]> git.proxmox.com Git - mirror_ubuntu-focal-kernel.git/blob - net/ipv4/devinet.c
projects / mirror_ubuntu-focal-kernel.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
devinet: use in_dev_for_each_ifa_rcu in more places
[mirror_ubuntu-focal-kernel.git] / net / ipv4 / devinet.c
1 /*
2 * NET3 IP device support routines.
3 *
4 * This program is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU General Public License
6 * as published by the Free Software Foundation; either version
7 * 2 of the License, or (at your option) any later version.
8 *
9 * Derived from the IP parts of dev.c 1.0.19
10 * Authors: Ross Biro
11 * Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
12 * Mark Evans, <evansmp@uhura.aston.ac.uk>
13 *
14 * Additional Authors:
15 * Alan Cox, <gw4pts@gw4pts.ampr.org>
16 * Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru>
17 *
18 * Changes:
19 * Alexey Kuznetsov: pa_* fields are replaced with ifaddr
20 * lists.
21 * Cyrus Durgin: updated for kmod
22 * Matthias Andree: in devinet_ioctl, compare label and
23 * address (4.4BSD alias style support),
24 * fall back to comparing just the label
25 * if no match found.
26 */
27
28
29 #include <linux/uaccess.h>
30 #include <linux/bitops.h>
31 #include <linux/capability.h>
32 #include <linux/module.h>
33 #include <linux/types.h>
34 #include <linux/kernel.h>
35 #include <linux/sched/signal.h>
36 #include <linux/string.h>
37 #include <linux/mm.h>
38 #include <linux/socket.h>
39 #include <linux/sockios.h>
40 #include <linux/in.h>
41 #include <linux/errno.h>
42 #include <linux/interrupt.h>
43 #include <linux/if_addr.h>
44 #include <linux/if_ether.h>
45 #include <linux/inet.h>
46 #include <linux/netdevice.h>
47 #include <linux/etherdevice.h>
48 #include <linux/skbuff.h>
49 #include <linux/init.h>
50 #include <linux/notifier.h>
51 #include <linux/inetdevice.h>
52 #include <linux/igmp.h>
53 #include <linux/slab.h>
54 #include <linux/hash.h>
55 #ifdef CONFIG_SYSCTL
56 #include <linux/sysctl.h>
57 #endif
58 #include <linux/kmod.h>
59 #include <linux/netconf.h>
60
61 #include <net/arp.h>
62 #include <net/ip.h>
63 #include <net/route.h>
64 #include <net/ip_fib.h>
65 #include <net/rtnetlink.h>
66 #include <net/net_namespace.h>
67 #include <net/addrconf.h>
68
69 static struct ipv4_devconf ipv4_devconf = {
70 .data = {
71 [IPV4_DEVCONF_ACCEPT_REDIRECTS - 1] = 1,
72 [IPV4_DEVCONF_SEND_REDIRECTS - 1] = 1,
73 [IPV4_DEVCONF_SECURE_REDIRECTS - 1] = 1,
74 [IPV4_DEVCONF_SHARED_MEDIA - 1] = 1,
75 [IPV4_DEVCONF_IGMPV2_UNSOLICITED_REPORT_INTERVAL - 1] = 10000 /*ms*/,
76 [IPV4_DEVCONF_IGMPV3_UNSOLICITED_REPORT_INTERVAL - 1] = 1000 /*ms*/,
77 },
78 };
79
80 static struct ipv4_devconf ipv4_devconf_dflt = {
81 .data = {
82 [IPV4_DEVCONF_ACCEPT_REDIRECTS - 1] = 1,
83 [IPV4_DEVCONF_SEND_REDIRECTS - 1] = 1,
84 [IPV4_DEVCONF_SECURE_REDIRECTS - 1] = 1,
85 [IPV4_DEVCONF_SHARED_MEDIA - 1] = 1,
86 [IPV4_DEVCONF_ACCEPT_SOURCE_ROUTE - 1] = 1,
87 [IPV4_DEVCONF_IGMPV2_UNSOLICITED_REPORT_INTERVAL - 1] = 10000 /*ms*/,
88 [IPV4_DEVCONF_IGMPV3_UNSOLICITED_REPORT_INTERVAL - 1] = 1000 /*ms*/,
89 },
90 };
91
92 #define IPV4_DEVCONF_DFLT(net, attr) \
93 IPV4_DEVCONF((*net->ipv4.devconf_dflt), attr)
94
95 static const struct nla_policy ifa_ipv4_policy[IFA_MAX+1] = {
96 [IFA_LOCAL] = { .type = NLA_U32 },
97 [IFA_ADDRESS] = { .type = NLA_U32 },
98 [IFA_BROADCAST] = { .type = NLA_U32 },
99 [IFA_LABEL] = { .type = NLA_STRING, .len = IFNAMSIZ - 1 },
100 [IFA_CACHEINFO] = { .len = sizeof(struct ifa_cacheinfo) },
101 [IFA_FLAGS] = { .type = NLA_U32 },
102 [IFA_RT_PRIORITY] = { .type = NLA_U32 },
103 [IFA_TARGET_NETNSID] = { .type = NLA_S32 },
104 };
105
106 struct inet_fill_args {
107 u32 portid;
108 u32 seq;
109 int event;
110 unsigned int flags;
111 int netnsid;
112 int ifindex;
113 };
114
115 #define IN4_ADDR_HSIZE_SHIFT 8
116 #define IN4_ADDR_HSIZE (1U << IN4_ADDR_HSIZE_SHIFT)
117
118 static struct hlist_head inet_addr_lst[IN4_ADDR_HSIZE];
119
120 static u32 inet_addr_hash(const struct net *net, __be32 addr)
121 {
122 u32 val = (__force u32) addr ^ net_hash_mix(net);
123
124 return hash_32(val, IN4_ADDR_HSIZE_SHIFT);
125 }
126
127 static void inet_hash_insert(struct net *net, struct in_ifaddr *ifa)
128 {
129 u32 hash = inet_addr_hash(net, ifa->ifa_local);
130
131 ASSERT_RTNL();
132 hlist_add_head_rcu(&ifa->hash, &inet_addr_lst[hash]);
133 }
134
135 static void inet_hash_remove(struct in_ifaddr *ifa)
136 {
137 ASSERT_RTNL();
138 hlist_del_init_rcu(&ifa->hash);
139 }
140
141 /**
142 * __ip_dev_find - find the first device with a given source address.
143 * @net: the net namespace
144 * @addr: the source address
145 * @devref: if true, take a reference on the found device
146 *
147 * If a caller uses devref=false, it should be protected by RCU, or RTNL
148 */
149 struct net_device *__ip_dev_find(struct net *net, __be32 addr, bool devref)
150 {
151 struct net_device *result = NULL;
152 struct in_ifaddr *ifa;
153
154 rcu_read_lock();
155 ifa = inet_lookup_ifaddr_rcu(net, addr);
156 if (!ifa) {
157 struct flowi4 fl4 = { .daddr = addr };
158 struct fib_result res = { 0 };
159 struct fib_table *local;
160
161 /* Fallback to FIB local table so that communication
162 * over loopback subnets work.
163 */
164 local = fib_get_table(net, RT_TABLE_LOCAL);
165 if (local &&
166 !fib_table_lookup(local, &fl4, &res, FIB_LOOKUP_NOREF) &&
167 res.type == RTN_LOCAL)
168 result = FIB_RES_DEV(res);
169 } else {
170 result = ifa->ifa_dev->dev;
171 }
172 if (result && devref)
173 dev_hold(result);
174 rcu_read_unlock();
175 return result;
176 }
177 EXPORT_SYMBOL(__ip_dev_find);
178
179 /* called under RCU lock */
180 struct in_ifaddr *inet_lookup_ifaddr_rcu(struct net *net, __be32 addr)
181 {
182 u32 hash = inet_addr_hash(net, addr);
183 struct in_ifaddr *ifa;
184
185 hlist_for_each_entry_rcu(ifa, &inet_addr_lst[hash], hash)
186 if (ifa->ifa_local == addr &&
187 net_eq(dev_net(ifa->ifa_dev->dev), net))
188 return ifa;
189
190 return NULL;
191 }
192
193 static void rtmsg_ifa(int event, struct in_ifaddr *, struct nlmsghdr *, u32);
194
195 static BLOCKING_NOTIFIER_HEAD(inetaddr_chain);
196 static BLOCKING_NOTIFIER_HEAD(inetaddr_validator_chain);
197 static void inet_del_ifa(struct in_device *in_dev, struct in_ifaddr **ifap,
198 int destroy);
199 #ifdef CONFIG_SYSCTL
200 static int devinet_sysctl_register(struct in_device *idev);
201 static void devinet_sysctl_unregister(struct in_device *idev);
202 #else
203 static int devinet_sysctl_register(struct in_device *idev)
204 {
205 return 0;
206 }
207 static void devinet_sysctl_unregister(struct in_device *idev)
208 {
209 }
210 #endif
211
212 /* Locks all the inet devices. */
213
214 static struct in_ifaddr *inet_alloc_ifa(void)
215 {
216 return kzalloc(sizeof(struct in_ifaddr), GFP_KERNEL);
217 }
218
219 static void inet_rcu_free_ifa(struct rcu_head *head)
220 {
221 struct in_ifaddr *ifa = container_of(head, struct in_ifaddr, rcu_head);
222 if (ifa->ifa_dev)
223 in_dev_put(ifa->ifa_dev);
224 kfree(ifa);
225 }
226
227 static void inet_free_ifa(struct in_ifaddr *ifa)
228 {
229 call_rcu(&ifa->rcu_head, inet_rcu_free_ifa);
230 }
231
232 void in_dev_finish_destroy(struct in_device *idev)
233 {
234 struct net_device *dev = idev->dev;
235
236 WARN_ON(idev->ifa_list);
237 WARN_ON(idev->mc_list);
238 kfree(rcu_dereference_protected(idev->mc_hash, 1));
239 #ifdef NET_REFCNT_DEBUG
240 pr_debug("%s: %p=%s\n", __func__, idev, dev ? dev->name : "NIL");
241 #endif
242 dev_put(dev);
243 if (!idev->dead)
244 pr_err("Freeing alive in_device %p\n", idev);
245 else
246 kfree(idev);
247 }
248 EXPORT_SYMBOL(in_dev_finish_destroy);
249
250 static struct in_device *inetdev_init(struct net_device *dev)
251 {
252 struct in_device *in_dev;
253 int err = -ENOMEM;
254
255 ASSERT_RTNL();
256
257 in_dev = kzalloc(sizeof(*in_dev), GFP_KERNEL);
258 if (!in_dev)
259 goto out;
260 memcpy(&in_dev->cnf, dev_net(dev)->ipv4.devconf_dflt,
261 sizeof(in_dev->cnf));
262 in_dev->cnf.sysctl = NULL;
263 in_dev->dev = dev;
264 in_dev->arp_parms = neigh_parms_alloc(dev, &arp_tbl);
265 if (!in_dev->arp_parms)
266 goto out_kfree;
267 if (IPV4_DEVCONF(in_dev->cnf, FORWARDING))
268 dev_disable_lro(dev);
269 /* Reference in_dev->dev */
270 dev_hold(dev);
271 /* Account for reference dev->ip_ptr (below) */
272 refcount_set(&in_dev->refcnt, 1);
273
274 err = devinet_sysctl_register(in_dev);
275 if (err) {
276 in_dev->dead = 1;
277 in_dev_put(in_dev);
278 in_dev = NULL;
279 goto out;
280 }
281 ip_mc_init_dev(in_dev);
282 if (dev->flags & IFF_UP)
283 ip_mc_up(in_dev);
284
285 /* we can receive as soon as ip_ptr is set -- do this last */
286 rcu_assign_pointer(dev->ip_ptr, in_dev);
287 out:
288 return in_dev ?: ERR_PTR(err);
289 out_kfree:
290 kfree(in_dev);
291 in_dev = NULL;
292 goto out;
293 }
294
295 static void in_dev_rcu_put(struct rcu_head *head)
296 {
297 struct in_device *idev = container_of(head, struct in_device, rcu_head);
298 in_dev_put(idev);
299 }
300
301 static void inetdev_destroy(struct in_device *in_dev)
302 {
303 struct in_ifaddr *ifa;
304 struct net_device *dev;
305
306 ASSERT_RTNL();
307
308 dev = in_dev->dev;
309
310 in_dev->dead = 1;
311
312 ip_mc_destroy_dev(in_dev);
313
314 while ((ifa = in_dev->ifa_list) != NULL) {
315 inet_del_ifa(in_dev, &in_dev->ifa_list, 0);
316 inet_free_ifa(ifa);
317 }
318
319 RCU_INIT_POINTER(dev->ip_ptr, NULL);
320
321 devinet_sysctl_unregister(in_dev);
322 neigh_parms_release(&arp_tbl, in_dev->arp_parms);
323 arp_ifdown(dev);
324
325 call_rcu(&in_dev->rcu_head, in_dev_rcu_put);
326 }
327
328 int inet_addr_onlink(struct in_device *in_dev, __be32 a, __be32 b)
329 {
330 const struct in_ifaddr *ifa;
331
332 rcu_read_lock();
333 in_dev_for_each_ifa_rcu(ifa, in_dev) {
334 if (inet_ifa_match(a, ifa)) {
335 if (!b || inet_ifa_match(b, ifa)) {
336 rcu_read_unlock();
337 return 1;
338 }
339 }
340 }
341 rcu_read_unlock();
342 return 0;
343 }
344
345 static void __inet_del_ifa(struct in_device *in_dev, struct in_ifaddr **ifap,
346 int destroy, struct nlmsghdr *nlh, u32 portid)
347 {
348 struct in_ifaddr *promote = NULL;
349 struct in_ifaddr *ifa, *ifa1 = *ifap;
350 struct in_ifaddr *last_prim = in_dev->ifa_list;
351 struct in_ifaddr *prev_prom = NULL;
352 int do_promote = IN_DEV_PROMOTE_SECONDARIES(in_dev);
353
354 ASSERT_RTNL();
355
356 if (in_dev->dead)
357 goto no_promotions;
358
359 /* 1. Deleting primary ifaddr forces deletion all secondaries
360 * unless alias promotion is set
361 **/
362
363 if (!(ifa1->ifa_flags & IFA_F_SECONDARY)) {
364 struct in_ifaddr **ifap1 = &ifa1->ifa_next;
365
366 while ((ifa = *ifap1) != NULL) {
367 if (!(ifa->ifa_flags & IFA_F_SECONDARY) &&
368 ifa1->ifa_scope <= ifa->ifa_scope)
369 last_prim = ifa;
370
371 if (!(ifa->ifa_flags & IFA_F_SECONDARY) ||
372 ifa1->ifa_mask != ifa->ifa_mask ||
373 !inet_ifa_match(ifa1->ifa_address, ifa)) {
374 ifap1 = &ifa->ifa_next;
375 prev_prom = ifa;
376 continue;
377 }
378
379 if (!do_promote) {
380 inet_hash_remove(ifa);
381 *ifap1 = ifa->ifa_next;
382
383 rtmsg_ifa(RTM_DELADDR, ifa, nlh, portid);
384 blocking_notifier_call_chain(&inetaddr_chain,
385 NETDEV_DOWN, ifa);
386 inet_free_ifa(ifa);
387 } else {
388 promote = ifa;
389 break;
390 }
391 }
392 }
393
394 /* On promotion all secondaries from subnet are changing
395 * the primary IP, we must remove all their routes silently
396 * and later to add them back with new prefsrc. Do this
397 * while all addresses are on the device list.
