1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * NET3 IP device support routines. 4 * 5 * Derived from the IP parts of dev.c 1.0.19 6 * Authors: Ross Biro 7 * Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG> 8 * Mark Evans, <evansmp@uhura.aston.ac.uk> 9 * 10 * Additional Authors: 11 * Alan Cox, <gw4pts@gw4pts.ampr.org> 12 * Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru> 13 * 14 * Changes: 15 * Alexey Kuznetsov: pa_* fields are replaced with ifaddr 16 * lists. 17 * Cyrus Durgin: updated for kmod 18 * Matthias Andree: in devinet_ioctl, compare label and 19 * address (4.4BSD alias style support), 20 * fall back to comparing just the label 21 * if no match found. 22 */ 23 24 25 #include <linux/uaccess.h> 26 #include <linux/bitops.h> 27 #include <linux/capability.h> 28 #include <linux/module.h> 29 #include <linux/types.h> 30 #include <linux/kernel.h> 31 #include <linux/sched/signal.h> 32 #include <linux/string.h> 33 #include <linux/mm.h> 34 #include <linux/socket.h> 35 #include <linux/sockios.h> 36 #include <linux/in.h> 37 #include <linux/errno.h> 38 #include <linux/interrupt.h> 39 #include <linux/if_addr.h> 40 #include <linux/if_ether.h> 41 #include <linux/inet.h> 42 #include <linux/netdevice.h> 43 #include <linux/etherdevice.h> 44 #include <linux/skbuff.h> 45 #include <linux/init.h> 46 #include <linux/notifier.h> 47 #include <linux/inetdevice.h> 48 #include <linux/igmp.h> 49 #include <linux/slab.h> 50 #include <linux/hash.h> 51 #ifdef CONFIG_SYSCTL 52 #include <linux/sysctl.h> 53 #endif 54 #include <linux/kmod.h> 55 #include <linux/netconf.h> 56 57 #include <net/arp.h> 58 #include <net/ip.h> 59 #include <net/route.h> 60 #include <net/ip_fib.h> 61 #include <net/rtnetlink.h> 62 #include <net/net_namespace.h> 63 #include <net/addrconf.h> 64 65 static struct ipv4_devconf ipv4_devconf = { 66 .data = { 67 [IPV4_DEVCONF_ACCEPT_REDIRECTS - 1] = 1, 68 [IPV4_DEVCONF_SEND_REDIRECTS - 1] = 1, 69 [IPV4_DEVCONF_SECURE_REDIRECTS - 1] = 1, 70 [IPV4_DEVCONF_SHARED_MEDIA - 1] = 1, 71 [IPV4_DEVCONF_IGMPV2_UNSOLICITED_REPORT_INTERVAL - 1] = 10000 /*ms*/, 72 [IPV4_DEVCONF_IGMPV3_UNSOLICITED_REPORT_INTERVAL - 1] = 1000 /*ms*/, 73 }, 74 }; 75 76 static struct ipv4_devconf ipv4_devconf_dflt = { 77 .data = { 78 [IPV4_DEVCONF_ACCEPT_REDIRECTS - 1] = 1, 79 [IPV4_DEVCONF_SEND_REDIRECTS - 1] = 1, 80 [IPV4_DEVCONF_SECURE_REDIRECTS - 1] = 1, 81 [IPV4_DEVCONF_SHARED_MEDIA - 1] = 1, 82 [IPV4_DEVCONF_ACCEPT_SOURCE_ROUTE - 1] = 1, 83 [IPV4_DEVCONF_IGMPV2_UNSOLICITED_REPORT_INTERVAL - 1] = 10000 /*ms*/, 84 [IPV4_DEVCONF_IGMPV3_UNSOLICITED_REPORT_INTERVAL - 1] = 1000 /*ms*/, 85 }, 86 }; 87 88 #define IPV4_DEVCONF_DFLT(net, attr) \ 89 IPV4_DEVCONF((*net->ipv4.devconf_dflt), attr) 90 91 static const struct nla_policy ifa_ipv4_policy[IFA_MAX+1] = { 92 [IFA_LOCAL] = { .type = NLA_U32 }, 93 [IFA_ADDRESS] = { .type = NLA_U32 }, 94 [IFA_BROADCAST] = { .type = NLA_U32 }, 95 [IFA_LABEL] = { .type = NLA_STRING, .len = IFNAMSIZ - 1 }, 96 [IFA_CACHEINFO] = { .len = sizeof(struct ifa_cacheinfo) }, 97 [IFA_FLAGS] = { .type = NLA_U32 }, 98 [IFA_RT_PRIORITY] = { .type = NLA_U32 }, 99 [IFA_TARGET_NETNSID] = { .type = NLA_S32 }, 100 }; 101 102 struct inet_fill_args { 103 u32 portid; 104 u32 seq; 105 int event; 106 unsigned int flags; 107 int netnsid; 108 int ifindex; 109 }; 110 111 #define IN4_ADDR_HSIZE_SHIFT 8 112 #define IN4_ADDR_HSIZE (1U << IN4_ADDR_HSIZE_SHIFT) 113 114 static struct hlist_head inet_addr_lst[IN4_ADDR_HSIZE]; 115 116 static u32 inet_addr_hash(const struct net *net, __be32 addr) 117 { 118 u32 val = (__force u32) addr ^ net_hash_mix(net); 119 120 return hash_32(val, IN4_ADDR_HSIZE_SHIFT); 121 } 122 123 static void inet_hash_insert(struct net *net, struct in_ifaddr *ifa) 124 { 125 u32 hash = inet_addr_hash(net, ifa->ifa_local); 126 127 ASSERT_RTNL(); 128 hlist_add_head_rcu(&ifa->hash, &inet_addr_lst[hash]); 129 } 130 131 static void inet_hash_remove(struct in_ifaddr *ifa) 132 { 133 ASSERT_RTNL(); 134 hlist_del_init_rcu(&ifa->hash); 135 } 136 137 /** 138 * __ip_dev_find - find the first device with a given source address. 139 * @net: the net namespace 140 * @addr: the source address 141 * @devref: if true, take a reference on the found device 142 * 143 * If a caller uses devref=false, it should be protected by RCU, or RTNL 144 */ 145 struct net_device *__ip_dev_find(struct net *net, __be32 addr, bool devref) 146 { 147 struct net_device *result = NULL; 148 struct in_ifaddr *ifa; 149 150 rcu_read_lock(); 151 ifa = inet_lookup_ifaddr_rcu(net, addr); 152 if (!ifa) { 153 struct flowi4 fl4 = { .daddr = addr }; 154 struct fib_result res = { 0 }; 155 struct fib_table *local; 156 157 /* Fallback to FIB local table so that communication 158 * over loopback subnets work. 159 */ 160 local = fib_get_table(net, RT_TABLE_LOCAL); 161 if (local && 162 !fib_table_lookup(local, &fl4, &res, FIB_LOOKUP_NOREF) && 163 res.type == RTN_LOCAL) 164 result = FIB_RES_DEV(res); 165 } else { 166 result = ifa->ifa_dev->dev; 167 } 168 if (result && devref) 169 dev_hold(result); 170 rcu_read_unlock(); 171 return result; 172 } 173 EXPORT_SYMBOL(__ip_dev_find); 174 175 /* called under RCU lock */ 176 struct in_ifaddr *inet_lookup_ifaddr_rcu(struct net *net, __be32 addr) 177 { 178 u32 hash = inet_addr_hash(net, addr); 179 struct in_ifaddr *ifa; 180 181 hlist_for_each_entry_rcu(ifa, &inet_addr_lst[hash], hash) 182 if (ifa->ifa_local == addr && 183 net_eq(dev_net(ifa->ifa_dev->dev), net)) 184 return ifa; 185 186 return NULL; 187 } 188 189 static void rtmsg_ifa(int event, struct in_ifaddr *, struct nlmsghdr *, u32); 190 191 static BLOCKING_NOTIFIER_HEAD(inetaddr_chain); 192 static BLOCKING_NOTIFIER_HEAD(inetaddr_validator_chain); 193 static void inet_del_ifa(struct in_device *in_dev, struct in_ifaddr **ifap, 194 int destroy); 195 #ifdef CONFIG_SYSCTL 196 static int devinet_sysctl_register(struct in_device *idev); 197 static void devinet_sysctl_unregister(struct in_device *idev); 198 #else 199 static int devinet_sysctl_register(struct in_device *idev) 200 { 201 return 0; 202 } 203 static void devinet_sysctl_unregister(struct in_device *idev) 204 { 205 } 206 #endif 207 208 /* Locks all the inet devices. */ 209 210 static struct in_ifaddr *inet_alloc_ifa(void) 211 { 212 return kzalloc(sizeof(struct in_ifaddr), GFP_KERNEL); 213 } 214 215 static void inet_rcu_free_ifa(struct rcu_head *head) 216 { 217 struct in_ifaddr *ifa = container_of(head, struct in_ifaddr, rcu_head); 218 if (ifa->ifa_dev) 219 in_dev_put(ifa->ifa_dev); 220 kfree(ifa); 221 } 222 223 static void inet_free_ifa(struct in_ifaddr *ifa) 224 { 225 call_rcu(&ifa->rcu_head, inet_rcu_free_ifa); 226 } 227 228 void in_dev_finish_destroy(struct in_device *idev) 229 { 230 struct net_device *dev = idev->dev; 231 232 WARN_ON(idev->ifa_list); 233 WARN_ON(idev->mc_list); 234 kfree(rcu_dereference_protected(idev->mc_hash, 1)); 235 #ifdef NET_REFCNT_DEBUG 236 pr_debug("%s: %p=%s\n", __func__, idev, dev ? dev->name : "NIL"); 237 #endif 238 dev_put(dev); 239 if (!idev->dead) 240 pr_err("Freeing alive in_device %p\n", idev); 241 else 242 kfree(idev); 243 } 244 EXPORT_SYMBOL(in_dev_finish_destroy); 245 246 static struct in_device *inetdev_init(struct net_device *dev) 247 { 248 struct in_device *in_dev; 249 int err = -ENOMEM; 250 251 ASSERT_RTNL(); 252 253 in_dev = kzalloc(sizeof(*in_dev), GFP_KERNEL); 254 if (!in_dev) 255 goto out; 256 memcpy(&in_dev->cnf, dev_net(dev)->ipv4.devconf_dflt, 257 sizeof(in_dev->cnf)); 258 in_dev->cnf.sysctl = NULL; 259 in_dev->dev = dev; 260 in_dev->arp_parms = neigh_parms_alloc(dev, &arp_tbl); 261 if (!in_dev->arp_parms) 262 goto out_kfree; 263 if (IPV4_DEVCONF(in_dev->cnf, FORWARDING)) 264 dev_disable_lro(dev); 265 /* Reference in_dev->dev */ 266 dev_hold(dev); 267 /* Account for reference dev->ip_ptr (below) */ 268 refcount_set(&in_dev->refcnt, 1); 269 270 err = devinet_sysctl_register(in_dev); 271 if (err) { 272 in_dev->dead = 1; 273 in_dev_put(in_dev); 274 in_dev = NULL; 275 goto out; 276 } 277 ip_mc_init_dev(in_dev); 278 if (dev->flags & IFF_UP) 279 ip_mc_up(in_dev); 280 281 /* we can receive as soon as ip_ptr is set -- do this last */ 282 rcu_assign_pointer(dev->ip_ptr, in_dev); 283 out: 284 return in_dev ?: ERR_PTR(err); 285 out_kfree: 286 kfree(in_dev); 287 in_dev = NULL; 288 goto out; 289 } 290 291 static void in_dev_rcu_put(struct rcu_head *head) 292 { 293 struct in_device *idev = container_of(head, struct in_device, rcu_head); 294 in_dev_put(idev); 295 } 296 297 static void inetdev_destroy(struct in_device *in_dev) 298 { 299 struct in_ifaddr *ifa; 300 struct net_device *dev; 301 302 ASSERT_RTNL(); 303 304 dev = in_dev->dev; 305 306 in_dev->dead = 1; 307 308 ip_mc_destroy_dev(in_dev); 309 310 while ((ifa = in_dev->ifa_list) != NULL) { 311 inet_del_ifa(in_dev, &in_dev->ifa_list, 0); 312 inet_free_ifa(ifa); 313 } 314 315 RCU_INIT_POINTER(dev->ip_ptr, NULL); 316 317 devinet_sysctl_unregister(in_dev); 318 neigh_parms_release(&arp_tbl, in_dev->arp_parms); 319 arp_ifdown(dev); 320 321 call_rcu(&in_dev->rcu_head, in_dev_rcu_put); 322 } 323 324 int inet_addr_onlink(struct in_device *in_dev, __be32 a, __be32 b) 325 { 326 rcu_read_lock(); 327 for_primary_ifa(in_dev) { 328 if (inet_ifa_match(a, ifa)) { 329 if (!b || inet_ifa_match(b, ifa)) { 330 rcu_read_unlock(); 331 return 1; 332 } 333 } 334 } endfor_ifa(in_dev); 335 rcu_read_unlock(); 336 return 0; 337 } 338 339 static void __inet_del_ifa(struct in_device *in_dev, struct in_ifaddr **ifap, 340 int destroy, struct nlmsghdr *nlh, u32 portid) 341 { 342 struct in_ifaddr *promote = NULL; 343 struct in_ifaddr *ifa, *ifa1 = *ifap; 344 struct in_ifaddr *last_prim = in_dev->ifa_list; 345 struct in_ifaddr *prev_prom = NULL; 346 int do_promote = IN_DEV_PROMOTE_SECONDARIES(in_dev); 347 348 ASSERT_RTNL(); 349 350 if (in_dev->dead) 351 goto no_promotions; 352 353 /* 1. Deleting primary ifaddr forces deletion all secondaries 354 * unless alias promotion is set 355 **/ 356 357 if (!