1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * NET3 IP device support routines. 4 * 5 * Derived from the IP parts of dev.c 1.0.19 6 * Authors: Ross Biro 7 * Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG> 8 * Mark Evans, <evansmp@uhura.aston.ac.uk> 9 * 10 * Additional Authors: 11 * Alan Cox, <gw4pts@gw4pts.ampr.org> 12 * Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru> 13 * 14 * Changes: 15 * Alexey Kuznetsov: pa_* fields are replaced with ifaddr 16 * lists. 17 * Cyrus Durgin: updated for kmod 18 * Matthias Andree: in devinet_ioctl, compare label and 19 * address (4.4BSD alias style support), 20 * fall back to comparing just the label 21 * if no match found. 22 */ 23 24 25 #include <linux/uaccess.h> 26 #include <linux/bitops.h> 27 #include <linux/capability.h> 28 #include <linux/module.h> 29 #include <linux/types.h> 30 #include <linux/kernel.h> 31 #include <linux/sched/signal.h> 32 #include <linux/string.h> 33 #include <linux/mm.h> 34 #include <linux/socket.h> 35 #include <linux/sockios.h> 36 #include <linux/in.h> 37 #include <linux/errno.h> 38 #include <linux/interrupt.h> 39 #include <linux/if_addr.h> 40 #include <linux/if_ether.h> 41 #include <linux/inet.h> 42 #include <linux/netdevice.h> 43 #include <linux/etherdevice.h> 44 #include <linux/skbuff.h> 45 #include <linux/init.h> 46 #include <linux/notifier.h> 47 #include <linux/inetdevice.h> 48 #include <linux/igmp.h> 49 #include <linux/slab.h> 50 #include <linux/hash.h> 51 #ifdef CONFIG_SYSCTL 52 #include <linux/sysctl.h> 53 #endif 54 #include <linux/kmod.h> 55 #include <linux/netconf.h> 56 57 #include <net/arp.h> 58 #include <net/ip.h> 59 #include <net/route.h> 60 #include <net/ip_fib.h> 61 #include <net/rtnetlink.h> 62 #include <net/net_namespace.h> 63 #include <net/addrconf.h> 64 65 static struct ipv4_devconf ipv4_devconf = { 66 .data = { 67 [IPV4_DEVCONF_ACCEPT_REDIRECTS - 1] = 1, 68 [IPV4_DEVCONF_SEND_REDIRECTS - 1] = 1, 69 [IPV4_DEVCONF_SECURE_REDIRECTS - 1] = 1, 70 [IPV4_DEVCONF_SHARED_MEDIA - 1] = 1, 71 [IPV4_DEVCONF_IGMPV2_UNSOLICITED_REPORT_INTERVAL - 1] = 10000 /*ms*/, 72 [IPV4_DEVCONF_IGMPV3_UNSOLICITED_REPORT_INTERVAL - 1] = 1000 /*ms*/, 73 }, 74 }; 75 76 static struct ipv4_devconf ipv4_devconf_dflt = { 77 .data = { 78 [IPV4_DEVCONF_ACCEPT_REDIRECTS - 1] = 1, 79 [IPV4_DEVCONF_SEND_REDIRECTS - 1] = 1, 80 [IPV4_DEVCONF_SECURE_REDIRECTS - 1] = 1, 81 [IPV4_DEVCONF_SHARED_MEDIA - 1] = 1, 82 [IPV4_DEVCONF_ACCEPT_SOURCE_ROUTE - 1] = 1, 83 [IPV4_DEVCONF_IGMPV2_UNSOLICITED_REPORT_INTERVAL - 1] = 10000 /*ms*/, 84 [IPV4_DEVCONF_IGMPV3_UNSOLICITED_REPORT_INTERVAL - 1] = 1000 /*ms*/, 85 }, 86 }; 87 88 #define IPV4_DEVCONF_DFLT(net, attr) \ 89 IPV4_DEVCONF((*net->ipv4.devconf_dflt), attr) 90 91 static const struct nla_policy ifa_ipv4_policy[IFA_MAX+1] = { 92 [IFA_LOCAL] = { .type = NLA_U32 }, 93 [IFA_ADDRESS] = { .type = NLA_U32 }, 94 [IFA_BROADCAST] = { .type = NLA_U32 }, 95 [IFA_LABEL] = { .type = NLA_STRING, .len = IFNAMSIZ - 1 }, 96 [IFA_CACHEINFO] = { .len = sizeof(struct ifa_cacheinfo) }, 97 [IFA_FLAGS] = { .type = NLA_U32 }, 98 [IFA_RT_PRIORITY] = { .type = NLA_U32 }, 99 [IFA_TARGET_NETNSID] = { .type = NLA_S32 }, 100 }; 101 102 struct inet_fill_args { 103 u32 portid; 104 u32 seq; 105 int event; 106 unsigned int flags; 107 int netnsid; 108 int ifindex; 109 }; 110 111 #define IN4_ADDR_HSIZE_SHIFT 8 112 #define IN4_ADDR_HSIZE (1U << IN4_ADDR_HSIZE_SHIFT) 113 114 static struct hlist_head inet_addr_lst[IN4_ADDR_HSIZE]; 115 116 static u32 inet_addr_hash(const struct net *net, __be32 addr) 117 { 118 u32 val = (__force u32) addr ^ net_hash_mix(net); 119 120 return hash_32(val, IN4_ADDR_HSIZE_SHIFT); 121 } 122 123 static void inet_hash_insert(struct net *net, struct in_ifaddr *ifa) 124 { 125 u32 hash = inet_addr_hash(net, ifa->ifa_local); 126 127 ASSERT_RTNL(); 128 hlist_add_head_rcu(&ifa->hash, &inet_addr_lst[hash]); 129 } 130 131 static void inet_hash_remove(struct in_ifaddr *ifa) 132 { 133 ASSERT_RTNL(); 134 hlist_del_init_rcu(&ifa->hash); 135 } 136 137 /** 138 * __ip_dev_find - find the first device with a given source address. 139 * @net: the net namespace 140 * @addr: the source address 141 * @devref: if true, take a reference on the found device 142 * 143 * If a caller uses devref=false, it should be protected by RCU, or RTNL 144 */ 145 struct net_device *__ip_dev_find(struct net *net, __be32 addr, bool devref) 146 { 147 struct net_device *result = NULL; 148 struct in_ifaddr *ifa; 149 150 rcu_read_lock(); 151 ifa = inet_lookup_ifaddr_rcu(net, addr); 152 if (!ifa) { 153 struct flowi4 fl4 = { .daddr = addr }; 154 struct fib_result res = { 0 }; 155 struct fib_table *local; 156 157 /* Fallback to FIB local table so that communication 158 * over loopback subnets work. 159 */ 160 local = fib_get_table(net, RT_TABLE_LOCAL); 161 if (local && 162 !fib_table_lookup(local, &fl4, &res, FIB_LOOKUP_NOREF) && 163 res.type == RTN_LOCAL) 164 result = FIB_RES_DEV(res); 165 } else { 166 result = ifa->ifa_dev->dev; 167 } 168 if (result && devref) 169 dev_hold(result); 170 rcu_read_unlock(); 171 return result; 172 } 173 EXPORT_SYMBOL(__ip_dev_find); 174 175 /* called under RCU lock */ 176 struct in_ifaddr *inet_lookup_ifaddr_rcu(struct net *net, __be32 addr) 177 { 178 u32 hash = inet_addr_hash(net, addr); 179 struct in_ifaddr *ifa; 180 181 hlist_for_each_entry_rcu(ifa, &inet_addr_lst[hash], hash) 182 if (ifa->ifa_local == addr && 183 net_eq(dev_net(ifa->ifa_dev->dev), net)) 184 return ifa; 185 186 return NULL; 187 } 188 189 static void rtmsg_ifa(int event, struct in_ifaddr *, struct nlmsghdr *, u32); 190 191 static BLOCKING_NOTIFIER_HEAD(inetaddr_chain); 192 static BLOCKING_NOTIFIER_HEAD(inetaddr_validator_chain); 193 static void inet_del_ifa(struct in_device *in_dev, 194 struct in_ifaddr __rcu **ifap, 195 int destroy); 196 #ifdef CONFIG_SYSCTL 197 static int devinet_sysctl_register(struct in_device *idev); 198 static void devinet_sysctl_unregister(struct in_device *idev); 199 #else 200 static int devinet_sysctl_register(struct in_device *idev) 201 { 202 return 0; 203 } 204 static void devinet_sysctl_unregister(struct in_device *idev) 205 { 206 } 207 #endif 208 209 /* Locks all the inet devices. */ 210 211 static struct in_ifaddr *inet_alloc_ifa(void) 212 { 213 return kzalloc(sizeof(struct in_ifaddr), GFP_KERNEL); 214 } 215 216 static void inet_rcu_free_ifa(struct rcu_head *head) 217 { 218 struct in_ifaddr *ifa = container_of(head, struct in_ifaddr, rcu_head); 219 if (ifa->ifa_dev) 220 in_dev_put(ifa->ifa_dev); 221 kfree(ifa); 222 } 223 224 static void inet_free_ifa(struct in_ifaddr *ifa) 225 { 226 call_rcu(&ifa->rcu_head, inet_rcu_free_ifa); 227 } 228 229 void in_dev_finish_destroy(struct in_device *idev) 230 { 231 struct net_device *dev = idev->dev; 232 233 WARN_ON(idev->ifa_list); 234 WARN_ON(idev->mc_list); 235 kfree(rcu_dereference_protected(idev->mc_hash, 1)); 236 #ifdef NET_REFCNT_DEBUG 237 pr_debug("%s: %p=%s\n", __func__, idev, dev ? dev->name : "NIL"); 238 #endif 239 dev_put(dev); 240 if (!idev->dead) 241 pr_err("Freeing alive in_device %p\n", idev); 242 else 243 kfree(idev); 244 } 245 EXPORT_SYMBOL(in_dev_finish_destroy); 246 247 static struct in_device *inetdev_init(struct net_device *dev) 248 { 249 struct in_device *in_dev; 250 int err = -ENOMEM; 251 252 ASSERT_RTNL(); 253 254 in_dev = kzalloc(sizeof(*in_dev), GFP_KERNEL); 255 if (!in_dev) 256 goto out; 257 memcpy(&in_dev->cnf, dev_net(dev)->ipv4.devconf_dflt, 258 sizeof(in_dev->cnf)); 259 in_dev->cnf.sysctl = NULL; 260 in_dev->dev = dev; 261 in_dev->arp_parms = neigh_parms_alloc(dev, &arp_tbl); 262 if (!in_dev->arp_parms) 263 goto out_kfree; 264 if (IPV4_DEVCONF(in_dev->cnf, FORWARDING)) 265 dev_disable_lro(dev); 266 /* Reference in_dev->dev */ 267 dev_hold(dev); 268 /* Account for reference dev->ip_ptr (below) */ 269 refcount_set(&in_dev->refcnt, 1); 270 271 err = devinet_sysctl_register(in_dev); 272 if (err) { 273 in_dev->dead = 1; 274 in_dev_put(in_dev); 275 in_dev = NULL; 276 goto out; 277 } 278 ip_mc_init_dev(in_dev); 279 if (dev->flags & IFF_UP) 280 ip_mc_up(in_dev); 281 282 /* we can receive as soon as ip_ptr is set -- do this last */ 283 rcu_assign_pointer(dev->ip_ptr, in_dev); 284 out: 285 return in_dev ?: ERR_PTR(err); 286 out_kfree: 287 kfree(in_dev); 288 in_dev = NULL; 289 goto out; 290 } 291 292 static void in_dev_rcu_put(struct rcu_head *head) 293 { 294 struct in_device *idev = container_of(head, struct in_device, rcu_head); 295 in_dev_put(idev); 296 } 297 298 static void inetdev_destroy(struct in_device *in_dev) 299 { 300 struct net_device *dev; 301 struct in_ifaddr *ifa; 302 303 ASSERT_RTNL(); 304 305 dev = in_dev->dev; 306 307 in_dev->dead = 1; 308 309 ip_mc_destroy_dev(in_dev); 310 311 while ((ifa = rtnl_dereference(in_dev->ifa_list)) != NULL) { 312 inet_del_ifa(in_dev, &in_dev->ifa_list, 0); 313 inet_free_ifa(ifa); 314 } 315 316 RCU_INIT_POINTER(dev->ip_ptr, NULL); 317 318 devinet_sysctl_unregister(in_dev); 319 neigh_parms_release(&arp_tbl, in_dev->arp_parms); 320 arp_ifdown(dev); 321 322 call_rcu(&in_dev->rcu_head, in_dev_rcu_put); 323 } 324 325 int inet_addr_onlink(struct in_device *in_dev, __be32 a, __be32 b) 326 { 327 const struct in_ifaddr *ifa; 328 329 rcu_read_lock(); 330 in_dev_for_each_ifa_rcu(ifa, in_dev) { 331 if (inet_ifa_match(a, ifa)) { 332 if (!b || inet_ifa_match(b, ifa)) { 333 rcu_read_unlock(); 334 return 1; 335 } 336 } 337 } 338 rcu_read_unlock(); 339 return 0; 340 } 341 342 static void __inet_del_ifa(struct in_device *in_dev, 343 struct in_ifaddr __rcu **ifap, 344 int destroy, struct nlmsghdr *nlh, u32 portid) 345 { 346 struct in_ifaddr *promote = NULL; 347 struct in_ifaddr *ifa, *ifa1; 348 struct in_ifaddr *last_prim; 349 struct in_ifaddr *prev_prom = NULL; 350 int do_promote = IN_DEV_PROMOTE_SECONDARIES(in_dev); 351 352 ASSERT_RTNL(); 353 354 ifa1 = rtnl_dereference(*ifap); 355 last_prim = rtnl_dereference(in_dev->ifa_list); 356 if (in_dev->dead) 357 goto no_promotions; 358 359 /* 1. Deleting primary ifaddr forces deletion all secondaries 360 * unless alias promotion is set 361 **/ 362 363 if (!