398 */
399 for (ifa = promote; ifa; ifa = ifa->ifa_next) {
400 if (ifa1->ifa_mask == ifa->ifa_mask &&
401 inet_ifa_match(ifa1->ifa_address, ifa))
402 fib_del_ifaddr(ifa, ifa1);
403 }
404
405 no_promotions:
406 /* 2. Unlink it */
407
408 *ifap = ifa1->ifa_next;
409 inet_hash_remove(ifa1);
410
411 /* 3. Announce address deletion */
412
413 /* Send message first, then call notifier.
414 At first sight, FIB update triggered by notifier
415 will refer to already deleted ifaddr, that could confuse
416 netlink listeners. It is not true: look, gated sees
417 that route deleted and if it still thinks that ifaddr
418 is valid, it will try to restore deleted routes... Grr.
419 So that, this order is correct.
420 */
421 rtmsg_ifa(RTM_DELADDR, ifa1, nlh, portid);
422 blocking_notifier_call_chain(&inetaddr_chain, NETDEV_DOWN, ifa1);
423
424 if (promote) {
425 struct in_ifaddr *next_sec = promote->ifa_next;
426
427 if (prev_prom) {
428 prev_prom->ifa_next = promote->ifa_next;
429 promote->ifa_next = last_prim->ifa_next;
430 last_prim->ifa_next = promote;
431 }
432
433 promote->ifa_flags &= ~IFA_F_SECONDARY;
434 rtmsg_ifa(RTM_NEWADDR, promote, nlh, portid);
435 blocking_notifier_call_chain(&inetaddr_chain,
436 NETDEV_UP, promote);
437 for (ifa = next_sec; ifa; ifa = ifa->ifa_next) {
438 if (ifa1->ifa_mask != ifa->ifa_mask ||
439 !inet_ifa_match(ifa1->ifa_address, ifa))
440 continue;
441 fib_add_ifaddr(ifa);
442 }
443
444 }
445 if (destroy)
446 inet_free_ifa(ifa1);
447 }
448
449 static void inet_del_ifa(struct in_device *in_dev, struct in_ifaddr **ifap,
450 int destroy)
451 {
452 __inet_del_ifa(in_dev, ifap, destroy, NULL, 0);
453 }
454
455 static void check_lifetime(struct work_struct *work);
456
457 static DECLARE_DELAYED_WORK(check_lifetime_work, check_lifetime);
458
459 static int __inet_insert_ifa(struct in_ifaddr *ifa, struct nlmsghdr *nlh,
460 u32 portid, struct netlink_ext_ack *extack)
461 {
462 struct in_device *in_dev = ifa->ifa_dev;
463 struct in_ifaddr *ifa1, **ifap, **last_primary;
464 struct in_validator_info ivi;
465 int ret;
466
467 ASSERT_RTNL();
468
469 if (!ifa->ifa_local) {
470 inet_free_ifa(ifa);
471 return 0;
472 }
473
474 ifa->ifa_flags &= ~IFA_F_SECONDARY;
475 last_primary = &in_dev->ifa_list;
476
477 for (ifap = &in_dev->ifa_list; (ifa1 = *ifap) != NULL;
478 ifap = &ifa1->ifa_next) {
479 if (!(ifa1->ifa_flags & IFA_F_SECONDARY) &&
480 ifa->ifa_scope <= ifa1->ifa_scope)
481 last_primary = &ifa1->ifa_next;
482 if (ifa1->ifa_mask == ifa->ifa_mask &&
483 inet_ifa_match(ifa1->ifa_address, ifa)) {
484 if (ifa1->ifa_local == ifa->ifa_local) {
485 inet_free_ifa(ifa);
486 return -EEXIST;
487 }
488 if (ifa1->ifa_scope != ifa->ifa_scope) {
489 inet_free_ifa(ifa);
490 return -EINVAL;
491 }
492 ifa->ifa_flags |= IFA_F_SECONDARY;
493 }
494 }
495
496 /* Allow any devices that wish to register ifaddr validtors to weigh
497 * in now, before changes are committed. The rntl lock is serializing
498 * access here, so the state should not change between a validator call
499 * and a final notify on commit. This isn't invoked on promotion under
500 * the assumption that validators are checking the address itself, and
501 * not the flags.
502 */
503 ivi.ivi_addr = ifa->ifa_address;
504 ivi.ivi_dev = ifa->ifa_dev;
505 ivi.extack = extack;
506 ret = blocking_notifier_call_chain(&inetaddr_validator_chain,
507 NETDEV_UP, &ivi);
508 ret = notifier_to_errno(ret);
509 if (ret) {
510 inet_free_ifa(ifa);
511 return ret;
512 }
513
514 if (!(ifa->ifa_flags & IFA_F_SECONDARY)) {
515 prandom_seed((__force u32) ifa->ifa_local);
516 ifap = last_primary;
517 }
518
519 ifa->ifa_next = *ifap;
520 *ifap = ifa;
521
522 inet_hash_insert(dev_net(in_dev->dev), ifa);
523
524 cancel_delayed_work(&check_lifetime_work);
525 queue_delayed_work(system_power_efficient_wq, &check_lifetime_work, 0);
526
527 /* Send message first, then call notifier.
528 Notifier will trigger FIB update, so that
529 listeners of netlink will know about new ifaddr */
530 rtmsg_ifa(RTM_NEWADDR, ifa, nlh, portid);
531 blocking_notifier_call_chain(&inetaddr_chain, NETDEV_UP, ifa);
532
533 return 0;
534 }
535
536 static int inet_insert_ifa(struct in_ifaddr *ifa)
537 {
538 return __inet_insert_ifa(ifa, NULL, 0, NULL);
539 }
540
541 static int inet_set_ifa(struct net_device *dev, struct in_ifaddr *ifa)
542 {
543 struct in_device *in_dev = __in_dev_get_rtnl(dev);
544
545 ASSERT_RTNL();
546
547 if (!in_dev) {
548 inet_free_ifa(ifa);
549 return -ENOBUFS;
550 }
551 ipv4_devconf_setall(in_dev);
552 neigh_parms_data_state_setall(in_dev->arp_parms);
553 if (ifa->ifa_dev != in_dev) {
554 WARN_ON(ifa->ifa_dev);
555 in_dev_hold(in_dev);
556 ifa->ifa_dev = in_dev;
557 }
558 if (ipv4_is_loopback(ifa->ifa_local))
559 ifa->ifa_scope = RT_SCOPE_HOST;
560 return inet_insert_ifa(ifa);
561 }
562
563 /* Caller must hold RCU or RTNL :
564 * We dont take a reference on found in_device
565 */
566 struct in_device *inetdev_by_index(struct net *net, int ifindex)
567 {
568 struct net_device *dev;
569 struct in_device *in_dev = NULL;
570
571 rcu_read_lock();
572 dev = dev_get_by_index_rcu(net, ifindex);
573 if (dev)
574 in_dev = rcu_dereference_rtnl(dev->ip_ptr);
575 rcu_read_unlock();
576 return in_dev;
577 }
578 EXPORT_SYMBOL(inetdev_by_index);
579
580 /* Called only from RTNL semaphored context. No locks. */
581
582 struct in_ifaddr *inet_ifa_byprefix(struct in_device *in_dev, __be32 prefix,
583 __be32 mask)
584 {
585 struct in_ifaddr *ifa;
586
587 ASSERT_RTNL();
588
589 in_dev_for_each_ifa_rtnl(ifa, in_dev) {
590 if (ifa->ifa_mask == mask && inet_ifa_match(prefix, ifa))
591 return ifa;
592 }
593 return NULL;
594 }
595
596 static int ip_mc_config(struct sock *sk, bool join, const struct in_ifaddr *ifa)
597 {
598 struct ip_mreqn mreq = {
599 .imr_multiaddr.s_addr = ifa->ifa_address,
600 .imr_ifindex = ifa->ifa_dev->dev->ifindex,
601 };
602 int ret;
603
604 ASSERT_RTNL();
605
606 lock_sock(sk);
607 if (join)
608 ret = ip_mc_join_group(sk, &mreq);
609 else
610 ret = ip_mc_leave_group(sk, &mreq);
611 release_sock(sk);
612
613 return ret;
614 }
615
616 static int inet_rtm_deladdr(struct sk_buff *skb, struct nlmsghdr *nlh,
617 struct netlink_ext_ack *extack)
618 {
619 struct net *net = sock_net(skb->sk);
620 struct nlattr *tb[IFA_MAX+1];
621 struct in_device *in_dev;
622 struct ifaddrmsg *ifm;
623 struct in_ifaddr *ifa, **ifap;
624 int err = -EINVAL;
625
626 ASSERT_RTNL();
627
628 err = nlmsg_parse_deprecated(nlh, sizeof(*ifm), tb, IFA_MAX,
629 ifa_ipv4_policy, extack);
630 if (err < 0)
631 goto errout;
632
633 ifm = nlmsg_data(nlh);
634 in_dev = inetdev_by_index(net, ifm->ifa_index);
635 if (!in_dev) {
636 err = -ENODEV;
637 goto errout;
638 }
639
640 for (ifap = &in_dev->ifa_list; (ifa = *ifap) != NULL;
641 ifap = &ifa->ifa_next) {
642 if (tb[IFA_LOCAL] &&
643 ifa->ifa_local != nla_get_in_addr(tb[IFA_LOCAL]))
644 continue;
645
646 if (tb[IFA_LABEL] && nla_strcmp(tb[IFA_LABEL], ifa->ifa_label))
647 continue;
648
649 if (tb[IFA_ADDRESS] &&
650 (ifm->ifa_prefixlen != ifa->ifa_prefixlen ||
651 !inet_ifa_match(nla_get_in_addr(tb[IFA_ADDRESS]), ifa)))
652 continue;
653
654 if (ipv4_is_multicast(ifa->ifa_address))
655 ip_mc_config(net->ipv4.mc_autojoin_sk, false, ifa);
656 __inet_del_ifa(in_dev, ifap, 1, nlh, NETLINK_CB(skb).portid);
657 return 0;
658 }
659
660 err = -EADDRNOTAVAIL;
661 errout:
662 return err;
663 }
664
665 #define INFINITY_LIFE_TIME 0xFFFFFFFF
666
667 static void check_lifetime(struct work_struct *work)
668 {
669 unsigned long now, next, next_sec, next_sched;
670 struct in_ifaddr *ifa;
671 struct hlist_node *n;
672 int i;
673
674 now = jiffies;
675 next = round_jiffies_up(now + ADDR_CHECK_FREQUENCY);
676
677 for (i = 0; i < IN4_ADDR_HSIZE; i++) {
678 bool change_needed = false;
679
680 rcu_read_lock();
681 hlist_for_each_entry_rcu(ifa, &inet_addr_lst[i], hash) {
682 unsigned long age;
683
684 if (ifa->ifa_flags & IFA_F_PERMANENT)
685 continue;
686
687 /* We try to batch several events at once. */
688 age = (now - ifa->ifa_tstamp +
689 ADDRCONF_TIMER_FUZZ_MINUS) / HZ;
690
691 if (ifa->ifa_valid_lft != INFINITY_LIFE_TIME &&
692 age >= ifa->ifa_valid_lft) {
693 change_needed = true;
694 } else if (ifa->ifa_preferred_lft ==
695 INFINITY_LIFE_TIME) {
696 continue;
697 } else if (age >= ifa->ifa_preferred_lft) {
698 if (time_before(ifa->ifa_tstamp +
699 ifa->ifa_valid_lft * HZ, next))
700 next = ifa->ifa_tstamp +
701 ifa->ifa_valid_lft * HZ;
702
703 if (!(ifa->ifa_flags & IFA_F_DEPRECATED))
704 change_needed = true;
705 } else if (time_before(ifa->ifa_tstamp +
706 ifa->ifa_preferred_lft * HZ,
707 next)) {
708 next = ifa->ifa_tstamp +
709 ifa->ifa_preferred_lft * HZ;
710 }
711 }
712 rcu_read_unlock();
713 if (!change_needed)
714 continue;
715 rtnl_lock();
716 hlist_for_each_entry_safe(ifa, n, &inet_addr_lst[i], hash) {
717 unsigned long age;
718
719 if (ifa->ifa_flags & IFA_F_PERMANENT)
720 continue;
721
722 /* We try to batch several events at once. */
