ip6_flowlabel.c 17.4 KB
Newer Older
Linus Torvalds's avatar
Linus Torvalds committed
1
2
3
4
5
6
7
8
9
10
11
/*
 *	ip6_flowlabel.c		IPv6 flowlabel manager.
 *
 *	This program is free software; you can redistribute it and/or
 *      modify it under the terms of the GNU General Public License
 *      as published by the Free Software Foundation; either version
 *      2 of the License, or (at your option) any later version.
 *
 *	Authors:	Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru>
 */

12
#include <linux/capability.h>
Linus Torvalds's avatar
Linus Torvalds committed
13
14
15
16
17
18
19
20
21
22
#include <linux/errno.h>
#include <linux/types.h>
#include <linux/socket.h>
#include <linux/net.h>
#include <linux/netdevice.h>
#include <linux/if_arp.h>
#include <linux/in6.h>
#include <linux/route.h>
#include <linux/proc_fs.h>
#include <linux/seq_file.h>
23
#include <linux/slab.h>
24
#include <linux/export.h>
Linus Torvalds's avatar
Linus Torvalds committed
25

26
#include <net/net_namespace.h>
Linus Torvalds's avatar
Linus Torvalds committed
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
#include <net/sock.h>

#include <net/ipv6.h>
#include <net/ndisc.h>
#include <net/protocol.h>
#include <net/ip6_route.h>
#include <net/addrconf.h>
#include <net/rawv6.h>
#include <net/icmp.h>
#include <net/transp_v6.h>

#include <asm/uaccess.h>

#define FL_MIN_LINGER	6	/* Minimal linger. It is set to 6sec specified
				   in old IPv6 RFC. Well, it was reasonable value.
				 */
#define FL_MAX_LINGER	60	/* Maximal linger timeout */

/* FL hash table */

#define FL_MAX_PER_SOCK	32
#define FL_MAX_SIZE	4096
#define FL_HASH_MASK	255
#define FL_HASH(l)	(ntohl(l)&FL_HASH_MASK)

static atomic_t fl_size = ATOMIC_INIT(0);
static struct ip6_flowlabel *fl_ht[FL_HASH_MASK+1];

static void ip6_fl_gc(unsigned long dummy);
56
static DEFINE_TIMER(ip6_fl_gc_timer, ip6_fl_gc, 0, 0);
Linus Torvalds's avatar
Linus Torvalds committed
57
58
59
60
61
62
63
64
65
66

/* FL hash table lock: it protects only of GC */

static DEFINE_RWLOCK(ip6_fl_lock);

/* Big socket sock */

static DEFINE_RWLOCK(ip6_sk_fl_lock);


67
static inline struct ip6_flowlabel *__fl_lookup(struct net *net, __be32 label)
Linus Torvalds's avatar
Linus Torvalds committed
68
69
70
71
{
	struct ip6_flowlabel *fl;

	for (fl=fl_ht[FL_HASH(label)]; fl; fl = fl->next) {
72
		if (fl->label == label && net_eq(fl->fl_net, net))
Linus Torvalds's avatar
Linus Torvalds committed
73
74
75
76
77
			return fl;
	}
	return NULL;
}

78
static struct ip6_flowlabel *fl_lookup(struct net *net, __be32 label)
Linus Torvalds's avatar
Linus Torvalds committed
79
80
81
82
{
	struct ip6_flowlabel *fl;

	read_lock_bh(&ip6_fl_lock);
83
	fl = __fl_lookup(net, label);
Linus Torvalds's avatar
Linus Torvalds committed
84
85
86
87
88
89
90
91
92
	if (fl)
		atomic_inc(&fl->users);
	read_unlock_bh(&ip6_fl_lock);
	return fl;
}


static void fl_free(struct ip6_flowlabel *fl)
{
93
94
	if (fl) {
		release_net(fl->fl_net);
Linus Torvalds's avatar
Linus Torvalds committed
95
		kfree(fl->opt);
96
	}
Linus Torvalds's avatar
Linus Torvalds committed
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
	kfree(fl);
}

