Loading...
1/*
2 * NET3 IP device support routines.
3 *
4 * This program is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU General Public License
6 * as published by the Free Software Foundation; either version
7 * 2 of the License, or (at your option) any later version.
8 *
9 * Derived from the IP parts of dev.c 1.0.19
10 * Authors: Ross Biro
11 * Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
12 * Mark Evans, <evansmp@uhura.aston.ac.uk>
13 *
14 * Additional Authors:
15 * Alan Cox, <gw4pts@gw4pts.ampr.org>
16 * Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru>
17 *
18 * Changes:
19 * Alexey Kuznetsov: pa_* fields are replaced with ifaddr
20 * lists.
21 * Cyrus Durgin: updated for kmod
22 * Matthias Andree: in devinet_ioctl, compare label and
23 * address (4.4BSD alias style support),
24 * fall back to comparing just the label
25 * if no match found.
26 */
27
28
29#include <asm/uaccess.h>
30#include <linux/bitops.h>
31#include <linux/capability.h>
32#include <linux/module.h>
33#include <linux/types.h>
34#include <linux/kernel.h>
35#include <linux/string.h>
36#include <linux/mm.h>
37#include <linux/socket.h>
38#include <linux/sockios.h>
39#include <linux/in.h>
40#include <linux/errno.h>
41#include <linux/interrupt.h>
42#include <linux/if_addr.h>
43#include <linux/if_ether.h>
44#include <linux/inet.h>
45#include <linux/netdevice.h>
46#include <linux/etherdevice.h>
47#include <linux/skbuff.h>
48#include <linux/init.h>
49#include <linux/notifier.h>
50#include <linux/inetdevice.h>
51#include <linux/igmp.h>
52#include <linux/slab.h>
53#include <linux/hash.h>
54#ifdef CONFIG_SYSCTL
55#include <linux/sysctl.h>
56#endif
57#include <linux/kmod.h>
58#include <linux/netconf.h>
59
60#include <net/arp.h>
61#include <net/ip.h>
62#include <net/route.h>
63#include <net/ip_fib.h>
64#include <net/rtnetlink.h>
65#include <net/net_namespace.h>
66#include <net/addrconf.h>
67
68#include "fib_lookup.h"
69
70static struct ipv4_devconf ipv4_devconf = {
71 .data = {
72 [IPV4_DEVCONF_ACCEPT_REDIRECTS - 1] = 1,
73 [IPV4_DEVCONF_SEND_REDIRECTS - 1] = 1,
74 [IPV4_DEVCONF_SECURE_REDIRECTS - 1] = 1,
75 [IPV4_DEVCONF_SHARED_MEDIA - 1] = 1,
76 [IPV4_DEVCONF_IGMPV2_UNSOLICITED_REPORT_INTERVAL - 1] = 10000 /*ms*/,
77 [IPV4_DEVCONF_IGMPV3_UNSOLICITED_REPORT_INTERVAL - 1] = 1000 /*ms*/,
78 },
79};
80
81static struct ipv4_devconf ipv4_devconf_dflt = {
82 .data = {
83 [IPV4_DEVCONF_ACCEPT_REDIRECTS - 1] = 1,
84 [IPV4_DEVCONF_SEND_REDIRECTS - 1] = 1,
85 [IPV4_DEVCONF_SECURE_REDIRECTS - 1] = 1,
86 [IPV4_DEVCONF_SHARED_MEDIA - 1] = 1,
87 [IPV4_DEVCONF_ACCEPT_SOURCE_ROUTE - 1] = 1,
88 [IPV4_DEVCONF_IGMPV2_UNSOLICITED_REPORT_INTERVAL - 1] = 10000 /*ms*/,
89 [IPV4_DEVCONF_IGMPV3_UNSOLICITED_REPORT_INTERVAL - 1] = 1000 /*ms*/,
90 },
91};
92
93#define IPV4_DEVCONF_DFLT(net, attr) \
94 IPV4_DEVCONF((*net->ipv4.devconf_dflt), attr)
95
96static const struct nla_policy ifa_ipv4_policy[IFA_MAX+1] = {
97 [IFA_LOCAL] = { .type = NLA_U32 },
98 [IFA_ADDRESS] = { .type = NLA_U32 },
99 [IFA_BROADCAST] = { .type = NLA_U32 },
100 [IFA_LABEL] = { .type = NLA_STRING, .len = IFNAMSIZ - 1 },
101 [IFA_CACHEINFO] = { .len = sizeof(struct ifa_cacheinfo) },
102 [IFA_FLAGS] = { .type = NLA_U32 },
103};
104
105#define IN4_ADDR_HSIZE_SHIFT 8
106#define IN4_ADDR_HSIZE (1U << IN4_ADDR_HSIZE_SHIFT)
107
108static struct hlist_head inet_addr_lst[IN4_ADDR_HSIZE];
109
110static u32 inet_addr_hash(const struct net *net, __be32 addr)
111{
112 u32 val = (__force u32) addr ^ net_hash_mix(net);
113
114 return hash_32(val, IN4_ADDR_HSIZE_SHIFT);
115}
116
117static void inet_hash_insert(struct net *net, struct in_ifaddr *ifa)
118{
119 u32 hash = inet_addr_hash(net, ifa->ifa_local);
120
121 ASSERT_RTNL();
122 hlist_add_head_rcu(&ifa->hash, &inet_addr_lst[hash]);
123}
124
125static void inet_hash_remove(struct in_ifaddr *ifa)
126{
127 ASSERT_RTNL();
128 hlist_del_init_rcu(&ifa->hash);
129}
130
131/**
132 * __ip_dev_find - find the first device with a given source address.
133 * @net: the net namespace
134 * @addr: the source address
135 * @devref: if true, take a reference on the found device
136 *
137 * If a caller uses devref=false, it should be protected by RCU, or RTNL
138 */
139struct net_device *__ip_dev_find(struct net *net, __be32 addr, bool devref)
140{
141 u32 hash = inet_addr_hash(net, addr);
142 struct net_device *result = NULL;
143 struct in_ifaddr *ifa;
144
145 rcu_read_lock();
146 hlist_for_each_entry_rcu(ifa, &inet_addr_lst[hash], hash) {
147 if (ifa->ifa_local == addr) {
148 struct net_device *dev = ifa->ifa_dev->dev;
149
150 if (!net_eq(dev_net(dev), net))
151 continue;
152 result = dev;
153 break;
154 }
155 }
156 if (!result) {
157 struct flowi4 fl4 = { .daddr = addr };
158 struct fib_result res = { 0 };
159 struct fib_table *local;
160
161 /* Fallback to FIB local table so that communication
162 * over loopback subnets work.
163 */
164 local = fib_get_table(net, RT_TABLE_LOCAL);
165 if (local &&
166 !fib_table_lookup(local, &fl4, &res, FIB_LOOKUP_NOREF) &&
167 res.type == RTN_LOCAL)
168 result = FIB_RES_DEV(res);
169 }
170 if (result && devref)
171 dev_hold(result);
172 rcu_read_unlock();
173 return result;
174}
175EXPORT_SYMBOL(__ip_dev_find);
176
177static void rtmsg_ifa(int event, struct in_ifaddr *, struct nlmsghdr *, u32);
178
179static BLOCKING_NOTIFIER_HEAD(inetaddr_chain);
180static void inet_del_ifa(struct in_device *in_dev, struct in_ifaddr **ifap,
181 int destroy);
182#ifdef CONFIG_SYSCTL
183static int devinet_sysctl_register(struct in_device *idev);
184static void devinet_sysctl_unregister(struct in_device *idev);
185#else
186static int devinet_sysctl_register(struct in_device *idev)
187{
188 return 0;
189}
190static void devinet_sysctl_unregister(struct in_device *idev)
191{
192}
193#endif
194
195/* Locks all the inet devices. */
196
197static struct in_ifaddr *inet_alloc_ifa(void)
198{
199 return kzalloc(sizeof(struct in_ifaddr), GFP_KERNEL);
200}
201
202static void inet_rcu_free_ifa(struct rcu_head *head)
203{
204 struct in_ifaddr *ifa = container_of(head, struct in_ifaddr, rcu_head);
205 if (ifa->ifa_dev)
206 in_dev_put(ifa->ifa_dev);
207 kfree(ifa);
208}
209
210static void inet_free_ifa(struct in_ifaddr *ifa)
211{
212 call_rcu(&ifa->rcu_head, inet_rcu_free_ifa);
213}
214
215void in_dev_finish_destroy(struct in_device *idev)
216{
217 struct net_device *dev = idev->dev;
218
219 WARN_ON(idev->ifa_list);
220 WARN_ON(idev->mc_list);
221 kfree(rcu_dereference_protected(idev->mc_hash, 1));
222#ifdef NET_REFCNT_DEBUG
223 pr_debug("%s: %p=%s\n", __func__, idev, dev ? dev->name : "NIL");
224#endif
225 dev_put(dev);
226 if (!idev->dead)
227 pr_err("Freeing alive in_device %p\n", idev);
228 else
229 kfree(idev);
230}
231EXPORT_SYMBOL(in_dev_finish_destroy);
232
233static struct in_device *inetdev_init(struct net_device *dev)
234{
235 struct in_device *in_dev;
236 int err = -ENOMEM;
237
238 ASSERT_RTNL();
239
240 in_dev = kzalloc(sizeof(*in_dev), GFP_KERNEL);
241 if (!in_dev)
242 goto out;
243 memcpy(&in_dev->cnf, dev_net(dev)->ipv4.devconf_dflt,
244 sizeof(in_dev->cnf));
245 in_dev->cnf.sysctl = NULL;
246 in_dev->dev = dev;
247 in_dev->arp_parms = neigh_parms_alloc(dev, &arp_tbl);
248 if (!in_dev->arp_parms)
249 goto out_kfree;
250 if (IPV4_DEVCONF(in_dev->cnf, FORWARDING))
251 dev_disable_lro(dev);
252 /* Reference in_dev->dev */
253 dev_hold(dev);
254 /* Account for reference dev->ip_ptr (below) */
255 in_dev_hold(in_dev);
256
257 err = devinet_sysctl_register(in_dev);
258 if (err) {
259 in_dev->dead = 1;
260 in_dev_put(in_dev);
261 in_dev = NULL;
262 goto out;
263 }
264 ip_mc_init_dev(in_dev);
265 if (dev->flags & IFF_UP)
266 ip_mc_up(in_dev);
267
268 /* we can receive as soon as ip_ptr is set -- do this last */
269 rcu_assign_pointer(dev->ip_ptr, in_dev);
270out:
271 return in_dev ?: ERR_PTR(err);
272out_kfree:
273 kfree(in_dev);
274 in_dev = NULL;
275 goto out;
276}
277
278static void in_dev_rcu_put(struct rcu_head *head)
279{
280 struct in_device *idev = container_of(head, struct in_device, rcu_head);
281 in_dev_put(idev);
282}
283
284static void inetdev_destroy(struct in_device *in_dev)
285{
286 struct in_ifaddr *ifa;
287 struct net_device *dev;
288
289 ASSERT_RTNL();
290
291 dev = in_dev->dev;
292
293 in_dev->dead = 1;
294
295 ip_mc_destroy_dev(in_dev);
296
297 while ((ifa = in_dev->ifa_list) != NULL) {
298 inet_del_ifa(in_dev, &in_dev->ifa_list, 0);
299 inet_free_ifa(ifa);
300 }
301
302 RCU_INIT_POINTER(dev->ip_ptr, NULL);
303
304 devinet_sysctl_unregister(in_dev);
305 neigh_parms_release(&arp_tbl, in_dev->arp_parms);
306 arp_ifdown(dev);
307
308 call_rcu(&in_dev->rcu_head, in_dev_rcu_put);
309}
310
311int inet_addr_onlink(struct in_device *in_dev, __be32 a, __be32 b)
312{
313 rcu_read_lock();
314 for_primary_ifa(in_dev) {
315 if (inet_ifa_match(a, ifa)) {
316 if (!b || inet_ifa_match(b, ifa)) {
317 rcu_read_unlock();
318 return 1;
319 }
320 }
321 } endfor_ifa(in_dev);
322 rcu_read_unlock();
323 return 0;
324}
325
326static void __inet_del_ifa(struct in_device *in_dev, struct in_ifaddr **ifap,
327 int destroy, struct nlmsghdr *nlh, u32 portid)
328{
329 struct in_ifaddr *promote = NULL;
330 struct in_ifaddr *ifa, *ifa1 = *ifap;
331 struct in_ifaddr *last_prim = in_dev->ifa_list;
332 struct in_ifaddr *prev_prom = NULL;
333 int do_promote = IN_DEV_PROMOTE_SECONDARIES(in_dev);
334
335 ASSERT_RTNL();
336
337 if (in_dev->dead)
338 goto no_promotions;
339
340 /* 1. Deleting primary ifaddr forces deletion all secondaries
341 * unless alias promotion is set
342 **/
343
344 if (!(ifa1->ifa_flags & IFA_F_SECONDARY)) {
345 struct in_ifaddr **ifap1 = &ifa1->ifa_next;
346
347 while ((ifa = *ifap1) != NULL) {
348 if (!(ifa->ifa_flags & IFA_F_SECONDARY) &&
349 ifa1->ifa_scope <= ifa->ifa_scope)
350 last_prim = ifa;
351
352 if (!(ifa->ifa_flags & IFA_F_SECONDARY) ||
353 ifa1->ifa_mask != ifa->ifa_mask ||
354 !inet_ifa_match(ifa1->ifa_address, ifa)) {
355 ifap1 = &ifa->ifa_next;
356 prev_prom = ifa;
357 continue;
358 }
359
360 if (!do_promote) {
361 inet_hash_remove(ifa);
362 *ifap1 = ifa->ifa_next;
363
364 rtmsg_ifa(RTM_DELADDR, ifa, nlh, portid);
365 blocking_notifier_call_chain(&inetaddr_chain,
366 NETDEV_DOWN, ifa);
367 inet_free_ifa(ifa);
368 } else {
369 promote = ifa;
370 break;
371 }
372 }
373 }
374
375 /* On promotion all secondaries from subnet are changing
376 * the primary IP, we must remove all their routes silently
377 * and later to add them back with new prefsrc. Do this
378 * while all addresses are on the device list.
379 */
380 for (ifa = promote; ifa; ifa = ifa->ifa_next) {
381 if (ifa1->ifa_mask == ifa->ifa_mask &&
382 inet_ifa_match(ifa1->ifa_address, ifa))
383 fib_del_ifaddr(ifa, ifa1);
384 }
385
386no_promotions:
387 /* 2. Unlink it */
388
389 *ifap = ifa1->ifa_next;
390 inet_hash_remove(ifa1);
391
392 /* 3. Announce address deletion */
393
394 /* Send message first, then call notifier.
395 At first sight, FIB update triggered by notifier
396 will refer to already deleted ifaddr, that could confuse
397 netlink listeners. It is not true: look, gated sees
398 that route deleted and if it still thinks that ifaddr
399 is valid, it will try to restore deleted routes... Grr.
400 So that, this order is correct.
401 */
402 rtmsg_ifa(RTM_DELADDR, ifa1, nlh, portid);
403 blocking_notifier_call_chain(&inetaddr_chain, NETDEV_DOWN, ifa1);
404
405 if (promote) {
406 struct in_ifaddr *next_sec = promote->ifa_next;
407
408 if (prev_prom) {
409 prev_prom->ifa_next = promote->ifa_next;
410 promote->ifa_next = last_prim->ifa_next;
411 last_prim->ifa_next = promote;
412 }
413
414 promote->ifa_flags &= ~IFA_F_SECONDARY;
415 rtmsg_ifa(RTM_NEWADDR, promote, nlh, portid);
416 blocking_notifier_call_chain(&inetaddr_chain,
417 NETDEV_UP, promote);
418 for (ifa = next_sec; ifa; ifa = ifa->ifa_next) {
419 if (ifa1->ifa_mask != ifa->ifa_mask ||
420 !inet_ifa_match(ifa1->ifa_address, ifa))
421 continue;
422 fib_add_ifaddr(ifa);
423 }
424
425 }
426 if (destroy)
427 inet_free_ifa(ifa1);
428}
429
430static void inet_del_ifa(struct in_device *in_dev, struct in_ifaddr **ifap,
431 int destroy)
432{
433 __inet_del_ifa(in_dev, ifap, destroy, NULL, 0);
434}
435
436static void check_lifetime(struct work_struct *work);
437
438static DECLARE_DELAYED_WORK(check_lifetime_work, check_lifetime);
439
440static int __inet_insert_ifa(struct in_ifaddr *ifa, struct nlmsghdr *nlh,
441 u32 portid)
442{
443 struct in_device *in_dev = ifa->ifa_dev;
444 struct in_ifaddr *ifa1, **ifap, **last_primary;
445
446 ASSERT_RTNL();
447
448 if (!ifa->ifa_local) {
449 inet_free_ifa(ifa);
450 return 0;
451 }
452
453 ifa->ifa_flags &= ~IFA_F_SECONDARY;
454 last_primary = &in_dev->ifa_list;
455
456 for (ifap = &in_dev->ifa_list; (ifa1 = *ifap) != NULL;
457 ifap = &ifa1->ifa_next) {
458 if (!(ifa1->ifa_flags & IFA_F_SECONDARY) &&
459 ifa->ifa_scope <= ifa1->ifa_scope)
460 last_primary = &ifa1->ifa_next;
461 if (ifa1->ifa_mask == ifa->ifa_mask &&
462 inet_ifa_match(ifa1->ifa_address, ifa)) {
463 if (ifa1->ifa_local == ifa->ifa_local) {
464 inet_free_ifa(ifa);
465 return -EEXIST;
466 }
467 if (ifa1->ifa_scope != ifa->ifa_scope) {
468 inet_free_ifa(ifa);
469 return -EINVAL;
470 }
471 ifa->ifa_flags |= IFA_F_SECONDARY;
472 }
473 }
474
475 if (!(ifa->ifa_flags & IFA_F_SECONDARY)) {
476 prandom_seed((__force u32) ifa->ifa_local);
477 ifap = last_primary;
478 }
479
480 ifa->ifa_next = *ifap;
481 *ifap = ifa;
482
483 inet_hash_insert(dev_net(in_dev->dev), ifa);
484
485 cancel_delayed_work(&check_lifetime_work);
486 queue_delayed_work(system_power_efficient_wq, &check_lifetime_work, 0);
487
488 /* Send message first, then call notifier.
489 Notifier will trigger FIB update, so that
490 listeners of netlink will know about new ifaddr */
491 rtmsg_ifa(RTM_NEWADDR, ifa, nlh, portid);
492 blocking_notifier_call_chain(&inetaddr_chain, NETDEV_UP, ifa);
493
494 return 0;
495}
496
497static int inet_insert_ifa(struct in_ifaddr *ifa)
498{
499 return __inet_insert_ifa(ifa, NULL, 0);
500}
501
502static int inet_set_ifa(struct net_device *dev, struct in_ifaddr *ifa)
503{
504 struct in_device *in_dev = __in_dev_get_rtnl(dev);
505
506 ASSERT_RTNL();
507
508 if (!in_dev) {
509 inet_free_ifa(ifa);
510 return -ENOBUFS;
511 }
512 ipv4_devconf_setall(in_dev);
513 neigh_parms_data_state_setall(in_dev->arp_parms);
514 if (ifa->ifa_dev != in_dev) {
515 WARN_ON(ifa->ifa_dev);
516 in_dev_hold(in_dev);
517 ifa->ifa_dev = in_dev;
518 }
519 if (ipv4_is_loopback(ifa->ifa_local))
520 ifa->ifa_scope = RT_SCOPE_HOST;
521 return inet_insert_ifa(ifa);
522}
523
524/* Caller must hold RCU or RTNL :
525 * We dont take a reference on found in_device
526 */
527struct in_device *inetdev_by_index(struct net *net, int ifindex)
528{
529 struct net_device *dev;
530 struct in_device *in_dev = NULL;
531
532 rcu_read_lock();
533 dev = dev_get_by_index_rcu(net, ifindex);
534 if (dev)
535 in_dev = rcu_dereference_rtnl(dev->ip_ptr);
536 rcu_read_unlock();
537 return in_dev;
538}
539EXPORT_SYMBOL(inetdev_by_index);
540
541/* Called only from RTNL semaphored context. No locks. */
542
543struct in_ifaddr *inet_ifa_byprefix(struct in_device *in_dev, __be32 prefix,
544 __be32 mask)
545{
546 ASSERT_RTNL();
547
548 for_primary_ifa(in_dev) {
549 if (ifa->ifa_mask == mask && inet_ifa_match(prefix, ifa))
550 return ifa;
551 } endfor_ifa(in_dev);
552 return NULL;
553}
554
555static int ip_mc_config(struct sock *sk, bool join, const struct in_ifaddr *ifa)
556{
557 struct ip_mreqn mreq = {
558 .imr_multiaddr.s_addr = ifa->ifa_address,
559 .imr_ifindex = ifa->ifa_dev->dev->ifindex,
560 };
561 int ret;
562
563 ASSERT_RTNL();
564
565 lock_sock(sk);
566 if (join)
567 ret = ip_mc_join_group(sk, &mreq);
568 else
569 ret = ip_mc_leave_group(sk, &mreq);
570 release_sock(sk);
571
572 return ret;
573}
574
575static int inet_rtm_deladdr(struct sk_buff *skb, struct nlmsghdr *nlh)
576{
577 struct net *net = sock_net(skb->sk);
578 struct nlattr *tb[IFA_MAX+1];
579 struct in_device *in_dev;
580 struct ifaddrmsg *ifm;
581 struct in_ifaddr *ifa, **ifap;
582 int err = -EINVAL;
583
584 ASSERT_RTNL();
585
586 err = nlmsg_parse(nlh, sizeof(*ifm), tb, IFA_MAX, ifa_ipv4_policy);
587 if (err < 0)
588 goto errout;
589
590 ifm = nlmsg_data(nlh);
591 in_dev = inetdev_by_index(net, ifm->ifa_index);
592 if (!in_dev) {
593 err = -ENODEV;
594 goto errout;
595 }
596
597 for (ifap = &in_dev->ifa_list; (ifa = *ifap) != NULL;
598 ifap = &ifa->ifa_next) {
599 if (tb[IFA_LOCAL] &&
600 ifa->ifa_local != nla_get_in_addr(tb[IFA_LOCAL]))
601 continue;
602
603 if (tb[IFA_LABEL] && nla_strcmp(tb[IFA_LABEL], ifa->ifa_label))
604 continue;
605
606 if (tb[IFA_ADDRESS] &&
607 (ifm->ifa_prefixlen != ifa->ifa_prefixlen ||
608 !inet_ifa_match(nla_get_in_addr(tb[IFA_ADDRESS]), ifa)))
609 continue;
610
611 if (ipv4_is_multicast(ifa->ifa_address))
612 ip_mc_config(net->ipv4.mc_autojoin_sk, false, ifa);
613 __inet_del_ifa(in_dev, ifap, 1, nlh, NETLINK_CB(skb).portid);
614 return 0;
615 }
616
617 err = -EADDRNOTAVAIL;
618errout:
619 return err;
620}
621
622#define INFINITY_LIFE_TIME 0xFFFFFFFF
623
624static void check_lifetime(struct work_struct *work)
625{
626 unsigned long now, next, next_sec, next_sched;
627 struct in_ifaddr *ifa;
628 struct hlist_node *n;
629 int i;
630
631 now = jiffies;
632 next = round_jiffies_up(now + ADDR_CHECK_FREQUENCY);
633
634 for (i = 0; i < IN4_ADDR_HSIZE; i++) {
635 bool change_needed = false;
636
637 rcu_read_lock();
638 hlist_for_each_entry_rcu(ifa, &inet_addr_lst[i], hash) {
639 unsigned long age;
640
641 if (ifa->ifa_flags & IFA_F_PERMANENT)
642 continue;
643
644 /* We try to batch several events at once. */
645 age = (now - ifa->ifa_tstamp +
646 ADDRCONF_TIMER_FUZZ_MINUS) / HZ;
647
648 if (ifa->ifa_valid_lft != INFINITY_LIFE_TIME &&
649 age >= ifa->ifa_valid_lft) {
650 change_needed = true;
651 } else if (ifa->ifa_preferred_lft ==
652 INFINITY_LIFE_TIME) {
653 continue;
654 } else if (age >= ifa->ifa_preferred_lft) {
655 if (time_before(ifa->ifa_tstamp +
656 ifa->ifa_valid_lft * HZ, next))
657 next = ifa->ifa_tstamp +
658 ifa->ifa_valid_lft * HZ;
659
660 if (!(ifa->ifa_flags & IFA_F_DEPRECATED))
661 change_needed = true;
662 } else if (time_before(ifa->ifa_tstamp +
663 ifa->ifa_preferred_lft * HZ,
664 next)) {
665 next = ifa->ifa_tstamp +
666 ifa->ifa_preferred_lft * HZ;
667 }
668 }
669 rcu_read_unlock();
670 if (!change_needed)
671 continue;
672 rtnl_lock();
673 hlist_for_each_entry_safe(ifa, n, &inet_addr_lst[i], hash) {
674 unsigned long age;
675
676 if (ifa->ifa_flags & IFA_F_PERMANENT)
677 continue;
678
679 /* We try to batch several events at once. */
680 age = (now - ifa->ifa_tstamp +
681 ADDRCONF_TIMER_FUZZ_MINUS) / HZ;
682
683 if (ifa->ifa_valid_lft != INFINITY_LIFE_TIME &&
684 age >= ifa->ifa_valid_lft) {
685 struct in_ifaddr **ifap;
686
687 for (ifap = &ifa->ifa_dev->ifa_list;
688 *ifap != NULL; ifap = &(*ifap)->ifa_next) {
689 if (*ifap == ifa) {
690 inet_del_ifa(ifa->ifa_dev,
691 ifap, 1);
692 break;
693 }
694 }
695 } else if (ifa->ifa_preferred_lft !=
696 INFINITY_LIFE_TIME &&
697 age >= ifa->ifa_preferred_lft &&
698 !(ifa->ifa_flags & IFA_F_DEPRECATED)) {
699 ifa->ifa_flags |= IFA_F_DEPRECATED;
700 rtmsg_ifa(RTM_NEWADDR, ifa, NULL, 0);
701 }
702 }
703 rtnl_unlock();
704 }
705
706 next_sec = round_jiffies_up(next);
707 next_sched = next;
708
709 /* If rounded timeout is accurate enough, accept it. */
710 if (time_before(next_sec, next + ADDRCONF_TIMER_FUZZ))
711 next_sched = next_sec;
712
713 now = jiffies;
714 /* And minimum interval is ADDRCONF_TIMER_FUZZ_MAX. */
715 if (time_before(next_sched, now + ADDRCONF_TIMER_FUZZ_MAX))
716 next_sched = now + ADDRCONF_TIMER_FUZZ_MAX;
717
718 queue_delayed_work(system_power_efficient_wq, &check_lifetime_work,
719 next_sched - now);
720}
721
722static void set_ifa_lifetime(struct in_ifaddr *ifa, __u32 valid_lft,
723 __u32 prefered_lft)
724{
725 unsigned long timeout;
726
727 ifa->ifa_flags &= ~(IFA_F_PERMANENT | IFA_F_DEPRECATED);
728
729 timeout = addrconf_timeout_fixup(valid_lft, HZ);
730 if (addrconf_finite_timeout(timeout))
731 ifa->ifa_valid_lft = timeout;
732 else
733 ifa->ifa_flags |= IFA_F_PERMANENT;
734
735 timeout = addrconf_timeout_fixup(prefered_lft, HZ);
736 if (addrconf_finite_timeout(timeout)) {
737 if (timeout == 0)
738 ifa->ifa_flags |= IFA_F_DEPRECATED;
739 ifa->ifa_preferred_lft = timeout;
740 }
741 ifa->ifa_tstamp = jiffies;
742 if (!ifa->ifa_cstamp)
743 ifa->ifa_cstamp = ifa->ifa_tstamp;
744}
745
746static struct in_ifaddr *rtm_to_ifaddr(struct net *net, struct nlmsghdr *nlh,
747 __u32 *pvalid_lft, __u32 *pprefered_lft)
748{
749 struct nlattr *tb[IFA_MAX+1];
750 struct in_ifaddr *ifa;
751 struct ifaddrmsg *ifm;
752 struct net_device *dev;
753 struct in_device *in_dev;
754 int err;
755
756 err = nlmsg_parse(nlh, sizeof(*ifm), tb, IFA_MAX, ifa_ipv4_policy);
757 if (err < 0)
758 goto errout;
759
760 ifm = nlmsg_data(nlh);
761 err = -EINVAL;
762 if (ifm->ifa_prefixlen > 32 || !tb[IFA_LOCAL])
763 goto errout;
764
765 dev = __dev_get_by_index(net, ifm->ifa_index);
766 err = -ENODEV;
767 if (!dev)
768 goto errout;
769
770 in_dev = __in_dev_get_rtnl(dev);
771 err = -ENOBUFS;
772 if (!in_dev)
773 goto errout;
774
775 ifa = inet_alloc_ifa();
776 if (!ifa)
777 /*
778 * A potential indev allocation can be left alive, it stays
779 * assigned to its device and is destroy with it.
