xref: /openbmc/linux/net/ipv4/devinet.c (revision c8f14e2b)
1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3  *	NET3	IP device support routines.
4  *
5  *	Derived from the IP parts of dev.c 1.0.19
6  * 		Authors:	Ross Biro
7  *				Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
8  *				Mark Evans, <evansmp@uhura.aston.ac.uk>
9  *
10  *	Additional Authors:
11  *		Alan Cox, <gw4pts@gw4pts.ampr.org>
12  *		Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru>
13  *
14  *	Changes:
15  *		Alexey Kuznetsov:	pa_* fields are replaced with ifaddr
16  *					lists.
17  *		Cyrus Durgin:		updated for kmod
18  *		Matthias Andree:	in devinet_ioctl, compare label and
19  *					address (4.4BSD alias style support),
20  *					fall back to comparing just the label
21  *					if no match found.
22  */
23 
24 
25 #include <linux/uaccess.h>
26 #include <linux/bitops.h>
27 #include <linux/capability.h>
28 #include <linux/module.h>
29 #include <linux/types.h>
30 #include <linux/kernel.h>
31 #include <linux/sched/signal.h>
32 #include <linux/string.h>
33 #include <linux/mm.h>
34 #include <linux/socket.h>
35 #include <linux/sockios.h>
36 #include <linux/in.h>
37 #include <linux/errno.h>
38 #include <linux/interrupt.h>
39 #include <linux/if_addr.h>
40 #include <linux/if_ether.h>
41 #include <linux/inet.h>
42 #include <linux/netdevice.h>
43 #include <linux/etherdevice.h>
44 #include <linux/skbuff.h>
45 #include <linux/init.h>
46 #include <linux/notifier.h>
47 #include <linux/inetdevice.h>
48 #include <linux/igmp.h>
49 #include <linux/slab.h>
50 #include <linux/hash.h>
51 #ifdef CONFIG_SYSCTL
52 #include <linux/sysctl.h>
53 #endif
54 #include <linux/kmod.h>
55 #include <linux/netconf.h>
56 
57 #include <net/arp.h>
58 #include <net/ip.h>
59 #include <net/route.h>
60 #include <net/ip_fib.h>
61 #include <net/rtnetlink.h>
62 #include <net/net_namespace.h>
63 #include <net/addrconf.h>
64 
65 #define IPV6ONLY_FLAGS	\
66 		(IFA_F_NODAD | IFA_F_OPTIMISTIC | IFA_F_DADFAILED | \
67 		 IFA_F_HOMEADDRESS | IFA_F_TENTATIVE | \
68 		 IFA_F_MANAGETEMPADDR | IFA_F_STABLE_PRIVACY)
69 
70 static struct ipv4_devconf ipv4_devconf = {
71 	.data = {
72 		[IPV4_DEVCONF_ACCEPT_REDIRECTS - 1] = 1,
73 		[IPV4_DEVCONF_SEND_REDIRECTS - 1] = 1,
74 		[IPV4_DEVCONF_SECURE_REDIRECTS - 1] = 1,
75 		[IPV4_DEVCONF_SHARED_MEDIA - 1] = 1,
76 		[IPV4_DEVCONF_IGMPV2_UNSOLICITED_REPORT_INTERVAL - 1] = 10000 /*ms*/,
77 		[IPV4_DEVCONF_IGMPV3_UNSOLICITED_REPORT_INTERVAL - 1] =  1000 /*ms*/,
78 		[IPV4_DEVCONF_ARP_EVICT_NOCARRIER - 1] = 1,
79 	},
80 };
81 
82 static struct ipv4_devconf ipv4_devconf_dflt = {
83 	.data = {
84 		[IPV4_DEVCONF_ACCEPT_REDIRECTS - 1] = 1,
85 		[IPV4_DEVCONF_SEND_REDIRECTS - 1] = 1,
86 		[IPV4_DEVCONF_SECURE_REDIRECTS - 1] = 1,
87 		[IPV4_DEVCONF_SHARED_MEDIA - 1] = 1,
88 		[IPV4_DEVCONF_ACCEPT_SOURCE_ROUTE - 1] = 1,
89 		[IPV4_DEVCONF_IGMPV2_UNSOLICITED_REPORT_INTERVAL - 1] = 10000 /*ms*/,
90 		[IPV4_DEVCONF_IGMPV3_UNSOLICITED_REPORT_INTERVAL - 1] =  1000 /*ms*/,
91 		[IPV4_DEVCONF_ARP_EVICT_NOCARRIER - 1] = 1,
92 	},
93 };
94 
95 #define IPV4_DEVCONF_DFLT(net, attr) \
96 	IPV4_DEVCONF((*net->ipv4.devconf_dflt), attr)
97 
98 static const struct nla_policy ifa_ipv4_policy[IFA_MAX+1] = {
99 	[IFA_LOCAL]     	= { .type = NLA_U32 },
100 	[IFA_ADDRESS]   	= { .type = NLA_U32 },
101 	[IFA_BROADCAST] 	= { .type = NLA_U32 },
102 	[IFA_LABEL]     	= { .type = NLA_STRING, .len = IFNAMSIZ - 1 },
103 	[IFA_CACHEINFO]		= { .len = sizeof(struct ifa_cacheinfo) },
104 	[IFA_FLAGS]		= { .type = NLA_U32 },
105 	[IFA_RT_PRIORITY]	= { .type = NLA_U32 },
106 	[IFA_TARGET_NETNSID]	= { .type = NLA_S32 },
107 	[IFA_PROTO]		= { .type = NLA_U8 },
108 };
109 
110 struct inet_fill_args {
111 	u32 portid;
112 	u32 seq;
113 	int event;
114 	unsigned int flags;
115 	int netnsid;
116 	int ifindex;
117 };
118 
119 #define IN4_ADDR_HSIZE_SHIFT	8
120 #define IN4_ADDR_HSIZE		(1U << IN4_ADDR_HSIZE_SHIFT)
121 
122 static struct hlist_head inet_addr_lst[IN4_ADDR_HSIZE];
123 
124 static u32 inet_addr_hash(const struct net *net, __be32 addr)
125 {
126 	u32 val = (__force u32) addr ^ net_hash_mix(net);
127 
128 	return hash_32(val, IN4_ADDR_HSIZE_SHIFT);
129 }
130 
131 static void inet_hash_insert(struct net *net, struct in_ifaddr *ifa)
132 {
133 	u32 hash = inet_addr_hash(net, ifa->ifa_local);
134 
135 	ASSERT_RTNL();
136 	hlist_add_head_rcu(&ifa->hash, &inet_addr_lst[hash]);
137 }
138 
139 static void inet_hash_remove(struct in_ifaddr *ifa)
140 {
141 	ASSERT_RTNL();
142 	hlist_del_init_rcu(&ifa->hash);
143 }
144 
145 /**
146  * __ip_dev_find - find the first device with a given source address.
147  * @net: the net namespace
148  * @addr: the source address
149  * @devref: if true, take a reference on the found device
150  *
151  * If a caller uses devref=false, it should be protected by RCU, or RTNL
152  */
153 struct net_device *__ip_dev_find(struct net *net, __be32 addr, bool devref)
154 {
155 	struct net_device *result = NULL;
156 	struct in_ifaddr *ifa;
157 
158 	rcu_read_lock();
159 	ifa = inet_lookup_ifaddr_rcu(net, addr);
160 	if (!ifa) {
161 		struct flowi4 fl4 = { .daddr = addr };
162 		struct fib_result res = { 0 };
163 		struct fib_table *local;
164 
165 		/* Fallback to FIB local table so that communication
166 		 * over loopback subnets work.
167 		 */
168 		local = fib_get_table(net, RT_TABLE_LOCAL);
169 		if (local &&
170 		    !fib_table_lookup(local, &fl4, &res, FIB_LOOKUP_NOREF) &&
171 		    res.type == RTN_LOCAL)
172 			result = FIB_RES_DEV(res);
173 	} else {
174 		result = ifa->ifa_dev->dev;
175 	}
176 	if (result && devref)
177 		dev_hold(result);
178 	rcu_read_unlock();
179 	return result;
180 }
181 EXPORT_SYMBOL(__ip_dev_find);
182 
183 /* called under RCU lock */
184 struct in_ifaddr *inet_lookup_ifaddr_rcu(struct net *net, __be32 addr)
185 {
186 	u32 hash = inet_addr_hash(net, addr);
187 	struct in_ifaddr *ifa;
188 
189 	hlist_for_each_entry_rcu(ifa, &inet_addr_lst[hash], hash)
190 		if (ifa->ifa_local == addr &&
191 		    net_eq(dev_net(ifa->ifa_dev->dev), net))
192 			return ifa;
193 
194 	return NULL;
195 }
196 
197 static void rtmsg_ifa(int event, struct in_ifaddr *, struct nlmsghdr *, u32);
198 
199 static BLOCKING_NOTIFIER_HEAD(inetaddr_chain);
200 static BLOCKING_NOTIFIER_HEAD(inetaddr_validator_chain);
201 static void inet_del_ifa(struct in_device *in_dev,
202 			 struct in_ifaddr __rcu **ifap,
203 			 int destroy);
204 #ifdef CONFIG_SYSCTL
205 static int devinet_sysctl_register(struct in_device *idev);
206 static void devinet_sysctl_unregister(struct in_device *idev);
207 #else
208 static int devinet_sysctl_register(struct in_device *idev)
209 {
210 	return 0;
211 }
212 static void devinet_sysctl_unregister(struct in_device *idev)
213 {
214 }
215 #endif
216 
217 /* Locks all the inet devices. */
218 
219 static struct in_ifaddr *inet_alloc_ifa(void)
220 {
221 	return kzalloc(sizeof(struct in_ifaddr), GFP_KERNEL_ACCOUNT);
222 }
223 
224 static void inet_rcu_free_ifa(struct rcu_head *head)
225 {
226 	struct in_ifaddr *ifa = container_of(head, struct in_ifaddr, rcu_head);
227 	if (ifa->ifa_dev)
228 		in_dev_put(ifa->ifa_dev);
229 	kfree(ifa);
230 }
231 
232 static void inet_free_ifa(struct in_ifaddr *ifa)
233 {
234 	call_rcu(&ifa->rcu_head, inet_rcu_free_ifa);
235 }
236 
237 void in_dev_finish_destroy(struct in_device *idev)
238 {
239 	struct net_device *dev = idev->dev;
240 
241 	WARN_ON(idev->ifa_list);
242 	WARN_ON(idev->mc_list);
243 	kfree(rcu_dereference_protected(idev->mc_hash, 1));
244 #ifdef NET_REFCNT_DEBUG
245 	pr_debug("%s: %p=%s\n", __func__, idev, dev ? dev->name : "NIL");
246 #endif
247 	dev_put_track(dev, &idev->dev_tracker);
248 	if (!idev->dead)
249 		pr_err("Freeing alive in_device %p\n", idev);
250 	else
251 		kfree(idev);
252 }
253 EXPORT_SYMBOL(in_dev_finish_destroy);
254 
255 static struct in_device *inetdev_init(struct net_device *dev)
256 {
257 	struct in_device *in_dev;
258 	int err = -ENOMEM;
259 
260 	ASSERT_RTNL();
261 
262 	in_dev = kzalloc(sizeof(*in_dev), GFP_KERNEL);
263 	if (!in_dev)
264 		goto out;
265 	memcpy(&in_dev->cnf, dev_net(dev)->ipv4.devconf_dflt,
266 			sizeof(in_dev->cnf));
267 	in_dev->cnf.sysctl = NULL;
268 	in_dev->dev = dev;
269 	in_dev->arp_parms = neigh_parms_alloc(dev, &arp_tbl);
270 	if (!in_dev->arp_parms)
271 		goto out_kfree;
272 	if (IPV4_DEVCONF(in_dev->cnf, FORWARDING))
273 		dev_disable_lro(dev);
274 	/* Reference in_dev->dev */
275 	dev_hold_track(dev, &in_dev->dev_tracker, GFP_KERNEL);
276 	/* Account for reference dev->ip_ptr (below) */
277 	refcount_set(&in_dev->refcnt, 1);
278 
279 	err = devinet_sysctl_register(in_dev);
280 	if (err) {
281 		in_dev->dead = 1;
282 		neigh_parms_release(&arp_tbl, in_dev->arp_parms);
283 		in_dev_put(in_dev);
284 		in_dev = NULL;
285 		goto out;
286 	}
287 	ip_mc_init_dev(in_dev);
288 	if (dev->flags & IFF_UP)
289 		ip_mc_up(in_dev);
290 
291 	/* we can receive as soon as ip_ptr is set -- do this last */
292 	rcu_assign_pointer(dev->ip_ptr, in_dev);
293 out:
294 	return in_dev ?: ERR_PTR(err);
295 out_kfree:
296 	kfree(in_dev);
297 	in_dev = NULL;
298 	goto out;
299 }
300 
301 static void in_dev_rcu_put(struct rcu_head *head)
302 {
303 	struct in_device *idev = container_of(head, struct in_device, rcu_head);
304 	in_dev_put(idev);
305 }
306 
307 static void inetdev_destroy(struct in_device *in_dev)
308 {
309 	struct net_device *dev;
310 	struct in_ifaddr *ifa;
311 
312 	ASSERT_RTNL();
313 
314 	dev = in_dev->dev;
315 
316 	in_dev->dead = 1;
317 
318 	ip_mc_destroy_dev(in_dev);
319 
320 	while ((ifa = rtnl_dereference(in_dev->ifa_list)) != NULL) {
321 		inet_del_ifa(in_dev, &in_dev->ifa_list, 0);
322 		inet_free_ifa(ifa);
323 	}
324 
325 	RCU_INIT_POINTER(dev->ip_ptr, NULL);
326 
327 	devinet_sysctl_unregister(in_dev);
328 	neigh_parms_release(&arp_tbl, in_dev->arp_parms);
329 	arp_ifdown(dev);
330 
331 	call_rcu(&in_dev->rcu_head, in_dev_rcu_put);
332 }
333 
334 int inet_addr_onlink(struct in_device *in_dev, __be32 a, __be32 b)
335 {
336 	const struct in_ifaddr *ifa;
337 
338 	rcu_read_lock();
339 	in_dev_for_each_ifa_rcu(ifa, in_dev) {
340 		if (inet_ifa_match(a, ifa)) {
341 			if (!b || inet_ifa_match(b, ifa)) {
342 				rcu_read_unlock();
343 				return 1;
344 			}
345 		}
346 	}
347 	rcu_read_unlock();
348 	return 0;
349 }
350 
351 static void __inet_del_ifa(struct in_device *in_dev,
352 			   struct in_ifaddr __rcu **ifap,
353 			   int destroy, struct nlmsghdr *nlh, u32 portid)
354 {
355 	struct in_ifaddr *promote = NULL;
356 	struct in_ifaddr *ifa, *ifa1;
357 	struct in_ifaddr *last_prim;
358 	struct in_ifaddr *prev_prom = NULL;
359 	int do_promote = IN_DEV_PROMOTE_SECONDARIES(in_dev);
360 
361 	ASSERT_RTNL();
362 
363 	ifa1 = rtnl_dereference(*ifap);
364 	last_prim = rtnl_dereference(in_dev->ifa_list);
365 	if (in_dev->dead)
366 		goto no_promotions;
367 
368 	/* 1. Deleting primary ifaddr forces deletion all secondaries
369 	 * unless alias promotion is set
370 	 **/
371 
372 	if (!(ifa1->ifa_flags & IFA_F_SECONDARY)) {
373 		struct in_ifaddr __rcu **ifap1 = &ifa1->ifa_next;
374 
375 		while ((ifa = rtnl_dereference(*ifap1)) != NULL) {
376 			if (!(ifa->ifa_flags & IFA_F_SECONDARY) &&
377 			    ifa1->ifa_scope <= ifa->ifa_scope)
378 				last_prim = ifa;
379 
380 			if (!(ifa->ifa_flags & IFA_F_SECONDARY) ||
381 			    ifa1->ifa_mask != ifa->ifa_mask ||
382 			    !inet_ifa_match(ifa1->ifa_address, ifa)) {
383 				ifap1 = &ifa->ifa_next;
384 				prev_prom = ifa;
385 				continue;
386 			}
387 
388 			if (!do_promote) {
389 				inet_hash_remove(ifa);
390 				*ifap1 = ifa->ifa_next;
391 
392 				rtmsg_ifa(RTM_DELADDR, ifa, nlh, portid);
393 				blocking_notifier_call_chain(&inetaddr_chain,
394 						NETDEV_DOWN, ifa);
395 				inet_free_ifa(ifa);
396 			} else {
397 				promote = ifa;
398 				break;
399 			}
400 		}
401 	}
402 
403 	/* On promotion all secondaries from subnet are changing
404 	 * the primary IP, we must remove all their routes silently
405 	 * and later to add them back with new prefsrc. Do this
406 	 * while all addresses are on the device list.
