Loading...
1/*
2 * Generic address resolution entity
3 *
4 * Authors:
5 * Pedro Roque <roque@di.fc.ul.pt>
6 * Alexey Kuznetsov <kuznet@ms2.inr.ac.ru>
7 *
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public License
10 * as published by the Free Software Foundation; either version
11 * 2 of the License, or (at your option) any later version.
12 *
13 * Fixes:
14 * Vitaly E. Lavrov releasing NULL neighbor in neigh_add.
15 * Harald Welte Add neighbour cache statistics like rtstat
16 */
17
18#include <linux/slab.h>
19#include <linux/types.h>
20#include <linux/kernel.h>
21#include <linux/module.h>
22#include <linux/socket.h>
23#include <linux/netdevice.h>
24#include <linux/proc_fs.h>
25#ifdef CONFIG_SYSCTL
26#include <linux/sysctl.h>
27#endif
28#include <linux/times.h>
29#include <net/net_namespace.h>
30#include <net/neighbour.h>
31#include <net/dst.h>
32#include <net/sock.h>
33#include <net/netevent.h>
34#include <net/netlink.h>
35#include <linux/rtnetlink.h>
36#include <linux/random.h>
37#include <linux/string.h>
38#include <linux/log2.h>
39
40#define NEIGH_DEBUG 1
41
42#define NEIGH_PRINTK(x...) printk(x)
43#define NEIGH_NOPRINTK(x...) do { ; } while(0)
44#define NEIGH_PRINTK1 NEIGH_NOPRINTK
45#define NEIGH_PRINTK2 NEIGH_NOPRINTK
46
47#if NEIGH_DEBUG >= 1
48#undef NEIGH_PRINTK1
49#define NEIGH_PRINTK1 NEIGH_PRINTK
50#endif
51#if NEIGH_DEBUG >= 2
52#undef NEIGH_PRINTK2
53#define NEIGH_PRINTK2 NEIGH_PRINTK
54#endif
55
56#define PNEIGH_HASHMASK 0xF
57
58static void neigh_timer_handler(unsigned long arg);
59static void __neigh_notify(struct neighbour *n, int type, int flags);
60static void neigh_update_notify(struct neighbour *neigh);
61static int pneigh_ifdown(struct neigh_table *tbl, struct net_device *dev);
62
63static struct neigh_table *neigh_tables;
64#ifdef CONFIG_PROC_FS
65static const struct file_operations neigh_stat_seq_fops;
66#endif
67
68/*
69 Neighbour hash table buckets are protected with rwlock tbl->lock.
70
71 - All the scans/updates to hash buckets MUST be made under this lock.
72 - NOTHING clever should be made under this lock: no callbacks
73 to protocol backends, no attempts to send something to network.
74 It will result in deadlocks, if backend/driver wants to use neighbour
75 cache.
76 - If the entry requires some non-trivial actions, increase
77 its reference count and release table lock.
78
79 Neighbour entries are protected:
80 - with reference count.
81 - with rwlock neigh->lock
82
83 Reference count prevents destruction.
84
85 neigh->lock mainly serializes ll address data and its validity state.
86 However, the same lock is used to protect another entry fields:
87 - timer
88 - resolution queue
89
90 Again, nothing clever shall be made under neigh->lock,
91 the most complicated procedure, which we allow is dev->hard_header.
92 It is supposed, that dev->hard_header is simplistic and does
93 not make callbacks to neighbour tables.
94
95 The last lock is neigh_tbl_lock. It is pure SMP lock, protecting
96 list of neighbour tables. This list is used only in process context,
97 */
98
99static DEFINE_RWLOCK(neigh_tbl_lock);
100
101static int neigh_blackhole(struct neighbour *neigh, struct sk_buff *skb)
102{
103 kfree_skb(skb);
104 return -ENETDOWN;
105}
106
107static void neigh_cleanup_and_release(struct neighbour *neigh)
108{
109 if (neigh->parms->neigh_cleanup)
110 neigh->parms->neigh_cleanup(neigh);
111
112 __neigh_notify(neigh, RTM_DELNEIGH, 0);
113 neigh_release(neigh);
114}
115
116/*
117 * It is random distribution in the interval (1/2)*base...(3/2)*base.
118 * It corresponds to default IPv6 settings and is not overridable,
119 * because it is really reasonable choice.
120 */
121
122unsigned long neigh_rand_reach_time(unsigned long base)
123{
124 return base ? (net_random() % base) + (base >> 1) : 0;
125}
126EXPORT_SYMBOL(neigh_rand_reach_time);
127
128
129static int neigh_forced_gc(struct neigh_table *tbl)
130{
131 int shrunk = 0;
132 int i;
133 struct neigh_hash_table *nht;
134
135 NEIGH_CACHE_STAT_INC(tbl, forced_gc_runs);
136
137 write_lock_bh(&tbl->lock);
138 nht = rcu_dereference_protected(tbl->nht,
139 lockdep_is_held(&tbl->lock));
140 for (i = 0; i < (1 << nht->hash_shift); i++) {
141 struct neighbour *n;
142 struct neighbour __rcu **np;
143
144 np = &nht->hash_buckets[i];
145 while ((n = rcu_dereference_protected(*np,
146 lockdep_is_held(&tbl->lock))) != NULL) {
147 /* Neighbour record may be discarded if:
148 * - nobody refers to it.
149 * - it is not permanent
150 */
151 write_lock(&n->lock);
152 if (atomic_read(&n->refcnt) == 1 &&
153 !(n->nud_state & NUD_PERMANENT)) {
154 rcu_assign_pointer(*np,
155 rcu_dereference_protected(n->next,
156 lockdep_is_held(&tbl->lock)));
157 n->dead = 1;
158 shrunk = 1;
159 write_unlock(&n->lock);
160 neigh_cleanup_and_release(n);
161 continue;
162 }
163 write_unlock(&n->lock);
164 np = &n->next;
165 }
166 }
167
168 tbl->last_flush = jiffies;
169
170 write_unlock_bh(&tbl->lock);
171
172 return shrunk;
173}
174
175static void neigh_add_timer(struct neighbour *n, unsigned long when)
176{
177 neigh_hold(n);
178 if (unlikely(mod_timer(&n->timer, when))) {
179 printk("NEIGH: BUG, double timer add, state is %x\n",
180 n->nud_state);
181 dump_stack();
182 }
183}
184
185static int neigh_del_timer(struct neighbour *n)
186{
187 if ((n->nud_state & NUD_IN_TIMER) &&
188 del_timer(&n->timer)) {
189 neigh_release(n);
190 return 1;
191 }
192 return 0;
193}
194
195static void pneigh_queue_purge(struct sk_buff_head *list)
196{
197 struct sk_buff *skb;
198
199 while ((skb = skb_dequeue(list)) != NULL) {
200 dev_put(skb->dev);
201 kfree_skb(skb);
202 }
203}
204
205static void neigh_flush_dev(struct neigh_table *tbl, struct net_device *dev)
206{
207 int i;
208 struct neigh_hash_table *nht;
209
210 nht = rcu_dereference_protected(tbl->nht,
211 lockdep_is_held(&tbl->lock));
212
213 for (i = 0; i < (1 << nht->hash_shift); i++) {
214 struct neighbour *n;
215 struct neighbour __rcu **np = &nht->hash_buckets[i];
216
217 while ((n = rcu_dereference_protected(*np,
218 lockdep_is_held(&tbl->lock))) != NULL) {
219 if (dev && n->dev != dev) {
220 np = &n->next;
221 continue;
222 }
223 rcu_assign_pointer(*np,
224 rcu_dereference_protected(n->next,
225 lockdep_is_held(&tbl->lock)));
226 write_lock(&n->lock);
227 neigh_del_timer(n);
228 n->dead = 1;
229
230 if (atomic_read(&n->refcnt) != 1) {
231 /* The most unpleasant situation.
232 We must destroy neighbour entry,
233 but someone still uses it.
234
235 The destroy will be delayed until
236 the last user releases us, but
237 we must kill timers etc. and move
238 it to safe state.
239 */
240 skb_queue_purge(&n->arp_queue);
241 n->output = neigh_blackhole;
242 if (n->nud_state & NUD_VALID)
243 n->nud_state = NUD_NOARP;
244 else
245 n->nud_state = NUD_NONE;
246 NEIGH_PRINTK2("neigh %p is stray.\n", n);
247 }
248 write_unlock(&n->lock);
249 neigh_cleanup_and_release(n);
250 }
251 }
252}
253
254void neigh_changeaddr(struct neigh_table *tbl, struct net_device *dev)
255{
256 write_lock_bh(&tbl->lock);
257 neigh_flush_dev(tbl, dev);
258 write_unlock_bh(&tbl->lock);
259}
260EXPORT_SYMBOL(neigh_changeaddr);
261
262int neigh_ifdown(struct neigh_table *tbl, struct net_device *dev)
263{
264 write_lock_bh(&tbl->lock);
265 neigh_flush_dev(tbl, dev);
266 pneigh_ifdown(tbl, dev);
267 write_unlock_bh(&tbl->lock);
268
269 del_timer_sync(&tbl->proxy_timer);
270 pneigh_queue_purge(&tbl->proxy_queue);
271 return 0;
272}
273EXPORT_SYMBOL(neigh_ifdown);
274
275static struct neighbour *neigh_alloc(struct neigh_table *tbl)
276{
277 struct neighbour *n = NULL;
278 unsigned long now = jiffies;
279 int entries;
280
281 entries = atomic_inc_return(&tbl->entries) - 1;
282 if (entries >= tbl->gc_thresh3 ||
283 (entries >= tbl->gc_thresh2 &&
284 time_after(now, tbl->last_flush + 5 * HZ))) {
285 if (!neigh_forced_gc(tbl) &&
286 entries >= tbl->gc_thresh3)
287 goto out_entries;
288 }
289
290 n = kmem_cache_zalloc(tbl->kmem_cachep, GFP_ATOMIC);
291 if (!n)
292 goto out_entries;
293
294 skb_queue_head_init(&n->arp_queue);
295 rwlock_init(&n->lock);
296 seqlock_init(&n->ha_lock);
297 n->updated = n->used = now;
298 n->nud_state = NUD_NONE;
299 n->output = neigh_blackhole;
300 seqlock_init(&n->hh.hh_lock);
301 n->parms = neigh_parms_clone(&tbl->parms);
302 setup_timer(&n->timer, neigh_timer_handler, (unsigned long)n);
303
304 NEIGH_CACHE_STAT_INC(tbl, allocs);
305 n->tbl = tbl;
306 atomic_set(&n->refcnt, 1);
307 n->dead = 1;
308out:
309 return n;
310
311out_entries:
312 atomic_dec(&tbl->entries);
313 goto out;
314}
315
316static struct neigh_hash_table *neigh_hash_alloc(unsigned int shift)
317{
318 size_t size = (1 << shift) * sizeof(struct neighbour *);
319 struct neigh_hash_table *ret;
320 struct neighbour __rcu **buckets;
321
322 ret = kmalloc(sizeof(*ret), GFP_ATOMIC);
323 if (!ret)
324 return NULL;
325 if (size <= PAGE_SIZE)
326 buckets = kzalloc(size, GFP_ATOMIC);
327 else
328 buckets = (struct neighbour __rcu **)
329 __get_free_pages(GFP_ATOMIC | __GFP_ZERO,
330 get_order(size));
331 if (!buckets) {
332 kfree(ret);
333 return NULL;
334 }
335 ret->hash_buckets = buckets;
336 ret->hash_shift = shift;
337 get_random_bytes(&ret->hash_rnd, sizeof(ret->hash_rnd));
338 ret->hash_rnd |= 1;
339 return ret;
340}
341
342static void neigh_hash_free_rcu(struct rcu_head *head)
343{
344 struct neigh_hash_table *nht = container_of(head,
345 struct neigh_hash_table,
346 rcu);
347 size_t size = (1 << nht->hash_shift) * sizeof(struct neighbour *);
348 struct neighbour __rcu **buckets = nht->hash_buckets;
349
350 if (size <= PAGE_SIZE)
351 kfree(buckets);
352 else
353 free_pages((unsigned long)buckets, get_order(size));
354 kfree(nht);
355}
356
357static struct neigh_hash_table *neigh_hash_grow(struct neigh_table *tbl,
358 unsigned long new_shift)
359{
360 unsigned int i, hash;
361 struct neigh_hash_table *new_nht, *old_nht;
362
363 NEIGH_CACHE_STAT_INC(tbl, hash_grows);
364
365 old_nht = rcu_dereference_protected(tbl->nht,
366 lockdep_is_held(&tbl->lock));
367 new_nht = neigh_hash_alloc(new_shift);
368 if (!new_nht)
369 return old_nht;
370
371 for (i = 0; i < (1 << old_nht->hash_shift); i++) {
372 struct neighbour *n, *next;
373
374 for (n = rcu_dereference_protected(old_nht->hash_buckets[i],
375 lockdep_is_held(&tbl->lock));
376 n != NULL;
377 n = next) {
378 hash = tbl->hash(n->primary_key, n->dev,
379 new_nht->hash_rnd);
380
381 hash >>= (32 - new_nht->hash_shift);
382 next = rcu_dereference_protected(n->next,
383 lockdep_is_held(&tbl->lock));
384
385 rcu_assign_pointer(n->next,
386 rcu_dereference_protected(
387 new_nht->hash_buckets[hash],
388 lockdep_is_held(&tbl->lock)));
389 rcu_assign_pointer(new_nht->hash_buckets[hash], n);
390 }
391 }
392
393 rcu_assign_pointer(tbl->nht, new_nht);
394 call_rcu(&old_nht->rcu, neigh_hash_free_rcu);
395 return new_nht;
396}
397
398struct neighbour *neigh_lookup(struct neigh_table *tbl, const void *pkey,
399 struct net_device *dev)
400{
401 struct neighbour *n;
402 int key_len = tbl->key_len;
403 u32 hash_val;
404 struct neigh_hash_table *nht;
405
406 NEIGH_CACHE_STAT_INC(tbl, lookups);
407
408 rcu_read_lock_bh();
409 nht = rcu_dereference_bh(tbl->nht);
410 hash_val = tbl->hash(pkey, dev, nht->hash_rnd) >> (32 - nht->hash_shift);
411
412 for (n = rcu_dereference_bh(nht->hash_buckets[hash_val]);
413 n != NULL;
414 n = rcu_dereference_bh(n->next)) {
415 if (dev == n->dev && !memcmp(n->primary_key, pkey, key_len)) {
416 if (!atomic_inc_not_zero(&n->refcnt))
417 n = NULL;
418 NEIGH_CACHE_STAT_INC(tbl, hits);
419 break;
420 }
421 }
422
423 rcu_read_unlock_bh();
424 return n;
425}
426EXPORT_SYMBOL(neigh_lookup);
427
428struct neighbour *neigh_lookup_nodev(struct neigh_table *tbl, struct net *net,
429 const void *pkey)
430{
431 struct neighbour *n;
432 int key_len = tbl->key_len;
433 u32 hash_val;
434 struct neigh_hash_table *nht;
435
436 NEIGH_CACHE_STAT_INC(tbl, lookups);
437
438 rcu_read_lock_bh();
439 nht = rcu_dereference_bh(tbl->nht);
440 hash_val = tbl->hash(pkey, NULL, nht->hash_rnd) >> (32 - nht->hash_shift);
441
442 for (n = rcu_dereference_bh(nht->hash_buckets[hash_val]);
443 n != NULL;
444 n = rcu_dereference_bh(n->next)) {
445 if (!memcmp(n->primary_key, pkey, key_len) &&
446 net_eq(dev_net(n->dev), net)) {
447 if (!atomic_inc_not_zero(&n->refcnt))
448 n = NULL;
449 NEIGH_CACHE_STAT_INC(tbl, hits);
450 break;
451 }
452 }
453
454 rcu_read_unlock_bh();
455 return n;
456}
457EXPORT_SYMBOL(neigh_lookup_nodev);
458
459struct neighbour *neigh_create(struct neigh_table *tbl, const void *pkey,
460 struct net_device *dev)
461{
462 u32 hash_val;
463 int key_len = tbl->key_len;
464 int error;
465 struct neighbour *n1, *rc, *n = neigh_alloc(tbl);
466 struct neigh_hash_table *nht;
467
468 if (!n) {
469 rc = ERR_PTR(-ENOBUFS);
470 goto out;
471 }
472
473 memcpy(n->primary_key, pkey, key_len);
474 n->dev = dev;
475 dev_hold(dev);
476
477 /* Protocol specific setup. */
478 if (tbl->constructor && (error = tbl->constructor(n)) < 0) {
479 rc = ERR_PTR(error);
480 goto out_neigh_release;
481 }
482
483 /* Device specific setup. */
484 if (n->parms->neigh_setup &&
485 (error = n->parms->neigh_setup(n)) < 0) {
486 rc = ERR_PTR(error);
487 goto out_neigh_release;
488 }
489
490 n->confirmed = jiffies - (n->parms->base_reachable_time << 1);
491
492 write_lock_bh(&tbl->lock);
493 nht = rcu_dereference_protected(tbl->nht,
494 lockdep_is_held(&tbl->lock));
495
496 if (atomic_read(&tbl->entries) > (1 << nht->hash_shift))
497 nht = neigh_hash_grow(tbl, nht->hash_shift + 1);
498
499 hash_val = tbl->hash(pkey, dev, nht->hash_rnd) >> (32 - nht->hash_shift);
500
501 if (n->parms->dead) {
502 rc = ERR_PTR(-EINVAL);
503 goto out_tbl_unlock;
504 }
505
506 for (n1 = rcu_dereference_protected(nht->hash_buckets[hash_val],
507 lockdep_is_held(&tbl->lock));
508 n1 != NULL;
509 n1 = rcu_dereference_protected(n1->next,
510 lockdep_is_held(&tbl->lock))) {
511 if (dev == n1->dev && !memcmp(n1->primary_key, pkey, key_len)) {
512 neigh_hold(n1);
513 rc = n1;
514 goto out_tbl_unlock;
515 }
516 }
517
518 n->dead = 0;
519 neigh_hold(n);
520 rcu_assign_pointer(n->next,
521 rcu_dereference_protected(nht->hash_buckets[hash_val],
522 lockdep_is_held(&tbl->lock)));
523 rcu_assign_pointer(nht->hash_buckets[hash_val], n);
524 write_unlock_bh(&tbl->lock);
525 NEIGH_PRINTK2("neigh %p is created.\n", n);
526 rc = n;
527out:
528 return rc;
529out_tbl_unlock:
530 write_unlock_bh(&tbl->lock);
531out_neigh_release:
532 neigh_release(n);
533 goto out;
534}
535EXPORT_SYMBOL(neigh_create);
536
537static u32 pneigh_hash(const void *pkey, int key_len)
538{
539 u32 hash_val = *(u32 *)(pkey + key_len - 4);
540 hash_val ^= (hash_val >> 16);
541 hash_val ^= hash_val >> 8;
542 hash_val ^= hash_val >> 4;
543 hash_val &= PNEIGH_HASHMASK;
544 return hash_val;
545}
546
547static struct pneigh_entry *__pneigh_lookup_1(struct pneigh_entry *n,
548 struct net *net,
549 const void *pkey,
550 int key_len,
551 struct net_device *dev)
552{
553 while (n) {
554 if (!memcmp(n->key, pkey, key_len) &&
555 net_eq(pneigh_net(n), net) &&
556 (n->dev == dev || !n->dev))
557 return n;
558 n = n->next;
559 }
560 return NULL;
561}
562
563struct pneigh_entry *__pneigh_lookup(struct neigh_table *tbl,
564 struct net *net, const void *pkey, struct net_device *dev)
565{
566 int key_len = tbl->key_len;
567 u32 hash_val = pneigh_hash(pkey, key_len);
568
569 return __pneigh_lookup_1(tbl->phash_buckets[hash_val],
570 net, pkey, key_len, dev);
571}
572EXPORT_SYMBOL_GPL(__pneigh_lookup);
573
574struct pneigh_entry * pneigh_lookup(struct neigh_table *tbl,
575 struct net *net, const void *pkey,
576 struct net_device *dev, int creat)
577{
578 struct pneigh_entry *n;
579 int key_len = tbl->key_len;
580 u32 hash_val = pneigh_hash(pkey, key_len);
581
582 read_lock_bh(&tbl->lock);
583 n = __pneigh_lookup_1(tbl->phash_buckets[hash_val],
584 net, pkey, key_len, dev);
585 read_unlock_bh(&tbl->lock);
586
587 if (n || !creat)
588 goto out;
589
590 ASSERT_RTNL();
591
592 n = kmalloc(sizeof(*n) + key_len, GFP_KERNEL);
593 if (!n)
594 goto out;
595
596 write_pnet(&n->net, hold_net(net));
597 memcpy(n->key, pkey, key_len);
598 n->dev = dev;
599 if (dev)
600 dev_hold(dev);
601
602 if (tbl->pconstructor && tbl->pconstructor(n)) {
603 if (dev)
604 dev_put(dev);
605 release_net(net);
606 kfree(n);
607 n = NULL;
608 goto out;
609 }
610
611 write_lock_bh(&tbl->lock);
612 n->next = tbl->phash_buckets[hash_val];
613 tbl->phash_buckets[hash_val] = n;
614 write_unlock_bh(&tbl->lock);
615out:
616 return n;
617}
618EXPORT_SYMBOL(pneigh_lookup);
619
620
621int pneigh_delete(struct neigh_table *tbl, struct net *net, const void *pkey,
622 struct net_device *dev)
623{
624 struct pneigh_entry *n, **np;
625 int key_len = tbl->key_len;
626 u32 hash_val = pneigh_hash(pkey, key_len);
627
628 write_lock_bh(&tbl->lock);
629 for (np = &tbl->phash_buckets[hash_val]; (n = *np) != NULL;
630 np = &n->next) {
631 if (!memcmp(n->key, pkey, key_len) && n->dev == dev &&
632 net_eq(pneigh_net(n), net)) {
633 *np = n->next;
634 write_unlock_bh(&tbl->lock);
635 if (tbl->pdestructor)
636 tbl->pdestructor(n);
637 if (n->dev)
638 dev_put(n->dev);
639 release_net(pneigh_net(n));
640 kfree(n);
641 return 0;
642 }
643 }
644 write_unlock_bh(&tbl->lock);
645 return -ENOENT;
646}
647
648static int pneigh_ifdown(struct neigh_table *tbl, struct net_device *dev)
649{
650 struct pneigh_entry *n, **np;
651 u32 h;
652
653 for (h = 0; h <= PNEIGH_HASHMASK; h++) {
654 np = &tbl->phash_buckets[h];
655 while ((n = *np) != NULL) {
656 if (!dev || n->dev == dev) {
657 *np = n->next;
658 if (tbl->pdestructor)
659 tbl->pdestructor(n);
660 if (n->dev)
661 dev_put(n->dev);
662 release_net(pneigh_net(n));
663 kfree(n);
664 continue;
665 }
666 np = &n->next;
667 }
668 }
669 return -ENOENT;
670}
671
672static void neigh_parms_destroy(struct neigh_parms *parms);
673
674static inline void neigh_parms_put(struct neigh_parms *parms)
675{
676 if (atomic_dec_and_test(&parms->refcnt))
677 neigh_parms_destroy(parms);
678}
679
680static void neigh_destroy_rcu(struct rcu_head *head)
681{
682 struct neighbour *neigh = container_of(head, struct neighbour, rcu);
683
684 kmem_cache_free(neigh->tbl->kmem_cachep, neigh);
685}
686/*
687 * neighbour must already be out of the table;
688 *
689 */
690void neigh_destroy(struct neighbour *neigh)
691{
692 NEIGH_CACHE_STAT_INC(neigh->tbl, destroys);
693
694 if (!neigh->dead) {
695 printk(KERN_WARNING
696 "Destroying alive neighbour %p\n", neigh);
697 dump_stack();
698 return;
699 }
700
701 if (neigh_del_timer(neigh))
702 printk(KERN_WARNING "Impossible event.\n");
703
704 skb_queue_purge(&neigh->arp_queue);
705
706 dev_put(neigh->dev);
707 neigh_parms_put(neigh->parms);
708
709 NEIGH_PRINTK2("neigh %p is destroyed.\n", neigh);
710
711 atomic_dec(&neigh->tbl->entries);
712 call_rcu(&neigh->rcu, neigh_destroy_rcu);
713}
714EXPORT_SYMBOL(neigh_destroy);
715
716/* Neighbour state is suspicious;
717 disable fast path.
718
719 Called with write_locked neigh.
720 */
721static void neigh_suspect(struct neighbour *neigh)
722{
723 NEIGH_PRINTK2("neigh %p is suspected.\n", neigh);
724
725 neigh->output = neigh->ops->output;
726}
727
728/* Neighbour state is OK;
729 enable fast path.
730
731 Called with write_locked neigh.
732 */
733static void neigh_connect(struct neighbour *neigh)
734{
735 NEIGH_PRINTK2("neigh %p is connected.\n", neigh);
736
737 neigh->output = neigh->ops->connected_output;
738}
739
740static void neigh_periodic_work(struct work_struct *work)
741{
742 struct neigh_table *tbl = container_of(work, struct neigh_table, gc_work.work);
743 struct neighbour *n;
744 struct neighbour __rcu **np;
745 unsigned int i;
746 struct neigh_hash_table *nht;
747
748 NEIGH_CACHE_STAT_INC(tbl, periodic_gc_runs);
749
750 write_lock_bh(&tbl->lock);
751 nht = rcu_dereference_protected(tbl->nht,
752 lockdep_is_held(&tbl->lock));
753
754 /*
755 * periodically recompute ReachableTime from random function
756 */
757
758 if (time_after(jiffies, tbl->last_rand + 300 * HZ)) {
759 struct neigh_parms *p;
760 tbl->last_rand = jiffies;
761 for (p = &tbl->parms; p; p = p->next)
762 p->reachable_time =
763 neigh_rand_reach_time(p->base_reachable_time);
764 }
765
766 for (i = 0 ; i < (1 << nht->hash_shift); i++) {
767 np = &nht->hash_buckets[i];
768
769 while ((n = rcu_dereference_protected(*np,
770 lockdep_is_held(&tbl->lock))) != NULL) {
771 unsigned int state;
772
773 write_lock(&n->lock);
774
775 state = n->nud_state;
776 if (state & (NUD_PERMANENT | NUD_IN_TIMER)) {
777 write_unlock(&n->lock);
778 goto next_elt;
779 }
780
781 if (time_before(n->used, n->confirmed))
782 n->used = n->confirmed;
783
784 if (atomic_read(&n->refcnt) == 1 &&
785 (state == NUD_FAILED ||
786 time_after(jiffies, n->used + n->parms->gc_staletime))) {
787 *np = n->next;
788 n->dead = 1;
789 write_unlock(&n->lock);
790 neigh_cleanup_and_release(n);
791 continue;
792 }
793 write_unlock(&n->lock);
794
795next_elt:
796 np = &n->next;
797 }
798 /*
799 * It's fine to release lock here, even if hash table
800 * grows while we are preempted.
801 */
802 write_unlock_bh(&tbl->lock);
803 cond_resched();
804 write_lock_bh(&tbl->lock);
805 }
806 /* Cycle through all hash buckets every base_reachable_time/2 ticks.
807 * ARP entry timeouts range from 1/2 base_reachable_time to 3/2
808 * base_reachable_time.
809 */
810 schedule_delayed_work(&tbl->gc_work,
811 tbl->parms.base_reachable_time >> 1);
812 write_unlock_bh(&tbl->lock);
813}
814
815static __inline__ int neigh_max_probes(struct neighbour *n)
816{
817 struct neigh_parms *p = n->parms;
818 return (n->nud_state & NUD_PROBE) ?
819 p->ucast_probes :
820 p->ucast_probes + p->app_probes + p->mcast_probes;
821}
822
823static void neigh_invalidate(struct neighbour *neigh)
824 __releases(neigh->lock)
825 __acquires(neigh->lock)
826{
827 struct sk_buff *skb;
828
829 NEIGH_CACHE_STAT_INC(neigh->tbl, res_failed);
830 NEIGH_PRINTK2("neigh %p is failed.\n", neigh);
831 neigh->updated = jiffies;
832
833 /* It is very thin place. report_unreachable is very complicated
834 routine. Particularly, it can hit the same neighbour entry!
