1 // SPDX-License-Identifier: GPL-2.0-or-later
3 * NET3 IP device support routines.
5 * Derived from the IP parts of dev.c 1.0.19
15 * Alexey Kuznetsov: pa_* fields are replaced with ifaddr
17 * Cyrus Durgin: updated for kmod
18 * Matthias Andree: in devinet_ioctl, compare label and
19 * address (4.4BSD alias style support),
20 * fall back to comparing just the label
25 #include <linux/uaccess.h>
26 #include <linux/bitops.h>
27 #include <linux/capability.h>
28 #include <linux/module.h>
29 #include <linux/types.h>
30 #include <linux/kernel.h>
31 #include <linux/sched/signal.h>
32 #include <linux/string.h>
34 #include <linux/socket.h>
35 #include <linux/sockios.h>
37 #include <linux/errno.h>
38 #include <linux/interrupt.h>
39 #include <linux/if_addr.h>
40 #include <linux/if_ether.h>
41 #include <linux/inet.h>
42 #include <linux/netdevice.h>
43 #include <linux/etherdevice.h>
44 #include <linux/skbuff.h>
45 #include <linux/init.h>
46 #include <linux/notifier.h>
47 #include <linux/inetdevice.h>
48 #include <linux/igmp.h>
49 #include <linux/slab.h>
50 #include <linux/hash.h>
52 #include <linux/sysctl.h>
54 #include <linux/kmod.h>
55 #include <linux/netconf.h>
59 #include <net/route.h>
60 #include <net/ip_fib.h>
61 #include <net/rtnetlink.h>
62 #include <net/net_namespace.h>
63 #include <net/addrconf.h>
65 #define IPV6ONLY_FLAGS \
66 (IFA_F_NODAD | IFA_F_OPTIMISTIC | IFA_F_DADFAILED | \
67 IFA_F_HOMEADDRESS | IFA_F_TENTATIVE | \
68 IFA_F_MANAGETEMPADDR | IFA_F_STABLE_PRIVACY)
70 static struct ipv4_devconf ipv4_devconf = {
72 [IPV4_DEVCONF_ACCEPT_REDIRECTS - 1] = 1,
73 [IPV4_DEVCONF_SEND_REDIRECTS - 1] = 1,
74 [IPV4_DEVCONF_SECURE_REDIRECTS - 1] = 1,
75 [IPV4_DEVCONF_SHARED_MEDIA - 1] = 1,
76 [IPV4_DEVCONF_IGMPV2_UNSOLICITED_REPORT_INTERVAL - 1] = 10000 /*ms*/,
77 [IPV4_DEVCONF_IGMPV3_UNSOLICITED_REPORT_INTERVAL - 1] = 1000 /*ms*/,
78 [IPV4_DEVCONF_ARP_EVICT_NOCARRIER - 1] = 1,
82 static struct ipv4_devconf ipv4_devconf_dflt = {
84 [IPV4_DEVCONF_ACCEPT_REDIRECTS - 1] = 1,
85 [IPV4_DEVCONF_SEND_REDIRECTS - 1] = 1,
86 [IPV4_DEVCONF_SECURE_REDIRECTS - 1] = 1,
87 [IPV4_DEVCONF_SHARED_MEDIA - 1] = 1,
88 [IPV4_DEVCONF_ACCEPT_SOURCE_ROUTE - 1] = 1,
89 [IPV4_DEVCONF_IGMPV2_UNSOLICITED_REPORT_INTERVAL - 1] = 10000 /*ms*/,
90 [IPV4_DEVCONF_IGMPV3_UNSOLICITED_REPORT_INTERVAL - 1] = 1000 /*ms*/,
91 [IPV4_DEVCONF_ARP_EVICT_NOCARRIER - 1] = 1,
95 #define IPV4_DEVCONF_DFLT(net, attr) \
96 IPV4_DEVCONF((*net->ipv4.devconf_dflt), attr)
98 static const struct nla_policy ifa_ipv4_policy[IFA_MAX+1] = {
99 [IFA_LOCAL] = { .type = NLA_U32 },
100 [IFA_ADDRESS] = { .type = NLA_U32 },
101 [IFA_BROADCAST] = { .type = NLA_U32 },
102 [IFA_LABEL] = { .type = NLA_STRING, .len = IFNAMSIZ - 1 },
103 [IFA_CACHEINFO] = { .len = sizeof(struct ifa_cacheinfo) },
104 [IFA_FLAGS] = { .type = NLA_U32 },
105 [IFA_RT_PRIORITY] = { .type = NLA_U32 },
106 [IFA_TARGET_NETNSID] = { .type = NLA_S32 },
107 [IFA_PROTO] = { .type = NLA_U8 },
110 struct inet_fill_args {
119 #define IN4_ADDR_HSIZE_SHIFT 8
120 #define IN4_ADDR_HSIZE (1U << IN4_ADDR_HSIZE_SHIFT)
122 static struct hlist_head inet_addr_lst[IN4_ADDR_HSIZE];
124 static u32 inet_addr_hash(const struct net *net, __be32 addr)
126 u32 val = (__force u32) addr ^ net_hash_mix(net);
128 return hash_32(val, IN4_ADDR_HSIZE_SHIFT);
131 static void inet_hash_insert(struct net *net, struct in_ifaddr *ifa)
133 u32 hash = inet_addr_hash(net, ifa->ifa_local);
136 hlist_add_head_rcu(&ifa->hash, &inet_addr_lst[hash]);
139 static void inet_hash_remove(struct in_ifaddr *ifa)
142 hlist_del_init_rcu(&ifa->hash);
146 * __ip_dev_find - find the first device with a given source address.
147 * @net: the net namespace
148 * @addr: the source address
149 * @devref: if true, take a reference on the found device
151 * If a caller uses devref=false, it should be protected by RCU, or RTNL
153 struct net_device *__ip_dev_find(struct net *net, __be32 addr, bool devref)
155 struct net_device *result = NULL;
156 struct in_ifaddr *ifa;
159 ifa = inet_lookup_ifaddr_rcu(net, addr);
161 struct flowi4 fl4 = { .daddr = addr };
162 struct fib_result res = { 0 };
163 struct fib_table *local;
165 /* Fallback to FIB local table so that communication
166 * over loopback subnets work.
168 local = fib_get_table(net, RT_TABLE_LOCAL);
170 !fib_table_lookup(local, &fl4, &res, FIB_LOOKUP_NOREF) &&
171 res.type == RTN_LOCAL)
172 result = FIB_RES_DEV(res);
174 result = ifa->ifa_dev->dev;
176 if (result && devref)
181 EXPORT_SYMBOL(__ip_dev_find);
183 /* called under RCU lock */
184 struct in_ifaddr *inet_lookup_ifaddr_rcu(struct net *net, __be32 addr)
186 u32 hash = inet_addr_hash(net, addr);
187 struct in_ifaddr *ifa;
189 hlist_for_each_entry_rcu(ifa, &inet_addr_lst[hash], hash)
190 if (ifa->ifa_local == addr &&
191 net_eq(dev_net(ifa->ifa_dev->dev), net))
197 static void rtmsg_ifa(int event, struct in_ifaddr *, struct nlmsghdr *, u32);
199 static BLOCKING_NOTIFIER_HEAD(inetaddr_chain);
200 static BLOCKING_NOTIFIER_HEAD(inetaddr_validator_chain);
201 static void inet_del_ifa(struct in_device *in_dev,
202 struct in_ifaddr __rcu **ifap,
205 static int devinet_sysctl_register(struct in_device *idev);
206 static void devinet_sysctl_unregister(struct in_device *idev);
208 static int devinet_sysctl_register(struct in_device *idev)
212 static void devinet_sysctl_unregister(struct in_device *idev)
217 /* Locks all the inet devices. */
219 static struct in_ifaddr *inet_alloc_ifa(void)
221 return kzalloc(sizeof(struct in_ifaddr), GFP_KERNEL_ACCOUNT);
224 static void inet_rcu_free_ifa(struct rcu_head *head)
226 struct in_ifaddr *ifa = container_of(head, struct in_ifaddr, rcu_head);
228 in_dev_put(ifa->ifa_dev);
232 static void inet_free_ifa(struct in_ifaddr *ifa)
234 call_rcu(&ifa->rcu_head, inet_rcu_free_ifa);
237 static void in_dev_free_rcu(struct rcu_head *head)
239 struct in_device *idev = container_of(head, struct in_device, rcu_head);
241 kfree(rcu_dereference_protected(idev->mc_hash, 1));
245 void in_dev_finish_destroy(struct in_device *idev)
247 struct net_device *dev = idev->dev;
249 WARN_ON(idev->ifa_list);
250 WARN_ON(idev->mc_list);
251 #ifdef NET_REFCNT_DEBUG
252 pr_debug("%s: %p=%s\n", __func__, idev, dev ? dev->name : "NIL");
254 netdev_put(dev, &idev->dev_tracker);
256 pr_err("Freeing alive in_device %p\n", idev);
258 call_rcu(&idev->rcu_head, in_dev_free_rcu);
260 EXPORT_SYMBOL(in_dev_finish_destroy);
262 static struct in_device *inetdev_init(struct net_device *dev)
264 struct in_device *in_dev;
269 in_dev = kzalloc(sizeof(*in_dev), GFP_KERNEL);
272 memcpy(&in_dev->cnf, dev_net(dev)->ipv4.devconf_dflt,
273 sizeof(in_dev->cnf));
274 in_dev->cnf.sysctl = NULL;
276 in_dev->arp_parms = neigh_parms_alloc(dev, &arp_tbl);
277 if (!in_dev->arp_parms)
279 if (IPV4_DEVCONF(in_dev->cnf, FORWARDING))
280 dev_disable_lro(dev);
281 /* Reference in_dev->dev */
282 netdev_hold(dev, &in_dev->dev_tracker, GFP_KERNEL);
283 /* Account for reference dev->ip_ptr (below) */
284 refcount_set(&in_dev->refcnt, 1);
286 err = devinet_sysctl_register(in_dev);
289 neigh_parms_release(&arp_tbl, in_dev->arp_parms);
294 ip_mc_init_dev(in_dev);
295 if (dev->flags & IFF_UP)
298 /* we can receive as soon as ip_ptr is set -- do this last */
299 rcu_assign_pointer(dev->ip_ptr, in_dev);
301 return in_dev ?: ERR_PTR(err);
308 static void inetdev_destroy(struct in_device *in_dev)
310 struct net_device *dev;
311 struct in_ifaddr *ifa;
319 ip_mc_destroy_dev(in_dev);
321 while ((ifa = rtnl_dereference(in_dev->ifa_list)) != NULL) {
322 inet_del_ifa(in_dev, &in_dev->ifa_list, 0);
326 RCU_INIT_POINTER(dev->ip_ptr, NULL);
328 devinet_sysctl_unregister(in_dev);
329 neigh_parms_release(&arp_tbl, in_dev->arp_parms);
335 int inet_addr_onlink(struct in_device *in_dev, __be32 a, __be32 b)
337 const struct in_ifaddr *ifa;
340 in_dev_for_each_ifa_rcu(ifa, in_dev) {
341 if (inet_ifa_match(a, ifa)) {
342 if (!b || inet_ifa_match(b, ifa)) {
352 static void __inet_del_ifa(struct in_device *in_dev,
353 struct in_ifaddr __rcu **ifap,
354 int destroy, struct nlmsghdr *nlh, u32 portid)
356 struct in_ifaddr *promote = NULL;
357 struct in_ifaddr *ifa, *ifa1;
358 struct in_ifaddr *last_prim;
359 struct in_ifaddr *prev_prom = NULL;
360 int do_promote = IN_DEV_PROMOTE_SECONDARIES(in_dev);
364 ifa1 = rtnl_dereference(*ifap);
365 last_prim = rtnl_dereference(in_dev->ifa_list);
369 /* 1. Deleting primary ifaddr forces deletion all secondaries
370 * unless alias promotion is set
373 if (!(ifa1->ifa_flags & IFA_F_SECONDARY)) {
374 struct in_ifaddr __rcu **ifap1 = &ifa1->ifa_next;
376 while ((ifa = rtnl_dereference(*ifap1)) != NULL) {
377 if (!(ifa->ifa_flags & IFA_F_SECONDARY) &&
378 ifa1->ifa_scope <= ifa->ifa_scope)
381 if (!(ifa->ifa_flags & IFA_F_SECONDARY) ||
382 ifa1->ifa_mask != ifa->ifa_mask ||
383 !inet_ifa_match(ifa1->ifa_address, ifa)) {
384 ifap1 = &ifa->ifa_next;
390 inet_hash_remove(ifa);
391 *ifap1 = ifa->ifa_next;
393 rtmsg_ifa(RTM_DELADDR, ifa, nlh, portid);
394 blocking_notifier_call_chain(&inetaddr_chain,
404 /* On promotion all secondaries from subnet are changing
405 * the primary IP, we must remove all their routes silently
406 * and later to add them back with new prefsrc. Do this
407 * while all addresses are on the device list.
