search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
cfg80211/mac80211: fix BSS leaks when abandoning assoc attempts
[linux/fpc-iii.git] / net / core / neighbour.c
blob2ae929f9bd06f3be98cbd1add881641a0df1d7a4
1 /*
2 * Generic address resolution entity
3 *
4 * Authors:
5 * Pedro Roque <roque@di.fc.ul.pt>
6 * Alexey Kuznetsov <kuznet@ms2.inr.ac.ru>
7 *
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public License
10 * as published by the Free Software Foundation; either version
11 * 2 of the License, or (at your option) any later version.
12 *
13 * Fixes:
14 * Vitaly E. Lavrov releasing NULL neighbor in neigh_add.
15 * Harald Welte Add neighbour cache statistics like rtstat
16 */
17
18 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
19
20 #include <linux/slab.h>
21 #include <linux/types.h>
22 #include <linux/kernel.h>
23 #include <linux/module.h>
24 #include <linux/socket.h>
25 #include <linux/netdevice.h>
26 #include <linux/proc_fs.h>
27 #ifdef CONFIG_SYSCTL
28 #include <linux/sysctl.h>
29 #endif
30 #include <linux/times.h>
31 #include <net/net_namespace.h>
32 #include <net/neighbour.h>
33 #include <net/dst.h>
34 #include <net/sock.h>
35 #include <net/netevent.h>
36 #include <net/netlink.h>
37 #include <linux/rtnetlink.h>
38 #include <linux/random.h>
39 #include <linux/string.h>
40 #include <linux/log2.h>
41 #include <linux/inetdevice.h>
42 #include <net/addrconf.h>
43
44 #define DEBUG
45 #define NEIGH_DEBUG 1
46 #define neigh_dbg(level, fmt, ...) \
47 do { \
48 if (level <= NEIGH_DEBUG) \
49 pr_debug(fmt, ##__VA_ARGS__); \
50 } while (0)
51
52 #define PNEIGH_HASHMASK 0xF
53
54 static void neigh_timer_handler(unsigned long arg);
55 static void __neigh_notify(struct neighbour *n, int type, int flags);
56 static void neigh_update_notify(struct neighbour *neigh);
57 static int pneigh_ifdown(struct neigh_table *tbl, struct net_device *dev);
58
59 #ifdef CONFIG_PROC_FS
60 static const struct file_operations neigh_stat_seq_fops;
61 #endif
62
63 /*
64 Neighbour hash table buckets are protected with rwlock tbl->lock.
65
66 - All the scans/updates to hash buckets MUST be made under this lock.
67 - NOTHING clever should be made under this lock: no callbacks
68 to protocol backends, no attempts to send something to network.
69 It will result in deadlocks, if backend/driver wants to use neighbour
70 cache.
71 - If the entry requires some non-trivial actions, increase
72 its reference count and release table lock.
73
74 Neighbour entries are protected:
75 - with reference count.
76 - with rwlock neigh->lock
77
78 Reference count prevents destruction.
79
80 neigh->lock mainly serializes ll address data and its validity state.
81 However, the same lock is used to protect another entry fields:
82 - timer
83 - resolution queue
84
85 Again, nothing clever shall be made under neigh->lock,
86 the most complicated procedure, which we allow is dev->hard_header.
87 It is supposed, that dev->hard_header is simplistic and does
88 not make callbacks to neighbour tables.
89 */
90
91 static int neigh_blackhole(struct neighbour *neigh, struct sk_buff *skb)
92 {
93 kfree_skb(skb);
94 return -ENETDOWN;
95 }
96
97 static void neigh_cleanup_and_release(struct neighbour *neigh)
98 {
99 if (neigh->parms->neigh_cleanup)
100 neigh->parms->neigh_cleanup(neigh);
101
102 __neigh_notify(neigh, RTM_DELNEIGH, 0);
103 neigh_release(neigh);
104 }
105
106 /*
107 * It is random distribution in the interval (1/2)*base...(3/2)*base.
108 * It corresponds to default IPv6 settings and is not overridable,
109 * because it is really reasonable choice.
110 */
111
112 unsigned long neigh_rand_reach_time(unsigned long base)
113 {
114 return base ? (prandom_u32() % base) + (base >> 1) : 0;
115 }
116 EXPORT_SYMBOL(neigh_rand_reach_time);
117
118
119 static int neigh_forced_gc(struct neigh_table *tbl)
120 {
121 int shrunk = 0;
122 int i;
123 struct neigh_hash_table *nht;
124
125 NEIGH_CACHE_STAT_INC(tbl, forced_gc_runs);
126
127 write_lock_bh(&tbl->lock);
128 nht = rcu_dereference_protected(tbl->nht,
129 lockdep_is_held(&tbl->lock));
130 for (i = 0; i < (1 << nht->hash_shift); i++) {
131 struct neighbour *n;
132 struct neighbour __rcu **np;
133
134 np = &nht->hash_buckets[i];
135 while ((n = rcu_dereference_protected(*np,
136 lockdep_is_held(&tbl->lock))) != NULL) {
137 /* Neighbour record may be discarded if:
138 * - nobody refers to it.
139 * - it is not permanent
140 */
141 write_lock(&n->lock);
142 if (atomic_read(&n->refcnt) == 1 &&
143 !(n->nud_state & NUD_PERMANENT)) {
144 rcu_assign_pointer(*np,
145 rcu_dereference_protected(n->next,
146 lockdep_is_held(&tbl->lock)));
147 n->dead = 1;
148 shrunk = 1;
149 write_unlock(&n->lock);
150 neigh_cleanup_and_release(n);
151 continue;
152 }
153 write_unlock(&n->lock);
154 np = &n->next;
155 }
156 }
157
158 tbl->last_flush = jiffies;
159
160 write_unlock_bh(&tbl->lock);
161
162 return shrunk;
163 }
164
165 static void neigh_add_timer(struct neighbour *n, unsigned long when)
166 {
167 neigh_hold(n);
168 if (unlikely(mod_timer(&n->timer, when))) {
169 printk("NEIGH: BUG, double timer add, state is %x\n",
170 n->nud_state);
171 dump_stack();
172 }
173 }
174
175 static int neigh_del_timer(struct neighbour *n)
176 {
177 if ((n->nud_state & NUD_IN_TIMER) &&
178 del_timer(&n->timer)) {
179 neigh_release(n);
180 return 1;
181 }
182 return 0;
183 }
184
185 static void pneigh_queue_purge(struct sk_buff_head *list)
186 {
187 struct sk_buff *skb;
188
189 while ((skb = skb_dequeue(list)) != NULL) {
190 dev_put(skb->dev);
191 kfree_skb(skb);
192 }
193 }
194
195 static void neigh_flush_dev(struct neigh_table *tbl, struct net_device *dev)
196 {
197 int i;
198 struct neigh_hash_table *nht;
199
200 nht = rcu_dereference_protected(tbl->nht,
201 lockdep_is_held(&tbl->lock));
202
203 for (i = 0; i < (1 << nht->hash_shift); i++) {
204 struct neighbour *n;
205 struct neighbour __rcu **np = &nht->hash_buckets[i];
206
207 while ((n = rcu_dereference_protected(*np,
208 lockdep_is_held(&tbl->lock))) != NULL) {
209 if (dev && n->dev != dev) {
210 np = &n->next;
211 continue;
212 }
213 rcu_assign_pointer(*np,
214 rcu_dereference_protected(n->next,
215 lockdep_is_held(&tbl->lock)));
216 write_lock(&n->lock);
217 neigh_del_timer(n);
218 n->dead = 1;
219
220 if (atomic_read(&n->refcnt) != 1) {
221 /* The most unpleasant situation.
222 We must destroy neighbour entry,
223 but someone still uses it.
224
225 The destroy will be delayed until
226 the last user releases us, but
227 we must kill timers etc. and move
228 it to safe state.
229 */
230 __skb_queue_purge(&n->arp_queue);
231 n->arp_queue_len_bytes = 0;
232 n->output = neigh_blackhole;
233 if (n->nud_state & NUD_VALID)
234 n->nud_state = NUD_NOARP;
235 else
236 n->nud_state = NUD_NONE;
237 neigh_dbg(2, "neigh %p is stray\n", n);
238 }
239 write_unlock(&n->lock);
240 neigh_cleanup_and_release(n);
241 }
242 }
243 }
244
245 void neigh_changeaddr(struct neigh_table *tbl, struct net_device *dev)
246 {
247 write_lock_bh(&tbl->lock);
248 neigh_flush_dev(tbl, dev);
249 write_unlock_bh(&tbl->lock);
250 }
251 EXPORT_SYMBOL(neigh_changeaddr);
252
253 int neigh_ifdown(struct neigh_table *tbl, struct net_device *dev)
254 {
255 write_lock_bh(&tbl->lock);
256 neigh_flush_dev(tbl, dev);
257 pneigh_ifdown(tbl, dev);
258 write_unlock_bh(&tbl->lock);
259
260 del_timer_sync(&tbl->proxy_timer);
261 pneigh_queue_purge(&tbl->proxy_queue);
262 return 0;
263 }
264 EXPORT_SYMBOL(neigh_ifdown);
265
266 static struct neighbour *neigh_alloc(struct neigh_table *tbl, struct net_device *dev)
267 {
268 struct neighbour *n = NULL;
269 unsigned long now = jiffies;
270 int entries;
271
272 entries = atomic_inc_return(&tbl->entries) - 1;
273 if (entries >= tbl->gc_thresh3 ||
274 (entries >= tbl->gc_thresh2 &&
275 time_after(now, tbl->last_flush + 5 * HZ))) {
276 if (!neigh_forced_gc(tbl) &&
277 entries >= tbl->gc_thresh3) {
278 net_info_ratelimited("%s: neighbor table overflow!\n",
279 tbl->id);
280 NEIGH_CACHE_STAT_INC(tbl, table_fulls);
281 goto out_entries;
282 }
283 }
284
285 n = kzalloc(tbl->entry_size + dev->neigh_priv_len, GFP_ATOMIC);
286 if (!n)
287 goto out_entries;
288
289 __skb_queue_head_init(&n->arp_queue);
290 rwlock_init(&n->lock);
291 seqlock_init(&n->ha_lock);
292 n->updated = n->used = now;
293 n->nud_state = NUD_NONE;
294 n->output = neigh_blackhole;
295 seqlock_init(&n->hh.hh_lock);
296 n->parms = neigh_parms_clone(&tbl->parms);
297 setup_timer(&n->timer, neigh_timer_handler, (unsigned long)n);
298
299 NEIGH_CACHE_STAT_INC(tbl, allocs);
300 n->tbl = tbl;
301 atomic_set(&n->refcnt, 1);
302 n->dead = 1;
303 out:
304 return n;
305
306 out_entries:
307 atomic_dec(&tbl->entries);
308 goto out;
309 }
310
311 static void neigh_get_hash_rnd(u32 *x)
312 {
313 get_random_bytes(x, sizeof(*x));
314 *x |= 1;
315 }
316
317 static struct neigh_hash_table *neigh_hash_alloc(unsigned int shift)
318 {
319 size_t size = (1 << shift) * sizeof(struct neighbour *);
320 struct neigh_hash_table *ret;
321 struct neighbour __rcu **buckets;
322 int i;
323
324 ret = kmalloc(sizeof(*ret), GFP_ATOMIC);
325 if (!ret)
326 return NULL;
327 if (size <= PAGE_SIZE)
328 buckets = kzalloc(size, GFP_ATOMIC);
329 else
330 buckets = (struct neighbour __rcu **)
331 __get_free_pages(GFP_ATOMIC | __GFP_ZERO,
332 get_order(size));
333 if (!buckets) {
334 kfree(ret);
335 return NULL;
336 }
337 ret->hash_buckets = buckets;
338 ret->hash_shift = shift;
339 for (i = 0; i < NEIGH_NUM_HASH_RND; i++)
340 neigh_get_hash_rnd(&ret->hash_rnd[i]);
341 return ret;
342 }
343
344 static void neigh_hash_free_rcu(struct rcu_head *head)
345 {
346 struct neigh_hash_table *nht = container_of(head,
347 struct neigh_hash_table,
348 rcu);
349 size_t size = (1 << nht->hash_shift) * sizeof(struct neighbour *);
350 struct neighbour __rcu **buckets = nht->hash_buckets;
351
352 if (size <= PAGE_SIZE)
353 kfree(buckets);
354 else
355 free_pages((unsigned long)buckets, get_order(size));
356 kfree(nht);
357 }
358
359 static struct neigh_hash_table *neigh_hash_grow(struct neigh_table *tbl,
360 unsigned long new_shift)
361 {
362 unsigned int i, hash;
363 struct neigh_hash_table *new_nht, *old_nht;
364
365 NEIGH_CACHE_STAT_INC(tbl, hash_grows);
366
367 old_nht = rcu_dereference_protected(tbl->nht,
368 lockdep_is_held(&tbl->lock));
369 new_nht = neigh_hash_alloc(new_shift);
370 if (!new_nht)
371 return old_nht;
372
373 for (i = 0; i < (1 << old_nht->hash_shift); i++) {
374 struct neighbour *n, *next;
375
376 for (n = rcu_dereference_protected(old_nht->hash_buckets[i],
377 lockdep_is_held(&tbl->lock));
378 n != NULL;
379 n = next) {
380 hash = tbl->hash(n->primary_key, n->dev,
381 new_nht->hash_rnd);
382
383 hash >>= (32 - new_nht->hash_shift);
384 next = rcu_dereference_protected(n->next,
385 lockdep_is_held(&tbl->lock));
386
387 rcu_assign_pointer(n->next,
388 rcu_dereference_protected(
389 new_nht->hash_buckets[hash],
390 lockdep_is_held(&tbl->lock)));
391 rcu_assign_pointer(new_nht->hash_buckets[hash], n);
392 }
393 }
394
395 rcu_assign_pointer(tbl->nht, new_nht);
396 call_rcu(&old_nht->rcu, neigh_hash_free_rcu);
397 return new_nht;
398 }
399
400 struct neighbour *neigh_lookup(struct neigh_table *tbl, const void *pkey,
401 struct net_device *dev)
402 {
403 struct neighbour *n;
404