835
836 So that, we try to be accurate and avoid dead loop. --ANK
837 */
838 while (neigh->nud_state == NUD_FAILED &&
839 (skb = __skb_dequeue(&neigh->arp_queue)) != NULL) {
840 write_unlock(&neigh->lock);
841 neigh->ops->error_report(neigh, skb);
842 write_lock(&neigh->lock);
843 }
844 skb_queue_purge(&neigh->arp_queue);
845}
846
847/* Called when a timer expires for a neighbour entry. */
848
849static void neigh_timer_handler(unsigned long arg)
850{
851 unsigned long now, next;
852 struct neighbour *neigh = (struct neighbour *)arg;
853 unsigned state;
854 int notify = 0;
855
856 write_lock(&neigh->lock);
857
858 state = neigh->nud_state;
859 now = jiffies;
860 next = now + HZ;
861
862 if (!(state & NUD_IN_TIMER)) {
863#ifndef CONFIG_SMP
864 printk(KERN_WARNING "neigh: timer & !nud_in_timer\n");
865#endif
866 goto out;
867 }
868
869 if (state & NUD_REACHABLE) {
870 if (time_before_eq(now,
871 neigh->confirmed + neigh->parms->reachable_time)) {
872 NEIGH_PRINTK2("neigh %p is still alive.\n", neigh);
873 next = neigh->confirmed + neigh->parms->reachable_time;
874 } else if (time_before_eq(now,
875 neigh->used + neigh->parms->delay_probe_time)) {
876 NEIGH_PRINTK2("neigh %p is delayed.\n", neigh);
877 neigh->nud_state = NUD_DELAY;
878 neigh->updated = jiffies;
879 neigh_suspect(neigh);
880 next = now + neigh->parms->delay_probe_time;
881 } else {
882 NEIGH_PRINTK2("neigh %p is suspected.\n", neigh);
883 neigh->nud_state = NUD_STALE;
884 neigh->updated = jiffies;
885 neigh_suspect(neigh);
886 notify = 1;
887 }
888 } else if (state & NUD_DELAY) {
889 if (time_before_eq(now,
890 neigh->confirmed + neigh->parms->delay_probe_time)) {
891 NEIGH_PRINTK2("neigh %p is now reachable.\n", neigh);
892 neigh->nud_state = NUD_REACHABLE;
893 neigh->updated = jiffies;
894 neigh_connect(neigh);
895 notify = 1;
896 next = neigh->confirmed + neigh->parms->reachable_time;
897 } else {
898 NEIGH_PRINTK2("neigh %p is probed.\n", neigh);
899 neigh->nud_state = NUD_PROBE;
900 neigh->updated = jiffies;
901 atomic_set(&neigh->probes, 0);
902 next = now + neigh->parms->retrans_time;
903 }
904 } else {
905 /* NUD_PROBE|NUD_INCOMPLETE */
906 next = now + neigh->parms->retrans_time;
907 }
908
909 if ((neigh->nud_state & (NUD_INCOMPLETE | NUD_PROBE)) &&
910 atomic_read(&neigh->probes) >= neigh_max_probes(neigh)) {
911 neigh->nud_state = NUD_FAILED;
912 notify = 1;
913 neigh_invalidate(neigh);
914 }
915
916 if (neigh->nud_state & NUD_IN_TIMER) {
917 if (time_before(next, jiffies + HZ/2))
918 next = jiffies + HZ/2;
919 if (!mod_timer(&neigh->timer, next))
920 neigh_hold(neigh);
921 }
922 if (neigh->nud_state & (NUD_INCOMPLETE | NUD_PROBE)) {
923 struct sk_buff *skb = skb_peek(&neigh->arp_queue);
924 /* keep skb alive even if arp_queue overflows */
925 if (skb)
926 skb = skb_copy(skb, GFP_ATOMIC);
927 write_unlock(&neigh->lock);
928 neigh->ops->solicit(neigh, skb);
929 atomic_inc(&neigh->probes);
930 kfree_skb(skb);
931 } else {
932out:
933 write_unlock(&neigh->lock);
934 }
935
936 if (notify)
937 neigh_update_notify(neigh);
938
939 neigh_release(neigh);
940}
941
942int __neigh_event_send(struct neighbour *neigh, struct sk_buff *skb)
943{
944 int rc;
945 unsigned long now;
946
947 write_lock_bh(&neigh->lock);
948
949 rc = 0;
950 if (neigh->nud_state & (NUD_CONNECTED | NUD_DELAY | NUD_PROBE))
951 goto out_unlock_bh;
952
953 now = jiffies;
954
955 if (!(neigh->nud_state & (NUD_STALE | NUD_INCOMPLETE))) {
956 if (neigh->parms->mcast_probes + neigh->parms->app_probes) {
957 atomic_set(&neigh->probes, neigh->parms->ucast_probes);
958 neigh->nud_state = NUD_INCOMPLETE;
959 neigh->updated = jiffies;
960 neigh_add_timer(neigh, now + 1);
961 } else {
962 neigh->nud_state = NUD_FAILED;
963 neigh->updated = jiffies;
964 write_unlock_bh(&neigh->lock);
965
966 kfree_skb(skb);
967 return 1;
968 }
969 } else if (neigh->nud_state & NUD_STALE) {
970 NEIGH_PRINTK2("neigh %p is delayed.\n", neigh);
971 neigh->nud_state = NUD_DELAY;
972 neigh->updated = jiffies;
973 neigh_add_timer(neigh,
974 jiffies + neigh->parms->delay_probe_time);
975 }
976
977 if (neigh->nud_state == NUD_INCOMPLETE) {
978 if (skb) {
979 if (skb_queue_len(&neigh->arp_queue) >=
980 neigh->parms->queue_len) {
981 struct sk_buff *buff;
982 buff = __skb_dequeue(&neigh->arp_queue);
983 kfree_skb(buff);
984 NEIGH_CACHE_STAT_INC(neigh->tbl, unres_discards);
985 }
986 skb_dst_force(skb);
987 __skb_queue_tail(&neigh->arp_queue, skb);
988 }
989 rc = 1;
990 }
991out_unlock_bh:
992 write_unlock_bh(&neigh->lock);
993 return rc;
994}
995EXPORT_SYMBOL(__neigh_event_send);
996
997static void neigh_update_hhs(struct neighbour *neigh)
998{
999 struct hh_cache *hh;
1000 void (*update)(struct hh_cache*, const struct net_device*, const unsigned char *)
1001 = NULL;
1002
1003 if (neigh->dev->header_ops)
1004 update = neigh->dev->header_ops->cache_update;
1005
1006 if (update) {
1007 hh = &neigh->hh;
1008 if (hh->hh_len) {
1009 write_seqlock_bh(&hh->hh_lock);
1010 update(hh, neigh->dev, neigh->ha);
1011 write_sequnlock_bh(&hh->hh_lock);
1012 }
1013 }
1014}
1015
1016
1017
1018/* Generic update routine.
1019 -- lladdr is new lladdr or NULL, if it is not supplied.
1020 -- new is new state.
1021 -- flags
1022 NEIGH_UPDATE_F_OVERRIDE allows to override existing lladdr,
1023 if it is different.
1024 NEIGH_UPDATE_F_WEAK_OVERRIDE will suspect existing "connected"
1025 lladdr instead of overriding it
1026 if it is different.
1027 It also allows to retain current state
1028 if lladdr is unchanged.
1029 NEIGH_UPDATE_F_ADMIN means that the change is administrative.
1030
1031 NEIGH_UPDATE_F_OVERRIDE_ISROUTER allows to override existing
1032 NTF_ROUTER flag.
1033 NEIGH_UPDATE_F_ISROUTER indicates if the neighbour is known as
1034 a router.
1035
1036 Caller MUST hold reference count on the entry.
1037 */
1038
1039int neigh_update(struct neighbour *neigh, const u8 *lladdr, u8 new,
1040 u32 flags)
1041{
1042 u8 old;
1043 int err;
1044 int notify = 0;
1045 struct net_device *dev;
1046 int update_isrouter = 0;
1047
1048 write_lock_bh(&neigh->lock);
1049
1050 dev = neigh->dev;
1051 old = neigh->nud_state;
1052 err = -EPERM;
1053
1054 if (!(flags & NEIGH_UPDATE_F_ADMIN) &&
1055 (old & (NUD_NOARP | NUD_PERMANENT)))
1056 goto out;
1057
1058 if (!(new & NUD_VALID)) {
1059 neigh_del_timer(neigh);
1060 if (old & NUD_CONNECTED)
1061 neigh_suspect(neigh);
1062 neigh->nud_state = new;
1063 err = 0;
1064 notify = old & NUD_VALID;
1065 if ((old & (NUD_INCOMPLETE | NUD_PROBE)) &&
1066 (new & NUD_FAILED)) {
1067 neigh_invalidate(neigh);
1068 notify = 1;
1069 }
1070 goto out;
1071 }
1072
1073 /* Compare new lladdr with cached one */
1074 if (!dev->addr_len) {
1075 /* First case: device needs no address. */
1076 lladdr = neigh->ha;
1077 } else if (lladdr) {
1078 /* The second case: if something is already cached
1079 and a new address is proposed:
1080 - compare new & old
1081 - if they are different, check override flag
1082 */
1083 if ((old & NUD_VALID) &&
1084 !memcmp(lladdr, neigh->ha, dev->addr_len))
1085 lladdr = neigh->ha;
1086 } else {
1087 /* No address is supplied; if we know something,
1088 use it, otherwise discard the request.
1089 */
1090 err = -EINVAL;
1091 if (!(old & NUD_VALID))
1092 goto out;
1093 lladdr = neigh->ha;
1094 }
1095
1096 if (new & NUD_CONNECTED)
1097 neigh->confirmed = jiffies;
1098 neigh->updated = jiffies;
1099
1100 /* If entry was valid and address is not changed,
1101 do not change entry state, if new one is STALE.
1102 */
1103 err = 0;
1104 update_isrouter = flags & NEIGH_UPDATE_F_OVERRIDE_ISROUTER;
1105 if (old & NUD_VALID) {
1106 if (lladdr != neigh->ha && !(flags & NEIGH_UPDATE_F_OVERRIDE)) {
1107 update_isrouter = 0;
1108 if ((flags & NEIGH_UPDATE_F_WEAK_OVERRIDE) &&
1109 (old & NUD_CONNECTED)) {
1110 lladdr = neigh->ha;
1111 new = NUD_STALE;
1112 } else
1113 goto out;
1114 } else {
1115 if (lladdr == neigh->ha && new == NUD_STALE &&
1116 ((flags & NEIGH_UPDATE_F_WEAK_OVERRIDE) ||
1117 (old & NUD_CONNECTED))
1118 )
1119 new = old;
1120 }
1121 }
1122
1123 if (new != old) {
1124 neigh_del_timer(neigh);
1125 if (new & NUD_IN_TIMER)
1126 neigh_add_timer(neigh, (jiffies +
1127 ((new & NUD_REACHABLE) ?
1128 neigh->parms->reachable_time :
1129 0)));
1130 neigh->nud_state = new;
1131 }
1132
1133 if (lladdr != neigh->ha) {
1134 write_seqlock(&neigh->ha_lock);
1135 memcpy(&neigh->ha, lladdr, dev->addr_len);
1136 write_sequnlock(&neigh->ha_lock);
1137 neigh_update_hhs(neigh);
1138 if (!(new & NUD_CONNECTED))
1139 neigh->confirmed = jiffies -
1140 (neigh->parms->base_reachable_time << 1);
1141 notify = 1;
1142 }
1143 if (new == old)
1144 goto out;
1145 if (new & NUD_CONNECTED)
1146 neigh_connect(neigh);
1147 else
1148 neigh_suspect(neigh);
1149 if (!(old & NUD_VALID)) {
1150 struct sk_buff *skb;
1151
1152 /* Again: avoid dead loop if something went wrong */
1153
1154 while (neigh->nud_state & NUD_VALID &&
1155 (skb = __skb_dequeue(&neigh->arp_queue)) != NULL) {
1156 struct dst_entry *dst = skb_dst(skb);
1157 struct neighbour *n2, *n1 = neigh;
1158 write_unlock_bh(&neigh->lock);
1159 /* On shaper/eql skb->dst->neighbour != neigh :( */
1160 if (dst && (n2 = dst_get_neighbour(dst)) != NULL)
1161 n1 = n2;
1162 n1->output(n1, skb);
1163 write_lock_bh(&neigh->lock);
1164 }
1165 skb_queue_purge(&neigh->arp_queue);
1166 }
1167out:
1168 if (update_isrouter) {
1169 neigh->flags = (flags & NEIGH_UPDATE_F_ISROUTER) ?
1170 (neigh->flags | NTF_ROUTER) :
1171 (neigh->flags & ~NTF_ROUTER);
1172 }
1173 write_unlock_bh(&neigh->lock);
1174
1175 if (notify)
1176 neigh_update_notify(neigh);
1177
1178 return err;
1179}
1180EXPORT_SYMBOL(neigh_update);
1181
1182struct neighbour *neigh_event_ns(struct neigh_table *tbl,
1183 u8 *lladdr, void *saddr,
1184 struct net_device *dev)
1185{
1186 struct neighbour *neigh = __neigh_lookup(tbl, saddr, dev,
1187 lladdr || !dev->addr_len);
1188 if (neigh)
1189 neigh_update(neigh, lladdr, NUD_STALE,
1190 NEIGH_UPDATE_F_OVERRIDE);
1191 return neigh;
1192}
1193EXPORT_SYMBOL(neigh_event_ns);
1194
1195/* called with read_lock_bh(&n->lock); */
1196static void neigh_hh_init(struct neighbour *n, struct dst_entry *dst)
1197{
1198 struct net_device *dev = dst->dev;
1199 __be16 prot = dst->ops->protocol;
1200 struct hh_cache *hh = &n->hh;
1201
1202 write_lock_bh(&n->lock);
1203
1204 /* Only one thread can come in here and initialize the
1205 * hh_cache entry.
1206 */
1207 if (!hh->hh_len)
1208 dev->header_ops->cache(n, hh, prot);
1209
1210 write_unlock_bh(&n->lock);
1211}
1212
1213/* This function can be used in contexts, where only old dev_queue_xmit
1214 * worked, f.e. if you want to override normal output path (eql, shaper),
1215 * but resolution is not made yet.
1216 */
1217
1218int neigh_compat_output(struct neighbour *neigh, struct sk_buff *skb)
1219{
1220 struct net_device *dev = skb->dev;
1221
1222 __skb_pull(skb, skb_network_offset(skb));
1223
1224 if (dev_hard_header(skb, dev, ntohs(skb->protocol), NULL, NULL,
1225 skb->len) < 0 &&
1226 dev->header_ops->rebuild(skb))
1227 return 0;
1228
1229 return dev_queue_xmit(skb);
1230}
1231EXPORT_SYMBOL(neigh_compat_output);
1232
1233/* Slow and careful. */
1234
1235int neigh_resolve_output(struct neighbour *neigh, struct sk_buff *skb)
1236{
1237 struct dst_entry *dst = skb_dst(skb);
1238 int rc = 0;
1239
1240 if (!dst)
1241 goto discard;
1242
1243 __skb_pull(skb, skb_network_offset(skb));
1244
1245 if (!neigh_event_send(neigh, skb)) {
1246 int err;
1247 struct net_device *dev = neigh->dev;
1248 unsigned int seq;
1249
1250 if (dev->header_ops->cache && !neigh->hh.hh_len)
1251 neigh_hh_init(neigh, dst);
1252
1253 do {
1254 seq = read_seqbegin(&neigh->ha_lock);
1255 err = dev_hard_header(skb, dev, ntohs(skb->protocol),
1256 neigh->ha, NULL, skb->len);
1257 } while (read_seqretry(&neigh->ha_lock, seq));
1258
1259 if (err >= 0)
1260 rc = dev_queue_xmit(skb);
1261 else
1262 goto out_kfree_skb;
1263 }
1264out:
1265 return rc;
1266discard:
1267 NEIGH_PRINTK1("neigh_resolve_output: dst=%p neigh=%p\n",
1268 dst, neigh);
1269out_kfree_skb:
1270 rc = -EINVAL;
1271 kfree_skb(skb);
1272 goto out;
1273}
1274EXPORT_SYMBOL(neigh_resolve_output);
1275
1276/* As fast as possible without hh cache */
1277
1278int neigh_connected_output(struct neighbour *neigh, struct sk_buff *skb)
1279{
1280 struct net_device *dev = neigh->dev;
1281 unsigned int seq;
1282 int err;
1283
1284 __skb_pull(skb, skb_network_offset(skb));
1285
1286 do {
1287 seq = read_seqbegin(&neigh->ha_lock);
1288 err = dev_hard_header(skb, dev, ntohs(skb->protocol),
1289 neigh->ha, NULL, skb->len);
1290 } while (read_seqretry(&neigh->ha_lock, seq));
1291
1292 if (err >= 0)
1293 err = dev_queue_xmit(skb);
1294 else {
1295 err = -EINVAL;
1296 kfree_skb(skb);
1297 }
1298 return err;
1299}
1300EXPORT_SYMBOL(neigh_connected_output);
1301
1302int neigh_direct_output(struct neighbour *neigh, struct sk_buff *skb)
1303{
1304 return dev_queue_xmit(skb);
1305}
1306EXPORT_SYMBOL(neigh_direct_output);
1307
1308static void neigh_proxy_process(unsigned long arg)
1309{
1310 struct neigh_table *tbl = (struct neigh_table *)arg;
1311 long sched_next = 0;
1312 unsigned long now = jiffies;
1313 struct sk_buff *skb, *n;
1314
1315 spin_lock(&tbl->proxy_queue.lock);
1316
1317 skb_queue_walk_safe(&tbl->proxy_queue, skb, n) {
1318 long tdif = NEIGH_CB(skb)->sched_next - now;
1319
1320 if (tdif <= 0) {
1321 struct net_device *dev = skb->dev;
1322
1323 __skb_unlink(skb, &tbl->proxy_queue);
1324 if (tbl->proxy_redo && netif_running(dev)) {
1325 rcu_read_lock();
1326 tbl->proxy_redo(skb);
1327 rcu_read_unlock();
1328 } else {
1329 kfree_skb(skb);
1330 }
1331
1332 dev_put(dev);
1333 } else if (!sched_next || tdif < sched_next)
1334 sched_next = tdif;
1335 }
1336 del_timer(&tbl->proxy_timer);
1337 if (sched_next)
1338 mod_timer(&tbl->proxy_timer, jiffies + sched_next);
1339 spin_unlock(&tbl->proxy_queue.lock);
1340}
1341
1342void pneigh_enqueue(struct neigh_table *tbl, struct neigh_parms *p,
1343 struct sk_buff *skb)
1344{
1345 unsigned long now = jiffies;
1346 unsigned long sched_next = now + (net_random() % p->proxy_delay);
1347
1348 if (tbl->proxy_queue.qlen > p->proxy_qlen) {
1349 kfree_skb(skb);
1350 return;
1351 }
1352
1353 NEIGH_CB(skb)->sched_next = sched_next;
1354 NEIGH_CB(skb)->flags |= LOCALLY_ENQUEUED;
1355
1356 spin_lock(&tbl->proxy_queue.lock);
1357 if (del_timer(&tbl->proxy_timer)) {
1358 if (time_before(tbl->proxy_timer.expires, sched_next))
1359 sched_next = tbl->proxy_timer.expires;
1360 }
1361 skb_dst_drop(skb);
1362 dev_hold(skb->dev);
1363 __skb_queue_tail(&tbl->proxy_queue, skb);
1364 mod_timer(&tbl->proxy_timer, sched_next);
1365 spin_unlock(&tbl->proxy_queue.lock);
1366}
1367EXPORT_SYMBOL(pneigh_enqueue);
1368
1369static inline struct neigh_parms *lookup_neigh_parms(struct neigh_table *tbl,
1370 struct net *net, int ifindex)
1371{
1372 struct neigh_parms *p;
1373
1374 for (p = &tbl->parms; p; p = p->next) {
1375 if ((p->dev && p->dev->ifindex == ifindex && net_eq(neigh_parms_net(p), net)) ||
1376 (!p->dev && !ifindex))
1377 return p;
1378 }
1379
1380 return NULL;
1381}
1382
1383struct neigh_parms *neigh_parms_alloc(struct net_device *dev,
1384 struct neigh_table *tbl)
1385{
1386 struct neigh_parms *p, *ref;
1387 struct net *net = dev_net(dev);
1388 const struct net_device_ops *ops = dev->netdev_ops;
1389
1390 ref = lookup_neigh_parms(tbl, net, 0);
1391 if (!ref)
1392 return NULL;
1393
1394 p = kmemdup(ref, sizeof(*p), GFP_KERNEL);
1395 if (p) {
1396 p->tbl = tbl;
1397 atomic_set(&p->refcnt, 1);
1398 p->reachable_time =
1399 neigh_rand_reach_time(p->base_reachable_time);
1400
1401 if (ops->ndo_neigh_setup && ops->ndo_neigh_setup(dev, p)) {
1402 kfree(p);
1403 return NULL;
1404 }
1405
1406 dev_hold(dev);
1407 p->dev = dev;
1408 write_pnet(&p->net, hold_net(net));
1409 p->sysctl_table = NULL;
1410 write_lock_bh(&tbl->lock);
1411 p->next = tbl->parms.next;
1412 tbl->parms.next = p;
1413 write_unlock_bh(&tbl->lock);
1414 }
1415 return p;
1416}
1417EXPORT_SYMBOL(neigh_parms_alloc);
1418
1419static void neigh_rcu_free_parms(struct rcu_head *head)
1420{
1421 struct neigh_parms *parms =
1422 container_of(head, struct neigh_parms, rcu_head);
1423
1424 neigh_parms_put(parms);
1425}
1426
1427void neigh_parms_release(struct neigh_table *tbl, struct neigh_parms *parms)
1428{
1429 struct neigh_parms **p;
1430
1431 if (!parms || parms == &tbl->parms)
1432 return;
1433 write_lock_bh(&tbl->lock);
1434 for (p = &tbl->parms.next; *p; p = &(*p)->next) {
1435 if (*p == parms) {
1436 *p = parms->next;
1437 parms->dead = 1;
1438 write_unlock_bh(&tbl->lock);
1439 if (parms->dev)
1440 dev_put(parms->dev);
1441 call_rcu(&parms->rcu_head, neigh_rcu_free_parms);
1442 return;
1443 }
1444 }
1445 write_unlock_bh(&tbl->lock);
1446 NEIGH_PRINTK1("neigh_parms_release: not found\n");
1447}
1448EXPORT_SYMBOL(neigh_parms_release);
1449
1450static void neigh_parms_destroy(struct neigh_parms *parms)
1451{
1452 release_net(neigh_parms_net(parms));
1453 kfree(parms);
1454}
1455
1456static struct lock_class_key neigh_table_proxy_queue_class;
1457
1458void neigh_table_init_no_netlink(struct neigh_table *tbl)
1459{
1460 unsigned long now = jiffies;
1461 unsigned long phsize;
1462
1463 write_pnet(&tbl->parms.net, &init_net);
1464 atomic_set(&tbl->parms.refcnt, 1);
1465 tbl->parms.reachable_time =
1466 neigh_rand_reach_time(tbl->parms.base_reachable_time);
1467
1468 if (!tbl->kmem_cachep)
1469 tbl->kmem_cachep =
1470 kmem_cache_create(tbl->id, tbl->entry_size, 0,
1471 SLAB_HWCACHE_ALIGN|SLAB_PANIC,
1472 NULL);
1473 tbl->stats = alloc_percpu(struct neigh_statistics);
1474 if (!tbl->stats)
1475 panic("cannot create neighbour cache statistics");
1476
1477#ifdef CONFIG_PROC_FS
1478 if (!proc_create_data(tbl->id, 0, init_net.proc_net_stat,
1479 &neigh_stat_seq_fops, tbl))
1480 panic("cannot create neighbour proc dir entry");
1481#endif
1482
1483 RCU_INIT_POINTER(tbl->nht, neigh_hash_alloc(3));
1484
1485 phsize = (PNEIGH_HASHMASK + 1) * sizeof(struct pneigh_entry *);
1486 tbl->phash_buckets = kzalloc(phsize, GFP_KERNEL);
1487
1488 if (!tbl->nht || !tbl->phash_buckets)
1489 panic("cannot allocate neighbour cache hashes");
1490
1491 rwlock_init(&tbl->lock);
1492 INIT_DELAYED_WORK_DEFERRABLE(&tbl->gc_work, neigh_periodic_work);
1493 schedule_delayed_work(&tbl->gc_work, tbl->parms.reachable_time);
1494 setup_timer(&tbl->proxy_timer, neigh_proxy_process, (unsigned long)tbl);
1495 skb_queue_head_init_class(&tbl->proxy_queue,
1496 &neigh_table_proxy_queue_class);
1497
1498 tbl->last_flush = now;
1499 tbl->last_rand = now + tbl->parms.reachable_time * 20;
1500}
1501EXPORT_SYMBOL(neigh_table_init_no_netlink);
1502
1503void neigh_table_init(struct neigh_table *tbl)
1504{
1505 struct neigh_table *tmp;
1506
1507 neigh_table_init_no_netlink(tbl);
1508 write_lock(&neigh_tbl_lock);
1509 for (tmp = neigh_tables; tmp; tmp = tmp->next) {
1510 if (tmp->family == tbl->family)
1511 break;
1512 }
1513 tbl->next = neigh_tables;
1514 neigh_tables = tbl;
1515 write_unlock(&neigh_tbl_lock);
1516
1517 if (unlikely(tmp)) {
1518 printk(KERN_ERR "NEIGH: Registering multiple tables for "
1519 "family %d\n", tbl->family);
1520 dump_stack();
1521 }
1522}
1523EXPORT_SYMBOL(neigh_table_init);
1524
1525int neigh_table_clear(struct neigh_table *tbl)
1526{
1527 struct neigh_table **tp;
1528
1529 /* It is not clean... Fix it to unload IPv6 module safely */
1530 cancel_delayed_work_sync(&tbl->gc_work);
1531 del_timer_sync(&tbl->proxy_timer);
1532 pneigh_queue_purge(&tbl->proxy_queue);
1533 neigh_ifdown(tbl, NULL);
1534 if (atomic_read(&tbl->entries))
1535 printk(KERN_CRIT "neighbour leakage\n");
1536 write_lock(&neigh_tbl_lock);
1537 for (tp = &neigh_tables; *tp; tp = &(*tp)->next) {
1538 if (*tp == tbl) {
1539 *tp = tbl->next;
1540 break;
1541 }
1542 }
1543 write_unlock(&neigh_tbl_lock);
1544
1545 call_rcu(&rcu_dereference_protected(tbl->nht, 1)->rcu,
1546 neigh_hash_free_rcu);
1547 tbl->nht = NULL;
1548
1549 kfree(tbl->phash_buckets);
1550 tbl->phash_buckets = NULL;
1551
1552 remove_proc_entry(tbl->id, init_net.proc_net_stat);
1553
1554 free_percpu(tbl->stats);
1555 tbl->stats = NULL;
1556
1557 kmem_cache_destroy(tbl->kmem_cachep);
1558 tbl->kmem_cachep = NULL;
1559
1560 return 0;
1561}
1562EXPORT_SYMBOL(neigh_table_clear);
1563
1564static int neigh_delete(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg)
1565{
1566 struct net *net = sock_net(skb->sk);
1567 struct ndmsg *ndm;
1568 struct nlattr *dst_attr;
1569 struct neigh_table *tbl;
1570 struct net_device *dev = NULL;
1571 int err = -EINVAL;
1572
1573 ASSERT_RTNL();
1574 if (nlmsg_len(nlh) < sizeof(*ndm))
1575 goto out;
1576
1577 dst_attr = nlmsg_find_attr(nlh, sizeof(*ndm), NDA_DST);
1578 if (dst_attr == NULL)
1579 goto out;
1580
1581 ndm = nlmsg_data(nlh);
1582 if (ndm->ndm_ifindex) {
1583 dev = __dev_get_by_index(net, ndm->ndm_ifindex);
1584 if (dev == NULL) {
1585 err = -ENODEV;
1586 goto out;
1587 }
1588 }
1589
1590 read_lock(&neigh_tbl_lock);
1591 for (tbl = neigh_tables; tbl; tbl = tbl->next) {
1592 struct neighbour *neigh;
1593
1594 if (tbl->family != ndm->ndm_family)
1595 continue;
1596 read_unlock(&neigh_tbl_lock);
1597
1598 if (nla_len(dst_attr) < tbl->key_len)
1599 goto out;
1600
1601 if (ndm->ndm_flags & NTF_PROXY) {
1602 err = pneigh_delete(tbl, net, nla_data(dst_attr), dev);
1603 goto out;
1604 }
1605
1606 if (dev == NULL)
1607 goto out;
1608
1609 neigh = neigh_lookup(tbl, nla_data(dst_attr), dev);
1610 if (neigh == NULL) {
1611 err = -ENOENT;
1612 goto out;
1613 }
1614
1615 err = neigh_update(neigh, NULL, NUD_FAILED,
1616 NEIGH_UPDATE_F_OVERRIDE |
1617 NEIGH_UPDATE_F_ADMIN);
1618 neigh_release(neigh);
1619 goto out;
1620 }
1621 read_unlock(&neigh_tbl_lock);
1622 err = -EAFNOSUPPORT;
1623
1624out:
1625 return err;
1626}
1627
1628static int neigh_add(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg)
1629{
1630 struct net *net = sock_net(skb->sk);
1631 struct ndmsg *ndm;
1632 struct nlattr *tb[NDA_MAX+1];
1633 struct neigh_table *tbl;
1634 struct net_device *dev = NULL;
1635 int err;
1636
1637 ASSERT_RTNL();
1638 err = nlmsg_parse(nlh, sizeof(*ndm), tb, NDA_MAX, NULL);
1639 if (err < 0)
1640 goto out;
1641
1642 err = -EINVAL;
1643 if (tb[NDA_DST] == NULL)
1644 goto out;
1645
1646 ndm = nlmsg_data(nlh);
1647 if (ndm->ndm_ifindex) {
1648 dev = __dev_get_by_index(net, ndm->ndm_ifindex);
1649 if (dev == NULL) {
1650 err = -ENODEV;
1651 goto out;
1652 }
1653
1654 if (tb[NDA_LLADDR] && nla_len(tb[NDA_LLADDR]) < dev->addr_len)
1655 goto out;
1656 }
1657
1658 read_lock(&neigh_tbl_lock);
1659 for (tbl = neigh_tables; tbl; tbl = tbl->next) {
1660 int flags = NEIGH_UPDATE_F_ADMIN | NEIGH_UPDATE_F_OVERRIDE;
1661 struct neighbour *neigh;
1662 void *dst, *lladdr;
1663
1664 if (tbl->family != ndm->ndm_family)
1665 continue;
1666 read_unlock(&neigh_tbl_lock);
1667
1668 if (nla_len(tb[NDA_DST]) < tbl->key_len)
1669 goto out;
1670 dst = nla_data(tb[NDA_DST]);
1671 lladdr = tb[NDA_LLADDR] ? nla_data(tb[NDA_LLADDR]) : NULL;
1672
1673 if (ndm->ndm_flags & NTF_PROXY) {
1674 struct pneigh_entry *pn;
1675
1676 err = -ENOBUFS;
1677 pn = pneigh_lookup(tbl, net, dst, dev, 1);
1678 if (pn) {
1679 pn->flags = ndm->ndm_flags;
1680 err = 0;
1681 }
1682 goto out;
1683 }
1684
1685 if (dev == NULL)
1686 goto out;
1687
1688 neigh = neigh_lookup(tbl, dst, dev);
1689 if (neigh == NULL) {
1690 if (!(nlh->nlmsg_flags & NLM_F_CREATE)) {
1691 err = -ENOENT;
1692 goto out;
1693 }
1694
1695 neigh = __neigh_lookup_errno(tbl, dst, dev);
1696 if (IS_ERR(neigh)) {
1697 err = PTR_ERR(neigh);
1698 goto out;
1699 }
1700 } else {
1701 if (nlh->nlmsg_flags & NLM_F_EXCL) {
1702 err = -EEXIST;
1703 neigh_release(neigh);
1704 goto out;
1705 }
1706
1707 if (!(nlh->nlmsg_flags & NLM_F_REPLACE))
1708 flags &= ~NEIGH_UPDATE_F_OVERRIDE;
1709 }
1710
1711 if (ndm->ndm_flags & NTF_USE) {
1712 neigh_event_send(neigh, NULL);
1713 err = 0;
1714 } else
1715 err = neigh_update(neigh, lladdr, ndm->ndm_state, flags);
1716 neigh_release(neigh);
1717 goto out;
1718 }
1719
1720 read_unlock(&neigh_tbl_lock);
1721 err = -EAFNOSUPPORT;
1722out:
1723 return err;
1724}
1725
1726static int neightbl_fill_parms(struct sk_buff *skb, struct neigh_parms *parms)
1727{
1728 struct nlattr *nest;
1729
1730 nest = nla_nest_start(skb, NDTA_PARMS);
1731 if (nest == NULL)
1732 return -ENOBUFS;
1733
1734 if (parms->dev)
1735 NLA_PUT_U32(skb, NDTPA_IFINDEX, parms->dev->ifindex);
1736
1737 NLA_PUT_U32(skb, NDTPA_REFCNT, atomic_read(&parms->refcnt));
1738 NLA_PUT_U32(skb, NDTPA_QUEUE_LEN, parms->queue_len);
1739 NLA_PUT_U32(skb, NDTPA_PROXY_QLEN, parms->proxy_qlen);
1740 NLA_PUT_U32(skb, NDTPA_APP_PROBES, parms->app_probes);
1741 NLA_PUT_U32(skb, NDTPA_UCAST_PROBES, parms->ucast_probes);
1742 NLA_PUT_U32(skb, NDTPA_MCAST_PROBES, parms->mcast_probes);
1743 NLA_PUT_MSECS(skb, NDTPA_REACHABLE_TIME, parms->reachable_time);
1744 NLA_PUT_MSECS(skb, NDTPA_BASE_REACHABLE_TIME,
1745 parms->base_reachable_time);
1746 NLA_PUT_MSECS(skb, NDTPA_GC_STALETIME, parms->gc_staletime);
1747 NLA_PUT_MSECS(skb, NDTPA_DELAY_PROBE_TIME, parms->delay_probe_time);
1748 NLA_PUT_MSECS(skb, NDTPA_RETRANS_TIME, parms->retrans_time);
1749 NLA_PUT_MSECS(skb, NDTPA_ANYCAST_DELAY, parms->anycast_delay);
1750 NLA_PUT_MSECS(skb, NDTPA_PROXY_DELAY, parms->proxy_delay);
1751 NLA_PUT_MSECS(skb, NDTPA_LOCKTIME, parms->locktime);
1752
1753 return nla_nest_end(skb, nest);
1754
1755nla_put_failure:
1756 nla_nest_cancel(skb, nest);
1757 return -EMSGSIZE;
1758}
1759
1760static int neightbl_fill_info(struct sk_buff *skb, struct neigh_table *tbl,
1761 u32 pid, u32 seq, int type, int flags)
1762{
1763 struct nlmsghdr *nlh;
1764 struct ndtmsg *ndtmsg;
1765
1766 nlh = nlmsg_put(skb, pid, seq, type, sizeof(*ndtmsg), flags);
1767 if (nlh == NULL)
1768 return -EMSGSIZE;
1769
1770 ndtmsg = nlmsg_data(nlh);
1771
1772 read_lock_bh(&tbl->lock);
1773 ndtmsg->ndtm_family = tbl->family;
1774 ndtmsg->ndtm_pad1 = 0;
1775 ndtmsg->ndtm_pad2 = 0;
1776
1777 NLA_PUT_STRING(skb, NDTA_NAME, tbl->id);
1778 NLA_PUT_MSECS(skb, NDTA_GC_INTERVAL, tbl->gc_interval);
1779 NLA_PUT_U32(skb, NDTA_THRESH1, tbl->gc_thresh1);
1780 NLA_PUT_U32(skb, NDTA_THRESH2, tbl->gc_thresh2);
1781 NLA_PUT_U32(skb, NDTA_THRESH3, tbl->gc_thresh3);
1782
1783 {
1784 unsigned long now = jiffies;
1785 unsigned int flush_delta = now - tbl->last_flush;
1786 unsigned int rand_delta = now - tbl->last_rand;
1787 struct neigh_hash_table *nht;
1788 struct ndt_config ndc = {
1789 .ndtc_key_len = tbl->key_len,
1790 .ndtc_entry_size = tbl->entry_size,
1791 .ndtc_entries = atomic_read(&tbl->entries),
1792 .ndtc_last_flush = jiffies_to_msecs(flush_delta),
1793 .ndtc_last_rand = jiffies_to_msecs(rand_delta),
1794 .ndtc_proxy_qlen = tbl->proxy_queue.qlen,
1795 };
1796
1797 rcu_read_lock_bh();
1798 nht = rcu_dereference_bh(tbl->nht);
1799 ndc.ndtc_hash_rnd = nht->hash_rnd;
1800 ndc.ndtc_hash_mask = ((1 << nht->hash_shift) - 1);
1801 rcu_read_unlock_bh();
1802
1803 NLA_PUT(skb, NDTA_CONFIG, sizeof(ndc), &ndc);
1804 }
1805
1806 {
1807 int cpu;
1808 struct ndt_stats ndst;
1809
1810 memset(&ndst, 0, sizeof(ndst));
1811
1812 for_each_possible_cpu(cpu) {
1813 struct neigh_statistics *st;
1814
1815 st = per_cpu_ptr(tbl->stats, cpu);
1816 ndst.ndts_allocs += st->allocs;
1817 ndst.ndts_destroys += st->destroys;
1818 ndst.ndts_hash_grows += st->hash_grows;
1819 ndst.ndts_res_failed += st->res_failed;
1820 ndst.ndts_lookups += st->lookups;
1821 ndst.ndts_hits += st->hits;
1822 ndst.ndts_rcv_probes_mcast += st->rcv_probes_mcast;
1823 ndst.ndts_rcv_probes_ucast += st->rcv_probes_ucast;
1824 ndst.ndts_periodic_gc_runs += st->periodic_gc_runs;
1825 ndst.ndts_forced_gc_runs += st->forced_gc_runs;
1826 }
1827
1828 NLA_PUT(skb, NDTA_STATS, sizeof(ndst), &ndst);
1829 }
1830
1831 BUG_ON(tbl->parms.dev);
1832 if (neightbl_fill_parms(skb, &tbl->parms) < 0)
1833 goto nla_put_failure;
1834
1835 read_unlock_bh(&tbl->lock);
1836 return nlmsg_end(skb, nlh);
1837
1838nla_put_failure:
1839 read_unlock_bh(&tbl->lock);
1840 nlmsg_cancel(skb, nlh);
1841 return -EMSGSIZE;
1842}
1843
1844static int neightbl_fill_param_info(struct sk_buff *skb,
1845 struct neigh_table *tbl,
1846 struct neigh_parms *parms,
1847 u32 pid, u32 seq, int type,
1848 unsigned int flags)
1849{
1850 struct ndtmsg *ndtmsg;
1851 struct nlmsghdr *nlh;
1852
1853 nlh = nlmsg_put(skb, pid, seq, type, sizeof(*ndtmsg), flags);
1854 if (nlh == NULL)
1855 return -EMSGSIZE;
1856
1857 ndtmsg = nlmsg_data(nlh);
1858
1859 read_lock_bh(&tbl->lock);
1860 ndtmsg->ndtm_family = tbl->family;
1861 ndtmsg->ndtm_pad1 = 0;
1862 ndtmsg->ndtm_pad2 = 0;
1863
1864 if (nla_put_string(skb, NDTA_NAME, tbl->id) < 0 ||
1865 neightbl_fill_parms(skb, parms) < 0)
1866 goto errout;
1867
1868 read_unlock_bh(&tbl->lock);
1869 return nlmsg_end(skb, nlh);
1870errout:
1871 read_unlock_bh(&tbl->lock);
1872 nlmsg_cancel(skb, nlh);
1873 return -EMSGSIZE;
1874}
1875
1876static const struct nla_policy nl_neightbl_policy[NDTA_MAX+1] = {
1877 [NDTA_NAME] = { .type = NLA_STRING },
1878 [NDTA_THRESH1] = { .type = NLA_U32 },
1879 [NDTA_THRESH2] = { .type = NLA_U32 },
1880 [NDTA_THRESH3] = { .type = NLA_U32 },
1881 [NDTA_GC_INTERVAL] = { .type = NLA_U64 },
1882 [NDTA_PARMS] = { .type = NLA_NESTED },
1883};
1884
1885static const struct nla_policy nl_ntbl_parm_policy[NDTPA_MAX+1] = {
1886 [NDTPA_IFINDEX] = { .type = NLA_U32 },
1887 [NDTPA_QUEUE_LEN] = { .type = NLA_U32 },
1888 [NDTPA_PROXY_QLEN] = { .type = NLA_U32 },
1889 [NDTPA_APP_PROBES] = { .type = NLA_U32 },
1890 [NDTPA_UCAST_PROBES] = { .type = NLA_U32 },
1891 [NDTPA_MCAST_PROBES] = { .type = NLA_U32 },
1892 [NDTPA_BASE_REACHABLE_TIME] = { .type = NLA_U64 },
1893 [NDTPA_GC_STALETIME] = { .type = NLA_U64 },
1894 [NDTPA_DELAY_PROBE_TIME] = { .type = NLA_U64 },
1895 [NDTPA_RETRANS_TIME] = { .type = NLA_U64 },
1896 [NDTPA_ANYCAST_DELAY] = { .type = NLA_U64 },
1897 [NDTPA_PROXY_DELAY] = { .type = NLA_U64 },
1898 [NDTPA_LOCKTIME] = { .type = NLA_U64 },
1899};
1900
1901static int neightbl_set(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg)
1902{
1903 struct net *net = sock_net(skb->sk);
1904 struct neigh_table *tbl;
1905 struct ndtmsg *ndtmsg;
1906 struct nlattr *tb[NDTA_MAX+1];
1907 int err;
1908
1909 err = nlmsg_parse(nlh, sizeof(*ndtmsg), tb, NDTA_MAX,
1910 nl_neightbl_policy);
1911 if (err < 0)
1912 goto errout;
1913
1914 if (tb[NDTA_NAME] == NULL) {
1915 err = -EINVAL;
1916 goto errout;
1917 }
1918
1919 ndtmsg = nlmsg_data(nlh);
1920 read_lock(&neigh_tbl_lock);
1921 for (tbl = neigh_tables; tbl; tbl = tbl->next) {
1922 if (ndtmsg->ndtm_family && tbl->family != ndtmsg->ndtm_family)
1923 continue;
1924
1925 if (nla_strcmp(tb[NDTA_NAME], tbl->id) == 0)
1926 break;
1927 }
1928
1929 if (tbl == NULL) {
1930 err = -ENOENT;
1931 goto errout_locked;
1932 }
1933
1934 /*
1935 * We acquire tbl->lock to be nice to the periodic timers and
1936 * make sure they always see a consistent set of values.
