->proxy_queue.lock);
1357 if (del_timer(&tbl->proxy_timer)) {
1358 if (time_before(tbl->proxy_timer.expires, sched_next))
1359 sched_next = tbl->proxy_timer.expires;
1360 }
1361 skb_dst_drop(skb);
1362 dev_hold(skb->dev);
1363 __skb_queue_tail(&tbl->proxy_queue, skb);
1364 mod_timer(&tbl->proxy_timer, sched_next);
1365 spin_unlock(&tbl->proxy_queue.lock);
1366}
1367EXPORT_SYMBOL(pneigh_enqueue);
1368
1369static inline struct neigh_parms *lookup_neigh_parms(struct neigh_table *tbl,
1370 struct net *net, int ifindex)
1371{
1372 struct neigh_parms *p;
1373
1374 for (p = &tbl->parms; p; p = p->next) {
1375 if ((p->dev && p->dev->ifindex == ifindex && net_eq(neigh_parms_net(p), net)) ||
1376 (!p->dev && !ifindex))
1377 return p;
1378 }
1379
1380 return NULL;
1381}
1382
1383struct neigh_parms *neigh_parms_alloc(struct net_device *dev,
1384 struct neigh_table *tbl)
1385{
1386 struct neigh_parms *p, *ref;
1387 struct net *net = dev_net(dev);
1388 const struct net_device_ops *ops = dev->netdev_ops;
1389
1390 ref = lookup_neigh_parms(tbl, net, 0);
1391 if (!ref)
1392 return NULL;
1393
1394 p = kmemdup(ref, sizeof(*p), GFP_KERNEL);
1395 if (p) {
1396 p->tbl = tbl;
1397 atomic_set(&p->refcnt, 1);
1398 p->reachable_time =
1399 neigh_rand_reach_time(p->base_reachable_time);
1400
1401 if (ops->ndo_neigh_setup && ops->ndo_neigh_setup(dev, p)) {
1402 kfree(p);
1403 return NULL;
1404 }
1405
1406 dev_hold(dev);
1407 p->dev = dev;
1408 write_pnet(&p->net, hold_net(net));
1409 p->sysctl_table = NULL;
1410 write_lock_bh(&tbl->lock);
1411 p->next = tbl->parms.next;
1412 tbl->parms.next = p;
1413 write_unlock_bh(&tbl->lock);
1414 }
1415 return p;
1416}
1417EXPORT_SYMBOL(neigh_parms_alloc);
1418
1419static void neigh_rcu_free_parms(struct rcu_head *head)
1420{
1421 struct neigh_parms *parms =
1422 container_of(head, struct neigh_parms, rcu_head);
1423
1424 neigh_parms_put(parms);
1425}
1426
1427void neigh_parms_release(struct neigh_table *tbl, struct neigh_parms *parms)
1428{
1429 struct neigh_parms **p;
1430
1431 if (!parms || parms == &tbl->parms)
1432 return;
1433 write_lock_bh(&tbl->lock);
1434 for (p = &tbl->parms.next; *p; p = &(*p)->next) {
1435 if (*p == parms) {
1436 *p = parms->next;
1437 parms->dead = 1;
1438 write_unlock_bh(&tbl->lock);
1439 if (parms->dev)
1440 dev_put(parms->dev);
1441 call_rcu(&parms->rcu_head, neigh_rcu_free_parms);
1442 return;
1443 }
1444 }
1445 write_unlock_bh(&tbl->lock);
1446 NEIGH_PRINTK1("neigh_parms_release: not found\n");
1447}
1448EXPORT_SYMBOL(neigh_parms_release);
1449
1450static void neigh_parms_destroy(struct neigh_parms *parms)
1451{
1452 release_net(neigh_parms_net(parms));
1453 kfree(parms);
1454}
1455
1456static struct lock_class_key neigh_table_proxy_queue_class;
1457
1458void neigh_table_init_no_netlink(struct neigh_table *tbl)
1459{
1460 unsigned long now = jiffies;
1461 unsigned long phsize;
1462
1463 write_pnet(&tbl->parms.net, &init_net);
1464 atomic_set(&tbl->parms.refcnt, 1);
1465 tbl->parms.reachable_time =
1466 neigh_rand_reach_time(tbl->parms.base_reachable_time);
1467
1468 if (!tbl->kmem_cachep)
1469 tbl->kmem_cachep =
1470 kmem_cache_create(tbl->id, tbl->entry_size, 0,
1471 SLAB_HWCACHE_ALIGN|SLAB_PANIC,
1472 NULL);
1473 tbl->stats = alloc_percpu(struct neigh_statistics);
1474 if (!tbl->stats)
1475 panic("cannot create neighbour cache statistics");
1476
1477#ifdef CONFIG_PROC_FS
1478 if (!proc_create_data(tbl->id, 0, init_net.proc_net_stat,
1479 &neigh_stat_seq_fops, tbl))
1480 panic("cannot create neighbour proc dir entry");
1481#endif
1482
1483 RCU_INIT_POINTER(tbl->nht, neigh_hash_alloc(3));
1484
1485 phsize = (PNEIGH_HASHMASK + 1) * sizeof(struct pneigh_entry *);
1486 tbl->phash_buckets = kzalloc(phsize, GFP_KERNEL);
1487
1488 if (!tbl->nht || !tbl->phash_buckets)
1489 panic("cannot allocate neighbour cache hashes");
1490
1491 rwlock_init(&tbl->lock);
1492 INIT_DELAYED_WORK_DEFERRABLE(&tbl->gc_work, neigh_periodic_work);
1493 schedule_delayed_work(&tbl->gc_work, tbl->parms.reachable_time);
1494 setup_timer(&tbl->proxy_timer, neigh_proxy_process, (unsigned long)tbl);
1495 skb_queue_head_init_class(&tbl->proxy_queue,
1496 &neigh_table_proxy_queue_class);
1497
1498 tbl->last_flush = now;
1499 tbl->last_rand = now + tbl->parms.reachable_time * 20;
1500}
1501EXPORT_SYMBOL(neigh_table_init_no_netlink);
1502
1503void neigh_table_init(struct neigh_table *tbl)
1504{
1505 struct neigh_table *tmp;
1506
1507 neigh_table_init_no_netlink(tbl);
1508 write_lock(&neigh_tbl_lock);
1509 for (tmp = neigh_tables; tmp; tmp = tmp->next) {
1510 if (tmp->family == tbl->family)
1511 break;
1512 }
1513 tbl->next = neigh_tables;
1514 neigh_tables = tbl;
1515 write_unlock(&neigh_tbl_lock);
1516
1517 if (unlikely(tmp)) {
1518 printk(KERN_ERR "NEIGH: Registering multiple tables for "
1519 "family %d\n", tbl->family);
1520 dump_stack();
1521 }
1522}
1523EXPORT_SYMBOL(neigh_table_init);
1524
1525int neigh_table_clear(struct neigh_table *tbl)
1526{
1527 struct neigh_table **tp;
1528
1529 /* It is not clean... Fix it to unload IPv6 module safely */
1530 cancel_delayed_work_sync(&tbl->gc_work);
1531 del_timer_sync(&tbl->proxy_timer);
1532 pneigh_queue_purge(&tbl->proxy_queue);
1533 neigh_ifdown(tbl, NULL);
1534 if (atomic_read(&tbl->entries))
1535 printk(KERN_CRIT "neighbour leakage\n");
1536 write_lock(&neigh_tbl_lock);
1537 for (tp = &neigh_tables; *tp; tp = &(*tp)->next) {
1538 if (*tp == tbl) {
1539 *tp = tbl->next;
1540 break;
1541 }
1542 }
1543 write_unlock(&neigh_tbl_lock);
1544
1545 call_rcu(&rcu_dereference_protected(tbl->nht, 1)->rcu,
1546 neigh_hash_free_rcu);
1547 tbl->nht = NULL;
1548
1549 kfree(tbl->phash_buckets);
1550 tbl->phash_buckets = NULL;
1551
1552 remove_proc_entry(tbl->id, init_net.proc_net_stat);
1553
1554 free_percpu(tbl->stats);
1555 tbl->stats = NULL;
1556
1557 kmem_cache_destroy(tbl->kmem_cachep);
1558 tbl->kmem_cachep = NULL;
1559
1560 return 0;
1561}
1562EXPORT_SYMBOL(neigh_table_clear);
1563
1564static int neigh_delete(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg)
1565{
1566 struct net *net = sock_net(skb->sk);
1567 struct ndmsg *ndm;
1568 struct nlattr *dst_attr;
1569 struct neigh_table *tbl;
1570 struct net_device *dev = NULL;
1571 int err = -EINVAL;
1572
1573 ASSERT_RTNL();
1574 if (nlmsg_len(nlh) < sizeof(*ndm))
1575 goto out;
1576
1577 dst_attr = nlmsg_find_attr(nlh, sizeof(*ndm), NDA_DST);
1578 if (dst_attr == NULL)
1579 goto out;
1580
1581 ndm = nlmsg_data(nlh);
1582 if (ndm->ndm_ifindex) {
1583 dev = __dev_get_by_index(net, ndm->ndm_ifindex);
1584 if (dev == NULL) {
1585 err = -ENODEV;
1586 goto out;
1587 }
1588 }
1589
1590 read_lock(&neigh_tbl_lock);
1591 for (tbl = neigh_tables; tbl; tbl = tbl->next) {
1592 struct neighbour *neigh;
1593
1594 if (tbl->family != ndm->ndm_family)
1595 continue;
1596 read_unlock(&neigh_tbl_lock);
1597
1598 if (nla_len(dst_attr) < tbl->key_len)
1599 goto out;
1600
1601 if (ndm->ndm_flags & NTF_PROXY) {
1602 err = pneigh_delete(tbl, net, nla_data(dst_attr), dev);
1603 goto out;
1604 }
1605
1606 if (dev == NULL)
1607 goto out;
1608
1609 neigh = neigh_lookup(tbl, nla_data(dst_attr), dev);
1610 if (neigh == NULL) {
1611 err = -ENOENT;
1612 goto out;
1613 }
1614
1615 err = neigh_update(neigh, NULL, NUD_FAILED,
1616 NEIGH_UPDATE_F_OVERRIDE |
1617 NEIGH_UPDATE_F_ADMIN);
1618 neigh_release(neigh);
1619 goto out;
1620 }
1621 read_unlock(&neigh_tbl_lock);
1622 err = -EAFNOSUPPORT;
1623
1624out:
1625 return err;
1626}
1627
1628static int neigh_add(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg)
1629{
1630 struct net *net = sock_net(skb->sk);
1631 struct ndmsg *ndm;
1632 struct nlattr *tb[NDA_MAX+1];
1633 struct neigh_table *tbl;
1634 struct net_device *dev = NULL;
1635 int err;
1636
1637 ASSERT_RTNL();
1638 err = nlmsg_parse(nlh, sizeof(*ndm), tb, NDA_MAX, NULL);
1639 if (err < 0)
1640 goto out;
1641
1642 err = -EINVAL;
1643 if (tb[NDA_DST] == NULL)
1644 goto out;
1645
1646 ndm = nlmsg_data(nlh);
1647 if (ndm->ndm_ifindex) {
1648 dev = __dev_get_by_index(net, ndm->ndm_ifindex);
1649 if (dev == NULL) {
1650 err = -ENODEV;
1651 goto out;
1652 }
1653
1654 if (tb[NDA_LLADDR] && nla_len(tb[NDA_LLADDR]) < dev->addr_len)
1655 goto out;
1656 }
1657
1658 read_lock(&neigh_tbl_lock);
1659 for (tbl = neigh_tables; tbl; tbl = tbl->next) {
1660 int flags = NEIGH_UPDATE_F_ADMIN | NEIGH_UPDATE_F_OVERRIDE;
1661 struct neighbour *neigh;
1662 void *dst, *lladdr;
1663
1664 if (tbl->family != ndm->ndm_family)
1665 continue;
1666 read_unlock(&neigh_tbl_lock);
1667
1668 if (nla_len(tb[NDA_DST]) < tbl->key_len)
1669 goto out;
1670 dst = nla_data(tb[NDA_DST]);
1671 lladdr = tb[NDA_LLADDR] ? nla_data(tb[NDA_LLADDR]) : NULL;
1672
1673 if (ndm->ndm_flags & NTF_PROXY) {
1674 struct pneigh_entry *pn;
1675
1676 err = -ENOBUFS;
1677 pn = pneigh_lookup(tbl, net, dst, dev, 1);
1678 if (pn) {
1679 pn->flags = ndm->ndm_flags;
1680 err = 0;
1681 }
1682 goto out;
1683 }
1684
1685 if (dev == NULL)
1686 goto out;
1687
1688 neigh = neigh_lookup(tbl, dst, dev);
1689 if (neigh == NULL) {
1690 if (!(nlh->nlmsg_flags & NLM_F_CREATE)) {
1691 err = -ENOENT;
1692 goto out;
1693 }
1694
1695 neigh = __neigh_lookup_errno(tbl, dst, dev);
1696 if (IS_ERR(neigh)) {
1697 err = PTR_ERR(neigh);
1698 goto out;
1699 }
1700 } else {
1701 if (nlh->nlmsg_flags & NLM_F_EXCL) {
1702 err = -EEXIST;
1703 neigh_release(neigh);
1704 goto out;
1705 }
1706
1707 if (!(nlh->nlmsg_flags & NLM_F_REPLACE))
1708 flags &= ~NEIGH_UPDATE_F_OVERRIDE;
1709 }
1710
1711 if (ndm->ndm_flags & NTF_USE) {
1712 neigh_event_send(neigh, NULL);
1713 err = 0;
1714 } else
1715 err = neigh_update(neigh, lladdr, ndm->ndm_state, flags);
1716 neigh_release(neigh);
1717 goto out;
1718 }
1719
1720 read_unlock(&neigh_tbl_lock);
1721 err = -EAFNOSUPPORT;
1722out:
1723 return err;
1724}
1725
1726static int neightbl_fill_parms(struct sk_buff *skb, struct neigh_parms *parms)
1727{
1728 struct nlattr *nest;
1729
1730 nest = nla_nest_start(skb, NDTA_PARMS);
1731 if (nest == NULL)
1732 return -ENOBUFS;
1733
1734 if (parms->dev)
1735 NLA_PUT_U32(skb, NDTPA_IFINDEX, parms->dev->ifindex);
1736
1737 NLA_PUT_U32(skb, NDTPA_REFCNT, atomic_read(&parms->refcnt));
1738 NLA_PUT_U32(skb, NDTPA_QUEUE_LEN, parms->queue_len);
1739 NLA_PUT_U32(skb, NDTPA_PROXY_QLEN, parms->proxy_qlen);
1740 NLA_PUT_U32(skb, NDTPA_APP_PROBES, parms->app_probes);
1741 NLA_PUT_U32(skb, NDTPA_UCAST_PROBES, parms->ucast_probes);
1742 NLA_PUT_U32(skb, NDTPA_MCAST_PROBES, parms->mcast_probes);
1743 NLA_PUT_MSECS(skb, NDTPA_REACHABLE_TIME, parms->reachable_time);
1744 NLA_PUT_MSECS(skb, NDTPA_BASE_REACHABLE_TIME,
1745 parms->base_reachable_time);
1746 NLA_PUT_MSECS(skb, NDTPA_GC_STALETIME, parms->gc_staletime);
1747 NLA_PUT_MSECS(skb, NDTPA_DELAY_PROBE_TIME, parms->delay_probe_time);
1748 NLA_PUT_MSECS(skb, NDTPA_RETRANS_TIME, parms->retrans_time);
1749 NLA_PUT_MSECS(skb, NDTPA_ANYCAST_DELAY, parms->anycast_delay);
1750 NLA_PUT_MSECS(skb, NDTPA_PROXY_DELAY, parms->proxy_delay);
1751 NLA_PUT_MSECS(skb, NDTPA_LOCKTIME, parms->locktime);
1752
1753 return nla_nest_end(skb, nest);
1754
1755nla_put_failure:
1756 nla_nest_cancel(skb, nest);
1757 return -EMSGSIZE;
1758}
1759
1760static int neightbl_fill_info(struct sk_buff *skb, struct neigh_table *tbl,
1761 u32 pid, u32 seq, int type, int flags)
1762{
1763 struct nlmsghdr *nlh;
1764 struct ndtmsg *ndtmsg;
1765
1766 nlh = nlmsg_put(skb, pid, seq, type, sizeof(*ndtmsg), flags);
1767 if (nlh == NULL)
1768 return -EMSGSIZE;
1769
1770 ndtmsg = nlmsg_data(nlh);
1771
1772 read_lock_bh(&tbl->lock);
1773 ndtmsg->ndtm_family = tbl->family;
1774 ndtmsg->ndtm_pad1 = 0;
1775 ndtmsg->ndtm_pad2 = 0;
1776
1777 NLA_PUT_STRING(skb, NDTA_NAME, tbl->id);
1778 NLA_PUT_MSECS(skb, NDTA_GC_INTERVAL, tbl->gc_interval);
1779 NLA_PUT_U32(skb, NDTA_THRESH1, tbl->gc_thresh1);
1780 NLA_PUT_U32(skb, NDTA_THRESH2, tbl->gc_thresh2);
1781 NLA_PUT_U32(skb, NDTA_THRESH3, tbl->gc_thresh3);
1782
1783 {
1784 unsigned long now = jiffies;
1785 unsigned int flush_delta = now - tbl->last_flush;
1786 unsigned int rand_delta = now - tbl->last_rand;
1787 struct neigh_hash_table *nht;
1788 struct ndt_config ndc = {
1789 .ndtc_key_len = tbl->key_len,
1790 .ndtc_entry_size = tbl->entry_size,
1791 .ndtc_entries = atomic_read(&tbl->entries),
1792 .ndtc_last_flush = jiffies_to_msecs(flush_delta),
1793 .ndtc_last_rand = jiffies_to_msecs(rand_delta),
1794 .ndtc_proxy_qlen = tbl->proxy_queue.qlen,
1795 };
1796
1797 rcu_read_lock_bh();
1798 nht = rcu_dereference_bh(tbl->nht);
1799 ndc.ndtc_hash_rnd = nht->hash_rnd;
1800 ndc.ndtc_hash_mask = ((1 << nht->hash_shift) - 1);
1801 rcu_read_unlock_bh();
1802
1803 NLA_PUT(skb, NDTA_CONFIG, sizeof(ndc), &ndc);
1804 }
1805
1806 {
1807 int cpu;
1808 struct ndt_stats ndst;
1809
1810 memset(&ndst, 0, sizeof(ndst));
1811
1812 for_each_possible_cpu(cpu) {
1813 struct neigh_statistics *st;
1814
1815 st = per_cpu_ptr(tbl->stats, cpu);
1816 ndst.ndts_allocs += st->allocs;
1817 ndst.ndts_destroys += st->destroys;
1818 ndst.ndts_hash_grows += st->hash_grows;
1819 ndst.ndts_res_failed += st->res_failed;
1820 ndst.ndts_lookups += st->lookups;
1821 ndst.ndts_hits += st->hits;
1822 ndst.ndts_rcv_probes_mcast += st->rcv_probes_mcast;
1823 ndst.ndts_rcv_probes_ucast += st->rcv_probes_ucast;
1824 ndst.ndts_periodic_gc_runs += st->periodic_gc_runs;
1825 ndst.ndts_forced_gc_runs += st->forced_gc_runs;
1826 }
1827
1828 NLA_PUT(skb, NDTA_STATS, sizeof(ndst), &ndst);
1829 }
1830
1831 BUG_ON(tbl->parms.dev);
1832 if (neightbl_fill_parms(skb, &tbl->parms) < 0)
1833 goto nla_put_failure;
1834
1835 read_unlock_bh(&tbl->lock);
1836 return nlmsg_end(skb, nlh);
1837
1838nla_put_failure:
1839 read_unlock_bh(&tbl->lock);
1840 nlmsg_cancel(skb, nlh);
1841 return -EMSGSIZE;
1842}
1843
1844static int neightbl_fill_param_info(struct sk_buff *skb,
1845 struct neigh_table *tbl,
1846 struct neigh_parms *parms,
1847 u32 pid, u32 seq, int type,
1848 unsigned int flags)
1849{
1850 struct ndtmsg *ndtmsg;
1851 struct nlmsghdr *nlh;
1852
1853 nlh = nlmsg_put(skb, pid, seq, type, sizeof(*ndtmsg), flags);
1854 if (nlh == NULL)
1855 return -EMSGSIZE;
1856
1857 ndtmsg = nlmsg_data(nlh);
1858
1859 read_lock_bh(&tbl->lock);
1860 ndtmsg->ndtm_family = tbl->family;
1861 ndtmsg->ndtm_pad1 = 0;
1862 ndtmsg->ndtm_pad2 = 0;
1863
1864 if (nla_put_string(skb, NDTA_NAME, tbl->id) < 0 ||
1865 neightbl_fill_parms(skb, parms) < 0)
1866 goto errout;
1867
1868 read_unlock_bh(&tbl->lock);
1869 return nlmsg_end(skb, nlh);
1870errout:
1871 read_unlock_bh(&tbl->lock);
1872 nlmsg_cancel(skb, nlh);
1873 return -EMSGSIZE;
1874}
1875
1876static const struct nla_policy nl_neightbl_policy[NDTA_MAX+1] = {
1877 [NDTA_NAME] = { .type = NLA_STRING },
1878 [NDTA_THRESH1] = { .type = NLA_U32 },
1879 [NDTA_THRESH2] = { .type = NLA_U32 },
1880 [NDTA_THRESH3] = { .type = NLA_U32 },
1881 [NDTA_GC_INTERVAL] = { .type = NLA_U64 },
1882 [NDTA_PARMS] = { .type = NLA_NESTED },
1883};
1884
1885static const struct nla_policy nl_ntbl_parm_policy[NDTPA_MAX+1] = {
1886 [NDTPA_IFINDEX] = { .type = NLA_U32 },
1887 [NDTPA_QUEUE_LEN] = { .type = NLA_U32 },
1888 [NDTPA_PROXY_QLEN] = { .type = NLA_U32 },
1889 [NDTPA_APP_PROBES] = { .type = NLA_U32 },
1890 [NDTPA_UCAST_PROBES] = { .type = NLA_U32 },
1891 [NDTPA_MCAST_PROBES] = { .type = NLA_U32 },
1892 [NDTPA_BASE_REACHABLE_TIME] = { .type = NLA_U64 },
1893 [NDTPA_GC_STALETIME] = { .type = NLA_U64 },
1894 [NDTPA_DELAY_PROBE_TIME] = { .type = NLA_U64 },
1895 [NDTPA_RETRANS_TIME] = { .type = NLA_U64 },
1896 [NDTPA_ANYCAST_DELAY] = { .type = NLA_U64 },
1897 [NDTPA_PROXY_DELAY] = { .type = NLA_U64 },
1898 [NDTPA_LOCKTIME] = { .type = NLA_U64 },
1899};
1900
1901static int neightbl_set(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg)
1902{
1903 struct net *net = sock_net(skb->sk);
1904 struct neigh_table *tbl;
1905 struct ndtmsg *ndtmsg;
1906 struct nlattr *tb[NDTA_MAX+1];
1907 int err;
1908
1909 err = nlmsg_parse(nlh, sizeof(*ndtmsg), tb, NDTA_MAX,
1910 nl_neightbl_policy);
1911 if (err < 0)
1912 goto errout;
1913
1914 if (tb[NDTA_NAME] == NULL) {
1915 err = -EINVAL;
1916 goto errout;
1917 }
1918
1919 ndtmsg = nlmsg_data(nlh);
1920 read_lock(&neigh_tbl_lock);
1921 for (tbl = neigh_tables; tbl; tbl = tbl->next) {
1922 if (ndtmsg->ndtm_family && tbl->family != ndtmsg->ndtm_family)
1923 continue;
1924
1925 if (nla_strcmp(tb[NDTA_NAME], tbl->id) == 0)
1926 break;
1927 }
1928
1929 if (tbl == NULL) {
1930 err = -ENOENT;
1931 goto errout_locked;
1932 }
1933
1934 /*
1935 * We acquire tbl->lock to be nice to the periodic timers and
1936 * make sure they always see a consistent set of values.