405 NEIGH_CACHE_STAT_INC(tbl, lookups);
406
407 rcu_read_lock_bh();
408 n = __neigh_lookup_noref(tbl, pkey, dev);
409 if (n) {
410 if (!atomic_inc_not_zero(&n->refcnt))
411 n = NULL;
412 NEIGH_CACHE_STAT_INC(tbl, hits);
413 }
414
415 rcu_read_unlock_bh();
416 return n;
417 }
418 EXPORT_SYMBOL(neigh_lookup);
419
420 struct neighbour *neigh_lookup_nodev(struct neigh_table *tbl, struct net *net,
421 const void *pkey)
422 {
423 struct neighbour *n;
424 int key_len = tbl->key_len;
425 u32 hash_val;
426 struct neigh_hash_table *nht;
427
428 NEIGH_CACHE_STAT_INC(tbl, lookups);
429
430 rcu_read_lock_bh();
431 nht = rcu_dereference_bh(tbl->nht);
432 hash_val = tbl->hash(pkey, NULL, nht->hash_rnd) >> (32 - nht->hash_shift);
433
434 for (n = rcu_dereference_bh(nht->hash_buckets[hash_val]);
435 n != NULL;
436 n = rcu_dereference_bh(n->next)) {
437 if (!memcmp(n->primary_key, pkey, key_len) &&
438 net_eq(dev_net(n->dev), net)) {
439 if (!atomic_inc_not_zero(&n->refcnt))
440 n = NULL;
441 NEIGH_CACHE_STAT_INC(tbl, hits);
442 break;
443 }
444 }
445
446 rcu_read_unlock_bh();
447 return n;
448 }
449 EXPORT_SYMBOL(neigh_lookup_nodev);
450
451 struct neighbour *__neigh_create(struct neigh_table *tbl, const void *pkey,
452 struct net_device *dev, bool want_ref)
453 {
454 u32 hash_val;
455 int key_len = tbl->key_len;
456 int error;
457 struct neighbour *n1, *rc, *n = neigh_alloc(tbl, dev);
458 struct neigh_hash_table *nht;
459
460 if (!n) {
461 rc = ERR_PTR(-ENOBUFS);
462 goto out;
463 }
464
465 memcpy(n->primary_key, pkey, key_len);
466 n->dev = dev;
467 dev_hold(dev);
468
469 /* Protocol specific setup. */
470 if (tbl->constructor && (error = tbl->constructor(n)) < 0) {
471 rc = ERR_PTR(error);
472 goto out_neigh_release;
473 }
474
475 if (dev->netdev_ops->ndo_neigh_construct) {
476 error = dev->netdev_ops->ndo_neigh_construct(dev, n);
477 if (error < 0) {
478 rc = ERR_PTR(error);
479 goto out_neigh_release;
480 }
481 }
482
483 /* Device specific setup. */
484 if (n->parms->neigh_setup &&
485 (error = n->parms->neigh_setup(n)) < 0) {
486 rc = ERR_PTR(error);
487 goto out_neigh_release;
488 }
489
490 n->confirmed = jiffies - (NEIGH_VAR(n->parms, BASE_REACHABLE_TIME) << 1);
491
492 write_lock_bh(&tbl->lock);
493 nht = rcu_dereference_protected(tbl->nht,
494 lockdep_is_held(&tbl->lock));
495
496 if (atomic_read(&tbl->entries) > (1 << nht->hash_shift))
497 nht = neigh_hash_grow(tbl, nht->hash_shift + 1);
498
499 hash_val = tbl->hash(pkey, dev, nht->hash_rnd) >> (32 - nht->hash_shift);
500
501 if (n->parms->dead) {
502 rc = ERR_PTR(-EINVAL);
503 goto out_tbl_unlock;
504 }
505
506 for (n1 = rcu_dereference_protected(nht->hash_buckets[hash_val],
507 lockdep_is_held(&tbl->lock));
508 n1 != NULL;
509 n1 = rcu_dereference_protected(n1->next,
510 lockdep_is_held(&tbl->lock))) {
511 if (dev == n1->dev && !memcmp(n1->primary_key, pkey, key_len)) {
512 if (want_ref)
513 neigh_hold(n1);
514 rc = n1;
515 goto out_tbl_unlock;
516 }
517 }
518
519 n->dead = 0;
520 if (want_ref)
521 neigh_hold(n);
522 rcu_assign_pointer(n->next,
523 rcu_dereference_protected(nht->hash_buckets[hash_val],
524 lockdep_is_held(&tbl->lock)));
525 rcu_assign_pointer(nht->hash_buckets[hash_val], n);
526 write_unlock_bh(&tbl->lock);
527 neigh_dbg(2, "neigh %p is created\n", n);
528 rc = n;
529 out:
530 return rc;
531 out_tbl_unlock:
532 write_unlock_bh(&tbl->lock);
533 out_neigh_release:
534 neigh_release(n);
535 goto out;
536 }
537 EXPORT_SYMBOL(__neigh_create);
538
539 static u32 pneigh_hash(const void *pkey, int key_len)
540 {
541 u32 hash_val = *(u32 *)(pkey + key_len - 4);
542 hash_val ^= (hash_val >> 16);
543 hash_val ^= hash_val >> 8;
544 hash_val ^= hash_val >> 4;
545 hash_val &= PNEIGH_HASHMASK;
546 return hash_val;
547 }
548
549 static struct pneigh_entry *__pneigh_lookup_1(struct pneigh_entry *n,
550 struct net *net,
551 const void *pkey,
552 int key_len,
553 struct net_device *dev)
554 {
555 while (n) {
556 if (!memcmp(n->key, pkey, key_len) &&
557 net_eq(pneigh_net(n), net) &&
558 (n->dev == dev || !n->dev))
559 return n;
560 n = n->next;
561 }
562 return NULL;
563 }
564
565 struct pneigh_entry *__pneigh_lookup(struct neigh_table *tbl,
566 struct net *net, const void *pkey, struct net_device *dev)
567 {
568 int key_len = tbl->key_len;
569 u32 hash_val = pneigh_hash(pkey, key_len);
570
571 return __pneigh_lookup_1(tbl->phash_buckets[hash_val],
572 net, pkey, key_len, dev);
573 }
574 EXPORT_SYMBOL_GPL(__pneigh_lookup);
575
576 struct pneigh_entry * pneigh_lookup(struct neigh_table *tbl,
577 struct net *net, const void *pkey,
578 struct net_device *dev, int creat)
579 {
580 struct pneigh_entry *n;
581 int key_len = tbl->key_len;
582 u32 hash_val = pneigh_hash(pkey, key_len);
583
584 read_lock_bh(&tbl->lock);
585 n = __pneigh_lookup_1(tbl->phash_buckets[hash_val],
586 net, pkey, key_len, dev);
587 read_unlock_bh(&tbl->lock);
588
589 if (n || !creat)
590 goto out;
591
592 ASSERT_RTNL();
593
594 n = kmalloc(sizeof(*n) + key_len, GFP_KERNEL);
595 if (!n)
596 goto out;
597
598 write_pnet(&n->net, net);
599 memcpy(n->key, pkey, key_len);
600 n->dev = dev;
601 if (dev)
602 dev_hold(dev);
603
604 if (tbl->pconstructor && tbl->pconstructor(n)) {
605 if (dev)
606 dev_put(dev);
607 kfree(n);
608 n = NULL;
609 goto out;
610 }
611
612 write_lock_bh(&tbl->lock);
613 n->next = tbl->phash_buckets[hash_val];
614 tbl->phash_buckets[hash_val] = n;
615 write_unlock_bh(&tbl->lock);
616 out:
617 return n;
618 }
619 EXPORT_SYMBOL(pneigh_lookup);
620
621
622 int pneigh_delete(struct neigh_table *tbl, struct net *net, const void *pkey,
623 struct net_device *dev)
624 {
625 struct pneigh_entry *n, **np;
626 int key_len = tbl->key_len;
627 u32 hash_val = pneigh_hash(pkey, key_len);
628
629 write_lock_bh(&tbl->lock);
630 for (np = &tbl->phash_buckets[hash_val]; (n = *np) != NULL;
631 np = &n->next) {
632 if (!memcmp(n->key, pkey, key_len) && n->dev == dev &&
633 net_eq(pneigh_net(n), net)) {
634 *np = n->next;
635 write_unlock_bh(&tbl->lock);
636 if (tbl->pdestructor)
637 tbl->pdestructor(n);
638 if (n->dev)
639 dev_put(n->dev);
640 kfree(n);
641 return 0;
642 }
643 }
644 write_unlock_bh(&tbl->lock);
645 return -ENOENT;
646 }
647
648 static int pneigh_ifdown(struct neigh_table *tbl, struct net_device *dev)
649 {
650 struct pneigh_entry *n, **np;
651 u32 h;
652
653 for (h = 0; h <= PNEIGH_HASHMASK; h++) {
654 np = &tbl->phash_buckets[h];
655 while ((n = *np) != NULL) {
656 if (!dev || n->dev == dev) {
657 *np = n->next;
658 if (tbl->pdestructor)
659 tbl->pdestructor(n);
660 if (n->dev)
661 dev_put(n->dev);
662 kfree(n);
663 continue;
664 }
665 np = &n->next;
666 }
667 }
668 return -ENOENT;
669 }
670
671 static void neigh_parms_destroy(struct neigh_parms *parms);
672
673 static inline void neigh_parms_put(struct neigh_parms *parms)
674 {
675 if (atomic_dec_and_test(&parms->refcnt))
676 neigh_parms_destroy(parms);
677 }
678
679 /*
680 * neighbour must already be out of the table;
681 *
682 */
683 void neigh_destroy(struct neighbour *neigh)
684 {
685 struct net_device *dev = neigh->dev;
686
687 NEIGH_CACHE_STAT_INC(neigh->tbl, destroys);
688
689 if (!neigh->dead) {
690 pr_warn("Destroying alive neighbour %p\n", neigh);
691 dump_stack();
692 return;
693 }
694
695 if (neigh_del_timer(neigh))
696 pr_warn("Impossible event\n");
697
698 write_lock_bh(&neigh->lock);
699 __skb_queue_purge(&neigh->arp_queue);
700 write_unlock_bh(&neigh->lock);
701 neigh->arp_queue_len_bytes = 0;
702
703 if (dev->netdev_ops->ndo_neigh_destroy)
704 dev->netdev_ops->ndo_neigh_destroy(dev, neigh);
705
706 dev_put(dev);
707 neigh_parms_put(neigh->parms);
708
709 neigh_dbg(2, "neigh %p is destroyed\n", neigh);
710
711 atomic_dec(&neigh->tbl->entries);
712 kfree_rcu(neigh, rcu);
713 }
714 EXPORT_SYMBOL(neigh_destroy);
715
716 /* Neighbour state is suspicious;
717 disable fast path.
718
719 Called with write_locked neigh.
720 */
721 static void neigh_suspect(struct neighbour *neigh)
722 {
723 neigh_dbg(2, "neigh %p is suspected\n", neigh);
724
725 neigh->output = neigh->ops->output;
726 }
727
728 /* Neighbour state is OK;
729 enable fast path.
730
731 Called with write_locked neigh.
732 */
733 static void neigh_connect(struct neighbour *neigh)
734 {
735 neigh_dbg(2, "neigh %p is connected\n", neigh);
736
737 neigh->output = neigh->ops->connected_output;
738 }
739
740 static void neigh_periodic_work(struct work_struct *work)
741 {
742 struct neigh_table *tbl = container_of(work, struct neigh_table, gc_work.work);
743 struct neighbour *n;
744 struct neighbour __rcu **np;
745 unsigned int i;
746 struct neigh_hash_table *nht;
747
748 NEIGH_CACHE_STAT_INC(tbl, periodic_gc_runs);
749
750 write_lock_bh(&tbl->lock);
751 nht = rcu_dereference_protected(tbl->nht,
752 lockdep_is_held(&tbl->lock));
753
754 /*
755 * periodically recompute ReachableTime from random function
756 */
757
758 if (time_after(jiffies, tbl->last_rand + 300 * HZ)) {
759 struct neigh_parms *p;
760 tbl->last_rand = jiffies;
761 list_for_each_entry(p, &tbl->parms_list, list)
762 p->reachable_time =
763 neigh_rand_reach_time(NEIGH_VAR(p, BASE_REACHABLE_TIME));
764 }
765
766 if (atomic_read(&tbl->entries) < tbl->gc_thresh1)
767 goto out;
768
769 for (i = 0 ; i < (1 << nht->hash_shift); i++) {
770 np = &nht->hash_buckets[i];
771
772 while ((n = rcu_dereference_protected(*np,
773 lockdep_is_held(&tbl->lock))) != NULL) {
774 unsigned int state;
775
776 write_lock(&n->lock);
777
778 state = n->nud_state;
779 if (state & (NUD_PERMANENT | NUD_IN_TIMER)) {
780 write_unlock(&n->lock);
781 goto next_elt;
782 }
783
784 if (time_before(n->used, n->confirmed))
785 n->used = n->confirmed;
786
787 if (atomic_read(&n->refcnt) == 1 &&
788 (state == NUD_FAILED ||
789 time_after(jiffies, n->used + NEIGH_VAR(n->parms, GC_STALETIME)))) {
790 *np = n->next;
791 n->dead = 1;
792 write_unlock(&n->lock);
793 neigh_cleanup_and_release(n);
794 continue;
795 }
796 write_unlock(&n->lock);
797
798 next_elt:
799 np = &n->next;
800 }
801 /*
802 * It's fine to release lock here, even if hash table
803 * grows while we are preempted.
804 */
805 write_unlock_bh(&tbl->lock);
806 cond_resched();
807 write_lock_bh(&tbl->lock);
808 nht = rcu_dereference_protected(tbl->nht,
809 lockdep_is_held(&tbl->lock));
810 }
811 out:
812 /* Cycle through all hash buckets every BASE_REACHABLE_TIME/2 ticks.
813 * ARP entry timeouts range from 1/2 BASE_REACHABLE_TIME to 3/2
814 * BASE_REACHABLE_TIME.
815 */
816 queue_delayed_work(system_power_efficient_wq, &tbl->gc_work,
817 NEIGH_VAR(&tbl->parms, BASE_REACHABLE_TIME) >> 1);
818 write_unlock_bh(&tbl->lock);
819 }
820
821 static __inline__ int neigh_max_probes(struct neighbour *n)
822 {
823 struct neigh_parms *p = n->parms;
824 return NEIGH_VAR(p, UCAST_PROBES) + NEIGH_VAR(p, APP_PROBES) +
825 (n->nud_state & NUD_PROBE ? NEIGH_VAR(p, MCAST_REPROBES) :
826 NEIGH_VAR(p, MCAST_PROBES));
827 }
828
829 static void neigh_invalidate(struct neighbour *neigh)
830 __releases(neigh->lock)
831 __acquires(neigh->lock)
832 {
833 struct sk_buff *skb;
834
835 NEIGH_CACHE_STAT_INC(neigh->tbl, res_failed);
836 neigh_dbg(2, "neigh %p is failed\n", neigh);
837 neigh->updated = jiffies;
838
839 /* It is very thin place. report_unreachable is very complicated
840 routine. Particularly, it can hit the same neighbour entry!