(ifa1->ifa_flags & IFA_F_SECONDARY)) { 364 struct in_ifaddr __rcu **ifap1 = &ifa1->ifa_next; 365 366 while ((ifa = rtnl_dereference(*ifap1)) != NULL) { 367 if (!(ifa->ifa_flags & IFA_F_SECONDARY) && 368 ifa1->ifa_scope <= ifa->ifa_scope) 369 last_prim = ifa; 370 371 if (!(ifa->ifa_flags & IFA_F_SECONDARY) || 372 ifa1->ifa_mask != ifa->ifa_mask || 373 !inet_ifa_match(ifa1->ifa_address, ifa)) { 374 ifap1 = &ifa->ifa_next; 375 prev_prom = ifa; 376 continue; 377 } 378 379 if (!do_promote) { 380 inet_hash_remove(ifa); 381 *ifap1 = ifa->ifa_next; 382 383 rtmsg_ifa(RTM_DELADDR, ifa, nlh, portid); 384 blocking_notifier_call_chain(&inetaddr_chain, 385 NETDEV_DOWN, ifa); 386 inet_free_ifa(ifa); 387 } else { 388 promote = ifa; 389 break; 390 } 391 } 392 } 393 394 /* On promotion all secondaries from subnet are changing 395 * the primary IP, we must remove all their routes silently 396 * and later to add them back with new prefsrc. Do this 397 * while all addresses are on the device list. 398 */ 399 for (ifa = promote; ifa; ifa = rtnl_dereference(ifa->ifa_next)) { 400 if (ifa1->ifa_mask == ifa->ifa_mask && 401 inet_ifa_match(ifa1->ifa_address, ifa)) 402 fib_del_ifaddr(ifa, ifa1); 403 } 404 405 no_promotions: 406 /* 2. Unlink it */ 407 408 *ifap = ifa1->ifa_next; 409 inet_hash_remove(ifa1); 410 411 /* 3. Announce address deletion */ 412 413 /* Send message first, then call notifier. 414 At first sight, FIB update triggered by notifier 415 will refer to already deleted ifaddr, that could confuse 416 netlink listeners. It is not true: look, gated sees 417 that route deleted and if it still thinks that ifaddr 418 is valid, it will try to restore deleted routes... Grr. 419 So that, this order is correct. 420 */ 421 rtmsg_ifa(RTM_DELADDR, ifa1, nlh, portid); 422 blocking_notifier_call_chain(&inetaddr_chain, NETDEV_DOWN, ifa1); 423 424 if (promote) { 425 struct in_ifaddr *next_sec; 426 427 next_sec = rtnl_dereference(promote->ifa_next); 428 if (prev_prom) { 429 struct in_ifaddr *last_sec; 430 431 rcu_assign_pointer(prev_prom->ifa_next, next_sec); 432 433 last_sec = rtnl_dereference(last_prim->ifa_next); 434 rcu_assign_pointer(promote->ifa_next, last_sec); 435 rcu_assign_pointer(last_prim->ifa_next, promote); 436 } 437 438 promote->ifa_flags &= ~IFA_F_SECONDARY; 439 rtmsg_ifa(RTM_NEWADDR, promote, nlh, portid); 440 blocking_notifier_call_chain(&inetaddr_chain, 441 NETDEV_UP, promote); 442 for (ifa = next_sec; ifa; 443 ifa = rtnl_dereference(ifa->ifa_next)) { 444 if (ifa1->ifa_mask != ifa->ifa_mask || 445 !inet_ifa_match(ifa1->ifa_address, ifa)) 446 continue; 447 fib_add_ifaddr(ifa); 448 } 449 450 } 451 if (destroy) 452 inet_free_ifa(ifa1); 453 } 454 455 static void inet_del_ifa(struct in_device *in_dev, 456 struct in_ifaddr __rcu **ifap, 457 int destroy) 458 { 459 __inet_del_ifa(in_dev, ifap, destroy, NULL, 0); 460 } 461 462 static void check_lifetime(struct work_struct *work); 463 464 static DECLARE_DELAYED_WORK(check_lifetime_work, check_lifetime); 465 466 static int __inet_insert_ifa(struct in_ifaddr *ifa, struct nlmsghdr *nlh, 467 u32 portid, struct netlink_ext_ack *extack) 468 { 469 struct in_ifaddr __rcu **last_primary, **ifap; 470 struct in_device *in_dev = ifa->ifa_dev; 471 struct in_validator_info ivi; 472 struct in_ifaddr *ifa1; 473 int ret; 474 475 ASSERT_RTNL(); 476 477 if (!ifa->ifa_local) { 478 inet_free_ifa(ifa); 479 return 0; 480 } 481 482 ifa->ifa_flags &= ~IFA_F_SECONDARY; 483 last_primary = &in_dev->ifa_list; 484 485 ifap = &in_dev->ifa_list; 486 ifa1 = rtnl_dereference(*ifap); 487 488 while (ifa1) { 489 if (!(ifa1->ifa_flags & IFA_F_SECONDARY) && 490 ifa->ifa_scope <= ifa1->ifa_scope) 491 last_primary = &ifa1->ifa_next; 492 if (ifa1->ifa_mask == ifa->ifa_mask && 493 inet_ifa_match(ifa1->ifa_address, ifa)) { 494 if (ifa1->ifa_local == ifa->ifa_local) { 495 inet_free_ifa(ifa); 496 return -EEXIST; 497 } 498 if (ifa1->ifa_scope != ifa->ifa_scope) { 499 inet_free_ifa(ifa); 500 return -EINVAL; 501 } 502 ifa->ifa_flags |= IFA_F_SECONDARY; 503 } 504 505 ifap = &ifa1->ifa_next; 506 ifa1 = rtnl_dereference(*ifap); 507 } 508 509 /* Allow any devices that wish to register ifaddr validtors to weigh 510 * in now, before changes are committed. The rntl lock is serializing 511 * access here, so the state should not change between a validator call 512 * and a final notify on commit. This isn't invoked on promotion under 513 * the assumption that validators are checking the address itself, and 514 * not the flags. 515 */ 516 ivi.ivi_addr = ifa->ifa_address; 517 ivi.ivi_dev = ifa->ifa_dev; 518 ivi.extack = extack; 519 ret = blocking_notifier_call_chain(&inetaddr_validator_chain, 520 NETDEV_UP, &ivi); 521 ret = notifier_to_errno(ret); 522 if (ret) { 523 inet_free_ifa(ifa); 524 return ret; 525 } 526 527 if (!(ifa->ifa_flags & IFA_F_SECONDARY)) { 528 prandom_seed((__force u32) ifa->ifa_local); 529 ifap = last_primary; 530 } 531 532 rcu_assign_pointer(ifa->ifa_next, *ifap); 533 rcu_assign_pointer(*ifap, ifa); 534 535 inet_hash_insert(dev_net(in_dev->dev), ifa); 536 537 cancel_delayed_work(&check_lifetime_work); 538 queue_delayed_work(system_power_efficient_wq, &check_lifetime_work, 0); 539 540 /* Send message first, then call notifier. 541 Notifier will trigger FIB update, so that 542 listeners of netlink will know about new ifaddr */ 543 rtmsg_ifa(RTM_NEWADDR, ifa, nlh, portid); 544 blocking_notifier_call_chain(&inetaddr_chain, NETDEV_UP, ifa); 545 546 return 0; 547 } 548 549 static int inet_insert_ifa(struct in_ifaddr *ifa) 550 { 551 return __inet_insert_ifa(ifa, NULL, 0, NULL); 552 } 553 554 static int inet_set_ifa(struct net_device *dev, struct in_ifaddr *ifa) 555 { 556 struct in_device *in_dev = __in_dev_get_rtnl(dev); 557 558 ASSERT_RTNL(); 559 560 if (!in_dev) { 561 inet_free_ifa(ifa); 562 return -ENOBUFS; 563 } 564 ipv4_devconf_setall(in_dev); 565 neigh_parms_data_state_setall(in_dev->arp_parms); 566 if (ifa->ifa_dev != in_dev) { 567 WARN_ON(ifa->ifa_dev); 568 in_dev_hold(in_dev); 569 ifa->ifa_dev = in_dev; 570 } 571 if (ipv4_is_loopback(ifa->ifa_local)) 572 ifa->ifa_scope = RT_SCOPE_HOST; 573 return inet_insert_ifa(ifa); 574 } 575 576 /* Caller must hold RCU or RTNL : 577 * We dont take a reference on found in_device 578 */ 579 struct in_device *inetdev_by_index(struct net *net, int ifindex) 580 { 581 struct net_device *dev; 582 struct in_device *in_dev = NULL; 583 584 rcu_read_lock(); 585 dev = dev_get_by_index_rcu(net, ifindex); 586 if (dev) 587 in_dev = rcu_dereference_rtnl(dev->ip_ptr); 588 rcu_read_unlock(); 589 return in_dev; 590 } 591 EXPORT_SYMBOL(inetdev_by_index); 592 593 /* Called only from RTNL semaphored context. No locks. */ 594 595 struct in_ifaddr *inet_ifa_byprefix(struct in_device *in_dev, __be32 prefix, 596 __be32 mask) 597 { 598 struct in_ifaddr *ifa; 599 600 ASSERT_RTNL(); 601 602 in_dev_for_each_ifa_rtnl(ifa, in_dev) { 603 if (ifa->ifa_mask == mask && inet_ifa_match(prefix, ifa)) 604 return ifa; 605 } 606 return NULL; 607 } 608 609 static int ip_mc_config(struct sock *sk, bool join, const struct in_ifaddr *ifa) 610 { 611 struct ip_mreqn mreq = { 612 .imr_multiaddr.s_addr = ifa->ifa_address, 613 .imr_ifindex = ifa->ifa_dev->dev->ifindex, 614 }; 615 int ret; 616 617 ASSERT_RTNL(); 618 619 lock_sock(sk); 620 if (join) 621 ret = ip_mc_join_group(sk, &mreq); 622 else 623 ret = ip_mc_leave_group(sk, &mreq); 624 release_sock(sk); 625 626 return ret; 627 } 628 629 static int inet_rtm_deladdr(struct sk_buff *skb, struct nlmsghdr *nlh, 630 struct netlink_ext_ack *extack) 631 { 632 struct net *net = sock_net(skb->sk); 633 struct in_ifaddr __rcu **ifap; 634 struct nlattr *tb[IFA_MAX+1]; 635 struct in_device *in_dev; 636 struct ifaddrmsg *ifm; 637 struct in_ifaddr *ifa; 638 639 int err = -EINVAL; 640 641 ASSERT_RTNL(); 642 643 err = nlmsg_parse_deprecated(nlh, sizeof(*ifm), tb, IFA_MAX, 644 ifa_ipv4_policy, extack); 645 if (err < 0) 646 goto errout; 647 648 ifm = nlmsg_data(nlh); 649 in_dev = inetdev_by_index(net, ifm->ifa_index); 650 if (!in_dev) { 651 err = -ENODEV; 652 goto errout; 653 } 654 655 for (ifap = &in_dev->ifa_list; (ifa = rtnl_dereference(*ifap)) != NULL; 656 ifap = &ifa->ifa_next) { 657 if (tb[IFA_LOCAL] && 658 ifa->ifa_local != nla_get_in_addr(tb[IFA_LOCAL])) 659 continue; 660 661 if (tb[IFA_LABEL] && nla_strcmp(tb[IFA_LABEL], ifa->ifa_label)) 662 continue; 663 664 if (tb[IFA_ADDRESS] && 665 (ifm->ifa_prefixlen != ifa->ifa_prefixlen || 666 !inet_ifa_match(nla_get_in_addr(tb[IFA_ADDRESS]), ifa))) 667 continue; 668 669 if (ipv4_is_multicast(ifa->ifa_address)) 670 ip_mc_config(net->ipv4.mc_autojoin_sk, false, ifa); 671 __inet_del_ifa(in_dev, ifap, 1, nlh, NETLINK_CB(skb).portid); 672 return 0; 673 } 674 675 err = -EADDRNOTAVAIL; 676 errout: 677 return err; 678 } 679 680 #define INFINITY_LIFE_TIME 0xFFFFFFFF 681 682 static void check_lifetime(struct work_struct *work) 683 { 684 unsigned long now, next, next_sec, next_sched; 685 struct in_ifaddr *ifa; 686 struct hlist_node *n; 687 int i; 688 689 now = jiffies; 690 next = round_jiffies_up(now + ADDR_CHECK_FREQUENCY); 691 692 for (i = 0; i < IN4_ADDR_HSIZE; i++) { 693 bool change_needed = false; 694 695 rcu_read_lock(); 696 hlist_for_each_entry_rcu(ifa, &inet_addr_lst[i], hash) { 697 unsigned long age; 698 699 if (ifa->ifa_flags & IFA_F_PERMANENT) 700 continue; 701 702 /* We try to batch several events at once. */ 703 age = (now - ifa->ifa_tstamp + 704 ADDRCONF_TIMER_FUZZ_MINUS) / HZ; 705 706 if (ifa->ifa_valid_lft != INFINITY_LIFE_TIME && 707 age >= ifa->ifa_valid_lft) { 708 change_needed = true; 709 } else if (ifa->ifa_preferred_lft == 710 INFINITY_LIFE_TIME) { 711 continue; 712 } else if (age >= ifa->ifa_preferred_lft) { 713 if (time_before(ifa->ifa_tstamp + 714 ifa->ifa_valid_lft * HZ, next)) 715 next = ifa->ifa_tstamp + 716 ifa->ifa_valid_lft * HZ; 717 718 if (!