1 // SPDX-License-Identifier: GPL-2.0-or-later
3 * NET3 IP device support routines.
5 * Derived from the IP parts of dev.c 1.0.19
7 * Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
8 * Mark Evans, <evansmp@uhura.aston.ac.uk>
11 * Alan Cox, <gw4pts@gw4pts.ampr.org>
12 * Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru>
15 * Alexey Kuznetsov: pa_* fields are replaced with ifaddr
17 * Cyrus Durgin: updated for kmod
18 * Matthias Andree: in devinet_ioctl, compare label and
19 * address (4.4BSD alias style support),
20 * fall back to comparing just the label
25 #include <linux/uaccess.h>
26 #include <linux/bitops.h>
27 #include <linux/capability.h>
28 #include <linux/module.h>
29 #include <linux/types.h>
30 #include <linux/kernel.h>
31 #include <linux/sched/signal.h>
32 #include <linux/string.h>
34 #include <linux/socket.h>
35 #include <linux/sockios.h>
37 #include <linux/errno.h>
38 #include <linux/interrupt.h>
39 #include <linux/if_addr.h>
40 #include <linux/if_ether.h>
41 #include <linux/inet.h>
42 #include <linux/netdevice.h>
43 #include <linux/etherdevice.h>
44 #include <linux/skbuff.h>
45 #include <linux/init.h>
46 #include <linux/notifier.h>
47 #include <linux/inetdevice.h>
48 #include <linux/igmp.h>
49 #include <linux/slab.h>
50 #include <linux/hash.h>
52 #include <linux/sysctl.h>
54 #include <linux/kmod.h>
55 #include <linux/netconf.h>
59 #include <net/route.h>
60 #include <net/ip_fib.h>
61 #include <net/rtnetlink.h>
62 #include <net/net_namespace.h>
63 #include <net/addrconf.h>
65 #define IPV6ONLY_FLAGS \
66 (IFA_F_NODAD | IFA_F_OPTIMISTIC | IFA_F_DADFAILED | \
67 IFA_F_HOMEADDRESS | IFA_F_TENTATIVE | \
68 IFA_F_MANAGETEMPADDR | IFA_F_STABLE_PRIVACY)
70 static struct ipv4_devconf ipv4_devconf = {
72 [IPV4_DEVCONF_ACCEPT_REDIRECTS - 1] = 1,
73 [IPV4_DEVCONF_SEND_REDIRECTS - 1] = 1,
74 [IPV4_DEVCONF_SECURE_REDIRECTS - 1] = 1,
75 [IPV4_DEVCONF_SHARED_MEDIA - 1] = 1,
76 [IPV4_DEVCONF_IGMPV2_UNSOLICITED_REPORT_INTERVAL - 1] = 10000 /*ms*/,
77 [IPV4_DEVCONF_IGMPV3_UNSOLICITED_REPORT_INTERVAL - 1] = 1000 /*ms*/,
81 static struct ipv4_devconf ipv4_devconf_dflt = {
83 [IPV4_DEVCONF_ACCEPT_REDIRECTS - 1] = 1,
84 [IPV4_DEVCONF_SEND_REDIRECTS - 1] = 1,
85 [IPV4_DEVCONF_SECURE_REDIRECTS - 1] = 1,
86 [IPV4_DEVCONF_SHARED_MEDIA - 1] = 1,
87 [IPV4_DEVCONF_ACCEPT_SOURCE_ROUTE - 1] = 1,
88 [IPV4_DEVCONF_IGMPV2_UNSOLICITED_REPORT_INTERVAL - 1] = 10000 /*ms*/,
89 [IPV4_DEVCONF_IGMPV3_UNSOLICITED_REPORT_INTERVAL - 1] = 1000 /*ms*/,
93 #define IPV4_DEVCONF_DFLT(net, attr) \
94 IPV4_DEVCONF((*net->ipv4.devconf_dflt), attr)
96 static const struct nla_policy ifa_ipv4_policy[IFA_MAX+1] = {
97 [IFA_LOCAL] = { .type = NLA_U32 },
98 [IFA_ADDRESS] = { .type = NLA_U32 },
99 [IFA_BROADCAST] = { .type = NLA_U32 },
100 [IFA_LABEL] = { .type = NLA_STRING, .len = IFNAMSIZ - 1 },
101 [IFA_CACHEINFO] = { .len = sizeof(struct ifa_cacheinfo) },
102 [IFA_FLAGS] = { .type = NLA_U32 },
103 [IFA_RT_PRIORITY] = { .type = NLA_U32 },
104 [IFA_TARGET_NETNSID] = { .type = NLA_S32 },
107 struct inet_fill_args {
116 #define IN4_ADDR_HSIZE_SHIFT 8
117 #define IN4_ADDR_HSIZE (1U << IN4_ADDR_HSIZE_SHIFT)
119 static struct hlist_head inet_addr_lst[IN4_ADDR_HSIZE];
121 static u32 inet_addr_hash(const struct net *net, __be32 addr)
123 u32 val = (__force u32) addr ^ net_hash_mix(net);
125 return hash_32(val, IN4_ADDR_HSIZE_SHIFT);
128 static void inet_hash_insert(struct net *net, struct in_ifaddr *ifa)
130 u32 hash = inet_addr_hash(net, ifa->ifa_local);
133 hlist_add_head_rcu(&ifa->hash, &inet_addr_lst[hash]);
136 static void inet_hash_remove(struct in_ifaddr *ifa)
139 hlist_del_init_rcu(&ifa->hash);
143 * __ip_dev_find - find the first device with a given source address.
144 * @net: the net namespace
145 * @addr: the source address
146 * @devref: if true, take a reference on the found device
148 * If a caller uses devref=false, it should be protected by RCU, or RTNL
150 struct net_device *__ip_dev_find(struct net *net, __be32 addr, bool devref)
152 struct net_device *result = NULL;
153 struct in_ifaddr *ifa;
156 ifa = inet_lookup_ifaddr_rcu(net, addr);
158 struct flowi4 fl4 = { .daddr = addr };
159 struct fib_result res = { 0 };
160 struct fib_table *local;
162 /* Fallback to FIB local table so that communication
163 * over loopback subnets work.
165 local = fib_get_table(net, RT_TABLE_LOCAL);
167 !fib_table_lookup(local, &fl4, &res, FIB_LOOKUP_NOREF) &&
168 res.type == RTN_LOCAL)
169 result = FIB_RES_DEV(res);
171 result = ifa->ifa_dev->dev;
173 if (result && devref)
178 EXPORT_SYMBOL(__ip_dev_find);
180 /* called under RCU lock */
181 struct in_ifaddr *inet_lookup_ifaddr_rcu(struct net *net, __be32 addr)
183 u32 hash = inet_addr_hash(net, addr);
184 struct in_ifaddr *ifa;
186 hlist_for_each_entry_rcu(ifa, &inet_addr_lst[hash], hash)
187 if (ifa->ifa_local == addr &&
188 net_eq(dev_net(ifa->ifa_dev->dev), net))
194 static void rtmsg_ifa(int event, struct in_ifaddr *, struct nlmsghdr *, u32);
196 static BLOCKING_NOTIFIER_HEAD(inetaddr_chain);
197 static BLOCKING_NOTIFIER_HEAD(inetaddr_validator_chain);
198 static void inet_del_ifa(struct in_device *in_dev, struct in_ifaddr **ifap,
201 static int devinet_sysctl_register(struct in_device *idev);
202 static void devinet_sysctl_unregister(struct in_device *idev);
204 static int devinet_sysctl_register(struct in_device *idev)
208 static void devinet_sysctl_unregister(struct in_device *idev)
213 /* Locks all the inet devices. */
215 static struct in_ifaddr *inet_alloc_ifa(void)
217 return kzalloc(sizeof(struct in_ifaddr), GFP_KERNEL);
220 static void inet_rcu_free_ifa(struct rcu_head *head)
222 struct in_ifaddr *ifa = container_of(head, struct in_ifaddr, rcu_head);
224 in_dev_put(ifa->ifa_dev);
228 static void inet_free_ifa(struct in_ifaddr *ifa)
230 call_rcu(&ifa->rcu_head, inet_rcu_free_ifa);
233 void in_dev_finish_destroy(struct in_device *idev)
235 struct net_device *dev = idev->dev;
237 WARN_ON(idev->ifa_list);
238 WARN_ON(idev->mc_list);
239 kfree(rcu_dereference_protected(idev->mc_hash, 1));
240 #ifdef NET_REFCNT_DEBUG
241 pr_debug("%s: %p=%s\n", __func__, idev, dev ? dev->name : "NIL");
245 pr_err("Freeing alive in_device %p\n", idev);
249 EXPORT_SYMBOL(in_dev_finish_destroy);
251 static struct in_device *inetdev_init(struct net_device *dev)
253 struct in_device *in_dev;
258 in_dev = kzalloc(sizeof(*in_dev), GFP_KERNEL);
261 memcpy(&in_dev->cnf, dev_net(dev)->ipv4.devconf_dflt,
262 sizeof(in_dev->cnf));
263 in_dev->cnf.sysctl = NULL;
265 in_dev->arp_parms = neigh_parms_alloc(dev, &arp_tbl);
266 if (!in_dev->arp_parms)
268 if (IPV4_DEVCONF(in_dev->cnf, FORWARDING))
269 dev_disable_lro(dev);
270 /* Reference in_dev->dev */
272 /* Account for reference dev->ip_ptr (below) */
273 refcount_set(&in_dev->refcnt, 1);
275 err = devinet_sysctl_register(in_dev);
282 ip_mc_init_dev(in_dev);
283 if (dev->flags & IFF_UP)
286 /* we can receive as soon as ip_ptr is set -- do this last */
287 rcu_assign_pointer(dev->ip_ptr, in_dev);
289 return in_dev ?: ERR_PTR(err);
296 static void in_dev_rcu_put(struct rcu_head *head)
298 struct in_device *idev = container_of(head, struct in_device, rcu_head);
302 static void inetdev_destroy(struct in_device *in_dev)
304 struct in_ifaddr *ifa;
305 struct net_device *dev;
313 ip_mc_destroy_dev(in_dev);
315 while ((ifa = in_dev->ifa_list) != NULL) {
316 inet_del_ifa(in_dev, &in_dev->ifa_list, 0);
320 RCU_INIT_POINTER(dev->ip_ptr, NULL);
322 devinet_sysctl_unregister(in_dev);
323 neigh_parms_release(&arp_tbl, in_dev->arp_parms);
326 call_rcu(&in_dev->rcu_head, in_dev_rcu_put);
329 int inet_addr_onlink(struct in_device *in_dev, __be32 a, __be32 b)
332 for_primary_ifa(in_dev) {
333 if (inet_ifa_match(a, ifa)) {
334 if (!b || inet_ifa_match(b, ifa)) {
339 } endfor_ifa(in_dev);
344 static void __inet_del_ifa(struct in_device *in_dev, struct in_ifaddr **ifap,
345 int destroy, struct nlmsghdr *nlh, u32 portid)
347 struct in_ifaddr *promote = NULL;
348 struct in_ifaddr *ifa, *ifa1 = *ifap;
349 struct in_ifaddr *last_prim = in_dev->ifa_list;
350 struct in_ifaddr *prev_prom = NULL;
351 int do_promote = IN_DEV_PROMOTE_SECONDARIES(in_dev);
358 /* 1. Deleting primary ifaddr forces deletion all secondaries
359 * unless alias promotion is set
362 if (!(ifa1->ifa_flags & IFA_F_SECONDARY)) {
363 struct in_ifaddr **ifap1 = &ifa1->ifa_next;
365 while ((ifa = *ifap1) != NULL) {
366 if (!(ifa->ifa_flags & IFA_F_SECONDARY) &&
367 ifa1->ifa_scope <= ifa->ifa_scope)
370 if (!(ifa->ifa_flags & IFA_F_SECONDARY) ||
371 ifa1->ifa_mask != ifa->ifa_mask ||
372 !inet_ifa_match(ifa1->ifa_address, ifa)) {
373 ifap1 = &ifa->ifa_next;
379 inet_hash_remove(ifa);
380 *ifap1 = ifa->ifa_next;
382 rtmsg_ifa(RTM_DELADDR, ifa, nlh, portid);
383 blocking_notifier_call_chain(&inetaddr_chain,
393 /* On promotion all secondaries from subnet are changing
394 * the primary IP, we must remove all their routes silently
395 * and later to add them back with new prefsrc. Do this
396 * while all addresses are on the device list.
