1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3 * NET3 IP device support routines.
4 *
5 * Derived from the IP parts of dev.c 1.0.19
6 * Authors: Ross Biro
7 * Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
8 * Mark Evans, <evansmp@uhura.aston.ac.uk>
9 *
10 * Additional Authors:
11 * Alan Cox, <gw4pts@gw4pts.ampr.org>
12 * Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru>
13 *
14 * Changes:
15 * Alexey Kuznetsov: pa_* fields are replaced with ifaddr
16 * lists.
17 * Cyrus Durgin: updated for kmod
18 * Matthias Andree: in devinet_ioctl, compare label and
19 * address (4.4BSD alias style support),
20 * fall back to comparing just the label
21 * if no match found.
22 */
23
24
25 #include <linux/uaccess.h>
26 #include <linux/bitops.h>
27 #include <linux/capability.h>
28 #include <linux/module.h>
29 #include <linux/types.h>
30 #include <linux/kernel.h>
31 #include <linux/sched/signal.h>
32 #include <linux/string.h>
33 #include <linux/mm.h>
34 #include <linux/socket.h>
35 #include <linux/sockios.h>
36 #include <linux/in.h>
37 #include <linux/errno.h>
38 #include <linux/interrupt.h>
39 #include <linux/if_addr.h>
40 #include <linux/if_ether.h>
41 #include <linux/inet.h>
42 #include <linux/netdevice.h>
43 #include <linux/etherdevice.h>
44 #include <linux/skbuff.h>
45 #include <linux/init.h>
46 #include <linux/notifier.h>
47 #include <linux/inetdevice.h>
48 #include <linux/igmp.h>
49 #include <linux/slab.h>
50 #include <linux/hash.h>
51 #include <linux/hck/lite_hck_inet.h>
52 #ifdef CONFIG_SYSCTL
53 #include <linux/sysctl.h>
54 #endif
55 #include <linux/kmod.h>
56 #include <linux/netconf.h>
57
58 #include <net/arp.h>
59 #include <net/ip.h>
60 #include <net/route.h>
61 #include <net/ip_fib.h>
62 #include <net/rtnetlink.h>
63 #include <net/net_namespace.h>
64 #include <net/addrconf.h>
65
66 #define IPV6ONLY_FLAGS \
67 (IFA_F_NODAD | IFA_F_OPTIMISTIC | IFA_F_DADFAILED | \
68 IFA_F_HOMEADDRESS | IFA_F_TENTATIVE | \
69 IFA_F_MANAGETEMPADDR | IFA_F_STABLE_PRIVACY)
70
71 static struct ipv4_devconf ipv4_devconf = {
72 .data = {
73 [IPV4_DEVCONF_ACCEPT_REDIRECTS - 1] = 1,
74 [IPV4_DEVCONF_SEND_REDIRECTS - 1] = 1,
75 [IPV4_DEVCONF_SECURE_REDIRECTS - 1] = 1,
76 [IPV4_DEVCONF_SHARED_MEDIA - 1] = 1,
77 [IPV4_DEVCONF_IGMPV2_UNSOLICITED_REPORT_INTERVAL - 1] = 10000 /*ms*/,
78 [IPV4_DEVCONF_IGMPV3_UNSOLICITED_REPORT_INTERVAL - 1] = 1000 /*ms*/,
79 },
80 };
81
82 static struct ipv4_devconf ipv4_devconf_dflt = {
83 .data = {
84 [IPV4_DEVCONF_ACCEPT_REDIRECTS - 1] = 1,
85 [IPV4_DEVCONF_SEND_REDIRECTS - 1] = 1,
86 [IPV4_DEVCONF_SECURE_REDIRECTS - 1] = 1,
87 [IPV4_DEVCONF_SHARED_MEDIA - 1] = 1,
88 [IPV4_DEVCONF_ACCEPT_SOURCE_ROUTE - 1] = 1,
89 [IPV4_DEVCONF_IGMPV2_UNSOLICITED_REPORT_INTERVAL - 1] = 10000 /*ms*/,
90 [IPV4_DEVCONF_IGMPV3_UNSOLICITED_REPORT_INTERVAL - 1] = 1000 /*ms*/,
91 },
92 };
93
94 #define IPV4_DEVCONF_DFLT(net, attr) \
95 IPV4_DEVCONF((*net->ipv4.devconf_dflt), attr)
96
97 static const struct nla_policy ifa_ipv4_policy[IFA_MAX+1] = {
98 [IFA_LOCAL] = { .type = NLA_U32 },
99 [IFA_ADDRESS] = { .type = NLA_U32 },
100 [IFA_BROADCAST] = { .type = NLA_U32 },
101 [IFA_LABEL] = { .type = NLA_STRING, .len = IFNAMSIZ - 1 },
102 [IFA_CACHEINFO] = { .len = sizeof(struct ifa_cacheinfo) },
103 [IFA_FLAGS] = { .type = NLA_U32 },
104 [IFA_RT_PRIORITY] = { .type = NLA_U32 },
105 [IFA_TARGET_NETNSID] = { .type = NLA_S32 },
106 };
107
108 struct inet_fill_args {
109 u32 portid;
110 u32 seq;
111 int event;
112 unsigned int flags;
113 int netnsid;
114 int ifindex;
115 };
116
117 #define IN4_ADDR_HSIZE_SHIFT 8
118 #define IN4_ADDR_HSIZE (1U << IN4_ADDR_HSIZE_SHIFT)
119
120 static struct hlist_head inet_addr_lst[IN4_ADDR_HSIZE];
121
inet_addr_hash(const struct net * net,__be32 addr)122 static u32 inet_addr_hash(const struct net *net, __be32 addr)
123 {
124 u32 val = (__force u32) addr ^ net_hash_mix(net);
125
126 return hash_32(val, IN4_ADDR_HSIZE_SHIFT);
127 }
128
inet_hash_insert(struct net * net,struct in_ifaddr * ifa)129 static void inet_hash_insert(struct net *net, struct in_ifaddr *ifa)
130 {
131 u32 hash = inet_addr_hash(net, ifa->ifa_local);
132
133 ASSERT_RTNL();
134 hlist_add_head_rcu(&ifa->hash, &inet_addr_lst[hash]);
135 }
136
inet_hash_remove(struct in_ifaddr * ifa)137 static void inet_hash_remove(struct in_ifaddr *ifa)
138 {
139 ASSERT_RTNL();
140 hlist_del_init_rcu(&ifa->hash);
141 }
142
143 /**
144 * __ip_dev_find - find the first device with a given source address.
145 * @net: the net namespace
146 * @addr: the source address
147 * @devref: if true, take a reference on the found device
148 *
149 * If a caller uses devref=false, it should be protected by RCU, or RTNL
150 */
__ip_dev_find(struct net * net,__be32 addr,bool devref)151 struct net_device *__ip_dev_find(struct net *net, __be32 addr, bool devref)
152 {
153 struct net_device *result = NULL;
154 struct in_ifaddr *ifa;
155
156 rcu_read_lock();
157 ifa = inet_lookup_ifaddr_rcu(net, addr);
158 if (!ifa) {
159 struct flowi4 fl4 = { .daddr = addr };
160 struct fib_result res = { 0 };
161 struct fib_table *local;
162
163 /* Fallback to FIB local table so that communication
164 * over loopback subnets work.
165 */
166 local = fib_get_table(net, RT_TABLE_LOCAL);
167 if (local &&
168 !fib_table_lookup(local, &fl4, &res, FIB_LOOKUP_NOREF) &&
169 res.type == RTN_LOCAL)
170 result = FIB_RES_DEV(res);
171 } else {
172 result = ifa->ifa_dev->dev;
173 }
174 if (result && devref)
175 dev_hold(result);
176 rcu_read_unlock();
177 return result;
178 }
179 EXPORT_SYMBOL(__ip_dev_find);
180
181 /* called under RCU lock */
inet_lookup_ifaddr_rcu(struct net * net,__be32 addr)182 struct in_ifaddr *inet_lookup_ifaddr_rcu(struct net *net, __be32 addr)
183 {
184 u32 hash = inet_addr_hash(net, addr);
185 struct in_ifaddr *ifa;
186
187 hlist_for_each_entry_rcu(ifa, &inet_addr_lst[hash], hash)
188 if (ifa->ifa_local == addr &&
189 net_eq(dev_net(ifa->ifa_dev->dev), net))
190 return ifa;
191
192 return NULL;
193 }
194
195 static void rtmsg_ifa(int event, struct in_ifaddr *, struct nlmsghdr *, u32);
196
197 static BLOCKING_NOTIFIER_HEAD(inetaddr_chain);
198 static BLOCKING_NOTIFIER_HEAD(inetaddr_validator_chain);
199 static void inet_del_ifa(struct in_device *in_dev,
200 struct in_ifaddr __rcu **ifap,
201 int destroy);
202 #ifdef CONFIG_SYSCTL
203 static int devinet_sysctl_register(struct in_device *idev);
204 static void devinet_sysctl_unregister(struct in_device *idev);
205 #else
devinet_sysctl_register(struct in_device * idev)206 static int devinet_sysctl_register(struct in_device *idev)
207 {
208 return 0;
209 }
devinet_sysctl_unregister(struct in_device * idev)210 static void devinet_sysctl_unregister(struct in_device *idev)
211 {
212 }
213 #endif
214
215 /* Locks all the inet devices. */
216
inet_alloc_ifa(void)217 static struct in_ifaddr *inet_alloc_ifa(void)
218 {
219 return kzalloc(sizeof(struct in_ifaddr), GFP_KERNEL);
220 }
221
inet_rcu_free_ifa(struct rcu_head * head)222 static void inet_rcu_free_ifa(struct rcu_head *head)
223 {
224 struct in_ifaddr *ifa = container_of(head, struct in_ifaddr, rcu_head);
225 if (ifa->ifa_dev)
226 in_dev_put(ifa->ifa_dev);
227 kfree(ifa);
228 }
229
inet_free_ifa(struct in_ifaddr * ifa)230 static void inet_free_ifa(struct in_ifaddr *ifa)
231 {
232 call_rcu(&ifa->rcu_head, inet_rcu_free_ifa);
233 }
234
in_dev_finish_destroy(struct in_device * idev)235 void in_dev_finish_destroy(struct in_device *idev)
236 {
237 struct net_device *dev = idev->dev;
238
239 WARN_ON(idev->ifa_list);
240 WARN_ON(idev->mc_list);
241 kfree(rcu_dereference_protected(idev->mc_hash, 1));
242 #ifdef NET_REFCNT_DEBUG
243 pr_debug("%s: %p=%s\n", __func__, idev, dev ? dev->name : "NIL");
244 #endif
245 dev_put(dev);
246 if (!idev->dead)
247 pr_err("Freeing alive in_device %p\n", idev);
248 else
249 kfree(idev);
250 }
251 EXPORT_SYMBOL(in_dev_finish_destroy);
252
inetdev_init(struct net_device * dev)253 static struct in_device *inetdev_init(struct net_device *dev)
254 {
255 struct in_device *in_dev;
256 int err = -ENOMEM;
257
258 ASSERT_RTNL();
259
260 in_dev = kzalloc(sizeof(*in_dev), GFP_KERNEL);
261 if (!in_dev)
262 goto out;
263 memcpy(&in_dev->cnf, dev_net(dev)->ipv4.devconf_dflt,
264 sizeof(in_dev->cnf));
265 in_dev->cnf.sysctl = NULL;
266 in_dev->dev = dev;
267 in_dev->arp_parms = neigh_parms_alloc(dev, &arp_tbl);
268 if (!in_dev->arp_parms)
269 goto out_kfree;
270 if (IPV4_DEVCONF(in_dev->cnf, FORWARDING))
271 dev_disable_lro(dev);
272 /* Reference in_dev->dev */
273 dev_hold(dev);
274 /* Account for reference dev->ip_ptr (below) */
275 refcount_set(&in_dev->refcnt, 1);
276
277 err = devinet_sysctl_register(in_dev);
278 if (err) {
279 in_dev->dead = 1;
280 neigh_parms_release(&arp_tbl, in_dev->arp_parms);
281 in_dev_put(in_dev);
282 in_dev = NULL;
283 goto out;
284 }
285 ip_mc_init_dev(in_dev);
286 if (dev->flags & IFF_UP)
287 ip_mc_up(in_dev);
288
289 /* we can receive as soon as ip_ptr is set -- do this last */
290 rcu_assign_pointer(dev->ip_ptr, in_dev);
291 out:
292 return in_dev ?: ERR_PTR(err);
293 out_kfree:
294 kfree(in_dev);
295 in_dev = NULL;
296 goto out;
297 }
298
in_dev_rcu_put(struct rcu_head * head)299 static void in_dev_rcu_put(struct rcu_head *head)
300 {
301 struct in_device *idev = container_of(head, struct in_device, rcu_head);
302 in_dev_put(idev);
303 }
304
inetdev_destroy(struct in_device * in_dev)305 static void inetdev_destroy(struct in_device *in_dev)
306 {
307 struct net_device *dev;
308 struct in_ifaddr *ifa;
309
310 ASSERT_RTNL();
311
312 dev = in_dev->dev;
313
314 in_dev->dead = 1;
315
316 ip_mc_destroy_dev(in_dev);
317
318 while ((ifa = rtnl_dereference(in_dev->ifa_list)) != NULL) {
319 inet_del_ifa(in_dev, &in_dev->ifa_list, 0);
320 inet_free_ifa(ifa);
321 }
322
323 RCU_INIT_POINTER(dev->ip_ptr, NULL);
324
325 devinet_sysctl_unregister(in_dev);
326 neigh_parms_release(&arp_tbl, in_dev->arp_parms);
327 arp_ifdown(dev);
328
329 call_rcu(&in_dev->rcu_head, in_dev_rcu_put);
330 }
331
inet_addr_onlink(struct in_device * in_dev,__be32 a,__be32 b)332 int inet_addr_onlink(struct in_device *in_dev, __be32 a, __be32 b)
333 {
334 const struct in_ifaddr *ifa;
335
336 rcu_read_lock();
337 in_dev_for_each_ifa_rcu(ifa, in_dev) {
338 if (inet_ifa_match(a, ifa)) {
339 if (!b || inet_ifa_match(b, ifa)) {
340 rcu_read_unlock();
341 return 1;
342 }
343 }
344 }
345 rcu_read_unlock();
346 return 0;
347 }
348
__inet_del_ifa(struct in_device * in_dev,struct in_ifaddr __rcu ** ifap,int destroy,struct nlmsghdr * nlh,u32 portid)349 static void __inet_del_ifa(struct in_device *in_dev,
350 struct in_ifaddr __rcu **ifap,
351 int destroy, struct nlmsghdr *nlh, u32 portid)
352 {
353 struct in_ifaddr *promote = NULL;
354 struct in_ifaddr *ifa, *ifa1;
355 struct in_ifaddr *last_prim;
356 struct in_ifaddr *prev_prom = NULL;
357 int do_promote = IN_DEV_PROMOTE_SECONDARIES(in_dev);
358
359 ASSERT_RTNL();
360
361 ifa1 = rtnl_dereference(*ifap);
362 last_prim = rtnl_dereference(in_dev->ifa_list);
363 if (in_dev->dead)
364 goto no_promotions;
365
366 /* 1. Deleting primary ifaddr forces deletion all secondaries
367 * unless alias promotion is set
368 **/
369
370 if (!(ifa1->ifa_flags & IFA_F_SECONDARY)) {
371 struct in_ifaddr __rcu **ifap1 = &ifa1->ifa_next;
372
373 while ((ifa = rtnl_dereference(*ifap1)) != NULL) {
374 if (!(ifa->ifa_flags & IFA_F_SECONDARY) &&
375 ifa1->ifa_scope <= ifa->ifa_scope)
376 last_prim = ifa;
377
378 if (!(ifa->ifa_flags & IFA_F_SECONDARY) ||
379 ifa1->ifa_mask != ifa->ifa_mask ||
380 !inet_ifa_match(ifa1->ifa_address, ifa)) {
381 ifap1 = &ifa->ifa_next;
382 prev_prom = ifa;
383 continue;
384 }
385
386 if (!do_promote) {
387 inet_hash_remove(ifa);
388 *ifap1 = ifa->ifa_next;
389
390 rtmsg_ifa(RTM_DELADDR, ifa, nlh, portid);
391 blocking_notifier_call_chain(&inetaddr_chain,
392 NETDEV_DOWN, ifa);
393 inet_free_ifa(ifa);
394 } else {
395 promote = ifa;
396 break;
397 }
398 }
399 }
400
401 /* On promotion all secondaries from subnet are changing
402 * the primary IP, we must remove all their routes silently
403 * and later to add them back with new prefsrc. Do this
404 * while all addresses are on the device list.