(ifa->ifa_flags & IFA_F_DEPRECATED)) 719 change_needed = true; 720 } else if (time_before(ifa->ifa_tstamp + 721 ifa->ifa_preferred_lft * HZ, 722 next)) { 723 next = ifa->ifa_tstamp + 724 ifa->ifa_preferred_lft * HZ; 725 } 726 } 727 rcu_read_unlock(); 728 if (!change_needed) 729 continue; 730 rtnl_lock(); 731 hlist_for_each_entry_safe(ifa, n, &inet_addr_lst[i], hash) { 732 unsigned long age; 733 734 if (ifa->ifa_flags & IFA_F_PERMANENT) 735 continue; 736 737 /* We try to batch several events at once. */ 738 age = (now - ifa->ifa_tstamp + 739 ADDRCONF_TIMER_FUZZ_MINUS) / HZ; 740 741 if (ifa->ifa_valid_lft != INFINITY_LIFE_TIME && 742 age >= ifa->ifa_valid_lft) { 743 struct in_ifaddr __rcu **ifap; 744 struct in_ifaddr *tmp; 745 746 ifap = &ifa->ifa_dev->ifa_list; 747 tmp = rtnl_dereference(*ifap); 748 while (tmp) { 749 if (tmp == ifa) { 750 inet_del_ifa(ifa->ifa_dev, 751 ifap, 1); 752 break; 753 } 754 ifap = &tmp->ifa_next; 755 tmp = rtnl_dereference(*ifap); 756 } 757 } else if (ifa->ifa_preferred_lft != 758 INFINITY_LIFE_TIME && 759 age >= ifa->ifa_preferred_lft && 760 !(ifa->ifa_flags & IFA_F_DEPRECATED)) { 761 ifa->ifa_flags |= IFA_F_DEPRECATED; 762 rtmsg_ifa(RTM_NEWADDR, ifa, NULL, 0); 763 } 764 } 765 rtnl_unlock(); 766 } 767 768 next_sec = round_jiffies_up(next); 769 next_sched = next; 770 771 /* If rounded timeout is accurate enough, accept it. */ 772 if (time_before(next_sec, next + ADDRCONF_TIMER_FUZZ)) 773 next_sched = next_sec; 774 775 now = jiffies; 776 /* And minimum interval is ADDRCONF_TIMER_FUZZ_MAX. */ 777 if (time_before(next_sched, now + ADDRCONF_TIMER_FUZZ_MAX)) 778 next_sched = now + ADDRCONF_TIMER_FUZZ_MAX; 779 780 queue_delayed_work(system_power_efficient_wq, &check_lifetime_work, 781 next_sched - now); 782 } 783 784 static void set_ifa_lifetime(struct in_ifaddr *ifa, __u32 valid_lft, 785 __u32 prefered_lft) 786 { 787 unsigned long timeout; 788 789 ifa->ifa_flags &= ~(IFA_F_PERMANENT | IFA_F_DEPRECATED); 790 791 timeout = addrconf_timeout_fixup(valid_lft, HZ); 792 if (addrconf_finite_timeout(timeout)) 793 ifa->ifa_valid_lft = timeout; 794 else 795 ifa->ifa_flags |= IFA_F_PERMANENT; 796 797 timeout = addrconf_timeout_fixup(prefered_lft, HZ); 798 if (addrconf_finite_timeout(timeout)) { 799 if (timeout == 0) 800 ifa->ifa_flags |= IFA_F_DEPRECATED; 801 ifa->ifa_preferred_lft = timeout; 802 } 803 ifa->ifa_tstamp = jiffies; 804 if (!ifa->ifa_cstamp) 805 ifa->ifa_cstamp = ifa->ifa_tstamp; 806 } 807 808 static struct in_ifaddr *rtm_to_ifaddr(struct net *net, struct nlmsghdr *nlh, 809 __u32 *pvalid_lft, __u32 *pprefered_lft, 810 struct netlink_ext_ack *extack) 811 { 812 struct nlattr *tb[IFA_MAX+1]; 813 struct in_ifaddr *ifa; 814 struct ifaddrmsg *ifm; 815 struct net_device *dev; 816 struct in_device *in_dev; 817 int err; 818 819 err = nlmsg_parse_deprecated(nlh, sizeof(*ifm), tb, IFA_MAX, 820 ifa_ipv4_policy, extack); 821 if (err < 0) 822 goto errout; 823 824 ifm = nlmsg_data(nlh); 825 err = -EINVAL; 826 if (ifm->ifa_prefixlen > 32 || !tb[IFA_LOCAL]) 827 goto errout; 828 829 dev = __dev_get_by_index(net, ifm->ifa_index); 830 err = -ENODEV; 831 if (!dev) 832 goto errout; 833 834 in_dev = __in_dev_get_rtnl(dev); 835 err = -ENOBUFS; 836 if (!in_dev) 837 goto errout; 838 839 ifa = inet_alloc_ifa(); 840 if (!ifa) 841 /* 842 * A potential indev allocation can be left alive, it stays 843 * assigned to its device and is destroy with it. 844 */ 845 goto errout; 846 847 ipv4_devconf_setall(in_dev); 848 neigh_parms_data_state_setall(in_dev->arp_parms); 849 in_dev_hold(in_dev); 850 851 if (!tb[IFA_ADDRESS]) 852 tb[IFA_ADDRESS] = tb[IFA_LOCAL]; 853 854 INIT_HLIST_NODE(&ifa->hash); 855 ifa->ifa_prefixlen = ifm->ifa_prefixlen; 856 ifa->ifa_mask = inet_make_mask(ifm->ifa_prefixlen); 857 ifa->ifa_flags = tb[IFA_FLAGS] ? nla_get_u32(tb[IFA_FLAGS]) : 858 ifm->ifa_flags; 859 ifa->ifa_scope = ifm->ifa_scope; 860 ifa->ifa_dev = in_dev; 861 862 ifa->ifa_local = nla_get_in_addr(tb[IFA_LOCAL]); 863 ifa->ifa_address = nla_get_in_addr(tb[IFA_ADDRESS]); 864 865 if (tb[IFA_BROADCAST]) 866 ifa->ifa_broadcast = nla_get_in_addr(tb[IFA_BROADCAST]); 867 868 if (tb[IFA_LABEL]) 869 nla_strlcpy(ifa->ifa_label, tb[IFA_LABEL], IFNAMSIZ); 870 else 871 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ); 872 873 if (tb[IFA_RT_PRIORITY]) 874 ifa->ifa_rt_priority = nla_get_u32(tb[IFA_RT_PRIORITY]); 875 876 if (tb[IFA_CACHEINFO]) { 877 struct ifa_cacheinfo *ci; 878 879 ci = nla_data(tb[IFA_CACHEINFO]); 880 if (!ci->ifa_valid || ci->ifa_prefered > ci->ifa_valid) { 881 err = -EINVAL; 882 goto errout_free; 883 } 884 *pvalid_lft = ci->ifa_valid; 885 *pprefered_lft = ci->ifa_prefered; 886 } 887 888 return ifa; 889 890 errout_free: 891 inet_free_ifa(ifa); 892 errout: 893 return ERR_PTR(err); 894 } 895 896 static struct in_ifaddr *find_matching_ifa(struct in_ifaddr *ifa) 897 { 898 struct in_device *in_dev = ifa->ifa_dev; 899 struct in_ifaddr *ifa1; 900 901 if (!ifa->ifa_local) 902 return NULL; 903 904 in_dev_for_each_ifa_rtnl(ifa1, in_dev) { 905 if (ifa1->ifa_mask == ifa->ifa_mask && 906 inet_ifa_match(ifa1->ifa_address, ifa) && 907 ifa1->ifa_local == ifa->ifa_local) 908 return ifa1; 909 } 910 return NULL; 911 } 912 913 static int inet_rtm_newaddr(struct sk_buff *skb, struct nlmsghdr *nlh, 914 struct netlink_ext_ack *extack) 915 { 916 struct net *net = sock_net(skb->sk); 917 struct in_ifaddr *ifa; 918 struct in_ifaddr *ifa_existing; 919 __u32 valid_lft = INFINITY_LIFE_TIME; 920 __u32 prefered_lft = INFINITY_LIFE_TIME; 921 922 ASSERT_RTNL(); 923 924 ifa = rtm_to_ifaddr(net, nlh, &valid_lft, &prefered_lft, extack); 925 if (IS_ERR(ifa)) 926 return PTR_ERR(ifa); 927 928 ifa_existing = find_matching_ifa(ifa); 929 if (!ifa_existing) { 930 /* It would be best to check for !NLM_F_CREATE here but 931 * userspace already relies on not having to provide this. 932 */ 933 set_ifa_lifetime(ifa, valid_lft, prefered_lft); 934 if (ifa->ifa_flags & IFA_F_MCAUTOJOIN) { 935 int ret = ip_mc_config(net->ipv4.mc_autojoin_sk, 936 true, ifa); 937 938 if (ret < 0) { 939 inet_free_ifa(ifa); 940 return ret; 941 } 942 } 943 return __inet_insert_ifa(ifa, nlh, NETLINK_CB(skb).portid, 944 extack); 945 } else { 946 u32 new_metric = ifa->ifa_rt_priority; 947 948 inet_free_ifa(ifa); 949 950 if (nlh->nlmsg_flags & NLM_F_EXCL || 951 !(nlh->nlmsg_flags & NLM_F_REPLACE)) 952 return -EEXIST; 953 ifa = ifa_existing; 954 955 if (ifa->ifa_rt_priority != new_metric) { 956 fib_modify_prefix_metric(ifa, new_metric); 957 ifa->ifa_rt_priority = new_metric; 958 } 959 960 set_ifa_lifetime(ifa, valid_lft, prefered_lft); 961 cancel_delayed_work(&check_lifetime_work); 962 queue_delayed_work(system_power_efficient_wq, 963 &check_lifetime_work, 0); 964 rtmsg_ifa(RTM_NEWADDR, ifa, nlh, NETLINK_CB(skb).portid); 965 } 966 return 0; 967 } 968 969 /* 970 * Determine a default network mask, based on the IP address. 971 */ 972 973 static int inet_abc_len(__be32 addr) 974 { 975 int rc = -1; /* Something else, probably a multicast. */ 976 977 if (ipv4_is_zeronet(addr) || ipv4_is_lbcast(addr)) 978 rc = 0; 979 else { 980 __u32 haddr = ntohl(addr); 981 if (IN_CLASSA(haddr)) 982 rc = 8; 983 else if (IN_CLASSB(haddr)) 984 rc = 16; 985 else if (IN_CLASSC(haddr)) 986 rc = 24; 987 else if (IN_CLASSE(haddr)) 988 rc = 32; 989 } 990 991 return rc; 992 } 993 994 995 int devinet_ioctl(struct net *net, unsigned int cmd, struct ifreq *ifr) 996 { 997 struct sockaddr_in sin_orig; 998 struct sockaddr_in *sin = (struct sockaddr_in *)&ifr->ifr_addr; 999 struct in_ifaddr __rcu **ifap = NULL; 1000 struct in_device *in_dev; 1001 struct in_ifaddr *ifa = NULL; 1002 struct net_device *dev; 1003 char *colon; 1004 int ret = -EFAULT; 1005 int tryaddrmatch = 0; 1006 1007 ifr->ifr_name[IFNAMSIZ - 1] = 0; 1008 1009 /* save original address for comparison */ 1010 memcpy(&sin_orig, sin, sizeof(*sin)); 1011 1012 colon = strchr(ifr->ifr_name, ':'); 1013 if (colon) 1014 *colon = 0; 1015 1016 dev_load(net, ifr->ifr_name); 1017 1018 switch (cmd) { 1019 case SIOCGIFADDR: /* Get interface address */ 1020 case SIOCGIFBRDADDR: /* Get the broadcast address */ 1021 case SIOCGIFDSTADDR: /* Get the destination address */ 1022 case SIOCGIFNETMASK: /* Get the netmask for the interface */ 1023 /* Note that these ioctls will not sleep, 1024 so that we do not impose a lock. 1025 One day we will be forced to put shlock here (I mean SMP) 1026 */ 1027 tryaddrmatch = (sin_orig.sin_family == AF_INET); 1028 memset(sin, 0, sizeof(*sin)); 1029 sin->sin_family = AF_INET; 1030 break; 1031 1032 case SIOCSIFFLAGS: 1033 ret = -EPERM; 1034 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) 1035 goto out; 1036 break; 1037 case SIOCSIFADDR: /* Set interface address (and family) */ 1038 case SIOCSIFBRDADDR: /* Set the broadcast address */ 1039 case SIOCSIFDSTADDR: /* Set the destination address */ 1040 case SIOCSIFNETMASK: /* Set the netmask for the interface */ 1041 ret = -EPERM; 1042 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) 1043 goto out; 1044 ret = -EINVAL; 1045 if (sin->sin_family != AF_INET) 1046 goto out; 1047 break; 