Loading...
1/*
2 * NET3 IP device support routines.
3 *
4 * This program is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU General Public License
6 * as published by the Free Software Foundation; either version
7 * 2 of the License, or (at your option) any later version.
8 *
9 * Derived from the IP parts of dev.c 1.0.19
10 * Authors: Ross Biro
11 * Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
12 * Mark Evans, <evansmp@uhura.aston.ac.uk>
13 *
14 * Additional Authors:
15 * Alan Cox, <gw4pts@gw4pts.ampr.org>
16 * Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru>
17 *
18 * Changes:
19 * Alexey Kuznetsov: pa_* fields are replaced with ifaddr
20 * lists.
21 * Cyrus Durgin: updated for kmod
22 * Matthias Andree: in devinet_ioctl, compare label and
23 * address (4.4BSD alias style support),
24 * fall back to comparing just the label
25 * if no match found.
26 */
27
28
29#include <asm/uaccess.h>
30#include <asm/system.h>
31#include <linux/bitops.h>
32#include <linux/capability.h>
33#include <linux/module.h>
34#include <linux/types.h>
35#include <linux/kernel.h>
36#include <linux/string.h>
37#include <linux/mm.h>
38#include <linux/socket.h>
39#include <linux/sockios.h>
40#include <linux/in.h>
41#include <linux/errno.h>
42#include <linux/interrupt.h>
43#include <linux/if_addr.h>
44#include <linux/if_ether.h>
45#include <linux/inet.h>
46#include <linux/netdevice.h>
47#include <linux/etherdevice.h>
48#include <linux/skbuff.h>
49#include <linux/init.h>
50#include <linux/notifier.h>
51#include <linux/inetdevice.h>
52#include <linux/igmp.h>
53#include <linux/slab.h>
54#include <linux/hash.h>
55#ifdef CONFIG_SYSCTL
56#include <linux/sysctl.h>
57#endif
58#include <linux/kmod.h>
59
60#include <net/arp.h>
61#include <net/ip.h>
62#include <net/route.h>
63#include <net/ip_fib.h>
64#include <net/rtnetlink.h>
65#include <net/net_namespace.h>
66
67#include "fib_lookup.h"
68
69static struct ipv4_devconf ipv4_devconf = {
70 .data = {
71 [IPV4_DEVCONF_ACCEPT_REDIRECTS - 1] = 1,
72 [IPV4_DEVCONF_SEND_REDIRECTS - 1] = 1,
73 [IPV4_DEVCONF_SECURE_REDIRECTS - 1] = 1,
74 [IPV4_DEVCONF_SHARED_MEDIA - 1] = 1,
75 },
76};
77
78static struct ipv4_devconf ipv4_devconf_dflt = {
79 .data = {
80 [IPV4_DEVCONF_ACCEPT_REDIRECTS - 1] = 1,
81 [IPV4_DEVCONF_SEND_REDIRECTS - 1] = 1,
82 [IPV4_DEVCONF_SECURE_REDIRECTS - 1] = 1,
83 [IPV4_DEVCONF_SHARED_MEDIA - 1] = 1,
84 [IPV4_DEVCONF_ACCEPT_SOURCE_ROUTE - 1] = 1,
85 },
86};
87
88#define IPV4_DEVCONF_DFLT(net, attr) \
89 IPV4_DEVCONF((*net->ipv4.devconf_dflt), attr)
90
91static const struct nla_policy ifa_ipv4_policy[IFA_MAX+1] = {
92 [IFA_LOCAL] = { .type = NLA_U32 },
93 [IFA_ADDRESS] = { .type = NLA_U32 },
94 [IFA_BROADCAST] = { .type = NLA_U32 },
95 [IFA_LABEL] = { .type = NLA_STRING, .len = IFNAMSIZ - 1 },
96};
97
98/* inet_addr_hash's shifting is dependent upon this IN4_ADDR_HSIZE
99 * value. So if you change this define, make appropriate changes to
100 * inet_addr_hash as well.
101 */
102#define IN4_ADDR_HSIZE 256
103static struct hlist_head inet_addr_lst[IN4_ADDR_HSIZE];
104static DEFINE_SPINLOCK(inet_addr_hash_lock);
105
106static inline unsigned int inet_addr_hash(struct net *net, __be32 addr)
107{
108 u32 val = (__force u32) addr ^ hash_ptr(net, 8);
109
110 return ((val ^ (val >> 8) ^ (val >> 16) ^ (val >> 24)) &
111 (IN4_ADDR_HSIZE - 1));
112}
113
114static void inet_hash_insert(struct net *net, struct in_ifaddr *ifa)
115{
116 unsigned int hash = inet_addr_hash(net, ifa->ifa_local);
117
118 spin_lock(&inet_addr_hash_lock);
119 hlist_add_head_rcu(&ifa->hash, &inet_addr_lst[hash]);
120 spin_unlock(&inet_addr_hash_lock);
121}
122
123static void inet_hash_remove(struct in_ifaddr *ifa)
124{
125 spin_lock(&inet_addr_hash_lock);
126 hlist_del_init_rcu(&ifa->hash);
127 spin_unlock(&inet_addr_hash_lock);
128}
129
130/**
131 * __ip_dev_find - find the first device with a given source address.
132 * @net: the net namespace
133 * @addr: the source address
134 * @devref: if true, take a reference on the found device
135 *
136 * If a caller uses devref=false, it should be protected by RCU, or RTNL
137 */
138struct net_device *__ip_dev_find(struct net *net, __be32 addr, bool devref)
139{
140 unsigned int hash = inet_addr_hash(net, addr);
141 struct net_device *result = NULL;
142 struct in_ifaddr *ifa;
143 struct hlist_node *node;
144
145 rcu_read_lock();
146 hlist_for_each_entry_rcu(ifa, node, &inet_addr_lst[hash], hash) {
147 struct net_device *dev = ifa->ifa_dev->dev;
148
149 if (!net_eq(dev_net(dev), net))
150 continue;
151 if (ifa->ifa_local == addr) {
152 result = dev;
153 break;
154 }
155 }
156 if (!result) {
157 struct flowi4 fl4 = { .daddr = addr };
158 struct fib_result res = { 0 };
159 struct fib_table *local;
160
161 /* Fallback to FIB local table so that communication
162 * over loopback subnets work.
163 */
164 local = fib_get_table(net, RT_TABLE_LOCAL);
165 if (local &&
166 !fib_table_lookup(local, &fl4, &res, FIB_LOOKUP_NOREF) &&
167 res.type == RTN_LOCAL)
168 result = FIB_RES_DEV(res);
169 }
170 if (result && devref)
171 dev_hold(result);
172 rcu_read_unlock();
173 return result;
174}
175EXPORT_SYMBOL(__ip_dev_find);
176
177static void rtmsg_ifa(int event, struct in_ifaddr *, struct nlmsghdr *, u32);
178
179static BLOCKING_NOTIFIER_HEAD(inetaddr_chain);
180static void inet_del_ifa(struct in_device *in_dev, struct in_ifaddr **ifap,
181 int destroy);
182#ifdef CONFIG_SYSCTL
183static void devinet_sysctl_register(struct in_device *idev);
184static void devinet_sysctl_unregister(struct in_device *idev);
185#else
186static inline void devinet_sysctl_register(struct in_device *idev)
187{
188}
189static inline void devinet_sysctl_unregister(struct in_device *idev)
190{
191}
192#endif
193
194/* Locks all the inet devices. */
195
196static struct in_ifaddr *inet_alloc_ifa(void)
197{
198 return kzalloc(sizeof(struct in_ifaddr), GFP_KERNEL);
199}
200
201static void inet_rcu_free_ifa(struct rcu_head *head)
202{
203 struct in_ifaddr *ifa = container_of(head, struct in_ifaddr, rcu_head);
204 if (ifa->ifa_dev)
205 in_dev_put(ifa->ifa_dev);
206 kfree(ifa);
207}
208
209static inline void inet_free_ifa(struct in_ifaddr *ifa)
210{
211 call_rcu(&ifa->rcu_head, inet_rcu_free_ifa);
212}
213
214void in_dev_finish_destroy(struct in_device *idev)
215{
216 struct net_device *dev = idev->dev;
217
218 WARN_ON(idev->ifa_list);
219 WARN_ON(idev->mc_list);
220#ifdef NET_REFCNT_DEBUG
221 printk(KERN_DEBUG "in_dev_finish_destroy: %p=%s\n",
222 idev, dev ? dev->name : "NIL");
223#endif
224 dev_put(dev);
225 if (!idev->dead)
226 pr_err("Freeing alive in_device %p\n", idev);
227 else
228 kfree(idev);
229}
230EXPORT_SYMBOL(in_dev_finish_destroy);
231
232static struct in_device *inetdev_init(struct net_device *dev)
233{
234 struct in_device *in_dev;
235
236 ASSERT_RTNL();
237
238 in_dev = kzalloc(sizeof(*in_dev), GFP_KERNEL);
239 if (!in_dev)
240 goto out;
241 memcpy(&in_dev->cnf, dev_net(dev)->ipv4.devconf_dflt,
242 sizeof(in_dev->cnf));
243 in_dev->cnf.sysctl = NULL;
244 in_dev->dev = dev;
245 in_dev->arp_parms = neigh_parms_alloc(dev, &arp_tbl);
246 if (!in_dev->arp_parms)
247 goto out_kfree;
248 if (IPV4_DEVCONF(in_dev->cnf, FORWARDING))
249 dev_disable_lro(dev);
250 /* Reference in_dev->dev */
251 dev_hold(dev);
252 /* Account for reference dev->ip_ptr (below) */
253 in_dev_hold(in_dev);
254
255 devinet_sysctl_register(in_dev);
256 ip_mc_init_dev(in_dev);
257 if (dev->flags & IFF_UP)
258 ip_mc_up(in_dev);
259
260 /* we can receive as soon as ip_ptr is set -- do this last */
261 rcu_assign_pointer(dev->ip_ptr, in_dev);
262out:
263 return in_dev;
264out_kfree:
265 kfree(in_dev);
266 in_dev = NULL;
267 goto out;
268}
269
270static void in_dev_rcu_put(struct rcu_head *head)
271{
272 struct in_device *idev = container_of(head, struct in_device, rcu_head);
273 in_dev_put(idev);
274}
275
276static void inetdev_destroy(struct in_device *in_dev)
277{
278 struct in_ifaddr *ifa;
279 struct net_device *dev;
280
281 ASSERT_RTNL();
282
283 dev = in_dev->dev;
284
285 in_dev->dead = 1;
286
287 ip_mc_destroy_dev(in_dev);
288
289 while ((ifa = in_dev->ifa_list) != NULL) {
290 inet_del_ifa(in_dev, &in_dev->ifa_list, 0);
291 inet_free_ifa(ifa);
292 }
293
294 rcu_assign_pointer(dev->ip_ptr, NULL);
295
296 devinet_sysctl_unregister(in_dev);
297 neigh_parms_release(&arp_tbl, in_dev->arp_parms);
298 arp_ifdown(dev);
299
300 call_rcu(&in_dev->rcu_head, in_dev_rcu_put);
301}
302
303int inet_addr_onlink(struct in_device *in_dev, __be32 a, __be32 b)
304{
305 rcu_read_lock();
306 for_primary_ifa(in_dev) {
307 if (inet_ifa_match(a, ifa)) {
308 if (!b || inet_ifa_match(b, ifa)) {
309 rcu_read_unlock();
310 return 1;
311 }
312 }
313 } endfor_ifa(in_dev);
314 rcu_read_unlock();
315 return 0;
316}
317
318static void __inet_del_ifa(struct in_device *in_dev, struct in_ifaddr **ifap,
319 int destroy, struct nlmsghdr *nlh, u32 pid)
320{
321 struct in_ifaddr *promote = NULL;
322 struct in_ifaddr *ifa, *ifa1 = *ifap;
323 struct in_ifaddr *last_prim = in_dev->ifa_list;
324 struct in_ifaddr *prev_prom = NULL;
325 int do_promote = IN_DEV_PROMOTE_SECONDARIES(in_dev);
326
327 ASSERT_RTNL();
328
329 /* 1. Deleting primary ifaddr forces deletion all secondaries
330 * unless alias promotion is set
331 **/
332
333 if (!(ifa1->ifa_flags & IFA_F_SECONDARY)) {
334 struct in_ifaddr **ifap1 = &ifa1->ifa_next;
335
336 while ((ifa = *ifap1) != NULL) {
337 if (!(ifa->ifa_flags & IFA_F_SECONDARY) &&
338 ifa1->ifa_scope <= ifa->ifa_scope)
339 last_prim = ifa;
340
341 if (!(ifa->ifa_flags & IFA_F_SECONDARY) ||
342 ifa1->ifa_mask != ifa->ifa_mask ||
343 !inet_ifa_match(ifa1->ifa_address, ifa)) {
344 ifap1 = &ifa->ifa_next;
345 prev_prom = ifa;
346 continue;
347 }
348
349 if (!do_promote) {
350 inet_hash_remove(ifa);
351 *ifap1 = ifa->ifa_next;
352
353 rtmsg_ifa(RTM_DELADDR, ifa, nlh, pid);
354 blocking_notifier_call_chain(&inetaddr_chain,
355 NETDEV_DOWN, ifa);
356 inet_free_ifa(ifa);
357 } else {
358 promote = ifa;
359 break;
360 }
361 }
362 }
363
364 /* On promotion all secondaries from subnet are changing
365 * the primary IP, we must remove all their routes silently
366 * and later to add them back with new prefsrc. Do this
367 * while all addresses are on the device list.
368 */
369 for (ifa = promote; ifa; ifa = ifa->ifa_next) {
370 if (ifa1->ifa_mask == ifa->ifa_mask &&
371 inet_ifa_match(ifa1->ifa_address, ifa))
372 fib_del_ifaddr(ifa, ifa1);
373 }
374
375 /* 2. Unlink it */
376
377 *ifap = ifa1->ifa_next;
378 inet_hash_remove(ifa1);
379
380 /* 3. Announce address deletion */
381
382 /* Send message first, then call notifier.
383 At first sight, FIB update triggered by notifier
384 will refer to already deleted ifaddr, that could confuse
385 netlink listeners. It is not true: look, gated sees
386 that route deleted and if it still thinks that ifaddr
387 is valid, it will try to restore deleted routes... Grr.
388 So that, this order is correct.
389 */
390 rtmsg_ifa(RTM_DELADDR, ifa1, nlh, pid);
391 blocking_notifier_call_chain(&inetaddr_chain, NETDEV_DOWN, ifa1);
392
393 if (promote) {
394 struct in_ifaddr *next_sec = promote->ifa_next;
395
396 if (prev_prom) {
397 prev_prom->ifa_next = promote->ifa_next;
398 promote->ifa_next = last_prim->ifa_next;
399 last_prim->ifa_next = promote;
400 }
401
402 promote->ifa_flags &= ~IFA_F_SECONDARY;
403 rtmsg_ifa(RTM_NEWADDR, promote, nlh, pid);
404 blocking_notifier_call_chain(&inetaddr_chain,
405 NETDEV_UP, promote);
406 for (ifa = next_sec; ifa; ifa = ifa->ifa_next) {
407 if (ifa1->ifa_mask != ifa->ifa_mask ||
408 !inet_ifa_match(ifa1->ifa_address, ifa))
409 continue;
410 fib_add_ifaddr(ifa);
411 }
412
413 }
414 if (destroy)
415 inet_free_ifa(ifa1);
416}
417
418static void inet_del_ifa(struct in_device *in_dev, struct in_ifaddr **ifap,
419 int destroy)
420{
421 __inet_del_ifa(in_dev, ifap, destroy, NULL, 0);
422}
423
424static int __inet_insert_ifa(struct in_ifaddr *ifa, struct nlmsghdr *nlh,
425 u32 pid)
426{
427 struct in_device *in_dev = ifa->ifa_dev;
428 struct in_ifaddr *ifa1, **ifap, **last_primary;
429
430 ASSERT_RTNL();
431
432 if (!ifa->ifa_local) {
433 inet_free_ifa(ifa);
434 return 0;
435 }
436
437 ifa->ifa_flags &= ~IFA_F_SECONDARY;
438 last_primary = &in_dev->ifa_list;
439
440 for (ifap = &in_dev->ifa_list; (ifa1 = *ifap) != NULL;
441 ifap = &ifa1->ifa_next) {
442 if (!(ifa1->ifa_flags & IFA_F_SECONDARY) &&
443 ifa->ifa_scope <= ifa1->ifa_scope)
444 last_primary = &ifa1->ifa_next;
445 if (ifa1->ifa_mask == ifa->ifa_mask &&
446 inet_ifa_match(ifa1->ifa_address, ifa)) {
447 if (ifa1->ifa_local == ifa->ifa_local) {
448 inet_free_ifa(ifa);
449 return -EEXIST;
450 }
451 if (ifa1->ifa_scope != ifa->ifa_scope) {
452 inet_free_ifa(ifa);
453 return -EINVAL;
454 }
455 ifa->ifa_flags |= IFA_F_SECONDARY;
456 }
457 }
458
459 if (!(ifa->ifa_flags & IFA_F_SECONDARY)) {
460 net_srandom(ifa->ifa_local);
461 ifap = last_primary;
462 }
463
464 ifa->ifa_next = *ifap;
465 *ifap = ifa;
466
467 inet_hash_insert(dev_net(in_dev->dev), ifa);
468
469 /* Send message first, then call notifier.
470 Notifier will trigger FIB update, so that
471 listeners of netlink will know about new ifaddr */
472 rtmsg_ifa(RTM_NEWADDR, ifa, nlh, pid);
473 blocking_notifier_call_chain(&inetaddr_chain, NETDEV_UP, ifa);
474
475 return 0;
476}
477
478static int inet_insert_ifa(struct in_ifaddr *ifa)
479{
480 return __inet_insert_ifa(ifa, NULL, 0);
481}
482
483static int inet_set_ifa(struct net_device *dev, struct in_ifaddr *ifa)
484{
485 struct in_device *in_dev = __in_dev_get_rtnl(dev);
486
487 ASSERT_RTNL();
488
489 if (!in_dev) {
490 inet_free_ifa(ifa);
491 return -ENOBUFS;
492 }
493 ipv4_devconf_setall(in_dev);
494 if (ifa->ifa_dev != in_dev) {
495 WARN_ON(ifa->ifa_dev);
496 in_dev_hold(in_dev);
497 ifa->ifa_dev = in_dev;
498 }
499 if (ipv4_is_loopback(ifa->ifa_local))
500 ifa->ifa_scope = RT_SCOPE_HOST;
501 return inet_insert_ifa(ifa);
502}
503
504/* Caller must hold RCU or RTNL :
505 * We dont take a reference on found in_device
506 */
507struct in_device *inetdev_by_index(struct net *net, int ifindex)
508{
509 struct net_device *dev;
510 struct in_device *in_dev = NULL;
511
512 rcu_read_lock();
513 dev = dev_get_by_index_rcu(net, ifindex);
514 if (dev)
515 in_dev = rcu_dereference_rtnl(dev->ip_ptr);
516 rcu_read_unlock();
517 return in_dev;
518}
519EXPORT_SYMBOL(inetdev_by_index);
520
521/* Called only from RTNL semaphored context. No locks. */
522
523struct in_ifaddr *inet_ifa_byprefix(struct in_device *in_dev, __be32 prefix,
524 __be32 mask)
525{
526 ASSERT_RTNL();
527
528 for_primary_ifa(in_dev) {
529 if (ifa->ifa_mask == mask && inet_ifa_match(prefix, ifa))
530 return ifa;
531 } endfor_ifa(in_dev);
532 return NULL;
533}
534
535static int inet_rtm_deladdr(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg)
536{
537 struct net *net = sock_net(skb->sk);
538 struct nlattr *tb[IFA_MAX+1];
539 struct in_device *in_dev;
540 struct ifaddrmsg *ifm;
541 struct in_ifaddr *ifa, **ifap;
542 int err = -EINVAL;
543
544 ASSERT_RTNL();
545
546 err = nlmsg_parse(nlh, sizeof(*ifm), tb, IFA_MAX, ifa_ipv4_policy);
547 if (err < 0)
548 goto errout;
549
550 ifm = nlmsg_data(nlh);
551 in_dev = inetdev_by_index(net, ifm->ifa_index);
552 if (in_dev == NULL) {
553 err = -ENODEV;
554 goto errout;
555 }
556
557 for (ifap = &in_dev->ifa_list; (ifa = *ifap) != NULL;
558 ifap = &ifa->ifa_next) {
559 if (tb[IFA_LOCAL] &&
560 ifa->ifa_local != nla_get_be32(tb[IFA_LOCAL]))
561 continue;
562
563 if (tb[IFA_LABEL] && nla_strcmp(tb[IFA_LABEL], ifa->ifa_label))
564 continue;
565
566 if (tb[IFA_ADDRESS] &&
567 (ifm->ifa_prefixlen != ifa->ifa_prefixlen ||
568 !inet_ifa_match(nla_get_be32(tb[IFA_ADDRESS]), ifa)))
569 continue;
570
571 __inet_del_ifa(in_dev, ifap, 1, nlh, NETLINK_CB(skb).pid);
572 return 0;
573 }
574
575 err = -EADDRNOTAVAIL;
576errout:
577 return err;
578}
579
580static struct in_ifaddr *rtm_to_ifaddr(struct net *net, struct nlmsghdr *nlh)
581{
582 struct nlattr *tb[IFA_MAX+1];
583 struct in_ifaddr *ifa;
584 struct ifaddrmsg *ifm;
585 struct net_device *dev;
586 struct in_device *in_dev;
587 int err;
588
589 err = nlmsg_parse(nlh, sizeof(*ifm), tb, IFA_MAX, ifa_ipv4_policy);
590 if (err < 0)
591 goto errout;
592
593 ifm = nlmsg_data(nlh);
594 err = -EINVAL;
595 if (ifm->ifa_prefixlen > 32 || tb[IFA_LOCAL] == NULL)
596 goto errout;
597
598 dev = __dev_get_by_index(net, ifm->ifa_index);
599 err = -ENODEV;
600 if (dev == NULL)
601 goto errout;
602
603 in_dev = __in_dev_get_rtnl(dev);
604 err = -ENOBUFS;
605 if (in_dev == NULL)
606 goto errout;
607
608 ifa = inet_alloc_ifa();
609 if (ifa == NULL)
610 /*
611 * A potential indev allocation can be left alive, it stays
612 * assigned to its device and is destroy with it.