398 for (ifa = promote; ifa; ifa = ifa->ifa_next) {
399 if (ifa1->ifa_mask == ifa->ifa_mask &&
400 inet_ifa_match(ifa1->ifa_address, ifa))
401 fib_del_ifaddr(ifa, ifa1);
407 *ifap = ifa1->ifa_next;
408 inet_hash_remove(ifa1);
410 /* 3. Announce address deletion */
412 /* Send message first, then call notifier.
413 At first sight, FIB update triggered by notifier
414 will refer to already deleted ifaddr, that could confuse
415 netlink listeners. It is not true: look, gated sees
416 that route deleted and if it still thinks that ifaddr
417 is valid, it will try to restore deleted routes... Grr.
418 So that, this order is correct.
420 rtmsg_ifa(RTM_DELADDR, ifa1, nlh, portid);
421 blocking_notifier_call_chain(&inetaddr_chain, NETDEV_DOWN, ifa1);
424 struct in_ifaddr *next_sec = promote->ifa_next;
427 prev_prom->ifa_next = promote->ifa_next;
428 promote->ifa_next = last_prim->ifa_next;
429 last_prim->ifa_next = promote;
432 promote->ifa_flags &= ~IFA_F_SECONDARY;
433 rtmsg_ifa(RTM_NEWADDR, promote, nlh, portid);
434 blocking_notifier_call_chain(&inetaddr_chain,
436 for (ifa = next_sec; ifa; ifa = ifa->ifa_next) {
437 if (ifa1->ifa_mask != ifa->ifa_mask ||
438 !inet_ifa_match(ifa1->ifa_address, ifa))
448 static void inet_del_ifa(struct in_device *in_dev, struct in_ifaddr **ifap,
451 __inet_del_ifa(in_dev, ifap, destroy, NULL, 0);
454 static void check_lifetime(struct work_struct *work);
456 static DECLARE_DELAYED_WORK(check_lifetime_work, check_lifetime);
458 static int __inet_insert_ifa(struct in_ifaddr *ifa, struct nlmsghdr *nlh,
459 u32 portid, struct netlink_ext_ack *extack)
461 struct in_device *in_dev = ifa->ifa_dev;
462 struct in_ifaddr *ifa1, **ifap, **last_primary;
463 struct in_validator_info ivi;
468 if (!ifa->ifa_local) {
473 ifa->ifa_flags &= ~IFA_F_SECONDARY;
474 last_primary = &in_dev->ifa_list;
476 /* Don't set IPv6 only flags to IPv4 addresses */
477 ifa->ifa_flags &= ~IPV6ONLY_FLAGS;
479 for (ifap = &in_dev->ifa_list; (ifa1 = *ifap) != NULL;
480 ifap = &ifa1->ifa_next) {
481 if (!(ifa1->ifa_flags & IFA_F_SECONDARY) &&
482 ifa->ifa_scope <= ifa1->ifa_scope)
483 last_primary = &ifa1->ifa_next;
484 if (ifa1->ifa_mask == ifa->ifa_mask &&
485 inet_ifa_match(ifa1->ifa_address, ifa)) {
486 if (ifa1->ifa_local == ifa->ifa_local) {
490 if (ifa1->ifa_scope != ifa->ifa_scope) {
494 ifa->ifa_flags |= IFA_F_SECONDARY;
498 /* Allow any devices that wish to register ifaddr validtors to weigh
499 * in now, before changes are committed. The rntl lock is serializing
500 * access here, so the state should not change between a validator call
501 * and a final notify on commit. This isn't invoked on promotion under
502 * the assumption that validators are checking the address itself, and
505 ivi.ivi_addr = ifa->ifa_address;
506 ivi.ivi_dev = ifa->ifa_dev;
508 ret = blocking_notifier_call_chain(&inetaddr_validator_chain,
510 ret = notifier_to_errno(ret);
516 if (!(ifa->ifa_flags & IFA_F_SECONDARY)) {
517 prandom_seed((__force u32) ifa->ifa_local);
521 ifa->ifa_next = *ifap;
524 inet_hash_insert(dev_net(in_dev->dev), ifa);
526 cancel_delayed_work(&check_lifetime_work);
527 queue_delayed_work(system_power_efficient_wq, &check_lifetime_work, 0);
529 /* Send message first, then call notifier.
530 Notifier will trigger FIB update, so that
531 listeners of netlink will know about new ifaddr */
532 rtmsg_ifa(RTM_NEWADDR, ifa, nlh, portid);
533 blocking_notifier_call_chain(&inetaddr_chain, NETDEV_UP, ifa);
538 static int inet_insert_ifa(struct in_ifaddr *ifa)
540 return __inet_insert_ifa(ifa, NULL, 0, NULL);
543 static int inet_set_ifa(struct net_device *dev, struct in_ifaddr *ifa)
545 struct in_device *in_dev = __in_dev_get_rtnl(dev);
553 ipv4_devconf_setall(in_dev);
554 neigh_parms_data_state_setall(in_dev->arp_parms);
555 if (ifa->ifa_dev != in_dev) {
556 WARN_ON(ifa->ifa_dev);
558 ifa->ifa_dev = in_dev;
560 if (ipv4_is_loopback(ifa->ifa_local))
561 ifa->ifa_scope = RT_SCOPE_HOST;
562 return inet_insert_ifa(ifa);
565 /* Caller must hold RCU or RTNL :
566 * We dont take a reference on found in_device
568 struct in_device *inetdev_by_index(struct net *net, int ifindex)
570 struct net_device *dev;
571 struct in_device *in_dev = NULL;
574 dev = dev_get_by_index_rcu(net, ifindex);
576 in_dev = rcu_dereference_rtnl(dev->ip_ptr);
580 EXPORT_SYMBOL(inetdev_by_index);
582 /* Called only from RTNL semaphored context. No locks. */
584 struct in_ifaddr *inet_ifa_byprefix(struct in_device *in_dev, __be32 prefix,
589 for_primary_ifa(in_dev) {
590 if (ifa->ifa_mask == mask && inet_ifa_match(prefix, ifa))
592 } endfor_ifa(in_dev);
596 static int ip_mc_config(struct sock *sk, bool join, const struct in_ifaddr *ifa)
598 struct ip_mreqn mreq = {
599 .imr_multiaddr.s_addr = ifa->ifa_address,
600 .imr_ifindex = ifa->ifa_dev->dev->ifindex,
608 ret = ip_mc_join_group(sk, &mreq);
610 ret = ip_mc_leave_group(sk, &mreq);
616 static int inet_rtm_deladdr(struct sk_buff *skb, struct nlmsghdr *nlh,
617 struct netlink_ext_ack *extack)
619 struct net *net = sock_net(skb->sk);
620 struct nlattr *tb[IFA_MAX+1];
621 struct in_device *in_dev;
622 struct ifaddrmsg *ifm;
623 struct in_ifaddr *ifa, **ifap;
628 err = nlmsg_parse_deprecated(nlh, sizeof(*ifm), tb, IFA_MAX,
629 ifa_ipv4_policy, extack);
633 ifm = nlmsg_data(nlh);
634 in_dev = inetdev_by_index(net, ifm->ifa_index);
640 for (ifap = &in_dev->ifa_list; (ifa = *ifap) != NULL;
641 ifap = &ifa->ifa_next) {
643 ifa->ifa_local != nla_get_in_addr(tb[IFA_LOCAL]))
646 if (tb[IFA_LABEL] && nla_strcmp(tb[IFA_LABEL], ifa->ifa_label))
649 if (tb[IFA_ADDRESS] &&
650 (ifm->ifa_prefixlen != ifa->ifa_prefixlen ||
651 !inet_ifa_match(nla_get_in_addr(tb[IFA_ADDRESS]), ifa)))
654 if (ipv4_is_multicast(ifa->ifa_address))
655 ip_mc_config(net->ipv4.mc_autojoin_sk, false, ifa);
656 __inet_del_ifa(in_dev, ifap, 1, nlh, NETLINK_CB(skb).portid);
660 err = -EADDRNOTAVAIL;
665 #define INFINITY_LIFE_TIME 0xFFFFFFFF
667 static void check_lifetime(struct work_struct *work)
669 unsigned long now, next, next_sec, next_sched;
670 struct in_ifaddr *ifa;
671 struct hlist_node *n;
675 next = round_jiffies_up(now + ADDR_CHECK_FREQUENCY);
677 for (i = 0; i < IN4_ADDR_HSIZE; i++) {
678 bool change_needed = false;
681 hlist_for_each_entry_rcu(ifa, &inet_addr_lst[i], hash) {
684 if (ifa->ifa_flags & IFA_F_PERMANENT)
687 /* We try to batch several events at once. */
688 age = (now - ifa->ifa_tstamp +
689 ADDRCONF_TIMER_FUZZ_MINUS) / HZ;
691 if (ifa->ifa_valid_lft != INFINITY_LIFE_TIME &&
692 age >= ifa->ifa_valid_lft) {
693 change_needed = true;
694 } else if (ifa->ifa_preferred_lft ==
695 INFINITY_LIFE_TIME) {
697 } else if (age >= ifa->ifa_preferred_lft) {