static void fl_release(struct ip6_flowlabel *fl)
{
	write_lock_bh(&ip6_fl_lock);

	fl->lastuse = jiffies;
	if (atomic_dec_and_test(&fl->users)) {
		unsigned long ttd = fl->lastuse + fl->linger;
		if (time_after(ttd, fl->expires))
			fl->expires = ttd;
		ttd = fl->expires;
		if (fl->opt && fl->share == IPV6_FL_S_EXCL) {
			struct ipv6_txoptions *opt = fl->opt;
			fl->opt = NULL;
			kfree(opt);
		}
		if (!timer_pending(&ip6_fl_gc_timer) ||
		    time_after(ip6_fl_gc_timer.expires, ttd))
			mod_timer(&ip6_fl_gc_timer, ttd);
	}
	write_unlock_bh(&ip6_fl_lock);
}

static void ip6_fl_gc(unsigned long dummy)
{
	int i;
	unsigned long now = jiffies;
	unsigned long sched = 0;

	write_lock(&ip6_fl_lock);

	for (i=0; i<=FL_HASH_MASK; i++) {
		struct ip6_flowlabel *fl, **flp;
		flp = &fl_ht[i];
		while ((fl=*flp) != NULL) {
			if (atomic_read(&fl->users) == 0) {
				unsigned long ttd = fl->lastuse + fl->linger;
				if (time_after(ttd, fl->expires))
					fl->expires = ttd;
				ttd = fl->expires;
				if (time_after_eq(now, ttd)) {
					*flp = fl->next;
					fl_free(fl);
					atomic_dec(&fl_size);
					continue;
				}
				if (!sched || time_before(ttd, sched))
					sched = ttd;
			}
			flp = &fl->next;
		}
	}
	if (!sched && atomic_read(&fl_size))
		sched = now + FL_MAX_LINGER;
	if (sched) {
154
		mod_timer(&ip6_fl_gc_timer, sched);
Linus Torvalds's avatar
Linus Torvalds committed
155
156
157
158
	}
	write_unlock(&ip6_fl_lock);
}

159
static void __net_exit ip6_fl_purge(struct net *net)
160
161
162
163
164
165
166
167
{
	int i;

	write_lock(&ip6_fl_lock);
	for (i = 0; i <= FL_HASH_MASK; i++) {
		struct ip6_flowlabel *fl, **flp;
		flp = &fl_ht[i];
		while ((fl = *flp) != NULL) {
168
169
			if (net_eq(fl->fl_net, net) &&
			    atomic_read(&fl->users) == 0) {
170
171
172
173
174
175
176
177
178
179
180
181
182
				*flp = fl->next;
				fl_free(fl);
				atomic_dec(&fl_size);
				continue;
			}
			flp = &fl->next;
		}
	}
	write_unlock(&ip6_fl_lock);
}

static struct ip6_flowlabel *fl_intern(struct net *net,
				       struct ip6_flowlabel *fl, __be32 label)
Linus Torvalds's avatar
Linus Torvalds committed
183
{
184
185
	struct ip6_flowlabel *lfl;

Linus Torvalds's avatar
Linus Torvalds committed
186
187
188
189
190
191
192
	fl->label = label & IPV6_FLOWLABEL_MASK;

	write_lock_bh(&ip6_fl_lock);
	if (label == 0) {
		for (;;) {
			fl->label = htonl(net_random())&IPV6_FLOWLABEL_MASK;
			if (fl->label) {
193
				lfl = __fl_lookup(net, fl->label);
Linus Torvalds's avatar
Linus Torvalds committed
194
195
196
197
				if (lfl == NULL)
					break;
			}
		}
198
199
200
201
202
203
204
205
206
	} else {
		/*
		 * we dropper the ip6_fl_lock, so this entry could reappear
		 * and we need to recheck with it.
		 *
		 * OTOH no need to search the active socket first, like it is
		 * done in ipv6_flowlabel_opt - sock is locked, so new entry
		 * with the same label can only appear on another sock
		 */
207
		lfl = __fl_lookup(net, fl->label);
208
209
210
211
212
		if (lfl != NULL) {
			atomic_inc(&lfl->users);
			write_unlock_bh(&ip6_fl_lock);
			return lfl;
		}
Linus Torvalds's avatar
Linus Torvalds committed
213
214
215
216
217
218
219
	}