407 	 */
408 	for (ifa = promote; ifa; ifa = rtnl_dereference(ifa->ifa_next)) {
409 		if (ifa1->ifa_mask == ifa->ifa_mask &&
410 		    inet_ifa_match(ifa1->ifa_address, ifa))
411 			fib_del_ifaddr(ifa, ifa1);
412 	}
413 
414 no_promotions:
415 	/* 2. Unlink it */
416 
417 	*ifap = ifa1->ifa_next;
418 	inet_hash_remove(ifa1);
419 
420 	/* 3. Announce address deletion */
421 
422 	/* Send message first, then call notifier.
423 	   At first sight, FIB update triggered by notifier
424 	   will refer to already deleted ifaddr, that could confuse
425 	   netlink listeners. It is not true: look, gated sees
426 	   that route deleted and if it still thinks that ifaddr
427 	   is valid, it will try to restore deleted routes... Grr.
428 	   So that, this order is correct.
429 	 */
430 	rtmsg_ifa(RTM_DELADDR, ifa1, nlh, portid);
431 	blocking_notifier_call_chain(&inetaddr_chain, NETDEV_DOWN, ifa1);
432 
433 	if (promote) {
434 		struct in_ifaddr *next_sec;
435 
436 		next_sec = rtnl_dereference(promote->ifa_next);
437 		if (prev_prom) {
438 			struct in_ifaddr *last_sec;
439 
440 			rcu_assign_pointer(prev_prom->ifa_next, next_sec);
441 
442 			last_sec = rtnl_dereference(last_prim->ifa_next);
443 			rcu_assign_pointer(promote->ifa_next, last_sec);
444 			rcu_assign_pointer(last_prim->ifa_next, promote);
445 		}
446 
447 		promote->ifa_flags &= ~IFA_F_SECONDARY;
448 		rtmsg_ifa(RTM_NEWADDR, promote, nlh, portid);
449 		blocking_notifier_call_chain(&inetaddr_chain,
450 				NETDEV_UP, promote);
451 		for (ifa = next_sec; ifa;
452 		     ifa = rtnl_dereference(ifa->ifa_next)) {
453 			if (ifa1->ifa_mask != ifa->ifa_mask ||
454 			    !inet_ifa_match(ifa1->ifa_address, ifa))
455 					continue;
456 			fib_add_ifaddr(ifa);
457 		}
458 
459 	}
460 	if (destroy)
461 		inet_free_ifa(ifa1);
462 }
463 
464 static void inet_del_ifa(struct in_device *in_dev,
465 			 struct in_ifaddr __rcu **ifap,
466 			 int destroy)
467 {
468 	__inet_del_ifa(in_dev, ifap, destroy, NULL, 0);
469 }
470 
471 static void check_lifetime(struct work_struct *work);
472 
473 static DECLARE_DELAYED_WORK(check_lifetime_work, check_lifetime);
474 
475 static int __inet_insert_ifa(struct in_ifaddr *ifa, struct nlmsghdr *nlh,
476 			     u32 portid, struct netlink_ext_ack *extack)
477 {
478 	struct in_ifaddr __rcu **last_primary, **ifap;
479 	struct in_device *in_dev = ifa->ifa_dev;
480 	struct in_validator_info ivi;
481 	struct in_ifaddr *ifa1;
482 	int ret;
483 
484 	ASSERT_RTNL();
485 
486 	if (!ifa->ifa_local) {
487 		inet_free_ifa(ifa);
488 		return 0;
489 	}
490 
491 	ifa->ifa_flags &= ~IFA_F_SECONDARY;
492 	last_primary = &in_dev->ifa_list;
493 
494 	/* Don't set IPv6 only flags to IPv4 addresses */
495 	ifa->ifa_flags &= ~IPV6ONLY_FLAGS;
496 
497 	ifap = &in_dev->ifa_list;
498 	ifa1 = rtnl_dereference(*ifap);
499 
500 	while (ifa1) {
501 		if (!(ifa1->ifa_flags & IFA_F_SECONDARY) &&
502 		    ifa->ifa_scope <= ifa1->ifa_scope)
503 			last_primary = &ifa1->ifa_next;
504 		if (ifa1->ifa_mask == ifa->ifa_mask &&
505 		    inet_ifa_match(ifa1->ifa_address, ifa)) {
506 			if (ifa1->ifa_local == ifa->ifa_local) {
507 				inet_free_ifa(ifa);
508 				return -EEXIST;
509 			}
510 			if (ifa1->ifa_scope != ifa->ifa_scope) {
511 				inet_free_ifa(ifa);
512 				return -EINVAL;
513 			}
514 			ifa->ifa_flags |= IFA_F_SECONDARY;
515 		}
516 
517 		ifap = &ifa1->ifa_next;
518 		ifa1 = rtnl_dereference(*ifap);
519 	}
520 
521 	/* Allow any devices that wish to register ifaddr validtors to weigh
522 	 * in now, before changes are committed.  The rntl lock is serializing
523 	 * access here, so the state should not change between a validator call
524 	 * and a final notify on commit.  This isn't invoked on promotion under
525 	 * the assumption that validators are checking the address itself, and
526 	 * not the flags.
527 	 */
528 	ivi.ivi_addr = ifa->ifa_address;
529 	ivi.ivi_dev = ifa->ifa_dev;
530 	ivi.extack = extack;
531 	ret = blocking_notifier_call_chain(&inetaddr_validator_chain,
532 					   NETDEV_UP, &ivi);
533 	ret = notifier_to_errno(ret);
534 	if (ret) {
535 		inet_free_ifa(ifa);
536 		return ret;
537 	}
538 
539 	if (!(ifa->ifa_flags & IFA_F_SECONDARY)) {
540 		prandom_seed((__force u32) ifa->ifa_local);
541 		ifap = last_primary;
542 	}
543 
544 	rcu_assign_pointer(ifa->ifa_next, *ifap);
545 	rcu_assign_pointer(*ifap, ifa);
546 
547 	inet_hash_insert(dev_net(in_dev->dev), ifa);
548 
549 	cancel_delayed_work(&check_lifetime_work);
550 	queue_delayed_work(system_power_efficient_wq, &check_lifetime_work, 0);
551 
552 	/* Send message first, then call notifier.
553 	   Notifier will trigger FIB update, so that
554 	   listeners of netlink will know about new ifaddr */
555 	rtmsg_ifa(RTM_NEWADDR, ifa, nlh, portid);
556 	blocking_notifier_call_chain(&inetaddr_chain, NETDEV_UP, ifa);
557 
558 	return 0;
559 }
560 
561 static int inet_insert_ifa(struct in_ifaddr *ifa)
562 {
563 	return __inet_insert_ifa(ifa, NULL, 0, NULL);
564 }
565 
566 static int inet_set_ifa(struct net_device *dev, struct in_ifaddr *ifa)
567 {
568 	struct in_device *in_dev = __in_dev_get_rtnl(dev);
569 
570 	ASSERT_RTNL();
571 
572 	if (!in_dev) {
573 		inet_free_ifa(ifa);
574 		return -ENOBUFS;
575 	}
576 	ipv4_devconf_setall(in_dev);
577 	neigh_parms_data_state_setall(in_dev->arp_parms);
578 	if (ifa->ifa_dev != in_dev) {
579 		WARN_ON(ifa->ifa_dev);
580 		in_dev_hold(in_dev);
581 		ifa->ifa_dev = in_dev;
582 	}
583 	if (ipv4_is_loopback(ifa->ifa_local))
584 		ifa->ifa_scope = RT_SCOPE_HOST;
585 	return inet_insert_ifa(ifa);
586 }
587 
588 /* Caller must hold RCU or RTNL :
589  * We dont take a reference on found in_device
590  */
591 struct in_device *inetdev_by_index(struct net *net, int ifindex)
592 {
593 	struct net_device *dev;
594 	struct in_device *in_dev = NULL;
595 
596 	rcu_read_lock();
597 	dev = dev_get_by_index_rcu(net, ifindex);
598 	if (dev)
599 		in_dev = rcu_dereference_rtnl(dev->ip_ptr);
600 	rcu_read_unlock();
601 	return in_dev;
602 }
603 EXPORT_SYMBOL(inetdev_by_index);
604 
605 /* Called only from RTNL semaphored context. No locks. */
606 
607 struct in_ifaddr *inet_ifa_byprefix(struct in_device *in_dev, __be32 prefix,
608 				    __be32 mask)
609 {
610 	struct in_ifaddr *ifa;
611 
612 	ASSERT_RTNL();
613 
614 	in_dev_for_each_ifa_rtnl(ifa, in_dev) {
615 		if (ifa->ifa_mask == mask && inet_ifa_match(prefix, ifa))
616 			return ifa;
617 	}
618 	return NULL;
619 }
620 
621 static int ip_mc_autojoin_config(struct net *net, bool join,
622 				 const struct in_ifaddr *ifa)
623 {
624 #if defined(CONFIG_IP_MULTICAST)
625 	struct ip_mreqn mreq = {
626 		.imr_multiaddr.s_addr = ifa->ifa_address,
627 		.imr_ifindex = ifa->ifa_dev->dev->ifindex,
628 	};
629 	struct sock *sk = net->ipv4.mc_autojoin_sk;
630 	int ret;
631 
632 	ASSERT_RTNL();
633 
634 	lock_sock(sk);
635 	if (join)
636 		ret = ip_mc_join_group(sk, &mreq);
637 	else
638 		ret = ip_mc_leave_group(sk, &mreq);
639 	release_sock(sk);
640 
641 	return ret;
642 #else
643 	return -EOPNOTSUPP;
644 #endif
645 }
646 
647 static int inet_rtm_deladdr(struct sk_buff *skb, struct nlmsghdr *nlh,
648 			    struct netlink_ext_ack *extack)
649 {
650 	struct net *net = sock_net(skb->sk);
651 	struct in_ifaddr __rcu **ifap;
652 	struct nlattr *tb[IFA_MAX+1];
653 	struct in_device *in_dev;
654 	struct ifaddrmsg *ifm;
655 	struct in_ifaddr *ifa;
656 	int err;
657 
658 	ASSERT_RTNL();
659 
660 	err = nlmsg_parse_deprecated(nlh, sizeof(*ifm), tb, IFA_MAX,
661 				     ifa_ipv4_policy, extack);
662 	if (err < 0)
663 		goto errout;
664 
665 	ifm = nlmsg_data(nlh);
666 	in_dev = inetdev_by_index(net, ifm->ifa_index);
667 	if (!in_dev) {
668 		err = -ENODEV;
669 		goto errout;
670 	}
671 
672 	for (ifap = &in_dev->ifa_list; (ifa = rtnl_dereference(*ifap)) != NULL;
673 	     ifap = &ifa->ifa_next) {
674 		if (tb[IFA_LOCAL] &&
675 		    ifa->ifa_local != nla_get_in_addr(tb[IFA_LOCAL]))
676 			continue;
677 
678 		if (tb[IFA_LABEL] && nla_strcmp(tb[IFA_LABEL], ifa->ifa_label))
679 			continue;
680 
681 		if (tb[IFA_ADDRESS] &&
682 		    (ifm->ifa_prefixlen != ifa->ifa_prefixlen ||
683 		    !inet_ifa_match(nla_get_in_addr(tb[IFA_ADDRESS]), ifa)))
684 			continue;
685 
686 		if (ipv4_is_multicast(ifa->ifa_address))
687 			ip_mc_autojoin_config(net, false, ifa);
688 		__inet_del_ifa(in_dev, ifap, 1, nlh, NETLINK_CB(skb).portid);
689 		return 0;
690 	}
691 
692 	err = -EADDRNOTAVAIL;
693 errout:
694 	return err;
695 }
696 
697 #define INFINITY_LIFE_TIME	0xFFFFFFFF
698 
699 static void check_lifetime(struct work_struct *work)
700 {
701 	unsigned long now, next, next_sec, next_sched;
702 	struct in_ifaddr *ifa;
703 	struct hlist_node *n;
704 	int i;
705 
706 	now = jiffies;
707 	next = round_jiffies_up(now + ADDR_CHECK_FREQUENCY);
708 
709 	for (i = 0; i < IN4_ADDR_HSIZE; i++) {
710 		bool change_needed = false;
711 
712 		rcu_read_lock();
713 		hlist_for_each_entry_rcu(ifa, &inet_addr_lst[i], hash) {
714 			unsigned long age;
715 
716 			if (ifa->ifa_flags & IFA_F_PERMANENT)
717 				continue;
718 
719 			/* We try to batch several events at once. */
720 			age = (now - ifa->ifa_tstamp +
721 			       ADDRCONF_TIMER_FUZZ_MINUS) / HZ;
722 
723 			if (ifa->ifa_valid_lft != INFINITY_LIFE_TIME &&
724 			    age >= ifa->ifa_valid_lft) {
725 				change_needed = true;
726 			} else if (ifa->ifa_preferred_lft ==
727 				   INFINITY_LIFE_TIME) {
728 				continue;
729 			} else if (age >= ifa->ifa_preferred_lft) {
730 				if (time_before(ifa->ifa_tstamp +
731 						ifa->ifa_valid_lft * HZ, next))
732 					next = ifa->ifa_tstamp +
733 					       ifa->ifa_valid_lft * HZ;
734 
735 				if (!(ifa->ifa_flags & IFA_F_DEPRECATED))
736 					change_needed = true;
737 			} else if (time_before(ifa->ifa_tstamp +
738 					       ifa->ifa_preferred_lft * HZ,
739 					       next)) {
740 				next = ifa->ifa_tstamp +
741 				       ifa->ifa_preferred_lft * HZ;
742 			}
743 		}
744 		rcu_read_unlock();
745 		if (!change_needed)
746 			continue;
747 		rtnl_lock();