405 */
406 for (ifa = promote; ifa; ifa = rtnl_dereference(ifa->ifa_next)) {
407 if (ifa1->ifa_mask == ifa->ifa_mask &&
408 inet_ifa_match(ifa1->ifa_address, ifa))
409 fib_del_ifaddr(ifa, ifa1);
410 }
411
412 no_promotions:
413 /* 2. Unlink it */
414
415 *ifap = ifa1->ifa_next;
416 inet_hash_remove(ifa1);
417
418 /* 3. Announce address deletion */
419
420 /* Send message first, then call notifier.
421 At first sight, FIB update triggered by notifier
422 will refer to already deleted ifaddr, that could confuse
423 netlink listeners. It is not true: look, gated sees
424 that route deleted and if it still thinks that ifaddr
425 is valid, it will try to restore deleted routes... Grr.
426 So that, this order is correct.
427 */
428 rtmsg_ifa(RTM_DELADDR, ifa1, nlh, portid);
429 blocking_notifier_call_chain(&inetaddr_chain, NETDEV_DOWN, ifa1);
430
431 if (promote) {
432 struct in_ifaddr *next_sec;
433
434 next_sec = rtnl_dereference(promote->ifa_next);
435 if (prev_prom) {
436 struct in_ifaddr *last_sec;
437
438 rcu_assign_pointer(prev_prom->ifa_next, next_sec);
439
440 last_sec = rtnl_dereference(last_prim->ifa_next);
441 rcu_assign_pointer(promote->ifa_next, last_sec);
442 rcu_assign_pointer(last_prim->ifa_next, promote);
443 }
444
445 promote->ifa_flags &= ~IFA_F_SECONDARY;
446 rtmsg_ifa(RTM_NEWADDR, promote, nlh, portid);
447 blocking_notifier_call_chain(&inetaddr_chain,
448 NETDEV_UP, promote);
449 for (ifa = next_sec; ifa;
450 ifa = rtnl_dereference(ifa->ifa_next)) {
451 if (ifa1->ifa_mask != ifa->ifa_mask ||
452 !inet_ifa_match(ifa1->ifa_address, ifa))
453 continue;
454 fib_add_ifaddr(ifa);
455 }
456
457 }
458 if (destroy)
459 inet_free_ifa(ifa1);
460 }
461
inet_del_ifa(struct in_device * in_dev,struct in_ifaddr __rcu ** ifap,int destroy)462 static void inet_del_ifa(struct in_device *in_dev,
463 struct in_ifaddr __rcu **ifap,
464 int destroy)
465 {
466 __inet_del_ifa(in_dev, ifap, destroy, NULL, 0);
467 }
468
469 static void check_lifetime(struct work_struct *work);
470
471 static DECLARE_DELAYED_WORK(check_lifetime_work, check_lifetime);
472
__inet_insert_ifa(struct in_ifaddr * ifa,struct nlmsghdr * nlh,u32 portid,struct netlink_ext_ack * extack)473 static int __inet_insert_ifa(struct in_ifaddr *ifa, struct nlmsghdr *nlh,
474 u32 portid, struct netlink_ext_ack *extack)
475 {
476 struct in_ifaddr __rcu **last_primary, **ifap;
477 struct in_device *in_dev = ifa->ifa_dev;
478 struct in_validator_info ivi;
479 struct in_ifaddr *ifa1;
480 int ret;
481
482 ASSERT_RTNL();
483
484 if (!ifa->ifa_local) {
485 inet_free_ifa(ifa);
486 return 0;
487 }
488
489 ifa->ifa_flags &= ~IFA_F_SECONDARY;
490 last_primary = &in_dev->ifa_list;
491
492 /* Don't set IPv6 only flags to IPv4 addresses */
493 ifa->ifa_flags &= ~IPV6ONLY_FLAGS;
494
495 ifap = &in_dev->ifa_list;
496 ifa1 = rtnl_dereference(*ifap);
497
498 while (ifa1) {
499 if (!(ifa1->ifa_flags & IFA_F_SECONDARY) &&
500 ifa->ifa_scope <= ifa1->ifa_scope)
501 last_primary = &ifa1->ifa_next;
502 if (ifa1->ifa_mask == ifa->ifa_mask &&
503 inet_ifa_match(ifa1->ifa_address, ifa)) {
504 if (ifa1->ifa_local == ifa->ifa_local) {
505 inet_free_ifa(ifa);
506 return -EEXIST;
507 }
508 if (ifa1->ifa_scope != ifa->ifa_scope) {
509 inet_free_ifa(ifa);
510 return -EINVAL;
511 }
512 ifa->ifa_flags |= IFA_F_SECONDARY;
513 }
514
515 ifap = &ifa1->ifa_next;
516 ifa1 = rtnl_dereference(*ifap);
517 }
518
519 /* Allow any devices that wish to register ifaddr validtors to weigh
520 * in now, before changes are committed. The rntl lock is serializing
521 * access here, so the state should not change between a validator call
522 * and a final notify on commit. This isn't invoked on promotion under
523 * the assumption that validators are checking the address itself, and
524 * not the flags.
525 */
526 ivi.ivi_addr = ifa->ifa_address;
527 ivi.ivi_dev = ifa->ifa_dev;
528 ivi.extack = extack;
529 ret = blocking_notifier_call_chain(&inetaddr_validator_chain,
530 NETDEV_UP, &ivi);
531 ret = notifier_to_errno(ret);
532 if (ret) {
533 inet_free_ifa(ifa);
534 return ret;
535 }
536
537 if (!(ifa->ifa_flags & IFA_F_SECONDARY)) {
538 prandom_seed((__force u32) ifa->ifa_local);
539 ifap = last_primary;
540 }
541
542 rcu_assign_pointer(ifa->ifa_next, *ifap);
543 rcu_assign_pointer(*ifap, ifa);
544
545 inet_hash_insert(dev_net(in_dev->dev), ifa);
546
547 cancel_delayed_work(&check_lifetime_work);
548 queue_delayed_work(system_power_efficient_wq, &check_lifetime_work, 0);
549
550 /* Send message first, then call notifier.
551 Notifier will trigger FIB update, so that
552 listeners of netlink will know about new ifaddr */
553 rtmsg_ifa(RTM_NEWADDR, ifa, nlh, portid);
554 blocking_notifier_call_chain(&inetaddr_chain, NETDEV_UP, ifa);
555
556 return 0;
557 }
558
inet_insert_ifa(struct in_ifaddr * ifa)559 static int inet_insert_ifa(struct in_ifaddr *ifa)
560 {
561 return __inet_insert_ifa(ifa, NULL, 0, NULL);
562 }
563
inet_set_ifa(struct net_device * dev,struct in_ifaddr * ifa)564 static int inet_set_ifa(struct net_device *dev, struct in_ifaddr *ifa)
565 {
566 struct in_device *in_dev = __in_dev_get_rtnl(dev);
567
568 ASSERT_RTNL();
569
570 if (!in_dev) {
571 inet_free_ifa(ifa);
572 return -ENOBUFS;
573 }
574 ipv4_devconf_setall(in_dev);
575 neigh_parms_data_state_setall(in_dev->arp_parms);
576 if (ifa->ifa_dev != in_dev) {
577 WARN_ON(ifa->ifa_dev);
578 in_dev_hold(in_dev);
579 ifa->ifa_dev = in_dev;
580 }
581 if (ipv4_is_loopback(ifa->ifa_local))
582 ifa->ifa_scope = RT_SCOPE_HOST;
583 return inet_insert_ifa(ifa);
584 }
585
586 /* Caller must hold RCU or RTNL :
587 * We dont take a reference on found in_device
588 */
inetdev_by_index(struct net * net,int ifindex)589 struct in_device *inetdev_by_index(struct net *net, int ifindex)
590 {
591 struct net_device *dev;
592 struct in_device *in_dev = NULL;
593
594 rcu_read_lock();
595 dev = dev_get_by_index_rcu(net, ifindex);
596 if (dev)
597 in_dev = rcu_dereference_rtnl(dev->ip_ptr);
598 rcu_read_unlock();
599 return in_dev;
600 }
601 EXPORT_SYMBOL(inetdev_by_index);
602
603 /* Called only from RTNL semaphored context. No locks. */
604
inet_ifa_byprefix(struct in_device * in_dev,__be32 prefix,__be32 mask)605 struct in_ifaddr *inet_ifa_byprefix(struct in_device *in_dev, __be32 prefix,
606 __be32 mask)
607 {
608 struct in_ifaddr *ifa;
609
610 ASSERT_RTNL();
611
612 in_dev_for_each_ifa_rtnl(ifa, in_dev) {
613 if (ifa->ifa_mask == mask && inet_ifa_match(prefix, ifa))
614 return ifa;
615 }
616 return NULL;
617 }
618
ip_mc_autojoin_config(struct net * net,bool join,const struct in_ifaddr * ifa)619 static int ip_mc_autojoin_config(struct net *net, bool join,
620 const struct in_ifaddr *ifa)
621 {
622 #if defined(CONFIG_IP_MULTICAST)
623 struct ip_mreqn mreq = {
624 .imr_multiaddr.s_addr = ifa->ifa_address,
625 .imr_ifindex = ifa->ifa_dev->dev->ifindex,
626 };
627 struct sock *sk = net->ipv4.mc_autojoin_sk;
628 int ret;
629
630 ASSERT_RTNL();
631
632 lock_sock(sk);
633 if (join)
634 ret = ip_mc_join_group(sk, &mreq);
635 else
636 ret = ip_mc_leave_group(sk, &mreq);
637 release_sock(sk);
638
639 return ret;
640 #else
641 return -EOPNOTSUPP;
642 #endif
643 }
644
inet_rtm_deladdr(struct sk_buff * skb,struct nlmsghdr * nlh,struct netlink_ext_ack * extack)645 static int inet_rtm_deladdr(struct sk_buff *skb, struct nlmsghdr *nlh,
646 struct netlink_ext_ack *extack)
647 {
648 struct net *net = sock_net(skb->sk);
649 struct in_ifaddr __rcu **ifap;
650 struct nlattr *tb[IFA_MAX+1];
651 struct in_device *in_dev;
652 struct ifaddrmsg *ifm;
653 struct in_ifaddr *ifa;
654
655 int err = -EINVAL;
656
657 ASSERT_RTNL();
658
659 err = nlmsg_parse_deprecated(nlh, sizeof(*ifm), tb, IFA_MAX,
660 ifa_ipv4_policy, extack);
661 if (err < 0)
662 goto errout;
663
664 ifm = nlmsg_data(nlh);
665 in_dev = inetdev_by_index(net, ifm->ifa_index);
666 if (!in_dev) {
667 err = -ENODEV;
668 goto errout;
669 }
670
671 for (ifap = &in_dev->ifa_list; (ifa = rtnl_dereference(*ifap)) != NULL;
672 ifap = &ifa->ifa_next) {
673 if (tb[IFA_LOCAL] &&
674 ifa->ifa_local != nla_get_in_addr(tb[IFA_LOCAL]))
675 continue;
676
677 if (tb[IFA_LABEL] && nla_strcmp(tb[IFA_LABEL], ifa->ifa_label))
678 continue;
679
680 if (tb[IFA_ADDRESS] &&
681 (ifm->ifa_prefixlen != ifa->ifa_prefixlen ||
682 !inet_ifa_match(nla_get_in_addr(tb[IFA_ADDRESS]), ifa)))
683 continue;
684
685 if (ipv4_is_multicast(ifa->ifa_address))
686 ip_mc_autojoin_config(net, false, ifa);
687 __inet_del_ifa(in_dev, ifap, 1, nlh, NETLINK_CB(skb).portid);
688 return 0;
689 }
690
691 err = -EADDRNOTAVAIL;
692 errout:
693 return err;
694 }
695
696 #define INFINITY_LIFE_TIME 0xFFFFFFFF
697
check_lifetime(struct work_struct * work)698 static void check_lifetime(struct work_struct *work)
699 {
700 unsigned long now, next, next_sec, next_sched;
701 struct in_ifaddr *ifa;
702 struct hlist_node *n;
703 int i;
704
705 now = jiffies;
706 next = round_jiffies_up(now + ADDR_CHECK_FREQUENCY);
707
708 for (i = 0; i < IN4_ADDR_HSIZE; i++) {
709 bool change_needed = false;
710
711 rcu_read_lock();
712 hlist_for_each_entry_rcu(ifa, &inet_addr_lst[i], hash) {
713 unsigned long age;
714
715 if (ifa->ifa_flags & IFA_F_PERMANENT)
716 continue;
717
718 /* We try to batch several events at once. */
719 age = (now - ifa->ifa_tstamp +
720 ADDRCONF_TIMER_FUZZ_MINUS) / HZ;
721
722 if (ifa->ifa_valid_lft != INFINITY_LIFE_TIME &&
723 age >= ifa->ifa_valid_lft) {
724 change_needed = true;
725 } else if (ifa->ifa_preferred_lft ==
726 INFINITY_LIFE_TIME) {
727 continue;
728 } else if (age >= ifa->ifa_preferred_lft) {
729 if (time_before(ifa->ifa_tstamp +
730 ifa->ifa_valid_lft * HZ, next))
731 next = ifa->ifa_tstamp +
732 ifa->ifa_valid_lft * HZ;
733
734 if (!(ifa->ifa_flags & IFA_F_DEPRECATED))
735 change_needed = true;
736 } else if (time_before(ifa->ifa_tstamp +
737 ifa->ifa_preferred_lft * HZ,
738 next)) {