613 */
614 goto errout;
615
616 ipv4_devconf_setall(in_dev);
617 in_dev_hold(in_dev);
618
619 if (tb[IFA_ADDRESS] == NULL)
620 tb[IFA_ADDRESS] = tb[IFA_LOCAL];
621
622 INIT_HLIST_NODE(&ifa->hash);
623 ifa->ifa_prefixlen = ifm->ifa_prefixlen;
624 ifa->ifa_mask = inet_make_mask(ifm->ifa_prefixlen);
625 ifa->ifa_flags = ifm->ifa_flags;
626 ifa->ifa_scope = ifm->ifa_scope;
627 ifa->ifa_dev = in_dev;
628
629 ifa->ifa_local = nla_get_be32(tb[IFA_LOCAL]);
630 ifa->ifa_address = nla_get_be32(tb[IFA_ADDRESS]);
631
632 if (tb[IFA_BROADCAST])
633 ifa->ifa_broadcast = nla_get_be32(tb[IFA_BROADCAST]);
634
635 if (tb[IFA_LABEL])
636 nla_strlcpy(ifa->ifa_label, tb[IFA_LABEL], IFNAMSIZ);
637 else
638 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
639
640 return ifa;
641
642errout:
643 return ERR_PTR(err);
644}
645
646static int inet_rtm_newaddr(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg)
647{
648 struct net *net = sock_net(skb->sk);
649 struct in_ifaddr *ifa;
650
651 ASSERT_RTNL();
652
653 ifa = rtm_to_ifaddr(net, nlh);
654 if (IS_ERR(ifa))
655 return PTR_ERR(ifa);
656
657 return __inet_insert_ifa(ifa, nlh, NETLINK_CB(skb).pid);
658}
659
660/*
661 * Determine a default network mask, based on the IP address.
662 */
663
664static inline int inet_abc_len(__be32 addr)
665{
666 int rc = -1; /* Something else, probably a multicast. */
667
668 if (ipv4_is_zeronet(addr))
669 rc = 0;
670 else {
671 __u32 haddr = ntohl(addr);
672
673 if (IN_CLASSA(haddr))
674 rc = 8;
675 else if (IN_CLASSB(haddr))
676 rc = 16;
677 else if (IN_CLASSC(haddr))
678 rc = 24;
679 }
680
681 return rc;
682}
683
684
685int devinet_ioctl(struct net *net, unsigned int cmd, void __user *arg)
686{
687 struct ifreq ifr;
688 struct sockaddr_in sin_orig;
689 struct sockaddr_in *sin = (struct sockaddr_in *)&ifr.ifr_addr;
690 struct in_device *in_dev;
691 struct in_ifaddr **ifap = NULL;
692 struct in_ifaddr *ifa = NULL;
693 struct net_device *dev;
694 char *colon;
695 int ret = -EFAULT;
696 int tryaddrmatch = 0;
697
698 /*
699 * Fetch the caller's info block into kernel space
700 */
701
702 if (copy_from_user(&ifr, arg, sizeof(struct ifreq)))
703 goto out;
704 ifr.ifr_name[IFNAMSIZ - 1] = 0;
705
706 /* save original address for comparison */
707 memcpy(&sin_orig, sin, sizeof(*sin));
708
709 colon = strchr(ifr.ifr_name, ':');
710 if (colon)
711 *colon = 0;
712
713 dev_load(net, ifr.ifr_name);
714
715 switch (cmd) {
716 case SIOCGIFADDR: /* Get interface address */
717 case SIOCGIFBRDADDR: /* Get the broadcast address */
718 case SIOCGIFDSTADDR: /* Get the destination address */
719 case SIOCGIFNETMASK: /* Get the netmask for the interface */
720 /* Note that these ioctls will not sleep,
721 so that we do not impose a lock.
722 One day we will be forced to put shlock here (I mean SMP)
723 */
724 tryaddrmatch = (sin_orig.sin_family == AF_INET);
725 memset(sin, 0, sizeof(*sin));
726 sin->sin_family = AF_INET;
727 break;
728
729 case SIOCSIFFLAGS:
730 ret = -EACCES;
731 if (!capable(CAP_NET_ADMIN))
732 goto out;
733 break;
734 case SIOCSIFADDR: /* Set interface address (and family) */
735 case SIOCSIFBRDADDR: /* Set the broadcast address */
736 case SIOCSIFDSTADDR: /* Set the destination address */
737 case SIOCSIFNETMASK: /* Set the netmask for the interface */
738 ret = -EACCES;
739 if (!capable(CAP_NET_ADMIN))
740 goto out;
741 ret = -EINVAL;
742 if (sin->sin_family != AF_INET)
743 goto out;
744 break;
745 default:
746 ret = -EINVAL;
747 goto out;
748 }
749
750 rtnl_lock();
751
752 ret = -ENODEV;
753 dev = __dev_get_by_name(net, ifr.ifr_name);
754 if (!dev)
755 goto done;
756
757 if (colon)
758 *colon = ':';
759
760 in_dev = __in_dev_get_rtnl(dev);
761 if (in_dev) {
762 if (tryaddrmatch) {
763 /* Matthias Andree */
764 /* compare label and address (4.4BSD style) */
765 /* note: we only do this for a limited set of ioctls
766 and only if the original address family was AF_INET.
767 This is checked above. */
768 for (ifap = &in_dev->ifa_list; (ifa = *ifap) != NULL;
769 ifap = &ifa->ifa_next) {
770 if (!strcmp(ifr.ifr_name, ifa->ifa_label) &&
771 sin_orig.sin_addr.s_addr ==
772 ifa->ifa_local) {
773 break; /* found */
774 }
775 }
776 }
777 /* we didn't get a match, maybe the application is
778 4.3BSD-style and passed in junk so we fall back to
779 comparing just the label */
780 if (!ifa) {
781 for (ifap = &in_dev->ifa_list; (ifa = *ifap) != NULL;
782 ifap = &ifa->ifa_next)
783 if (!strcmp(ifr.ifr_name, ifa->ifa_label))
784 break;
785 }
786 }
787
788 ret = -EADDRNOTAVAIL;
789 if (!ifa && cmd != SIOCSIFADDR && cmd != SIOCSIFFLAGS)
790 goto done;
791
792 switch (cmd) {
793 case SIOCGIFADDR: /* Get interface address */
794 sin->sin_addr.s_addr = ifa->ifa_local;
795 goto rarok;
796
797 case SIOCGIFBRDADDR: /* Get the broadcast address */
798 sin->sin_addr.s_addr = ifa->ifa_broadcast;
799 goto rarok;
800
801 case SIOCGIFDSTADDR: /* Get the destination address */
802 sin->sin_addr.s_addr = ifa->ifa_address;
803 goto rarok;
804
805 case SIOCGIFNETMASK: /* Get the netmask for the interface */
806 sin->sin_addr.s_addr = ifa->ifa_mask;
807 goto rarok;
808
809 case SIOCSIFFLAGS:
810 if (colon) {
811 ret = -EADDRNOTAVAIL;
812 if (!ifa)
813 break;
814 ret = 0;
815 if (!(ifr.ifr_flags & IFF_UP))
816 inet_del_ifa(in_dev, ifap, 1);
817 break;
818 }
819 ret = dev_change_flags(dev, ifr.ifr_flags);
820 break;
821
822 case SIOCSIFADDR: /* Set interface address (and family) */
823 ret = -EINVAL;
824 if (inet_abc_len(sin->sin_addr.s_addr) < 0)
825 break;
826
827 if (!ifa) {
828 ret = -ENOBUFS;
829 ifa = inet_alloc_ifa();
830 INIT_HLIST_NODE(&ifa->hash);
831 if (!ifa)
832 break;
833 if (colon)
834 memcpy(ifa->ifa_label, ifr.ifr_name, IFNAMSIZ);
835 else
836 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
837 } else {
838 ret = 0;
839 if (ifa->ifa_local == sin->sin_addr.s_addr)
840 break;
841 inet_del_ifa(in_dev, ifap, 0);
842 ifa->ifa_broadcast = 0;
843 ifa->ifa_scope = 0;
844 }
845
846 ifa->ifa_address = ifa->ifa_local = sin->sin_addr.s_addr;
847
848 if (!(dev->flags & IFF_POINTOPOINT)) {
849 ifa->ifa_prefixlen = inet_abc_len(ifa->ifa_address);
850 ifa->ifa_mask = inet_make_mask(ifa->ifa_prefixlen);
851 if ((dev->flags & IFF_BROADCAST) &&
852 ifa->ifa_prefixlen < 31)
853 ifa->ifa_broadcast = ifa->ifa_address |
854 ~ifa->ifa_mask;
855 } else {
856 ifa->ifa_prefixlen = 32;
857 ifa->ifa_mask = inet_make_mask(32);
858 }
859 ret = inet_set_ifa(dev, ifa);
860 break;
861
862 case SIOCSIFBRDADDR: /* Set the broadcast address */
863 ret = 0;
864 if (ifa->ifa_broadcast != sin->sin_addr.s_addr) {
865 inet_del_ifa(in_dev, ifap, 0);
866 ifa->ifa_broadcast = sin->sin_addr.s_addr;
867 inet_insert_ifa(ifa);
868 }
869 break;
870
871 case SIOCSIFDSTADDR: /* Set the destination address */
872 ret = 0;
873 if (ifa->ifa_address == sin->sin_addr.s_addr)
874 break;
875 ret = -EINVAL;
876 if (inet_abc_len(sin->sin_addr.s_addr) < 0)
877 break;
878 ret = 0;
879 inet_del_ifa(in_dev, ifap, 0);
880 ifa->ifa_address = sin->sin_addr.s_addr;
881 inet_insert_ifa(ifa);
882 break;
883
884 case SIOCSIFNETMASK: /* Set the netmask for the interface */
885
886 /*
887 * The mask we set must be legal.
888 */
889 ret = -EINVAL;
890 if (bad_mask(sin->sin_addr.s_addr, 0))
891 break;
892 ret = 0;
893 if (ifa->ifa_mask != sin->sin_addr.s_addr) {
894 __be32 old_mask = ifa->ifa_mask;
895 inet_del_ifa(in_dev, ifap, 0);
896 ifa->ifa_mask = sin->sin_addr.s_addr;
897 ifa->ifa_prefixlen = inet_mask_len(ifa->ifa_mask);
898
899 /* See if current broadcast address matches
900 * with current netmask, then recalculate
901 * the broadcast address. Otherwise it's a
902 * funny address, so don't touch it since
903 * the user seems to know what (s)he's doing...
904 */
905 if ((dev->flags & IFF_BROADCAST) &&
906 (ifa->ifa_prefixlen < 31) &&
907 (ifa->ifa_broadcast ==
908 (ifa->ifa_local|~old_mask))) {
909 ifa->ifa_broadcast = (ifa->ifa_local |
910 ~sin->sin_addr.s_addr);
911 }
912 inet_insert_ifa(ifa);
913 }
914 break;
915 }
916done:
917 rtnl_unlock();
918out:
919 return ret;
920rarok:
921 rtnl_unlock();
922 ret = copy_to_user(arg, &ifr, sizeof(struct ifreq)) ? -EFAULT : 0;
923 goto out;
924}
925
926static int inet_gifconf(struct net_device *dev, char __user *buf, int len)
927{
928 struct in_device *in_dev = __in_dev_get_rtnl(dev);
929 struct in_ifaddr *ifa;
930 struct ifreq ifr;
931 int done = 0;
932
933 if (!in_dev)
934 goto out;
935
936 for (ifa = in_dev->ifa_list; ifa; ifa = ifa->ifa_next) {
937 if (!buf) {
938 done += sizeof(ifr);
939 continue;
940 }
941 if (len < (int) sizeof(ifr))
942 break;
943 memset(&ifr, 0, sizeof(struct ifreq));
944 if (ifa->ifa_label)
945 strcpy(ifr.ifr_name, ifa->ifa_label);
946 else
947 strcpy(ifr.ifr_name, dev->name);
948
949 (*(struct sockaddr_in *)&ifr.ifr_addr).sin_family = AF_INET;
950 (*(struct sockaddr_in *)&ifr.ifr_addr).sin_addr.s_addr =
951 ifa->ifa_local;
952
953 if (copy_to_user(buf, &ifr, sizeof(struct ifreq))) {
954 done = -EFAULT;
955 break;
956 }
957 buf += sizeof(struct ifreq);
958 len -= sizeof(struct ifreq);
959 done += sizeof(struct ifreq);
960 }
961out:
962 return done;
963}
964
965__be32 inet_select_addr(const struct net_device *dev, __be32 dst, int scope)
966{
967 __be32 addr = 0;
968 struct in_device *in_dev;
969 struct net *net = dev_net(dev);
970
971 rcu_read_lock();
972 in_dev = __in_dev_get_rcu(dev);
973 if (!in_dev)
974 goto no_in_dev;
975
976 for_primary_ifa(in_dev) {
977 if (ifa->ifa_scope > scope)
978 continue;
979 if (!dst || inet_ifa_match(dst, ifa)) {
980 addr = ifa->ifa_local;
981 break;
982 }
983 if (!addr)
984 addr = ifa->ifa_local;
985 } endfor_ifa(in_dev);
986
987 if (addr)
988 goto out_unlock;
989no_in_dev:
990
991 /* Not loopback addresses on loopback should be preferred
992 in this case. It is importnat that lo is the first interface
993 in dev_base list.
994 */
995 for_each_netdev_rcu(net, dev) {
996 in_dev = __in_dev_get_rcu(dev);
997 if (!in_dev)
998 continue;
999
1000 for_primary_ifa(in_dev) {
1001 if (ifa->ifa_scope != RT_SCOPE_LINK &&
1002 ifa->ifa_scope <= scope) {
1003 addr = ifa->ifa_local;
1004 goto out_unlock;
1005 }
1006 } endfor_ifa(in_dev);
1007 }
1008out_unlock:
1009 rcu_read_unlock();
1010 return addr;
1011}
1012EXPORT_SYMBOL(inet_select_addr);
1013
1014static __be32 confirm_addr_indev(struct in_device *in_dev, __be32 dst,
1015 __be32 local, int scope)
1016{
1017 int same = 0;
1018 __be32 addr = 0;
1019
1020 for_ifa(in_dev) {
1021 if (!addr &&
1022 (local == ifa->ifa_local || !local) &&
1023 ifa->ifa_scope <= scope) {
1024 addr = ifa->ifa_local;
1025 if (same)
1026 break;
1027 }
1028 if (!same) {
1029 same = (!local || inet_ifa_match(local, ifa)) &&
1030 (!dst || inet_ifa_match(dst, ifa));
1031 if (same && addr) {
1032 if (local || !dst)
1033 break;
1034 /* Is the selected addr into dst subnet? */
1035 if (inet_ifa_match(addr, ifa))
1036 break;
1037 /* No, then can we use new local src? */
1038 if (ifa->ifa_scope <= scope) {
1039 addr = ifa->ifa_local;
1040 break;
1041 }
1042 /* search for large dst subnet for addr */
1043 same = 0;
1044 }
1045 }
1046 } endfor_ifa(in_dev);
1047
1048 return same ? addr : 0;
1049}
1050
1051/*
1052 * Confirm that local IP address exists using wildcards:
1053 * - in_dev: only on this interface, 0=any interface
1054 * - dst: only in the same subnet as dst, 0=any dst
1055 * - local: address, 0=autoselect the local address
1056 * - scope: maximum allowed scope value for the local address
1057 */
1058__be32 inet_confirm_addr(struct in_device *in_dev,
1059 __be32 dst, __be32 local, int scope)
1060{
1061 __be32 addr = 0;
1062 struct net_device *dev;
1063 struct net *net;
1064
1065 if (scope != RT_SCOPE_LINK)
1066 return confirm_addr_indev(in_dev, dst, local, scope);
1067
1068 net = dev_net(in_dev->dev);
1069 rcu_read_lock();
1070 for_each_netdev_rcu(net, dev) {
1071 in_dev = __in_dev_get_rcu(dev);
1072 if (in_dev) {
1073 addr = confirm_addr_indev(in_dev, dst, local, scope);
1074 if (addr)
1075 break;
1076 }
1077 }
1078 rcu_read_unlock();
1079
1080 return addr;
1081}
1082
1083/*
1084 * Device notifier
1085 */
1086
1087int register_inetaddr_notifier(struct notifier_block *nb)
1088{
1089 return blocking_notifier_chain_register(&inetaddr_chain, nb);
1090}
1091EXPORT_SYMBOL(register_inetaddr_notifier);
1092
1093int unregister_inetaddr_notifier(struct notifier_block *nb)
1094{
1095 return blocking_notifier_chain_unregister(&inetaddr_chain, nb);
1096}
1097EXPORT_SYMBOL(unregister_inetaddr_notifier);
1098
1099/* Rename ifa_labels for a device name change. Make some effort to preserve
1100 * existing alias numbering and to create unique labels if possible.
1101*/
1102static void inetdev_changename(struct net_device *dev, struct in_device *in_dev)
1103{
1104 struct in_ifaddr *ifa;
1105 int named = 0;
1106
1107 for (ifa = in_dev->ifa_list; ifa; ifa = ifa->ifa_next) {
1108 char old[IFNAMSIZ], *dot;
1109
1110 memcpy(old, ifa->ifa_label, IFNAMSIZ);
1111 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
1112 if (named++ == 0)
1113 goto skip;
1114 dot = strchr(old, ':');
1115 if (dot == NULL) {
1116 sprintf(old, ":%d", named);
1117 dot = old;
1118 }
1119 if (strlen(dot) + strlen(dev->name) < IFNAMSIZ)
1120 strcat(ifa->ifa_label, dot);
1121 else
1122 strcpy(ifa->ifa_label + (IFNAMSIZ - strlen(dot) - 1), dot);
1123skip:
1124 rtmsg_ifa(RTM_NEWADDR, ifa, NULL, 0);
1125 }
1126}
1127
1128static inline bool inetdev_valid_mtu(unsigned mtu)
1129{
1130 return mtu >= 68;
1131}
1132
1133static void inetdev_send_gratuitous_arp(struct net_device *dev,
1134 struct in_device *in_dev)
1135
1136{
1137 struct in_ifaddr *ifa;
1138
1139 for (ifa = in_dev->ifa_list; ifa;
1140 ifa = ifa->ifa_next) {
1141 arp_send(ARPOP_REQUEST, ETH_P_ARP,
1142 ifa->ifa_local, dev,
1143 ifa->ifa_local, NULL,
1144 dev->dev_addr, NULL);
1145 }
1146}
1147
1148/* Called only under RTNL semaphore */
1149
1150static int inetdev_event(struct notifier_block *this, unsigned long event,
1151 void *ptr)
1152{
1153 struct net_device *dev = ptr;
1154 struct in_device *in_dev = __in_dev_get_rtnl(dev);
1155
1156 ASSERT_RTNL();
1157
1158 if (!in_dev) {
1159 if (event == NETDEV_REGISTER) {
1160 in_dev = inetdev_init(dev);
1161 if (!in_dev)
1162 return notifier_from_errno(-ENOMEM);
1163 if (dev->flags & IFF_LOOPBACK) {
1164 IN_DEV_CONF_SET(in_dev, NOXFRM, 1);
1165 IN_DEV_CONF_SET(in_dev, NOPOLICY, 1);
1166 }
1167 } else if (event == NETDEV_CHANGEMTU) {
1168 /* Re-enabling IP */
1169 if (inetdev_valid_mtu(dev->mtu))
1170 in_dev = inetdev_init(dev);
1171 }
1172 goto out;
1173 }
1174
1175 switch (event) {
1176 case NETDEV_REGISTER:
1177 printk(KERN_DEBUG "inetdev_event: bug\n");
1178 rcu_assign_pointer(dev->ip_ptr, NULL);
1179 break;
1180 case NETDEV_UP:
1181 if (!inetdev_valid_mtu(dev->mtu))
1182 break;
1183 if (dev->flags & IFF_LOOPBACK) {
1184 struct in_ifaddr *ifa = inet_alloc_ifa();
1185
1186 if (ifa) {
1187 INIT_HLIST_NODE(&ifa->hash);
1188 ifa->ifa_local =
1189 ifa->ifa_address = htonl(INADDR_LOOPBACK);
1190 ifa->ifa_prefixlen = 8;
1191 ifa->ifa_mask = inet_make_mask(8);
1192 in_dev_hold(in_dev);
1193 ifa->ifa_dev = in_dev;
1194 ifa->ifa_scope = RT_SCOPE_HOST;
1195 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
1196 inet_insert_ifa(ifa);
1197 }
1198 }
1199 ip_mc_up(in_dev);
1200 /* fall through */
1201 case NETDEV_CHANGEADDR:
1202 if (!IN_DEV_ARP_NOTIFY(in_dev))
1203 break;
1204 /* fall through */
1205 case NETDEV_NOTIFY_PEERS:
1206 /* Send gratuitous ARP to notify of link change */
1207 inetdev_send_gratuitous_arp(dev, in_dev);
1208 break;
1209 case NETDEV_DOWN:
1210 ip_mc_down(in_dev);
1211 break;
1212 case NETDEV_PRE_TYPE_CHANGE:
1213 ip_mc_unmap(in_dev);
1214 break;
1215 case NETDEV_POST_TYPE_CHANGE:
1216 ip_mc_remap(in_dev);
1217 break;
1218 case NETDEV_CHANGEMTU:
1219 if (inetdev_valid_mtu(dev->mtu))
1220 break;
1221 /* disable IP when MTU is not enough */
1222 case NETDEV_UNREGISTER:
1223 inetdev_destroy(in_dev);
1224 break;
1225 case NETDEV_CHANGENAME:
1226 /* Do not notify about label change, this event is
1227 * not interesting to applications using netlink.
