Root/
1 | /* |
2 | * ip6_flowlabel.c IPv6 flowlabel manager. |
3 | * |
4 | * This program is free software; you can redistribute it and/or |
5 | * modify it under the terms of the GNU General Public License |
6 | * as published by the Free Software Foundation; either version |
7 | * 2 of the License, or (at your option) any later version. |
8 | * |
9 | * Authors: Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru> |
10 | */ |
11 | |
12 | #include <linux/capability.h> |
13 | #include <linux/errno.h> |
14 | #include <linux/types.h> |
15 | #include <linux/socket.h> |
16 | #include <linux/net.h> |
17 | #include <linux/netdevice.h> |
18 | #include <linux/if_arp.h> |
19 | #include <linux/in6.h> |
20 | #include <linux/route.h> |
21 | #include <linux/proc_fs.h> |
22 | #include <linux/seq_file.h> |
23 | #include <linux/slab.h> |
24 | #include <linux/export.h> |
25 | #include <linux/pid_namespace.h> |
26 | |
27 | #include <net/net_namespace.h> |
28 | #include <net/sock.h> |
29 | |
30 | #include <net/ipv6.h> |
31 | #include <net/ndisc.h> |
32 | #include <net/protocol.h> |
33 | #include <net/ip6_route.h> |
34 | #include <net/addrconf.h> |
35 | #include <net/rawv6.h> |
36 | #include <net/icmp.h> |
37 | #include <net/transp_v6.h> |
38 | |
39 | #include <asm/uaccess.h> |
40 | |
41 | #define FL_MIN_LINGER 6 /* Minimal linger. It is set to 6sec specified |
42 | in old IPv6 RFC. Well, it was reasonable value. |
43 | */ |
44 | #define FL_MAX_LINGER 150 /* Maximal linger timeout */ |
45 | |
46 | /* FL hash table */ |
47 | |
48 | #define FL_MAX_PER_SOCK 32 |
49 | #define FL_MAX_SIZE 4096 |
50 | #define FL_HASH_MASK 255 |
51 | #define FL_HASH(l) (ntohl(l)&FL_HASH_MASK) |
52 | |
53 | static atomic_t fl_size = ATOMIC_INIT(0); |
54 | static struct ip6_flowlabel __rcu *fl_ht[FL_HASH_MASK+1]; |
55 | |
56 | static void ip6_fl_gc(unsigned long dummy); |
57 | static DEFINE_TIMER(ip6_fl_gc_timer, ip6_fl_gc, 0, 0); |
58 | |
59 | /* FL hash table lock: it protects only of GC */ |
60 | |
61 | static DEFINE_SPINLOCK(ip6_fl_lock); |
62 | |
63 | /* Big socket sock */ |
64 | |
65 | static DEFINE_SPINLOCK(ip6_sk_fl_lock); |
66 | |
67 | #define for_each_fl_rcu(hash, fl) \ |
68 | for (fl = rcu_dereference_bh(fl_ht[(hash)]); \ |
69 | fl != NULL; \ |
70 | fl = rcu_dereference_bh(fl->next)) |
71 | #define for_each_fl_continue_rcu(fl) \ |
72 | for (fl = rcu_dereference_bh(fl->next); \ |
73 | fl != NULL; \ |
74 | fl = rcu_dereference_bh(fl->next)) |
75 | |
76 | #define for_each_sk_fl_rcu(np, sfl) \ |
77 | for (sfl = rcu_dereference_bh(np->ipv6_fl_list); \ |
78 | sfl != NULL; \ |
79 | sfl = rcu_dereference_bh(sfl->next)) |
80 | |
81 | static inline struct ip6_flowlabel *__fl_lookup(struct net *net, __be32 label) |
82 | { |
83 | struct ip6_flowlabel *fl; |
84 | |
85 | for_each_fl_rcu(FL_HASH(label), fl) { |
86 | if (fl->label == label && net_eq(fl->fl_net, net)) |
87 | return fl; |
88 | } |
89 | return NULL; |
90 | } |
91 | |
92 | static struct ip6_flowlabel *fl_lookup(struct net *net, __be32 label) |
93 | { |
94 | struct ip6_flowlabel *fl; |
95 | |
96 | rcu_read_lock_bh(); |
97 | fl = __fl_lookup(net, label); |
98 | if (fl && !atomic_inc_not_zero(&fl->users)) |
