1 | /* |
2 | * NET3 IP device support routines. |
3 | * |
4 | * This program is free software; you can redistribute it and/or |
5 | * modify it under the terms of the GNU General Public License |
6 | * as published by the Free Software Foundation; either version |
7 | * 2 of the License, or (at your option) any later version. |
8 | * |
9 | * Derived from the IP parts of dev.c 1.0.19 |
10 | * Authors: Ross Biro |
11 | * Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG> |
12 | * Mark Evans, <evansmp@uhura.aston.ac.uk> |
13 | * |
14 | * Additional Authors: |
15 | * Alan Cox, <gw4pts@gw4pts.ampr.org> |
16 | * Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru> |
17 | * |
18 | * Changes: |
19 | * Alexey Kuznetsov: pa_* fields are replaced with ifaddr |
20 | * lists. |
21 | * Cyrus Durgin: updated for kmod |
22 | * Matthias Andree: in devinet_ioctl, compare label and |
23 | * address (4.4BSD alias style support), |
24 | * fall back to comparing just the label |
25 | * if no match found. |
26 | */ |
27 | |
28 | |
29 | #include <linux/uaccess.h> |
30 | #include <linux/bitops.h> |
31 | #include <linux/capability.h> |
32 | #include <linux/module.h> |
33 | #include <linux/types.h> |
34 | #include <linux/kernel.h> |
35 | #include <linux/sched/signal.h> |
36 | #include <linux/string.h> |
37 | #include <linux/mm.h> |
38 | #include <linux/socket.h> |
39 | #include <linux/sockios.h> |
40 | #include <linux/in.h> |
41 | #include <linux/errno.h> |
42 | #include <linux/interrupt.h> |
43 | #include <linux/if_addr.h> |
44 | #include <linux/if_ether.h> |
45 | #include <linux/inet.h> |
46 | #include <linux/netdevice.h> |
47 | #include <linux/etherdevice.h> |
48 | #include <linux/skbuff.h> |
49 | #include <linux/init.h> |
50 | #include <linux/notifier.h> |
51 | #include <linux/inetdevice.h> |
52 | #include <linux/igmp.h> |
53 | #include <linux/slab.h> |
54 | #include <linux/hash.h> |
55 | #ifdef CONFIG_SYSCTL |
56 | #include <linux/sysctl.h> |
57 | #endif |
58 | #include <linux/kmod.h> |
59 | #include <linux/netconf.h> |
60 | |
61 | #include <net/arp.h> |
62 | #include <net/ip.h> |
63 | #include <net/route.h> |
64 | #include <net/ip_fib.h> |
65 | #include <net/rtnetlink.h> |
66 | #include <net/net_namespace.h> |
67 | #include <net/addrconf.h> |
68 | |
69 | static struct ipv4_devconf ipv4_devconf = { |
70 | .data = { |
71 | [IPV4_DEVCONF_ACCEPT_REDIRECTS - 1] = 1, |
72 | [IPV4_DEVCONF_SEND_REDIRECTS - 1] = 1, |
73 | [IPV4_DEVCONF_SECURE_REDIRECTS - 1] = 1, |
74 | [IPV4_DEVCONF_SHARED_MEDIA - 1] = 1, |
75 | [IPV4_DEVCONF_IGMPV2_UNSOLICITED_REPORT_INTERVAL - 1] = 10000 /*ms*/, |
76 | [IPV4_DEVCONF_IGMPV3_UNSOLICITED_REPORT_INTERVAL - 1] = 1000 /*ms*/, |
77 | }, |
78 | }; |
79 | |
80 | static struct ipv4_devconf ipv4_devconf_dflt = { |
81 | .data = { |
82 | [IPV4_DEVCONF_ACCEPT_REDIRECTS - 1] = 1, |
83 | [IPV4_DEVCONF_SEND_REDIRECTS - 1] = 1, |
84 | [IPV4_DEVCONF_SECURE_REDIRECTS - 1] = 1, |
85 | [IPV4_DEVCONF_SHARED_MEDIA - 1] = 1, |
86 | [IPV4_DEVCONF_ACCEPT_SOURCE_ROUTE - 1] = 1, |
87 | [IPV4_DEVCONF_IGMPV2_UNSOLICITED_REPORT_INTERVAL - 1] = 10000 /*ms*/, |
88 | [IPV4_DEVCONF_IGMPV3_UNSOLICITED_REPORT_INTERVAL - 1] = 1000 /*ms*/, |
89 | }, |
90 | }; |
91 | |
92 | #define IPV4_DEVCONF_DFLT(net, attr) \ |
93 | IPV4_DEVCONF((*net->ipv4.devconf_dflt), attr) |
94 | |
95 | static const struct nla_policy ifa_ipv4_policy[IFA_MAX+1] = { |
96 | [IFA_LOCAL] = { .type = NLA_U32 }, |
97 | [IFA_ADDRESS] = { .type = NLA_U32 }, |
98 | [IFA_BROADCAST] = { .type = NLA_U32 }, |
99 | [IFA_LABEL] = { .type = NLA_STRING, .len = IFNAMSIZ - 1 }, |
100 | [IFA_CACHEINFO] = { .len = sizeof(struct ifa_cacheinfo) }, |
101 | [IFA_FLAGS] = { .type = NLA_U32 }, |
102 | [IFA_RT_PRIORITY] = { .type = NLA_U32 }, |
103 | [IFA_TARGET_NETNSID] = { .type = NLA_S32 }, |
104 | }; |
105 | |
106 | struct inet_fill_args { |
107 | u32 portid; |
108 | u32 seq; |
109 | int event; |
110 | unsigned int flags; |
111 | int netnsid; |
112 | int ifindex; |
113 | }; |
114 | |
115 | #define IN4_ADDR_HSIZE_SHIFT 8 |
116 | #define IN4_ADDR_HSIZE (1U << IN4_ADDR_HSIZE_SHIFT) |
117 | |
118 | static struct hlist_head inet_addr_lst[IN4_ADDR_HSIZE]; |
119 | |
120 | static u32 inet_addr_hash(const struct net *net, __be32 addr) |
121 | { |
122 | u32 val = (__force u32) addr ^ net_hash_mix(net); |
123 | |
124 | return hash_32(val, IN4_ADDR_HSIZE_SHIFT); |
125 | } |
126 | |
127 | static void inet_hash_insert(struct net *net, struct in_ifaddr *ifa) |
128 | { |
129 | u32 hash = inet_addr_hash(net, ifa->ifa_local); |
130 | |
131 | ASSERT_RTNL(); |
132 | hlist_add_head_rcu(&ifa->hash, &inet_addr_lst[hash]); |
133 | } |
134 | |
135 | static void inet_hash_remove(struct in_ifaddr *ifa) |
136 | { |
137 | ASSERT_RTNL(); |
138 | hlist_del_init_rcu(&ifa->hash); |
139 | } |
140 | |
141 | /** |
142 | * __ip_dev_find - find the first device with a given source address. |
143 | * @net: the net namespace |
144 | * @addr: the source address |
145 | * @devref: if true, take a reference on the found device |
146 | * |
147 | * If a caller uses devref=false, it should be protected by RCU, or RTNL |
148 | */ |
149 | struct net_device *__ip_dev_find(struct net *net, __be32 addr, bool devref) |
150 | { |
151 | struct net_device *result = NULL; |
152 | struct in_ifaddr *ifa; |
153 | |
154 | rcu_read_lock(); |
155 | ifa = inet_lookup_ifaddr_rcu(net, addr); |
156 | if (!ifa) { |
157 | struct flowi4 fl4 = { .daddr = addr }; |
158 | struct fib_result res = { 0 }; |
159 | struct fib_table *local; |
160 | |
161 | /* Fallback to FIB local table so that communication |
162 | * over loopback subnets work. |
163 | */ |
164 | local = fib_get_table(net, RT_TABLE_LOCAL); |
165 | if (local && |
166 | !fib_table_lookup(local, &fl4, &res, FIB_LOOKUP_NOREF) && |
167 | res.type == RTN_LOCAL) |
168 | result = FIB_RES_DEV(res); |
169 | } else { |
170 | result = ifa->ifa_dev->dev; |
171 | } |
172 | if (result && devref) |
173 | dev_hold(result); |
174 | rcu_read_unlock(); |
175 | return result; |
176 | } |
177 | EXPORT_SYMBOL(__ip_dev_find); |
178 | |
179 | /* called under RCU lock */ |
180 | struct in_ifaddr *inet_lookup_ifaddr_rcu(struct net *net, __be32 addr) |
181 | { |
182 | u32 hash = inet_addr_hash(net, addr); |
183 | struct in_ifaddr *ifa; |
184 | |
185 | hlist_for_each_entry_rcu(ifa, &inet_addr_lst[hash], hash) |
186 | if (ifa->ifa_local == addr && |
187 | net_eq(dev_net(ifa->ifa_dev->dev), net)) |
188 | return ifa; |
189 | |
190 | return NULL; |
191 | } |
192 | |
193 | static void rtmsg_ifa(int event, struct in_ifaddr *, struct nlmsghdr *, u32); |
194 | |
195 | static BLOCKING_NOTIFIER_HEAD(inetaddr_chain); |
196 | static BLOCKING_NOTIFIER_HEAD(inetaddr_validator_chain); |
197 | static void inet_del_ifa(struct in_device *in_dev, struct in_ifaddr **ifap, |
198 | int destroy); |
199 | #ifdef CONFIG_SYSCTL |
200 | static int devinet_sysctl_register(struct in_device *idev); |
201 | static void devinet_sysctl_unregister(struct in_device *idev); |
202 | #else |
203 | static int devinet_sysctl_register(struct in_device *idev) |
204 | { |
205 | return 0; |
206 | } |
207 | static void devinet_sysctl_unregister(struct in_device *idev) |
208 | { |
209 | } |
210 | #endif |
211 | |
212 | /* Locks all the inet devices. */ |
213 | |
214 | static struct in_ifaddr *inet_alloc_ifa(void) |
215 | { |
216 | return kzalloc(sizeof(struct in_ifaddr), GFP_KERNEL); |
217 | } |
218 | |
219 | static void inet_rcu_free_ifa(struct rcu_head *head) |
220 | { |
221 | struct in_ifaddr *ifa = container_of(head, struct in_ifaddr, rcu_head); |
222 | if (ifa->ifa_dev) |
223 | in_dev_put(ifa->ifa_dev); |
224 | kfree(ifa); |
225 | } |
226 | |
227 | static void inet_free_ifa(struct in_ifaddr *ifa) |
228 | { |
229 | call_rcu(&ifa->rcu_head, inet_rcu_free_ifa); |
230 | } |
231 | |
232 | void in_dev_finish_destroy(struct in_device *idev) |
233 | { |
234 | struct net_device *dev = idev->dev; |
235 | |
236 | WARN_ON(idev->ifa_list); |
237 | WARN_ON(idev->mc_list); |
238 | kfree(rcu_dereference_protected(idev->mc_hash, 1)); |
239 | #ifdef NET_REFCNT_DEBUG |
240 | pr_debug("%s: %p=%s\n" , __func__, idev, dev ? dev->name : "NIL" ); |
241 | #endif |
242 | dev_put(dev); |
243 | if (!idev->dead) |
244 | pr_err("Freeing alive in_device %p\n" , idev); |
245 | else |
246 | kfree(idev); |
247 | } |
248 | EXPORT_SYMBOL(in_dev_finish_destroy); |
249 | |
250 | static struct in_device *inetdev_init(struct net_device *dev) |
251 | { |
252 | struct in_device *in_dev; |
253 | int err = -ENOMEM; |
254 | |
255 | ASSERT_RTNL(); |
256 | |
257 | in_dev = kzalloc(sizeof(*in_dev), GFP_KERNEL); |
258 | if (!in_dev) |
259 | goto out; |
260 | memcpy(&in_dev->cnf, dev_net(dev)->ipv4.devconf_dflt, |
261 | sizeof(in_dev->cnf)); |
262 | in_dev->cnf.sysctl = NULL; |
263 | in_dev->dev = dev; |
264 | in_dev->arp_parms = neigh_parms_alloc(dev, &arp_tbl); |
265 | if (!in_dev->arp_parms) |
266 | goto out_kfree; |
267 | if (IPV4_DEVCONF(in_dev->cnf, FORWARDING)) |
268 | dev_disable_lro(dev); |
269 | /* Reference in_dev->dev */ |
270 | dev_hold(dev); |
271 | /* Account for reference dev->ip_ptr (below) */ |
272 | refcount_set(&in_dev->refcnt, 1); |
273 | |
274 | err = devinet_sysctl_register(in_dev); |
275 | if (err) { |
276 | in_dev->dead = 1; |
277 | in_dev_put(in_dev); |
278 | in_dev = NULL; |
279 | goto out; |
280 | } |
281 | ip_mc_init_dev(in_dev); |
282 | if (dev->flags & IFF_UP) |
283 | ip_mc_up(in_dev); |
284 | |
285 | /* we can receive as soon as ip_ptr is set -- do this last */ |
286 | rcu_assign_pointer(dev->ip_ptr, in_dev); |
287 | out: |
288 | return in_dev ?: ERR_PTR(err); |
289 | out_kfree: |
290 | kfree(in_dev); |
291 | in_dev = NULL; |
292 | goto out; |
293 | } |
294 | |
295 | static void in_dev_rcu_put(struct rcu_head *head) |
296 | { |
297 | struct in_device *idev = container_of(head, struct in_device, rcu_head); |
298 | in_dev_put(idev); |
299 | } |
300 | |
301 | static void inetdev_destroy(struct in_device *in_dev) |
302 | { |
303 | struct in_ifaddr *ifa; |
304 | struct net_device *dev; |
305 | |
306 | ASSERT_RTNL(); |
307 | |
308 | dev = in_dev->dev; |
309 | |
310 | in_dev->dead = 1; |
311 | |
312 | ip_mc_destroy_dev(in_dev); |
313 | |
314 | while ((ifa = in_dev->ifa_list) != NULL) { |
315 | inet_del_ifa(in_dev, &in_dev->ifa_list, 0); |
316 | inet_free_ifa(ifa); |
317 | } |
318 | |
319 | RCU_INIT_POINTER(dev->ip_ptr, NULL); |
320 | |
321 | devinet_sysctl_unregister(in_dev); |
322 | neigh_parms_release(&arp_tbl, in_dev->arp_parms); |
323 | arp_ifdown(dev); |
324 | |
325 | call_rcu(&in_dev->rcu_head, in_dev_rcu_put); |
326 | } |
327 | |
328 | int inet_addr_onlink(struct in_device *in_dev, __be32 a, __be32 b) |
329 | { |
330 | rcu_read_lock(); |
331 | for_primary_ifa(in_dev) { |
332 | if (inet_ifa_match(a, ifa)) { |
333 | if (!b || inet_ifa_match(b, ifa)) { |
334 | rcu_read_unlock(); |
335 | return 1; |
336 | } |
337 | } |
