1 // SPDX-License-Identifier: GPL-2.0-or-later
3 * NET3 IP device support routines.
5 * Derived from the IP parts of dev.c 1.0.19
7 * Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
8 * Mark Evans, <evansmp@uhura.aston.ac.uk>
11 * Alan Cox, <gw4pts@gw4pts.ampr.org>
12 * Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru>
15 * Alexey Kuznetsov: pa_* fields are replaced with ifaddr
17 * Cyrus Durgin: updated for kmod
18 * Matthias Andree: in devinet_ioctl, compare label and
19 * address (4.4BSD alias style support),
20 * fall back to comparing just the label
25 #include <linux/uaccess.h>
26 #include <linux/bitops.h>
27 #include <linux/capability.h>
28 #include <linux/module.h>
29 #include <linux/types.h>
30 #include <linux/kernel.h>
31 #include <linux/sched/signal.h>
32 #include <linux/string.h>
34 #include <linux/socket.h>
35 #include <linux/sockios.h>
37 #include <linux/errno.h>
38 #include <linux/interrupt.h>
39 #include <linux/if_addr.h>
40 #include <linux/if_ether.h>
41 #include <linux/inet.h>
42 #include <linux/netdevice.h>
43 #include <linux/etherdevice.h>
44 #include <linux/skbuff.h>
45 #include <linux/init.h>
46 #include <linux/notifier.h>
47 #include <linux/inetdevice.h>
48 #include <linux/igmp.h>
49 #include <linux/slab.h>
50 #include <linux/hash.h>
52 #include <linux/sysctl.h>
54 #include <linux/kmod.h>
55 #include <linux/netconf.h>
59 #include <net/route.h>
60 #include <net/ip_fib.h>
61 #include <net/rtnetlink.h>
62 #include <net/net_namespace.h>
63 #include <net/addrconf.h>
65 #define IPV6ONLY_FLAGS \
66 (IFA_F_NODAD | IFA_F_OPTIMISTIC | IFA_F_DADFAILED | \
67 IFA_F_HOMEADDRESS | IFA_F_TENTATIVE | \
68 IFA_F_MANAGETEMPADDR | IFA_F_STABLE_PRIVACY)
70 static struct ipv4_devconf ipv4_devconf = {
72 [IPV4_DEVCONF_ACCEPT_REDIRECTS - 1] = 1,
73 [IPV4_DEVCONF_SEND_REDIRECTS - 1] = 1,
74 [IPV4_DEVCONF_SECURE_REDIRECTS - 1] = 1,
75 [IPV4_DEVCONF_SHARED_MEDIA - 1] = 1,
76 [IPV4_DEVCONF_IGMPV2_UNSOLICITED_REPORT_INTERVAL - 1] = 10000 /*ms*/,
77 [IPV4_DEVCONF_IGMPV3_UNSOLICITED_REPORT_INTERVAL - 1] = 1000 /*ms*/,
78 [IPV4_DEVCONF_ARP_EVICT_NOCARRIER - 1] = 1,
82 static struct ipv4_devconf ipv4_devconf_dflt = {
84 [IPV4_DEVCONF_ACCEPT_REDIRECTS - 1] = 1,
85 [IPV4_DEVCONF_SEND_REDIRECTS - 1] = 1,
86 [IPV4_DEVCONF_SECURE_REDIRECTS - 1] = 1,
87 [IPV4_DEVCONF_SHARED_MEDIA - 1] = 1,
88 [IPV4_DEVCONF_ACCEPT_SOURCE_ROUTE - 1] = 1,
89 [IPV4_DEVCONF_IGMPV2_UNSOLICITED_REPORT_INTERVAL - 1] = 10000 /*ms*/,
90 [IPV4_DEVCONF_IGMPV3_UNSOLICITED_REPORT_INTERVAL - 1] = 1000 /*ms*/,
91 [IPV4_DEVCONF_ARP_EVICT_NOCARRIER - 1] = 1,
95 #define IPV4_DEVCONF_DFLT(net, attr) \
96 IPV4_DEVCONF((*net->ipv4.devconf_dflt), attr)
98 static const struct nla_policy ifa_ipv4_policy[IFA_MAX+1] = {
99 [IFA_LOCAL] = { .type = NLA_U32 },
100 [IFA_ADDRESS] = { .type = NLA_U32 },
101 [IFA_BROADCAST] = { .type = NLA_U32 },
102 [IFA_LABEL] = { .type = NLA_STRING, .len = IFNAMSIZ - 1 },
103 [IFA_CACHEINFO] = { .len = sizeof(struct ifa_cacheinfo) },
104 [IFA_FLAGS] = { .type = NLA_U32 },
105 [IFA_RT_PRIORITY] = { .type = NLA_U32 },
106 [IFA_TARGET_NETNSID] = { .type = NLA_S32 },
107 [IFA_PROTO] = { .type = NLA_U8 },
110 struct inet_fill_args {
119 #define IN4_ADDR_HSIZE_SHIFT 8
120 #define IN4_ADDR_HSIZE (1U << IN4_ADDR_HSIZE_SHIFT)
122 static struct hlist_head inet_addr_lst[IN4_ADDR_HSIZE];
124 static u32 inet_addr_hash(const struct net *net, __be32 addr)
126 u32 val = (__force u32) addr ^ net_hash_mix(net);
128 return hash_32(val, IN4_ADDR_HSIZE_SHIFT);
131 static void inet_hash_insert(struct net *net, struct in_ifaddr *ifa)
133 u32 hash = inet_addr_hash(net, ifa->ifa_local);
136 hlist_add_head_rcu(&ifa->hash, &inet_addr_lst[hash]);
139 static void inet_hash_remove(struct in_ifaddr *ifa)
142 hlist_del_init_rcu(&ifa->hash);
146 * __ip_dev_find - find the first device with a given source address.
147 * @net: the net namespace
148 * @addr: the source address
149 * @devref: if true, take a reference on the found device
151 * If a caller uses devref=false, it should be protected by RCU, or RTNL
153 struct net_device *__ip_dev_find(struct net *net, __be32 addr, bool devref)
155 struct net_device *result = NULL;
156 struct in_ifaddr *ifa;
159 ifa = inet_lookup_ifaddr_rcu(net, addr);
161 struct flowi4 fl4 = { .daddr = addr };
162 struct fib_result res = { 0 };
163 struct fib_table *local;
165 /* Fallback to FIB local table so that communication
166 * over loopback subnets work.
168 local = fib_get_table(net, RT_TABLE_LOCAL);
170 !fib_table_lookup(local, &fl4, &res, FIB_LOOKUP_NOREF) &&
171 res.type == RTN_LOCAL)
172 result = FIB_RES_DEV(res);
174 result = ifa->ifa_dev->dev;
176 if (result && devref)
181 EXPORT_SYMBOL(__ip_dev_find);
183 /* called under RCU lock */
184 struct in_ifaddr *inet_lookup_ifaddr_rcu(struct net *net, __be32 addr)
186 u32 hash = inet_addr_hash(net, addr);
187 struct in_ifaddr *ifa;
189 hlist_for_each_entry_rcu(ifa, &inet_addr_lst[hash], hash)
190 if (ifa->ifa_local == addr &&
191 net_eq(dev_net(ifa->ifa_dev->dev), net))
197 static void rtmsg_ifa(int event, struct in_ifaddr *, struct nlmsghdr *, u32);
199 static BLOCKING_NOTIFIER_HEAD(inetaddr_chain);
200 static BLOCKING_NOTIFIER_HEAD(inetaddr_validator_chain);
201 static void inet_del_ifa(struct in_device *in_dev,
202 struct in_ifaddr __rcu **ifap,
205 static int devinet_sysctl_register(struct in_device *idev);
206 static void devinet_sysctl_unregister(struct in_device *idev);
208 static int devinet_sysctl_register(struct in_device *idev)
212 static void devinet_sysctl_unregister(struct in_device *idev)
217 /* Locks all the inet devices. */
219 static struct in_ifaddr *inet_alloc_ifa(void)
221 return kzalloc(sizeof(struct in_ifaddr), GFP_KERNEL_ACCOUNT);
224 static void inet_rcu_free_ifa(struct rcu_head *head)
226 struct in_ifaddr *ifa = container_of(head, struct in_ifaddr, rcu_head);
228 in_dev_put(ifa->ifa_dev);
232 static void inet_free_ifa(struct in_ifaddr *ifa)
234 call_rcu(&ifa->rcu_head, inet_rcu_free_ifa);
237 void in_dev_finish_destroy(struct in_device *idev)
239 struct net_device *dev = idev->dev;
241 WARN_ON(idev->ifa_list);
242 WARN_ON(idev->mc_list);
243 kfree(rcu_dereference_protected(idev->mc_hash, 1));
244 #ifdef NET_REFCNT_DEBUG
245 pr_debug("%s: %p=%s\n", __func__, idev, dev ? dev->name : "NIL");
247 netdev_put(dev, &idev->dev_tracker);
249 pr_err("Freeing alive in_device %p\n", idev);
253 EXPORT_SYMBOL(in_dev_finish_destroy);
255 static struct in_device *inetdev_init(struct net_device *dev)
257 struct in_device *in_dev;
262 in_dev = kzalloc(sizeof(*in_dev), GFP_KERNEL);
265 memcpy(&in_dev->cnf, dev_net(dev)->ipv4.devconf_dflt,
266 sizeof(in_dev->cnf));
267 in_dev->cnf.sysctl = NULL;
269 in_dev->arp_parms = neigh_parms_alloc(dev, &arp_tbl);
270 if (!in_dev->arp_parms)
272 if (IPV4_DEVCONF(in_dev->cnf, FORWARDING))
273 dev_disable_lro(dev);
274 /* Reference in_dev->dev */
275 netdev_hold(dev, &in_dev->dev_tracker, GFP_KERNEL);
276 /* Account for reference dev->ip_ptr (below) */
277 refcount_set(&in_dev->refcnt, 1);
279 err = devinet_sysctl_register(in_dev);
282 neigh_parms_release(&arp_tbl, in_dev->arp_parms);
287 ip_mc_init_dev(in_dev);
288 if (dev->flags & IFF_UP)
291 /* we can receive as soon as ip_ptr is set -- do this last */
292 rcu_assign_pointer(dev->ip_ptr, in_dev);
294 return in_dev ?: ERR_PTR(err);
301 static void in_dev_rcu_put(struct rcu_head *head)
303 struct in_device *idev = container_of(head, struct in_device, rcu_head);
307 static void inetdev_destroy(struct in_device *in_dev)
309 struct net_device *dev;
310 struct in_ifaddr *ifa;
318 ip_mc_destroy_dev(in_dev);
320 while ((ifa = rtnl_dereference(in_dev->ifa_list)) != NULL) {
321 inet_del_ifa(in_dev, &in_dev->ifa_list, 0);
325 RCU_INIT_POINTER(dev->ip_ptr, NULL);
327 devinet_sysctl_unregister(in_dev);
328 neigh_parms_release(&arp_tbl, in_dev->arp_parms);
331 call_rcu(&in_dev->rcu_head, in_dev_rcu_put);
334 int inet_addr_onlink(struct in_device *in_dev, __be32 a, __be32 b)
336 const struct in_ifaddr *ifa;
339 in_dev_for_each_ifa_rcu(ifa, in_dev) {
340 if (inet_ifa_match(a, ifa)) {
341 if (!b || inet_ifa_match(b, ifa)) {
351 static void __inet_del_ifa(struct in_device *in_dev,
352 struct in_ifaddr __rcu **ifap,
353 int destroy, struct nlmsghdr *nlh, u32 portid)
355 struct in_ifaddr *promote = NULL;
356 struct in_ifaddr *ifa, *ifa1;
357 struct in_ifaddr __rcu **last_prim;
358 struct in_ifaddr *prev_prom = NULL;
359 int do_promote = IN_DEV_PROMOTE_SECONDARIES(in_dev);
363 ifa1 = rtnl_dereference(*ifap);
368 /* 1. Deleting primary ifaddr forces deletion all secondaries
369 * unless alias promotion is set
372 if (!(ifa1->ifa_flags & IFA_F_SECONDARY)) {
373 struct in_ifaddr __rcu **ifap1 = &ifa1->ifa_next;
375 while ((ifa = rtnl_dereference(*ifap1)) != NULL) {
376 if (!(ifa->ifa_flags & IFA_F_SECONDARY) &&
377 ifa1->ifa_scope <= ifa->ifa_scope)
378 last_prim = &ifa->ifa_next;
380 if (!(ifa->ifa_flags & IFA_F_SECONDARY) ||
381 ifa1->ifa_mask != ifa->ifa_mask ||
382 !inet_ifa_match(ifa1->ifa_address, ifa)) {
383 ifap1 = &ifa->ifa_next;
389 inet_hash_remove(ifa);
390 *ifap1 = ifa->ifa_next;
392 rtmsg_ifa(RTM_DELADDR, ifa, nlh, portid);
393 blocking_notifier_call_chain(&inetaddr_chain,
403 /* On promotion all secondaries from subnet are changing
404 * the primary IP, we must remove all their routes silently
405 * and later to add them back with new prefsrc. Do this
406 * while all addresses are on the device list.
