Gitiles
Code Review Sign In
192.168.1.100 / T108 / e958203796650e3959a43708d67534bf36f4c83b / . / marvell / linux / net / ipv4 / devinet.c
blob: 9910844c890ba6d865228937be200f1dce1948fc [file] [log] [blame]
b.liue9582032025-04-17 19:18:16 +0800[diff] [blame^]1// SPDX-License-Identifier: GPL-2.0-or-later
2/*
3 * NET3 IP device support routines.
4 *
5 * Derived from the IP parts of dev.c 1.0.19
6 * Authors: Ross Biro
7 * Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
8 * Mark Evans, <evansmp@uhura.aston.ac.uk>
9 *
10 * Additional Authors:
11 * Alan Cox, <gw4pts@gw4pts.ampr.org>
12 * Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru>
13 *
14 * Changes:
15 * Alexey Kuznetsov: pa_* fields are replaced with ifaddr
16 * lists.
17 * Cyrus Durgin: updated for kmod
18 * Matthias Andree: in devinet_ioctl, compare label and
19 * address (4.4BSD alias style support),
20 * fall back to comparing just the label
21 * if no match found.
22 */
23
24
25#include <linux/uaccess.h>
26#include <linux/bitops.h>
27#include <linux/capability.h>
28#include <linux/module.h>
29#include <linux/types.h>
30#include <linux/kernel.h>
31#include <linux/sched/signal.h>
32#include <linux/string.h>
33#include <linux/mm.h>
34#include <linux/socket.h>
35#include <linux/sockios.h>
36#include <linux/in.h>
37#include <linux/errno.h>
38#include <linux/interrupt.h>
39#include <linux/if_addr.h>
40#include <linux/if_ether.h>
41#include <linux/inet.h>
42#include <linux/netdevice.h>
43#include <linux/etherdevice.h>
44#include <linux/skbuff.h>
45#include <linux/init.h>
46#include <linux/notifier.h>
47#include <linux/inetdevice.h>
48#include <linux/igmp.h>
49#include <linux/slab.h>
50#include <linux/hash.h>
51#ifdef CONFIG_SYSCTL
52#include <linux/sysctl.h>
53#endif
54#include <linux/kmod.h>
55#include <linux/netconf.h>
56
57#include <net/arp.h>
58#include <net/ip.h>
59#include <net/route.h>
60#include <net/ip_fib.h>
61#include <net/rtnetlink.h>
62#include <net/net_namespace.h>
63#include <net/addrconf.h>
64
65#define IPV6ONLY_FLAGS \
66 (IFA_F_NODAD | IFA_F_OPTIMISTIC | IFA_F_DADFAILED | \
67 IFA_F_HOMEADDRESS | IFA_F_TENTATIVE | \
68 IFA_F_MANAGETEMPADDR | IFA_F_STABLE_PRIVACY)
69
70static struct ipv4_devconf ipv4_devconf = {
71 .data = {
72 [IPV4_DEVCONF_ACCEPT_REDIRECTS - 1] = 1,
73 [IPV4_DEVCONF_SEND_REDIRECTS - 1] = 1,
74 [IPV4_DEVCONF_SECURE_REDIRECTS - 1] = 1,
75 [IPV4_DEVCONF_SHARED_MEDIA - 1] = 1,
76 [IPV4_DEVCONF_IGMPV2_UNSOLICITED_REPORT_INTERVAL - 1] = 10000 /*ms*/,
77 [IPV4_DEVCONF_IGMPV3_UNSOLICITED_REPORT_INTERVAL - 1] = 1000 /*ms*/,
78 },
79};
80
81static struct ipv4_devconf ipv4_devconf_dflt = {
82 .data = {
83 [IPV4_DEVCONF_ACCEPT_REDIRECTS - 1] = 1,
84 [IPV4_DEVCONF_SEND_REDIRECTS - 1] = 1,
85 [IPV4_DEVCONF_SECURE_REDIRECTS - 1] = 1,
86 [IPV4_DEVCONF_SHARED_MEDIA - 1] = 1,
87 [IPV4_DEVCONF_ACCEPT_SOURCE_ROUTE - 1] = 1,
88 [IPV4_DEVCONF_IGMPV2_UNSOLICITED_REPORT_INTERVAL - 1] = 10000 /*ms*/,
89 [IPV4_DEVCONF_IGMPV3_UNSOLICITED_REPORT_INTERVAL - 1] = 1000 /*ms*/,
90 },
91};
92
93#define IPV4_DEVCONF_DFLT(net, attr) \
94 IPV4_DEVCONF((*net->ipv4.devconf_dflt), attr)
95
96static const struct nla_policy ifa_ipv4_policy[IFA_MAX+1] = {
97 [IFA_LOCAL] = { .type = NLA_U32 },
98 [IFA_ADDRESS] = { .type = NLA_U32 },
99 [IFA_BROADCAST] = { .type = NLA_U32 },
100 [IFA_LABEL] = { .type = NLA_STRING, .len = IFNAMSIZ - 1 },
101 [IFA_CACHEINFO] = { .len = sizeof(struct ifa_cacheinfo) },
102 [IFA_FLAGS] = { .type = NLA_U32 },
103 [IFA_RT_PRIORITY] = { .type = NLA_U32 },
104 [IFA_TARGET_NETNSID] = { .type = NLA_S32 },
105};
106
107struct inet_fill_args {
108 u32 portid;
109 u32 seq;
110 int event;
111 unsigned int flags;
112 int netnsid;
113 int ifindex;
114};
115
116#define IN4_ADDR_HSIZE_SHIFT 8
117#define IN4_ADDR_HSIZE (1U << IN4_ADDR_HSIZE_SHIFT)
118
119static struct hlist_head inet_addr_lst[IN4_ADDR_HSIZE];
120
121static u32 inet_addr_hash(const struct net *net, __be32 addr)
122{
123 u32 val = (__force u32) addr ^ net_hash_mix(net);
124
125 return hash_32(val, IN4_ADDR_HSIZE_SHIFT);
126}
127
128static void inet_hash_insert(struct net *net, struct in_ifaddr *ifa)
129{
130 u32 hash = inet_addr_hash(net, ifa->ifa_local);
131
132 ASSERT_RTNL();
133 hlist_add_head_rcu(&ifa->hash, &inet_addr_lst[hash]);
134}
135
136static void inet_hash_remove(struct in_ifaddr *ifa)
137{
138 ASSERT_RTNL();
139 hlist_del_init_rcu(&ifa->hash);
140}
141
142/**
143 * __ip_dev_find - find the first device with a given source address.
144 * @net: the net namespace
145 * @addr: the source address
146 * @devref: if true, take a reference on the found device
147 *
148 * If a caller uses devref=false, it should be protected by RCU, or RTNL
149 */
150struct net_device *__ip_dev_find(struct net *net, __be32 addr, bool devref)
151{
152 struct net_device *result = NULL;
153 struct in_ifaddr *ifa;
154
155 rcu_read_lock();
156 ifa = inet_lookup_ifaddr_rcu(net, addr);
157 if (!ifa) {
158 struct flowi4 fl4 = { .daddr = addr };
159 struct fib_result res = { 0 };
160 struct fib_table *local;
161
162 /* Fallback to FIB local table so that communication
163 * over loopback subnets work.
164 */
165 local = fib_get_table(net, RT_TABLE_LOCAL);
166 if (local &&
167 !fib_table_lookup(local, &fl4, &res, FIB_LOOKUP_NOREF) &&
168 res.type == RTN_LOCAL)
169 result = FIB_RES_DEV(res);
170 } else {
171 result = ifa->ifa_dev->dev;
172 }
173 if (result && devref)
174 dev_hold(result);
175 rcu_read_unlock();
176 return result;
177}
178EXPORT_SYMBOL(__ip_dev_find);
179
180/* called under RCU lock */
181struct in_ifaddr *inet_lookup_ifaddr_rcu(struct net *net, __be32 addr)
182{
183 u32 hash = inet_addr_hash(net, addr);
184 struct in_ifaddr *ifa;
185
186 hlist_for_each_entry_rcu(ifa, &inet_addr_lst[hash], hash)
187 if (ifa->ifa_local == addr &&
188 net_eq(dev_net(ifa->ifa_dev->dev), net))
189 return ifa;
190
191 return NULL;
192}
193
194static void rtmsg_ifa(int event, struct in_ifaddr *, struct nlmsghdr *, u32);
195
196static BLOCKING_NOTIFIER_HEAD(inetaddr_chain);
197static BLOCKING_NOTIFIER_HEAD(inetaddr_validator_chain);
198static void inet_del_ifa(struct in_device *in_dev,
199 struct in_ifaddr __rcu **ifap,
200 int destroy);
201#ifdef CONFIG_SYSCTL
202static int devinet_sysctl_register(struct in_device *idev);
203static void devinet_sysctl_unregister(struct in_device *idev);
204#else
205static int devinet_sysctl_register(struct in_device *idev)
206{
207 return 0;
208}
209static void devinet_sysctl_unregister(struct in_device *idev)
210{
211}
212#endif
213
214/* Locks all the inet devices. */
215
216static struct in_ifaddr *inet_alloc_ifa(void)
217{
218 return kzalloc(sizeof(struct in_ifaddr), GFP_KERNEL);
219}
220
221static void inet_rcu_free_ifa(struct rcu_head *head)
222{
223 struct in_ifaddr *ifa = container_of(head, struct in_ifaddr, rcu_head);
224 if (ifa->ifa_dev)
225 in_dev_put(ifa->ifa_dev);
226 kfree(ifa);
227}
228
229static void inet_free_ifa(struct in_ifaddr *ifa)
230{
231 call_rcu(&ifa->rcu_head, inet_rcu_free_ifa);
232}
233
234void in_dev_finish_destroy(struct in_device *idev)
235{
236 struct net_device *dev = idev->dev;
237
238 WARN_ON(idev->ifa_list);
239 WARN_ON(idev->mc_list);
240 kfree(rcu_dereference_protected(idev->mc_hash, 1));
241#ifdef NET_REFCNT_DEBUG
242 pr_debug("%s: %p=%s\n", __func__, idev, dev ? dev->name : "NIL");
243#endif
244 dev_put(dev);
245 if (!idev->dead)
246 pr_err("Freeing alive in_device %p\n", idev);
247 else
248 kfree(idev);
249}
250EXPORT_SYMBOL(in_dev_finish_destroy);
251
252static struct in_device *inetdev_init(struct net_device *dev)
253{
254 struct in_device *in_dev;
255 int err = -ENOMEM;
256
257 ASSERT_RTNL();
258
259 in_dev = kzalloc(sizeof(*in_dev), GFP_KERNEL);
260 if (!in_dev)
261 goto out;
262 memcpy(&in_dev->cnf, dev_net(dev)->ipv4.devconf_dflt,
263 sizeof(in_dev->cnf));
264 in_dev->cnf.sysctl = NULL;
265 in_dev->dev = dev;
266 in_dev->arp_parms = neigh_parms_alloc(dev, &arp_tbl);
267 if (!in_dev->arp_parms)
268 goto out_kfree;
269 if (IPV4_DEVCONF(in_dev->cnf, FORWARDING))
270 dev_disable_lro(dev);
271 /* Reference in_dev->dev */
272 dev_hold(dev);
273 /* Account for reference dev->ip_ptr (below) */
274 refcount_set(&in_dev->refcnt, 1);
275
276 if (dev != blackhole_netdev) {
277 err = devinet_sysctl_register(in_dev);
278 if (err) {
279 in_dev->dead = 1;
280 neigh_parms_release(&arp_tbl, in_dev->arp_parms);
281 in_dev_put(in_dev);
282 in_dev = NULL;
283 goto out;
284 }
285 ip_mc_init_dev(in_dev);
286 if (dev->flags & IFF_UP)
287 ip_mc_up(in_dev);
288 }
289
290 /* we can receive as soon as ip_ptr is set -- do this last */
291 rcu_assign_pointer(dev->ip_ptr, in_dev);
292out:
293 return in_dev ?: ERR_PTR(err);
294out_kfree:
295 kfree(in_dev);
296 in_dev = NULL;
297 goto out;
298}
299
300static void in_dev_rcu_put(struct rcu_head *head)
301{
302 struct in_device *idev = container_of(head, struct in_device, rcu_head);
303 in_dev_put(idev);
304}
305
306static void inetdev_destroy(struct in_device *in_dev)
307{
308 struct net_device *dev;
309 struct in_ifaddr *ifa;
310
311 ASSERT_RTNL();
312
313 dev = in_dev->dev;
314
315 in_dev->dead = 1;
316
317 ip_mc_destroy_dev(in_dev);
318
319 while ((ifa = rtnl_dereference(in_dev->ifa_list)) != NULL) {
320 inet_del_ifa(in_dev, &in_dev->ifa_list, 0);
321 inet_free_ifa(ifa);
322 }
323
324 RCU_INIT_POINTER(dev->ip_ptr, NULL);
325
326 devinet_sysctl_unregister(in_dev);
327 neigh_parms_release(&arp_tbl, in_dev->arp_parms);
328 arp_ifdown(dev);
329
330 call_rcu(&in_dev->rcu_head, in_dev_rcu_put);
331}
332
333static int __init inet_blackhole_dev_init(void)
334{
335 int err = 0;
336
337 rtnl_lock();
338 if (!inetdev_init(blackhole_netdev))
339 err = -ENOMEM;
340 rtnl_unlock();
341
342 return err;
343}
344late_initcall(inet_blackhole_dev_init);
345
346int inet_addr_onlink(struct in_device *in_dev, __be32 a, __be32 b)
347{
348 const struct in_ifaddr *ifa;
349
350 rcu_read_lock();
351 in_dev_for_each_ifa_rcu(ifa, in_dev) {
352 if (inet_ifa_match(a, ifa)) {
353 if (!b || inet_ifa_match(b, ifa)) {
354 rcu_read_unlock();
355 return 1;
356 }
357 }
358 }
359 rcu_read_unlock();
360 return 0;
361}
362
363static void __inet_del_ifa(struct in_device *in_dev,
364 struct in_ifaddr __rcu **ifap,
365 int destroy, struct nlmsghdr *nlh, u32 portid)
366{
367 struct in_ifaddr *promote = NULL;
368 struct in_ifaddr *ifa, *ifa1;
369 struct in_ifaddr __rcu **last_prim;
370 struct in_ifaddr *prev_prom = NULL;
371 int do_promote = IN_DEV_PROMOTE_SECONDARIES(in_dev);
372
373 ASSERT_RTNL();
374
375 ifa1 = rtnl_dereference(*ifap);
376 last_prim = ifap;
377 if (in_dev->dead)
378 goto no_promotions;
379
380 /* 1. Deleting primary ifaddr forces deletion all secondaries
381 * unless alias promotion is set
382 **/
383
384 if (!(ifa1->ifa_flags & IFA_F_SECONDARY)) {
385 struct in_ifaddr __rcu **ifap1 = &ifa1->ifa_next;
386
387 while ((ifa = rtnl_dereference(*ifap1)) != NULL) {
388 if (!(ifa->ifa_flags & IFA_F_SECONDARY) &&
389 ifa1->ifa_scope <= ifa->ifa_scope)
390 last_prim = &ifa->ifa_next;
391
392 if (!(ifa->ifa_flags & IFA_F_SECONDARY) ||
393 ifa1->ifa_mask != ifa->ifa_mask ||
394 !inet_ifa_match(ifa1->ifa_address, ifa)) {
395 ifap1 = &ifa->ifa_next;
396 prev_prom = ifa;
397 continue;
398 }
399
400 if (!do_promote) {
401 inet_hash_remove(ifa);
402 *ifap1 = ifa->ifa_next;
403
404 rtmsg_ifa(RTM_DELADDR, ifa, nlh, portid);
405 blocking_notifier_call_chain(&inetaddr_chain,
406 NETDEV_DOWN, ifa);
407 inet_free_ifa(ifa);
408 } else {
409 promote = ifa;
410 break;
411 }
412 }
413 }
414
415 /* On promotion all secondaries from subnet are changing
416 * the primary IP, we must remove all their routes silently
417 * and later to add them back with new prefsrc. Do this
418 * while all addresses are on the device list.
