summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDavid S. Miller <davem@davemloft.net>2018-10-23 05:33:29 +0300
committerDavid S. Miller <davem@davemloft.net>2018-10-23 05:33:29 +0300
commitde46e92af4461decff2288a1e97e47cd9e82f783 (patch)
tree266dc6ae02e10fac338a693a94b7372375ba1af9
parent8df591f35e9651b955d21f43828f54c106cf4807 (diff)
parent6371a71f3a3b2bc47880dd76c2f176495802d0df (diff)
downloadlinux-de46e92af4461decff2288a1e97e47cd9e82f783.tar.xz
Merge branch 'net-Add-support-for-dumping-addresses-for-a-specific-device'
David Ahern says: ==================== net: Add support for dumping addresses for a specific device Use the recently added kernel side filter infrastructure to add support for dumping addresses only for a specific device. Patch 1 creates an IPv4 version similar to IPv6's in6_dump_addrs function. Patch 2 simplifies in6_dump_addrs by moving index tracking of IP addresses from inet6_dump_addr to in6_dump_addrs. Patches 3 and 4 use the device-based address dump helpers to limit a dump to just the addresses on a specific device. ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r--net/ipv4/devinet.c77
-rw-r--r--net/ipv6/addrconf.c43
2 files changed, 85 insertions, 35 deletions
diff --git a/net/ipv4/devinet.c b/net/ipv4/devinet.c
index d122ebbe5980..63d5b58fbfdb 100644
--- a/net/ipv4/devinet.c
+++ b/net/ipv4/devinet.c
@@ -109,6 +109,7 @@ struct inet_fill_args {
int event;
unsigned int flags;
int netnsid;
+ int ifindex;
};
#define IN4_ADDR_HSIZE_SHIFT 8
@@ -1663,8 +1664,9 @@ nla_put_failure:
static int inet_valid_dump_ifaddr_req(const struct nlmsghdr *nlh,
struct inet_fill_args *fillargs,
struct net **tgt_net, struct sock *sk,
- struct netlink_ext_ack *extack)
+ struct netlink_callback *cb)
{
+ struct netlink_ext_ack *extack = cb->extack;
struct nlattr *tb[IFA_MAX+1];
struct ifaddrmsg *ifm;
int err, i;
@@ -1679,9 +1681,11 @@ static int inet_valid_dump_ifaddr_req(const struct nlmsghdr *nlh,
NL_SET_ERR_MSG(extack, "ipv4: Invalid values in header for address dump request");
return -EINVAL;
}
- if (ifm->ifa_index) {
- NL_SET_ERR_MSG(extack, "ipv4: Filter by device index not supported for address dump");
- return -EINVAL;
+
+ fillargs->ifindex = ifm->ifa_index;
+ if (fillargs->ifindex) {
+ cb->answer_flags |= NLM_F_DUMP_FILTERED;
+ fillargs->flags |= NLM_F_DUMP_FILTERED;
}
err = nlmsg_parse_strict(nlh, sizeof(*ifm), tb, IFA_MAX,
@@ -1713,6 +1717,32 @@ static int inet_valid_dump_ifaddr_req(const struct nlmsghdr *nlh,
return 0;
}
+static int in_dev_dump_addr(struct in_device *in_dev, struct sk_buff *skb,
+ struct netlink_callback *cb, int s_ip_idx,
+ struct inet_fill_args *fillargs)
+{
+ struct in_ifaddr *ifa;
+ int ip_idx = 0;
+ int err;
+
+ for (ifa = in_dev->ifa_list; ifa; ifa = ifa->ifa_next, ip_idx++) {
+ if (ip_idx < s_ip_idx)
+ continue;
+
+ err = inet_fill_ifaddr(skb, ifa, fillargs);
+ if (err < 0)
+ goto done;
+
+ nl_dump_check_consistent(cb, nlmsg_hdr(skb));
+ }
+ err = 0;
+
+done:
+ cb->args[2] = ip_idx;
+
+ return err;
+}
+
static int inet_dump_ifaddr(struct sk_buff *skb, struct netlink_callback *cb)
{
const struct nlmsghdr *nlh = cb->nlh;
@@ -1727,23 +1757,34 @@ static int inet_dump_ifaddr(struct sk_buff *skb, struct netlink_callback *cb)
struct net *tgt_net = net;
int h, s_h;
int idx, s_idx;
- int ip_idx, s_ip_idx;
+ int s_ip_idx;
struct net_device *dev;
struct in_device *in_dev;
- struct in_ifaddr *ifa;
struct hlist_head *head;
+ int err;
s_h = cb->args[0];
s_idx = idx = cb->args[1];
- s_ip_idx = ip_idx = cb->args[2];
+ s_ip_idx = cb->args[2];
if (cb->strict_check) {
- int err;
-
err = inet_valid_dump_ifaddr_req(nlh, &fillargs, &tgt_net,
- skb->sk, cb->extack);
+ skb->sk, cb);
if (err < 0)
return err;
+
+ if (fillargs.ifindex) {
+ dev = __dev_get_by_index(tgt_net, fillargs.ifindex);
+ if (!dev)
+ return -ENODEV;
+
+ in_dev = __in_dev_get_rtnl(dev);
+ if (in_dev) {
+ err = in_dev_dump_addr(in_dev, skb, cb, s_ip_idx,
