1 // SPDX-License-Identifier: GPL-2.0-or-later
3 * NET3 IP device support routines.
5 * Derived from the IP parts of dev.c 1.0.19
7 * Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
8 * Mark Evans, <evansmp@uhura.aston.ac.uk>
11 * Alan Cox, <gw4pts@gw4pts.ampr.org>
12 * Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru>
15 * Alexey Kuznetsov: pa_* fields are replaced with ifaddr
17 * Cyrus Durgin: updated for kmod
18 * Matthias Andree: in devinet_ioctl, compare label and
19 * address (4.4BSD alias style support),
20 * fall back to comparing just the label
25 #include <linux/uaccess.h>
26 #include <linux/bitops.h>
27 #include <linux/capability.h>
28 #include <linux/module.h>
29 #include <linux/types.h>
30 #include <linux/kernel.h>
31 #include <linux/sched/signal.h>
32 #include <linux/string.h>
34 #include <linux/socket.h>
35 #include <linux/sockios.h>
37 #include <linux/errno.h>
38 #include <linux/interrupt.h>
39 #include <linux/if_addr.h>
40 #include <linux/if_ether.h>
41 #include <linux/inet.h>
42 #include <linux/netdevice.h>
43 #include <linux/etherdevice.h>
44 #include <linux/skbuff.h>
45 #include <linux/init.h>
46 #include <linux/notifier.h>
47 #include <linux/inetdevice.h>
48 #include <linux/igmp.h>
49 #include <linux/slab.h>
50 #include <linux/hash.h>
52 #include <linux/sysctl.h>
54 #include <linux/kmod.h>
55 #include <linux/netconf.h>
59 #include <net/route.h>
60 #include <net/ip_fib.h>
61 #include <net/rtnetlink.h>
62 #include <net/net_namespace.h>
63 #include <net/addrconf.h>
65 #define IPV6ONLY_FLAGS \
66 (IFA_F_NODAD | IFA_F_OPTIMISTIC | IFA_F_DADFAILED | \
67 IFA_F_HOMEADDRESS | IFA_F_TENTATIVE | \
68 IFA_F_MANAGETEMPADDR | IFA_F_STABLE_PRIVACY)
70 static struct ipv4_devconf ipv4_devconf = {
72 [IPV4_DEVCONF_ACCEPT_REDIRECTS - 1] = 1,
73 [IPV4_DEVCONF_SEND_REDIRECTS - 1] = 1,
74 [IPV4_DEVCONF_SECURE_REDIRECTS - 1] = 1,
75 [IPV4_DEVCONF_SHARED_MEDIA - 1] = 1,
76 [IPV4_DEVCONF_IGMPV2_UNSOLICITED_REPORT_INTERVAL - 1] = 10000 /*ms*/,
77 [IPV4_DEVCONF_IGMPV3_UNSOLICITED_REPORT_INTERVAL - 1] = 1000 /*ms*/,
78 [IPV4_DEVCONF_ARP_EVICT_NOCARRIER - 1] = 1,
82 static struct ipv4_devconf ipv4_devconf_dflt = {
84 [IPV4_DEVCONF_ACCEPT_REDIRECTS - 1] = 1,
85 [IPV4_DEVCONF_SEND_REDIRECTS - 1] = 1,
86 [IPV4_DEVCONF_SECURE_REDIRECTS - 1] = 1,
87 [IPV4_DEVCONF_SHARED_MEDIA - 1] = 1,
88 [IPV4_DEVCONF_ACCEPT_SOURCE_ROUTE - 1] = 1,
89 [IPV4_DEVCONF_IGMPV2_UNSOLICITED_REPORT_INTERVAL - 1] = 10000 /*ms*/,
90 [IPV4_DEVCONF_IGMPV3_UNSOLICITED_REPORT_INTERVAL - 1] = 1000 /*ms*/,
91 [IPV4_DEVCONF_ARP_EVICT_NOCARRIER - 1] = 1,
95 #define IPV4_DEVCONF_DFLT(net, attr) \
96 IPV4_DEVCONF((*net->ipv4.devconf_dflt), attr)
98 static const struct nla_policy ifa_ipv4_policy[IFA_MAX+1] = {
99 [IFA_LOCAL] = { .type = NLA_U32 },
100 [IFA_ADDRESS] = { .type = NLA_U32 },
101 [IFA_BROADCAST] = { .type = NLA_U32 },
102 [IFA_LABEL] = { .type = NLA_STRING, .len = IFNAMSIZ - 1 },
103 [IFA_CACHEINFO] = { .len = sizeof(struct ifa_cacheinfo) },
104 [IFA_FLAGS] = { .type = NLA_U32 },
105 [IFA_RT_PRIORITY] = { .type = NLA_U32 },
106 [IFA_TARGET_NETNSID] = { .type = NLA_S32 },
107 [IFA_PROTO] = { .type = NLA_U8 },
110 struct inet_fill_args {
119 #define IN4_ADDR_HSIZE_SHIFT 8
120 #define IN4_ADDR_HSIZE (1U << IN4_ADDR_HSIZE_SHIFT)
122 static struct hlist_head inet_addr_lst[IN4_ADDR_HSIZE];
124 static u32 inet_addr_hash(const struct net *net, __be32 addr)
126 u32 val = (__force u32) addr ^ net_hash_mix(net);
128 return hash_32(val, IN4_ADDR_HSIZE_SHIFT);
131 static void inet_hash_insert(struct net *net, struct in_ifaddr *ifa)
133 u32 hash = inet_addr_hash(net, ifa->ifa_local);
136 hlist_add_head_rcu(&ifa->hash, &inet_addr_lst[hash]);
139 static void inet_hash_remove(struct in_ifaddr *ifa)
142 hlist_del_init_rcu(&ifa->hash);
146 * __ip_dev_find - find the first device with a given source address.
147 * @net: the net namespace
148 * @addr: the source address
149 * @devref: if true, take a reference on the found device
151 * If a caller uses devref=false, it should be protected by RCU, or RTNL
153 struct net_device *__ip_dev_find(struct net *net, __be32 addr, bool devref)
155 struct net_device *result = NULL;
156 struct in_ifaddr *ifa;
159 ifa = inet_lookup_ifaddr_rcu(net, addr);
161 struct flowi4 fl4 = { .daddr = addr };
162 struct fib_result res = { 0 };
163 struct fib_table *local;
165 /* Fallback to FIB local table so that communication
166 * over loopback subnets work.
168 local = fib_get_table(net, RT_TABLE_LOCAL);
170 !fib_table_lookup(local, &fl4, &res, FIB_LOOKUP_NOREF) &&
171 res.type == RTN_LOCAL)
172 result = FIB_RES_DEV(res);
174 result = ifa->ifa_dev->dev;
176 if (result && devref)
181 EXPORT_SYMBOL(__ip_dev_find);
183 /* called under RCU lock */
184 struct in_ifaddr *inet_lookup_ifaddr_rcu(struct net *net, __be32 addr)
186 u32 hash = inet_addr_hash(net, addr);
187 struct in_ifaddr *ifa;
189 hlist_for_each_entry_rcu(ifa, &inet_addr_lst[hash], hash)
190 if (ifa->ifa_local == addr &&
191 net_eq(dev_net(ifa->ifa_dev->dev), net))
197 static void rtmsg_ifa(int event, struct in_ifaddr *, struct nlmsghdr *, u32);
199 static BLOCKING_NOTIFIER_HEAD(inetaddr_chain);
200 static BLOCKING_NOTIFIER_HEAD(inetaddr_validator_chain);
201 static void inet_del_ifa(struct in_device *in_dev,
202 struct in_ifaddr __rcu **ifap,
205 static int devinet_sysctl_register(struct in_device *idev);
206 static void devinet_sysctl_unregister(struct in_device *idev);
208 static int devinet_sysctl_register(struct in_device *idev)
212 static void devinet_sysctl_unregister(struct in_device *idev)
217 /* Locks all the inet devices. */
219 static struct in_ifaddr *inet_alloc_ifa(void)
221 return kzalloc(sizeof(struct in_ifaddr), GFP_KERNEL_ACCOUNT);
224 static void inet_rcu_free_ifa(struct rcu_head *head)
226 struct in_ifaddr *ifa = container_of(head, struct in_ifaddr, rcu_head);
228 in_dev_put(ifa->ifa_dev);
232 static void inet_free_ifa(struct in_ifaddr *ifa)
234 call_rcu(&ifa->rcu_head, inet_rcu_free_ifa);
237 static void in_dev_free_rcu(struct rcu_head *head)
239 struct in_device *idev = container_of(head, struct in_device, rcu_head);
241 kfree(rcu_dereference_protected(idev->mc_hash, 1));
245 void in_dev_finish_destroy(struct in_device *idev)
247 struct net_device *dev = idev->dev;
249 WARN_ON(idev->ifa_list);
250 WARN_ON(idev->mc_list);
251 #ifdef NET_REFCNT_DEBUG
252 pr_debug("%s: %p=%s\n", __func__, idev, dev ? dev->name : "NIL");
254 netdev_put(dev, &idev->dev_tracker);
256 pr_err("Freeing alive in_device %p\n", idev);
258 call_rcu(&idev->rcu_head, in_dev_free_rcu);
260 EXPORT_SYMBOL(in_dev_finish_destroy);
262 static struct in_device *inetdev_init(struct net_device *dev)
264 struct in_device *in_dev;
269 in_dev = kzalloc(sizeof(*in_dev), GFP_KERNEL);
272 memcpy(&in_dev->cnf, dev_net(dev)->ipv4.devconf_dflt,
273 sizeof(in_dev->cnf));
274 in_dev->cnf.sysctl = NULL;
276 in_dev->arp_parms = neigh_parms_alloc(dev, &arp_tbl);
277 if (!in_dev->arp_parms)
279 if (IPV4_DEVCONF(in_dev->cnf, FORWARDING))
280 dev_disable_lro(dev);
281 /* Reference in_dev->dev */
282 netdev_hold(dev, &in_dev->dev_tracker, GFP_KERNEL);
283 /* Account for reference dev->ip_ptr (below) */
284 refcount_set(&in_dev->refcnt, 1);
286 err = devinet_sysctl_register(in_dev);
289 neigh_parms_release(&arp_tbl, in_dev->arp_parms);
294 ip_mc_init_dev(in_dev);
295 if (dev->flags & IFF_UP)
298 /* we can receive as soon as ip_ptr is set -- do this last */
299 rcu_assign_pointer(dev->ip_ptr, in_dev);
301 return in_dev ?: ERR_PTR(err);
308 static void inetdev_destroy(struct in_device *in_dev)
310 struct net_device *dev;
311 struct in_ifaddr *ifa;
319 ip_mc_destroy_dev(in_dev);
321 while ((ifa = rtnl_dereference(in_dev->ifa_list)) != NULL) {
322 inet_del_ifa(in_dev, &in_dev->ifa_list, 0);
326 RCU_INIT_POINTER(dev->ip_ptr, NULL);
328 devinet_sysctl_unregister(in_dev);
329 neigh_parms_release(&arp_tbl, in_dev->arp_parms);
335 int inet_addr_onlink(struct in_device *in_dev, __be32 a, __be32 b)
337 const struct in_ifaddr *ifa;
340 in_dev_for_each_ifa_rcu(ifa, in_dev) {
341 if (inet_ifa_match(a, ifa)) {
342 if (!b || inet_ifa_match(b, ifa)) {
352 static void __inet_del_ifa(struct in_device *in_dev,
353 struct in_ifaddr __rcu **ifap,
354 int destroy, struct nlmsghdr *nlh, u32 portid)
356 struct in_ifaddr *promote = NULL;
357 struct in_ifaddr *ifa, *ifa1;
358 struct in_ifaddr *last_prim;
359 struct in_ifaddr *prev_prom = NULL;
360 int do_promote = IN_DEV_PROMOTE_SECONDARIES(in_dev);
364 ifa1 = rtnl_dereference(*ifap);
365 last_prim = rtnl_dereference(in_dev->ifa_list);
369 /* 1. Deleting primary ifaddr forces deletion all secondaries
370 * unless alias promotion is set
373 if (!(ifa1->ifa_flags & IFA_F_SECONDARY)) {
374 struct in_ifaddr __rcu **ifap1 = &ifa1->ifa_next;
376 while ((ifa = rtnl_dereference(*ifap1)) != NULL) {
377 if (!(ifa->ifa_flags & IFA_F_SECONDARY) &&
378 ifa1->ifa_scope <= ifa->ifa_scope)
381 if (!(ifa->ifa_flags & IFA_F_SECONDARY) ||
382 ifa1->ifa_mask != ifa->ifa_mask ||
383 !inet_ifa_match(ifa1->ifa_address, ifa)) {
384 ifap1 = &ifa->ifa_next;
390 inet_hash_remove(ifa);
391 *ifap1 = ifa->ifa_next;
393 rtmsg_ifa(RTM_DELADDR, ifa, nlh, portid);
394 blocking_notifier_call_chain(&inetaddr_chain,
404 /* On promotion all secondaries from subnet are changing
405 * the primary IP, we must remove all their routes silently
406 * and later to add them back with new prefsrc. Do this
407 * while all addresses are on the device list.