1937 */
1938 write_lock_bh(&tbl->lock);
1939
1940 if (tb[NDTA_PARMS]) {
1941 struct nlattr *tbp[NDTPA_MAX+1];
1942 struct neigh_parms *p;
1943 int i, ifindex = 0;
1944
1945 err = nla_parse_nested(tbp, NDTPA_MAX, tb[NDTA_PARMS],
1946 nl_ntbl_parm_policy);
1947 if (err < 0)
1948 goto errout_tbl_lock;
1949
1950 if (tbp[NDTPA_IFINDEX])
1951 ifindex = nla_get_u32(tbp[NDTPA_IFINDEX]);
1952
1953 p = lookup_neigh_parms(tbl, net, ifindex);
1954 if (p == NULL) {
1955 err = -ENOENT;
1956 goto errout_tbl_lock;
1957 }
1958
1959 for (i = 1; i <= NDTPA_MAX; i++) {
1960 if (tbp[i] == NULL)
1961 continue;
1962
1963 switch (i) {
1964 case NDTPA_QUEUE_LEN:
1965 p->queue_len = nla_get_u32(tbp[i]);
1966 break;
1967 case NDTPA_PROXY_QLEN:
1968 p->proxy_qlen = nla_get_u32(tbp[i]);
1969 break;
1970 case NDTPA_APP_PROBES:
1971 p->app_probes = nla_get_u32(tbp[i]);
1972 break;
1973 case NDTPA_UCAST_PROBES:
1974 p->ucast_probes = nla_get_u32(tbp[i]);
1975 break;
1976 case NDTPA_MCAST_PROBES:
1977 p->mcast_probes = nla_get_u32(tbp[i]);
1978 break;
1979 case NDTPA_BASE_REACHABLE_TIME:
1980 p->base_reachable_time = nla_get_msecs(tbp[i]);
1981 break;
1982 case NDTPA_GC_STALETIME:
1983 p->gc_staletime = nla_get_msecs(tbp[i]);
1984 break;
1985 case NDTPA_DELAY_PROBE_TIME:
1986 p->delay_probe_time = nla_get_msecs(tbp[i]);
1987 break;
1988 case NDTPA_RETRANS_TIME:
1989 p->retrans_time = nla_get_msecs(tbp[i]);
1990 break;
1991 case NDTPA_ANYCAST_DELAY:
1992 p->anycast_delay = nla_get_msecs(tbp[i]);
1993 break;
1994 case NDTPA_PROXY_DELAY:
1995 p->proxy_delay = nla_get_msecs(tbp[i]);
1996 break;
1997 case NDTPA_LOCKTIME:
1998 p->locktime = nla_get_msecs(tbp[i]);
1999 break;
2000 }
2001 }
2002 }
2003
2004 if (tb[NDTA_THRESH1])
2005 tbl->gc_thresh1 = nla_get_u32(tb[NDTA_THRESH1]);
2006
2007 if (tb[NDTA_THRESH2])
2008 tbl->gc_thresh2 = nla_get_u32(tb[NDTA_THRESH2]);
2009
2010 if (tb[NDTA_THRESH3])
2011 tbl->gc_thresh3 = nla_get_u32(tb[NDTA_THRESH3]);
2012
2013 if (tb[NDTA_GC_INTERVAL])
2014 tbl->gc_interval = nla_get_msecs(tb[NDTA_GC_INTERVAL]);
2015
2016 err = 0;
2017
2018errout_tbl_lock:
2019 write_unlock_bh(&tbl->lock);
2020errout_locked:
2021 read_unlock(&neigh_tbl_lock);
2022errout:
2023 return err;
2024}
2025
2026static int neightbl_dump_info(struct sk_buff *skb, struct netlink_callback *cb)
2027{
2028 struct net *net = sock_net(skb->sk);
2029 int family, tidx, nidx = 0;
2030 int tbl_skip = cb->args[0];
2031 int neigh_skip = cb->args[1];
2032 struct neigh_table *tbl;
2033
2034 family = ((struct rtgenmsg *) nlmsg_data(cb->nlh))->rtgen_family;
2035
2036 read_lock(&neigh_tbl_lock);
2037 for (tbl = neigh_tables, tidx = 0; tbl; tbl = tbl->next, tidx++) {
2038 struct neigh_parms *p;
2039
2040 if (tidx < tbl_skip || (family && tbl->family != family))
2041 continue;
2042
2043 if (neightbl_fill_info(skb, tbl, NETLINK_CB(cb->skb).pid,
2044 cb->nlh->nlmsg_seq, RTM_NEWNEIGHTBL,
2045 NLM_F_MULTI) <= 0)
2046 break;
2047
2048 for (nidx = 0, p = tbl->parms.next; p; p = p->next) {
2049 if (!net_eq(neigh_parms_net(p), net))
2050 continue;
2051
2052 if (nidx < neigh_skip)
2053 goto next;
2054
2055 if (neightbl_fill_param_info(skb, tbl, p,
2056 NETLINK_CB(cb->skb).pid,
2057 cb->nlh->nlmsg_seq,
2058 RTM_NEWNEIGHTBL,
2059 NLM_F_MULTI) <= 0)
2060 goto out;
2061 next:
2062 nidx++;
2063 }
2064
2065 neigh_skip = 0;
2066 }
2067out:
2068 read_unlock(&neigh_tbl_lock);
2069 cb->args[0] = tidx;
2070 cb->args[1] = nidx;
2071
2072 return skb->len;
2073}
2074
2075static int neigh_fill_info(struct sk_buff *skb, struct neighbour *neigh,
2076 u32 pid, u32 seq, int type, unsigned int flags)
2077{
2078 unsigned long now = jiffies;
2079 struct nda_cacheinfo ci;
2080 struct nlmsghdr *nlh;
2081 struct ndmsg *ndm;
2082
2083 nlh = nlmsg_put(skb, pid, seq, type, sizeof(*ndm), flags);
2084 if (nlh == NULL)
2085 return -EMSGSIZE;
2086
2087 ndm = nlmsg_data(nlh);
2088 ndm->ndm_family = neigh->ops->family;
2089 ndm->ndm_pad1 = 0;
2090 ndm->ndm_pad2 = 0;
2091 ndm->ndm_flags = neigh->flags;
2092 ndm->ndm_type = neigh->type;
2093 ndm->ndm_ifindex = neigh->dev->ifindex;
2094
2095 NLA_PUT(skb, NDA_DST, neigh->tbl->key_len, neigh->primary_key);
2096
2097 read_lock_bh(&neigh->lock);
2098 ndm->ndm_state = neigh->nud_state;
2099 if (neigh->nud_state & NUD_VALID) {
2100 char haddr[MAX_ADDR_LEN];
2101
2102 neigh_ha_snapshot(haddr, neigh, neigh->dev);
2103 if (nla_put(skb, NDA_LLADDR, neigh->dev->addr_len, haddr) < 0) {
2104 read_unlock_bh(&neigh->lock);
2105 goto nla_put_failure;
2106 }
2107 }
2108
2109 ci.ndm_used = jiffies_to_clock_t(now - neigh->used);
2110 ci.ndm_confirmed = jiffies_to_clock_t(now - neigh->confirmed);
2111 ci.ndm_updated = jiffies_to_clock_t(now - neigh->updated);
2112 ci.ndm_refcnt = atomic_read(&neigh->refcnt) - 1;
2113 read_unlock_bh(&neigh->lock);
2114
2115 NLA_PUT_U32(skb, NDA_PROBES, atomic_read(&neigh->probes));
2116 NLA_PUT(skb, NDA_CACHEINFO, sizeof(ci), &ci);
2117
2118 return nlmsg_end(skb, nlh);
2119
2120nla_put_failure:
2121 nlmsg_cancel(skb, nlh);
2122 return -EMSGSIZE;
2123}
2124
2125static void neigh_update_notify(struct neighbour *neigh)
2126{
2127 call_netevent_notifiers(NETEVENT_NEIGH_UPDATE, neigh);
2128 __neigh_notify(neigh, RTM_NEWNEIGH, 0);
2129}
2130
2131static int neigh_dump_table(struct neigh_table *tbl, struct sk_buff *skb,
2132 struct netlink_callback *cb)
2133{
2134 struct net *net = sock_net(skb->sk);
2135 struct neighbour *n;
2136 int rc, h, s_h = cb->args[1];
2137 int idx, s_idx = idx = cb->args[2];
2138 struct neigh_hash_table *nht;
2139
2140 rcu_read_lock_bh();
2141 nht = rcu_dereference_bh(tbl->nht);
2142
2143 for (h = 0; h < (1 << nht->hash_shift); h++) {
2144 if (h < s_h)
2145 continue;
2146 if (h > s_h)
2147 s_idx = 0;
2148 for (n = rcu_dereference_bh(nht->hash_buckets[h]), idx = 0;
2149 n != NULL;
2150 n = rcu_dereference_bh(n->next)) {
2151 if (!net_eq(dev_net(n->dev), net))
2152 continue;
2153 if (idx < s_idx)
2154 goto next;
2155 if (neigh_fill_info(skb, n, NETLINK_CB(cb->skb).pid,
2156 cb->nlh->nlmsg_seq,
2157 RTM_NEWNEIGH,
2158 NLM_F_MULTI) <= 0) {
2159 rc = -1;
2160 goto out;
2161 }
2162next:
2163 idx++;
2164 }
2165 }
2166 rc = skb->len;
2167out:
2168 rcu_read_unlock_bh();
2169 cb->args[1] = h;
2170 cb->args[2] = idx;
2171 return rc;
2172}
2173
2174static int neigh_dump_info(struct sk_buff *skb, struct netlink_callback *cb)
2175{
2176 struct neigh_table *tbl;
2177 int t, family, s_t;
2178
2179 read_lock(&neigh_tbl_lock);
2180 family = ((struct rtgenmsg *) nlmsg_data(cb->nlh))->rtgen_family;
2181 s_t = cb->args[0];
2182
2183 for (tbl = neigh_tables, t = 0; tbl; tbl = tbl->next, t++) {
2184 if (t < s_t || (family && tbl->family != family))
2185 continue;
2186 if (t > s_t)
2187 memset(&cb->args[1], 0, sizeof(cb->args) -
2188 sizeof(cb->args[0]));
2189 if (neigh_dump_table(tbl, skb, cb) < 0)
2190 break;
2191 }
2192 read_unlock(&neigh_tbl_lock);
2193
2194 cb->args[0] = t;
2195 return skb->len;
2196}
2197
2198void neigh_for_each(struct neigh_table *tbl, void (*cb)(struct neighbour *, void *), void *cookie)
2199{
2200 int chain;
2201 struct neigh_hash_table *nht;
2202
2203 rcu_read_lock_bh();
2204 nht = rcu_dereference_bh(tbl->nht);
2205
2206 read_lock(&tbl->lock); /* avoid resizes */
2207 for (chain = 0; chain < (1 << nht->hash_shift); chain++) {
2208 struct neighbour *n;
2209
2210 for (n = rcu_dereference_bh(nht->hash_buckets[chain]);
2211 n != NULL;
2212 n = rcu_dereference_bh(n->next))
2213 cb(n, cookie);
2214 }
2215 read_unlock(&tbl->lock);
2216 rcu_read_unlock_bh();
2217}
2218EXPORT_SYMBOL(neigh_for_each);
2219
2220/* The tbl->lock must be held as a writer and BH disabled. */
2221void __neigh_for_each_release(struct neigh_table *tbl,
2222 int (*cb)(struct neighbour *))
2223{
2224 int chain;
2225 struct neigh_hash_table *nht;
2226
2227 nht = rcu_dereference_protected(tbl->nht,
2228 lockdep_is_held(&tbl->lock));
2229 for (chain = 0; chain < (1 << nht->hash_shift); chain++) {
2230 struct neighbour *n;
2231 struct neighbour __rcu **np;
2232
2233 np = &nht->hash_buckets[chain];
2234 while ((n = rcu_dereference_protected(*np,
2235 lockdep_is_held(&tbl->lock))) != NULL) {
2236 int release;
2237
2238 write_lock(&n->lock);
2239 release = cb(n);
2240 if (release) {
2241 rcu_assign_pointer(*np,
2242 rcu_dereference_protected(n->next,
2243 lockdep_is_held(&tbl->lock)));
2244 n->dead = 1;
2245 } else
2246 np = &n->next;
2247 write_unlock(&n->lock);
2248 if (release)
2249 neigh_cleanup_and_release(n);
2250 }
2251 }
2252}
2253EXPORT_SYMBOL(__neigh_for_each_release);
2254
2255#ifdef CONFIG_PROC_FS
2256
2257static struct neighbour *neigh_get_first(struct seq_file *seq)
2258{
2259 struct neigh_seq_state *state = seq->private;
2260 struct net *net = seq_file_net(seq);
2261 struct neigh_hash_table *nht = state->nht;
2262 struct neighbour *n = NULL;
2263 int bucket = state->bucket;
2264
2265 state->flags &= ~NEIGH_SEQ_IS_PNEIGH;
2266 for (bucket = 0; bucket < (1 << nht->hash_shift); bucket++) {
2267 n = rcu_dereference_bh(nht->hash_buckets[bucket]);
2268
2269 while (n) {
2270 if (!net_eq(dev_net(n->dev), net))
2271 goto next;
2272 if (state->neigh_sub_iter) {
2273 loff_t fakep = 0;
2274 void *v;
2275
2276 v = state->neigh_sub_iter(state, n, &fakep);
2277 if (!v)
2278 goto next;
2279 }
2280 if (!(state->flags & NEIGH_SEQ_SKIP_NOARP))
2281 break;
2282 if (n->nud_state & ~NUD_NOARP)
2283 break;
2284next:
2285 n = rcu_dereference_bh(n->next);
2286 }
2287
2288 if (n)
2289 break;
2290 }
2291 state->bucket = bucket;
2292
2293 return n;
2294}
2295
2296static struct neighbour *neigh_get_next(struct seq_file *seq,
2297 struct neighbour *n,
2298 loff_t *pos)
2299{
2300 struct neigh_seq_state *state = seq->private;
2301 struct net *net = seq_file_net(seq);
2302 struct neigh_hash_table *nht = state->nht;
2303
2304 if (state->neigh_sub_iter) {
2305 void *v = state->neigh_sub_iter(state, n, pos);
2306 if (v)
2307 return n;
2308 }
2309 n = rcu_dereference_bh(n->next);
2310
2311 while (1) {
2312 while (n) {
2313 if (!net_eq(dev_net(n->dev), net))
2314 goto next;
2315 if (state->neigh_sub_iter) {
2316 void *v = state->neigh_sub_iter(state, n, pos);
2317 if (v)
2318 return n;
2319 goto next;
2320 }
2321 if (!(state->flags & NEIGH_SEQ_SKIP_NOARP))
2322 break;
2323
2324 if (n->nud_state & ~NUD_NOARP)
2325 break;
2326next:
2327 n = rcu_dereference_bh(n->next);
2328 }
2329
2330 if (n)
2331 break;
2332
2333 if (++state->bucket >= (1 << nht->hash_shift))
2334 break;
2335
2336 n = rcu_dereference_bh(nht->hash_buckets[state->bucket]);
2337 }
2338
2339 if (n && pos)
2340 --(*pos);
2341 return n;
2342}
2343
2344static struct neighbour *neigh_get_idx(struct seq_file *seq, loff_t *pos)
2345{
2346 struct neighbour *n = neigh_get_first(seq);
2347
2348 if (n) {
2349 --(*pos);
2350 while (*pos) {
2351 n = neigh_get_next(seq, n, pos);
2352 if (!n)
2353 break;
2354 }
2355 }
2356 return *pos ? NULL : n;
2357}
2358
2359static struct pneigh_entry *pneigh_get_first(struct seq_file *seq)
2360{
2361 struct neigh_seq_state *state = seq->private;
2362 struct net *net = seq_file_net(seq);
2363 struct neigh_table *tbl = state->tbl;
2364 struct pneigh_entry *pn = NULL;
2365 int bucket = state->bucket;
2366
2367 state->flags |= NEIGH_SEQ_IS_PNEIGH;
2368 for (bucket = 0; bucket <= PNEIGH_HASHMASK; bucket++) {
2369 pn = tbl->phash_buckets[bucket];
2370 while (pn && !net_eq(pneigh_net(pn), net))
2371 pn = pn->next;
2372 if (pn)
2373 break;
2374 }
2375 state->bucket = bucket;
2376
2377 return pn;
2378}
2379
2380static struct pneigh_entry *pneigh_get_next(struct seq_file *seq,
2381 struct pneigh_entry *pn,
2382 loff_t *pos)
2383{
2384 struct neigh_seq_state *state = seq->private;
2385 struct net *net = seq_file_net(seq);
2386 struct neigh_table *tbl = state->tbl;
2387
2388 pn = pn->next;
2389 while (!pn) {
2390 if (++state->bucket > PNEIGH_HASHMASK)
2391 break;
2392 pn = tbl->phash_buckets[state->bucket];
2393 while (pn && !net_eq(pneigh_net(pn), net))
2394 pn = pn->next;
2395 if (pn)
2396 break;
2397 }
2398
2399 if (pn && pos)
2400 --(*pos);
2401
2402 return pn;
2403}
2404
2405static struct pneigh_entry *pneigh_get_idx(struct seq_file *seq, loff_t *pos)
2406{
2407 struct pneigh_entry *pn = pneigh_get_first(seq);
2408
2409 if (pn) {
2410 --(*pos);
2411 while (*pos) {
2412 pn = pneigh_get_next(seq, pn, pos);
2413 if (!pn)
2414 break;
2415 }
2416 }
2417 return *pos ? NULL : pn;
2418}
2419
2420static void *neigh_get_idx_any(struct seq_file *seq, loff_t *pos)
2421{
2422 struct neigh_seq_state *state = seq->private;
2423 void *rc;
2424 loff_t idxpos = *pos;
2425
2426 rc = neigh_get_idx(seq, &idxpos);
2427 if (!rc && !(state->flags & NEIGH_SEQ_NEIGH_ONLY))
2428 rc = pneigh_get_idx(seq, &idxpos);
2429
2430 return rc;
2431}
2432
2433void *neigh_seq_start(struct seq_file *seq, loff_t *pos, struct neigh_table *tbl, unsigned int neigh_seq_flags)
2434 __acquires(rcu_bh)
2435{
2436 struct neigh_seq_state *state = seq->private;
2437
2438 state->tbl = tbl;
2439 state->bucket = 0;
2440 state->flags = (neigh_seq_flags & ~NEIGH_SEQ_IS_PNEIGH);
2441
2442 rcu_read_lock_bh();
2443 state->nht = rcu_dereference_bh(tbl->nht);
2444
2445 return *pos ? neigh_get_idx_any(seq, pos) : SEQ_START_TOKEN;
2446}
2447EXPORT_SYMBOL(neigh_seq_start);
2448
2449void *neigh_seq_next(struct seq_file *seq, void *v, loff_t *pos)
2450{
2451 struct neigh_seq_state *state;
2452 void *rc;
2453
2454 if (v == SEQ_START_TOKEN) {
2455 rc = neigh_get_first(seq);
2456 goto out;
2457 }
2458
2459 state = seq->private;
2460 if (!(state->flags & NEIGH_SEQ_IS_PNEIGH)) {
2461 rc = neigh_get_next(seq, v, NULL);
2462 if (rc)
2463 goto out;
2464 if (!(state->flags & NEIGH_SEQ_NEIGH_ONLY))
2465 rc = pneigh_get_first(seq);
2466 } else {
2467 BUG_ON(state->flags & NEIGH_SEQ_NEIGH_ONLY);
2468 rc = pneigh_get_next(seq, v, NULL);
2469 }
2470out:
2471 ++(*pos);
2472 return rc;
2473}
2474EXPORT_SYMBOL(neigh_seq_next);
2475
2476void neigh_seq_stop(struct seq_file *seq, void *v)
2477 __releases(rcu_bh)
2478{
2479 rcu_read_unlock_bh();
2480}
2481EXPORT_SYMBOL(neigh_seq_stop);
2482
2483/* statistics via seq_file */
2484
2485static void *neigh_stat_seq_start(struct seq_file *seq, loff_t *pos)
2486{
2487 struct neigh_table *tbl = seq->private;
2488 int cpu;
2489
2490 if (*pos == 0)
2491 return SEQ_START_TOKEN;
2492
2493 for (cpu = *pos-1; cpu < nr_cpu_ids; ++cpu) {
2494 if (!cpu_possible(cpu))
2495 continue;
2496 *pos = cpu+1;
2497 return per_cpu_ptr(tbl->stats, cpu);
2498 }
2499 return NULL;
2500}
2501
2502static void *neigh_stat_seq_next(struct seq_file *seq, void *v, loff_t *pos)
2503{
2504 struct neigh_table *tbl = seq->private;
2505 int cpu;
2506
2507 for (cpu = *pos; cpu < nr_cpu_ids; ++cpu) {
2508 if (!cpu_possible(cpu))
2509 continue;
2510 *pos = cpu+1;
2511 return per_cpu_ptr(tbl->stats, cpu);
2512 }
2513 return NULL;
2514}
2515
2516static void neigh_stat_seq_stop(struct seq_file *seq, void *v)
2517{
2518
2519}
2520
2521static int neigh_stat_seq_show(struct seq_file *seq, void *v)
2522{
2523 struct neigh_table *tbl = seq->private;
2524 struct neigh_statistics *st = v;
2525
2526 if (v == SEQ_START_TOKEN) {
2527 seq_printf(seq, "entries allocs destroys hash_grows lookups hits res_failed rcv_probes_mcast rcv_probes_ucast periodic_gc_runs forced_gc_runs unresolved_discards\n");
2528 return 0;
2529 }
2530
2531 seq_printf(seq, "%08x %08lx %08lx %08lx %08lx %08lx %08lx "
2532 "%08lx %08lx %08lx %08lx %08lx\n",
2533 atomic_read(&tbl->entries),
2534
2535 st->allocs,
2536 st->destroys,
2537 st->hash_grows,
2538
2539 st->lookups,
2540 st->hits,
2541
2542 st->res_failed,
2543
2544 st->rcv_probes_mcast,
2545 st->rcv_probes_ucast,
2546
2547 st->periodic_gc_runs,
2548 st->forced_gc_runs,
2549 st->unres_discards
2550 );
2551
2552 return 0;
2553}
2554
2555static const struct seq_operations neigh_stat_seq_ops = {
2556 .start = neigh_stat_seq_start,
2557 .next = neigh_stat_seq_next,
2558 .stop = neigh_stat_seq_stop,
2559 .show = neigh_stat_seq_show,
2560};
2561
2562static int neigh_stat_seq_open(struct inode *inode, struct file *file)
2563{
2564 int ret = seq_open(file, &neigh_stat_seq_ops);
2565
2566 if (!ret) {
2567 struct seq_file *sf = file->private_data;
2568 sf->private = PDE(inode)->data;
2569 }
2570 return ret;
2571};
2572
2573static const struct file_operations neigh_stat_seq_fops = {
2574 .owner = THIS_MODULE,
2575 .open = neigh_stat_seq_open,
2576 .read = seq_read,
2577 .llseek = seq_lseek,
2578 .release = seq_release,
2579};
2580
2581#endif /* CONFIG_PROC_FS */
2582