739 next = ifa->ifa_tstamp +
740 ifa->ifa_preferred_lft * HZ;
741 }
742 }
743 rcu_read_unlock();
744 if (!change_needed)
745 continue;
746 rtnl_lock();
747 hlist_for_each_entry_safe(ifa, n, &inet_addr_lst[i], hash) {
748 unsigned long age;
749
750 if (ifa->ifa_flags & IFA_F_PERMANENT)
751 continue;
752
753 /* We try to batch several events at once. */
754 age = (now - ifa->ifa_tstamp +
755 ADDRCONF_TIMER_FUZZ_MINUS) / HZ;
756
757 if (ifa->ifa_valid_lft != INFINITY_LIFE_TIME &&
758 age >= ifa->ifa_valid_lft) {
759 struct in_ifaddr __rcu **ifap;
760 struct in_ifaddr *tmp;
761
762 ifap = &ifa->ifa_dev->ifa_list;
763 tmp = rtnl_dereference(*ifap);
764 while (tmp) {
765 if (tmp == ifa) {
766 inet_del_ifa(ifa->ifa_dev,
767 ifap, 1);
768 break;
769 }
770 ifap = &tmp->ifa_next;
771 tmp = rtnl_dereference(*ifap);
772 }
773 } else if (ifa->ifa_preferred_lft !=
774 INFINITY_LIFE_TIME &&
775 age >= ifa->ifa_preferred_lft &&
776 !(ifa->ifa_flags & IFA_F_DEPRECATED)) {
777 ifa->ifa_flags |= IFA_F_DEPRECATED;
778 rtmsg_ifa(RTM_NEWADDR, ifa, NULL, 0);
779 }
780 }
781 rtnl_unlock();
782 }
783
784 next_sec = round_jiffies_up(next);
785 next_sched = next;
786
787 /* If rounded timeout is accurate enough, accept it. */
788 if (time_before(next_sec, next + ADDRCONF_TIMER_FUZZ))
789 next_sched = next_sec;
790
791 now = jiffies;
792 /* And minimum interval is ADDRCONF_TIMER_FUZZ_MAX. */
793 if (time_before(next_sched, now + ADDRCONF_TIMER_FUZZ_MAX))
794 next_sched = now + ADDRCONF_TIMER_FUZZ_MAX;
795
796 queue_delayed_work(system_power_efficient_wq, &check_lifetime_work,
797 next_sched - now);
798 }
799
set_ifa_lifetime(struct in_ifaddr * ifa,__u32 valid_lft,__u32 prefered_lft)800 static void set_ifa_lifetime(struct in_ifaddr *ifa, __u32 valid_lft,
801 __u32 prefered_lft)
802 {
803 unsigned long timeout;
804
805 ifa->ifa_flags &= ~(IFA_F_PERMANENT | IFA_F_DEPRECATED);
806
807 timeout = addrconf_timeout_fixup(valid_lft, HZ);
808 if (addrconf_finite_timeout(timeout))
809 ifa->ifa_valid_lft = timeout;
810 else
811 ifa->ifa_flags |= IFA_F_PERMANENT;
812
813 timeout = addrconf_timeout_fixup(prefered_lft, HZ);
814 if (addrconf_finite_timeout(timeout)) {
815 if (timeout == 0)
816 ifa->ifa_flags |= IFA_F_DEPRECATED;
817 ifa->ifa_preferred_lft = timeout;
818 }
819 ifa->ifa_tstamp = jiffies;
820 if (!ifa->ifa_cstamp)
821 ifa->ifa_cstamp = ifa->ifa_tstamp;
822 }
823
rtm_to_ifaddr(struct net * net,struct nlmsghdr * nlh,__u32 * pvalid_lft,__u32 * pprefered_lft,struct netlink_ext_ack * extack)824 static struct in_ifaddr *rtm_to_ifaddr(struct net *net, struct nlmsghdr *nlh,
825 __u32 *pvalid_lft, __u32 *pprefered_lft,
826 struct netlink_ext_ack *extack)
827 {
828 struct nlattr *tb[IFA_MAX+1];
829 struct in_ifaddr *ifa;
830 struct ifaddrmsg *ifm;
831 struct net_device *dev;
832 struct in_device *in_dev;
833 int err;
834
835 err = nlmsg_parse_deprecated(nlh, sizeof(*ifm), tb, IFA_MAX,
836 ifa_ipv4_policy, extack);
837 if (err < 0)
838 goto errout;
839
840 ifm = nlmsg_data(nlh);
841 err = -EINVAL;
842 if (ifm->ifa_prefixlen > 32 || !tb[IFA_LOCAL])
843 goto errout;
844
845 dev = __dev_get_by_index(net, ifm->ifa_index);
846 err = -ENODEV;
847 if (!dev)
848 goto errout;
849
850 in_dev = __in_dev_get_rtnl(dev);
851 err = -ENOBUFS;
852 if (!in_dev)
853 goto errout;
854
855 ifa = inet_alloc_ifa();
856 if (!ifa)
857 /*
858 * A potential indev allocation can be left alive, it stays
859 * assigned to its device and is destroy with it.
860 */
861 goto errout;
862
863 ipv4_devconf_setall(in_dev);
864 neigh_parms_data_state_setall(in_dev->arp_parms);
865 in_dev_hold(in_dev);
866
867 if (!tb[IFA_ADDRESS])
868 tb[IFA_ADDRESS] = tb[IFA_LOCAL];
869
870 INIT_HLIST_NODE(&ifa->hash);
871 ifa->ifa_prefixlen = ifm->ifa_prefixlen;
872 ifa->ifa_mask = inet_make_mask(ifm->ifa_prefixlen);
873 ifa->ifa_flags = tb[IFA_FLAGS] ? nla_get_u32(tb[IFA_FLAGS]) :
874 ifm->ifa_flags;
875 ifa->ifa_scope = ifm->ifa_scope;
876 ifa->ifa_dev = in_dev;
877
878 ifa->ifa_local = nla_get_in_addr(tb[IFA_LOCAL]);
879 ifa->ifa_address = nla_get_in_addr(tb[IFA_ADDRESS]);
880
881 if (tb[IFA_BROADCAST])
882 ifa->ifa_broadcast = nla_get_in_addr(tb[IFA_BROADCAST]);
883
884 if (tb[IFA_LABEL])
885 nla_strlcpy(ifa->ifa_label, tb[IFA_LABEL], IFNAMSIZ);
886 else
887 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
888
889 if (tb[IFA_RT_PRIORITY])
890 ifa->ifa_rt_priority = nla_get_u32(tb[IFA_RT_PRIORITY]);
891
892 if (tb[IFA_CACHEINFO]) {
893 struct ifa_cacheinfo *ci;
894
895 ci = nla_data(tb[IFA_CACHEINFO]);
896 if (!ci->ifa_valid || ci->ifa_prefered > ci->ifa_valid) {
897 err = -EINVAL;
898 goto errout_free;
899 }
900 *pvalid_lft = ci->ifa_valid;
901 *pprefered_lft = ci->ifa_prefered;
902 }
903
904 return ifa;
905
906 errout_free:
907 inet_free_ifa(ifa);
908 errout:
909 return ERR_PTR(err);
910 }
911
find_matching_ifa(struct in_ifaddr * ifa)912 static struct in_ifaddr *find_matching_ifa(struct in_ifaddr *ifa)
913 {
914 struct in_device *in_dev = ifa->ifa_dev;
915 struct in_ifaddr *ifa1;
916
917 if (!ifa->ifa_local)
918 return NULL;
919
920 in_dev_for_each_ifa_rtnl(ifa1, in_dev) {
921 if (ifa1->ifa_mask == ifa->ifa_mask &&
922 inet_ifa_match(ifa1->ifa_address, ifa) &&
923 ifa1->ifa_local == ifa->ifa_local)
924 return ifa1;
925 }
926 return NULL;
927 }
928
inet_rtm_newaddr(struct sk_buff * skb,struct nlmsghdr * nlh,struct netlink_ext_ack * extack)929 static int inet_rtm_newaddr(struct sk_buff *skb, struct nlmsghdr *nlh,
930 struct netlink_ext_ack *extack)
931 {
932 struct net *net = sock_net(skb->sk);
933 struct in_ifaddr *ifa;
934 struct in_ifaddr *ifa_existing;
935 __u32 valid_lft = INFINITY_LIFE_TIME;
936 __u32 prefered_lft = INFINITY_LIFE_TIME;
937
938 ASSERT_RTNL();
939
940 ifa = rtm_to_ifaddr(net, nlh, &valid_lft, &prefered_lft, extack);
941 if (IS_ERR(ifa))
942 return PTR_ERR(ifa);
943
944 ifa_existing = find_matching_ifa(ifa);
945 if (!ifa_existing) {
946 /* It would be best to check for !NLM_F_CREATE here but
947 * userspace already relies on not having to provide this.
948 */
949 set_ifa_lifetime(ifa, valid_lft, prefered_lft);
950 if (ifa->ifa_flags & IFA_F_MCAUTOJOIN) {
951 int ret = ip_mc_autojoin_config(net, true, ifa);
952
953 if (ret < 0) {
954 inet_free_ifa(ifa);
955 return ret;
956 }
957 }
958 return __inet_insert_ifa(ifa, nlh, NETLINK_CB(skb).portid,
959 extack);
960 } else {
961 u32 new_metric = ifa->ifa_rt_priority;
962
963 inet_free_ifa(ifa);
964
965 if (nlh->nlmsg_flags & NLM_F_EXCL ||
966 !(nlh->nlmsg_flags & NLM_F_REPLACE))
967 return -EEXIST;
968 ifa = ifa_existing;
969
970 if (ifa->ifa_rt_priority != new_metric) {
971 fib_modify_prefix_metric(ifa, new_metric);
972 ifa->ifa_rt_priority = new_metric;
973 }
974
975 set_ifa_lifetime(ifa, valid_lft, prefered_lft);
976 cancel_delayed_work(&check_lifetime_work);
977 queue_delayed_work(system_power_efficient_wq,
978 &check_lifetime_work, 0);
979 rtmsg_ifa(RTM_NEWADDR, ifa, nlh, NETLINK_CB(skb).portid);
980 }
981 return 0;
982 }
983
984 /*
985 * Determine a default network mask, based on the IP address.
986 */
987
inet_abc_len(__be32 addr)988 static int inet_abc_len(__be32 addr)
989 {
990 int rc = -1; /* Something else, probably a multicast. */
991
992 if (ipv4_is_zeronet(addr) || ipv4_is_lbcast(addr))
993 rc = 0;
994 else {
995 __u32 haddr = ntohl(addr);
996 if (IN_CLASSA(haddr))
997 rc = 8;
998 else if (IN_CLASSB(haddr))
999 rc = 16;
1000 else if (IN_CLASSC(haddr))
1001 rc = 24;
1002 else if (IN_CLASSE(haddr))
1003 rc = 32;
1004 }
1005
1006 return rc;
1007 }
1008
1009
devinet_ioctl(struct net * net,unsigned int cmd,struct ifreq * ifr)1010 int devinet_ioctl(struct net *net, unsigned int cmd, struct ifreq *ifr)
1011 {
1012 struct sockaddr_in sin_orig;
1013 struct sockaddr_in *sin = (struct sockaddr_in *)&ifr->ifr_addr;
1014 struct in_ifaddr __rcu **ifap = NULL;
1015 struct in_device *in_dev;
1016 struct in_ifaddr *ifa = NULL;
1017 struct net_device *dev;
1018 char *colon;
1019 int ret = -EFAULT;
1020 int tryaddrmatch = 0;
1021
1022 ifr->ifr_name[IFNAMSIZ - 1] = 0;
1023
1024 /* save original address for comparison */
1025 memcpy(&sin_orig, sin, sizeof(*sin));
1026
1027 colon = strchr(ifr->ifr_name, ':');
1028 if (colon)
1029 *colon = 0;
1030
1031 dev_load(net, ifr->ifr_name);
1032
1033 switch (cmd) {
1034 case SIOCGIFADDR: /* Get interface address */
1035 case SIOCGIFBRDADDR: /* Get the broadcast address */
1036 case SIOCGIFDSTADDR: /* Get the destination address */
1037 case SIOCGIFNETMASK: /* Get the netmask for the interface */
1038 /* Note that these ioctls will not sleep,
1039 so that we do not impose a lock.
1040 One day we will be forced to put shlock here (I mean SMP)
1041 */
1042 tryaddrmatch = (sin_orig.sin_family == AF_INET);
1043 memset(sin, 0, sizeof(*sin));
1044 sin->sin_family = AF_INET;
1045 break;
1046
1047 case SIOCSIFFLAGS:
1048 ret = -EPERM;
1049 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
1050 goto out;
1051 break;
1052 case SIOCSIFADDR: /* Set interface address (and family) */
1053 case SIOCSIFBRDADDR: /* Set the broadcast address */
1054 case SIOCSIFDSTADDR: /* Set the destination address */
1055 case SIOCSIFNETMASK: /* Set the netmask for the interface */
1056 ret = -EPERM;
1057 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
1058 goto out;
1059 ret = -EINVAL;
1060 if (sin->sin_family != AF_INET)
1061 goto out;
1062 break;
1063 default:
1064 ret = -EINVAL;
1065 goto out;
1066 }
1067
1068 rtnl_lock();
1069
1070 ret = -ENODEV;
1071 dev = __dev_get_by_name(net, ifr->ifr_name);
1072 if (!dev)
1073 goto done;
1074
1075 if (colon)
1076 *colon = ':';
1077
1078 in_dev = __in_dev_get_rtnl(dev);
1079 if (in_dev) {
1080 if (tryaddrmatch) {
1081 /* Matthias Andree */
1082 /* compare label and address (4.4BSD style) */
1083 /* note: we only do this for a limited set of ioctls
1084 and only if the original address family was AF_INET.