	fl->lastuse = jiffies;
	fl->next = fl_ht[FL_HASH(fl->label)];
	fl_ht[FL_HASH(fl->label)] = fl;
	atomic_inc(&fl_size);
	write_unlock_bh(&ip6_fl_lock);
220
	return NULL;
Linus Torvalds's avatar
Linus Torvalds committed
221
222
223
224
225
226
}



/* Socket flowlabel lists */

Al Viro's avatar
Al Viro committed
227
struct ip6_flowlabel * fl6_sock_lookup(struct sock *sk, __be32 label)
Linus Torvalds's avatar
Linus Torvalds committed
228
229
230
231
232
233
{
	struct ipv6_fl_socklist *sfl;
	struct ipv6_pinfo *np = inet6_sk(sk);

	label &= IPV6_FLOWLABEL_MASK;

234
	read_lock_bh(&ip6_sk_fl_lock);
Linus Torvalds's avatar
Linus Torvalds committed
235
236
237
238
239
	for (sfl=np->ipv6_fl_list; sfl; sfl = sfl->next) {
		struct ip6_flowlabel *fl = sfl->fl;
		if (fl->label == label) {
			fl->lastuse = jiffies;
			atomic_inc(&fl->users);
240
			read_unlock_bh(&ip6_sk_fl_lock);
Linus Torvalds's avatar
Linus Torvalds committed
241
242
243
			return fl;
		}
	}
244
	read_unlock_bh(&ip6_sk_fl_lock);
Linus Torvalds's avatar
Linus Torvalds committed
245
246
247
	return NULL;
}

248
249
EXPORT_SYMBOL_GPL(fl6_sock_lookup);

Linus Torvalds's avatar
Linus Torvalds committed
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
void fl6_free_socklist(struct sock *sk)
{
	struct ipv6_pinfo *np = inet6_sk(sk);
	struct ipv6_fl_socklist *sfl;

	while ((sfl = np->ipv6_fl_list) != NULL) {
		np->ipv6_fl_list = sfl->next;
		fl_release(sfl->fl);
		kfree(sfl);
	}
}

/* Service routines */


/*
   It is the only difficult place. flowlabel enforces equal headers
   before and including routing header, however user may supply options
   following rthdr.
 */

struct ipv6_txoptions *fl6_merge_options(struct ipv6_txoptions * opt_space,
					 struct ip6_flowlabel * fl,
					 struct ipv6_txoptions * fopt)
{
275
	struct ipv6_txoptions * fl_opt = fl->opt;
276

277
278
	if (fopt == NULL || fopt->opt_flen == 0)
		return fl_opt;
279

Linus Torvalds's avatar
Linus Torvalds committed
280
281
	if (fl_opt != NULL) {
		opt_space->hopopt = fl_opt->hopopt;
282
		opt_space->dst0opt = fl_opt->dst0opt;
Linus Torvalds's avatar
Linus Torvalds committed
283
284
285
286
287
288
289
290
291
292
293
294
295
296
		opt_space->srcrt = fl_opt->srcrt;
		opt_space->opt_nflen = fl_opt->opt_nflen;
	} else {
		if (fopt->opt_nflen == 0)
			return fopt;
		opt_space->hopopt = NULL;
		opt_space->dst0opt = NULL;
		opt_space->srcrt = NULL;
		opt_space->opt_nflen = 0;
	}
	opt_space->dst1opt = fopt->dst1opt;
	opt_space->opt_flen = fopt->opt_flen;
	return opt_space;
}
297
EXPORT_SYMBOL_GPL(fl6_merge_options);
Linus Torvalds's avatar
Linus Torvalds committed
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326

static unsigned long check_linger(unsigned long ttl)
{
	if (ttl < FL_MIN_LINGER)
		return FL_MIN_LINGER*HZ;
	if (ttl > FL_MAX_LINGER && !capable(CAP_NET_ADMIN))
		return 0;
	return ttl*HZ;
}

