Loading...
1/*
2 * NET3 IP device support routines.
3 *
4 * This program is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU General Public License
6 * as published by the Free Software Foundation; either version
7 * 2 of the License, or (at your option) any later version.
8 *
9 * Derived from the IP parts of dev.c 1.0.19
10 * Authors: Ross Biro
11 * Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
12 * Mark Evans, <evansmp@uhura.aston.ac.uk>
13 *
14 * Additional Authors:
15 * Alan Cox, <gw4pts@gw4pts.ampr.org>
16 * Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru>
17 *
18 * Changes:
19 * Alexey Kuznetsov: pa_* fields are replaced with ifaddr
20 * lists.
21 * Cyrus Durgin: updated for kmod
22 * Matthias Andree: in devinet_ioctl, compare label and
23 * address (4.4BSD alias style support),
24 * fall back to comparing just the label
25 * if no match found.
26 */
27
28
29#include <linux/uaccess.h>
30#include <linux/bitops.h>
31#include <linux/capability.h>
32#include <linux/module.h>
33#include <linux/types.h>
34#include <linux/kernel.h>
35#include <linux/sched/signal.h>
36#include <linux/string.h>
37#include <linux/mm.h>
38#include <linux/socket.h>
39#include <linux/sockios.h>
40#include <linux/in.h>
41#include <linux/errno.h>
42#include <linux/interrupt.h>
43#include <linux/if_addr.h>
44#include <linux/if_ether.h>
45#include <linux/inet.h>
46#include <linux/netdevice.h>
47#include <linux/etherdevice.h>
48#include <linux/skbuff.h>
49#include <linux/init.h>
50#include <linux/notifier.h>
51#include <linux/inetdevice.h>
52#include <linux/igmp.h>
53#include <linux/slab.h>
54#include <linux/hash.h>
55#ifdef CONFIG_SYSCTL
56#include <linux/sysctl.h>
57#endif
58#include <linux/kmod.h>
59#include <linux/netconf.h>
60
61#include <net/arp.h>
62#include <net/ip.h>
63#include <net/route.h>
64#include <net/ip_fib.h>
65#include <net/rtnetlink.h>
66#include <net/net_namespace.h>
67#include <net/addrconf.h>
68
69static struct ipv4_devconf ipv4_devconf = {
70 .data = {
71 [IPV4_DEVCONF_ACCEPT_REDIRECTS - 1] = 1,
72 [IPV4_DEVCONF_SEND_REDIRECTS - 1] = 1,
73 [IPV4_DEVCONF_SECURE_REDIRECTS - 1] = 1,
74 [IPV4_DEVCONF_SHARED_MEDIA - 1] = 1,
75 [IPV4_DEVCONF_IGMPV2_UNSOLICITED_REPORT_INTERVAL - 1] = 10000 /*ms*/,
76 [IPV4_DEVCONF_IGMPV3_UNSOLICITED_REPORT_INTERVAL - 1] = 1000 /*ms*/,
77 },
78};
79
80static struct ipv4_devconf ipv4_devconf_dflt = {
81 .data = {
82 [IPV4_DEVCONF_ACCEPT_REDIRECTS - 1] = 1,
83 [IPV4_DEVCONF_SEND_REDIRECTS - 1] = 1,
84 [IPV4_DEVCONF_SECURE_REDIRECTS - 1] = 1,
85 [IPV4_DEVCONF_SHARED_MEDIA - 1] = 1,
86 [IPV4_DEVCONF_ACCEPT_SOURCE_ROUTE - 1] = 1,
87 [IPV4_DEVCONF_IGMPV2_UNSOLICITED_REPORT_INTERVAL - 1] = 10000 /*ms*/,
88 [IPV4_DEVCONF_IGMPV3_UNSOLICITED_REPORT_INTERVAL - 1] = 1000 /*ms*/,
89 },
90};
91
92#define IPV4_DEVCONF_DFLT(net, attr) \
93 IPV4_DEVCONF((*net->ipv4.devconf_dflt), attr)
94
95static const struct nla_policy ifa_ipv4_policy[IFA_MAX+1] = {
96 [IFA_LOCAL] = { .type = NLA_U32 },
97 [IFA_ADDRESS] = { .type = NLA_U32 },
98 [IFA_BROADCAST] = { .type = NLA_U32 },
99 [IFA_LABEL] = { .type = NLA_STRING, .len = IFNAMSIZ - 1 },
100 [IFA_CACHEINFO] = { .len = sizeof(struct ifa_cacheinfo) },
101 [IFA_FLAGS] = { .type = NLA_U32 },
102};
103
104#define IN4_ADDR_HSIZE_SHIFT 8
105#define IN4_ADDR_HSIZE (1U << IN4_ADDR_HSIZE_SHIFT)
106
107static struct hlist_head inet_addr_lst[IN4_ADDR_HSIZE];
108
109static u32 inet_addr_hash(const struct net *net, __be32 addr)
110{
111 u32 val = (__force u32) addr ^ net_hash_mix(net);
112
113 return hash_32(val, IN4_ADDR_HSIZE_SHIFT);
114}
115
116static void inet_hash_insert(struct net *net, struct in_ifaddr *ifa)
117{
118 u32 hash = inet_addr_hash(net, ifa->ifa_local);
119
120 ASSERT_RTNL();
121 hlist_add_head_rcu(&ifa->hash, &inet_addr_lst[hash]);
122}
123
124static void inet_hash_remove(struct in_ifaddr *ifa)
125{
126 ASSERT_RTNL();
127 hlist_del_init_rcu(&ifa->hash);
128}
129
130/**
131 * __ip_dev_find - find the first device with a given source address.
132 * @net: the net namespace
133 * @addr: the source address
134 * @devref: if true, take a reference on the found device
135 *
136 * If a caller uses devref=false, it should be protected by RCU, or RTNL
137 */
138struct net_device *__ip_dev_find(struct net *net, __be32 addr, bool devref)
139{
140 struct net_device *result = NULL;
141 struct in_ifaddr *ifa;
142
143 rcu_read_lock();
144 ifa = inet_lookup_ifaddr_rcu(net, addr);
145 if (!ifa) {
146 struct flowi4 fl4 = { .daddr = addr };
147 struct fib_result res = { 0 };
148 struct fib_table *local;
149
150 /* Fallback to FIB local table so that communication
151 * over loopback subnets work.
152 */
153 local = fib_get_table(net, RT_TABLE_LOCAL);
154 if (local &&
155 !fib_table_lookup(local, &fl4, &res, FIB_LOOKUP_NOREF) &&
156 res.type == RTN_LOCAL)
157 result = FIB_RES_DEV(res);
158 } else {
159 result = ifa->ifa_dev->dev;
160 }
161 if (result && devref)
162 dev_hold(result);
163 rcu_read_unlock();
164 return result;
165}
166EXPORT_SYMBOL(__ip_dev_find);
167
168/* called under RCU lock */
169struct in_ifaddr *inet_lookup_ifaddr_rcu(struct net *net, __be32 addr)
170{
171 u32 hash = inet_addr_hash(net, addr);
172 struct in_ifaddr *ifa;
173
174 hlist_for_each_entry_rcu(ifa, &inet_addr_lst[hash], hash)
175 if (ifa->ifa_local == addr &&
176 net_eq(dev_net(ifa->ifa_dev->dev), net))
177 return ifa;
178
179 return NULL;
180}
181
182static void rtmsg_ifa(int event, struct in_ifaddr *, struct nlmsghdr *, u32);
183
184static BLOCKING_NOTIFIER_HEAD(inetaddr_chain);
185static BLOCKING_NOTIFIER_HEAD(inetaddr_validator_chain);
186static void inet_del_ifa(struct in_device *in_dev, struct in_ifaddr **ifap,
187 int destroy);
188#ifdef CONFIG_SYSCTL
189static int devinet_sysctl_register(struct in_device *idev);
190static void devinet_sysctl_unregister(struct in_device *idev);
191#else
192static int devinet_sysctl_register(struct in_device *idev)
193{
194 return 0;
195}
196static void devinet_sysctl_unregister(struct in_device *idev)
197{
198}
199#endif
200
201/* Locks all the inet devices. */
202
203static struct in_ifaddr *inet_alloc_ifa(void)
204{
205 return kzalloc(sizeof(struct in_ifaddr), GFP_KERNEL);
206}
207
208static void inet_rcu_free_ifa(struct rcu_head *head)
209{
210 struct in_ifaddr *ifa = container_of(head, struct in_ifaddr, rcu_head);
211 if (ifa->ifa_dev)
212 in_dev_put(ifa->ifa_dev);
213 kfree(ifa);
214}
215
216static void inet_free_ifa(struct in_ifaddr *ifa)
217{
218 call_rcu(&ifa->rcu_head, inet_rcu_free_ifa);
219}
220
221void in_dev_finish_destroy(struct in_device *idev)
222{
223 struct net_device *dev = idev->dev;
224
225 WARN_ON(idev->ifa_list);
226 WARN_ON(idev->mc_list);
227 kfree(rcu_dereference_protected(idev->mc_hash, 1));
228#ifdef NET_REFCNT_DEBUG
229 pr_debug("%s: %p=%s\n", __func__, idev, dev ? dev->name : "NIL");
230#endif
231 dev_put(dev);
232 if (!idev->dead)
233 pr_err("Freeing alive in_device %p\n", idev);
234 else
235 kfree(idev);
236}
237EXPORT_SYMBOL(in_dev_finish_destroy);
238
239static struct in_device *inetdev_init(struct net_device *dev)
240{
241 struct in_device *in_dev;
242 int err = -ENOMEM;
243
244 ASSERT_RTNL();
245
246 in_dev = kzalloc(sizeof(*in_dev), GFP_KERNEL);
247 if (!in_dev)
248 goto out;
249 memcpy(&in_dev->cnf, dev_net(dev)->ipv4.devconf_dflt,
250 sizeof(in_dev->cnf));
251 in_dev->cnf.sysctl = NULL;
252 in_dev->dev = dev;
253 in_dev->arp_parms = neigh_parms_alloc(dev, &arp_tbl);
254 if (!in_dev->arp_parms)
255 goto out_kfree;
256 if (IPV4_DEVCONF(in_dev->cnf, FORWARDING))
257 dev_disable_lro(dev);
258 /* Reference in_dev->dev */
259 dev_hold(dev);
260 /* Account for reference dev->ip_ptr (below) */
261 refcount_set(&in_dev->refcnt, 1);
262
263 err = devinet_sysctl_register(in_dev);
264 if (err) {
265 in_dev->dead = 1;
266 in_dev_put(in_dev);
267 in_dev = NULL;
268 goto out;
269 }
270 ip_mc_init_dev(in_dev);
271 if (dev->flags & IFF_UP)
272 ip_mc_up(in_dev);
273
274 /* we can receive as soon as ip_ptr is set -- do this last */
275 rcu_assign_pointer(dev->ip_ptr, in_dev);
276out:
277 return in_dev ?: ERR_PTR(err);
278out_kfree:
279 kfree(in_dev);
280 in_dev = NULL;
281 goto out;
282}
283
284static void in_dev_rcu_put(struct rcu_head *head)
285{
286 struct in_device *idev = container_of(head, struct in_device, rcu_head);
287 in_dev_put(idev);
288}
289
290static void inetdev_destroy(struct in_device *in_dev)
291{
292 struct in_ifaddr *ifa;
293 struct net_device *dev;
294
295 ASSERT_RTNL();
296
297 dev = in_dev->dev;
298
299 in_dev->dead = 1;
300
301 ip_mc_destroy_dev(in_dev);
302
303 while ((ifa = in_dev->ifa_list) != NULL) {
304 inet_del_ifa(in_dev, &in_dev->ifa_list, 0);
305 inet_free_ifa(ifa);
306 }
307
308 RCU_INIT_POINTER(dev->ip_ptr, NULL);
309
310 devinet_sysctl_unregister(in_dev);
311 neigh_parms_release(&arp_tbl, in_dev->arp_parms);
312 arp_ifdown(dev);
313
314 call_rcu(&in_dev->rcu_head, in_dev_rcu_put);
315}
316
317int inet_addr_onlink(struct in_device *in_dev, __be32 a, __be32 b)
318{
319 rcu_read_lock();
320 for_primary_ifa(in_dev) {
321 if (inet_ifa_match(a, ifa)) {
322 if (!b || inet_ifa_match(b, ifa)) {
323 rcu_read_unlock();
324 return 1;
325 }
326 }
327 } endfor_ifa(in_dev);
328 rcu_read_unlock();
329 return 0;
330}
331
332static void __inet_del_ifa(struct in_device *in_dev, struct in_ifaddr **ifap,
333 int destroy, struct nlmsghdr *nlh, u32 portid)
334{
335 struct in_ifaddr *promote = NULL;
336 struct in_ifaddr *ifa, *ifa1 = *ifap;
337 struct in_ifaddr *last_prim = in_dev->ifa_list;
338 struct in_ifaddr *prev_prom = NULL;
339 int do_promote = IN_DEV_PROMOTE_SECONDARIES(in_dev);
340
341 ASSERT_RTNL();
342
343 if (in_dev->dead)
344 goto no_promotions;
345
346 /* 1. Deleting primary ifaddr forces deletion all secondaries
347 * unless alias promotion is set
348 **/
349
350 if (!(ifa1->ifa_flags & IFA_F_SECONDARY)) {
351 struct in_ifaddr **ifap1 = &ifa1->ifa_next;
352
353 while ((ifa = *ifap1) != NULL) {
354 if (!(ifa->ifa_flags & IFA_F_SECONDARY) &&
355 ifa1->ifa_scope <= ifa->ifa_scope)
356 last_prim = ifa;
357
358 if (!(ifa->ifa_flags & IFA_F_SECONDARY) ||
359 ifa1->ifa_mask != ifa->ifa_mask ||
360 !inet_ifa_match(ifa1->ifa_address, ifa)) {
361 ifap1 = &ifa->ifa_next;
362 prev_prom = ifa;
363 continue;
364 }
365
366 if (!do_promote) {
367 inet_hash_remove(ifa);
368 *ifap1 = ifa->ifa_next;
369
370 rtmsg_ifa(RTM_DELADDR, ifa, nlh, portid);
371 blocking_notifier_call_chain(&inetaddr_chain,
372 NETDEV_DOWN, ifa);
373 inet_free_ifa(ifa);
374 } else {
375 promote = ifa;
376 break;
377 }
378 }
379 }
380
381 /* On promotion all secondaries from subnet are changing
382 * the primary IP, we must remove all their routes silently
383 * and later to add them back with new prefsrc. Do this
384 * while all addresses are on the device list.
385 */
386 for (ifa = promote; ifa; ifa = ifa->ifa_next) {
387 if (ifa1->ifa_mask == ifa->ifa_mask &&
388 inet_ifa_match(ifa1->ifa_address, ifa))
389 fib_del_ifaddr(ifa, ifa1);
390 }
391
392no_promotions:
393 /* 2. Unlink it */
394
395 *ifap = ifa1->ifa_next;
396 inet_hash_remove(ifa1);
397
398 /* 3. Announce address deletion */
399
400 /* Send message first, then call notifier.
401 At first sight, FIB update triggered by notifier
402 will refer to already deleted ifaddr, that could confuse
403 netlink listeners. It is not true: look, gated sees
404 that route deleted and if it still thinks that ifaddr
405 is valid, it will try to restore deleted routes... Grr.
406 So that, this order is correct.
407 */
408 rtmsg_ifa(RTM_DELADDR, ifa1, nlh, portid);
409 blocking_notifier_call_chain(&inetaddr_chain, NETDEV_DOWN, ifa1);
410
411 if (promote) {
412 struct in_ifaddr *next_sec = promote->ifa_next;
413
414 if (prev_prom) {
415 prev_prom->ifa_next = promote->ifa_next;
416 promote->ifa_next = last_prim->ifa_next;
417 last_prim->ifa_next = promote;
418 }
419
420 promote->ifa_flags &= ~IFA_F_SECONDARY;
421 rtmsg_ifa(RTM_NEWADDR, promote, nlh, portid);
422 blocking_notifier_call_chain(&inetaddr_chain,
423 NETDEV_UP, promote);
424 for (ifa = next_sec; ifa; ifa = ifa->ifa_next) {
425 if (ifa1->ifa_mask != ifa->ifa_mask ||
426 !inet_ifa_match(ifa1->ifa_address, ifa))
427 continue;
428 fib_add_ifaddr(ifa);
429 }
430
431 }
432 if (destroy)
433 inet_free_ifa(ifa1);
434}
435
436static void inet_del_ifa(struct in_device *in_dev, struct in_ifaddr **ifap,
437 int destroy)
438{
439 __inet_del_ifa(in_dev, ifap, destroy, NULL, 0);
440}
441
442static void check_lifetime(struct work_struct *work);
443
444static DECLARE_DELAYED_WORK(check_lifetime_work, check_lifetime);
445
446static int __inet_insert_ifa(struct in_ifaddr *ifa, struct nlmsghdr *nlh,
447 u32 portid, struct netlink_ext_ack *extack)
448{
449 struct in_device *in_dev = ifa->ifa_dev;
450 struct in_ifaddr *ifa1, **ifap, **last_primary;
451 struct in_validator_info ivi;
452 int ret;
453
454 ASSERT_RTNL();
455
456 if (!ifa->ifa_local) {
457 inet_free_ifa(ifa);
458 return 0;
459 }
460
461 ifa->ifa_flags &= ~IFA_F_SECONDARY;
462 last_primary = &in_dev->ifa_list;
463
464 for (ifap = &in_dev->ifa_list; (ifa1 = *ifap) != NULL;
465 ifap = &ifa1->ifa_next) {
466 if (!(ifa1->ifa_flags & IFA_F_SECONDARY) &&
467 ifa->ifa_scope <= ifa1->ifa_scope)
468 last_primary = &ifa1->ifa_next;
469 if (ifa1->ifa_mask == ifa->ifa_mask &&
470 inet_ifa_match(ifa1->ifa_address, ifa)) {
471 if (ifa1->ifa_local == ifa->ifa_local) {
472 inet_free_ifa(ifa);
473 return -EEXIST;
474 }
475 if (ifa1->ifa_scope != ifa->ifa_scope) {
476 inet_free_ifa(ifa);
477 return -EINVAL;
478 }
479 ifa->ifa_flags |= IFA_F_SECONDARY;
480 }
481 }
482
483 /* Allow any devices that wish to register ifaddr validtors to weigh
484 * in now, before changes are committed. The rntl lock is serializing
485 * access here, so the state should not change between a validator call
486 * and a final notify on commit. This isn't invoked on promotion under
487 * the assumption that validators are checking the address itself, and
488 * not the flags.
489 */
490 ivi.ivi_addr = ifa->ifa_address;
491 ivi.ivi_dev = ifa->ifa_dev;
492 ivi.extack = extack;
493 ret = blocking_notifier_call_chain(&inetaddr_validator_chain,
494 NETDEV_UP, &ivi);
495 ret = notifier_to_errno(ret);
496 if (ret) {
497 inet_free_ifa(ifa);
498 return ret;
499 }
500
501 if (!(ifa->ifa_flags & IFA_F_SECONDARY)) {
502 prandom_seed((__force u32) ifa->ifa_local);
503 ifap = last_primary;
504 }
505
506 ifa->ifa_next = *ifap;
507 *ifap = ifa;
508
509 inet_hash_insert(dev_net(in_dev->dev), ifa);
510
511 cancel_delayed_work(&check_lifetime_work);
512 queue_delayed_work(system_power_efficient_wq, &check_lifetime_work, 0);
513
514 /* Send message first, then call notifier.
515 Notifier will trigger FIB update, so that
516 listeners of netlink will know about new ifaddr */
517 rtmsg_ifa(RTM_NEWADDR, ifa, nlh, portid);
518 blocking_notifier_call_chain(&inetaddr_chain, NETDEV_UP, ifa);
519
520 return 0;
521}
522
523static int inet_insert_ifa(struct in_ifaddr *ifa)
524{
525 return __inet_insert_ifa(ifa, NULL, 0, NULL);
526}
527
528static int inet_set_ifa(struct net_device *dev, struct in_ifaddr *ifa)
529{
530 struct in_device *in_dev = __in_dev_get_rtnl(dev);
531
532 ASSERT_RTNL();
533
534 if (!in_dev) {
535 inet_free_ifa(ifa);
536 return -ENOBUFS;
537 }
538 ipv4_devconf_setall(in_dev);
539 neigh_parms_data_state_setall(in_dev->arp_parms);
540 if (ifa->ifa_dev != in_dev) {
541 WARN_ON(ifa->ifa_dev);
542 in_dev_hold(in_dev);
543 ifa->ifa_dev = in_dev;
544 }
545 if (ipv4_is_loopback(ifa->ifa_local))
546 ifa->ifa_scope = RT_SCOPE_HOST;
547 return inet_insert_ifa(ifa);
548}
549
550/* Caller must hold RCU or RTNL :
551 * We dont take a reference on found in_device
552 */
553struct in_device *inetdev_by_index(struct net *net, int ifindex)
554{
555 struct net_device *dev;
556 struct in_device *in_dev = NULL;
557
558 rcu_read_lock();
559 dev = dev_get_by_index_rcu(net, ifindex);
560 if (dev)
561 in_dev = rcu_dereference_rtnl(dev->ip_ptr);
562 rcu_read_unlock();
563 return in_dev;
564}
565EXPORT_SYMBOL(inetdev_by_index);
566
567/* Called only from RTNL semaphored context. No locks. */
568
569struct in_ifaddr *inet_ifa_byprefix(struct in_device *in_dev, __be32 prefix,
570 __be32 mask)
571{
572 ASSERT_RTNL();
573
574 for_primary_ifa(in_dev) {
575 if (ifa->ifa_mask == mask && inet_ifa_match(prefix, ifa))
576 return ifa;
577 } endfor_ifa(in_dev);
578 return NULL;
579}
580
581static int ip_mc_config(struct sock *sk, bool join, const struct in_ifaddr *ifa)
582{
583 struct ip_mreqn mreq = {
584 .imr_multiaddr.s_addr = ifa->ifa_address,
585 .imr_ifindex = ifa->ifa_dev->dev->ifindex,
586 };
587 int ret;
588
589 ASSERT_RTNL();
590
591 lock_sock(sk);
592 if (join)
593 ret = ip_mc_join_group(sk, &mreq);
594 else
595 ret = ip_mc_leave_group(sk, &mreq);
596 release_sock(sk);
597
598 return ret;
599}
600
601static int inet_rtm_deladdr(struct sk_buff *skb, struct nlmsghdr *nlh,
602 struct netlink_ext_ack *extack)
603{
604 struct net *net = sock_net(skb->sk);
605 struct nlattr *tb[IFA_MAX+1];
606 struct in_device *in_dev;
607 struct ifaddrmsg *ifm;
608 struct in_ifaddr *ifa, **ifap;
609 int err = -EINVAL;
610
611 ASSERT_RTNL();
612
613 err = nlmsg_parse(nlh, sizeof(*ifm), tb, IFA_MAX, ifa_ipv4_policy,
614 extack);
615 if (err < 0)
616 goto errout;
617
618 ifm = nlmsg_data(nlh);
619 in_dev = inetdev_by_index(net, ifm->ifa_index);
620 if (!in_dev) {
621 err = -ENODEV;
622 goto errout;
623 }
624
625 for (ifap = &in_dev->ifa_list; (ifa = *ifap) != NULL;
626 ifap = &ifa->ifa_next) {
627 if (tb[IFA_LOCAL] &&
628 ifa->ifa_local != nla_get_in_addr(tb[IFA_LOCAL]))
629 continue;
630
631 if (tb[IFA_LABEL] && nla_strcmp(tb[IFA_LABEL], ifa->ifa_label))
632 continue;
633
634 if (tb[IFA_ADDRESS] &&
635 (ifm->ifa_prefixlen != ifa->ifa_prefixlen ||
636 !inet_ifa_match(nla_get_in_addr(tb[IFA_ADDRESS]), ifa)))
637 continue;
638
639 if (ipv4_is_multicast(ifa->ifa_address))
640 ip_mc_config(net->ipv4.mc_autojoin_sk, false, ifa);
641 __inet_del_ifa(in_dev, ifap, 1, nlh, NETLINK_CB(skb).portid);
642 return 0;
643 }
644
645 err = -EADDRNOTAVAIL;
646errout:
647 return err;
648}
649
650#define INFINITY_LIFE_TIME 0xFFFFFFFF
651
652static void check_lifetime(struct work_struct *work)
653{
654 unsigned long now, next, next_sec, next_sched;
655 struct in_ifaddr *ifa;
656 struct hlist_node *n;
657 int i;
658
659 now = jiffies;
660 next = round_jiffies_up(now + ADDR_CHECK_FREQUENCY);
661
662 for (i = 0; i < IN4_ADDR_HSIZE; i++) {
663 bool change_needed = false;
664
665 rcu_read_lock();
666 hlist_for_each_entry_rcu(ifa, &inet_addr_lst[i], hash) {
667 unsigned long age;
668
669 if (ifa->ifa_flags & IFA_F_PERMANENT)
670 continue;
671
672 /* We try to batch several events at once. */
673 age = (now - ifa->ifa_tstamp +
674 ADDRCONF_TIMER_FUZZ_MINUS) / HZ;
675
676 if (ifa->ifa_valid_lft != INFINITY_LIFE_TIME &&
677 age >= ifa->ifa_valid_lft) {
678 change_needed = true;
679 } else if (ifa->ifa_preferred_lft ==
680 INFINITY_LIFE_TIME) {
681 continue;
682 } else if (age >= ifa->ifa_preferred_lft) {
683 if (time_before(ifa->ifa_tstamp +
684 ifa->ifa_valid_lft * HZ, next))
685 next = ifa->ifa_tstamp +
686 ifa->ifa_valid_lft * HZ;
687
688 if (!(ifa->ifa_flags & IFA_F_DEPRECATED))
689 change_needed = true;
690 } else if (time_before(ifa->ifa_tstamp +
691 ifa->ifa_preferred_lft * HZ,
692 next)) {
693 next = ifa->ifa_tstamp +
694 ifa->ifa_preferred_lft * HZ;
695 }
696 }
697 rcu_read_unlock();
698 if (!change_needed)
699 continue;
700 rtnl_lock();
701 hlist_for_each_entry_safe(ifa, n, &inet_addr_lst[i], hash) {
702 unsigned long age;
703
704 if (ifa->ifa_flags & IFA_F_PERMANENT)
705 continue;
706
707 /* We try to batch several events at once. */
708 age = (now - ifa->ifa_tstamp +
709 ADDRCONF_TIMER_FUZZ_MINUS) / HZ;
710
711 if (ifa->ifa_valid_lft != INFINITY_LIFE_TIME &&
712 age >= ifa->ifa_valid_lft) {
713 struct in_ifaddr **ifap;
714
715 for (ifap = &ifa->ifa_dev->ifa_list;
716 *ifap != NULL; ifap = &(*ifap)->ifa_next) {
717 if (*ifap == ifa) {
718 inet_del_ifa(ifa->ifa_dev,
719 ifap, 1);
720 break;
721 }
722 }
723 } else if (ifa->ifa_preferred_lft !=
724 INFINITY_LIFE_TIME &&
725 age >= ifa->ifa_preferred_lft &&
726 !(ifa->ifa_flags & IFA_F_DEPRECATED)) {
727 ifa->ifa_flags |= IFA_F_DEPRECATED;
728 rtmsg_ifa(RTM_NEWADDR, ifa, NULL, 0);
729 }
730 }
731 rtnl_unlock();
732 }
733
734 next_sec = round_jiffies_up(next);
735 next_sched = next;
736
737 /* If rounded timeout is accurate enough, accept it. */
738 if (time_before(next_sec, next + ADDRCONF_TIMER_FUZZ))
739 next_sched = next_sec;
740
741 now = jiffies;
742 /* And minimum interval is ADDRCONF_TIMER_FUZZ_MAX. */
743 if (time_before(next_sched, now + ADDRCONF_TIMER_FUZZ_MAX))
744 next_sched = now + ADDRCONF_TIMER_FUZZ_MAX;
745
746 queue_delayed_work(system_power_efficient_wq, &check_lifetime_work,
747 next_sched - now);
748}
749
750static void set_ifa_lifetime(struct in_ifaddr *ifa, __u32 valid_lft,
751 __u32 prefered_lft)
752{
753 unsigned long timeout;
754
755 ifa->ifa_flags &= ~(IFA_F_PERMANENT | IFA_F_DEPRECATED);
756
757 timeout = addrconf_timeout_fixup(valid_lft, HZ);
758 if (addrconf_finite_timeout(timeout))
759 ifa->ifa_valid_lft = timeout;
760 else
761 ifa->ifa_flags |= IFA_F_PERMANENT;
762
763 timeout = addrconf_timeout_fixup(prefered_lft, HZ);
764 if (addrconf_finite_timeout(timeout)) {
765 if (timeout == 0)
766 ifa->ifa_flags |= IFA_F_DEPRECATED;
767 ifa->ifa_preferred_lft = timeout;
768 }
769 ifa->ifa_tstamp = jiffies;
770 if (!ifa->ifa_cstamp)
771 ifa->ifa_cstamp = ifa->ifa_tstamp;
772}
773
774static struct in_ifaddr *rtm_to_ifaddr(struct net *net, struct nlmsghdr *nlh,
775 __u32 *pvalid_lft, __u32 *pprefered_lft)
776{
777 struct nlattr *tb[IFA_MAX+1];
778 struct in_ifaddr *ifa;
779 struct ifaddrmsg *ifm;
780 struct net_device *dev;
781 struct in_device *in_dev;
782 int err;
783
784 err = nlmsg_parse(nlh, sizeof(*ifm), tb, IFA_MAX, ifa_ipv4_policy,
785 NULL);
786 if (err < 0)
787 goto errout;
788
789 ifm = nlmsg_data(nlh);
790 err = -EINVAL;
791 if (ifm->ifa_prefixlen > 32 || !tb[IFA_LOCAL])
792 goto errout;
793
794 dev = __dev_get_by_index(net, ifm->ifa_index);
795 err = -ENODEV;
796 if (!dev)
797 goto errout;
798
799 in_dev = __in_dev_get_rtnl(dev);
800 err = -ENOBUFS;
801 if (!in_dev)
802 goto errout;
803
804 ifa = inet_alloc_ifa();
805 if (!ifa)
806 /*
807 * A potential indev allocation can be left alive, it stays
808 * assigned to its device and is destroy with it.
