2005-04-17 02:20:36 +04:00
|
|
|
/*
|
|
|
|
* NET3 IP device support routines.
|
|
|
|
*
|
|
|
|
* This program is free software; you can redistribute it and/or
|
|
|
|
* modify it under the terms of the GNU General Public License
|
|
|
|
* as published by the Free Software Foundation; either version
|
|
|
|
* 2 of the License, or (at your option) any later version.
|
|
|
|
*
|
|
|
|
* Derived from the IP parts of dev.c 1.0.19
|
2005-05-06 03:16:16 +04:00
|
|
|
* Authors: Ross Biro
|
2005-04-17 02:20:36 +04:00
|
|
|
* Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
|
|
|
|
* Mark Evans, <evansmp@uhura.aston.ac.uk>
|
|
|
|
*
|
|
|
|
* Additional Authors:
|
|
|
|
* Alan Cox, <gw4pts@gw4pts.ampr.org>
|
|
|
|
* Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru>
|
|
|
|
*
|
|
|
|
* Changes:
|
|
|
|
* Alexey Kuznetsov: pa_* fields are replaced with ifaddr
|
|
|
|
* lists.
|
|
|
|
* Cyrus Durgin: updated for kmod
|
|
|
|
* Matthias Andree: in devinet_ioctl, compare label and
|
|
|
|
* address (4.4BSD alias style support),
|
|
|
|
* fall back to comparing just the label
|
|
|
|
* if no match found.
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
|
|
#include <asm/uaccess.h>
|
|
|
|
#include <linux/bitops.h>
|
2006-01-11 23:17:47 +03:00
|
|
|
#include <linux/capability.h>
|
2005-04-17 02:20:36 +04:00
|
|
|
#include <linux/module.h>
|
|
|
|
#include <linux/types.h>
|
|
|
|
#include <linux/kernel.h>
|
|
|
|
#include <linux/string.h>
|
|
|
|
#include <linux/mm.h>
|
|
|
|
#include <linux/socket.h>
|
|
|
|
#include <linux/sockios.h>
|
|
|
|
#include <linux/in.h>
|
|
|
|
#include <linux/errno.h>
|
|
|
|
#include <linux/interrupt.h>
|
2006-08-05 10:04:54 +04:00
|
|
|
#include <linux/if_addr.h>
|
2005-04-17 02:20:36 +04:00
|
|
|
#include <linux/if_ether.h>
|
|
|
|
#include <linux/inet.h>
|
|
|
|
#include <linux/netdevice.h>
|
|
|
|
#include <linux/etherdevice.h>
|
|
|
|
#include <linux/skbuff.h>
|
|
|
|
#include <linux/init.h>
|
|
|
|
#include <linux/notifier.h>
|
|
|
|
#include <linux/inetdevice.h>
|
|
|
|
#include <linux/igmp.h>
|
include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h
percpu.h is included by sched.h and module.h and thus ends up being
included when building most .c files. percpu.h includes slab.h which
in turn includes gfp.h making everything defined by the two files
universally available and complicating inclusion dependencies.
percpu.h -> slab.h dependency is about to be removed. Prepare for
this change by updating users of gfp and slab facilities include those
headers directly instead of assuming availability. As this conversion
needs to touch large number of source files, the following script is
used as the basis of conversion.
http://userweb.kernel.org/~tj/misc/slabh-sweep.py
The script does the followings.
* Scan files for gfp and slab usages and update includes such that
only the necessary includes are there. ie. if only gfp is used,
gfp.h, if slab is used, slab.h.
* When the script inserts a new include, it looks at the include
blocks and try to put the new include such that its order conforms
to its surrounding. It's put in the include block which contains
core kernel includes, in the same order that the rest are ordered -
alphabetical, Christmas tree, rev-Xmas-tree or at the end if there
doesn't seem to be any matching order.
* If the script can't find a place to put a new include (mostly
because the file doesn't have fitting include block), it prints out
an error message indicating which .h file needs to be added to the
file.
The conversion was done in the following steps.
1. The initial automatic conversion of all .c files updated slightly
over 4000 files, deleting around 700 includes and adding ~480 gfp.h
and ~3000 slab.h inclusions. The script emitted errors for ~400
files.
2. Each error was manually checked. Some didn't need the inclusion,
some needed manual addition while adding it to implementation .h or
embedding .c file was more appropriate for others. This step added
inclusions to around 150 files.
3. The script was run again and the output was compared to the edits
from #2 to make sure no file was left behind.
4. Several build tests were done and a couple of problems were fixed.
e.g. lib/decompress_*.c used malloc/free() wrappers around slab
APIs requiring slab.h to be added manually.
5. The script was run on all .h files but without automatically
editing them as sprinkling gfp.h and slab.h inclusions around .h
files could easily lead to inclusion dependency hell. Most gfp.h
inclusion directives were ignored as stuff from gfp.h was usually
wildly available and often used in preprocessor macros. Each
slab.h inclusion directive was examined and added manually as
necessary.
6. percpu.h was updated not to include slab.h.
7. Build test were done on the following configurations and failures
were fixed. CONFIG_GCOV_KERNEL was turned off for all tests (as my
distributed build env didn't work with gcov compiles) and a few
more options had to be turned off depending on archs to make things
build (like ipr on powerpc/64 which failed due to missing writeq).
* x86 and x86_64 UP and SMP allmodconfig and a custom test config.
* powerpc and powerpc64 SMP allmodconfig
* sparc and sparc64 SMP allmodconfig
* ia64 SMP allmodconfig
* s390 SMP allmodconfig
* alpha SMP allmodconfig
* um on x86_64 SMP allmodconfig
8. percpu.h modifications were reverted so that it could be applied as
a separate patch and serve as bisection point.
Given the fact that I had only a couple of failures from tests on step
6, I'm fairly confident about the coverage of this conversion patch.
If there is a breakage, it's likely to be something in one of the arch
headers which should be easily discoverable easily on most builds of
the specific arch.
Signed-off-by: Tejun Heo <tj@kernel.org>
Guess-its-ok-by: Christoph Lameter <cl@linux-foundation.org>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Lee Schermerhorn <Lee.Schermerhorn@hp.com>
2010-03-24 11:04:11 +03:00
|
|
|
#include <linux/slab.h>
|
2011-02-18 23:42:28 +03:00
|
|
|
#include <linux/hash.h>
|
2005-04-17 02:20:36 +04:00
|
|
|
#ifdef CONFIG_SYSCTL
|
|
|
|
#include <linux/sysctl.h>
|
|
|
|
#endif
|
|
|
|
#include <linux/kmod.h>
|
2012-10-26 02:28:52 +04:00
|
|
|
#include <linux/netconf.h>
|
2005-04-17 02:20:36 +04:00
|
|
|
|
2005-12-27 07:43:12 +03:00
|
|
|
#include <net/arp.h>
|
2005-04-17 02:20:36 +04:00
|
|
|
#include <net/ip.h>
|
|
|
|
#include <net/route.h>
|
|
|
|
#include <net/ip_fib.h>
|
2007-03-22 21:55:17 +03:00
|
|
|
#include <net/rtnetlink.h>
|
2007-12-17 00:31:47 +03:00
|
|
|
#include <net/net_namespace.h>
|
2013-01-24 13:41:41 +04:00
|
|
|
#include <net/addrconf.h>
|
2005-04-17 02:20:36 +04:00
|
|
|
|
2011-03-23 07:56:23 +03:00
|
|
|
#include "fib_lookup.h"
|
|
|
|
|
2008-02-01 04:17:31 +03:00
|
|
|
static struct ipv4_devconf ipv4_devconf = {
|
2007-06-05 10:34:44 +04:00
|
|
|
.data = {
|
2010-02-14 06:25:51 +03:00
|
|
|
[IPV4_DEVCONF_ACCEPT_REDIRECTS - 1] = 1,
|
|
|
|
[IPV4_DEVCONF_SEND_REDIRECTS - 1] = 1,
|
|
|
|
[IPV4_DEVCONF_SECURE_REDIRECTS - 1] = 1,
|
|
|
|
[IPV4_DEVCONF_SHARED_MEDIA - 1] = 1,
|
2013-08-06 22:03:15 +04:00
|
|
|
[IPV4_DEVCONF_IGMPV2_UNSOLICITED_REPORT_INTERVAL - 1] = 10000 /*ms*/,
|
|
|
|
[IPV4_DEVCONF_IGMPV3_UNSOLICITED_REPORT_INTERVAL - 1] = 1000 /*ms*/,
|
2007-06-05 10:34:44 +04:00
|
|
|
},
|
2005-04-17 02:20:36 +04:00
|
|
|
};
|
|
|
|
|
|
|
|
static struct ipv4_devconf ipv4_devconf_dflt = {
|
2007-06-05 10:34:44 +04:00
|
|
|
.data = {
|
2010-02-14 06:25:51 +03:00
|
|
|
[IPV4_DEVCONF_ACCEPT_REDIRECTS - 1] = 1,
|
|
|
|
[IPV4_DEVCONF_SEND_REDIRECTS - 1] = 1,
|
|
|
|
[IPV4_DEVCONF_SECURE_REDIRECTS - 1] = 1,
|
|
|
|
[IPV4_DEVCONF_SHARED_MEDIA - 1] = 1,
|
|
|
|
[IPV4_DEVCONF_ACCEPT_SOURCE_ROUTE - 1] = 1,
|
2013-08-06 22:03:15 +04:00
|
|
|
[IPV4_DEVCONF_IGMPV2_UNSOLICITED_REPORT_INTERVAL - 1] = 10000 /*ms*/,
|
|
|
|
[IPV4_DEVCONF_IGMPV3_UNSOLICITED_REPORT_INTERVAL - 1] = 1000 /*ms*/,
|
2007-06-05 10:34:44 +04:00
|
|
|
},
|
2005-04-17 02:20:36 +04:00
|
|
|
};
|
|
|
|
|
2007-12-17 00:32:16 +03:00
|
|
|
#define IPV4_DEVCONF_DFLT(net, attr) \
|
|
|
|
IPV4_DEVCONF((*net->ipv4.devconf_dflt), attr)
|
2007-06-05 10:34:44 +04:00
|
|
|
|
2007-06-05 23:38:30 +04:00
|
|
|
static const struct nla_policy ifa_ipv4_policy[IFA_MAX+1] = {
|
2006-08-05 10:03:53 +04:00
|
|
|
[IFA_LOCAL] = { .type = NLA_U32 },
|
|
|
|
[IFA_ADDRESS] = { .type = NLA_U32 },
|
|
|
|
[IFA_BROADCAST] = { .type = NLA_U32 },
|
2006-08-27 07:13:18 +04:00
|
|
|
[IFA_LABEL] = { .type = NLA_STRING, .len = IFNAMSIZ - 1 },
|
2013-01-24 13:41:41 +04:00
|
|
|
[IFA_CACHEINFO] = { .len = sizeof(struct ifa_cacheinfo) },
|
2006-08-05 10:03:53 +04:00
|
|
|
};
|
|
|
|
|
2012-08-04 01:06:50 +04:00
|
|
|
#define IN4_ADDR_HSIZE_SHIFT 8
|
|
|
|
#define IN4_ADDR_HSIZE (1U << IN4_ADDR_HSIZE_SHIFT)
|
|
|
|
|
2011-02-18 23:42:28 +03:00
|
|
|
static struct hlist_head inet_addr_lst[IN4_ADDR_HSIZE];
|
|
|
|
static DEFINE_SPINLOCK(inet_addr_hash_lock);
|
|
|
|
|
2012-08-04 01:06:50 +04:00
|
|
|
static u32 inet_addr_hash(struct net *net, __be32 addr)
|
2011-02-18 23:42:28 +03:00
|
|
|
{
|
2012-08-04 01:06:50 +04:00
|
|
|
u32 val = (__force u32) addr ^ net_hash_mix(net);
|
2011-02-18 23:42:28 +03:00
|
|
|
|
2012-08-04 01:06:50 +04:00
|
|
|
return hash_32(val, IN4_ADDR_HSIZE_SHIFT);
|
2011-02-18 23:42:28 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
static void inet_hash_insert(struct net *net, struct in_ifaddr *ifa)
|
|
|
|
{
|
2012-08-04 01:06:50 +04:00
|
|
|
u32 hash = inet_addr_hash(net, ifa->ifa_local);
|
2011-02-18 23:42:28 +03:00
|
|
|
|
|
|
|
spin_lock(&inet_addr_hash_lock);
|
|
|
|
hlist_add_head_rcu(&ifa->hash, &inet_addr_lst[hash]);
|
|
|
|
spin_unlock(&inet_addr_hash_lock);
|
|
|
|
}
|
|
|
|
|
|
|
|
static void inet_hash_remove(struct in_ifaddr *ifa)
|
|
|
|
{
|
|
|
|
spin_lock(&inet_addr_hash_lock);
|
|
|
|
hlist_del_init_rcu(&ifa->hash);
|
|
|
|
spin_unlock(&inet_addr_hash_lock);
|
|
|
|
}
|
|
|
|
|
2011-02-18 23:43:09 +03:00
|
|
|
/**
|
|
|
|
* __ip_dev_find - find the first device with a given source address.
|
|
|
|
* @net: the net namespace
|
|
|
|
* @addr: the source address
|
|
|
|
* @devref: if true, take a reference on the found device
|
|
|
|
*
|
|
|
|
* If a caller uses devref=false, it should be protected by RCU, or RTNL
|
|
|
|
*/
|
|
|
|
struct net_device *__ip_dev_find(struct net *net, __be32 addr, bool devref)
|
|
|
|
{
|
2012-08-04 01:06:50 +04:00
|
|
|
u32 hash = inet_addr_hash(net, addr);
|
2011-02-18 23:43:09 +03:00
|
|
|
struct net_device *result = NULL;
|
|
|
|
struct in_ifaddr *ifa;
|
|
|
|
|
|
|
|
rcu_read_lock();
|
hlist: drop the node parameter from iterators
I'm not sure why, but the hlist for each entry iterators were conceived
list_for_each_entry(pos, head, member)
The hlist ones were greedy and wanted an extra parameter:
hlist_for_each_entry(tpos, pos, head, member)
Why did they need an extra pos parameter? I'm not quite sure. Not only
they don't really need it, it also prevents the iterator from looking
exactly like the list iterator, which is unfortunate.
Besides the semantic patch, there was some manual work required:
- Fix up the actual hlist iterators in linux/list.h
- Fix up the declaration of other iterators based on the hlist ones.
- A very small amount of places were using the 'node' parameter, this
was modified to use 'obj->member' instead.
- Coccinelle didn't handle the hlist_for_each_entry_safe iterator
properly, so those had to be fixed up manually.
The semantic patch which is mostly the work of Peter Senna Tschudin is here:
@@
iterator name hlist_for_each_entry, hlist_for_each_entry_continue, hlist_for_each_entry_from, hlist_for_each_entry_rcu, hlist_for_each_entry_rcu_bh, hlist_for_each_entry_continue_rcu_bh, for_each_busy_worker, ax25_uid_for_each, ax25_for_each, inet_bind_bucket_for_each, sctp_for_each_hentry, sk_for_each, sk_for_each_rcu, sk_for_each_from, sk_for_each_safe, sk_for_each_bound, hlist_for_each_entry_safe, hlist_for_each_entry_continue_rcu, nr_neigh_for_each, nr_neigh_for_each_safe, nr_node_for_each, nr_node_for_each_safe, for_each_gfn_indirect_valid_sp, for_each_gfn_sp, for_each_host;
type T;
expression a,c,d,e;
identifier b;
statement S;
@@
-T b;
<+... when != b
(
hlist_for_each_entry(a,
- b,
c, d) S
|
hlist_for_each_entry_continue(a,
- b,
c) S
|
hlist_for_each_entry_from(a,
- b,
c) S
|
hlist_for_each_entry_rcu(a,
- b,
c, d) S
|
hlist_for_each_entry_rcu_bh(a,
- b,
c, d) S
|
hlist_for_each_entry_continue_rcu_bh(a,
- b,
c) S
|
for_each_busy_worker(a, c,
- b,
d) S
|
ax25_uid_for_each(a,
- b,
c) S
|
ax25_for_each(a,
- b,
c) S
|
inet_bind_bucket_for_each(a,
- b,
c) S
|
sctp_for_each_hentry(a,
- b,
c) S
|
sk_for_each(a,
- b,
c) S
|
sk_for_each_rcu(a,
- b,
c) S
|
sk_for_each_from
-(a, b)
+(a)
S
+ sk_for_each_from(a) S
|
sk_for_each_safe(a,
- b,
c, d) S
|
sk_for_each_bound(a,
- b,
c) S
|
hlist_for_each_entry_safe(a,
- b,
c, d, e) S
|
hlist_for_each_entry_continue_rcu(a,
- b,
c) S
|
nr_neigh_for_each(a,
- b,
c) S
|
nr_neigh_for_each_safe(a,
- b,
c, d) S
|
nr_node_for_each(a,
- b,
c) S
|
nr_node_for_each_safe(a,
- b,
c, d) S
|
- for_each_gfn_sp(a, c, d, b) S
+ for_each_gfn_sp(a, c, d) S
|
- for_each_gfn_indirect_valid_sp(a, c, d, b) S
+ for_each_gfn_indirect_valid_sp(a, c, d) S
|
for_each_host(a,
- b,
c) S
|
for_each_host_safe(a,
- b,
c, d) S
|
for_each_mesh_entry(a,
- b,
c, d) S
)
...+>
[akpm@linux-foundation.org: drop bogus change from net/ipv4/raw.c]
[akpm@linux-foundation.org: drop bogus hunk from net/ipv6/raw.c]
[akpm@linux-foundation.org: checkpatch fixes]
[akpm@linux-foundation.org: fix warnings]
[akpm@linux-foudnation.org: redo intrusive kvm changes]
Tested-by: Peter Senna Tschudin <peter.senna@gmail.com>
Acked-by: Paul E. McKenney <paulmck@linux.vnet.ibm.com>
Signed-off-by: Sasha Levin <sasha.levin@oracle.com>
Cc: Wu Fengguang <fengguang.wu@intel.com>
Cc: Marcelo Tosatti <mtosatti@redhat.com>
Cc: Gleb Natapov <gleb@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2013-02-28 05:06:00 +04:00
|
|
|
hlist_for_each_entry_rcu(ifa, &inet_addr_lst[hash], hash) {
|
2011-03-03 22:24:19 +03:00
|
|
|
if (ifa->ifa_local == addr) {
|
2012-08-04 01:06:50 +04:00
|
|
|
struct net_device *dev = ifa->ifa_dev->dev;
|
|
|
|
|
|
|
|
if (!net_eq(dev_net(dev), net))
|
|
|
|
continue;
|
2011-02-18 23:43:09 +03:00
|
|
|
result = dev;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
2011-03-23 07:56:23 +03:00
|
|
|
if (!result) {
|
|
|
|
struct flowi4 fl4 = { .daddr = addr };
|
|
|
|
struct fib_result res = { 0 };
|
|
|
|
struct fib_table *local;
|
|
|
|
|
|
|
|
/* Fallback to FIB local table so that communication
|
|
|
|
* over loopback subnets work.
|
|
|
|
*/
|
|
|
|
local = fib_get_table(net, RT_TABLE_LOCAL);
|
|
|
|
if (local &&
|
|
|
|
!fib_table_lookup(local, &fl4, &res, FIB_LOOKUP_NOREF) &&
|
|
|
|
res.type == RTN_LOCAL)
|
|
|
|
result = FIB_RES_DEV(res);
|
|
|
|
}
|
2011-02-18 23:43:09 +03:00
|
|
|
if (result && devref)
|
|
|
|
dev_hold(result);
|
|
|
|
rcu_read_unlock();
|
|
|
|
return result;
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL(__ip_dev_find);
|
|
|
|
|
2006-08-15 11:33:59 +04:00
|
|
|
static void rtmsg_ifa(int event, struct in_ifaddr *, struct nlmsghdr *, u32);
|
2005-04-17 02:20:36 +04:00
|
|
|
|
[PATCH] Notifier chain update: API changes
The kernel's implementation of notifier chains is unsafe. There is no
protection against entries being added to or removed from a chain while the
chain is in use. The issues were discussed in this thread:
http://marc.theaimsgroup.com/?l=linux-kernel&m=113018709002036&w=2
We noticed that notifier chains in the kernel fall into two basic usage
classes:
"Blocking" chains are always called from a process context
and the callout routines are allowed to sleep;
"Atomic" chains can be called from an atomic context and
the callout routines are not allowed to sleep.
We decided to codify this distinction and make it part of the API. Therefore
this set of patches introduces three new, parallel APIs: one for blocking
notifiers, one for atomic notifiers, and one for "raw" notifiers (which is
really just the old API under a new name). New kinds of data structures are
used for the heads of the chains, and new routines are defined for
registration, unregistration, and calling a chain. The three APIs are
explained in include/linux/notifier.h and their implementation is in
kernel/sys.c.
With atomic and blocking chains, the implementation guarantees that the chain
links will not be corrupted and that chain callers will not get messed up by
entries being added or removed. For raw chains the implementation provides no
guarantees at all; users of this API must provide their own protections. (The
idea was that situations may come up where the assumptions of the atomic and
blocking APIs are not appropriate, so it should be possible for users to
handle these things in their own way.)
There are some limitations, which should not be too hard to live with. For
atomic/blocking chains, registration and unregistration must always be done in
a process context since the chain is protected by a mutex/rwsem. Also, a
callout routine for a non-raw chain must not try to register or unregister
entries on its own chain. (This did happen in a couple of places and the code
had to be changed to avoid it.)
Since atomic chains may be called from within an NMI handler, they cannot use
spinlocks for synchronization. Instead we use RCU. The overhead falls almost
entirely in the unregister routine, which is okay since unregistration is much
less frequent that calling a chain.
Here is the list of chains that we adjusted and their classifications. None
of them use the raw API, so for the moment it is only a placeholder.
ATOMIC CHAINS
-------------
arch/i386/kernel/traps.c: i386die_chain
arch/ia64/kernel/traps.c: ia64die_chain
arch/powerpc/kernel/traps.c: powerpc_die_chain
arch/sparc64/kernel/traps.c: sparc64die_chain
arch/x86_64/kernel/traps.c: die_chain
drivers/char/ipmi/ipmi_si_intf.c: xaction_notifier_list
kernel/panic.c: panic_notifier_list
kernel/profile.c: task_free_notifier
net/bluetooth/hci_core.c: hci_notifier
net/ipv4/netfilter/ip_conntrack_core.c: ip_conntrack_chain
net/ipv4/netfilter/ip_conntrack_core.c: ip_conntrack_expect_chain
net/ipv6/addrconf.c: inet6addr_chain
net/netfilter/nf_conntrack_core.c: nf_conntrack_chain
net/netfilter/nf_conntrack_core.c: nf_conntrack_expect_chain
net/netlink/af_netlink.c: netlink_chain
BLOCKING CHAINS
---------------
arch/powerpc/platforms/pseries/reconfig.c: pSeries_reconfig_chain
arch/s390/kernel/process.c: idle_chain
arch/x86_64/kernel/process.c idle_notifier
drivers/base/memory.c: memory_chain
drivers/cpufreq/cpufreq.c cpufreq_policy_notifier_list
drivers/cpufreq/cpufreq.c cpufreq_transition_notifier_list
drivers/macintosh/adb.c: adb_client_list
drivers/macintosh/via-pmu.c sleep_notifier_list
drivers/macintosh/via-pmu68k.c sleep_notifier_list
drivers/macintosh/windfarm_core.c wf_client_list
drivers/usb/core/notify.c usb_notifier_list
drivers/video/fbmem.c fb_notifier_list
kernel/cpu.c cpu_chain
kernel/module.c module_notify_list
kernel/profile.c munmap_notifier
kernel/profile.c task_exit_notifier
kernel/sys.c reboot_notifier_list
net/core/dev.c netdev_chain
net/decnet/dn_dev.c: dnaddr_chain
net/ipv4/devinet.c: inetaddr_chain
It's possible that some of these classifications are wrong. If they are,
please let us know or submit a patch to fix them. Note that any chain that
gets called very frequently should be atomic, because the rwsem read-locking
used for blocking chains is very likely to incur cache misses on SMP systems.
(However, if the chain's callout routines may sleep then the chain cannot be
atomic.)
The patch set was written by Alan Stern and Chandra Seetharaman, incorporating
material written by Keith Owens and suggestions from Paul McKenney and Andrew
Morton.