841
842 So that, we try to be accurate and avoid dead loop. --ANK
843 */
844 while (neigh->nud_state == NUD_FAILED &&
845 (skb = __skb_dequeue(&neigh->arp_queue)) != NULL) {
846 write_unlock(&neigh->lock);
847 neigh->ops->error_report(neigh, skb);
848 write_lock(&neigh->lock);
849 }
850 __skb_queue_purge(&neigh->arp_queue);
851 neigh->arp_queue_len_bytes = 0;
852 }
853
854 static void neigh_probe(struct neighbour *neigh)
855 __releases(neigh->lock)
856 {
857 struct sk_buff *skb = skb_peek_tail(&neigh->arp_queue);
858 /* keep skb alive even if arp_queue overflows */
859 if (skb)
860 skb = skb_clone(skb, GFP_ATOMIC);
861 write_unlock(&neigh->lock);
862 neigh->ops->solicit(neigh, skb);
863 atomic_inc(&neigh->probes);
864 kfree_skb(skb);
865 }
866
867 /* Called when a timer expires for a neighbour entry. */
868
869 static void neigh_timer_handler(unsigned long arg)
870 {
871 unsigned long now, next;
872 struct neighbour *neigh = (struct neighbour *)arg;
873 unsigned int state;
874 int notify = 0;
875
876 write_lock(&neigh->lock);
877
878 state = neigh->nud_state;
879 now = jiffies;
880 next = now + HZ;
881
882 if (!(state & NUD_IN_TIMER))
883 goto out;
884
885 if (state & NUD_REACHABLE) {
886 if (time_before_eq(now,
887 neigh->confirmed + neigh->parms->reachable_time)) {
888 neigh_dbg(2, "neigh %p is still alive\n", neigh);
889 next = neigh->confirmed + neigh->parms->reachable_time;
890 } else if (time_before_eq(now,
891 neigh->used +
892 NEIGH_VAR(neigh->parms, DELAY_PROBE_TIME))) {
893 neigh_dbg(2, "neigh %p is delayed\n", neigh);
894 neigh->nud_state = NUD_DELAY;
895 neigh->updated = jiffies;
896 neigh_suspect(neigh);
897 next = now + NEIGH_VAR(neigh->parms, DELAY_PROBE_TIME);
898 } else {
899 neigh_dbg(2, "neigh %p is suspected\n", neigh);
900 neigh->nud_state = NUD_STALE;
901 neigh->updated = jiffies;
902 neigh_suspect(neigh);
903 notify = 1;
904 }
905 } else if (state & NUD_DELAY) {
906 if (time_before_eq(now,
907 neigh->confirmed +
908 NEIGH_VAR(neigh->parms, DELAY_PROBE_TIME))) {
909 neigh_dbg(2, "neigh %p is now reachable\n", neigh);
910 neigh->nud_state = NUD_REACHABLE;
911 neigh->updated = jiffies;
912 neigh_connect(neigh);
913 notify = 1;
914 next = neigh->confirmed + neigh->parms->reachable_time;
915 } else {
916 neigh_dbg(2, "neigh %p is probed\n", neigh);
917 neigh->nud_state = NUD_PROBE;
918 neigh->updated = jiffies;
919 atomic_set(&neigh->probes, 0);
920 notify = 1;
921 next = now + NEIGH_VAR(neigh->parms, RETRANS_TIME);
922 }
923 } else {
924 /* NUD_PROBE|NUD_INCOMPLETE */
925 next = now + NEIGH_VAR(neigh->parms, RETRANS_TIME);
926 }
927
928 if ((neigh->nud_state & (NUD_INCOMPLETE | NUD_PROBE)) &&
929 atomic_read(&neigh->probes) >= neigh_max_probes(neigh)) {
930 neigh->nud_state = NUD_FAILED;
931 notify = 1;
932 neigh_invalidate(neigh);
933 goto out;
934 }
935
936 if (neigh->nud_state & NUD_IN_TIMER) {
937 if (time_before(next, jiffies + HZ/2))
938 next = jiffies + HZ/2;
939 if (!mod_timer(&neigh->timer, next))
940 neigh_hold(neigh);
941 }
942 if (neigh->nud_state & (NUD_INCOMPLETE | NUD_PROBE)) {
943 neigh_probe(neigh);
944 } else {
945 out:
946 write_unlock(&neigh->lock);
947 }
948
949 if (notify)
950 neigh_update_notify(neigh);
951
952 neigh_release(neigh);
953 }
954
955 int __neigh_event_send(struct neighbour *neigh, struct sk_buff *skb)
956 {
957 int rc;
958 bool immediate_probe = false;
959
960 write_lock_bh(&neigh->lock);
961
962 rc = 0;
963 if (neigh->nud_state & (NUD_CONNECTED | NUD_DELAY | NUD_PROBE))
964 goto out_unlock_bh;
965 if (neigh->dead)
966 goto out_dead;
967
968 if (!(neigh->nud_state & (NUD_STALE | NUD_INCOMPLETE))) {
969 if (NEIGH_VAR(neigh->parms, MCAST_PROBES) +
970 NEIGH_VAR(neigh->parms, APP_PROBES)) {
971 unsigned long next, now = jiffies;
972
973 atomic_set(&neigh->probes,
974 NEIGH_VAR(neigh->parms, UCAST_PROBES));
975 neigh->nud_state = NUD_INCOMPLETE;
976 neigh->updated = now;
977 next = now + max(NEIGH_VAR(neigh->parms, RETRANS_TIME),
978 HZ/2);
979 neigh_add_timer(neigh, next);
980 immediate_probe = true;
981 } else {
982 neigh->nud_state = NUD_FAILED;
983 neigh->updated = jiffies;
984 write_unlock_bh(&neigh->lock);
985
986 kfree_skb(skb);
987 return 1;
988 }
989 } else if (neigh->nud_state & NUD_STALE) {
990 neigh_dbg(2, "neigh %p is delayed\n", neigh);
991 neigh->nud_state = NUD_DELAY;
992 neigh->updated = jiffies;
993 neigh_add_timer(neigh, jiffies +
994 NEIGH_VAR(neigh->parms, DELAY_PROBE_TIME));
995 }
996
997 if (neigh->nud_state == NUD_INCOMPLETE) {
998 if (skb) {
999 while (neigh->arp_queue_len_bytes + skb->truesize >
1000 NEIGH_VAR(neigh->parms, QUEUE_LEN_BYTES)) {
1001 struct sk_buff *buff;
1002
1003 buff = __skb_dequeue(&neigh->arp_queue);
1004 if (!buff)
1005 break;
1006 neigh->arp_queue_len_bytes -= buff->truesize;
1007 kfree_skb(buff);
1008 NEIGH_CACHE_STAT_INC(neigh->tbl, unres_discards);
1009 }
1010 skb_dst_force(skb);
1011 __skb_queue_tail(&neigh->arp_queue, skb);
1012 neigh->arp_queue_len_bytes += skb->truesize;
1013 }
1014 rc = 1;
1015 }
1016 out_unlock_bh:
1017 if (immediate_probe)
1018 neigh_probe(neigh);
1019 else
1020 write_unlock(&neigh->lock);
1021 local_bh_enable();
1022 return rc;
1023
1024 out_dead:
1025 if (neigh->nud_state & NUD_STALE)
1026 goto out_unlock_bh;
1027 write_unlock_bh(&neigh->lock);
1028 kfree_skb(skb);
1029 return 1;
1030 }
1031 EXPORT_SYMBOL(__neigh_event_send);
1032
1033 static void neigh_update_hhs(struct neighbour *neigh)
1034 {
1035 struct hh_cache *hh;
1036 void (*update)(struct hh_cache*, const struct net_device*, const unsigned char *)
1037 = NULL;
1038
1039 if (neigh->dev->header_ops)
1040 update = neigh->dev->header_ops->cache_update;
1041
1042 if (update) {
1043 hh = &neigh->hh;
1044 if (hh->hh_len) {
1045 write_seqlock_bh(&hh->hh_lock);
1046 update(hh, neigh->dev, neigh->ha);
1047 write_sequnlock_bh(&hh->hh_lock);
1048 }
1049 }
1050 }
1051
1052
1053
1054 /* Generic update routine.
1055 -- lladdr is new lladdr or NULL, if it is not supplied.
1056 -- new is new state.
1057 -- flags
1058 NEIGH_UPDATE_F_OVERRIDE allows to override existing lladdr,
1059 if it is different.
1060 NEIGH_UPDATE_F_WEAK_OVERRIDE will suspect existing "connected"
1061 lladdr instead of overriding it
1062 if it is different.
1063 NEIGH_UPDATE_F_ADMIN means that the change is administrative.
1064
1065 NEIGH_UPDATE_F_OVERRIDE_ISROUTER allows to override existing
1066 NTF_ROUTER flag.
1067 NEIGH_UPDATE_F_ISROUTER indicates if the neighbour is known as
1068 a router.
1069
1070 Caller MUST hold reference count on the entry.
1071 */
1072
1073 int neigh_update(struct neighbour *neigh, const u8 *lladdr, u8 new,
1074 u32 flags)
1075 {
1076 u8 old;
1077 int err;
1078 int notify = 0;
1079 struct net_device *dev;
1080 int update_isrouter = 0;
1081
1082 write_lock_bh(&neigh->lock);
1083
1084 dev = neigh->dev;
1085 old = neigh->nud_state;
1086 err = -EPERM;
1087
1088 if (!(flags & NEIGH_UPDATE_F_ADMIN) &&
1089 (old & (NUD_NOARP | NUD_PERMANENT)))
1090 goto out;
1091 if (neigh->dead)
1092 goto out;
1093
1094 if (!(new & NUD_VALID)) {
1095 neigh_del_timer(neigh);
1096 if (old & NUD_CONNECTED)
1097 neigh_suspect(neigh);
1098 neigh->nud_state = new;
1099 err = 0;
1100 notify = old & NUD_VALID;
1101 if ((old & (NUD_INCOMPLETE | NUD_PROBE)) &&
1102 (new & NUD_FAILED)) {
1103 neigh_invalidate(neigh);
1104 notify = 1;
1105 }
1106 goto out;
1107 }
1108
1109 /* Compare new lladdr with cached one */
1110 if (!dev->addr_len) {
1111 /* First case: device needs no address. */
1112 lladdr = neigh->ha;
1113 } else if (lladdr) {
1114 /* The second case: if something is already cached
1115 and a new address is proposed:
1116 - compare new & old
1117 - if they are different, check override flag
1118 */
1119 if ((old & NUD_VALID) &&
1120 !memcmp(lladdr, neigh->ha, dev->addr_len))
1121 lladdr = neigh->ha;
1122 } else {
1123 /* No address is supplied; if we know something,
1124 use it, otherwise discard the request.
1125 */
1126 err = -EINVAL;
1127 if (!(old & NUD_VALID))
1128 goto out;
1129 lladdr = neigh->ha;
1130 }
1131
1132 if (new & NUD_CONNECTED)
1133 neigh->confirmed = jiffies;
1134 neigh->updated = jiffies;
1135
1136 /* If entry was valid and address is not changed,
1137 do not change entry state, if new one is STALE.
1138 */
1139 err = 0;
1140 update_isrouter = flags & NEIGH_UPDATE_F_OVERRIDE_ISROUTER;
1141 if (old & NUD_VALID) {
1142 if (lladdr != neigh->ha && !(flags & NEIGH_UPDATE_F_OVERRIDE)) {
1143 update_isrouter = 0;
1144 if ((flags & NEIGH_UPDATE_F_WEAK_OVERRIDE) &&
1145 (old & NUD_CONNECTED)) {
1146 lladdr = neigh->ha;
1147 new = NUD_STALE;
1148 } else
1149 goto out;
1150 } else {
1151 if (lladdr == neigh->ha && new == NUD_STALE &&
1152 !(flags & NEIGH_UPDATE_F_ADMIN))
1153 new = old;
1154 }
1155 }
1156
1157 if (new != old) {
1158 neigh_del_timer(neigh);
1159 if (new & NUD_PROBE)
1160 atomic_set(&neigh->probes, 0);
1161 if (new & NUD_IN_TIMER)
1162 neigh_add_timer(neigh, (jiffies +
1163 ((new & NUD_REACHABLE) ?
1164 neigh->parms->reachable_time :
1165 0)));
1166 neigh->nud_state = new;
1167 notify = 1;
1168 }
1169
1170 if (lladdr != neigh->ha) {
1171 write_seqlock(&neigh->ha_lock);
1172 memcpy(&neigh->ha, lladdr, dev->addr_len);
1173 write_sequnlock(&neigh->ha_lock);
1174 neigh_update_hhs(neigh);
1175 if (!(new & NUD_CONNECTED))
1176 neigh->confirmed = jiffies -
1177 (NEIGH_VAR(neigh->parms, BASE_REACHABLE_TIME) << 1);
1178 notify = 1;
1179 }
1180 if (new == old)
1181 goto out;
1182 if (new & NUD_CONNECTED)
1183 neigh_connect(neigh);
1184 else
1185 neigh_suspect(neigh);
1186 if (!(old & NUD_VALID)) {
1187 struct sk_buff *skb;
1188
1189 /* Again: avoid dead loop if something went wrong */
1190
1191 while (neigh->nud_state & NUD_VALID &&
1192 (skb = __skb_dequeue(&neigh->arp_queue)) != NULL) {
1193 struct dst_entry *dst = skb_dst(skb);
1194 struct neighbour *n2, *n1 = neigh;
1195 write_unlock_bh(&neigh->lock);
1196
1197 rcu_read_lock();
1198
1199 /* Why not just use 'neigh' as-is? The problem is that
1200 * things such as shaper, eql, and sch_teql can end up
1201 * using alternative, different, neigh objects to output
1202 * the packet in the output path. So what we need to do
1203 * here is re-lookup the top-level neigh in the path so
1204 * we can reinject the packet there.
1205 */
1206 n2 = NULL;
1207 if (dst) {
1208 n2 = dst_neigh_lookup_skb(dst, skb);
1209 if (n2)
1210 n1 = n2;
1211 }
1212 n1->output(n1, skb);
1213 if (n2)
1214 neigh_release(n2);
1215 rcu_read_unlock();
1216
1217 write_lock_bh(&neigh->lock);
1218 }
1219 __skb_queue_purge(&neigh->arp_queue);
1220 neigh->arp_queue_len_bytes = 0;
1221 }
1222 out:
1223 if (update_isrouter) {
1224 neigh->flags = (flags & NEIGH_UPDATE_F_ISROUTER) ?
1225 (neigh->flags | NTF_ROUTER) :
1226 (neigh->flags & ~NTF_ROUTER);
1227 }
1228 write_unlock_bh(&neigh->lock);
1229
1230 if (notify)
1231 neigh_update_notify(neigh);
1232
1233 return err;
1234 }
1235 EXPORT_SYMBOL(neigh_update);
1236
1237 /* Update the neigh to listen temporarily for probe responses, even if it is
1238 * in a NUD_FAILED state. The caller has to hold neigh->lock for writing.
1239 */
1240 void __neigh_set_probe_once(struct neighbour *neigh)
1241 {
1242 if (neigh->dead)
1243 return;
1244 neigh->updated = jiffies;
1245 if (!(neigh->nud_state & NUD_FAILED))
1246 return;
1247 neigh->nud_state = NUD_INCOMPLETE;
1248 atomic_set(&neigh->probes, neigh_max_probes(neigh));
1249 neigh_add_timer(neigh,
1250 jiffies + NEIGH_VAR(neigh->parms, RETRANS_TIME));
1251 }
1252 EXPORT_SYMBOL(__neigh_set_probe_once);
1253
1254 struct neighbour *neigh_event_ns(struct neigh_table *tbl,
1255 u8 *lladdr, void *saddr,
1256 struct net_device *dev)
1257 {
1258 struct neighbour *neigh = __neigh_lookup(tbl, saddr, dev,
1259 lladdr || !dev->addr_len);
1260 if (neigh)
1261 neigh_update(neigh, lladdr, NUD_STALE,
1262 NEIGH_UPDATE_F_OVERRIDE);
1263 return neigh;
1264 }
1265 EXPORT_SYMBOL(neigh_event_ns);
1266
1267 /* called with read_lock_bh(&n->lock); */
1268 static void neigh_hh_init(struct neighbour *n)
1269 {
1270 struct net_device *dev = n->dev;
1271 __be16 prot = n->tbl->protocol;
1272 struct hh_cache *hh = &n->hh;
1273
1274 write_lock_bh(&n->lock);
1275
1276 /* Only one thread can come in here and initialize the
1277 * hh_cache entry.