419 */
420 for (ifa = promote; ifa; ifa = rtnl_dereference(ifa->ifa_next)) {
421 if (ifa1->ifa_mask == ifa->ifa_mask &&
422 inet_ifa_match(ifa1->ifa_address, ifa))
423 fib_del_ifaddr(ifa, ifa1);
424 }
425
426no_promotions:
427 /* 2. Unlink it */
428
429 *ifap = ifa1->ifa_next;
430 inet_hash_remove(ifa1);
431
432 /* 3. Announce address deletion */
433
434 /* Send message first, then call notifier.
435 At first sight, FIB update triggered by notifier
436 will refer to already deleted ifaddr, that could confuse
437 netlink listeners. It is not true: look, gated sees
438 that route deleted and if it still thinks that ifaddr
439 is valid, it will try to restore deleted routes... Grr.
440 So that, this order is correct.
441 */
442 rtmsg_ifa(RTM_DELADDR, ifa1, nlh, portid);
443 blocking_notifier_call_chain(&inetaddr_chain, NETDEV_DOWN, ifa1);
444
445 if (promote) {
446 struct in_ifaddr *next_sec;
447
448 next_sec = rtnl_dereference(promote->ifa_next);
449 if (prev_prom) {
450 struct in_ifaddr *last_sec;
451
452 rcu_assign_pointer(prev_prom->ifa_next, next_sec);
453
454 last_sec = rtnl_dereference(*last_prim);
455 rcu_assign_pointer(promote->ifa_next, last_sec);
456 rcu_assign_pointer(*last_prim, promote);
457 }
458
459 promote->ifa_flags &= ~IFA_F_SECONDARY;
460 rtmsg_ifa(RTM_NEWADDR, promote, nlh, portid);
461 blocking_notifier_call_chain(&inetaddr_chain,
462 NETDEV_UP, promote);
463 for (ifa = next_sec; ifa;
464 ifa = rtnl_dereference(ifa->ifa_next)) {
465 if (ifa1->ifa_mask != ifa->ifa_mask ||
466 !inet_ifa_match(ifa1->ifa_address, ifa))
467 continue;
468 fib_add_ifaddr(ifa);
469 }
470
471 }
472 if (destroy)
473 inet_free_ifa(ifa1);
474}
475
476static void inet_del_ifa(struct in_device *in_dev,
477 struct in_ifaddr __rcu **ifap,
478 int destroy)
479{
480 __inet_del_ifa(in_dev, ifap, destroy, NULL, 0);
481}
482
483static void check_lifetime(struct work_struct *work);
484
485static DECLARE_DELAYED_WORK(check_lifetime_work, check_lifetime);
486
487static int __inet_insert_ifa(struct in_ifaddr *ifa, struct nlmsghdr *nlh,
488 u32 portid, struct netlink_ext_ack *extack)
489{
490 struct in_ifaddr __rcu **last_primary, **ifap;
491 struct in_device *in_dev = ifa->ifa_dev;
492 struct in_validator_info ivi;
493 struct in_ifaddr *ifa1;
494 int ret;
495
496 ASSERT_RTNL();
497
498 if (!ifa->ifa_local) {
499 inet_free_ifa(ifa);
500 return 0;
501 }
502
503 ifa->ifa_flags &= ~IFA_F_SECONDARY;
504 last_primary = &in_dev->ifa_list;
505
506 /* Don't set IPv6 only flags to IPv4 addresses */
507 ifa->ifa_flags &= ~IPV6ONLY_FLAGS;
508
509 ifap = &in_dev->ifa_list;
510 ifa1 = rtnl_dereference(*ifap);
511
512 while (ifa1) {
513 if (!(ifa1->ifa_flags & IFA_F_SECONDARY) &&
514 ifa->ifa_scope <= ifa1->ifa_scope)
515 last_primary = &ifa1->ifa_next;
516 if (ifa1->ifa_mask == ifa->ifa_mask &&
517 inet_ifa_match(ifa1->ifa_address, ifa)) {
518 if (ifa1->ifa_local == ifa->ifa_local) {
519 inet_free_ifa(ifa);
520 return -EEXIST;
521 }
522 if (ifa1->ifa_scope != ifa->ifa_scope) {
523 inet_free_ifa(ifa);
524 return -EINVAL;
525 }
526 ifa->ifa_flags |= IFA_F_SECONDARY;
527 }
528
529 ifap = &ifa1->ifa_next;
530 ifa1 = rtnl_dereference(*ifap);
531 }
532
533 /* Allow any devices that wish to register ifaddr validtors to weigh
534 * in now, before changes are committed. The rntl lock is serializing
535 * access here, so the state should not change between a validator call
536 * and a final notify on commit. This isn't invoked on promotion under
537 * the assumption that validators are checking the address itself, and
538 * not the flags.
539 */
540 ivi.ivi_addr = ifa->ifa_address;
541 ivi.ivi_dev = ifa->ifa_dev;
542 ivi.extack = extack;
543 ret = blocking_notifier_call_chain(&inetaddr_validator_chain,
544 NETDEV_UP, &ivi);
545 ret = notifier_to_errno(ret);
546 if (ret) {
547 inet_free_ifa(ifa);
548 return ret;
549 }
550
551 if (!(ifa->ifa_flags & IFA_F_SECONDARY)) {
552 prandom_seed((__force u32) ifa->ifa_local);
553 ifap = last_primary;
554 }
555
556 rcu_assign_pointer(ifa->ifa_next, *ifap);
557 rcu_assign_pointer(*ifap, ifa);
558
559 inet_hash_insert(dev_net(in_dev->dev), ifa);
560
561 cancel_delayed_work(&check_lifetime_work);
562 queue_delayed_work(system_power_efficient_wq, &check_lifetime_work, 0);
563
564 /* Send message first, then call notifier.
565 Notifier will trigger FIB update, so that
566 listeners of netlink will know about new ifaddr */
567 rtmsg_ifa(RTM_NEWADDR, ifa, nlh, portid);
568 blocking_notifier_call_chain(&inetaddr_chain, NETDEV_UP, ifa);
569
570 return 0;
571}
572
573static int inet_insert_ifa(struct in_ifaddr *ifa)
574{
575 return __inet_insert_ifa(ifa, NULL, 0, NULL);
576}
577
578static int inet_set_ifa(struct net_device *dev, struct in_ifaddr *ifa)
579{
580 struct in_device *in_dev = __in_dev_get_rtnl(dev);
581
582 ASSERT_RTNL();
583
584 ipv4_devconf_setall(in_dev);
585 neigh_parms_data_state_setall(in_dev->arp_parms);
586 if (ifa->ifa_dev != in_dev) {
587 WARN_ON(ifa->ifa_dev);
588 in_dev_hold(in_dev);
589 ifa->ifa_dev = in_dev;
590 }
591 if (ipv4_is_loopback(ifa->ifa_local))
592 ifa->ifa_scope = RT_SCOPE_HOST;
593 return inet_insert_ifa(ifa);
594}
595
596/* Caller must hold RCU or RTNL :
597 * We dont take a reference on found in_device
598 */
599struct in_device *inetdev_by_index(struct net *net, int ifindex)
600{
601 struct net_device *dev;
602 struct in_device *in_dev = NULL;
603
604 rcu_read_lock();
605 dev = dev_get_by_index_rcu(net, ifindex);
606 if (dev)
607 in_dev = rcu_dereference_rtnl(dev->ip_ptr);
608 rcu_read_unlock();
609 return in_dev;
610}
611EXPORT_SYMBOL(inetdev_by_index);
612
613/* Called only from RTNL semaphored context. No locks. */
614
615struct in_ifaddr *inet_ifa_byprefix(struct in_device *in_dev, __be32 prefix,
616 __be32 mask)
617{
618 struct in_ifaddr *ifa;
619
620 ASSERT_RTNL();
621
622 in_dev_for_each_ifa_rtnl(ifa, in_dev) {
623 if (ifa->ifa_mask == mask && inet_ifa_match(prefix, ifa))
624 return ifa;
625 }
626 return NULL;
627}
628
629static int ip_mc_autojoin_config(struct net *net, bool join,
630 const struct in_ifaddr *ifa)
631{
632#if defined(CONFIG_IP_MULTICAST)
633 struct ip_mreqn mreq = {
634 .imr_multiaddr.s_addr = ifa->ifa_address,
635 .imr_ifindex = ifa->ifa_dev->dev->ifindex,
636 };
637 struct sock *sk = net->ipv4.mc_autojoin_sk;
638 int ret;
639
640 ASSERT_RTNL();
641
642 lock_sock(sk);
643 if (join)
644 ret = ip_mc_join_group(sk, &mreq);
645 else
646 ret = ip_mc_leave_group(sk, &mreq);
647 release_sock(sk);
648
649 return ret;
650#else
651 return -EOPNOTSUPP;
652#endif
653}
654
655static int inet_rtm_deladdr(struct sk_buff *skb, struct nlmsghdr *nlh,
656 struct netlink_ext_ack *extack)
657{
658 struct net *net = sock_net(skb->sk);
659 struct in_ifaddr __rcu **ifap;
660 struct nlattr *tb[IFA_MAX+1];
661 struct in_device *in_dev;
662 struct ifaddrmsg *ifm;
663 struct in_ifaddr *ifa;
664
665 int err = -EINVAL;
666
667 ASSERT_RTNL();
668
669 err = nlmsg_parse_deprecated(nlh, sizeof(*ifm), tb, IFA_MAX,
670 ifa_ipv4_policy, extack);
671 if (err < 0)
672 goto errout;
673
674 ifm = nlmsg_data(nlh);
675 in_dev = inetdev_by_index(net, ifm->ifa_index);
676 if (!in_dev) {
677 err = -ENODEV;
678 goto errout;
679 }
680
681 for (ifap = &in_dev->ifa_list; (ifa = rtnl_dereference(*ifap)) != NULL;
682 ifap = &ifa->ifa_next) {
683 if (tb[IFA_LOCAL] &&
684 ifa->ifa_local != nla_get_in_addr(tb[IFA_LOCAL]))
685 continue;
686
687 if (tb[IFA_LABEL] && nla_strcmp(tb[IFA_LABEL], ifa->ifa_label))
688 continue;
689
690 if (tb[IFA_ADDRESS] &&
691 (ifm->ifa_prefixlen != ifa->ifa_prefixlen ||
692 !inet_ifa_match(nla_get_in_addr(tb[IFA_ADDRESS]), ifa)))
693 continue;
694
695 if (ipv4_is_multicast(ifa->ifa_address))
696 ip_mc_autojoin_config(net, false, ifa);
697 __inet_del_ifa(in_dev, ifap, 1, nlh, NETLINK_CB(skb).portid);
698 return 0;
699 }
700
701 err = -EADDRNOTAVAIL;
702errout:
703 return err;
704}
705
706#define INFINITY_LIFE_TIME 0xFFFFFFFF
707
708static void check_lifetime(struct work_struct *work)
709{
710 unsigned long now, next, next_sec, next_sched;
711 struct in_ifaddr *ifa;
712 struct hlist_node *n;
713 int i;
714
715 now = jiffies;
716 next = round_jiffies_up(now + ADDR_CHECK_FREQUENCY);
717
718 for (i = 0; i < IN4_ADDR_HSIZE; i++) {
719 bool change_needed = false;
720
721 rcu_read_lock();
722 hlist_for_each_entry_rcu(ifa, &inet_addr_lst[i], hash) {
723 unsigned long age;
724
725 if (ifa->ifa_flags & IFA_F_PERMANENT)
726 continue;
727
728 /* We try to batch several events at once. */
729 age = (now - ifa->ifa_tstamp +
730 ADDRCONF_TIMER_FUZZ_MINUS) / HZ;
731
732 if (ifa->ifa_valid_lft != INFINITY_LIFE_TIME &&