723 age = (now - ifa->ifa_tstamp +
724 ADDRCONF_TIMER_FUZZ_MINUS) / HZ;
725
726 if (ifa->ifa_valid_lft != INFINITY_LIFE_TIME &&
727 age >= ifa->ifa_valid_lft) {
728 struct in_ifaddr **ifap;
729
730 for (ifap = &ifa->ifa_dev->ifa_list;
731 *ifap != NULL; ifap = &(*ifap)->ifa_next) {
732 if (*ifap == ifa) {
733 inet_del_ifa(ifa->ifa_dev,
734 ifap, 1);
735 break;
736 }
737 }
738 } else if (ifa->ifa_preferred_lft !=
739 INFINITY_LIFE_TIME &&
740 age >= ifa->ifa_preferred_lft &&
741 !(ifa->ifa_flags & IFA_F_DEPRECATED)) {
742 ifa->ifa_flags |= IFA_F_DEPRECATED;
743 rtmsg_ifa(RTM_NEWADDR, ifa, NULL, 0);
744 }
745 }
746 rtnl_unlock();
747 }
748
749 next_sec = round_jiffies_up(next);
750 next_sched = next;
751
752 /* If rounded timeout is accurate enough, accept it. */
753 if (time_before(next_sec, next + ADDRCONF_TIMER_FUZZ))
754 next_sched = next_sec;
755
756 now = jiffies;
757 /* And minimum interval is ADDRCONF_TIMER_FUZZ_MAX. */
758 if (time_before(next_sched, now + ADDRCONF_TIMER_FUZZ_MAX))
759 next_sched = now + ADDRCONF_TIMER_FUZZ_MAX;
760
761 queue_delayed_work(system_power_efficient_wq, &check_lifetime_work,
762 next_sched - now);
763 }
764
765 static void set_ifa_lifetime(struct in_ifaddr *ifa, __u32 valid_lft,
766 __u32 prefered_lft)
767 {
768 unsigned long timeout;
769
770 ifa->ifa_flags &= ~(IFA_F_PERMANENT | IFA_F_DEPRECATED);
771
772 timeout = addrconf_timeout_fixup(valid_lft, HZ);
773 if (addrconf_finite_timeout(timeout))
774 ifa->ifa_valid_lft = timeout;
775 else
776 ifa->ifa_flags |= IFA_F_PERMANENT;
777
778 timeout = addrconf_timeout_fixup(prefered_lft, HZ);
779 if (addrconf_finite_timeout(timeout)) {
780 if (timeout == 0)
781 ifa->ifa_flags |= IFA_F_DEPRECATED;
782 ifa->ifa_preferred_lft = timeout;
783 }
784 ifa->ifa_tstamp = jiffies;
785 if (!ifa->ifa_cstamp)
786 ifa->ifa_cstamp = ifa->ifa_tstamp;
787 }
788
789 static struct in_ifaddr *rtm_to_ifaddr(struct net *net, struct nlmsghdr *nlh,
790 __u32 *pvalid_lft, __u32 *pprefered_lft,
791 struct netlink_ext_ack *extack)
792 {
793 struct nlattr *tb[IFA_MAX+1];
794 struct in_ifaddr *ifa;
795 struct ifaddrmsg *ifm;
796 struct net_device *dev;
797 struct in_device *in_dev;
798 int err;
799
800 err = nlmsg_parse_deprecated(nlh, sizeof(*ifm), tb, IFA_MAX,
801 ifa_ipv4_policy, extack);
802 if (err < 0)
803 goto errout;
804
805 ifm = nlmsg_data(nlh);
806 err = -EINVAL;
807 if (ifm->ifa_prefixlen > 32 || !tb[IFA_LOCAL])
808 goto errout;
809
810 dev = __dev_get_by_index(net, ifm->ifa_index);
811 err = -ENODEV;
812 if (!dev)
813 goto errout;
814
815 in_dev = __in_dev_get_rtnl(dev);
816 err = -ENOBUFS;
817 if (!in_dev)
818 goto errout;
819
820 ifa = inet_alloc_ifa();
821 if (!ifa)
822 /*
823 * A potential indev allocation can be left alive, it stays
824 * assigned to its device and is destroy with it.
825 */
826 goto errout;
827
828 ipv4_devconf_setall(in_dev);
829 neigh_parms_data_state_setall(in_dev->arp_parms);
830 in_dev_hold(in_dev);
831
832 if (!tb[IFA_ADDRESS])
833 tb[IFA_ADDRESS] = tb[IFA_LOCAL];
834
835 INIT_HLIST_NODE(&ifa->hash);
836 ifa->ifa_prefixlen = ifm->ifa_prefixlen;
837 ifa->ifa_mask = inet_make_mask(ifm->ifa_prefixlen);
838 ifa->ifa_flags = tb[IFA_FLAGS] ? nla_get_u32(tb[IFA_FLAGS]) :
839 ifm->ifa_flags;
840 ifa->ifa_scope = ifm->ifa_scope;
841 ifa->ifa_dev = in_dev;
842
843 ifa->ifa_local = nla_get_in_addr(tb[IFA_LOCAL]);
844 ifa->ifa_address = nla_get_in_addr(tb[IFA_ADDRESS]);
845
846 if (tb[IFA_BROADCAST])
847 ifa->ifa_broadcast = nla_get_in_addr(tb[IFA_BROADCAST]);
848
849 if (tb[IFA_LABEL])
850 nla_strlcpy(ifa->ifa_label, tb[IFA_LABEL], IFNAMSIZ);
851 else
852 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
853
854 if (tb[IFA_RT_PRIORITY])
855 ifa->ifa_rt_priority = nla_get_u32(tb[IFA_RT_PRIORITY]);
856
857 if (tb[IFA_CACHEINFO]) {
858 struct ifa_cacheinfo *ci;
859
860 ci = nla_data(tb[IFA_CACHEINFO]);
861 if (!ci->ifa_valid || ci->ifa_prefered > ci->ifa_valid) {
862 err = -EINVAL;
863 goto errout_free;
864 }
865 *pvalid_lft = ci->ifa_valid;
866 *pprefered_lft = ci->ifa_prefered;
867 }
868
869 return ifa;
870
871 errout_free:
872 inet_free_ifa(ifa);
873 errout:
874 return ERR_PTR(err);
875 }
876
877 static struct in_ifaddr *find_matching_ifa(struct in_ifaddr *ifa)
878 {
879 struct in_device *in_dev = ifa->ifa_dev;
880 struct in_ifaddr *ifa1;
881
882 if (!ifa->ifa_local)
883 return NULL;
884
885 in_dev_for_each_ifa_rtnl(ifa1, in_dev) {
886 if (ifa1->ifa_mask == ifa->ifa_mask &&
887 inet_ifa_match(ifa1->ifa_address, ifa) &&
888 ifa1->ifa_local == ifa->ifa_local)
889 return ifa1;
890 }
891 return NULL;
892 }
893
894 static int inet_rtm_newaddr(struct sk_buff *skb, struct nlmsghdr *nlh,
895 struct netlink_ext_ack *extack)
896 {
897 struct net *net = sock_net(skb->sk);
898 struct in_ifaddr *ifa;
899 struct in_ifaddr *ifa_existing;
900 __u32 valid_lft = INFINITY_LIFE_TIME;
901 __u32 prefered_lft = INFINITY_LIFE_TIME;
902
903 ASSERT_RTNL();
904
905 ifa = rtm_to_ifaddr(net, nlh, &valid_lft, &prefered_lft, extack);
906 if (IS_ERR(ifa))
907 return PTR_ERR(ifa);
908
909 ifa_existing = find_matching_ifa(ifa);
910 if (!ifa_existing) {
911 /* It would be best to check for !NLM_F_CREATE here but
912 * userspace already relies on not having to provide this.
913 */
914 set_ifa_lifetime(ifa, valid_lft, prefered_lft);
915 if (ifa->ifa_flags & IFA_F_MCAUTOJOIN) {
916 int ret = ip_mc_config(net->ipv4.mc_autojoin_sk,
917 true, ifa);
918
919 if (ret < 0) {
920 inet_free_ifa(ifa);
921 return ret;
922 }
923 }
924 return __inet_insert_ifa(ifa, nlh, NETLINK_CB(skb).portid,
925 extack);
926 } else {
927 u32 new_metric = ifa->ifa_rt_priority;
928
929 inet_free_ifa(ifa);
930
931 if (nlh->nlmsg_flags & NLM_F_EXCL ||
932 !(nlh->nlmsg_flags & NLM_F_REPLACE))
933 return -EEXIST;
934 ifa = ifa_existing;
935
936 if (ifa->ifa_rt_priority != new_metric) {
937 fib_modify_prefix_metric(ifa, new_metric);
938 ifa->ifa_rt_priority = new_metric;
939 }
940
941 set_ifa_lifetime(ifa, valid_lft, prefered_lft);
942 cancel_delayed_work(&check_lifetime_work);
943 queue_delayed_work(system_power_efficient_wq,
944 &check_lifetime_work, 0);
945 rtmsg_ifa(RTM_NEWADDR, ifa, nlh, NETLINK_CB(skb).portid);
946 }
947 return 0;
948 }
949
950 /*
951 * Determine a default network mask, based on the IP address.
952 */
953
954 static int inet_abc_len(__be32 addr)
955 {
956 int rc = -1; /* Something else, probably a multicast. */
957
958 if (ipv4_is_zeronet(addr) || ipv4_is_lbcast(addr))
959 rc = 0;
960 else {
961 __u32 haddr = ntohl(addr);
962 if (IN_CLASSA(haddr))
963 rc = 8;
964 else if (IN_CLASSB(haddr))
965 rc = 16;
966 else if (IN_CLASSC(haddr))
967 rc = 24;
968 else if (IN_CLASSE(haddr))
969 rc = 32;
970 }
971
972 return rc;
973 }
974
975
976 int devinet_ioctl(struct net *net, unsigned int cmd, struct ifreq *ifr)
977 {
978 struct sockaddr_in sin_orig;
979 struct sockaddr_in *sin = (struct sockaddr_in *)&ifr->ifr_addr;
980 struct in_device *in_dev;
981 struct in_ifaddr **ifap = NULL;
982 struct in_ifaddr *ifa = NULL;
983 struct net_device *dev;
984 char *colon;
985 int ret = -EFAULT;
986 int tryaddrmatch = 0;
987
988 ifr->ifr_name[IFNAMSIZ - 1] = 0;
989
990 /* save original address for comparison */
991 memcpy(&sin_orig, sin, sizeof(*sin));
992
993 colon = strchr(ifr->ifr_name, ':');
994 if (colon)
995 *colon = 0;
996
997 dev_load(net, ifr->ifr_name);
998
999 switch (cmd) {
1000 case SIOCGIFADDR: /* Get interface address */
1001 case SIOCGIFBRDADDR: /* Get the broadcast address */
1002 case SIOCGIFDSTADDR: /* Get the destination address */
1003 case SIOCGIFNETMASK: /* Get the netmask for the interface */
1004 /* Note that these ioctls will not sleep,
1005 so that we do not impose a lock.
1006 One day we will be forced to put shlock here (I mean SMP)
1007 */
1008 tryaddrmatch = (sin_orig.sin_family == AF_INET);
1009 memset(sin, 0, sizeof(*sin));
1010 sin->sin_family = AF_INET;
1011 break;
1012
1013 case SIOCSIFFLAGS:
1014 ret = -EPERM;
1015 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
1016 goto out;
1017 break;
1018 case SIOCSIFADDR: /* Set interface address (and family) */
1019 case SIOCSIFBRDADDR: /* Set the broadcast address */
1020 case SIOCSIFDSTADDR: /* Set the destination address */
1021 case SIOCSIFNETMASK: /* Set the netmask for the interface */
1022 ret = -EPERM;
1023 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
1024 goto out;
1025 ret = -EINVAL;
1026 if (sin->sin_family != AF_INET)
1027 goto out;
1028 break;
1029 default:
1030 ret = -EINVAL;
1031 goto out;
1032 }
1033
1034 rtnl_lock();
1035
1036 ret = -ENODEV;
1037 dev = __dev_get_by_name(net, ifr->ifr_name);
1038 if (!dev)
1039 goto done;
1040
1041 if (colon)
1042 *colon = ':';
1043
1044 in_dev = __in_dev_get_rtnl(dev);
1045 if (in_dev) {
1046 if (tryaddrmatch) {
1047 /* Matthias Andree */
1048 /* compare label and address (4.4BSD style) */
1049 /* note: we only do this for a limited set of ioctls
1050 and only if the original address family was AF_INET.