409 for (ifa = promote; ifa; ifa = rtnl_dereference(ifa->ifa_next)) {
410 if (ifa1->ifa_mask == ifa->ifa_mask &&
411 inet_ifa_match(ifa1->ifa_address, ifa))
412 fib_del_ifaddr(ifa, ifa1);
418 *ifap = ifa1->ifa_next;
419 inet_hash_remove(ifa1);
421 /* 3. Announce address deletion */
423 /* Send message first, then call notifier.
424 At first sight, FIB update triggered by notifier
425 will refer to already deleted ifaddr, that could confuse
426 netlink listeners. It is not true: look, gated sees
427 that route deleted and if it still thinks that ifaddr
428 is valid, it will try to restore deleted routes... Grr.
429 So that, this order is correct.
431 rtmsg_ifa(RTM_DELADDR, ifa1, nlh, portid);
432 blocking_notifier_call_chain(&inetaddr_chain, NETDEV_DOWN, ifa1);
435 struct in_ifaddr *next_sec;
437 next_sec = rtnl_dereference(promote->ifa_next);
439 struct in_ifaddr *last_sec;
441 rcu_assign_pointer(prev_prom->ifa_next, next_sec);
443 last_sec = rtnl_dereference(last_prim->ifa_next);
444 rcu_assign_pointer(promote->ifa_next, last_sec);
445 rcu_assign_pointer(last_prim->ifa_next, promote);
448 promote->ifa_flags &= ~IFA_F_SECONDARY;
449 rtmsg_ifa(RTM_NEWADDR, promote, nlh, portid);
450 blocking_notifier_call_chain(&inetaddr_chain,
452 for (ifa = next_sec; ifa;
453 ifa = rtnl_dereference(ifa->ifa_next)) {
454 if (ifa1->ifa_mask != ifa->ifa_mask ||
455 !inet_ifa_match(ifa1->ifa_address, ifa))
465 static void inet_del_ifa(struct in_device *in_dev,
466 struct in_ifaddr __rcu **ifap,
469 __inet_del_ifa(in_dev, ifap, destroy, NULL, 0);
472 static void check_lifetime(struct work_struct *work);
474 static DECLARE_DELAYED_WORK(check_lifetime_work, check_lifetime);
476 static int __inet_insert_ifa(struct in_ifaddr *ifa, struct nlmsghdr *nlh,
477 u32 portid, struct netlink_ext_ack *extack)
479 struct in_ifaddr __rcu **last_primary, **ifap;
480 struct in_device *in_dev = ifa->ifa_dev;
481 struct in_validator_info ivi;
482 struct in_ifaddr *ifa1;
487 if (!ifa->ifa_local) {
492 ifa->ifa_flags &= ~IFA_F_SECONDARY;
493 last_primary = &in_dev->ifa_list;
495 /* Don't set IPv6 only flags to IPv4 addresses */
496 ifa->ifa_flags &= ~IPV6ONLY_FLAGS;
498 ifap = &in_dev->ifa_list;
499 ifa1 = rtnl_dereference(*ifap);
502 if (!(ifa1->ifa_flags & IFA_F_SECONDARY) &&
503 ifa->ifa_scope <= ifa1->ifa_scope)
504 last_primary = &ifa1->ifa_next;
505 if (ifa1->ifa_mask == ifa->ifa_mask &&
506 inet_ifa_match(ifa1->ifa_address, ifa)) {
507 if (ifa1->ifa_local == ifa->ifa_local) {
511 if (ifa1->ifa_scope != ifa->ifa_scope) {
515 ifa->ifa_flags |= IFA_F_SECONDARY;
518 ifap = &ifa1->ifa_next;
519 ifa1 = rtnl_dereference(*ifap);
522 /* Allow any devices that wish to register ifaddr validtors to weigh
523 * in now, before changes are committed. The rntl lock is serializing
524 * access here, so the state should not change between a validator call
525 * and a final notify on commit. This isn't invoked on promotion under
526 * the assumption that validators are checking the address itself, and
529 ivi.ivi_addr = ifa->ifa_address;
530 ivi.ivi_dev = ifa->ifa_dev;
532 ret = blocking_notifier_call_chain(&inetaddr_validator_chain,
534 ret = notifier_to_errno(ret);
540 if (!(ifa->ifa_flags & IFA_F_SECONDARY))
543 rcu_assign_pointer(ifa->ifa_next, *ifap);
544 rcu_assign_pointer(*ifap, ifa);
546 inet_hash_insert(dev_net(in_dev->dev), ifa);
548 cancel_delayed_work(&check_lifetime_work);
549 queue_delayed_work(system_power_efficient_wq, &check_lifetime_work, 0);
551 /* Send message first, then call notifier.
552 Notifier will trigger FIB update, so that
553 listeners of netlink will know about new ifaddr */
554 rtmsg_ifa(RTM_NEWADDR, ifa, nlh, portid);
555 blocking_notifier_call_chain(&inetaddr_chain, NETDEV_UP, ifa);
560 static int inet_insert_ifa(struct in_ifaddr *ifa)
562 return __inet_insert_ifa(ifa, NULL, 0, NULL);
565 static int inet_set_ifa(struct net_device *dev, struct in_ifaddr *ifa)
567 struct in_device *in_dev = __in_dev_get_rtnl(dev);
575 ipv4_devconf_setall(in_dev);
576 neigh_parms_data_state_setall(in_dev->arp_parms);
577 if (ifa->ifa_dev != in_dev) {
578 WARN_ON(ifa->ifa_dev);
580 ifa->ifa_dev = in_dev;
582 if (ipv4_is_loopback(ifa->ifa_local))
583 ifa->ifa_scope = RT_SCOPE_HOST;
584 return inet_insert_ifa(ifa);
587 /* Caller must hold RCU or RTNL :
588 * We dont take a reference on found in_device
590 struct in_device *inetdev_by_index(struct net *net, int ifindex)
592 struct net_device *dev;
593 struct in_device *in_dev = NULL;
596 dev = dev_get_by_index_rcu(net, ifindex);
598 in_dev = rcu_dereference_rtnl(dev->ip_ptr);
602 EXPORT_SYMBOL(inetdev_by_index);
604 /* Called only from RTNL semaphored context. No locks. */
606 struct in_ifaddr *inet_ifa_byprefix(struct in_device *in_dev, __be32 prefix,
609 struct in_ifaddr *ifa;
613 in_dev_for_each_ifa_rtnl(ifa, in_dev) {
614 if (ifa->ifa_mask == mask && inet_ifa_match(prefix, ifa))
620 static int ip_mc_autojoin_config(struct net *net, bool join,
621 const struct in_ifaddr *ifa)
623 #if defined(CONFIG_IP_MULTICAST)
624 struct ip_mreqn mreq = {
625 .imr_multiaddr.s_addr = ifa->ifa_address,
626 .imr_ifindex = ifa->ifa_dev->dev->ifindex,
628 struct sock *sk = net->ipv4.mc_autojoin_sk;
635 ret = ip_mc_join_group(sk, &mreq);
637 ret = ip_mc_leave_group(sk, &mreq);
646 static int inet_rtm_deladdr(struct sk_buff *skb, struct nlmsghdr *nlh,
647 struct netlink_ext_ack *extack)
649 struct net *net = sock_net(skb->sk);
650 struct in_ifaddr __rcu **ifap;
651 struct nlattr *tb[IFA_MAX+1];
652 struct in_device *in_dev;
653 struct ifaddrmsg *ifm;
654 struct in_ifaddr *ifa;
659 err = nlmsg_parse_deprecated(nlh, sizeof(*ifm), tb, IFA_MAX,
660 ifa_ipv4_policy, extack);
664 ifm = nlmsg_data(nlh);
665 in_dev = inetdev_by_index(net, ifm->ifa_index);
671 for (ifap = &in_dev->ifa_list; (ifa = rtnl_dereference(*ifap)) != NULL;
672 ifap = &ifa->ifa_next) {
674 ifa->ifa_local != nla_get_in_addr(tb[IFA_LOCAL]))
677 if (tb[IFA_LABEL] && nla_strcmp(tb[IFA_LABEL], ifa->ifa_label))
680 if (tb[IFA_ADDRESS] &&
681 (ifm->ifa_prefixlen != ifa->ifa_prefixlen ||
682 !inet_ifa_match(nla_get_in_addr(tb[IFA_ADDRESS]), ifa)))
685 if (ipv4_is_multicast(ifa->ifa_address))
686 ip_mc_autojoin_config(net, false, ifa);
687 __inet_del_ifa(in_dev, ifap, 1, nlh, NETLINK_CB(skb).portid);
691 err = -EADDRNOTAVAIL;
696 #define INFINITY_LIFE_TIME 0xFFFFFFFF
698 static void check_lifetime(struct work_struct *work)
700 unsigned long now, next, next_sec, next_sched;
701 struct in_ifaddr *ifa;
702 struct hlist_node *n;
706 next = round_jiffies_up(now + ADDR_CHECK_FREQUENCY);
708 for (i = 0; i < IN4_ADDR_HSIZE; i++) {
709 bool change_needed = false;
712 hlist_for_each_entry_rcu(ifa, &inet_addr_lst[i], hash) {
715 if (ifa->ifa_flags & IFA_F_PERMANENT)
718 /* We try to batch several events at once. */
719 age = (now - ifa->ifa_tstamp +
720 ADDRCONF_TIMER_FUZZ_MINUS) / HZ;
722 if (ifa->ifa_valid_lft != INFINITY_LIFE_TIME &&
723 age >= ifa->ifa_valid_lft) {