[jes@sgi.com: restructure the notifier chain initialization macros]
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: Chandra Seetharaman <sekharan@us.ibm.com>
Signed-off-by: Jes Sorensen <jes@sgi.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-03-27 13:16:30 +04:00
|
|
|
static BLOCKING_NOTIFIER_HEAD(inetaddr_chain);
|
2005-04-17 02:20:36 +04:00
|
|
|
static void inet_del_ifa(struct in_device *in_dev, struct in_ifaddr **ifap,
|
|
|
|
int destroy);
|
|
|
|
#ifdef CONFIG_SYSCTL
|
2007-12-01 16:55:54 +03:00
|
|
|
static void devinet_sysctl_register(struct in_device *idev);
|
2007-12-11 13:17:40 +03:00
|
|
|
static void devinet_sysctl_unregister(struct in_device *idev);
|
|
|
|
#else
|
2012-08-04 01:06:50 +04:00
|
|
|
static void devinet_sysctl_register(struct in_device *idev)
|
2007-12-11 13:17:40 +03:00
|
|
|
{
|
|
|
|
}
|
2012-08-04 01:06:50 +04:00
|
|
|
static void devinet_sysctl_unregister(struct in_device *idev)
|
2007-12-11 13:17:40 +03:00
|
|
|
{
|
|
|
|
}
|
2005-04-17 02:20:36 +04:00
|
|
|
#endif
|
|
|
|
|
|
|
|
/* Locks all the inet devices. */
|
|
|
|
|
|
|
|
static struct in_ifaddr *inet_alloc_ifa(void)
|
|
|
|
{
|
2008-10-28 23:25:09 +03:00
|
|
|
return kzalloc(sizeof(struct in_ifaddr), GFP_KERNEL);
|
2005-04-17 02:20:36 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
static void inet_rcu_free_ifa(struct rcu_head *head)
|
|
|
|
{
|
|
|
|
struct in_ifaddr *ifa = container_of(head, struct in_ifaddr, rcu_head);
|
|
|
|
if (ifa->ifa_dev)
|
|
|
|
in_dev_put(ifa->ifa_dev);
|
|
|
|
kfree(ifa);
|
|
|
|
}
|
|
|
|
|
2012-08-04 01:06:50 +04:00
|
|
|
static void inet_free_ifa(struct in_ifaddr *ifa)
|
2005-04-17 02:20:36 +04:00
|
|
|
{
|
|
|
|
call_rcu(&ifa->rcu_head, inet_rcu_free_ifa);
|
|
|
|
}
|
|
|
|
|
|
|
|
void in_dev_finish_destroy(struct in_device *idev)
|
|
|
|
{
|
|
|
|
struct net_device *dev = idev->dev;
|
|
|
|
|
2008-07-26 08:43:18 +04:00
|
|
|
WARN_ON(idev->ifa_list);
|
|
|
|
WARN_ON(idev->mc_list);
|
2013-06-07 19:48:57 +04:00
|
|
|
kfree(rcu_dereference_protected(idev->mc_hash, 1));
|
2005-04-17 02:20:36 +04:00
|
|
|
#ifdef NET_REFCNT_DEBUG
|
2012-05-15 18:11:54 +04:00
|
|
|
pr_debug("%s: %p=%s\n", __func__, idev, dev ? dev->name : "NIL");
|
2005-04-17 02:20:36 +04:00
|
|
|
#endif
|
|
|
|
dev_put(dev);
|
|
|
|
if (!idev->dead)
|
2009-11-05 09:05:10 +03:00
|
|
|
pr_err("Freeing alive in_device %p\n", idev);
|
|
|
|
else
|
2005-04-17 02:20:36 +04:00
|
|
|
kfree(idev);
|
|
|
|
}
|
2009-11-05 09:05:10 +03:00
|
|
|
EXPORT_SYMBOL(in_dev_finish_destroy);
|
2005-04-17 02:20:36 +04:00
|
|
|
|
2007-06-05 10:36:06 +04:00
|
|
|
static struct in_device *inetdev_init(struct net_device *dev)
|
2005-04-17 02:20:36 +04:00
|
|
|
{
|
|
|
|
struct in_device *in_dev;
|
|
|
|
|
|
|
|
ASSERT_RTNL();
|
|
|
|
|
2006-07-22 01:51:30 +04:00
|
|
|
in_dev = kzalloc(sizeof(*in_dev), GFP_KERNEL);
|
2005-04-17 02:20:36 +04:00
|
|
|
if (!in_dev)
|
|
|
|
goto out;
|
2008-03-25 15:47:49 +03:00
|
|
|
memcpy(&in_dev->cnf, dev_net(dev)->ipv4.devconf_dflt,
|
2007-12-17 00:32:16 +03:00
|
|
|
sizeof(in_dev->cnf));
|
2005-04-17 02:20:36 +04:00
|
|
|
in_dev->cnf.sysctl = NULL;
|
|
|
|
in_dev->dev = dev;
|
2009-11-05 09:05:10 +03:00
|
|
|
in_dev->arp_parms = neigh_parms_alloc(dev, &arp_tbl);
|
|
|
|
if (!in_dev->arp_parms)
|
2005-04-17 02:20:36 +04:00
|
|
|
goto out_kfree;
|
2008-06-20 03:15:47 +04:00
|
|
|
if (IPV4_DEVCONF(in_dev->cnf, FORWARDING))
|
|
|
|
dev_disable_lro(dev);
|
2005-04-17 02:20:36 +04:00
|
|
|
/* Reference in_dev->dev */
|
|
|
|
dev_hold(dev);
|
2007-01-04 23:31:14 +03:00
|
|
|
/* Account for reference dev->ip_ptr (below) */
|
2005-04-17 02:20:36 +04:00
|
|
|
in_dev_hold(in_dev);
|
|
|
|
|
2007-12-01 16:55:54 +03:00
|
|
|
devinet_sysctl_register(in_dev);
|
2005-04-17 02:20:36 +04:00
|
|
|
ip_mc_init_dev(in_dev);
|
|
|
|
if (dev->flags & IFF_UP)
|
|
|
|
ip_mc_up(in_dev);
|
2007-01-10 01:38:31 +03:00
|
|
|
|
2007-01-04 23:31:14 +03:00
|
|
|
/* we can receive as soon as ip_ptr is set -- do this last */
|
2012-01-12 08:41:32 +04:00
|
|
|
rcu_assign_pointer(dev->ip_ptr, in_dev);
|
2007-01-10 01:38:31 +03:00
|
|
|
out:
|
2005-04-17 02:20:36 +04:00
|
|
|
return in_dev;
|
|
|
|
out_kfree:
|
|
|
|
kfree(in_dev);
|
|
|
|
in_dev = NULL;
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
|
|
|
|
static void in_dev_rcu_put(struct rcu_head *head)
|
|
|
|
{
|
|
|
|
struct in_device *idev = container_of(head, struct in_device, rcu_head);
|
|
|
|
in_dev_put(idev);
|
|
|
|
}
|
|
|
|
|
|
|
|
static void inetdev_destroy(struct in_device *in_dev)
|
|
|
|
{
|
|
|
|
struct in_ifaddr *ifa;
|
|
|
|
struct net_device *dev;
|
|
|
|
|
|
|
|
ASSERT_RTNL();
|
|
|
|
|
|
|
|
dev = in_dev->dev;
|
|
|
|
|
|
|
|
in_dev->dead = 1;
|
|
|
|
|
|
|
|
ip_mc_destroy_dev(in_dev);
|
|
|
|
|
|
|
|
while ((ifa = in_dev->ifa_list) != NULL) {
|
|
|
|
inet_del_ifa(in_dev, &in_dev->ifa_list, 0);
|
|
|
|
inet_free_ifa(ifa);
|
|
|
|
}
|
|
|
|
|
2011-08-01 20:19:00 +04:00
|
|
|
RCU_INIT_POINTER(dev->ip_ptr, NULL);
|
2005-04-17 02:20:36 +04:00
|
|
|
|
2007-12-11 13:17:40 +03:00
|
|
|
devinet_sysctl_unregister(in_dev);
|
2005-04-17 02:20:36 +04:00
|
|
|
neigh_parms_release(&arp_tbl, in_dev->arp_parms);
|
|
|
|
arp_ifdown(dev);
|
|
|
|
|
|
|
|
call_rcu(&in_dev->rcu_head, in_dev_rcu_put);
|
|
|
|
}
|
|
|
|
|
2006-09-27 09:13:35 +04:00
|
|
|
int inet_addr_onlink(struct in_device *in_dev, __be32 a, __be32 b)
|
2005-04-17 02:20:36 +04:00
|
|
|
{
|
|
|
|
rcu_read_lock();
|
|
|
|
for_primary_ifa(in_dev) {
|
|
|
|
if (inet_ifa_match(a, ifa)) {
|
|
|
|
if (!b || inet_ifa_match(b, ifa)) {
|
|
|
|
rcu_read_unlock();
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
} endfor_ifa(in_dev);
|
|
|
|
rcu_read_unlock();
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2006-08-15 11:33:59 +04:00
|
|
|
static void __inet_del_ifa(struct in_device *in_dev, struct in_ifaddr **ifap,
|
2012-09-08 00:12:54 +04:00
|
|
|
int destroy, struct nlmsghdr *nlh, u32 portid)
|
2005-04-17 02:20:36 +04:00
|
|
|
{
|
2005-05-30 07:23:46 +04:00
|
|
|
struct in_ifaddr *promote = NULL;
|
2005-11-23 01:47:37 +03:00
|
|
|
struct in_ifaddr *ifa, *ifa1 = *ifap;
|
|
|
|
struct in_ifaddr *last_prim = in_dev->ifa_list;
|
|
|
|
struct in_ifaddr *prev_prom = NULL;
|
|
|
|
int do_promote = IN_DEV_PROMOTE_SECONDARIES(in_dev);
|
2005-04-17 02:20:36 +04:00
|
|
|
|
|
|
|
ASSERT_RTNL();
|
|
|
|
|
2007-02-09 17:24:47 +03:00
|
|
|
/* 1. Deleting primary ifaddr forces deletion all secondaries
|
2005-05-30 07:23:46 +04:00
|
|
|
* unless alias promotion is set
|
|
|
|
**/
|
2005-04-17 02:20:36 +04:00
|
|
|
|
|
|
|
if (!(ifa1->ifa_flags & IFA_F_SECONDARY)) {
|
|
|
|
struct in_ifaddr **ifap1 = &ifa1->ifa_next;
|
|
|
|
|
|
|
|
while ((ifa = *ifap1) != NULL) {
|
2007-02-09 17:24:47 +03:00
|
|
|
if (!(ifa->ifa_flags & IFA_F_SECONDARY) &&
|
2005-11-23 01:47:37 +03:00
|
|
|
ifa1->ifa_scope <= ifa->ifa_scope)
|
|
|
|
last_prim = ifa;
|
|
|
|
|
2005-04-17 02:20:36 +04:00
|
|
|
if (!(ifa->ifa_flags & IFA_F_SECONDARY) ||
|
|
|
|
ifa1->ifa_mask != ifa->ifa_mask ||
|
|
|
|
!inet_ifa_match(ifa1->ifa_address, ifa)) {
|
|
|
|
ifap1 = &ifa->ifa_next;
|
2005-11-23 01:47:37 +03:00
|
|
|
prev_prom = ifa;
|
2005-04-17 02:20:36 +04:00
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
2005-11-23 01:47:37 +03:00
|
|
|
if (!do_promote) {
|
2011-02-18 23:42:28 +03:00
|
|
|
inet_hash_remove(ifa);
|
2005-05-30 07:23:46 +04:00
|
|
|
*ifap1 = ifa->ifa_next;
|
2005-04-17 02:20:36 +04:00
|
|
|
|
2012-09-08 00:12:54 +04:00
|
|
|
rtmsg_ifa(RTM_DELADDR, ifa, nlh, portid);
|
[PATCH] Notifier chain update: API changes
The kernel's implementation of notifier chains is unsafe. There is no
protection against entries being added to or removed from a chain while the
chain is in use. The issues were discussed in this thread:
http://marc.theaimsgroup.com/?l=linux-kernel&m=113018709002036&w=2
We noticed that notifier chains in the kernel fall into two basic usage
classes:
"Blocking" chains are always called from a process context
and the callout routines are allowed to sleep;
"Atomic" chains can be called from an atomic context and
the callout routines are not allowed to sleep.
We decided to codify this distinction and make it part of the API. Therefore
this set of patches introduces three new, parallel APIs: one for blocking
notifiers, one for atomic notifiers, and one for "raw" notifiers (which is
really just the old API under a new name). New kinds of data structures are
used for the heads of the chains, and new routines are defined for
registration, unregistration, and calling a chain. The three APIs are
explained in include/linux/notifier.h and their implementation is in
kernel/sys.c.
With atomic and blocking chains, the implementation guarantees that the chain
links will not be corrupted and that chain callers will not get messed up by
entries being added or removed. For raw chains the implementation provides no
guarantees at all; users of this API must provide their own protections. (The
idea was that situations may come up where the assumptions of the atomic and
blocking APIs are not appropriate, so it should be possible for users to
handle these things in their own way.)
There are some limitations, which should not be too hard to live with. For
atomic/blocking chains, registration and unregistration must always be done in
a process context since the chain is protected by a mutex/rwsem. Also, a
callout routine for a non-raw chain must not try to register or unregister
entries on its own chain. (This did happen in a couple of places and the code
had to be changed to avoid it.)
Since atomic chains may be called from within an NMI handler, they cannot use
spinlocks for synchronization. Instead we use RCU. The overhead falls almost
entirely in the unregister routine, which is okay since unregistration is much
less frequent that calling a chain.
Here is the list of chains that we adjusted and their classifications. None
of them use the raw API, so for the moment it is only a placeholder.
ATOMIC CHAINS
-------------
arch/i386/kernel/traps.c: i386die_chain
arch/ia64/kernel/traps.c: ia64die_chain
arch/powerpc/kernel/traps.c: powerpc_die_chain
arch/sparc64/kernel/traps.c: sparc64die_chain
arch/x86_64/kernel/traps.c: die_chain
drivers/char/ipmi/ipmi_si_intf.c: xaction_notifier_list
kernel/panic.c: panic_notifier_list
kernel/profile.c: task_free_notifier
net/bluetooth/hci_core.c: hci_notifier
net/ipv4/netfilter/ip_conntrack_core.c: ip_conntrack_chain
net/ipv4/netfilter/ip_conntrack_core.c: ip_conntrack_expect_chain
net/ipv6/addrconf.c: inet6addr_chain
net/netfilter/nf_conntrack_core.c: nf_conntrack_chain
net/netfilter/nf_conntrack_core.c: nf_conntrack_expect_chain
net/netlink/af_netlink.c: netlink_chain
BLOCKING CHAINS
---------------
arch/powerpc/platforms/pseries/reconfig.c: pSeries_reconfig_chain
arch/s390/kernel/process.c: idle_chain
arch/x86_64/kernel/process.c idle_notifier
drivers/base/memory.c: memory_chain
drivers/cpufreq/cpufreq.c cpufreq_policy_notifier_list
drivers/cpufreq/cpufreq.c cpufreq_transition_notifier_list
drivers/macintosh/adb.c: adb_client_list
drivers/macintosh/via-pmu.c sleep_notifier_list
drivers/macintosh/via-pmu68k.c sleep_notifier_list
drivers/macintosh/windfarm_core.c wf_client_list
drivers/usb/core/notify.c usb_notifier_list
drivers/video/fbmem.c fb_notifier_list
kernel/cpu.c cpu_chain
kernel/module.c module_notify_list
kernel/profile.c munmap_notifier
kernel/profile.c task_exit_notifier
kernel/sys.c reboot_notifier_list
net/core/dev.c netdev_chain
net/decnet/dn_dev.c: dnaddr_chain
net/ipv4/devinet.c: inetaddr_chain
It's possible that some of these classifications are wrong. If they are,
please let us know or submit a patch to fix them. Note that any chain that
gets called very frequently should be atomic, because the rwsem read-locking
used for blocking chains is very likely to incur cache misses on SMP systems.
(However, if the chain's callout routines may sleep then the chain cannot be
atomic.)
The patch set was written by Alan Stern and Chandra Seetharaman, incorporating
material written by Keith Owens and suggestions from Paul McKenney and Andrew
Morton.
[jes@sgi.com: restructure the notifier chain initialization macros]
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: Chandra Seetharaman <sekharan@us.ibm.com>
Signed-off-by: Jes Sorensen <jes@sgi.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-03-27 13:16:30 +04:00
|
|
|
blocking_notifier_call_chain(&inetaddr_chain,
|
|
|
|
NETDEV_DOWN, ifa);
|
2005-05-30 07:23:46 +04:00
|
|
|
inet_free_ifa(ifa);
|
|
|
|
} else {
|
|
|
|
promote = ifa;
|
|
|
|
break;
|
|
|
|
}
|
2005-04-17 02:20:36 +04:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2011-03-19 15:13:52 +03:00
|
|
|
/* On promotion all secondaries from subnet are changing
|
|
|
|
* the primary IP, we must remove all their routes silently
|
|
|
|
* and later to add them back with new prefsrc. Do this
|
|
|
|
* while all addresses are on the device list.
|
|
|
|
*/
|
|
|
|
for (ifa = promote; ifa; ifa = ifa->ifa_next) {
|
|
|
|
if (ifa1->ifa_mask == ifa->ifa_mask &&
|
|
|
|
inet_ifa_match(ifa1->ifa_address, ifa))
|
|
|
|
fib_del_ifaddr(ifa, ifa1);
|
|
|
|
}
|
|
|
|
|
2005-04-17 02:20:36 +04:00
|
|
|
/* 2. Unlink it */
|
|
|
|
|
|
|
|
*ifap = ifa1->ifa_next;
|
2011-02-18 23:42:28 +03:00
|
|
|
inet_hash_remove(ifa1);
|
2005-04-17 02:20:36 +04:00
|
|
|
|
|
|
|
/* 3. Announce address deletion */
|
|
|
|
|
|
|
|
/* Send message first, then call notifier.
|
|
|
|
At first sight, FIB update triggered by notifier
|
|
|
|
will refer to already deleted ifaddr, that could confuse
|
|
|
|
netlink listeners. It is not true: look, gated sees
|
|
|
|
that route deleted and if it still thinks that ifaddr
|
|
|
|
is valid, it will try to restore deleted routes... Grr.
|
|
|
|
So that, this order is correct.
|
|
|
|
*/
|
2012-09-08 00:12:54 +04:00
|
|
|
rtmsg_ifa(RTM_DELADDR, ifa1, nlh, portid);
|
[PATCH] Notifier chain update: API changes
The kernel's implementation of notifier chains is unsafe. There is no
protection against entries being added to or removed from a chain while the
chain is in use. The issues were discussed in this thread:
http://marc.theaimsgroup.com/?l=linux-kernel&m=113018709002036&w=2
We noticed that notifier chains in the kernel fall into two basic usage
classes:
"Blocking" chains are always called from a process context
and the callout routines are allowed to sleep;
"Atomic" chains can be called from an atomic context and
the callout routines are not allowed to sleep.
We decided to codify this distinction and make it part of the API. Therefore
this set of patches introduces three new, parallel APIs: one for blocking
notifiers, one for atomic notifiers, and one for "raw" notifiers (which is
really just the old API under a new name). New kinds of data structures are
used for the heads of the chains, and new routines are defined for
registration, unregistration, and calling a chain. The three APIs are
explained in include/linux/notifier.h and their implementation is in
kernel/sys.c.
With atomic and blocking chains, the implementation guarantees that the chain
links will not be corrupted and that chain callers will not get messed up by
entries being added or removed. For raw chains the implementation provides no
guarantees at all; users of this API must provide their own protections. (The
idea was that situations may come up where the assumptions of the atomic and
blocking APIs are not appropriate, so it should be possible for users to
handle these things in their own way.)
There are some limitations, which should not be too hard to live with. For
atomic/blocking chains, registration and unregistration must always be done in
a process context since the chain is protected by a mutex/rwsem. Also, a
callout routine for a non-raw chain must not try to register or unregister
entries on its own chain. (This did happen in a couple of places and the code
had to be changed to avoid it.)
Since atomic chains may be called from within an NMI handler, they cannot use
spinlocks for synchronization. Instead we use RCU. The overhead falls almost
entirely in the unregister routine, which is okay since unregistration is much
less frequent that calling a chain.
Here is the list of chains that we adjusted and their classifications. None
of them use the raw API, so for the moment it is only a placeholder.
ATOMIC CHAINS
-------------
arch/i386/kernel/traps.c: i386die_chain
arch/ia64/kernel/traps.c: ia64die_chain
arch/powerpc/kernel/traps.c: powerpc_die_chain
arch/sparc64/kernel/traps.c: sparc64die_chain
arch/x86_64/kernel/traps.c: die_chain
drivers/char/ipmi/ipmi_si_intf.c: xaction_notifier_list
kernel/panic.c: panic_notifier_list
kernel/profile.c: task_free_notifier
net/bluetooth/hci_core.c: hci_notifier
net/ipv4/netfilter/ip_conntrack_core.c: ip_conntrack_chain
net/ipv4/netfilter/ip_conntrack_core.c: ip_conntrack_expect_chain
net/ipv6/addrconf.c: inet6addr_chain
net/netfilter/nf_conntrack_core.c: nf_conntrack_chain
net/netfilter/nf_conntrack_core.c: nf_conntrack_expect_chain
net/netlink/af_netlink.c: netlink_chain
BLOCKING CHAINS
---------------
arch/powerpc/platforms/pseries/reconfig.c: pSeries_reconfig_chain
arch/s390/kernel/process.c: idle_chain
arch/x86_64/kernel/process.c idle_notifier
drivers/base/memory.c: memory_chain
drivers/cpufreq/cpufreq.c cpufreq_policy_notifier_list
drivers/cpufreq/cpufreq.c cpufreq_transition_notifier_list
drivers/macintosh/adb.c: adb_client_list
drivers/macintosh/via-pmu.c sleep_notifier_list
drivers/macintosh/via-pmu68k.c sleep_notifier_list
drivers/macintosh/windfarm_core.c wf_client_list
drivers/usb/core/notify.c usb_notifier_list
drivers/video/fbmem.c fb_notifier_list
kernel/cpu.c cpu_chain
kernel/module.c module_notify_list
kernel/profile.c munmap_notifier
kernel/profile.c task_exit_notifier
kernel/sys.c reboot_notifier_list
net/core/dev.c netdev_chain
net/decnet/dn_dev.c: dnaddr_chain
net/ipv4/devinet.c: inetaddr_chain
It's possible that some of these classifications are wrong. If they are,
please let us know or submit a patch to fix them. Note that any chain that
gets called very frequently should be atomic, because the rwsem read-locking
used for blocking chains is very likely to incur cache misses on SMP systems.
(However, if the chain's callout routines may sleep then the chain cannot be
atomic.)
The patch set was written by Alan Stern and Chandra Seetharaman, incorporating
material written by Keith Owens and suggestions from Paul McKenney and Andrew
Morton.
[jes@sgi.com: restructure the notifier chain initialization macros]
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: Chandra Seetharaman <sekharan@us.ibm.com>
Signed-off-by: Jes Sorensen <jes@sgi.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-03-27 13:16:30 +04:00
|
|
|
blocking_notifier_call_chain(&inetaddr_chain, NETDEV_DOWN, ifa1);
|
2005-04-17 02:20:36 +04:00
|
|
|
|
2005-11-23 01:47:37 +03:00
|
|
|
if (promote) {
|
2011-03-19 15:13:54 +03:00
|
|
|
struct in_ifaddr *next_sec = promote->ifa_next;
|
2005-11-23 01:47:37 +03:00
|
|
|
|
|
|
|
if (prev_prom) {
|
|
|
|
prev_prom->ifa_next = promote->ifa_next;
|
|
|
|
promote->ifa_next = last_prim->ifa_next;
|
|
|
|
last_prim->ifa_next = promote;
|
|
|
|
}
|
2005-05-30 07:23:46 +04:00
|
|
|
|
|
|
|
promote->ifa_flags &= ~IFA_F_SECONDARY;
|
2012-09-08 00:12:54 +04:00
|
|
|
rtmsg_ifa(RTM_NEWADDR, promote, nlh, portid);
|
[PATCH] Notifier chain update: API changes
The kernel's implementation of notifier chains is unsafe. There is no
protection against entries being added to or removed from a chain while the
chain is in use. The issues were discussed in this thread:
http://marc.theaimsgroup.com/?l=linux-kernel&m=113018709002036&w=2
We noticed that notifier chains in the kernel fall into two basic usage
classes:
"Blocking" chains are always called from a process context
and the callout routines are allowed to sleep;
"Atomic" chains can be called from an atomic context and
the callout routines are not allowed to sleep.
We decided to codify this distinction and make it part of the API. Therefore
this set of patches introduces three new, parallel APIs: one for blocking
notifiers, one for atomic notifiers, and one for "raw" notifiers (which is
really just the old API under a new name). New kinds of data structures are
used for the heads of the chains, and new routines are defined for
registration, unregistration, and calling a chain. The three APIs are
explained in include/linux/notifier.h and their implementation is in
kernel/sys.c.
With atomic and blocking chains, the implementation guarantees that the chain
links will not be corrupted and that chain callers will not get messed up by
entries being added or removed. For raw chains the implementation provides no
guarantees at all; users of this API must provide their own protections. (The
idea was that situations may come up where the assumptions of the atomic and
blocking APIs are not appropriate, so it should be possible for users to
handle these things in their own way.)
There are some limitations, which should not be too hard to live with. For
atomic/blocking chains, registration and unregistration must always be done in
a process context since the chain is protected by a mutex/rwsem. Also, a
callout routine for a non-raw chain must not try to register or unregister
entries on its own chain. (This did happen in a couple of places and the code
had to be changed to avoid it.)
Since atomic chains may be called from within an NMI handler, they cannot use
spinlocks for synchronization. Instead we use RCU. The overhead falls almost
entirely in the unregister routine, which is okay since unregistration is much
less frequent that calling a chain.
Here is the list of chains that we adjusted and their classifications. None
of them use the raw API, so for the moment it is only a placeholder.