408 for (ifa = promote; ifa; ifa = rtnl_dereference(ifa->ifa_next)) {
409 if (ifa1->ifa_mask == ifa->ifa_mask &&
410 inet_ifa_match(ifa1->ifa_address, ifa))
411 fib_del_ifaddr(ifa, ifa1);
417 *ifap = ifa1->ifa_next;
418 inet_hash_remove(ifa1);
420 /* 3. Announce address deletion */
422 /* Send message first, then call notifier.
423 At first sight, FIB update triggered by notifier
424 will refer to already deleted ifaddr, that could confuse
425 netlink listeners. It is not true: look, gated sees
426 that route deleted and if it still thinks that ifaddr
427 is valid, it will try to restore deleted routes... Grr.
428 So that, this order is correct.
430 rtmsg_ifa(RTM_DELADDR, ifa1, nlh, portid);
431 blocking_notifier_call_chain(&inetaddr_chain, NETDEV_DOWN, ifa1);
434 struct in_ifaddr *next_sec;
436 next_sec = rtnl_dereference(promote->ifa_next);
438 struct in_ifaddr *last_sec;
440 rcu_assign_pointer(prev_prom->ifa_next, next_sec);
442 last_sec = rtnl_dereference(*last_prim);
443 rcu_assign_pointer(promote->ifa_next, last_sec);
444 rcu_assign_pointer(*last_prim, promote);
447 promote->ifa_flags &= ~IFA_F_SECONDARY;
448 rtmsg_ifa(RTM_NEWADDR, promote, nlh, portid);
449 blocking_notifier_call_chain(&inetaddr_chain,
451 for (ifa = next_sec; ifa;
452 ifa = rtnl_dereference(ifa->ifa_next)) {
453 if (ifa1->ifa_mask != ifa->ifa_mask ||
454 !inet_ifa_match(ifa1->ifa_address, ifa))
464 static void inet_del_ifa(struct in_device *in_dev,
465 struct in_ifaddr __rcu **ifap,
468 __inet_del_ifa(in_dev, ifap, destroy, NULL, 0);
471 static void check_lifetime(struct work_struct *work);
473 static DECLARE_DELAYED_WORK(check_lifetime_work, check_lifetime);
475 static int __inet_insert_ifa(struct in_ifaddr *ifa, struct nlmsghdr *nlh,
476 u32 portid, struct netlink_ext_ack *extack)
478 struct in_ifaddr __rcu **last_primary, **ifap;
479 struct in_device *in_dev = ifa->ifa_dev;
480 struct in_validator_info ivi;
481 struct in_ifaddr *ifa1;
486 if (!ifa->ifa_local) {
491 ifa->ifa_flags &= ~IFA_F_SECONDARY;
492 last_primary = &in_dev->ifa_list;
494 /* Don't set IPv6 only flags to IPv4 addresses */
495 ifa->ifa_flags &= ~IPV6ONLY_FLAGS;
497 ifap = &in_dev->ifa_list;
498 ifa1 = rtnl_dereference(*ifap);
501 if (!(ifa1->ifa_flags & IFA_F_SECONDARY) &&
502 ifa->ifa_scope <= ifa1->ifa_scope)
503 last_primary = &ifa1->ifa_next;
504 if (ifa1->ifa_mask == ifa->ifa_mask &&
505 inet_ifa_match(ifa1->ifa_address, ifa)) {
506 if (ifa1->ifa_local == ifa->ifa_local) {
510 if (ifa1->ifa_scope != ifa->ifa_scope) {
514 ifa->ifa_flags |= IFA_F_SECONDARY;
517 ifap = &ifa1->ifa_next;
518 ifa1 = rtnl_dereference(*ifap);
521 /* Allow any devices that wish to register ifaddr validtors to weigh
522 * in now, before changes are committed. The rntl lock is serializing
523 * access here, so the state should not change between a validator call
524 * and a final notify on commit. This isn't invoked on promotion under
525 * the assumption that validators are checking the address itself, and
528 ivi.ivi_addr = ifa->ifa_address;
529 ivi.ivi_dev = ifa->ifa_dev;
531 ret = blocking_notifier_call_chain(&inetaddr_validator_chain,
533 ret = notifier_to_errno(ret);
539 if (!(ifa->ifa_flags & IFA_F_SECONDARY))
542 rcu_assign_pointer(ifa->ifa_next, *ifap);
543 rcu_assign_pointer(*ifap, ifa);
545 inet_hash_insert(dev_net(in_dev->dev), ifa);
547 cancel_delayed_work(&check_lifetime_work);
548 queue_delayed_work(system_power_efficient_wq, &check_lifetime_work, 0);
550 /* Send message first, then call notifier.
551 Notifier will trigger FIB update, so that
552 listeners of netlink will know about new ifaddr */
553 rtmsg_ifa(RTM_NEWADDR, ifa, nlh, portid);
554 blocking_notifier_call_chain(&inetaddr_chain, NETDEV_UP, ifa);
559 static int inet_insert_ifa(struct in_ifaddr *ifa)
561 return __inet_insert_ifa(ifa, NULL, 0, NULL);
564 static int inet_set_ifa(struct net_device *dev, struct in_ifaddr *ifa)
566 struct in_device *in_dev = __in_dev_get_rtnl(dev);
574 ipv4_devconf_setall(in_dev);
575 neigh_parms_data_state_setall(in_dev->arp_parms);
576 if (ifa->ifa_dev != in_dev) {
577 WARN_ON(ifa->ifa_dev);
579 ifa->ifa_dev = in_dev;
581 if (ipv4_is_loopback(ifa->ifa_local))
582 ifa->ifa_scope = RT_SCOPE_HOST;
583 return inet_insert_ifa(ifa);
586 /* Caller must hold RCU or RTNL :
587 * We dont take a reference on found in_device
589 struct in_device *inetdev_by_index(struct net *net, int ifindex)
591 struct net_device *dev;
592 struct in_device *in_dev = NULL;
595 dev = dev_get_by_index_rcu(net, ifindex);
597 in_dev = rcu_dereference_rtnl(dev->ip_ptr);
601 EXPORT_SYMBOL(inetdev_by_index);
603 /* Called only from RTNL semaphored context. No locks. */
605 struct in_ifaddr *inet_ifa_byprefix(struct in_device *in_dev, __be32 prefix,
608 struct in_ifaddr *ifa;
612 in_dev_for_each_ifa_rtnl(ifa, in_dev) {
613 if (ifa->ifa_mask == mask && inet_ifa_match(prefix, ifa))
619 static int ip_mc_autojoin_config(struct net *net, bool join,
620 const struct in_ifaddr *ifa)
622 #if defined(CONFIG_IP_MULTICAST)
623 struct ip_mreqn mreq = {
624 .imr_multiaddr.s_addr = ifa->ifa_address,
625 .imr_ifindex = ifa->ifa_dev->dev->ifindex,
627 struct sock *sk = net->ipv4.mc_autojoin_sk;
634 ret = ip_mc_join_group(sk, &mreq);
636 ret = ip_mc_leave_group(sk, &mreq);
645 static int inet_rtm_deladdr(struct sk_buff *skb, struct nlmsghdr *nlh,
646 struct netlink_ext_ack *extack)
648 struct net *net = sock_net(skb->sk);
649 struct in_ifaddr __rcu **ifap;
650 struct nlattr *tb[IFA_MAX+1];
651 struct in_device *in_dev;
652 struct ifaddrmsg *ifm;
653 struct in_ifaddr *ifa;
658 err = nlmsg_parse_deprecated(nlh, sizeof(*ifm), tb, IFA_MAX,
659 ifa_ipv4_policy, extack);
663 ifm = nlmsg_data(nlh);
664 in_dev = inetdev_by_index(net, ifm->ifa_index);
670 for (ifap = &in_dev->ifa_list; (ifa = rtnl_dereference(*ifap)) != NULL;
671 ifap = &ifa->ifa_next) {
673 ifa->ifa_local != nla_get_in_addr(tb[IFA_LOCAL]))
676 if (tb[IFA_LABEL] && nla_strcmp(tb[IFA_LABEL], ifa->ifa_label))
679 if (tb[IFA_ADDRESS] &&
680 (ifm->ifa_prefixlen != ifa->ifa_prefixlen ||
681 !inet_ifa_match(nla_get_in_addr(tb[IFA_ADDRESS]), ifa)))
684 if (ipv4_is_multicast(ifa->ifa_address))
685 ip_mc_autojoin_config(net, false, ifa);
686 __inet_del_ifa(in_dev, ifap, 1, nlh, NETLINK_CB(skb).portid);
690 err = -EADDRNOTAVAIL;
695 #define INFINITY_LIFE_TIME 0xFFFFFFFF
697 static void check_lifetime(struct work_struct *work)
699 unsigned long now, next, next_sec, next_sched;
700 struct in_ifaddr *ifa;
701 struct hlist_node *n;
705 next = round_jiffies_up(now + ADDR_CHECK_FREQUENCY);
707 for (i = 0; i < IN4_ADDR_HSIZE; i++) {
708 bool change_needed = false;
711 hlist_for_each_entry_rcu(ifa, &inet_addr_lst[i], hash) {
714 if (ifa->ifa_flags & IFA_F_PERMANENT)
717 /* We try to batch several events at once. */
718 age = (now - ifa->ifa_tstamp +
719 ADDRCONF_TIMER_FUZZ_MINUS) / HZ;
721 if (ifa->ifa_valid_lft != INFINITY_LIFE_TIME &&
722 age >= ifa->ifa_valid_lft) {