748 		hlist_for_each_entry_safe(ifa, n, &inet_addr_lst[i], hash) {
749 			unsigned long age;
750 
751 			if (ifa->ifa_flags & IFA_F_PERMANENT)
752 				continue;
753 
754 			/* We try to batch several events at once. */
755 			age = (now - ifa->ifa_tstamp +
756 			       ADDRCONF_TIMER_FUZZ_MINUS) / HZ;
757 
758 			if (ifa->ifa_valid_lft != INFINITY_LIFE_TIME &&
759 			    age >= ifa->ifa_valid_lft) {
760 				struct in_ifaddr __rcu **ifap;
761 				struct in_ifaddr *tmp;
762 
763 				ifap = &ifa->ifa_dev->ifa_list;
764 				tmp = rtnl_dereference(*ifap);
765 				while (tmp) {
766 					if (tmp == ifa) {
767 						inet_del_ifa(ifa->ifa_dev,
768 							     ifap, 1);
769 						break;
770 					}
771 					ifap = &tmp->ifa_next;
772 					tmp = rtnl_dereference(*ifap);
773 				}
774 			} else if (ifa->ifa_preferred_lft !=
775 				   INFINITY_LIFE_TIME &&
776 				   age >= ifa->ifa_preferred_lft &&
777 				   !(ifa->ifa_flags & IFA_F_DEPRECATED)) {
778 				ifa->ifa_flags |= IFA_F_DEPRECATED;
779 				rtmsg_ifa(RTM_NEWADDR, ifa, NULL, 0);
780 			}
781 		}
782 		rtnl_unlock();
783 	}
784 
785 	next_sec = round_jiffies_up(next);
786 	next_sched = next;
787 
788 	/* If rounded timeout is accurate enough, accept it. */
789 	if (time_before(next_sec, next + ADDRCONF_TIMER_FUZZ))
790 		next_sched = next_sec;
791 
792 	now = jiffies;
793 	/* And minimum interval is ADDRCONF_TIMER_FUZZ_MAX. */
794 	if (time_before(next_sched, now + ADDRCONF_TIMER_FUZZ_MAX))
795 		next_sched = now + ADDRCONF_TIMER_FUZZ_MAX;
796 
797 	queue_delayed_work(system_power_efficient_wq, &check_lifetime_work,
798 			next_sched - now);
799 }
800 
801 static void set_ifa_lifetime(struct in_ifaddr *ifa, __u32 valid_lft,
802 			     __u32 prefered_lft)
803 {
804 	unsigned long timeout;
805 
806 	ifa->ifa_flags &= ~(IFA_F_PERMANENT | IFA_F_DEPRECATED);
807 
808 	timeout = addrconf_timeout_fixup(valid_lft, HZ);
809 	if (addrconf_finite_timeout(timeout))
810 		ifa->ifa_valid_lft = timeout;
811 	else
812 		ifa->ifa_flags |= IFA_F_PERMANENT;
813 
814 	timeout = addrconf_timeout_fixup(prefered_lft, HZ);
815 	if (addrconf_finite_timeout(timeout)) {
816 		if (timeout == 0)
817 			ifa->ifa_flags |= IFA_F_DEPRECATED;
818 		ifa->ifa_preferred_lft = timeout;
819 	}
820 	ifa->ifa_tstamp = jiffies;
821 	if (!ifa->ifa_cstamp)
822 		ifa->ifa_cstamp = ifa->ifa_tstamp;
823 }
824 
825 static struct in_ifaddr *rtm_to_ifaddr(struct net *net, struct nlmsghdr *nlh,
826 				       __u32 *pvalid_lft, __u32 *pprefered_lft,
827 				       struct netlink_ext_ack *extack)
828 {
829 	struct nlattr *tb[IFA_MAX+1];
830 	struct in_ifaddr *ifa;
831 	struct ifaddrmsg *ifm;
832 	struct net_device *dev;
833 	struct in_device *in_dev;
834 	int err;
835 
836 	err = nlmsg_parse_deprecated(nlh, sizeof(*ifm), tb, IFA_MAX,
837 				     ifa_ipv4_policy, extack);
838 	if (err < 0)
839 		goto errout;
840 
841 	ifm = nlmsg_data(nlh);
842 	err = -EINVAL;
843 	if (ifm->ifa_prefixlen > 32 || !tb[IFA_LOCAL])
844 		goto errout;
845 
846 	dev = __dev_get_by_index(net, ifm->ifa_index);
847 	err = -ENODEV;
848 	if (!dev)
849 		goto errout;
850 
851 	in_dev = __in_dev_get_rtnl(dev);
852 	err = -ENOBUFS;
853 	if (!in_dev)
854 		goto errout;
855 
856 	ifa = inet_alloc_ifa();
857 	if (!ifa)
858 		/*
859 		 * A potential indev allocation can be left alive, it stays
860 		 * assigned to its device and is destroy with it.
861 		 */
862 		goto errout;
863 
864 	ipv4_devconf_setall(in_dev);
865 	neigh_parms_data_state_setall(in_dev->arp_parms);
866 	in_dev_hold(in_dev);
867 
868 	if (!tb[IFA_ADDRESS])
869 		tb[IFA_ADDRESS] = tb[IFA_LOCAL];
870 
871 	INIT_HLIST_NODE(&ifa->hash);
872 	ifa->ifa_prefixlen = ifm->ifa_prefixlen;
873 	ifa->ifa_mask = inet_make_mask(ifm->ifa_prefixlen);
874 	ifa->ifa_flags = tb[IFA_FLAGS] ? nla_get_u32(tb[IFA_FLAGS]) :
875 					 ifm->ifa_flags;
876 	ifa->ifa_scope = ifm->ifa_scope;
877 	ifa->ifa_dev = in_dev;
878 
879 	ifa->ifa_local = nla_get_in_addr(tb[IFA_LOCAL]);
880 	ifa->ifa_address = nla_get_in_addr(tb[IFA_ADDRESS]);
881 
882 	if (tb[IFA_BROADCAST])
883 		ifa->ifa_broadcast = nla_get_in_addr(tb[IFA_BROADCAST]);
884 
885 	if (tb[IFA_LABEL])
886 		nla_strscpy(ifa->ifa_label, tb[IFA_LABEL], IFNAMSIZ);
887 	else
888 		memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
889 
890 	if (tb[IFA_RT_PRIORITY])
891 		ifa->ifa_rt_priority = nla_get_u32(tb[IFA_RT_PRIORITY]);
892 
893 	if (tb[IFA_PROTO])
894 		ifa->ifa_proto = nla_get_u8(tb[IFA_PROTO]);
895 
896 	if (tb[IFA_CACHEINFO]) {
897 		struct ifa_cacheinfo *ci;
898 
899 		ci = nla_data(tb[IFA_CACHEINFO]);
900 		if (!ci->ifa_valid || ci->ifa_prefered > ci->ifa_valid) {
901 			err = -EINVAL;
902 			goto errout_free;
903 		}
904 		*pvalid_lft = ci->ifa_valid;
905 		*pprefered_lft = ci->ifa_prefered;
906 	}
907 
908 	return ifa;
909 
910 errout_free:
911 	inet_free_ifa(ifa);
912 errout:
913 	return ERR_PTR(err);
914 }
915 
916 static struct in_ifaddr *find_matching_ifa(struct in_ifaddr *ifa)
917 {
918 	struct in_device *in_dev = ifa->ifa_dev;
919 	struct in_ifaddr *ifa1;
920 
921 	if (!ifa->ifa_local)
922 		return NULL;
923 
924 	in_dev_for_each_ifa_rtnl(ifa1, in_dev) {
925 		if (ifa1->ifa_mask == ifa->ifa_mask &&
926 		    inet_ifa_match(ifa1->ifa_address, ifa) &&
927 		    ifa1->ifa_local == ifa->ifa_local)
928 			return ifa1;
929 	}
930 	return NULL;
931 }
932 
933 static int inet_rtm_newaddr(struct sk_buff *skb, struct nlmsghdr *nlh,
934 			    struct netlink_ext_ack *extack)
935 {
936 	struct net *net = sock_net(skb->sk);
937 	struct in_ifaddr *ifa;
938 	struct in_ifaddr *ifa_existing;
939 	__u32 valid_lft = INFINITY_LIFE_TIME;
940 	__u32 prefered_lft = INFINITY_LIFE_TIME;
941 
942 	ASSERT_RTNL();
943 
944 	ifa = rtm_to_ifaddr(net, nlh, &valid_lft, &prefered_lft, extack);
945 	if (IS_ERR(ifa))
946 		return PTR_ERR(ifa);
947 
948 	ifa_existing = find_matching_ifa(ifa);
949 	if (!ifa_existing) {
950 		/* It would be best to check for !NLM_F_CREATE here but
951 		 * userspace already relies on not having to provide this.
952 		 */
953 		set_ifa_lifetime(ifa, valid_lft, prefered_lft);
954 		if (ifa->ifa_flags & IFA_F_MCAUTOJOIN) {
955 			int ret = ip_mc_autojoin_config(net, true, ifa);
956 
957 			if (ret < 0) {
958 				inet_free_ifa(ifa);
959 				return ret;
960 			}
961 		}
962 		return __inet_insert_ifa(ifa, nlh, NETLINK_CB(skb).portid,
963 					 extack);
964 	} else {
965 		u32 new_metric = ifa->ifa_rt_priority;
966 
967 		inet_free_ifa(ifa);
968 
969 		if (nlh->nlmsg_flags & NLM_F_EXCL ||
970 		    !(nlh->nlmsg_flags & NLM_F_REPLACE))
971 			return -EEXIST;
972 		ifa = ifa_existing;
973 
974 		if (ifa->ifa_rt_priority != new_metric) {
975 			fib_modify_prefix_metric(ifa, new_metric);
976 			ifa->ifa_rt_priority = new_metric;
977 		}
978 
979 		set_ifa_lifetime(ifa, valid_lft, prefered_lft);
980 		cancel_delayed_work(&check_lifetime_work);
981 		queue_delayed_work(system_power_efficient_wq,
982 				&check_lifetime_work, 0);
983 		rtmsg_ifa(RTM_NEWADDR, ifa, nlh, NETLINK_CB(skb).portid);
984 	}
985 	return 0;
986 }
987 
988 /*
989  *	Determine a default network mask, based on the IP address.
990  */
991 
992 static int inet_abc_len(__be32 addr)
993 {
994 	int rc = -1;	/* Something else, probably a multicast. */
995 
996 	if (ipv4_is_zeronet(addr) || ipv4_is_lbcast(addr))
997 		rc = 0;
998 	else {
999 		__u32 haddr = ntohl(addr);
1000 		if (IN_CLASSA(haddr))
1001 			rc = 8;
1002 		else if (IN_CLASSB(haddr))
1003 			rc = 16;
1004 		else if (IN_CLASSC(haddr))
1005 			rc = 24;
1006 		else if (IN_CLASSE(haddr))
1007 			rc = 32;
1008 	}
1009 
1010 	return rc;
1011 }
1012 
1013 
1014 int devinet_ioctl(struct net *net, unsigned int cmd, struct ifreq *ifr)
1015 {
1016 	struct sockaddr_in sin_orig;
1017 	struct sockaddr_in *sin = (struct sockaddr_in *)&ifr->ifr_addr;
1018 	struct in_ifaddr __rcu **ifap = NULL;
1019 	struct in_device *in_dev;
1020 	struct in_ifaddr *ifa = NULL;
1021 	struct net_device *dev;
1022 	char *colon;
1023 	int ret = -EFAULT;
1024 	int tryaddrmatch = 0;
1025 
1026 	ifr->ifr_name[IFNAMSIZ - 1] = 0;
1027 
1028 	/* save original address for comparison */
1029 	memcpy(&sin_orig, sin, sizeof(*sin));
1030 
1031 	colon = strchr(ifr->ifr_name, ':');
1032 	if (colon)
1033 		*colon = 0;
1034 
1035 	dev_load(net, ifr->ifr_name);
1036 
1037 	switch (cmd) {
1038 	case SIOCGIFADDR:	/* Get interface address */
1039 	case SIOCGIFBRDADDR:	/* Get the broadcast address */
1040 	case SIOCGIFDSTADDR:	/* Get the destination address */
1041 	case SIOCGIFNETMASK:	/* Get the netmask for the interface */
1042 		/* Note that these ioctls will not sleep,
1043 		   so that we do not impose a lock.
1044 		   One day we will be forced to put shlock here (I mean SMP)
1045 		 */
1046 		tryaddrmatch = (sin_orig.sin_family == AF_INET);
1047 		memset(sin, 0, sizeof(*sin));
1048 		sin->sin_family = AF_INET;
1049 		break;
1050 
1051 	case SIOCSIFFLAGS:
1052 		ret = -EPERM;
1053 		if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
1054 			goto out;
1055 		break;
1056 	case SIOCSIFADDR:	/* Set interface address (and family) */
1057 	case SIOCSIFBRDADDR:	/* Set the broadcast address */
1058 	case SIOCSIFDSTADDR:	/* Set the destination address */
1059 	case SIOCSIFNETMASK: 	/* Set the netmask for the interface */
1060 		ret = -EPERM;
1061 		if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
1062 			goto out;
1063 		ret = -EINVAL;
1064 		if (sin->sin_family != AF_INET)
1065 			goto out;
1066 		break;
1067 	default:
1068 		ret = -EINVAL;
1069 		goto out;
1070 	}
1071 
1072 	rtnl_lock();
1073 
1074 	ret = -ENODEV;
1075 	dev = __dev_get_by_name(net, ifr->ifr_name);
1076 	if (!dev)
1077 		goto done;
1078 
1079 	if (colon)
1080 		*colon = ':';
1081 
1082 	in_dev = __in_dev_get_rtnl(dev);
1083 	if (in_dev) {
1084 		if (tryaddrmatch) {
1085 			/* Matthias Andree */
1086 			/* compare label and address (4.4BSD style) */
1087 			/* note: we only do this for a limited set of ioctls
1088 			   and only if the original address family was AF_INET.