ATOMIC CHAINS
-------------
arch/i386/kernel/traps.c: i386die_chain
arch/ia64/kernel/traps.c: ia64die_chain
arch/powerpc/kernel/traps.c: powerpc_die_chain
arch/sparc64/kernel/traps.c: sparc64die_chain
arch/x86_64/kernel/traps.c: die_chain
drivers/char/ipmi/ipmi_si_intf.c: xaction_notifier_list
kernel/panic.c: panic_notifier_list
kernel/profile.c: task_free_notifier
net/bluetooth/hci_core.c: hci_notifier
net/ipv4/netfilter/ip_conntrack_core.c: ip_conntrack_chain
net/ipv4/netfilter/ip_conntrack_core.c: ip_conntrack_expect_chain
net/ipv6/addrconf.c: inet6addr_chain
net/netfilter/nf_conntrack_core.c: nf_conntrack_chain
net/netfilter/nf_conntrack_core.c: nf_conntrack_expect_chain
net/netlink/af_netlink.c: netlink_chain
BLOCKING CHAINS
---------------
arch/powerpc/platforms/pseries/reconfig.c: pSeries_reconfig_chain
arch/s390/kernel/process.c: idle_chain
arch/x86_64/kernel/process.c idle_notifier
drivers/base/memory.c: memory_chain
drivers/cpufreq/cpufreq.c cpufreq_policy_notifier_list
drivers/cpufreq/cpufreq.c cpufreq_transition_notifier_list
drivers/macintosh/adb.c: adb_client_list
drivers/macintosh/via-pmu.c sleep_notifier_list
drivers/macintosh/via-pmu68k.c sleep_notifier_list
drivers/macintosh/windfarm_core.c wf_client_list
drivers/usb/core/notify.c usb_notifier_list
drivers/video/fbmem.c fb_notifier_list
kernel/cpu.c cpu_chain
kernel/module.c module_notify_list
kernel/profile.c munmap_notifier
kernel/profile.c task_exit_notifier
kernel/sys.c reboot_notifier_list
net/core/dev.c netdev_chain
net/decnet/dn_dev.c: dnaddr_chain
net/ipv4/devinet.c: inetaddr_chain
It's possible that some of these classifications are wrong. If they are,
please let us know or submit a patch to fix them. Note that any chain that
gets called very frequently should be atomic, because the rwsem read-locking
used for blocking chains is very likely to incur cache misses on SMP systems.
(However, if the chain's callout routines may sleep then the chain cannot be
atomic.)
The patch set was written by Alan Stern and Chandra Seetharaman, incorporating
material written by Keith Owens and suggestions from Paul McKenney and Andrew
Morton.
[jes@sgi.com: restructure the notifier chain initialization macros]
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: Chandra Seetharaman <sekharan@us.ibm.com>
Signed-off-by: Jes Sorensen <jes@sgi.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-03-27 13:16:30 +04:00
|
|
|
blocking_notifier_call_chain(&inetaddr_chain,
|
|
|
|
NETDEV_UP, promote);
|
2011-03-19 15:13:54 +03:00
|
|
|
for (ifa = next_sec; ifa; ifa = ifa->ifa_next) {
|
2005-11-23 01:47:37 +03:00
|
|
|
if (ifa1->ifa_mask != ifa->ifa_mask ||
|
|
|
|
!inet_ifa_match(ifa1->ifa_address, ifa))
|
|
|
|
continue;
|
|
|
|
fib_add_ifaddr(ifa);
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
2007-06-08 05:35:38 +04:00
|
|
|
if (destroy)
|
2005-11-23 01:47:37 +03:00
|
|
|
inet_free_ifa(ifa1);
|
2005-04-17 02:20:36 +04:00
|
|
|
}
|
|
|
|
|
2006-08-15 11:33:59 +04:00
|
|
|
static void inet_del_ifa(struct in_device *in_dev, struct in_ifaddr **ifap,
|
|
|
|
int destroy)
|
|
|
|
{
|
|
|
|
__inet_del_ifa(in_dev, ifap, destroy, NULL, 0);
|
|
|
|
}
|
|
|
|
|
2013-01-24 13:41:41 +04:00
|
|
|
static void check_lifetime(struct work_struct *work);
|
|
|
|
|
|
|
|
static DECLARE_DELAYED_WORK(check_lifetime_work, check_lifetime);
|
|
|
|
|
2006-08-15 11:33:59 +04:00
|
|
|
static int __inet_insert_ifa(struct in_ifaddr *ifa, struct nlmsghdr *nlh,
|
2012-09-08 00:12:54 +04:00
|
|
|
u32 portid)
|
2005-04-17 02:20:36 +04:00
|
|
|
{
|
|
|
|
struct in_device *in_dev = ifa->ifa_dev;
|
|
|
|
struct in_ifaddr *ifa1, **ifap, **last_primary;
|
|
|
|
|
|
|
|
ASSERT_RTNL();
|
|
|
|
|
|
|
|
if (!ifa->ifa_local) {
|
|
|
|
inet_free_ifa(ifa);
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
ifa->ifa_flags &= ~IFA_F_SECONDARY;
|
|
|
|
last_primary = &in_dev->ifa_list;
|
|
|
|
|
|
|
|
for (ifap = &in_dev->ifa_list; (ifa1 = *ifap) != NULL;
|
|
|
|
ifap = &ifa1->ifa_next) {
|
|
|
|
if (!(ifa1->ifa_flags & IFA_F_SECONDARY) &&
|
|
|
|
ifa->ifa_scope <= ifa1->ifa_scope)
|
|
|
|
last_primary = &ifa1->ifa_next;
|
|
|
|
if (ifa1->ifa_mask == ifa->ifa_mask &&
|
|
|
|
inet_ifa_match(ifa1->ifa_address, ifa)) {
|
|
|
|
if (ifa1->ifa_local == ifa->ifa_local) {
|
|
|
|
inet_free_ifa(ifa);
|
|
|
|
return -EEXIST;
|
|
|
|
}
|
|
|
|
if (ifa1->ifa_scope != ifa->ifa_scope) {
|
|
|
|
inet_free_ifa(ifa);
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
ifa->ifa_flags |= IFA_F_SECONDARY;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!(ifa->ifa_flags & IFA_F_SECONDARY)) {
|
|
|
|
net_srandom(ifa->ifa_local);
|
|
|
|
ifap = last_primary;
|
|
|
|
}
|
|
|
|
|
|
|
|
ifa->ifa_next = *ifap;
|
|
|
|
*ifap = ifa;
|
|
|
|
|
2011-02-18 23:42:28 +03:00
|
|
|
inet_hash_insert(dev_net(in_dev->dev), ifa);
|
|
|
|
|
2013-01-24 13:41:41 +04:00
|
|
|
cancel_delayed_work(&check_lifetime_work);
|
|
|
|
schedule_delayed_work(&check_lifetime_work, 0);
|
|
|
|
|
2005-04-17 02:20:36 +04:00
|
|
|
/* Send message first, then call notifier.
|
|
|
|
Notifier will trigger FIB update, so that
|
|
|
|
listeners of netlink will know about new ifaddr */
|
2012-09-08 00:12:54 +04:00
|
|
|
rtmsg_ifa(RTM_NEWADDR, ifa, nlh, portid);
|
[PATCH] Notifier chain update: API changes
The kernel's implementation of notifier chains is unsafe. There is no
protection against entries being added to or removed from a chain while the
chain is in use. The issues were discussed in this thread:
http://marc.theaimsgroup.com/?l=linux-kernel&m=113018709002036&w=2
We noticed that notifier chains in the kernel fall into two basic usage
classes:
"Blocking" chains are always called from a process context
and the callout routines are allowed to sleep;
"Atomic" chains can be called from an atomic context and
the callout routines are not allowed to sleep.
We decided to codify this distinction and make it part of the API. Therefore
this set of patches introduces three new, parallel APIs: one for blocking
notifiers, one for atomic notifiers, and one for "raw" notifiers (which is
really just the old API under a new name). New kinds of data structures are
used for the heads of the chains, and new routines are defined for
registration, unregistration, and calling a chain. The three APIs are
explained in include/linux/notifier.h and their implementation is in
kernel/sys.c.
With atomic and blocking chains, the implementation guarantees that the chain
links will not be corrupted and that chain callers will not get messed up by
entries being added or removed. For raw chains the implementation provides no
guarantees at all; users of this API must provide their own protections. (The
idea was that situations may come up where the assumptions of the atomic and
blocking APIs are not appropriate, so it should be possible for users to
handle these things in their own way.)
There are some limitations, which should not be too hard to live with. For
atomic/blocking chains, registration and unregistration must always be done in
a process context since the chain is protected by a mutex/rwsem. Also, a
callout routine for a non-raw chain must not try to register or unregister
entries on its own chain. (This did happen in a couple of places and the code
had to be changed to avoid it.)
Since atomic chains may be called from within an NMI handler, they cannot use
spinlocks for synchronization. Instead we use RCU. The overhead falls almost
entirely in the unregister routine, which is okay since unregistration is much
less frequent that calling a chain.
Here is the list of chains that we adjusted and their classifications. None
of them use the raw API, so for the moment it is only a placeholder.
ATOMIC CHAINS
-------------
arch/i386/kernel/traps.c: i386die_chain
arch/ia64/kernel/traps.c: ia64die_chain
arch/powerpc/kernel/traps.c: powerpc_die_chain
arch/sparc64/kernel/traps.c: sparc64die_chain
arch/x86_64/kernel/traps.c: die_chain
drivers/char/ipmi/ipmi_si_intf.c: xaction_notifier_list
kernel/panic.c: panic_notifier_list
kernel/profile.c: task_free_notifier
net/bluetooth/hci_core.c: hci_notifier
net/ipv4/netfilter/ip_conntrack_core.c: ip_conntrack_chain
net/ipv4/netfilter/ip_conntrack_core.c: ip_conntrack_expect_chain
net/ipv6/addrconf.c: inet6addr_chain
net/netfilter/nf_conntrack_core.c: nf_conntrack_chain
net/netfilter/nf_conntrack_core.c: nf_conntrack_expect_chain
net/netlink/af_netlink.c: netlink_chain
BLOCKING CHAINS
---------------
arch/powerpc/platforms/pseries/reconfig.c: pSeries_reconfig_chain
arch/s390/kernel/process.c: idle_chain
arch/x86_64/kernel/process.c idle_notifier
drivers/base/memory.c: memory_chain
drivers/cpufreq/cpufreq.c cpufreq_policy_notifier_list
drivers/cpufreq/cpufreq.c cpufreq_transition_notifier_list
drivers/macintosh/adb.c: adb_client_list
drivers/macintosh/via-pmu.c sleep_notifier_list
drivers/macintosh/via-pmu68k.c sleep_notifier_list
drivers/macintosh/windfarm_core.c wf_client_list
drivers/usb/core/notify.c usb_notifier_list
drivers/video/fbmem.c fb_notifier_list
kernel/cpu.c cpu_chain
kernel/module.c module_notify_list
kernel/profile.c munmap_notifier
kernel/profile.c task_exit_notifier
kernel/sys.c reboot_notifier_list
net/core/dev.c netdev_chain
net/decnet/dn_dev.c: dnaddr_chain
net/ipv4/devinet.c: inetaddr_chain
It's possible that some of these classifications are wrong. If they are,
please let us know or submit a patch to fix them. Note that any chain that
gets called very frequently should be atomic, because the rwsem read-locking
used for blocking chains is very likely to incur cache misses on SMP systems.
(However, if the chain's callout routines may sleep then the chain cannot be
atomic.)
The patch set was written by Alan Stern and Chandra Seetharaman, incorporating
material written by Keith Owens and suggestions from Paul McKenney and Andrew
Morton.
[jes@sgi.com: restructure the notifier chain initialization macros]
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: Chandra Seetharaman <sekharan@us.ibm.com>
Signed-off-by: Jes Sorensen <jes@sgi.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-03-27 13:16:30 +04:00
|
|
|
blocking_notifier_call_chain(&inetaddr_chain, NETDEV_UP, ifa);
|
2005-04-17 02:20:36 +04:00
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2006-08-15 11:33:59 +04:00
|
|
|
static int inet_insert_ifa(struct in_ifaddr *ifa)
|
|
|
|
{
|
|
|
|
return __inet_insert_ifa(ifa, NULL, 0);
|
|
|
|
}
|
|
|
|
|
2005-04-17 02:20:36 +04:00
|
|
|
static int inet_set_ifa(struct net_device *dev, struct in_ifaddr *ifa)
|
|
|
|
{
|
2005-10-04 01:35:55 +04:00
|
|
|
struct in_device *in_dev = __in_dev_get_rtnl(dev);
|
2005-04-17 02:20:36 +04:00
|
|
|
|
|
|
|
ASSERT_RTNL();
|
|
|
|
|
|
|
|
if (!in_dev) {
|
2007-06-05 10:36:06 +04:00
|
|
|
inet_free_ifa(ifa);
|
|
|
|
return -ENOBUFS;
|
2005-04-17 02:20:36 +04:00
|
|
|
}
|
2007-06-05 10:36:06 +04:00
|
|
|
ipv4_devconf_setall(in_dev);
|
2005-04-17 02:20:36 +04:00
|
|
|
if (ifa->ifa_dev != in_dev) {
|
2008-07-26 08:43:18 +04:00
|
|
|
WARN_ON(ifa->ifa_dev);
|
2005-04-17 02:20:36 +04:00
|
|
|
in_dev_hold(in_dev);
|
|
|
|
ifa->ifa_dev = in_dev;
|
|
|
|
}
|
2007-12-17 00:45:43 +03:00
|
|
|
if (ipv4_is_loopback(ifa->ifa_local))
|
2005-04-17 02:20:36 +04:00
|
|
|
ifa->ifa_scope = RT_SCOPE_HOST;
|
|
|
|
return inet_insert_ifa(ifa);
|
|
|
|
}
|
|
|
|
|
2010-10-19 04:39:26 +04:00
|
|
|
/* Caller must hold RCU or RTNL :
|
|
|
|
* We dont take a reference on found in_device
|
|
|
|
*/
|
2008-01-22 04:32:38 +03:00
|
|
|
struct in_device *inetdev_by_index(struct net *net, int ifindex)
|
2005-04-17 02:20:36 +04:00
|
|
|
{
|
|
|
|
struct net_device *dev;
|
|
|
|
struct in_device *in_dev = NULL;
|
2009-11-01 22:23:04 +03:00
|
|
|
|
|
|
|
rcu_read_lock();
|
|
|
|
dev = dev_get_by_index_rcu(net, ifindex);
|
2005-04-17 02:20:36 +04:00
|
|
|
if (dev)
|
2010-10-19 04:39:26 +04:00
|
|
|
in_dev = rcu_dereference_rtnl(dev->ip_ptr);
|
2009-11-01 22:23:04 +03:00
|
|
|
rcu_read_unlock();
|
2005-04-17 02:20:36 +04:00
|
|
|
return in_dev;
|
|
|
|
}
|
2009-11-05 09:05:10 +03:00
|
|
|
EXPORT_SYMBOL(inetdev_by_index);
|
2005-04-17 02:20:36 +04:00
|
|
|
|
|
|
|
/* Called only from RTNL semaphored context. No locks. */
|
|
|
|
|
2006-09-27 09:17:09 +04:00
|
|
|
struct in_ifaddr *inet_ifa_byprefix(struct in_device *in_dev, __be32 prefix,
|
|
|
|
__be32 mask)
|
2005-04-17 02:20:36 +04:00
|
|
|
{
|
|
|
|
ASSERT_RTNL();
|
|
|
|
|
|
|
|
for_primary_ifa(in_dev) {
|
|
|
|
if (ifa->ifa_mask == mask && inet_ifa_match(prefix, ifa))
|
|
|
|
return ifa;
|
|
|
|
} endfor_ifa(in_dev);
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
2013-03-21 11:45:29 +04:00
|
|
|
static int inet_rtm_deladdr(struct sk_buff *skb, struct nlmsghdr *nlh)
|
2005-04-17 02:20:36 +04:00
|
|
|
{
|
2008-03-25 20:26:21 +03:00
|
|
|
struct net *net = sock_net(skb->sk);
|
2006-08-05 10:04:17 +04:00
|
|
|
struct nlattr *tb[IFA_MAX+1];
|
2005-04-17 02:20:36 +04:00
|
|
|
struct in_device *in_dev;
|
2006-08-05 10:04:17 +04:00
|
|
|
struct ifaddrmsg *ifm;
|
2005-04-17 02:20:36 +04:00
|
|
|
struct in_ifaddr *ifa, **ifap;
|
2006-08-05 10:04:17 +04:00
|
|
|
int err = -EINVAL;
|
2005-04-17 02:20:36 +04:00
|
|
|
|
|
|
|
ASSERT_RTNL();
|
|
|
|
|
2006-08-05 10:04:17 +04:00
|
|
|
err = nlmsg_parse(nlh, sizeof(*ifm), tb, IFA_MAX, ifa_ipv4_policy);
|
|
|
|
if (err < 0)
|
|
|
|
goto errout;
|
|
|
|
|
|
|
|
ifm = nlmsg_data(nlh);
|
2008-01-22 04:32:38 +03:00
|
|
|
in_dev = inetdev_by_index(net, ifm->ifa_index);
|
2006-08-05 10:04:17 +04:00
|
|
|
if (in_dev == NULL) {
|
|
|
|
err = -ENODEV;
|
|
|
|
goto errout;
|
|
|
|
}
|
|
|
|
|
2005-04-17 02:20:36 +04:00
|
|
|
for (ifap = &in_dev->ifa_list; (ifa = *ifap) != NULL;
|
|
|
|
ifap = &ifa->ifa_next) {
|
2006-08-05 10:04:17 +04:00
|
|
|
if (tb[IFA_LOCAL] &&
|
2006-09-27 09:16:43 +04:00
|
|
|
ifa->ifa_local != nla_get_be32(tb[IFA_LOCAL]))
|
2006-08-05 10:04:17 +04:00
|
|
|
continue;
|
|
|
|
|
|
|
|
if (tb[IFA_LABEL] && nla_strcmp(tb[IFA_LABEL], ifa->ifa_label))
|
2005-04-17 02:20:36 +04:00
|
|
|
continue;
|
2006-08-05 10:04:17 +04:00
|
|
|
|
|
|
|
if (tb[IFA_ADDRESS] &&
|
|
|
|
(ifm->ifa_prefixlen != ifa->ifa_prefixlen ||
|
2006-09-27 09:16:43 +04:00
|
|
|
!inet_ifa_match(nla_get_be32(tb[IFA_ADDRESS]), ifa)))
|
2006-08-05 10:04:17 +04:00
|
|
|
continue;
|
|
|
|
|
2012-09-08 00:12:54 +04:00
|
|
|
__inet_del_ifa(in_dev, ifap, 1, nlh, NETLINK_CB(skb).portid);
|
2005-04-17 02:20:36 +04:00
|
|
|
return 0;
|
|
|
|
}
|
2006-08-05 10:04:17 +04:00
|
|
|
|
|
|
|
err = -EADDRNOTAVAIL;
|
|
|
|
errout:
|
|
|
|
return err;
|
2005-04-17 02:20:36 +04:00
|
|
|
}
|
|
|
|
|
2013-01-24 13:41:41 +04:00
|
|
|
#define INFINITY_LIFE_TIME 0xFFFFFFFF
|
|
|
|
|
|
|
|
static void check_lifetime(struct work_struct *work)
|
|
|
|
{
|
|
|
|
unsigned long now, next, next_sec, next_sched;
|
|
|
|
struct in_ifaddr *ifa;
|
2013-04-05 03:39:39 +04:00
|
|
|
struct hlist_node *n;
|
2013-01-24 13:41:41 +04:00
|
|
|
int i;
|
|
|
|
|
|
|
|
now = jiffies;
|
|
|
|
next = round_jiffies_up(now + ADDR_CHECK_FREQUENCY);
|
|
|
|
|
|
|
|
for (i = 0; i < IN4_ADDR_HSIZE; i++) {
|
2013-04-05 03:39:39 +04:00
|
|
|
bool change_needed = false;
|
|
|
|
|
|
|
|
rcu_read_lock();
|
hlist: drop the node parameter from iterators
I'm not sure why, but the hlist for each entry iterators were conceived
list_for_each_entry(pos, head, member)
The hlist ones were greedy and wanted an extra parameter:
hlist_for_each_entry(tpos, pos, head, member)
Why did they need an extra pos parameter? I'm not quite sure. Not only
they don't really need it, it also prevents the iterator from looking
exactly like the list iterator, which is unfortunate.
Besides the semantic patch, there was some manual work required:
- Fix up the actual hlist iterators in linux/list.h
- Fix up the declaration of other iterators based on the hlist ones.
- A very small amount of places were using the 'node' parameter, this
was modified to use 'obj->member' instead.
- Coccinelle didn't handle the hlist_for_each_entry_safe iterator
properly, so those had to be fixed up manually.