409 for (ifa = promote; ifa; ifa = rtnl_dereference(ifa->ifa_next)) {
410 if (ifa1->ifa_mask == ifa->ifa_mask &&
411 inet_ifa_match(ifa1->ifa_address, ifa))
412 fib_del_ifaddr(ifa, ifa1);
418 *ifap = ifa1->ifa_next;
419 inet_hash_remove(ifa1);
421 /* 3. Announce address deletion */
423 /* Send message first, then call notifier.
424 At first sight, FIB update triggered by notifier
425 will refer to already deleted ifaddr, that could confuse
426 netlink listeners. It is not true: look, gated sees
427 that route deleted and if it still thinks that ifaddr
428 is valid, it will try to restore deleted routes... Grr.
429 So that, this order is correct.
431 rtmsg_ifa(RTM_DELADDR, ifa1, nlh, portid);
432 blocking_notifier_call_chain(&inetaddr_chain, NETDEV_DOWN, ifa1);
435 struct in_ifaddr *next_sec;
437 next_sec = rtnl_dereference(promote->ifa_next);
439 struct in_ifaddr *last_sec;
441 rcu_assign_pointer(prev_prom->ifa_next, next_sec);
443 last_sec = rtnl_dereference(last_prim->ifa_next);
444 rcu_assign_pointer(promote->ifa_next, last_sec);
445 rcu_assign_pointer(last_prim->ifa_next, promote);
448 promote->ifa_flags &= ~IFA_F_SECONDARY;
449 rtmsg_ifa(RTM_NEWADDR, promote, nlh, portid);
450 blocking_notifier_call_chain(&inetaddr_chain,
452 for (ifa = next_sec; ifa;
453 ifa = rtnl_dereference(ifa->ifa_next)) {
454 if (ifa1->ifa_mask != ifa->ifa_mask ||
455 !inet_ifa_match(ifa1->ifa_address, ifa))
465 static void inet_del_ifa(struct in_device *in_dev,
466 struct in_ifaddr __rcu **ifap,
469 __inet_del_ifa(in_dev, ifap, destroy, NULL, 0);
472 static void check_lifetime(struct work_struct *work);
474 static DECLARE_DELAYED_WORK(check_lifetime_work, check_lifetime);
476 static int __inet_insert_ifa(struct in_ifaddr *ifa, struct nlmsghdr *nlh,
477 u32 portid, struct netlink_ext_ack *extack)
479 struct in_ifaddr __rcu **last_primary, **ifap;
480 struct in_device *in_dev = ifa->ifa_dev;
481 struct in_validator_info ivi;
482 struct in_ifaddr *ifa1;
487 if (!ifa->ifa_local) {
492 ifa->ifa_flags &= ~IFA_F_SECONDARY;
493 last_primary = &in_dev->ifa_list;
495 /* Don't set IPv6 only flags to IPv4 addresses */
496 ifa->ifa_flags &= ~IPV6ONLY_FLAGS;
498 ifap = &in_dev->ifa_list;
499 ifa1 = rtnl_dereference(*ifap);
502 if (!(ifa1->ifa_flags & IFA_F_SECONDARY) &&
503 ifa->ifa_scope <= ifa1->ifa_scope)
504 last_primary = &ifa1->ifa_next;
505 if (ifa1->ifa_mask == ifa->ifa_mask &&
506 inet_ifa_match(ifa1->ifa_address, ifa)) {
507 if (ifa1->ifa_local == ifa->ifa_local) {
511 if (ifa1->ifa_scope != ifa->ifa_scope) {
512 NL_SET_ERR_MSG(extack, "ipv4: Invalid scope value");
516 ifa->ifa_flags |= IFA_F_SECONDARY;
519 ifap = &ifa1->ifa_next;
520 ifa1 = rtnl_dereference(*ifap);
523 /* Allow any devices that wish to register ifaddr validtors to weigh
524 * in now, before changes are committed. The rntl lock is serializing
525 * access here, so the state should not change between a validator call
526 * and a final notify on commit. This isn't invoked on promotion under
527 * the assumption that validators are checking the address itself, and
530 ivi.ivi_addr = ifa->ifa_address;
531 ivi.ivi_dev = ifa->ifa_dev;
533 ret = blocking_notifier_call_chain(&inetaddr_validator_chain,
535 ret = notifier_to_errno(ret);
541 if (!(ifa->ifa_flags & IFA_F_SECONDARY))
544 rcu_assign_pointer(ifa->ifa_next, *ifap);
545 rcu_assign_pointer(*ifap, ifa);
547 inet_hash_insert(dev_net(in_dev->dev), ifa);
549 cancel_delayed_work(&check_lifetime_work);
550 queue_delayed_work(system_power_efficient_wq, &check_lifetime_work, 0);
552 /* Send message first, then call notifier.
553 Notifier will trigger FIB update, so that
554 listeners of netlink will know about new ifaddr */
555 rtmsg_ifa(RTM_NEWADDR, ifa, nlh, portid);
556 blocking_notifier_call_chain(&inetaddr_chain, NETDEV_UP, ifa);
561 static int inet_insert_ifa(struct in_ifaddr *ifa)
563 return __inet_insert_ifa(ifa, NULL, 0, NULL);
566 static int inet_set_ifa(struct net_device *dev, struct in_ifaddr *ifa)
568 struct in_device *in_dev = __in_dev_get_rtnl(dev);
576 ipv4_devconf_setall(in_dev);
577 neigh_parms_data_state_setall(in_dev->arp_parms);
578 if (ifa->ifa_dev != in_dev) {
579 WARN_ON(ifa->ifa_dev);
581 ifa->ifa_dev = in_dev;
583 if (ipv4_is_loopback(ifa->ifa_local))
584 ifa->ifa_scope = RT_SCOPE_HOST;
585 return inet_insert_ifa(ifa);
588 /* Caller must hold RCU or RTNL :
589 * We dont take a reference on found in_device
591 struct in_device *inetdev_by_index(struct net *net, int ifindex)
593 struct net_device *dev;
594 struct in_device *in_dev = NULL;
597 dev = dev_get_by_index_rcu(net, ifindex);
599 in_dev = rcu_dereference_rtnl(dev->ip_ptr);
603 EXPORT_SYMBOL(inetdev_by_index);
605 /* Called only from RTNL semaphored context. No locks. */
607 struct in_ifaddr *inet_ifa_byprefix(struct in_device *in_dev, __be32 prefix,
610 struct in_ifaddr *ifa;
614 in_dev_for_each_ifa_rtnl(ifa, in_dev) {
615 if (ifa->ifa_mask == mask && inet_ifa_match(prefix, ifa))
621 static int ip_mc_autojoin_config(struct net *net, bool join,
622 const struct in_ifaddr *ifa)
624 #if defined(CONFIG_IP_MULTICAST)
625 struct ip_mreqn mreq = {
626 .imr_multiaddr.s_addr = ifa->ifa_address,
627 .imr_ifindex = ifa->ifa_dev->dev->ifindex,
629 struct sock *sk = net->ipv4.mc_autojoin_sk;
636 ret = ip_mc_join_group(sk, &mreq);
638 ret = ip_mc_leave_group(sk, &mreq);
647 static int inet_rtm_deladdr(struct sk_buff *skb, struct nlmsghdr *nlh,
648 struct netlink_ext_ack *extack)
650 struct net *net = sock_net(skb->sk);
651 struct in_ifaddr __rcu **ifap;
652 struct nlattr *tb[IFA_MAX+1];
653 struct in_device *in_dev;
654 struct ifaddrmsg *ifm;
655 struct in_ifaddr *ifa;
660 err = nlmsg_parse_deprecated(nlh, sizeof(*ifm), tb, IFA_MAX,
661 ifa_ipv4_policy, extack);
665 ifm = nlmsg_data(nlh);
666 in_dev = inetdev_by_index(net, ifm->ifa_index);
668 NL_SET_ERR_MSG(extack, "ipv4: Device not found");
673 for (ifap = &in_dev->ifa_list; (ifa = rtnl_dereference(*ifap)) != NULL;
674 ifap = &ifa->ifa_next) {
676 ifa->ifa_local != nla_get_in_addr(tb[IFA_LOCAL]))
679 if (tb[IFA_LABEL] && nla_strcmp(tb[IFA_LABEL], ifa->ifa_label))
682 if (tb[IFA_ADDRESS] &&
683 (ifm->ifa_prefixlen != ifa->ifa_prefixlen ||
684 !inet_ifa_match(nla_get_in_addr(tb[IFA_ADDRESS]), ifa)))
687 if (ipv4_is_multicast(ifa->ifa_address))
688 ip_mc_autojoin_config(net, false, ifa);
689 __inet_del_ifa(in_dev, ifap, 1, nlh, NETLINK_CB(skb).portid);
693 NL_SET_ERR_MSG(extack, "ipv4: Address not found");
694 err = -EADDRNOTAVAIL;
699 #define INFINITY_LIFE_TIME 0xFFFFFFFF
701 static void check_lifetime(struct work_struct *work)
703 unsigned long now, next, next_sec, next_sched;
704 struct in_ifaddr *ifa;
705 struct hlist_node *n;
709 next = round_jiffies_up(now + ADDR_CHECK_FREQUENCY);
711 for (i = 0; i < IN4_ADDR_HSIZE; i++) {
712 bool change_needed = false;
715 hlist_for_each_entry_rcu(ifa, &inet_addr_lst[i], hash) {
718 if (ifa->ifa_flags & IFA_F_PERMANENT)
721 /* We try to batch several events at once. */
722 age = (now - ifa->ifa_tstamp +
723 ADDRCONF_TIMER_FUZZ_MINUS) / HZ;
725 if (ifa->ifa_valid_lft != INFINITY_LIFE_TIME &&
726 age >= ifa->ifa_valid_lft) {
727 change_needed = true;
728 } else if (ifa->ifa_preferred_lft ==
729 INFINITY_LIFE_TIME) {
731 } else if (age >= ifa->ifa_preferred_lft) {