99 | fl = NULL; |
100 | rcu_read_unlock_bh(); |
101 | return fl; |
102 | } |
103 | |
104 | |
105 | static void fl_free(struct ip6_flowlabel *fl) |
106 | { |
107 | if (fl) { |
108 | if (fl->share == IPV6_FL_S_PROCESS) |
109 | put_pid(fl->owner.pid); |
110 | release_net(fl->fl_net); |
111 | kfree(fl->opt); |
112 | kfree_rcu(fl, rcu); |
113 | } |
114 | } |
115 | |
116 | static void fl_release(struct ip6_flowlabel *fl) |
117 | { |
118 | spin_lock_bh(&ip6_fl_lock); |
119 | |
120 | fl->lastuse = jiffies; |
121 | if (atomic_dec_and_test(&fl->users)) { |
122 | unsigned long ttd = fl->lastuse + fl->linger; |
123 | if (time_after(ttd, fl->expires)) |
124 | fl->expires = ttd; |
125 | ttd = fl->expires; |
126 | if (fl->opt && fl->share == IPV6_FL_S_EXCL) { |
127 | struct ipv6_txoptions *opt = fl->opt; |
128 | fl->opt = NULL; |
129 | kfree(opt); |
130 | } |
131 | if (!timer_pending(&ip6_fl_gc_timer) || |
132 | time_after(ip6_fl_gc_timer.expires, ttd)) |
133 | mod_timer(&ip6_fl_gc_timer, ttd); |
134 | } |
135 | spin_unlock_bh(&ip6_fl_lock); |
136 | } |
137 | |
138 | static void ip6_fl_gc(unsigned long dummy) |
139 | { |
140 | int i; |
141 | unsigned long now = jiffies; |
142 | unsigned long sched = 0; |
143 | |
144 | spin_lock(&ip6_fl_lock); |
145 | |
146 | for (i=0; i<=FL_HASH_MASK; i++) { |
147 | struct ip6_flowlabel *fl; |
148 | struct ip6_flowlabel __rcu **flp; |
149 | |
150 | flp = &fl_ht[i]; |
151 | while ((fl = rcu_dereference_protected(*flp, |
152 | lockdep_is_held(&ip6_fl_lock))) != NULL) { |
153 | if (atomic_read(&fl->users) == 0) { |
154 | unsigned long ttd = fl->lastuse + fl->linger; |
155 | if (time_after(ttd, fl->expires)) |
156 | fl->expires = ttd; |
157 | ttd = fl->expires; |
158 | if (time_after_eq(now, ttd)) { |
159 | *flp = fl->next; |
160 | fl_free(fl); |
161 | atomic_dec(&fl_size); |
162 | continue; |
163 | } |
164 | if (!sched || time_before(ttd, sched)) |
165 | sched = ttd; |
166 | } |
167 | flp = &fl->next; |
168 | } |
169 | } |
170 | if (!sched && atomic_read(&fl_size)) |
171 | sched = now + FL_MAX_LINGER; |
172 | if (sched) { |
173 | mod_timer(&ip6_fl_gc_timer, sched); |
174 | } |
175 | spin_unlock(&ip6_fl_lock); |
176 | } |
177 | |
178 | static void __net_exit ip6_fl_purge(struct net *net) |
179 | { |
180 | int i; |
181 | |
182 | spin_lock(&ip6_fl_lock); |
183 | for (i = 0; i <= FL_HASH_MASK; i++) { |
184 | struct ip6_flowlabel *fl; |
185 | struct ip6_flowlabel __rcu **flp; |
186 | |
187 | flp = &fl_ht[i]; |
188 | while ((fl = rcu_dereference_protected(*flp, |
189 | lockdep_is_held(&ip6_fl_lock))) != NULL) { |
190 | if (net_eq(fl->fl_net, net) && |
191 | atomic_read(&fl->users) == 0) { |
192 | *flp = fl->next; |
193 | fl_free(fl); |
194 | atomic_dec(&fl_size); |
195 | continue; |
196 | } |
197 | flp = &fl->next; |
198 | } |
199 | } |
200 | spin_unlock(&ip6_fl_lock); |
201 | } |
202 | |
203 | static struct ip6_flowlabel *fl_intern(struct net *net, |
204 | struct ip6_flowlabel *fl, __be32 label) |
205 | { |
206 | struct ip6_flowlabel *lfl; |
207 | |
208 | fl->label = label & IPV6_FLOWLABEL_MASK; |
209 | |
210 | spin_lock_bh(&ip6_fl_lock); |
211 | if (label == 0) { |
212 | for (;;) { |