1228 */
1229 inetdev_changename(dev, in_dev);
1230
1231 devinet_sysctl_unregister(in_dev);
1232 devinet_sysctl_register(in_dev);
1233 break;
1234 }
1235out:
1236 return NOTIFY_DONE;
1237}
1238
1239static struct notifier_block ip_netdev_notifier = {
1240 .notifier_call = inetdev_event,
1241};
1242
1243static inline size_t inet_nlmsg_size(void)
1244{
1245 return NLMSG_ALIGN(sizeof(struct ifaddrmsg))
1246 + nla_total_size(4) /* IFA_ADDRESS */
1247 + nla_total_size(4) /* IFA_LOCAL */
1248 + nla_total_size(4) /* IFA_BROADCAST */
1249 + nla_total_size(IFNAMSIZ); /* IFA_LABEL */
1250}
1251
1252static int inet_fill_ifaddr(struct sk_buff *skb, struct in_ifaddr *ifa,
1253 u32 pid, u32 seq, int event, unsigned int flags)
1254{
1255 struct ifaddrmsg *ifm;
1256 struct nlmsghdr *nlh;
1257
1258 nlh = nlmsg_put(skb, pid, seq, event, sizeof(*ifm), flags);
1259 if (nlh == NULL)
1260 return -EMSGSIZE;
1261
1262 ifm = nlmsg_data(nlh);
1263 ifm->ifa_family = AF_INET;
1264 ifm->ifa_prefixlen = ifa->ifa_prefixlen;
1265 ifm->ifa_flags = ifa->ifa_flags|IFA_F_PERMANENT;
1266 ifm->ifa_scope = ifa->ifa_scope;
1267 ifm->ifa_index = ifa->ifa_dev->dev->ifindex;
1268
1269 if (ifa->ifa_address)
1270 NLA_PUT_BE32(skb, IFA_ADDRESS, ifa->ifa_address);
1271
1272 if (ifa->ifa_local)
1273 NLA_PUT_BE32(skb, IFA_LOCAL, ifa->ifa_local);
1274
1275 if (ifa->ifa_broadcast)
1276 NLA_PUT_BE32(skb, IFA_BROADCAST, ifa->ifa_broadcast);
1277
1278 if (ifa->ifa_label[0])
1279 NLA_PUT_STRING(skb, IFA_LABEL, ifa->ifa_label);
1280
1281 return nlmsg_end(skb, nlh);
1282
1283nla_put_failure:
1284 nlmsg_cancel(skb, nlh);
1285 return -EMSGSIZE;
1286}
1287
1288static int inet_dump_ifaddr(struct sk_buff *skb, struct netlink_callback *cb)
1289{
1290 struct net *net = sock_net(skb->sk);
1291 int h, s_h;
1292 int idx, s_idx;
1293 int ip_idx, s_ip_idx;
1294 struct net_device *dev;
1295 struct in_device *in_dev;
1296 struct in_ifaddr *ifa;
1297 struct hlist_head *head;
1298 struct hlist_node *node;
1299
1300 s_h = cb->args[0];
1301 s_idx = idx = cb->args[1];
1302 s_ip_idx = ip_idx = cb->args[2];
1303
1304 for (h = s_h; h < NETDEV_HASHENTRIES; h++, s_idx = 0) {
1305 idx = 0;
1306 head = &net->dev_index_head[h];
1307 rcu_read_lock();
1308 hlist_for_each_entry_rcu(dev, node, head, index_hlist) {
1309 if (idx < s_idx)
1310 goto cont;
1311 if (h > s_h || idx > s_idx)
1312 s_ip_idx = 0;
1313 in_dev = __in_dev_get_rcu(dev);
1314 if (!in_dev)
1315 goto cont;
1316
1317 for (ifa = in_dev->ifa_list, ip_idx = 0; ifa;
1318 ifa = ifa->ifa_next, ip_idx++) {
1319 if (ip_idx < s_ip_idx)
1320 continue;
1321 if (inet_fill_ifaddr(skb, ifa,
1322 NETLINK_CB(cb->skb).pid,
1323 cb->nlh->nlmsg_seq,
1324 RTM_NEWADDR, NLM_F_MULTI) <= 0) {
1325 rcu_read_unlock();
1326 goto done;
1327 }
1328 }
1329cont:
1330 idx++;
1331 }
1332 rcu_read_unlock();
1333 }
1334
1335done:
1336 cb->args[0] = h;
1337 cb->args[1] = idx;
1338 cb->args[2] = ip_idx;
1339
1340 return skb->len;
1341}
1342
1343static void rtmsg_ifa(int event, struct in_ifaddr *ifa, struct nlmsghdr *nlh,
1344 u32 pid)
1345{
1346 struct sk_buff *skb;
1347 u32 seq = nlh ? nlh->nlmsg_seq : 0;
1348 int err = -ENOBUFS;
1349 struct net *net;
1350
1351 net = dev_net(ifa->ifa_dev->dev);
1352 skb = nlmsg_new(inet_nlmsg_size(), GFP_KERNEL);
1353 if (skb == NULL)
1354 goto errout;
1355
1356 err = inet_fill_ifaddr(skb, ifa, pid, seq, event, 0);
1357 if (err < 0) {
1358 /* -EMSGSIZE implies BUG in inet_nlmsg_size() */
1359 WARN_ON(err == -EMSGSIZE);
1360 kfree_skb(skb);
1361 goto errout;
1362 }
1363 rtnl_notify(skb, net, pid, RTNLGRP_IPV4_IFADDR, nlh, GFP_KERNEL);
1364 return;
1365errout:
1366 if (err < 0)
1367 rtnl_set_sk_err(net, RTNLGRP_IPV4_IFADDR, err);
1368}
1369
1370static size_t inet_get_link_af_size(const struct net_device *dev)
1371{
1372 struct in_device *in_dev = rcu_dereference_rtnl(dev->ip_ptr);
1373
1374 if (!in_dev)
1375 return 0;
1376
1377 return nla_total_size(IPV4_DEVCONF_MAX * 4); /* IFLA_INET_CONF */
1378}
1379
1380static int inet_fill_link_af(struct sk_buff *skb, const struct net_device *dev)
1381{
1382 struct in_device *in_dev = rcu_dereference_rtnl(dev->ip_ptr);
1383 struct nlattr *nla;
1384 int i;
1385
1386 if (!in_dev)
1387 return -ENODATA;
1388
1389 nla = nla_reserve(skb, IFLA_INET_CONF, IPV4_DEVCONF_MAX * 4);
1390 if (nla == NULL)
1391 return -EMSGSIZE;
1392
1393 for (i = 0; i < IPV4_DEVCONF_MAX; i++)
1394 ((u32 *) nla_data(nla))[i] = in_dev->cnf.data[i];
1395
1396 return 0;
1397}
1398
1399static const struct nla_policy inet_af_policy[IFLA_INET_MAX+1] = {
1400 [IFLA_INET_CONF] = { .type = NLA_NESTED },
1401};
1402
1403static int inet_validate_link_af(const struct net_device *dev,
1404 const struct nlattr *nla)
1405{
1406 struct nlattr *a, *tb[IFLA_INET_MAX+1];
1407 int err, rem;
1408
1409 if (dev && !__in_dev_get_rtnl(dev))
1410 return -EAFNOSUPPORT;
1411
1412 err = nla_parse_nested(tb, IFLA_INET_MAX, nla, inet_af_policy);
1413 if (err < 0)
1414 return err;
1415
1416 if (tb[IFLA_INET_CONF]) {
1417 nla_for_each_nested(a, tb[IFLA_INET_CONF], rem) {
1418 int cfgid = nla_type(a);
1419
1420 if (nla_len(a) < 4)
1421 return -EINVAL;
1422
1423 if (cfgid <= 0 || cfgid > IPV4_DEVCONF_MAX)
1424 return -EINVAL;
1425 }
1426 }
1427
1428 return 0;
1429}
1430
1431static int inet_set_link_af(struct net_device *dev, const struct nlattr *nla)
1432{
1433 struct in_device *in_dev = __in_dev_get_rtnl(dev);
1434 struct nlattr *a, *tb[IFLA_INET_MAX+1];
1435 int rem;
1436
1437 if (!in_dev)
1438 return -EAFNOSUPPORT;
1439
1440 if (nla_parse_nested(tb, IFLA_INET_MAX, nla, NULL) < 0)
1441 BUG();
1442
1443 if (tb[IFLA_INET_CONF]) {
1444 nla_for_each_nested(a, tb[IFLA_INET_CONF], rem)
1445 ipv4_devconf_set(in_dev, nla_type(a), nla_get_u32(a));
1446 }
1447
1448 return 0;
1449}
1450
1451#ifdef CONFIG_SYSCTL
1452
1453static void devinet_copy_dflt_conf(struct net *net, int i)
1454{
1455 struct net_device *dev;
1456
1457 rcu_read_lock();
1458 for_each_netdev_rcu(net, dev) {
1459 struct in_device *in_dev;
1460
1461 in_dev = __in_dev_get_rcu(dev);
1462 if (in_dev && !test_bit(i, in_dev->cnf.state))
1463 in_dev->cnf.data[i] = net->ipv4.devconf_dflt->data[i];
1464 }
1465 rcu_read_unlock();
1466}
1467
1468/* called with RTNL locked */
1469static void inet_forward_change(struct net *net)
1470{
1471 struct net_device *dev;
1472 int on = IPV4_DEVCONF_ALL(net, FORWARDING);
1473
1474 IPV4_DEVCONF_ALL(net, ACCEPT_REDIRECTS) = !on;
1475 IPV4_DEVCONF_DFLT(net, FORWARDING) = on;
1476
1477 for_each_netdev(net, dev) {
1478 struct in_device *in_dev;
1479 if (on)
1480 dev_disable_lro(dev);
1481 rcu_read_lock();
1482 in_dev = __in_dev_get_rcu(dev);
1483 if (in_dev)
1484 IN_DEV_CONF_SET(in_dev, FORWARDING, on);
1485 rcu_read_unlock();
1486 }
1487}
1488
1489static int devinet_conf_proc(ctl_table *ctl, int write,
1490 void __user *buffer,
1491 size_t *lenp, loff_t *ppos)
1492{
1493 int ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
1494
1495 if (write) {
1496 struct ipv4_devconf *cnf = ctl->extra1;
1497 struct net *net = ctl->extra2;
1498 int i = (int *)ctl->data - cnf->data;
1499
1500 set_bit(i, cnf->state);
1501
1502 if (cnf == net->ipv4.devconf_dflt)
1503 devinet_copy_dflt_conf(net, i);
1504 }
1505
1506 return ret;
1507}
1508
1509static int devinet_sysctl_forward(ctl_table *ctl, int write,
1510 void __user *buffer,
1511 size_t *lenp, loff_t *ppos)
1512{
1513 int *valp = ctl->data;
1514 int val = *valp;
1515 loff_t pos = *ppos;
1516 int ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
1517
1518 if (write && *valp != val) {
1519 struct net *net = ctl->extra2;
1520
1521 if (valp != &IPV4_DEVCONF_DFLT(net, FORWARDING)) {
1522 if (!rtnl_trylock()) {
1523 /* Restore the original values before restarting */
1524 *valp = val;
1525 *ppos = pos;
1526 return restart_syscall();
1527 }
1528 if (valp == &IPV4_DEVCONF_ALL(net, FORWARDING)) {
1529 inet_forward_change(net);
1530 } else if (*valp) {
1531 struct ipv4_devconf *cnf = ctl->extra1;
1532 struct in_device *idev =
1533 container_of(cnf, struct in_device, cnf);
1534 dev_disable_lro(idev->dev);
1535 }
1536 rtnl_unlock();
1537 rt_cache_flush(net, 0);
1538 }
1539 }
1540
1541 return ret;
1542}
1543
1544static int ipv4_doint_and_flush(ctl_table *ctl, int write,
1545 void __user *buffer,
1546 size_t *lenp, loff_t *ppos)
1547{
1548 int *valp = ctl->data;
1549 int val = *valp;
1550 int ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
1551 struct net *net = ctl->extra2;
1552
1553 if (write && *valp != val)
1554 rt_cache_flush(net, 0);
1555
1556 return ret;
1557}
1558
1559#define DEVINET_SYSCTL_ENTRY(attr, name, mval, proc) \
1560 { \
1561 .procname = name, \
1562 .data = ipv4_devconf.data + \
1563 IPV4_DEVCONF_ ## attr - 1, \
1564 .maxlen = sizeof(int), \
1565 .mode = mval, \
1566 .proc_handler = proc, \
1567 .extra1 = &ipv4_devconf, \
1568 }
1569
1570#define DEVINET_SYSCTL_RW_ENTRY(attr, name) \
1571 DEVINET_SYSCTL_ENTRY(attr, name, 0644, devinet_conf_proc)
1572
1573#define DEVINET_SYSCTL_RO_ENTRY(attr, name) \
1574 DEVINET_SYSCTL_ENTRY(attr, name, 0444, devinet_conf_proc)
1575
1576#define DEVINET_SYSCTL_COMPLEX_ENTRY(attr, name, proc) \
1577 DEVINET_SYSCTL_ENTRY(attr, name, 0644, proc)
1578
1579#define DEVINET_SYSCTL_FLUSHING_ENTRY(attr, name) \
1580 DEVINET_SYSCTL_COMPLEX_ENTRY(attr, name, ipv4_doint_and_flush)
1581
1582static struct devinet_sysctl_table {
1583 struct ctl_table_header *sysctl_header;
1584 struct ctl_table devinet_vars[__IPV4_DEVCONF_MAX];
1585 char *dev_name;
1586} devinet_sysctl = {
1587 .devinet_vars = {
1588 DEVINET_SYSCTL_COMPLEX_ENTRY(FORWARDING, "forwarding",
1589 devinet_sysctl_forward),
1590 DEVINET_SYSCTL_RO_ENTRY(MC_FORWARDING, "mc_forwarding"),
1591
1592 DEVINET_SYSCTL_RW_ENTRY(ACCEPT_REDIRECTS, "accept_redirects"),
1593 DEVINET_SYSCTL_RW_ENTRY(SECURE_REDIRECTS, "secure_redirects"),
1594 DEVINET_SYSCTL_RW_ENTRY(SHARED_MEDIA, "shared_media"),
1595 DEVINET_SYSCTL_RW_ENTRY(RP_FILTER, "rp_filter"),
1596 DEVINET_SYSCTL_RW_ENTRY(SEND_REDIRECTS, "send_redirects"),
1597 DEVINET_SYSCTL_RW_ENTRY(ACCEPT_SOURCE_ROUTE,
1598 "accept_source_route"),
1599 DEVINET_SYSCTL_RW_ENTRY(ACCEPT_LOCAL, "accept_local"),
1600 DEVINET_SYSCTL_RW_ENTRY(SRC_VMARK, "src_valid_mark"),
1601 DEVINET_SYSCTL_RW_ENTRY(PROXY_ARP, "proxy_arp"),
1602 DEVINET_SYSCTL_RW_ENTRY(MEDIUM_ID, "medium_id"),
1603 DEVINET_SYSCTL_RW_ENTRY(BOOTP_RELAY, "bootp_relay"),
1604 DEVINET_SYSCTL_RW_ENTRY(LOG_MARTIANS, "log_martians"),
1605 DEVINET_SYSCTL_RW_ENTRY(TAG, "tag"),
1606 DEVINET_SYSCTL_RW_ENTRY(ARPFILTER, "arp_filter"),
1607 DEVINET_SYSCTL_RW_ENTRY(ARP_ANNOUNCE, "arp_announce"),
1608 DEVINET_SYSCTL_RW_ENTRY(ARP_IGNORE, "arp_ignore"),
1609 DEVINET_SYSCTL_RW_ENTRY(ARP_ACCEPT, "arp_accept"),
1610 DEVINET_SYSCTL_RW_ENTRY(ARP_NOTIFY, "arp_notify"),
1611 DEVINET_SYSCTL_RW_ENTRY(PROXY_ARP_PVLAN, "proxy_arp_pvlan"),
1612
1613 DEVINET_SYSCTL_FLUSHING_ENTRY(NOXFRM, "disable_xfrm"),
1614 DEVINET_SYSCTL_FLUSHING_ENTRY(NOPOLICY, "disable_policy"),
1615 DEVINET_SYSCTL_FLUSHING_ENTRY(FORCE_IGMP_VERSION,
1616 "force_igmp_version"),
1617 DEVINET_SYSCTL_FLUSHING_ENTRY(PROMOTE_SECONDARIES,
1618 "promote_secondaries"),
1619 },
1620};
1621
1622static int __devinet_sysctl_register(struct net *net, char *dev_name,
1623 struct ipv4_devconf *p)
1624{
1625 int i;
1626 struct devinet_sysctl_table *t;
1627
1628#define DEVINET_CTL_PATH_DEV 3
1629
1630 struct ctl_path devinet_ctl_path[] = {
1631 { .procname = "net", },
1632 { .procname = "ipv4", },
1633 { .procname = "conf", },
1634 { /* to be set */ },
1635 { },
1636 };
1637
1638 t = kmemdup(&devinet_sysctl, sizeof(*t), GFP_KERNEL);
1639 if (!t)
1640 goto out;
1641
1642 for (i = 0; i < ARRAY_SIZE(t->devinet_vars) - 1; i++) {
1643 t->devinet_vars[i].data += (char *)p - (char *)&ipv4_devconf;
1644 t->devinet_vars[i].extra1 = p;
1645 t->devinet_vars[i].extra2 = net;
1646 }
1647
1648 /*
1649 * Make a copy of dev_name, because '.procname' is regarded as const
1650 * by sysctl and we wouldn't want anyone to change it under our feet
1651 * (see SIOCSIFNAME).
1652 */
1653 t->dev_name = kstrdup(dev_name, GFP_KERNEL);
1654 if (!t->dev_name)
1655 goto free;
1656
1657 devinet_ctl_path[DEVINET_CTL_PATH_DEV].procname = t->dev_name;
1658
1659 t->sysctl_header = register_net_sysctl_table(net, devinet_ctl_path,
1660 t->devinet_vars);
1661 if (!t->sysctl_header)
1662 goto free_procname;
1663
1664 p->sysctl = t;
1665 return 0;
1666
1667free_procname:
1668 kfree(t->dev_name);
1669free:
1670 kfree(t);
1671out:
1672 return -ENOBUFS;
1673}
1674
1675static void __devinet_sysctl_unregister(struct ipv4_devconf *cnf)
1676{
1677 struct devinet_sysctl_table *t = cnf->sysctl;
1678
1679 if (t == NULL)
1680 return;
1681
1682 cnf->sysctl = NULL;
1683 unregister_net_sysctl_table(t->sysctl_header);
1684 kfree(t->dev_name);
1685 kfree(t);
1686}
1687
1688static void devinet_sysctl_register(struct in_device *idev)
1689{
1690 neigh_sysctl_register(idev->dev, idev->arp_parms, "ipv4", NULL);
1691 __devinet_sysctl_register(dev_net(idev->dev), idev->dev->name,
1692 &idev->cnf);
1693}
1694
1695static void devinet_sysctl_unregister(struct in_device *idev)
1696{
1697 __devinet_sysctl_unregister(&idev->cnf);
1698 neigh_sysctl_unregister(idev->arp_parms);
1699}
1700
1701static struct ctl_table ctl_forward_entry[] = {
1702 {
1703 .procname = "ip_forward",
1704 .data = &ipv4_devconf.data[
1705 IPV4_DEVCONF_FORWARDING - 1],
1706 .maxlen = sizeof(int),
1707 .mode = 0644,
1708 .proc_handler = devinet_sysctl_forward,
1709 .extra1 = &ipv4_devconf,
1710 .extra2 = &init_net,
1711 },
1712 { },
1713};
1714
1715static __net_initdata struct ctl_path net_ipv4_path[] = {
1716 { .procname = "net", },
1717 { .procname = "ipv4", },
1718 { },
1719};
1720#endif
1721
1722static __net_init int devinet_init_net(struct net *net)
1723{
1724 int err;
1725 struct ipv4_devconf *all, *dflt;
1726#ifdef CONFIG_SYSCTL
1727 struct ctl_table *tbl = ctl_forward_entry;
1728 struct ctl_table_header *forw_hdr;
1729#endif
1730
1731 err = -ENOMEM;
1732 all = &ipv4_devconf;
1733 dflt = &ipv4_devconf_dflt;
1734
1735 if (!net_eq(net, &init_net)) {
1736 all = kmemdup(all, sizeof(ipv4_devconf), GFP_KERNEL);
1737 if (all == NULL)
1738 goto err_alloc_all;
1739
1740 dflt = kmemdup(dflt, sizeof(ipv4_devconf_dflt), GFP_KERNEL);
1741 if (dflt == NULL)
1742 goto err_alloc_dflt;
1743
1744#ifdef CONFIG_SYSCTL
1745 tbl = kmemdup(tbl, sizeof(ctl_forward_entry), GFP_KERNEL);
1746 if (tbl == NULL)
1747 goto err_alloc_ctl;
1748
1749 tbl[0].data = &all->data[IPV4_DEVCONF_FORWARDING - 1];
1750 tbl[0].extra1 = all;
1751 tbl[0].extra2 = net;
1752#endif
1753 }
1754
1755#ifdef CONFIG_SYSCTL
1756 err = __devinet_sysctl_register(net, "all", all);
1757 if (err < 0)
1758 goto err_reg_all;
1759
1760 err = __devinet_sysctl_register(net, "default", dflt);
1761 if (err < 0)
1762 goto err_reg_dflt;
1763
1764 err = -ENOMEM;
1765 forw_hdr = register_net_sysctl_table(net, net_ipv4_path, tbl);
1766 if (forw_hdr == NULL)
1767 goto err_reg_ctl;
1768 net->ipv4.forw_hdr = forw_hdr;
1769#endif
1770
1771 net->ipv4.devconf_all = all;
1772 net->ipv4.devconf_dflt = dflt;
1773 return 0;
1774
1775#ifdef CONFIG_SYSCTL
1776err_reg_ctl:
1777 __devinet_sysctl_unregister(dflt);
1778err_reg_dflt:
1779 __devinet_sysctl_unregister(all);
1780err_reg_all:
1781 if (tbl != ctl_forward_entry)
1782 kfree(tbl);
1783err_alloc_ctl:
1784#endif
1785 if (dflt != &ipv4_devconf_dflt)
1786 kfree(dflt);
1787err_alloc_dflt:
1788 if (all != &ipv4_devconf)
1789 kfree(all);
1790err_alloc_all:
1791 return err;
1792}
1793
1794static __net_exit void devinet_exit_net(struct net *net)
1795{
1796#ifdef CONFIG_SYSCTL
1797 struct ctl_table *tbl;
1798
1799 tbl = net->ipv4.forw_hdr->ctl_table_arg;
1800 unregister_net_sysctl_table(net->ipv4.forw_hdr);
1801 __devinet_sysctl_unregister(net->ipv4.devconf_dflt);
1802 __devinet_sysctl_unregister(net->ipv4.devconf_all);
1803 kfree(tbl);
1804#endif
1805 kfree(net->ipv4.devconf_dflt);
1806 kfree(net->ipv4.devconf_all);
1807}
1808
1809static __net_initdata struct pernet_operations devinet_ops = {
1810 .init = devinet_init_net,
1811 .exit = devinet_exit_net,
1812};
1813
1814static struct rtnl_af_ops inet_af_ops = {
1815 .family = AF_INET,
1816 .fill_link_af = inet_fill_link_af,
1817 .get_link_af_size = inet_get_link_af_size,
1818 .validate_link_af = inet_validate_link_af,
1819 .set_link_af = inet_set_link_af,
1820};
1821
1822void __init devinet_init(void)
1823{
1824 int i;
1825
1826 for (i = 0; i < IN4_ADDR_HSIZE; i++)
1827 INIT_HLIST_HEAD(&inet_addr_lst[i]);
1828
1829 register_pernet_subsys(&devinet_ops);
1830
1831 register_gifconf(PF_INET, inet_gifconf);
1832 register_netdevice_notifier(&ip_netdev_notifier);
1833
1834 rtnl_af_register(&inet_af_ops);
1835
1836 rtnl_register(PF_INET, RTM_NEWADDR, inet_rtm_newaddr, NULL, NULL);
1837 rtnl_register(PF_INET, RTM_DELADDR, inet_rtm_deladdr, NULL, NULL);
1838 rtnl_register(PF_INET, RTM_GETADDR, NULL, inet_dump_ifaddr, NULL);
1839}
1840
1// SPDX-License-Identifier: GPL-2.0-or-later
2/*
3 * NET3 IP device support routines.