1278 */
1279 if (!hh->hh_len)
1280 dev->header_ops->cache(n, hh, prot);
1281
1282 write_unlock_bh(&n->lock);
1283 }
1284
1285 /* Slow and careful. */
1286
1287 int neigh_resolve_output(struct neighbour *neigh, struct sk_buff *skb)
1288 {
1289 int rc = 0;
1290
1291 if (!neigh_event_send(neigh, skb)) {
1292 int err;
1293 struct net_device *dev = neigh->dev;
1294 unsigned int seq;
1295
1296 if (dev->header_ops->cache && !neigh->hh.hh_len)
1297 neigh_hh_init(neigh);
1298
1299 do {
1300 __skb_pull(skb, skb_network_offset(skb));
1301 seq = read_seqbegin(&neigh->ha_lock);
1302 err = dev_hard_header(skb, dev, ntohs(skb->protocol),
1303 neigh->ha, NULL, skb->len);
1304 } while (read_seqretry(&neigh->ha_lock, seq));
1305
1306 if (err >= 0)
1307 rc = dev_queue_xmit(skb);
1308 else
1309 goto out_kfree_skb;
1310 }
1311 out:
1312 return rc;
1313 out_kfree_skb:
1314 rc = -EINVAL;
1315 kfree_skb(skb);
1316 goto out;
1317 }
1318 EXPORT_SYMBOL(neigh_resolve_output);
1319
1320 /* As fast as possible without hh cache */
1321
1322 int neigh_connected_output(struct neighbour *neigh, struct sk_buff *skb)
1323 {
1324 struct net_device *dev = neigh->dev;
1325 unsigned int seq;
1326 int err;
1327
1328 do {
1329 __skb_pull(skb, skb_network_offset(skb));
1330 seq = read_seqbegin(&neigh->ha_lock);
1331 err = dev_hard_header(skb, dev, ntohs(skb->protocol),
1332 neigh->ha, NULL, skb->len);
1333 } while (read_seqretry(&neigh->ha_lock, seq));
1334
1335 if (err >= 0)
1336 err = dev_queue_xmit(skb);
1337 else {
1338 err = -EINVAL;
1339 kfree_skb(skb);
1340 }
1341 return err;
1342 }
1343 EXPORT_SYMBOL(neigh_connected_output);
1344
1345 int neigh_direct_output(struct neighbour *neigh, struct sk_buff *skb)
1346 {
1347 return dev_queue_xmit(skb);
1348 }
1349 EXPORT_SYMBOL(neigh_direct_output);
1350
1351 static void neigh_proxy_process(unsigned long arg)
1352 {
1353 struct neigh_table *tbl = (struct neigh_table *)arg;
1354 long sched_next = 0;
1355 unsigned long now = jiffies;
1356 struct sk_buff *skb, *n;
1357
1358 spin_lock(&tbl->proxy_queue.lock);
1359
1360 skb_queue_walk_safe(&tbl->proxy_queue, skb, n) {
1361 long tdif = NEIGH_CB(skb)->sched_next - now;
1362
1363 if (tdif <= 0) {
1364 struct net_device *dev = skb->dev;
1365
1366 __skb_unlink(skb, &tbl->proxy_queue);
1367 if (tbl->proxy_redo && netif_running(dev)) {
1368 rcu_read_lock();
1369 tbl->proxy_redo(skb);
1370 rcu_read_unlock();
1371 } else {
1372 kfree_skb(skb);
1373 }
1374
1375 dev_put(dev);
1376 } else if (!sched_next || tdif < sched_next)
1377 sched_next = tdif;
1378 }
1379 del_timer(&tbl->proxy_timer);
1380 if (sched_next)
1381 mod_timer(&tbl->proxy_timer, jiffies + sched_next);
1382 spin_unlock(&tbl->proxy_queue.lock);
1383 }
1384
1385 void pneigh_enqueue(struct neigh_table *tbl, struct neigh_parms *p,
1386 struct sk_buff *skb)
1387 {
1388 unsigned long now = jiffies;
1389
1390 unsigned long sched_next = now + (prandom_u32() %
1391 NEIGH_VAR(p, PROXY_DELAY));
1392
1393 if (tbl->proxy_queue.qlen > NEIGH_VAR(p, PROXY_QLEN)) {
1394 kfree_skb(skb);
1395 return;
1396 }
1397
1398 NEIGH_CB(skb)->sched_next = sched_next;
1399 NEIGH_CB(skb)->flags |= LOCALLY_ENQUEUED;
1400
1401 spin_lock(&tbl->proxy_queue.lock);
1402 if (del_timer(&tbl->proxy_timer)) {
1403 if (time_before(tbl->proxy_timer.expires, sched_next))
1404 sched_next = tbl->proxy_timer.expires;
1405 }
1406 skb_dst_drop(skb);
1407 dev_hold(skb->dev);
1408 __skb_queue_tail(&tbl->proxy_queue, skb);
1409 mod_timer(&tbl->proxy_timer, sched_next);
1410 spin_unlock(&tbl->proxy_queue.lock);
1411 }
1412 EXPORT_SYMBOL(pneigh_enqueue);
1413
1414 static inline struct neigh_parms *lookup_neigh_parms(struct neigh_table *tbl,
1415 struct net *net, int ifindex)
1416 {
1417 struct neigh_parms *p;
1418
1419 list_for_each_entry(p, &tbl->parms_list, list) {
1420 if ((p->dev && p->dev->ifindex == ifindex && net_eq(neigh_parms_net(p), net)) ||
1421 (!p->dev && !ifindex && net_eq(net, &init_net)))
1422 return p;
1423 }
1424
1425 return NULL;
1426 }
1427
1428 struct neigh_parms *neigh_parms_alloc(struct net_device *dev,
1429 struct neigh_table *tbl)
1430 {
1431 struct neigh_parms *p;
1432 struct net *net = dev_net(dev);
1433 const struct net_device_ops *ops = dev->netdev_ops;
1434
1435 p = kmemdup(&tbl->parms, sizeof(*p), GFP_KERNEL);
1436 if (p) {
1437 p->tbl = tbl;
1438 atomic_set(&p->refcnt, 1);
1439 p->reachable_time =
1440 neigh_rand_reach_time(NEIGH_VAR(p, BASE_REACHABLE_TIME));
1441 dev_hold(dev);
1442 p->dev = dev;
1443 write_pnet(&p->net, net);
1444 p->sysctl_table = NULL;
1445
1446 if (ops->ndo_neigh_setup && ops->ndo_neigh_setup(dev, p)) {
1447 dev_put(dev);
1448 kfree(p);
1449 return NULL;
1450 }
1451
1452 write_lock_bh(&tbl->lock);
1453 list_add(&p->list, &tbl->parms.list);
1454 write_unlock_bh(&tbl->lock);
1455
1456 neigh_parms_data_state_cleanall(p);
1457 }
1458 return p;
1459 }
1460 EXPORT_SYMBOL(neigh_parms_alloc);
1461
1462 static void neigh_rcu_free_parms(struct rcu_head *head)
1463 {
1464 struct neigh_parms *parms =
1465 container_of(head, struct neigh_parms, rcu_head);
1466
1467 neigh_parms_put(parms);
1468 }
1469
1470 void neigh_parms_release(struct neigh_table *tbl, struct neigh_parms *parms)
1471 {
1472 if (!parms || parms == &tbl->parms)
1473 return;
1474 write_lock_bh(&tbl->lock);
1475 list_del(&parms->list);
1476 parms->dead = 1;
1477 write_unlock_bh(&tbl->lock);
1478 if (parms->dev)
1479 dev_put(parms->dev);
1480 call_rcu(&parms->rcu_head, neigh_rcu_free_parms);
1481 }
1482 EXPORT_SYMBOL(neigh_parms_release);
1483
1484 static void neigh_parms_destroy(struct neigh_parms *parms)
1485 {
1486 kfree(parms);
1487 }
1488
1489 static struct lock_class_key neigh_table_proxy_queue_class;
1490
1491 static struct neigh_table *neigh_tables[NEIGH_NR_TABLES] __read_mostly;
1492
1493 void neigh_table_init(int index, struct neigh_table *tbl)
1494 {
1495 unsigned long now = jiffies;
1496 unsigned long phsize;
1497
1498 INIT_LIST_HEAD(&tbl->parms_list);
1499 list_add(&tbl->parms.list, &tbl->parms_list);
1500 write_pnet(&tbl->parms.net, &init_net);
1501 atomic_set(&tbl->parms.refcnt, 1);
1502 tbl->parms.reachable_time =
1503 neigh_rand_reach_time(NEIGH_VAR(&tbl->parms, BASE_REACHABLE_TIME));
1504
1505 tbl->stats = alloc_percpu(struct neigh_statistics);
1506 if (!tbl->stats)
1507 panic("cannot create neighbour cache statistics");
1508
1509 #ifdef CONFIG_PROC_FS
1510 if (!proc_create_data(tbl->id, 0, init_net.proc_net_stat,
1511 &neigh_stat_seq_fops, tbl))
1512 panic("cannot create neighbour proc dir entry");
1513 #endif
1514
1515 RCU_INIT_POINTER(tbl->nht, neigh_hash_alloc(3));
1516
1517 phsize = (PNEIGH_HASHMASK + 1) * sizeof(struct pneigh_entry *);
1518 tbl->phash_buckets = kzalloc(phsize, GFP_KERNEL);
1519
1520 if (!tbl->nht || !tbl->phash_buckets)
1521 panic("cannot allocate neighbour cache hashes");
1522
1523 if (!tbl->entry_size)
1524 tbl->entry_size = ALIGN(offsetof(struct neighbour, primary_key) +
1525 tbl->key_len, NEIGH_PRIV_ALIGN);
1526 else
1527 WARN_ON(tbl->entry_size % NEIGH_PRIV_ALIGN);
1528
1529 rwlock_init(&tbl->lock);
1530 INIT_DEFERRABLE_WORK(&tbl->gc_work, neigh_periodic_work);
1531 queue_delayed_work(system_power_efficient_wq, &tbl->gc_work,
1532 tbl->parms.reachable_time);
1533 setup_timer(&tbl->proxy_timer, neigh_proxy_process, (unsigned long)tbl);
1534 skb_queue_head_init_class(&tbl->proxy_queue,
1535 &neigh_table_proxy_queue_class);
1536
1537 tbl->last_flush = now;
1538 tbl->last_rand = now + tbl->parms.reachable_time * 20;
1539
1540 neigh_tables[index] = tbl;
1541 }
1542 EXPORT_SYMBOL(neigh_table_init);
1543
1544 int neigh_table_clear(int index, struct neigh_table *tbl)
1545 {
1546 neigh_tables[index] = NULL;
1547 /* It is not clean... Fix it to unload IPv6 module safely */
1548 cancel_delayed_work_sync(&tbl->gc_work);
1549 del_timer_sync(&tbl->proxy_timer);
1550 pneigh_queue_purge(&tbl->proxy_queue);
1551 neigh_ifdown(tbl, NULL);
1552 if (atomic_read(&tbl->entries))
1553 pr_crit("neighbour leakage\n");
1554
1555 call_rcu(&rcu_dereference_protected(tbl->nht, 1)->rcu,
1556 neigh_hash_free_rcu);
1557 tbl->nht = NULL;
1558
1559 kfree(tbl->phash_buckets);
1560 tbl->phash_buckets = NULL;
1561
1562 remove_proc_entry(tbl->id, init_net.proc_net_stat);
1563
1564 free_percpu(tbl->stats);
1565 tbl->stats = NULL;
1566
1567 return 0;
1568 }
1569 EXPORT_SYMBOL(neigh_table_clear);
1570
1571 static struct neigh_table *neigh_find_table(int family)
1572 {
1573 struct neigh_table *tbl = NULL;
1574
1575 switch (family) {
1576 case AF_INET:
1577 tbl = neigh_tables[NEIGH_ARP_TABLE];
1578 break;
1579 case AF_INET6:
1580 tbl = neigh_tables[NEIGH_ND_TABLE];
1581 break;
1582 case AF_DECnet:
1583 tbl = neigh_tables[NEIGH_DN_TABLE];
1584 break;
1585 }
1586
1587 return tbl;
1588 }
1589
1590 static int neigh_delete(struct sk_buff *skb, struct nlmsghdr *nlh)
1591 {
1592 struct net *net = sock_net(skb->sk);
1593 struct ndmsg *ndm;
1594 struct nlattr *dst_attr;
1595 struct neigh_table *tbl;
1596 struct neighbour *neigh;
1597 struct net_device *dev = NULL;
1598 int err = -EINVAL;
1599
1600 ASSERT_RTNL();
1601 if (nlmsg_len(nlh) < sizeof(*ndm))
1602 goto out;
1603
1604 dst_attr = nlmsg_find_attr(nlh, sizeof(*ndm), NDA_DST);
1605 if (dst_attr == NULL)
1606 goto out;
1607
1608 ndm = nlmsg_data(nlh);
1609 if (ndm->ndm_ifindex) {
1610 dev = __dev_get_by_index(net, ndm->ndm_ifindex);
1611 if (dev == NULL) {
1612 err = -ENODEV;
1613 goto out;
1614 }
1615 }
1616
1617 tbl = neigh_find_table(ndm->ndm_family);
1618 if (tbl == NULL)
1619 return -EAFNOSUPPORT;
1620
1621 if (nla_len(dst_attr) < tbl->key_len)
1622 goto out;
1623
1624 if (ndm->ndm_flags & NTF_PROXY) {
1625 err = pneigh_delete(tbl, net, nla_data(dst_attr), dev);
1626 goto out;
1627 }
1628
1629 if (dev == NULL)
1630 goto out;
1631
1632 neigh = neigh_lookup(tbl, nla_data(dst_attr), dev);
1633 if (neigh == NULL) {
1634 err = -ENOENT;
1635 goto out;
1636 }
1637
1638 err = neigh_update(neigh, NULL, NUD_FAILED,