733 age >= ifa->ifa_valid_lft) {
734 change_needed = true;
735 } else if (ifa->ifa_preferred_lft ==
736 INFINITY_LIFE_TIME) {
737 continue;
738 } else if (age >= ifa->ifa_preferred_lft) {
739 if (time_before(ifa->ifa_tstamp +
740 ifa->ifa_valid_lft * HZ, next))
741 next = ifa->ifa_tstamp +
742 ifa->ifa_valid_lft * HZ;
743
744 if (!(ifa->ifa_flags & IFA_F_DEPRECATED))
745 change_needed = true;
746 } else if (time_before(ifa->ifa_tstamp +
747 ifa->ifa_preferred_lft * HZ,
748 next)) {
749 next = ifa->ifa_tstamp +
750 ifa->ifa_preferred_lft * HZ;
751 }
752 }
753 rcu_read_unlock();
754 if (!change_needed)
755 continue;
756 rtnl_lock();
757 hlist_for_each_entry_safe(ifa, n, &inet_addr_lst[i], hash) {
758 unsigned long age;
759
760 if (ifa->ifa_flags & IFA_F_PERMANENT)
761 continue;
762
763 /* We try to batch several events at once. */
764 age = (now - ifa->ifa_tstamp +
765 ADDRCONF_TIMER_FUZZ_MINUS) / HZ;
766
767 if (ifa->ifa_valid_lft != INFINITY_LIFE_TIME &&
768 age >= ifa->ifa_valid_lft) {
769 struct in_ifaddr __rcu **ifap;
770 struct in_ifaddr *tmp;
771
772 ifap = &ifa->ifa_dev->ifa_list;
773 tmp = rtnl_dereference(*ifap);
774 while (tmp) {
775 if (tmp == ifa) {
776 inet_del_ifa(ifa->ifa_dev,
777 ifap, 1);
778 break;
779 }
780 ifap = &tmp->ifa_next;
781 tmp = rtnl_dereference(*ifap);
782 }
783 } else if (ifa->ifa_preferred_lft !=
784 INFINITY_LIFE_TIME &&
785 age >= ifa->ifa_preferred_lft &&
786 !(ifa->ifa_flags & IFA_F_DEPRECATED)) {
787 ifa->ifa_flags |= IFA_F_DEPRECATED;
788 rtmsg_ifa(RTM_NEWADDR, ifa, NULL, 0);
789 }
790 }
791 rtnl_unlock();
792 }
793
794 next_sec = round_jiffies_up(next);
795 next_sched = next;
796
797 /* If rounded timeout is accurate enough, accept it. */
798 if (time_before(next_sec, next + ADDRCONF_TIMER_FUZZ))
799 next_sched = next_sec;
800
801 now = jiffies;
802 /* And minimum interval is ADDRCONF_TIMER_FUZZ_MAX. */
803 if (time_before(next_sched, now + ADDRCONF_TIMER_FUZZ_MAX))
804 next_sched = now + ADDRCONF_TIMER_FUZZ_MAX;
805
806 queue_delayed_work(system_power_efficient_wq, &check_lifetime_work,
807 next_sched - now);
808}
809
810static void set_ifa_lifetime(struct in_ifaddr *ifa, __u32 valid_lft,
811 __u32 prefered_lft)
812{
813 unsigned long timeout;
814
815 ifa->ifa_flags &= ~(IFA_F_PERMANENT | IFA_F_DEPRECATED);
816
817 timeout = addrconf_timeout_fixup(valid_lft, HZ);
818 if (addrconf_finite_timeout(timeout))
819 ifa->ifa_valid_lft = timeout;
820 else
821 ifa->ifa_flags |= IFA_F_PERMANENT;
822
823 timeout = addrconf_timeout_fixup(prefered_lft, HZ);
824 if (addrconf_finite_timeout(timeout)) {
825 if (timeout == 0)
826 ifa->ifa_flags |= IFA_F_DEPRECATED;
827 ifa->ifa_preferred_lft = timeout;
828 }
829 ifa->ifa_tstamp = jiffies;
830 if (!ifa->ifa_cstamp)
831 ifa->ifa_cstamp = ifa->ifa_tstamp;
832}
833
834static struct in_ifaddr *rtm_to_ifaddr(struct net *net, struct nlmsghdr *nlh,
835 __u32 *pvalid_lft, __u32 *pprefered_lft,
836 struct netlink_ext_ack *extack)
837{
838 struct nlattr *tb[IFA_MAX+1];
839 struct in_ifaddr *ifa;
840 struct ifaddrmsg *ifm;
841 struct net_device *dev;
842 struct in_device *in_dev;
843 int err;
844
845 err = nlmsg_parse_deprecated(nlh, sizeof(*ifm), tb, IFA_MAX,
846 ifa_ipv4_policy, extack);
847 if (err < 0)
848 goto errout;
849
850 ifm = nlmsg_data(nlh);
851 err = -EINVAL;
852 if (ifm->ifa_prefixlen > 32 || !tb[IFA_LOCAL])
853 goto errout;
854
855 dev = __dev_get_by_index(net, ifm->ifa_index);
856 err = -ENODEV;
857 if (!dev)
858 goto errout;
859
860 in_dev = __in_dev_get_rtnl(dev);
861 err = -ENOBUFS;
862 if (!in_dev)
863 goto errout;
864
865 ifa = inet_alloc_ifa();
866 if (!ifa)
867 /*
868 * A potential indev allocation can be left alive, it stays
869 * assigned to its device and is destroy with it.
870 */
871 goto errout;
872
873 ipv4_devconf_setall(in_dev);
874 neigh_parms_data_state_setall(in_dev->arp_parms);
875 in_dev_hold(in_dev);
876
877 if (!tb[IFA_ADDRESS])
878 tb[IFA_ADDRESS] = tb[IFA_LOCAL];
879
880 INIT_HLIST_NODE(&ifa->hash);
881 ifa->ifa_prefixlen = ifm->ifa_prefixlen;
882 ifa->ifa_mask = inet_make_mask(ifm->ifa_prefixlen);
883 ifa->ifa_flags = tb[IFA_FLAGS] ? nla_get_u32(tb[IFA_FLAGS]) :
884 ifm->ifa_flags;
885 ifa->ifa_scope = ifm->ifa_scope;
886 ifa->ifa_dev = in_dev;
887
888 ifa->ifa_local = nla_get_in_addr(tb[IFA_LOCAL]);
889 ifa->ifa_address = nla_get_in_addr(tb[IFA_ADDRESS]);
890
891 if (tb[IFA_BROADCAST])
892 ifa->ifa_broadcast = nla_get_in_addr(tb[IFA_BROADCAST]);
893
894 if (tb[IFA_LABEL])
895 nla_strlcpy(ifa->ifa_label, tb[IFA_LABEL], IFNAMSIZ);
896 else
897 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
898
899 if (tb[IFA_RT_PRIORITY])
900 ifa->ifa_rt_priority = nla_get_u32(tb[IFA_RT_PRIORITY]);
901
902 if (tb[IFA_CACHEINFO]) {
903 struct ifa_cacheinfo *ci;
904
905 ci = nla_data(tb[IFA_CACHEINFO]);
906 if (!ci->ifa_valid || ci->ifa_prefered > ci->ifa_valid) {
907 err = -EINVAL;
908 goto errout_free;
909 }
910 *pvalid_lft = ci->ifa_valid;
911 *pprefered_lft = ci->ifa_prefered;
912 }
913
914 return ifa;
915
916errout_free:
917 inet_free_ifa(ifa);
918errout:
919 return ERR_PTR(err);
920}
921
922static struct in_ifaddr *find_matching_ifa(struct in_ifaddr *ifa)
923{
924 struct in_device *in_dev = ifa->ifa_dev;
925 struct in_ifaddr *ifa1;
926
927 if (!ifa->ifa_local)
928 return NULL;
929
930 in_dev_for_each_ifa_rtnl(ifa1, in_dev) {
931 if (ifa1->ifa_mask == ifa->ifa_mask &&
932 inet_ifa_match(ifa1->ifa_address, ifa) &&
933 ifa1->ifa_local == ifa->ifa_local)
934 return ifa1;
935 }
936 return NULL;
937}
938
939static int inet_rtm_newaddr(struct sk_buff *skb, struct nlmsghdr *nlh,
940 struct netlink_ext_ack *extack)
941{
942 struct net *net = sock_net(skb->sk);
943 struct in_ifaddr *ifa;
944 struct in_ifaddr *ifa_existing;
945 __u32 valid_lft = INFINITY_LIFE_TIME;
946 __u32 prefered_lft = INFINITY_LIFE_TIME;
947
948 ASSERT_RTNL();
949
950 ifa = rtm_to_ifaddr(net, nlh, &valid_lft, &prefered_lft, extack);
951 if (IS_ERR(ifa))
952 return PTR_ERR(ifa);
953
954 ifa_existing = find_matching_ifa(ifa);
955 if (!ifa_existing) {
956 /* It would be best to check for !NLM_F_CREATE here but
957 * userspace already relies on not having to provide this.
958 */
959 set_ifa_lifetime(ifa, valid_lft, prefered_lft);
960 if (ifa->ifa_flags & IFA_F_MCAUTOJOIN) {
961 int ret = ip_mc_autojoin_config(net, true, ifa);
962
963 if (ret < 0) {
964 inet_free_ifa(ifa);
965 return ret;
966 }
967 }
968 return __inet_insert_ifa(ifa, nlh, NETLINK_CB(skb).portid,
969 extack);
970 } else {
971 u32 new_metric = ifa->ifa_rt_priority;
972
973 inet_free_ifa(ifa);
974
975 if (nlh->nlmsg_flags & NLM_F_EXCL ||
976 !(nlh->nlmsg_flags & NLM_F_REPLACE))
977 return -EEXIST;
978 ifa = ifa_existing;
979
980 if (ifa->ifa_rt_priority != new_metric) {
981 fib_modify_prefix_metric(ifa, new_metric);
982 ifa->ifa_rt_priority = new_metric;
983 }
984
985 set_ifa_lifetime(ifa, valid_lft, prefered_lft);
986 cancel_delayed_work(&check_lifetime_work);
987 queue_delayed_work(system_power_efficient_wq,
988 &check_lifetime_work, 0);
989 rtmsg_ifa(RTM_NEWADDR, ifa, nlh, NETLINK_CB(skb).portid);
990 }
991 return 0;
992}
993
994/*
995 * Determine a default network mask, based on the IP address.
996 */
997
998static int inet_abc_len(__be32 addr)
999{
1000 int rc = -1; /* Something else, probably a multicast. */
1001
1002 if (ipv4_is_zeronet(addr) || ipv4_is_lbcast(addr))
1003 rc = 0;
1004 else {
1005 __u32 haddr = ntohl(addr);
1006 if (IN_CLASSA(haddr))
1007 rc = 8;
1008 else if (IN_CLASSB(haddr))
1009 rc = 16;
1010 else if (IN_CLASSC(haddr))
1011 rc = 24;
1012 else if (IN_CLASSE(haddr))
1013 rc = 32;
1014 }
1015
1016 return rc;
1017}
1018
1019
1020int devinet_ioctl(struct net *net, unsigned int cmd, struct ifreq *ifr)
1021{
1022 struct sockaddr_in sin_orig;
1023 struct sockaddr_in *sin = (struct sockaddr_in *)&ifr->ifr_addr;
1024 struct in_ifaddr __rcu **ifap = NULL;
1025 struct in_device *in_dev;
1026 struct in_ifaddr *ifa = NULL;
1027 struct net_device *dev;
1028 char *colon;
1029 int ret = -EFAULT;
1030 int tryaddrmatch = 0;
1031
1032 ifr->ifr_name[IFNAMSIZ - 1] = 0;
1033
1034 /* save original address for comparison */
1035 memcpy(&sin_orig, sin, sizeof(*sin));
1036
1037 colon = strchr(ifr->ifr_name, ':');
1038 if (colon)
1039 *colon = 0;
1040
1041 dev_load(net, ifr->ifr_name);
1042
1043 switch (cmd) {
1044 case SIOCGIFADDR: /* Get interface address */
1045 case SIOCGIFBRDADDR: /* Get the broadcast address */
1046 case SIOCGIFDSTADDR: /* Get the destination address */
1047 case SIOCGIFNETMASK: /* Get the netmask for the interface */
1048 /* Note that these ioctls will not sleep,
1049 so that we do not impose a lock.