(ifa1->ifa_flags & IFA_F_SECONDARY)) { 358 struct in_ifaddr **ifap1 = &ifa1->ifa_next; 359 360 while ((ifa = *ifap1) != NULL) { 361 if (!(ifa->ifa_flags & IFA_F_SECONDARY) && 362 ifa1->ifa_scope <= ifa->ifa_scope) 363 last_prim = ifa; 364 365 if (!(ifa->ifa_flags & IFA_F_SECONDARY) || 366 ifa1->ifa_mask != ifa->ifa_mask || 367 !inet_ifa_match(ifa1->ifa_address, ifa)) { 368 ifap1 = &ifa->ifa_next; 369 prev_prom = ifa; 370 continue; 371 } 372 373 if (!do_promote) { 374 inet_hash_remove(ifa); 375 *ifap1 = ifa->ifa_next; 376 377 rtmsg_ifa(RTM_DELADDR, ifa, nlh, portid); 378 blocking_notifier_call_chain(&inetaddr_chain, 379 NETDEV_DOWN, ifa); 380 inet_free_ifa(ifa); 381 } else { 382 promote = ifa; 383 break; 384 } 385 } 386 } 387 388 /* On promotion all secondaries from subnet are changing 389 * the primary IP, we must remove all their routes silently 390 * and later to add them back with new prefsrc. Do this 391 * while all addresses are on the device list. 392 */ 393 for (ifa = promote; ifa; ifa = ifa->ifa_next) { 394 if (ifa1->ifa_mask == ifa->ifa_mask && 395 inet_ifa_match(ifa1->ifa_address, ifa)) 396 fib_del_ifaddr(ifa, ifa1); 397 } 398 399 no_promotions: 400 /* 2. Unlink it */ 401 402 *ifap = ifa1->ifa_next; 403 inet_hash_remove(ifa1); 404 405 /* 3. Announce address deletion */ 406 407 /* Send message first, then call notifier. 408 At first sight, FIB update triggered by notifier 409 will refer to already deleted ifaddr, that could confuse 410 netlink listeners. It is not true: look, gated sees 411 that route deleted and if it still thinks that ifaddr 412 is valid, it will try to restore deleted routes... Grr. 413 So that, this order is correct. 414 */ 415 rtmsg_ifa(RTM_DELADDR, ifa1, nlh, portid); 416 blocking_notifier_call_chain(&inetaddr_chain, NETDEV_DOWN, ifa1); 417 418 if (promote) { 419 struct in_ifaddr *next_sec = promote->ifa_next; 420 421 if (prev_prom) { 422 prev_prom->ifa_next = promote->ifa_next; 423 promote->ifa_next = last_prim->ifa_next; 424 last_prim->ifa_next = promote; 425 } 426 427 promote->ifa_flags &= ~IFA_F_SECONDARY; 428 rtmsg_ifa(RTM_NEWADDR, promote, nlh, portid); 429 blocking_notifier_call_chain(&inetaddr_chain, 430 NETDEV_UP, promote); 431 for (ifa = next_sec; ifa; ifa = ifa->ifa_next) { 432 if (ifa1->ifa_mask != ifa->ifa_mask || 433 !inet_ifa_match(ifa1->ifa_address, ifa)) 434 continue; 435 fib_add_ifaddr(ifa); 436 } 437 438 } 439 if (destroy) 440 inet_free_ifa(ifa1); 441 } 442 443 static void inet_del_ifa(struct in_device *in_dev, struct in_ifaddr **ifap, 444 int destroy) 445 { 446 __inet_del_ifa(in_dev, ifap, destroy, NULL, 0); 447 } 448 449 static void check_lifetime(struct work_struct *work); 450 451 static DECLARE_DELAYED_WORK(check_lifetime_work, check_lifetime); 452 453 static int __inet_insert_ifa(struct in_ifaddr *ifa, struct nlmsghdr *nlh, 454 u32 portid, struct netlink_ext_ack *extack) 455 { 456 struct in_device *in_dev = ifa->ifa_dev; 457 struct in_ifaddr *ifa1, **ifap, **last_primary; 458 struct in_validator_info ivi; 459 int ret; 460 461 ASSERT_RTNL(); 462 463 if (!ifa->ifa_local) { 464 inet_free_ifa(ifa); 465 return 0; 466 } 467 468 ifa->ifa_flags &= ~IFA_F_SECONDARY; 469 last_primary = &in_dev->ifa_list; 470 471 for (ifap = &in_dev->ifa_list; (ifa1 = *ifap) != NULL; 472 ifap = &ifa1->ifa_next) { 473 if (!(ifa1->ifa_flags & IFA_F_SECONDARY) && 474 ifa->ifa_scope <= ifa1->ifa_scope) 475 last_primary = &ifa1->ifa_next; 476 if (ifa1->ifa_mask == ifa->ifa_mask && 477 inet_ifa_match(ifa1->ifa_address, ifa)) { 478 if (ifa1->ifa_local == ifa->ifa_local) { 479 inet_free_ifa(ifa); 480 return -EEXIST; 481 } 482 if (ifa1->ifa_scope != ifa->ifa_scope) { 483 inet_free_ifa(ifa); 484 return -EINVAL; 485 } 486 ifa->ifa_flags |= IFA_F_SECONDARY; 487 } 488 } 489 490 /* Allow any devices that wish to register ifaddr validtors to weigh 491 * in now, before changes are committed. The rntl lock is serializing 492 * access here, so the state should not change between a validator call 493 * and a final notify on commit. This isn't invoked on promotion under 494 * the assumption that validators are checking the address itself, and 495 * not the flags. 496 */ 497 ivi.ivi_addr = ifa->ifa_address; 498 ivi.ivi_dev = ifa->ifa_dev; 499 ivi.extack = extack; 500 ret = blocking_notifier_call_chain(&inetaddr_validator_chain, 501 NETDEV_UP, &ivi); 502 ret = notifier_to_errno(ret); 503 if (ret) { 504 inet_free_ifa(ifa); 505 return ret; 506 } 507 508 if (!(ifa->ifa_flags & IFA_F_SECONDARY)) { 509 prandom_seed((__force u32) ifa->ifa_local); 510 ifap = last_primary; 511 } 512 513 ifa->ifa_next = *ifap; 514 *ifap = ifa; 515 516 inet_hash_insert(dev_net(in_dev->dev), ifa); 517 518 cancel_delayed_work(&check_lifetime_work); 519 queue_delayed_work(system_power_efficient_wq, &check_lifetime_work, 0); 520 521 /* Send message first, then call notifier. 522 Notifier will trigger FIB update, so that 523 listeners of netlink will know about new ifaddr */ 524 rtmsg_ifa(RTM_NEWADDR, ifa, nlh, portid); 525 blocking_notifier_call_chain(&inetaddr_chain, NETDEV_UP, ifa); 526 527 return 0; 528 } 529 530 static int inet_insert_ifa(struct in_ifaddr *ifa) 531 { 532 return __inet_insert_ifa(ifa, NULL, 0, NULL); 533 } 534 535 static int inet_set_ifa(struct net_device *dev, struct in_ifaddr *ifa) 536 { 537 struct in_device *in_dev = __in_dev_get_rtnl(dev); 538 539 ASSERT_RTNL(); 540 541 if (!in_dev) { 542 inet_free_ifa(ifa); 543 return -ENOBUFS; 544 } 545 ipv4_devconf_setall(in_dev); 546 neigh_parms_data_state_setall(in_dev->arp_parms); 547 if (ifa->ifa_dev != in_dev) { 548 WARN_ON(ifa->ifa_dev); 549 in_dev_hold(in_dev); 550 ifa->ifa_dev = in_dev; 551 } 552 if (ipv4_is_loopback(ifa->ifa_local)) 553 ifa->ifa_scope = RT_SCOPE_HOST; 554 return inet_insert_ifa(ifa); 555 } 556 557 /* Caller must hold RCU or RTNL : 558 * We dont take a reference on found in_device 559 */ 560 struct in_device *inetdev_by_index(struct net *net, int ifindex) 561 { 562 struct net_device *dev; 563 struct in_device *in_dev = NULL; 564 565 rcu_read_lock(); 566 dev = dev_get_by_index_rcu(net, ifindex); 567 if (dev) 568 in_dev = rcu_dereference_rtnl(dev->ip_ptr); 569 rcu_read_unlock(); 570 return in_dev; 571 } 572 EXPORT_SYMBOL(inetdev_by_index); 573 574 /* Called only from RTNL semaphored context. No locks. */ 575 576 struct in_ifaddr *inet_ifa_byprefix(struct in_device *in_dev, __be32 prefix, 577 __be32 mask) 578 { 579 ASSERT_RTNL(); 580 581 for_primary_ifa(in_dev) { 582 if (ifa->ifa_mask == mask && inet_ifa_match(prefix, ifa)) 583 return ifa; 584 } endfor_ifa(in_dev); 585 return NULL; 586 } 587 588 static int ip_mc_config(struct sock *sk, bool join, const struct in_ifaddr *ifa) 589 { 590 struct ip_mreqn mreq = { 591 .imr_multiaddr.s_addr = ifa->ifa_address, 592 .imr_ifindex = ifa->ifa_dev->dev->ifindex, 593 }; 594 int ret; 595 596 ASSERT_RTNL(); 597 598 lock_sock(sk); 599 if (join) 600 ret = ip_mc_join_group(sk, &mreq); 601 else 602 ret = ip_mc_leave_group(sk, &mreq); 603 release_sock(sk); 604 605 return ret; 606 } 607 608 static int inet_rtm_deladdr(struct sk_buff *skb, struct nlmsghdr *nlh, 609 struct netlink_ext_ack *extack) 610 { 611 struct net *net = sock_net(skb->sk); 612 struct nlattr *tb[IFA_MAX+1]; 613 struct in_device *in_dev; 614 struct ifaddrmsg *ifm; 615 struct in_ifaddr *ifa, **ifap; 616 int err = -EINVAL; 617 618 ASSERT_RTNL(); 619 620 err = nlmsg_parse_deprecated(nlh, sizeof(*ifm), tb, IFA_MAX, 621 ifa_ipv4_policy, extack); 622 if (err < 0) 623 goto errout; 624 625 ifm = nlmsg_data(nlh); 626 in_dev = inetdev_by_index(net, ifm->ifa_index); 627 if (!in_dev) { 628 err = -ENODEV; 629 goto errout; 630 } 631 632 for (ifap = &in_dev->ifa_list; (ifa = *ifap) != NULL; 633 ifap = &ifa->ifa_next) { 634 if (tb[IFA_LOCAL] && 635 ifa->ifa_local != nla_get_in_addr(tb[IFA_LOCAL])) 636 continue; 637 638 if (tb[IFA_LABEL] && nla_strcmp(tb[IFA_LABEL], ifa->ifa_label)) 639 continue; 640 641 if (tb[IFA_ADDRESS] && 642 (ifm->ifa_prefixlen != ifa->ifa_prefixlen || 643 !inet_ifa_match(nla_get_in_addr(tb[IFA_ADDRESS]), ifa))) 644 continue; 645 646 if (ipv4_is_multicast(ifa->ifa_address)) 647 ip_mc_config(net->ipv4.mc_autojoin_sk, false, ifa); 648 __inet_del_ifa(in_dev, ifap, 1, nlh, NETLINK_CB(skb).portid); 649 return 0; 650 } 651 652 err = -EADDRNOTAVAIL; 653 errout: 654 return err; 655 } 656 657 #define INFINITY_LIFE_TIME 0xFFFFFFFF 658 659 static void check_lifetime(struct work_struct *work) 660 { 661 unsigned long now, next, next_sec, next_sched; 662 struct in_ifaddr *ifa; 663 struct hlist_node *n; 664 int i; 665 666 now = jiffies; 667 next = round_jiffies_up(now + ADDR_CHECK_FREQUENCY); 668 669 for (i = 0; i < IN4_ADDR_HSIZE; i++) { 670 bool change_needed = false; 671 672 rcu_read_lock(); 673 hlist_for_each_entry_rcu(ifa, &inet_addr_lst[i], hash) { 674 unsigned long age; 675 676 if (ifa->ifa_flags & IFA_F_PERMANENT) 677 continue; 678 679 /* We try to batch several events at once. */ 680 age = (now - ifa->ifa_tstamp + 681 ADDRCONF_TIMER_FUZZ_MINUS) / HZ; 682 683 if (ifa->ifa_valid_lft != INFINITY_LIFE_TIME && 684 age >= ifa->ifa_valid_lft) { 685 change_needed = true; 686 } else if (ifa->ifa_preferred_lft == 687 INFINITY_LIFE_TIME) { 688 continue; 689 } else if (age >= ifa->ifa_preferred_lft) { 690 if (time_before(ifa->ifa_tstamp + 691 ifa->ifa_valid_lft * HZ, next)) 692 next = ifa->ifa_tstamp + 693 ifa->ifa_valid_lft * HZ; 694 695 if (!