1085 This is checked above. */
1086
1087 for (ifap = &in_dev->ifa_list;
1088 (ifa = rtnl_dereference(*ifap)) != NULL;
1089 ifap = &ifa->ifa_next) {
1090 if (!strcmp(ifr->ifr_name, ifa->ifa_label) &&
1091 sin_orig.sin_addr.s_addr ==
1092 ifa->ifa_local) {
1093 break; /* found */
1094 }
1095 }
1096 }
1097 /* we didn't get a match, maybe the application is
1098 4.3BSD-style and passed in junk so we fall back to
1099 comparing just the label */
1100 if (!ifa) {
1101 for (ifap = &in_dev->ifa_list;
1102 (ifa = rtnl_dereference(*ifap)) != NULL;
1103 ifap = &ifa->ifa_next)
1104 if (!strcmp(ifr->ifr_name, ifa->ifa_label))
1105 break;
1106 }
1107 }
1108
1109 ret = -EADDRNOTAVAIL;
1110 if (!ifa && cmd != SIOCSIFADDR && cmd != SIOCSIFFLAGS)
1111 goto done;
1112
1113 switch (cmd) {
1114 case SIOCGIFADDR: /* Get interface address */
1115 ret = 0;
1116 sin->sin_addr.s_addr = ifa->ifa_local;
1117 break;
1118
1119 case SIOCGIFBRDADDR: /* Get the broadcast address */
1120 ret = 0;
1121 sin->sin_addr.s_addr = ifa->ifa_broadcast;
1122 break;
1123
1124 case SIOCGIFDSTADDR: /* Get the destination address */
1125 ret = 0;
1126 sin->sin_addr.s_addr = ifa->ifa_address;
1127 break;
1128
1129 case SIOCGIFNETMASK: /* Get the netmask for the interface */
1130 ret = 0;
1131 sin->sin_addr.s_addr = ifa->ifa_mask;
1132 break;
1133
1134 case SIOCSIFFLAGS:
1135 if (colon) {
1136 ret = -EADDRNOTAVAIL;
1137 if (!ifa)
1138 break;
1139 ret = 0;
1140 if (!(ifr->ifr_flags & IFF_UP))
1141 inet_del_ifa(in_dev, ifap, 1);
1142 break;
1143 }
1144 ret = dev_change_flags(dev, ifr->ifr_flags, NULL);
1145 break;
1146
1147 case SIOCSIFADDR: /* Set interface address (and family) */
1148 ret = -EINVAL;
1149 if (inet_abc_len(sin->sin_addr.s_addr) < 0)
1150 break;
1151
1152 if (!ifa) {
1153 ret = -ENOBUFS;
1154 ifa = inet_alloc_ifa();
1155 if (!ifa)
1156 break;
1157 INIT_HLIST_NODE(&ifa->hash);
1158 if (colon)
1159 memcpy(ifa->ifa_label, ifr->ifr_name, IFNAMSIZ);
1160 else
1161 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
1162 } else {
1163 ret = 0;
1164 if (ifa->ifa_local == sin->sin_addr.s_addr)
1165 break;
1166 inet_del_ifa(in_dev, ifap, 0);
1167 ifa->ifa_broadcast = 0;
1168 ifa->ifa_scope = 0;
1169 }
1170
1171 ifa->ifa_address = ifa->ifa_local = sin->sin_addr.s_addr;
1172
1173 if (!(dev->flags & IFF_POINTOPOINT)) {
1174 ifa->ifa_prefixlen = inet_abc_len(ifa->ifa_address);
1175 ifa->ifa_mask = inet_make_mask(ifa->ifa_prefixlen);
1176 if ((dev->flags & IFF_BROADCAST) &&
1177 ifa->ifa_prefixlen < 31)
1178 ifa->ifa_broadcast = ifa->ifa_address |
1179 ~ifa->ifa_mask;
1180 } else {
1181 ifa->ifa_prefixlen = 32;
1182 ifa->ifa_mask = inet_make_mask(32);
1183 }
1184 set_ifa_lifetime(ifa, INFINITY_LIFE_TIME, INFINITY_LIFE_TIME);
1185 ret = inet_set_ifa(dev, ifa);
1186 break;
1187
1188 case SIOCSIFBRDADDR: /* Set the broadcast address */
1189 ret = 0;
1190 if (ifa->ifa_broadcast != sin->sin_addr.s_addr) {
1191 inet_del_ifa(in_dev, ifap, 0);
1192 ifa->ifa_broadcast = sin->sin_addr.s_addr;
1193 inet_insert_ifa(ifa);
1194 }
1195 break;
1196
1197 case SIOCSIFDSTADDR: /* Set the destination address */
1198 ret = 0;
1199 if (ifa->ifa_address == sin->sin_addr.s_addr)
1200 break;
1201 ret = -EINVAL;
1202 if (inet_abc_len(sin->sin_addr.s_addr) < 0)
1203 break;
1204 ret = 0;
1205 inet_del_ifa(in_dev, ifap, 0);
1206 ifa->ifa_address = sin->sin_addr.s_addr;
1207 inet_insert_ifa(ifa);
1208 break;
1209
1210 case SIOCSIFNETMASK: /* Set the netmask for the interface */
1211
1212 /*
1213 * The mask we set must be legal.
1214 */
1215 ret = -EINVAL;
1216 if (bad_mask(sin->sin_addr.s_addr, 0))
1217 break;
1218 ret = 0;
1219 if (ifa->ifa_mask != sin->sin_addr.s_addr) {
1220 __be32 old_mask = ifa->ifa_mask;
1221 inet_del_ifa(in_dev, ifap, 0);
1222 ifa->ifa_mask = sin->sin_addr.s_addr;
1223 ifa->ifa_prefixlen = inet_mask_len(ifa->ifa_mask);
1224
1225 /* See if current broadcast address matches
1226 * with current netmask, then recalculate
1227 * the broadcast address. Otherwise it's a
1228 * funny address, so don't touch it since
1229 * the user seems to know what (s)he's doing...
1230 */
1231 if ((dev->flags & IFF_BROADCAST) &&
1232 (ifa->ifa_prefixlen < 31) &&
1233 (ifa->ifa_broadcast ==
1234 (ifa->ifa_local|~old_mask))) {
1235 ifa->ifa_broadcast = (ifa->ifa_local |
1236 ~sin->sin_addr.s_addr);
1237 }
1238 inet_insert_ifa(ifa);
1239 }
1240 break;
1241 }
1242 done:
1243 rtnl_unlock();
1244 out:
1245 return ret;
1246 }
1247
inet_gifconf(struct net_device * dev,char __user * buf,int len,int size)1248 int inet_gifconf(struct net_device *dev, char __user *buf, int len, int size)
1249 {
1250 struct in_device *in_dev = __in_dev_get_rtnl(dev);
1251 const struct in_ifaddr *ifa;
1252 struct ifreq ifr;
1253 int done = 0;
1254
1255 if (WARN_ON(size > sizeof(struct ifreq)))
1256 goto out;
1257
1258 if (!in_dev)
1259 goto out;
1260
1261 in_dev_for_each_ifa_rtnl(ifa, in_dev) {
1262 if (!buf) {
1263 done += size;
1264 continue;
1265 }
1266 if (len < size)
1267 break;
1268 memset(&ifr, 0, sizeof(struct ifreq));
1269 strcpy(ifr.ifr_name, ifa->ifa_label);
1270
1271 (*(struct sockaddr_in *)&ifr.ifr_addr).sin_family = AF_INET;
1272 (*(struct sockaddr_in *)&ifr.ifr_addr).sin_addr.s_addr =
1273 ifa->ifa_local;
1274
1275 if (copy_to_user(buf + done, &ifr, size)) {
1276 done = -EFAULT;
1277 break;
1278 }
1279 len -= size;
1280 done += size;
1281 }
1282 CALL_HCK_LITE_HOOK(nip_ninet_gifconf_lhck, dev, buf, len, size, &done);
1283 out:
1284 return done;
1285 }
1286
in_dev_select_addr(const struct in_device * in_dev,int scope)1287 static __be32 in_dev_select_addr(const struct in_device *in_dev,
1288 int scope)
1289 {
1290 const struct in_ifaddr *ifa;
1291
1292 in_dev_for_each_ifa_rcu(ifa, in_dev) {
1293 if (ifa->ifa_flags & IFA_F_SECONDARY)
1294 continue;
1295 if (ifa->ifa_scope != RT_SCOPE_LINK &&
1296 ifa->ifa_scope <= scope)
1297 return ifa->ifa_local;
1298 }
1299
1300 return 0;
1301 }
1302
inet_select_addr(const struct net_device * dev,__be32 dst,int scope)1303 __be32 inet_select_addr(const struct net_device *dev, __be32 dst, int scope)
1304 {
1305 const struct in_ifaddr *ifa;
1306 __be32 addr = 0;
1307 unsigned char localnet_scope = RT_SCOPE_HOST;
1308 struct in_device *in_dev;
1309 struct net *net = dev_net(dev);
1310 int master_idx;
1311
1312 rcu_read_lock();
1313 in_dev = __in_dev_get_rcu(dev);
1314 if (!in_dev)
1315 goto no_in_dev;
1316
1317 if (unlikely(IN_DEV_ROUTE_LOCALNET(in_dev)))
1318 localnet_scope = RT_SCOPE_LINK;
1319
1320 in_dev_for_each_ifa_rcu(ifa, in_dev) {
1321 if (ifa->ifa_flags & IFA_F_SECONDARY)
1322 continue;
1323 if (min(ifa->ifa_scope, localnet_scope) > scope)
1324 continue;
1325 if (!dst || inet_ifa_match(dst, ifa)) {
1326 addr = ifa->ifa_local;
1327 break;
1328 }
1329 if (!addr)
1330 addr = ifa->ifa_local;
1331 }
1332
1333 if (addr)
1334 goto out_unlock;
1335 no_in_dev:
1336 master_idx = l3mdev_master_ifindex_rcu(dev);
1337
1338 /* For VRFs, the VRF device takes the place of the loopback device,
1339 * with addresses on it being preferred. Note in such cases the
1340 * loopback device will be among the devices that fail the master_idx
1341 * equality check in the loop below.
1342 */
1343 if (master_idx &&
1344 (dev = dev_get_by_index_rcu(net, master_idx)) &&
1345 (in_dev = __in_dev_get_rcu(dev))) {
1346 addr = in_dev_select_addr(in_dev, scope);
1347 if (addr)
1348 goto out_unlock;
1349 }
1350
1351 /* Not loopback addresses on loopback should be preferred
1352 in this case. It is important that lo is the first interface
1353 in dev_base list.
1354 */
1355 for_each_netdev_rcu(net, dev) {
1356 if (l3mdev_master_ifindex_rcu(dev) != master_idx)
1357 continue;
1358
1359 in_dev = __in_dev_get_rcu(dev);
1360 if (!in_dev)
1361 continue;
1362
1363 addr = in_dev_select_addr(in_dev, scope);
1364 if (addr)
1365 goto out_unlock;
1366 }
1367 out_unlock:
1368 rcu_read_unlock();
1369 return addr;
1370 }
1371 EXPORT_SYMBOL(inet_select_addr);
1372
confirm_addr_indev(struct in_device * in_dev,__be32 dst,__be32 local,int scope)1373 static __be32 confirm_addr_indev(struct in_device *in_dev, __be32 dst,
1374 __be32 local, int scope)
1375 {
1376 unsigned char localnet_scope = RT_SCOPE_HOST;
1377 const struct in_ifaddr *ifa;
1378 __be32 addr = 0;
1379 int same = 0;
1380
1381 if (unlikely(IN_DEV_ROUTE_LOCALNET(in_dev)))
1382 localnet_scope = RT_SCOPE_LINK;
1383
1384 in_dev_for_each_ifa_rcu(ifa, in_dev) {
1385 unsigned char min_scope = min(ifa->ifa_scope, localnet_scope);
1386
1387 if (!addr &&
1388 (local == ifa->ifa_local || !local) &&
1389 min_scope <= scope) {
1390 addr = ifa->ifa_local;
1391 if (same)
1392 break;
1393 }
1394 if (!same) {
1395 same = (!local || inet_ifa_match(local, ifa)) &&
1396 (!dst || inet_ifa_match(dst, ifa));
1397 if (same && addr) {
1398 if (local || !dst)
1399 break;
1400 /* Is the selected addr into dst subnet? */
1401 if (inet_ifa_match(addr, ifa))
1402 break;
1403 /* No, then can we use new local src? */
1404 if (min_scope <= scope) {
1405 addr = ifa->ifa_local;
1406 break;
1407 }
1408 /* search for large dst subnet for addr */
1409 same = 0;
1410 }
1411 }
1412 }
1413
1414 return same ? addr : 0;
1415 }
1416
1417 /*
1418 * Confirm that local IP address exists using wildcards:
1419 * - net: netns to check, cannot be NULL
1420 * - in_dev: only on this interface, NULL=any interface
1421 * - dst: only in the same subnet as dst, 0=any dst
1422 * - local: address, 0=autoselect the local address
1423 * - scope: maximum allowed scope value for the local address
1424 */
inet_confirm_addr(struct net * net,struct in_device * in_dev,__be32 dst,__be32 local,int scope)1425 __be32 inet_confirm_addr(struct net *net, struct in_device *in_dev,
1426 __be32 dst, __be32 local, int scope)
1427 {
1428 __be32 addr = 0;
1429 struct net_device *dev;
1430
1431 if (in_dev)
1432 return confirm_addr_indev(in_dev, dst, local, scope);
1433
1434 rcu_read_lock();
1435 for_each_netdev_rcu(net, dev) {
1436 in_dev = __in_dev_get_rcu(dev);
1437 if (in_dev) {
1438 addr = confirm_addr_indev(in_dev, dst, local, scope);
1439 if (addr)
1440 break;
1441 }
1442 }
1443 rcu_read_unlock();
1444
1445 return addr;
1446 }
1447 EXPORT_SYMBOL(inet_confirm_addr);
1448
1449 /*
1450 * Device notifier
1451 */
1452
register_inetaddr_notifier(struct notifier_block * nb)1453 int register_inetaddr_notifier(struct notifier_block *nb)
1454 {
1455 return blocking_notifier_chain_register(&inetaddr_chain, nb);
1456 }
1457 EXPORT_SYMBOL(register_inetaddr_notifier);
1458
unregister_inetaddr_notifier(struct notifier_block * nb)1459 int unregister_inetaddr_notifier(struct notifier_block *nb)
1460 {
1461 return blocking_notifier_chain_unregister(&inetaddr_chain, nb);
1462 }
1463 EXPORT_SYMBOL(unregister_inetaddr_notifier);
1464
register_inetaddr_validator_notifier(struct notifier_block * nb)1465 int register_inetaddr_validator_notifier(struct notifier_block *nb)
1466 {
1467 return blocking_notifier_chain_register(&inetaddr_validator_chain, nb);
1468 }
1469 EXPORT_SYMBOL(register_inetaddr_validator_notifier);
1470
unregister_inetaddr_validator_notifier(struct notifier_block * nb)1471 int unregister_inetaddr_validator_notifier(struct notifier_block *nb)
1472 {
1473 return blocking_notifier_chain_unregister(&inetaddr_validator_chain,
1474 nb);
1475 }
1476 EXPORT_SYMBOL(unregister_inetaddr_validator_notifier);
1477
1478 /* Rename ifa_labels for a device name change. Make some effort to preserve
1479 * existing alias numbering and to create unique labels if possible.
