xref: /openbmc/linux/net/ipv4/devinet.c (revision 6fa24b41)
1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3  *	NET3	IP device support routines.
4  *
5  *	Derived from the IP parts of dev.c 1.0.19
6  * 		Authors:	Ross Biro
7  *				Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
8  *				Mark Evans, <evansmp@uhura.aston.ac.uk>
9  *
10  *	Additional Authors:
11  *		Alan Cox, <gw4pts@gw4pts.ampr.org>
12  *		Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru>
13  *
14  *	Changes:
15  *		Alexey Kuznetsov:	pa_* fields are replaced with ifaddr
16  *					lists.
17  *		Cyrus Durgin:		updated for kmod
18  *		Matthias Andree:	in devinet_ioctl, compare label and
19  *					address (4.4BSD alias style support),
20  *					fall back to comparing just the label
21  *					if no match found.
22  */
23 
24 
25 #include <linux/uaccess.h>
26 #include <linux/bitops.h>
27 #include <linux/capability.h>
28 #include <linux/module.h>
29 #include <linux/types.h>
30 #include <linux/kernel.h>
31 #include <linux/sched/signal.h>
32 #include <linux/string.h>
33 #include <linux/mm.h>
34 #include <linux/socket.h>
35 #include <linux/sockios.h>
36 #include <linux/in.h>
37 #include <linux/errno.h>
38 #include <linux/interrupt.h>
39 #include <linux/if_addr.h>
40 #include <linux/if_ether.h>
41 #include <linux/inet.h>
42 #include <linux/netdevice.h>
43 #include <linux/etherdevice.h>
44 #include <linux/skbuff.h>
45 #include <linux/init.h>
46 #include <linux/notifier.h>
47 #include <linux/inetdevice.h>
48 #include <linux/igmp.h>
49 #include <linux/slab.h>
50 #include <linux/hash.h>
51 #ifdef CONFIG_SYSCTL
52 #include <linux/sysctl.h>
53 #endif
54 #include <linux/kmod.h>
55 #include <linux/netconf.h>
56 
57 #include <net/arp.h>
58 #include <net/ip.h>
59 #include <net/route.h>
60 #include <net/ip_fib.h>
61 #include <net/rtnetlink.h>
62 #include <net/net_namespace.h>
63 #include <net/addrconf.h>
64 
65 #define IPV6ONLY_FLAGS	\
66 		(IFA_F_NODAD | IFA_F_OPTIMISTIC | IFA_F_DADFAILED | \
67 		 IFA_F_HOMEADDRESS | IFA_F_TENTATIVE | \
68 		 IFA_F_MANAGETEMPADDR | IFA_F_STABLE_PRIVACY)
69 
70 static struct ipv4_devconf ipv4_devconf = {
71 	.data = {
72 		[IPV4_DEVCONF_ACCEPT_REDIRECTS - 1] = 1,
73 		[IPV4_DEVCONF_SEND_REDIRECTS - 1] = 1,
74 		[IPV4_DEVCONF_SECURE_REDIRECTS - 1] = 1,
75 		[IPV4_DEVCONF_SHARED_MEDIA - 1] = 1,
76 		[IPV4_DEVCONF_IGMPV2_UNSOLICITED_REPORT_INTERVAL - 1] = 10000 /*ms*/,
77 		[IPV4_DEVCONF_IGMPV3_UNSOLICITED_REPORT_INTERVAL - 1] =  1000 /*ms*/,
78 		[IPV4_DEVCONF_ARP_EVICT_NOCARRIER - 1] = 1,
79 	},
80 };
81 
82 static struct ipv4_devconf ipv4_devconf_dflt = {
83 	.data = {
84 		[IPV4_DEVCONF_ACCEPT_REDIRECTS - 1] = 1,
85 		[IPV4_DEVCONF_SEND_REDIRECTS - 1] = 1,
86 		[IPV4_DEVCONF_SECURE_REDIRECTS - 1] = 1,
87 		[IPV4_DEVCONF_SHARED_MEDIA - 1] = 1,
88 		[IPV4_DEVCONF_ACCEPT_SOURCE_ROUTE - 1] = 1,
89 		[IPV4_DEVCONF_IGMPV2_UNSOLICITED_REPORT_INTERVAL - 1] = 10000 /*ms*/,
90 		[IPV4_DEVCONF_IGMPV3_UNSOLICITED_REPORT_INTERVAL - 1] =  1000 /*ms*/,
91 		[IPV4_DEVCONF_ARP_EVICT_NOCARRIER - 1] = 1,
92 	},
93 };
94 
95 #define IPV4_DEVCONF_DFLT(net, attr) \
96 	IPV4_DEVCONF((*net->ipv4.devconf_dflt), attr)
97 
98 static const struct nla_policy ifa_ipv4_policy[IFA_MAX+1] = {
99 	[IFA_LOCAL]     	= { .type = NLA_U32 },
100 	[IFA_ADDRESS]   	= { .type = NLA_U32 },
101 	[IFA_BROADCAST] 	= { .type = NLA_U32 },
102 	[IFA_LABEL]     	= { .type = NLA_STRING, .len = IFNAMSIZ - 1 },
103 	[IFA_CACHEINFO]		= { .len = sizeof(struct ifa_cacheinfo) },
104 	[IFA_FLAGS]		= { .type = NLA_U32 },
105 	[IFA_RT_PRIORITY]	= { .type = NLA_U32 },
106 	[IFA_TARGET_NETNSID]	= { .type = NLA_S32 },
107 	[IFA_PROTO]		= { .type = NLA_U8 },
108 };
109 
110 struct inet_fill_args {
111 	u32 portid;
112 	u32 seq;
113 	int event;
114 	unsigned int flags;
115 	int netnsid;
116 	int ifindex;
117 };
118 
119 #define IN4_ADDR_HSIZE_SHIFT	8
120 #define IN4_ADDR_HSIZE		(1U << IN4_ADDR_HSIZE_SHIFT)
121 
122 static struct hlist_head inet_addr_lst[IN4_ADDR_HSIZE];
123 
124 static u32 inet_addr_hash(const struct net *net, __be32 addr)
125 {
126 	u32 val = (__force u32) addr ^ net_hash_mix(net);
127 
128 	return hash_32(val, IN4_ADDR_HSIZE_SHIFT);
129 }
130 
131 static void inet_hash_insert(struct net *net, struct in_ifaddr *ifa)
132 {
133 	u32 hash = inet_addr_hash(net, ifa->ifa_local);
134 
135 	ASSERT_RTNL();
136 	hlist_add_head_rcu(&ifa->hash, &inet_addr_lst[hash]);
137 }
138 
139 static void inet_hash_remove(struct in_ifaddr *ifa)
140 {
141 	ASSERT_RTNL();
142 	hlist_del_init_rcu(&ifa->hash);
143 }
144 
145 /**
146  * __ip_dev_find - find the first device with a given source address.
147  * @net: the net namespace
148  * @addr: the source address
149  * @devref: if true, take a reference on the found device
150  *
151  * If a caller uses devref=false, it should be protected by RCU, or RTNL
152  */
153 struct net_device *__ip_dev_find(struct net *net, __be32 addr, bool devref)
154 {
155 	struct net_device *result = NULL;
156 	struct in_ifaddr *ifa;
157 
158 	rcu_read_lock();
159 	ifa = inet_lookup_ifaddr_rcu(net, addr);
160 	if (!ifa) {
161 		struct flowi4 fl4 = { .daddr = addr };
162 		struct fib_result res = { 0 };
163 		struct fib_table *local;
164 
165 		/* Fallback to FIB local table so that communication
166 		 * over loopback subnets work.
167 		 */
168 		local = fib_get_table(net, RT_TABLE_LOCAL);
169 		if (local &&
170 		    !fib_table_lookup(local, &fl4, &res, FIB_LOOKUP_NOREF) &&
171 		    res.type == RTN_LOCAL)
172 			result = FIB_RES_DEV(res);
173 	} else {
174 		result = ifa->ifa_dev->dev;
175 	}
176 	if (result && devref)
177 		dev_hold(result);
178 	rcu_read_unlock();
179 	return result;
180 }
181 EXPORT_SYMBOL(__ip_dev_find);
182 
183 /* called under RCU lock */
184 struct in_ifaddr *inet_lookup_ifaddr_rcu(struct net *net, __be32 addr)
185 {
186 	u32 hash = inet_addr_hash(net, addr);
187 	struct in_ifaddr *ifa;
188 
189 	hlist_for_each_entry_rcu(ifa, &inet_addr_lst[hash], hash)
190 		if (ifa->ifa_local == addr &&
191 		    net_eq(dev_net(ifa->ifa_dev->dev), net))
192 			return ifa;
193 
194 	return NULL;
195 }
196 
197 static void rtmsg_ifa(int event, struct in_ifaddr *, struct nlmsghdr *, u32);
198 
199 static BLOCKING_NOTIFIER_HEAD(inetaddr_chain);
200 static BLOCKING_NOTIFIER_HEAD(inetaddr_validator_chain);
201 static void inet_del_ifa(struct in_device *in_dev,
202 			 struct in_ifaddr __rcu **ifap,
203 			 int destroy);
204 #ifdef CONFIG_SYSCTL
205 static int devinet_sysctl_register(struct in_device *idev);
206 static void devinet_sysctl_unregister(struct in_device *idev);
207 #else
208 static int devinet_sysctl_register(struct in_device *idev)
209 {
210 	return 0;
211 }
212 static void devinet_sysctl_unregister(struct in_device *idev)
213 {
214 }
215 #endif
216 
217 /* Locks all the inet devices. */
218 
219 static struct in_ifaddr *inet_alloc_ifa(void)
220 {
221 	return kzalloc(sizeof(struct in_ifaddr), GFP_KERNEL_ACCOUNT);
222 }
223 
224 static void inet_rcu_free_ifa(struct rcu_head *head)
225 {
226 	struct in_ifaddr *ifa = container_of(head, struct in_ifaddr, rcu_head);
227 	if (ifa->ifa_dev)
228 		in_dev_put(ifa->ifa_dev);
229 	kfree(ifa);
230 }
231 
232 static void inet_free_ifa(struct in_ifaddr *ifa)
233 {
234 	call_rcu(&ifa->rcu_head, inet_rcu_free_ifa);
235 }
236 
237 static void in_dev_free_rcu(struct rcu_head *head)
238 {
239 	struct in_device *idev = container_of(head, struct in_device, rcu_head);
240 
241 	kfree(rcu_dereference_protected(idev->mc_hash, 1));
242 	kfree(idev);
243 }
244 
245 void in_dev_finish_destroy(struct in_device *idev)
246 {
247 	struct net_device *dev = idev->dev;
248 
249 	WARN_ON(idev->ifa_list);
250 	WARN_ON(idev->mc_list);
251 #ifdef NET_REFCNT_DEBUG
252 	pr_debug("%s: %p=%s\n", __func__, idev, dev ? dev->name : "NIL");
253 #endif
254 	netdev_put(dev, &idev->dev_tracker);
255 	if (!idev->dead)
256 		pr_err("Freeing alive in_device %p\n", idev);
257 	else
258 		call_rcu(&idev->rcu_head, in_dev_free_rcu);
259 }
260 EXPORT_SYMBOL(in_dev_finish_destroy);
261 
262 static struct in_device *inetdev_init(struct net_device *dev)
263 {
264 	struct in_device *in_dev;
265 	int err = -ENOMEM;
266 
267 	ASSERT_RTNL();
268 
269 	in_dev = kzalloc(sizeof(*in_dev), GFP_KERNEL);
270 	if (!in_dev)
271 		goto out;
272 	memcpy(&in_dev->cnf, dev_net(dev)->ipv4.devconf_dflt,
273 			sizeof(in_dev->cnf));
274 	in_dev->cnf.sysctl = NULL;
275 	in_dev->dev = dev;
276 	in_dev->arp_parms = neigh_parms_alloc(dev, &arp_tbl);
277 	if (!in_dev->arp_parms)
278 		goto out_kfree;
279 	if (IPV4_DEVCONF(in_dev->cnf, FORWARDING))
280 		dev_disable_lro(dev);
281 	/* Reference in_dev->dev */
282 	netdev_hold(dev, &in_dev->dev_tracker, GFP_KERNEL);
283 	/* Account for reference dev->ip_ptr (below) */
284 	refcount_set(&in_dev->refcnt, 1);
285 
286 	err = devinet_sysctl_register(in_dev);
287 	if (err) {
288 		in_dev->dead = 1;
289 		neigh_parms_release(&arp_tbl, in_dev->arp_parms);
290 		in_dev_put(in_dev);
291 		in_dev = NULL;
292 		goto out;
293 	}
294 	ip_mc_init_dev(in_dev);
295 	if (dev->flags & IFF_UP)
296 		ip_mc_up(in_dev);
297 
298 	/* we can receive as soon as ip_ptr is set -- do this last */
299 	rcu_assign_pointer(dev->ip_ptr, in_dev);
300 out:
301 	return in_dev ?: ERR_PTR(err);
302 out_kfree:
303 	kfree(in_dev);
304 	in_dev = NULL;
305 	goto out;
306 }
307 
308 static void inetdev_destroy(struct in_device *in_dev)
309 {
310 	struct net_device *dev;
311 	struct in_ifaddr *ifa;
312 
313 	ASSERT_RTNL();
314 
315 	dev = in_dev->dev;
316 
317 	in_dev->dead = 1;
318 
319 	ip_mc_destroy_dev(in_dev);
320 
321 	while ((ifa = rtnl_dereference(in_dev->ifa_list)) != NULL) {
322 		inet_del_ifa(in_dev, &in_dev->ifa_list, 0);
323 		inet_free_ifa(ifa);
324 	}
325 
326 	RCU_INIT_POINTER(dev->ip_ptr, NULL);
327 
328 	devinet_sysctl_unregister(in_dev);
329 	neigh_parms_release(&arp_tbl, in_dev->arp_parms);
330 	arp_ifdown(dev);
331 
332 	in_dev_put(in_dev);
333 }
334 
335 int inet_addr_onlink(struct in_device *in_dev, __be32 a, __be32 b)
336 {
337 	const struct in_ifaddr *ifa;
338 
339 	rcu_read_lock();
340 	in_dev_for_each_ifa_rcu(ifa, in_dev) {
341 		if (inet_ifa_match(a, ifa)) {
342 			if (!b || inet_ifa_match(b, ifa)) {
343 				rcu_read_unlock();
344 				return 1;
345 			}
346 		}
347 	}
348 	rcu_read_unlock();
349 	return 0;
350 }
351 
352 static void __inet_del_ifa(struct in_device *in_dev,
353 			   struct in_ifaddr __rcu **ifap,
354 			   int destroy, struct nlmsghdr *nlh, u32 portid)
355 {
356 	struct in_ifaddr *promote = NULL;
357 	struct in_ifaddr *ifa, *ifa1;
358 	struct in_ifaddr __rcu **last_prim;
359 	struct in_ifaddr *prev_prom = NULL;
360 	int do_promote = IN_DEV_PROMOTE_SECONDARIES(in_dev);
361 
362 	ASSERT_RTNL();
363 
364 	ifa1 = rtnl_dereference(*ifap);
365 	last_prim = ifap;
366 	if (in_dev->dead)
367 		goto no_promotions;
368 
369 	/* 1. Deleting primary ifaddr forces deletion all secondaries
370 	 * unless alias promotion is set
371 	 **/
372 
373 	if (!(ifa1->ifa_flags & IFA_F_SECONDARY)) {
374 		struct in_ifaddr __rcu **ifap1 = &ifa1->ifa_next;
375 
376 		while ((ifa = rtnl_dereference(*ifap1)) != NULL) {
377 			if (!(ifa->ifa_flags & IFA_F_SECONDARY) &&
378 			    ifa1->ifa_scope <= ifa->ifa_scope)
379 				last_prim = &ifa->ifa_next;
380 
381 			if (!(ifa->ifa_flags & IFA_F_SECONDARY) ||
382 			    ifa1->ifa_mask != ifa->ifa_mask ||
383 			    !inet_ifa_match(ifa1->ifa_address, ifa)) {
384 				ifap1 = &ifa->ifa_next;
385 				prev_prom = ifa;
386 				continue;
387 			}
388 
389 			if (!do_promote) {
390 				inet_hash_remove(ifa);
391 				*ifap1 = ifa->ifa_next;
392 
393 				rtmsg_ifa(RTM_DELADDR, ifa, nlh, portid);
394 				blocking_notifier_call_chain(&inetaddr_chain,
395 						NETDEV_DOWN, ifa);
396 				inet_free_ifa(ifa);
397 			} else {
398 				promote = ifa;
399 				break;
400 			}
401 		}
402 	}
403 
404 	/* On promotion all secondaries from subnet are changing
405 	 * the primary IP, we must remove all their routes silently
406 	 * and later to add them back with new prefsrc. Do this
407 	 * while all addresses are on the device list.
