neighbour.c

GNU Hurd 源代码

/*
 *	Generic address resolution entity
 *
 *	Authors:
 *	Pedro Roque		<roque@di.fc.ul.pt>
 *	Alexey Kuznetsov	<kuznet@ms2.inr.ac.ru>
 *
 *	This program is free software; you can redistribute it and/or
 *      modify it under the terms of the GNU General Public License
 *      as published by the Free Software Foundation; either version
 *      2 of the License, or (at your option) any later version.
 *
 *	Fixes:
 *	Vitaly E. Lavrov	releasing NULL neighbor in neigh_add.
 */

#include <linux/config.h>
#include <linux/types.h>
#include <linux/kernel.h>
#include <linux/socket.h>
#include <linux/sched.h>
#include <linux/netdevice.h>
#ifdef CONFIG_SYSCTL
#include <linux/sysctl.h>
#endif
#include <net/neighbour.h>
#include <net/dst.h>
#include <net/sock.h>
#include <linux/rtnetlink.h>

/*
   NOTE. The most unpleasent question is serialization of
   accesses to resolved addresses. The problem is that addresses
   are modified by bh, but they are referenced from normal
   kernel thread. Before today no locking was made.
   My reasoning was that corrupted address token will be copied
   to packet with cosmologically small probability
   (it is even difficult to estimate such small number)
   and it is very silly to waste cycles in fast path to lock them.

   But now I changed my mind, but not because previous statement
   is wrong. Actually, neigh->ha MAY BE not opaque byte array,
   but reference to some private data. In this case even neglibible
   corruption probability becomes bug.

   - hh cache is protected by rwlock. It assumes that
     hh cache update procedure is short and fast, and that
     read_lock is cheaper than start_bh_atomic().
   - ha tokens, saved in neighbour entries, are protected
     by bh_atomic().
   - no protection is made in /proc reading. It is OK, because
     /proc is broken by design in any case, and
     corrupted output is normal behaviour there.

     --ANK (981025)
 */

#define NEIGH_DEBUG 1

#define NEIGH_PRINTK(x...) printk(x)
#define NEIGH_NOPRINTK(x...) do { ; } while(0)
#define NEIGH_PRINTK0 NEIGH_PRINTK
#define NEIGH_PRINTK1 NEIGH_NOPRINTK
#define NEIGH_PRINTK2 NEIGH_NOPRINTK

#if NEIGH_DEBUG >= 1
#undef NEIGH_PRINTK1
#define NEIGH_PRINTK1 NEIGH_PRINTK
#endif
#if NEIGH_DEBUG >= 2
#undef NEIGH_PRINTK2
#define NEIGH_PRINTK2 NEIGH_PRINTK
#endif

static void neigh_timer_handler(unsigned long arg);
#ifdef CONFIG_ARPD
static void neigh_app_notify(struct neighbour *n);
#endif
static int pneigh_ifdown(struct neigh_table *tbl, struct device *dev);

static int neigh_glbl_allocs;
static struct neigh_table *neigh_tables;

static int neigh_blackhole(struct sk_buff *skb)
{
	kfree_skb(skb);
	return -ENETDOWN;
}

/*
 * It is random distribution in the interval (1/2)*base...(3/2)*base.
 * It corresponds to default IPv6 settings and is not overridable,
 * because it is really reasonbale choice.
 */

unsigned long neigh_rand_reach_time(unsigned long base)
{
	return (net_random() % base) + (base>>1);
}


static int neigh_forced_gc(struct neigh_table *tbl)
{
	int shrunk = 0;
	int i;

	if (atomic_read(&tbl->lock))
		return 0;

	for (i=0; i<=NEIGH_HASHMASK; i++) {
		struct neighbour *n, **np;

		np = &tbl->hash_buckets[i];
		while ((n = *np) != NULL) {
			/* Neighbour record may be discarded if:
			   - nobody refers to it.
			   - it is not premanent
			   - (NEW and probably wrong)
			     INCOMPLETE entries are kept at least for
			     n->parms->retrans_time, otherwise we could
			     flood network with resolution requests.
			     It is not clear, what is better table overflow
			     or flooding.
			 */
			if (atomic_read(&n->refcnt) == 0 &&
			    !(n->nud_state&NUD_PERMANENT) &&
			    (n->nud_state != NUD_INCOMPLETE ||
			     jiffies - n->used > n->parms->retrans_time)) {
				*np = n->next;
				n->tbl = NULL;
				tbl->entries--;
				shrunk = 1;
				neigh_destroy(n);
				continue;
			}
			np = &n->next;
		}
	}
	
	tbl->last_flush = jiffies;
	return shrunk;
}

int neigh_ifdown(struct neigh_table *tbl, struct device *dev)
{
	int i;

	if (atomic_read(&tbl->lock)) {
		NEIGH_PRINTK1("neigh_ifdown: impossible event 1763\n");
		return -EBUSY;
	}

	start_bh_atomic();
	for (i=0; i<=NEIGH_HASHMASK; i++) {
		struct neighbour *n, **np;

		np = &tbl->hash_buckets[i];
		while ((n = *np) != NULL) {
			if (dev && n->dev != dev) {
				np = &n->next;
				continue;
			}
			*np = n->next;
			n->tbl = NULL;
			tbl->entries--;
			if (atomic_read(&n->refcnt)) {
				/* The most unpleasant situation.
				   We must destroy neighbour entry,
				   but someone still uses it.