The semantic patch which is mostly the work of Peter Senna Tschudin is here:
@@
iterator name hlist_for_each_entry, hlist_for_each_entry_continue, hlist_for_each_entry_from, hlist_for_each_entry_rcu, hlist_for_each_entry_rcu_bh, hlist_for_each_entry_continue_rcu_bh, for_each_busy_worker, ax25_uid_for_each, ax25_for_each, inet_bind_bucket_for_each, sctp_for_each_hentry, sk_for_each, sk_for_each_rcu, sk_for_each_from, sk_for_each_safe, sk_for_each_bound, hlist_for_each_entry_safe, hlist_for_each_entry_continue_rcu, nr_neigh_for_each, nr_neigh_for_each_safe, nr_node_for_each, nr_node_for_each_safe, for_each_gfn_indirect_valid_sp, for_each_gfn_sp, for_each_host;
type T;
expression a,c,d,e;
identifier b;
statement S;
@@
-T b;
<+... when != b
(
hlist_for_each_entry(a,
- b,
c, d) S
|
hlist_for_each_entry_continue(a,
- b,
c) S
|
hlist_for_each_entry_from(a,
- b,
c) S
|
hlist_for_each_entry_rcu(a,
- b,
c, d) S
|
hlist_for_each_entry_rcu_bh(a,
- b,
c, d) S
|
hlist_for_each_entry_continue_rcu_bh(a,
- b,
c) S
|
for_each_busy_worker(a, c,
- b,
d) S
|
ax25_uid_for_each(a,
- b,
c) S
|
ax25_for_each(a,
- b,
c) S
|
inet_bind_bucket_for_each(a,
- b,
c) S
|
sctp_for_each_hentry(a,
- b,
c) S
|
sk_for_each(a,
- b,
c) S
|
sk_for_each_rcu(a,
- b,
c) S
|
sk_for_each_from
-(a, b)
+(a)
S
+ sk_for_each_from(a) S
|
sk_for_each_safe(a,
- b,
c, d) S
|
sk_for_each_bound(a,
- b,
c) S
|
hlist_for_each_entry_safe(a,
- b,
c, d, e) S
|
hlist_for_each_entry_continue_rcu(a,
- b,
c) S
|
nr_neigh_for_each(a,
- b,
c) S
|
nr_neigh_for_each_safe(a,
- b,
c, d) S
|
nr_node_for_each(a,
- b,
c) S
|
nr_node_for_each_safe(a,
- b,
c, d) S
|
- for_each_gfn_sp(a, c, d, b) S
+ for_each_gfn_sp(a, c, d) S
|
- for_each_gfn_indirect_valid_sp(a, c, d, b) S
+ for_each_gfn_indirect_valid_sp(a, c, d) S
|
for_each_host(a,
- b,
c) S
|
for_each_host_safe(a,
- b,
c, d) S
|
for_each_mesh_entry(a,
- b,
c, d) S
)
...+>
[akpm@linux-foundation.org: drop bogus change from net/ipv4/raw.c]
[akpm@linux-foundation.org: drop bogus hunk from net/ipv6/raw.c]
[akpm@linux-foundation.org: checkpatch fixes]
[akpm@linux-foundation.org: fix warnings]
[akpm@linux-foudnation.org: redo intrusive kvm changes]
Tested-by: Peter Senna Tschudin <peter.senna@gmail.com>
Acked-by: Paul E. McKenney <paulmck@linux.vnet.ibm.com>
Signed-off-by: Sasha Levin <sasha.levin@oracle.com>
Cc: Wu Fengguang <fengguang.wu@intel.com>
Cc: Marcelo Tosatti <mtosatti@redhat.com>
Cc: Gleb Natapov <gleb@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2013-02-28 05:06:00 +04:00
|
|
|
hlist_for_each_entry_rcu(ifa, &inet_addr_lst[i], hash) {
|
2013-01-24 13:41:41 +04:00
|
|
|
unsigned long age;
|
|
|
|
|
|
|
|
if (ifa->ifa_flags & IFA_F_PERMANENT)
|
|
|
|
continue;
|
|
|
|
|
|
|
|
/* We try to batch several events at once. */
|
|
|
|
age = (now - ifa->ifa_tstamp +
|
|
|
|
ADDRCONF_TIMER_FUZZ_MINUS) / HZ;
|
|
|
|
|
|
|
|
if (ifa->ifa_valid_lft != INFINITY_LIFE_TIME &&
|
|
|
|
age >= ifa->ifa_valid_lft) {
|
2013-04-05 03:39:39 +04:00
|
|
|
change_needed = true;
|
2013-01-24 13:41:41 +04:00
|
|
|
} else if (ifa->ifa_preferred_lft ==
|
|
|
|
INFINITY_LIFE_TIME) {
|
|
|
|
continue;
|
|
|
|
} else if (age >= ifa->ifa_preferred_lft) {
|
|
|
|
if (time_before(ifa->ifa_tstamp +
|
|
|
|
ifa->ifa_valid_lft * HZ, next))
|
|
|
|
next = ifa->ifa_tstamp +
|
|
|
|
ifa->ifa_valid_lft * HZ;
|
|
|
|
|
2013-04-05 03:39:39 +04:00
|
|
|
if (!(ifa->ifa_flags & IFA_F_DEPRECATED))
|
|
|
|
change_needed = true;
|
2013-01-24 13:41:41 +04:00
|
|
|
} else if (time_before(ifa->ifa_tstamp +
|
|
|
|
ifa->ifa_preferred_lft * HZ,
|
|
|
|
next)) {
|
|
|
|
next = ifa->ifa_tstamp +
|
|
|
|
ifa->ifa_preferred_lft * HZ;
|
|
|
|
}
|
|
|
|
}
|
2013-04-05 03:39:39 +04:00
|
|
|
rcu_read_unlock();
|
|
|
|
if (!change_needed)
|
|
|
|
continue;
|
|
|
|
rtnl_lock();
|
|
|
|
hlist_for_each_entry_safe(ifa, n, &inet_addr_lst[i], hash) {
|
|
|
|
unsigned long age;
|
|
|
|
|
|
|
|
if (ifa->ifa_flags & IFA_F_PERMANENT)
|
|
|
|
continue;
|
|
|
|
|
|
|
|
/* We try to batch several events at once. */
|
|
|
|
age = (now - ifa->ifa_tstamp +
|
|
|
|
ADDRCONF_TIMER_FUZZ_MINUS) / HZ;
|
|
|
|
|
|
|
|
if (ifa->ifa_valid_lft != INFINITY_LIFE_TIME &&
|
|
|
|
age >= ifa->ifa_valid_lft) {
|
|
|
|
struct in_ifaddr **ifap;
|
|
|
|
|
|
|
|
for (ifap = &ifa->ifa_dev->ifa_list;
|
|
|
|
*ifap != NULL; ifap = &(*ifap)->ifa_next) {
|
|
|
|
if (*ifap == ifa) {
|
|
|
|
inet_del_ifa(ifa->ifa_dev,
|
|
|
|
ifap, 1);
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
} else if (ifa->ifa_preferred_lft !=
|
|
|
|
INFINITY_LIFE_TIME &&
|
|
|
|
age >= ifa->ifa_preferred_lft &&
|
|
|
|
!(ifa->ifa_flags & IFA_F_DEPRECATED)) {
|
|
|
|
ifa->ifa_flags |= IFA_F_DEPRECATED;
|
|
|
|
rtmsg_ifa(RTM_NEWADDR, ifa, NULL, 0);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
rtnl_unlock();
|
2013-01-24 13:41:41 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
next_sec = round_jiffies_up(next);
|
|
|
|
next_sched = next;
|
|
|
|
|
|
|
|
/* If rounded timeout is accurate enough, accept it. */
|
|
|
|
if (time_before(next_sec, next + ADDRCONF_TIMER_FUZZ))
|
|
|
|
next_sched = next_sec;
|
|
|
|
|
|
|
|
now = jiffies;
|
|
|
|
/* And minimum interval is ADDRCONF_TIMER_FUZZ_MAX. */
|
|
|
|
if (time_before(next_sched, now + ADDRCONF_TIMER_FUZZ_MAX))
|
|
|
|
next_sched = now + ADDRCONF_TIMER_FUZZ_MAX;
|
|
|
|
|
|
|
|
schedule_delayed_work(&check_lifetime_work, next_sched - now);
|
|
|
|
}
|
|
|
|
|
|
|
|
static void set_ifa_lifetime(struct in_ifaddr *ifa, __u32 valid_lft,
|
|
|
|
__u32 prefered_lft)
|
|
|
|
{
|
|
|
|
unsigned long timeout;
|
|
|
|
|
|
|
|
ifa->ifa_flags &= ~(IFA_F_PERMANENT | IFA_F_DEPRECATED);
|
|
|
|
|
|
|
|
timeout = addrconf_timeout_fixup(valid_lft, HZ);
|
|
|
|
if (addrconf_finite_timeout(timeout))
|
|
|
|
ifa->ifa_valid_lft = timeout;
|
|
|
|
else
|
|
|
|
ifa->ifa_flags |= IFA_F_PERMANENT;
|
|
|
|
|
|
|
|
timeout = addrconf_timeout_fixup(prefered_lft, HZ);
|
|
|
|
if (addrconf_finite_timeout(timeout)) {
|
|
|
|
if (timeout == 0)
|
|
|
|
ifa->ifa_flags |= IFA_F_DEPRECATED;
|
|
|
|
ifa->ifa_preferred_lft = timeout;
|
|
|
|
}
|
|
|
|
ifa->ifa_tstamp = jiffies;
|
|
|
|
if (!ifa->ifa_cstamp)
|
|
|
|
ifa->ifa_cstamp = ifa->ifa_tstamp;
|
|
|
|
}
|
|
|
|
|
|
|
|
static struct in_ifaddr *rtm_to_ifaddr(struct net *net, struct nlmsghdr *nlh,
|
|
|
|
__u32 *pvalid_lft, __u32 *pprefered_lft)
|
2005-04-17 02:20:36 +04:00
|
|
|
{
|
2006-08-05 10:03:53 +04:00
|
|
|
struct nlattr *tb[IFA_MAX+1];
|
|
|
|
struct in_ifaddr *ifa;
|
|
|
|
struct ifaddrmsg *ifm;
|
2005-04-17 02:20:36 +04:00
|
|
|
struct net_device *dev;
|
|
|
|
struct in_device *in_dev;
|
2008-02-01 05:47:00 +03:00
|
|
|
int err;
|
2005-04-17 02:20:36 +04:00
|
|
|
|
2006-08-05 10:03:53 +04:00
|
|
|
err = nlmsg_parse(nlh, sizeof(*ifm), tb, IFA_MAX, ifa_ipv4_policy);
|
|
|
|
if (err < 0)
|
|
|
|
goto errout;
|
2005-04-17 02:20:36 +04:00
|
|
|
|
2006-08-05 10:03:53 +04:00
|
|
|
ifm = nlmsg_data(nlh);
|
2008-02-01 05:47:00 +03:00
|
|
|
err = -EINVAL;
|
|
|
|
if (ifm->ifa_prefixlen > 32 || tb[IFA_LOCAL] == NULL)
|
2006-08-05 10:03:53 +04:00
|
|
|
goto errout;
|
2005-04-17 02:20:36 +04:00
|
|
|
|
2008-02-01 05:47:40 +03:00
|
|
|
dev = __dev_get_by_index(net, ifm->ifa_index);
|
2008-02-01 05:47:00 +03:00
|
|
|
err = -ENODEV;
|
|
|
|
if (dev == NULL)
|
2006-08-05 10:03:53 +04:00
|
|
|
goto errout;
|
2005-04-17 02:20:36 +04:00
|
|
|
|
2006-08-05 10:03:53 +04:00
|
|
|
in_dev = __in_dev_get_rtnl(dev);
|
2008-02-01 05:47:00 +03:00
|
|
|
err = -ENOBUFS;
|
|
|
|
if (in_dev == NULL)
|
2007-06-05 10:36:06 +04:00
|
|
|
goto errout;
|
2005-04-17 02:20:36 +04:00
|
|
|
|
2006-08-05 10:03:53 +04:00
|
|
|
ifa = inet_alloc_ifa();
|
2008-02-01 05:47:00 +03:00
|
|
|
if (ifa == NULL)
|
2006-08-05 10:03:53 +04:00
|
|
|
/*
|
|
|
|
* A potential indev allocation can be left alive, it stays
|
|
|
|
* assigned to its device and is destroy with it.
|
|
|
|
*/
|
|
|
|
goto errout;
|
|
|
|
|
2007-12-08 10:55:43 +03:00
|
|
|
ipv4_devconf_setall(in_dev);
|
2006-08-05 10:03:53 +04:00
|
|
|
in_dev_hold(in_dev);
|
|
|
|
|
|
|
|
if (tb[IFA_ADDRESS] == NULL)
|
|
|
|
tb[IFA_ADDRESS] = tb[IFA_LOCAL];
|
2005-04-17 02:20:36 +04:00
|
|
|
|
2011-02-18 23:42:28 +03:00
|
|
|
INIT_HLIST_NODE(&ifa->hash);
|
2005-04-17 02:20:36 +04:00
|
|
|
ifa->ifa_prefixlen = ifm->ifa_prefixlen;
|
|
|
|
ifa->ifa_mask = inet_make_mask(ifm->ifa_prefixlen);
|
|
|
|
ifa->ifa_flags = ifm->ifa_flags;
|
|
|
|
ifa->ifa_scope = ifm->ifa_scope;
|
2006-08-05 10:03:53 +04:00
|
|
|
ifa->ifa_dev = in_dev;
|
|
|
|
|
2006-09-27 09:16:43 +04:00
|
|
|
ifa->ifa_local = nla_get_be32(tb[IFA_LOCAL]);
|
|
|
|
ifa->ifa_address = nla_get_be32(tb[IFA_ADDRESS]);
|
2006-08-05 10:03:53 +04:00
|
|
|
|
|
|
|
if (tb[IFA_BROADCAST])
|
2006-09-27 09:16:43 +04:00
|
|
|
ifa->ifa_broadcast = nla_get_be32(tb[IFA_BROADCAST]);
|
2006-08-05 10:03:53 +04:00
|
|
|
|
|
|
|
if (tb[IFA_LABEL])
|
|
|
|
nla_strlcpy(ifa->ifa_label, tb[IFA_LABEL], IFNAMSIZ);
|
2005-04-17 02:20:36 +04:00
|
|
|
else
|
|
|
|
memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
|
|
|
|
|
2013-01-24 13:41:41 +04:00
|
|
|
if (tb[IFA_CACHEINFO]) {
|
|
|
|
struct ifa_cacheinfo *ci;
|
|
|
|
|
|
|
|
ci = nla_data(tb[IFA_CACHEINFO]);
|
|
|
|
if (!ci->ifa_valid || ci->ifa_prefered > ci->ifa_valid) {
|
|
|
|
err = -EINVAL;
|
2013-08-02 13:32:43 +04:00
|
|
|
goto errout_free;
|
2013-01-24 13:41:41 +04:00
|
|
|
}
|
|
|
|
*pvalid_lft = ci->ifa_valid;
|
|
|
|
*pprefered_lft = ci->ifa_prefered;
|
|
|
|
}
|
|
|
|
|
2006-08-05 10:03:53 +04:00
|
|
|
return ifa;
|
|
|
|
|
2013-08-02 13:32:43 +04:00
|
|
|
errout_free:
|
|
|
|
inet_free_ifa(ifa);
|
2006-08-05 10:03:53 +04:00
|
|
|
errout:
|
|
|
|
return ERR_PTR(err);
|
|
|
|
}
|
|
|
|
|
2013-01-24 13:41:41 +04:00
|
|
|
static struct in_ifaddr *find_matching_ifa(struct in_ifaddr *ifa)
|
|
|
|
{
|
|
|
|
struct in_device *in_dev = ifa->ifa_dev;
|
|
|
|
struct in_ifaddr *ifa1, **ifap;
|
|
|
|
|
|
|
|
if (!ifa->ifa_local)
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
for (ifap = &in_dev->ifa_list; (ifa1 = *ifap) != NULL;
|
|
|
|
ifap = &ifa1->ifa_next) {
|
|
|
|
if (ifa1->ifa_mask == ifa->ifa_mask &&
|
|
|
|
inet_ifa_match(ifa1->ifa_address, ifa) &&
|
|
|
|
ifa1->ifa_local == ifa->ifa_local)
|
|
|
|
return ifa1;
|
|
|
|
}
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
2013-03-21 11:45:29 +04:00
|
|
|
static int inet_rtm_newaddr(struct sk_buff *skb, struct nlmsghdr *nlh)
|
2006-08-05 10:03:53 +04:00
|
|
|
{
|
2008-03-25 20:26:21 +03:00
|
|
|
struct net *net = sock_net(skb->sk);
|
2006-08-05 10:03:53 +04:00
|
|
|
struct in_ifaddr *ifa;
|
2013-01-24 13:41:41 +04:00
|
|
|
struct in_ifaddr *ifa_existing;
|
|
|
|
__u32 valid_lft = INFINITY_LIFE_TIME;
|
|
|
|
__u32 prefered_lft = INFINITY_LIFE_TIME;
|
2006-08-05 10:03:53 +04:00
|
|
|
|
|
|
|
ASSERT_RTNL();
|
|
|
|
|
2013-01-24 13:41:41 +04:00
|
|
|
ifa = rtm_to_ifaddr(net, nlh, &valid_lft, &prefered_lft);
|
2006-08-05 10:03:53 +04:00
|
|
|
if (IS_ERR(ifa))
|
|
|
|
return PTR_ERR(ifa);
|
|
|
|
|
2013-01-24 13:41:41 +04:00
|
|
|
ifa_existing = find_matching_ifa(ifa);
|
|
|
|
if (!ifa_existing) {
|
|
|
|
/* It would be best to check for !NLM_F_CREATE here but
|
|
|
|
* userspace alreay relies on not having to provide this.
|
|
|
|
*/
|
|
|
|
set_ifa_lifetime(ifa, valid_lft, prefered_lft);
|
|
|
|
return __inet_insert_ifa(ifa, nlh, NETLINK_CB(skb).portid);
|
|
|
|
} else {
|
|
|
|
inet_free_ifa(ifa);
|
|
|
|
|
|
|
|
if (nlh->nlmsg_flags & NLM_F_EXCL ||
|
|
|
|
!(nlh->nlmsg_flags & NLM_F_REPLACE))
|
|
|
|
return -EEXIST;
|
2013-04-04 12:33:00 +04:00
|
|
|
ifa = ifa_existing;
|
|
|
|
set_ifa_lifetime(ifa, valid_lft, prefered_lft);
|
2013-04-05 03:39:38 +04:00
|
|
|
cancel_delayed_work(&check_lifetime_work);
|
|
|
|
schedule_delayed_work(&check_lifetime_work, 0);
|
2013-04-04 12:33:00 +04:00
|
|
|
rtmsg_ifa(RTM_NEWADDR, ifa, nlh, NETLINK_CB(skb).portid);
|
|
|
|
blocking_notifier_call_chain(&inetaddr_chain, NETDEV_UP, ifa);
|
2013-01-24 13:41:41 +04:00
|
|
|
}
|
|
|
|
return 0;
|
2005-04-17 02:20:36 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Determine a default network mask, based on the IP address.
|
|
|
|
*/
|
|
|
|
|
2012-08-04 01:06:50 +04:00
|
|
|
static int inet_abc_len(__be32 addr)
|
2005-04-17 02:20:36 +04:00
|
|
|
{
|
|
|
|
int rc = -1; /* Something else, probably a multicast. */
|
|
|
|
|
2007-12-17 00:45:43 +03:00
|
|
|
if (ipv4_is_zeronet(addr))
|
2007-02-09 17:24:47 +03:00
|
|
|
rc = 0;
|
2005-04-17 02:20:36 +04:00
|
|
|
else {
|
2006-11-15 07:51:49 +03:00
|
|
|
__u32 haddr = ntohl(addr);
|
2005-04-17 02:20:36 +04:00
|
|
|
|
2006-11-15 07:51:49 +03:00
|
|
|
if (IN_CLASSA(haddr))
|
2005-04-17 02:20:36 +04:00
|
|
|
rc = 8;
|
2006-11-15 07:51:49 +03:00
|
|
|
else if (IN_CLASSB(haddr))
|
2005-04-17 02:20:36 +04:00
|
|
|
rc = 16;
|
2006-11-15 07:51:49 +03:00
|
|
|
else if (IN_CLASSC(haddr))
|
2005-04-17 02:20:36 +04:00
|
|
|
rc = 24;
|
|
|
|
}
|
|
|
|
|
2007-02-09 17:24:47 +03:00
|
|
|
return rc;
|
2005-04-17 02:20:36 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
|
2008-02-29 07:51:43 +03:00
|
|
|
int devinet_ioctl(struct net *net, unsigned int cmd, void __user *arg)
|
2005-04-17 02:20:36 +04:00
|
|
|
{
|
|
|
|
struct ifreq ifr;
|
|
|
|
struct sockaddr_in sin_orig;
|
|
|
|
struct sockaddr_in *sin = (struct sockaddr_in *)&ifr.ifr_addr;
|
|
|
|
struct in_device *in_dev;
|
|
|
|
struct in_ifaddr **ifap = NULL;
|
|
|
|
struct in_ifaddr *ifa = NULL;
|
|
|
|
struct net_device *dev;
|
|
|
|
char *colon;
|
|
|
|
int ret = -EFAULT;
|
|
|
|
int tryaddrmatch = 0;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Fetch the caller's info block into kernel space
|
|
|
|
*/
|
|
|
|
|
|
|
|
if (copy_from_user(&ifr, arg, sizeof(struct ifreq)))
|
|
|
|
goto out;
|
|
|
|
ifr.ifr_name[IFNAMSIZ - 1] = 0;
|
|
|
|
|
|
|
|
/* save original address for comparison */
|
|
|
|
memcpy(&sin_orig, sin, sizeof(*sin));
|
|
|
|
|
|
|
|
colon = strchr(ifr.ifr_name, ':');
|
|
|
|
if (colon)
|
|
|
|
*colon = 0;
|
|
|
|
|
2008-02-29 07:51:43 +03:00
|
|
|
dev_load(net, ifr.ifr_name);
|
2005-04-17 02:20:36 +04:00
|
|
|
|
2007-03-09 07:44:43 +03:00
|
|
|
switch (cmd) {
|
2005-04-17 02:20:36 +04:00
|
|
|
case SIOCGIFADDR: /* Get interface address */
|
|
|
|
case SIOCGIFBRDADDR: /* Get the broadcast address */
|
|
|
|
case SIOCGIFDSTADDR: /* Get the destination address */
|
|
|
|
case SIOCGIFNETMASK: /* Get the netmask for the interface */
|
|
|
|
/* Note that these ioctls will not sleep,
|
|
|
|
so that we do not impose a lock.
|
|
|
|
One day we will be forced to put shlock here (I mean SMP)
|
|
|
|
*/
|
|
|
|
tryaddrmatch = (sin_orig.sin_family == AF_INET);
|
|
|
|
memset(sin, 0, sizeof(*sin));
|
|
|
|
sin->sin_family = AF_INET;
|
|
|
|
break;
|
|
|
|
|
|
|
|
case SIOCSIFFLAGS:
|
2012-09-21 02:37:25 +04:00
|
|
|
ret = -EPERM;
|
net: Allow userns root to control ipv4
Allow an unpriviled user who has created a user namespace, and then
created a network namespace to effectively use the new network
namespace, by reducing capable(CAP_NET_ADMIN) and
capable(CAP_NET_RAW) calls to be ns_capable(net->user_ns,
CAP_NET_ADMIN), or capable(net->user_ns, CAP_NET_RAW) calls.
Settings that merely control a single network device are allowed.
Either the network device is a logical network device where
restrictions make no difference or the network device is hardware NIC
that has been explicity moved from the initial network namespace.
In general policy and network stack state changes are allowed
while resource control is left unchanged.
Allow creating raw sockets.
Allow the SIOCSARP ioctl to control the arp cache.
Allow the SIOCSIFFLAG ioctl to allow setting network device flags.
Allow the SIOCSIFADDR ioctl to allow setting a netdevice ipv4 address.
Allow the SIOCSIFBRDADDR ioctl to allow setting a netdevice ipv4 broadcast address.
Allow the SIOCSIFDSTADDR ioctl to allow setting a netdevice ipv4 destination address.
Allow the SIOCSIFNETMASK ioctl to allow setting a netdevice ipv4 netmask.
Allow the SIOCADDRT and SIOCDELRT ioctls to allow adding and deleting ipv4 routes.
Allow the SIOCADDTUNNEL, SIOCCHGTUNNEL and SIOCDELTUNNEL ioctls for
adding, changing and deleting gre tunnels.
Allow the SIOCADDTUNNEL, SIOCCHGTUNNEL and SIOCDELTUNNEL ioctls for
adding, changing and deleting ipip tunnels.
Allow the SIOCADDTUNNEL, SIOCCHGTUNNEL and SIOCDELTUNNEL ioctls for
adding, changing and deleting ipsec virtual tunnel interfaces.
Allow setting the MRT_INIT, MRT_DONE, MRT_ADD_VIF, MRT_DEL_VIF, MRT_ADD_MFC,
MRT_DEL_MFC, MRT_ASSERT, MRT_PIM, MRT_TABLE socket options on multicast routing
sockets.
Allow setting and receiving IPOPT_CIPSO, IP_OPT_SEC, IP_OPT_SID and
arbitrary ip options.
Allow setting IP_SEC_POLICY/IP_XFRM_POLICY ipv4 socket option.
Allow setting the IP_TRANSPARENT ipv4 socket option.
Allow setting the TCP_REPAIR socket option.
Allow setting the TCP_CONGESTION socket option.
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-11-16 07:03:05 +04:00
|
|
|
if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
|
2005-04-17 02:20:36 +04:00
|
|
|
goto out;
|
|
|
|
break;
|
|
|
|
case SIOCSIFADDR: /* Set interface address (and family) */
|
|
|
|
case SIOCSIFBRDADDR: /* Set the broadcast address */
|
|
|
|
case SIOCSIFDSTADDR: /* Set the destination address */
|
|
|
|
case SIOCSIFNETMASK: /* Set the netmask for the interface */
|
2012-09-21 02:37:25 +04:00
|
|
|
ret = -EPERM;
|
net: Allow userns root to control ipv4
Allow an unpriviled user who has created a user namespace, and then
created a network namespace to effectively use the new network
namespace, by reducing capable(CAP_NET_ADMIN) and
capable(CAP_NET_RAW) calls to be ns_capable(net->user_ns,
CAP_NET_ADMIN), or capable(net->user_ns, CAP_NET_RAW) calls.
Settings that merely control a single network device are allowed.
Either the network device is a logical network device where
restrictions make no difference or the network device is hardware NIC
that has been explicity moved from the initial network namespace.
In general policy and network stack state changes are allowed
while resource control is left unchanged.
Allow creating raw sockets.
Allow the SIOCSARP ioctl to control the arp cache.
Allow the SIOCSIFFLAG ioctl to allow setting network device flags.
Allow the SIOCSIFADDR ioctl to allow setting a netdevice ipv4 address.
Allow the SIOCSIFBRDADDR ioctl to allow setting a netdevice ipv4 broadcast address.
Allow the SIOCSIFDSTADDR ioctl to allow setting a netdevice ipv4 destination address.
Allow the SIOCSIFNETMASK ioctl to allow setting a netdevice ipv4 netmask.
Allow the SIOCADDRT and SIOCDELRT ioctls to allow adding and deleting ipv4 routes.
Allow the SIOCADDTUNNEL, SIOCCHGTUNNEL and SIOCDELTUNNEL ioctls for
adding, changing and deleting gre tunnels.
Allow the SIOCADDTUNNEL, SIOCCHGTUNNEL and SIOCDELTUNNEL ioctls for
adding, changing and deleting ipip tunnels.
Allow the SIOCADDTUNNEL, SIOCCHGTUNNEL and SIOCDELTUNNEL ioctls for
adding, changing and deleting ipsec virtual tunnel interfaces.
Allow setting the MRT_INIT, MRT_DONE, MRT_ADD_VIF, MRT_DEL_VIF, MRT_ADD_MFC,
MRT_DEL_MFC, MRT_ASSERT, MRT_PIM, MRT_TABLE socket options on multicast routing
sockets.
Allow setting and receiving IPOPT_CIPSO, IP_OPT_SEC, IP_OPT_SID and
arbitrary ip options.
Allow setting IP_SEC_POLICY/IP_XFRM_POLICY ipv4 socket option.
Allow setting the IP_TRANSPARENT ipv4 socket option.
Allow setting the TCP_REPAIR socket option.
Allow setting the TCP_CONGESTION socket option.
