mirrors
/
linux-stable
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge branch 'net-Add-support-for-dumping-addresses-for-a-specific-device' 

David Ahern says:

====================
net: Add support for dumping addresses for a specific device

Use the recently added kernel side filter infrastructure to add support
for dumping addresses only for a specific device.

Patch 1 creates an IPv4 version similar to IPv6's in6_dump_addrs function.

Patch 2 simplifies in6_dump_addrs by moving index tracking of IP
addresses from inet6_dump_addr to in6_dump_addrs.

Patches 3 and 4 use the device-based address dump helpers to limit a
dump to just the addresses on a specific device.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
David S. Miller 2018-10-22 19:33:29 -07:00
parent 8df591f35e 6371a71f3a
commit de46e92af4
2 changed files with 85 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

77
net/ipv4/devinet.c
View File

@ -109,6 +109,7 @@ struct inet_fill_args {
int event;
unsigned int flags;
int netnsid;
int ifindex;
};
#define IN4_ADDR_HSIZE_SHIFT 8
@ -1663,8 +1664,9 @@ nla_put_failure:
static int inet_valid_dump_ifaddr_req(const struct nlmsghdr *nlh,
struct inet_fill_args *fillargs,
struct net **tgt_net, struct sock *sk,
struct netlink_ext_ack *extack)
struct netlink_callback *cb)
{
struct netlink_ext_ack *extack = cb->extack;
struct nlattr *tb[IFA_MAX+1];
struct ifaddrmsg *ifm;
int err, i;
@ -1679,9 +1681,11 @@ static int inet_valid_dump_ifaddr_req(const struct nlmsghdr *nlh,
NL_SET_ERR_MSG(extack, "ipv4: Invalid values in header for address dump request");
return -EINVAL;
}
if (ifm->ifa_index) {
NL_SET_ERR_MSG(extack, "ipv4: Filter by device index not supported for address dump");
return -EINVAL;
fillargs->ifindex = ifm->ifa_index;
if (fillargs->ifindex) {
cb->answer_flags |= NLM_F_DUMP_FILTERED;
fillargs->flags |= NLM_F_DUMP_FILTERED;
}
err = nlmsg_parse_strict(nlh, sizeof(*ifm), tb, IFA_MAX,
@ -1713,6 +1717,32 @@ static int inet_valid_dump_ifaddr_req(const struct nlmsghdr *nlh,
return 0;
}
static int in_dev_dump_addr(struct in_device *in_dev, struct sk_buff *skb,
struct netlink_callback *cb, int s_ip_idx,
struct inet_fill_args *fillargs)
{
struct in_ifaddr *ifa;
int ip_idx = 0;
int err;
for (ifa = in_dev->ifa_list; ifa; ifa = ifa->ifa_next, ip_idx++) {
if (ip_idx < s_ip_idx)
continue;
err = inet_fill_ifaddr(skb, ifa, fillargs);
if (err < 0)
goto done;
nl_dump_check_consistent(cb, nlmsg_hdr(skb));
}
err = 0;
done:
cb->args[2] = ip_idx;
return err;
}
static int inet_dump_ifaddr(struct sk_buff *skb, struct netlink_callback *cb)
{
const struct nlmsghdr *nlh = cb->nlh;
@ -1727,23 +1757,34 @@ static int inet_dump_ifaddr(struct sk_buff *skb, struct netlink_callback *cb)
struct net *tgt_net = net;
int h, s_h;
int idx, s_idx;
int ip_idx, s_ip_idx;
int s_ip_idx;
struct net_device *dev;
struct in_device *in_dev;
struct in_ifaddr *ifa;
struct hlist_head *head;
int err;
s_h = cb->args[0];
s_idx = idx = cb->args[1];
s_ip_idx = ip_idx = cb->args[2];
s_ip_idx = cb->args[2];
if (cb->strict_check) {
int err;
err = inet_valid_dump_ifaddr_req(nlh, &fillargs, &tgt_net,
skb->sk, cb->extack);
skb->sk, cb);
if (err < 0)
return err;
if (fillargs.ifindex) {
dev = __dev_get_by_index(tgt_net, fillargs.ifindex);
if (!dev)
return -ENODEV;
in_dev = __in_dev_get_rtnl(dev);
if (in_dev) {
err = in_dev_dump_addr(in_dev, skb, cb, s_ip_idx,
&fillargs);
}
goto put_tgt_net;
}
}
for (h = s_h; h < NETDEV_HASHENTRIES; h++, s_idx = 0) {
@ -1761,15 +1802,11 @@ static int inet_dump_ifaddr(struct sk_buff *skb, struct netlink_callback *cb)
if (!in_dev)
goto cont;
for (ifa = in_dev->ifa_list, ip_idx = 0; ifa;
ifa = ifa->ifa_next, ip_idx++) {
if (ip_idx < s_ip_idx)
continue;
if (inet_fill_ifaddr(skb, ifa, &fillargs) < 0) {
rcu_read_unlock();
goto done;
}
nl_dump_check_consistent(cb, nlmsg_hdr(skb));
err = in_dev_dump_addr(in_dev, skb, cb, s_ip_idx,
&fillargs);
if (err < 0) {
rcu_read_unlock();
goto done;
}
cont:
idx++;
@ -1780,7 +1817,7 @@ cont:
done:
cb->args[0] = h;
cb->args[1] = idx;
cb->args[2] = ip_idx;
put_tgt_net:
if (fillargs.netnsid >= 0)
put_net(tgt_net);

