2 * NET3 IP device support routines.
4 * This program is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU General Public License
6 * as published by the Free Software Foundation; either version
7 * 2 of the License, or (at your option) any later version.
9 * Derived from the IP parts of dev.c 1.0.19
11 * Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
12 * Mark Evans, <evansmp@uhura.aston.ac.uk>
15 * Alan Cox, <gw4pts@gw4pts.ampr.org>
16 * Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru>
19 * Alexey Kuznetsov: pa_* fields are replaced with ifaddr
21 * Cyrus Durgin: updated for kmod
22 * Matthias Andree: in devinet_ioctl, compare label and
23 * address (4.4BSD alias style support),
24 * fall back to comparing just the label
29 #include <asm/uaccess.h>
30 #include <linux/bitops.h>
31 #include <linux/capability.h>
32 #include <linux/module.h>
33 #include <linux/types.h>
34 #include <linux/kernel.h>
35 #include <linux/string.h>
37 #include <linux/socket.h>
38 #include <linux/sockios.h>
40 #include <linux/errno.h>
41 #include <linux/interrupt.h>
42 #include <linux/if_addr.h>
43 #include <linux/if_ether.h>
44 #include <linux/inet.h>
45 #include <linux/netdevice.h>
46 #include <linux/etherdevice.h>
47 #include <linux/skbuff.h>
48 #include <linux/init.h>
49 #include <linux/notifier.h>
50 #include <linux/inetdevice.h>
51 #include <linux/igmp.h>
52 #include <linux/slab.h>
53 #include <linux/hash.h>
55 #include <linux/sysctl.h>
57 #include <linux/kmod.h>
58 #include <linux/netconf.h>
62 #include <net/route.h>
63 #include <net/ip_fib.h>
64 #include <net/rtnetlink.h>
65 #include <net/net_namespace.h>
66 #include <net/addrconf.h>
68 #include "fib_lookup.h"
70 static struct ipv4_devconf ipv4_devconf = {
72 [IPV4_DEVCONF_ACCEPT_REDIRECTS - 1] = 1,
73 [IPV4_DEVCONF_SEND_REDIRECTS - 1] = 1,
74 [IPV4_DEVCONF_SECURE_REDIRECTS - 1] = 1,
75 [IPV4_DEVCONF_SHARED_MEDIA - 1] = 1,
79 static struct ipv4_devconf ipv4_devconf_dflt = {
81 [IPV4_DEVCONF_ACCEPT_REDIRECTS - 1] = 1,
82 [IPV4_DEVCONF_SEND_REDIRECTS - 1] = 1,
83 [IPV4_DEVCONF_SECURE_REDIRECTS - 1] = 1,
84 [IPV4_DEVCONF_SHARED_MEDIA - 1] = 1,
85 [IPV4_DEVCONF_ACCEPT_SOURCE_ROUTE - 1] = 1,
89 #define IPV4_DEVCONF_DFLT(net, attr) \
90 IPV4_DEVCONF((*net->ipv4.devconf_dflt), attr)
92 static const struct nla_policy ifa_ipv4_policy[IFA_MAX+1] = {
93 [IFA_LOCAL] = { .type = NLA_U32 },
94 [IFA_ADDRESS] = { .type = NLA_U32 },
95 [IFA_BROADCAST] = { .type = NLA_U32 },
96 [IFA_LABEL] = { .type = NLA_STRING, .len = IFNAMSIZ - 1 },
97 [IFA_CACHEINFO] = { .len = sizeof(struct ifa_cacheinfo) },
100 #define IN4_ADDR_HSIZE_SHIFT 8
101 #define IN4_ADDR_HSIZE (1U << IN4_ADDR_HSIZE_SHIFT)
103 static struct hlist_head inet_addr_lst[IN4_ADDR_HSIZE];
104 static DEFINE_SPINLOCK(inet_addr_hash_lock);
106 static u32 inet_addr_hash(struct net *net, __be32 addr)
108 u32 val = (__force u32) addr ^ net_hash_mix(net);
110 return hash_32(val, IN4_ADDR_HSIZE_SHIFT);
113 static void inet_hash_insert(struct net *net, struct in_ifaddr *ifa)
115 u32 hash = inet_addr_hash(net, ifa->ifa_local);
117 spin_lock(&inet_addr_hash_lock);
118 hlist_add_head_rcu(&ifa->hash, &inet_addr_lst[hash]);
119 spin_unlock(&inet_addr_hash_lock);
122 static void inet_hash_remove(struct in_ifaddr *ifa)
124 spin_lock(&inet_addr_hash_lock);
125 hlist_del_init_rcu(&ifa->hash);
126 spin_unlock(&inet_addr_hash_lock);
130 * __ip_dev_find - find the first device with a given source address.