213 | fl->label = htonl(net_random())&IPV6_FLOWLABEL_MASK; |
214 | if (fl->label) { |
215 | lfl = __fl_lookup(net, fl->label); |
216 | if (lfl == NULL) |
217 | break; |
218 | } |
219 | } |
220 | } else { |
221 | /* |
222 | * we dropper the ip6_fl_lock, so this entry could reappear |
223 | * and we need to recheck with it. |
224 | * |
225 | * OTOH no need to search the active socket first, like it is |
226 | * done in ipv6_flowlabel_opt - sock is locked, so new entry |
227 | * with the same label can only appear on another sock |
228 | */ |
229 | lfl = __fl_lookup(net, fl->label); |
230 | if (lfl != NULL) { |
231 | atomic_inc(&lfl->users); |
232 | spin_unlock_bh(&ip6_fl_lock); |
233 | return lfl; |
234 | } |
235 | } |
236 | |
237 | fl->lastuse = jiffies; |
238 | fl->next = fl_ht[FL_HASH(fl->label)]; |
239 | rcu_assign_pointer(fl_ht[FL_HASH(fl->label)], fl); |
240 | atomic_inc(&fl_size); |
241 | spin_unlock_bh(&ip6_fl_lock); |
242 | return NULL; |
243 | } |
244 | |
245 | |
246 | |
247 | /* Socket flowlabel lists */ |
248 | |
249 | struct ip6_flowlabel * fl6_sock_lookup(struct sock *sk, __be32 label) |
250 | { |
251 | struct ipv6_fl_socklist *sfl; |
252 | struct ipv6_pinfo *np = inet6_sk(sk); |
253 | |
254 | label &= IPV6_FLOWLABEL_MASK; |
255 | |
256 | rcu_read_lock_bh(); |
257 | for_each_sk_fl_rcu(np, sfl) { |
258 | struct ip6_flowlabel *fl = sfl->fl; |
259 | if (fl->label == label) { |
260 | fl->lastuse = jiffies; |
261 | atomic_inc(&fl->users); |
262 | rcu_read_unlock_bh(); |
263 | return fl; |
264 | } |
265 | } |
266 | rcu_read_unlock_bh(); |
267 | return NULL; |
268 | } |
269 | |
270 | EXPORT_SYMBOL_GPL(fl6_sock_lookup); |
271 | |
272 | void fl6_free_socklist(struct sock *sk) |
273 | { |
274 | struct ipv6_pinfo *np = inet6_sk(sk); |
275 | struct ipv6_fl_socklist *sfl; |
276 | |
277 | if (!rcu_access_pointer(np->ipv6_fl_list)) |
278 | return; |
279 | |
280 | spin_lock_bh(&ip6_sk_fl_lock); |
281 | while ((sfl = rcu_dereference_protected(np->ipv6_fl_list, |
282 | lockdep_is_held(&ip6_sk_fl_lock))) != NULL) { |
283 | np->ipv6_fl_list = sfl->next; |
284 | spin_unlock_bh(&ip6_sk_fl_lock); |
285 | |
286 | fl_release(sfl->fl); |
287 | kfree_rcu(sfl, rcu); |
288 | |
289 | spin_lock_bh(&ip6_sk_fl_lock); |
290 | } |
291 | spin_unlock_bh(&ip6_sk_fl_lock); |
292 | } |
293 | |
294 | /* Service routines */ |
295 | |
296 | |
297 | /* |
298 | It is the only difficult place. flowlabel enforces equal headers |
299 | before and including routing header, however user may supply options |
300 | following rthdr. |
301 | */ |
302 | |
303 | struct ipv6_txoptions *fl6_merge_options(struct ipv6_txoptions * opt_space, |
304 | struct ip6_flowlabel * fl, |
305 | struct ipv6_txoptions * fopt) |
306 | { |
307 | struct ipv6_txoptions * fl_opt = fl->opt; |
308 | |
309 | if (fopt == NULL || fopt->opt_flen == 0) |
310 | return fl_opt; |
311 | |
312 | if (fl_opt != NULL) { |
313 | opt_space->hopopt = fl_opt->hopopt; |
314 | opt_space->dst0opt = fl_opt->dst0opt; |
315 | opt_space->srcrt = fl_opt->srcrt; |
316 | opt_space->opt_nflen = fl_opt->opt_nflen; |
317 | } else { |
318 | if (fopt->opt_nflen == 0) |
319 | return fopt; |
320 | opt_space->hopopt = NULL; |