static int fl6_renew(struct ip6_flowlabel *fl, unsigned long linger, unsigned long expires)
{
	linger = check_linger(linger);
	if (!linger)
		return -EPERM;
	expires = check_linger(expires);
	if (!expires)
		return -EPERM;
	fl->lastuse = jiffies;
	if (time_before(fl->linger, linger))
		fl->linger = linger;
	if (time_before(expires, fl->linger))
		expires = fl->linger;
	if (time_before(fl->expires, fl->lastuse + expires))
		fl->expires = fl->lastuse + expires;
	return 0;
}

static struct ip6_flowlabel *
327
328
fl_create(struct net *net, struct sock *sk, struct in6_flowlabel_req *freq,
	  char __user *optval, int optlen, int *err_p)
Linus Torvalds's avatar
Linus Torvalds committed
329
{
330
	struct ip6_flowlabel *fl = NULL;
Linus Torvalds's avatar
Linus Torvalds committed
331
332
333
334
	int olen;
	int addr_type;
	int err;

335
336
337
338
339
	olen = optlen - CMSG_ALIGN(sizeof(*freq));
	err = -EINVAL;
	if (olen > 64 * 1024)
		goto done;

Linus Torvalds's avatar
Linus Torvalds committed
340
	err = -ENOMEM;
341
	fl = kzalloc(sizeof(*fl), GFP_KERNEL);
Linus Torvalds's avatar
Linus Torvalds committed
342
343
344
345
346
	if (fl == NULL)
		goto done;

	if (olen > 0) {
		struct msghdr msg;
347
		struct flowi6 flowi6;
Linus Torvalds's avatar
Linus Torvalds committed
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
		int junk;

		err = -ENOMEM;
		fl->opt = kmalloc(sizeof(*fl->opt) + olen, GFP_KERNEL);
		if (fl->opt == NULL)
			goto done;

		memset(fl->opt, 0, sizeof(*fl->opt));
		fl->opt->tot_len = sizeof(*fl->opt) + olen;
		err = -EFAULT;
		if (copy_from_user(fl->opt+1, optval+CMSG_ALIGN(sizeof(*freq)), olen))
			goto done;

		msg.msg_controllen = olen;
		msg.msg_control = (void*)(fl->opt+1);
363
		memset(&flowi6, 0, sizeof(flowi6));
Linus Torvalds's avatar
Linus Torvalds committed
364

365
		err = datagram_send_ctl(net, sk, &msg, &flowi6, fl->opt, &junk,
366
					&junk, &junk);
Linus Torvalds's avatar
Linus Torvalds committed
367
368
369
370
371
372
373
374
375
376
377
		if (err)
			goto done;
		err = -EINVAL;
		if (fl->opt->opt_flen)
			goto done;
		if (fl->opt->opt_nflen == 0) {
			kfree(fl->opt);
			fl->opt = NULL;
		}
	}

378
	fl->fl_net = hold_net(net);
Linus Torvalds's avatar
Linus Torvalds committed
379
380
381
382
383
384
	fl->expires = jiffies;
	err = fl6_renew(fl, freq->flr_linger, freq->flr_expires);
	if (err)
		goto done;
	fl->share = freq->flr_share;
	addr_type = ipv6_addr_type(&freq->flr_dst);
385
386
	if ((addr_type & IPV6_ADDR_MAPPED) ||
	    addr_type == IPV6_ADDR_ANY) {
387
		err = -EINVAL;
Linus Torvalds's avatar
Linus Torvalds committed
388
		goto done;
389
	}
Alexey Dobriyan's avatar
Alexey Dobriyan committed
390
	fl->dst = freq->flr_dst;
Linus Torvalds's avatar
Linus Torvalds committed
391
392
393
394
395
396
397
398
399
	atomic_set(&fl->users, 1);
	switch (fl->share) {
	case IPV6_FL_S_EXCL:
	case IPV6_FL_S_ANY:
		break;
	case IPV6_FL_S_PROCESS:
		fl->owner = current->pid;
		break;
	case IPV6_FL_S_USER:
400
		fl->owner = current_euid();
Linus Torvalds's avatar
Linus Torvalds committed
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
		break;
	default:
		err = -EINVAL;
		goto done;
	}
	return fl;