723 change_needed = true;
724 } else if (ifa->ifa_preferred_lft ==
725 INFINITY_LIFE_TIME) {
727 } else if (age >= ifa->ifa_preferred_lft) {
728 if (time_before(ifa->ifa_tstamp +
729 ifa->ifa_valid_lft * HZ, next))
730 next = ifa->ifa_tstamp +
731 ifa->ifa_valid_lft * HZ;
733 if (!(ifa->ifa_flags & IFA_F_DEPRECATED))
734 change_needed = true;
735 } else if (time_before(ifa->ifa_tstamp +
736 ifa->ifa_preferred_lft * HZ,
738 next = ifa->ifa_tstamp +
739 ifa->ifa_preferred_lft * HZ;
746 hlist_for_each_entry_safe(ifa, n, &inet_addr_lst[i], hash) {
749 if (ifa->ifa_flags & IFA_F_PERMANENT)
752 /* We try to batch several events at once. */
753 age = (now - ifa->ifa_tstamp +
754 ADDRCONF_TIMER_FUZZ_MINUS) / HZ;
756 if (ifa->ifa_valid_lft != INFINITY_LIFE_TIME &&
757 age >= ifa->ifa_valid_lft) {
758 struct in_ifaddr __rcu **ifap;
759 struct in_ifaddr *tmp;
761 ifap = &ifa->ifa_dev->ifa_list;
762 tmp = rtnl_dereference(*ifap);
765 inet_del_ifa(ifa->ifa_dev,
769 ifap = &tmp->ifa_next;
770 tmp = rtnl_dereference(*ifap);
772 } else if (ifa->ifa_preferred_lft !=
773 INFINITY_LIFE_TIME &&
774 age >= ifa->ifa_preferred_lft &&
775 !(ifa->ifa_flags & IFA_F_DEPRECATED)) {
776 ifa->ifa_flags |= IFA_F_DEPRECATED;
777 rtmsg_ifa(RTM_NEWADDR, ifa, NULL, 0);
783 next_sec = round_jiffies_up(next);
786 /* If rounded timeout is accurate enough, accept it. */
787 if (time_before(next_sec, next + ADDRCONF_TIMER_FUZZ))
788 next_sched = next_sec;
791 /* And minimum interval is ADDRCONF_TIMER_FUZZ_MAX. */
792 if (time_before(next_sched, now + ADDRCONF_TIMER_FUZZ_MAX))
793 next_sched = now + ADDRCONF_TIMER_FUZZ_MAX;
795 queue_delayed_work(system_power_efficient_wq, &check_lifetime_work,
799 static void set_ifa_lifetime(struct in_ifaddr *ifa, __u32 valid_lft,
802 unsigned long timeout;
804 ifa->ifa_flags &= ~(IFA_F_PERMANENT | IFA_F_DEPRECATED);
806 timeout = addrconf_timeout_fixup(valid_lft, HZ);
807 if (addrconf_finite_timeout(timeout))
808 ifa->ifa_valid_lft = timeout;
810 ifa->ifa_flags |= IFA_F_PERMANENT;
812 timeout = addrconf_timeout_fixup(prefered_lft, HZ);
813 if (addrconf_finite_timeout(timeout)) {
815 ifa->ifa_flags |= IFA_F_DEPRECATED;
816 ifa->ifa_preferred_lft = timeout;
818 ifa->ifa_tstamp = jiffies;
819 if (!ifa->ifa_cstamp)
820 ifa->ifa_cstamp = ifa->ifa_tstamp;
823 static struct in_ifaddr *rtm_to_ifaddr(struct net *net, struct nlmsghdr *nlh,
824 __u32 *pvalid_lft, __u32 *pprefered_lft,
825 struct netlink_ext_ack *extack)
827 struct nlattr *tb[IFA_MAX+1];
828 struct in_ifaddr *ifa;
829 struct ifaddrmsg *ifm;
830 struct net_device *dev;
831 struct in_device *in_dev;
834 err = nlmsg_parse_deprecated(nlh, sizeof(*ifm), tb, IFA_MAX,
835 ifa_ipv4_policy, extack);
839 ifm = nlmsg_data(nlh);
841 if (ifm->ifa_prefixlen > 32 || !tb[IFA_LOCAL])
844 dev = __dev_get_by_index(net, ifm->ifa_index);
849 in_dev = __in_dev_get_rtnl(dev);
854 ifa = inet_alloc_ifa();
857 * A potential indev allocation can be left alive, it stays
858 * assigned to its device and is destroy with it.
862 ipv4_devconf_setall(in_dev);
863 neigh_parms_data_state_setall(in_dev->arp_parms);
866 if (!tb[IFA_ADDRESS])
867 tb[IFA_ADDRESS] = tb[IFA_LOCAL];
869 INIT_HLIST_NODE(&ifa->hash);
870 ifa->ifa_prefixlen = ifm->ifa_prefixlen;
871 ifa->ifa_mask = inet_make_mask(ifm->ifa_prefixlen);
872 ifa->ifa_flags = tb[IFA_FLAGS] ? nla_get_u32(tb[IFA_FLAGS]) :
874 ifa->ifa_scope = ifm->ifa_scope;
875 ifa->ifa_dev = in_dev;
877 ifa->ifa_local = nla_get_in_addr(tb[IFA_LOCAL]);
878 ifa->ifa_address = nla_get_in_addr(tb[IFA_ADDRESS]);
880 if (tb[IFA_BROADCAST])
881 ifa->ifa_broadcast = nla_get_in_addr(tb[IFA_BROADCAST]);
884 nla_strscpy(ifa->ifa_label, tb[IFA_LABEL], IFNAMSIZ);
886 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
888 if (tb[IFA_RT_PRIORITY])
889 ifa->ifa_rt_priority = nla_get_u32(tb[IFA_RT_PRIORITY]);
892 ifa->ifa_proto = nla_get_u8(tb[IFA_PROTO]);
894 if (tb[IFA_CACHEINFO]) {
895 struct ifa_cacheinfo *ci;
897 ci = nla_data(tb[IFA_CACHEINFO]);
898 if (!ci->ifa_valid || ci->ifa_prefered > ci->ifa_valid) {
902 *pvalid_lft = ci->ifa_valid;
903 *pprefered_lft = ci->ifa_prefered;
914 static struct in_ifaddr *find_matching_ifa(struct in_ifaddr *ifa)
916 struct in_device *in_dev = ifa->ifa_dev;
917 struct in_ifaddr *ifa1;
922 in_dev_for_each_ifa_rtnl(ifa1, in_dev) {
923 if (ifa1->ifa_mask == ifa->ifa_mask &&
924 inet_ifa_match(ifa1->ifa_address, ifa) &&
925 ifa1->ifa_local == ifa->ifa_local)
931 static int inet_rtm_newaddr(struct sk_buff *skb, struct nlmsghdr *nlh,
932 struct netlink_ext_ack *extack)
934 struct net *net = sock_net(skb->sk);
935 struct in_ifaddr *ifa;
936 struct in_ifaddr *ifa_existing;
937 __u32 valid_lft = INFINITY_LIFE_TIME;
938 __u32 prefered_lft = INFINITY_LIFE_TIME;
942 ifa = rtm_to_ifaddr(net, nlh, &valid_lft, &prefered_lft, extack);
946 ifa_existing = find_matching_ifa(ifa);
948 /* It would be best to check for !NLM_F_CREATE here but
949 * userspace already relies on not having to provide this.
951 set_ifa_lifetime(ifa, valid_lft, prefered_lft);
952 if (ifa->ifa_flags & IFA_F_MCAUTOJOIN) {
953 int ret = ip_mc_autojoin_config(net, true, ifa);
960 return __inet_insert_ifa(ifa, nlh, NETLINK_CB(skb).portid,
963 u32 new_metric = ifa->ifa_rt_priority;
967 if (nlh->nlmsg_flags & NLM_F_EXCL ||
968 !(nlh->nlmsg_flags & NLM_F_REPLACE))
972 if (ifa->ifa_rt_priority != new_metric) {
973 fib_modify_prefix_metric(ifa, new_metric);
974 ifa->ifa_rt_priority = new_metric;
977 set_ifa_lifetime(ifa, valid_lft, prefered_lft);
978 cancel_delayed_work(&check_lifetime_work);
979 queue_delayed_work(system_power_efficient_wq,
980 &check_lifetime_work, 0);
981 rtmsg_ifa(RTM_NEWADDR, ifa, nlh, NETLINK_CB(skb).portid);
987 * Determine a default network mask, based on the IP address.
990 static int inet_abc_len(__be32 addr)
992 int rc = -1; /* Something else, probably a multicast. */
994 if (ipv4_is_zeronet(addr) || ipv4_is_lbcast(addr))
997 __u32 haddr = ntohl(addr);
998 if (IN_CLASSA(haddr))
1000 else if (IN_CLASSB(haddr))
1002 else if (IN_CLASSC(haddr))
1004 else if (IN_CLASSE(haddr))
1012 int devinet_ioctl(struct net *net, unsigned int cmd, struct ifreq *ifr)
1014 struct sockaddr_in sin_orig;
1015 struct sockaddr_in *sin = (struct sockaddr_in *)&ifr->ifr_addr;
1016 struct in_ifaddr __rcu **ifap = NULL;
1017 struct in_device *in_dev;
1018 struct in_ifaddr *ifa = NULL;
1019 struct net_device *dev;
1022 int tryaddrmatch = 0;
1024 ifr->ifr_name[IFNAMSIZ - 1] = 0;
1026 /* save original address for comparison */
1027 memcpy(&sin_orig, sin, sizeof(*sin));
1029 colon = strchr(ifr->ifr_name, ':');
1033 dev_load(net, ifr->ifr_name);
1036 case SIOCGIFADDR: /* Get interface address */
1037 case SIOCGIFBRDADDR: /* Get the broadcast address */
1038 case SIOCGIFDSTADDR: /* Get the destination address */
1039 case SIOCGIFNETMASK: /* Get the netmask for the interface */
1040 /* Note that these ioctls will not sleep,
1041 so that we do not impose a lock.