1051 This is checked above. */
1052 for (ifap = &in_dev->ifa_list; (ifa = *ifap) != NULL;
1053 ifap = &ifa->ifa_next) {
1054 if (!strcmp(ifr->ifr_name, ifa->ifa_label) &&
1055 sin_orig.sin_addr.s_addr ==
1056 ifa->ifa_local) {
1057 break; /* found */
1058 }
1059 }
1060 }
1061 /* we didn't get a match, maybe the application is
1062 4.3BSD-style and passed in junk so we fall back to
1063 comparing just the label */
1064 if (!ifa) {
1065 for (ifap = &in_dev->ifa_list; (ifa = *ifap) != NULL;
1066 ifap = &ifa->ifa_next)
1067 if (!strcmp(ifr->ifr_name, ifa->ifa_label))
1068 break;
1069 }
1070 }
1071
1072 ret = -EADDRNOTAVAIL;
1073 if (!ifa && cmd != SIOCSIFADDR && cmd != SIOCSIFFLAGS)
1074 goto done;
1075
1076 switch (cmd) {
1077 case SIOCGIFADDR: /* Get interface address */
1078 ret = 0;
1079 sin->sin_addr.s_addr = ifa->ifa_local;
1080 break;
1081
1082 case SIOCGIFBRDADDR: /* Get the broadcast address */
1083 ret = 0;
1084 sin->sin_addr.s_addr = ifa->ifa_broadcast;
1085 break;
1086
1087 case SIOCGIFDSTADDR: /* Get the destination address */
1088 ret = 0;
1089 sin->sin_addr.s_addr = ifa->ifa_address;
1090 break;
1091
1092 case SIOCGIFNETMASK: /* Get the netmask for the interface */
1093 ret = 0;
1094 sin->sin_addr.s_addr = ifa->ifa_mask;
1095 break;
1096
1097 case SIOCSIFFLAGS:
1098 if (colon) {
1099 ret = -EADDRNOTAVAIL;
1100 if (!ifa)
1101 break;
1102 ret = 0;
1103 if (!(ifr->ifr_flags & IFF_UP))
1104 inet_del_ifa(in_dev, ifap, 1);
1105 break;
1106 }
1107 ret = dev_change_flags(dev, ifr->ifr_flags, NULL);
1108 break;
1109
1110 case SIOCSIFADDR: /* Set interface address (and family) */
1111 ret = -EINVAL;
1112 if (inet_abc_len(sin->sin_addr.s_addr) < 0)
1113 break;
1114
1115 if (!ifa) {
1116 ret = -ENOBUFS;
1117 ifa = inet_alloc_ifa();
1118 if (!ifa)
1119 break;
1120 INIT_HLIST_NODE(&ifa->hash);
1121 if (colon)
1122 memcpy(ifa->ifa_label, ifr->ifr_name, IFNAMSIZ);
1123 else
1124 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
1125 } else {
1126 ret = 0;
1127 if (ifa->ifa_local == sin->sin_addr.s_addr)
1128 break;
1129 inet_del_ifa(in_dev, ifap, 0);
1130 ifa->ifa_broadcast = 0;
1131 ifa->ifa_scope = 0;
1132 }
1133
1134 ifa->ifa_address = ifa->ifa_local = sin->sin_addr.s_addr;
1135
1136 if (!(dev->flags & IFF_POINTOPOINT)) {
1137 ifa->ifa_prefixlen = inet_abc_len(ifa->ifa_address);
1138 ifa->ifa_mask = inet_make_mask(ifa->ifa_prefixlen);
1139 if ((dev->flags & IFF_BROADCAST) &&
1140 ifa->ifa_prefixlen < 31)
1141 ifa->ifa_broadcast = ifa->ifa_address |
1142 ~ifa->ifa_mask;
1143 } else {
1144 ifa->ifa_prefixlen = 32;
1145 ifa->ifa_mask = inet_make_mask(32);
1146 }
1147 set_ifa_lifetime(ifa, INFINITY_LIFE_TIME, INFINITY_LIFE_TIME);
1148 ret = inet_set_ifa(dev, ifa);
1149 break;
1150
1151 case SIOCSIFBRDADDR: /* Set the broadcast address */
1152 ret = 0;
1153 if (ifa->ifa_broadcast != sin->sin_addr.s_addr) {
1154 inet_del_ifa(in_dev, ifap, 0);
1155 ifa->ifa_broadcast = sin->sin_addr.s_addr;
1156 inet_insert_ifa(ifa);
1157 }
1158 break;
1159
1160 case SIOCSIFDSTADDR: /* Set the destination address */
1161 ret = 0;
1162 if (ifa->ifa_address == sin->sin_addr.s_addr)
1163 break;
1164 ret = -EINVAL;
1165 if (inet_abc_len(sin->sin_addr.s_addr) < 0)
1166 break;
1167 ret = 0;
1168 inet_del_ifa(in_dev, ifap, 0);
1169 ifa->ifa_address = sin->sin_addr.s_addr;
1170 inet_insert_ifa(ifa);
1171 break;
1172
1173 case SIOCSIFNETMASK: /* Set the netmask for the interface */
1174
1175 /*
1176 * The mask we set must be legal.
1177 */
1178 ret = -EINVAL;
1179 if (bad_mask(sin->sin_addr.s_addr, 0))
1180 break;
1181 ret = 0;
1182 if (ifa->ifa_mask != sin->sin_addr.s_addr) {
1183 __be32 old_mask = ifa->ifa_mask;
1184 inet_del_ifa(in_dev, ifap, 0);
1185 ifa->ifa_mask = sin->sin_addr.s_addr;
1186 ifa->ifa_prefixlen = inet_mask_len(ifa->ifa_mask);
1187
1188 /* See if current broadcast address matches
1189 * with current netmask, then recalculate
1190 * the broadcast address. Otherwise it's a
1191 * funny address, so don't touch it since
1192 * the user seems to know what (s)he's doing...
1193 */
1194 if ((dev->flags & IFF_BROADCAST) &&
1195 (ifa->ifa_prefixlen < 31) &&
1196 (ifa->ifa_broadcast ==
1197 (ifa->ifa_local|~old_mask))) {
1198 ifa->ifa_broadcast = (ifa->ifa_local |
1199 ~sin->sin_addr.s_addr);
1200 }
1201 inet_insert_ifa(ifa);
1202 }
1203 break;
1204 }
1205 done:
1206 rtnl_unlock();
1207 out:
1208 return ret;
1209 }
1210
1211 static int inet_gifconf(struct net_device *dev, char __user *buf, int len, int size)
1212 {
1213 struct in_device *in_dev = __in_dev_get_rtnl(dev);
1214 const struct in_ifaddr *ifa;
1215 struct ifreq ifr;
1216 int done = 0;
1217
1218 if (WARN_ON(size > sizeof(struct ifreq)))
1219 goto out;
1220
1221 if (!in_dev)
1222 goto out;
1223
1224 in_dev_for_each_ifa_rtnl(ifa, in_dev) {
1225 if (!buf) {
1226 done += size;
1227 continue;
1228 }
1229 if (len < size)
1230 break;
1231 memset(&ifr, 0, sizeof(struct ifreq));
1232 strcpy(ifr.ifr_name, ifa->ifa_label);
1233
1234 (*(struct sockaddr_in *)&ifr.ifr_addr).sin_family = AF_INET;
1235 (*(struct sockaddr_in *)&ifr.ifr_addr).sin_addr.s_addr =
1236 ifa->ifa_local;
1237
1238 if (copy_to_user(buf + done, &ifr, size)) {
1239 done = -EFAULT;
1240 break;
1241 }
1242 len -= size;
1243 done += size;
1244 }
1245 out:
1246 return done;
1247 }
1248
1249 static __be32 in_dev_select_addr(const struct in_device *in_dev,
1250 int scope)
1251 {
1252 const struct in_ifaddr *ifa;
1253
1254 in_dev_for_each_ifa_rcu(ifa, in_dev) {
1255 if (ifa->ifa_flags & IFA_F_SECONDARY)
1256 continue;
1257 if (ifa->ifa_scope != RT_SCOPE_LINK &&
1258 ifa->ifa_scope <= scope)
1259 return ifa->ifa_local;
1260 }
1261
1262 return 0;
1263 }
1264
1265 __be32 inet_select_addr(const struct net_device *dev, __be32 dst, int scope)
1266 {
1267 const struct in_ifaddr *ifa;
1268 __be32 addr = 0;
1269 struct in_device *in_dev;
1270 struct net *net = dev_net(dev);
1271 int master_idx;
1272
1273 rcu_read_lock();
1274 in_dev = __in_dev_get_rcu(dev);
1275 if (!in_dev)
1276 goto no_in_dev;
1277
1278 in_dev_for_each_ifa_rcu(ifa, in_dev) {
1279 if (ifa->ifa_flags & IFA_F_SECONDARY)
1280 continue;
1281 if (ifa->ifa_scope > scope)
1282 continue;
1283 if (!dst || inet_ifa_match(dst, ifa)) {
1284 addr = ifa->ifa_local;
1285 break;
1286 }
1287 if (!addr)
1288 addr = ifa->ifa_local;
1289 }
1290
1291 if (addr)
1292 goto out_unlock;
1293 no_in_dev:
1294 master_idx = l3mdev_master_ifindex_rcu(dev);
1295
1296 /* For VRFs, the VRF device takes the place of the loopback device,
1297 * with addresses on it being preferred. Note in such cases the
1298 * loopback device will be among the devices that fail the master_idx
1299 * equality check in the loop below.
1300 */
1301 if (master_idx &&
1302 (dev = dev_get_by_index_rcu(net, master_idx)) &&
1303 (in_dev = __in_dev_get_rcu(dev))) {
1304 addr = in_dev_select_addr(in_dev, scope);
1305 if (addr)
1306 goto out_unlock;
1307 }
1308
1309 /* Not loopback addresses on loopback should be preferred
1310 in this case. It is important that lo is the first interface
1311 in dev_base list.
1312 */
1313 for_each_netdev_rcu(net, dev) {
1314 if (l3mdev_master_ifindex_rcu(dev) != master_idx)
1315 continue;
1316
1317 in_dev = __in_dev_get_rcu(dev);
1318 if (!in_dev)
1319 continue;
1320
1321 addr = in_dev_select_addr(in_dev, scope);
1322 if (addr)
1323 goto out_unlock;
1324 }
1325 out_unlock:
1326 rcu_read_unlock();
1327 return addr;
1328 }
1329 EXPORT_SYMBOL(inet_select_addr);
1330
1331 static __be32 confirm_addr_indev(struct in_device *in_dev, __be32 dst,
1332 __be32 local, int scope)
1333 {
1334 const struct in_ifaddr *ifa;
1335 __be32 addr = 0;
1336 int same = 0;
1337
1338 in_dev_for_each_ifa_rcu(ifa, in_dev) {
1339 if (!addr &&
1340 (local == ifa->ifa_local || !local) &&
1341 ifa->ifa_scope <= scope) {
1342 addr = ifa->ifa_local;
1343 if (same)
1344 break;
1345 }
1346 if (!same) {
1347 same = (!local || inet_ifa_match(local, ifa)) &&
1348 (!dst || inet_ifa_match(dst, ifa));
1349 if (same && addr) {
1350 if (local || !dst)
1351 break;
1352 /* Is the selected addr into dst subnet? */
1353 if (inet_ifa_match(addr, ifa))
1354 break;
1355 /* No, then can we use new local src? */
1356 if (ifa->ifa_scope <= scope) {
1357 addr = ifa->ifa_local;
1358 break;
1359 }
1360 /* search for large dst subnet for addr */
1361 same = 0;
1362 }
1363 }
1364 }
1365
1366 return same ? addr : 0;
1367 }
1368
1369 /*
1370 * Confirm that local IP address exists using wildcards:
1371 * - net: netns to check, cannot be NULL
1372 * - in_dev: only on this interface, NULL=any interface
1373 * - dst: only in the same subnet as dst, 0=any dst
1374 * - local: address, 0=autoselect the local address
1375 * - scope: maximum allowed scope value for the local address
1376 */
1377 __be32 inet_confirm_addr(struct net *net, struct in_device *in_dev,
1378 __be32 dst, __be32 local, int scope)
1379 {
1380 __be32 addr = 0;
1381 struct net_device *dev;
1382
1383 if (in_dev)
1384 return confirm_addr_indev(in_dev, dst, local, scope);
1385
1386 rcu_read_lock();
1387 for_each_netdev_rcu(net, dev) {
1388 in_dev = __in_dev_get_rcu(dev);
1389 if (in_dev) {
1390 addr = confirm_addr_indev(in_dev, dst, local, scope);
1391 if (addr)
1392 break;
1393 }
1394 }
1395 rcu_read_unlock();
1396
1397 return addr;
1398 }
1399 EXPORT_SYMBOL(inet_confirm_addr);
1400
1401 /*
1402 * Device notifier
1403 */
1404
1405 int register_inetaddr_notifier(struct notifier_block *nb)
1406 {
1407 return blocking_notifier_chain_register(&inetaddr_chain, nb);
1408 }
1409 EXPORT_SYMBOL(register_inetaddr_notifier);
1410
1411 int unregister_inetaddr_notifier(struct notifier_block *nb)
1412 {
1413 return blocking_notifier_chain_unregister(&inetaddr_chain, nb);
1414 }
1415 EXPORT_SYMBOL(unregister_inetaddr_notifier);
1416
1417 int register_inetaddr_validator_notifier(struct notifier_block *nb)
1418 {
1419 return blocking_notifier_chain_register(&inetaddr_validator_chain, nb);
1420 }
1421 EXPORT_SYMBOL(register_inetaddr_validator_notifier);
1422
1423 int unregister_inetaddr_validator_notifier(struct notifier_block *nb)
1424 {
1425 return blocking_notifier_chain_unregister(&inetaddr_validator_chain,
1426 nb);
1427 }
1428 EXPORT_SYMBOL(unregister_inetaddr_validator_notifier);
1429
1430 /* Rename ifa_labels for a device name change. Make some effort to preserve
1431 * existing alias numbering and to create unique labels if possible.