done:
	fl_free(fl);
	*err_p = err;
	return NULL;
}

static int mem_check(struct sock *sk)
{
	struct ipv6_pinfo *np = inet6_sk(sk);
	struct ipv6_fl_socklist *sfl;
	int room = FL_MAX_SIZE - atomic_read(&fl_size);
	int count = 0;

	if (room > FL_MAX_SIZE - FL_MAX_PER_SOCK)
		return 0;

	for (sfl = np->ipv6_fl_list; sfl; sfl = sfl->next)
		count++;

	if (room <= 0 ||
	    ((count >= FL_MAX_PER_SOCK ||
429
430
	      (count > 0 && room < FL_MAX_SIZE/2) || room < FL_MAX_SIZE/4) &&
	     !capable(CAP_NET_ADMIN)))
Linus Torvalds's avatar
Linus Torvalds committed
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
		return -ENOBUFS;

	return 0;
}

static int ipv6_hdr_cmp(struct ipv6_opt_hdr *h1, struct ipv6_opt_hdr *h2)
{
	if (h1 == h2)
		return 0;
	if (h1 == NULL || h2 == NULL)
		return 1;
	if (h1->hdrlen != h2->hdrlen)
		return 1;
	return memcmp(h1+1, h2+1, ((h1->hdrlen+1)<<3) - sizeof(*h1));
}

static int ipv6_opt_cmp(struct ipv6_txoptions *o1, struct ipv6_txoptions *o2)
{
	if (o1 == o2)
		return 0;
	if (o1 == NULL || o2 == NULL)
		return 1;
	if (o1->opt_nflen != o2->opt_nflen)
		return 1;
	if (ipv6_hdr_cmp(o1->hopopt, o2->hopopt))
		return 1;
	if (ipv6_hdr_cmp(o1->dst0opt, o2->dst0opt))
		return 1;
	if (ipv6_hdr_cmp((struct ipv6_opt_hdr *)o1->srcrt, (struct ipv6_opt_hdr *)o2->srcrt))
		return 1;
	return 0;
}

464
465
466
467
468
469
470
471
472
473
static inline void fl_link(struct ipv6_pinfo *np, struct ipv6_fl_socklist *sfl,
		struct ip6_flowlabel *fl)
{
	write_lock_bh(&ip6_sk_fl_lock);
	sfl->fl = fl;
	sfl->next = np->ipv6_fl_list;
	np->ipv6_fl_list = sfl;
	write_unlock_bh(&ip6_sk_fl_lock);
}

Linus Torvalds's avatar
Linus Torvalds committed
474
475
int ipv6_flowlabel_opt(struct sock *sk, char __user *optval, int optlen)
{
476
	int uninitialized_var(err);
477
	struct net *net = sock_net(sk);
Linus Torvalds's avatar
Linus Torvalds committed
478
479
480
481
	struct ipv6_pinfo *np = inet6_sk(sk);
	struct in6_flowlabel_req freq;
	struct ipv6_fl_socklist *sfl1=NULL;
	struct ipv6_fl_socklist *sfl, **sflp;
482
483
	struct ip6_flowlabel *fl, *fl1 = NULL;

Linus Torvalds's avatar
Linus Torvalds committed
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519

	if (optlen < sizeof(freq))
		return -EINVAL;

	if (copy_from_user(&freq, optval, sizeof(freq)))
		return -EFAULT;

	switch (freq.flr_action) {
	case IPV6_FL_A_PUT:
		write_lock_bh(&ip6_sk_fl_lock);
		for (sflp = &np->ipv6_fl_list; (sfl=*sflp)!=NULL; sflp = &sfl->next) {
			if (sfl->fl->label == freq.flr_label) {
				if (freq.flr_label == (np->flow_label&IPV6_FLOWLABEL_MASK))
					np->flow_label &= ~IPV6_FLOWLABEL_MASK;
				*sflp = sfl->next;
				write_unlock_bh(&ip6_sk_fl_lock);
				fl_release(sfl->fl);
				kfree(sfl);
				return 0;
			}
		}
		write_unlock_bh(&ip6_sk_fl_lock);
		return -ESRCH;