1042 One day we will be forced to put shlock here (I mean SMP)
1044 tryaddrmatch = (sin_orig.sin_family == AF_INET);
1045 memset(sin, 0, sizeof(*sin));
1046 sin->sin_family = AF_INET;
1051 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
1054 case SIOCSIFADDR: /* Set interface address (and family) */
1055 case SIOCSIFBRDADDR: /* Set the broadcast address */
1056 case SIOCSIFDSTADDR: /* Set the destination address */
1057 case SIOCSIFNETMASK: /* Set the netmask for the interface */
1059 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
1062 if (sin->sin_family != AF_INET)
1073 dev = __dev_get_by_name(net, ifr->ifr_name);
1080 in_dev = __in_dev_get_rtnl(dev);
1083 /* Matthias Andree */
1084 /* compare label and address (4.4BSD style) */
1085 /* note: we only do this for a limited set of ioctls
1086 and only if the original address family was AF_INET.
1087 This is checked above. */
1089 for (ifap = &in_dev->ifa_list;
1090 (ifa = rtnl_dereference(*ifap)) != NULL;
1091 ifap = &ifa->ifa_next) {
1092 if (!strcmp(ifr->ifr_name, ifa->ifa_label) &&
1093 sin_orig.sin_addr.s_addr ==
1099 /* we didn't get a match, maybe the application is
1100 4.3BSD-style and passed in junk so we fall back to
1101 comparing just the label */
1103 for (ifap = &in_dev->ifa_list;
1104 (ifa = rtnl_dereference(*ifap)) != NULL;
1105 ifap = &ifa->ifa_next)
1106 if (!strcmp(ifr->ifr_name, ifa->ifa_label))
1111 ret = -EADDRNOTAVAIL;
1112 if (!ifa && cmd != SIOCSIFADDR && cmd != SIOCSIFFLAGS)
1116 case SIOCGIFADDR: /* Get interface address */
1118 sin->sin_addr.s_addr = ifa->ifa_local;
1121 case SIOCGIFBRDADDR: /* Get the broadcast address */
1123 sin->sin_addr.s_addr = ifa->ifa_broadcast;
1126 case SIOCGIFDSTADDR: /* Get the destination address */
1128 sin->sin_addr.s_addr = ifa->ifa_address;
1131 case SIOCGIFNETMASK: /* Get the netmask for the interface */
1133 sin->sin_addr.s_addr = ifa->ifa_mask;
1138 ret = -EADDRNOTAVAIL;
1142 if (!(ifr->ifr_flags & IFF_UP))
1143 inet_del_ifa(in_dev, ifap, 1);
1146 ret = dev_change_flags(dev, ifr->ifr_flags, NULL);
1149 case SIOCSIFADDR: /* Set interface address (and family) */
1151 if (inet_abc_len(sin->sin_addr.s_addr) < 0)
1156 ifa = inet_alloc_ifa();
1159 INIT_HLIST_NODE(&ifa->hash);
1161 memcpy(ifa->ifa_label, ifr->ifr_name, IFNAMSIZ);
1163 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
1166 if (ifa->ifa_local == sin->sin_addr.s_addr)
1168 inet_del_ifa(in_dev, ifap, 0);
1169 ifa->ifa_broadcast = 0;
1173 ifa->ifa_address = ifa->ifa_local = sin->sin_addr.s_addr;
1175 if (!(dev->flags & IFF_POINTOPOINT)) {
1176 ifa->ifa_prefixlen = inet_abc_len(ifa->ifa_address);
1177 ifa->ifa_mask = inet_make_mask(ifa->ifa_prefixlen);
1178 if ((dev->flags & IFF_BROADCAST) &&
1179 ifa->ifa_prefixlen < 31)
1180 ifa->ifa_broadcast = ifa->ifa_address |
1183 ifa->ifa_prefixlen = 32;
1184 ifa->ifa_mask = inet_make_mask(32);
1186 set_ifa_lifetime(ifa, INFINITY_LIFE_TIME, INFINITY_LIFE_TIME);
1187 ret = inet_set_ifa(dev, ifa);
1190 case SIOCSIFBRDADDR: /* Set the broadcast address */
1192 if (ifa->ifa_broadcast != sin->sin_addr.s_addr) {
1193 inet_del_ifa(in_dev, ifap, 0);
1194 ifa->ifa_broadcast = sin->sin_addr.s_addr;
1195 inet_insert_ifa(ifa);
1199 case SIOCSIFDSTADDR: /* Set the destination address */
1201 if (ifa->ifa_address == sin->sin_addr.s_addr)
1204 if (inet_abc_len(sin->sin_addr.s_addr) < 0)
1207 inet_del_ifa(in_dev, ifap, 0);
1208 ifa->ifa_address = sin->sin_addr.s_addr;
1209 inet_insert_ifa(ifa);
1212 case SIOCSIFNETMASK: /* Set the netmask for the interface */
1215 * The mask we set must be legal.
1218 if (bad_mask(sin->sin_addr.s_addr, 0))
1221 if (ifa->ifa_mask != sin->sin_addr.s_addr) {
1222 __be32 old_mask = ifa->ifa_mask;
1223 inet_del_ifa(in_dev, ifap, 0);
1224 ifa->ifa_mask = sin->sin_addr.s_addr;
1225 ifa->ifa_prefixlen = inet_mask_len(ifa->ifa_mask);
1227 /* See if current broadcast address matches
1228 * with current netmask, then recalculate
1229 * the broadcast address. Otherwise it's a
1230 * funny address, so don't touch it since
1231 * the user seems to know what (s)he's doing...
1233 if ((dev->flags & IFF_BROADCAST) &&
1234 (ifa->ifa_prefixlen < 31) &&
1235 (ifa->ifa_broadcast ==
1236 (ifa->ifa_local|~old_mask))) {
1237 ifa->ifa_broadcast = (ifa->ifa_local |
1238 ~sin->sin_addr.s_addr);
1240 inet_insert_ifa(ifa);
1250 int inet_gifconf(struct net_device *dev, char __user *buf, int len, int size)
1252 struct in_device *in_dev = __in_dev_get_rtnl(dev);
1253 const struct in_ifaddr *ifa;
1257 if (WARN_ON(size > sizeof(struct ifreq)))
1263 in_dev_for_each_ifa_rtnl(ifa, in_dev) {
1270 memset(&ifr, 0, sizeof(struct ifreq));
1271 strcpy(ifr.ifr_name, ifa->ifa_label);
1273 (*(struct sockaddr_in *)&ifr.ifr_addr).sin_family = AF_INET;
1274 (*(struct sockaddr_in *)&ifr.ifr_addr).sin_addr.s_addr =
1277 if (copy_to_user(buf + done, &ifr, size)) {
1288 static __be32 in_dev_select_addr(const struct in_device *in_dev,
1291 const struct in_ifaddr *ifa;
1293 in_dev_for_each_ifa_rcu(ifa, in_dev) {
1294 if (ifa->ifa_flags & IFA_F_SECONDARY)
1296 if (ifa->ifa_scope != RT_SCOPE_LINK &&
1297 ifa->ifa_scope <= scope)
1298 return ifa->ifa_local;
1304 __be32 inet_select_addr(const struct net_device *dev, __be32 dst, int scope)
1306 const struct in_ifaddr *ifa;
1308 unsigned char localnet_scope = RT_SCOPE_HOST;
1309 struct in_device *in_dev;
1310 struct net *net = dev_net(dev);
1314 in_dev = __in_dev_get_rcu(dev);
1318 if (unlikely(IN_DEV_ROUTE_LOCALNET(in_dev)))
1319 localnet_scope = RT_SCOPE_LINK;
1321 in_dev_for_each_ifa_rcu(ifa, in_dev) {
1322 if (ifa->ifa_flags & IFA_F_SECONDARY)
1324 if (min(ifa->ifa_scope, localnet_scope) > scope)
1326 if (!dst || inet_ifa_match(dst, ifa)) {
1327 addr = ifa->ifa_local;
1331 addr = ifa->ifa_local;
1337 master_idx = l3mdev_master_ifindex_rcu(dev);
1339 /* For VRFs, the VRF device takes the place of the loopback device,
1340 * with addresses on it being preferred. Note in such cases the
1341 * loopback device will be among the devices that fail the master_idx
1342 * equality check in the loop below.
1345 (dev = dev_get_by_index_rcu(net, master_idx)) &&
1346 (in_dev = __in_dev_get_rcu(dev))) {
1347 addr = in_dev_select_addr(in_dev, scope);
1352 /* Not loopback addresses on loopback should be preferred
1353 in this case. It is important that lo is the first interface
1356 for_each_netdev_rcu(net, dev) {
1357 if (l3mdev_master_ifindex_rcu(dev) != master_idx)
1360 in_dev = __in_dev_get_rcu(dev);
1364 addr = in_dev_select_addr(in_dev, scope);
1372 EXPORT_SYMBOL(inet_select_addr);
1374 static __be32 confirm_addr_indev(struct in_device *in_dev, __be32 dst,
1375 __be32 local, int scope)
1377 unsigned char localnet_scope = RT_SCOPE_HOST;
1378 const struct in_ifaddr *ifa;
1382 if (unlikely(IN_DEV_ROUTE_LOCALNET(in_dev)))
1383 localnet_scope = RT_SCOPE_LINK;
1385 in_dev_for_each_ifa_rcu(ifa, in_dev) {
1386 unsigned char min_scope = min(ifa->ifa_scope, localnet_scope);
1389 (local == ifa->ifa_local || !local) &&
1390 min_scope <= scope) {
1391 addr = ifa->ifa_local;
1396 same = (!local || inet_ifa_match(local, ifa)) &&
1397 (!dst || inet_ifa_match(dst, ifa));
1401 /* Is the selected addr into dst subnet? */
1402 if (inet_ifa_match(addr, ifa))
1404 /* No, then can we use new local src? */
1405 if (min_scope <= scope) {
1406 addr = ifa->ifa_local;
1409 /* search for large dst subnet for addr */
1415 return same ? addr : 0;
1419 * Confirm that local IP address exists using wildcards:
1420 * - net: netns to check, cannot be NULL
1421 * - in_dev: only on this interface, NULL=any interface
1422 * - dst: only in the same subnet as dst, 0=any dst
1423 * - local: address, 0=autoselect the local address
1424 * - scope: maximum allowed scope value for the local address
1426 __be32 inet_confirm_addr(struct net *net, struct in_device *in_dev,
1427 __be32 dst, __be32 local, int scope)
1430 struct net_device *dev;
1433 return confirm_addr_indev(in_dev, dst, local, scope);
1436 for_each_netdev_rcu(net, dev) {
1437 in_dev = __in_dev_get_rcu(dev);
1439 addr = confirm_addr_indev(in_dev, dst, local, scope);
1448 EXPORT_SYMBOL(inet_confirm_addr);
1454 int register_inetaddr_notifier(struct notifier_block *nb)
1456 return blocking_notifier_chain_register(&inetaddr_chain, nb);
1458 EXPORT_SYMBOL(register_inetaddr_notifier);
1460 int unregister_inetaddr_notifier(struct notifier_block *nb)
1462 return blocking_notifier_chain_unregister(&inetaddr_chain, nb);
1464 EXPORT_SYMBOL(unregister_inetaddr_notifier);
1466 int register_inetaddr_validator_notifier(struct notifier_block *nb)
1468 return blocking_notifier_chain_register(&inetaddr_validator_chain, nb);
1470 EXPORT_SYMBOL(register_inetaddr_validator_notifier);
1472 int unregister_inetaddr_validator_notifier(struct notifier_block *nb)
1474 return blocking_notifier_chain_unregister(&inetaddr_validator_chain,
1477 EXPORT_SYMBOL(unregister_inetaddr_validator_notifier);
1479 /* Rename ifa_labels for a device name change. Make some effort to preserve
1480 * existing alias numbering and to create unique labels if possible.