338 | } endfor_ifa(in_dev); |
339 | rcu_read_unlock(); |
340 | return 0; |
341 | } |
342 | |
343 | static void __inet_del_ifa(struct in_device *in_dev, struct in_ifaddr **ifap, |
344 | int destroy, struct nlmsghdr *nlh, u32 portid) |
345 | { |
346 | struct in_ifaddr *promote = NULL; |
347 | struct in_ifaddr *ifa, *ifa1 = *ifap; |
348 | struct in_ifaddr *last_prim = in_dev->ifa_list; |
349 | struct in_ifaddr *prev_prom = NULL; |
350 | int do_promote = IN_DEV_PROMOTE_SECONDARIES(in_dev); |
351 | |
352 | ASSERT_RTNL(); |
353 | |
354 | if (in_dev->dead) |
355 | goto no_promotions; |
356 | |
357 | /* 1. Deleting primary ifaddr forces deletion all secondaries |
358 | * unless alias promotion is set |
359 | **/ |
360 | |
361 | if (!(ifa1->ifa_flags & IFA_F_SECONDARY)) { |
362 | struct in_ifaddr **ifap1 = &ifa1->ifa_next; |
363 | |
364 | while ((ifa = *ifap1) != NULL) { |
365 | if (!(ifa->ifa_flags & IFA_F_SECONDARY) && |
366 | ifa1->ifa_scope <= ifa->ifa_scope) |
367 | last_prim = ifa; |
368 | |
369 | if (!(ifa->ifa_flags & IFA_F_SECONDARY) || |
370 | ifa1->ifa_mask != ifa->ifa_mask || |
371 | !inet_ifa_match(ifa1->ifa_address, ifa)) { |
372 | ifap1 = &ifa->ifa_next; |
373 | prev_prom = ifa; |
374 | continue; |
375 | } |
376 | |
377 | if (!do_promote) { |
378 | inet_hash_remove(ifa); |
379 | *ifap1 = ifa->ifa_next; |
380 | |
381 | rtmsg_ifa(RTM_DELADDR, ifa, nlh, portid); |
382 | blocking_notifier_call_chain(&inetaddr_chain, |
383 | NETDEV_DOWN, ifa); |
384 | inet_free_ifa(ifa); |
385 | } else { |
386 | promote = ifa; |
387 | break; |
388 | } |
389 | } |
390 | } |
391 | |
392 | /* On promotion all secondaries from subnet are changing |
393 | * the primary IP, we must remove all their routes silently |
394 | * and later to add them back with new prefsrc. Do this |
395 | * while all addresses are on the device list. |
396 | */ |
397 | for (ifa = promote; ifa; ifa = ifa->ifa_next) { |
398 | if (ifa1->ifa_mask == ifa->ifa_mask && |
399 | inet_ifa_match(ifa1->ifa_address, ifa)) |
400 | fib_del_ifaddr(ifa, ifa1); |
401 | } |
402 | |
403 | no_promotions: |
404 | /* 2. Unlink it */ |
405 | |
406 | *ifap = ifa1->ifa_next; |
407 | inet_hash_remove(ifa1); |
408 | |
409 | /* 3. Announce address deletion */ |
410 | |
411 | /* Send message first, then call notifier. |
412 | At first sight, FIB update triggered by notifier |
413 | will refer to already deleted ifaddr, that could confuse |
414 | netlink listeners. It is not true: look, gated sees |
415 | that route deleted and if it still thinks that ifaddr |
416 | is valid, it will try to restore deleted routes... Grr. |
417 | So that, this order is correct. |
418 | */ |
419 | rtmsg_ifa(RTM_DELADDR, ifa1, nlh, portid); |
420 | blocking_notifier_call_chain(&inetaddr_chain, NETDEV_DOWN, ifa1); |
421 | |
422 | if (promote) { |
423 | struct in_ifaddr *next_sec = promote->ifa_next; |
424 | |
425 | if (prev_prom) { |
426 | prev_prom->ifa_next = promote->ifa_next; |
427 | promote->ifa_next = last_prim->ifa_next; |
428 | last_prim->ifa_next = promote; |
429 | } |
430 | |
431 | promote->ifa_flags &= ~IFA_F_SECONDARY; |
432 | rtmsg_ifa(RTM_NEWADDR, promote, nlh, portid); |
433 | blocking_notifier_call_chain(&inetaddr_chain, |
434 | NETDEV_UP, promote); |
435 | for (ifa = next_sec; ifa; ifa = ifa->ifa_next) { |
436 | if (ifa1->ifa_mask != ifa->ifa_mask || |
437 | !inet_ifa_match(ifa1->ifa_address, ifa)) |
438 | continue; |
439 | fib_add_ifaddr(ifa); |
440 | } |
441 | |
442 | } |
443 | if (destroy) |
444 | inet_free_ifa(ifa1); |
445 | } |
446 | |
447 | static void inet_del_ifa(struct in_device *in_dev, struct in_ifaddr **ifap, |
448 | int destroy) |
449 | { |
450 | __inet_del_ifa(in_dev, ifap, destroy, NULL, 0); |
451 | } |
452 | |
453 | static void check_lifetime(struct work_struct *work); |
454 | |
455 | static DECLARE_DELAYED_WORK(check_lifetime_work, check_lifetime); |
456 | |
457 | static int __inet_insert_ifa(struct in_ifaddr *ifa, struct nlmsghdr *nlh, |
458 | u32 portid, struct netlink_ext_ack *extack) |
459 | { |
460 | struct in_device *in_dev = ifa->ifa_dev; |
461 | struct in_ifaddr *ifa1, **ifap, **last_primary; |
462 | struct in_validator_info ivi; |
463 | int ret; |
464 | |
465 | ASSERT_RTNL(); |
466 | |
467 | if (!ifa->ifa_local) { |
468 | inet_free_ifa(ifa); |
469 | return 0; |
470 | } |
471 | |
472 | ifa->ifa_flags &= ~IFA_F_SECONDARY; |
473 | last_primary = &in_dev->ifa_list; |
474 | |
475 | for (ifap = &in_dev->ifa_list; (ifa1 = *ifap) != NULL; |
476 | ifap = &ifa1->ifa_next) { |
477 | if (!(ifa1->ifa_flags & IFA_F_SECONDARY) && |
478 | ifa->ifa_scope <= ifa1->ifa_scope) |
479 | last_primary = &ifa1->ifa_next; |
480 | if (ifa1->ifa_mask == ifa->ifa_mask && |
481 | inet_ifa_match(ifa1->ifa_address, ifa)) { |
482 | if (ifa1->ifa_local == ifa->ifa_local) { |
483 | inet_free_ifa(ifa); |
484 | return -EEXIST; |
485 | } |
486 | if (ifa1->ifa_scope != ifa->ifa_scope) { |
487 | inet_free_ifa(ifa); |
488 | return -EINVAL; |
489 | } |
490 | ifa->ifa_flags |= IFA_F_SECONDARY; |
491 | } |
492 | } |
493 | |
494 | /* Allow any devices that wish to register ifaddr validtors to weigh |
495 | * in now, before changes are committed. The rntl lock is serializing |
496 | * access here, so the state should not change between a validator call |
497 | * and a final notify on commit. This isn't invoked on promotion under |
498 | * the assumption that validators are checking the address itself, and |
499 | * not the flags. |
500 | */ |
501 | ivi.ivi_addr = ifa->ifa_address; |
502 | ivi.ivi_dev = ifa->ifa_dev; |
503 | ivi.extack = extack; |
504 | ret = blocking_notifier_call_chain(&inetaddr_validator_chain, |
505 | NETDEV_UP, &ivi); |
506 | ret = notifier_to_errno(ret); |
507 | if (ret) { |
508 | inet_free_ifa(ifa); |
509 | return ret; |
510 | } |
511 | |
512 | if (!(ifa->ifa_flags & IFA_F_SECONDARY)) { |
513 | prandom_seed((__force u32) ifa->ifa_local); |
514 | ifap = last_primary; |
515 | } |
516 | |
517 | ifa->ifa_next = *ifap; |
518 | *ifap = ifa; |
519 | |
520 | inet_hash_insert(dev_net(in_dev->dev), ifa); |
521 | |
522 | cancel_delayed_work(&check_lifetime_work); |
523 | queue_delayed_work(system_power_efficient_wq, &check_lifetime_work, 0); |
524 | |
525 | /* Send message first, then call notifier. |
526 | Notifier will trigger FIB update, so that |
527 | listeners of netlink will know about new ifaddr */ |
528 | rtmsg_ifa(RTM_NEWADDR, ifa, nlh, portid); |
529 | blocking_notifier_call_chain(&inetaddr_chain, NETDEV_UP, ifa); |
530 | |
531 | return 0; |
532 | } |
533 | |
534 | static int inet_insert_ifa(struct in_ifaddr *ifa) |
535 | { |
536 | return __inet_insert_ifa(ifa, NULL, 0, NULL); |
537 | } |
538 | |
539 | static int inet_set_ifa(struct net_device *dev, struct in_ifaddr *ifa) |
540 | { |
541 | struct in_device *in_dev = __in_dev_get_rtnl(dev); |
542 | |
543 | ASSERT_RTNL(); |
544 | |
545 | if (!in_dev) { |
546 | inet_free_ifa(ifa); |
547 | return -ENOBUFS; |
548 | } |
549 | ipv4_devconf_setall(in_dev); |
550 | neigh_parms_data_state_setall(in_dev->arp_parms); |
551 | if (ifa->ifa_dev != in_dev) { |
552 | WARN_ON(ifa->ifa_dev); |
553 | in_dev_hold(in_dev); |
554 | ifa->ifa_dev = in_dev; |
555 | } |
556 | if (ipv4_is_loopback(ifa->ifa_local)) |
557 | ifa->ifa_scope = RT_SCOPE_HOST; |
558 | return inet_insert_ifa(ifa); |
559 | } |
560 | |
561 | /* Caller must hold RCU or RTNL : |
562 | * We dont take a reference on found in_device |
563 | */ |
564 | struct in_device *inetdev_by_index(struct net *net, int ifindex) |
565 | { |
566 | struct net_device *dev; |
567 | struct in_device *in_dev = NULL; |
568 | |
569 | rcu_read_lock(); |
570 | dev = dev_get_by_index_rcu(net, ifindex); |
571 | if (dev) |
572 | in_dev = rcu_dereference_rtnl(dev->ip_ptr); |
573 | rcu_read_unlock(); |
574 | return in_dev; |
575 | } |
576 | EXPORT_SYMBOL(inetdev_by_index); |
577 | |
578 | /* Called only from RTNL semaphored context. No locks. */ |
579 | |
580 | struct in_ifaddr *inet_ifa_byprefix(struct in_device *in_dev, __be32 prefix, |
581 | __be32 mask) |
582 | { |
583 | ASSERT_RTNL(); |
584 | |
585 | for_primary_ifa(in_dev) { |
586 | if (ifa->ifa_mask == mask && inet_ifa_match(prefix, ifa)) |
587 | return ifa; |
588 | } endfor_ifa(in_dev); |
589 | return NULL; |
590 | } |
591 | |
592 | static int ip_mc_config(struct sock *sk, bool join, const struct in_ifaddr *ifa) |
593 | { |
594 | struct ip_mreqn mreq = { |
595 | .imr_multiaddr.s_addr = ifa->ifa_address, |
596 | .imr_ifindex = ifa->ifa_dev->dev->ifindex, |
597 | }; |
598 | int ret; |
599 | |
600 | ASSERT_RTNL(); |
601 | |
602 | lock_sock(sk); |
603 | if (join) |
604 | ret = ip_mc_join_group(sk, &mreq); |
605 | else |
606 | ret = ip_mc_leave_group(sk, &mreq); |
607 | release_sock(sk); |
608 | |
609 | return ret; |
610 | } |
611 | |
612 | static int inet_rtm_deladdr(struct sk_buff *skb, struct nlmsghdr *nlh, |
613 | struct netlink_ext_ack *extack) |
614 | { |
615 | struct net *net = sock_net(skb->sk); |
616 | struct nlattr *tb[IFA_MAX+1]; |
617 | struct in_device *in_dev; |
618 | struct ifaddrmsg *ifm; |
619 | struct in_ifaddr *ifa, **ifap; |
620 | int err = -EINVAL; |
621 | |
622 | ASSERT_RTNL(); |
623 | |
624 | err = nlmsg_parse(nlh, sizeof(*ifm), tb, IFA_MAX, ifa_ipv4_policy, |
625 | extack); |
626 | if (err < 0) |
627 | goto errout; |
628 | |
629 | ifm = nlmsg_data(nlh); |
630 | in_dev = inetdev_by_index(net, ifm->ifa_index); |
631 | if (!in_dev) { |
632 | err = -ENODEV; |
633 | goto errout; |
634 | } |
635 | |
636 | for (ifap = &in_dev->ifa_list; (ifa = *ifap) != NULL; |
637 | ifap = &ifa->ifa_next) { |
638 | if (tb[IFA_LOCAL] && |
639 | ifa->ifa_local != nla_get_in_addr(tb[IFA_LOCAL])) |
640 | continue; |
641 | |
642 | if (tb[IFA_LABEL] && nla_strcmp(tb[IFA_LABEL], ifa->ifa_label)) |
643 | continue; |
644 | |
645 | if (tb[IFA_ADDRESS] && |
646 | (ifm->ifa_prefixlen != ifa->ifa_prefixlen || |
647 | !inet_ifa_match(nla_get_in_addr(tb[IFA_ADDRESS]), ifa))) |
648 | continue; |
649 | |
650 | if (ipv4_is_multicast(ifa->ifa_address)) |
651 | ip_mc_config(net->ipv4.mc_autojoin_sk, false, ifa); |
652 | __inet_del_ifa(in_dev, ifap, 1, nlh, NETLINK_CB(skb).portid); |
653 | return 0; |
654 | } |
655 | |
656 | err = -EADDRNOTAVAIL; |
657 | errout: |
658 | return err; |
659 | } |
660 | |
661 | #define INFINITY_LIFE_TIME 0xFFFFFFFF |
662 | |
663 | static void check_lifetime(struct work_struct *work) |
664 | { |
665 | unsigned long now, next, next_sec, next_sched; |
666 | struct in_ifaddr *ifa; |
667 | struct hlist_node *n; |
668 | int i; |
669 | |
670 | now = jiffies; |
671 | next = round_jiffies_up(now + ADDR_CHECK_FREQUENCY); |
672 | |
673 | for (i = 0; i < IN4_ADDR_HSIZE; i++) { |
674 | bool change_needed = false; |
675 | |
676 | rcu_read_lock(); |
677 | hlist_for_each_entry_rcu(ifa, &inet_addr_lst[i], hash) { |
678 | unsigned long age; |
679 | |
680 | if (ifa->ifa_flags & IFA_F_PERMANENT) |
681 | continue; |