1480 */
inetdev_changename(struct net_device * dev,struct in_device * in_dev)1481 static void inetdev_changename(struct net_device *dev, struct in_device *in_dev)
1482 {
1483 struct in_ifaddr *ifa;
1484 int named = 0;
1485
1486 in_dev_for_each_ifa_rtnl(ifa, in_dev) {
1487 char old[IFNAMSIZ], *dot;
1488
1489 memcpy(old, ifa->ifa_label, IFNAMSIZ);
1490 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
1491 if (named++ == 0)
1492 goto skip;
1493 dot = strchr(old, ':');
1494 if (!dot) {
1495 sprintf(old, ":%d", named);
1496 dot = old;
1497 }
1498 if (strlen(dot) + strlen(dev->name) < IFNAMSIZ)
1499 strcat(ifa->ifa_label, dot);
1500 else
1501 strcpy(ifa->ifa_label + (IFNAMSIZ - strlen(dot) - 1), dot);
1502 skip:
1503 rtmsg_ifa(RTM_NEWADDR, ifa, NULL, 0);
1504 }
1505 }
1506
inetdev_send_gratuitous_arp(struct net_device * dev,struct in_device * in_dev)1507 static void inetdev_send_gratuitous_arp(struct net_device *dev,
1508 struct in_device *in_dev)
1509
1510 {
1511 const struct in_ifaddr *ifa;
1512
1513 in_dev_for_each_ifa_rtnl(ifa, in_dev) {
1514 arp_send(ARPOP_REQUEST, ETH_P_ARP,
1515 ifa->ifa_local, dev,
1516 ifa->ifa_local, NULL,
1517 dev->dev_addr, NULL);
1518 }
1519 }
1520
1521 /* Called only under RTNL semaphore */
1522
inetdev_event(struct notifier_block * this,unsigned long event,void * ptr)1523 static int inetdev_event(struct notifier_block *this, unsigned long event,
1524 void *ptr)
1525 {
1526 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
1527 struct in_device *in_dev = __in_dev_get_rtnl(dev);
1528
1529 ASSERT_RTNL();
1530
1531 if (!in_dev) {
1532 if (event == NETDEV_REGISTER) {
1533 in_dev = inetdev_init(dev);
1534 if (IS_ERR(in_dev))
1535 return notifier_from_errno(PTR_ERR(in_dev));
1536 if (dev->flags & IFF_LOOPBACK) {
1537 IN_DEV_CONF_SET(in_dev, NOXFRM, 1);
1538 IN_DEV_CONF_SET(in_dev, NOPOLICY, 1);
1539 }
1540 } else if (event == NETDEV_CHANGEMTU) {
1541 /* Re-enabling IP */
1542 if (inetdev_valid_mtu(dev->mtu))
1543 in_dev = inetdev_init(dev);
1544 }
1545 goto out;
1546 }
1547
1548 switch (event) {
1549 case NETDEV_REGISTER:
1550 pr_debug("%s: bug\n", __func__);
1551 RCU_INIT_POINTER(dev->ip_ptr, NULL);
1552 break;
1553 case NETDEV_UP:
1554 if (!inetdev_valid_mtu(dev->mtu))
1555 break;
1556 if (dev->flags & IFF_LOOPBACK) {
1557 struct in_ifaddr *ifa = inet_alloc_ifa();
1558
1559 if (ifa) {
1560 INIT_HLIST_NODE(&ifa->hash);
1561 ifa->ifa_local =
1562 ifa->ifa_address = htonl(INADDR_LOOPBACK);
1563 ifa->ifa_prefixlen = 8;
1564 ifa->ifa_mask = inet_make_mask(8);
1565 in_dev_hold(in_dev);
1566 ifa->ifa_dev = in_dev;
1567 ifa->ifa_scope = RT_SCOPE_HOST;
1568 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
1569 set_ifa_lifetime(ifa, INFINITY_LIFE_TIME,
1570 INFINITY_LIFE_TIME);
1571 ipv4_devconf_setall(in_dev);
1572 neigh_parms_data_state_setall(in_dev->arp_parms);
1573 inet_insert_ifa(ifa);
1574 }
1575 }
1576 ip_mc_up(in_dev);
1577 fallthrough;
1578 case NETDEV_CHANGEADDR:
1579 if (!IN_DEV_ARP_NOTIFY(in_dev))
1580 break;
1581 fallthrough;
1582 case NETDEV_NOTIFY_PEERS:
1583 /* Send gratuitous ARP to notify of link change */
1584 inetdev_send_gratuitous_arp(dev, in_dev);
1585 break;
1586 case NETDEV_DOWN:
1587 ip_mc_down(in_dev);
1588 break;
1589 case NETDEV_PRE_TYPE_CHANGE:
1590 ip_mc_unmap(in_dev);
1591 break;
1592 case NETDEV_POST_TYPE_CHANGE:
1593 ip_mc_remap(in_dev);
1594 break;
1595 case NETDEV_CHANGEMTU:
1596 if (inetdev_valid_mtu(dev->mtu))
1597 break;
1598 /* disable IP when MTU is not enough */
1599 fallthrough;
1600 case NETDEV_UNREGISTER:
1601 inetdev_destroy(in_dev);
1602 break;
1603 case NETDEV_CHANGENAME:
1604 /* Do not notify about label change, this event is
1605 * not interesting to applications using netlink.
1606 */
1607 inetdev_changename(dev, in_dev);
1608
1609 devinet_sysctl_unregister(in_dev);
1610 devinet_sysctl_register(in_dev);
1611 break;
1612 }
1613 out:
1614 return NOTIFY_DONE;
1615 }
1616
1617 static struct notifier_block ip_netdev_notifier = {
1618 .notifier_call = inetdev_event,
1619 };
1620
inet_nlmsg_size(void)1621 static size_t inet_nlmsg_size(void)
1622 {
1623 return NLMSG_ALIGN(sizeof(struct ifaddrmsg))
1624 + nla_total_size(4) /* IFA_ADDRESS */
1625 + nla_total_size(4) /* IFA_LOCAL */
1626 + nla_total_size(4) /* IFA_BROADCAST */
1627 + nla_total_size(IFNAMSIZ) /* IFA_LABEL */
1628 + nla_total_size(4) /* IFA_FLAGS */
1629 + nla_total_size(4) /* IFA_RT_PRIORITY */
1630 + nla_total_size(sizeof(struct ifa_cacheinfo)); /* IFA_CACHEINFO */
1631 }
1632
cstamp_delta(unsigned long cstamp)1633 static inline u32 cstamp_delta(unsigned long cstamp)
1634 {
1635 return (cstamp - INITIAL_JIFFIES) * 100UL / HZ;
1636 }
1637
put_cacheinfo(struct sk_buff * skb,unsigned long cstamp,unsigned long tstamp,u32 preferred,u32 valid)1638 static int put_cacheinfo(struct sk_buff *skb, unsigned long cstamp,
1639 unsigned long tstamp, u32 preferred, u32 valid)
1640 {
1641 struct ifa_cacheinfo ci;
1642
1643 ci.cstamp = cstamp_delta(cstamp);
1644 ci.tstamp = cstamp_delta(tstamp);
1645 ci.ifa_prefered = preferred;
1646 ci.ifa_valid = valid;
1647
1648 return nla_put(skb, IFA_CACHEINFO, sizeof(ci), &ci);
1649 }
1650
inet_fill_ifaddr(struct sk_buff * skb,struct in_ifaddr * ifa,struct inet_fill_args * args)1651 static int inet_fill_ifaddr(struct sk_buff *skb, struct in_ifaddr *ifa,
1652 struct inet_fill_args *args)
1653 {
1654 struct ifaddrmsg *ifm;
1655 struct nlmsghdr *nlh;
1656 u32 preferred, valid;
1657
1658 nlh = nlmsg_put(skb, args->portid, args->seq, args->event, sizeof(*ifm),
1659 args->flags);
1660 if (!nlh)
1661 return -EMSGSIZE;
1662
1663 ifm = nlmsg_data(nlh);
1664 ifm->ifa_family = AF_INET;
1665 ifm->ifa_prefixlen = ifa->ifa_prefixlen;
1666 ifm->ifa_flags = ifa->ifa_flags;
1667 ifm->ifa_scope = ifa->ifa_scope;
1668 ifm->ifa_index = ifa->ifa_dev->dev->ifindex;
1669
1670 if (args->netnsid >= 0 &&
1671 nla_put_s32(skb, IFA_TARGET_NETNSID, args->netnsid))
1672 goto nla_put_failure;
1673
1674 if (!(ifm->ifa_flags & IFA_F_PERMANENT)) {
1675 preferred = ifa->ifa_preferred_lft;
1676 valid = ifa->ifa_valid_lft;
1677 if (preferred != INFINITY_LIFE_TIME) {
1678 long tval = (jiffies - ifa->ifa_tstamp) / HZ;
1679
1680 if (preferred > tval)
1681 preferred -= tval;
1682 else
1683 preferred = 0;
1684 if (valid != INFINITY_LIFE_TIME) {
1685 if (valid > tval)
1686 valid -= tval;
1687 else
1688 valid = 0;
1689 }
1690 }
1691 } else {
1692 preferred = INFINITY_LIFE_TIME;
1693 valid = INFINITY_LIFE_TIME;
1694 }
1695 if ((ifa->ifa_address &&
1696 nla_put_in_addr(skb, IFA_ADDRESS, ifa->ifa_address)) ||
1697 (ifa->ifa_local &&
1698 nla_put_in_addr(skb, IFA_LOCAL, ifa->ifa_local)) ||
1699 (ifa->ifa_broadcast &&
1700 nla_put_in_addr(skb, IFA_BROADCAST, ifa->ifa_broadcast)) ||
1701 (ifa->ifa_label[0] &&
1702 nla_put_string(skb, IFA_LABEL, ifa->ifa_label)) ||
1703 nla_put_u32(skb, IFA_FLAGS, ifa->ifa_flags) ||
1704 (ifa->ifa_rt_priority &&
1705 nla_put_u32(skb, IFA_RT_PRIORITY, ifa->ifa_rt_priority)) ||
1706 put_cacheinfo(skb, ifa->ifa_cstamp, ifa->ifa_tstamp,
1707 preferred, valid))
1708 goto nla_put_failure;
1709
1710 nlmsg_end(skb, nlh);
1711 return 0;
1712
1713 nla_put_failure:
1714 nlmsg_cancel(skb, nlh);
1715 return -EMSGSIZE;
1716 }
1717
inet_valid_dump_ifaddr_req(const struct nlmsghdr * nlh,struct inet_fill_args * fillargs,struct net ** tgt_net,struct sock * sk,struct netlink_callback * cb)1718 static int inet_valid_dump_ifaddr_req(const struct nlmsghdr *nlh,
1719 struct inet_fill_args *fillargs,
1720 struct net **tgt_net, struct sock *sk,
1721 struct netlink_callback *cb)
1722 {
1723 struct netlink_ext_ack *extack = cb->extack;
1724 struct nlattr *tb[IFA_MAX+1];
1725 struct ifaddrmsg *ifm;
1726 int err, i;
1727
1728 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*ifm))) {
1729 NL_SET_ERR_MSG(extack, "ipv4: Invalid header for address dump request");
1730 return -EINVAL;
1731 }
1732
1733 ifm = nlmsg_data(nlh);
1734 if (ifm->ifa_prefixlen || ifm->ifa_flags || ifm->ifa_scope) {
1735 NL_SET_ERR_MSG(extack, "ipv4: Invalid values in header for address dump request");
1736 return -EINVAL;
1737 }
1738
1739 fillargs->ifindex = ifm->ifa_index;
1740 if (fillargs->ifindex) {
1741 cb->answer_flags |= NLM_F_DUMP_FILTERED;
1742 fillargs->flags |= NLM_F_DUMP_FILTERED;
1743 }
1744
1745 err = nlmsg_parse_deprecated_strict(nlh, sizeof(*ifm), tb, IFA_MAX,
1746 ifa_ipv4_policy, extack);
1747 if (err < 0)
1748 return err;
1749
1750 for (i = 0; i <= IFA_MAX; ++i) {
1751 if (!tb[i])
1752 continue;
1753
1754 if (i == IFA_TARGET_NETNSID) {
1755 struct net *net;
1756
1757 fillargs->netnsid = nla_get_s32(tb[i]);
1758
1759 net = rtnl_get_net_ns_capable(sk, fillargs->netnsid);
1760 if (IS_ERR(net)) {
1761 fillargs->netnsid = -1;
1762 NL_SET_ERR_MSG(extack, "ipv4: Invalid target network namespace id");
1763 return PTR_ERR(net);
1764 }
1765 *tgt_net = net;
1766 } else {
1767 NL_SET_ERR_MSG(extack, "ipv4: Unsupported attribute in dump request");
1768 return -EINVAL;
1769 }
1770 }
1771
1772 return 0;
1773 }
1774
in_dev_dump_addr(struct in_device * in_dev,struct sk_buff * skb,struct netlink_callback * cb,int s_ip_idx,struct inet_fill_args * fillargs)1775 static int in_dev_dump_addr(struct in_device *in_dev, struct sk_buff *skb,
1776 struct netlink_callback *cb, int s_ip_idx,
1777 struct inet_fill_args *fillargs)
1778 {
1779 struct in_ifaddr *ifa;
1780 int ip_idx = 0;
1781 int err;
1782
1783 in_dev_for_each_ifa_rtnl(ifa, in_dev) {
1784 if (ip_idx < s_ip_idx) {
1785 ip_idx++;
1786 continue;
1787 }
1788 err = inet_fill_ifaddr(skb, ifa, fillargs);
1789 if (err < 0)
1790 goto done;
1791
1792 nl_dump_check_consistent(cb, nlmsg_hdr(skb));
1793 ip_idx++;
1794 }
1795 err = 0;
1796
1797 done:
1798 cb->args[2] = ip_idx;
1799
1800 return err;
1801 }
1802
inet_dump_ifaddr(struct sk_buff * skb,struct netlink_callback * cb)1803 static int inet_dump_ifaddr(struct sk_buff *skb, struct netlink_callback *cb)
1804 {
1805 const struct nlmsghdr *nlh = cb->nlh;