724 change_needed = true;
725 } else if (ifa->ifa_preferred_lft ==
726 INFINITY_LIFE_TIME) {
728 } else if (age >= ifa->ifa_preferred_lft) {
729 if (time_before(ifa->ifa_tstamp +
730 ifa->ifa_valid_lft * HZ, next))
731 next = ifa->ifa_tstamp +
732 ifa->ifa_valid_lft * HZ;
734 if (!(ifa->ifa_flags & IFA_F_DEPRECATED))
735 change_needed = true;
736 } else if (time_before(ifa->ifa_tstamp +
737 ifa->ifa_preferred_lft * HZ,
739 next = ifa->ifa_tstamp +
740 ifa->ifa_preferred_lft * HZ;
747 hlist_for_each_entry_safe(ifa, n, &inet_addr_lst[i], hash) {
750 if (ifa->ifa_flags & IFA_F_PERMANENT)
753 /* We try to batch several events at once. */
754 age = (now - ifa->ifa_tstamp +
755 ADDRCONF_TIMER_FUZZ_MINUS) / HZ;
757 if (ifa->ifa_valid_lft != INFINITY_LIFE_TIME &&
758 age >= ifa->ifa_valid_lft) {
759 struct in_ifaddr __rcu **ifap;
760 struct in_ifaddr *tmp;
762 ifap = &ifa->ifa_dev->ifa_list;
763 tmp = rtnl_dereference(*ifap);
766 inet_del_ifa(ifa->ifa_dev,
770 ifap = &tmp->ifa_next;
771 tmp = rtnl_dereference(*ifap);
773 } else if (ifa->ifa_preferred_lft !=
774 INFINITY_LIFE_TIME &&
775 age >= ifa->ifa_preferred_lft &&
776 !(ifa->ifa_flags & IFA_F_DEPRECATED)) {
777 ifa->ifa_flags |= IFA_F_DEPRECATED;
778 rtmsg_ifa(RTM_NEWADDR, ifa, NULL, 0);
784 next_sec = round_jiffies_up(next);
787 /* If rounded timeout is accurate enough, accept it. */
788 if (time_before(next_sec, next + ADDRCONF_TIMER_FUZZ))
789 next_sched = next_sec;
792 /* And minimum interval is ADDRCONF_TIMER_FUZZ_MAX. */
793 if (time_before(next_sched, now + ADDRCONF_TIMER_FUZZ_MAX))
794 next_sched = now + ADDRCONF_TIMER_FUZZ_MAX;
796 queue_delayed_work(system_power_efficient_wq, &check_lifetime_work,
800 static void set_ifa_lifetime(struct in_ifaddr *ifa, __u32 valid_lft,
803 unsigned long timeout;
805 ifa->ifa_flags &= ~(IFA_F_PERMANENT | IFA_F_DEPRECATED);
807 timeout = addrconf_timeout_fixup(valid_lft, HZ);
808 if (addrconf_finite_timeout(timeout))
809 ifa->ifa_valid_lft = timeout;
811 ifa->ifa_flags |= IFA_F_PERMANENT;
813 timeout = addrconf_timeout_fixup(prefered_lft, HZ);
814 if (addrconf_finite_timeout(timeout)) {
816 ifa->ifa_flags |= IFA_F_DEPRECATED;
817 ifa->ifa_preferred_lft = timeout;
819 ifa->ifa_tstamp = jiffies;
820 if (!ifa->ifa_cstamp)
821 ifa->ifa_cstamp = ifa->ifa_tstamp;
824 static struct in_ifaddr *rtm_to_ifaddr(struct net *net, struct nlmsghdr *nlh,
825 __u32 *pvalid_lft, __u32 *pprefered_lft,
826 struct netlink_ext_ack *extack)
828 struct nlattr *tb[IFA_MAX+1];
829 struct in_ifaddr *ifa;
830 struct ifaddrmsg *ifm;
831 struct net_device *dev;
832 struct in_device *in_dev;
835 err = nlmsg_parse_deprecated(nlh, sizeof(*ifm), tb, IFA_MAX,
836 ifa_ipv4_policy, extack);
840 ifm = nlmsg_data(nlh);
842 if (ifm->ifa_prefixlen > 32 || !tb[IFA_LOCAL])
845 dev = __dev_get_by_index(net, ifm->ifa_index);
850 in_dev = __in_dev_get_rtnl(dev);
855 ifa = inet_alloc_ifa();
858 * A potential indev allocation can be left alive, it stays
859 * assigned to its device and is destroy with it.
863 ipv4_devconf_setall(in_dev);
864 neigh_parms_data_state_setall(in_dev->arp_parms);
867 if (!tb[IFA_ADDRESS])
868 tb[IFA_ADDRESS] = tb[IFA_LOCAL];
870 INIT_HLIST_NODE(&ifa->hash);
871 ifa->ifa_prefixlen = ifm->ifa_prefixlen;
872 ifa->ifa_mask = inet_make_mask(ifm->ifa_prefixlen);
873 ifa->ifa_flags = tb[IFA_FLAGS] ? nla_get_u32(tb[IFA_FLAGS]) :
875 ifa->ifa_scope = ifm->ifa_scope;
876 ifa->ifa_dev = in_dev;
878 ifa->ifa_local = nla_get_in_addr(tb[IFA_LOCAL]);
879 ifa->ifa_address = nla_get_in_addr(tb[IFA_ADDRESS]);
881 if (tb[IFA_BROADCAST])
882 ifa->ifa_broadcast = nla_get_in_addr(tb[IFA_BROADCAST]);
885 nla_strscpy(ifa->ifa_label, tb[IFA_LABEL], IFNAMSIZ);
887 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
889 if (tb[IFA_RT_PRIORITY])
890 ifa->ifa_rt_priority = nla_get_u32(tb[IFA_RT_PRIORITY]);
893 ifa->ifa_proto = nla_get_u8(tb[IFA_PROTO]);
895 if (tb[IFA_CACHEINFO]) {
896 struct ifa_cacheinfo *ci;
898 ci = nla_data(tb[IFA_CACHEINFO]);
899 if (!ci->ifa_valid || ci->ifa_prefered > ci->ifa_valid) {
903 *pvalid_lft = ci->ifa_valid;
904 *pprefered_lft = ci->ifa_prefered;
915 static struct in_ifaddr *find_matching_ifa(struct in_ifaddr *ifa)
917 struct in_device *in_dev = ifa->ifa_dev;
918 struct in_ifaddr *ifa1;
923 in_dev_for_each_ifa_rtnl(ifa1, in_dev) {
924 if (ifa1->ifa_mask == ifa->ifa_mask &&
925 inet_ifa_match(ifa1->ifa_address, ifa) &&
926 ifa1->ifa_local == ifa->ifa_local)
932 static int inet_rtm_newaddr(struct sk_buff *skb, struct nlmsghdr *nlh,
933 struct netlink_ext_ack *extack)
935 struct net *net = sock_net(skb->sk);
936 struct in_ifaddr *ifa;
937 struct in_ifaddr *ifa_existing;
938 __u32 valid_lft = INFINITY_LIFE_TIME;
939 __u32 prefered_lft = INFINITY_LIFE_TIME;
943 ifa = rtm_to_ifaddr(net, nlh, &valid_lft, &prefered_lft, extack);
947 ifa_existing = find_matching_ifa(ifa);
949 /* It would be best to check for !NLM_F_CREATE here but
950 * userspace already relies on not having to provide this.
952 set_ifa_lifetime(ifa, valid_lft, prefered_lft);
953 if (ifa->ifa_flags & IFA_F_MCAUTOJOIN) {
954 int ret = ip_mc_autojoin_config(net, true, ifa);
961 return __inet_insert_ifa(ifa, nlh, NETLINK_CB(skb).portid,
964 u32 new_metric = ifa->ifa_rt_priority;
968 if (nlh->nlmsg_flags & NLM_F_EXCL ||
969 !(nlh->nlmsg_flags & NLM_F_REPLACE))
973 if (ifa->ifa_rt_priority != new_metric) {
974 fib_modify_prefix_metric(ifa, new_metric);
975 ifa->ifa_rt_priority = new_metric;
978 set_ifa_lifetime(ifa, valid_lft, prefered_lft);
979 cancel_delayed_work(&check_lifetime_work);
980 queue_delayed_work(system_power_efficient_wq,
981 &check_lifetime_work, 0);
982 rtmsg_ifa(RTM_NEWADDR, ifa, nlh, NETLINK_CB(skb).portid);
988 * Determine a default network mask, based on the IP address.
991 static int inet_abc_len(__be32 addr)
993 int rc = -1; /* Something else, probably a multicast. */
995 if (ipv4_is_zeronet(addr) || ipv4_is_lbcast(addr))
998 __u32 haddr = ntohl(addr);
999 if (IN_CLASSA(haddr))
1001 else if (IN_CLASSB(haddr))
1003 else if (IN_CLASSC(haddr))
1005 else if (IN_CLASSE(haddr))
1013 int devinet_ioctl(struct net *net, unsigned int cmd, struct ifreq *ifr)
1015 struct sockaddr_in sin_orig;
1016 struct sockaddr_in *sin = (struct sockaddr_in *)&ifr->ifr_addr;
1017 struct in_ifaddr __rcu **ifap = NULL;
1018 struct in_device *in_dev;
1019 struct in_ifaddr *ifa = NULL;
1020 struct net_device *dev;
1023 int tryaddrmatch = 0;
1025 ifr->ifr_name[IFNAMSIZ - 1] = 0;
1027 /* save original address for comparison */
1028 memcpy(&sin_orig, sin, sizeof(*sin));
1030 colon = strchr(ifr->ifr_name, ':');
1034 dev_load(net, ifr->ifr_name);
1037 case SIOCGIFADDR: /* Get interface address */
1038 case SIOCGIFBRDADDR: /* Get the broadcast address */
1039 case SIOCGIFDSTADDR: /* Get the destination address */
1040 case SIOCGIFNETMASK: /* Get the netmask for the interface */
1041 /* Note that these ioctls will not sleep,
1042 so that we do not impose a lock.