1050 One day we will be forced to put shlock here (I mean SMP)
1051 */
1052 tryaddrmatch = (sin_orig.sin_family == AF_INET);
1053 memset(sin, 0, sizeof(*sin));
1054 sin->sin_family = AF_INET;
1055 break;
1056
1057 case SIOCSIFFLAGS:
1058 ret = -EPERM;
1059 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
1060 goto out;
1061 break;
1062 case SIOCSIFADDR: /* Set interface address (and family) */
1063 case SIOCSIFBRDADDR: /* Set the broadcast address */
1064 case SIOCSIFDSTADDR: /* Set the destination address */
1065 case SIOCSIFNETMASK: /* Set the netmask for the interface */
1066 ret = -EPERM;
1067 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
1068 goto out;
1069 ret = -EINVAL;
1070 if (sin->sin_family != AF_INET)
1071 goto out;
1072 break;
1073 default:
1074 ret = -EINVAL;
1075 goto out;
1076 }
1077
1078 rtnl_lock();
1079
1080 ret = -ENODEV;
1081 dev = __dev_get_by_name(net, ifr->ifr_name);
1082 if (!dev)
1083 goto done;
1084
1085 if (colon)
1086 *colon = ':';
1087
1088 in_dev = __in_dev_get_rtnl(dev);
1089 if (in_dev) {
1090 if (tryaddrmatch) {
1091 /* Matthias Andree */
1092 /* compare label and address (4.4BSD style) */
1093 /* note: we only do this for a limited set of ioctls
1094 and only if the original address family was AF_INET.
1095 This is checked above. */
1096
1097 for (ifap = &in_dev->ifa_list;
1098 (ifa = rtnl_dereference(*ifap)) != NULL;
1099 ifap = &ifa->ifa_next) {
1100 if (!strcmp(ifr->ifr_name, ifa->ifa_label) &&
1101 sin_orig.sin_addr.s_addr ==
1102 ifa->ifa_local) {
1103 break; /* found */
1104 }
1105 }
1106 }
1107 /* we didn't get a match, maybe the application is
1108 4.3BSD-style and passed in junk so we fall back to
1109 comparing just the label */
1110 if (!ifa) {
1111 for (ifap = &in_dev->ifa_list;
1112 (ifa = rtnl_dereference(*ifap)) != NULL;
1113 ifap = &ifa->ifa_next)
1114 if (!strcmp(ifr->ifr_name, ifa->ifa_label))
1115 break;
1116 }
1117 }
1118
1119 ret = -EADDRNOTAVAIL;
1120 if (!ifa && cmd != SIOCSIFADDR && cmd != SIOCSIFFLAGS)
1121 goto done;
1122
1123 switch (cmd) {
1124 case SIOCGIFADDR: /* Get interface address */
1125 ret = 0;
1126 sin->sin_addr.s_addr = ifa->ifa_local;
1127 break;
1128
1129 case SIOCGIFBRDADDR: /* Get the broadcast address */
1130 ret = 0;
1131 sin->sin_addr.s_addr = ifa->ifa_broadcast;
1132 break;
1133
1134 case SIOCGIFDSTADDR: /* Get the destination address */
1135 ret = 0;
1136 sin->sin_addr.s_addr = ifa->ifa_address;
1137 break;
1138
1139 case SIOCGIFNETMASK: /* Get the netmask for the interface */
1140 ret = 0;
1141 sin->sin_addr.s_addr = ifa->ifa_mask;
1142 break;
1143
1144 case SIOCSIFFLAGS:
1145 if (colon) {
1146 ret = -EADDRNOTAVAIL;
1147 if (!ifa)
1148 break;
1149 ret = 0;
1150 if (!(ifr->ifr_flags & IFF_UP))
1151 inet_del_ifa(in_dev, ifap, 1);
1152 break;
1153 }
1154 ret = dev_change_flags(dev, ifr->ifr_flags, NULL);
1155 break;
1156
1157 case SIOCSIFADDR: /* Set interface address (and family) */
1158 ret = -EINVAL;
1159 if (inet_abc_len(sin->sin_addr.s_addr) < 0)
1160 break;
1161
1162 if (!ifa) {
1163 ret = -ENOBUFS;
1164 if (!in_dev)
1165 break;
1166 ifa = inet_alloc_ifa();
1167 if (!ifa)
1168 break;
1169 INIT_HLIST_NODE(&ifa->hash);
1170 if (colon)
1171 memcpy(ifa->ifa_label, ifr->ifr_name, IFNAMSIZ);
1172 else
1173 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
1174 } else {
1175 ret = 0;
1176 if (ifa->ifa_local == sin->sin_addr.s_addr)
1177 break;
1178 inet_del_ifa(in_dev, ifap, 0);
1179 ifa->ifa_broadcast = 0;
1180 ifa->ifa_scope = 0;
1181 }
1182
1183 ifa->ifa_address = ifa->ifa_local = sin->sin_addr.s_addr;
1184
1185 if (!(dev->flags & IFF_POINTOPOINT)) {
1186 ifa->ifa_prefixlen = inet_abc_len(ifa->ifa_address);
1187 ifa->ifa_mask = inet_make_mask(ifa->ifa_prefixlen);
1188 if ((dev->flags & IFF_BROADCAST) &&
1189 ifa->ifa_prefixlen < 31)
1190 ifa->ifa_broadcast = ifa->ifa_address |
1191 ~ifa->ifa_mask;
1192 } else {
1193 ifa->ifa_prefixlen = 32;
1194 ifa->ifa_mask = inet_make_mask(32);
1195 }
1196 set_ifa_lifetime(ifa, INFINITY_LIFE_TIME, INFINITY_LIFE_TIME);
1197 ret = inet_set_ifa(dev, ifa);
1198 break;
1199
1200 case SIOCSIFBRDADDR: /* Set the broadcast address */
1201 ret = 0;
1202 if (ifa->ifa_broadcast != sin->sin_addr.s_addr) {
1203 inet_del_ifa(in_dev, ifap, 0);
1204 ifa->ifa_broadcast = sin->sin_addr.s_addr;
1205 inet_insert_ifa(ifa);
1206 }
1207 break;
1208
1209 case SIOCSIFDSTADDR: /* Set the destination address */
1210 ret = 0;
1211 if (ifa->ifa_address == sin->sin_addr.s_addr)
1212 break;
1213 ret = -EINVAL;
1214 if (inet_abc_len(sin->sin_addr.s_addr) < 0)
1215 break;
1216 ret = 0;
1217 inet_del_ifa(in_dev, ifap, 0);
1218 ifa->ifa_address = sin->sin_addr.s_addr;
1219 inet_insert_ifa(ifa);
1220 break;
1221
1222 case SIOCSIFNETMASK: /* Set the netmask for the interface */
1223
1224 /*
1225 * The mask we set must be legal.
1226 */
1227 ret = -EINVAL;
1228 if (bad_mask(sin->sin_addr.s_addr, 0))
1229 break;
1230 ret = 0;
1231 if (ifa->ifa_mask != sin->sin_addr.s_addr) {
1232 __be32 old_mask = ifa->ifa_mask;
1233 inet_del_ifa(in_dev, ifap, 0);
1234 ifa->ifa_mask = sin->sin_addr.s_addr;
1235 ifa->ifa_prefixlen = inet_mask_len(ifa->ifa_mask);
1236
1237 /* See if current broadcast address matches
1238 * with current netmask, then recalculate
1239 * the broadcast address. Otherwise it's a
1240 * funny address, so don't touch it since
1241 * the user seems to know what (s)he's doing...
1242 */
1243 if ((dev->flags & IFF_BROADCAST) &&
1244 (ifa->ifa_prefixlen < 31) &&
1245 (ifa->ifa_broadcast ==
1246 (ifa->ifa_local|~old_mask))) {
1247 ifa->ifa_broadcast = (ifa->ifa_local |
1248 ~sin->sin_addr.s_addr);
1249 }
1250 inet_insert_ifa(ifa);
1251 }
1252 break;
1253 }
1254done:
1255 rtnl_unlock();
1256out:
1257 return ret;
1258}
1259
1260static int inet_gifconf(struct net_device *dev, char __user *buf, int len, int size)
1261{
1262 struct in_device *in_dev = __in_dev_get_rtnl(dev);
1263 const struct in_ifaddr *ifa;
1264 struct ifreq ifr;
1265 int done = 0;
1266
1267 if (WARN_ON(size > sizeof(struct ifreq)))
1268 goto out;
1269
1270 if (!in_dev)
1271 goto out;
1272
1273 in_dev_for_each_ifa_rtnl(ifa, in_dev) {
1274 if (!buf) {
1275 done += size;
1276 continue;
1277 }
1278 if (len < size)
1279 break;
1280 memset(&ifr, 0, sizeof(struct ifreq));
1281 strcpy(ifr.ifr_name, ifa->ifa_label);
1282
1283 (*(struct sockaddr_in *)&ifr.ifr_addr).sin_family = AF_INET;
1284 (*(struct sockaddr_in *)&ifr.ifr_addr).sin_addr.s_addr =
1285 ifa->ifa_local;
1286
1287 if (copy_to_user(buf + done, &ifr, size)) {
1288 done = -EFAULT;
1289 break;
1290 }
1291 len -= size;
1292 done += size;
1293 }
1294out:
1295 return done;
1296}
1297
1298static __be32 in_dev_select_addr(const struct in_device *in_dev,
1299 int scope)
1300{
1301 const struct in_ifaddr *ifa;
1302
1303 in_dev_for_each_ifa_rcu(ifa, in_dev) {
1304 if (ifa->ifa_flags & IFA_F_SECONDARY)
1305 continue;
1306 if (ifa->ifa_scope != RT_SCOPE_LINK &&
1307 ifa->ifa_scope <= scope)
1308 return ifa->ifa_local;
1309 }
1310
1311 return 0;
1312}
1313
1314__be32 inet_select_addr(const struct net_device *dev, __be32 dst, int scope)
1315{
1316 const struct in_ifaddr *ifa;
1317 __be32 addr = 0;
1318 unsigned char localnet_scope = RT_SCOPE_HOST;
1319 struct in_device *in_dev;
1320 struct net *net = dev_net(dev);
1321 int master_idx;
1322
1323 rcu_read_lock();
1324 in_dev = __in_dev_get_rcu(dev);
1325 if (!in_dev)
1326 goto no_in_dev;
1327
1328 if (unlikely(IN_DEV_ROUTE_LOCALNET(in_dev)))
1329 localnet_scope = RT_SCOPE_LINK;
1330
1331 in_dev_for_each_ifa_rcu(ifa, in_dev) {
1332 if (ifa->ifa_flags & IFA_F_SECONDARY)
1333 continue;
1334 if (min(ifa->ifa_scope, localnet_scope) > scope)
1335 continue;
1336 if (!dst || inet_ifa_match(dst, ifa)) {
1337 addr = ifa->ifa_local;
1338 break;
1339 }
1340 if (!addr)
1341 addr = ifa->ifa_local;
1342 }
1343
1344 if (addr)
1345 goto out_unlock;
1346no_in_dev:
1347 master_idx = l3mdev_master_ifindex_rcu(dev);
1348
1349 /* For VRFs, the VRF device takes the place of the loopback device,
1350 * with addresses on it being preferred. Note in such cases the
1351 * loopback device will be among the devices that fail the master_idx
1352 * equality check in the loop below.
1353 */
1354 if (master_idx &&
1355 (dev = dev_get_by_index_rcu(net, master_idx)) &&
1356 (in_dev = __in_dev_get_rcu(dev))) {
1357 addr = in_dev_select_addr(in_dev, scope);
1358 if (addr)
1359 goto out_unlock;
1360 }
1361
1362 /* Not loopback addresses on loopback should be preferred
1363 in this case. It is important that lo is the first interface
1364 in dev_base list.
1365 */
1366 for_each_netdev_rcu(net, dev) {
1367 if (l3mdev_master_ifindex_rcu(dev) != master_idx)
1368 continue;
1369
1370 in_dev = __in_dev_get_rcu(dev);
1371 if (!in_dev)
1372 continue;
1373
1374 addr = in_dev_select_addr(in_dev, scope);
1375 if (addr)
1376 goto out_unlock;
1377 }
1378out_unlock:
1379 rcu_read_unlock();
1380 return addr;
1381}
1382EXPORT_SYMBOL(inet_select_addr);
1383
1384static __be32 confirm_addr_indev(struct in_device *in_dev, __be32 dst,
1385 __be32 local, int scope)
1386{
1387 unsigned char localnet_scope = RT_SCOPE_HOST;
1388 const struct in_ifaddr *ifa;
1389 __be32 addr = 0;
1390 int same = 0;
1391
1392 if (unlikely(IN_DEV_ROUTE_LOCALNET(in_dev)))
1393 localnet_scope = RT_SCOPE_LINK;
1394
1395 in_dev_for_each_ifa_rcu(ifa, in_dev) {
1396 unsigned char min_scope = min(ifa->ifa_scope, localnet_scope);
1397
1398 if (!addr &&
1399 (local == ifa->ifa_local || !local) &&
1400 min_scope <= scope) {
1401 addr = ifa->ifa_local;
1402 if (same)
1403 break;
1404 }
1405 if (!same) {
1406 same = (!local || inet_ifa_match(local, ifa)) &&
1407 (!dst || inet_ifa_match(dst, ifa));
1408 if (same && addr) {
1409 if (local || !dst)
1410 break;
1411 /* Is the selected addr into dst subnet? */
1412 if (inet_ifa_match(addr, ifa))
1413 break;
1414 /* No, then can we use new local src? */
1415 if (min_scope <= scope) {
1416 addr = ifa->ifa_local;
1417 break;
1418 }
1419 /* search for large dst subnet for addr */
1420 same = 0;
1421 }
1422 }
1423 }
1424
1425 return same ? addr : 0;
1426}
1427
1428/*
1429 * Confirm that local IP address exists using wildcards:
1430 * - net: netns to check, cannot be NULL
1431 * - in_dev: only on this interface, NULL=any interface
1432 * - dst: only in the same subnet as dst, 0=any dst
1433 * - local: address, 0=autoselect the local address
1434 * - scope: maximum allowed scope value for the local address
1435 */
1436__be32 inet_confirm_addr(struct net *net, struct in_device *in_dev,
1437 __be32 dst, __be32 local, int scope)
1438{
1439 __be32 addr = 0;
1440 struct net_device *dev;
1441
1442 if (in_dev)
1443 return confirm_addr_indev(in_dev, dst, local, scope);
1444
1445 rcu_read_lock();
1446 for_each_netdev_rcu(net, dev) {
1447 in_dev = __in_dev_get_rcu(dev);
1448 if (in_dev) {
1449 addr = confirm_addr_indev(in_dev, dst, local, scope);
1450 if (addr)
1451 break;
1452 }
1453 }
1454 rcu_read_unlock();
1455
1456 return addr;
1457}
1458EXPORT_SYMBOL(inet_confirm_addr);
1459
1460/*
1461 * Device notifier
1462 */
1463
1464int register_inetaddr_notifier(struct notifier_block *nb)
1465{
1466 return blocking_notifier_chain_register(&inetaddr_chain, nb);
1467}
1468EXPORT_SYMBOL(register_inetaddr_notifier);
1469
1470int unregister_inetaddr_notifier(struct notifier_block *nb)
1471{
1472 return blocking_notifier_chain_unregister(&inetaddr_chain, nb);
1473}
1474EXPORT_SYMBOL(unregister_inetaddr_notifier);
1475
1476int register_inetaddr_validator_notifier(struct notifier_block *nb)
1477{
1478 return blocking_notifier_chain_register(&inetaddr_validator_chain, nb);
1479}
1480EXPORT_SYMBOL(register_inetaddr_validator_notifier);
1481
1482int unregister_inetaddr_validator_notifier(struct notifier_block *nb)
1483{
1484 return blocking_notifier_chain_unregister(&inetaddr_validator_chain,
1485 nb);
1486}
1487EXPORT_SYMBOL(unregister_inetaddr_validator_notifier);
1488
1489/* Rename ifa_labels for a device name change. Make some effort to preserve
1490 * existing alias numbering and to create unique labels if possible.