698 if (time_before(ifa->ifa_tstamp +
699 ifa->ifa_valid_lft * HZ, next))
700 next = ifa->ifa_tstamp +
701 ifa->ifa_valid_lft * HZ;
703 if (!(ifa->ifa_flags & IFA_F_DEPRECATED))
704 change_needed = true;
705 } else if (time_before(ifa->ifa_tstamp +
706 ifa->ifa_preferred_lft * HZ,
708 next = ifa->ifa_tstamp +
709 ifa->ifa_preferred_lft * HZ;
716 hlist_for_each_entry_safe(ifa, n, &inet_addr_lst[i], hash) {
719 if (ifa->ifa_flags & IFA_F_PERMANENT)
722 /* We try to batch several events at once. */
723 age = (now - ifa->ifa_tstamp +
724 ADDRCONF_TIMER_FUZZ_MINUS) / HZ;
726 if (ifa->ifa_valid_lft != INFINITY_LIFE_TIME &&
727 age >= ifa->ifa_valid_lft) {
728 struct in_ifaddr **ifap;
730 for (ifap = &ifa->ifa_dev->ifa_list;
731 *ifap != NULL; ifap = &(*ifap)->ifa_next) {
733 inet_del_ifa(ifa->ifa_dev,
738 } else if (ifa->ifa_preferred_lft !=
739 INFINITY_LIFE_TIME &&
740 age >= ifa->ifa_preferred_lft &&
741 !(ifa->ifa_flags & IFA_F_DEPRECATED)) {
742 ifa->ifa_flags |= IFA_F_DEPRECATED;
743 rtmsg_ifa(RTM_NEWADDR, ifa, NULL, 0);
749 next_sec = round_jiffies_up(next);
752 /* If rounded timeout is accurate enough, accept it. */
753 if (time_before(next_sec, next + ADDRCONF_TIMER_FUZZ))
754 next_sched = next_sec;
757 /* And minimum interval is ADDRCONF_TIMER_FUZZ_MAX. */
758 if (time_before(next_sched, now + ADDRCONF_TIMER_FUZZ_MAX))
759 next_sched = now + ADDRCONF_TIMER_FUZZ_MAX;
761 queue_delayed_work(system_power_efficient_wq, &check_lifetime_work,
765 static void set_ifa_lifetime(struct in_ifaddr *ifa, __u32 valid_lft,
768 unsigned long timeout;
770 ifa->ifa_flags &= ~(IFA_F_PERMANENT | IFA_F_DEPRECATED);
772 timeout = addrconf_timeout_fixup(valid_lft, HZ);
773 if (addrconf_finite_timeout(timeout))
774 ifa->ifa_valid_lft = timeout;
776 ifa->ifa_flags |= IFA_F_PERMANENT;
778 timeout = addrconf_timeout_fixup(prefered_lft, HZ);
779 if (addrconf_finite_timeout(timeout)) {
781 ifa->ifa_flags |= IFA_F_DEPRECATED;
782 ifa->ifa_preferred_lft = timeout;
784 ifa->ifa_tstamp = jiffies;
785 if (!ifa->ifa_cstamp)
786 ifa->ifa_cstamp = ifa->ifa_tstamp;
789 static struct in_ifaddr *rtm_to_ifaddr(struct net *net, struct nlmsghdr *nlh,
790 __u32 *pvalid_lft, __u32 *pprefered_lft,
791 struct netlink_ext_ack *extack)
793 struct nlattr *tb[IFA_MAX+1];
794 struct in_ifaddr *ifa;
795 struct ifaddrmsg *ifm;
796 struct net_device *dev;
797 struct in_device *in_dev;
800 err = nlmsg_parse_deprecated(nlh, sizeof(*ifm), tb, IFA_MAX,
801 ifa_ipv4_policy, extack);
805 ifm = nlmsg_data(nlh);
807 if (ifm->ifa_prefixlen > 32 || !tb[IFA_LOCAL])
810 dev = __dev_get_by_index(net, ifm->ifa_index);
815 in_dev = __in_dev_get_rtnl(dev);
820 ifa = inet_alloc_ifa();
823 * A potential indev allocation can be left alive, it stays
824 * assigned to its device and is destroy with it.
828 ipv4_devconf_setall(in_dev);
829 neigh_parms_data_state_setall(in_dev->arp_parms);
832 if (!tb[IFA_ADDRESS])
833 tb[IFA_ADDRESS] = tb[IFA_LOCAL];
835 INIT_HLIST_NODE(&ifa->hash);
836 ifa->ifa_prefixlen = ifm->ifa_prefixlen;
837 ifa->ifa_mask = inet_make_mask(ifm->ifa_prefixlen);
838 ifa->ifa_flags = tb[IFA_FLAGS] ? nla_get_u32(tb[IFA_FLAGS]) :
840 ifa->ifa_scope = ifm->ifa_scope;
841 ifa->ifa_dev = in_dev;
843 ifa->ifa_local = nla_get_in_addr(tb[IFA_LOCAL]);
844 ifa->ifa_address = nla_get_in_addr(tb[IFA_ADDRESS]);
846 if (tb[IFA_BROADCAST])
847 ifa->ifa_broadcast = nla_get_in_addr(tb[IFA_BROADCAST]);
850 nla_strlcpy(ifa->ifa_label, tb[IFA_LABEL], IFNAMSIZ);
852 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
854 if (tb[IFA_RT_PRIORITY])
855 ifa->ifa_rt_priority = nla_get_u32(tb[IFA_RT_PRIORITY]);
857 if (tb[IFA_CACHEINFO]) {
858 struct ifa_cacheinfo *ci;
860 ci = nla_data(tb[IFA_CACHEINFO]);
861 if (!ci->ifa_valid || ci->ifa_prefered > ci->ifa_valid) {
865 *pvalid_lft = ci->ifa_valid;
866 *pprefered_lft = ci->ifa_prefered;
877 static struct in_ifaddr *find_matching_ifa(struct in_ifaddr *ifa)
879 struct in_device *in_dev = ifa->ifa_dev;
880 struct in_ifaddr *ifa1, **ifap;
885 for (ifap = &in_dev->ifa_list; (ifa1 = *ifap) != NULL;
886 ifap = &ifa1->ifa_next) {
887 if (ifa1->ifa_mask == ifa->ifa_mask &&
888 inet_ifa_match(ifa1->ifa_address, ifa) &&
889 ifa1->ifa_local == ifa->ifa_local)
895 static int inet_rtm_newaddr(struct sk_buff *skb, struct nlmsghdr *nlh,
896 struct netlink_ext_ack *extack)
898 struct net *net = sock_net(skb->sk);
899 struct in_ifaddr *ifa;
900 struct in_ifaddr *ifa_existing;
901 __u32 valid_lft = INFINITY_LIFE_TIME;
902 __u32 prefered_lft = INFINITY_LIFE_TIME;
906 ifa = rtm_to_ifaddr(net, nlh, &valid_lft, &prefered_lft, extack);
910 ifa_existing = find_matching_ifa(ifa);
912 /* It would be best to check for !NLM_F_CREATE here but
913 * userspace already relies on not having to provide this.
915 set_ifa_lifetime(ifa, valid_lft, prefered_lft);
916 if (ifa->ifa_flags & IFA_F_MCAUTOJOIN) {
917 int ret = ip_mc_config(net->ipv4.mc_autojoin_sk,
925 return __inet_insert_ifa(ifa, nlh, NETLINK_CB(skb).portid,
928 u32 new_metric = ifa->ifa_rt_priority;
932 if (nlh->nlmsg_flags & NLM_F_EXCL ||
933 !(nlh->nlmsg_flags & NLM_F_REPLACE))
937 if (ifa->ifa_rt_priority != new_metric) {
938 fib_modify_prefix_metric(ifa, new_metric);
939 ifa->ifa_rt_priority = new_metric;
942 set_ifa_lifetime(ifa, valid_lft, prefered_lft);
943 cancel_delayed_work(&check_lifetime_work);
944 queue_delayed_work(system_power_efficient_wq,
945 &check_lifetime_work, 0);
946 rtmsg_ifa(RTM_NEWADDR, ifa, nlh, NETLINK_CB(skb).portid);
952 * Determine a default network mask, based on the IP address.
955 static int inet_abc_len(__be32 addr)
957 int rc = -1; /* Something else, probably a multicast. */
959 if (ipv4_is_zeronet(addr) || ipv4_is_lbcast(addr))
962 __u32 haddr = ntohl(addr);
963 if (IN_CLASSA(haddr))
965 else if (IN_CLASSB(haddr))
967 else if (IN_CLASSC(haddr))
969 else if (IN_CLASSE(haddr))
977 int devinet_ioctl(struct net *net, unsigned int cmd, struct ifreq *ifr)
979 struct sockaddr_in sin_orig;
980 struct sockaddr_in *sin = (struct sockaddr_in *)&ifr->ifr_addr;
981 struct in_device *in_dev;
982 struct in_ifaddr **ifap = NULL;
983 struct in_ifaddr *ifa = NULL;
984 struct net_device *dev;
987 int tryaddrmatch = 0;
989 ifr->ifr_name[IFNAMSIZ - 1] = 0;
991 /* save original address for comparison */
992 memcpy(&sin_orig, sin, sizeof(*sin));
994 colon = strchr(ifr->ifr_name, ':');
998 dev_load(net, ifr->ifr_name);
1001 case SIOCGIFADDR: /* Get interface address */
1002 case SIOCGIFBRDADDR: /* Get the broadcast address */
1003 case SIOCGIFDSTADDR: /* Get the destination address */
1004 case SIOCGIFNETMASK: /* Get the netmask for the interface */
1005 /* Note that these ioctls will not sleep,
1006 so that we do not impose a lock.