(ifa->ifa_flags & IFA_F_DEPRECATED)) 696 change_needed = true; 697 } else if (time_before(ifa->ifa_tstamp + 698 ifa->ifa_preferred_lft * HZ, 699 next)) { 700 next = ifa->ifa_tstamp + 701 ifa->ifa_preferred_lft * HZ; 702 } 703 } 704 rcu_read_unlock(); 705 if (!change_needed) 706 continue; 707 rtnl_lock(); 708 hlist_for_each_entry_safe(ifa, n, &inet_addr_lst[i], hash) { 709 unsigned long age; 710 711 if (ifa->ifa_flags & IFA_F_PERMANENT) 712 continue; 713 714 /* We try to batch several events at once. */ 715 age = (now - ifa->ifa_tstamp + 716 ADDRCONF_TIMER_FUZZ_MINUS) / HZ; 717 718 if (ifa->ifa_valid_lft != INFINITY_LIFE_TIME && 719 age >= ifa->ifa_valid_lft) { 720 struct in_ifaddr **ifap; 721 722 for (ifap = &ifa->ifa_dev->ifa_list; 723 *ifap != NULL; ifap = &(*ifap)->ifa_next) { 724 if (*ifap == ifa) { 725 inet_del_ifa(ifa->ifa_dev, 726 ifap, 1); 727 break; 728 } 729 } 730 } else if (ifa->ifa_preferred_lft != 731 INFINITY_LIFE_TIME && 732 age >= ifa->ifa_preferred_lft && 733 !(ifa->ifa_flags & IFA_F_DEPRECATED)) { 734 ifa->ifa_flags |= IFA_F_DEPRECATED; 735 rtmsg_ifa(RTM_NEWADDR, ifa, NULL, 0); 736 } 737 } 738 rtnl_unlock(); 739 } 740 741 next_sec = round_jiffies_up(next); 742 next_sched = next; 743 744 /* If rounded timeout is accurate enough, accept it. */ 745 if (time_before(next_sec, next + ADDRCONF_TIMER_FUZZ)) 746 next_sched = next_sec; 747 748 now = jiffies; 749 /* And minimum interval is ADDRCONF_TIMER_FUZZ_MAX. */ 750 if (time_before(next_sched, now + ADDRCONF_TIMER_FUZZ_MAX)) 751 next_sched = now + ADDRCONF_TIMER_FUZZ_MAX; 752 753 queue_delayed_work(system_power_efficient_wq, &check_lifetime_work, 754 next_sched - now); 755 } 756 757 static void set_ifa_lifetime(struct in_ifaddr *ifa, __u32 valid_lft, 758 __u32 prefered_lft) 759 { 760 unsigned long timeout; 761 762 ifa->ifa_flags &= ~(IFA_F_PERMANENT | IFA_F_DEPRECATED); 763 764 timeout = addrconf_timeout_fixup(valid_lft, HZ); 765 if (addrconf_finite_timeout(timeout)) 766 ifa->ifa_valid_lft = timeout; 767 else 768 ifa->ifa_flags |= IFA_F_PERMANENT; 769 770 timeout = addrconf_timeout_fixup(prefered_lft, HZ); 771 if (addrconf_finite_timeout(timeout)) { 772 if (timeout == 0) 773 ifa->ifa_flags |= IFA_F_DEPRECATED; 774 ifa->ifa_preferred_lft = timeout; 775 } 776 ifa->ifa_tstamp = jiffies; 777 if (!ifa->ifa_cstamp) 778 ifa->ifa_cstamp = ifa->ifa_tstamp; 779 } 780 781 static struct in_ifaddr *rtm_to_ifaddr(struct net *net, struct nlmsghdr *nlh, 782 __u32 *pvalid_lft, __u32 *pprefered_lft, 783 struct netlink_ext_ack *extack) 784 { 785 struct nlattr *tb[IFA_MAX+1]; 786 struct in_ifaddr *ifa; 787 struct ifaddrmsg *ifm; 788 struct net_device *dev; 789 struct in_device *in_dev; 790 int err; 791 792 err = nlmsg_parse_deprecated(nlh, sizeof(*ifm), tb, IFA_MAX, 793 ifa_ipv4_policy, extack); 794 if (err < 0) 795 goto errout; 796 797 ifm = nlmsg_data(nlh); 798 err = -EINVAL; 799 if (ifm->ifa_prefixlen > 32 || !tb[IFA_LOCAL]) 800 goto errout; 801 802 dev = __dev_get_by_index(net, ifm->ifa_index); 803 err = -ENODEV; 804 if (!dev) 805 goto errout; 806 807 in_dev = __in_dev_get_rtnl(dev); 808 err = -ENOBUFS; 809 if (!in_dev) 810 goto errout; 811 812 ifa = inet_alloc_ifa(); 813 if (!ifa) 814 /* 815 * A potential indev allocation can be left alive, it stays 816 * assigned to its device and is destroy with it. 817 */ 818 goto errout; 819 820 ipv4_devconf_setall(in_dev); 821 neigh_parms_data_state_setall(in_dev->arp_parms); 822 in_dev_hold(in_dev); 823 824 if (!tb[IFA_ADDRESS]) 825 tb[IFA_ADDRESS] = tb[IFA_LOCAL]; 826 827 INIT_HLIST_NODE(&ifa->hash); 828 ifa->ifa_prefixlen = ifm->ifa_prefixlen; 829 ifa->ifa_mask = inet_make_mask(ifm->ifa_prefixlen); 830 ifa->ifa_flags = tb[IFA_FLAGS] ? nla_get_u32(tb[IFA_FLAGS]) : 831 ifm->ifa_flags; 832 ifa->ifa_scope = ifm->ifa_scope; 833 ifa->ifa_dev = in_dev; 834 835 ifa->ifa_local = nla_get_in_addr(tb[IFA_LOCAL]); 836 ifa->ifa_address = nla_get_in_addr(tb[IFA_ADDRESS]); 837 838 if (tb[IFA_BROADCAST]) 839 ifa->ifa_broadcast = nla_get_in_addr(tb[IFA_BROADCAST]); 840 841 if (tb[IFA_LABEL]) 842 nla_strlcpy(ifa->ifa_label, tb[IFA_LABEL], IFNAMSIZ); 843 else 844 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ); 845 846 if (tb[IFA_RT_PRIORITY]) 847 ifa->ifa_rt_priority = nla_get_u32(tb[IFA_RT_PRIORITY]); 848 849 if (tb[IFA_CACHEINFO]) { 850 struct ifa_cacheinfo *ci; 851 852 ci = nla_data(tb[IFA_CACHEINFO]); 853 if (!ci->ifa_valid || ci->ifa_prefered > ci->ifa_valid) { 854 err = -EINVAL; 855 goto errout_free; 856 } 857 *pvalid_lft = ci->ifa_valid; 858 *pprefered_lft = ci->ifa_prefered; 859 } 860 861 return ifa; 862 863 errout_free: 864 inet_free_ifa(ifa); 865 errout: 866 return ERR_PTR(err); 867 } 868 869 static struct in_ifaddr *find_matching_ifa(struct in_ifaddr *ifa) 870 { 871 struct in_device *in_dev = ifa->ifa_dev; 872 struct in_ifaddr *ifa1, **ifap; 873 874 if (!ifa->ifa_local) 875 return NULL; 876 877 for (ifap = &in_dev->ifa_list; (ifa1 = *ifap) != NULL; 878 ifap = &ifa1->ifa_next) { 879 if (ifa1->ifa_mask == ifa->ifa_mask && 880 inet_ifa_match(ifa1->ifa_address, ifa) && 881 ifa1->ifa_local == ifa->ifa_local) 882 return ifa1; 883 } 884 return NULL; 885 } 886 887 static int inet_rtm_newaddr(struct sk_buff *skb, struct nlmsghdr *nlh, 888 struct netlink_ext_ack *extack) 889 { 890 struct net *net = sock_net(skb->sk); 891 struct in_ifaddr *ifa; 892 struct in_ifaddr *ifa_existing; 893 __u32 valid_lft = INFINITY_LIFE_TIME; 894 __u32 prefered_lft = INFINITY_LIFE_TIME; 895 896 ASSERT_RTNL(); 897 898 ifa = rtm_to_ifaddr(net, nlh, &valid_lft, &prefered_lft, extack); 899 if (IS_ERR(ifa)) 900 return PTR_ERR(ifa); 901 902 ifa_existing = find_matching_ifa(ifa); 903 if (!ifa_existing) { 904 /* It would be best to check for !NLM_F_CREATE here but 905 * userspace already relies on not having to provide this. 906 */ 907 set_ifa_lifetime(ifa, valid_lft, prefered_lft); 908 if (ifa->ifa_flags & IFA_F_MCAUTOJOIN) { 909 int ret = ip_mc_config(net->ipv4.mc_autojoin_sk, 910 true, ifa); 911 912 if (ret < 0) { 913 inet_free_ifa(ifa); 914 return ret; 915 } 916 } 917 return __inet_insert_ifa(ifa, nlh, NETLINK_CB(skb).portid, 918 extack); 919 } else { 920 u32 new_metric = ifa->ifa_rt_priority; 921 922 inet_free_ifa(ifa); 923 924 if (nlh->nlmsg_flags & NLM_F_EXCL || 925 !(nlh->nlmsg_flags & NLM_F_REPLACE)) 926 return -EEXIST; 927 ifa = ifa_existing; 928 929 if (ifa->ifa_rt_priority != new_metric) { 930 fib_modify_prefix_metric(ifa, new_metric); 931 ifa->ifa_rt_priority = new_metric; 932 } 933 934 set_ifa_lifetime(ifa, valid_lft, prefered_lft); 935 cancel_delayed_work(&check_lifetime_work); 936 queue_delayed_work(system_power_efficient_wq, 937 &check_lifetime_work, 0); 938 rtmsg_ifa(RTM_NEWADDR, ifa, nlh, NETLINK_CB(skb).portid); 939 } 940 return 0; 941 } 942 943 /* 944 * Determine a default network mask, based on the IP address. 945 */ 946 947 static int inet_abc_len(__be32 addr) 948 { 949 int rc = -1; /* Something else, probably a multicast. */ 950 951 if (ipv4_is_zeronet(addr) || ipv4_is_lbcast(addr)) 952 rc = 0; 953 else { 954 __u32 haddr = ntohl(addr); 955 if (IN_CLASSA(haddr)) 956 rc = 8; 957 else if (IN_CLASSB(haddr)) 958 rc = 16; 959 else if (IN_CLASSC(haddr)) 960 rc = 24; 961 else if (IN_CLASSE(haddr)) 962 rc = 32; 963 } 964 965 return rc; 966 } 967 968 969 int devinet_ioctl(struct net *net, unsigned int cmd, struct ifreq *ifr) 970 { 971 struct sockaddr_in sin_orig; 972 struct sockaddr_in *sin = (struct sockaddr_in *)&ifr->ifr_addr; 973 struct in_device *in_dev; 974 struct in_ifaddr **ifap = NULL; 975 struct in_ifaddr *ifa = NULL; 976 struct net_device *dev; 977 char *colon; 978 int ret = -EFAULT; 979 int tryaddrmatch = 0; 980 981 ifr->ifr_name[IFNAMSIZ - 1] = 0; 982 983 /* save original address for comparison */ 984 memcpy(&sin_orig, sin, sizeof(*sin)); 985 986 colon = strchr(ifr->ifr_name, ':'); 987 if (colon) 988 *colon = 0; 989 990 dev_load(net, ifr->ifr_name); 991 992 switch (cmd) { 993 case SIOCGIFADDR: /* Get interface address */ 994 case SIOCGIFBRDADDR: /* Get the broadcast address */ 995 case SIOCGIFDSTADDR: /* Get the destination address */ 996 case SIOCGIFNETMASK: /* Get the netmask for the interface */ 997 /* Note that these ioctls will not sleep, 998 so that we do not impose a lock. 999 One day we will be forced to put shlock here (I mean SMP) 1000 */ 1001 tryaddrmatch = (sin_orig.sin_family == AF_INET); 1002 memset(sin, 0, sizeof(*sin)); 1003 sin->sin_family = AF_INET; 1004 break; 1005 1006 case SIOCSIFFLAGS: 1007 ret = -EPERM; 1008 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) 1009 goto out; 1010 break; 1011 case SIOCSIFADDR: /* Set interface address (and family) */ 1012 case SIOCSIFBRDADDR: /* Set the broadcast address */ 1013 case SIOCSIFDSTADDR: /* Set the destination address */ 1014 case SIOCSIFNETMASK: /* Set the netmask for the interface */ 1015 ret = -EPERM; 1016 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) 1017 goto out; 1018 ret = -EINVAL; 1019 if (sin->sin_family != AF_INET) 1020 goto out; 1021 break; 1022 default: 1023 ret = -EINVAL; 1024 goto out; 1025 } 1026 1027 rtnl_lock(); 1028 1029 ret = -ENODEV; 1030 dev = __dev_get_by_name(net, ifr->ifr_name); 1031 if (!dev) 1032 goto