1043 One day we will be forced to put shlock here (I mean SMP)
1045 tryaddrmatch = (sin_orig.sin_family == AF_INET);
1046 memset(sin, 0, sizeof(*sin));
1047 sin->sin_family = AF_INET;
1052 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
1055 case SIOCSIFADDR: /* Set interface address (and family) */
1056 case SIOCSIFBRDADDR: /* Set the broadcast address */
1057 case SIOCSIFDSTADDR: /* Set the destination address */
1058 case SIOCSIFNETMASK: /* Set the netmask for the interface */
1060 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
1063 if (sin->sin_family != AF_INET)
1074 dev = __dev_get_by_name(net, ifr->ifr_name);
1081 in_dev = __in_dev_get_rtnl(dev);
1084 /* Matthias Andree */
1085 /* compare label and address (4.4BSD style) */
1086 /* note: we only do this for a limited set of ioctls
1087 and only if the original address family was AF_INET.
1088 This is checked above. */
1090 for (ifap = &in_dev->ifa_list;
1091 (ifa = rtnl_dereference(*ifap)) != NULL;
1092 ifap = &ifa->ifa_next) {
1093 if (!strcmp(ifr->ifr_name, ifa->ifa_label) &&
1094 sin_orig.sin_addr.s_addr ==
1100 /* we didn't get a match, maybe the application is
1101 4.3BSD-style and passed in junk so we fall back to
1102 comparing just the label */
1104 for (ifap = &in_dev->ifa_list;
1105 (ifa = rtnl_dereference(*ifap)) != NULL;
1106 ifap = &ifa->ifa_next)
1107 if (!strcmp(ifr->ifr_name, ifa->ifa_label))
1112 ret = -EADDRNOTAVAIL;
1113 if (!ifa && cmd != SIOCSIFADDR && cmd != SIOCSIFFLAGS)
1117 case SIOCGIFADDR: /* Get interface address */
1119 sin->sin_addr.s_addr = ifa->ifa_local;
1122 case SIOCGIFBRDADDR: /* Get the broadcast address */
1124 sin->sin_addr.s_addr = ifa->ifa_broadcast;
1127 case SIOCGIFDSTADDR: /* Get the destination address */
1129 sin->sin_addr.s_addr = ifa->ifa_address;
1132 case SIOCGIFNETMASK: /* Get the netmask for the interface */
1134 sin->sin_addr.s_addr = ifa->ifa_mask;
1139 ret = -EADDRNOTAVAIL;
1143 if (!(ifr->ifr_flags & IFF_UP))
1144 inet_del_ifa(in_dev, ifap, 1);
1147 ret = dev_change_flags(dev, ifr->ifr_flags, NULL);
1150 case SIOCSIFADDR: /* Set interface address (and family) */
1152 if (inet_abc_len(sin->sin_addr.s_addr) < 0)
1157 ifa = inet_alloc_ifa();
1160 INIT_HLIST_NODE(&ifa->hash);
1162 memcpy(ifa->ifa_label, ifr->ifr_name, IFNAMSIZ);
1164 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
1167 if (ifa->ifa_local == sin->sin_addr.s_addr)
1169 inet_del_ifa(in_dev, ifap, 0);
1170 ifa->ifa_broadcast = 0;
1174 ifa->ifa_address = ifa->ifa_local = sin->sin_addr.s_addr;
1176 if (!(dev->flags & IFF_POINTOPOINT)) {
1177 ifa->ifa_prefixlen = inet_abc_len(ifa->ifa_address);
1178 ifa->ifa_mask = inet_make_mask(ifa->ifa_prefixlen);
1179 if ((dev->flags & IFF_BROADCAST) &&
1180 ifa->ifa_prefixlen < 31)
1181 ifa->ifa_broadcast = ifa->ifa_address |
1184 ifa->ifa_prefixlen = 32;
1185 ifa->ifa_mask = inet_make_mask(32);
1187 set_ifa_lifetime(ifa, INFINITY_LIFE_TIME, INFINITY_LIFE_TIME);
1188 ret = inet_set_ifa(dev, ifa);
1191 case SIOCSIFBRDADDR: /* Set the broadcast address */
1193 if (ifa->ifa_broadcast != sin->sin_addr.s_addr) {
1194 inet_del_ifa(in_dev, ifap, 0);
1195 ifa->ifa_broadcast = sin->sin_addr.s_addr;
1196 inet_insert_ifa(ifa);
1200 case SIOCSIFDSTADDR: /* Set the destination address */
1202 if (ifa->ifa_address == sin->sin_addr.s_addr)
1205 if (inet_abc_len(sin->sin_addr.s_addr) < 0)
1208 inet_del_ifa(in_dev, ifap, 0);
1209 ifa->ifa_address = sin->sin_addr.s_addr;
1210 inet_insert_ifa(ifa);
1213 case SIOCSIFNETMASK: /* Set the netmask for the interface */
1216 * The mask we set must be legal.
1219 if (bad_mask(sin->sin_addr.s_addr, 0))
1222 if (ifa->ifa_mask != sin->sin_addr.s_addr) {
1223 __be32 old_mask = ifa->ifa_mask;
1224 inet_del_ifa(in_dev, ifap, 0);
1225 ifa->ifa_mask = sin->sin_addr.s_addr;
1226 ifa->ifa_prefixlen = inet_mask_len(ifa->ifa_mask);
1228 /* See if current broadcast address matches
1229 * with current netmask, then recalculate
1230 * the broadcast address. Otherwise it's a
1231 * funny address, so don't touch it since
1232 * the user seems to know what (s)he's doing...
1234 if ((dev->flags & IFF_BROADCAST) &&
1235 (ifa->ifa_prefixlen < 31) &&
1236 (ifa->ifa_broadcast ==
1237 (ifa->ifa_local|~old_mask))) {
1238 ifa->ifa_broadcast = (ifa->ifa_local |
1239 ~sin->sin_addr.s_addr);
1241 inet_insert_ifa(ifa);
1251 int inet_gifconf(struct net_device *dev, char __user *buf, int len, int size)
1253 struct in_device *in_dev = __in_dev_get_rtnl(dev);
1254 const struct in_ifaddr *ifa;
1258 if (WARN_ON(size > sizeof(struct ifreq)))
1264 in_dev_for_each_ifa_rtnl(ifa, in_dev) {
1271 memset(&ifr, 0, sizeof(struct ifreq));
1272 strcpy(ifr.ifr_name, ifa->ifa_label);
1274 (*(struct sockaddr_in *)&ifr.ifr_addr).sin_family = AF_INET;
1275 (*(struct sockaddr_in *)&ifr.ifr_addr).sin_addr.s_addr =
1278 if (copy_to_user(buf + done, &ifr, size)) {
1289 static __be32 in_dev_select_addr(const struct in_device *in_dev,
1292 const struct in_ifaddr *ifa;
1294 in_dev_for_each_ifa_rcu(ifa, in_dev) {
1295 if (ifa->ifa_flags & IFA_F_SECONDARY)
1297 if (ifa->ifa_scope != RT_SCOPE_LINK &&
1298 ifa->ifa_scope <= scope)
1299 return ifa->ifa_local;
1305 __be32 inet_select_addr(const struct net_device *dev, __be32 dst, int scope)
1307 const struct in_ifaddr *ifa;
1309 unsigned char localnet_scope = RT_SCOPE_HOST;
1310 struct in_device *in_dev;
1311 struct net *net = dev_net(dev);
1315 in_dev = __in_dev_get_rcu(dev);
1319 if (unlikely(IN_DEV_ROUTE_LOCALNET(in_dev)))
1320 localnet_scope = RT_SCOPE_LINK;
1322 in_dev_for_each_ifa_rcu(ifa, in_dev) {
1323 if (ifa->ifa_flags & IFA_F_SECONDARY)
1325 if (min(ifa->ifa_scope, localnet_scope) > scope)
1327 if (!dst || inet_ifa_match(dst, ifa)) {
1328 addr = ifa->ifa_local;
1332 addr = ifa->ifa_local;
1338 master_idx = l3mdev_master_ifindex_rcu(dev);
1340 /* For VRFs, the VRF device takes the place of the loopback device,
1341 * with addresses on it being preferred. Note in such cases the
1342 * loopback device will be among the devices that fail the master_idx
1343 * equality check in the loop below.
1346 (dev = dev_get_by_index_rcu(net, master_idx)) &&
1347 (in_dev = __in_dev_get_rcu(dev))) {
1348 addr = in_dev_select_addr(in_dev, scope);
1353 /* Not loopback addresses on loopback should be preferred
1354 in this case. It is important that lo is the first interface
1357 for_each_netdev_rcu(net, dev) {
1358 if (l3mdev_master_ifindex_rcu(dev) != master_idx)
1361 in_dev = __in_dev_get_rcu(dev);
1365 addr = in_dev_select_addr(in_dev, scope);
1373 EXPORT_SYMBOL(inet_select_addr);
1375 static __be32 confirm_addr_indev(struct in_device *in_dev, __be32 dst,
1376 __be32 local, int scope)
1378 unsigned char localnet_scope = RT_SCOPE_HOST;
1379 const struct in_ifaddr *ifa;
1383 if (unlikely(IN_DEV_ROUTE_LOCALNET(in_dev)))
1384 localnet_scope = RT_SCOPE_LINK;
1386 in_dev_for_each_ifa_rcu(ifa, in_dev) {
1387 unsigned char min_scope = min(ifa->ifa_scope, localnet_scope);
1390 (local == ifa->ifa_local || !local) &&
1391 min_scope <= scope) {
1392 addr = ifa->ifa_local;
1397 same = (!local || inet_ifa_match(local, ifa)) &&
1398 (!dst || inet_ifa_match(dst, ifa));
1402 /* Is the selected addr into dst subnet? */
1403 if (inet_ifa_match(addr, ifa))
1405 /* No, then can we use new local src? */
1406 if (min_scope <= scope) {
1407 addr = ifa->ifa_local;
1410 /* search for large dst subnet for addr */
1416 return same ? addr : 0;
1420 * Confirm that local IP address exists using wildcards:
1421 * - net: netns to check, cannot be NULL
1422 * - in_dev: only on this interface, NULL=any interface
1423 * - dst: only in the same subnet as dst, 0=any dst
1424 * - local: address, 0=autoselect the local address
1425 * - scope: maximum allowed scope value for the local address
1427 __be32 inet_confirm_addr(struct net *net, struct in_device *in_dev,
1428 __be32 dst, __be32 local, int scope)
1431 struct net_device *dev;
1434 return confirm_addr_indev(in_dev, dst, local, scope);
1437 for_each_netdev_rcu(net, dev) {
1438 in_dev = __in_dev_get_rcu(dev);
1440 addr = confirm_addr_indev(in_dev, dst, local, scope);
1449 EXPORT_SYMBOL(inet_confirm_addr);
1455 int register_inetaddr_notifier(struct notifier_block *nb)
1457 return blocking_notifier_chain_register(&inetaddr_chain, nb);
1459 EXPORT_SYMBOL(register_inetaddr_notifier);
1461 int unregister_inetaddr_notifier(struct notifier_block *nb)
1463 return blocking_notifier_chain_unregister(&inetaddr_chain, nb);
1465 EXPORT_SYMBOL(unregister_inetaddr_notifier);
1467 int register_inetaddr_validator_notifier(struct notifier_block *nb)
1469 return blocking_notifier_chain_register(&inetaddr_validator_chain, nb);
1471 EXPORT_SYMBOL(register_inetaddr_validator_notifier);
1473 int unregister_inetaddr_validator_notifier(struct notifier_block *nb)
1475 return blocking_notifier_chain_unregister(&inetaddr_validator_chain,
1478 EXPORT_SYMBOL(unregister_inetaddr_validator_notifier);
1480 /* Rename ifa_labels for a device name change. Make some effort to preserve
1481 * existing alias numbering and to create unique labels if possible.