	case IPV6_FL_A_RENEW:
		read_lock_bh(&ip6_sk_fl_lock);
		for (sfl = np->ipv6_fl_list; sfl; sfl = sfl->next) {
			if (sfl->fl->label == freq.flr_label) {
				err = fl6_renew(sfl->fl, freq.flr_linger, freq.flr_expires);
				read_unlock_bh(&ip6_sk_fl_lock);
				return err;
			}
		}
		read_unlock_bh(&ip6_sk_fl_lock);

		if (freq.flr_share == IPV6_FL_S_NONE && capable(CAP_NET_ADMIN)) {
520
			fl = fl_lookup(net, freq.flr_label);
Linus Torvalds's avatar
Linus Torvalds committed
521
522
523
524
525
526
527
528
529
530
531
532
			if (fl) {
				err = fl6_renew(fl, freq.flr_linger, freq.flr_expires);
				fl_release(fl);
				return err;
			}
		}
		return -ESRCH;

	case IPV6_FL_A_GET:
		if (freq.flr_label & ~IPV6_FLOWLABEL_MASK)
			return -EINVAL;

533
		fl = fl_create(net, sk, &freq, optval, optlen, &err);
Linus Torvalds's avatar
Linus Torvalds committed
534
535
536
537
538
539
540
541
542
543
544
545
546
547
		if (fl == NULL)
			return err;
		sfl1 = kmalloc(sizeof(*sfl1), GFP_KERNEL);

		if (freq.flr_label) {
			err = -EEXIST;
			read_lock_bh(&ip6_sk_fl_lock);
			for (sfl = np->ipv6_fl_list; sfl; sfl = sfl->next) {
				if (sfl->fl->label == freq.flr_label) {
					if (freq.flr_flags&IPV6_FL_F_EXCL) {
						read_unlock_bh(&ip6_sk_fl_lock);
						goto done;
					}
					fl1 = sfl->fl;
548
					atomic_inc(&fl1->users);
Linus Torvalds's avatar
Linus Torvalds committed
549
550
551
552
553
554
					break;
				}
			}
			read_unlock_bh(&ip6_sk_fl_lock);

			if (fl1 == NULL)
555
				fl1 = fl_lookup(net, freq.flr_label);
Linus Torvalds's avatar
Linus Torvalds committed
556
			if (fl1) {
557
recheck:
Linus Torvalds's avatar
Linus Torvalds committed
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
				err = -EEXIST;
				if (freq.flr_flags&IPV6_FL_F_EXCL)
					goto release;
				err = -EPERM;
				if (fl1->share == IPV6_FL_S_EXCL ||
				    fl1->share != fl->share ||
				    fl1->owner != fl->owner)
					goto release;

				err = -EINVAL;
				if (!ipv6_addr_equal(&fl1->dst, &fl->dst) ||
				    ipv6_opt_cmp(fl1->opt, fl->opt))
					goto release;

				err = -ENOMEM;
				if (sfl1 == NULL)
					goto release;
				if (fl->linger > fl1->linger)
					fl1->linger = fl->linger;
				if ((long)(fl->expires - fl1->expires) > 0)
					fl1->expires = fl->expires;
579
				fl_link(np, sfl1, fl1);
Linus Torvalds's avatar
Linus Torvalds committed
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
				fl_free(fl);
				return 0;

release:
				fl_release(fl1);
				goto done;
			}
		}
		err = -ENOENT;
		if (!(freq.flr_flags&IPV6_FL_F_CREATE))
			goto done;

		err = -ENOMEM;
		if (sfl1 == NULL || (err = mem_check(sk)) != 0)
			goto done;