809 */
810 goto errout;
811
812 ipv4_devconf_setall(in_dev);
813 neigh_parms_data_state_setall(in_dev->arp_parms);
814 in_dev_hold(in_dev);
815
816 if (!tb[IFA_ADDRESS])
817 tb[IFA_ADDRESS] = tb[IFA_LOCAL];
818
819 INIT_HLIST_NODE(&ifa->hash);
820 ifa->ifa_prefixlen = ifm->ifa_prefixlen;
821 ifa->ifa_mask = inet_make_mask(ifm->ifa_prefixlen);
822 ifa->ifa_flags = tb[IFA_FLAGS] ? nla_get_u32(tb[IFA_FLAGS]) :
823 ifm->ifa_flags;
824 ifa->ifa_scope = ifm->ifa_scope;
825 ifa->ifa_dev = in_dev;
826
827 ifa->ifa_local = nla_get_in_addr(tb[IFA_LOCAL]);
828 ifa->ifa_address = nla_get_in_addr(tb[IFA_ADDRESS]);
829
830 if (tb[IFA_BROADCAST])
831 ifa->ifa_broadcast = nla_get_in_addr(tb[IFA_BROADCAST]);
832
833 if (tb[IFA_LABEL])
834 nla_strlcpy(ifa->ifa_label, tb[IFA_LABEL], IFNAMSIZ);
835 else
836 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
837
838 if (tb[IFA_CACHEINFO]) {
839 struct ifa_cacheinfo *ci;
840
841 ci = nla_data(tb[IFA_CACHEINFO]);
842 if (!ci->ifa_valid || ci->ifa_prefered > ci->ifa_valid) {
843 err = -EINVAL;
844 goto errout_free;
845 }
846 *pvalid_lft = ci->ifa_valid;
847 *pprefered_lft = ci->ifa_prefered;
848 }
849
850 return ifa;
851
852errout_free:
853 inet_free_ifa(ifa);
854errout:
855 return ERR_PTR(err);
856}
857
858static struct in_ifaddr *find_matching_ifa(struct in_ifaddr *ifa)
859{
860 struct in_device *in_dev = ifa->ifa_dev;
861 struct in_ifaddr *ifa1, **ifap;
862
863 if (!ifa->ifa_local)
864 return NULL;
865
866 for (ifap = &in_dev->ifa_list; (ifa1 = *ifap) != NULL;
867 ifap = &ifa1->ifa_next) {
868 if (ifa1->ifa_mask == ifa->ifa_mask &&
869 inet_ifa_match(ifa1->ifa_address, ifa) &&
870 ifa1->ifa_local == ifa->ifa_local)
871 return ifa1;
872 }
873 return NULL;
874}
875
876static int inet_rtm_newaddr(struct sk_buff *skb, struct nlmsghdr *nlh,
877 struct netlink_ext_ack *extack)
878{
879 struct net *net = sock_net(skb->sk);
880 struct in_ifaddr *ifa;
881 struct in_ifaddr *ifa_existing;
882 __u32 valid_lft = INFINITY_LIFE_TIME;
883 __u32 prefered_lft = INFINITY_LIFE_TIME;
884
885 ASSERT_RTNL();
886
887 ifa = rtm_to_ifaddr(net, nlh, &valid_lft, &prefered_lft);
888 if (IS_ERR(ifa))
889 return PTR_ERR(ifa);
890
891 ifa_existing = find_matching_ifa(ifa);
892 if (!ifa_existing) {
893 /* It would be best to check for !NLM_F_CREATE here but
894 * userspace already relies on not having to provide this.
895 */
896 set_ifa_lifetime(ifa, valid_lft, prefered_lft);
897 if (ifa->ifa_flags & IFA_F_MCAUTOJOIN) {
898 int ret = ip_mc_config(net->ipv4.mc_autojoin_sk,
899 true, ifa);
900
901 if (ret < 0) {
902 inet_free_ifa(ifa);
903 return ret;
904 }
905 }
906 return __inet_insert_ifa(ifa, nlh, NETLINK_CB(skb).portid,
907 extack);
908 } else {
909 inet_free_ifa(ifa);
910
911 if (nlh->nlmsg_flags & NLM_F_EXCL ||
912 !(nlh->nlmsg_flags & NLM_F_REPLACE))
913 return -EEXIST;
914 ifa = ifa_existing;
915 set_ifa_lifetime(ifa, valid_lft, prefered_lft);
916 cancel_delayed_work(&check_lifetime_work);
917 queue_delayed_work(system_power_efficient_wq,
918 &check_lifetime_work, 0);
919 rtmsg_ifa(RTM_NEWADDR, ifa, nlh, NETLINK_CB(skb).portid);
920 }
921 return 0;
922}
923
924/*
925 * Determine a default network mask, based on the IP address.
926 */
927
928static int inet_abc_len(__be32 addr)
929{
930 int rc = -1; /* Something else, probably a multicast. */
931
932 if (ipv4_is_zeronet(addr))
933 rc = 0;
934 else {
935 __u32 haddr = ntohl(addr);
936
937 if (IN_CLASSA(haddr))
938 rc = 8;
939 else if (IN_CLASSB(haddr))
940 rc = 16;
941 else if (IN_CLASSC(haddr))
942 rc = 24;
943 }
944
945 return rc;
946}
947
948
949int devinet_ioctl(struct net *net, unsigned int cmd, struct ifreq *ifr)
950{
951 struct sockaddr_in sin_orig;
952 struct sockaddr_in *sin = (struct sockaddr_in *)&ifr->ifr_addr;
953 struct in_device *in_dev;
954 struct in_ifaddr **ifap = NULL;
955 struct in_ifaddr *ifa = NULL;
956 struct net_device *dev;
957 char *colon;
958 int ret = -EFAULT;
959 int tryaddrmatch = 0;
960
961 ifr->ifr_name[IFNAMSIZ - 1] = 0;
962
963 /* save original address for comparison */
964 memcpy(&sin_orig, sin, sizeof(*sin));
965
966 colon = strchr(ifr->ifr_name, ':');
967 if (colon)
968 *colon = 0;
969
970 dev_load(net, ifr->ifr_name);
971
972 switch (cmd) {
973 case SIOCGIFADDR: /* Get interface address */
974 case SIOCGIFBRDADDR: /* Get the broadcast address */
975 case SIOCGIFDSTADDR: /* Get the destination address */
976 case SIOCGIFNETMASK: /* Get the netmask for the interface */
977 /* Note that these ioctls will not sleep,
978 so that we do not impose a lock.
979 One day we will be forced to put shlock here (I mean SMP)
980 */
981 tryaddrmatch = (sin_orig.sin_family == AF_INET);
982 memset(sin, 0, sizeof(*sin));
983 sin->sin_family = AF_INET;
984 break;
985
986 case SIOCSIFFLAGS:
987 ret = -EPERM;
988 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
989 goto out;
990 break;
991 case SIOCSIFADDR: /* Set interface address (and family) */
992 case SIOCSIFBRDADDR: /* Set the broadcast address */
993 case SIOCSIFDSTADDR: /* Set the destination address */
994 case SIOCSIFNETMASK: /* Set the netmask for the interface */
995 ret = -EPERM;
996 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
997 goto out;
998 ret = -EINVAL;
999 if (sin->sin_family != AF_INET)
1000 goto out;
1001 break;
1002 default:
1003 ret = -EINVAL;
1004 goto out;
1005 }
1006
1007 rtnl_lock();
1008
1009 ret = -ENODEV;
1010 dev = __dev_get_by_name(net, ifr->ifr_name);
1011 if (!dev)
1012 goto done;
1013
1014 if (colon)
1015 *colon = ':';
1016
1017 in_dev = __in_dev_get_rtnl(dev);
1018 if (in_dev) {
1019 if (tryaddrmatch) {
1020 /* Matthias Andree */
1021 /* compare label and address (4.4BSD style) */
1022 /* note: we only do this for a limited set of ioctls
1023 and only if the original address family was AF_INET.
1024 This is checked above. */
1025 for (ifap = &in_dev->ifa_list; (ifa = *ifap) != NULL;
1026 ifap = &ifa->ifa_next) {
1027 if (!strcmp(ifr->ifr_name, ifa->ifa_label) &&
1028 sin_orig.sin_addr.s_addr ==
1029 ifa->ifa_local) {
1030 break; /* found */
1031 }
1032 }
1033 }
1034 /* we didn't get a match, maybe the application is
1035 4.3BSD-style and passed in junk so we fall back to
1036 comparing just the label */
1037 if (!ifa) {
1038 for (ifap = &in_dev->ifa_list; (ifa = *ifap) != NULL;
1039 ifap = &ifa->ifa_next)
1040 if (!strcmp(ifr->ifr_name, ifa->ifa_label))
1041 break;
1042 }
1043 }
1044
1045 ret = -EADDRNOTAVAIL;
1046 if (!ifa && cmd != SIOCSIFADDR && cmd != SIOCSIFFLAGS)
1047 goto done;
1048
1049 switch (cmd) {
1050 case SIOCGIFADDR: /* Get interface address */
1051 ret = 0;
1052 sin->sin_addr.s_addr = ifa->ifa_local;
1053 break;
1054
1055 case SIOCGIFBRDADDR: /* Get the broadcast address */
1056 ret = 0;
1057 sin->sin_addr.s_addr = ifa->ifa_broadcast;
1058 break;
1059
1060 case SIOCGIFDSTADDR: /* Get the destination address */
1061 ret = 0;
1062 sin->sin_addr.s_addr = ifa->ifa_address;
1063 break;
1064
1065 case SIOCGIFNETMASK: /* Get the netmask for the interface */
1066 ret = 0;
1067 sin->sin_addr.s_addr = ifa->ifa_mask;
1068 break;
1069
1070 case SIOCSIFFLAGS:
1071 if (colon) {
1072 ret = -EADDRNOTAVAIL;
1073 if (!ifa)
1074 break;
1075 ret = 0;
1076 if (!(ifr->ifr_flags & IFF_UP))
1077 inet_del_ifa(in_dev, ifap, 1);
1078 break;
1079 }
1080 ret = dev_change_flags(dev, ifr->ifr_flags);
1081 break;
1082
1083 case SIOCSIFADDR: /* Set interface address (and family) */
1084 ret = -EINVAL;
1085 if (inet_abc_len(sin->sin_addr.s_addr) < 0)
1086 break;
1087
1088 if (!ifa) {
1089 ret = -ENOBUFS;
1090 ifa = inet_alloc_ifa();
1091 if (!ifa)
1092 break;
1093 INIT_HLIST_NODE(&ifa->hash);
1094 if (colon)
1095 memcpy(ifa->ifa_label, ifr->ifr_name, IFNAMSIZ);
1096 else
1097 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
1098 } else {
1099 ret = 0;
1100 if (ifa->ifa_local == sin->sin_addr.s_addr)
1101 break;
1102 inet_del_ifa(in_dev, ifap, 0);
1103 ifa->ifa_broadcast = 0;
1104 ifa->ifa_scope = 0;
1105 }
1106
1107 ifa->ifa_address = ifa->ifa_local = sin->sin_addr.s_addr;
1108
1109 if (!(dev->flags & IFF_POINTOPOINT)) {
1110 ifa->ifa_prefixlen = inet_abc_len(ifa->ifa_address);
1111 ifa->ifa_mask = inet_make_mask(ifa->ifa_prefixlen);
1112 if ((dev->flags & IFF_BROADCAST) &&
1113 ifa->ifa_prefixlen < 31)
1114 ifa->ifa_broadcast = ifa->ifa_address |
1115 ~ifa->ifa_mask;
1116 } else {
1117 ifa->ifa_prefixlen = 32;
1118 ifa->ifa_mask = inet_make_mask(32);
1119 }
1120 set_ifa_lifetime(ifa, INFINITY_LIFE_TIME, INFINITY_LIFE_TIME);
1121 ret = inet_set_ifa(dev, ifa);
1122 break;
1123
1124 case SIOCSIFBRDADDR: /* Set the broadcast address */
1125 ret = 0;
1126 if (ifa->ifa_broadcast != sin->sin_addr.s_addr) {
1127 inet_del_ifa(in_dev, ifap, 0);
1128 ifa->ifa_broadcast = sin->sin_addr.s_addr;
1129 inet_insert_ifa(ifa);
1130 }
1131 break;
1132
1133 case SIOCSIFDSTADDR: /* Set the destination address */
1134 ret = 0;
1135 if (ifa->ifa_address == sin->sin_addr.s_addr)
1136 break;
1137 ret = -EINVAL;
1138 if (inet_abc_len(sin->sin_addr.s_addr) < 0)
1139 break;
1140 ret = 0;
1141 inet_del_ifa(in_dev, ifap, 0);
1142 ifa->ifa_address = sin->sin_addr.s_addr;
1143 inet_insert_ifa(ifa);
1144 break;
1145
1146 case SIOCSIFNETMASK: /* Set the netmask for the interface */
1147
1148 /*
1149 * The mask we set must be legal.
1150 */
1151 ret = -EINVAL;
1152 if (bad_mask(sin->sin_addr.s_addr, 0))
1153 break;
1154 ret = 0;
1155 if (ifa->ifa_mask != sin->sin_addr.s_addr) {
1156 __be32 old_mask = ifa->ifa_mask;
1157 inet_del_ifa(in_dev, ifap, 0);
1158 ifa->ifa_mask = sin->sin_addr.s_addr;
1159 ifa->ifa_prefixlen = inet_mask_len(ifa->ifa_mask);
1160
1161 /* See if current broadcast address matches
1162 * with current netmask, then recalculate
1163 * the broadcast address. Otherwise it's a
1164 * funny address, so don't touch it since
1165 * the user seems to know what (s)he's doing...
1166 */
1167 if ((dev->flags & IFF_BROADCAST) &&
1168 (ifa->ifa_prefixlen < 31) &&
1169 (ifa->ifa_broadcast ==
1170 (ifa->ifa_local|~old_mask))) {
1171 ifa->ifa_broadcast = (ifa->ifa_local |
1172 ~sin->sin_addr.s_addr);
1173 }
1174 inet_insert_ifa(ifa);
1175 }
1176 break;
1177 }
1178done:
1179 rtnl_unlock();
1180out:
1181 return ret;
1182}
1183
1184static int inet_gifconf(struct net_device *dev, char __user *buf, int len, int size)
1185{
1186 struct in_device *in_dev = __in_dev_get_rtnl(dev);
1187 struct in_ifaddr *ifa;
1188 struct ifreq ifr;
1189 int done = 0;
1190
1191 if (WARN_ON(size > sizeof(struct ifreq)))
1192 goto out;
1193
1194 if (!in_dev)
1195 goto out;
1196
1197 for (ifa = in_dev->ifa_list; ifa; ifa = ifa->ifa_next) {
1198 if (!buf) {
1199 done += size;
1200 continue;
1201 }
1202 if (len < size)
1203 break;
1204 memset(&ifr, 0, sizeof(struct ifreq));
1205 strcpy(ifr.ifr_name, ifa->ifa_label);
1206
1207 (*(struct sockaddr_in *)&ifr.ifr_addr).sin_family = AF_INET;
1208 (*(struct sockaddr_in *)&ifr.ifr_addr).sin_addr.s_addr =
1209 ifa->ifa_local;
1210
1211 if (copy_to_user(buf + done, &ifr, size)) {
1212 done = -EFAULT;
1213 break;
1214 }
1215 len -= size;
1216 done += size;
1217 }
1218out:
1219 return done;
1220}
1221
1222static __be32 in_dev_select_addr(const struct in_device *in_dev,
1223 int scope)
1224{
1225 for_primary_ifa(in_dev) {
1226 if (ifa->ifa_scope != RT_SCOPE_LINK &&
1227 ifa->ifa_scope <= scope)
1228 return ifa->ifa_local;
1229 } endfor_ifa(in_dev);
1230
1231 return 0;
1232}
1233
1234__be32 inet_select_addr(const struct net_device *dev, __be32 dst, int scope)
1235{
1236 __be32 addr = 0;
1237 struct in_device *in_dev;
1238 struct net *net = dev_net(dev);
1239 int master_idx;
1240
1241 rcu_read_lock();
1242 in_dev = __in_dev_get_rcu(dev);
1243 if (!in_dev)
1244 goto no_in_dev;
1245
1246 for_primary_ifa(in_dev) {
1247 if (ifa->ifa_scope > scope)
1248 continue;
1249 if (!dst || inet_ifa_match(dst, ifa)) {
1250 addr = ifa->ifa_local;
1251 break;
1252 }
1253 if (!addr)
1254 addr = ifa->ifa_local;
1255 } endfor_ifa(in_dev);
1256
1257 if (addr)
1258 goto out_unlock;
1259no_in_dev:
1260 master_idx = l3mdev_master_ifindex_rcu(dev);
1261
1262 /* For VRFs, the VRF device takes the place of the loopback device,
1263 * with addresses on it being preferred. Note in such cases the
1264 * loopback device will be among the devices that fail the master_idx
1265 * equality check in the loop below.
1266 */
1267 if (master_idx &&
1268 (dev = dev_get_by_index_rcu(net, master_idx)) &&
1269 (in_dev = __in_dev_get_rcu(dev))) {
1270 addr = in_dev_select_addr(in_dev, scope);
1271 if (addr)
1272 goto out_unlock;
1273 }
1274
1275 /* Not loopback addresses on loopback should be preferred
1276 in this case. It is important that lo is the first interface
1277 in dev_base list.
1278 */
1279 for_each_netdev_rcu(net, dev) {
1280 if (l3mdev_master_ifindex_rcu(dev) != master_idx)
1281 continue;
1282
1283 in_dev = __in_dev_get_rcu(dev);
1284 if (!in_dev)
1285 continue;
1286
1287 addr = in_dev_select_addr(in_dev, scope);
1288 if (addr)
1289 goto out_unlock;
1290 }
1291out_unlock:
1292 rcu_read_unlock();
1293 return addr;
1294}
1295EXPORT_SYMBOL(inet_select_addr);
1296
1297static __be32 confirm_addr_indev(struct in_device *in_dev, __be32 dst,
1298 __be32 local, int scope)
1299{
1300 int same = 0;
1301 __be32 addr = 0;
1302
1303 for_ifa(in_dev) {
1304 if (!addr &&
1305 (local == ifa->ifa_local || !local) &&
1306 ifa->ifa_scope <= scope) {
1307 addr = ifa->ifa_local;
1308 if (same)
1309 break;
1310 }
1311 if (!same) {
1312 same = (!local || inet_ifa_match(local, ifa)) &&
1313 (!dst || inet_ifa_match(dst, ifa));
1314 if (same && addr) {
1315 if (local || !dst)
1316 break;
1317 /* Is the selected addr into dst subnet? */
1318 if (inet_ifa_match(addr, ifa))
1319 break;
1320 /* No, then can we use new local src? */
1321 if (ifa->ifa_scope <= scope) {
1322 addr = ifa->ifa_local;
1323 break;
1324 }
1325 /* search for large dst subnet for addr */
1326 same = 0;
1327 }
1328 }
1329 } endfor_ifa(in_dev);
1330
1331 return same ? addr : 0;
1332}
1333
1334/*
1335 * Confirm that local IP address exists using wildcards:
1336 * - net: netns to check, cannot be NULL
1337 * - in_dev: only on this interface, NULL=any interface
1338 * - dst: only in the same subnet as dst, 0=any dst
1339 * - local: address, 0=autoselect the local address
1340 * - scope: maximum allowed scope value for the local address
1341 */
1342__be32 inet_confirm_addr(struct net *net, struct in_device *in_dev,
1343 __be32 dst, __be32 local, int scope)
1344{
1345 __be32 addr = 0;
1346 struct net_device *dev;
1347
1348 if (in_dev)
1349 return confirm_addr_indev(in_dev, dst, local, scope);
1350
1351 rcu_read_lock();
1352 for_each_netdev_rcu(net, dev) {
1353 in_dev = __in_dev_get_rcu(dev);
1354 if (in_dev) {
1355 addr = confirm_addr_indev(in_dev, dst, local, scope);
1356 if (addr)
1357 break;
1358 }
1359 }
1360 rcu_read_unlock();
1361
1362 return addr;
1363}
1364EXPORT_SYMBOL(inet_confirm_addr);
1365
1366/*
1367 * Device notifier
1368 */
1369
1370int register_inetaddr_notifier(struct notifier_block *nb)
1371{
1372 return blocking_notifier_chain_register(&inetaddr_chain, nb);
1373}
1374EXPORT_SYMBOL(register_inetaddr_notifier);
1375
1376int unregister_inetaddr_notifier(struct notifier_block *nb)
1377{
1378 return blocking_notifier_chain_unregister(&inetaddr_chain, nb);
1379}
1380EXPORT_SYMBOL(unregister_inetaddr_notifier);
1381
1382int register_inetaddr_validator_notifier(struct notifier_block *nb)
1383{
1384 return blocking_notifier_chain_register(&inetaddr_validator_chain, nb);
1385}
1386EXPORT_SYMBOL(register_inetaddr_validator_notifier);
1387
1388int unregister_inetaddr_validator_notifier(struct notifier_block *nb)
1389{
1390 return blocking_notifier_chain_unregister(&inetaddr_validator_chain,
1391 nb);
1392}
1393EXPORT_SYMBOL(unregister_inetaddr_validator_notifier);
1394
1395/* Rename ifa_labels for a device name change. Make some effort to preserve
1396 * existing alias numbering and to create unique labels if possible.