321 | opt_space->dst0opt = NULL; |
322 | opt_space->srcrt = NULL; |
323 | opt_space->opt_nflen = 0; |
324 | } |
325 | opt_space->dst1opt = fopt->dst1opt; |
326 | opt_space->opt_flen = fopt->opt_flen; |
327 | return opt_space; |
328 | } |
329 | EXPORT_SYMBOL_GPL(fl6_merge_options); |
330 | |
331 | static unsigned long check_linger(unsigned long ttl) |
332 | { |
333 | if (ttl < FL_MIN_LINGER) |
334 | return FL_MIN_LINGER*HZ; |
335 | if (ttl > FL_MAX_LINGER && !capable(CAP_NET_ADMIN)) |
336 | return 0; |
337 | return ttl*HZ; |
338 | } |
339 | |
340 | static int fl6_renew(struct ip6_flowlabel *fl, unsigned long linger, unsigned long expires) |
341 | { |
342 | linger = check_linger(linger); |
343 | if (!linger) |
344 | return -EPERM; |
345 | expires = check_linger(expires); |
346 | if (!expires) |
347 | return -EPERM; |
348 | |
349 | spin_lock_bh(&ip6_fl_lock); |
350 | fl->lastuse = jiffies; |
351 | if (time_before(fl->linger, linger)) |
352 | fl->linger = linger; |
353 | if (time_before(expires, fl->linger)) |
354 | expires = fl->linger; |
355 | if (time_before(fl->expires, fl->lastuse + expires)) |
356 | fl->expires = fl->lastuse + expires; |
357 | spin_unlock_bh(&ip6_fl_lock); |
358 | |
359 | return 0; |
360 | } |
361 | |
362 | static struct ip6_flowlabel * |
363 | fl_create(struct net *net, struct sock *sk, struct in6_flowlabel_req *freq, |
364 | char __user *optval, int optlen, int *err_p) |
365 | { |
366 | struct ip6_flowlabel *fl = NULL; |
367 | int olen; |
368 | int addr_type; |
369 | int err; |
370 | |
371 | olen = optlen - CMSG_ALIGN(sizeof(*freq)); |
372 | err = -EINVAL; |
373 | if (olen > 64 * 1024) |
374 | goto done; |
375 | |
376 | err = -ENOMEM; |
377 | fl = kzalloc(sizeof(*fl), GFP_KERNEL); |
378 | if (fl == NULL) |
379 | goto done; |
380 | |
381 | if (olen > 0) { |
382 | struct msghdr msg; |
383 | struct flowi6 flowi6; |
384 | int junk; |
385 | |
386 | err = -ENOMEM; |
387 | fl->opt = kmalloc(sizeof(*fl->opt) + olen, GFP_KERNEL); |
388 | if (fl->opt == NULL) |
389 | goto done; |
390 | |
391 | memset(fl->opt, 0, sizeof(*fl->opt)); |
392 | fl->opt->tot_len = sizeof(*fl->opt) + olen; |
393 | err = -EFAULT; |
394 | if (copy_from_user(fl->opt+1, optval+CMSG_ALIGN(sizeof(*freq)), olen)) |
395 | goto done; |
396 | |
397 | msg.msg_controllen = olen; |
398 | msg.msg_control = (void*)(fl->opt+1); |
399 | memset(&flowi6, 0, sizeof(flowi6)); |
400 | |
401 | err = ip6_datagram_send_ctl(net, sk, &msg, &flowi6, fl->opt, |
402 | &junk, &junk, &junk); |
403 | if (err) |
404 | goto done; |
405 | err = -EINVAL; |
406 | if (fl->opt->opt_flen) |
407 | goto done; |
408 | if (fl->opt->opt_nflen == 0) { |
409 | kfree(fl->opt); |
410 | fl->opt = NULL; |
411 | } |
412 | } |
413 | |
414 | fl->fl_net = hold_net(net); |
415 | fl->expires = jiffies; |
416 | err = fl6_renew(fl, freq->flr_linger, freq->flr_expires); |
417 | if (err) |
418 | goto done; |
419 | fl->share = freq->flr_share; |
420 | addr_type = ipv6_addr_type(&freq->flr_dst); |
421 | if ((addr_type & IPV6_ADDR_MAPPED) || |
422 | addr_type == IPV6_ADDR_ANY) { |
423 | err = -EINVAL; |
424 | goto done; |
425 | } |
426 | fl->dst = freq->flr_dst; |
427 | atomic_set(&fl->users, 1); |