780 */
781 goto errout;
782
783 ipv4_devconf_setall(in_dev);
784 neigh_parms_data_state_setall(in_dev->arp_parms);
785 in_dev_hold(in_dev);
786
787 if (!tb[IFA_ADDRESS])
788 tb[IFA_ADDRESS] = tb[IFA_LOCAL];
789
790 INIT_HLIST_NODE(&ifa->hash);
791 ifa->ifa_prefixlen = ifm->ifa_prefixlen;
792 ifa->ifa_mask = inet_make_mask(ifm->ifa_prefixlen);
793 ifa->ifa_flags = tb[IFA_FLAGS] ? nla_get_u32(tb[IFA_FLAGS]) :
794 ifm->ifa_flags;
795 ifa->ifa_scope = ifm->ifa_scope;
796 ifa->ifa_dev = in_dev;
797
798 ifa->ifa_local = nla_get_in_addr(tb[IFA_LOCAL]);
799 ifa->ifa_address = nla_get_in_addr(tb[IFA_ADDRESS]);
800
801 if (tb[IFA_BROADCAST])
802 ifa->ifa_broadcast = nla_get_in_addr(tb[IFA_BROADCAST]);
803
804 if (tb[IFA_LABEL])
805 nla_strlcpy(ifa->ifa_label, tb[IFA_LABEL], IFNAMSIZ);
806 else
807 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
808
809 if (tb[IFA_CACHEINFO]) {
810 struct ifa_cacheinfo *ci;
811
812 ci = nla_data(tb[IFA_CACHEINFO]);
813 if (!ci->ifa_valid || ci->ifa_prefered > ci->ifa_valid) {
814 err = -EINVAL;
815 goto errout_free;
816 }
817 *pvalid_lft = ci->ifa_valid;
818 *pprefered_lft = ci->ifa_prefered;
819 }
820
821 return ifa;
822
823errout_free:
824 inet_free_ifa(ifa);
825errout:
826 return ERR_PTR(err);
827}
828
829static struct in_ifaddr *find_matching_ifa(struct in_ifaddr *ifa)
830{
831 struct in_device *in_dev = ifa->ifa_dev;
832 struct in_ifaddr *ifa1, **ifap;
833
834 if (!ifa->ifa_local)
835 return NULL;
836
837 for (ifap = &in_dev->ifa_list; (ifa1 = *ifap) != NULL;
838 ifap = &ifa1->ifa_next) {
839 if (ifa1->ifa_mask == ifa->ifa_mask &&
840 inet_ifa_match(ifa1->ifa_address, ifa) &&
841 ifa1->ifa_local == ifa->ifa_local)
842 return ifa1;
843 }
844 return NULL;
845}
846
847static int inet_rtm_newaddr(struct sk_buff *skb, struct nlmsghdr *nlh)
848{
849 struct net *net = sock_net(skb->sk);
850 struct in_ifaddr *ifa;
851 struct in_ifaddr *ifa_existing;
852 __u32 valid_lft = INFINITY_LIFE_TIME;
853 __u32 prefered_lft = INFINITY_LIFE_TIME;
854
855 ASSERT_RTNL();
856
857 ifa = rtm_to_ifaddr(net, nlh, &valid_lft, &prefered_lft);
858 if (IS_ERR(ifa))
859 return PTR_ERR(ifa);
860
861 ifa_existing = find_matching_ifa(ifa);
862 if (!ifa_existing) {
863 /* It would be best to check for !NLM_F_CREATE here but
864 * userspace already relies on not having to provide this.
865 */
866 set_ifa_lifetime(ifa, valid_lft, prefered_lft);
867 if (ifa->ifa_flags & IFA_F_MCAUTOJOIN) {
868 int ret = ip_mc_config(net->ipv4.mc_autojoin_sk,
869 true, ifa);
870
871 if (ret < 0) {
872 inet_free_ifa(ifa);
873 return ret;
874 }
875 }
876 return __inet_insert_ifa(ifa, nlh, NETLINK_CB(skb).portid);
877 } else {
878 inet_free_ifa(ifa);
879
880 if (nlh->nlmsg_flags & NLM_F_EXCL ||
881 !(nlh->nlmsg_flags & NLM_F_REPLACE))
882 return -EEXIST;
883 ifa = ifa_existing;
884 set_ifa_lifetime(ifa, valid_lft, prefered_lft);
885 cancel_delayed_work(&check_lifetime_work);
886 queue_delayed_work(system_power_efficient_wq,
887 &check_lifetime_work, 0);
888 rtmsg_ifa(RTM_NEWADDR, ifa, nlh, NETLINK_CB(skb).portid);
889 }
890 return 0;
891}
892
893/*
894 * Determine a default network mask, based on the IP address.
895 */
896
897static int inet_abc_len(__be32 addr)
898{
899 int rc = -1; /* Something else, probably a multicast. */
900
901 if (ipv4_is_zeronet(addr))
902 rc = 0;
903 else {
904 __u32 haddr = ntohl(addr);
905
906 if (IN_CLASSA(haddr))
907 rc = 8;
908 else if (IN_CLASSB(haddr))
909 rc = 16;
910 else if (IN_CLASSC(haddr))
911 rc = 24;
912 }
913
914 return rc;
915}
916
917
918int devinet_ioctl(struct net *net, unsigned int cmd, void __user *arg)
919{
920 struct ifreq ifr;
921 struct sockaddr_in sin_orig;
922 struct sockaddr_in *sin = (struct sockaddr_in *)&ifr.ifr_addr;
923 struct in_device *in_dev;
924 struct in_ifaddr **ifap = NULL;
925 struct in_ifaddr *ifa = NULL;
926 struct net_device *dev;
927 char *colon;
928 int ret = -EFAULT;
929 int tryaddrmatch = 0;
930
931 /*
932 * Fetch the caller's info block into kernel space
933 */
934
935 if (copy_from_user(&ifr, arg, sizeof(struct ifreq)))
936 goto out;
937 ifr.ifr_name[IFNAMSIZ - 1] = 0;
938
939 /* save original address for comparison */
940 memcpy(&sin_orig, sin, sizeof(*sin));
941
942 colon = strchr(ifr.ifr_name, ':');
943 if (colon)
944 *colon = 0;
945
946 dev_load(net, ifr.ifr_name);
947
948 switch (cmd) {
949 case SIOCGIFADDR: /* Get interface address */
950 case SIOCGIFBRDADDR: /* Get the broadcast address */
951 case SIOCGIFDSTADDR: /* Get the destination address */
952 case SIOCGIFNETMASK: /* Get the netmask for the interface */
953 /* Note that these ioctls will not sleep,
954 so that we do not impose a lock.
955 One day we will be forced to put shlock here (I mean SMP)
956 */
957 tryaddrmatch = (sin_orig.sin_family == AF_INET);
958 memset(sin, 0, sizeof(*sin));
959 sin->sin_family = AF_INET;
960 break;
961
962 case SIOCSIFFLAGS:
963 ret = -EPERM;
964 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
965 goto out;
966 break;
967 case SIOCSIFADDR: /* Set interface address (and family) */
968 case SIOCSIFBRDADDR: /* Set the broadcast address */
969 case SIOCSIFDSTADDR: /* Set the destination address */
970 case SIOCSIFNETMASK: /* Set the netmask for the interface */
971 ret = -EPERM;
972 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
973 goto out;
974 ret = -EINVAL;
975 if (sin->sin_family != AF_INET)
976 goto out;
977 break;
978 default:
979 ret = -EINVAL;
980 goto out;
981 }
982
983 rtnl_lock();
984
985 ret = -ENODEV;
986 dev = __dev_get_by_name(net, ifr.ifr_name);
987 if (!dev)
988 goto done;
989
990 if (colon)
991 *colon = ':';
992
993 in_dev = __in_dev_get_rtnl(dev);
994 if (in_dev) {
995 if (tryaddrmatch) {
996 /* Matthias Andree */
997 /* compare label and address (4.4BSD style) */
998 /* note: we only do this for a limited set of ioctls
999 and only if the original address family was AF_INET.
1000 This is checked above. */
1001 for (ifap = &in_dev->ifa_list; (ifa = *ifap) != NULL;
1002 ifap = &ifa->ifa_next) {
1003 if (!strcmp(ifr.ifr_name, ifa->ifa_label) &&
1004 sin_orig.sin_addr.s_addr ==
1005 ifa->ifa_local) {
1006 break; /* found */
1007 }
1008 }
1009 }
1010 /* we didn't get a match, maybe the application is
1011 4.3BSD-style and passed in junk so we fall back to
1012 comparing just the label */
1013 if (!ifa) {
1014 for (ifap = &in_dev->ifa_list; (ifa = *ifap) != NULL;
1015 ifap = &ifa->ifa_next)
1016 if (!strcmp(ifr.ifr_name, ifa->ifa_label))
1017 break;
1018 }
1019 }
1020
1021 ret = -EADDRNOTAVAIL;
1022 if (!ifa && cmd != SIOCSIFADDR && cmd != SIOCSIFFLAGS)
1023 goto done;
1024
1025 switch (cmd) {
1026 case SIOCGIFADDR: /* Get interface address */
1027 sin->sin_addr.s_addr = ifa->ifa_local;
1028 goto rarok;
1029
1030 case SIOCGIFBRDADDR: /* Get the broadcast address */
1031 sin->sin_addr.s_addr = ifa->ifa_broadcast;
1032 goto rarok;
1033
1034 case SIOCGIFDSTADDR: /* Get the destination address */
1035 sin->sin_addr.s_addr = ifa->ifa_address;
1036 goto rarok;
1037
1038 case SIOCGIFNETMASK: /* Get the netmask for the interface */
1039 sin->sin_addr.s_addr = ifa->ifa_mask;
1040 goto rarok;
1041
1042 case SIOCSIFFLAGS:
1043 if (colon) {
1044 ret = -EADDRNOTAVAIL;
1045 if (!ifa)
1046 break;
1047 ret = 0;
1048 if (!(ifr.ifr_flags & IFF_UP))
1049 inet_del_ifa(in_dev, ifap, 1);
1050 break;
1051 }
1052 ret = dev_change_flags(dev, ifr.ifr_flags);
1053 break;
1054
1055 case SIOCSIFADDR: /* Set interface address (and family) */
1056 ret = -EINVAL;
1057 if (inet_abc_len(sin->sin_addr.s_addr) < 0)
1058 break;
1059
1060 if (!ifa) {
1061 ret = -ENOBUFS;
1062 ifa = inet_alloc_ifa();
1063 if (!ifa)
1064 break;
1065 INIT_HLIST_NODE(&ifa->hash);
1066 if (colon)
1067 memcpy(ifa->ifa_label, ifr.ifr_name, IFNAMSIZ);
1068 else
1069 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
1070 } else {
1071 ret = 0;
1072 if (ifa->ifa_local == sin->sin_addr.s_addr)
1073 break;
1074 inet_del_ifa(in_dev, ifap, 0);
1075 ifa->ifa_broadcast = 0;
1076 ifa->ifa_scope = 0;
1077 }
1078
1079 ifa->ifa_address = ifa->ifa_local = sin->sin_addr.s_addr;
1080
1081 if (!(dev->flags & IFF_POINTOPOINT)) {
1082 ifa->ifa_prefixlen = inet_abc_len(ifa->ifa_address);
1083 ifa->ifa_mask = inet_make_mask(ifa->ifa_prefixlen);
1084 if ((dev->flags & IFF_BROADCAST) &&
1085 ifa->ifa_prefixlen < 31)
1086 ifa->ifa_broadcast = ifa->ifa_address |
1087 ~ifa->ifa_mask;
1088 } else {
1089 ifa->ifa_prefixlen = 32;
1090 ifa->ifa_mask = inet_make_mask(32);
1091 }
1092 set_ifa_lifetime(ifa, INFINITY_LIFE_TIME, INFINITY_LIFE_TIME);
1093 ret = inet_set_ifa(dev, ifa);
1094 break;
1095
1096 case SIOCSIFBRDADDR: /* Set the broadcast address */
1097 ret = 0;
1098 if (ifa->ifa_broadcast != sin->sin_addr.s_addr) {
1099 inet_del_ifa(in_dev, ifap, 0);
1100 ifa->ifa_broadcast = sin->sin_addr.s_addr;
1101 inet_insert_ifa(ifa);
1102 }
1103 break;
1104
1105 case SIOCSIFDSTADDR: /* Set the destination address */
1106 ret = 0;
1107 if (ifa->ifa_address == sin->sin_addr.s_addr)
1108 break;
1109 ret = -EINVAL;
1110 if (inet_abc_len(sin->sin_addr.s_addr) < 0)
1111 break;
1112 ret = 0;
1113 inet_del_ifa(in_dev, ifap, 0);
1114 ifa->ifa_address = sin->sin_addr.s_addr;
1115 inet_insert_ifa(ifa);
1116 break;
1117
1118 case SIOCSIFNETMASK: /* Set the netmask for the interface */
1119
1120 /*
1121 * The mask we set must be legal.
1122 */
1123 ret = -EINVAL;
1124 if (bad_mask(sin->sin_addr.s_addr, 0))
1125 break;
1126 ret = 0;
1127 if (ifa->ifa_mask != sin->sin_addr.s_addr) {
1128 __be32 old_mask = ifa->ifa_mask;
1129 inet_del_ifa(in_dev, ifap, 0);
1130 ifa->ifa_mask = sin->sin_addr.s_addr;
1131 ifa->ifa_prefixlen = inet_mask_len(ifa->ifa_mask);
1132
1133 /* See if current broadcast address matches
1134 * with current netmask, then recalculate
1135 * the broadcast address. Otherwise it's a
1136 * funny address, so don't touch it since
1137 * the user seems to know what (s)he's doing...
1138 */
1139 if ((dev->flags & IFF_BROADCAST) &&
1140 (ifa->ifa_prefixlen < 31) &&
1141 (ifa->ifa_broadcast ==
1142 (ifa->ifa_local|~old_mask))) {
1143 ifa->ifa_broadcast = (ifa->ifa_local |
1144 ~sin->sin_addr.s_addr);
1145 }
1146 inet_insert_ifa(ifa);
1147 }
1148 break;
1149 }
1150done:
1151 rtnl_unlock();
1152out:
1153 return ret;
1154rarok:
1155 rtnl_unlock();
1156 ret = copy_to_user(arg, &ifr, sizeof(struct ifreq)) ? -EFAULT : 0;
1157 goto out;
1158}
1159
1160static int inet_gifconf(struct net_device *dev, char __user *buf, int len)
1161{
1162 struct in_device *in_dev = __in_dev_get_rtnl(dev);
1163 struct in_ifaddr *ifa;
1164 struct ifreq ifr;
1165 int done = 0;
1166
1167 if (!in_dev)
1168 goto out;
1169
1170 for (ifa = in_dev->ifa_list; ifa; ifa = ifa->ifa_next) {
1171 if (!buf) {
1172 done += sizeof(ifr);
1173 continue;
1174 }
1175 if (len < (int) sizeof(ifr))
1176 break;
1177 memset(&ifr, 0, sizeof(struct ifreq));
1178 strcpy(ifr.ifr_name, ifa->ifa_label);
1179
1180 (*(struct sockaddr_in *)&ifr.ifr_addr).sin_family = AF_INET;
1181 (*(struct sockaddr_in *)&ifr.ifr_addr).sin_addr.s_addr =
1182 ifa->ifa_local;
1183
1184 if (copy_to_user(buf, &ifr, sizeof(struct ifreq))) {
1185 done = -EFAULT;
1186 break;
1187 }
1188 buf += sizeof(struct ifreq);
1189 len -= sizeof(struct ifreq);
1190 done += sizeof(struct ifreq);
1191 }
1192out:
1193 return done;
1194}
1195
1196__be32 inet_select_addr(const struct net_device *dev, __be32 dst, int scope)
1197{
1198 __be32 addr = 0;
1199 struct in_device *in_dev;
1200 struct net *net = dev_net(dev);
1201 int master_idx;
1202
1203 rcu_read_lock();
1204 in_dev = __in_dev_get_rcu(dev);
1205 if (!in_dev)
1206 goto no_in_dev;
1207
1208 for_primary_ifa(in_dev) {
1209 if (ifa->ifa_scope > scope)
1210 continue;
1211 if (!dst || inet_ifa_match(dst, ifa)) {
1212 addr = ifa->ifa_local;
1213 break;
1214 }
1215 if (!addr)
1216 addr = ifa->ifa_local;
1217 } endfor_ifa(in_dev);
1218
1219 if (addr)
1220 goto out_unlock;
1221no_in_dev:
1222 master_idx = l3mdev_master_ifindex_rcu(dev);
1223
1224 /* For VRFs, the VRF device takes the place of the loopback device,
1225 * with addresses on it being preferred. Note in such cases the
1226 * loopback device will be among the devices that fail the master_idx
1227 * equality check in the loop below.
1228 */
1229 if (master_idx &&
1230 (dev = dev_get_by_index_rcu(net, master_idx)) &&
1231 (in_dev = __in_dev_get_rcu(dev))) {
1232 for_primary_ifa(in_dev) {
1233 if (ifa->ifa_scope != RT_SCOPE_LINK &&
1234 ifa->ifa_scope <= scope) {
1235 addr = ifa->ifa_local;
1236 goto out_unlock;
1237 }
1238 } endfor_ifa(in_dev);
1239 }
1240
1241 /* Not loopback addresses on loopback should be preferred
1242 in this case. It is important that lo is the first interface
1243 in dev_base list.
1244 */
1245 for_each_netdev_rcu(net, dev) {
1246 if (l3mdev_master_ifindex_rcu(dev) != master_idx)
1247 continue;
1248
1249 in_dev = __in_dev_get_rcu(dev);
1250 if (!in_dev)
1251 continue;
1252
1253 for_primary_ifa(in_dev) {
1254 if (ifa->ifa_scope != RT_SCOPE_LINK &&
1255 ifa->ifa_scope <= scope) {
1256 addr = ifa->ifa_local;
1257 goto out_unlock;
1258 }
1259 } endfor_ifa(in_dev);
1260 }
1261out_unlock:
1262 rcu_read_unlock();
1263 return addr;
1264}
1265EXPORT_SYMBOL(inet_select_addr);
1266
1267static __be32 confirm_addr_indev(struct in_device *in_dev, __be32 dst,
1268 __be32 local, int scope)
1269{
1270 int same = 0;
1271 __be32 addr = 0;
1272
1273 for_ifa(in_dev) {
1274 if (!addr &&
1275 (local == ifa->ifa_local || !local) &&
1276 ifa->ifa_scope <= scope) {
1277 addr = ifa->ifa_local;
1278 if (same)
1279 break;
1280 }
1281 if (!same) {
1282 same = (!local || inet_ifa_match(local, ifa)) &&
1283 (!dst || inet_ifa_match(dst, ifa));
1284 if (same && addr) {
1285 if (local || !dst)
1286 break;
1287 /* Is the selected addr into dst subnet? */
1288 if (inet_ifa_match(addr, ifa))
1289 break;
1290 /* No, then can we use new local src? */
1291 if (ifa->ifa_scope <= scope) {
1292 addr = ifa->ifa_local;
1293 break;
1294 }
1295 /* search for large dst subnet for addr */
1296 same = 0;
1297 }
1298 }
1299 } endfor_ifa(in_dev);
1300
1301 return same ? addr : 0;
1302}
1303
1304/*
1305 * Confirm that local IP address exists using wildcards:
1306 * - net: netns to check, cannot be NULL
1307 * - in_dev: only on this interface, NULL=any interface
1308 * - dst: only in the same subnet as dst, 0=any dst
1309 * - local: address, 0=autoselect the local address
1310 * - scope: maximum allowed scope value for the local address
1311 */
1312__be32 inet_confirm_addr(struct net *net, struct in_device *in_dev,
1313 __be32 dst, __be32 local, int scope)
1314{
1315 __be32 addr = 0;
1316 struct net_device *dev;
1317
1318 if (in_dev)
1319 return confirm_addr_indev(in_dev, dst, local, scope);
1320
1321 rcu_read_lock();
1322 for_each_netdev_rcu(net, dev) {
1323 in_dev = __in_dev_get_rcu(dev);
1324 if (in_dev) {
1325 addr = confirm_addr_indev(in_dev, dst, local, scope);
1326 if (addr)
1327 break;
1328 }
1329 }
1330 rcu_read_unlock();
1331
1332 return addr;
1333}
1334EXPORT_SYMBOL(inet_confirm_addr);
1335
1336/*
1337 * Device notifier
1338 */
1339
1340int register_inetaddr_notifier(struct notifier_block *nb)
1341{
1342 return blocking_notifier_chain_register(&inetaddr_chain, nb);
1343}
1344EXPORT_SYMBOL(register_inetaddr_notifier);
1345
1346int unregister_inetaddr_notifier(struct notifier_block *nb)
1347{
1348 return blocking_notifier_chain_unregister(&inetaddr_chain, nb);
1349}
1350EXPORT_SYMBOL(unregister_inetaddr_notifier);
1351
1352/* Rename ifa_labels for a device name change. Make some effort to preserve
1353 * existing alias numbering and to create unique labels if possible.