1397*/
1398static void inetdev_changename(struct net_device *dev, struct in_device *in_dev)
1399{
1400 struct in_ifaddr *ifa;
1401 int named = 0;
1402
1403 for (ifa = in_dev->ifa_list; ifa; ifa = ifa->ifa_next) {
1404 char old[IFNAMSIZ], *dot;
1405
1406 memcpy(old, ifa->ifa_label, IFNAMSIZ);
1407 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
1408 if (named++ == 0)
1409 goto skip;
1410 dot = strchr(old, ':');
1411 if (!dot) {
1412 sprintf(old, ":%d", named);
1413 dot = old;
1414 }
1415 if (strlen(dot) + strlen(dev->name) < IFNAMSIZ)
1416 strcat(ifa->ifa_label, dot);
1417 else
1418 strcpy(ifa->ifa_label + (IFNAMSIZ - strlen(dot) - 1), dot);
1419skip:
1420 rtmsg_ifa(RTM_NEWADDR, ifa, NULL, 0);
1421 }
1422}
1423
1424static bool inetdev_valid_mtu(unsigned int mtu)
1425{
1426 return mtu >= IPV4_MIN_MTU;
1427}
1428
1429static void inetdev_send_gratuitous_arp(struct net_device *dev,
1430 struct in_device *in_dev)
1431
1432{
1433 struct in_ifaddr *ifa;
1434
1435 for (ifa = in_dev->ifa_list; ifa;
1436 ifa = ifa->ifa_next) {
1437 arp_send(ARPOP_REQUEST, ETH_P_ARP,
1438 ifa->ifa_local, dev,
1439 ifa->ifa_local, NULL,
1440 dev->dev_addr, NULL);
1441 }
1442}
1443
1444/* Called only under RTNL semaphore */
1445
1446static int inetdev_event(struct notifier_block *this, unsigned long event,
1447 void *ptr)
1448{
1449 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
1450 struct in_device *in_dev = __in_dev_get_rtnl(dev);
1451
1452 ASSERT_RTNL();
1453
1454 if (!in_dev) {
1455 if (event == NETDEV_REGISTER) {
1456 in_dev = inetdev_init(dev);
1457 if (IS_ERR(in_dev))
1458 return notifier_from_errno(PTR_ERR(in_dev));
1459 if (dev->flags & IFF_LOOPBACK) {
1460 IN_DEV_CONF_SET(in_dev, NOXFRM, 1);
1461 IN_DEV_CONF_SET(in_dev, NOPOLICY, 1);
1462 }
1463 } else if (event == NETDEV_CHANGEMTU) {
1464 /* Re-enabling IP */
1465 if (inetdev_valid_mtu(dev->mtu))
1466 in_dev = inetdev_init(dev);
1467 }
1468 goto out;
1469 }
1470
1471 switch (event) {
1472 case NETDEV_REGISTER:
1473 pr_debug("%s: bug\n", __func__);
1474 RCU_INIT_POINTER(dev->ip_ptr, NULL);
1475 break;
1476 case NETDEV_UP:
1477 if (!inetdev_valid_mtu(dev->mtu))
1478 break;
1479 if (dev->flags & IFF_LOOPBACK) {
1480 struct in_ifaddr *ifa = inet_alloc_ifa();
1481
1482 if (ifa) {
1483 INIT_HLIST_NODE(&ifa->hash);
1484 ifa->ifa_local =
1485 ifa->ifa_address = htonl(INADDR_LOOPBACK);
1486 ifa->ifa_prefixlen = 8;
1487 ifa->ifa_mask = inet_make_mask(8);
1488 in_dev_hold(in_dev);
1489 ifa->ifa_dev = in_dev;
1490 ifa->ifa_scope = RT_SCOPE_HOST;
1491 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
1492 set_ifa_lifetime(ifa, INFINITY_LIFE_TIME,
1493 INFINITY_LIFE_TIME);
1494 ipv4_devconf_setall(in_dev);
1495 neigh_parms_data_state_setall(in_dev->arp_parms);
1496 inet_insert_ifa(ifa);
1497 }
1498 }
1499 ip_mc_up(in_dev);
1500 /* fall through */
1501 case NETDEV_CHANGEADDR:
1502 if (!IN_DEV_ARP_NOTIFY(in_dev))
1503 break;
1504 /* fall through */
1505 case NETDEV_NOTIFY_PEERS:
1506 /* Send gratuitous ARP to notify of link change */
1507 inetdev_send_gratuitous_arp(dev, in_dev);
1508 break;
1509 case NETDEV_DOWN:
1510 ip_mc_down(in_dev);
1511 break;
1512 case NETDEV_PRE_TYPE_CHANGE:
1513 ip_mc_unmap(in_dev);
1514 break;
1515 case NETDEV_POST_TYPE_CHANGE:
1516 ip_mc_remap(in_dev);
1517 break;
1518 case NETDEV_CHANGEMTU:
1519 if (inetdev_valid_mtu(dev->mtu))
1520 break;
1521 /* disable IP when MTU is not enough */
1522 /* fall through */
1523 case NETDEV_UNREGISTER:
1524 inetdev_destroy(in_dev);
1525 break;
1526 case NETDEV_CHANGENAME:
1527 /* Do not notify about label change, this event is
1528 * not interesting to applications using netlink.
1529 */
1530 inetdev_changename(dev, in_dev);
1531
1532 devinet_sysctl_unregister(in_dev);
1533 devinet_sysctl_register(in_dev);
1534 break;
1535 }
1536out:
1537 return NOTIFY_DONE;
1538}
1539
1540static struct notifier_block ip_netdev_notifier = {
1541 .notifier_call = inetdev_event,
1542};
1543
1544static size_t inet_nlmsg_size(void)
1545{
1546 return NLMSG_ALIGN(sizeof(struct ifaddrmsg))
1547 + nla_total_size(4) /* IFA_ADDRESS */
1548 + nla_total_size(4) /* IFA_LOCAL */
1549 + nla_total_size(4) /* IFA_BROADCAST */
1550 + nla_total_size(IFNAMSIZ) /* IFA_LABEL */
1551 + nla_total_size(4) /* IFA_FLAGS */
1552 + nla_total_size(sizeof(struct ifa_cacheinfo)); /* IFA_CACHEINFO */
1553}
1554
1555static inline u32 cstamp_delta(unsigned long cstamp)
1556{
1557 return (cstamp - INITIAL_JIFFIES) * 100UL / HZ;
1558}
1559
1560static int put_cacheinfo(struct sk_buff *skb, unsigned long cstamp,
1561 unsigned long tstamp, u32 preferred, u32 valid)
1562{
1563 struct ifa_cacheinfo ci;
1564
1565 ci.cstamp = cstamp_delta(cstamp);
1566 ci.tstamp = cstamp_delta(tstamp);
1567 ci.ifa_prefered = preferred;
1568 ci.ifa_valid = valid;
1569
1570 return nla_put(skb, IFA_CACHEINFO, sizeof(ci), &ci);
1571}
1572
1573static int inet_fill_ifaddr(struct sk_buff *skb, struct in_ifaddr *ifa,
1574 u32 portid, u32 seq, int event, unsigned int flags)
1575{
1576 struct ifaddrmsg *ifm;
1577 struct nlmsghdr *nlh;
1578 u32 preferred, valid;
1579
1580 nlh = nlmsg_put(skb, portid, seq, event, sizeof(*ifm), flags);
1581 if (!nlh)
1582 return -EMSGSIZE;
1583
1584 ifm = nlmsg_data(nlh);
1585 ifm->ifa_family = AF_INET;
1586 ifm->ifa_prefixlen = ifa->ifa_prefixlen;
1587 ifm->ifa_flags = ifa->ifa_flags;
1588 ifm->ifa_scope = ifa->ifa_scope;
1589 ifm->ifa_index = ifa->ifa_dev->dev->ifindex;
1590
1591 if (!(ifm->ifa_flags & IFA_F_PERMANENT)) {
1592 preferred = ifa->ifa_preferred_lft;
1593 valid = ifa->ifa_valid_lft;
1594 if (preferred != INFINITY_LIFE_TIME) {
1595 long tval = (jiffies - ifa->ifa_tstamp) / HZ;
1596
1597 if (preferred > tval)
1598 preferred -= tval;
1599 else
1600 preferred = 0;
1601 if (valid != INFINITY_LIFE_TIME) {
1602 if (valid > tval)
1603 valid -= tval;
1604 else
1605 valid = 0;
1606 }
1607 }
1608 } else {
1609 preferred = INFINITY_LIFE_TIME;
1610 valid = INFINITY_LIFE_TIME;
1611 }
1612 if ((ifa->ifa_address &&
1613 nla_put_in_addr(skb, IFA_ADDRESS, ifa->ifa_address)) ||
1614 (ifa->ifa_local &&
1615 nla_put_in_addr(skb, IFA_LOCAL, ifa->ifa_local)) ||
1616 (ifa->ifa_broadcast &&
1617 nla_put_in_addr(skb, IFA_BROADCAST, ifa->ifa_broadcast)) ||
1618 (ifa->ifa_label[0] &&
1619 nla_put_string(skb, IFA_LABEL, ifa->ifa_label)) ||
1620 nla_put_u32(skb, IFA_FLAGS, ifa->ifa_flags) ||
1621 put_cacheinfo(skb, ifa->ifa_cstamp, ifa->ifa_tstamp,
1622 preferred, valid))
1623 goto nla_put_failure;
1624
1625 nlmsg_end(skb, nlh);
1626 return 0;
1627
1628nla_put_failure:
1629 nlmsg_cancel(skb, nlh);
1630 return -EMSGSIZE;
1631}
1632
1633static int inet_dump_ifaddr(struct sk_buff *skb, struct netlink_callback *cb)
1634{
1635 struct net *net = sock_net(skb->sk);
1636 int h, s_h;
1637 int idx, s_idx;
1638 int ip_idx, s_ip_idx;
1639 struct net_device *dev;
1640 struct in_device *in_dev;
1641 struct in_ifaddr *ifa;
1642 struct hlist_head *head;
1643
1644 s_h = cb->args[0];
1645 s_idx = idx = cb->args[1];
1646 s_ip_idx = ip_idx = cb->args[2];
1647
1648 for (h = s_h; h < NETDEV_HASHENTRIES; h++, s_idx = 0) {
1649 idx = 0;
1650 head = &net->dev_index_head[h];
1651 rcu_read_lock();
1652 cb->seq = atomic_read(&net->ipv4.dev_addr_genid) ^
1653 net->dev_base_seq;
1654 hlist_for_each_entry_rcu(dev, head, index_hlist) {
1655 if (idx < s_idx)
1656 goto cont;
1657 if (h > s_h || idx > s_idx)
1658 s_ip_idx = 0;
1659 in_dev = __in_dev_get_rcu(dev);
1660 if (!in_dev)
1661 goto cont;
1662
1663 for (ifa = in_dev->ifa_list, ip_idx = 0; ifa;
1664 ifa = ifa->ifa_next, ip_idx++) {
1665 if (ip_idx < s_ip_idx)
1666 continue;
1667 if (inet_fill_ifaddr(skb, ifa,
1668 NETLINK_CB(cb->skb).portid,
1669 cb->nlh->nlmsg_seq,
1670 RTM_NEWADDR, NLM_F_MULTI) < 0) {
1671 rcu_read_unlock();
1672 goto done;
1673 }
1674 nl_dump_check_consistent(cb, nlmsg_hdr(skb));
1675 }
1676cont:
1677 idx++;
1678 }
1679 rcu_read_unlock();
1680 }
1681
1682done:
1683 cb->args[0] = h;
1684 cb->args[1] = idx;
1685 cb->args[2] = ip_idx;
1686
1687 return skb->len;
1688}
1689
1690static void rtmsg_ifa(int event, struct in_ifaddr *ifa, struct nlmsghdr *nlh,
1691 u32 portid)
1692{
1693 struct sk_buff *skb;
1694 u32 seq = nlh ? nlh->nlmsg_seq : 0;
1695 int err = -ENOBUFS;
1696 struct net *net;
1697
1698 net = dev_net(ifa->ifa_dev->dev);
1699 skb = nlmsg_new(inet_nlmsg_size(), GFP_KERNEL);
1700 if (!skb)
1701 goto errout;
1702
1703 err = inet_fill_ifaddr(skb, ifa, portid, seq, event, 0);
1704 if (err < 0) {
1705 /* -EMSGSIZE implies BUG in inet_nlmsg_size() */
1706 WARN_ON(err == -EMSGSIZE);
1707 kfree_skb(skb);
1708 goto errout;
1709 }
1710 rtnl_notify(skb, net, portid, RTNLGRP_IPV4_IFADDR, nlh, GFP_KERNEL);
1711 return;
1712errout:
1713 if (err < 0)
1714 rtnl_set_sk_err(net, RTNLGRP_IPV4_IFADDR, err);
1715}
1716
1717static size_t inet_get_link_af_size(const struct net_device *dev,
1718 u32 ext_filter_mask)
1719{
1720 struct in_device *in_dev = rcu_dereference_rtnl(dev->ip_ptr);
1721
1722 if (!in_dev)
1723 return 0;
1724
1725 return nla_total_size(IPV4_DEVCONF_MAX * 4); /* IFLA_INET_CONF */
1726}
1727
1728static int inet_fill_link_af(struct sk_buff *skb, const struct net_device *dev,
1729 u32 ext_filter_mask)
1730{
1731 struct in_device *in_dev = rcu_dereference_rtnl(dev->ip_ptr);
1732 struct nlattr *nla;
1733 int i;
1734
1735 if (!in_dev)
1736 return -ENODATA;
1737
1738 nla = nla_reserve(skb, IFLA_INET_CONF, IPV4_DEVCONF_MAX * 4);
1739 if (!nla)
1740 return -EMSGSIZE;
1741
1742 for (i = 0; i < IPV4_DEVCONF_MAX; i++)
1743 ((u32 *) nla_data(nla))[i] = in_dev->cnf.data[i];
1744
1745 return 0;
1746}
1747
1748static const struct nla_policy inet_af_policy[IFLA_INET_MAX+1] = {
1749 [IFLA_INET_CONF] = { .type = NLA_NESTED },
1750};
1751
1752static int inet_validate_link_af(const struct net_device *dev,
1753 const struct nlattr *nla)
1754{
1755 struct nlattr *a, *tb[IFLA_INET_MAX+1];
1756 int err, rem;
1757
1758 if (dev && !__in_dev_get_rcu(dev))
1759 return -EAFNOSUPPORT;
1760
1761 err = nla_parse_nested(tb, IFLA_INET_MAX, nla, inet_af_policy, NULL);
1762 if (err < 0)
1763 return err;
1764
1765 if (tb[IFLA_INET_CONF]) {
1766 nla_for_each_nested(a, tb[IFLA_INET_CONF], rem) {
1767 int cfgid = nla_type(a);
1768
1769 if (nla_len(a) < 4)
1770 return -EINVAL;
1771
1772 if (cfgid <= 0 || cfgid > IPV4_DEVCONF_MAX)
1773 return -EINVAL;
1774 }
1775 }
1776
1777 return 0;
1778}
1779
1780static int inet_set_link_af(struct net_device *dev, const struct nlattr *nla)
1781{
1782 struct in_device *in_dev = __in_dev_get_rcu(dev);
1783 struct nlattr *a, *tb[IFLA_INET_MAX+1];
1784 int rem;
1785
1786 if (!in_dev)
1787 return -EAFNOSUPPORT;
1788
1789 if (nla_parse_nested(tb, IFLA_INET_MAX, nla, NULL, NULL) < 0)
1790 BUG();
1791
1792 if (tb[IFLA_INET_CONF]) {
1793 nla_for_each_nested(a, tb[IFLA_INET_CONF], rem)
1794 ipv4_devconf_set(in_dev, nla_type(a), nla_get_u32(a));
1795 }
1796
1797 return 0;
1798}
1799
1800static int inet_netconf_msgsize_devconf(int type)
1801{
1802 int size = NLMSG_ALIGN(sizeof(struct netconfmsg))
1803 + nla_total_size(4); /* NETCONFA_IFINDEX */
1804 bool all = false;
1805
1806 if (type == NETCONFA_ALL)
1807 all = true;
1808
1809 if (all || type == NETCONFA_FORWARDING)
1810 size += nla_total_size(4);
1811 if (all || type == NETCONFA_RP_FILTER)
1812 size += nla_total_size(4);
1813 if (all || type == NETCONFA_MC_FORWARDING)
1814 size += nla_total_size(4);
1815 if (all || type == NETCONFA_PROXY_NEIGH)
1816 size += nla_total_size(4);
1817 if (all || type == NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN)
1818 size += nla_total_size(4);
1819
1820 return size;
1821}
1822
1823static int inet_netconf_fill_devconf(struct sk_buff *skb, int ifindex,
1824 struct ipv4_devconf *devconf, u32 portid,
1825 u32 seq, int event, unsigned int flags,
1826 int type)
1827{
1828 struct nlmsghdr *nlh;
1829 struct netconfmsg *ncm;
1830 bool all = false;
1831
1832 nlh = nlmsg_put(skb, portid, seq, event, sizeof(struct netconfmsg),
1833 flags);
1834 if (!nlh)
1835 return -EMSGSIZE;
1836
1837 if (type == NETCONFA_ALL)
1838 all = true;
1839
1840 ncm = nlmsg_data(nlh);
1841 ncm->ncm_family = AF_INET;
1842
1843 if (nla_put_s32(skb, NETCONFA_IFINDEX, ifindex) < 0)
1844 goto nla_put_failure;
1845
1846 if (!devconf)
1847 goto out;
1848
1849 if ((all || type == NETCONFA_FORWARDING) &&
1850 nla_put_s32(skb, NETCONFA_FORWARDING,
1851 IPV4_DEVCONF(*devconf, FORWARDING)) < 0)
1852 goto nla_put_failure;
1853 if ((all || type == NETCONFA_RP_FILTER) &&
1854 nla_put_s32(skb, NETCONFA_RP_FILTER,
1855 IPV4_DEVCONF(*devconf, RP_FILTER)) < 0)
1856 goto nla_put_failure;
1857 if ((all || type == NETCONFA_MC_FORWARDING) &&
1858 nla_put_s32(skb, NETCONFA_MC_FORWARDING,
1859 IPV4_DEVCONF(*devconf, MC_FORWARDING)) < 0)
1860 goto nla_put_failure;
1861 if ((all || type == NETCONFA_PROXY_NEIGH) &&
1862 nla_put_s32(skb, NETCONFA_PROXY_NEIGH,
1863 IPV4_DEVCONF(*devconf, PROXY_ARP)) < 0)
1864 goto nla_put_failure;
1865 if ((all || type == NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN) &&
1866 nla_put_s32(skb, NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN,
1867 IPV4_DEVCONF(*devconf, IGNORE_ROUTES_WITH_LINKDOWN)) < 0)
1868 goto nla_put_failure;
1869
1870out:
1871 nlmsg_end(skb, nlh);
1872 return 0;
1873
1874nla_put_failure:
1875 nlmsg_cancel(skb, nlh);
1876 return -EMSGSIZE;
1877}
1878
1879void inet_netconf_notify_devconf(struct net *net, int event, int type,
1880 int ifindex, struct ipv4_devconf *devconf)
1881{
1882 struct sk_buff *skb;
1883 int err = -ENOBUFS;
1884
1885 skb = nlmsg_new(inet_netconf_msgsize_devconf(type), GFP_KERNEL);
1886 if (!skb)
1887 goto errout;
1888
1889 err = inet_netconf_fill_devconf(skb, ifindex, devconf, 0, 0,
1890 event, 0, type);
1891 if (err < 0) {
1892 /* -EMSGSIZE implies BUG in inet_netconf_msgsize_devconf() */
1893 WARN_ON(err == -EMSGSIZE);
1894 kfree_skb(skb);
1895 goto errout;
1896 }
1897 rtnl_notify(skb, net, 0, RTNLGRP_IPV4_NETCONF, NULL, GFP_KERNEL);
1898 return;
1899errout:
1900 if (err < 0)
1901 rtnl_set_sk_err(net, RTNLGRP_IPV4_NETCONF, err);
1902}
1903
1904static const struct nla_policy devconf_ipv4_policy[NETCONFA_MAX+1] = {
1905 [NETCONFA_IFINDEX] = { .len = sizeof(int) },
1906 [NETCONFA_FORWARDING] = { .len = sizeof(int) },
1907 [NETCONFA_RP_FILTER] = { .len = sizeof(int) },
1908 [NETCONFA_PROXY_NEIGH] = { .len = sizeof(int) },
1909 [NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN] = { .len = sizeof(int) },
1910};
1911
1912static int inet_netconf_get_devconf(struct sk_buff *in_skb,
1913 struct nlmsghdr *nlh,
1914 struct netlink_ext_ack *extack)
1915{
1916 struct net *net = sock_net(in_skb->sk);
1917 struct nlattr *tb[NETCONFA_MAX+1];
1918 struct netconfmsg *ncm;
1919 struct sk_buff *skb;
1920 struct ipv4_devconf *devconf;
1921 struct in_device *in_dev;
1922 struct net_device *dev;
1923 int ifindex;
1924 int err;
1925
1926 err = nlmsg_parse(nlh, sizeof(*ncm), tb, NETCONFA_MAX,
1927 devconf_ipv4_policy, extack);
1928 if (err < 0)
1929 goto errout;
1930
1931 err = -EINVAL;
1932 if (!tb[NETCONFA_IFINDEX])
1933 goto errout;
1934
1935 ifindex = nla_get_s32(tb[NETCONFA_IFINDEX]);
1936 switch (ifindex) {
1937 case NETCONFA_IFINDEX_ALL:
1938 devconf = net->ipv4.devconf_all;
1939 break;
1940 case NETCONFA_IFINDEX_DEFAULT:
1941 devconf = net->ipv4.devconf_dflt;
1942 break;
1943 default:
1944 dev = __dev_get_by_index(net, ifindex);
1945 if (!dev)
1946 goto errout;
1947 in_dev = __in_dev_get_rtnl(dev);
1948 if (!in_dev)
1949 goto errout;
1950 devconf = &in_dev->cnf;
1951 break;
1952 }
1953
1954 err = -ENOBUFS;
1955 skb = nlmsg_new(inet_netconf_msgsize_devconf(NETCONFA_ALL), GFP_KERNEL);
1956 if (!skb)
1957 goto errout;
1958
1959 err = inet_netconf_fill_devconf(skb, ifindex, devconf,
1960 NETLINK_CB(in_skb).portid,
1961 nlh->nlmsg_seq, RTM_NEWNETCONF, 0,
1962 NETCONFA_ALL);
1963 if (err < 0) {
1964 /* -EMSGSIZE implies BUG in inet_netconf_msgsize_devconf() */
1965 WARN_ON(err == -EMSGSIZE);
1966 kfree_skb(skb);
1967 goto errout;
1968 }
1969 err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).portid);
1970errout:
1971 return err;
1972}
1973
1974static int inet_netconf_dump_devconf(struct sk_buff *skb,
1975 struct netlink_callback *cb)
1976{
1977 struct net *net = sock_net(skb->sk);
1978 int h, s_h;
1979 int idx, s_idx;
1980 struct net_device *dev;
1981 struct in_device *in_dev;
1982 struct hlist_head *head;
1983
1984 s_h = cb->args[0];
1985 s_idx = idx = cb->args[1];
1986
1987 for (h = s_h; h < NETDEV_HASHENTRIES; h++, s_idx = 0) {
1988 idx = 0;
1989 head = &net->dev_index_head[h];
1990 rcu_read_lock();
1991 cb->seq = atomic_read(&net->ipv4.dev_addr_genid) ^
1992 net->dev_base_seq;
1993 hlist_for_each_entry_rcu(dev, head, index_hlist) {
1994 if (idx < s_idx)
1995 goto cont;
1996 in_dev = __in_dev_get_rcu(dev);
1997 if (!in_dev)
1998 goto cont;
1999
2000 if (inet_netconf_fill_devconf(skb, dev->ifindex,
2001 &in_dev->cnf,
2002 NETLINK_CB(cb->skb).portid,
2003 cb->nlh->nlmsg_seq,
2004 RTM_NEWNETCONF,
2005 NLM_F_MULTI,
2006 NETCONFA_ALL) < 0) {
2007 rcu_read_unlock();
2008 goto done;
2009 }
2010 nl_dump_check_consistent(cb, nlmsg_hdr(skb));
2011cont:
2012 idx++;
2013 }
2014 rcu_read_unlock();
2015 }
2016 if (h == NETDEV_HASHENTRIES) {
2017 if (inet_netconf_fill_devconf(skb, NETCONFA_IFINDEX_ALL,
2018 net->ipv4.devconf_all,
2019 NETLINK_CB(cb->skb).portid,
2020 cb->nlh->nlmsg_seq,
2021 RTM_NEWNETCONF, NLM_F_MULTI,
2022 NETCONFA_ALL) < 0)
2023 goto done;
2024 else
2025 h++;
2026 }
2027 if (h == NETDEV_HASHENTRIES + 1) {
2028 if (inet_netconf_fill_devconf(skb, NETCONFA_IFINDEX_DEFAULT,
2029 net->ipv4.devconf_dflt,
2030 NETLINK_CB(cb->skb).portid,
2031 cb->nlh->nlmsg_seq,
2032 RTM_NEWNETCONF, NLM_F_MULTI,
2033 NETCONFA_ALL) < 0)
2034 goto done;
2035 else
2036 h++;
2037 }
2038done:
2039 cb->args[0] = h;
2040 cb->args[1] = idx;
2041
2042 return skb->len;
2043}
2044
2045#ifdef CONFIG_SYSCTL
2046
2047static void devinet_copy_dflt_conf(struct net *net, int i)
2048{
2049 struct net_device *dev;
2050
2051 rcu_read_lock();
2052 for_each_netdev_rcu(net, dev) {
2053 struct in_device *in_dev;