1482 static void inetdev_changename(struct net_device *dev, struct in_device *in_dev)
1484 struct in_ifaddr *ifa;
1487 in_dev_for_each_ifa_rtnl(ifa, in_dev) {
1488 char old[IFNAMSIZ], *dot;
1490 memcpy(old, ifa->ifa_label, IFNAMSIZ);
1491 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
1494 dot = strchr(old, ':');
1496 sprintf(old, ":%d", named);
1499 if (strlen(dot) + strlen(dev->name) < IFNAMSIZ)
1500 strcat(ifa->ifa_label, dot);
1502 strcpy(ifa->ifa_label + (IFNAMSIZ - strlen(dot) - 1), dot);
1504 rtmsg_ifa(RTM_NEWADDR, ifa, NULL, 0);
1508 static void inetdev_send_gratuitous_arp(struct net_device *dev,
1509 struct in_device *in_dev)
1512 const struct in_ifaddr *ifa;
1514 in_dev_for_each_ifa_rtnl(ifa, in_dev) {
1515 arp_send(ARPOP_REQUEST, ETH_P_ARP,
1516 ifa->ifa_local, dev,
1517 ifa->ifa_local, NULL,
1518 dev->dev_addr, NULL);
1522 /* Called only under RTNL semaphore */
1524 static int inetdev_event(struct notifier_block *this, unsigned long event,
1527 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
1528 struct in_device *in_dev = __in_dev_get_rtnl(dev);
1533 if (event == NETDEV_REGISTER) {
1534 in_dev = inetdev_init(dev);
1536 return notifier_from_errno(PTR_ERR(in_dev));
1537 if (dev->flags & IFF_LOOPBACK) {
1538 IN_DEV_CONF_SET(in_dev, NOXFRM, 1);
1539 IN_DEV_CONF_SET(in_dev, NOPOLICY, 1);
1541 } else if (event == NETDEV_CHANGEMTU) {
1542 /* Re-enabling IP */
1543 if (inetdev_valid_mtu(dev->mtu))
1544 in_dev = inetdev_init(dev);
1550 case NETDEV_REGISTER:
1551 pr_debug("%s: bug\n", __func__);
1552 RCU_INIT_POINTER(dev->ip_ptr, NULL);
1555 if (!inetdev_valid_mtu(dev->mtu))
1557 if (dev->flags & IFF_LOOPBACK) {
1558 struct in_ifaddr *ifa = inet_alloc_ifa();
1561 INIT_HLIST_NODE(&ifa->hash);
1563 ifa->ifa_address = htonl(INADDR_LOOPBACK);
1564 ifa->ifa_prefixlen = 8;
1565 ifa->ifa_mask = inet_make_mask(8);
1566 in_dev_hold(in_dev);
1567 ifa->ifa_dev = in_dev;
1568 ifa->ifa_scope = RT_SCOPE_HOST;
1569 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
1570 set_ifa_lifetime(ifa, INFINITY_LIFE_TIME,
1571 INFINITY_LIFE_TIME);
1572 ipv4_devconf_setall(in_dev);
1573 neigh_parms_data_state_setall(in_dev->arp_parms);
1574 inet_insert_ifa(ifa);
1579 case NETDEV_CHANGEADDR:
1580 if (!IN_DEV_ARP_NOTIFY(in_dev))
1583 case NETDEV_NOTIFY_PEERS:
1584 /* Send gratuitous ARP to notify of link change */
1585 inetdev_send_gratuitous_arp(dev, in_dev);
1590 case NETDEV_PRE_TYPE_CHANGE:
1591 ip_mc_unmap(in_dev);
1593 case NETDEV_POST_TYPE_CHANGE:
1594 ip_mc_remap(in_dev);
1596 case NETDEV_CHANGEMTU:
1597 if (inetdev_valid_mtu(dev->mtu))
1599 /* disable IP when MTU is not enough */
1601 case NETDEV_UNREGISTER:
1602 inetdev_destroy(in_dev);
1604 case NETDEV_CHANGENAME:
1605 /* Do not notify about label change, this event is
1606 * not interesting to applications using netlink.
1608 inetdev_changename(dev, in_dev);
1610 devinet_sysctl_unregister(in_dev);
1611 devinet_sysctl_register(in_dev);
1618 static struct notifier_block ip_netdev_notifier = {
1619 .notifier_call = inetdev_event,
1622 static size_t inet_nlmsg_size(void)
1624 return NLMSG_ALIGN(sizeof(struct ifaddrmsg))
1625 + nla_total_size(4) /* IFA_ADDRESS */
1626 + nla_total_size(4) /* IFA_LOCAL */
1627 + nla_total_size(4) /* IFA_BROADCAST */
1628 + nla_total_size(IFNAMSIZ) /* IFA_LABEL */
1629 + nla_total_size(4) /* IFA_FLAGS */
1630 + nla_total_size(1) /* IFA_PROTO */
1631 + nla_total_size(4) /* IFA_RT_PRIORITY */
1632 + nla_total_size(sizeof(struct ifa_cacheinfo)); /* IFA_CACHEINFO */
1635 static inline u32 cstamp_delta(unsigned long cstamp)
1637 return (cstamp - INITIAL_JIFFIES) * 100UL / HZ;
1640 static int put_cacheinfo(struct sk_buff *skb, unsigned long cstamp,
1641 unsigned long tstamp, u32 preferred, u32 valid)
1643 struct ifa_cacheinfo ci;
1645 ci.cstamp = cstamp_delta(cstamp);
1646 ci.tstamp = cstamp_delta(tstamp);
1647 ci.ifa_prefered = preferred;
1648 ci.ifa_valid = valid;
1650 return nla_put(skb, IFA_CACHEINFO, sizeof(ci), &ci);
1653 static int inet_fill_ifaddr(struct sk_buff *skb, struct in_ifaddr *ifa,
1654 struct inet_fill_args *args)
1656 struct ifaddrmsg *ifm;
1657 struct nlmsghdr *nlh;
1658 u32 preferred, valid;
1660 nlh = nlmsg_put(skb, args->portid, args->seq, args->event, sizeof(*ifm),
1665 ifm = nlmsg_data(nlh);
1666 ifm->ifa_family = AF_INET;
1667 ifm->ifa_prefixlen = ifa->ifa_prefixlen;
1668 ifm->ifa_flags = ifa->ifa_flags;
1669 ifm->ifa_scope = ifa->ifa_scope;
1670 ifm->ifa_index = ifa->ifa_dev->dev->ifindex;
1672 if (args->netnsid >= 0 &&
1673 nla_put_s32(skb, IFA_TARGET_NETNSID, args->netnsid))
1674 goto nla_put_failure;
1676 if (!(ifm->ifa_flags & IFA_F_PERMANENT)) {
1677 preferred = ifa->ifa_preferred_lft;
1678 valid = ifa->ifa_valid_lft;
1679 if (preferred != INFINITY_LIFE_TIME) {
1680 long tval = (jiffies - ifa->ifa_tstamp) / HZ;
1682 if (preferred > tval)
1686 if (valid != INFINITY_LIFE_TIME) {
1694 preferred = INFINITY_LIFE_TIME;
1695 valid = INFINITY_LIFE_TIME;
1697 if ((ifa->ifa_address &&
1698 nla_put_in_addr(skb, IFA_ADDRESS, ifa->ifa_address)) ||
1700 nla_put_in_addr(skb, IFA_LOCAL, ifa->ifa_local)) ||
1701 (ifa->ifa_broadcast &&
1702 nla_put_in_addr(skb, IFA_BROADCAST, ifa->ifa_broadcast)) ||
1703 (ifa->ifa_label[0] &&
1704 nla_put_string(skb, IFA_LABEL, ifa->ifa_label)) ||
1706 nla_put_u8(skb, IFA_PROTO, ifa->ifa_proto)) ||
1707 nla_put_u32(skb, IFA_FLAGS, ifa->ifa_flags) ||
1708 (ifa->ifa_rt_priority &&
1709 nla_put_u32(skb, IFA_RT_PRIORITY, ifa->ifa_rt_priority)) ||
1710 put_cacheinfo(skb, ifa->ifa_cstamp, ifa->ifa_tstamp,
1712 goto nla_put_failure;
1714 nlmsg_end(skb, nlh);
1718 nlmsg_cancel(skb, nlh);
1722 static int inet_valid_dump_ifaddr_req(const struct nlmsghdr *nlh,
1723 struct inet_fill_args *fillargs,
1724 struct net **tgt_net, struct sock *sk,
1725 struct netlink_callback *cb)
1727 struct netlink_ext_ack *extack = cb->extack;
1728 struct nlattr *tb[IFA_MAX+1];
1729 struct ifaddrmsg *ifm;
1732 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*ifm))) {
1733 NL_SET_ERR_MSG(extack, "ipv4: Invalid header for address dump request");
1737 ifm = nlmsg_data(nlh);
1738 if (ifm->ifa_prefixlen || ifm->ifa_flags || ifm->ifa_scope) {
1739 NL_SET_ERR_MSG(extack, "ipv4: Invalid values in header for address dump request");
1743 fillargs->ifindex = ifm->ifa_index;
1744 if (fillargs->ifindex) {
1745 cb->answer_flags |= NLM_F_DUMP_FILTERED;
1746 fillargs->flags |= NLM_F_DUMP_FILTERED;
1749 err = nlmsg_parse_deprecated_strict(nlh, sizeof(*ifm), tb, IFA_MAX,
1750 ifa_ipv4_policy, extack);
1754 for (i = 0; i <= IFA_MAX; ++i) {
1758 if (i == IFA_TARGET_NETNSID) {
1761 fillargs->netnsid = nla_get_s32(tb[i]);
1763 net = rtnl_get_net_ns_capable(sk, fillargs->netnsid);
1765 fillargs->netnsid = -1;
1766 NL_SET_ERR_MSG(extack, "ipv4: Invalid target network namespace id");
1767 return PTR_ERR(net);
1771 NL_SET_ERR_MSG(extack, "ipv4: Unsupported attribute in dump request");
1779 static int in_dev_dump_addr(struct in_device *in_dev, struct sk_buff *skb,
1780 struct netlink_callback *cb, int s_ip_idx,
1781 struct inet_fill_args *fillargs)
1783 struct in_ifaddr *ifa;
1787 in_dev_for_each_ifa_rtnl(ifa, in_dev) {
1788 if (ip_idx < s_ip_idx) {
1792 err = inet_fill_ifaddr(skb, ifa, fillargs);
1796 nl_dump_check_consistent(cb, nlmsg_hdr(skb));
1802 cb->args[2] = ip_idx;
1807 /* Combine dev_addr_genid and dev_base_seq to detect changes.