1937 */
1938 write_lock_bh(&tbl->lock);
1939
1940 if (tb[NDTA_PARMS]) {
1941 struct nlattr *tbp[NDTPA_MAX+1];
1942 struct neigh_parms *p;
1943 int i, ifindex = 0;
1944
1945 err = nla_parse_nested(tbp, NDTPA_MAX, tb[NDTA_PARMS],
1946 nl_ntbl_parm_policy);
1947 if (err < 0)
1948 goto errout_tbl_lock;
1949
1950 if (tbp[NDTPA_IFINDEX])
1951 ifindex = nla_get_u32(tbp[NDTPA_IFINDEX]);
1952
1953 p = lookup_neigh_parms(tbl, net, ifindex);
1954 if (p == NULL) {
1955 err = -ENOENT;
1956 goto errout_tbl_lock;
1957 }
1958
1959 for (i = 1; i <= NDTPA_MAX; i++) {
1960 if (tbp[i] == NULL)
1961 continue;
1962
1963 switch (i) {
1964 case NDTPA_QUEUE_LEN:
1965 p->queue_len = nla_get_u32(tbp[i]);
1966 break;
1967 case NDTPA_PROXY_QLEN:
1968 p->proxy_qlen = nla_get_u32(tbp[i]);
1969 break;
1970 case NDTPA_APP_PROBES:
1971 p->app_probes = nla_get_u32(tbp[i]);
1972 break;
1973 case NDTPA_UCAST_PROBES:
1974 p->ucast_probes = nla_get_u32(tbp[i]);
1975 break;
1976 case NDTPA_MCAST_PROBES:
1977 p->mcast_probes = nla_get_u32(tbp[i]);
1978 break;
1979 case NDTPA_BASE_REACHABLE_TIME:
1980 p->base_reachable_time = nla_get_msecs(tbp[i]);
1981 break;
1982 case NDTPA_GC_STALETIME:
1983 p->gc_staletime = nla_get_msecs(tbp[i]);
1984 break;
1985 case NDTPA_DELAY_PROBE_TIME:
1986 p->delay_probe_time = nla_get_msecs(tbp[i]);
1987 break;
1988 case NDTPA_RETRANS_TIME:
1989 p->retrans_time = nla_get_msecs(tbp[i]);
1990 break;
1991 case NDTPA_ANYCAST_DELAY:
1992 p->anycast_delay = nla_get_msecs(tbp[i]);
1993 break;
1994 case NDTPA_PROXY_DELAY:
1995 p->proxy_delay = nla_get_msecs(tbp[i]);
1996 break;
1997 case NDTPA_LOCKTIME:
1998 p->locktime = nla_get_msecs(tbp[i]);
1999 break;
2000 }
2001 }
2002 }
2003
2004 if (tb[NDTA_THRESH1])
2005 tbl->gc_thresh1 = nla_get_u32(tb[NDTA_THRESH1]);
2006
2007 if (tb[NDTA_THRESH2])
2008 tbl->gc_thresh2 = nla_get_u32(tb[NDTA_THRESH2]);
2009
2010 if (tb[NDTA_THRESH3])
2011 tbl->gc_thresh3 = nla_get_u32(tb[NDTA_THRESH3]);
2012
2013 if (tb[NDTA_GC_INTERVAL])
2014 tbl->gc_interval = nla_get_msecs(tb[NDTA_GC_INTERVAL]);
2015
2016 err = 0;
2017
2018errout_tbl_lock:
2019 write_unlock_bh(&tbl->lock);
2020errout_locked:
2021 read_unlock(&neigh_tbl_lock);
2022errout:
2023 return err;
2024}
2025
2026static int neightbl_dump_info(struct sk_buff *skb, struct netlink_callback *cb)
2027{
2028 struct net *net = sock_net(skb->sk);
2029 int family, tidx, nidx = 0;
2030 int tbl_skip = cb->args[0];
2031 int neigh_skip = cb->args[1];
2032 struct neigh_table *tbl;
2033
2034 family = ((struct rtgenmsg *) nlmsg_data(cb->nlh))->rtgen_family;
2035
2036 read_lock(&neigh_tbl_lock);
2037 for (tbl = neigh_tables, tidx = 0; tbl; tbl = tbl->next, tidx++) {
2038 struct neigh_parms *p;
2039
2040 if (tidx < tbl_skip || (family && tbl->family != family))
2041 continue;
2042
2043 if (neightbl_fill_info(skb, tbl, NETLINK_CB(cb->skb).pid,
2044 cb->nlh->nlmsg_seq, RTM_NEWNEIGHTBL,
2045 NLM_F_MULTI) <= 0)
2046 break;
2047
2048 for (nidx = 0, p = tbl->parms.next; p; p = p->next) {
2049 if (!net_eq(neigh_parms_net(p), net))
2050 continue;
2051
2052 if (nidx < neigh_skip)
2053 goto next;
2054
2055 if (neightbl_fill_param_info(skb, tbl, p,
2056 NETLINK_CB(cb->skb).pid,
2057 cb->nlh->nlmsg_seq,
2058 RTM_NEWNEIGHTBL,
2059 NLM_F_MULTI) <= 0)
2060 goto out;
2061 next:
2062 nidx++;
2063 }
2064
2065 neigh_skip = 0;
2066 }
2067out:
2068 read_unlock(&neigh_tbl_lock);
2069 cb->args[0] = tidx;
2070 cb->args[1] = nidx;
2071
2072 return skb->len;
2073}
2074
2075static int neigh_fill_info(struct sk_buff *skb, struct neighbour *neigh,
2076 u32 pid, u32 seq, int type, unsigned int flags)
2077{
2078 unsigned long now = jiffies;
2079 struct nda_cacheinfo ci;
2080 struct nlmsghdr *nlh;
2081 struct ndmsg *ndm;
2082
2083 nlh = nlmsg_put(skb, pid, seq, type, sizeof(*ndm), flags);
2084 if (nlh == NULL)
2085 return -EMSGSIZE;
2086
2087 ndm = nlmsg_data(nlh);
2088 ndm->ndm_family = neigh->ops->family;
2089 ndm->ndm_pad1 = 0;
2090 ndm->ndm_pad2 = 0;
2091 ndm->ndm_flags = neigh->flags;
2092 ndm->ndm_type = neigh->type;
2093 ndm->ndm_ifindex = neigh->dev->ifindex;
2094
2095 NLA_PUT(skb, NDA_DST, neigh->tbl->key_len, neigh->primary_key);
2096
2097 read_lock_bh(&neigh->lock);
2098 ndm->ndm_state = neigh->nud_state;
2099 if (neigh->nud_state & NUD_VALID) {
2100 char haddr[MAX_ADDR_LEN];
2101
2102 neigh_ha_snapshot(haddr, neigh, neigh->dev);
2103 if (nla_put(skb, NDA_LLADDR, neigh->dev->addr_len, haddr) < 0) {
2104 read_unlock_bh(&neigh->lock);
2105 goto nla_put_failure;
2106 }
2107 }
2108
2109 ci.ndm_used = jiffies_to_clock_t(now - neigh->used);
2110 ci.ndm_confirmed = jiffies_to_clock_t(now - neigh->confirmed);
2111 ci.ndm_updated = jiffies_to_clock_t(now - neigh->updated);
2112 ci.ndm_refcnt = atomic_read(&neigh->refcnt) - 1;
2113 read_unlock_bh(&neigh->lock);
2114
2115 NLA_PUT_U32(skb, NDA_PROBES, atomic_read(&neigh->probes));
2116 NLA_PUT(skb, NDA_CACHEINFO, sizeof(ci), &ci);
2117
2118 return nlmsg_end(skb, nlh);
2119
2120nla_put_failure:
2121 nlmsg_cancel(skb, nlh);
2122 return -EMSGSIZE;
2123}
2124
2125static void neigh_update_notify(struct neighbour *neigh)
2126{
2127 call_netevent_notifiers(NETEVENT_NEIGH_UPDATE, neigh);
2128 __neigh_notify(neigh, RTM_NEWNEIGH, 0);
2129}
2130
2131static int neigh_dump_table(struct neigh_table *tbl, struct sk_buff *skb,
2132 struct netlink_callback *cb)
2133{
2134 struct net *net = sock_net(skb->sk);
2135 struct neighbour *n;
2136 int rc, h, s_h = cb->args[1];
2137 int idx, s_idx = idx = cb->args[2];
2138 struct neigh_hash_table *nht;
2139
2140 rcu_read_lock_bh();
2141 nht = rcu_dereference_bh(tbl->nht);
2142
2143 for (h = 0; h < (1 << nht->hash_shift); h++) {
2144 if (h < s_h)
2145 continue;
2146 if (h > s_h)
2147 s_idx = 0;
2148 for (n = rcu_dereference_bh(nht->hash_buckets[h]), idx = 0;
2149 n != NULL;
2150 n = rcu_dereference_bh(n->next)) {
2151 if (!net_eq(dev_net(n->dev), net))
2152 continue;
2153 if (idx < s_idx)
2154 goto next;
2155 if (neigh_fill_info(skb, n, NETLINK_CB(cb->skb).pid,
2156 cb->nlh->nlmsg_seq,
2157 RTM_NEWNEIGH,
2158 NLM_F_MULTI) <= 0) {
2159 rc = -1;
2160 goto out;
2161 }
2162next:
2163 idx++;
2164 }
2165 }
2166 rc = skb->len;
2167out:
2168 rcu_read_unlock_bh();
2169 cb->args[1] = h;
2170 cb->args[2] = idx;
2171 return rc;
2172}
2173
2174static int neigh_dump_info(struct sk_buff *skb, struct netlink_callback *cb)
2175{
2176 struct neigh_table *tbl;
2177 int t, family, s_t;
2178
2179 read_lock(&neigh_tbl_lock);
2180 family = ((struct rtgenmsg *) nlmsg_data(cb->nlh))->rtgen_family;
2181 s_t = cb->args[0];
2182
2183 for (tbl = neigh_tables, t = 0; tbl; tbl = tbl->next, t++) {
2184 if (t < s_t || (family && tbl->family != family))
2185 continue;
2186 if (t > s_t)
2187 memset(&cb->args[1], 0, sizeof(cb->args) -
2188 sizeof(cb->args[0]));
2189 if (neigh_dump_table(tbl, skb, cb) < 0)
2190 break;
2191 }
2192 read_unlock(&neigh_tbl_lock);
2193
2194 cb->args[0] = t;
2195 return skb->len;
2196}
2197
2198void neigh_for_each(struct neigh_table *tbl, void (*cb)(struct neighbour *, void *), void *cookie)
2199{
2200 int chain;
2201 struct neigh_hash_table *nht;
2202
2203 rcu_read_lock_bh();
2204 nht = rcu_dereference_bh(tbl->nht);
2205
2206 read_lock(&tbl->lock); /* avoid resizes */
2207 for (chain = 0; chain < (1 << nht->hash_shift); chain++) {
2208 struct neighbour *n;
2209
2210 for (n = rcu_dereference_bh(nht->hash_buckets[chain]);
2211 n != NULL;
2212 n = rcu_dereference_bh(n->next))
2213 cb(n, cookie);
2214 }
2215 read_unlock(&tbl->lock);
2216 rcu_read_unlock_bh();
2217}
2218EXPORT_SYMBOL(neigh_for_each);
2219
2220/* The tbl->lock must be held as a writer and BH disabled. */
2221void __neigh_for_each_release(struct neigh_table *tbl,
2222 int (*cb)(struct neighbour *))
2223{
2224 int chain;
2225 struct neigh_hash_table *nht;
2226
2227 nht = rcu_dereference_protected(tbl->nht,
2228 lockdep_is_held(&tbl->lock));
2229 for (chain = 0; chain < (1 << nht->hash_shift); chain++) {
2230 struct neighbour *n;
2231 struct neighbour __rcu **np;
2232
2233 np = &nht->hash_buckets[chain];
2234 while ((n = rcu_dereference_protected(*np,
2235 lockdep_is_held(&tbl->lock))) != NULL) {
2236 int release;
2237
2238 write_lock(&n->lock);
2239 release = cb(n);
2240 if (release) {
2241 rcu_assign_pointer(*np,
2242 rcu_dereference_protected(n->next,
2243 lockdep_is_held(&tbl->lock)));
2244 n->dead = 1;
2245 } else
2246 np = &n->next;
2247 write_unlock(&n->lock);
2248 if (release)
2249 neigh_cleanup_and_release(n);
2250 }
2251 }
2252}
2253EXPORT_SYMBOL(__neigh_for_each_release);
2254
2255#ifdef CONFIG_PROC_FS
2256
2257static struct neighbour *neigh_get_first(struct seq_file *seq)
2258{
2259 struct neigh_seq_state *state = seq->private;
2260 struct net *net = seq_file_net(seq);
2261 struct neigh_hash_table *nht = state->nht;
2262 struct neighbour *n = NULL;
2263 int bucket = state->bucket;
2264
2265 state->flags &= ~NEIGH_SEQ_IS_PNEIGH;
2266 for (bucket = 0; bucket < (1 << nht->hash_shift); bucket++) {
2267 n = rcu_dereference_bh(nht->hash_buckets[bucket]);
2268
2269 while (n) {
2270 if (!net_eq(dev_net(n->dev), net))
2271 goto next;
2272 if (state->neigh_sub_iter) {
2273 loff_t fakep = 0;
2274 void *v;
2275
2276 v = state->neigh_sub_iter(state, n, &fakep);
2277 if (!v)
2278 goto next;
2279 }
2280 if (!(state->flags & NEIGH_SEQ_SKIP_NOARP))
2281 break;
2282 if (n->nud_state & ~NUD_NOARP)
2283 break;
2284next:
2285 n = rcu_dereference_bh(n->next);
2286 }
2287
2288 if (n)
2289 break;
2290 }
2291 state->bucket = bucket;
2292
2293 return n;
2294}
2295
2296static struct neighbour *neigh_get_next(struct seq_file *seq,
2297 struct neighbour *n,
2298 loff_t *pos)
2299{
2300 struct neigh_seq_state *state = seq->private;
2301 struct net *net = seq_file_net(seq);
2302 struct neigh_hash_table *nht = state->nht;
2303
2304 if (state->neigh_sub_iter) {
2305 void *v = state->neigh_sub_iter(state, n, pos);
2306 if (v)
2307 return n;
2308 }
2309 n = rcu_dereference_bh(n->next);
2310
2311 while (1) {
2312 while (n) {
2313 if (!net_eq(dev_net(n->dev), net))
2314 goto next;
2315 if (state->neigh_sub_iter) {
2316 void *v = state->neigh_sub_iter(state, n, pos);
2317 if (v)
2318 return n;
2319 goto next;
2320 }
2321 if (!(state->flags & NEIGH_SEQ_SKIP_NOARP))
2322 break;
2323
2324 if (n->nud_state & ~NUD_NOARP)
2325 break;
2326next:
2327 n = rcu_dereference_bh(n->next);
2328 }
2329
2330 if (n)
2331 break;
2332
2333 if (++state->bucket >= (1 << nht->hash_shift))
2334 break;
2335
2336 n = rcu_dereference_bh(nht->hash_buckets[state->bucket]);
2337 }
2338
2339 if (n && pos)
2340 --(*pos);
2341 return n;
2342}
2343
2344static struct neighbour *neigh_get_idx(struct seq_file *seq, loff_t *pos)
2345{
2346 struct neighbour *n = neigh_get_first(seq);
2347
2348 if (n) {
2349 --(*pos);
2350 while (*pos) {
2351 n = neigh_get_next(seq, n, pos);
2352 if (!n)
2353 break;
2354 }
2355 }
2356 return *pos ? NULL : n;
2357}
2358
2359static struct pneigh_entry *pneigh_get_first(struct seq_file *seq)
2360{
2361 struct neigh_seq_state *state = seq->private;
2362 struct net *net = seq_file_net(seq);
2363 struct neigh_table *tbl = state->tbl;
2364 struct pneigh_entry *pn = NULL;
2365 int bucket = state->bucket;
2366
2367 state->flags |= NEIGH_SEQ_IS_PNEIGH;
2368 for (bucket = 0; bucket <= PNEIGH_HASHMASK; bucket++) {
2369 pn = tbl->phash_buckets[bucket];
2370 while (pn && !net_eq(pneigh_net(pn), net))
2371 pn = pn->next;
2372 if (pn)
2373 break;
2374 }
2375 state->bucket = bucket;
2376
2377 return pn;
2378}
2379
2380static struct pneigh_entry *pneigh_get_next(struct seq_file *seq,
2381 struct pneigh_entry *pn,
2382 loff_t *pos)
2383{
2384 struct neigh_seq_state *state = seq->private;
2385 struct net *net = seq_file_net(seq);
2386 struct neigh_table *tbl = state->tbl;
2387
2388 pn = pn->next;
2389 while (!pn) {
2390 if (++state->bucket > PNEIGH_HASHMASK)
2391 break;
2392 pn = tbl->phash_buckets[state->bucket];
2393 while (pn && !net_eq(pneigh_net(pn), net))
2394 pn = pn->next;
2395 if (pn)
2396 break;
2397 }
2398
2399 if (pn && pos)
2400 --(*pos);
2401
2402 return pn;
2403}
2404
2405static struct pneigh_entry *pneigh_get_idx(struct seq_file *seq, loff_t *pos)
2406{
2407 struct pneigh_entry *pn = pneigh_get_first(seq);
2408
2409 if (pn) {
2410 --(*pos);
2411 while (*pos) {
2412 pn = pneigh_get_next(seq, pn, pos);
2413 if (!pn)
2414 break;
2415 }
2416 }
2417 return *pos ? NULL : pn;
2418}
2419
2420static void *neigh_get_idx_any(struct seq_file *seq, loff_t *pos)
2421{
2422 struct neigh_seq_state *state = seq->private;
2423 void *rc;
2424 loff_t idxpos = *pos;
2425
2426 rc = neigh_get_idx(seq, &idxpos);
2427 if (!rc && !(state->flags & NEIGH_SEQ_NEIGH_ONLY))
2428 rc = pneigh_get_idx(seq, &idxpos);
2429
2430 return rc;
2431}
2432
2433void *neigh_seq_start(struct seq_file *seq, loff_t *pos, struct neigh_table *tbl, unsigned int neigh_seq_flags)
2434 __acquires(rcu_bh)
2435{
2436 struct neigh_seq_state *state = seq->private;
2437
2438 state->tbl = tbl;
2439 state->bucket = 0;
2440 state->flags = (neigh_seq_flags & ~NEIGH_SEQ_IS_PNEIGH);
2441
2442 rcu_read_lock_bh();
2443 state->nht = rcu_dereference_bh(tbl->nht);
2444
2445 return *pos ? neigh_get_idx_any(seq, pos) : SEQ_START_TOKEN;
2446}
2447EXPORT_SYMBOL(neigh_seq_start);
2448
2449void *neigh_seq_next(struct seq_file *seq, void *v, loff_t *pos)
2450{
2451 struct neigh_seq_state *state;
2452 void *rc;
2453
2454 if (v == SEQ_START_TOKEN) {
2455 rc = neigh_get_first(seq);
2456 goto out;
2457 }
2458
2459 state = seq->private;
2460 if (!(state->flags & NEIGH_SEQ_IS_PNEIGH)) {
2461 rc = neigh_get_next(seq, v, NULL);
2462 if (rc)
2463 goto out;
2464 if (!(state->flags & NEIGH_SEQ_NEIGH_ONLY))
2465 rc = pneigh_get_first(seq);
2466 } else {
2467 BUG_ON(state->flags & NEIGH_SEQ_NEIGH_ONLY);
2468 rc = pneigh_get_next(seq, v, NULL);
2469 }
2470out:
2471 ++(*pos);
2472 return rc;
2473}
2474EXPORT_SYMBOL(neigh_seq_next);
2475
2476void neigh_seq_stop(struct seq_file *seq, void *v)
2477 __releases(rcu_bh)
2478{
2479 rcu_read_unlock_bh();
2480}
2481EXPORT_SYMBOL(neigh_seq_stop);
2482
2483/* statistics via seq_file */
2484
2485static void *neigh_stat_seq_start(struct seq_file *seq, loff_t *pos)
2486{
2487 struct neigh_table *tbl = seq->private;
2488 int cpu;
2489
2490 if (*pos == 0)
2491 return SEQ_START_TOKEN;
2492
2493 for (cpu = *pos-1; cpu < nr_cpu_ids; ++cpu) {
2494 if (!cpu_possible(cpu))
2495 continue;
2496 *pos = cpu+1;
2497 return per_cpu_ptr(tbl->stats, cpu);
2498 }
2499 return NULL;
2500}
2501
2502static void *neigh_stat_seq_next(struct seq_file *seq, void *v, loff_t *pos)
2503{
2504 struct neigh_table *tbl = seq->private;
2505 int cpu;
2506
2507 for (cpu = *pos; cpu < nr_cpu_ids; ++cpu) {
2508 if (!cpu_possible(cpu))
2509 continue;
2510 *pos = cpu+1;
2511 return per_cpu_ptr(tbl->stats, cpu);
2512 }
2513 return NULL;
2514}
2515
2516static void neigh_stat_seq_stop(struct seq_file *seq, void *v)
2517{
2518
2519}
2520
2521static int neigh_stat_seq_show(struct seq_file *seq, void *v)
2522{
2523 struct neigh_table *tbl = seq->private;
2524 struct neigh_statistics *st = v;
2525
2526 if (v == SEQ_START_TOKEN) {
2527 seq_printf(seq, "entries allocs destroys hash_grows lookups hits res_failed rcv_probes_mcast rcv_probes_ucast periodic_gc_runs forced_gc_runs unresolved_discards\n");
2528 return 0;
2529 }
2530
2531 seq_printf(seq, "%08x %08lx %08lx %08lx %08lx %08lx %08lx "
2532 "%08lx %08lx %08lx %08lx %08lx\n",
2533 atomic_read(&tbl->entries),
2534
2535 st->allocs,
2536 st->destroys,
2537 st->hash_grows,
2538
2539 st->lookups,
2540 st->hits,
2541
2542 st->res_failed,
2543
2544 st->rcv_probes_mcast,
2545 st->rcv_probes_ucast,
2546
2547 st->periodic_gc_runs,
2548 st->forced_gc_runs,
2549 st->unres_discards
2550 );
2551
2552 return 0;
2553}
2554
2555static const struct seq_operations neigh_stat_seq_ops = {
2556 .start = neigh_stat_seq_start,
2557 .next = neigh_stat_seq_next,
2558 .stop = neigh_stat_seq_stop,
2559 .show = neigh_stat_seq_show,
2560};
2561
2562static int neigh_stat_seq_open(struct inode *inode, struct file *file)
2563{
2564 int ret = seq_open(file, &neigh_stat_seq_ops);
2565
2566 if (!ret) {
2567 struct seq_file *sf = file->private_data;
2568 sf->private = PDE(inode)->data;
2569 }
2570 return ret;
2571};
2572
2573static const struct file_operations neigh_stat_seq_fops = {
2574 .owner = THIS_MODULE,
2575 .open = neigh_stat_seq_open,
2576 .read = seq_read,
2577 .llseek = seq_lseek,
2578 .release = seq_release,
2579};
2580
2581#endif /* CONFIG_PROC_FS */
2582
2583static inline size_t neigh_nlmsg_size(void)