1491*/
1492static void inetdev_changename(struct net_device *dev, struct in_device *in_dev)
1493{
1494 struct in_ifaddr *ifa;
1495 int named = 0;
1496
1497 in_dev_for_each_ifa_rtnl(ifa, in_dev) {
1498 char old[IFNAMSIZ], *dot;
1499
1500 memcpy(old, ifa->ifa_label, IFNAMSIZ);
1501 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
1502 if (named++ == 0)
1503 goto skip;
1504 dot = strchr(old, ':');
1505 if (!dot) {
1506 sprintf(old, ":%d", named);
1507 dot = old;
1508 }
1509 if (strlen(dot) + strlen(dev->name) < IFNAMSIZ)
1510 strcat(ifa->ifa_label, dot);
1511 else
1512 strcpy(ifa->ifa_label + (IFNAMSIZ - strlen(dot) - 1), dot);
1513skip:
1514 rtmsg_ifa(RTM_NEWADDR, ifa, NULL, 0);
1515 }
1516}
1517
1518static void inetdev_send_gratuitous_arp(struct net_device *dev,
1519 struct in_device *in_dev)
1520
1521{
1522 const struct in_ifaddr *ifa;
1523
1524 in_dev_for_each_ifa_rtnl(ifa, in_dev) {
1525 arp_send(ARPOP_REQUEST, ETH_P_ARP,
1526 ifa->ifa_local, dev,
1527 ifa->ifa_local, NULL,
1528 dev->dev_addr, NULL);
1529 }
1530}
1531
1532/* Called only under RTNL semaphore */
1533
1534static int inetdev_event(struct notifier_block *this, unsigned long event,
1535 void *ptr)
1536{
1537 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
1538 struct in_device *in_dev = __in_dev_get_rtnl(dev);
1539
1540 ASSERT_RTNL();
1541
1542 if (!in_dev) {
1543 if (event == NETDEV_REGISTER) {
1544 in_dev = inetdev_init(dev);
1545 if (IS_ERR(in_dev))
1546 return notifier_from_errno(PTR_ERR(in_dev));
1547 if (dev->flags & IFF_LOOPBACK) {
1548 IN_DEV_CONF_SET(in_dev, NOXFRM, 1);
1549 IN_DEV_CONF_SET(in_dev, NOPOLICY, 1);
1550 }
1551 } else if (event == NETDEV_CHANGEMTU) {
1552 /* Re-enabling IP */
1553 if (inetdev_valid_mtu(dev->mtu))
1554 in_dev = inetdev_init(dev);
1555 }
1556 goto out;
1557 }
1558
1559 switch (event) {
1560 case NETDEV_REGISTER:
1561 pr_debug("%s: bug\n", __func__);
1562 RCU_INIT_POINTER(dev->ip_ptr, NULL);
1563 break;
1564 case NETDEV_UP:
1565 if (!inetdev_valid_mtu(dev->mtu))
1566 break;
1567 if (dev->flags & IFF_LOOPBACK) {
1568 struct in_ifaddr *ifa = inet_alloc_ifa();
1569
1570 if (ifa) {
1571 INIT_HLIST_NODE(&ifa->hash);
1572 ifa->ifa_local =
1573 ifa->ifa_address = htonl(INADDR_LOOPBACK);
1574 ifa->ifa_prefixlen = 8;
1575 ifa->ifa_mask = inet_make_mask(8);
1576 in_dev_hold(in_dev);
1577 ifa->ifa_dev = in_dev;
1578 ifa->ifa_scope = RT_SCOPE_HOST;
1579 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
1580 set_ifa_lifetime(ifa, INFINITY_LIFE_TIME,
1581 INFINITY_LIFE_TIME);
1582 ipv4_devconf_setall(in_dev);
1583 neigh_parms_data_state_setall(in_dev->arp_parms);
1584 inet_insert_ifa(ifa);
1585 }
1586 }
1587 ip_mc_up(in_dev);
1588 /* fall through */
1589 case NETDEV_CHANGEADDR:
1590 if (!IN_DEV_ARP_NOTIFY(in_dev))
1591 break;
1592 /* fall through */
1593 case NETDEV_NOTIFY_PEERS:
1594 /* Send gratuitous ARP to notify of link change */
1595 inetdev_send_gratuitous_arp(dev, in_dev);
1596 break;
1597 case NETDEV_DOWN:
1598 ip_mc_down(in_dev);
1599 break;
1600 case NETDEV_PRE_TYPE_CHANGE:
1601 ip_mc_unmap(in_dev);
1602 break;
1603 case NETDEV_POST_TYPE_CHANGE:
1604 ip_mc_remap(in_dev);
1605 break;
1606 case NETDEV_CHANGEMTU:
1607 if (inetdev_valid_mtu(dev->mtu))
1608 break;
1609 /* disable IP when MTU is not enough */
1610 /* fall through */
1611 case NETDEV_UNREGISTER:
1612 inetdev_destroy(in_dev);
1613 break;
1614 case NETDEV_CHANGENAME:
1615 /* Do not notify about label change, this event is
1616 * not interesting to applications using netlink.
1617 */
1618 inetdev_changename(dev, in_dev);
1619
1620 devinet_sysctl_unregister(in_dev);
1621 devinet_sysctl_register(in_dev);
1622 break;
1623 }
1624out:
1625 return NOTIFY_DONE;
1626}
1627
1628static struct notifier_block ip_netdev_notifier = {
1629 .notifier_call = inetdev_event,
1630};
1631
1632static size_t inet_nlmsg_size(void)
1633{
1634 return NLMSG_ALIGN(sizeof(struct ifaddrmsg))
1635 + nla_total_size(4) /* IFA_ADDRESS */
1636 + nla_total_size(4) /* IFA_LOCAL */
1637 + nla_total_size(4) /* IFA_BROADCAST */
1638 + nla_total_size(IFNAMSIZ) /* IFA_LABEL */
1639 + nla_total_size(4) /* IFA_FLAGS */
1640 + nla_total_size(4) /* IFA_RT_PRIORITY */
1641 + nla_total_size(sizeof(struct ifa_cacheinfo)); /* IFA_CACHEINFO */
1642}
1643
1644static inline u32 cstamp_delta(unsigned long cstamp)
1645{
1646 return (cstamp - INITIAL_JIFFIES) * 100UL / HZ;
1647}
1648
1649static int put_cacheinfo(struct sk_buff *skb, unsigned long cstamp,
1650 unsigned long tstamp, u32 preferred, u32 valid)
1651{
1652 struct ifa_cacheinfo ci;
1653
1654 ci.cstamp = cstamp_delta(cstamp);
1655 ci.tstamp = cstamp_delta(tstamp);
1656 ci.ifa_prefered = preferred;
1657 ci.ifa_valid = valid;
1658
1659 return nla_put(skb, IFA_CACHEINFO, sizeof(ci), &ci);
1660}
1661
1662static int inet_fill_ifaddr(struct sk_buff *skb, struct in_ifaddr *ifa,
1663 struct inet_fill_args *args)
1664{
1665 struct ifaddrmsg *ifm;
1666 struct nlmsghdr *nlh;
1667 u32 preferred, valid;
1668
1669 nlh = nlmsg_put(skb, args->portid, args->seq, args->event, sizeof(*ifm),
1670 args->flags);
1671 if (!nlh)
1672 return -EMSGSIZE;
1673
1674 ifm = nlmsg_data(nlh);
1675 ifm->ifa_family = AF_INET;
1676 ifm->ifa_prefixlen = ifa->ifa_prefixlen;
1677 ifm->ifa_flags = ifa->ifa_flags;
1678 ifm->ifa_scope = ifa->ifa_scope;
1679 ifm->ifa_index = ifa->ifa_dev->dev->ifindex;
1680
1681 if (args->netnsid >= 0 &&
1682 nla_put_s32(skb, IFA_TARGET_NETNSID, args->netnsid))
1683 goto nla_put_failure;
1684
1685 if (!(ifm->ifa_flags & IFA_F_PERMANENT)) {
1686 preferred = ifa->ifa_preferred_lft;
1687 valid = ifa->ifa_valid_lft;
1688 if (preferred != INFINITY_LIFE_TIME) {
1689 long tval = (jiffies - ifa->ifa_tstamp) / HZ;
1690
1691 if (preferred > tval)
1692 preferred -= tval;
1693 else
1694 preferred = 0;
1695 if (valid != INFINITY_LIFE_TIME) {
1696 if (valid > tval)
1697 valid -= tval;
1698 else
1699 valid = 0;
1700 }
1701 }
1702 } else {
1703 preferred = INFINITY_LIFE_TIME;
1704 valid = INFINITY_LIFE_TIME;
1705 }
1706 if ((ifa->ifa_address &&
1707 nla_put_in_addr(skb, IFA_ADDRESS, ifa->ifa_address)) ||
1708 (ifa->ifa_local &&
1709 nla_put_in_addr(skb, IFA_LOCAL, ifa->ifa_local)) ||
1710 (ifa->ifa_broadcast &&
1711 nla_put_in_addr(skb, IFA_BROADCAST, ifa->ifa_broadcast)) ||
1712 (ifa->ifa_label[0] &&
1713 nla_put_string(skb, IFA_LABEL, ifa->ifa_label)) ||
1714 nla_put_u32(skb, IFA_FLAGS, ifa->ifa_flags) ||
1715 (ifa->ifa_rt_priority &&
1716 nla_put_u32(skb, IFA_RT_PRIORITY, ifa->ifa_rt_priority)) ||
1717 put_cacheinfo(skb, ifa->ifa_cstamp, ifa->ifa_tstamp,
1718 preferred, valid))
1719 goto nla_put_failure;
1720
1721 nlmsg_end(skb, nlh);
1722 return 0;
1723
1724nla_put_failure:
1725 nlmsg_cancel(skb, nlh);
1726 return -EMSGSIZE;
1727}
1728
1729static int inet_valid_dump_ifaddr_req(const struct nlmsghdr *nlh,
1730 struct inet_fill_args *fillargs,
1731 struct net **tgt_net, struct sock *sk,
1732 struct netlink_callback *cb)
1733{
1734 struct netlink_ext_ack *extack = cb->extack;
1735 struct nlattr *tb[IFA_MAX+1];
1736 struct ifaddrmsg *ifm;
1737 int err, i;
1738
1739 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*ifm))) {
1740 NL_SET_ERR_MSG(extack, "ipv4: Invalid header for address dump request");
1741 return -EINVAL;
1742 }
1743
1744 ifm = nlmsg_data(nlh);
1745 if (ifm->ifa_prefixlen || ifm->ifa_flags || ifm->ifa_scope) {
1746 NL_SET_ERR_MSG(extack, "ipv4: Invalid values in header for address dump request");
1747 return -EINVAL;
1748 }
1749
1750 fillargs->ifindex = ifm->ifa_index;
1751 if (fillargs->ifindex) {
1752 cb->answer_flags |= NLM_F_DUMP_FILTERED;
1753 fillargs->flags |= NLM_F_DUMP_FILTERED;
1754 }
1755
1756 err = nlmsg_parse_deprecated_strict(nlh, sizeof(*ifm), tb, IFA_MAX,
1757 ifa_ipv4_policy, extack);
1758 if (err < 0)
1759 return err;
1760
1761 for (i = 0; i <= IFA_MAX; ++i) {
1762 if (!tb[i])
1763 continue;
1764
1765 if (i == IFA_TARGET_NETNSID) {
1766 struct net *net;
1767
1768 fillargs->netnsid = nla_get_s32(tb[i]);
1769
1770 net = rtnl_get_net_ns_capable(sk, fillargs->netnsid);
1771 if (IS_ERR(net)) {
1772 fillargs->netnsid = -1;
1773 NL_SET_ERR_MSG(extack, "ipv4: Invalid target network namespace id");
1774 return PTR_ERR(net);
1775 }
1776 *tgt_net = net;
1777 } else {
1778 NL_SET_ERR_MSG(extack, "ipv4: Unsupported attribute in dump request");
1779 return -EINVAL;
1780 }
1781 }
1782
1783 return 0;
1784}
1785
1786static int in_dev_dump_addr(struct in_device *in_dev, struct sk_buff *skb,
1787 struct netlink_callback *cb, int s_ip_idx,
1788 struct inet_fill_args *fillargs)
1789{
1790 struct in_ifaddr *ifa;
1791 int ip_idx = 0;
1792 int err;
1793
1794 in_dev_for_each_ifa_rtnl(ifa, in_dev) {
1795 if (ip_idx < s_ip_idx) {
1796 ip_idx++;
1797 continue;
1798 }
1799 err = inet_fill_ifaddr(skb, ifa, fillargs);
1800 if (err < 0)
1801 goto done;
1802
1803 nl_dump_check_consistent(cb, nlmsg_hdr(skb));
1804 ip_idx++;
1805 }
1806 err = 0;
1807
1808done:
1809 cb->args[2] = ip_idx;
1810
1811 return err;
1812}
1813
1814/* Combine dev_addr_genid and dev_base_seq to detect changes.