1809 static u32 inet_base_seq(const struct net *net)
1811 u32 res = atomic_read(&net->ipv4.dev_addr_genid) +
1814 /* Must not return 0 (see nl_dump_check_consistent()).
1815 * Chose a value far away from 0.
1822 static int inet_dump_ifaddr(struct sk_buff *skb, struct netlink_callback *cb)
1824 const struct nlmsghdr *nlh = cb->nlh;
1825 struct inet_fill_args fillargs = {
1826 .portid = NETLINK_CB(cb->skb).portid,
1827 .seq = nlh->nlmsg_seq,
1828 .event = RTM_NEWADDR,
1829 .flags = NLM_F_MULTI,
1832 struct net *net = sock_net(skb->sk);
1833 struct net *tgt_net = net;
1837 struct net_device *dev;
1838 struct in_device *in_dev;
1839 struct hlist_head *head;
1843 s_idx = idx = cb->args[1];
1844 s_ip_idx = cb->args[2];
1846 if (cb->strict_check) {
1847 err = inet_valid_dump_ifaddr_req(nlh, &fillargs, &tgt_net,
1853 if (fillargs.ifindex) {
1854 dev = __dev_get_by_index(tgt_net, fillargs.ifindex);
1860 in_dev = __in_dev_get_rtnl(dev);
1862 err = in_dev_dump_addr(in_dev, skb, cb, s_ip_idx,
1869 for (h = s_h; h < NETDEV_HASHENTRIES; h++, s_idx = 0) {
1871 head = &tgt_net->dev_index_head[h];
1873 cb->seq = inet_base_seq(tgt_net);
1874 hlist_for_each_entry_rcu(dev, head, index_hlist) {
1877 if (h > s_h || idx > s_idx)
1879 in_dev = __in_dev_get_rcu(dev);
1883 err = in_dev_dump_addr(in_dev, skb, cb, s_ip_idx,
1899 if (fillargs.netnsid >= 0)
1902 return skb->len ? : err;
1905 static void rtmsg_ifa(int event, struct in_ifaddr *ifa, struct nlmsghdr *nlh,
1908 struct inet_fill_args fillargs = {
1910 .seq = nlh ? nlh->nlmsg_seq : 0,
1915 struct sk_buff *skb;
1919 net = dev_net(ifa->ifa_dev->dev);
1920 skb = nlmsg_new(inet_nlmsg_size(), GFP_KERNEL);
1924 err = inet_fill_ifaddr(skb, ifa, &fillargs);
1926 /* -EMSGSIZE implies BUG in inet_nlmsg_size() */
1927 WARN_ON(err == -EMSGSIZE);
1931 rtnl_notify(skb, net, portid, RTNLGRP_IPV4_IFADDR, nlh, GFP_KERNEL);
1935 rtnl_set_sk_err(net, RTNLGRP_IPV4_IFADDR, err);
1938 static size_t inet_get_link_af_size(const struct net_device *dev,
1939 u32 ext_filter_mask)
1941 struct in_device *in_dev = rcu_dereference_rtnl(dev->ip_ptr);
1946 return nla_total_size(IPV4_DEVCONF_MAX * 4); /* IFLA_INET_CONF */
1949 static int inet_fill_link_af(struct sk_buff *skb, const struct net_device *dev,
1950 u32 ext_filter_mask)
1952 struct in_device *in_dev = rcu_dereference_rtnl(dev->ip_ptr);
1959 nla = nla_reserve(skb, IFLA_INET_CONF, IPV4_DEVCONF_MAX * 4);
1963 for (i = 0; i < IPV4_DEVCONF_MAX; i++)
1964 ((u32 *) nla_data(nla))[i] = in_dev->cnf.data[i];
1969 static const struct nla_policy inet_af_policy[IFLA_INET_MAX+1] = {
1970 [IFLA_INET_CONF] = { .type = NLA_NESTED },
1973 static int inet_validate_link_af(const struct net_device *dev,
1974 const struct nlattr *nla,
1975 struct netlink_ext_ack *extack)
1977 struct nlattr *a, *tb[IFLA_INET_MAX+1];
1980 if (dev && !__in_dev_get_rtnl(dev))
1981 return -EAFNOSUPPORT;
1983 err = nla_parse_nested_deprecated(tb, IFLA_INET_MAX, nla,
1984 inet_af_policy, extack);
1988 if (tb[IFLA_INET_CONF]) {
1989 nla_for_each_nested(a, tb[IFLA_INET_CONF], rem) {
1990 int cfgid = nla_type(a);
1995 if (cfgid <= 0 || cfgid > IPV4_DEVCONF_MAX)
2003 static int inet_set_link_af(struct net_device *dev, const struct nlattr *nla,
2004 struct netlink_ext_ack *extack)
2006 struct in_device *in_dev = __in_dev_get_rtnl(dev);
2007 struct nlattr *a, *tb[IFLA_INET_MAX+1];
2011 return -EAFNOSUPPORT;
2013 if (nla_parse_nested_deprecated(tb, IFLA_INET_MAX, nla, NULL, NULL) < 0)
2016 if (tb[IFLA_INET_CONF]) {
2017 nla_for_each_nested(a, tb[IFLA_INET_CONF], rem)
2018 ipv4_devconf_set(in_dev, nla_type(a), nla_get_u32(a));
2024 static int inet_netconf_msgsize_devconf(int type)
2026 int size = NLMSG_ALIGN(sizeof(struct netconfmsg))
2027 + nla_total_size(4); /* NETCONFA_IFINDEX */
2030 if (type == NETCONFA_ALL)
2033 if (all || type == NETCONFA_FORWARDING)
2034 size += nla_total_size(4);
2035 if (all || type == NETCONFA_RP_FILTER)
2036 size += nla_total_size(4);
2037 if (all || type == NETCONFA_MC_FORWARDING)
2038 size += nla_total_size(4);
2039 if (all || type == NETCONFA_BC_FORWARDING)
2040 size += nla_total_size(4);
2041 if (all || type == NETCONFA_PROXY_NEIGH)
2042 size += nla_total_size(4);
2043 if (all || type == NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN)
2044 size += nla_total_size(4);
2049 static int inet_netconf_fill_devconf(struct sk_buff *skb, int ifindex,
2050 struct ipv4_devconf *devconf, u32 portid,
2051 u32 seq, int event, unsigned int flags,
2054 struct nlmsghdr *nlh;
2055 struct netconfmsg *ncm;
2058 nlh = nlmsg_put(skb, portid, seq, event, sizeof(struct netconfmsg),
2063 if (type == NETCONFA_ALL)
2066 ncm = nlmsg_data(nlh);
2067 ncm->ncm_family = AF_INET;
2069 if (nla_put_s32(skb, NETCONFA_IFINDEX, ifindex) < 0)
2070 goto nla_put_failure;
2075 if ((all || type == NETCONFA_FORWARDING) &&
2076 nla_put_s32(skb, NETCONFA_FORWARDING,
2077 IPV4_DEVCONF(*devconf, FORWARDING)) < 0)
2078 goto nla_put_failure;
2079 if ((all || type == NETCONFA_RP_FILTER) &&
2080 nla_put_s32(skb, NETCONFA_RP_FILTER,
2081 IPV4_DEVCONF(*devconf, RP_FILTER)) < 0)
2082 goto nla_put_failure;
2083 if ((all || type == NETCONFA_MC_FORWARDING) &&
2084 nla_put_s32(skb, NETCONFA_MC_FORWARDING,
2085 IPV4_DEVCONF(*devconf, MC_FORWARDING)) < 0)
2086 goto nla_put_failure;
2087 if ((all || type == NETCONFA_BC_FORWARDING) &&
2088 nla_put_s32(skb, NETCONFA_BC_FORWARDING,
2089 IPV4_DEVCONF(*devconf, BC_FORWARDING)) < 0)
2090 goto nla_put_failure;
2091 if ((all || type == NETCONFA_PROXY_NEIGH) &&
2092 nla_put_s32(skb, NETCONFA_PROXY_NEIGH,
2093 IPV4_DEVCONF(*devconf, PROXY_ARP)) < 0)
2094 goto nla_put_failure;
2095 if ((all || type == NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN) &&
2096 nla_put_s32(skb, NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN,
2097 IPV4_DEVCONF(*devconf, IGNORE_ROUTES_WITH_LINKDOWN)) < 0)
2098 goto nla_put_failure;
2101 nlmsg_end(skb, nlh);
2105 nlmsg_cancel(skb, nlh);
2109 void inet_netconf_notify_devconf(struct net *net, int event, int type,
2110 int ifindex, struct ipv4_devconf *devconf)
2112 struct sk_buff *skb;
2115 skb = nlmsg_new(inet_netconf_msgsize_devconf(type), GFP_KERNEL);
2119 err = inet_netconf_fill_devconf(skb, ifindex, devconf, 0, 0,
2122 /* -EMSGSIZE implies BUG in inet_netconf_msgsize_devconf() */
2123 WARN_ON(err == -EMSGSIZE);
2127 rtnl_notify(skb, net, 0, RTNLGRP_IPV4_NETCONF, NULL, GFP_KERNEL);
2131 rtnl_set_sk_err(net, RTNLGRP_IPV4_NETCONF, err);
2134 static const struct nla_policy devconf_ipv4_policy[NETCONFA_MAX+1] = {
2135 [NETCONFA_IFINDEX] = { .len = sizeof(int) },
2136 [NETCONFA_FORWARDING] = { .len = sizeof(int) },
2137 [NETCONFA_RP_FILTER] = { .len = sizeof(int) },
2138 [NETCONFA_PROXY_NEIGH] = { .len = sizeof(int) },
2139 [NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN] = { .len = sizeof(int) },
2142 static int inet_netconf_valid_get_req(struct sk_buff *skb,
2143 const struct nlmsghdr *nlh,
2145 struct netlink_ext_ack *extack)
2149 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(struct netconfmsg))) {
2150 NL_SET_ERR_MSG(extack, "ipv4: Invalid header for netconf get request");
2154 if (!netlink_strict_get_check(skb))
2155 return nlmsg_parse_deprecated(nlh, sizeof(struct netconfmsg),
2157 devconf_ipv4_policy, extack);
2159 err = nlmsg_parse_deprecated_strict(nlh, sizeof(struct netconfmsg),
2161 devconf_ipv4_policy, extack);
2165 for (i = 0; i <= NETCONFA_MAX; i++) {
2170 case NETCONFA_IFINDEX:
2173 NL_SET_ERR_MSG(extack, "ipv4: Unsupported attribute in netconf get request");
2181 static int inet_netconf_get_devconf(struct sk_buff *in_skb,
2182 struct nlmsghdr *nlh,
2183 struct netlink_ext_ack *extack)
2185 struct net *net = sock_net(in_skb->sk);
2186 struct nlattr *tb[NETCONFA_MAX+1];
2187 struct sk_buff *skb;
2188 struct ipv4_devconf *devconf;
2189 struct in_device *in_dev;
2190 struct net_device *dev;
2194 err = inet_netconf_valid_get_req(in_skb, nlh, tb, extack);
2199 if (!tb[NETCONFA_IFINDEX])
2202 ifindex = nla_get_s32(tb[NETCONFA_IFINDEX]);
2204 case NETCONFA_IFINDEX_ALL:
2205 devconf = net->ipv4.devconf_all;
2207 case NETCONFA_IFINDEX_DEFAULT:
2208 devconf = net->ipv4.devconf_dflt;
2211 dev = __dev_get_by_index(net, ifindex);
2214 in_dev = __in_dev_get_rtnl(dev);
2217 devconf = &in_dev->cnf;
2222 skb = nlmsg_new(inet_netconf_msgsize_devconf(NETCONFA_ALL), GFP_KERNEL);
2226 err = inet_netconf_fill_devconf(skb, ifindex, devconf,
2227 NETLINK_CB(in_skb).portid,
2228 nlh->nlmsg_seq, RTM_NEWNETCONF, 0,
2231 /* -EMSGSIZE implies BUG in inet_netconf_msgsize_devconf() */
2232 WARN_ON(err == -EMSGSIZE);
2236 err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).portid);
2241 static int inet_netconf_dump_devconf(struct sk_buff *skb,
2242 struct netlink_callback *cb)
2244 const struct nlmsghdr *nlh = cb->nlh;
2245 struct net *net = sock_net(skb->sk);
2248 struct net_device *dev;
2249 struct in_device *in_dev;
2250 struct hlist_head *head;
2252 if (cb->strict_check) {
2253 struct netlink_ext_ack *extack = cb->extack;
2254 struct netconfmsg *ncm;
2256 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*ncm))) {
2257 NL_SET_ERR_MSG(extack, "ipv4: Invalid header for netconf dump request");
2261 if (nlmsg_attrlen(nlh, sizeof(*ncm))) {
2262 NL_SET_ERR_MSG(extack, "ipv4: Invalid data after header in netconf dump request");
2268 s_idx = idx = cb->args[1];
2270 for (h = s_h; h < NETDEV_HASHENTRIES; h++, s_idx = 0) {
2272 head = &net->dev_index_head[h];
2274 cb->seq = inet_base_seq(net);
2275 hlist_for_each_entry_rcu(dev, head, index_hlist) {
2278 in_dev = __in_dev_get_rcu(dev);
2282 if (inet_netconf_fill_devconf(skb, dev->ifindex,
2284 NETLINK_CB(cb->skb).portid,
2288 NETCONFA_ALL) < 0) {
2292 nl_dump_check_consistent(cb, nlmsg_hdr(skb));
2298 if (h == NETDEV_HASHENTRIES) {
2299 if (inet_netconf_fill_devconf(skb, NETCONFA_IFINDEX_ALL,
2300 net->ipv4.devconf_all,
2301 NETLINK_CB(cb->skb).portid,
2303 RTM_NEWNETCONF, NLM_F_MULTI,
2309 if (h == NETDEV_HASHENTRIES + 1) {
2310 if (inet_netconf_fill_devconf(skb, NETCONFA_IFINDEX_DEFAULT,
2311 net->ipv4.devconf_dflt,
2312 NETLINK_CB(cb->skb).portid,
2314 RTM_NEWNETCONF, NLM_F_MULTI,
2327 #ifdef CONFIG_SYSCTL
2329 static void devinet_copy_dflt_conf(struct net *net, int i)
2331 struct net_device *dev;
2334 for_each_netdev_rcu(net, dev) {
2335 struct in_device *in_dev;
2337 in_dev = __in_dev_get_rcu(dev);
2338 if (in_dev && !test_bit(i, in_dev->cnf.state))
2339 in_dev->cnf.data[i] = net->ipv4.devconf_dflt->data[i];
2344 /* called with RTNL locked */
2345 static void inet_forward_change(struct net *net)
2347 struct net_device *dev;
2348 int on = IPV4_DEVCONF_ALL(net, FORWARDING);
2350 IPV4_DEVCONF_ALL(net, ACCEPT_REDIRECTS) = !on;
2351 IPV4_DEVCONF_DFLT(net, FORWARDING) = on;
2352 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2353 NETCONFA_FORWARDING,
2354 NETCONFA_IFINDEX_ALL,
2355 net->ipv4.devconf_all);
2356 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2357 NETCONFA_FORWARDING,
2358 NETCONFA_IFINDEX_DEFAULT,
2359 net->ipv4.devconf_dflt);
2361 for_each_netdev(net, dev) {
2362 struct in_device *in_dev;
2365 dev_disable_lro(dev);
2367 in_dev = __in_dev_get_rtnl(dev);
2369 IN_DEV_CONF_SET(in_dev, FORWARDING, on);
2370 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2371 NETCONFA_FORWARDING,
2372 dev->ifindex, &in_dev->cnf);
2377 static int devinet_conf_ifindex(struct net *net, struct ipv4_devconf *cnf)
2379 if (cnf == net->ipv4.devconf_dflt)
2380 return NETCONFA_IFINDEX_DEFAULT;
2381 else if (cnf == net->ipv4.devconf_all)
2382 return NETCONFA_IFINDEX_ALL;
2384 struct in_device *idev
2385 = container_of(cnf, struct in_device, cnf);
2386 return idev->dev->ifindex;
2390 static int devinet_conf_proc(struct ctl_table *ctl, int write,
2391 void *buffer, size_t *lenp, loff_t *ppos)
2393 int old_value = *(int *)ctl->data;
2394 int ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
2395 int new_value = *(int *)ctl->data;
2398 struct ipv4_devconf *cnf = ctl->extra1;
2399 struct net *net = ctl->extra2;
2400 int i = (int *)ctl->data - cnf->data;
2403 set_bit(i, cnf->state);
2405 if (cnf == net->ipv4.devconf_dflt)
2406 devinet_copy_dflt_conf(net, i);
2407 if (i == IPV4_DEVCONF_ACCEPT_LOCAL - 1 ||
2408 i == IPV4_DEVCONF_ROUTE_LOCALNET - 1)
2409 if ((new_value == 0) && (old_value != 0))
2410 rt_cache_flush(net);
2412 if (i == IPV4_DEVCONF_BC_FORWARDING - 1 &&
2413 new_value != old_value)
2414 rt_cache_flush(net);
2416 if (i == IPV4_DEVCONF_RP_FILTER - 1 &&
2417 new_value != old_value) {
2418 ifindex = devinet_conf_ifindex(net, cnf);
2419 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2423 if (i == IPV4_DEVCONF_PROXY_ARP - 1 &&
2424 new_value != old_value) {
2425 ifindex = devinet_conf_ifindex(net, cnf);
2426 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2427 NETCONFA_PROXY_NEIGH,
2430 if (i == IPV4_DEVCONF_IGNORE_ROUTES_WITH_LINKDOWN - 1 &&
2431 new_value != old_value) {
2432 ifindex = devinet_conf_ifindex(net, cnf);
2433 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2434 NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN,
2442 static int devinet_sysctl_forward(struct ctl_table *ctl, int write,
2443 void *buffer, size_t *lenp, loff_t *ppos)
2445 int *valp = ctl->data;
2448 struct net *net = ctl->extra2;
2451 if (write && !ns_capable(net->user_ns, CAP_NET_ADMIN))
2454 ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
2456 if (write && *valp != val) {
2457 if (valp != &IPV4_DEVCONF_DFLT(net, FORWARDING)) {
2458 if (!rtnl_trylock()) {
2459 /* Restore the original values before restarting */
2462 return restart_syscall();
2464 if (valp == &IPV4_DEVCONF_ALL(net, FORWARDING)) {
2465 inet_forward_change(net);
2467 struct ipv4_devconf *cnf = ctl->extra1;
2468 struct in_device *idev =
2469 container_of(cnf, struct in_device, cnf);
2471 dev_disable_lro(idev->dev);
2472 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2473 NETCONFA_FORWARDING,
2478 rt_cache_flush(net);
2480 inet_netconf_notify_devconf(net, RTM_NEWNETCONF,
2481 NETCONFA_FORWARDING,
2482 NETCONFA_IFINDEX_DEFAULT,
2483 net->ipv4.devconf_dflt);
2489 static int ipv4_doint_and_flush(struct ctl_table *ctl, int write,
2490 void *buffer, size_t *lenp, loff_t *ppos)
2492 int *valp = ctl->data;
2494 int ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
2495 struct net *net = ctl->extra2;
2497 if (write && *valp != val)
2498 rt_cache_flush(net);
2503 #define DEVINET_SYSCTL_ENTRY(attr, name, mval, proc) \
2506 .data = ipv4_devconf.data + \
2507 IPV4_DEVCONF_ ## attr - 1, \
2508 .maxlen = sizeof(int), \
2510 .proc_handler = proc, \
2511 .extra1 = &ipv4_devconf, \
2514 #define DEVINET_SYSCTL_RW_ENTRY(attr, name) \
2515 DEVINET_SYSCTL_ENTRY(attr, name, 0644, devinet_conf_proc)
2517 #define DEVINET_SYSCTL_RO_ENTRY(attr, name) \
2518 DEVINET_SYSCTL_ENTRY(attr, name, 0444, devinet_conf_proc)
2520 #define DEVINET_SYSCTL_COMPLEX_ENTRY(attr, name, proc) \
2521 DEVINET_SYSCTL_ENTRY(attr, name, 0644, proc)