1089 			   This is checked above. */
1090 
1091 			for (ifap = &in_dev->ifa_list;
1092 			     (ifa = rtnl_dereference(*ifap)) != NULL;
1093 			     ifap = &ifa->ifa_next) {
1094 				if (!strcmp(ifr->ifr_name, ifa->ifa_label) &&
1095 				    sin_orig.sin_addr.s_addr ==
1096 							ifa->ifa_local) {
1097 					break; /* found */
1098 				}
1099 			}
1100 		}
1101 		/* we didn't get a match, maybe the application is
1102 		   4.3BSD-style and passed in junk so we fall back to
1103 		   comparing just the label */
1104 		if (!ifa) {
1105 			for (ifap = &in_dev->ifa_list;
1106 			     (ifa = rtnl_dereference(*ifap)) != NULL;
1107 			     ifap = &ifa->ifa_next)
1108 				if (!strcmp(ifr->ifr_name, ifa->ifa_label))
1109 					break;
1110 		}
1111 	}
1112 
1113 	ret = -EADDRNOTAVAIL;
1114 	if (!ifa && cmd != SIOCSIFADDR && cmd != SIOCSIFFLAGS)
1115 		goto done;
1116 
1117 	switch (cmd) {
1118 	case SIOCGIFADDR:	/* Get interface address */
1119 		ret = 0;
1120 		sin->sin_addr.s_addr = ifa->ifa_local;
1121 		break;
1122 
1123 	case SIOCGIFBRDADDR:	/* Get the broadcast address */
1124 		ret = 0;
1125 		sin->sin_addr.s_addr = ifa->ifa_broadcast;
1126 		break;
1127 
1128 	case SIOCGIFDSTADDR:	/* Get the destination address */
1129 		ret = 0;
1130 		sin->sin_addr.s_addr = ifa->ifa_address;
1131 		break;
1132 
1133 	case SIOCGIFNETMASK:	/* Get the netmask for the interface */
1134 		ret = 0;
1135 		sin->sin_addr.s_addr = ifa->ifa_mask;
1136 		break;
1137 
1138 	case SIOCSIFFLAGS:
1139 		if (colon) {
1140 			ret = -EADDRNOTAVAIL;
1141 			if (!ifa)
1142 				break;
1143 			ret = 0;
1144 			if (!(ifr->ifr_flags & IFF_UP))
1145 				inet_del_ifa(in_dev, ifap, 1);
1146 			break;
1147 		}
1148 		ret = dev_change_flags(dev, ifr->ifr_flags, NULL);
1149 		break;
1150 
1151 	case SIOCSIFADDR:	/* Set interface address (and family) */
1152 		ret = -EINVAL;
1153 		if (inet_abc_len(sin->sin_addr.s_addr) < 0)
1154 			break;
1155 
1156 		if (!ifa) {
1157 			ret = -ENOBUFS;
1158 			ifa = inet_alloc_ifa();
1159 			if (!ifa)
1160 				break;
1161 			INIT_HLIST_NODE(&ifa->hash);
1162 			if (colon)
1163 				memcpy(ifa->ifa_label, ifr->ifr_name, IFNAMSIZ);
1164 			else
1165 				memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
1166 		} else {
1167 			ret = 0;
1168 			if (ifa->ifa_local == sin->sin_addr.s_addr)
1169 				break;
1170 			inet_del_ifa(in_dev, ifap, 0);
1171 			ifa->ifa_broadcast = 0;
1172 			ifa->ifa_scope = 0;
1173 		}
1174 
1175 		ifa->ifa_address = ifa->ifa_local = sin->sin_addr.s_addr;
1176 
1177 		if (!(dev->flags & IFF_POINTOPOINT)) {
1178 			ifa->ifa_prefixlen = inet_abc_len(ifa->ifa_address);
1179 			ifa->ifa_mask = inet_make_mask(ifa->ifa_prefixlen);
1180 			if ((dev->flags & IFF_BROADCAST) &&
1181 			    ifa->ifa_prefixlen < 31)
1182 				ifa->ifa_broadcast = ifa->ifa_address |
1183 						     ~ifa->ifa_mask;
1184 		} else {
1185 			ifa->ifa_prefixlen = 32;
1186 			ifa->ifa_mask = inet_make_mask(32);
1187 		}
1188 		set_ifa_lifetime(ifa, INFINITY_LIFE_TIME, INFINITY_LIFE_TIME);
1189 		ret = inet_set_ifa(dev, ifa);
1190 		break;
1191 
1192 	case SIOCSIFBRDADDR:	/* Set the broadcast address */
1193 		ret = 0;
1194 		if (ifa->ifa_broadcast != sin->sin_addr.s_addr) {
1195 			inet_del_ifa(in_dev, ifap, 0);
1196 			ifa->ifa_broadcast = sin->sin_addr.s_addr;
1197 			inet_insert_ifa(ifa);
1198 		}
1199 		break;
1200 
1201 	case SIOCSIFDSTADDR:	/* Set the destination address */
1202 		ret = 0;
1203 		if (ifa->ifa_address == sin->sin_addr.s_addr)
1204 			break;
1205 		ret = -EINVAL;
1206 		if (inet_abc_len(sin->sin_addr.s_addr) < 0)
1207 			break;
1208 		ret = 0;
1209 		inet_del_ifa(in_dev, ifap, 0);
1210 		ifa->ifa_address = sin->sin_addr.s_addr;
1211 		inet_insert_ifa(ifa);
1212 		break;
1213 
1214 	case SIOCSIFNETMASK: 	/* Set the netmask for the interface */
1215 
1216 		/*
1217 		 *	The mask we set must be legal.
1218 		 */
1219 		ret = -EINVAL;
1220 		if (bad_mask(sin->sin_addr.s_addr, 0))
1221 			break;
1222 		ret = 0;
1223 		if (ifa->ifa_mask != sin->sin_addr.s_addr) {
1224 			__be32 old_mask = ifa->ifa_mask;
1225 			inet_del_ifa(in_dev, ifap, 0);
1226 			ifa->ifa_mask = sin->sin_addr.s_addr;
1227 			ifa->ifa_prefixlen = inet_mask_len(ifa->ifa_mask);
1228 
1229 			/* See if current broadcast address matches
1230 			 * with current netmask, then recalculate
1231 			 * the broadcast address. Otherwise it's a
1232 			 * funny address, so don't touch it since
1233 			 * the user seems to know what (s)he's doing...
1234 			 */
1235 			if ((dev->flags & IFF_BROADCAST) &&
1236 			    (ifa->ifa_prefixlen < 31) &&
1237 			    (ifa->ifa_broadcast ==
1238 			     (ifa->ifa_local|~old_mask))) {
1239 				ifa->ifa_broadcast = (ifa->ifa_local |
1240 						      ~sin->sin_addr.s_addr);
1241 			}
1242 			inet_insert_ifa(ifa);
1243 		}
1244 		break;
1245 	}
1246 done:
1247 	rtnl_unlock();
1248 out:
1249 	return ret;
1250 }
1251 
1252 int inet_gifconf(struct net_device *dev, char __user *buf, int len, int size)
1253 {
1254 	struct in_device *in_dev = __in_dev_get_rtnl(dev);
1255 	const struct in_ifaddr *ifa;
1256 	struct ifreq ifr;
1257 	int done = 0;
1258 
1259 	if (WARN_ON(size > sizeof(struct ifreq)))
1260 		goto out;
1261 
1262 	if (!in_dev)
1263 		goto out;
1264 
1265 	in_dev_for_each_ifa_rtnl(ifa, in_dev) {
1266 		if (!buf) {
1267 			done += size;
1268 			continue;
1269 		}
1270 		if (len < size)
1271 			break;
1272 		memset(&ifr, 0, sizeof(struct ifreq));
1273 		strcpy(ifr.ifr_name, ifa->ifa_label);
1274 
1275 		(*(struct sockaddr_in *)&ifr.ifr_addr).sin_family = AF_INET;
1276 		(*(struct sockaddr_in *)&ifr.ifr_addr).sin_addr.s_addr =
1277 								ifa->ifa_local;
1278 
1279 		if (copy_to_user(buf + done, &ifr, size)) {
1280 			done = -EFAULT;
1281 			break;
1282 		}
1283 		len  -= size;
1284 		done += size;
1285 	}
1286 out:
1287 	return done;
1288 }
1289 
1290 static __be32 in_dev_select_addr(const struct in_device *in_dev,
1291 				 int scope)
1292 {
1293 	const struct in_ifaddr *ifa;
1294 
1295 	in_dev_for_each_ifa_rcu(ifa, in_dev) {
1296 		if (ifa->ifa_flags & IFA_F_SECONDARY)
1297 			continue;
1298 		if (ifa->ifa_scope != RT_SCOPE_LINK &&
1299 		    ifa->ifa_scope <= scope)
1300 			return ifa->ifa_local;
1301 	}
1302 
1303 	return 0;
1304 }
1305 
1306 __be32 inet_select_addr(const struct net_device *dev, __be32 dst, int scope)
1307 {
1308 	const struct in_ifaddr *ifa;
1309 	__be32 addr = 0;
1310 	unsigned char localnet_scope = RT_SCOPE_HOST;
1311 	struct in_device *in_dev;
1312 	struct net *net = dev_net(dev);
1313 	int master_idx;
1314 
1315 	rcu_read_lock();
1316 	in_dev = __in_dev_get_rcu(dev);
1317 	if (!in_dev)
1318 		goto no_in_dev;
1319 
1320 	if (unlikely(IN_DEV_ROUTE_LOCALNET(in_dev)))
1321 		localnet_scope = RT_SCOPE_LINK;
1322 
1323 	in_dev_for_each_ifa_rcu(ifa, in_dev) {
1324 		if (ifa->ifa_flags & IFA_F_SECONDARY)
1325 			continue;
1326 		if (min(ifa->ifa_scope, localnet_scope) > scope)
1327 			continue;
1328 		if (!dst || inet_ifa_match(dst, ifa)) {
1329 			addr = ifa->ifa_local;
1330 			break;
1331 		}
1332 		if (!addr)
1333 			addr = ifa->ifa_local;
1334 	}
1335 
1336 	if (addr)
1337 		goto out_unlock;
1338 no_in_dev:
1339 	master_idx = l3mdev_master_ifindex_rcu(dev);
1340 
1341 	/* For VRFs, the VRF device takes the place of the loopback device,
1342 	 * with addresses on it being preferred.  Note in such cases the
1343 	 * loopback device will be among the devices that fail the master_idx
1344 	 * equality check in the loop below.
1345 	 */
1346 	if (master_idx &&
1347 	    (dev = dev_get_by_index_rcu(net, master_idx)) &&
1348 	    (in_dev = __in_dev_get_rcu(dev))) {
1349 		addr = in_dev_select_addr(in_dev, scope);
1350 		if (addr)
1351 			goto out_unlock;
1352 	}
1353 
1354 	/* Not loopback addresses on loopback should be preferred
1355 	   in this case. It is important that lo is the first interface
1356 	   in dev_base list.
1357 	 */
1358 	for_each_netdev_rcu(net, dev) {
1359 		if (l3mdev_master_ifindex_rcu(dev) != master_idx)
1360 			continue;
1361 
1362 		in_dev = __in_dev_get_rcu(dev);
1363 		if (!in_dev)
1364 			continue;
1365 
1366 		addr = in_dev_select_addr(in_dev, scope);
1367 		if (addr)
1368 			goto out_unlock;
1369 	}
1370 out_unlock:
1371 	rcu_read_unlock();
1372 	return addr;
1373 }
1374 EXPORT_SYMBOL(inet_select_addr);
1375 
1376 static __be32 confirm_addr_indev(struct in_device *in_dev, __be32 dst,
1377 			      __be32 local, int scope)
1378 {
1379 	unsigned char localnet_scope = RT_SCOPE_HOST;
1380 	const struct in_ifaddr *ifa;
1381 	__be32 addr = 0;
1382 	int same = 0;
1383 
1384 	if (unlikely(IN_DEV_ROUTE_LOCALNET(in_dev)))
1385 		localnet_scope = RT_SCOPE_LINK;
1386 
1387 	in_dev_for_each_ifa_rcu(ifa, in_dev) {
1388 		unsigned char min_scope = min(ifa->ifa_scope, localnet_scope);
1389 
1390 		if (!addr &&
1391 		    (local == ifa->ifa_local || !local) &&
1392 		    min_scope <= scope) {
1393 			addr = ifa->ifa_local;
1394 			if (same)
1395 				break;
1396 		}
1397 		if (!same) {
1398 			same = (!local || inet_ifa_match(local, ifa)) &&
1399 				(!dst || inet_ifa_match(dst, ifa));
1400 			if (same && addr) {
1401 				if (local || !dst)
1402 					break;
1403 				/* Is the selected addr into dst subnet? */
1404 				if (inet_ifa_match(addr, ifa))
1405 					break;
1406 				/* No, then can we use new local src? */
1407 				if (min_scope <= scope) {
1408 					addr = ifa->ifa_local;
1409 					break;
1410 				}
1411 				/* search for large dst subnet for addr */
1412 				same = 0;
1413 			}
1414 		}
1415 	}
1416 
1417 	return same ? addr : 0;
1418 }
1419 
1420 /*
1421  * Confirm that local IP address exists using wildcards:
1422  * - net: netns to check, cannot be NULL
1423  * - in_dev: only on this interface, NULL=any interface
1424  * - dst: only in the same subnet as dst, 0=any dst
1425  * - local: address, 0=autoselect the local address
1426  * - scope: maximum allowed scope value for the local address
1427  */
1428 __be32 inet_confirm_addr(struct net *net, struct in_device *in_dev,
1429 			 __be32 dst, __be32 local, int scope)
1430 {
1431 	__be32 addr = 0;
1432 	struct net_device *dev;
1433 
1434 	if (in_dev)
1435 		return confirm_addr_indev(in_dev, dst, local, scope);
1436 
1437 	rcu_read_lock();
1438 	for_each_netdev_rcu(net, dev) {
1439 		in_dev = __in_dev_get_rcu(dev);
1440 		if (in_dev) {
1441 			addr = confirm_addr_indev(in_dev, dst, local, scope);
1442 			if (addr)
1443 				break;
1444 		}
1445 	}
1446 	rcu_read_unlock();
1447 
1448 	return addr;
1449 }
1450 EXPORT_SYMBOL(inet_confirm_addr);
1451 
1452 /*
1453  *	Device notifier
1454  */
1455 
1456 int register_inetaddr_notifier(struct notifier_block *nb)
1457 {
1458 	return blocking_notifier_chain_register(&inetaddr_chain, nb);
1459 }
1460 EXPORT_SYMBOL(register_inetaddr_notifier);
1461 
1462 int unregister_inetaddr_notifier(struct notifier_block *nb)
1463 {
1464 	return blocking_notifier_chain_unregister(&inetaddr_chain, nb);
1465 }
1466 EXPORT_SYMBOL(unregister_inetaddr_notifier);
1467 
1468 int register_inetaddr_validator_notifier(struct notifier_block *nb)
1469 {
1470 	return blocking_notifier_chain_register(&inetaddr_validator_chain, nb);
1471 }
1472 EXPORT_SYMBOL(register_inetaddr_validator_notifier);
1473 
1474 int unregister_inetaddr_validator_notifier(struct notifier_block *nb)
1475 {
1476 	return blocking_notifier_chain_unregister(&inetaddr_validator_chain,
1477 	    nb);
1478 }
1479 EXPORT_SYMBOL(unregister_inetaddr_validator_notifier);
1480 
1481 /* Rename ifa_labels for a device name change. Make some effort to preserve
1482  * existing alias numbering and to create unique labels if possible.