408 	 */
409 	for (ifa = promote; ifa; ifa = rtnl_dereference(ifa->ifa_next)) {
410 		if (ifa1->ifa_mask == ifa->ifa_mask &&
411 		    inet_ifa_match(ifa1->ifa_address, ifa))
412 			fib_del_ifaddr(ifa, ifa1);
413 	}
414 
415 no_promotions:
416 	/* 2. Unlink it */
417 
418 	*ifap = ifa1->ifa_next;
419 	inet_hash_remove(ifa1);
420 
421 	/* 3. Announce address deletion */
422 
423 	/* Send message first, then call notifier.
424 	   At first sight, FIB update triggered by notifier
425 	   will refer to already deleted ifaddr, that could confuse
426 	   netlink listeners. It is not true: look, gated sees
427 	   that route deleted and if it still thinks that ifaddr
428 	   is valid, it will try to restore deleted routes... Grr.
429 	   So that, this order is correct.
430 	 */
431 	rtmsg_ifa(RTM_DELADDR, ifa1, nlh, portid);
432 	blocking_notifier_call_chain(&inetaddr_chain, NETDEV_DOWN, ifa1);
433 
434 	if (promote) {
435 		struct in_ifaddr *next_sec;
436 
437 		next_sec = rtnl_dereference(promote->ifa_next);
438 		if (prev_prom) {
439 			struct in_ifaddr *last_sec;
440 
441 			rcu_assign_pointer(prev_prom->ifa_next, next_sec);
442 
443 			last_sec = rtnl_dereference(*last_prim);
444 			rcu_assign_pointer(promote->ifa_next, last_sec);
445 			rcu_assign_pointer(*last_prim, promote);
446 		}
447 
448 		promote->ifa_flags &= ~IFA_F_SECONDARY;
449 		rtmsg_ifa(RTM_NEWADDR, promote, nlh, portid);
450 		blocking_notifier_call_chain(&inetaddr_chain,
451 				NETDEV_UP, promote);
452 		for (ifa = next_sec; ifa;
453 		     ifa = rtnl_dereference(ifa->ifa_next)) {
454 			if (ifa1->ifa_mask != ifa->ifa_mask ||
455 			    !inet_ifa_match(ifa1->ifa_address, ifa))
456 					continue;
457 			fib_add_ifaddr(ifa);
458 		}
459 
460 	}
461 	if (destroy)
462 		inet_free_ifa(ifa1);
463 }
464 
465 static void inet_del_ifa(struct in_device *in_dev,
466 			 struct in_ifaddr __rcu **ifap,
467 			 int destroy)
468 {
469 	__inet_del_ifa(in_dev, ifap, destroy, NULL, 0);
470 }
471 
472 static void check_lifetime(struct work_struct *work);
473 
474 static DECLARE_DELAYED_WORK(check_lifetime_work, check_lifetime);
475 
476 static int __inet_insert_ifa(struct in_ifaddr *ifa, struct nlmsghdr *nlh,
477 			     u32 portid, struct netlink_ext_ack *extack)
478 {
479 	struct in_ifaddr __rcu **last_primary, **ifap;
480 	struct in_device *in_dev = ifa->ifa_dev;
481 	struct in_validator_info ivi;
482 	struct in_ifaddr *ifa1;
483 	int ret;
484 
485 	ASSERT_RTNL();
486 
487 	if (!ifa->ifa_local) {
488 		inet_free_ifa(ifa);
489 		return 0;
490 	}
491 
492 	ifa->ifa_flags &= ~IFA_F_SECONDARY;
493 	last_primary = &in_dev->ifa_list;
494 
495 	/* Don't set IPv6 only flags to IPv4 addresses */
496 	ifa->ifa_flags &= ~IPV6ONLY_FLAGS;
497 
498 	ifap = &in_dev->ifa_list;
499 	ifa1 = rtnl_dereference(*ifap);
500 
501 	while (ifa1) {
502 		if (!(ifa1->ifa_flags & IFA_F_SECONDARY) &&
503 		    ifa->ifa_scope <= ifa1->ifa_scope)
504 			last_primary = &ifa1->ifa_next;
505 		if (ifa1->ifa_mask == ifa->ifa_mask &&
506 		    inet_ifa_match(ifa1->ifa_address, ifa)) {
507 			if (ifa1->ifa_local == ifa->ifa_local) {
508 				inet_free_ifa(ifa);
509 				return -EEXIST;
510 			}
511 			if (ifa1->ifa_scope != ifa->ifa_scope) {
512 				NL_SET_ERR_MSG(extack, "ipv4: Invalid scope value");
513 				inet_free_ifa(ifa);
514 				return -EINVAL;
515 			}
516 			ifa->ifa_flags |= IFA_F_SECONDARY;
517 		}
518 
519 		ifap = &ifa1->ifa_next;
520 		ifa1 = rtnl_dereference(*ifap);
521 	}
522 
523 	/* Allow any devices that wish to register ifaddr validtors to weigh
524 	 * in now, before changes are committed.  The rntl lock is serializing
525 	 * access here, so the state should not change between a validator call
526 	 * and a final notify on commit.  This isn't invoked on promotion under
527 	 * the assumption that validators are checking the address itself, and
528 	 * not the flags.
529 	 */
530 	ivi.ivi_addr = ifa->ifa_address;
531 	ivi.ivi_dev = ifa->ifa_dev;
532 	ivi.extack = extack;
533 	ret = blocking_notifier_call_chain(&inetaddr_validator_chain,
534 					   NETDEV_UP, &ivi);
535 	ret = notifier_to_errno(ret);
536 	if (ret) {
537 		inet_free_ifa(ifa);
538 		return ret;
539 	}
540 
541 	if (!(ifa->ifa_flags & IFA_F_SECONDARY))
542 		ifap = last_primary;
543 
544 	rcu_assign_pointer(ifa->ifa_next, *ifap);
545 	rcu_assign_pointer(*ifap, ifa);
546 
547 	inet_hash_insert(dev_net(in_dev->dev), ifa);
548 
549 	cancel_delayed_work(&check_lifetime_work);
550 	queue_delayed_work(system_power_efficient_wq, &check_lifetime_work, 0);
551 
552 	/* Send message first, then call notifier.
553 	   Notifier will trigger FIB update, so that
554 	   listeners of netlink will know about new ifaddr */
555 	rtmsg_ifa(RTM_NEWADDR, ifa, nlh, portid);
556 	blocking_notifier_call_chain(&inetaddr_chain, NETDEV_UP, ifa);
557 
558 	return 0;
559 }
560 
561 static int inet_insert_ifa(struct in_ifaddr *ifa)
562 {
563 	return __inet_insert_ifa(ifa, NULL, 0, NULL);
564 }
565 
566 static int inet_set_ifa(struct net_device *dev, struct in_ifaddr *ifa)
567 {
568 	struct in_device *in_dev = __in_dev_get_rtnl(dev);
569 
570 	ASSERT_RTNL();
571 
572 	ipv4_devconf_setall(in_dev);
573 	neigh_parms_data_state_setall(in_dev->arp_parms);
574 	if (ifa->ifa_dev != in_dev) {
575 		WARN_ON(ifa->ifa_dev);
576 		in_dev_hold(in_dev);
577 		ifa->ifa_dev = in_dev;
578 	}
579 	if (ipv4_is_loopback(ifa->ifa_local))
580 		ifa->ifa_scope = RT_SCOPE_HOST;
581 	return inet_insert_ifa(ifa);
582 }
583 
584 /* Caller must hold RCU or RTNL :
585  * We dont take a reference on found in_device
586  */
587 struct in_device *inetdev_by_index(struct net *net, int ifindex)
588 {
589 	struct net_device *dev;
590 	struct in_device *in_dev = NULL;
591 
592 	rcu_read_lock();
593 	dev = dev_get_by_index_rcu(net, ifindex);
594 	if (dev)
595 		in_dev = rcu_dereference_rtnl(dev->ip_ptr);
596 	rcu_read_unlock();
597 	return in_dev;
598 }
599 EXPORT_SYMBOL(inetdev_by_index);
600 
601 /* Called only from RTNL semaphored context. No locks. */
602 
603 struct in_ifaddr *inet_ifa_byprefix(struct in_device *in_dev, __be32 prefix,
604 				    __be32 mask)
605 {
606 	struct in_ifaddr *ifa;
607 
608 	ASSERT_RTNL();
609 
610 	in_dev_for_each_ifa_rtnl(ifa, in_dev) {
611 		if (ifa->ifa_mask == mask && inet_ifa_match(prefix, ifa))
612 			return ifa;
613 	}
614 	return NULL;
615 }
616 
617 static int ip_mc_autojoin_config(struct net *net, bool join,
618 				 const struct in_ifaddr *ifa)
619 {
620 #if defined(CONFIG_IP_MULTICAST)
621 	struct ip_mreqn mreq = {
622 		.imr_multiaddr.s_addr = ifa->ifa_address,
623 		.imr_ifindex = ifa->ifa_dev->dev->ifindex,
624 	};
625 	struct sock *sk = net->ipv4.mc_autojoin_sk;
626 	int ret;
627 
628 	ASSERT_RTNL();
629 
630 	lock_sock(sk);
631 	if (join)
632 		ret = ip_mc_join_group(sk, &mreq);
633 	else
634 		ret = ip_mc_leave_group(sk, &mreq);
635 	release_sock(sk);
636 
637 	return ret;
638 #else
639 	return -EOPNOTSUPP;
640 #endif
641 }
642 
643 static int inet_rtm_deladdr(struct sk_buff *skb, struct nlmsghdr *nlh,
644 			    struct netlink_ext_ack *extack)
645 {
646 	struct net *net = sock_net(skb->sk);
647 	struct in_ifaddr __rcu **ifap;
648 	struct nlattr *tb[IFA_MAX+1];
649 	struct in_device *in_dev;
650 	struct ifaddrmsg *ifm;
651 	struct in_ifaddr *ifa;
652 	int err;
653 
654 	ASSERT_RTNL();
655 
656 	err = nlmsg_parse_deprecated(nlh, sizeof(*ifm), tb, IFA_MAX,
657 				     ifa_ipv4_policy, extack);
658 	if (err < 0)
659 		goto errout;
660 
661 	ifm = nlmsg_data(nlh);
662 	in_dev = inetdev_by_index(net, ifm->ifa_index);
663 	if (!in_dev) {
664 		NL_SET_ERR_MSG(extack, "ipv4: Device not found");
665 		err = -ENODEV;
666 		goto errout;
667 	}
668 
669 	for (ifap = &in_dev->ifa_list; (ifa = rtnl_dereference(*ifap)) != NULL;
670 	     ifap = &ifa->ifa_next) {
671 		if (tb[IFA_LOCAL] &&
672 		    ifa->ifa_local != nla_get_in_addr(tb[IFA_LOCAL]))
673 			continue;
674 
675 		if (tb[IFA_LABEL] && nla_strcmp(tb[IFA_LABEL], ifa->ifa_label))
676 			continue;
677 
678 		if (tb[IFA_ADDRESS] &&
679 		    (ifm->ifa_prefixlen != ifa->ifa_prefixlen ||
680 		    !inet_ifa_match(nla_get_in_addr(tb[IFA_ADDRESS]), ifa)))
681 			continue;
682 
683 		if (ipv4_is_multicast(ifa->ifa_address))
684 			ip_mc_autojoin_config(net, false, ifa);
685 		__inet_del_ifa(in_dev, ifap, 1, nlh, NETLINK_CB(skb).portid);
686 		return 0;
687 	}
688 
689 	NL_SET_ERR_MSG(extack, "ipv4: Address not found");
690 	err = -EADDRNOTAVAIL;
691 errout:
692 	return err;
693 }
694 
695 #define INFINITY_LIFE_TIME	0xFFFFFFFF
696 
697 static void check_lifetime(struct work_struct *work)
698 {
699 	unsigned long now, next, next_sec, next_sched;
700 	struct in_ifaddr *ifa;
701 	struct hlist_node *n;
702 	int i;
703 
704 	now = jiffies;
705 	next = round_jiffies_up(now + ADDR_CHECK_FREQUENCY);
706 
707 	for (i = 0; i < IN4_ADDR_HSIZE; i++) {
708 		bool change_needed = false;
709 
710 		rcu_read_lock();
711 		hlist_for_each_entry_rcu(ifa, &inet_addr_lst[i], hash) {
712 			unsigned long age;
713 
714 			if (ifa->ifa_flags & IFA_F_PERMANENT)
715 				continue;
716 
717 			/* We try to batch several events at once. */
718 			age = (now - ifa->ifa_tstamp +
719 			       ADDRCONF_TIMER_FUZZ_MINUS) / HZ;
720 
721 			if (ifa->ifa_valid_lft != INFINITY_LIFE_TIME &&
722 			    age >= ifa->ifa_valid_lft) {
723 				change_needed = true;
724 			} else if (ifa->ifa_preferred_lft ==
725 				   INFINITY_LIFE_TIME) {
726 				continue;
727 			} else if (age >= ifa->ifa_preferred_lft) {
728 				if (time_before(ifa->ifa_tstamp +
729 						ifa->ifa_valid_lft * HZ, next))
730 					next = ifa->ifa_tstamp +