1806 struct inet_fill_args fillargs = {
1807 .portid = NETLINK_CB(cb->skb).portid,
1808 .seq = nlh->nlmsg_seq,
1809 .event = RTM_NEWADDR,
1810 .flags = NLM_F_MULTI,
1811 .netnsid = -1,
1812 };
1813 struct net *net = sock_net(skb->sk);
1814 struct net *tgt_net = net;
1815 int h, s_h;
1816 int idx, s_idx;
1817 int s_ip_idx;
1818 struct net_device *dev;
1819 struct in_device *in_dev;
1820 struct hlist_head *head;
1821 int err = 0;
1822
1823 s_h = cb->args[0];
1824 s_idx = idx = cb->args[1];
1825 s_ip_idx = cb->args[2];
1826
1827 if (cb->strict_check) {
1828 err = inet_valid_dump_ifaddr_req(nlh, &fillargs, &tgt_net,
1829 skb->sk, cb);
1830 if (err < 0)
1831 goto put_tgt_net;
1832
1833 err = 0;
1834 if (fillargs.ifindex) {
1835 dev = __dev_get_by_index(tgt_net, fillargs.ifindex);
1836 if (!dev) {
1837 err = -ENODEV;
1838 goto put_tgt_net;
1839 }
1840
1841 in_dev = __in_dev_get_rtnl(dev);
1842 if (in_dev) {
1843 err = in_dev_dump_addr(in_dev, skb, cb, s_ip_idx,
1844 &fillargs);
1845 }
1846 goto put_tgt_net;
1847 }
1848 }
1849
1850 for (h = s_h; h < NETDEV_HASHENTRIES; h++, s_idx = 0) {
1851 idx = 0;
1852 head = &tgt_net->dev_index_head[h];
1853 rcu_read_lock();
1854 cb->seq = atomic_read(&tgt_net->ipv4.dev_addr_genid) ^
1855 tgt_net->dev_base_seq;
1856 hlist_for_each_entry_rcu(dev, head, index_hlist) {
1857 if (idx < s_idx)
1858 goto cont;
1859 if (h > s_h || idx > s_idx)
1860 s_ip_idx = 0;
1861 in_dev = __in_dev_get_rcu(dev);
1862 if (!in_dev)
1863 goto cont;
1864
1865 err = in_dev_dump_addr(in_dev, skb, cb, s_ip_idx,
1866 &fillargs);
1867 if (err < 0) {
1868 rcu_read_unlock();
1869 goto done;
1870 }
1871 cont:
1872 idx++;
1873 }
1874 rcu_read_unlock();
1875 }
1876
1877 done:
1878 cb->args[0] = h;
1879 cb->args[1] = idx;
1880 put_tgt_net:
1881 if (fillargs.netnsid >= 0)
1882 put_net(tgt_net);
1883
1884 return skb->len ? : err;
1885 }
1886
rtmsg_ifa(int event,struct in_ifaddr * ifa,struct nlmsghdr * nlh,u32 portid)1887 static void rtmsg_ifa(int event, struct in_ifaddr *ifa, struct nlmsghdr *nlh,
1888 u32 portid)
1889 {
1890 struct inet_fill_args fillargs = {
1891 .portid = portid,
1892 .seq = nlh ? nlh->nlmsg_seq : 0,
1893 .event = event,
1894 .flags = 0,
1895 .netnsid = -1,
1896 };
1897 struct sk_buff *skb;
1898 int err = -ENOBUFS;
1899 struct net *net;
1900
1901 net = dev_net(ifa->ifa_dev->dev);
1902 skb = nlmsg_new(inet_nlmsg_size(), GFP_KERNEL);
1903 if (!skb)
1904 goto errout;
1905
1906 err = inet_fill_ifaddr(skb, ifa, &fillargs);
1907 if (err < 0) {
1908 /* -EMSGSIZE implies BUG in inet_nlmsg_size() */
1909 WARN_ON(err == -EMSGSIZE);
1910 kfree_skb(skb);
1911 goto errout;
1912 }
1913 rtnl_notify(skb, net, portid, RTNLGRP_IPV4_IFADDR, nlh, GFP_KERNEL);
1914 return;
1915 errout:
1916 if (err < 0)
1917 rtnl_set_sk_err(net, RTNLGRP_IPV4_IFADDR, err);
1918 }
1919
inet_get_link_af_size(const struct net_device * dev,u32 ext_filter_mask)1920 static size_t inet_get_link_af_size(const struct net_device *dev,
1921 u32 ext_filter_mask)
1922 {
1923 struct in_device *in_dev = rcu_dereference_rtnl(dev->ip_ptr);
1924
1925 if (!in_dev)
1926 return 0;
1927
1928 return nla_total_size(IPV4_DEVCONF_MAX * 4); /* IFLA_INET_CONF */
1929 }
1930
inet_fill_link_af(struct sk_buff * skb,const struct net_device * dev,u32 ext_filter_mask)1931 static int inet_fill_link_af(struct sk_buff *skb, const struct net_device *dev,
1932 u32 ext_filter_mask)
1933 {
1934 struct in_device *in_dev = rcu_dereference_rtnl(dev->ip_ptr);
1935 struct nlattr *nla;
1936 int i;
1937
1938 if (!in_dev)
1939 return -ENODATA;
1940
1941 nla = nla_reserve(skb, IFLA_INET_CONF, IPV4_DEVCONF_MAX * 4);
1942 if (!nla)
1943 return -EMSGSIZE;
1944
1945 for (i = 0; i < IPV4_DEVCONF_MAX; i++)
1946 ((u32 *) nla_data(nla))[i] = in_dev->cnf.data[i];
1947
1948 return 0;
1949 }
1950
1951 static const struct nla_policy inet_af_policy[IFLA_INET_MAX+1] = {
1952 [IFLA_INET_CONF] = { .type = NLA_NESTED },
1953 };
1954
inet_validate_link_af(const struct net_device * dev,const struct nlattr * nla)1955 static int inet_validate_link_af(const struct net_device *dev,
1956 const struct nlattr *nla)
1957 {
1958 struct nlattr *a, *tb[IFLA_INET_MAX+1];
1959 int err, rem;
1960
1961 if (dev && !__in_dev_get_rcu(dev))
1962 return -EAFNOSUPPORT;
1963
1964 err = nla_parse_nested_deprecated(tb, IFLA_INET_MAX, nla,
1965 inet_af_policy, NULL);
1966 if (err < 0)
1967 return err;
1968
1969 if (tb[IFLA_INET_CONF]) {
1970 nla_for_each_nested(a, tb[IFLA_INET_CONF], rem) {
1971 int cfgid = nla_type(a);
1972
1973 if (nla_len(a) < 4)
1974 return -EINVAL;
1975
1976 if (cfgid <= 0 || cfgid > IPV4_DEVCONF_MAX)
1977 return -EINVAL;
1978 }
1979 }
1980
1981 return 0;
1982 }
1983
inet_set_link_af(struct net_device * dev,const struct nlattr * nla)1984 static int inet_set_link_af(struct net_device *dev, const struct nlattr *nla)
1985 {
1986 struct in_device *in_dev = __in_dev_get_rcu(dev);
1987 struct nlattr *a, *tb[IFLA_INET_MAX+1];
1988 int rem;
1989
1990 if (!in_dev)
1991 return -EAFNOSUPPORT;
1992
1993 if (nla_parse_nested_deprecated(tb, IFLA_INET_MAX, nla, NULL, NULL) < 0)
1994 return -EINVAL;
1995
1996 if (tb[IFLA_INET_CONF]) {
1997 nla_for_each_nested(a, tb[IFLA_INET_CONF], rem)
1998 ipv4_devconf_set(in_dev, nla_type(a), nla_get_u32(a));
1999 }
2000
2001 return 0;
2002 }
2003
inet_netconf_msgsize_devconf(int type)2004 static int inet_netconf_msgsize_devconf(int type)
2005 {
2006 int size = NLMSG_ALIGN(sizeof(struct netconfmsg))
2007 + nla_total_size(4); /* NETCONFA_IFINDEX */
2008 bool all = false;
2009
2010 if (type == NETCONFA_ALL)
2011 all = true;
2012
2013 if (all || type == NETCONFA_FORWARDING)
2014 size += nla_total_size(4);
2015 if (all || type == NETCONFA_RP_FILTER)
2016 size += nla_total_size(4);
2017 if (all || type == NETCONFA_MC_FORWARDING)
2018 size += nla_total_size(4);
2019 if (all || type == NETCONFA_BC_FORWARDING)
2020 size += nla_total_size(4);
2021 if (all || type == NETCONFA_PROXY_NEIGH)
2022 size += nla_total_size(4);
2023 if (all || type == NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN)
2024 size += nla_total_size(4);
2025
2026 return size;
2027 }
2028
inet_netconf_fill_devconf(struct sk_buff * skb,int ifindex,struct ipv4_devconf * devconf,u32 portid,u32 seq,int event,unsigned int flags,int type)2029 static int inet_netconf_fill_devconf(struct sk_buff *skb, int ifindex,
2030 struct ipv4_devconf *devconf, u32 portid,
2031 u32 seq, int event, unsigned int flags,
2032 int type)
2033 {
2034 struct nlmsghdr *nlh;
2035 struct netconfmsg *ncm;
2036 bool all = false;
2037
2038 nlh = nlmsg_put(skb, portid, seq, event, sizeof(struct netconfmsg),
2039 flags);
2040 if (!nlh)
2041 return -EMSGSIZE;
2042
2043 if (type == NETCONFA_ALL)
2044 all = true;
2045
2046 ncm = nlmsg_data(nlh);
2047 ncm->ncm_family = AF_INET;
2048
2049 if (nla_put_s32(skb, NETCONFA_IFINDEX, ifindex) < 0)
2050 goto nla_put_failure;
2051
2052 if (!devconf)
2053 goto out;
2054
2055 if ((all || type == NETCONFA_FORWARDING) &&
2056 nla_put_s32(skb, NETCONFA_FORWARDING,
2057 IPV4_DEVCONF(*devconf, FORWARDING)) < 0)
2058 goto nla_put_failure;
2059 if ((all || type == NETCONFA_RP_FILTER) &&
2060 nla_put_s32(skb, NETCONFA_RP_FILTER,
2061 IPV4_DEVCONF(*devconf, RP_FILTER)) < 0)
2062 goto nla_put_failure;
2063 if ((all || type == NETCONFA_MC_FORWARDING) &&
2064 nla_put_s32(skb, NETCONFA_MC_FORWARDING,
2065 IPV4_DEVCONF(*devconf, MC_FORWARDING)) < 0)
2066 goto nla_put_failure;
2067 if ((all || type == NETCONFA_BC_FORWARDING) &&
2068 nla_put_s32(skb, NETCONFA_BC_FORWARDING,
2069 IPV4_DEVCONF(*devconf, BC_FORWARDING)) < 0)
2070 goto nla_put_failure;
2071 if ((all || type == NETCONFA_PROXY_NEIGH) &&
2072 nla_put_s32(skb, NETCONFA_PROXY_NEIGH,
2073 IPV4_DEVCONF(*devconf, PROXY_ARP)) < 0)
2074 goto nla_put_failure;
2075 if ((all || type == NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN) &&
2076 nla_put_s32(skb, NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN,
2077 IPV4_DEVCONF(*devconf, IGNORE_ROUTES_WITH_LINKDOWN)) < 0)
2078 goto nla_put_failure;
2079
2080 out:
2081 nlmsg_end(skb, nlh);
2082 return 0;
2083
2084 nla_put_failure:
2085 nlmsg_cancel(skb, nlh);
2086 return -EMSGSIZE;
2087 }
2088
inet_netconf_notify_devconf(struct net * net,int event,int type,int ifindex,struct ipv4_devconf * devconf)2089 void inet_netconf_notify_devconf(struct net *net, int event, int type,
2090 int ifindex, struct ipv4_devconf *devconf)
2091 {
2092 struct sk_buff *skb;
2093 int err = -ENOBUFS;
2094
2095 skb = nlmsg_new(inet_netconf_msgsize_devconf(type), GFP_KERNEL);
2096 if (!skb)
2097 goto errout;
2098
2099 err = inet_netconf_fill_devconf(skb, ifindex, devconf, 0, 0,
2100 event, 0, type);
2101 if (err < 0) {
2102 /* -EMSGSIZE implies BUG in inet_netconf_msgsize_devconf() */
2103 WARN_ON(err == -EMSGSIZE);
2104 kfree_skb(skb);
2105 goto errout;
2106 }
2107 rtnl_notify(skb, net, 0, RTNLGRP_IPV4_NETCONF, NULL, GFP_KERNEL);
2108 return;
2109 errout:
2110 if (err < 0)
2111 rtnl_set_sk_err(net, RTNLGRP_IPV4_NETCONF, err);
2112 }
2113
2114 static const struct nla_policy devconf_ipv4_policy[NETCONFA_MAX+1] = {
2115 [NETCONFA_IFINDEX] = { .len = sizeof(int) },
2116 [NETCONFA_FORWARDING] = { .len = sizeof(int) },
2117 [NETCONFA_RP_FILTER] = { .len = sizeof(int) },
2118 [NETCONFA_PROXY_NEIGH] = { .len = sizeof(int) },
2119 [NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN] = { .len = sizeof(int) },
2120 };
2121
inet_netconf_valid_get_req(struct sk_buff * skb,const struct nlmsghdr * nlh,struct nlattr ** tb,struct netlink_ext_ack * extack)2122 static int inet_netconf_valid_get_req(struct sk_buff *skb,
2123 const struct nlmsghdr *nlh,
2124 struct nlattr **tb,
2125 struct netlink_ext_ack *extack)
2126 {
2127 int i, err;
2128
2129 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(struct netconfmsg))) {
2130 NL_SET_ERR_MSG(extack, "ipv4: Invalid header for netconf get request");
2131 return -EINVAL;
2132 }
2133
2134 if (!netlink_strict_get_check(skb))