1483 static void inetdev_changename(struct net_device *dev, struct in_device *in_dev)
1485 struct in_ifaddr *ifa;
1488 in_dev_for_each_ifa_rtnl(ifa, in_dev) {
1489 char old[IFNAMSIZ], *dot;
1491 memcpy(old, ifa->ifa_label, IFNAMSIZ);
1492 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
1495 dot = strchr(old, ':');
1497 sprintf(old, ":%d", named);
1500 if (strlen(dot) + strlen(dev->name) < IFNAMSIZ)
1501 strcat(ifa->ifa_label, dot);
1503 strcpy(ifa->ifa_label + (IFNAMSIZ - strlen(dot) - 1), dot);
1505 rtmsg_ifa(RTM_NEWADDR, ifa, NULL, 0);
1509 static void inetdev_send_gratuitous_arp(struct net_device *dev,
1510 struct in_device *in_dev)
1513 const struct in_ifaddr *ifa;
1515 in_dev_for_each_ifa_rtnl(ifa, in_dev) {
1516 arp_send(ARPOP_REQUEST, ETH_P_ARP,
1517 ifa->ifa_local, dev,
1518 ifa->ifa_local, NULL,
1519 dev->dev_addr, NULL);
1523 /* Called only under RTNL semaphore */
1525 static int inetdev_event(struct notifier_block *this, unsigned long event,
1528 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
1529 struct in_device *in_dev = __in_dev_get_rtnl(dev);
1534 if (event == NETDEV_REGISTER) {
1535 in_dev = inetdev_init(dev);
1537 return notifier_from_errno(PTR_ERR(in_dev));
1538 if (dev->flags & IFF_LOOPBACK) {
1539 IN_DEV_CONF_SET(in_dev, NOXFRM, 1);
1540 IN_DEV_CONF_SET(in_dev, NOPOLICY, 1);
1542 } else if (event == NETDEV_CHANGEMTU) {
1543 /* Re-enabling IP */
1544 if (inetdev_valid_mtu(dev->mtu))
1545 in_dev = inetdev_init(dev);
1551 case NETDEV_REGISTER:
1552 pr_debug("%s: bug\n", __func__);
1553 RCU_INIT_POINTER(dev->ip_ptr, NULL);
1556 if (!inetdev_valid_mtu(dev->mtu))
1558 if (dev->flags & IFF_LOOPBACK) {
1559 struct in_ifaddr *ifa = inet_alloc_ifa();
1562 INIT_HLIST_NODE(&ifa->hash);
1564 ifa->ifa_address = htonl(INADDR_LOOPBACK);
1565 ifa->ifa_prefixlen = 8;
1566 ifa->ifa_mask = inet_make_mask(8);
1567 in_dev_hold(in_dev);
1568 ifa->ifa_dev = in_dev;
1569 ifa->ifa_scope = RT_SCOPE_HOST;
1570 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
1571 set_ifa_lifetime(ifa, INFINITY_LIFE_TIME,
1572 INFINITY_LIFE_TIME);
1573 ipv4_devconf_setall(in_dev);
1574 neigh_parms_data_state_setall(in_dev->arp_parms);
1575 inet_insert_ifa(ifa);
1580 case NETDEV_CHANGEADDR:
1581 if (!IN_DEV_ARP_NOTIFY(in_dev))
1584 case NETDEV_NOTIFY_PEERS:
1585 /* Send gratuitous ARP to notify of link change */
1586 inetdev_send_gratuitous_arp(dev, in_dev);
1591 case NETDEV_PRE_TYPE_CHANGE:
1592 ip_mc_unmap(in_dev);
1594 case NETDEV_POST_TYPE_CHANGE:
1595 ip_mc_remap(in_dev);
1597 case NETDEV_CHANGEMTU:
1598 if (inetdev_valid_mtu(dev->mtu))
1600 /* disable IP when MTU is not enough */
1602 case NETDEV_UNREGISTER:
1603 inetdev_destroy(in_dev);
1605 case NETDEV_CHANGENAME:
1606 /* Do not notify about label change, this event is
1607 * not interesting to applications using netlink.
1609 inetdev_changename(dev, in_dev);
1611 devinet_sysctl_unregister(in_dev);
1612 devinet_sysctl_register(in_dev);
1619 static struct notifier_block ip_netdev_notifier = {
1620 .notifier_call = inetdev_event,
1623 static size_t inet_nlmsg_size(void)
1625 return NLMSG_ALIGN(sizeof(struct ifaddrmsg))
1626 + nla_total_size(4) /* IFA_ADDRESS */
1627 + nla_total_size(4) /* IFA_LOCAL */
1628 + nla_total_size(4) /* IFA_BROADCAST */
1629 + nla_total_size(IFNAMSIZ) /* IFA_LABEL */
1630 + nla_total_size(4) /* IFA_FLAGS */
1631 + nla_total_size(1) /* IFA_PROTO */
1632 + nla_total_size(4) /* IFA_RT_PRIORITY */
1633 + nla_total_size(sizeof(struct ifa_cacheinfo)); /* IFA_CACHEINFO */
1636 static inline u32 cstamp_delta(unsigned long cstamp)
1638 return (cstamp - INITIAL_JIFFIES) * 100UL / HZ;
1641 static int put_cacheinfo(struct sk_buff *skb, unsigned long cstamp,
1642 unsigned long tstamp, u32 preferred, u32 valid)
1644 struct ifa_cacheinfo ci;
1646 ci.cstamp = cstamp_delta(cstamp);
1647 ci.tstamp = cstamp_delta(tstamp);
1648 ci.ifa_prefered = preferred;
1649 ci.ifa_valid = valid;
1651 return nla_put(skb, IFA_CACHEINFO, sizeof(ci), &ci);
1654 static int inet_fill_ifaddr(struct sk_buff *skb, struct in_ifaddr *ifa,
1655 struct inet_fill_args *args)
1657 struct ifaddrmsg *ifm;
1658 struct nlmsghdr *nlh;
1659 u32 preferred, valid;
1661 nlh = nlmsg_put(skb, args->portid, args->seq, args->event, sizeof(*ifm),
1666 ifm = nlmsg_data(nlh);
1667 ifm->ifa_family = AF_INET;
1668 ifm->ifa_prefixlen = ifa->ifa_prefixlen;
1669 ifm->ifa_flags = ifa->ifa_flags;
1670 ifm->ifa_scope = ifa->ifa_scope;
1671 ifm->ifa_index = ifa->ifa_dev->dev->ifindex;
1673 if (args->netnsid >= 0 &&
1674 nla_put_s32(skb, IFA_TARGET_NETNSID, args->netnsid))
1675 goto nla_put_failure;
1677 if (!(ifm->ifa_flags & IFA_F_PERMANENT)) {
1678 preferred = ifa->ifa_preferred_lft;
1679 valid = ifa->ifa_valid_lft;
1680 if (preferred != INFINITY_LIFE_TIME) {
1681 long tval = (jiffies - ifa->ifa_tstamp) / HZ;
1683 if (preferred > tval)
1687 if (valid != INFINITY_LIFE_TIME) {
1695 preferred = INFINITY_LIFE_TIME;
1696 valid = INFINITY_LIFE_TIME;
1698 if ((ifa->ifa_address &&
1699 nla_put_in_addr(skb, IFA_ADDRESS, ifa->ifa_address)) ||
1701 nla_put_in_addr(skb, IFA_LOCAL, ifa->ifa_local)) ||
1702 (ifa->ifa_broadcast &&
1703 nla_put_in_addr(skb, IFA_BROADCAST, ifa->ifa_broadcast)) ||
1704 (ifa->ifa_label[0] &&
1705 nla_put_string(skb, IFA_LABEL, ifa->ifa_label)) ||
1707 nla_put_u8(skb, IFA_PROTO, ifa->ifa_proto)) ||
1708 nla_put_u32(skb, IFA_FLAGS, ifa->ifa_flags) ||
1709 (ifa->ifa_rt_priority &&
1710 nla_put_u32(skb, IFA_RT_PRIORITY, ifa->ifa_rt_priority)) ||
1711 put_cacheinfo(skb, ifa->ifa_cstamp, ifa->ifa_tstamp,
1713 goto nla_put_failure;
1715 nlmsg_end(skb, nlh);
1719 nlmsg_cancel(skb, nlh);
1723 static int inet_valid_dump_ifaddr_req(const struct nlmsghdr *nlh,
1724 struct inet_fill_args *fillargs,
1725 struct net **tgt_net, struct sock *sk,
1726 struct netlink_callback *cb)
1728 struct netlink_ext_ack *extack = cb->extack;
1729 struct nlattr *tb[IFA_MAX+1];
1730 struct ifaddrmsg *ifm;
1733 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*ifm))) {
1734 NL_SET_ERR_MSG(extack, "ipv4: Invalid header for address dump request");
1738 ifm = nlmsg_data(nlh);
1739 if (ifm->ifa_prefixlen || ifm->ifa_flags || ifm->ifa_scope) {
1740 NL_SET_ERR_MSG(extack, "ipv4: Invalid values in header for address dump request");
1744 fillargs->ifindex = ifm->ifa_index;
1745 if (fillargs->ifindex) {
1746 cb->answer_flags |= NLM_F_DUMP_FILTERED;
1747 fillargs->flags |= NLM_F_DUMP_FILTERED;
1750 err = nlmsg_parse_deprecated_strict(nlh, sizeof(*ifm), tb, IFA_MAX,
1751 ifa_ipv4_policy, extack);
1755 for (i = 0; i <= IFA_MAX; ++i) {
1759 if (i == IFA_TARGET_NETNSID) {
1762 fillargs->netnsid = nla_get_s32(tb[i]);
1764 net = rtnl_get_net_ns_capable(sk, fillargs->netnsid);
1766 fillargs->netnsid = -1;
1767 NL_SET_ERR_MSG(extack, "ipv4: Invalid target network namespace id");
1768 return PTR_ERR(net);
1772 NL_SET_ERR_MSG(extack, "ipv4: Unsupported attribute in dump request");
1780 static int in_dev_dump_addr(struct in_device *in_dev, struct sk_buff *skb,
1781 struct netlink_callback *cb, int s_ip_idx,
1782 struct inet_fill_args *fillargs)
1784 struct in_ifaddr *ifa;
1788 in_dev_for_each_ifa_rtnl(ifa, in_dev) {
1789 if (ip_idx < s_ip_idx) {
1793 err = inet_fill_ifaddr(skb, ifa, fillargs);
1797 nl_dump_check_consistent(cb, nlmsg_hdr(skb));
1803 cb->args[2] = ip_idx;
1808 static int inet_dump_ifaddr(struct sk_buff *skb, struct netlink_callback *cb)
1810 const struct nlmsghdr *nlh = cb->nlh;