1048 default: 1049 ret = -EINVAL; 1050 goto out; 1051 } 1052 1053 rtnl_lock(); 1054 1055 ret = -ENODEV; 1056 dev = __dev_get_by_name(net, ifr->ifr_name); 1057 if (!dev) 1058 goto done; 1059 1060 if (colon) 1061 *colon = ':'; 1062 1063 in_dev = __in_dev_get_rtnl(dev); 1064 if (in_dev) { 1065 if (tryaddrmatch) { 1066 /* Matthias Andree */ 1067 /* compare label and address (4.4BSD style) */ 1068 /* note: we only do this for a limited set of ioctls 1069 and only if the original address family was AF_INET. 1070 This is checked above. */ 1071 1072 for (ifap = &in_dev->ifa_list; 1073 (ifa = rtnl_dereference(*ifap)) != NULL; 1074 ifap = &ifa->ifa_next) { 1075 if (!strcmp(ifr->ifr_name, ifa->ifa_label) && 1076 sin_orig.sin_addr.s_addr == 1077 ifa->ifa_local) { 1078 break; /* found */ 1079 } 1080 } 1081 } 1082 /* we didn't get a match, maybe the application is 1083 4.3BSD-style and passed in junk so we fall back to 1084 comparing just the label */ 1085 if (!ifa) { 1086 for (ifap = &in_dev->ifa_list; 1087 (ifa = rtnl_dereference(*ifap)) != NULL; 1088 ifap = &ifa->ifa_next) 1089 if (!strcmp(ifr->ifr_name, ifa->ifa_label)) 1090 break; 1091 } 1092 } 1093 1094 ret = -EADDRNOTAVAIL; 1095 if (!ifa && cmd != SIOCSIFADDR && cmd != SIOCSIFFLAGS) 1096 goto done; 1097 1098 switch (cmd) { 1099 case SIOCGIFADDR: /* Get interface address */ 1100 ret = 0; 1101 sin->sin_addr.s_addr = ifa->ifa_local; 1102 break; 1103 1104 case SIOCGIFBRDADDR: /* Get the broadcast address */ 1105 ret = 0; 1106 sin->sin_addr.s_addr = ifa->ifa_broadcast; 1107 break; 1108 1109 case SIOCGIFDSTADDR: /* Get the destination address */ 1110 ret = 0; 1111 sin->sin_addr.s_addr = ifa->ifa_address; 1112 break; 1113 1114 case SIOCGIFNETMASK: /* Get the netmask for the interface */ 1115 ret = 0; 1116 sin->sin_addr.s_addr = ifa->ifa_mask; 1117 break; 1118 1119 case SIOCSIFFLAGS: 1120 if (colon) { 1121 ret = -EADDRNOTAVAIL; 1122 if (!ifa) 1123 break; 1124 ret = 0; 1125 if (!(ifr->ifr_flags & IFF_UP)) 1126 inet_del_ifa(in_dev, ifap, 1); 1127 break; 1128 } 1129 ret = dev_change_flags(dev, ifr->ifr_flags, NULL); 1130 break; 1131 1132 case SIOCSIFADDR: /* Set interface address (and family) */ 1133 ret = -EINVAL; 1134 if (inet_abc_len(sin->sin_addr.s_addr) < 0) 1135 break; 1136 1137 if (!ifa) { 1138 ret = -ENOBUFS; 1139 ifa = inet_alloc_ifa(); 1140 if (!ifa) 1141 break; 1142 INIT_HLIST_NODE(&ifa->hash); 1143 if (colon) 1144 memcpy(ifa->ifa_label, ifr->ifr_name, IFNAMSIZ); 1145 else 1146 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ); 1147 } else { 1148 ret = 0; 1149 if (ifa->ifa_local == sin->sin_addr.s_addr) 1150 break; 1151 inet_del_ifa(in_dev, ifap, 0); 1152 ifa->ifa_broadcast = 0; 1153 ifa->ifa_scope = 0; 1154 } 1155 1156 ifa->ifa_address = ifa->ifa_local = sin->sin_addr.s_addr; 1157 1158 if (!(dev->flags & IFF_POINTOPOINT)) { 1159 ifa->ifa_prefixlen = inet_abc_len(ifa->ifa_address); 1160 ifa->ifa_mask = inet_make_mask(ifa->ifa_prefixlen); 1161 if ((dev->flags & IFF_BROADCAST) && 1162 ifa->ifa_prefixlen < 31) 1163 ifa->ifa_broadcast = ifa->ifa_address | 1164 ~ifa->ifa_mask; 1165 } else { 1166 ifa->ifa_prefixlen = 32; 1167 ifa->ifa_mask = inet_make_mask(32); 1168 } 1169 set_ifa_lifetime(ifa, INFINITY_LIFE_TIME, INFINITY_LIFE_TIME); 1170 ret = inet_set_ifa(dev, ifa); 1171 break; 1172 1173 case SIOCSIFBRDADDR: /* Set the broadcast address */ 1174 ret = 0; 1175 if (ifa->ifa_broadcast != sin->sin_addr.s_addr) { 1176 inet_del_ifa(in_dev, ifap, 0); 1177 ifa->ifa_broadcast = sin->sin_addr.s_addr; 1178 inet_insert_ifa(ifa); 1179 } 1180 break; 1181 1182 case SIOCSIFDSTADDR: /* Set the destination address */ 1183 ret = 0; 1184 if (ifa->ifa_address == sin->sin_addr.s_addr) 1185 break; 1186 ret = -EINVAL; 1187 if (inet_abc_len(sin->sin_addr.s_addr) < 0) 1188 break; 1189 ret = 0; 1190 inet_del_ifa(in_dev, ifap, 0); 1191 ifa->ifa_address = sin->sin_addr.s_addr; 1192 inet_insert_ifa(ifa); 1193 break; 1194 1195 case SIOCSIFNETMASK: /* Set the netmask for the interface */ 1196 1197 /* 1198 * The mask we set must be legal. 1199 */ 1200 ret = -EINVAL; 1201 if (bad_mask(sin->sin_addr.s_addr, 0)) 1202 break; 1203 ret = 0; 1204 if (ifa->ifa_mask != sin->sin_addr.s_addr) { 1205 __be32 old_mask = ifa->ifa_mask; 1206 inet_del_ifa(in_dev, ifap, 0); 1207 ifa->ifa_mask = sin->sin_addr.s_addr; 1208 ifa->ifa_prefixlen = inet_mask_len(ifa->ifa_mask); 1209 1210 /* See if current broadcast address matches 1211 * with current netmask, then recalculate 1212 * the broadcast address. Otherwise it's a 1213 * funny address, so don't touch it since 1214 * the user seems to know what (s)he's doing... 1215 */ 1216 if ((dev->flags & IFF_BROADCAST) && 1217 (ifa->ifa_prefixlen < 31) && 1218 (ifa->ifa_broadcast == 1219 (ifa->ifa_local|~old_mask))) { 1220 ifa->ifa_broadcast = (ifa->ifa_local | 1221 ~sin->sin_addr.s_addr); 1222 } 1223 inet_insert_ifa(ifa); 1224 } 1225 break; 1226 } 1227 done: 1228 rtnl_unlock(); 1229 out: 1230 return ret; 1231 } 1232 1233 static int inet_gifconf(struct net_device *dev, char __user *buf, int len, int size) 1234 { 1235 struct in_device *in_dev = __in_dev_get_rtnl(dev); 1236 const struct in_ifaddr *ifa; 1237 struct ifreq ifr; 1238 int done = 0; 1239 1240 if (WARN_ON(size > sizeof(struct ifreq))) 1241 goto out; 1242 1243 if (!in_dev) 1244 goto out; 1245 1246 in_dev_for_each_ifa_rtnl(ifa, in_dev) { 1247 if (!buf) { 1248 done += size; 1249 continue; 1250 } 1251 if (len < size) 1252 break; 1253 memset(&ifr, 0, sizeof(struct ifreq)); 1254 strcpy(ifr.ifr_name, ifa->ifa_label); 1255 1256 (*(struct sockaddr_in *)&ifr.ifr_addr).sin_family = AF_INET; 1257 (*(struct sockaddr_in *)&ifr.ifr_addr).sin_addr.s_addr = 1258 ifa->ifa_local; 1259 1260 if (copy_to_user(buf + done, &ifr, size)) { 1261 done = -EFAULT; 1262 break; 1263 } 1264 len -= size; 1265 done += size; 1266 } 1267 out: 1268 return done; 1269 } 1270 1271 static __be32 in_dev_select_addr(const struct in_device *in_dev, 1272 int scope) 1273 { 1274 const struct in_ifaddr *ifa; 1275 1276 in_dev_for_each_ifa_rcu(ifa, in_dev) { 1277 if (ifa->ifa_flags & IFA_F_SECONDARY) 1278 continue; 1279 if (ifa->ifa_scope != RT_SCOPE_LINK && 1280 ifa->ifa_scope <= scope) 1281 return ifa->ifa_local; 1282 } 1283 1284 return 0; 1285 } 1286 1287 __be32 inet_select_addr(const struct net_device *dev, __be32 dst, int scope) 1288 { 1289 const struct in_ifaddr *ifa; 1290 __be32 addr = 0; 1291 unsigned char localnet_scope = RT_SCOPE_HOST; 1292 struct in_device *in_dev; 1293 struct net *net = dev_net(dev); 1294 int master_idx; 1295 1296 rcu_read_lock(); 1297 in_dev = __in_dev_get_rcu(dev); 1298 if (!in_dev) 1299 goto no_in_dev; 1300 1301 if (unlikely(IN_DEV_ROUTE_LOCALNET(in_dev))) 1302 localnet_scope = RT_SCOPE_LINK; 1303 1304 in_dev_for_each_ifa_rcu(ifa, in_dev) { 1305 if (ifa->ifa_flags & IFA_F_SECONDARY) 1306 continue; 1307 if (min(ifa->ifa_scope, localnet_scope) > scope) 1308 continue; 1309 if (!dst || inet_ifa_match(dst, ifa)) { 1310 addr = ifa->ifa_local; 1311 break; 1312 } 1313 if (!addr) 1314 addr = ifa->ifa_local; 1315 } 1316 1317 if (addr) 1318 goto out_unlock; 1319 no_in_dev: 1320 master_idx = l3mdev_master_ifindex_rcu(dev); 1321 1322 /* For VRFs, the VRF device takes the place of the loopback device, 1323 * with addresses on it being preferred. Note in such cases the 1324 * loopback device will be among the devices that fail the master_idx 1325 * equality check in the loop below. 1326 */ 1327 if (master_idx && 1328 (dev = dev_get_by_index_rcu(net, master_idx)) && 1329 (in_dev = __in_dev_get_rcu(dev))) { 1330 addr = in_dev_select_addr(in_dev, scope); 1331 if (addr) 1332 goto out_unlock; 1333 } 1334 1335 /* Not loopback addresses on loopback should be preferred 1336 in this case. It is important that lo is the first interface 1337 in dev_base list. 1338 */ 1339 for_each_netdev_rcu(net, dev) { 1340 if (l3mdev_master_ifindex_rcu(dev) != master_idx) 1341 continue; 1342 1343 in_dev = __in_dev_get_rcu(dev); 1344 if (!in_dev) 1345 continue; 1346 1347 addr = in_dev_select_addr(in_dev, scope); 1348 if (addr) 1349 goto out_unlock; 1350 } 1351 out_unlock: 1352 rcu_read_unlock(); 1353 return addr; 1354 } 1355 EXPORT_SYMBOL(inet_select_addr); 1356 1357 static __be32 confirm_addr_indev(struct in_device *in_dev, __be32 dst, 1358 __be32 local, int scope) 1359 { 1360 unsigned char localnet_scope = RT_SCOPE_HOST; 1361 const struct in_ifaddr *ifa; 1362 __be32 addr = 0; 1363 int same = 0; 1364 1365 if (unlikely(IN_DEV_ROUTE_LOCALNET(in_dev))) 1366 localnet_scope = RT_SCOPE_LINK; 1367 1368 in_dev_for_each_ifa_rcu(ifa, in_dev) { 1369 unsigned char min_scope = min(ifa->ifa_scope, localnet_scope); 1370 1371 if (!addr && 1372 (local == ifa->ifa_local || !local) && 1373 min_scope <= scope) { 1374 addr = ifa->ifa_local; 1375 if (same) 1376 break; 1377 } 1378 if (!same) { 1379 same = (!local || inet_ifa_match(local, ifa)) && 1380 (!dst || inet_ifa_match(dst, ifa)); 1381 if (same && addr) { 1382 if (local || !dst) 1383 break; 1384 /* Is the selected addr into dst subnet? */ 1385 if (inet_ifa_match(addr, ifa)) 1386 break; 1387 /* No, then can we use new local src? */ 1388 if (min_scope <= scope) { 1389 addr = ifa->ifa_local; 1390 break; 1391 } 1392 /* search for large dst subnet for addr */ 1393 same = 0; 1394 } 1395 } 1396 } 1397 1398 return same ? addr : 0; 1399 } 1400 1401 /* 1402 * Confirm that local IP address exists using wildcards: 1403 * - net: netns to check, cannot be NULL 1404 * - in_dev: only on this interface, NULL=any interface 1405 * - dst: only in the same subnet as dst, 0=any dst 1406 * - local: address, 0=autoselect the local address 1407 * - scope: maximum allowed scope value for the local address 1408 */ 1409 __be32 inet_confirm_addr(struct net *net, struct in_device *in_dev, 1410 __be32 dst, __be32 local, int scope) 1411 { 1412 __be32 addr = 0; 1413 struct net_device *dev; 1414 1415 if (in_dev) 1416 return confirm_addr_indev(in_dev, dst, local, scope); 1417 1418 rcu_read_lock(); 1419 for_each_netdev_rcu(net, dev) { 1420 in_dev = __in_dev_get_rcu(dev); 1421 if (in_dev) { 1422 addr = confirm_addr_indev(in_dev, dst, local, scope); 1423 if (addr) 1424 break; 1425 } 1426 } 1427 rcu_read_unlock(); 1428 1429 return addr; 1430 } 1431 EXPORT_SYMBOL(inet_confirm_addr); 1432 1433 /* 1434 * Device notifier 1435 */ 1436 1437 int register_inetaddr_notifier(struct notifier_block *nb) 1438 { 1439 return blocking_notifier_chain_register(&inetaddr_chain, nb); 1440 } 1441 EXPORT_SYMBOL(register_inetaddr_notifier); 1442 1443 int unregister_inetaddr_notifier(struct notifier_block *nb) 1444 { 1445 return blocking_notifier_chain_unregister(&inetaddr_chain, nb); 1446 } 1447 EXPORT_SYMBOL(unregister_inetaddr_notifier); 1448 1449 int register_inetaddr_validator_notifier(struct notifier_block *nb) 1450 { 1451 return blocking_notifier_chain_register(&inetaddr_validator_chain, nb); 1452 } 1453 EXPORT_SYMBOL(register_inetaddr_validator_notifier); 1454 1455 int unregister_inetaddr_validator_notifier(struct notifier_block *nb) 1456 { 1457 return blocking_notifier_chain_unregister(&inetaddr_validator_chain, 1458 nb); 1459 } 1460 EXPORT_SYMBOL(unregister_inetaddr_validator_notifier); 1461 1462 /* Rename ifa_labels for a device name change. Make some effort to preserve 1463 * existing alias numbering and to create unique labels if possible. 1464 */ 1465 static void inetdev_changename(struct net_device *dev, struct in_device *in_dev) 1466 { 1467 struct in_ifaddr *ifa; 1468 int named = 0; 1469 1470 in_dev_for_each_ifa_rtnl(ifa, in_dev) { 1471 char old[IFNAMSIZ], *dot; 1472 1473 memcpy(old, ifa->ifa_label, IFNAMSIZ); 1474 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ); 1475 if (named++ == 0) 1476 goto skip; 1477 dot = strchr(old, ':'); 1478 if (!dot) { 1479 sprintf(old, ":%d", named); 1480 dot = old; 1481 } 1482 if (strlen(dot) + strlen(dev->name) < IFNAMSIZ) 1483 strcat(ifa->ifa_label, dot); 1484 else 1485 strcpy(ifa->ifa_label + (IFNAMSIZ - strlen(dot) - 1), dot); 1486 skip: 1487 rtmsg_ifa(RTM_NEWADDR, ifa, NULL, 0); 1488 } 1489 } 1490 1491 static bool inetdev_valid_mtu(unsigned int mtu) 1492 { 1493 return mtu >= IPV4_MIN_MTU; 1494 } 1495 1496 static void inetdev_send_gratuitous_arp(struct net_device *dev, 1497 struct in_device *in_dev) 1498 1499 { 1500 const struct in_ifaddr *ifa; 1501 1502 in_dev_for_each_ifa_rtnl(ifa, in_dev) { 1503 arp_send(ARPOP_REQUEST, ETH_P_ARP, 1504 ifa->ifa_local, dev, 1505 ifa->ifa_local, NULL, 1506 dev->dev_addr, NULL); 1507 } 1508 } 1509 1510 /* Called only under RTNL semaphore */ 1511 1512 static int inetdev_event(struct notifier_block *this, unsigned long event, 1513 void *ptr) 1514 { 1515 struct net_device *dev = netdev_notifier_info_to_dev(ptr); 1516 struct in_device *in_dev = __in_dev_get_rtnl(dev); 1517 1518 ASSERT_RTNL(); 1519 1520 if (!in_dev) { 1521 if (event == NETDEV_REGISTER) { 1522 in_dev = inetdev_init(dev); 1523 if (IS_ERR(in_dev)) 1524 return notifier_from_errno(PTR_ERR(in_dev)); 1525 if (dev->flags & IFF_LOOPBACK) { 1526 IN_DEV_CONF_SET(in_dev, NOXFRM, 1); 1527 IN_DEV_CONF_SET(in_dev, NOPOLICY, 1); 1528 } 1529 } else if (event == NETDEV_CHANGEMTU) { 1530 /* Re-enabling IP */ 1531 if (inetdev_valid_mtu(dev->mtu)) 1532 in_dev = inetdev_init(dev); 1533 } 1534 goto out; 1535 } 1536 1537 switch (event) { 1538 case NETDEV_REGISTER: 1539 pr_debug("%s: bug\n", __func__); 1540 RCU_INIT_POINTER(dev->ip_ptr, NULL); 1541 break; 1542 case NETDEV_UP: 1543 if (!inetdev_valid_mtu(dev->mtu)) 1544 break; 1545 if (dev->flags & IFF_LOOPBACK) { 1546 struct in_ifaddr *ifa = inet_alloc_ifa(); 1547 1548 if (ifa) { 1549 INIT_HLIST_NODE(&ifa->hash); 1550 ifa->ifa_local = 1551 ifa->ifa_address = htonl(INADDR_LOOPBACK); 1552 ifa->ifa_prefixlen = 8; 1553 ifa->ifa_mask = inet_make_mask(8); 1554 in_dev_hold(in_dev); 1555 ifa->ifa_dev = in_dev; 1556 ifa->ifa_scope = RT_SCOPE_HOST; 1557 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ); 1558 set_ifa_lifetime(ifa, INFINITY_LIFE_TIME, 1559 INFINITY_LIFE_TIME); 1560 ipv4_devconf_setall(in_dev); 1561 neigh_parms_data_state_setall(in_dev->arp_parms); 1562 inet_insert_ifa(ifa); 1563 } 1564 } 1565 ip_mc_up(in_dev); 1566 /* fall through */ 1567 case NETDEV_CHANGEADDR: 1568 if (!IN_DEV_ARP_NOTIFY(in_dev)) 1569 break; 1570 /* fall through */ 1571 case NETDEV_NOTIFY_PEERS: 1572 /* Send gratuitous ARP to notify of link change */ 1573 inetdev_send_gratuitous_arp(dev, in_dev); 1574 break; 1575 case NETDEV_DOWN: 1576 ip_mc_down(in_dev); 1577 break; 1578 case NETDEV_PRE_TYPE_CHANGE: 1579 ip_mc_unmap(in_dev); 1580 break; 1581 case NETDEV_POST_TYPE_CHANGE: 1582 ip_mc_remap(in_dev); 1583 break; 1584 case NETDEV_CHANGEMTU: 1585 if (inetdev_valid_mtu(dev->mtu)) 1586 break; 1587 /* disable IP when MTU is not enough */ 1588 /* fall through */ 1589 case NETDEV_UNREGISTER: 1590 inetdev_destroy(in_dev); 1591 break; 1592 case NETDEV_CHANGENAME: 1593 /* Do not notify about label change, this event is 1594 * not interesting to applications using netlink. 1595 */ 1596 inetdev_changename(dev, in_dev); 1597 1598 devinet_sysctl_unregister(in_dev); 1599 devinet_sysctl_register(in_dev); 1600 break; 1601 } 1602 out: 1603 return NOTIFY_DONE; 1604 } 1605 1606 static struct notifier_block ip_netdev_notifier = { 1607 .notifier_call = inetdev_event, 1608 }; 1609 1610 static size_t inet_nlmsg_size(void) 1611 { 1612 return NLMSG_ALIGN(sizeof(struct ifaddrmsg)) 1613 + nla_total_size(4) /* IFA_ADDRESS */ 1614 + nla_total_size(4) /* IFA_LOCAL */ 1615 + nla_total_size(4) /* IFA_BROADCAST */ 1616 + nla_total_size(IFNAMSIZ) /* IFA_LABEL */ 1617 + nla_total_size(4) /* IFA_FLAGS */ 1618 + nla_total_size(4) /* IFA_RT_PRIORITY */ 1619 + nla_total_size(sizeof(struct ifa_cacheinfo)); /* IFA_CACHEINFO */ 1620 } 1621 1622 static inline u32 cstamp_delta(unsigned long cstamp) 1623 { 1624 return (cstamp - INITIAL_JIFFIES) * 100UL / HZ; 1625 } 1626 1627 static int put_cacheinfo(struct sk_buff *skb, unsigned long cstamp, 1628 unsigned long tstamp, u32 preferred, u32 valid) 1629 { 1630 struct ifa_cacheinfo ci; 1631 1632 ci.cstamp = cstamp_delta(cstamp); 1633 ci.tstamp = cstamp_delta(tstamp); 1634 ci.ifa_prefered = preferred; 1635 ci.ifa_valid = valid; 1636 1637 return nla_put(skb, IFA_CACHEINFO, sizeof(ci), &ci); 1638 } 1639 1640 static int inet_fill_ifaddr(struct sk_buff *skb, struct in_ifaddr *ifa, 1641 struct inet_fill_args *args) 1642 { 1643 struct ifaddrmsg *ifm; 1644 struct nlmsghdr *nlh; 1645 u32 preferred, valid; 1646 1647 nlh = nlmsg_put(skb, args->portid, args->seq, args->event, sizeof(*ifm), 1648 args->flags); 1649 if (!nlh) 1650 return -EMSGSIZE; 1651 1652 ifm = nlmsg_data(nlh); 1653 ifm->ifa_family = AF_INET; 1654 ifm->ifa_prefixlen = ifa->ifa_prefixlen; 1655 ifm->ifa_flags = ifa->ifa_flags; 1656 ifm->ifa_scope = ifa->ifa_scope; 1657 ifm->ifa_index = ifa->ifa_dev->dev->ifindex; 1658 1659 if (args->netnsid >= 0 && 1660 nla_put_s32(skb, IFA_TARGET_NETNSID, args->netnsid)) 1661 goto nla_put_failure; 1662 1663 if (!(ifm->ifa_flags & IFA_F_PERMANENT)) { 1664 preferred = ifa->ifa_preferred_lft; 1665 valid = ifa->ifa_valid_lft; 1666 if (preferred != INFINITY_LIFE_TIME) { 1667 long tval = (jiffies - ifa->ifa_tstamp) / HZ; 1668 1669 if (preferred > tval) 1670 preferred -= tval; 1671 else 1672 preferred = 0; 1673 if (valid != INFINITY_LIFE_TIME) { 1674 if (valid > tval) 1675 valid -= tval; 1676 else 1677 valid = 0; 1678 } 1679 } 1680 } else { 1681 preferred = INFINITY_LIFE_TIME; 1682 valid = INFINITY_LIFE_TIME; 1683 } 1684 if ((ifa->ifa_address && 1685 nla_put_in_addr(skb, IFA_ADDRESS, ifa->ifa_address)) || 1686 (ifa->ifa_local && 1687 nla_put_in_addr(skb, IFA_LOCAL, ifa->ifa_local)) || 1688 (ifa->ifa_broadcast && 1689 nla_put_in_addr(skb, IFA_BROADCAST, ifa->ifa_broadcast)) || 1690 (ifa->ifa_label[0] && 1691 nla_put_string(skb, IFA_LABEL, ifa->ifa_label)) || 1692 nla_put_u32(skb, IFA_FLAGS, ifa->ifa_flags) || 1693 (ifa->ifa_rt_priority && 1694 nla_put_u32(skb, IFA_RT_PRIORITY, ifa->ifa_rt_priority)) || 1695 put_cacheinfo(skb, ifa->ifa_cstamp, ifa->ifa_tstamp, 1696 preferred, valid)) 1697 goto nla_put_failure; 1698 1699 nlmsg_end(skb, nlh); 1700 return 0; 1701 1702 nla_put_failure: 1703 nlmsg_cancel(skb, nlh); 1704 return -EMSGSIZE; 1705 } 1706 1707 static int inet_valid_dump_ifaddr_req(const struct nlmsghdr *nlh, 1708 struct inet_fill_args *fillargs, 1709 struct net **tgt_net, struct sock *sk, 1710 struct netlink_callback *cb) 1711 { 1712 struct netlink_ext_ack *extack = cb->extack; 1713 struct nlattr *tb[IFA_MAX+1]; 1714 struct ifaddrmsg *ifm; 1715 int err, i; 1716 1717 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*ifm))) { 1718 NL_SET_ERR_MSG(extack, "ipv4: Invalid header for address dump request"); 1719 return -EINVAL; 1720 } 1721 1722 ifm = nlmsg_data(nlh); 1723 if (ifm->ifa_prefixlen || ifm->ifa_flags || ifm->ifa_scope) { 1724 NL_SET_ERR_MSG(extack, "ipv4: Invalid values in header for address dump request"); 1725 return -EINVAL; 1726 } 1727 1728 fillargs->ifindex = ifm->ifa_index; 1729 if (fillargs->ifindex) { 1730 cb->answer_flags |= NLM_F_DUMP_FILTERED; 1731 fillargs->flags |= NLM_F_DUMP_FILTERED; 1732 } 1733 1734 err = nlmsg_parse_deprecated_strict(nlh, sizeof(*ifm), tb, IFA_MAX, 1735 ifa_ipv4_policy, extack); 1736 if (err < 0) 1737 return err; 1738 1739 for (i = 0; i <= IFA_MAX; ++i) { 1740 if (!tb[i]) 1741 continue; 1742 1743 if (i == IFA_TARGET_NETNSID) { 1744 struct net *net; 1745 1746 fillargs->netnsid = nla_get_s32(tb[i]); 1747 1748 net = rtnl_get_net_ns_capable(sk, fillargs->netnsid); 1749 if (IS_ERR(net)) { 1750 fillargs->netnsid = -1; 1751 NL_SET_ERR_MSG(extack, "ipv4: Invalid target network namespace id"); 1752 return PTR_ERR(net); 1753 } 1754 *tgt_net = net; 1755 } else { 1756 NL_SET_ERR_MSG(extack, "ipv4: Unsupported attribute in dump request"); 1757 return -EINVAL; 1758 } 1759 } 1760 1761 return 0; 1762 } 1763 1764 static int in_dev_dump_addr(struct in_device *in_dev, struct sk_buff *skb, 1765 struct netlink_callback *cb, int s_ip_idx, 1766 struct inet_fill_args *fillargs) 1767 { 1768 struct in_ifaddr *ifa; 1769 int ip_idx = 0; 1770 int err; 1771 1772 in_dev_for_each_ifa_rtnl(ifa, in_dev) { 1773 if (ip_idx < s_ip_idx) { 1774 ip_idx++; 1775 continue; 1776 } 1777 err = inet_fill_ifaddr(skb, ifa, fillargs); 1778 if (err < 0) 1779 goto done; 1780 1781 nl_dump_check_consistent(cb, nlmsg_hdr(skb)); 1782 ip_idx++; 1783 } 1784 err = 0; 1785 1786 done: 1787 cb->args[2] = ip_idx; 1788 1789 return err; 1790 } 1791 1792 static int inet_dump_ifaddr(struct sk_buff *skb, struct netlink_callback *cb) 1793 { 1794 const struct nlmsghdr *nlh = cb->nlh; 1795 struct inet_fill_args fillargs = { 1796 .portid = NETLINK_CB(cb->skb).portid, 1797 .seq = nlh->nlmsg_seq, 1798 .event = RTM_NEWADDR, 1799 .flags = NLM_F_MULTI, 1800 .netnsid = -1, 1801 }; 1802 struct net *net = sock_net(skb->sk); 1803 struct net *tgt_net = net; 1804 int h, s_h; 1805 int idx, s_idx; 1806 int s_ip_idx; 1807 struct net_device *dev; 1808 struct in_device *in_dev; 1809 struct hlist_head *head; 1810 int err = 0; 1811 1812 s_h = cb->args[0]; 1813 s_idx = idx = cb->args[1]; 1814 s_ip_idx = cb->args[2]; 1815 1816 if (cb->strict_check) { 1817 err = inet_valid_dump_ifaddr_req(nlh, &fillargs, &tgt_net, 1818 skb->sk, cb); 1819 if (err < 0) 1820 goto put_tgt_net; 1821 1822 err = 0; 1823 if (fillargs.ifindex) { 1824 dev = __dev_get_by_index(tgt_net, fillargs.ifindex); 1825 if (!dev) { 1826 err = -ENODEV; 1827 goto put_tgt_net; 1828 } 1829 1830 in_dev = __in_dev_get_rtnl(dev); 1831 if (in_dev) { 1832 err = in_dev_dump_addr(in_dev, skb, cb, s_ip_idx, 1833 &fillargs); 1834 } 1835 goto put_tgt_net; 1836 } 1837 } 1838 1839 for (h = s_h; h < NETDEV_HASHENTRIES; h++, s_idx = 0) { 1840 idx = 0; 1841 head = &tgt_net->dev_index_head[h]; 1842 rcu_read_lock(); 1843 cb->seq = atomic_read(&tgt_net->ipv4.dev_addr_genid) ^ 1844 tgt_net->dev_base_seq; 1845 hlist_for_each_entry_rcu(dev, head, index_hlist) { 1846 if (idx < s_idx) 1847 goto cont; 1848 if (h > s_h || idx > s_idx) 1849 s_ip_idx = 0; 1850 in_dev = __in_dev_get_rcu(dev); 1851 if (!in_dev) 1852 goto cont; 1853 1854 err = in_dev_dump_addr(in_dev, skb, cb, s_ip_idx, 1855 &fillargs); 1856 if (err < 0) { 1857 rcu_read_unlock(); 1858 goto done; 1859 } 1860 cont: 1861 idx++; 1862 } 1863 rcu_read_unlock(); 1864 } 1865 1866 done: 1867 cb->args[0] = h; 1868 cb->args[1] = idx; 1869 put_tgt_net: 1870 if (fillargs.netnsid >= 0) 1871 put_net(tgt_net); 1872 1873 return skb->len ? : err; 1874 } 1875 1876 static void rtmsg_ifa(int event, struct in_ifaddr *ifa, struct nlmsghdr *nlh, 1877 u32 portid) 1878 { 1879 struct inet_fill_args fillargs = { 1880 .portid = portid, 1881 .seq = nlh ? nlh->nlmsg_seq : 0, 1882 .event = event, 1883 .flags = 0, 1884 .netnsid = -1, 1885 }; 1886 struct sk_buff *skb; 1887 int err = -ENOBUFS; 1888 struct net *net; 1889 1890 net = dev_net(ifa->ifa_dev->dev); 1891 skb = nlmsg_new(inet_nlmsg_size(), GFP_KERNEL); 1892 if (!skb) 1893 goto errout; 1894 1895 err = inet_fill_ifaddr(skb, ifa, &fillargs); 1896 if (err < 0) { 1897 /* -EMSGSIZE implies BUG in inet_nlmsg_size() */ 1898 WARN_ON(err == -EMSGSIZE); 1899 kfree_skb(skb); 1900 goto errout; 1901 } 1902 rtnl_notify(skb, net, portid, RTNLGRP_IPV4_IFADDR, nlh, GFP_KERNEL); 1903 return; 1904 errout: 1905 if (err < 0) 1906 rtnl_set_sk_err(net, RTNLGRP_IPV4_IFADDR, err); 1907 } 1908 1909 static size_t inet_get_link_af_size(const struct net_device *dev, 1910 u32 ext_filter_mask) 1911 { 1912 struct in_device *in_dev = rcu_dereference_rtnl(dev->ip_ptr); 1913 1914 if (!in_dev) 1915 return 0; 1916 1917 return nla_total_size(IPV4_DEVCONF_MAX * 4); /* IFLA_INET_CONF */ 1918 } 1919 1920 static int inet_fill_link_af(struct sk_buff *skb, const struct net_device *dev, 1921 u32 ext_filter_mask) 1922 { 1923 struct in_device *in_dev = rcu_dereference_rtnl(dev->ip_ptr); 1924 struct nlattr *nla; 1925 int i; 1926 1927 if (!in_dev) 1928 return -ENODATA; 1929 1930 nla = nla_reserve(skb, IFLA_INET_CONF, IPV4_DEVCONF_MAX * 4); 1931 if (!nla) 1932 return -EMSGSIZE; 1933 1934 for (i = 0; i < IPV4_DEVCONF_MAX; i++) 1935 ((u32 *) nla_data(nla))[i] = in_dev->cnf.data[i]; 1936 1937 return 0; 1938 } 1939 1940 static const struct nla_policy inet_af_policy[IFLA_INET_MAX+1] = { 1941 [IFLA_INET_CONF] = { .type = NLA_NESTED }, 1942 }; 1943 1944 static int inet_validate_link_af(const struct net_device *dev, 1945 const struct nlattr *nla) 1946 { 1947 struct nlattr *a, *tb[IFLA_INET_MAX+1]; 1948 int err, rem; 1949 1950 if (dev && !__in_dev_get_rcu(dev)) 1951 return -EAFNOSUPPORT; 1952 1953 err = nla_parse_nested_deprecated(tb, IFLA_INET_MAX, nla, 1954 inet_af_policy, NULL); 1955 if (err < 0) 1956 return err; 1957 1958 if (tb[IFLA_INET_CONF]) { 1959 nla_for_each_nested(a, tb[IFLA_INET_CONF], rem) { 1960 int cfgid = nla_type(a); 1961 1962 if (nla_len(a) < 4) 1963 return -EINVAL; 1964 1965 if (cfgid <= 0 || cfgid > IPV4_DEVCONF_MAX) 1966 return -EINVAL; 1967 } 1968 } 1969 1970 return 0; 1971 } 1972 1973 static int inet_set_link_af(struct net_device *dev, const struct nlattr *nla) 1974 { 1975 struct in_device *in_dev = __in_dev_get_rcu(dev); 1976 struct nlattr *a, *tb[IFLA_INET_MAX+1]; 1977 int rem; 1978 1979 if (!in_dev) 1980 return -EAFNOSUPPORT; 1981 1982 if (nla_parse_nested_deprecated(tb, IFLA_INET_MAX, nla, NULL, NULL) < 0) 1983 BUG(); 1984 1985 if (tb[IFLA_INET_CONF]) { 1986 nla_for_each_nested(a, tb[IFLA_INET_CONF], rem) 1987 ipv4_devconf_set(in_dev, nla_type(a), nla_get_u32(a)); 1988 } 1989 1990 return 0; 1991 } 1992 1993 static int inet_netconf_msgsize_devconf(int type) 1994 { 1995 int size = NLMSG_ALIGN(sizeof(struct netconfmsg)) 1996 + nla_total_size(4); /* NETCONFA_IFINDEX */ 1997 bool all = false; 1998 1999 if (type == NETCONFA_ALL) 2000 all = true; 2001 2002 if (all || type == NETCONFA_FORWARDING) 2003 size += nla_total_size(4); 2004 if (all || type == NETCONFA_RP_FILTER) 2005 size += nla_total_size(4); 2006 if (all || type == NETCONFA_MC_FORWARDING) 2007 size += nla_total_size(4); 2008 if (all || type == NETCONFA_BC_FORWARDING) 2009 size += nla_total_size(4); 2010 if (all || type == NETCONFA_PROXY_NEIGH) 2011 size += nla_total_size(4); 2012 if (all || type == NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN) 2013 size += nla_total_size(4); 2014 2015 return size; 2016 } 2017 2018 static int inet_netconf_fill_devconf(struct sk_buff *skb, int ifindex, 2019 struct ipv4_devconf *devconf, u32 portid, 2020 u32 seq, int event, unsigned int flags, 2021 int type) 2022 { 2023 struct nlmsghdr *nlh; 2024 struct netconfmsg *ncm; 2025 bool all = false; 2026 2027 nlh = nlmsg_put(skb, portid, seq, event, sizeof(struct netconfmsg), 2028 flags); 2029 if (!nlh) 2030 return -EMSGSIZE; 2031 2032 if (type == NETCONFA_ALL) 2033 all = true; 2034 2035 ncm = nlmsg_data(nlh); 2036 ncm->ncm_family = AF_INET; 2037 2038 if (nla_put_s32(skb, NETCONFA_IFINDEX, ifindex) < 0) 2039 goto nla_put_failure; 2040 2041 if (!devconf) 2042 goto out; 2043 2044 if ((all || type == NETCONFA_FORWARDING) && 2045 nla_put_s32(skb, NETCONFA_FORWARDING, 2046 IPV4_DEVCONF(*devconf, FORWARDING)) < 0) 2047 goto nla_put_failure; 2048 if ((all || type == NETCONFA_RP_FILTER) && 2049 nla_put_s32(skb, NETCONFA_RP_FILTER, 2050 IPV4_DEVCONF(*devconf, RP_FILTER)) < 0) 2051 goto nla_put_failure; 2052 if ((all || type == NETCONFA_MC_FORWARDING) && 2053 nla_put_s32(skb, NETCONFA_MC_FORWARDING, 2054 IPV4_DEVCONF(*devconf, MC_FORWARDING)) < 0) 2055 goto nla_put_failure; 2056 if ((all || type == NETCONFA_BC_FORWARDING) && 2057 nla_put_s32(skb, NETCONFA_BC_FORWARDING, 2058 IPV4_DEVCONF(*devconf, BC_FORWARDING)) < 0) 2059 goto nla_put_failure; 2060 if ((all || type == NETCONFA_PROXY_NEIGH) && 2061 nla_put_s32(skb, NETCONFA_PROXY_NEIGH, 2062 IPV4_DEVCONF(*devconf, PROXY_ARP)) < 0) 2063 goto nla_put_failure; 2064 if ((all || type == NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN) && 2065 nla_put_s32(skb, NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN, 2066 IPV4_DEVCONF(*devconf, IGNORE_ROUTES_WITH_LINKDOWN)) < 0) 2067 goto nla_put_failure; 2068 2069 out: 2070 nlmsg_end(skb, nlh); 2071 return 0; 2072 2073 nla_put_failure: 2074 nlmsg_cancel(skb, nlh); 2075 return -EMSGSIZE; 2076 } 2077 2078 void inet_netconf_notify_devconf(struct net *net, int event, int type, 2079 int ifindex, struct ipv4_devconf *devconf) 2080 { 2081 struct sk_buff *skb; 2082 int err = -ENOBUFS; 2083 2084 skb = nlmsg_new(inet_netconf_msgsize_devconf(type), GFP_KERNEL); 2085 if (!skb) 2086 goto errout; 2087 2088 err = inet_netconf_fill_devconf(skb, ifindex, devconf, 0, 0, 2089 event, 0, type); 2090 if (err < 0) { 2091 /* -EMSGSIZE implies BUG in inet_netconf_msgsize_devconf() */ 2092 WARN_ON(err == -EMSGSIZE); 2093 kfree_skb(skb); 2094 goto errout; 2095 } 2096 rtnl_notify(skb, net, 0, RTNLGRP_IPV4_NETCONF, NULL, GFP_KERNEL); 2097 return; 2098 errout: 2099 if (err < 0) 2100 rtnl_set_sk_err(net, RTNLGRP_IPV4_NETCONF, err); 2101 } 2102 2103 static const struct nla_policy devconf_ipv4_policy[NETCONFA_MAX+1] = { 2104 [NETCONFA_IFINDEX] = { .len = sizeof(int) }, 