2054
2055 in_dev = __in_dev_get_rcu(dev);
2056 if (in_dev && !test_bit(i, in_dev->cnf.state))
2057 in_dev->cnf.data[i] = net->ipv4.devconf_dflt->data[i];
2058 }
2059 rcu_read_unlock();
2060}
2061
2062/* called with RTNL locked */
2063static void inet_forward_change(struct net *net)
2064{
2065 struct net_device *dev;
2066 int on = IPV4_DEVCONF_ALL(net, FORWARDING);
2067
2068 IPV4_DEVCONF_ALL(net, ACCEPT_REDIRECTS) = !on;
2069 IPV4_DEVCONF_DFLT(net, FORWARDING) = on;
2070 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2071 NETCONFA_FORWARDING,
2072 NETCONFA_IFINDEX_ALL,
2073 net->ipv4.devconf_all);
2074 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2075 NETCONFA_FORWARDING,
2076 NETCONFA_IFINDEX_DEFAULT,
2077 net->ipv4.devconf_dflt);
2078
2079 for_each_netdev(net, dev) {
2080 struct in_device *in_dev;
2081
2082 if (on)
2083 dev_disable_lro(dev);
2084
2085 in_dev = __in_dev_get_rtnl(dev);
2086 if (in_dev) {
2087 IN_DEV_CONF_SET(in_dev, FORWARDING, on);
2088 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2089 NETCONFA_FORWARDING,
2090 dev->ifindex, &in_dev->cnf);
2091 }
2092 }
2093}
2094
2095static int devinet_conf_ifindex(struct net *net, struct ipv4_devconf *cnf)
2096{
2097 if (cnf == net->ipv4.devconf_dflt)
2098 return NETCONFA_IFINDEX_DEFAULT;
2099 else if (cnf == net->ipv4.devconf_all)
2100 return NETCONFA_IFINDEX_ALL;
2101 else {
2102 struct in_device *idev
2103 = container_of(cnf, struct in_device, cnf);
2104 return idev->dev->ifindex;
2105 }
2106}
2107
2108static int devinet_conf_proc(struct ctl_table *ctl, int write,
2109 void __user *buffer,
2110 size_t *lenp, loff_t *ppos)
2111{
2112 int old_value = *(int *)ctl->data;
2113 int ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
2114 int new_value = *(int *)ctl->data;
2115
2116 if (write) {
2117 struct ipv4_devconf *cnf = ctl->extra1;
2118 struct net *net = ctl->extra2;
2119 int i = (int *)ctl->data - cnf->data;
2120 int ifindex;
2121
2122 set_bit(i, cnf->state);
2123
2124 if (cnf == net->ipv4.devconf_dflt)
2125 devinet_copy_dflt_conf(net, i);
2126 if (i == IPV4_DEVCONF_ACCEPT_LOCAL - 1 ||
2127 i == IPV4_DEVCONF_ROUTE_LOCALNET - 1)
2128 if ((new_value == 0) && (old_value != 0))
2129 rt_cache_flush(net);
2130
2131 if (i == IPV4_DEVCONF_RP_FILTER - 1 &&
2132 new_value != old_value) {
2133 ifindex = devinet_conf_ifindex(net, cnf);
2134 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2135 NETCONFA_RP_FILTER,
2136 ifindex, cnf);
2137 }
2138 if (i == IPV4_DEVCONF_PROXY_ARP - 1 &&
2139 new_value != old_value) {
2140 ifindex = devinet_conf_ifindex(net, cnf);
2141 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2142 NETCONFA_PROXY_NEIGH,
2143 ifindex, cnf);
2144 }
2145 if (i == IPV4_DEVCONF_IGNORE_ROUTES_WITH_LINKDOWN - 1 &&
2146 new_value != old_value) {
2147 ifindex = devinet_conf_ifindex(net, cnf);
2148 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2149 NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN,
2150 ifindex, cnf);
2151 }
2152 }
2153
2154 return ret;
2155}
2156
2157static int devinet_sysctl_forward(struct ctl_table *ctl, int write,
2158 void __user *buffer,
2159 size_t *lenp, loff_t *ppos)
2160{
2161 int *valp = ctl->data;
2162 int val = *valp;
2163 loff_t pos = *ppos;
2164 int ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
2165
2166 if (write && *valp != val) {
2167 struct net *net = ctl->extra2;
2168
2169 if (valp != &IPV4_DEVCONF_DFLT(net, FORWARDING)) {
2170 if (!rtnl_trylock()) {
2171 /* Restore the original values before restarting */
2172 *valp = val;
2173 *ppos = pos;
2174 return restart_syscall();
2175 }
2176 if (valp == &IPV4_DEVCONF_ALL(net, FORWARDING)) {
2177 inet_forward_change(net);
2178 } else {
2179 struct ipv4_devconf *cnf = ctl->extra1;
2180 struct in_device *idev =
2181 container_of(cnf, struct in_device, cnf);
2182 if (*valp)
2183 dev_disable_lro(idev->dev);
2184 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2185 NETCONFA_FORWARDING,
2186 idev->dev->ifindex,
2187 cnf);
2188 }
2189 rtnl_unlock();
2190 rt_cache_flush(net);
2191 } else
2192 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2193 NETCONFA_FORWARDING,
2194 NETCONFA_IFINDEX_DEFAULT,
2195 net->ipv4.devconf_dflt);
2196 }
2197
2198 return ret;
2199}
2200
2201static int ipv4_doint_and_flush(struct ctl_table *ctl, int write,
2202 void __user *buffer,
2203 size_t *lenp, loff_t *ppos)
2204{
2205 int *valp = ctl->data;
2206 int val = *valp;
2207 int ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
2208 struct net *net = ctl->extra2;
2209
2210 if (write && *valp != val)
2211 rt_cache_flush(net);
2212
2213 return ret;
2214}
2215
2216#define DEVINET_SYSCTL_ENTRY(attr, name, mval, proc) \
2217 { \
2218 .procname = name, \
2219 .data = ipv4_devconf.data + \
2220 IPV4_DEVCONF_ ## attr - 1, \
2221 .maxlen = sizeof(int), \
2222 .mode = mval, \
2223 .proc_handler = proc, \
2224 .extra1 = &ipv4_devconf, \
2225 }
2226
2227#define DEVINET_SYSCTL_RW_ENTRY(attr, name) \
2228 DEVINET_SYSCTL_ENTRY(attr, name, 0644, devinet_conf_proc)
2229
2230#define DEVINET_SYSCTL_RO_ENTRY(attr, name) \
2231 DEVINET_SYSCTL_ENTRY(attr, name, 0444, devinet_conf_proc)
2232
2233#define DEVINET_SYSCTL_COMPLEX_ENTRY(attr, name, proc) \
2234 DEVINET_SYSCTL_ENTRY(attr, name, 0644, proc)
2235
2236#define DEVINET_SYSCTL_FLUSHING_ENTRY(attr, name) \
2237 DEVINET_SYSCTL_COMPLEX_ENTRY(attr, name, ipv4_doint_and_flush)
2238
2239static struct devinet_sysctl_table {
2240 struct ctl_table_header *sysctl_header;
2241 struct ctl_table devinet_vars[__IPV4_DEVCONF_MAX];
2242} devinet_sysctl = {
2243 .devinet_vars = {
2244 DEVINET_SYSCTL_COMPLEX_ENTRY(FORWARDING, "forwarding",
2245 devinet_sysctl_forward),
2246 DEVINET_SYSCTL_RO_ENTRY(MC_FORWARDING, "mc_forwarding"),
2247
2248 DEVINET_SYSCTL_RW_ENTRY(ACCEPT_REDIRECTS, "accept_redirects"),
2249 DEVINET_SYSCTL_RW_ENTRY(SECURE_REDIRECTS, "secure_redirects"),
2250 DEVINET_SYSCTL_RW_ENTRY(SHARED_MEDIA, "shared_media"),
2251 DEVINET_SYSCTL_RW_ENTRY(RP_FILTER, "rp_filter"),
2252 DEVINET_SYSCTL_RW_ENTRY(SEND_REDIRECTS, "send_redirects"),
2253 DEVINET_SYSCTL_RW_ENTRY(ACCEPT_SOURCE_ROUTE,
2254 "accept_source_route"),
2255 DEVINET_SYSCTL_RW_ENTRY(ACCEPT_LOCAL, "accept_local"),
2256 DEVINET_SYSCTL_RW_ENTRY(SRC_VMARK, "src_valid_mark"),
2257 DEVINET_SYSCTL_RW_ENTRY(PROXY_ARP, "proxy_arp"),
2258 DEVINET_SYSCTL_RW_ENTRY(MEDIUM_ID, "medium_id"),
2259 DEVINET_SYSCTL_RW_ENTRY(BOOTP_RELAY, "bootp_relay"),
2260 DEVINET_SYSCTL_RW_ENTRY(LOG_MARTIANS, "log_martians"),
2261 DEVINET_SYSCTL_RW_ENTRY(TAG, "tag"),
2262 DEVINET_SYSCTL_RW_ENTRY(ARPFILTER, "arp_filter"),
2263 DEVINET_SYSCTL_RW_ENTRY(ARP_ANNOUNCE, "arp_announce"),
2264 DEVINET_SYSCTL_RW_ENTRY(ARP_IGNORE, "arp_ignore"),
2265 DEVINET_SYSCTL_RW_ENTRY(ARP_ACCEPT, "arp_accept"),
2266 DEVINET_SYSCTL_RW_ENTRY(ARP_NOTIFY, "arp_notify"),
2267 DEVINET_SYSCTL_RW_ENTRY(PROXY_ARP_PVLAN, "proxy_arp_pvlan"),
2268 DEVINET_SYSCTL_RW_ENTRY(FORCE_IGMP_VERSION,
2269 "force_igmp_version"),
2270 DEVINET_SYSCTL_RW_ENTRY(IGMPV2_UNSOLICITED_REPORT_INTERVAL,
2271 "igmpv2_unsolicited_report_interval"),
2272 DEVINET_SYSCTL_RW_ENTRY(IGMPV3_UNSOLICITED_REPORT_INTERVAL,
2273 "igmpv3_unsolicited_report_interval"),
2274 DEVINET_SYSCTL_RW_ENTRY(IGNORE_ROUTES_WITH_LINKDOWN,
2275 "ignore_routes_with_linkdown"),
2276 DEVINET_SYSCTL_RW_ENTRY(DROP_GRATUITOUS_ARP,
2277 "drop_gratuitous_arp"),
2278
2279 DEVINET_SYSCTL_FLUSHING_ENTRY(NOXFRM, "disable_xfrm"),
2280 DEVINET_SYSCTL_FLUSHING_ENTRY(NOPOLICY, "disable_policy"),
2281 DEVINET_SYSCTL_FLUSHING_ENTRY(PROMOTE_SECONDARIES,
2282 "promote_secondaries"),
2283 DEVINET_SYSCTL_FLUSHING_ENTRY(ROUTE_LOCALNET,
2284 "route_localnet"),
2285 DEVINET_SYSCTL_FLUSHING_ENTRY(DROP_UNICAST_IN_L2_MULTICAST,
2286 "drop_unicast_in_l2_multicast"),
2287 },
2288};
2289
2290static int __devinet_sysctl_register(struct net *net, char *dev_name,
2291 int ifindex, struct ipv4_devconf *p)
2292{
2293 int i;
2294 struct devinet_sysctl_table *t;
2295 char path[sizeof("net/ipv4/conf/") + IFNAMSIZ];
2296
2297 t = kmemdup(&devinet_sysctl, sizeof(*t), GFP_KERNEL);
2298 if (!t)
2299 goto out;
2300
2301 for (i = 0; i < ARRAY_SIZE(t->devinet_vars) - 1; i++) {
2302 t->devinet_vars[i].data += (char *)p - (char *)&ipv4_devconf;
2303 t->devinet_vars[i].extra1 = p;
2304 t->devinet_vars[i].extra2 = net;
2305 }
2306
2307 snprintf(path, sizeof(path), "net/ipv4/conf/%s", dev_name);
2308
2309 t->sysctl_header = register_net_sysctl(net, path, t->devinet_vars);
2310 if (!t->sysctl_header)
2311 goto free;
2312
2313 p->sysctl = t;
2314
2315 inet_netconf_notify_devconf(net, RTM_NEWNETCONF, NETCONFA_ALL,
2316 ifindex, p);
2317 return 0;
2318
2319free:
2320 kfree(t);
2321out:
2322 return -ENOBUFS;
2323}
2324
2325static void __devinet_sysctl_unregister(struct net *net,
2326 struct ipv4_devconf *cnf, int ifindex)
2327{
2328 struct devinet_sysctl_table *t = cnf->sysctl;
2329
2330 if (t) {
2331 cnf->sysctl = NULL;
2332 unregister_net_sysctl_table(t->sysctl_header);
2333 kfree(t);
2334 }
2335
2336 inet_netconf_notify_devconf(net, RTM_DELNETCONF, 0, ifindex, NULL);
2337}
2338
2339static int devinet_sysctl_register(struct in_device *idev)
2340{
2341 int err;
2342
2343 if (!sysctl_dev_name_is_allowed(idev->dev->name))
2344 return -EINVAL;
2345
2346 err = neigh_sysctl_register(idev->dev, idev->arp_parms, NULL);
2347 if (err)
2348 return err;
2349 err = __devinet_sysctl_register(dev_net(idev->dev), idev->dev->name,
2350 idev->dev->ifindex, &idev->cnf);
2351 if (err)
2352 neigh_sysctl_unregister(idev->arp_parms);
2353 return err;
2354}
2355
2356static void devinet_sysctl_unregister(struct in_device *idev)
2357{
2358 struct net *net = dev_net(idev->dev);
2359
2360 __devinet_sysctl_unregister(net, &idev->cnf, idev->dev->ifindex);
2361 neigh_sysctl_unregister(idev->arp_parms);
2362}
2363
2364static struct ctl_table ctl_forward_entry[] = {
2365 {
2366 .procname = "ip_forward",
2367 .data = &ipv4_devconf.data[
2368 IPV4_DEVCONF_FORWARDING - 1],
2369 .maxlen = sizeof(int),
2370 .mode = 0644,
2371 .proc_handler = devinet_sysctl_forward,
2372 .extra1 = &ipv4_devconf,
2373 .extra2 = &init_net,
2374 },
2375 { },
2376};
2377#endif
2378
2379static __net_init int devinet_init_net(struct net *net)
2380{
2381 int err;
2382 struct ipv4_devconf *all, *dflt;
2383#ifdef CONFIG_SYSCTL
2384 struct ctl_table *tbl = ctl_forward_entry;
2385 struct ctl_table_header *forw_hdr;
2386#endif
2387
2388 err = -ENOMEM;
2389 all = &ipv4_devconf;
2390 dflt = &ipv4_devconf_dflt;
2391
2392 if (!net_eq(net, &init_net)) {
2393 all = kmemdup(all, sizeof(ipv4_devconf), GFP_KERNEL);
2394 if (!all)
2395 goto err_alloc_all;
2396
2397 dflt = kmemdup(dflt, sizeof(ipv4_devconf_dflt), GFP_KERNEL);
2398 if (!dflt)
2399 goto err_alloc_dflt;
2400
2401#ifdef CONFIG_SYSCTL
2402 tbl = kmemdup(tbl, sizeof(ctl_forward_entry), GFP_KERNEL);
2403 if (!tbl)
2404 goto err_alloc_ctl;
2405
2406 tbl[0].data = &all->data[IPV4_DEVCONF_FORWARDING - 1];
2407 tbl[0].extra1 = all;
2408 tbl[0].extra2 = net;
2409#endif
2410 }
2411
2412#ifdef CONFIG_SYSCTL
2413 err = __devinet_sysctl_register(net, "all", NETCONFA_IFINDEX_ALL, all);
2414 if (err < 0)
2415 goto err_reg_all;
2416
2417 err = __devinet_sysctl_register(net, "default",
2418 NETCONFA_IFINDEX_DEFAULT, dflt);
2419 if (err < 0)
2420 goto err_reg_dflt;
2421
2422 err = -ENOMEM;
2423 forw_hdr = register_net_sysctl(net, "net/ipv4", tbl);
2424 if (!forw_hdr)
2425 goto err_reg_ctl;
2426 net->ipv4.forw_hdr = forw_hdr;
2427#endif
2428
2429 net->ipv4.devconf_all = all;
2430 net->ipv4.devconf_dflt = dflt;
2431 return 0;
2432
2433#ifdef CONFIG_SYSCTL
2434err_reg_ctl:
2435 __devinet_sysctl_unregister(net, dflt, NETCONFA_IFINDEX_DEFAULT);
2436err_reg_dflt:
2437 __devinet_sysctl_unregister(net, all, NETCONFA_IFINDEX_ALL);
2438err_reg_all:
2439 if (tbl != ctl_forward_entry)
2440 kfree(tbl);
2441err_alloc_ctl:
2442#endif
2443 if (dflt != &ipv4_devconf_dflt)
2444 kfree(dflt);
2445err_alloc_dflt:
2446 if (all != &ipv4_devconf)
2447 kfree(all);
2448err_alloc_all:
2449 return err;
2450}
2451
2452static __net_exit void devinet_exit_net(struct net *net)
2453{
2454#ifdef CONFIG_SYSCTL
2455 struct ctl_table *tbl;
2456
2457 tbl = net->ipv4.forw_hdr->ctl_table_arg;
2458 unregister_net_sysctl_table(net->ipv4.forw_hdr);
2459 __devinet_sysctl_unregister(net, net->ipv4.devconf_dflt,
2460 NETCONFA_IFINDEX_DEFAULT);
2461 __devinet_sysctl_unregister(net, net->ipv4.devconf_all,
2462 NETCONFA_IFINDEX_ALL);
2463 kfree(tbl);
2464#endif
2465 kfree(net->ipv4.devconf_dflt);
2466 kfree(net->ipv4.devconf_all);
2467}
2468
2469static __net_initdata struct pernet_operations devinet_ops = {
2470 .init = devinet_init_net,
2471 .exit = devinet_exit_net,
2472};
2473
2474static struct rtnl_af_ops inet_af_ops __read_mostly = {
2475 .family = AF_INET,
2476 .fill_link_af = inet_fill_link_af,
2477 .get_link_af_size = inet_get_link_af_size,
2478 .validate_link_af = inet_validate_link_af,
2479 .set_link_af = inet_set_link_af,
2480};
2481
2482void __init devinet_init(void)
2483{
2484 int i;
2485
2486 for (i = 0; i < IN4_ADDR_HSIZE; i++)
2487 INIT_HLIST_HEAD(&inet_addr_lst[i]);
2488
2489 register_pernet_subsys(&devinet_ops);
2490
2491 register_gifconf(PF_INET, inet_gifconf);
2492 register_netdevice_notifier(&ip_netdev_notifier);
2493
2494 queue_delayed_work(system_power_efficient_wq, &check_lifetime_work, 0);
2495
2496 rtnl_af_register(&inet_af_ops);
2497
2498 rtnl_register(PF_INET, RTM_NEWADDR, inet_rtm_newaddr, NULL, 0);
2499 rtnl_register(PF_INET, RTM_DELADDR, inet_rtm_deladdr, NULL, 0);
2500 rtnl_register(PF_INET, RTM_GETADDR, NULL, inet_dump_ifaddr, 0);
2501 rtnl_register(PF_INET, RTM_GETNETCONF, inet_netconf_get_devconf,
2502 inet_netconf_dump_devconf, 0);
2503}
1// SPDX-License-Identifier: GPL-2.0-or-later
2/*
3 * NET3 IP device support routines.
4 *
5 * Derived from the IP parts of dev.c 1.0.19
6 * Authors: Ross Biro
7 * Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
8 * Mark Evans, <evansmp@uhura.aston.ac.uk>
9 *
10 * Additional Authors:
11 * Alan Cox, <gw4pts@gw4pts.ampr.org>
12 * Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru>
13 *
14 * Changes:
15 * Alexey Kuznetsov: pa_* fields are replaced with ifaddr
16 * lists.
17 * Cyrus Durgin: updated for kmod
18 * Matthias Andree: in devinet_ioctl, compare label and
19 * address (4.4BSD alias style support),
20 * fall back to comparing just the label
21 * if no match found.
22 */
23
24
25#include <linux/uaccess.h>
26#include <linux/bitops.h>
27#include <linux/capability.h>
28#include <linux/module.h>
29#include <linux/types.h>
30#include <linux/kernel.h>
31#include <linux/sched/signal.h>
32#include <linux/string.h>
33#include <linux/mm.h>
34#include <linux/socket.h>
35#include <linux/sockios.h>
36#include <linux/in.h>
37#include <linux/errno.h>
38#include <linux/interrupt.h>
39#include <linux/if_addr.h>
40#include <linux/if_ether.h>
41#include <linux/inet.h>
42#include <linux/netdevice.h>
43#include <linux/etherdevice.h>
44#include <linux/skbuff.h>
45#include <linux/init.h>
46#include <linux/notifier.h>
47#include <linux/inetdevice.h>
48#include <linux/igmp.h>
49#include <linux/slab.h>
50#include <linux/hash.h>
51#ifdef CONFIG_SYSCTL
52#include <linux/sysctl.h>
53#endif
54#include <linux/kmod.h>
55#include <linux/netconf.h>
56
57#include <net/arp.h>
58#include <net/ip.h>
59#include <net/route.h>
60#include <net/ip_fib.h>
61#include <net/rtnetlink.h>
62#include <net/net_namespace.h>
63#include <net/addrconf.h>
64
65#define IPV6ONLY_FLAGS \
66 (IFA_F_NODAD | IFA_F_OPTIMISTIC | IFA_F_DADFAILED | \
67 IFA_F_HOMEADDRESS | IFA_F_TENTATIVE | \
68 IFA_F_MANAGETEMPADDR | IFA_F_STABLE_PRIVACY)
69
70static struct ipv4_devconf ipv4_devconf = {
71 .data = {
72 [IPV4_DEVCONF_ACCEPT_REDIRECTS - 1] = 1,
73 [IPV4_DEVCONF_SEND_REDIRECTS - 1] = 1,
74 [IPV4_DEVCONF_SECURE_REDIRECTS - 1] = 1,
75 [IPV4_DEVCONF_SHARED_MEDIA - 1] = 1,
76 [IPV4_DEVCONF_IGMPV2_UNSOLICITED_REPORT_INTERVAL - 1] = 10000 /*ms*/,
77 [IPV4_DEVCONF_IGMPV3_UNSOLICITED_REPORT_INTERVAL - 1] = 1000 /*ms*/,
78 [IPV4_DEVCONF_ARP_EVICT_NOCARRIER - 1] = 1,
79 },
80};
81
82static struct ipv4_devconf ipv4_devconf_dflt = {
83 .data = {
84 [IPV4_DEVCONF_ACCEPT_REDIRECTS - 1] = 1,
85 [IPV4_DEVCONF_SEND_REDIRECTS - 1] = 1,
86 [IPV4_DEVCONF_SECURE_REDIRECTS - 1] = 1,
87 [IPV4_DEVCONF_SHARED_MEDIA - 1] = 1,
88 [IPV4_DEVCONF_ACCEPT_SOURCE_ROUTE - 1] = 1,
89 [IPV4_DEVCONF_IGMPV2_UNSOLICITED_REPORT_INTERVAL - 1] = 10000 /*ms*/,
90 [IPV4_DEVCONF_IGMPV3_UNSOLICITED_REPORT_INTERVAL - 1] = 1000 /*ms*/,
91 [IPV4_DEVCONF_ARP_EVICT_NOCARRIER - 1] = 1,
92 },
93};
94
95#define IPV4_DEVCONF_DFLT(net, attr) \
96 IPV4_DEVCONF((*net->ipv4.devconf_dflt), attr)
97
98static const struct nla_policy ifa_ipv4_policy[IFA_MAX+1] = {
99 [IFA_LOCAL] = { .type = NLA_U32 },
100 [IFA_ADDRESS] = { .type = NLA_U32 },
101 [IFA_BROADCAST] = { .type = NLA_U32 },
102 [IFA_LABEL] = { .type = NLA_STRING, .len = IFNAMSIZ - 1 },
103 [IFA_CACHEINFO] = { .len = sizeof(struct ifa_cacheinfo) },
104 [IFA_FLAGS] = { .type = NLA_U32 },
105 [IFA_RT_PRIORITY] = { .type = NLA_U32 },
106 [IFA_TARGET_NETNSID] = { .type = NLA_S32 },
107 [IFA_PROTO] = { .type = NLA_U8 },
108};
109
110struct inet_fill_args {
111 u32 portid;
112 u32 seq;
113 int event;
114 unsigned int flags;
115 int netnsid;
116 int ifindex;
117};
118
119#define IN4_ADDR_HSIZE_SHIFT 8
120#define IN4_ADDR_HSIZE (1U << IN4_ADDR_HSIZE_SHIFT)
121
122static struct hlist_head inet_addr_lst[IN4_ADDR_HSIZE];
123
124static u32 inet_addr_hash(const struct net *net, __be32 addr)
125{
126 u32 val = (__force u32) addr ^ net_hash_mix(net);
127
128 return hash_32(val, IN4_ADDR_HSIZE_SHIFT);
129}
130
131static void inet_hash_insert(struct net *net, struct in_ifaddr *ifa)
132{
133 u32 hash = inet_addr_hash(net, ifa->ifa_local);
134
135 ASSERT_RTNL();
136 hlist_add_head_rcu(&ifa->hash, &inet_addr_lst[hash]);
137}
138
139static void inet_hash_remove(struct in_ifaddr *ifa)
140{
141 ASSERT_RTNL();
142 hlist_del_init_rcu(&ifa->hash);
143}
144
145/**
146 * __ip_dev_find - find the first device with a given source address.