1007 One day we will be forced to put shlock here (I mean SMP)
1009 tryaddrmatch = (sin_orig.sin_family == AF_INET);
1010 memset(sin, 0, sizeof(*sin));
1011 sin->sin_family = AF_INET;
1016 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
1019 case SIOCSIFADDR: /* Set interface address (and family) */
1020 case SIOCSIFBRDADDR: /* Set the broadcast address */
1021 case SIOCSIFDSTADDR: /* Set the destination address */
1022 case SIOCSIFNETMASK: /* Set the netmask for the interface */
1024 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
1027 if (sin->sin_family != AF_INET)
1038 dev = __dev_get_by_name(net, ifr->ifr_name);
1045 in_dev = __in_dev_get_rtnl(dev);
1048 /* Matthias Andree */
1049 /* compare label and address (4.4BSD style) */
1050 /* note: we only do this for a limited set of ioctls
1051 and only if the original address family was AF_INET.
1052 This is checked above. */
1053 for (ifap = &in_dev->ifa_list; (ifa = *ifap) != NULL;
1054 ifap = &ifa->ifa_next) {
1055 if (!strcmp(ifr->ifr_name, ifa->ifa_label) &&
1056 sin_orig.sin_addr.s_addr ==
1062 /* we didn't get a match, maybe the application is
1063 4.3BSD-style and passed in junk so we fall back to
1064 comparing just the label */
1066 for (ifap = &in_dev->ifa_list; (ifa = *ifap) != NULL;
1067 ifap = &ifa->ifa_next)
1068 if (!strcmp(ifr->ifr_name, ifa->ifa_label))
1073 ret = -EADDRNOTAVAIL;
1074 if (!ifa && cmd != SIOCSIFADDR && cmd != SIOCSIFFLAGS)
1078 case SIOCGIFADDR: /* Get interface address */
1080 sin->sin_addr.s_addr = ifa->ifa_local;
1083 case SIOCGIFBRDADDR: /* Get the broadcast address */
1085 sin->sin_addr.s_addr = ifa->ifa_broadcast;
1088 case SIOCGIFDSTADDR: /* Get the destination address */
1090 sin->sin_addr.s_addr = ifa->ifa_address;
1093 case SIOCGIFNETMASK: /* Get the netmask for the interface */
1095 sin->sin_addr.s_addr = ifa->ifa_mask;
1100 ret = -EADDRNOTAVAIL;
1104 if (!(ifr->ifr_flags & IFF_UP))
1105 inet_del_ifa(in_dev, ifap, 1);
1108 ret = dev_change_flags(dev, ifr->ifr_flags, NULL);
1111 case SIOCSIFADDR: /* Set interface address (and family) */
1113 if (inet_abc_len(sin->sin_addr.s_addr) < 0)
1118 ifa = inet_alloc_ifa();
1121 INIT_HLIST_NODE(&ifa->hash);
1123 memcpy(ifa->ifa_label, ifr->ifr_name, IFNAMSIZ);
1125 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
1128 if (ifa->ifa_local == sin->sin_addr.s_addr)
1130 inet_del_ifa(in_dev, ifap, 0);
1131 ifa->ifa_broadcast = 0;
1135 ifa->ifa_address = ifa->ifa_local = sin->sin_addr.s_addr;
1137 if (!(dev->flags & IFF_POINTOPOINT)) {
1138 ifa->ifa_prefixlen = inet_abc_len(ifa->ifa_address);
1139 ifa->ifa_mask = inet_make_mask(ifa->ifa_prefixlen);
1140 if ((dev->flags & IFF_BROADCAST) &&
1141 ifa->ifa_prefixlen < 31)
1142 ifa->ifa_broadcast = ifa->ifa_address |
1145 ifa->ifa_prefixlen = 32;
1146 ifa->ifa_mask = inet_make_mask(32);
1148 set_ifa_lifetime(ifa, INFINITY_LIFE_TIME, INFINITY_LIFE_TIME);
1149 ret = inet_set_ifa(dev, ifa);
1152 case SIOCSIFBRDADDR: /* Set the broadcast address */
1154 if (ifa->ifa_broadcast != sin->sin_addr.s_addr) {
1155 inet_del_ifa(in_dev, ifap, 0);
1156 ifa->ifa_broadcast = sin->sin_addr.s_addr;
1157 inet_insert_ifa(ifa);
1161 case SIOCSIFDSTADDR: /* Set the destination address */
1163 if (ifa->ifa_address == sin->sin_addr.s_addr)
1166 if (inet_abc_len(sin->sin_addr.s_addr) < 0)
1169 inet_del_ifa(in_dev, ifap, 0);
1170 ifa->ifa_address = sin->sin_addr.s_addr;
1171 inet_insert_ifa(ifa);
1174 case SIOCSIFNETMASK: /* Set the netmask for the interface */
1177 * The mask we set must be legal.
1180 if (bad_mask(sin->sin_addr.s_addr, 0))
1183 if (ifa->ifa_mask != sin->sin_addr.s_addr) {
1184 __be32 old_mask = ifa->ifa_mask;
1185 inet_del_ifa(in_dev, ifap, 0);
1186 ifa->ifa_mask = sin->sin_addr.s_addr;
1187 ifa->ifa_prefixlen = inet_mask_len(ifa->ifa_mask);
1189 /* See if current broadcast address matches
1190 * with current netmask, then recalculate
1191 * the broadcast address. Otherwise it's a
1192 * funny address, so don't touch it since
1193 * the user seems to know what (s)he's doing...
1195 if ((dev->flags & IFF_BROADCAST) &&
1196 (ifa->ifa_prefixlen < 31) &&
1197 (ifa->ifa_broadcast ==
1198 (ifa->ifa_local|~old_mask))) {
1199 ifa->ifa_broadcast = (ifa->ifa_local |
1200 ~sin->sin_addr.s_addr);
1202 inet_insert_ifa(ifa);
1212 static int inet_gifconf(struct net_device *dev, char __user *buf, int len, int size)
1214 struct in_device *in_dev = __in_dev_get_rtnl(dev);
1215 struct in_ifaddr *ifa;
1219 if (WARN_ON(size > sizeof(struct ifreq)))
1225 for (ifa = in_dev->ifa_list; ifa; ifa = ifa->ifa_next) {
1232 memset(&ifr, 0, sizeof(struct ifreq));
1233 strcpy(ifr.ifr_name, ifa->ifa_label);
1235 (*(struct sockaddr_in *)&ifr.ifr_addr).sin_family = AF_INET;
1236 (*(struct sockaddr_in *)&ifr.ifr_addr).sin_addr.s_addr =
1239 if (copy_to_user(buf + done, &ifr, size)) {
1250 static __be32 in_dev_select_addr(const struct in_device *in_dev,
1253 for_primary_ifa(in_dev) {
1254 if (ifa->ifa_scope != RT_SCOPE_LINK &&
1255 ifa->ifa_scope <= scope)
1256 return ifa->ifa_local;
1257 } endfor_ifa(in_dev);
1262 __be32 inet_select_addr(const struct net_device *dev, __be32 dst, int scope)
1265 struct in_device *in_dev;
1266 struct net *net = dev_net(dev);
1270 in_dev = __in_dev_get_rcu(dev);
1274 for_primary_ifa(in_dev) {
1275 if (ifa->ifa_scope > scope)
1277 if (!dst || inet_ifa_match(dst, ifa)) {
1278 addr = ifa->ifa_local;
1282 addr = ifa->ifa_local;
1283 } endfor_ifa(in_dev);
1288 master_idx = l3mdev_master_ifindex_rcu(dev);
1290 /* For VRFs, the VRF device takes the place of the loopback device,
1291 * with addresses on it being preferred. Note in such cases the
1292 * loopback device will be among the devices that fail the master_idx
1293 * equality check in the loop below.
1296 (dev = dev_get_by_index_rcu(net, master_idx)) &&
1297 (in_dev = __in_dev_get_rcu(dev))) {
1298 addr = in_dev_select_addr(in_dev, scope);
1303 /* Not loopback addresses on loopback should be preferred
1304 in this case. It is important that lo is the first interface
1307 for_each_netdev_rcu(net, dev) {
1308 if (l3mdev_master_ifindex_rcu(dev) != master_idx)
1311 in_dev = __in_dev_get_rcu(dev);
1315 addr = in_dev_select_addr(in_dev, scope);
1323 EXPORT_SYMBOL(inet_select_addr);
1325 static __be32 confirm_addr_indev(struct in_device *in_dev, __be32 dst,
1326 __be32 local, int scope)
1333 (local == ifa->ifa_local || !local) &&
1334 ifa->ifa_scope <= scope) {
1335 addr = ifa->ifa_local;
1340 same = (!local || inet_ifa_match(local, ifa)) &&
1341 (!dst || inet_ifa_match(dst, ifa));
1345 /* Is the selected addr into dst subnet? */
1346 if (inet_ifa_match(addr, ifa))
1348 /* No, then can we use new local src? */
1349 if (ifa->ifa_scope <= scope) {
1350 addr = ifa->ifa_local;
1353 /* search for large dst subnet for addr */
1357 } endfor_ifa(in_dev);
1359 return same ? addr : 0;
1363 * Confirm that local IP address exists using wildcards:
1364 * - net: netns to check, cannot be NULL
1365 * - in_dev: only on this interface, NULL=any interface
1366 * - dst: only in the same subnet as dst, 0=any dst
1367 * - local: address, 0=autoselect the local address
1368 * - scope: maximum allowed scope value for the local address
1370 __be32 inet_confirm_addr(struct net *net, struct in_device *in_dev,
1371 __be32 dst, __be32 local, int scope)
1374 struct net_device *dev;
1377 return confirm_addr_indev(in_dev, dst, local, scope);
1380 for_each_netdev_rcu(net, dev) {
1381 in_dev = __in_dev_get_rcu(dev);
1383 addr = confirm_addr_indev(in_dev, dst, local, scope);
1392 EXPORT_SYMBOL(inet_confirm_addr);
1398 int register_inetaddr_notifier(struct notifier_block *nb)
1400 return blocking_notifier_chain_register(&inetaddr_chain, nb);
1402 EXPORT_SYMBOL(register_inetaddr_notifier);
1404 int unregister_inetaddr_notifier(struct notifier_block *nb)
1406 return blocking_notifier_chain_unregister(&inetaddr_chain, nb);
1408 EXPORT_SYMBOL(unregister_inetaddr_notifier);
1410 int register_inetaddr_validator_notifier(struct notifier_block *nb)
1412 return blocking_notifier_chain_register(&inetaddr_validator_chain, nb);
1414 EXPORT_SYMBOL(register_inetaddr_validator_notifier);
1416 int unregister_inetaddr_validator_notifier(struct notifier_block *nb)
1418 return blocking_notifier_chain_unregister(&inetaddr_validator_chain,
1421 EXPORT_SYMBOL(unregister_inetaddr_validator_notifier);
1423 /* Rename ifa_labels for a device name change. Make some effort to preserve
1424 * existing alias numbering and to create unique labels if possible.