732 if (time_before(ifa->ifa_tstamp +
733 ifa->ifa_valid_lft * HZ, next))
734 next = ifa->ifa_tstamp +
735 ifa->ifa_valid_lft * HZ;
737 if (!(ifa->ifa_flags & IFA_F_DEPRECATED))
738 change_needed = true;
739 } else if (time_before(ifa->ifa_tstamp +
740 ifa->ifa_preferred_lft * HZ,
742 next = ifa->ifa_tstamp +
743 ifa->ifa_preferred_lft * HZ;
750 hlist_for_each_entry_safe(ifa, n, &inet_addr_lst[i], hash) {
753 if (ifa->ifa_flags & IFA_F_PERMANENT)
756 /* We try to batch several events at once. */
757 age = (now - ifa->ifa_tstamp +
758 ADDRCONF_TIMER_FUZZ_MINUS) / HZ;
760 if (ifa->ifa_valid_lft != INFINITY_LIFE_TIME &&
761 age >= ifa->ifa_valid_lft) {
762 struct in_ifaddr __rcu **ifap;
763 struct in_ifaddr *tmp;
765 ifap = &ifa->ifa_dev->ifa_list;
766 tmp = rtnl_dereference(*ifap);
769 inet_del_ifa(ifa->ifa_dev,
773 ifap = &tmp->ifa_next;
774 tmp = rtnl_dereference(*ifap);
776 } else if (ifa->ifa_preferred_lft !=
777 INFINITY_LIFE_TIME &&
778 age >= ifa->ifa_preferred_lft &&
779 !(ifa->ifa_flags & IFA_F_DEPRECATED)) {
780 ifa->ifa_flags |= IFA_F_DEPRECATED;
781 rtmsg_ifa(RTM_NEWADDR, ifa, NULL, 0);
787 next_sec = round_jiffies_up(next);
790 /* If rounded timeout is accurate enough, accept it. */
791 if (time_before(next_sec, next + ADDRCONF_TIMER_FUZZ))
792 next_sched = next_sec;
795 /* And minimum interval is ADDRCONF_TIMER_FUZZ_MAX. */
796 if (time_before(next_sched, now + ADDRCONF_TIMER_FUZZ_MAX))
797 next_sched = now + ADDRCONF_TIMER_FUZZ_MAX;
799 queue_delayed_work(system_power_efficient_wq, &check_lifetime_work,
803 static void set_ifa_lifetime(struct in_ifaddr *ifa, __u32 valid_lft,
806 unsigned long timeout;
808 ifa->ifa_flags &= ~(IFA_F_PERMANENT | IFA_F_DEPRECATED);
810 timeout = addrconf_timeout_fixup(valid_lft, HZ);
811 if (addrconf_finite_timeout(timeout))
812 ifa->ifa_valid_lft = timeout;
814 ifa->ifa_flags |= IFA_F_PERMANENT;
816 timeout = addrconf_timeout_fixup(prefered_lft, HZ);
817 if (addrconf_finite_timeout(timeout)) {
819 ifa->ifa_flags |= IFA_F_DEPRECATED;
820 ifa->ifa_preferred_lft = timeout;
822 ifa->ifa_tstamp = jiffies;
823 if (!ifa->ifa_cstamp)
824 ifa->ifa_cstamp = ifa->ifa_tstamp;
827 static struct in_ifaddr *rtm_to_ifaddr(struct net *net, struct nlmsghdr *nlh,
828 __u32 *pvalid_lft, __u32 *pprefered_lft,
829 struct netlink_ext_ack *extack)
831 struct nlattr *tb[IFA_MAX+1];
832 struct in_ifaddr *ifa;
833 struct ifaddrmsg *ifm;
834 struct net_device *dev;
835 struct in_device *in_dev;
838 err = nlmsg_parse_deprecated(nlh, sizeof(*ifm), tb, IFA_MAX,
839 ifa_ipv4_policy, extack);
843 ifm = nlmsg_data(nlh);
846 if (ifm->ifa_prefixlen > 32) {
847 NL_SET_ERR_MSG(extack, "ipv4: Invalid prefix length");
851 if (!tb[IFA_LOCAL]) {
852 NL_SET_ERR_MSG(extack, "ipv4: Local address is not supplied");
856 dev = __dev_get_by_index(net, ifm->ifa_index);
859 NL_SET_ERR_MSG(extack, "ipv4: Device not found");
863 in_dev = __in_dev_get_rtnl(dev);
868 ifa = inet_alloc_ifa();
871 * A potential indev allocation can be left alive, it stays
872 * assigned to its device and is destroy with it.
876 ipv4_devconf_setall(in_dev);
877 neigh_parms_data_state_setall(in_dev->arp_parms);
880 if (!tb[IFA_ADDRESS])
881 tb[IFA_ADDRESS] = tb[IFA_LOCAL];
883 INIT_HLIST_NODE(&ifa->hash);
884 ifa->ifa_prefixlen = ifm->ifa_prefixlen;
885 ifa->ifa_mask = inet_make_mask(ifm->ifa_prefixlen);
886 ifa->ifa_flags = tb[IFA_FLAGS] ? nla_get_u32(tb[IFA_FLAGS]) :
888 ifa->ifa_scope = ifm->ifa_scope;
889 ifa->ifa_dev = in_dev;
891 ifa->ifa_local = nla_get_in_addr(tb[IFA_LOCAL]);
892 ifa->ifa_address = nla_get_in_addr(tb[IFA_ADDRESS]);
894 if (tb[IFA_BROADCAST])
895 ifa->ifa_broadcast = nla_get_in_addr(tb[IFA_BROADCAST]);
898 nla_strscpy(ifa->ifa_label, tb[IFA_LABEL], IFNAMSIZ);
900 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
902 if (tb[IFA_RT_PRIORITY])
903 ifa->ifa_rt_priority = nla_get_u32(tb[IFA_RT_PRIORITY]);
906 ifa->ifa_proto = nla_get_u8(tb[IFA_PROTO]);
908 if (tb[IFA_CACHEINFO]) {
909 struct ifa_cacheinfo *ci;
911 ci = nla_data(tb[IFA_CACHEINFO]);
912 if (!ci->ifa_valid || ci->ifa_prefered > ci->ifa_valid) {
913 NL_SET_ERR_MSG(extack, "ipv4: address lifetime invalid");
917 *pvalid_lft = ci->ifa_valid;
918 *pprefered_lft = ci->ifa_prefered;
929 static struct in_ifaddr *find_matching_ifa(struct in_ifaddr *ifa)
931 struct in_device *in_dev = ifa->ifa_dev;
932 struct in_ifaddr *ifa1;
937 in_dev_for_each_ifa_rtnl(ifa1, in_dev) {
938 if (ifa1->ifa_mask == ifa->ifa_mask &&
939 inet_ifa_match(ifa1->ifa_address, ifa) &&
940 ifa1->ifa_local == ifa->ifa_local)
946 static int inet_rtm_newaddr(struct sk_buff *skb, struct nlmsghdr *nlh,
947 struct netlink_ext_ack *extack)
949 struct net *net = sock_net(skb->sk);
950 struct in_ifaddr *ifa;
951 struct in_ifaddr *ifa_existing;
952 __u32 valid_lft = INFINITY_LIFE_TIME;
953 __u32 prefered_lft = INFINITY_LIFE_TIME;
957 ifa = rtm_to_ifaddr(net, nlh, &valid_lft, &prefered_lft, extack);
961 ifa_existing = find_matching_ifa(ifa);
963 /* It would be best to check for !NLM_F_CREATE here but
964 * userspace already relies on not having to provide this.
966 set_ifa_lifetime(ifa, valid_lft, prefered_lft);
967 if (ifa->ifa_flags & IFA_F_MCAUTOJOIN) {
968 int ret = ip_mc_autojoin_config(net, true, ifa);
971 NL_SET_ERR_MSG(extack, "ipv4: Multicast auto join failed");
976 return __inet_insert_ifa(ifa, nlh, NETLINK_CB(skb).portid,
979 u32 new_metric = ifa->ifa_rt_priority;
980 u8 new_proto = ifa->ifa_proto;
984 if (nlh->nlmsg_flags & NLM_F_EXCL ||
985 !(nlh->nlmsg_flags & NLM_F_REPLACE)) {
986 NL_SET_ERR_MSG(extack, "ipv4: Address already assigned");
991 if (ifa->ifa_rt_priority != new_metric) {
992 fib_modify_prefix_metric(ifa, new_metric);
993 ifa->ifa_rt_priority = new_metric;
996 ifa->ifa_proto = new_proto;
998 set_ifa_lifetime(ifa, valid_lft, prefered_lft);
999 cancel_delayed_work(&check_lifetime_work);
1000 queue_delayed_work(system_power_efficient_wq,
1001 &check_lifetime_work, 0);
1002 rtmsg_ifa(RTM_NEWADDR, ifa, nlh, NETLINK_CB(skb).portid);
1008 * Determine a default network mask, based on the IP address.
1011 static int inet_abc_len(__be32 addr)
1013 int rc = -1; /* Something else, probably a multicast. */
1015 if (ipv4_is_zeronet(addr) || ipv4_is_lbcast(addr))
1018 __u32 haddr = ntohl(addr);
1019 if (IN_CLASSA(haddr))
1021 else if (IN_CLASSB(haddr))
1023 else if (IN_CLASSC(haddr))
1025 else if (IN_CLASSE(haddr))
1033 int devinet_ioctl(struct net *net, unsigned int cmd, struct ifreq *ifr)
1035 struct sockaddr_in sin_orig;
1036 struct sockaddr_in *sin = (struct sockaddr_in *)&ifr->ifr_addr;
1037 struct in_ifaddr __rcu **ifap = NULL;
1038 struct in_device *in_dev;
1039 struct in_ifaddr *ifa = NULL;
1040 struct net_device *dev;
1043 int tryaddrmatch = 0;
1045 ifr->ifr_name[IFNAMSIZ - 1] = 0;
1047 /* save original address for comparison */
1048 memcpy(&sin_orig, sin, sizeof(*sin));
1050 colon = strchr(ifr->ifr_name, ':');
1054 dev_load(net, ifr->ifr_name);
1057 case SIOCGIFADDR: /* Get interface address */
1058 case SIOCGIFBRDADDR: /* Get the broadcast address */
1059 case SIOCGIFDSTADDR: /* Get the destination address */
1060 case SIOCGIFNETMASK: /* Get the netmask for the interface */
1061 /* Note that these ioctls will not sleep,
1062 so that we do not impose a lock.