2583static inline size_t neigh_nlmsg_size(void)
2584{
2585 return NLMSG_ALIGN(sizeof(struct ndmsg))
2586 + nla_total_size(MAX_ADDR_LEN) /* NDA_DST */
2587 + nla_total_size(MAX_ADDR_LEN) /* NDA_LLADDR */
2588 + nla_total_size(sizeof(struct nda_cacheinfo))
2589 + nla_total_size(4); /* NDA_PROBES */
2590}
2591
2592static void __neigh_notify(struct neighbour *n, int type, int flags)
2593{
2594 struct net *net = dev_net(n->dev);
2595 struct sk_buff *skb;
2596 int err = -ENOBUFS;
2597
2598 skb = nlmsg_new(neigh_nlmsg_size(), GFP_ATOMIC);
2599 if (skb == NULL)
2600 goto errout;
2601
2602 err = neigh_fill_info(skb, n, 0, 0, type, flags);
2603 if (err < 0) {
2604 /* -EMSGSIZE implies BUG in neigh_nlmsg_size() */
2605 WARN_ON(err == -EMSGSIZE);
2606 kfree_skb(skb);
2607 goto errout;
2608 }
2609 rtnl_notify(skb, net, 0, RTNLGRP_NEIGH, NULL, GFP_ATOMIC);
2610 return;
2611errout:
2612 if (err < 0)
2613 rtnl_set_sk_err(net, RTNLGRP_NEIGH, err);
2614}
2615
2616#ifdef CONFIG_ARPD
2617void neigh_app_ns(struct neighbour *n)
2618{
2619 __neigh_notify(n, RTM_GETNEIGH, NLM_F_REQUEST);
2620}
2621EXPORT_SYMBOL(neigh_app_ns);
2622#endif /* CONFIG_ARPD */
2623
2624#ifdef CONFIG_SYSCTL
2625
2626#define NEIGH_VARS_MAX 19
2627
2628static struct neigh_sysctl_table {
2629 struct ctl_table_header *sysctl_header;
2630 struct ctl_table neigh_vars[NEIGH_VARS_MAX];
2631 char *dev_name;
2632} neigh_sysctl_template __read_mostly = {
2633 .neigh_vars = {
2634 {
2635 .procname = "mcast_solicit",
2636 .maxlen = sizeof(int),
2637 .mode = 0644,
2638 .proc_handler = proc_dointvec,
2639 },
2640 {
2641 .procname = "ucast_solicit",
2642 .maxlen = sizeof(int),
2643 .mode = 0644,
2644 .proc_handler = proc_dointvec,
2645 },
2646 {
2647 .procname = "app_solicit",
2648 .maxlen = sizeof(int),
2649 .mode = 0644,
2650 .proc_handler = proc_dointvec,
2651 },
2652 {
2653 .procname = "retrans_time",
2654 .maxlen = sizeof(int),
2655 .mode = 0644,
2656 .proc_handler = proc_dointvec_userhz_jiffies,
2657 },
2658 {
2659 .procname = "base_reachable_time",
2660 .maxlen = sizeof(int),
2661 .mode = 0644,
2662 .proc_handler = proc_dointvec_jiffies,
2663 },
2664 {
2665 .procname = "delay_first_probe_time",
2666 .maxlen = sizeof(int),
2667 .mode = 0644,
2668 .proc_handler = proc_dointvec_jiffies,
2669 },
2670 {
2671 .procname = "gc_stale_time",
2672 .maxlen = sizeof(int),
2673 .mode = 0644,
2674 .proc_handler = proc_dointvec_jiffies,
2675 },
2676 {
2677 .procname = "unres_qlen",
2678 .maxlen = sizeof(int),
2679 .mode = 0644,
2680 .proc_handler = proc_dointvec,
2681 },
2682 {
2683 .procname = "proxy_qlen",
2684 .maxlen = sizeof(int),
2685 .mode = 0644,
2686 .proc_handler = proc_dointvec,
2687 },
2688 {
2689 .procname = "anycast_delay",
2690 .maxlen = sizeof(int),
2691 .mode = 0644,
2692 .proc_handler = proc_dointvec_userhz_jiffies,
2693 },
2694 {
2695 .procname = "proxy_delay",
2696 .maxlen = sizeof(int),
2697 .mode = 0644,
2698 .proc_handler = proc_dointvec_userhz_jiffies,
2699 },
2700 {
2701 .procname = "locktime",
2702 .maxlen = sizeof(int),
2703 .mode = 0644,
2704 .proc_handler = proc_dointvec_userhz_jiffies,
2705 },
2706 {
2707 .procname = "retrans_time_ms",
2708 .maxlen = sizeof(int),
2709 .mode = 0644,
2710 .proc_handler = proc_dointvec_ms_jiffies,
2711 },
2712 {
2713 .procname = "base_reachable_time_ms",
2714 .maxlen = sizeof(int),
2715 .mode = 0644,
2716 .proc_handler = proc_dointvec_ms_jiffies,
2717 },
2718 {
2719 .procname = "gc_interval",
2720 .maxlen = sizeof(int),
2721 .mode = 0644,
2722 .proc_handler = proc_dointvec_jiffies,
2723 },
2724 {
2725 .procname = "gc_thresh1",
2726 .maxlen = sizeof(int),
2727 .mode = 0644,
2728 .proc_handler = proc_dointvec,
2729 },
2730 {
2731 .procname = "gc_thresh2",
2732 .maxlen = sizeof(int),
2733 .mode = 0644,
2734 .proc_handler = proc_dointvec,
2735 },
2736 {
2737 .procname = "gc_thresh3",
2738 .maxlen = sizeof(int),
2739 .mode = 0644,
2740 .proc_handler = proc_dointvec,
2741 },
2742 {},
2743 },
2744};
2745
2746int neigh_sysctl_register(struct net_device *dev, struct neigh_parms *p,
2747 char *p_name, proc_handler *handler)
2748{
2749 struct neigh_sysctl_table *t;
2750 const char *dev_name_source = NULL;
2751
2752#define NEIGH_CTL_PATH_ROOT 0
2753#define NEIGH_CTL_PATH_PROTO 1
2754#define NEIGH_CTL_PATH_NEIGH 2
2755#define NEIGH_CTL_PATH_DEV 3
2756
2757 struct ctl_path neigh_path[] = {
2758 { .procname = "net", },
2759 { .procname = "proto", },
2760 { .procname = "neigh", },
2761 { .procname = "default", },
2762 { },
2763 };
2764
2765 t = kmemdup(&neigh_sysctl_template, sizeof(*t), GFP_KERNEL);
2766 if (!t)
2767 goto err;
2768
2769 t->neigh_vars[0].data = &p->mcast_probes;
2770 t->neigh_vars[1].data = &p->ucast_probes;
2771 t->neigh_vars[2].data = &p->app_probes;
2772 t->neigh_vars[3].data = &p->retrans_time;
2773 t->neigh_vars[4].data = &p->base_reachable_time;
2774 t->neigh_vars[5].data = &p->delay_probe_time;
2775 t->neigh_vars[6].data = &p->gc_staletime;
2776 t->neigh_vars[7].data = &p->queue_len;
2777 t->neigh_vars[8].data = &p->proxy_qlen;
2778 t->neigh_vars[9].data = &p->anycast_delay;
2779 t->neigh_vars[10].data = &p->proxy_delay;
2780 t->neigh_vars[11].data = &p->locktime;
2781 t->neigh_vars[12].data = &p->retrans_time;
2782 t->neigh_vars[13].data = &p->base_reachable_time;
2783
2784 if (dev) {
2785 dev_name_source = dev->name;
2786 /* Terminate the table early */
2787 memset(&t->neigh_vars[14], 0, sizeof(t->neigh_vars[14]));
2788 } else {
2789 dev_name_source = neigh_path[NEIGH_CTL_PATH_DEV].procname;
2790 t->neigh_vars[14].data = (int *)(p + 1);
2791 t->neigh_vars[15].data = (int *)(p + 1) + 1;
2792 t->neigh_vars[16].data = (int *)(p + 1) + 2;
2793 t->neigh_vars[17].data = (int *)(p + 1) + 3;
2794 }
2795
2796
2797 if (handler) {
2798 /* RetransTime */
2799 t->neigh_vars[3].proc_handler = handler;
2800 t->neigh_vars[3].extra1 = dev;
2801 /* ReachableTime */
2802 t->neigh_vars[4].proc_handler = handler;
2803 t->neigh_vars[4].extra1 = dev;
2804 /* RetransTime (in milliseconds)*/
2805 t->neigh_vars[12].proc_handler = handler;
2806 t->neigh_vars[12].extra1 = dev;
2807 /* ReachableTime (in milliseconds) */
2808 t->neigh_vars[13].proc_handler = handler;
2809 t->neigh_vars[13].extra1 = dev;
2810 }
2811
2812 t->dev_name = kstrdup(dev_name_source, GFP_KERNEL);
2813 if (!t->dev_name)
2814 goto free;
2815
2816 neigh_path[NEIGH_CTL_PATH_DEV].procname = t->dev_name;
2817 neigh_path[NEIGH_CTL_PATH_PROTO].procname = p_name;
2818
2819 t->sysctl_header =
2820 register_net_sysctl_table(neigh_parms_net(p), neigh_path, t->neigh_vars);
2821 if (!t->sysctl_header)
2822 goto free_procname;
2823
2824 p->sysctl_table = t;
2825 return 0;
2826
2827free_procname:
2828 kfree(t->dev_name);
2829free:
2830 kfree(t);
2831err:
2832 return -ENOBUFS;
2833}
2834EXPORT_SYMBOL(neigh_sysctl_register);
2835
2836void neigh_sysctl_unregister(struct neigh_parms *p)
2837{
2838 if (p->sysctl_table) {
2839 struct neigh_sysctl_table *t = p->sysctl_table;
2840 p->sysctl_table = NULL;
2841 unregister_sysctl_table(t->sysctl_header);
2842 kfree(t->dev_name);
2843 kfree(t);
2844 }
2845}
2846EXPORT_SYMBOL(neigh_sysctl_unregister);
2847
2848#endif /* CONFIG_SYSCTL */
2849
2850static int __init neigh_init(void)
2851{
2852 rtnl_register(PF_UNSPEC, RTM_NEWNEIGH, neigh_add, NULL, NULL);
2853 rtnl_register(PF_UNSPEC, RTM_DELNEIGH, neigh_delete, NULL, NULL);
2854 rtnl_register(PF_UNSPEC, RTM_GETNEIGH, NULL, neigh_dump_info, NULL);
2855
2856 rtnl_register(PF_UNSPEC, RTM_GETNEIGHTBL, NULL, neightbl_dump_info,
2857 NULL);
2858 rtnl_register(PF_UNSPEC, RTM_SETNEIGHTBL, neightbl_set, NULL, NULL);
2859
2860 return 0;
2861}
2862
2863subsys_initcall(neigh_init);
2864
1// SPDX-License-Identifier: GPL-2.0-or-later
2/*
3 * Generic address resolution entity
4 *
5 * Authors:
6 * Pedro Roque <roque@di.fc.ul.pt>
7 * Alexey Kuznetsov <kuznet@ms2.inr.ac.ru>
8 *
9 * Fixes:
10 * Vitaly E. Lavrov releasing NULL neighbor in neigh_add.
11 * Harald Welte Add neighbour cache statistics like rtstat
12 */
13
14#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
15
16#include <linux/slab.h>
17#include <linux/kmemleak.h>
18#include <linux/types.h>
19#include <linux/kernel.h>
20#include <linux/module.h>
21#include <linux/socket.h>
22#include <linux/netdevice.h>
23#include <linux/proc_fs.h>
24#ifdef CONFIG_SYSCTL
25#include <linux/sysctl.h>
26#endif
27#include <linux/times.h>
28#include <net/net_namespace.h>
29#include <net/neighbour.h>
30#include <net/arp.h>
31#include <net/dst.h>
32#include <net/sock.h>
33#include <net/netevent.h>
34#include <net/netlink.h>
35#include <linux/rtnetlink.h>
36#include <linux/random.h>
37#include <linux/string.h>
38#include <linux/log2.h>
39#include <linux/inetdevice.h>
40#include <net/addrconf.h>
41
42#include <trace/events/neigh.h>
43
44#define DEBUG
45#define NEIGH_DEBUG 1
46#define neigh_dbg(level, fmt, ...) \
47do { \
48 if (level <= NEIGH_DEBUG) \
49 pr_debug(fmt, ##__VA_ARGS__); \
50} while (0)
51
52#define PNEIGH_HASHMASK 0xF
53
54static void neigh_timer_handler(struct timer_list *t);
55static void __neigh_notify(struct neighbour *n, int type, int flags,
56 u32 pid);
57static void neigh_update_notify(struct neighbour *neigh, u32 nlmsg_pid);
58static int pneigh_ifdown_and_unlock(struct neigh_table *tbl,
59 struct net_device *dev);
60
61#ifdef CONFIG_PROC_FS
62static const struct seq_operations neigh_stat_seq_ops;
63#endif
64
65/*
66 Neighbour hash table buckets are protected with rwlock tbl->lock.
67
68 - All the scans/updates to hash buckets MUST be made under this lock.
69 - NOTHING clever should be made under this lock: no callbacks
70 to protocol backends, no attempts to send something to network.
71 It will result in deadlocks, if backend/driver wants to use neighbour
72 cache.
73 - If the entry requires some non-trivial actions, increase
74 its reference count and release table lock.
75
76 Neighbour entries are protected:
77 - with reference count.
78 - with rwlock neigh->lock
79
80 Reference count prevents destruction.
81
82 neigh->lock mainly serializes ll address data and its validity state.
83 However, the same lock is used to protect another entry fields:
84 - timer
85 - resolution queue
86
87 Again, nothing clever shall be made under neigh->lock,
88 the most complicated procedure, which we allow is dev->hard_header.
89 It is supposed, that dev->hard_header is simplistic and does
90 not make callbacks to neighbour tables.
91 */
92
93static int neigh_blackhole(struct neighbour *neigh, struct sk_buff *skb)
94{
95 kfree_skb(skb);
96 return -ENETDOWN;
97}
98
99static void neigh_cleanup_and_release(struct neighbour *neigh)
100{
101 trace_neigh_cleanup_and_release(neigh, 0);
102 __neigh_notify(neigh, RTM_DELNEIGH, 0, 0);
103 call_netevent_notifiers(NETEVENT_NEIGH_UPDATE, neigh);
104 neigh_release(neigh);
105}
106
107/*
108 * It is random distribution in the interval (1/2)*base...(3/2)*base.
109 * It corresponds to default IPv6 settings and is not overridable,
110 * because it is really reasonable choice.
111 */
112
113unsigned long neigh_rand_reach_time(unsigned long base)
114{
115 return base ? (prandom_u32() % base) + (base >> 1) : 0;
116}
117EXPORT_SYMBOL(neigh_rand_reach_time);
118
119static void neigh_mark_dead(struct neighbour *n)
120{
121 n->dead = 1;
122 if (!list_empty(&n->gc_list)) {
123 list_del_init(&n->gc_list);
124 atomic_dec(&n->tbl->gc_entries);
125 }
126}
127
128static void neigh_update_gc_list(struct neighbour *n)
129{
130 bool on_gc_list, exempt_from_gc;
131
132 write_lock_bh(&n->tbl->lock);
133 write_lock(&n->lock);
134
135 /* remove from the gc list if new state is permanent or if neighbor
136 * is externally learned; otherwise entry should be on the gc list
137 */
138 exempt_from_gc = n->nud_state & NUD_PERMANENT ||
139 n->flags & NTF_EXT_LEARNED;
140 on_gc_list = !list_empty(&n->gc_list);
141
142 if (exempt_from_gc && on_gc_list) {
143 list_del_init(&n->gc_list);
144 atomic_dec(&n->tbl->gc_entries);
145 } else if (!exempt_from_gc && !on_gc_list) {
146 /* add entries to the tail; cleaning removes from the front */
147 list_add_tail(&n->gc_list, &n->tbl->gc_list);
148 atomic_inc(&n->tbl->gc_entries);
149 }
150
151 write_unlock(&n->lock);
152 write_unlock_bh(&n->tbl->lock);
153}
154
155static bool neigh_update_ext_learned(struct neighbour *neigh, u32 flags,
156 int *notify)
157{
158 bool rc = false;
159 u8 ndm_flags;
160
161 if (!(flags & NEIGH_UPDATE_F_ADMIN))
162 return rc;
163
164 ndm_flags = (flags & NEIGH_UPDATE_F_EXT_LEARNED) ? NTF_EXT_LEARNED : 0;
165 if ((neigh->flags ^ ndm_flags) & NTF_EXT_LEARNED) {
166 if (ndm_flags & NTF_EXT_LEARNED)
167 neigh->flags |= NTF_EXT_LEARNED;
168 else
169 neigh->flags &= ~NTF_EXT_LEARNED;
170 rc = true;
171 *notify = 1;
172 }
173
174 return rc;
175}
176
177static bool neigh_del(struct neighbour *n, struct neighbour __rcu **np,
178 struct neigh_table *tbl)
179{
180 bool retval = false;
181
182 write_lock(&n->lock);
183 if (refcount_read(&n->refcnt) == 1) {
184 struct neighbour *neigh;
185
186 neigh = rcu_dereference_protected(n->next,
187 lockdep_is_held(&tbl->lock));
188 rcu_assign_pointer(*np, neigh);
189 neigh_mark_dead(n);
190 retval = true;
191 }
192 write_unlock(&n->lock);
193 if (retval)
194 neigh_cleanup_and_release(n);
195 return retval;
196}
197
198bool neigh_remove_one(struct neighbour *ndel, struct neigh_table *tbl)
199{
200 struct neigh_hash_table *nht;
201 void *pkey = ndel->primary_key;
202 u32 hash_val;
203 struct neighbour *n;
204 struct neighbour __rcu **np;
205
206 nht = rcu_dereference_protected(tbl->nht,
207 lockdep_is_held(&tbl->lock));
208 hash_val = tbl->hash(pkey, ndel->dev, nht->hash_rnd);
209 hash_val = hash_val >> (32 - nht->hash_shift);
210
211 np = &nht->hash_buckets[hash_val];
212 while ((n = rcu_dereference_protected(*np,
213 lockdep_is_held(&tbl->lock)))) {
214 if (n == ndel)
215 return neigh_del(n, np, tbl);
216 np = &n->next;
217 }
218 return false;
219}
220
221static int neigh_forced_gc(struct neigh_table *tbl)
222{
223 int max_clean = atomic_read(&tbl->gc_entries) - tbl->gc_thresh2;
224 unsigned long tref = jiffies - 5 * HZ;
225 struct neighbour *n, *tmp;
226 int shrunk = 0;
227
228 NEIGH_CACHE_STAT_INC(tbl, forced_gc_runs);
229
230 write_lock_bh(&tbl->lock);
231
232 list_for_each_entry_safe(n, tmp, &tbl->gc_list, gc_list) {
233 if (refcount_read(&n->refcnt) == 1) {
234 bool remove = false;
235
236 write_lock(&n->lock);
237 if ((n->nud_state == NUD_FAILED) ||
238 time_after(tref, n->updated))
239 remove = true;
240 write_unlock(&n->lock);
241
242 if (remove && neigh_remove_one(n, tbl))
243 shrunk++;
244 if (shrunk >= max_clean)
245 break;
246 }
247 }
248
249 tbl->last_flush = jiffies;
250
251 write_unlock_bh(&tbl->lock);
252
253 return shrunk;
254}
255
256static void neigh_add_timer(struct neighbour *n, unsigned long when)
257{
258 neigh_hold(n);
259 if (unlikely(mod_timer(&n->timer, when))) {
260 printk("NEIGH: BUG, double timer add, state is %x\n",
261 n->nud_state);
262 dump_stack();
263 }
264}
265
266static int neigh_del_timer(struct neighbour *n)
267{
268 if ((n->nud_state & NUD_IN_TIMER) &&
269 del_timer(&n->timer)) {
270 neigh_release(n);
271 return 1;
272 }
273 return 0;
274}
275
276static void pneigh_queue_purge(struct sk_buff_head *list)
277{
278 struct sk_buff *skb;
279
280 while ((skb = skb_dequeue(list)) != NULL) {
281 dev_put(skb->dev);
282 kfree_skb(skb);
283 }
284}
285
286static void neigh_flush_dev(struct neigh_table *tbl, struct net_device *dev,
287 bool skip_perm)
288{
289 int i;
290 struct neigh_hash_table *nht;
291
292 nht = rcu_dereference_protected(tbl->nht,
293 lockdep_is_held(&tbl->lock));
294
295 for (i = 0; i < (1 << nht->hash_shift); i++) {
296 struct neighbour *n;
297 struct neighbour __rcu **np = &nht->hash_buckets[i];
298
299 while ((n = rcu_dereference_protected(*np,
300 lockdep_is_held(&tbl->lock))) != NULL) {
301 if (dev && n->dev != dev) {
302 np = &n->next;
303 continue;
304 }
305 if (skip_perm && n->nud_state & NUD_PERMANENT) {
306 np = &n->next;
307 continue;
308 }
309 rcu_assign_pointer(*np,
310 rcu_dereference_protected(n->next,
311 lockdep_is_held(&tbl->lock)));
312 write_lock(&n->lock);
313 neigh_del_timer(n);
314 neigh_mark_dead(n);
315 if (refcount_read(&n->refcnt) != 1) {
316 /* The most unpleasant situation.
317 We must destroy neighbour entry,
318 but someone still uses it.
319
320 The destroy will be delayed until
321 the last user releases us, but
322 we must kill timers etc. and move
323 it to safe state.