147 * @net: the net namespace
148 * @addr: the source address
149 * @devref: if true, take a reference on the found device
150 *
151 * If a caller uses devref=false, it should be protected by RCU, or RTNL
152 */
153struct net_device *__ip_dev_find(struct net *net, __be32 addr, bool devref)
154{
155 struct net_device *result = NULL;
156 struct in_ifaddr *ifa;
157
158 rcu_read_lock();
159 ifa = inet_lookup_ifaddr_rcu(net, addr);
160 if (!ifa) {
161 struct flowi4 fl4 = { .daddr = addr };
162 struct fib_result res = { 0 };
163 struct fib_table *local;
164
165 /* Fallback to FIB local table so that communication
166 * over loopback subnets work.
167 */
168 local = fib_get_table(net, RT_TABLE_LOCAL);
169 if (local &&
170 !fib_table_lookup(local, &fl4, &res, FIB_LOOKUP_NOREF) &&
171 res.type == RTN_LOCAL)
172 result = FIB_RES_DEV(res);
173 } else {
174 result = ifa->ifa_dev->dev;
175 }
176 if (result && devref)
177 dev_hold(result);
178 rcu_read_unlock();
179 return result;
180}
181EXPORT_SYMBOL(__ip_dev_find);
182
183/* called under RCU lock */
184struct in_ifaddr *inet_lookup_ifaddr_rcu(struct net *net, __be32 addr)
185{
186 u32 hash = inet_addr_hash(net, addr);
187 struct in_ifaddr *ifa;
188
189 hlist_for_each_entry_rcu(ifa, &inet_addr_lst[hash], hash)
190 if (ifa->ifa_local == addr &&
191 net_eq(dev_net(ifa->ifa_dev->dev), net))
192 return ifa;
193
194 return NULL;
195}
196
197static void rtmsg_ifa(int event, struct in_ifaddr *, struct nlmsghdr *, u32);
198
199static BLOCKING_NOTIFIER_HEAD(inetaddr_chain);
200static BLOCKING_NOTIFIER_HEAD(inetaddr_validator_chain);
201static void inet_del_ifa(struct in_device *in_dev,
202 struct in_ifaddr __rcu **ifap,
203 int destroy);
204#ifdef CONFIG_SYSCTL
205static int devinet_sysctl_register(struct in_device *idev);
206static void devinet_sysctl_unregister(struct in_device *idev);
207#else
208static int devinet_sysctl_register(struct in_device *idev)
209{
210 return 0;
211}
212static void devinet_sysctl_unregister(struct in_device *idev)
213{
214}
215#endif
216
217/* Locks all the inet devices. */
218
219static struct in_ifaddr *inet_alloc_ifa(void)
220{
221 return kzalloc(sizeof(struct in_ifaddr), GFP_KERNEL_ACCOUNT);
222}
223
224static void inet_rcu_free_ifa(struct rcu_head *head)
225{
226 struct in_ifaddr *ifa = container_of(head, struct in_ifaddr, rcu_head);
227 if (ifa->ifa_dev)
228 in_dev_put(ifa->ifa_dev);
229 kfree(ifa);
230}
231
232static void inet_free_ifa(struct in_ifaddr *ifa)
233{
234 call_rcu(&ifa->rcu_head, inet_rcu_free_ifa);
235}
236
237static void in_dev_free_rcu(struct rcu_head *head)
238{
239 struct in_device *idev = container_of(head, struct in_device, rcu_head);
240
241 kfree(rcu_dereference_protected(idev->mc_hash, 1));
242 kfree(idev);
243}
244
245void in_dev_finish_destroy(struct in_device *idev)
246{
247 struct net_device *dev = idev->dev;
248
249 WARN_ON(idev->ifa_list);
250 WARN_ON(idev->mc_list);
251#ifdef NET_REFCNT_DEBUG
252 pr_debug("%s: %p=%s\n", __func__, idev, dev ? dev->name : "NIL");
253#endif
254 netdev_put(dev, &idev->dev_tracker);
255 if (!idev->dead)
256 pr_err("Freeing alive in_device %p\n", idev);
257 else
258 call_rcu(&idev->rcu_head, in_dev_free_rcu);
259}
260EXPORT_SYMBOL(in_dev_finish_destroy);
261
262static struct in_device *inetdev_init(struct net_device *dev)
263{
264 struct in_device *in_dev;
265 int err = -ENOMEM;
266
267 ASSERT_RTNL();
268
269 in_dev = kzalloc(sizeof(*in_dev), GFP_KERNEL);
270 if (!in_dev)
271 goto out;
272 memcpy(&in_dev->cnf, dev_net(dev)->ipv4.devconf_dflt,
273 sizeof(in_dev->cnf));
274 in_dev->cnf.sysctl = NULL;
275 in_dev->dev = dev;
276 in_dev->arp_parms = neigh_parms_alloc(dev, &arp_tbl);
277 if (!in_dev->arp_parms)
278 goto out_kfree;
279 if (IPV4_DEVCONF(in_dev->cnf, FORWARDING))
280 dev_disable_lro(dev);
281 /* Reference in_dev->dev */
282 netdev_hold(dev, &in_dev->dev_tracker, GFP_KERNEL);
283 /* Account for reference dev->ip_ptr (below) */
284 refcount_set(&in_dev->refcnt, 1);
285
286 err = devinet_sysctl_register(in_dev);
287 if (err) {
288 in_dev->dead = 1;
289 neigh_parms_release(&arp_tbl, in_dev->arp_parms);
290 in_dev_put(in_dev);
291 in_dev = NULL;
292 goto out;
293 }
294 ip_mc_init_dev(in_dev);
295 if (dev->flags & IFF_UP)
296 ip_mc_up(in_dev);
297
298 /* we can receive as soon as ip_ptr is set -- do this last */
299 rcu_assign_pointer(dev->ip_ptr, in_dev);
300out:
301 return in_dev ?: ERR_PTR(err);
302out_kfree:
303 kfree(in_dev);
304 in_dev = NULL;
305 goto out;
306}
307
308static void inetdev_destroy(struct in_device *in_dev)
309{
310 struct net_device *dev;
311 struct in_ifaddr *ifa;
312
313 ASSERT_RTNL();
314
315 dev = in_dev->dev;
316
317 in_dev->dead = 1;
318
319 ip_mc_destroy_dev(in_dev);
320
321 while ((ifa = rtnl_dereference(in_dev->ifa_list)) != NULL) {
322 inet_del_ifa(in_dev, &in_dev->ifa_list, 0);
323 inet_free_ifa(ifa);
324 }
325
326 RCU_INIT_POINTER(dev->ip_ptr, NULL);
327
328 devinet_sysctl_unregister(in_dev);
329 neigh_parms_release(&arp_tbl, in_dev->arp_parms);
330 arp_ifdown(dev);
331
332 in_dev_put(in_dev);
333}
334
335int inet_addr_onlink(struct in_device *in_dev, __be32 a, __be32 b)
336{
337 const struct in_ifaddr *ifa;
338
339 rcu_read_lock();
340 in_dev_for_each_ifa_rcu(ifa, in_dev) {
341 if (inet_ifa_match(a, ifa)) {
342 if (!b || inet_ifa_match(b, ifa)) {
343 rcu_read_unlock();
344 return 1;
345 }
346 }
347 }
348 rcu_read_unlock();
349 return 0;
350}
351
352static void __inet_del_ifa(struct in_device *in_dev,
353 struct in_ifaddr __rcu **ifap,
354 int destroy, struct nlmsghdr *nlh, u32 portid)
355{
356 struct in_ifaddr *promote = NULL;
357 struct in_ifaddr *ifa, *ifa1;
358 struct in_ifaddr __rcu **last_prim;
359 struct in_ifaddr *prev_prom = NULL;
360 int do_promote = IN_DEV_PROMOTE_SECONDARIES(in_dev);
361
362 ASSERT_RTNL();
363
364 ifa1 = rtnl_dereference(*ifap);
365 last_prim = ifap;
366 if (in_dev->dead)
367 goto no_promotions;
368
369 /* 1. Deleting primary ifaddr forces deletion all secondaries
370 * unless alias promotion is set
371 **/
372
373 if (!(ifa1->ifa_flags & IFA_F_SECONDARY)) {
374 struct in_ifaddr __rcu **ifap1 = &ifa1->ifa_next;
375
376 while ((ifa = rtnl_dereference(*ifap1)) != NULL) {
377 if (!(ifa->ifa_flags & IFA_F_SECONDARY) &&
378 ifa1->ifa_scope <= ifa->ifa_scope)
379 last_prim = &ifa->ifa_next;
380
381 if (!(ifa->ifa_flags & IFA_F_SECONDARY) ||
382 ifa1->ifa_mask != ifa->ifa_mask ||
383 !inet_ifa_match(ifa1->ifa_address, ifa)) {
384 ifap1 = &ifa->ifa_next;
385 prev_prom = ifa;
386 continue;
387 }
388
389 if (!do_promote) {
390 inet_hash_remove(ifa);
391 *ifap1 = ifa->ifa_next;
392
393 rtmsg_ifa(RTM_DELADDR, ifa, nlh, portid);
394 blocking_notifier_call_chain(&inetaddr_chain,
395 NETDEV_DOWN, ifa);
396 inet_free_ifa(ifa);
397 } else {
398 promote = ifa;
399 break;
400 }
401 }
402 }
403
404 /* On promotion all secondaries from subnet are changing
405 * the primary IP, we must remove all their routes silently
406 * and later to add them back with new prefsrc. Do this
407 * while all addresses are on the device list.
408 */
409 for (ifa = promote; ifa; ifa = rtnl_dereference(ifa->ifa_next)) {
410 if (ifa1->ifa_mask == ifa->ifa_mask &&
411 inet_ifa_match(ifa1->ifa_address, ifa))
412 fib_del_ifaddr(ifa, ifa1);
413 }
414
415no_promotions:
416 /* 2. Unlink it */
417
418 *ifap = ifa1->ifa_next;
419 inet_hash_remove(ifa1);
420
421 /* 3. Announce address deletion */
422
423 /* Send message first, then call notifier.
424 At first sight, FIB update triggered by notifier
425 will refer to already deleted ifaddr, that could confuse
426 netlink listeners. It is not true: look, gated sees
427 that route deleted and if it still thinks that ifaddr
428 is valid, it will try to restore deleted routes... Grr.
429 So that, this order is correct.
430 */
431 rtmsg_ifa(RTM_DELADDR, ifa1, nlh, portid);
432 blocking_notifier_call_chain(&inetaddr_chain, NETDEV_DOWN, ifa1);
433
434 if (promote) {
435 struct in_ifaddr *next_sec;
436
437 next_sec = rtnl_dereference(promote->ifa_next);
438 if (prev_prom) {
439 struct in_ifaddr *last_sec;
440
441 rcu_assign_pointer(prev_prom->ifa_next, next_sec);
442
443 last_sec = rtnl_dereference(*last_prim);
444 rcu_assign_pointer(promote->ifa_next, last_sec);
445 rcu_assign_pointer(*last_prim, promote);
446 }
447
448 promote->ifa_flags &= ~IFA_F_SECONDARY;
449 rtmsg_ifa(RTM_NEWADDR, promote, nlh, portid);
450 blocking_notifier_call_chain(&inetaddr_chain,
451 NETDEV_UP, promote);
452 for (ifa = next_sec; ifa;
453 ifa = rtnl_dereference(ifa->ifa_next)) {
454 if (ifa1->ifa_mask != ifa->ifa_mask ||
455 !inet_ifa_match(ifa1->ifa_address, ifa))
456 continue;
457 fib_add_ifaddr(ifa);
458 }
459
460 }
461 if (destroy)
462 inet_free_ifa(ifa1);
463}
464
465static void inet_del_ifa(struct in_device *in_dev,
466 struct in_ifaddr __rcu **ifap,
467 int destroy)
468{
469 __inet_del_ifa(in_dev, ifap, destroy, NULL, 0);
470}
471
472static void check_lifetime(struct work_struct *work);
473
474static DECLARE_DELAYED_WORK(check_lifetime_work, check_lifetime);
475
476static int __inet_insert_ifa(struct in_ifaddr *ifa, struct nlmsghdr *nlh,
477 u32 portid, struct netlink_ext_ack *extack)
478{
479 struct in_ifaddr __rcu **last_primary, **ifap;
480 struct in_device *in_dev = ifa->ifa_dev;
481 struct in_validator_info ivi;
482 struct in_ifaddr *ifa1;
483 int ret;
484
485 ASSERT_RTNL();
486
487 if (!ifa->ifa_local) {
488 inet_free_ifa(ifa);
489 return 0;
490 }
491
492 ifa->ifa_flags &= ~IFA_F_SECONDARY;
493 last_primary = &in_dev->ifa_list;
494
495 /* Don't set IPv6 only flags to IPv4 addresses */
496 ifa->ifa_flags &= ~IPV6ONLY_FLAGS;
497
498 ifap = &in_dev->ifa_list;
499 ifa1 = rtnl_dereference(*ifap);
500
501 while (ifa1) {
502 if (!(ifa1->ifa_flags & IFA_F_SECONDARY) &&
503 ifa->ifa_scope <= ifa1->ifa_scope)
504 last_primary = &ifa1->ifa_next;
505 if (ifa1->ifa_mask == ifa->ifa_mask &&
506 inet_ifa_match(ifa1->ifa_address, ifa)) {
507 if (ifa1->ifa_local == ifa->ifa_local) {
508 inet_free_ifa(ifa);
509 return -EEXIST;
510 }
511 if (ifa1->ifa_scope != ifa->ifa_scope) {
512 NL_SET_ERR_MSG(extack, "ipv4: Invalid scope value");
513 inet_free_ifa(ifa);
514 return -EINVAL;
515 }
516 ifa->ifa_flags |= IFA_F_SECONDARY;
517 }
518
519 ifap = &ifa1->ifa_next;
520 ifa1 = rtnl_dereference(*ifap);
521 }
522
523 /* Allow any devices that wish to register ifaddr validtors to weigh
524 * in now, before changes are committed. The rntl lock is serializing
525 * access here, so the state should not change between a validator call
526 * and a final notify on commit. This isn't invoked on promotion under
527 * the assumption that validators are checking the address itself, and
528 * not the flags.
529 */
530 ivi.ivi_addr = ifa->ifa_address;
531 ivi.ivi_dev = ifa->ifa_dev;
532 ivi.extack = extack;
533 ret = blocking_notifier_call_chain(&inetaddr_validator_chain,
534 NETDEV_UP, &ivi);
535 ret = notifier_to_errno(ret);
536 if (ret) {
537 inet_free_ifa(ifa);
538 return ret;
539 }
540
541 if (!(ifa->ifa_flags & IFA_F_SECONDARY))
542 ifap = last_primary;
543
544 rcu_assign_pointer(ifa->ifa_next, *ifap);
545 rcu_assign_pointer(*ifap, ifa);
546
547 inet_hash_insert(dev_net(in_dev->dev), ifa);
548
549 cancel_delayed_work(&check_lifetime_work);
550 queue_delayed_work(system_power_efficient_wq, &check_lifetime_work, 0);
551
552 /* Send message first, then call notifier.
553 Notifier will trigger FIB update, so that
554 listeners of netlink will know about new ifaddr */
555 rtmsg_ifa(RTM_NEWADDR, ifa, nlh, portid);
556 blocking_notifier_call_chain(&inetaddr_chain, NETDEV_UP, ifa);
557
558 return 0;
559}
560
561static int inet_insert_ifa(struct in_ifaddr *ifa)
562{
563 return __inet_insert_ifa(ifa, NULL, 0, NULL);
564}
565
566static int inet_set_ifa(struct net_device *dev, struct in_ifaddr *ifa)
567{
568 struct in_device *in_dev = __in_dev_get_rtnl(dev);
569
570 ASSERT_RTNL();
571
572 if (!in_dev) {
573 inet_free_ifa(ifa);
574 return -ENOBUFS;
575 }
576 ipv4_devconf_setall(in_dev);
577 neigh_parms_data_state_setall(in_dev->arp_parms);
578 if (ifa->ifa_dev != in_dev) {
579 WARN_ON(ifa->ifa_dev);
580 in_dev_hold(in_dev);
581 ifa->ifa_dev = in_dev;
582 }
583 if (ipv4_is_loopback(ifa->ifa_local))
584 ifa->ifa_scope = RT_SCOPE_HOST;
585 return inet_insert_ifa(ifa);
586}
587
588/* Caller must hold RCU or RTNL :
589 * We dont take a reference on found in_device
590 */
591struct in_device *inetdev_by_index(struct net *net, int ifindex)
592{
593 struct net_device *dev;
594 struct in_device *in_dev = NULL;
595
596 rcu_read_lock();
597 dev = dev_get_by_index_rcu(net, ifindex);
598 if (dev)
599 in_dev = rcu_dereference_rtnl(dev->ip_ptr);
600 rcu_read_unlock();
601 return in_dev;
602}
603EXPORT_SYMBOL(inetdev_by_index);
604
605/* Called only from RTNL semaphored context. No locks. */
606
607struct in_ifaddr *inet_ifa_byprefix(struct in_device *in_dev, __be32 prefix,
608 __be32 mask)
609{
610 struct in_ifaddr *ifa;
611
612 ASSERT_RTNL();
613
614 in_dev_for_each_ifa_rtnl(ifa, in_dev) {
615 if (ifa->ifa_mask == mask && inet_ifa_match(prefix, ifa))
616 return ifa;
617 }
618 return NULL;
619}
620
621static int ip_mc_autojoin_config(struct net *net, bool join,
622 const struct in_ifaddr *ifa)
623{
624#if defined(CONFIG_IP_MULTICAST)
625 struct ip_mreqn mreq = {
626 .imr_multiaddr.s_addr = ifa->ifa_address,
627 .imr_ifindex = ifa->ifa_dev->dev->ifindex,
628 };
629 struct sock *sk = net->ipv4.mc_autojoin_sk;
630 int ret;
631
632 ASSERT_RTNL();
633
634 lock_sock(sk);
635 if (join)
636 ret = ip_mc_join_group(sk, &mreq);
637 else
638 ret = ip_mc_leave_group(sk, &mreq);
639 release_sock(sk);
640
641 return ret;
642#else
643 return -EOPNOTSUPP;
644#endif
645}
646
647static int inet_rtm_deladdr(struct sk_buff *skb, struct nlmsghdr *nlh,
648 struct netlink_ext_ack *extack)
649{
650 struct net *net = sock_net(skb->sk);
651 struct in_ifaddr __rcu **ifap;
652 struct nlattr *tb[IFA_MAX+1];
653 struct in_device *in_dev;
654 struct ifaddrmsg *ifm;
655 struct in_ifaddr *ifa;
656 int err;
657
658 ASSERT_RTNL();
659
660 err = nlmsg_parse_deprecated(nlh, sizeof(*ifm), tb, IFA_MAX,
661 ifa_ipv4_policy, extack);
662 if (err < 0)
663 goto errout;
664
665 ifm = nlmsg_data(nlh);
666 in_dev = inetdev_by_index(net, ifm->ifa_index);
667 if (!in_dev) {
668 NL_SET_ERR_MSG(extack, "ipv4: Device not found");
669 err = -ENODEV;
670 goto errout;
671 }
672
673 for (ifap = &in_dev->ifa_list; (ifa = rtnl_dereference(*ifap)) != NULL;
674 ifap = &ifa->ifa_next) {
675 if (tb[IFA_LOCAL] &&
676 ifa->ifa_local != nla_get_in_addr(tb[IFA_LOCAL]))
677 continue;
678
679 if (tb[IFA_LABEL] && nla_strcmp(tb[IFA_LABEL], ifa->ifa_label))
680 continue;
681
682 if (tb[IFA_ADDRESS] &&
683 (ifm->ifa_prefixlen != ifa->ifa_prefixlen ||
684 !inet_ifa_match(nla_get_in_addr(tb[IFA_ADDRESS]), ifa)))
685 continue;
686
687 if (ipv4_is_multicast(ifa->ifa_address))
688 ip_mc_autojoin_config(net, false, ifa);
689 __inet_del_ifa(in_dev, ifap, 1, nlh, NETLINK_CB(skb).portid);
690 return 0;
691 }
692
693 NL_SET_ERR_MSG(extack, "ipv4: Address not found");
694 err = -EADDRNOTAVAIL;
695errout:
696 return err;
697}
698
699#define INFINITY_LIFE_TIME 0xFFFFFFFF
700
701static void check_lifetime(struct work_struct *work)
702{
703 unsigned long now, next, next_sec, next_sched;
704 struct in_ifaddr *ifa;
705 struct hlist_node *n;
706 int i;
707
708 now = jiffies;
709 next = round_jiffies_up(now + ADDR_CHECK_FREQUENCY);
710
711 for (i = 0; i < IN4_ADDR_HSIZE; i++) {
712 bool change_needed = false;
713
714 rcu_read_lock();
715 hlist_for_each_entry_rcu(ifa, &inet_addr_lst[i], hash) {
716 unsigned long age;
717
718 if (ifa->ifa_flags & IFA_F_PERMANENT)
719 continue;
720
721 /* We try to batch several events at once. */
722 age = (now - ifa->ifa_tstamp +
723 ADDRCONF_TIMER_FUZZ_MINUS) / HZ;
724
725 if (ifa->ifa_valid_lft != INFINITY_LIFE_TIME &&
726 age >= ifa->ifa_valid_lft) {
727 change_needed = true;
728 } else if (ifa->ifa_preferred_lft ==
729 INFINITY_LIFE_TIME) {
730 continue;
731 } else if (age >= ifa->ifa_preferred_lft) {
732 if (time_before(ifa->ifa_tstamp +
733 ifa->ifa_valid_lft * HZ, next))
734 next = ifa->ifa_tstamp +
735 ifa->ifa_valid_lft * HZ;
736
737 if (!(ifa->ifa_flags & IFA_F_DEPRECATED))
738 change_needed = true;
739 } else if (time_before(ifa->ifa_tstamp +
740 ifa->ifa_preferred_lft * HZ,
741 next)) {
742 next = ifa->ifa_tstamp +
743 ifa->ifa_preferred_lft * HZ;
744 }
745 }
746 rcu_read_unlock();
747 if (!change_needed)
748 continue;
749 rtnl_lock();
750 hlist_for_each_entry_safe(ifa, n, &inet_addr_lst[i], hash) {
751 unsigned long age;
752
753 if (ifa->ifa_flags & IFA_F_PERMANENT)
754 continue;
755
756 /* We try to batch several events at once. */
757 age = (now - ifa->ifa_tstamp +
758 ADDRCONF_TIMER_FUZZ_MINUS) / HZ;
759
760 if (ifa->ifa_valid_lft != INFINITY_LIFE_TIME &&
761 age >= ifa->ifa_valid_lft) {
762 struct in_ifaddr __rcu **ifap;
763 struct in_ifaddr *tmp;
764
765 ifap = &ifa->ifa_dev->ifa_list;
766 tmp = rtnl_dereference(*ifap);
767 while (tmp) {
768 if (tmp == ifa) {
769 inet_del_ifa(ifa->ifa_dev,
770 ifap, 1);
771 break;
772 }
773 ifap = &tmp->ifa_next;
774 tmp = rtnl_dereference(*ifap);
775 }
776 } else if (ifa->ifa_preferred_lft !=
777 INFINITY_LIFE_TIME &&
778 age >= ifa->ifa_preferred_lft &&
779 !(ifa->ifa_flags & IFA_F_DEPRECATED)) {
780 ifa->ifa_flags |= IFA_F_DEPRECATED;
781 rtmsg_ifa(RTM_NEWADDR, ifa, NULL, 0);
782 }
783 }
784 rtnl_unlock();
785 }
786
787 next_sec = round_jiffies_up(next);
788 next_sched = next;
789
790 /* If rounded timeout is accurate enough, accept it. */
791 if (time_before(next_sec, next + ADDRCONF_TIMER_FUZZ))
792 next_sched = next_sec;
793
794 now = jiffies;
795 /* And minimum interval is ADDRCONF_TIMER_FUZZ_MAX. */
796 if (time_before(next_sched, now + ADDRCONF_TIMER_FUZZ_MAX))
797 next_sched = now + ADDRCONF_TIMER_FUZZ_MAX;
798
799 queue_delayed_work(system_power_efficient_wq, &check_lifetime_work,
800 next_sched - now);
801}
802
803static void set_ifa_lifetime(struct in_ifaddr *ifa, __u32 valid_lft,
804 __u32 prefered_lft)
805{
806 unsigned long timeout;
807
808 ifa->ifa_flags &= ~(IFA_F_PERMANENT | IFA_F_DEPRECATED);
809
810 timeout = addrconf_timeout_fixup(valid_lft, HZ);
811 if (addrconf_finite_timeout(timeout))
812 ifa->ifa_valid_lft = timeout;
813 else
814 ifa->ifa_flags |= IFA_F_PERMANENT;
815
816 timeout = addrconf_timeout_fixup(prefered_lft, HZ);
817 if (addrconf_finite_timeout(timeout)) {
818 if (timeout == 0)
819 ifa->ifa_flags |= IFA_F_DEPRECATED;
820 ifa->ifa_preferred_lft = timeout;
821 }
822 ifa->ifa_tstamp = jiffies;
823 if (!ifa->ifa_cstamp)
824 ifa->ifa_cstamp = ifa->ifa_tstamp;
825}
826
827static struct in_ifaddr *rtm_to_ifaddr(struct net *net, struct nlmsghdr *nlh,
828 __u32 *pvalid_lft, __u32 *pprefered_lft,
829 struct netlink_ext_ack *extack)
830{
831 struct nlattr *tb[IFA_MAX+1];
832 struct in_ifaddr *ifa;
833 struct ifaddrmsg *ifm;
834 struct net_device *dev;
835 struct in_device *in_dev;
836 int err;
837
838 err = nlmsg_parse_deprecated(nlh, sizeof(*ifm), tb, IFA_MAX,
839 ifa_ipv4_policy, extack);
840 if (err < 0)
841 goto errout;
842
843 ifm = nlmsg_data(nlh);
844 err = -EINVAL;
845
846 if (ifm->ifa_prefixlen > 32) {
847 NL_SET_ERR_MSG(extack, "ipv4: Invalid prefix length");
848 goto errout;
849 }
850
851 if (!tb[IFA_LOCAL]) {
852 NL_SET_ERR_MSG(extack, "ipv4: Local address is not supplied");
853 goto errout;
854 }
855
856 dev = __dev_get_by_index(net, ifm->ifa_index);
857 err = -ENODEV;
858 if (!dev) {
859 NL_SET_ERR_MSG(extack, "ipv4: Device not found");
860 goto errout;
861 }
862
863 in_dev = __in_dev_get_rtnl(dev);
864 err = -ENOBUFS;
865 if (!in_dev)
866 goto errout;
867
868 ifa = inet_alloc_ifa();
869 if (!ifa)
870 /*
871 * A potential indev allocation can be left alive, it stays
872 * assigned to its device and is destroy with it.