1063 One day we will be forced to put shlock here (I mean SMP)
1065 tryaddrmatch = (sin_orig.sin_family == AF_INET);
1066 memset(sin, 0, sizeof(*sin));
1067 sin->sin_family = AF_INET;
1072 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
1075 case SIOCSIFADDR: /* Set interface address (and family) */
1076 case SIOCSIFBRDADDR: /* Set the broadcast address */
1077 case SIOCSIFDSTADDR: /* Set the destination address */
1078 case SIOCSIFNETMASK: /* Set the netmask for the interface */
1080 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
1083 if (sin->sin_family != AF_INET)
1094 dev = __dev_get_by_name(net, ifr->ifr_name);
1101 in_dev = __in_dev_get_rtnl(dev);
1104 /* Matthias Andree */
1105 /* compare label and address (4.4BSD style) */
1106 /* note: we only do this for a limited set of ioctls
1107 and only if the original address family was AF_INET.
1108 This is checked above. */
1110 for (ifap = &in_dev->ifa_list;
1111 (ifa = rtnl_dereference(*ifap)) != NULL;
1112 ifap = &ifa->ifa_next) {
1113 if (!strcmp(ifr->ifr_name, ifa->ifa_label) &&
1114 sin_orig.sin_addr.s_addr ==
1120 /* we didn't get a match, maybe the application is
1121 4.3BSD-style and passed in junk so we fall back to
1122 comparing just the label */
1124 for (ifap = &in_dev->ifa_list;
1125 (ifa = rtnl_dereference(*ifap)) != NULL;
1126 ifap = &ifa->ifa_next)
1127 if (!strcmp(ifr->ifr_name, ifa->ifa_label))
1132 ret = -EADDRNOTAVAIL;
1133 if (!ifa && cmd != SIOCSIFADDR && cmd != SIOCSIFFLAGS)
1137 case SIOCGIFADDR: /* Get interface address */
1139 sin->sin_addr.s_addr = ifa->ifa_local;
1142 case SIOCGIFBRDADDR: /* Get the broadcast address */
1144 sin->sin_addr.s_addr = ifa->ifa_broadcast;
1147 case SIOCGIFDSTADDR: /* Get the destination address */
1149 sin->sin_addr.s_addr = ifa->ifa_address;
1152 case SIOCGIFNETMASK: /* Get the netmask for the interface */
1154 sin->sin_addr.s_addr = ifa->ifa_mask;
1159 ret = -EADDRNOTAVAIL;
1163 if (!(ifr->ifr_flags & IFF_UP))
1164 inet_del_ifa(in_dev, ifap, 1);
1167 ret = dev_change_flags(dev, ifr->ifr_flags, NULL);
1170 case SIOCSIFADDR: /* Set interface address (and family) */
1172 if (inet_abc_len(sin->sin_addr.s_addr) < 0)
1177 ifa = inet_alloc_ifa();
1180 INIT_HLIST_NODE(&ifa->hash);
1182 memcpy(ifa->ifa_label, ifr->ifr_name, IFNAMSIZ);
1184 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
1187 if (ifa->ifa_local == sin->sin_addr.s_addr)
1189 inet_del_ifa(in_dev, ifap, 0);
1190 ifa->ifa_broadcast = 0;
1194 ifa->ifa_address = ifa->ifa_local = sin->sin_addr.s_addr;
1196 if (!(dev->flags & IFF_POINTOPOINT)) {
1197 ifa->ifa_prefixlen = inet_abc_len(ifa->ifa_address);
1198 ifa->ifa_mask = inet_make_mask(ifa->ifa_prefixlen);
1199 if ((dev->flags & IFF_BROADCAST) &&
1200 ifa->ifa_prefixlen < 31)
1201 ifa->ifa_broadcast = ifa->ifa_address |
1204 ifa->ifa_prefixlen = 32;
1205 ifa->ifa_mask = inet_make_mask(32);
1207 set_ifa_lifetime(ifa, INFINITY_LIFE_TIME, INFINITY_LIFE_TIME);
1208 ret = inet_set_ifa(dev, ifa);
1211 case SIOCSIFBRDADDR: /* Set the broadcast address */
1213 if (ifa->ifa_broadcast != sin->sin_addr.s_addr) {
1214 inet_del_ifa(in_dev, ifap, 0);
1215 ifa->ifa_broadcast = sin->sin_addr.s_addr;
1216 inet_insert_ifa(ifa);
1220 case SIOCSIFDSTADDR: /* Set the destination address */
1222 if (ifa->ifa_address == sin->sin_addr.s_addr)
1225 if (inet_abc_len(sin->sin_addr.s_addr) < 0)
1228 inet_del_ifa(in_dev, ifap, 0);
1229 ifa->ifa_address = sin->sin_addr.s_addr;
1230 inet_insert_ifa(ifa);
1233 case SIOCSIFNETMASK: /* Set the netmask for the interface */
1236 * The mask we set must be legal.
1239 if (bad_mask(sin->sin_addr.s_addr, 0))
1242 if (ifa->ifa_mask != sin->sin_addr.s_addr) {
1243 __be32 old_mask = ifa->ifa_mask;
1244 inet_del_ifa(in_dev, ifap, 0);
1245 ifa->ifa_mask = sin->sin_addr.s_addr;
1246 ifa->ifa_prefixlen = inet_mask_len(ifa->ifa_mask);
1248 /* See if current broadcast address matches
1249 * with current netmask, then recalculate
1250 * the broadcast address. Otherwise it's a
1251 * funny address, so don't touch it since
1252 * the user seems to know what (s)he's doing...
1254 if ((dev->flags & IFF_BROADCAST) &&
1255 (ifa->ifa_prefixlen < 31) &&
1256 (ifa->ifa_broadcast ==
1257 (ifa->ifa_local|~old_mask))) {
1258 ifa->ifa_broadcast = (ifa->ifa_local |
1259 ~sin->sin_addr.s_addr);
1261 inet_insert_ifa(ifa);
1271 int inet_gifconf(struct net_device *dev, char __user *buf, int len, int size)
1273 struct in_device *in_dev = __in_dev_get_rtnl(dev);
1274 const struct in_ifaddr *ifa;
1278 if (WARN_ON(size > sizeof(struct ifreq)))
1284 in_dev_for_each_ifa_rtnl(ifa, in_dev) {
1291 memset(&ifr, 0, sizeof(struct ifreq));
1292 strcpy(ifr.ifr_name, ifa->ifa_label);
1294 (*(struct sockaddr_in *)&ifr.ifr_addr).sin_family = AF_INET;
1295 (*(struct sockaddr_in *)&ifr.ifr_addr).sin_addr.s_addr =
1298 if (copy_to_user(buf + done, &ifr, size)) {
1309 static __be32 in_dev_select_addr(const struct in_device *in_dev,
1312 const struct in_ifaddr *ifa;
1314 in_dev_for_each_ifa_rcu(ifa, in_dev) {
1315 if (ifa->ifa_flags & IFA_F_SECONDARY)
1317 if (ifa->ifa_scope != RT_SCOPE_LINK &&
1318 ifa->ifa_scope <= scope)
1319 return ifa->ifa_local;
1325 __be32 inet_select_addr(const struct net_device *dev, __be32 dst, int scope)
1327 const struct in_ifaddr *ifa;
1329 unsigned char localnet_scope = RT_SCOPE_HOST;
1330 struct in_device *in_dev;
1331 struct net *net = dev_net(dev);
1335 in_dev = __in_dev_get_rcu(dev);
1339 if (unlikely(IN_DEV_ROUTE_LOCALNET(in_dev)))
1340 localnet_scope = RT_SCOPE_LINK;
1342 in_dev_for_each_ifa_rcu(ifa, in_dev) {
1343 if (ifa->ifa_flags & IFA_F_SECONDARY)
1345 if (min(ifa->ifa_scope, localnet_scope) > scope)
1347 if (!dst || inet_ifa_match(dst, ifa)) {
1348 addr = ifa->ifa_local;
1352 addr = ifa->ifa_local;
1358 master_idx = l3mdev_master_ifindex_rcu(dev);
1360 /* For VRFs, the VRF device takes the place of the loopback device,
1361 * with addresses on it being preferred. Note in such cases the
1362 * loopback device will be among the devices that fail the master_idx
1363 * equality check in the loop below.
1366 (dev = dev_get_by_index_rcu(net, master_idx)) &&
1367 (in_dev = __in_dev_get_rcu(dev))) {
1368 addr = in_dev_select_addr(in_dev, scope);
1373 /* Not loopback addresses on loopback should be preferred
1374 in this case. It is important that lo is the first interface
1377 for_each_netdev_rcu(net, dev) {
1378 if (l3mdev_master_ifindex_rcu(dev) != master_idx)
1381 in_dev = __in_dev_get_rcu(dev);
1385 addr = in_dev_select_addr(in_dev, scope);
1393 EXPORT_SYMBOL(inet_select_addr);
1395 static __be32 confirm_addr_indev(struct in_device *in_dev, __be32 dst,
1396 __be32 local, int scope)
1398 unsigned char localnet_scope = RT_SCOPE_HOST;
1399 const struct in_ifaddr *ifa;
1403 if (unlikely(IN_DEV_ROUTE_LOCALNET(in_dev)))
1404 localnet_scope = RT_SCOPE_LINK;
1406 in_dev_for_each_ifa_rcu(ifa, in_dev) {
1407 unsigned char min_scope = min(ifa->ifa_scope, localnet_scope);
1410 (local == ifa->ifa_local || !local) &&
1411 min_scope <= scope) {
1412 addr = ifa->ifa_local;
1417 same = (!local || inet_ifa_match(local, ifa)) &&
1418 (!dst || inet_ifa_match(dst, ifa));
1422 /* Is the selected addr into dst subnet? */
1423 if (inet_ifa_match(addr, ifa))
1425 /* No, then can we use new local src? */
1426 if (min_scope <= scope) {
1427 addr = ifa->ifa_local;
1430 /* search for large dst subnet for addr */
1436 return same ? addr : 0;
1440 * Confirm that local IP address exists using wildcards:
1441 * - net: netns to check, cannot be NULL
1442 * - in_dev: only on this interface, NULL=any interface
1443 * - dst: only in the same subnet as dst, 0=any dst
1444 * - local: address, 0=autoselect the local address
1445 * - scope: maximum allowed scope value for the local address
1447 __be32 inet_confirm_addr(struct net *net, struct in_device *in_dev,
1448 __be32 dst, __be32 local, int scope)
1451 struct net_device *dev;
1454 return confirm_addr_indev(in_dev, dst, local, scope);
1457 for_each_netdev_rcu(net, dev) {
1458 in_dev = __in_dev_get_rcu(dev);
1460 addr = confirm_addr_indev(in_dev, dst, local, scope);
1469 EXPORT_SYMBOL(inet_confirm_addr);
1475 int register_inetaddr_notifier(struct notifier_block *nb)
1477 return blocking_notifier_chain_register(&inetaddr_chain, nb);
1479 EXPORT_SYMBOL(register_inetaddr_notifier);
1481 int unregister_inetaddr_notifier(struct notifier_block *nb)
1483 return blocking_notifier_chain_unregister(&inetaddr_chain, nb);
1485 EXPORT_SYMBOL(unregister_inetaddr_notifier);
1487 int register_inetaddr_validator_notifier(struct notifier_block *nb)
1489 return blocking_notifier_chain_register(&inetaddr_validator_chain, nb);
1491 EXPORT_SYMBOL(register_inetaddr_validator_notifier);
1493 int unregister_inetaddr_validator_notifier(struct notifier_block *nb)
1495 return blocking_notifier_chain_unregister(&inetaddr_validator_chain,
1498 EXPORT_SYMBOL(unregister_inetaddr_validator_notifier);
1500 /* Rename ifa_labels for a device name change. Make some effort to preserve
1501 * existing alias numbering and to create unique labels if possible.