4 *
5 * Derived from the IP parts of dev.c 1.0.19
6 * Authors: Ross Biro
7 * Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
8 * Mark Evans, <evansmp@uhura.aston.ac.uk>
9 *
10 * Additional Authors:
11 * Alan Cox, <gw4pts@gw4pts.ampr.org>
12 * Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru>
13 *
14 * Changes:
15 * Alexey Kuznetsov: pa_* fields are replaced with ifaddr
16 * lists.
17 * Cyrus Durgin: updated for kmod
18 * Matthias Andree: in devinet_ioctl, compare label and
19 * address (4.4BSD alias style support),
20 * fall back to comparing just the label
21 * if no match found.
22 */
23
24
25#include <linux/uaccess.h>
26#include <linux/bitops.h>
27#include <linux/capability.h>
28#include <linux/module.h>
29#include <linux/types.h>
30#include <linux/kernel.h>
31#include <linux/sched/signal.h>
32#include <linux/string.h>
33#include <linux/mm.h>
34#include <linux/socket.h>
35#include <linux/sockios.h>
36#include <linux/in.h>
37#include <linux/errno.h>
38#include <linux/interrupt.h>
39#include <linux/if_addr.h>
40#include <linux/if_ether.h>
41#include <linux/inet.h>
42#include <linux/netdevice.h>
43#include <linux/etherdevice.h>
44#include <linux/skbuff.h>
45#include <linux/init.h>
46#include <linux/notifier.h>
47#include <linux/inetdevice.h>
48#include <linux/igmp.h>
49#include <linux/slab.h>
50#include <linux/hash.h>
51#ifdef CONFIG_SYSCTL
52#include <linux/sysctl.h>
53#endif
54#include <linux/kmod.h>
55#include <linux/netconf.h>
56
57#include <net/arp.h>
58#include <net/ip.h>
59#include <net/route.h>
60#include <net/ip_fib.h>
61#include <net/rtnetlink.h>
62#include <net/net_namespace.h>
63#include <net/addrconf.h>
64
65#define IPV6ONLY_FLAGS \
66 (IFA_F_NODAD | IFA_F_OPTIMISTIC | IFA_F_DADFAILED | \
67 IFA_F_HOMEADDRESS | IFA_F_TENTATIVE | \
68 IFA_F_MANAGETEMPADDR | IFA_F_STABLE_PRIVACY)
69
70static struct ipv4_devconf ipv4_devconf = {
71 .data = {
72 [IPV4_DEVCONF_ACCEPT_REDIRECTS - 1] = 1,
73 [IPV4_DEVCONF_SEND_REDIRECTS - 1] = 1,
74 [IPV4_DEVCONF_SECURE_REDIRECTS - 1] = 1,
75 [IPV4_DEVCONF_SHARED_MEDIA - 1] = 1,
76 [IPV4_DEVCONF_IGMPV2_UNSOLICITED_REPORT_INTERVAL - 1] = 10000 /*ms*/,
77 [IPV4_DEVCONF_IGMPV3_UNSOLICITED_REPORT_INTERVAL - 1] = 1000 /*ms*/,
78 [IPV4_DEVCONF_ARP_EVICT_NOCARRIER - 1] = 1,
79 },
80};
81
82static struct ipv4_devconf ipv4_devconf_dflt = {
83 .data = {
84 [IPV4_DEVCONF_ACCEPT_REDIRECTS - 1] = 1,
85 [IPV4_DEVCONF_SEND_REDIRECTS - 1] = 1,
86 [IPV4_DEVCONF_SECURE_REDIRECTS - 1] = 1,
87 [IPV4_DEVCONF_SHARED_MEDIA - 1] = 1,
88 [IPV4_DEVCONF_ACCEPT_SOURCE_ROUTE - 1] = 1,
89 [IPV4_DEVCONF_IGMPV2_UNSOLICITED_REPORT_INTERVAL - 1] = 10000 /*ms*/,
90 [IPV4_DEVCONF_IGMPV3_UNSOLICITED_REPORT_INTERVAL - 1] = 1000 /*ms*/,
91 [IPV4_DEVCONF_ARP_EVICT_NOCARRIER - 1] = 1,
92 },
93};
94
95#define IPV4_DEVCONF_DFLT(net, attr) \
96 IPV4_DEVCONF((*net->ipv4.devconf_dflt), attr)
97
98static const struct nla_policy ifa_ipv4_policy[IFA_MAX+1] = {
99 [IFA_LOCAL] = { .type = NLA_U32 },
100 [IFA_ADDRESS] = { .type = NLA_U32 },
101 [IFA_BROADCAST] = { .type = NLA_U32 },
102 [IFA_LABEL] = { .type = NLA_STRING, .len = IFNAMSIZ - 1 },
103 [IFA_CACHEINFO] = { .len = sizeof(struct ifa_cacheinfo) },
104 [IFA_FLAGS] = { .type = NLA_U32 },
105 [IFA_RT_PRIORITY] = { .type = NLA_U32 },
106 [IFA_TARGET_NETNSID] = { .type = NLA_S32 },
107 [IFA_PROTO] = { .type = NLA_U8 },
108};
109
110struct inet_fill_args {
111 u32 portid;
112 u32 seq;
113 int event;
114 unsigned int flags;
115 int netnsid;
116 int ifindex;
117};
118
119#define IN4_ADDR_HSIZE_SHIFT 8
120#define IN4_ADDR_HSIZE (1U << IN4_ADDR_HSIZE_SHIFT)
121
122static struct hlist_head inet_addr_lst[IN4_ADDR_HSIZE];
123
124static u32 inet_addr_hash(const struct net *net, __be32 addr)
125{
126 u32 val = (__force u32) addr ^ net_hash_mix(net);
127
128 return hash_32(val, IN4_ADDR_HSIZE_SHIFT);
129}
130
131static void inet_hash_insert(struct net *net, struct in_ifaddr *ifa)
132{
133 u32 hash = inet_addr_hash(net, ifa->ifa_local);
134
135 ASSERT_RTNL();
136 hlist_add_head_rcu(&ifa->hash, &inet_addr_lst[hash]);
137}
138
139static void inet_hash_remove(struct in_ifaddr *ifa)
140{
141 ASSERT_RTNL();
142 hlist_del_init_rcu(&ifa->hash);
143}
144
145/**
146 * __ip_dev_find - find the first device with a given source address.
147 * @net: the net namespace
148 * @addr: the source address
149 * @devref: if true, take a reference on the found device
150 *
151 * If a caller uses devref=false, it should be protected by RCU, or RTNL
152 */
153struct net_device *__ip_dev_find(struct net *net, __be32 addr, bool devref)
154{
155 struct net_device *result = NULL;
156 struct in_ifaddr *ifa;
157
158 rcu_read_lock();
159 ifa = inet_lookup_ifaddr_rcu(net, addr);
160 if (!ifa) {
161 struct flowi4 fl4 = { .daddr = addr };
162 struct fib_result res = { 0 };
163 struct fib_table *local;
164
165 /* Fallback to FIB local table so that communication
166 * over loopback subnets work.
167 */
168 local = fib_get_table(net, RT_TABLE_LOCAL);
169 if (local &&
170 !fib_table_lookup(local, &fl4, &res, FIB_LOOKUP_NOREF) &&
171 res.type == RTN_LOCAL)
172 result = FIB_RES_DEV(res);
173 } else {
174 result = ifa->ifa_dev->dev;
175 }
176 if (result && devref)
177 dev_hold(result);
178 rcu_read_unlock();
179 return result;
180}
181EXPORT_SYMBOL(__ip_dev_find);
182
183/* called under RCU lock */
184struct in_ifaddr *inet_lookup_ifaddr_rcu(struct net *net, __be32 addr)
185{
186 u32 hash = inet_addr_hash(net, addr);
187 struct in_ifaddr *ifa;
188
189 hlist_for_each_entry_rcu(ifa, &inet_addr_lst[hash], hash)
190 if (ifa->ifa_local == addr &&
191 net_eq(dev_net(ifa->ifa_dev->dev), net))
192 return ifa;
193
194 return NULL;
195}
196
197static void rtmsg_ifa(int event, struct in_ifaddr *, struct nlmsghdr *, u32);
198
199static BLOCKING_NOTIFIER_HEAD(inetaddr_chain);
200static BLOCKING_NOTIFIER_HEAD(inetaddr_validator_chain);
201static void inet_del_ifa(struct in_device *in_dev,
202 struct in_ifaddr __rcu **ifap,
203 int destroy);
204#ifdef CONFIG_SYSCTL
205static int devinet_sysctl_register(struct in_device *idev);
206static void devinet_sysctl_unregister(struct in_device *idev);
207#else
208static int devinet_sysctl_register(struct in_device *idev)
209{
210 return 0;
211}
212static void devinet_sysctl_unregister(struct in_device *idev)
213{
214}
215#endif
216
217/* Locks all the inet devices. */
218
219static struct in_ifaddr *inet_alloc_ifa(void)
220{
221 return kzalloc(sizeof(struct in_ifaddr), GFP_KERNEL_ACCOUNT);
222}
223
224static void inet_rcu_free_ifa(struct rcu_head *head)
225{
226 struct in_ifaddr *ifa = container_of(head, struct in_ifaddr, rcu_head);
227 if (ifa->ifa_dev)
228 in_dev_put(ifa->ifa_dev);
229 kfree(ifa);
230}
231
232static void inet_free_ifa(struct in_ifaddr *ifa)
233{
234 call_rcu(&ifa->rcu_head, inet_rcu_free_ifa);
235}
236
237static void in_dev_free_rcu(struct rcu_head *head)
238{
239 struct in_device *idev = container_of(head, struct in_device, rcu_head);
240
241 kfree(rcu_dereference_protected(idev->mc_hash, 1));
242 kfree(idev);
243}
244
245void in_dev_finish_destroy(struct in_device *idev)
246{
247 struct net_device *dev = idev->dev;
248
249 WARN_ON(idev->ifa_list);
250 WARN_ON(idev->mc_list);
251#ifdef NET_REFCNT_DEBUG
252 pr_debug("%s: %p=%s\n", __func__, idev, dev ? dev->name : "NIL");
253#endif
254 netdev_put(dev, &idev->dev_tracker);
255 if (!idev->dead)
256 pr_err("Freeing alive in_device %p\n", idev);
257 else
258 call_rcu(&idev->rcu_head, in_dev_free_rcu);
259}
260EXPORT_SYMBOL(in_dev_finish_destroy);
261
262static struct in_device *inetdev_init(struct net_device *dev)
263{
264 struct in_device *in_dev;
265 int err = -ENOMEM;
266
267 ASSERT_RTNL();
268
269 in_dev = kzalloc(sizeof(*in_dev), GFP_KERNEL);
270 if (!in_dev)
271 goto out;
272 memcpy(&in_dev->cnf, dev_net(dev)->ipv4.devconf_dflt,
273 sizeof(in_dev->cnf));
274 in_dev->cnf.sysctl = NULL;
275 in_dev->dev = dev;
276 in_dev->arp_parms = neigh_parms_alloc(dev, &arp_tbl);
277 if (!in_dev->arp_parms)
278 goto out_kfree;
279 if (IPV4_DEVCONF(in_dev->cnf, FORWARDING))
280 dev_disable_lro(dev);
281 /* Reference in_dev->dev */
282 netdev_hold(dev, &in_dev->dev_tracker, GFP_KERNEL);
283 /* Account for reference dev->ip_ptr (below) */
284 refcount_set(&in_dev->refcnt, 1);
285
286 err = devinet_sysctl_register(in_dev);
287 if (err) {
288 in_dev->dead = 1;
289 neigh_parms_release(&arp_tbl, in_dev->arp_parms);
290 in_dev_put(in_dev);
291 in_dev = NULL;
292 goto out;
293 }
294 ip_mc_init_dev(in_dev);
295 if (dev->flags & IFF_UP)
296 ip_mc_up(in_dev);
297
298 /* we can receive as soon as ip_ptr is set -- do this last */
299 rcu_assign_pointer(dev->ip_ptr, in_dev);
300out:
301 return in_dev ?: ERR_PTR(err);
302out_kfree:
303 kfree(in_dev);
304 in_dev = NULL;
305 goto out;
306}
307
308static void inetdev_destroy(struct in_device *in_dev)
309{
310 struct net_device *dev;
311 struct in_ifaddr *ifa;
312
313 ASSERT_RTNL();
314
315 dev = in_dev->dev;
316
317 in_dev->dead = 1;
318
319 ip_mc_destroy_dev(in_dev);
320
321 while ((ifa = rtnl_dereference(in_dev->ifa_list)) != NULL) {
322 inet_del_ifa(in_dev, &in_dev->ifa_list, 0);
323 inet_free_ifa(ifa);
324 }
325
326 RCU_INIT_POINTER(dev->ip_ptr, NULL);
327
328 devinet_sysctl_unregister(in_dev);
329 neigh_parms_release(&arp_tbl, in_dev->arp_parms);
330 arp_ifdown(dev);
331
332 in_dev_put(in_dev);
333}
334
335int inet_addr_onlink(struct in_device *in_dev, __be32 a, __be32 b)
336{
337 const struct in_ifaddr *ifa;
338
339 rcu_read_lock();
340 in_dev_for_each_ifa_rcu(ifa, in_dev) {
341 if (inet_ifa_match(a, ifa)) {
342 if (!b || inet_ifa_match(b, ifa)) {
343 rcu_read_unlock();
344 return 1;
345 }
346 }
347 }
348 rcu_read_unlock();
349 return 0;
350}
351
352static void __inet_del_ifa(struct in_device *in_dev,
353 struct in_ifaddr __rcu **ifap,
354 int destroy, struct nlmsghdr *nlh, u32 portid)
355{
356 struct in_ifaddr *promote = NULL;
357 struct in_ifaddr *ifa, *ifa1;
358 struct in_ifaddr __rcu **last_prim;
359 struct in_ifaddr *prev_prom = NULL;
360 int do_promote = IN_DEV_PROMOTE_SECONDARIES(in_dev);
361
362 ASSERT_RTNL();
363
364 ifa1 = rtnl_dereference(*ifap);
365 last_prim = ifap;
366 if (in_dev->dead)
367 goto no_promotions;
368
369 /* 1. Deleting primary ifaddr forces deletion all secondaries
370 * unless alias promotion is set
371 **/
372
373 if (!(ifa1->ifa_flags & IFA_F_SECONDARY)) {
374 struct in_ifaddr __rcu **ifap1 = &ifa1->ifa_next;
375
376 while ((ifa = rtnl_dereference(*ifap1)) != NULL) {
377 if (!(ifa->ifa_flags & IFA_F_SECONDARY) &&
378 ifa1->ifa_scope <= ifa->ifa_scope)
379 last_prim = &ifa->ifa_next;
380
381 if (!(ifa->ifa_flags & IFA_F_SECONDARY) ||
382 ifa1->ifa_mask != ifa->ifa_mask ||
383 !inet_ifa_match(ifa1->ifa_address, ifa)) {
384 ifap1 = &ifa->ifa_next;
385 prev_prom = ifa;
386 continue;
387 }
388
389 if (!do_promote) {
390 inet_hash_remove(ifa);
391 *ifap1 = ifa->ifa_next;
392
393 rtmsg_ifa(RTM_DELADDR, ifa, nlh, portid);
394 blocking_notifier_call_chain(&inetaddr_chain,
395 NETDEV_DOWN, ifa);
396 inet_free_ifa(ifa);
397 } else {
398 promote = ifa;
399 break;
400 }
401 }
402 }
403
404 /* On promotion all secondaries from subnet are changing
405 * the primary IP, we must remove all their routes silently
406 * and later to add them back with new prefsrc. Do this
407 * while all addresses are on the device list.
408 */
409 for (ifa = promote; ifa; ifa = rtnl_dereference(ifa->ifa_next)) {
410 if (ifa1->ifa_mask == ifa->ifa_mask &&
411 inet_ifa_match(ifa1->ifa_address, ifa))
412 fib_del_ifaddr(ifa, ifa1);
413 }
414
415no_promotions:
416 /* 2. Unlink it */
417
418 *ifap = ifa1->ifa_next;
419 inet_hash_remove(ifa1);
420
421 /* 3. Announce address deletion */
422
423 /* Send message first, then call notifier.
424 At first sight, FIB update triggered by notifier
425 will refer to already deleted ifaddr, that could confuse
426 netlink listeners. It is not true: look, gated sees
427 that route deleted and if it still thinks that ifaddr
428 is valid, it will try to restore deleted routes... Grr.
429 So that, this order is correct.
430 */
431 rtmsg_ifa(RTM_DELADDR, ifa1, nlh, portid);
432 blocking_notifier_call_chain(&inetaddr_chain, NETDEV_DOWN, ifa1);
433
434 if (promote) {
435 struct in_ifaddr *next_sec;
436
437 next_sec = rtnl_dereference(promote->ifa_next);
438 if (prev_prom) {
439 struct in_ifaddr *last_sec;
440
441 rcu_assign_pointer(prev_prom->ifa_next, next_sec);
442
443 last_sec = rtnl_dereference(*last_prim);
444 rcu_assign_pointer(promote->ifa_next, last_sec);
445 rcu_assign_pointer(*last_prim, promote);
446 }
447
448 promote->ifa_flags &= ~IFA_F_SECONDARY;
449 rtmsg_ifa(RTM_NEWADDR, promote, nlh, portid);
450 blocking_notifier_call_chain(&inetaddr_chain,
451 NETDEV_UP, promote);
452 for (ifa = next_sec; ifa;
453 ifa = rtnl_dereference(ifa->ifa_next)) {
454 if (ifa1->ifa_mask != ifa->ifa_mask ||
455 !inet_ifa_match(ifa1->ifa_address, ifa))
456 continue;
457 fib_add_ifaddr(ifa);
458 }
459
460 }
461 if (destroy)
462 inet_free_ifa(ifa1);
463}
464
465static void inet_del_ifa(struct in_device *in_dev,
466 struct in_ifaddr __rcu **ifap,
467 int destroy)
468{
469 __inet_del_ifa(in_dev, ifap, destroy, NULL, 0);
470}
471
472static void check_lifetime(struct work_struct *work);
473
474static DECLARE_DELAYED_WORK(check_lifetime_work, check_lifetime);
475
476static int __inet_insert_ifa(struct in_ifaddr *ifa, struct nlmsghdr *nlh,
477 u32 portid, struct netlink_ext_ack *extack)
478{
479 struct in_ifaddr __rcu **last_primary, **ifap;
480 struct in_device *in_dev = ifa->ifa_dev;
481 struct in_validator_info ivi;
482 struct in_ifaddr *ifa1;
483 int ret;
484
485 ASSERT_RTNL();
486
487 if (!ifa->ifa_local) {
488 inet_free_ifa(ifa);
489 return 0;
490 }
491
492 ifa->ifa_flags &= ~IFA_F_SECONDARY;
493 last_primary = &in_dev->ifa_list;
494
495 /* Don't set IPv6 only flags to IPv4 addresses */
496 ifa->ifa_flags &= ~IPV6ONLY_FLAGS;
497
498 ifap = &in_dev->ifa_list;
499 ifa1 = rtnl_dereference(*ifap);
500
501 while (ifa1) {
502 if (!(ifa1->ifa_flags & IFA_F_SECONDARY) &&
503 ifa->ifa_scope <= ifa1->ifa_scope)
504 last_primary = &ifa1->ifa_next;
505 if (ifa1->ifa_mask == ifa->ifa_mask &&
506 inet_ifa_match(ifa1->ifa_address, ifa)) {
507 if (ifa1->ifa_local == ifa->ifa_local) {
508 inet_free_ifa(ifa);
509 return -EEXIST;
510 }
511 if (ifa1->ifa_scope != ifa->ifa_scope) {
512 NL_SET_ERR_MSG(extack, "ipv4: Invalid scope value");
513 inet_free_ifa(ifa);
514 return -EINVAL;
515 }
516 ifa->ifa_flags |= IFA_F_SECONDARY;
517 }
518
519 ifap = &ifa1->ifa_next;
520 ifa1 = rtnl_dereference(*ifap);
521 }
522
523 /* Allow any devices that wish to register ifaddr validtors to weigh
524 * in now, before changes are committed. The rntl lock is serializing
525 * access here, so the state should not change between a validator call
526 * and a final notify on commit. This isn't invoked on promotion under
527 * the assumption that validators are checking the address itself, and
528 * not the flags.