682 | |
683 | /* We try to batch several events at once. */ |
684 | age = (now - ifa->ifa_tstamp + |
685 | ADDRCONF_TIMER_FUZZ_MINUS) / HZ; |
686 | |
687 | if (ifa->ifa_valid_lft != INFINITY_LIFE_TIME && |
688 | age >= ifa->ifa_valid_lft) { |
689 | change_needed = true; |
690 | } else if (ifa->ifa_preferred_lft == |
691 | INFINITY_LIFE_TIME) { |
692 | continue; |
693 | } else if (age >= ifa->ifa_preferred_lft) { |
694 | if (time_before(ifa->ifa_tstamp + |
695 | ifa->ifa_valid_lft * HZ, next)) |
696 | next = ifa->ifa_tstamp + |
697 | ifa->ifa_valid_lft * HZ; |
698 | |
699 | if (!(ifa->ifa_flags & IFA_F_DEPRECATED)) |
700 | change_needed = true; |
701 | } else if (time_before(ifa->ifa_tstamp + |
702 | ifa->ifa_preferred_lft * HZ, |
703 | next)) { |
704 | next = ifa->ifa_tstamp + |
705 | ifa->ifa_preferred_lft * HZ; |
706 | } |
707 | } |
708 | rcu_read_unlock(); |
709 | if (!change_needed) |
710 | continue; |
711 | rtnl_lock(); |
712 | hlist_for_each_entry_safe(ifa, n, &inet_addr_lst[i], hash) { |
713 | unsigned long age; |
714 | |
715 | if (ifa->ifa_flags & IFA_F_PERMANENT) |
716 | continue; |
717 | |
718 | /* We try to batch several events at once. */ |
719 | age = (now - ifa->ifa_tstamp + |
720 | ADDRCONF_TIMER_FUZZ_MINUS) / HZ; |
721 | |
722 | if (ifa->ifa_valid_lft != INFINITY_LIFE_TIME && |
723 | age >= ifa->ifa_valid_lft) { |
724 | struct in_ifaddr **ifap; |
725 | |
726 | for (ifap = &ifa->ifa_dev->ifa_list; |
727 | *ifap != NULL; ifap = &(*ifap)->ifa_next) { |
728 | if (*ifap == ifa) { |
729 | inet_del_ifa(ifa->ifa_dev, |
730 | ifap, 1); |
731 | break; |
732 | } |
733 | } |
734 | } else if (ifa->ifa_preferred_lft != |
735 | INFINITY_LIFE_TIME && |
736 | age >= ifa->ifa_preferred_lft && |
737 | !(ifa->ifa_flags & IFA_F_DEPRECATED)) { |
738 | ifa->ifa_flags |= IFA_F_DEPRECATED; |
739 | rtmsg_ifa(RTM_NEWADDR, ifa, NULL, 0); |
740 | } |
741 | } |
742 | rtnl_unlock(); |
743 | } |
744 | |
745 | next_sec = round_jiffies_up(next); |
746 | next_sched = next; |
747 | |
748 | /* If rounded timeout is accurate enough, accept it. */ |
749 | if (time_before(next_sec, next + ADDRCONF_TIMER_FUZZ)) |
750 | next_sched = next_sec; |
751 | |
752 | now = jiffies; |
753 | /* And minimum interval is ADDRCONF_TIMER_FUZZ_MAX. */ |
754 | if (time_before(next_sched, now + ADDRCONF_TIMER_FUZZ_MAX)) |
755 | next_sched = now + ADDRCONF_TIMER_FUZZ_MAX; |
756 | |
757 | queue_delayed_work(system_power_efficient_wq, &check_lifetime_work, |
758 | next_sched - now); |
759 | } |
760 | |
761 | static void set_ifa_lifetime(struct in_ifaddr *ifa, __u32 valid_lft, |
762 | __u32 prefered_lft) |
763 | { |
764 | unsigned long timeout; |
765 | |
766 | ifa->ifa_flags &= ~(IFA_F_PERMANENT | IFA_F_DEPRECATED); |
767 | |
768 | timeout = addrconf_timeout_fixup(valid_lft, HZ); |
769 | if (addrconf_finite_timeout(timeout)) |
770 | ifa->ifa_valid_lft = timeout; |
771 | else |
772 | ifa->ifa_flags |= IFA_F_PERMANENT; |
773 | |
774 | timeout = addrconf_timeout_fixup(prefered_lft, HZ); |
775 | if (addrconf_finite_timeout(timeout)) { |
776 | if (timeout == 0) |
777 | ifa->ifa_flags |= IFA_F_DEPRECATED; |
778 | ifa->ifa_preferred_lft = timeout; |
779 | } |
780 | ifa->ifa_tstamp = jiffies; |
781 | if (!ifa->ifa_cstamp) |
782 | ifa->ifa_cstamp = ifa->ifa_tstamp; |
783 | } |
784 | |
785 | static struct in_ifaddr *rtm_to_ifaddr(struct net *net, struct nlmsghdr *nlh, |
786 | __u32 *pvalid_lft, __u32 *pprefered_lft, |
787 | struct netlink_ext_ack *extack) |
788 | { |
789 | struct nlattr *tb[IFA_MAX+1]; |
790 | struct in_ifaddr *ifa; |
791 | struct ifaddrmsg *ifm; |
792 | struct net_device *dev; |
793 | struct in_device *in_dev; |
794 | int err; |
795 | |
796 | err = nlmsg_parse(nlh, sizeof(*ifm), tb, IFA_MAX, ifa_ipv4_policy, |
797 | extack); |
798 | if (err < 0) |
799 | goto errout; |
800 | |
801 | ifm = nlmsg_data(nlh); |
802 | err = -EINVAL; |
803 | if (ifm->ifa_prefixlen > 32 || !tb[IFA_LOCAL]) |
804 | goto errout; |
805 | |
806 | dev = __dev_get_by_index(net, ifm->ifa_index); |
807 | err = -ENODEV; |
808 | if (!dev) |
809 | goto errout; |
810 | |
811 | in_dev = __in_dev_get_rtnl(dev); |
812 | err = -ENOBUFS; |
813 | if (!in_dev) |
814 | goto errout; |
815 | |
816 | ifa = inet_alloc_ifa(); |
817 | if (!ifa) |
818 | /* |
819 | * A potential indev allocation can be left alive, it stays |
820 | * assigned to its device and is destroy with it. |
821 | */ |
822 | goto errout; |
823 | |
824 | ipv4_devconf_setall(in_dev); |
825 | neigh_parms_data_state_setall(in_dev->arp_parms); |
826 | in_dev_hold(in_dev); |
827 | |
828 | if (!tb[IFA_ADDRESS]) |
829 | tb[IFA_ADDRESS] = tb[IFA_LOCAL]; |
830 | |
831 | INIT_HLIST_NODE(&ifa->hash); |
832 | ifa->ifa_prefixlen = ifm->ifa_prefixlen; |
833 | ifa->ifa_mask = inet_make_mask(ifm->ifa_prefixlen); |
834 | ifa->ifa_flags = tb[IFA_FLAGS] ? nla_get_u32(tb[IFA_FLAGS]) : |
835 | ifm->ifa_flags; |
836 | ifa->ifa_scope = ifm->ifa_scope; |
837 | ifa->ifa_dev = in_dev; |
838 | |
839 | ifa->ifa_local = nla_get_in_addr(tb[IFA_LOCAL]); |
840 | ifa->ifa_address = nla_get_in_addr(tb[IFA_ADDRESS]); |
841 | |
842 | if (tb[IFA_BROADCAST]) |
843 | ifa->ifa_broadcast = nla_get_in_addr(tb[IFA_BROADCAST]); |
844 | |
845 | if (tb[IFA_LABEL]) |
846 | nla_strlcpy(ifa->ifa_label, tb[IFA_LABEL], IFNAMSIZ); |
847 | else |
848 | memcpy(ifa->ifa_label, dev->name, IFNAMSIZ); |
849 | |
850 | if (tb[IFA_RT_PRIORITY]) |
851 | ifa->ifa_rt_priority = nla_get_u32(tb[IFA_RT_PRIORITY]); |
852 | |
853 | if (tb[IFA_CACHEINFO]) { |
854 | struct ifa_cacheinfo *ci; |
855 | |
856 | ci = nla_data(tb[IFA_CACHEINFO]); |
857 | if (!ci->ifa_valid || ci->ifa_prefered > ci->ifa_valid) { |
858 | err = -EINVAL; |
859 | goto errout_free; |
860 | } |
861 | *pvalid_lft = ci->ifa_valid; |
862 | *pprefered_lft = ci->ifa_prefered; |
863 | } |
864 | |
865 | return ifa; |
866 | |
867 | errout_free: |
868 | inet_free_ifa(ifa); |
869 | errout: |
870 | return ERR_PTR(err); |
871 | } |
872 | |
873 | static struct in_ifaddr *find_matching_ifa(struct in_ifaddr *ifa) |
874 | { |
875 | struct in_device *in_dev = ifa->ifa_dev; |
876 | struct in_ifaddr *ifa1, **ifap; |
877 | |
878 | if (!ifa->ifa_local) |
879 | return NULL; |
880 | |
881 | for (ifap = &in_dev->ifa_list; (ifa1 = *ifap) != NULL; |
882 | ifap = &ifa1->ifa_next) { |
883 | if (ifa1->ifa_mask == ifa->ifa_mask && |
884 | inet_ifa_match(ifa1->ifa_address, ifa) && |
885 | ifa1->ifa_local == ifa->ifa_local) |
886 | return ifa1; |
887 | } |
888 | return NULL; |
889 | } |
890 | |
891 | static int inet_rtm_newaddr(struct sk_buff *skb, struct nlmsghdr *nlh, |
892 | struct netlink_ext_ack *extack) |
893 | { |
894 | struct net *net = sock_net(skb->sk); |
895 | struct in_ifaddr *ifa; |
896 | struct in_ifaddr *ifa_existing; |
897 | __u32 valid_lft = INFINITY_LIFE_TIME; |
898 | __u32 prefered_lft = INFINITY_LIFE_TIME; |
899 | |
900 | ASSERT_RTNL(); |
901 | |
902 | ifa = rtm_to_ifaddr(net, nlh, &valid_lft, &prefered_lft, extack); |
903 | if (IS_ERR(ifa)) |
904 | return PTR_ERR(ifa); |
905 | |
906 | ifa_existing = find_matching_ifa(ifa); |
907 | if (!ifa_existing) { |
908 | /* It would be best to check for !NLM_F_CREATE here but |
909 | * userspace already relies on not having to provide this. |
910 | */ |
911 | set_ifa_lifetime(ifa, valid_lft, prefered_lft); |
912 | if (ifa->ifa_flags & IFA_F_MCAUTOJOIN) { |
913 | int ret = ip_mc_config(net->ipv4.mc_autojoin_sk, |
914 | true, ifa); |
915 | |
916 | if (ret < 0) { |
917 | inet_free_ifa(ifa); |
918 | return ret; |
919 | } |
920 | } |
921 | return __inet_insert_ifa(ifa, nlh, NETLINK_CB(skb).portid, |
922 | extack); |
923 | } else { |
924 | u32 new_metric = ifa->ifa_rt_priority; |
925 | |
926 | inet_free_ifa(ifa); |
927 | |
928 | if (nlh->nlmsg_flags & NLM_F_EXCL || |
929 | !(nlh->nlmsg_flags & NLM_F_REPLACE)) |
930 | return -EEXIST; |
931 | ifa = ifa_existing; |
932 | |
933 | if (ifa->ifa_rt_priority != new_metric) { |
934 | fib_modify_prefix_metric(ifa, new_metric); |
935 | ifa->ifa_rt_priority = new_metric; |
936 | } |
937 | |
938 | set_ifa_lifetime(ifa, valid_lft, prefered_lft); |
939 | cancel_delayed_work(&check_lifetime_work); |
940 | queue_delayed_work(system_power_efficient_wq, |
941 | &check_lifetime_work, 0); |
942 | rtmsg_ifa(RTM_NEWADDR, ifa, nlh, NETLINK_CB(skb).portid); |
943 | } |
944 | return 0; |
945 | } |
946 | |
947 | /* |
948 | * Determine a default network mask, based on the IP address. |
949 | */ |
950 | |
951 | static int inet_abc_len(__be32 addr) |
952 | { |
953 | int rc = -1; /* Something else, probably a multicast. */ |
954 | |
955 | if (ipv4_is_zeronet(addr) || ipv4_is_lbcast(addr)) |
956 | rc = 0; |
957 | else { |
958 | __u32 haddr = ntohl(addr); |
959 | if (IN_CLASSA(haddr)) |
960 | rc = 8; |
961 | else if (IN_CLASSB(haddr)) |
962 | rc = 16; |
963 | else if (IN_CLASSC(haddr)) |
964 | rc = 24; |
965 | else if (IN_CLASSE(haddr)) |
966 | rc = 32; |
967 | } |
968 | |
969 | return rc; |
970 | } |
971 | |
972 | |
973 | int devinet_ioctl(struct net *net, unsigned int cmd, struct ifreq *ifr) |
974 | { |
975 | struct sockaddr_in sin_orig; |
976 | struct sockaddr_in *sin = (struct sockaddr_in *)&ifr->ifr_addr; |
977 | struct in_device *in_dev; |
978 | struct in_ifaddr **ifap = NULL; |
979 | struct in_ifaddr *ifa = NULL; |
980 | struct net_device *dev; |
981 | char *colon; |
982 | int ret = -EFAULT; |
983 | int tryaddrmatch = 0; |
984 | |
985 | ifr->ifr_name[IFNAMSIZ - 1] = 0; |
986 | |
987 | /* save original address for comparison */ |
988 | memcpy(&sin_orig, sin, sizeof(*sin)); |
989 | |
990 | colon = strchr(ifr->ifr_name, ':'); |
991 | if (colon) |
992 | *colon = 0; |
993 | |
994 | dev_load(net, ifr->ifr_name); |
995 | |
996 | switch (cmd) { |
997 | case SIOCGIFADDR: /* Get interface address */ |
998 | case SIOCGIFBRDADDR: /* Get the broadcast address */ |
999 | case SIOCGIFDSTADDR: /* Get the destination address */ |
1000 | case SIOCGIFNETMASK: /* Get the netmask for the interface */ |
1001 | /* Note that these ioctls will not sleep, |
1002 | so that we do not impose a lock. |
1003 | One day we will be forced to put shlock here (I mean SMP) |
1004 | */ |
1005 | tryaddrmatch = (sin_orig.sin_family == AF_INET); |
1006 | memset(sin, 0, sizeof(*sin)); |
1007 | sin->sin_family = AF_INET; |
1008 | break; |
1009 | |
1010 | case SIOCSIFFLAGS: |
1011 | ret = -EPERM; |
1012 | if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) |
1013 | goto out; |
1014 | break; |
1015 | case SIOCSIFADDR: /* Set interface address (and family) */ |
1016 | case SIOCSIFBRDADDR: /* Set the broadcast address */ |
1017 | case SIOCSIFDSTADDR: /* Set the destination address */ |
1018 | case SIOCSIFNETMASK: /* Set the netmask for the interface */ |
1019 | ret = -EPERM; |
1020 | if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) |
1021 | goto out; |
1022 | ret = -EINVAL; |
1023 | if (sin->sin_family != AF_INET) |
1024 | goto out; |
1025 | break; |