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-11-16 07:03:05 +04:00
|
|
|
if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
|
2005-04-17 02:20:36 +04:00
|
|
|
goto out;
|
|
|
|
ret = -EINVAL;
|
|
|
|
if (sin->sin_family != AF_INET)
|
|
|
|
goto out;
|
|
|
|
break;
|
|
|
|
default:
|
|
|
|
ret = -EINVAL;
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
|
|
|
|
rtnl_lock();
|
|
|
|
|
|
|
|
ret = -ENODEV;
|
2009-11-05 09:05:10 +03:00
|
|
|
dev = __dev_get_by_name(net, ifr.ifr_name);
|
|
|
|
if (!dev)
|
2005-04-17 02:20:36 +04:00
|
|
|
goto done;
|
|
|
|
|
|
|
|
if (colon)
|
|
|
|
*colon = ':';
|
|
|
|
|
2009-11-05 09:05:10 +03:00
|
|
|
in_dev = __in_dev_get_rtnl(dev);
|
|
|
|
if (in_dev) {
|
2005-04-17 02:20:36 +04:00
|
|
|
if (tryaddrmatch) {
|
|
|
|
/* Matthias Andree */
|
|
|
|
/* compare label and address (4.4BSD style) */
|
|
|
|
/* note: we only do this for a limited set of ioctls
|
|
|
|
and only if the original address family was AF_INET.
|
|
|
|
This is checked above. */
|
|
|
|
for (ifap = &in_dev->ifa_list; (ifa = *ifap) != NULL;
|
|
|
|
ifap = &ifa->ifa_next) {
|
|
|
|
if (!strcmp(ifr.ifr_name, ifa->ifa_label) &&
|
|
|
|
sin_orig.sin_addr.s_addr ==
|
2011-03-10 00:27:16 +03:00
|
|
|
ifa->ifa_local) {
|
2005-04-17 02:20:36 +04:00
|
|
|
break; /* found */
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
/* we didn't get a match, maybe the application is
|
|
|
|
4.3BSD-style and passed in junk so we fall back to
|
|
|
|
comparing just the label */
|
|
|
|
if (!ifa) {
|
|
|
|
for (ifap = &in_dev->ifa_list; (ifa = *ifap) != NULL;
|
|
|
|
ifap = &ifa->ifa_next)
|
|
|
|
if (!strcmp(ifr.ifr_name, ifa->ifa_label))
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
ret = -EADDRNOTAVAIL;
|
|
|
|
if (!ifa && cmd != SIOCSIFADDR && cmd != SIOCSIFFLAGS)
|
|
|
|
goto done;
|
|
|
|
|
2007-03-09 07:44:43 +03:00
|
|
|
switch (cmd) {
|
2005-04-17 02:20:36 +04:00
|
|
|
case SIOCGIFADDR: /* Get interface address */
|
|
|
|
sin->sin_addr.s_addr = ifa->ifa_local;
|
|
|
|
goto rarok;
|
|
|
|
|
|
|
|
case SIOCGIFBRDADDR: /* Get the broadcast address */
|
|
|
|
sin->sin_addr.s_addr = ifa->ifa_broadcast;
|
|
|
|
goto rarok;
|
|
|
|
|
|
|
|
case SIOCGIFDSTADDR: /* Get the destination address */
|
|
|
|
sin->sin_addr.s_addr = ifa->ifa_address;
|
|
|
|
goto rarok;
|
|
|
|
|
|
|
|
case SIOCGIFNETMASK: /* Get the netmask for the interface */
|
|
|
|
sin->sin_addr.s_addr = ifa->ifa_mask;
|
|
|
|
goto rarok;
|
|
|
|
|
|
|
|
case SIOCSIFFLAGS:
|
|
|
|
if (colon) {
|
|
|
|
ret = -EADDRNOTAVAIL;
|
|
|
|
if (!ifa)
|
|
|
|
break;
|
|
|
|
ret = 0;
|
|
|
|
if (!(ifr.ifr_flags & IFF_UP))
|
|
|
|
inet_del_ifa(in_dev, ifap, 1);
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
ret = dev_change_flags(dev, ifr.ifr_flags);
|
|
|
|
break;
|
|
|
|
|
|
|
|
case SIOCSIFADDR: /* Set interface address (and family) */
|
|
|
|
ret = -EINVAL;
|
|
|
|
if (inet_abc_len(sin->sin_addr.s_addr) < 0)
|
|
|
|
break;
|
|
|
|
|
|
|
|
if (!ifa) {
|
|
|
|
ret = -ENOBUFS;
|
2009-11-05 09:05:10 +03:00
|
|
|
ifa = inet_alloc_ifa();
|
|
|
|
if (!ifa)
|
2005-04-17 02:20:36 +04:00
|
|
|
break;
|
2013-01-05 15:19:24 +04:00
|
|
|
INIT_HLIST_NODE(&ifa->hash);
|
2005-04-17 02:20:36 +04:00
|
|
|
if (colon)
|
|
|
|
memcpy(ifa->ifa_label, ifr.ifr_name, IFNAMSIZ);
|
|
|
|
else
|
|
|
|
memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
|
|
|
|
} else {
|
|
|
|
ret = 0;
|
|
|
|
if (ifa->ifa_local == sin->sin_addr.s_addr)
|
|
|
|
break;
|
|
|
|
inet_del_ifa(in_dev, ifap, 0);
|
|
|
|
ifa->ifa_broadcast = 0;
|
2008-02-27 05:17:53 +03:00
|
|
|
ifa->ifa_scope = 0;
|
2005-04-17 02:20:36 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
ifa->ifa_address = ifa->ifa_local = sin->sin_addr.s_addr;
|
|
|
|
|
|
|
|
if (!(dev->flags & IFF_POINTOPOINT)) {
|
|
|
|
ifa->ifa_prefixlen = inet_abc_len(ifa->ifa_address);
|
|
|
|
ifa->ifa_mask = inet_make_mask(ifa->ifa_prefixlen);
|
|
|
|
if ((dev->flags & IFF_BROADCAST) &&
|
|
|
|
ifa->ifa_prefixlen < 31)
|
|
|
|
ifa->ifa_broadcast = ifa->ifa_address |
|
|
|
|
~ifa->ifa_mask;
|
|
|
|
} else {
|
|
|
|
ifa->ifa_prefixlen = 32;
|
|
|
|
ifa->ifa_mask = inet_make_mask(32);
|
|
|
|
}
|
2013-01-24 13:41:41 +04:00
|
|
|
set_ifa_lifetime(ifa, INFINITY_LIFE_TIME, INFINITY_LIFE_TIME);
|
2005-04-17 02:20:36 +04:00
|
|
|
ret = inet_set_ifa(dev, ifa);
|
|
|
|
break;
|
|
|
|
|
|
|
|
case SIOCSIFBRDADDR: /* Set the broadcast address */
|
|
|
|
ret = 0;
|
|
|
|
if (ifa->ifa_broadcast != sin->sin_addr.s_addr) {
|
|
|
|
inet_del_ifa(in_dev, ifap, 0);
|
|
|
|
ifa->ifa_broadcast = sin->sin_addr.s_addr;
|
|
|
|
inet_insert_ifa(ifa);
|
|
|
|
}
|
|
|
|
break;
|
|
|
|
|
|
|
|
case SIOCSIFDSTADDR: /* Set the destination address */
|
|
|
|
ret = 0;
|
|
|
|
if (ifa->ifa_address == sin->sin_addr.s_addr)
|
|
|
|
break;
|
|
|
|
ret = -EINVAL;
|
|
|
|
if (inet_abc_len(sin->sin_addr.s_addr) < 0)
|
|
|
|
break;
|
|
|
|
ret = 0;
|
|
|
|
inet_del_ifa(in_dev, ifap, 0);
|
|
|
|
ifa->ifa_address = sin->sin_addr.s_addr;
|
|
|
|
inet_insert_ifa(ifa);
|
|
|
|
break;
|
|
|
|
|
|
|
|
case SIOCSIFNETMASK: /* Set the netmask for the interface */
|
|
|
|
|
|
|
|
/*
|
|
|
|
* The mask we set must be legal.
|
|
|
|
*/
|
|
|
|
ret = -EINVAL;
|
|
|
|
if (bad_mask(sin->sin_addr.s_addr, 0))
|
|
|
|
break;
|
|
|
|
ret = 0;
|
|
|
|
if (ifa->ifa_mask != sin->sin_addr.s_addr) {
|
2006-09-29 05:00:55 +04:00
|
|
|
__be32 old_mask = ifa->ifa_mask;
|
2005-04-17 02:20:36 +04:00
|
|
|
inet_del_ifa(in_dev, ifap, 0);
|
|
|
|
ifa->ifa_mask = sin->sin_addr.s_addr;
|
|
|
|
ifa->ifa_prefixlen = inet_mask_len(ifa->ifa_mask);
|
|
|
|
|
|
|
|
/* See if current broadcast address matches
|
|
|
|
* with current netmask, then recalculate
|
|
|
|
* the broadcast address. Otherwise it's a
|
|
|
|
* funny address, so don't touch it since
|
|
|
|
* the user seems to know what (s)he's doing...
|
|
|
|
*/
|
|
|
|
if ((dev->flags & IFF_BROADCAST) &&
|
|
|
|
(ifa->ifa_prefixlen < 31) &&
|
|
|
|
(ifa->ifa_broadcast ==
|
2005-10-22 07:09:16 +04:00
|
|
|
(ifa->ifa_local|~old_mask))) {
|
2005-04-17 02:20:36 +04:00
|
|
|
ifa->ifa_broadcast = (ifa->ifa_local |
|
|
|
|
~sin->sin_addr.s_addr);
|
|
|
|
}
|
|
|
|
inet_insert_ifa(ifa);
|
|
|
|
}
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
done:
|
|
|
|
rtnl_unlock();
|
|
|
|
out:
|
|
|
|
return ret;
|
|
|
|
rarok:
|
|
|
|
rtnl_unlock();
|
|
|
|
ret = copy_to_user(arg, &ifr, sizeof(struct ifreq)) ? -EFAULT : 0;
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int inet_gifconf(struct net_device *dev, char __user *buf, int len)
|
|
|
|
{
|
2005-10-04 01:35:55 +04:00
|
|
|
struct in_device *in_dev = __in_dev_get_rtnl(dev);
|
2005-04-17 02:20:36 +04:00
|
|
|
struct in_ifaddr *ifa;
|
|
|
|
struct ifreq ifr;
|
|
|
|
int done = 0;
|
|
|
|
|
2009-11-05 09:05:10 +03:00
|
|
|
if (!in_dev)
|
2005-04-17 02:20:36 +04:00
|
|
|
goto out;
|
|
|
|
|
2009-11-05 09:05:10 +03:00
|
|
|
for (ifa = in_dev->ifa_list; ifa; ifa = ifa->ifa_next) {
|
2005-04-17 02:20:36 +04:00
|
|
|
if (!buf) {
|
|
|
|
done += sizeof(ifr);
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
if (len < (int) sizeof(ifr))
|
|
|
|
break;
|
|
|
|
memset(&ifr, 0, sizeof(struct ifreq));
|
2013-07-29 23:15:19 +04:00
|
|
|
strcpy(ifr.ifr_name, ifa->ifa_label);
|
2005-04-17 02:20:36 +04:00
|
|
|
|
|
|
|
(*(struct sockaddr_in *)&ifr.ifr_addr).sin_family = AF_INET;
|
|
|
|
(*(struct sockaddr_in *)&ifr.ifr_addr).sin_addr.s_addr =
|
|
|
|
ifa->ifa_local;
|
|
|
|
|
|
|
|
if (copy_to_user(buf, &ifr, sizeof(struct ifreq))) {
|
|
|
|
done = -EFAULT;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
buf += sizeof(struct ifreq);
|
|
|
|
len -= sizeof(struct ifreq);
|
|
|
|
done += sizeof(struct ifreq);
|
|
|
|
}
|
|
|
|
out:
|
|
|
|
return done;
|
|
|
|
}
|
|
|
|
|
2006-09-27 08:27:54 +04:00
|
|
|
__be32 inet_select_addr(const struct net_device *dev, __be32 dst, int scope)
|
2005-04-17 02:20:36 +04:00
|
|
|
{
|
2006-09-27 08:27:54 +04:00
|
|
|
__be32 addr = 0;
|
2005-04-17 02:20:36 +04:00
|
|
|
struct in_device *in_dev;
|
2008-03-25 15:47:49 +03:00
|
|
|
struct net *net = dev_net(dev);
|
2005-04-17 02:20:36 +04:00
|
|
|
|
|
|
|
rcu_read_lock();
|
2005-10-04 01:35:55 +04:00
|
|
|
in_dev = __in_dev_get_rcu(dev);
|
2005-04-17 02:20:36 +04:00
|
|
|
if (!in_dev)
|
|
|
|
goto no_in_dev;
|
|
|
|
|
|
|
|
for_primary_ifa(in_dev) {
|
|
|
|
if (ifa->ifa_scope > scope)
|
|
|
|
continue;
|
|
|
|
if (!dst || inet_ifa_match(dst, ifa)) {
|
|
|
|
addr = ifa->ifa_local;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
if (!addr)
|
|
|
|
addr = ifa->ifa_local;
|
|
|
|
} endfor_ifa(in_dev);
|
|
|
|
|
|
|
|
if (addr)
|
2009-11-04 16:43:23 +03:00
|
|
|
goto out_unlock;
|
2009-11-05 09:05:10 +03:00
|
|
|
no_in_dev:
|
2005-04-17 02:20:36 +04:00
|
|
|
|
|
|
|
/* Not loopback addresses on loopback should be preferred
|
|
|
|
in this case. It is importnat that lo is the first interface
|
|
|
|
in dev_base list.
|
|
|
|
*/
|
2009-11-04 16:43:23 +03:00
|
|
|
for_each_netdev_rcu(net, dev) {
|
2009-11-05 09:05:10 +03:00
|
|
|
in_dev = __in_dev_get_rcu(dev);
|
|
|
|
if (!in_dev)
|
2005-04-17 02:20:36 +04:00
|
|
|
continue;
|
|
|
|
|
|
|
|
for_primary_ifa(in_dev) {
|
|
|
|
if (ifa->ifa_scope != RT_SCOPE_LINK &&
|
|
|
|
ifa->ifa_scope <= scope) {
|
|
|
|
addr = ifa->ifa_local;
|
2009-11-04 16:43:23 +03:00
|
|
|
goto out_unlock;
|
2005-04-17 02:20:36 +04:00
|
|
|
}
|
|
|
|
} endfor_ifa(in_dev);
|
|
|
|
}
|
2009-11-04 16:43:23 +03:00
|
|
|
out_unlock:
|
2005-04-17 02:20:36 +04:00
|
|
|
rcu_read_unlock();
|
|
|
|
return addr;
|
|
|
|
}
|
2009-11-05 09:05:10 +03:00
|
|
|
EXPORT_SYMBOL(inet_select_addr);
|
2005-04-17 02:20:36 +04:00
|
|
|
|
2006-09-27 09:17:09 +04:00
|
|
|
static __be32 confirm_addr_indev(struct in_device *in_dev, __be32 dst,
|
|
|
|
__be32 local, int scope)
|
2005-04-17 02:20:36 +04:00
|
|
|
{
|
|
|
|
int same = 0;
|
2006-09-29 05:00:55 +04:00
|
|
|
__be32 addr = 0;
|
2005-04-17 02:20:36 +04:00
|
|
|
|
|
|
|
for_ifa(in_dev) {
|
|
|
|
if (!addr &&
|
|
|
|
(local == ifa->ifa_local || !local) &&
|
|
|
|
ifa->ifa_scope <= scope) {
|
|
|
|
addr = ifa->ifa_local;
|
|
|
|
if (same)
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
if (!same) {
|
|
|
|
same = (!local || inet_ifa_match(local, ifa)) &&
|
|
|
|
(!dst || inet_ifa_match(dst, ifa));
|
|
|
|
if (same && addr) {
|
|
|
|
if (local || !dst)
|
|
|
|
break;
|
|
|
|
/* Is the selected addr into dst subnet? */
|
|
|
|
if (inet_ifa_match(addr, ifa))
|
|
|
|
break;
|
|
|
|
/* No, then can we use new local src? */
|
|
|
|
if (ifa->ifa_scope <= scope) {
|
|
|
|
addr = ifa->ifa_local;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
/* search for large dst subnet for addr */
|
|
|
|
same = 0;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
} endfor_ifa(in_dev);
|
|
|
|
|
2009-11-05 09:05:10 +03:00
|
|
|
return same ? addr : 0;
|
2005-04-17 02:20:36 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Confirm that local IP address exists using wildcards:
|
2008-01-15 10:05:55 +03:00
|
|
|
* - in_dev: only on this interface, 0=any interface
|
2005-04-17 02:20:36 +04:00
|
|
|
* - dst: only in the same subnet as dst, 0=any dst
|
|
|
|
* - local: address, 0=autoselect the local address
|
|
|
|
* - scope: maximum allowed scope value for the local address
|
|
|
|
*/
|
2008-01-15 10:05:55 +03:00
|
|
|
__be32 inet_confirm_addr(struct in_device *in_dev,
|
|
|
|
__be32 dst, __be32 local, int scope)
|
2005-04-17 02:20:36 +04:00
|
|
|
{
|
2006-09-27 09:17:09 +04:00
|
|
|
__be32 addr = 0;
|
2008-01-15 10:05:55 +03:00
|
|
|
struct net_device *dev;
|
2008-01-15 10:06:19 +03:00
|
|
|
struct net *net;
|
2005-04-17 02:20:36 +04:00
|
|
|
|
2008-01-15 10:06:19 +03:00
|
|
|
if (scope != RT_SCOPE_LINK)
|
2008-01-15 10:05:55 +03:00
|
|
|
return confirm_addr_indev(in_dev, dst, local, scope);
|
2005-04-17 02:20:36 +04:00
|
|
|
|
2008-03-25 15:47:49 +03:00
|
|
|
net = dev_net(in_dev->dev);
|
2005-04-17 02:20:36 +04:00
|
|
|
rcu_read_lock();
|
2009-11-04 16:43:23 +03:00
|
|
|
for_each_netdev_rcu(net, dev) {
|
2009-11-05 09:05:10 +03:00
|
|
|
in_dev = __in_dev_get_rcu(dev);
|
|
|
|
if (in_dev) {
|
2005-04-17 02:20:36 +04:00
|
|
|
addr = confirm_addr_indev(in_dev, dst, local, scope);
|
|
|
|
if (addr)
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
rcu_read_unlock();
|
|
|
|
|
|
|
|
return addr;
|
|
|
|
}
|
2012-03-22 20:14:29 +04:00
|
|
|
EXPORT_SYMBOL(inet_confirm_addr);
|
2005-04-17 02:20:36 +04:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Device notifier
|
|
|
|
*/
|
|
|
|
|
|
|
|
int register_inetaddr_notifier(struct notifier_block *nb)
|
|
|
|
{
|
[PATCH] Notifier chain update: API changes
The kernel's implementation of notifier chains is unsafe. There is no
protection against entries being added to or removed from a chain while the
chain is in use. The issues were discussed in this thread:
http://marc.theaimsgroup.com/?l=linux-kernel&m=113018709002036&w=2
We noticed that notifier chains in the kernel fall into two basic usage
classes:
"Blocking" chains are always called from a process context
and the callout routines are allowed to sleep;
"Atomic" chains can be called from an atomic context and
the callout routines are not allowed to sleep.
We decided to codify this distinction and make it part of the API. Therefore
this set of patches introduces three new, parallel APIs: one for blocking
notifiers, one for atomic notifiers, and one for "raw" notifiers (which is
really just the old API under a new name). New kinds of data structures are
used for the heads of the chains, and new routines are defined for
registration, unregistration, and calling a chain. The three APIs are
explained in include/linux/notifier.h and their implementation is in
kernel/sys.c.
With atomic and blocking chains, the implementation guarantees that the chain
links will not be corrupted and that chain callers will not get messed up by
entries being added or removed. For raw chains the implementation provides no
guarantees at all; users of this API must provide their own protections. (The
idea was that situations may come up where the assumptions of the atomic and
blocking APIs are not appropriate, so it should be possible for users to
handle these things in their own way.)
There are some limitations, which should not be too hard to live with. For
atomic/blocking chains, registration and unregistration must always be done in
a process context since the chain is protected by a mutex/rwsem. Also, a
callout routine for a non-raw chain must not try to register or unregister
entries on its own chain. (This did happen in a couple of places and the code
had to be changed to avoid it.)
Since atomic chains may be called from within an NMI handler, they cannot use
spinlocks for synchronization. Instead we use RCU. The overhead falls almost
entirely in the unregister routine, which is okay since unregistration is much
less frequent that calling a chain.
Here is the list of chains that we adjusted and their classifications. None
of them use the raw API, so for the moment it is only a placeholder.
ATOMIC CHAINS
-------------
arch/i386/kernel/traps.c: i386die_chain
arch/ia64/kernel/traps.c: ia64die_chain
arch/powerpc/kernel/traps.c: powerpc_die_chain
arch/sparc64/kernel/traps.c: sparc64die_chain
arch/x86_64/kernel/traps.c: die_chain
drivers/char/ipmi/ipmi_si_intf.c: xaction_notifier_list
kernel/panic.c: panic_notifier_list
kernel/profile.c: task_free_notifier
net/bluetooth/hci_core.c: hci_notifier
net/ipv4/netfilter/ip_conntrack_core.c: ip_conntrack_chain
net/ipv4/netfilter/ip_conntrack_core.c: ip_conntrack_expect_chain
net/ipv6/addrconf.c: inet6addr_chain
net/netfilter/nf_conntrack_core.c: nf_conntrack_chain
net/netfilter/nf_conntrack_core.c: nf_conntrack_expect_chain
net/netlink/af_netlink.c: netlink_chain
BLOCKING CHAINS
---------------
arch/powerpc/platforms/pseries/reconfig.c: pSeries_reconfig_chain
arch/s390/kernel/process.c: idle_chain
arch/x86_64/kernel/process.c idle_notifier
drivers/base/memory.c: memory_chain
drivers/cpufreq/cpufreq.c cpufreq_policy_notifier_list
drivers/cpufreq/cpufreq.c cpufreq_transition_notifier_list
drivers/macintosh/adb.c: adb_client_list
drivers/macintosh/via-pmu.c sleep_notifier_list
drivers/macintosh/via-pmu68k.c sleep_notifier_list
drivers/macintosh/windfarm_core.c wf_client_list
drivers/usb/core/notify.c usb_notifier_list
drivers/video/fbmem.c fb_notifier_list
kernel/cpu.c cpu_chain
kernel/module.c module_notify_list
kernel/profile.c munmap_notifier
kernel/profile.c task_exit_notifier
kernel/sys.c reboot_notifier_list
net/core/dev.c netdev_chain
net/decnet/dn_dev.c: dnaddr_chain
net/ipv4/devinet.c: inetaddr_chain
It's possible that some of these classifications are wrong. If they are,
please let us know or submit a patch to fix them. Note that any chain that
gets called very frequently should be atomic, because the rwsem read-locking
used for blocking chains is very likely to incur cache misses on SMP systems.
(However, if the chain's callout routines may sleep then the chain cannot be
atomic.)
The patch set was written by Alan Stern and Chandra Seetharaman, incorporating
material written by Keith Owens and suggestions from Paul McKenney and Andrew
Morton.
[jes@sgi.com: restructure the notifier chain initialization macros]
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: Chandra Seetharaman <sekharan@us.ibm.com>
Signed-off-by: Jes Sorensen <jes@sgi.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-03-27 13:16:30 +04:00
|
|
|
return blocking_notifier_chain_register(&inetaddr_chain, nb);
|
2005-04-17 02:20:36 +04:00
|
|
|
}
|
2009-11-05 09:05:10 +03:00
|
|
|
EXPORT_SYMBOL(register_inetaddr_notifier);
|
2005-04-17 02:20:36 +04:00
|
|
|
|
|
|
|
int unregister_inetaddr_notifier(struct notifier_block *nb)
|
|
|
|
{
|
[PATCH] Notifier chain update: API changes
The kernel's implementation of notifier chains is unsafe. There is no
protection against entries being added to or removed from a chain while the
chain is in use. The issues were discussed in this thread:
http://marc.theaimsgroup.com/?l=linux-kernel&m=113018709002036&w=2
We noticed that notifier chains in the kernel fall into two basic usage
classes:
"Blocking" chains are always called from a process context
and the callout routines are allowed to sleep;
"Atomic" chains can be called from an atomic context and
the callout routines are not allowed to sleep.
We decided to codify this distinction and make it part of the API. Therefore
this set of patches introduces three new, parallel APIs: one for blocking
notifiers, one for atomic notifiers, and one for "raw" notifiers (which is
really just the old API under a new name). New kinds of data structures are
used for the heads of the chains, and new routines are defined for
registration, unregistration, and calling a chain. The three APIs are
explained in include/linux/notifier.h and their implementation is in
kernel/sys.c.
With atomic and blocking chains, the implementation guarantees that the chain
links will not be corrupted and that chain callers will not get messed up by
entries being added or removed. For raw chains the implementation provides no
guarantees at all; users of this API must provide their own protections. (The
idea was that situations may come up where the assumptions of the atomic and
blocking APIs are not appropriate, so it should be possible for users to
handle these things in their own way.)
There are some limitations, which should not be too hard to live with. For
atomic/blocking chains, registration and unregistration must always be done in
a process context since the chain is protected by a mutex/rwsem. Also, a
callout routine for a non-raw chain must not try to register or unregister
entries on its own chain. (This did happen in a couple of places and the code
had to be changed to avoid it.)
Since atomic chains may be called from within an NMI handler, they cannot use
spinlocks for synchronization. Instead we use RCU. The overhead falls almost
entirely in the unregister routine, which is okay since unregistration is much
less frequent that calling a chain.
Here is the list of chains that we adjusted and their classifications. None
of them use the raw API, so for the moment it is only a placeholder.