529 */
530 ivi.ivi_addr = ifa->ifa_address;
531 ivi.ivi_dev = ifa->ifa_dev;
532 ivi.extack = extack;
533 ret = blocking_notifier_call_chain(&inetaddr_validator_chain,
534 NETDEV_UP, &ivi);
535 ret = notifier_to_errno(ret);
536 if (ret) {
537 inet_free_ifa(ifa);
538 return ret;
539 }
540
541 if (!(ifa->ifa_flags & IFA_F_SECONDARY))
542 ifap = last_primary;
543
544 rcu_assign_pointer(ifa->ifa_next, *ifap);
545 rcu_assign_pointer(*ifap, ifa);
546
547 inet_hash_insert(dev_net(in_dev->dev), ifa);
548
549 cancel_delayed_work(&check_lifetime_work);
550 queue_delayed_work(system_power_efficient_wq, &check_lifetime_work, 0);
551
552 /* Send message first, then call notifier.
553 Notifier will trigger FIB update, so that
554 listeners of netlink will know about new ifaddr */
555 rtmsg_ifa(RTM_NEWADDR, ifa, nlh, portid);
556 blocking_notifier_call_chain(&inetaddr_chain, NETDEV_UP, ifa);
557
558 return 0;
559}
560
561static int inet_insert_ifa(struct in_ifaddr *ifa)
562{
563 return __inet_insert_ifa(ifa, NULL, 0, NULL);
564}
565
566static int inet_set_ifa(struct net_device *dev, struct in_ifaddr *ifa)
567{
568 struct in_device *in_dev = __in_dev_get_rtnl(dev);
569
570 ASSERT_RTNL();
571
572 if (!in_dev) {
573 inet_free_ifa(ifa);
574 return -ENOBUFS;
575 }
576 ipv4_devconf_setall(in_dev);
577 neigh_parms_data_state_setall(in_dev->arp_parms);
578 if (ifa->ifa_dev != in_dev) {
579 WARN_ON(ifa->ifa_dev);
580 in_dev_hold(in_dev);
581 ifa->ifa_dev = in_dev;
582 }
583 if (ipv4_is_loopback(ifa->ifa_local))
584 ifa->ifa_scope = RT_SCOPE_HOST;
585 return inet_insert_ifa(ifa);
586}
587
588/* Caller must hold RCU or RTNL :
589 * We dont take a reference on found in_device
590 */
591struct in_device *inetdev_by_index(struct net *net, int ifindex)
592{
593 struct net_device *dev;
594 struct in_device *in_dev = NULL;
595
596 rcu_read_lock();
597 dev = dev_get_by_index_rcu(net, ifindex);
598 if (dev)
599 in_dev = rcu_dereference_rtnl(dev->ip_ptr);
600 rcu_read_unlock();
601 return in_dev;
602}
603EXPORT_SYMBOL(inetdev_by_index);
604
605/* Called only from RTNL semaphored context. No locks. */
606
607struct in_ifaddr *inet_ifa_byprefix(struct in_device *in_dev, __be32 prefix,
608 __be32 mask)
609{
610 struct in_ifaddr *ifa;
611
612 ASSERT_RTNL();
613
614 in_dev_for_each_ifa_rtnl(ifa, in_dev) {
615 if (ifa->ifa_mask == mask && inet_ifa_match(prefix, ifa))
616 return ifa;
617 }
618 return NULL;
619}
620
621static int ip_mc_autojoin_config(struct net *net, bool join,
622 const struct in_ifaddr *ifa)
623{
624#if defined(CONFIG_IP_MULTICAST)
625 struct ip_mreqn mreq = {
626 .imr_multiaddr.s_addr = ifa->ifa_address,
627 .imr_ifindex = ifa->ifa_dev->dev->ifindex,
628 };
629 struct sock *sk = net->ipv4.mc_autojoin_sk;
630 int ret;
631
632 ASSERT_RTNL();
633
634 lock_sock(sk);
635 if (join)
636 ret = ip_mc_join_group(sk, &mreq);
637 else
638 ret = ip_mc_leave_group(sk, &mreq);
639 release_sock(sk);
640
641 return ret;
642#else
643 return -EOPNOTSUPP;
644#endif
645}
646
647static int inet_rtm_deladdr(struct sk_buff *skb, struct nlmsghdr *nlh,
648 struct netlink_ext_ack *extack)
649{
650 struct net *net = sock_net(skb->sk);
651 struct in_ifaddr __rcu **ifap;
652 struct nlattr *tb[IFA_MAX+1];
653 struct in_device *in_dev;
654 struct ifaddrmsg *ifm;
655 struct in_ifaddr *ifa;
656 int err;
657
658 ASSERT_RTNL();
659
660 err = nlmsg_parse_deprecated(nlh, sizeof(*ifm), tb, IFA_MAX,
661 ifa_ipv4_policy, extack);
662 if (err < 0)
663 goto errout;
664
665 ifm = nlmsg_data(nlh);
666 in_dev = inetdev_by_index(net, ifm->ifa_index);
667 if (!in_dev) {
668 NL_SET_ERR_MSG(extack, "ipv4: Device not found");
669 err = -ENODEV;
670 goto errout;
671 }
672
673 for (ifap = &in_dev->ifa_list; (ifa = rtnl_dereference(*ifap)) != NULL;
674 ifap = &ifa->ifa_next) {
675 if (tb[IFA_LOCAL] &&
676 ifa->ifa_local != nla_get_in_addr(tb[IFA_LOCAL]))
677 continue;
678
679 if (tb[IFA_LABEL] && nla_strcmp(tb[IFA_LABEL], ifa->ifa_label))
680 continue;
681
682 if (tb[IFA_ADDRESS] &&
683 (ifm->ifa_prefixlen != ifa->ifa_prefixlen ||
684 !inet_ifa_match(nla_get_in_addr(tb[IFA_ADDRESS]), ifa)))
685 continue;
686
687 if (ipv4_is_multicast(ifa->ifa_address))
688 ip_mc_autojoin_config(net, false, ifa);
689 __inet_del_ifa(in_dev, ifap, 1, nlh, NETLINK_CB(skb).portid);
690 return 0;
691 }
692
693 NL_SET_ERR_MSG(extack, "ipv4: Address not found");
694 err = -EADDRNOTAVAIL;
695errout:
696 return err;
697}
698
699#define INFINITY_LIFE_TIME 0xFFFFFFFF
700
701static void check_lifetime(struct work_struct *work)
702{
703 unsigned long now, next, next_sec, next_sched;
704 struct in_ifaddr *ifa;
705 struct hlist_node *n;
706 int i;
707
708 now = jiffies;
709 next = round_jiffies_up(now + ADDR_CHECK_FREQUENCY);
710
711 for (i = 0; i < IN4_ADDR_HSIZE; i++) {
712 bool change_needed = false;
713
714 rcu_read_lock();
715 hlist_for_each_entry_rcu(ifa, &inet_addr_lst[i], hash) {
716 unsigned long age, tstamp;
717 u32 preferred_lft;
718 u32 valid_lft;
719 u32 flags;
720
721 flags = READ_ONCE(ifa->ifa_flags);
722 if (flags & IFA_F_PERMANENT)
723 continue;
724
725 preferred_lft = READ_ONCE(ifa->ifa_preferred_lft);
726 valid_lft = READ_ONCE(ifa->ifa_valid_lft);
727 tstamp = READ_ONCE(ifa->ifa_tstamp);
728 /* We try to batch several events at once. */
729 age = (now - tstamp +
730 ADDRCONF_TIMER_FUZZ_MINUS) / HZ;
731
732 if (valid_lft != INFINITY_LIFE_TIME &&
733 age >= valid_lft) {
734 change_needed = true;
735 } else if (preferred_lft ==
736 INFINITY_LIFE_TIME) {
737 continue;
738 } else if (age >= preferred_lft) {
739 if (time_before(tstamp + valid_lft * HZ, next))
740 next = tstamp + valid_lft * HZ;
741
742 if (!(flags & IFA_F_DEPRECATED))
743 change_needed = true;
744 } else if (time_before(tstamp + preferred_lft * HZ,
745 next)) {
746 next = tstamp + preferred_lft * HZ;
747 }
748 }
749 rcu_read_unlock();
750 if (!change_needed)
751 continue;
752 rtnl_lock();
753 hlist_for_each_entry_safe(ifa, n, &inet_addr_lst[i], hash) {
754 unsigned long age;
755
756 if (ifa->ifa_flags & IFA_F_PERMANENT)
757 continue;
758
759 /* We try to batch several events at once. */
760 age = (now - ifa->ifa_tstamp +
761 ADDRCONF_TIMER_FUZZ_MINUS) / HZ;
762
763 if (ifa->ifa_valid_lft != INFINITY_LIFE_TIME &&
764 age >= ifa->ifa_valid_lft) {
765 struct in_ifaddr __rcu **ifap;
766 struct in_ifaddr *tmp;
767
768 ifap = &ifa->ifa_dev->ifa_list;
769 tmp = rtnl_dereference(*ifap);
770 while (tmp) {
771 if (tmp == ifa) {
772 inet_del_ifa(ifa->ifa_dev,
773 ifap, 1);
774 break;
775 }
776 ifap = &tmp->ifa_next;
777 tmp = rtnl_dereference(*ifap);
778 }
779 } else if (ifa->ifa_preferred_lft !=
780 INFINITY_LIFE_TIME &&
781 age >= ifa->ifa_preferred_lft &&
782 !(ifa->ifa_flags & IFA_F_DEPRECATED)) {
783 ifa->ifa_flags |= IFA_F_DEPRECATED;
784 rtmsg_ifa(RTM_NEWADDR, ifa, NULL, 0);
785 }
786 }
787 rtnl_unlock();
788 }
789
790 next_sec = round_jiffies_up(next);
791 next_sched = next;
792
793 /* If rounded timeout is accurate enough, accept it. */
794 if (time_before(next_sec, next + ADDRCONF_TIMER_FUZZ))
795 next_sched = next_sec;
796
797 now = jiffies;
798 /* And minimum interval is ADDRCONF_TIMER_FUZZ_MAX. */
799 if (time_before(next_sched, now + ADDRCONF_TIMER_FUZZ_MAX))
800 next_sched = now + ADDRCONF_TIMER_FUZZ_MAX;
801
802 queue_delayed_work(system_power_efficient_wq, &check_lifetime_work,
803 next_sched - now);
804}
805
806static void set_ifa_lifetime(struct in_ifaddr *ifa, __u32 valid_lft,
807 __u32 prefered_lft)
808{
809 unsigned long timeout;
810 u32 flags;
811
812 flags = ifa->ifa_flags & ~(IFA_F_PERMANENT | IFA_F_DEPRECATED);
813
814 timeout = addrconf_timeout_fixup(valid_lft, HZ);
815 if (addrconf_finite_timeout(timeout))
816 WRITE_ONCE(ifa->ifa_valid_lft, timeout);
817 else
818 flags |= IFA_F_PERMANENT;
819
820 timeout = addrconf_timeout_fixup(prefered_lft, HZ);
821 if (addrconf_finite_timeout(timeout)) {
822 if (timeout == 0)
823 flags |= IFA_F_DEPRECATED;
824 WRITE_ONCE(ifa->ifa_preferred_lft, timeout);
825 }
826 WRITE_ONCE(ifa->ifa_flags, flags);
827 WRITE_ONCE(ifa->ifa_tstamp, jiffies);
828 if (!ifa->ifa_cstamp)
829 WRITE_ONCE(ifa->ifa_cstamp, ifa->ifa_tstamp);
830}
831
832static struct in_ifaddr *rtm_to_ifaddr(struct net *net, struct nlmsghdr *nlh,
833 __u32 *pvalid_lft, __u32 *pprefered_lft,
834 struct netlink_ext_ack *extack)
835{
836 struct nlattr *tb[IFA_MAX+1];
837 struct in_ifaddr *ifa;
838 struct ifaddrmsg *ifm;
839 struct net_device *dev;
840 struct in_device *in_dev;
841 int err;
842
843 err = nlmsg_parse_deprecated(nlh, sizeof(*ifm), tb, IFA_MAX,
844 ifa_ipv4_policy, extack);
845 if (err < 0)
846 goto errout;
847
848 ifm = nlmsg_data(nlh);
849 err = -EINVAL;
850
851 if (ifm->ifa_prefixlen > 32) {
852 NL_SET_ERR_MSG(extack, "ipv4: Invalid prefix length");
853 goto errout;
854 }
855
856 if (!tb[IFA_LOCAL]) {
857 NL_SET_ERR_MSG(extack, "ipv4: Local address is not supplied");
858 goto errout;
859 }
860
861 dev = __dev_get_by_index(net, ifm->ifa_index);
862 err = -ENODEV;
863 if (!dev) {
864 NL_SET_ERR_MSG(extack, "ipv4: Device not found");
865 goto errout;
866 }
867
868 in_dev = __in_dev_get_rtnl(dev);
869 err = -ENOBUFS;
870 if (!in_dev)
871 goto errout;
872
873 ifa = inet_alloc_ifa();
874 if (!ifa)
875 /*
876 * A potential indev allocation can be left alive, it stays
877 * assigned to its device and is destroy with it.
878 */
879 goto errout;
880
881 ipv4_devconf_setall(in_dev);
882 neigh_parms_data_state_setall(in_dev->arp_parms);
883 in_dev_hold(in_dev);
884
885 if (!tb[IFA_ADDRESS])
886 tb[IFA_ADDRESS] = tb[IFA_LOCAL];
887
888 INIT_HLIST_NODE(&ifa->hash);
889 ifa->ifa_prefixlen = ifm->ifa_prefixlen;
890 ifa->ifa_mask = inet_make_mask(ifm->ifa_prefixlen);
891 ifa->ifa_flags = tb[IFA_FLAGS] ? nla_get_u32(tb[IFA_FLAGS]) :
892 ifm->ifa_flags;
893 ifa->ifa_scope = ifm->ifa_scope;
894 ifa->ifa_dev = in_dev;
895
896 ifa->ifa_local = nla_get_in_addr(tb[IFA_LOCAL]);
897 ifa->ifa_address = nla_get_in_addr(tb[IFA_ADDRESS]);
898
899 if (tb[IFA_BROADCAST])
900 ifa->ifa_broadcast = nla_get_in_addr(tb[IFA_BROADCAST]);
901
902 if (tb[IFA_LABEL])
903 nla_strscpy(ifa->ifa_label, tb[IFA_LABEL], IFNAMSIZ);
904 else
905 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
906
907 if (tb[IFA_RT_PRIORITY])
908 ifa->ifa_rt_priority = nla_get_u32(tb[IFA_RT_PRIORITY]);
909
910 if (tb[IFA_PROTO])
911 ifa->ifa_proto = nla_get_u8(tb[IFA_PROTO]);
912
913 if (tb[IFA_CACHEINFO]) {
914 struct ifa_cacheinfo *ci;
915
916 ci = nla_data(tb[IFA_CACHEINFO]);
917 if (!ci->ifa_valid || ci->ifa_prefered > ci->ifa_valid) {
918 NL_SET_ERR_MSG(extack, "ipv4: address lifetime invalid");
919 err = -EINVAL;
920 goto errout_free;
921 }
922 *pvalid_lft = ci->ifa_valid;
923 *pprefered_lft = ci->ifa_prefered;
924 }
925
926 return ifa;
927
928errout_free:
929 inet_free_ifa(ifa);
930errout:
931 return ERR_PTR(err);
932}
933
934static struct in_ifaddr *find_matching_ifa(struct in_ifaddr *ifa)
935{
936 struct in_device *in_dev = ifa->ifa_dev;
937 struct in_ifaddr *ifa1;
938
939 if (!ifa->ifa_local)
940 return NULL;
941
942 in_dev_for_each_ifa_rtnl(ifa1, in_dev) {
943 if (ifa1->ifa_mask == ifa->ifa_mask &&
944 inet_ifa_match(ifa1->ifa_address, ifa) &&
945 ifa1->ifa_local == ifa->ifa_local)
946 return ifa1;
947 }
948 return NULL;
949}
950
951static int inet_rtm_newaddr(struct sk_buff *skb, struct nlmsghdr *nlh,
952 struct netlink_ext_ack *extack)
953{
954 struct net *net = sock_net(skb->sk);
955 struct in_ifaddr *ifa;
956 struct in_ifaddr *ifa_existing;
957 __u32 valid_lft = INFINITY_LIFE_TIME;
958 __u32 prefered_lft = INFINITY_LIFE_TIME;
959
960 ASSERT_RTNL();
961
962 ifa = rtm_to_ifaddr(net, nlh, &valid_lft, &prefered_lft, extack);
963 if (IS_ERR(ifa))
964 return PTR_ERR(ifa);
965
966 ifa_existing = find_matching_ifa(ifa);
967 if (!ifa_existing) {
968 /* It would be best to check for !NLM_F_CREATE here but
969 * userspace already relies on not having to provide this.
970 */
971 set_ifa_lifetime(ifa, valid_lft, prefered_lft);
972 if (ifa->ifa_flags & IFA_F_MCAUTOJOIN) {
973 int ret = ip_mc_autojoin_config(net, true, ifa);
974
975 if (ret < 0) {
976 NL_SET_ERR_MSG(extack, "ipv4: Multicast auto join failed");
977 inet_free_ifa(ifa);
978 return ret;
979 }
980 }
981 return __inet_insert_ifa(ifa, nlh, NETLINK_CB(skb).portid,
982 extack);
983 } else {
984 u32 new_metric = ifa->ifa_rt_priority;
985 u8 new_proto = ifa->ifa_proto;
986
987 inet_free_ifa(ifa);
988
989 if (nlh->nlmsg_flags & NLM_F_EXCL ||
990 !(nlh->nlmsg_flags & NLM_F_REPLACE)) {
991 NL_SET_ERR_MSG(extack, "ipv4: Address already assigned");
992 return -EEXIST;
993 }
994 ifa = ifa_existing;
995
996 if (ifa->ifa_rt_priority != new_metric) {
997 fib_modify_prefix_metric(ifa, new_metric);
998 ifa->ifa_rt_priority = new_metric;
999 }
1000
1001 ifa->ifa_proto = new_proto;
1002
1003 set_ifa_lifetime(ifa, valid_lft, prefered_lft);
1004 cancel_delayed_work(&check_lifetime_work);
1005 queue_delayed_work(system_power_efficient_wq,
1006 &check_lifetime_work, 0);
1007 rtmsg_ifa(RTM_NEWADDR, ifa, nlh, NETLINK_CB(skb).portid);
1008 }
1009 return 0;
1010}
1011
1012/*
1013 * Determine a default network mask, based on the IP address.
1014 */
1015
1016static int inet_abc_len(__be32 addr)
1017{
1018 int rc = -1; /* Something else, probably a multicast. */
1019
1020 if (ipv4_is_zeronet(addr) || ipv4_is_lbcast(addr))
1021 rc = 0;
1022 else {
1023 __u32 haddr = ntohl(addr);
1024 if (IN_CLASSA(haddr))
1025 rc = 8;
1026 else if (IN_CLASSB(haddr))
1027 rc = 16;
1028 else if (IN_CLASSC(haddr))
1029 rc = 24;
1030 else if (IN_CLASSE(haddr))
1031 rc = 32;
1032 }
1033
1034 return rc;
1035}
1036
1037
1038int devinet_ioctl(struct net *net, unsigned int cmd, struct ifreq *ifr)
1039{
1040 struct sockaddr_in sin_orig;
1041 struct sockaddr_in *sin = (struct sockaddr_in *)&ifr->ifr_addr;
1042 struct in_ifaddr __rcu **ifap = NULL;
1043 struct in_device *in_dev;
1044 struct in_ifaddr *ifa = NULL;
1045 struct net_device *dev;
1046 char *colon;
1047 int ret = -EFAULT;
1048 int tryaddrmatch = 0;
1049
1050 ifr->ifr_name[IFNAMSIZ - 1] = 0;
1051
1052 /* save original address for comparison */
1053 memcpy(&sin_orig, sin, sizeof(*sin));
1054
1055 colon = strchr(ifr->ifr_name, ':');
1056 if (colon)
1057 *colon = 0;
1058
1059 dev_load(net, ifr->ifr_name);
1060
1061 switch (cmd) {
1062 case SIOCGIFADDR: /* Get interface address */
1063 case SIOCGIFBRDADDR: /* Get the broadcast address */
1064 case SIOCGIFDSTADDR: /* Get the destination address */
1065 case SIOCGIFNETMASK: /* Get the netmask for the interface */
1066 /* Note that these ioctls will not sleep,
1067 so that we do not impose a lock.
1068 One day we will be forced to put shlock here (I mean SMP)
1069 */
1070 tryaddrmatch = (sin_orig.sin_family == AF_INET);
1071 memset(sin, 0, sizeof(*sin));
1072 sin->sin_family = AF_INET;
1073 break;
1074
1075 case SIOCSIFFLAGS:
1076 ret = -EPERM;
1077 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
1078 goto out;
1079 break;
1080 case SIOCSIFADDR: /* Set interface address (and family) */
1081 case SIOCSIFBRDADDR: /* Set the broadcast address */
1082 case SIOCSIFDSTADDR: /* Set the destination address */
1083 case SIOCSIFNETMASK: /* Set the netmask for the interface */
1084 ret = -EPERM;
1085 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
1086 goto out;
1087 ret = -EINVAL;
1088 if (sin->sin_family != AF_INET)
1089 goto out;
1090 break;
1091 default:
1092 ret = -EINVAL;
1093 goto out;
1094 }
1095
1096 rtnl_lock();
1097
1098 ret = -ENODEV;
1099 dev = __dev_get_by_name(net, ifr->ifr_name);
1100 if (!dev)
1101 goto done;
1102
1103 if (colon)
1104 *colon = ':';
1105
1106 in_dev = __in_dev_get_rtnl(dev);
1107 if (in_dev) {
1108 if (tryaddrmatch) {
1109 /* Matthias Andree */
1110 /* compare label and address (4.4BSD style) */
1111 /* note: we only do this for a limited set of ioctls
1112 and only if the original address family was AF_INET.