1354*/
1355static void inetdev_changename(struct net_device *dev, struct in_device *in_dev)
1356{
1357 struct in_ifaddr *ifa;
1358 int named = 0;
1359
1360 for (ifa = in_dev->ifa_list; ifa; ifa = ifa->ifa_next) {
1361 char old[IFNAMSIZ], *dot;
1362
1363 memcpy(old, ifa->ifa_label, IFNAMSIZ);
1364 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
1365 if (named++ == 0)
1366 goto skip;
1367 dot = strchr(old, ':');
1368 if (!dot) {
1369 sprintf(old, ":%d", named);
1370 dot = old;
1371 }
1372 if (strlen(dot) + strlen(dev->name) < IFNAMSIZ)
1373 strcat(ifa->ifa_label, dot);
1374 else
1375 strcpy(ifa->ifa_label + (IFNAMSIZ - strlen(dot) - 1), dot);
1376skip:
1377 rtmsg_ifa(RTM_NEWADDR, ifa, NULL, 0);
1378 }
1379}
1380
1381static bool inetdev_valid_mtu(unsigned int mtu)
1382{
1383 return mtu >= 68;
1384}
1385
1386static void inetdev_send_gratuitous_arp(struct net_device *dev,
1387 struct in_device *in_dev)
1388
1389{
1390 struct in_ifaddr *ifa;
1391
1392 for (ifa = in_dev->ifa_list; ifa;
1393 ifa = ifa->ifa_next) {
1394 arp_send(ARPOP_REQUEST, ETH_P_ARP,
1395 ifa->ifa_local, dev,
1396 ifa->ifa_local, NULL,
1397 dev->dev_addr, NULL);
1398 }
1399}
1400
1401/* Called only under RTNL semaphore */
1402
1403static int inetdev_event(struct notifier_block *this, unsigned long event,
1404 void *ptr)
1405{
1406 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
1407 struct in_device *in_dev = __in_dev_get_rtnl(dev);
1408
1409 ASSERT_RTNL();
1410
1411 if (!in_dev) {
1412 if (event == NETDEV_REGISTER) {
1413 in_dev = inetdev_init(dev);
1414 if (IS_ERR(in_dev))
1415 return notifier_from_errno(PTR_ERR(in_dev));
1416 if (dev->flags & IFF_LOOPBACK) {
1417 IN_DEV_CONF_SET(in_dev, NOXFRM, 1);
1418 IN_DEV_CONF_SET(in_dev, NOPOLICY, 1);
1419 }
1420 } else if (event == NETDEV_CHANGEMTU) {
1421 /* Re-enabling IP */
1422 if (inetdev_valid_mtu(dev->mtu))
1423 in_dev = inetdev_init(dev);
1424 }
1425 goto out;
1426 }
1427
1428 switch (event) {
1429 case NETDEV_REGISTER:
1430 pr_debug("%s: bug\n", __func__);
1431 RCU_INIT_POINTER(dev->ip_ptr, NULL);
1432 break;
1433 case NETDEV_UP:
1434 if (!inetdev_valid_mtu(dev->mtu))
1435 break;
1436 if (dev->flags & IFF_LOOPBACK) {
1437 struct in_ifaddr *ifa = inet_alloc_ifa();
1438
1439 if (ifa) {
1440 INIT_HLIST_NODE(&ifa->hash);
1441 ifa->ifa_local =
1442 ifa->ifa_address = htonl(INADDR_LOOPBACK);
1443 ifa->ifa_prefixlen = 8;
1444 ifa->ifa_mask = inet_make_mask(8);
1445 in_dev_hold(in_dev);
1446 ifa->ifa_dev = in_dev;
1447 ifa->ifa_scope = RT_SCOPE_HOST;
1448 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
1449 set_ifa_lifetime(ifa, INFINITY_LIFE_TIME,
1450 INFINITY_LIFE_TIME);
1451 ipv4_devconf_setall(in_dev);
1452 neigh_parms_data_state_setall(in_dev->arp_parms);
1453 inet_insert_ifa(ifa);
1454 }
1455 }
1456 ip_mc_up(in_dev);
1457 /* fall through */
1458 case NETDEV_CHANGEADDR:
1459 if (!IN_DEV_ARP_NOTIFY(in_dev))
1460 break;
1461 /* fall through */
1462 case NETDEV_NOTIFY_PEERS:
1463 /* Send gratuitous ARP to notify of link change */
1464 inetdev_send_gratuitous_arp(dev, in_dev);
1465 break;
1466 case NETDEV_DOWN:
1467 ip_mc_down(in_dev);
1468 break;
1469 case NETDEV_PRE_TYPE_CHANGE:
1470 ip_mc_unmap(in_dev);
1471 break;
1472 case NETDEV_POST_TYPE_CHANGE:
1473 ip_mc_remap(in_dev);
1474 break;
1475 case NETDEV_CHANGEMTU:
1476 if (inetdev_valid_mtu(dev->mtu))
1477 break;
1478 /* disable IP when MTU is not enough */
1479 case NETDEV_UNREGISTER:
1480 inetdev_destroy(in_dev);
1481 break;
1482 case NETDEV_CHANGENAME:
1483 /* Do not notify about label change, this event is
1484 * not interesting to applications using netlink.
1485 */
1486 inetdev_changename(dev, in_dev);
1487
1488 devinet_sysctl_unregister(in_dev);
1489 devinet_sysctl_register(in_dev);
1490 break;
1491 }
1492out:
1493 return NOTIFY_DONE;
1494}
1495
1496static struct notifier_block ip_netdev_notifier = {
1497 .notifier_call = inetdev_event,
1498};
1499
1500static size_t inet_nlmsg_size(void)
1501{
1502 return NLMSG_ALIGN(sizeof(struct ifaddrmsg))
1503 + nla_total_size(4) /* IFA_ADDRESS */
1504 + nla_total_size(4) /* IFA_LOCAL */
1505 + nla_total_size(4) /* IFA_BROADCAST */
1506 + nla_total_size(IFNAMSIZ) /* IFA_LABEL */
1507 + nla_total_size(4) /* IFA_FLAGS */
1508 + nla_total_size(sizeof(struct ifa_cacheinfo)); /* IFA_CACHEINFO */
1509}
1510
1511static inline u32 cstamp_delta(unsigned long cstamp)
1512{
1513 return (cstamp - INITIAL_JIFFIES) * 100UL / HZ;
1514}
1515
1516static int put_cacheinfo(struct sk_buff *skb, unsigned long cstamp,
1517 unsigned long tstamp, u32 preferred, u32 valid)
1518{
1519 struct ifa_cacheinfo ci;
1520
1521 ci.cstamp = cstamp_delta(cstamp);
1522 ci.tstamp = cstamp_delta(tstamp);
1523 ci.ifa_prefered = preferred;
1524 ci.ifa_valid = valid;
1525
1526 return nla_put(skb, IFA_CACHEINFO, sizeof(ci), &ci);
1527}
1528
1529static int inet_fill_ifaddr(struct sk_buff *skb, struct in_ifaddr *ifa,
1530 u32 portid, u32 seq, int event, unsigned int flags)
1531{
1532 struct ifaddrmsg *ifm;
1533 struct nlmsghdr *nlh;
1534 u32 preferred, valid;
1535
1536 nlh = nlmsg_put(skb, portid, seq, event, sizeof(*ifm), flags);
1537 if (!nlh)
1538 return -EMSGSIZE;
1539
1540 ifm = nlmsg_data(nlh);
1541 ifm->ifa_family = AF_INET;
1542 ifm->ifa_prefixlen = ifa->ifa_prefixlen;
1543 ifm->ifa_flags = ifa->ifa_flags;
1544 ifm->ifa_scope = ifa->ifa_scope;
1545 ifm->ifa_index = ifa->ifa_dev->dev->ifindex;
1546
1547 if (!(ifm->ifa_flags & IFA_F_PERMANENT)) {
1548 preferred = ifa->ifa_preferred_lft;
1549 valid = ifa->ifa_valid_lft;
1550 if (preferred != INFINITY_LIFE_TIME) {
1551 long tval = (jiffies - ifa->ifa_tstamp) / HZ;
1552
1553 if (preferred > tval)
1554 preferred -= tval;
1555 else
1556 preferred = 0;
1557 if (valid != INFINITY_LIFE_TIME) {
1558 if (valid > tval)
1559 valid -= tval;
1560 else
1561 valid = 0;
1562 }
1563 }
1564 } else {
1565 preferred = INFINITY_LIFE_TIME;
1566 valid = INFINITY_LIFE_TIME;
1567 }
1568 if ((ifa->ifa_address &&
1569 nla_put_in_addr(skb, IFA_ADDRESS, ifa->ifa_address)) ||
1570 (ifa->ifa_local &&
1571 nla_put_in_addr(skb, IFA_LOCAL, ifa->ifa_local)) ||
1572 (ifa->ifa_broadcast &&
1573 nla_put_in_addr(skb, IFA_BROADCAST, ifa->ifa_broadcast)) ||
1574 (ifa->ifa_label[0] &&
1575 nla_put_string(skb, IFA_LABEL, ifa->ifa_label)) ||
1576 nla_put_u32(skb, IFA_FLAGS, ifa->ifa_flags) ||
1577 put_cacheinfo(skb, ifa->ifa_cstamp, ifa->ifa_tstamp,
1578 preferred, valid))
1579 goto nla_put_failure;
1580
1581 nlmsg_end(skb, nlh);
1582 return 0;
1583
1584nla_put_failure:
1585 nlmsg_cancel(skb, nlh);
1586 return -EMSGSIZE;
1587}
1588
1589static int inet_dump_ifaddr(struct sk_buff *skb, struct netlink_callback *cb)
1590{
1591 struct net *net = sock_net(skb->sk);
1592 int h, s_h;
1593 int idx, s_idx;
1594 int ip_idx, s_ip_idx;
1595 struct net_device *dev;
1596 struct in_device *in_dev;
1597 struct in_ifaddr *ifa;
1598 struct hlist_head *head;
1599
1600 s_h = cb->args[0];
1601 s_idx = idx = cb->args[1];
1602 s_ip_idx = ip_idx = cb->args[2];
1603
1604 for (h = s_h; h < NETDEV_HASHENTRIES; h++, s_idx = 0) {
1605 idx = 0;
1606 head = &net->dev_index_head[h];
1607 rcu_read_lock();
1608 cb->seq = atomic_read(&net->ipv4.dev_addr_genid) ^
1609 net->dev_base_seq;
1610 hlist_for_each_entry_rcu(dev, head, index_hlist) {
1611 if (idx < s_idx)
1612 goto cont;
1613 if (h > s_h || idx > s_idx)
1614 s_ip_idx = 0;
1615 in_dev = __in_dev_get_rcu(dev);
1616 if (!in_dev)
1617 goto cont;
1618
1619 for (ifa = in_dev->ifa_list, ip_idx = 0; ifa;
1620 ifa = ifa->ifa_next, ip_idx++) {
1621 if (ip_idx < s_ip_idx)
1622 continue;
1623 if (inet_fill_ifaddr(skb, ifa,
1624 NETLINK_CB(cb->skb).portid,
1625 cb->nlh->nlmsg_seq,
1626 RTM_NEWADDR, NLM_F_MULTI) < 0) {
1627 rcu_read_unlock();
1628 goto done;
1629 }
1630 nl_dump_check_consistent(cb, nlmsg_hdr(skb));
1631 }
1632cont:
1633 idx++;
1634 }
1635 rcu_read_unlock();
1636 }
1637
1638done:
1639 cb->args[0] = h;
1640 cb->args[1] = idx;
1641 cb->args[2] = ip_idx;
1642
1643 return skb->len;
1644}
1645
1646static void rtmsg_ifa(int event, struct in_ifaddr *ifa, struct nlmsghdr *nlh,
1647 u32 portid)
1648{
1649 struct sk_buff *skb;
1650 u32 seq = nlh ? nlh->nlmsg_seq : 0;
1651 int err = -ENOBUFS;
1652 struct net *net;
1653
1654 net = dev_net(ifa->ifa_dev->dev);
1655 skb = nlmsg_new(inet_nlmsg_size(), GFP_KERNEL);
1656 if (!skb)
1657 goto errout;
1658
1659 err = inet_fill_ifaddr(skb, ifa, portid, seq, event, 0);
1660 if (err < 0) {
1661 /* -EMSGSIZE implies BUG in inet_nlmsg_size() */
1662 WARN_ON(err == -EMSGSIZE);
1663 kfree_skb(skb);
1664 goto errout;
1665 }
1666 rtnl_notify(skb, net, portid, RTNLGRP_IPV4_IFADDR, nlh, GFP_KERNEL);
1667 return;
1668errout:
1669 if (err < 0)
1670 rtnl_set_sk_err(net, RTNLGRP_IPV4_IFADDR, err);
1671}
1672
1673static size_t inet_get_link_af_size(const struct net_device *dev,
1674 u32 ext_filter_mask)
1675{
1676 struct in_device *in_dev = rcu_dereference_rtnl(dev->ip_ptr);
1677
1678 if (!in_dev)
1679 return 0;
1680
1681 return nla_total_size(IPV4_DEVCONF_MAX * 4); /* IFLA_INET_CONF */
1682}
1683
1684static int inet_fill_link_af(struct sk_buff *skb, const struct net_device *dev,
1685 u32 ext_filter_mask)
1686{
1687 struct in_device *in_dev = rcu_dereference_rtnl(dev->ip_ptr);
1688 struct nlattr *nla;
1689 int i;
1690
1691 if (!in_dev)
1692 return -ENODATA;
1693
1694 nla = nla_reserve(skb, IFLA_INET_CONF, IPV4_DEVCONF_MAX * 4);
1695 if (!nla)
1696 return -EMSGSIZE;
1697
1698 for (i = 0; i < IPV4_DEVCONF_MAX; i++)
1699 ((u32 *) nla_data(nla))[i] = in_dev->cnf.data[i];
1700
1701 return 0;
1702}
1703
1704static const struct nla_policy inet_af_policy[IFLA_INET_MAX+1] = {
1705 [IFLA_INET_CONF] = { .type = NLA_NESTED },
1706};
1707
1708static int inet_validate_link_af(const struct net_device *dev,
1709 const struct nlattr *nla)
1710{
1711 struct nlattr *a, *tb[IFLA_INET_MAX+1];
1712 int err, rem;
1713
1714 if (dev && !__in_dev_get_rtnl(dev))
1715 return -EAFNOSUPPORT;
1716
1717 err = nla_parse_nested(tb, IFLA_INET_MAX, nla, inet_af_policy);
1718 if (err < 0)
1719 return err;
1720
1721 if (tb[IFLA_INET_CONF]) {
1722 nla_for_each_nested(a, tb[IFLA_INET_CONF], rem) {
1723 int cfgid = nla_type(a);
1724
1725 if (nla_len(a) < 4)
1726 return -EINVAL;
1727
1728 if (cfgid <= 0 || cfgid > IPV4_DEVCONF_MAX)
1729 return -EINVAL;
1730 }
1731 }
1732
1733 return 0;
1734}
1735
1736static int inet_set_link_af(struct net_device *dev, const struct nlattr *nla)
1737{
1738 struct in_device *in_dev = __in_dev_get_rtnl(dev);
1739 struct nlattr *a, *tb[IFLA_INET_MAX+1];
1740 int rem;
1741
1742 if (!in_dev)
1743 return -EAFNOSUPPORT;
1744
1745 if (nla_parse_nested(tb, IFLA_INET_MAX, nla, NULL) < 0)
1746 BUG();
1747
1748 if (tb[IFLA_INET_CONF]) {
1749 nla_for_each_nested(a, tb[IFLA_INET_CONF], rem)
1750 ipv4_devconf_set(in_dev, nla_type(a), nla_get_u32(a));
1751 }
1752
1753 return 0;
1754}
1755
1756static int inet_netconf_msgsize_devconf(int type)
1757{
1758 int size = NLMSG_ALIGN(sizeof(struct netconfmsg))
1759 + nla_total_size(4); /* NETCONFA_IFINDEX */
1760 bool all = false;
1761
1762 if (type == NETCONFA_ALL)
1763 all = true;
1764
1765 if (all || type == NETCONFA_FORWARDING)
1766 size += nla_total_size(4);
1767 if (all || type == NETCONFA_RP_FILTER)
1768 size += nla_total_size(4);
1769 if (all || type == NETCONFA_MC_FORWARDING)
1770 size += nla_total_size(4);
1771 if (all || type == NETCONFA_PROXY_NEIGH)
1772 size += nla_total_size(4);
1773 if (all || type == NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN)
1774 size += nla_total_size(4);
1775
1776 return size;
1777}
1778
1779static int inet_netconf_fill_devconf(struct sk_buff *skb, int ifindex,
1780 struct ipv4_devconf *devconf, u32 portid,
1781 u32 seq, int event, unsigned int flags,
1782 int type)
1783{
1784 struct nlmsghdr *nlh;
1785 struct netconfmsg *ncm;
1786 bool all = false;
1787
1788 nlh = nlmsg_put(skb, portid, seq, event, sizeof(struct netconfmsg),
1789 flags);
1790 if (!nlh)
1791 return -EMSGSIZE;
1792
1793 if (type == NETCONFA_ALL)
1794 all = true;
1795
1796 ncm = nlmsg_data(nlh);
1797 ncm->ncm_family = AF_INET;
1798
1799 if (nla_put_s32(skb, NETCONFA_IFINDEX, ifindex) < 0)
1800 goto nla_put_failure;
1801
1802 if ((all || type == NETCONFA_FORWARDING) &&
1803 nla_put_s32(skb, NETCONFA_FORWARDING,
1804 IPV4_DEVCONF(*devconf, FORWARDING)) < 0)
1805 goto nla_put_failure;
1806 if ((all || type == NETCONFA_RP_FILTER) &&
1807 nla_put_s32(skb, NETCONFA_RP_FILTER,
1808 IPV4_DEVCONF(*devconf, RP_FILTER)) < 0)
1809 goto nla_put_failure;
1810 if ((all || type == NETCONFA_MC_FORWARDING) &&
1811 nla_put_s32(skb, NETCONFA_MC_FORWARDING,
1812 IPV4_DEVCONF(*devconf, MC_FORWARDING)) < 0)
1813 goto nla_put_failure;
1814 if ((all || type == NETCONFA_PROXY_NEIGH) &&
1815 nla_put_s32(skb, NETCONFA_PROXY_NEIGH,
1816 IPV4_DEVCONF(*devconf, PROXY_ARP)) < 0)
1817 goto nla_put_failure;
1818 if ((all || type == NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN) &&
1819 nla_put_s32(skb, NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN,
1820 IPV4_DEVCONF(*devconf, IGNORE_ROUTES_WITH_LINKDOWN)) < 0)
1821 goto nla_put_failure;
1822
1823 nlmsg_end(skb, nlh);
1824 return 0;
1825
1826nla_put_failure:
1827 nlmsg_cancel(skb, nlh);
1828 return -EMSGSIZE;
1829}
1830
1831void inet_netconf_notify_devconf(struct net *net, int type, int ifindex,
1832 struct ipv4_devconf *devconf)
1833{
1834 struct sk_buff *skb;
1835 int err = -ENOBUFS;
1836
1837 skb = nlmsg_new(inet_netconf_msgsize_devconf(type), GFP_ATOMIC);
1838 if (!skb)
1839 goto errout;
1840
1841 err = inet_netconf_fill_devconf(skb, ifindex, devconf, 0, 0,
1842 RTM_NEWNETCONF, 0, type);
1843 if (err < 0) {
1844 /* -EMSGSIZE implies BUG in inet_netconf_msgsize_devconf() */
1845 WARN_ON(err == -EMSGSIZE);
1846 kfree_skb(skb);
1847 goto errout;
1848 }
1849 rtnl_notify(skb, net, 0, RTNLGRP_IPV4_NETCONF, NULL, GFP_ATOMIC);
1850 return;
1851errout:
1852 if (err < 0)
1853 rtnl_set_sk_err(net, RTNLGRP_IPV4_NETCONF, err);
1854}
1855
1856static const struct nla_policy devconf_ipv4_policy[NETCONFA_MAX+1] = {
1857 [NETCONFA_IFINDEX] = { .len = sizeof(int) },
1858 [NETCONFA_FORWARDING] = { .len = sizeof(int) },
1859 [NETCONFA_RP_FILTER] = { .len = sizeof(int) },
1860 [NETCONFA_PROXY_NEIGH] = { .len = sizeof(int) },
1861 [NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN] = { .len = sizeof(int) },
1862};
1863
1864static int inet_netconf_get_devconf(struct sk_buff *in_skb,
1865 struct nlmsghdr *nlh)
1866{
1867 struct net *net = sock_net(in_skb->sk);
1868 struct nlattr *tb[NETCONFA_MAX+1];
1869 struct netconfmsg *ncm;
1870 struct sk_buff *skb;
1871 struct ipv4_devconf *devconf;
1872 struct in_device *in_dev;
1873 struct net_device *dev;
1874 int ifindex;
1875 int err;
1876
1877 err = nlmsg_parse(nlh, sizeof(*ncm), tb, NETCONFA_MAX,
1878 devconf_ipv4_policy);
1879 if (err < 0)
1880 goto errout;
1881
1882 err = -EINVAL;
1883 if (!tb[NETCONFA_IFINDEX])
1884 goto errout;
1885
1886 ifindex = nla_get_s32(tb[NETCONFA_IFINDEX]);
1887 switch (ifindex) {
1888 case NETCONFA_IFINDEX_ALL:
1889 devconf = net->ipv4.devconf_all;
1890 break;
1891 case NETCONFA_IFINDEX_DEFAULT:
1892 devconf = net->ipv4.devconf_dflt;
1893 break;
1894 default:
1895 dev = __dev_get_by_index(net, ifindex);
1896 if (!dev)
1897 goto errout;
1898 in_dev = __in_dev_get_rtnl(dev);
1899 if (!in_dev)
1900 goto errout;
1901 devconf = &in_dev->cnf;
1902 break;
1903 }
1904
1905 err = -ENOBUFS;
1906 skb = nlmsg_new(inet_netconf_msgsize_devconf(NETCONFA_ALL), GFP_ATOMIC);
1907 if (!skb)
1908 goto errout;
1909
1910 err = inet_netconf_fill_devconf(skb, ifindex, devconf,
1911 NETLINK_CB(in_skb).portid,
1912 nlh->nlmsg_seq, RTM_NEWNETCONF, 0,
1913 NETCONFA_ALL);
1914 if (err < 0) {
1915 /* -EMSGSIZE implies BUG in inet_netconf_msgsize_devconf() */
1916 WARN_ON(err == -EMSGSIZE);
1917 kfree_skb(skb);
1918 goto errout;
1919 }
1920 err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).portid);
1921errout:
1922 return err;
1923}
1924
1925static int inet_netconf_dump_devconf(struct sk_buff *skb,
1926 struct netlink_callback *cb)
1927{
1928 struct net *net = sock_net(skb->sk);
1929 int h, s_h;
1930 int idx, s_idx;
1931 struct net_device *dev;
1932 struct in_device *in_dev;
1933 struct hlist_head *head;
1934
1935 s_h = cb->args[0];
1936 s_idx = idx = cb->args[1];
1937
1938 for (h = s_h; h < NETDEV_HASHENTRIES; h++, s_idx = 0) {
1939 idx = 0;
1940 head = &net->dev_index_head[h];
1941 rcu_read_lock();
1942 cb->seq = atomic_read(&net->ipv4.dev_addr_genid) ^
1943 net->dev_base_seq;
1944 hlist_for_each_entry_rcu(dev, head, index_hlist) {
1945 if (idx < s_idx)
1946 goto cont;
1947 in_dev = __in_dev_get_rcu(dev);
1948 if (!in_dev)
1949 goto cont;
1950
1951 if (inet_netconf_fill_devconf(skb, dev->ifindex,
1952 &in_dev->cnf,
1953 NETLINK_CB(cb->skb).portid,
1954 cb->nlh->nlmsg_seq,
1955 RTM_NEWNETCONF,
1956 NLM_F_MULTI,
1957 NETCONFA_ALL) < 0) {
1958 rcu_read_unlock();
1959 goto done;
1960 }
1961 nl_dump_check_consistent(cb, nlmsg_hdr(skb));
1962cont:
1963 idx++;
1964 }
1965 rcu_read_unlock();
1966 }
1967 if (h == NETDEV_HASHENTRIES) {
1968 if (inet_netconf_fill_devconf(skb, NETCONFA_IFINDEX_ALL,
1969 net->ipv4.devconf_all,
1970 NETLINK_CB(cb->skb).portid,
1971 cb->nlh->nlmsg_seq,
1972 RTM_NEWNETCONF, NLM_F_MULTI,
1973 NETCONFA_ALL) < 0)
1974 goto done;
1975 else
1976 h++;
1977 }
1978 if (h == NETDEV_HASHENTRIES + 1) {
1979 if (inet_netconf_fill_devconf(skb, NETCONFA_IFINDEX_DEFAULT,
1980 net->ipv4.devconf_dflt,
1981 NETLINK_CB(cb->skb).portid,
1982 cb->nlh->nlmsg_seq,
1983 RTM_NEWNETCONF, NLM_F_MULTI,
1984 NETCONFA_ALL) < 0)
1985 goto done;
1986 else
1987 h++;
1988 }
1989done:
1990 cb->args[0] = h;
1991 cb->args[1] = idx;
1992
1993 return skb->len;
1994}
1995
1996#ifdef CONFIG_SYSCTL
1997
1998static void devinet_copy_dflt_conf(struct net *net, int i)
1999{
2000 struct net_device *dev;
2001
2002 rcu_read_lock();
2003 for_each_netdev_rcu(net, dev) {
2004 struct in_device *in_dev;
2005
2006 in_dev = __in_dev_get_rcu(dev);
2007 if (in_dev && !test_bit(i, in_dev->cnf.state))
2008 in_dev->cnf.data[i] = net->ipv4.devconf_dflt->data[i];
2009 }
2010 rcu_read_unlock();
2011}
2012
2013/* called with RTNL locked */
2014static void inet_forward_change(struct net *net)
2015{
2016 struct net_device *dev;
2017 int on = IPV4_DEVCONF_ALL(net, FORWARDING);
2018
2019 IPV4_DEVCONF_ALL(net, ACCEPT_REDIRECTS) = !on;
2020 IPV4_DEVCONF_DFLT(net, FORWARDING) = on;
2021 inet_netconf_notify_devconf(net, NETCONFA_FORWARDING,
2022 NETCONFA_IFINDEX_ALL,
2023 net->ipv4.devconf_all);
2024 inet_netconf_notify_devconf(net, NETCONFA_FORWARDING,
2025 NETCONFA_IFINDEX_DEFAULT,
2026 net->ipv4.devconf_dflt);
2027
2028 for_each_netdev(net, dev) {
2029 struct in_device *in_dev;
2030 if (on)
2031 dev_disable_lro(dev);
2032 rcu_read_lock();
2033 in_dev = __in_dev_get_rcu(dev);
2034 if (in_dev) {
2035 IN_DEV_CONF_SET(in_dev, FORWARDING, on);
2036 inet_netconf_notify_devconf(net, NETCONFA_FORWARDING,
2037 dev->ifindex, &in_dev->cnf);
2038 }
2039 rcu_read_unlock();
2040 }
2041}
2042