324 */
325 __skb_queue_purge(&n->arp_queue);
326 n->arp_queue_len_bytes = 0;
327 n->output = neigh_blackhole;
328 if (n->nud_state & NUD_VALID)
329 n->nud_state = NUD_NOARP;
330 else
331 n->nud_state = NUD_NONE;
332 neigh_dbg(2, "neigh %p is stray\n", n);
333 }
334 write_unlock(&n->lock);
335 neigh_cleanup_and_release(n);
336 }
337 }
338}
339
340void neigh_changeaddr(struct neigh_table *tbl, struct net_device *dev)
341{
342 write_lock_bh(&tbl->lock);
343 neigh_flush_dev(tbl, dev, false);
344 write_unlock_bh(&tbl->lock);
345}
346EXPORT_SYMBOL(neigh_changeaddr);
347
348static int __neigh_ifdown(struct neigh_table *tbl, struct net_device *dev,
349 bool skip_perm)
350{
351 write_lock_bh(&tbl->lock);
352 neigh_flush_dev(tbl, dev, skip_perm);
353 pneigh_ifdown_and_unlock(tbl, dev);
354
355 del_timer_sync(&tbl->proxy_timer);
356 pneigh_queue_purge(&tbl->proxy_queue);
357 return 0;
358}
359
360int neigh_carrier_down(struct neigh_table *tbl, struct net_device *dev)
361{
362 __neigh_ifdown(tbl, dev, true);
363 return 0;
364}
365EXPORT_SYMBOL(neigh_carrier_down);
366
367int neigh_ifdown(struct neigh_table *tbl, struct net_device *dev)
368{
369 __neigh_ifdown(tbl, dev, false);
370 return 0;
371}
372EXPORT_SYMBOL(neigh_ifdown);
373
374static struct neighbour *neigh_alloc(struct neigh_table *tbl,
375 struct net_device *dev,
376 bool exempt_from_gc)
377{
378 struct neighbour *n = NULL;
379 unsigned long now = jiffies;
380 int entries;
381
382 if (exempt_from_gc)
383 goto do_alloc;
384
385 entries = atomic_inc_return(&tbl->gc_entries) - 1;
386 if (entries >= tbl->gc_thresh3 ||
387 (entries >= tbl->gc_thresh2 &&
388 time_after(now, tbl->last_flush + 5 * HZ))) {
389 if (!neigh_forced_gc(tbl) &&
390 entries >= tbl->gc_thresh3) {
391 net_info_ratelimited("%s: neighbor table overflow!\n",
392 tbl->id);
393 NEIGH_CACHE_STAT_INC(tbl, table_fulls);
394 goto out_entries;
395 }
396 }
397
398do_alloc:
399 n = kzalloc(tbl->entry_size + dev->neigh_priv_len, GFP_ATOMIC);
400 if (!n)
401 goto out_entries;
402
403 __skb_queue_head_init(&n->arp_queue);
404 rwlock_init(&n->lock);
405 seqlock_init(&n->ha_lock);
406 n->updated = n->used = now;
407 n->nud_state = NUD_NONE;
408 n->output = neigh_blackhole;
409 seqlock_init(&n->hh.hh_lock);
410 n->parms = neigh_parms_clone(&tbl->parms);
411 timer_setup(&n->timer, neigh_timer_handler, 0);
412
413 NEIGH_CACHE_STAT_INC(tbl, allocs);
414 n->tbl = tbl;
415 refcount_set(&n->refcnt, 1);
416 n->dead = 1;
417 INIT_LIST_HEAD(&n->gc_list);
418
419 atomic_inc(&tbl->entries);
420out:
421 return n;
422
423out_entries:
424 if (!exempt_from_gc)
425 atomic_dec(&tbl->gc_entries);
426 goto out;
427}
428
429static void neigh_get_hash_rnd(u32 *x)
430{
431 *x = get_random_u32() | 1;
432}
433
434static struct neigh_hash_table *neigh_hash_alloc(unsigned int shift)
435{
436 size_t size = (1 << shift) * sizeof(struct neighbour *);
437 struct neigh_hash_table *ret;
438 struct neighbour __rcu **buckets;
439 int i;
440
441 ret = kmalloc(sizeof(*ret), GFP_ATOMIC);
442 if (!ret)
443 return NULL;
444 if (size <= PAGE_SIZE) {
445 buckets = kzalloc(size, GFP_ATOMIC);
446 } else {
447 buckets = (struct neighbour __rcu **)
448 __get_free_pages(GFP_ATOMIC | __GFP_ZERO,
449 get_order(size));
450 kmemleak_alloc(buckets, size, 1, GFP_ATOMIC);
451 }
452 if (!buckets) {
453 kfree(ret);
454 return NULL;
455 }
456 ret->hash_buckets = buckets;
457 ret->hash_shift = shift;
458 for (i = 0; i < NEIGH_NUM_HASH_RND; i++)
459 neigh_get_hash_rnd(&ret->hash_rnd[i]);
460 return ret;
461}
462
463static void neigh_hash_free_rcu(struct rcu_head *head)
464{
465 struct neigh_hash_table *nht = container_of(head,
466 struct neigh_hash_table,
467 rcu);
468 size_t size = (1 << nht->hash_shift) * sizeof(struct neighbour *);
469 struct neighbour __rcu **buckets = nht->hash_buckets;
470
471 if (size <= PAGE_SIZE) {
472 kfree(buckets);
473 } else {
474 kmemleak_free(buckets);
475 free_pages((unsigned long)buckets, get_order(size));
476 }
477 kfree(nht);
478}
479
480static struct neigh_hash_table *neigh_hash_grow(struct neigh_table *tbl,
481 unsigned long new_shift)
482{
483 unsigned int i, hash;
484 struct neigh_hash_table *new_nht, *old_nht;
485
486 NEIGH_CACHE_STAT_INC(tbl, hash_grows);
487
488 old_nht = rcu_dereference_protected(tbl->nht,
489 lockdep_is_held(&tbl->lock));
490 new_nht = neigh_hash_alloc(new_shift);
491 if (!new_nht)
492 return old_nht;
493
494 for (i = 0; i < (1 << old_nht->hash_shift); i++) {
495 struct neighbour *n, *next;
496
497 for (n = rcu_dereference_protected(old_nht->hash_buckets[i],
498 lockdep_is_held(&tbl->lock));
499 n != NULL;
500 n = next) {
501 hash = tbl->hash(n->primary_key, n->dev,
502 new_nht->hash_rnd);
503
504 hash >>= (32 - new_nht->hash_shift);
505 next = rcu_dereference_protected(n->next,
506 lockdep_is_held(&tbl->lock));
507
508 rcu_assign_pointer(n->next,
509 rcu_dereference_protected(
510 new_nht->hash_buckets[hash],
511 lockdep_is_held(&tbl->lock)));
512 rcu_assign_pointer(new_nht->hash_buckets[hash], n);
513 }
514 }
515
516 rcu_assign_pointer(tbl->nht, new_nht);
517 call_rcu(&old_nht->rcu, neigh_hash_free_rcu);
518 return new_nht;
519}
520
521struct neighbour *neigh_lookup(struct neigh_table *tbl, const void *pkey,
522 struct net_device *dev)
523{
524 struct neighbour *n;
525
526 NEIGH_CACHE_STAT_INC(tbl, lookups);
527
528 rcu_read_lock_bh();
529 n = __neigh_lookup_noref(tbl, pkey, dev);
530 if (n) {
531 if (!refcount_inc_not_zero(&n->refcnt))
532 n = NULL;
533 NEIGH_CACHE_STAT_INC(tbl, hits);
534 }
535
536 rcu_read_unlock_bh();
537 return n;
538}
539EXPORT_SYMBOL(neigh_lookup);
540
541struct neighbour *neigh_lookup_nodev(struct neigh_table *tbl, struct net *net,
542 const void *pkey)
543{
544 struct neighbour *n;
545 unsigned int key_len = tbl->key_len;
546 u32 hash_val;
547 struct neigh_hash_table *nht;
548
549 NEIGH_CACHE_STAT_INC(tbl, lookups);
550
551 rcu_read_lock_bh();
552 nht = rcu_dereference_bh(tbl->nht);
553 hash_val = tbl->hash(pkey, NULL, nht->hash_rnd) >> (32 - nht->hash_shift);
554
555 for (n = rcu_dereference_bh(nht->hash_buckets[hash_val]);
556 n != NULL;
557 n = rcu_dereference_bh(n->next)) {
558 if (!memcmp(n->primary_key, pkey, key_len) &&
559 net_eq(dev_net(n->dev), net)) {
560 if (!refcount_inc_not_zero(&n->refcnt))
561 n = NULL;
562 NEIGH_CACHE_STAT_INC(tbl, hits);
563 break;
564 }
565 }
566
567 rcu_read_unlock_bh();
568 return n;
569}
570EXPORT_SYMBOL(neigh_lookup_nodev);
571
572static struct neighbour *___neigh_create(struct neigh_table *tbl,
573 const void *pkey,
574 struct net_device *dev,
575 bool exempt_from_gc, bool want_ref)
576{
577 struct neighbour *n1, *rc, *n = neigh_alloc(tbl, dev, exempt_from_gc);
578 u32 hash_val;
579 unsigned int key_len = tbl->key_len;
580 int error;
581 struct neigh_hash_table *nht;
582
583 trace_neigh_create(tbl, dev, pkey, n, exempt_from_gc);
584
585 if (!n) {
586 rc = ERR_PTR(-ENOBUFS);
587 goto out;
588 }
589
590 memcpy(n->primary_key, pkey, key_len);
591 n->dev = dev;
592 dev_hold(dev);
593
594 /* Protocol specific setup. */
595 if (tbl->constructor && (error = tbl->constructor(n)) < 0) {
596 rc = ERR_PTR(error);
597 goto out_neigh_release;
598 }
599
600 if (dev->netdev_ops->ndo_neigh_construct) {
601 error = dev->netdev_ops->ndo_neigh_construct(dev, n);
602 if (error < 0) {
603 rc = ERR_PTR(error);
604 goto out_neigh_release;
605 }
606 }
607
608 /* Device specific setup. */
609 if (n->parms->neigh_setup &&
610 (error = n->parms->neigh_setup(n)) < 0) {
611 rc = ERR_PTR(error);
612 goto out_neigh_release;
613 }
614
615 n->confirmed = jiffies - (NEIGH_VAR(n->parms, BASE_REACHABLE_TIME) << 1);
616
617 write_lock_bh(&tbl->lock);
618 nht = rcu_dereference_protected(tbl->nht,
619 lockdep_is_held(&tbl->lock));
620
621 if (atomic_read(&tbl->entries) > (1 << nht->hash_shift))
622 nht = neigh_hash_grow(tbl, nht->hash_shift + 1);
623
624 hash_val = tbl->hash(n->primary_key, dev, nht->hash_rnd) >> (32 - nht->hash_shift);
625
626 if (n->parms->dead) {
627 rc = ERR_PTR(-EINVAL);
628 goto out_tbl_unlock;
629 }
630
631 for (n1 = rcu_dereference_protected(nht->hash_buckets[hash_val],
632 lockdep_is_held(&tbl->lock));
633 n1 != NULL;
634 n1 = rcu_dereference_protected(n1->next,
635 lockdep_is_held(&tbl->lock))) {
636 if (dev == n1->dev && !memcmp(n1->primary_key, n->primary_key, key_len)) {
637 if (want_ref)
638 neigh_hold(n1);
639 rc = n1;
640 goto out_tbl_unlock;
641 }
642 }
643
644 n->dead = 0;
645 if (!exempt_from_gc)
646 list_add_tail(&n->gc_list, &n->tbl->gc_list);
647
648 if (want_ref)
649 neigh_hold(n);
650 rcu_assign_pointer(n->next,
651 rcu_dereference_protected(nht->hash_buckets[hash_val],
652 lockdep_is_held(&tbl->lock)));
653 rcu_assign_pointer(nht->hash_buckets[hash_val], n);
654 write_unlock_bh(&tbl->lock);
655 neigh_dbg(2, "neigh %p is created\n", n);
656 rc = n;
657out:
658 return rc;
659out_tbl_unlock:
660 write_unlock_bh(&tbl->lock);
661out_neigh_release:
662 if (!exempt_from_gc)
663 atomic_dec(&tbl->gc_entries);
664 neigh_release(n);
665 goto out;
666}
667
668struct neighbour *__neigh_create(struct neigh_table *tbl, const void *pkey,
669 struct net_device *dev, bool want_ref)
670{
671 return ___neigh_create(tbl, pkey, dev, false, want_ref);
672}
673EXPORT_SYMBOL(__neigh_create);
674
675static u32 pneigh_hash(const void *pkey, unsigned int key_len)
676{
677 u32 hash_val = *(u32 *)(pkey + key_len - 4);
678 hash_val ^= (hash_val >> 16);
679 hash_val ^= hash_val >> 8;
680 hash_val ^= hash_val >> 4;
681 hash_val &= PNEIGH_HASHMASK;
682 return hash_val;
683}
684
685static struct pneigh_entry *__pneigh_lookup_1(struct pneigh_entry *n,
686 struct net *net,
687 const void *pkey,
688 unsigned int key_len,
689 struct net_device *dev)
690{
691 while (n) {
692 if (!memcmp(n->key, pkey, key_len) &&
693 net_eq(pneigh_net(n), net) &&
694 (n->dev == dev || !n->dev))
695 return n;
696 n = n->next;
697 }
698 return NULL;
699}
700
701struct pneigh_entry *__pneigh_lookup(struct neigh_table *tbl,
702 struct net *net, const void *pkey, struct net_device *dev)
703{
704 unsigned int key_len = tbl->key_len;
705 u32 hash_val = pneigh_hash(pkey, key_len);
706
707 return __pneigh_lookup_1(tbl->phash_buckets[hash_val],
708 net, pkey, key_len, dev);
709}
710EXPORT_SYMBOL_GPL(__pneigh_lookup);
711
712struct pneigh_entry * pneigh_lookup(struct neigh_table *tbl,
713 struct net *net, const void *pkey,
714 struct net_device *dev, int creat)
715{
716 struct pneigh_entry *n;
717 unsigned int key_len = tbl->key_len;
718 u32 hash_val = pneigh_hash(pkey, key_len);
719
720 read_lock_bh(&tbl->lock);
721 n = __pneigh_lookup_1(tbl->phash_buckets[hash_val],
722 net, pkey, key_len, dev);
723 read_unlock_bh(&tbl->lock);
724
725 if (n || !creat)
726 goto out;
727
728 ASSERT_RTNL();
729
730 n = kmalloc(sizeof(*n) + key_len, GFP_KERNEL);
731 if (!n)
732 goto out;
733
734 n->protocol = 0;
735 write_pnet(&n->net, net);
736 memcpy(n->key, pkey, key_len);
737 n->dev = dev;
738 if (dev)
739 dev_hold(dev);
740
741 if (tbl->pconstructor && tbl->pconstructor(n)) {
742 if (dev)
743 dev_put(dev);
744 kfree(n);
745 n = NULL;
746 goto out;
747 }
748
749 write_lock_bh(&tbl->lock);
750 n->next = tbl->phash_buckets[hash_val];
751 tbl->phash_buckets[hash_val] = n;
752 write_unlock_bh(&tbl->lock);
753out:
754 return n;
755}
756EXPORT_SYMBOL(pneigh_lookup);
757
758
759int pneigh_delete(struct neigh_table *tbl, struct net *net, const void *pkey,
760 struct net_device *dev)
761{
762 struct pneigh_entry *n, **np;
763 unsigned int key_len = tbl->key_len;
764 u32 hash_val = pneigh_hash(pkey, key_len);
765
766 write_lock_bh(&tbl->lock);
767 for (np = &tbl->phash_buckets[hash_val]; (n = *np) != NULL;
768 np = &n->next) {
769 if (!memcmp(n->key, pkey, key_len) && n->dev == dev &&
770 net_eq(pneigh_net(n), net)) {
771 *np = n->next;
772 write_unlock_bh(&tbl->lock);
773 if (tbl->pdestructor)
774 tbl->pdestructor(n);
775 if (n->dev)
776 dev_put(n->dev);
777 kfree(n);
778 return 0;
779 }
780 }
781 write_unlock_bh(&tbl->lock);
782 return -ENOENT;
783}
784
785static int pneigh_ifdown_and_unlock(struct neigh_table *tbl,
786 struct net_device *dev)
787{
788 struct pneigh_entry *n, **np, *freelist = NULL;
789 u32 h;
790
791 for (h = 0; h <= PNEIGH_HASHMASK; h++) {
792 np = &tbl->phash_buckets[h];
793 while ((n = *np) != NULL) {
794 if (!dev || n->dev == dev) {
795 *np = n->next;
796 n->next = freelist;
797 freelist = n;
798 continue;
799 }
800 np = &n->next;
801 }
802 }
803 write_unlock_bh(&tbl->lock);
804 while ((n = freelist)) {
805 freelist = n->next;
806 n->next = NULL;
807 if (tbl->pdestructor)
808 tbl->pdestructor(n);
809 if (n->dev)
810 dev_put(n->dev);
811 kfree(n);
812 }
813 return -ENOENT;
814}
815
816static void neigh_parms_destroy(struct neigh_parms *parms);
817
818static inline void neigh_parms_put(struct neigh_parms *parms)
819{
820 if (refcount_dec_and_test(&parms->refcnt))
821 neigh_parms_destroy(parms);
822}
823
824/*
825 * neighbour must already be out of the table;
826 *
827 */
828void neigh_destroy(struct neighbour *neigh)
829{
830 struct net_device *dev = neigh->dev;
831
832 NEIGH_CACHE_STAT_INC(neigh->tbl, destroys);
833
834 if (!neigh->dead) {
835 pr_warn("Destroying alive neighbour %p\n", neigh);
836 dump_stack();
837 return;
838 }
839
840 if (neigh_del_timer(neigh))
841 pr_warn("Impossible event\n");
842
843 write_lock_bh(&neigh->lock);
844 __skb_queue_purge(&neigh->arp_queue);
845 write_unlock_bh(&neigh->lock);
846 neigh->arp_queue_len_bytes = 0;
847
848 if (dev->netdev_ops->ndo_neigh_destroy)
849 dev->netdev_ops->ndo_neigh_destroy(dev, neigh);
850
851 dev_put(dev);
852 neigh_parms_put(neigh->parms);
853
854 neigh_dbg(2, "neigh %p is destroyed\n", neigh);
855
856 atomic_dec(&neigh->tbl->entries);
857 kfree_rcu(neigh, rcu);
858}
859EXPORT_SYMBOL(neigh_destroy);
860
861/* Neighbour state is suspicious;
862 disable fast path.
863
864 Called with write_locked neigh.
865 */
866static void neigh_suspect(struct neighbour *neigh)
867{
868 neigh_dbg(2, "neigh %p is suspected\n", neigh);
869
870 neigh->output = neigh->ops->output;
871}
872
873/* Neighbour state is OK;
874 enable fast path.
875
876 Called with write_locked neigh.
877 */
878static void neigh_connect(struct neighbour *neigh)
879{
880 neigh_dbg(2, "neigh %p is connected\n", neigh);
881
882 neigh->output = neigh->ops->connected_output;
883}
884
885static void neigh_periodic_work(struct work_struct *work)
886{
887 struct neigh_table *tbl = container_of(work, struct neigh_table, gc_work.work);
888 struct neighbour *n;
889 struct neighbour __rcu **np;
890 unsigned int i;
891 struct neigh_hash_table *nht;
892
893 NEIGH_CACHE_STAT_INC(tbl, periodic_gc_runs);
894
895 write_lock_bh(&tbl->lock);
896 nht = rcu_dereference_protected(tbl->nht,
897 lockdep_is_held(&tbl->lock));
898
899 /*
900 * periodically recompute ReachableTime from random function
901 */
902
903 if (time_after(jiffies, tbl->last_rand + 300 * HZ)) {
904 struct neigh_parms *p;
905 tbl->last_rand = jiffies;
906 list_for_each_entry(p, &tbl->parms_list, list)
907 p->reachable_time =
908 neigh_rand_reach_time(NEIGH_VAR(p, BASE_REACHABLE_TIME));
909 }
910
911 if (atomic_read(&tbl->entries) < tbl->gc_thresh1)
912 goto out;
913
914 for (i = 0 ; i < (1 << nht->hash_shift); i++) {
915 np = &nht->hash_buckets[i];
916
917 while ((n = rcu_dereference_protected(*np,
918 lockdep_is_held(&tbl->lock))) != NULL) {
919 unsigned int state;
920
921 write_lock(&n->lock);
922
923 state = n->nud_state;
924 if ((state & (NUD_PERMANENT | NUD_IN_TIMER)) ||
925 (n->flags & NTF_EXT_LEARNED)) {
926 write_unlock(&n->lock);
927 goto next_elt;
928 }
929
930 if (time_before(n->used, n->confirmed))
931 n->used = n->confirmed;
932
933 if (refcount_read(&n->refcnt) == 1 &&
934 (state == NUD_FAILED ||
935 time_after(jiffies, n->used + NEIGH_VAR(n->parms, GC_STALETIME)))) {
936 *np = n->next;
937 neigh_mark_dead(n);
938 write_unlock(&n->lock);
939 neigh_cleanup_and_release(n);
940 continue;
941 }
942 write_unlock(&n->lock);
943
944next_elt:
945 np = &n->next;
946 }
947 /*
948 * It's fine to release lock here, even if hash table
949 * grows while we are preempted.
950 */
951 write_unlock_bh(&tbl->lock);
952 cond_resched();
953 write_lock_bh(&tbl->lock);
954 nht = rcu_dereference_protected(tbl->nht,
955 lockdep_is_held(&tbl->lock));
956 }
957out:
958 /* Cycle through all hash buckets every BASE_REACHABLE_TIME/2 ticks.
959 * ARP entry timeouts range from 1/2 BASE_REACHABLE_TIME to 3/2
960 * BASE_REACHABLE_TIME.
961 */
962 queue_delayed_work(system_power_efficient_wq, &tbl->gc_work,
963 NEIGH_VAR(&tbl->parms, BASE_REACHABLE_TIME) >> 1);
964 write_unlock_bh(&tbl->lock);
965}
966
967static __inline__ int neigh_max_probes(struct neighbour *n)
968{
969 struct neigh_parms *p = n->parms;
970 return NEIGH_VAR(p, UCAST_PROBES) + NEIGH_VAR(p, APP_PROBES) +
971 (n->nud_state & NUD_PROBE ? NEIGH_VAR(p, MCAST_REPROBES) :
972 NEIGH_VAR(p, MCAST_PROBES));
973}
974
975static void neigh_invalidate(struct neighbour *neigh)
976 __releases(neigh->lock)
977 __acquires(neigh->lock)
978{
979 struct sk_buff *skb;
980
981 NEIGH_CACHE_STAT_INC(neigh->tbl, res_failed);
982 neigh_dbg(2, "neigh %p is failed\n", neigh);
983 neigh->updated = jiffies;
984
985 /* It is very thin place. report_unreachable is very complicated
986 routine. Particularly, it can hit the same neighbour entry!
987
988 So that, we try to be accurate and avoid dead loop. --ANK
989 */
990 while (neigh->nud_state == NUD_FAILED &&
991 (skb = __skb_dequeue(&neigh->arp_queue)) != NULL) {
992 write_unlock(&neigh->lock);
993 neigh->ops->error_report(neigh, skb);
994 write_lock(&neigh->lock);
995 }
996 __skb_queue_purge(&neigh->arp_queue);
997 neigh->arp_queue_len_bytes = 0;
998}
999
1000static void neigh_probe(struct neighbour *neigh)
1001 __releases(neigh->lock)
1002{
1003 struct sk_buff *skb = skb_peek_tail(&neigh->arp_queue);
1004 /* keep skb alive even if arp_queue overflows */
1005 if (skb)
1006 skb = skb_clone(skb, GFP_ATOMIC);
1007 write_unlock(&neigh->lock);
1008 if (neigh->ops->solicit)
1009 neigh->ops->solicit(neigh, skb);
1010 atomic_inc(&neigh->probes);
1011 consume_skb(skb);
1012}
1013
1014/* Called when a timer expires for a neighbour entry. */
1015
1016static void neigh_timer_handler(struct timer_list *t)
1017{
1018 unsigned long now, next;
1019 struct neighbour *neigh = from_timer(neigh, t, timer);
1020 unsigned int state;
1021 int notify = 0;
1022
1023 write_lock(&neigh->lock);
1024
1025 state = neigh->nud_state;
1026 now = jiffies;
1027 next = now + HZ;
1028
1029 if (!(state & NUD_IN_TIMER))
1030 goto out;
1031
1032 if (state & NUD_REACHABLE) {
1033 if (time_before_eq(now,
1034 neigh->confirmed + neigh->parms->reachable_time)) {
1035 neigh_dbg(2, "neigh %p is still alive\n", neigh);
1036 next = neigh->confirmed + neigh->parms->reachable_time;
1037 } else if (time_before_eq(now,
1038 neigh->used +
1039 NEIGH_VAR(neigh->parms, DELAY_PROBE_TIME))) {
1040 neigh_dbg(2, "neigh %p is delayed\n", neigh);
1041 neigh->nud_state = NUD_DELAY;
1042 neigh->updated = jiffies;
1043 neigh_suspect(neigh);
1044 next = now + NEIGH_VAR(neigh->parms, DELAY_PROBE_TIME);
1045 } else {
1046 neigh_dbg(2, "neigh %p is suspected\n", neigh);
1047 neigh->nud_state = NUD_STALE;
1048 neigh->updated = jiffies;
1049 neigh_suspect(neigh);
1050 notify = 1;
1051 }
1052 } else if (state & NUD_DELAY) {
1053 if (time_before_eq(now,
1054 neigh->confirmed +
1055 NEIGH_VAR(neigh->parms, DELAY_PROBE_TIME))) {
1056 neigh_dbg(2, "neigh %p is now reachable\n", neigh);
1057 neigh->nud_state = NUD_REACHABLE;
1058 neigh->updated = jiffies;
1059 neigh_connect(neigh);
1060 notify = 1;
1061 next = neigh->confirmed + neigh->parms->reachable_time;
1062 } else {
1063 neigh_dbg(2, "neigh %p is probed\n", neigh);
1064 neigh->nud_state = NUD_PROBE;
1065 neigh->updated = jiffies;
1066 atomic_set(&neigh->probes, 0);
1067 notify = 1;
1068 next = now + max(NEIGH_VAR(neigh->parms, RETRANS_TIME),
1069 HZ/100);
1070 }
1071 } else {
1072 /* NUD_PROBE|NUD_INCOMPLETE */
1073 next = now + max(NEIGH_VAR(neigh->parms, RETRANS_TIME), HZ/100);
1074 }
1075
1076 if ((neigh->nud_state & (NUD_INCOMPLETE | NUD_PROBE)) &&
1077 atomic_read(&neigh->probes) >= neigh_max_probes(neigh)) {
1078 neigh->nud_state = NUD_FAILED;
1079 notify = 1;
1080 neigh_invalidate(neigh);
1081 goto out;
1082 }
1083
1084 if (neigh->nud_state & NUD_IN_TIMER) {
1085 if (time_before(next, jiffies + HZ/100))
1086 next = jiffies + HZ/100;
1087 if (!mod_timer(&neigh->timer, next))
1088 neigh_hold(neigh);
1089 }
1090 if (neigh->nud_state & (NUD_INCOMPLETE | NUD_PROBE)) {
1091 neigh_probe(neigh);
1092 } else {
1093out:
1094 write_unlock(&neigh->lock);
1095 }
1096
1097 if (notify)
1098 neigh_update_notify(neigh, 0);
1099
1100 trace_neigh_timer_handler(neigh, 0);
1101
1102 neigh_release(neigh);
1103}
1104
1105int __neigh_event_send(struct neighbour *neigh, struct sk_buff *skb)
1106{
1107 int rc;
1108 bool immediate_probe = false;
1109
1110 write_lock_bh(&neigh->lock);
1111
1112 rc = 0;
1113 if (neigh->nud_state & (NUD_CONNECTED | NUD_DELAY | NUD_PROBE))
1114 goto out_unlock_bh;
1115 if (neigh->dead)
1116 goto out_dead;
1117
1118 if (!(neigh->nud_state & (NUD_STALE | NUD_INCOMPLETE))) {
1119 if (NEIGH_VAR(neigh->parms, MCAST_PROBES) +
1120 NEIGH_VAR(neigh->parms, APP_PROBES)) {
1121 unsigned long next, now = jiffies;
1122
1123 atomic_set(&neigh->probes,
1124 NEIGH_VAR(neigh->parms, UCAST_PROBES));
1125 neigh_del_timer(neigh);
1126 neigh->nud_state = NUD_INCOMPLETE;
1127 neigh->updated = now;
1128 next = now + max(NEIGH_VAR(neigh->parms, RETRANS_TIME),
1129 HZ/100);
1130 neigh_add_timer(neigh, next);
1131 immediate_probe = true;
1132 } else {
1133 neigh->nud_state = NUD_FAILED;
1134 neigh->updated = jiffies;
1135 write_unlock_bh(&neigh->lock);
1136
1137 kfree_skb(skb);
1138 return 1;
1139 }
1140 } else if (neigh->nud_state & NUD_STALE) {
1141 neigh_dbg(2, "neigh %p is delayed\n", neigh);
1142 neigh_del_timer(neigh);
1143 neigh->nud_state = NUD_DELAY;
1144 neigh->updated = jiffies;
1145 neigh_add_timer(neigh, jiffies +
1146 NEIGH_VAR(neigh->parms, DELAY_PROBE_TIME));
1147 }
1148
1149 if (neigh->nud_state == NUD_INCOMPLETE) {
1150 if (skb) {
1151 while (neigh->arp_queue_len_bytes + skb->truesize >
1152 NEIGH_VAR(neigh->parms, QUEUE_LEN_BYTES)) {
1153 struct sk_buff *buff;
1154
1155 buff = __skb_dequeue(&neigh->arp_queue);
1156 if (!buff)
1157 break;
1158 neigh->arp_queue_len_bytes -= buff->truesize;
1159 kfree_skb(buff);
1160 NEIGH_CACHE_STAT_INC(neigh->tbl, unres_discards);
1161 }
1162 skb_dst_force(skb);
1163 __skb_queue_tail(&neigh->arp_queue, skb);
1164 neigh->arp_queue_len_bytes += skb->truesize;
1165 }
1166 rc = 1;
1167 }
1168out_unlock_bh:
1169 if (immediate_probe)
1170 neigh_probe(neigh);
1171 else
1172 write_unlock(&neigh->lock);
1173 local_bh_enable();
1174 trace_neigh_event_send_done(neigh, rc);
1175 return rc;
1176
1177out_dead:
1178 if (neigh->nud_state & NUD_STALE)
1179 goto out_unlock_bh;
1180 write_unlock_bh(&neigh->lock);
1181 kfree_skb(skb);
1182 trace_neigh_event_send_dead(neigh, 1);
1183 return 1;
1184}
1185EXPORT_SYMBOL(__neigh_event_send);
1186
1187static void neigh_update_hhs(struct neighbour *neigh)
1188{
1189 struct hh_cache *hh;
1190 void (*update)(struct hh_cache*, const struct net_device*, const unsigned char *)
1191 = NULL;
1192
1193 if (neigh->dev->header_ops)
1194 update = neigh->dev->header_ops->cache_update;
1195
1196 if (update) {
1197 hh = &neigh->hh;
1198 if (READ_ONCE(hh->hh_len)) {
1199 write_seqlock_bh(&hh->hh_lock);
1200 update(hh, neigh->dev, neigh->ha);
1201 write_sequnlock_bh(&hh->hh_lock);
1202 }
1203 }
1204}
1205
1206
1207
1208/* Generic update routine.
1209 -- lladdr is new lladdr or NULL, if it is not supplied.
1210 -- new is new state.
1211 -- flags
1212 NEIGH_UPDATE_F_OVERRIDE allows to override existing lladdr,
1213 if it is different.
1214 NEIGH_UPDATE_F_WEAK_OVERRIDE will suspect existing "connected"
1215 lladdr instead of overriding it
1216 if it is different.
1217 NEIGH_UPDATE_F_ADMIN means that the change is administrative.
1218
1219 NEIGH_UPDATE_F_OVERRIDE_ISROUTER allows to override existing
1220 NTF_ROUTER flag.
1221 NEIGH_UPDATE_F_ISROUTER indicates if the neighbour is known as
1222 a router.
1223
1224 Caller MUST hold reference count on the entry.
1225 */
1226
1227static int __neigh_update(struct neighbour *neigh, const u8 *lladdr,
1228 u8 new, u32 flags, u32 nlmsg_pid,
1229 struct netlink_ext_ack *extack)
1230{
1231 bool ext_learn_change = false;
1232 u8 old;
1233 int err;
1234 int notify = 0;
1235 struct net_device *dev;
1236 int update_isrouter = 0;
1237
1238 trace_neigh_update(neigh, lladdr, new, flags, nlmsg_pid);
1239
1240 write_lock_bh(&neigh->lock);
1241
1242 dev = neigh->dev;
1243 old = neigh->nud_state;
1244 err = -EPERM;
1245
1246 if (!(flags & NEIGH_UPDATE_F_ADMIN) &&
1247 (old & (NUD_NOARP | NUD_PERMANENT)))
1248 goto out;
1249 if (neigh->dead) {
1250 NL_SET_ERR_MSG(extack, "Neighbor entry is now dead");
1251 goto out;
1252 }
1253
1254 ext_learn_change = neigh_update_ext_learned(neigh, flags, ¬ify);
1255
1256 if (!(new & NUD_VALID)) {
1257 neigh_del_timer(neigh);
1258 if (old & NUD_CONNECTED)
1259 neigh_suspect(neigh);
1260 neigh->nud_state = new;
1261 err = 0;
1262 notify = old & NUD_VALID;
1263 if ((old & (NUD_INCOMPLETE | NUD_PROBE)) &&
1264 (new & NUD_FAILED)) {
1265 neigh_invalidate(neigh);
1266 notify = 1;
1267 }
1268 goto out;
1269 }
1270
1271 /* Compare new lladdr with cached one */
1272 if (!dev->addr_len) {
1273 /* First case: device needs no address. */
1274 lladdr = neigh->ha;
1275 } else if (lladdr) {
1276 /* The second case: if something is already cached
1277 and a new address is proposed:
1278 - compare new & old
1279 - if they are different, check override flag
1280 */
1281 if ((old & NUD_VALID) &&
1282 !memcmp(lladdr, neigh->ha, dev->addr_len))
1283 lladdr = neigh->ha;
1284 } else {
1285 /* No address is supplied; if we know something,
1286 use it, otherwise discard the request.
1287 */
1288 err = -EINVAL;
1289 if (!(old & NUD_VALID)) {
1290 NL_SET_ERR_MSG(extack, "No link layer address given");
1291 goto out;
1292 }
1293 lladdr = neigh->ha;
1294 }
1295
1296 /* Update confirmed timestamp for neighbour entry after we
1297 * received ARP packet even if it doesn't change IP to MAC binding.
1298 */
1299 if (new & NUD_CONNECTED)
1300 neigh->confirmed = jiffies;
1301
1302 /* If entry was valid and address is not changed,
1303 do not change entry state, if new one is STALE.
1304 */
1305 err = 0;
1306 update_isrouter = flags & NEIGH_UPDATE_F_OVERRIDE_ISROUTER;
1307 if (old & NUD_VALID) {
1308 if (lladdr != neigh->ha && !(flags & NEIGH_UPDATE_F_OVERRIDE)) {
1309 update_isrouter = 0;
1310 if ((flags & NEIGH_UPDATE_F_WEAK_OVERRIDE) &&
1311 (old & NUD_CONNECTED)) {
1312 lladdr = neigh->ha;
1313 new = NUD_STALE;
1314 } else
1315 goto out;
1316 } else {
1317 if (lladdr == neigh->ha && new == NUD_STALE &&
1318 !(flags & NEIGH_UPDATE_F_ADMIN))
1319 new = old;
1320 }
1321 }
1322
1323 /* Update timestamp only once we know we will make a change to the
1324 * neighbour entry. Otherwise we risk to move the locktime window with
1325 * noop updates and ignore relevant ARP updates.
1326 */
1327 if (new != old || lladdr != neigh->ha)
1328 neigh->updated = jiffies;
1329
1330 if (new != old) {
1331 neigh_del_timer(neigh);
1332 if (new & NUD_PROBE)
1333 atomic_set(&neigh->probes, 0);
1334 if (new & NUD_IN_TIMER)
1335 neigh_add_timer(neigh, (jiffies +
1336 ((new & NUD_REACHABLE) ?
1337 neigh->parms->reachable_time :
1338 0)));
1339 neigh->nud_state = new;
1340 notify = 1;
1341 }
1342
1343 if (lladdr != neigh->ha) {
1344 write_seqlock(&neigh->ha_lock);
1345 memcpy(&neigh->ha, lladdr, dev->addr_len);
1346 write_sequnlock(&neigh->ha_lock);
1347 neigh_update_hhs(neigh);
1348 if (!(new & NUD_CONNECTED))
1349 neigh->confirmed = jiffies -
1350 (NEIGH_VAR(neigh->parms, BASE_REACHABLE_TIME) << 1);
1351 notify = 1;
1352 }
1353 if (new == old)
1354 goto out;
1355 if (new & NUD_CONNECTED)
1356 neigh_connect(neigh);
1357 else
1358 neigh_suspect(neigh);
1359 if (!(old & NUD_VALID)) {
1360 struct sk_buff *skb;
1361
1362 /* Again: avoid dead loop if something went wrong */
1363
1364 while (neigh->nud_state & NUD_VALID &&
1365 (skb = __skb_dequeue(&neigh->arp_queue)) != NULL) {
1366 struct dst_entry *dst = skb_dst(skb);
1367 struct neighbour *n2, *n1 = neigh;
1368 write_unlock_bh(&neigh->lock);
1369
1370 rcu_read_lock();
1371
1372 /* Why not just use 'neigh' as-is? The problem is that
1373 * things such as shaper, eql, and sch_teql can end up
1374 * using alternative, different, neigh objects to output
1375 * the packet in the output path. So what we need to do
1376 * here is re-lookup the top-level neigh in the path so
1377 * we can reinject the packet there.
1378 */
1379 n2 = NULL;
1380 if (dst) {
1381 n2 = dst_neigh_lookup_skb(dst, skb);
1382 if (n2)
1383 n1 = n2;
1384 }
1385 n1->output(n1, skb);
1386 if (n2)
1387 neigh_release(n2);
1388 rcu_read_unlock();
1389
1390 write_lock_bh(&neigh->lock);
1391 }
1392 __skb_queue_purge(&neigh->arp_queue);
1393 neigh->arp_queue_len_bytes = 0;
1394 }
1395out:
1396 if (update_isrouter)
1397 neigh_update_is_router(neigh, flags, ¬ify);
1398 write_unlock_bh(&neigh->lock);
1399
1400 if (((new ^ old) & NUD_PERMANENT) || ext_learn_change)
1401 neigh_update_gc_list(neigh);
1402
1403 if (notify)
1404 neigh_update_notify(neigh, nlmsg_pid);
1405
1406 trace_neigh_update_done(neigh, err);
1407
1408 return err;
1409}
1410
1411int neigh_update(struct neighbour *neigh, const u8 *lladdr, u8 new,
1412 u32 flags, u32 nlmsg_pid)
1413{
1414 return __neigh_update(neigh, lladdr, new, flags, nlmsg_pid, NULL);
1415}
1416EXPORT_SYMBOL(neigh_update);
1417
1418/* Update the neigh to listen temporarily for probe responses, even if it is
1419 * in a NUD_FAILED state. The caller has to hold neigh->lock for writing.