1815 */
1816static u32 inet_base_seq(const struct net *net)
1817{
1818 u32 res = atomic_read(&net->ipv4.dev_addr_genid) +
1819 net->dev_base_seq;
1820
1821 /* Must not return 0 (see nl_dump_check_consistent()).
1822 * Chose a value far away from 0.
1823 */
1824 if (!res)
1825 res = 0x80000000;
1826 return res;
1827}
1828
1829static int inet_dump_ifaddr(struct sk_buff *skb, struct netlink_callback *cb)
1830{
1831 const struct nlmsghdr *nlh = cb->nlh;
1832 struct inet_fill_args fillargs = {
1833 .portid = NETLINK_CB(cb->skb).portid,
1834 .seq = nlh->nlmsg_seq,
1835 .event = RTM_NEWADDR,
1836 .flags = NLM_F_MULTI,
1837 .netnsid = -1,
1838 };
1839 struct net *net = sock_net(skb->sk);
1840 struct net *tgt_net = net;
1841 int h, s_h;
1842 int idx, s_idx;
1843 int s_ip_idx;
1844 struct net_device *dev;
1845 struct in_device *in_dev;
1846 struct hlist_head *head;
1847 int err = 0;
1848
1849 s_h = cb->args[0];
1850 s_idx = idx = cb->args[1];
1851 s_ip_idx = cb->args[2];
1852
1853 if (cb->strict_check) {
1854 err = inet_valid_dump_ifaddr_req(nlh, &fillargs, &tgt_net,
1855 skb->sk, cb);
1856 if (err < 0)
1857 goto put_tgt_net;
1858
1859 err = 0;
1860 if (fillargs.ifindex) {
1861 dev = __dev_get_by_index(tgt_net, fillargs.ifindex);
1862 if (!dev) {
1863 err = -ENODEV;
1864 goto put_tgt_net;
1865 }
1866
1867 in_dev = __in_dev_get_rtnl(dev);
1868 if (in_dev) {
1869 err = in_dev_dump_addr(in_dev, skb, cb, s_ip_idx,
1870 &fillargs);
1871 }
1872 goto put_tgt_net;
1873 }
1874 }
1875
1876 for (h = s_h; h < NETDEV_HASHENTRIES; h++, s_idx = 0) {
1877 idx = 0;
1878 head = &tgt_net->dev_index_head[h];
1879 rcu_read_lock();
1880 cb->seq = inet_base_seq(tgt_net);
1881 hlist_for_each_entry_rcu(dev, head, index_hlist) {
1882 if (idx < s_idx)
1883 goto cont;
1884 if (h > s_h || idx > s_idx)
1885 s_ip_idx = 0;
1886 in_dev = __in_dev_get_rcu(dev);
1887 if (!in_dev)
1888 goto cont;
1889
1890 err = in_dev_dump_addr(in_dev, skb, cb, s_ip_idx,
1891 &fillargs);
1892 if (err < 0) {
1893 rcu_read_unlock();
1894 goto done;
1895 }
1896cont:
1897 idx++;
1898 }
1899 rcu_read_unlock();
1900 }
1901
1902done:
1903 cb->args[0] = h;
1904 cb->args[1] = idx;
1905put_tgt_net:
1906 if (fillargs.netnsid >= 0)
1907 put_net(tgt_net);
1908
1909 return skb->len ? : err;
1910}
1911
1912static void rtmsg_ifa(int event, struct in_ifaddr *ifa, struct nlmsghdr *nlh,
1913 u32 portid)
1914{
1915 struct inet_fill_args fillargs = {
1916 .portid = portid,
1917 .seq = nlh ? nlh->nlmsg_seq : 0,
1918 .event = event,
1919 .flags = 0,
1920 .netnsid = -1,
1921 };
1922 struct sk_buff *skb;
1923 int err = -ENOBUFS;
1924 struct net *net;
1925
1926 net = dev_net(ifa->ifa_dev->dev);
1927 skb = nlmsg_new(inet_nlmsg_size(), GFP_KERNEL);
1928 if (!skb)
1929 goto errout;
1930
1931 err = inet_fill_ifaddr(skb, ifa, &fillargs);
1932 if (err < 0) {
1933 /* -EMSGSIZE implies BUG in inet_nlmsg_size() */
1934 WARN_ON(err == -EMSGSIZE);
1935 kfree_skb(skb);
1936 goto errout;
1937 }
1938 rtnl_notify(skb, net, portid, RTNLGRP_IPV4_IFADDR, nlh, GFP_KERNEL);
1939 return;
1940errout:
1941 if (err < 0)
1942 rtnl_set_sk_err(net, RTNLGRP_IPV4_IFADDR, err);
1943}
1944
1945static size_t inet_get_link_af_size(const struct net_device *dev,
1946 u32 ext_filter_mask)
1947{
1948 struct in_device *in_dev = rcu_dereference_rtnl(dev->ip_ptr);
1949
1950 if (!in_dev)
1951 return 0;
1952
1953 return nla_total_size(IPV4_DEVCONF_MAX * 4); /* IFLA_INET_CONF */
1954}
1955
1956static int inet_fill_link_af(struct sk_buff *skb, const struct net_device *dev,
1957 u32 ext_filter_mask)
1958{
1959 struct in_device *in_dev = rcu_dereference_rtnl(dev->ip_ptr);
1960 struct nlattr *nla;
1961 int i;
1962
1963 if (!in_dev)
1964 return -ENODATA;
1965
1966 nla = nla_reserve(skb, IFLA_INET_CONF, IPV4_DEVCONF_MAX * 4);
1967 if (!nla)
1968 return -EMSGSIZE;
1969
1970 for (i = 0; i < IPV4_DEVCONF_MAX; i++)
1971 ((u32 *) nla_data(nla))[i] = in_dev->cnf.data[i];
1972
1973 return 0;
1974}
1975
1976static const struct nla_policy inet_af_policy[IFLA_INET_MAX+1] = {
1977 [IFLA_INET_CONF] = { .type = NLA_NESTED },
1978};
1979
1980static int inet_validate_link_af(const struct net_device *dev,
1981 const struct nlattr *nla)
1982{
1983 struct nlattr *a, *tb[IFLA_INET_MAX+1];
1984 int err, rem;
1985
1986 if (dev && !__in_dev_get_rcu(dev))
1987 return -EAFNOSUPPORT;
1988
1989 err = nla_parse_nested_deprecated(tb, IFLA_INET_MAX, nla,
1990 inet_af_policy, NULL);
1991 if (err < 0)
1992 return err;
1993
1994 if (tb[IFLA_INET_CONF]) {
1995 nla_for_each_nested(a, tb[IFLA_INET_CONF], rem) {
1996 int cfgid = nla_type(a);
1997
1998 if (nla_len(a) < 4)
1999 return -EINVAL;
2000
2001 if (cfgid <= 0 || cfgid > IPV4_DEVCONF_MAX)
2002 return -EINVAL;
2003 }
2004 }
2005
2006 return 0;
2007}
2008
2009static int inet_set_link_af(struct net_device *dev, const struct nlattr *nla)
2010{
2011 struct in_device *in_dev = __in_dev_get_rcu(dev);
2012 struct nlattr *a, *tb[IFLA_INET_MAX+1];
2013 int rem;
2014
2015 if (!in_dev)
2016 return -EAFNOSUPPORT;
2017
2018 if (nla_parse_nested_deprecated(tb, IFLA_INET_MAX, nla, NULL, NULL) < 0)
2019 return -EINVAL;
2020
2021 if (tb[IFLA_INET_CONF]) {
2022 nla_for_each_nested(a, tb[IFLA_INET_CONF], rem)
2023 ipv4_devconf_set(in_dev, nla_type(a), nla_get_u32(a));
2024 }
2025
2026 return 0;
2027}
2028
2029static int inet_netconf_msgsize_devconf(int type)
2030{
2031 int size = NLMSG_ALIGN(sizeof(struct netconfmsg))
2032 + nla_total_size(4); /* NETCONFA_IFINDEX */
2033 bool all = false;
2034
2035 if (type == NETCONFA_ALL)
2036 all = true;
2037
2038 if (all || type == NETCONFA_FORWARDING)
2039 size += nla_total_size(4);
2040 if (all || type == NETCONFA_RP_FILTER)
2041 size += nla_total_size(4);
2042 if (all || type == NETCONFA_MC_FORWARDING)
2043 size += nla_total_size(4);
2044 if (all || type == NETCONFA_BC_FORWARDING)
2045 size += nla_total_size(4);
2046 if (all || type == NETCONFA_PROXY_NEIGH)
2047 size += nla_total_size(4);
2048 if (all || type == NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN)
2049 size += nla_total_size(4);
2050
2051 return size;
2052}
2053
2054static int inet_netconf_fill_devconf(struct sk_buff *skb, int ifindex,
2055 struct ipv4_devconf *devconf, u32 portid,
2056 u32 seq, int event, unsigned int flags,
2057 int type)
2058{
2059 struct nlmsghdr *nlh;
2060 struct netconfmsg *ncm;
2061 bool all = false;
2062
2063 nlh = nlmsg_put(skb, portid, seq, event, sizeof(struct netconfmsg),
2064 flags);
2065 if (!nlh)
2066 return -EMSGSIZE;
2067
2068 if (type == NETCONFA_ALL)
2069 all = true;
2070
2071 ncm = nlmsg_data(nlh);
2072 ncm->ncm_family = AF_INET;
2073
2074 if (nla_put_s32(skb, NETCONFA_IFINDEX, ifindex) < 0)
2075 goto nla_put_failure;
2076
2077 if (!devconf)
2078 goto out;
2079
2080 if ((all || type == NETCONFA_FORWARDING) &&
2081 nla_put_s32(skb, NETCONFA_FORWARDING,
2082 IPV4_DEVCONF(*devconf, FORWARDING)) < 0)
2083 goto nla_put_failure;
2084 if ((all || type == NETCONFA_RP_FILTER) &&
2085 nla_put_s32(skb, NETCONFA_RP_FILTER,
2086 IPV4_DEVCONF(*devconf, RP_FILTER)) < 0)
2087 goto nla_put_failure;
2088 if ((all || type == NETCONFA_MC_FORWARDING) &&
2089 nla_put_s32(skb, NETCONFA_MC_FORWARDING,
2090 IPV4_DEVCONF(*devconf, MC_FORWARDING)) < 0)
2091 goto nla_put_failure;
2092 if ((all || type == NETCONFA_BC_FORWARDING) &&
2093 nla_put_s32(skb, NETCONFA_BC_FORWARDING,
2094 IPV4_DEVCONF(*devconf, BC_FORWARDING)) < 0)
2095 goto nla_put_failure;
2096 if ((all || type == NETCONFA_PROXY_NEIGH) &&
2097 nla_put_s32(skb, NETCONFA_PROXY_NEIGH,
2098 IPV4_DEVCONF(*devconf, PROXY_ARP)) < 0)
2099 goto nla_put_failure;
2100 if ((all || type == NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN) &&
2101 nla_put_s32(skb, NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN,
2102 IPV4_DEVCONF(*devconf, IGNORE_ROUTES_WITH_LINKDOWN)) < 0)
2103 goto nla_put_failure;
2104
2105out:
2106 nlmsg_end(skb, nlh);
2107 return 0;
2108
2109nla_put_failure:
2110 nlmsg_cancel(skb, nlh);
2111 return -EMSGSIZE;
2112}
2113
2114void inet_netconf_notify_devconf(struct net *net, int event, int type,
2115 int ifindex, struct ipv4_devconf *devconf)
2116{
2117 struct sk_buff *skb;
2118 int err = -ENOBUFS;
2119
2120 skb = nlmsg_new(inet_netconf_msgsize_devconf(type), GFP_KERNEL);
2121 if (!skb)
2122 goto errout;
2123
2124 err = inet_netconf_fill_devconf(skb, ifindex, devconf, 0, 0,
2125 event, 0, type);
2126 if (err < 0) {
2127 /* -EMSGSIZE implies BUG in inet_netconf_msgsize_devconf() */
2128 WARN_ON(err == -EMSGSIZE);
2129 kfree_skb(skb);
2130 goto errout;
2131 }
2132 rtnl_notify(skb, net, 0, RTNLGRP_IPV4_NETCONF, NULL, GFP_KERNEL);
2133 return;
2134errout:
2135 if (err < 0)
2136 rtnl_set_sk_err(net, RTNLGRP_IPV4_NETCONF, err);
2137}
2138
2139static const struct nla_policy devconf_ipv4_policy[NETCONFA_MAX+1] = {
2140 [NETCONFA_IFINDEX] = { .len = sizeof(int) },
2141 [NETCONFA_FORWARDING] = { .len = sizeof(int) },
2142 [NETCONFA_RP_FILTER] = { .len = sizeof(int) },
2143 [NETCONFA_PROXY_NEIGH] = { .len = sizeof(int) },
2144 [NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN] = { .len = sizeof(int) },
2145};
2146
2147static int inet_netconf_valid_get_req(struct sk_buff *skb,
2148 const struct nlmsghdr *nlh,
2149 struct nlattr **tb,
2150 struct netlink_ext_ack *extack)
2151{
2152 int i, err;
2153
2154 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(struct netconfmsg))) {