ATOMIC CHAINS
-------------
arch/i386/kernel/traps.c: i386die_chain
arch/ia64/kernel/traps.c: ia64die_chain
arch/powerpc/kernel/traps.c: powerpc_die_chain
arch/sparc64/kernel/traps.c: sparc64die_chain
arch/x86_64/kernel/traps.c: die_chain
drivers/char/ipmi/ipmi_si_intf.c: xaction_notifier_list
kernel/panic.c: panic_notifier_list
kernel/profile.c: task_free_notifier
net/bluetooth/hci_core.c: hci_notifier
net/ipv4/netfilter/ip_conntrack_core.c: ip_conntrack_chain
net/ipv4/netfilter/ip_conntrack_core.c: ip_conntrack_expect_chain
net/ipv6/addrconf.c: inet6addr_chain
net/netfilter/nf_conntrack_core.c: nf_conntrack_chain
net/netfilter/nf_conntrack_core.c: nf_conntrack_expect_chain
net/netlink/af_netlink.c: netlink_chain
BLOCKING CHAINS
---------------
arch/powerpc/platforms/pseries/reconfig.c: pSeries_reconfig_chain
arch/s390/kernel/process.c: idle_chain
arch/x86_64/kernel/process.c idle_notifier
drivers/base/memory.c: memory_chain
drivers/cpufreq/cpufreq.c cpufreq_policy_notifier_list
drivers/cpufreq/cpufreq.c cpufreq_transition_notifier_list
drivers/macintosh/adb.c: adb_client_list
drivers/macintosh/via-pmu.c sleep_notifier_list
drivers/macintosh/via-pmu68k.c sleep_notifier_list
drivers/macintosh/windfarm_core.c wf_client_list
drivers/usb/core/notify.c usb_notifier_list
drivers/video/fbmem.c fb_notifier_list
kernel/cpu.c cpu_chain
kernel/module.c module_notify_list
kernel/profile.c munmap_notifier
kernel/profile.c task_exit_notifier
kernel/sys.c reboot_notifier_list
net/core/dev.c netdev_chain
net/decnet/dn_dev.c: dnaddr_chain
net/ipv4/devinet.c: inetaddr_chain
It's possible that some of these classifications are wrong. If they are,
please let us know or submit a patch to fix them. Note that any chain that
gets called very frequently should be atomic, because the rwsem read-locking
used for blocking chains is very likely to incur cache misses on SMP systems.
(However, if the chain's callout routines may sleep then the chain cannot be
atomic.)
The patch set was written by Alan Stern and Chandra Seetharaman, incorporating
material written by Keith Owens and suggestions from Paul McKenney and Andrew
Morton.
[jes@sgi.com: restructure the notifier chain initialization macros]
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: Chandra Seetharaman <sekharan@us.ibm.com>
Signed-off-by: Jes Sorensen <jes@sgi.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-03-27 13:16:30 +04:00
|
|
|
return blocking_notifier_chain_unregister(&inetaddr_chain, nb);
|
2005-04-17 02:20:36 +04:00
|
|
|
}
|
2009-11-05 09:05:10 +03:00
|
|
|
EXPORT_SYMBOL(unregister_inetaddr_notifier);
|
2005-04-17 02:20:36 +04:00
|
|
|
|
2009-11-05 09:05:10 +03:00
|
|
|
/* Rename ifa_labels for a device name change. Make some effort to preserve
|
|
|
|
* existing alias numbering and to create unique labels if possible.
|
2005-04-17 02:20:36 +04:00
|
|
|
*/
|
|
|
|
static void inetdev_changename(struct net_device *dev, struct in_device *in_dev)
|
2007-02-09 17:24:47 +03:00
|
|
|
{
|
2005-04-17 02:20:36 +04:00
|
|
|
struct in_ifaddr *ifa;
|
|
|
|
int named = 0;
|
|
|
|
|
2007-02-09 17:24:47 +03:00
|
|
|
for (ifa = in_dev->ifa_list; ifa; ifa = ifa->ifa_next) {
|
|
|
|
char old[IFNAMSIZ], *dot;
|
2005-04-17 02:20:36 +04:00
|
|
|
|
|
|
|
memcpy(old, ifa->ifa_label, IFNAMSIZ);
|
2007-02-09 17:24:47 +03:00
|
|
|
memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
|
2005-04-17 02:20:36 +04:00
|
|
|
if (named++ == 0)
|
2008-06-11 02:40:04 +04:00
|
|
|
goto skip;
|
2008-01-04 11:56:25 +03:00
|
|
|
dot = strchr(old, ':');
|
2007-02-09 17:24:47 +03:00
|
|
|
if (dot == NULL) {
|
|
|
|
sprintf(old, ":%d", named);
|
2005-04-17 02:20:36 +04:00
|
|
|
dot = old;
|
|
|
|
}
|
2009-11-05 09:05:10 +03:00
|
|
|
if (strlen(dot) + strlen(dev->name) < IFNAMSIZ)
|
2007-02-09 17:24:47 +03:00
|
|
|
strcat(ifa->ifa_label, dot);
|
2009-11-05 09:05:10 +03:00
|
|
|
else
|
2007-02-09 17:24:47 +03:00
|
|
|
strcpy(ifa->ifa_label + (IFNAMSIZ - strlen(dot) - 1), dot);
|
2008-06-11 02:40:04 +04:00
|
|
|
skip:
|
|
|
|
rtmsg_ifa(RTM_NEWADDR, ifa, NULL, 0);
|
2007-02-09 17:24:47 +03:00
|
|
|
}
|
|
|
|
}
|
2005-04-17 02:20:36 +04:00
|
|
|
|
2012-08-04 01:06:50 +04:00
|
|
|
static bool inetdev_valid_mtu(unsigned int mtu)
|
2008-09-03 04:28:58 +04:00
|
|
|
{
|
|
|
|
return mtu >= 68;
|
|
|
|
}
|
|
|
|
|
2011-02-11 10:44:16 +03:00
|
|
|
static void inetdev_send_gratuitous_arp(struct net_device *dev,
|
|
|
|
struct in_device *in_dev)
|
|
|
|
|
|
|
|
{
|
2011-07-24 17:09:30 +04:00
|
|
|
struct in_ifaddr *ifa;
|
2011-02-11 10:44:16 +03:00
|
|
|
|
2011-07-24 17:09:30 +04:00
|
|
|
for (ifa = in_dev->ifa_list; ifa;
|
|
|
|
ifa = ifa->ifa_next) {
|
|
|
|
arp_send(ARPOP_REQUEST, ETH_P_ARP,
|
|
|
|
ifa->ifa_local, dev,
|
|
|
|
ifa->ifa_local, NULL,
|
|
|
|
dev->dev_addr, NULL);
|
|
|
|
}
|
2011-02-11 10:44:16 +03:00
|
|
|
}
|
|
|
|
|
2005-04-17 02:20:36 +04:00
|
|
|
/* Called only under RTNL semaphore */
|
|
|
|
|
|
|
|
static int inetdev_event(struct notifier_block *this, unsigned long event,
|
|
|
|
void *ptr)
|
|
|
|
{
|
2013-05-28 05:30:21 +04:00
|
|
|
struct net_device *dev = netdev_notifier_info_to_dev(ptr);
|
2012-08-23 01:50:59 +04:00
|
|
|
struct in_device *in_dev = __in_dev_get_rtnl(dev);
|
2012-08-22 21:19:46 +04:00
|
|
|
|
2005-04-17 02:20:36 +04:00
|
|
|
ASSERT_RTNL();
|
|
|
|
|
|
|
|
if (!in_dev) {
|
2007-02-21 19:53:47 +03:00
|
|
|
if (event == NETDEV_REGISTER) {
|
2005-04-17 02:20:36 +04:00
|
|
|
in_dev = inetdev_init(dev);
|
2007-07-31 04:04:52 +04:00
|
|
|
if (!in_dev)
|
|
|
|
return notifier_from_errno(-ENOMEM);
|
2007-09-27 09:10:06 +04:00
|
|
|
if (dev->flags & IFF_LOOPBACK) {
|
2007-06-05 10:34:44 +04:00
|
|
|
IN_DEV_CONF_SET(in_dev, NOXFRM, 1);
|
|
|
|
IN_DEV_CONF_SET(in_dev, NOPOLICY, 1);
|
2007-02-21 19:53:47 +03:00
|
|
|
}
|
2008-09-03 04:28:58 +04:00
|
|
|
} else if (event == NETDEV_CHANGEMTU) {
|
|
|
|
/* Re-enabling IP */
|
|
|
|
if (inetdev_valid_mtu(dev->mtu))
|
|
|
|
in_dev = inetdev_init(dev);
|
2005-04-17 02:20:36 +04:00
|
|
|
}
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
|
|
|
|
switch (event) {
|
|
|
|
case NETDEV_REGISTER:
|
2012-05-15 18:11:54 +04:00
|
|
|
pr_debug("%s: bug\n", __func__);
|
2011-08-01 20:19:00 +04:00
|
|
|
RCU_INIT_POINTER(dev->ip_ptr, NULL);
|
2005-04-17 02:20:36 +04:00
|
|
|
break;
|
|
|
|
case NETDEV_UP:
|
2008-09-03 04:28:58 +04:00
|
|
|
if (!inetdev_valid_mtu(dev->mtu))
|
2005-04-17 02:20:36 +04:00
|
|
|
break;
|
2007-09-27 09:10:06 +04:00
|
|
|
if (dev->flags & IFF_LOOPBACK) {
|
2009-11-05 09:05:10 +03:00
|
|
|
struct in_ifaddr *ifa = inet_alloc_ifa();
|
|
|
|
|
|
|
|
if (ifa) {
|
2011-02-18 23:42:28 +03:00
|
|
|
INIT_HLIST_NODE(&ifa->hash);
|
2005-04-17 02:20:36 +04:00
|
|
|
ifa->ifa_local =
|
|
|
|
ifa->ifa_address = htonl(INADDR_LOOPBACK);
|
|
|
|
ifa->ifa_prefixlen = 8;
|
|
|
|
ifa->ifa_mask = inet_make_mask(8);
|
|
|
|
in_dev_hold(in_dev);
|
|
|
|
ifa->ifa_dev = in_dev;
|
|
|
|
ifa->ifa_scope = RT_SCOPE_HOST;
|
|
|
|
memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
|
2013-01-24 13:41:41 +04:00
|
|
|
set_ifa_lifetime(ifa, INFINITY_LIFE_TIME,
|
|
|
|
INFINITY_LIFE_TIME);
|
2005-04-17 02:20:36 +04:00
|
|
|
inet_insert_ifa(ifa);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
ip_mc_up(in_dev);
|
2009-02-01 12:04:33 +03:00
|
|
|
/* fall through */
|
|
|
|
case NETDEV_CHANGEADDR:
|
2011-02-11 10:44:16 +03:00
|
|
|
if (!IN_DEV_ARP_NOTIFY(in_dev))
|
|
|
|
break;
|
|
|
|
/* fall through */
|
|
|
|
case NETDEV_NOTIFY_PEERS:
|
2009-10-07 14:18:17 +04:00
|
|
|
/* Send gratuitous ARP to notify of link change */
|
2011-02-11 10:44:16 +03:00
|
|
|
inetdev_send_gratuitous_arp(dev, in_dev);
|
2005-04-17 02:20:36 +04:00
|
|
|
break;
|
|
|
|
case NETDEV_DOWN:
|
|
|
|
ip_mc_down(in_dev);
|
|
|
|
break;
|
2010-03-10 13:28:56 +03:00
|
|
|
case NETDEV_PRE_TYPE_CHANGE:
|
2009-09-15 13:37:40 +04:00
|
|
|
ip_mc_unmap(in_dev);
|
|
|
|
break;
|
2010-03-10 13:28:56 +03:00
|
|
|
case NETDEV_POST_TYPE_CHANGE:
|
2009-09-15 13:37:40 +04:00
|
|
|
ip_mc_remap(in_dev);
|
|
|
|
break;
|
2005-04-17 02:20:36 +04:00
|
|
|
case NETDEV_CHANGEMTU:
|
2008-09-03 04:28:58 +04:00
|
|
|
if (inetdev_valid_mtu(dev->mtu))
|
2005-04-17 02:20:36 +04:00
|
|
|
break;
|
2008-09-03 04:28:58 +04:00
|
|
|
/* disable IP when MTU is not enough */
|
2005-04-17 02:20:36 +04:00
|
|
|
case NETDEV_UNREGISTER:
|
|
|
|
inetdev_destroy(in_dev);
|
|
|
|
break;
|
|
|
|
case NETDEV_CHANGENAME:
|
|
|
|
/* Do not notify about label change, this event is
|
|
|
|
* not interesting to applications using netlink.
|
|
|
|
*/
|
|
|
|
inetdev_changename(dev, in_dev);
|
|
|
|
|
2007-12-11 13:17:40 +03:00
|
|
|
devinet_sysctl_unregister(in_dev);
|
2007-12-01 16:55:54 +03:00
|
|
|
devinet_sysctl_register(in_dev);
|
2005-04-17 02:20:36 +04:00
|
|
|
break;
|
|
|
|
}
|
|
|
|
out:
|
|
|
|
return NOTIFY_DONE;
|
|
|
|
}
|
|
|
|
|
|
|
|
static struct notifier_block ip_netdev_notifier = {
|
2008-11-03 13:48:48 +03:00
|
|
|
.notifier_call = inetdev_event,
|
2005-04-17 02:20:36 +04:00
|
|
|
};
|
|
|
|
|
2012-08-04 01:06:50 +04:00
|
|
|
static size_t inet_nlmsg_size(void)
|
2006-11-11 01:10:15 +03:00
|
|
|
{
|
|
|
|
return NLMSG_ALIGN(sizeof(struct ifaddrmsg))
|
|
|
|
+ nla_total_size(4) /* IFA_ADDRESS */
|
|
|
|
+ nla_total_size(4) /* IFA_LOCAL */
|
|
|
|
+ nla_total_size(4) /* IFA_BROADCAST */
|
|
|
|
+ nla_total_size(IFNAMSIZ); /* IFA_LABEL */
|
|
|
|
}
|
|
|
|
|
2013-01-24 13:41:41 +04:00
|
|
|
static inline u32 cstamp_delta(unsigned long cstamp)
|
|
|
|
{
|
|
|
|
return (cstamp - INITIAL_JIFFIES) * 100UL / HZ;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int put_cacheinfo(struct sk_buff *skb, unsigned long cstamp,
|
|
|
|
unsigned long tstamp, u32 preferred, u32 valid)
|
|
|
|
{
|
|
|
|
struct ifa_cacheinfo ci;
|
|
|
|
|
|
|
|
ci.cstamp = cstamp_delta(cstamp);
|
|
|
|
ci.tstamp = cstamp_delta(tstamp);
|
|
|
|
ci.ifa_prefered = preferred;
|
|
|
|
ci.ifa_valid = valid;
|
|
|
|
|
|
|
|
return nla_put(skb, IFA_CACHEINFO, sizeof(ci), &ci);
|
|
|
|
}
|
|
|
|
|
2005-04-17 02:20:36 +04:00
|
|
|
static int inet_fill_ifaddr(struct sk_buff *skb, struct in_ifaddr *ifa,
|
2012-09-08 00:12:54 +04:00
|
|
|
u32 portid, u32 seq, int event, unsigned int flags)
|
2005-04-17 02:20:36 +04:00
|
|
|
{
|
|
|
|
struct ifaddrmsg *ifm;
|
|
|
|
struct nlmsghdr *nlh;
|
2013-01-24 13:41:41 +04:00
|
|
|
u32 preferred, valid;
|
2005-04-17 02:20:36 +04:00
|
|
|
|
2012-09-08 00:12:54 +04:00
|
|
|
nlh = nlmsg_put(skb, portid, seq, event, sizeof(*ifm), flags);
|
2006-08-05 10:04:36 +04:00
|
|
|
if (nlh == NULL)
|
2007-02-01 10:16:40 +03:00
|
|
|
return -EMSGSIZE;
|
2006-08-05 10:04:36 +04:00
|
|
|
|
|
|
|
ifm = nlmsg_data(nlh);
|
2005-04-17 02:20:36 +04:00
|
|
|
ifm->ifa_family = AF_INET;
|
|
|
|
ifm->ifa_prefixlen = ifa->ifa_prefixlen;
|
2013-01-24 13:41:41 +04:00
|
|
|
ifm->ifa_flags = ifa->ifa_flags;
|
2005-04-17 02:20:36 +04:00
|
|
|
ifm->ifa_scope = ifa->ifa_scope;
|
|
|
|
ifm->ifa_index = ifa->ifa_dev->dev->ifindex;
|
2006-08-05 10:04:36 +04:00
|
|
|
|
2013-01-24 13:41:41 +04:00
|
|
|
if (!(ifm->ifa_flags & IFA_F_PERMANENT)) {
|
|
|
|
preferred = ifa->ifa_preferred_lft;
|
|
|
|
valid = ifa->ifa_valid_lft;
|
|
|
|
if (preferred != INFINITY_LIFE_TIME) {
|
|
|
|
long tval = (jiffies - ifa->ifa_tstamp) / HZ;
|
|
|
|
|
|
|
|
if (preferred > tval)
|
|
|
|
preferred -= tval;
|
|
|
|
else
|
|
|
|
preferred = 0;
|
|
|
|
if (valid != INFINITY_LIFE_TIME) {
|
|
|
|
if (valid > tval)
|
|
|
|
valid -= tval;
|
|
|
|
else
|
|
|
|
valid = 0;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
preferred = INFINITY_LIFE_TIME;
|
|
|
|
valid = INFINITY_LIFE_TIME;
|
|
|
|
}
|
2012-04-02 04:39:02 +04:00
|
|
|
if ((ifa->ifa_address &&
|
|
|
|
nla_put_be32(skb, IFA_ADDRESS, ifa->ifa_address)) ||
|
|
|
|
(ifa->ifa_local &&
|
|
|
|
nla_put_be32(skb, IFA_LOCAL, ifa->ifa_local)) ||
|
|
|
|
(ifa->ifa_broadcast &&
|
|
|
|
nla_put_be32(skb, IFA_BROADCAST, ifa->ifa_broadcast)) ||
|
|
|
|
(ifa->ifa_label[0] &&
|
2013-01-24 13:41:41 +04:00
|
|
|
nla_put_string(skb, IFA_LABEL, ifa->ifa_label)) ||
|
|
|
|
put_cacheinfo(skb, ifa->ifa_cstamp, ifa->ifa_tstamp,
|
|
|
|
preferred, valid))
|
2012-04-02 04:39:02 +04:00
|
|
|
goto nla_put_failure;
|
2005-04-17 02:20:36 +04:00
|
|
|
|
2006-08-05 10:04:36 +04:00
|
|
|
return nlmsg_end(skb, nlh);
|
|
|
|
|
|
|
|
nla_put_failure:
|
2007-02-01 10:16:40 +03:00
|
|
|
nlmsg_cancel(skb, nlh);
|
|
|
|
return -EMSGSIZE;
|
2005-04-17 02:20:36 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
static int inet_dump_ifaddr(struct sk_buff *skb, struct netlink_callback *cb)
|
|
|
|
{
|
2008-03-25 20:26:21 +03:00
|
|
|
struct net *net = sock_net(skb->sk);
|
2009-11-12 10:44:25 +03:00
|
|
|
int h, s_h;
|
|
|
|
int idx, s_idx;
|
|
|
|
int ip_idx, s_ip_idx;
|
2005-04-17 02:20:36 +04:00
|
|
|
struct net_device *dev;
|
|
|
|
struct in_device *in_dev;
|
|
|
|
struct in_ifaddr *ifa;
|
2009-11-12 10:44:25 +03:00
|
|
|
struct hlist_head *head;
|
2005-04-17 02:20:36 +04:00
|
|
|
|
2009-11-12 10:44:25 +03:00
|
|
|
s_h = cb->args[0];
|
|
|
|
s_idx = idx = cb->args[1];
|
|
|
|
s_ip_idx = ip_idx = cb->args[2];
|
|
|
|
|
|
|
|
for (h = s_h; h < NETDEV_HASHENTRIES; h++, s_idx = 0) {
|
|
|
|
idx = 0;
|
|
|
|
head = &net->dev_index_head[h];
|
|
|
|
rcu_read_lock();
|
2013-03-22 10:28:42 +04:00
|
|
|
cb->seq = atomic_read(&net->ipv4.dev_addr_genid) ^
|
|
|
|
net->dev_base_seq;
|
hlist: drop the node parameter from iterators
I'm not sure why, but the hlist for each entry iterators were conceived
list_for_each_entry(pos, head, member)
The hlist ones were greedy and wanted an extra parameter:
hlist_for_each_entry(tpos, pos, head, member)
Why did they need an extra pos parameter? I'm not quite sure. Not only
they don't really need it, it also prevents the iterator from looking
exactly like the list iterator, which is unfortunate.
Besides the semantic patch, there was some manual work required:
- Fix up the actual hlist iterators in linux/list.h
- Fix up the declaration of other iterators based on the hlist ones.
- A very small amount of places were using the 'node' parameter, this
was modified to use 'obj->member' instead.
- Coccinelle didn't handle the hlist_for_each_entry_safe iterator
properly, so those had to be fixed up manually.