731 					       ifa->ifa_valid_lft * HZ;
732 
733 				if (!(ifa->ifa_flags & IFA_F_DEPRECATED))
734 					change_needed = true;
735 			} else if (time_before(ifa->ifa_tstamp +
736 					       ifa->ifa_preferred_lft * HZ,
737 					       next)) {
738 				next = ifa->ifa_tstamp +
739 				       ifa->ifa_preferred_lft * HZ;
740 			}
741 		}
742 		rcu_read_unlock();
743 		if (!change_needed)
744 			continue;
745 		rtnl_lock();
746 		hlist_for_each_entry_safe(ifa, n, &inet_addr_lst[i], hash) {
747 			unsigned long age;
748 
749 			if (ifa->ifa_flags & IFA_F_PERMANENT)
750 				continue;
751 
752 			/* We try to batch several events at once. */
753 			age = (now - ifa->ifa_tstamp +
754 			       ADDRCONF_TIMER_FUZZ_MINUS) / HZ;
755 
756 			if (ifa->ifa_valid_lft != INFINITY_LIFE_TIME &&
757 			    age >= ifa->ifa_valid_lft) {
758 				struct in_ifaddr __rcu **ifap;
759 				struct in_ifaddr *tmp;
760 
761 				ifap = &ifa->ifa_dev->ifa_list;
762 				tmp = rtnl_dereference(*ifap);
763 				while (tmp) {
764 					if (tmp == ifa) {
765 						inet_del_ifa(ifa->ifa_dev,
766 							     ifap, 1);
767 						break;
768 					}
769 					ifap = &tmp->ifa_next;
770 					tmp = rtnl_dereference(*ifap);
771 				}
772 			} else if (ifa->ifa_preferred_lft !=
773 				   INFINITY_LIFE_TIME &&
774 				   age >= ifa->ifa_preferred_lft &&
775 				   !(ifa->ifa_flags & IFA_F_DEPRECATED)) {
776 				ifa->ifa_flags |= IFA_F_DEPRECATED;
777 				rtmsg_ifa(RTM_NEWADDR, ifa, NULL, 0);
778 			}
779 		}
780 		rtnl_unlock();
781 	}
782 
783 	next_sec = round_jiffies_up(next);
784 	next_sched = next;
785 
786 	/* If rounded timeout is accurate enough, accept it. */
787 	if (time_before(next_sec, next + ADDRCONF_TIMER_FUZZ))
788 		next_sched = next_sec;
789 
790 	now = jiffies;
791 	/* And minimum interval is ADDRCONF_TIMER_FUZZ_MAX. */
792 	if (time_before(next_sched, now + ADDRCONF_TIMER_FUZZ_MAX))
793 		next_sched = now + ADDRCONF_TIMER_FUZZ_MAX;
794 
795 	queue_delayed_work(system_power_efficient_wq, &check_lifetime_work,
796 			next_sched - now);
797 }
798 
799 static void set_ifa_lifetime(struct in_ifaddr *ifa, __u32 valid_lft,
800 			     __u32 prefered_lft)
801 {
802 	unsigned long timeout;
803 
804 	ifa->ifa_flags &= ~(IFA_F_PERMANENT | IFA_F_DEPRECATED);
805 
806 	timeout = addrconf_timeout_fixup(valid_lft, HZ);
807 	if (addrconf_finite_timeout(timeout))
808 		ifa->ifa_valid_lft = timeout;
809 	else
810 		ifa->ifa_flags |= IFA_F_PERMANENT;
811 
812 	timeout = addrconf_timeout_fixup(prefered_lft, HZ);
813 	if (addrconf_finite_timeout(timeout)) {
814 		if (timeout == 0)
815 			ifa->ifa_flags |= IFA_F_DEPRECATED;
816 		ifa->ifa_preferred_lft = timeout;
817 	}
818 	ifa->ifa_tstamp = jiffies;
819 	if (!ifa->ifa_cstamp)
820 		ifa->ifa_cstamp = ifa->ifa_tstamp;
821 }
822 
823 static struct in_ifaddr *rtm_to_ifaddr(struct net *net, struct nlmsghdr *nlh,
824 				       __u32 *pvalid_lft, __u32 *pprefered_lft,
825 				       struct netlink_ext_ack *extack)
826 {
827 	struct nlattr *tb[IFA_MAX+1];
828 	struct in_ifaddr *ifa;
829 	struct ifaddrmsg *ifm;
830 	struct net_device *dev;
831 	struct in_device *in_dev;
832 	int err;
833 
834 	err = nlmsg_parse_deprecated(nlh, sizeof(*ifm), tb, IFA_MAX,
835 				     ifa_ipv4_policy, extack);
836 	if (err < 0)
837 		goto errout;
838 
839 	ifm = nlmsg_data(nlh);
840 	err = -EINVAL;
841 
842 	if (ifm->ifa_prefixlen > 32) {
843 		NL_SET_ERR_MSG(extack, "ipv4: Invalid prefix length");
844 		goto errout;
845 	}
846 
847 	if (!tb[IFA_LOCAL]) {
848 		NL_SET_ERR_MSG(extack, "ipv4: Local address is not supplied");
849 		goto errout;
850 	}
851 
852 	dev = __dev_get_by_index(net, ifm->ifa_index);
853 	err = -ENODEV;
854 	if (!dev) {
855 		NL_SET_ERR_MSG(extack, "ipv4: Device not found");
856 		goto errout;
857 	}
858 
859 	in_dev = __in_dev_get_rtnl(dev);
860 	err = -ENOBUFS;
861 	if (!in_dev)
862 		goto errout;
863 
864 	ifa = inet_alloc_ifa();
865 	if (!ifa)
866 		/*
867 		 * A potential indev allocation can be left alive, it stays
868 		 * assigned to its device and is destroy with it.
869 		 */
870 		goto errout;
871 
872 	ipv4_devconf_setall(in_dev);
873 	neigh_parms_data_state_setall(in_dev->arp_parms);
874 	in_dev_hold(in_dev);
875 
876 	if (!tb[IFA_ADDRESS])
877 		tb[IFA_ADDRESS] = tb[IFA_LOCAL];
878 
879 	INIT_HLIST_NODE(&ifa->hash);
880 	ifa->ifa_prefixlen = ifm->ifa_prefixlen;
881 	ifa->ifa_mask = inet_make_mask(ifm->ifa_prefixlen);
882 	ifa->ifa_flags = tb[IFA_FLAGS] ? nla_get_u32(tb[IFA_FLAGS]) :
883 					 ifm->ifa_flags;
884 	ifa->ifa_scope = ifm->ifa_scope;
885 	ifa->ifa_dev = in_dev;
886 
887 	ifa->ifa_local = nla_get_in_addr(tb[IFA_LOCAL]);
888 	ifa->ifa_address = nla_get_in_addr(tb[IFA_ADDRESS]);
889 
890 	if (tb[IFA_BROADCAST])
891 		ifa->ifa_broadcast = nla_get_in_addr(tb[IFA_BROADCAST]);
892 
893 	if (tb[IFA_LABEL])
894 		nla_strscpy(ifa->ifa_label, tb[IFA_LABEL], IFNAMSIZ);
895 	else
896 		memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
897 
898 	if (tb[IFA_RT_PRIORITY])
899 		ifa->ifa_rt_priority = nla_get_u32(tb[IFA_RT_PRIORITY]);
900 
901 	if (tb[IFA_PROTO])
902 		ifa->ifa_proto = nla_get_u8(tb[IFA_PROTO]);
903 
904 	if (tb[IFA_CACHEINFO]) {
905 		struct ifa_cacheinfo *ci;
906 
907 		ci = nla_data(tb[IFA_CACHEINFO]);
908 		if (!ci->ifa_valid || ci->ifa_prefered > ci->ifa_valid) {
909 			NL_SET_ERR_MSG(extack, "ipv4: address lifetime invalid");
910 			err = -EINVAL;
911 			goto errout_free;
912 		}
913 		*pvalid_lft = ci->ifa_valid;
914 		*pprefered_lft = ci->ifa_prefered;
915 	}
916 
917 	return ifa;
918 
919 errout_free:
920 	inet_free_ifa(ifa);
921 errout:
922 	return ERR_PTR(err);
923 }
924 
925 static struct in_ifaddr *find_matching_ifa(struct in_ifaddr *ifa)
926 {
927 	struct in_device *in_dev = ifa->ifa_dev;
928 	struct in_ifaddr *ifa1;
929 
930 	if (!ifa->ifa_local)
931 		return NULL;
932 
933 	in_dev_for_each_ifa_rtnl(ifa1, in_dev) {
934 		if (ifa1->ifa_mask == ifa->ifa_mask &&
935 		    inet_ifa_match(ifa1->ifa_address, ifa) &&
936 		    ifa1->ifa_local == ifa->ifa_local)
937 			return ifa1;
938 	}
939 	return NULL;
940 }
941 
942 static int inet_rtm_newaddr(struct sk_buff *skb, struct nlmsghdr *nlh,
943 			    struct netlink_ext_ack *extack)
944 {
945 	struct net *net = sock_net(skb->sk);
946 	struct in_ifaddr *ifa;
947 	struct in_ifaddr *ifa_existing;
948 	__u32 valid_lft = INFINITY_LIFE_TIME;
949 	__u32 prefered_lft = INFINITY_LIFE_TIME;
950 
951 	ASSERT_RTNL();
952 
953 	ifa = rtm_to_ifaddr(net, nlh, &valid_lft, &prefered_lft, extack);
954 	if (IS_ERR(ifa))
955 		return PTR_ERR(ifa);
956 
957 	ifa_existing = find_matching_ifa(ifa);
958 	if (!ifa_existing) {
959 		/* It would be best to check for !NLM_F_CREATE here but
960 		 * userspace already relies on not having to provide this.
961 		 */
962 		set_ifa_lifetime(ifa, valid_lft, prefered_lft);
963 		if (ifa->ifa_flags & IFA_F_MCAUTOJOIN) {
964 			int ret = ip_mc_autojoin_config(net, true, ifa);
965 
966 			if (ret < 0) {
967 				NL_SET_ERR_MSG(extack, "ipv4: Multicast auto join failed");
968 				inet_free_ifa(ifa);
969 				return ret;
970 			}
971 		}
972 		return __inet_insert_ifa(ifa, nlh, NETLINK_CB(skb).portid,
973 					 extack);
974 	} else {
975 		u32 new_metric = ifa->ifa_rt_priority;
976 		u8 new_proto = ifa->ifa_proto;
977 
978 		inet_free_ifa(ifa);
979 
980 		if (nlh->nlmsg_flags & NLM_F_EXCL ||
981 		    !(nlh->nlmsg_flags & NLM_F_REPLACE)) {
982 			NL_SET_ERR_MSG(extack, "ipv4: Address already assigned");
983 			return -EEXIST;
984 		}
985 		ifa = ifa_existing;
986 
987 		if (ifa->ifa_rt_priority != new_metric) {
988 			fib_modify_prefix_metric(ifa, new_metric);
989 			ifa->ifa_rt_priority = new_metric;
990 		}
991 
992 		ifa->ifa_proto = new_proto;
993 
994 		set_ifa_lifetime(ifa, valid_lft, prefered_lft);
995 		cancel_delayed_work(&check_lifetime_work);
996 		queue_delayed_work(system_power_efficient_wq,
997 				&check_lifetime_work, 0);
998 		rtmsg_ifa(RTM_NEWADDR, ifa, nlh, NETLINK_CB(skb).portid);
999 	}
1000 	return 0;
1001 }
1002 
1003 /*
1004  *	Determine a default network mask, based on the IP address.
1005  */
1006 
1007 static int inet_abc_len(__be32 addr)
1008 {
1009 	int rc = -1;	/* Something else, probably a multicast. */
1010 
1011 	if (ipv4_is_zeronet(addr) || ipv4_is_lbcast(addr))
1012 		rc = 0;
1013 	else {
1014 		__u32 haddr = ntohl(addr);
1015 		if (IN_CLASSA(haddr))
1016 			rc = 8;
1017 		else if (IN_CLASSB(haddr))
1018 			rc = 16;
1019 		else if (IN_CLASSC(haddr))
1020 			rc = 24;
1021 		else if (IN_CLASSE(haddr))
1022 			rc = 32;
1023 	}
1024 
1025 	return rc;
1026 }
1027 
1028 
1029 int devinet_ioctl(struct net *net, unsigned int cmd, struct ifreq *ifr)
1030 {
1031 	struct sockaddr_in sin_orig;
1032 	struct sockaddr_in *sin = (struct sockaddr_in *)&ifr->ifr_addr;
1033 	struct in_ifaddr __rcu **ifap = NULL;
1034 	struct in_device *in_dev;
1035 	struct in_ifaddr *ifa = NULL;
1036 	struct net_device *dev;
1037 	char *colon;
1038 	int ret = -EFAULT;
1039 	int tryaddrmatch = 0;
1040 
1041 	ifr->ifr_name[IFNAMSIZ - 1] = 0;
1042 
1043 	/* save original address for comparison */
1044 	memcpy(&sin_orig, sin, sizeof(*sin));
1045 
1046 	colon = strchr(ifr->ifr_name, ':');
1047 	if (colon)
1048 		*colon = 0;
1049 
1050 	dev_load(net, ifr->ifr_name);
1051 
1052 	switch (cmd) {
1053 	case SIOCGIFADDR:	/* Get interface address */
1054 	case SIOCGIFBRDADDR:	/* Get the broadcast address */
1055 	case SIOCGIFDSTADDR:	/* Get the destination address */
1056 	case SIOCGIFNETMASK:	/* Get the netmask for the interface */
1057 		/* Note that these ioctls will not sleep,
1058 		   so that we do not impose a lock.