done; 1033 1034 if (colon) 1035 *colon = ':'; 1036 1037 in_dev = __in_dev_get_rtnl(dev); 1038 if (in_dev) { 1039 if (tryaddrmatch) { 1040 /* Matthias Andree */ 1041 /* compare label and address (4.4BSD style) */ 1042 /* note: we only do this for a limited set of ioctls 1043 and only if the original address family was AF_INET. 1044 This is checked above. */ 1045 for (ifap = &in_dev->ifa_list; (ifa = *ifap) != NULL; 1046 ifap = &ifa->ifa_next) { 1047 if (!strcmp(ifr->ifr_name, ifa->ifa_label) && 1048 sin_orig.sin_addr.s_addr == 1049 ifa->ifa_local) { 1050 break; /* found */ 1051 } 1052 } 1053 } 1054 /* we didn't get a match, maybe the application is 1055 4.3BSD-style and passed in junk so we fall back to 1056 comparing just the label */ 1057 if (!ifa) { 1058 for (ifap = &in_dev->ifa_list; (ifa = *ifap) != NULL; 1059 ifap = &ifa->ifa_next) 1060 if (!strcmp(ifr->ifr_name, ifa->ifa_label)) 1061 break; 1062 } 1063 } 1064 1065 ret = -EADDRNOTAVAIL; 1066 if (!ifa && cmd != SIOCSIFADDR && cmd != SIOCSIFFLAGS) 1067 goto done; 1068 1069 switch (cmd) { 1070 case SIOCGIFADDR: /* Get interface address */ 1071 ret = 0; 1072 sin->sin_addr.s_addr = ifa->ifa_local; 1073 break; 1074 1075 case SIOCGIFBRDADDR: /* Get the broadcast address */ 1076 ret = 0; 1077 sin->sin_addr.s_addr = ifa->ifa_broadcast; 1078 break; 1079 1080 case SIOCGIFDSTADDR: /* Get the destination address */ 1081 ret = 0; 1082 sin->sin_addr.s_addr = ifa->ifa_address; 1083 break; 1084 1085 case SIOCGIFNETMASK: /* Get the netmask for the interface */ 1086 ret = 0; 1087 sin->sin_addr.s_addr = ifa->ifa_mask; 1088 break; 1089 1090 case SIOCSIFFLAGS: 1091 if (colon) { 1092 ret = -EADDRNOTAVAIL; 1093 if (!ifa) 1094 break; 1095 ret = 0; 1096 if (!(ifr->ifr_flags & IFF_UP)) 1097 inet_del_ifa(in_dev, ifap, 1); 1098 break; 1099 } 1100 ret = dev_change_flags(dev, ifr->ifr_flags, NULL); 1101 break; 1102 1103 case SIOCSIFADDR: /* Set interface address (and family) */ 1104 ret = -EINVAL; 1105 if (inet_abc_len(sin->sin_addr.s_addr) < 0) 1106 break; 1107 1108 if (!ifa) { 1109 ret = -ENOBUFS; 1110 ifa = inet_alloc_ifa(); 1111 if (!ifa) 1112 break; 1113 INIT_HLIST_NODE(&ifa->hash); 1114 if (colon) 1115 memcpy(ifa->ifa_label, ifr->ifr_name, IFNAMSIZ); 1116 else 1117 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ); 1118 } else { 1119 ret = 0; 1120 if (ifa->ifa_local == sin->sin_addr.s_addr) 1121 break; 1122 inet_del_ifa(in_dev, ifap, 0); 1123 ifa->ifa_broadcast = 0; 1124 ifa->ifa_scope = 0; 1125 } 1126 1127 ifa->ifa_address = ifa->ifa_local = sin->sin_addr.s_addr; 1128 1129 if (!(dev->flags & IFF_POINTOPOINT)) { 1130 ifa->ifa_prefixlen = inet_abc_len(ifa->ifa_address); 1131 ifa->ifa_mask = inet_make_mask(ifa->ifa_prefixlen); 1132 if ((dev->flags & IFF_BROADCAST) && 1133 ifa->ifa_prefixlen < 31) 1134 ifa->ifa_broadcast = ifa->ifa_address | 1135 ~ifa->ifa_mask; 1136 } else { 1137 ifa->ifa_prefixlen = 32; 1138 ifa->ifa_mask = inet_make_mask(32); 1139 } 1140 set_ifa_lifetime(ifa, INFINITY_LIFE_TIME, INFINITY_LIFE_TIME); 1141 ret = inet_set_ifa(dev, ifa); 1142 break; 1143 1144 case SIOCSIFBRDADDR: /* Set the broadcast address */ 1145 ret = 0; 1146 if (ifa->ifa_broadcast != sin->sin_addr.s_addr) { 1147 inet_del_ifa(in_dev, ifap, 0); 1148 ifa->ifa_broadcast = sin->sin_addr.s_addr; 1149 inet_insert_ifa(ifa); 1150 } 1151 break; 1152 1153 case SIOCSIFDSTADDR: /* Set the destination address */ 1154 ret = 0; 1155 if (ifa->ifa_address == sin->sin_addr.s_addr) 1156 break; 1157 ret = -EINVAL; 1158 if (inet_abc_len(sin->sin_addr.s_addr) < 0) 1159 break; 1160 ret = 0; 1161 inet_del_ifa(in_dev, ifap, 0); 1162 ifa->ifa_address = sin->sin_addr.s_addr; 1163 inet_insert_ifa(ifa); 1164 break; 1165 1166 case SIOCSIFNETMASK: /* Set the netmask for the interface */ 1167 1168 /* 1169 * The mask we set must be legal. 1170 */ 1171 ret = -EINVAL; 1172 if (bad_mask(sin->sin_addr.s_addr, 0)) 1173 break; 1174 ret = 0; 1175 if (ifa->ifa_mask != sin->sin_addr.s_addr) { 1176 __be32 old_mask = ifa->ifa_mask; 1177 inet_del_ifa(in_dev, ifap, 0); 1178 ifa->ifa_mask = sin->sin_addr.s_addr; 1179 ifa->ifa_prefixlen = inet_mask_len(ifa->ifa_mask); 1180 1181 /* See if current broadcast address matches 1182 * with current netmask, then recalculate 1183 * the broadcast address. Otherwise it's a 1184 * funny address, so don't touch it since 1185 * the user seems to know what (s)he's doing... 1186 */ 1187 if ((dev->flags & IFF_BROADCAST) && 1188 (ifa->ifa_prefixlen < 31) && 1189 (ifa->ifa_broadcast == 1190 (ifa->ifa_local|~old_mask))) { 1191 ifa->ifa_broadcast = (ifa->ifa_local | 1192 ~sin->sin_addr.s_addr); 1193 } 1194 inet_insert_ifa(ifa); 1195 } 1196 break; 1197 } 1198 done: 1199 rtnl_unlock(); 1200 out: 1201 return ret; 1202 } 1203 1204 static int inet_gifconf(struct net_device *dev, char __user *buf, int len, int size) 1205 { 1206 struct in_device *in_dev = __in_dev_get_rtnl(dev); 1207 struct in_ifaddr *ifa; 1208 struct ifreq ifr; 1209 int done = 0; 1210 1211 if (WARN_ON(size > sizeof(struct ifreq))) 1212 goto out; 1213 1214 if (!in_dev) 1215 goto out; 1216 1217 for (ifa = in_dev->ifa_list; ifa; ifa = ifa->ifa_next) { 1218 if (!buf) { 1219 done += size; 1220 continue; 1221 } 1222 if (len < size) 1223 break; 1224 memset(&ifr, 0, sizeof(struct ifreq)); 1225 strcpy(ifr.ifr_name, ifa->ifa_label); 1226 1227 (*(struct sockaddr_in *)&ifr.ifr_addr).sin_family = AF_INET; 1228 (*(struct sockaddr_in *)&ifr.ifr_addr).sin_addr.s_addr = 1229 ifa->ifa_local; 1230 1231 if (copy_to_user(buf + done, &ifr, size)) { 1232 done = -EFAULT; 1233 break; 1234 } 1235 len -= size; 1236 done += size; 1237 } 1238 out: 1239 return done; 1240 } 1241 1242 static __be32 in_dev_select_addr(const struct in_device *in_dev, 1243 int scope) 1244 { 1245 for_primary_ifa(in_dev) { 1246 if (ifa->ifa_scope != RT_SCOPE_LINK && 1247 ifa->ifa_scope <= scope) 1248 return ifa->ifa_local; 1249 } endfor_ifa(in_dev); 1250 1251 return 0; 1252 } 1253 1254 __be32 inet_select_addr(const struct net_device *dev, __be32 dst, int scope) 1255 { 1256 __be32 addr = 0; 1257 struct in_device *in_dev; 1258 struct net *net = dev_net(dev); 1259 int master_idx; 1260 1261 rcu_read_lock(); 1262 in_dev = __in_dev_get_rcu(dev); 1263 if (!in_dev) 1264 goto no_in_dev; 1265 1266 for_primary_ifa(in_dev) { 1267 if (ifa->ifa_scope > scope) 1268 continue; 1269 if (!dst || inet_ifa_match(dst, ifa)) { 1270 addr = ifa->ifa_local; 1271 break; 1272 } 1273 if (!addr) 1274 addr = ifa->ifa_local; 1275 } endfor_ifa(in_dev); 1276 1277 if (addr) 1278 goto out_unlock; 1279 no_in_dev: 1280 master_idx = l3mdev_master_ifindex_rcu(dev); 1281 1282 /* For VRFs, the VRF device takes the place of the loopback device, 1283 * with addresses on it being preferred. Note in such cases the 1284 * loopback device will be among the devices that fail the master_idx 1285 * equality check in the loop below. 1286 */ 1287 if (master_idx && 1288 (dev = dev_get_by_index_rcu(net, master_idx)) && 1289 (in_dev = __in_dev_get_rcu(dev))) { 1290 addr = in_dev_select_addr(in_dev, scope); 1291 if (addr) 1292 goto out_unlock; 1293 } 1294 1295 /* Not loopback addresses on loopback should be preferred 1296 in this case. It is important that lo is the first interface 1297 in dev_base list. 1298 */ 1299 for_each_netdev_rcu(net, dev) { 1300 if (l3mdev_master_ifindex_rcu(dev) != master_idx) 1301 continue; 1302 1303 in_dev = __in_dev_get_rcu(dev); 1304 if (!in_dev) 1305 continue; 1306 1307 addr = in_dev_select_addr(in_dev, scope); 1308 if (addr) 1309 goto out_unlock; 1310 } 1311 out_unlock: 1312 rcu_read_unlock(); 1313 return addr; 1314 } 1315 EXPORT_SYMBOL(inet_select_addr); 1316 1317 static __be32 confirm_addr_indev(struct in_device *in_dev, __be32 dst, 1318 __be32 local, int scope) 1319 { 1320 int same = 0; 1321 __be32 addr = 0; 1322 1323 for_ifa(in_dev) { 1324 if (!addr && 1325 (local == ifa->ifa_local || !local) && 1326 ifa->ifa_scope <= scope) { 1327 addr = ifa->ifa_local; 1328 if (same) 1329 break; 1330 } 1331 if (!same) { 1332 same = (!local || inet_ifa_match(local, ifa)) && 1333 (!dst || inet_ifa_match(dst, ifa)); 1334 if (same && addr) { 1335 if (local || !dst) 1336 break; 1337 /* Is the selected addr into dst subnet? */ 1338 if (inet_ifa_match(addr, ifa)) 1339 break; 1340 /* No, then can we use new local src? */ 1341 if (ifa->ifa_scope <= scope) { 1342 addr = ifa->ifa_local; 1343 break; 1344 } 1345 /* search for large dst subnet for addr */ 1346 same = 0; 1347 } 1348 } 1349 } endfor_ifa(in_dev); 1350 1351 return same ? addr : 0; 1352 } 1353 1354 /* 1355 * Confirm that local IP address exists using wildcards: 1356 * - net: netns to check, cannot be NULL 1357 * - in_dev: only on this interface, NULL=any interface 1358 * - dst: only in the same subnet as dst, 0=any dst 1359 * - local: address, 0=autoselect the local address 1360 * - scope: maximum allowed scope value for the local address 1361 */ 1362 __be32 inet_confirm_addr(struct net *net, struct in_device *in_dev, 1363 __be32 dst, __be32 local, int scope) 1364 { 1365 __be32 addr = 0; 1366 struct net_device *dev; 1367 1368 if (in_dev) 1369 return confirm_addr_indev(in_dev, dst, local, scope); 1370 1371 rcu_read_lock(); 1372 for_each_netdev_rcu(net, dev) { 1373 in_dev = __in_dev_get_rcu(dev); 1374 if (in_dev) { 1375 addr = confirm_addr_indev(in_dev, dst, local, scope); 1376 if (addr) 1377 break; 1378 } 1379 } 1380 rcu_read_unlock(); 1381 1382 return addr; 1383 } 1384 EXPORT_SYMBOL(inet_confirm_addr); 1385 1386 /* 1387 * Device notifier 1388 */ 1389 1390 int register_inetaddr_notifier(struct notifier_block *nb) 1391 { 1392 return blocking_notifier_chain_register(&inetaddr_chain, nb); 1393 } 1394 EXPORT_SYMBOL(register_inetaddr_notifier); 1395 1396 int unregister_inetaddr_notifier(struct notifier_block *nb) 1397 { 1398 return blocking_notifier_chain_unregister(&inetaddr_chain, nb); 1399 } 1400 EXPORT_SYMBOL(unregister_inetaddr_notifier); 1401 1402 int register_inetaddr_validator_notifier(struct notifier_block *nb) 1403 { 1404 return blocking_notifier_chain_register(&inetaddr_validator_chain, nb); 1405 } 1406 EXPORT_SYMBOL(register_inetaddr_validator_notifier); 1407 1408 int unregister_inetaddr_validator_notifier(struct notifier_block *nb) 1409 { 1410 return blocking_notifier_chain_unregister(&inetaddr_validator_chain, 1411 nb); 1412 } 1413 EXPORT_SYMBOL(unregister_inetaddr_validator_notifier); 1414 1415 /* Rename ifa_labels for a device name change. Make some effort to preserve 1416 * existing alias numbering and to create unique labels if possible. 