2584{
2585 return NLMSG_ALIGN(sizeof(struct ndmsg))
2586 + nla_total_size(MAX_ADDR_LEN) /* NDA_DST */
2587 + nla_total_size(MAX_ADDR_LEN) /* NDA_LLADDR */
2588 + nla_total_size(sizeof(struct nda_cacheinfo))
2589 + nla_total_size(4); /* NDA_PROBES */
2590}
2591
2592static void __neigh_notify(struct neighbour *n, int type, int flags)
2593{
2594 struct net *net = dev_net(n->dev);
2595 struct sk_buff *skb;
2596 int err = -ENOBUFS;
2597
2598 skb = nlmsg_new(neigh_nlmsg_size(), GFP_ATOMIC);
2599 if (skb == NULL)
2600 goto errout;
2601
2602 err = neigh_fill_info(skb, n, 0, 0, type, flags);
2603 if (err < 0) {
2604 /* -EMSGSIZE implies BUG in neigh_nlmsg_size() */
2605 WARN_ON(err == -EMSGSIZE);
2606 kfree_skb(skb);
2607 goto errout;
2608 }
2609 rtnl_notify(skb, net, 0, RTNLGRP_NEIGH, NULL, GFP_ATOMIC);
2610 return;
2611errout:
2612 if (err < 0)
2613 rtnl_set_sk_err(net, RTNLGRP_NEIGH, err);
2614}
2615
2616#ifdef CONFIG_ARPD
2617void neigh_app_ns(struct neighbour *n)
2618{
2619 __neigh_notify(n, RTM_GETNEIGH, NLM_F_REQUEST);
2620}
2621EXPORT_SYMBOL(neigh_app_ns);
2622#endif /* CONFIG_ARPD */
2623
2624#ifdef CONFIG_SYSCTL
2625
2626#define NEIGH_VARS_MAX 19
2627
2628static struct neigh_sysctl_table {
2629 struct ctl_table_header *sysctl_header;
2630 struct ctl_table neigh_vars[NEIGH_VARS_MAX];
2631 char *dev_name;
2632} neigh_sysctl_template __read_mostly = {
2633 .neigh_vars = {
2634 {
2635 .procname = "mcast_solicit",
2636 .maxlen = sizeof(int),
2637 .mode = 0644,
2638 .proc_handler = proc_dointvec,
2639 },
2640 {
2641 .procname = "ucast_solicit",
2642 .maxlen = sizeof(int),
2643 .mode = 0644,
2644 .proc_handler = proc_dointvec,
2645 },
2646 {
2647 .procname = "app_solicit",
2648 .maxlen = sizeof(int),
2649 .mode = 0644,
2650 .proc_handler = proc_dointvec,
2651 },
2652 {
2653 .procname = "retrans_time",
2654 .maxlen = sizeof(int),
2655 .mode = 0644,
2656 .proc_handler = proc_dointvec_userhz_jiffies,
2657 },
2658 {
2659 .procname = "base_reachable_time",
2660 .maxlen = sizeof(int),
2661 .mode = 0644,
2662 .proc_handler = proc_dointvec_jiffies,
2663 },
2664 {
2665 .procname = "delay_first_probe_time",
2666 .maxlen = sizeof(int),
2667 .mode = 0644,
2668 .proc_handler = proc_dointvec_jiffies,
2669 },
2670 {
2671 .procname = "gc_stale_time",
2672 .maxlen = sizeof(int),
2673 .mode = 0644,
2674 .proc_handler = proc_dointvec_jiffies,
2675 },
2676 {
2677 .procname = "unres_qlen",
2678 .maxlen = sizeof(int),
2679 .mode = 0644,
2680 .proc_handler = proc_dointvec,
2681 },
2682 {
2683 .procname = "proxy_qlen",
2684 .maxlen = sizeof(int),
2685 .mode = 0644,
2686 .proc_handler = proc_dointvec,
2687 },
2688 {
2689 .procname = "anycast_delay",
2690 .maxlen = sizeof(int),
2691 .mode = 0644,
2692 .proc_handler = proc_dointvec_userhz_jiffies,
2693 },
2694 {
2695 .procname = "proxy_delay",
2696 .maxlen = sizeof(int),
2697 .mode = 0644,
2698 .proc_handler = proc_dointvec_userhz_jiffies,
2699 },
2700 {
2701 .procname = "locktime",
2702 .maxlen = sizeof(int),
2703 .mode = 0644,
2704 .proc_handler = proc_dointvec_userhz_jiffies,
2705 },
2706 {
2707 .procname = "retrans_time_ms",
2708 .maxlen = sizeof(int),
2709 .mode = 0644,
2710 .proc_handler = proc_dointvec_ms_jiffies,
2711 },
2712 {
2713 .procname = "base_reachable_time_ms",
2714 .maxlen = sizeof(int),
2715 .mode = 0644,
2716 .proc_handler = proc_dointvec_ms_jiffies,
2717 },
2718 {
2719 .procname = "gc_interval",
2720 .maxlen = sizeof(int),
2721 .mode = 0644,
2722 .proc_handler = proc_dointvec_jiffies,
2723 },
2724 {
2725 .procname = "gc_thresh1",
2726 .maxlen = sizeof(int),
2727 .mode = 0644,
2728 .proc_handler = proc_dointvec,
2729 },
2730 {
2731 .procname = "gc_thresh2",
2732 .maxlen = sizeof(int),
2733 .mode = 0644,
2734 .proc_handler = proc_dointvec,
2735 },
2736 {
2737 .procname = "gc_thresh3",
2738 .maxlen = sizeof(int),
2739 .mode = 0644,
2740 .proc_handler = proc_dointvec,
2741 },
2742 {},
2743 },
2744};
2745
2746int neigh_sysctl_register(struct net_device *dev, struct neigh_parms *p,
2747 char *p_name, proc_handler *handler)
2748{
2749 struct neigh_sysctl_table *t;
2750 const char *dev_name_source = NULL;
2751
2752#define NEIGH_CTL_PATH_ROOT 0
2753#define NEIGH_CTL_PATH_PROTO 1
2754#define NEIGH_CTL_PATH_NEIGH 2
2755#define NEIGH_CTL_PATH_DEV 3
2756
2757 struct ctl_path neigh_path[] = {
2758 { .procname = "net", },
2759 { .procname = "proto", },
2760 { .procname = "neigh", },
2761 { .procname = "default", },
2762 { },
2763 };
2764
2765 t = kmemdup(&neigh_sysctl_template, sizeof(*t), GFP_KERNEL);
2766 if (!t)
2767 goto err;
2768
2769 t->neigh_vars[0].data = &p->mcast_probes;
2770 t->neigh_vars[1].data = &p->ucast_probes;
2771 t->neigh_vars[2].data = &p->app_probes;
2772 t->neigh_vars[3].data = &p->retrans_time;
2773 t->neigh_vars[4].data = &p->base_reachable_time;
2774 t->neigh_vars[5].data = &p->delay_probe_time;
2775 t->neigh_vars[6].data = &p->gc_staletime;
2776 t->neigh_vars[7].data = &p->queue_len;
2777 t->neigh_vars[8].data = &p->proxy_qlen;
2778 t->neigh_vars[9].data = &p->anycast_delay;
2779 t->neigh_vars[10].data = &p->proxy_delay;
2780 t->neigh_vars[11].data = &p->locktime;
2781 t->neigh_vars[12].data = &p->retrans_time;
2782 t->neigh_vars[13].data = &p->base_reachable_time;
2783
2784 if (dev) {
2785 dev_name_source = dev->name;
2786 /* Terminate the table early */
2787 memset(&t->neigh_vars[14], 0, sizeof(t->neigh_vars[14]));
2788 } else {
2789 dev_name_source = neigh_path[NEIGH_CTL_PATH_DEV].procname;
2790 t->neigh_vars[14].data = (int *)(p + 1);
2791 t->neigh_vars[15].data = (int *)(p + 1) + 1;
2792 t->neigh_vars[16].data = (int *)(p + 1) + 2;
2793 t->neigh_vars[17].data = (int *)(p + 1) + 3;
2794 }
2795
2796
2797 if (handler) {
2798 /* RetransTime */
2799 t->neigh_vars[3].proc_handler = handler;
2800 t->neigh_vars[3].extra1 = dev;
2801 /* ReachableTime */
2802 t->neigh_vars[4].proc_handler = handler;
2803 t->neigh_vars[4].extra1 = dev;
2804 /* RetransTime (in milliseconds)*/
2805 t->neigh_vars[12].proc_handler = handler;
2806 t->neigh_vars[12].extra1 = dev;
2807 /* ReachableTime (in milliseconds) */
2808 t->neigh_vars[13].proc_handler = handler;
2809 t->neigh_vars[13].extra1 = dev;
2810 }
2811
2812 t->dev_name = kstrdup(dev_name_source, GFP_KERNEL);
2813 if (!t->dev_name)
2814 goto free;
2815
2816 neigh_path[NEIGH_CTL_PATH_DEV].procname = t->dev_name;
2817 neigh_path[NEIGH_CTL_PATH_PROTO].procname = p_name;
2818
2819 t->sysctl_header =
2820 register_net_sysctl_table(neigh_parms_net(p), neigh_path, t->neigh_vars);
2821 if (!t->sysctl_header)
2822 goto free_procname;
2823
2824 p->sysctl_table = t;
2825 return 0;
2826
2827free_procname:
2828 kfree(t->dev_name);
2829free:
2830 kfree(t);
2831err:
2832 return -ENOBUFS;
2833}
2834EXPORT_SYMBOL(neigh_sysctl_register);
2835
2836void neigh_sysctl_unregister(struct neigh_parms *p)
2837{
2838 if (p->sysctl_table) {
2839 struct neigh_sysctl_table *t = p->sysctl_table;
2840 p->sysctl_table = NULL;
2841 unregister_sysctl_table(t->sysctl_header);
2842 kfree(t->dev_name);
2843 kfree(t);
2844 }
2845}
2846EXPORT_SYMBOL(neigh_sysctl_unregister);
2847
2848#endif /* CONFIG_SYSCTL */
2849
2850static int __init neigh_init(void)
2851{
2852 rtnl_register(PF_UNSPEC, RTM_NEWNEIGH, neigh_add, NULL, NULL);
2853 rtnl_register(PF_UNSPEC, RTM_DELNEIGH, neigh_delete, NULL, NULL);
2854 rtnl_register(PF_UNSPEC, RTM_GETNEIGH, NULL, neigh_dump_info, NULL);
2855
2856 rtnl_register(PF_UNSPEC, RTM_GETNEIGHTBL, NULL, neightbl_dump_info,
2857 NULL);
2858 rtnl_register(PF_UNSPEC, RTM_SETNEIGHTBL, neightbl_set, NULL, NULL);
2859
2860 return 0;
2861}
2862
2863subsys_initcall(neigh_init);
2864
1// SPDX-License-Identifier: GPL-2.0-or-later
2/*
3 * Generic address resolution entity
4 *
5 * Authors:
6 * Pedro Roque <roque@di.fc.ul.pt>
7 * Alexey Kuznetsov <kuznet@ms2.inr.ac.ru>
8 *
9 * Fixes:
10 * Vitaly E. Lavrov releasing NULL neighbor in neigh_add.
11 * Harald Welte Add neighbour cache statistics like rtstat
12 */
13
14#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
15
16#include <linux/slab.h>
17#include <linux/kmemleak.h>
18#include <linux/types.h>
19#include <linux/kernel.h>
20#include <linux/module.h>
21#include <linux/socket.h>
22#include <linux/netdevice.h>
23#include <linux/proc_fs.h>
24#ifdef CONFIG_SYSCTL
25#include <linux/sysctl.h>
26#endif
27#include <linux/times.h>
28#include <net/net_namespace.h>
29#include <net/neighbour.h>
30#include <net/arp.h>
31#include <net/dst.h>
32#include <net/sock.h>
33#include <net/netevent.h>
34#include <net/netlink.h>
35#include <linux/rtnetlink.h>
36#include <linux/random.h>
37#include <linux/string.h>
38#include <linux/log2.h>
39#include <linux/inetdevice.h>
40#include <net/addrconf.h>
41
42#include <trace/events/neigh.h>
43
44#define DEBUG
45#define NEIGH_DEBUG 1
46#define neigh_dbg(level, fmt, ...) \
47do { \
48 if (level <= NEIGH_DEBUG) \
49 pr_debug(fmt, ##__VA_ARGS__); \
50} while (0)
51
52#define PNEIGH_HASHMASK 0xF
53
54static void neigh_timer_handler(struct timer_list *t);
55static void __neigh_notify(struct neighbour *n, int type, int flags,
56 u32 pid);
57static void neigh_update_notify(struct neighbour *neigh, u32 nlmsg_pid);
58static int pneigh_ifdown_and_unlock(struct neigh_table *tbl,
59 struct net_device *dev);
60
61#ifdef CONFIG_PROC_FS
62static const struct seq_operations neigh_stat_seq_ops;
63#endif
64
65/*
66 Neighbour hash table buckets are protected with rwlock tbl->lock.
67
68 - All the scans/updates to hash buckets MUST be made under this lock.
69 - NOTHING clever should be made under this lock: no callbacks
70 to protocol backends, no attempts to send something to network.
71 It will result in deadlocks, if backend/driver wants to use neighbour
72 cache.
73 - If the entry requires some non-trivial actions, increase
74 its reference count and release table lock.
75
76 Neighbour entries are protected:
77 - with reference count.
78 - with rwlock neigh->lock
79
80 Reference count prevents destruction.
81
82 neigh->lock mainly serializes ll address data and its validity state.
83 However, the same lock is used to protect another entry fields:
84 - timer
85 - resolution queue
86
87 Again, nothing clever shall be made under neigh->lock,
88 the most complicated procedure, which we allow is dev->hard_header.
89 It is supposed, that dev->hard_header is simplistic and does
90 not make callbacks to neighbour tables.
91 */
92
93static int neigh_blackhole(struct neighbour *neigh, struct sk_buff *skb)
94{
95 kfree_skb(skb);
96 return -ENETDOWN;
97}
98
99static void neigh_cleanup_and_release(struct neighbour *neigh)
100{
101 if (neigh->parms->neigh_cleanup)
102 neigh->parms->neigh_cleanup(neigh);
103
104 trace_neigh_cleanup_and_release(neigh, 0);
105 __neigh_notify(neigh, RTM_DELNEIGH, 0, 0);
106 call_netevent_notifiers(NETEVENT_NEIGH_UPDATE, neigh);
107 neigh_release(neigh);
108}
109
110/*
111 * It is random distribution in the interval (1/2)*base...(3/2)*base.
112 * It corresponds to default IPv6 settings and is not overridable,
113 * because it is really reasonable choice.
114 */
115
116unsigned long neigh_rand_reach_time(unsigned long base)
117{
118 return base ? (prandom_u32() % base) + (base >> 1) : 0;
119}
120EXPORT_SYMBOL(neigh_rand_reach_time);
121
122static void neigh_mark_dead(struct neighbour *n)
123{
124 n->dead = 1;
125 if (!list_empty(&n->gc_list)) {
126 list_del_init(&n->gc_list);
127 atomic_dec(&n->tbl->gc_entries);
128 }
129}
130
131static void neigh_update_gc_list(struct neighbour *n)
132{
133 bool on_gc_list, exempt_from_gc;
134
135 write_lock_bh(&n->tbl->lock);
136 write_lock(&n->lock);
137
138 /* remove from the gc list if new state is permanent or if neighbor
139 * is externally learned; otherwise entry should be on the gc list
140 */
141 exempt_from_gc = n->nud_state & NUD_PERMANENT ||
142 n->flags & NTF_EXT_LEARNED;
143 on_gc_list = !list_empty(&n->gc_list);
144
145 if (exempt_from_gc && on_gc_list) {
146 list_del_init(&n->gc_list);
147 atomic_dec(&n->tbl->gc_entries);
148 } else if (!exempt_from_gc && !on_gc_list) {
149 /* add entries to the tail; cleaning removes from the front */
150 list_add_tail(&n->gc_list, &n->tbl->gc_list);
151 atomic_inc(&n->tbl->gc_entries);
152 }
153
154 write_unlock(&n->lock);
155 write_unlock_bh(&n->tbl->lock);
156}
157
158static bool neigh_update_ext_learned(struct neighbour *neigh, u32 flags,
159 int *notify)
160{
161 bool rc = false;
162 u8 ndm_flags;
163
164 if (!(flags & NEIGH_UPDATE_F_ADMIN))
165 return rc;
166
167 ndm_flags = (flags & NEIGH_UPDATE_F_EXT_LEARNED) ? NTF_EXT_LEARNED : 0;
168 if ((neigh->flags ^ ndm_flags) & NTF_EXT_LEARNED) {
169 if (ndm_flags & NTF_EXT_LEARNED)
170 neigh->flags |= NTF_EXT_LEARNED;
171 else
172 neigh->flags &= ~NTF_EXT_LEARNED;
173 rc = true;
174 *notify = 1;
175 }
176
177 return rc;
178}
179
180static bool neigh_del(struct neighbour *n, struct neighbour __rcu **np,
181 struct neigh_table *tbl)
182{
183 bool retval = false;
184
185 write_lock(&n->lock);
186 if (refcount_read(&n->refcnt) == 1) {
187 struct neighbour *neigh;
188
189 neigh = rcu_dereference_protected(n->next,
190 lockdep_is_held(&tbl->lock));
191 rcu_assign_pointer(*np, neigh);
192 neigh_mark_dead(n);
193 retval = true;
194 }
195 write_unlock(&n->lock);
196 if (retval)
197 neigh_cleanup_and_release(n);
198 return retval;
199}
200
201bool neigh_remove_one(struct neighbour *ndel, struct neigh_table *tbl)
202{
203 struct neigh_hash_table *nht;
204 void *pkey = ndel->primary_key;
205 u32 hash_val;
206 struct neighbour *n;
207 struct neighbour __rcu **np;
208
209 nht = rcu_dereference_protected(tbl->nht,
210 lockdep_is_held(&tbl->lock));
211 hash_val = tbl->hash(pkey, ndel->dev, nht->hash_rnd);
212 hash_val = hash_val >> (32 - nht->hash_shift);
213
214 np = &nht->hash_buckets[hash_val];
215 while ((n = rcu_dereference_protected(*np,
216 lockdep_is_held(&tbl->lock)))) {
217 if (n == ndel)
218 return neigh_del(n, np, tbl);
219 np = &n->next;
220 }
221 return false;
222}
223
224static int neigh_forced_gc(struct neigh_table *tbl)
225{
226 int max_clean = atomic_read(&tbl->gc_entries) - tbl->gc_thresh2;
227 unsigned long tref = jiffies - 5 * HZ;
228 struct neighbour *n, *tmp;
229 int shrunk = 0;
230
231 NEIGH_CACHE_STAT_INC(tbl, forced_gc_runs);
232
233 write_lock_bh(&tbl->lock);
234
235 list_for_each_entry_safe(n, tmp, &tbl->gc_list, gc_list) {
236 if (refcount_read(&n->refcnt) == 1) {
237 bool remove = false;
238
239 write_lock(&n->lock);
240 if ((n->nud_state == NUD_FAILED) ||
241 time_after(tref, n->updated))
242 remove = true;
243 write_unlock(&n->lock);
244
245 if (remove && neigh_remove_one(n, tbl))
246 shrunk++;
247 if (shrunk >= max_clean)
248 break;
249 }
250 }
251
252 tbl->last_flush = jiffies;
253
254 write_unlock_bh(&tbl->lock);
255
256 return shrunk;
257}
258
259static void neigh_add_timer(struct neighbour *n, unsigned long when)
260{
261 neigh_hold(n);
262 if (unlikely(mod_timer(&n->timer, when))) {
263 printk("NEIGH: BUG, double timer add, state is %x\n",
264 n->nud_state);
265 dump_stack();
266 }
267}
268
269static int neigh_del_timer(struct neighbour *n)
270{
271 if ((n->nud_state & NUD_IN_TIMER) &&
272 del_timer(&n->timer)) {
273 neigh_release(n);
274 return 1;
275 }
276 return 0;
277}
278
279static void pneigh_queue_purge(struct sk_buff_head *list)
280{
281 struct sk_buff *skb;
282
283 while ((skb = skb_dequeue(list)) != NULL) {
284 dev_put(skb->dev);
285 kfree_skb(skb);
286 }
287}
288
289static void neigh_flush_dev(struct neigh_table *tbl, struct net_device *dev,
290 bool skip_perm)
291{
292 int i;
293 struct neigh_hash_table *nht;
294
295 nht = rcu_dereference_protected(tbl->nht,
296 lockdep_is_held(&tbl->lock));
297
298 for (i = 0; i < (1 << nht->hash_shift); i++) {
299 struct neighbour *n;
300 struct neighbour __rcu **np = &nht->hash_buckets[i];
301
302 while ((n = rcu_dereference_protected(*np,
303 lockdep_is_held(&tbl->lock))) != NULL) {
304 if (dev && n->dev != dev) {
305 np = &n->next;
306 continue;
307 }
308 if (skip_perm && n->nud_state & NUD_PERMANENT) {
309 np = &n->next;
310 continue;
311 }
312 rcu_assign_pointer(*np,
313 rcu_dereference_protected(n->next,
314 lockdep_is_held(&tbl->lock)));
315 write_lock(&n->lock);
316 neigh_del_timer(n);
317 neigh_mark_dead(n);
318 if (refcount_read(&n->refcnt) != 1) {
319 /* The most unpleasant situation.
320 We must destroy neighbour entry,
321 but someone still uses it.
322
323 The destroy will be delayed until
324 the last user releases us, but
325 we must kill timers etc. and move
326 it to safe state.