1059 		   One day we will be forced to put shlock here (I mean SMP)
1060 		 */
1061 		tryaddrmatch = (sin_orig.sin_family == AF_INET);
1062 		memset(sin, 0, sizeof(*sin));
1063 		sin->sin_family = AF_INET;
1064 		break;
1065 
1066 	case SIOCSIFFLAGS:
1067 		ret = -EPERM;
1068 		if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
1069 			goto out;
1070 		break;
1071 	case SIOCSIFADDR:	/* Set interface address (and family) */
1072 	case SIOCSIFBRDADDR:	/* Set the broadcast address */
1073 	case SIOCSIFDSTADDR:	/* Set the destination address */
1074 	case SIOCSIFNETMASK: 	/* Set the netmask for the interface */
1075 		ret = -EPERM;
1076 		if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
1077 			goto out;
1078 		ret = -EINVAL;
1079 		if (sin->sin_family != AF_INET)
1080 			goto out;
1081 		break;
1082 	default:
1083 		ret = -EINVAL;
1084 		goto out;
1085 	}
1086 
1087 	rtnl_lock();
1088 
1089 	ret = -ENODEV;
1090 	dev = __dev_get_by_name(net, ifr->ifr_name);
1091 	if (!dev)
1092 		goto done;
1093 
1094 	if (colon)
1095 		*colon = ':';
1096 
1097 	in_dev = __in_dev_get_rtnl(dev);
1098 	if (in_dev) {
1099 		if (tryaddrmatch) {
1100 			/* Matthias Andree */
1101 			/* compare label and address (4.4BSD style) */
1102 			/* note: we only do this for a limited set of ioctls
1103 			   and only if the original address family was AF_INET.
1104 			   This is checked above. */
1105 
1106 			for (ifap = &in_dev->ifa_list;
1107 			     (ifa = rtnl_dereference(*ifap)) != NULL;
1108 			     ifap = &ifa->ifa_next) {
1109 				if (!strcmp(ifr->ifr_name, ifa->ifa_label) &&
1110 				    sin_orig.sin_addr.s_addr ==
1111 							ifa->ifa_local) {
1112 					break; /* found */
1113 				}
1114 			}
1115 		}
1116 		/* we didn't get a match, maybe the application is
1117 		   4.3BSD-style and passed in junk so we fall back to
1118 		   comparing just the label */
1119 		if (!ifa) {
1120 			for (ifap = &in_dev->ifa_list;
1121 			     (ifa = rtnl_dereference(*ifap)) != NULL;
1122 			     ifap = &ifa->ifa_next)
1123 				if (!strcmp(ifr->ifr_name, ifa->ifa_label))
1124 					break;
1125 		}
1126 	}
1127 
1128 	ret = -EADDRNOTAVAIL;
1129 	if (!ifa && cmd != SIOCSIFADDR && cmd != SIOCSIFFLAGS)
1130 		goto done;
1131 
1132 	switch (cmd) {
1133 	case SIOCGIFADDR:	/* Get interface address */
1134 		ret = 0;
1135 		sin->sin_addr.s_addr = ifa->ifa_local;
1136 		break;
1137 
1138 	case SIOCGIFBRDADDR:	/* Get the broadcast address */
1139 		ret = 0;
1140 		sin->sin_addr.s_addr = ifa->ifa_broadcast;
1141 		break;
1142 
1143 	case SIOCGIFDSTADDR:	/* Get the destination address */
1144 		ret = 0;
1145 		sin->sin_addr.s_addr = ifa->ifa_address;
1146 		break;
1147 
1148 	case SIOCGIFNETMASK:	/* Get the netmask for the interface */
1149 		ret = 0;
1150 		sin->sin_addr.s_addr = ifa->ifa_mask;
1151 		break;
1152 
1153 	case SIOCSIFFLAGS:
1154 		if (colon) {
1155 			ret = -EADDRNOTAVAIL;
1156 			if (!ifa)
1157 				break;
1158 			ret = 0;
1159 			if (!(ifr->ifr_flags & IFF_UP))
1160 				inet_del_ifa(in_dev, ifap, 1);
1161 			break;
1162 		}
1163 		ret = dev_change_flags(dev, ifr->ifr_flags, NULL);
1164 		break;
1165 
1166 	case SIOCSIFADDR:	/* Set interface address (and family) */
1167 		ret = -EINVAL;
1168 		if (inet_abc_len(sin->sin_addr.s_addr) < 0)
1169 			break;
1170 
1171 		if (!ifa) {
1172 			ret = -ENOBUFS;
1173 			if (!in_dev)
1174 				break;
1175 			ifa = inet_alloc_ifa();
1176 			if (!ifa)
1177 				break;
1178 			INIT_HLIST_NODE(&ifa->hash);
1179 			if (colon)
1180 				memcpy(ifa->ifa_label, ifr->ifr_name, IFNAMSIZ);
1181 			else
1182 				memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
1183 		} else {
1184 			ret = 0;
1185 			if (ifa->ifa_local == sin->sin_addr.s_addr)
1186 				break;
1187 			inet_del_ifa(in_dev, ifap, 0);
1188 			ifa->ifa_broadcast = 0;
1189 			ifa->ifa_scope = 0;
1190 		}
1191 
1192 		ifa->ifa_address = ifa->ifa_local = sin->sin_addr.s_addr;
1193 
1194 		if (!(dev->flags & IFF_POINTOPOINT)) {
1195 			ifa->ifa_prefixlen = inet_abc_len(ifa->ifa_address);
1196 			ifa->ifa_mask = inet_make_mask(ifa->ifa_prefixlen);
1197 			if ((dev->flags & IFF_BROADCAST) &&
1198 			    ifa->ifa_prefixlen < 31)
1199 				ifa->ifa_broadcast = ifa->ifa_address |
1200 						     ~ifa->ifa_mask;
1201 		} else {
1202 			ifa->ifa_prefixlen = 32;
1203 			ifa->ifa_mask = inet_make_mask(32);
1204 		}
1205 		set_ifa_lifetime(ifa, INFINITY_LIFE_TIME, INFINITY_LIFE_TIME);
1206 		ret = inet_set_ifa(dev, ifa);
1207 		break;
1208 
1209 	case SIOCSIFBRDADDR:	/* Set the broadcast address */
1210 		ret = 0;
1211 		if (ifa->ifa_broadcast != sin->sin_addr.s_addr) {
1212 			inet_del_ifa(in_dev, ifap, 0);
1213 			ifa->ifa_broadcast = sin->sin_addr.s_addr;
1214 			inet_insert_ifa(ifa);
1215 		}
1216 		break;
1217 
1218 	case SIOCSIFDSTADDR:	/* Set the destination address */
1219 		ret = 0;
1220 		if (ifa->ifa_address == sin->sin_addr.s_addr)
1221 			break;
1222 		ret = -EINVAL;
1223 		if (inet_abc_len(sin->sin_addr.s_addr) < 0)
1224 			break;
1225 		ret = 0;
1226 		inet_del_ifa(in_dev, ifap, 0);
1227 		ifa->ifa_address = sin->sin_addr.s_addr;
1228 		inet_insert_ifa(ifa);
1229 		break;
1230 
1231 	case SIOCSIFNETMASK: 	/* Set the netmask for the interface */
1232 
1233 		/*
1234 		 *	The mask we set must be legal.
1235 		 */
1236 		ret = -EINVAL;
1237 		if (bad_mask(sin->sin_addr.s_addr, 0))
1238 			break;
1239 		ret = 0;
1240 		if (ifa->ifa_mask != sin->sin_addr.s_addr) {
1241 			__be32 old_mask = ifa->ifa_mask;
1242 			inet_del_ifa(in_dev, ifap, 0);
1243 			ifa->ifa_mask = sin->sin_addr.s_addr;
1244 			ifa->ifa_prefixlen = inet_mask_len(ifa->ifa_mask);
1245 
1246 			/* See if current broadcast address matches
1247 			 * with current netmask, then recalculate
1248 			 * the broadcast address. Otherwise it's a
1249 			 * funny address, so don't touch it since
1250 			 * the user seems to know what (s)he's doing...
1251 			 */
1252 			if ((dev->flags & IFF_BROADCAST) &&
1253 			    (ifa->ifa_prefixlen < 31) &&
1254 			    (ifa->ifa_broadcast ==
1255 			     (ifa->ifa_local|~old_mask))) {
1256 				ifa->ifa_broadcast = (ifa->ifa_local |
1257 						      ~sin->sin_addr.s_addr);
1258 			}
1259 			inet_insert_ifa(ifa);
1260 		}
1261 		break;
1262 	}
1263 done:
1264 	rtnl_unlock();
1265 out:
1266 	return ret;
1267 }
1268 
1269 int inet_gifconf(struct net_device *dev, char __user *buf, int len, int size)
1270 {
1271 	struct in_device *in_dev = __in_dev_get_rtnl(dev);
1272 	const struct in_ifaddr *ifa;
1273 	struct ifreq ifr;
1274 	int done = 0;
1275 
1276 	if (WARN_ON(size > sizeof(struct ifreq)))
1277 		goto out;
1278 
1279 	if (!in_dev)
1280 		goto out;
1281 
1282 	in_dev_for_each_ifa_rtnl(ifa, in_dev) {
1283 		if (!buf) {
1284 			done += size;
1285 			continue;
1286 		}
1287 		if (len < size)
1288 			break;
1289 		memset(&ifr, 0, sizeof(struct ifreq));
1290 		strcpy(ifr.ifr_name, ifa->ifa_label);
1291 
1292 		(*(struct sockaddr_in *)&ifr.ifr_addr).sin_family = AF_INET;
1293 		(*(struct sockaddr_in *)&ifr.ifr_addr).sin_addr.s_addr =
1294 								ifa->ifa_local;
1295 
1296 		if (copy_to_user(buf + done, &ifr, size)) {
1297 			done = -EFAULT;
1298 			break;
1299 		}
1300 		len  -= size;
1301 		done += size;
1302 	}
1303 out:
1304 	return done;
1305 }
1306 
1307 static __be32 in_dev_select_addr(const struct in_device *in_dev,
1308 				 int scope)
1309 {
1310 	const struct in_ifaddr *ifa;
1311 
1312 	in_dev_for_each_ifa_rcu(ifa, in_dev) {
1313 		if (ifa->ifa_flags & IFA_F_SECONDARY)
1314 			continue;
1315 		if (ifa->ifa_scope != RT_SCOPE_LINK &&
1316 		    ifa->ifa_scope <= scope)
1317 			return ifa->ifa_local;
1318 	}
1319 
1320 	return 0;
1321 }
1322 
1323 __be32 inet_select_addr(const struct net_device *dev, __be32 dst, int scope)
1324 {
1325 	const struct in_ifaddr *ifa;
1326 	__be32 addr = 0;
1327 	unsigned char localnet_scope = RT_SCOPE_HOST;
1328 	struct in_device *in_dev;
1329 	struct net *net = dev_net(dev);
1330 	int master_idx;
1331 
1332 	rcu_read_lock();
1333 	in_dev = __in_dev_get_rcu(dev);
1334 	if (!in_dev)
1335 		goto no_in_dev;
1336 
1337 	if (unlikely(IN_DEV_ROUTE_LOCALNET(in_dev)))
1338 		localnet_scope = RT_SCOPE_LINK;
1339 
1340 	in_dev_for_each_ifa_rcu(ifa, in_dev) {
1341 		if (ifa->ifa_flags & IFA_F_SECONDARY)
1342 			continue;
1343 		if (min(ifa->ifa_scope, localnet_scope) > scope)
1344 			continue;
1345 		if (!dst || inet_ifa_match(dst, ifa)) {
1346 			addr = ifa->ifa_local;
1347 			break;
1348 		}
1349 		if (!addr)
1350 			addr = ifa->ifa_local;
1351 	}
1352 
1353 	if (addr)
1354 		goto out_unlock;
1355 no_in_dev:
1356 	master_idx = l3mdev_master_ifindex_rcu(dev);
1357 
1358 	/* For VRFs, the VRF device takes the place of the loopback device,
1359 	 * with addresses on it being preferred.  Note in such cases the
1360 	 * loopback device will be among the devices that fail the master_idx
1361 	 * equality check in the loop below.
1362 	 */
1363 	if (master_idx &&
1364 	    (dev = dev_get_by_index_rcu(net, master_idx)) &&
1365 	    (in_dev = __in_dev_get_rcu(dev))) {
1366 		addr = in_dev_select_addr(in_dev, scope);
1367 		if (addr)
1368 			goto out_unlock;
1369 	}
1370 
1371 	/* Not loopback addresses on loopback should be preferred
1372 	   in this case. It is important that lo is the first interface
1373 	   in dev_base list.
1374 	 */
1375 	for_each_netdev_rcu(net, dev) {
1376 		if (l3mdev_master_ifindex_rcu(dev) != master_idx)
1377 			continue;
1378 
1379 		in_dev = __in_dev_get_rcu(dev);
1380 		if (!in_dev)
1381 			continue;
1382 
1383 		addr = in_dev_select_addr(in_dev, scope);
1384 		if (addr)
1385 			goto out_unlock;
1386 	}
1387 out_unlock:
1388 	rcu_read_unlock();
1389 	return addr;
1390 }
1391 EXPORT_SYMBOL(inet_select_addr);
1392 
1393 static __be32 confirm_addr_indev(struct in_device *in_dev, __be32 dst,
1394 			      __be32 local, int scope)
1395 {
1396 	unsigned char localnet_scope = RT_SCOPE_HOST;
1397 	const struct in_ifaddr *ifa;
1398 	__be32 addr = 0;
1399 	int same = 0;
1400 
1401 	if (unlikely(IN_DEV_ROUTE_LOCALNET(in_dev)))
1402 		localnet_scope = RT_SCOPE_LINK;
1403 
1404 	in_dev_for_each_ifa_rcu(ifa, in_dev) {
1405 		unsigned char min_scope = min(ifa->ifa_scope, localnet_scope);
1406 
1407 		if (!addr &&
1408 		    (local == ifa->ifa_local || !local) &&
1409 		    min_scope <= scope) {
1410 			addr = ifa->ifa_local;
1411 			if (same)
1412 				break;
1413 		}
1414 		if (!same) {
1415 			same = (!local || inet_ifa_match(local, ifa)) &&
1416 				(!dst || inet_ifa_match(dst, ifa));
1417 			if (same && addr) {
1418 				if (local || !dst)
1419 					break;
1420 				/* Is the selected addr into dst subnet? */
1421 				if (inet_ifa_match(addr, ifa))
1422 					break;
1423 				/* No, then can we use new local src? */
1424 				if (min_scope <= scope) {
1425 					addr = ifa->ifa_local;
1426 					break;
1427 				}
1428 				/* search for large dst subnet for addr */
1429 				same = 0;
1430 			}
1431 		}
1432 	}
1433 
1434 	return same ? addr : 0;
1435 }
1436 
1437 /*
1438  * Confirm that local IP address exists using wildcards:
1439  * - net: netns to check, cannot be NULL
1440  * - in_dev: only on this interface, NULL=any interface
1441  * - dst: only in the same subnet as dst, 0=any dst
1442  * - local: address, 0=autoselect the local address
1443  * - scope: maximum allowed scope value for the local address
1444  */
1445 __be32 inet_confirm_addr(struct net *net, struct in_device *in_dev,
1446 			 __be32 dst, __be32 local, int scope)
1447 {
1448 	__be32 addr = 0;
1449 	struct net_device *dev;
1450 
1451 	if (in_dev)
1452 		return confirm_addr_indev(in_dev, dst, local, scope);
1453 
1454 	rcu_read_lock();
1455 	for_each_netdev_rcu(net, dev) {
1456 		in_dev = __in_dev_get_rcu(dev);
1457 		if (in_dev) {
1458 			addr = confirm_addr_indev(in_dev, dst, local, scope);
1459 			if (addr)
1460 				break;
1461 		}
1462 	}
1463 	rcu_read_unlock();
1464 
1465 	return addr;
1466 }
1467 EXPORT_SYMBOL(inet_confirm_addr);
1468 
1469 /*
1470  *	Device notifier
1471  */
1472 
1473 int register_inetaddr_notifier(struct notifier_block *nb)
1474 {
1475 	return blocking_notifier_chain_register(&inetaddr_chain, nb);
1476 }
1477 EXPORT_SYMBOL(register_inetaddr_notifier);
1478 
1479 int unregister_inetaddr_notifier(struct notifier_block *nb)
1480 {
1481 	return blocking_notifier_chain_unregister(&inetaddr_chain, nb);
1482 }
1483 EXPORT_SYMBOL(unregister_inetaddr_notifier);
1484 
1485 int register_inetaddr_validator_notifier(struct notifier_block *nb)
1486 {
1487 	return blocking_notifier_chain_register(&inetaddr_validator_chain, nb);
1488 }
1489 EXPORT_SYMBOL(register_inetaddr_validator_notifier);
1490 
1491 int unregister_inetaddr_validator_notifier(struct notifier_block *nb)
1492 {
1493 	return blocking_notifier_chain_unregister(&inetaddr_validator_chain,
1494 	    nb);
1495 }
1496 EXPORT_SYMBOL(unregister_inetaddr_validator_notifier);
1497 
1498 /* Rename ifa_labels for a device name change. Make some effort to preserve
1499  * existing alias numbering and to create unique labels if possible.