1483 */
1484 static void inetdev_changename(struct net_device *dev, struct in_device *in_dev)
1485 {
1486 	struct in_ifaddr *ifa;
1487 	int named = 0;
1488 
1489 	in_dev_for_each_ifa_rtnl(ifa, in_dev) {
1490 		char old[IFNAMSIZ], *dot;
1491 
1492 		memcpy(old, ifa->ifa_label, IFNAMSIZ);
1493 		memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
1494 		if (named++ == 0)
1495 			goto skip;
1496 		dot = strchr(old, ':');
1497 		if (!dot) {
1498 			sprintf(old, ":%d", named);
1499 			dot = old;
1500 		}
1501 		if (strlen(dot) + strlen(dev->name) < IFNAMSIZ)
1502 			strcat(ifa->ifa_label, dot);
1503 		else
1504 			strcpy(ifa->ifa_label + (IFNAMSIZ - strlen(dot) - 1), dot);
1505 skip:
1506 		rtmsg_ifa(RTM_NEWADDR, ifa, NULL, 0);
1507 	}
1508 }
1509 
1510 static void inetdev_send_gratuitous_arp(struct net_device *dev,
1511 					struct in_device *in_dev)
1512 
1513 {
1514 	const struct in_ifaddr *ifa;
1515 
1516 	in_dev_for_each_ifa_rtnl(ifa, in_dev) {
1517 		arp_send(ARPOP_REQUEST, ETH_P_ARP,
1518 			 ifa->ifa_local, dev,
1519 			 ifa->ifa_local, NULL,
1520 			 dev->dev_addr, NULL);
1521 	}
1522 }
1523 
1524 /* Called only under RTNL semaphore */
1525 
1526 static int inetdev_event(struct notifier_block *this, unsigned long event,
1527 			 void *ptr)
1528 {
1529 	struct net_device *dev = netdev_notifier_info_to_dev(ptr);
1530 	struct in_device *in_dev = __in_dev_get_rtnl(dev);
1531 
1532 	ASSERT_RTNL();
1533 
1534 	if (!in_dev) {
1535 		if (event == NETDEV_REGISTER) {
1536 			in_dev = inetdev_init(dev);
1537 			if (IS_ERR(in_dev))
1538 				return notifier_from_errno(PTR_ERR(in_dev));
1539 			if (dev->flags & IFF_LOOPBACK) {
1540 				IN_DEV_CONF_SET(in_dev, NOXFRM, 1);
1541 				IN_DEV_CONF_SET(in_dev, NOPOLICY, 1);
1542 			}
1543 		} else if (event == NETDEV_CHANGEMTU) {
1544 			/* Re-enabling IP */
1545 			if (inetdev_valid_mtu(dev->mtu))
1546 				in_dev = inetdev_init(dev);
1547 		}
1548 		goto out;
1549 	}
1550 
1551 	switch (event) {
1552 	case NETDEV_REGISTER:
1553 		pr_debug("%s: bug\n", __func__);
1554 		RCU_INIT_POINTER(dev->ip_ptr, NULL);
1555 		break;
1556 	case NETDEV_UP:
1557 		if (!inetdev_valid_mtu(dev->mtu))
1558 			break;
1559 		if (dev->flags & IFF_LOOPBACK) {
1560 			struct in_ifaddr *ifa = inet_alloc_ifa();
1561 
1562 			if (ifa) {
1563 				INIT_HLIST_NODE(&ifa->hash);
1564 				ifa->ifa_local =
1565 				  ifa->ifa_address = htonl(INADDR_LOOPBACK);
1566 				ifa->ifa_prefixlen = 8;
1567 				ifa->ifa_mask = inet_make_mask(8);
1568 				in_dev_hold(in_dev);
1569 				ifa->ifa_dev = in_dev;
1570 				ifa->ifa_scope = RT_SCOPE_HOST;
1571 				memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
1572 				set_ifa_lifetime(ifa, INFINITY_LIFE_TIME,
1573 						 INFINITY_LIFE_TIME);
1574 				ipv4_devconf_setall(in_dev);
1575 				neigh_parms_data_state_setall(in_dev->arp_parms);
1576 				inet_insert_ifa(ifa);
1577 			}
1578 		}
1579 		ip_mc_up(in_dev);
1580 		fallthrough;
1581 	case NETDEV_CHANGEADDR:
1582 		if (!IN_DEV_ARP_NOTIFY(in_dev))
1583 			break;
1584 		fallthrough;
1585 	case NETDEV_NOTIFY_PEERS:
1586 		/* Send gratuitous ARP to notify of link change */
1587 		inetdev_send_gratuitous_arp(dev, in_dev);
1588 		break;
1589 	case NETDEV_DOWN:
1590 		ip_mc_down(in_dev);
1591 		break;
1592 	case NETDEV_PRE_TYPE_CHANGE:
1593 		ip_mc_unmap(in_dev);
1594 		break;
1595 	case NETDEV_POST_TYPE_CHANGE:
1596 		ip_mc_remap(in_dev);
1597 		break;
1598 	case NETDEV_CHANGEMTU:
1599 		if (inetdev_valid_mtu(dev->mtu))
1600 			break;
1601 		/* disable IP when MTU is not enough */
1602 		fallthrough;
1603 	case NETDEV_UNREGISTER:
1604 		inetdev_destroy(in_dev);
1605 		break;
1606 	case NETDEV_CHANGENAME:
1607 		/* Do not notify about label change, this event is
1608 		 * not interesting to applications using netlink.
1609 		 */
1610 		inetdev_changename(dev, in_dev);
1611 
1612 		devinet_sysctl_unregister(in_dev);
1613 		devinet_sysctl_register(in_dev);
1614 		break;
1615 	}
1616 out:
1617 	return NOTIFY_DONE;
1618 }
1619 
1620 static struct notifier_block ip_netdev_notifier = {
1621 	.notifier_call = inetdev_event,
1622 };
1623 
1624 static size_t inet_nlmsg_size(void)
1625 {
1626 	return NLMSG_ALIGN(sizeof(struct ifaddrmsg))
1627 	       + nla_total_size(4) /* IFA_ADDRESS */
1628 	       + nla_total_size(4) /* IFA_LOCAL */
1629 	       + nla_total_size(4) /* IFA_BROADCAST */
1630 	       + nla_total_size(IFNAMSIZ) /* IFA_LABEL */
1631 	       + nla_total_size(4)  /* IFA_FLAGS */
1632 	       + nla_total_size(1)  /* IFA_PROTO */
1633 	       + nla_total_size(4)  /* IFA_RT_PRIORITY */
1634 	       + nla_total_size(sizeof(struct ifa_cacheinfo)); /* IFA_CACHEINFO */
1635 }
1636 
1637 static inline u32 cstamp_delta(unsigned long cstamp)
1638 {
1639 	return (cstamp - INITIAL_JIFFIES) * 100UL / HZ;
1640 }
1641 
1642 static int put_cacheinfo(struct sk_buff *skb, unsigned long cstamp,
1643 			 unsigned long tstamp, u32 preferred, u32 valid)
1644 {
1645 	struct ifa_cacheinfo ci;
1646 
1647 	ci.cstamp = cstamp_delta(cstamp);
1648 	ci.tstamp = cstamp_delta(tstamp);
1649 	ci.ifa_prefered = preferred;
1650 	ci.ifa_valid = valid;
1651 
1652 	return nla_put(skb, IFA_CACHEINFO, sizeof(ci), &ci);
1653 }
1654 
1655 static int inet_fill_ifaddr(struct sk_buff *skb, struct in_ifaddr *ifa,
1656 			    struct inet_fill_args *args)
1657 {
1658 	struct ifaddrmsg *ifm;
1659 	struct nlmsghdr  *nlh;
1660 	u32 preferred, valid;
1661 
1662 	nlh = nlmsg_put(skb, args->portid, args->seq, args->event, sizeof(*ifm),
1663 			args->flags);
1664 	if (!nlh)
1665 		return -EMSGSIZE;
1666 
1667 	ifm = nlmsg_data(nlh);
1668 	ifm->ifa_family = AF_INET;
1669 	ifm->ifa_prefixlen = ifa->ifa_prefixlen;
1670 	ifm->ifa_flags = ifa->ifa_flags;
1671 	ifm->ifa_scope = ifa->ifa_scope;
1672 	ifm->ifa_index = ifa->ifa_dev->dev->ifindex;
1673 
1674 	if (args->netnsid >= 0 &&
1675 	    nla_put_s32(skb, IFA_TARGET_NETNSID, args->netnsid))
1676 		goto nla_put_failure;
1677 
1678 	if (!(ifm->ifa_flags & IFA_F_PERMANENT)) {
1679 		preferred = ifa->ifa_preferred_lft;
1680 		valid = ifa->ifa_valid_lft;
1681 		if (preferred != INFINITY_LIFE_TIME) {
1682 			long tval = (jiffies - ifa->ifa_tstamp) / HZ;
1683 
1684 			if (preferred > tval)
1685 				preferred -= tval;
1686 			else
1687 				preferred = 0;
1688 			if (valid != INFINITY_LIFE_TIME) {
1689 				if (valid > tval)
1690 					valid -= tval;
1691 				else
1692 					valid = 0;
1693 			}
1694 		}
1695 	} else {
1696 		preferred = INFINITY_LIFE_TIME;
1697 		valid = INFINITY_LIFE_TIME;
1698 	}
1699 	if ((ifa->ifa_address &&
1700 	     nla_put_in_addr(skb, IFA_ADDRESS, ifa->ifa_address)) ||
1701 	    (ifa->ifa_local &&
1702 	     nla_put_in_addr(skb, IFA_LOCAL, ifa->ifa_local)) ||
1703 	    (ifa->ifa_broadcast &&
1704 	     nla_put_in_addr(skb, IFA_BROADCAST, ifa->ifa_broadcast)) ||
1705 	    (ifa->ifa_label[0] &&
1706 	     nla_put_string(skb, IFA_LABEL, ifa->ifa_label)) ||
1707 	    (ifa->ifa_proto &&
1708 	     nla_put_u8(skb, IFA_PROTO, ifa->ifa_proto)) ||
1709 	    nla_put_u32(skb, IFA_FLAGS, ifa->ifa_flags) ||
1710 	    (ifa->ifa_rt_priority &&
1711 	     nla_put_u32(skb, IFA_RT_PRIORITY, ifa->ifa_rt_priority)) ||
1712 	    put_cacheinfo(skb, ifa->ifa_cstamp, ifa->ifa_tstamp,
1713 			  preferred, valid))
1714 		goto nla_put_failure;
1715 
1716 	nlmsg_end(skb, nlh);
1717 	return 0;
1718 
1719 nla_put_failure:
1720 	nlmsg_cancel(skb, nlh);
1721 	return -EMSGSIZE;
1722 }
1723 
1724 static int inet_valid_dump_ifaddr_req(const struct nlmsghdr *nlh,
1725 				      struct inet_fill_args *fillargs,
1726 				      struct net **tgt_net, struct sock *sk,
1727 				      struct netlink_callback *cb)
1728 {
1729 	struct netlink_ext_ack *extack = cb->extack;
1730 	struct nlattr *tb[IFA_MAX+1];
1731 	struct ifaddrmsg *ifm;
1732 	int err, i;
1733 
1734 	if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*ifm))) {
1735 		NL_SET_ERR_MSG(extack, "ipv4: Invalid header for address dump request");
1736 		return -EINVAL;
1737 	}
1738 
1739 	ifm = nlmsg_data(nlh);
1740 	if (ifm->ifa_prefixlen || ifm->ifa_flags || ifm->ifa_scope) {
1741 		NL_SET_ERR_MSG(extack, "ipv4: Invalid values in header for address dump request");
1742 		return -EINVAL;
1743 	}
1744 
1745 	fillargs->ifindex = ifm->ifa_index;
1746 	if (fillargs->ifindex) {
1747 		cb->answer_flags |= NLM_F_DUMP_FILTERED;
1748 		fillargs->flags |= NLM_F_DUMP_FILTERED;
1749 	}
1750 
1751 	err = nlmsg_parse_deprecated_strict(nlh, sizeof(*ifm), tb, IFA_MAX,
1752 					    ifa_ipv4_policy, extack);
1753 	if (err < 0)
1754 		return err;
1755 
1756 	for (i = 0; i <= IFA_MAX; ++i) {
1757 		if (!tb[i])
1758 			continue;
1759 
1760 		if (i == IFA_TARGET_NETNSID) {
1761 			struct net *net;
1762 
1763 			fillargs->netnsid = nla_get_s32(tb[i]);
1764 
1765 			net = rtnl_get_net_ns_capable(sk, fillargs->netnsid);
1766 			if (IS_ERR(net)) {
1767 				fillargs->netnsid = -1;
1768 				NL_SET_ERR_MSG(extack, "ipv4: Invalid target network namespace id");
1769 				return PTR_ERR(net);
1770 			}
1771 			*tgt_net = net;
1772 		} else {
1773 			NL_SET_ERR_MSG(extack, "ipv4: Unsupported attribute in dump request");
1774 			return -EINVAL;
1775 		}
1776 	}
1777 
1778 	return 0;
1779 }
1780 
1781 static int in_dev_dump_addr(struct in_device *in_dev, struct sk_buff *skb,
1782 			    struct netlink_callback *cb, int s_ip_idx,
1783 			    struct inet_fill_args *fillargs)
1784 {
1785 	struct in_ifaddr *ifa;
1786 	int ip_idx = 0;
1787 	int err;
1788 
1789 	in_dev_for_each_ifa_rtnl(ifa, in_dev) {
1790 		if (ip_idx < s_ip_idx) {
1791 			ip_idx++;
1792 			continue;
1793 		}
1794 		err = inet_fill_ifaddr(skb, ifa, fillargs);
1795 		if (err < 0)
1796 			goto done;
1797 
1798 		nl_dump_check_consistent(cb, nlmsg_hdr(skb));
1799 		ip_idx++;
1800 	}
1801 	err = 0;
1802 
1803 done:
1804 	cb->args[2] = ip_idx;
1805 
1806 	return err;
1807 }
1808 
1809 static int inet_dump_ifaddr(struct sk_buff *skb, struct netlink_callback *cb)
1810 {
1811 	const struct nlmsghdr *nlh = cb->nlh;
1812 	struct inet_fill_args fillargs = {
1813 		.portid = NETLINK_CB(cb->skb).portid,
1814 		.seq = nlh->nlmsg_seq,
1815 		.event = RTM_NEWADDR,