1026 | default: |
1027 | ret = -EINVAL; |
1028 | goto out; |
1029 | } |
1030 | |
1031 | rtnl_lock(); |
1032 | |
1033 | ret = -ENODEV; |
1034 | dev = __dev_get_by_name(net, ifr->ifr_name); |
1035 | if (!dev) |
1036 | goto done; |
1037 | |
1038 | if (colon) |
1039 | *colon = ':'; |
1040 | |
1041 | in_dev = __in_dev_get_rtnl(dev); |
1042 | if (in_dev) { |
1043 | if (tryaddrmatch) { |
1044 | /* Matthias Andree */ |
1045 | /* compare label and address (4.4BSD style) */ |
1046 | /* note: we only do this for a limited set of ioctls |
1047 | and only if the original address family was AF_INET. |
1048 | This is checked above. */ |
1049 | for (ifap = &in_dev->ifa_list; (ifa = *ifap) != NULL; |
1050 | ifap = &ifa->ifa_next) { |
1051 | if (!strcmp(ifr->ifr_name, ifa->ifa_label) && |
1052 | sin_orig.sin_addr.s_addr == |
1053 | ifa->ifa_local) { |
1054 | break; /* found */ |
1055 | } |
1056 | } |
1057 | } |
1058 | /* we didn't get a match, maybe the application is |
1059 | 4.3BSD-style and passed in junk so we fall back to |
1060 | comparing just the label */ |
1061 | if (!ifa) { |
1062 | for (ifap = &in_dev->ifa_list; (ifa = *ifap) != NULL; |
1063 | ifap = &ifa->ifa_next) |
1064 | if (!strcmp(ifr->ifr_name, ifa->ifa_label)) |
1065 | break; |
1066 | } |
1067 | } |
1068 | |
1069 | ret = -EADDRNOTAVAIL; |
1070 | if (!ifa && cmd != SIOCSIFADDR && cmd != SIOCSIFFLAGS) |
1071 | goto done; |
1072 | |
1073 | switch (cmd) { |
1074 | case SIOCGIFADDR: /* Get interface address */ |
1075 | ret = 0; |
1076 | sin->sin_addr.s_addr = ifa->ifa_local; |
1077 | break; |
1078 | |
1079 | case SIOCGIFBRDADDR: /* Get the broadcast address */ |
1080 | ret = 0; |
1081 | sin->sin_addr.s_addr = ifa->ifa_broadcast; |
1082 | break; |
1083 | |
1084 | case SIOCGIFDSTADDR: /* Get the destination address */ |
1085 | ret = 0; |
1086 | sin->sin_addr.s_addr = ifa->ifa_address; |
1087 | break; |
1088 | |
1089 | case SIOCGIFNETMASK: /* Get the netmask for the interface */ |
1090 | ret = 0; |
1091 | sin->sin_addr.s_addr = ifa->ifa_mask; |
1092 | break; |
1093 | |
1094 | case SIOCSIFFLAGS: |
1095 | if (colon) { |
1096 | ret = -EADDRNOTAVAIL; |
1097 | if (!ifa) |
1098 | break; |
1099 | ret = 0; |
1100 | if (!(ifr->ifr_flags & IFF_UP)) |
1101 | inet_del_ifa(in_dev, ifap, 1); |
1102 | break; |
1103 | } |
1104 | ret = dev_change_flags(dev, ifr->ifr_flags, NULL); |
1105 | break; |
1106 | |
1107 | case SIOCSIFADDR: /* Set interface address (and family) */ |
1108 | ret = -EINVAL; |
1109 | if (inet_abc_len(sin->sin_addr.s_addr) < 0) |
1110 | break; |
1111 | |
1112 | if (!ifa) { |
1113 | ret = -ENOBUFS; |
1114 | ifa = inet_alloc_ifa(); |
1115 | if (!ifa) |
1116 | break; |
1117 | INIT_HLIST_NODE(&ifa->hash); |
1118 | if (colon) |
1119 | memcpy(ifa->ifa_label, ifr->ifr_name, IFNAMSIZ); |
1120 | else |
1121 | memcpy(ifa->ifa_label, dev->name, IFNAMSIZ); |
1122 | } else { |
1123 | ret = 0; |
1124 | if (ifa->ifa_local == sin->sin_addr.s_addr) |
1125 | break; |
1126 | inet_del_ifa(in_dev, ifap, 0); |
1127 | ifa->ifa_broadcast = 0; |
1128 | ifa->ifa_scope = 0; |
1129 | } |
1130 | |
1131 | ifa->ifa_address = ifa->ifa_local = sin->sin_addr.s_addr; |
1132 | |
1133 | if (!(dev->flags & IFF_POINTOPOINT)) { |
1134 | ifa->ifa_prefixlen = inet_abc_len(ifa->ifa_address); |
1135 | ifa->ifa_mask = inet_make_mask(ifa->ifa_prefixlen); |
1136 | if ((dev->flags & IFF_BROADCAST) && |
1137 | ifa->ifa_prefixlen < 31) |
1138 | ifa->ifa_broadcast = ifa->ifa_address | |
1139 | ~ifa->ifa_mask; |
1140 | } else { |
1141 | ifa->ifa_prefixlen = 32; |
1142 | ifa->ifa_mask = inet_make_mask(32); |
1143 | } |
1144 | set_ifa_lifetime(ifa, INFINITY_LIFE_TIME, INFINITY_LIFE_TIME); |
1145 | ret = inet_set_ifa(dev, ifa); |
1146 | break; |
1147 | |
1148 | case SIOCSIFBRDADDR: /* Set the broadcast address */ |
1149 | ret = 0; |
1150 | if (ifa->ifa_broadcast != sin->sin_addr.s_addr) { |
1151 | inet_del_ifa(in_dev, ifap, 0); |
1152 | ifa->ifa_broadcast = sin->sin_addr.s_addr; |
1153 | inet_insert_ifa(ifa); |
1154 | } |
1155 | break; |
1156 | |
1157 | case SIOCSIFDSTADDR: /* Set the destination address */ |
1158 | ret = 0; |
1159 | if (ifa->ifa_address == sin->sin_addr.s_addr) |
1160 | break; |
1161 | ret = -EINVAL; |
1162 | if (inet_abc_len(sin->sin_addr.s_addr) < 0) |
1163 | break; |
1164 | ret = 0; |
1165 | inet_del_ifa(in_dev, ifap, 0); |
1166 | ifa->ifa_address = sin->sin_addr.s_addr; |
1167 | inet_insert_ifa(ifa); |
1168 | break; |
1169 | |
1170 | case SIOCSIFNETMASK: /* Set the netmask for the interface */ |
1171 | |
1172 | /* |
1173 | * The mask we set must be legal. |
1174 | */ |
1175 | ret = -EINVAL; |
1176 | if (bad_mask(sin->sin_addr.s_addr, 0)) |
1177 | break; |
1178 | ret = 0; |
1179 | if (ifa->ifa_mask != sin->sin_addr.s_addr) { |
1180 | __be32 old_mask = ifa->ifa_mask; |
1181 | inet_del_ifa(in_dev, ifap, 0); |
1182 | ifa->ifa_mask = sin->sin_addr.s_addr; |
1183 | ifa->ifa_prefixlen = inet_mask_len(ifa->ifa_mask); |
1184 | |
1185 | /* See if current broadcast address matches |
1186 | * with current netmask, then recalculate |
1187 | * the broadcast address. Otherwise it's a |
1188 | * funny address, so don't touch it since |
1189 | * the user seems to know what (s)he's doing... |
1190 | */ |
1191 | if ((dev->flags & IFF_BROADCAST) && |
1192 | (ifa->ifa_prefixlen < 31) && |
1193 | (ifa->ifa_broadcast == |
1194 | (ifa->ifa_local|~old_mask))) { |
1195 | ifa->ifa_broadcast = (ifa->ifa_local | |
1196 | ~sin->sin_addr.s_addr); |
1197 | } |
1198 | inet_insert_ifa(ifa); |
1199 | } |
1200 | break; |
1201 | } |
1202 | done: |
1203 | rtnl_unlock(); |
1204 | out: |
1205 | return ret; |
1206 | } |
1207 | |
1208 | static int inet_gifconf(struct net_device *dev, char __user *buf, int len, int size) |
1209 | { |
1210 | struct in_device *in_dev = __in_dev_get_rtnl(dev); |
1211 | struct in_ifaddr *ifa; |
1212 | struct ifreq ifr; |
1213 | int done = 0; |
1214 | |
1215 | if (WARN_ON(size > sizeof(struct ifreq))) |
1216 | goto out; |
1217 | |
1218 | if (!in_dev) |
1219 | goto out; |
1220 | |
1221 | for (ifa = in_dev->ifa_list; ifa; ifa = ifa->ifa_next) { |
1222 | if (!buf) { |
1223 | done += size; |
1224 | continue; |
1225 | } |
1226 | if (len < size) |
1227 | break; |
1228 | memset(&ifr, 0, sizeof(struct ifreq)); |
1229 | strcpy(ifr.ifr_name, ifa->ifa_label); |
1230 | |
1231 | (*(struct sockaddr_in *)&ifr.ifr_addr).sin_family = AF_INET; |
1232 | (*(struct sockaddr_in *)&ifr.ifr_addr).sin_addr.s_addr = |
1233 | ifa->ifa_local; |
1234 | |
1235 | if (copy_to_user(buf + done, &ifr, size)) { |
1236 | done = -EFAULT; |
1237 | break; |
1238 | } |
1239 | len -= size; |
1240 | done += size; |
1241 | } |
1242 | out: |
1243 | return done; |
1244 | } |
1245 | |
1246 | static __be32 in_dev_select_addr(const struct in_device *in_dev, |
1247 | int scope) |
1248 | { |
1249 | for_primary_ifa(in_dev) { |
1250 | if (ifa->ifa_scope != RT_SCOPE_LINK && |
1251 | ifa->ifa_scope <= scope) |
1252 | return ifa->ifa_local; |
1253 | } endfor_ifa(in_dev); |
1254 | |
1255 | return 0; |
1256 | } |
1257 | |
1258 | __be32 inet_select_addr(const struct net_device *dev, __be32 dst, int scope) |
1259 | { |
1260 | __be32 addr = 0; |
1261 | struct in_device *in_dev; |
1262 | struct net *net = dev_net(dev); |
1263 | int master_idx; |
1264 | |
1265 | rcu_read_lock(); |
1266 | in_dev = __in_dev_get_rcu(dev); |
1267 | if (!in_dev) |
1268 | goto no_in_dev; |
1269 | |
1270 | for_primary_ifa(in_dev) { |
1271 | if (ifa->ifa_scope > scope) |
1272 | continue; |
1273 | if (!dst || inet_ifa_match(dst, ifa)) { |
1274 | addr = ifa->ifa_local; |
1275 | break; |
1276 | } |
1277 | if (!addr) |
1278 | addr = ifa->ifa_local; |
1279 | } endfor_ifa(in_dev); |
1280 | |
1281 | if (addr) |
1282 | goto out_unlock; |
1283 | no_in_dev: |
1284 | master_idx = l3mdev_master_ifindex_rcu(dev); |
1285 | |
1286 | /* For VRFs, the VRF device takes the place of the loopback device, |
1287 | * with addresses on it being preferred. Note in such cases the |
1288 | * loopback device will be among the devices that fail the master_idx |
1289 | * equality check in the loop below. |
1290 | */ |
1291 | if (master_idx && |
1292 | (dev = dev_get_by_index_rcu(net, master_idx)) && |
1293 | (in_dev = __in_dev_get_rcu(dev))) { |
1294 | addr = in_dev_select_addr(in_dev, scope); |
1295 | if (addr) |
1296 | goto out_unlock; |
1297 | } |
1298 | |
1299 | /* Not loopback addresses on loopback should be preferred |
1300 | in this case. It is important that lo is the first interface |
1301 | in dev_base list. |
1302 | */ |
1303 | for_each_netdev_rcu(net, dev) { |
1304 | if (l3mdev_master_ifindex_rcu(dev) != master_idx) |
1305 | continue; |
1306 | |
1307 | in_dev = __in_dev_get_rcu(dev); |
1308 | if (!in_dev) |
1309 | continue; |
1310 | |
1311 | addr = in_dev_select_addr(in_dev, scope); |
1312 | if (addr) |
1313 | goto out_unlock; |
1314 | } |
1315 | out_unlock: |
1316 | rcu_read_unlock(); |
1317 | return addr; |
1318 | } |
1319 | EXPORT_SYMBOL(inet_select_addr); |
1320 | |
1321 | static __be32 confirm_addr_indev(struct in_device *in_dev, __be32 dst, |
1322 | __be32 local, int scope) |
1323 | { |
1324 | int same = 0; |
1325 | __be32 addr = 0; |
1326 | |
1327 | for_ifa(in_dev) { |
1328 | if (!addr && |
1329 | (local == ifa->ifa_local || !local) && |
1330 | ifa->ifa_scope <= scope) { |
1331 | addr = ifa->ifa_local; |
1332 | if (same) |
1333 | break; |
1334 | } |
1335 | if (!same) { |
1336 | same = (!local || inet_ifa_match(local, ifa)) && |
1337 | (!dst || inet_ifa_match(dst, ifa)); |
1338 | if (same && addr) { |
1339 | if (local || !dst) |
1340 | break; |
1341 | /* Is the selected addr into dst subnet? */ |
1342 | if (inet_ifa_match(addr, ifa)) |
1343 | break; |
1344 | /* No, then can we use new local src? */ |
1345 | if (ifa->ifa_scope <= scope) { |
1346 | addr = ifa->ifa_local; |
1347 | break; |
1348 | } |
1349 | /* search for large dst subnet for addr */ |
1350 | same = 0; |
1351 | } |
1352 | } |
1353 | } endfor_ifa(in_dev); |
1354 | |
1355 | return same ? addr : 0; |
1356 | } |
1357 | |
1358 | /* |
1359 | * Confirm that local IP address exists using wildcards: |
1360 | * - net: netns to check, cannot be NULL |
1361 | * - in_dev: only on this interface, NULL=any interface |
1362 | * - dst: only in the same subnet as dst, 0=any dst |
1363 | * - local: address, 0=autoselect the local address |
1364 | * - scope: maximum allowed scope value for the local address |
1365 | */ |
1366 | __be32 inet_confirm_addr(struct net *net, struct in_device *in_dev, |
1367 | __be32 dst, __be32 local, int scope) |
1368 | { |
1369 | __be32 addr = 0; |
1370 | struct net_device *dev; |
1371 | |
1372 | if (in_dev) |
1373 | return confirm_addr_indev(in_dev, dst, local, scope); |
1374 | |
1375 | rcu_read_lock(); |
1376 | for_each_netdev_rcu(net, dev) { |
1377 | in_dev = __in_dev_get_rcu(dev); |
1378 | if (in_dev) { |
1379 | addr = confirm_addr_indev(in_dev, dst, local, scope); |