2135 return nlmsg_parse_deprecated(nlh, sizeof(struct netconfmsg),
2136 tb, NETCONFA_MAX,
2137 devconf_ipv4_policy, extack);
2138
2139 err = nlmsg_parse_deprecated_strict(nlh, sizeof(struct netconfmsg),
2140 tb, NETCONFA_MAX,
2141 devconf_ipv4_policy, extack);
2142 if (err)
2143 return err;
2144
2145 for (i = 0; i <= NETCONFA_MAX; i++) {
2146 if (!tb[i])
2147 continue;
2148
2149 switch (i) {
2150 case NETCONFA_IFINDEX:
2151 break;
2152 default:
2153 NL_SET_ERR_MSG(extack, "ipv4: Unsupported attribute in netconf get request");
2154 return -EINVAL;
2155 }
2156 }
2157
2158 return 0;
2159 }
2160
inet_netconf_get_devconf(struct sk_buff * in_skb,struct nlmsghdr * nlh,struct netlink_ext_ack * extack)2161 static int inet_netconf_get_devconf(struct sk_buff *in_skb,
2162 struct nlmsghdr *nlh,
2163 struct netlink_ext_ack *extack)
2164 {
2165 struct net *net = sock_net(in_skb->sk);
2166 struct nlattr *tb[NETCONFA_MAX+1];
2167 struct sk_buff *skb;
2168 struct ipv4_devconf *devconf;
2169 struct in_device *in_dev;
2170 struct net_device *dev;
2171 int ifindex;
2172 int err;
2173
2174 err = inet_netconf_valid_get_req(in_skb, nlh, tb, extack);
2175 if (err)
2176 goto errout;
2177
2178 err = -EINVAL;
2179 if (!tb[NETCONFA_IFINDEX])
2180 goto errout;
2181
2182 ifindex = nla_get_s32(tb[NETCONFA_IFINDEX]);
2183 switch (ifindex) {
2184 case NETCONFA_IFINDEX_ALL:
2185 devconf = net->ipv4.devconf_all;
2186 break;
2187 case NETCONFA_IFINDEX_DEFAULT:
2188 devconf = net->ipv4.devconf_dflt;
2189 break;
2190 default:
2191 dev = __dev_get_by_index(net, ifindex);
2192 if (!dev)
2193 goto errout;
2194 in_dev = __in_dev_get_rtnl(dev);
2195 if (!in_dev)
2196 goto errout;
2197 devconf = &in_dev->cnf;
2198 break;
2199 }
2200
2201 err = -ENOBUFS;
2202 skb = nlmsg_new(inet_netconf_msgsize_devconf(NETCONFA_ALL), GFP_KERNEL);
2203 if (!skb)
2204 goto errout;
2205
2206 err = inet_netconf_fill_devconf(skb, ifindex, devconf,
2207 NETLINK_CB(in_skb).portid,
2208 nlh->nlmsg_seq, RTM_NEWNETCONF, 0,
2209 NETCONFA_ALL);
2210 if (err < 0) {
2211 /* -EMSGSIZE implies BUG in inet_netconf_msgsize_devconf() */
2212 WARN_ON(err == -EMSGSIZE);
2213 kfree_skb(skb);
2214 goto errout;
2215 }
2216 err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).portid);
2217 errout:
2218 return err;
2219 }
2220
inet_netconf_dump_devconf(struct sk_buff * skb,struct netlink_callback * cb)2221 static int inet_netconf_dump_devconf(struct sk_buff *skb,
2222 struct netlink_callback *cb)
2223 {
2224 const struct nlmsghdr *nlh = cb->nlh;
2225 struct net *net = sock_net(skb->sk);
2226 int h, s_h;
2227 int idx, s_idx;
2228 struct net_device *dev;
2229 struct in_device *in_dev;
2230 struct hlist_head *head;
2231
2232 if (cb->strict_check) {
2233 struct netlink_ext_ack *extack = cb->extack;
2234 struct netconfmsg *ncm;
2235
2236 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*ncm))) {
2237 NL_SET_ERR_MSG(extack, "ipv4: Invalid header for netconf dump request");
2238 return -EINVAL;
2239 }
2240
2241 if (nlmsg_attrlen(nlh, sizeof(*ncm))) {
2242 NL_SET_ERR_MSG(extack, "ipv4: Invalid data after header in netconf dump request");
2243 return -EINVAL;
2244 }
2245 }
2246
2247 s_h = cb->args[0];
2248 s_idx = idx = cb->args[1];
2249
2250 for (h = s_h; h < NETDEV_HASHENTRIES; h++, s_idx = 0) {
2251 idx = 0;
2252 head = &net->dev_index_head[h];
2253 rcu_read_lock();
2254 cb->seq = atomic_read(&net->ipv4.dev_addr_genid) ^
2255 net->dev_base_seq;
2256 hlist_for_each_entry_rcu(dev, head, index_hlist) {
2257 if (idx < s_idx)
2258 goto cont;
2259 in_dev = __in_dev_get_rcu(dev);
2260 if (!in_dev)
2261 goto cont;
2262
2263 if (inet_netconf_fill_devconf(skb, dev->ifindex,
2264 &in_dev->cnf,
2265 NETLINK_CB(cb->skb).portid,
2266 nlh->nlmsg_seq,
2267 RTM_NEWNETCONF,
2268 NLM_F_MULTI,
2269 NETCONFA_ALL) < 0) {
2270 rcu_read_unlock();
2271 goto done;
2272 }
2273 nl_dump_check_consistent(cb, nlmsg_hdr(skb));
2274 cont:
2275 idx++;
2276 }
2277 rcu_read_unlock();
2278 }
2279 if (h == NETDEV_HASHENTRIES) {
2280 if (inet_netconf_fill_devconf(skb, NETCONFA_IFINDEX_ALL,
2281 net->ipv4.devconf_all,
2282 NETLINK_CB(cb->skb).portid,
2283 nlh->nlmsg_seq,
2284 RTM_NEWNETCONF, NLM_F_MULTI,
2285 NETCONFA_ALL) < 0)
2286 goto done;
2287 else
2288 h++;
2289 }
2290 if (h == NETDEV_HASHENTRIES + 1) {
2291 if (inet_netconf_fill_devconf(skb, NETCONFA_IFINDEX_DEFAULT,
2292 net->ipv4.devconf_dflt,
2293 NETLINK_CB(cb->skb).portid,
2294 nlh->nlmsg_seq,
2295 RTM_NEWNETCONF, NLM_F_MULTI,
2296 NETCONFA_ALL) < 0)
2297 goto done;
2298 else
2299 h++;
2300 }
2301 done:
2302 cb->args[0] = h;
2303 cb->args[1] = idx;
2304
2305 return skb->len;
2306 }
2307
2308 #ifdef CONFIG_SYSCTL
2309
devinet_copy_dflt_conf(struct net * net,int i)2310 static void devinet_copy_dflt_conf(struct net *net, int i)
2311 {
2312 struct net_device *dev;
2313
2314 rcu_read_lock();
2315 for_each_netdev_rcu(net, dev) {
2316 struct in_device *in_dev;
2317
2318 in_dev = __in_dev_get_rcu(dev);
2319 if (in_dev && !test_bit(i, in_dev->cnf.state))
2320 in_dev->cnf.data[i] = net->ipv4.devconf_dflt->data[i];
2321 }
2322 rcu_read_unlock();
2323 }
2324
2325 /* called with RTNL locked */
inet_forward_change(struct net * net)2326 static void inet_forward_change(struct net *net)
2327 {
2328 struct net_device *dev;
2329 int on = IPV4_DEVCONF_ALL(net, FORWARDING);
2330
2331 IPV4_DEVCONF_ALL(net, ACCEPT_REDIRECTS) = !on;
2332 IPV4_DEVCONF_DFLT(net, FORWARDING) = on;
2333 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2334 NETCONFA_FORWARDING,
2335 NETCONFA_IFINDEX_ALL,
2336 net->ipv4.devconf_all);
2337 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2338 NETCONFA_FORWARDING,
2339 NETCONFA_IFINDEX_DEFAULT,
2340 net->ipv4.devconf_dflt);
2341
2342 for_each_netdev(net, dev) {
2343 struct in_device *in_dev;
2344
2345 if (on)
2346 dev_disable_lro(dev);
2347
2348 in_dev = __in_dev_get_rtnl(dev);
2349 if (in_dev) {
2350 IN_DEV_CONF_SET(in_dev, FORWARDING, on);
2351 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2352 NETCONFA_FORWARDING,
2353 dev->ifindex, &in_dev->cnf);
2354 }
2355 }
2356 }
2357
devinet_conf_ifindex(struct net * net,struct ipv4_devconf * cnf)2358 static int devinet_conf_ifindex(struct net *net, struct ipv4_devconf *cnf)
2359 {
2360 if (cnf == net->ipv4.devconf_dflt)
2361 return NETCONFA_IFINDEX_DEFAULT;
2362 else if (cnf == net->ipv4.devconf_all)
2363 return NETCONFA_IFINDEX_ALL;
2364 else {
2365 struct in_device *idev
2366 = container_of(cnf, struct in_device, cnf);
2367 return idev->dev->ifindex;
2368 }
2369 }
2370
devinet_conf_proc(struct ctl_table * ctl,int write,void * buffer,size_t * lenp,loff_t * ppos)2371 static int devinet_conf_proc(struct ctl_table *ctl, int write,
2372 void *buffer, size_t *lenp, loff_t *ppos)
2373 {
2374 int old_value = *(int *)ctl->data;
2375 int ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
2376 int new_value = *(int *)ctl->data;
2377
2378 if (write) {
2379 struct ipv4_devconf *cnf = ctl->extra1;
2380 struct net *net = ctl->extra2;
2381 int i = (int *)ctl->data - cnf->data;
2382 int ifindex;
2383
2384 set_bit(i, cnf->state);
2385
2386 if (cnf == net->ipv4.devconf_dflt)
2387 devinet_copy_dflt_conf(net, i);
2388 if (i == IPV4_DEVCONF_ACCEPT_LOCAL - 1 ||
2389 i == IPV4_DEVCONF_ROUTE_LOCALNET - 1)
2390 if ((new_value == 0) && (old_value != 0))
2391 rt_cache_flush(net);
2392
2393 if (i == IPV4_DEVCONF_BC_FORWARDING - 1 &&
2394 new_value != old_value)
2395 rt_cache_flush(net);
2396
2397 if (i == IPV4_DEVCONF_RP_FILTER - 1 &&
2398 new_value != old_value) {
2399 ifindex = devinet_conf_ifindex(net, cnf);
2400 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2401 NETCONFA_RP_FILTER,
2402 ifindex, cnf);
2403 }
2404 if (i == IPV4_DEVCONF_PROXY_ARP - 1 &&
2405 new_value != old_value) {
2406 ifindex = devinet_conf_ifindex(net, cnf);
2407 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2408 NETCONFA_PROXY_NEIGH,
2409 ifindex, cnf);
2410 }
2411 if (i == IPV4_DEVCONF_IGNORE_ROUTES_WITH_LINKDOWN - 1 &&
2412 new_value != old_value) {
2413 ifindex = devinet_conf_ifindex(net, cnf);
2414 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2415 NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN,
2416 ifindex, cnf);
2417 }
2418 }
2419
2420 return ret;
2421 }
2422
devinet_sysctl_forward(struct ctl_table * ctl,int write,void * buffer,size_t * lenp,loff_t * ppos)2423 static int devinet_sysctl_forward(struct ctl_table *ctl, int write,
2424 void *buffer, size_t *lenp, loff_t *ppos)
2425 {
2426 int *valp = ctl->data;
2427 int val = *valp;
2428 loff_t pos = *ppos;
2429 int ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
2430
2431 if (write && *valp != val) {
2432 struct net *net = ctl->extra2;
2433
2434 if (valp != &IPV4_DEVCONF_DFLT(net, FORWARDING)) {
2435 if (!rtnl_trylock()) {
2436 /* Restore the original values before restarting */
2437 *valp = val;
2438 *ppos = pos;
2439 return restart_syscall();
2440 }
2441 if (valp == &IPV4_DEVCONF_ALL(net, FORWARDING)) {
2442 inet_forward_change(net);
2443 } else {
2444 struct ipv4_devconf *cnf = ctl->extra1;
2445 struct in_device *idev =
2446 container_of(cnf, struct in_device, cnf);
2447 if (*valp)
2448 dev_disable_lro(idev->dev);
2449 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2450 NETCONFA_FORWARDING,
2451 idev->dev->ifindex,
2452 cnf);
2453 }
2454 rtnl_unlock();
2455 rt_cache_flush(net);
2456 } else
2457 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2458 NETCONFA_FORWARDING,
2459 NETCONFA_IFINDEX_DEFAULT,
2460 net->ipv4.devconf_dflt);
2461 }
2462
2463 return ret;
2464 }
2465
ipv4_doint_and_flush(struct ctl_table * ctl,int write,void * buffer,size_t * lenp,loff_t * ppos)2466 static int ipv4_doint_and_flush(struct ctl_table *ctl, int write,
2467 void *buffer, size_t *lenp, loff_t *ppos)
2468 {
2469 int *valp = ctl->data;
2470 int val = *valp;
2471 int ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
2472 struct net *net = ctl->extra2;
2473
2474 if (write && *valp != val)
2475 rt_cache_flush(net);