1639 NEIGH_UPDATE_F_OVERRIDE |
1640 NEIGH_UPDATE_F_ADMIN);
1641 neigh_release(neigh);
1642
1643 out:
1644 return err;
1645 }
1646
1647 static int neigh_add(struct sk_buff *skb, struct nlmsghdr *nlh)
1648 {
1649 int flags = NEIGH_UPDATE_F_ADMIN | NEIGH_UPDATE_F_OVERRIDE;
1650 struct net *net = sock_net(skb->sk);
1651 struct ndmsg *ndm;
1652 struct nlattr *tb[NDA_MAX+1];
1653 struct neigh_table *tbl;
1654 struct net_device *dev = NULL;
1655 struct neighbour *neigh;
1656 void *dst, *lladdr;
1657 int err;
1658
1659 ASSERT_RTNL();
1660 err = nlmsg_parse(nlh, sizeof(*ndm), tb, NDA_MAX, NULL);
1661 if (err < 0)
1662 goto out;
1663
1664 err = -EINVAL;
1665 if (tb[NDA_DST] == NULL)
1666 goto out;
1667
1668 ndm = nlmsg_data(nlh);
1669 if (ndm->ndm_ifindex) {
1670 dev = __dev_get_by_index(net, ndm->ndm_ifindex);
1671 if (dev == NULL) {
1672 err = -ENODEV;
1673 goto out;
1674 }
1675
1676 if (tb[NDA_LLADDR] && nla_len(tb[NDA_LLADDR]) < dev->addr_len)
1677 goto out;
1678 }
1679
1680 tbl = neigh_find_table(ndm->ndm_family);
1681 if (tbl == NULL)
1682 return -EAFNOSUPPORT;
1683
1684 if (nla_len(tb[NDA_DST]) < tbl->key_len)
1685 goto out;
1686 dst = nla_data(tb[NDA_DST]);
1687 lladdr = tb[NDA_LLADDR] ? nla_data(tb[NDA_LLADDR]) : NULL;
1688
1689 if (ndm->ndm_flags & NTF_PROXY) {
1690 struct pneigh_entry *pn;
1691
1692 err = -ENOBUFS;
1693 pn = pneigh_lookup(tbl, net, dst, dev, 1);
1694 if (pn) {
1695 pn->flags = ndm->ndm_flags;
1696 err = 0;
1697 }
1698 goto out;
1699 }
1700
1701 if (dev == NULL)
1702 goto out;
1703
1704 neigh = neigh_lookup(tbl, dst, dev);
1705 if (neigh == NULL) {
1706 if (!(nlh->nlmsg_flags & NLM_F_CREATE)) {
1707 err = -ENOENT;
1708 goto out;
1709 }
1710
1711 neigh = __neigh_lookup_errno(tbl, dst, dev);
1712 if (IS_ERR(neigh)) {
1713 err = PTR_ERR(neigh);
1714 goto out;
1715 }
1716 } else {
1717 if (nlh->nlmsg_flags & NLM_F_EXCL) {
1718 err = -EEXIST;
1719 neigh_release(neigh);
1720 goto out;
1721 }
1722
1723 if (!(nlh->nlmsg_flags & NLM_F_REPLACE))
1724 flags &= ~NEIGH_UPDATE_F_OVERRIDE;
1725 }
1726
1727 if (ndm->ndm_flags & NTF_USE) {
1728 neigh_event_send(neigh, NULL);
1729 err = 0;
1730 } else
1731 err = neigh_update(neigh, lladdr, ndm->ndm_state, flags);
1732 neigh_release(neigh);
1733
1734 out:
1735 return err;
1736 }
1737
1738 static int neightbl_fill_parms(struct sk_buff *skb, struct neigh_parms *parms)
1739 {
1740 struct nlattr *nest;
1741
1742 nest = nla_nest_start(skb, NDTA_PARMS);
1743 if (nest == NULL)
1744 return -ENOBUFS;
1745
1746 if ((parms->dev &&
1747 nla_put_u32(skb, NDTPA_IFINDEX, parms->dev->ifindex)) ||
1748 nla_put_u32(skb, NDTPA_REFCNT, atomic_read(&parms->refcnt)) ||
1749 nla_put_u32(skb, NDTPA_QUEUE_LENBYTES,
1750 NEIGH_VAR(parms, QUEUE_LEN_BYTES)) ||
1751 /* approximative value for deprecated QUEUE_LEN (in packets) */
1752 nla_put_u32(skb, NDTPA_QUEUE_LEN,
1753 NEIGH_VAR(parms, QUEUE_LEN_BYTES) / SKB_TRUESIZE(ETH_FRAME_LEN)) ||
1754 nla_put_u32(skb, NDTPA_PROXY_QLEN, NEIGH_VAR(parms, PROXY_QLEN)) ||
1755 nla_put_u32(skb, NDTPA_APP_PROBES, NEIGH_VAR(parms, APP_PROBES)) ||
1756 nla_put_u32(skb, NDTPA_UCAST_PROBES,
1757 NEIGH_VAR(parms, UCAST_PROBES)) ||
1758 nla_put_u32(skb, NDTPA_MCAST_PROBES,
1759 NEIGH_VAR(parms, MCAST_PROBES)) ||
1760 nla_put_u32(skb, NDTPA_MCAST_REPROBES,
1761 NEIGH_VAR(parms, MCAST_REPROBES)) ||
1762 nla_put_msecs(skb, NDTPA_REACHABLE_TIME, parms->reachable_time,
1763 NDTPA_PAD) ||
1764 nla_put_msecs(skb, NDTPA_BASE_REACHABLE_TIME,
1765 NEIGH_VAR(parms, BASE_REACHABLE_TIME), NDTPA_PAD) ||
1766 nla_put_msecs(skb, NDTPA_GC_STALETIME,
1767 NEIGH_VAR(parms, GC_STALETIME), NDTPA_PAD) ||
1768 nla_put_msecs(skb, NDTPA_DELAY_PROBE_TIME,
1769 NEIGH_VAR(parms, DELAY_PROBE_TIME), NDTPA_PAD) ||
1770 nla_put_msecs(skb, NDTPA_RETRANS_TIME,
1771 NEIGH_VAR(parms, RETRANS_TIME), NDTPA_PAD) ||
1772 nla_put_msecs(skb, NDTPA_ANYCAST_DELAY,
1773 NEIGH_VAR(parms, ANYCAST_DELAY), NDTPA_PAD) ||
1774 nla_put_msecs(skb, NDTPA_PROXY_DELAY,
1775 NEIGH_VAR(parms, PROXY_DELAY), NDTPA_PAD) ||
1776 nla_put_msecs(skb, NDTPA_LOCKTIME,
1777 NEIGH_VAR(parms, LOCKTIME), NDTPA_PAD))
1778 goto nla_put_failure;
1779 return nla_nest_end(skb, nest);
1780
1781 nla_put_failure:
1782 nla_nest_cancel(skb, nest);
1783 return -EMSGSIZE;
1784 }
1785
1786 static int neightbl_fill_info(struct sk_buff *skb, struct neigh_table *tbl,
1787 u32 pid, u32 seq, int type, int flags)
1788 {
1789 struct nlmsghdr *nlh;
1790 struct ndtmsg *ndtmsg;
1791
1792 nlh = nlmsg_put(skb, pid, seq, type, sizeof(*ndtmsg), flags);
1793 if (nlh == NULL)
1794 return -EMSGSIZE;
1795
1796 ndtmsg = nlmsg_data(nlh);
1797
1798 read_lock_bh(&tbl->lock);
1799 ndtmsg->ndtm_family = tbl->family;
1800 ndtmsg->ndtm_pad1 = 0;
1801 ndtmsg->ndtm_pad2 = 0;
1802
1803 if (nla_put_string(skb, NDTA_NAME, tbl->id) ||
1804 nla_put_msecs(skb, NDTA_GC_INTERVAL, tbl->gc_interval, NDTA_PAD) ||
1805 nla_put_u32(skb, NDTA_THRESH1, tbl->gc_thresh1) ||
1806 nla_put_u32(skb, NDTA_THRESH2, tbl->gc_thresh2) ||
1807 nla_put_u32(skb, NDTA_THRESH3, tbl->gc_thresh3))
1808 goto nla_put_failure;
1809 {
1810 unsigned long now = jiffies;
1811 unsigned int flush_delta = now - tbl->last_flush;
1812 unsigned int rand_delta = now - tbl->last_rand;
1813 struct neigh_hash_table *nht;
1814 struct ndt_config ndc = {
1815 .ndtc_key_len = tbl->key_len,
1816 .ndtc_entry_size = tbl->entry_size,
1817 .ndtc_entries = atomic_read(&tbl->entries),
1818 .ndtc_last_flush = jiffies_to_msecs(flush_delta),
1819 .ndtc_last_rand = jiffies_to_msecs(rand_delta),
1820 .ndtc_proxy_qlen = tbl->proxy_queue.qlen,
1821 };
1822
1823 rcu_read_lock_bh();
1824 nht = rcu_dereference_bh(tbl->nht);
1825 ndc.ndtc_hash_rnd = nht->hash_rnd[0];
1826 ndc.ndtc_hash_mask = ((1 << nht->hash_shift) - 1);
1827 rcu_read_unlock_bh();
1828
1829 if (nla_put(skb, NDTA_CONFIG, sizeof(ndc), &ndc))
1830 goto nla_put_failure;
1831 }
1832
1833 {
1834 int cpu;
1835 struct ndt_stats ndst;
1836
1837 memset(&ndst, 0, sizeof(ndst));
1838
1839 for_each_possible_cpu(cpu) {
1840 struct neigh_statistics *st;
1841
1842 st = per_cpu_ptr(tbl->stats, cpu);
1843 ndst.ndts_allocs += st->allocs;
1844 ndst.ndts_destroys += st->destroys;
1845 ndst.ndts_hash_grows += st->hash_grows;
1846 ndst.ndts_res_failed += st->res_failed;
1847 ndst.ndts_lookups += st->lookups;
1848 ndst.ndts_hits += st->hits;
1849 ndst.ndts_rcv_probes_mcast += st->rcv_probes_mcast;
1850 ndst.ndts_rcv_probes_ucast += st->rcv_probes_ucast;
1851 ndst.ndts_periodic_gc_runs += st->periodic_gc_runs;
1852 ndst.ndts_forced_gc_runs += st->forced_gc_runs;
1853 ndst.ndts_table_fulls += st->table_fulls;
1854 }
1855
1856 if (nla_put_64bit(skb, NDTA_STATS, sizeof(ndst), &ndst,
1857 NDTA_PAD))
1858 goto nla_put_failure;
1859 }
1860
1861 BUG_ON(tbl->parms.dev);
1862 if (neightbl_fill_parms(skb, &tbl->parms) < 0)
1863 goto nla_put_failure;
1864
1865 read_unlock_bh(&tbl->lock);
1866 nlmsg_end(skb, nlh);
1867 return 0;
1868
1869 nla_put_failure:
1870 read_unlock_bh(&tbl->lock);
1871 nlmsg_cancel(skb, nlh);
1872 return -EMSGSIZE;
1873 }
1874
1875 static int neightbl_fill_param_info(struct sk_buff *skb,
1876 struct neigh_table *tbl,
1877 struct neigh_parms *parms,
1878 u32 pid, u32 seq, int type,
1879 unsigned int flags)
1880 {
1881 struct ndtmsg *ndtmsg;
1882 struct nlmsghdr *nlh;
1883
1884 nlh = nlmsg_put(skb, pid, seq, type, sizeof(*ndtmsg), flags);
1885 if (nlh == NULL)
1886 return -EMSGSIZE;
1887
1888 ndtmsg = nlmsg_data(nlh);
1889
1890 read_lock_bh(&tbl->lock);
1891 ndtmsg->ndtm_family = tbl->family;
1892 ndtmsg->ndtm_pad1 = 0;
1893 ndtmsg->ndtm_pad2 = 0;
1894
1895 if (nla_put_string(skb, NDTA_NAME, tbl->id) < 0 ||
1896 neightbl_fill_parms(skb, parms) < 0)
1897 goto errout;
1898
1899 read_unlock_bh(&tbl->lock);
1900 nlmsg_end(skb, nlh);
1901 return 0;
1902 errout:
1903 read_unlock_bh(&tbl->lock);
1904 nlmsg_cancel(skb, nlh);
1905 return -EMSGSIZE;
1906 }
1907
1908 static const struct nla_policy nl_neightbl_policy[NDTA_MAX+1] = {
1909 [NDTA_NAME] = { .type = NLA_STRING },
1910 [NDTA_THRESH1] = { .type = NLA_U32 },
1911 [NDTA_THRESH2] = { .type = NLA_U32 },
1912 [NDTA_THRESH3] = { .type = NLA_U32 },
1913 [NDTA_GC_INTERVAL] = { .type = NLA_U64 },
1914 [NDTA_PARMS] = { .type = NLA_NESTED },
1915 };
1916
1917 static const struct nla_policy nl_ntbl_parm_policy[NDTPA_MAX+1] = {
1918 [NDTPA_IFINDEX] = { .type = NLA_U32 },
1919 [NDTPA_QUEUE_LEN] = { .type = NLA_U32 },
1920 [NDTPA_PROXY_QLEN] = { .type = NLA_U32 },
1921 [NDTPA_APP_PROBES] = { .type = NLA_U32 },
1922 [NDTPA_UCAST_PROBES] = { .type = NLA_U32 },
1923 [NDTPA_MCAST_PROBES] = { .type = NLA_U32 },
1924 [NDTPA_MCAST_REPROBES] = { .type = NLA_U32 },
1925 [NDTPA_BASE_REACHABLE_TIME] = { .type = NLA_U64 },
1926 [NDTPA_GC_STALETIME] = { .type = NLA_U64 },
1927 [NDTPA_DELAY_PROBE_TIME] = { .type = NLA_U64 },
1928 [NDTPA_RETRANS_TIME] = { .type = NLA_U64 },
1929 [NDTPA_ANYCAST_DELAY] = { .type = NLA_U64 },
1930 [NDTPA_PROXY_DELAY] = { .type = NLA_U64 },
1931 [NDTPA_LOCKTIME] = { .type = NLA_U64 },
1932 };
1933
1934 static int neightbl_set(struct sk_buff *skb, struct nlmsghdr *nlh)
1935 {
1936 struct net *net = sock_net(skb->sk);
1937 struct neigh_table *tbl;
1938 struct ndtmsg *ndtmsg;
1939 struct nlattr *tb[NDTA_MAX+1];
1940 bool found = false;
1941 int err, tidx;
1942
1943 err = nlmsg_parse(nlh, sizeof(*ndtmsg), tb, NDTA_MAX,
1944 nl_neightbl_policy);
1945 if (err < 0)
1946 goto errout;
1947
1948 if (tb[NDTA_NAME] == NULL) {
1949 err = -EINVAL;
1950 goto errout;
1951 }
1952
1953 ndtmsg = nlmsg_data(nlh);
1954
1955 for (tidx = 0; tidx < NEIGH_NR_TABLES; tidx++) {
1956 tbl = neigh_tables[tidx];
1957 if (!tbl)
1958 continue;
1959 if (ndtmsg->ndtm_family && tbl->family != ndtmsg->ndtm_family)
1960 continue;
1961 if (nla_strcmp(tb[NDTA_NAME], tbl->id) == 0) {
1962 found = true;
1963 break;
1964 }
1965 }
1966
1967 if (!found)
1968 return -ENOENT;
1969
1970 /*
1971 * We acquire tbl->lock to be nice to the periodic timers and
1972 * make sure they always see a consistent set of values.