1811 struct inet_fill_args fillargs = {
1812 .portid = NETLINK_CB(cb->skb).portid,
1813 .seq = nlh->nlmsg_seq,
1814 .event = RTM_NEWADDR,
1815 .flags = NLM_F_MULTI,
1818 struct net *net = sock_net(skb->sk);
1819 struct net *tgt_net = net;
1823 struct net_device *dev;
1824 struct in_device *in_dev;
1825 struct hlist_head *head;
1829 s_idx = idx = cb->args[1];
1830 s_ip_idx = cb->args[2];
1832 if (cb->strict_check) {
1833 err = inet_valid_dump_ifaddr_req(nlh, &fillargs, &tgt_net,
1839 if (fillargs.ifindex) {
1840 dev = __dev_get_by_index(tgt_net, fillargs.ifindex);
1846 in_dev = __in_dev_get_rtnl(dev);
1848 err = in_dev_dump_addr(in_dev, skb, cb, s_ip_idx,
1855 for (h = s_h; h < NETDEV_HASHENTRIES; h++, s_idx = 0) {
1857 head = &tgt_net->dev_index_head[h];
1859 cb->seq = atomic_read(&tgt_net->ipv4.dev_addr_genid) ^
1860 tgt_net->dev_base_seq;
1861 hlist_for_each_entry_rcu(dev, head, index_hlist) {
1864 if (h > s_h || idx > s_idx)
1866 in_dev = __in_dev_get_rcu(dev);
1870 err = in_dev_dump_addr(in_dev, skb, cb, s_ip_idx,
1886 if (fillargs.netnsid >= 0)
1889 return skb->len ? : err;
1892 static void rtmsg_ifa(int event, struct in_ifaddr *ifa, struct nlmsghdr *nlh,
1895 struct inet_fill_args fillargs = {
1897 .seq = nlh ? nlh->nlmsg_seq : 0,
1902 struct sk_buff *skb;
1906 net = dev_net(ifa->ifa_dev->dev);
1907 skb = nlmsg_new(inet_nlmsg_size(), GFP_KERNEL);
1911 err = inet_fill_ifaddr(skb, ifa, &fillargs);
1913 /* -EMSGSIZE implies BUG in inet_nlmsg_size() */
1914 WARN_ON(err == -EMSGSIZE);
1918 rtnl_notify(skb, net, portid, RTNLGRP_IPV4_IFADDR, nlh, GFP_KERNEL);
1922 rtnl_set_sk_err(net, RTNLGRP_IPV4_IFADDR, err);
1925 static size_t inet_get_link_af_size(const struct net_device *dev,
1926 u32 ext_filter_mask)
1928 struct in_device *in_dev = rcu_dereference_rtnl(dev->ip_ptr);
1933 return nla_total_size(IPV4_DEVCONF_MAX * 4); /* IFLA_INET_CONF */
1936 static int inet_fill_link_af(struct sk_buff *skb, const struct net_device *dev,
1937 u32 ext_filter_mask)
1939 struct in_device *in_dev = rcu_dereference_rtnl(dev->ip_ptr);
1946 nla = nla_reserve(skb, IFLA_INET_CONF, IPV4_DEVCONF_MAX * 4);
1950 for (i = 0; i < IPV4_DEVCONF_MAX; i++)
1951 ((u32 *) nla_data(nla))[i] = in_dev->cnf.data[i];
1956 static const struct nla_policy inet_af_policy[IFLA_INET_MAX+1] = {
1957 [IFLA_INET_CONF] = { .type = NLA_NESTED },
1960 static int inet_validate_link_af(const struct net_device *dev,
1961 const struct nlattr *nla,
1962 struct netlink_ext_ack *extack)
1964 struct nlattr *a, *tb[IFLA_INET_MAX+1];
1967 if (dev && !__in_dev_get_rtnl(dev))
1968 return -EAFNOSUPPORT;
1970 err = nla_parse_nested_deprecated(tb, IFLA_INET_MAX, nla,
1971 inet_af_policy, extack);
1975 if (tb[IFLA_INET_CONF]) {
1976 nla_for_each_nested(a, tb[IFLA_INET_CONF], rem) {
1977 int cfgid = nla_type(a);
1982 if (cfgid <= 0 || cfgid > IPV4_DEVCONF_MAX)
1990 static int inet_set_link_af(struct net_device *dev, const struct nlattr *nla,
1991 struct netlink_ext_ack *extack)
1993 struct in_device *in_dev = __in_dev_get_rtnl(dev);
1994 struct nlattr *a, *tb[IFLA_INET_MAX+1];
1998 return -EAFNOSUPPORT;
2000 if (nla_parse_nested_deprecated(tb, IFLA_INET_MAX, nla, NULL, NULL) < 0)
2003 if (tb[IFLA_INET_CONF]) {
2004 nla_for_each_nested(a, tb[IFLA_INET_CONF], rem)
2005 ipv4_devconf_set(in_dev, nla_type(a), nla_get_u32(a));
2011 static int inet_netconf_msgsize_devconf(int type)
2013 int size = NLMSG_ALIGN(sizeof(struct netconfmsg))
2014 + nla_total_size(4); /* NETCONFA_IFINDEX */
2017 if (type == NETCONFA_ALL)
2020 if (all || type == NETCONFA_FORWARDING)
2021 size += nla_total_size(4);
2022 if (all || type == NETCONFA_RP_FILTER)
2023 size += nla_total_size(4);
2024 if (all || type == NETCONFA_MC_FORWARDING)
2025 size += nla_total_size(4);
2026 if (all || type == NETCONFA_BC_FORWARDING)
2027 size += nla_total_size(4);
2028 if (all || type == NETCONFA_PROXY_NEIGH)
2029 size += nla_total_size(4);
2030 if (all || type == NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN)
2031 size += nla_total_size(4);
2036 static int inet_netconf_fill_devconf(struct sk_buff *skb, int ifindex,
2037 struct ipv4_devconf *devconf, u32 portid,
2038 u32 seq, int event, unsigned int flags,
2041 struct nlmsghdr *nlh;
2042 struct netconfmsg *ncm;
2045 nlh = nlmsg_put(skb, portid, seq, event, sizeof(struct netconfmsg),
2050 if (type == NETCONFA_ALL)
2053 ncm = nlmsg_data(nlh);
2054 ncm->ncm_family = AF_INET;
2056 if (nla_put_s32(skb, NETCONFA_IFINDEX, ifindex) < 0)
2057 goto nla_put_failure;
2062 if ((all || type == NETCONFA_FORWARDING) &&
2063 nla_put_s32(skb, NETCONFA_FORWARDING,
2064 IPV4_DEVCONF(*devconf, FORWARDING)) < 0)
2065 goto nla_put_failure;
2066 if ((all || type == NETCONFA_RP_FILTER) &&
2067 nla_put_s32(skb, NETCONFA_RP_FILTER,
2068 IPV4_DEVCONF(*devconf, RP_FILTER)) < 0)
2069 goto nla_put_failure;
2070 if ((all || type == NETCONFA_MC_FORWARDING) &&
2071 nla_put_s32(skb, NETCONFA_MC_FORWARDING,
2072 IPV4_DEVCONF(*devconf, MC_FORWARDING)) < 0)
2073 goto nla_put_failure;
2074 if ((all || type == NETCONFA_BC_FORWARDING) &&
2075 nla_put_s32(skb, NETCONFA_BC_FORWARDING,
2076 IPV4_DEVCONF(*devconf, BC_FORWARDING)) < 0)
2077 goto nla_put_failure;
2078 if ((all || type == NETCONFA_PROXY_NEIGH) &&
2079 nla_put_s32(skb, NETCONFA_PROXY_NEIGH,
2080 IPV4_DEVCONF(*devconf, PROXY_ARP)) < 0)
2081 goto nla_put_failure;
2082 if ((all || type == NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN) &&
2083 nla_put_s32(skb, NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN,
2084 IPV4_DEVCONF(*devconf, IGNORE_ROUTES_WITH_LINKDOWN)) < 0)
2085 goto nla_put_failure;
2088 nlmsg_end(skb, nlh);
2092 nlmsg_cancel(skb, nlh);
2096 void inet_netconf_notify_devconf(struct net *net, int event, int type,
2097 int ifindex, struct ipv4_devconf *devconf)
2099 struct sk_buff *skb;
2102 skb = nlmsg_new(inet_netconf_msgsize_devconf(type), GFP_KERNEL);
2106 err = inet_netconf_fill_devconf(skb, ifindex, devconf, 0, 0,
2109 /* -EMSGSIZE implies BUG in inet_netconf_msgsize_devconf() */
2110 WARN_ON(err == -EMSGSIZE);
2114 rtnl_notify(skb, net, 0, RTNLGRP_IPV4_NETCONF, NULL, GFP_KERNEL);
2118 rtnl_set_sk_err(net, RTNLGRP_IPV4_NETCONF, err);
2121 static const struct nla_policy devconf_ipv4_policy[NETCONFA_MAX+1] = {
2122 [NETCONFA_IFINDEX] = { .len = sizeof(int) },
2123 [NETCONFA_FORWARDING] = { .len = sizeof(int) },
2124 [NETCONFA_RP_FILTER] = { .len = sizeof(int) },
2125 [NETCONFA_PROXY_NEIGH] = { .len = sizeof(int) },
2126 [NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN] = { .len = sizeof(int) },
2129 static int inet_netconf_valid_get_req(struct sk_buff *skb,
2130 const struct nlmsghdr *nlh,
2132 struct netlink_ext_ack *extack)
2136 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(struct netconfmsg))) {
2137 NL_SET_ERR_MSG(extack, "ipv4: Invalid header for netconf get request");
2141 if (!netlink_strict_get_check(skb))
2142 return nlmsg_parse_deprecated(nlh, sizeof(struct netconfmsg),
2144 devconf_ipv4_policy, extack);
2146 err = nlmsg_parse_deprecated_strict(nlh, sizeof(struct netconfmsg),
2148 devconf_ipv4_policy, extack);
2152 for (i = 0; i <= NETCONFA_MAX; i++) {
2157 case NETCONFA_IFINDEX:
2160 NL_SET_ERR_MSG(extack, "ipv4: Unsupported attribute in netconf get request");
2168 static int inet_netconf_get_devconf(struct sk_buff *in_skb,
2169 struct nlmsghdr *nlh,
2170 struct netlink_ext_ack *extack)