1426 static void inetdev_changename(struct net_device *dev, struct in_device *in_dev)
1428 struct in_ifaddr *ifa;
1431 for (ifa = in_dev->ifa_list; ifa; ifa = ifa->ifa_next) {
1432 char old[IFNAMSIZ], *dot;
1434 memcpy(old, ifa->ifa_label, IFNAMSIZ);
1435 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
1438 dot = strchr(old, ':');
1440 sprintf(old, ":%d", named);
1443 if (strlen(dot) + strlen(dev->name) < IFNAMSIZ)
1444 strcat(ifa->ifa_label, dot);
1446 strcpy(ifa->ifa_label + (IFNAMSIZ - strlen(dot) - 1), dot);
1448 rtmsg_ifa(RTM_NEWADDR, ifa, NULL, 0);
1452 static bool inetdev_valid_mtu(unsigned int mtu)
1454 return mtu >= IPV4_MIN_MTU;
1457 static void inetdev_send_gratuitous_arp(struct net_device *dev,
1458 struct in_device *in_dev)
1461 struct in_ifaddr *ifa;
1463 for (ifa = in_dev->ifa_list; ifa;
1464 ifa = ifa->ifa_next) {
1465 arp_send(ARPOP_REQUEST, ETH_P_ARP,
1466 ifa->ifa_local, dev,
1467 ifa->ifa_local, NULL,
1468 dev->dev_addr, NULL);
1472 /* Called only under RTNL semaphore */
1474 static int inetdev_event(struct notifier_block *this, unsigned long event,
1477 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
1478 struct in_device *in_dev = __in_dev_get_rtnl(dev);
1483 if (event == NETDEV_REGISTER) {
1484 in_dev = inetdev_init(dev);
1486 return notifier_from_errno(PTR_ERR(in_dev));
1487 if (dev->flags & IFF_LOOPBACK) {
1488 IN_DEV_CONF_SET(in_dev, NOXFRM, 1);
1489 IN_DEV_CONF_SET(in_dev, NOPOLICY, 1);
1491 } else if (event == NETDEV_CHANGEMTU) {
1492 /* Re-enabling IP */
1493 if (inetdev_valid_mtu(dev->mtu))
1494 in_dev = inetdev_init(dev);
1500 case NETDEV_REGISTER:
1501 pr_debug("%s: bug\n", __func__);
1502 RCU_INIT_POINTER(dev->ip_ptr, NULL);
1505 if (!inetdev_valid_mtu(dev->mtu))
1507 if (dev->flags & IFF_LOOPBACK) {
1508 struct in_ifaddr *ifa = inet_alloc_ifa();
1511 INIT_HLIST_NODE(&ifa->hash);
1513 ifa->ifa_address = htonl(INADDR_LOOPBACK);
1514 ifa->ifa_prefixlen = 8;
1515 ifa->ifa_mask = inet_make_mask(8);
1516 in_dev_hold(in_dev);
1517 ifa->ifa_dev = in_dev;
1518 ifa->ifa_scope = RT_SCOPE_HOST;
1519 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
1520 set_ifa_lifetime(ifa, INFINITY_LIFE_TIME,
1521 INFINITY_LIFE_TIME);
1522 ipv4_devconf_setall(in_dev);
1523 neigh_parms_data_state_setall(in_dev->arp_parms);
1524 inet_insert_ifa(ifa);
1529 case NETDEV_CHANGEADDR:
1530 if (!IN_DEV_ARP_NOTIFY(in_dev))
1533 case NETDEV_NOTIFY_PEERS:
1534 /* Send gratuitous ARP to notify of link change */
1535 inetdev_send_gratuitous_arp(dev, in_dev);
1540 case NETDEV_PRE_TYPE_CHANGE:
1541 ip_mc_unmap(in_dev);
1543 case NETDEV_POST_TYPE_CHANGE:
1544 ip_mc_remap(in_dev);
1546 case NETDEV_CHANGEMTU:
1547 if (inetdev_valid_mtu(dev->mtu))
1549 /* disable IP when MTU is not enough */
1551 case NETDEV_UNREGISTER:
1552 inetdev_destroy(in_dev);
1554 case NETDEV_CHANGENAME:
1555 /* Do not notify about label change, this event is
1556 * not interesting to applications using netlink.
1558 inetdev_changename(dev, in_dev);
1560 devinet_sysctl_unregister(in_dev);
1561 devinet_sysctl_register(in_dev);
1568 static struct notifier_block ip_netdev_notifier = {
1569 .notifier_call = inetdev_event,
1572 static size_t inet_nlmsg_size(void)
1574 return NLMSG_ALIGN(sizeof(struct ifaddrmsg))
1575 + nla_total_size(4) /* IFA_ADDRESS */
1576 + nla_total_size(4) /* IFA_LOCAL */
1577 + nla_total_size(4) /* IFA_BROADCAST */
1578 + nla_total_size(IFNAMSIZ) /* IFA_LABEL */
1579 + nla_total_size(4) /* IFA_FLAGS */
1580 + nla_total_size(4) /* IFA_RT_PRIORITY */
1581 + nla_total_size(sizeof(struct ifa_cacheinfo)); /* IFA_CACHEINFO */
1584 static inline u32 cstamp_delta(unsigned long cstamp)
1586 return (cstamp - INITIAL_JIFFIES) * 100UL / HZ;
1589 static int put_cacheinfo(struct sk_buff *skb, unsigned long cstamp,
1590 unsigned long tstamp, u32 preferred, u32 valid)
1592 struct ifa_cacheinfo ci;
1594 ci.cstamp = cstamp_delta(cstamp);
1595 ci.tstamp = cstamp_delta(tstamp);
1596 ci.ifa_prefered = preferred;
1597 ci.ifa_valid = valid;
1599 return nla_put(skb, IFA_CACHEINFO, sizeof(ci), &ci);
1602 static int inet_fill_ifaddr(struct sk_buff *skb, struct in_ifaddr *ifa,
1603 struct inet_fill_args *args)
1605 struct ifaddrmsg *ifm;
1606 struct nlmsghdr *nlh;
1607 u32 preferred, valid;
1609 nlh = nlmsg_put(skb, args->portid, args->seq, args->event, sizeof(*ifm),
1614 ifm = nlmsg_data(nlh);
1615 ifm->ifa_family = AF_INET;
1616 ifm->ifa_prefixlen = ifa->ifa_prefixlen;
1617 ifm->ifa_flags = ifa->ifa_flags;
1618 ifm->ifa_scope = ifa->ifa_scope;
1619 ifm->ifa_index = ifa->ifa_dev->dev->ifindex;
1621 if (args->netnsid >= 0 &&
1622 nla_put_s32(skb, IFA_TARGET_NETNSID, args->netnsid))
1623 goto nla_put_failure;
1625 if (!(ifm->ifa_flags & IFA_F_PERMANENT)) {
1626 preferred = ifa->ifa_preferred_lft;
1627 valid = ifa->ifa_valid_lft;
1628 if (preferred != INFINITY_LIFE_TIME) {
1629 long tval = (jiffies - ifa->ifa_tstamp) / HZ;
1631 if (preferred > tval)
1635 if (valid != INFINITY_LIFE_TIME) {
1643 preferred = INFINITY_LIFE_TIME;
1644 valid = INFINITY_LIFE_TIME;
1646 if ((ifa->ifa_address &&
1647 nla_put_in_addr(skb, IFA_ADDRESS, ifa->ifa_address)) ||
1649 nla_put_in_addr(skb, IFA_LOCAL, ifa->ifa_local)) ||
1650 (ifa->ifa_broadcast &&
1651 nla_put_in_addr(skb, IFA_BROADCAST, ifa->ifa_broadcast)) ||
1652 (ifa->ifa_label[0] &&
1653 nla_put_string(skb, IFA_LABEL, ifa->ifa_label)) ||
1654 nla_put_u32(skb, IFA_FLAGS, ifa->ifa_flags) ||
1655 (ifa->ifa_rt_priority &&
1656 nla_put_u32(skb, IFA_RT_PRIORITY, ifa->ifa_rt_priority)) ||
1657 put_cacheinfo(skb, ifa->ifa_cstamp, ifa->ifa_tstamp,
1659 goto nla_put_failure;
1661 nlmsg_end(skb, nlh);
1665 nlmsg_cancel(skb, nlh);
1669 static int inet_valid_dump_ifaddr_req(const struct nlmsghdr *nlh,
1670 struct inet_fill_args *fillargs,
1671 struct net **tgt_net, struct sock *sk,
1672 struct netlink_callback *cb)
1674 struct netlink_ext_ack *extack = cb->extack;
1675 struct nlattr *tb[IFA_MAX+1];
1676 struct ifaddrmsg *ifm;
1679 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*ifm))) {
1680 NL_SET_ERR_MSG(extack, "ipv4: Invalid header for address dump request");
1684 ifm = nlmsg_data(nlh);
1685 if (ifm->ifa_prefixlen || ifm->ifa_flags || ifm->ifa_scope) {
1686 NL_SET_ERR_MSG(extack, "ipv4: Invalid values in header for address dump request");
1690 fillargs->ifindex = ifm->ifa_index;
1691 if (fillargs->ifindex) {
1692 cb->answer_flags |= NLM_F_DUMP_FILTERED;
1693 fillargs->flags |= NLM_F_DUMP_FILTERED;
1696 err = nlmsg_parse_deprecated_strict(nlh, sizeof(*ifm), tb, IFA_MAX,
1697 ifa_ipv4_policy, extack);
1701 for (i = 0; i <= IFA_MAX; ++i) {
1705 if (i == IFA_TARGET_NETNSID) {
1708 fillargs->netnsid = nla_get_s32(tb[i]);
1710 net = rtnl_get_net_ns_capable(sk, fillargs->netnsid);
1712 fillargs->netnsid = -1;
1713 NL_SET_ERR_MSG(extack, "ipv4: Invalid target network namespace id");
1714 return PTR_ERR(net);
1718 NL_SET_ERR_MSG(extack, "ipv4: Unsupported attribute in dump request");
1726 static int in_dev_dump_addr(struct in_device *in_dev, struct sk_buff *skb,
1727 struct netlink_callback *cb, int s_ip_idx,
1728 struct inet_fill_args *fillargs)
1730 struct in_ifaddr *ifa;
1734 for (ifa = in_dev->ifa_list; ifa; ifa = ifa->ifa_next, ip_idx++) {
1735 if (ip_idx < s_ip_idx)
1738 err = inet_fill_ifaddr(skb, ifa, fillargs);
1742 nl_dump_check_consistent(cb, nlmsg_hdr(skb));