2105 [NETCONFA_FORWARDING] = { .len = sizeof(int) }, 2106 [NETCONFA_RP_FILTER] = { .len = sizeof(int) }, 2107 [NETCONFA_PROXY_NEIGH] = { .len = sizeof(int) }, 2108 [NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN] = { .len = sizeof(int) }, 2109 }; 2110 2111 static int inet_netconf_valid_get_req(struct sk_buff *skb, 2112 const struct nlmsghdr *nlh, 2113 struct nlattr **tb, 2114 struct netlink_ext_ack *extack) 2115 { 2116 int i, err; 2117 2118 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(struct netconfmsg))) { 2119 NL_SET_ERR_MSG(extack, "ipv4: Invalid header for netconf get request"); 2120 return -EINVAL; 2121 } 2122 2123 if (!netlink_strict_get_check(skb)) 2124 return nlmsg_parse_deprecated(nlh, sizeof(struct netconfmsg), 2125 tb, NETCONFA_MAX, 2126 devconf_ipv4_policy, extack); 2127 2128 err = nlmsg_parse_deprecated_strict(nlh, sizeof(struct netconfmsg), 2129 tb, NETCONFA_MAX, 2130 devconf_ipv4_policy, extack); 2131 if (err) 2132 return err; 2133 2134 for (i = 0; i <= NETCONFA_MAX; i++) { 2135 if (!tb[i]) 2136 continue; 2137 2138 switch (i) { 2139 case NETCONFA_IFINDEX: 2140 break; 2141 default: 2142 NL_SET_ERR_MSG(extack, "ipv4: Unsupported attribute in netconf get request"); 2143 return -EINVAL; 2144 } 2145 } 2146 2147 return 0; 2148 } 2149 2150 static int inet_netconf_get_devconf(struct sk_buff *in_skb, 2151 struct nlmsghdr *nlh, 2152 struct netlink_ext_ack *extack) 2153 { 2154 struct net *net = sock_net(in_skb->sk); 2155 struct nlattr *tb[NETCONFA_MAX+1]; 2156 struct sk_buff *skb; 2157 struct ipv4_devconf *devconf; 2158 struct in_device *in_dev; 2159 struct net_device *dev; 2160 int ifindex; 2161 int err; 2162 2163 err = inet_netconf_valid_get_req(in_skb, nlh, tb, extack); 2164 if (err) 2165 goto errout; 2166 2167 err = -EINVAL; 2168 if (!tb[NETCONFA_IFINDEX]) 2169 goto errout; 2170 2171 ifindex = nla_get_s32(tb[NETCONFA_IFINDEX]); 2172 switch (ifindex) { 2173 case NETCONFA_IFINDEX_ALL: 2174 devconf = net->ipv4.devconf_all; 2175 break; 2176 case NETCONFA_IFINDEX_DEFAULT: 2177 devconf = net->ipv4.devconf_dflt; 2178 break; 2179 default: 2180 dev = __dev_get_by_index(net, ifindex); 2181 if (!dev) 2182 goto errout; 2183 in_dev = __in_dev_get_rtnl(dev); 2184 if (!in_dev) 2185 goto errout; 2186 devconf = &in_dev->cnf; 2187 break; 2188 } 2189 2190 err = -ENOBUFS; 2191 skb = nlmsg_new(inet_netconf_msgsize_devconf(NETCONFA_ALL), GFP_KERNEL); 2192 if (!skb) 2193 goto errout; 2194 2195 err = inet_netconf_fill_devconf(skb, ifindex, devconf, 2196 NETLINK_CB(in_skb).portid, 2197 nlh->nlmsg_seq, RTM_NEWNETCONF, 0, 2198 NETCONFA_ALL); 2199 if (err < 0) { 2200 /* -EMSGSIZE implies BUG in inet_netconf_msgsize_devconf() */ 2201 WARN_ON(err == -EMSGSIZE); 2202 kfree_skb(skb); 2203 goto errout; 2204 } 2205 err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).portid); 2206 errout: 2207 return err; 2208 } 2209 2210 static int inet_netconf_dump_devconf(struct sk_buff *skb, 2211 struct netlink_callback *cb) 2212 { 2213 const struct nlmsghdr *nlh = cb->nlh; 2214 struct net *net = sock_net(skb->sk); 2215 int h, s_h; 2216 int idx, s_idx; 2217 struct net_device *dev; 2218 struct in_device *in_dev; 2219 struct hlist_head *head; 2220 2221 if (cb->strict_check) { 2222 struct netlink_ext_ack *extack = cb->extack; 2223 struct netconfmsg *ncm; 2224 2225 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*ncm))) { 2226 NL_SET_ERR_MSG(extack, "ipv4: Invalid header for netconf dump request"); 2227 return -EINVAL; 2228 } 2229 2230 if (nlmsg_attrlen(nlh, sizeof(*ncm))) { 2231 NL_SET_ERR_MSG(extack, "ipv4: Invalid data after header in netconf dump request"); 2232 return -EINVAL; 2233 } 2234 } 2235 2236 s_h = cb->args[0]; 2237 s_idx = idx = cb->args[1]; 2238 2239 for (h = s_h; h < NETDEV_HASHENTRIES; h++, s_idx = 0) { 2240 idx = 0; 2241 head = &net->dev_index_head[h]; 2242 rcu_read_lock(); 2243 cb->seq = atomic_read(&net->ipv4.dev_addr_genid) ^ 2244 net->dev_base_seq; 2245 hlist_for_each_entry_rcu(dev, head, index_hlist) { 2246 if (idx < s_idx) 2247 goto cont; 2248 in_dev = __in_dev_get_rcu(dev); 2249 if (!in_dev) 2250 goto cont; 2251 2252 if (inet_netconf_fill_devconf(skb, dev->ifindex, 2253 &in_dev->cnf, 2254 NETLINK_CB(cb->skb).portid, 2255 nlh->nlmsg_seq, 2256 RTM_NEWNETCONF, 2257 NLM_F_MULTI, 2258 NETCONFA_ALL) < 0) { 2259 rcu_read_unlock(); 2260 goto done; 2261 } 2262 nl_dump_check_consistent(cb, nlmsg_hdr(skb)); 2263 cont: 2264 idx++; 2265 } 2266 rcu_read_unlock(); 2267 } 2268 if (h == NETDEV_HASHENTRIES) { 2269 if (inet_netconf_fill_devconf(skb, NETCONFA_IFINDEX_ALL, 2270 net->ipv4.devconf_all, 2271 NETLINK_CB(cb->skb).portid, 2272 nlh->nlmsg_seq, 2273 RTM_NEWNETCONF, NLM_F_MULTI, 2274 NETCONFA_ALL) < 0) 2275 goto done; 2276 else 2277 h++; 2278 } 2279 if (h == NETDEV_HASHENTRIES + 1) { 2280 if (inet_netconf_fill_devconf(skb, NETCONFA_IFINDEX_DEFAULT, 2281 net->ipv4.devconf_dflt, 2282 NETLINK_CB(cb->skb).portid, 2283 nlh->nlmsg_seq, 2284 RTM_NEWNETCONF, NLM_F_MULTI, 2285 NETCONFA_ALL) < 0) 2286 goto done; 2287 else 2288 h++; 2289 } 2290 done: 2291 cb->args[0] = h; 2292 cb->args[1] = idx; 2293 2294 return skb->len; 2295 } 2296 2297 #ifdef CONFIG_SYSCTL 2298 2299 static void devinet_copy_dflt_conf(struct net *net, int i) 2300 { 2301 struct net_device *dev; 2302 2303 rcu_read_lock(); 2304 for_each_netdev_rcu(net, dev) { 2305 struct in_device *in_dev; 2306 2307 in_dev = __in_dev_get_rcu(dev); 2308 if (in_dev && !test_bit(i, in_dev->cnf.state)) 2309 in_dev->cnf.data[i] = net->ipv4.devconf_dflt->data[i]; 2310 } 2311 rcu_read_unlock(); 2312 } 2313 2314 /* called with RTNL locked */ 2315 static void inet_forward_change(struct net *net) 2316 { 2317 struct net_device *dev; 2318 int on = IPV4_DEVCONF_ALL(net, FORWARDING); 2319 2320 IPV4_DEVCONF_ALL(net, ACCEPT_REDIRECTS) = !on; 2321 IPV4_DEVCONF_DFLT(net, FORWARDING) = on; 2322 inet_netconf_notify_devconf(net, RTM_NEWNETCONF, 2323 NETCONFA_FORWARDING, 2324 NETCONFA_IFINDEX_ALL, 2325 net->ipv4.devconf_all); 2326 inet_netconf_notify_devconf(net, RTM_NEWNETCONF, 2327 NETCONFA_FORWARDING, 2328 NETCONFA_IFINDEX_DEFAULT, 2329 net->ipv4.devconf_dflt); 2330 2331 for_each_netdev(net, dev) { 2332 struct in_device *in_dev; 2333 2334 if (on) 2335 dev_disable_lro(dev); 2336 2337 in_dev = __in_dev_get_rtnl(dev); 2338 if (in_dev) { 2339 IN_DEV_CONF_SET(in_dev, FORWARDING, on); 2340 inet_netconf_notify_devconf(net, RTM_NEWNETCONF, 2341 NETCONFA_FORWARDING, 2342 dev->ifindex, &in_dev->cnf); 2343 } 2344 } 2345 } 2346 2347 static int devinet_conf_ifindex(struct net *net, struct ipv4_devconf *cnf) 2348 { 2349 if (cnf == net->ipv4.devconf_dflt) 2350 return NETCONFA_IFINDEX_DEFAULT; 2351 else if (cnf == net->ipv4.devconf_all) 2352 return NETCONFA_IFINDEX_ALL; 2353 else { 2354 struct in_device *idev 2355 = container_of(cnf, struct in_device, cnf); 2356 return idev->dev->ifindex; 2357 } 2358 } 2359 2360 static int devinet_conf_proc(struct ctl_table *ctl, int write, 2361 void __user *buffer, 2362 size_t *lenp, loff_t *ppos) 2363 { 2364 int old_value = *(int *)ctl->data; 2365 int ret = proc_dointvec(ctl, write, buffer, lenp, ppos); 2366 int new_value = *(int *)ctl->data; 2367 2368 if (write) { 2369 struct ipv4_devconf *cnf = ctl->extra1; 2370 struct net *net = ctl->extra2; 2371 int i = (int *)ctl->data - cnf->data; 2372 int ifindex; 2373 2374 set_bit(i, cnf->state); 2375 2376 if (cnf == net->ipv4.devconf_dflt) 2377 devinet_copy_dflt_conf(net, i); 2378 if (i == IPV4_DEVCONF_ACCEPT_LOCAL - 1 || 2379 i == IPV4_DEVCONF_ROUTE_LOCALNET - 1) 2380 if ((new_value == 0) && (old_value != 0)) 2381 rt_cache_flush(net); 2382 2383 if (i == IPV4_DEVCONF_BC_FORWARDING - 1 && 2384 new_value != old_value) 2385 rt_cache_flush(net); 2386 2387 if (i == IPV4_DEVCONF_RP_FILTER - 1 && 2388 new_value != old_value) { 2389 ifindex = devinet_conf_ifindex(net, cnf); 2390 inet_netconf_notify_devconf(net, RTM_NEWNETCONF, 2391 NETCONFA_RP_FILTER, 2392 ifindex, cnf); 2393 } 2394 if (i == IPV4_DEVCONF_PROXY_ARP - 1 && 2395 new_value != old_value) { 2396 ifindex = devinet_conf_ifindex(net, cnf); 2397 inet_netconf_notify_devconf(net, RTM_NEWNETCONF, 2398 NETCONFA_PROXY_NEIGH, 2399 ifindex, cnf); 2400 } 2401 if (i == IPV4_DEVCONF_IGNORE_ROUTES_WITH_LINKDOWN - 1 && 2402 new_value != old_value) { 2403 ifindex = devinet_conf_ifindex(net, cnf); 2404 inet_netconf_notify_devconf(net, RTM_NEWNETCONF, 2405 NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN, 2406 ifindex, cnf); 2407 } 2408 } 2409 2410 return ret; 2411 } 2412 2413 static int devinet_sysctl_forward(struct ctl_table *ctl, int write, 2414 void __user *buffer, 2415 size_t *lenp, loff_t *ppos) 2416 { 2417 int *valp = ctl->data; 2418 int val = *valp; 2419 loff_t pos = *ppos; 2420 int ret = proc_dointvec(ctl, write, buffer, lenp, ppos); 2421 2422 if (write && *valp != val) { 2423 struct net *net = ctl->extra2; 2424 2425 if (valp != &IPV4_DEVCONF_DFLT(net, FORWARDING)) { 2426 if (!rtnl_trylock()) { 2427 /* Restore the original values before restarting */ 2428 *valp = val; 2429 *ppos = pos; 2430 return restart_syscall(); 2431 } 2432 if (valp == &IPV4_DEVCONF_ALL(net, FORWARDING)) { 2433 inet_forward_change(net); 2434 } else { 2435 struct ipv4_devconf *cnf = ctl->extra1; 2436 struct in_device *idev = 2437 container_of(cnf, struct in_device, cnf); 2438 if (*valp) 2439 dev_disable_lro(idev->dev); 2440 inet_netconf_notify_devconf(net, RTM_NEWNETCONF, 2441 NETCONFA_FORWARDING, 2442 idev->dev->ifindex, 2443 cnf); 2444 } 2445 rtnl_unlock(); 2446 rt_cache_flush(net); 2447 } else 2448 inet_netconf_notify_devconf(net, RTM_NEWNETCONF, 2449 NETCONFA_FORWARDING, 2450 NETCONFA_IFINDEX_DEFAULT, 2451 net->ipv4.devconf_dflt); 2452 } 2453 