The semantic patch which is mostly the work of Peter Senna Tschudin is here:
@@
iterator name hlist_for_each_entry, hlist_for_each_entry_continue, hlist_for_each_entry_from, hlist_for_each_entry_rcu, hlist_for_each_entry_rcu_bh, hlist_for_each_entry_continue_rcu_bh, for_each_busy_worker, ax25_uid_for_each, ax25_for_each, inet_bind_bucket_for_each, sctp_for_each_hentry, sk_for_each, sk_for_each_rcu, sk_for_each_from, sk_for_each_safe, sk_for_each_bound, hlist_for_each_entry_safe, hlist_for_each_entry_continue_rcu, nr_neigh_for_each, nr_neigh_for_each_safe, nr_node_for_each, nr_node_for_each_safe, for_each_gfn_indirect_valid_sp, for_each_gfn_sp, for_each_host;
type T;
expression a,c,d,e;
identifier b;
statement S;
@@
-T b;
<+... when != b
(
hlist_for_each_entry(a,
- b,
c, d) S
|
hlist_for_each_entry_continue(a,
- b,
c) S
|
hlist_for_each_entry_from(a,
- b,
c) S
|
hlist_for_each_entry_rcu(a,
- b,
c, d) S
|
hlist_for_each_entry_rcu_bh(a,
- b,
c, d) S
|
hlist_for_each_entry_continue_rcu_bh(a,
- b,
c) S
|
for_each_busy_worker(a, c,
- b,
d) S
|
ax25_uid_for_each(a,
- b,
c) S
|
ax25_for_each(a,
- b,
c) S
|
inet_bind_bucket_for_each(a,
- b,
c) S
|
sctp_for_each_hentry(a,
- b,
c) S
|
sk_for_each(a,
- b,
c) S
|
sk_for_each_rcu(a,
- b,
c) S
|
sk_for_each_from
-(a, b)
+(a)
S
+ sk_for_each_from(a) S
|
sk_for_each_safe(a,
- b,
c, d) S
|
sk_for_each_bound(a,
- b,
c) S
|
hlist_for_each_entry_safe(a,
- b,
c, d, e) S
|
hlist_for_each_entry_continue_rcu(a,
- b,
c) S
|
nr_neigh_for_each(a,
- b,
c) S
|
nr_neigh_for_each_safe(a,
- b,
c, d) S
|
nr_node_for_each(a,
- b,
c) S
|
nr_node_for_each_safe(a,
- b,
c, d) S
|
- for_each_gfn_sp(a, c, d, b) S
+ for_each_gfn_sp(a, c, d) S
|
- for_each_gfn_indirect_valid_sp(a, c, d, b) S
+ for_each_gfn_indirect_valid_sp(a, c, d) S
|
for_each_host(a,
- b,
c) S
|
for_each_host_safe(a,
- b,
c, d) S
|
for_each_mesh_entry(a,
- b,
c, d) S
)
...+>
[akpm@linux-foundation.org: drop bogus change from net/ipv4/raw.c]
[akpm@linux-foundation.org: drop bogus hunk from net/ipv6/raw.c]
[akpm@linux-foundation.org: checkpatch fixes]
[akpm@linux-foundation.org: fix warnings]
[akpm@linux-foudnation.org: redo intrusive kvm changes]
Tested-by: Peter Senna Tschudin <peter.senna@gmail.com>
Acked-by: Paul E. McKenney <paulmck@linux.vnet.ibm.com>
Signed-off-by: Sasha Levin <sasha.levin@oracle.com>
Cc: Wu Fengguang <fengguang.wu@intel.com>
Cc: Marcelo Tosatti <mtosatti@redhat.com>
Cc: Gleb Natapov <gleb@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2013-02-28 05:06:00 +04:00
|
|
|
hlist_for_each_entry_rcu(dev, head, index_hlist) {
|
2009-11-12 10:44:25 +03:00
|
|
|
if (idx < s_idx)
|
|
|
|
goto cont;
|
2010-03-27 06:27:49 +03:00
|
|
|
if (h > s_h || idx > s_idx)
|
2009-11-12 10:44:25 +03:00
|
|
|
s_ip_idx = 0;
|
|
|
|
in_dev = __in_dev_get_rcu(dev);
|
|
|
|
if (!in_dev)
|
|
|
|
goto cont;
|
2005-04-17 02:20:36 +04:00
|
|
|
|
2009-11-12 10:44:25 +03:00
|
|
|
for (ifa = in_dev->ifa_list, ip_idx = 0; ifa;
|
|
|
|
ifa = ifa->ifa_next, ip_idx++) {
|
|
|
|
if (ip_idx < s_ip_idx)
|
|
|
|
continue;
|
|
|
|
if (inet_fill_ifaddr(skb, ifa,
|
2012-09-08 00:12:54 +04:00
|
|
|
NETLINK_CB(cb->skb).portid,
|
2005-04-17 02:20:36 +04:00
|
|
|
cb->nlh->nlmsg_seq,
|
2009-11-12 10:44:25 +03:00
|
|
|
RTM_NEWADDR, NLM_F_MULTI) <= 0) {
|
|
|
|
rcu_read_unlock();
|
|
|
|
goto done;
|
|
|
|
}
|
2013-03-22 10:28:42 +04:00
|
|
|
nl_dump_check_consistent(cb, nlmsg_hdr(skb));
|
2009-11-12 10:44:25 +03:00
|
|
|
}
|
2007-05-04 02:13:45 +04:00
|
|
|
cont:
|
2009-11-12 10:44:25 +03:00
|
|
|
idx++;
|
|
|
|
}
|
|
|
|
rcu_read_unlock();
|
2005-04-17 02:20:36 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
done:
|
2009-11-12 10:44:25 +03:00
|
|
|
cb->args[0] = h;
|
|
|
|
cb->args[1] = idx;
|
|
|
|
cb->args[2] = ip_idx;
|
2005-04-17 02:20:36 +04:00
|
|
|
|
|
|
|
return skb->len;
|
|
|
|
}
|
|
|
|
|
2008-11-03 13:48:48 +03:00
|
|
|
static void rtmsg_ifa(int event, struct in_ifaddr *ifa, struct nlmsghdr *nlh,
|
2012-09-08 00:12:54 +04:00
|
|
|
u32 portid)
|
2005-04-17 02:20:36 +04:00
|
|
|
{
|
2006-08-05 10:04:36 +04:00
|
|
|
struct sk_buff *skb;
|
2006-08-15 11:33:59 +04:00
|
|
|
u32 seq = nlh ? nlh->nlmsg_seq : 0;
|
|
|
|
int err = -ENOBUFS;
|
2008-02-01 05:47:40 +03:00
|
|
|
struct net *net;
|
2005-04-17 02:20:36 +04:00
|
|
|
|
2008-03-25 15:47:49 +03:00
|
|
|
net = dev_net(ifa->ifa_dev->dev);
|
2006-11-11 01:10:15 +03:00
|
|
|
skb = nlmsg_new(inet_nlmsg_size(), GFP_KERNEL);
|
2006-08-05 10:04:36 +04:00
|
|
|
if (skb == NULL)
|
2006-08-15 11:33:59 +04:00
|
|
|
goto errout;
|
|
|
|
|
2012-09-08 00:12:54 +04:00
|
|
|
err = inet_fill_ifaddr(skb, ifa, portid, seq, event, 0);
|
2007-02-01 10:16:40 +03:00
|
|
|
if (err < 0) {
|
|
|
|
/* -EMSGSIZE implies BUG in inet_nlmsg_size() */
|
|
|
|
WARN_ON(err == -EMSGSIZE);
|
|
|
|
kfree_skb(skb);
|
|
|
|
goto errout;
|
|
|
|
}
|
2012-09-08 00:12:54 +04:00
|
|
|
rtnl_notify(skb, net, portid, RTNLGRP_IPV4_IFADDR, nlh, GFP_KERNEL);
|
2009-02-25 10:18:28 +03:00
|
|
|
return;
|
2006-08-15 11:33:59 +04:00
|
|
|
errout:
|
|
|
|
if (err < 0)
|
2008-02-01 05:47:40 +03:00
|
|
|
rtnl_set_sk_err(net, RTNLGRP_IPV4_IFADDR, err);
|
2005-04-17 02:20:36 +04:00
|
|
|
}
|
|
|
|
|
2010-11-16 07:32:48 +03:00
|
|
|
static size_t inet_get_link_af_size(const struct net_device *dev)
|
|
|
|
{
|
2011-05-10 07:55:03 +04:00
|
|
|
struct in_device *in_dev = rcu_dereference_rtnl(dev->ip_ptr);
|
2010-11-16 07:32:48 +03:00
|
|
|
|
|
|
|
if (!in_dev)
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
return nla_total_size(IPV4_DEVCONF_MAX * 4); /* IFLA_INET_CONF */
|
|
|
|
}
|
|
|
|
|
|
|
|
static int inet_fill_link_af(struct sk_buff *skb, const struct net_device *dev)
|
|
|
|
{
|
2011-05-10 07:55:03 +04:00
|
|
|
struct in_device *in_dev = rcu_dereference_rtnl(dev->ip_ptr);
|
2010-11-16 07:32:48 +03:00
|
|
|
struct nlattr *nla;
|
|
|
|
int i;
|
|
|
|
|
|
|
|
if (!in_dev)
|
|
|
|
return -ENODATA;
|
|
|
|
|
|
|
|
nla = nla_reserve(skb, IFLA_INET_CONF, IPV4_DEVCONF_MAX * 4);
|
|
|
|
if (nla == NULL)
|
|
|
|
return -EMSGSIZE;
|
|
|
|
|
|
|
|
for (i = 0; i < IPV4_DEVCONF_MAX; i++)
|
|
|
|
((u32 *) nla_data(nla))[i] = in_dev->cnf.data[i];
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
static const struct nla_policy inet_af_policy[IFLA_INET_MAX+1] = {
|
|
|
|
[IFLA_INET_CONF] = { .type = NLA_NESTED },
|
|
|
|
};
|
|
|
|
|
2010-11-22 04:31:54 +03:00
|
|
|
static int inet_validate_link_af(const struct net_device *dev,
|
|
|
|
const struct nlattr *nla)
|
2010-11-16 07:32:48 +03:00
|
|
|
{
|
|
|
|
struct nlattr *a, *tb[IFLA_INET_MAX+1];
|
|
|
|
int err, rem;
|
|
|
|
|
2010-12-01 09:03:06 +03:00
|
|
|
if (dev && !__in_dev_get_rtnl(dev))
|
2010-11-22 04:31:54 +03:00
|
|
|
return -EAFNOSUPPORT;
|
2010-11-16 07:32:48 +03:00
|
|
|
|
|
|
|
err = nla_parse_nested(tb, IFLA_INET_MAX, nla, inet_af_policy);
|
|
|
|
if (err < 0)
|
|
|
|
return err;
|
|
|
|
|
|
|
|
if (tb[IFLA_INET_CONF]) {
|
|
|
|
nla_for_each_nested(a, tb[IFLA_INET_CONF], rem) {
|
|
|
|
int cfgid = nla_type(a);
|
|
|
|
|
|
|
|
if (nla_len(a) < 4)
|
|
|
|
return -EINVAL;
|
|
|
|
|
|
|
|
if (cfgid <= 0 || cfgid > IPV4_DEVCONF_MAX)
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2010-11-22 04:31:54 +03:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int inet_set_link_af(struct net_device *dev, const struct nlattr *nla)
|
|
|
|
{
|
2010-12-01 09:03:06 +03:00
|
|
|
struct in_device *in_dev = __in_dev_get_rtnl(dev);
|
2010-11-22 04:31:54 +03:00
|
|
|
struct nlattr *a, *tb[IFLA_INET_MAX+1];
|
|
|
|
int rem;
|
|
|
|
|
|
|
|
if (!in_dev)
|
|
|
|
return -EAFNOSUPPORT;
|
|
|
|
|
|
|
|
if (nla_parse_nested(tb, IFLA_INET_MAX, nla, NULL) < 0)
|
|
|
|
BUG();
|
|
|
|
|
2010-11-16 07:32:48 +03:00
|
|
|
if (tb[IFLA_INET_CONF]) {
|
|
|
|
nla_for_each_nested(a, tb[IFLA_INET_CONF], rem)
|
|
|
|
ipv4_devconf_set(in_dev, nla_type(a), nla_get_u32(a));
|
|
|
|
}
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2012-10-26 02:28:52 +04:00
|
|
|
static int inet_netconf_msgsize_devconf(int type)
|
|
|
|
{
|
|
|
|
int size = NLMSG_ALIGN(sizeof(struct netconfmsg))
|
|
|
|
+ nla_total_size(4); /* NETCONFA_IFINDEX */
|
|
|
|
|
2012-10-26 02:28:53 +04:00
|
|
|
/* type -1 is used for ALL */
|
|
|
|
if (type == -1 || type == NETCONFA_FORWARDING)
|
2012-10-26 02:28:52 +04:00
|
|
|
size += nla_total_size(4);
|
2012-10-29 08:53:27 +04:00
|
|
|
if (type == -1 || type == NETCONFA_RP_FILTER)
|
|
|
|
size += nla_total_size(4);
|
2012-12-04 05:13:35 +04:00
|
|
|
if (type == -1 || type == NETCONFA_MC_FORWARDING)
|
|
|
|
size += nla_total_size(4);
|
2012-10-26 02:28:52 +04:00
|
|
|
|
|
|
|
return size;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int inet_netconf_fill_devconf(struct sk_buff *skb, int ifindex,
|
|
|
|
struct ipv4_devconf *devconf, u32 portid,
|
|
|
|
u32 seq, int event, unsigned int flags,
|
|
|
|
int type)
|
|
|
|
{
|
|
|
|
struct nlmsghdr *nlh;
|
|
|
|
struct netconfmsg *ncm;
|
|
|
|
|
|
|
|
nlh = nlmsg_put(skb, portid, seq, event, sizeof(struct netconfmsg),
|
|
|
|
flags);
|
|
|
|
if (nlh == NULL)
|
|
|
|
return -EMSGSIZE;
|
|
|
|
|
|
|
|
ncm = nlmsg_data(nlh);
|
|
|
|
ncm->ncm_family = AF_INET;
|
|
|
|
|
|
|
|
if (nla_put_s32(skb, NETCONFA_IFINDEX, ifindex) < 0)
|
|
|
|
goto nla_put_failure;
|
|
|
|
|
2012-10-26 02:28:53 +04:00
|
|
|
/* type -1 is used for ALL */
|
|
|
|
if ((type == -1 || type == NETCONFA_FORWARDING) &&
|
2012-10-26 02:28:52 +04:00
|
|
|
nla_put_s32(skb, NETCONFA_FORWARDING,
|
|
|
|
IPV4_DEVCONF(*devconf, FORWARDING)) < 0)
|
|
|
|
goto nla_put_failure;
|
2012-10-29 08:53:27 +04:00
|
|
|
if ((type == -1 || type == NETCONFA_RP_FILTER) &&
|
|
|
|
nla_put_s32(skb, NETCONFA_RP_FILTER,
|
|
|
|
IPV4_DEVCONF(*devconf, RP_FILTER)) < 0)
|
|
|
|
goto nla_put_failure;
|
2012-12-04 05:13:35 +04:00
|
|
|
if ((type == -1 || type == NETCONFA_MC_FORWARDING) &&
|
|
|
|
nla_put_s32(skb, NETCONFA_MC_FORWARDING,
|
|
|
|
IPV4_DEVCONF(*devconf, MC_FORWARDING)) < 0)
|
|
|
|
goto nla_put_failure;
|
2012-10-26 02:28:52 +04:00
|
|
|
|
|
|
|
return nlmsg_end(skb, nlh);
|
|
|
|
|
|
|
|
nla_put_failure:
|
|
|
|
nlmsg_cancel(skb, nlh);
|
|
|
|
return -EMSGSIZE;
|
|
|
|
}
|
|
|
|
|
2012-12-04 05:13:35 +04:00
|
|
|
void inet_netconf_notify_devconf(struct net *net, int type, int ifindex,
|
|
|
|
struct ipv4_devconf *devconf)
|
2012-10-26 02:28:52 +04:00
|
|
|
{
|
|
|
|
struct sk_buff *skb;
|
|
|
|
int err = -ENOBUFS;
|
|
|
|
|
|
|
|
skb = nlmsg_new(inet_netconf_msgsize_devconf(type), GFP_ATOMIC);
|
|
|
|
if (skb == NULL)
|
|
|
|
goto errout;
|
|
|
|
|
|
|
|
err = inet_netconf_fill_devconf(skb, ifindex, devconf, 0, 0,
|
|
|
|
RTM_NEWNETCONF, 0, type);
|
|
|
|
if (err < 0) {
|
|
|
|
/* -EMSGSIZE implies BUG in inet_netconf_msgsize_devconf() */
|
|
|
|
WARN_ON(err == -EMSGSIZE);
|
|
|
|
kfree_skb(skb);
|
|
|
|
goto errout;
|
|
|
|
}
|
|
|
|
rtnl_notify(skb, net, 0, RTNLGRP_IPV4_NETCONF, NULL, GFP_ATOMIC);
|
|
|
|
return;
|
|
|
|
errout:
|
|
|
|
if (err < 0)
|
|
|
|
rtnl_set_sk_err(net, RTNLGRP_IPV4_NETCONF, err);
|
|
|
|
}
|
|
|
|
|
2012-10-26 02:28:53 +04:00
|
|
|
static const struct nla_policy devconf_ipv4_policy[NETCONFA_MAX+1] = {
|
|
|
|
[NETCONFA_IFINDEX] = { .len = sizeof(int) },
|
|
|
|
[NETCONFA_FORWARDING] = { .len = sizeof(int) },
|
2012-10-29 08:53:27 +04:00
|
|
|
[NETCONFA_RP_FILTER] = { .len = sizeof(int) },
|
2012-10-26 02:28:53 +04:00
|
|
|
};
|
|
|
|
|
|
|
|
static int inet_netconf_get_devconf(struct sk_buff *in_skb,
|
2013-03-21 11:45:29 +04:00
|
|
|
struct nlmsghdr *nlh)
|
2012-10-26 02:28:53 +04:00
|
|
|
{
|
|
|
|
struct net *net = sock_net(in_skb->sk);
|
|
|
|
struct nlattr *tb[NETCONFA_MAX+1];
|
|
|
|
struct netconfmsg *ncm;
|
|
|
|
struct sk_buff *skb;
|
|
|
|
struct ipv4_devconf *devconf;
|
|
|
|
struct in_device *in_dev;
|
|
|
|
struct net_device *dev;
|
|
|
|
int ifindex;
|
|
|
|
int err;
|
|
|
|
|
|
|
|
err = nlmsg_parse(nlh, sizeof(*ncm), tb, NETCONFA_MAX,
|
|
|
|
devconf_ipv4_policy);
|
|
|
|
if (err < 0)
|
|
|
|
goto errout;
|
|
|
|
|
|
|
|
err = EINVAL;
|
|
|
|
if (!tb[NETCONFA_IFINDEX])
|
|
|
|
goto errout;
|
|
|
|
|
|
|
|
ifindex = nla_get_s32(tb[NETCONFA_IFINDEX]);
|
|
|
|
switch (ifindex) {
|
|
|
|
case NETCONFA_IFINDEX_ALL:
|
|
|
|
devconf = net->ipv4.devconf_all;
|
|
|
|
break;
|
|
|
|
case NETCONFA_IFINDEX_DEFAULT:
|
|
|
|
devconf = net->ipv4.devconf_dflt;
|
|
|
|
break;
|
|
|
|
default:
|
|
|
|
dev = __dev_get_by_index(net, ifindex);
|
|
|
|
if (dev == NULL)
|
|
|
|
goto errout;
|
|
|
|
in_dev = __in_dev_get_rtnl(dev);
|
|
|
|
if (in_dev == NULL)
|
|
|
|
goto errout;
|
|
|
|
devconf = &in_dev->cnf;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
err = -ENOBUFS;
|
|
|
|
skb = nlmsg_new(inet_netconf_msgsize_devconf(-1), GFP_ATOMIC);
|
|
|
|
if (skb == NULL)
|
|
|
|
goto errout;
|
|
|
|
|
|
|
|
err = inet_netconf_fill_devconf(skb, ifindex, devconf,
|
|
|
|
NETLINK_CB(in_skb).portid,
|
|
|
|
nlh->nlmsg_seq, RTM_NEWNETCONF, 0,
|
|
|
|
-1);
|
|
|
|
if (err < 0) {
|
|
|
|
/* -EMSGSIZE implies BUG in inet_netconf_msgsize_devconf() */
|
|
|
|
WARN_ON(err == -EMSGSIZE);
|
|
|
|
kfree_skb(skb);
|
|
|
|
goto errout;
|
|
|
|
}
|
|
|
|
err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).portid);
|
|
|
|
errout:
|
|
|
|
return err;
|
|
|
|
}
|
|
|
|
|
2013-03-06 03:42:06 +04:00
|
|
|
static int inet_netconf_dump_devconf(struct sk_buff *skb,
|
|
|
|
struct netlink_callback *cb)
|
|
|
|
{
|
|
|
|
struct net *net = sock_net(skb->sk);
|
|
|
|
int h, s_h;
|
|
|
|
int idx, s_idx;
|
|
|
|
struct net_device *dev;
|
|
|
|
struct in_device *in_dev;
|
|
|
|
struct hlist_head *head;
|
|
|
|
|
|
|
|
s_h = cb->args[0];
|
|
|
|
s_idx = idx = cb->args[1];
|
|
|
|
|
|
|
|
for (h = s_h; h < NETDEV_HASHENTRIES; h++, s_idx = 0) {
|
|
|
|
idx = 0;
|
|
|
|
head = &net->dev_index_head[h];
|
|
|
|
rcu_read_lock();
|
2013-03-22 10:28:42 +04:00
|
|
|
cb->seq = atomic_read(&net->ipv4.dev_addr_genid) ^
|
|
|
|
net->dev_base_seq;
|
2013-03-06 03:42:06 +04:00
|
|
|
hlist_for_each_entry_rcu(dev, head, index_hlist) {
|
|
|
|
if (idx < s_idx)
|
|
|
|
goto cont;
|
|
|
|
in_dev = __in_dev_get_rcu(dev);
|
|
|
|
if (!in_dev)
|
|
|
|
goto cont;
|
|
|
|
|
|
|
|
if (inet_netconf_fill_devconf(skb, dev->ifindex,
|
|
|
|
&in_dev->cnf,
|
|
|
|
NETLINK_CB(cb->skb).portid,
|
|
|
|
cb->nlh->nlmsg_seq,
|
|
|
|
RTM_NEWNETCONF,
|
|
|
|
NLM_F_MULTI,
|
|
|
|
-1) <= 0) {
|
|
|
|
rcu_read_unlock();
|
|
|
|
goto done;
|
|
|
|
}
|
2013-03-22 10:28:42 +04:00
|
|
|
nl_dump_check_consistent(cb, nlmsg_hdr(skb));
|
2013-03-06 03:42:06 +04:00
|
|
|
cont:
|
|
|
|
idx++;
|
|
|
|
}
|
|
|
|
rcu_read_unlock();
|
|
|
|
}
|
|
|
|
if (h == NETDEV_HASHENTRIES) {
|
|
|
|
if (inet_netconf_fill_devconf(skb, NETCONFA_IFINDEX_ALL,
|
|
|
|
net->ipv4.devconf_all,
|
|
|
|
NETLINK_CB(cb->skb).portid,
|
|
|
|
cb->nlh->nlmsg_seq,
|
|
|
|
RTM_NEWNETCONF, NLM_F_MULTI,
|
|
|
|
-1) <= 0)
|
|
|
|
goto done;
|
|
|
|
else
|
|
|
|
h++;
|
|
|
|
}
|
|
|
|
if (h == NETDEV_HASHENTRIES + 1) {
|
|
|
|
if (inet_netconf_fill_devconf(skb, NETCONFA_IFINDEX_DEFAULT,
|
|
|
|
net->ipv4.devconf_dflt,
|
|
|
|
NETLINK_CB(cb->skb).portid,
|
|
|
|
cb->nlh->nlmsg_seq,
|
|
|
|
RTM_NEWNETCONF, NLM_F_MULTI,
|
|
|
|
-1) <= 0)
|
|
|
|
goto done;
|
|
|
|
else
|
|
|
|
h++;
|
|
|
|
}
|
|
|
|
done:
|
|
|
|
cb->args[0] = h;
|
|
|
|
cb->args[1] = idx;
|
|
|
|
|
|
|
|
return skb->len;
|
|
|
|
}
|
|
|
|
|
2005-04-17 02:20:36 +04:00
|
|
|
#ifdef CONFIG_SYSCTL
|
|
|
|
|
2007-12-17 00:31:14 +03:00
|
|
|
static void devinet_copy_dflt_conf(struct net *net, int i)
|
2007-06-05 10:35:37 +04:00
|
|
|
{
|
|
|
|
struct net_device *dev;
|
|
|
|
|
2009-11-04 16:43:23 +03:00
|
|
|
rcu_read_lock();
|
|
|
|
for_each_netdev_rcu(net, dev) {
|
2007-06-05 10:35:37 +04:00
|
|
|
struct in_device *in_dev;
|
2009-11-04 16:43:23 +03:00
|
|
|
|
2007-06-05 10:35:37 +04:00
|
|
|
in_dev = __in_dev_get_rcu(dev);
|
|
|
|
if (in_dev && !test_bit(i, in_dev->cnf.state))
|
2007-12-17 00:32:16 +03:00
|
|
|
in_dev->cnf.data[i] = net->ipv4.devconf_dflt->data[i];
|
2007-06-05 10:35:37 +04:00
|
|
|
}
|
2009-11-04 16:43:23 +03:00
|
|
|
rcu_read_unlock();
|
2007-06-05 10:35:37 +04:00
|
|
|
}
|
|
|
|
|
2009-11-04 16:43:23 +03:00
|
|
|
/* called with RTNL locked */
|
2007-12-17 00:31:14 +03:00
|
|
|
static void inet_forward_change(struct net *net)
|
2007-12-05 12:44:58 +03:00
|
|
|
{
|
|
|
|
struct net_device *dev;
|
2007-12-17 00:32:48 +03:00
|
|
|
int on = IPV4_DEVCONF_ALL(net, FORWARDING);
|
2007-12-05 12:44:58 +03:00
|
|
|
|
2007-12-17 00:32:48 +03:00
|
|
|
IPV4_DEVCONF_ALL(net, ACCEPT_REDIRECTS) = !on;
|
2007-12-17 00:32:16 +03:00
|
|
|
IPV4_DEVCONF_DFLT(net, FORWARDING) = on;
|
2012-10-26 02:28:52 +04:00
|
|
|
inet_netconf_notify_devconf(net, NETCONFA_FORWARDING,
|
|
|
|
NETCONFA_IFINDEX_ALL,
|
|
|
|
net->ipv4.devconf_all);
|
|
|
|
inet_netconf_notify_devconf(net, NETCONFA_FORWARDING,
|
|
|
|
NETCONFA_IFINDEX_DEFAULT,
|
|
|
|
net->ipv4.devconf_dflt);
|
2007-12-05 12:44:58 +03:00
|
|
|
|
2007-12-17 00:31:14 +03:00
|
|
|
for_each_netdev(net, dev) {
|
2007-12-05 12:44:58 +03:00
|
|
|