873 */
874 goto errout;
875
876 ipv4_devconf_setall(in_dev);
877 neigh_parms_data_state_setall(in_dev->arp_parms);
878 in_dev_hold(in_dev);
879
880 if (!tb[IFA_ADDRESS])
881 tb[IFA_ADDRESS] = tb[IFA_LOCAL];
882
883 INIT_HLIST_NODE(&ifa->hash);
884 ifa->ifa_prefixlen = ifm->ifa_prefixlen;
885 ifa->ifa_mask = inet_make_mask(ifm->ifa_prefixlen);
886 ifa->ifa_flags = tb[IFA_FLAGS] ? nla_get_u32(tb[IFA_FLAGS]) :
887 ifm->ifa_flags;
888 ifa->ifa_scope = ifm->ifa_scope;
889 ifa->ifa_dev = in_dev;
890
891 ifa->ifa_local = nla_get_in_addr(tb[IFA_LOCAL]);
892 ifa->ifa_address = nla_get_in_addr(tb[IFA_ADDRESS]);
893
894 if (tb[IFA_BROADCAST])
895 ifa->ifa_broadcast = nla_get_in_addr(tb[IFA_BROADCAST]);
896
897 if (tb[IFA_LABEL])
898 nla_strscpy(ifa->ifa_label, tb[IFA_LABEL], IFNAMSIZ);
899 else
900 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
901
902 if (tb[IFA_RT_PRIORITY])
903 ifa->ifa_rt_priority = nla_get_u32(tb[IFA_RT_PRIORITY]);
904
905 if (tb[IFA_PROTO])
906 ifa->ifa_proto = nla_get_u8(tb[IFA_PROTO]);
907
908 if (tb[IFA_CACHEINFO]) {
909 struct ifa_cacheinfo *ci;
910
911 ci = nla_data(tb[IFA_CACHEINFO]);
912 if (!ci->ifa_valid || ci->ifa_prefered > ci->ifa_valid) {
913 NL_SET_ERR_MSG(extack, "ipv4: address lifetime invalid");
914 err = -EINVAL;
915 goto errout_free;
916 }
917 *pvalid_lft = ci->ifa_valid;
918 *pprefered_lft = ci->ifa_prefered;
919 }
920
921 return ifa;
922
923errout_free:
924 inet_free_ifa(ifa);
925errout:
926 return ERR_PTR(err);
927}
928
929static struct in_ifaddr *find_matching_ifa(struct in_ifaddr *ifa)
930{
931 struct in_device *in_dev = ifa->ifa_dev;
932 struct in_ifaddr *ifa1;
933
934 if (!ifa->ifa_local)
935 return NULL;
936
937 in_dev_for_each_ifa_rtnl(ifa1, in_dev) {
938 if (ifa1->ifa_mask == ifa->ifa_mask &&
939 inet_ifa_match(ifa1->ifa_address, ifa) &&
940 ifa1->ifa_local == ifa->ifa_local)
941 return ifa1;
942 }
943 return NULL;
944}
945
946static int inet_rtm_newaddr(struct sk_buff *skb, struct nlmsghdr *nlh,
947 struct netlink_ext_ack *extack)
948{
949 struct net *net = sock_net(skb->sk);
950 struct in_ifaddr *ifa;
951 struct in_ifaddr *ifa_existing;
952 __u32 valid_lft = INFINITY_LIFE_TIME;
953 __u32 prefered_lft = INFINITY_LIFE_TIME;
954
955 ASSERT_RTNL();
956
957 ifa = rtm_to_ifaddr(net, nlh, &valid_lft, &prefered_lft, extack);
958 if (IS_ERR(ifa))
959 return PTR_ERR(ifa);
960
961 ifa_existing = find_matching_ifa(ifa);
962 if (!ifa_existing) {
963 /* It would be best to check for !NLM_F_CREATE here but
964 * userspace already relies on not having to provide this.
965 */
966 set_ifa_lifetime(ifa, valid_lft, prefered_lft);
967 if (ifa->ifa_flags & IFA_F_MCAUTOJOIN) {
968 int ret = ip_mc_autojoin_config(net, true, ifa);
969
970 if (ret < 0) {
971 NL_SET_ERR_MSG(extack, "ipv4: Multicast auto join failed");
972 inet_free_ifa(ifa);
973 return ret;
974 }
975 }
976 return __inet_insert_ifa(ifa, nlh, NETLINK_CB(skb).portid,
977 extack);
978 } else {
979 u32 new_metric = ifa->ifa_rt_priority;
980 u8 new_proto = ifa->ifa_proto;
981
982 inet_free_ifa(ifa);
983
984 if (nlh->nlmsg_flags & NLM_F_EXCL ||
985 !(nlh->nlmsg_flags & NLM_F_REPLACE)) {
986 NL_SET_ERR_MSG(extack, "ipv4: Address already assigned");
987 return -EEXIST;
988 }
989 ifa = ifa_existing;
990
991 if (ifa->ifa_rt_priority != new_metric) {
992 fib_modify_prefix_metric(ifa, new_metric);
993 ifa->ifa_rt_priority = new_metric;
994 }
995
996 ifa->ifa_proto = new_proto;
997
998 set_ifa_lifetime(ifa, valid_lft, prefered_lft);
999 cancel_delayed_work(&check_lifetime_work);
1000 queue_delayed_work(system_power_efficient_wq,
1001 &check_lifetime_work, 0);
1002 rtmsg_ifa(RTM_NEWADDR, ifa, nlh, NETLINK_CB(skb).portid);
1003 }
1004 return 0;
1005}
1006
1007/*
1008 * Determine a default network mask, based on the IP address.
1009 */
1010
1011static int inet_abc_len(__be32 addr)
1012{
1013 int rc = -1; /* Something else, probably a multicast. */
1014
1015 if (ipv4_is_zeronet(addr) || ipv4_is_lbcast(addr))
1016 rc = 0;
1017 else {
1018 __u32 haddr = ntohl(addr);
1019 if (IN_CLASSA(haddr))
1020 rc = 8;
1021 else if (IN_CLASSB(haddr))
1022 rc = 16;
1023 else if (IN_CLASSC(haddr))
1024 rc = 24;
1025 else if (IN_CLASSE(haddr))
1026 rc = 32;
1027 }
1028
1029 return rc;
1030}
1031
1032
1033int devinet_ioctl(struct net *net, unsigned int cmd, struct ifreq *ifr)
1034{
1035 struct sockaddr_in sin_orig;
1036 struct sockaddr_in *sin = (struct sockaddr_in *)&ifr->ifr_addr;
1037 struct in_ifaddr __rcu **ifap = NULL;
1038 struct in_device *in_dev;
1039 struct in_ifaddr *ifa = NULL;
1040 struct net_device *dev;
1041 char *colon;
1042 int ret = -EFAULT;
1043 int tryaddrmatch = 0;
1044
1045 ifr->ifr_name[IFNAMSIZ - 1] = 0;
1046
1047 /* save original address for comparison */
1048 memcpy(&sin_orig, sin, sizeof(*sin));
1049
1050 colon = strchr(ifr->ifr_name, ':');
1051 if (colon)
1052 *colon = 0;
1053
1054 dev_load(net, ifr->ifr_name);
1055
1056 switch (cmd) {
1057 case SIOCGIFADDR: /* Get interface address */
1058 case SIOCGIFBRDADDR: /* Get the broadcast address */
1059 case SIOCGIFDSTADDR: /* Get the destination address */
1060 case SIOCGIFNETMASK: /* Get the netmask for the interface */
1061 /* Note that these ioctls will not sleep,
1062 so that we do not impose a lock.
1063 One day we will be forced to put shlock here (I mean SMP)
1064 */
1065 tryaddrmatch = (sin_orig.sin_family == AF_INET);
1066 memset(sin, 0, sizeof(*sin));
1067 sin->sin_family = AF_INET;
1068 break;
1069
1070 case SIOCSIFFLAGS:
1071 ret = -EPERM;
1072 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
1073 goto out;
1074 break;
1075 case SIOCSIFADDR: /* Set interface address (and family) */
1076 case SIOCSIFBRDADDR: /* Set the broadcast address */
1077 case SIOCSIFDSTADDR: /* Set the destination address */
1078 case SIOCSIFNETMASK: /* Set the netmask for the interface */
1079 ret = -EPERM;
1080 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
1081 goto out;
1082 ret = -EINVAL;
1083 if (sin->sin_family != AF_INET)
1084 goto out;
1085 break;
1086 default:
1087 ret = -EINVAL;
1088 goto out;
1089 }
1090
1091 rtnl_lock();
1092
1093 ret = -ENODEV;
1094 dev = __dev_get_by_name(net, ifr->ifr_name);
1095 if (!dev)
1096 goto done;
1097
1098 if (colon)
1099 *colon = ':';
1100
1101 in_dev = __in_dev_get_rtnl(dev);
1102 if (in_dev) {
1103 if (tryaddrmatch) {
1104 /* Matthias Andree */
1105 /* compare label and address (4.4BSD style) */
1106 /* note: we only do this for a limited set of ioctls
1107 and only if the original address family was AF_INET.
1108 This is checked above. */
1109
1110 for (ifap = &in_dev->ifa_list;
1111 (ifa = rtnl_dereference(*ifap)) != NULL;
1112 ifap = &ifa->ifa_next) {
1113 if (!strcmp(ifr->ifr_name, ifa->ifa_label) &&
1114 sin_orig.sin_addr.s_addr ==
1115 ifa->ifa_local) {
1116 break; /* found */
1117 }
1118 }
1119 }
1120 /* we didn't get a match, maybe the application is
1121 4.3BSD-style and passed in junk so we fall back to
1122 comparing just the label */
1123 if (!ifa) {
1124 for (ifap = &in_dev->ifa_list;
1125 (ifa = rtnl_dereference(*ifap)) != NULL;
1126 ifap = &ifa->ifa_next)
1127 if (!strcmp(ifr->ifr_name, ifa->ifa_label))
1128 break;
1129 }
1130 }
1131
1132 ret = -EADDRNOTAVAIL;
1133 if (!ifa && cmd != SIOCSIFADDR && cmd != SIOCSIFFLAGS)
1134 goto done;
1135
1136 switch (cmd) {
1137 case SIOCGIFADDR: /* Get interface address */
1138 ret = 0;
1139 sin->sin_addr.s_addr = ifa->ifa_local;
1140 break;
1141
1142 case SIOCGIFBRDADDR: /* Get the broadcast address */
1143 ret = 0;
1144 sin->sin_addr.s_addr = ifa->ifa_broadcast;
1145 break;
1146
1147 case SIOCGIFDSTADDR: /* Get the destination address */
1148 ret = 0;
1149 sin->sin_addr.s_addr = ifa->ifa_address;
1150 break;
1151
1152 case SIOCGIFNETMASK: /* Get the netmask for the interface */
1153 ret = 0;
1154 sin->sin_addr.s_addr = ifa->ifa_mask;
1155 break;
1156
1157 case SIOCSIFFLAGS:
1158 if (colon) {
1159 ret = -EADDRNOTAVAIL;
1160 if (!ifa)
1161 break;
1162 ret = 0;
1163 if (!(ifr->ifr_flags & IFF_UP))
1164 inet_del_ifa(in_dev, ifap, 1);
1165 break;
1166 }
1167 ret = dev_change_flags(dev, ifr->ifr_flags, NULL);
1168 break;
1169
1170 case SIOCSIFADDR: /* Set interface address (and family) */
1171 ret = -EINVAL;
1172 if (inet_abc_len(sin->sin_addr.s_addr) < 0)
1173 break;
1174
1175 if (!ifa) {
1176 ret = -ENOBUFS;
1177 ifa = inet_alloc_ifa();
1178 if (!ifa)
1179 break;
1180 INIT_HLIST_NODE(&ifa->hash);
1181 if (colon)
1182 memcpy(ifa->ifa_label, ifr->ifr_name, IFNAMSIZ);
1183 else
1184 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
1185 } else {
1186 ret = 0;
1187 if (ifa->ifa_local == sin->sin_addr.s_addr)
1188 break;
1189 inet_del_ifa(in_dev, ifap, 0);
1190 ifa->ifa_broadcast = 0;
1191 ifa->ifa_scope = 0;
1192 }
1193
1194 ifa->ifa_address = ifa->ifa_local = sin->sin_addr.s_addr;
1195
1196 if (!(dev->flags & IFF_POINTOPOINT)) {
1197 ifa->ifa_prefixlen = inet_abc_len(ifa->ifa_address);
1198 ifa->ifa_mask = inet_make_mask(ifa->ifa_prefixlen);
1199 if ((dev->flags & IFF_BROADCAST) &&
1200 ifa->ifa_prefixlen < 31)
1201 ifa->ifa_broadcast = ifa->ifa_address |
1202 ~ifa->ifa_mask;
1203 } else {
1204 ifa->ifa_prefixlen = 32;
1205 ifa->ifa_mask = inet_make_mask(32);
1206 }
1207 set_ifa_lifetime(ifa, INFINITY_LIFE_TIME, INFINITY_LIFE_TIME);
1208 ret = inet_set_ifa(dev, ifa);
1209 break;
1210
1211 case SIOCSIFBRDADDR: /* Set the broadcast address */
1212 ret = 0;
1213 if (ifa->ifa_broadcast != sin->sin_addr.s_addr) {
1214 inet_del_ifa(in_dev, ifap, 0);
1215 ifa->ifa_broadcast = sin->sin_addr.s_addr;
1216 inet_insert_ifa(ifa);
1217 }
1218 break;
1219
1220 case SIOCSIFDSTADDR: /* Set the destination address */
1221 ret = 0;
1222 if (ifa->ifa_address == sin->sin_addr.s_addr)
1223 break;
1224 ret = -EINVAL;
1225 if (inet_abc_len(sin->sin_addr.s_addr) < 0)
1226 break;
1227 ret = 0;
1228 inet_del_ifa(in_dev, ifap, 0);
1229 ifa->ifa_address = sin->sin_addr.s_addr;
1230 inet_insert_ifa(ifa);
1231 break;
1232
1233 case SIOCSIFNETMASK: /* Set the netmask for the interface */
1234
1235 /*
1236 * The mask we set must be legal.
1237 */
1238 ret = -EINVAL;
1239 if (bad_mask(sin->sin_addr.s_addr, 0))
1240 break;
1241 ret = 0;
1242 if (ifa->ifa_mask != sin->sin_addr.s_addr) {
1243 __be32 old_mask = ifa->ifa_mask;
1244 inet_del_ifa(in_dev, ifap, 0);
1245 ifa->ifa_mask = sin->sin_addr.s_addr;
1246 ifa->ifa_prefixlen = inet_mask_len(ifa->ifa_mask);
1247
1248 /* See if current broadcast address matches
1249 * with current netmask, then recalculate
1250 * the broadcast address. Otherwise it's a
1251 * funny address, so don't touch it since
1252 * the user seems to know what (s)he's doing...
1253 */
1254 if ((dev->flags & IFF_BROADCAST) &&
1255 (ifa->ifa_prefixlen < 31) &&
1256 (ifa->ifa_broadcast ==
1257 (ifa->ifa_local|~old_mask))) {
1258 ifa->ifa_broadcast = (ifa->ifa_local |
1259 ~sin->sin_addr.s_addr);
1260 }
1261 inet_insert_ifa(ifa);
1262 }
1263 break;
1264 }
1265done:
1266 rtnl_unlock();
1267out:
1268 return ret;
1269}
1270
1271int inet_gifconf(struct net_device *dev, char __user *buf, int len, int size)
1272{
1273 struct in_device *in_dev = __in_dev_get_rtnl(dev);
1274 const struct in_ifaddr *ifa;
1275 struct ifreq ifr;
1276 int done = 0;
1277
1278 if (WARN_ON(size > sizeof(struct ifreq)))
1279 goto out;
1280
1281 if (!in_dev)
1282 goto out;
1283
1284 in_dev_for_each_ifa_rtnl(ifa, in_dev) {
1285 if (!buf) {
1286 done += size;
1287 continue;
1288 }
1289 if (len < size)
1290 break;
1291 memset(&ifr, 0, sizeof(struct ifreq));
1292 strcpy(ifr.ifr_name, ifa->ifa_label);
1293
1294 (*(struct sockaddr_in *)&ifr.ifr_addr).sin_family = AF_INET;
1295 (*(struct sockaddr_in *)&ifr.ifr_addr).sin_addr.s_addr =
1296 ifa->ifa_local;
1297
1298 if (copy_to_user(buf + done, &ifr, size)) {
1299 done = -EFAULT;
1300 break;
1301 }
1302 len -= size;
1303 done += size;
1304 }
1305out:
1306 return done;
1307}
1308
1309static __be32 in_dev_select_addr(const struct in_device *in_dev,
1310 int scope)
1311{
1312 const struct in_ifaddr *ifa;
1313
1314 in_dev_for_each_ifa_rcu(ifa, in_dev) {
1315 if (ifa->ifa_flags & IFA_F_SECONDARY)
1316 continue;
1317 if (ifa->ifa_scope != RT_SCOPE_LINK &&
1318 ifa->ifa_scope <= scope)
1319 return ifa->ifa_local;
1320 }
1321
1322 return 0;
1323}
1324
1325__be32 inet_select_addr(const struct net_device *dev, __be32 dst, int scope)
1326{
1327 const struct in_ifaddr *ifa;
1328 __be32 addr = 0;
1329 unsigned char localnet_scope = RT_SCOPE_HOST;
1330 struct in_device *in_dev;
1331 struct net *net = dev_net(dev);
1332 int master_idx;
1333
1334 rcu_read_lock();
1335 in_dev = __in_dev_get_rcu(dev);
1336 if (!in_dev)
1337 goto no_in_dev;
1338
1339 if (unlikely(IN_DEV_ROUTE_LOCALNET(in_dev)))
1340 localnet_scope = RT_SCOPE_LINK;
1341
1342 in_dev_for_each_ifa_rcu(ifa, in_dev) {
1343 if (ifa->ifa_flags & IFA_F_SECONDARY)
1344 continue;
1345 if (min(ifa->ifa_scope, localnet_scope) > scope)
1346 continue;
1347 if (!dst || inet_ifa_match(dst, ifa)) {
1348 addr = ifa->ifa_local;
1349 break;
1350 }
1351 if (!addr)
1352 addr = ifa->ifa_local;
1353 }
1354
1355 if (addr)
1356 goto out_unlock;
1357no_in_dev:
1358 master_idx = l3mdev_master_ifindex_rcu(dev);
1359
1360 /* For VRFs, the VRF device takes the place of the loopback device,
1361 * with addresses on it being preferred. Note in such cases the
1362 * loopback device will be among the devices that fail the master_idx
1363 * equality check in the loop below.
1364 */
1365 if (master_idx &&
1366 (dev = dev_get_by_index_rcu(net, master_idx)) &&
1367 (in_dev = __in_dev_get_rcu(dev))) {
1368 addr = in_dev_select_addr(in_dev, scope);
1369 if (addr)
1370 goto out_unlock;
1371 }
1372
1373 /* Not loopback addresses on loopback should be preferred
1374 in this case. It is important that lo is the first interface
1375 in dev_base list.
1376 */
1377 for_each_netdev_rcu(net, dev) {
1378 if (l3mdev_master_ifindex_rcu(dev) != master_idx)
1379 continue;
1380
1381 in_dev = __in_dev_get_rcu(dev);
1382 if (!in_dev)
1383 continue;
1384
1385 addr = in_dev_select_addr(in_dev, scope);
1386 if (addr)
1387 goto out_unlock;
1388 }
1389out_unlock:
1390 rcu_read_unlock();
1391 return addr;
1392}
1393EXPORT_SYMBOL(inet_select_addr);
1394
1395static __be32 confirm_addr_indev(struct in_device *in_dev, __be32 dst,
1396 __be32 local, int scope)
1397{
1398 unsigned char localnet_scope = RT_SCOPE_HOST;
1399 const struct in_ifaddr *ifa;
1400 __be32 addr = 0;
1401 int same = 0;
1402
1403 if (unlikely(IN_DEV_ROUTE_LOCALNET(in_dev)))
1404 localnet_scope = RT_SCOPE_LINK;
1405
1406 in_dev_for_each_ifa_rcu(ifa, in_dev) {
1407 unsigned char min_scope = min(ifa->ifa_scope, localnet_scope);
1408
1409 if (!addr &&
1410 (local == ifa->ifa_local || !local) &&
1411 min_scope <= scope) {
1412 addr = ifa->ifa_local;
1413 if (same)
1414 break;
1415 }
1416 if (!same) {
1417 same = (!local || inet_ifa_match(local, ifa)) &&
1418 (!dst || inet_ifa_match(dst, ifa));
1419 if (same && addr) {
1420 if (local || !dst)
1421 break;
1422 /* Is the selected addr into dst subnet? */
1423 if (inet_ifa_match(addr, ifa))
1424 break;
1425 /* No, then can we use new local src? */
1426 if (min_scope <= scope) {
1427 addr = ifa->ifa_local;
1428 break;
1429 }
1430 /* search for large dst subnet for addr */
1431 same = 0;
1432 }
1433 }
1434 }
1435
1436 return same ? addr : 0;
1437}
1438
1439/*
1440 * Confirm that local IP address exists using wildcards:
1441 * - net: netns to check, cannot be NULL
1442 * - in_dev: only on this interface, NULL=any interface
1443 * - dst: only in the same subnet as dst, 0=any dst
1444 * - local: address, 0=autoselect the local address
1445 * - scope: maximum allowed scope value for the local address
1446 */
1447__be32 inet_confirm_addr(struct net *net, struct in_device *in_dev,
1448 __be32 dst, __be32 local, int scope)
1449{
1450 __be32 addr = 0;
1451 struct net_device *dev;
1452
1453 if (in_dev)
1454 return confirm_addr_indev(in_dev, dst, local, scope);
1455
1456 rcu_read_lock();
1457 for_each_netdev_rcu(net, dev) {
1458 in_dev = __in_dev_get_rcu(dev);
1459 if (in_dev) {
1460 addr = confirm_addr_indev(in_dev, dst, local, scope);
1461 if (addr)
1462 break;
1463 }
1464 }
1465 rcu_read_unlock();
1466
1467 return addr;
1468}
1469EXPORT_SYMBOL(inet_confirm_addr);
1470
1471/*
1472 * Device notifier
1473 */
1474
1475int register_inetaddr_notifier(struct notifier_block *nb)
1476{
1477 return blocking_notifier_chain_register(&inetaddr_chain, nb);
1478}
1479EXPORT_SYMBOL(register_inetaddr_notifier);
1480
1481int unregister_inetaddr_notifier(struct notifier_block *nb)
1482{
1483 return blocking_notifier_chain_unregister(&inetaddr_chain, nb);
1484}
1485EXPORT_SYMBOL(unregister_inetaddr_notifier);
1486
1487int register_inetaddr_validator_notifier(struct notifier_block *nb)
1488{
1489 return blocking_notifier_chain_register(&inetaddr_validator_chain, nb);
1490}
1491EXPORT_SYMBOL(register_inetaddr_validator_notifier);
1492
1493int unregister_inetaddr_validator_notifier(struct notifier_block *nb)
1494{
1495 return blocking_notifier_chain_unregister(&inetaddr_validator_chain,
1496 nb);
1497}
1498EXPORT_SYMBOL(unregister_inetaddr_validator_notifier);
1499
1500/* Rename ifa_labels for a device name change. Make some effort to preserve
1501 * existing alias numbering and to create unique labels if possible.