2043static int devinet_conf_ifindex(struct net *net, struct ipv4_devconf *cnf)
2044{
2045 if (cnf == net->ipv4.devconf_dflt)
2046 return NETCONFA_IFINDEX_DEFAULT;
2047 else if (cnf == net->ipv4.devconf_all)
2048 return NETCONFA_IFINDEX_ALL;
2049 else {
2050 struct in_device *idev
2051 = container_of(cnf, struct in_device, cnf);
2052 return idev->dev->ifindex;
2053 }
2054}
2055
2056static int devinet_conf_proc(struct ctl_table *ctl, int write,
2057 void __user *buffer,
2058 size_t *lenp, loff_t *ppos)
2059{
2060 int old_value = *(int *)ctl->data;
2061 int ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
2062 int new_value = *(int *)ctl->data;
2063
2064 if (write) {
2065 struct ipv4_devconf *cnf = ctl->extra1;
2066 struct net *net = ctl->extra2;
2067 int i = (int *)ctl->data - cnf->data;
2068 int ifindex;
2069
2070 set_bit(i, cnf->state);
2071
2072 if (cnf == net->ipv4.devconf_dflt)
2073 devinet_copy_dflt_conf(net, i);
2074 if (i == IPV4_DEVCONF_ACCEPT_LOCAL - 1 ||
2075 i == IPV4_DEVCONF_ROUTE_LOCALNET - 1)
2076 if ((new_value == 0) && (old_value != 0))
2077 rt_cache_flush(net);
2078
2079 if (i == IPV4_DEVCONF_RP_FILTER - 1 &&
2080 new_value != old_value) {
2081 ifindex = devinet_conf_ifindex(net, cnf);
2082 inet_netconf_notify_devconf(net, NETCONFA_RP_FILTER,
2083 ifindex, cnf);
2084 }
2085 if (i == IPV4_DEVCONF_PROXY_ARP - 1 &&
2086 new_value != old_value) {
2087 ifindex = devinet_conf_ifindex(net, cnf);
2088 inet_netconf_notify_devconf(net, NETCONFA_PROXY_NEIGH,
2089 ifindex, cnf);
2090 }
2091 if (i == IPV4_DEVCONF_IGNORE_ROUTES_WITH_LINKDOWN - 1 &&
2092 new_value != old_value) {
2093 ifindex = devinet_conf_ifindex(net, cnf);
2094 inet_netconf_notify_devconf(net, NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN,
2095 ifindex, cnf);
2096 }
2097 }
2098
2099 return ret;
2100}
2101
2102static int devinet_sysctl_forward(struct ctl_table *ctl, int write,
2103 void __user *buffer,
2104 size_t *lenp, loff_t *ppos)
2105{
2106 int *valp = ctl->data;
2107 int val = *valp;
2108 loff_t pos = *ppos;
2109 int ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
2110
2111 if (write && *valp != val) {
2112 struct net *net = ctl->extra2;
2113
2114 if (valp != &IPV4_DEVCONF_DFLT(net, FORWARDING)) {
2115 if (!rtnl_trylock()) {
2116 /* Restore the original values before restarting */
2117 *valp = val;
2118 *ppos = pos;
2119 return restart_syscall();
2120 }
2121 if (valp == &IPV4_DEVCONF_ALL(net, FORWARDING)) {
2122 inet_forward_change(net);
2123 } else {
2124 struct ipv4_devconf *cnf = ctl->extra1;
2125 struct in_device *idev =
2126 container_of(cnf, struct in_device, cnf);
2127 if (*valp)
2128 dev_disable_lro(idev->dev);
2129 inet_netconf_notify_devconf(net,
2130 NETCONFA_FORWARDING,
2131 idev->dev->ifindex,
2132 cnf);
2133 }
2134 rtnl_unlock();
2135 rt_cache_flush(net);
2136 } else
2137 inet_netconf_notify_devconf(net, NETCONFA_FORWARDING,
2138 NETCONFA_IFINDEX_DEFAULT,
2139 net->ipv4.devconf_dflt);
2140 }
2141
2142 return ret;
2143}
2144
2145static int ipv4_doint_and_flush(struct ctl_table *ctl, int write,
2146 void __user *buffer,
2147 size_t *lenp, loff_t *ppos)
2148{
2149 int *valp = ctl->data;
2150 int val = *valp;
2151 int ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
2152 struct net *net = ctl->extra2;
2153
2154 if (write && *valp != val)
2155 rt_cache_flush(net);
2156
2157 return ret;
2158}
2159
2160#define DEVINET_SYSCTL_ENTRY(attr, name, mval, proc) \
2161 { \
2162 .procname = name, \
2163 .data = ipv4_devconf.data + \
2164 IPV4_DEVCONF_ ## attr - 1, \
2165 .maxlen = sizeof(int), \
2166 .mode = mval, \
2167 .proc_handler = proc, \
2168 .extra1 = &ipv4_devconf, \
2169 }
2170
2171#define DEVINET_SYSCTL_RW_ENTRY(attr, name) \
2172 DEVINET_SYSCTL_ENTRY(attr, name, 0644, devinet_conf_proc)
2173
2174#define DEVINET_SYSCTL_RO_ENTRY(attr, name) \
2175 DEVINET_SYSCTL_ENTRY(attr, name, 0444, devinet_conf_proc)
2176
2177#define DEVINET_SYSCTL_COMPLEX_ENTRY(attr, name, proc) \
2178 DEVINET_SYSCTL_ENTRY(attr, name, 0644, proc)
2179
2180#define DEVINET_SYSCTL_FLUSHING_ENTRY(attr, name) \
2181 DEVINET_SYSCTL_COMPLEX_ENTRY(attr, name, ipv4_doint_and_flush)
2182
2183static struct devinet_sysctl_table {
2184 struct ctl_table_header *sysctl_header;
2185 struct ctl_table devinet_vars[__IPV4_DEVCONF_MAX];
2186} devinet_sysctl = {
2187 .devinet_vars = {
2188 DEVINET_SYSCTL_COMPLEX_ENTRY(FORWARDING, "forwarding",
2189 devinet_sysctl_forward),
2190 DEVINET_SYSCTL_RO_ENTRY(MC_FORWARDING, "mc_forwarding"),
2191
2192 DEVINET_SYSCTL_RW_ENTRY(ACCEPT_REDIRECTS, "accept_redirects"),
2193 DEVINET_SYSCTL_RW_ENTRY(SECURE_REDIRECTS, "secure_redirects"),
2194 DEVINET_SYSCTL_RW_ENTRY(SHARED_MEDIA, "shared_media"),
2195 DEVINET_SYSCTL_RW_ENTRY(RP_FILTER, "rp_filter"),
2196 DEVINET_SYSCTL_RW_ENTRY(SEND_REDIRECTS, "send_redirects"),
2197 DEVINET_SYSCTL_RW_ENTRY(ACCEPT_SOURCE_ROUTE,
2198 "accept_source_route"),
2199 DEVINET_SYSCTL_RW_ENTRY(ACCEPT_LOCAL, "accept_local"),
2200 DEVINET_SYSCTL_RW_ENTRY(SRC_VMARK, "src_valid_mark"),
2201 DEVINET_SYSCTL_RW_ENTRY(PROXY_ARP, "proxy_arp"),
2202 DEVINET_SYSCTL_RW_ENTRY(MEDIUM_ID, "medium_id"),
2203 DEVINET_SYSCTL_RW_ENTRY(BOOTP_RELAY, "bootp_relay"),
2204 DEVINET_SYSCTL_RW_ENTRY(LOG_MARTIANS, "log_martians"),
2205 DEVINET_SYSCTL_RW_ENTRY(TAG, "tag"),
2206 DEVINET_SYSCTL_RW_ENTRY(ARPFILTER, "arp_filter"),
2207 DEVINET_SYSCTL_RW_ENTRY(ARP_ANNOUNCE, "arp_announce"),
2208 DEVINET_SYSCTL_RW_ENTRY(ARP_IGNORE, "arp_ignore"),
2209 DEVINET_SYSCTL_RW_ENTRY(ARP_ACCEPT, "arp_accept"),
2210 DEVINET_SYSCTL_RW_ENTRY(ARP_NOTIFY, "arp_notify"),
2211 DEVINET_SYSCTL_RW_ENTRY(PROXY_ARP_PVLAN, "proxy_arp_pvlan"),
2212 DEVINET_SYSCTL_RW_ENTRY(FORCE_IGMP_VERSION,
2213 "force_igmp_version"),
2214 DEVINET_SYSCTL_RW_ENTRY(IGMPV2_UNSOLICITED_REPORT_INTERVAL,
2215 "igmpv2_unsolicited_report_interval"),
2216 DEVINET_SYSCTL_RW_ENTRY(IGMPV3_UNSOLICITED_REPORT_INTERVAL,
2217 "igmpv3_unsolicited_report_interval"),
2218 DEVINET_SYSCTL_RW_ENTRY(IGNORE_ROUTES_WITH_LINKDOWN,
2219 "ignore_routes_with_linkdown"),
2220 DEVINET_SYSCTL_RW_ENTRY(DROP_GRATUITOUS_ARP,
2221 "drop_gratuitous_arp"),
2222
2223 DEVINET_SYSCTL_FLUSHING_ENTRY(NOXFRM, "disable_xfrm"),
2224 DEVINET_SYSCTL_FLUSHING_ENTRY(NOPOLICY, "disable_policy"),
2225 DEVINET_SYSCTL_FLUSHING_ENTRY(PROMOTE_SECONDARIES,
2226 "promote_secondaries"),
2227 DEVINET_SYSCTL_FLUSHING_ENTRY(ROUTE_LOCALNET,
2228 "route_localnet"),
2229 DEVINET_SYSCTL_FLUSHING_ENTRY(DROP_UNICAST_IN_L2_MULTICAST,
2230 "drop_unicast_in_l2_multicast"),
2231 },
2232};
2233
2234static int __devinet_sysctl_register(struct net *net, char *dev_name,
2235 struct ipv4_devconf *p)
2236{
2237 int i;
2238 struct devinet_sysctl_table *t;
2239 char path[sizeof("net/ipv4/conf/") + IFNAMSIZ];
2240
2241 t = kmemdup(&devinet_sysctl, sizeof(*t), GFP_KERNEL);
2242 if (!t)
2243 goto out;
2244
2245 for (i = 0; i < ARRAY_SIZE(t->devinet_vars) - 1; i++) {
2246 t->devinet_vars[i].data += (char *)p - (char *)&ipv4_devconf;
2247 t->devinet_vars[i].extra1 = p;
2248 t->devinet_vars[i].extra2 = net;
2249 }
2250
2251 snprintf(path, sizeof(path), "net/ipv4/conf/%s", dev_name);
2252
2253 t->sysctl_header = register_net_sysctl(net, path, t->devinet_vars);
2254 if (!t->sysctl_header)
2255 goto free;
2256
2257 p->sysctl = t;
2258 return 0;
2259
2260free:
2261 kfree(t);
2262out:
2263 return -ENOBUFS;
2264}
2265
2266static void __devinet_sysctl_unregister(struct ipv4_devconf *cnf)
2267{
2268 struct devinet_sysctl_table *t = cnf->sysctl;
2269
2270 if (!t)
2271 return;
2272
2273 cnf->sysctl = NULL;
2274 unregister_net_sysctl_table(t->sysctl_header);
2275 kfree(t);
2276}
2277
2278static int devinet_sysctl_register(struct in_device *idev)
2279{
2280 int err;
2281
2282 if (!sysctl_dev_name_is_allowed(idev->dev->name))
2283 return -EINVAL;
2284
2285 err = neigh_sysctl_register(idev->dev, idev->arp_parms, NULL);
2286 if (err)
2287 return err;
2288 err = __devinet_sysctl_register(dev_net(idev->dev), idev->dev->name,
2289 &idev->cnf);
2290 if (err)
2291 neigh_sysctl_unregister(idev->arp_parms);
2292 return err;
2293}
2294
2295static void devinet_sysctl_unregister(struct in_device *idev)
2296{
2297 __devinet_sysctl_unregister(&idev->cnf);
2298 neigh_sysctl_unregister(idev->arp_parms);
2299}
2300
2301static struct ctl_table ctl_forward_entry[] = {
2302 {
2303 .procname = "ip_forward",
2304 .data = &ipv4_devconf.data[
2305 IPV4_DEVCONF_FORWARDING - 1],
2306 .maxlen = sizeof(int),
2307 .mode = 0644,
2308 .proc_handler = devinet_sysctl_forward,
2309 .extra1 = &ipv4_devconf,
2310 .extra2 = &init_net,
2311 },
2312 { },
2313};
2314#endif
2315
2316static __net_init int devinet_init_net(struct net *net)
2317{
2318 int err;
2319 struct ipv4_devconf *all, *dflt;
2320#ifdef CONFIG_SYSCTL
2321 struct ctl_table *tbl = ctl_forward_entry;
2322 struct ctl_table_header *forw_hdr;
2323#endif
2324
2325 err = -ENOMEM;
2326 all = &ipv4_devconf;
2327 dflt = &ipv4_devconf_dflt;
2328
2329 if (!net_eq(net, &init_net)) {
2330 all = kmemdup(all, sizeof(ipv4_devconf), GFP_KERNEL);
2331 if (!all)
2332 goto err_alloc_all;
2333
2334 dflt = kmemdup(dflt, sizeof(ipv4_devconf_dflt), GFP_KERNEL);
2335 if (!dflt)
2336 goto err_alloc_dflt;
2337
2338#ifdef CONFIG_SYSCTL
2339 tbl = kmemdup(tbl, sizeof(ctl_forward_entry), GFP_KERNEL);
2340 if (!tbl)
2341 goto err_alloc_ctl;
2342
2343 tbl[0].data = &all->data[IPV4_DEVCONF_FORWARDING - 1];
2344 tbl[0].extra1 = all;
2345 tbl[0].extra2 = net;
2346#endif
2347 }
2348
2349#ifdef CONFIG_SYSCTL
2350 err = __devinet_sysctl_register(net, "all", all);
2351 if (err < 0)
2352 goto err_reg_all;
2353
2354 err = __devinet_sysctl_register(net, "default", dflt);
2355 if (err < 0)
2356 goto err_reg_dflt;
2357
2358 err = -ENOMEM;
2359 forw_hdr = register_net_sysctl(net, "net/ipv4", tbl);
2360 if (!forw_hdr)
2361 goto err_reg_ctl;
2362 net->ipv4.forw_hdr = forw_hdr;
2363#endif
2364
2365 net->ipv4.devconf_all = all;
2366 net->ipv4.devconf_dflt = dflt;
2367 return 0;
2368
2369#ifdef CONFIG_SYSCTL
2370err_reg_ctl:
2371 __devinet_sysctl_unregister(dflt);
2372err_reg_dflt:
2373 __devinet_sysctl_unregister(all);
2374err_reg_all:
2375 if (tbl != ctl_forward_entry)
2376 kfree(tbl);
2377err_alloc_ctl:
2378#endif
2379 if (dflt != &ipv4_devconf_dflt)
2380 kfree(dflt);
2381err_alloc_dflt:
2382 if (all != &ipv4_devconf)
2383 kfree(all);
2384err_alloc_all:
2385 return err;
2386}
2387
2388static __net_exit void devinet_exit_net(struct net *net)
2389{
2390#ifdef CONFIG_SYSCTL
2391 struct ctl_table *tbl;
2392
2393 tbl = net->ipv4.forw_hdr->ctl_table_arg;
2394 unregister_net_sysctl_table(net->ipv4.forw_hdr);
2395 __devinet_sysctl_unregister(net->ipv4.devconf_dflt);
2396 __devinet_sysctl_unregister(net->ipv4.devconf_all);
2397 kfree(tbl);
2398#endif
2399 kfree(net->ipv4.devconf_dflt);
2400 kfree(net->ipv4.devconf_all);
2401}
2402
2403static __net_initdata struct pernet_operations devinet_ops = {
2404 .init = devinet_init_net,
2405 .exit = devinet_exit_net,
2406};
2407
2408static struct rtnl_af_ops inet_af_ops __read_mostly = {
2409 .family = AF_INET,
2410 .fill_link_af = inet_fill_link_af,
2411 .get_link_af_size = inet_get_link_af_size,
2412 .validate_link_af = inet_validate_link_af,
2413 .set_link_af = inet_set_link_af,
2414};
2415
2416void __init devinet_init(void)
2417{
2418 int i;
2419
2420 for (i = 0; i < IN4_ADDR_HSIZE; i++)
2421 INIT_HLIST_HEAD(&inet_addr_lst[i]);
2422
2423 register_pernet_subsys(&devinet_ops);
2424
2425 register_gifconf(PF_INET, inet_gifconf);
2426 register_netdevice_notifier(&ip_netdev_notifier);
2427
2428 queue_delayed_work(system_power_efficient_wq, &check_lifetime_work, 0);
2429
2430 rtnl_af_register(&inet_af_ops);
2431
2432 rtnl_register(PF_INET, RTM_NEWADDR, inet_rtm_newaddr, NULL, NULL);
2433 rtnl_register(PF_INET, RTM_DELADDR, inet_rtm_deladdr, NULL, NULL);
2434 rtnl_register(PF_INET, RTM_GETADDR, NULL, inet_dump_ifaddr, NULL);
2435 rtnl_register(PF_INET, RTM_GETNETCONF, inet_netconf_get_devconf,
2436 inet_netconf_dump_devconf, NULL);
2437}
1// SPDX-License-Identifier: GPL-2.0-or-later
2/*
3 * NET3 IP device support routines.
4 *
5 * Derived from the IP parts of dev.c 1.0.19
6 * Authors: Ross Biro
7 * Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
8 * Mark Evans, <evansmp@uhura.aston.ac.uk>
9 *
10 * Additional Authors:
11 * Alan Cox, <gw4pts@gw4pts.ampr.org>
12 * Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru>
13 *
14 * Changes:
15 * Alexey Kuznetsov: pa_* fields are replaced with ifaddr
16 * lists.
17 * Cyrus Durgin: updated for kmod
18 * Matthias Andree: in devinet_ioctl, compare label and
19 * address (4.4BSD alias style support),
20 * fall back to comparing just the label
21 * if no match found.
22 */
23
24
25#include <linux/uaccess.h>
26#include <linux/bitops.h>
27#include <linux/capability.h>
28#include <linux/module.h>
29#include <linux/types.h>
30#include <linux/kernel.h>
31#include <linux/sched/signal.h>
32#include <linux/string.h>
33#include <linux/mm.h>
34#include <linux/socket.h>
35#include <linux/sockios.h>
36#include <linux/in.h>
37#include <linux/errno.h>
38#include <linux/interrupt.h>
39#include <linux/if_addr.h>
40#include <linux/if_ether.h>
41#include <linux/inet.h>
42#include <linux/netdevice.h>
43#include <linux/etherdevice.h>
44#include <linux/skbuff.h>
45#include <linux/init.h>
46#include <linux/notifier.h>
47#include <linux/inetdevice.h>
48#include <linux/igmp.h>
49#include <linux/slab.h>
50#include <linux/hash.h>
51#ifdef CONFIG_SYSCTL
52#include <linux/sysctl.h>
53#endif
54#include <linux/kmod.h>
55#include <linux/netconf.h>
56
57#include <net/arp.h>
58#include <net/ip.h>
59#include <net/route.h>
60#include <net/ip_fib.h>
61#include <net/rtnetlink.h>
62#include <net/net_namespace.h>
63#include <net/addrconf.h>
64
65#define IPV6ONLY_FLAGS \
66 (IFA_F_NODAD | IFA_F_OPTIMISTIC | IFA_F_DADFAILED | \
67 IFA_F_HOMEADDRESS | IFA_F_TENTATIVE | \
68 IFA_F_MANAGETEMPADDR | IFA_F_STABLE_PRIVACY)
69
70static struct ipv4_devconf ipv4_devconf = {
71 .data = {
72 [IPV4_DEVCONF_ACCEPT_REDIRECTS - 1] = 1,
73 [IPV4_DEVCONF_SEND_REDIRECTS - 1] = 1,
74 [IPV4_DEVCONF_SECURE_REDIRECTS - 1] = 1,
75 [IPV4_DEVCONF_SHARED_MEDIA - 1] = 1,
76 [IPV4_DEVCONF_IGMPV2_UNSOLICITED_REPORT_INTERVAL - 1] = 10000 /*ms*/,
77 [IPV4_DEVCONF_IGMPV3_UNSOLICITED_REPORT_INTERVAL - 1] = 1000 /*ms*/,
78 [IPV4_DEVCONF_ARP_EVICT_NOCARRIER - 1] = 1,
79 },
80};
81
82static struct ipv4_devconf ipv4_devconf_dflt = {
83 .data = {
84 [IPV4_DEVCONF_ACCEPT_REDIRECTS - 1] = 1,
85 [IPV4_DEVCONF_SEND_REDIRECTS - 1] = 1,
86 [IPV4_DEVCONF_SECURE_REDIRECTS - 1] = 1,
87 [IPV4_DEVCONF_SHARED_MEDIA - 1] = 1,
88 [IPV4_DEVCONF_ACCEPT_SOURCE_ROUTE - 1] = 1,
89 [IPV4_DEVCONF_IGMPV2_UNSOLICITED_REPORT_INTERVAL - 1] = 10000 /*ms*/,
90 [IPV4_DEVCONF_IGMPV3_UNSOLICITED_REPORT_INTERVAL - 1] = 1000 /*ms*/,
91 [IPV4_DEVCONF_ARP_EVICT_NOCARRIER - 1] = 1,
92 },
93};
94
95#define IPV4_DEVCONF_DFLT(net, attr) \
96 IPV4_DEVCONF((*net->ipv4.devconf_dflt), attr)
97
98static const struct nla_policy ifa_ipv4_policy[IFA_MAX+1] = {
99 [IFA_LOCAL] = { .type = NLA_U32 },
100 [IFA_ADDRESS] = { .type = NLA_U32 },
101 [IFA_BROADCAST] = { .type = NLA_U32 },
102 [IFA_LABEL] = { .type = NLA_STRING, .len = IFNAMSIZ - 1 },
103 [IFA_CACHEINFO] = { .len = sizeof(struct ifa_cacheinfo) },
104 [IFA_FLAGS] = { .type = NLA_U32 },
105 [IFA_RT_PRIORITY] = { .type = NLA_U32 },
106 [IFA_TARGET_NETNSID] = { .type = NLA_S32 },
107 [IFA_PROTO] = { .type = NLA_U8 },
108};
109
110struct inet_fill_args {
111 u32 portid;
112 u32 seq;
113 int event;
114 unsigned int flags;
115 int netnsid;
116 int ifindex;
117};
118
119#define IN4_ADDR_HSIZE_SHIFT 8
120#define IN4_ADDR_HSIZE (1U << IN4_ADDR_HSIZE_SHIFT)
121
122static u32 inet_addr_hash(const struct net *net, __be32 addr)
123{
124 u32 val = __ipv4_addr_hash(addr, net_hash_mix(net));
125
126 return hash_32(val, IN4_ADDR_HSIZE_SHIFT);
127}
128
129static void inet_hash_insert(struct net *net, struct in_ifaddr *ifa)
130{
131 u32 hash = inet_addr_hash(net, ifa->ifa_local);
132
133 ASSERT_RTNL();
134 hlist_add_head_rcu(&ifa->addr_lst, &net->ipv4.inet_addr_lst[hash]);
135}
136
137static void inet_hash_remove(struct in_ifaddr *ifa)
138{
139 ASSERT_RTNL();
140 hlist_del_init_rcu(&ifa->addr_lst);
141}
142
143/**
144 * __ip_dev_find - find the first device with a given source address.
145 * @net: the net namespace
146 * @addr: the source address
147 * @devref: if true, take a reference on the found device
148 *
149 * If a caller uses devref=false, it should be protected by RCU, or RTNL
150 */
151struct net_device *__ip_dev_find(struct net *net, __be32 addr, bool devref)
152{
153 struct net_device *result = NULL;
154 struct in_ifaddr *ifa;
155
156 rcu_read_lock();
157 ifa = inet_lookup_ifaddr_rcu(net, addr);
158 if (!ifa) {
159 struct flowi4 fl4 = { .daddr = addr };
160 struct fib_result res = { 0 };
161 struct fib_table *local;
162
163 /* Fallback to FIB local table so that communication
164 * over loopback subnets work.
165 */
166 local = fib_get_table(net, RT_TABLE_LOCAL);
167 if (local &&
168 !fib_table_lookup(local, &fl4, &res, FIB_LOOKUP_NOREF) &&
169 res.type == RTN_LOCAL)
170 result = FIB_RES_DEV(res);
171 } else {
172 result = ifa->ifa_dev->dev;
173 }
174 if (result && devref)
175 dev_hold(result);
176 rcu_read_unlock();
177 return result;
178}
179EXPORT_SYMBOL(__ip_dev_find);
180
181/* called under RCU lock */
182struct in_ifaddr *inet_lookup_ifaddr_rcu(struct net *net, __be32 addr)
183{
184 u32 hash = inet_addr_hash(net, addr);
185 struct in_ifaddr *ifa;
186
187 hlist_for_each_entry_rcu(ifa, &net->ipv4.inet_addr_lst[hash], addr_lst)
188 if (ifa->ifa_local == addr)
189 return ifa;
190
191 return NULL;
192}
193
194static void rtmsg_ifa(int event, struct in_ifaddr *, struct nlmsghdr *, u32);
195
196static BLOCKING_NOTIFIER_HEAD(inetaddr_chain);
197static BLOCKING_NOTIFIER_HEAD(inetaddr_validator_chain);
198static void inet_del_ifa(struct in_device *in_dev,
199 struct in_ifaddr __rcu **ifap,
200 int destroy);
201#ifdef CONFIG_SYSCTL
202static int devinet_sysctl_register(struct in_device *idev);
203static void devinet_sysctl_unregister(struct in_device *idev);
204#else
205static int devinet_sysctl_register(struct in_device *idev)
206{
207 return 0;
208}
209static void devinet_sysctl_unregister(struct in_device *idev)
210{
211}
212#endif
213
214/* Locks all the inet devices. */
215
216static struct in_ifaddr *inet_alloc_ifa(struct in_device *in_dev)
217{
218 struct in_ifaddr *ifa;
219
220 ifa = kzalloc(sizeof(*ifa), GFP_KERNEL_ACCOUNT);
221 if (!ifa)
222 return NULL;
223
224 in_dev_hold(in_dev);
225 ifa->ifa_dev = in_dev;
226
227 INIT_HLIST_NODE(&ifa->addr_lst);
228
229 return ifa;
230}
231
232static void inet_rcu_free_ifa(struct rcu_head *head)
233{
234 struct in_ifaddr *ifa = container_of(head, struct in_ifaddr, rcu_head);
235
236 in_dev_put(ifa->ifa_dev);
237 kfree(ifa);
238}
239
240static void inet_free_ifa(struct in_ifaddr *ifa)
241{
242 /* Our reference to ifa->ifa_dev must be freed ASAP
243 * to release the reference to the netdev the same way.