327 */
328 __skb_queue_purge(&n->arp_queue);
329 n->arp_queue_len_bytes = 0;
330 n->output = neigh_blackhole;
331 if (n->nud_state & NUD_VALID)
332 n->nud_state = NUD_NOARP;
333 else
334 n->nud_state = NUD_NONE;
335 neigh_dbg(2, "neigh %p is stray\n", n);
336 }
337 write_unlock(&n->lock);
338 neigh_cleanup_and_release(n);
339 }
340 }
341}
342
343void neigh_changeaddr(struct neigh_table *tbl, struct net_device *dev)
344{
345 write_lock_bh(&tbl->lock);
346 neigh_flush_dev(tbl, dev, false);
347 write_unlock_bh(&tbl->lock);
348}
349EXPORT_SYMBOL(neigh_changeaddr);
350
351static int __neigh_ifdown(struct neigh_table *tbl, struct net_device *dev,
352 bool skip_perm)
353{
354 write_lock_bh(&tbl->lock);
355 neigh_flush_dev(tbl, dev, skip_perm);
356 pneigh_ifdown_and_unlock(tbl, dev);
357
358 del_timer_sync(&tbl->proxy_timer);
359 pneigh_queue_purge(&tbl->proxy_queue);
360 return 0;
361}
362
363int neigh_carrier_down(struct neigh_table *tbl, struct net_device *dev)
364{
365 __neigh_ifdown(tbl, dev, true);
366 return 0;
367}
368EXPORT_SYMBOL(neigh_carrier_down);
369
370int neigh_ifdown(struct neigh_table *tbl, struct net_device *dev)
371{
372 __neigh_ifdown(tbl, dev, false);
373 return 0;
374}
375EXPORT_SYMBOL(neigh_ifdown);
376
377static struct neighbour *neigh_alloc(struct neigh_table *tbl,
378 struct net_device *dev,
379 bool exempt_from_gc)
380{
381 struct neighbour *n = NULL;
382 unsigned long now = jiffies;
383 int entries;
384
385 if (exempt_from_gc)
386 goto do_alloc;
387
388 entries = atomic_inc_return(&tbl->gc_entries) - 1;
389 if (entries >= tbl->gc_thresh3 ||
390 (entries >= tbl->gc_thresh2 &&
391 time_after(now, tbl->last_flush + 5 * HZ))) {
392 if (!neigh_forced_gc(tbl) &&
393 entries >= tbl->gc_thresh3) {
394 net_info_ratelimited("%s: neighbor table overflow!\n",
395 tbl->id);
396 NEIGH_CACHE_STAT_INC(tbl, table_fulls);
397 goto out_entries;
398 }
399 }
400
401do_alloc:
402 n = kzalloc(tbl->entry_size + dev->neigh_priv_len, GFP_ATOMIC);
403 if (!n)
404 goto out_entries;
405
406 __skb_queue_head_init(&n->arp_queue);
407 rwlock_init(&n->lock);
408 seqlock_init(&n->ha_lock);
409 n->updated = n->used = now;
410 n->nud_state = NUD_NONE;
411 n->output = neigh_blackhole;
412 seqlock_init(&n->hh.hh_lock);
413 n->parms = neigh_parms_clone(&tbl->parms);
414 timer_setup(&n->timer, neigh_timer_handler, 0);
415
416 NEIGH_CACHE_STAT_INC(tbl, allocs);
417 n->tbl = tbl;
418 refcount_set(&n->refcnt, 1);
419 n->dead = 1;
420 INIT_LIST_HEAD(&n->gc_list);
421
422 atomic_inc(&tbl->entries);
423out:
424 return n;
425
426out_entries:
427 if (!exempt_from_gc)
428 atomic_dec(&tbl->gc_entries);
429 goto out;
430}
431
432static void neigh_get_hash_rnd(u32 *x)
433{
434 *x = get_random_u32() | 1;
435}
436
437static struct neigh_hash_table *neigh_hash_alloc(unsigned int shift)
438{
439 size_t size = (1 << shift) * sizeof(struct neighbour *);
440 struct neigh_hash_table *ret;
441 struct neighbour __rcu **buckets;
442 int i;
443
444 ret = kmalloc(sizeof(*ret), GFP_ATOMIC);
445 if (!ret)
446 return NULL;
447 if (size <= PAGE_SIZE) {
448 buckets = kzalloc(size, GFP_ATOMIC);
449 } else {
450 buckets = (struct neighbour __rcu **)
451 __get_free_pages(GFP_ATOMIC | __GFP_ZERO,
452 get_order(size));
453 kmemleak_alloc(buckets, size, 1, GFP_ATOMIC);
454 }
455 if (!buckets) {
456 kfree(ret);
457 return NULL;
458 }
459 ret->hash_buckets = buckets;
460 ret->hash_shift = shift;
461 for (i = 0; i < NEIGH_NUM_HASH_RND; i++)
462 neigh_get_hash_rnd(&ret->hash_rnd[i]);
463 return ret;
464}
465
466static void neigh_hash_free_rcu(struct rcu_head *head)
467{
468 struct neigh_hash_table *nht = container_of(head,
469 struct neigh_hash_table,
470 rcu);
471 size_t size = (1 << nht->hash_shift) * sizeof(struct neighbour *);
472 struct neighbour __rcu **buckets = nht->hash_buckets;
473
474 if (size <= PAGE_SIZE) {
475 kfree(buckets);
476 } else {
477 kmemleak_free(buckets);
478 free_pages((unsigned long)buckets, get_order(size));
479 }
480 kfree(nht);
481}
482
483static struct neigh_hash_table *neigh_hash_grow(struct neigh_table *tbl,
484 unsigned long new_shift)
485{
486 unsigned int i, hash;
487 struct neigh_hash_table *new_nht, *old_nht;
488
489 NEIGH_CACHE_STAT_INC(tbl, hash_grows);
490
491 old_nht = rcu_dereference_protected(tbl->nht,
492 lockdep_is_held(&tbl->lock));
493 new_nht = neigh_hash_alloc(new_shift);
494 if (!new_nht)
495 return old_nht;
496
497 for (i = 0; i < (1 << old_nht->hash_shift); i++) {
498 struct neighbour *n, *next;
499
500 for (n = rcu_dereference_protected(old_nht->hash_buckets[i],
501 lockdep_is_held(&tbl->lock));
502 n != NULL;
503 n = next) {
504 hash = tbl->hash(n->primary_key, n->dev,
505 new_nht->hash_rnd);
506
507 hash >>= (32 - new_nht->hash_shift);
508 next = rcu_dereference_protected(n->next,
509 lockdep_is_held(&tbl->lock));
510
511 rcu_assign_pointer(n->next,
512 rcu_dereference_protected(
513 new_nht->hash_buckets[hash],
514 lockdep_is_held(&tbl->lock)));
515 rcu_assign_pointer(new_nht->hash_buckets[hash], n);
516 }
517 }
518
519 rcu_assign_pointer(tbl->nht, new_nht);
520 call_rcu(&old_nht->rcu, neigh_hash_free_rcu);
521 return new_nht;
522}
523
524struct neighbour *neigh_lookup(struct neigh_table *tbl, const void *pkey,
525 struct net_device *dev)
526{
527 struct neighbour *n;
528
529 NEIGH_CACHE_STAT_INC(tbl, lookups);
530
531 rcu_read_lock_bh();
532 n = __neigh_lookup_noref(tbl, pkey, dev);
533 if (n) {
534 if (!refcount_inc_not_zero(&n->refcnt))
535 n = NULL;
536 NEIGH_CACHE_STAT_INC(tbl, hits);
537 }
538
539 rcu_read_unlock_bh();
540 return n;
541}
542EXPORT_SYMBOL(neigh_lookup);
543
544struct neighbour *neigh_lookup_nodev(struct neigh_table *tbl, struct net *net,
545 const void *pkey)
546{
547 struct neighbour *n;
548 unsigned int key_len = tbl->key_len;
549 u32 hash_val;
550 struct neigh_hash_table *nht;
551
552 NEIGH_CACHE_STAT_INC(tbl, lookups);
553
554 rcu_read_lock_bh();
555 nht = rcu_dereference_bh(tbl->nht);
556 hash_val = tbl->hash(pkey, NULL, nht->hash_rnd) >> (32 - nht->hash_shift);
557
558 for (n = rcu_dereference_bh(nht->hash_buckets[hash_val]);
559 n != NULL;
560 n = rcu_dereference_bh(n->next)) {
561 if (!memcmp(n->primary_key, pkey, key_len) &&
562 net_eq(dev_net(n->dev), net)) {
563 if (!refcount_inc_not_zero(&n->refcnt))
564 n = NULL;
565 NEIGH_CACHE_STAT_INC(tbl, hits);
566 break;
567 }
568 }
569
570 rcu_read_unlock_bh();
571 return n;
572}
573EXPORT_SYMBOL(neigh_lookup_nodev);
574
575static struct neighbour *___neigh_create(struct neigh_table *tbl,
576 const void *pkey,
577 struct net_device *dev,
578 bool exempt_from_gc, bool want_ref)
579{
580 struct neighbour *n1, *rc, *n = neigh_alloc(tbl, dev, exempt_from_gc);
581 u32 hash_val;
582 unsigned int key_len = tbl->key_len;
583 int error;
584 struct neigh_hash_table *nht;
585
586 trace_neigh_create(tbl, dev, pkey, n, exempt_from_gc);
587
588 if (!n) {
589 rc = ERR_PTR(-ENOBUFS);
590 goto out;
591 }
592
593 memcpy(n->primary_key, pkey, key_len);
594 n->dev = dev;
595 dev_hold(dev);
596
597 /* Protocol specific setup. */
598 if (tbl->constructor && (error = tbl->constructor(n)) < 0) {
599 rc = ERR_PTR(error);
600 goto out_neigh_release;
601 }
602
603 if (dev->netdev_ops->ndo_neigh_construct) {
604 error = dev->netdev_ops->ndo_neigh_construct(dev, n);
605 if (error < 0) {
606 rc = ERR_PTR(error);
607 goto out_neigh_release;
608 }
609 }
610
611 /* Device specific setup. */
612 if (n->parms->neigh_setup &&
613 (error = n->parms->neigh_setup(n)) < 0) {
614 rc = ERR_PTR(error);
615 goto out_neigh_release;
616 }
617
618 n->confirmed = jiffies - (NEIGH_VAR(n->parms, BASE_REACHABLE_TIME) << 1);
619
620 write_lock_bh(&tbl->lock);
621 nht = rcu_dereference_protected(tbl->nht,
622 lockdep_is_held(&tbl->lock));
623
624 if (atomic_read(&tbl->entries) > (1 << nht->hash_shift))
625 nht = neigh_hash_grow(tbl, nht->hash_shift + 1);
626
627 hash_val = tbl->hash(n->primary_key, dev, nht->hash_rnd) >> (32 - nht->hash_shift);
628
629 if (n->parms->dead) {
630 rc = ERR_PTR(-EINVAL);
631 goto out_tbl_unlock;
632 }
633
634 for (n1 = rcu_dereference_protected(nht->hash_buckets[hash_val],
635 lockdep_is_held(&tbl->lock));
636 n1 != NULL;
637 n1 = rcu_dereference_protected(n1->next,
638 lockdep_is_held(&tbl->lock))) {
639 if (dev == n1->dev && !memcmp(n1->primary_key, n->primary_key, key_len)) {
640 if (want_ref)
641 neigh_hold(n1);
642 rc = n1;
643 goto out_tbl_unlock;
644 }
645 }
646
647 n->dead = 0;
648 if (!exempt_from_gc)
649 list_add_tail(&n->gc_list, &n->tbl->gc_list);
650
651 if (want_ref)
652 neigh_hold(n);
653 rcu_assign_pointer(n->next,
654 rcu_dereference_protected(nht->hash_buckets[hash_val],
655 lockdep_is_held(&tbl->lock)));
656 rcu_assign_pointer(nht->hash_buckets[hash_val], n);
657 write_unlock_bh(&tbl->lock);
658 neigh_dbg(2, "neigh %p is created\n", n);
659 rc = n;
660out:
661 return rc;
662out_tbl_unlock:
663 write_unlock_bh(&tbl->lock);
664out_neigh_release:
665 if (!exempt_from_gc)
666 atomic_dec(&tbl->gc_entries);
667 neigh_release(n);
668 goto out;
669}
670
671struct neighbour *__neigh_create(struct neigh_table *tbl, const void *pkey,
672 struct net_device *dev, bool want_ref)
673{
674 return ___neigh_create(tbl, pkey, dev, false, want_ref);
675}
676EXPORT_SYMBOL(__neigh_create);
677
678static u32 pneigh_hash(const void *pkey, unsigned int key_len)
679{
680 u32 hash_val = *(u32 *)(pkey + key_len - 4);
681 hash_val ^= (hash_val >> 16);
682 hash_val ^= hash_val >> 8;
683 hash_val ^= hash_val >> 4;
684 hash_val &= PNEIGH_HASHMASK;
685 return hash_val;
686}
687
688static struct pneigh_entry *__pneigh_lookup_1(struct pneigh_entry *n,
689 struct net *net,
690 const void *pkey,
691 unsigned int key_len,
692 struct net_device *dev)
693{
694 while (n) {
695 if (!memcmp(n->key, pkey, key_len) &&
696 net_eq(pneigh_net(n), net) &&
697 (n->dev == dev || !n->dev))
698 return n;
699 n = n->next;
700 }
701 return NULL;
702}
703
704struct pneigh_entry *__pneigh_lookup(struct neigh_table *tbl,
705 struct net *net, const void *pkey, struct net_device *dev)
706{
707 unsigned int key_len = tbl->key_len;
708 u32 hash_val = pneigh_hash(pkey, key_len);
709
710 return __pneigh_lookup_1(tbl->phash_buckets[hash_val],
711 net, pkey, key_len, dev);
712}
713EXPORT_SYMBOL_GPL(__pneigh_lookup);
714
715struct pneigh_entry * pneigh_lookup(struct neigh_table *tbl,
716 struct net *net, const void *pkey,
717 struct net_device *dev, int creat)
718{
719 struct pneigh_entry *n;
720 unsigned int key_len = tbl->key_len;
721 u32 hash_val = pneigh_hash(pkey, key_len);
722
723 read_lock_bh(&tbl->lock);
724 n = __pneigh_lookup_1(tbl->phash_buckets[hash_val],
725 net, pkey, key_len, dev);
726 read_unlock_bh(&tbl->lock);
727
728 if (n || !creat)
729 goto out;
730
731 ASSERT_RTNL();
732
733 n = kmalloc(sizeof(*n) + key_len, GFP_KERNEL);
734 if (!n)
735 goto out;
736
737 n->protocol = 0;
738 write_pnet(&n->net, net);
739 memcpy(n->key, pkey, key_len);
740 n->dev = dev;
741 if (dev)
742 dev_hold(dev);
743
744 if (tbl->pconstructor && tbl->pconstructor(n)) {
745 if (dev)
746 dev_put(dev);
747 kfree(n);
748 n = NULL;
749 goto out;
750 }
751
752 write_lock_bh(&tbl->lock);
753 n->next = tbl->phash_buckets[hash_val];
754 tbl->phash_buckets[hash_val] = n;
755 write_unlock_bh(&tbl->lock);
756out:
757 return n;
758}
759EXPORT_SYMBOL(pneigh_lookup);
760
761
762int pneigh_delete(struct neigh_table *tbl, struct net *net, const void *pkey,
763 struct net_device *dev)
764{
765 struct pneigh_entry *n, **np;
766 unsigned int key_len = tbl->key_len;
767 u32 hash_val = pneigh_hash(pkey, key_len);
768
769 write_lock_bh(&tbl->lock);
770 for (np = &tbl->phash_buckets[hash_val]; (n = *np) != NULL;
771 np = &n->next) {
772 if (!memcmp(n->key, pkey, key_len) && n->dev == dev &&
773 net_eq(pneigh_net(n), net)) {
774 *np = n->next;
775 write_unlock_bh(&tbl->lock);
776 if (tbl->pdestructor)
777 tbl->pdestructor(n);
778 if (n->dev)
779 dev_put(n->dev);
780 kfree(n);
781 return 0;
782 }
783 }
784 write_unlock_bh(&tbl->lock);
785 return -ENOENT;
786}
787
788static int pneigh_ifdown_and_unlock(struct neigh_table *tbl,
789 struct net_device *dev)
790{
791 struct pneigh_entry *n, **np, *freelist = NULL;
792 u32 h;
793
794 for (h = 0; h <= PNEIGH_HASHMASK; h++) {
795 np = &tbl->phash_buckets[h];
796 while ((n = *np) != NULL) {
797 if (!dev || n->dev == dev) {
798 *np = n->next;
799 n->next = freelist;
800 freelist = n;
801 continue;
802 }
803 np = &n->next;
804 }
805 }
806 write_unlock_bh(&tbl->lock);
807 while ((n = freelist)) {
808 freelist = n->next;
809 n->next = NULL;
810 if (tbl->pdestructor)
811 tbl->pdestructor(n);
812 if (n->dev)
813 dev_put(n->dev);
814 kfree(n);
815 }
816 return -ENOENT;
817}
818
819static void neigh_parms_destroy(struct neigh_parms *parms);
820
821static inline void neigh_parms_put(struct neigh_parms *parms)
822{
823 if (refcount_dec_and_test(&parms->refcnt))
824 neigh_parms_destroy(parms);
825}
826
827/*
828 * neighbour must already be out of the table;
829 *
830 */
831void neigh_destroy(struct neighbour *neigh)
832{
833 struct net_device *dev = neigh->dev;
834
835 NEIGH_CACHE_STAT_INC(neigh->tbl, destroys);
836
837 if (!neigh->dead) {
838 pr_warn("Destroying alive neighbour %p\n", neigh);
839 dump_stack();
840 return;
841 }
842
843 if (neigh_del_timer(neigh))
844 pr_warn("Impossible event\n");
845
846 write_lock_bh(&neigh->lock);
847 __skb_queue_purge(&neigh->arp_queue);
848 write_unlock_bh(&neigh->lock);
849 neigh->arp_queue_len_bytes = 0;
850
851 if (dev->netdev_ops->ndo_neigh_destroy)
852 dev->netdev_ops->ndo_neigh_destroy(dev, neigh);
853
854 dev_put(dev);
855 neigh_parms_put(neigh->parms);
856
857 neigh_dbg(2, "neigh %p is destroyed\n", neigh);
858
859 atomic_dec(&neigh->tbl->entries);
860 kfree_rcu(neigh, rcu);
861}
862EXPORT_SYMBOL(neigh_destroy);
863
864/* Neighbour state is suspicious;
865 disable fast path.
866
867 Called with write_locked neigh.
868 */
869static void neigh_suspect(struct neighbour *neigh)
870{
871 neigh_dbg(2, "neigh %p is suspected\n", neigh);
872
873 neigh->output = neigh->ops->output;
874}
875
876/* Neighbour state is OK;
877 enable fast path.
878
879 Called with write_locked neigh.
880 */
881static void neigh_connect(struct neighbour *neigh)
882{
883 neigh_dbg(2, "neigh %p is connected\n", neigh);
884
885 neigh->output = neigh->ops->connected_output;
886}
887
888static void neigh_periodic_work(struct work_struct *work)
889{
890 struct neigh_table *tbl = container_of(work, struct neigh_table, gc_work.work);
891 struct neighbour *n;
892 struct neighbour __rcu **np;
893 unsigned int i;
894 struct neigh_hash_table *nht;
895
896 NEIGH_CACHE_STAT_INC(tbl, periodic_gc_runs);
897
898 write_lock_bh(&tbl->lock);
899 nht = rcu_dereference_protected(tbl->nht,
900 lockdep_is_held(&tbl->lock));
901
902 /*
903 * periodically recompute ReachableTime from random function
904 */
905
906 if (time_after(jiffies, tbl->last_rand + 300 * HZ)) {
907 struct neigh_parms *p;
908 tbl->last_rand = jiffies;
909 list_for_each_entry(p, &tbl->parms_list, list)
910 p->reachable_time =
911 neigh_rand_reach_time(NEIGH_VAR(p, BASE_REACHABLE_TIME));
912 }
913
914 if (atomic_read(&tbl->entries) < tbl->gc_thresh1)
915 goto out;
916
917 for (i = 0 ; i < (1 << nht->hash_shift); i++) {
918 np = &nht->hash_buckets[i];
919
920 while ((n = rcu_dereference_protected(*np,
921 lockdep_is_held(&tbl->lock))) != NULL) {
922 unsigned int state;
923
924 write_lock(&n->lock);
925
926 state = n->nud_state;
927 if ((state & (NUD_PERMANENT | NUD_IN_TIMER)) ||
928 (n->flags & NTF_EXT_LEARNED)) {
929 write_unlock(&n->lock);
930 goto next_elt;
931 }
932
933 if (time_before(n->used, n->confirmed))
934 n->used = n->confirmed;
935
936 if (refcount_read(&n->refcnt) == 1 &&
937 (state == NUD_FAILED ||
938 time_after(jiffies, n->used + NEIGH_VAR(n->parms, GC_STALETIME)))) {
939 *np = n->next;
940 neigh_mark_dead(n);
941 write_unlock(&n->lock);
942 neigh_cleanup_and_release(n);
943 continue;
944 }
945 write_unlock(&n->lock);
946
947next_elt:
948 np = &n->next;
949 }
950 /*
951 * It's fine to release lock here, even if hash table
952 * grows while we are preempted.
953 */
954 write_unlock_bh(&tbl->lock);
955 cond_resched();
956 write_lock_bh(&tbl->lock);
957 nht = rcu_dereference_protected(tbl->nht,
958 lockdep_is_held(&tbl->lock));
959 }
960out:
961 /* Cycle through all hash buckets every BASE_REACHABLE_TIME/2 ticks.
962 * ARP entry timeouts range from 1/2 BASE_REACHABLE_TIME to 3/2
963 * BASE_REACHABLE_TIME.
964 */
965 queue_delayed_work(system_power_efficient_wq, &tbl->gc_work,
966 NEIGH_VAR(&tbl->parms, BASE_REACHABLE_TIME) >> 1);
967 write_unlock_bh(&tbl->lock);
968}
969
970static __inline__ int neigh_max_probes(struct neighbour *n)
971{
972 struct neigh_parms *p = n->parms;
973 return NEIGH_VAR(p, UCAST_PROBES) + NEIGH_VAR(p, APP_PROBES) +
974 (n->nud_state & NUD_PROBE ? NEIGH_VAR(p, MCAST_REPROBES) :
975 NEIGH_VAR(p, MCAST_PROBES));
976}
977
978static void neigh_invalidate(struct neighbour *neigh)
979 __releases(neigh->lock)
980 __acquires(neigh->lock)
981{
982 struct sk_buff *skb;
983
984 NEIGH_CACHE_STAT_INC(neigh->tbl, res_failed);
985 neigh_dbg(2, "neigh %p is failed\n", neigh);
986 neigh->updated = jiffies;
987
988 /* It is very thin place. report_unreachable is very complicated
989 routine. Particularly, it can hit the same neighbour entry!
990
991 So that, we try to be accurate and avoid dead loop. --ANK
992 */
993 while (neigh->nud_state == NUD_FAILED &&
994 (skb = __skb_dequeue(&neigh->arp_queue)) != NULL) {
995 write_unlock(&neigh->lock);
996 neigh->ops->error_report(neigh, skb);
997 write_lock(&neigh->lock);
998 }
999 __skb_queue_purge(&neigh->arp_queue);
1000 neigh->arp_queue_len_bytes = 0;
1001}
1002
1003static void neigh_probe(struct neighbour *neigh)
1004 __releases(neigh->lock)
1005{
1006 struct sk_buff *skb = skb_peek_tail(&neigh->arp_queue);
1007 /* keep skb alive even if arp_queue overflows */
1008 if (skb)
1009 skb = skb_clone(skb, GFP_ATOMIC);
1010 write_unlock(&neigh->lock);
1011 if (neigh->ops->solicit)
1012 neigh->ops->solicit(neigh, skb);
1013 atomic_inc(&neigh->probes);
1014 consume_skb(skb);
1015}
1016
1017/* Called when a timer expires for a neighbour entry. */
1018
1019static void neigh_timer_handler(struct timer_list *t)
1020{
1021 unsigned long now, next;
1022 struct neighbour *neigh = from_timer(neigh, t, timer);
1023 unsigned int state;
1024 int notify = 0;
1025
1026 write_lock(&neigh->lock);
1027
1028 state = neigh->nud_state;
1029 now = jiffies;
1030 next = now + HZ;
1031
1032 if (!(state & NUD_IN_TIMER))
1033 goto out;
1034
1035 if (state & NUD_REACHABLE) {
1036 if (time_before_eq(now,
1037 neigh->confirmed + neigh->parms->reachable_time)) {
1038 neigh_dbg(2, "neigh %p is still alive\n", neigh);
1039 next = neigh->confirmed + neigh->parms->reachable_time;
1040 } else if (time_before_eq(now,
1041 neigh->used +
1042 NEIGH_VAR(neigh->parms, DELAY_PROBE_TIME))) {
1043 neigh_dbg(2, "neigh %p is delayed\n", neigh);
1044 neigh->nud_state = NUD_DELAY;
1045 neigh->updated = jiffies;
1046 neigh_suspect(neigh);
1047 next = now + NEIGH_VAR(neigh->parms, DELAY_PROBE_TIME);
1048 } else {
1049 neigh_dbg(2, "neigh %p is suspected\n", neigh);
1050 neigh->nud_state = NUD_STALE;
1051 neigh->updated = jiffies;
1052 neigh_suspect(neigh);
1053 notify = 1;
1054 }
1055 } else if (state & NUD_DELAY) {
1056 if (time_before_eq(now,
1057 neigh->confirmed +
1058 NEIGH_VAR(neigh->parms, DELAY_PROBE_TIME))) {
1059 neigh_dbg(2, "neigh %p is now reachable\n", neigh);
1060 neigh->nud_state = NUD_REACHABLE;
1061 neigh->updated = jiffies;
1062 neigh_connect(neigh);
1063 notify = 1;
1064 next = neigh->confirmed + neigh->parms->reachable_time;
1065 } else {
1066 neigh_dbg(2, "neigh %p is probed\n", neigh);
1067 neigh->nud_state = NUD_PROBE;
1068 neigh->updated = jiffies;
1069 atomic_set(&neigh->probes, 0);
1070 notify = 1;
1071 next = now + NEIGH_VAR(neigh->parms, RETRANS_TIME);
1072 }
1073 } else {
1074 /* NUD_PROBE|NUD_INCOMPLETE */
1075 next = now + NEIGH_VAR(neigh->parms, RETRANS_TIME);
1076 }
1077
1078 if ((neigh->nud_state & (NUD_INCOMPLETE | NUD_PROBE)) &&
1079 atomic_read(&neigh->probes) >= neigh_max_probes(neigh)) {
1080 neigh->nud_state = NUD_FAILED;
1081 notify = 1;
1082 neigh_invalidate(neigh);
1083 goto out;
1084 }
1085
1086 if (neigh->nud_state & NUD_IN_TIMER) {
1087 if (time_before(next, jiffies + HZ/2))
1088 next = jiffies + HZ/2;
1089 if (!mod_timer(&neigh->timer, next))
1090 neigh_hold(neigh);
1091 }
1092 if (neigh->nud_state & (NUD_INCOMPLETE | NUD_PROBE)) {
1093 neigh_probe(neigh);
1094 } else {
1095out:
1096 write_unlock(&neigh->lock);
1097 }
1098
1099 if (notify)
1100 neigh_update_notify(neigh, 0);
1101
1102 trace_neigh_timer_handler(neigh, 0);
1103
1104 neigh_release(neigh);
1105}
1106
1107int __neigh_event_send(struct neighbour *neigh, struct sk_buff *skb)
1108{
1109 int rc;
1110 bool immediate_probe = false;
1111
1112 write_lock_bh(&neigh->lock);
1113
1114 rc = 0;
1115 if (neigh->nud_state & (NUD_CONNECTED | NUD_DELAY | NUD_PROBE))
1116 goto out_unlock_bh;
1117 if (neigh->dead)
1118 goto out_dead;
1119
1120 if (!(neigh->nud_state & (NUD_STALE | NUD_INCOMPLETE))) {
1121 if (NEIGH_VAR(neigh->parms, MCAST_PROBES) +
1122 NEIGH_VAR(neigh->parms, APP_PROBES)) {
1123 unsigned long next, now = jiffies;
1124
1125 atomic_set(&neigh->probes,
1126 NEIGH_VAR(neigh->parms, UCAST_PROBES));
1127 neigh_del_timer(neigh);
1128 neigh->nud_state = NUD_INCOMPLETE;
1129 neigh->updated = now;
1130 next = now + max(NEIGH_VAR(neigh->parms, RETRANS_TIME),
1131 HZ/2);
1132 neigh_add_timer(neigh, next);
1133 immediate_probe = true;
1134 } else {
1135 neigh->nud_state = NUD_FAILED;
1136 neigh->updated = jiffies;
1137 write_unlock_bh(&neigh->lock);
1138
1139 kfree_skb(skb);
1140 return 1;
1141 }
1142 } else if (neigh->nud_state & NUD_STALE) {
1143 neigh_dbg(2, "neigh %p is delayed\n", neigh);
1144 neigh_del_timer(neigh);
1145 neigh->nud_state = NUD_DELAY;
1146 neigh->updated = jiffies;
1147 neigh_add_timer(neigh, jiffies +
1148 NEIGH_VAR(neigh->parms, DELAY_PROBE_TIME));
1149 }
1150
1151 if (neigh->nud_state == NUD_INCOMPLETE) {
1152 if (skb) {
1153 while (neigh->arp_queue_len_bytes + skb->truesize >
1154 NEIGH_VAR(neigh->parms, QUEUE_LEN_BYTES)) {
1155 struct sk_buff *buff;
1156
1157 buff = __skb_dequeue(&neigh->arp_queue);
1158 if (!buff)
1159 break;
1160 neigh->arp_queue_len_bytes -= buff->truesize;
1161 kfree_skb(buff);
1162 NEIGH_CACHE_STAT_INC(neigh->tbl, unres_discards);
1163 }
1164 skb_dst_force(skb);
1165 __skb_queue_tail(&neigh->arp_queue, skb);
1166 neigh->arp_queue_len_bytes += skb->truesize;
1167 }
1168 rc = 1;
1169 }
1170out_unlock_bh:
1171 if (immediate_probe)
1172 neigh_probe(neigh);
1173 else
1174 write_unlock(&neigh->lock);
1175 local_bh_enable();
1176 trace_neigh_event_send_done(neigh, rc);
1177 return rc;
1178
1179out_dead:
1180 if (neigh->nud_state & NUD_STALE)
1181 goto out_unlock_bh;
1182 write_unlock_bh(&neigh->lock);
1183 kfree_skb(skb);
1184 trace_neigh_event_send_dead(neigh, 1);
1185 return 1;
1186}
1187EXPORT_SYMBOL(__neigh_event_send);
1188
1189static void neigh_update_hhs(struct neighbour *neigh)
1190{
1191 struct hh_cache *hh;
1192 void (*update)(struct hh_cache*, const struct net_device*, const unsigned char *)
1193 = NULL;
1194
1195 if (neigh->dev->header_ops)
1196 update = neigh->dev->header_ops->cache_update;
1197
1198 if (update) {
1199 hh = &neigh->hh;
1200 if (hh->hh_len) {
1201 write_seqlock_bh(&hh->hh_lock);
1202 update(hh, neigh->dev, neigh->ha);
1203 write_sequnlock_bh(&hh->hh_lock);
1204 }
1205 }
1206}
1207
1208
1209
1210/* Generic update routine.
1211 -- lladdr is new lladdr or NULL, if it is not supplied.
1212 -- new is new state.
1213 -- flags
1214 NEIGH_UPDATE_F_OVERRIDE allows to override existing lladdr,
1215 if it is different.
1216 NEIGH_UPDATE_F_WEAK_OVERRIDE will suspect existing "connected"
1217 lladdr instead of overriding it
1218 if it is different.
1219 NEIGH_UPDATE_F_ADMIN means that the change is administrative.
1220
1221 NEIGH_UPDATE_F_OVERRIDE_ISROUTER allows to override existing
1222 NTF_ROUTER flag.
1223 NEIGH_UPDATE_F_ISROUTER indicates if the neighbour is known as
1224 a router.