1502*/
1503static void inetdev_changename(struct net_device *dev, struct in_device *in_dev)
1504{
1505 struct in_ifaddr *ifa;
1506 int named = 0;
1507
1508 in_dev_for_each_ifa_rtnl(ifa, in_dev) {
1509 char old[IFNAMSIZ], *dot;
1510
1511 memcpy(old, ifa->ifa_label, IFNAMSIZ);
1512 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
1513 if (named++ == 0)
1514 goto skip;
1515 dot = strchr(old, ':');
1516 if (!dot) {
1517 sprintf(old, ":%d", named);
1518 dot = old;
1519 }
1520 if (strlen(dot) + strlen(dev->name) < IFNAMSIZ)
1521 strcat(ifa->ifa_label, dot);
1522 else
1523 strcpy(ifa->ifa_label + (IFNAMSIZ - strlen(dot) - 1), dot);
1524skip:
1525 rtmsg_ifa(RTM_NEWADDR, ifa, NULL, 0);
1526 }
1527}
1528
1529static void inetdev_send_gratuitous_arp(struct net_device *dev,
1530 struct in_device *in_dev)
1531
1532{
1533 const struct in_ifaddr *ifa;
1534
1535 in_dev_for_each_ifa_rtnl(ifa, in_dev) {
1536 arp_send(ARPOP_REQUEST, ETH_P_ARP,
1537 ifa->ifa_local, dev,
1538 ifa->ifa_local, NULL,
1539 dev->dev_addr, NULL);
1540 }
1541}
1542
1543/* Called only under RTNL semaphore */
1544
1545static int inetdev_event(struct notifier_block *this, unsigned long event,
1546 void *ptr)
1547{
1548 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
1549 struct in_device *in_dev = __in_dev_get_rtnl(dev);
1550
1551 ASSERT_RTNL();
1552
1553 if (!in_dev) {
1554 if (event == NETDEV_REGISTER) {
1555 in_dev = inetdev_init(dev);
1556 if (IS_ERR(in_dev))
1557 return notifier_from_errno(PTR_ERR(in_dev));
1558 if (dev->flags & IFF_LOOPBACK) {
1559 IN_DEV_CONF_SET(in_dev, NOXFRM, 1);
1560 IN_DEV_CONF_SET(in_dev, NOPOLICY, 1);
1561 }
1562 } else if (event == NETDEV_CHANGEMTU) {
1563 /* Re-enabling IP */
1564 if (inetdev_valid_mtu(dev->mtu))
1565 in_dev = inetdev_init(dev);
1566 }
1567 goto out;
1568 }
1569
1570 switch (event) {
1571 case NETDEV_REGISTER:
1572 pr_debug("%s: bug\n", __func__);
1573 RCU_INIT_POINTER(dev->ip_ptr, NULL);
1574 break;
1575 case NETDEV_UP:
1576 if (!inetdev_valid_mtu(dev->mtu))
1577 break;
1578 if (dev->flags & IFF_LOOPBACK) {
1579 struct in_ifaddr *ifa = inet_alloc_ifa();
1580
1581 if (ifa) {
1582 INIT_HLIST_NODE(&ifa->hash);
1583 ifa->ifa_local =
1584 ifa->ifa_address = htonl(INADDR_LOOPBACK);
1585 ifa->ifa_prefixlen = 8;
1586 ifa->ifa_mask = inet_make_mask(8);
1587 in_dev_hold(in_dev);
1588 ifa->ifa_dev = in_dev;
1589 ifa->ifa_scope = RT_SCOPE_HOST;
1590 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
1591 set_ifa_lifetime(ifa, INFINITY_LIFE_TIME,
1592 INFINITY_LIFE_TIME);
1593 ipv4_devconf_setall(in_dev);
1594 neigh_parms_data_state_setall(in_dev->arp_parms);
1595 inet_insert_ifa(ifa);
1596 }
1597 }
1598 ip_mc_up(in_dev);
1599 fallthrough;
1600 case NETDEV_CHANGEADDR:
1601 if (!IN_DEV_ARP_NOTIFY(in_dev))
1602 break;
1603 fallthrough;
1604 case NETDEV_NOTIFY_PEERS:
1605 /* Send gratuitous ARP to notify of link change */
1606 inetdev_send_gratuitous_arp(dev, in_dev);
1607 break;
1608 case NETDEV_DOWN:
1609 ip_mc_down(in_dev);
1610 break;
1611 case NETDEV_PRE_TYPE_CHANGE:
1612 ip_mc_unmap(in_dev);
1613 break;
1614 case NETDEV_POST_TYPE_CHANGE:
1615 ip_mc_remap(in_dev);
1616 break;
1617 case NETDEV_CHANGEMTU:
1618 if (inetdev_valid_mtu(dev->mtu))
1619 break;
1620 /* disable IP when MTU is not enough */
1621 fallthrough;
1622 case NETDEV_UNREGISTER:
1623 inetdev_destroy(in_dev);
1624 break;
1625 case NETDEV_CHANGENAME:
1626 /* Do not notify about label change, this event is
1627 * not interesting to applications using netlink.
1628 */
1629 inetdev_changename(dev, in_dev);
1630
1631 devinet_sysctl_unregister(in_dev);
1632 devinet_sysctl_register(in_dev);
1633 break;
1634 }
1635out:
1636 return NOTIFY_DONE;
1637}
1638
1639static struct notifier_block ip_netdev_notifier = {
1640 .notifier_call = inetdev_event,
1641};
1642
1643static size_t inet_nlmsg_size(void)
1644{
1645 return NLMSG_ALIGN(sizeof(struct ifaddrmsg))
1646 + nla_total_size(4) /* IFA_ADDRESS */
1647 + nla_total_size(4) /* IFA_LOCAL */
1648 + nla_total_size(4) /* IFA_BROADCAST */
1649 + nla_total_size(IFNAMSIZ) /* IFA_LABEL */
1650 + nla_total_size(4) /* IFA_FLAGS */
1651 + nla_total_size(1) /* IFA_PROTO */
1652 + nla_total_size(4) /* IFA_RT_PRIORITY */
1653 + nla_total_size(sizeof(struct ifa_cacheinfo)); /* IFA_CACHEINFO */
1654}
1655
1656static inline u32 cstamp_delta(unsigned long cstamp)
1657{
1658 return (cstamp - INITIAL_JIFFIES) * 100UL / HZ;
1659}
1660
1661static int put_cacheinfo(struct sk_buff *skb, unsigned long cstamp,
1662 unsigned long tstamp, u32 preferred, u32 valid)
1663{
1664 struct ifa_cacheinfo ci;
1665
1666 ci.cstamp = cstamp_delta(cstamp);
1667 ci.tstamp = cstamp_delta(tstamp);
1668 ci.ifa_prefered = preferred;
1669 ci.ifa_valid = valid;
1670
1671 return nla_put(skb, IFA_CACHEINFO, sizeof(ci), &ci);
1672}
1673
1674static int inet_fill_ifaddr(struct sk_buff *skb, struct in_ifaddr *ifa,
1675 struct inet_fill_args *args)
1676{
1677 struct ifaddrmsg *ifm;
1678 struct nlmsghdr *nlh;
1679 u32 preferred, valid;
1680
1681 nlh = nlmsg_put(skb, args->portid, args->seq, args->event, sizeof(*ifm),
1682 args->flags);
1683 if (!nlh)
1684 return -EMSGSIZE;
1685
1686 ifm = nlmsg_data(nlh);
1687 ifm->ifa_family = AF_INET;
1688 ifm->ifa_prefixlen = ifa->ifa_prefixlen;
1689 ifm->ifa_flags = ifa->ifa_flags;
1690 ifm->ifa_scope = ifa->ifa_scope;
1691 ifm->ifa_index = ifa->ifa_dev->dev->ifindex;
1692
1693 if (args->netnsid >= 0 &&
1694 nla_put_s32(skb, IFA_TARGET_NETNSID, args->netnsid))
1695 goto nla_put_failure;
1696
1697 if (!(ifm->ifa_flags & IFA_F_PERMANENT)) {
1698 preferred = ifa->ifa_preferred_lft;
1699 valid = ifa->ifa_valid_lft;
1700 if (preferred != INFINITY_LIFE_TIME) {
1701 long tval = (jiffies - ifa->ifa_tstamp) / HZ;
1702
1703 if (preferred > tval)
1704 preferred -= tval;
1705 else
1706 preferred = 0;
1707 if (valid != INFINITY_LIFE_TIME) {
1708 if (valid > tval)
1709 valid -= tval;
1710 else
1711 valid = 0;
1712 }
1713 }
1714 } else {
1715 preferred = INFINITY_LIFE_TIME;
1716 valid = INFINITY_LIFE_TIME;
1717 }
1718 if ((ifa->ifa_address &&
1719 nla_put_in_addr(skb, IFA_ADDRESS, ifa->ifa_address)) ||
1720 (ifa->ifa_local &&
1721 nla_put_in_addr(skb, IFA_LOCAL, ifa->ifa_local)) ||
1722 (ifa->ifa_broadcast &&
1723 nla_put_in_addr(skb, IFA_BROADCAST, ifa->ifa_broadcast)) ||
1724 (ifa->ifa_label[0] &&
1725 nla_put_string(skb, IFA_LABEL, ifa->ifa_label)) ||
1726 (ifa->ifa_proto &&
1727 nla_put_u8(skb, IFA_PROTO, ifa->ifa_proto)) ||
1728 nla_put_u32(skb, IFA_FLAGS, ifa->ifa_flags) ||
1729 (ifa->ifa_rt_priority &&
1730 nla_put_u32(skb, IFA_RT_PRIORITY, ifa->ifa_rt_priority)) ||
1731 put_cacheinfo(skb, ifa->ifa_cstamp, ifa->ifa_tstamp,
1732 preferred, valid))
1733 goto nla_put_failure;
1734
1735 nlmsg_end(skb, nlh);
1736 return 0;
1737
1738nla_put_failure:
1739 nlmsg_cancel(skb, nlh);
1740 return -EMSGSIZE;
1741}
1742
1743static int inet_valid_dump_ifaddr_req(const struct nlmsghdr *nlh,
1744 struct inet_fill_args *fillargs,
1745 struct net **tgt_net, struct sock *sk,
1746 struct netlink_callback *cb)
1747{
1748 struct netlink_ext_ack *extack = cb->extack;
1749 struct nlattr *tb[IFA_MAX+1];
1750 struct ifaddrmsg *ifm;
1751 int err, i;
1752
1753 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*ifm))) {
1754 NL_SET_ERR_MSG(extack, "ipv4: Invalid header for address dump request");
1755 return -EINVAL;
1756 }
1757
1758 ifm = nlmsg_data(nlh);
1759 if (ifm->ifa_prefixlen || ifm->ifa_flags || ifm->ifa_scope) {
1760 NL_SET_ERR_MSG(extack, "ipv4: Invalid values in header for address dump request");
1761 return -EINVAL;
1762 }
1763
1764 fillargs->ifindex = ifm->ifa_index;
1765 if (fillargs->ifindex) {
1766 cb->answer_flags |= NLM_F_DUMP_FILTERED;
1767 fillargs->flags |= NLM_F_DUMP_FILTERED;
1768 }
1769
1770 err = nlmsg_parse_deprecated_strict(nlh, sizeof(*ifm), tb, IFA_MAX,
1771 ifa_ipv4_policy, extack);
1772 if (err < 0)
1773 return err;
1774
1775 for (i = 0; i <= IFA_MAX; ++i) {
1776 if (!tb[i])
1777 continue;
1778
1779 if (i == IFA_TARGET_NETNSID) {
1780 struct net *net;
1781
1782 fillargs->netnsid = nla_get_s32(tb[i]);
1783
1784 net = rtnl_get_net_ns_capable(sk, fillargs->netnsid);
1785 if (IS_ERR(net)) {
1786 fillargs->netnsid = -1;
1787 NL_SET_ERR_MSG(extack, "ipv4: Invalid target network namespace id");
1788 return PTR_ERR(net);
1789 }
1790 *tgt_net = net;
1791 } else {
1792 NL_SET_ERR_MSG(extack, "ipv4: Unsupported attribute in dump request");
1793 return -EINVAL;
1794 }
1795 }
1796
1797 return 0;
1798}
1799
1800static int in_dev_dump_addr(struct in_device *in_dev, struct sk_buff *skb,
1801 struct netlink_callback *cb, int s_ip_idx,
1802 struct inet_fill_args *fillargs)
1803{
1804 struct in_ifaddr *ifa;
1805 int ip_idx = 0;
1806 int err;
1807
1808 in_dev_for_each_ifa_rtnl(ifa, in_dev) {
1809 if (ip_idx < s_ip_idx) {
1810 ip_idx++;
1811 continue;
1812 }
1813 err = inet_fill_ifaddr(skb, ifa, fillargs);
1814 if (err < 0)
1815 goto done;
1816
1817 nl_dump_check_consistent(cb, nlmsg_hdr(skb));
1818 ip_idx++;
1819 }
1820 err = 0;
1821
1822done:
1823 cb->args[2] = ip_idx;
1824
1825 return err;
1826}
1827
1828/* Combine dev_addr_genid and dev_base_seq to detect changes.
1829 */
1830static u32 inet_base_seq(const struct net *net)
1831{
1832 u32 res = atomic_read(&net->ipv4.dev_addr_genid) +
1833 net->dev_base_seq;
1834
1835 /* Must not return 0 (see nl_dump_check_consistent()).
1836 * Chose a value far away from 0.
1837 */
1838 if (!res)
1839 res = 0x80000000;
1840 return res;
1841}
1842
1843static int inet_dump_ifaddr(struct sk_buff *skb, struct netlink_callback *cb)
1844{
1845 const struct nlmsghdr *nlh = cb->nlh;
1846 struct inet_fill_args fillargs = {
1847 .portid = NETLINK_CB(cb->skb).portid,
1848 .seq = nlh->nlmsg_seq,
1849 .event = RTM_NEWADDR,
1850 .flags = NLM_F_MULTI,
1851 .netnsid = -1,
1852 };
1853 struct net *net = sock_net(skb->sk);
1854 struct net *tgt_net = net;
1855 int h, s_h;
1856 int idx, s_idx;
1857 int s_ip_idx;
1858 struct net_device *dev;
1859 struct in_device *in_dev;
1860 struct hlist_head *head;
1861 int err = 0;
1862
1863 s_h = cb->args[0];
1864 s_idx = idx = cb->args[1];
1865 s_ip_idx = cb->args[2];
1866
1867 if (cb->strict_check) {
1868 err = inet_valid_dump_ifaddr_req(nlh, &fillargs, &tgt_net,
1869 skb->sk, cb);
1870 if (err < 0)
1871 goto put_tgt_net;
1872
1873 err = 0;
1874 if (fillargs.ifindex) {
1875 dev = __dev_get_by_index(tgt_net, fillargs.ifindex);
1876 if (!dev) {
1877 err = -ENODEV;
1878 goto put_tgt_net;
1879 }
1880
1881 in_dev = __in_dev_get_rtnl(dev);
1882 if (in_dev) {
1883 err = in_dev_dump_addr(in_dev, skb, cb, s_ip_idx,
1884 &fillargs);
1885 }
1886 goto put_tgt_net;
1887 }
1888 }
1889
1890 for (h = s_h; h < NETDEV_HASHENTRIES; h++, s_idx = 0) {
1891 idx = 0;
1892 head = &tgt_net->dev_index_head[h];
1893 rcu_read_lock();
1894 cb->seq = inet_base_seq(tgt_net);
1895 hlist_for_each_entry_rcu(dev, head, index_hlist) {
1896 if (idx < s_idx)
1897 goto cont;
1898 if (h > s_h || idx > s_idx)
1899 s_ip_idx = 0;
1900 in_dev = __in_dev_get_rcu(dev);
1901 if (!in_dev)
1902 goto cont;
1903
1904 err = in_dev_dump_addr(in_dev, skb, cb, s_ip_idx,
1905 &fillargs);
1906 if (err < 0) {
1907 rcu_read_unlock();
1908 goto done;
1909 }
1910cont:
1911 idx++;
1912 }
1913 rcu_read_unlock();
1914 }
1915
1916done:
1917 cb->args[0] = h;
1918 cb->args[1] = idx;
1919put_tgt_net:
1920 if (fillargs.netnsid >= 0)
1921 put_net(tgt_net);
1922
1923 return skb->len ? : err;
1924}
1925
1926static void rtmsg_ifa(int event, struct in_ifaddr *ifa, struct nlmsghdr *nlh,
1927 u32 portid)
1928{
1929 struct inet_fill_args fillargs = {
1930 .portid = portid,
1931 .seq = nlh ? nlh->nlmsg_seq : 0,
1932 .event = event,
1933 .flags = 0,
1934 .netnsid = -1,
1935 };
1936 struct sk_buff *skb;
1937 int err = -ENOBUFS;
1938 struct net *net;
1939
1940 net = dev_net(ifa->ifa_dev->dev);
1941 skb = nlmsg_new(inet_nlmsg_size(), GFP_KERNEL);
1942 if (!skb)
1943 goto errout;
1944
1945 err = inet_fill_ifaddr(skb, ifa, &fillargs);
1946 if (err < 0) {
1947 /* -EMSGSIZE implies BUG in inet_nlmsg_size() */
1948 WARN_ON(err == -EMSGSIZE);
1949 kfree_skb(skb);
1950 goto errout;
1951 }
1952 rtnl_notify(skb, net, portid, RTNLGRP_IPV4_IFADDR, nlh, GFP_KERNEL);
1953 return;
1954errout:
1955 if (err < 0)
1956 rtnl_set_sk_err(net, RTNLGRP_IPV4_IFADDR, err);
1957}
1958
1959static size_t inet_get_link_af_size(const struct net_device *dev,
1960 u32 ext_filter_mask)
1961{
1962 struct in_device *in_dev = rcu_dereference_rtnl(dev->ip_ptr);
1963
1964 if (!in_dev)
1965 return 0;
1966
1967 return nla_total_size(IPV4_DEVCONF_MAX * 4); /* IFLA_INET_CONF */
1968}
1969
1970static int inet_fill_link_af(struct sk_buff *skb, const struct net_device *dev,
1971 u32 ext_filter_mask)
1972{
1973 struct in_device *in_dev = rcu_dereference_rtnl(dev->ip_ptr);
1974 struct nlattr *nla;
1975 int i;
1976
1977 if (!in_dev)
1978 return -ENODATA;
1979
1980 nla = nla_reserve(skb, IFLA_INET_CONF, IPV4_DEVCONF_MAX * 4);
1981 if (!nla)
1982 return -EMSGSIZE;
1983
1984 for (i = 0; i < IPV4_DEVCONF_MAX; i++)
1985 ((u32 *) nla_data(nla))[i] = in_dev->cnf.data[i];
1986
1987 return 0;
1988}
1989
1990static const struct nla_policy inet_af_policy[IFLA_INET_MAX+1] = {
1991 [IFLA_INET_CONF] = { .type = NLA_NESTED },
1992};
1993
1994static int inet_validate_link_af(const struct net_device *dev,
1995 const struct nlattr *nla,
1996 struct netlink_ext_ack *extack)
1997{
1998 struct nlattr *a, *tb[IFLA_INET_MAX+1];
1999 int err, rem;
2000
2001 if (dev && !__in_dev_get_rtnl(dev))
2002 return -EAFNOSUPPORT;
2003
2004 err = nla_parse_nested_deprecated(tb, IFLA_INET_MAX, nla,
2005 inet_af_policy, extack);
2006 if (err < 0)
2007 return err;
2008
2009 if (tb[IFLA_INET_CONF]) {
2010 nla_for_each_nested(a, tb[IFLA_INET_CONF], rem) {
2011 int cfgid = nla_type(a);
2012
2013 if (nla_len(a) < 4)
2014 return -EINVAL;
2015
2016 if (cfgid <= 0 || cfgid > IPV4_DEVCONF_MAX)
2017 return -EINVAL;
2018 }
2019 }
2020
2021 return 0;
2022}
2023
2024static int inet_set_link_af(struct net_device *dev, const struct nlattr *nla,
2025 struct netlink_ext_ack *extack)
2026{
2027 struct in_device *in_dev = __in_dev_get_rtnl(dev);
2028 struct nlattr *a, *tb[IFLA_INET_MAX+1];
2029 int rem;
2030
2031 if (!in_dev)
2032 return -EAFNOSUPPORT;
2033
2034 if (nla_parse_nested_deprecated(tb, IFLA_INET_MAX, nla, NULL, NULL) < 0)
2035 return -EINVAL;
2036
2037 if (tb[IFLA_INET_CONF]) {
2038 nla_for_each_nested(a, tb[IFLA_INET_CONF], rem)
2039 ipv4_devconf_set(in_dev, nla_type(a), nla_get_u32(a));
2040 }
2041
2042 return 0;
2043}
2044
2045static int inet_netconf_msgsize_devconf(int type)
2046{
2047 int size = NLMSG_ALIGN(sizeof(struct netconfmsg))
2048 + nla_total_size(4); /* NETCONFA_IFINDEX */
2049 bool all = false;
2050
2051 if (type == NETCONFA_ALL)
2052 all = true;
2053
2054 if (all || type == NETCONFA_FORWARDING)
2055 size += nla_total_size(4);
2056 if (all || type == NETCONFA_RP_FILTER)
2057 size += nla_total_size(4);
2058 if (all || type == NETCONFA_MC_FORWARDING)
2059 size += nla_total_size(4);
2060 if (all || type == NETCONFA_BC_FORWARDING)
2061 size += nla_total_size(4);
2062 if (all || type == NETCONFA_PROXY_NEIGH)
2063 size += nla_total_size(4);
2064 if (all || type == NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN)
2065 size += nla_total_size(4);
2066
2067 return size;
2068}
2069
2070static int inet_netconf_fill_devconf(struct sk_buff *skb, int ifindex,
2071 struct ipv4_devconf *devconf, u32 portid,
2072 u32 seq, int event, unsigned int flags,
2073 int type)
2074{
2075 struct nlmsghdr *nlh;
2076 struct netconfmsg *ncm;
2077 bool all = false;
2078
2079 nlh = nlmsg_put(skb, portid, seq, event, sizeof(struct netconfmsg),
2080 flags);
2081 if (!nlh)
2082 return -EMSGSIZE;
2083
2084 if (type == NETCONFA_ALL)
2085 all = true;
2086
2087 ncm = nlmsg_data(nlh);
2088 ncm->ncm_family = AF_INET;
2089
2090 if (nla_put_s32(skb, NETCONFA_IFINDEX, ifindex) < 0)
2091 goto nla_put_failure;
2092
2093 if (!devconf)
2094 goto out;
2095
2096 if ((all || type == NETCONFA_FORWARDING) &&
2097 nla_put_s32(skb, NETCONFA_FORWARDING,
2098 IPV4_DEVCONF(*devconf, FORWARDING)) < 0)
2099 goto nla_put_failure;
2100 if ((all || type == NETCONFA_RP_FILTER) &&
2101 nla_put_s32(skb, NETCONFA_RP_FILTER,
2102 IPV4_DEVCONF(*devconf, RP_FILTER)) < 0)
2103 goto nla_put_failure;
2104 if ((all || type == NETCONFA_MC_FORWARDING) &&
2105 nla_put_s32(skb, NETCONFA_MC_FORWARDING,
2106 IPV4_DEVCONF(*devconf, MC_FORWARDING)) < 0)
2107 goto nla_put_failure;
2108 if ((all || type == NETCONFA_BC_FORWARDING) &&
2109 nla_put_s32(skb, NETCONFA_BC_FORWARDING,
2110 IPV4_DEVCONF(*devconf, BC_FORWARDING)) < 0)
2111 goto nla_put_failure;
2112 if ((all || type == NETCONFA_PROXY_NEIGH) &&
2113 nla_put_s32(skb, NETCONFA_PROXY_NEIGH,
2114 IPV4_DEVCONF(*devconf, PROXY_ARP)) < 0)
2115 goto nla_put_failure;
2116 if ((all || type == NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN) &&
2117 nla_put_s32(skb, NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN,
2118 IPV4_DEVCONF(*devconf, IGNORE_ROUTES_WITH_LINKDOWN)) < 0)
2119 goto nla_put_failure;
2120
2121out:
2122 nlmsg_end(skb, nlh);
2123 return 0;
2124
2125nla_put_failure:
2126 nlmsg_cancel(skb, nlh);
2127 return -EMSGSIZE;
2128}
2129
2130void inet_netconf_notify_devconf(struct net *net, int event, int type,
2131 int ifindex, struct ipv4_devconf *devconf)
2132{
2133 struct sk_buff *skb;
2134 int err = -ENOBUFS;
2135
2136 skb = nlmsg_new(inet_netconf_msgsize_devconf(type), GFP_KERNEL);
2137 if (!skb)
2138 goto errout;
2139
2140 err = inet_netconf_fill_devconf(skb, ifindex, devconf, 0, 0,
2141 event, 0, type);
2142 if (err < 0) {
2143 /* -EMSGSIZE implies BUG in inet_netconf_msgsize_devconf() */
2144 WARN_ON(err == -EMSGSIZE);
2145 kfree_skb(skb);
2146 goto errout;
2147 }
2148 rtnl_notify(skb, net, 0, RTNLGRP_IPV4_NETCONF, NULL, GFP_KERNEL);
2149 return;
2150errout:
2151 if (err < 0)
2152 rtnl_set_sk_err(net, RTNLGRP_IPV4_NETCONF, err);
2153}
2154
2155static const struct nla_policy devconf_ipv4_policy[NETCONFA_MAX+1] = {
2156 [NETCONFA_IFINDEX] = { .len = sizeof(int) },
2157 [NETCONFA_FORWARDING] = { .len = sizeof(int) },
2158 [NETCONFA_RP_FILTER] = { .len = sizeof(int) },
2159 [NETCONFA_PROXY_NEIGH] = { .len = sizeof(int) },
2160 [NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN] = { .len = sizeof(int) },
2161};
2162
2163static int inet_netconf_valid_get_req(struct sk_buff *skb,
2164 const struct nlmsghdr *nlh,
2165 struct nlattr **tb,
2166 struct netlink_ext_ack *extack)
2167{
2168 int i, err;
2169
2170 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(struct netconfmsg))) {
2171 NL_SET_ERR_MSG(extack, "ipv4: Invalid header for netconf get request");
2172 return -EINVAL;
2173 }
2174
2175 if (!netlink_strict_get_check(skb))
2176 return nlmsg_parse_deprecated(nlh, sizeof(struct netconfmsg),
2177 tb, NETCONFA_MAX,
2178 devconf_ipv4_policy, extack);
2179