1417 */ 1418 static void inetdev_changename(struct net_device *dev, struct in_device *in_dev) 1419 { 1420 struct in_ifaddr *ifa; 1421 int named = 0; 1422 1423 for (ifa = in_dev->ifa_list; ifa; ifa = ifa->ifa_next) { 1424 char old[IFNAMSIZ], *dot; 1425 1426 memcpy(old, ifa->ifa_label, IFNAMSIZ); 1427 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ); 1428 if (named++ == 0) 1429 goto skip; 1430 dot = strchr(old, ':'); 1431 if (!dot) { 1432 sprintf(old, ":%d", named); 1433 dot = old; 1434 } 1435 if (strlen(dot) + strlen(dev->name) < IFNAMSIZ) 1436 strcat(ifa->ifa_label, dot); 1437 else 1438 strcpy(ifa->ifa_label + (IFNAMSIZ - strlen(dot) - 1), dot); 1439 skip: 1440 rtmsg_ifa(RTM_NEWADDR, ifa, NULL, 0); 1441 } 1442 } 1443 1444 static bool inetdev_valid_mtu(unsigned int mtu) 1445 { 1446 return mtu >= IPV4_MIN_MTU; 1447 } 1448 1449 static void inetdev_send_gratuitous_arp(struct net_device *dev, 1450 struct in_device *in_dev) 1451 1452 { 1453 struct in_ifaddr *ifa; 1454 1455 for (ifa = in_dev->ifa_list; ifa; 1456 ifa = ifa->ifa_next) { 1457 arp_send(ARPOP_REQUEST, ETH_P_ARP, 1458 ifa->ifa_local, dev, 1459 ifa->ifa_local, NULL, 1460 dev->dev_addr, NULL); 1461 } 1462 } 1463 1464 /* Called only under RTNL semaphore */ 1465 1466 static int inetdev_event(struct notifier_block *this, unsigned long event, 1467 void *ptr) 1468 { 1469 struct net_device *dev = netdev_notifier_info_to_dev(ptr); 1470 struct in_device *in_dev = __in_dev_get_rtnl(dev); 1471 1472 ASSERT_RTNL(); 1473 1474 if (!in_dev) { 1475 if (event == NETDEV_REGISTER) { 1476 in_dev = inetdev_init(dev); 1477 if (IS_ERR(in_dev)) 1478 return notifier_from_errno(PTR_ERR(in_dev)); 1479 if (dev->flags & IFF_LOOPBACK) { 1480 IN_DEV_CONF_SET(in_dev, NOXFRM, 1); 1481 IN_DEV_CONF_SET(in_dev, NOPOLICY, 1); 1482 } 1483 } else if (event == NETDEV_CHANGEMTU) { 1484 /* Re-enabling IP */ 1485 if (inetdev_valid_mtu(dev->mtu)) 1486 in_dev = inetdev_init(dev); 1487 } 1488 goto out; 1489 } 1490 1491 switch (event) { 1492 case NETDEV_REGISTER: 1493 pr_debug("%s: bug\n", __func__); 1494 RCU_INIT_POINTER(dev->ip_ptr, NULL); 1495 break; 1496 case NETDEV_UP: 1497 if (!inetdev_valid_mtu(dev->mtu)) 1498 break; 1499 if (dev->flags & IFF_LOOPBACK) { 1500 struct in_ifaddr *ifa = inet_alloc_ifa(); 1501 1502 if (ifa) { 1503 INIT_HLIST_NODE(&ifa->hash); 1504 ifa->ifa_local = 1505 ifa->ifa_address = htonl(INADDR_LOOPBACK); 1506 ifa->ifa_prefixlen = 8; 1507 ifa->ifa_mask = inet_make_mask(8); 1508 in_dev_hold(in_dev); 1509 ifa->ifa_dev = in_dev; 1510 ifa->ifa_scope = RT_SCOPE_HOST; 1511 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ); 1512 set_ifa_lifetime(ifa, INFINITY_LIFE_TIME, 1513 INFINITY_LIFE_TIME); 1514 ipv4_devconf_setall(in_dev); 1515 neigh_parms_data_state_setall(in_dev->arp_parms); 1516 inet_insert_ifa(ifa); 1517 } 1518 } 1519 ip_mc_up(in_dev); 1520 /* fall through */ 1521 case NETDEV_CHANGEADDR: 1522 if (!IN_DEV_ARP_NOTIFY(in_dev)) 1523 break; 1524 /* fall through */ 1525 case NETDEV_NOTIFY_PEERS: 1526 /* Send gratuitous ARP to notify of link change */ 1527 inetdev_send_gratuitous_arp(dev, in_dev); 1528 break; 1529 case NETDEV_DOWN: 1530 ip_mc_down(in_dev); 1531 break; 1532 case NETDEV_PRE_TYPE_CHANGE: 1533 ip_mc_unmap(in_dev); 1534 break; 1535 case NETDEV_POST_TYPE_CHANGE: 1536 ip_mc_remap(in_dev); 1537 break; 1538 case NETDEV_CHANGEMTU: 1539 if (inetdev_valid_mtu(dev->mtu)) 1540 break; 1541 /* disable IP when MTU is not enough */ 1542 /* fall through */ 1543 case NETDEV_UNREGISTER: 1544 inetdev_destroy(in_dev); 1545 break; 1546 case NETDEV_CHANGENAME: 1547 /* Do not notify about label change, this event is 1548 * not interesting to applications using netlink. 1549 */ 1550 inetdev_changename(dev, in_dev); 1551 1552 devinet_sysctl_unregister(in_dev); 1553 devinet_sysctl_register(in_dev); 1554 break; 1555 } 1556 out: 1557 return NOTIFY_DONE; 1558 } 1559 1560 static struct notifier_block ip_netdev_notifier = { 1561 .notifier_call = inetdev_event, 1562 }; 1563 1564 static size_t inet_nlmsg_size(void) 1565 { 1566 return NLMSG_ALIGN(sizeof(struct ifaddrmsg)) 1567 + nla_total_size(4) /* IFA_ADDRESS */ 1568 + nla_total_size(4) /* IFA_LOCAL */ 1569 + nla_total_size(4) /* IFA_BROADCAST */ 1570 + nla_total_size(IFNAMSIZ) /* IFA_LABEL */ 1571 + nla_total_size(4) /* IFA_FLAGS */ 1572 + nla_total_size(4) /* IFA_RT_PRIORITY */ 1573 + nla_total_size(sizeof(struct ifa_cacheinfo)); /* IFA_CACHEINFO */ 1574 } 1575 1576 static inline u32 cstamp_delta(unsigned long cstamp) 1577 { 1578 return (cstamp - INITIAL_JIFFIES) * 100UL / HZ; 1579 } 1580 1581 static int put_cacheinfo(struct sk_buff *skb, unsigned long cstamp, 1582 unsigned long tstamp, u32 preferred, u32 valid) 1583 { 1584 struct ifa_cacheinfo ci; 1585 1586 ci.cstamp = cstamp_delta(cstamp); 1587 ci.tstamp = cstamp_delta(tstamp); 1588 ci.ifa_prefered = preferred; 1589 ci.ifa_valid = valid; 1590 1591 return nla_put(skb, IFA_CACHEINFO, sizeof(ci), &ci); 1592 } 1593 1594 static int inet_fill_ifaddr(struct sk_buff *skb, struct in_ifaddr *ifa, 1595 struct inet_fill_args *args) 1596 { 1597 struct ifaddrmsg *ifm; 1598 struct nlmsghdr *nlh; 1599 u32 preferred, valid; 1600 1601 nlh = nlmsg_put(skb, args->portid, args->seq, args->event, sizeof(*ifm), 1602 args->flags); 1603 if (!nlh) 1604 return -EMSGSIZE; 1605 1606 ifm = nlmsg_data(nlh); 1607 ifm->ifa_family = AF_INET; 1608 ifm->ifa_prefixlen = ifa->ifa_prefixlen; 1609 ifm->ifa_flags = ifa->ifa_flags; 1610 ifm->ifa_scope = ifa->ifa_scope; 1611 ifm->ifa_index = ifa->ifa_dev->dev->ifindex; 1612 1613 if (args->netnsid >= 0 && 1614 nla_put_s32(skb, IFA_TARGET_NETNSID, args->netnsid)) 1615 goto nla_put_failure; 1616 1617 if (!(ifm->ifa_flags & IFA_F_PERMANENT)) { 1618 preferred = ifa->ifa_preferred_lft; 1619 valid = ifa->ifa_valid_lft; 1620 if (preferred != INFINITY_LIFE_TIME) { 1621 long tval = (jiffies - ifa->ifa_tstamp) / HZ; 1622 1623 if (preferred > tval) 1624 preferred -= tval; 1625 else 1626 preferred = 0; 1627 if (valid != INFINITY_LIFE_TIME) { 1628 if (valid > tval) 1629 valid -= tval; 1630 else 1631 valid = 0; 1632 } 1633 } 1634 } else { 1635 preferred = INFINITY_LIFE_TIME; 1636 valid = INFINITY_LIFE_TIME; 1637 } 1638 if ((ifa->ifa_address && 1639 nla_put_in_addr(skb, IFA_ADDRESS, ifa->ifa_address)) || 1640 (ifa->ifa_local && 1641 nla_put_in_addr(skb, IFA_LOCAL, ifa->ifa_local)) || 1642 (ifa->ifa_broadcast && 1643 nla_put_in_addr(skb, IFA_BROADCAST, ifa->ifa_broadcast)) || 1644 (ifa->ifa_label[0] && 1645 nla_put_string(skb, IFA_LABEL, ifa->ifa_label)) || 1646 nla_put_u32(skb, IFA_FLAGS, ifa->ifa_flags) || 1647 (ifa->ifa_rt_priority && 1648 nla_put_u32(skb, IFA_RT_PRIORITY, ifa->ifa_rt_priority)) || 1649 put_cacheinfo(skb, ifa->ifa_cstamp, ifa->ifa_tstamp, 1650 preferred, valid)) 1651 goto nla_put_failure; 1652 1653 nlmsg_end(skb, nlh); 1654 return 0; 1655 1656 nla_put_failure: 1657 nlmsg_cancel(skb, nlh); 1658 return -EMSGSIZE; 1659 } 1660 1661 static int inet_valid_dump_ifaddr_req(const struct nlmsghdr *nlh, 1662 struct inet_fill_args *fillargs, 1663 struct net **tgt_net, struct sock *sk, 1664 struct netlink_callback *cb) 1665 { 1666 struct netlink_ext_ack *extack = cb->extack; 1667 struct nlattr *tb[IFA_MAX+1]; 1668 struct ifaddrmsg *ifm; 1669 int err, i; 1670 1671 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*ifm))) { 1672 NL_SET_ERR_MSG(extack, "ipv4: Invalid header for address dump request"); 1673 return -EINVAL; 1674 } 1675 1676 ifm = nlmsg_data(nlh); 1677 if (ifm->ifa_prefixlen || ifm->ifa_flags || ifm->ifa_scope) { 1678 NL_SET_ERR_MSG(extack, "ipv4: Invalid values in header for address dump request"); 1679 return -EINVAL; 1680 } 1681 1682 fillargs->ifindex = ifm->ifa_index; 1683 if (fillargs->ifindex) { 1684 cb->answer_flags |= NLM_F_DUMP_FILTERED; 1685 fillargs->flags |= NLM_F_DUMP_FILTERED; 1686 } 1687 1688 err = nlmsg_parse_deprecated_strict(nlh, sizeof(*ifm), tb, IFA_MAX, 1689 ifa_ipv4_policy, extack); 1690 if (err < 0) 1691 return err; 1692 1693 for (i = 0; i <= IFA_MAX; ++i) { 1694 if (!tb[i]) 1695 continue; 1696 1697 if (i == IFA_TARGET_NETNSID) { 1698 struct net *net; 1699 1700 fillargs->netnsid = nla_get_s32(tb[i]); 1701 1702 net = rtnl_get_net_ns_capable(sk, fillargs->netnsid); 1703 if (IS_ERR(net)) { 1704 fillargs->netnsid = -1; 1705 NL_SET_ERR_MSG(extack, "ipv4: Invalid target network namespace id"); 1706 return PTR_ERR(net); 1707 } 1708 *tgt_net = net; 1709 } else { 1710 NL_SET_ERR_MSG(extack, "ipv4: Unsupported attribute in dump request"); 1711 return -EINVAL; 1712 } 1713 } 