1503 static void inetdev_changename(struct net_device *dev, struct in_device *in_dev)
1505 struct in_ifaddr *ifa;
1508 in_dev_for_each_ifa_rtnl(ifa, in_dev) {
1509 char old[IFNAMSIZ], *dot;
1511 memcpy(old, ifa->ifa_label, IFNAMSIZ);
1512 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
1515 dot = strchr(old, ':');
1517 sprintf(old, ":%d", named);
1520 if (strlen(dot) + strlen(dev->name) < IFNAMSIZ)
1521 strcat(ifa->ifa_label, dot);
1523 strcpy(ifa->ifa_label + (IFNAMSIZ - strlen(dot) - 1), dot);
1525 rtmsg_ifa(RTM_NEWADDR, ifa, NULL, 0);
1529 static void inetdev_send_gratuitous_arp(struct net_device *dev,
1530 struct in_device *in_dev)
1533 const struct in_ifaddr *ifa;
1535 in_dev_for_each_ifa_rtnl(ifa, in_dev) {
1536 arp_send(ARPOP_REQUEST, ETH_P_ARP,
1537 ifa->ifa_local, dev,
1538 ifa->ifa_local, NULL,
1539 dev->dev_addr, NULL);
1543 /* Called only under RTNL semaphore */
1545 static int inetdev_event(struct notifier_block *this, unsigned long event,
1548 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
1549 struct in_device *in_dev = __in_dev_get_rtnl(dev);
1554 if (event == NETDEV_REGISTER) {
1555 in_dev = inetdev_init(dev);
1557 return notifier_from_errno(PTR_ERR(in_dev));
1558 if (dev->flags & IFF_LOOPBACK) {
1559 IN_DEV_CONF_SET(in_dev, NOXFRM, 1);
1560 IN_DEV_CONF_SET(in_dev, NOPOLICY, 1);
1562 } else if (event == NETDEV_CHANGEMTU) {
1563 /* Re-enabling IP */
1564 if (inetdev_valid_mtu(dev->mtu))
1565 in_dev = inetdev_init(dev);
1571 case NETDEV_REGISTER:
1572 pr_debug("%s: bug\n", __func__);
1573 RCU_INIT_POINTER(dev->ip_ptr, NULL);
1576 if (!inetdev_valid_mtu(dev->mtu))
1578 if (dev->flags & IFF_LOOPBACK) {
1579 struct in_ifaddr *ifa = inet_alloc_ifa();
1582 INIT_HLIST_NODE(&ifa->hash);
1584 ifa->ifa_address = htonl(INADDR_LOOPBACK);
1585 ifa->ifa_prefixlen = 8;
1586 ifa->ifa_mask = inet_make_mask(8);
1587 in_dev_hold(in_dev);
1588 ifa->ifa_dev = in_dev;
1589 ifa->ifa_scope = RT_SCOPE_HOST;
1590 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
1591 set_ifa_lifetime(ifa, INFINITY_LIFE_TIME,
1592 INFINITY_LIFE_TIME);
1593 ipv4_devconf_setall(in_dev);
1594 neigh_parms_data_state_setall(in_dev->arp_parms);
1595 inet_insert_ifa(ifa);
1600 case NETDEV_CHANGEADDR:
1601 if (!IN_DEV_ARP_NOTIFY(in_dev))
1604 case NETDEV_NOTIFY_PEERS:
1605 /* Send gratuitous ARP to notify of link change */
1606 inetdev_send_gratuitous_arp(dev, in_dev);
1611 case NETDEV_PRE_TYPE_CHANGE:
1612 ip_mc_unmap(in_dev);
1614 case NETDEV_POST_TYPE_CHANGE:
1615 ip_mc_remap(in_dev);
1617 case NETDEV_CHANGEMTU:
1618 if (inetdev_valid_mtu(dev->mtu))
1620 /* disable IP when MTU is not enough */
1622 case NETDEV_UNREGISTER:
1623 inetdev_destroy(in_dev);
1625 case NETDEV_CHANGENAME:
1626 /* Do not notify about label change, this event is
1627 * not interesting to applications using netlink.
1629 inetdev_changename(dev, in_dev);
1631 devinet_sysctl_unregister(in_dev);
1632 devinet_sysctl_register(in_dev);
1639 static struct notifier_block ip_netdev_notifier = {
1640 .notifier_call = inetdev_event,
1643 static size_t inet_nlmsg_size(void)
1645 return NLMSG_ALIGN(sizeof(struct ifaddrmsg))
1646 + nla_total_size(4) /* IFA_ADDRESS */
1647 + nla_total_size(4) /* IFA_LOCAL */
1648 + nla_total_size(4) /* IFA_BROADCAST */
1649 + nla_total_size(IFNAMSIZ) /* IFA_LABEL */
1650 + nla_total_size(4) /* IFA_FLAGS */
1651 + nla_total_size(1) /* IFA_PROTO */
1652 + nla_total_size(4) /* IFA_RT_PRIORITY */
1653 + nla_total_size(sizeof(struct ifa_cacheinfo)); /* IFA_CACHEINFO */
1656 static inline u32 cstamp_delta(unsigned long cstamp)
1658 return (cstamp - INITIAL_JIFFIES) * 100UL / HZ;
1661 static int put_cacheinfo(struct sk_buff *skb, unsigned long cstamp,
1662 unsigned long tstamp, u32 preferred, u32 valid)
1664 struct ifa_cacheinfo ci;
1666 ci.cstamp = cstamp_delta(cstamp);
1667 ci.tstamp = cstamp_delta(tstamp);
1668 ci.ifa_prefered = preferred;
1669 ci.ifa_valid = valid;
1671 return nla_put(skb, IFA_CACHEINFO, sizeof(ci), &ci);
1674 static int inet_fill_ifaddr(struct sk_buff *skb, struct in_ifaddr *ifa,
1675 struct inet_fill_args *args)
1677 struct ifaddrmsg *ifm;
1678 struct nlmsghdr *nlh;
1679 u32 preferred, valid;
1681 nlh = nlmsg_put(skb, args->portid, args->seq, args->event, sizeof(*ifm),
1686 ifm = nlmsg_data(nlh);
1687 ifm->ifa_family = AF_INET;
1688 ifm->ifa_prefixlen = ifa->ifa_prefixlen;
1689 ifm->ifa_flags = ifa->ifa_flags;
1690 ifm->ifa_scope = ifa->ifa_scope;
1691 ifm->ifa_index = ifa->ifa_dev->dev->ifindex;
1693 if (args->netnsid >= 0 &&
1694 nla_put_s32(skb, IFA_TARGET_NETNSID, args->netnsid))
1695 goto nla_put_failure;
1697 if (!(ifm->ifa_flags & IFA_F_PERMANENT)) {
1698 preferred = ifa->ifa_preferred_lft;
1699 valid = ifa->ifa_valid_lft;
1700 if (preferred != INFINITY_LIFE_TIME) {
1701 long tval = (jiffies - ifa->ifa_tstamp) / HZ;
1703 if (preferred > tval)
1707 if (valid != INFINITY_LIFE_TIME) {
1715 preferred = INFINITY_LIFE_TIME;
1716 valid = INFINITY_LIFE_TIME;
1718 if ((ifa->ifa_address &&
1719 nla_put_in_addr(skb, IFA_ADDRESS, ifa->ifa_address)) ||
1721 nla_put_in_addr(skb, IFA_LOCAL, ifa->ifa_local)) ||
1722 (ifa->ifa_broadcast &&
1723 nla_put_in_addr(skb, IFA_BROADCAST, ifa->ifa_broadcast)) ||
1724 (ifa->ifa_label[0] &&
1725 nla_put_string(skb, IFA_LABEL, ifa->ifa_label)) ||
1727 nla_put_u8(skb, IFA_PROTO, ifa->ifa_proto)) ||
1728 nla_put_u32(skb, IFA_FLAGS, ifa->ifa_flags) ||
1729 (ifa->ifa_rt_priority &&
1730 nla_put_u32(skb, IFA_RT_PRIORITY, ifa->ifa_rt_priority)) ||
1731 put_cacheinfo(skb, ifa->ifa_cstamp, ifa->ifa_tstamp,
1733 goto nla_put_failure;
1735 nlmsg_end(skb, nlh);
1739 nlmsg_cancel(skb, nlh);
1743 static int inet_valid_dump_ifaddr_req(const struct nlmsghdr *nlh,
1744 struct inet_fill_args *fillargs,
1745 struct net **tgt_net, struct sock *sk,
1746 struct netlink_callback *cb)
1748 struct netlink_ext_ack *extack = cb->extack;
1749 struct nlattr *tb[IFA_MAX+1];
1750 struct ifaddrmsg *ifm;
1753 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*ifm))) {
1754 NL_SET_ERR_MSG(extack, "ipv4: Invalid header for address dump request");
1758 ifm = nlmsg_data(nlh);
1759 if (ifm->ifa_prefixlen || ifm->ifa_flags || ifm->ifa_scope) {
1760 NL_SET_ERR_MSG(extack, "ipv4: Invalid values in header for address dump request");
1764 fillargs->ifindex = ifm->ifa_index;
1765 if (fillargs->ifindex) {
1766 cb->answer_flags |= NLM_F_DUMP_FILTERED;
1767 fillargs->flags |= NLM_F_DUMP_FILTERED;
1770 err = nlmsg_parse_deprecated_strict(nlh, sizeof(*ifm), tb, IFA_MAX,
1771 ifa_ipv4_policy, extack);
1775 for (i = 0; i <= IFA_MAX; ++i) {
1779 if (i == IFA_TARGET_NETNSID) {
1782 fillargs->netnsid = nla_get_s32(tb[i]);
1784 net = rtnl_get_net_ns_capable(sk, fillargs->netnsid);
1786 fillargs->netnsid = -1;
1787 NL_SET_ERR_MSG(extack, "ipv4: Invalid target network namespace id");
1788 return PTR_ERR(net);
1792 NL_SET_ERR_MSG(extack, "ipv4: Unsupported attribute in dump request");
1800 static int in_dev_dump_addr(struct in_device *in_dev, struct sk_buff *skb,
1801 struct netlink_callback *cb, int s_ip_idx,
1802 struct inet_fill_args *fillargs)
1804 struct in_ifaddr *ifa;
1808 in_dev_for_each_ifa_rtnl(ifa, in_dev) {
1809 if (ip_idx < s_ip_idx) {
1813 err = inet_fill_ifaddr(skb, ifa, fillargs);
1817 nl_dump_check_consistent(cb, nlmsg_hdr(skb));
1823 cb->args[2] = ip_idx;
1828 static int inet_dump_ifaddr(struct sk_buff *skb, struct netlink_callback *cb)
1830 const struct nlmsghdr *nlh = cb->nlh;