1380 | if (addr) |
1381 | break; |
1382 | } |
1383 | } |
1384 | rcu_read_unlock(); |
1385 | |
1386 | return addr; |
1387 | } |
1388 | EXPORT_SYMBOL(inet_confirm_addr); |
1389 | |
1390 | /* |
1391 | * Device notifier |
1392 | */ |
1393 | |
1394 | int register_inetaddr_notifier(struct notifier_block *nb) |
1395 | { |
1396 | return blocking_notifier_chain_register(&inetaddr_chain, nb); |
1397 | } |
1398 | EXPORT_SYMBOL(register_inetaddr_notifier); |
1399 | |
1400 | int unregister_inetaddr_notifier(struct notifier_block *nb) |
1401 | { |
1402 | return blocking_notifier_chain_unregister(&inetaddr_chain, nb); |
1403 | } |
1404 | EXPORT_SYMBOL(unregister_inetaddr_notifier); |
1405 | |
1406 | int register_inetaddr_validator_notifier(struct notifier_block *nb) |
1407 | { |
1408 | return blocking_notifier_chain_register(&inetaddr_validator_chain, nb); |
1409 | } |
1410 | EXPORT_SYMBOL(register_inetaddr_validator_notifier); |
1411 | |
1412 | int unregister_inetaddr_validator_notifier(struct notifier_block *nb) |
1413 | { |
1414 | return blocking_notifier_chain_unregister(&inetaddr_validator_chain, |
1415 | nb); |
1416 | } |
1417 | EXPORT_SYMBOL(unregister_inetaddr_validator_notifier); |
1418 | |
1419 | /* Rename ifa_labels for a device name change. Make some effort to preserve |
1420 | * existing alias numbering and to create unique labels if possible. |
1421 | */ |
1422 | static void inetdev_changename(struct net_device *dev, struct in_device *in_dev) |
1423 | { |
1424 | struct in_ifaddr *ifa; |
1425 | int named = 0; |
1426 | |
1427 | for (ifa = in_dev->ifa_list; ifa; ifa = ifa->ifa_next) { |
1428 | char old[IFNAMSIZ], *dot; |
1429 | |
1430 | memcpy(old, ifa->ifa_label, IFNAMSIZ); |
1431 | memcpy(ifa->ifa_label, dev->name, IFNAMSIZ); |
1432 | if (named++ == 0) |
1433 | goto skip; |
1434 | dot = strchr(old, ':'); |
1435 | if (!dot) { |
1436 | sprintf(old, ":%d" , named); |
1437 | dot = old; |
1438 | } |
1439 | if (strlen(dot) + strlen(dev->name) < IFNAMSIZ) |
1440 | strcat(ifa->ifa_label, dot); |
1441 | else |
1442 | strcpy(ifa->ifa_label + (IFNAMSIZ - strlen(dot) - 1), dot); |
1443 | skip: |
1444 | rtmsg_ifa(RTM_NEWADDR, ifa, NULL, 0); |
1445 | } |
1446 | } |
1447 | |
1448 | static bool inetdev_valid_mtu(unsigned int mtu) |
1449 | { |
1450 | return mtu >= IPV4_MIN_MTU; |
1451 | } |
1452 | |
1453 | static void inetdev_send_gratuitous_arp(struct net_device *dev, |
1454 | struct in_device *in_dev) |
1455 | |
1456 | { |
1457 | struct in_ifaddr *ifa; |
1458 | |
1459 | for (ifa = in_dev->ifa_list; ifa; |
1460 | ifa = ifa->ifa_next) { |
1461 | arp_send(ARPOP_REQUEST, ETH_P_ARP, |
1462 | ifa->ifa_local, dev, |
1463 | ifa->ifa_local, NULL, |
1464 | dev->dev_addr, NULL); |
1465 | } |
1466 | } |
1467 | |
1468 | /* Called only under RTNL semaphore */ |
1469 | |
1470 | static int inetdev_event(struct notifier_block *this, unsigned long event, |
1471 | void *ptr) |
1472 | { |
1473 | struct net_device *dev = netdev_notifier_info_to_dev(ptr); |
1474 | struct in_device *in_dev = __in_dev_get_rtnl(dev); |
1475 | |
1476 | ASSERT_RTNL(); |
1477 | |
1478 | if (!in_dev) { |
1479 | if (event == NETDEV_REGISTER) { |
1480 | in_dev = inetdev_init(dev); |
1481 | if (IS_ERR(in_dev)) |
1482 | return notifier_from_errno(PTR_ERR(in_dev)); |
1483 | if (dev->flags & IFF_LOOPBACK) { |
1484 | IN_DEV_CONF_SET(in_dev, NOXFRM, 1); |
1485 | IN_DEV_CONF_SET(in_dev, NOPOLICY, 1); |
1486 | } |
1487 | } else if (event == NETDEV_CHANGEMTU) { |
1488 | /* Re-enabling IP */ |
1489 | if (inetdev_valid_mtu(dev->mtu)) |
1490 | in_dev = inetdev_init(dev); |
1491 | } |
1492 | goto out; |
1493 | } |
1494 | |
1495 | switch (event) { |
1496 | case NETDEV_REGISTER: |
1497 | pr_debug("%s: bug\n" , __func__); |
1498 | RCU_INIT_POINTER(dev->ip_ptr, NULL); |
1499 | break; |
1500 | case NETDEV_UP: |
1501 | if (!inetdev_valid_mtu(dev->mtu)) |
1502 | break; |
1503 | if (dev->flags & IFF_LOOPBACK) { |
1504 | struct in_ifaddr *ifa = inet_alloc_ifa(); |
1505 | |
1506 | if (ifa) { |
1507 | INIT_HLIST_NODE(&ifa->hash); |
1508 | ifa->ifa_local = |
1509 | ifa->ifa_address = htonl(INADDR_LOOPBACK); |
1510 | ifa->ifa_prefixlen = 8; |
1511 | ifa->ifa_mask = inet_make_mask(8); |
1512 | in_dev_hold(in_dev); |
1513 | ifa->ifa_dev = in_dev; |
1514 | ifa->ifa_scope = RT_SCOPE_HOST; |
1515 | memcpy(ifa->ifa_label, dev->name, IFNAMSIZ); |
1516 | set_ifa_lifetime(ifa, INFINITY_LIFE_TIME, |
1517 | INFINITY_LIFE_TIME); |
1518 | ipv4_devconf_setall(in_dev); |
1519 | neigh_parms_data_state_setall(in_dev->arp_parms); |
1520 | inet_insert_ifa(ifa); |
1521 | } |
1522 | } |
1523 | ip_mc_up(in_dev); |
1524 | /* fall through */ |
1525 | case NETDEV_CHANGEADDR: |
1526 | if (!IN_DEV_ARP_NOTIFY(in_dev)) |
1527 | break; |
1528 | /* fall through */ |
1529 | case NETDEV_NOTIFY_PEERS: |
1530 | /* Send gratuitous ARP to notify of link change */ |
1531 | inetdev_send_gratuitous_arp(dev, in_dev); |
1532 | break; |
1533 | case NETDEV_DOWN: |
1534 | ip_mc_down(in_dev); |
1535 | break; |
1536 | case NETDEV_PRE_TYPE_CHANGE: |
1537 | ip_mc_unmap(in_dev); |
1538 | break; |
1539 | case NETDEV_POST_TYPE_CHANGE: |
1540 | ip_mc_remap(in_dev); |
1541 | break; |
1542 | case NETDEV_CHANGEMTU: |
1543 | if (inetdev_valid_mtu(dev->mtu)) |
1544 | break; |
1545 | /* disable IP when MTU is not enough */ |
1546 | /* fall through */ |
1547 | case NETDEV_UNREGISTER: |
1548 | inetdev_destroy(in_dev); |
1549 | break; |
1550 | case NETDEV_CHANGENAME: |
1551 | /* Do not notify about label change, this event is |
1552 | * not interesting to applications using netlink. |
1553 | */ |
1554 | inetdev_changename(dev, in_dev); |
1555 | |
1556 | devinet_sysctl_unregister(in_dev); |
1557 | devinet_sysctl_register(in_dev); |
1558 | break; |
1559 | } |
1560 | out: |
1561 | return NOTIFY_DONE; |
1562 | } |
1563 | |
1564 | static struct notifier_block ip_netdev_notifier = { |
1565 | .notifier_call = inetdev_event, |
1566 | }; |
1567 | |
1568 | static size_t inet_nlmsg_size(void) |
1569 | { |
1570 | return NLMSG_ALIGN(sizeof(struct ifaddrmsg)) |
1571 | + nla_total_size(4) /* IFA_ADDRESS */ |
1572 | + nla_total_size(4) /* IFA_LOCAL */ |
1573 | + nla_total_size(4) /* IFA_BROADCAST */ |
1574 | + nla_total_size(IFNAMSIZ) /* IFA_LABEL */ |
1575 | + nla_total_size(4) /* IFA_FLAGS */ |
1576 | + nla_total_size(4) /* IFA_RT_PRIORITY */ |
1577 | + nla_total_size(sizeof(struct ifa_cacheinfo)); /* IFA_CACHEINFO */ |
1578 | } |
1579 | |
1580 | static inline u32 cstamp_delta(unsigned long cstamp) |
1581 | { |
1582 | return (cstamp - INITIAL_JIFFIES) * 100UL / HZ; |
1583 | } |
1584 | |
1585 | static int put_cacheinfo(struct sk_buff *skb, unsigned long cstamp, |
1586 | unsigned long tstamp, u32 preferred, u32 valid) |
1587 | { |
1588 | struct ifa_cacheinfo ci; |
1589 | |
1590 | ci.cstamp = cstamp_delta(cstamp); |
1591 | ci.tstamp = cstamp_delta(tstamp); |
1592 | ci.ifa_prefered = preferred; |
1593 | ci.ifa_valid = valid; |
1594 | |
1595 | return nla_put(skb, IFA_CACHEINFO, sizeof(ci), &ci); |
1596 | } |
1597 | |
1598 | static int inet_fill_ifaddr(struct sk_buff *skb, struct in_ifaddr *ifa, |
1599 | struct inet_fill_args *args) |
1600 | { |
1601 | struct ifaddrmsg *ifm; |
1602 | struct nlmsghdr *nlh; |
1603 | u32 preferred, valid; |
1604 | |
1605 | nlh = nlmsg_put(skb, args->portid, args->seq, args->event, sizeof(*ifm), |
1606 | args->flags); |
1607 | if (!nlh) |
1608 | return -EMSGSIZE; |
1609 | |
1610 | ifm = nlmsg_data(nlh); |
1611 | ifm->ifa_family = AF_INET; |
1612 | ifm->ifa_prefixlen = ifa->ifa_prefixlen; |
1613 | ifm->ifa_flags = ifa->ifa_flags; |
1614 | ifm->ifa_scope = ifa->ifa_scope; |
1615 | ifm->ifa_index = ifa->ifa_dev->dev->ifindex; |
1616 | |
1617 | if (args->netnsid >= 0 && |
1618 | nla_put_s32(skb, IFA_TARGET_NETNSID, args->netnsid)) |
1619 | goto nla_put_failure; |
1620 | |
1621 | if (!(ifm->ifa_flags & IFA_F_PERMANENT)) { |
1622 | preferred = ifa->ifa_preferred_lft; |
1623 | valid = ifa->ifa_valid_lft; |
1624 | if (preferred != INFINITY_LIFE_TIME) { |
1625 | long tval = (jiffies - ifa->ifa_tstamp) / HZ; |
1626 | |
1627 | if (preferred > tval) |
1628 | preferred -= tval; |
1629 | else |
1630 | preferred = 0; |
1631 | if (valid != INFINITY_LIFE_TIME) { |
1632 | if (valid > tval) |
1633 | valid -= tval; |
1634 | else |
1635 | valid = 0; |
1636 | } |
1637 | } |
1638 | } else { |
1639 | preferred = INFINITY_LIFE_TIME; |
1640 | valid = INFINITY_LIFE_TIME; |
1641 | } |
1642 | if ((ifa->ifa_address && |
1643 | nla_put_in_addr(skb, IFA_ADDRESS, ifa->ifa_address)) || |
1644 | (ifa->ifa_local && |
1645 | nla_put_in_addr(skb, IFA_LOCAL, ifa->ifa_local)) || |
1646 | (ifa->ifa_broadcast && |
1647 | nla_put_in_addr(skb, IFA_BROADCAST, ifa->ifa_broadcast)) || |
1648 | (ifa->ifa_label[0] && |
1649 | nla_put_string(skb, IFA_LABEL, ifa->ifa_label)) || |
1650 | nla_put_u32(skb, IFA_FLAGS, ifa->ifa_flags) || |
1651 | (ifa->ifa_rt_priority && |
1652 | nla_put_u32(skb, IFA_RT_PRIORITY, ifa->ifa_rt_priority)) || |
1653 | put_cacheinfo(skb, ifa->ifa_cstamp, ifa->ifa_tstamp, |
1654 | preferred, valid)) |
1655 | goto nla_put_failure; |
1656 | |
1657 | nlmsg_end(skb, nlh); |
1658 | return 0; |
1659 | |
1660 | nla_put_failure: |
1661 | nlmsg_cancel(skb, nlh); |
1662 | return -EMSGSIZE; |
1663 | } |
1664 | |
1665 | static int inet_valid_dump_ifaddr_req(const struct nlmsghdr *nlh, |
1666 | struct inet_fill_args *fillargs, |
1667 | struct net **tgt_net, struct sock *sk, |
1668 | struct netlink_callback *cb) |
1669 | { |
1670 | struct netlink_ext_ack *extack = cb->extack; |
1671 | struct nlattr *tb[IFA_MAX+1]; |
1672 | struct ifaddrmsg *ifm; |
1673 | int err, i; |
1674 | |
1675 | if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*ifm))) { |
1676 | NL_SET_ERR_MSG(extack, "ipv4: Invalid header for address dump request" ); |
1677 | return -EINVAL; |
1678 | } |
1679 | |
1680 | ifm = nlmsg_data(nlh); |
1681 | if (ifm->ifa_prefixlen || ifm->ifa_flags || ifm->ifa_scope) { |
1682 | NL_SET_ERR_MSG(extack, "ipv4: Invalid values in header for address dump request" ); |
1683 | return -EINVAL; |
1684 | } |
1685 | |
1686 | fillargs->ifindex = ifm->ifa_index; |
1687 | if (fillargs->ifindex) { |
1688 | cb->answer_flags |= NLM_F_DUMP_FILTERED; |
1689 | fillargs->flags |= NLM_F_DUMP_FILTERED; |
1690 | } |
1691 | |
1692 | err = nlmsg_parse_strict(nlh, sizeof(*ifm), tb, IFA_MAX, |
1693 | ifa_ipv4_policy, extack); |
1694 | if (err < 0) |
1695 | return err; |
1696 | |
1697 | for (i = 0; i <= IFA_MAX; ++i) { |
1698 | if (!tb[i]) |
1699 | continue; |
1700 | |
1701 | if (i == IFA_TARGET_NETNSID) { |
1702 | struct net *net; |
1703 | |
1704 | fillargs->netnsid = nla_get_s32(tb[i]); |
1705 | |
1706 | net = rtnl_get_net_ns_capable(sk, fillargs->netnsid); |
1707 | if (IS_ERR(net)) { |
1708 | fillargs->netnsid = -1; |
1709 | NL_SET_ERR_MSG(extack, "ipv4: Invalid target network namespace id" ); |
1710 | return PTR_ERR(net); |
1711 | } |