1500 */
1501 static void inetdev_changename(struct net_device *dev, struct in_device *in_dev)
1502 {
1503 	struct in_ifaddr *ifa;
1504 	int named = 0;
1505 
1506 	in_dev_for_each_ifa_rtnl(ifa, in_dev) {
1507 		char old[IFNAMSIZ], *dot;
1508 
1509 		memcpy(old, ifa->ifa_label, IFNAMSIZ);
1510 		memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
1511 		if (named++ == 0)
1512 			goto skip;
1513 		dot = strchr(old, ':');
1514 		if (!dot) {
1515 			sprintf(old, ":%d", named);
1516 			dot = old;
1517 		}
1518 		if (strlen(dot) + strlen(dev->name) < IFNAMSIZ)
1519 			strcat(ifa->ifa_label, dot);
1520 		else
1521 			strcpy(ifa->ifa_label + (IFNAMSIZ - strlen(dot) - 1), dot);
1522 skip:
1523 		rtmsg_ifa(RTM_NEWADDR, ifa, NULL, 0);
1524 	}
1525 }
1526 
1527 static void inetdev_send_gratuitous_arp(struct net_device *dev,
1528 					struct in_device *in_dev)
1529 
1530 {
1531 	const struct in_ifaddr *ifa;
1532 
1533 	in_dev_for_each_ifa_rtnl(ifa, in_dev) {
1534 		arp_send(ARPOP_REQUEST, ETH_P_ARP,
1535 			 ifa->ifa_local, dev,
1536 			 ifa->ifa_local, NULL,
1537 			 dev->dev_addr, NULL);
1538 	}
1539 }
1540 
1541 /* Called only under RTNL semaphore */
1542 
1543 static int inetdev_event(struct notifier_block *this, unsigned long event,
1544 			 void *ptr)
1545 {
1546 	struct net_device *dev = netdev_notifier_info_to_dev(ptr);
1547 	struct in_device *in_dev = __in_dev_get_rtnl(dev);
1548 
1549 	ASSERT_RTNL();
1550 
1551 	if (!in_dev) {
1552 		if (event == NETDEV_REGISTER) {
1553 			in_dev = inetdev_init(dev);
1554 			if (IS_ERR(in_dev))
1555 				return notifier_from_errno(PTR_ERR(in_dev));
1556 			if (dev->flags & IFF_LOOPBACK) {
1557 				IN_DEV_CONF_SET(in_dev, NOXFRM, 1);
1558 				IN_DEV_CONF_SET(in_dev, NOPOLICY, 1);
1559 			}
1560 		} else if (event == NETDEV_CHANGEMTU) {
1561 			/* Re-enabling IP */
1562 			if (inetdev_valid_mtu(dev->mtu))
1563 				in_dev = inetdev_init(dev);
1564 		}
1565 		goto out;
1566 	}
1567 
1568 	switch (event) {
1569 	case NETDEV_REGISTER:
1570 		pr_debug("%s: bug\n", __func__);
1571 		RCU_INIT_POINTER(dev->ip_ptr, NULL);
1572 		break;
1573 	case NETDEV_UP:
1574 		if (!inetdev_valid_mtu(dev->mtu))
1575 			break;
1576 		if (dev->flags & IFF_LOOPBACK) {
1577 			struct in_ifaddr *ifa = inet_alloc_ifa();
1578 
1579 			if (ifa) {
1580 				INIT_HLIST_NODE(&ifa->hash);
1581 				ifa->ifa_local =
1582 				  ifa->ifa_address = htonl(INADDR_LOOPBACK);
1583 				ifa->ifa_prefixlen = 8;
1584 				ifa->ifa_mask = inet_make_mask(8);
1585 				in_dev_hold(in_dev);
1586 				ifa->ifa_dev = in_dev;
1587 				ifa->ifa_scope = RT_SCOPE_HOST;
1588 				memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
1589 				set_ifa_lifetime(ifa, INFINITY_LIFE_TIME,
1590 						 INFINITY_LIFE_TIME);
1591 				ipv4_devconf_setall(in_dev);
1592 				neigh_parms_data_state_setall(in_dev->arp_parms);
1593 				inet_insert_ifa(ifa);
1594 			}
1595 		}
1596 		ip_mc_up(in_dev);
1597 		fallthrough;
1598 	case NETDEV_CHANGEADDR:
1599 		if (!IN_DEV_ARP_NOTIFY(in_dev))
1600 			break;
1601 		fallthrough;
1602 	case NETDEV_NOTIFY_PEERS:
1603 		/* Send gratuitous ARP to notify of link change */
1604 		inetdev_send_gratuitous_arp(dev, in_dev);
1605 		break;
1606 	case NETDEV_DOWN:
1607 		ip_mc_down(in_dev);
1608 		break;
1609 	case NETDEV_PRE_TYPE_CHANGE:
1610 		ip_mc_unmap(in_dev);
1611 		break;
1612 	case NETDEV_POST_TYPE_CHANGE:
1613 		ip_mc_remap(in_dev);
1614 		break;
1615 	case NETDEV_CHANGEMTU:
1616 		if (inetdev_valid_mtu(dev->mtu))
1617 			break;
1618 		/* disable IP when MTU is not enough */
1619 		fallthrough;
1620 	case NETDEV_UNREGISTER:
1621 		inetdev_destroy(in_dev);
1622 		break;
1623 	case NETDEV_CHANGENAME:
1624 		/* Do not notify about label change, this event is
1625 		 * not interesting to applications using netlink.
1626 		 */
1627 		inetdev_changename(dev, in_dev);
1628 
1629 		devinet_sysctl_unregister(in_dev);
1630 		devinet_sysctl_register(in_dev);
1631 		break;
1632 	}
1633 out:
1634 	return NOTIFY_DONE;
1635 }
1636 
1637 static struct notifier_block ip_netdev_notifier = {
1638 	.notifier_call = inetdev_event,
1639 };
1640 
1641 static size_t inet_nlmsg_size(void)
1642 {
1643 	return NLMSG_ALIGN(sizeof(struct ifaddrmsg))
1644 	       + nla_total_size(4) /* IFA_ADDRESS */
1645 	       + nla_total_size(4) /* IFA_LOCAL */
1646 	       + nla_total_size(4) /* IFA_BROADCAST */
1647 	       + nla_total_size(IFNAMSIZ) /* IFA_LABEL */
1648 	       + nla_total_size(4)  /* IFA_FLAGS */
1649 	       + nla_total_size(1)  /* IFA_PROTO */
1650 	       + nla_total_size(4)  /* IFA_RT_PRIORITY */
1651 	       + nla_total_size(sizeof(struct ifa_cacheinfo)); /* IFA_CACHEINFO */
1652 }
1653 
1654 static inline u32 cstamp_delta(unsigned long cstamp)
1655 {
1656 	return (cstamp - INITIAL_JIFFIES) * 100UL / HZ;
1657 }
1658 
1659 static int put_cacheinfo(struct sk_buff *skb, unsigned long cstamp,
1660 			 unsigned long tstamp, u32 preferred, u32 valid)
1661 {
1662 	struct ifa_cacheinfo ci;
1663 
1664 	ci.cstamp = cstamp_delta(cstamp);
1665 	ci.tstamp = cstamp_delta(tstamp);
1666 	ci.ifa_prefered = preferred;
1667 	ci.ifa_valid = valid;
1668 
1669 	return nla_put(skb, IFA_CACHEINFO, sizeof(ci), &ci);
1670 }
1671 
1672 static int inet_fill_ifaddr(struct sk_buff *skb, struct in_ifaddr *ifa,
1673 			    struct inet_fill_args *args)
1674 {
1675 	struct ifaddrmsg *ifm;
1676 	struct nlmsghdr  *nlh;
1677 	u32 preferred, valid;
1678 
1679 	nlh = nlmsg_put(skb, args->portid, args->seq, args->event, sizeof(*ifm),
1680 			args->flags);
1681 	if (!nlh)
1682 		return -EMSGSIZE;
1683 
1684 	ifm = nlmsg_data(nlh);
1685 	ifm->ifa_family = AF_INET;
1686 	ifm->ifa_prefixlen = ifa->ifa_prefixlen;
1687 	ifm->ifa_flags = ifa->ifa_flags;
1688 	ifm->ifa_scope = ifa->ifa_scope;
1689 	ifm->ifa_index = ifa->ifa_dev->dev->ifindex;
1690 
1691 	if (args->netnsid >= 0 &&
1692 	    nla_put_s32(skb, IFA_TARGET_NETNSID, args->netnsid))
1693 		goto nla_put_failure;
1694 
1695 	if (!(ifm->ifa_flags & IFA_F_PERMANENT)) {
1696 		preferred = ifa->ifa_preferred_lft;
1697 		valid = ifa->ifa_valid_lft;
1698 		if (preferred != INFINITY_LIFE_TIME) {
1699 			long tval = (jiffies - ifa->ifa_tstamp) / HZ;
1700 
1701 			if (preferred > tval)
1702 				preferred -= tval;
1703 			else
1704 				preferred = 0;
1705 			if (valid != INFINITY_LIFE_TIME) {
1706 				if (valid > tval)
1707 					valid -= tval;
1708 				else
1709 					valid = 0;
1710 			}
1711 		}
1712 	} else {
1713 		preferred = INFINITY_LIFE_TIME;
1714 		valid = INFINITY_LIFE_TIME;
1715 	}
1716 	if ((ifa->ifa_address &&
1717 	     nla_put_in_addr(skb, IFA_ADDRESS, ifa->ifa_address)) ||
1718 	    (ifa->ifa_local &&
1719 	     nla_put_in_addr(skb, IFA_LOCAL, ifa->ifa_local)) ||
1720 	    (ifa->ifa_broadcast &&
1721 	     nla_put_in_addr(skb, IFA_BROADCAST, ifa->ifa_broadcast)) ||
1722 	    (ifa->ifa_label[0] &&
1723 	     nla_put_string(skb, IFA_LABEL, ifa->ifa_label)) ||
1724 	    (ifa->ifa_proto &&
1725 	     nla_put_u8(skb, IFA_PROTO, ifa->ifa_proto)) ||
1726 	    nla_put_u32(skb, IFA_FLAGS, ifa->ifa_flags) ||
1727 	    (ifa->ifa_rt_priority &&
1728 	     nla_put_u32(skb, IFA_RT_PRIORITY, ifa->ifa_rt_priority)) ||
1729 	    put_cacheinfo(skb, ifa->ifa_cstamp, ifa->ifa_tstamp,
1730 			  preferred, valid))
1731 		goto nla_put_failure;
1732 
1733 	nlmsg_end(skb, nlh);
1734 	return 0;
1735 
1736 nla_put_failure:
1737 	nlmsg_cancel(skb, nlh);
1738 	return -EMSGSIZE;
1739 }
1740 
1741 static int inet_valid_dump_ifaddr_req(const struct nlmsghdr *nlh,
1742 				      struct inet_fill_args *fillargs,
1743 				      struct net **tgt_net, struct sock *sk,
1744 				      struct netlink_callback *cb)
1745 {
1746 	struct netlink_ext_ack *extack = cb->extack;
1747 	struct nlattr *tb[IFA_MAX+1];
1748 	struct ifaddrmsg *ifm;
1749 	int err, i;
1750 
1751 	if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*ifm))) {
1752 		NL_SET_ERR_MSG(extack, "ipv4: Invalid header for address dump request");
1753 		return -EINVAL;
1754 	}
1755 
1756 	ifm = nlmsg_data(nlh);
1757 	if (ifm->ifa_prefixlen || ifm->ifa_flags || ifm->ifa_scope) {
1758 		NL_SET_ERR_MSG(extack, "ipv4: Invalid values in header for address dump request");
1759 		return -EINVAL;
1760 	}
1761 
1762 	fillargs->ifindex = ifm->ifa_index;
1763 	if (fillargs->ifindex) {
1764 		cb->answer_flags |= NLM_F_DUMP_FILTERED;
1765 		fillargs->flags |= NLM_F_DUMP_FILTERED;
1766 	}
1767 
1768 	err = nlmsg_parse_deprecated_strict(nlh, sizeof(*ifm), tb, IFA_MAX,
1769 					    ifa_ipv4_policy, extack);
1770 	if (err < 0)
1771 		return err;
1772 
1773 	for (i = 0; i <= IFA_MAX; ++i) {
1774 		if (!tb[i])
1775 			continue;
1776 
1777 		if (i == IFA_TARGET_NETNSID) {
1778 			struct net *net;
1779 
1780 			fillargs->netnsid = nla_get_s32(tb[i]);
1781 
1782 			net = rtnl_get_net_ns_capable(sk, fillargs->netnsid);
1783 			if (IS_ERR(net)) {
1784 				fillargs->netnsid = -1;
1785 				NL_SET_ERR_MSG(extack, "ipv4: Invalid target network namespace id");
1786 				return PTR_ERR(net);
1787 			}
1788 			*tgt_net = net;
1789 		} else {
1790 			NL_SET_ERR_MSG(extack, "ipv4: Unsupported attribute in dump request");
1791 			return -EINVAL;
1792 		}
1793 	}
1794 
1795 	return 0;
1796 }
1797 
1798 static int in_dev_dump_addr(struct in_device *in_dev, struct sk_buff *skb,
1799 			    struct netlink_callback *cb, int s_ip_idx,
1800 			    struct inet_fill_args *fillargs)
1801 {
1802 	struct in_ifaddr *ifa;
1803 	int ip_idx = 0;
1804 	int err;
1805 
1806 	in_dev_for_each_ifa_rtnl(ifa, in_dev) {
1807 		if (ip_idx < s_ip_idx) {
1808 			ip_idx++;
1809 			continue;
1810 		}
1811 		err = inet_fill_ifaddr(skb, ifa, fillargs);
1812 		if (err < 0)
1813 			goto done;
1814 
1815 		nl_dump_check_consistent(cb, nlmsg_hdr(skb));
1816 		ip_idx++;
1817 	}
1818 	err = 0;
1819 
1820 done:
1821 	cb->args[2] = ip_idx;
1822 
1823 	return err;
1824 }
1825 
1826 /* Combine dev_addr_genid and dev_base_seq to detect changes.