1113 This is checked above. */
1114
1115 for (ifap = &in_dev->ifa_list;
1116 (ifa = rtnl_dereference(*ifap)) != NULL;
1117 ifap = &ifa->ifa_next) {
1118 if (!strcmp(ifr->ifr_name, ifa->ifa_label) &&
1119 sin_orig.sin_addr.s_addr ==
1120 ifa->ifa_local) {
1121 break; /* found */
1122 }
1123 }
1124 }
1125 /* we didn't get a match, maybe the application is
1126 4.3BSD-style and passed in junk so we fall back to
1127 comparing just the label */
1128 if (!ifa) {
1129 for (ifap = &in_dev->ifa_list;
1130 (ifa = rtnl_dereference(*ifap)) != NULL;
1131 ifap = &ifa->ifa_next)
1132 if (!strcmp(ifr->ifr_name, ifa->ifa_label))
1133 break;
1134 }
1135 }
1136
1137 ret = -EADDRNOTAVAIL;
1138 if (!ifa && cmd != SIOCSIFADDR && cmd != SIOCSIFFLAGS)
1139 goto done;
1140
1141 switch (cmd) {
1142 case SIOCGIFADDR: /* Get interface address */
1143 ret = 0;
1144 sin->sin_addr.s_addr = ifa->ifa_local;
1145 break;
1146
1147 case SIOCGIFBRDADDR: /* Get the broadcast address */
1148 ret = 0;
1149 sin->sin_addr.s_addr = ifa->ifa_broadcast;
1150 break;
1151
1152 case SIOCGIFDSTADDR: /* Get the destination address */
1153 ret = 0;
1154 sin->sin_addr.s_addr = ifa->ifa_address;
1155 break;
1156
1157 case SIOCGIFNETMASK: /* Get the netmask for the interface */
1158 ret = 0;
1159 sin->sin_addr.s_addr = ifa->ifa_mask;
1160 break;
1161
1162 case SIOCSIFFLAGS:
1163 if (colon) {
1164 ret = -EADDRNOTAVAIL;
1165 if (!ifa)
1166 break;
1167 ret = 0;
1168 if (!(ifr->ifr_flags & IFF_UP))
1169 inet_del_ifa(in_dev, ifap, 1);
1170 break;
1171 }
1172 ret = dev_change_flags(dev, ifr->ifr_flags, NULL);
1173 break;
1174
1175 case SIOCSIFADDR: /* Set interface address (and family) */
1176 ret = -EINVAL;
1177 if (inet_abc_len(sin->sin_addr.s_addr) < 0)
1178 break;
1179
1180 if (!ifa) {
1181 ret = -ENOBUFS;
1182 ifa = inet_alloc_ifa();
1183 if (!ifa)
1184 break;
1185 INIT_HLIST_NODE(&ifa->hash);
1186 if (colon)
1187 memcpy(ifa->ifa_label, ifr->ifr_name, IFNAMSIZ);
1188 else
1189 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
1190 } else {
1191 ret = 0;
1192 if (ifa->ifa_local == sin->sin_addr.s_addr)
1193 break;
1194 inet_del_ifa(in_dev, ifap, 0);
1195 ifa->ifa_broadcast = 0;
1196 ifa->ifa_scope = 0;
1197 }
1198
1199 ifa->ifa_address = ifa->ifa_local = sin->sin_addr.s_addr;
1200
1201 if (!(dev->flags & IFF_POINTOPOINT)) {
1202 ifa->ifa_prefixlen = inet_abc_len(ifa->ifa_address);
1203 ifa->ifa_mask = inet_make_mask(ifa->ifa_prefixlen);
1204 if ((dev->flags & IFF_BROADCAST) &&
1205 ifa->ifa_prefixlen < 31)
1206 ifa->ifa_broadcast = ifa->ifa_address |
1207 ~ifa->ifa_mask;
1208 } else {
1209 ifa->ifa_prefixlen = 32;
1210 ifa->ifa_mask = inet_make_mask(32);
1211 }
1212 set_ifa_lifetime(ifa, INFINITY_LIFE_TIME, INFINITY_LIFE_TIME);
1213 ret = inet_set_ifa(dev, ifa);
1214 break;
1215
1216 case SIOCSIFBRDADDR: /* Set the broadcast address */
1217 ret = 0;
1218 if (ifa->ifa_broadcast != sin->sin_addr.s_addr) {
1219 inet_del_ifa(in_dev, ifap, 0);
1220 ifa->ifa_broadcast = sin->sin_addr.s_addr;
1221 inet_insert_ifa(ifa);
1222 }
1223 break;
1224
1225 case SIOCSIFDSTADDR: /* Set the destination address */
1226 ret = 0;
1227 if (ifa->ifa_address == sin->sin_addr.s_addr)
1228 break;
1229 ret = -EINVAL;
1230 if (inet_abc_len(sin->sin_addr.s_addr) < 0)
1231 break;
1232 ret = 0;
1233 inet_del_ifa(in_dev, ifap, 0);
1234 ifa->ifa_address = sin->sin_addr.s_addr;
1235 inet_insert_ifa(ifa);
1236 break;
1237
1238 case SIOCSIFNETMASK: /* Set the netmask for the interface */
1239
1240 /*
1241 * The mask we set must be legal.
1242 */
1243 ret = -EINVAL;
1244 if (bad_mask(sin->sin_addr.s_addr, 0))
1245 break;
1246 ret = 0;
1247 if (ifa->ifa_mask != sin->sin_addr.s_addr) {
1248 __be32 old_mask = ifa->ifa_mask;
1249 inet_del_ifa(in_dev, ifap, 0);
1250 ifa->ifa_mask = sin->sin_addr.s_addr;
1251 ifa->ifa_prefixlen = inet_mask_len(ifa->ifa_mask);
1252
1253 /* See if current broadcast address matches
1254 * with current netmask, then recalculate
1255 * the broadcast address. Otherwise it's a
1256 * funny address, so don't touch it since
1257 * the user seems to know what (s)he's doing...
1258 */
1259 if ((dev->flags & IFF_BROADCAST) &&
1260 (ifa->ifa_prefixlen < 31) &&
1261 (ifa->ifa_broadcast ==
1262 (ifa->ifa_local|~old_mask))) {
1263 ifa->ifa_broadcast = (ifa->ifa_local |
1264 ~sin->sin_addr.s_addr);
1265 }
1266 inet_insert_ifa(ifa);
1267 }
1268 break;
1269 }
1270done:
1271 rtnl_unlock();
1272out:
1273 return ret;
1274}
1275
1276int inet_gifconf(struct net_device *dev, char __user *buf, int len, int size)
1277{
1278 struct in_device *in_dev = __in_dev_get_rtnl(dev);
1279 const struct in_ifaddr *ifa;
1280 struct ifreq ifr;
1281 int done = 0;
1282
1283 if (WARN_ON(size > sizeof(struct ifreq)))
1284 goto out;
1285
1286 if (!in_dev)
1287 goto out;
1288
1289 in_dev_for_each_ifa_rtnl(ifa, in_dev) {
1290 if (!buf) {
1291 done += size;
1292 continue;
1293 }
1294 if (len < size)
1295 break;
1296 memset(&ifr, 0, sizeof(struct ifreq));
1297 strcpy(ifr.ifr_name, ifa->ifa_label);
1298
1299 (*(struct sockaddr_in *)&ifr.ifr_addr).sin_family = AF_INET;
1300 (*(struct sockaddr_in *)&ifr.ifr_addr).sin_addr.s_addr =
1301 ifa->ifa_local;
1302
1303 if (copy_to_user(buf + done, &ifr, size)) {
1304 done = -EFAULT;
1305 break;
1306 }
1307 len -= size;
1308 done += size;
1309 }
1310out:
1311 return done;
1312}
1313
1314static __be32 in_dev_select_addr(const struct in_device *in_dev,
1315 int scope)
1316{
1317 const struct in_ifaddr *ifa;
1318
1319 in_dev_for_each_ifa_rcu(ifa, in_dev) {
1320 if (READ_ONCE(ifa->ifa_flags) & IFA_F_SECONDARY)
1321 continue;
1322 if (ifa->ifa_scope != RT_SCOPE_LINK &&
1323 ifa->ifa_scope <= scope)
1324 return ifa->ifa_local;
1325 }
1326
1327 return 0;
1328}
1329
1330__be32 inet_select_addr(const struct net_device *dev, __be32 dst, int scope)
1331{
1332 const struct in_ifaddr *ifa;
1333 __be32 addr = 0;
1334 unsigned char localnet_scope = RT_SCOPE_HOST;
1335 struct in_device *in_dev;
1336 struct net *net = dev_net(dev);
1337 int master_idx;
1338
1339 rcu_read_lock();
1340 in_dev = __in_dev_get_rcu(dev);
1341 if (!in_dev)
1342 goto no_in_dev;
1343
1344 if (unlikely(IN_DEV_ROUTE_LOCALNET(in_dev)))
1345 localnet_scope = RT_SCOPE_LINK;
1346
1347 in_dev_for_each_ifa_rcu(ifa, in_dev) {
1348 if (READ_ONCE(ifa->ifa_flags) & IFA_F_SECONDARY)
1349 continue;
1350 if (min(ifa->ifa_scope, localnet_scope) > scope)
1351 continue;
1352 if (!dst || inet_ifa_match(dst, ifa)) {
1353 addr = ifa->ifa_local;
1354 break;
1355 }
1356 if (!addr)
1357 addr = ifa->ifa_local;
1358 }
1359
1360 if (addr)
1361 goto out_unlock;
1362no_in_dev:
1363 master_idx = l3mdev_master_ifindex_rcu(dev);
1364
1365 /* For VRFs, the VRF device takes the place of the loopback device,
1366 * with addresses on it being preferred. Note in such cases the
1367 * loopback device will be among the devices that fail the master_idx
1368 * equality check in the loop below.
1369 */
1370 if (master_idx &&
1371 (dev = dev_get_by_index_rcu(net, master_idx)) &&
1372 (in_dev = __in_dev_get_rcu(dev))) {
1373 addr = in_dev_select_addr(in_dev, scope);
1374 if (addr)
1375 goto out_unlock;
1376 }
1377
1378 /* Not loopback addresses on loopback should be preferred
1379 in this case. It is important that lo is the first interface
1380 in dev_base list.
1381 */
1382 for_each_netdev_rcu(net, dev) {
1383 if (l3mdev_master_ifindex_rcu(dev) != master_idx)
1384 continue;
1385
1386 in_dev = __in_dev_get_rcu(dev);
1387 if (!in_dev)
1388 continue;
1389
1390 addr = in_dev_select_addr(in_dev, scope);
1391 if (addr)
1392 goto out_unlock;
1393 }
1394out_unlock:
1395 rcu_read_unlock();
1396 return addr;
1397}
1398EXPORT_SYMBOL(inet_select_addr);
1399
1400static __be32 confirm_addr_indev(struct in_device *in_dev, __be32 dst,
1401 __be32 local, int scope)
1402{
1403 unsigned char localnet_scope = RT_SCOPE_HOST;
1404 const struct in_ifaddr *ifa;
1405 __be32 addr = 0;
1406 int same = 0;
1407
1408 if (unlikely(IN_DEV_ROUTE_LOCALNET(in_dev)))
1409 localnet_scope = RT_SCOPE_LINK;
1410
1411 in_dev_for_each_ifa_rcu(ifa, in_dev) {
1412 unsigned char min_scope = min(ifa->ifa_scope, localnet_scope);
1413
1414 if (!addr &&
1415 (local == ifa->ifa_local || !local) &&
1416 min_scope <= scope) {
1417 addr = ifa->ifa_local;
1418 if (same)
1419 break;
1420 }
1421 if (!same) {
1422 same = (!local || inet_ifa_match(local, ifa)) &&
1423 (!dst || inet_ifa_match(dst, ifa));
1424 if (same && addr) {
1425 if (local || !dst)
1426 break;
1427 /* Is the selected addr into dst subnet? */
1428 if (inet_ifa_match(addr, ifa))
1429 break;
1430 /* No, then can we use new local src? */
1431 if (min_scope <= scope) {
1432 addr = ifa->ifa_local;
1433 break;
1434 }
1435 /* search for large dst subnet for addr */
1436 same = 0;
1437 }
1438 }
1439 }
1440
1441 return same ? addr : 0;
1442}
1443
1444/*
1445 * Confirm that local IP address exists using wildcards:
1446 * - net: netns to check, cannot be NULL
1447 * - in_dev: only on this interface, NULL=any interface
1448 * - dst: only in the same subnet as dst, 0=any dst
1449 * - local: address, 0=autoselect the local address
1450 * - scope: maximum allowed scope value for the local address
1451 */
1452__be32 inet_confirm_addr(struct net *net, struct in_device *in_dev,
1453 __be32 dst, __be32 local, int scope)
1454{
1455 __be32 addr = 0;
1456 struct net_device *dev;
1457
1458 if (in_dev)
1459 return confirm_addr_indev(in_dev, dst, local, scope);
1460
1461 rcu_read_lock();
1462 for_each_netdev_rcu(net, dev) {
1463 in_dev = __in_dev_get_rcu(dev);
1464 if (in_dev) {
1465 addr = confirm_addr_indev(in_dev, dst, local, scope);
1466 if (addr)
1467 break;
1468 }
1469 }
1470 rcu_read_unlock();
1471
1472 return addr;
1473}
1474EXPORT_SYMBOL(inet_confirm_addr);
1475
1476/*
1477 * Device notifier
1478 */
1479
1480int register_inetaddr_notifier(struct notifier_block *nb)
1481{
1482 return blocking_notifier_chain_register(&inetaddr_chain, nb);
1483}
1484EXPORT_SYMBOL(register_inetaddr_notifier);
1485
1486int unregister_inetaddr_notifier(struct notifier_block *nb)
1487{
1488 return blocking_notifier_chain_unregister(&inetaddr_chain, nb);
1489}
1490EXPORT_SYMBOL(unregister_inetaddr_notifier);
1491
1492int register_inetaddr_validator_notifier(struct notifier_block *nb)
1493{
1494 return blocking_notifier_chain_register(&inetaddr_validator_chain, nb);
1495}
1496EXPORT_SYMBOL(register_inetaddr_validator_notifier);
1497
1498int unregister_inetaddr_validator_notifier(struct notifier_block *nb)
1499{
1500 return blocking_notifier_chain_unregister(&inetaddr_validator_chain,
1501 nb);
1502}
1503EXPORT_SYMBOL(unregister_inetaddr_validator_notifier);
1504
1505/* Rename ifa_labels for a device name change. Make some effort to preserve
1506 * existing alias numbering and to create unique labels if possible.
1507*/
1508static void inetdev_changename(struct net_device *dev, struct in_device *in_dev)
1509{
1510 struct in_ifaddr *ifa;
1511 int named = 0;
1512
1513 in_dev_for_each_ifa_rtnl(ifa, in_dev) {
1514 char old[IFNAMSIZ], *dot;
1515
1516 memcpy(old, ifa->ifa_label, IFNAMSIZ);
1517 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
1518 if (named++ == 0)
1519 goto skip;
1520 dot = strchr(old, ':');
1521 if (!dot) {
1522 sprintf(old, ":%d", named);
1523 dot = old;
1524 }
1525 if (strlen(dot) + strlen(dev->name) < IFNAMSIZ)
1526 strcat(ifa->ifa_label, dot);
1527 else
1528 strcpy(ifa->ifa_label + (IFNAMSIZ - strlen(dot) - 1), dot);
1529skip:
1530 rtmsg_ifa(RTM_NEWADDR, ifa, NULL, 0);
1531 }
1532}
1533
1534static void inetdev_send_gratuitous_arp(struct net_device *dev,
1535 struct in_device *in_dev)
1536
1537{
1538 const struct in_ifaddr *ifa;
1539
1540 in_dev_for_each_ifa_rtnl(ifa, in_dev) {
1541 arp_send(ARPOP_REQUEST, ETH_P_ARP,
1542 ifa->ifa_local, dev,
1543 ifa->ifa_local, NULL,
1544 dev->dev_addr, NULL);
1545 }
1546}
1547
1548/* Called only under RTNL semaphore */
1549
1550static int inetdev_event(struct notifier_block *this, unsigned long event,
1551 void *ptr)
1552{
1553 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
1554 struct in_device *in_dev = __in_dev_get_rtnl(dev);
1555
1556 ASSERT_RTNL();
1557
1558 if (!in_dev) {
1559 if (event == NETDEV_REGISTER) {
1560 in_dev = inetdev_init(dev);
1561 if (IS_ERR(in_dev))
1562 return notifier_from_errno(PTR_ERR(in_dev));
1563 if (dev->flags & IFF_LOOPBACK) {
1564 IN_DEV_CONF_SET(in_dev, NOXFRM, 1);
1565 IN_DEV_CONF_SET(in_dev, NOPOLICY, 1);
1566 }
1567 } else if (event == NETDEV_CHANGEMTU) {
1568 /* Re-enabling IP */
1569 if (inetdev_valid_mtu(dev->mtu))
1570 in_dev = inetdev_init(dev);
1571 }
1572 goto out;
1573 }
1574
1575 switch (event) {
1576 case NETDEV_REGISTER:
1577 pr_debug("%s: bug\n", __func__);
1578 RCU_INIT_POINTER(dev->ip_ptr, NULL);
1579 break;
1580 case NETDEV_UP:
1581 if (!inetdev_valid_mtu(dev->mtu))
1582 break;
1583 if (dev->flags & IFF_LOOPBACK) {
1584 struct in_ifaddr *ifa = inet_alloc_ifa();
1585
1586 if (ifa) {
1587 INIT_HLIST_NODE(&ifa->hash);
1588 ifa->ifa_local =
1589 ifa->ifa_address = htonl(INADDR_LOOPBACK);
1590 ifa->ifa_prefixlen = 8;
1591 ifa->ifa_mask = inet_make_mask(8);
1592 in_dev_hold(in_dev);
1593 ifa->ifa_dev = in_dev;
1594 ifa->ifa_scope = RT_SCOPE_HOST;
1595 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
1596 set_ifa_lifetime(ifa, INFINITY_LIFE_TIME,
1597 INFINITY_LIFE_TIME);
1598 ipv4_devconf_setall(in_dev);
1599 neigh_parms_data_state_setall(in_dev->arp_parms);
1600 inet_insert_ifa(ifa);
1601 }
1602 }
1603 ip_mc_up(in_dev);
1604 fallthrough;
1605 case NETDEV_CHANGEADDR:
1606 if (!IN_DEV_ARP_NOTIFY(in_dev))
1607 break;
1608 fallthrough;
1609 case NETDEV_NOTIFY_PEERS:
1610 /* Send gratuitous ARP to notify of link change */
1611 inetdev_send_gratuitous_arp(dev, in_dev);
1612 break;
1613 case NETDEV_DOWN:
1614 ip_mc_down(in_dev);
1615 break;
1616 case NETDEV_PRE_TYPE_CHANGE:
1617 ip_mc_unmap(in_dev);
1618 break;
1619 case NETDEV_POST_TYPE_CHANGE:
1620 ip_mc_remap(in_dev);
1621 break;
1622 case NETDEV_CHANGEMTU:
1623 if (inetdev_valid_mtu(dev->mtu))
1624 break;
1625 /* disable IP when MTU is not enough */
1626 fallthrough;
1627 case NETDEV_UNREGISTER:
1628 inetdev_destroy(in_dev);
1629 break;
1630 case NETDEV_CHANGENAME:
1631 /* Do not notify about label change, this event is
1632 * not interesting to applications using netlink.
1633 */
1634 inetdev_changename(dev, in_dev);
1635
1636 devinet_sysctl_unregister(in_dev);
1637 devinet_sysctl_register(in_dev);
1638 break;
1639 }
1640out:
1641 return NOTIFY_DONE;
1642}
1643
1644static struct notifier_block ip_netdev_notifier = {
1645 .notifier_call = inetdev_event,
1646};
1647
1648static size_t inet_nlmsg_size(void)
1649{
1650 return NLMSG_ALIGN(sizeof(struct ifaddrmsg))
1651 + nla_total_size(4) /* IFA_ADDRESS */
1652 + nla_total_size(4) /* IFA_LOCAL */
1653 + nla_total_size(4) /* IFA_BROADCAST */
1654 + nla_total_size(IFNAMSIZ) /* IFA_LABEL */
1655 + nla_total_size(4) /* IFA_FLAGS */
1656 + nla_total_size(1) /* IFA_PROTO */
1657 + nla_total_size(4) /* IFA_RT_PRIORITY */
1658 + nla_total_size(sizeof(struct ifa_cacheinfo)); /* IFA_CACHEINFO */
1659}
1660
1661static inline u32 cstamp_delta(unsigned long cstamp)
1662{
1663 return (cstamp - INITIAL_JIFFIES) * 100UL / HZ;
1664}
1665
1666static int put_cacheinfo(struct sk_buff *skb, unsigned long cstamp,
1667 unsigned long tstamp, u32 preferred, u32 valid)
1668{
1669 struct ifa_cacheinfo ci;
1670
1671 ci.cstamp = cstamp_delta(cstamp);
1672 ci.tstamp = cstamp_delta(tstamp);
1673 ci.ifa_prefered = preferred;
1674 ci.ifa_valid = valid;
1675
1676 return nla_put(skb, IFA_CACHEINFO, sizeof(ci), &ci);
1677}
1678
1679static int inet_fill_ifaddr(struct sk_buff *skb, const struct in_ifaddr *ifa,
1680 struct inet_fill_args *args)
1681{
1682 struct ifaddrmsg *ifm;
1683 struct nlmsghdr *nlh;
1684 unsigned long tstamp;
1685 u32 preferred, valid;
1686 u32 flags;
1687
1688 nlh = nlmsg_put(skb, args->portid, args->seq, args->event, sizeof(*ifm),
1689 args->flags);
1690 if (!nlh)
1691 return -EMSGSIZE;
1692
1693 ifm = nlmsg_data(nlh);
1694 ifm->ifa_family = AF_INET;
1695 ifm->ifa_prefixlen = ifa->ifa_prefixlen;
1696
1697 flags = READ_ONCE(ifa->ifa_flags);
1698 /* Warning : ifm->ifa_flags is an __u8, it holds only 8 bits.
1699 * The 32bit value is given in IFA_FLAGS attribute.