2180 err = nlmsg_parse_deprecated_strict(nlh, sizeof(struct netconfmsg),
2181 tb, NETCONFA_MAX,
2182 devconf_ipv4_policy, extack);
2183 if (err)
2184 return err;
2185
2186 for (i = 0; i <= NETCONFA_MAX; i++) {
2187 if (!tb[i])
2188 continue;
2189
2190 switch (i) {
2191 case NETCONFA_IFINDEX:
2192 break;
2193 default:
2194 NL_SET_ERR_MSG(extack, "ipv4: Unsupported attribute in netconf get request");
2195 return -EINVAL;
2196 }
2197 }
2198
2199 return 0;
2200}
2201
2202static int inet_netconf_get_devconf(struct sk_buff *in_skb,
2203 struct nlmsghdr *nlh,
2204 struct netlink_ext_ack *extack)
2205{
2206 struct net *net = sock_net(in_skb->sk);
2207 struct nlattr *tb[NETCONFA_MAX+1];
2208 struct sk_buff *skb;
2209 struct ipv4_devconf *devconf;
2210 struct in_device *in_dev;
2211 struct net_device *dev;
2212 int ifindex;
2213 int err;
2214
2215 err = inet_netconf_valid_get_req(in_skb, nlh, tb, extack);
2216 if (err)
2217 goto errout;
2218
2219 err = -EINVAL;
2220 if (!tb[NETCONFA_IFINDEX])
2221 goto errout;
2222
2223 ifindex = nla_get_s32(tb[NETCONFA_IFINDEX]);
2224 switch (ifindex) {
2225 case NETCONFA_IFINDEX_ALL:
2226 devconf = net->ipv4.devconf_all;
2227 break;
2228 case NETCONFA_IFINDEX_DEFAULT:
2229 devconf = net->ipv4.devconf_dflt;
2230 break;
2231 default:
2232 dev = __dev_get_by_index(net, ifindex);
2233 if (!dev)
2234 goto errout;
2235 in_dev = __in_dev_get_rtnl(dev);
2236 if (!in_dev)
2237 goto errout;
2238 devconf = &in_dev->cnf;
2239 break;
2240 }
2241
2242 err = -ENOBUFS;
2243 skb = nlmsg_new(inet_netconf_msgsize_devconf(NETCONFA_ALL), GFP_KERNEL);
2244 if (!skb)
2245 goto errout;
2246
2247 err = inet_netconf_fill_devconf(skb, ifindex, devconf,
2248 NETLINK_CB(in_skb).portid,
2249 nlh->nlmsg_seq, RTM_NEWNETCONF, 0,
2250 NETCONFA_ALL);
2251 if (err < 0) {
2252 /* -EMSGSIZE implies BUG in inet_netconf_msgsize_devconf() */
2253 WARN_ON(err == -EMSGSIZE);
2254 kfree_skb(skb);
2255 goto errout;
2256 }
2257 err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).portid);
2258errout:
2259 return err;
2260}
2261
2262static int inet_netconf_dump_devconf(struct sk_buff *skb,
2263 struct netlink_callback *cb)
2264{
2265 const struct nlmsghdr *nlh = cb->nlh;
2266 struct net *net = sock_net(skb->sk);
2267 int h, s_h;
2268 int idx, s_idx;
2269 struct net_device *dev;
2270 struct in_device *in_dev;
2271 struct hlist_head *head;
2272
2273 if (cb->strict_check) {
2274 struct netlink_ext_ack *extack = cb->extack;
2275 struct netconfmsg *ncm;
2276
2277 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*ncm))) {
2278 NL_SET_ERR_MSG(extack, "ipv4: Invalid header for netconf dump request");
2279 return -EINVAL;
2280 }
2281
2282 if (nlmsg_attrlen(nlh, sizeof(*ncm))) {
2283 NL_SET_ERR_MSG(extack, "ipv4: Invalid data after header in netconf dump request");
2284 return -EINVAL;
2285 }
2286 }
2287
2288 s_h = cb->args[0];
2289 s_idx = idx = cb->args[1];
2290
2291 for (h = s_h; h < NETDEV_HASHENTRIES; h++, s_idx = 0) {
2292 idx = 0;
2293 head = &net->dev_index_head[h];
2294 rcu_read_lock();
2295 cb->seq = inet_base_seq(net);
2296 hlist_for_each_entry_rcu(dev, head, index_hlist) {
2297 if (idx < s_idx)
2298 goto cont;
2299 in_dev = __in_dev_get_rcu(dev);
2300 if (!in_dev)
2301 goto cont;
2302
2303 if (inet_netconf_fill_devconf(skb, dev->ifindex,
2304 &in_dev->cnf,
2305 NETLINK_CB(cb->skb).portid,
2306 nlh->nlmsg_seq,
2307 RTM_NEWNETCONF,
2308 NLM_F_MULTI,
2309 NETCONFA_ALL) < 0) {
2310 rcu_read_unlock();
2311 goto done;
2312 }
2313 nl_dump_check_consistent(cb, nlmsg_hdr(skb));
2314cont:
2315 idx++;
2316 }
2317 rcu_read_unlock();
2318 }
2319 if (h == NETDEV_HASHENTRIES) {
2320 if (inet_netconf_fill_devconf(skb, NETCONFA_IFINDEX_ALL,
2321 net->ipv4.devconf_all,
2322 NETLINK_CB(cb->skb).portid,
2323 nlh->nlmsg_seq,
2324 RTM_NEWNETCONF, NLM_F_MULTI,
2325 NETCONFA_ALL) < 0)
2326 goto done;
2327 else
2328 h++;
2329 }
2330 if (h == NETDEV_HASHENTRIES + 1) {
2331 if (inet_netconf_fill_devconf(skb, NETCONFA_IFINDEX_DEFAULT,
2332 net->ipv4.devconf_dflt,
2333 NETLINK_CB(cb->skb).portid,
2334 nlh->nlmsg_seq,
2335 RTM_NEWNETCONF, NLM_F_MULTI,
2336 NETCONFA_ALL) < 0)
2337 goto done;
2338 else
2339 h++;
2340 }
2341done:
2342 cb->args[0] = h;
2343 cb->args[1] = idx;
2344
2345 return skb->len;
2346}
2347
2348#ifdef CONFIG_SYSCTL
2349
2350static void devinet_copy_dflt_conf(struct net *net, int i)
2351{
2352 struct net_device *dev;
2353
2354 rcu_read_lock();
2355 for_each_netdev_rcu(net, dev) {
2356 struct in_device *in_dev;
2357
2358 in_dev = __in_dev_get_rcu(dev);
2359 if (in_dev && !test_bit(i, in_dev->cnf.state))
2360 in_dev->cnf.data[i] = net->ipv4.devconf_dflt->data[i];
2361 }
2362 rcu_read_unlock();
2363}
2364
2365/* called with RTNL locked */
2366static void inet_forward_change(struct net *net)
2367{
2368 struct net_device *dev;
2369 int on = IPV4_DEVCONF_ALL(net, FORWARDING);
2370
2371 IPV4_DEVCONF_ALL(net, ACCEPT_REDIRECTS) = !on;
2372 IPV4_DEVCONF_DFLT(net, FORWARDING) = on;
2373 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2374 NETCONFA_FORWARDING,
2375 NETCONFA_IFINDEX_ALL,
2376 net->ipv4.devconf_all);
2377 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2378 NETCONFA_FORWARDING,
2379 NETCONFA_IFINDEX_DEFAULT,
2380 net->ipv4.devconf_dflt);
2381
2382 for_each_netdev(net, dev) {
2383 struct in_device *in_dev;
2384
2385 if (on)
2386 dev_disable_lro(dev);
2387
2388 in_dev = __in_dev_get_rtnl(dev);
2389 if (in_dev) {
2390 IN_DEV_CONF_SET(in_dev, FORWARDING, on);
2391 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2392 NETCONFA_FORWARDING,
2393 dev->ifindex, &in_dev->cnf);
2394 }
2395 }
2396}
2397
2398static int devinet_conf_ifindex(struct net *net, struct ipv4_devconf *cnf)
2399{
2400 if (cnf == net->ipv4.devconf_dflt)
2401 return NETCONFA_IFINDEX_DEFAULT;
2402 else if (cnf == net->ipv4.devconf_all)
2403 return NETCONFA_IFINDEX_ALL;
2404 else {
2405 struct in_device *idev
2406 = container_of(cnf, struct in_device, cnf);
2407 return idev->dev->ifindex;
2408 }
2409}
2410
2411static int devinet_conf_proc(struct ctl_table *ctl, int write,
2412 void *buffer, size_t *lenp, loff_t *ppos)
2413{
2414 int old_value = *(int *)ctl->data;
2415 int ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
2416 int new_value = *(int *)ctl->data;
2417
2418 if (write) {
2419 struct ipv4_devconf *cnf = ctl->extra1;
2420 struct net *net = ctl->extra2;
2421 int i = (int *)ctl->data - cnf->data;
2422 int ifindex;
2423
2424 set_bit(i, cnf->state);
2425
2426 if (cnf == net->ipv4.devconf_dflt)
2427 devinet_copy_dflt_conf(net, i);
2428 if (i == IPV4_DEVCONF_ACCEPT_LOCAL - 1 ||
2429 i == IPV4_DEVCONF_ROUTE_LOCALNET - 1)
2430 if ((new_value == 0) && (old_value != 0))
2431 rt_cache_flush(net);
2432
2433 if (i == IPV4_DEVCONF_BC_FORWARDING - 1 &&
2434 new_value != old_value)
2435 rt_cache_flush(net);
2436
2437 if (i == IPV4_DEVCONF_RP_FILTER - 1 &&
2438 new_value != old_value) {
2439 ifindex = devinet_conf_ifindex(net, cnf);
2440 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2441 NETCONFA_RP_FILTER,
2442 ifindex, cnf);
2443 }
2444 if (i == IPV4_DEVCONF_PROXY_ARP - 1 &&
2445 new_value != old_value) {
2446 ifindex = devinet_conf_ifindex(net, cnf);
2447 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2448 NETCONFA_PROXY_NEIGH,
2449 ifindex, cnf);
2450 }
2451 if (i == IPV4_DEVCONF_IGNORE_ROUTES_WITH_LINKDOWN - 1 &&
2452 new_value != old_value) {
2453 ifindex = devinet_conf_ifindex(net, cnf);
2454 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2455 NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN,
2456 ifindex, cnf);
2457 }
2458 }
2459
2460 return ret;
2461}
2462
2463static int devinet_sysctl_forward(struct ctl_table *ctl, int write,
2464 void *buffer, size_t *lenp, loff_t *ppos)
2465{
2466 int *valp = ctl->data;
2467 int val = *valp;
2468 loff_t pos = *ppos;
2469 struct net *net = ctl->extra2;
2470 int ret;
2471
2472 if (write && !ns_capable(net->user_ns, CAP_NET_ADMIN))
2473 return -EPERM;
2474
2475 ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
2476
2477 if (write && *valp != val) {
2478 if (valp != &IPV4_DEVCONF_DFLT(net, FORWARDING)) {
2479 if (!rtnl_trylock()) {
2480 /* Restore the original values before restarting */
2481 *valp = val;
2482 *ppos = pos;
2483 return restart_syscall();
2484 }
2485 if (valp == &IPV4_DEVCONF_ALL(net, FORWARDING)) {
2486 inet_forward_change(net);
2487 } else {
2488 struct ipv4_devconf *cnf = ctl->extra1;
2489 struct in_device *idev =
2490 container_of(cnf, struct in_device, cnf);
2491 if (*valp)
2492 dev_disable_lro(idev->dev);
2493 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2494 NETCONFA_FORWARDING,
2495 idev->dev->ifindex,
2496 cnf);
2497 }
2498 rtnl_unlock();
2499 rt_cache_flush(net);
2500 } else
2501 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2502 NETCONFA_FORWARDING,
2503 NETCONFA_IFINDEX_DEFAULT,
2504 net->ipv4.devconf_dflt);
2505 }
2506
2507 return ret;
2508}
2509
2510static int ipv4_doint_and_flush(struct ctl_table *ctl, int write,
2511 void *buffer, size_t *lenp, loff_t *ppos)
2512{
2513 int *valp = ctl->data;
2514 int val = *valp;
2515 int ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
2516 struct net *net = ctl->extra2;
2517
2518 if (write && *valp != val)
2519 rt_cache_flush(net);
2520
2521 return ret;
2522}
2523
2524#define DEVINET_SYSCTL_ENTRY(attr, name, mval, proc) \
2525 { \
2526 .procname = name, \
2527 .data = ipv4_devconf.data + \
2528 IPV4_DEVCONF_ ## attr - 1, \
2529 .maxlen = sizeof(int), \
2530 .mode = mval, \
2531 .proc_handler = proc, \
2532 .extra1 = &ipv4_devconf, \
2533 }
2534
2535#define DEVINET_SYSCTL_RW_ENTRY(attr, name) \
2536 DEVINET_SYSCTL_ENTRY(attr, name, 0644, devinet_conf_proc)
2537
2538#define DEVINET_SYSCTL_RO_ENTRY(attr, name) \
2539 DEVINET_SYSCTL_ENTRY(attr, name, 0444, devinet_conf_proc)
2540
2541#define DEVINET_SYSCTL_COMPLEX_ENTRY(attr, name, proc) \
2542 DEVINET_SYSCTL_ENTRY(attr, name, 0644, proc)
2543
2544#define DEVINET_SYSCTL_FLUSHING_ENTRY(attr, name) \
2545 DEVINET_SYSCTL_COMPLEX_ENTRY(attr, name, ipv4_doint_and_flush)
2546
2547static struct devinet_sysctl_table {
2548 struct ctl_table_header *sysctl_header;
2549 struct ctl_table devinet_vars[__IPV4_DEVCONF_MAX];
2550} devinet_sysctl = {
2551 .devinet_vars = {
2552 DEVINET_SYSCTL_COMPLEX_ENTRY(FORWARDING, "forwarding",
2553 devinet_sysctl_forward),
2554 DEVINET_SYSCTL_RO_ENTRY(MC_FORWARDING, "mc_forwarding"),
2555 DEVINET_SYSCTL_RW_ENTRY(BC_FORWARDING, "bc_forwarding"),
2556
2557 DEVINET_SYSCTL_RW_ENTRY(ACCEPT_REDIRECTS, "accept_redirects"),
2558 DEVINET_SYSCTL_RW_ENTRY(SECURE_REDIRECTS, "secure_redirects"),
2559 DEVINET_SYSCTL_RW_ENTRY(SHARED_MEDIA, "shared_media"),
2560 DEVINET_SYSCTL_RW_ENTRY(RP_FILTER, "rp_filter"),
2561 DEVINET_SYSCTL_RW_ENTRY(SEND_REDIRECTS, "send_redirects"),
2562 DEVINET_SYSCTL_RW_ENTRY(ACCEPT_SOURCE_ROUTE,
2563 "accept_source_route"),
2564 DEVINET_SYSCTL_RW_ENTRY(ACCEPT_LOCAL, "accept_local"),
2565 DEVINET_SYSCTL_RW_ENTRY(SRC_VMARK, "src_valid_mark"),
2566 DEVINET_SYSCTL_RW_ENTRY(PROXY_ARP, "proxy_arp"),
2567 DEVINET_SYSCTL_RW_ENTRY(MEDIUM_ID, "medium_id"),
2568 DEVINET_SYSCTL_RW_ENTRY(BOOTP_RELAY, "bootp_relay"),
2569 DEVINET_SYSCTL_RW_ENTRY(LOG_MARTIANS, "log_martians"),
2570 DEVINET_SYSCTL_RW_ENTRY(TAG, "tag"),
2571 DEVINET_SYSCTL_RW_ENTRY(ARPFILTER, "arp_filter"),
2572 DEVINET_SYSCTL_RW_ENTRY(ARP_ANNOUNCE, "arp_announce"),
2573 DEVINET_SYSCTL_RW_ENTRY(ARP_IGNORE, "arp_ignore"),
2574 DEVINET_SYSCTL_RW_ENTRY(ARP_ACCEPT, "arp_accept"),
2575 DEVINET_SYSCTL_RW_ENTRY(ARP_NOTIFY, "arp_notify"),
2576 DEVINET_SYSCTL_RW_ENTRY(ARP_EVICT_NOCARRIER,
2577 "arp_evict_nocarrier"),
2578 DEVINET_SYSCTL_RW_ENTRY(PROXY_ARP_PVLAN, "proxy_arp_pvlan"),
2579 DEVINET_SYSCTL_RW_ENTRY(FORCE_IGMP_VERSION,
2580 "force_igmp_version"),
2581 DEVINET_SYSCTL_RW_ENTRY(IGMPV2_UNSOLICITED_REPORT_INTERVAL,
2582 "igmpv2_unsolicited_report_interval"),
2583 DEVINET_SYSCTL_RW_ENTRY(IGMPV3_UNSOLICITED_REPORT_INTERVAL,
2584 "igmpv3_unsolicited_report_interval"),
2585 DEVINET_SYSCTL_RW_ENTRY(IGNORE_ROUTES_WITH_LINKDOWN,
2586 "ignore_routes_with_linkdown"),
2587 DEVINET_SYSCTL_RW_ENTRY(DROP_GRATUITOUS_ARP,
2588 "drop_gratuitous_arp"),
2589
2590 DEVINET_SYSCTL_FLUSHING_ENTRY(NOXFRM, "disable_xfrm"),
2591 DEVINET_SYSCTL_FLUSHING_ENTRY(NOPOLICY, "disable_policy"),
2592 DEVINET_SYSCTL_FLUSHING_ENTRY(PROMOTE_SECONDARIES,
2593 "promote_secondaries"),
2594 DEVINET_SYSCTL_FLUSHING_ENTRY(ROUTE_LOCALNET,
2595 "route_localnet"),
2596 DEVINET_SYSCTL_FLUSHING_ENTRY(DROP_UNICAST_IN_L2_MULTICAST,
2597 "drop_unicast_in_l2_multicast"),
2598 },
2599};
2600
2601static int __devinet_sysctl_register(struct net *net, char *dev_name,
2602 int ifindex, struct ipv4_devconf *p)
2603{
2604 int i;
2605 struct devinet_sysctl_table *t;
2606 char path[sizeof("net/ipv4/conf/") + IFNAMSIZ];
2607
2608 t = kmemdup(&devinet_sysctl, sizeof(*t), GFP_KERNEL_ACCOUNT);
2609 if (!t)
2610 goto out;
2611
2612 for (i = 0; i < ARRAY_SIZE(t->devinet_vars) - 1; i++) {
2613 t->devinet_vars[i].data += (char *)p - (char *)&ipv4_devconf;
2614 t->devinet_vars[i].extra1 = p;
2615 t->devinet_vars[i].extra2 = net;
2616 }
2617
2618 snprintf(path, sizeof(path), "net/ipv4/conf/%s", dev_name);
2619
2620 t->sysctl_header = register_net_sysctl(net, path, t->devinet_vars);
2621 if (!t->sysctl_header)
2622 goto free;
2623
2624 p->sysctl = t;
2625
2626 inet_netconf_notify_devconf(net, RTM_NEWNETCONF, NETCONFA_ALL,
2627 ifindex, p);
2628 return 0;
2629
2630free:
2631 kfree(t);
2632out:
2633 return -ENOMEM;
2634}
2635
2636static void __devinet_sysctl_unregister(struct net *net,
2637 struct ipv4_devconf *cnf, int ifindex)
2638{
2639 struct devinet_sysctl_table *t = cnf->sysctl;
2640
2641 if (t) {
2642 cnf->sysctl = NULL;
2643 unregister_net_sysctl_table(t->sysctl_header);
2644 kfree(t);
2645 }
2646
2647 inet_netconf_notify_devconf(net, RTM_DELNETCONF, 0, ifindex, NULL);
2648}
2649
2650static int devinet_sysctl_register(struct in_device *idev)
2651{
2652 int err;
2653
2654 if (!sysctl_dev_name_is_allowed(idev->dev->name))
2655 return -EINVAL;
2656
2657 err = neigh_sysctl_register(idev->dev, idev->arp_parms, NULL);
2658 if (err)
2659 return err;
2660 err = __devinet_sysctl_register(dev_net(idev->dev), idev->dev->name,
2661 idev->dev->ifindex, &idev->cnf);
2662 if (err)
2663 neigh_sysctl_unregister(idev->arp_parms);
2664 return err;
2665}
2666
2667static void devinet_sysctl_unregister(struct in_device *idev)
2668{
2669 struct net *net = dev_net(idev->dev);
2670
2671 __devinet_sysctl_unregister(net, &idev->cnf, idev->dev->ifindex);
2672 neigh_sysctl_unregister(idev->arp_parms);
2673}
2674
2675static struct ctl_table ctl_forward_entry[] = {
2676 {
2677 .procname = "ip_forward",
2678 .data = &ipv4_devconf.data[
2679 IPV4_DEVCONF_FORWARDING - 1],
2680 .maxlen = sizeof(int),
2681 .mode = 0644,
2682 .proc_handler = devinet_sysctl_forward,
2683 .extra1 = &ipv4_devconf,
2684 .extra2 = &init_net,
2685 },
2686 { },
2687};
2688#endif
2689
2690static __net_init int devinet_init_net(struct net *net)
2691{
2692 int err;
2693 struct ipv4_devconf *all, *dflt;
2694#ifdef CONFIG_SYSCTL
2695 struct ctl_table *tbl;
2696 struct ctl_table_header *forw_hdr;
2697#endif
2698
2699 err = -ENOMEM;
2700 all = kmemdup(&ipv4_devconf, sizeof(ipv4_devconf), GFP_KERNEL);
2701 if (!all)
2702 goto err_alloc_all;
2703
2704 dflt = kmemdup(&ipv4_devconf_dflt, sizeof(ipv4_devconf_dflt), GFP_KERNEL);
2705 if (!dflt)
2706 goto err_alloc_dflt;
2707
2708#ifdef CONFIG_SYSCTL
2709 tbl = kmemdup(ctl_forward_entry, sizeof(ctl_forward_entry), GFP_KERNEL);
2710 if (!tbl)
2711 goto err_alloc_ctl;
2712
2713 tbl[0].data = &all->data[IPV4_DEVCONF_FORWARDING - 1];
2714 tbl[0].extra1 = all;
2715 tbl[0].extra2 = net;
2716#endif
2717
2718 if (!net_eq(net, &init_net)) {
2719 switch (net_inherit_devconf()) {
2720 case 3:
2721 /* copy from the current netns */
2722 memcpy(all, current->nsproxy->net_ns->ipv4.devconf_all,
2723 sizeof(ipv4_devconf));
2724 memcpy(dflt,
2725 current->nsproxy->net_ns->ipv4.devconf_dflt,
2726 sizeof(ipv4_devconf_dflt));
2727 break;
2728 case 0:
2729 case 1:
2730 /* copy from init_net */
2731 memcpy(all, init_net.ipv4.devconf_all,
2732 sizeof(ipv4_devconf));
2733 memcpy(dflt, init_net.ipv4.devconf_dflt,
2734 sizeof(ipv4_devconf_dflt));
2735 break;
2736 case 2:
2737 /* use compiled values */
2738 break;
2739 }
2740 }
2741
2742#ifdef CONFIG_SYSCTL
2743 err = __devinet_sysctl_register(net, "all", NETCONFA_IFINDEX_ALL, all);
2744 if (err < 0)
2745 goto err_reg_all;
2746
2747 err = __devinet_sysctl_register(net, "default",
2748 NETCONFA_IFINDEX_DEFAULT, dflt);
2749 if (err < 0)
2750 goto err_reg_dflt;
2751
2752 err = -ENOMEM;
2753 forw_hdr = register_net_sysctl_sz(net, "net/ipv4", tbl,
2754 ARRAY_SIZE(ctl_forward_entry));
2755 if (!forw_hdr)
2756 goto err_reg_ctl;
2757 net->ipv4.forw_hdr = forw_hdr;
2758#endif
2759
2760 net->ipv4.devconf_all = all;
2761 net->ipv4.devconf_dflt = dflt;
2762 return 0;
2763
2764#ifdef CONFIG_SYSCTL
2765err_reg_ctl:
2766 __devinet_sysctl_unregister(net, dflt, NETCONFA_IFINDEX_DEFAULT);
2767err_reg_dflt:
2768 __devinet_sysctl_unregister(net, all, NETCONFA_IFINDEX_ALL);
2769err_reg_all:
2770 kfree(tbl);
2771err_alloc_ctl:
2772#endif
2773 kfree(dflt);
2774err_alloc_dflt:
2775 kfree(all);
2776err_alloc_all:
2777 return err;
2778}
2779
2780static __net_exit void devinet_exit_net(struct net *net)
2781{
2782#ifdef CONFIG_SYSCTL
2783 struct ctl_table *tbl;
2784
2785 tbl = net->ipv4.forw_hdr->ctl_table_arg;
2786 unregister_net_sysctl_table(net->ipv4.forw_hdr);
2787 __devinet_sysctl_unregister(net, net->ipv4.devconf_dflt,
2788 NETCONFA_IFINDEX_DEFAULT);
2789 __devinet_sysctl_unregister(net, net->ipv4.devconf_all,
2790 NETCONFA_IFINDEX_ALL);
2791 kfree(tbl);
2792#endif
2793 kfree(net->ipv4.devconf_dflt);
2794 kfree(net->ipv4.devconf_all);
2795}
2796
2797static __net_initdata struct pernet_operations devinet_ops = {
2798 .init = devinet_init_net,
2799 .exit = devinet_exit_net,
2800};
2801
2802static struct rtnl_af_ops inet_af_ops __read_mostly = {
2803 .family = AF_INET,
2804 .fill_link_af = inet_fill_link_af,
2805 .get_link_af_size = inet_get_link_af_size,
2806 .validate_link_af = inet_validate_link_af,
2807 .set_link_af = inet_set_link_af,
2808};
2809
2810void __init devinet_init(void)
2811{
2812 int i;
2813
2814 for (i = 0; i < IN4_ADDR_HSIZE; i++)
2815 INIT_HLIST_HEAD(&inet_addr_lst[i]);
2816
2817 register_pernet_subsys(&devinet_ops);
2818 register_netdevice_notifier(&ip_netdev_notifier);
2819
2820 queue_delayed_work(system_power_efficient_wq, &check_lifetime_work, 0);
2821
2822 rtnl_af_register(&inet_af_ops);
2823
2824 rtnl_register(PF_INET, RTM_NEWADDR, inet_rtm_newaddr, NULL, 0);
2825 rtnl_register(PF_INET, RTM_DELADDR, inet_rtm_deladdr, NULL, 0);
2826 rtnl_register(PF_INET, RTM_GETADDR, NULL, inet_dump_ifaddr, 0);
2827 rtnl_register(PF_INET, RTM_GETNETCONF, inet_netconf_get_devconf,
2828 inet_netconf_dump_devconf, 0);
2829}