2523 #define DEVINET_SYSCTL_FLUSHING_ENTRY(attr, name) \
2524 DEVINET_SYSCTL_COMPLEX_ENTRY(attr, name, ipv4_doint_and_flush)
2526 static struct devinet_sysctl_table {
2527 struct ctl_table_header *sysctl_header;
2528 struct ctl_table devinet_vars[__IPV4_DEVCONF_MAX];
2529 } devinet_sysctl = {
2531 DEVINET_SYSCTL_COMPLEX_ENTRY(FORWARDING, "forwarding",
2532 devinet_sysctl_forward),
2533 DEVINET_SYSCTL_RO_ENTRY(MC_FORWARDING, "mc_forwarding"),
2534 DEVINET_SYSCTL_RW_ENTRY(BC_FORWARDING, "bc_forwarding"),
2536 DEVINET_SYSCTL_RW_ENTRY(ACCEPT_REDIRECTS, "accept_redirects"),
2537 DEVINET_SYSCTL_RW_ENTRY(SECURE_REDIRECTS, "secure_redirects"),
2538 DEVINET_SYSCTL_RW_ENTRY(SHARED_MEDIA, "shared_media"),
2539 DEVINET_SYSCTL_RW_ENTRY(RP_FILTER, "rp_filter"),
2540 DEVINET_SYSCTL_RW_ENTRY(SEND_REDIRECTS, "send_redirects"),
2541 DEVINET_SYSCTL_RW_ENTRY(ACCEPT_SOURCE_ROUTE,
2542 "accept_source_route"),
2543 DEVINET_SYSCTL_RW_ENTRY(ACCEPT_LOCAL, "accept_local"),
2544 DEVINET_SYSCTL_RW_ENTRY(SRC_VMARK, "src_valid_mark"),
2545 DEVINET_SYSCTL_RW_ENTRY(PROXY_ARP, "proxy_arp"),
2546 DEVINET_SYSCTL_RW_ENTRY(MEDIUM_ID, "medium_id"),
2547 DEVINET_SYSCTL_RW_ENTRY(BOOTP_RELAY, "bootp_relay"),
2548 DEVINET_SYSCTL_RW_ENTRY(LOG_MARTIANS, "log_martians"),
2549 DEVINET_SYSCTL_RW_ENTRY(TAG, "tag"),
2550 DEVINET_SYSCTL_RW_ENTRY(ARPFILTER, "arp_filter"),
2551 DEVINET_SYSCTL_RW_ENTRY(ARP_ANNOUNCE, "arp_announce"),
2552 DEVINET_SYSCTL_RW_ENTRY(ARP_IGNORE, "arp_ignore"),
2553 DEVINET_SYSCTL_RW_ENTRY(ARP_ACCEPT, "arp_accept"),
2554 DEVINET_SYSCTL_RW_ENTRY(ARP_NOTIFY, "arp_notify"),
2555 DEVINET_SYSCTL_RW_ENTRY(ARP_EVICT_NOCARRIER,
2556 "arp_evict_nocarrier"),
2557 DEVINET_SYSCTL_RW_ENTRY(PROXY_ARP_PVLAN, "proxy_arp_pvlan"),
2558 DEVINET_SYSCTL_RW_ENTRY(FORCE_IGMP_VERSION,
2559 "force_igmp_version"),
2560 DEVINET_SYSCTL_RW_ENTRY(IGMPV2_UNSOLICITED_REPORT_INTERVAL,
2561 "igmpv2_unsolicited_report_interval"),
2562 DEVINET_SYSCTL_RW_ENTRY(IGMPV3_UNSOLICITED_REPORT_INTERVAL,
2563 "igmpv3_unsolicited_report_interval"),
2564 DEVINET_SYSCTL_RW_ENTRY(IGNORE_ROUTES_WITH_LINKDOWN,
2565 "ignore_routes_with_linkdown"),
2566 DEVINET_SYSCTL_RW_ENTRY(DROP_GRATUITOUS_ARP,
2567 "drop_gratuitous_arp"),
2569 DEVINET_SYSCTL_FLUSHING_ENTRY(NOXFRM, "disable_xfrm"),
2570 DEVINET_SYSCTL_FLUSHING_ENTRY(NOPOLICY, "disable_policy"),
2571 DEVINET_SYSCTL_FLUSHING_ENTRY(PROMOTE_SECONDARIES,
2572 "promote_secondaries"),
2573 DEVINET_SYSCTL_FLUSHING_ENTRY(ROUTE_LOCALNET,
2575 DEVINET_SYSCTL_FLUSHING_ENTRY(DROP_UNICAST_IN_L2_MULTICAST,
2576 "drop_unicast_in_l2_multicast"),
2580 static int __devinet_sysctl_register(struct net *net, char *dev_name,
2581 int ifindex, struct ipv4_devconf *p)
2584 struct devinet_sysctl_table *t;
2585 char path[sizeof("net/ipv4/conf/") + IFNAMSIZ];
2587 t = kmemdup(&devinet_sysctl, sizeof(*t), GFP_KERNEL_ACCOUNT);
2591 for (i = 0; i < ARRAY_SIZE(t->devinet_vars) - 1; i++) {
2592 t->devinet_vars[i].data += (char *)p - (char *)&ipv4_devconf;
2593 t->devinet_vars[i].extra1 = p;
2594 t->devinet_vars[i].extra2 = net;
2597 snprintf(path, sizeof(path), "net/ipv4/conf/%s", dev_name);
2599 t->sysctl_header = register_net_sysctl(net, path, t->devinet_vars);
2600 if (!t->sysctl_header)
2605 inet_netconf_notify_devconf(net, RTM_NEWNETCONF, NETCONFA_ALL,
2615 static void __devinet_sysctl_unregister(struct net *net,
2616 struct ipv4_devconf *cnf, int ifindex)
2618 struct devinet_sysctl_table *t = cnf->sysctl;
2622 unregister_net_sysctl_table(t->sysctl_header);
2626 inet_netconf_notify_devconf(net, RTM_DELNETCONF, 0, ifindex, NULL);
2629 static int devinet_sysctl_register(struct in_device *idev)
2633 if (!sysctl_dev_name_is_allowed(idev->dev->name))
2636 err = neigh_sysctl_register(idev->dev, idev->arp_parms, NULL);
2639 err = __devinet_sysctl_register(dev_net(idev->dev), idev->dev->name,
2640 idev->dev->ifindex, &idev->cnf);
2642 neigh_sysctl_unregister(idev->arp_parms);
2646 static void devinet_sysctl_unregister(struct in_device *idev)
2648 struct net *net = dev_net(idev->dev);
2650 __devinet_sysctl_unregister(net, &idev->cnf, idev->dev->ifindex);
2651 neigh_sysctl_unregister(idev->arp_parms);
2654 static struct ctl_table ctl_forward_entry[] = {
2656 .procname = "ip_forward",
2657 .data = &ipv4_devconf.data[
2658 IPV4_DEVCONF_FORWARDING - 1],
2659 .maxlen = sizeof(int),
2661 .proc_handler = devinet_sysctl_forward,
2662 .extra1 = &ipv4_devconf,
2663 .extra2 = &init_net,
2669 static __net_init int devinet_init_net(struct net *net)
2672 struct ipv4_devconf *all, *dflt;
2673 #ifdef CONFIG_SYSCTL
2674 struct ctl_table *tbl;
2675 struct ctl_table_header *forw_hdr;
2679 all = kmemdup(&ipv4_devconf, sizeof(ipv4_devconf), GFP_KERNEL);
2683 dflt = kmemdup(&ipv4_devconf_dflt, sizeof(ipv4_devconf_dflt), GFP_KERNEL);
2685 goto err_alloc_dflt;
2687 #ifdef CONFIG_SYSCTL
2688 tbl = kmemdup(ctl_forward_entry, sizeof(ctl_forward_entry), GFP_KERNEL);
2692 tbl[0].data = &all->data[IPV4_DEVCONF_FORWARDING - 1];
2693 tbl[0].extra1 = all;
2694 tbl[0].extra2 = net;
2697 if (!net_eq(net, &init_net)) {
2698 switch (net_inherit_devconf()) {
2700 /* copy from the current netns */
2701 memcpy(all, current->nsproxy->net_ns->ipv4.devconf_all,
2702 sizeof(ipv4_devconf));
2704 current->nsproxy->net_ns->ipv4.devconf_dflt,
2705 sizeof(ipv4_devconf_dflt));
2709 /* copy from init_net */
2710 memcpy(all, init_net.ipv4.devconf_all,
2711 sizeof(ipv4_devconf));
2712 memcpy(dflt, init_net.ipv4.devconf_dflt,
2713 sizeof(ipv4_devconf_dflt));
2716 /* use compiled values */
2721 #ifdef CONFIG_SYSCTL
2722 err = __devinet_sysctl_register(net, "all", NETCONFA_IFINDEX_ALL, all);
2726 err = __devinet_sysctl_register(net, "default",
2727 NETCONFA_IFINDEX_DEFAULT, dflt);
2732 forw_hdr = register_net_sysctl(net, "net/ipv4", tbl);
2735 net->ipv4.forw_hdr = forw_hdr;
2738 net->ipv4.devconf_all = all;
2739 net->ipv4.devconf_dflt = dflt;
2742 #ifdef CONFIG_SYSCTL
2744 __devinet_sysctl_unregister(net, dflt, NETCONFA_IFINDEX_DEFAULT);
2746 __devinet_sysctl_unregister(net, all, NETCONFA_IFINDEX_ALL);
2758 static __net_exit void devinet_exit_net(struct net *net)
2760 #ifdef CONFIG_SYSCTL
2761 struct ctl_table *tbl;
2763 tbl = net->ipv4.forw_hdr->ctl_table_arg;
2764 unregister_net_sysctl_table(net->ipv4.forw_hdr);
2765 __devinet_sysctl_unregister(net, net->ipv4.devconf_dflt,
2766 NETCONFA_IFINDEX_DEFAULT);
2767 __devinet_sysctl_unregister(net, net->ipv4.devconf_all,
2768 NETCONFA_IFINDEX_ALL);
2771 kfree(net->ipv4.devconf_dflt);
2772 kfree(net->ipv4.devconf_all);
2775 static __net_initdata struct pernet_operations devinet_ops = {
2776 .init = devinet_init_net,
2777 .exit = devinet_exit_net,
2780 static struct rtnl_af_ops inet_af_ops __read_mostly = {
2782 .fill_link_af = inet_fill_link_af,
2783 .get_link_af_size = inet_get_link_af_size,
2784 .validate_link_af = inet_validate_link_af,
2785 .set_link_af = inet_set_link_af,
2788 void __init devinet_init(void)
2792 for (i = 0; i < IN4_ADDR_HSIZE; i++)
2793 INIT_HLIST_HEAD(&inet_addr_lst[i]);
2795 register_pernet_subsys(&devinet_ops);
2796 register_netdevice_notifier(&ip_netdev_notifier);
2798 queue_delayed_work(system_power_efficient_wq, &check_lifetime_work, 0);
2800 rtnl_af_register(&inet_af_ops);
2802 rtnl_register(PF_INET, RTM_NEWADDR, inet_rtm_newaddr, NULL, 0);
2803 rtnl_register(PF_INET, RTM_DELADDR, inet_rtm_deladdr, NULL, 0);
2804 rtnl_register(PF_INET, RTM_GETADDR, NULL, inet_dump_ifaddr, 0);
2805 rtnl_register(PF_INET, RTM_GETNETCONF, inet_netconf_get_devconf,
2806 inet_netconf_dump_devconf, 0);