1712 | *tgt_net = net; |
1713 | } else { |
1714 | NL_SET_ERR_MSG(extack, "ipv4: Unsupported attribute in dump request" ); |
1715 | return -EINVAL; |
1716 | } |
1717 | } |
1718 | |
1719 | return 0; |
1720 | } |
1721 | |
1722 | static int in_dev_dump_addr(struct in_device *in_dev, struct sk_buff *skb, |
1723 | struct netlink_callback *cb, int s_ip_idx, |
1724 | struct inet_fill_args *fillargs) |
1725 | { |
1726 | struct in_ifaddr *ifa; |
1727 | int ip_idx = 0; |
1728 | int err; |
1729 | |
1730 | for (ifa = in_dev->ifa_list; ifa; ifa = ifa->ifa_next, ip_idx++) { |
1731 | if (ip_idx < s_ip_idx) |
1732 | continue; |
1733 | |
1734 | err = inet_fill_ifaddr(skb, ifa, fillargs); |
1735 | if (err < 0) |
1736 | goto done; |
1737 | |
1738 | nl_dump_check_consistent(cb, nlmsg_hdr(skb)); |
1739 | } |
1740 | err = 0; |
1741 | |
1742 | done: |
1743 | cb->args[2] = ip_idx; |
1744 | |
1745 | return err; |
1746 | } |
1747 | |
1748 | static int inet_dump_ifaddr(struct sk_buff *skb, struct netlink_callback *cb) |
1749 | { |
1750 | const struct nlmsghdr *nlh = cb->nlh; |
1751 | struct inet_fill_args fillargs = { |
1752 | .portid = NETLINK_CB(cb->skb).portid, |
1753 | .seq = nlh->nlmsg_seq, |
1754 | .event = RTM_NEWADDR, |
1755 | .flags = NLM_F_MULTI, |
1756 | .netnsid = -1, |
1757 | }; |
1758 | struct net *net = sock_net(skb->sk); |
1759 | struct net *tgt_net = net; |
1760 | int h, s_h; |
1761 | int idx, s_idx; |
1762 | int s_ip_idx; |
1763 | struct net_device *dev; |
1764 | struct in_device *in_dev; |
1765 | struct hlist_head *head; |
1766 | int err = 0; |
1767 | |
1768 | s_h = cb->args[0]; |
1769 | s_idx = idx = cb->args[1]; |
1770 | s_ip_idx = cb->args[2]; |
1771 | |
1772 | if (cb->strict_check) { |
1773 | err = inet_valid_dump_ifaddr_req(nlh, &fillargs, &tgt_net, |
1774 | skb->sk, cb); |
1775 | if (err < 0) |
1776 | goto put_tgt_net; |
1777 | |
1778 | err = 0; |
1779 | if (fillargs.ifindex) { |
1780 | dev = __dev_get_by_index(tgt_net, fillargs.ifindex); |
1781 | if (!dev) { |
1782 | err = -ENODEV; |
1783 | goto put_tgt_net; |
1784 | } |
1785 | |
1786 | in_dev = __in_dev_get_rtnl(dev); |
1787 | if (in_dev) { |
1788 | err = in_dev_dump_addr(in_dev, skb, cb, s_ip_idx, |
1789 | &fillargs); |
1790 | } |
1791 | goto put_tgt_net; |
1792 | } |
1793 | } |
1794 | |
1795 | for (h = s_h; h < NETDEV_HASHENTRIES; h++, s_idx = 0) { |
1796 | idx = 0; |
1797 | head = &tgt_net->dev_index_head[h]; |
1798 | rcu_read_lock(); |
1799 | cb->seq = atomic_read(&tgt_net->ipv4.dev_addr_genid) ^ |
1800 | tgt_net->dev_base_seq; |
1801 | hlist_for_each_entry_rcu(dev, head, index_hlist) { |
1802 | if (idx < s_idx) |
1803 | goto cont; |
1804 | if (h > s_h || idx > s_idx) |
1805 | s_ip_idx = 0; |
1806 | in_dev = __in_dev_get_rcu(dev); |
1807 | if (!in_dev) |
1808 | goto cont; |
1809 | |
1810 | err = in_dev_dump_addr(in_dev, skb, cb, s_ip_idx, |
1811 | &fillargs); |
1812 | if (err < 0) { |
1813 | rcu_read_unlock(); |
1814 | goto done; |
1815 | } |
1816 | cont: |
1817 | idx++; |
1818 | } |
1819 | rcu_read_unlock(); |
1820 | } |
1821 | |
1822 | done: |
1823 | cb->args[0] = h; |
1824 | cb->args[1] = idx; |
1825 | put_tgt_net: |
1826 | if (fillargs.netnsid >= 0) |
1827 | put_net(tgt_net); |
1828 | |
1829 | return skb->len ? : err; |
1830 | } |
1831 | |
1832 | static void rtmsg_ifa(int event, struct in_ifaddr *ifa, struct nlmsghdr *nlh, |
1833 | u32 portid) |
1834 | { |
1835 | struct inet_fill_args fillargs = { |
1836 | .portid = portid, |
1837 | .seq = nlh ? nlh->nlmsg_seq : 0, |
1838 | .event = event, |
1839 | .flags = 0, |
1840 | .netnsid = -1, |
1841 | }; |
1842 | struct sk_buff *skb; |
1843 | int err = -ENOBUFS; |
1844 | struct net *net; |
1845 | |
1846 | net = dev_net(ifa->ifa_dev->dev); |
1847 | skb = nlmsg_new(inet_nlmsg_size(), GFP_KERNEL); |
1848 | if (!skb) |
1849 | goto errout; |
1850 | |
1851 | err = inet_fill_ifaddr(skb, ifa, &fillargs); |
1852 | if (err < 0) { |
1853 | /* -EMSGSIZE implies BUG in inet_nlmsg_size() */ |
1854 | WARN_ON(err == -EMSGSIZE); |
1855 | kfree_skb(skb); |
1856 | goto errout; |
1857 | } |
1858 | rtnl_notify(skb, net, portid, RTNLGRP_IPV4_IFADDR, nlh, GFP_KERNEL); |
1859 | return; |
1860 | errout: |
1861 | if (err < 0) |
1862 | rtnl_set_sk_err(net, RTNLGRP_IPV4_IFADDR, err); |
1863 | } |
1864 | |
1865 | static size_t inet_get_link_af_size(const struct net_device *dev, |
1866 | u32 ext_filter_mask) |
1867 | { |
1868 | struct in_device *in_dev = rcu_dereference_rtnl(dev->ip_ptr); |
1869 | |
1870 | if (!in_dev) |
1871 | return 0; |
1872 | |
1873 | return nla_total_size(IPV4_DEVCONF_MAX * 4); /* IFLA_INET_CONF */ |
1874 | } |
1875 | |
1876 | static int inet_fill_link_af(struct sk_buff *skb, const struct net_device *dev, |
1877 | u32 ext_filter_mask) |
1878 | { |
1879 | struct in_device *in_dev = rcu_dereference_rtnl(dev->ip_ptr); |
1880 | struct nlattr *nla; |
1881 | int i; |
1882 | |
1883 | if (!in_dev) |
1884 | return -ENODATA; |
1885 | |
1886 | nla = nla_reserve(skb, IFLA_INET_CONF, IPV4_DEVCONF_MAX * 4); |
1887 | if (!nla) |
1888 | return -EMSGSIZE; |
1889 | |
1890 | for (i = 0; i < IPV4_DEVCONF_MAX; i++) |
1891 | ((u32 *) nla_data(nla))[i] = in_dev->cnf.data[i]; |
1892 | |
1893 | return 0; |
1894 | } |
1895 | |
1896 | static const struct nla_policy inet_af_policy[IFLA_INET_MAX+1] = { |
1897 | [IFLA_INET_CONF] = { .type = NLA_NESTED }, |
1898 | }; |
1899 | |
1900 | static int inet_validate_link_af(const struct net_device *dev, |
1901 | const struct nlattr *nla) |
1902 | { |
1903 | struct nlattr *a, *tb[IFLA_INET_MAX+1]; |
1904 | int err, rem; |
1905 | |
1906 | if (dev && !__in_dev_get_rcu(dev)) |
1907 | return -EAFNOSUPPORT; |
1908 | |
1909 | err = nla_parse_nested(tb, IFLA_INET_MAX, nla, inet_af_policy, NULL); |
1910 | if (err < 0) |
1911 | return err; |
1912 | |
1913 | if (tb[IFLA_INET_CONF]) { |
1914 | nla_for_each_nested(a, tb[IFLA_INET_CONF], rem) { |
1915 | int cfgid = nla_type(a); |
1916 | |
1917 | if (nla_len(a) < 4) |
1918 | return -EINVAL; |
1919 | |
1920 | if (cfgid <= 0 || cfgid > IPV4_DEVCONF_MAX) |
1921 | return -EINVAL; |
1922 | } |
1923 | } |
1924 | |
1925 | return 0; |
1926 | } |
1927 | |
1928 | static int inet_set_link_af(struct net_device *dev, const struct nlattr *nla) |
1929 | { |
1930 | struct in_device *in_dev = __in_dev_get_rcu(dev); |
1931 | struct nlattr *a, *tb[IFLA_INET_MAX+1]; |
1932 | int rem; |
1933 | |
1934 | if (!in_dev) |
1935 | return -EAFNOSUPPORT; |
1936 | |
1937 | if (nla_parse_nested(tb, IFLA_INET_MAX, nla, NULL, NULL) < 0) |
1938 | BUG(); |
1939 | |
1940 | if (tb[IFLA_INET_CONF]) { |
1941 | nla_for_each_nested(a, tb[IFLA_INET_CONF], rem) |
1942 | ipv4_devconf_set(in_dev, nla_type(a), nla_get_u32(a)); |
1943 | } |
1944 | |
1945 | return 0; |
1946 | } |
1947 | |
1948 | static int inet_netconf_msgsize_devconf(int type) |
1949 | { |
1950 | int size = NLMSG_ALIGN(sizeof(struct netconfmsg)) |
1951 | + nla_total_size(4); /* NETCONFA_IFINDEX */ |
1952 | bool all = false; |
1953 | |
1954 | if (type == NETCONFA_ALL) |
1955 | all = true; |
1956 | |
1957 | if (all || type == NETCONFA_FORWARDING) |
1958 | size += nla_total_size(4); |
1959 | if (all || type == NETCONFA_RP_FILTER) |
1960 | size += nla_total_size(4); |
1961 | if (all || type == NETCONFA_MC_FORWARDING) |
1962 | size += nla_total_size(4); |
1963 | if (all || type == NETCONFA_BC_FORWARDING) |
1964 | size += nla_total_size(4); |
1965 | if (all || type == NETCONFA_PROXY_NEIGH) |
1966 | size += nla_total_size(4); |
1967 | if (all || type == NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN) |
1968 | size += nla_total_size(4); |
1969 | |
1970 | return size; |
1971 | } |
1972 | |
1973 | static int inet_netconf_fill_devconf(struct sk_buff *skb, int ifindex, |
1974 | struct ipv4_devconf *devconf, u32 portid, |
1975 | u32 seq, int event, unsigned int flags, |
1976 | int type) |
1977 | { |
1978 | struct nlmsghdr *nlh; |
1979 | struct netconfmsg *ncm; |
1980 | bool all = false; |
1981 | |
1982 | nlh = nlmsg_put(skb, portid, seq, event, sizeof(struct netconfmsg), |
1983 | flags); |
1984 | if (!nlh) |
1985 | return -EMSGSIZE; |
1986 | |
1987 | if (type == NETCONFA_ALL) |
1988 | all = true; |
1989 | |
1990 | ncm = nlmsg_data(nlh); |
1991 | ncm->ncm_family = AF_INET; |
1992 | |
1993 | if (nla_put_s32(skb, NETCONFA_IFINDEX, ifindex) < 0) |
1994 | goto nla_put_failure; |
1995 | |
1996 | if (!devconf) |
1997 | goto out; |
1998 | |
1999 | if ((all || type == NETCONFA_FORWARDING) && |
2000 | nla_put_s32(skb, NETCONFA_FORWARDING, |
2001 | IPV4_DEVCONF(*devconf, FORWARDING)) < 0) |
2002 | goto nla_put_failure; |
2003 | if ((all || type == NETCONFA_RP_FILTER) && |
2004 | nla_put_s32(skb, NETCONFA_RP_FILTER, |
2005 | IPV4_DEVCONF(*devconf, RP_FILTER)) < 0) |
2006 | goto nla_put_failure; |
2007 | if ((all || type == NETCONFA_MC_FORWARDING) && |
2008 | nla_put_s32(skb, NETCONFA_MC_FORWARDING, |
2009 | IPV4_DEVCONF(*devconf, MC_FORWARDING)) < 0) |
2010 | goto nla_put_failure; |
2011 | if ((all || type == NETCONFA_BC_FORWARDING) && |
2012 | nla_put_s32(skb, NETCONFA_BC_FORWARDING, |
2013 | IPV4_DEVCONF(*devconf, BC_FORWARDING)) < 0) |
2014 | goto nla_put_failure; |
2015 | if ((all || type == NETCONFA_PROXY_NEIGH) && |
2016 | nla_put_s32(skb, NETCONFA_PROXY_NEIGH, |
2017 | IPV4_DEVCONF(*devconf, PROXY_ARP)) < 0) |
2018 | goto nla_put_failure; |
2019 | if ((all || type == NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN) && |
2020 | nla_put_s32(skb, NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN, |
2021 | IPV4_DEVCONF(*devconf, IGNORE_ROUTES_WITH_LINKDOWN)) < 0) |
2022 | goto nla_put_failure; |
2023 | |
2024 | out: |
2025 | nlmsg_end(skb, nlh); |
2026 | return 0; |
2027 | |
2028 | nla_put_failure: |
2029 | nlmsg_cancel(skb, nlh); |
2030 | return -EMSGSIZE; |
2031 | } |
2032 | |
2033 | void inet_netconf_notify_devconf(struct net *net, int event, int type, |
2034 | int ifindex, struct ipv4_devconf *devconf) |
2035 | { |
2036 | struct sk_buff *skb; |
2037 | int err = -ENOBUFS; |
2038 | |
2039 | skb = nlmsg_new(inet_netconf_msgsize_devconf(type), GFP_KERNEL); |
2040 | if (!skb) |
2041 | goto errout; |
2042 | |
2043 | err = inet_netconf_fill_devconf(skb, ifindex, devconf, 0, 0, |
2044 | event, 0, type); |
2045 | if (err < 0) { |
2046 | /* -EMSGSIZE implies BUG in inet_netconf_msgsize_devconf() */ |
2047 | WARN_ON(err == -EMSGSIZE); |
2048 | kfree_skb(skb); |
2049 | goto errout; |
2050 | } |
2051 | rtnl_notify(skb, net, 0, RTNLGRP_IPV4_NETCONF, NULL, GFP_KERNEL); |
2052 | return; |
2053 | errout: |
2054 | if (err < 0) |
2055 | rtnl_set_sk_err(net, RTNLGRP_IPV4_NETCONF, err); |
2056 | } |
2057 | |
2058 | static const struct nla_policy devconf_ipv4_policy[NETCONFA_MAX+1] = { |
2059 | [NETCONFA_IFINDEX] = { .len = sizeof(int) }, |
2060 | [NETCONFA_FORWARDING] = { .len = sizeof(int) }, |
2061 | [NETCONFA_RP_FILTER] = { .len = sizeof(int) }, |
2062 | [NETCONFA_PROXY_NEIGH] = { .len = sizeof(int) }, |