1700 */
1701 ifm->ifa_flags = (__u8)flags;
1702
1703 ifm->ifa_scope = ifa->ifa_scope;
1704 ifm->ifa_index = ifa->ifa_dev->dev->ifindex;
1705
1706 if (args->netnsid >= 0 &&
1707 nla_put_s32(skb, IFA_TARGET_NETNSID, args->netnsid))
1708 goto nla_put_failure;
1709
1710 tstamp = READ_ONCE(ifa->ifa_tstamp);
1711 if (!(flags & IFA_F_PERMANENT)) {
1712 preferred = READ_ONCE(ifa->ifa_preferred_lft);
1713 valid = READ_ONCE(ifa->ifa_valid_lft);
1714 if (preferred != INFINITY_LIFE_TIME) {
1715 long tval = (jiffies - tstamp) / HZ;
1716
1717 if (preferred > tval)
1718 preferred -= tval;
1719 else
1720 preferred = 0;
1721 if (valid != INFINITY_LIFE_TIME) {
1722 if (valid > tval)
1723 valid -= tval;
1724 else
1725 valid = 0;
1726 }
1727 }
1728 } else {
1729 preferred = INFINITY_LIFE_TIME;
1730 valid = INFINITY_LIFE_TIME;
1731 }
1732 if ((ifa->ifa_address &&
1733 nla_put_in_addr(skb, IFA_ADDRESS, ifa->ifa_address)) ||
1734 (ifa->ifa_local &&
1735 nla_put_in_addr(skb, IFA_LOCAL, ifa->ifa_local)) ||
1736 (ifa->ifa_broadcast &&
1737 nla_put_in_addr(skb, IFA_BROADCAST, ifa->ifa_broadcast)) ||
1738 (ifa->ifa_label[0] &&
1739 nla_put_string(skb, IFA_LABEL, ifa->ifa_label)) ||
1740 (ifa->ifa_proto &&
1741 nla_put_u8(skb, IFA_PROTO, ifa->ifa_proto)) ||
1742 nla_put_u32(skb, IFA_FLAGS, flags) ||
1743 (ifa->ifa_rt_priority &&
1744 nla_put_u32(skb, IFA_RT_PRIORITY, ifa->ifa_rt_priority)) ||
1745 put_cacheinfo(skb, READ_ONCE(ifa->ifa_cstamp), tstamp,
1746 preferred, valid))
1747 goto nla_put_failure;
1748
1749 nlmsg_end(skb, nlh);
1750 return 0;
1751
1752nla_put_failure:
1753 nlmsg_cancel(skb, nlh);
1754 return -EMSGSIZE;
1755}
1756
1757static int inet_valid_dump_ifaddr_req(const struct nlmsghdr *nlh,
1758 struct inet_fill_args *fillargs,
1759 struct net **tgt_net, struct sock *sk,
1760 struct netlink_callback *cb)
1761{
1762 struct netlink_ext_ack *extack = cb->extack;
1763 struct nlattr *tb[IFA_MAX+1];
1764 struct ifaddrmsg *ifm;
1765 int err, i;
1766
1767 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*ifm))) {
1768 NL_SET_ERR_MSG(extack, "ipv4: Invalid header for address dump request");
1769 return -EINVAL;
1770 }
1771
1772 ifm = nlmsg_data(nlh);
1773 if (ifm->ifa_prefixlen || ifm->ifa_flags || ifm->ifa_scope) {
1774 NL_SET_ERR_MSG(extack, "ipv4: Invalid values in header for address dump request");
1775 return -EINVAL;
1776 }
1777
1778 fillargs->ifindex = ifm->ifa_index;
1779 if (fillargs->ifindex) {
1780 cb->answer_flags |= NLM_F_DUMP_FILTERED;
1781 fillargs->flags |= NLM_F_DUMP_FILTERED;
1782 }
1783
1784 err = nlmsg_parse_deprecated_strict(nlh, sizeof(*ifm), tb, IFA_MAX,
1785 ifa_ipv4_policy, extack);
1786 if (err < 0)
1787 return err;
1788
1789 for (i = 0; i <= IFA_MAX; ++i) {
1790 if (!tb[i])
1791 continue;
1792
1793 if (i == IFA_TARGET_NETNSID) {
1794 struct net *net;
1795
1796 fillargs->netnsid = nla_get_s32(tb[i]);
1797
1798 net = rtnl_get_net_ns_capable(sk, fillargs->netnsid);
1799 if (IS_ERR(net)) {
1800 fillargs->netnsid = -1;
1801 NL_SET_ERR_MSG(extack, "ipv4: Invalid target network namespace id");
1802 return PTR_ERR(net);
1803 }
1804 *tgt_net = net;
1805 } else {
1806 NL_SET_ERR_MSG(extack, "ipv4: Unsupported attribute in dump request");
1807 return -EINVAL;
1808 }
1809 }
1810
1811 return 0;
1812}
1813
1814static int in_dev_dump_addr(struct in_device *in_dev, struct sk_buff *skb,
1815 struct netlink_callback *cb, int *s_ip_idx,
1816 struct inet_fill_args *fillargs)
1817{
1818 struct in_ifaddr *ifa;
1819 int ip_idx = 0;
1820 int err;
1821
1822 in_dev_for_each_ifa_rcu(ifa, in_dev) {
1823 if (ip_idx < *s_ip_idx) {
1824 ip_idx++;
1825 continue;
1826 }
1827 err = inet_fill_ifaddr(skb, ifa, fillargs);
1828 if (err < 0)
1829 goto done;
1830
1831 nl_dump_check_consistent(cb, nlmsg_hdr(skb));
1832 ip_idx++;
1833 }
1834 err = 0;
1835 ip_idx = 0;
1836done:
1837 *s_ip_idx = ip_idx;
1838
1839 return err;
1840}
1841
1842/* Combine dev_addr_genid and dev_base_seq to detect changes.
1843 */
1844static u32 inet_base_seq(const struct net *net)
1845{
1846 u32 res = atomic_read(&net->ipv4.dev_addr_genid) +
1847 READ_ONCE(net->dev_base_seq);
1848
1849 /* Must not return 0 (see nl_dump_check_consistent()).
1850 * Chose a value far away from 0.
1851 */
1852 if (!res)
1853 res = 0x80000000;
1854 return res;
1855}
1856
1857static int inet_dump_ifaddr(struct sk_buff *skb, struct netlink_callback *cb)
1858{
1859 const struct nlmsghdr *nlh = cb->nlh;
1860 struct inet_fill_args fillargs = {
1861 .portid = NETLINK_CB(cb->skb).portid,
1862 .seq = nlh->nlmsg_seq,
1863 .event = RTM_NEWADDR,
1864 .flags = NLM_F_MULTI,
1865 .netnsid = -1,
1866 };
1867 struct net *net = sock_net(skb->sk);
1868 struct net *tgt_net = net;
1869 struct {
1870 unsigned long ifindex;
1871 int ip_idx;
1872 } *ctx = (void *)cb->ctx;
1873 struct in_device *in_dev;
1874 struct net_device *dev;
1875 int err = 0;
1876
1877 rcu_read_lock();
1878 if (cb->strict_check) {
1879 err = inet_valid_dump_ifaddr_req(nlh, &fillargs, &tgt_net,
1880 skb->sk, cb);
1881 if (err < 0)
1882 goto done;
1883
1884 if (fillargs.ifindex) {
1885 dev = dev_get_by_index_rcu(tgt_net, fillargs.ifindex);
1886 if (!dev) {
1887 err = -ENODEV;
1888 goto done;
1889 }
1890 in_dev = __in_dev_get_rcu(dev);
1891 if (!in_dev)
1892 goto done;
1893 err = in_dev_dump_addr(in_dev, skb, cb, &ctx->ip_idx,
1894 &fillargs);
1895 goto done;
1896 }
1897 }
1898
1899 cb->seq = inet_base_seq(tgt_net);
1900
1901 for_each_netdev_dump(tgt_net, dev, ctx->ifindex) {
1902 in_dev = __in_dev_get_rcu(dev);
1903 if (!in_dev)
1904 continue;
1905 err = in_dev_dump_addr(in_dev, skb, cb, &ctx->ip_idx,
1906 &fillargs);
1907 if (err < 0)
1908 goto done;
1909 }
1910done:
1911 if (fillargs.netnsid >= 0)
1912 put_net(tgt_net);
1913 rcu_read_unlock();
1914 return err;
1915}
1916
1917static void rtmsg_ifa(int event, struct in_ifaddr *ifa, struct nlmsghdr *nlh,
1918 u32 portid)
1919{
1920 struct inet_fill_args fillargs = {
1921 .portid = portid,
1922 .seq = nlh ? nlh->nlmsg_seq : 0,
1923 .event = event,
1924 .flags = 0,
1925 .netnsid = -1,
1926 };
1927 struct sk_buff *skb;
1928 int err = -ENOBUFS;
1929 struct net *net;
1930
1931 net = dev_net(ifa->ifa_dev->dev);
1932 skb = nlmsg_new(inet_nlmsg_size(), GFP_KERNEL);
1933 if (!skb)
1934 goto errout;
1935
1936 err = inet_fill_ifaddr(skb, ifa, &fillargs);
1937 if (err < 0) {
1938 /* -EMSGSIZE implies BUG in inet_nlmsg_size() */
1939 WARN_ON(err == -EMSGSIZE);
1940 kfree_skb(skb);
1941 goto errout;
1942 }
1943 rtnl_notify(skb, net, portid, RTNLGRP_IPV4_IFADDR, nlh, GFP_KERNEL);
1944 return;
1945errout:
1946 if (err < 0)
1947 rtnl_set_sk_err(net, RTNLGRP_IPV4_IFADDR, err);
1948}
1949
1950static size_t inet_get_link_af_size(const struct net_device *dev,
1951 u32 ext_filter_mask)
1952{
1953 struct in_device *in_dev = rcu_dereference_rtnl(dev->ip_ptr);
1954
1955 if (!in_dev)
1956 return 0;
1957
1958 return nla_total_size(IPV4_DEVCONF_MAX * 4); /* IFLA_INET_CONF */
1959}
1960
1961static int inet_fill_link_af(struct sk_buff *skb, const struct net_device *dev,
1962 u32 ext_filter_mask)
1963{
1964 struct in_device *in_dev = rcu_dereference_rtnl(dev->ip_ptr);
1965 struct nlattr *nla;
1966 int i;
1967
1968 if (!in_dev)
1969 return -ENODATA;
1970
1971 nla = nla_reserve(skb, IFLA_INET_CONF, IPV4_DEVCONF_MAX * 4);
1972 if (!nla)
1973 return -EMSGSIZE;
1974
1975 for (i = 0; i < IPV4_DEVCONF_MAX; i++)
1976 ((u32 *) nla_data(nla))[i] = READ_ONCE(in_dev->cnf.data[i]);
1977
1978 return 0;
1979}
1980
1981static const struct nla_policy inet_af_policy[IFLA_INET_MAX+1] = {
1982 [IFLA_INET_CONF] = { .type = NLA_NESTED },
1983};
1984
1985static int inet_validate_link_af(const struct net_device *dev,
1986 const struct nlattr *nla,
1987 struct netlink_ext_ack *extack)
1988{
1989 struct nlattr *a, *tb[IFLA_INET_MAX+1];
1990 int err, rem;
1991
1992 if (dev && !__in_dev_get_rtnl(dev))
1993 return -EAFNOSUPPORT;
1994
1995 err = nla_parse_nested_deprecated(tb, IFLA_INET_MAX, nla,
1996 inet_af_policy, extack);
1997 if (err < 0)
1998 return err;
1999
2000 if (tb[IFLA_INET_CONF]) {
2001 nla_for_each_nested(a, tb[IFLA_INET_CONF], rem) {
2002 int cfgid = nla_type(a);
2003
2004 if (nla_len(a) < 4)
2005 return -EINVAL;
2006
2007 if (cfgid <= 0 || cfgid > IPV4_DEVCONF_MAX)
2008 return -EINVAL;
2009 }
2010 }
2011
2012 return 0;
2013}
2014
2015static int inet_set_link_af(struct net_device *dev, const struct nlattr *nla,
2016 struct netlink_ext_ack *extack)
2017{
2018 struct in_device *in_dev = __in_dev_get_rtnl(dev);
2019 struct nlattr *a, *tb[IFLA_INET_MAX+1];
2020 int rem;
2021
2022 if (!in_dev)
2023 return -EAFNOSUPPORT;
2024
2025 if (nla_parse_nested_deprecated(tb, IFLA_INET_MAX, nla, NULL, NULL) < 0)
2026 return -EINVAL;
2027
2028 if (tb[IFLA_INET_CONF]) {
2029 nla_for_each_nested(a, tb[IFLA_INET_CONF], rem)
2030 ipv4_devconf_set(in_dev, nla_type(a), nla_get_u32(a));
2031 }
2032
2033 return 0;
2034}
2035
2036static int inet_netconf_msgsize_devconf(int type)
2037{
2038 int size = NLMSG_ALIGN(sizeof(struct netconfmsg))
2039 + nla_total_size(4); /* NETCONFA_IFINDEX */
2040 bool all = false;
2041
2042 if (type == NETCONFA_ALL)
2043 all = true;
2044
2045 if (all || type == NETCONFA_FORWARDING)
2046 size += nla_total_size(4);
2047 if (all || type == NETCONFA_RP_FILTER)
2048 size += nla_total_size(4);
2049 if (all || type == NETCONFA_MC_FORWARDING)
2050 size += nla_total_size(4);
2051 if (all || type == NETCONFA_BC_FORWARDING)
2052 size += nla_total_size(4);
2053 if (all || type == NETCONFA_PROXY_NEIGH)
2054 size += nla_total_size(4);
2055 if (all || type == NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN)
2056 size += nla_total_size(4);
2057
2058 return size;
2059}
2060
2061static int inet_netconf_fill_devconf(struct sk_buff *skb, int ifindex,
2062 const struct ipv4_devconf *devconf,
2063 u32 portid, u32 seq, int event,
2064 unsigned int flags, int type)
2065{
2066 struct nlmsghdr *nlh;
2067 struct netconfmsg *ncm;
2068 bool all = false;
2069
2070 nlh = nlmsg_put(skb, portid, seq, event, sizeof(struct netconfmsg),
2071 flags);
2072 if (!nlh)
2073 return -EMSGSIZE;
2074
2075 if (type == NETCONFA_ALL)
2076 all = true;
2077
2078 ncm = nlmsg_data(nlh);
2079 ncm->ncm_family = AF_INET;
2080
2081 if (nla_put_s32(skb, NETCONFA_IFINDEX, ifindex) < 0)
2082 goto nla_put_failure;
2083
2084 if (!devconf)
2085 goto out;
2086
2087 if ((all || type == NETCONFA_FORWARDING) &&
2088 nla_put_s32(skb, NETCONFA_FORWARDING,
2089 IPV4_DEVCONF_RO(*devconf, FORWARDING)) < 0)
2090 goto nla_put_failure;
2091 if ((all || type == NETCONFA_RP_FILTER) &&
2092 nla_put_s32(skb, NETCONFA_RP_FILTER,
2093 IPV4_DEVCONF_RO(*devconf, RP_FILTER)) < 0)
2094 goto nla_put_failure;
2095 if ((all || type == NETCONFA_MC_FORWARDING) &&
2096 nla_put_s32(skb, NETCONFA_MC_FORWARDING,
2097 IPV4_DEVCONF_RO(*devconf, MC_FORWARDING)) < 0)
2098 goto nla_put_failure;
2099 if ((all || type == NETCONFA_BC_FORWARDING) &&
2100 nla_put_s32(skb, NETCONFA_BC_FORWARDING,
2101 IPV4_DEVCONF_RO(*devconf, BC_FORWARDING)) < 0)
2102 goto nla_put_failure;
2103 if ((all || type == NETCONFA_PROXY_NEIGH) &&
2104 nla_put_s32(skb, NETCONFA_PROXY_NEIGH,
2105 IPV4_DEVCONF_RO(*devconf, PROXY_ARP)) < 0)
2106 goto nla_put_failure;
2107 if ((all || type == NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN) &&
2108 nla_put_s32(skb, NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN,
2109 IPV4_DEVCONF_RO(*devconf,
2110 IGNORE_ROUTES_WITH_LINKDOWN)) < 0)
2111 goto nla_put_failure;
2112
2113out:
2114 nlmsg_end(skb, nlh);
2115 return 0;
2116
2117nla_put_failure:
2118 nlmsg_cancel(skb, nlh);
2119 return -EMSGSIZE;
2120}
2121
2122void inet_netconf_notify_devconf(struct net *net, int event, int type,
2123 int ifindex, struct ipv4_devconf *devconf)
2124{
2125 struct sk_buff *skb;
2126 int err = -ENOBUFS;
2127
2128 skb = nlmsg_new(inet_netconf_msgsize_devconf(type), GFP_KERNEL);
2129 if (!skb)
2130 goto errout;
2131
2132 err = inet_netconf_fill_devconf(skb, ifindex, devconf, 0, 0,
2133 event, 0, type);
2134 if (err < 0) {
2135 /* -EMSGSIZE implies BUG in inet_netconf_msgsize_devconf() */
2136 WARN_ON(err == -EMSGSIZE);
2137 kfree_skb(skb);
2138 goto errout;
2139 }
2140 rtnl_notify(skb, net, 0, RTNLGRP_IPV4_NETCONF, NULL, GFP_KERNEL);
2141 return;
2142errout:
2143 if (err < 0)
2144 rtnl_set_sk_err(net, RTNLGRP_IPV4_NETCONF, err);
2145}
2146
2147static const struct nla_policy devconf_ipv4_policy[NETCONFA_MAX+1] = {
2148 [NETCONFA_IFINDEX] = { .len = sizeof(int) },
2149 [NETCONFA_FORWARDING] = { .len = sizeof(int) },
2150 [NETCONFA_RP_FILTER] = { .len = sizeof(int) },
2151 [NETCONFA_PROXY_NEIGH] = { .len = sizeof(int) },
2152 [NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN] = { .len = sizeof(int) },
2153};
2154
2155static int inet_netconf_valid_get_req(struct sk_buff *skb,
2156 const struct nlmsghdr *nlh,
2157 struct nlattr **tb,
2158 struct netlink_ext_ack *extack)
2159{
2160 int i, err;
2161
2162 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(struct netconfmsg))) {
2163 NL_SET_ERR_MSG(extack, "ipv4: Invalid header for netconf get request");
2164 return -EINVAL;
2165 }
2166
2167 if (!netlink_strict_get_check(skb))
2168 return nlmsg_parse_deprecated(nlh, sizeof(struct netconfmsg),
2169 tb, NETCONFA_MAX,
2170 devconf_ipv4_policy, extack);
2171
2172 err = nlmsg_parse_deprecated_strict(nlh, sizeof(struct netconfmsg),
2173 tb, NETCONFA_MAX,
2174 devconf_ipv4_policy, extack);
2175 if (err)
2176 return err;
2177
2178 for (i = 0; i <= NETCONFA_MAX; i++) {
2179 if (!tb[i])
2180 continue;
2181
2182 switch (i) {
2183 case NETCONFA_IFINDEX:
2184 break;
2185 default:
2186 NL_SET_ERR_MSG(extack, "ipv4: Unsupported attribute in netconf get request");
2187 return -EINVAL;
2188 }
2189 }
2190
2191 return 0;
2192}
2193
2194static int inet_netconf_get_devconf(struct sk_buff *in_skb,
2195 struct nlmsghdr *nlh,
2196 struct netlink_ext_ack *extack)
2197{
2198 struct net *net = sock_net(in_skb->sk);
2199 struct nlattr *tb[NETCONFA_MAX + 1];
2200 const struct ipv4_devconf *devconf;
2201 struct in_device *in_dev = NULL;
2202 struct net_device *dev = NULL;
2203 struct sk_buff *skb;
2204 int ifindex;
2205 int err;
2206
2207 err = inet_netconf_valid_get_req(in_skb, nlh, tb, extack);
2208 if (err)
2209 return err;
2210
2211 if (!tb[NETCONFA_IFINDEX])
2212 return -EINVAL;
2213
2214 ifindex = nla_get_s32(tb[NETCONFA_IFINDEX]);
2215 switch (ifindex) {
2216 case NETCONFA_IFINDEX_ALL:
2217 devconf = net->ipv4.devconf_all;
2218 break;
2219 case NETCONFA_IFINDEX_DEFAULT:
2220 devconf = net->ipv4.devconf_dflt;
2221 break;
2222 default:
2223 err = -ENODEV;
2224 dev = dev_get_by_index(net, ifindex);
2225 if (dev)
2226 in_dev = in_dev_get(dev);
2227 if (!in_dev)
2228 goto errout;
2229 devconf = &in_dev->cnf;
2230 break;
2231 }
2232
2233 err = -ENOBUFS;
2234 skb = nlmsg_new(inet_netconf_msgsize_devconf(NETCONFA_ALL), GFP_KERNEL);
2235 if (!skb)
2236 goto errout;
2237
2238 err = inet_netconf_fill_devconf(skb, ifindex, devconf,
2239 NETLINK_CB(in_skb).portid,
2240 nlh->nlmsg_seq, RTM_NEWNETCONF, 0,
2241 NETCONFA_ALL);
2242 if (err < 0) {
2243 /* -EMSGSIZE implies BUG in inet_netconf_msgsize_devconf() */
2244 WARN_ON(err == -EMSGSIZE);
2245 kfree_skb(skb);
2246 goto errout;
2247 }
2248 err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).portid);
2249errout:
2250 if (in_dev)
2251 in_dev_put(in_dev);
2252 dev_put(dev);
2253 return err;
2254}
2255
2256static int inet_netconf_dump_devconf(struct sk_buff *skb,
2257 struct netlink_callback *cb)
2258{
2259 const struct nlmsghdr *nlh = cb->nlh;
2260 struct net *net = sock_net(skb->sk);
2261 struct {
2262 unsigned long ifindex;
2263 unsigned int all_default;
2264 } *ctx = (void *)cb->ctx;
2265 const struct in_device *in_dev;
2266 struct net_device *dev;
2267 int err = 0;
2268
2269 if (cb->strict_check) {
2270 struct netlink_ext_ack *extack = cb->extack;
2271 struct netconfmsg *ncm;
2272
2273 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*ncm))) {
2274 NL_SET_ERR_MSG(extack, "ipv4: Invalid header for netconf dump request");