1225
1226 Caller MUST hold reference count on the entry.
1227 */
1228
1229static int __neigh_update(struct neighbour *neigh, const u8 *lladdr,
1230 u8 new, u32 flags, u32 nlmsg_pid,
1231 struct netlink_ext_ack *extack)
1232{
1233 bool ext_learn_change = false;
1234 u8 old;
1235 int err;
1236 int notify = 0;
1237 struct net_device *dev;
1238 int update_isrouter = 0;
1239
1240 trace_neigh_update(neigh, lladdr, new, flags, nlmsg_pid);
1241
1242 write_lock_bh(&neigh->lock);
1243
1244 dev = neigh->dev;
1245 old = neigh->nud_state;
1246 err = -EPERM;
1247
1248 if (!(flags & NEIGH_UPDATE_F_ADMIN) &&
1249 (old & (NUD_NOARP | NUD_PERMANENT)))
1250 goto out;
1251 if (neigh->dead) {
1252 NL_SET_ERR_MSG(extack, "Neighbor entry is now dead");
1253 goto out;
1254 }
1255
1256 ext_learn_change = neigh_update_ext_learned(neigh, flags, ¬ify);
1257
1258 if (!(new & NUD_VALID)) {
1259 neigh_del_timer(neigh);
1260 if (old & NUD_CONNECTED)
1261 neigh_suspect(neigh);
1262 neigh->nud_state = new;
1263 err = 0;
1264 notify = old & NUD_VALID;
1265 if ((old & (NUD_INCOMPLETE | NUD_PROBE)) &&
1266 (new & NUD_FAILED)) {
1267 neigh_invalidate(neigh);
1268 notify = 1;
1269 }
1270 goto out;
1271 }
1272
1273 /* Compare new lladdr with cached one */
1274 if (!dev->addr_len) {
1275 /* First case: device needs no address. */
1276 lladdr = neigh->ha;
1277 } else if (lladdr) {
1278 /* The second case: if something is already cached
1279 and a new address is proposed:
1280 - compare new & old
1281 - if they are different, check override flag
1282 */
1283 if ((old & NUD_VALID) &&
1284 !memcmp(lladdr, neigh->ha, dev->addr_len))
1285 lladdr = neigh->ha;
1286 } else {
1287 /* No address is supplied; if we know something,
1288 use it, otherwise discard the request.
1289 */
1290 err = -EINVAL;
1291 if (!(old & NUD_VALID)) {
1292 NL_SET_ERR_MSG(extack, "No link layer address given");
1293 goto out;
1294 }
1295 lladdr = neigh->ha;
1296 }
1297
1298 /* Update confirmed timestamp for neighbour entry after we
1299 * received ARP packet even if it doesn't change IP to MAC binding.
1300 */
1301 if (new & NUD_CONNECTED)
1302 neigh->confirmed = jiffies;
1303
1304 /* If entry was valid and address is not changed,
1305 do not change entry state, if new one is STALE.
1306 */
1307 err = 0;
1308 update_isrouter = flags & NEIGH_UPDATE_F_OVERRIDE_ISROUTER;
1309 if (old & NUD_VALID) {
1310 if (lladdr != neigh->ha && !(flags & NEIGH_UPDATE_F_OVERRIDE)) {
1311 update_isrouter = 0;
1312 if ((flags & NEIGH_UPDATE_F_WEAK_OVERRIDE) &&
1313 (old & NUD_CONNECTED)) {
1314 lladdr = neigh->ha;
1315 new = NUD_STALE;
1316 } else
1317 goto out;
1318 } else {
1319 if (lladdr == neigh->ha && new == NUD_STALE &&
1320 !(flags & NEIGH_UPDATE_F_ADMIN))
1321 new = old;
1322 }
1323 }
1324
1325 /* Update timestamp only once we know we will make a change to the
1326 * neighbour entry. Otherwise we risk to move the locktime window with
1327 * noop updates and ignore relevant ARP updates.
1328 */
1329 if (new != old || lladdr != neigh->ha)
1330 neigh->updated = jiffies;
1331
1332 if (new != old) {
1333 neigh_del_timer(neigh);
1334 if (new & NUD_PROBE)
1335 atomic_set(&neigh->probes, 0);
1336 if (new & NUD_IN_TIMER)
1337 neigh_add_timer(neigh, (jiffies +
1338 ((new & NUD_REACHABLE) ?
1339 neigh->parms->reachable_time :
1340 0)));
1341 neigh->nud_state = new;
1342 notify = 1;
1343 }
1344
1345 if (lladdr != neigh->ha) {
1346 write_seqlock(&neigh->ha_lock);
1347 memcpy(&neigh->ha, lladdr, dev->addr_len);
1348 write_sequnlock(&neigh->ha_lock);
1349 neigh_update_hhs(neigh);
1350 if (!(new & NUD_CONNECTED))
1351 neigh->confirmed = jiffies -
1352 (NEIGH_VAR(neigh->parms, BASE_REACHABLE_TIME) << 1);
1353 notify = 1;
1354 }
1355 if (new == old)
1356 goto out;
1357 if (new & NUD_CONNECTED)
1358 neigh_connect(neigh);
1359 else
1360 neigh_suspect(neigh);
1361 if (!(old & NUD_VALID)) {
1362 struct sk_buff *skb;
1363
1364 /* Again: avoid dead loop if something went wrong */
1365
1366 while (neigh->nud_state & NUD_VALID &&
1367 (skb = __skb_dequeue(&neigh->arp_queue)) != NULL) {
1368 struct dst_entry *dst = skb_dst(skb);
1369 struct neighbour *n2, *n1 = neigh;
1370 write_unlock_bh(&neigh->lock);
1371
1372 rcu_read_lock();
1373
1374 /* Why not just use 'neigh' as-is? The problem is that
1375 * things such as shaper, eql, and sch_teql can end up
1376 * using alternative, different, neigh objects to output
1377 * the packet in the output path. So what we need to do
1378 * here is re-lookup the top-level neigh in the path so
1379 * we can reinject the packet there.
1380 */
1381 n2 = NULL;
1382 if (dst) {
1383 n2 = dst_neigh_lookup_skb(dst, skb);
1384 if (n2)
1385 n1 = n2;
1386 }
1387 n1->output(n1, skb);
1388 if (n2)
1389 neigh_release(n2);
1390 rcu_read_unlock();
1391
1392 write_lock_bh(&neigh->lock);
1393 }
1394 __skb_queue_purge(&neigh->arp_queue);
1395 neigh->arp_queue_len_bytes = 0;
1396 }
1397out:
1398 if (update_isrouter)
1399 neigh_update_is_router(neigh, flags, ¬ify);
1400 write_unlock_bh(&neigh->lock);
1401
1402 if (((new ^ old) & NUD_PERMANENT) || ext_learn_change)
1403 neigh_update_gc_list(neigh);
1404
1405 if (notify)
1406 neigh_update_notify(neigh, nlmsg_pid);
1407
1408 trace_neigh_update_done(neigh, err);
1409
1410 return err;
1411}
1412
1413int neigh_update(struct neighbour *neigh, const u8 *lladdr, u8 new,
1414 u32 flags, u32 nlmsg_pid)
1415{
1416 return __neigh_update(neigh, lladdr, new, flags, nlmsg_pid, NULL);
1417}
1418EXPORT_SYMBOL(neigh_update);
1419
1420/* Update the neigh to listen temporarily for probe responses, even if it is
1421 * in a NUD_FAILED state. The caller has to hold neigh->lock for writing.
1422 */
1423void __neigh_set_probe_once(struct neighbour *neigh)
1424{
1425 if (neigh->dead)
1426 return;
1427 neigh->updated = jiffies;
1428 if (!(neigh->nud_state & NUD_FAILED))
1429 return;
1430 neigh->nud_state = NUD_INCOMPLETE;
1431 atomic_set(&neigh->probes, neigh_max_probes(neigh));
1432 neigh_add_timer(neigh,
1433 jiffies + NEIGH_VAR(neigh->parms, RETRANS_TIME));
1434}
1435EXPORT_SYMBOL(__neigh_set_probe_once);
1436
1437struct neighbour *neigh_event_ns(struct neigh_table *tbl,
1438 u8 *lladdr, void *saddr,
1439 struct net_device *dev)
1440{
1441 struct neighbour *neigh = __neigh_lookup(tbl, saddr, dev,
1442 lladdr || !dev->addr_len);
1443 if (neigh)
1444 neigh_update(neigh, lladdr, NUD_STALE,
1445 NEIGH_UPDATE_F_OVERRIDE, 0);
1446 return neigh;
1447}
1448EXPORT_SYMBOL(neigh_event_ns);
1449
1450/* called with read_lock_bh(&n->lock); */
1451static void neigh_hh_init(struct neighbour *n)
1452{
1453 struct net_device *dev = n->dev;
1454 __be16 prot = n->tbl->protocol;
1455 struct hh_cache *hh = &n->hh;
1456
1457 write_lock_bh(&n->lock);
1458
1459 /* Only one thread can come in here and initialize the
1460 * hh_cache entry.
1461 */
1462 if (!hh->hh_len)
1463 dev->header_ops->cache(n, hh, prot);
1464
1465 write_unlock_bh(&n->lock);
1466}
1467
1468/* Slow and careful. */
1469
1470int neigh_resolve_output(struct neighbour *neigh, struct sk_buff *skb)
1471{
1472 int rc = 0;
1473
1474 if (!neigh_event_send(neigh, skb)) {
1475 int err;
1476 struct net_device *dev = neigh->dev;
1477 unsigned int seq;
1478
1479 if (dev->header_ops->cache && !neigh->hh.hh_len)
1480 neigh_hh_init(neigh);
1481
1482 do {
1483 __skb_pull(skb, skb_network_offset(skb));
1484 seq = read_seqbegin(&neigh->ha_lock);
1485 err = dev_hard_header(skb, dev, ntohs(skb->protocol),
1486 neigh->ha, NULL, skb->len);
1487 } while (read_seqretry(&neigh->ha_lock, seq));
1488
1489 if (err >= 0)
1490 rc = dev_queue_xmit(skb);
1491 else
1492 goto out_kfree_skb;
1493 }
1494out:
1495 return rc;
1496out_kfree_skb:
1497 rc = -EINVAL;
1498 kfree_skb(skb);
1499 goto out;
1500}
1501EXPORT_SYMBOL(neigh_resolve_output);
1502
1503/* As fast as possible without hh cache */
1504
1505int neigh_connected_output(struct neighbour *neigh, struct sk_buff *skb)
1506{
1507 struct net_device *dev = neigh->dev;
1508 unsigned int seq;
1509 int err;
1510
1511 do {
1512 __skb_pull(skb, skb_network_offset(skb));
1513 seq = read_seqbegin(&neigh->ha_lock);
1514 err = dev_hard_header(skb, dev, ntohs(skb->protocol),
1515 neigh->ha, NULL, skb->len);
1516 } while (read_seqretry(&neigh->ha_lock, seq));
1517
1518 if (err >= 0)
1519 err = dev_queue_xmit(skb);
1520 else {
1521 err = -EINVAL;
1522 kfree_skb(skb);
1523 }
1524 return err;
1525}
1526EXPORT_SYMBOL(neigh_connected_output);
1527
1528int neigh_direct_output(struct neighbour *neigh, struct sk_buff *skb)
1529{
1530 return dev_queue_xmit(skb);
1531}
1532EXPORT_SYMBOL(neigh_direct_output);
1533
1534static void neigh_proxy_process(struct timer_list *t)
1535{
1536 struct neigh_table *tbl = from_timer(tbl, t, proxy_timer);
1537 long sched_next = 0;
1538 unsigned long now = jiffies;
1539 struct sk_buff *skb, *n;
1540
1541 spin_lock(&tbl->proxy_queue.lock);
1542
1543 skb_queue_walk_safe(&tbl->proxy_queue, skb, n) {
1544 long tdif = NEIGH_CB(skb)->sched_next - now;
1545
1546 if (tdif <= 0) {
1547 struct net_device *dev = skb->dev;
1548
1549 __skb_unlink(skb, &tbl->proxy_queue);
1550 if (tbl->proxy_redo && netif_running(dev)) {
1551 rcu_read_lock();
1552 tbl->proxy_redo(skb);
1553 rcu_read_unlock();
1554 } else {
1555 kfree_skb(skb);
1556 }
1557
1558 dev_put(dev);
1559 } else if (!sched_next || tdif < sched_next)
1560 sched_next = tdif;
1561 }
1562 del_timer(&tbl->proxy_timer);
1563 if (sched_next)
1564 mod_timer(&tbl->proxy_timer, jiffies + sched_next);
1565 spin_unlock(&tbl->proxy_queue.lock);
1566}
1567
1568void pneigh_enqueue(struct neigh_table *tbl, struct neigh_parms *p,
1569 struct sk_buff *skb)
1570{
1571 unsigned long now = jiffies;
1572
1573 unsigned long sched_next = now + (prandom_u32() %
1574 NEIGH_VAR(p, PROXY_DELAY));
1575
1576 if (tbl->proxy_queue.qlen > NEIGH_VAR(p, PROXY_QLEN)) {
1577 kfree_skb(skb);
1578 return;
1579 }
1580
1581 NEIGH_CB(skb)->sched_next = sched_next;
1582 NEIGH_CB(skb)->flags |= LOCALLY_ENQUEUED;
1583
1584 spin_lock(&tbl->proxy_queue.lock);
1585 if (del_timer(&tbl->proxy_timer)) {
1586 if (time_before(tbl->proxy_timer.expires, sched_next))
1587 sched_next = tbl->proxy_timer.expires;
1588 }
1589 skb_dst_drop(skb);
1590 dev_hold(skb->dev);
1591 __skb_queue_tail(&tbl->proxy_queue, skb);
1592 mod_timer(&tbl->proxy_timer, sched_next);
1593 spin_unlock(&tbl->proxy_queue.lock);
1594}
1595EXPORT_SYMBOL(pneigh_enqueue);
1596
1597static inline struct neigh_parms *lookup_neigh_parms(struct neigh_table *tbl,
1598 struct net *net, int ifindex)
1599{
1600 struct neigh_parms *p;
1601
1602 list_for_each_entry(p, &tbl->parms_list, list) {
1603 if ((p->dev && p->dev->ifindex == ifindex && net_eq(neigh_parms_net(p), net)) ||
1604 (!p->dev && !ifindex && net_eq(net, &init_net)))
1605 return p;
1606 }
1607
1608 return NULL;
1609}
1610
1611struct neigh_parms *neigh_parms_alloc(struct net_device *dev,
1612 struct neigh_table *tbl)
1613{
1614 struct neigh_parms *p;
1615 struct net *net = dev_net(dev);
1616 const struct net_device_ops *ops = dev->netdev_ops;
1617
1618 p = kmemdup(&tbl->parms, sizeof(*p), GFP_KERNEL);
1619 if (p) {
1620 p->tbl = tbl;
1621 refcount_set(&p->refcnt, 1);
1622 p->reachable_time =
1623 neigh_rand_reach_time(NEIGH_VAR(p, BASE_REACHABLE_TIME));
1624 dev_hold(dev);
1625 p->dev = dev;
1626 write_pnet(&p->net, net);
1627 p->sysctl_table = NULL;
1628
1629 if (ops->ndo_neigh_setup && ops->ndo_neigh_setup(dev, p)) {
1630 dev_put(dev);
1631 kfree(p);
1632 return NULL;
1633 }
1634
1635 write_lock_bh(&tbl->lock);
1636 list_add(&p->list, &tbl->parms.list);
1637 write_unlock_bh(&tbl->lock);
1638
1639 neigh_parms_data_state_cleanall(p);
1640 }
1641 return p;
1642}
1643EXPORT_SYMBOL(neigh_parms_alloc);
1644
1645static void neigh_rcu_free_parms(struct rcu_head *head)
1646{
1647 struct neigh_parms *parms =
1648 container_of(head, struct neigh_parms, rcu_head);
1649
1650 neigh_parms_put(parms);
1651}
1652
1653void neigh_parms_release(struct neigh_table *tbl, struct neigh_parms *parms)
1654{
1655 if (!parms || parms == &tbl->parms)
1656 return;
1657 write_lock_bh(&tbl->lock);
1658 list_del(&parms->list);
1659 parms->dead = 1;
1660 write_unlock_bh(&tbl->lock);
1661 if (parms->dev)
1662 dev_put(parms->dev);
1663 call_rcu(&parms->rcu_head, neigh_rcu_free_parms);
1664}
1665EXPORT_SYMBOL(neigh_parms_release);
1666
1667static void neigh_parms_destroy(struct neigh_parms *parms)
1668{
1669 kfree(parms);
1670}
1671
1672static struct lock_class_key neigh_table_proxy_queue_class;
1673
1674static struct neigh_table *neigh_tables[NEIGH_NR_TABLES] __read_mostly;
1675
1676void neigh_table_init(int index, struct neigh_table *tbl)
1677{
1678 unsigned long now = jiffies;
1679 unsigned long phsize;
1680
1681 INIT_LIST_HEAD(&tbl->parms_list);
1682 INIT_LIST_HEAD(&tbl->gc_list);
1683 list_add(&tbl->parms.list, &tbl->parms_list);
1684 write_pnet(&tbl->parms.net, &init_net);
1685 refcount_set(&tbl->parms.refcnt, 1);
1686 tbl->parms.reachable_time =
1687 neigh_rand_reach_time(NEIGH_VAR(&tbl->parms, BASE_REACHABLE_TIME));
1688
1689 tbl->stats = alloc_percpu(struct neigh_statistics);
1690 if (!tbl->stats)
1691 panic("cannot create neighbour cache statistics");
1692
1693#ifdef CONFIG_PROC_FS
1694 if (!proc_create_seq_data(tbl->id, 0, init_net.proc_net_stat,
1695 &neigh_stat_seq_ops, tbl))
1696 panic("cannot create neighbour proc dir entry");
1697#endif
1698
1699 RCU_INIT_POINTER(tbl->nht, neigh_hash_alloc(3));
1700
1701 phsize = (PNEIGH_HASHMASK + 1) * sizeof(struct pneigh_entry *);
1702 tbl->phash_buckets = kzalloc(phsize, GFP_KERNEL);
1703
1704 if (!tbl->nht || !tbl->phash_buckets)
1705 panic("cannot allocate neighbour cache hashes");
1706
1707 if (!tbl->entry_size)
1708 tbl->entry_size = ALIGN(offsetof(struct neighbour, primary_key) +
1709 tbl->key_len, NEIGH_PRIV_ALIGN);
1710 else
1711 WARN_ON(tbl->entry_size % NEIGH_PRIV_ALIGN);
1712
1713 rwlock_init(&tbl->lock);
1714 INIT_DEFERRABLE_WORK(&tbl->gc_work, neigh_periodic_work);
1715 queue_delayed_work(system_power_efficient_wq, &tbl->gc_work,
1716 tbl->parms.reachable_time);
1717 timer_setup(&tbl->proxy_timer, neigh_proxy_process, 0);
1718 skb_queue_head_init_class(&tbl->proxy_queue,
1719 &neigh_table_proxy_queue_class);
1720
1721 tbl->last_flush = now;
1722 tbl->last_rand = now + tbl->parms.reachable_time * 20;
1723
1724 neigh_tables[index] = tbl;
1725}
1726EXPORT_SYMBOL(neigh_table_init);
1727
1728int neigh_table_clear(int index, struct neigh_table *tbl)
1729{
1730 neigh_tables[index] = NULL;
1731 /* It is not clean... Fix it to unload IPv6 module safely */
1732 cancel_delayed_work_sync(&tbl->gc_work);
1733 del_timer_sync(&tbl->proxy_timer);
1734 pneigh_queue_purge(&tbl->proxy_queue);
1735 neigh_ifdown(tbl, NULL);
1736 if (atomic_read(&tbl->entries))
1737 pr_crit("neighbour leakage\n");
1738
1739 call_rcu(&rcu_dereference_protected(tbl->nht, 1)->rcu,
1740 neigh_hash_free_rcu);
1741 tbl->nht = NULL;
1742
1743 kfree(tbl->phash_buckets);
1744 tbl->phash_buckets = NULL;
1745
1746 remove_proc_entry(tbl->id, init_net.proc_net_stat);
1747
1748 free_percpu(tbl->stats);
1749 tbl->stats = NULL;
1750
1751 return 0;
1752}
1753EXPORT_SYMBOL(neigh_table_clear);
1754
1755static struct neigh_table *neigh_find_table(int family)
1756{
1757 struct neigh_table *tbl = NULL;
1758
1759 switch (family) {
1760 case AF_INET:
1761 tbl = neigh_tables[NEIGH_ARP_TABLE];
1762 break;
1763 case AF_INET6:
1764 tbl = neigh_tables[NEIGH_ND_TABLE];
1765 break;
1766 case AF_DECnet:
1767 tbl = neigh_tables[NEIGH_DN_TABLE];
1768 break;
1769 }
1770
1771 return tbl;
1772}
1773
1774const struct nla_policy nda_policy[NDA_MAX+1] = {
1775 [NDA_DST] = { .type = NLA_BINARY, .len = MAX_ADDR_LEN },
1776 [NDA_LLADDR] = { .type = NLA_BINARY, .len = MAX_ADDR_LEN },
1777 [NDA_CACHEINFO] = { .len = sizeof(struct nda_cacheinfo) },
1778 [NDA_PROBES] = { .type = NLA_U32 },
1779 [NDA_VLAN] = { .type = NLA_U16 },
1780 [NDA_PORT] = { .type = NLA_U16 },
1781 [NDA_VNI] = { .type = NLA_U32 },
1782 [NDA_IFINDEX] = { .type = NLA_U32 },
1783 [NDA_MASTER] = { .type = NLA_U32 },
1784 [NDA_PROTOCOL] = { .type = NLA_U8 },
1785};
1786
1787static int neigh_delete(struct sk_buff *skb, struct nlmsghdr *nlh,
1788 struct netlink_ext_ack *extack)
1789{
1790 struct net *net = sock_net(skb->sk);
1791 struct ndmsg *ndm;
1792 struct nlattr *dst_attr;
1793 struct neigh_table *tbl;
1794 struct neighbour *neigh;
1795 struct net_device *dev = NULL;
1796 int err = -EINVAL;
1797
1798 ASSERT_RTNL();
1799 if (nlmsg_len(nlh) < sizeof(*ndm))
1800 goto out;
1801
1802 dst_attr = nlmsg_find_attr(nlh, sizeof(*ndm), NDA_DST);
1803 if (!dst_attr) {
1804 NL_SET_ERR_MSG(extack, "Network address not specified");
1805 goto out;
1806 }
1807
1808 ndm = nlmsg_data(nlh);
1809 if (ndm->ndm_ifindex) {
1810 dev = __dev_get_by_index(net, ndm->ndm_ifindex);
1811 if (dev == NULL) {
1812 err = -ENODEV;
1813 goto out;
1814 }
1815 }
1816
1817 tbl = neigh_find_table(ndm->ndm_family);
1818 if (tbl == NULL)
1819 return -EAFNOSUPPORT;
1820
1821 if (nla_len(dst_attr) < (int)tbl->key_len) {
1822 NL_SET_ERR_MSG(extack, "Invalid network address");
1823 goto out;
1824 }
1825
1826 if (ndm->ndm_flags & NTF_PROXY) {
1827 err = pneigh_delete(tbl, net, nla_data(dst_attr), dev);
1828 goto out;
1829 }
1830
1831 if (dev == NULL)
1832 goto out;
1833
1834 neigh = neigh_lookup(tbl, nla_data(dst_attr), dev);
1835 if (neigh == NULL) {
1836 err = -ENOENT;
1837 goto out;
1838 }
1839
1840 err = __neigh_update(neigh, NULL, NUD_FAILED,
1841 NEIGH_UPDATE_F_OVERRIDE | NEIGH_UPDATE_F_ADMIN,
1842 NETLINK_CB(skb).portid, extack);
1843 write_lock_bh(&tbl->lock);
1844 neigh_release(neigh);
1845 neigh_remove_one(neigh, tbl);
1846 write_unlock_bh(&tbl->lock);
1847
1848out:
1849 return err;
1850}
1851
1852static int neigh_add(struct sk_buff *skb, struct nlmsghdr *nlh,