2476
2477 return ret;
2478 }
2479
2480 #define DEVINET_SYSCTL_ENTRY(attr, name, mval, proc) \
2481 { \
2482 .procname = name, \
2483 .data = ipv4_devconf.data + \
2484 IPV4_DEVCONF_ ## attr - 1, \
2485 .maxlen = sizeof(int), \
2486 .mode = mval, \
2487 .proc_handler = proc, \
2488 .extra1 = &ipv4_devconf, \
2489 }
2490
2491 #define DEVINET_SYSCTL_RW_ENTRY(attr, name) \
2492 DEVINET_SYSCTL_ENTRY(attr, name, 0644, devinet_conf_proc)
2493
2494 #define DEVINET_SYSCTL_RO_ENTRY(attr, name) \
2495 DEVINET_SYSCTL_ENTRY(attr, name, 0444, devinet_conf_proc)
2496
2497 #define DEVINET_SYSCTL_COMPLEX_ENTRY(attr, name, proc) \
2498 DEVINET_SYSCTL_ENTRY(attr, name, 0644, proc)
2499
2500 #define DEVINET_SYSCTL_FLUSHING_ENTRY(attr, name) \
2501 DEVINET_SYSCTL_COMPLEX_ENTRY(attr, name, ipv4_doint_and_flush)
2502
2503 static struct devinet_sysctl_table {
2504 struct ctl_table_header *sysctl_header;
2505 struct ctl_table devinet_vars[__IPV4_DEVCONF_MAX];
2506 } devinet_sysctl = {
2507 .devinet_vars = {
2508 DEVINET_SYSCTL_COMPLEX_ENTRY(FORWARDING, "forwarding",
2509 devinet_sysctl_forward),
2510 DEVINET_SYSCTL_RO_ENTRY(MC_FORWARDING, "mc_forwarding"),
2511 DEVINET_SYSCTL_RW_ENTRY(BC_FORWARDING, "bc_forwarding"),
2512
2513 DEVINET_SYSCTL_RW_ENTRY(ACCEPT_REDIRECTS, "accept_redirects"),
2514 DEVINET_SYSCTL_RW_ENTRY(SECURE_REDIRECTS, "secure_redirects"),
2515 DEVINET_SYSCTL_RW_ENTRY(SHARED_MEDIA, "shared_media"),
2516 DEVINET_SYSCTL_RW_ENTRY(RP_FILTER, "rp_filter"),
2517 DEVINET_SYSCTL_RW_ENTRY(SEND_REDIRECTS, "send_redirects"),
2518 DEVINET_SYSCTL_RW_ENTRY(ACCEPT_SOURCE_ROUTE,
2519 "accept_source_route"),
2520 DEVINET_SYSCTL_RW_ENTRY(ACCEPT_LOCAL, "accept_local"),
2521 DEVINET_SYSCTL_RW_ENTRY(SRC_VMARK, "src_valid_mark"),
2522 DEVINET_SYSCTL_RW_ENTRY(PROXY_ARP, "proxy_arp"),
2523 DEVINET_SYSCTL_RW_ENTRY(MEDIUM_ID, "medium_id"),
2524 DEVINET_SYSCTL_RW_ENTRY(BOOTP_RELAY, "bootp_relay"),
2525 DEVINET_SYSCTL_RW_ENTRY(LOG_MARTIANS, "log_martians"),
2526 DEVINET_SYSCTL_RW_ENTRY(TAG, "tag"),
2527 DEVINET_SYSCTL_RW_ENTRY(ARPFILTER, "arp_filter"),
2528 DEVINET_SYSCTL_RW_ENTRY(ARP_ANNOUNCE, "arp_announce"),
2529 DEVINET_SYSCTL_RW_ENTRY(ARP_IGNORE, "arp_ignore"),
2530 DEVINET_SYSCTL_RW_ENTRY(ARP_ACCEPT, "arp_accept"),
2531 DEVINET_SYSCTL_RW_ENTRY(ARP_NOTIFY, "arp_notify"),
2532 DEVINET_SYSCTL_RW_ENTRY(PROXY_ARP_PVLAN, "proxy_arp_pvlan"),
2533 DEVINET_SYSCTL_RW_ENTRY(FORCE_IGMP_VERSION,
2534 "force_igmp_version"),
2535 DEVINET_SYSCTL_RW_ENTRY(IGMPV2_UNSOLICITED_REPORT_INTERVAL,
2536 "igmpv2_unsolicited_report_interval"),
2537 DEVINET_SYSCTL_RW_ENTRY(IGMPV3_UNSOLICITED_REPORT_INTERVAL,
2538 "igmpv3_unsolicited_report_interval"),
2539 DEVINET_SYSCTL_RW_ENTRY(IGNORE_ROUTES_WITH_LINKDOWN,
2540 "ignore_routes_with_linkdown"),
2541 DEVINET_SYSCTL_RW_ENTRY(DROP_GRATUITOUS_ARP,
2542 "drop_gratuitous_arp"),
2543
2544 DEVINET_SYSCTL_FLUSHING_ENTRY(NOXFRM, "disable_xfrm"),
2545 DEVINET_SYSCTL_FLUSHING_ENTRY(NOPOLICY, "disable_policy"),
2546 DEVINET_SYSCTL_FLUSHING_ENTRY(PROMOTE_SECONDARIES,
2547 "promote_secondaries"),
2548 DEVINET_SYSCTL_FLUSHING_ENTRY(ROUTE_LOCALNET,
2549 "route_localnet"),
2550 DEVINET_SYSCTL_FLUSHING_ENTRY(DROP_UNICAST_IN_L2_MULTICAST,
2551 "drop_unicast_in_l2_multicast"),
2552 },
2553 };
2554
__devinet_sysctl_register(struct net * net,char * dev_name,int ifindex,struct ipv4_devconf * p)2555 static int __devinet_sysctl_register(struct net *net, char *dev_name,
2556 int ifindex, struct ipv4_devconf *p)
2557 {
2558 int i;
2559 struct devinet_sysctl_table *t;
2560 char path[sizeof("net/ipv4/conf/") + IFNAMSIZ];
2561
2562 t = kmemdup(&devinet_sysctl, sizeof(*t), GFP_KERNEL);
2563 if (!t)
2564 goto out;
2565
2566 for (i = 0; i < ARRAY_SIZE(t->devinet_vars) - 1; i++) {
2567 t->devinet_vars[i].data += (char *)p - (char *)&ipv4_devconf;
2568 t->devinet_vars[i].extra1 = p;
2569 t->devinet_vars[i].extra2 = net;
2570 }
2571
2572 snprintf(path, sizeof(path), "net/ipv4/conf/%s", dev_name);
2573
2574 t->sysctl_header = register_net_sysctl(net, path, t->devinet_vars);
2575 if (!t->sysctl_header)
2576 goto free;
2577
2578 p->sysctl = t;
2579
2580 inet_netconf_notify_devconf(net, RTM_NEWNETCONF, NETCONFA_ALL,
2581 ifindex, p);
2582 return 0;
2583
2584 free:
2585 kfree(t);
2586 out:
2587 return -ENOMEM;
2588 }
2589
__devinet_sysctl_unregister(struct net * net,struct ipv4_devconf * cnf,int ifindex)2590 static void __devinet_sysctl_unregister(struct net *net,
2591 struct ipv4_devconf *cnf, int ifindex)
2592 {
2593 struct devinet_sysctl_table *t = cnf->sysctl;
2594
2595 if (t) {
2596 cnf->sysctl = NULL;
2597 unregister_net_sysctl_table(t->sysctl_header);
2598 kfree(t);
2599 }
2600
2601 inet_netconf_notify_devconf(net, RTM_DELNETCONF, 0, ifindex, NULL);
2602 }
2603
devinet_sysctl_register(struct in_device * idev)2604 static int devinet_sysctl_register(struct in_device *idev)
2605 {
2606 int err;
2607
2608 if (!sysctl_dev_name_is_allowed(idev->dev->name))
2609 return -EINVAL;
2610
2611 err = neigh_sysctl_register(idev->dev, idev->arp_parms, NULL);
2612 if (err)
2613 return err;
2614 err = __devinet_sysctl_register(dev_net(idev->dev), idev->dev->name,
2615 idev->dev->ifindex, &idev->cnf);
2616 if (err)
2617 neigh_sysctl_unregister(idev->arp_parms);
2618 return err;
2619 }
2620
devinet_sysctl_unregister(struct in_device * idev)2621 static void devinet_sysctl_unregister(struct in_device *idev)
2622 {
2623 struct net *net = dev_net(idev->dev);
2624
2625 __devinet_sysctl_unregister(net, &idev->cnf, idev->dev->ifindex);
2626 neigh_sysctl_unregister(idev->arp_parms);
2627 }
2628
2629 static struct ctl_table ctl_forward_entry[] = {
2630 {
2631 .procname = "ip_forward",
2632 .data = &ipv4_devconf.data[
2633 IPV4_DEVCONF_FORWARDING - 1],
2634 .maxlen = sizeof(int),
2635 .mode = 0644,
2636 .proc_handler = devinet_sysctl_forward,
2637 .extra1 = &ipv4_devconf,
2638 .extra2 = &init_net,
2639 },
2640 { },
2641 };
2642 #endif
2643
devinet_init_net(struct net * net)2644 static __net_init int devinet_init_net(struct net *net)
2645 {
2646 int err;
2647 struct ipv4_devconf *all, *dflt;
2648 #ifdef CONFIG_SYSCTL
2649 struct ctl_table *tbl;
2650 struct ctl_table_header *forw_hdr;
2651 #endif
2652
2653 err = -ENOMEM;
2654 all = kmemdup(&ipv4_devconf, sizeof(ipv4_devconf), GFP_KERNEL);
2655 if (!all)
2656 goto err_alloc_all;
2657
2658 dflt = kmemdup(&ipv4_devconf_dflt, sizeof(ipv4_devconf_dflt), GFP_KERNEL);
2659 if (!dflt)
2660 goto err_alloc_dflt;
2661
2662 #ifdef CONFIG_SYSCTL
2663 tbl = kmemdup(ctl_forward_entry, sizeof(ctl_forward_entry), GFP_KERNEL);
2664 if (!tbl)
2665 goto err_alloc_ctl;
2666
2667 tbl[0].data = &all->data[IPV4_DEVCONF_FORWARDING - 1];
2668 tbl[0].extra1 = all;
2669 tbl[0].extra2 = net;
2670 #endif
2671
2672 if (!net_eq(net, &init_net)) {
2673 switch (net_inherit_devconf()) {
2674 case 3:
2675 /* copy from the current netns */
2676 memcpy(all, current->nsproxy->net_ns->ipv4.devconf_all,
2677 sizeof(ipv4_devconf));
2678 memcpy(dflt,
2679 current->nsproxy->net_ns->ipv4.devconf_dflt,
2680 sizeof(ipv4_devconf_dflt));
2681 break;
2682 case 0:
2683 case 1:
2684 /* copy from init_net */
2685 memcpy(all, init_net.ipv4.devconf_all,
2686 sizeof(ipv4_devconf));
2687 memcpy(dflt, init_net.ipv4.devconf_dflt,
2688 sizeof(ipv4_devconf_dflt));
2689 break;
2690 case 2:
2691 /* use compiled values */
2692 break;
2693 }
2694 }
2695
2696 #ifdef CONFIG_SYSCTL
2697 err = __devinet_sysctl_register(net, "all", NETCONFA_IFINDEX_ALL, all);
2698 if (err < 0)
2699 goto err_reg_all;
2700
2701 err = __devinet_sysctl_register(net, "default",
2702 NETCONFA_IFINDEX_DEFAULT, dflt);
2703 if (err < 0)
2704 goto err_reg_dflt;
2705
2706 err = -ENOMEM;
2707 forw_hdr = register_net_sysctl(net, "net/ipv4", tbl);
2708 if (!forw_hdr)
2709 goto err_reg_ctl;
2710 net->ipv4.forw_hdr = forw_hdr;
2711 #endif
2712
2713 net->ipv4.devconf_all = all;
2714 net->ipv4.devconf_dflt = dflt;
2715 return 0;
2716
2717 #ifdef CONFIG_SYSCTL
2718 err_reg_ctl:
2719 __devinet_sysctl_unregister(net, dflt, NETCONFA_IFINDEX_DEFAULT);
2720 err_reg_dflt:
2721 __devinet_sysctl_unregister(net, all, NETCONFA_IFINDEX_ALL);
2722 err_reg_all:
2723 kfree(tbl);
2724 err_alloc_ctl:
2725 #endif
2726 kfree(dflt);
2727 err_alloc_dflt:
2728 kfree(all);
2729 err_alloc_all:
2730 return err;
2731 }
2732
devinet_exit_net(struct net * net)2733 static __net_exit void devinet_exit_net(struct net *net)
2734 {
2735 #ifdef CONFIG_SYSCTL
2736 struct ctl_table *tbl;
2737
2738 tbl = net->ipv4.forw_hdr->ctl_table_arg;
2739 unregister_net_sysctl_table(net->ipv4.forw_hdr);
2740 __devinet_sysctl_unregister(net, net->ipv4.devconf_dflt,
2741 NETCONFA_IFINDEX_DEFAULT);
2742 __devinet_sysctl_unregister(net, net->ipv4.devconf_all,
2743 NETCONFA_IFINDEX_ALL);
2744 kfree(tbl);
2745 #endif
2746 kfree(net->ipv4.devconf_dflt);
2747 kfree(net->ipv4.devconf_all);
2748 }
2749
2750 static __net_initdata struct pernet_operations devinet_ops = {
2751 .init = devinet_init_net,
2752 .exit = devinet_exit_net,
2753 };
2754
2755 static struct rtnl_af_ops inet_af_ops __read_mostly = {
2756 .family = AF_INET,
2757 .fill_link_af = inet_fill_link_af,
2758 .get_link_af_size = inet_get_link_af_size,
2759 .validate_link_af = inet_validate_link_af,
2760 .set_link_af = inet_set_link_af,
2761 };
2762
devinet_init(void)2763 void __init devinet_init(void)
2764 {
2765 int i;
2766
2767 for (i = 0; i < IN4_ADDR_HSIZE; i++)
2768 INIT_HLIST_HEAD(&inet_addr_lst[i]);
2769
2770 register_pernet_subsys(&devinet_ops);
2771 register_netdevice_notifier(&ip_netdev_notifier);
2772
2773 queue_delayed_work(system_power_efficient_wq, &check_lifetime_work, 0);
2774
2775 rtnl_af_register(&inet_af_ops);
2776
2777 rtnl_register(PF_INET, RTM_NEWADDR, inet_rtm_newaddr, NULL, 0);
2778 rtnl_register(PF_INET, RTM_DELADDR, inet_rtm_deladdr, NULL, 0);
2779 rtnl_register(PF_INET, RTM_GETADDR, NULL, inet_dump_ifaddr, 0);
2780 rtnl_register(PF_INET, RTM_GETNETCONF, inet_netconf_get_devconf,
2781 inet_netconf_dump_devconf, 0);
2782 }
2783