2172 struct net *net = sock_net(in_skb->sk);
2173 struct nlattr *tb[NETCONFA_MAX+1];
2174 struct sk_buff *skb;
2175 struct ipv4_devconf *devconf;
2176 struct in_device *in_dev;
2177 struct net_device *dev;
2181 err = inet_netconf_valid_get_req(in_skb, nlh, tb, extack);
2186 if (!tb[NETCONFA_IFINDEX])
2189 ifindex = nla_get_s32(tb[NETCONFA_IFINDEX]);
2191 case NETCONFA_IFINDEX_ALL:
2192 devconf = net->ipv4.devconf_all;
2194 case NETCONFA_IFINDEX_DEFAULT:
2195 devconf = net->ipv4.devconf_dflt;
2198 dev = __dev_get_by_index(net, ifindex);
2201 in_dev = __in_dev_get_rtnl(dev);
2204 devconf = &in_dev->cnf;
2209 skb = nlmsg_new(inet_netconf_msgsize_devconf(NETCONFA_ALL), GFP_KERNEL);
2213 err = inet_netconf_fill_devconf(skb, ifindex, devconf,
2214 NETLINK_CB(in_skb).portid,
2215 nlh->nlmsg_seq, RTM_NEWNETCONF, 0,
2218 /* -EMSGSIZE implies BUG in inet_netconf_msgsize_devconf() */
2219 WARN_ON(err == -EMSGSIZE);
2223 err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).portid);
2228 static int inet_netconf_dump_devconf(struct sk_buff *skb,
2229 struct netlink_callback *cb)
2231 const struct nlmsghdr *nlh = cb->nlh;
2232 struct net *net = sock_net(skb->sk);
2235 struct net_device *dev;
2236 struct in_device *in_dev;
2237 struct hlist_head *head;
2239 if (cb->strict_check) {
2240 struct netlink_ext_ack *extack = cb->extack;
2241 struct netconfmsg *ncm;
2243 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*ncm))) {
2244 NL_SET_ERR_MSG(extack, "ipv4: Invalid header for netconf dump request");
2248 if (nlmsg_attrlen(nlh, sizeof(*ncm))) {
2249 NL_SET_ERR_MSG(extack, "ipv4: Invalid data after header in netconf dump request");
2255 s_idx = idx = cb->args[1];
2257 for (h = s_h; h < NETDEV_HASHENTRIES; h++, s_idx = 0) {
2259 head = &net->dev_index_head[h];
2261 cb->seq = atomic_read(&net->ipv4.dev_addr_genid) ^
2263 hlist_for_each_entry_rcu(dev, head, index_hlist) {
2266 in_dev = __in_dev_get_rcu(dev);
2270 if (inet_netconf_fill_devconf(skb, dev->ifindex,
2272 NETLINK_CB(cb->skb).portid,
2276 NETCONFA_ALL) < 0) {
2280 nl_dump_check_consistent(cb, nlmsg_hdr(skb));
2286 if (h == NETDEV_HASHENTRIES) {
2287 if (inet_netconf_fill_devconf(skb, NETCONFA_IFINDEX_ALL,
2288 net->ipv4.devconf_all,
2289 NETLINK_CB(cb->skb).portid,
2291 RTM_NEWNETCONF, NLM_F_MULTI,
2297 if (h == NETDEV_HASHENTRIES + 1) {
2298 if (inet_netconf_fill_devconf(skb, NETCONFA_IFINDEX_DEFAULT,
2299 net->ipv4.devconf_dflt,
2300 NETLINK_CB(cb->skb).portid,
2302 RTM_NEWNETCONF, NLM_F_MULTI,
2315 #ifdef CONFIG_SYSCTL
2317 static void devinet_copy_dflt_conf(struct net *net, int i)
2319 struct net_device *dev;
2322 for_each_netdev_rcu(net, dev) {
2323 struct in_device *in_dev;
2325 in_dev = __in_dev_get_rcu(dev);
2326 if (in_dev && !test_bit(i, in_dev->cnf.state))
2327 in_dev->cnf.data[i] = net->ipv4.devconf_dflt->data[i];
2332 /* called with RTNL locked */
2333 static void inet_forward_change(struct net *net)
2335 struct net_device *dev;
2336 int on = IPV4_DEVCONF_ALL(net, FORWARDING);
2338 IPV4_DEVCONF_ALL(net, ACCEPT_REDIRECTS) = !on;
2339 IPV4_DEVCONF_DFLT(net, FORWARDING) = on;
2340 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2341 NETCONFA_FORWARDING,
2342 NETCONFA_IFINDEX_ALL,
2343 net->ipv4.devconf_all);
2344 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2345 NETCONFA_FORWARDING,
2346 NETCONFA_IFINDEX_DEFAULT,
2347 net->ipv4.devconf_dflt);
2349 for_each_netdev(net, dev) {
2350 struct in_device *in_dev;
2353 dev_disable_lro(dev);
2355 in_dev = __in_dev_get_rtnl(dev);
2357 IN_DEV_CONF_SET(in_dev, FORWARDING, on);
2358 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2359 NETCONFA_FORWARDING,
2360 dev->ifindex, &in_dev->cnf);
2365 static int devinet_conf_ifindex(struct net *net, struct ipv4_devconf *cnf)
2367 if (cnf == net->ipv4.devconf_dflt)
2368 return NETCONFA_IFINDEX_DEFAULT;
2369 else if (cnf == net->ipv4.devconf_all)
2370 return NETCONFA_IFINDEX_ALL;
2372 struct in_device *idev
2373 = container_of(cnf, struct in_device, cnf);
2374 return idev->dev->ifindex;
2378 static int devinet_conf_proc(struct ctl_table *ctl, int write,
2379 void *buffer, size_t *lenp, loff_t *ppos)
2381 int old_value = *(int *)ctl->data;
2382 int ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
2383 int new_value = *(int *)ctl->data;
2386 struct ipv4_devconf *cnf = ctl->extra1;
2387 struct net *net = ctl->extra2;
2388 int i = (int *)ctl->data - cnf->data;
2391 set_bit(i, cnf->state);
2393 if (cnf == net->ipv4.devconf_dflt)
2394 devinet_copy_dflt_conf(net, i);
2395 if (i == IPV4_DEVCONF_ACCEPT_LOCAL - 1 ||
2396 i == IPV4_DEVCONF_ROUTE_LOCALNET - 1)
2397 if ((new_value == 0) && (old_value != 0))
2398 rt_cache_flush(net);
2400 if (i == IPV4_DEVCONF_BC_FORWARDING - 1 &&
2401 new_value != old_value)
2402 rt_cache_flush(net);
2404 if (i == IPV4_DEVCONF_RP_FILTER - 1 &&
2405 new_value != old_value) {
2406 ifindex = devinet_conf_ifindex(net, cnf);
2407 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2411 if (i == IPV4_DEVCONF_PROXY_ARP - 1 &&
2412 new_value != old_value) {
2413 ifindex = devinet_conf_ifindex(net, cnf);
2414 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2415 NETCONFA_PROXY_NEIGH,
2418 if (i == IPV4_DEVCONF_IGNORE_ROUTES_WITH_LINKDOWN - 1 &&
2419 new_value != old_value) {
2420 ifindex = devinet_conf_ifindex(net, cnf);
2421 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2422 NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN,
2430 static int devinet_sysctl_forward(struct ctl_table *ctl, int write,
2431 void *buffer, size_t *lenp, loff_t *ppos)
2433 int *valp = ctl->data;
2436 struct net *net = ctl->extra2;
2439 if (write && !ns_capable(net->user_ns, CAP_NET_ADMIN))
2442 ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
2444 if (write && *valp != val) {
2445 if (valp != &IPV4_DEVCONF_DFLT(net, FORWARDING)) {
2446 if (!rtnl_trylock()) {
2447 /* Restore the original values before restarting */
2450 return restart_syscall();
2452 if (valp == &IPV4_DEVCONF_ALL(net, FORWARDING)) {
2453 inet_forward_change(net);
2455 struct ipv4_devconf *cnf = ctl->extra1;
2456 struct in_device *idev =
2457 container_of(cnf, struct in_device, cnf);
2459 dev_disable_lro(idev->dev);
2460 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2461 NETCONFA_FORWARDING,
2466 rt_cache_flush(net);
2468 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2469 NETCONFA_FORWARDING,
2470 NETCONFA_IFINDEX_DEFAULT,
2471 net->ipv4.devconf_dflt);
2477 static int ipv4_doint_and_flush(struct ctl_table *ctl, int write,
2478 void *buffer, size_t *lenp, loff_t *ppos)
2480 int *valp = ctl->data;
2482 int ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
2483 struct net *net = ctl->extra2;
2485 if (write && *valp != val)
2486 rt_cache_flush(net);
2491 #define DEVINET_SYSCTL_ENTRY(attr, name, mval, proc) \
2494 .data = ipv4_devconf.data + \
2495 IPV4_DEVCONF_ ## attr - 1, \
2496 .maxlen = sizeof(int), \
2498 .proc_handler = proc, \
2499 .extra1 = &ipv4_devconf, \
2502 #define DEVINET_SYSCTL_RW_ENTRY(attr, name) \
2503 DEVINET_SYSCTL_ENTRY(attr, name, 0644, devinet_conf_proc)
2505 #define DEVINET_SYSCTL_RO_ENTRY(attr, name) \
2506 DEVINET_SYSCTL_ENTRY(attr, name, 0444, devinet_conf_proc)
2508 #define DEVINET_SYSCTL_COMPLEX_ENTRY(attr, name, proc) \
2509 DEVINET_SYSCTL_ENTRY(attr, name, 0644, proc)
2511 #define DEVINET_SYSCTL_FLUSHING_ENTRY(attr, name) \
2512 DEVINET_SYSCTL_COMPLEX_ENTRY(attr, name, ipv4_doint_and_flush)