1747 cb->args[2] = ip_idx;
1752 static int inet_dump_ifaddr(struct sk_buff *skb, struct netlink_callback *cb)
1754 const struct nlmsghdr *nlh = cb->nlh;
1755 struct inet_fill_args fillargs = {
1756 .portid = NETLINK_CB(cb->skb).portid,
1757 .seq = nlh->nlmsg_seq,
1758 .event = RTM_NEWADDR,
1759 .flags = NLM_F_MULTI,
1762 struct net *net = sock_net(skb->sk);
1763 struct net *tgt_net = net;
1767 struct net_device *dev;
1768 struct in_device *in_dev;
1769 struct hlist_head *head;
1773 s_idx = idx = cb->args[1];
1774 s_ip_idx = cb->args[2];
1776 if (cb->strict_check) {
1777 err = inet_valid_dump_ifaddr_req(nlh, &fillargs, &tgt_net,
1783 if (fillargs.ifindex) {
1784 dev = __dev_get_by_index(tgt_net, fillargs.ifindex);
1790 in_dev = __in_dev_get_rtnl(dev);
1792 err = in_dev_dump_addr(in_dev, skb, cb, s_ip_idx,
1799 for (h = s_h; h < NETDEV_HASHENTRIES; h++, s_idx = 0) {
1801 head = &tgt_net->dev_index_head[h];
1803 cb->seq = atomic_read(&tgt_net->ipv4.dev_addr_genid) ^
1804 tgt_net->dev_base_seq;
1805 hlist_for_each_entry_rcu(dev, head, index_hlist) {
1808 if (h > s_h || idx > s_idx)
1810 in_dev = __in_dev_get_rcu(dev);
1814 err = in_dev_dump_addr(in_dev, skb, cb, s_ip_idx,
1830 if (fillargs.netnsid >= 0)
1833 return skb->len ? : err;
1836 static void rtmsg_ifa(int event, struct in_ifaddr *ifa, struct nlmsghdr *nlh,
1839 struct inet_fill_args fillargs = {
1841 .seq = nlh ? nlh->nlmsg_seq : 0,
1846 struct sk_buff *skb;
1850 net = dev_net(ifa->ifa_dev->dev);
1851 skb = nlmsg_new(inet_nlmsg_size(), GFP_KERNEL);
1855 err = inet_fill_ifaddr(skb, ifa, &fillargs);
1857 /* -EMSGSIZE implies BUG in inet_nlmsg_size() */
1858 WARN_ON(err == -EMSGSIZE);
1862 rtnl_notify(skb, net, portid, RTNLGRP_IPV4_IFADDR, nlh, GFP_KERNEL);
1866 rtnl_set_sk_err(net, RTNLGRP_IPV4_IFADDR, err);
1869 static size_t inet_get_link_af_size(const struct net_device *dev,
1870 u32 ext_filter_mask)
1872 struct in_device *in_dev = rcu_dereference_rtnl(dev->ip_ptr);
1877 return nla_total_size(IPV4_DEVCONF_MAX * 4); /* IFLA_INET_CONF */
1880 static int inet_fill_link_af(struct sk_buff *skb, const struct net_device *dev,
1881 u32 ext_filter_mask)
1883 struct in_device *in_dev = rcu_dereference_rtnl(dev->ip_ptr);
1890 nla = nla_reserve(skb, IFLA_INET_CONF, IPV4_DEVCONF_MAX * 4);
1894 for (i = 0; i < IPV4_DEVCONF_MAX; i++)
1895 ((u32 *) nla_data(nla))[i] = in_dev->cnf.data[i];
1900 static const struct nla_policy inet_af_policy[IFLA_INET_MAX+1] = {
1901 [IFLA_INET_CONF] = { .type = NLA_NESTED },
1904 static int inet_validate_link_af(const struct net_device *dev,
1905 const struct nlattr *nla)
1907 struct nlattr *a, *tb[IFLA_INET_MAX+1];
1910 if (dev && !__in_dev_get_rcu(dev))
1911 return -EAFNOSUPPORT;
1913 err = nla_parse_nested_deprecated(tb, IFLA_INET_MAX, nla,
1914 inet_af_policy, NULL);
1918 if (tb[IFLA_INET_CONF]) {
1919 nla_for_each_nested(a, tb[IFLA_INET_CONF], rem) {
1920 int cfgid = nla_type(a);
1925 if (cfgid <= 0 || cfgid > IPV4_DEVCONF_MAX)
1933 static int inet_set_link_af(struct net_device *dev, const struct nlattr *nla)
1935 struct in_device *in_dev = __in_dev_get_rcu(dev);
1936 struct nlattr *a, *tb[IFLA_INET_MAX+1];
1940 return -EAFNOSUPPORT;
1942 if (nla_parse_nested_deprecated(tb, IFLA_INET_MAX, nla, NULL, NULL) < 0)
1945 if (tb[IFLA_INET_CONF]) {
1946 nla_for_each_nested(a, tb[IFLA_INET_CONF], rem)
1947 ipv4_devconf_set(in_dev, nla_type(a), nla_get_u32(a));
1953 static int inet_netconf_msgsize_devconf(int type)
1955 int size = NLMSG_ALIGN(sizeof(struct netconfmsg))
1956 + nla_total_size(4); /* NETCONFA_IFINDEX */
1959 if (type == NETCONFA_ALL)
1962 if (all || type == NETCONFA_FORWARDING)
1963 size += nla_total_size(4);
1964 if (all || type == NETCONFA_RP_FILTER)
1965 size += nla_total_size(4);
1966 if (all || type == NETCONFA_MC_FORWARDING)
1967 size += nla_total_size(4);
1968 if (all || type == NETCONFA_BC_FORWARDING)
1969 size += nla_total_size(4);
1970 if (all || type == NETCONFA_PROXY_NEIGH)
1971 size += nla_total_size(4);
1972 if (all || type == NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN)
1973 size += nla_total_size(4);
1978 static int inet_netconf_fill_devconf(struct sk_buff *skb, int ifindex,
1979 struct ipv4_devconf *devconf, u32 portid,
1980 u32 seq, int event, unsigned int flags,
1983 struct nlmsghdr *nlh;
1984 struct netconfmsg *ncm;
1987 nlh = nlmsg_put(skb, portid, seq, event, sizeof(struct netconfmsg),
1992 if (type == NETCONFA_ALL)
1995 ncm = nlmsg_data(nlh);
1996 ncm->ncm_family = AF_INET;
1998 if (nla_put_s32(skb, NETCONFA_IFINDEX, ifindex) < 0)
1999 goto nla_put_failure;
2004 if ((all || type == NETCONFA_FORWARDING) &&
2005 nla_put_s32(skb, NETCONFA_FORWARDING,
2006 IPV4_DEVCONF(*devconf, FORWARDING)) < 0)
2007 goto nla_put_failure;
2008 if ((all || type == NETCONFA_RP_FILTER) &&
2009 nla_put_s32(skb, NETCONFA_RP_FILTER,
2010 IPV4_DEVCONF(*devconf, RP_FILTER)) < 0)
2011 goto nla_put_failure;
2012 if ((all || type == NETCONFA_MC_FORWARDING) &&
2013 nla_put_s32(skb, NETCONFA_MC_FORWARDING,
2014 IPV4_DEVCONF(*devconf, MC_FORWARDING)) < 0)
2015 goto nla_put_failure;
2016 if ((all || type == NETCONFA_BC_FORWARDING) &&
2017 nla_put_s32(skb, NETCONFA_BC_FORWARDING,
2018 IPV4_DEVCONF(*devconf, BC_FORWARDING)) < 0)
2019 goto nla_put_failure;
2020 if ((all || type == NETCONFA_PROXY_NEIGH) &&
2021 nla_put_s32(skb, NETCONFA_PROXY_NEIGH,
2022 IPV4_DEVCONF(*devconf, PROXY_ARP)) < 0)
2023 goto nla_put_failure;
2024 if ((all || type == NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN) &&
2025 nla_put_s32(skb, NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN,
2026 IPV4_DEVCONF(*devconf, IGNORE_ROUTES_WITH_LINKDOWN)) < 0)
2027 goto nla_put_failure;
2030 nlmsg_end(skb, nlh);
2034 nlmsg_cancel(skb, nlh);
2038 void inet_netconf_notify_devconf(struct net *net, int event, int type,
2039 int ifindex, struct ipv4_devconf *devconf)
2041 struct sk_buff *skb;
2044 skb = nlmsg_new(inet_netconf_msgsize_devconf(type), GFP_KERNEL);
2048 err = inet_netconf_fill_devconf(skb, ifindex, devconf, 0, 0,
2051 /* -EMSGSIZE implies BUG in inet_netconf_msgsize_devconf() */
2052 WARN_ON(err == -EMSGSIZE);
2056 rtnl_notify(skb, net, 0, RTNLGRP_IPV4_NETCONF, NULL, GFP_KERNEL);
2060 rtnl_set_sk_err(net, RTNLGRP_IPV4_NETCONF, err);
2063 static const struct nla_policy devconf_ipv4_policy[NETCONFA_MAX+1] = {
2064 [NETCONFA_IFINDEX] = { .len = sizeof(int) },
2065 [NETCONFA_FORWARDING] = { .len = sizeof(int) },
2066 [NETCONFA_RP_FILTER] = { .len = sizeof(int) },
2067 [NETCONFA_PROXY_NEIGH] = { .len = sizeof(int) },
2068 [NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN] = { .len = sizeof(int) },
2071 static int inet_netconf_valid_get_req(struct sk_buff *skb,
2072 const struct nlmsghdr *nlh,
2074 struct netlink_ext_ack *extack)
2078 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(struct netconfmsg))) {
2079 NL_SET_ERR_MSG(extack, "ipv4: Invalid header for netconf get request");
2083 if (!netlink_strict_get_check(skb))
2084 return nlmsg_parse_deprecated(nlh, sizeof(struct netconfmsg),
2086 devconf_ipv4_policy, extack);
2088 err = nlmsg_parse_deprecated_strict(nlh, sizeof(struct netconfmsg),
2090 devconf_ipv4_policy, extack);
2094 for (i = 0; i <= NETCONFA_MAX; i++) {
2099 case NETCONFA_IFINDEX:
2102 NL_SET_ERR_MSG(extack, "ipv4: Unsupported attribute in netconf get request");