				   The destroy will be delayed until
				   the last user releases us, but
				   we must kill timers etc. and move
				   it to safe state.
				 */
				if (n->nud_state & NUD_IN_TIMER)
					del_timer(&n->timer);
				n->parms = &tbl->parms;
				skb_queue_purge(&n->arp_queue);
				n->output = neigh_blackhole;
				if (n->nud_state&NUD_VALID)
					n->nud_state = NUD_NOARP;
				else
					n->nud_state = NUD_NONE;
				NEIGH_PRINTK2("neigh %p is stray.\n", n);
			} else
				neigh_destroy(n);
		}
	}

	del_timer(&tbl->proxy_timer);
	skb_queue_purge(&tbl->proxy_queue);
	pneigh_ifdown(tbl, dev);
	end_bh_atomic();
	return 0;
}

static struct neighbour *neigh_alloc(struct neigh_table *tbl, int creat)
{
	struct neighbour *n;
	unsigned long now = jiffies;

	if (tbl->entries > tbl->gc_thresh1) {
		if (creat < 0)
			return NULL;
		if (tbl->entries > tbl->gc_thresh3 ||
		    (tbl->entries > tbl->gc_thresh2 &&
		     now - tbl->last_flush > 5*HZ)) {
			if (neigh_forced_gc(tbl) == 0 &&
			    tbl->entries > tbl->gc_thresh3)
				return NULL;
		}
	}

	n = kmalloc(tbl->entry_size, GFP_ATOMIC);
	if (n == NULL)
		return NULL;

	memset(n, 0, tbl->entry_size);

	skb_queue_head_init(&n->arp_queue);
	n->updated = n->used = now;
	n->nud_state = NUD_NONE;
	n->output = neigh_blackhole;
	n->parms = &tbl->parms;
	init_timer(&n->timer);
	n->timer.function = neigh_timer_handler;
	n->timer.data = (unsigned long)n;
	tbl->stats.allocs++;
	neigh_glbl_allocs++;
	return n;
}


struct neighbour * __neigh_lookup(struct neigh_table *tbl, const void *pkey,
				    struct device *dev, int creat)
{
	struct neighbour *n;
	u32 hash_val;
	int key_len = tbl->key_len;

	hash_val = *(u32*)(pkey + key_len - 4);
	hash_val ^= (hash_val>>16);
	hash_val ^= hash_val>>8;
	hash_val ^= hash_val>>3;
	hash_val = (hash_val^dev->ifindex)&NEIGH_HASHMASK;

	for (n = tbl->hash_buckets[hash_val]; n; n = n->next) {
		if (dev == n->dev &&
		    memcmp(n->primary_key, pkey, key_len) == 0) {
			atomic_inc(&n->refcnt);
			return n;
		}
	}
	if (!creat)
		return NULL;

	n = neigh_alloc(tbl, creat);
	if (n == NULL)
		return NULL;

	memcpy(n->primary_key, pkey, key_len);
	n->dev = dev;

	/* Protocol specific setup. */
	if (tbl->constructor &&	tbl->constructor(n) < 0) {
		neigh_destroy(n);
		return NULL;
	}

	/* Device specific setup. */
	if (n->parms && n->parms->neigh_setup && n->parms->neigh_setup(n) < 0) {
		neigh_destroy(n);
		return NULL;
	}

	n->confirmed = jiffies - (n->parms->base_reachable_time<<1);
	atomic_set(&n->refcnt, 1);
	tbl->entries++;
	n->next = tbl->hash_buckets[hash_val];
	tbl->hash_buckets[hash_val] = n;
	n->tbl = tbl;
	NEIGH_PRINTK2("neigh %p is created.\n", n);
	return n;
}

struct pneigh_entry * pneigh_lookup(struct neigh_table *tbl, const void *pkey,
				    struct device *dev, int creat)
{
	struct pneigh_entry *n;
	u32 hash_val;
	int key_len = tbl->key_len;

	hash_val = *(u32*)(pkey + key_len - 4);
	hash_val ^= (hash_val>>16);
	hash_val ^= hash_val>>8;
	hash_val ^= hash_val>>4;
	hash_val &= PNEIGH_HASHMASK;

	for (n = tbl->phash_buckets[hash_val]; n; n = n->next) {
		if (memcmp(n->key, pkey, key_len) == 0 &&
		    (n->dev == dev || !n->dev))
			return n;
	}
	if (!creat)
		return NULL;