1973 */
1974 write_lock_bh(&tbl->lock);
1975
1976 if (tb[NDTA_PARMS]) {
1977 struct nlattr *tbp[NDTPA_MAX+1];
1978 struct neigh_parms *p;
1979 int i, ifindex = 0;
1980
1981 err = nla_parse_nested(tbp, NDTPA_MAX, tb[NDTA_PARMS],
1982 nl_ntbl_parm_policy);
1983 if (err < 0)
1984 goto errout_tbl_lock;
1985
1986 if (tbp[NDTPA_IFINDEX])
1987 ifindex = nla_get_u32(tbp[NDTPA_IFINDEX]);
1988
1989 p = lookup_neigh_parms(tbl, net, ifindex);
1990 if (p == NULL) {
1991 err = -ENOENT;
1992 goto errout_tbl_lock;
1993 }
1994
1995 for (i = 1; i <= NDTPA_MAX; i++) {
1996 if (tbp[i] == NULL)
1997 continue;
1998
1999 switch (i) {
2000 case NDTPA_QUEUE_LEN:
2001 NEIGH_VAR_SET(p, QUEUE_LEN_BYTES,
2002 nla_get_u32(tbp[i]) *
2003 SKB_TRUESIZE(ETH_FRAME_LEN));
2004 break;
2005 case NDTPA_QUEUE_LENBYTES:
2006 NEIGH_VAR_SET(p, QUEUE_LEN_BYTES,
2007 nla_get_u32(tbp[i]));
2008 break;
2009 case NDTPA_PROXY_QLEN:
2010 NEIGH_VAR_SET(p, PROXY_QLEN,
2011 nla_get_u32(tbp[i]));
2012 break;
2013 case NDTPA_APP_PROBES:
2014 NEIGH_VAR_SET(p, APP_PROBES,
2015 nla_get_u32(tbp[i]));
2016 break;
2017 case NDTPA_UCAST_PROBES:
2018 NEIGH_VAR_SET(p, UCAST_PROBES,
2019 nla_get_u32(tbp[i]));
2020 break;
2021 case NDTPA_MCAST_PROBES:
2022 NEIGH_VAR_SET(p, MCAST_PROBES,
2023 nla_get_u32(tbp[i]));
2024 break;
2025 case NDTPA_MCAST_REPROBES:
2026 NEIGH_VAR_SET(p, MCAST_REPROBES,
2027 nla_get_u32(tbp[i]));
2028 break;
2029 case NDTPA_BASE_REACHABLE_TIME:
2030 NEIGH_VAR_SET(p, BASE_REACHABLE_TIME,
2031 nla_get_msecs(tbp[i]));
2032 /* update reachable_time as well, otherwise, the change will
2033 * only be effective after the next time neigh_periodic_work
2034 * decides to recompute it (can be multiple minutes)
2035 */
2036 p->reachable_time =
2037 neigh_rand_reach_time(NEIGH_VAR(p, BASE_REACHABLE_TIME));
2038 break;
2039 case NDTPA_GC_STALETIME:
2040 NEIGH_VAR_SET(p, GC_STALETIME,
2041 nla_get_msecs(tbp[i]));
2042 break;
2043 case NDTPA_DELAY_PROBE_TIME:
2044 NEIGH_VAR_SET(p, DELAY_PROBE_TIME,
2045 nla_get_msecs(tbp[i]));
2046 call_netevent_notifiers(NETEVENT_DELAY_PROBE_TIME_UPDATE, p);
2047 break;
2048 case NDTPA_RETRANS_TIME:
2049 NEIGH_VAR_SET(p, RETRANS_TIME,
2050 nla_get_msecs(tbp[i]));
2051 break;
2052 case NDTPA_ANYCAST_DELAY:
2053 NEIGH_VAR_SET(p, ANYCAST_DELAY,
2054 nla_get_msecs(tbp[i]));
2055 break;
2056 case NDTPA_PROXY_DELAY:
2057 NEIGH_VAR_SET(p, PROXY_DELAY,
2058 nla_get_msecs(tbp[i]));
2059 break;
2060 case NDTPA_LOCKTIME:
2061 NEIGH_VAR_SET(p, LOCKTIME,
2062 nla_get_msecs(tbp[i]));
2063 break;
2064 }
2065 }
2066 }
2067
2068 err = -ENOENT;
2069 if ((tb[NDTA_THRESH1] || tb[NDTA_THRESH2] ||
2070 tb[NDTA_THRESH3] || tb[NDTA_GC_INTERVAL]) &&
2071 !net_eq(net, &init_net))
2072 goto errout_tbl_lock;
2073
2074 if (tb[NDTA_THRESH1])
2075 tbl->gc_thresh1 = nla_get_u32(tb[NDTA_THRESH1]);
2076
2077 if (tb[NDTA_THRESH2])
2078 tbl->gc_thresh2 = nla_get_u32(tb[NDTA_THRESH2]);
2079
2080 if (tb[NDTA_THRESH3])
2081 tbl->gc_thresh3 = nla_get_u32(tb[NDTA_THRESH3]);
2082
2083 if (tb[NDTA_GC_INTERVAL])
2084 tbl->gc_interval = nla_get_msecs(tb[NDTA_GC_INTERVAL]);
2085
2086 err = 0;
2087
2088 errout_tbl_lock:
2089 write_unlock_bh(&tbl->lock);
2090 errout:
2091 return err;
2092 }
2093
2094 static int neightbl_dump_info(struct sk_buff *skb, struct netlink_callback *cb)
2095 {
2096 struct net *net = sock_net(skb->sk);
2097 int family, tidx, nidx = 0;
2098 int tbl_skip = cb->args[0];
2099 int neigh_skip = cb->args[1];
2100 struct neigh_table *tbl;
2101
2102 family = ((struct rtgenmsg *) nlmsg_data(cb->nlh))->rtgen_family;
2103
2104 for (tidx = 0; tidx < NEIGH_NR_TABLES; tidx++) {
2105 struct neigh_parms *p;
2106
2107 tbl = neigh_tables[tidx];
2108 if (!tbl)
2109 continue;
2110
2111 if (tidx < tbl_skip || (family && tbl->family != family))
2112 continue;
2113
2114 if (neightbl_fill_info(skb, tbl, NETLINK_CB(cb->skb).portid,
2115 cb->nlh->nlmsg_seq, RTM_NEWNEIGHTBL,
2116 NLM_F_MULTI) < 0)
2117 break;
2118
2119 nidx = 0;
2120 p = list_next_entry(&tbl->parms, list);
2121 list_for_each_entry_from(p, &tbl->parms_list, list) {
2122 if (!net_eq(neigh_parms_net(p), net))
2123 continue;
2124
2125 if (nidx < neigh_skip)
2126 goto next;
2127
2128 if (neightbl_fill_param_info(skb, tbl, p,
2129 NETLINK_CB(cb->skb).portid,
2130 cb->nlh->nlmsg_seq,
2131 RTM_NEWNEIGHTBL,
2132 NLM_F_MULTI) < 0)
2133 goto out;
2134 next:
2135 nidx++;
2136 }
2137
2138 neigh_skip = 0;
2139 }
2140 out:
2141 cb->args[0] = tidx;
2142 cb->args[1] = nidx;
2143
2144 return skb->len;
2145 }
2146
2147 static int neigh_fill_info(struct sk_buff *skb, struct neighbour *neigh,
2148 u32 pid, u32 seq, int type, unsigned int flags)
2149 {
2150 unsigned long now = jiffies;
2151 struct nda_cacheinfo ci;
2152 struct nlmsghdr *nlh;
2153 struct ndmsg *ndm;
2154
2155 nlh = nlmsg_put(skb, pid, seq, type, sizeof(*ndm), flags);
2156 if (nlh == NULL)
2157 return -EMSGSIZE;
2158
2159 ndm = nlmsg_data(nlh);
2160 ndm->ndm_family = neigh->ops->family;
2161 ndm->ndm_pad1 = 0;
2162 ndm->ndm_pad2 = 0;
2163 ndm->ndm_flags = neigh->flags;
2164 ndm->ndm_type = neigh->type;
2165 ndm->ndm_ifindex = neigh->dev->ifindex;
2166
2167 if (nla_put(skb, NDA_DST, neigh->tbl->key_len, neigh->primary_key))
2168 goto nla_put_failure;
2169
2170 read_lock_bh(&neigh->lock);
2171 ndm->ndm_state = neigh->nud_state;
2172 if (neigh->nud_state & NUD_VALID) {
2173 char haddr[MAX_ADDR_LEN];
2174
2175 neigh_ha_snapshot(haddr, neigh, neigh->dev);
2176 if (nla_put(skb, NDA_LLADDR, neigh->dev->addr_len, haddr) < 0) {
2177 read_unlock_bh(&neigh->lock);
2178 goto nla_put_failure;
2179 }
2180 }
2181
2182 ci.ndm_used = jiffies_to_clock_t(now - neigh->used);
2183 ci.ndm_confirmed = jiffies_to_clock_t(now - neigh->confirmed);
2184 ci.ndm_updated = jiffies_to_clock_t(now - neigh->updated);
2185 ci.ndm_refcnt = atomic_read(&neigh->refcnt) - 1;
2186 read_unlock_bh(&neigh->lock);
2187
2188 if (nla_put_u32(skb, NDA_PROBES, atomic_read(&neigh->probes)) ||
2189 nla_put(skb, NDA_CACHEINFO, sizeof(ci), &ci))
2190 goto nla_put_failure;
2191
2192 nlmsg_end(skb, nlh);
2193 return 0;
2194
2195 nla_put_failure:
2196 nlmsg_cancel(skb, nlh);
2197 return -EMSGSIZE;
2198 }
2199
2200 static int pneigh_fill_info(struct sk_buff *skb, struct pneigh_entry *pn,
2201 u32 pid, u32 seq, int type, unsigned int flags,
2202 struct neigh_table *tbl)
2203 {
2204 struct nlmsghdr *nlh;
2205 struct ndmsg *ndm;
2206
2207 nlh = nlmsg_put(skb, pid, seq, type, sizeof(*ndm), flags);
2208 if (nlh == NULL)
2209 return -EMSGSIZE;
2210
2211 ndm = nlmsg_data(nlh);
2212 ndm->ndm_family = tbl->family;
2213 ndm->ndm_pad1 = 0;
2214 ndm->ndm_pad2 = 0;
2215 ndm->ndm_flags = pn->flags | NTF_PROXY;
2216 ndm->ndm_type = RTN_UNICAST;
2217 ndm->ndm_ifindex = pn->dev ? pn->dev->ifindex : 0;
2218 ndm->ndm_state = NUD_NONE;
2219
2220 if (nla_put(skb, NDA_DST, tbl->key_len, pn->key))
2221 goto nla_put_failure;
2222
2223 nlmsg_end(skb, nlh);
2224 return 0;
2225
2226 nla_put_failure:
2227 nlmsg_cancel(skb, nlh);
2228 return -EMSGSIZE;
2229 }
2230
2231 static void neigh_update_notify(struct neighbour *neigh)
2232 {
2233 call_netevent_notifiers(NETEVENT_NEIGH_UPDATE, neigh);
2234 __neigh_notify(neigh, RTM_NEWNEIGH, 0);
2235 }
2236
2237 static bool neigh_master_filtered(struct net_device *dev, int master_idx)
2238 {
2239 struct net_device *master;
2240
2241 if (!master_idx)
2242 return false;
2243
2244 master = netdev_master_upper_dev_get(dev);
2245 if (!master || master->ifindex != master_idx)
2246 return true;
2247
2248 return false;
2249 }
2250
2251 static bool neigh_ifindex_filtered(struct net_device *dev, int filter_idx)
2252 {
2253 if (filter_idx && dev->ifindex != filter_idx)
2254 return true;
2255
2256 return false;
2257 }
2258
2259 static int neigh_dump_table(struct neigh_table *tbl, struct sk_buff *skb,
2260 struct netlink_callback *cb)
2261 {
2262 struct net *net = sock_net(skb->sk);
2263 const struct nlmsghdr *nlh = cb->nlh;
2264 struct nlattr *tb[NDA_MAX + 1];
2265 struct neighbour *n;
2266 int rc, h, s_h = cb->args[1];
2267 int idx, s_idx = idx = cb->args[2];
2268 struct neigh_hash_table *nht;
2269 int filter_master_idx = 0, filter_idx = 0;
2270 unsigned int flags = NLM_F_MULTI;
2271 int err;
2272
2273 err = nlmsg_parse(nlh, sizeof(struct ndmsg), tb, NDA_MAX, NULL);
2274 if (!err) {
2275 if (tb[NDA_IFINDEX])
2276 filter_idx = nla_get_u32(tb[NDA_IFINDEX]);
2277
2278 if (tb[NDA_MASTER])
2279 filter_master_idx = nla_get_u32(tb[NDA_MASTER]);
2280
2281 if (filter_idx || filter_master_idx)
2282 flags |= NLM_F_DUMP_FILTERED;
2283 }
2284
2285 rcu_read_lock_bh();
2286 nht = rcu_dereference_bh(tbl->nht);
2287
2288 for (h = s_h; h < (1 << nht->hash_shift); h++) {
2289 if (h > s_h)
2290 s_idx = 0;
2291 for (n = rcu_dereference_bh(nht->hash_buckets[h]), idx = 0;
2292 n != NULL;
2293 n = rcu_dereference_bh(n->next)) {
2294 if (!net_eq(dev_net(n->dev), net))
2295 continue;
2296 if (neigh_ifindex_filtered(n->dev, filter_idx))
2297 continue;
2298 if (neigh_master_filtered(n->dev, filter_master_idx))
2299 continue;
2300 if (idx < s_idx)
2301 goto next;
2302 if (neigh_fill_info(skb, n, NETLINK_CB(cb->skb).portid,
2303 cb->nlh->nlmsg_seq,
2304 RTM_NEWNEIGH,
2305 flags) < 0) {
2306 rc = -1;
2307 goto out;
2308 }
2309 next:
2310 idx++;
2311 }
2312 }
2313 rc = skb->len;
2314 out:
2315 rcu_read_unlock_bh();
2316 cb->args[1] = h;
2317 cb->args[2] = idx;
2318 return rc;
2319 }
2320
2321 static int pneigh_dump_table(struct neigh_table *tbl, struct sk_buff *skb,
2322 struct netlink_callback *cb)
2323 {
2324 struct pneigh_entry *n;
2325 struct net *net = sock_net(skb->sk);
2326 int rc, h, s_h = cb->args[3];
2327 int idx, s_idx = idx = cb->args[4];
2328
2329 read_lock_bh(&tbl->lock);
2330
2331 for (h = s_h; h <= PNEIGH_HASHMASK; h++) {
2332 if (h > s_h)
2333 s_idx = 0;
2334 for (n = tbl->phash_buckets[h], idx = 0; n; n = n->next) {
2335 if (pneigh_net(n) != net)
2336 continue;
2337 if (idx < s_idx)
2338 goto next;
2339 if (pneigh_fill_info(skb, n, NETLINK_CB(cb->skb).portid,
2340 cb->nlh->nlmsg_seq,
2341 RTM_NEWNEIGH,
2342 NLM_F_MULTI, tbl) < 0) {
2343 read_unlock_bh(&tbl->lock);
2344 rc = -1;
2345 goto out;
2346 }
2347 next:
2348 idx++;
2349 }
2350 }
2351
2352 read_unlock_bh(&tbl->lock);
2353 rc = skb->len;
2354 out:
2355 cb->args[3] = h;
2356 cb->args[4] = idx;
2357 return rc;
2358
2359 }
2360
2361 static int neigh_dump_info(struct sk_buff *skb, struct netlink_callback *cb)
2362 {
2363 struct neigh_table *tbl;
2364 int t, family, s_t;
2365 int proxy = 0;
2366 int err;
2367
2368 family = ((struct rtgenmsg *) nlmsg_data(cb->nlh))->rtgen_family;
2369
2370 /* check for full ndmsg structure presence, family member is
2371 * the same for both structures
2372 */
2373 if (nlmsg_len(cb->nlh) >= sizeof(struct ndmsg) &&
2374 ((struct ndmsg *) nlmsg_data(cb->nlh))->ndm_flags == NTF_PROXY)
2375 proxy = 1;
2376
2377 s_t = cb->args[0];
2378
2379 for (t = 0; t < NEIGH_NR_TABLES; t++) {
2380 tbl = neigh_tables[t];
2381
2382 if (!tbl)
2383 continue;
2384 if (t < s_t || (family && tbl->family != family))
2385 continue;
2386 if (t > s_t)
2387 memset(&cb->args[1], 0, sizeof(cb->args) -
2388 sizeof(cb->args[0]));
2389 if (proxy)
2390 err = pneigh_dump_table(tbl, skb, cb);
2391 else
2392 err = neigh_dump_table(tbl, skb, cb);
2393 if (err < 0)
2394 break;
2395 }
2396
2397 cb->args[0] = t;
2398 return skb->len;
2399 }
2400
2401 void neigh_for_each(struct neigh_table *tbl, void (*cb)(struct neighbour *, void *), void *cookie)
2402 {
2403 int chain;
2404 struct neigh_hash_table *nht;
2405
2406 rcu_read_lock_bh();
2407 nht = rcu_dereference_bh(tbl->nht);
2408
2409 read_lock(&tbl->lock); /* avoid resizes */
2410 for (chain = 0; chain < (1 << nht->hash_shift); chain++) {
2411 struct neighbour *n;
2412
2413 for (n = rcu_dereference_bh(nht->hash_buckets[chain]);