2514 static struct devinet_sysctl_table {
2515 struct ctl_table_header *sysctl_header;
2516 struct ctl_table devinet_vars[__IPV4_DEVCONF_MAX];
2517 } devinet_sysctl = {
2519 DEVINET_SYSCTL_COMPLEX_ENTRY(FORWARDING, "forwarding",
2520 devinet_sysctl_forward),
2521 DEVINET_SYSCTL_RO_ENTRY(MC_FORWARDING, "mc_forwarding"),
2522 DEVINET_SYSCTL_RW_ENTRY(BC_FORWARDING, "bc_forwarding"),
2524 DEVINET_SYSCTL_RW_ENTRY(ACCEPT_REDIRECTS, "accept_redirects"),
2525 DEVINET_SYSCTL_RW_ENTRY(SECURE_REDIRECTS, "secure_redirects"),
2526 DEVINET_SYSCTL_RW_ENTRY(SHARED_MEDIA, "shared_media"),
2527 DEVINET_SYSCTL_RW_ENTRY(RP_FILTER, "rp_filter"),
2528 DEVINET_SYSCTL_RW_ENTRY(SEND_REDIRECTS, "send_redirects"),
2529 DEVINET_SYSCTL_RW_ENTRY(ACCEPT_SOURCE_ROUTE,
2530 "accept_source_route"),
2531 DEVINET_SYSCTL_RW_ENTRY(ACCEPT_LOCAL, "accept_local"),
2532 DEVINET_SYSCTL_RW_ENTRY(SRC_VMARK, "src_valid_mark"),
2533 DEVINET_SYSCTL_RW_ENTRY(PROXY_ARP, "proxy_arp"),
2534 DEVINET_SYSCTL_RW_ENTRY(MEDIUM_ID, "medium_id"),
2535 DEVINET_SYSCTL_RW_ENTRY(BOOTP_RELAY, "bootp_relay"),
2536 DEVINET_SYSCTL_RW_ENTRY(LOG_MARTIANS, "log_martians"),
2537 DEVINET_SYSCTL_RW_ENTRY(TAG, "tag"),
2538 DEVINET_SYSCTL_RW_ENTRY(ARPFILTER, "arp_filter"),
2539 DEVINET_SYSCTL_RW_ENTRY(ARP_ANNOUNCE, "arp_announce"),
2540 DEVINET_SYSCTL_RW_ENTRY(ARP_IGNORE, "arp_ignore"),
2541 DEVINET_SYSCTL_RW_ENTRY(ARP_ACCEPT, "arp_accept"),
2542 DEVINET_SYSCTL_RW_ENTRY(ARP_NOTIFY, "arp_notify"),
2543 DEVINET_SYSCTL_RW_ENTRY(ARP_EVICT_NOCARRIER,
2544 "arp_evict_nocarrier"),
2545 DEVINET_SYSCTL_RW_ENTRY(PROXY_ARP_PVLAN, "proxy_arp_pvlan"),
2546 DEVINET_SYSCTL_RW_ENTRY(FORCE_IGMP_VERSION,
2547 "force_igmp_version"),
2548 DEVINET_SYSCTL_RW_ENTRY(IGMPV2_UNSOLICITED_REPORT_INTERVAL,
2549 "igmpv2_unsolicited_report_interval"),
2550 DEVINET_SYSCTL_RW_ENTRY(IGMPV3_UNSOLICITED_REPORT_INTERVAL,
2551 "igmpv3_unsolicited_report_interval"),
2552 DEVINET_SYSCTL_RW_ENTRY(IGNORE_ROUTES_WITH_LINKDOWN,
2553 "ignore_routes_with_linkdown"),
2554 DEVINET_SYSCTL_RW_ENTRY(DROP_GRATUITOUS_ARP,
2555 "drop_gratuitous_arp"),
2557 DEVINET_SYSCTL_FLUSHING_ENTRY(NOXFRM, "disable_xfrm"),
2558 DEVINET_SYSCTL_FLUSHING_ENTRY(NOPOLICY, "disable_policy"),
2559 DEVINET_SYSCTL_FLUSHING_ENTRY(PROMOTE_SECONDARIES,
2560 "promote_secondaries"),
2561 DEVINET_SYSCTL_FLUSHING_ENTRY(ROUTE_LOCALNET,
2563 DEVINET_SYSCTL_FLUSHING_ENTRY(DROP_UNICAST_IN_L2_MULTICAST,
2564 "drop_unicast_in_l2_multicast"),
2568 static int __devinet_sysctl_register(struct net *net, char *dev_name,
2569 int ifindex, struct ipv4_devconf *p)
2572 struct devinet_sysctl_table *t;
2573 char path[sizeof("net/ipv4/conf/") + IFNAMSIZ];
2575 t = kmemdup(&devinet_sysctl, sizeof(*t), GFP_KERNEL_ACCOUNT);
2579 for (i = 0; i < ARRAY_SIZE(t->devinet_vars) - 1; i++) {
2580 t->devinet_vars[i].data += (char *)p - (char *)&ipv4_devconf;
2581 t->devinet_vars[i].extra1 = p;
2582 t->devinet_vars[i].extra2 = net;
2585 snprintf(path, sizeof(path), "net/ipv4/conf/%s", dev_name);
2587 t->sysctl_header = register_net_sysctl(net, path, t->devinet_vars);
2588 if (!t->sysctl_header)
2593 inet_netconf_notify_devconf(net, RTM_NEWNETCONF, NETCONFA_ALL,
2603 static void __devinet_sysctl_unregister(struct net *net,
2604 struct ipv4_devconf *cnf, int ifindex)
2606 struct devinet_sysctl_table *t = cnf->sysctl;
2610 unregister_net_sysctl_table(t->sysctl_header);
2614 inet_netconf_notify_devconf(net, RTM_DELNETCONF, 0, ifindex, NULL);
2617 static int devinet_sysctl_register(struct in_device *idev)
2621 if (!sysctl_dev_name_is_allowed(idev->dev->name))
2624 err = neigh_sysctl_register(idev->dev, idev->arp_parms, NULL);
2627 err = __devinet_sysctl_register(dev_net(idev->dev), idev->dev->name,
2628 idev->dev->ifindex, &idev->cnf);
2630 neigh_sysctl_unregister(idev->arp_parms);
2634 static void devinet_sysctl_unregister(struct in_device *idev)
2636 struct net *net = dev_net(idev->dev);
2638 __devinet_sysctl_unregister(net, &idev->cnf, idev->dev->ifindex);
2639 neigh_sysctl_unregister(idev->arp_parms);
2642 static struct ctl_table ctl_forward_entry[] = {
2644 .procname = "ip_forward",
2645 .data = &ipv4_devconf.data[
2646 IPV4_DEVCONF_FORWARDING - 1],
2647 .maxlen = sizeof(int),
2649 .proc_handler = devinet_sysctl_forward,
2650 .extra1 = &ipv4_devconf,
2651 .extra2 = &init_net,
2657 static __net_init int devinet_init_net(struct net *net)
2660 struct ipv4_devconf *all, *dflt;
2661 #ifdef CONFIG_SYSCTL
2662 struct ctl_table *tbl;
2663 struct ctl_table_header *forw_hdr;
2667 all = kmemdup(&ipv4_devconf, sizeof(ipv4_devconf), GFP_KERNEL);
2671 dflt = kmemdup(&ipv4_devconf_dflt, sizeof(ipv4_devconf_dflt), GFP_KERNEL);
2673 goto err_alloc_dflt;
2675 #ifdef CONFIG_SYSCTL
2676 tbl = kmemdup(ctl_forward_entry, sizeof(ctl_forward_entry), GFP_KERNEL);
2680 tbl[0].data = &all->data[IPV4_DEVCONF_FORWARDING - 1];
2681 tbl[0].extra1 = all;
2682 tbl[0].extra2 = net;
2685 if (!net_eq(net, &init_net)) {
2686 switch (net_inherit_devconf()) {
2688 /* copy from the current netns */
2689 memcpy(all, current->nsproxy->net_ns->ipv4.devconf_all,
2690 sizeof(ipv4_devconf));
2692 current->nsproxy->net_ns->ipv4.devconf_dflt,
2693 sizeof(ipv4_devconf_dflt));
2697 /* copy from init_net */
2698 memcpy(all, init_net.ipv4.devconf_all,
2699 sizeof(ipv4_devconf));
2700 memcpy(dflt, init_net.ipv4.devconf_dflt,
2701 sizeof(ipv4_devconf_dflt));
2704 /* use compiled values */
2709 #ifdef CONFIG_SYSCTL
2710 err = __devinet_sysctl_register(net, "all", NETCONFA_IFINDEX_ALL, all);
2714 err = __devinet_sysctl_register(net, "default",
2715 NETCONFA_IFINDEX_DEFAULT, dflt);
2720 forw_hdr = register_net_sysctl(net, "net/ipv4", tbl);
2723 net->ipv4.forw_hdr = forw_hdr;
2726 net->ipv4.devconf_all = all;
2727 net->ipv4.devconf_dflt = dflt;
2730 #ifdef CONFIG_SYSCTL
2732 __devinet_sysctl_unregister(net, dflt, NETCONFA_IFINDEX_DEFAULT);
2734 __devinet_sysctl_unregister(net, all, NETCONFA_IFINDEX_ALL);
2746 static __net_exit void devinet_exit_net(struct net *net)
2748 #ifdef CONFIG_SYSCTL
2749 struct ctl_table *tbl;
2751 tbl = net->ipv4.forw_hdr->ctl_table_arg;
2752 unregister_net_sysctl_table(net->ipv4.forw_hdr);
2753 __devinet_sysctl_unregister(net, net->ipv4.devconf_dflt,
2754 NETCONFA_IFINDEX_DEFAULT);
2755 __devinet_sysctl_unregister(net, net->ipv4.devconf_all,
2756 NETCONFA_IFINDEX_ALL);
2759 kfree(net->ipv4.devconf_dflt);
2760 kfree(net->ipv4.devconf_all);
2763 static __net_initdata struct pernet_operations devinet_ops = {
2764 .init = devinet_init_net,
2765 .exit = devinet_exit_net,
2768 static struct rtnl_af_ops inet_af_ops __read_mostly = {
2770 .fill_link_af = inet_fill_link_af,
2771 .get_link_af_size = inet_get_link_af_size,
2772 .validate_link_af = inet_validate_link_af,
2773 .set_link_af = inet_set_link_af,
2776 void __init devinet_init(void)
2780 for (i = 0; i < IN4_ADDR_HSIZE; i++)
2781 INIT_HLIST_HEAD(&inet_addr_lst[i]);
2783 register_pernet_subsys(&devinet_ops);
2784 register_netdevice_notifier(&ip_netdev_notifier);
2786 queue_delayed_work(system_power_efficient_wq, &check_lifetime_work, 0);
2788 rtnl_af_register(&inet_af_ops);
2790 rtnl_register(PF_INET, RTM_NEWADDR, inet_rtm_newaddr, NULL, 0);
2791 rtnl_register(PF_INET, RTM_DELADDR, inet_rtm_deladdr, NULL, 0);
2792 rtnl_register(PF_INET, RTM_GETADDR, NULL, inet_dump_ifaddr, 0);
2793 rtnl_register(PF_INET, RTM_GETNETCONF, inet_netconf_get_devconf,
2794 inet_netconf_dump_devconf, 0);
projects / linux.git / blob