2110 static int inet_netconf_get_devconf(struct sk_buff *in_skb,
2111 struct nlmsghdr *nlh,
2112 struct netlink_ext_ack *extack)
2114 struct net *net = sock_net(in_skb->sk);
2115 struct nlattr *tb[NETCONFA_MAX+1];
2116 struct sk_buff *skb;
2117 struct ipv4_devconf *devconf;
2118 struct in_device *in_dev;
2119 struct net_device *dev;
2123 err = inet_netconf_valid_get_req(in_skb, nlh, tb, extack);
2128 if (!tb[NETCONFA_IFINDEX])
2131 ifindex = nla_get_s32(tb[NETCONFA_IFINDEX]);
2133 case NETCONFA_IFINDEX_ALL:
2134 devconf = net->ipv4.devconf_all;
2136 case NETCONFA_IFINDEX_DEFAULT:
2137 devconf = net->ipv4.devconf_dflt;
2140 dev = __dev_get_by_index(net, ifindex);
2143 in_dev = __in_dev_get_rtnl(dev);
2146 devconf = &in_dev->cnf;
2151 skb = nlmsg_new(inet_netconf_msgsize_devconf(NETCONFA_ALL), GFP_KERNEL);
2155 err = inet_netconf_fill_devconf(skb, ifindex, devconf,
2156 NETLINK_CB(in_skb).portid,
2157 nlh->nlmsg_seq, RTM_NEWNETCONF, 0,
2160 /* -EMSGSIZE implies BUG in inet_netconf_msgsize_devconf() */
2161 WARN_ON(err == -EMSGSIZE);
2165 err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).portid);
2170 static int inet_netconf_dump_devconf(struct sk_buff *skb,
2171 struct netlink_callback *cb)
2173 const struct nlmsghdr *nlh = cb->nlh;
2174 struct net *net = sock_net(skb->sk);
2177 struct net_device *dev;
2178 struct in_device *in_dev;
2179 struct hlist_head *head;
2181 if (cb->strict_check) {
2182 struct netlink_ext_ack *extack = cb->extack;
2183 struct netconfmsg *ncm;
2185 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*ncm))) {
2186 NL_SET_ERR_MSG(extack, "ipv4: Invalid header for netconf dump request");
2190 if (nlmsg_attrlen(nlh, sizeof(*ncm))) {
2191 NL_SET_ERR_MSG(extack, "ipv4: Invalid data after header in netconf dump request");
2197 s_idx = idx = cb->args[1];
2199 for (h = s_h; h < NETDEV_HASHENTRIES; h++, s_idx = 0) {
2201 head = &net->dev_index_head[h];
2203 cb->seq = atomic_read(&net->ipv4.dev_addr_genid) ^
2205 hlist_for_each_entry_rcu(dev, head, index_hlist) {
2208 in_dev = __in_dev_get_rcu(dev);
2212 if (inet_netconf_fill_devconf(skb, dev->ifindex,
2214 NETLINK_CB(cb->skb).portid,
2218 NETCONFA_ALL) < 0) {
2222 nl_dump_check_consistent(cb, nlmsg_hdr(skb));
2228 if (h == NETDEV_HASHENTRIES) {
2229 if (inet_netconf_fill_devconf(skb, NETCONFA_IFINDEX_ALL,
2230 net->ipv4.devconf_all,
2231 NETLINK_CB(cb->skb).portid,
2233 RTM_NEWNETCONF, NLM_F_MULTI,
2239 if (h == NETDEV_HASHENTRIES + 1) {
2240 if (inet_netconf_fill_devconf(skb, NETCONFA_IFINDEX_DEFAULT,
2241 net->ipv4.devconf_dflt,
2242 NETLINK_CB(cb->skb).portid,
2244 RTM_NEWNETCONF, NLM_F_MULTI,
2257 #ifdef CONFIG_SYSCTL
2259 static void devinet_copy_dflt_conf(struct net *net, int i)
2261 struct net_device *dev;
2264 for_each_netdev_rcu(net, dev) {
2265 struct in_device *in_dev;
2267 in_dev = __in_dev_get_rcu(dev);
2268 if (in_dev && !test_bit(i, in_dev->cnf.state))
2269 in_dev->cnf.data[i] = net->ipv4.devconf_dflt->data[i];
2274 /* called with RTNL locked */
2275 static void inet_forward_change(struct net *net)
2277 struct net_device *dev;
2278 int on = IPV4_DEVCONF_ALL(net, FORWARDING);
2280 IPV4_DEVCONF_ALL(net, ACCEPT_REDIRECTS) = !on;
2281 IPV4_DEVCONF_DFLT(net, FORWARDING) = on;
2282 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2283 NETCONFA_FORWARDING,
2284 NETCONFA_IFINDEX_ALL,
2285 net->ipv4.devconf_all);
2286 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2287 NETCONFA_FORWARDING,
2288 NETCONFA_IFINDEX_DEFAULT,
2289 net->ipv4.devconf_dflt);
2291 for_each_netdev(net, dev) {
2292 struct in_device *in_dev;
2295 dev_disable_lro(dev);
2297 in_dev = __in_dev_get_rtnl(dev);
2299 IN_DEV_CONF_SET(in_dev, FORWARDING, on);
2300 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2301 NETCONFA_FORWARDING,
2302 dev->ifindex, &in_dev->cnf);
2307 static int devinet_conf_ifindex(struct net *net, struct ipv4_devconf *cnf)
2309 if (cnf == net->ipv4.devconf_dflt)
2310 return NETCONFA_IFINDEX_DEFAULT;
2311 else if (cnf == net->ipv4.devconf_all)
2312 return NETCONFA_IFINDEX_ALL;
2314 struct in_device *idev
2315 = container_of(cnf, struct in_device, cnf);
2316 return idev->dev->ifindex;
2320 static int devinet_conf_proc(struct ctl_table *ctl, int write,
2321 void __user *buffer,
2322 size_t *lenp, loff_t *ppos)
2324 int old_value = *(int *)ctl->data;
2325 int ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
2326 int new_value = *(int *)ctl->data;
2329 struct ipv4_devconf *cnf = ctl->extra1;
2330 struct net *net = ctl->extra2;
2331 int i = (int *)ctl->data - cnf->data;
2334 set_bit(i, cnf->state);
2336 if (cnf == net->ipv4.devconf_dflt)
2337 devinet_copy_dflt_conf(net, i);
2338 if (i == IPV4_DEVCONF_ACCEPT_LOCAL - 1 ||
2339 i == IPV4_DEVCONF_ROUTE_LOCALNET - 1)
2340 if ((new_value == 0) && (old_value != 0))
2341 rt_cache_flush(net);
2343 if (i == IPV4_DEVCONF_BC_FORWARDING - 1 &&
2344 new_value != old_value)
2345 rt_cache_flush(net);
2347 if (i == IPV4_DEVCONF_RP_FILTER - 1 &&
2348 new_value != old_value) {
2349 ifindex = devinet_conf_ifindex(net, cnf);
2350 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2354 if (i == IPV4_DEVCONF_PROXY_ARP - 1 &&
2355 new_value != old_value) {
2356 ifindex = devinet_conf_ifindex(net, cnf);
2357 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2358 NETCONFA_PROXY_NEIGH,
2361 if (i == IPV4_DEVCONF_IGNORE_ROUTES_WITH_LINKDOWN - 1 &&
2362 new_value != old_value) {
2363 ifindex = devinet_conf_ifindex(net, cnf);
2364 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2365 NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN,
2373 static int devinet_sysctl_forward(struct ctl_table *ctl, int write,
2374 void __user *buffer,
2375 size_t *lenp, loff_t *ppos)
2377 int *valp = ctl->data;
2380 int ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
2382 if (write && *valp != val) {
2383 struct net *net = ctl->extra2;
2385 if (valp != &IPV4_DEVCONF_DFLT(net, FORWARDING)) {
2386 if (!rtnl_trylock()) {
2387 /* Restore the original values before restarting */
2390 return restart_syscall();
2392 if (valp == &IPV4_DEVCONF_ALL(net, FORWARDING)) {
2393 inet_forward_change(net);
2395 struct ipv4_devconf *cnf = ctl->extra1;
2396 struct in_device *idev =
2397 container_of(cnf, struct in_device, cnf);
2399 dev_disable_lro(idev->dev);
2400 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2401 NETCONFA_FORWARDING,
2406 rt_cache_flush(net);
2408 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2409 NETCONFA_FORWARDING,
2410 NETCONFA_IFINDEX_DEFAULT,
2411 net->ipv4.devconf_dflt);
2417 static int ipv4_doint_and_flush(struct ctl_table *ctl, int write,
2418 void __user *buffer,
2419 size_t *lenp, loff_t *ppos)
2421 int *valp = ctl->data;
2423 int ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
2424 struct net *net = ctl->extra2;
2426 if (write && *valp != val)
2427 rt_cache_flush(net);
2432 #define DEVINET_SYSCTL_ENTRY(attr, name, mval, proc) \
2435 .data = ipv4_devconf.data + \
2436 IPV4_DEVCONF_ ## attr - 1, \
2437 .maxlen = sizeof(int), \
2439 .proc_handler = proc, \
2440 .extra1 = &ipv4_devconf, \
2443 #define DEVINET_SYSCTL_RW_ENTRY(attr, name) \
2444 DEVINET_SYSCTL_ENTRY(attr, name, 0644, devinet_conf_proc)
2446 #define DEVINET_SYSCTL_RO_ENTRY(attr, name) \
2447 DEVINET_SYSCTL_ENTRY(attr, name, 0444, devinet_conf_proc)