1827  */
1828 static u32 inet_base_seq(const struct net *net)
1829 {
1830 	u32 res = atomic_read(&net->ipv4.dev_addr_genid) +
1831 		  net->dev_base_seq;
1832 
1833 	/* Must not return 0 (see nl_dump_check_consistent()).
1834 	 * Chose a value far away from 0.
1835 	 */
1836 	if (!res)
1837 		res = 0x80000000;
1838 	return res;
1839 }
1840 
1841 static int inet_dump_ifaddr(struct sk_buff *skb, struct netlink_callback *cb)
1842 {
1843 	const struct nlmsghdr *nlh = cb->nlh;
1844 	struct inet_fill_args fillargs = {
1845 		.portid = NETLINK_CB(cb->skb).portid,
1846 		.seq = nlh->nlmsg_seq,
1847 		.event = RTM_NEWADDR,
1848 		.flags = NLM_F_MULTI,
1849 		.netnsid = -1,
1850 	};
1851 	struct net *net = sock_net(skb->sk);
1852 	struct net *tgt_net = net;
1853 	int h, s_h;
1854 	int idx, s_idx;
1855 	int s_ip_idx;
1856 	struct net_device *dev;
1857 	struct in_device *in_dev;
1858 	struct hlist_head *head;
1859 	int err = 0;
1860 
1861 	s_h = cb->args[0];
1862 	s_idx = idx = cb->args[1];
1863 	s_ip_idx = cb->args[2];
1864 
1865 	if (cb->strict_check) {
1866 		err = inet_valid_dump_ifaddr_req(nlh, &fillargs, &tgt_net,
1867 						 skb->sk, cb);
1868 		if (err < 0)
1869 			goto put_tgt_net;
1870 
1871 		err = 0;
1872 		if (fillargs.ifindex) {
1873 			dev = __dev_get_by_index(tgt_net, fillargs.ifindex);
1874 			if (!dev) {
1875 				err = -ENODEV;
1876 				goto put_tgt_net;
1877 			}
1878 
1879 			in_dev = __in_dev_get_rtnl(dev);
1880 			if (in_dev) {
1881 				err = in_dev_dump_addr(in_dev, skb, cb, s_ip_idx,
1882 						       &fillargs);
1883 			}
1884 			goto put_tgt_net;
1885 		}
1886 	}
1887 
1888 	for (h = s_h; h < NETDEV_HASHENTRIES; h++, s_idx = 0) {
1889 		idx = 0;
1890 		head = &tgt_net->dev_index_head[h];
1891 		rcu_read_lock();
1892 		cb->seq = inet_base_seq(tgt_net);
1893 		hlist_for_each_entry_rcu(dev, head, index_hlist) {
1894 			if (idx < s_idx)
1895 				goto cont;
1896 			if (h > s_h || idx > s_idx)
1897 				s_ip_idx = 0;
1898 			in_dev = __in_dev_get_rcu(dev);
1899 			if (!in_dev)
1900 				goto cont;
1901 
1902 			err = in_dev_dump_addr(in_dev, skb, cb, s_ip_idx,
1903 					       &fillargs);
1904 			if (err < 0) {
1905 				rcu_read_unlock();
1906 				goto done;
1907 			}
1908 cont:
1909 			idx++;
1910 		}
1911 		rcu_read_unlock();
1912 	}
1913 
1914 done:
1915 	cb->args[0] = h;
1916 	cb->args[1] = idx;
1917 put_tgt_net:
1918 	if (fillargs.netnsid >= 0)
1919 		put_net(tgt_net);
1920 
1921 	return skb->len ? : err;
1922 }
1923 
1924 static void rtmsg_ifa(int event, struct in_ifaddr *ifa, struct nlmsghdr *nlh,
1925 		      u32 portid)
1926 {
1927 	struct inet_fill_args fillargs = {
1928 		.portid = portid,
1929 		.seq = nlh ? nlh->nlmsg_seq : 0,
1930 		.event = event,
1931 		.flags = 0,
1932 		.netnsid = -1,
1933 	};
1934 	struct sk_buff *skb;
1935 	int err = -ENOBUFS;
1936 	struct net *net;
1937 
1938 	net = dev_net(ifa->ifa_dev->dev);
1939 	skb = nlmsg_new(inet_nlmsg_size(), GFP_KERNEL);
1940 	if (!skb)
1941 		goto errout;
1942 
1943 	err = inet_fill_ifaddr(skb, ifa, &fillargs);
1944 	if (err < 0) {
1945 		/* -EMSGSIZE implies BUG in inet_nlmsg_size() */
1946 		WARN_ON(err == -EMSGSIZE);
1947 		kfree_skb(skb);
1948 		goto errout;
1949 	}
1950 	rtnl_notify(skb, net, portid, RTNLGRP_IPV4_IFADDR, nlh, GFP_KERNEL);
1951 	return;
1952 errout:
1953 	if (err < 0)
1954 		rtnl_set_sk_err(net, RTNLGRP_IPV4_IFADDR, err);
1955 }
1956 
1957 static size_t inet_get_link_af_size(const struct net_device *dev,
1958 				    u32 ext_filter_mask)
1959 {
1960 	struct in_device *in_dev = rcu_dereference_rtnl(dev->ip_ptr);
1961 
1962 	if (!in_dev)
1963 		return 0;
1964 
1965 	return nla_total_size(IPV4_DEVCONF_MAX * 4); /* IFLA_INET_CONF */
1966 }
1967 
1968 static int inet_fill_link_af(struct sk_buff *skb, const struct net_device *dev,
1969 			     u32 ext_filter_mask)
1970 {
1971 	struct in_device *in_dev = rcu_dereference_rtnl(dev->ip_ptr);
1972 	struct nlattr *nla;
1973 	int i;
1974 
1975 	if (!in_dev)
1976 		return -ENODATA;
1977 
1978 	nla = nla_reserve(skb, IFLA_INET_CONF, IPV4_DEVCONF_MAX * 4);
1979 	if (!nla)
1980 		return -EMSGSIZE;
1981 
1982 	for (i = 0; i < IPV4_DEVCONF_MAX; i++)
1983 		((u32 *) nla_data(nla))[i] = in_dev->cnf.data[i];
1984 
1985 	return 0;
1986 }
1987 
1988 static const struct nla_policy inet_af_policy[IFLA_INET_MAX+1] = {
1989 	[IFLA_INET_CONF]	= { .type = NLA_NESTED },
1990 };
1991 
1992 static int inet_validate_link_af(const struct net_device *dev,
1993 				 const struct nlattr *nla,
1994 				 struct netlink_ext_ack *extack)
1995 {
1996 	struct nlattr *a, *tb[IFLA_INET_MAX+1];
1997 	int err, rem;
1998 
1999 	if (dev && !__in_dev_get_rtnl(dev))
2000 		return -EAFNOSUPPORT;
2001 
2002 	err = nla_parse_nested_deprecated(tb, IFLA_INET_MAX, nla,
2003 					  inet_af_policy, extack);
2004 	if (err < 0)
2005 		return err;
2006 
2007 	if (tb[IFLA_INET_CONF]) {
2008 		nla_for_each_nested(a, tb[IFLA_INET_CONF], rem) {
2009 			int cfgid = nla_type(a);
2010 
2011 			if (nla_len(a) < 4)
2012 				return -EINVAL;
2013 
2014 			if (cfgid <= 0 || cfgid > IPV4_DEVCONF_MAX)
2015 				return -EINVAL;
2016 		}
2017 	}
2018 
2019 	return 0;
2020 }
2021 
2022 static int inet_set_link_af(struct net_device *dev, const struct nlattr *nla,
2023 			    struct netlink_ext_ack *extack)
2024 {
2025 	struct in_device *in_dev = __in_dev_get_rtnl(dev);
2026 	struct nlattr *a, *tb[IFLA_INET_MAX+1];
2027 	int rem;
2028 
2029 	if (!in_dev)
2030 		return -EAFNOSUPPORT;
2031 
2032 	if (nla_parse_nested_deprecated(tb, IFLA_INET_MAX, nla, NULL, NULL) < 0)
2033 		return -EINVAL;
2034 
2035 	if (tb[IFLA_INET_CONF]) {
2036 		nla_for_each_nested(a, tb[IFLA_INET_CONF], rem)
2037 			ipv4_devconf_set(in_dev, nla_type(a), nla_get_u32(a));
2038 	}
2039 
2040 	return 0;
2041 }
2042 
2043 static int inet_netconf_msgsize_devconf(int type)
2044 {
2045 	int size = NLMSG_ALIGN(sizeof(struct netconfmsg))
2046 		   + nla_total_size(4);	/* NETCONFA_IFINDEX */
2047 	bool all = false;
2048 
2049 	if (type == NETCONFA_ALL)
2050 		all = true;
2051 
2052 	if (all || type == NETCONFA_FORWARDING)
2053 		size += nla_total_size(4);
2054 	if (all || type == NETCONFA_RP_FILTER)
2055 		size += nla_total_size(4);
2056 	if (all || type == NETCONFA_MC_FORWARDING)
2057 		size += nla_total_size(4);
2058 	if (all || type == NETCONFA_BC_FORWARDING)
2059 		size += nla_total_size(4);
2060 	if (all || type == NETCONFA_PROXY_NEIGH)
2061 		size += nla_total_size(4);
2062 	if (all || type == NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN)
2063 		size += nla_total_size(4);
2064 
2065 	return size;
2066 }
2067 
2068 static int inet_netconf_fill_devconf(struct sk_buff *skb, int ifindex,
2069 				     struct ipv4_devconf *devconf, u32 portid,
2070 				     u32 seq, int event, unsigned int flags,
2071 				     int type)
2072 {
2073 	struct nlmsghdr  *nlh;
2074 	struct netconfmsg *ncm;
2075 	bool all = false;
2076 
2077 	nlh = nlmsg_put(skb, portid, seq, event, sizeof(struct netconfmsg),
2078 			flags);
2079 	if (!nlh)
2080 		return -EMSGSIZE;
2081 
2082 	if (type == NETCONFA_ALL)
2083 		all = true;
2084 
2085 	ncm = nlmsg_data(nlh);
2086 	ncm->ncm_family = AF_INET;
2087 
2088 	if (nla_put_s32(skb, NETCONFA_IFINDEX, ifindex) < 0)
2089 		goto nla_put_failure;
2090 
2091 	if (!devconf)
2092 		goto out;
2093 
2094 	if ((all || type == NETCONFA_FORWARDING) &&
2095 	    nla_put_s32(skb, NETCONFA_FORWARDING,
2096 			IPV4_DEVCONF(*devconf, FORWARDING)) < 0)
2097 		goto nla_put_failure;
2098 	if ((all || type == NETCONFA_RP_FILTER) &&
2099 	    nla_put_s32(skb, NETCONFA_RP_FILTER,
2100 			IPV4_DEVCONF(*devconf, RP_FILTER)) < 0)
2101 		goto nla_put_failure;
2102 	if ((all || type == NETCONFA_MC_FORWARDING) &&
2103 	    nla_put_s32(skb, NETCONFA_MC_FORWARDING,
2104 			IPV4_DEVCONF(*devconf, MC_FORWARDING)) < 0)
2105 		goto nla_put_failure;
2106 	if ((all || type == NETCONFA_BC_FORWARDING) &&
2107 	    nla_put_s32(skb, NETCONFA_BC_FORWARDING,
2108 			IPV4_DEVCONF(*devconf, BC_FORWARDING)) < 0)
2109 		goto nla_put_failure;
2110 	if ((all || type == NETCONFA_PROXY_NEIGH) &&
2111 	    nla_put_s32(skb, NETCONFA_PROXY_NEIGH,
2112 			IPV4_DEVCONF(*devconf, PROXY_ARP)) < 0)
2113 		goto nla_put_failure;
2114 	if ((all || type == NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN) &&
2115 	    nla_put_s32(skb, NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN,
2116 			IPV4_DEVCONF(*devconf, IGNORE_ROUTES_WITH_LINKDOWN)) < 0)
2117 		goto nla_put_failure;
2118 
2119 out:
2120 	nlmsg_end(skb, nlh);
2121 	return 0;
2122 
2123 nla_put_failure:
2124 	nlmsg_cancel(skb, nlh);
2125 	return -EMSGSIZE;
2126 }
2127 
2128 void inet_netconf_notify_devconf(struct net *net, int event, int type,
2129 				 int ifindex, struct ipv4_devconf *devconf)
2130 {
2131 	struct sk_buff *skb;
2132 	int err = -ENOBUFS;
2133 
2134 	skb = nlmsg_new(inet_netconf_msgsize_devconf(type), GFP_KERNEL);
2135 	if (!skb)
2136 		goto errout;
2137 
2138 	err = inet_netconf_fill_devconf(skb, ifindex, devconf, 0, 0,
2139 					event, 0, type);
2140 	if (err < 0) {
2141 		/* -EMSGSIZE implies BUG in inet_netconf_msgsize_devconf() */
2142 		WARN_ON(err == -EMSGSIZE);
2143 		kfree_skb(skb);
2144 		goto errout;
2145 	}
2146 	rtnl_notify(skb, net, 0, RTNLGRP_IPV4_NETCONF, NULL, GFP_KERNEL);
2147 	return;
2148 errout:
2149 	if (err < 0)
2150 		rtnl_set_sk_err(net, RTNLGRP_IPV4_NETCONF, err);
2151 }
2152 
2153 static const struct nla_policy devconf_ipv4_policy[NETCONFA_MAX+1] = {
2154 	[NETCONFA_IFINDEX]	= { .len = sizeof(int) },
2155 	[NETCONFA_FORWARDING]	= { .len = sizeof(int) },
2156 	[NETCONFA_RP_FILTER]	= { .len = sizeof(int) },
2157 	[NETCONFA_PROXY_NEIGH]	= { .len = sizeof(int) },
2158 	[NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN]	= { .len = sizeof(int) },
2159 };
2160 
2161 static int inet_netconf_valid_get_req(struct sk_buff *skb,
2162 				      const struct nlmsghdr *nlh,
2163 				      struct nlattr **tb,
2164 				      struct netlink_ext_ack *extack)
2165 {
2166 	int i, err;
2167 
2168 	if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(struct netconfmsg))) {
2169 		NL_SET_ERR_MSG(extack, "ipv4: Invalid header for netconf get request");
2170 		return -EINVAL;
2171 	}
2172 
2173 	if (!netlink_strict_get_check(skb))
2174 		return nlmsg_parse_deprecated(nlh, sizeof(struct netconfmsg),