428 | switch (fl->share) { |
429 | case IPV6_FL_S_EXCL: |
430 | case IPV6_FL_S_ANY: |
431 | break; |
432 | case IPV6_FL_S_PROCESS: |
433 | fl->owner.pid = get_task_pid(current, PIDTYPE_PID); |
434 | break; |
435 | case IPV6_FL_S_USER: |
436 | fl->owner.uid = current_euid(); |
437 | break; |
438 | default: |
439 | err = -EINVAL; |
440 | goto done; |
441 | } |
442 | return fl; |
443 | |
444 | done: |
445 | fl_free(fl); |
446 | *err_p = err; |
447 | return NULL; |
448 | } |
449 | |
450 | static int mem_check(struct sock *sk) |
451 | { |
452 | struct ipv6_pinfo *np = inet6_sk(sk); |
453 | struct ipv6_fl_socklist *sfl; |
454 | int room = FL_MAX_SIZE - atomic_read(&fl_size); |
455 | int count = 0; |
456 | |
457 | if (room > FL_MAX_SIZE - FL_MAX_PER_SOCK) |
458 | return 0; |
459 | |
460 | rcu_read_lock_bh(); |
461 | for_each_sk_fl_rcu(np, sfl) |
462 | count++; |
463 | rcu_read_unlock_bh(); |
464 | |
465 | if (room <= 0 || |
466 | ((count >= FL_MAX_PER_SOCK || |
467 | (count > 0 && room < FL_MAX_SIZE/2) || room < FL_MAX_SIZE/4) && |
468 | !capable(CAP_NET_ADMIN))) |
469 | return -ENOBUFS; |
470 | |
471 | return 0; |
472 | } |
473 | |
474 | static inline void fl_link(struct ipv6_pinfo *np, struct ipv6_fl_socklist *sfl, |
475 | struct ip6_flowlabel *fl) |
476 | { |
477 | spin_lock_bh(&ip6_sk_fl_lock); |
478 | sfl->fl = fl; |
479 | sfl->next = np->ipv6_fl_list; |
480 | rcu_assign_pointer(np->ipv6_fl_list, sfl); |
481 | spin_unlock_bh(&ip6_sk_fl_lock); |
482 | } |
483 | |
484 | int ipv6_flowlabel_opt_get(struct sock *sk, struct in6_flowlabel_req *freq) |
485 | { |
486 | struct ipv6_pinfo *np = inet6_sk(sk); |
487 | struct ipv6_fl_socklist *sfl; |
488 | |
489 | rcu_read_lock_bh(); |
490 | |
491 | for_each_sk_fl_rcu(np, sfl) { |
492 | if (sfl->fl->label == (np->flow_label & IPV6_FLOWLABEL_MASK)) { |
493 | spin_lock_bh(&ip6_fl_lock); |
494 | freq->flr_label = sfl->fl->label; |
495 | freq->flr_dst = sfl->fl->dst; |
496 | freq->flr_share = sfl->fl->share; |
497 | freq->flr_expires = (sfl->fl->expires - jiffies) / HZ; |
498 | freq->flr_linger = sfl->fl->linger / HZ; |
499 | |
500 | spin_unlock_bh(&ip6_fl_lock); |
501 | rcu_read_unlock_bh(); |
502 | return 0; |
503 | } |
504 | } |
505 | rcu_read_unlock_bh(); |
506 | |
507 | return -ENOENT; |
508 | } |
509 | |
510 | int ipv6_flowlabel_opt(struct sock *sk, char __user *optval, int optlen) |
511 | { |
512 | int uninitialized_var(err); |
513 | struct net *net = sock_net(sk); |
514 | struct ipv6_pinfo *np = inet6_sk(sk); |
515 | struct in6_flowlabel_req freq; |
516 | struct ipv6_fl_socklist *sfl1=NULL; |
517 | struct ipv6_fl_socklist *sfl; |
518 | struct ipv6_fl_socklist __rcu **sflp; |
519 | struct ip6_flowlabel *fl, *fl1 = NULL; |
520 | |
521 | |
522 | if (optlen < sizeof(freq)) |
523 | return -EINVAL; |
524 | |
525 | if (copy_from_user(&freq, optval, sizeof(freq))) |
526 | return -EFAULT; |
527 | |
528 | switch (freq.flr_action) { |
529 | case IPV6_FL_A_PUT: |
530 | spin_lock_bh(&ip6_sk_fl_lock); |
531 | for (sflp = &np->ipv6_fl_list; |
532 | (sfl = rcu_dereference(*sflp))!=NULL; |
533 | sflp = &sfl->next) { |
534 | if (sfl->fl->label == freq.flr_label) { |
535 | if (freq.flr_label == (np->flow_label&IPV6_FLOWLABEL_MASK)) |