2155 NL_SET_ERR_MSG(extack, "ipv4: Invalid header for netconf get request");
2156 return -EINVAL;
2157 }
2158
2159 if (!netlink_strict_get_check(skb))
2160 return nlmsg_parse_deprecated(nlh, sizeof(struct netconfmsg),
2161 tb, NETCONFA_MAX,
2162 devconf_ipv4_policy, extack);
2163
2164 err = nlmsg_parse_deprecated_strict(nlh, sizeof(struct netconfmsg),
2165 tb, NETCONFA_MAX,
2166 devconf_ipv4_policy, extack);
2167 if (err)
2168 return err;
2169
2170 for (i = 0; i <= NETCONFA_MAX; i++) {
2171 if (!tb[i])
2172 continue;
2173
2174 switch (i) {
2175 case NETCONFA_IFINDEX:
2176 break;
2177 default:
2178 NL_SET_ERR_MSG(extack, "ipv4: Unsupported attribute in netconf get request");
2179 return -EINVAL;
2180 }
2181 }
2182
2183 return 0;
2184}
2185
2186static int inet_netconf_get_devconf(struct sk_buff *in_skb,
2187 struct nlmsghdr *nlh,
2188 struct netlink_ext_ack *extack)
2189{
2190 struct net *net = sock_net(in_skb->sk);
2191 struct nlattr *tb[NETCONFA_MAX+1];
2192 struct sk_buff *skb;
2193 struct ipv4_devconf *devconf;
2194 struct in_device *in_dev;
2195 struct net_device *dev;
2196 int ifindex;
2197 int err;
2198
2199 err = inet_netconf_valid_get_req(in_skb, nlh, tb, extack);
2200 if (err)
2201 goto errout;
2202
2203 err = -EINVAL;
2204 if (!tb[NETCONFA_IFINDEX])
2205 goto errout;
2206
2207 ifindex = nla_get_s32(tb[NETCONFA_IFINDEX]);
2208 switch (ifindex) {
2209 case NETCONFA_IFINDEX_ALL:
2210 devconf = net->ipv4.devconf_all;
2211 break;
2212 case NETCONFA_IFINDEX_DEFAULT:
2213 devconf = net->ipv4.devconf_dflt;
2214 break;
2215 default:
2216 dev = __dev_get_by_index(net, ifindex);
2217 if (!dev)
2218 goto errout;
2219 in_dev = __in_dev_get_rtnl(dev);
2220 if (!in_dev)
2221 goto errout;
2222 devconf = &in_dev->cnf;
2223 break;
2224 }
2225
2226 err = -ENOBUFS;
2227 skb = nlmsg_new(inet_netconf_msgsize_devconf(NETCONFA_ALL), GFP_KERNEL);
2228 if (!skb)
2229 goto errout;
2230
2231 err = inet_netconf_fill_devconf(skb, ifindex, devconf,
2232 NETLINK_CB(in_skb).portid,
2233 nlh->nlmsg_seq, RTM_NEWNETCONF, 0,
2234 NETCONFA_ALL);
2235 if (err < 0) {
2236 /* -EMSGSIZE implies BUG in inet_netconf_msgsize_devconf() */
2237 WARN_ON(err == -EMSGSIZE);
2238 kfree_skb(skb);
2239 goto errout;
2240 }
2241 err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).portid);
2242errout:
2243 return err;
2244}
2245
2246static int inet_netconf_dump_devconf(struct sk_buff *skb,
2247 struct netlink_callback *cb)
2248{
2249 const struct nlmsghdr *nlh = cb->nlh;
2250 struct net *net = sock_net(skb->sk);
2251 int h, s_h;
2252 int idx, s_idx;
2253 struct net_device *dev;
2254 struct in_device *in_dev;
2255 struct hlist_head *head;
2256
2257 if (cb->strict_check) {
2258 struct netlink_ext_ack *extack = cb->extack;
2259 struct netconfmsg *ncm;
2260
2261 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*ncm))) {
2262 NL_SET_ERR_MSG(extack, "ipv4: Invalid header for netconf dump request");
2263 return -EINVAL;
2264 }
2265
2266 if (nlmsg_attrlen(nlh, sizeof(*ncm))) {
2267 NL_SET_ERR_MSG(extack, "ipv4: Invalid data after header in netconf dump request");
2268 return -EINVAL;
2269 }
2270 }
2271
2272 s_h = cb->args[0];
2273 s_idx = idx = cb->args[1];
2274
2275 for (h = s_h; h < NETDEV_HASHENTRIES; h++, s_idx = 0) {
2276 idx = 0;
2277 head = &net->dev_index_head[h];
2278 rcu_read_lock();
2279 cb->seq = inet_base_seq(net);
2280 hlist_for_each_entry_rcu(dev, head, index_hlist) {
2281 if (idx < s_idx)
2282 goto cont;
2283 in_dev = __in_dev_get_rcu(dev);
2284 if (!in_dev)
2285 goto cont;
2286
2287 if (inet_netconf_fill_devconf(skb, dev->ifindex,
2288 &in_dev->cnf,
2289 NETLINK_CB(cb->skb).portid,
2290 nlh->nlmsg_seq,
2291 RTM_NEWNETCONF,
2292 NLM_F_MULTI,
2293 NETCONFA_ALL) < 0) {
2294 rcu_read_unlock();
2295 goto done;
2296 }
2297 nl_dump_check_consistent(cb, nlmsg_hdr(skb));
2298cont:
2299 idx++;
2300 }
2301 rcu_read_unlock();
2302 }
2303 if (h == NETDEV_HASHENTRIES) {
2304 if (inet_netconf_fill_devconf(skb, NETCONFA_IFINDEX_ALL,
2305 net->ipv4.devconf_all,
2306 NETLINK_CB(cb->skb).portid,
2307 nlh->nlmsg_seq,
2308 RTM_NEWNETCONF, NLM_F_MULTI,
2309 NETCONFA_ALL) < 0)
2310 goto done;
2311 else
2312 h++;
2313 }
2314 if (h == NETDEV_HASHENTRIES + 1) {
2315 if (inet_netconf_fill_devconf(skb, NETCONFA_IFINDEX_DEFAULT,
2316 net->ipv4.devconf_dflt,
2317 NETLINK_CB(cb->skb).portid,
2318 nlh->nlmsg_seq,
2319 RTM_NEWNETCONF, NLM_F_MULTI,
2320 NETCONFA_ALL) < 0)
2321 goto done;
2322 else
2323 h++;
2324 }
2325done:
2326 cb->args[0] = h;
2327 cb->args[1] = idx;
2328
2329 return skb->len;
2330}
2331
2332#ifdef CONFIG_SYSCTL
2333
2334static void devinet_copy_dflt_conf(struct net *net, int i)
2335{
2336 struct net_device *dev;
2337
2338 rcu_read_lock();
2339 for_each_netdev_rcu(net, dev) {
2340 struct in_device *in_dev;
2341
2342 in_dev = __in_dev_get_rcu(dev);
2343 if (in_dev && !test_bit(i, in_dev->cnf.state))
2344 in_dev->cnf.data[i] = net->ipv4.devconf_dflt->data[i];
2345 }
2346 rcu_read_unlock();
2347}
2348
2349/* called with RTNL locked */
2350static void inet_forward_change(struct net *net)
2351{
2352 struct net_device *dev;
2353 int on = IPV4_DEVCONF_ALL(net, FORWARDING);
2354
2355 IPV4_DEVCONF_ALL(net, ACCEPT_REDIRECTS) = !on;
2356 IPV4_DEVCONF_DFLT(net, FORWARDING) = on;
2357 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2358 NETCONFA_FORWARDING,
2359 NETCONFA_IFINDEX_ALL,
2360 net->ipv4.devconf_all);
2361 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2362 NETCONFA_FORWARDING,
2363 NETCONFA_IFINDEX_DEFAULT,
2364 net->ipv4.devconf_dflt);
2365
2366 for_each_netdev(net, dev) {
2367 struct in_device *in_dev;
2368
2369 if (on)
2370 dev_disable_lro(dev);
2371
2372 in_dev = __in_dev_get_rtnl(dev);
2373 if (in_dev) {
2374 IN_DEV_CONF_SET(in_dev, FORWARDING, on);
2375 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2376 NETCONFA_FORWARDING,
2377 dev->ifindex, &in_dev->cnf);
2378 }
2379 }
2380}
2381
2382static int devinet_conf_ifindex(struct net *net, struct ipv4_devconf *cnf)
2383{
2384 if (cnf == net->ipv4.devconf_dflt)
2385 return NETCONFA_IFINDEX_DEFAULT;
2386 else if (cnf == net->ipv4.devconf_all)
2387 return NETCONFA_IFINDEX_ALL;
2388 else {
2389 struct in_device *idev
2390 = container_of(cnf, struct in_device, cnf);
2391 return idev->dev->ifindex;
2392 }
2393}
2394
2395static int devinet_conf_proc(struct ctl_table *ctl, int write,
2396 void __user *buffer,
2397 size_t *lenp, loff_t *ppos)
2398{
2399 int old_value = *(int *)ctl->data;
2400 int ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
2401 int new_value = *(int *)ctl->data;
2402
2403 if (write) {
2404 struct ipv4_devconf *cnf = ctl->extra1;
2405 struct net *net = ctl->extra2;
2406 int i = (int *)ctl->data - cnf->data;
2407 int ifindex;
2408
2409 set_bit(i, cnf->state);
2410
2411 if (cnf == net->ipv4.devconf_dflt)
2412 devinet_copy_dflt_conf(net, i);
2413 if (i == IPV4_DEVCONF_ACCEPT_LOCAL - 1 ||
2414 i == IPV4_DEVCONF_ROUTE_LOCALNET - 1)
2415 if ((new_value == 0) && (old_value != 0))
2416 rt_cache_flush(net);
2417
2418 if (i == IPV4_DEVCONF_BC_FORWARDING - 1 &&
2419 new_value != old_value)
2420 rt_cache_flush(net);
2421
2422 if (i == IPV4_DEVCONF_RP_FILTER - 1 &&
2423 new_value != old_value) {
2424 ifindex = devinet_conf_ifindex(net, cnf);
2425 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2426 NETCONFA_RP_FILTER,
2427 ifindex, cnf);
2428 }
2429 if (i == IPV4_DEVCONF_PROXY_ARP - 1 &&
2430 new_value != old_value) {
2431 ifindex = devinet_conf_ifindex(net, cnf);
2432 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2433 NETCONFA_PROXY_NEIGH,
2434 ifindex, cnf);
2435 }
2436 if (i == IPV4_DEVCONF_IGNORE_ROUTES_WITH_LINKDOWN - 1 &&
2437 new_value != old_value) {
2438 ifindex = devinet_conf_ifindex(net, cnf);
2439 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2440 NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN,
2441 ifindex, cnf);
2442 }
2443 }
2444
2445 return ret;
2446}
2447
2448static int devinet_sysctl_forward(struct ctl_table *ctl, int write,
2449 void __user *buffer,
2450 size_t *lenp, loff_t *ppos)
2451{
2452 int *valp = ctl->data;
2453 int val = *valp;
2454 loff_t pos = *ppos;
2455 int ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
2456
2457 if (write && *valp != val) {
2458 struct net *net = ctl->extra2;
2459
2460 if (valp != &IPV4_DEVCONF_DFLT(net, FORWARDING)) {
2461 if (!rtnl_trylock()) {
2462 /* Restore the original values before restarting */
2463 *valp = val;
2464 *ppos = pos;
2465 return restart_syscall();
2466 }
2467 if (valp == &IPV4_DEVCONF_ALL(net, FORWARDING)) {
2468 inet_forward_change(net);
2469 } else {
2470 struct ipv4_devconf *cnf = ctl->extra1;
2471 struct in_device *idev =
2472 container_of(cnf, struct in_device, cnf);
2473 if (*valp)
2474 dev_disable_lro(idev->dev);
2475 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2476 NETCONFA_FORWARDING,
2477 idev->dev->ifindex,
2478 cnf);
2479 }
2480 rtnl_unlock();
2481 rt_cache_flush(net);
2482 } else
2483 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2484 NETCONFA_FORWARDING,
2485 NETCONFA_IFINDEX_DEFAULT,
2486 net->ipv4.devconf_dflt);
2487 }
2488
2489 return ret;
2490}
2491
2492static int ipv4_doint_and_flush(struct ctl_table *ctl, int write,
2493 void __user *buffer,
2494 size_t *lenp, loff_t *ppos)
2495{
2496 int *valp = ctl->data;
2497 int val = *valp;
2498 int ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