1714 1715 return 0; 1716 } 1717 1718 static int in_dev_dump_addr(struct in_device *in_dev, struct sk_buff *skb, 1719 struct netlink_callback *cb, int s_ip_idx, 1720 struct inet_fill_args *fillargs) 1721 { 1722 struct in_ifaddr *ifa; 1723 int ip_idx = 0; 1724 int err; 1725 1726 for (ifa = in_dev->ifa_list; ifa; ifa = ifa->ifa_next, ip_idx++) { 1727 if (ip_idx < s_ip_idx) 1728 continue; 1729 1730 err = inet_fill_ifaddr(skb, ifa, fillargs); 1731 if (err < 0) 1732 goto done; 1733 1734 nl_dump_check_consistent(cb, nlmsg_hdr(skb)); 1735 } 1736 err = 0; 1737 1738 done: 1739 cb->args[2] = ip_idx; 1740 1741 return err; 1742 } 1743 1744 static int inet_dump_ifaddr(struct sk_buff *skb, struct netlink_callback *cb) 1745 { 1746 const struct nlmsghdr *nlh = cb->nlh; 1747 struct inet_fill_args fillargs = { 1748 .portid = NETLINK_CB(cb->skb).portid, 1749 .seq = nlh->nlmsg_seq, 1750 .event = RTM_NEWADDR, 1751 .flags = NLM_F_MULTI, 1752 .netnsid = -1, 1753 }; 1754 struct net *net = sock_net(skb->sk); 1755 struct net *tgt_net = net; 1756 int h, s_h; 1757 int idx, s_idx; 1758 int s_ip_idx; 1759 struct net_device *dev; 1760 struct in_device *in_dev; 1761 struct hlist_head *head; 1762 int err = 0; 1763 1764 s_h = cb->args[0]; 1765 s_idx = idx = cb->args[1]; 1766 s_ip_idx = cb->args[2]; 1767 1768 if (cb->strict_check) { 1769 err = inet_valid_dump_ifaddr_req(nlh, &fillargs, &tgt_net, 1770 skb->sk, cb); 1771 if (err < 0) 1772 goto put_tgt_net; 1773 1774 err = 0; 1775 if (fillargs.ifindex) { 1776 dev = __dev_get_by_index(tgt_net, fillargs.ifindex); 1777 if (!dev) { 1778 err = -ENODEV; 1779 goto put_tgt_net; 1780 } 1781 1782 in_dev = __in_dev_get_rtnl(dev); 1783 if (in_dev) { 1784 err = in_dev_dump_addr(in_dev, skb, cb, s_ip_idx, 1785 &fillargs); 1786 } 1787 goto put_tgt_net; 1788 } 1789 } 1790 1791 for (h = s_h; h < NETDEV_HASHENTRIES; h++, s_idx = 0) { 1792 idx = 0; 1793 head = &tgt_net->dev_index_head[h]; 1794 rcu_read_lock(); 1795 cb->seq = atomic_read(&tgt_net->ipv4.dev_addr_genid) ^ 1796 tgt_net->dev_base_seq; 1797 hlist_for_each_entry_rcu(dev, head, index_hlist) { 1798 if (idx < s_idx) 1799 goto cont; 1800 if (h > s_h || idx > s_idx) 1801 s_ip_idx = 0; 1802 in_dev = __in_dev_get_rcu(dev); 1803 if (!in_dev) 1804 goto cont; 1805 1806 err = in_dev_dump_addr(in_dev, skb, cb, s_ip_idx, 1807 &fillargs); 1808 if (err < 0) { 1809 rcu_read_unlock(); 1810 goto done; 1811 } 1812 cont: 1813 idx++; 1814 } 1815 rcu_read_unlock(); 1816 } 1817 1818 done: 1819 cb->args[0] = h; 1820 cb->args[1] = idx; 1821 put_tgt_net: 1822 if (fillargs.netnsid >= 0) 1823 put_net(tgt_net); 1824 1825 return skb->len ? : err; 1826 } 1827 1828 static void rtmsg_ifa(int event, struct in_ifaddr *ifa, struct nlmsghdr *nlh, 1829 u32 portid) 1830 { 1831 struct inet_fill_args fillargs = { 1832 .portid = portid, 1833 .seq = nlh ? nlh->nlmsg_seq : 0, 1834 .event = event, 1835 .flags = 0, 1836 .netnsid = -1, 1837 }; 1838 struct sk_buff *skb; 1839 int err = -ENOBUFS; 1840 struct net *net; 1841 1842 net = dev_net(ifa->ifa_dev->dev); 1843 skb = nlmsg_new(inet_nlmsg_size(), GFP_KERNEL); 1844 if (!skb) 1845 goto errout; 1846 1847 err = inet_fill_ifaddr(skb, ifa, &fillargs); 1848 if (err < 0) { 1849 /* -EMSGSIZE implies BUG in inet_nlmsg_size() */ 1850 WARN_ON(err == -EMSGSIZE); 1851 kfree_skb(skb); 1852 goto errout; 1853 } 1854 rtnl_notify(skb, net, portid, RTNLGRP_IPV4_IFADDR, nlh, GFP_KERNEL); 1855 return; 1856 errout: 1857 if (err < 0) 1858 rtnl_set_sk_err(net, RTNLGRP_IPV4_IFADDR, err); 1859 } 1860 1861 static size_t inet_get_link_af_size(const struct net_device *dev, 1862 u32 ext_filter_mask) 1863 { 1864 struct in_device *in_dev = rcu_dereference_rtnl(dev->ip_ptr); 1865 1866 if (!in_dev) 1867 return 0; 1868 1869 return nla_total_size(IPV4_DEVCONF_MAX * 4); /* IFLA_INET_CONF */ 1870 } 1871 1872 static int inet_fill_link_af(struct sk_buff *skb, const struct net_device *dev, 1873 u32 ext_filter_mask) 1874 { 1875 struct in_device *in_dev = rcu_dereference_rtnl(dev->ip_ptr); 1876 struct nlattr *nla; 1877 int i; 1878 1879 if (!in_dev) 1880 return -ENODATA; 1881 1882 nla = nla_reserve(skb, IFLA_INET_CONF, IPV4_DEVCONF_MAX * 4); 1883 if (!nla) 1884 return -EMSGSIZE; 1885 1886 for (i = 0; i < IPV4_DEVCONF_MAX; i++) 1887 ((u32 *) nla_data(nla))[i] = in_dev->cnf.data[i]; 1888 1889 return 0; 1890 } 1891 1892 static const struct nla_policy inet_af_policy[IFLA_INET_MAX+1] = { 1893 [IFLA_INET_CONF] = { .type = NLA_NESTED }, 1894 }; 1895 1896 static int inet_validate_link_af(const struct net_device *dev, 1897 const struct nlattr *nla) 1898 { 1899 struct nlattr *a, *tb[IFLA_INET_MAX+1]; 1900 int err, rem; 1901 1902 if (dev && !__in_dev_get_rcu(dev)) 1903 return -EAFNOSUPPORT; 1904 1905 err = nla_parse_nested_deprecated(tb, IFLA_INET_MAX, nla, 1906 inet_af_policy, NULL); 1907 if (err < 0) 1908 return err; 1909 1910 if (tb[IFLA_INET_CONF]) { 1911 nla_for_each_nested(a, tb[IFLA_INET_CONF], rem) { 1912 int cfgid = nla_type(a); 1913 1914 if (nla_len(a) < 4) 1915 return -EINVAL; 1916 1917 if (cfgid <= 0 || cfgid > IPV4_DEVCONF_MAX) 1918 return -EINVAL; 1919 } 1920 } 1921 1922 return 0; 1923 } 1924 1925 static int inet_set_link_af(struct net_device *dev, const struct nlattr *nla) 1926 { 1927 struct in_device *in_dev = __in_dev_get_rcu(dev); 1928 struct nlattr *a, *tb[IFLA_INET_MAX+1]; 1929 int rem; 1930 1931 if (!in_dev) 1932 return -EAFNOSUPPORT; 1933 1934 if (nla_parse_nested_deprecated(tb, IFLA_INET_MAX, nla, NULL, NULL) < 0) 1935 BUG(); 1936 1937 if (tb[IFLA_INET_CONF]) { 1938 nla_for_each_nested(a, tb[IFLA_INET_CONF], rem) 1939 ipv4_devconf_set(in_dev, nla_type(a), nla_get_u32(a)); 1940 } 1941 1942 return 0; 1943 } 1944 1945 static int inet_netconf_msgsize_devconf(int type) 1946 { 1947 int size = NLMSG_ALIGN(sizeof(struct netconfmsg)) 1948 + nla_total_size(4); /* NETCONFA_IFINDEX */ 1949 bool all = false; 1950 1951 if (type == NETCONFA_ALL) 1952 all = true; 1953 1954 if (all || type == NETCONFA_FORWARDING) 1955 size += nla_total_size(4); 1956 if (all || type == NETCONFA_RP_FILTER) 1957 size += nla_total_size(4); 1958 if (all || type == NETCONFA_MC_FORWARDING) 1959 size += nla_total_size(4); 1960 if (all || type == NETCONFA_BC_FORWARDING) 1961 size += nla_total_size(4); 1962 if (all || type == NETCONFA_PROXY_NEIGH) 1963 size += nla_total_size(4); 1964 if (all || type == NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN) 1965 size += nla_total_size(4); 1966 1967 return size; 1968 } 1969 1970 static int inet_netconf_fill_devconf(struct sk_buff *skb, int ifindex, 1971 struct ipv4_devconf *devconf, u32 portid, 1972 u32 seq, int event, unsigned int flags, 1973 int type) 1974 { 1975 struct nlmsghdr *nlh; 1976 struct netconfmsg *ncm; 1977 bool all = false; 1978 1979 nlh = nlmsg_put(skb, portid, seq, event, sizeof(struct netconfmsg), 1980 flags); 1981 if (!nlh) 1982 return -EMSGSIZE; 1983 1984 if (type == NETCONFA_ALL) 1985 all = true; 1986 1987 ncm = nlmsg_data(nlh); 1988 ncm->ncm_family = AF_INET; 1989 1990 if (nla_put_s32(skb, NETCONFA_IFINDEX, ifindex) < 0) 1991 goto nla_put_failure; 1992 1993 if (!devconf) 1994 goto out; 1995 1996 if ((all || type == NETCONFA_FORWARDING) && 1997 nla_put_s32(skb, NETCONFA_FORWARDING, 1998 IPV4_DEVCONF(*devconf, FORWARDING)) < 0) 1999 goto nla_put_failure; 2000 if ((all || type == NETCONFA_RP_FILTER) && 2001 nla_put_s32(skb, NETCONFA_RP_FILTER, 2002 IPV4_DEVCONF(*devconf, RP_FILTER)) < 0) 2003 goto nla_put_failure; 2004 if ((all || type == NETCONFA_MC_FORWARDING) && 2005 nla_put_s32(skb, NETCONFA_MC_FORWARDING, 2006 IPV4_DEVCONF(*devconf, MC_FORWARDING)) < 0) 2007 goto nla_put_failure; 2008 if ((all || type == NETCONFA_BC_FORWARDING) && 2009 nla_put_s32(skb, NETCONFA_BC_FORWARDING, 2010 IPV4_DEVCONF(*devconf, BC_FORWARDING)) < 0) 2011 goto nla_put_failure; 2012 if ((all || type == NETCONFA_PROXY_NEIGH) && 2013 nla_put_s32(skb, NETCONFA_PROXY_NEIGH, 2014 IPV4_DEVCONF(*devconf, PROXY_ARP)) < 0) 2015 goto nla_put_failure; 2016 if ((all || type == NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN) && 2017 nla_put_s32(skb, NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN, 2018 IPV4_DEVCONF(*devconf, IGNORE_ROUTES_WITH_LINKDOWN)) < 0) 2019 goto nla_put_failure; 2020 2021 out: 2022 nlmsg_end(skb, nlh); 2023 return 0; 2024 2025 nla_put_failure: 2026 nlmsg_cancel(skb, nlh); 2027 return -EMSGSIZE; 2028 } 2029 2030 void inet_netconf_notify_devconf(struct net *net, int event, int type, 2031 int ifindex, struct ipv4_devconf *devconf) 2032 { 2033 struct sk_buff *skb; 2034 int err = -ENOBUFS; 2035 2036 skb = nlmsg_new(inet_netconf_msgsize_devconf(type), GFP_KERNEL); 2037 if (!skb) 2038 goto errout; 2039 2040 err = inet_netconf_fill_devconf(skb, ifindex, devconf, 0, 0, 2041 event, 0, type); 2042 if (err < 0) { 2043 /* -EMSGSIZE implies BUG in inet_netconf_msgsize_devconf() */ 2044 WARN_ON(err == -EMSGSIZE); 2045 kfree_skb(skb); 2046 goto errout; 2047 } 2048 rtnl_notify(skb, net, 0, RTNLGRP_IPV4_NETCONF, NULL, GFP_KERNEL); 2049 return; 2050 errout: 2051 if (err < 0) 2052 rtnl_set_sk_err(net, RTNLGRP_IPV4_NETCONF, err); 2053 } 2054 2055 static const struct nla_policy devconf_ipv4_policy[NETCONFA_MAX+1] = { 2056 [NETCONFA_IFINDEX] = { .len = sizeof(int) }, 2057 [NETCONFA_FORWARDING] = { .len = sizeof(int) }, 2058 [NETCONFA_RP_FILTER] = { .len = sizeof(int) }, 2059 [NETCONFA_PROXY_NEIGH] = { .len = sizeof(int) }, 2060 [NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN] = { .len = sizeof(int) }, 2061 }; 2062 2063 static int inet_netconf_valid_get_req(struct