+ &fillargs);
+ }
+ goto put_tgt_net;
+ }
}
for (h = s_h; h < NETDEV_HASHENTRIES; h++, s_idx = 0) {
@@ -1761,15 +1802,11 @@ static int inet_dump_ifaddr(struct sk_buff *skb, struct netlink_callback *cb)
if (!in_dev)
goto cont;
- for (ifa = in_dev->ifa_list, ip_idx = 0; ifa;
- ifa = ifa->ifa_next, ip_idx++) {
- if (ip_idx < s_ip_idx)
- continue;
- if (inet_fill_ifaddr(skb, ifa, &fillargs) < 0) {
- rcu_read_unlock();
- goto done;
- }
- nl_dump_check_consistent(cb, nlmsg_hdr(skb));
+ err = in_dev_dump_addr(in_dev, skb, cb, s_ip_idx,
+ &fillargs);
+ if (err < 0) {
+ rcu_read_unlock();
+ goto done;
}
cont:
idx++;
@@ -1780,7 +1817,7 @@ cont:
done:
cb->args[0] = h;
cb->args[1] = idx;
- cb->args[2] = ip_idx;
+put_tgt_net:
if (fillargs.netnsid >= 0)
put_net(tgt_net);
diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c
index e39c284e2954..45b84dd5c4eb 100644
--- a/net/ipv6/addrconf.c
+++ b/net/ipv6/addrconf.c
@@ -4821,6 +4821,7 @@ struct inet6_fill_args {
int event;
unsigned int flags;
int netnsid;
+ int ifindex;
enum addr_type_t type;
};
@@ -4955,14 +4956,13 @@ static int inet6_fill_ifacaddr(struct sk_buff *skb, struct ifacaddr6 *ifaca,
/* called with rcu_read_lock() */
static int in6_dump_addrs(struct inet6_dev *idev, struct sk_buff *skb,
- struct netlink_callback *cb,
- int s_ip_idx, int *p_ip_idx,
+ struct netlink_callback *cb, int s_ip_idx,
struct inet6_fill_args *fillargs)
{
struct ifmcaddr6 *ifmca;
struct ifacaddr6 *ifaca;
+ int ip_idx = 0;
int err = 1;
- int ip_idx = *p_ip_idx;
read_lock_bh(&idev->lock);
switch (fillargs->type) {
@@ -5012,15 +5012,16 @@ next:
break;
}
read_unlock_bh(&idev->lock);
- *p_ip_idx = ip_idx;
+ cb->args[2] = ip_idx;
return err;
}
static int inet6_valid_dump_ifaddr_req(const struct nlmsghdr *nlh,
struct inet6_fill_args *fillargs,
struct net **tgt_net, struct sock *sk,
- struct netlink_ext_ack *extack)
+ struct netlink_callback *cb)
{
+ struct netlink_ext_ack *extack = cb->extack;
struct nlattr *tb[IFA_MAX+1];
struct ifaddrmsg *ifm;
int err, i;
@@ -5035,9 +5036,11 @@ static int inet6_valid_dump_ifaddr_req(const struct nlmsghdr *nlh,
NL_SET_ERR_MSG_MOD(extack, "Invalid values in header for address dump request");
return -EINVAL;
}
- if (ifm->ifa_index) {
- NL_SET_ERR_MSG_MOD(extack, "Filter by device index not supported for address dump");
- return -EINVAL;
+
+ fillargs->ifindex = ifm->ifa_index;
+ if (fillargs->ifindex) {
+ cb->answer_flags |= NLM_F_DUMP_FILTERED;
+ fillargs->flags |= NLM_F_DUMP_FILTERED;
}
err = nlmsg_parse_strict(nlh, sizeof(*ifm), tb, IFA_MAX,
@@ -5081,24 +5084,35 @@ static int inet6_dump_addr(struct sk_buff *skb, struct netlink_callback *cb,
};
struct net *net = sock_net(skb->sk);
struct net *tgt_net = net;
+ int idx, s_idx, s_ip_idx;
int h, s_h;
- int idx, ip_idx;
- int s_idx, s_ip_idx;
struct net_device *dev;
struct inet6_dev *idev;
struct hlist_head *head;
s_h = cb->args[0];
s_idx = idx = cb->args[1];
- s_ip_idx = ip_idx = cb->args[2];
+ s_ip_idx = cb->args[2];
if (cb->strict_check) {
int err;
err = inet6_valid_dump_ifaddr_req(nlh, &fillargs, &tgt_net,
- skb->sk, cb->extack);
+ skb->sk, cb);
if (err < 0)
return err;
+
+ if (fillargs.ifindex) {
+ dev = __dev_get_by_index(tgt_net, fillargs.ifindex);
+ if (!dev)
+ return -ENODEV;
+ idev = __in6_dev_get(dev);
+ if (idev) {
+ err = in6_dump_addrs(idev, skb, cb, s_ip_idx,
+ &fillargs);
+ }
+ goto put_tgt_net;
+ }
}
rcu_read_lock();
@@ -5111,12 +5125,11 @@ static int inet6_dump_addr(struct sk_buff *skb, struct netlink_callback *cb,
goto cont;
if (h > s_h || idx > s_idx)
s_ip_idx = 0;
- ip_idx = 0;
idev = __in6_dev_get(dev);
if (!idev)
goto cont;
- if (in6_dump_addrs(idev, skb, cb, s_ip_idx, &ip_idx,
+ if (in6_dump_addrs(idev, skb, cb, s_ip_idx,
&fillargs) < 0)
goto done;
cont:
@@ -5127,7 +5140,7 @@ done:
rcu_read_unlock();
cb->args[0] = h;
cb->args[1] = idx;
- cb->args[2] = ip_idx;
+put_tgt_net:
if (fillargs.netnsid >= 0)
put_net(tgt_net);