244 * in_dev_put() -> in_dev_finish_destroy() -> netdev_put()
245 */
246 call_rcu_hurry(&ifa->rcu_head, inet_rcu_free_ifa);
247}
248
249static void in_dev_free_rcu(struct rcu_head *head)
250{
251 struct in_device *idev = container_of(head, struct in_device, rcu_head);
252
253 kfree(rcu_dereference_protected(idev->mc_hash, 1));
254 kfree(idev);
255}
256
257void in_dev_finish_destroy(struct in_device *idev)
258{
259 struct net_device *dev = idev->dev;
260
261 WARN_ON(idev->ifa_list);
262 WARN_ON(idev->mc_list);
263#ifdef NET_REFCNT_DEBUG
264 pr_debug("%s: %p=%s\n", __func__, idev, dev ? dev->name : "NIL");
265#endif
266 netdev_put(dev, &idev->dev_tracker);
267 if (!idev->dead)
268 pr_err("Freeing alive in_device %p\n", idev);
269 else
270 call_rcu(&idev->rcu_head, in_dev_free_rcu);
271}
272EXPORT_SYMBOL(in_dev_finish_destroy);
273
274static struct in_device *inetdev_init(struct net_device *dev)
275{
276 struct in_device *in_dev;
277 int err = -ENOMEM;
278
279 ASSERT_RTNL();
280
281 in_dev = kzalloc(sizeof(*in_dev), GFP_KERNEL);
282 if (!in_dev)
283 goto out;
284 memcpy(&in_dev->cnf, dev_net(dev)->ipv4.devconf_dflt,
285 sizeof(in_dev->cnf));
286 in_dev->cnf.sysctl = NULL;
287 in_dev->dev = dev;
288 in_dev->arp_parms = neigh_parms_alloc(dev, &arp_tbl);
289 if (!in_dev->arp_parms)
290 goto out_kfree;
291 if (IPV4_DEVCONF(in_dev->cnf, FORWARDING))
292 dev_disable_lro(dev);
293 /* Reference in_dev->dev */
294 netdev_hold(dev, &in_dev->dev_tracker, GFP_KERNEL);
295 /* Account for reference dev->ip_ptr (below) */
296 refcount_set(&in_dev->refcnt, 1);
297
298 if (dev != blackhole_netdev) {
299 err = devinet_sysctl_register(in_dev);
300 if (err) {
301 in_dev->dead = 1;
302 neigh_parms_release(&arp_tbl, in_dev->arp_parms);
303 in_dev_put(in_dev);
304 in_dev = NULL;
305 goto out;
306 }
307 ip_mc_init_dev(in_dev);
308 if (dev->flags & IFF_UP)
309 ip_mc_up(in_dev);
310 }
311
312 /* we can receive as soon as ip_ptr is set -- do this last */
313 rcu_assign_pointer(dev->ip_ptr, in_dev);
314out:
315 return in_dev ?: ERR_PTR(err);
316out_kfree:
317 kfree(in_dev);
318 in_dev = NULL;
319 goto out;
320}
321
322static void inetdev_destroy(struct in_device *in_dev)
323{
324 struct net_device *dev;
325 struct in_ifaddr *ifa;
326
327 ASSERT_RTNL();
328
329 dev = in_dev->dev;
330
331 in_dev->dead = 1;
332
333 ip_mc_destroy_dev(in_dev);
334
335 while ((ifa = rtnl_dereference(in_dev->ifa_list)) != NULL) {
336 inet_del_ifa(in_dev, &in_dev->ifa_list, 0);
337 inet_free_ifa(ifa);
338 }
339
340 RCU_INIT_POINTER(dev->ip_ptr, NULL);
341
342 devinet_sysctl_unregister(in_dev);
343 neigh_parms_release(&arp_tbl, in_dev->arp_parms);
344 arp_ifdown(dev);
345
346 in_dev_put(in_dev);
347}
348
349static int __init inet_blackhole_dev_init(void)
350{
351 int err = 0;
352
353 rtnl_lock();
354 if (!inetdev_init(blackhole_netdev))
355 err = -ENOMEM;
356 rtnl_unlock();
357
358 return err;
359}
360late_initcall(inet_blackhole_dev_init);
361
362int inet_addr_onlink(struct in_device *in_dev, __be32 a, __be32 b)
363{
364 const struct in_ifaddr *ifa;
365
366 rcu_read_lock();
367 in_dev_for_each_ifa_rcu(ifa, in_dev) {
368 if (inet_ifa_match(a, ifa)) {
369 if (!b || inet_ifa_match(b, ifa)) {
370 rcu_read_unlock();
371 return 1;
372 }
373 }
374 }
375 rcu_read_unlock();
376 return 0;
377}
378
379static void __inet_del_ifa(struct in_device *in_dev,
380 struct in_ifaddr __rcu **ifap,
381 int destroy, struct nlmsghdr *nlh, u32 portid)
382{
383 struct in_ifaddr *promote = NULL;
384 struct in_ifaddr *ifa, *ifa1;
385 struct in_ifaddr __rcu **last_prim;
386 struct in_ifaddr *prev_prom = NULL;
387 int do_promote = IN_DEV_PROMOTE_SECONDARIES(in_dev);
388
389 ASSERT_RTNL();
390
391 ifa1 = rtnl_dereference(*ifap);
392 last_prim = ifap;
393 if (in_dev->dead)
394 goto no_promotions;
395
396 /* 1. Deleting primary ifaddr forces deletion all secondaries
397 * unless alias promotion is set
398 **/
399
400 if (!(ifa1->ifa_flags & IFA_F_SECONDARY)) {
401 struct in_ifaddr __rcu **ifap1 = &ifa1->ifa_next;
402
403 while ((ifa = rtnl_dereference(*ifap1)) != NULL) {
404 if (!(ifa->ifa_flags & IFA_F_SECONDARY) &&
405 ifa1->ifa_scope <= ifa->ifa_scope)
406 last_prim = &ifa->ifa_next;
407
408 if (!(ifa->ifa_flags & IFA_F_SECONDARY) ||
409 ifa1->ifa_mask != ifa->ifa_mask ||
410 !inet_ifa_match(ifa1->ifa_address, ifa)) {
411 ifap1 = &ifa->ifa_next;
412 prev_prom = ifa;
413 continue;
414 }
415
416 if (!do_promote) {
417 inet_hash_remove(ifa);
418 *ifap1 = ifa->ifa_next;
419
420 rtmsg_ifa(RTM_DELADDR, ifa, nlh, portid);
421 blocking_notifier_call_chain(&inetaddr_chain,
422 NETDEV_DOWN, ifa);
423 inet_free_ifa(ifa);
424 } else {
425 promote = ifa;
426 break;
427 }
428 }
429 }
430
431 /* On promotion all secondaries from subnet are changing
432 * the primary IP, we must remove all their routes silently
433 * and later to add them back with new prefsrc. Do this
434 * while all addresses are on the device list.
435 */
436 for (ifa = promote; ifa; ifa = rtnl_dereference(ifa->ifa_next)) {
437 if (ifa1->ifa_mask == ifa->ifa_mask &&
438 inet_ifa_match(ifa1->ifa_address, ifa))
439 fib_del_ifaddr(ifa, ifa1);
440 }
441
442no_promotions:
443 /* 2. Unlink it */
444
445 *ifap = ifa1->ifa_next;
446 inet_hash_remove(ifa1);
447
448 /* 3. Announce address deletion */
449
450 /* Send message first, then call notifier.
451 At first sight, FIB update triggered by notifier
452 will refer to already deleted ifaddr, that could confuse
453 netlink listeners. It is not true: look, gated sees
454 that route deleted and if it still thinks that ifaddr
455 is valid, it will try to restore deleted routes... Grr.
456 So that, this order is correct.
457 */
458 rtmsg_ifa(RTM_DELADDR, ifa1, nlh, portid);
459 blocking_notifier_call_chain(&inetaddr_chain, NETDEV_DOWN, ifa1);
460
461 if (promote) {
462 struct in_ifaddr *next_sec;
463
464 next_sec = rtnl_dereference(promote->ifa_next);
465 if (prev_prom) {
466 struct in_ifaddr *last_sec;
467
468 rcu_assign_pointer(prev_prom->ifa_next, next_sec);
469
470 last_sec = rtnl_dereference(*last_prim);
471 rcu_assign_pointer(promote->ifa_next, last_sec);
472 rcu_assign_pointer(*last_prim, promote);
473 }
474
475 promote->ifa_flags &= ~IFA_F_SECONDARY;
476 rtmsg_ifa(RTM_NEWADDR, promote, nlh, portid);
477 blocking_notifier_call_chain(&inetaddr_chain,
478 NETDEV_UP, promote);
479 for (ifa = next_sec; ifa;
480 ifa = rtnl_dereference(ifa->ifa_next)) {
481 if (ifa1->ifa_mask != ifa->ifa_mask ||
482 !inet_ifa_match(ifa1->ifa_address, ifa))
483 continue;
484 fib_add_ifaddr(ifa);
485 }
486
487 }
488 if (destroy)
489 inet_free_ifa(ifa1);
490}
491
492static void inet_del_ifa(struct in_device *in_dev,
493 struct in_ifaddr __rcu **ifap,
494 int destroy)
495{
496 __inet_del_ifa(in_dev, ifap, destroy, NULL, 0);
497}
498
499static int __inet_insert_ifa(struct in_ifaddr *ifa, struct nlmsghdr *nlh,
500 u32 portid, struct netlink_ext_ack *extack)
501{
502 struct in_ifaddr __rcu **last_primary, **ifap;
503 struct in_device *in_dev = ifa->ifa_dev;
504 struct net *net = dev_net(in_dev->dev);
505 struct in_validator_info ivi;
506 struct in_ifaddr *ifa1;
507 int ret;
508
509 ASSERT_RTNL();
510
511 ifa->ifa_flags &= ~IFA_F_SECONDARY;
512 last_primary = &in_dev->ifa_list;
513
514 /* Don't set IPv6 only flags to IPv4 addresses */
515 ifa->ifa_flags &= ~IPV6ONLY_FLAGS;
516
517 ifap = &in_dev->ifa_list;
518 ifa1 = rtnl_dereference(*ifap);
519
520 while (ifa1) {
521 if (!(ifa1->ifa_flags & IFA_F_SECONDARY) &&
522 ifa->ifa_scope <= ifa1->ifa_scope)
523 last_primary = &ifa1->ifa_next;
524 if (ifa1->ifa_mask == ifa->ifa_mask &&
525 inet_ifa_match(ifa1->ifa_address, ifa)) {
526 if (ifa1->ifa_local == ifa->ifa_local) {
527 inet_free_ifa(ifa);
528 return -EEXIST;
529 }
530 if (ifa1->ifa_scope != ifa->ifa_scope) {
531 NL_SET_ERR_MSG(extack, "ipv4: Invalid scope value");
532 inet_free_ifa(ifa);
533 return -EINVAL;
534 }
535 ifa->ifa_flags |= IFA_F_SECONDARY;
536 }
537
538 ifap = &ifa1->ifa_next;
539 ifa1 = rtnl_dereference(*ifap);
540 }
541
542 /* Allow any devices that wish to register ifaddr validtors to weigh
543 * in now, before changes are committed. The rntl lock is serializing
544 * access here, so the state should not change between a validator call
545 * and a final notify on commit. This isn't invoked on promotion under
546 * the assumption that validators are checking the address itself, and
547 * not the flags.
548 */
549 ivi.ivi_addr = ifa->ifa_address;
550 ivi.ivi_dev = ifa->ifa_dev;
551 ivi.extack = extack;
552 ret = blocking_notifier_call_chain(&inetaddr_validator_chain,
553 NETDEV_UP, &ivi);
554 ret = notifier_to_errno(ret);
555 if (ret) {
556 inet_free_ifa(ifa);
557 return ret;
558 }
559
560 if (!(ifa->ifa_flags & IFA_F_SECONDARY))
561 ifap = last_primary;
562
563 rcu_assign_pointer(ifa->ifa_next, *ifap);
564 rcu_assign_pointer(*ifap, ifa);
565
566 inet_hash_insert(dev_net(in_dev->dev), ifa);
567
568 cancel_delayed_work(&net->ipv4.addr_chk_work);
569 queue_delayed_work(system_power_efficient_wq, &net->ipv4.addr_chk_work, 0);
570
571 /* Send message first, then call notifier.
572 Notifier will trigger FIB update, so that
573 listeners of netlink will know about new ifaddr */
574 rtmsg_ifa(RTM_NEWADDR, ifa, nlh, portid);
575 blocking_notifier_call_chain(&inetaddr_chain, NETDEV_UP, ifa);
576
577 return 0;
578}
579
580static int inet_insert_ifa(struct in_ifaddr *ifa)
581{
582 if (!ifa->ifa_local) {
583 inet_free_ifa(ifa);
584 return 0;
585 }
586
587 return __inet_insert_ifa(ifa, NULL, 0, NULL);
588}
589
590static int inet_set_ifa(struct net_device *dev, struct in_ifaddr *ifa)
591{
592 struct in_device *in_dev = __in_dev_get_rtnl_net(dev);
593
594 ipv4_devconf_setall(in_dev);
595 neigh_parms_data_state_setall(in_dev->arp_parms);
596
597 if (ipv4_is_loopback(ifa->ifa_local))
598 ifa->ifa_scope = RT_SCOPE_HOST;
599 return inet_insert_ifa(ifa);
600}
601
602/* Caller must hold RCU or RTNL :
603 * We dont take a reference on found in_device
604 */
605struct in_device *inetdev_by_index(struct net *net, int ifindex)
606{
607 struct net_device *dev;
608 struct in_device *in_dev = NULL;
609
610 rcu_read_lock();
611 dev = dev_get_by_index_rcu(net, ifindex);
612 if (dev)
613 in_dev = rcu_dereference_rtnl(dev->ip_ptr);
614 rcu_read_unlock();
615 return in_dev;
616}
617EXPORT_SYMBOL(inetdev_by_index);
618
619/* Called only from RTNL semaphored context. No locks. */
620
621struct in_ifaddr *inet_ifa_byprefix(struct in_device *in_dev, __be32 prefix,
622 __be32 mask)
623{
624 struct in_ifaddr *ifa;
625
626 ASSERT_RTNL();
627
628 in_dev_for_each_ifa_rtnl(ifa, in_dev) {
629 if (ifa->ifa_mask == mask && inet_ifa_match(prefix, ifa))
630 return ifa;
631 }
632 return NULL;
633}
634
635static int ip_mc_autojoin_config(struct net *net, bool join,
636 const struct in_ifaddr *ifa)
637{
638#if defined(CONFIG_IP_MULTICAST)
639 struct ip_mreqn mreq = {
640 .imr_multiaddr.s_addr = ifa->ifa_address,
641 .imr_ifindex = ifa->ifa_dev->dev->ifindex,
642 };
643 struct sock *sk = net->ipv4.mc_autojoin_sk;
644 int ret;
645
646 ASSERT_RTNL_NET(net);
647
648 lock_sock(sk);
649 if (join)
650 ret = ip_mc_join_group(sk, &mreq);
651 else
652 ret = ip_mc_leave_group(sk, &mreq);
653 release_sock(sk);
654
655 return ret;
656#else
657 return -EOPNOTSUPP;
658#endif
659}
660
661static int inet_rtm_deladdr(struct sk_buff *skb, struct nlmsghdr *nlh,
662 struct netlink_ext_ack *extack)
663{
664 struct net *net = sock_net(skb->sk);
665 struct in_ifaddr __rcu **ifap;
666 struct nlattr *tb[IFA_MAX+1];
667 struct in_device *in_dev;
668 struct ifaddrmsg *ifm;
669 struct in_ifaddr *ifa;
670 int err;
671
672 err = nlmsg_parse_deprecated(nlh, sizeof(*ifm), tb, IFA_MAX,
673 ifa_ipv4_policy, extack);
674 if (err < 0)
675 goto out;
676
677 ifm = nlmsg_data(nlh);
678
679 rtnl_net_lock(net);
680
681 in_dev = inetdev_by_index(net, ifm->ifa_index);
682 if (!in_dev) {
683 NL_SET_ERR_MSG(extack, "ipv4: Device not found");
684 err = -ENODEV;
685 goto unlock;
686 }
687
688 for (ifap = &in_dev->ifa_list;
689 (ifa = rtnl_net_dereference(net, *ifap)) != NULL;
690 ifap = &ifa->ifa_next) {
691 if (tb[IFA_LOCAL] &&
692 ifa->ifa_local != nla_get_in_addr(tb[IFA_LOCAL]))
693 continue;
694
695 if (tb[IFA_LABEL] && nla_strcmp(tb[IFA_LABEL], ifa->ifa_label))
696 continue;
697
698 if (tb[IFA_ADDRESS] &&
699 (ifm->ifa_prefixlen != ifa->ifa_prefixlen ||
700 !inet_ifa_match(nla_get_in_addr(tb[IFA_ADDRESS]), ifa)))
701 continue;
702
703 if (ipv4_is_multicast(ifa->ifa_address))
704 ip_mc_autojoin_config(net, false, ifa);
705
706 __inet_del_ifa(in_dev, ifap, 1, nlh, NETLINK_CB(skb).portid);
707 goto unlock;
708 }
709
710 NL_SET_ERR_MSG(extack, "ipv4: Address not found");
711 err = -EADDRNOTAVAIL;
712unlock:
713 rtnl_net_unlock(net);
714out:
715 return err;
716}
717
718static void check_lifetime(struct work_struct *work)
719{
720 unsigned long now, next, next_sec, next_sched;
721 struct in_ifaddr *ifa;
722 struct hlist_node *n;
723 struct net *net;
724 int i;
725
726 net = container_of(to_delayed_work(work), struct net, ipv4.addr_chk_work);
727 now = jiffies;
728 next = round_jiffies_up(now + ADDR_CHECK_FREQUENCY);
729
730 for (i = 0; i < IN4_ADDR_HSIZE; i++) {
731 struct hlist_head *head = &net->ipv4.inet_addr_lst[i];
732 bool change_needed = false;
733
734 rcu_read_lock();
735 hlist_for_each_entry_rcu(ifa, head, addr_lst) {
736 unsigned long age, tstamp;
737 u32 preferred_lft;
738 u32 valid_lft;
739 u32 flags;
740
741 flags = READ_ONCE(ifa->ifa_flags);
742 if (flags & IFA_F_PERMANENT)
743 continue;
744
745 preferred_lft = READ_ONCE(ifa->ifa_preferred_lft);
746 valid_lft = READ_ONCE(ifa->ifa_valid_lft);
747 tstamp = READ_ONCE(ifa->ifa_tstamp);
748 /* We try to batch several events at once. */
749 age = (now - tstamp +
750 ADDRCONF_TIMER_FUZZ_MINUS) / HZ;
751
752 if (valid_lft != INFINITY_LIFE_TIME &&
753 age >= valid_lft) {
754 change_needed = true;
755 } else if (preferred_lft ==
756 INFINITY_LIFE_TIME) {
757 continue;
758 } else if (age >= preferred_lft) {
759 if (time_before(tstamp + valid_lft * HZ, next))
760 next = tstamp + valid_lft * HZ;
761
762 if (!(flags & IFA_F_DEPRECATED))
763 change_needed = true;
764 } else if (time_before(tstamp + preferred_lft * HZ,
765 next)) {
766 next = tstamp + preferred_lft * HZ;
767 }
768 }
769 rcu_read_unlock();
770 if (!change_needed)
771 continue;
772
773 rtnl_net_lock(net);
774 hlist_for_each_entry_safe(ifa, n, head, addr_lst) {
775 unsigned long age;
776
777 if (ifa->ifa_flags & IFA_F_PERMANENT)
778 continue;
779
780 /* We try to batch several events at once. */
781 age = (now - ifa->ifa_tstamp +
782 ADDRCONF_TIMER_FUZZ_MINUS) / HZ;
783
784 if (ifa->ifa_valid_lft != INFINITY_LIFE_TIME &&
785 age >= ifa->ifa_valid_lft) {
786 struct in_ifaddr __rcu **ifap;
787 struct in_ifaddr *tmp;
788
789 ifap = &ifa->ifa_dev->ifa_list;
790 tmp = rtnl_net_dereference(net, *ifap);
791 while (tmp) {
792 if (tmp == ifa) {
793 inet_del_ifa(ifa->ifa_dev,
794 ifap, 1);
795 break;
796 }
797 ifap = &tmp->ifa_next;
798 tmp = rtnl_net_dereference(net, *ifap);
799 }
800 } else if (ifa->ifa_preferred_lft !=
801 INFINITY_LIFE_TIME &&
802 age >= ifa->ifa_preferred_lft &&
803 !(ifa->ifa_flags & IFA_F_DEPRECATED)) {
804 ifa->ifa_flags |= IFA_F_DEPRECATED;
805 rtmsg_ifa(RTM_NEWADDR, ifa, NULL, 0);
806 }
807 }
808 rtnl_net_unlock(net);
809 }
810
811 next_sec = round_jiffies_up(next);
812 next_sched = next;
813
814 /* If rounded timeout is accurate enough, accept it. */
815 if (time_before(next_sec, next + ADDRCONF_TIMER_FUZZ))
816 next_sched = next_sec;
817
818 now = jiffies;
819 /* And minimum interval is ADDRCONF_TIMER_FUZZ_MAX. */
820 if (time_before(next_sched, now + ADDRCONF_TIMER_FUZZ_MAX))
821 next_sched = now + ADDRCONF_TIMER_FUZZ_MAX;
822
823 queue_delayed_work(system_power_efficient_wq, &net->ipv4.addr_chk_work,
824 next_sched - now);
825}
826
827static void set_ifa_lifetime(struct in_ifaddr *ifa, __u32 valid_lft,
828 __u32 prefered_lft)
829{
830 unsigned long timeout;
831 u32 flags;
832
833 flags = ifa->ifa_flags & ~(IFA_F_PERMANENT | IFA_F_DEPRECATED);
834
835 timeout = addrconf_timeout_fixup(valid_lft, HZ);
836 if (addrconf_finite_timeout(timeout))
837 WRITE_ONCE(ifa->ifa_valid_lft, timeout);
838 else
839 flags |= IFA_F_PERMANENT;
840
841 timeout = addrconf_timeout_fixup(prefered_lft, HZ);
842 if (addrconf_finite_timeout(timeout)) {
843 if (timeout == 0)
844 flags |= IFA_F_DEPRECATED;
845 WRITE_ONCE(ifa->ifa_preferred_lft, timeout);
846 }
847 WRITE_ONCE(ifa->ifa_flags, flags);
848 WRITE_ONCE(ifa->ifa_tstamp, jiffies);
849 if (!ifa->ifa_cstamp)
850 WRITE_ONCE(ifa->ifa_cstamp, ifa->ifa_tstamp);
851}
852
853static int inet_validate_rtm(struct nlmsghdr *nlh, struct nlattr **tb,
854 struct netlink_ext_ack *extack,
855 __u32 *valid_lft, __u32 *prefered_lft)
856{
857 struct ifaddrmsg *ifm = nlmsg_data(nlh);
858 int err;
859
860 err = nlmsg_parse_deprecated(nlh, sizeof(*ifm), tb, IFA_MAX,
861 ifa_ipv4_policy, extack);
862 if (err < 0)
863 return err;
864
865 if (ifm->ifa_prefixlen > 32) {
866 NL_SET_ERR_MSG(extack, "ipv4: Invalid prefix length");
867 return -EINVAL;
868 }
869
870 if (!tb[IFA_LOCAL]) {
871 NL_SET_ERR_MSG(extack, "ipv4: Local address is not supplied");
872 return -EINVAL;
873 }
874
875 if (tb[IFA_CACHEINFO]) {
876 struct ifa_cacheinfo *ci;
877
878 ci = nla_data(tb[IFA_CACHEINFO]);
879 if (!ci->ifa_valid || ci->ifa_prefered > ci->ifa_valid) {
880 NL_SET_ERR_MSG(extack, "ipv4: address lifetime invalid");
881 return -EINVAL;
882 }
883
884 *valid_lft = ci->ifa_valid;
885 *prefered_lft = ci->ifa_prefered;
886 }
887
888 return 0;
889}
890
891static struct in_ifaddr *inet_rtm_to_ifa(struct net *net, struct nlmsghdr *nlh,
892 struct nlattr **tb,
893 struct netlink_ext_ack *extack)
894{
895 struct ifaddrmsg *ifm = nlmsg_data(nlh);
896 struct in_device *in_dev;
897 struct net_device *dev;
898 struct in_ifaddr *ifa;
899 int err;
900
901 dev = __dev_get_by_index(net, ifm->ifa_index);
902 err = -ENODEV;
903 if (!dev) {
904 NL_SET_ERR_MSG(extack, "ipv4: Device not found");
905 goto errout;
906 }
907
908 in_dev = __in_dev_get_rtnl_net(dev);
909 err = -ENOBUFS;
910 if (!in_dev)
911 goto errout;
912
913 ifa = inet_alloc_ifa(in_dev);
914 if (!ifa)
915 /*
916 * A potential indev allocation can be left alive, it stays
917 * assigned to its device and is destroy with it.