1432 */
1433 static void inetdev_changename(struct net_device *dev, struct in_device *in_dev)
1434 {
1435 struct in_ifaddr *ifa;
1436 int named = 0;
1437
1438 in_dev_for_each_ifa_rtnl(ifa, in_dev) {
1439 char old[IFNAMSIZ], *dot;
1440
1441 memcpy(old, ifa->ifa_label, IFNAMSIZ);
1442 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
1443 if (named++ == 0)
1444 goto skip;
1445 dot = strchr(old, ':');
1446 if (!dot) {
1447 sprintf(old, ":%d", named);
1448 dot = old;
1449 }
1450 if (strlen(dot) + strlen(dev->name) < IFNAMSIZ)
1451 strcat(ifa->ifa_label, dot);
1452 else
1453 strcpy(ifa->ifa_label + (IFNAMSIZ - strlen(dot) - 1), dot);
1454 skip:
1455 rtmsg_ifa(RTM_NEWADDR, ifa, NULL, 0);
1456 }
1457 }
1458
1459 static bool inetdev_valid_mtu(unsigned int mtu)
1460 {
1461 return mtu >= IPV4_MIN_MTU;
1462 }
1463
1464 static void inetdev_send_gratuitous_arp(struct net_device *dev,
1465 struct in_device *in_dev)
1466
1467 {
1468 const struct in_ifaddr *ifa;
1469
1470 in_dev_for_each_ifa_rtnl(ifa, in_dev) {
1471 arp_send(ARPOP_REQUEST, ETH_P_ARP,
1472 ifa->ifa_local, dev,
1473 ifa->ifa_local, NULL,
1474 dev->dev_addr, NULL);
1475 }
1476 }
1477
1478 /* Called only under RTNL semaphore */
1479
1480 static int inetdev_event(struct notifier_block *this, unsigned long event,
1481 void *ptr)
1482 {
1483 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
1484 struct in_device *in_dev = __in_dev_get_rtnl(dev);
1485
1486 ASSERT_RTNL();
1487
1488 if (!in_dev) {
1489 if (event == NETDEV_REGISTER) {
1490 in_dev = inetdev_init(dev);
1491 if (IS_ERR(in_dev))
1492 return notifier_from_errno(PTR_ERR(in_dev));
1493 if (dev->flags & IFF_LOOPBACK) {
1494 IN_DEV_CONF_SET(in_dev, NOXFRM, 1);
1495 IN_DEV_CONF_SET(in_dev, NOPOLICY, 1);
1496 }
1497 } else if (event == NETDEV_CHANGEMTU) {
1498 /* Re-enabling IP */
1499 if (inetdev_valid_mtu(dev->mtu))
1500 in_dev = inetdev_init(dev);
1501 }
1502 goto out;
1503 }
1504
1505 switch (event) {
1506 case NETDEV_REGISTER:
1507 pr_debug("%s: bug\n", __func__);
1508 RCU_INIT_POINTER(dev->ip_ptr, NULL);
1509 break;
1510 case NETDEV_UP:
1511 if (!inetdev_valid_mtu(dev->mtu))
1512 break;
1513 if (dev->flags & IFF_LOOPBACK) {
1514 struct in_ifaddr *ifa = inet_alloc_ifa();
1515
1516 if (ifa) {
1517 INIT_HLIST_NODE(&ifa->hash);
1518 ifa->ifa_local =
1519 ifa->ifa_address = htonl(INADDR_LOOPBACK);
1520 ifa->ifa_prefixlen = 8;
1521 ifa->ifa_mask = inet_make_mask(8);
1522 in_dev_hold(in_dev);
1523 ifa->ifa_dev = in_dev;
1524 ifa->ifa_scope = RT_SCOPE_HOST;
1525 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
1526 set_ifa_lifetime(ifa, INFINITY_LIFE_TIME,
1527 INFINITY_LIFE_TIME);
1528 ipv4_devconf_setall(in_dev);
1529 neigh_parms_data_state_setall(in_dev->arp_parms);
1530 inet_insert_ifa(ifa);
1531 }
1532 }
1533 ip_mc_up(in_dev);
1534 /* fall through */
1535 case NETDEV_CHANGEADDR:
1536 if (!IN_DEV_ARP_NOTIFY(in_dev))
1537 break;
1538 /* fall through */
1539 case NETDEV_NOTIFY_PEERS:
1540 /* Send gratuitous ARP to notify of link change */
1541 inetdev_send_gratuitous_arp(dev, in_dev);
1542 break;
1543 case NETDEV_DOWN:
1544 ip_mc_down(in_dev);
1545 break;
1546 case NETDEV_PRE_TYPE_CHANGE:
1547 ip_mc_unmap(in_dev);
1548 break;
1549 case NETDEV_POST_TYPE_CHANGE:
1550 ip_mc_remap(in_dev);
1551 break;
1552 case NETDEV_CHANGEMTU:
1553 if (inetdev_valid_mtu(dev->mtu))
1554 break;
1555 /* disable IP when MTU is not enough */
1556 /* fall through */
1557 case NETDEV_UNREGISTER:
1558 inetdev_destroy(in_dev);
1559 break;
1560 case NETDEV_CHANGENAME:
1561 /* Do not notify about label change, this event is
1562 * not interesting to applications using netlink.
1563 */
1564 inetdev_changename(dev, in_dev);
1565
1566 devinet_sysctl_unregister(in_dev);
1567 devinet_sysctl_register(in_dev);
1568 break;
1569 }
1570 out:
1571 return NOTIFY_DONE;
1572 }
1573
1574 static struct notifier_block ip_netdev_notifier = {
1575 .notifier_call = inetdev_event,
1576 };
1577
1578 static size_t inet_nlmsg_size(void)
1579 {
1580 return NLMSG_ALIGN(sizeof(struct ifaddrmsg))
1581 + nla_total_size(4) /* IFA_ADDRESS */
1582 + nla_total_size(4) /* IFA_LOCAL */
1583 + nla_total_size(4) /* IFA_BROADCAST */
1584 + nla_total_size(IFNAMSIZ) /* IFA_LABEL */
1585 + nla_total_size(4) /* IFA_FLAGS */
1586 + nla_total_size(4) /* IFA_RT_PRIORITY */
1587 + nla_total_size(sizeof(struct ifa_cacheinfo)); /* IFA_CACHEINFO */
1588 }
1589
1590 static inline u32 cstamp_delta(unsigned long cstamp)
1591 {
1592 return (cstamp - INITIAL_JIFFIES) * 100UL / HZ;
1593 }
1594
1595 static int put_cacheinfo(struct sk_buff *skb, unsigned long cstamp,
1596 unsigned long tstamp, u32 preferred, u32 valid)
1597 {
1598 struct ifa_cacheinfo ci;
1599
1600 ci.cstamp = cstamp_delta(cstamp);
1601 ci.tstamp = cstamp_delta(tstamp);
1602 ci.ifa_prefered = preferred;
1603 ci.ifa_valid = valid;
1604
1605 return nla_put(skb, IFA_CACHEINFO, sizeof(ci), &ci);
1606 }
1607
1608 static int inet_fill_ifaddr(struct sk_buff *skb, struct in_ifaddr *ifa,
1609 struct inet_fill_args *args)
1610 {
1611 struct ifaddrmsg *ifm;
1612 struct nlmsghdr *nlh;
1613 u32 preferred, valid;
1614
1615 nlh = nlmsg_put(skb, args->portid, args->seq, args->event, sizeof(*ifm),
1616 args->flags);
1617 if (!nlh)
1618 return -EMSGSIZE;
1619
1620 ifm = nlmsg_data(nlh);
1621 ifm->ifa_family = AF_INET;
1622 ifm->ifa_prefixlen = ifa->ifa_prefixlen;
1623 ifm->ifa_flags = ifa->ifa_flags;
1624 ifm->ifa_scope = ifa->ifa_scope;
1625 ifm->ifa_index = ifa->ifa_dev->dev->ifindex;
1626
1627 if (args->netnsid >= 0 &&
1628 nla_put_s32(skb, IFA_TARGET_NETNSID, args->netnsid))
1629 goto nla_put_failure;
1630
1631 if (!(ifm->ifa_flags & IFA_F_PERMANENT)) {
1632 preferred = ifa->ifa_preferred_lft;
1633 valid = ifa->ifa_valid_lft;
1634 if (preferred != INFINITY_LIFE_TIME) {
1635 long tval = (jiffies - ifa->ifa_tstamp) / HZ;
1636
1637 if (preferred > tval)
1638 preferred -= tval;
1639 else
1640 preferred = 0;
1641 if (valid != INFINITY_LIFE_TIME) {
1642 if (valid > tval)
1643 valid -= tval;
1644 else
1645 valid = 0;
1646 }
1647 }
1648 } else {
1649 preferred = INFINITY_LIFE_TIME;
1650 valid = INFINITY_LIFE_TIME;
1651 }
1652 if ((ifa->ifa_address &&
1653 nla_put_in_addr(skb, IFA_ADDRESS, ifa->ifa_address)) ||
1654 (ifa->ifa_local &&
1655 nla_put_in_addr(skb, IFA_LOCAL, ifa->ifa_local)) ||
1656 (ifa->ifa_broadcast &&
1657 nla_put_in_addr(skb, IFA_BROADCAST, ifa->ifa_broadcast)) ||
1658 (ifa->ifa_label[0] &&
1659 nla_put_string(skb, IFA_LABEL, ifa->ifa_label)) ||
1660 nla_put_u32(skb, IFA_FLAGS, ifa->ifa_flags) ||
1661 (ifa->ifa_rt_priority &&
1662 nla_put_u32(skb, IFA_RT_PRIORITY, ifa->ifa_rt_priority)) ||
1663 put_cacheinfo(skb, ifa->ifa_cstamp, ifa->ifa_tstamp,
1664 preferred, valid))
1665 goto nla_put_failure;
1666
1667 nlmsg_end(skb, nlh);
1668 return 0;
1669
1670 nla_put_failure:
1671 nlmsg_cancel(skb, nlh);
1672 return -EMSGSIZE;
1673 }
1674
1675 static int inet_valid_dump_ifaddr_req(const struct nlmsghdr *nlh,
1676 struct inet_fill_args *fillargs,
1677 struct net **tgt_net, struct sock *sk,
1678 struct netlink_callback *cb)
1679 {
1680 struct netlink_ext_ack *extack = cb->extack;
1681 struct nlattr *tb[IFA_MAX+1];
1682 struct ifaddrmsg *ifm;
1683 int err, i;
1684
1685 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*ifm))) {
1686 NL_SET_ERR_MSG(extack, "ipv4: Invalid header for address dump request");
1687 return -EINVAL;
1688 }
1689
1690 ifm = nlmsg_data(nlh);
1691 if (ifm->ifa_prefixlen || ifm->ifa_flags || ifm->ifa_scope) {
1692 NL_SET_ERR_MSG(extack, "ipv4: Invalid values in header for address dump request");
1693 return -EINVAL;
1694 }
1695
1696 fillargs->ifindex = ifm->ifa_index;
1697 if (fillargs->ifindex) {
1698 cb->answer_flags |= NLM_F_DUMP_FILTERED;
1699 fillargs->flags |= NLM_F_DUMP_FILTERED;
1700 }
1701
1702 err = nlmsg_parse_deprecated_strict(nlh, sizeof(*ifm), tb, IFA_MAX,
1703 ifa_ipv4_policy, extack);
1704 if (err < 0)
1705 return err;
1706
1707 for (i = 0; i <= IFA_MAX; ++i) {
1708 if (!tb[i])
1709 continue;
1710
1711 if (i == IFA_TARGET_NETNSID) {
1712 struct net *net;
1713
1714 fillargs->netnsid = nla_get_s32(tb[i]);
1715
1716 net = rtnl_get_net_ns_capable(sk, fillargs->netnsid);
1717 if (IS_ERR(net)) {
1718 fillargs->netnsid = -1;
1719 NL_SET_ERR_MSG(extack, "ipv4: Invalid target network namespace id");
1720 return PTR_ERR(net);
1721 }
1722 *tgt_net = net;
1723 } else {
1724 NL_SET_ERR_MSG(extack, "ipv4: Unsupported attribute in dump request");
1725 return -EINVAL;
1726 }
1727 }
1728
1729 return 0;
1730 }
1731
1732 static int in_dev_dump_addr(struct in_device *in_dev, struct sk_buff *skb,
1733 struct netlink_callback *cb, int s_ip_idx,
1734 struct inet_fill_args *fillargs)
1735 {
1736 struct in_ifaddr *ifa;
1737 int ip_idx = 0;
1738 int err;
1739
1740 in_dev_for_each_ifa_rcu(ifa, in_dev) {
1741 if (ip_idx < s_ip_idx) {
1742 ip_idx++;
1743 continue;
1744 }
1745 err = inet_fill_ifaddr(skb, ifa, fillargs);
1746 if (err < 0)
1747 goto done;
1748
1749 nl_dump_check_consistent(cb, nlmsg_hdr(skb));
1750 ip_idx++;
1751 }
1752 err = 0;
1753
1754 done:
1755 cb->args[2] = ip_idx;
1756
1757 return err;
1758 }
1759
1760 static int inet_dump_ifaddr(struct sk_buff *skb, struct netlink_callback *cb)
1761 {
1762 const struct nlmsghdr *nlh = cb->nlh;
1763 struct inet_fill_args fillargs = {