536 | np->flow_label &= ~IPV6_FLOWLABEL_MASK; |
537 | *sflp = rcu_dereference(sfl->next); |
538 | spin_unlock_bh(&ip6_sk_fl_lock); |
539 | fl_release(sfl->fl); |
540 | kfree_rcu(sfl, rcu); |
541 | return 0; |
542 | } |
543 | } |
544 | spin_unlock_bh(&ip6_sk_fl_lock); |
545 | return -ESRCH; |
546 | |
547 | case IPV6_FL_A_RENEW: |
548 | rcu_read_lock_bh(); |
549 | for_each_sk_fl_rcu(np, sfl) { |
550 | if (sfl->fl->label == freq.flr_label) { |
551 | err = fl6_renew(sfl->fl, freq.flr_linger, freq.flr_expires); |
552 | rcu_read_unlock_bh(); |
553 | return err; |
554 | } |
555 | } |
556 | rcu_read_unlock_bh(); |
557 | |
558 | if (freq.flr_share == IPV6_FL_S_NONE && |
559 | ns_capable(net->user_ns, CAP_NET_ADMIN)) { |
560 | fl = fl_lookup(net, freq.flr_label); |
561 | if (fl) { |
562 | err = fl6_renew(fl, freq.flr_linger, freq.flr_expires); |
563 | fl_release(fl); |
564 | return err; |
565 | } |
566 | } |
567 | return -ESRCH; |
568 | |
569 | case IPV6_FL_A_GET: |
570 | if (freq.flr_label & ~IPV6_FLOWLABEL_MASK) |
571 | return -EINVAL; |
572 | |
573 | fl = fl_create(net, sk, &freq, optval, optlen, &err); |
574 | if (fl == NULL) |
575 | return err; |
576 | sfl1 = kmalloc(sizeof(*sfl1), GFP_KERNEL); |
577 | |
578 | if (freq.flr_label) { |
579 | err = -EEXIST; |
580 | rcu_read_lock_bh(); |
581 | for_each_sk_fl_rcu(np, sfl) { |
582 | if (sfl->fl->label == freq.flr_label) { |
583 | if (freq.flr_flags&IPV6_FL_F_EXCL) { |
584 | rcu_read_unlock_bh(); |
585 | goto done; |
586 | } |
587 | fl1 = sfl->fl; |
588 | atomic_inc(&fl1->users); |
589 | break; |
590 | } |
591 | } |
592 | rcu_read_unlock_bh(); |
593 | |
594 | if (fl1 == NULL) |
595 | fl1 = fl_lookup(net, freq.flr_label); |
596 | if (fl1) { |
597 | recheck: |
598 | err = -EEXIST; |
599 | if (freq.flr_flags&IPV6_FL_F_EXCL) |
600 | goto release; |
601 | err = -EPERM; |
602 | if (fl1->share == IPV6_FL_S_EXCL || |
603 | fl1->share != fl->share || |
604 | ((fl1->share == IPV6_FL_S_PROCESS) && |
605 | (fl1->owner.pid == fl->owner.pid)) || |
606 | ((fl1->share == IPV6_FL_S_USER) && |
607 | uid_eq(fl1->owner.uid, fl->owner.uid))) |
608 | goto release; |
609 | |
610 | err = -ENOMEM; |
611 | if (sfl1 == NULL) |
612 | goto release; |
613 | if (fl->linger > fl1->linger) |
614 | fl1->linger = fl->linger; |
615 | if ((long)(fl->expires - fl1->expires) > 0) |
616 | fl1->expires = fl->expires; |
617 | fl_link(np, sfl1, fl1); |
618 | fl_free(fl); |
619 | return 0; |
620 | |
621 | release: |
622 | fl_release(fl1); |
623 | goto done; |
624 | } |
625 | } |
626 | err = -ENOENT; |
627 | if (!(freq.flr_flags&IPV6_FL_F_CREATE)) |
628 | goto done; |
629 | |
630 | err = -ENOMEM; |
631 | if (sfl1 == NULL || (err = mem_check(sk)) != 0) |
632 | goto done; |
633 | |
634 | fl1 = fl_intern(net, fl, freq.flr_label); |
635 | if (fl1 != NULL) |
636 | goto recheck; |
637 | |
638 | if (!freq.flr_label) { |
639 | if (copy_to_user(&((struct in6_flowlabel_req __user *) optval)->flr_label, |
640 | &fl->label, sizeof(fl->label))) { |
641 | /* Intentionally ignore fault. */ |
642 | } |
643 | } |
644 | |
645 | fl_link(np, sfl1, fl); |
646 | return 0; |
647 | |
648 | default: |
649 | return -EINVAL; |