1816 		.flags = NLM_F_MULTI,
1817 		.netnsid = -1,
1818 	};
1819 	struct net *net = sock_net(skb->sk);
1820 	struct net *tgt_net = net;
1821 	int h, s_h;
1822 	int idx, s_idx;
1823 	int s_ip_idx;
1824 	struct net_device *dev;
1825 	struct in_device *in_dev;
1826 	struct hlist_head *head;
1827 	int err = 0;
1828 
1829 	s_h = cb->args[0];
1830 	s_idx = idx = cb->args[1];
1831 	s_ip_idx = cb->args[2];
1832 
1833 	if (cb->strict_check) {
1834 		err = inet_valid_dump_ifaddr_req(nlh, &fillargs, &tgt_net,
1835 						 skb->sk, cb);
1836 		if (err < 0)
1837 			goto put_tgt_net;
1838 
1839 		err = 0;
1840 		if (fillargs.ifindex) {
1841 			dev = __dev_get_by_index(tgt_net, fillargs.ifindex);
1842 			if (!dev) {
1843 				err = -ENODEV;
1844 				goto put_tgt_net;
1845 			}
1846 
1847 			in_dev = __in_dev_get_rtnl(dev);
1848 			if (in_dev) {
1849 				err = in_dev_dump_addr(in_dev, skb, cb, s_ip_idx,
1850 						       &fillargs);
1851 			}
1852 			goto put_tgt_net;
1853 		}
1854 	}
1855 
1856 	for (h = s_h; h < NETDEV_HASHENTRIES; h++, s_idx = 0) {
1857 		idx = 0;
1858 		head = &tgt_net->dev_index_head[h];
1859 		rcu_read_lock();
1860 		cb->seq = atomic_read(&tgt_net->ipv4.dev_addr_genid) ^
1861 			  tgt_net->dev_base_seq;
1862 		hlist_for_each_entry_rcu(dev, head, index_hlist) {
1863 			if (idx < s_idx)
1864 				goto cont;
1865 			if (h > s_h || idx > s_idx)
1866 				s_ip_idx = 0;
1867 			in_dev = __in_dev_get_rcu(dev);
1868 			if (!in_dev)
1869 				goto cont;
1870 
1871 			err = in_dev_dump_addr(in_dev, skb, cb, s_ip_idx,
1872 					       &fillargs);
1873 			if (err < 0) {
1874 				rcu_read_unlock();
1875 				goto done;
1876 			}
1877 cont:
1878 			idx++;
1879 		}
1880 		rcu_read_unlock();
1881 	}
1882 
1883 done:
1884 	cb->args[0] = h;
1885 	cb->args[1] = idx;
1886 put_tgt_net:
1887 	if (fillargs.netnsid >= 0)
1888 		put_net(tgt_net);
1889 
1890 	return skb->len ? : err;
1891 }
1892 
1893 static void rtmsg_ifa(int event, struct in_ifaddr *ifa, struct nlmsghdr *nlh,
1894 		      u32 portid)
1895 {
1896 	struct inet_fill_args fillargs = {
1897 		.portid = portid,
1898 		.seq = nlh ? nlh->nlmsg_seq : 0,
1899 		.event = event,
1900 		.flags = 0,
1901 		.netnsid = -1,
1902 	};
1903 	struct sk_buff *skb;
1904 	int err = -ENOBUFS;
1905 	struct net *net;
1906 
1907 	net = dev_net(ifa->ifa_dev->dev);
1908 	skb = nlmsg_new(inet_nlmsg_size(), GFP_KERNEL);
1909 	if (!skb)
1910 		goto errout;
1911 
1912 	err = inet_fill_ifaddr(skb, ifa, &fillargs);
1913 	if (err < 0) {
1914 		/* -EMSGSIZE implies BUG in inet_nlmsg_size() */
1915 		WARN_ON(err == -EMSGSIZE);
1916 		kfree_skb(skb);
1917 		goto errout;
1918 	}
1919 	rtnl_notify(skb, net, portid, RTNLGRP_IPV4_IFADDR, nlh, GFP_KERNEL);
1920 	return;
1921 errout:
1922 	if (err < 0)
1923 		rtnl_set_sk_err(net, RTNLGRP_IPV4_IFADDR, err);
1924 }
1925 
1926 static size_t inet_get_link_af_size(const struct net_device *dev,
1927 				    u32 ext_filter_mask)
1928 {
1929 	struct in_device *in_dev = rcu_dereference_rtnl(dev->ip_ptr);
1930 
1931 	if (!in_dev)
1932 		return 0;
1933 
1934 	return nla_total_size(IPV4_DEVCONF_MAX * 4); /* IFLA_INET_CONF */
1935 }
1936 
1937 static int inet_fill_link_af(struct sk_buff *skb, const struct net_device *dev,
1938 			     u32 ext_filter_mask)
1939 {
1940 	struct in_device *in_dev = rcu_dereference_rtnl(dev->ip_ptr);
1941 	struct nlattr *nla;
1942 	int i;
1943 
1944 	if (!in_dev)
1945 		return -ENODATA;
1946 
1947 	nla = nla_reserve(skb, IFLA_INET_CONF, IPV4_DEVCONF_MAX * 4);
1948 	if (!nla)
1949 		return -EMSGSIZE;
1950 
1951 	for (i = 0; i < IPV4_DEVCONF_MAX; i++)
1952 		((u32 *) nla_data(nla))[i] = in_dev->cnf.data[i];
1953 
1954 	return 0;
1955 }
1956 
1957 static const struct nla_policy inet_af_policy[IFLA_INET_MAX+1] = {
1958 	[IFLA_INET_CONF]	= { .type = NLA_NESTED },
1959 };
1960 
1961 static int inet_validate_link_af(const struct net_device *dev,
1962 				 const struct nlattr *nla,
1963 				 struct netlink_ext_ack *extack)
1964 {
1965 	struct nlattr *a, *tb[IFLA_INET_MAX+1];
1966 	int err, rem;
1967 
1968 	if (dev && !__in_dev_get_rtnl(dev))
1969 		return -EAFNOSUPPORT;
1970 
1971 	err = nla_parse_nested_deprecated(tb, IFLA_INET_MAX, nla,
1972 					  inet_af_policy, extack);
1973 	if (err < 0)
1974 		return err;
1975 
1976 	if (tb[IFLA_INET_CONF]) {
1977 		nla_for_each_nested(a, tb[IFLA_INET_CONF], rem) {
1978 			int cfgid = nla_type(a);
1979 
1980 			if (nla_len(a) < 4)
1981 				return -EINVAL;
1982 
1983 			if (cfgid <= 0 || cfgid > IPV4_DEVCONF_MAX)
1984 				return -EINVAL;
1985 		}
1986 	}
1987 
1988 	return 0;
1989 }
1990 
1991 static int inet_set_link_af(struct net_device *dev, const struct nlattr *nla,
1992 			    struct netlink_ext_ack *extack)
1993 {
1994 	struct in_device *in_dev = __in_dev_get_rtnl(dev);
1995 	struct nlattr *a, *tb[IFLA_INET_MAX+1];
1996 	int rem;
1997 
1998 	if (!in_dev)
1999 		return -EAFNOSUPPORT;
2000 
2001 	if (nla_parse_nested_deprecated(tb, IFLA_INET_MAX, nla, NULL, NULL) < 0)
2002 		return -EINVAL;
2003 
2004 	if (tb[IFLA_INET_CONF]) {
2005 		nla_for_each_nested(a, tb[IFLA_INET_CONF], rem)
2006 			ipv4_devconf_set(in_dev, nla_type(a), nla_get_u32(a));
2007 	}
2008 
2009 	return 0;
2010 }
2011 
2012 static int inet_netconf_msgsize_devconf(int type)
2013 {
2014 	int size = NLMSG_ALIGN(sizeof(struct netconfmsg))
2015 		   + nla_total_size(4);	/* NETCONFA_IFINDEX */
2016 	bool all = false;
2017 
2018 	if (type == NETCONFA_ALL)
2019 		all = true;
2020 
2021 	if (all || type == NETCONFA_FORWARDING)
2022 		size += nla_total_size(4);
2023 	if (all || type == NETCONFA_RP_FILTER)
2024 		size += nla_total_size(4);
2025 	if (all || type == NETCONFA_MC_FORWARDING)
2026 		size += nla_total_size(4);
2027 	if (all || type == NETCONFA_BC_FORWARDING)
2028 		size += nla_total_size(4);
2029 	if (all || type == NETCONFA_PROXY_NEIGH)
2030 		size += nla_total_size(4);
2031 	if (all || type == NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN)
2032 		size += nla_total_size(4);
2033 
2034 	return size;
2035 }
2036 
2037 static int inet_netconf_fill_devconf(struct sk_buff *skb, int ifindex,
2038 				     struct ipv4_devconf *devconf, u32 portid,
2039 				     u32 seq, int event, unsigned int flags,
2040 				     int type)
2041 {
2042 	struct nlmsghdr  *nlh;
2043 	struct netconfmsg *ncm;
2044 	bool all = false;
2045 
2046 	nlh = nlmsg_put(skb, portid, seq, event, sizeof(struct netconfmsg),
2047 			flags);
2048 	if (!nlh)
2049 		return -EMSGSIZE;
2050 
2051 	if (type == NETCONFA_ALL)
2052 		all = true;
2053 
2054 	ncm = nlmsg_data(nlh);
2055 	ncm->ncm_family = AF_INET;
2056 
2057 	if (nla_put_s32(skb, NETCONFA_IFINDEX, ifindex) < 0)
2058 		goto nla_put_failure;
2059 
2060 	if (!devconf)
2061 		goto out;
2062 
2063 	if ((all || type == NETCONFA_FORWARDING) &&
2064 	    nla_put_s32(skb, NETCONFA_FORWARDING,
2065 			IPV4_DEVCONF(*devconf, FORWARDING)) < 0)
2066 		goto nla_put_failure;
2067 	if ((all || type == NETCONFA_RP_FILTER) &&
2068 	    nla_put_s32(skb, NETCONFA_RP_FILTER,
2069 			IPV4_DEVCONF(*devconf, RP_FILTER)) < 0)
2070 		goto nla_put_failure;
2071 	if ((all || type == NETCONFA_MC_FORWARDING) &&
2072 	    nla_put_s32(skb, NETCONFA_MC_FORWARDING,
2073 			IPV4_DEVCONF(*devconf, MC_FORWARDING)) < 0)
2074 		goto nla_put_failure;
2075 	if ((all || type == NETCONFA_BC_FORWARDING) &&
2076 	    nla_put_s32(skb, NETCONFA_BC_FORWARDING,
2077 			IPV4_DEVCONF(*devconf, BC_FORWARDING)) < 0)
2078 		goto nla_put_failure;
2079 	if ((all || type == NETCONFA_PROXY_NEIGH) &&
2080 	    nla_put_s32(skb, NETCONFA_PROXY_NEIGH,
2081 			IPV4_DEVCONF(*devconf, PROXY_ARP)) < 0)
2082 		goto nla_put_failure;
2083 	if ((all || type == NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN) &&
2084 	    nla_put_s32(skb, NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN,
2085 			IPV4_DEVCONF(*devconf, IGNORE_ROUTES_WITH_LINKDOWN)) < 0)
2086 		goto nla_put_failure;
2087 
2088 out:
2089 	nlmsg_end(skb, nlh);
2090 	return 0;
2091 
2092 nla_put_failure:
2093 	nlmsg_cancel(skb, nlh);
2094 	return -EMSGSIZE;
2095 }
2096 
2097 void inet_netconf_notify_devconf(struct net *net, int event, int type,
2098 				 int ifindex, struct ipv4_devconf *devconf)
2099 {
2100 	struct sk_buff *skb;
2101 	int err = -ENOBUFS;
2102 
2103 	skb = nlmsg_new(inet_netconf_msgsize_devconf(type), GFP_KERNEL);
2104 	if (!skb)
2105 		goto errout;
2106 
2107 	err = inet_netconf_fill_devconf(skb, ifindex, devconf, 0, 0,
2108 					event, 0, type);
2109 	if (err < 0) {
2110 		/* -EMSGSIZE implies BUG in inet_netconf_msgsize_devconf() */
2111 		WARN_ON(err == -EMSGSIZE);
2112 		kfree_skb(skb);
2113 		goto errout;
2114 	}
2115 	rtnl_notify(skb, net, 0, RTNLGRP_IPV4_NETCONF, NULL, GFP_KERNEL);
2116 	return;
2117 errout:
2118 	if (err < 0)
2119 		rtnl_set_sk_err(net, RTNLGRP_IPV4_NETCONF, err);
2120 }
2121 
2122 static const struct nla_policy devconf_ipv4_policy[NETCONFA_MAX+1] = {
2123 	[NETCONFA_IFINDEX]	= { .len = sizeof(int) },
2124 	[NETCONFA_FORWARDING]	= { .len = sizeof(int) },
2125 	[NETCONFA_RP_FILTER]	= { .len = sizeof(int) },
2126 	[NETCONFA_PROXY_NEIGH]	= { .len = sizeof(int) },
2127 	[NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN]	= { .len = sizeof(int) },
2128 };
2129 
2130 static int inet_netconf_valid_get_req(struct sk_buff *skb,
2131 				      const struct nlmsghdr *nlh,
2132 				      struct nlattr **tb,
2133 				      struct netlink_ext_ack *extack)
2134 {
2135 	int i, err;
2136 
2137 	if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(struct netconfmsg))) {
2138 		NL_SET_ERR_MSG(extack, "ipv4: Invalid header for netconf get request");
2139 		return -EINVAL;
2140 	}
2141 
2142 	if (!netlink_strict_get_check(skb))
2143 		return nlmsg_parse_deprecated(nlh, sizeof(struct netconfmsg),
2144 					      tb, NETCONFA_MAX,
2145 					      devconf_ipv4_policy, extack);
2146 
2147 	err = nlmsg_parse_deprecated_strict(nlh, sizeof(struct netconfmsg),
2148 					    tb, NETCONFA_MAX,
2149 					    devconf_ipv4_policy, extack);
2150 	if (err)
2151 		return err;
2152 
2153 	for (i = 0; i <= NETCONFA_MAX; i++) {
2154 		if (!tb[i])
2155 			continue;
2156 
2157 		switch (i) {