1420 */
1421void __neigh_set_probe_once(struct neighbour *neigh)
1422{
1423 if (neigh->dead)
1424 return;
1425 neigh->updated = jiffies;
1426 if (!(neigh->nud_state & NUD_FAILED))
1427 return;
1428 neigh->nud_state = NUD_INCOMPLETE;
1429 atomic_set(&neigh->probes, neigh_max_probes(neigh));
1430 neigh_add_timer(neigh,
1431 jiffies + max(NEIGH_VAR(neigh->parms, RETRANS_TIME),
1432 HZ/100));
1433}
1434EXPORT_SYMBOL(__neigh_set_probe_once);
1435
1436struct neighbour *neigh_event_ns(struct neigh_table *tbl,
1437 u8 *lladdr, void *saddr,
1438 struct net_device *dev)
1439{
1440 struct neighbour *neigh = __neigh_lookup(tbl, saddr, dev,
1441 lladdr || !dev->addr_len);
1442 if (neigh)
1443 neigh_update(neigh, lladdr, NUD_STALE,
1444 NEIGH_UPDATE_F_OVERRIDE, 0);
1445 return neigh;
1446}
1447EXPORT_SYMBOL(neigh_event_ns);
1448
1449/* called with read_lock_bh(&n->lock); */
1450static void neigh_hh_init(struct neighbour *n)
1451{
1452 struct net_device *dev = n->dev;
1453 __be16 prot = n->tbl->protocol;
1454 struct hh_cache *hh = &n->hh;
1455
1456 write_lock_bh(&n->lock);
1457
1458 /* Only one thread can come in here and initialize the
1459 * hh_cache entry.
1460 */
1461 if (!hh->hh_len)
1462 dev->header_ops->cache(n, hh, prot);
1463
1464 write_unlock_bh(&n->lock);
1465}
1466
1467/* Slow and careful. */
1468
1469int neigh_resolve_output(struct neighbour *neigh, struct sk_buff *skb)
1470{
1471 int rc = 0;
1472
1473 if (!neigh_event_send(neigh, skb)) {
1474 int err;
1475 struct net_device *dev = neigh->dev;
1476 unsigned int seq;
1477
1478 if (dev->header_ops->cache && !READ_ONCE(neigh->hh.hh_len))
1479 neigh_hh_init(neigh);
1480
1481 do {
1482 __skb_pull(skb, skb_network_offset(skb));
1483 seq = read_seqbegin(&neigh->ha_lock);
1484 err = dev_hard_header(skb, dev, ntohs(skb->protocol),
1485 neigh->ha, NULL, skb->len);
1486 } while (read_seqretry(&neigh->ha_lock, seq));
1487
1488 if (err >= 0)
1489 rc = dev_queue_xmit(skb);
1490 else
1491 goto out_kfree_skb;
1492 }
1493out:
1494 return rc;
1495out_kfree_skb:
1496 rc = -EINVAL;
1497 kfree_skb(skb);
1498 goto out;
1499}
1500EXPORT_SYMBOL(neigh_resolve_output);
1501
1502/* As fast as possible without hh cache */
1503
1504int neigh_connected_output(struct neighbour *neigh, struct sk_buff *skb)
1505{
1506 struct net_device *dev = neigh->dev;
1507 unsigned int seq;
1508 int err;
1509
1510 do {
1511 __skb_pull(skb, skb_network_offset(skb));
1512 seq = read_seqbegin(&neigh->ha_lock);
1513 err = dev_hard_header(skb, dev, ntohs(skb->protocol),
1514 neigh->ha, NULL, skb->len);
1515 } while (read_seqretry(&neigh->ha_lock, seq));
1516
1517 if (err >= 0)
1518 err = dev_queue_xmit(skb);
1519 else {
1520 err = -EINVAL;
1521 kfree_skb(skb);
1522 }
1523 return err;
1524}
1525EXPORT_SYMBOL(neigh_connected_output);
1526
1527int neigh_direct_output(struct neighbour *neigh, struct sk_buff *skb)
1528{
1529 return dev_queue_xmit(skb);
1530}
1531EXPORT_SYMBOL(neigh_direct_output);
1532
1533static void neigh_proxy_process(struct timer_list *t)
1534{
1535 struct neigh_table *tbl = from_timer(tbl, t, proxy_timer);
1536 long sched_next = 0;
1537 unsigned long now = jiffies;
1538 struct sk_buff *skb, *n;
1539
1540 spin_lock(&tbl->proxy_queue.lock);
1541
1542 skb_queue_walk_safe(&tbl->proxy_queue, skb, n) {
1543 long tdif = NEIGH_CB(skb)->sched_next - now;
1544
1545 if (tdif <= 0) {
1546 struct net_device *dev = skb->dev;
1547
1548 __skb_unlink(skb, &tbl->proxy_queue);
1549 if (tbl->proxy_redo && netif_running(dev)) {
1550 rcu_read_lock();
1551 tbl->proxy_redo(skb);
1552 rcu_read_unlock();
1553 } else {
1554 kfree_skb(skb);
1555 }
1556
1557 dev_put(dev);
1558 } else if (!sched_next || tdif < sched_next)
1559 sched_next = tdif;
1560 }
1561 del_timer(&tbl->proxy_timer);
1562 if (sched_next)
1563 mod_timer(&tbl->proxy_timer, jiffies + sched_next);
1564 spin_unlock(&tbl->proxy_queue.lock);
1565}
1566
1567void pneigh_enqueue(struct neigh_table *tbl, struct neigh_parms *p,
1568 struct sk_buff *skb)
1569{
1570 unsigned long now = jiffies;
1571
1572 unsigned long sched_next = now + (prandom_u32() %
1573 NEIGH_VAR(p, PROXY_DELAY));
1574
1575 if (tbl->proxy_queue.qlen > NEIGH_VAR(p, PROXY_QLEN)) {
1576 kfree_skb(skb);
1577 return;
1578 }
1579
1580 NEIGH_CB(skb)->sched_next = sched_next;
1581 NEIGH_CB(skb)->flags |= LOCALLY_ENQUEUED;
1582
1583 spin_lock(&tbl->proxy_queue.lock);
1584 if (del_timer(&tbl->proxy_timer)) {
1585 if (time_before(tbl->proxy_timer.expires, sched_next))
1586 sched_next = tbl->proxy_timer.expires;
1587 }
1588 skb_dst_drop(skb);
1589 dev_hold(skb->dev);
1590 __skb_queue_tail(&tbl->proxy_queue, skb);
1591 mod_timer(&tbl->proxy_timer, sched_next);
1592 spin_unlock(&tbl->proxy_queue.lock);
1593}
1594EXPORT_SYMBOL(pneigh_enqueue);
1595
1596static inline struct neigh_parms *lookup_neigh_parms(struct neigh_table *tbl,
1597 struct net *net, int ifindex)
1598{
1599 struct neigh_parms *p;
1600
1601 list_for_each_entry(p, &tbl->parms_list, list) {
1602 if ((p->dev && p->dev->ifindex == ifindex && net_eq(neigh_parms_net(p), net)) ||
1603 (!p->dev && !ifindex && net_eq(net, &init_net)))
1604 return p;
1605 }
1606
1607 return NULL;
1608}
1609
1610struct neigh_parms *neigh_parms_alloc(struct net_device *dev,
1611 struct neigh_table *tbl)
1612{
1613 struct neigh_parms *p;
1614 struct net *net = dev_net(dev);
1615 const struct net_device_ops *ops = dev->netdev_ops;
1616
1617 p = kmemdup(&tbl->parms, sizeof(*p), GFP_KERNEL);
1618 if (p) {
1619 p->tbl = tbl;
1620 refcount_set(&p->refcnt, 1);
1621 p->reachable_time =
1622 neigh_rand_reach_time(NEIGH_VAR(p, BASE_REACHABLE_TIME));
1623 dev_hold(dev);
1624 p->dev = dev;
1625 write_pnet(&p->net, net);
1626 p->sysctl_table = NULL;
1627
1628 if (ops->ndo_neigh_setup && ops->ndo_neigh_setup(dev, p)) {
1629 dev_put(dev);
1630 kfree(p);
1631 return NULL;
1632 }
1633
1634 write_lock_bh(&tbl->lock);
1635 list_add(&p->list, &tbl->parms.list);
1636 write_unlock_bh(&tbl->lock);
1637
1638 neigh_parms_data_state_cleanall(p);
1639 }
1640 return p;
1641}
1642EXPORT_SYMBOL(neigh_parms_alloc);
1643
1644static void neigh_rcu_free_parms(struct rcu_head *head)
1645{
1646 struct neigh_parms *parms =
1647 container_of(head, struct neigh_parms, rcu_head);
1648
1649 neigh_parms_put(parms);
1650}
1651
1652void neigh_parms_release(struct neigh_table *tbl, struct neigh_parms *parms)
1653{
1654 if (!parms || parms == &tbl->parms)
1655 return;
1656 write_lock_bh(&tbl->lock);
1657 list_del(&parms->list);
1658 parms->dead = 1;
1659 write_unlock_bh(&tbl->lock);
1660 if (parms->dev)
1661 dev_put(parms->dev);
1662 call_rcu(&parms->rcu_head, neigh_rcu_free_parms);
1663}
1664EXPORT_SYMBOL(neigh_parms_release);
1665
1666static void neigh_parms_destroy(struct neigh_parms *parms)
1667{
1668 kfree(parms);
1669}
1670
1671static struct lock_class_key neigh_table_proxy_queue_class;
1672
1673static struct neigh_table *neigh_tables[NEIGH_NR_TABLES] __read_mostly;
1674
1675void neigh_table_init(int index, struct neigh_table *tbl)
1676{
1677 unsigned long now = jiffies;
1678 unsigned long phsize;
1679
1680 INIT_LIST_HEAD(&tbl->parms_list);
1681 INIT_LIST_HEAD(&tbl->gc_list);
1682 list_add(&tbl->parms.list, &tbl->parms_list);
1683 write_pnet(&tbl->parms.net, &init_net);
1684 refcount_set(&tbl->parms.refcnt, 1);
1685 tbl->parms.reachable_time =
1686 neigh_rand_reach_time(NEIGH_VAR(&tbl->parms, BASE_REACHABLE_TIME));
1687
1688 tbl->stats = alloc_percpu(struct neigh_statistics);
1689 if (!tbl->stats)
1690 panic("cannot create neighbour cache statistics");
1691
1692#ifdef CONFIG_PROC_FS
1693 if (!proc_create_seq_data(tbl->id, 0, init_net.proc_net_stat,
1694 &neigh_stat_seq_ops, tbl))
1695 panic("cannot create neighbour proc dir entry");
1696#endif
1697
1698 RCU_INIT_POINTER(tbl->nht, neigh_hash_alloc(3));
1699
1700 phsize = (PNEIGH_HASHMASK + 1) * sizeof(struct pneigh_entry *);
1701 tbl->phash_buckets = kzalloc(phsize, GFP_KERNEL);
1702
1703 if (!tbl->nht || !tbl->phash_buckets)
1704 panic("cannot allocate neighbour cache hashes");
1705
1706 if (!tbl->entry_size)
1707 tbl->entry_size = ALIGN(offsetof(struct neighbour, primary_key) +
1708 tbl->key_len, NEIGH_PRIV_ALIGN);
1709 else
1710 WARN_ON(tbl->entry_size % NEIGH_PRIV_ALIGN);
1711
1712 rwlock_init(&tbl->lock);
1713 INIT_DEFERRABLE_WORK(&tbl->gc_work, neigh_periodic_work);
1714 queue_delayed_work(system_power_efficient_wq, &tbl->gc_work,
1715 tbl->parms.reachable_time);
1716 timer_setup(&tbl->proxy_timer, neigh_proxy_process, 0);
1717 skb_queue_head_init_class(&tbl->proxy_queue,
1718 &neigh_table_proxy_queue_class);
1719
1720 tbl->last_flush = now;
1721 tbl->last_rand = now + tbl->parms.reachable_time * 20;
1722
1723 neigh_tables[index] = tbl;
1724}
1725EXPORT_SYMBOL(neigh_table_init);
1726
1727int neigh_table_clear(int index, struct neigh_table *tbl)
1728{
1729 neigh_tables[index] = NULL;
1730 /* It is not clean... Fix it to unload IPv6 module safely */
1731 cancel_delayed_work_sync(&tbl->gc_work);
1732 del_timer_sync(&tbl->proxy_timer);
1733 pneigh_queue_purge(&tbl->proxy_queue);
1734 neigh_ifdown(tbl, NULL);
1735 if (atomic_read(&tbl->entries))
1736 pr_crit("neighbour leakage\n");
1737
1738 call_rcu(&rcu_dereference_protected(tbl->nht, 1)->rcu,
1739 neigh_hash_free_rcu);
1740 tbl->nht = NULL;
1741
1742 kfree(tbl->phash_buckets);
1743 tbl->phash_buckets = NULL;
1744
1745 remove_proc_entry(tbl->id, init_net.proc_net_stat);
1746
1747 free_percpu(tbl->stats);
1748 tbl->stats = NULL;
1749
1750 return 0;
1751}
1752EXPORT_SYMBOL(neigh_table_clear);
1753
1754static struct neigh_table *neigh_find_table(int family)
1755{
1756 struct neigh_table *tbl = NULL;
1757
1758 switch (family) {
1759 case AF_INET:
1760 tbl = neigh_tables[NEIGH_ARP_TABLE];
1761 break;
1762 case AF_INET6:
1763 tbl = neigh_tables[NEIGH_ND_TABLE];
1764 break;
1765 case AF_DECnet:
1766 tbl = neigh_tables[NEIGH_DN_TABLE];
1767 break;
1768 }
1769
1770 return tbl;
1771}
1772
1773const struct nla_policy nda_policy[NDA_MAX+1] = {
1774 [NDA_UNSPEC] = { .strict_start_type = NDA_NH_ID },
1775 [NDA_DST] = { .type = NLA_BINARY, .len = MAX_ADDR_LEN },
1776 [NDA_LLADDR] = { .type = NLA_BINARY, .len = MAX_ADDR_LEN },
1777 [NDA_CACHEINFO] = { .len = sizeof(struct nda_cacheinfo) },
1778 [NDA_PROBES] = { .type = NLA_U32 },
1779 [NDA_VLAN] = { .type = NLA_U16 },
1780 [NDA_PORT] = { .type = NLA_U16 },
1781 [NDA_VNI] = { .type = NLA_U32 },
1782 [NDA_IFINDEX] = { .type = NLA_U32 },
1783 [NDA_MASTER] = { .type = NLA_U32 },
1784 [NDA_PROTOCOL] = { .type = NLA_U8 },
1785 [NDA_NH_ID] = { .type = NLA_U32 },
1786 [NDA_FDB_EXT_ATTRS] = { .type = NLA_NESTED },
1787};
1788
1789static int neigh_delete(struct sk_buff *skb, struct nlmsghdr *nlh,
1790 struct netlink_ext_ack *extack)
1791{
1792 struct net *net = sock_net(skb->sk);
1793 struct ndmsg *ndm;
1794 struct nlattr *dst_attr;
1795 struct neigh_table *tbl;
1796 struct neighbour *neigh;
1797 struct net_device *dev = NULL;
1798 int err = -EINVAL;
1799
1800 ASSERT_RTNL();
1801 if (nlmsg_len(nlh) < sizeof(*ndm))
1802 goto out;
1803
1804 dst_attr = nlmsg_find_attr(nlh, sizeof(*ndm), NDA_DST);
1805 if (!dst_attr) {
1806 NL_SET_ERR_MSG(extack, "Network address not specified");
1807 goto out;
1808 }
1809
1810 ndm = nlmsg_data(nlh);
1811 if (ndm->ndm_ifindex) {
1812 dev = __dev_get_by_index(net, ndm->ndm_ifindex);
1813 if (dev == NULL) {
1814 err = -ENODEV;
1815 goto out;
1816 }
1817 }
1818
1819 tbl = neigh_find_table(ndm->ndm_family);
1820 if (tbl == NULL)
1821 return -EAFNOSUPPORT;
1822
1823 if (nla_len(dst_attr) < (int)tbl->key_len) {
1824 NL_SET_ERR_MSG(extack, "Invalid network address");
1825 goto out;
1826 }
1827
1828 if (ndm->ndm_flags & NTF_PROXY) {
1829 err = pneigh_delete(tbl, net, nla_data(dst_attr), dev);
1830 goto out;
1831 }
1832
1833 if (dev == NULL)
1834 goto out;
1835
1836 neigh = neigh_lookup(tbl, nla_data(dst_attr), dev);
1837 if (neigh == NULL) {
1838 err = -ENOENT;
1839 goto out;
1840 }
1841
1842 err = __neigh_update(neigh, NULL, NUD_FAILED,
1843 NEIGH_UPDATE_F_OVERRIDE | NEIGH_UPDATE_F_ADMIN,
1844 NETLINK_CB(skb).portid, extack);
1845 write_lock_bh(&tbl->lock);
1846 neigh_release(neigh);
1847 neigh_remove_one(neigh, tbl);
1848 write_unlock_bh(&tbl->lock);
1849
1850out:
1851 return err;
1852}
1853
1854static int neigh_add(struct sk_buff *skb, struct nlmsghdr *nlh,
1855 struct netlink_ext_ack *extack)
1856{
1857 int flags = NEIGH_UPDATE_F_ADMIN | NEIGH_UPDATE_F_OVERRIDE |
1858 NEIGH_UPDATE_F_OVERRIDE_ISROUTER;
1859 struct net *net = sock_net(skb->sk);
1860 struct ndmsg *ndm;
1861 struct nlattr *tb[NDA_MAX+1];
1862 struct neigh_table *tbl;
1863 struct net_device *dev = NULL;
1864 struct neighbour *neigh;
1865 void *dst, *lladdr;
1866 u8 protocol = 0;
1867 int err;
1868
1869 ASSERT_RTNL();
1870 err = nlmsg_parse_deprecated(nlh, sizeof(*ndm), tb, NDA_MAX,
1871 nda_policy, extack);
1872 if (err < 0)
1873 goto out;
1874
1875 err = -EINVAL;
1876 if (!tb[NDA_DST]) {
1877 NL_SET_ERR_MSG(extack, "Network address not specified");
1878 goto out;
1879 }
1880
1881 ndm = nlmsg_data(nlh);
1882 if (ndm->ndm_ifindex) {
1883 dev = __dev_get_by_index(net, ndm->ndm_ifindex);
1884 if (dev == NULL) {
1885 err = -ENODEV;
1886 goto out;
1887 }
1888
1889 if (tb[NDA_LLADDR] && nla_len(tb[NDA_LLADDR]) < dev->addr_len) {
1890 NL_SET_ERR_MSG(extack, "Invalid link address");
1891 goto out;
1892 }
1893 }
1894
1895 tbl = neigh_find_table(ndm->ndm_family);
1896 if (tbl == NULL)
1897 return -EAFNOSUPPORT;
1898
1899 if (nla_len(tb[NDA_DST]) < (int)tbl->key_len) {
1900 NL_SET_ERR_MSG(extack, "Invalid network address");
1901 goto out;
1902 }
1903
1904 dst = nla_data(tb[NDA_DST]);
1905 lladdr = tb[NDA_LLADDR] ? nla_data(tb[NDA_LLADDR]) : NULL;
1906
1907 if (tb[NDA_PROTOCOL])
1908 protocol = nla_get_u8(tb[NDA_PROTOCOL]);
1909
1910 if (ndm->ndm_flags & NTF_PROXY) {
1911 struct pneigh_entry *pn;
1912
1913 err = -ENOBUFS;
1914 pn = pneigh_lookup(tbl, net, dst, dev, 1);
1915 if (pn) {
1916 pn->flags = ndm->ndm_flags;
1917 if (protocol)
1918 pn->protocol = protocol;
1919 err = 0;
1920 }
1921 goto out;
1922 }
1923
1924 if (!dev) {
1925 NL_SET_ERR_MSG(extack, "Device not specified");
1926 goto out;
1927 }
1928
1929 if (tbl->allow_add && !tbl->allow_add(dev, extack)) {
1930 err = -EINVAL;
1931 goto out;
1932 }
1933
1934 neigh = neigh_lookup(tbl, dst, dev);
1935 if (neigh == NULL) {
1936 bool exempt_from_gc;
1937
1938 if (!(nlh->nlmsg_flags & NLM_F_CREATE)) {
1939 err = -ENOENT;
1940 goto out;
1941 }
1942
1943 exempt_from_gc = ndm->ndm_state & NUD_PERMANENT ||
1944 ndm->ndm_flags & NTF_EXT_LEARNED;
1945 neigh = ___neigh_create(tbl, dst, dev, exempt_from_gc, true);
1946 if (IS_ERR(neigh)) {
1947 err = PTR_ERR(neigh);
1948 goto out;
1949 }
1950 } else {
1951 if (nlh->nlmsg_flags & NLM_F_EXCL) {
1952 err = -EEXIST;
1953 neigh_release(neigh);
1954 goto out;
1955 }
1956
1957 if (!(nlh->nlmsg_flags & NLM_F_REPLACE))
1958 flags &= ~(NEIGH_UPDATE_F_OVERRIDE |
1959 NEIGH_UPDATE_F_OVERRIDE_ISROUTER);
1960 }
1961
1962 if (protocol)
1963 neigh->protocol = protocol;
1964
1965 if (ndm->ndm_flags & NTF_EXT_LEARNED)
1966 flags |= NEIGH_UPDATE_F_EXT_LEARNED;
1967
1968 if (ndm->ndm_flags & NTF_ROUTER)
1969 flags |= NEIGH_UPDATE_F_ISROUTER;
1970
1971 if (ndm->ndm_flags & NTF_USE) {
1972 neigh_event_send(neigh, NULL);
1973 err = 0;
1974 } else
1975 err = __neigh_update(neigh, lladdr, ndm->ndm_state, flags,
1976 NETLINK_CB(skb).portid, extack);
1977
1978 neigh_release(neigh);
1979
1980out:
1981 return err;
1982}
1983
1984static int neightbl_fill_parms(struct sk_buff *skb, struct neigh_parms *parms)
1985{
1986 struct nlattr *nest;
1987
1988 nest = nla_nest_start_noflag(skb, NDTA_PARMS);
1989 if (nest == NULL)
1990 return -ENOBUFS;
1991
1992 if ((parms->dev &&
1993 nla_put_u32(skb, NDTPA_IFINDEX, parms->dev->ifindex)) ||
1994 nla_put_u32(skb, NDTPA_REFCNT, refcount_read(&parms->refcnt)) ||
1995 nla_put_u32(skb, NDTPA_QUEUE_LENBYTES,
1996 NEIGH_VAR(parms, QUEUE_LEN_BYTES)) ||
1997 /* approximative value for deprecated QUEUE_LEN (in packets) */
1998 nla_put_u32(skb, NDTPA_QUEUE_LEN,
1999 NEIGH_VAR(parms, QUEUE_LEN_BYTES) / SKB_TRUESIZE(ETH_FRAME_LEN)) ||
2000 nla_put_u32(skb, NDTPA_PROXY_QLEN, NEIGH_VAR(parms, PROXY_QLEN)) ||
2001 nla_put_u32(skb, NDTPA_APP_PROBES, NEIGH_VAR(parms, APP_PROBES)) ||
2002 nla_put_u32(skb, NDTPA_UCAST_PROBES,
2003 NEIGH_VAR(parms, UCAST_PROBES)) ||
2004 nla_put_u32(skb, NDTPA_MCAST_PROBES,
2005 NEIGH_VAR(parms, MCAST_PROBES)) ||
2006 nla_put_u32(skb, NDTPA_MCAST_REPROBES,
2007 NEIGH_VAR(parms, MCAST_REPROBES)) ||
2008 nla_put_msecs(skb, NDTPA_REACHABLE_TIME, parms->reachable_time,
2009 NDTPA_PAD) ||
2010 nla_put_msecs(skb, NDTPA_BASE_REACHABLE_TIME,
2011 NEIGH_VAR(parms, BASE_REACHABLE_TIME), NDTPA_PAD) ||
2012 nla_put_msecs(skb, NDTPA_GC_STALETIME,
2013 NEIGH_VAR(parms, GC_STALETIME), NDTPA_PAD) ||
2014 nla_put_msecs(skb, NDTPA_DELAY_PROBE_TIME,
2015 NEIGH_VAR(parms, DELAY_PROBE_TIME), NDTPA_PAD) ||
2016 nla_put_msecs(skb, NDTPA_RETRANS_TIME,
2017 NEIGH_VAR(parms, RETRANS_TIME), NDTPA_PAD) ||
2018 nla_put_msecs(skb, NDTPA_ANYCAST_DELAY,
2019 NEIGH_VAR(parms, ANYCAST_DELAY), NDTPA_PAD) ||
2020 nla_put_msecs(skb, NDTPA_PROXY_DELAY,
2021 NEIGH_VAR(parms, PROXY_DELAY), NDTPA_PAD) ||
2022 nla_put_msecs(skb, NDTPA_LOCKTIME,
2023 NEIGH_VAR(parms, LOCKTIME), NDTPA_PAD))
2024 goto nla_put_failure;
2025 return nla_nest_end(skb, nest);
2026
2027nla_put_failure:
2028 nla_nest_cancel(skb, nest);
2029 return -EMSGSIZE;
2030}
2031
2032static int neightbl_fill_info(struct sk_buff *skb, struct neigh_table *tbl,
2033 u32 pid, u32 seq, int type, int flags)
2034{
2035 struct nlmsghdr *nlh;
2036 struct ndtmsg *ndtmsg;
2037
2038 nlh = nlmsg_put(skb, pid, seq, type, sizeof(*ndtmsg), flags);
2039 if (nlh == NULL)
2040 return -EMSGSIZE;
2041
2042 ndtmsg = nlmsg_data(nlh);
2043
2044 read_lock_bh(&tbl->lock);
2045 ndtmsg->ndtm_family = tbl->family;
2046 ndtmsg->ndtm_pad1 = 0;
2047 ndtmsg->ndtm_pad2 = 0;
2048
2049 if (nla_put_string(skb, NDTA_NAME, tbl->id) ||
2050 nla_put_msecs(skb, NDTA_GC_INTERVAL, tbl->gc_interval, NDTA_PAD) ||
2051 nla_put_u32(skb, NDTA_THRESH1, tbl->gc_thresh1) ||
2052 nla_put_u32(skb, NDTA_THRESH2, tbl->gc_thresh2) ||
2053 nla_put_u32(skb, NDTA_THRESH3, tbl->gc_thresh3))
2054 goto nla_put_failure;
2055 {
2056 unsigned long now = jiffies;
2057 long flush_delta = now - tbl->last_flush;
2058 long rand_delta = now - tbl->last_rand;
2059 struct neigh_hash_table *nht;
2060 struct ndt_config ndc = {
2061 .ndtc_key_len = tbl->key_len,
2062 .ndtc_entry_size = tbl->entry_size,
2063 .ndtc_entries = atomic_read(&tbl->entries),
2064 .ndtc_last_flush = jiffies_to_msecs(flush_delta),
2065 .ndtc_last_rand = jiffies_to_msecs(rand_delta),
2066 .ndtc_proxy_qlen = tbl->proxy_queue.qlen,
2067 };
2068
2069 rcu_read_lock_bh();
2070 nht = rcu_dereference_bh(tbl->nht);
2071 ndc.ndtc_hash_rnd = nht->hash_rnd[0];
2072 ndc.ndtc_hash_mask = ((1 << nht->hash_shift) - 1);
2073 rcu_read_unlock_bh();
2074
2075 if (nla_put(skb, NDTA_CONFIG, sizeof(ndc), &ndc))
2076 goto nla_put_failure;
2077 }
2078
2079 {
2080 int cpu;
2081 struct ndt_stats ndst;
2082
2083 memset(&ndst, 0, sizeof(ndst));
2084
2085 for_each_possible_cpu(cpu) {
2086 struct neigh_statistics *st;
2087
2088 st = per_cpu_ptr(tbl->stats, cpu);
2089 ndst.ndts_allocs += st->allocs;
2090 ndst.ndts_destroys += st->destroys;
2091 ndst.ndts_hash_grows += st->hash_grows;
2092 ndst.ndts_res_failed += st->res_failed;
2093 ndst.ndts_lookups += st->lookups;
2094 ndst.ndts_hits += st->hits;
2095 ndst.ndts_rcv_probes_mcast += st->rcv_probes_mcast;
2096 ndst.ndts_rcv_probes_ucast += st->rcv_probes_ucast;
2097 ndst.ndts_periodic_gc_runs += st->periodic_gc_runs;
2098 ndst.ndts_forced_gc_runs += st->forced_gc_runs;
2099 ndst.ndts_table_fulls += st->table_fulls;
2100 }
2101
2102 if (nla_put_64bit(skb, NDTA_STATS, sizeof(ndst), &ndst,
2103 NDTA_PAD))
2104 goto nla_put_failure;
2105 }
2106
2107 BUG_ON(tbl->parms.dev);
2108 if (neightbl_fill_parms(skb, &tbl->parms) < 0)
2109 goto nla_put_failure;
2110
2111 read_unlock_bh(&tbl->lock);
2112 nlmsg_end(skb, nlh);
2113 return 0;
2114
2115nla_put_failure:
2116 read_unlock_bh(&tbl->lock);
2117 nlmsg_cancel(skb, nlh);
2118 return -EMSGSIZE;
2119}
2120
2121static int neightbl_fill_param_info(struct sk_buff *skb,
2122 struct neigh_table *tbl,
2123 struct neigh_parms *parms,
2124 u32 pid, u32 seq, int type,
2125 unsigned int flags)
2126{
2127 struct ndtmsg *ndtmsg;
2128 struct nlmsghdr *nlh;
2129
2130 nlh = nlmsg_put(skb, pid, seq, type, sizeof(*ndtmsg), flags);
2131 if (nlh == NULL)
2132 return -EMSGSIZE;
2133
2134 ndtmsg = nlmsg_data(nlh);
2135
2136 read_lock_bh(&tbl->lock);
2137 ndtmsg->ndtm_family = tbl->family;
2138 ndtmsg->ndtm_pad1 = 0;
2139 ndtmsg->ndtm_pad2 = 0;
2140
2141 if (nla_put_string(skb, NDTA_NAME, tbl->id) < 0 ||
2142 neightbl_fill_parms(skb, parms) < 0)
2143 goto errout;
2144
2145 read_unlock_bh(&tbl->lock);
2146 nlmsg_end(skb, nlh);
2147 return 0;
2148errout:
2149 read_unlock_bh(&tbl->lock);
2150 nlmsg_cancel(skb, nlh);
2151 return -EMSGSIZE;
2152}
2153
2154static const struct nla_policy nl_neightbl_policy[NDTA_MAX+1] = {
2155 [NDTA_NAME] = { .type = NLA_STRING },
2156 [NDTA_THRESH1] = { .type = NLA_U32 },
2157 [NDTA_THRESH2] = { .type = NLA_U32 },
2158 [NDTA_THRESH3] = { .type = NLA_U32 },
2159 [NDTA_GC_INTERVAL] = { .type = NLA_U64 },
2160 [NDTA_PARMS] = { .type = NLA_NESTED },
2161};
2162
2163static const struct nla_policy nl_ntbl_parm_policy[NDTPA_MAX+1] = {
2164 [NDTPA_IFINDEX] = { .type = NLA_U32 },
2165 [NDTPA_QUEUE_LEN] = { .type = NLA_U32 },
2166 [NDTPA_PROXY_QLEN] = { .type = NLA_U32 },
2167 [NDTPA_APP_PROBES] = { .type = NLA_U32 },
2168 [NDTPA_UCAST_PROBES] = { .type = NLA_U32 },
2169 [NDTPA_MCAST_PROBES] = { .type = NLA_U32 },
2170 [NDTPA_MCAST_REPROBES] = { .type = NLA_U32 },
2171 [NDTPA_BASE_REACHABLE_TIME] = { .type = NLA_U64 },
2172 [NDTPA_GC_STALETIME] = { .type = NLA_U64 },
2173 [NDTPA_DELAY_PROBE_TIME] = { .type = NLA_U64 },
2174 [NDTPA_RETRANS_TIME] = { .type = NLA_U64 },
2175 [NDTPA_ANYCAST_DELAY] = { .type = NLA_U64 },
2176 [NDTPA_PROXY_DELAY] = { .type = NLA_U64 },
2177 [NDTPA_LOCKTIME] = { .type = NLA_U64 },
2178};
2179
2180static int neightbl_set(struct sk_buff *skb, struct nlmsghdr *nlh,
2181 struct netlink_ext_ack *extack)
2182{
2183 struct net *net = sock_net(skb->sk);
2184 struct neigh_table *tbl;
2185 struct ndtmsg *ndtmsg;
2186 struct nlattr *tb[NDTA_MAX+1];
2187 bool found = false;
2188 int err, tidx;
2189
2190 err = nlmsg_parse_deprecated(nlh, sizeof(*ndtmsg), tb, NDTA_MAX,
2191 nl_neightbl_policy, extack);
2192 if (err < 0)
2193 goto errout;
2194
2195 if (tb[NDTA_NAME] == NULL) {
2196 err = -EINVAL;
2197 goto errout;
2198 }
2199
2200 ndtmsg = nlmsg_data(nlh);
2201
2202 for (tidx = 0; tidx < NEIGH_NR_TABLES; tidx++) {
2203 tbl = neigh_tables[tidx];
2204 if (!tbl)
2205 continue;
2206 if (ndtmsg->ndtm_family && tbl->family != ndtmsg->ndtm_family)
2207 continue;
2208 if (nla_strcmp(tb[NDTA_NAME], tbl->id) == 0) {
2209 found = true;
2210 break;
2211 }
2212 }
2213
2214 if (!found)
2215 return -ENOENT;
2216
2217 /*
2218 * We acquire tbl->lock to be nice to the periodic timers and
2219 * make sure they always see a consistent set of values.