1853 struct netlink_ext_ack *extack)
1854{
1855 int flags = NEIGH_UPDATE_F_ADMIN | NEIGH_UPDATE_F_OVERRIDE |
1856 NEIGH_UPDATE_F_OVERRIDE_ISROUTER;
1857 struct net *net = sock_net(skb->sk);
1858 struct ndmsg *ndm;
1859 struct nlattr *tb[NDA_MAX+1];
1860 struct neigh_table *tbl;
1861 struct net_device *dev = NULL;
1862 struct neighbour *neigh;
1863 void *dst, *lladdr;
1864 u8 protocol = 0;
1865 int err;
1866
1867 ASSERT_RTNL();
1868 err = nlmsg_parse_deprecated(nlh, sizeof(*ndm), tb, NDA_MAX,
1869 nda_policy, extack);
1870 if (err < 0)
1871 goto out;
1872
1873 err = -EINVAL;
1874 if (!tb[NDA_DST]) {
1875 NL_SET_ERR_MSG(extack, "Network address not specified");
1876 goto out;
1877 }
1878
1879 ndm = nlmsg_data(nlh);
1880 if (ndm->ndm_ifindex) {
1881 dev = __dev_get_by_index(net, ndm->ndm_ifindex);
1882 if (dev == NULL) {
1883 err = -ENODEV;
1884 goto out;
1885 }
1886
1887 if (tb[NDA_LLADDR] && nla_len(tb[NDA_LLADDR]) < dev->addr_len) {
1888 NL_SET_ERR_MSG(extack, "Invalid link address");
1889 goto out;
1890 }
1891 }
1892
1893 tbl = neigh_find_table(ndm->ndm_family);
1894 if (tbl == NULL)
1895 return -EAFNOSUPPORT;
1896
1897 if (nla_len(tb[NDA_DST]) < (int)tbl->key_len) {
1898 NL_SET_ERR_MSG(extack, "Invalid network address");
1899 goto out;
1900 }
1901
1902 dst = nla_data(tb[NDA_DST]);
1903 lladdr = tb[NDA_LLADDR] ? nla_data(tb[NDA_LLADDR]) : NULL;
1904
1905 if (tb[NDA_PROTOCOL])
1906 protocol = nla_get_u8(tb[NDA_PROTOCOL]);
1907
1908 if (ndm->ndm_flags & NTF_PROXY) {
1909 struct pneigh_entry *pn;
1910
1911 err = -ENOBUFS;
1912 pn = pneigh_lookup(tbl, net, dst, dev, 1);
1913 if (pn) {
1914 pn->flags = ndm->ndm_flags;
1915 if (protocol)
1916 pn->protocol = protocol;
1917 err = 0;
1918 }
1919 goto out;
1920 }
1921
1922 if (!dev) {
1923 NL_SET_ERR_MSG(extack, "Device not specified");
1924 goto out;
1925 }
1926
1927 if (tbl->allow_add && !tbl->allow_add(dev, extack)) {
1928 err = -EINVAL;
1929 goto out;
1930 }
1931
1932 neigh = neigh_lookup(tbl, dst, dev);
1933 if (neigh == NULL) {
1934 bool exempt_from_gc;
1935
1936 if (!(nlh->nlmsg_flags & NLM_F_CREATE)) {
1937 err = -ENOENT;
1938 goto out;
1939 }
1940
1941 exempt_from_gc = ndm->ndm_state & NUD_PERMANENT ||
1942 ndm->ndm_flags & NTF_EXT_LEARNED;
1943 neigh = ___neigh_create(tbl, dst, dev, exempt_from_gc, true);
1944 if (IS_ERR(neigh)) {
1945 err = PTR_ERR(neigh);
1946 goto out;
1947 }
1948 } else {
1949 if (nlh->nlmsg_flags & NLM_F_EXCL) {
1950 err = -EEXIST;
1951 neigh_release(neigh);
1952 goto out;
1953 }
1954
1955 if (!(nlh->nlmsg_flags & NLM_F_REPLACE))
1956 flags &= ~(NEIGH_UPDATE_F_OVERRIDE |
1957 NEIGH_UPDATE_F_OVERRIDE_ISROUTER);
1958 }
1959
1960 if (ndm->ndm_flags & NTF_EXT_LEARNED)
1961 flags |= NEIGH_UPDATE_F_EXT_LEARNED;
1962
1963 if (ndm->ndm_flags & NTF_ROUTER)
1964 flags |= NEIGH_UPDATE_F_ISROUTER;
1965
1966 if (ndm->ndm_flags & NTF_USE) {
1967 neigh_event_send(neigh, NULL);
1968 err = 0;
1969 } else
1970 err = __neigh_update(neigh, lladdr, ndm->ndm_state, flags,
1971 NETLINK_CB(skb).portid, extack);
1972
1973 if (protocol)
1974 neigh->protocol = protocol;
1975
1976 neigh_release(neigh);
1977
1978out:
1979 return err;
1980}
1981
1982static int neightbl_fill_parms(struct sk_buff *skb, struct neigh_parms *parms)
1983{
1984 struct nlattr *nest;
1985
1986 nest = nla_nest_start_noflag(skb, NDTA_PARMS);
1987 if (nest == NULL)
1988 return -ENOBUFS;
1989
1990 if ((parms->dev &&
1991 nla_put_u32(skb, NDTPA_IFINDEX, parms->dev->ifindex)) ||
1992 nla_put_u32(skb, NDTPA_REFCNT, refcount_read(&parms->refcnt)) ||
1993 nla_put_u32(skb, NDTPA_QUEUE_LENBYTES,
1994 NEIGH_VAR(parms, QUEUE_LEN_BYTES)) ||
1995 /* approximative value for deprecated QUEUE_LEN (in packets) */
1996 nla_put_u32(skb, NDTPA_QUEUE_LEN,
1997 NEIGH_VAR(parms, QUEUE_LEN_BYTES) / SKB_TRUESIZE(ETH_FRAME_LEN)) ||
1998 nla_put_u32(skb, NDTPA_PROXY_QLEN, NEIGH_VAR(parms, PROXY_QLEN)) ||
1999 nla_put_u32(skb, NDTPA_APP_PROBES, NEIGH_VAR(parms, APP_PROBES)) ||
2000 nla_put_u32(skb, NDTPA_UCAST_PROBES,
2001 NEIGH_VAR(parms, UCAST_PROBES)) ||
2002 nla_put_u32(skb, NDTPA_MCAST_PROBES,
2003 NEIGH_VAR(parms, MCAST_PROBES)) ||
2004 nla_put_u32(skb, NDTPA_MCAST_REPROBES,
2005 NEIGH_VAR(parms, MCAST_REPROBES)) ||
2006 nla_put_msecs(skb, NDTPA_REACHABLE_TIME, parms->reachable_time,
2007 NDTPA_PAD) ||
2008 nla_put_msecs(skb, NDTPA_BASE_REACHABLE_TIME,
2009 NEIGH_VAR(parms, BASE_REACHABLE_TIME), NDTPA_PAD) ||
2010 nla_put_msecs(skb, NDTPA_GC_STALETIME,
2011 NEIGH_VAR(parms, GC_STALETIME), NDTPA_PAD) ||
2012 nla_put_msecs(skb, NDTPA_DELAY_PROBE_TIME,
2013 NEIGH_VAR(parms, DELAY_PROBE_TIME), NDTPA_PAD) ||
2014 nla_put_msecs(skb, NDTPA_RETRANS_TIME,
2015 NEIGH_VAR(parms, RETRANS_TIME), NDTPA_PAD) ||
2016 nla_put_msecs(skb, NDTPA_ANYCAST_DELAY,
2017 NEIGH_VAR(parms, ANYCAST_DELAY), NDTPA_PAD) ||
2018 nla_put_msecs(skb, NDTPA_PROXY_DELAY,
2019 NEIGH_VAR(parms, PROXY_DELAY), NDTPA_PAD) ||
2020 nla_put_msecs(skb, NDTPA_LOCKTIME,
2021 NEIGH_VAR(parms, LOCKTIME), NDTPA_PAD))
2022 goto nla_put_failure;
2023 return nla_nest_end(skb, nest);
2024
2025nla_put_failure:
2026 nla_nest_cancel(skb, nest);
2027 return -EMSGSIZE;
2028}
2029
2030static int neightbl_fill_info(struct sk_buff *skb, struct neigh_table *tbl,
2031 u32 pid, u32 seq, int type, int flags)
2032{
2033 struct nlmsghdr *nlh;
2034 struct ndtmsg *ndtmsg;
2035
2036 nlh = nlmsg_put(skb, pid, seq, type, sizeof(*ndtmsg), flags);
2037 if (nlh == NULL)
2038 return -EMSGSIZE;
2039
2040 ndtmsg = nlmsg_data(nlh);
2041
2042 read_lock_bh(&tbl->lock);
2043 ndtmsg->ndtm_family = tbl->family;
2044 ndtmsg->ndtm_pad1 = 0;
2045 ndtmsg->ndtm_pad2 = 0;
2046
2047 if (nla_put_string(skb, NDTA_NAME, tbl->id) ||
2048 nla_put_msecs(skb, NDTA_GC_INTERVAL, tbl->gc_interval, NDTA_PAD) ||
2049 nla_put_u32(skb, NDTA_THRESH1, tbl->gc_thresh1) ||
2050 nla_put_u32(skb, NDTA_THRESH2, tbl->gc_thresh2) ||
2051 nla_put_u32(skb, NDTA_THRESH3, tbl->gc_thresh3))
2052 goto nla_put_failure;
2053 {
2054 unsigned long now = jiffies;
2055 unsigned int flush_delta = now - tbl->last_flush;
2056 unsigned int rand_delta = now - tbl->last_rand;
2057 struct neigh_hash_table *nht;
2058 struct ndt_config ndc = {
2059 .ndtc_key_len = tbl->key_len,
2060 .ndtc_entry_size = tbl->entry_size,
2061 .ndtc_entries = atomic_read(&tbl->entries),
2062 .ndtc_last_flush = jiffies_to_msecs(flush_delta),
2063 .ndtc_last_rand = jiffies_to_msecs(rand_delta),
2064 .ndtc_proxy_qlen = tbl->proxy_queue.qlen,
2065 };
2066
2067 rcu_read_lock_bh();
2068 nht = rcu_dereference_bh(tbl->nht);
2069 ndc.ndtc_hash_rnd = nht->hash_rnd[0];
2070 ndc.ndtc_hash_mask = ((1 << nht->hash_shift) - 1);
2071 rcu_read_unlock_bh();
2072
2073 if (nla_put(skb, NDTA_CONFIG, sizeof(ndc), &ndc))
2074 goto nla_put_failure;
2075 }
2076
2077 {
2078 int cpu;
2079 struct ndt_stats ndst;
2080
2081 memset(&ndst, 0, sizeof(ndst));
2082
2083 for_each_possible_cpu(cpu) {
2084 struct neigh_statistics *st;
2085
2086 st = per_cpu_ptr(tbl->stats, cpu);
2087 ndst.ndts_allocs += st->allocs;
2088 ndst.ndts_destroys += st->destroys;
2089 ndst.ndts_hash_grows += st->hash_grows;
2090 ndst.ndts_res_failed += st->res_failed;
2091 ndst.ndts_lookups += st->lookups;
2092 ndst.ndts_hits += st->hits;
2093 ndst.ndts_rcv_probes_mcast += st->rcv_probes_mcast;
2094 ndst.ndts_rcv_probes_ucast += st->rcv_probes_ucast;
2095 ndst.ndts_periodic_gc_runs += st->periodic_gc_runs;
2096 ndst.ndts_forced_gc_runs += st->forced_gc_runs;
2097 ndst.ndts_table_fulls += st->table_fulls;
2098 }
2099
2100 if (nla_put_64bit(skb, NDTA_STATS, sizeof(ndst), &ndst,
2101 NDTA_PAD))
2102 goto nla_put_failure;
2103 }
2104
2105 BUG_ON(tbl->parms.dev);
2106 if (neightbl_fill_parms(skb, &tbl->parms) < 0)
2107 goto nla_put_failure;
2108
2109 read_unlock_bh(&tbl->lock);
2110 nlmsg_end(skb, nlh);
2111 return 0;
2112
2113nla_put_failure:
2114 read_unlock_bh(&tbl->lock);
2115 nlmsg_cancel(skb, nlh);
2116 return -EMSGSIZE;
2117}
2118
2119static int neightbl_fill_param_info(struct sk_buff *skb,
2120 struct neigh_table *tbl,
2121 struct neigh_parms *parms,
2122 u32 pid, u32 seq, int type,
2123 unsigned int flags)
2124{
2125 struct ndtmsg *ndtmsg;
2126 struct nlmsghdr *nlh;
2127
2128 nlh = nlmsg_put(skb, pid, seq, type, sizeof(*ndtmsg), flags);
2129 if (nlh == NULL)
2130 return -EMSGSIZE;
2131
2132 ndtmsg = nlmsg_data(nlh);
2133
2134 read_lock_bh(&tbl->lock);
2135 ndtmsg->ndtm_family = tbl->family;
2136 ndtmsg->ndtm_pad1 = 0;
2137 ndtmsg->ndtm_pad2 = 0;
2138
2139 if (nla_put_string(skb, NDTA_NAME, tbl->id) < 0 ||
2140 neightbl_fill_parms(skb, parms) < 0)
2141 goto errout;
2142
2143 read_unlock_bh(&tbl->lock);
2144 nlmsg_end(skb, nlh);
2145 return 0;
2146errout:
2147 read_unlock_bh(&tbl->lock);
2148 nlmsg_cancel(skb, nlh);
2149 return -EMSGSIZE;
2150}
2151
2152static const struct nla_policy nl_neightbl_policy[NDTA_MAX+1] = {
2153 [NDTA_NAME] = { .type = NLA_STRING },
2154 [NDTA_THRESH1] = { .type = NLA_U32 },
2155 [NDTA_THRESH2] = { .type = NLA_U32 },
2156 [NDTA_THRESH3] = { .type = NLA_U32 },
2157 [NDTA_GC_INTERVAL] = { .type = NLA_U64 },
2158 [NDTA_PARMS] = { .type = NLA_NESTED },
2159};
2160
2161static const struct nla_policy nl_ntbl_parm_policy[NDTPA_MAX+1] = {
2162 [NDTPA_IFINDEX] = { .type = NLA_U32 },
2163 [NDTPA_QUEUE_LEN] = { .type = NLA_U32 },
2164 [NDTPA_PROXY_QLEN] = { .type = NLA_U32 },
2165 [NDTPA_APP_PROBES] = { .type = NLA_U32 },
2166 [NDTPA_UCAST_PROBES] = { .type = NLA_U32 },
2167 [NDTPA_MCAST_PROBES] = { .type = NLA_U32 },
2168 [NDTPA_MCAST_REPROBES] = { .type = NLA_U32 },
2169 [NDTPA_BASE_REACHABLE_TIME] = { .type = NLA_U64 },
2170 [NDTPA_GC_STALETIME] = { .type = NLA_U64 },
2171 [NDTPA_DELAY_PROBE_TIME] = { .type = NLA_U64 },
2172 [NDTPA_RETRANS_TIME] = { .type = NLA_U64 },
2173 [NDTPA_ANYCAST_DELAY] = { .type = NLA_U64 },
2174 [NDTPA_PROXY_DELAY] = { .type = NLA_U64 },
2175 [NDTPA_LOCKTIME] = { .type = NLA_U64 },
2176};
2177
2178static int neightbl_set(struct sk_buff *skb, struct nlmsghdr *nlh,
2179 struct netlink_ext_ack *extack)
2180{
2181 struct net *net = sock_net(skb->sk);
2182 struct neigh_table *tbl;
2183 struct ndtmsg *ndtmsg;
2184 struct nlattr *tb[NDTA_MAX+1];
2185 bool found = false;
2186 int err, tidx;
2187
2188 err = nlmsg_parse_deprecated(nlh, sizeof(*ndtmsg), tb, NDTA_MAX,
2189 nl_neightbl_policy, extack);
2190 if (err < 0)
2191 goto errout;
2192
2193 if (tb[NDTA_NAME] == NULL) {
2194 err = -EINVAL;
2195 goto errout;
2196 }
2197
2198 ndtmsg = nlmsg_data(nlh);
2199
2200 for (tidx = 0; tidx < NEIGH_NR_TABLES; tidx++) {
2201 tbl = neigh_tables[tidx];
2202 if (!tbl)
2203 continue;
2204 if (ndtmsg->ndtm_family && tbl->family != ndtmsg->ndtm_family)
2205 continue;
2206 if (nla_strcmp(tb[NDTA_NAME], tbl->id) == 0) {
2207 found = true;
2208 break;
2209 }
2210 }
2211
2212 if (!found)
2213 return -ENOENT;
2214
2215 /*
2216 * We acquire tbl->lock to be nice to the periodic timers and
2217 * make sure they always see a consistent set of values.
2218 */
2219 write_lock_bh(&tbl->lock);
2220
2221 if (tb[NDTA_PARMS]) {
2222 struct nlattr *tbp[NDTPA_MAX+1];
2223 struct neigh_parms *p;
2224 int i, ifindex = 0;
2225
2226 err = nla_parse_nested_deprecated(tbp, NDTPA_MAX,
2227 tb[NDTA_PARMS],
2228 nl_ntbl_parm_policy, extack);
2229 if (err < 0)
2230 goto errout_tbl_lock;
2231
2232 if (tbp[NDTPA_IFINDEX])
2233 ifindex = nla_get_u32(tbp[NDTPA_IFINDEX]);
2234
2235 p = lookup_neigh_parms(tbl, net, ifindex);
2236 if (p == NULL) {
2237 err = -ENOENT;
2238 goto errout_tbl_lock;
2239 }
2240
2241 for (i = 1; i <= NDTPA_MAX; i++) {
2242 if (tbp[i] == NULL)
2243 continue;
2244
2245 switch (i) {
2246 case NDTPA_QUEUE_LEN:
2247 NEIGH_VAR_SET(p, QUEUE_LEN_BYTES,
2248 nla_get_u32(tbp[i]) *
2249 SKB_TRUESIZE(ETH_FRAME_LEN));
2250 break;
2251 case NDTPA_QUEUE_LENBYTES:
2252 NEIGH_VAR_SET(p, QUEUE_LEN_BYTES,
2253 nla_get_u32(tbp[i]));
2254 break;
2255 case NDTPA_PROXY_QLEN:
2256 NEIGH_VAR_SET(p, PROXY_QLEN,
2257 nla_get_u32(tbp[i]));
2258 break;
2259 case NDTPA_APP_PROBES:
2260 NEIGH_VAR_SET(p, APP_PROBES,
2261 nla_get_u32(tbp[i]));
2262 break;
2263 case NDTPA_UCAST_PROBES:
2264 NEIGH_VAR_SET(p, UCAST_PROBES,
2265 nla_get_u32(tbp[i]));
2266 break;
2267 case NDTPA_MCAST_PROBES:
2268 NEIGH_VAR_SET(p, MCAST_PROBES,
2269 nla_get_u32(tbp[i]));
2270 break;
2271 case NDTPA_MCAST_REPROBES:
2272 NEIGH_VAR_SET(p, MCAST_REPROBES,
2273 nla_get_u32(tbp[i]));
2274 break;
2275 case NDTPA_BASE_REACHABLE_TIME:
2276 NEIGH_VAR_SET(p, BASE_REACHABLE_TIME,
2277 nla_get_msecs(tbp[i]));
2278 /* update reachable_time as well, otherwise, the change will
2279 * only be effective after the next time neigh_periodic_work
2280 * decides to recompute it (can be multiple minutes)
2281 */
2282 p->reachable_time =
2283 neigh_rand_reach_time(NEIGH_VAR(p, BASE_REACHABLE_TIME));
2284 break;
2285 case NDTPA_GC_STALETIME:
2286 NEIGH_VAR_SET(p, GC_STALETIME,
2287 nla_get_msecs(tbp[i]));
2288 break;
2289 case NDTPA_DELAY_PROBE_TIME:
2290 NEIGH_VAR_SET(p, DELAY_PROBE_TIME,
2291 nla_get_msecs(tbp[i]));
2292 call_netevent_notifiers(NETEVENT_DELAY_PROBE_TIME_UPDATE, p);
2293 break;
2294 case NDTPA_RETRANS_TIME:
2295 NEIGH_VAR_SET(p, RETRANS_TIME,
2296 nla_get_msecs(tbp[i]));
2297 break;
2298 case NDTPA_ANYCAST_DELAY:
2299 NEIGH_VAR_SET(p, ANYCAST_DELAY,
2300 nla_get_msecs(tbp[i]));
2301 break;
2302 case NDTPA_PROXY_DELAY:
2303 NEIGH_VAR_SET(p, PROXY_DELAY,
2304 nla_get_msecs(tbp[i]));
2305 break;
2306 case NDTPA_LOCKTIME:
2307 NEIGH_VAR_SET(p, LOCKTIME,
2308 nla_get_msecs(tbp[i]));
2309 break;
2310 }
2311 }
2312 }
2313
2314 err = -ENOENT;
2315 if ((tb[NDTA_THRESH1] || tb[NDTA_THRESH2] ||
2316 tb[NDTA_THRESH3] || tb[NDTA_GC_INTERVAL]) &&
2317 !net_eq(net, &init_net))
2318 goto errout_tbl_lock;
2319
2320 if (tb[NDTA_THRESH1])
2321 tbl->gc_thresh1 = nla_get_u32(tb[NDTA_THRESH1]);
2322
2323 if (tb[NDTA_THRESH2])
2324 tbl->gc_thresh2 = nla_get_u32(tb[NDTA_THRESH2]);
2325
2326 if (tb[NDTA_THRESH3])
2327 tbl->gc_thresh3 = nla_get_u32(tb[NDTA_THRESH3]);
2328
2329 if (tb[NDTA_GC_INTERVAL])
2330 tbl->gc_interval = nla_get_msecs(tb[NDTA_GC_INTERVAL]);
2331
2332 err = 0;
2333
2334errout_tbl_lock:
2335 write_unlock_bh(&tbl->lock);
2336errout:
2337 return err;
2338}
2339
2340static int neightbl_valid_dump_info(const struct nlmsghdr *nlh,
2341 struct netlink_ext_ack *extack)
2342{
2343 struct ndtmsg *ndtm;
2344
2345 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*ndtm))) {
2346 NL_SET_ERR_MSG(extack, "Invalid header for neighbor table dump request");
2347 return -EINVAL;
2348 }
2349
2350 ndtm = nlmsg_data(nlh);
2351 if (ndtm->ndtm_pad1 || ndtm->ndtm_pad2) {
2352 NL_SET_ERR_MSG(extack, "Invalid values in header for neighbor table dump request");
2353 return -EINVAL;
2354 }
2355
2356 if (nlmsg_attrlen(nlh, sizeof(*ndtm))) {
2357 NL_SET_ERR_MSG(extack, "Invalid data after header in neighbor table dump request");
2358 return -EINVAL;
2359 }
2360
2361 return 0;
2362}
2363
2364static int neightbl_dump_info(struct sk_buff *skb, struct netlink_callback *cb)
2365{
2366 const struct nlmsghdr *nlh = cb->nlh;
2367 struct net *net = sock_net(skb->sk);
2368 int family, tidx, nidx = 0;
2369 int tbl_skip = cb->args[0];
2370 int neigh_skip = cb->args[1];
2371 struct neigh_table *tbl;
2372
2373 if (cb->strict_check) {
2374 int err = neightbl_valid_dump_info(nlh, cb->extack);
2375
2376 if (err < 0)
2377 return err;
2378 }
2379
2380 family = ((struct rtgenmsg *)nlmsg_data(nlh))->rtgen_family;
2381
2382 for (tidx = 0; tidx < NEIGH_NR_TABLES; tidx++) {
2383 struct neigh_parms *p;
2384
2385 tbl = neigh_tables[tidx];
2386 if (!tbl)
2387 continue;
2388
2389 if (tidx < tbl_skip || (family && tbl->family != family))
2390 continue;
2391
2392 if (neightbl_fill_info(skb, tbl, NETLINK_CB(cb->skb).portid,
2393 nlh->nlmsg_seq, RTM_NEWNEIGHTBL,
2394 NLM_F_MULTI) < 0)
2395 break;
2396
2397 nidx = 0;
2398 p = list_next_entry(&tbl->parms, list);
2399 list_for_each_entry_from(p, &tbl->parms_list, list) {
2400 if (!net_eq(neigh_parms_net(p), net))
2401 continue;
2402
2403 if (nidx < neigh_skip)
2404 goto next;
2405
2406 if (neightbl_fill_param_info(skb, tbl, p,
2407 NETLINK_CB(cb->skb).portid,
2408 nlh->nlmsg_seq,
2409 RTM_NEWNEIGHTBL,
2410 NLM_F_MULTI) < 0)
2411 goto out;
2412 next:
2413 nidx++;
2414 }
2415
2416 neigh_skip = 0;
2417 }
2418out:
2419 cb->args[0] = tidx;
2420 cb->args[1] = nidx;
2421
2422 return skb->len;
2423}
2424
2425static int neigh_fill_info(struct sk_buff *skb, struct neighbour *neigh,
2426 u32 pid, u32 seq, int type, unsigned int flags)
2427{
2428 unsigned long now = jiffies;
2429 struct nda_cacheinfo ci;
2430 struct nlmsghdr *nlh;
2431 struct ndmsg *ndm;
2432
2433 nlh = nlmsg_put(skb, pid, seq, type, sizeof(*ndm), flags);
2434 if (nlh == NULL)
2435 return -EMSGSIZE;
2436
2437 ndm = nlmsg_data(nlh);
2438 ndm->ndm_family = neigh->ops->family;
2439 ndm->ndm_pad1 = 0;
2440 ndm->ndm_pad2 = 0;
2441 ndm->ndm_flags = neigh->flags;
2442 ndm->ndm_type = neigh->type;
2443 ndm->ndm_ifindex = neigh->dev->ifindex;
2444
2445 if (nla_put(skb, NDA_DST, neigh->tbl->key_len, neigh->primary_key))
2446 goto nla_put_failure;
2447
2448 read_lock_bh(&neigh->lock);
2449 ndm->ndm_state = neigh->nud_state;
2450 if (neigh->nud_state & NUD_VALID) {
2451 char haddr[MAX_ADDR_LEN];
2452
2453 neigh_ha_snapshot(haddr, neigh, neigh->dev);
2454 if (nla_put(skb, NDA_LLADDR, neigh->dev->addr_len, haddr) < 0) {
2455 read_unlock_bh(&neigh->lock);
2456 goto nla_put_failure;
2457 }
2458 }
2459
2460 ci.ndm_used = jiffies_to_clock_t(now - neigh->used);
2461 ci.ndm_confirmed = jiffies_to_clock_t(now - neigh->confirmed);
2462 ci.ndm_updated = jiffies_to_clock_t(now - neigh->updated);
2463 ci.ndm_refcnt = refcount_read(&neigh->refcnt) - 1;
2464 read_unlock_bh(&neigh->lock);
2465
2466 if (nla_put_u32(skb, NDA_PROBES, atomic_read(&neigh->probes)) ||
2467 nla_put(skb, NDA_CACHEINFO, sizeof(ci), &ci))