131 * @net: the net namespace
132 * @addr: the source address
133 * @devref: if true, take a reference on the found device
135 * If a caller uses devref=false, it should be protected by RCU, or RTNL
137 struct net_device *__ip_dev_find(struct net *net, __be32 addr, bool devref)
139 u32 hash = inet_addr_hash(net, addr);
140 struct net_device *result = NULL;
141 struct in_ifaddr *ifa;
144 hlist_for_each_entry_rcu(ifa, &inet_addr_lst[hash], hash) {
145 if (ifa->ifa_local == addr) {
146 struct net_device *dev = ifa->ifa_dev->dev;
148 if (!net_eq(dev_net(dev), net))
155 struct flowi4 fl4 = { .daddr = addr };
156 struct fib_result res = { 0 };
157 struct fib_table *local;
159 /* Fallback to FIB local table so that communication
160 * over loopback subnets work.
162 local = fib_get_table(net, RT_TABLE_LOCAL);
164 !fib_table_lookup(local, &fl4, &res, FIB_LOOKUP_NOREF) &&
165 res.type == RTN_LOCAL)
166 result = FIB_RES_DEV(res);
168 if (result && devref)
173 EXPORT_SYMBOL(__ip_dev_find);
175 static void rtmsg_ifa(int event, struct in_ifaddr *, struct nlmsghdr *, u32);
177 static BLOCKING_NOTIFIER_HEAD(inetaddr_chain);
178 static void inet_del_ifa(struct in_device *in_dev, struct in_ifaddr **ifap,
181 static void devinet_sysctl_register(struct in_device *idev);
182 static void devinet_sysctl_unregister(struct in_device *idev);
184 static void devinet_sysctl_register(struct in_device *idev)
187 static void devinet_sysctl_unregister(struct in_device *idev)
192 /* Locks all the inet devices. */
194 static struct in_ifaddr *inet_alloc_ifa(void)
196 return kzalloc(sizeof(struct in_ifaddr), GFP_KERNEL);
199 static void inet_rcu_free_ifa(struct rcu_head *head)
201 struct in_ifaddr *ifa = container_of(head, struct in_ifaddr, rcu_head);
203 in_dev_put(ifa->ifa_dev);
207 static void inet_free_ifa(struct in_ifaddr *ifa)
209 call_rcu(&ifa->rcu_head, inet_rcu_free_ifa);
212 void in_dev_finish_destroy(struct in_device *idev)
214 struct net_device *dev = idev->dev;
216 WARN_ON(idev->ifa_list);
217 WARN_ON(idev->mc_list);
218 #ifdef NET_REFCNT_DEBUG
219 pr_debug("%s: %p=%s\n", __func__, idev, dev ? dev->name : "NIL");
223 pr_err("Freeing alive in_device %p\n", idev);
227 EXPORT_SYMBOL(in_dev_finish_destroy);
229 static struct in_device *inetdev_init(struct net_device *dev)
231 struct in_device *in_dev;
235 in_dev = kzalloc(sizeof(*in_dev), GFP_KERNEL);
238 memcpy(&in_dev->cnf, dev_net(dev)->ipv4.devconf_dflt,
239 sizeof(in_dev->cnf));
240 in_dev->cnf.sysctl = NULL;
242 in_dev->arp_parms = neigh_parms_alloc(dev, &arp_tbl);
243 if (!in_dev->arp_parms)
245 if (IPV4_DEVCONF(in_dev->cnf, FORWARDING))
246 dev_disable_lro(dev);
247 /* Reference in_dev->dev */
249 /* Account for reference dev->ip_ptr (below) */
252 devinet_sysctl_register(in_dev);
253 ip_mc_init_dev(in_dev);
254 if (dev->flags & IFF_UP)
257 /* we can receive as soon as ip_ptr is set -- do this last */
258 rcu_assign_pointer(dev->ip_ptr, in_dev);
267 static void in_dev_rcu_put(struct rcu_head *head)
269 struct in_device *idev = container_of(head, struct in_device, rcu_head);
273 static void inetdev_destroy(struct in_device *in_dev)
275 struct in_ifaddr *ifa;
276 struct net_device *dev;
284 ip_mc_destroy_dev(in_dev);
286 while ((ifa = in_dev->ifa_list) != NULL) {
287 inet_del_ifa(in_dev, &in_dev->ifa_list, 0);
291 RCU_INIT_POINTER(dev->ip_ptr, NULL);
293 devinet_sysctl_unregister(in_dev);
294 neigh_parms_release(&arp_tbl, in_dev->arp_parms);
297 call_rcu(&in_dev->rcu_head, in_dev_rcu_put);
300 int inet_addr_onlink(struct in_device *in_dev, __be32 a, __be32 b)
303 for_primary_ifa(in_dev) {
304 if (inet_ifa_match(a, ifa)) {
305 if (!b || inet_ifa_match(b, ifa)) {
310 } endfor_ifa(in_dev);
315 static void __inet_del_ifa(struct in_device *in_dev, struct in_ifaddr **ifap,
316 int destroy, struct nlmsghdr *nlh, u32 portid)
318 struct in_ifaddr *promote = NULL;
319 struct in_ifaddr *ifa, *ifa1 = *ifap;
320 struct in_ifaddr *last_prim = in_dev->ifa_list;
321 struct in_ifaddr *prev_prom = NULL;
322 int do_promote = IN_DEV_PROMOTE_SECONDARIES(in_dev);
326 /* 1. Deleting primary ifaddr forces deletion all secondaries
327 * unless alias promotion is set
330 if (!(ifa1->ifa_flags & IFA_F_SECONDARY)) {
331 struct in_ifaddr **ifap1 = &ifa1->ifa_next;
333 while ((ifa = *ifap1) != NULL) {
334 if (!(ifa->ifa_flags & IFA_F_SECONDARY) &&
335 ifa1->ifa_scope <= ifa->ifa_scope)
338 if (!(ifa->ifa_flags & IFA_F_SECONDARY) ||
339 ifa1->ifa_mask != ifa->ifa_mask ||
340 !inet_ifa_match(ifa1->ifa_address, ifa)) {
341 ifap1 = &ifa->ifa_next;
347 inet_hash_remove(ifa);
348 *ifap1 = ifa->ifa_next;
350 rtmsg_ifa(RTM_DELADDR, ifa, nlh, portid);
351 blocking_notifier_call_chain(&inetaddr_chain,
361 /* On promotion all secondaries from subnet are changing
362 * the primary IP, we must remove all their routes silently
363 * and later to add them back with new prefsrc. Do this
364 * while all addresses are on the device list.