2454 return ret; 2455 } 2456 2457 static int ipv4_doint_and_flush(struct ctl_table *ctl, int write, 2458 void __user *buffer, 2459 size_t *lenp, loff_t *ppos) 2460 { 2461 int *valp = ctl->data; 2462 int val = *valp; 2463 int ret = proc_dointvec(ctl, write, buffer, lenp, ppos); 2464 struct net *net = ctl->extra2; 2465 2466 if (write && *valp != val) 2467 rt_cache_flush(net); 2468 2469 return ret; 2470 } 2471 2472 #define DEVINET_SYSCTL_ENTRY(attr, name, mval, proc) \ 2473 { \ 2474 .procname = name, \ 2475 .data = ipv4_devconf.data + \ 2476 IPV4_DEVCONF_ ## attr - 1, \ 2477 .maxlen = sizeof(int), \ 2478 .mode = mval, \ 2479 .proc_handler = proc, \ 2480 .extra1 = &ipv4_devconf, \ 2481 } 2482 2483 #define DEVINET_SYSCTL_RW_ENTRY(attr, name) \ 2484 DEVINET_SYSCTL_ENTRY(attr, name, 0644, devinet_conf_proc) 2485 2486 #define DEVINET_SYSCTL_RO_ENTRY(attr, name) \ 2487 DEVINET_SYSCTL_ENTRY(attr, name, 0444, devinet_conf_proc) 2488 2489 #define DEVINET_SYSCTL_COMPLEX_ENTRY(attr, name, proc) \ 2490 DEVINET_SYSCTL_ENTRY(attr, name, 0644, proc) 2491 2492 #define DEVINET_SYSCTL_FLUSHING_ENTRY(attr, name) \ 2493 DEVINET_SYSCTL_COMPLEX_ENTRY(attr, name, ipv4_doint_and_flush) 2494 2495 static struct devinet_sysctl_table { 2496 struct ctl_table_header *sysctl_header; 2497 struct ctl_table devinet_vars[__IPV4_DEVCONF_MAX]; 2498 } devinet_sysctl = { 2499 .devinet_vars = { 2500 DEVINET_SYSCTL_COMPLEX_ENTRY(FORWARDING, "forwarding", 2501 devinet_sysctl_forward), 2502 DEVINET_SYSCTL_RO_ENTRY(MC_FORWARDING, "mc_forwarding"), 2503 DEVINET_SYSCTL_RW_ENTRY(BC_FORWARDING, "bc_forwarding"), 2504 2505 DEVINET_SYSCTL_RW_ENTRY(ACCEPT_REDIRECTS, "accept_redirects"), 2506 DEVINET_SYSCTL_RW_ENTRY(SECURE_REDIRECTS, "secure_redirects"), 2507 DEVINET_SYSCTL_RW_ENTRY(SHARED_MEDIA, "shared_media"), 2508 DEVINET_SYSCTL_RW_ENTRY(RP_FILTER, "rp_filter"), 2509 DEVINET_SYSCTL_RW_ENTRY(SEND_REDIRECTS, "send_redirects"), 2510 DEVINET_SYSCTL_RW_ENTRY(ACCEPT_SOURCE_ROUTE, 2511 "accept_source_route"), 2512 DEVINET_SYSCTL_RW_ENTRY(ACCEPT_LOCAL, "accept_local"), 2513 DEVINET_SYSCTL_RW_ENTRY(SRC_VMARK, "src_valid_mark"), 2514 DEVINET_SYSCTL_RW_ENTRY(PROXY_ARP, "proxy_arp"), 2515 DEVINET_SYSCTL_RW_ENTRY(MEDIUM_ID, "medium_id"), 2516 DEVINET_SYSCTL_RW_ENTRY(BOOTP_RELAY, "bootp_relay"), 2517 DEVINET_SYSCTL_RW_ENTRY(LOG_MARTIANS, "log_martians"), 2518 DEVINET_SYSCTL_RW_ENTRY(TAG, "tag"), 2519 DEVINET_SYSCTL_RW_ENTRY(ARPFILTER, "arp_filter"), 2520 DEVINET_SYSCTL_RW_ENTRY(ARP_ANNOUNCE, "arp_announce"), 2521 DEVINET_SYSCTL_RW_ENTRY(ARP_IGNORE, "arp_ignore"), 2522 DEVINET_SYSCTL_RW_ENTRY(ARP_ACCEPT, "arp_accept"), 2523 DEVINET_SYSCTL_RW_ENTRY(ARP_NOTIFY, "arp_notify"), 2524 DEVINET_SYSCTL_RW_ENTRY(PROXY_ARP_PVLAN, "proxy_arp_pvlan"), 2525 DEVINET_SYSCTL_RW_ENTRY(FORCE_IGMP_VERSION, 2526 "force_igmp_version"), 2527 DEVINET_SYSCTL_RW_ENTRY(IGMPV2_UNSOLICITED_REPORT_INTERVAL, 2528 "igmpv2_unsolicited_report_interval"), 2529 DEVINET_SYSCTL_RW_ENTRY(IGMPV3_UNSOLICITED_REPORT_INTERVAL, 2530 "igmpv3_unsolicited_report_interval"), 2531 DEVINET_SYSCTL_RW_ENTRY(IGNORE_ROUTES_WITH_LINKDOWN, 2532 "ignore_routes_with_linkdown"), 2533 DEVINET_SYSCTL_RW_ENTRY(DROP_GRATUITOUS_ARP, 2534 "drop_gratuitous_arp"), 2535 2536 DEVINET_SYSCTL_FLUSHING_ENTRY(NOXFRM, "disable_xfrm"), 2537 DEVINET_SYSCTL_FLUSHING_ENTRY(NOPOLICY, "disable_policy"), 2538 DEVINET_SYSCTL_FLUSHING_ENTRY(PROMOTE_SECONDARIES, 2539 "promote_secondaries"), 2540 DEVINET_SYSCTL_FLUSHING_ENTRY(ROUTE_LOCALNET, 2541 "route_localnet"), 2542 DEVINET_SYSCTL_FLUSHING_ENTRY(DROP_UNICAST_IN_L2_MULTICAST, 2543 "drop_unicast_in_l2_multicast"), 2544 }, 2545 }; 2546 2547 static int __devinet_sysctl_register(struct net *net, char *dev_name, 2548 int ifindex, struct ipv4_devconf *p) 2549 { 2550 int i; 2551 struct devinet_sysctl_table *t; 2552 char path[sizeof("net/ipv4/conf/") + IFNAMSIZ]; 2553 2554 t = kmemdup(&devinet_sysctl, sizeof(*t), GFP_KERNEL); 2555 if (!t) 2556 goto out; 2557 2558 for (i = 0; i < ARRAY_SIZE(t->devinet_vars) - 1; i++) { 2559 t->devinet_vars[i].data += (char *)p - (char *)&ipv4_devconf; 2560 t->devinet_vars[i].extra1 = p; 2561 t->devinet_vars[i].extra2 = net; 2562 } 2563 2564 snprintf(path, sizeof(path), "net/ipv4/conf/%s", dev_name); 2565 2566 t->sysctl_header = register_net_sysctl(net, path, t->devinet_vars); 2567 if (!t->sysctl_header) 2568 goto free; 2569 2570 p->sysctl = t; 2571 2572 inet_netconf_notify_devconf(net, RTM_NEWNETCONF, NETCONFA_ALL, 2573 ifindex, p); 2574 return 0; 2575 2576 free: 2577 kfree(t); 2578 out: 2579 return -ENOBUFS; 2580 } 2581 2582 static void __devinet_sysctl_unregister(struct net *net, 2583 struct ipv4_devconf *cnf, int ifindex) 2584 { 2585 struct devinet_sysctl_table *t = cnf->sysctl; 2586 2587 if (t) { 2588 cnf->sysctl = NULL; 2589 unregister_net_sysctl_table(t->sysctl_header); 2590 kfree(t); 2591 } 2592 2593 inet_netconf_notify_devconf(net, RTM_DELNETCONF, 0, ifindex, NULL); 2594 } 2595 2596 static int devinet_sysctl_register(struct in_device *idev) 2597 { 2598 int err; 2599 2600 if (!sysctl_dev_name_is_allowed(idev->dev->name)) 2601 return -EINVAL; 2602 2603 err = neigh_sysctl_register(idev->dev, idev->arp_parms, NULL); 2604 if (err) 2605 return err; 2606 err = __devinet_sysctl_register(dev_net(idev->dev), idev->dev->name, 2607 idev->dev->ifindex, &idev->cnf); 2608 if (err) 2609 neigh_sysctl_unregister(idev->arp_parms); 2610 return err; 2611 } 2612 2613 static void devinet_sysctl_unregister(struct in_device *idev) 2614 { 2615 struct net *net = dev_net(idev->dev); 2616 2617 __devinet_sysctl_unregister(net, &idev->cnf, idev->dev->ifindex); 2618 neigh_sysctl_unregister(idev->arp_parms); 2619 } 2620 2621 static struct ctl_table ctl_forward_entry[] = { 2622 { 2623 .procname = "ip_forward", 2624 .data = &ipv4_devconf.data[ 2625 IPV4_DEVCONF_FORWARDING - 1], 2626 .maxlen = sizeof(int), 2627 .mode = 0644, 2628 .proc_handler = devinet_sysctl_forward, 2629 .extra1 = &ipv4_devconf, 2630 .extra2 = &init_net, 2631 }, 2632 { }, 2633 }; 2634 #endif 2635 2636 static __net_init int devinet_init_net(struct net *net) 2637 { 2638 int err; 2639 struct ipv4_devconf *all, *dflt; 2640 #ifdef CONFIG_SYSCTL 2641 struct ctl_table *tbl; 2642 struct ctl_table_header *forw_hdr; 2643 #endif 2644 2645 err = -ENOMEM; 2646 all = kmemdup(&ipv4_devconf, sizeof(ipv4_devconf), GFP_KERNEL); 2647 if (!all) 2648 goto err_alloc_all; 2649 2650 dflt = kmemdup(&ipv4_devconf_dflt, sizeof(ipv4_devconf_dflt), GFP_KERNEL); 2651 if (!dflt) 2652 goto err_alloc_dflt; 2653 2654 #ifdef CONFIG_SYSCTL 2655 tbl = kmemdup(ctl_forward_entry, sizeof(ctl_forward_entry), GFP_KERNEL); 2656 if (!tbl) 2657 goto err_alloc_ctl; 2658 2659 tbl[0].data = &all->data[IPV4_DEVCONF_FORWARDING - 1]; 2660 tbl[0].extra1 = all; 2661 tbl[0].extra2 = net; 2662 #endif 2663 2664 if ((!IS_ENABLED(CONFIG_SYSCTL) || 2665 sysctl_devconf_inherit_init_net != 2) && 2666 !net_eq(net, &init_net)) { 2667 memcpy(all, init_net.ipv4.devconf_all, sizeof(ipv4_devconf)); 2668 memcpy(dflt, init_net.ipv4.devconf_dflt, sizeof(ipv4_devconf_dflt)); 2669 } 2670 2671 #ifdef CONFIG_SYSCTL 2672 err = __devinet_sysctl_register(net, "all", NETCONFA_IFINDEX_ALL, all); 2673 if (err < 0) 2674 goto err_reg_all; 2675 2676 err = __devinet_sysctl_register(net, "default", 2677 NETCONFA_IFINDEX_DEFAULT, dflt); 2678 if (err < 0) 2679 goto err_reg_dflt; 2680 2681 err = -ENOMEM; 2682 forw_hdr = register_net_sysctl(net, "net/ipv4", tbl); 2683 if (!forw_hdr) 2684 goto err_reg_ctl; 2685 net->ipv4.forw_hdr = forw_hdr; 2686 #endif 2687 2688 net->ipv4.devconf_all = all; 2689 net->ipv4.devconf_dflt = dflt; 2690 return 0; 2691 2692 #ifdef CONFIG_SYSCTL 2693 err_reg_ctl: 2694 __devinet_sysctl_unregister(net, dflt, NETCONFA_IFINDEX_DEFAULT); 2695 err_reg_dflt: 2696 __devinet_sysctl_unregister(net, all, NETCONFA_IFINDEX_ALL); 2697 err_reg_all: 2698 kfree(tbl); 2699 err_alloc_ctl: 2700 #endif 2701 kfree(dflt); 2702 err_alloc_dflt: 2703 kfree(all); 2704 err_alloc_all: 2705 return err; 2706 } 2707 2708 static __net_exit void devinet_exit_net(struct net *net) 2709 { 2710 #ifdef CONFIG_SYSCTL 2711 struct ctl_table *tbl; 2712 2713 tbl = net->ipv4.forw_hdr->ctl_table_arg; 2714 unregister_net_sysctl_table(net->ipv4.forw_hdr); 2715 __devinet_sysctl_unregister(net, net->ipv4.devconf_dflt, 2716 NETCONFA_IFINDEX_DEFAULT); 2717 __devinet_sysctl_unregister(net, net->ipv4.devconf_all, 2718 NETCONFA_IFINDEX_ALL); 2719 kfree(tbl); 2720 #endif 2721 kfree(net->ipv4.devconf_dflt); 2722 kfree(net->ipv4.devconf_all); 2723 } 2724 2725 static __net_initdata struct pernet_operations devinet_ops = { 2726 .init = devinet_init_net, 2727 .exit = devinet_exit_net, 2728 }; 2729 2730 static struct rtnl_af_ops inet_af_ops __read_mostly = { 2731 .family = AF_INET, 2732 .fill_link_af = inet_fill_link_af, 2733 .get_link_af_size = inet_get_link_af_size, 2734 .validate_link_af = inet_validate_link_af, 2735 .set_link_af = inet_set_link_af, 2736 }; 2737 2738 void __init devinet_init(void) 2739 { 2740 int i; 2741 2742 for (i = 0; i < IN4_ADDR_HSIZE; i++) 2743 INIT_HLIST_HEAD(&inet_addr_lst[i]); 2744 2745 register_pernet_subsys(&devinet_ops); 2746 2747 register_gifconf(PF_INET, inet_gifconf); 2748 register_netdevice_notifier(&ip_netdev_notifier); 2749 2750 queue_delayed_work(system_power_efficient_wq, &check_lifetime_work, 0); 2751 2752 rtnl_af_register(&inet_af_ops); 2753 2754 rtnl_register(PF_INET, RTM_NEWADDR, inet_rtm_newaddr, NULL, 0); 2755 rtnl_register(PF_INET, RTM_DELADDR, inet_rtm_deladdr, NULL, 0); 2756 rtnl_register(PF_INET, RTM_GETADDR, NULL, inet_dump_ifaddr, 0); 2757 rtnl_register(PF_INET, RTM_GETNETCONF, inet_netconf_get_devconf, 2758 inet_netconf_dump_devconf, 0); 2759 } 2760