2468 goto nla_put_failure;
2469
2470 if (neigh->protocol && nla_put_u8(skb, NDA_PROTOCOL, neigh->protocol))
2471 goto nla_put_failure;
2472
2473 nlmsg_end(skb, nlh);
2474 return 0;
2475
2476nla_put_failure:
2477 nlmsg_cancel(skb, nlh);
2478 return -EMSGSIZE;
2479}
2480
2481static int pneigh_fill_info(struct sk_buff *skb, struct pneigh_entry *pn,
2482 u32 pid, u32 seq, int type, unsigned int flags,
2483 struct neigh_table *tbl)
2484{
2485 struct nlmsghdr *nlh;
2486 struct ndmsg *ndm;
2487
2488 nlh = nlmsg_put(skb, pid, seq, type, sizeof(*ndm), flags);
2489 if (nlh == NULL)
2490 return -EMSGSIZE;
2491
2492 ndm = nlmsg_data(nlh);
2493 ndm->ndm_family = tbl->family;
2494 ndm->ndm_pad1 = 0;
2495 ndm->ndm_pad2 = 0;
2496 ndm->ndm_flags = pn->flags | NTF_PROXY;
2497 ndm->ndm_type = RTN_UNICAST;
2498 ndm->ndm_ifindex = pn->dev ? pn->dev->ifindex : 0;
2499 ndm->ndm_state = NUD_NONE;
2500
2501 if (nla_put(skb, NDA_DST, tbl->key_len, pn->key))
2502 goto nla_put_failure;
2503
2504 if (pn->protocol && nla_put_u8(skb, NDA_PROTOCOL, pn->protocol))
2505 goto nla_put_failure;
2506
2507 nlmsg_end(skb, nlh);
2508 return 0;
2509
2510nla_put_failure:
2511 nlmsg_cancel(skb, nlh);
2512 return -EMSGSIZE;
2513}
2514
2515static void neigh_update_notify(struct neighbour *neigh, u32 nlmsg_pid)
2516{
2517 call_netevent_notifiers(NETEVENT_NEIGH_UPDATE, neigh);
2518 __neigh_notify(neigh, RTM_NEWNEIGH, 0, nlmsg_pid);
2519}
2520
2521static bool neigh_master_filtered(struct net_device *dev, int master_idx)
2522{
2523 struct net_device *master;
2524
2525 if (!master_idx)
2526 return false;
2527
2528 master = dev ? netdev_master_upper_dev_get(dev) : NULL;
2529 if (!master || master->ifindex != master_idx)
2530 return true;
2531
2532 return false;
2533}
2534
2535static bool neigh_ifindex_filtered(struct net_device *dev, int filter_idx)
2536{
2537 if (filter_idx && (!dev || dev->ifindex != filter_idx))
2538 return true;
2539
2540 return false;
2541}
2542
2543struct neigh_dump_filter {
2544 int master_idx;
2545 int dev_idx;
2546};
2547
2548static int neigh_dump_table(struct neigh_table *tbl, struct sk_buff *skb,
2549 struct netlink_callback *cb,
2550 struct neigh_dump_filter *filter)
2551{
2552 struct net *net = sock_net(skb->sk);
2553 struct neighbour *n;
2554 int rc, h, s_h = cb->args[1];
2555 int idx, s_idx = idx = cb->args[2];
2556 struct neigh_hash_table *nht;
2557 unsigned int flags = NLM_F_MULTI;
2558
2559 if (filter->dev_idx || filter->master_idx)
2560 flags |= NLM_F_DUMP_FILTERED;
2561
2562 rcu_read_lock_bh();
2563 nht = rcu_dereference_bh(tbl->nht);
2564
2565 for (h = s_h; h < (1 << nht->hash_shift); h++) {
2566 if (h > s_h)
2567 s_idx = 0;
2568 for (n = rcu_dereference_bh(nht->hash_buckets[h]), idx = 0;
2569 n != NULL;
2570 n = rcu_dereference_bh(n->next)) {
2571 if (idx < s_idx || !net_eq(dev_net(n->dev), net))
2572 goto next;
2573 if (neigh_ifindex_filtered(n->dev, filter->dev_idx) ||
2574 neigh_master_filtered(n->dev, filter->master_idx))
2575 goto next;
2576 if (neigh_fill_info(skb, n, NETLINK_CB(cb->skb).portid,
2577 cb->nlh->nlmsg_seq,
2578 RTM_NEWNEIGH,
2579 flags) < 0) {
2580 rc = -1;
2581 goto out;
2582 }
2583next:
2584 idx++;
2585 }
2586 }
2587 rc = skb->len;
2588out:
2589 rcu_read_unlock_bh();
2590 cb->args[1] = h;
2591 cb->args[2] = idx;
2592 return rc;
2593}
2594
2595static int pneigh_dump_table(struct neigh_table *tbl, struct sk_buff *skb,
2596 struct netlink_callback *cb,
2597 struct neigh_dump_filter *filter)
2598{
2599 struct pneigh_entry *n;
2600 struct net *net = sock_net(skb->sk);
2601 int rc, h, s_h = cb->args[3];
2602 int idx, s_idx = idx = cb->args[4];
2603 unsigned int flags = NLM_F_MULTI;
2604
2605 if (filter->dev_idx || filter->master_idx)
2606 flags |= NLM_F_DUMP_FILTERED;
2607
2608 read_lock_bh(&tbl->lock);
2609
2610 for (h = s_h; h <= PNEIGH_HASHMASK; h++) {
2611 if (h > s_h)
2612 s_idx = 0;
2613 for (n = tbl->phash_buckets[h], idx = 0; n; n = n->next) {
2614 if (idx < s_idx || pneigh_net(n) != net)
2615 goto next;
2616 if (neigh_ifindex_filtered(n->dev, filter->dev_idx) ||
2617 neigh_master_filtered(n->dev, filter->master_idx))
2618 goto next;
2619 if (pneigh_fill_info(skb, n, NETLINK_CB(cb->skb).portid,
2620 cb->nlh->nlmsg_seq,
2621 RTM_NEWNEIGH, flags, tbl) < 0) {
2622 read_unlock_bh(&tbl->lock);
2623 rc = -1;
2624 goto out;
2625 }
2626 next:
2627 idx++;
2628 }
2629 }
2630
2631 read_unlock_bh(&tbl->lock);
2632 rc = skb->len;
2633out:
2634 cb->args[3] = h;
2635 cb->args[4] = idx;
2636 return rc;
2637
2638}
2639
2640static int neigh_valid_dump_req(const struct nlmsghdr *nlh,
2641 bool strict_check,
2642 struct neigh_dump_filter *filter,
2643 struct netlink_ext_ack *extack)
2644{
2645 struct nlattr *tb[NDA_MAX + 1];
2646 int err, i;
2647
2648 if (strict_check) {
2649 struct ndmsg *ndm;
2650
2651 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*ndm))) {
2652 NL_SET_ERR_MSG(extack, "Invalid header for neighbor dump request");
2653 return -EINVAL;
2654 }
2655
2656 ndm = nlmsg_data(nlh);
2657 if (ndm->ndm_pad1 || ndm->ndm_pad2 || ndm->ndm_ifindex ||
2658 ndm->ndm_state || ndm->ndm_type) {
2659 NL_SET_ERR_MSG(extack, "Invalid values in header for neighbor dump request");
2660 return -EINVAL;
2661 }
2662
2663 if (ndm->ndm_flags & ~NTF_PROXY) {
2664 NL_SET_ERR_MSG(extack, "Invalid flags in header for neighbor dump request");
2665 return -EINVAL;
2666 }
2667
2668 err = nlmsg_parse_deprecated_strict(nlh, sizeof(struct ndmsg),
2669 tb, NDA_MAX, nda_policy,
2670 extack);
2671 } else {
2672 err = nlmsg_parse_deprecated(nlh, sizeof(struct ndmsg), tb,
2673 NDA_MAX, nda_policy, extack);
2674 }
2675 if (err < 0)
2676 return err;
2677
2678 for (i = 0; i <= NDA_MAX; ++i) {
2679 if (!tb[i])
2680 continue;
2681
2682 /* all new attributes should require strict_check */
2683 switch (i) {
2684 case NDA_IFINDEX:
2685 filter->dev_idx = nla_get_u32(tb[i]);
2686 break;
2687 case NDA_MASTER:
2688 filter->master_idx = nla_get_u32(tb[i]);
2689 break;
2690 default:
2691 if (strict_check) {
2692 NL_SET_ERR_MSG(extack, "Unsupported attribute in neighbor dump request");
2693 return -EINVAL;
2694 }
2695 }
2696 }
2697
2698 return 0;
2699}
2700
2701static int neigh_dump_info(struct sk_buff *skb, struct netlink_callback *cb)
2702{
2703 const struct nlmsghdr *nlh = cb->nlh;
2704 struct neigh_dump_filter filter = {};
2705 struct neigh_table *tbl;
2706 int t, family, s_t;
2707 int proxy = 0;
2708 int err;
2709
2710 family = ((struct rtgenmsg *)nlmsg_data(nlh))->rtgen_family;
2711
2712 /* check for full ndmsg structure presence, family member is
2713 * the same for both structures
2714 */
2715 if (nlmsg_len(nlh) >= sizeof(struct ndmsg) &&
2716 ((struct ndmsg *)nlmsg_data(nlh))->ndm_flags == NTF_PROXY)
2717 proxy = 1;
2718
2719 err = neigh_valid_dump_req(nlh, cb->strict_check, &filter, cb->extack);
2720 if (err < 0 && cb->strict_check)
2721 return err;
2722
2723 s_t = cb->args[0];
2724
2725 for (t = 0; t < NEIGH_NR_TABLES; t++) {
2726 tbl = neigh_tables[t];
2727
2728 if (!tbl)
2729 continue;
2730 if (t < s_t || (family && tbl->family != family))
2731 continue;
2732 if (t > s_t)
2733 memset(&cb->args[1], 0, sizeof(cb->args) -
2734 sizeof(cb->args[0]));
2735 if (proxy)
2736 err = pneigh_dump_table(tbl, skb, cb, &filter);
2737 else
2738 err = neigh_dump_table(tbl, skb, cb, &filter);
2739 if (err < 0)
2740 break;
2741 }
2742
2743 cb->args[0] = t;
2744 return skb->len;
2745}
2746
2747static int neigh_valid_get_req(const struct nlmsghdr *nlh,
2748 struct neigh_table **tbl,
2749 void **dst, int *dev_idx, u8 *ndm_flags,
2750 struct netlink_ext_ack *extack)
2751{
2752 struct nlattr *tb[NDA_MAX + 1];
2753 struct ndmsg *ndm;
2754 int err, i;
2755
2756 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*ndm))) {
2757 NL_SET_ERR_MSG(extack, "Invalid header for neighbor get request");
2758 return -EINVAL;
2759 }
2760
2761 ndm = nlmsg_data(nlh);
2762 if (ndm->ndm_pad1 || ndm->ndm_pad2 || ndm->ndm_state ||
2763 ndm->ndm_type) {
2764 NL_SET_ERR_MSG(extack, "Invalid values in header for neighbor get request");
2765 return -EINVAL;
2766 }
2767
2768 if (ndm->ndm_flags & ~NTF_PROXY) {
2769 NL_SET_ERR_MSG(extack, "Invalid flags in header for neighbor get request");
2770 return -EINVAL;
2771 }
2772
2773 err = nlmsg_parse_deprecated_strict(nlh, sizeof(struct ndmsg), tb,
2774 NDA_MAX, nda_policy, extack);
2775 if (err < 0)
2776 return err;
2777
2778 *ndm_flags = ndm->ndm_flags;
2779 *dev_idx = ndm->ndm_ifindex;
2780 *tbl = neigh_find_table(ndm->ndm_family);
2781 if (*tbl == NULL) {
2782 NL_SET_ERR_MSG(extack, "Unsupported family in header for neighbor get request");
2783 return -EAFNOSUPPORT;
2784 }
2785
2786 for (i = 0; i <= NDA_MAX; ++i) {
2787 if (!tb[i])
2788 continue;
2789
2790 switch (i) {
2791 case NDA_DST:
2792 if (nla_len(tb[i]) != (int)(*tbl)->key_len) {
2793 NL_SET_ERR_MSG(extack, "Invalid network address in neighbor get request");
2794 return -EINVAL;
2795 }
2796 *dst = nla_data(tb[i]);
2797 break;
2798 default:
2799 NL_SET_ERR_MSG(extack, "Unsupported attribute in neighbor get request");
2800 return -EINVAL;
2801 }
2802 }
2803
2804 return 0;
2805}
2806
2807static inline size_t neigh_nlmsg_size(void)
2808{
2809 return NLMSG_ALIGN(sizeof(struct ndmsg))
2810 + nla_total_size(MAX_ADDR_LEN) /* NDA_DST */
2811 + nla_total_size(MAX_ADDR_LEN) /* NDA_LLADDR */
2812 + nla_total_size(sizeof(struct nda_cacheinfo))
2813 + nla_total_size(4) /* NDA_PROBES */
2814 + nla_total_size(1); /* NDA_PROTOCOL */
2815}
2816
2817static int neigh_get_reply(struct net *net, struct neighbour *neigh,
2818 u32 pid, u32 seq)
2819{
2820 struct sk_buff *skb;
2821 int err = 0;
2822
2823 skb = nlmsg_new(neigh_nlmsg_size(), GFP_KERNEL);
2824 if (!skb)
2825 return -ENOBUFS;
2826
2827 err = neigh_fill_info(skb, neigh, pid, seq, RTM_NEWNEIGH, 0);
2828 if (err) {
2829 kfree_skb(skb);
2830 goto errout;
2831 }
2832
2833 err = rtnl_unicast(skb, net, pid);
2834errout:
2835 return err;
2836}
2837
2838static inline size_t pneigh_nlmsg_size(void)
2839{
2840 return NLMSG_ALIGN(sizeof(struct ndmsg))
2841 + nla_total_size(MAX_ADDR_LEN) /* NDA_DST */
2842 + nla_total_size(1); /* NDA_PROTOCOL */
2843}
2844
2845static int pneigh_get_reply(struct net *net, struct pneigh_entry *neigh,
2846 u32 pid, u32 seq, struct neigh_table *tbl)
2847{
2848 struct sk_buff *skb;
2849 int err = 0;
2850
2851 skb = nlmsg_new(pneigh_nlmsg_size(), GFP_KERNEL);
2852 if (!skb)
2853 return -ENOBUFS;
2854
2855 err = pneigh_fill_info(skb, neigh, pid, seq, RTM_NEWNEIGH, 0, tbl);
2856 if (err) {
2857 kfree_skb(skb);
2858 goto errout;
2859 }
2860
2861 err = rtnl_unicast(skb, net, pid);
2862errout:
2863 return err;
2864}
2865
2866static int neigh_get(struct sk_buff *in_skb, struct nlmsghdr *nlh,
2867 struct netlink_ext_ack *extack)
2868{
2869 struct net *net = sock_net(in_skb->sk);
2870 struct net_device *dev = NULL;
2871 struct neigh_table *tbl = NULL;
2872 struct neighbour *neigh;
2873 void *dst = NULL;
2874 u8 ndm_flags = 0;
2875 int dev_idx = 0;
2876 int err;
2877
2878 err = neigh_valid_get_req(nlh, &tbl, &dst, &dev_idx, &ndm_flags,
2879 extack);
2880 if (err < 0)
2881 return err;
2882
2883 if (dev_idx) {
2884 dev = __dev_get_by_index(net, dev_idx);
2885 if (!dev) {
2886 NL_SET_ERR_MSG(extack, "Unknown device ifindex");
2887 return -ENODEV;
2888 }
2889 }
2890
2891 if (!dst) {
2892 NL_SET_ERR_MSG(extack, "Network address not specified");
2893 return -EINVAL;
2894 }
2895
2896 if (ndm_flags & NTF_PROXY) {
2897 struct pneigh_entry *pn;
2898
2899 pn = pneigh_lookup(tbl, net, dst, dev, 0);
2900 if (!pn) {
2901 NL_SET_ERR_MSG(extack, "Proxy neighbour entry not found");
2902 return -ENOENT;
2903 }
2904 return pneigh_get_reply(net, pn, NETLINK_CB(in_skb).portid,
2905 nlh->nlmsg_seq, tbl);
2906 }
2907
2908 if (!dev) {
2909 NL_SET_ERR_MSG(extack, "No device specified");
2910 return -EINVAL;
2911 }
2912
2913 neigh = neigh_lookup(tbl, dst, dev);
2914 if (!neigh) {
2915 NL_SET_ERR_MSG(extack, "Neighbour entry not found");
2916 return -ENOENT;
2917 }
2918
2919 err = neigh_get_reply(net, neigh, NETLINK_CB(in_skb).portid,
2920 nlh->nlmsg_seq);
2921
2922 neigh_release(neigh);
2923
2924 return err;
2925}
2926
2927void neigh_for_each(struct neigh_table *tbl, void (*cb)(struct neighbour *, void *), void *cookie)
2928{
2929 int chain;
2930 struct neigh_hash_table *nht;
2931
2932 rcu_read_lock_bh();
2933 nht = rcu_dereference_bh(tbl->nht);
2934
2935 read_lock(&tbl->lock); /* avoid resizes */
2936 for (chain = 0; chain < (1 << nht->hash_shift); chain++) {
2937 struct neighbour *n;
2938
2939 for (n = rcu_dereference_bh(nht->hash_buckets[chain]);
2940 n != NULL;
2941 n = rcu_dereference_bh(n->next))
2942 cb(n, cookie);
2943 }
2944 read_unlock(&tbl->lock);
2945 rcu_read_unlock_bh();
2946}
2947EXPORT_SYMBOL(neigh_for_each);
2948
2949/* The tbl->lock must be held as a writer and BH disabled. */
2950void __neigh_for_each_release(struct neigh_table *tbl,
2951 int (*cb)(struct neighbour *))
2952{
2953 int chain;
2954 struct neigh_hash_table *nht;
2955
2956 nht = rcu_dereference_protected(tbl->nht,
2957 lockdep_is_held(&tbl->lock));
2958 for (chain = 0; chain < (1 << nht->hash_shift); chain++) {
2959 struct neighbour *n;
2960 struct neighbour __rcu **np;
2961
2962 np = &nht->hash_buckets[chain];
2963 while ((n = rcu_dereference_protected(*np,
2964 lockdep_is_held(&tbl->lock))) != NULL) {
2965 int release;
2966
2967 write_lock(&n->lock);
2968 release = cb(n);
2969 if (release) {
2970 rcu_assign_pointer(*np,
2971 rcu_dereference_protected(n->next,
2972 lockdep_is_held(&tbl->lock)));
2973 neigh_mark_dead(n);
2974 } else
2975 np = &n->next;
2976 write_unlock(&n->lock);
2977 if (release)
2978 neigh_cleanup_and_release(n);
2979 }
2980 }
2981}
2982EXPORT_SYMBOL(__neigh_for_each_release);
2983
2984int neigh_xmit(int index, struct net_device *dev,
2985 const void *addr, struct sk_buff *skb)
2986{
2987 int err = -EAFNOSUPPORT;
2988 if (likely(index < NEIGH_NR_TABLES)) {
2989 struct neigh_table *tbl;
2990 struct neighbour *neigh;
2991
2992 tbl = neigh_tables[index];
2993 if (!tbl)
2994 goto out;
2995 rcu_read_lock_bh();
2996 if (index == NEIGH_ARP_TABLE) {
2997 u32 key = *((u32 *)addr);
2998
2999 neigh = __ipv4_neigh_lookup_noref(dev, key);
3000 } else {
3001 neigh = __neigh_lookup_noref(tbl, addr, dev);
3002 }
3003 if (!neigh)
3004 neigh = __neigh_create(tbl, addr, dev, false);
3005 err = PTR_ERR(neigh);
3006 if (IS_ERR(neigh)) {
3007 rcu_read_unlock_bh();
3008 goto out_kfree_skb;
3009 }
3010 err = neigh->output(neigh, skb);
3011 rcu_read_unlock_bh();
3012 }
3013 else if (index == NEIGH_LINK_TABLE) {
3014 err = dev_hard_header(skb, dev, ntohs(skb->protocol),
3015 addr, NULL, skb->len);
3016 if (err < 0)
3017 goto out_kfree_skb;
3018 err = dev_queue_xmit(skb);
3019 }
3020out:
3021 return err;
3022out_kfree_skb:
3023 kfree_skb(skb);
3024 goto out;
3025}
3026EXPORT_SYMBOL(neigh_xmit);
3027
3028#ifdef CONFIG_PROC_FS
3029
3030static struct neighbour *neigh_get_first(struct seq_file *seq)
3031{
3032 struct neigh_seq_state *state = seq->private;
3033 struct net *net = seq_file_net(seq);
3034 struct neigh_hash_table *nht = state->nht;
3035 struct neighbour *n = NULL;
3036 int bucket;
3037
3038 state->flags &= ~NEIGH_SEQ_IS_PNEIGH;
3039 for (bucket = 0; bucket < (1 << nht->hash_shift); bucket++) {
3040 n = rcu_dereference_bh(nht->hash_buckets[bucket]);
3041
3042 while (n) {
3043 if (!net_eq(dev_net(n->dev), net))
3044 goto next;
3045 if (state->neigh_sub_iter) {
3046 loff_t fakep = 0;
3047 void *v;
3048
3049 v = state->neigh_sub_iter(state, n, &fakep);
3050 if (!v)
3051 goto next;
3052 }
3053 if (!(state->flags & NEIGH_SEQ_SKIP_NOARP))
3054 break;
3055 if (n->nud_state & ~NUD_NOARP)
3056 break;
3057next:
3058 n = rcu_dereference_bh(n->next);
3059 }
3060
3061 if (n)
3062 break;
3063 }
3064 state->bucket = bucket;
3065
3066 return n;
3067}
3068
3069static struct neighbour *neigh_get_next(struct seq_file *seq,
3070 struct neighbour *n,
3071 loff_t *pos)
3072{
3073 struct neigh_seq_state *state = seq->private;
3074 struct net *net = seq_file_net(seq);
3075 struct neigh_hash_table *nht = state->nht;
3076
3077 if (state->neigh_sub_iter) {
3078 void *v = state->neigh_sub_iter(state, n, pos);
3079 if (v)
3080 return n;
3081 }
3082 n = rcu_dereference_bh(n->next);
3083
3084 while (1) {
3085 while (n) {
3086 if (!net_eq(dev_net(n->dev), net))
3087 goto next;
3088 if (state->neigh_sub_iter) {
3089 void *v = state->neigh_sub_iter(state, n, pos);
3090 if (v)
3091 return n;
3092 goto next;
3093 }
3094 if (!(state->flags & NEIGH_SEQ_SKIP_NOARP))
3095 break;
3096
3097 if (n->nud_state & ~NUD_NOARP)
3098 break;
3099next:
3100 n = rcu_dereference_bh(n->next);
3101 }
3102
3103 if (n)
3104 break;
3105
3106 if (++state->bucket >= (1 << nht->hash_shift))
3107 break;
3108
3109 n = rcu_dereference_bh(nht->hash_buckets[state->bucket]);
3110 }
3111
3112 if (n && pos)
3113 --(*pos);
3114 return n;
3115}
3116
3117static struct neighbour *neigh_get_idx(struct seq_file *seq, loff_t *pos)
3118{
3119 struct neighbour *n = neigh_get_first(seq);
3120
3121 if (n) {
3122 --(*pos);
3123 while (*pos) {
3124 n = neigh_get_next(seq, n, pos);
3125 if (!n)
3126 break;
3127 }
3128 }
3129 return *pos ? NULL : n;
3130}
3131
3132static struct pneigh_entry *pneigh_get_first(struct seq_file *seq)
3133{
3134 struct neigh_seq_state *state = seq->private;
3135 struct net *net = seq_file_net(seq);
3136 struct neigh_table *tbl = state->tbl;
3137 struct pneigh_entry *pn = NULL;
3138 int bucket = state->bucket;
3139
3140 state->flags |= NEIGH_SEQ_IS_PNEIGH;
3141 for (bucket = 0; bucket <= PNEIGH_HASHMASK; bucket++) {
3142 pn = tbl->phash_buckets[bucket];
3143 while (pn && !net_eq(pneigh_net(pn), net))
3144 pn = pn->next;
3145 if (pn)
3146 break;
3147 }