1764 .portid = NETLINK_CB(cb->skb).portid,
1765 .seq = nlh->nlmsg_seq,
1766 .event = RTM_NEWADDR,
1767 .flags = NLM_F_MULTI,
1768 .netnsid = -1,
1769 };
1770 struct net *net = sock_net(skb->sk);
1771 struct net *tgt_net = net;
1772 int h, s_h;
1773 int idx, s_idx;
1774 int s_ip_idx;
1775 struct net_device *dev;
1776 struct in_device *in_dev;
1777 struct hlist_head *head;
1778 int err = 0;
1779
1780 s_h = cb->args[0];
1781 s_idx = idx = cb->args[1];
1782 s_ip_idx = cb->args[2];
1783
1784 if (cb->strict_check) {
1785 err = inet_valid_dump_ifaddr_req(nlh, &fillargs, &tgt_net,
1786 skb->sk, cb);
1787 if (err < 0)
1788 goto put_tgt_net;
1789
1790 err = 0;
1791 if (fillargs.ifindex) {
1792 dev = __dev_get_by_index(tgt_net, fillargs.ifindex);
1793 if (!dev) {
1794 err = -ENODEV;
1795 goto put_tgt_net;
1796 }
1797
1798 in_dev = __in_dev_get_rtnl(dev);
1799 if (in_dev) {
1800 err = in_dev_dump_addr(in_dev, skb, cb, s_ip_idx,
1801 &fillargs);
1802 }
1803 goto put_tgt_net;
1804 }
1805 }
1806
1807 for (h = s_h; h < NETDEV_HASHENTRIES; h++, s_idx = 0) {
1808 idx = 0;
1809 head = &tgt_net->dev_index_head[h];
1810 rcu_read_lock();
1811 cb->seq = atomic_read(&tgt_net->ipv4.dev_addr_genid) ^
1812 tgt_net->dev_base_seq;
1813 hlist_for_each_entry_rcu(dev, head, index_hlist) {
1814 if (idx < s_idx)
1815 goto cont;
1816 if (h > s_h || idx > s_idx)
1817 s_ip_idx = 0;
1818 in_dev = __in_dev_get_rcu(dev);
1819 if (!in_dev)
1820 goto cont;
1821
1822 err = in_dev_dump_addr(in_dev, skb, cb, s_ip_idx,
1823 &fillargs);
1824 if (err < 0) {
1825 rcu_read_unlock();
1826 goto done;
1827 }
1828 cont:
1829 idx++;
1830 }
1831 rcu_read_unlock();
1832 }
1833
1834 done:
1835 cb->args[0] = h;
1836 cb->args[1] = idx;
1837 put_tgt_net:
1838 if (fillargs.netnsid >= 0)
1839 put_net(tgt_net);
1840
1841 return skb->len ? : err;
1842 }
1843
1844 static void rtmsg_ifa(int event, struct in_ifaddr *ifa, struct nlmsghdr *nlh,
1845 u32 portid)
1846 {
1847 struct inet_fill_args fillargs = {
1848 .portid = portid,
1849 .seq = nlh ? nlh->nlmsg_seq : 0,
1850 .event = event,
1851 .flags = 0,
1852 .netnsid = -1,
1853 };
1854 struct sk_buff *skb;
1855 int err = -ENOBUFS;
1856 struct net *net;
1857
1858 net = dev_net(ifa->ifa_dev->dev);
1859 skb = nlmsg_new(inet_nlmsg_size(), GFP_KERNEL);
1860 if (!skb)
1861 goto errout;
1862
1863 err = inet_fill_ifaddr(skb, ifa, &fillargs);
1864 if (err < 0) {
1865 /* -EMSGSIZE implies BUG in inet_nlmsg_size() */
1866 WARN_ON(err == -EMSGSIZE);
1867 kfree_skb(skb);
1868 goto errout;
1869 }
1870 rtnl_notify(skb, net, portid, RTNLGRP_IPV4_IFADDR, nlh, GFP_KERNEL);
1871 return;
1872 errout:
1873 if (err < 0)
1874 rtnl_set_sk_err(net, RTNLGRP_IPV4_IFADDR, err);
1875 }
1876
1877 static size_t inet_get_link_af_size(const struct net_device *dev,
1878 u32 ext_filter_mask)
1879 {
1880 struct in_device *in_dev = rcu_dereference_rtnl(dev->ip_ptr);
1881
1882 if (!in_dev)
1883 return 0;
1884
1885 return nla_total_size(IPV4_DEVCONF_MAX * 4); /* IFLA_INET_CONF */
1886 }
1887
1888 static int inet_fill_link_af(struct sk_buff *skb, const struct net_device *dev,
1889 u32 ext_filter_mask)
1890 {
1891 struct in_device *in_dev = rcu_dereference_rtnl(dev->ip_ptr);
1892 struct nlattr *nla;
1893 int i;
1894
1895 if (!in_dev)
1896 return -ENODATA;
1897
1898 nla = nla_reserve(skb, IFLA_INET_CONF, IPV4_DEVCONF_MAX * 4);
1899 if (!nla)
1900 return -EMSGSIZE;
1901
1902 for (i = 0; i < IPV4_DEVCONF_MAX; i++)
1903 ((u32 *) nla_data(nla))[i] = in_dev->cnf.data[i];
1904
1905 return 0;
1906 }
1907
1908 static const struct nla_policy inet_af_policy[IFLA_INET_MAX+1] = {
1909 [IFLA_INET_CONF] = { .type = NLA_NESTED },
1910 };
1911
1912 static int inet_validate_link_af(const struct net_device *dev,
1913 const struct nlattr *nla)
1914 {
1915 struct nlattr *a, *tb[IFLA_INET_MAX+1];
1916 int err, rem;
1917
1918 if (dev && !__in_dev_get_rcu(dev))
1919 return -EAFNOSUPPORT;
1920
1921 err = nla_parse_nested_deprecated(tb, IFLA_INET_MAX, nla,
1922 inet_af_policy, NULL);
1923 if (err < 0)
1924 return err;
1925
1926 if (tb[IFLA_INET_CONF]) {
1927 nla_for_each_nested(a, tb[IFLA_INET_CONF], rem) {
1928 int cfgid = nla_type(a);
1929
1930 if (nla_len(a) < 4)
1931 return -EINVAL;
1932
1933 if (cfgid <= 0 || cfgid > IPV4_DEVCONF_MAX)
1934 return -EINVAL;
1935 }
1936 }
1937
1938 return 0;
1939 }
1940
1941 static int inet_set_link_af(struct net_device *dev, const struct nlattr *nla)
1942 {
1943 struct in_device *in_dev = __in_dev_get_rcu(dev);
1944 struct nlattr *a, *tb[IFLA_INET_MAX+1];
1945 int rem;
1946
1947 if (!in_dev)
1948 return -EAFNOSUPPORT;
1949
1950 if (nla_parse_nested_deprecated(tb, IFLA_INET_MAX, nla, NULL, NULL) < 0)
1951 BUG();
1952
1953 if (tb[IFLA_INET_CONF]) {
1954 nla_for_each_nested(a, tb[IFLA_INET_CONF], rem)
1955 ipv4_devconf_set(in_dev, nla_type(a), nla_get_u32(a));
1956 }
1957
1958 return 0;
1959 }
1960
1961 static int inet_netconf_msgsize_devconf(int type)
1962 {
1963 int size = NLMSG_ALIGN(sizeof(struct netconfmsg))
1964 + nla_total_size(4); /* NETCONFA_IFINDEX */
1965 bool all = false;
1966
1967 if (type == NETCONFA_ALL)
1968 all = true;
1969
1970 if (all || type == NETCONFA_FORWARDING)
1971 size += nla_total_size(4);
1972 if (all || type == NETCONFA_RP_FILTER)
1973 size += nla_total_size(4);
1974 if (all || type == NETCONFA_MC_FORWARDING)
1975 size += nla_total_size(4);
1976 if (all || type == NETCONFA_BC_FORWARDING)
1977 size += nla_total_size(4);
1978 if (all || type == NETCONFA_PROXY_NEIGH)
1979 size += nla_total_size(4);
1980 if (all || type == NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN)
1981 size += nla_total_size(4);
1982
1983 return size;
1984 }
1985
1986 static int inet_netconf_fill_devconf(struct sk_buff *skb, int ifindex,
1987 struct ipv4_devconf *devconf, u32 portid,
1988 u32 seq, int event, unsigned int flags,
1989 int type)
1990 {
1991 struct nlmsghdr *nlh;
1992 struct netconfmsg *ncm;
1993 bool all = false;
1994
1995 nlh = nlmsg_put(skb, portid, seq, event, sizeof(struct netconfmsg),
1996 flags);
1997 if (!nlh)
1998 return -EMSGSIZE;
1999
2000 if (type == NETCONFA_ALL)
2001 all = true;
2002
2003 ncm = nlmsg_data(nlh);
2004 ncm->ncm_family = AF_INET;
2005
2006 if (nla_put_s32(skb, NETCONFA_IFINDEX, ifindex) < 0)
2007 goto nla_put_failure;
2008
2009 if (!devconf)
2010 goto out;
2011
2012 if ((all || type == NETCONFA_FORWARDING) &&
2013 nla_put_s32(skb, NETCONFA_FORWARDING,
2014 IPV4_DEVCONF(*devconf, FORWARDING)) < 0)
2015 goto nla_put_failure;
2016 if ((all || type == NETCONFA_RP_FILTER) &&
2017 nla_put_s32(skb, NETCONFA_RP_FILTER,
2018 IPV4_DEVCONF(*devconf, RP_FILTER)) < 0)
2019 goto nla_put_failure;
2020 if ((all || type == NETCONFA_MC_FORWARDING) &&
2021 nla_put_s32(skb, NETCONFA_MC_FORWARDING,
2022 IPV4_DEVCONF(*devconf, MC_FORWARDING)) < 0)
2023 goto nla_put_failure;
2024 if ((all || type == NETCONFA_BC_FORWARDING) &&
2025 nla_put_s32(skb, NETCONFA_BC_FORWARDING,
2026 IPV4_DEVCONF(*devconf, BC_FORWARDING)) < 0)
2027 goto nla_put_failure;
2028 if ((all || type == NETCONFA_PROXY_NEIGH) &&
2029 nla_put_s32(skb, NETCONFA_PROXY_NEIGH,
2030 IPV4_DEVCONF(*devconf, PROXY_ARP)) < 0)
2031 goto nla_put_failure;
2032 if ((all || type == NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN) &&
2033 nla_put_s32(skb, NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN,
2034 IPV4_DEVCONF(*devconf, IGNORE_ROUTES_WITH_LINKDOWN)) < 0)
2035 goto nla_put_failure;
2036
2037 out:
2038 nlmsg_end(skb, nlh);
2039 return 0;
2040
2041 nla_put_failure:
2042 nlmsg_cancel(skb, nlh);
2043 return -EMSGSIZE;
2044 }
2045
2046 void inet_netconf_notify_devconf(struct net *net, int event, int type,
2047 int ifindex, struct ipv4_devconf *devconf)
2048 {
2049 struct sk_buff *skb;
2050 int err = -ENOBUFS;
2051
2052 skb = nlmsg_new(inet_netconf_msgsize_devconf(type), GFP_KERNEL);
2053 if (!skb)
2054 goto errout;
2055
2056 err = inet_netconf_fill_devconf(skb, ifindex, devconf, 0, 0,
2057 event, 0, type);
2058 if (err < 0) {
2059 /* -EMSGSIZE implies BUG in inet_netconf_msgsize_devconf() */
2060 WARN_ON(err == -EMSGSIZE);
2061 kfree_skb(skb);
2062 goto errout;
2063 }
2064 rtnl_notify(skb, net, 0, RTNLGRP_IPV4_NETCONF, NULL, GFP_KERNEL);
2065 return;
2066 errout:
2067 if (err < 0)
2068 rtnl_set_sk_err(net, RTNLGRP_IPV4_NETCONF, err);
2069 }
2070
2071 static const struct nla_policy devconf_ipv4_policy[NETCONFA_MAX+1] = {
2072 [NETCONFA_IFINDEX] = { .len = sizeof(int) },
2073 [NETCONFA_FORWARDING] = { .len = sizeof(int) },
2074 [NETCONFA_RP_FILTER] = { .len = sizeof(int) },
2075 [NETCONFA_PROXY_NEIGH] = { .len = sizeof(int) },
2076 [NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN] = { .len = sizeof(int) },
2077 };
2078
2079 static int inet_netconf_valid_get_req(struct sk_buff *skb,
2080 const struct nlmsghdr *nlh,
2081 struct nlattr **tb,
2082 struct netlink_ext_ack *extack)
2083 {
2084 int i, err;
2085
2086 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(struct netconfmsg))) {
2087 NL_SET_ERR_MSG(extack, "ipv4: Invalid header for netconf get request");
2088 return -EINVAL;
2089 }
2090
2091 if (!netlink_strict_get_check(skb))
2092 return nlmsg_parse_deprecated(nlh, sizeof(struct netconfmsg),
2093 tb, NETCONFA_MAX,
2094 devconf_ipv4_policy, extack);
2095
2096 err = nlmsg_parse_deprecated_strict(nlh, sizeof(struct netconfmsg),