650 | } |
651 | |
652 | done: |
653 | fl_free(fl); |
654 | kfree(sfl1); |
655 | return err; |
656 | } |
657 | |
658 | #ifdef CONFIG_PROC_FS |
659 | |
660 | struct ip6fl_iter_state { |
661 | struct seq_net_private p; |
662 | struct pid_namespace *pid_ns; |
663 | int bucket; |
664 | }; |
665 | |
666 | #define ip6fl_seq_private(seq) ((struct ip6fl_iter_state *)(seq)->private) |
667 | |
668 | static struct ip6_flowlabel *ip6fl_get_first(struct seq_file *seq) |
669 | { |
670 | struct ip6_flowlabel *fl = NULL; |
671 | struct ip6fl_iter_state *state = ip6fl_seq_private(seq); |
672 | struct net *net = seq_file_net(seq); |
673 | |
674 | for (state->bucket = 0; state->bucket <= FL_HASH_MASK; ++state->bucket) { |
675 | for_each_fl_rcu(state->bucket, fl) { |
676 | if (net_eq(fl->fl_net, net)) |
677 | goto out; |
678 | } |
679 | } |
680 | fl = NULL; |
681 | out: |
682 | return fl; |
683 | } |
684 | |
685 | static struct ip6_flowlabel *ip6fl_get_next(struct seq_file *seq, struct ip6_flowlabel *fl) |
686 | { |
687 | struct ip6fl_iter_state *state = ip6fl_seq_private(seq); |
688 | struct net *net = seq_file_net(seq); |
689 | |
690 | for_each_fl_continue_rcu(fl) { |
691 | if (net_eq(fl->fl_net, net)) |
692 | goto out; |
693 | } |
694 | |
695 | try_again: |
696 | if (++state->bucket <= FL_HASH_MASK) { |
697 | for_each_fl_rcu(state->bucket, fl) { |
698 | if (net_eq(fl->fl_net, net)) |
699 | goto out; |
700 | } |
701 | goto try_again; |
702 | } |
703 | fl = NULL; |
704 | |
705 | out: |
706 | return fl; |
707 | } |
708 | |
709 | static struct ip6_flowlabel *ip6fl_get_idx(struct seq_file *seq, loff_t pos) |
710 | { |
711 | struct ip6_flowlabel *fl = ip6fl_get_first(seq); |
712 | if (fl) |
713 | while (pos && (fl = ip6fl_get_next(seq, fl)) != NULL) |
714 | --pos; |
715 | return pos ? NULL : fl; |
716 | } |
717 | |
718 | static void *ip6fl_seq_start(struct seq_file *seq, loff_t *pos) |
719 | __acquires(RCU) |
720 | { |
721 | rcu_read_lock_bh(); |
722 | return *pos ? ip6fl_get_idx(seq, *pos - 1) : SEQ_START_TOKEN; |
723 | } |
724 | |
725 | static void *ip6fl_seq_next(struct seq_file *seq, void *v, loff_t *pos) |
726 | { |
727 | struct ip6_flowlabel *fl; |
728 | |
729 | if (v == SEQ_START_TOKEN) |
730 | fl = ip6fl_get_first(seq); |
731 | else |
732 | fl = ip6fl_get_next(seq, v); |
733 | ++*pos; |
734 | return fl; |
735 | } |
736 | |
737 | static void ip6fl_seq_stop(struct seq_file *seq, void *v) |
738 | __releases(RCU) |
739 | { |
740 | rcu_read_unlock_bh(); |
741 | } |
742 | |
743 | static int ip6fl_seq_show(struct seq_file *seq, void *v) |
744 | { |
745 | struct ip6fl_iter_state *state = ip6fl_seq_private(seq); |
746 | if (v == SEQ_START_TOKEN) |
747 | seq_printf(seq, "%-5s %-1s %-6s %-6s %-6s %-8s %-32s %s\n", |
748 | "Label", "S", "Owner", "Users", "Linger", "Expires", "Dst", "Opt"); |
749 | else { |
750 | struct ip6_flowlabel *fl = v; |
751 | seq_printf(seq, |
752 | "%05X %-1d %-6d %-6d %-6ld %-8ld %pi6 %-4d\n", |
753 | (unsigned int)ntohl(fl->label), |
754 | fl->share, |
755 | ((fl->share == IPV6_FL_S_PROCESS) ? |
756 | pid_nr_ns(fl->owner.pid, state->pid_ns) : |
757 | ((fl->share == IPV6_FL_S_USER) ? |