3148 state->bucket = bucket;
3149
3150 return pn;
3151}
3152
3153static struct pneigh_entry *pneigh_get_next(struct seq_file *seq,
3154 struct pneigh_entry *pn,
3155 loff_t *pos)
3156{
3157 struct neigh_seq_state *state = seq->private;
3158 struct net *net = seq_file_net(seq);
3159 struct neigh_table *tbl = state->tbl;
3160
3161 do {
3162 pn = pn->next;
3163 } while (pn && !net_eq(pneigh_net(pn), net));
3164
3165 while (!pn) {
3166 if (++state->bucket > PNEIGH_HASHMASK)
3167 break;
3168 pn = tbl->phash_buckets[state->bucket];
3169 while (pn && !net_eq(pneigh_net(pn), net))
3170 pn = pn->next;
3171 if (pn)
3172 break;
3173 }
3174
3175 if (pn && pos)
3176 --(*pos);
3177
3178 return pn;
3179}
3180
3181static struct pneigh_entry *pneigh_get_idx(struct seq_file *seq, loff_t *pos)
3182{
3183 struct pneigh_entry *pn = pneigh_get_first(seq);
3184
3185 if (pn) {
3186 --(*pos);
3187 while (*pos) {
3188 pn = pneigh_get_next(seq, pn, pos);
3189 if (!pn)
3190 break;
3191 }
3192 }
3193 return *pos ? NULL : pn;
3194}
3195
3196static void *neigh_get_idx_any(struct seq_file *seq, loff_t *pos)
3197{
3198 struct neigh_seq_state *state = seq->private;
3199 void *rc;
3200 loff_t idxpos = *pos;
3201
3202 rc = neigh_get_idx(seq, &idxpos);
3203 if (!rc && !(state->flags & NEIGH_SEQ_NEIGH_ONLY))
3204 rc = pneigh_get_idx(seq, &idxpos);
3205
3206 return rc;
3207}
3208
3209void *neigh_seq_start(struct seq_file *seq, loff_t *pos, struct neigh_table *tbl, unsigned int neigh_seq_flags)
3210 __acquires(tbl->lock)
3211 __acquires(rcu_bh)
3212{
3213 struct neigh_seq_state *state = seq->private;
3214
3215 state->tbl = tbl;
3216 state->bucket = 0;
3217 state->flags = (neigh_seq_flags & ~NEIGH_SEQ_IS_PNEIGH);
3218
3219 rcu_read_lock_bh();
3220 state->nht = rcu_dereference_bh(tbl->nht);
3221 read_lock(&tbl->lock);
3222
3223 return *pos ? neigh_get_idx_any(seq, pos) : SEQ_START_TOKEN;
3224}
3225EXPORT_SYMBOL(neigh_seq_start);
3226
3227void *neigh_seq_next(struct seq_file *seq, void *v, loff_t *pos)
3228{
3229 struct neigh_seq_state *state;
3230 void *rc;
3231
3232 if (v == SEQ_START_TOKEN) {
3233 rc = neigh_get_first(seq);
3234 goto out;
3235 }
3236
3237 state = seq->private;
3238 if (!(state->flags & NEIGH_SEQ_IS_PNEIGH)) {
3239 rc = neigh_get_next(seq, v, NULL);
3240 if (rc)
3241 goto out;
3242 if (!(state->flags & NEIGH_SEQ_NEIGH_ONLY))
3243 rc = pneigh_get_first(seq);
3244 } else {
3245 BUG_ON(state->flags & NEIGH_SEQ_NEIGH_ONLY);
3246 rc = pneigh_get_next(seq, v, NULL);
3247 }
3248out:
3249 ++(*pos);
3250 return rc;
3251}
3252EXPORT_SYMBOL(neigh_seq_next);
3253
3254void neigh_seq_stop(struct seq_file *seq, void *v)
3255 __releases(tbl->lock)
3256 __releases(rcu_bh)
3257{
3258 struct neigh_seq_state *state = seq->private;
3259 struct neigh_table *tbl = state->tbl;
3260
3261 read_unlock(&tbl->lock);
3262 rcu_read_unlock_bh();
3263}
3264EXPORT_SYMBOL(neigh_seq_stop);
3265
3266/* statistics via seq_file */
3267
3268static void *neigh_stat_seq_start(struct seq_file *seq, loff_t *pos)
3269{
3270 struct neigh_table *tbl = PDE_DATA(file_inode(seq->file));
3271 int cpu;
3272
3273 if (*pos == 0)
3274 return SEQ_START_TOKEN;
3275
3276 for (cpu = *pos-1; cpu < nr_cpu_ids; ++cpu) {
3277 if (!cpu_possible(cpu))
3278 continue;
3279 *pos = cpu+1;
3280 return per_cpu_ptr(tbl->stats, cpu);
3281 }
3282 return NULL;
3283}
3284
3285static void *neigh_stat_seq_next(struct seq_file *seq, void *v, loff_t *pos)
3286{
3287 struct neigh_table *tbl = PDE_DATA(file_inode(seq->file));
3288 int cpu;
3289
3290 for (cpu = *pos; cpu < nr_cpu_ids; ++cpu) {
3291 if (!cpu_possible(cpu))
3292 continue;
3293 *pos = cpu+1;
3294 return per_cpu_ptr(tbl->stats, cpu);
3295 }
3296 return NULL;
3297}
3298
3299static void neigh_stat_seq_stop(struct seq_file *seq, void *v)
3300{
3301
3302}
3303
3304static int neigh_stat_seq_show(struct seq_file *seq, void *v)
3305{
3306 struct neigh_table *tbl = PDE_DATA(file_inode(seq->file));
3307 struct neigh_statistics *st = v;
3308
3309 if (v == SEQ_START_TOKEN) {
3310 seq_printf(seq, "entries allocs destroys hash_grows lookups hits res_failed rcv_probes_mcast rcv_probes_ucast periodic_gc_runs forced_gc_runs unresolved_discards table_fulls\n");
3311 return 0;
3312 }
3313
3314 seq_printf(seq, "%08x %08lx %08lx %08lx %08lx %08lx %08lx "
3315 "%08lx %08lx %08lx %08lx %08lx %08lx\n",
3316 atomic_read(&tbl->entries),
3317
3318 st->allocs,
3319 st->destroys,
3320 st->hash_grows,
3321
3322 st->lookups,
3323 st->hits,
3324
3325 st->res_failed,
3326
3327 st->rcv_probes_mcast,
3328 st->rcv_probes_ucast,
3329
3330 st->periodic_gc_runs,
3331 st->forced_gc_runs,
3332 st->unres_discards,
3333 st->table_fulls
3334 );
3335
3336 return 0;
3337}
3338
3339static const struct seq_operations neigh_stat_seq_ops = {
3340 .start = neigh_stat_seq_start,
3341 .next = neigh_stat_seq_next,
3342 .stop = neigh_stat_seq_stop,
3343 .show = neigh_stat_seq_show,
3344};
3345#endif /* CONFIG_PROC_FS */
3346
3347static void __neigh_notify(struct neighbour *n, int type, int flags,
3348 u32 pid)
3349{
3350 struct net *net = dev_net(n->dev);
3351 struct sk_buff *skb;
3352 int err = -ENOBUFS;
3353
3354 skb = nlmsg_new(neigh_nlmsg_size(), GFP_ATOMIC);
3355 if (skb == NULL)
3356 goto errout;
3357
3358 err = neigh_fill_info(skb, n, pid, 0, type, flags);
3359 if (err < 0) {
3360 /* -EMSGSIZE implies BUG in neigh_nlmsg_size() */
3361 WARN_ON(err == -EMSGSIZE);
3362 kfree_skb(skb);
3363 goto errout;
3364 }
3365 rtnl_notify(skb, net, 0, RTNLGRP_NEIGH, NULL, GFP_ATOMIC);
3366 return;
3367errout:
3368 if (err < 0)
3369 rtnl_set_sk_err(net, RTNLGRP_NEIGH, err);
3370}
3371
3372void neigh_app_ns(struct neighbour *n)
3373{
3374 __neigh_notify(n, RTM_GETNEIGH, NLM_F_REQUEST, 0);
3375}
3376EXPORT_SYMBOL(neigh_app_ns);
3377
3378#ifdef CONFIG_SYSCTL
3379static int unres_qlen_max = INT_MAX / SKB_TRUESIZE(ETH_FRAME_LEN);
3380
3381static int proc_unres_qlen(struct ctl_table *ctl, int write,
3382 void __user *buffer, size_t *lenp, loff_t *ppos)
3383{
3384 int size, ret;
3385 struct ctl_table tmp = *ctl;
3386
3387 tmp.extra1 = SYSCTL_ZERO;
3388 tmp.extra2 = &unres_qlen_max;
3389 tmp.data = &size;
3390
3391 size = *(int *)ctl->data / SKB_TRUESIZE(ETH_FRAME_LEN);
3392 ret = proc_dointvec_minmax(&tmp, write, buffer, lenp, ppos);
3393
3394 if (write && !ret)
3395 *(int *)ctl->data = size * SKB_TRUESIZE(ETH_FRAME_LEN);
3396 return ret;
3397}
3398
3399static struct neigh_parms *neigh_get_dev_parms_rcu(struct net_device *dev,
3400 int family)
3401{
3402 switch (family) {
3403 case AF_INET:
3404 return __in_dev_arp_parms_get_rcu(dev);
3405 case AF_INET6:
3406 return __in6_dev_nd_parms_get_rcu(dev);
3407 }
3408 return NULL;
3409}
3410
3411static void neigh_copy_dflt_parms(struct net *net, struct neigh_parms *p,
3412 int index)
3413{
3414 struct net_device *dev;
3415 int family = neigh_parms_family(p);
3416
3417 rcu_read_lock();
3418 for_each_netdev_rcu(net, dev) {
3419 struct neigh_parms *dst_p =
3420 neigh_get_dev_parms_rcu(dev, family);
3421
3422 if (dst_p && !test_bit(index, dst_p->data_state))
3423 dst_p->data[index] = p->data[index];
3424 }
3425 rcu_read_unlock();
3426}
3427
3428static void neigh_proc_update(struct ctl_table *ctl, int write)
3429{
3430 struct net_device *dev = ctl->extra1;
3431 struct neigh_parms *p = ctl->extra2;
3432 struct net *net = neigh_parms_net(p);
3433 int index = (int *) ctl->data - p->data;
3434
3435 if (!write)
3436 return;
3437
3438 set_bit(index, p->data_state);
3439 if (index == NEIGH_VAR_DELAY_PROBE_TIME)
3440 call_netevent_notifiers(NETEVENT_DELAY_PROBE_TIME_UPDATE, p);
3441 if (!dev) /* NULL dev means this is default value */
3442 neigh_copy_dflt_parms(net, p, index);
3443}
3444
3445static int neigh_proc_dointvec_zero_intmax(struct ctl_table *ctl, int write,
3446 void __user *buffer,
3447 size_t *lenp, loff_t *ppos)
3448{
3449 struct ctl_table tmp = *ctl;
3450 int ret;
3451
3452 tmp.extra1 = SYSCTL_ZERO;
3453 tmp.extra2 = SYSCTL_INT_MAX;
3454
3455 ret = proc_dointvec_minmax(&tmp, write, buffer, lenp, ppos);
3456 neigh_proc_update(ctl, write);
3457 return ret;
3458}
3459
3460int neigh_proc_dointvec(struct ctl_table *ctl, int write,
3461 void __user *buffer, size_t *lenp, loff_t *ppos)
3462{
3463 int ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
3464
3465 neigh_proc_update(ctl, write);
3466 return ret;
3467}
3468EXPORT_SYMBOL(neigh_proc_dointvec);
3469
3470int neigh_proc_dointvec_jiffies(struct ctl_table *ctl, int write,
3471 void __user *buffer,
3472 size_t *lenp, loff_t *ppos)
3473{
3474 int ret = proc_dointvec_jiffies(ctl, write, buffer, lenp, ppos);
3475
3476 neigh_proc_update(ctl, write);
3477 return ret;
3478}
3479EXPORT_SYMBOL(neigh_proc_dointvec_jiffies);
3480
3481static int neigh_proc_dointvec_userhz_jiffies(struct ctl_table *ctl, int write,
3482 void __user *buffer,
3483 size_t *lenp, loff_t *ppos)
3484{
3485 int ret = proc_dointvec_userhz_jiffies(ctl, write, buffer, lenp, ppos);
3486
3487 neigh_proc_update(ctl, write);
3488 return ret;
3489}
3490
3491int neigh_proc_dointvec_ms_jiffies(struct ctl_table *ctl, int write,
3492 void __user *buffer,
3493 size_t *lenp, loff_t *ppos)
3494{
3495 int ret = proc_dointvec_ms_jiffies(ctl, write, buffer, lenp, ppos);
3496
3497 neigh_proc_update(ctl, write);
3498 return ret;
3499}
3500EXPORT_SYMBOL(neigh_proc_dointvec_ms_jiffies);
3501
3502static int neigh_proc_dointvec_unres_qlen(struct ctl_table *ctl, int write,
3503 void __user *buffer,
3504 size_t *lenp, loff_t *ppos)
3505{
3506 int ret = proc_unres_qlen(ctl, write, buffer, lenp, ppos);
3507
3508 neigh_proc_update(ctl, write);
3509 return ret;
3510}
3511
3512static int neigh_proc_base_reachable_time(struct ctl_table *ctl, int write,
3513 void __user *buffer,
3514 size_t *lenp, loff_t *ppos)
3515{
3516 struct neigh_parms *p = ctl->extra2;
3517 int ret;
3518
3519 if (strcmp(ctl->procname, "base_reachable_time") == 0)
3520 ret = neigh_proc_dointvec_jiffies(ctl, write, buffer, lenp, ppos);
3521 else if (strcmp(ctl->procname, "base_reachable_time_ms") == 0)
3522 ret = neigh_proc_dointvec_ms_jiffies(ctl, write, buffer, lenp, ppos);
3523 else
3524 ret = -1;
3525
3526 if (write && ret == 0) {
3527 /* update reachable_time as well, otherwise, the change will
3528 * only be effective after the next time neigh_periodic_work
3529 * decides to recompute it
3530 */
3531 p->reachable_time =
3532 neigh_rand_reach_time(NEIGH_VAR(p, BASE_REACHABLE_TIME));
3533 }
3534 return ret;
3535}
3536
3537#define NEIGH_PARMS_DATA_OFFSET(index) \
3538 (&((struct neigh_parms *) 0)->data[index])
3539
3540#define NEIGH_SYSCTL_ENTRY(attr, data_attr, name, mval, proc) \
3541 [NEIGH_VAR_ ## attr] = { \
3542 .procname = name, \
3543 .data = NEIGH_PARMS_DATA_OFFSET(NEIGH_VAR_ ## data_attr), \
3544 .maxlen = sizeof(int), \
3545 .mode = mval, \
3546 .proc_handler = proc, \
3547 }
3548
3549#define NEIGH_SYSCTL_ZERO_INTMAX_ENTRY(attr, name) \
3550 NEIGH_SYSCTL_ENTRY(attr, attr, name, 0644, neigh_proc_dointvec_zero_intmax)
3551
3552#define NEIGH_SYSCTL_JIFFIES_ENTRY(attr, name) \
3553 NEIGH_SYSCTL_ENTRY(attr, attr, name, 0644, neigh_proc_dointvec_jiffies)
3554
3555#define NEIGH_SYSCTL_USERHZ_JIFFIES_ENTRY(attr, name) \
3556 NEIGH_SYSCTL_ENTRY(attr, attr, name, 0644, neigh_proc_dointvec_userhz_jiffies)
3557
3558#define NEIGH_SYSCTL_MS_JIFFIES_ENTRY(attr, name) \
3559 NEIGH_SYSCTL_ENTRY(attr, attr, name, 0644, neigh_proc_dointvec_ms_jiffies)
3560
3561#define NEIGH_SYSCTL_MS_JIFFIES_REUSED_ENTRY(attr, data_attr, name) \
3562 NEIGH_SYSCTL_ENTRY(attr, data_attr, name, 0644, neigh_proc_dointvec_ms_jiffies)
3563
3564#define NEIGH_SYSCTL_UNRES_QLEN_REUSED_ENTRY(attr, data_attr, name) \
3565 NEIGH_SYSCTL_ENTRY(attr, data_attr, name, 0644, neigh_proc_dointvec_unres_qlen)
3566
3567static struct neigh_sysctl_table {
3568 struct ctl_table_header *sysctl_header;
3569 struct ctl_table neigh_vars[NEIGH_VAR_MAX + 1];
3570} neigh_sysctl_template __read_mostly = {
3571 .neigh_vars = {
3572 NEIGH_SYSCTL_ZERO_INTMAX_ENTRY(MCAST_PROBES, "mcast_solicit"),
3573 NEIGH_SYSCTL_ZERO_INTMAX_ENTRY(UCAST_PROBES, "ucast_solicit"),
3574 NEIGH_SYSCTL_ZERO_INTMAX_ENTRY(APP_PROBES, "app_solicit"),
3575 NEIGH_SYSCTL_ZERO_INTMAX_ENTRY(MCAST_REPROBES, "mcast_resolicit"),
3576 NEIGH_SYSCTL_USERHZ_JIFFIES_ENTRY(RETRANS_TIME, "retrans_time"),
3577 NEIGH_SYSCTL_JIFFIES_ENTRY(BASE_REACHABLE_TIME, "base_reachable_time"),
3578 NEIGH_SYSCTL_JIFFIES_ENTRY(DELAY_PROBE_TIME, "delay_first_probe_time"),
3579 NEIGH_SYSCTL_JIFFIES_ENTRY(GC_STALETIME, "gc_stale_time"),
3580 NEIGH_SYSCTL_ZERO_INTMAX_ENTRY(QUEUE_LEN_BYTES, "unres_qlen_bytes"),
3581 NEIGH_SYSCTL_ZERO_INTMAX_ENTRY(PROXY_QLEN, "proxy_qlen"),
3582 NEIGH_SYSCTL_USERHZ_JIFFIES_ENTRY(ANYCAST_DELAY, "anycast_delay"),
3583 NEIGH_SYSCTL_USERHZ_JIFFIES_ENTRY(PROXY_DELAY, "proxy_delay"),
3584 NEIGH_SYSCTL_USERHZ_JIFFIES_ENTRY(LOCKTIME, "locktime"),
3585 NEIGH_SYSCTL_UNRES_QLEN_REUSED_ENTRY(QUEUE_LEN, QUEUE_LEN_BYTES, "unres_qlen"),
3586 NEIGH_SYSCTL_MS_JIFFIES_REUSED_ENTRY(RETRANS_TIME_MS, RETRANS_TIME, "retrans_time_ms"),
3587 NEIGH_SYSCTL_MS_JIFFIES_REUSED_ENTRY(BASE_REACHABLE_TIME_MS, BASE_REACHABLE_TIME, "base_reachable_time_ms"),
3588 [NEIGH_VAR_GC_INTERVAL] = {
3589 .procname = "gc_interval",
3590 .maxlen = sizeof(int),
3591 .mode = 0644,
3592 .proc_handler = proc_dointvec_jiffies,
3593 },
3594 [NEIGH_VAR_GC_THRESH1] = {
3595 .procname = "gc_thresh1",
3596 .maxlen = sizeof(int),
3597 .mode = 0644,
3598 .extra1 = SYSCTL_ZERO,
3599 .extra2 = SYSCTL_INT_MAX,
3600 .proc_handler = proc_dointvec_minmax,
3601 },
3602 [NEIGH_VAR_GC_THRESH2] = {
3603 .procname = "gc_thresh2",
3604 .maxlen = sizeof(int),
3605 .mode = 0644,
3606 .extra1 = SYSCTL_ZERO,
3607 .extra2 = SYSCTL_INT_MAX,
3608 .proc_handler = proc_dointvec_minmax,
3609 },
3610 [NEIGH_VAR_GC_THRESH3] = {
3611 .procname = "gc_thresh3",
3612 .maxlen = sizeof(int),
3613 .mode = 0644,
3614 .extra1 = SYSCTL_ZERO,
3615 .extra2 = SYSCTL_INT_MAX,
3616 .proc_handler = proc_dointvec_minmax,
3617 },
3618 {},
3619 },
3620};
3621
3622int neigh_sysctl_register(struct net_device *dev, struct neigh_parms *p,
3623 proc_handler *handler)
3624{
3625 int i;
3626 struct neigh_sysctl_table *t;
3627 const char *dev_name_source;
3628 char neigh_path[ sizeof("net//neigh/") + IFNAMSIZ + IFNAMSIZ ];
3629 char *p_name;
3630
3631 t = kmemdup(&neigh_sysctl_template, sizeof(*t), GFP_KERNEL);
3632 if (!t)
3633 goto err;
3634
3635 for (i = 0; i < NEIGH_VAR_GC_INTERVAL; i++) {
3636 t->neigh_vars[i].data += (long) p;
3637 t->neigh_vars[i].extra1 = dev;
3638 t->neigh_vars[i].extra2 = p;
3639 }
3640
3641 if (dev) {
3642 dev_name_source = dev->name;
3643 /* Terminate the table early */
3644 memset(&t->neigh_vars[NEIGH_VAR_GC_INTERVAL], 0,
3645 sizeof(t->neigh_vars[NEIGH_VAR_GC_INTERVAL]));
3646 } else {
3647 struct neigh_table *tbl = p->tbl;
3648 dev_name_source = "default";
3649 t->neigh_vars[NEIGH_VAR_GC_INTERVAL].data = &tbl->gc_interval;
3650 t->neigh_vars[NEIGH_VAR_GC_THRESH1].data = &tbl->gc_thresh1;
3651 t->neigh_vars[NEIGH_VAR_GC_THRESH2].data = &tbl->gc_thresh2;
3652 t->neigh_vars[NEIGH_VAR_GC_THRESH3].data = &tbl->gc_thresh3;
3653 }
3654
3655 if (handler) {
3656 /* RetransTime */
3657 t->neigh_vars[NEIGH_VAR_RETRANS_TIME].proc_handler = handler;
3658 /* ReachableTime */
3659 t->neigh_vars[NEIGH_VAR_BASE_REACHABLE_TIME].proc_handler = handler;
3660 /* RetransTime (in milliseconds)*/
3661 t->neigh_vars[NEIGH_VAR_RETRANS_TIME_MS].proc_handler = handler;
3662 /* ReachableTime (in milliseconds) */
3663 t->neigh_vars[NEIGH_VAR_BASE_REACHABLE_TIME_MS].proc_handler = handler;
3664 } else {
3665 /* Those handlers will update p->reachable_time after
3666 * base_reachable_time(_ms) is set to ensure the new timer starts being
3667 * applied after the next neighbour update instead of waiting for
3668 * neigh_periodic_work to update its value (can be multiple minutes)
3669 * So any handler that replaces them should do this as well
3670 */
3671 /* ReachableTime */
3672 t->neigh_vars[NEIGH_VAR_BASE_REACHABLE_TIME].proc_handler =
3673 neigh_proc_base_reachable_time;
3674 /* ReachableTime (in milliseconds) */
3675 t->neigh_vars[NEIGH_VAR_BASE_REACHABLE_TIME_MS].proc_handler =
3676 neigh_proc_base_reachable_time;
3677 }
3678
3679 /* Don't export sysctls to unprivileged users */
3680 if (neigh_parms_net(p)->user_ns != &init_user_ns)
3681 t->neigh_vars[0].procname = NULL;
3682
3683 switch (neigh_parms_family(p)) {
3684 case AF_INET:
3685 p_name = "ipv4";
3686 break;
3687 case AF_INET6:
3688 p_name = "ipv6";
3689 break;
3690 default:
3691 BUG();
3692 }
3693
3694 snprintf(neigh_path, sizeof(neigh_path), "net/%s/neigh/%s",
3695 p_name, dev_name_source);
3696 t->sysctl_header =
3697 register_net_sysctl(neigh_parms_net(p), neigh_path, t->neigh_vars);
3698 if (!t->sysctl_header)
3699 goto free;
3700
3701 p->sysctl_table = t;
3702 return 0;
3703
3704free:
3705 kfree(t);
3706err:
3707 return -ENOBUFS;
3708}
3709EXPORT_SYMBOL(neigh_sysctl_register);
3710
3711void neigh_sysctl_unregister(struct neigh_parms *p)
3712{
3713 if (p->sysctl_table) {
3714 struct neigh_sysctl_table *t = p->sysctl_table;
3715 p->sysctl_table = NULL;
3716 unregister_net_sysctl_table(t->sysctl_header);
3717 kfree(t);
3718 }
3719}
3720EXPORT_SYMBOL(neigh_sysctl_unregister);
3721
3722#endif /* CONFIG_SYSCTL */
3723
3724static int __init neigh_init(void)
3725{
3726 rtnl_register(PF_UNSPEC, RTM_NEWNEIGH, neigh_add, NULL, 0);
3727 rtnl_register(PF_UNSPEC, RTM_DELNEIGH, neigh_delete, NULL, 0);
3728 rtnl_register(PF_UNSPEC, RTM_GETNEIGH, neigh_get, neigh_dump_info, 0);
3729
3730 rtnl_register(PF_UNSPEC, RTM_GETNEIGHTBL, NULL, neightbl_dump_info,
3731 0);
3732 rtnl_register(PF_UNSPEC, RTM_SETNEIGHTBL, neightbl_set, NULL, 0);
3733
3734 return 0;
3735}
3736
3737subsys_initcall(neigh_init);