2158 		case NETCONFA_IFINDEX:
2159 			break;
2160 		default:
2161 			NL_SET_ERR_MSG(extack, "ipv4: Unsupported attribute in netconf get request");
2162 			return -EINVAL;
2163 		}
2164 	}
2165 
2166 	return 0;
2167 }
2168 
2169 static int inet_netconf_get_devconf(struct sk_buff *in_skb,
2170 				    struct nlmsghdr *nlh,
2171 				    struct netlink_ext_ack *extack)
2172 {
2173 	struct net *net = sock_net(in_skb->sk);
2174 	struct nlattr *tb[NETCONFA_MAX+1];
2175 	struct sk_buff *skb;
2176 	struct ipv4_devconf *devconf;
2177 	struct in_device *in_dev;
2178 	struct net_device *dev;
2179 	int ifindex;
2180 	int err;
2181 
2182 	err = inet_netconf_valid_get_req(in_skb, nlh, tb, extack);
2183 	if (err)
2184 		goto errout;
2185 
2186 	err = -EINVAL;
2187 	if (!tb[NETCONFA_IFINDEX])
2188 		goto errout;
2189 
2190 	ifindex = nla_get_s32(tb[NETCONFA_IFINDEX]);
2191 	switch (ifindex) {
2192 	case NETCONFA_IFINDEX_ALL:
2193 		devconf = net->ipv4.devconf_all;
2194 		break;
2195 	case NETCONFA_IFINDEX_DEFAULT:
2196 		devconf = net->ipv4.devconf_dflt;
2197 		break;
2198 	default:
2199 		dev = __dev_get_by_index(net, ifindex);
2200 		if (!dev)
2201 			goto errout;
2202 		in_dev = __in_dev_get_rtnl(dev);
2203 		if (!in_dev)
2204 			goto errout;
2205 		devconf = &in_dev->cnf;
2206 		break;
2207 	}
2208 
2209 	err = -ENOBUFS;
2210 	skb = nlmsg_new(inet_netconf_msgsize_devconf(NETCONFA_ALL), GFP_KERNEL);
2211 	if (!skb)
2212 		goto errout;
2213 
2214 	err = inet_netconf_fill_devconf(skb, ifindex, devconf,
2215 					NETLINK_CB(in_skb).portid,
2216 					nlh->nlmsg_seq, RTM_NEWNETCONF, 0,
2217 					NETCONFA_ALL);
2218 	if (err < 0) {
2219 		/* -EMSGSIZE implies BUG in inet_netconf_msgsize_devconf() */
2220 		WARN_ON(err == -EMSGSIZE);
2221 		kfree_skb(skb);
2222 		goto errout;
2223 	}
2224 	err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).portid);
2225 errout:
2226 	return err;
2227 }
2228 
2229 static int inet_netconf_dump_devconf(struct sk_buff *skb,
2230 				     struct netlink_callback *cb)
2231 {
2232 	const struct nlmsghdr *nlh = cb->nlh;
2233 	struct net *net = sock_net(skb->sk);
2234 	int h, s_h;
2235 	int idx, s_idx;
2236 	struct net_device *dev;
2237 	struct in_device *in_dev;
2238 	struct hlist_head *head;
2239 
2240 	if (cb->strict_check) {
2241 		struct netlink_ext_ack *extack = cb->extack;
2242 		struct netconfmsg *ncm;
2243 
2244 		if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*ncm))) {
2245 			NL_SET_ERR_MSG(extack, "ipv4: Invalid header for netconf dump request");
2246 			return -EINVAL;
2247 		}
2248 
2249 		if (nlmsg_attrlen(nlh, sizeof(*ncm))) {
2250 			NL_SET_ERR_MSG(extack, "ipv4: Invalid data after header in netconf dump request");
2251 			return -EINVAL;
2252 		}
2253 	}
2254 
2255 	s_h = cb->args[0];
2256 	s_idx = idx = cb->args[1];
2257 
2258 	for (h = s_h; h < NETDEV_HASHENTRIES; h++, s_idx = 0) {
2259 		idx = 0;
2260 		head = &net->dev_index_head[h];
2261 		rcu_read_lock();
2262 		cb->seq = atomic_read(&net->ipv4.dev_addr_genid) ^
2263 			  net->dev_base_seq;
2264 		hlist_for_each_entry_rcu(dev, head, index_hlist) {
2265 			if (idx < s_idx)
2266 				goto cont;
2267 			in_dev = __in_dev_get_rcu(dev);
2268 			if (!in_dev)
2269 				goto cont;
2270 
2271 			if (inet_netconf_fill_devconf(skb, dev->ifindex,
2272 						      &in_dev->cnf,
2273 						      NETLINK_CB(cb->skb).portid,
2274 						      nlh->nlmsg_seq,
2275 						      RTM_NEWNETCONF,
2276 						      NLM_F_MULTI,
2277 						      NETCONFA_ALL) < 0) {
2278 				rcu_read_unlock();
2279 				goto done;
2280 			}
2281 			nl_dump_check_consistent(cb, nlmsg_hdr(skb));
2282 cont:
2283 			idx++;
2284 		}
2285 		rcu_read_unlock();
2286 	}
2287 	if (h == NETDEV_HASHENTRIES) {
2288 		if (inet_netconf_fill_devconf(skb, NETCONFA_IFINDEX_ALL,
2289 					      net->ipv4.devconf_all,
2290 					      NETLINK_CB(cb->skb).portid,
2291 					      nlh->nlmsg_seq,
2292 					      RTM_NEWNETCONF, NLM_F_MULTI,
2293 					      NETCONFA_ALL) < 0)
2294 			goto done;
2295 		else
2296 			h++;
2297 	}
2298 	if (h == NETDEV_HASHENTRIES + 1) {
2299 		if (inet_netconf_fill_devconf(skb, NETCONFA_IFINDEX_DEFAULT,
2300 					      net->ipv4.devconf_dflt,
2301 					      NETLINK_CB(cb->skb).portid,
2302 					      nlh->nlmsg_seq,
2303 					      RTM_NEWNETCONF, NLM_F_MULTI,
2304 					      NETCONFA_ALL) < 0)
2305 			goto done;
2306 		else
2307 			h++;
2308 	}
2309 done:
2310 	cb->args[0] = h;
2311 	cb->args[1] = idx;
2312 
2313 	return skb->len;
2314 }
2315 
2316 #ifdef CONFIG_SYSCTL
2317 
2318 static void devinet_copy_dflt_conf(struct net *net, int i)
2319 {
2320 	struct net_device *dev;
2321 
2322 	rcu_read_lock();
2323 	for_each_netdev_rcu(net, dev) {
2324 		struct in_device *in_dev;
2325 
2326 		in_dev = __in_dev_get_rcu(dev);
2327 		if (in_dev && !test_bit(i, in_dev->cnf.state))
2328 			in_dev->cnf.data[i] = net->ipv4.devconf_dflt->data[i];
2329 	}
2330 	rcu_read_unlock();
2331 }
2332 
2333 /* called with RTNL locked */
2334 static void inet_forward_change(struct net *net)
2335 {
2336 	struct net_device *dev;
2337 	int on = IPV4_DEVCONF_ALL(net, FORWARDING);
2338 
2339 	IPV4_DEVCONF_ALL(net, ACCEPT_REDIRECTS) = !on;
2340 	IPV4_DEVCONF_DFLT(net, FORWARDING) = on;
2341 	inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2342 				    NETCONFA_FORWARDING,
2343 				    NETCONFA_IFINDEX_ALL,
2344 				    net->ipv4.devconf_all);
2345 	inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2346 				    NETCONFA_FORWARDING,
2347 				    NETCONFA_IFINDEX_DEFAULT,
2348 				    net->ipv4.devconf_dflt);
2349 
2350 	for_each_netdev(net, dev) {
2351 		struct in_device *in_dev;
2352 
2353 		if (on)
2354 			dev_disable_lro(dev);
2355 
2356 		in_dev = __in_dev_get_rtnl(dev);
2357 		if (in_dev) {
2358 			IN_DEV_CONF_SET(in_dev, FORWARDING, on);
2359 			inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2360 						    NETCONFA_FORWARDING,
2361 						    dev->ifindex, &in_dev->cnf);
2362 		}
2363 	}
2364 }
2365 
2366 static int devinet_conf_ifindex(struct net *net, struct ipv4_devconf *cnf)
2367 {
2368 	if (cnf == net->ipv4.devconf_dflt)
2369 		return NETCONFA_IFINDEX_DEFAULT;
2370 	else if (cnf == net->ipv4.devconf_all)
2371 		return NETCONFA_IFINDEX_ALL;
2372 	else {
2373 		struct in_device *idev
2374 			= container_of(cnf, struct in_device, cnf);
2375 		return idev->dev->ifindex;
2376 	}
2377 }
2378 
2379 static int devinet_conf_proc(struct ctl_table *ctl, int write,
2380 			     void *buffer, size_t *lenp, loff_t *ppos)
2381 {
2382 	int old_value = *(int *)ctl->data;
2383 	int ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
2384 	int new_value = *(int *)ctl->data;
2385 
2386 	if (write) {
2387 		struct ipv4_devconf *cnf = ctl->extra1;
2388 		struct net *net = ctl->extra2;
2389 		int i = (int *)ctl->data - cnf->data;
2390 		int ifindex;
2391 
2392 		set_bit(i, cnf->state);
2393 
2394 		if (cnf == net->ipv4.devconf_dflt)
2395 			devinet_copy_dflt_conf(net, i);
2396 		if (i == IPV4_DEVCONF_ACCEPT_LOCAL - 1 ||
2397 		    i == IPV4_DEVCONF_ROUTE_LOCALNET - 1)
2398 			if ((new_value == 0) && (old_value != 0))
2399 				rt_cache_flush(net);
2400 
2401 		if (i == IPV4_DEVCONF_BC_FORWARDING - 1 &&
2402 		    new_value != old_value)
2403 			rt_cache_flush(net);
2404 
2405 		if (i == IPV4_DEVCONF_RP_FILTER - 1 &&
2406 		    new_value != old_value) {
2407 			ifindex = devinet_conf_ifindex(net, cnf);
2408 			inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2409 						    NETCONFA_RP_FILTER,
2410 						    ifindex, cnf);
2411 		}
2412 		if (i == IPV4_DEVCONF_PROXY_ARP - 1 &&
2413 		    new_value != old_value) {
2414 			ifindex = devinet_conf_ifindex(net, cnf);
2415 			inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2416 						    NETCONFA_PROXY_NEIGH,
2417 						    ifindex, cnf);
2418 		}
2419 		if (i == IPV4_DEVCONF_IGNORE_ROUTES_WITH_LINKDOWN - 1 &&
2420 		    new_value != old_value) {
2421 			ifindex = devinet_conf_ifindex(net, cnf);
2422 			inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2423 						    NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN,
2424 						    ifindex, cnf);
2425 		}
2426 	}
2427 
2428 	return ret;
2429 }
2430 
2431 static int devinet_sysctl_forward(struct ctl_table *ctl, int write,
2432 				  void *buffer, size_t *lenp, loff_t *ppos)
2433 {
2434 	int *valp = ctl->data;
2435 	int val = *valp;
2436 	loff_t pos = *ppos;
2437 	struct net *net = ctl->extra2;
2438 	int ret;
2439 
2440 	if (write && !ns_capable(net->user_ns, CAP_NET_ADMIN))
2441 		return -EPERM;
2442 
2443 	ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
2444 
2445 	if (write && *valp != val) {
2446 		if (valp != &IPV4_DEVCONF_DFLT(net, FORWARDING)) {
2447 			if (!rtnl_trylock()) {
2448 				/* Restore the original values before restarting */
2449 				*valp = val;
2450 				*ppos = pos;
2451 				return restart_syscall();
2452 			}
2453 			if (valp == &IPV4_DEVCONF_ALL(net, FORWARDING)) {
2454 				inet_forward_change(net);
2455 			} else {
2456 				struct ipv4_devconf *cnf = ctl->extra1;
2457 				struct in_device *idev =
2458 					container_of(cnf, struct in_device, cnf);
2459 				if (*valp)
2460 					dev_disable_lro(idev->dev);
2461 				inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2462 							    NETCONFA_FORWARDING,
2463 							    idev->dev->ifindex,
2464 							    cnf);
2465 			}
2466 			rtnl_unlock();
2467 			rt_cache_flush(net);
2468 		} else
2469 			inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2470 						    NETCONFA_FORWARDING,
2471 						    NETCONFA_IFINDEX_DEFAULT,
2472 						    net->ipv4.devconf_dflt);
2473 	}
2474 
2475 	return ret;
2476 }
2477 
2478 static int ipv4_doint_and_flush(struct ctl_table *ctl, int write,
2479 				void *buffer, size_t *lenp, loff_t *ppos)
2480 {
2481 	int *valp = ctl->data;
2482 	int val = *valp;
2483 	int ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
2484 	struct net *net = ctl->extra2;
2485 
2486 	if (write && *valp != val)
2487 		rt_cache_flush(net);
2488 
2489 	return ret;
2490 }
2491 
2492 #define DEVINET_SYSCTL_ENTRY(attr, name, mval, proc) \
2493 	{ \
2494 		.procname	= name, \