2097 tb, NETCONFA_MAX,
2098 devconf_ipv4_policy, extack);
2099 if (err)
2100 return err;
2101
2102 for (i = 0; i <= NETCONFA_MAX; i++) {
2103 if (!tb[i])
2104 continue;
2105
2106 switch (i) {
2107 case NETCONFA_IFINDEX:
2108 break;
2109 default:
2110 NL_SET_ERR_MSG(extack, "ipv4: Unsupported attribute in netconf get request");
2111 return -EINVAL;
2112 }
2113 }
2114
2115 return 0;
2116 }
2117
2118 static int inet_netconf_get_devconf(struct sk_buff *in_skb,
2119 struct nlmsghdr *nlh,
2120 struct netlink_ext_ack *extack)
2121 {
2122 struct net *net = sock_net(in_skb->sk);
2123 struct nlattr *tb[NETCONFA_MAX+1];
2124 struct sk_buff *skb;
2125 struct ipv4_devconf *devconf;
2126 struct in_device *in_dev;
2127 struct net_device *dev;
2128 int ifindex;
2129 int err;
2130
2131 err = inet_netconf_valid_get_req(in_skb, nlh, tb, extack);
2132 if (err)
2133 goto errout;
2134
2135 err = -EINVAL;
2136 if (!tb[NETCONFA_IFINDEX])
2137 goto errout;
2138
2139 ifindex = nla_get_s32(tb[NETCONFA_IFINDEX]);
2140 switch (ifindex) {
2141 case NETCONFA_IFINDEX_ALL:
2142 devconf = net->ipv4.devconf_all;
2143 break;
2144 case NETCONFA_IFINDEX_DEFAULT:
2145 devconf = net->ipv4.devconf_dflt;
2146 break;
2147 default:
2148 dev = __dev_get_by_index(net, ifindex);
2149 if (!dev)
2150 goto errout;
2151 in_dev = __in_dev_get_rtnl(dev);
2152 if (!in_dev)
2153 goto errout;
2154 devconf = &in_dev->cnf;
2155 break;
2156 }
2157
2158 err = -ENOBUFS;
2159 skb = nlmsg_new(inet_netconf_msgsize_devconf(NETCONFA_ALL), GFP_KERNEL);
2160 if (!skb)
2161 goto errout;
2162
2163 err = inet_netconf_fill_devconf(skb, ifindex, devconf,
2164 NETLINK_CB(in_skb).portid,
2165 nlh->nlmsg_seq, RTM_NEWNETCONF, 0,
2166 NETCONFA_ALL);
2167 if (err < 0) {
2168 /* -EMSGSIZE implies BUG in inet_netconf_msgsize_devconf() */
2169 WARN_ON(err == -EMSGSIZE);
2170 kfree_skb(skb);
2171 goto errout;
2172 }
2173 err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).portid);
2174 errout:
2175 return err;
2176 }
2177
2178 static int inet_netconf_dump_devconf(struct sk_buff *skb,
2179 struct netlink_callback *cb)
2180 {
2181 const struct nlmsghdr *nlh = cb->nlh;
2182 struct net *net = sock_net(skb->sk);
2183 int h, s_h;
2184 int idx, s_idx;
2185 struct net_device *dev;
2186 struct in_device *in_dev;
2187 struct hlist_head *head;
2188
2189 if (cb->strict_check) {
2190 struct netlink_ext_ack *extack = cb->extack;
2191 struct netconfmsg *ncm;
2192
2193 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*ncm))) {
2194 NL_SET_ERR_MSG(extack, "ipv4: Invalid header for netconf dump request");
2195 return -EINVAL;
2196 }
2197
2198 if (nlmsg_attrlen(nlh, sizeof(*ncm))) {
2199 NL_SET_ERR_MSG(extack, "ipv4: Invalid data after header in netconf dump request");
2200 return -EINVAL;
2201 }
2202 }
2203
2204 s_h = cb->args[0];
2205 s_idx = idx = cb->args[1];
2206
2207 for (h = s_h; h < NETDEV_HASHENTRIES; h++, s_idx = 0) {
2208 idx = 0;
2209 head = &net->dev_index_head[h];
2210 rcu_read_lock();
2211 cb->seq = atomic_read(&net->ipv4.dev_addr_genid) ^
2212 net->dev_base_seq;
2213 hlist_for_each_entry_rcu(dev, head, index_hlist) {
2214 if (idx < s_idx)
2215 goto cont;
2216 in_dev = __in_dev_get_rcu(dev);
2217 if (!in_dev)
2218 goto cont;
2219
2220 if (inet_netconf_fill_devconf(skb, dev->ifindex,
2221 &in_dev->cnf,
2222 NETLINK_CB(cb->skb).portid,
2223 nlh->nlmsg_seq,
2224 RTM_NEWNETCONF,
2225 NLM_F_MULTI,
2226 NETCONFA_ALL) < 0) {
2227 rcu_read_unlock();
2228 goto done;
2229 }
2230 nl_dump_check_consistent(cb, nlmsg_hdr(skb));
2231 cont:
2232 idx++;
2233 }
2234 rcu_read_unlock();
2235 }
2236 if (h == NETDEV_HASHENTRIES) {
2237 if (inet_netconf_fill_devconf(skb, NETCONFA_IFINDEX_ALL,
2238 net->ipv4.devconf_all,
2239 NETLINK_CB(cb->skb).portid,
2240 nlh->nlmsg_seq,
2241 RTM_NEWNETCONF, NLM_F_MULTI,
2242 NETCONFA_ALL) < 0)
2243 goto done;
2244 else
2245 h++;
2246 }
2247 if (h == NETDEV_HASHENTRIES + 1) {
2248 if (inet_netconf_fill_devconf(skb, NETCONFA_IFINDEX_DEFAULT,
2249 net->ipv4.devconf_dflt,
2250 NETLINK_CB(cb->skb).portid,
2251 nlh->nlmsg_seq,
2252 RTM_NEWNETCONF, NLM_F_MULTI,
2253 NETCONFA_ALL) < 0)
2254 goto done;
2255 else
2256 h++;
2257 }
2258 done:
2259 cb->args[0] = h;
2260 cb->args[1] = idx;
2261
2262 return skb->len;
2263 }
2264
2265 #ifdef CONFIG_SYSCTL
2266
2267 static void devinet_copy_dflt_conf(struct net *net, int i)
2268 {
2269 struct net_device *dev;
2270
2271 rcu_read_lock();
2272 for_each_netdev_rcu(net, dev) {
2273 struct in_device *in_dev;
2274
2275 in_dev = __in_dev_get_rcu(dev);
2276 if (in_dev && !test_bit(i, in_dev->cnf.state))
2277 in_dev->cnf.data[i] = net->ipv4.devconf_dflt->data[i];
2278 }
2279 rcu_read_unlock();
2280 }
2281
2282 /* called with RTNL locked */
2283 static void inet_forward_change(struct net *net)
2284 {
2285 struct net_device *dev;
2286 int on = IPV4_DEVCONF_ALL(net, FORWARDING);
2287
2288 IPV4_DEVCONF_ALL(net, ACCEPT_REDIRECTS) = !on;
2289 IPV4_DEVCONF_DFLT(net, FORWARDING) = on;
2290 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2291 NETCONFA_FORWARDING,
2292 NETCONFA_IFINDEX_ALL,
2293 net->ipv4.devconf_all);
2294 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2295 NETCONFA_FORWARDING,
2296 NETCONFA_IFINDEX_DEFAULT,
2297 net->ipv4.devconf_dflt);
2298
2299 for_each_netdev(net, dev) {
2300 struct in_device *in_dev;
2301
2302 if (on)
2303 dev_disable_lro(dev);
2304
2305 in_dev = __in_dev_get_rtnl(dev);
2306 if (in_dev) {
2307 IN_DEV_CONF_SET(in_dev, FORWARDING, on);
2308 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2309 NETCONFA_FORWARDING,
2310 dev->ifindex, &in_dev->cnf);
2311 }
2312 }
2313 }
2314
2315 static int devinet_conf_ifindex(struct net *net, struct ipv4_devconf *cnf)
2316 {
2317 if (cnf == net->ipv4.devconf_dflt)
2318 return NETCONFA_IFINDEX_DEFAULT;
2319 else if (cnf == net->ipv4.devconf_all)
2320 return NETCONFA_IFINDEX_ALL;
2321 else {
2322 struct in_device *idev
2323 = container_of(cnf, struct in_device, cnf);
2324 return idev->dev->ifindex;
2325 }
2326 }
2327
2328 static int devinet_conf_proc(struct ctl_table *ctl, int write,
2329 void __user *buffer,
2330 size_t *lenp, loff_t *ppos)
2331 {
2332 int old_value = *(int *)ctl->data;
2333 int ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
2334 int new_value = *(int *)ctl->data;
2335
2336 if (write) {
2337 struct ipv4_devconf *cnf = ctl->extra1;
2338 struct net *net = ctl->extra2;
2339 int i = (int *)ctl->data - cnf->data;
2340 int ifindex;
2341
2342 set_bit(i, cnf->state);
2343
2344 if (cnf == net->ipv4.devconf_dflt)
2345 devinet_copy_dflt_conf(net, i);
2346 if (i == IPV4_DEVCONF_ACCEPT_LOCAL - 1 ||
2347 i == IPV4_DEVCONF_ROUTE_LOCALNET - 1)
2348 if ((new_value == 0) && (old_value != 0))
2349 rt_cache_flush(net);
2350
2351 if (i == IPV4_DEVCONF_BC_FORWARDING - 1 &&
2352 new_value != old_value)
2353 rt_cache_flush(net);
2354
2355 if (i == IPV4_DEVCONF_RP_FILTER - 1 &&
2356 new_value != old_value) {
2357 ifindex = devinet_conf_ifindex(net, cnf);
2358 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2359 NETCONFA_RP_FILTER,
2360 ifindex, cnf);
2361 }
2362 if (i == IPV4_DEVCONF_PROXY_ARP - 1 &&
2363 new_value != old_value) {
2364 ifindex = devinet_conf_ifindex(net, cnf);
2365 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2366 NETCONFA_PROXY_NEIGH,
2367 ifindex, cnf);
2368 }
2369 if (i == IPV4_DEVCONF_IGNORE_ROUTES_WITH_LINKDOWN - 1 &&
2370 new_value != old_value) {
2371 ifindex = devinet_conf_ifindex(net, cnf);
2372 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2373 NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN,
2374 ifindex, cnf);
2375 }
2376 }
2377
2378 return ret;
2379 }
2380
2381 static int devinet_sysctl_forward(struct ctl_table *ctl, int write,
2382 void __user *buffer,
2383 size_t *lenp, loff_t *ppos)
2384 {
2385 int *valp = ctl->data;
2386 int val = *valp;
2387 loff_t pos = *ppos;
2388 int ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
2389
2390 if (write && *valp != val) {
2391 struct net *net = ctl->extra2;
2392
2393 if (valp != &IPV4_DEVCONF_DFLT(net, FORWARDING)) {
2394 if (!rtnl_trylock()) {
2395 /* Restore the original values before restarting */
2396 *valp = val;
2397 *ppos = pos;
2398 return restart_syscall();
2399 }
2400 if (valp == &IPV4_DEVCONF_ALL(net, FORWARDING)) {
2401 inet_forward_change(net);
2402 } else {
2403 struct ipv4_devconf *cnf = ctl->extra1;
2404 struct in_device *idev =
2405 container_of(cnf, struct in_device, cnf);
2406 if (*valp)
2407 dev_disable_lro(idev->dev);
2408 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2409 NETCONFA_FORWARDING,
2410 idev->dev->ifindex,
2411 cnf);
2412 }
2413 rtnl_unlock();
2414 rt_cache_flush(net);
2415 } else
2416 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2417 NETCONFA_FORWARDING,
2418 NETCONFA_IFINDEX_DEFAULT,
2419 net->ipv4.devconf_dflt);
2420 }
2421
2422 return ret;
2423 }
2424
2425 static int ipv4_doint_and_flush(struct ctl_table *ctl, int write,
2426 void __user *buffer,
2427 size_t *lenp, loff_t *ppos)
2428 {
2429 int *valp = ctl->data;
2430 int val = *valp;
2431 int ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
2432 struct net *net = ctl->extra2;
2433
2434 if (write && *valp != val)
2435 rt_cache_flush(net);
2436
2437 return ret;
2438 }
2439