596
		fl1 = fl_intern(net, fl, freq.flr_label);
597
598
		if (fl1 != NULL)
			goto recheck;
Linus Torvalds's avatar
Linus Torvalds committed
599

600
601
602
603
604
605
		if (!freq.flr_label) {
			if (copy_to_user(&((struct in6_flowlabel_req __user *) optval)->flr_label,
					 &fl->label, sizeof(fl->label))) {
				/* Intentionally ignore fault. */
			}
		}
Linus Torvalds's avatar
Linus Torvalds committed
606

607
		fl_link(np, sfl1, fl);
Linus Torvalds's avatar
Linus Torvalds committed
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
		return 0;

	default:
		return -EINVAL;
	}

done:
	fl_free(fl);
	kfree(sfl1);
	return err;
}

#ifdef CONFIG_PROC_FS

struct ip6fl_iter_state {
623
	struct seq_net_private p;
Linus Torvalds's avatar
Linus Torvalds committed
624
625
626
627
628
629
630
631
632
	int bucket;
};

#define ip6fl_seq_private(seq)	((struct ip6fl_iter_state *)(seq)->private)

static struct ip6_flowlabel *ip6fl_get_first(struct seq_file *seq)
{
	struct ip6_flowlabel *fl = NULL;
	struct ip6fl_iter_state *state = ip6fl_seq_private(seq);
633
	struct net *net = seq_file_net(seq);
Linus Torvalds's avatar
Linus Torvalds committed
634
635

	for (state->bucket = 0; state->bucket <= FL_HASH_MASK; ++state->bucket) {
636
637
		fl = fl_ht[state->bucket];

638
		while (fl && !net_eq(fl->fl_net, net))
639
640
			fl = fl->next;
		if (fl)
Linus Torvalds's avatar
Linus Torvalds committed
641
642
643
644
645
646
647
648
			break;
	}
	return fl;
}

static struct ip6_flowlabel *ip6fl_get_next(struct seq_file *seq, struct ip6_flowlabel *fl)
{
	struct ip6fl_iter_state *state = ip6fl_seq_private(seq);
649
	struct net *net = seq_file_net(seq);
Linus Torvalds's avatar
Linus Torvalds committed
650
651

	fl = fl->next;
652
try_again:
653
	while (fl && !net_eq(fl->fl_net, net))
654
655
		fl = fl->next;

Linus Torvalds's avatar
Linus Torvalds committed
656
	while (!fl) {
657
		if (++state->bucket <= FL_HASH_MASK) {
Linus Torvalds's avatar
Linus Torvalds committed
658
			fl = fl_ht[state->bucket];
659
660
			goto try_again;
		} else
661
			break;
Linus Torvalds's avatar
Linus Torvalds committed
662
663
664
665
666
667
668
669
670
671
672
673
674
675
	}
	return fl;
}

static struct ip6_flowlabel *ip6fl_get_idx(struct seq_file *seq, loff_t pos)
{
	struct ip6_flowlabel *fl = ip6fl_get_first(seq);
	if (fl)
		while (pos && (fl = ip6fl_get_next(seq, fl)) != NULL)
			--pos;
	return pos ? NULL : fl;
}

static void *ip6fl_seq_start(struct seq_file *seq, loff_t *pos)
676
	__acquires(ip6_fl_lock)
Linus Torvalds's avatar
Linus Torvalds committed
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
{
	read_lock_bh(&ip6_fl_lock);
	return *pos ? ip6fl_get_idx(seq, *pos - 1) : SEQ_START_TOKEN;
}

static void *ip6fl_seq_next(struct seq_file *seq, void *v, loff_t *pos)
{
	struct ip6_flowlabel *fl;

	if (v == SEQ_START_TOKEN)
		fl = ip6fl_get_first(seq);
	else
		fl = ip6fl_get_next(seq, v);
	++*pos;
	return fl;
}

static void ip6fl_seq_stop(struct seq_file *seq, void *v)
695
	__releases(ip6_fl_lock)
Linus Torvalds's avatar
Linus Torvalds committed
696
697
698
699
{
	read_unlock_bh(&ip6_fl_lock);
}