918 */
919 goto errout;
920
921 ipv4_devconf_setall(in_dev);
922 neigh_parms_data_state_setall(in_dev->arp_parms);
923
924 if (!tb[IFA_ADDRESS])
925 tb[IFA_ADDRESS] = tb[IFA_LOCAL];
926
927 ifa->ifa_prefixlen = ifm->ifa_prefixlen;
928 ifa->ifa_mask = inet_make_mask(ifm->ifa_prefixlen);
929 ifa->ifa_flags = nla_get_u32_default(tb[IFA_FLAGS], ifm->ifa_flags);
930 ifa->ifa_scope = ifm->ifa_scope;
931 ifa->ifa_local = nla_get_in_addr(tb[IFA_LOCAL]);
932 ifa->ifa_address = nla_get_in_addr(tb[IFA_ADDRESS]);
933
934 if (tb[IFA_BROADCAST])
935 ifa->ifa_broadcast = nla_get_in_addr(tb[IFA_BROADCAST]);
936
937 if (tb[IFA_LABEL])
938 nla_strscpy(ifa->ifa_label, tb[IFA_LABEL], IFNAMSIZ);
939 else
940 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
941
942 if (tb[IFA_RT_PRIORITY])
943 ifa->ifa_rt_priority = nla_get_u32(tb[IFA_RT_PRIORITY]);
944
945 if (tb[IFA_PROTO])
946 ifa->ifa_proto = nla_get_u8(tb[IFA_PROTO]);
947
948 return ifa;
949
950errout:
951 return ERR_PTR(err);
952}
953
954static struct in_ifaddr *find_matching_ifa(struct net *net, struct in_ifaddr *ifa)
955{
956 struct in_device *in_dev = ifa->ifa_dev;
957 struct in_ifaddr *ifa1;
958
959 in_dev_for_each_ifa_rtnl_net(net, ifa1, in_dev) {
960 if (ifa1->ifa_mask == ifa->ifa_mask &&
961 inet_ifa_match(ifa1->ifa_address, ifa) &&
962 ifa1->ifa_local == ifa->ifa_local)
963 return ifa1;
964 }
965
966 return NULL;
967}
968
969static int inet_rtm_newaddr(struct sk_buff *skb, struct nlmsghdr *nlh,
970 struct netlink_ext_ack *extack)
971{
972 __u32 prefered_lft = INFINITY_LIFE_TIME;
973 __u32 valid_lft = INFINITY_LIFE_TIME;
974 struct net *net = sock_net(skb->sk);
975 struct in_ifaddr *ifa_existing;
976 struct nlattr *tb[IFA_MAX + 1];
977 struct in_ifaddr *ifa;
978 int ret;
979
980 ret = inet_validate_rtm(nlh, tb, extack, &valid_lft, &prefered_lft);
981 if (ret < 0)
982 return ret;
983
984 if (!nla_get_in_addr(tb[IFA_LOCAL]))
985 return 0;
986
987 rtnl_net_lock(net);
988
989 ifa = inet_rtm_to_ifa(net, nlh, tb, extack);
990 if (IS_ERR(ifa)) {
991 ret = PTR_ERR(ifa);
992 goto unlock;
993 }
994
995 ifa_existing = find_matching_ifa(net, ifa);
996 if (!ifa_existing) {
997 /* It would be best to check for !NLM_F_CREATE here but
998 * userspace already relies on not having to provide this.
999 */
1000 set_ifa_lifetime(ifa, valid_lft, prefered_lft);
1001 if (ifa->ifa_flags & IFA_F_MCAUTOJOIN) {
1002 ret = ip_mc_autojoin_config(net, true, ifa);
1003 if (ret < 0) {
1004 NL_SET_ERR_MSG(extack, "ipv4: Multicast auto join failed");
1005 inet_free_ifa(ifa);
1006 goto unlock;
1007 }
1008 }
1009
1010 ret = __inet_insert_ifa(ifa, nlh, NETLINK_CB(skb).portid, extack);
1011 } else {
1012 u32 new_metric = ifa->ifa_rt_priority;
1013 u8 new_proto = ifa->ifa_proto;
1014
1015 inet_free_ifa(ifa);
1016
1017 if (nlh->nlmsg_flags & NLM_F_EXCL ||
1018 !(nlh->nlmsg_flags & NLM_F_REPLACE)) {
1019 NL_SET_ERR_MSG(extack, "ipv4: Address already assigned");
1020 ret = -EEXIST;
1021 goto unlock;
1022 }
1023 ifa = ifa_existing;
1024
1025 if (ifa->ifa_rt_priority != new_metric) {
1026 fib_modify_prefix_metric(ifa, new_metric);
1027 ifa->ifa_rt_priority = new_metric;
1028 }
1029
1030 ifa->ifa_proto = new_proto;
1031
1032 set_ifa_lifetime(ifa, valid_lft, prefered_lft);
1033 cancel_delayed_work(&net->ipv4.addr_chk_work);
1034 queue_delayed_work(system_power_efficient_wq,
1035 &net->ipv4.addr_chk_work, 0);
1036 rtmsg_ifa(RTM_NEWADDR, ifa, nlh, NETLINK_CB(skb).portid);
1037 }
1038
1039unlock:
1040 rtnl_net_unlock(net);
1041
1042 return ret;
1043}
1044
1045/*
1046 * Determine a default network mask, based on the IP address.
1047 */
1048
1049static int inet_abc_len(__be32 addr)
1050{
1051 int rc = -1; /* Something else, probably a multicast. */
1052
1053 if (ipv4_is_zeronet(addr) || ipv4_is_lbcast(addr))
1054 rc = 0;
1055 else {
1056 __u32 haddr = ntohl(addr);
1057 if (IN_CLASSA(haddr))
1058 rc = 8;
1059 else if (IN_CLASSB(haddr))
1060 rc = 16;
1061 else if (IN_CLASSC(haddr))
1062 rc = 24;
1063 else if (IN_CLASSE(haddr))
1064 rc = 32;
1065 }
1066
1067 return rc;
1068}
1069
1070
1071int devinet_ioctl(struct net *net, unsigned int cmd, struct ifreq *ifr)
1072{
1073 struct sockaddr_in sin_orig;
1074 struct sockaddr_in *sin = (struct sockaddr_in *)&ifr->ifr_addr;
1075 struct in_ifaddr __rcu **ifap = NULL;
1076 struct in_device *in_dev;
1077 struct in_ifaddr *ifa = NULL;
1078 struct net_device *dev;
1079 char *colon;
1080 int ret = -EFAULT;
1081 int tryaddrmatch = 0;
1082
1083 ifr->ifr_name[IFNAMSIZ - 1] = 0;
1084
1085 /* save original address for comparison */
1086 memcpy(&sin_orig, sin, sizeof(*sin));
1087
1088 colon = strchr(ifr->ifr_name, ':');
1089 if (colon)
1090 *colon = 0;
1091
1092 dev_load(net, ifr->ifr_name);
1093
1094 switch (cmd) {
1095 case SIOCGIFADDR: /* Get interface address */
1096 case SIOCGIFBRDADDR: /* Get the broadcast address */
1097 case SIOCGIFDSTADDR: /* Get the destination address */
1098 case SIOCGIFNETMASK: /* Get the netmask for the interface */
1099 /* Note that these ioctls will not sleep,
1100 so that we do not impose a lock.
1101 One day we will be forced to put shlock here (I mean SMP)
1102 */
1103 tryaddrmatch = (sin_orig.sin_family == AF_INET);
1104 memset(sin, 0, sizeof(*sin));
1105 sin->sin_family = AF_INET;
1106 break;
1107
1108 case SIOCSIFFLAGS:
1109 ret = -EPERM;
1110 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
1111 goto out;
1112 break;
1113 case SIOCSIFADDR: /* Set interface address (and family) */
1114 case SIOCSIFBRDADDR: /* Set the broadcast address */
1115 case SIOCSIFDSTADDR: /* Set the destination address */
1116 case SIOCSIFNETMASK: /* Set the netmask for the interface */
1117 ret = -EPERM;
1118 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
1119 goto out;
1120 ret = -EINVAL;
1121 if (sin->sin_family != AF_INET)
1122 goto out;
1123 break;
1124 default:
1125 ret = -EINVAL;
1126 goto out;
1127 }
1128
1129 rtnl_net_lock(net);
1130
1131 ret = -ENODEV;
1132 dev = __dev_get_by_name(net, ifr->ifr_name);
1133 if (!dev)
1134 goto done;
1135
1136 if (colon)
1137 *colon = ':';
1138
1139 in_dev = __in_dev_get_rtnl_net(dev);
1140 if (in_dev) {
1141 if (tryaddrmatch) {
1142 /* Matthias Andree */
1143 /* compare label and address (4.4BSD style) */
1144 /* note: we only do this for a limited set of ioctls
1145 and only if the original address family was AF_INET.
1146 This is checked above. */
1147
1148 for (ifap = &in_dev->ifa_list;
1149 (ifa = rtnl_net_dereference(net, *ifap)) != NULL;
1150 ifap = &ifa->ifa_next) {
1151 if (!strcmp(ifr->ifr_name, ifa->ifa_label) &&
1152 sin_orig.sin_addr.s_addr ==
1153 ifa->ifa_local) {
1154 break; /* found */
1155 }
1156 }
1157 }
1158 /* we didn't get a match, maybe the application is
1159 4.3BSD-style and passed in junk so we fall back to
1160 comparing just the label */
1161 if (!ifa) {
1162 for (ifap = &in_dev->ifa_list;
1163 (ifa = rtnl_net_dereference(net, *ifap)) != NULL;
1164 ifap = &ifa->ifa_next)
1165 if (!strcmp(ifr->ifr_name, ifa->ifa_label))
1166 break;
1167 }
1168 }
1169
1170 ret = -EADDRNOTAVAIL;
1171 if (!ifa && cmd != SIOCSIFADDR && cmd != SIOCSIFFLAGS)
1172 goto done;
1173
1174 switch (cmd) {
1175 case SIOCGIFADDR: /* Get interface address */
1176 ret = 0;
1177 sin->sin_addr.s_addr = ifa->ifa_local;
1178 break;
1179
1180 case SIOCGIFBRDADDR: /* Get the broadcast address */
1181 ret = 0;
1182 sin->sin_addr.s_addr = ifa->ifa_broadcast;
1183 break;
1184
1185 case SIOCGIFDSTADDR: /* Get the destination address */
1186 ret = 0;
1187 sin->sin_addr.s_addr = ifa->ifa_address;
1188 break;
1189
1190 case SIOCGIFNETMASK: /* Get the netmask for the interface */
1191 ret = 0;
1192 sin->sin_addr.s_addr = ifa->ifa_mask;
1193 break;
1194
1195 case SIOCSIFFLAGS:
1196 if (colon) {
1197 ret = -EADDRNOTAVAIL;
1198 if (!ifa)
1199 break;
1200 ret = 0;
1201 if (!(ifr->ifr_flags & IFF_UP))
1202 inet_del_ifa(in_dev, ifap, 1);
1203 break;
1204 }
1205
1206 /* NETDEV_UP/DOWN/CHANGE could touch a peer dev */
1207 ASSERT_RTNL();
1208 ret = dev_change_flags(dev, ifr->ifr_flags, NULL);
1209 break;
1210
1211 case SIOCSIFADDR: /* Set interface address (and family) */
1212 ret = -EINVAL;
1213 if (inet_abc_len(sin->sin_addr.s_addr) < 0)
1214 break;
1215
1216 if (!ifa) {
1217 ret = -ENOBUFS;
1218 if (!in_dev)
1219 break;
1220 ifa = inet_alloc_ifa(in_dev);
1221 if (!ifa)
1222 break;
1223
1224 if (colon)
1225 memcpy(ifa->ifa_label, ifr->ifr_name, IFNAMSIZ);
1226 else
1227 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
1228 } else {
1229 ret = 0;
1230 if (ifa->ifa_local == sin->sin_addr.s_addr)
1231 break;
1232 inet_del_ifa(in_dev, ifap, 0);
1233 ifa->ifa_broadcast = 0;
1234 ifa->ifa_scope = 0;
1235 }
1236
1237 ifa->ifa_address = ifa->ifa_local = sin->sin_addr.s_addr;
1238
1239 if (!(dev->flags & IFF_POINTOPOINT)) {
1240 ifa->ifa_prefixlen = inet_abc_len(ifa->ifa_address);
1241 ifa->ifa_mask = inet_make_mask(ifa->ifa_prefixlen);
1242 if ((dev->flags & IFF_BROADCAST) &&
1243 ifa->ifa_prefixlen < 31)
1244 ifa->ifa_broadcast = ifa->ifa_address |
1245 ~ifa->ifa_mask;
1246 } else {
1247 ifa->ifa_prefixlen = 32;
1248 ifa->ifa_mask = inet_make_mask(32);
1249 }
1250 set_ifa_lifetime(ifa, INFINITY_LIFE_TIME, INFINITY_LIFE_TIME);
1251 ret = inet_set_ifa(dev, ifa);
1252 break;
1253
1254 case SIOCSIFBRDADDR: /* Set the broadcast address */
1255 ret = 0;
1256 if (ifa->ifa_broadcast != sin->sin_addr.s_addr) {
1257 inet_del_ifa(in_dev, ifap, 0);
1258 ifa->ifa_broadcast = sin->sin_addr.s_addr;
1259 inet_insert_ifa(ifa);
1260 }
1261 break;
1262
1263 case SIOCSIFDSTADDR: /* Set the destination address */
1264 ret = 0;
1265 if (ifa->ifa_address == sin->sin_addr.s_addr)
1266 break;
1267 ret = -EINVAL;
1268 if (inet_abc_len(sin->sin_addr.s_addr) < 0)
1269 break;
1270 ret = 0;
1271 inet_del_ifa(in_dev, ifap, 0);
1272 ifa->ifa_address = sin->sin_addr.s_addr;
1273 inet_insert_ifa(ifa);
1274 break;
1275
1276 case SIOCSIFNETMASK: /* Set the netmask for the interface */
1277
1278 /*
1279 * The mask we set must be legal.
1280 */
1281 ret = -EINVAL;
1282 if (bad_mask(sin->sin_addr.s_addr, 0))
1283 break;
1284 ret = 0;
1285 if (ifa->ifa_mask != sin->sin_addr.s_addr) {
1286 __be32 old_mask = ifa->ifa_mask;
1287 inet_del_ifa(in_dev, ifap, 0);
1288 ifa->ifa_mask = sin->sin_addr.s_addr;
1289 ifa->ifa_prefixlen = inet_mask_len(ifa->ifa_mask);
1290
1291 /* See if current broadcast address matches
1292 * with current netmask, then recalculate
1293 * the broadcast address. Otherwise it's a
1294 * funny address, so don't touch it since
1295 * the user seems to know what (s)he's doing...
1296 */
1297 if ((dev->flags & IFF_BROADCAST) &&
1298 (ifa->ifa_prefixlen < 31) &&
1299 (ifa->ifa_broadcast ==
1300 (ifa->ifa_local|~old_mask))) {
1301 ifa->ifa_broadcast = (ifa->ifa_local |
1302 ~sin->sin_addr.s_addr);
1303 }
1304 inet_insert_ifa(ifa);
1305 }
1306 break;
1307 }
1308done:
1309 rtnl_net_unlock(net);
1310out:
1311 return ret;
1312}
1313
1314int inet_gifconf(struct net_device *dev, char __user *buf, int len, int size)
1315{
1316 struct in_device *in_dev = __in_dev_get_rtnl_net(dev);
1317 const struct in_ifaddr *ifa;
1318 struct ifreq ifr;
1319 int done = 0;
1320
1321 if (WARN_ON(size > sizeof(struct ifreq)))
1322 goto out;
1323
1324 if (!in_dev)
1325 goto out;
1326
1327 in_dev_for_each_ifa_rtnl_net(dev_net(dev), ifa, in_dev) {
1328 if (!buf) {
1329 done += size;
1330 continue;
1331 }
1332 if (len < size)
1333 break;
1334 memset(&ifr, 0, sizeof(struct ifreq));
1335 strcpy(ifr.ifr_name, ifa->ifa_label);
1336
1337 (*(struct sockaddr_in *)&ifr.ifr_addr).sin_family = AF_INET;
1338 (*(struct sockaddr_in *)&ifr.ifr_addr).sin_addr.s_addr =
1339 ifa->ifa_local;
1340
1341 if (copy_to_user(buf + done, &ifr, size)) {
1342 done = -EFAULT;
1343 break;
1344 }
1345 len -= size;
1346 done += size;
1347 }
1348out:
1349 return done;
1350}
1351
1352static __be32 in_dev_select_addr(const struct in_device *in_dev,
1353 int scope)
1354{
1355 const struct in_ifaddr *ifa;
1356
1357 in_dev_for_each_ifa_rcu(ifa, in_dev) {
1358 if (READ_ONCE(ifa->ifa_flags) & IFA_F_SECONDARY)
1359 continue;
1360 if (ifa->ifa_scope != RT_SCOPE_LINK &&
1361 ifa->ifa_scope <= scope)
1362 return ifa->ifa_local;
1363 }
1364
1365 return 0;
1366}
1367
1368__be32 inet_select_addr(const struct net_device *dev, __be32 dst, int scope)
1369{
1370 const struct in_ifaddr *ifa;
1371 __be32 addr = 0;
1372 unsigned char localnet_scope = RT_SCOPE_HOST;
1373 struct in_device *in_dev;
1374 struct net *net;
1375 int master_idx;
1376
1377 rcu_read_lock();
1378 net = dev_net_rcu(dev);
1379 in_dev = __in_dev_get_rcu(dev);
1380 if (!in_dev)
1381 goto no_in_dev;
1382
1383 if (unlikely(IN_DEV_ROUTE_LOCALNET(in_dev)))
1384 localnet_scope = RT_SCOPE_LINK;
1385
1386 in_dev_for_each_ifa_rcu(ifa, in_dev) {
1387 if (READ_ONCE(ifa->ifa_flags) & IFA_F_SECONDARY)
1388 continue;
1389 if (min(ifa->ifa_scope, localnet_scope) > scope)
1390 continue;
1391 if (!dst || inet_ifa_match(dst, ifa)) {
1392 addr = ifa->ifa_local;
1393 break;
1394 }
1395 if (!addr)
1396 addr = ifa->ifa_local;
1397 }
1398
1399 if (addr)
1400 goto out_unlock;
1401no_in_dev:
1402 master_idx = l3mdev_master_ifindex_rcu(dev);
1403
1404 /* For VRFs, the VRF device takes the place of the loopback device,
1405 * with addresses on it being preferred. Note in such cases the
1406 * loopback device will be among the devices that fail the master_idx
1407 * equality check in the loop below.
1408 */
1409 if (master_idx &&
1410 (dev = dev_get_by_index_rcu(net, master_idx)) &&
1411 (in_dev = __in_dev_get_rcu(dev))) {
1412 addr = in_dev_select_addr(in_dev, scope);
1413 if (addr)
1414 goto out_unlock;
1415 }
1416
1417 /* Not loopback addresses on loopback should be preferred
1418 in this case. It is important that lo is the first interface
1419 in dev_base list.
1420 */
1421 for_each_netdev_rcu(net, dev) {
1422 if (l3mdev_master_ifindex_rcu(dev) != master_idx)
1423 continue;
1424
1425 in_dev = __in_dev_get_rcu(dev);
1426 if (!in_dev)
1427 continue;
1428
1429 addr = in_dev_select_addr(in_dev, scope);
1430 if (addr)
1431 goto out_unlock;
1432 }
1433out_unlock:
1434 rcu_read_unlock();
1435 return addr;
1436}
1437EXPORT_SYMBOL(inet_select_addr);
1438
1439static __be32 confirm_addr_indev(struct in_device *in_dev, __be32 dst,
1440 __be32 local, int scope)
1441{
1442 unsigned char localnet_scope = RT_SCOPE_HOST;
1443 const struct in_ifaddr *ifa;
1444 __be32 addr = 0;
1445 int same = 0;
1446
1447 if (unlikely(IN_DEV_ROUTE_LOCALNET(in_dev)))
1448 localnet_scope = RT_SCOPE_LINK;
1449
1450 in_dev_for_each_ifa_rcu(ifa, in_dev) {
1451 unsigned char min_scope = min(ifa->ifa_scope, localnet_scope);
1452
1453 if (!addr &&
1454 (local == ifa->ifa_local || !local) &&
1455 min_scope <= scope) {
1456 addr = ifa->ifa_local;
1457 if (same)
1458 break;
1459 }
1460 if (!same) {
1461 same = (!local || inet_ifa_match(local, ifa)) &&
1462 (!dst || inet_ifa_match(dst, ifa));
1463 if (same && addr) {
1464 if (local || !dst)
1465 break;
1466 /* Is the selected addr into dst subnet? */
1467 if (inet_ifa_match(addr, ifa))
1468 break;
1469 /* No, then can we use new local src? */
1470 if (min_scope <= scope) {
1471 addr = ifa->ifa_local;
1472 break;
1473 }
1474 /* search for large dst subnet for addr */
1475 same = 0;
1476 }
1477 }
1478 }
1479
1480 return same ? addr : 0;
1481}
1482
1483/*
1484 * Confirm that local IP address exists using wildcards:
1485 * - net: netns to check, cannot be NULL
1486 * - in_dev: only on this interface, NULL=any interface
1487 * - dst: only in the same subnet as dst, 0=any dst
1488 * - local: address, 0=autoselect the local address
1489 * - scope: maximum allowed scope value for the local address
1490 */
1491__be32 inet_confirm_addr(struct net *net, struct in_device *in_dev,
1492 __be32 dst, __be32 local, int scope)
1493{
1494 __be32 addr = 0;
1495 struct net_device *dev;
1496
1497 if (in_dev)
1498 return confirm_addr_indev(in_dev, dst, local, scope);
1499
1500 rcu_read_lock();
1501 for_each_netdev_rcu(net, dev) {
1502 in_dev = __in_dev_get_rcu(dev);
1503 if (in_dev) {
1504 addr = confirm_addr_indev(in_dev, dst, local, scope);
1505 if (addr)
1506 break;
1507 }
1508 }
1509 rcu_read_unlock();
1510
1511 return addr;
1512}
1513EXPORT_SYMBOL(inet_confirm_addr);
1514
1515/*
1516 * Device notifier
1517 */
1518
1519int register_inetaddr_notifier(struct notifier_block *nb)
1520{
1521 return blocking_notifier_chain_register(&inetaddr_chain, nb);
1522}
1523EXPORT_SYMBOL(register_inetaddr_notifier);
1524
1525int unregister_inetaddr_notifier(struct notifier_block *nb)
1526{
1527 return blocking_notifier_chain_unregister(&inetaddr_chain, nb);
1528}
1529EXPORT_SYMBOL(unregister_inetaddr_notifier);
1530
1531int register_inetaddr_validator_notifier(struct notifier_block *nb)
1532{
1533 return blocking_notifier_chain_register(&inetaddr_validator_chain, nb);
1534}
1535EXPORT_SYMBOL(register_inetaddr_validator_notifier);
1536
1537int unregister_inetaddr_validator_notifier(struct notifier_block *nb)
1538{
1539 return blocking_notifier_chain_unregister(&inetaddr_validator_chain,
1540 nb);
1541}
1542EXPORT_SYMBOL(unregister_inetaddr_validator_notifier);
1543
1544/* Rename ifa_labels for a device name change. Make some effort to preserve
1545 * existing alias numbering and to create unique labels if possible.