43
net/ipv6/addrconf.c
View File

@ -4821,6 +4821,7 @@ struct inet6_fill_args {
int event;
unsigned int flags;
int netnsid;
int ifindex;
enum addr_type_t type;
};
@ -4955,14 +4956,13 @@ static int inet6_fill_ifacaddr(struct sk_buff *skb, struct ifacaddr6 *ifaca,
/* called with rcu_read_lock() */
static int in6_dump_addrs(struct inet6_dev *idev, struct sk_buff *skb,
struct netlink_callback *cb,
int s_ip_idx, int *p_ip_idx,
struct netlink_callback *cb, int s_ip_idx,
struct inet6_fill_args *fillargs)
{
struct ifmcaddr6 *ifmca;
struct ifacaddr6 *ifaca;
int ip_idx = 0;
int err = 1;
int ip_idx = *p_ip_idx;
read_lock_bh(&idev->lock);
switch (fillargs->type) {
@ -5012,15 +5012,16 @@ next:
break;
}
read_unlock_bh(&idev->lock);
*p_ip_idx = ip_idx;
cb->args[2] = ip_idx;
return err;
}
static int inet6_valid_dump_ifaddr_req(const struct nlmsghdr *nlh,
struct inet6_fill_args *fillargs,
struct net **tgt_net, struct sock *sk,
struct netlink_ext_ack *extack)
struct netlink_callback *cb)
{
struct netlink_ext_ack *extack = cb->extack;
struct nlattr *tb[IFA_MAX+1];
struct ifaddrmsg *ifm;
int err, i;
@ -5035,9 +5036,11 @@ static int inet6_valid_dump_ifaddr_req(const struct nlmsghdr *nlh,
NL_SET_ERR_MSG_MOD(extack, "Invalid values in header for address dump request");
return -EINVAL;
}
if (ifm->ifa_index) {
NL_SET_ERR_MSG_MOD(extack, "Filter by device index not supported for address dump");
return -EINVAL;
fillargs->ifindex = ifm->ifa_index;
if (fillargs->ifindex) {
cb->answer_flags |= NLM_F_DUMP_FILTERED;
fillargs->flags |= NLM_F_DUMP_FILTERED;
}
err = nlmsg_parse_strict(nlh, sizeof(*ifm), tb, IFA_MAX,
@ -5081,24 +5084,35 @@ static int inet6_dump_addr(struct sk_buff *skb, struct netlink_callback *cb,
};
struct net *net = sock_net(skb->sk);
struct net *tgt_net = net;
int idx, s_idx, s_ip_idx;
int h, s_h;
int idx, ip_idx;
int s_idx, s_ip_idx;
struct net_device *dev;
struct inet6_dev *idev;
struct hlist_head *head;
s_h = cb->args[0];
s_idx = idx = cb->args[1];
s_ip_idx = ip_idx = cb->args[2];
s_ip_idx = cb->args[2];
if (cb->strict_check) {
int err;
err = inet6_valid_dump_ifaddr_req(nlh, &fillargs, &tgt_net,
skb->sk, cb->extack);
skb->sk, cb);
if (err < 0)
return err;
if (fillargs.ifindex) {
dev = __dev_get_by_index(tgt_net, fillargs.ifindex);
if (!dev)
return -ENODEV;
idev = __in6_dev_get(dev);
if (idev) {
err = in6_dump_addrs(idev, skb, cb, s_ip_idx,
&fillargs);
}
goto put_tgt_net;
}
}
rcu_read_lock();
@ -5111,12 +5125,11 @@ static int inet6_dump_addr(struct sk_buff *skb, struct netlink_callback *cb,
goto cont;
if (h > s_h || idx > s_idx)
s_ip_idx = 0;
ip_idx = 0;
idev = __in6_dev_get(dev);
if (!idev)
goto cont;
if (in6_dump_addrs(idev, skb, cb, s_ip_idx, &ip_idx,
if (in6_dump_addrs(idev, skb, cb, s_ip_idx,
&fillargs) < 0)
goto done;
cont:
@ -5127,7 +5140,7 @@ done:
rcu_read_unlock();
cb->args[0] = h;
cb->args[1] = idx;
cb->args[2] = ip_idx;
put_tgt_net:
if (fillargs.netnsid >= 0)
put_net(tgt_net);