struct in_device *in_dev;
|
2008-06-20 03:15:47 +04:00
|
|
|
if (on)
|
|
|
|
dev_disable_lro(dev);
|
2007-12-05 12:44:58 +03:00
|
|
|
rcu_read_lock();
|
|
|
|
in_dev = __in_dev_get_rcu(dev);
|
2012-10-26 02:28:52 +04:00
|
|
|
if (in_dev) {
|
2007-12-05 12:44:58 +03:00
|
|
|
IN_DEV_CONF_SET(in_dev, FORWARDING, on);
|
2012-10-26 02:28:52 +04:00
|
|
|
inet_netconf_notify_devconf(net, NETCONFA_FORWARDING,
|
|
|
|
dev->ifindex, &in_dev->cnf);
|
|
|
|
}
|
2007-12-05 12:44:58 +03:00
|
|
|
rcu_read_unlock();
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2013-06-12 10:04:25 +04:00
|
|
|
static int devinet_conf_proc(struct ctl_table *ctl, int write,
|
2009-09-24 02:57:19 +04:00
|
|
|
void __user *buffer,
|
2007-06-05 10:35:37 +04:00
|
|
|
size_t *lenp, loff_t *ppos)
|
|
|
|
{
|
2011-12-01 19:47:06 +04:00
|
|
|
int old_value = *(int *)ctl->data;
|
2009-09-24 02:57:19 +04:00
|
|
|
int ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
|
2011-12-01 19:47:06 +04:00
|
|
|
int new_value = *(int *)ctl->data;
|
2007-06-05 10:35:37 +04:00
|
|
|
|
|
|
|
if (write) {
|
|
|
|
struct ipv4_devconf *cnf = ctl->extra1;
|
2007-12-17 00:31:14 +03:00
|
|
|
struct net *net = ctl->extra2;
|
2007-06-05 10:35:37 +04:00
|
|
|
int i = (int *)ctl->data - cnf->data;
|
|
|
|
|
|
|
|
set_bit(i, cnf->state);
|
|
|
|
|
2007-12-17 00:32:16 +03:00
|
|
|
if (cnf == net->ipv4.devconf_dflt)
|
2007-12-17 00:31:14 +03:00
|
|
|
devinet_copy_dflt_conf(net, i);
|
2012-06-12 04:44:01 +04:00
|
|
|
if (i == IPV4_DEVCONF_ACCEPT_LOCAL - 1 ||
|
|
|
|
i == IPV4_DEVCONF_ROUTE_LOCALNET - 1)
|
2011-12-01 19:47:06 +04:00
|
|
|
if ((new_value == 0) && (old_value != 0))
|
2012-09-07 04:45:29 +04:00
|
|
|
rt_cache_flush(net);
|
2012-10-29 08:53:27 +04:00
|
|
|
if (i == IPV4_DEVCONF_RP_FILTER - 1 &&
|
|
|
|
new_value != old_value) {
|
|
|
|
int ifindex;
|
|
|
|
|
|
|
|
if (cnf == net->ipv4.devconf_dflt)
|
|
|
|
ifindex = NETCONFA_IFINDEX_DEFAULT;
|
|
|
|
else if (cnf == net->ipv4.devconf_all)
|
|
|
|
ifindex = NETCONFA_IFINDEX_ALL;
|
|
|
|
else {
|
|
|
|
struct in_device *idev =
|
|
|
|
container_of(cnf, struct in_device,
|
|
|
|
cnf);
|
|
|
|
ifindex = idev->dev->ifindex;
|
|
|
|
}
|
|
|
|
inet_netconf_notify_devconf(net, NETCONFA_RP_FILTER,
|
|
|
|
ifindex, cnf);
|
|
|
|
}
|
2007-06-05 10:35:37 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
2013-06-12 10:04:25 +04:00
|
|
|
static int devinet_sysctl_forward(struct ctl_table *ctl, int write,
|
2009-09-24 02:57:19 +04:00
|
|
|
void __user *buffer,
|
2005-04-17 02:20:36 +04:00
|
|
|
size_t *lenp, loff_t *ppos)
|
|
|
|
{
|
|
|
|
int *valp = ctl->data;
|
|
|
|
int val = *valp;
|
2010-02-19 16:22:59 +03:00
|
|
|
loff_t pos = *ppos;
|
2009-09-24 02:57:19 +04:00
|
|
|
int ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
|
2005-04-17 02:20:36 +04:00
|
|
|
|
|
|
|
if (write && *valp != val) {
|
2007-12-17 00:31:14 +03:00
|
|
|
struct net *net = ctl->extra2;
|
|
|
|
|
2008-06-20 03:15:47 +04:00
|
|
|
if (valp != &IPV4_DEVCONF_DFLT(net, FORWARDING)) {
|
2010-02-19 16:22:59 +03:00
|
|
|
if (!rtnl_trylock()) {
|
|
|
|
/* Restore the original values before restarting */
|
|
|
|
*valp = val;
|
|
|
|
*ppos = pos;
|
2009-05-13 20:59:21 +04:00
|
|
|
return restart_syscall();
|
2010-02-19 16:22:59 +03:00
|
|
|
}
|
2008-06-20 03:15:47 +04:00
|
|
|
if (valp == &IPV4_DEVCONF_ALL(net, FORWARDING)) {
|
|
|
|
inet_forward_change(net);
|
2012-10-26 02:28:52 +04:00
|
|
|
} else {
|
2008-06-20 03:15:47 +04:00
|
|
|
struct ipv4_devconf *cnf = ctl->extra1;
|
|
|
|
struct in_device *idev =
|
|
|
|
container_of(cnf, struct in_device, cnf);
|
2012-10-26 02:28:52 +04:00
|
|
|
if (*valp)
|
|
|
|
dev_disable_lro(idev->dev);
|
|
|
|
inet_netconf_notify_devconf(net,
|
|
|
|
NETCONFA_FORWARDING,
|
|
|
|
idev->dev->ifindex,
|
|
|
|
cnf);
|
2008-06-20 03:15:47 +04:00
|
|
|
}
|
|
|
|
rtnl_unlock();
|
2012-09-07 04:45:29 +04:00
|
|
|
rt_cache_flush(net);
|
2012-10-26 02:28:52 +04:00
|
|
|
} else
|
|
|
|
inet_netconf_notify_devconf(net, NETCONFA_FORWARDING,
|
|
|
|
NETCONFA_IFINDEX_DEFAULT,
|
|
|
|
net->ipv4.devconf_dflt);
|
2005-04-17 02:20:36 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
2013-06-12 10:04:25 +04:00
|
|
|
static int ipv4_doint_and_flush(struct ctl_table *ctl, int write,
|
2010-12-13 08:55:08 +03:00
|
|
|
void __user *buffer,
|
|
|
|
size_t *lenp, loff_t *ppos)
|
2005-04-17 02:20:36 +04:00
|
|
|
{
|
|
|
|
int *valp = ctl->data;
|
|
|
|
int val = *valp;
|
2009-09-24 02:57:19 +04:00
|
|
|
int ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
|
2008-07-06 06:00:44 +04:00
|
|
|
struct net *net = ctl->extra2;
|
2005-04-17 02:20:36 +04:00
|
|
|
|
|
|
|
if (write && *valp != val)
|
2012-09-07 04:45:29 +04:00
|
|
|
rt_cache_flush(net);
|
2005-04-17 02:20:36 +04:00
|
|
|
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
2009-11-06 00:32:03 +03:00
|
|
|
#define DEVINET_SYSCTL_ENTRY(attr, name, mval, proc) \
|
2007-06-05 10:34:44 +04:00
|
|
|
{ \
|
|
|
|
.procname = name, \
|
|
|
|
.data = ipv4_devconf.data + \
|
2010-02-14 06:25:51 +03:00
|
|
|
IPV4_DEVCONF_ ## attr - 1, \
|
2007-06-05 10:34:44 +04:00
|
|
|
.maxlen = sizeof(int), \
|
|
|
|
.mode = mval, \
|
|
|
|
.proc_handler = proc, \
|
2007-06-05 10:35:37 +04:00
|
|
|
.extra1 = &ipv4_devconf, \
|
2007-06-05 10:34:44 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
#define DEVINET_SYSCTL_RW_ENTRY(attr, name) \
|
2009-11-06 00:32:03 +03:00
|
|
|
DEVINET_SYSCTL_ENTRY(attr, name, 0644, devinet_conf_proc)
|
2007-06-05 10:34:44 +04:00
|
|
|
|
|
|
|
#define DEVINET_SYSCTL_RO_ENTRY(attr, name) \
|
2009-11-06 00:32:03 +03:00
|
|
|
DEVINET_SYSCTL_ENTRY(attr, name, 0444, devinet_conf_proc)
|
2007-06-05 10:34:44 +04:00
|
|
|
|
2009-11-06 00:32:03 +03:00
|
|
|
#define DEVINET_SYSCTL_COMPLEX_ENTRY(attr, name, proc) \
|
|
|
|
DEVINET_SYSCTL_ENTRY(attr, name, 0644, proc)
|
2007-06-05 10:34:44 +04:00
|
|
|
|
|
|
|
#define DEVINET_SYSCTL_FLUSHING_ENTRY(attr, name) \
|
2009-11-06 00:32:03 +03:00
|
|
|
DEVINET_SYSCTL_COMPLEX_ENTRY(attr, name, ipv4_doint_and_flush)
|
2007-06-05 10:34:44 +04:00
|
|
|
|
2005-04-17 02:20:36 +04:00
|
|
|
static struct devinet_sysctl_table {
|
|
|
|
struct ctl_table_header *sysctl_header;
|
2010-02-14 06:25:51 +03:00
|
|
|
struct ctl_table devinet_vars[__IPV4_DEVCONF_MAX];
|
2005-04-17 02:20:36 +04:00
|
|
|
} devinet_sysctl = {
|
|
|
|
.devinet_vars = {
|
2007-06-05 10:34:44 +04:00
|
|
|
DEVINET_SYSCTL_COMPLEX_ENTRY(FORWARDING, "forwarding",
|
2009-11-06 00:32:03 +03:00
|
|
|
devinet_sysctl_forward),
|
2007-06-05 10:34:44 +04:00
|
|
|
DEVINET_SYSCTL_RO_ENTRY(MC_FORWARDING, "mc_forwarding"),
|
|
|
|
|
|
|
|
DEVINET_SYSCTL_RW_ENTRY(ACCEPT_REDIRECTS, "accept_redirects"),
|
|
|
|
DEVINET_SYSCTL_RW_ENTRY(SECURE_REDIRECTS, "secure_redirects"),
|
|
|
|
DEVINET_SYSCTL_RW_ENTRY(SHARED_MEDIA, "shared_media"),
|
|
|
|
DEVINET_SYSCTL_RW_ENTRY(RP_FILTER, "rp_filter"),
|
|
|
|
DEVINET_SYSCTL_RW_ENTRY(SEND_REDIRECTS, "send_redirects"),
|
|
|
|
DEVINET_SYSCTL_RW_ENTRY(ACCEPT_SOURCE_ROUTE,
|
|
|
|
"accept_source_route"),
|
2009-12-03 04:25:58 +03:00
|
|
|
DEVINET_SYSCTL_RW_ENTRY(ACCEPT_LOCAL, "accept_local"),
|
2009-12-26 04:30:22 +03:00
|
|
|
DEVINET_SYSCTL_RW_ENTRY(SRC_VMARK, "src_valid_mark"),
|
2007-06-05 10:34:44 +04:00
|
|
|
DEVINET_SYSCTL_RW_ENTRY(PROXY_ARP, "proxy_arp"),
|
|
|
|
DEVINET_SYSCTL_RW_ENTRY(MEDIUM_ID, "medium_id"),
|
|
|
|
DEVINET_SYSCTL_RW_ENTRY(BOOTP_RELAY, "bootp_relay"),
|
|
|
|
DEVINET_SYSCTL_RW_ENTRY(LOG_MARTIANS, "log_martians"),
|
|
|
|
DEVINET_SYSCTL_RW_ENTRY(TAG, "tag"),
|
|
|
|
DEVINET_SYSCTL_RW_ENTRY(ARPFILTER, "arp_filter"),
|
|
|
|
DEVINET_SYSCTL_RW_ENTRY(ARP_ANNOUNCE, "arp_announce"),
|
|
|
|
DEVINET_SYSCTL_RW_ENTRY(ARP_IGNORE, "arp_ignore"),
|
|
|
|
DEVINET_SYSCTL_RW_ENTRY(ARP_ACCEPT, "arp_accept"),
|
2009-02-01 12:04:33 +03:00
|
|
|
DEVINET_SYSCTL_RW_ENTRY(ARP_NOTIFY, "arp_notify"),
|
2010-01-05 08:50:47 +03:00
|
|
|
DEVINET_SYSCTL_RW_ENTRY(PROXY_ARP_PVLAN, "proxy_arp_pvlan"),
|
2013-08-06 22:03:14 +04:00
|
|
|
DEVINET_SYSCTL_RW_ENTRY(FORCE_IGMP_VERSION,
|
|
|
|
"force_igmp_version"),
|
2013-08-06 22:03:15 +04:00
|
|
|
DEVINET_SYSCTL_RW_ENTRY(IGMPV2_UNSOLICITED_REPORT_INTERVAL,
|
|
|
|
"igmpv2_unsolicited_report_interval"),
|
|
|
|
DEVINET_SYSCTL_RW_ENTRY(IGMPV3_UNSOLICITED_REPORT_INTERVAL,
|
|
|
|
"igmpv3_unsolicited_report_interval"),
|
2007-06-05 10:34:44 +04:00
|
|
|
|
|
|
|
DEVINET_SYSCTL_FLUSHING_ENTRY(NOXFRM, "disable_xfrm"),
|
|
|
|
DEVINET_SYSCTL_FLUSHING_ENTRY(NOPOLICY, "disable_policy"),
|
|
|
|
DEVINET_SYSCTL_FLUSHING_ENTRY(PROMOTE_SECONDARIES,
|
|
|
|
"promote_secondaries"),
|
2012-06-12 04:44:01 +04:00
|
|
|
DEVINET_SYSCTL_FLUSHING_ENTRY(ROUTE_LOCALNET,
|
|
|
|
"route_localnet"),
|
2005-04-17 02:20:36 +04:00
|
|
|
},
|
|
|
|
};
|
|
|
|
|
2007-12-17 00:30:07 +03:00
|
|
|
static int __devinet_sysctl_register(struct net *net, char *dev_name,
|
2009-11-06 00:32:03 +03:00
|
|
|
struct ipv4_devconf *p)
|
2005-04-17 02:20:36 +04:00
|
|
|
{
|
|
|
|
int i;
|
2007-12-01 16:17:46 +03:00
|
|
|
struct devinet_sysctl_table *t;
|
2012-04-19 17:42:09 +04:00
|
|
|
char path[sizeof("net/ipv4/conf/") + IFNAMSIZ];
|
2007-12-01 16:57:08 +03:00
|
|
|
|
2007-12-01 16:17:46 +03:00
|
|
|
t = kmemdup(&devinet_sysctl, sizeof(*t), GFP_KERNEL);
|
2005-04-17 02:20:36 +04:00
|
|
|
if (!t)
|
2007-12-01 16:17:46 +03:00
|
|
|
goto out;
|
|
|
|
|
2005-04-17 02:20:36 +04:00
|
|
|
for (i = 0; i < ARRAY_SIZE(t->devinet_vars) - 1; i++) {
|
|
|
|
t->devinet_vars[i].data += (char *)p - (char *)&ipv4_devconf;
|
2007-06-05 10:35:37 +04:00
|
|
|
t->devinet_vars[i].extra1 = p;
|
2007-12-17 00:31:14 +03:00
|
|
|
t->devinet_vars[i].extra2 = net;
|
2005-04-17 02:20:36 +04:00
|
|
|
}
|
|
|
|
|
2012-04-19 17:42:09 +04:00
|
|
|
snprintf(path, sizeof(path), "net/ipv4/conf/%s", dev_name);
|
2005-04-17 02:20:36 +04:00
|
|
|
|
2012-04-19 17:42:09 +04:00
|
|
|
t->sysctl_header = register_net_sysctl(net, path, t->devinet_vars);
|
2005-04-17 02:20:36 +04:00
|
|
|
if (!t->sysctl_header)
|
2012-04-19 17:42:09 +04:00
|
|
|
goto free;
|
2005-04-17 02:20:36 +04:00
|
|
|
|
|
|
|
p->sysctl = t;
|
2007-12-17 00:30:07 +03:00
|
|
|
return 0;
|
2005-04-17 02:20:36 +04:00
|
|
|
|
2007-12-01 16:17:46 +03:00
|
|
|
free:
|
2005-04-17 02:20:36 +04:00
|
|
|
kfree(t);
|
2007-12-01 16:17:46 +03:00
|
|
|
out:
|
2007-12-17 00:30:07 +03:00
|
|
|
return -ENOBUFS;
|
2005-04-17 02:20:36 +04:00
|
|
|
}
|
|
|
|
|
2007-12-11 13:17:40 +03:00
|
|
|
static void __devinet_sysctl_unregister(struct ipv4_devconf *cnf)
|
|
|
|
{
|
|
|
|
struct devinet_sysctl_table *t = cnf->sysctl;
|
|
|
|
|
|
|
|
if (t == NULL)
|
|
|
|
return;
|
|
|
|
|
|
|
|
cnf->sysctl = NULL;
|
2011-05-01 05:44:01 +04:00
|
|
|
unregister_net_sysctl_table(t->sysctl_header);
|
2007-12-11 13:17:40 +03:00
|
|
|
kfree(t);
|
|
|
|
}
|
|
|
|
|
2007-12-01 16:55:54 +03:00
|
|
|
static void devinet_sysctl_register(struct in_device *idev)
|
|
|
|
{
|
2010-02-14 06:27:03 +03:00
|
|
|
neigh_sysctl_register(idev->dev, idev->arp_parms, "ipv4", NULL);
|
2008-03-25 15:47:49 +03:00
|
|
|
__devinet_sysctl_register(dev_net(idev->dev), idev->dev->name,
|
2009-11-06 00:32:03 +03:00
|
|
|
&idev->cnf);
|
2007-12-01 16:55:54 +03:00
|
|
|
}
|
|
|
|
|
2007-12-11 13:17:40 +03:00
|
|
|
static void devinet_sysctl_unregister(struct in_device *idev)
|
2005-04-17 02:20:36 +04:00
|
|
|
{
|
2007-12-11 13:17:40 +03:00
|
|
|
__devinet_sysctl_unregister(&idev->cnf);
|
|
|
|
neigh_sysctl_unregister(idev->arp_parms);
|
2005-04-17 02:20:36 +04:00
|
|
|
}
|
|
|
|
|
2007-12-05 12:44:58 +03:00
|
|
|
static struct ctl_table ctl_forward_entry[] = {
|
|
|
|
{
|
|
|
|
.procname = "ip_forward",
|
|
|
|
.data = &ipv4_devconf.data[
|
2010-02-14 06:25:51 +03:00
|
|
|
IPV4_DEVCONF_FORWARDING - 1],
|
2007-12-05 12:44:58 +03:00
|
|
|
.maxlen = sizeof(int),
|
|
|
|
.mode = 0644,
|
|
|
|
.proc_handler = devinet_sysctl_forward,
|
|
|
|
.extra1 = &ipv4_devconf,
|
2007-12-17 00:31:14 +03:00
|
|
|
.extra2 = &init_net,
|
2007-12-05 12:44:58 +03:00
|
|
|
},
|
|
|
|
{ },
|
|
|
|
};
|
2008-01-06 10:08:49 +03:00
|
|
|
#endif
|
2007-12-05 12:44:58 +03:00
|
|
|
|
2007-12-17 00:31:47 +03:00
|
|
|
static __net_init int devinet_init_net(struct net *net)
|
|
|
|
{
|
|
|
|
int err;
|
|
|
|
struct ipv4_devconf *all, *dflt;
|
2008-01-06 10:08:49 +03:00
|
|
|
#ifdef CONFIG_SYSCTL
|
|
|
|
struct ctl_table *tbl = ctl_forward_entry;
|
2007-12-17 00:31:47 +03:00
|
|
|
struct ctl_table_header *forw_hdr;
|
2008-01-06 10:08:49 +03:00
|
|
|
#endif
|
2007-12-17 00:31:47 +03:00
|
|
|
|
|
|
|
err = -ENOMEM;
|
|
|
|
all = &ipv4_devconf;
|
|
|
|
dflt = &ipv4_devconf_dflt;
|
|
|
|
|
2009-11-26 02:14:13 +03:00
|
|
|
if (!net_eq(net, &init_net)) {
|
2007-12-17 00:31:47 +03:00
|
|
|
all = kmemdup(all, sizeof(ipv4_devconf), GFP_KERNEL);
|
|
|
|
if (all == NULL)
|
|
|
|
goto err_alloc_all;
|
|
|
|
|
|
|
|
dflt = kmemdup(dflt, sizeof(ipv4_devconf_dflt), GFP_KERNEL);
|
|
|
|
if (dflt == NULL)
|
|
|
|
goto err_alloc_dflt;
|
|
|
|
|
2008-01-06 10:08:49 +03:00
|
|
|
#ifdef CONFIG_SYSCTL
|
2007-12-17 00:31:47 +03:00
|
|
|
tbl = kmemdup(tbl, sizeof(ctl_forward_entry), GFP_KERNEL);
|
|
|
|
if (tbl == NULL)
|
|
|
|
goto err_alloc_ctl;
|
|
|
|
|
2010-02-14 06:25:51 +03:00
|
|
|
tbl[0].data = &all->data[IPV4_DEVCONF_FORWARDING - 1];
|
2007-12-17 00:31:47 +03:00
|
|
|
tbl[0].extra1 = all;
|
|
|
|
tbl[0].extra2 = net;
|
2008-01-06 10:08:49 +03:00
|
|
|
#endif
|
2007-12-17 00:31:47 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
#ifdef CONFIG_SYSCTL
|
2009-11-06 00:32:03 +03:00
|
|
|
err = __devinet_sysctl_register(net, "all", all);
|
2007-12-17 00:31:47 +03:00
|
|
|
if (err < 0)
|
|
|
|
goto err_reg_all;
|
|
|
|
|
2009-11-06 00:32:03 +03:00
|
|
|
err = __devinet_sysctl_register(net, "default", dflt);
|
2007-12-17 00:31:47 +03:00
|
|
|
if (err < 0)
|
|
|
|
goto err_reg_dflt;
|
|
|
|
|
|
|
|
err = -ENOMEM;
|
2012-04-19 17:42:09 +04:00
|
|
|
forw_hdr = register_net_sysctl(net, "net/ipv4", tbl);
|
2007-12-17 00:31:47 +03:00
|
|
|
if (forw_hdr == NULL)
|
|
|
|
goto err_reg_ctl;
|
2008-01-06 10:08:49 +03:00
|
|
|
net->ipv4.forw_hdr = forw_hdr;
|
2007-12-17 00:31:47 +03:00
|
|
|
#endif
|
|
|
|
|
|
|
|
net->ipv4.devconf_all = all;
|
|
|
|
net->ipv4.devconf_dflt = dflt;
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
#ifdef CONFIG_SYSCTL
|
|
|
|
err_reg_ctl:
|
|
|
|
__devinet_sysctl_unregister(dflt);
|
|
|
|
err_reg_dflt:
|
|
|
|
__devinet_sysctl_unregister(all);
|
|
|
|
err_reg_all:
|
|
|
|
if (tbl != ctl_forward_entry)
|
|
|
|
kfree(tbl);
|
|
|
|
err_alloc_ctl:
|
2008-01-06 10:08:49 +03:00
|
|
|
#endif
|
2007-12-17 00:31:47 +03:00
|
|
|
if (dflt != &ipv4_devconf_dflt)
|
|
|
|
kfree(dflt);
|
|
|
|
err_alloc_dflt:
|
|
|
|
if (all != &ipv4_devconf)
|
|
|
|
kfree(all);
|
|
|
|
err_alloc_all:
|
|
|
|
return err;
|
|
|
|
}
|
|
|
|
|
|
|
|
static __net_exit void devinet_exit_net(struct net *net)
|
|
|
|
{
|
2008-01-06 10:08:49 +03:00
|
|
|
#ifdef CONFIG_SYSCTL
|
2007-12-17 00:31:47 +03:00
|
|
|
struct ctl_table *tbl;
|
|
|
|
|
|
|
|
tbl = net->ipv4.forw_hdr->ctl_table_arg;
|
|
|
|
unregister_net_sysctl_table(net->ipv4.forw_hdr);
|
|
|
|
__devinet_sysctl_unregister(net->ipv4.devconf_dflt);
|
|
|
|
__devinet_sysctl_unregister(net->ipv4.devconf_all);
|
|
|
|
kfree(tbl);
|
2008-01-06 10:08:49 +03:00
|
|
|
#endif
|
2007-12-17 00:31:47 +03:00
|
|
|
kfree(net->ipv4.devconf_dflt);
|
|
|
|
kfree(net->ipv4.devconf_all);
|
|
|
|
}
|
|
|
|
|
|
|
|
static __net_initdata struct pernet_operations devinet_ops = {
|
|
|
|
.init = devinet_init_net,
|
|
|
|
.exit = devinet_exit_net,
|
|
|
|
};
|
|
|
|
|
2010-11-16 07:32:48 +03:00
|
|
|
static struct rtnl_af_ops inet_af_ops = {
|
|
|
|
.family = AF_INET,
|
|
|
|
.fill_link_af = inet_fill_link_af,
|
|
|
|
.get_link_af_size = inet_get_link_af_size,
|
2010-11-22 04:31:54 +03:00
|
|
|
.validate_link_af = inet_validate_link_af,
|
|
|
|
.set_link_af = inet_set_link_af,
|
2010-11-16 07:32:48 +03:00
|
|
|
};
|
|
|
|
|
2005-04-17 02:20:36 +04:00
|
|
|
void __init devinet_init(void)
|
|
|
|
{
|
2011-02-18 23:42:28 +03:00
|
|
|
int i;
|
|
|
|
|
|
|
|
for (i = 0; i < IN4_ADDR_HSIZE; i++)
|
|
|
|
INIT_HLIST_HEAD(&inet_addr_lst[i]);
|
|
|
|
|
2007-12-17 00:31:47 +03:00
|
|
|
register_pernet_subsys(&devinet_ops);
|
|
|
|
|
2005-04-17 02:20:36 +04:00
|
|
|
register_gifconf(PF_INET, inet_gifconf);
|
|
|
|
register_netdevice_notifier(&ip_netdev_notifier);
|
2007-03-22 21:55:17 +03:00
|
|
|
|
2013-01-24 13:41:41 +04:00
|
|
|
schedule_delayed_work(&check_lifetime_work, 0);
|
|
|
|
|
2010-11-16 07:32:48 +03:00
|
|
|
rtnl_af_register(&inet_af_ops);
|
|
|
|
|
2011-06-10 05:27:09 +04:00
|
|
|
rtnl_register(PF_INET, RTM_NEWADDR, inet_rtm_newaddr, NULL, NULL);
|
|
|
|
rtnl_register(PF_INET, RTM_DELADDR, inet_rtm_deladdr, NULL, NULL);
|
|
|
|
rtnl_register(PF_INET, RTM_GETADDR, NULL, inet_dump_ifaddr, NULL);
|
2012-10-26 02:28:53 +04:00
|
|
|
rtnl_register(PF_INET, RTM_GETNETCONF, inet_netconf_get_devconf,
|
2013-03-06 03:42:06 +04:00
|
|
|
inet_netconf_dump_devconf, NULL);
|
2005-04-17 02:20:36 +04:00
|
|
|
}
|
|
|
|
|