2063 | [NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN] = { .len = sizeof(int) }, |
2064 | }; |
2065 | |
2066 | static int inet_netconf_valid_get_req(struct sk_buff *skb, |
2067 | const struct nlmsghdr *nlh, |
2068 | struct nlattr **tb, |
2069 | struct netlink_ext_ack *extack) |
2070 | { |
2071 | int i, err; |
2072 | |
2073 | if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(struct netconfmsg))) { |
2074 | NL_SET_ERR_MSG(extack, "ipv4: Invalid header for netconf get request" ); |
2075 | return -EINVAL; |
2076 | } |
2077 | |
2078 | if (!netlink_strict_get_check(skb)) |
2079 | return nlmsg_parse(nlh, sizeof(struct netconfmsg), tb, |
2080 | NETCONFA_MAX, devconf_ipv4_policy, extack); |
2081 | |
2082 | err = nlmsg_parse_strict(nlh, sizeof(struct netconfmsg), tb, |
2083 | NETCONFA_MAX, devconf_ipv4_policy, extack); |
2084 | if (err) |
2085 | return err; |
2086 | |
2087 | for (i = 0; i <= NETCONFA_MAX; i++) { |
2088 | if (!tb[i]) |
2089 | continue; |
2090 | |
2091 | switch (i) { |
2092 | case NETCONFA_IFINDEX: |
2093 | break; |
2094 | default: |
2095 | NL_SET_ERR_MSG(extack, "ipv4: Unsupported attribute in netconf get request" ); |
2096 | return -EINVAL; |
2097 | } |
2098 | } |
2099 | |
2100 | return 0; |
2101 | } |
2102 | |
2103 | static int inet_netconf_get_devconf(struct sk_buff *in_skb, |
2104 | struct nlmsghdr *nlh, |
2105 | struct netlink_ext_ack *extack) |
2106 | { |
2107 | struct net *net = sock_net(in_skb->sk); |
2108 | struct nlattr *tb[NETCONFA_MAX+1]; |
2109 | struct sk_buff *skb; |
2110 | struct ipv4_devconf *devconf; |
2111 | struct in_device *in_dev; |
2112 | struct net_device *dev; |
2113 | int ifindex; |
2114 | int err; |
2115 | |
2116 | err = inet_netconf_valid_get_req(in_skb, nlh, tb, extack); |
2117 | if (err) |
2118 | goto errout; |
2119 | |
2120 | err = -EINVAL; |
2121 | if (!tb[NETCONFA_IFINDEX]) |
2122 | goto errout; |
2123 | |
2124 | ifindex = nla_get_s32(tb[NETCONFA_IFINDEX]); |
2125 | switch (ifindex) { |
2126 | case NETCONFA_IFINDEX_ALL: |
2127 | devconf = net->ipv4.devconf_all; |
2128 | break; |
2129 | case NETCONFA_IFINDEX_DEFAULT: |
2130 | devconf = net->ipv4.devconf_dflt; |
2131 | break; |
2132 | default: |
2133 | dev = __dev_get_by_index(net, ifindex); |
2134 | if (!dev) |
2135 | goto errout; |
2136 | in_dev = __in_dev_get_rtnl(dev); |
2137 | if (!in_dev) |
2138 | goto errout; |
2139 | devconf = &in_dev->cnf; |
2140 | break; |
2141 | } |
2142 | |
2143 | err = -ENOBUFS; |
2144 | skb = nlmsg_new(inet_netconf_msgsize_devconf(NETCONFA_ALL), GFP_KERNEL); |
2145 | if (!skb) |
2146 | goto errout; |
2147 | |
2148 | err = inet_netconf_fill_devconf(skb, ifindex, devconf, |
2149 | NETLINK_CB(in_skb).portid, |
2150 | nlh->nlmsg_seq, RTM_NEWNETCONF, 0, |
2151 | NETCONFA_ALL); |
2152 | if (err < 0) { |
2153 | /* -EMSGSIZE implies BUG in inet_netconf_msgsize_devconf() */ |
2154 | WARN_ON(err == -EMSGSIZE); |
2155 | kfree_skb(skb); |
2156 | goto errout; |
2157 | } |
2158 | err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).portid); |
2159 | errout: |
2160 | return err; |
2161 | } |
2162 | |
2163 | static int inet_netconf_dump_devconf(struct sk_buff *skb, |
2164 | struct netlink_callback *cb) |
2165 | { |
2166 | const struct nlmsghdr *nlh = cb->nlh; |
2167 | struct net *net = sock_net(skb->sk); |
2168 | int h, s_h; |
2169 | int idx, s_idx; |
2170 | struct net_device *dev; |
2171 | struct in_device *in_dev; |
2172 | struct hlist_head *head; |
2173 | |
2174 | if (cb->strict_check) { |
2175 | struct netlink_ext_ack *extack = cb->extack; |
2176 | struct netconfmsg *ncm; |
2177 | |
2178 | if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*ncm))) { |
2179 | NL_SET_ERR_MSG(extack, "ipv4: Invalid header for netconf dump request" ); |
2180 | return -EINVAL; |
2181 | } |
2182 | |
2183 | if (nlmsg_attrlen(nlh, sizeof(*ncm))) { |
2184 | NL_SET_ERR_MSG(extack, "ipv4: Invalid data after header in netconf dump request" ); |
2185 | return -EINVAL; |
2186 | } |
2187 | } |
2188 | |
2189 | s_h = cb->args[0]; |
2190 | s_idx = idx = cb->args[1]; |
2191 | |
2192 | for (h = s_h; h < NETDEV_HASHENTRIES; h++, s_idx = 0) { |
2193 | idx = 0; |
2194 | head = &net->dev_index_head[h]; |
2195 | rcu_read_lock(); |
2196 | cb->seq = atomic_read(&net->ipv4.dev_addr_genid) ^ |
2197 | net->dev_base_seq; |
2198 | hlist_for_each_entry_rcu(dev, head, index_hlist) { |
2199 | if (idx < s_idx) |
2200 | goto cont; |
2201 | in_dev = __in_dev_get_rcu(dev); |
2202 | if (!in_dev) |
2203 | goto cont; |
2204 | |
2205 | if (inet_netconf_fill_devconf(skb, dev->ifindex, |
2206 | &in_dev->cnf, |
2207 | NETLINK_CB(cb->skb).portid, |
2208 | nlh->nlmsg_seq, |
2209 | RTM_NEWNETCONF, |
2210 | NLM_F_MULTI, |
2211 | NETCONFA_ALL) < 0) { |
2212 | rcu_read_unlock(); |
2213 | goto done; |
2214 | } |
2215 | nl_dump_check_consistent(cb, nlmsg_hdr(skb)); |
2216 | cont: |
2217 | idx++; |
2218 | } |
2219 | rcu_read_unlock(); |
2220 | } |
2221 | if (h == NETDEV_HASHENTRIES) { |
2222 | if (inet_netconf_fill_devconf(skb, NETCONFA_IFINDEX_ALL, |
2223 | net->ipv4.devconf_all, |
2224 | NETLINK_CB(cb->skb).portid, |
2225 | nlh->nlmsg_seq, |
2226 | RTM_NEWNETCONF, NLM_F_MULTI, |
2227 | NETCONFA_ALL) < 0) |
2228 | goto done; |
2229 | else |
2230 | h++; |
2231 | } |
2232 | if (h == NETDEV_HASHENTRIES + 1) { |
2233 | if (inet_netconf_fill_devconf(skb, NETCONFA_IFINDEX_DEFAULT, |
2234 | net->ipv4.devconf_dflt, |
2235 | NETLINK_CB(cb->skb).portid, |
2236 | nlh->nlmsg_seq, |
2237 | RTM_NEWNETCONF, NLM_F_MULTI, |
2238 | NETCONFA_ALL) < 0) |
2239 | goto done; |
2240 | else |
2241 | h++; |
2242 | } |
2243 | done: |
2244 | cb->args[0] = h; |
2245 | cb->args[1] = idx; |
2246 | |
2247 | return skb->len; |
2248 | } |
2249 | |
2250 | #ifdef CONFIG_SYSCTL |
2251 | |
2252 | static void devinet_copy_dflt_conf(struct net *net, int i) |
2253 | { |
2254 | struct net_device *dev; |
2255 | |
2256 | rcu_read_lock(); |
2257 | for_each_netdev_rcu(net, dev) { |
2258 | struct in_device *in_dev; |
2259 | |
2260 | in_dev = __in_dev_get_rcu(dev); |
2261 | if (in_dev && !test_bit(i, in_dev->cnf.state)) |
2262 | in_dev->cnf.data[i] = net->ipv4.devconf_dflt->data[i]; |
2263 | } |
2264 | rcu_read_unlock(); |
2265 | } |
2266 | |
2267 | /* called with RTNL locked */ |
2268 | static void inet_forward_change(struct net *net) |
2269 | { |
2270 | struct net_device *dev; |
2271 | int on = IPV4_DEVCONF_ALL(net, FORWARDING); |
2272 | |
2273 | IPV4_DEVCONF_ALL(net, ACCEPT_REDIRECTS) = !on; |
2274 | IPV4_DEVCONF_DFLT(net, FORWARDING) = on; |
2275 | inet_netconf_notify_devconf(net, RTM_NEWNETCONF, |
2276 | NETCONFA_FORWARDING, |
2277 | NETCONFA_IFINDEX_ALL, |
2278 | net->ipv4.devconf_all); |
2279 | inet_netconf_notify_devconf(net, RTM_NEWNETCONF, |
2280 | NETCONFA_FORWARDING, |
2281 | NETCONFA_IFINDEX_DEFAULT, |
2282 | net->ipv4.devconf_dflt); |
2283 | |
2284 | for_each_netdev(net, dev) { |
2285 | struct in_device *in_dev; |
2286 | |
2287 | if (on) |
2288 | dev_disable_lro(dev); |
2289 | |
2290 | in_dev = __in_dev_get_rtnl(dev); |
2291 | if (in_dev) { |
2292 | IN_DEV_CONF_SET(in_dev, FORWARDING, on); |
2293 | inet_netconf_notify_devconf(net, RTM_NEWNETCONF, |
2294 | NETCONFA_FORWARDING, |
2295 | dev->ifindex, &in_dev->cnf); |
2296 | } |
2297 | } |
2298 | } |
2299 | |
2300 | static int devinet_conf_ifindex(struct net *net, struct ipv4_devconf *cnf) |
2301 | { |
2302 | if (cnf == net->ipv4.devconf_dflt) |
2303 | return NETCONFA_IFINDEX_DEFAULT; |
2304 | else if (cnf == net->ipv4.devconf_all) |
2305 | return NETCONFA_IFINDEX_ALL; |
2306 | else { |
2307 | struct in_device *idev |
2308 | = container_of(cnf, struct in_device, cnf); |
2309 | return idev->dev->ifindex; |
2310 | } |
2311 | } |
2312 | |
2313 | static int devinet_conf_proc(struct ctl_table *ctl, int write, |
2314 | void __user *buffer, |
2315 | size_t *lenp, loff_t *ppos) |
2316 | { |
2317 | int old_value = *(int *)ctl->data; |
2318 | int ret = proc_dointvec(ctl, write, buffer, lenp, ppos); |
2319 | int new_value = *(int *)ctl->data; |
2320 | |
2321 | if (write) { |
2322 | struct ipv4_devconf *cnf = ctl->extra1; |
2323 | struct net *net = ctl->extra2; |
2324 | int i = (int *)ctl->data - cnf->data; |
2325 | int ifindex; |
2326 | |
2327 | set_bit(i, cnf->state); |
2328 | |
2329 | if (cnf == net->ipv4.devconf_dflt) |
2330 | devinet_copy_dflt_conf(net, i); |
2331 | if (i == IPV4_DEVCONF_ACCEPT_LOCAL - 1 || |
2332 | i == IPV4_DEVCONF_ROUTE_LOCALNET - 1) |
2333 | if ((new_value == 0) && (old_value != 0)) |
2334 | rt_cache_flush(net); |
2335 | |
2336 | if (i == IPV4_DEVCONF_BC_FORWARDING - 1 && |
2337 | new_value != old_value) |
2338 | rt_cache_flush(net); |
2339 | |
2340 | if (i == IPV4_DEVCONF_RP_FILTER - 1 && |
2341 | new_value != old_value) { |
2342 | ifindex = devinet_conf_ifindex(net, cnf); |
2343 | inet_netconf_notify_devconf(net, RTM_NEWNETCONF, |
2344 | NETCONFA_RP_FILTER, |
2345 | ifindex, cnf); |
2346 | } |
2347 | if (i == IPV4_DEVCONF_PROXY_ARP - 1 && |
2348 | new_value != old_value) { |
2349 | ifindex = devinet_conf_ifindex(net, cnf); |
2350 | inet_netconf_notify_devconf(net, RTM_NEWNETCONF, |
2351 | NETCONFA_PROXY_NEIGH, |
2352 | ifindex, cnf); |
2353 | } |
2354 | if (i == IPV4_DEVCONF_IGNORE_ROUTES_WITH_LINKDOWN - 1 && |
2355 | new_value != old_value) { |
2356 | ifindex = devinet_conf_ifindex(net, cnf); |
2357 | inet_netconf_notify_devconf(net, RTM_NEWNETCONF, |
2358 | NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN, |
2359 | ifindex, cnf); |
2360 | } |
2361 | } |
2362 | |
2363 | return ret; |
2364 | } |
2365 | |
2366 | static int devinet_sysctl_forward(struct ctl_table *ctl, int write, |
2367 | void __user *buffer, |
2368 | size_t *lenp, loff_t *ppos) |
2369 | { |
2370 | int *valp = ctl->data; |
2371 | int val = *valp; |
2372 | loff_t pos = *ppos; |
2373 | int ret = proc_dointvec(ctl, write, buffer, lenp, ppos); |
2374 | |
2375 | if (write && *valp != val) { |
2376 | struct net *net = ctl->extra2; |
2377 | |
2378 | if (valp != &IPV4_DEVCONF_DFLT(net, FORWARDING)) { |
2379 | if (!rtnl_trylock()) { |
2380 | /* Restore the original values before restarting */ |
2381 | *valp = val; |
2382 | *ppos = pos; |
2383 | return restart_syscall(); |
2384 | } |
2385 | if (valp == &IPV4_DEVCONF_ALL(net, FORWARDING)) { |
2386 | inet_forward_change(net); |
2387 | } else { |
2388 | struct ipv4_devconf *cnf = ctl->extra1; |
2389 | struct in_device *idev = |
2390 | container_of(cnf, struct in_device, cnf); |
2391 | if (*valp) |
2392 | dev_disable_lro(idev->dev); |
2393 | inet_netconf_notify_devconf(net, RTM_NEWNETCONF, |
2394 | NETCONFA_FORWARDING, |
2395 | idev->dev->ifindex, |
2396 | cnf); |
2397 | } |
2398 | rtnl_unlock(); |
2399 | rt_cache_flush(net); |
2400 | } else |
2401 | inet_netconf_notify_devconf(net, RTM_NEWNETCONF, |
2402 | NETCONFA_FORWARDING, |
2403 | NETCONFA_IFINDEX_DEFAULT, |
2404 | net->ipv4.devconf_dflt); |
2405 | } |
2406 | |
2407 | return ret; |
2408 | } |