	n = kmalloc(sizeof(*n) + key_len, GFP_KERNEL);
	if (n == NULL)
		return NULL;

	memcpy(n->key, pkey, key_len);
	n->dev = dev;

	if (tbl->pconstructor && tbl->pconstructor(n)) {
		kfree(n);
		return NULL;
	}

	n->next = tbl->phash_buckets[hash_val];
	tbl->phash_buckets[hash_val] = n;
	return n;
}


int pneigh_delete(struct neigh_table *tbl, const void *pkey, struct device *dev)
{
	struct pneigh_entry *n, **np;
	u32 hash_val;
	int key_len = tbl->key_len;

	hash_val = *(u32*)(pkey + key_len - 4);
	hash_val ^= (hash_val>>16);
	hash_val ^= hash_val>>8;
	hash_val ^= hash_val>>4;
	hash_val &= PNEIGH_HASHMASK;

	for (np = &tbl->phash_buckets[hash_val]; (n=*np) != NULL; np = &n->next) {
		if (memcmp(n->key, pkey, key_len) == 0 && n->dev == dev) {
			*np = n->next;
			synchronize_bh();
			if (tbl->pdestructor)
				tbl->pdestructor(n);
			kfree(n);
			return 0;
		}
	}
	return -ENOENT;
}

static int pneigh_ifdown(struct neigh_table *tbl, struct device *dev)
{
	struct pneigh_entry *n, **np;
	u32 h;

	for (h=0; h<=PNEIGH_HASHMASK; h++) {
		np = &tbl->phash_buckets[h];
		while ((n=*np) != NULL) {
			if (n->dev == dev || dev == NULL) {
				*np = n->next;
				synchronize_bh();
				if (tbl->pdestructor)
					tbl->pdestructor(n);
				kfree(n);
				continue;
			}
			np = &n->next;
		}
	}
	return -ENOENT;
}


/*
 *	neighbour must already be out of the table;
 *
 */
void neigh_destroy(struct neighbour *neigh)
{	
	struct hh_cache *hh;

	if (neigh->tbl || atomic_read(&neigh->refcnt)) {
		NEIGH_PRINTK1("neigh_destroy: neighbour is use tbl=%p, ref=%d: "
		       "called from %p\n", neigh->tbl, atomic_read(&neigh->refcnt), __builtin_return_address(0));
		return;
	}

	if (neigh->nud_state&NUD_IN_TIMER)
		del_timer(&neigh->timer);

	while ((hh = neigh->hh) != NULL) {
		neigh->hh = hh->hh_next;
		hh->hh_next = NULL;
		hh->hh_output = neigh_blackhole;
		if (atomic_dec_and_test(&hh->hh_refcnt))
			kfree(hh);
	}

	if (neigh->ops && neigh->ops->destructor)
		(neigh->ops->destructor)(neigh);

	skb_queue_purge(&neigh->arp_queue);

	NEIGH_PRINTK2("neigh %p is destroyed.\n", neigh);

	neigh_glbl_allocs--;
	kfree(neigh);
}

/* Neighbour state is suspicious;
   disable fast path.
 */
static void neigh_suspect(struct neighbour *neigh)
{
	struct hh_cache *hh;

	NEIGH_PRINTK2("neigh %p is suspecteded.\n", neigh);

	neigh->output = neigh->ops->output;

	for (hh = neigh->hh; hh; hh = hh->hh_next)
		hh->hh_output = neigh->ops->output;
}

/* Neighbour state is OK;
   enable fast path.
 */
static void neigh_connect(struct neighbour *neigh)
{
	struct hh_cache *hh;

	NEIGH_PRINTK2("neigh %p is connected.\n", neigh);

	neigh->output = neigh->ops->connected_output;

	for (hh = neigh->hh; hh; hh = hh->hh_next)
		hh->hh_output = neigh->ops->hh_output;
}

/*
   Transitions NUD_STALE <-> NUD_REACHABLE do not occur
   when fast path is built: we have no timers assotiated with
   these states, we do not have time to check state when sending.
   neigh_periodic_timer check periodically neigh->confirmed
   time and moves NUD_REACHABLE -> NUD_STALE.

   If a routine wants to know TRUE entry state, it calls
   neigh_sync before checking state.
 */

static void neigh_sync(struct neighbour *n)
{
	unsigned long now = jiffies;
	u8 state = n->nud_state;

	if (state&(NUD_NOARP|NUD_PERMANENT))
		return;
	if (state&NUD_REACHABLE) {
		if (now - n->confirmed > n->parms->reachable_time) {
			n->nud_state = NUD_STALE;
			neigh_suspect(n);
		}
	} else if (state&NUD_VALID) {
		if (now - n->confirmed < n->parms->reachable_time) {
			if (state&NUD_IN_TIMER)