2220 */
2221 write_lock_bh(&tbl->lock);
2222
2223 if (tb[NDTA_PARMS]) {
2224 struct nlattr *tbp[NDTPA_MAX+1];
2225 struct neigh_parms *p;
2226 int i, ifindex = 0;
2227
2228 err = nla_parse_nested_deprecated(tbp, NDTPA_MAX,
2229 tb[NDTA_PARMS],
2230 nl_ntbl_parm_policy, extack);
2231 if (err < 0)
2232 goto errout_tbl_lock;
2233
2234 if (tbp[NDTPA_IFINDEX])
2235 ifindex = nla_get_u32(tbp[NDTPA_IFINDEX]);
2236
2237 p = lookup_neigh_parms(tbl, net, ifindex);
2238 if (p == NULL) {
2239 err = -ENOENT;
2240 goto errout_tbl_lock;
2241 }
2242
2243 for (i = 1; i <= NDTPA_MAX; i++) {
2244 if (tbp[i] == NULL)
2245 continue;
2246
2247 switch (i) {
2248 case NDTPA_QUEUE_LEN:
2249 NEIGH_VAR_SET(p, QUEUE_LEN_BYTES,
2250 nla_get_u32(tbp[i]) *
2251 SKB_TRUESIZE(ETH_FRAME_LEN));
2252 break;
2253 case NDTPA_QUEUE_LENBYTES:
2254 NEIGH_VAR_SET(p, QUEUE_LEN_BYTES,
2255 nla_get_u32(tbp[i]));
2256 break;
2257 case NDTPA_PROXY_QLEN:
2258 NEIGH_VAR_SET(p, PROXY_QLEN,
2259 nla_get_u32(tbp[i]));
2260 break;
2261 case NDTPA_APP_PROBES:
2262 NEIGH_VAR_SET(p, APP_PROBES,
2263 nla_get_u32(tbp[i]));
2264 break;
2265 case NDTPA_UCAST_PROBES:
2266 NEIGH_VAR_SET(p, UCAST_PROBES,
2267 nla_get_u32(tbp[i]));
2268 break;
2269 case NDTPA_MCAST_PROBES:
2270 NEIGH_VAR_SET(p, MCAST_PROBES,
2271 nla_get_u32(tbp[i]));
2272 break;
2273 case NDTPA_MCAST_REPROBES:
2274 NEIGH_VAR_SET(p, MCAST_REPROBES,
2275 nla_get_u32(tbp[i]));
2276 break;
2277 case NDTPA_BASE_REACHABLE_TIME:
2278 NEIGH_VAR_SET(p, BASE_REACHABLE_TIME,
2279 nla_get_msecs(tbp[i]));
2280 /* update reachable_time as well, otherwise, the change will
2281 * only be effective after the next time neigh_periodic_work
2282 * decides to recompute it (can be multiple minutes)
2283 */
2284 p->reachable_time =
2285 neigh_rand_reach_time(NEIGH_VAR(p, BASE_REACHABLE_TIME));
2286 break;
2287 case NDTPA_GC_STALETIME:
2288 NEIGH_VAR_SET(p, GC_STALETIME,
2289 nla_get_msecs(tbp[i]));
2290 break;
2291 case NDTPA_DELAY_PROBE_TIME:
2292 NEIGH_VAR_SET(p, DELAY_PROBE_TIME,
2293 nla_get_msecs(tbp[i]));
2294 call_netevent_notifiers(NETEVENT_DELAY_PROBE_TIME_UPDATE, p);
2295 break;
2296 case NDTPA_RETRANS_TIME:
2297 NEIGH_VAR_SET(p, RETRANS_TIME,
2298 nla_get_msecs(tbp[i]));
2299 break;
2300 case NDTPA_ANYCAST_DELAY:
2301 NEIGH_VAR_SET(p, ANYCAST_DELAY,
2302 nla_get_msecs(tbp[i]));
2303 break;
2304 case NDTPA_PROXY_DELAY:
2305 NEIGH_VAR_SET(p, PROXY_DELAY,
2306 nla_get_msecs(tbp[i]));
2307 break;
2308 case NDTPA_LOCKTIME:
2309 NEIGH_VAR_SET(p, LOCKTIME,
2310 nla_get_msecs(tbp[i]));
2311 break;
2312 }
2313 }
2314 }
2315
2316 err = -ENOENT;
2317 if ((tb[NDTA_THRESH1] || tb[NDTA_THRESH2] ||
2318 tb[NDTA_THRESH3] || tb[NDTA_GC_INTERVAL]) &&
2319 !net_eq(net, &init_net))
2320 goto errout_tbl_lock;
2321
2322 if (tb[NDTA_THRESH1])
2323 tbl->gc_thresh1 = nla_get_u32(tb[NDTA_THRESH1]);
2324
2325 if (tb[NDTA_THRESH2])
2326 tbl->gc_thresh2 = nla_get_u32(tb[NDTA_THRESH2]);
2327
2328 if (tb[NDTA_THRESH3])
2329 tbl->gc_thresh3 = nla_get_u32(tb[NDTA_THRESH3]);
2330
2331 if (tb[NDTA_GC_INTERVAL])
2332 tbl->gc_interval = nla_get_msecs(tb[NDTA_GC_INTERVAL]);
2333
2334 err = 0;
2335
2336errout_tbl_lock:
2337 write_unlock_bh(&tbl->lock);
2338errout:
2339 return err;
2340}
2341
2342static int neightbl_valid_dump_info(const struct nlmsghdr *nlh,
2343 struct netlink_ext_ack *extack)
2344{
2345 struct ndtmsg *ndtm;
2346
2347 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*ndtm))) {
2348 NL_SET_ERR_MSG(extack, "Invalid header for neighbor table dump request");
2349 return -EINVAL;
2350 }
2351
2352 ndtm = nlmsg_data(nlh);
2353 if (ndtm->ndtm_pad1 || ndtm->ndtm_pad2) {
2354 NL_SET_ERR_MSG(extack, "Invalid values in header for neighbor table dump request");
2355 return -EINVAL;
2356 }
2357
2358 if (nlmsg_attrlen(nlh, sizeof(*ndtm))) {
2359 NL_SET_ERR_MSG(extack, "Invalid data after header in neighbor table dump request");
2360 return -EINVAL;
2361 }
2362
2363 return 0;
2364}
2365
2366static int neightbl_dump_info(struct sk_buff *skb, struct netlink_callback *cb)
2367{
2368 const struct nlmsghdr *nlh = cb->nlh;
2369 struct net *net = sock_net(skb->sk);
2370 int family, tidx, nidx = 0;
2371 int tbl_skip = cb->args[0];
2372 int neigh_skip = cb->args[1];
2373 struct neigh_table *tbl;
2374
2375 if (cb->strict_check) {
2376 int err = neightbl_valid_dump_info(nlh, cb->extack);
2377
2378 if (err < 0)
2379 return err;
2380 }
2381
2382 family = ((struct rtgenmsg *)nlmsg_data(nlh))->rtgen_family;
2383
2384 for (tidx = 0; tidx < NEIGH_NR_TABLES; tidx++) {
2385 struct neigh_parms *p;
2386
2387 tbl = neigh_tables[tidx];
2388 if (!tbl)
2389 continue;
2390
2391 if (tidx < tbl_skip || (family && tbl->family != family))
2392 continue;
2393
2394 if (neightbl_fill_info(skb, tbl, NETLINK_CB(cb->skb).portid,
2395 nlh->nlmsg_seq, RTM_NEWNEIGHTBL,
2396 NLM_F_MULTI) < 0)
2397 break;
2398
2399 nidx = 0;
2400 p = list_next_entry(&tbl->parms, list);
2401 list_for_each_entry_from(p, &tbl->parms_list, list) {
2402 if (!net_eq(neigh_parms_net(p), net))
2403 continue;
2404
2405 if (nidx < neigh_skip)
2406 goto next;
2407
2408 if (neightbl_fill_param_info(skb, tbl, p,
2409 NETLINK_CB(cb->skb).portid,
2410 nlh->nlmsg_seq,
2411 RTM_NEWNEIGHTBL,
2412 NLM_F_MULTI) < 0)
2413 goto out;
2414 next:
2415 nidx++;
2416 }
2417
2418 neigh_skip = 0;
2419 }
2420out:
2421 cb->args[0] = tidx;
2422 cb->args[1] = nidx;
2423
2424 return skb->len;
2425}
2426
2427static int neigh_fill_info(struct sk_buff *skb, struct neighbour *neigh,
2428 u32 pid, u32 seq, int type, unsigned int flags)
2429{
2430 unsigned long now = jiffies;
2431 struct nda_cacheinfo ci;
2432 struct nlmsghdr *nlh;
2433 struct ndmsg *ndm;
2434
2435 nlh = nlmsg_put(skb, pid, seq, type, sizeof(*ndm), flags);
2436 if (nlh == NULL)
2437 return -EMSGSIZE;
2438
2439 ndm = nlmsg_data(nlh);
2440 ndm->ndm_family = neigh->ops->family;
2441 ndm->ndm_pad1 = 0;
2442 ndm->ndm_pad2 = 0;
2443 ndm->ndm_flags = neigh->flags;
2444 ndm->ndm_type = neigh->type;
2445 ndm->ndm_ifindex = neigh->dev->ifindex;
2446
2447 if (nla_put(skb, NDA_DST, neigh->tbl->key_len, neigh->primary_key))
2448 goto nla_put_failure;
2449
2450 read_lock_bh(&neigh->lock);
2451 ndm->ndm_state = neigh->nud_state;
2452 if (neigh->nud_state & NUD_VALID) {
2453 char haddr[MAX_ADDR_LEN];
2454
2455 neigh_ha_snapshot(haddr, neigh, neigh->dev);
2456 if (nla_put(skb, NDA_LLADDR, neigh->dev->addr_len, haddr) < 0) {
2457 read_unlock_bh(&neigh->lock);
2458 goto nla_put_failure;
2459 }
2460 }
2461
2462 ci.ndm_used = jiffies_to_clock_t(now - neigh->used);
2463 ci.ndm_confirmed = jiffies_to_clock_t(now - neigh->confirmed);
2464 ci.ndm_updated = jiffies_to_clock_t(now - neigh->updated);
2465 ci.ndm_refcnt = refcount_read(&neigh->refcnt) - 1;
2466 read_unlock_bh(&neigh->lock);
2467
2468 if (nla_put_u32(skb, NDA_PROBES, atomic_read(&neigh->probes)) ||
2469 nla_put(skb, NDA_CACHEINFO, sizeof(ci), &ci))
2470 goto nla_put_failure;
2471
2472 if (neigh->protocol && nla_put_u8(skb, NDA_PROTOCOL, neigh->protocol))
2473 goto nla_put_failure;
2474
2475 nlmsg_end(skb, nlh);
2476 return 0;
2477
2478nla_put_failure:
2479 nlmsg_cancel(skb, nlh);
2480 return -EMSGSIZE;
2481}
2482
2483static int pneigh_fill_info(struct sk_buff *skb, struct pneigh_entry *pn,
2484 u32 pid, u32 seq, int type, unsigned int flags,
2485 struct neigh_table *tbl)
2486{
2487 struct nlmsghdr *nlh;
2488 struct ndmsg *ndm;
2489
2490 nlh = nlmsg_put(skb, pid, seq, type, sizeof(*ndm), flags);
2491 if (nlh == NULL)
2492 return -EMSGSIZE;
2493
2494 ndm = nlmsg_data(nlh);
2495 ndm->ndm_family = tbl->family;
2496 ndm->ndm_pad1 = 0;
2497 ndm->ndm_pad2 = 0;
2498 ndm->ndm_flags = pn->flags | NTF_PROXY;
2499 ndm->ndm_type = RTN_UNICAST;
2500 ndm->ndm_ifindex = pn->dev ? pn->dev->ifindex : 0;
2501 ndm->ndm_state = NUD_NONE;
2502
2503 if (nla_put(skb, NDA_DST, tbl->key_len, pn->key))
2504 goto nla_put_failure;
2505
2506 if (pn->protocol && nla_put_u8(skb, NDA_PROTOCOL, pn->protocol))
2507 goto nla_put_failure;
2508
2509 nlmsg_end(skb, nlh);
2510 return 0;
2511
2512nla_put_failure:
2513 nlmsg_cancel(skb, nlh);
2514 return -EMSGSIZE;
2515}
2516
2517static void neigh_update_notify(struct neighbour *neigh, u32 nlmsg_pid)
2518{
2519 call_netevent_notifiers(NETEVENT_NEIGH_UPDATE, neigh);
2520 __neigh_notify(neigh, RTM_NEWNEIGH, 0, nlmsg_pid);
2521}
2522
2523static bool neigh_master_filtered(struct net_device *dev, int master_idx)
2524{
2525 struct net_device *master;
2526
2527 if (!master_idx)
2528 return false;
2529
2530 master = dev ? netdev_master_upper_dev_get(dev) : NULL;
2531 if (!master || master->ifindex != master_idx)
2532 return true;
2533
2534 return false;
2535}
2536
2537static bool neigh_ifindex_filtered(struct net_device *dev, int filter_idx)
2538{
2539 if (filter_idx && (!dev || dev->ifindex != filter_idx))
2540 return true;
2541
2542 return false;
2543}
2544
2545struct neigh_dump_filter {
2546 int master_idx;
2547 int dev_idx;
2548};
2549
2550static int neigh_dump_table(struct neigh_table *tbl, struct sk_buff *skb,
2551 struct netlink_callback *cb,
2552 struct neigh_dump_filter *filter)
2553{
2554 struct net *net = sock_net(skb->sk);
2555 struct neighbour *n;
2556 int rc, h, s_h = cb->args[1];
2557 int idx, s_idx = idx = cb->args[2];
2558 struct neigh_hash_table *nht;
2559 unsigned int flags = NLM_F_MULTI;
2560
2561 if (filter->dev_idx || filter->master_idx)
2562 flags |= NLM_F_DUMP_FILTERED;
2563
2564 rcu_read_lock_bh();
2565 nht = rcu_dereference_bh(tbl->nht);
2566
2567 for (h = s_h; h < (1 << nht->hash_shift); h++) {
2568 if (h > s_h)
2569 s_idx = 0;
2570 for (n = rcu_dereference_bh(nht->hash_buckets[h]), idx = 0;
2571 n != NULL;
2572 n = rcu_dereference_bh(n->next)) {
2573 if (idx < s_idx || !net_eq(dev_net(n->dev), net))
2574 goto next;
2575 if (neigh_ifindex_filtered(n->dev, filter->dev_idx) ||
2576 neigh_master_filtered(n->dev, filter->master_idx))
2577 goto next;
2578 if (neigh_fill_info(skb, n, NETLINK_CB(cb->skb).portid,
2579 cb->nlh->nlmsg_seq,
2580 RTM_NEWNEIGH,
2581 flags) < 0) {
2582 rc = -1;
2583 goto out;
2584 }
2585next:
2586 idx++;
2587 }
2588 }
2589 rc = skb->len;
2590out:
2591 rcu_read_unlock_bh();
2592 cb->args[1] = h;
2593 cb->args[2] = idx;
2594 return rc;
2595}
2596
2597static int pneigh_dump_table(struct neigh_table *tbl, struct sk_buff *skb,
2598 struct netlink_callback *cb,
2599 struct neigh_dump_filter *filter)
2600{
2601 struct pneigh_entry *n;
2602 struct net *net = sock_net(skb->sk);
2603 int rc, h, s_h = cb->args[3];
2604 int idx, s_idx = idx = cb->args[4];
2605 unsigned int flags = NLM_F_MULTI;
2606
2607 if (filter->dev_idx || filter->master_idx)
2608 flags |= NLM_F_DUMP_FILTERED;
2609
2610 read_lock_bh(&tbl->lock);
2611
2612 for (h = s_h; h <= PNEIGH_HASHMASK; h++) {
2613 if (h > s_h)
2614 s_idx = 0;
2615 for (n = tbl->phash_buckets[h], idx = 0; n; n = n->next) {
2616 if (idx < s_idx || pneigh_net(n) != net)
2617 goto next;
2618 if (neigh_ifindex_filtered(n->dev, filter->dev_idx) ||
2619 neigh_master_filtered(n->dev, filter->master_idx))
2620 goto next;
2621 if (pneigh_fill_info(skb, n, NETLINK_CB(cb->skb).portid,
2622 cb->nlh->nlmsg_seq,
2623 RTM_NEWNEIGH, flags, tbl) < 0) {
2624 read_unlock_bh(&tbl->lock);
2625 rc = -1;
2626 goto out;
2627 }
2628 next:
2629 idx++;
2630 }
2631 }
2632
2633 read_unlock_bh(&tbl->lock);
2634 rc = skb->len;
2635out:
2636 cb->args[3] = h;
2637 cb->args[4] = idx;
2638 return rc;
2639
2640}
2641
2642static int neigh_valid_dump_req(const struct nlmsghdr *nlh,
2643 bool strict_check,
2644 struct neigh_dump_filter *filter,
2645 struct netlink_ext_ack *extack)
2646{
2647 struct nlattr *tb[NDA_MAX + 1];
2648 int err, i;
2649
2650 if (strict_check) {
2651 struct ndmsg *ndm;
2652
2653 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*ndm))) {
2654 NL_SET_ERR_MSG(extack, "Invalid header for neighbor dump request");
2655 return -EINVAL;
2656 }
2657
2658 ndm = nlmsg_data(nlh);
2659 if (ndm->ndm_pad1 || ndm->ndm_pad2 || ndm->ndm_ifindex ||
2660 ndm->ndm_state || ndm->ndm_type) {
2661 NL_SET_ERR_MSG(extack, "Invalid values in header for neighbor dump request");
2662 return -EINVAL;
2663 }
2664
2665 if (ndm->ndm_flags & ~NTF_PROXY) {
2666 NL_SET_ERR_MSG(extack, "Invalid flags in header for neighbor dump request");
2667 return -EINVAL;
2668 }
2669
2670 err = nlmsg_parse_deprecated_strict(nlh, sizeof(struct ndmsg),
2671 tb, NDA_MAX, nda_policy,
2672 extack);
2673 } else {
2674 err = nlmsg_parse_deprecated(nlh, sizeof(struct ndmsg), tb,
2675 NDA_MAX, nda_policy, extack);
2676 }
2677 if (err < 0)
2678 return err;
2679
2680 for (i = 0; i <= NDA_MAX; ++i) {
2681 if (!tb[i])
2682 continue;
2683
2684 /* all new attributes should require strict_check */
2685 switch (i) {
2686 case NDA_IFINDEX:
2687 filter->dev_idx = nla_get_u32(tb[i]);
2688 break;
2689 case NDA_MASTER:
2690 filter->master_idx = nla_get_u32(tb[i]);
2691 break;
2692 default:
2693 if (strict_check) {
2694 NL_SET_ERR_MSG(extack, "Unsupported attribute in neighbor dump request");
2695 return -EINVAL;
2696 }
2697 }
2698 }
2699
2700 return 0;
2701}
2702
2703static int neigh_dump_info(struct sk_buff *skb, struct netlink_callback *cb)
2704{
2705 const struct nlmsghdr *nlh = cb->nlh;
2706 struct neigh_dump_filter filter = {};
2707 struct neigh_table *tbl;
2708 int t, family, s_t;
2709 int proxy = 0;
2710 int err;
2711
2712 family = ((struct rtgenmsg *)nlmsg_data(nlh))->rtgen_family;
2713
2714 /* check for full ndmsg structure presence, family member is
2715 * the same for both structures
2716 */
2717 if (nlmsg_len(nlh) >= sizeof(struct ndmsg) &&
2718 ((struct ndmsg *)nlmsg_data(nlh))->ndm_flags == NTF_PROXY)
2719 proxy = 1;
2720
2721 err = neigh_valid_dump_req(nlh, cb->strict_check, &filter, cb->extack);
2722 if (err < 0 && cb->strict_check)
2723 return err;
2724
2725 s_t = cb->args[0];
2726
2727 for (t = 0; t < NEIGH_NR_TABLES; t++) {
2728 tbl = neigh_tables[t];
2729
2730 if (!tbl)
2731 continue;
2732 if (t < s_t || (family && tbl->family != family))
2733 continue;
2734 if (t > s_t)
2735 memset(&cb->args[1], 0, sizeof(cb->args) -
2736 sizeof(cb->args[0]));
2737 if (proxy)
2738 err = pneigh_dump_table(tbl, skb, cb, &filter);
2739 else
2740 err = neigh_dump_table(tbl, skb, cb, &filter);
2741 if (err < 0)
2742 break;
2743 }
2744
2745 cb->args[0] = t;
2746 return skb->len;
2747}
2748
2749static int neigh_valid_get_req(const struct nlmsghdr *nlh,
2750 struct neigh_table **tbl,
2751 void **dst, int *dev_idx, u8 *ndm_flags,
2752 struct netlink_ext_ack *extack)
2753{
2754 struct nlattr *tb[NDA_MAX + 1];
2755 struct ndmsg *ndm;
2756 int err, i;
2757
2758 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*ndm))) {
2759 NL_SET_ERR_MSG(extack, "Invalid header for neighbor get request");
2760 return -EINVAL;
2761 }
2762
2763 ndm = nlmsg_data(nlh);
2764 if (ndm->ndm_pad1 || ndm->ndm_pad2 || ndm->ndm_state ||
2765 ndm->ndm_type) {
2766 NL_SET_ERR_MSG(extack, "Invalid values in header for neighbor get request");
2767 return -EINVAL;
2768 }
2769
2770 if (ndm->ndm_flags & ~NTF_PROXY) {
2771 NL_SET_ERR_MSG(extack, "Invalid flags in header for neighbor get request");
2772 return -EINVAL;
2773 }
2774
2775 err = nlmsg_parse_deprecated_strict(nlh, sizeof(struct ndmsg), tb,
2776 NDA_MAX, nda_policy, extack);
2777 if (err < 0)
2778 return err;
2779
2780 *ndm_flags = ndm->ndm_flags;
2781 *dev_idx = ndm->ndm_ifindex;
2782 *tbl = neigh_find_table(ndm->ndm_family);
2783 if (*tbl == NULL) {
2784 NL_SET_ERR_MSG(extack, "Unsupported family in header for neighbor get request");
2785 return -EAFNOSUPPORT;
2786 }
2787
2788 for (i = 0; i <= NDA_MAX; ++i) {
2789 if (!tb[i])
2790 continue;
2791
2792 switch (i) {
2793 case NDA_DST:
2794 if (nla_len(tb[i]) != (int)(*tbl)->key_len) {
2795 NL_SET_ERR_MSG(extack, "Invalid network address in neighbor get request");
2796 return -EINVAL;
2797 }
2798 *dst = nla_data(tb[i]);
2799 break;
2800 default:
2801 NL_SET_ERR_MSG(extack, "Unsupported attribute in neighbor get request");
2802 return -EINVAL;
2803 }
2804 }
2805
2806 return 0;
2807}
2808
2809static inline size_t neigh_nlmsg_size(void)
2810{
2811 return NLMSG_ALIGN(sizeof(struct ndmsg))
2812 + nla_total_size(MAX_ADDR_LEN) /* NDA_DST */
2813 + nla_total_size(MAX_ADDR_LEN) /* NDA_LLADDR */
2814 + nla_total_size(sizeof(struct nda_cacheinfo))
2815 + nla_total_size(4) /* NDA_PROBES */
2816 + nla_total_size(1); /* NDA_PROTOCOL */
2817}
2818
2819static int neigh_get_reply(struct net *net, struct neighbour *neigh,
2820 u32 pid, u32 seq)
2821{
2822 struct sk_buff *skb;
2823 int err = 0;
2824
2825 skb = nlmsg_new(neigh_nlmsg_size(), GFP_KERNEL);
2826 if (!skb)
2827 return -ENOBUFS;
2828
2829 err = neigh_fill_info(skb, neigh, pid, seq, RTM_NEWNEIGH, 0);
2830 if (err) {
2831 kfree_skb(skb);
2832 goto errout;
2833 }
2834
2835 err = rtnl_unicast(skb, net, pid);
2836errout:
2837 return err;
2838}
2839
2840static inline size_t pneigh_nlmsg_size(void)
2841{
2842 return NLMSG_ALIGN(sizeof(struct ndmsg))
2843 + nla_total_size(MAX_ADDR_LEN) /* NDA_DST */
2844 + nla_total_size(1); /* NDA_PROTOCOL */
2845}
2846
2847static int pneigh_get_reply(struct net *net, struct pneigh_entry *neigh,
2848 u32 pid, u32 seq, struct neigh_table *tbl)
2849{
2850 struct sk_buff *skb;
2851 int err = 0;
2852
2853 skb = nlmsg_new(pneigh_nlmsg_size(), GFP_KERNEL);
2854 if (!skb)
2855 return -ENOBUFS;
2856
2857 err = pneigh_fill_info(skb, neigh, pid, seq, RTM_NEWNEIGH, 0, tbl);
2858 if (err) {
2859 kfree_skb(skb);
2860 goto errout;
2861 }
2862
2863 err = rtnl_unicast(skb, net, pid);
2864errout:
2865 return err;
2866}
2867
2868static int neigh_get(struct sk_buff *in_skb, struct nlmsghdr *nlh,
2869 struct netlink_ext_ack *extack)
2870{
2871 struct net *net = sock_net(in_skb->sk);
2872 struct net_device *dev = NULL;
2873 struct neigh_table *tbl = NULL;
2874 struct neighbour *neigh;
2875 void *dst = NULL;
2876 u8 ndm_flags = 0;
2877 int dev_idx = 0;
2878 int err;
2879
2880 err = neigh_valid_get_req(nlh, &tbl, &dst, &dev_idx, &ndm_flags,
2881 extack);
2882 if (err < 0)
2883 return err;
2884
2885 if (dev_idx) {
2886 dev = __dev_get_by_index(net, dev_idx);
2887 if (!dev) {
2888 NL_SET_ERR_MSG(extack, "Unknown device ifindex");
2889 return -ENODEV;
2890 }
2891 }
2892
2893 if (!dst) {
2894 NL_SET_ERR_MSG(extack, "Network address not specified");
2895 return -EINVAL;
2896 }
2897
2898 if (ndm_flags & NTF_PROXY) {
2899 struct pneigh_entry *pn;
2900
2901 pn = pneigh_lookup(tbl, net, dst, dev, 0);
2902 if (!pn) {
2903 NL_SET_ERR_MSG(extack, "Proxy neighbour entry not found");
2904 return -ENOENT;
2905 }
2906 return pneigh_get_reply(net, pn, NETLINK_CB(in_skb).portid,
2907 nlh->nlmsg_seq, tbl);
2908 }
2909
2910 if (!dev) {
2911 NL_SET_ERR_MSG(extack, "No device specified");
2912 return -EINVAL;
2913 }
2914
2915 neigh = neigh_lookup(tbl, dst, dev);
2916 if (!neigh) {
2917 NL_SET_ERR_MSG(extack, "Neighbour entry not found");
2918 return -ENOENT;
2919 }
2920
2921 err = neigh_get_reply(net, neigh, NETLINK_CB(in_skb).portid,
2922 nlh->nlmsg_seq);
2923
2924 neigh_release(neigh);
2925
2926 return err;
2927}
2928
2929void neigh_for_each(struct neigh_table *tbl, void (*cb)(struct neighbour *, void *), void *cookie)
2930{
2931 int chain;
2932 struct neigh_hash_table *nht;
2933
2934 rcu_read_lock_bh();
2935 nht = rcu_dereference_bh(tbl->nht);
2936
2937 read_lock(&tbl->lock); /* avoid resizes */
2938 for (chain = 0; chain < (1 << nht->hash_shift); chain++) {
2939 struct neighbour *n;
2940
2941 for (n = rcu_dereference_bh(nht->hash_buckets[chain]);
2942 n != NULL;
2943 n = rcu_dereference_bh(n->next))
2944 cb(n, cookie);
2945 }
2946 read_unlock(&tbl->lock);
2947 rcu_read_unlock_bh();
2948}
2949EXPORT_SYMBOL(neigh_for_each);
2950
2951/* The tbl->lock must be held as a writer and BH disabled. */
2952void __neigh_for_each_release(struct neigh_table *tbl,
2953 int (*cb)(struct neighbour *))
2954{
2955 int chain;
2956 struct neigh_hash_table *nht;
2957
2958 nht = rcu_dereference_protected(tbl->nht,
2959 lockdep_is_held(&tbl->lock));
2960 for (chain = 0; chain < (1 << nht->hash_shift); chain++) {
2961 struct neighbour *n;
2962 struct neighbour __rcu **np;
2963
2964 np = &nht->hash_buckets[chain];
2965 while ((n = rcu_dereference_protected(*np,
2966 lockdep_is_held(&tbl->lock))) != NULL) {
2967 int release;
2968
2969 write_lock(&n->lock);
2970 release = cb(n);
2971 if (release) {
2972 rcu_assign_pointer(*np,
2973 rcu_dereference_protected(n->next,
2974 lockdep_is_held(&tbl->lock)));
2975 neigh_mark_dead(n);
2976 } else
2977 np = &n->next;
2978 write_unlock(&n->lock);
2979 if (release)
2980 neigh_cleanup_and_release(n);
2981 }
2982 }
2983}
2984EXPORT_SYMBOL(__neigh_for_each_release);
2985
2986int neigh_xmit(int index, struct net_device *dev,
2987 const void *addr, struct sk_buff *skb)
2988{
2989 int err = -EAFNOSUPPORT;
2990 if (likely(index < NEIGH_NR_TABLES)) {
2991 struct neigh_table *tbl;
2992 struct neighbour *neigh;
2993
2994 tbl = neigh_tables[index];
2995 if (!tbl)
2996 goto out;
2997 rcu_read_lock_bh();
2998 if (index == NEIGH_ARP_TABLE) {
2999 u32 key = *((u32 *)addr);
3000
3001 neigh = __ipv4_neigh_lookup_noref(dev, key);
3002 } else {