sk_buff *skb, 2064 const struct nlmsghdr *nlh, 2065 struct nlattr **tb, 2066 struct netlink_ext_ack *extack) 2067 { 2068 int i, err; 2069 2070 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(struct netconfmsg))) { 2071 NL_SET_ERR_MSG(extack, "ipv4: Invalid header for netconf get request"); 2072 return -EINVAL; 2073 } 2074 2075 if (!netlink_strict_get_check(skb)) 2076 return nlmsg_parse_deprecated(nlh, sizeof(struct netconfmsg), 2077 tb, NETCONFA_MAX, 2078 devconf_ipv4_policy, extack); 2079 2080 err = nlmsg_parse_deprecated_strict(nlh, sizeof(struct netconfmsg), 2081 tb, NETCONFA_MAX, 2082 devconf_ipv4_policy, extack); 2083 if (err) 2084 return err; 2085 2086 for (i = 0; i <= NETCONFA_MAX; i++) { 2087 if (!tb[i]) 2088 continue; 2089 2090 switch (i) { 2091 case NETCONFA_IFINDEX: 2092 break; 2093 default: 2094 NL_SET_ERR_MSG(extack, "ipv4: Unsupported attribute in netconf get request"); 2095 return -EINVAL; 2096 } 2097 } 2098 2099 return 0; 2100 } 2101 2102 static int inet_netconf_get_devconf(struct sk_buff *in_skb, 2103 struct nlmsghdr *nlh, 2104 struct netlink_ext_ack *extack) 2105 { 2106 struct net *net = sock_net(in_skb->sk); 2107 struct nlattr *tb[NETCONFA_MAX+1]; 2108 struct sk_buff *skb; 2109 struct ipv4_devconf *devconf; 2110 struct in_device *in_dev; 2111 struct net_device *dev; 2112 int ifindex; 2113 int err; 2114 2115 err = inet_netconf_valid_get_req(in_skb, nlh, tb, extack); 2116 if (err) 2117 goto errout; 2118 2119 err = -EINVAL; 2120 if (!tb[NETCONFA_IFINDEX]) 2121 goto errout; 2122 2123 ifindex = nla_get_s32(tb[NETCONFA_IFINDEX]); 2124 switch (ifindex) { 2125 case NETCONFA_IFINDEX_ALL: 2126 devconf = net->ipv4.devconf_all; 2127 break; 2128 case NETCONFA_IFINDEX_DEFAULT: 2129 devconf = net->ipv4.devconf_dflt; 2130 break; 2131 default: 2132 dev = __dev_get_by_index(net, ifindex); 2133 if (!dev) 2134 goto errout; 2135 in_dev = __in_dev_get_rtnl(dev); 2136 if (!in_dev) 2137 goto errout; 2138 devconf = &in_dev->cnf; 2139 break; 2140 } 2141 2142 err = -ENOBUFS; 2143 skb = nlmsg_new(inet_netconf_msgsize_devconf(NETCONFA_ALL), GFP_KERNEL); 2144 if (!skb) 2145 goto errout; 2146 2147 err = inet_netconf_fill_devconf(skb, ifindex, devconf, 2148 NETLINK_CB(in_skb).portid, 2149 nlh->nlmsg_seq, RTM_NEWNETCONF, 0, 2150 NETCONFA_ALL); 2151 if (err < 0) { 2152 /* -EMSGSIZE implies BUG in inet_netconf_msgsize_devconf() */ 2153 WARN_ON(err == -EMSGSIZE); 2154 kfree_skb(skb); 2155 goto errout; 2156 } 2157 err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).portid); 2158 errout: 2159 return err; 2160 } 2161 2162 static int inet_netconf_dump_devconf(struct sk_buff *skb, 2163 struct netlink_callback *cb) 2164 { 2165 const struct nlmsghdr *nlh = cb->nlh; 2166 struct net *net = sock_net(skb->sk); 2167 int h, s_h; 2168 int idx, s_idx; 2169 struct net_device *dev; 2170 struct in_device *in_dev; 2171 struct hlist_head *head; 2172 2173 if (cb->strict_check) { 2174 struct netlink_ext_ack *extack = cb->extack; 2175 struct netconfmsg *ncm; 2176 2177 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*ncm))) { 2178 NL_SET_ERR_MSG(extack, "ipv4: Invalid header for netconf dump request"); 2179 return -EINVAL; 2180 } 2181 2182 if (nlmsg_attrlen(nlh, sizeof(*ncm))) { 2183 NL_SET_ERR_MSG(extack, "ipv4: Invalid data after header in netconf dump request"); 2184 return -EINVAL; 2185 } 2186 } 2187 2188 s_h = cb->args[0]; 2189 s_idx = idx = cb->args[1]; 2190 2191 for (h = s_h; h < NETDEV_HASHENTRIES; h++, s_idx = 0) { 2192 idx = 0; 2193 head = &net->dev_index_head[h]; 2194 rcu_read_lock(); 2195 cb->seq = atomic_read(&net->ipv4.dev_addr_genid) ^ 2196 net->dev_base_seq; 2197 hlist_for_each_entry_rcu(dev, head, index_hlist) { 2198 if (idx < s_idx) 2199 goto cont; 2200 in_dev = __in_dev_get_rcu(dev); 2201 if (!in_dev) 2202 goto cont; 2203 2204 if (inet_netconf_fill_devconf(skb, dev->ifindex, 2205 &in_dev->cnf, 2206 NETLINK_CB(cb->skb).portid, 2207 nlh->nlmsg_seq, 2208 RTM_NEWNETCONF, 2209 NLM_F_MULTI, 2210 NETCONFA_ALL) < 0) { 2211 rcu_read_unlock(); 2212 goto done; 2213 } 2214 nl_dump_check_consistent(cb, nlmsg_hdr(skb)); 2215 cont: 2216 idx++; 2217 } 2218 rcu_read_unlock(); 2219 } 2220 if (h == NETDEV_HASHENTRIES) { 2221 if (inet_netconf_fill_devconf(skb, NETCONFA_IFINDEX_ALL, 2222 net->ipv4.devconf_all, 2223 NETLINK_CB(cb->skb).portid, 2224 nlh->nlmsg_seq, 2225 RTM_NEWNETCONF, NLM_F_MULTI, 2226 NETCONFA_ALL) < 0) 2227 goto done; 2228 else 2229 h++; 2230 } 2231 if (h == NETDEV_HASHENTRIES + 1) { 2232 if (inet_netconf_fill_devconf(skb, NETCONFA_IFINDEX_DEFAULT, 2233 net->ipv4.devconf_dflt, 2234 NETLINK_CB(cb->skb).portid, 2235 nlh->nlmsg_seq, 2236 RTM_NEWNETCONF, NLM_F_MULTI, 2237 NETCONFA_ALL) < 0) 2238 goto done; 2239 else 2240 h++; 2241 } 2242 done: 2243 cb->args[0] = h; 2244 cb->args[1] = idx; 2245 2246 return skb->len; 2247 } 2248 2249 #ifdef CONFIG_SYSCTL 2250 2251 static void devinet_copy_dflt_conf(struct net *net, int i) 2252 { 2253 struct net_device *dev; 2254 2255 rcu_read_lock(); 2256 for_each_netdev_rcu(net, dev) { 2257 struct in_device *in_dev; 2258 2259 in_dev = __in_dev_get_rcu(dev); 2260 if (in_dev && !test_bit(i, in_dev->cnf.state)) 2261 in_dev->cnf.data[i] = net->ipv4.devconf_dflt->data[i]; 2262 } 2263 rcu_read_unlock(); 2264 } 2265 2266 /* called with RTNL locked */ 2267 static void inet_forward_change(struct net *net) 2268 { 2269 struct net_device *dev; 2270 int on = IPV4_DEVCONF_ALL(net, FORWARDING); 2271 2272 IPV4_DEVCONF_ALL(net, ACCEPT_REDIRECTS) = !on; 2273 IPV4_DEVCONF_DFLT(net, FORWARDING) = on; 2274 inet_netconf_notify_devconf(net, RTM_NEWNETCONF, 2275 NETCONFA_FORWARDING, 2276 NETCONFA_IFINDEX_ALL, 2277 net->ipv4.devconf_all); 2278 inet_netconf_notify_devconf(net, RTM_NEWNETCONF, 2279 NETCONFA_FORWARDING, 2280 NETCONFA_IFINDEX_DEFAULT, 2281 net->ipv4.devconf_dflt); 2282 2283 for_each_netdev(net, dev) { 2284 struct in_device *in_dev; 2285 2286 if (on) 2287 dev_disable_lro(dev); 2288 2289 in_dev = __in_dev_get_rtnl(dev); 2290 if (in_dev) { 2291 IN_DEV_CONF_SET(in_dev, FORWARDING, on); 2292 inet_netconf_notify_devconf(net, RTM_NEWNETCONF, 2293 NETCONFA_FORWARDING, 2294 dev->ifindex, &in_dev->cnf); 2295 } 2296 } 2297 } 2298 2299 static int devinet_conf_ifindex(struct net *net, struct ipv4_devconf *cnf) 2300 { 2301 if (cnf == net->ipv4.devconf_dflt) 2302 return NETCONFA_IFINDEX_DEFAULT; 2303 else if (cnf == net->ipv4.devconf_all) 2304 return NETCONFA_IFINDEX_ALL; 2305 else { 2306 struct in_device *idev 2307 = container_of(cnf, struct in_device, cnf); 2308 return idev->dev->ifindex; 2309 } 2310 } 2311 2312 static int devinet_conf_proc(struct ctl_table *ctl, int write, 2313 void __user *buffer, 2314 size_t *lenp, loff_t *ppos) 2315 { 2316 int old_value = *(int *)ctl->data; 2317 int ret = proc_dointvec(ctl, write, buffer, lenp, ppos); 2318 int new_value = *(int *)ctl->data; 2319 2320 if (write) { 2321 struct ipv4_devconf *cnf = ctl->extra1; 2322 struct net *net = ctl->extra2; 2323 int i = (int *)ctl->data - cnf->data; 2324 int ifindex; 2325 2326 set_bit(i, cnf->state); 2327 2328 if (cnf == net->ipv4.devconf_dflt) 2329 devinet_copy_dflt_conf(net, i); 2330 if (i == IPV4_DEVCONF_ACCEPT_LOCAL - 1 || 2331 i == IPV4_DEVCONF_ROUTE_LOCALNET - 1) 2332 if ((new_value == 0) && (old_value != 0)) 2333 rt_cache_flush(net); 2334 2335 if (i == IPV4_DEVCONF_BC_FORWARDING - 1 && 2336 new_value != old_value) 2337 rt_cache_flush(net); 2338 2339 if (i == IPV4_DEVCONF_RP_FILTER - 1 && 2340 new_value != old_value) { 2341 ifindex = devinet_conf_ifindex(net, cnf); 2342 inet_netconf_notify_devconf(net, RTM_NEWNETCONF, 2343 NETCONFA_RP_FILTER, 2344 ifindex, cnf); 2345 } 2346 if (i == IPV4_DEVCONF_PROXY_ARP - 1 && 2347 new_value != old_value) { 2348 ifindex = devinet_conf_ifindex(net, cnf); 2349 inet_netconf_notify_devconf(net, RTM_NEWNETCONF, 2350 NETCONFA_PROXY_NEIGH, 2351 ifindex, cnf); 2352 } 2353 if (i == IPV4_DEVCONF_IGNORE_ROUTES_WITH_LINKDOWN - 1 && 2354 new_value != old_value) { 2355 ifindex = devinet_conf_ifindex(net, cnf); 2356 inet_netconf_notify_devconf(net, RTM_NEWNETCONF, 2357 NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN, 2358 ifindex, cnf); 2359 } 2360 } 2361 2362 return ret; 2363 } 2364 2365 static int devinet_sysctl_forward(struct ctl_table *ctl, int write, 2366 void __user *buffer, 2367 size_t *lenp, loff_t *ppos) 2368 { 2369 int *valp = ctl->data; 2370 int val = *valp; 2371 loff_t pos = *ppos; 2372 int ret = proc_dointvec(ctl, write, buffer, lenp, ppos); 2373 2374 if (write && *valp != val) { 2375 struct net *net = ctl->extra2; 2376 2377 if (valp != &IPV4_DEVCONF_DFLT(net, FORWARDING)) { 2378 if (!rtnl_trylock()) { 2379 /* Restore the original values before restarting */ 2380 *valp = val; 2381 *ppos = pos; 2382 return restart_syscall(); 2383 } 2384 if (valp == &IPV4_DEVCONF_ALL(net, FORWARDING)) { 2385 inet_forward_change(net); 2386 } else { 2387 struct ipv4_devconf *cnf = ctl->extra1; 2388 struct in_device *idev = 2389 container_of(cnf, struct in_device, cnf); 2390 if (*valp) 2391 dev_disable_lro(idev->dev); 2392 inet_netconf_notify_devconf(net, RTM_NEWNETCONF, 2393 NETCONFA_FORWARDING, 2394 idev->dev->ifindex, 2395 cnf); 2396 } 2397 rtnl_unlock(); 2398 rt_cache_flush(net); 2399 } else 2400 inet_netconf_notify_devconf(net, RTM_NEWNETCONF, 2401 NETCONFA_FORWARDING, 2402 NETCONFA_IFINDEX_DEFAULT, 2403 net->ipv4.devconf_dflt); 2404 } 2405 2406 return ret; 2407 } 2408 2409 static int ipv4_doint_and_flush(struct ctl_table *ctl, int write, 2410 void __user *buffer, 2411 size_t *lenp, loff_t *ppos) 2412 { 2413 int *valp = ctl->data; 2414 int val = *valp; 2415 int ret = proc_dointvec(ctl, write, buffer, lenp, ppos); 2416 struct net *net = ctl->extra2; 2417 2418 if (write && *valp != val) 2419 rt_cache_flush(net); 2420 2421 return ret; 2422 } 2423 2424 #define DEVINET_SYSCTL_ENTRY(attr, name, mval, proc) \ 2425 { \ 2426 .procname = name, \ 2427 .data = ipv4_devconf.data + \ 2428 IPV4_DEVCONF_ ## attr - 1, \ 2429 .maxlen = sizeof(int), \ 2430 .mode = mval, \ 2431 .proc_handler = proc, \ 2432 .extra1 = &ipv4_devconf, \ 2433 } 2434 2435 #define DEVINET_SYSCTL_RW_ENTRY(attr, name) \ 2436 DEVINET_SYSCTL_ENTRY(attr, name, 0644, devinet_conf_proc) 2437 2438 #define DEVINET_SYSCTL_RO_ENTRY(attr, name) \ 2439 DEVINET_SYSCTL_ENTRY(attr, name, 0444, devinet_conf_proc) 2440 2441 #define DEVINET_SYSCTL_COMPLEX_ENTRY(attr, name, proc) \ 2442 DEVINET_SYSCTL_ENTRY(attr, name, 0644, proc) 2443 2444 #define DEVINET_SYSCTL_FLUSHING_ENTRY(attr, name) \ 2445 DEVINET_SYSCTL_COMPLEX_ENTRY(attr, name, ipv4_doint_and_flush) 2446 2447 static struct devinet_sysctl_table { 2448 struct ctl_table_header *sysctl_header; 2449 struct ctl_table devinet_vars[__IPV4_DEVCONF_MAX]; 2450 } devinet_sysctl = { 2451 .devinet_vars = { 2452 DEVINET_SYSCTL_COMPLEX_ENTRY(FORWARDING, "forwarding", 2453 devinet_sysctl_forward), 2454 DEVINET_SYSCTL_RO_ENTRY(MC_FORWARDING, "mc_forwarding"), 2455 DEVINET_SYSCTL_RW_ENTRY(BC_FORWARDING, "bc_forwarding"), 2456 2457 DEVINET_SYSCTL_RW_ENTRY(ACCEPT_REDIRECTS, "accept_redirects"), 2458 DEVINET_SYSCTL_RW_ENTRY(SECURE_REDIRECTS, "secure_redirects"), 2459 DEVINET_SYSCTL_RW_ENTRY(SHARED_MEDIA, "shared_media"), 2460 DEVINET_SYSCTL_RW_ENTRY(RP_FILTER, "rp_filter"), 2461 DEVINET_SYSCTL_RW_ENTRY(SEND_REDIRECTS, "send_redirects"), 2462 DEVINET_SYSCTL_RW_ENTRY(ACCEPT_SOURCE_ROUTE, 2463 "accept_source_route"), 2464 DEVINET_SYSCTL_RW_ENTRY(ACCEPT_LOCAL, "accept_local"), 2465 DEVINET_SYSCTL_RW_ENTRY(SRC_VMARK, "src_valid_mark"), 2466 DEVINET_SYSCTL_RW_ENTRY(PROXY_ARP, "proxy_arp"), 2467 DEVINET_SYSCTL_RW_ENTRY(MEDIUM_ID, "medium_id"), 2468 DEVINET_SYSCTL_RW_ENTRY(BOOTP_RELAY, "bootp_relay"), 2469 DEVINET_SYSCTL_RW_ENTRY(LOG_MARTIANS, "log_martians"), 2470 DEVINET_SYSCTL_RW_ENTRY(TAG, "tag"), 2471 DEVINET_SYSCTL_RW_ENTRY(ARPFILTER, "arp_filter"), 2472 DEVINET_SYSCTL_RW_ENTRY(ARP_ANNOUNCE, "arp_announce"), 2473 DEVINET_SYSCTL_RW_ENTRY(ARP_IGNORE, "arp_ignore"), 2474 DEVINET_SYSCTL_RW_ENTRY(ARP_ACCEPT, "arp_accept"), 2475 DEVINET_SYSCTL_RW_ENTRY(ARP_NOTIFY, "arp_notify"), 2476 DEVINET_SYSCTL_RW_ENTRY(PROXY_ARP_PVLAN, "proxy_arp_pvlan"), 2477 DEVINET_SYSCTL_RW_ENTRY(FORCE_IGMP_VERSION, 2478 "force_igmp_version"), 2479 DEVINET_SYSCTL_RW_ENTRY(IGMPV2_UNSOLICITED_REPORT_INTERVAL, 2480 "igmpv2_unsolicited_report_interval"), 2481 DEVINET_SYSCTL_RW_ENTRY(IGMPV3_UNSOLICITED_REPORT_INTERVAL, 2482 "igmpv3_unsolicited_report_interval"), 2483 DEVINET_SYSCTL_RW_ENTRY(IGNORE_ROUTES_WITH_LINKDOWN, 2484 "ignore_routes_with_linkdown"), 2485 DEVINET_SYSCTL_RW_ENTRY(DROP_GRATUITOUS_ARP, 2486 "drop_gratuitous_arp"), 2487 2488 DEVINET_SYSCTL_FLUSHING_ENTRY(NOXFRM, "disable_xfrm"), 2489 DEVINET_SYSCTL_FLUSHING_ENTRY(NOPOLICY, "disable_policy"), 2490 DEVINET_SYSCTL_FLUSHING_ENTRY(PROMOTE_SECONDARIES, 2491 "promote_secondaries"), 2492 DEVINET_SYSCTL_FLUSHING_ENTRY(ROUTE_LOCALNET, 2493 "route_localnet"), 2494 DEVINET_SYSCTL_FLUSHING_ENTRY(DROP_UNICAST_IN_L2_MULTICAST, 2495 "drop_unicast_in_l2_multicast"), 2496 }, 2497 }; 2498 2499 static int __devinet_sysctl_register(struct net *net, char *dev_name, 2500 int ifindex, struct ipv4_devconf *p) 2501 { 2502 int i; 2503 struct devinet_sysctl_table *t; 2504 char path[sizeof("net/ipv4/conf/") + IFNAMSIZ]; 2505 2506 t = kmemdup(&devinet_sysctl, sizeof(*t), GFP_KERNEL); 2507 if (!t) 2508 goto out; 2509 2510 for (i = 0; i < ARRAY_SIZE(t->devinet_vars) - 1; i++) { 2511 t->devinet_vars[i].data += (char *)p - (char *)&ipv4_devconf; 2512 t->devinet_vars[i].extra1 = p; 2513 t->devinet_vars[i].extra2 = net; 2514 } 2515 2516 snprintf(path, sizeof(path), "net/ipv4/conf/%s", dev_name); 2517 2518 t->sysctl_header = register_net_sysctl(net, path, t->devinet_vars); 2519 if (!t->sysctl_header) 2520 goto free; 2521 2522 p->sysctl = t; 2523 2524 inet_netconf_notify_devconf(net, RTM_NEWNETCONF, NETCONFA_ALL, 2525 ifindex, p); 2526 return 0; 2527 2528 free: 2529 kfree(t); 2530 out: 2531 return -ENOBUFS; 2532 } 2533 2534 static void __devinet_sysctl_unregister(struct net *net, 2535 struct ipv4_devconf *cnf, int ifindex) 2536 { 2537 struct devinet_sysctl_table *t = cnf->sysctl; 2538 2539 if (t) { 2540 cnf->sysctl = NULL; 2541 unregister_net_sysctl_table(t->sysctl_header); 2542 kfree(t); 2543 } 2544 2545 inet_netconf_notify_devconf(net, RTM_DELNETCONF, 0, ifindex, NULL); 2546 } 2547 2548 static int devinet_sysctl_register(struct in_device *idev) 2549 { 2550 int err; 2551 2552 if (!sysctl_dev_name_is_allowed(idev->dev->name)) 2553 return -EINVAL; 2554 2555 err = neigh_sysctl_register(idev->dev, idev->arp_parms, NULL); 2556 if (err) 2557 return err; 2558 err = __devinet_sysctl_register(dev_net(idev->dev), idev->dev->name, 2559 idev->dev->ifindex, &idev->cnf); 2560 if (err) 2561 neigh_sysctl_unregister(idev->arp_parms); 2562 return err; 2563 } 2564 2565 static void devinet_sysctl_unregister(struct in_device *idev) 2566 { 2567 struct net *net = dev_net(idev->dev); 2568 2569 __devinet_sysctl_unregister(net, &idev->cnf, idev->dev->ifindex); 2570 neigh_sysctl_unregister(idev->arp_parms); 2571 } 2572 2573 static struct ctl_table ctl_forward_entry[] = { 2574 { 2575 .procname = "ip_forward", 2576 .data = &ipv4_devconf.data[ 2577 IPV4_DEVCONF_FORWARDING - 1], 2578 .maxlen = sizeof(int), 2579 .mode = 0644, 2580 .proc_handler = devinet_sysctl_forward, 2581 .extra1 = &ipv4_devconf, 2582 .extra2 = &init_net, 2583 }, 2584 { }, 2585 }; 2586 #endif 2587 2588 static __net_init int devinet_init_net(struct net *net) 2589 { 2590 int err; 2591 struct ipv4_devconf *all, *dflt; 2592 #ifdef CONFIG_SYSCTL 2593 struct ctl_table *tbl; 2594 struct ctl_table_header *forw_hdr; 2595 #endif 2596 2597 err = -ENOMEM; 2598 all = kmemdup(&ipv4_devconf, sizeof(ipv4_devconf), GFP_KERNEL); 2599 if (!all) 2600 goto err_alloc_all; 2601 2602 dflt = kmemdup(&ipv4_devconf_dflt, sizeof(ipv4_devconf_dflt), GFP_KERNEL); 2603 if (!dflt) 2604 goto err_alloc_dflt; 2605 2606 #ifdef CONFIG_SYSCTL 2607 tbl = kmemdup(ctl_forward_entry, sizeof(ctl_forward_entry), GFP_KERNEL); 2608 if (!tbl) 2609 goto err_alloc_ctl; 2610 2611 tbl[0].data = &all->data[IPV4_DEVCONF_FORWARDING - 1]; 2612 tbl[0].extra1 = all; 2613 tbl[0].extra2 = net; 2614 #endif 2615 2616 if ((!IS_ENABLED(CONFIG_SYSCTL) || 2617 sysctl_devconf_inherit_init_net != 2) && 2618 !net_eq(net, &init_net)) { 2619 memcpy(all, init_net.ipv4.devconf_all, sizeof(ipv4_devconf)); 2620 memcpy(dflt, init_net.ipv4.devconf_dflt, sizeof(ipv4_devconf_dflt)); 2621 } 2622 2623 #ifdef CONFIG_SYSCTL 2624 err = __devinet_sysctl_register(net, "all", NETCONFA_IFINDEX_ALL, all); 2625 if (err < 0) 2626 goto err_reg_all; 2627 2628 err = __devinet_sysctl_register(net, "default", 2629 NETCONFA_IFINDEX_DEFAULT, dflt); 2630 if (err < 0) 2631 goto err_reg_dflt; 2632 2633 err = -ENOMEM; 2634 forw_hdr = register_net_sysctl(net, "net/ipv4", tbl); 2635 if (!forw_hdr) 2636 goto err_reg_ctl; 2637 net->ipv4.forw_hdr = forw_hdr; 2638 #endif 2639 2640 net->ipv4.devconf_all = all; 2641 net->ipv4.devconf_dflt = dflt; 2642 return 0; 2643 2644 #ifdef CONFIG_SYSCTL 2645 err_reg_ctl: 2646 __devinet_sysctl_unregister(net, dflt, NETCONFA_IFINDEX_DEFAULT); 2647 err_reg_dflt: 2648 __devinet_sysctl_unregister(net, all, NETCONFA_IFINDEX_ALL); 2649 err_reg_all: 2650 kfree(tbl); 2651 err_alloc_ctl: 2652 #endif 2653 kfree(dflt); 2654 err_alloc_dflt: 2655 kfree(all); 2656 err_alloc_all: 2657 return err; 2658 } 2659 2660 static __net_exit void devinet_exit_net(struct net *net) 2661 { 2662 #ifdef CONFIG_SYSCTL 2663 struct ctl_table *tbl; 2664 2665 tbl = net->ipv4.forw_hdr->ctl_table_arg; 2666 unregister_net_sysctl_table(net->ipv4.forw_hdr); 2667 __devinet_sysctl_unregister(net, net->ipv4.devconf_dflt, 2668 NETCONFA_IFINDEX_DEFAULT); 2669 __devinet_sysctl_unregister(net, net->ipv4.devconf_all, 2670 NETCONFA_IFINDEX_ALL); 2671 kfree(tbl); 2672 #endif 2673 kfree(net->ipv4.devconf_dflt); 2674 kfree(net->ipv4.devconf_all); 2675 } 2676 2677 static __net_initdata struct pernet_operations devinet_ops = { 2678 .init = devinet_init_net, 2679 .exit = devinet_exit_net, 2680 }; 2681 2682 static struct rtnl_af_ops inet_af_ops __read_mostly = { 2683 .family = AF_INET, 2684 .fill_link_af = inet_fill_link_af, 2685 .get_link_af_size = inet_get_link_af_size, 2686 .validate_link_af = inet_validate_link_af, 2687 .set_link_af = inet_set_link_af, 2688 }; 2689 2690 void __init devinet_init(void) 2691 { 2692 int i; 2693 2694 for (i = 0; i < IN4_ADDR_HSIZE; i++) 2695 INIT_HLIST_HEAD(&inet_addr_lst[i]); 2696 2697 register_pernet_subsys(&devinet_ops); 2698 2699 register_gifconf(PF_INET, inet_gifconf); 2700 register_netdevice_notifier(&ip_netdev_notifier); 2701 2702 queue_delayed_work(system_power_efficient_wq, &check_lifetime_work, 0); 2703 2704 rtnl_af_register(&inet_af_ops); 2705 2706 rtnl_register(PF_INET, RTM_NEWADDR, inet_rtm_newaddr, NULL, 0); 2707 rtnl_register(PF_INET, RTM_DELADDR, inet_rtm_deladdr, NULL, 0); 2708 rtnl_register(PF_INET, RTM_GETADDR, NULL, inet_dump_ifaddr, 0); 2709 rtnl_register(PF_INET, RTM_GETNETCONF, inet_netconf_get_devconf, 2710 inet_netconf_dump_devconf, 0); 2711 } 2712