1831 struct inet_fill_args fillargs = {
1832 .portid = NETLINK_CB(cb->skb).portid,
1833 .seq = nlh->nlmsg_seq,
1834 .event = RTM_NEWADDR,
1835 .flags = NLM_F_MULTI,
1838 struct net *net = sock_net(skb->sk);
1839 struct net *tgt_net = net;
1843 struct net_device *dev;
1844 struct in_device *in_dev;
1845 struct hlist_head *head;
1849 s_idx = idx = cb->args[1];
1850 s_ip_idx = cb->args[2];
1852 if (cb->strict_check) {
1853 err = inet_valid_dump_ifaddr_req(nlh, &fillargs, &tgt_net,
1859 if (fillargs.ifindex) {
1860 dev = __dev_get_by_index(tgt_net, fillargs.ifindex);
1866 in_dev = __in_dev_get_rtnl(dev);
1868 err = in_dev_dump_addr(in_dev, skb, cb, s_ip_idx,
1875 for (h = s_h; h < NETDEV_HASHENTRIES; h++, s_idx = 0) {
1877 head = &tgt_net->dev_index_head[h];
1879 cb->seq = atomic_read(&tgt_net->ipv4.dev_addr_genid) ^
1880 tgt_net->dev_base_seq;
1881 hlist_for_each_entry_rcu(dev, head, index_hlist) {
1884 if (h > s_h || idx > s_idx)
1886 in_dev = __in_dev_get_rcu(dev);
1890 err = in_dev_dump_addr(in_dev, skb, cb, s_ip_idx,
1906 if (fillargs.netnsid >= 0)
1909 return skb->len ? : err;
1912 static void rtmsg_ifa(int event, struct in_ifaddr *ifa, struct nlmsghdr *nlh,
1915 struct inet_fill_args fillargs = {
1917 .seq = nlh ? nlh->nlmsg_seq : 0,
1922 struct sk_buff *skb;
1926 net = dev_net(ifa->ifa_dev->dev);
1927 skb = nlmsg_new(inet_nlmsg_size(), GFP_KERNEL);
1931 err = inet_fill_ifaddr(skb, ifa, &fillargs);
1933 /* -EMSGSIZE implies BUG in inet_nlmsg_size() */
1934 WARN_ON(err == -EMSGSIZE);
1938 rtnl_notify(skb, net, portid, RTNLGRP_IPV4_IFADDR, nlh, GFP_KERNEL);
1942 rtnl_set_sk_err(net, RTNLGRP_IPV4_IFADDR, err);
1945 static size_t inet_get_link_af_size(const struct net_device *dev,
1946 u32 ext_filter_mask)
1948 struct in_device *in_dev = rcu_dereference_rtnl(dev->ip_ptr);
1953 return nla_total_size(IPV4_DEVCONF_MAX * 4); /* IFLA_INET_CONF */
1956 static int inet_fill_link_af(struct sk_buff *skb, const struct net_device *dev,
1957 u32 ext_filter_mask)
1959 struct in_device *in_dev = rcu_dereference_rtnl(dev->ip_ptr);
1966 nla = nla_reserve(skb, IFLA_INET_CONF, IPV4_DEVCONF_MAX * 4);
1970 for (i = 0; i < IPV4_DEVCONF_MAX; i++)
1971 ((u32 *) nla_data(nla))[i] = in_dev->cnf.data[i];
1976 static const struct nla_policy inet_af_policy[IFLA_INET_MAX+1] = {
1977 [IFLA_INET_CONF] = { .type = NLA_NESTED },
1980 static int inet_validate_link_af(const struct net_device *dev,
1981 const struct nlattr *nla,
1982 struct netlink_ext_ack *extack)
1984 struct nlattr *a, *tb[IFLA_INET_MAX+1];
1987 if (dev && !__in_dev_get_rtnl(dev))
1988 return -EAFNOSUPPORT;
1990 err = nla_parse_nested_deprecated(tb, IFLA_INET_MAX, nla,
1991 inet_af_policy, extack);
1995 if (tb[IFLA_INET_CONF]) {
1996 nla_for_each_nested(a, tb[IFLA_INET_CONF], rem) {
1997 int cfgid = nla_type(a);
2002 if (cfgid <= 0 || cfgid > IPV4_DEVCONF_MAX)
2010 static int inet_set_link_af(struct net_device *dev, const struct nlattr *nla,
2011 struct netlink_ext_ack *extack)
2013 struct in_device *in_dev = __in_dev_get_rtnl(dev);
2014 struct nlattr *a, *tb[IFLA_INET_MAX+1];
2018 return -EAFNOSUPPORT;
2020 if (nla_parse_nested_deprecated(tb, IFLA_INET_MAX, nla, NULL, NULL) < 0)
2023 if (tb[IFLA_INET_CONF]) {
2024 nla_for_each_nested(a, tb[IFLA_INET_CONF], rem)
2025 ipv4_devconf_set(in_dev, nla_type(a), nla_get_u32(a));
2031 static int inet_netconf_msgsize_devconf(int type)
2033 int size = NLMSG_ALIGN(sizeof(struct netconfmsg))
2034 + nla_total_size(4); /* NETCONFA_IFINDEX */
2037 if (type == NETCONFA_ALL)
2040 if (all || type == NETCONFA_FORWARDING)
2041 size += nla_total_size(4);
2042 if (all || type == NETCONFA_RP_FILTER)
2043 size += nla_total_size(4);
2044 if (all || type == NETCONFA_MC_FORWARDING)
2045 size += nla_total_size(4);
2046 if (all || type == NETCONFA_BC_FORWARDING)
2047 size += nla_total_size(4);
2048 if (all || type == NETCONFA_PROXY_NEIGH)
2049 size += nla_total_size(4);
2050 if (all || type == NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN)
2051 size += nla_total_size(4);
2056 static int inet_netconf_fill_devconf(struct sk_buff *skb, int ifindex,
2057 struct ipv4_devconf *devconf, u32 portid,
2058 u32 seq, int event, unsigned int flags,
2061 struct nlmsghdr *nlh;
2062 struct netconfmsg *ncm;
2065 nlh = nlmsg_put(skb, portid, seq, event, sizeof(struct netconfmsg),
2070 if (type == NETCONFA_ALL)
2073 ncm = nlmsg_data(nlh);
2074 ncm->ncm_family = AF_INET;
2076 if (nla_put_s32(skb, NETCONFA_IFINDEX, ifindex) < 0)
2077 goto nla_put_failure;
2082 if ((all || type == NETCONFA_FORWARDING) &&
2083 nla_put_s32(skb, NETCONFA_FORWARDING,
2084 IPV4_DEVCONF(*devconf, FORWARDING)) < 0)
2085 goto nla_put_failure;
2086 if ((all || type == NETCONFA_RP_FILTER) &&
2087 nla_put_s32(skb, NETCONFA_RP_FILTER,
2088 IPV4_DEVCONF(*devconf, RP_FILTER)) < 0)
2089 goto nla_put_failure;
2090 if ((all || type == NETCONFA_MC_FORWARDING) &&
2091 nla_put_s32(skb, NETCONFA_MC_FORWARDING,
2092 IPV4_DEVCONF(*devconf, MC_FORWARDING)) < 0)
2093 goto nla_put_failure;
2094 if ((all || type == NETCONFA_BC_FORWARDING) &&
2095 nla_put_s32(skb, NETCONFA_BC_FORWARDING,
2096 IPV4_DEVCONF(*devconf, BC_FORWARDING)) < 0)
2097 goto nla_put_failure;
2098 if ((all || type == NETCONFA_PROXY_NEIGH) &&
2099 nla_put_s32(skb, NETCONFA_PROXY_NEIGH,
2100 IPV4_DEVCONF(*devconf, PROXY_ARP)) < 0)
2101 goto nla_put_failure;
2102 if ((all || type == NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN) &&
2103 nla_put_s32(skb, NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN,
2104 IPV4_DEVCONF(*devconf, IGNORE_ROUTES_WITH_LINKDOWN)) < 0)
2105 goto nla_put_failure;
2108 nlmsg_end(skb, nlh);
2112 nlmsg_cancel(skb, nlh);
2116 void inet_netconf_notify_devconf(struct net *net, int event, int type,
2117 int ifindex, struct ipv4_devconf *devconf)
2119 struct sk_buff *skb;
2122 skb = nlmsg_new(inet_netconf_msgsize_devconf(type), GFP_KERNEL);
2126 err = inet_netconf_fill_devconf(skb, ifindex, devconf, 0, 0,
2129 /* -EMSGSIZE implies BUG in inet_netconf_msgsize_devconf() */
2130 WARN_ON(err == -EMSGSIZE);
2134 rtnl_notify(skb, net, 0, RTNLGRP_IPV4_NETCONF, NULL, GFP_KERNEL);
2138 rtnl_set_sk_err(net, RTNLGRP_IPV4_NETCONF, err);
2141 static const struct nla_policy devconf_ipv4_policy[NETCONFA_MAX+1] = {
2142 [NETCONFA_IFINDEX] = { .len = sizeof(int) },
2143 [NETCONFA_FORWARDING] = { .len = sizeof(int) },
2144 [NETCONFA_RP_FILTER] = { .len = sizeof(int) },
2145 [NETCONFA_PROXY_NEIGH] = { .len = sizeof(int) },
2146 [NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN] = { .len = sizeof(int) },
2149 static int inet_netconf_valid_get_req(struct sk_buff *skb,
2150 const struct nlmsghdr *nlh,
2152 struct netlink_ext_ack *extack)
2156 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(struct netconfmsg))) {
2157 NL_SET_ERR_MSG(extack, "ipv4: Invalid header for netconf get request");
2161 if (!netlink_strict_get_check(skb))
2162 return nlmsg_parse_deprecated(nlh, sizeof(struct netconfmsg),
2164 devconf_ipv4_policy, extack);
2166 err = nlmsg_parse_deprecated_strict(nlh, sizeof(struct netconfmsg),
2168 devconf_ipv4_policy, extack);
2172 for (i = 0; i <= NETCONFA_MAX; i++) {
2177 case NETCONFA_IFINDEX:
2180 NL_SET_ERR_MSG(extack, "ipv4: Unsupported attribute in netconf get request");
2188 static int inet_netconf_get_devconf(struct sk_buff *in_skb,
2189 struct nlmsghdr *nlh,
2190 struct netlink_ext_ack *extack)
2192 struct net *net = sock_net(in_skb->sk);