1546*/
1547static void inetdev_changename(struct net_device *dev, struct in_device *in_dev)
1548{
1549 struct in_ifaddr *ifa;
1550 int named = 0;
1551
1552 in_dev_for_each_ifa_rtnl(ifa, in_dev) {
1553 char old[IFNAMSIZ], *dot;
1554
1555 memcpy(old, ifa->ifa_label, IFNAMSIZ);
1556 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
1557 if (named++ == 0)
1558 goto skip;
1559 dot = strchr(old, ':');
1560 if (!dot) {
1561 sprintf(old, ":%d", named);
1562 dot = old;
1563 }
1564 if (strlen(dot) + strlen(dev->name) < IFNAMSIZ)
1565 strcat(ifa->ifa_label, dot);
1566 else
1567 strcpy(ifa->ifa_label + (IFNAMSIZ - strlen(dot) - 1), dot);
1568skip:
1569 rtmsg_ifa(RTM_NEWADDR, ifa, NULL, 0);
1570 }
1571}
1572
1573static void inetdev_send_gratuitous_arp(struct net_device *dev,
1574 struct in_device *in_dev)
1575
1576{
1577 const struct in_ifaddr *ifa;
1578
1579 in_dev_for_each_ifa_rtnl(ifa, in_dev) {
1580 arp_send(ARPOP_REQUEST, ETH_P_ARP,
1581 ifa->ifa_local, dev,
1582 ifa->ifa_local, NULL,
1583 dev->dev_addr, NULL);
1584 }
1585}
1586
1587/* Called only under RTNL semaphore */
1588
1589static int inetdev_event(struct notifier_block *this, unsigned long event,
1590 void *ptr)
1591{
1592 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
1593 struct in_device *in_dev = __in_dev_get_rtnl(dev);
1594
1595 ASSERT_RTNL();
1596
1597 if (!in_dev) {
1598 if (event == NETDEV_REGISTER) {
1599 in_dev = inetdev_init(dev);
1600 if (IS_ERR(in_dev))
1601 return notifier_from_errno(PTR_ERR(in_dev));
1602 if (dev->flags & IFF_LOOPBACK) {
1603 IN_DEV_CONF_SET(in_dev, NOXFRM, 1);
1604 IN_DEV_CONF_SET(in_dev, NOPOLICY, 1);
1605 }
1606 } else if (event == NETDEV_CHANGEMTU) {
1607 /* Re-enabling IP */
1608 if (inetdev_valid_mtu(dev->mtu))
1609 in_dev = inetdev_init(dev);
1610 }
1611 goto out;
1612 }
1613
1614 switch (event) {
1615 case NETDEV_REGISTER:
1616 pr_debug("%s: bug\n", __func__);
1617 RCU_INIT_POINTER(dev->ip_ptr, NULL);
1618 break;
1619 case NETDEV_UP:
1620 if (!inetdev_valid_mtu(dev->mtu))
1621 break;
1622 if (dev->flags & IFF_LOOPBACK) {
1623 struct in_ifaddr *ifa = inet_alloc_ifa(in_dev);
1624
1625 if (ifa) {
1626 ifa->ifa_local =
1627 ifa->ifa_address = htonl(INADDR_LOOPBACK);
1628 ifa->ifa_prefixlen = 8;
1629 ifa->ifa_mask = inet_make_mask(8);
1630 ifa->ifa_scope = RT_SCOPE_HOST;
1631 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
1632 set_ifa_lifetime(ifa, INFINITY_LIFE_TIME,
1633 INFINITY_LIFE_TIME);
1634 ipv4_devconf_setall(in_dev);
1635 neigh_parms_data_state_setall(in_dev->arp_parms);
1636 inet_insert_ifa(ifa);
1637 }
1638 }
1639 ip_mc_up(in_dev);
1640 fallthrough;
1641 case NETDEV_CHANGEADDR:
1642 if (!IN_DEV_ARP_NOTIFY(in_dev))
1643 break;
1644 fallthrough;
1645 case NETDEV_NOTIFY_PEERS:
1646 /* Send gratuitous ARP to notify of link change */
1647 inetdev_send_gratuitous_arp(dev, in_dev);
1648 break;
1649 case NETDEV_DOWN:
1650 ip_mc_down(in_dev);
1651 break;
1652 case NETDEV_PRE_TYPE_CHANGE:
1653 ip_mc_unmap(in_dev);
1654 break;
1655 case NETDEV_POST_TYPE_CHANGE:
1656 ip_mc_remap(in_dev);
1657 break;
1658 case NETDEV_CHANGEMTU:
1659 if (inetdev_valid_mtu(dev->mtu))
1660 break;
1661 /* disable IP when MTU is not enough */
1662 fallthrough;
1663 case NETDEV_UNREGISTER:
1664 inetdev_destroy(in_dev);
1665 break;
1666 case NETDEV_CHANGENAME:
1667 /* Do not notify about label change, this event is
1668 * not interesting to applications using netlink.
1669 */
1670 inetdev_changename(dev, in_dev);
1671
1672 devinet_sysctl_unregister(in_dev);
1673 devinet_sysctl_register(in_dev);
1674 break;
1675 }
1676out:
1677 return NOTIFY_DONE;
1678}
1679
1680static struct notifier_block ip_netdev_notifier = {
1681 .notifier_call = inetdev_event,
1682};
1683
1684static size_t inet_nlmsg_size(void)
1685{
1686 return NLMSG_ALIGN(sizeof(struct ifaddrmsg))
1687 + nla_total_size(4) /* IFA_ADDRESS */
1688 + nla_total_size(4) /* IFA_LOCAL */
1689 + nla_total_size(4) /* IFA_BROADCAST */
1690 + nla_total_size(IFNAMSIZ) /* IFA_LABEL */
1691 + nla_total_size(4) /* IFA_FLAGS */
1692 + nla_total_size(1) /* IFA_PROTO */
1693 + nla_total_size(4) /* IFA_RT_PRIORITY */
1694 + nla_total_size(sizeof(struct ifa_cacheinfo)); /* IFA_CACHEINFO */
1695}
1696
1697static inline u32 cstamp_delta(unsigned long cstamp)
1698{
1699 return (cstamp - INITIAL_JIFFIES) * 100UL / HZ;
1700}
1701
1702static int put_cacheinfo(struct sk_buff *skb, unsigned long cstamp,
1703 unsigned long tstamp, u32 preferred, u32 valid)
1704{
1705 struct ifa_cacheinfo ci;
1706
1707 ci.cstamp = cstamp_delta(cstamp);
1708 ci.tstamp = cstamp_delta(tstamp);
1709 ci.ifa_prefered = preferred;
1710 ci.ifa_valid = valid;
1711
1712 return nla_put(skb, IFA_CACHEINFO, sizeof(ci), &ci);
1713}
1714
1715static int inet_fill_ifaddr(struct sk_buff *skb, const struct in_ifaddr *ifa,
1716 struct inet_fill_args *args)
1717{
1718 struct ifaddrmsg *ifm;
1719 struct nlmsghdr *nlh;
1720 unsigned long tstamp;
1721 u32 preferred, valid;
1722 u32 flags;
1723
1724 nlh = nlmsg_put(skb, args->portid, args->seq, args->event, sizeof(*ifm),
1725 args->flags);
1726 if (!nlh)
1727 return -EMSGSIZE;
1728
1729 ifm = nlmsg_data(nlh);
1730 ifm->ifa_family = AF_INET;
1731 ifm->ifa_prefixlen = ifa->ifa_prefixlen;
1732
1733 flags = READ_ONCE(ifa->ifa_flags);
1734 /* Warning : ifm->ifa_flags is an __u8, it holds only 8 bits.
1735 * The 32bit value is given in IFA_FLAGS attribute.
1736 */
1737 ifm->ifa_flags = (__u8)flags;
1738
1739 ifm->ifa_scope = ifa->ifa_scope;
1740 ifm->ifa_index = ifa->ifa_dev->dev->ifindex;
1741
1742 if (args->netnsid >= 0 &&
1743 nla_put_s32(skb, IFA_TARGET_NETNSID, args->netnsid))
1744 goto nla_put_failure;
1745
1746 tstamp = READ_ONCE(ifa->ifa_tstamp);
1747 if (!(flags & IFA_F_PERMANENT)) {
1748 preferred = READ_ONCE(ifa->ifa_preferred_lft);
1749 valid = READ_ONCE(ifa->ifa_valid_lft);
1750 if (preferred != INFINITY_LIFE_TIME) {
1751 long tval = (jiffies - tstamp) / HZ;
1752
1753 if (preferred > tval)
1754 preferred -= tval;
1755 else
1756 preferred = 0;
1757 if (valid != INFINITY_LIFE_TIME) {
1758 if (valid > tval)
1759 valid -= tval;
1760 else
1761 valid = 0;
1762 }
1763 }
1764 } else {
1765 preferred = INFINITY_LIFE_TIME;
1766 valid = INFINITY_LIFE_TIME;
1767 }
1768 if ((ifa->ifa_address &&
1769 nla_put_in_addr(skb, IFA_ADDRESS, ifa->ifa_address)) ||
1770 (ifa->ifa_local &&
1771 nla_put_in_addr(skb, IFA_LOCAL, ifa->ifa_local)) ||
1772 (ifa->ifa_broadcast &&
1773 nla_put_in_addr(skb, IFA_BROADCAST, ifa->ifa_broadcast)) ||
1774 (ifa->ifa_label[0] &&
1775 nla_put_string(skb, IFA_LABEL, ifa->ifa_label)) ||
1776 (ifa->ifa_proto &&
1777 nla_put_u8(skb, IFA_PROTO, ifa->ifa_proto)) ||
1778 nla_put_u32(skb, IFA_FLAGS, flags) ||
1779 (ifa->ifa_rt_priority &&
1780 nla_put_u32(skb, IFA_RT_PRIORITY, ifa->ifa_rt_priority)) ||
1781 put_cacheinfo(skb, READ_ONCE(ifa->ifa_cstamp), tstamp,
1782 preferred, valid))
1783 goto nla_put_failure;
1784
1785 nlmsg_end(skb, nlh);
1786 return 0;
1787
1788nla_put_failure:
1789 nlmsg_cancel(skb, nlh);
1790 return -EMSGSIZE;
1791}
1792
1793static int inet_valid_dump_ifaddr_req(const struct nlmsghdr *nlh,
1794 struct inet_fill_args *fillargs,
1795 struct net **tgt_net, struct sock *sk,
1796 struct netlink_callback *cb)
1797{
1798 struct netlink_ext_ack *extack = cb->extack;
1799 struct nlattr *tb[IFA_MAX+1];
1800 struct ifaddrmsg *ifm;
1801 int err, i;
1802
1803 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*ifm))) {
1804 NL_SET_ERR_MSG(extack, "ipv4: Invalid header for address dump request");
1805 return -EINVAL;
1806 }
1807
1808 ifm = nlmsg_data(nlh);
1809 if (ifm->ifa_prefixlen || ifm->ifa_flags || ifm->ifa_scope) {
1810 NL_SET_ERR_MSG(extack, "ipv4: Invalid values in header for address dump request");
1811 return -EINVAL;
1812 }
1813
1814 fillargs->ifindex = ifm->ifa_index;
1815 if (fillargs->ifindex) {
1816 cb->answer_flags |= NLM_F_DUMP_FILTERED;
1817 fillargs->flags |= NLM_F_DUMP_FILTERED;
1818 }
1819
1820 err = nlmsg_parse_deprecated_strict(nlh, sizeof(*ifm), tb, IFA_MAX,
1821 ifa_ipv4_policy, extack);
1822 if (err < 0)
1823 return err;
1824
1825 for (i = 0; i <= IFA_MAX; ++i) {
1826 if (!tb[i])
1827 continue;
1828
1829 if (i == IFA_TARGET_NETNSID) {
1830 struct net *net;
1831
1832 fillargs->netnsid = nla_get_s32(tb[i]);
1833
1834 net = rtnl_get_net_ns_capable(sk, fillargs->netnsid);
1835 if (IS_ERR(net)) {
1836 fillargs->netnsid = -1;
1837 NL_SET_ERR_MSG(extack, "ipv4: Invalid target network namespace id");
1838 return PTR_ERR(net);
1839 }
1840 *tgt_net = net;
1841 } else {
1842 NL_SET_ERR_MSG(extack, "ipv4: Unsupported attribute in dump request");
1843 return -EINVAL;
1844 }
1845 }
1846
1847 return 0;
1848}
1849
1850static int in_dev_dump_addr(struct in_device *in_dev, struct sk_buff *skb,
1851 struct netlink_callback *cb, int *s_ip_idx,
1852 struct inet_fill_args *fillargs)
1853{
1854 struct in_ifaddr *ifa;
1855 int ip_idx = 0;
1856 int err;
1857
1858 in_dev_for_each_ifa_rcu(ifa, in_dev) {
1859 if (ip_idx < *s_ip_idx) {
1860 ip_idx++;
1861 continue;
1862 }
1863 err = inet_fill_ifaddr(skb, ifa, fillargs);
1864 if (err < 0)
1865 goto done;
1866
1867 nl_dump_check_consistent(cb, nlmsg_hdr(skb));
1868 ip_idx++;
1869 }
1870 err = 0;
1871 ip_idx = 0;
1872done:
1873 *s_ip_idx = ip_idx;
1874
1875 return err;
1876}
1877
1878/* Combine dev_addr_genid and dev_base_seq to detect changes.
1879 */
1880static u32 inet_base_seq(const struct net *net)
1881{
1882 u32 res = atomic_read(&net->ipv4.dev_addr_genid) +
1883 READ_ONCE(net->dev_base_seq);
1884
1885 /* Must not return 0 (see nl_dump_check_consistent()).
1886 * Chose a value far away from 0.
1887 */
1888 if (!res)
1889 res = 0x80000000;
1890 return res;
1891}
1892
1893static int inet_dump_ifaddr(struct sk_buff *skb, struct netlink_callback *cb)
1894{
1895 const struct nlmsghdr *nlh = cb->nlh;
1896 struct inet_fill_args fillargs = {
1897 .portid = NETLINK_CB(cb->skb).portid,
1898 .seq = nlh->nlmsg_seq,
1899 .event = RTM_NEWADDR,
1900 .flags = NLM_F_MULTI,
1901 .netnsid = -1,
1902 };
1903 struct net *net = sock_net(skb->sk);
1904 struct net *tgt_net = net;
1905 struct {
1906 unsigned long ifindex;
1907 int ip_idx;
1908 } *ctx = (void *)cb->ctx;
1909 struct in_device *in_dev;
1910 struct net_device *dev;
1911 int err = 0;
1912
1913 rcu_read_lock();
1914 if (cb->strict_check) {
1915 err = inet_valid_dump_ifaddr_req(nlh, &fillargs, &tgt_net,
1916 skb->sk, cb);
1917 if (err < 0)
1918 goto done;
1919
1920 if (fillargs.ifindex) {
1921 dev = dev_get_by_index_rcu(tgt_net, fillargs.ifindex);
1922 if (!dev) {
1923 err = -ENODEV;
1924 goto done;
1925 }
1926 in_dev = __in_dev_get_rcu(dev);
1927 if (!in_dev)
1928 goto done;
1929 err = in_dev_dump_addr(in_dev, skb, cb, &ctx->ip_idx,
1930 &fillargs);
1931 goto done;
1932 }
1933 }
1934
1935 cb->seq = inet_base_seq(tgt_net);
1936
1937 for_each_netdev_dump(tgt_net, dev, ctx->ifindex) {
1938 in_dev = __in_dev_get_rcu(dev);
1939 if (!in_dev)
1940 continue;
1941 err = in_dev_dump_addr(in_dev, skb, cb, &ctx->ip_idx,
1942 &fillargs);
1943 if (err < 0)
1944 goto done;
1945 }
1946done:
1947 if (fillargs.netnsid >= 0)
1948 put_net(tgt_net);
1949 rcu_read_unlock();
1950 return err;
1951}
1952
1953static void rtmsg_ifa(int event, struct in_ifaddr *ifa, struct nlmsghdr *nlh,
1954 u32 portid)
1955{
1956 struct inet_fill_args fillargs = {
1957 .portid = portid,
1958 .seq = nlh ? nlh->nlmsg_seq : 0,
1959 .event = event,
1960 .flags = 0,
1961 .netnsid = -1,
1962 };
1963 struct sk_buff *skb;
1964 int err = -ENOBUFS;
1965 struct net *net;
1966
1967 net = dev_net(ifa->ifa_dev->dev);
1968 skb = nlmsg_new(inet_nlmsg_size(), GFP_KERNEL);
1969 if (!skb)
1970 goto errout;
1971
1972 err = inet_fill_ifaddr(skb, ifa, &fillargs);
1973 if (err < 0) {
1974 /* -EMSGSIZE implies BUG in inet_nlmsg_size() */
1975 WARN_ON(err == -EMSGSIZE);
1976 kfree_skb(skb);
1977 goto errout;
1978 }
1979 rtnl_notify(skb, net, portid, RTNLGRP_IPV4_IFADDR, nlh, GFP_KERNEL);
1980 return;
1981errout:
1982 rtnl_set_sk_err(net, RTNLGRP_IPV4_IFADDR, err);
1983}
1984
1985static size_t inet_get_link_af_size(const struct net_device *dev,
1986 u32 ext_filter_mask)
1987{
1988 struct in_device *in_dev = rcu_dereference_rtnl(dev->ip_ptr);
1989
1990 if (!in_dev)
1991 return 0;
1992
1993 return nla_total_size(IPV4_DEVCONF_MAX * 4); /* IFLA_INET_CONF */
1994}
1995
1996static int inet_fill_link_af(struct sk_buff *skb, const struct net_device *dev,
1997 u32 ext_filter_mask)
1998{
1999 struct in_device *in_dev = rcu_dereference_rtnl(dev->ip_ptr);
2000 struct nlattr *nla;
2001 int i;
2002
2003 if (!in_dev)
2004 return -ENODATA;
2005
2006 nla = nla_reserve(skb, IFLA_INET_CONF, IPV4_DEVCONF_MAX * 4);
2007 if (!nla)
2008 return -EMSGSIZE;
2009
2010 for (i = 0; i < IPV4_DEVCONF_MAX; i++)
2011 ((u32 *) nla_data(nla))[i] = READ_ONCE(in_dev->cnf.data[i]);
2012
2013 return 0;
2014}
2015
2016static const struct nla_policy inet_af_policy[IFLA_INET_MAX+1] = {
2017 [IFLA_INET_CONF] = { .type = NLA_NESTED },
2018};
2019
2020static int inet_validate_link_af(const struct net_device *dev,
2021 const struct nlattr *nla,
2022 struct netlink_ext_ack *extack)
2023{
2024 struct nlattr *a, *tb[IFLA_INET_MAX+1];
2025 int err, rem;
2026
2027 if (dev && !__in_dev_get_rtnl(dev))
2028 return -EAFNOSUPPORT;
2029
2030 err = nla_parse_nested_deprecated(tb, IFLA_INET_MAX, nla,
2031 inet_af_policy, extack);
2032 if (err < 0)
2033 return err;
2034
2035 if (tb[IFLA_INET_CONF]) {
2036 nla_for_each_nested(a, tb[IFLA_INET_CONF], rem) {
2037 int cfgid = nla_type(a);
2038
2039 if (nla_len(a) < 4)
2040 return -EINVAL;
2041
2042 if (cfgid <= 0 || cfgid > IPV4_DEVCONF_MAX)
2043 return -EINVAL;
2044 }
2045 }
2046
2047 return 0;
2048}
2049
2050static int inet_set_link_af(struct net_device *dev, const struct nlattr *nla,
2051 struct netlink_ext_ack *extack)
2052{
2053 struct in_device *in_dev = __in_dev_get_rtnl(dev);
2054 struct nlattr *a, *tb[IFLA_INET_MAX+1];
2055 int rem;
2056
2057 if (!in_dev)
2058 return -EAFNOSUPPORT;
2059
2060 if (nla_parse_nested_deprecated(tb, IFLA_INET_MAX, nla, NULL, NULL) < 0)
2061 return -EINVAL;
2062
2063 if (tb[IFLA_INET_CONF]) {
2064 nla_for_each_nested(a, tb[IFLA_INET_CONF], rem)
2065 ipv4_devconf_set(in_dev, nla_type(a), nla_get_u32(a));
2066 }
2067
2068 return 0;
2069}
2070
2071static int inet_netconf_msgsize_devconf(int type)
2072{
2073 int size = NLMSG_ALIGN(sizeof(struct netconfmsg))
2074 + nla_total_size(4); /* NETCONFA_IFINDEX */
2075 bool all = false;
2076
2077 if (type == NETCONFA_ALL)
2078 all = true;
2079
2080 if (all || type == NETCONFA_FORWARDING)
2081 size += nla_total_size(4);
2082 if (all || type == NETCONFA_RP_FILTER)
2083 size += nla_total_size(4);
2084 if (all || type == NETCONFA_MC_FORWARDING)
2085 size += nla_total_size(4);
2086 if (all || type == NETCONFA_BC_FORWARDING)
2087 size += nla_total_size(4);
2088 if (all || type == NETCONFA_PROXY_NEIGH)
2089 size += nla_total_size(4);
2090 if (all || type == NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN)
2091 size += nla_total_size(4);
2092
2093 return size;
2094}
2095
2096static int inet_netconf_fill_devconf(struct sk_buff *skb, int ifindex,
2097 const struct ipv4_devconf *devconf,
2098 u32 portid, u32 seq, int event,
2099 unsigned int flags, int type)
2100{
2101 struct nlmsghdr *nlh;
2102 struct netconfmsg *ncm;
2103 bool all = false;
2104
2105 nlh = nlmsg_put(skb, portid, seq, event, sizeof(struct netconfmsg),
2106 flags);
2107 if (!nlh)
2108 return -EMSGSIZE;
2109
2110 if (type == NETCONFA_ALL)
2111 all = true;
2112
2113 ncm = nlmsg_data(nlh);
2114 ncm->ncm_family = AF_INET;
2115
2116 if (nla_put_s32(skb, NETCONFA_IFINDEX, ifindex) < 0)
2117 goto nla_put_failure;
2118
2119 if (!devconf)
2120 goto out;
2121
2122 if ((all || type == NETCONFA_FORWARDING) &&
2123 nla_put_s32(skb, NETCONFA_FORWARDING,
2124 IPV4_DEVCONF_RO(*devconf, FORWARDING)) < 0)
2125 goto nla_put_failure;
2126 if ((all || type == NETCONFA_RP_FILTER) &&
2127 nla_put_s32(skb, NETCONFA_RP_FILTER,
2128 IPV4_DEVCONF_RO(*devconf, RP_FILTER)) < 0)
2129 goto nla_put_failure;
2130 if ((all || type == NETCONFA_MC_FORWARDING) &&
2131 nla_put_s32(skb, NETCONFA_MC_FORWARDING,
2132 IPV4_DEVCONF_RO(*devconf, MC_FORWARDING)) < 0)
2133 goto nla_put_failure;
2134 if ((all || type == NETCONFA_BC_FORWARDING) &&
2135 nla_put_s32(skb, NETCONFA_BC_FORWARDING,
2136 IPV4_DEVCONF_RO(*devconf, BC_FORWARDING)) < 0)
2137 goto nla_put_failure;
2138 if ((all || type == NETCONFA_PROXY_NEIGH) &&
2139 nla_put_s32(skb, NETCONFA_PROXY_NEIGH,
2140 IPV4_DEVCONF_RO(*devconf, PROXY_ARP)) < 0)
2141 goto nla_put_failure;
2142 if ((all || type == NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN) &&
2143 nla_put_s32(skb, NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN,
2144 IPV4_DEVCONF_RO(*devconf,
2145 IGNORE_ROUTES_WITH_LINKDOWN)) < 0)
2146 goto nla_put_failure;
2147
2148out:
2149 nlmsg_end(skb, nlh);
2150 return 0;
2151
2152nla_put_failure:
2153 nlmsg_cancel(skb, nlh);
2154 return -EMSGSIZE;
2155}
2156
2157void inet_netconf_notify_devconf(struct net *net, int event, int type,
2158 int ifindex, struct ipv4_devconf *devconf)
2159{
2160 struct sk_buff *skb;
2161 int err = -ENOBUFS;
2162
2163 skb = nlmsg_new(inet_netconf_msgsize_devconf(type), GFP_KERNEL);
2164 if (!skb)
2165 goto errout;
2166
2167 err = inet_netconf_fill_devconf(skb, ifindex, devconf, 0, 0,
2168 event, 0, type);
2169 if (err < 0) {
2170 /* -EMSGSIZE implies BUG in inet_netconf_msgsize_devconf() */
2171 WARN_ON(err == -EMSGSIZE);
2172 kfree_skb(skb);
2173 goto errout;
2174 }
2175 rtnl_notify(skb, net, 0, RTNLGRP_IPV4_NETCONF, NULL, GFP_KERNEL);
2176 return;
2177errout:
2178 rtnl_set_sk_err(net, RTNLGRP_IPV4_NETCONF, err);
2179}
2180
2181static const struct nla_policy devconf_ipv4_policy[NETCONFA_MAX+1] = {
2182 [NETCONFA_IFINDEX] = { .len = sizeof(int) },
2183 [NETCONFA_FORWARDING] = { .len = sizeof(int) },
2184 [NETCONFA_RP_FILTER] = { .len = sizeof(int) },
2185 [NETCONFA_PROXY_NEIGH] = { .len = sizeof(int) },
2186 [NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN] = { .len = sizeof(int) },
2187};
2188
2189static int inet_netconf_valid_get_req(struct sk_buff *skb,
2190 const struct nlmsghdr *nlh,
2191 struct nlattr **tb,
2192 struct netlink_ext_ack *extack)
2193{
2194 int i, err;
2195
2196 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(struct netconfmsg))) {
2197 NL_SET_ERR_MSG(extack, "ipv4: Invalid header for netconf get request");
2198 return -EINVAL;
2199 }
2200
2201 if (!netlink_strict_get_check(skb))
2202 return nlmsg_parse_deprecated(nlh, sizeof(struct netconfmsg),
2203 tb, NETCONFA_MAX,
2204 devconf_ipv4_policy, extack);
2205
2206 err = nlmsg_parse_deprecated_strict(nlh, sizeof(struct netconfmsg),
2207 tb, NETCONFA_MAX,
2208 devconf_ipv4_policy, extack);
2209 if (err)
2210 return err;
2211
2212 for (i = 0; i <= NETCONFA_MAX; i++) {
2213 if (!tb[i])
2214 continue;
2215
2216 switch (i) {
2217 case NETCONFA_IFINDEX:
2218 break;
2219 default:
2220 NL_SET_ERR_MSG(extack, "ipv4: Unsupported attribute in netconf get request");
2221 return -EINVAL;
2222 }
2223 }
2224
2225 return 0;