2449 #define DEVINET_SYSCTL_COMPLEX_ENTRY(attr, name, proc) \
2450 DEVINET_SYSCTL_ENTRY(attr, name, 0644, proc)
2452 #define DEVINET_SYSCTL_FLUSHING_ENTRY(attr, name) \
2453 DEVINET_SYSCTL_COMPLEX_ENTRY(attr, name, ipv4_doint_and_flush)
2455 static struct devinet_sysctl_table {
2456 struct ctl_table_header *sysctl_header;
2457 struct ctl_table devinet_vars[__IPV4_DEVCONF_MAX];
2458 } devinet_sysctl = {
2460 DEVINET_SYSCTL_COMPLEX_ENTRY(FORWARDING, "forwarding",
2461 devinet_sysctl_forward),
2462 DEVINET_SYSCTL_RO_ENTRY(MC_FORWARDING, "mc_forwarding"),
2463 DEVINET_SYSCTL_RW_ENTRY(BC_FORWARDING, "bc_forwarding"),
2465 DEVINET_SYSCTL_RW_ENTRY(ACCEPT_REDIRECTS, "accept_redirects"),
2466 DEVINET_SYSCTL_RW_ENTRY(SECURE_REDIRECTS, "secure_redirects"),
2467 DEVINET_SYSCTL_RW_ENTRY(SHARED_MEDIA, "shared_media"),
2468 DEVINET_SYSCTL_RW_ENTRY(RP_FILTER, "rp_filter"),
2469 DEVINET_SYSCTL_RW_ENTRY(SEND_REDIRECTS, "send_redirects"),
2470 DEVINET_SYSCTL_RW_ENTRY(ACCEPT_SOURCE_ROUTE,
2471 "accept_source_route"),
2472 DEVINET_SYSCTL_RW_ENTRY(ACCEPT_LOCAL, "accept_local"),
2473 DEVINET_SYSCTL_RW_ENTRY(SRC_VMARK, "src_valid_mark"),
2474 DEVINET_SYSCTL_RW_ENTRY(PROXY_ARP, "proxy_arp"),
2475 DEVINET_SYSCTL_RW_ENTRY(MEDIUM_ID, "medium_id"),
2476 DEVINET_SYSCTL_RW_ENTRY(BOOTP_RELAY, "bootp_relay"),
2477 DEVINET_SYSCTL_RW_ENTRY(LOG_MARTIANS, "log_martians"),
2478 DEVINET_SYSCTL_RW_ENTRY(TAG, "tag"),
2479 DEVINET_SYSCTL_RW_ENTRY(ARPFILTER, "arp_filter"),
2480 DEVINET_SYSCTL_RW_ENTRY(ARP_ANNOUNCE, "arp_announce"),
2481 DEVINET_SYSCTL_RW_ENTRY(ARP_IGNORE, "arp_ignore"),
2482 DEVINET_SYSCTL_RW_ENTRY(ARP_ACCEPT, "arp_accept"),
2483 DEVINET_SYSCTL_RW_ENTRY(ARP_NOTIFY, "arp_notify"),
2484 DEVINET_SYSCTL_RW_ENTRY(PROXY_ARP_PVLAN, "proxy_arp_pvlan"),
2485 DEVINET_SYSCTL_RW_ENTRY(FORCE_IGMP_VERSION,
2486 "force_igmp_version"),
2487 DEVINET_SYSCTL_RW_ENTRY(IGMPV2_UNSOLICITED_REPORT_INTERVAL,
2488 "igmpv2_unsolicited_report_interval"),
2489 DEVINET_SYSCTL_RW_ENTRY(IGMPV3_UNSOLICITED_REPORT_INTERVAL,
2490 "igmpv3_unsolicited_report_interval"),
2491 DEVINET_SYSCTL_RW_ENTRY(IGNORE_ROUTES_WITH_LINKDOWN,
2492 "ignore_routes_with_linkdown"),
2493 DEVINET_SYSCTL_RW_ENTRY(DROP_GRATUITOUS_ARP,
2494 "drop_gratuitous_arp"),
2496 DEVINET_SYSCTL_FLUSHING_ENTRY(NOXFRM, "disable_xfrm"),
2497 DEVINET_SYSCTL_FLUSHING_ENTRY(NOPOLICY, "disable_policy"),
2498 DEVINET_SYSCTL_FLUSHING_ENTRY(PROMOTE_SECONDARIES,
2499 "promote_secondaries"),
2500 DEVINET_SYSCTL_FLUSHING_ENTRY(ROUTE_LOCALNET,
2502 DEVINET_SYSCTL_FLUSHING_ENTRY(DROP_UNICAST_IN_L2_MULTICAST,
2503 "drop_unicast_in_l2_multicast"),
2507 static int __devinet_sysctl_register(struct net *net, char *dev_name,
2508 int ifindex, struct ipv4_devconf *p)
2511 struct devinet_sysctl_table *t;
2512 char path[sizeof("net/ipv4/conf/") + IFNAMSIZ];
2514 t = kmemdup(&devinet_sysctl, sizeof(*t), GFP_KERNEL);
2518 for (i = 0; i < ARRAY_SIZE(t->devinet_vars) - 1; i++) {
2519 t->devinet_vars[i].data += (char *)p - (char *)&ipv4_devconf;
2520 t->devinet_vars[i].extra1 = p;
2521 t->devinet_vars[i].extra2 = net;
2524 snprintf(path, sizeof(path), "net/ipv4/conf/%s", dev_name);
2526 t->sysctl_header = register_net_sysctl(net, path, t->devinet_vars);
2527 if (!t->sysctl_header)
2532 inet_netconf_notify_devconf(net, RTM_NEWNETCONF, NETCONFA_ALL,
2542 static void __devinet_sysctl_unregister(struct net *net,
2543 struct ipv4_devconf *cnf, int ifindex)
2545 struct devinet_sysctl_table *t = cnf->sysctl;
2549 unregister_net_sysctl_table(t->sysctl_header);
2553 inet_netconf_notify_devconf(net, RTM_DELNETCONF, 0, ifindex, NULL);
2556 static int devinet_sysctl_register(struct in_device *idev)
2560 if (!sysctl_dev_name_is_allowed(idev->dev->name))
2563 err = neigh_sysctl_register(idev->dev, idev->arp_parms, NULL);
2566 err = __devinet_sysctl_register(dev_net(idev->dev), idev->dev->name,
2567 idev->dev->ifindex, &idev->cnf);
2569 neigh_sysctl_unregister(idev->arp_parms);
2573 static void devinet_sysctl_unregister(struct in_device *idev)
2575 struct net *net = dev_net(idev->dev);
2577 __devinet_sysctl_unregister(net, &idev->cnf, idev->dev->ifindex);
2578 neigh_sysctl_unregister(idev->arp_parms);
2581 static struct ctl_table ctl_forward_entry[] = {
2583 .procname = "ip_forward",
2584 .data = &ipv4_devconf.data[
2585 IPV4_DEVCONF_FORWARDING - 1],
2586 .maxlen = sizeof(int),
2588 .proc_handler = devinet_sysctl_forward,
2589 .extra1 = &ipv4_devconf,
2590 .extra2 = &init_net,
2596 static __net_init int devinet_init_net(struct net *net)
2599 struct ipv4_devconf *all, *dflt;
2600 #ifdef CONFIG_SYSCTL
2601 struct ctl_table *tbl;
2602 struct ctl_table_header *forw_hdr;
2606 all = kmemdup(&ipv4_devconf, sizeof(ipv4_devconf), GFP_KERNEL);
2610 dflt = kmemdup(&ipv4_devconf_dflt, sizeof(ipv4_devconf_dflt), GFP_KERNEL);
2612 goto err_alloc_dflt;
2614 #ifdef CONFIG_SYSCTL
2615 tbl = kmemdup(ctl_forward_entry, sizeof(ctl_forward_entry), GFP_KERNEL);
2619 tbl[0].data = &all->data[IPV4_DEVCONF_FORWARDING - 1];
2620 tbl[0].extra1 = all;
2621 tbl[0].extra2 = net;
2624 if ((!IS_ENABLED(CONFIG_SYSCTL) ||
2625 sysctl_devconf_inherit_init_net != 2) &&
2626 !net_eq(net, &init_net)) {
2627 memcpy(all, init_net.ipv4.devconf_all, sizeof(ipv4_devconf));
2628 memcpy(dflt, init_net.ipv4.devconf_dflt, sizeof(ipv4_devconf_dflt));
2631 #ifdef CONFIG_SYSCTL
2632 err = __devinet_sysctl_register(net, "all", NETCONFA_IFINDEX_ALL, all);
2636 err = __devinet_sysctl_register(net, "default",
2637 NETCONFA_IFINDEX_DEFAULT, dflt);
2642 forw_hdr = register_net_sysctl(net, "net/ipv4", tbl);
2645 net->ipv4.forw_hdr = forw_hdr;
2648 net->ipv4.devconf_all = all;
2649 net->ipv4.devconf_dflt = dflt;
2652 #ifdef CONFIG_SYSCTL
2654 __devinet_sysctl_unregister(net, dflt, NETCONFA_IFINDEX_DEFAULT);
2656 __devinet_sysctl_unregister(net, all, NETCONFA_IFINDEX_ALL);
2668 static __net_exit void devinet_exit_net(struct net *net)
2670 #ifdef CONFIG_SYSCTL
2671 struct ctl_table *tbl;
2673 tbl = net->ipv4.forw_hdr->ctl_table_arg;
2674 unregister_net_sysctl_table(net->ipv4.forw_hdr);
2675 __devinet_sysctl_unregister(net, net->ipv4.devconf_dflt,
2676 NETCONFA_IFINDEX_DEFAULT);
2677 __devinet_sysctl_unregister(net, net->ipv4.devconf_all,
2678 NETCONFA_IFINDEX_ALL);
2681 kfree(net->ipv4.devconf_dflt);
2682 kfree(net->ipv4.devconf_all);
2685 static __net_initdata struct pernet_operations devinet_ops = {
2686 .init = devinet_init_net,
2687 .exit = devinet_exit_net,
2690 static struct rtnl_af_ops inet_af_ops __read_mostly = {
2692 .fill_link_af = inet_fill_link_af,
2693 .get_link_af_size = inet_get_link_af_size,
2694 .validate_link_af = inet_validate_link_af,
2695 .set_link_af = inet_set_link_af,
2698 void __init devinet_init(void)
2702 for (i = 0; i < IN4_ADDR_HSIZE; i++)
2703 INIT_HLIST_HEAD(&inet_addr_lst[i]);
2705 register_pernet_subsys(&devinet_ops);
2707 register_gifconf(PF_INET, inet_gifconf);
2708 register_netdevice_notifier(&ip_netdev_notifier);
2710 queue_delayed_work(system_power_efficient_wq, &check_lifetime_work, 0);
2712 rtnl_af_register(&inet_af_ops);
2714 rtnl_register(PF_INET, RTM_NEWADDR, inet_rtm_newaddr, NULL, 0);
2715 rtnl_register(PF_INET, RTM_DELADDR, inet_rtm_deladdr, NULL, 0);
2716 rtnl_register(PF_INET, RTM_GETADDR, NULL, inet_dump_ifaddr, 0);
2717 rtnl_register(PF_INET, RTM_GETNETCONF, inet_netconf_get_devconf,
2718 inet_netconf_dump_devconf, 0);