2193 struct nlattr *tb[NETCONFA_MAX+1];
2194 struct sk_buff *skb;
2195 struct ipv4_devconf *devconf;
2196 struct in_device *in_dev;
2197 struct net_device *dev;
2201 err = inet_netconf_valid_get_req(in_skb, nlh, tb, extack);
2206 if (!tb[NETCONFA_IFINDEX])
2209 ifindex = nla_get_s32(tb[NETCONFA_IFINDEX]);
2211 case NETCONFA_IFINDEX_ALL:
2212 devconf = net->ipv4.devconf_all;
2214 case NETCONFA_IFINDEX_DEFAULT:
2215 devconf = net->ipv4.devconf_dflt;
2218 dev = __dev_get_by_index(net, ifindex);
2221 in_dev = __in_dev_get_rtnl(dev);
2224 devconf = &in_dev->cnf;
2229 skb = nlmsg_new(inet_netconf_msgsize_devconf(NETCONFA_ALL), GFP_KERNEL);
2233 err = inet_netconf_fill_devconf(skb, ifindex, devconf,
2234 NETLINK_CB(in_skb).portid,
2235 nlh->nlmsg_seq, RTM_NEWNETCONF, 0,
2238 /* -EMSGSIZE implies BUG in inet_netconf_msgsize_devconf() */
2239 WARN_ON(err == -EMSGSIZE);
2243 err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).portid);
2248 static int inet_netconf_dump_devconf(struct sk_buff *skb,
2249 struct netlink_callback *cb)
2251 const struct nlmsghdr *nlh = cb->nlh;
2252 struct net *net = sock_net(skb->sk);
2255 struct net_device *dev;
2256 struct in_device *in_dev;
2257 struct hlist_head *head;
2259 if (cb->strict_check) {
2260 struct netlink_ext_ack *extack = cb->extack;
2261 struct netconfmsg *ncm;
2263 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*ncm))) {
2264 NL_SET_ERR_MSG(extack, "ipv4: Invalid header for netconf dump request");
2268 if (nlmsg_attrlen(nlh, sizeof(*ncm))) {
2269 NL_SET_ERR_MSG(extack, "ipv4: Invalid data after header in netconf dump request");
2275 s_idx = idx = cb->args[1];
2277 for (h = s_h; h < NETDEV_HASHENTRIES; h++, s_idx = 0) {
2279 head = &net->dev_index_head[h];
2281 cb->seq = atomic_read(&net->ipv4.dev_addr_genid) ^
2283 hlist_for_each_entry_rcu(dev, head, index_hlist) {
2286 in_dev = __in_dev_get_rcu(dev);
2290 if (inet_netconf_fill_devconf(skb, dev->ifindex,
2292 NETLINK_CB(cb->skb).portid,
2296 NETCONFA_ALL) < 0) {
2300 nl_dump_check_consistent(cb, nlmsg_hdr(skb));
2306 if (h == NETDEV_HASHENTRIES) {
2307 if (inet_netconf_fill_devconf(skb, NETCONFA_IFINDEX_ALL,
2308 net->ipv4.devconf_all,
2309 NETLINK_CB(cb->skb).portid,
2311 RTM_NEWNETCONF, NLM_F_MULTI,
2317 if (h == NETDEV_HASHENTRIES + 1) {
2318 if (inet_netconf_fill_devconf(skb, NETCONFA_IFINDEX_DEFAULT,
2319 net->ipv4.devconf_dflt,
2320 NETLINK_CB(cb->skb).portid,
2322 RTM_NEWNETCONF, NLM_F_MULTI,
2335 #ifdef CONFIG_SYSCTL
2337 static void devinet_copy_dflt_conf(struct net *net, int i)
2339 struct net_device *dev;
2342 for_each_netdev_rcu(net, dev) {
2343 struct in_device *in_dev;
2345 in_dev = __in_dev_get_rcu(dev);
2346 if (in_dev && !test_bit(i, in_dev->cnf.state))
2347 in_dev->cnf.data[i] = net->ipv4.devconf_dflt->data[i];
2352 /* called with RTNL locked */
2353 static void inet_forward_change(struct net *net)
2355 struct net_device *dev;
2356 int on = IPV4_DEVCONF_ALL(net, FORWARDING);
2358 IPV4_DEVCONF_ALL(net, ACCEPT_REDIRECTS) = !on;
2359 IPV4_DEVCONF_DFLT(net, FORWARDING) = on;
2360 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2361 NETCONFA_FORWARDING,
2362 NETCONFA_IFINDEX_ALL,
2363 net->ipv4.devconf_all);
2364 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2365 NETCONFA_FORWARDING,
2366 NETCONFA_IFINDEX_DEFAULT,
2367 net->ipv4.devconf_dflt);
2369 for_each_netdev(net, dev) {
2370 struct in_device *in_dev;
2373 dev_disable_lro(dev);
2375 in_dev = __in_dev_get_rtnl(dev);
2377 IN_DEV_CONF_SET(in_dev, FORWARDING, on);
2378 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2379 NETCONFA_FORWARDING,
2380 dev->ifindex, &in_dev->cnf);
2385 static int devinet_conf_ifindex(struct net *net, struct ipv4_devconf *cnf)
2387 if (cnf == net->ipv4.devconf_dflt)
2388 return NETCONFA_IFINDEX_DEFAULT;
2389 else if (cnf == net->ipv4.devconf_all)
2390 return NETCONFA_IFINDEX_ALL;
2392 struct in_device *idev
2393 = container_of(cnf, struct in_device, cnf);
2394 return idev->dev->ifindex;
2398 static int devinet_conf_proc(struct ctl_table *ctl, int write,
2399 void *buffer, size_t *lenp, loff_t *ppos)
2401 int old_value = *(int *)ctl->data;
2402 int ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
2403 int new_value = *(int *)ctl->data;
2406 struct ipv4_devconf *cnf = ctl->extra1;
2407 struct net *net = ctl->extra2;
2408 int i = (int *)ctl->data - cnf->data;
2411 set_bit(i, cnf->state);
2413 if (cnf == net->ipv4.devconf_dflt)
2414 devinet_copy_dflt_conf(net, i);
2415 if (i == IPV4_DEVCONF_ACCEPT_LOCAL - 1 ||
2416 i == IPV4_DEVCONF_ROUTE_LOCALNET - 1)
2417 if ((new_value == 0) && (old_value != 0))
2418 rt_cache_flush(net);
2420 if (i == IPV4_DEVCONF_BC_FORWARDING - 1 &&
2421 new_value != old_value)
2422 rt_cache_flush(net);
2424 if (i == IPV4_DEVCONF_RP_FILTER - 1 &&
2425 new_value != old_value) {
2426 ifindex = devinet_conf_ifindex(net, cnf);
2427 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2431 if (i == IPV4_DEVCONF_PROXY_ARP - 1 &&
2432 new_value != old_value) {
2433 ifindex = devinet_conf_ifindex(net, cnf);
2434 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2435 NETCONFA_PROXY_NEIGH,
2438 if (i == IPV4_DEVCONF_IGNORE_ROUTES_WITH_LINKDOWN - 1 &&
2439 new_value != old_value) {
2440 ifindex = devinet_conf_ifindex(net, cnf);
2441 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2442 NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN,
2450 static int devinet_sysctl_forward(struct ctl_table *ctl, int write,
2451 void *buffer, size_t *lenp, loff_t *ppos)
2453 int *valp = ctl->data;
2456 struct net *net = ctl->extra2;
2459 if (write && !ns_capable(net->user_ns, CAP_NET_ADMIN))
2462 ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
2464 if (write && *valp != val) {
2465 if (valp != &IPV4_DEVCONF_DFLT(net, FORWARDING)) {
2466 if (!rtnl_trylock()) {
2467 /* Restore the original values before restarting */
2470 return restart_syscall();
2472 if (valp == &IPV4_DEVCONF_ALL(net, FORWARDING)) {
2473 inet_forward_change(net);
2475 struct ipv4_devconf *cnf = ctl->extra1;
2476 struct in_device *idev =
2477 container_of(cnf, struct in_device, cnf);
2479 dev_disable_lro(idev->dev);
2480 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2481 NETCONFA_FORWARDING,
2486 rt_cache_flush(net);
2488 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2489 NETCONFA_FORWARDING,
2490 NETCONFA_IFINDEX_DEFAULT,
2491 net->ipv4.devconf_dflt);
2497 static int ipv4_doint_and_flush(struct ctl_table *ctl, int write,
2498 void *buffer, size_t *lenp, loff_t *ppos)
2500 int *valp = ctl->data;
2502 int ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
2503 struct net *net = ctl->extra2;
2505 if (write && *valp != val)
2506 rt_cache_flush(net);
2511 #define DEVINET_SYSCTL_ENTRY(attr, name, mval, proc) \
2514 .data = ipv4_devconf.data + \
2515 IPV4_DEVCONF_ ## attr - 1, \
2516 .maxlen = sizeof(int), \
2518 .proc_handler = proc, \
2519 .extra1 = &ipv4_devconf, \
2522 #define DEVINET_SYSCTL_RW_ENTRY(attr, name) \
2523 DEVINET_SYSCTL_ENTRY(attr, name, 0644, devinet_conf_proc)
2525 #define DEVINET_SYSCTL_RO_ENTRY(attr, name) \
2526 DEVINET_SYSCTL_ENTRY(attr, name, 0444, devinet_conf_proc)
2528 #define DEVINET_SYSCTL_COMPLEX_ENTRY(attr, name, proc) \
2529 DEVINET_SYSCTL_ENTRY(attr, name, 0644, proc)
2531 #define DEVINET_SYSCTL_FLUSHING_ENTRY(attr, name) \
2532 DEVINET_SYSCTL_COMPLEX_ENTRY(attr, name, ipv4_doint_and_flush)
2534 static struct devinet_sysctl_table {