2414 n != NULL;
2415 n = rcu_dereference_bh(n->next))
2416 cb(n, cookie);
2417 }
2418 read_unlock(&tbl->lock);
2419 rcu_read_unlock_bh();
2420 }
2421 EXPORT_SYMBOL(neigh_for_each);
2422
2423 /* The tbl->lock must be held as a writer and BH disabled. */
2424 void __neigh_for_each_release(struct neigh_table *tbl,
2425 int (*cb)(struct neighbour *))
2426 {
2427 int chain;
2428 struct neigh_hash_table *nht;
2429
2430 nht = rcu_dereference_protected(tbl->nht,
2431 lockdep_is_held(&tbl->lock));
2432 for (chain = 0; chain < (1 << nht->hash_shift); chain++) {
2433 struct neighbour *n;
2434 struct neighbour __rcu **np;
2435
2436 np = &nht->hash_buckets[chain];
2437 while ((n = rcu_dereference_protected(*np,
2438 lockdep_is_held(&tbl->lock))) != NULL) {
2439 int release;
2440
2441 write_lock(&n->lock);
2442 release = cb(n);
2443 if (release) {
2444 rcu_assign_pointer(*np,
2445 rcu_dereference_protected(n->next,
2446 lockdep_is_held(&tbl->lock)));
2447 n->dead = 1;
2448 } else
2449 np = &n->next;
2450 write_unlock(&n->lock);
2451 if (release)
2452 neigh_cleanup_and_release(n);
2453 }
2454 }
2455 }
2456 EXPORT_SYMBOL(__neigh_for_each_release);
2457
2458 int neigh_xmit(int index, struct net_device *dev,
2459 const void *addr, struct sk_buff *skb)
2460 {
2461 int err = -EAFNOSUPPORT;
2462 if (likely(index < NEIGH_NR_TABLES)) {
2463 struct neigh_table *tbl;
2464 struct neighbour *neigh;
2465
2466 tbl = neigh_tables[index];
2467 if (!tbl)
2468 goto out;
2469 rcu_read_lock_bh();
2470 neigh = __neigh_lookup_noref(tbl, addr, dev);
2471 if (!neigh)
2472 neigh = __neigh_create(tbl, addr, dev, false);
2473 err = PTR_ERR(neigh);
2474 if (IS_ERR(neigh)) {
2475 rcu_read_unlock_bh();
2476 goto out_kfree_skb;
2477 }
2478 err = neigh->output(neigh, skb);
2479 rcu_read_unlock_bh();
2480 }
2481 else if (index == NEIGH_LINK_TABLE) {
2482 err = dev_hard_header(skb, dev, ntohs(skb->protocol),
2483 addr, NULL, skb->len);
2484 if (err < 0)
2485 goto out_kfree_skb;
2486 err = dev_queue_xmit(skb);
2487 }
2488 out:
2489 return err;
2490 out_kfree_skb:
2491 kfree_skb(skb);
2492 goto out;
2493 }
2494 EXPORT_SYMBOL(neigh_xmit);
2495
2496 #ifdef CONFIG_PROC_FS
2497
2498 static struct neighbour *neigh_get_first(struct seq_file *seq)
2499 {
2500 struct neigh_seq_state *state = seq->private;
2501 struct net *net = seq_file_net(seq);
2502 struct neigh_hash_table *nht = state->nht;
2503 struct neighbour *n = NULL;
2504 int bucket = state->bucket;
2505
2506 state->flags &= ~NEIGH_SEQ_IS_PNEIGH;
2507 for (bucket = 0; bucket < (1 << nht->hash_shift); bucket++) {
2508 n = rcu_dereference_bh(nht->hash_buckets[bucket]);
2509
2510 while (n) {
2511 if (!net_eq(dev_net(n->dev), net))
2512 goto next;
2513 if (state->neigh_sub_iter) {
2514 loff_t fakep = 0;
2515 void *v;
2516
2517 v = state->neigh_sub_iter(state, n, &fakep);
2518 if (!v)
2519 goto next;
2520 }
2521 if (!(state->flags & NEIGH_SEQ_SKIP_NOARP))
2522 break;
2523 if (n->nud_state & ~NUD_NOARP)
2524 break;
2525 next:
2526 n = rcu_dereference_bh(n->next);
2527 }
2528
2529 if (n)
2530 break;
2531 }
2532 state->bucket = bucket;
2533
2534 return n;
2535 }
2536
2537 static struct neighbour *neigh_get_next(struct seq_file *seq,
2538 struct neighbour *n,
2539 loff_t *pos)
2540 {
2541 struct neigh_seq_state *state = seq->private;
2542 struct net *net = seq_file_net(seq);
2543 struct neigh_hash_table *nht = state->nht;
2544
2545 if (state->neigh_sub_iter) {
2546 void *v = state->neigh_sub_iter(state, n, pos);
2547 if (v)
2548 return n;
2549 }
2550 n = rcu_dereference_bh(n->next);
2551
2552 while (1) {
2553 while (n) {
2554 if (!net_eq(dev_net(n->dev), net))
2555 goto next;
2556 if (state->neigh_sub_iter) {
2557 void *v = state->neigh_sub_iter(state, n, pos);
2558 if (v)
2559 return n;
2560 goto next;
2561 }
2562 if (!(state->flags & NEIGH_SEQ_SKIP_NOARP))
2563 break;
2564
2565 if (n->nud_state & ~NUD_NOARP)
2566 break;
2567 next:
2568 n = rcu_dereference_bh(n->next);
2569 }
2570
2571 if (n)
2572 break;
2573
2574 if (++state->bucket >= (1 << nht->hash_shift))
2575 break;
2576
2577 n = rcu_dereference_bh(nht->hash_buckets[state->bucket]);
2578 }
2579
2580 if (n && pos)
2581 --(*pos);
2582 return n;
2583 }
2584
2585 static struct neighbour *neigh_get_idx(struct seq_file *seq, loff_t *pos)
2586 {
2587 struct neighbour *n = neigh_get_first(seq);
2588
2589 if (n) {
2590 --(*pos);
2591 while (*pos) {
2592 n = neigh_get_next(seq, n, pos);
2593 if (!n)
2594 break;
2595 }
2596 }
2597 return *pos ? NULL : n;
2598 }
2599
2600 static struct pneigh_entry *pneigh_get_first(struct seq_file *seq)
2601 {
2602 struct neigh_seq_state *state = seq->private;
2603 struct net *net = seq_file_net(seq);
2604 struct neigh_table *tbl = state->tbl;
2605 struct pneigh_entry *pn = NULL;
2606 int bucket = state->bucket;
2607
2608 state->flags |= NEIGH_SEQ_IS_PNEIGH;
2609 for (bucket = 0; bucket <= PNEIGH_HASHMASK; bucket++) {
2610 pn = tbl->phash_buckets[bucket];
2611 while (pn && !net_eq(pneigh_net(pn), net))
2612 pn = pn->next;
2613 if (pn)
2614 break;
2615 }
2616 state->bucket = bucket;
2617
2618 return pn;
2619 }
2620
2621 static struct pneigh_entry *pneigh_get_next(struct seq_file *seq,
2622 struct pneigh_entry *pn,
2623 loff_t *pos)
2624 {
2625 struct neigh_seq_state *state = seq->private;
2626 struct net *net = seq_file_net(seq);
2627 struct neigh_table *tbl = state->tbl;
2628
2629 do {
2630 pn = pn->next;
2631 } while (pn && !net_eq(pneigh_net(pn), net));
2632
2633 while (!pn) {
2634 if (++state->bucket > PNEIGH_HASHMASK)
2635 break;
2636 pn = tbl->phash_buckets[state->bucket];
2637 while (pn && !net_eq(pneigh_net(pn), net))
2638 pn = pn->next;
2639 if (pn)
2640 break;
2641 }
2642
2643 if (pn && pos)
2644 --(*pos);
2645
2646 return pn;
2647 }
2648
2649 static struct pneigh_entry *pneigh_get_idx(struct seq_file *seq, loff_t *pos)
2650 {
2651 struct pneigh_entry *pn = pneigh_get_first(seq);
2652
2653 if (pn) {
2654 --(*pos);
2655 while (*pos) {
2656 pn = pneigh_get_next(seq, pn, pos);
2657 if (!pn)
2658 break;
2659 }
2660 }
2661 return *pos ? NULL : pn;
2662 }
2663
2664 static void *neigh_get_idx_any(struct seq_file *seq, loff_t *pos)
2665 {
2666 struct neigh_seq_state *state = seq->private;
2667 void *rc;
2668 loff_t idxpos = *pos;
2669
2670 rc = neigh_get_idx(seq, &idxpos);
2671 if (!rc && !(state->flags & NEIGH_SEQ_NEIGH_ONLY))
2672 rc = pneigh_get_idx(seq, &idxpos);
2673
2674 return rc;
2675 }
2676
2677 void *neigh_seq_start(struct seq_file *seq, loff_t *pos, struct neigh_table *tbl, unsigned int neigh_seq_flags)
2678 __acquires(rcu_bh)
2679 {
2680 struct neigh_seq_state *state = seq->private;
2681
2682 state->tbl = tbl;
2683 state->bucket = 0;
2684 state->flags = (neigh_seq_flags & ~NEIGH_SEQ_IS_PNEIGH);
2685
2686 rcu_read_lock_bh();
2687 state->nht = rcu_dereference_bh(tbl->nht);
2688
2689 return *pos ? neigh_get_idx_any(seq, pos) : SEQ_START_TOKEN;
2690 }
2691 EXPORT_SYMBOL(neigh_seq_start);
2692
2693 void *neigh_seq_next(struct seq_file *seq, void *v, loff_t *pos)
2694 {
2695 struct neigh_seq_state *state;
2696 void *rc;
2697
2698 if (v == SEQ_START_TOKEN) {
2699 rc = neigh_get_first(seq);
2700 goto out;
2701 }
2702
2703 state = seq->private;
2704 if (!(state->flags & NEIGH_SEQ_IS_PNEIGH)) {
2705 rc = neigh_get_next(seq, v, NULL);
2706 if (rc)
2707 goto out;
2708 if (!(state->flags & NEIGH_SEQ_NEIGH_ONLY))
2709 rc = pneigh_get_first(seq);
2710 } else {
2711 BUG_ON(state->flags & NEIGH_SEQ_NEIGH_ONLY);
2712 rc = pneigh_get_next(seq, v, NULL);
2713 }
2714 out:
2715 ++(*pos);
2716 return rc;
2717 }
2718 EXPORT_SYMBOL(neigh_seq_next);
2719
2720 void neigh_seq_stop(struct seq_file *seq, void *v)
2721 __releases(rcu_bh)
2722 {
2723 rcu_read_unlock_bh();
2724 }
2725 EXPORT_SYMBOL(neigh_seq_stop);
2726
2727 /* statistics via seq_file */
2728
2729 static void *neigh_stat_seq_start(struct seq_file *seq, loff_t *pos)
2730 {
2731 struct neigh_table *tbl = seq->private;
2732 int cpu;
2733
2734 if (*pos == 0)
2735 return SEQ_START_TOKEN;
2736
2737 for (cpu = *pos-1; cpu < nr_cpu_ids; ++cpu) {
2738 if (!cpu_possible(cpu))
2739 continue;
2740 *pos = cpu+1;
2741 return per_cpu_ptr(tbl->stats, cpu);
2742 }
2743 return NULL;
2744 }
2745
2746 static void *neigh_stat_seq_next(struct seq_file *seq, void *v, loff_t *pos)
2747 {
2748 struct neigh_table *tbl = seq->private;
2749 int cpu;
2750
2751 for (cpu = *pos; cpu < nr_cpu_ids; ++cpu) {
2752 if (!cpu_possible(cpu))
2753 continue;
2754 *pos = cpu+1;
2755 return per_cpu_ptr(tbl->stats, cpu);
2756 }
2757 return NULL;
2758 }
2759
2760 static void neigh_stat_seq_stop(struct seq_file *seq, void *v)
2761 {
2762
2763 }
2764
2765 static int neigh_stat_seq_show(struct seq_file *seq, void *v)
2766 {
2767 struct neigh_table *tbl = seq->private;
2768 struct neigh_statistics *st = v;
2769
2770 if (v == SEQ_START_TOKEN) {
2771 seq_printf(seq, "entries allocs destroys hash_grows lookups hits res_failed rcv_probes_mcast rcv_probes_ucast periodic_gc_runs forced_gc_runs unresolved_discards table_fulls\n");
2772 return 0;
2773 }
2774
2775 seq_printf(seq, "%08x %08lx %08lx %08lx %08lx %08lx %08lx "
2776 "%08lx %08lx %08lx %08lx %08lx %08lx\n",
2777 atomic_read(&tbl->entries),
2778
2779 st->allocs,
2780 st->destroys,
2781 st->hash_grows,
2782
2783 st->lookups,
2784 st->hits,
2785
2786 st->res_failed,
2787
2788 st->rcv_probes_mcast,
2789 st->rcv_probes_ucast,
2790
2791 st->periodic_gc_runs,
2792 st->forced_gc_runs,
2793 st->unres_discards,
2794 st->table_fulls
2795 );
2796
2797 return 0;
2798 }
2799
2800 static const struct seq_operations neigh_stat_seq_ops = {
2801 .start = neigh_stat_seq_start,
2802 .next = neigh_stat_seq_next,
2803 .stop = neigh_stat_seq_stop,
2804 .show = neigh_stat_seq_show,
2805 };
2806
2807 static int neigh_stat_seq_open(struct inode *inode, struct file *file)
2808 {
2809 int ret = seq_open(file, &neigh_stat_seq_ops);
2810
2811 if (!ret) {
2812 struct seq_file *sf = file->private_data;
2813 sf->private = PDE_DATA(inode);
2814 }
2815 return ret;
2816 };
2817
2818 static const struct file_operations neigh_stat_seq_fops = {
2819 .owner = THIS_MODULE,
2820 .open = neigh_stat_seq_open,
2821 .read = seq_read,
2822 .llseek = seq_lseek,
2823 .release = seq_release,
2824 };
2825
2826 #endif /* CONFIG_PROC_FS */
2827
2828 static inline size_t neigh_nlmsg_size(void)
2829 {
2830 return NLMSG_ALIGN(sizeof(struct ndmsg))
2831 + nla_total_size(MAX_ADDR_LEN) /* NDA_DST */
2832 + nla_total_size(MAX_ADDR_LEN) /* NDA_LLADDR */
2833 + nla_total_size(sizeof(struct nda_cacheinfo))
2834 + nla_total_size(4); /* NDA_PROBES */
2835 }
2836
2837 static void __neigh_notify(struct neighbour *n, int type, int flags)
2838 {
2839 struct net *net = dev_net(n->dev);
2840 struct sk_buff *skb;
2841 int err = -ENOBUFS;
2842
2843 skb = nlmsg_new(neigh_nlmsg_size(), GFP_ATOMIC);
2844 if (skb == NULL)
2845 goto errout;
2846
2847 err = neigh_fill_info(skb, n, 0, 0, type, flags);
2848 if (err < 0) {
2849 /* -EMSGSIZE implies BUG in neigh_nlmsg_size() */
2850 WARN_ON(err == -EMSGSIZE);
2851 kfree_skb(skb);
2852 goto errout;
2853 }
2854 rtnl_notify(skb, net, 0, RTNLGRP_NEIGH, NULL, GFP_ATOMIC);
2855 return;
2856 errout:
2857 if (err < 0)
2858 rtnl_set_sk_err(net, RTNLGRP_NEIGH, err);
2859 }
2860
2861 void neigh_app_ns(struct neighbour *n)
2862 {
2863 __neigh_notify(n, RTM_GETNEIGH, NLM_F_REQUEST);
2864 }
2865 EXPORT_SYMBOL(neigh_app_ns);
2866
2867 #ifdef CONFIG_SYSCTL
2868 static int zero;
2869 static int int_max = INT_MAX;
2870 static int unres_qlen_max = INT_MAX / SKB_TRUESIZE(ETH_FRAME_LEN);
2871
2872 static int proc_unres_qlen(struct ctl_table *ctl, int write,
2873 void __user *buffer, size_t *lenp, loff_t *ppos)
2874 {
2875 int size, ret;
2876 struct ctl_table tmp = *ctl;