2495 		.data		= ipv4_devconf.data + \
2496 				  IPV4_DEVCONF_ ## attr - 1, \
2497 		.maxlen		= sizeof(int), \
2498 		.mode		= mval, \
2499 		.proc_handler	= proc, \
2500 		.extra1		= &ipv4_devconf, \
2501 	}
2502 
2503 #define DEVINET_SYSCTL_RW_ENTRY(attr, name) \
2504 	DEVINET_SYSCTL_ENTRY(attr, name, 0644, devinet_conf_proc)
2505 
2506 #define DEVINET_SYSCTL_RO_ENTRY(attr, name) \
2507 	DEVINET_SYSCTL_ENTRY(attr, name, 0444, devinet_conf_proc)
2508 
2509 #define DEVINET_SYSCTL_COMPLEX_ENTRY(attr, name, proc) \
2510 	DEVINET_SYSCTL_ENTRY(attr, name, 0644, proc)
2511 
2512 #define DEVINET_SYSCTL_FLUSHING_ENTRY(attr, name) \
2513 	DEVINET_SYSCTL_COMPLEX_ENTRY(attr, name, ipv4_doint_and_flush)
2514 
2515 static struct devinet_sysctl_table {
2516 	struct ctl_table_header *sysctl_header;
2517 	struct ctl_table devinet_vars[__IPV4_DEVCONF_MAX];
2518 } devinet_sysctl = {
2519 	.devinet_vars = {
2520 		DEVINET_SYSCTL_COMPLEX_ENTRY(FORWARDING, "forwarding",
2521 					     devinet_sysctl_forward),
2522 		DEVINET_SYSCTL_RO_ENTRY(MC_FORWARDING, "mc_forwarding"),
2523 		DEVINET_SYSCTL_RW_ENTRY(BC_FORWARDING, "bc_forwarding"),
2524 
2525 		DEVINET_SYSCTL_RW_ENTRY(ACCEPT_REDIRECTS, "accept_redirects"),
2526 		DEVINET_SYSCTL_RW_ENTRY(SECURE_REDIRECTS, "secure_redirects"),
2527 		DEVINET_SYSCTL_RW_ENTRY(SHARED_MEDIA, "shared_media"),
2528 		DEVINET_SYSCTL_RW_ENTRY(RP_FILTER, "rp_filter"),
2529 		DEVINET_SYSCTL_RW_ENTRY(SEND_REDIRECTS, "send_redirects"),
2530 		DEVINET_SYSCTL_RW_ENTRY(ACCEPT_SOURCE_ROUTE,
2531 					"accept_source_route"),
2532 		DEVINET_SYSCTL_RW_ENTRY(ACCEPT_LOCAL, "accept_local"),
2533 		DEVINET_SYSCTL_RW_ENTRY(SRC_VMARK, "src_valid_mark"),
2534 		DEVINET_SYSCTL_RW_ENTRY(PROXY_ARP, "proxy_arp"),
2535 		DEVINET_SYSCTL_RW_ENTRY(MEDIUM_ID, "medium_id"),
2536 		DEVINET_SYSCTL_RW_ENTRY(BOOTP_RELAY, "bootp_relay"),
2537 		DEVINET_SYSCTL_RW_ENTRY(LOG_MARTIANS, "log_martians"),
2538 		DEVINET_SYSCTL_RW_ENTRY(TAG, "tag"),
2539 		DEVINET_SYSCTL_RW_ENTRY(ARPFILTER, "arp_filter"),
2540 		DEVINET_SYSCTL_RW_ENTRY(ARP_ANNOUNCE, "arp_announce"),
2541 		DEVINET_SYSCTL_RW_ENTRY(ARP_IGNORE, "arp_ignore"),
2542 		DEVINET_SYSCTL_RW_ENTRY(ARP_ACCEPT, "arp_accept"),
2543 		DEVINET_SYSCTL_RW_ENTRY(ARP_NOTIFY, "arp_notify"),
2544 		DEVINET_SYSCTL_RW_ENTRY(ARP_EVICT_NOCARRIER,
2545 					"arp_evict_nocarrier"),
2546 		DEVINET_SYSCTL_RW_ENTRY(PROXY_ARP_PVLAN, "proxy_arp_pvlan"),
2547 		DEVINET_SYSCTL_RW_ENTRY(FORCE_IGMP_VERSION,
2548 					"force_igmp_version"),
2549 		DEVINET_SYSCTL_RW_ENTRY(IGMPV2_UNSOLICITED_REPORT_INTERVAL,
2550 					"igmpv2_unsolicited_report_interval"),
2551 		DEVINET_SYSCTL_RW_ENTRY(IGMPV3_UNSOLICITED_REPORT_INTERVAL,
2552 					"igmpv3_unsolicited_report_interval"),
2553 		DEVINET_SYSCTL_RW_ENTRY(IGNORE_ROUTES_WITH_LINKDOWN,
2554 					"ignore_routes_with_linkdown"),
2555 		DEVINET_SYSCTL_RW_ENTRY(DROP_GRATUITOUS_ARP,
2556 					"drop_gratuitous_arp"),
2557 
2558 		DEVINET_SYSCTL_FLUSHING_ENTRY(NOXFRM, "disable_xfrm"),
2559 		DEVINET_SYSCTL_FLUSHING_ENTRY(NOPOLICY, "disable_policy"),
2560 		DEVINET_SYSCTL_FLUSHING_ENTRY(PROMOTE_SECONDARIES,
2561 					      "promote_secondaries"),
2562 		DEVINET_SYSCTL_FLUSHING_ENTRY(ROUTE_LOCALNET,
2563 					      "route_localnet"),
2564 		DEVINET_SYSCTL_FLUSHING_ENTRY(DROP_UNICAST_IN_L2_MULTICAST,
2565 					      "drop_unicast_in_l2_multicast"),
2566 	},
2567 };
2568 
2569 static int __devinet_sysctl_register(struct net *net, char *dev_name,
2570 				     int ifindex, struct ipv4_devconf *p)
2571 {
2572 	int i;
2573 	struct devinet_sysctl_table *t;
2574 	char path[sizeof("net/ipv4/conf/") + IFNAMSIZ];
2575 
2576 	t = kmemdup(&devinet_sysctl, sizeof(*t), GFP_KERNEL);
2577 	if (!t)
2578 		goto out;
2579 
2580 	for (i = 0; i < ARRAY_SIZE(t->devinet_vars) - 1; i++) {
2581 		t->devinet_vars[i].data += (char *)p - (char *)&ipv4_devconf;
2582 		t->devinet_vars[i].extra1 = p;
2583 		t->devinet_vars[i].extra2 = net;
2584 	}
2585 
2586 	snprintf(path, sizeof(path), "net/ipv4/conf/%s", dev_name);
2587 
2588 	t->sysctl_header = register_net_sysctl(net, path, t->devinet_vars);
2589 	if (!t->sysctl_header)
2590 		goto free;
2591 
2592 	p->sysctl = t;
2593 
2594 	inet_netconf_notify_devconf(net, RTM_NEWNETCONF, NETCONFA_ALL,
2595 				    ifindex, p);
2596 	return 0;
2597 
2598 free:
2599 	kfree(t);
2600 out:
2601 	return -ENOMEM;
2602 }
2603 
2604 static void __devinet_sysctl_unregister(struct net *net,
2605 					struct ipv4_devconf *cnf, int ifindex)
2606 {
2607 	struct devinet_sysctl_table *t = cnf->sysctl;
2608 
2609 	if (t) {
2610 		cnf->sysctl = NULL;
2611 		unregister_net_sysctl_table(t->sysctl_header);
2612 		kfree(t);
2613 	}
2614 
2615 	inet_netconf_notify_devconf(net, RTM_DELNETCONF, 0, ifindex, NULL);
2616 }
2617 
2618 static int devinet_sysctl_register(struct in_device *idev)
2619 {
2620 	int err;
2621 
2622 	if (!sysctl_dev_name_is_allowed(idev->dev->name))
2623 		return -EINVAL;
2624 
2625 	err = neigh_sysctl_register(idev->dev, idev->arp_parms, NULL);
2626 	if (err)
2627 		return err;
2628 	err = __devinet_sysctl_register(dev_net(idev->dev), idev->dev->name,
2629 					idev->dev->ifindex, &idev->cnf);
2630 	if (err)
2631 		neigh_sysctl_unregister(idev->arp_parms);
2632 	return err;
2633 }
2634 
2635 static void devinet_sysctl_unregister(struct in_device *idev)
2636 {
2637 	struct net *net = dev_net(idev->dev);
2638 
2639 	__devinet_sysctl_unregister(net, &idev->cnf, idev->dev->ifindex);
2640 	neigh_sysctl_unregister(idev->arp_parms);
2641 }
2642 
2643 static struct ctl_table ctl_forward_entry[] = {
2644 	{
2645 		.procname	= "ip_forward",
2646 		.data		= &ipv4_devconf.data[
2647 					IPV4_DEVCONF_FORWARDING - 1],
2648 		.maxlen		= sizeof(int),
2649 		.mode		= 0644,
2650 		.proc_handler	= devinet_sysctl_forward,
2651 		.extra1		= &ipv4_devconf,
2652 		.extra2		= &init_net,
2653 	},
2654 	{ },
2655 };
2656 #endif
2657 
2658 static __net_init int devinet_init_net(struct net *net)
2659 {
2660 	int err;
2661 	struct ipv4_devconf *all, *dflt;
2662 #ifdef CONFIG_SYSCTL
2663 	struct ctl_table *tbl;
2664 	struct ctl_table_header *forw_hdr;
2665 #endif
2666 
2667 	err = -ENOMEM;
2668 	all = kmemdup(&ipv4_devconf, sizeof(ipv4_devconf), GFP_KERNEL);
2669 	if (!all)
2670 		goto err_alloc_all;
2671 
2672 	dflt = kmemdup(&ipv4_devconf_dflt, sizeof(ipv4_devconf_dflt), GFP_KERNEL);
2673 	if (!dflt)
2674 		goto err_alloc_dflt;
2675 
2676 #ifdef CONFIG_SYSCTL
2677 	tbl = kmemdup(ctl_forward_entry, sizeof(ctl_forward_entry), GFP_KERNEL);
2678 	if (!tbl)
2679 		goto err_alloc_ctl;
2680 
2681 	tbl[0].data = &all->data[IPV4_DEVCONF_FORWARDING - 1];
2682 	tbl[0].extra1 = all;
2683 	tbl[0].extra2 = net;
2684 #endif
2685 
2686 	if (!net_eq(net, &init_net)) {
2687 		if (IS_ENABLED(CONFIG_SYSCTL) &&
2688 		    sysctl_devconf_inherit_init_net == 3) {
2689 			/* copy from the current netns */
2690 			memcpy(all, current->nsproxy->net_ns->ipv4.devconf_all,
2691 			       sizeof(ipv4_devconf));
2692 			memcpy(dflt,
2693 			       current->nsproxy->net_ns->ipv4.devconf_dflt,
2694 			       sizeof(ipv4_devconf_dflt));
2695 		} else if (!IS_ENABLED(CONFIG_SYSCTL) ||
2696 			   sysctl_devconf_inherit_init_net != 2) {
2697 			/* inherit == 0 or 1: copy from init_net */
2698 			memcpy(all, init_net.ipv4.devconf_all,
2699 			       sizeof(ipv4_devconf));
2700 			memcpy(dflt, init_net.ipv4.devconf_dflt,
2701 			       sizeof(ipv4_devconf_dflt));
2702 		}
2703 		/* else inherit == 2: use compiled values */
2704 	}
2705 
2706 #ifdef CONFIG_SYSCTL
2707 	err = __devinet_sysctl_register(net, "all", NETCONFA_IFINDEX_ALL, all);
2708 	if (err < 0)
2709 		goto err_reg_all;
2710 
2711 	err = __devinet_sysctl_register(net, "default",
2712 					NETCONFA_IFINDEX_DEFAULT, dflt);
2713 	if (err < 0)
2714 		goto err_reg_dflt;
2715 
2716 	err = -ENOMEM;
2717 	forw_hdr = register_net_sysctl(net, "net/ipv4", tbl);
2718 	if (!forw_hdr)
2719 		goto err_reg_ctl;
2720 	net->ipv4.forw_hdr = forw_hdr;
2721 #endif
2722 
2723 	net->ipv4.devconf_all = all;
2724 	net->ipv4.devconf_dflt = dflt;
2725 	return 0;
2726 
2727 #ifdef CONFIG_SYSCTL
2728 err_reg_ctl:
2729 	__devinet_sysctl_unregister(net, dflt, NETCONFA_IFINDEX_DEFAULT);
2730 err_reg_dflt:
2731 	__devinet_sysctl_unregister(net, all, NETCONFA_IFINDEX_ALL);
2732 err_reg_all:
2733 	kfree(tbl);
2734 err_alloc_ctl:
2735 #endif
2736 	kfree(dflt);
2737 err_alloc_dflt:
2738 	kfree(all);
2739 err_alloc_all:
2740 	return err;
2741 }
2742 
2743 static __net_exit void devinet_exit_net(struct net *net)
2744 {
2745 #ifdef CONFIG_SYSCTL
2746 	struct ctl_table *tbl;
2747 
2748 	tbl = net->ipv4.forw_hdr->ctl_table_arg;
2749 	unregister_net_sysctl_table(net->ipv4.forw_hdr);
2750 	__devinet_sysctl_unregister(net, net->ipv4.devconf_dflt,
2751 				    NETCONFA_IFINDEX_DEFAULT);
2752 	__devinet_sysctl_unregister(net, net->ipv4.devconf_all,
2753 				    NETCONFA_IFINDEX_ALL);
2754 	kfree(tbl);
2755 #endif
2756 	kfree(net->ipv4.devconf_dflt);
2757 	kfree(net->ipv4.devconf_all);
2758 }
2759 
2760 static __net_initdata struct pernet_operations devinet_ops = {
2761 	.init = devinet_init_net,
2762 	.exit = devinet_exit_net,
2763 };
2764 
2765 static struct rtnl_af_ops inet_af_ops __read_mostly = {
2766 	.family		  = AF_INET,
2767 	.fill_link_af	  = inet_fill_link_af,
2768 	.get_link_af_size = inet_get_link_af_size,
2769 	.validate_link_af = inet_validate_link_af,
2770 	.set_link_af	  = inet_set_link_af,
2771 };
2772 
2773 void __init devinet_init(void)
2774 {
2775 	int i;
2776 
2777 	for (i = 0; i < IN4_ADDR_HSIZE; i++)
2778 		INIT_HLIST_HEAD(&inet_addr_lst[i]);
2779 
2780 	register_pernet_subsys(&devinet_ops);
2781 	register_netdevice_notifier(&ip_netdev_notifier);
2782 
2783 	queue_delayed_work(system_power_efficient_wq, &check_lifetime_work, 0);
2784 
2785 	rtnl_af_register(&inet_af_ops);
2786 
2787 	rtnl_register(PF_INET, RTM_NEWADDR, inet_rtm_newaddr, NULL, 0);
2788 	rtnl_register(PF_INET, RTM_DELADDR, inet_rtm_deladdr, NULL, 0);
2789 	rtnl_register(PF_INET, RTM_GETADDR, NULL, inet_dump_ifaddr, 0);
2790 	rtnl_register(PF_INET, RTM_GETNETCONF, inet_netconf_get_devconf,
2791 		      inet_netconf_dump_devconf, 0);
2792 }
2793