3003 neigh = __neigh_lookup_noref(tbl, addr, dev);
3004 }
3005 if (!neigh)
3006 neigh = __neigh_create(tbl, addr, dev, false);
3007 err = PTR_ERR(neigh);
3008 if (IS_ERR(neigh)) {
3009 rcu_read_unlock_bh();
3010 goto out_kfree_skb;
3011 }
3012 err = neigh->output(neigh, skb);
3013 rcu_read_unlock_bh();
3014 }
3015 else if (index == NEIGH_LINK_TABLE) {
3016 err = dev_hard_header(skb, dev, ntohs(skb->protocol),
3017 addr, NULL, skb->len);
3018 if (err < 0)
3019 goto out_kfree_skb;
3020 err = dev_queue_xmit(skb);
3021 }
3022out:
3023 return err;
3024out_kfree_skb:
3025 kfree_skb(skb);
3026 goto out;
3027}
3028EXPORT_SYMBOL(neigh_xmit);
3029
3030#ifdef CONFIG_PROC_FS
3031
3032static struct neighbour *neigh_get_first(struct seq_file *seq)
3033{
3034 struct neigh_seq_state *state = seq->private;
3035 struct net *net = seq_file_net(seq);
3036 struct neigh_hash_table *nht = state->nht;
3037 struct neighbour *n = NULL;
3038 int bucket;
3039
3040 state->flags &= ~NEIGH_SEQ_IS_PNEIGH;
3041 for (bucket = 0; bucket < (1 << nht->hash_shift); bucket++) {
3042 n = rcu_dereference_bh(nht->hash_buckets[bucket]);
3043
3044 while (n) {
3045 if (!net_eq(dev_net(n->dev), net))
3046 goto next;
3047 if (state->neigh_sub_iter) {
3048 loff_t fakep = 0;
3049 void *v;
3050
3051 v = state->neigh_sub_iter(state, n, &fakep);
3052 if (!v)
3053 goto next;
3054 }
3055 if (!(state->flags & NEIGH_SEQ_SKIP_NOARP))
3056 break;
3057 if (n->nud_state & ~NUD_NOARP)
3058 break;
3059next:
3060 n = rcu_dereference_bh(n->next);
3061 }
3062
3063 if (n)
3064 break;
3065 }
3066 state->bucket = bucket;
3067
3068 return n;
3069}
3070
3071static struct neighbour *neigh_get_next(struct seq_file *seq,
3072 struct neighbour *n,
3073 loff_t *pos)
3074{
3075 struct neigh_seq_state *state = seq->private;
3076 struct net *net = seq_file_net(seq);
3077 struct neigh_hash_table *nht = state->nht;
3078
3079 if (state->neigh_sub_iter) {
3080 void *v = state->neigh_sub_iter(state, n, pos);
3081 if (v)
3082 return n;
3083 }
3084 n = rcu_dereference_bh(n->next);
3085
3086 while (1) {
3087 while (n) {
3088 if (!net_eq(dev_net(n->dev), net))
3089 goto next;
3090 if (state->neigh_sub_iter) {
3091 void *v = state->neigh_sub_iter(state, n, pos);
3092 if (v)
3093 return n;
3094 goto next;
3095 }
3096 if (!(state->flags & NEIGH_SEQ_SKIP_NOARP))
3097 break;
3098
3099 if (n->nud_state & ~NUD_NOARP)
3100 break;
3101next:
3102 n = rcu_dereference_bh(n->next);
3103 }
3104
3105 if (n)
3106 break;
3107
3108 if (++state->bucket >= (1 << nht->hash_shift))
3109 break;
3110
3111 n = rcu_dereference_bh(nht->hash_buckets[state->bucket]);
3112 }
3113
3114 if (n && pos)
3115 --(*pos);
3116 return n;
3117}
3118
3119static struct neighbour *neigh_get_idx(struct seq_file *seq, loff_t *pos)
3120{
3121 struct neighbour *n = neigh_get_first(seq);
3122
3123 if (n) {
3124 --(*pos);
3125 while (*pos) {
3126 n = neigh_get_next(seq, n, pos);
3127 if (!n)
3128 break;
3129 }
3130 }
3131 return *pos ? NULL : n;
3132}
3133
3134static struct pneigh_entry *pneigh_get_first(struct seq_file *seq)
3135{
3136 struct neigh_seq_state *state = seq->private;
3137 struct net *net = seq_file_net(seq);
3138 struct neigh_table *tbl = state->tbl;
3139 struct pneigh_entry *pn = NULL;
3140 int bucket = state->bucket;
3141
3142 state->flags |= NEIGH_SEQ_IS_PNEIGH;
3143 for (bucket = 0; bucket <= PNEIGH_HASHMASK; bucket++) {
3144 pn = tbl->phash_buckets[bucket];
3145 while (pn && !net_eq(pneigh_net(pn), net))
3146 pn = pn->next;
3147 if (pn)
3148 break;
3149 }
3150 state->bucket = bucket;
3151
3152 return pn;
3153}
3154
3155static struct pneigh_entry *pneigh_get_next(struct seq_file *seq,
3156 struct pneigh_entry *pn,
3157 loff_t *pos)
3158{
3159 struct neigh_seq_state *state = seq->private;
3160 struct net *net = seq_file_net(seq);
3161 struct neigh_table *tbl = state->tbl;
3162
3163 do {
3164 pn = pn->next;
3165 } while (pn && !net_eq(pneigh_net(pn), net));
3166
3167 while (!pn) {
3168 if (++state->bucket > PNEIGH_HASHMASK)
3169 break;
3170 pn = tbl->phash_buckets[state->bucket];
3171 while (pn && !net_eq(pneigh_net(pn), net))
3172 pn = pn->next;
3173 if (pn)
3174 break;
3175 }
3176
3177 if (pn && pos)
3178 --(*pos);
3179
3180 return pn;
3181}
3182
3183static struct pneigh_entry *pneigh_get_idx(struct seq_file *seq, loff_t *pos)
3184{
3185 struct pneigh_entry *pn = pneigh_get_first(seq);
3186
3187 if (pn) {
3188 --(*pos);
3189 while (*pos) {
3190 pn = pneigh_get_next(seq, pn, pos);
3191 if (!pn)
3192 break;
3193 }
3194 }
3195 return *pos ? NULL : pn;
3196}
3197
3198static void *neigh_get_idx_any(struct seq_file *seq, loff_t *pos)
3199{
3200 struct neigh_seq_state *state = seq->private;
3201 void *rc;
3202 loff_t idxpos = *pos;
3203
3204 rc = neigh_get_idx(seq, &idxpos);
3205 if (!rc && !(state->flags & NEIGH_SEQ_NEIGH_ONLY))
3206 rc = pneigh_get_idx(seq, &idxpos);
3207
3208 return rc;
3209}
3210
3211void *neigh_seq_start(struct seq_file *seq, loff_t *pos, struct neigh_table *tbl, unsigned int neigh_seq_flags)
3212 __acquires(tbl->lock)
3213 __acquires(rcu_bh)
3214{
3215 struct neigh_seq_state *state = seq->private;
3216
3217 state->tbl = tbl;
3218 state->bucket = 0;
3219 state->flags = (neigh_seq_flags & ~NEIGH_SEQ_IS_PNEIGH);
3220
3221 rcu_read_lock_bh();
3222 state->nht = rcu_dereference_bh(tbl->nht);
3223 read_lock(&tbl->lock);
3224
3225 return *pos ? neigh_get_idx_any(seq, pos) : SEQ_START_TOKEN;
3226}
3227EXPORT_SYMBOL(neigh_seq_start);
3228
3229void *neigh_seq_next(struct seq_file *seq, void *v, loff_t *pos)
3230{
3231 struct neigh_seq_state *state;
3232 void *rc;
3233
3234 if (v == SEQ_START_TOKEN) {
3235 rc = neigh_get_first(seq);
3236 goto out;
3237 }
3238
3239 state = seq->private;
3240 if (!(state->flags & NEIGH_SEQ_IS_PNEIGH)) {
3241 rc = neigh_get_next(seq, v, NULL);
3242 if (rc)
3243 goto out;
3244 if (!(state->flags & NEIGH_SEQ_NEIGH_ONLY))
3245 rc = pneigh_get_first(seq);
3246 } else {
3247 BUG_ON(state->flags & NEIGH_SEQ_NEIGH_ONLY);
3248 rc = pneigh_get_next(seq, v, NULL);
3249 }
3250out:
3251 ++(*pos);
3252 return rc;
3253}
3254EXPORT_SYMBOL(neigh_seq_next);
3255
3256void neigh_seq_stop(struct seq_file *seq, void *v)
3257 __releases(tbl->lock)
3258 __releases(rcu_bh)
3259{
3260 struct neigh_seq_state *state = seq->private;
3261 struct neigh_table *tbl = state->tbl;
3262
3263 read_unlock(&tbl->lock);
3264 rcu_read_unlock_bh();
3265}
3266EXPORT_SYMBOL(neigh_seq_stop);
3267
3268/* statistics via seq_file */
3269
3270static void *neigh_stat_seq_start(struct seq_file *seq, loff_t *pos)
3271{
3272 struct neigh_table *tbl = PDE_DATA(file_inode(seq->file));
3273 int cpu;
3274
3275 if (*pos == 0)
3276 return SEQ_START_TOKEN;
3277
3278 for (cpu = *pos-1; cpu < nr_cpu_ids; ++cpu) {
3279 if (!cpu_possible(cpu))
3280 continue;
3281 *pos = cpu+1;
3282 return per_cpu_ptr(tbl->stats, cpu);
3283 }
3284 return NULL;
3285}
3286
3287static void *neigh_stat_seq_next(struct seq_file *seq, void *v, loff_t *pos)
3288{
3289 struct neigh_table *tbl = PDE_DATA(file_inode(seq->file));
3290 int cpu;
3291
3292 for (cpu = *pos; cpu < nr_cpu_ids; ++cpu) {
3293 if (!cpu_possible(cpu))
3294 continue;
3295 *pos = cpu+1;
3296 return per_cpu_ptr(tbl->stats, cpu);
3297 }
3298 (*pos)++;
3299 return NULL;
3300}
3301
3302static void neigh_stat_seq_stop(struct seq_file *seq, void *v)
3303{
3304
3305}
3306
3307static int neigh_stat_seq_show(struct seq_file *seq, void *v)
3308{
3309 struct neigh_table *tbl = PDE_DATA(file_inode(seq->file));
3310 struct neigh_statistics *st = v;
3311
3312 if (v == SEQ_START_TOKEN) {
3313 seq_printf(seq, "entries allocs destroys hash_grows lookups hits res_failed rcv_probes_mcast rcv_probes_ucast periodic_gc_runs forced_gc_runs unresolved_discards table_fulls\n");
3314 return 0;
3315 }
3316
3317 seq_printf(seq, "%08x %08lx %08lx %08lx %08lx %08lx %08lx "
3318 "%08lx %08lx %08lx %08lx %08lx %08lx\n",
3319 atomic_read(&tbl->entries),
3320
3321 st->allocs,
3322 st->destroys,
3323 st->hash_grows,
3324
3325 st->lookups,
3326 st->hits,
3327
3328 st->res_failed,
3329
3330 st->rcv_probes_mcast,
3331 st->rcv_probes_ucast,
3332
3333 st->periodic_gc_runs,
3334 st->forced_gc_runs,
3335 st->unres_discards,
3336 st->table_fulls
3337 );
3338
3339 return 0;
3340}
3341
3342static const struct seq_operations neigh_stat_seq_ops = {
3343 .start = neigh_stat_seq_start,
3344 .next = neigh_stat_seq_next,
3345 .stop = neigh_stat_seq_stop,
3346 .show = neigh_stat_seq_show,
3347};
3348#endif /* CONFIG_PROC_FS */
3349
3350static void __neigh_notify(struct neighbour *n, int type, int flags,
3351 u32 pid)
3352{
3353 struct net *net = dev_net(n->dev);
3354 struct sk_buff *skb;
3355 int err = -ENOBUFS;
3356
3357 skb = nlmsg_new(neigh_nlmsg_size(), GFP_ATOMIC);
3358 if (skb == NULL)
3359 goto errout;
3360
3361 err = neigh_fill_info(skb, n, pid, 0, type, flags);
3362 if (err < 0) {
3363 /* -EMSGSIZE implies BUG in neigh_nlmsg_size() */
3364 WARN_ON(err == -EMSGSIZE);
3365 kfree_skb(skb);
3366 goto errout;
3367 }
3368 rtnl_notify(skb, net, 0, RTNLGRP_NEIGH, NULL, GFP_ATOMIC);
3369 return;
3370errout:
3371 if (err < 0)
3372 rtnl_set_sk_err(net, RTNLGRP_NEIGH, err);
3373}
3374
3375void neigh_app_ns(struct neighbour *n)
3376{
3377 __neigh_notify(n, RTM_GETNEIGH, NLM_F_REQUEST, 0);
3378}
3379EXPORT_SYMBOL(neigh_app_ns);
3380
3381#ifdef CONFIG_SYSCTL
3382static int unres_qlen_max = INT_MAX / SKB_TRUESIZE(ETH_FRAME_LEN);
3383
3384static int proc_unres_qlen(struct ctl_table *ctl, int write,
3385 void *buffer, size_t *lenp, loff_t *ppos)
3386{
3387 int size, ret;
3388 struct ctl_table tmp = *ctl;
3389
3390 tmp.extra1 = SYSCTL_ZERO;
3391 tmp.extra2 = &unres_qlen_max;
3392 tmp.data = &size;
3393
3394 size = *(int *)ctl->data / SKB_TRUESIZE(ETH_FRAME_LEN);
3395 ret = proc_dointvec_minmax(&tmp, write, buffer, lenp, ppos);
3396
3397 if (write && !ret)
3398 *(int *)ctl->data = size * SKB_TRUESIZE(ETH_FRAME_LEN);
3399 return ret;
3400}
3401
3402static struct neigh_parms *neigh_get_dev_parms_rcu(struct net_device *dev,
3403 int family)
3404{
3405 switch (family) {
3406 case AF_INET:
3407 return __in_dev_arp_parms_get_rcu(dev);
3408 case AF_INET6:
3409 return __in6_dev_nd_parms_get_rcu(dev);
3410 }
3411 return NULL;
3412}
3413
3414static void neigh_copy_dflt_parms(struct net *net, struct neigh_parms *p,
3415 int index)
3416{
3417 struct net_device *dev;
3418 int family = neigh_parms_family(p);
3419
3420 rcu_read_lock();
3421 for_each_netdev_rcu(net, dev) {
3422 struct neigh_parms *dst_p =
3423 neigh_get_dev_parms_rcu(dev, family);
3424
3425 if (dst_p && !test_bit(index, dst_p->data_state))
3426 dst_p->data[index] = p->data[index];
3427 }
3428 rcu_read_unlock();
3429}
3430
3431static void neigh_proc_update(struct ctl_table *ctl, int write)
3432{
3433 struct net_device *dev = ctl->extra1;
3434 struct neigh_parms *p = ctl->extra2;
3435 struct net *net = neigh_parms_net(p);
3436 int index = (int *) ctl->data - p->data;
3437
3438 if (!write)
3439 return;
3440
3441 set_bit(index, p->data_state);
3442 if (index == NEIGH_VAR_DELAY_PROBE_TIME)
3443 call_netevent_notifiers(NETEVENT_DELAY_PROBE_TIME_UPDATE, p);
3444 if (!dev) /* NULL dev means this is default value */
3445 neigh_copy_dflt_parms(net, p, index);
3446}
3447
3448static int neigh_proc_dointvec_zero_intmax(struct ctl_table *ctl, int write,
3449 void *buffer, size_t *lenp,
3450 loff_t *ppos)
3451{
3452 struct ctl_table tmp = *ctl;
3453 int ret;
3454
3455 tmp.extra1 = SYSCTL_ZERO;
3456 tmp.extra2 = SYSCTL_INT_MAX;
3457
3458 ret = proc_dointvec_minmax(&tmp, write, buffer, lenp, ppos);
3459 neigh_proc_update(ctl, write);
3460 return ret;
3461}
3462
3463int neigh_proc_dointvec(struct ctl_table *ctl, int write, void *buffer,
3464 size_t *lenp, loff_t *ppos)
3465{
3466 int ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
3467
3468 neigh_proc_update(ctl, write);
3469 return ret;
3470}
3471EXPORT_SYMBOL(neigh_proc_dointvec);
3472
3473int neigh_proc_dointvec_jiffies(struct ctl_table *ctl, int write, void *buffer,
3474 size_t *lenp, loff_t *ppos)
3475{
3476 int ret = proc_dointvec_jiffies(ctl, write, buffer, lenp, ppos);
3477
3478 neigh_proc_update(ctl, write);
3479 return ret;
3480}
3481EXPORT_SYMBOL(neigh_proc_dointvec_jiffies);
3482
3483static int neigh_proc_dointvec_userhz_jiffies(struct ctl_table *ctl, int write,
3484 void *buffer, size_t *lenp,
3485 loff_t *ppos)
3486{
3487 int ret = proc_dointvec_userhz_jiffies(ctl, write, buffer, lenp, ppos);
3488
3489 neigh_proc_update(ctl, write);
3490 return ret;
3491}
3492
3493int neigh_proc_dointvec_ms_jiffies(struct ctl_table *ctl, int write,
3494 void *buffer, size_t *lenp, loff_t *ppos)
3495{
3496 int ret = proc_dointvec_ms_jiffies(ctl, write, buffer, lenp, ppos);
3497
3498 neigh_proc_update(ctl, write);
3499 return ret;
3500}
3501EXPORT_SYMBOL(neigh_proc_dointvec_ms_jiffies);
3502
3503static int neigh_proc_dointvec_unres_qlen(struct ctl_table *ctl, int write,
3504 void *buffer, size_t *lenp,
3505 loff_t *ppos)
3506{
3507 int ret = proc_unres_qlen(ctl, write, buffer, lenp, ppos);
3508
3509 neigh_proc_update(ctl, write);
3510 return ret;
3511}
3512
3513static int neigh_proc_base_reachable_time(struct ctl_table *ctl, int write,
3514 void *buffer, size_t *lenp,
3515 loff_t *ppos)
3516{
3517 struct neigh_parms *p = ctl->extra2;
3518 int ret;
3519
3520 if (strcmp(ctl->procname, "base_reachable_time") == 0)
3521 ret = neigh_proc_dointvec_jiffies(ctl, write, buffer, lenp, ppos);
3522 else if (strcmp(ctl->procname, "base_reachable_time_ms") == 0)
3523 ret = neigh_proc_dointvec_ms_jiffies(ctl, write, buffer, lenp, ppos);
3524 else
3525 ret = -1;
3526
3527 if (write && ret == 0) {
3528 /* update reachable_time as well, otherwise, the change will
3529 * only be effective after the next time neigh_periodic_work
3530 * decides to recompute it
3531 */
3532 p->reachable_time =
3533 neigh_rand_reach_time(NEIGH_VAR(p, BASE_REACHABLE_TIME));
3534 }
3535 return ret;
3536}
3537
3538#define NEIGH_PARMS_DATA_OFFSET(index) \
3539 (&((struct neigh_parms *) 0)->data[index])
3540
3541#define NEIGH_SYSCTL_ENTRY(attr, data_attr, name, mval, proc) \
3542 [NEIGH_VAR_ ## attr] = { \
3543 .procname = name, \
3544 .data = NEIGH_PARMS_DATA_OFFSET(NEIGH_VAR_ ## data_attr), \
3545 .maxlen = sizeof(int), \
3546 .mode = mval, \
3547 .proc_handler = proc, \
3548 }
3549
3550#define NEIGH_SYSCTL_ZERO_INTMAX_ENTRY(attr, name) \
3551 NEIGH_SYSCTL_ENTRY(attr, attr, name, 0644, neigh_proc_dointvec_zero_intmax)
3552
3553#define NEIGH_SYSCTL_JIFFIES_ENTRY(attr, name) \
3554 NEIGH_SYSCTL_ENTRY(attr, attr, name, 0644, neigh_proc_dointvec_jiffies)
3555
3556#define NEIGH_SYSCTL_USERHZ_JIFFIES_ENTRY(attr, name) \
3557 NEIGH_SYSCTL_ENTRY(attr, attr, name, 0644, neigh_proc_dointvec_userhz_jiffies)
3558
3559#define NEIGH_SYSCTL_MS_JIFFIES_REUSED_ENTRY(attr, data_attr, name) \
3560 NEIGH_SYSCTL_ENTRY(attr, data_attr, name, 0644, neigh_proc_dointvec_ms_jiffies)
3561
3562#define NEIGH_SYSCTL_UNRES_QLEN_REUSED_ENTRY(attr, data_attr, name) \
3563 NEIGH_SYSCTL_ENTRY(attr, data_attr, name, 0644, neigh_proc_dointvec_unres_qlen)
3564
3565static struct neigh_sysctl_table {
3566 struct ctl_table_header *sysctl_header;
3567 struct ctl_table neigh_vars[NEIGH_VAR_MAX + 1];
3568} neigh_sysctl_template __read_mostly = {
3569 .neigh_vars = {
3570 NEIGH_SYSCTL_ZERO_INTMAX_ENTRY(MCAST_PROBES, "mcast_solicit"),
3571 NEIGH_SYSCTL_ZERO_INTMAX_ENTRY(UCAST_PROBES, "ucast_solicit"),
3572 NEIGH_SYSCTL_ZERO_INTMAX_ENTRY(APP_PROBES, "app_solicit"),
3573 NEIGH_SYSCTL_ZERO_INTMAX_ENTRY(MCAST_REPROBES, "mcast_resolicit"),
3574 NEIGH_SYSCTL_USERHZ_JIFFIES_ENTRY(RETRANS_TIME, "retrans_time"),
3575 NEIGH_SYSCTL_JIFFIES_ENTRY(BASE_REACHABLE_TIME, "base_reachable_time"),
3576 NEIGH_SYSCTL_JIFFIES_ENTRY(DELAY_PROBE_TIME, "delay_first_probe_time"),
3577 NEIGH_SYSCTL_JIFFIES_ENTRY(GC_STALETIME, "gc_stale_time"),
3578 NEIGH_SYSCTL_ZERO_INTMAX_ENTRY(QUEUE_LEN_BYTES, "unres_qlen_bytes"),
3579 NEIGH_SYSCTL_ZERO_INTMAX_ENTRY(PROXY_QLEN, "proxy_qlen"),
3580 NEIGH_SYSCTL_USERHZ_JIFFIES_ENTRY(ANYCAST_DELAY, "anycast_delay"),
3581 NEIGH_SYSCTL_USERHZ_JIFFIES_ENTRY(PROXY_DELAY, "proxy_delay"),
3582 NEIGH_SYSCTL_USERHZ_JIFFIES_ENTRY(LOCKTIME, "locktime"),
3583 NEIGH_SYSCTL_UNRES_QLEN_REUSED_ENTRY(QUEUE_LEN, QUEUE_LEN_BYTES, "unres_qlen"),
3584 NEIGH_SYSCTL_MS_JIFFIES_REUSED_ENTRY(RETRANS_TIME_MS, RETRANS_TIME, "retrans_time_ms"),
3585 NEIGH_SYSCTL_MS_JIFFIES_REUSED_ENTRY(BASE_REACHABLE_TIME_MS, BASE_REACHABLE_TIME, "base_reachable_time_ms"),
3586 [NEIGH_VAR_GC_INTERVAL] = {
3587 .procname = "gc_interval",
3588 .maxlen = sizeof(int),
3589 .mode = 0644,
3590 .proc_handler = proc_dointvec_jiffies,
3591 },
3592 [NEIGH_VAR_GC_THRESH1] = {
3593 .procname = "gc_thresh1",
3594 .maxlen = sizeof(int),
3595 .mode = 0644,
3596 .extra1 = SYSCTL_ZERO,
3597 .extra2 = SYSCTL_INT_MAX,
3598 .proc_handler = proc_dointvec_minmax,
3599 },
3600 [NEIGH_VAR_GC_THRESH2] = {
3601 .procname = "gc_thresh2",
3602 .maxlen = sizeof(int),
3603 .mode = 0644,
3604 .extra1 = SYSCTL_ZERO,
3605 .extra2 = SYSCTL_INT_MAX,
3606 .proc_handler = proc_dointvec_minmax,
3607 },
3608 [NEIGH_VAR_GC_THRESH3] = {
3609 .procname = "gc_thresh3",
3610 .maxlen = sizeof(int),
3611 .mode = 0644,
3612 .extra1 = SYSCTL_ZERO,
3613 .extra2 = SYSCTL_INT_MAX,
3614 .proc_handler = proc_dointvec_minmax,
3615 },
3616 {},
3617 },
3618};
3619
3620int neigh_sysctl_register(struct net_device *dev, struct neigh_parms *p,
3621 proc_handler *handler)
3622{
3623 int i;
3624 struct neigh_sysctl_table *t;
3625 const char *dev_name_source;
3626 char neigh_path[ sizeof("net//neigh/") + IFNAMSIZ + IFNAMSIZ ];
3627 char *p_name;
3628
3629 t = kmemdup(&neigh_sysctl_template, sizeof(*t), GFP_KERNEL);
3630 if (!t)
3631 goto err;
3632
3633 for (i = 0; i < NEIGH_VAR_GC_INTERVAL; i++) {
3634 t->neigh_vars[i].data += (long) p;
3635 t->neigh_vars[i].extra1 = dev;
3636 t->neigh_vars[i].extra2 = p;
3637 }
3638
3639 if (dev) {
3640 dev_name_source = dev->name;
3641 /* Terminate the table early */
3642 memset(&t->neigh_vars[NEIGH_VAR_GC_INTERVAL], 0,
3643 sizeof(t->neigh_vars[NEIGH_VAR_GC_INTERVAL]));
3644 } else {
3645 struct neigh_table *tbl = p->tbl;
3646 dev_name_source = "default";
3647 t->neigh_vars[NEIGH_VAR_GC_INTERVAL].data = &tbl->gc_interval;
3648 t->neigh_vars[NEIGH_VAR_GC_THRESH1].data = &tbl->gc_thresh1;
3649 t->neigh_vars[NEIGH_VAR_GC_THRESH2].data = &tbl->gc_thresh2;
3650 t->neigh_vars[NEIGH_VAR_GC_THRESH3].data = &tbl->gc_thresh3;
3651 }
3652
3653 if (handler) {
3654 /* RetransTime */
3655 t->neigh_vars[NEIGH_VAR_RETRANS_TIME].proc_handler = handler;
3656 /* ReachableTime */
3657 t->neigh_vars[NEIGH_VAR_BASE_REACHABLE_TIME].proc_handler = handler;
3658 /* RetransTime (in milliseconds)*/
3659 t->neigh_vars[NEIGH_VAR_RETRANS_TIME_MS].proc_handler = handler;
3660 /* ReachableTime (in milliseconds) */
3661 t->neigh_vars[NEIGH_VAR_BASE_REACHABLE_TIME_MS].proc_handler = handler;
3662 } else {
3663 /* Those handlers will update p->reachable_time after
3664 * base_reachable_time(_ms) is set to ensure the new timer starts being
3665 * applied after the next neighbour update instead of waiting for
3666 * neigh_periodic_work to update its value (can be multiple minutes)
3667 * So any handler that replaces them should do this as well
3668 */
3669 /* ReachableTime */
3670 t->neigh_vars[NEIGH_VAR_BASE_REACHABLE_TIME].proc_handler =
3671 neigh_proc_base_reachable_time;
3672 /* ReachableTime (in milliseconds) */
3673 t->neigh_vars[NEIGH_VAR_BASE_REACHABLE_TIME_MS].proc_handler =
3674 neigh_proc_base_reachable_time;
3675 }
3676
3677 /* Don't export sysctls to unprivileged users */
3678 if (neigh_parms_net(p)->user_ns != &init_user_ns)
3679 t->neigh_vars[0].procname = NULL;
3680
3681 switch (neigh_parms_family(p)) {
3682 case AF_INET:
3683 p_name = "ipv4";
3684 break;
3685 case AF_INET6:
3686 p_name = "ipv6";
3687 break;
3688 default:
3689 BUG();
3690 }
3691
3692 snprintf(neigh_path, sizeof(neigh_path), "net/%s/neigh/%s",
3693 p_name, dev_name_source);
3694 t->sysctl_header =
3695 register_net_sysctl(neigh_parms_net(p), neigh_path, t->neigh_vars);
3696 if (!t->sysctl_header)
3697 goto free;
3698
3699 p->sysctl_table = t;
3700 return 0;
3701
3702free:
3703 kfree(t);
3704err:
3705 return -ENOBUFS;
3706}
3707EXPORT_SYMBOL(neigh_sysctl_register);
3708
3709void neigh_sysctl_unregister(struct neigh_parms *p)
3710{
3711 if (p->sysctl_table) {
3712 struct neigh_sysctl_table *t = p->sysctl_table;
3713 p->sysctl_table = NULL;
3714 unregister_net_sysctl_table(t->sysctl_header);
3715 kfree(t);
3716 }
3717}
3718EXPORT_SYMBOL(neigh_sysctl_unregister);
3719
3720#endif /* CONFIG_SYSCTL */
3721
3722static int __init neigh_init(void)
3723{
3724 rtnl_register(PF_UNSPEC, RTM_NEWNEIGH, neigh_add, NULL, 0);
3725 rtnl_register(PF_UNSPEC, RTM_DELNEIGH, neigh_delete, NULL, 0);
3726 rtnl_register(PF_UNSPEC, RTM_GETNEIGH, neigh_get, neigh_dump_info, 0);
3727
3728 rtnl_register(PF_UNSPEC, RTM_GETNEIGHTBL, NULL, neightbl_dump_info,
3729 0);
3730 rtnl_register(PF_UNSPEC, RTM_SETNEIGHTBL, neightbl_set, NULL, 0);
3731
3732 return 0;
3733}
3734
3735subsys_initcall(neigh_init);