2499 struct net *net = ctl->extra2;
2500
2501 if (write && *valp != val)
2502 rt_cache_flush(net);
2503
2504 return ret;
2505}
2506
2507#define DEVINET_SYSCTL_ENTRY(attr, name, mval, proc) \
2508 { \
2509 .procname = name, \
2510 .data = ipv4_devconf.data + \
2511 IPV4_DEVCONF_ ## attr - 1, \
2512 .maxlen = sizeof(int), \
2513 .mode = mval, \
2514 .proc_handler = proc, \
2515 .extra1 = &ipv4_devconf, \
2516 }
2517
2518#define DEVINET_SYSCTL_RW_ENTRY(attr, name) \
2519 DEVINET_SYSCTL_ENTRY(attr, name, 0644, devinet_conf_proc)
2520
2521#define DEVINET_SYSCTL_RO_ENTRY(attr, name) \
2522 DEVINET_SYSCTL_ENTRY(attr, name, 0444, devinet_conf_proc)
2523
2524#define DEVINET_SYSCTL_COMPLEX_ENTRY(attr, name, proc) \
2525 DEVINET_SYSCTL_ENTRY(attr, name, 0644, proc)
2526
2527#define DEVINET_SYSCTL_FLUSHING_ENTRY(attr, name) \
2528 DEVINET_SYSCTL_COMPLEX_ENTRY(attr, name, ipv4_doint_and_flush)
2529
2530static struct devinet_sysctl_table {
2531 struct ctl_table_header *sysctl_header;
2532 struct ctl_table devinet_vars[__IPV4_DEVCONF_MAX];
2533} devinet_sysctl = {
2534 .devinet_vars = {
2535 DEVINET_SYSCTL_COMPLEX_ENTRY(FORWARDING, "forwarding",
2536 devinet_sysctl_forward),
2537 DEVINET_SYSCTL_RO_ENTRY(MC_FORWARDING, "mc_forwarding"),
2538 DEVINET_SYSCTL_RW_ENTRY(BC_FORWARDING, "bc_forwarding"),
2539
2540 DEVINET_SYSCTL_RW_ENTRY(ACCEPT_REDIRECTS, "accept_redirects"),
2541 DEVINET_SYSCTL_RW_ENTRY(SECURE_REDIRECTS, "secure_redirects"),
2542 DEVINET_SYSCTL_RW_ENTRY(SHARED_MEDIA, "shared_media"),
2543 DEVINET_SYSCTL_RW_ENTRY(RP_FILTER, "rp_filter"),
2544 DEVINET_SYSCTL_RW_ENTRY(SEND_REDIRECTS, "send_redirects"),
2545 DEVINET_SYSCTL_RW_ENTRY(ACCEPT_SOURCE_ROUTE,
2546 "accept_source_route"),
2547 DEVINET_SYSCTL_RW_ENTRY(ACCEPT_LOCAL, "accept_local"),
2548 DEVINET_SYSCTL_RW_ENTRY(SRC_VMARK, "src_valid_mark"),
2549 DEVINET_SYSCTL_RW_ENTRY(PROXY_ARP, "proxy_arp"),
2550 DEVINET_SYSCTL_RW_ENTRY(MEDIUM_ID, "medium_id"),
2551 DEVINET_SYSCTL_RW_ENTRY(BOOTP_RELAY, "bootp_relay"),
2552 DEVINET_SYSCTL_RW_ENTRY(LOG_MARTIANS, "log_martians"),
2553 DEVINET_SYSCTL_RW_ENTRY(TAG, "tag"),
2554 DEVINET_SYSCTL_RW_ENTRY(ARPFILTER, "arp_filter"),
2555 DEVINET_SYSCTL_RW_ENTRY(ARP_ANNOUNCE, "arp_announce"),
2556 DEVINET_SYSCTL_RW_ENTRY(ARP_IGNORE, "arp_ignore"),
2557 DEVINET_SYSCTL_RW_ENTRY(ARP_ACCEPT, "arp_accept"),
2558 DEVINET_SYSCTL_RW_ENTRY(ARP_NOTIFY, "arp_notify"),
2559 DEVINET_SYSCTL_RW_ENTRY(PROXY_ARP_PVLAN, "proxy_arp_pvlan"),
2560 DEVINET_SYSCTL_RW_ENTRY(FORCE_IGMP_VERSION,
2561 "force_igmp_version"),
2562 DEVINET_SYSCTL_RW_ENTRY(IGMPV2_UNSOLICITED_REPORT_INTERVAL,
2563 "igmpv2_unsolicited_report_interval"),
2564 DEVINET_SYSCTL_RW_ENTRY(IGMPV3_UNSOLICITED_REPORT_INTERVAL,
2565 "igmpv3_unsolicited_report_interval"),
2566 DEVINET_SYSCTL_RW_ENTRY(IGNORE_ROUTES_WITH_LINKDOWN,
2567 "ignore_routes_with_linkdown"),
2568 DEVINET_SYSCTL_RW_ENTRY(DROP_GRATUITOUS_ARP,
2569 "drop_gratuitous_arp"),
2570
2571 DEVINET_SYSCTL_FLUSHING_ENTRY(NOXFRM, "disable_xfrm"),
2572 DEVINET_SYSCTL_FLUSHING_ENTRY(NOPOLICY, "disable_policy"),
2573 DEVINET_SYSCTL_FLUSHING_ENTRY(PROMOTE_SECONDARIES,
2574 "promote_secondaries"),
2575 DEVINET_SYSCTL_FLUSHING_ENTRY(ROUTE_LOCALNET,
2576 "route_localnet"),
2577 DEVINET_SYSCTL_FLUSHING_ENTRY(DROP_UNICAST_IN_L2_MULTICAST,
2578 "drop_unicast_in_l2_multicast"),
2579 },
2580};
2581
2582static int __devinet_sysctl_register(struct net *net, char *dev_name,
2583 int ifindex, struct ipv4_devconf *p)
2584{
2585 int i;
2586 struct devinet_sysctl_table *t;
2587 char path[sizeof("net/ipv4/conf/") + IFNAMSIZ];
2588
2589 t = kmemdup(&devinet_sysctl, sizeof(*t), GFP_KERNEL);
2590 if (!t)
2591 goto out;
2592
2593 for (i = 0; i < ARRAY_SIZE(t->devinet_vars) - 1; i++) {
2594 t->devinet_vars[i].data += (char *)p - (char *)&ipv4_devconf;
2595 t->devinet_vars[i].extra1 = p;
2596 t->devinet_vars[i].extra2 = net;
2597 }
2598
2599 snprintf(path, sizeof(path), "net/ipv4/conf/%s", dev_name);
2600
2601 t->sysctl_header = register_net_sysctl(net, path, t->devinet_vars);
2602 if (!t->sysctl_header)
2603 goto free;
2604
2605 p->sysctl = t;
2606
2607 inet_netconf_notify_devconf(net, RTM_NEWNETCONF, NETCONFA_ALL,
2608 ifindex, p);
2609 return 0;
2610
2611free:
2612 kfree(t);
2613out:
2614 return -ENOMEM;
2615}
2616
2617static void __devinet_sysctl_unregister(struct net *net,
2618 struct ipv4_devconf *cnf, int ifindex)
2619{
2620 struct devinet_sysctl_table *t = cnf->sysctl;
2621
2622 if (t) {
2623 cnf->sysctl = NULL;
2624 unregister_net_sysctl_table(t->sysctl_header);
2625 kfree(t);
2626 }
2627
2628 inet_netconf_notify_devconf(net, RTM_DELNETCONF, 0, ifindex, NULL);
2629}
2630
2631static int devinet_sysctl_register(struct in_device *idev)
2632{
2633 int err;
2634
2635 if (!sysctl_dev_name_is_allowed(idev->dev->name))
2636 return -EINVAL;
2637
2638 err = neigh_sysctl_register(idev->dev, idev->arp_parms, NULL);
2639 if (err)
2640 return err;
2641 err = __devinet_sysctl_register(dev_net(idev->dev), idev->dev->name,
2642 idev->dev->ifindex, &idev->cnf);
2643 if (err)
2644 neigh_sysctl_unregister(idev->arp_parms);
2645 return err;
2646}
2647
2648static void devinet_sysctl_unregister(struct in_device *idev)
2649{
2650 struct net *net = dev_net(idev->dev);
2651
2652 __devinet_sysctl_unregister(net, &idev->cnf, idev->dev->ifindex);
2653 neigh_sysctl_unregister(idev->arp_parms);
2654}
2655
2656static struct ctl_table ctl_forward_entry[] = {
2657 {
2658 .procname = "ip_forward",
2659 .data = &ipv4_devconf.data[
2660 IPV4_DEVCONF_FORWARDING - 1],
2661 .maxlen = sizeof(int),
2662 .mode = 0644,
2663 .proc_handler = devinet_sysctl_forward,
2664 .extra1 = &ipv4_devconf,
2665 .extra2 = &init_net,
2666 },
2667 { },
2668};
2669#endif
2670
2671static __net_init int devinet_init_net(struct net *net)
2672{
2673 int err;
2674 struct ipv4_devconf *all, *dflt;
2675#ifdef CONFIG_SYSCTL
2676 struct ctl_table *tbl;
2677 struct ctl_table_header *forw_hdr;
2678#endif
2679
2680 err = -ENOMEM;
2681 all = kmemdup(&ipv4_devconf, sizeof(ipv4_devconf), GFP_KERNEL);
2682 if (!all)
2683 goto err_alloc_all;
2684
2685 dflt = kmemdup(&ipv4_devconf_dflt, sizeof(ipv4_devconf_dflt), GFP_KERNEL);
2686 if (!dflt)
2687 goto err_alloc_dflt;
2688
2689#ifdef CONFIG_SYSCTL
2690 tbl = kmemdup(ctl_forward_entry, sizeof(ctl_forward_entry), GFP_KERNEL);
2691 if (!tbl)
2692 goto err_alloc_ctl;
2693
2694 tbl[0].data = &all->data[IPV4_DEVCONF_FORWARDING - 1];
2695 tbl[0].extra1 = all;
2696 tbl[0].extra2 = net;
2697#endif
2698
2699 if ((!IS_ENABLED(CONFIG_SYSCTL) ||
2700 sysctl_devconf_inherit_init_net != 2) &&
2701 !net_eq(net, &init_net)) {
2702 memcpy(all, init_net.ipv4.devconf_all, sizeof(ipv4_devconf));
2703 memcpy(dflt, init_net.ipv4.devconf_dflt, sizeof(ipv4_devconf_dflt));
2704 }
2705
2706#ifdef CONFIG_SYSCTL
2707 err = __devinet_sysctl_register(net, "all", NETCONFA_IFINDEX_ALL, all);
2708 if (err < 0)
2709 goto err_reg_all;
2710
2711 err = __devinet_sysctl_register(net, "default",
2712 NETCONFA_IFINDEX_DEFAULT, dflt);
2713 if (err < 0)
2714 goto err_reg_dflt;
2715
2716 err = -ENOMEM;
2717 forw_hdr = register_net_sysctl(net, "net/ipv4", tbl);
2718 if (!forw_hdr)
2719 goto err_reg_ctl;
2720 net->ipv4.forw_hdr = forw_hdr;
2721#endif
2722
2723 net->ipv4.devconf_all = all;
2724 net->ipv4.devconf_dflt = dflt;
2725 return 0;
2726
2727#ifdef CONFIG_SYSCTL
2728err_reg_ctl:
2729 __devinet_sysctl_unregister(net, dflt, NETCONFA_IFINDEX_DEFAULT);
2730err_reg_dflt:
2731 __devinet_sysctl_unregister(net, all, NETCONFA_IFINDEX_ALL);
2732err_reg_all:
2733 kfree(tbl);
2734err_alloc_ctl:
2735#endif
2736 kfree(dflt);
2737err_alloc_dflt:
2738 kfree(all);
2739err_alloc_all:
2740 return err;
2741}
2742
2743static __net_exit void devinet_exit_net(struct net *net)
2744{
2745#ifdef CONFIG_SYSCTL
2746 struct ctl_table *tbl;
2747
2748 tbl = net->ipv4.forw_hdr->ctl_table_arg;
2749 unregister_net_sysctl_table(net->ipv4.forw_hdr);
2750 __devinet_sysctl_unregister(net, net->ipv4.devconf_dflt,
2751 NETCONFA_IFINDEX_DEFAULT);
2752 __devinet_sysctl_unregister(net, net->ipv4.devconf_all,
2753 NETCONFA_IFINDEX_ALL);
2754 kfree(tbl);
2755#endif
2756 kfree(net->ipv4.devconf_dflt);
2757 kfree(net->ipv4.devconf_all);
2758}
2759
2760static __net_initdata struct pernet_operations devinet_ops = {
2761 .init = devinet_init_net,
2762 .exit = devinet_exit_net,
2763};
2764
2765static struct rtnl_af_ops inet_af_ops __read_mostly = {
2766 .family = AF_INET,
2767 .fill_link_af = inet_fill_link_af,
2768 .get_link_af_size = inet_get_link_af_size,
2769 .validate_link_af = inet_validate_link_af,
2770 .set_link_af = inet_set_link_af,
2771};
2772
2773void __init devinet_init(void)
2774{
2775 int i;
2776
2777 for (i = 0; i < IN4_ADDR_HSIZE; i++)
2778 INIT_HLIST_HEAD(&inet_addr_lst[i]);
2779
2780 register_pernet_subsys(&devinet_ops);
2781
2782 register_gifconf(PF_INET, inet_gifconf);
2783 register_netdevice_notifier(&ip_netdev_notifier);
2784
2785 queue_delayed_work(system_power_efficient_wq, &check_lifetime_work, 0);
2786
2787 rtnl_af_register(&inet_af_ops);
2788
2789 rtnl_register(PF_INET, RTM_NEWADDR, inet_rtm_newaddr, NULL, 0);
2790 rtnl_register(PF_INET, RTM_DELADDR, inet_rtm_deladdr, NULL, 0);
2791 rtnl_register(PF_INET, RTM_GETADDR, NULL, inet_dump_ifaddr, 0);
2792 rtnl_register(PF_INET, RTM_GETNETCONF, inet_netconf_get_devconf,
2793 inet_netconf_dump_devconf, 0);
2794}