2275 return -EINVAL;
2276 }
2277
2278 if (nlmsg_attrlen(nlh, sizeof(*ncm))) {
2279 NL_SET_ERR_MSG(extack, "ipv4: Invalid data after header in netconf dump request");
2280 return -EINVAL;
2281 }
2282 }
2283
2284 rcu_read_lock();
2285 for_each_netdev_dump(net, dev, ctx->ifindex) {
2286 in_dev = __in_dev_get_rcu(dev);
2287 if (!in_dev)
2288 continue;
2289 err = inet_netconf_fill_devconf(skb, dev->ifindex,
2290 &in_dev->cnf,
2291 NETLINK_CB(cb->skb).portid,
2292 nlh->nlmsg_seq,
2293 RTM_NEWNETCONF, NLM_F_MULTI,
2294 NETCONFA_ALL);
2295 if (err < 0)
2296 goto done;
2297 }
2298 if (ctx->all_default == 0) {
2299 err = inet_netconf_fill_devconf(skb, NETCONFA_IFINDEX_ALL,
2300 net->ipv4.devconf_all,
2301 NETLINK_CB(cb->skb).portid,
2302 nlh->nlmsg_seq,
2303 RTM_NEWNETCONF, NLM_F_MULTI,
2304 NETCONFA_ALL);
2305 if (err < 0)
2306 goto done;
2307 ctx->all_default++;
2308 }
2309 if (ctx->all_default == 1) {
2310 err = inet_netconf_fill_devconf(skb, NETCONFA_IFINDEX_DEFAULT,
2311 net->ipv4.devconf_dflt,
2312 NETLINK_CB(cb->skb).portid,
2313 nlh->nlmsg_seq,
2314 RTM_NEWNETCONF, NLM_F_MULTI,
2315 NETCONFA_ALL);
2316 if (err < 0)
2317 goto done;
2318 ctx->all_default++;
2319 }
2320done:
2321 rcu_read_unlock();
2322 return err;
2323}
2324
2325#ifdef CONFIG_SYSCTL
2326
2327static void devinet_copy_dflt_conf(struct net *net, int i)
2328{
2329 struct net_device *dev;
2330
2331 rcu_read_lock();
2332 for_each_netdev_rcu(net, dev) {
2333 struct in_device *in_dev;
2334
2335 in_dev = __in_dev_get_rcu(dev);
2336 if (in_dev && !test_bit(i, in_dev->cnf.state))
2337 in_dev->cnf.data[i] = net->ipv4.devconf_dflt->data[i];
2338 }
2339 rcu_read_unlock();
2340}
2341
2342/* called with RTNL locked */
2343static void inet_forward_change(struct net *net)
2344{
2345 struct net_device *dev;
2346 int on = IPV4_DEVCONF_ALL(net, FORWARDING);
2347
2348 IPV4_DEVCONF_ALL(net, ACCEPT_REDIRECTS) = !on;
2349 IPV4_DEVCONF_DFLT(net, FORWARDING) = on;
2350 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2351 NETCONFA_FORWARDING,
2352 NETCONFA_IFINDEX_ALL,
2353 net->ipv4.devconf_all);
2354 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2355 NETCONFA_FORWARDING,
2356 NETCONFA_IFINDEX_DEFAULT,
2357 net->ipv4.devconf_dflt);
2358
2359 for_each_netdev(net, dev) {
2360 struct in_device *in_dev;
2361
2362 if (on)
2363 dev_disable_lro(dev);
2364
2365 in_dev = __in_dev_get_rtnl(dev);
2366 if (in_dev) {
2367 IN_DEV_CONF_SET(in_dev, FORWARDING, on);
2368 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2369 NETCONFA_FORWARDING,
2370 dev->ifindex, &in_dev->cnf);
2371 }
2372 }
2373}
2374
2375static int devinet_conf_ifindex(struct net *net, struct ipv4_devconf *cnf)
2376{
2377 if (cnf == net->ipv4.devconf_dflt)
2378 return NETCONFA_IFINDEX_DEFAULT;
2379 else if (cnf == net->ipv4.devconf_all)
2380 return NETCONFA_IFINDEX_ALL;
2381 else {
2382 struct in_device *idev
2383 = container_of(cnf, struct in_device, cnf);
2384 return idev->dev->ifindex;
2385 }
2386}
2387
2388static int devinet_conf_proc(struct ctl_table *ctl, int write,
2389 void *buffer, size_t *lenp, loff_t *ppos)
2390{
2391 int old_value = *(int *)ctl->data;
2392 int ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
2393 int new_value = *(int *)ctl->data;
2394
2395 if (write) {
2396 struct ipv4_devconf *cnf = ctl->extra1;
2397 struct net *net = ctl->extra2;
2398 int i = (int *)ctl->data - cnf->data;
2399 int ifindex;
2400
2401 set_bit(i, cnf->state);
2402
2403 if (cnf == net->ipv4.devconf_dflt)
2404 devinet_copy_dflt_conf(net, i);
2405 if (i == IPV4_DEVCONF_ACCEPT_LOCAL - 1 ||
2406 i == IPV4_DEVCONF_ROUTE_LOCALNET - 1)
2407 if ((new_value == 0) && (old_value != 0))
2408 rt_cache_flush(net);
2409
2410 if (i == IPV4_DEVCONF_BC_FORWARDING - 1 &&
2411 new_value != old_value)
2412 rt_cache_flush(net);
2413
2414 if (i == IPV4_DEVCONF_RP_FILTER - 1 &&
2415 new_value != old_value) {
2416 ifindex = devinet_conf_ifindex(net, cnf);
2417 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2418 NETCONFA_RP_FILTER,
2419 ifindex, cnf);
2420 }
2421 if (i == IPV4_DEVCONF_PROXY_ARP - 1 &&
2422 new_value != old_value) {
2423 ifindex = devinet_conf_ifindex(net, cnf);
2424 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2425 NETCONFA_PROXY_NEIGH,
2426 ifindex, cnf);
2427 }
2428 if (i == IPV4_DEVCONF_IGNORE_ROUTES_WITH_LINKDOWN - 1 &&
2429 new_value != old_value) {
2430 ifindex = devinet_conf_ifindex(net, cnf);
2431 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2432 NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN,
2433 ifindex, cnf);
2434 }
2435 }
2436
2437 return ret;
2438}
2439
2440static int devinet_sysctl_forward(struct ctl_table *ctl, int write,
2441 void *buffer, size_t *lenp, loff_t *ppos)
2442{
2443 int *valp = ctl->data;
2444 int val = *valp;
2445 loff_t pos = *ppos;
2446 struct net *net = ctl->extra2;
2447 int ret;
2448
2449 if (write && !ns_capable(net->user_ns, CAP_NET_ADMIN))
2450 return -EPERM;
2451
2452 ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
2453
2454 if (write && *valp != val) {
2455 if (valp != &IPV4_DEVCONF_DFLT(net, FORWARDING)) {
2456 if (!rtnl_trylock()) {
2457 /* Restore the original values before restarting */
2458 *valp = val;
2459 *ppos = pos;
2460 return restart_syscall();
2461 }
2462 if (valp == &IPV4_DEVCONF_ALL(net, FORWARDING)) {
2463 inet_forward_change(net);
2464 } else {
2465 struct ipv4_devconf *cnf = ctl->extra1;
2466 struct in_device *idev =
2467 container_of(cnf, struct in_device, cnf);
2468 if (*valp)
2469 dev_disable_lro(idev->dev);
2470 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2471 NETCONFA_FORWARDING,
2472 idev->dev->ifindex,
2473 cnf);
2474 }
2475 rtnl_unlock();
2476 rt_cache_flush(net);
2477 } else
2478 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2479 NETCONFA_FORWARDING,
2480 NETCONFA_IFINDEX_DEFAULT,
2481 net->ipv4.devconf_dflt);
2482 }
2483
2484 return ret;
2485}
2486
2487static int ipv4_doint_and_flush(struct ctl_table *ctl, int write,
2488 void *buffer, size_t *lenp, loff_t *ppos)
2489{
2490 int *valp = ctl->data;
2491 int val = *valp;
2492 int ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
2493 struct net *net = ctl->extra2;
2494
2495 if (write && *valp != val)
2496 rt_cache_flush(net);
2497
2498 return ret;
2499}
2500
2501#define DEVINET_SYSCTL_ENTRY(attr, name, mval, proc) \
2502 { \
2503 .procname = name, \
2504 .data = ipv4_devconf.data + \
2505 IPV4_DEVCONF_ ## attr - 1, \
2506 .maxlen = sizeof(int), \
2507 .mode = mval, \
2508 .proc_handler = proc, \
2509 .extra1 = &ipv4_devconf, \
2510 }
2511
2512#define DEVINET_SYSCTL_RW_ENTRY(attr, name) \
2513 DEVINET_SYSCTL_ENTRY(attr, name, 0644, devinet_conf_proc)
2514
2515#define DEVINET_SYSCTL_RO_ENTRY(attr, name) \
2516 DEVINET_SYSCTL_ENTRY(attr, name, 0444, devinet_conf_proc)
2517
2518#define DEVINET_SYSCTL_COMPLEX_ENTRY(attr, name, proc) \
2519 DEVINET_SYSCTL_ENTRY(attr, name, 0644, proc)
2520
2521#define DEVINET_SYSCTL_FLUSHING_ENTRY(attr, name) \
2522 DEVINET_SYSCTL_COMPLEX_ENTRY(attr, name, ipv4_doint_and_flush)
2523
2524static struct devinet_sysctl_table {
2525 struct ctl_table_header *sysctl_header;
2526 struct ctl_table devinet_vars[__IPV4_DEVCONF_MAX];
2527} devinet_sysctl = {
2528 .devinet_vars = {
2529 DEVINET_SYSCTL_COMPLEX_ENTRY(FORWARDING, "forwarding",
2530 devinet_sysctl_forward),
2531 DEVINET_SYSCTL_RO_ENTRY(MC_FORWARDING, "mc_forwarding"),
2532 DEVINET_SYSCTL_RW_ENTRY(BC_FORWARDING, "bc_forwarding"),
2533
2534 DEVINET_SYSCTL_RW_ENTRY(ACCEPT_REDIRECTS, "accept_redirects"),
2535 DEVINET_SYSCTL_RW_ENTRY(SECURE_REDIRECTS, "secure_redirects"),
2536 DEVINET_SYSCTL_RW_ENTRY(SHARED_MEDIA, "shared_media"),
2537 DEVINET_SYSCTL_RW_ENTRY(RP_FILTER, "rp_filter"),
2538 DEVINET_SYSCTL_RW_ENTRY(SEND_REDIRECTS, "send_redirects"),
2539 DEVINET_SYSCTL_RW_ENTRY(ACCEPT_SOURCE_ROUTE,
2540 "accept_source_route"),
2541 DEVINET_SYSCTL_RW_ENTRY(ACCEPT_LOCAL, "accept_local"),
2542 DEVINET_SYSCTL_RW_ENTRY(SRC_VMARK, "src_valid_mark"),
2543 DEVINET_SYSCTL_RW_ENTRY(PROXY_ARP, "proxy_arp"),
2544 DEVINET_SYSCTL_RW_ENTRY(MEDIUM_ID, "medium_id"),
2545 DEVINET_SYSCTL_RW_ENTRY(BOOTP_RELAY, "bootp_relay"),
2546 DEVINET_SYSCTL_RW_ENTRY(LOG_MARTIANS, "log_martians"),
2547 DEVINET_SYSCTL_RW_ENTRY(TAG, "tag"),
2548 DEVINET_SYSCTL_RW_ENTRY(ARPFILTER, "arp_filter"),
2549 DEVINET_SYSCTL_RW_ENTRY(ARP_ANNOUNCE, "arp_announce"),
2550 DEVINET_SYSCTL_RW_ENTRY(ARP_IGNORE, "arp_ignore"),
2551 DEVINET_SYSCTL_RW_ENTRY(ARP_ACCEPT, "arp_accept"),
2552 DEVINET_SYSCTL_RW_ENTRY(ARP_NOTIFY, "arp_notify"),
2553 DEVINET_SYSCTL_RW_ENTRY(ARP_EVICT_NOCARRIER,
2554 "arp_evict_nocarrier"),
2555 DEVINET_SYSCTL_RW_ENTRY(PROXY_ARP_PVLAN, "proxy_arp_pvlan"),
2556 DEVINET_SYSCTL_RW_ENTRY(FORCE_IGMP_VERSION,
2557 "force_igmp_version"),
2558 DEVINET_SYSCTL_RW_ENTRY(IGMPV2_UNSOLICITED_REPORT_INTERVAL,
2559 "igmpv2_unsolicited_report_interval"),
2560 DEVINET_SYSCTL_RW_ENTRY(IGMPV3_UNSOLICITED_REPORT_INTERVAL,
2561 "igmpv3_unsolicited_report_interval"),
2562 DEVINET_SYSCTL_RW_ENTRY(IGNORE_ROUTES_WITH_LINKDOWN,
2563 "ignore_routes_with_linkdown"),
2564 DEVINET_SYSCTL_RW_ENTRY(DROP_GRATUITOUS_ARP,
2565 "drop_gratuitous_arp"),
2566
2567 DEVINET_SYSCTL_FLUSHING_ENTRY(NOXFRM, "disable_xfrm"),
2568 DEVINET_SYSCTL_FLUSHING_ENTRY(NOPOLICY, "disable_policy"),
2569 DEVINET_SYSCTL_FLUSHING_ENTRY(PROMOTE_SECONDARIES,
2570 "promote_secondaries"),
2571 DEVINET_SYSCTL_FLUSHING_ENTRY(ROUTE_LOCALNET,
2572 "route_localnet"),
2573 DEVINET_SYSCTL_FLUSHING_ENTRY(DROP_UNICAST_IN_L2_MULTICAST,
2574 "drop_unicast_in_l2_multicast"),
2575 },
2576};
2577
2578static int __devinet_sysctl_register(struct net *net, char *dev_name,
2579 int ifindex, struct ipv4_devconf *p)
2580{
2581 int i;
2582 struct devinet_sysctl_table *t;
2583 char path[sizeof("net/ipv4/conf/") + IFNAMSIZ];
2584
2585 t = kmemdup(&devinet_sysctl, sizeof(*t), GFP_KERNEL_ACCOUNT);
2586 if (!t)
2587 goto out;
2588
2589 for (i = 0; i < ARRAY_SIZE(t->devinet_vars) - 1; i++) {
2590 t->devinet_vars[i].data += (char *)p - (char *)&ipv4_devconf;
2591 t->devinet_vars[i].extra1 = p;
2592 t->devinet_vars[i].extra2 = net;
2593 }
2594
2595 snprintf(path, sizeof(path), "net/ipv4/conf/%s", dev_name);
2596
2597 t->sysctl_header = register_net_sysctl(net, path, t->devinet_vars);
2598 if (!t->sysctl_header)
2599 goto free;
2600
2601 p->sysctl = t;
2602
2603 inet_netconf_notify_devconf(net, RTM_NEWNETCONF, NETCONFA_ALL,
2604 ifindex, p);
2605 return 0;
2606
2607free:
2608 kfree(t);
2609out:
2610 return -ENOMEM;
2611}
2612
2613static void __devinet_sysctl_unregister(struct net *net,
2614 struct ipv4_devconf *cnf, int ifindex)
2615{
2616 struct devinet_sysctl_table *t = cnf->sysctl;
2617
2618 if (t) {
2619 cnf->sysctl = NULL;
2620 unregister_net_sysctl_table(t->sysctl_header);
2621 kfree(t);
2622 }
2623
2624 inet_netconf_notify_devconf(net, RTM_DELNETCONF, 0, ifindex, NULL);
2625}
2626
2627static int devinet_sysctl_register(struct in_device *idev)
2628{
2629 int err;
2630
2631 if (!sysctl_dev_name_is_allowed(idev->dev->name))
2632 return -EINVAL;
2633
2634 err = neigh_sysctl_register(idev->dev, idev->arp_parms, NULL);
2635 if (err)
2636 return err;
2637 err = __devinet_sysctl_register(dev_net(idev->dev), idev->dev->name,
2638 idev->dev->ifindex, &idev->cnf);
2639 if (err)
2640 neigh_sysctl_unregister(idev->arp_parms);
2641 return err;
2642}
2643
2644static void devinet_sysctl_unregister(struct in_device *idev)
2645{
2646 struct net *net = dev_net(idev->dev);
2647
2648 __devinet_sysctl_unregister(net, &idev->cnf, idev->dev->ifindex);
2649 neigh_sysctl_unregister(idev->arp_parms);
2650}
2651
2652static struct ctl_table ctl_forward_entry[] = {
2653 {
2654 .procname = "ip_forward",
2655 .data = &ipv4_devconf.data[
2656 IPV4_DEVCONF_FORWARDING - 1],
2657 .maxlen = sizeof(int),
2658 .mode = 0644,
2659 .proc_handler = devinet_sysctl_forward,
2660 .extra1 = &ipv4_devconf,
2661 .extra2 = &init_net,
2662 },
2663 { },
2664};
2665#endif
2666
2667static __net_init int devinet_init_net(struct net *net)
2668{
2669 int err;
2670 struct ipv4_devconf *all, *dflt;
2671#ifdef CONFIG_SYSCTL
2672 struct ctl_table *tbl;
2673 struct ctl_table_header *forw_hdr;
2674#endif
2675
2676 err = -ENOMEM;
2677 all = kmemdup(&ipv4_devconf, sizeof(ipv4_devconf), GFP_KERNEL);
2678 if (!all)
2679 goto err_alloc_all;
2680
2681 dflt = kmemdup(&ipv4_devconf_dflt, sizeof(ipv4_devconf_dflt), GFP_KERNEL);
2682 if (!dflt)
2683 goto err_alloc_dflt;
2684
2685#ifdef CONFIG_SYSCTL
2686 tbl = kmemdup(ctl_forward_entry, sizeof(ctl_forward_entry), GFP_KERNEL);
2687 if (!tbl)
2688 goto err_alloc_ctl;
2689
2690 tbl[0].data = &all->data[IPV4_DEVCONF_FORWARDING - 1];
2691 tbl[0].extra1 = all;
2692 tbl[0].extra2 = net;
2693#endif
2694
2695 if (!net_eq(net, &init_net)) {
2696 switch (net_inherit_devconf()) {
2697 case 3:
2698 /* copy from the current netns */
2699 memcpy(all, current->nsproxy->net_ns->ipv4.devconf_all,
2700 sizeof(ipv4_devconf));
2701 memcpy(dflt,
2702 current->nsproxy->net_ns->ipv4.devconf_dflt,
2703 sizeof(ipv4_devconf_dflt));
2704 break;
2705 case 0:
2706 case 1:
2707 /* copy from init_net */
2708 memcpy(all, init_net.ipv4.devconf_all,
2709 sizeof(ipv4_devconf));
2710 memcpy(dflt, init_net.ipv4.devconf_dflt,
2711 sizeof(ipv4_devconf_dflt));
2712 break;
2713 case 2:
2714 /* use compiled values */
2715 break;
2716 }
2717 }
2718
2719#ifdef CONFIG_SYSCTL
2720 err = __devinet_sysctl_register(net, "all", NETCONFA_IFINDEX_ALL, all);
2721 if (err < 0)
2722 goto err_reg_all;
2723
2724 err = __devinet_sysctl_register(net, "default",
2725 NETCONFA_IFINDEX_DEFAULT, dflt);
2726 if (err < 0)
2727 goto err_reg_dflt;
2728
2729 err = -ENOMEM;
2730 forw_hdr = register_net_sysctl_sz(net, "net/ipv4", tbl,
2731 ARRAY_SIZE(ctl_forward_entry));
2732 if (!forw_hdr)
2733 goto err_reg_ctl;
2734 net->ipv4.forw_hdr = forw_hdr;
2735#endif
2736
2737 net->ipv4.devconf_all = all;
2738 net->ipv4.devconf_dflt = dflt;
2739 return 0;
2740
2741#ifdef CONFIG_SYSCTL
2742err_reg_ctl:
2743 __devinet_sysctl_unregister(net, dflt, NETCONFA_IFINDEX_DEFAULT);
2744err_reg_dflt:
2745 __devinet_sysctl_unregister(net, all, NETCONFA_IFINDEX_ALL);
2746err_reg_all:
2747 kfree(tbl);
2748err_alloc_ctl:
2749#endif
2750 kfree(dflt);
2751err_alloc_dflt:
2752 kfree(all);
2753err_alloc_all:
2754 return err;
2755}
2756
2757static __net_exit void devinet_exit_net(struct net *net)
2758{
2759#ifdef CONFIG_SYSCTL
2760 struct ctl_table *tbl;
2761
2762 tbl = net->ipv4.forw_hdr->ctl_table_arg;
2763 unregister_net_sysctl_table(net->ipv4.forw_hdr);
2764 __devinet_sysctl_unregister(net, net->ipv4.devconf_dflt,
2765 NETCONFA_IFINDEX_DEFAULT);
2766 __devinet_sysctl_unregister(net, net->ipv4.devconf_all,
2767 NETCONFA_IFINDEX_ALL);
2768 kfree(tbl);
2769#endif
2770 kfree(net->ipv4.devconf_dflt);
2771 kfree(net->ipv4.devconf_all);
2772}
2773
2774static __net_initdata struct pernet_operations devinet_ops = {
2775 .init = devinet_init_net,
2776 .exit = devinet_exit_net,
2777};
2778
2779static struct rtnl_af_ops inet_af_ops __read_mostly = {
2780 .family = AF_INET,
2781 .fill_link_af = inet_fill_link_af,
2782 .get_link_af_size = inet_get_link_af_size,
2783 .validate_link_af = inet_validate_link_af,
2784 .set_link_af = inet_set_link_af,
2785};
2786
2787void __init devinet_init(void)
2788{
2789 int i;
2790
2791 for (i = 0; i < IN4_ADDR_HSIZE; i++)
2792 INIT_HLIST_HEAD(&inet_addr_lst[i]);
2793
2794 register_pernet_subsys(&devinet_ops);
2795 register_netdevice_notifier(&ip_netdev_notifier);
2796
2797 queue_delayed_work(system_power_efficient_wq, &check_lifetime_work, 0);
2798
2799 rtnl_af_register(&inet_af_ops);
2800
2801 rtnl_register(PF_INET, RTM_NEWADDR, inet_rtm_newaddr, NULL, 0);
2802 rtnl_register(PF_INET, RTM_DELADDR, inet_rtm_deladdr, NULL, 0);
2803 rtnl_register(PF_INET, RTM_GETADDR, NULL, inet_dump_ifaddr,
2804 RTNL_FLAG_DUMP_UNLOCKED);
2805 rtnl_register(PF_INET, RTM_GETNETCONF, inet_netconf_get_devconf,
2806 inet_netconf_dump_devconf,
2807 RTNL_FLAG_DOIT_UNLOCKED | RTNL_FLAG_DUMP_UNLOCKED);
2808}