2535 struct ctl_table_header *sysctl_header;
2536 struct ctl_table devinet_vars[__IPV4_DEVCONF_MAX];
2537 } devinet_sysctl = {
2539 DEVINET_SYSCTL_COMPLEX_ENTRY(FORWARDING, "forwarding",
2540 devinet_sysctl_forward),
2541 DEVINET_SYSCTL_RO_ENTRY(MC_FORWARDING, "mc_forwarding"),
2542 DEVINET_SYSCTL_RW_ENTRY(BC_FORWARDING, "bc_forwarding"),
2544 DEVINET_SYSCTL_RW_ENTRY(ACCEPT_REDIRECTS, "accept_redirects"),
2545 DEVINET_SYSCTL_RW_ENTRY(SECURE_REDIRECTS, "secure_redirects"),
2546 DEVINET_SYSCTL_RW_ENTRY(SHARED_MEDIA, "shared_media"),
2547 DEVINET_SYSCTL_RW_ENTRY(RP_FILTER, "rp_filter"),
2548 DEVINET_SYSCTL_RW_ENTRY(SEND_REDIRECTS, "send_redirects"),
2549 DEVINET_SYSCTL_RW_ENTRY(ACCEPT_SOURCE_ROUTE,
2550 "accept_source_route"),
2551 DEVINET_SYSCTL_RW_ENTRY(ACCEPT_LOCAL, "accept_local"),
2552 DEVINET_SYSCTL_RW_ENTRY(SRC_VMARK, "src_valid_mark"),
2553 DEVINET_SYSCTL_RW_ENTRY(PROXY_ARP, "proxy_arp"),
2554 DEVINET_SYSCTL_RW_ENTRY(MEDIUM_ID, "medium_id"),
2555 DEVINET_SYSCTL_RW_ENTRY(BOOTP_RELAY, "bootp_relay"),
2556 DEVINET_SYSCTL_RW_ENTRY(LOG_MARTIANS, "log_martians"),
2557 DEVINET_SYSCTL_RW_ENTRY(TAG, "tag"),
2558 DEVINET_SYSCTL_RW_ENTRY(ARPFILTER, "arp_filter"),
2559 DEVINET_SYSCTL_RW_ENTRY(ARP_ANNOUNCE, "arp_announce"),
2560 DEVINET_SYSCTL_RW_ENTRY(ARP_IGNORE, "arp_ignore"),
2561 DEVINET_SYSCTL_RW_ENTRY(ARP_ACCEPT, "arp_accept"),
2562 DEVINET_SYSCTL_RW_ENTRY(ARP_NOTIFY, "arp_notify"),
2563 DEVINET_SYSCTL_RW_ENTRY(ARP_EVICT_NOCARRIER,
2564 "arp_evict_nocarrier"),
2565 DEVINET_SYSCTL_RW_ENTRY(PROXY_ARP_PVLAN, "proxy_arp_pvlan"),
2566 DEVINET_SYSCTL_RW_ENTRY(FORCE_IGMP_VERSION,
2567 "force_igmp_version"),
2568 DEVINET_SYSCTL_RW_ENTRY(IGMPV2_UNSOLICITED_REPORT_INTERVAL,
2569 "igmpv2_unsolicited_report_interval"),
2570 DEVINET_SYSCTL_RW_ENTRY(IGMPV3_UNSOLICITED_REPORT_INTERVAL,
2571 "igmpv3_unsolicited_report_interval"),
2572 DEVINET_SYSCTL_RW_ENTRY(IGNORE_ROUTES_WITH_LINKDOWN,
2573 "ignore_routes_with_linkdown"),
2574 DEVINET_SYSCTL_RW_ENTRY(DROP_GRATUITOUS_ARP,
2575 "drop_gratuitous_arp"),
2577 DEVINET_SYSCTL_FLUSHING_ENTRY(NOXFRM, "disable_xfrm"),
2578 DEVINET_SYSCTL_FLUSHING_ENTRY(NOPOLICY, "disable_policy"),
2579 DEVINET_SYSCTL_FLUSHING_ENTRY(PROMOTE_SECONDARIES,
2580 "promote_secondaries"),
2581 DEVINET_SYSCTL_FLUSHING_ENTRY(ROUTE_LOCALNET,
2583 DEVINET_SYSCTL_FLUSHING_ENTRY(DROP_UNICAST_IN_L2_MULTICAST,
2584 "drop_unicast_in_l2_multicast"),
2588 static int __devinet_sysctl_register(struct net *net, char *dev_name,
2589 int ifindex, struct ipv4_devconf *p)
2592 struct devinet_sysctl_table *t;
2593 char path[sizeof("net/ipv4/conf/") + IFNAMSIZ];
2595 t = kmemdup(&devinet_sysctl, sizeof(*t), GFP_KERNEL_ACCOUNT);
2599 for (i = 0; i < ARRAY_SIZE(t->devinet_vars) - 1; i++) {
2600 t->devinet_vars[i].data += (char *)p - (char *)&ipv4_devconf;
2601 t->devinet_vars[i].extra1 = p;
2602 t->devinet_vars[i].extra2 = net;
2605 snprintf(path, sizeof(path), "net/ipv4/conf/%s", dev_name);
2607 t->sysctl_header = register_net_sysctl(net, path, t->devinet_vars);
2608 if (!t->sysctl_header)
2613 inet_netconf_notify_devconf(net, RTM_NEWNETCONF, NETCONFA_ALL,
2623 static void __devinet_sysctl_unregister(struct net *net,
2624 struct ipv4_devconf *cnf, int ifindex)
2626 struct devinet_sysctl_table *t = cnf->sysctl;
2630 unregister_net_sysctl_table(t->sysctl_header);
2634 inet_netconf_notify_devconf(net, RTM_DELNETCONF, 0, ifindex, NULL);
2637 static int devinet_sysctl_register(struct in_device *idev)
2641 if (!sysctl_dev_name_is_allowed(idev->dev->name))
2644 err = neigh_sysctl_register(idev->dev, idev->arp_parms, NULL);
2647 err = __devinet_sysctl_register(dev_net(idev->dev), idev->dev->name,
2648 idev->dev->ifindex, &idev->cnf);
2650 neigh_sysctl_unregister(idev->arp_parms);
2654 static void devinet_sysctl_unregister(struct in_device *idev)
2656 struct net *net = dev_net(idev->dev);
2658 __devinet_sysctl_unregister(net, &idev->cnf, idev->dev->ifindex);
2659 neigh_sysctl_unregister(idev->arp_parms);
2662 static struct ctl_table ctl_forward_entry[] = {
2664 .procname = "ip_forward",
2665 .data = &ipv4_devconf.data[
2666 IPV4_DEVCONF_FORWARDING - 1],
2667 .maxlen = sizeof(int),
2669 .proc_handler = devinet_sysctl_forward,
2670 .extra1 = &ipv4_devconf,
2671 .extra2 = &init_net,
2677 static __net_init int devinet_init_net(struct net *net)
2680 struct ipv4_devconf *all, *dflt;
2681 #ifdef CONFIG_SYSCTL
2682 struct ctl_table *tbl;
2683 struct ctl_table_header *forw_hdr;
2687 all = kmemdup(&ipv4_devconf, sizeof(ipv4_devconf), GFP_KERNEL);
2691 dflt = kmemdup(&ipv4_devconf_dflt, sizeof(ipv4_devconf_dflt), GFP_KERNEL);
2693 goto err_alloc_dflt;
2695 #ifdef CONFIG_SYSCTL
2696 tbl = kmemdup(ctl_forward_entry, sizeof(ctl_forward_entry), GFP_KERNEL);
2700 tbl[0].data = &all->data[IPV4_DEVCONF_FORWARDING - 1];
2701 tbl[0].extra1 = all;
2702 tbl[0].extra2 = net;
2705 if (!net_eq(net, &init_net)) {
2706 switch (net_inherit_devconf()) {
2708 /* copy from the current netns */
2709 memcpy(all, current->nsproxy->net_ns->ipv4.devconf_all,
2710 sizeof(ipv4_devconf));
2712 current->nsproxy->net_ns->ipv4.devconf_dflt,
2713 sizeof(ipv4_devconf_dflt));
2717 /* copy from init_net */
2718 memcpy(all, init_net.ipv4.devconf_all,
2719 sizeof(ipv4_devconf));
2720 memcpy(dflt, init_net.ipv4.devconf_dflt,
2721 sizeof(ipv4_devconf_dflt));
2724 /* use compiled values */
2729 #ifdef CONFIG_SYSCTL
2730 err = __devinet_sysctl_register(net, "all", NETCONFA_IFINDEX_ALL, all);
2734 err = __devinet_sysctl_register(net, "default",
2735 NETCONFA_IFINDEX_DEFAULT, dflt);
2740 forw_hdr = register_net_sysctl_sz(net, "net/ipv4", tbl,
2741 ARRAY_SIZE(ctl_forward_entry));
2744 net->ipv4.forw_hdr = forw_hdr;
2747 net->ipv4.devconf_all = all;
2748 net->ipv4.devconf_dflt = dflt;
2751 #ifdef CONFIG_SYSCTL
2753 __devinet_sysctl_unregister(net, dflt, NETCONFA_IFINDEX_DEFAULT);
2755 __devinet_sysctl_unregister(net, all, NETCONFA_IFINDEX_ALL);
2767 static __net_exit void devinet_exit_net(struct net *net)
2769 #ifdef CONFIG_SYSCTL
2770 struct ctl_table *tbl;
2772 tbl = net->ipv4.forw_hdr->ctl_table_arg;
2773 unregister_net_sysctl_table(net->ipv4.forw_hdr);
2774 __devinet_sysctl_unregister(net, net->ipv4.devconf_dflt,
2775 NETCONFA_IFINDEX_DEFAULT);
2776 __devinet_sysctl_unregister(net, net->ipv4.devconf_all,
2777 NETCONFA_IFINDEX_ALL);
2780 kfree(net->ipv4.devconf_dflt);
2781 kfree(net->ipv4.devconf_all);
2784 static __net_initdata struct pernet_operations devinet_ops = {
2785 .init = devinet_init_net,
2786 .exit = devinet_exit_net,
2789 static struct rtnl_af_ops inet_af_ops __read_mostly = {
2791 .fill_link_af = inet_fill_link_af,
2792 .get_link_af_size = inet_get_link_af_size,
2793 .validate_link_af = inet_validate_link_af,
2794 .set_link_af = inet_set_link_af,
2797 void __init devinet_init(void)
2801 for (i = 0; i < IN4_ADDR_HSIZE; i++)
2802 INIT_HLIST_HEAD(&inet_addr_lst[i]);
2804 register_pernet_subsys(&devinet_ops);
2805 register_netdevice_notifier(&ip_netdev_notifier);
2807 queue_delayed_work(system_power_efficient_wq, &check_lifetime_work, 0);
2809 rtnl_af_register(&inet_af_ops);
2811 rtnl_register(PF_INET, RTM_NEWADDR, inet_rtm_newaddr, NULL, 0);
2812 rtnl_register(PF_INET, RTM_DELADDR, inet_rtm_deladdr, NULL, 0);
2813 rtnl_register(PF_INET, RTM_GETADDR, NULL, inet_dump_ifaddr, 0);
2814 rtnl_register(PF_INET, RTM_GETNETCONF, inet_netconf_get_devconf,
2815 inet_netconf_dump_devconf, 0);
projects / linux-2.6-block.git / blob