2175 					      tb, NETCONFA_MAX,
2176 					      devconf_ipv4_policy, extack);
2177 
2178 	err = nlmsg_parse_deprecated_strict(nlh, sizeof(struct netconfmsg),
2179 					    tb, NETCONFA_MAX,
2180 					    devconf_ipv4_policy, extack);
2181 	if (err)
2182 		return err;
2183 
2184 	for (i = 0; i <= NETCONFA_MAX; i++) {
2185 		if (!tb[i])
2186 			continue;
2187 
2188 		switch (i) {
2189 		case NETCONFA_IFINDEX:
2190 			break;
2191 		default:
2192 			NL_SET_ERR_MSG(extack, "ipv4: Unsupported attribute in netconf get request");
2193 			return -EINVAL;
2194 		}
2195 	}
2196 
2197 	return 0;
2198 }
2199 
2200 static int inet_netconf_get_devconf(struct sk_buff *in_skb,
2201 				    struct nlmsghdr *nlh,
2202 				    struct netlink_ext_ack *extack)
2203 {
2204 	struct net *net = sock_net(in_skb->sk);
2205 	struct nlattr *tb[NETCONFA_MAX+1];
2206 	struct sk_buff *skb;
2207 	struct ipv4_devconf *devconf;
2208 	struct in_device *in_dev;
2209 	struct net_device *dev;
2210 	int ifindex;
2211 	int err;
2212 
2213 	err = inet_netconf_valid_get_req(in_skb, nlh, tb, extack);
2214 	if (err)
2215 		goto errout;
2216 
2217 	err = -EINVAL;
2218 	if (!tb[NETCONFA_IFINDEX])
2219 		goto errout;
2220 
2221 	ifindex = nla_get_s32(tb[NETCONFA_IFINDEX]);
2222 	switch (ifindex) {
2223 	case NETCONFA_IFINDEX_ALL:
2224 		devconf = net->ipv4.devconf_all;
2225 		break;
2226 	case NETCONFA_IFINDEX_DEFAULT:
2227 		devconf = net->ipv4.devconf_dflt;
2228 		break;
2229 	default:
2230 		dev = __dev_get_by_index(net, ifindex);
2231 		if (!dev)
2232 			goto errout;
2233 		in_dev = __in_dev_get_rtnl(dev);
2234 		if (!in_dev)
2235 			goto errout;
2236 		devconf = &in_dev->cnf;
2237 		break;
2238 	}
2239 
2240 	err = -ENOBUFS;
2241 	skb = nlmsg_new(inet_netconf_msgsize_devconf(NETCONFA_ALL), GFP_KERNEL);
2242 	if (!skb)
2243 		goto errout;
2244 
2245 	err = inet_netconf_fill_devconf(skb, ifindex, devconf,
2246 					NETLINK_CB(in_skb).portid,
2247 					nlh->nlmsg_seq, RTM_NEWNETCONF, 0,
2248 					NETCONFA_ALL);
2249 	if (err < 0) {
2250 		/* -EMSGSIZE implies BUG in inet_netconf_msgsize_devconf() */
2251 		WARN_ON(err == -EMSGSIZE);
2252 		kfree_skb(skb);
2253 		goto errout;
2254 	}
2255 	err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).portid);
2256 errout:
2257 	return err;
2258 }
2259 
2260 static int inet_netconf_dump_devconf(struct sk_buff *skb,
2261 				     struct netlink_callback *cb)
2262 {
2263 	const struct nlmsghdr *nlh = cb->nlh;
2264 	struct net *net = sock_net(skb->sk);
2265 	int h, s_h;
2266 	int idx, s_idx;
2267 	struct net_device *dev;
2268 	struct in_device *in_dev;
2269 	struct hlist_head *head;
2270 
2271 	if (cb->strict_check) {
2272 		struct netlink_ext_ack *extack = cb->extack;
2273 		struct netconfmsg *ncm;
2274 
2275 		if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*ncm))) {
2276 			NL_SET_ERR_MSG(extack, "ipv4: Invalid header for netconf dump request");
2277 			return -EINVAL;
2278 		}
2279 
2280 		if (nlmsg_attrlen(nlh, sizeof(*ncm))) {
2281 			NL_SET_ERR_MSG(extack, "ipv4: Invalid data after header in netconf dump request");
2282 			return -EINVAL;
2283 		}
2284 	}
2285 
2286 	s_h = cb->args[0];
2287 	s_idx = idx = cb->args[1];
2288 
2289 	for (h = s_h; h < NETDEV_HASHENTRIES; h++, s_idx = 0) {
2290 		idx = 0;
2291 		head = &net->dev_index_head[h];
2292 		rcu_read_lock();
2293 		cb->seq = inet_base_seq(net);
2294 		hlist_for_each_entry_rcu(dev, head, index_hlist) {
2295 			if (idx < s_idx)
2296 				goto cont;
2297 			in_dev = __in_dev_get_rcu(dev);
2298 			if (!in_dev)
2299 				goto cont;
2300 
2301 			if (inet_netconf_fill_devconf(skb, dev->ifindex,
2302 						      &in_dev->cnf,
2303 						      NETLINK_CB(cb->skb).portid,
2304 						      nlh->nlmsg_seq,
2305 						      RTM_NEWNETCONF,
2306 						      NLM_F_MULTI,
2307 						      NETCONFA_ALL) < 0) {
2308 				rcu_read_unlock();
2309 				goto done;
2310 			}
2311 			nl_dump_check_consistent(cb, nlmsg_hdr(skb));
2312 cont:
2313 			idx++;
2314 		}
2315 		rcu_read_unlock();
2316 	}
2317 	if (h == NETDEV_HASHENTRIES) {
2318 		if (inet_netconf_fill_devconf(skb, NETCONFA_IFINDEX_ALL,
2319 					      net->ipv4.devconf_all,
2320 					      NETLINK_CB(cb->skb).portid,
2321 					      nlh->nlmsg_seq,
2322 					      RTM_NEWNETCONF, NLM_F_MULTI,
2323 					      NETCONFA_ALL) < 0)
2324 			goto done;
2325 		else
2326 			h++;
2327 	}
2328 	if (h == NETDEV_HASHENTRIES + 1) {
2329 		if (inet_netconf_fill_devconf(skb, NETCONFA_IFINDEX_DEFAULT,
2330 					      net->ipv4.devconf_dflt,
2331 					      NETLINK_CB(cb->skb).portid,
2332 					      nlh->nlmsg_seq,
2333 					      RTM_NEWNETCONF, NLM_F_MULTI,
2334 					      NETCONFA_ALL) < 0)
2335 			goto done;
2336 		else
2337 			h++;
2338 	}
2339 done:
2340 	cb->args[0] = h;
2341 	cb->args[1] = idx;
2342 
2343 	return skb->len;
2344 }
2345 
2346 #ifdef CONFIG_SYSCTL
2347 
2348 static void devinet_copy_dflt_conf(struct net *net, int i)
2349 {
2350 	struct net_device *dev;
2351 
2352 	rcu_read_lock();
2353 	for_each_netdev_rcu(net, dev) {
2354 		struct in_device *in_dev;
2355 
2356 		in_dev = __in_dev_get_rcu(dev);
2357 		if (in_dev && !test_bit(i, in_dev->cnf.state))
2358 			in_dev->cnf.data[i] = net->ipv4.devconf_dflt->data[i];
2359 	}
2360 	rcu_read_unlock();
2361 }
2362 
2363 /* called with RTNL locked */
2364 static void inet_forward_change(struct net *net)
2365 {
2366 	struct net_device *dev;
2367 	int on = IPV4_DEVCONF_ALL(net, FORWARDING);
2368 
2369 	IPV4_DEVCONF_ALL(net, ACCEPT_REDIRECTS) = !on;
2370 	IPV4_DEVCONF_DFLT(net, FORWARDING) = on;
2371 	inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2372 				    NETCONFA_FORWARDING,
2373 				    NETCONFA_IFINDEX_ALL,
2374 				    net->ipv4.devconf_all);
2375 	inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2376 				    NETCONFA_FORWARDING,
2377 				    NETCONFA_IFINDEX_DEFAULT,
2378 				    net->ipv4.devconf_dflt);
2379 
2380 	for_each_netdev(net, dev) {
2381 		struct in_device *in_dev;
2382 
2383 		if (on)
2384 			dev_disable_lro(dev);
2385 
2386 		in_dev = __in_dev_get_rtnl(dev);
2387 		if (in_dev) {
2388 			IN_DEV_CONF_SET(in_dev, FORWARDING, on);
2389 			inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2390 						    NETCONFA_FORWARDING,
2391 						    dev->ifindex, &in_dev->cnf);
2392 		}
2393 	}
2394 }
2395 
2396 static int devinet_conf_ifindex(struct net *net, struct ipv4_devconf *cnf)
2397 {
2398 	if (cnf == net->ipv4.devconf_dflt)
2399 		return NETCONFA_IFINDEX_DEFAULT;
2400 	else if (cnf == net->ipv4.devconf_all)
2401 		return NETCONFA_IFINDEX_ALL;
2402 	else {
2403 		struct in_device *idev
2404 			= container_of(cnf, struct in_device, cnf);
2405 		return idev->dev->ifindex;
2406 	}
2407 }
2408 
2409 static int devinet_conf_proc(struct ctl_table *ctl, int write,
2410 			     void *buffer, size_t *lenp, loff_t *ppos)
2411 {
2412 	int old_value = *(int *)ctl->data;
2413 	int ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
2414 	int new_value = *(int *)ctl->data;
2415 
2416 	if (write) {
2417 		struct ipv4_devconf *cnf = ctl->extra1;
2418 		struct net *net = ctl->extra2;
2419 		int i = (int *)ctl->data - cnf->data;
2420 		int ifindex;
2421 
2422 		set_bit(i, cnf->state);
2423 
2424 		if (cnf == net->ipv4.devconf_dflt)
2425 			devinet_copy_dflt_conf(net, i);
2426 		if (i == IPV4_DEVCONF_ACCEPT_LOCAL - 1 ||
2427 		    i == IPV4_DEVCONF_ROUTE_LOCALNET - 1)
2428 			if ((new_value == 0) && (old_value != 0))
2429 				rt_cache_flush(net);
2430 
2431 		if (i == IPV4_DEVCONF_BC_FORWARDING - 1 &&
2432 		    new_value != old_value)
2433 			rt_cache_flush(net);
2434 
2435 		if (i == IPV4_DEVCONF_RP_FILTER - 1 &&
2436 		    new_value != old_value) {
2437 			ifindex = devinet_conf_ifindex(net, cnf);
2438 			inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2439 						    NETCONFA_RP_FILTER,
2440 						    ifindex, cnf);
2441 		}
2442 		if (i == IPV4_DEVCONF_PROXY_ARP - 1 &&
2443 		    new_value != old_value) {
2444 			ifindex = devinet_conf_ifindex(net, cnf);
2445 			inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2446 						    NETCONFA_PROXY_NEIGH,
2447 						    ifindex, cnf);
2448 		}
2449 		if (i == IPV4_DEVCONF_IGNORE_ROUTES_WITH_LINKDOWN - 1 &&
2450 		    new_value != old_value) {
2451 			ifindex = devinet_conf_ifindex(net, cnf);
2452 			inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2453 						    NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN,
2454 						    ifindex, cnf);
2455 		}
2456 	}
2457 
2458 	return ret;
2459 }
2460 
2461 static int devinet_sysctl_forward(struct ctl_table *ctl, int write,
2462 				  void *buffer, size_t *lenp, loff_t *ppos)
2463 {
2464 	int *valp = ctl->data;
2465 	int val = *valp;
2466 	loff_t pos = *ppos;
2467 	struct net *net = ctl->extra2;
2468 	int ret;
2469 
2470 	if (write && !ns_capable(net->user_ns, CAP_NET_ADMIN))
2471 		return -EPERM;
2472 
2473 	ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
2474 
2475 	if (write && *valp != val) {
2476 		if (valp != &IPV4_DEVCONF_DFLT(net, FORWARDING)) {
2477 			if (!rtnl_trylock()) {
2478 				/* Restore the original values before restarting */
2479 				*valp = val;
2480 				*ppos = pos;
2481 				return restart_syscall();
2482 			}
2483 			if (valp == &IPV4_DEVCONF_ALL(net, FORWARDING)) {
2484 				inet_forward_change(net);
2485 			} else {
2486 				struct ipv4_devconf *cnf = ctl->extra1;
2487 				struct in_device *idev =
2488 					container_of(cnf, struct in_device, cnf);
2489 				if (*valp)
2490 					dev_disable_lro(idev->dev);
2491 				inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2492 							    NETCONFA_FORWARDING,
2493 							    idev->dev->ifindex,
2494 							    cnf);
2495 			}
2496 			rtnl_unlock();
2497 			rt_cache_flush(net);
2498 		} else
2499 			inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2500 						    NETCONFA_FORWARDING,
2501 						    NETCONFA_IFINDEX_DEFAULT,
2502 						    net->ipv4.devconf_dflt);
2503 	}
2504 
2505 	return ret;
2506 }
2507 
2508 static int ipv4_doint_and_flush(struct ctl_table *ctl, int write,
2509 				void *buffer, size_t *lenp, loff_t *ppos)
2510 {
2511 	int *valp = ctl->data;
2512 	int val = *valp;
2513 	int ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
2514 	struct net *net = ctl->extra2;
2515 