700
static int ip6fl_seq_show(struct seq_file *seq, void *v)
Linus Torvalds's avatar
Linus Torvalds committed
701
{
702
703
704
705
706
	if (v == SEQ_START_TOKEN)
		seq_printf(seq, "%-5s %-1s %-6s %-6s %-6s %-8s %-32s %s\n",
			   "Label", "S", "Owner", "Users", "Linger", "Expires", "Dst", "Opt");
	else {
		struct ip6_flowlabel *fl = v;
Linus Torvalds's avatar
Linus Torvalds committed
707
		seq_printf(seq,
708
			   "%05X %-1d %-6d %-6d %-6ld %-8ld %pi6 %-4d\n",
709
			   (unsigned int)ntohl(fl->label),
Linus Torvalds's avatar
Linus Torvalds committed
710
			   fl->share,
711
			   (int)fl->owner,
Linus Torvalds's avatar
Linus Torvalds committed
712
713
714
			   atomic_read(&fl->users),
			   fl->linger/HZ,
			   (long)(fl->expires - jiffies)/HZ,
715
			   &fl->dst,
Linus Torvalds's avatar
Linus Torvalds committed
716
717
718
719
720
			   fl->opt ? fl->opt->opt_nflen : 0);
	}
	return 0;
}

721
static const struct seq_operations ip6fl_seq_ops = {
Linus Torvalds's avatar
Linus Torvalds committed
722
723
724
725
726
727
728
729
	.start	=	ip6fl_seq_start,
	.next	=	ip6fl_seq_next,
	.stop	=	ip6fl_seq_stop,
	.show	=	ip6fl_seq_show,
};

static int ip6fl_seq_open(struct inode *inode, struct file *file)
{
730
731
	return seq_open_net(inode, file, &ip6fl_seq_ops,
			    sizeof(struct ip6fl_iter_state));
Linus Torvalds's avatar
Linus Torvalds committed
732
733
}

734
static const struct file_operations ip6fl_seq_fops = {
Linus Torvalds's avatar
Linus Torvalds committed
735
736
737
738
	.owner		=	THIS_MODULE,
	.open		=	ip6fl_seq_open,
	.read		=	seq_read,
	.llseek		=	seq_lseek,
739
	.release	=	seq_release_net,
Linus Torvalds's avatar
Linus Torvalds committed
740
741
};

742
static int __net_init ip6_flowlabel_proc_init(struct net *net)
743
{
744
745
	if (!proc_net_fops_create(net, "ip6_flowlabel",
				  S_IRUGO, &ip6fl_seq_fops))
746
747
748
		return -ENOMEM;
	return 0;
}
Linus Torvalds's avatar
Linus Torvalds committed
749

750
static void __net_exit ip6_flowlabel_proc_fini(struct net *net)
Linus Torvalds's avatar
Linus Torvalds committed
751
{
752
753
754
755
756
757
758
759
760
761
	proc_net_remove(net, "ip6_flowlabel");
}
#else
static inline int ip6_flowlabel_proc_init(struct net *net)
{
	return 0;
}
static inline void ip6_flowlabel_proc_fini(struct net *net)
{
}
Linus Torvalds's avatar
Linus Torvalds committed
762
#endif
763

764
static void __net_exit ip6_flowlabel_net_exit(struct net *net)
765
766
{
	ip6_fl_purge(net);
767
	ip6_flowlabel_proc_fini(net);
768
769
770
}

static struct pernet_operations ip6_flowlabel_net_ops = {
771
	.init = ip6_flowlabel_proc_init,
772
773
774
	.exit = ip6_flowlabel_net_exit,
};

775
776
int ip6_flowlabel_init(void)
{
777
	return register_pernet_subsys(&ip6_flowlabel_net_ops);
Linus Torvalds's avatar
Linus Torvalds committed
778
779
780
781
782
}

void ip6_flowlabel_cleanup(void)
{
	del_timer(&ip6_fl_gc_timer);
783
	unregister_pernet_subsys(&ip6_flowlabel_net_ops);
Linus Torvalds's avatar
Linus Torvalds committed
784
}