2440 #define DEVINET_SYSCTL_ENTRY(attr, name, mval, proc) \
2441 { \
2442 .procname = name, \
2443 .data = ipv4_devconf.data + \
2444 IPV4_DEVCONF_ ## attr - 1, \
2445 .maxlen = sizeof(int), \
2446 .mode = mval, \
2447 .proc_handler = proc, \
2448 .extra1 = &ipv4_devconf, \
2449 }
2450
2451 #define DEVINET_SYSCTL_RW_ENTRY(attr, name) \
2452 DEVINET_SYSCTL_ENTRY(attr, name, 0644, devinet_conf_proc)
2453
2454 #define DEVINET_SYSCTL_RO_ENTRY(attr, name) \
2455 DEVINET_SYSCTL_ENTRY(attr, name, 0444, devinet_conf_proc)
2456
2457 #define DEVINET_SYSCTL_COMPLEX_ENTRY(attr, name, proc) \
2458 DEVINET_SYSCTL_ENTRY(attr, name, 0644, proc)
2459
2460 #define DEVINET_SYSCTL_FLUSHING_ENTRY(attr, name) \
2461 DEVINET_SYSCTL_COMPLEX_ENTRY(attr, name, ipv4_doint_and_flush)
2462
2463 static struct devinet_sysctl_table {
2464 struct ctl_table_header *sysctl_header;
2465 struct ctl_table devinet_vars[__IPV4_DEVCONF_MAX];
2466 } devinet_sysctl = {
2467 .devinet_vars = {
2468 DEVINET_SYSCTL_COMPLEX_ENTRY(FORWARDING, "forwarding",
2469 devinet_sysctl_forward),
2470 DEVINET_SYSCTL_RO_ENTRY(MC_FORWARDING, "mc_forwarding"),
2471 DEVINET_SYSCTL_RW_ENTRY(BC_FORWARDING, "bc_forwarding"),
2472
2473 DEVINET_SYSCTL_RW_ENTRY(ACCEPT_REDIRECTS, "accept_redirects"),
2474 DEVINET_SYSCTL_RW_ENTRY(SECURE_REDIRECTS, "secure_redirects"),
2475 DEVINET_SYSCTL_RW_ENTRY(SHARED_MEDIA, "shared_media"),
2476 DEVINET_SYSCTL_RW_ENTRY(RP_FILTER, "rp_filter"),
2477 DEVINET_SYSCTL_RW_ENTRY(SEND_REDIRECTS, "send_redirects"),
2478 DEVINET_SYSCTL_RW_ENTRY(ACCEPT_SOURCE_ROUTE,
2479 "accept_source_route"),
2480 DEVINET_SYSCTL_RW_ENTRY(ACCEPT_LOCAL, "accept_local"),
2481 DEVINET_SYSCTL_RW_ENTRY(SRC_VMARK, "src_valid_mark"),
2482 DEVINET_SYSCTL_RW_ENTRY(PROXY_ARP, "proxy_arp"),
2483 DEVINET_SYSCTL_RW_ENTRY(MEDIUM_ID, "medium_id"),
2484 DEVINET_SYSCTL_RW_ENTRY(BOOTP_RELAY, "bootp_relay"),
2485 DEVINET_SYSCTL_RW_ENTRY(LOG_MARTIANS, "log_martians"),
2486 DEVINET_SYSCTL_RW_ENTRY(TAG, "tag"),
2487 DEVINET_SYSCTL_RW_ENTRY(ARPFILTER, "arp_filter"),
2488 DEVINET_SYSCTL_RW_ENTRY(ARP_ANNOUNCE, "arp_announce"),
2489 DEVINET_SYSCTL_RW_ENTRY(ARP_IGNORE, "arp_ignore"),
2490 DEVINET_SYSCTL_RW_ENTRY(ARP_ACCEPT, "arp_accept"),
2491 DEVINET_SYSCTL_RW_ENTRY(ARP_NOTIFY, "arp_notify"),
2492 DEVINET_SYSCTL_RW_ENTRY(PROXY_ARP_PVLAN, "proxy_arp_pvlan"),
2493 DEVINET_SYSCTL_RW_ENTRY(FORCE_IGMP_VERSION,
2494 "force_igmp_version"),
2495 DEVINET_SYSCTL_RW_ENTRY(IGMPV2_UNSOLICITED_REPORT_INTERVAL,
2496 "igmpv2_unsolicited_report_interval"),
2497 DEVINET_SYSCTL_RW_ENTRY(IGMPV3_UNSOLICITED_REPORT_INTERVAL,
2498 "igmpv3_unsolicited_report_interval"),
2499 DEVINET_SYSCTL_RW_ENTRY(IGNORE_ROUTES_WITH_LINKDOWN,
2500 "ignore_routes_with_linkdown"),
2501 DEVINET_SYSCTL_RW_ENTRY(DROP_GRATUITOUS_ARP,
2502 "drop_gratuitous_arp"),
2503
2504 DEVINET_SYSCTL_FLUSHING_ENTRY(NOXFRM, "disable_xfrm"),
2505 DEVINET_SYSCTL_FLUSHING_ENTRY(NOPOLICY, "disable_policy"),
2506 DEVINET_SYSCTL_FLUSHING_ENTRY(PROMOTE_SECONDARIES,
2507 "promote_secondaries"),
2508 DEVINET_SYSCTL_FLUSHING_ENTRY(ROUTE_LOCALNET,
2509 "route_localnet"),
2510 DEVINET_SYSCTL_FLUSHING_ENTRY(DROP_UNICAST_IN_L2_MULTICAST,
2511 "drop_unicast_in_l2_multicast"),
2512 },
2513 };
2514
2515 static int __devinet_sysctl_register(struct net *net, char *dev_name,
2516 int ifindex, struct ipv4_devconf *p)
2517 {
2518 int i;
2519 struct devinet_sysctl_table *t;
2520 char path[sizeof("net/ipv4/conf/") + IFNAMSIZ];
2521
2522 t = kmemdup(&devinet_sysctl, sizeof(*t), GFP_KERNEL);
2523 if (!t)
2524 goto out;
2525
2526 for (i = 0; i < ARRAY_SIZE(t->devinet_vars) - 1; i++) {
2527 t->devinet_vars[i].data += (char *)p - (char *)&ipv4_devconf;
2528 t->devinet_vars[i].extra1 = p;
2529 t->devinet_vars[i].extra2 = net;
2530 }
2531
2532 snprintf(path, sizeof(path), "net/ipv4/conf/%s", dev_name);
2533
2534 t->sysctl_header = register_net_sysctl(net, path, t->devinet_vars);
2535 if (!t->sysctl_header)
2536 goto free;
2537
2538 p->sysctl = t;
2539
2540 inet_netconf_notify_devconf(net, RTM_NEWNETCONF, NETCONFA_ALL,
2541 ifindex, p);
2542 return 0;
2543
2544 free:
2545 kfree(t);
2546 out:
2547 return -ENOBUFS;
2548 }
2549
2550 static void __devinet_sysctl_unregister(struct net *net,
2551 struct ipv4_devconf *cnf, int ifindex)
2552 {
2553 struct devinet_sysctl_table *t = cnf->sysctl;
2554
2555 if (t) {
2556 cnf->sysctl = NULL;
2557 unregister_net_sysctl_table(t->sysctl_header);
2558 kfree(t);
2559 }
2560
2561 inet_netconf_notify_devconf(net, RTM_DELNETCONF, 0, ifindex, NULL);
2562 }
2563
2564 static int devinet_sysctl_register(struct in_device *idev)
2565 {
2566 int err;
2567
2568 if (!sysctl_dev_name_is_allowed(idev->dev->name))
2569 return -EINVAL;
2570
2571 err = neigh_sysctl_register(idev->dev, idev->arp_parms, NULL);
2572 if (err)
2573 return err;
2574 err = __devinet_sysctl_register(dev_net(idev->dev), idev->dev->name,
2575 idev->dev->ifindex, &idev->cnf);
2576 if (err)
2577 neigh_sysctl_unregister(idev->arp_parms);
2578 return err;
2579 }
2580
2581 static void devinet_sysctl_unregister(struct in_device *idev)
2582 {
2583 struct net *net = dev_net(idev->dev);
2584
2585 __devinet_sysctl_unregister(net, &idev->cnf, idev->dev->ifindex);
2586 neigh_sysctl_unregister(idev->arp_parms);
2587 }
2588
2589 static struct ctl_table ctl_forward_entry[] = {
2590 {
2591 .procname = "ip_forward",
2592 .data = &ipv4_devconf.data[
2593 IPV4_DEVCONF_FORWARDING - 1],
2594 .maxlen = sizeof(int),
2595 .mode = 0644,
2596 .proc_handler = devinet_sysctl_forward,
2597 .extra1 = &ipv4_devconf,
2598 .extra2 = &init_net,
2599 },
2600 { },
2601 };
2602 #endif
2603
2604 static __net_init int devinet_init_net(struct net *net)
2605 {
2606 int err;
2607 struct ipv4_devconf *all, *dflt;
2608 #ifdef CONFIG_SYSCTL
2609 struct ctl_table *tbl;
2610 struct ctl_table_header *forw_hdr;
2611 #endif
2612
2613 err = -ENOMEM;
2614 all = kmemdup(&ipv4_devconf, sizeof(ipv4_devconf), GFP_KERNEL);
2615 if (!all)
2616 goto err_alloc_all;
2617
2618 dflt = kmemdup(&ipv4_devconf_dflt, sizeof(ipv4_devconf_dflt), GFP_KERNEL);
2619 if (!dflt)
2620 goto err_alloc_dflt;
2621
2622 #ifdef CONFIG_SYSCTL
2623 tbl = kmemdup(ctl_forward_entry, sizeof(ctl_forward_entry), GFP_KERNEL);
2624 if (!tbl)
2625 goto err_alloc_ctl;
2626
2627 tbl[0].data = &all->data[IPV4_DEVCONF_FORWARDING - 1];
2628 tbl[0].extra1 = all;
2629 tbl[0].extra2 = net;
2630 #endif
2631
2632 if ((!IS_ENABLED(CONFIG_SYSCTL) ||
2633 sysctl_devconf_inherit_init_net != 2) &&
2634 !net_eq(net, &init_net)) {
2635 memcpy(all, init_net.ipv4.devconf_all, sizeof(ipv4_devconf));
2636 memcpy(dflt, init_net.ipv4.devconf_dflt, sizeof(ipv4_devconf_dflt));
2637 }
2638
2639 #ifdef CONFIG_SYSCTL
2640 err = __devinet_sysctl_register(net, "all", NETCONFA_IFINDEX_ALL, all);
2641 if (err < 0)
2642 goto err_reg_all;
2643
2644 err = __devinet_sysctl_register(net, "default",
2645 NETCONFA_IFINDEX_DEFAULT, dflt);
2646 if (err < 0)
2647 goto err_reg_dflt;
2648
2649 err = -ENOMEM;
2650 forw_hdr = register_net_sysctl(net, "net/ipv4", tbl);
2651 if (!forw_hdr)
2652 goto err_reg_ctl;
2653 net->ipv4.forw_hdr = forw_hdr;
2654 #endif
2655
2656 net->ipv4.devconf_all = all;
2657 net->ipv4.devconf_dflt = dflt;
2658 return 0;
2659
2660 #ifdef CONFIG_SYSCTL
2661 err_reg_ctl:
2662 __devinet_sysctl_unregister(net, dflt, NETCONFA_IFINDEX_DEFAULT);
2663 err_reg_dflt:
2664 __devinet_sysctl_unregister(net, all, NETCONFA_IFINDEX_ALL);
2665 err_reg_all:
2666 kfree(tbl);
2667 err_alloc_ctl:
2668 #endif
2669 kfree(dflt);
2670 err_alloc_dflt:
2671 kfree(all);
2672 err_alloc_all:
2673 return err;
2674 }
2675
2676 static __net_exit void devinet_exit_net(struct net *net)
2677 {
2678 #ifdef CONFIG_SYSCTL
2679 struct ctl_table *tbl;
2680
2681 tbl = net->ipv4.forw_hdr->ctl_table_arg;
2682 unregister_net_sysctl_table(net->ipv4.forw_hdr);
2683 __devinet_sysctl_unregister(net, net->ipv4.devconf_dflt,
2684 NETCONFA_IFINDEX_DEFAULT);
2685 __devinet_sysctl_unregister(net, net->ipv4.devconf_all,
2686 NETCONFA_IFINDEX_ALL);
2687 kfree(tbl);
2688 #endif
2689 kfree(net->ipv4.devconf_dflt);
2690 kfree(net->ipv4.devconf_all);
2691 }
2692
2693 static __net_initdata struct pernet_operations devinet_ops = {
2694 .init = devinet_init_net,
2695 .exit = devinet_exit_net,
2696 };
2697
2698 static struct rtnl_af_ops inet_af_ops __read_mostly = {
2699 .family = AF_INET,
2700 .fill_link_af = inet_fill_link_af,
2701 .get_link_af_size = inet_get_link_af_size,
2702 .validate_link_af = inet_validate_link_af,
2703 .set_link_af = inet_set_link_af,
2704 };
2705
2706 void __init devinet_init(void)
2707 {
2708 int i;
2709
2710 for (i = 0; i < IN4_ADDR_HSIZE; i++)
2711 INIT_HLIST_HEAD(&inet_addr_lst[i]);
2712
2713 register_pernet_subsys(&devinet_ops);
2714
2715 register_gifconf(PF_INET, inet_gifconf);
2716 register_netdevice_notifier(&ip_netdev_notifier);
2717
2718 queue_delayed_work(system_power_efficient_wq, &check_lifetime_work, 0);
2719
2720 rtnl_af_register(&inet_af_ops);
2721
2722 rtnl_register(PF_INET, RTM_NEWADDR, inet_rtm_newaddr, NULL, 0);
2723 rtnl_register(PF_INET, RTM_DELADDR, inet_rtm_deladdr, NULL, 0);
2724 rtnl_register(PF_INET, RTM_GETADDR, NULL, inet_dump_ifaddr, 0);
2725 rtnl_register(PF_INET, RTM_GETNETCONF, inet_netconf_get_devconf,
2726 inet_netconf_dump_devconf, 0);
2727 }
Ubuntu Focal Linux kernel mirror