758 | from_kuid_munged(seq_user_ns(seq), fl->owner.uid) : |
759 | 0)), |
760 | atomic_read(&fl->users), |
761 | fl->linger/HZ, |
762 | (long)(fl->expires - jiffies)/HZ, |
763 | &fl->dst, |
764 | fl->opt ? fl->opt->opt_nflen : 0); |
765 | } |
766 | return 0; |
767 | } |
768 | |
769 | static const struct seq_operations ip6fl_seq_ops = { |
770 | .start = ip6fl_seq_start, |
771 | .next = ip6fl_seq_next, |
772 | .stop = ip6fl_seq_stop, |
773 | .show = ip6fl_seq_show, |
774 | }; |
775 | |
776 | static int ip6fl_seq_open(struct inode *inode, struct file *file) |
777 | { |
778 | struct seq_file *seq; |
779 | struct ip6fl_iter_state *state; |
780 | int err; |
781 | |
782 | err = seq_open_net(inode, file, &ip6fl_seq_ops, |
783 | sizeof(struct ip6fl_iter_state)); |
784 | |
785 | if (!err) { |
786 | seq = file->private_data; |
787 | state = ip6fl_seq_private(seq); |
788 | rcu_read_lock(); |
789 | state->pid_ns = get_pid_ns(task_active_pid_ns(current)); |
790 | rcu_read_unlock(); |
791 | } |
792 | return err; |
793 | } |
794 | |
795 | static int ip6fl_seq_release(struct inode *inode, struct file *file) |
796 | { |
797 | struct seq_file *seq = file->private_data; |
798 | struct ip6fl_iter_state *state = ip6fl_seq_private(seq); |
799 | put_pid_ns(state->pid_ns); |
800 | return seq_release_net(inode, file); |
801 | } |
802 | |
803 | static const struct file_operations ip6fl_seq_fops = { |
804 | .owner = THIS_MODULE, |
805 | .open = ip6fl_seq_open, |
806 | .read = seq_read, |
807 | .llseek = seq_lseek, |
808 | .release = ip6fl_seq_release, |
809 | }; |
810 | |
811 | static int __net_init ip6_flowlabel_proc_init(struct net *net) |
812 | { |
813 | if (!proc_create("ip6_flowlabel", S_IRUGO, net->proc_net, |
814 | &ip6fl_seq_fops)) |
815 | return -ENOMEM; |
816 | return 0; |
817 | } |
818 | |
819 | static void __net_exit ip6_flowlabel_proc_fini(struct net *net) |
820 | { |
821 | remove_proc_entry("ip6_flowlabel", net->proc_net); |
822 | } |
823 | #else |
824 | static inline int ip6_flowlabel_proc_init(struct net *net) |
825 | { |
826 | return 0; |
827 | } |
828 | static inline void ip6_flowlabel_proc_fini(struct net *net) |
829 | { |
830 | } |
831 | #endif |
832 | |
833 | static void __net_exit ip6_flowlabel_net_exit(struct net *net) |
834 | { |
835 | ip6_fl_purge(net); |
836 | ip6_flowlabel_proc_fini(net); |
837 | } |
838 | |
839 | static struct pernet_operations ip6_flowlabel_net_ops = { |
840 | .init = ip6_flowlabel_proc_init, |
841 | .exit = ip6_flowlabel_net_exit, |
842 | }; |
843 | |
844 | int ip6_flowlabel_init(void) |
845 | { |
846 | return register_pernet_subsys(&ip6_flowlabel_net_ops); |
847 | } |
848 | |
849 | void ip6_flowlabel_cleanup(void) |
850 | { |
851 | del_timer(&ip6_fl_gc_timer); |
852 | unregister_pernet_subsys(&ip6_flowlabel_net_ops); |
853 | } |
854 |
Branches:
ben-wpan
ben-wpan-stefan
javiroman/ks7010
jz-2.6.34
jz-2.6.34-rc5
jz-2.6.34-rc6
jz-2.6.34-rc7
jz-2.6.35
jz-2.6.36
jz-2.6.37
jz-2.6.38
jz-2.6.39
jz-3.0
jz-3.1
jz-3.11
jz-3.12
jz-3.13
jz-3.15
jz-3.16
jz-3.18-dt
jz-3.2
jz-3.3
jz-3.4
jz-3.5
jz-3.6
jz-3.6-rc2-pwm
jz-3.9
jz-3.9-clk
jz-3.9-rc8
jz47xx
jz47xx-2.6.38
master
Tags:
od-2011-09-04
od-2011-09-18
v2.6.34-rc5
v2.6.34-rc6
v2.6.34-rc7
v3.9