2877
2878 tmp.extra1 = &zero;
2879 tmp.extra2 = &unres_qlen_max;
2880 tmp.data = &size;
2881
2882 size = *(int *)ctl->data / SKB_TRUESIZE(ETH_FRAME_LEN);
2883 ret = proc_dointvec_minmax(&tmp, write, buffer, lenp, ppos);
2884
2885 if (write && !ret)
2886 *(int *)ctl->data = size * SKB_TRUESIZE(ETH_FRAME_LEN);
2887 return ret;
2888 }
2889
2890 static struct neigh_parms *neigh_get_dev_parms_rcu(struct net_device *dev,
2891 int family)
2892 {
2893 switch (family) {
2894 case AF_INET:
2895 return __in_dev_arp_parms_get_rcu(dev);
2896 case AF_INET6:
2897 return __in6_dev_nd_parms_get_rcu(dev);
2898 }
2899 return NULL;
2900 }
2901
2902 static void neigh_copy_dflt_parms(struct net *net, struct neigh_parms *p,
2903 int index)
2904 {
2905 struct net_device *dev;
2906 int family = neigh_parms_family(p);
2907
2908 rcu_read_lock();
2909 for_each_netdev_rcu(net, dev) {
2910 struct neigh_parms *dst_p =
2911 neigh_get_dev_parms_rcu(dev, family);
2912
2913 if (dst_p && !test_bit(index, dst_p->data_state))
2914 dst_p->data[index] = p->data[index];
2915 }
2916 rcu_read_unlock();
2917 }
2918
2919 static void neigh_proc_update(struct ctl_table *ctl, int write)
2920 {
2921 struct net_device *dev = ctl->extra1;
2922 struct neigh_parms *p = ctl->extra2;
2923 struct net *net = neigh_parms_net(p);
2924 int index = (int *) ctl->data - p->data;
2925
2926 if (!write)
2927 return;
2928
2929 set_bit(index, p->data_state);
2930 call_netevent_notifiers(NETEVENT_DELAY_PROBE_TIME_UPDATE, p);
2931 if (!dev) /* NULL dev means this is default value */
2932 neigh_copy_dflt_parms(net, p, index);
2933 }
2934
2935 static int neigh_proc_dointvec_zero_intmax(struct ctl_table *ctl, int write,
2936 void __user *buffer,
2937 size_t *lenp, loff_t *ppos)
2938 {
2939 struct ctl_table tmp = *ctl;
2940 int ret;
2941
2942 tmp.extra1 = &zero;
2943 tmp.extra2 = &int_max;
2944
2945 ret = proc_dointvec_minmax(&tmp, write, buffer, lenp, ppos);
2946 neigh_proc_update(ctl, write);
2947 return ret;
2948 }
2949
2950 int neigh_proc_dointvec(struct ctl_table *ctl, int write,
2951 void __user *buffer, size_t *lenp, loff_t *ppos)
2952 {
2953 int ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
2954
2955 neigh_proc_update(ctl, write);
2956 return ret;
2957 }
2958 EXPORT_SYMBOL(neigh_proc_dointvec);
2959
2960 int neigh_proc_dointvec_jiffies(struct ctl_table *ctl, int write,
2961 void __user *buffer,
2962 size_t *lenp, loff_t *ppos)
2963 {
2964 int ret = proc_dointvec_jiffies(ctl, write, buffer, lenp, ppos);
2965
2966 neigh_proc_update(ctl, write);
2967 return ret;
2968 }
2969 EXPORT_SYMBOL(neigh_proc_dointvec_jiffies);
2970
2971 static int neigh_proc_dointvec_userhz_jiffies(struct ctl_table *ctl, int write,
2972 void __user *buffer,
2973 size_t *lenp, loff_t *ppos)
2974 {
2975 int ret = proc_dointvec_userhz_jiffies(ctl, write, buffer, lenp, ppos);
2976
2977 neigh_proc_update(ctl, write);
2978 return ret;
2979 }
2980
2981 int neigh_proc_dointvec_ms_jiffies(struct ctl_table *ctl, int write,
2982 void __user *buffer,
2983 size_t *lenp, loff_t *ppos)
2984 {
2985 int ret = proc_dointvec_ms_jiffies(ctl, write, buffer, lenp, ppos);
2986
2987 neigh_proc_update(ctl, write);
2988 return ret;
2989 }
2990 EXPORT_SYMBOL(neigh_proc_dointvec_ms_jiffies);
2991
2992 static int neigh_proc_dointvec_unres_qlen(struct ctl_table *ctl, int write,
2993 void __user *buffer,
2994 size_t *lenp, loff_t *ppos)
2995 {
2996 int ret = proc_unres_qlen(ctl, write, buffer, lenp, ppos);
2997
2998 neigh_proc_update(ctl, write);
2999 return ret;
3000 }
3001
3002 static int neigh_proc_base_reachable_time(struct ctl_table *ctl, int write,
3003 void __user *buffer,
3004 size_t *lenp, loff_t *ppos)
3005 {
3006 struct neigh_parms *p = ctl->extra2;
3007 int ret;
3008
3009 if (strcmp(ctl->procname, "base_reachable_time") == 0)
3010 ret = neigh_proc_dointvec_jiffies(ctl, write, buffer, lenp, ppos);
3011 else if (strcmp(ctl->procname, "base_reachable_time_ms") == 0)
3012 ret = neigh_proc_dointvec_ms_jiffies(ctl, write, buffer, lenp, ppos);
3013 else
3014 ret = -1;
3015
3016 if (write && ret == 0) {
3017 /* update reachable_time as well, otherwise, the change will
3018 * only be effective after the next time neigh_periodic_work
3019 * decides to recompute it
3020 */
3021 p->reachable_time =
3022 neigh_rand_reach_time(NEIGH_VAR(p, BASE_REACHABLE_TIME));
3023 }
3024 return ret;
3025 }
3026
3027 #define NEIGH_PARMS_DATA_OFFSET(index) \
3028 (&((struct neigh_parms *) 0)->data[index])
3029
3030 #define NEIGH_SYSCTL_ENTRY(attr, data_attr, name, mval, proc) \
3031 [NEIGH_VAR_ ## attr] = { \
3032 .procname = name, \
3033 .data = NEIGH_PARMS_DATA_OFFSET(NEIGH_VAR_ ## data_attr), \
3034 .maxlen = sizeof(int), \
3035 .mode = mval, \
3036 .proc_handler = proc, \
3037 }
3038
3039 #define NEIGH_SYSCTL_ZERO_INTMAX_ENTRY(attr, name) \
3040 NEIGH_SYSCTL_ENTRY(attr, attr, name, 0644, neigh_proc_dointvec_zero_intmax)
3041
3042 #define NEIGH_SYSCTL_JIFFIES_ENTRY(attr, name) \
3043 NEIGH_SYSCTL_ENTRY(attr, attr, name, 0644, neigh_proc_dointvec_jiffies)
3044
3045 #define NEIGH_SYSCTL_USERHZ_JIFFIES_ENTRY(attr, name) \
3046 NEIGH_SYSCTL_ENTRY(attr, attr, name, 0644, neigh_proc_dointvec_userhz_jiffies)
3047
3048 #define NEIGH_SYSCTL_MS_JIFFIES_ENTRY(attr, name) \
3049 NEIGH_SYSCTL_ENTRY(attr, attr, name, 0644, neigh_proc_dointvec_ms_jiffies)
3050
3051 #define NEIGH_SYSCTL_MS_JIFFIES_REUSED_ENTRY(attr, data_attr, name) \
3052 NEIGH_SYSCTL_ENTRY(attr, data_attr, name, 0644, neigh_proc_dointvec_ms_jiffies)
3053
3054 #define NEIGH_SYSCTL_UNRES_QLEN_REUSED_ENTRY(attr, data_attr, name) \
3055 NEIGH_SYSCTL_ENTRY(attr, data_attr, name, 0644, neigh_proc_dointvec_unres_qlen)
3056
3057 static struct neigh_sysctl_table {
3058 struct ctl_table_header *sysctl_header;
3059 struct ctl_table neigh_vars[NEIGH_VAR_MAX + 1];
3060 } neigh_sysctl_template __read_mostly = {
3061 .neigh_vars = {
3062 NEIGH_SYSCTL_ZERO_INTMAX_ENTRY(MCAST_PROBES, "mcast_solicit"),
3063 NEIGH_SYSCTL_ZERO_INTMAX_ENTRY(UCAST_PROBES, "ucast_solicit"),
3064 NEIGH_SYSCTL_ZERO_INTMAX_ENTRY(APP_PROBES, "app_solicit"),
3065 NEIGH_SYSCTL_ZERO_INTMAX_ENTRY(MCAST_REPROBES, "mcast_resolicit"),
3066 NEIGH_SYSCTL_USERHZ_JIFFIES_ENTRY(RETRANS_TIME, "retrans_time"),
3067 NEIGH_SYSCTL_JIFFIES_ENTRY(BASE_REACHABLE_TIME, "base_reachable_time"),
3068 NEIGH_SYSCTL_JIFFIES_ENTRY(DELAY_PROBE_TIME, "delay_first_probe_time"),
3069 NEIGH_SYSCTL_JIFFIES_ENTRY(GC_STALETIME, "gc_stale_time"),
3070 NEIGH_SYSCTL_ZERO_INTMAX_ENTRY(QUEUE_LEN_BYTES, "unres_qlen_bytes"),
3071 NEIGH_SYSCTL_ZERO_INTMAX_ENTRY(PROXY_QLEN, "proxy_qlen"),
3072 NEIGH_SYSCTL_USERHZ_JIFFIES_ENTRY(ANYCAST_DELAY, "anycast_delay"),
3073 NEIGH_SYSCTL_USERHZ_JIFFIES_ENTRY(PROXY_DELAY, "proxy_delay"),
3074 NEIGH_SYSCTL_USERHZ_JIFFIES_ENTRY(LOCKTIME, "locktime"),
3075 NEIGH_SYSCTL_UNRES_QLEN_REUSED_ENTRY(QUEUE_LEN, QUEUE_LEN_BYTES, "unres_qlen"),
3076 NEIGH_SYSCTL_MS_JIFFIES_REUSED_ENTRY(RETRANS_TIME_MS, RETRANS_TIME, "retrans_time_ms"),
3077 NEIGH_SYSCTL_MS_JIFFIES_REUSED_ENTRY(BASE_REACHABLE_TIME_MS, BASE_REACHABLE_TIME, "base_reachable_time_ms"),
3078 [NEIGH_VAR_GC_INTERVAL] = {
3079 .procname = "gc_interval",
3080 .maxlen = sizeof(int),
3081 .mode = 0644,
3082 .proc_handler = proc_dointvec_jiffies,
3083 },
3084 [NEIGH_VAR_GC_THRESH1] = {
3085 .procname = "gc_thresh1",
3086 .maxlen = sizeof(int),
3087 .mode = 0644,
3088 .extra1 = &zero,
3089 .extra2 = &int_max,
3090 .proc_handler = proc_dointvec_minmax,
3091 },
3092 [NEIGH_VAR_GC_THRESH2] = {
3093 .procname = "gc_thresh2",
3094 .maxlen = sizeof(int),
3095 .mode = 0644,
3096 .extra1 = &zero,
3097 .extra2 = &int_max,
3098 .proc_handler = proc_dointvec_minmax,
3099 },
3100 [NEIGH_VAR_GC_THRESH3] = {
3101 .procname = "gc_thresh3",
3102 .maxlen = sizeof(int),
3103 .mode = 0644,
3104 .extra1 = &zero,
3105 .extra2 = &int_max,
3106 .proc_handler = proc_dointvec_minmax,
3107 },
3108 {},
3109 },
3110 };
3111
3112 int neigh_sysctl_register(struct net_device *dev, struct neigh_parms *p,
3113 proc_handler *handler)
3114 {
3115 int i;
3116 struct neigh_sysctl_table *t;
3117 const char *dev_name_source;
3118 char neigh_path[ sizeof("net//neigh/") + IFNAMSIZ + IFNAMSIZ ];
3119 char *p_name;
3120
3121 t = kmemdup(&neigh_sysctl_template, sizeof(*t), GFP_KERNEL);
3122 if (!t)
3123 goto err;
3124
3125 for (i = 0; i < NEIGH_VAR_GC_INTERVAL; i++) {
3126 t->neigh_vars[i].data += (long) p;
3127 t->neigh_vars[i].extra1 = dev;
3128 t->neigh_vars[i].extra2 = p;
3129 }
3130
3131 if (dev) {
3132 dev_name_source = dev->name;
3133 /* Terminate the table early */
3134 memset(&t->neigh_vars[NEIGH_VAR_GC_INTERVAL], 0,
3135 sizeof(t->neigh_vars[NEIGH_VAR_GC_INTERVAL]));
3136 } else {
3137 struct neigh_table *tbl = p->tbl;
3138 dev_name_source = "default";
3139 t->neigh_vars[NEIGH_VAR_GC_INTERVAL].data = &tbl->gc_interval;
3140 t->neigh_vars[NEIGH_VAR_GC_THRESH1].data = &tbl->gc_thresh1;
3141 t->neigh_vars[NEIGH_VAR_GC_THRESH2].data = &tbl->gc_thresh2;
3142 t->neigh_vars[NEIGH_VAR_GC_THRESH3].data = &tbl->gc_thresh3;
3143 }
3144
3145 if (handler) {
3146 /* RetransTime */
3147 t->neigh_vars[NEIGH_VAR_RETRANS_TIME].proc_handler = handler;
3148 /* ReachableTime */
3149 t->neigh_vars[NEIGH_VAR_BASE_REACHABLE_TIME].proc_handler = handler;
3150 /* RetransTime (in milliseconds)*/
3151 t->neigh_vars[NEIGH_VAR_RETRANS_TIME_MS].proc_handler = handler;
3152 /* ReachableTime (in milliseconds) */
3153 t->neigh_vars[NEIGH_VAR_BASE_REACHABLE_TIME_MS].proc_handler = handler;
3154 } else {
3155 /* Those handlers will update p->reachable_time after
3156 * base_reachable_time(_ms) is set to ensure the new timer starts being
3157 * applied after the next neighbour update instead of waiting for
3158 * neigh_periodic_work to update its value (can be multiple minutes)
3159 * So any handler that replaces them should do this as well
3160 */
3161 /* ReachableTime */
3162 t->neigh_vars[NEIGH_VAR_BASE_REACHABLE_TIME].proc_handler =
3163 neigh_proc_base_reachable_time;
3164 /* ReachableTime (in milliseconds) */
3165 t->neigh_vars[NEIGH_VAR_BASE_REACHABLE_TIME_MS].proc_handler =
3166 neigh_proc_base_reachable_time;
3167 }
3168
3169 /* Don't export sysctls to unprivileged users */
3170 if (neigh_parms_net(p)->user_ns != &init_user_ns)
3171 t->neigh_vars[0].procname = NULL;
3172
3173 switch (neigh_parms_family(p)) {
3174 case AF_INET:
3175 p_name = "ipv4";
3176 break;
3177 case AF_INET6:
3178 p_name = "ipv6";
3179 break;
3180 default:
3181 BUG();
3182 }
3183
3184 snprintf(neigh_path, sizeof(neigh_path), "net/%s/neigh/%s",
3185 p_name, dev_name_source);
3186 t->sysctl_header =
3187 register_net_sysctl(neigh_parms_net(p), neigh_path, t->neigh_vars);
3188 if (!t->sysctl_header)
3189 goto free;
3190
3191 p->sysctl_table = t;
3192 return 0;
3193
3194 free:
3195 kfree(t);
3196 err:
3197 return -ENOBUFS;
3198 }
3199 EXPORT_SYMBOL(neigh_sysctl_register);
3200
3201 void neigh_sysctl_unregister(struct neigh_parms *p)
3202 {
3203 if (p->sysctl_table) {
3204 struct neigh_sysctl_table *t = p->sysctl_table;
3205 p->sysctl_table = NULL;
3206 unregister_net_sysctl_table(t->sysctl_header);
3207 kfree(t);
3208 }
3209 }
3210 EXPORT_SYMBOL(neigh_sysctl_unregister);
3211
3212 #endif /* CONFIG_SYSCTL */
3213
3214 static int __init neigh_init(void)
3215 {
3216 rtnl_register(PF_UNSPEC, RTM_NEWNEIGH, neigh_add, NULL, NULL);
3217 rtnl_register(PF_UNSPEC, RTM_DELNEIGH, neigh_delete, NULL, NULL);
3218 rtnl_register(PF_UNSPEC, RTM_GETNEIGH, NULL, neigh_dump_info, NULL);
3219
3220 rtnl_register(PF_UNSPEC, RTM_GETNEIGHTBL, NULL, neightbl_dump_info,
3221 NULL);
3222 rtnl_register(PF_UNSPEC, RTM_SETNEIGHTBL, neightbl_set, NULL, NULL);
3223
3224 return 0;
3225 }
3226
3227 subsys_initcall(neigh_init);
3228
Linux with added FPC-III support