2409 | |
2410 | static int ipv4_doint_and_flush(struct ctl_table *ctl, int write, |
2411 | void __user *buffer, |
2412 | size_t *lenp, loff_t *ppos) |
2413 | { |
2414 | int *valp = ctl->data; |
2415 | int val = *valp; |
2416 | int ret = proc_dointvec(ctl, write, buffer, lenp, ppos); |
2417 | struct net *net = ctl->extra2; |
2418 | |
2419 | if (write && *valp != val) |
2420 | rt_cache_flush(net); |
2421 | |
2422 | return ret; |
2423 | } |
2424 | |
2425 | #define DEVINET_SYSCTL_ENTRY(attr, name, mval, proc) \ |
2426 | { \ |
2427 | .procname = name, \ |
2428 | .data = ipv4_devconf.data + \ |
2429 | IPV4_DEVCONF_ ## attr - 1, \ |
2430 | .maxlen = sizeof(int), \ |
2431 | .mode = mval, \ |
2432 | .proc_handler = proc, \ |
2433 | .extra1 = &ipv4_devconf, \ |
2434 | } |
2435 | |
2436 | #define DEVINET_SYSCTL_RW_ENTRY(attr, name) \ |
2437 | DEVINET_SYSCTL_ENTRY(attr, name, 0644, devinet_conf_proc) |
2438 | |
2439 | #define DEVINET_SYSCTL_RO_ENTRY(attr, name) \ |
2440 | DEVINET_SYSCTL_ENTRY(attr, name, 0444, devinet_conf_proc) |
2441 | |
2442 | #define DEVINET_SYSCTL_COMPLEX_ENTRY(attr, name, proc) \ |
2443 | DEVINET_SYSCTL_ENTRY(attr, name, 0644, proc) |
2444 | |
2445 | #define DEVINET_SYSCTL_FLUSHING_ENTRY(attr, name) \ |
2446 | DEVINET_SYSCTL_COMPLEX_ENTRY(attr, name, ipv4_doint_and_flush) |
2447 | |
2448 | static struct devinet_sysctl_table { |
2449 | struct ctl_table_header *; |
2450 | struct ctl_table devinet_vars[__IPV4_DEVCONF_MAX]; |
2451 | } devinet_sysctl = { |
2452 | .devinet_vars = { |
2453 | DEVINET_SYSCTL_COMPLEX_ENTRY(FORWARDING, "forwarding" , |
2454 | devinet_sysctl_forward), |
2455 | DEVINET_SYSCTL_RO_ENTRY(MC_FORWARDING, "mc_forwarding" ), |
2456 | DEVINET_SYSCTL_RW_ENTRY(BC_FORWARDING, "bc_forwarding" ), |
2457 | |
2458 | DEVINET_SYSCTL_RW_ENTRY(ACCEPT_REDIRECTS, "accept_redirects" ), |
2459 | DEVINET_SYSCTL_RW_ENTRY(SECURE_REDIRECTS, "secure_redirects" ), |
2460 | DEVINET_SYSCTL_RW_ENTRY(SHARED_MEDIA, "shared_media" ), |
2461 | DEVINET_SYSCTL_RW_ENTRY(RP_FILTER, "rp_filter" ), |
2462 | DEVINET_SYSCTL_RW_ENTRY(SEND_REDIRECTS, "send_redirects" ), |
2463 | DEVINET_SYSCTL_RW_ENTRY(ACCEPT_SOURCE_ROUTE, |
2464 | "accept_source_route" ), |
2465 | DEVINET_SYSCTL_RW_ENTRY(ACCEPT_LOCAL, "accept_local" ), |
2466 | DEVINET_SYSCTL_RW_ENTRY(SRC_VMARK, "src_valid_mark" ), |
2467 | DEVINET_SYSCTL_RW_ENTRY(PROXY_ARP, "proxy_arp" ), |
2468 | DEVINET_SYSCTL_RW_ENTRY(MEDIUM_ID, "medium_id" ), |
2469 | DEVINET_SYSCTL_RW_ENTRY(BOOTP_RELAY, "bootp_relay" ), |
2470 | DEVINET_SYSCTL_RW_ENTRY(LOG_MARTIANS, "log_martians" ), |
2471 | DEVINET_SYSCTL_RW_ENTRY(TAG, "tag" ), |
2472 | DEVINET_SYSCTL_RW_ENTRY(ARPFILTER, "arp_filter" ), |
2473 | DEVINET_SYSCTL_RW_ENTRY(ARP_ANNOUNCE, "arp_announce" ), |
2474 | DEVINET_SYSCTL_RW_ENTRY(ARP_IGNORE, "arp_ignore" ), |
2475 | DEVINET_SYSCTL_RW_ENTRY(ARP_ACCEPT, "arp_accept" ), |
2476 | DEVINET_SYSCTL_RW_ENTRY(ARP_NOTIFY, "arp_notify" ), |
2477 | DEVINET_SYSCTL_RW_ENTRY(PROXY_ARP_PVLAN, "proxy_arp_pvlan" ), |
2478 | DEVINET_SYSCTL_RW_ENTRY(FORCE_IGMP_VERSION, |
2479 | "force_igmp_version" ), |
2480 | DEVINET_SYSCTL_RW_ENTRY(IGMPV2_UNSOLICITED_REPORT_INTERVAL, |
2481 | "igmpv2_unsolicited_report_interval" ), |
2482 | DEVINET_SYSCTL_RW_ENTRY(IGMPV3_UNSOLICITED_REPORT_INTERVAL, |
2483 | "igmpv3_unsolicited_report_interval" ), |
2484 | DEVINET_SYSCTL_RW_ENTRY(IGNORE_ROUTES_WITH_LINKDOWN, |
2485 | "ignore_routes_with_linkdown" ), |
2486 | DEVINET_SYSCTL_RW_ENTRY(DROP_GRATUITOUS_ARP, |
2487 | "drop_gratuitous_arp" ), |
2488 | |
2489 | DEVINET_SYSCTL_FLUSHING_ENTRY(NOXFRM, "disable_xfrm" ), |
2490 | DEVINET_SYSCTL_FLUSHING_ENTRY(NOPOLICY, "disable_policy" ), |
2491 | DEVINET_SYSCTL_FLUSHING_ENTRY(PROMOTE_SECONDARIES, |
2492 | "promote_secondaries" ), |
2493 | DEVINET_SYSCTL_FLUSHING_ENTRY(ROUTE_LOCALNET, |
2494 | "route_localnet" ), |
2495 | DEVINET_SYSCTL_FLUSHING_ENTRY(DROP_UNICAST_IN_L2_MULTICAST, |
2496 | "drop_unicast_in_l2_multicast" ), |
2497 | }, |
2498 | }; |
2499 | |
2500 | static int __devinet_sysctl_register(struct net *net, char *dev_name, |
2501 | int ifindex, struct ipv4_devconf *p) |
2502 | { |
2503 | int i; |
2504 | struct devinet_sysctl_table *t; |
2505 | char path[sizeof("net/ipv4/conf/" ) + IFNAMSIZ]; |
2506 | |
2507 | t = kmemdup(&devinet_sysctl, sizeof(*t), GFP_KERNEL); |
2508 | if (!t) |
2509 | goto out; |
2510 | |
2511 | for (i = 0; i < ARRAY_SIZE(t->devinet_vars) - 1; i++) { |
2512 | t->devinet_vars[i].data += (char *)p - (char *)&ipv4_devconf; |
2513 | t->devinet_vars[i].extra1 = p; |
2514 | t->devinet_vars[i].extra2 = net; |
2515 | } |
2516 | |
2517 | snprintf(path, sizeof(path), "net/ipv4/conf/%s" , dev_name); |
2518 | |
2519 | t->sysctl_header = register_net_sysctl(net, path, t->devinet_vars); |
2520 | if (!t->sysctl_header) |
2521 | goto free; |
2522 | |
2523 | p->sysctl = t; |
2524 | |
2525 | inet_netconf_notify_devconf(net, RTM_NEWNETCONF, NETCONFA_ALL, |
2526 | ifindex, p); |
2527 | return 0; |
2528 | |
2529 | free: |
2530 | kfree(t); |
2531 | out: |
2532 | return -ENOBUFS; |
2533 | } |
2534 | |
2535 | static void __devinet_sysctl_unregister(struct net *net, |
2536 | struct ipv4_devconf *cnf, int ifindex) |
2537 | { |
2538 | struct devinet_sysctl_table *t = cnf->sysctl; |
2539 | |
2540 | if (t) { |
2541 | cnf->sysctl = NULL; |
2542 | unregister_net_sysctl_table(t->sysctl_header); |
2543 | kfree(t); |
2544 | } |
2545 | |
2546 | inet_netconf_notify_devconf(net, RTM_DELNETCONF, 0, ifindex, NULL); |
2547 | } |
2548 | |
2549 | static int devinet_sysctl_register(struct in_device *idev) |
2550 | { |
2551 | int err; |
2552 | |
2553 | if (!sysctl_dev_name_is_allowed(idev->dev->name)) |
2554 | return -EINVAL; |
2555 | |
2556 | err = neigh_sysctl_register(idev->dev, idev->arp_parms, NULL); |
2557 | if (err) |
2558 | return err; |
2559 | err = __devinet_sysctl_register(dev_net(idev->dev), idev->dev->name, |
2560 | idev->dev->ifindex, &idev->cnf); |
2561 | if (err) |
2562 | neigh_sysctl_unregister(idev->arp_parms); |
2563 | return err; |
2564 | } |
2565 | |
2566 | static void devinet_sysctl_unregister(struct in_device *idev) |
2567 | { |
2568 | struct net *net = dev_net(idev->dev); |
2569 | |
2570 | __devinet_sysctl_unregister(net, &idev->cnf, idev->dev->ifindex); |
2571 | neigh_sysctl_unregister(idev->arp_parms); |
2572 | } |
2573 | |
2574 | static struct ctl_table ctl_forward_entry[] = { |
2575 | { |
2576 | .procname = "ip_forward" , |
2577 | .data = &ipv4_devconf.data[ |
2578 | IPV4_DEVCONF_FORWARDING - 1], |
2579 | .maxlen = sizeof(int), |
2580 | .mode = 0644, |
2581 | .proc_handler = devinet_sysctl_forward, |
2582 | .extra1 = &ipv4_devconf, |
2583 | .extra2 = &init_net, |
2584 | }, |
2585 | { }, |
2586 | }; |
2587 | #endif |
2588 | |
2589 | static __net_init int devinet_init_net(struct net *net) |
2590 | { |
2591 | int err; |
2592 | struct ipv4_devconf *all, *dflt; |
2593 | #ifdef CONFIG_SYSCTL |
2594 | struct ctl_table *tbl; |
2595 | struct ctl_table_header *forw_hdr; |
2596 | #endif |
2597 | |
2598 | err = -ENOMEM; |
2599 | all = kmemdup(&ipv4_devconf, sizeof(ipv4_devconf), GFP_KERNEL); |
2600 | if (!all) |
2601 | goto err_alloc_all; |
2602 | |
2603 | dflt = kmemdup(&ipv4_devconf_dflt, sizeof(ipv4_devconf_dflt), GFP_KERNEL); |
2604 | if (!dflt) |
2605 | goto err_alloc_dflt; |
2606 | |
2607 | #ifdef CONFIG_SYSCTL |
2608 | tbl = kmemdup(ctl_forward_entry, sizeof(ctl_forward_entry), GFP_KERNEL); |
2609 | if (!tbl) |
2610 | goto err_alloc_ctl; |
2611 | |
2612 | tbl[0].data = &all->data[IPV4_DEVCONF_FORWARDING - 1]; |
2613 | tbl[0].extra1 = all; |
2614 | tbl[0].extra2 = net; |
2615 | #endif |
2616 | |
2617 | if ((!IS_ENABLED(CONFIG_SYSCTL) || |
2618 | sysctl_devconf_inherit_init_net != 2) && |
2619 | !net_eq(net, &init_net)) { |
2620 | memcpy(all, init_net.ipv4.devconf_all, sizeof(ipv4_devconf)); |
2621 | memcpy(dflt, init_net.ipv4.devconf_dflt, sizeof(ipv4_devconf_dflt)); |
2622 | } |
2623 | |
2624 | #ifdef CONFIG_SYSCTL |
2625 | err = __devinet_sysctl_register(net, "all" , NETCONFA_IFINDEX_ALL, all); |
2626 | if (err < 0) |
2627 | goto err_reg_all; |
2628 | |
2629 | err = __devinet_sysctl_register(net, "default" , |
2630 | NETCONFA_IFINDEX_DEFAULT, dflt); |
2631 | if (err < 0) |
2632 | goto err_reg_dflt; |
2633 | |
2634 | err = -ENOMEM; |
2635 | forw_hdr = register_net_sysctl(net, "net/ipv4" , tbl); |
2636 | if (!forw_hdr) |
2637 | goto err_reg_ctl; |
2638 | net->ipv4.forw_hdr = forw_hdr; |
2639 | #endif |
2640 | |
2641 | net->ipv4.devconf_all = all; |
2642 | net->ipv4.devconf_dflt = dflt; |
2643 | return 0; |
2644 | |
2645 | #ifdef CONFIG_SYSCTL |
2646 | err_reg_ctl: |
2647 | __devinet_sysctl_unregister(net, dflt, NETCONFA_IFINDEX_DEFAULT); |
2648 | err_reg_dflt: |
2649 | __devinet_sysctl_unregister(net, all, NETCONFA_IFINDEX_ALL); |
2650 | err_reg_all: |
2651 | kfree(tbl); |
2652 | err_alloc_ctl: |
2653 | #endif |
2654 | kfree(dflt); |
2655 | err_alloc_dflt: |
2656 | kfree(all); |
2657 | err_alloc_all: |
2658 | return err; |
2659 | } |
2660 | |
2661 | static __net_exit void devinet_exit_net(struct net *net) |
2662 | { |
2663 | #ifdef CONFIG_SYSCTL |
2664 | struct ctl_table *tbl; |
2665 | |
2666 | tbl = net->ipv4.forw_hdr->ctl_table_arg; |
2667 | unregister_net_sysctl_table(net->ipv4.forw_hdr); |
2668 | __devinet_sysctl_unregister(net, net->ipv4.devconf_dflt, |
2669 | NETCONFA_IFINDEX_DEFAULT); |
2670 | __devinet_sysctl_unregister(net, net->ipv4.devconf_all, |
2671 | NETCONFA_IFINDEX_ALL); |
2672 | kfree(tbl); |
2673 | #endif |
2674 | kfree(net->ipv4.devconf_dflt); |
2675 | kfree(net->ipv4.devconf_all); |
2676 | } |
2677 | |
2678 | static __net_initdata struct pernet_operations devinet_ops = { |
2679 | .init = devinet_init_net, |
2680 | .exit = devinet_exit_net, |
2681 | }; |
2682 | |
2683 | static struct rtnl_af_ops inet_af_ops __read_mostly = { |
2684 | .family = AF_INET, |
2685 | .fill_link_af = inet_fill_link_af, |
2686 | .get_link_af_size = inet_get_link_af_size, |
2687 | .validate_link_af = inet_validate_link_af, |
2688 | .set_link_af = inet_set_link_af, |
2689 | }; |
2690 | |
2691 | void __init devinet_init(void) |
2692 | { |
2693 | int i; |
2694 | |
2695 | for (i = 0; i < IN4_ADDR_HSIZE; i++) |
2696 | INIT_HLIST_HEAD(&inet_addr_lst[i]); |
2697 | |
2698 | register_pernet_subsys(&devinet_ops); |
2699 | |
2700 | register_gifconf(PF_INET, inet_gifconf); |
2701 | register_netdevice_notifier(&ip_netdev_notifier); |
2702 | |
2703 | queue_delayed_work(system_power_efficient_wq, &check_lifetime_work, 0); |
2704 | |
2705 | rtnl_af_register(&inet_af_ops); |
2706 | |
2707 | rtnl_register(PF_INET, RTM_NEWADDR, inet_rtm_newaddr, NULL, 0); |
2708 | rtnl_register(PF_INET, RTM_DELADDR, inet_rtm_deladdr, NULL, 0); |
2709 | rtnl_register(PF_INET, RTM_GETADDR, NULL, inet_dump_ifaddr, 0); |
2710 | rtnl_register(PF_INET, RTM_GETNETCONF, inet_netconf_get_devconf, |
2711 | inet_netconf_dump_devconf, 0); |
2712 | } |
2713 | |