2516 	if (write && *valp != val)
2517 		rt_cache_flush(net);
2518 
2519 	return ret;
2520 }
2521 
2522 #define DEVINET_SYSCTL_ENTRY(attr, name, mval, proc) \
2523 	{ \
2524 		.procname	= name, \
2525 		.data		= ipv4_devconf.data + \
2526 				  IPV4_DEVCONF_ ## attr - 1, \
2527 		.maxlen		= sizeof(int), \
2528 		.mode		= mval, \
2529 		.proc_handler	= proc, \
2530 		.extra1		= &ipv4_devconf, \
2531 	}
2532 
2533 #define DEVINET_SYSCTL_RW_ENTRY(attr, name) \
2534 	DEVINET_SYSCTL_ENTRY(attr, name, 0644, devinet_conf_proc)
2535 
2536 #define DEVINET_SYSCTL_RO_ENTRY(attr, name) \
2537 	DEVINET_SYSCTL_ENTRY(attr, name, 0444, devinet_conf_proc)
2538 
2539 #define DEVINET_SYSCTL_COMPLEX_ENTRY(attr, name, proc) \
2540 	DEVINET_SYSCTL_ENTRY(attr, name, 0644, proc)
2541 
2542 #define DEVINET_SYSCTL_FLUSHING_ENTRY(attr, name) \
2543 	DEVINET_SYSCTL_COMPLEX_ENTRY(attr, name, ipv4_doint_and_flush)
2544 
2545 static struct devinet_sysctl_table {
2546 	struct ctl_table_header *sysctl_header;
2547 	struct ctl_table devinet_vars[__IPV4_DEVCONF_MAX];
2548 } devinet_sysctl = {
2549 	.devinet_vars = {
2550 		DEVINET_SYSCTL_COMPLEX_ENTRY(FORWARDING, "forwarding",
2551 					     devinet_sysctl_forward),
2552 		DEVINET_SYSCTL_RO_ENTRY(MC_FORWARDING, "mc_forwarding"),
2553 		DEVINET_SYSCTL_RW_ENTRY(BC_FORWARDING, "bc_forwarding"),
2554 
2555 		DEVINET_SYSCTL_RW_ENTRY(ACCEPT_REDIRECTS, "accept_redirects"),
2556 		DEVINET_SYSCTL_RW_ENTRY(SECURE_REDIRECTS, "secure_redirects"),
2557 		DEVINET_SYSCTL_RW_ENTRY(SHARED_MEDIA, "shared_media"),
2558 		DEVINET_SYSCTL_RW_ENTRY(RP_FILTER, "rp_filter"),
2559 		DEVINET_SYSCTL_RW_ENTRY(SEND_REDIRECTS, "send_redirects"),
2560 		DEVINET_SYSCTL_RW_ENTRY(ACCEPT_SOURCE_ROUTE,
2561 					"accept_source_route"),
2562 		DEVINET_SYSCTL_RW_ENTRY(ACCEPT_LOCAL, "accept_local"),
2563 		DEVINET_SYSCTL_RW_ENTRY(SRC_VMARK, "src_valid_mark"),
2564 		DEVINET_SYSCTL_RW_ENTRY(PROXY_ARP, "proxy_arp"),
2565 		DEVINET_SYSCTL_RW_ENTRY(MEDIUM_ID, "medium_id"),
2566 		DEVINET_SYSCTL_RW_ENTRY(BOOTP_RELAY, "bootp_relay"),
2567 		DEVINET_SYSCTL_RW_ENTRY(LOG_MARTIANS, "log_martians"),
2568 		DEVINET_SYSCTL_RW_ENTRY(TAG, "tag"),
2569 		DEVINET_SYSCTL_RW_ENTRY(ARPFILTER, "arp_filter"),
2570 		DEVINET_SYSCTL_RW_ENTRY(ARP_ANNOUNCE, "arp_announce"),
2571 		DEVINET_SYSCTL_RW_ENTRY(ARP_IGNORE, "arp_ignore"),
2572 		DEVINET_SYSCTL_RW_ENTRY(ARP_ACCEPT, "arp_accept"),
2573 		DEVINET_SYSCTL_RW_ENTRY(ARP_NOTIFY, "arp_notify"),
2574 		DEVINET_SYSCTL_RW_ENTRY(ARP_EVICT_NOCARRIER,
2575 					"arp_evict_nocarrier"),
2576 		DEVINET_SYSCTL_RW_ENTRY(PROXY_ARP_PVLAN, "proxy_arp_pvlan"),
2577 		DEVINET_SYSCTL_RW_ENTRY(FORCE_IGMP_VERSION,
2578 					"force_igmp_version"),
2579 		DEVINET_SYSCTL_RW_ENTRY(IGMPV2_UNSOLICITED_REPORT_INTERVAL,
2580 					"igmpv2_unsolicited_report_interval"),
2581 		DEVINET_SYSCTL_RW_ENTRY(IGMPV3_UNSOLICITED_REPORT_INTERVAL,
2582 					"igmpv3_unsolicited_report_interval"),
2583 		DEVINET_SYSCTL_RW_ENTRY(IGNORE_ROUTES_WITH_LINKDOWN,
2584 					"ignore_routes_with_linkdown"),
2585 		DEVINET_SYSCTL_RW_ENTRY(DROP_GRATUITOUS_ARP,
2586 					"drop_gratuitous_arp"),
2587 
2588 		DEVINET_SYSCTL_FLUSHING_ENTRY(NOXFRM, "disable_xfrm"),
2589 		DEVINET_SYSCTL_FLUSHING_ENTRY(NOPOLICY, "disable_policy"),
2590 		DEVINET_SYSCTL_FLUSHING_ENTRY(PROMOTE_SECONDARIES,
2591 					      "promote_secondaries"),
2592 		DEVINET_SYSCTL_FLUSHING_ENTRY(ROUTE_LOCALNET,
2593 					      "route_localnet"),
2594 		DEVINET_SYSCTL_FLUSHING_ENTRY(DROP_UNICAST_IN_L2_MULTICAST,
2595 					      "drop_unicast_in_l2_multicast"),
2596 	},
2597 };
2598 
2599 static int __devinet_sysctl_register(struct net *net, char *dev_name,
2600 				     int ifindex, struct ipv4_devconf *p)
2601 {
2602 	int i;
2603 	struct devinet_sysctl_table *t;
2604 	char path[sizeof("net/ipv4/conf/") + IFNAMSIZ];
2605 
2606 	t = kmemdup(&devinet_sysctl, sizeof(*t), GFP_KERNEL_ACCOUNT);
2607 	if (!t)
2608 		goto out;
2609 
2610 	for (i = 0; i < ARRAY_SIZE(t->devinet_vars) - 1; i++) {
2611 		t->devinet_vars[i].data += (char *)p - (char *)&ipv4_devconf;
2612 		t->devinet_vars[i].extra1 = p;
2613 		t->devinet_vars[i].extra2 = net;
2614 	}
2615 
2616 	snprintf(path, sizeof(path), "net/ipv4/conf/%s", dev_name);
2617 
2618 	t->sysctl_header = register_net_sysctl(net, path, t->devinet_vars);
2619 	if (!t->sysctl_header)
2620 		goto free;
2621 
2622 	p->sysctl = t;
2623 
2624 	inet_netconf_notify_devconf(net, RTM_NEWNETCONF, NETCONFA_ALL,
2625 				    ifindex, p);
2626 	return 0;
2627 
2628 free:
2629 	kfree(t);
2630 out:
2631 	return -ENOMEM;
2632 }
2633 
2634 static void __devinet_sysctl_unregister(struct net *net,
2635 					struct ipv4_devconf *cnf, int ifindex)
2636 {
2637 	struct devinet_sysctl_table *t = cnf->sysctl;
2638 
2639 	if (t) {
2640 		cnf->sysctl = NULL;
2641 		unregister_net_sysctl_table(t->sysctl_header);
2642 		kfree(t);
2643 	}
2644 
2645 	inet_netconf_notify_devconf(net, RTM_DELNETCONF, 0, ifindex, NULL);
2646 }
2647 
2648 static int devinet_sysctl_register(struct in_device *idev)
2649 {
2650 	int err;
2651 
2652 	if (!sysctl_dev_name_is_allowed(idev->dev->name))
2653 		return -EINVAL;
2654 
2655 	err = neigh_sysctl_register(idev->dev, idev->arp_parms, NULL);
2656 	if (err)
2657 		return err;
2658 	err = __devinet_sysctl_register(dev_net(idev->dev), idev->dev->name,
2659 					idev->dev->ifindex, &idev->cnf);
2660 	if (err)
2661 		neigh_sysctl_unregister(idev->arp_parms);
2662 	return err;
2663 }
2664 
2665 static void devinet_sysctl_unregister(struct in_device *idev)
2666 {
2667 	struct net *net = dev_net(idev->dev);
2668 
2669 	__devinet_sysctl_unregister(net, &idev->cnf, idev->dev->ifindex);
2670 	neigh_sysctl_unregister(idev->arp_parms);
2671 }
2672 
2673 static struct ctl_table ctl_forward_entry[] = {
2674 	{
2675 		.procname	= "ip_forward",
2676 		.data		= &ipv4_devconf.data[
2677 					IPV4_DEVCONF_FORWARDING - 1],
2678 		.maxlen		= sizeof(int),
2679 		.mode		= 0644,
2680 		.proc_handler	= devinet_sysctl_forward,
2681 		.extra1		= &ipv4_devconf,
2682 		.extra2		= &init_net,
2683 	},
2684 	{ },
2685 };
2686 #endif
2687 
2688 static __net_init int devinet_init_net(struct net *net)
2689 {
2690 	int err;
2691 	struct ipv4_devconf *all, *dflt;
2692 #ifdef CONFIG_SYSCTL
2693 	struct ctl_table *tbl;
2694 	struct ctl_table_header *forw_hdr;
2695 #endif
2696 
2697 	err = -ENOMEM;
2698 	all = kmemdup(&ipv4_devconf, sizeof(ipv4_devconf), GFP_KERNEL);
2699 	if (!all)
2700 		goto err_alloc_all;
2701 
2702 	dflt = kmemdup(&ipv4_devconf_dflt, sizeof(ipv4_devconf_dflt), GFP_KERNEL);
2703 	if (!dflt)
2704 		goto err_alloc_dflt;
2705 
2706 #ifdef CONFIG_SYSCTL
2707 	tbl = kmemdup(ctl_forward_entry, sizeof(ctl_forward_entry), GFP_KERNEL);
2708 	if (!tbl)
2709 		goto err_alloc_ctl;
2710 
2711 	tbl[0].data = &all->data[IPV4_DEVCONF_FORWARDING - 1];
2712 	tbl[0].extra1 = all;
2713 	tbl[0].extra2 = net;
2714 #endif
2715 
2716 	if (!net_eq(net, &init_net)) {
2717 		switch (net_inherit_devconf()) {
2718 		case 3:
2719 			/* copy from the current netns */
2720 			memcpy(all, current->nsproxy->net_ns->ipv4.devconf_all,
2721 			       sizeof(ipv4_devconf));
2722 			memcpy(dflt,
2723 			       current->nsproxy->net_ns->ipv4.devconf_dflt,
2724 			       sizeof(ipv4_devconf_dflt));
2725 			break;
2726 		case 0:
2727 		case 1:
2728 			/* copy from init_net */
2729 			memcpy(all, init_net.ipv4.devconf_all,
2730 			       sizeof(ipv4_devconf));
2731 			memcpy(dflt, init_net.ipv4.devconf_dflt,
2732 			       sizeof(ipv4_devconf_dflt));
2733 			break;
2734 		case 2:
2735 			/* use compiled values */
2736 			break;
2737 		}
2738 	}
2739 
2740 #ifdef CONFIG_SYSCTL
2741 	err = __devinet_sysctl_register(net, "all", NETCONFA_IFINDEX_ALL, all);
2742 	if (err < 0)
2743 		goto err_reg_all;
2744 
2745 	err = __devinet_sysctl_register(net, "default",
2746 					NETCONFA_IFINDEX_DEFAULT, dflt);
2747 	if (err < 0)
2748 		goto err_reg_dflt;
2749 
2750 	err = -ENOMEM;
2751 	forw_hdr = register_net_sysctl_sz(net, "net/ipv4", tbl,
2752 					  ARRAY_SIZE(ctl_forward_entry));
2753 	if (!forw_hdr)
2754 		goto err_reg_ctl;
2755 	net->ipv4.forw_hdr = forw_hdr;
2756 #endif
2757 
2758 	net->ipv4.devconf_all = all;
2759 	net->ipv4.devconf_dflt = dflt;
2760 	return 0;
2761 
2762 #ifdef CONFIG_SYSCTL
2763 err_reg_ctl:
2764 	__devinet_sysctl_unregister(net, dflt, NETCONFA_IFINDEX_DEFAULT);
2765 err_reg_dflt:
2766 	__devinet_sysctl_unregister(net, all, NETCONFA_IFINDEX_ALL);
2767 err_reg_all:
2768 	kfree(tbl);
2769 err_alloc_ctl:
2770 #endif
2771 	kfree(dflt);
2772 err_alloc_dflt:
2773 	kfree(all);
2774 err_alloc_all:
2775 	return err;
2776 }
2777 
2778 static __net_exit void devinet_exit_net(struct net *net)
2779 {
2780 #ifdef CONFIG_SYSCTL
2781 	struct ctl_table *tbl;
2782 
2783 	tbl = net->ipv4.forw_hdr->ctl_table_arg;
2784 	unregister_net_sysctl_table(net->ipv4.forw_hdr);
2785 	__devinet_sysctl_unregister(net, net->ipv4.devconf_dflt,
2786 				    NETCONFA_IFINDEX_DEFAULT);
2787 	__devinet_sysctl_unregister(net, net->ipv4.devconf_all,
2788 				    NETCONFA_IFINDEX_ALL);
2789 	kfree(tbl);
2790 #endif
2791 	kfree(net->ipv4.devconf_dflt);
2792 	kfree(net->ipv4.devconf_all);
2793 }
2794 
2795 static __net_initdata struct pernet_operations devinet_ops = {
2796 	.init = devinet_init_net,
2797 	.exit = devinet_exit_net,
2798 };
2799 
2800 static struct rtnl_af_ops inet_af_ops __read_mostly = {
2801 	.family		  = AF_INET,
2802 	.fill_link_af	  = inet_fill_link_af,
2803 	.get_link_af_size = inet_get_link_af_size,
2804 	.validate_link_af = inet_validate_link_af,
2805 	.set_link_af	  = inet_set_link_af,
2806 };
2807 
2808 void __init devinet_init(void)
2809 {
2810 	int i;
2811 
2812 	for (i = 0; i < IN4_ADDR_HSIZE; i++)
2813 		INIT_HLIST_HEAD(&inet_addr_lst[i]);
2814 
2815 	register_pernet_subsys(&devinet_ops);
2816 	register_netdevice_notifier(&ip_netdev_notifier);
2817 
2818 	queue_delayed_work(system_power_efficient_wq, &check_lifetime_work, 0);
2819 
2820 	rtnl_af_register(&inet_af_ops);
2821 
2822 	rtnl_register(PF_INET, RTM_NEWADDR, inet_rtm_newaddr, NULL, 0);
2823 	rtnl_register(PF_INET, RTM_DELADDR, inet_rtm_deladdr, NULL, 0);
2824 	rtnl_register(PF_INET, RTM_GETADDR, NULL, inet_dump_ifaddr, 0);
2825 	rtnl_register(PF_INET, RTM_GETNETCONF, inet_netconf_get_devconf,
2826 		      inet_netconf_dump_devconf, 0);
2827 }
2828