2226}
2227
2228static int inet_netconf_get_devconf(struct sk_buff *in_skb,
2229 struct nlmsghdr *nlh,
2230 struct netlink_ext_ack *extack)
2231{
2232 struct net *net = sock_net(in_skb->sk);
2233 struct nlattr *tb[NETCONFA_MAX + 1];
2234 const struct ipv4_devconf *devconf;
2235 struct in_device *in_dev = NULL;
2236 struct net_device *dev = NULL;
2237 struct sk_buff *skb;
2238 int ifindex;
2239 int err;
2240
2241 err = inet_netconf_valid_get_req(in_skb, nlh, tb, extack);
2242 if (err)
2243 return err;
2244
2245 if (!tb[NETCONFA_IFINDEX])
2246 return -EINVAL;
2247
2248 ifindex = nla_get_s32(tb[NETCONFA_IFINDEX]);
2249 switch (ifindex) {
2250 case NETCONFA_IFINDEX_ALL:
2251 devconf = net->ipv4.devconf_all;
2252 break;
2253 case NETCONFA_IFINDEX_DEFAULT:
2254 devconf = net->ipv4.devconf_dflt;
2255 break;
2256 default:
2257 err = -ENODEV;
2258 dev = dev_get_by_index(net, ifindex);
2259 if (dev)
2260 in_dev = in_dev_get(dev);
2261 if (!in_dev)
2262 goto errout;
2263 devconf = &in_dev->cnf;
2264 break;
2265 }
2266
2267 err = -ENOBUFS;
2268 skb = nlmsg_new(inet_netconf_msgsize_devconf(NETCONFA_ALL), GFP_KERNEL);
2269 if (!skb)
2270 goto errout;
2271
2272 err = inet_netconf_fill_devconf(skb, ifindex, devconf,
2273 NETLINK_CB(in_skb).portid,
2274 nlh->nlmsg_seq, RTM_NEWNETCONF, 0,
2275 NETCONFA_ALL);
2276 if (err < 0) {
2277 /* -EMSGSIZE implies BUG in inet_netconf_msgsize_devconf() */
2278 WARN_ON(err == -EMSGSIZE);
2279 kfree_skb(skb);
2280 goto errout;
2281 }
2282 err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).portid);
2283errout:
2284 if (in_dev)
2285 in_dev_put(in_dev);
2286 dev_put(dev);
2287 return err;
2288}
2289
2290static int inet_netconf_dump_devconf(struct sk_buff *skb,
2291 struct netlink_callback *cb)
2292{
2293 const struct nlmsghdr *nlh = cb->nlh;
2294 struct net *net = sock_net(skb->sk);
2295 struct {
2296 unsigned long ifindex;
2297 unsigned int all_default;
2298 } *ctx = (void *)cb->ctx;
2299 const struct in_device *in_dev;
2300 struct net_device *dev;
2301 int err = 0;
2302
2303 if (cb->strict_check) {
2304 struct netlink_ext_ack *extack = cb->extack;
2305 struct netconfmsg *ncm;
2306
2307 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*ncm))) {
2308 NL_SET_ERR_MSG(extack, "ipv4: Invalid header for netconf dump request");
2309 return -EINVAL;
2310 }
2311
2312 if (nlmsg_attrlen(nlh, sizeof(*ncm))) {
2313 NL_SET_ERR_MSG(extack, "ipv4: Invalid data after header in netconf dump request");
2314 return -EINVAL;
2315 }
2316 }
2317
2318 rcu_read_lock();
2319 for_each_netdev_dump(net, dev, ctx->ifindex) {
2320 in_dev = __in_dev_get_rcu(dev);
2321 if (!in_dev)
2322 continue;
2323 err = inet_netconf_fill_devconf(skb, dev->ifindex,
2324 &in_dev->cnf,
2325 NETLINK_CB(cb->skb).portid,
2326 nlh->nlmsg_seq,
2327 RTM_NEWNETCONF, NLM_F_MULTI,
2328 NETCONFA_ALL);
2329 if (err < 0)
2330 goto done;
2331 }
2332 if (ctx->all_default == 0) {
2333 err = inet_netconf_fill_devconf(skb, NETCONFA_IFINDEX_ALL,
2334 net->ipv4.devconf_all,
2335 NETLINK_CB(cb->skb).portid,
2336 nlh->nlmsg_seq,
2337 RTM_NEWNETCONF, NLM_F_MULTI,
2338 NETCONFA_ALL);
2339 if (err < 0)
2340 goto done;
2341 ctx->all_default++;
2342 }
2343 if (ctx->all_default == 1) {
2344 err = inet_netconf_fill_devconf(skb, NETCONFA_IFINDEX_DEFAULT,
2345 net->ipv4.devconf_dflt,
2346 NETLINK_CB(cb->skb).portid,
2347 nlh->nlmsg_seq,
2348 RTM_NEWNETCONF, NLM_F_MULTI,
2349 NETCONFA_ALL);
2350 if (err < 0)
2351 goto done;
2352 ctx->all_default++;
2353 }
2354done:
2355 rcu_read_unlock();
2356 return err;
2357}
2358
2359#ifdef CONFIG_SYSCTL
2360
2361static void devinet_copy_dflt_conf(struct net *net, int i)
2362{
2363 struct net_device *dev;
2364
2365 rcu_read_lock();
2366 for_each_netdev_rcu(net, dev) {
2367 struct in_device *in_dev;
2368
2369 in_dev = __in_dev_get_rcu(dev);
2370 if (in_dev && !test_bit(i, in_dev->cnf.state))
2371 in_dev->cnf.data[i] = net->ipv4.devconf_dflt->data[i];
2372 }
2373 rcu_read_unlock();
2374}
2375
2376/* called with RTNL locked */
2377static void inet_forward_change(struct net *net)
2378{
2379 struct net_device *dev;
2380 int on = IPV4_DEVCONF_ALL(net, FORWARDING);
2381
2382 IPV4_DEVCONF_ALL(net, ACCEPT_REDIRECTS) = !on;
2383 IPV4_DEVCONF_DFLT(net, FORWARDING) = on;
2384 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2385 NETCONFA_FORWARDING,
2386 NETCONFA_IFINDEX_ALL,
2387 net->ipv4.devconf_all);
2388 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2389 NETCONFA_FORWARDING,
2390 NETCONFA_IFINDEX_DEFAULT,
2391 net->ipv4.devconf_dflt);
2392
2393 for_each_netdev(net, dev) {
2394 struct in_device *in_dev;
2395
2396 if (on)
2397 dev_disable_lro(dev);
2398
2399 in_dev = __in_dev_get_rtnl_net(dev);
2400 if (in_dev) {
2401 IN_DEV_CONF_SET(in_dev, FORWARDING, on);
2402 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2403 NETCONFA_FORWARDING,
2404 dev->ifindex, &in_dev->cnf);
2405 }
2406 }
2407}
2408
2409static int devinet_conf_ifindex(struct net *net, struct ipv4_devconf *cnf)
2410{
2411 if (cnf == net->ipv4.devconf_dflt)
2412 return NETCONFA_IFINDEX_DEFAULT;
2413 else if (cnf == net->ipv4.devconf_all)
2414 return NETCONFA_IFINDEX_ALL;
2415 else {
2416 struct in_device *idev
2417 = container_of(cnf, struct in_device, cnf);
2418 return idev->dev->ifindex;
2419 }
2420}
2421
2422static int devinet_conf_proc(const struct ctl_table *ctl, int write,
2423 void *buffer, size_t *lenp, loff_t *ppos)
2424{
2425 int old_value = *(int *)ctl->data;
2426 int ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
2427 int new_value = *(int *)ctl->data;
2428
2429 if (write) {
2430 struct ipv4_devconf *cnf = ctl->extra1;
2431 struct net *net = ctl->extra2;
2432 int i = (int *)ctl->data - cnf->data;
2433 int ifindex;
2434
2435 set_bit(i, cnf->state);
2436
2437 if (cnf == net->ipv4.devconf_dflt)
2438 devinet_copy_dflt_conf(net, i);
2439 if (i == IPV4_DEVCONF_ACCEPT_LOCAL - 1 ||
2440 i == IPV4_DEVCONF_ROUTE_LOCALNET - 1)
2441 if ((new_value == 0) && (old_value != 0))
2442 rt_cache_flush(net);
2443
2444 if (i == IPV4_DEVCONF_BC_FORWARDING - 1 &&
2445 new_value != old_value)
2446 rt_cache_flush(net);
2447
2448 if (i == IPV4_DEVCONF_RP_FILTER - 1 &&
2449 new_value != old_value) {
2450 ifindex = devinet_conf_ifindex(net, cnf);
2451 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2452 NETCONFA_RP_FILTER,
2453 ifindex, cnf);
2454 }
2455 if (i == IPV4_DEVCONF_PROXY_ARP - 1 &&
2456 new_value != old_value) {
2457 ifindex = devinet_conf_ifindex(net, cnf);
2458 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2459 NETCONFA_PROXY_NEIGH,
2460 ifindex, cnf);
2461 }
2462 if (i == IPV4_DEVCONF_IGNORE_ROUTES_WITH_LINKDOWN - 1 &&
2463 new_value != old_value) {
2464 ifindex = devinet_conf_ifindex(net, cnf);
2465 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2466 NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN,
2467 ifindex, cnf);
2468 }
2469 }
2470
2471 return ret;
2472}
2473
2474static int devinet_sysctl_forward(const struct ctl_table *ctl, int write,
2475 void *buffer, size_t *lenp, loff_t *ppos)
2476{
2477 int *valp = ctl->data;
2478 int val = *valp;
2479 loff_t pos = *ppos;
2480 struct net *net = ctl->extra2;
2481 int ret;
2482
2483 if (write && !ns_capable(net->user_ns, CAP_NET_ADMIN))
2484 return -EPERM;
2485
2486 ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
2487
2488 if (write && *valp != val) {
2489 if (valp != &IPV4_DEVCONF_DFLT(net, FORWARDING)) {
2490 if (!rtnl_net_trylock(net)) {
2491 /* Restore the original values before restarting */
2492 *valp = val;
2493 *ppos = pos;
2494 return restart_syscall();
2495 }
2496 if (valp == &IPV4_DEVCONF_ALL(net, FORWARDING)) {
2497 inet_forward_change(net);
2498 } else {
2499 struct ipv4_devconf *cnf = ctl->extra1;
2500 struct in_device *idev =
2501 container_of(cnf, struct in_device, cnf);
2502 if (*valp)
2503 dev_disable_lro(idev->dev);
2504 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2505 NETCONFA_FORWARDING,
2506 idev->dev->ifindex,
2507 cnf);
2508 }
2509 rtnl_net_unlock(net);
2510 rt_cache_flush(net);
2511 } else
2512 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2513 NETCONFA_FORWARDING,
2514 NETCONFA_IFINDEX_DEFAULT,
2515 net->ipv4.devconf_dflt);
2516 }
2517
2518 return ret;
2519}
2520
2521static int ipv4_doint_and_flush(const struct ctl_table *ctl, int write,
2522 void *buffer, size_t *lenp, loff_t *ppos)
2523{
2524 int *valp = ctl->data;
2525 int val = *valp;
2526 int ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
2527 struct net *net = ctl->extra2;
2528
2529 if (write && *valp != val)
2530 rt_cache_flush(net);
2531
2532 return ret;
2533}
2534
2535#define DEVINET_SYSCTL_ENTRY(attr, name, mval, proc) \
2536 { \
2537 .procname = name, \
2538 .data = ipv4_devconf.data + \
2539 IPV4_DEVCONF_ ## attr - 1, \
2540 .maxlen = sizeof(int), \
2541 .mode = mval, \
2542 .proc_handler = proc, \
2543 .extra1 = &ipv4_devconf, \
2544 }
2545
2546#define DEVINET_SYSCTL_RW_ENTRY(attr, name) \
2547 DEVINET_SYSCTL_ENTRY(attr, name, 0644, devinet_conf_proc)
2548
2549#define DEVINET_SYSCTL_RO_ENTRY(attr, name) \
2550 DEVINET_SYSCTL_ENTRY(attr, name, 0444, devinet_conf_proc)
2551
2552#define DEVINET_SYSCTL_COMPLEX_ENTRY(attr, name, proc) \
2553 DEVINET_SYSCTL_ENTRY(attr, name, 0644, proc)
2554
2555#define DEVINET_SYSCTL_FLUSHING_ENTRY(attr, name) \
2556 DEVINET_SYSCTL_COMPLEX_ENTRY(attr, name, ipv4_doint_and_flush)
2557
2558static struct devinet_sysctl_table {
2559 struct ctl_table_header *sysctl_header;
2560 struct ctl_table devinet_vars[IPV4_DEVCONF_MAX];
2561} devinet_sysctl = {
2562 .devinet_vars = {
2563 DEVINET_SYSCTL_COMPLEX_ENTRY(FORWARDING, "forwarding",
2564 devinet_sysctl_forward),
2565 DEVINET_SYSCTL_RO_ENTRY(MC_FORWARDING, "mc_forwarding"),
2566 DEVINET_SYSCTL_RW_ENTRY(BC_FORWARDING, "bc_forwarding"),
2567
2568 DEVINET_SYSCTL_RW_ENTRY(ACCEPT_REDIRECTS, "accept_redirects"),
2569 DEVINET_SYSCTL_RW_ENTRY(SECURE_REDIRECTS, "secure_redirects"),
2570 DEVINET_SYSCTL_RW_ENTRY(SHARED_MEDIA, "shared_media"),
2571 DEVINET_SYSCTL_RW_ENTRY(RP_FILTER, "rp_filter"),
2572 DEVINET_SYSCTL_RW_ENTRY(SEND_REDIRECTS, "send_redirects"),
2573 DEVINET_SYSCTL_RW_ENTRY(ACCEPT_SOURCE_ROUTE,
2574 "accept_source_route"),
2575 DEVINET_SYSCTL_RW_ENTRY(ACCEPT_LOCAL, "accept_local"),
2576 DEVINET_SYSCTL_RW_ENTRY(SRC_VMARK, "src_valid_mark"),
2577 DEVINET_SYSCTL_RW_ENTRY(PROXY_ARP, "proxy_arp"),
2578 DEVINET_SYSCTL_RW_ENTRY(MEDIUM_ID, "medium_id"),
2579 DEVINET_SYSCTL_RW_ENTRY(BOOTP_RELAY, "bootp_relay"),
2580 DEVINET_SYSCTL_RW_ENTRY(LOG_MARTIANS, "log_martians"),
2581 DEVINET_SYSCTL_RW_ENTRY(TAG, "tag"),
2582 DEVINET_SYSCTL_RW_ENTRY(ARPFILTER, "arp_filter"),
2583 DEVINET_SYSCTL_RW_ENTRY(ARP_ANNOUNCE, "arp_announce"),
2584 DEVINET_SYSCTL_RW_ENTRY(ARP_IGNORE, "arp_ignore"),
2585 DEVINET_SYSCTL_RW_ENTRY(ARP_ACCEPT, "arp_accept"),
2586 DEVINET_SYSCTL_RW_ENTRY(ARP_NOTIFY, "arp_notify"),
2587 DEVINET_SYSCTL_RW_ENTRY(ARP_EVICT_NOCARRIER,
2588 "arp_evict_nocarrier"),
2589 DEVINET_SYSCTL_RW_ENTRY(PROXY_ARP_PVLAN, "proxy_arp_pvlan"),
2590 DEVINET_SYSCTL_RW_ENTRY(FORCE_IGMP_VERSION,
2591 "force_igmp_version"),
2592 DEVINET_SYSCTL_RW_ENTRY(IGMPV2_UNSOLICITED_REPORT_INTERVAL,
2593 "igmpv2_unsolicited_report_interval"),
2594 DEVINET_SYSCTL_RW_ENTRY(IGMPV3_UNSOLICITED_REPORT_INTERVAL,
2595 "igmpv3_unsolicited_report_interval"),
2596 DEVINET_SYSCTL_RW_ENTRY(IGNORE_ROUTES_WITH_LINKDOWN,
2597 "ignore_routes_with_linkdown"),
2598 DEVINET_SYSCTL_RW_ENTRY(DROP_GRATUITOUS_ARP,
2599 "drop_gratuitous_arp"),
2600
2601 DEVINET_SYSCTL_FLUSHING_ENTRY(NOXFRM, "disable_xfrm"),
2602 DEVINET_SYSCTL_FLUSHING_ENTRY(NOPOLICY, "disable_policy"),
2603 DEVINET_SYSCTL_FLUSHING_ENTRY(PROMOTE_SECONDARIES,
2604 "promote_secondaries"),
2605 DEVINET_SYSCTL_FLUSHING_ENTRY(ROUTE_LOCALNET,
2606 "route_localnet"),
2607 DEVINET_SYSCTL_FLUSHING_ENTRY(DROP_UNICAST_IN_L2_MULTICAST,
2608 "drop_unicast_in_l2_multicast"),
2609 },
2610};
2611
2612static int __devinet_sysctl_register(struct net *net, char *dev_name,
2613 int ifindex, struct ipv4_devconf *p)
2614{
2615 int i;
2616 struct devinet_sysctl_table *t;
2617 char path[sizeof("net/ipv4/conf/") + IFNAMSIZ];
2618
2619 t = kmemdup(&devinet_sysctl, sizeof(*t), GFP_KERNEL_ACCOUNT);
2620 if (!t)
2621 goto out;
2622
2623 for (i = 0; i < ARRAY_SIZE(t->devinet_vars); i++) {
2624 t->devinet_vars[i].data += (char *)p - (char *)&ipv4_devconf;
2625 t->devinet_vars[i].extra1 = p;
2626 t->devinet_vars[i].extra2 = net;
2627 }
2628
2629 snprintf(path, sizeof(path), "net/ipv4/conf/%s", dev_name);
2630
2631 t->sysctl_header = register_net_sysctl(net, path, t->devinet_vars);
2632 if (!t->sysctl_header)
2633 goto free;
2634
2635 p->sysctl = t;
2636
2637 inet_netconf_notify_devconf(net, RTM_NEWNETCONF, NETCONFA_ALL,
2638 ifindex, p);
2639 return 0;
2640
2641free:
2642 kfree(t);
2643out:
2644 return -ENOMEM;
2645}
2646
2647static void __devinet_sysctl_unregister(struct net *net,
2648 struct ipv4_devconf *cnf, int ifindex)
2649{
2650 struct devinet_sysctl_table *t = cnf->sysctl;
2651
2652 if (t) {
2653 cnf->sysctl = NULL;
2654 unregister_net_sysctl_table(t->sysctl_header);
2655 kfree(t);
2656 }
2657
2658 inet_netconf_notify_devconf(net, RTM_DELNETCONF, 0, ifindex, NULL);
2659}
2660
2661static int devinet_sysctl_register(struct in_device *idev)
2662{
2663 int err;
2664
2665 if (!sysctl_dev_name_is_allowed(idev->dev->name))
2666 return -EINVAL;
2667
2668 err = neigh_sysctl_register(idev->dev, idev->arp_parms, NULL);
2669 if (err)
2670 return err;
2671 err = __devinet_sysctl_register(dev_net(idev->dev), idev->dev->name,
2672 idev->dev->ifindex, &idev->cnf);
2673 if (err)
2674 neigh_sysctl_unregister(idev->arp_parms);
2675 return err;
2676}
2677
2678static void devinet_sysctl_unregister(struct in_device *idev)
2679{
2680 struct net *net = dev_net(idev->dev);
2681
2682 __devinet_sysctl_unregister(net, &idev->cnf, idev->dev->ifindex);
2683 neigh_sysctl_unregister(idev->arp_parms);
2684}
2685
2686static struct ctl_table ctl_forward_entry[] = {
2687 {
2688 .procname = "ip_forward",
2689 .data = &ipv4_devconf.data[
2690 IPV4_DEVCONF_FORWARDING - 1],
2691 .maxlen = sizeof(int),
2692 .mode = 0644,
2693 .proc_handler = devinet_sysctl_forward,
2694 .extra1 = &ipv4_devconf,
2695 .extra2 = &init_net,
2696 },
2697};
2698#endif
2699
2700static __net_init int devinet_init_net(struct net *net)
2701{
2702#ifdef CONFIG_SYSCTL
2703 struct ctl_table_header *forw_hdr;
2704 struct ctl_table *tbl;
2705#endif
2706 struct ipv4_devconf *all, *dflt;
2707 int err;
2708 int i;
2709
2710 err = -ENOMEM;
2711 net->ipv4.inet_addr_lst = kmalloc_array(IN4_ADDR_HSIZE,
2712 sizeof(struct hlist_head),
2713 GFP_KERNEL);
2714 if (!net->ipv4.inet_addr_lst)
2715 goto err_alloc_hash;
2716
2717 all = kmemdup(&ipv4_devconf, sizeof(ipv4_devconf), GFP_KERNEL);
2718 if (!all)
2719 goto err_alloc_all;
2720
2721 dflt = kmemdup(&ipv4_devconf_dflt, sizeof(ipv4_devconf_dflt), GFP_KERNEL);
2722 if (!dflt)
2723 goto err_alloc_dflt;
2724
2725#ifdef CONFIG_SYSCTL
2726 tbl = kmemdup(ctl_forward_entry, sizeof(ctl_forward_entry), GFP_KERNEL);
2727 if (!tbl)
2728 goto err_alloc_ctl;
2729
2730 tbl[0].data = &all->data[IPV4_DEVCONF_FORWARDING - 1];
2731 tbl[0].extra1 = all;
2732 tbl[0].extra2 = net;
2733#endif
2734
2735 if (!net_eq(net, &init_net)) {
2736 switch (net_inherit_devconf()) {
2737 case 3:
2738 /* copy from the current netns */
2739 memcpy(all, current->nsproxy->net_ns->ipv4.devconf_all,
2740 sizeof(ipv4_devconf));
2741 memcpy(dflt,
2742 current->nsproxy->net_ns->ipv4.devconf_dflt,
2743 sizeof(ipv4_devconf_dflt));
2744 break;
2745 case 0:
2746 case 1:
2747 /* copy from init_net */
2748 memcpy(all, init_net.ipv4.devconf_all,
2749 sizeof(ipv4_devconf));
2750 memcpy(dflt, init_net.ipv4.devconf_dflt,
2751 sizeof(ipv4_devconf_dflt));
2752 break;
2753 case 2:
2754 /* use compiled values */
2755 break;
2756 }
2757 }
2758
2759#ifdef CONFIG_SYSCTL
2760 err = __devinet_sysctl_register(net, "all", NETCONFA_IFINDEX_ALL, all);
2761 if (err < 0)
2762 goto err_reg_all;
2763
2764 err = __devinet_sysctl_register(net, "default",
2765 NETCONFA_IFINDEX_DEFAULT, dflt);
2766 if (err < 0)
2767 goto err_reg_dflt;
2768
2769 err = -ENOMEM;
2770 forw_hdr = register_net_sysctl_sz(net, "net/ipv4", tbl,
2771 ARRAY_SIZE(ctl_forward_entry));
2772 if (!forw_hdr)
2773 goto err_reg_ctl;
2774 net->ipv4.forw_hdr = forw_hdr;
2775#endif
2776
2777 for (i = 0; i < IN4_ADDR_HSIZE; i++)
2778 INIT_HLIST_HEAD(&net->ipv4.inet_addr_lst[i]);
2779
2780 INIT_DEFERRABLE_WORK(&net->ipv4.addr_chk_work, check_lifetime);
2781
2782 net->ipv4.devconf_all = all;
2783 net->ipv4.devconf_dflt = dflt;
2784 return 0;
2785
2786#ifdef CONFIG_SYSCTL
2787err_reg_ctl:
2788 __devinet_sysctl_unregister(net, dflt, NETCONFA_IFINDEX_DEFAULT);
2789err_reg_dflt:
2790 __devinet_sysctl_unregister(net, all, NETCONFA_IFINDEX_ALL);
2791err_reg_all:
2792 kfree(tbl);
2793err_alloc_ctl:
2794#endif
2795 kfree(dflt);
2796err_alloc_dflt:
2797 kfree(all);
2798err_alloc_all:
2799 kfree(net->ipv4.inet_addr_lst);
2800err_alloc_hash:
2801 return err;
2802}
2803
2804static __net_exit void devinet_exit_net(struct net *net)
2805{
2806#ifdef CONFIG_SYSCTL
2807 const struct ctl_table *tbl;
2808#endif
2809
2810 cancel_delayed_work_sync(&net->ipv4.addr_chk_work);
2811
2812#ifdef CONFIG_SYSCTL
2813 tbl = net->ipv4.forw_hdr->ctl_table_arg;
2814 unregister_net_sysctl_table(net->ipv4.forw_hdr);
2815 __devinet_sysctl_unregister(net, net->ipv4.devconf_dflt,
2816 NETCONFA_IFINDEX_DEFAULT);
2817 __devinet_sysctl_unregister(net, net->ipv4.devconf_all,
2818 NETCONFA_IFINDEX_ALL);
2819 kfree(tbl);
2820#endif
2821 kfree(net->ipv4.devconf_dflt);
2822 kfree(net->ipv4.devconf_all);
2823 kfree(net->ipv4.inet_addr_lst);
2824}
2825
2826static __net_initdata struct pernet_operations devinet_ops = {
2827 .init = devinet_init_net,
2828 .exit = devinet_exit_net,
2829};
2830
2831static struct rtnl_af_ops inet_af_ops __read_mostly = {
2832 .family = AF_INET,
2833 .fill_link_af = inet_fill_link_af,
2834 .get_link_af_size = inet_get_link_af_size,
2835 .validate_link_af = inet_validate_link_af,
2836 .set_link_af = inet_set_link_af,
2837};
2838
2839static const struct rtnl_msg_handler devinet_rtnl_msg_handlers[] __initconst = {
2840 {.protocol = PF_INET, .msgtype = RTM_NEWADDR, .doit = inet_rtm_newaddr,
2841 .flags = RTNL_FLAG_DOIT_PERNET},
2842 {.protocol = PF_INET, .msgtype = RTM_DELADDR, .doit = inet_rtm_deladdr,
2843 .flags = RTNL_FLAG_DOIT_PERNET},
2844 {.protocol = PF_INET, .msgtype = RTM_GETADDR, .dumpit = inet_dump_ifaddr,
2845 .flags = RTNL_FLAG_DUMP_UNLOCKED | RTNL_FLAG_DUMP_SPLIT_NLM_DONE},
2846 {.protocol = PF_INET, .msgtype = RTM_GETNETCONF,
2847 .doit = inet_netconf_get_devconf, .dumpit = inet_netconf_dump_devconf,
2848 .flags = RTNL_FLAG_DOIT_UNLOCKED | RTNL_FLAG_DUMP_UNLOCKED},
2849};
2850
2851void __init devinet_init(void)
2852{
2853 register_pernet_subsys(&devinet_ops);
2854 register_netdevice_notifier(&ip_netdev_notifier);
2855
2856 if (rtnl_af_register(&inet_af_ops))
2857 panic("Unable to register inet_af_ops\n");
2858
2859 rtnl_register_many(devinet_rtnl_msg_handlers);
2860}