366 for (ifa = promote; ifa; ifa = ifa->ifa_next) {
367 if (ifa1->ifa_mask == ifa->ifa_mask &&
368 inet_ifa_match(ifa1->ifa_address, ifa))
369 fib_del_ifaddr(ifa, ifa1);
374 *ifap = ifa1->ifa_next;
375 inet_hash_remove(ifa1);
377 /* 3. Announce address deletion */
379 /* Send message first, then call notifier.
380 At first sight, FIB update triggered by notifier
381 will refer to already deleted ifaddr, that could confuse
382 netlink listeners. It is not true: look, gated sees
383 that route deleted and if it still thinks that ifaddr
384 is valid, it will try to restore deleted routes... Grr.
385 So that, this order is correct.
387 rtmsg_ifa(RTM_DELADDR, ifa1, nlh, portid);
388 blocking_notifier_call_chain(&inetaddr_chain, NETDEV_DOWN, ifa1);
391 struct in_ifaddr *next_sec = promote->ifa_next;
394 prev_prom->ifa_next = promote->ifa_next;
395 promote->ifa_next = last_prim->ifa_next;
396 last_prim->ifa_next = promote;
399 promote->ifa_flags &= ~IFA_F_SECONDARY;
400 rtmsg_ifa(RTM_NEWADDR, promote, nlh, portid);
401 blocking_notifier_call_chain(&inetaddr_chain,
403 for (ifa = next_sec; ifa; ifa = ifa->ifa_next) {
404 if (ifa1->ifa_mask != ifa->ifa_mask ||
405 !inet_ifa_match(ifa1->ifa_address, ifa))
415 static void inet_del_ifa(struct in_device *in_dev, struct in_ifaddr **ifap,
418 __inet_del_ifa(in_dev, ifap, destroy, NULL, 0);
421 static void check_lifetime(struct work_struct *work);
423 static DECLARE_DELAYED_WORK(check_lifetime_work, check_lifetime);
425 static int __inet_insert_ifa(struct in_ifaddr *ifa, struct nlmsghdr *nlh,
428 struct in_device *in_dev = ifa->ifa_dev;
429 struct in_ifaddr *ifa1, **ifap, **last_primary;
433 if (!ifa->ifa_local) {
438 ifa->ifa_flags &= ~IFA_F_SECONDARY;
439 last_primary = &in_dev->ifa_list;
441 for (ifap = &in_dev->ifa_list; (ifa1 = *ifap) != NULL;
442 ifap = &ifa1->ifa_next) {
443 if (!(ifa1->ifa_flags & IFA_F_SECONDARY) &&
444 ifa->ifa_scope <= ifa1->ifa_scope)
445 last_primary = &ifa1->ifa_next;
446 if (ifa1->ifa_mask == ifa->ifa_mask &&
447 inet_ifa_match(ifa1->ifa_address, ifa)) {
448 if (ifa1->ifa_local == ifa->ifa_local) {
452 if (ifa1->ifa_scope != ifa->ifa_scope) {
456 ifa->ifa_flags |= IFA_F_SECONDARY;
460 if (!(ifa->ifa_flags & IFA_F_SECONDARY)) {
461 net_srandom(ifa->ifa_local);
465 ifa->ifa_next = *ifap;
468 inet_hash_insert(dev_net(in_dev->dev), ifa);
470 cancel_delayed_work(&check_lifetime_work);
471 schedule_delayed_work(&check_lifetime_work, 0);
473 /* Send message first, then call notifier.
474 Notifier will trigger FIB update, so that
475 listeners of netlink will know about new ifaddr */
476 rtmsg_ifa(RTM_NEWADDR, ifa, nlh, portid);
477 blocking_notifier_call_chain(&inetaddr_chain, NETDEV_UP, ifa);
482 static int inet_insert_ifa(struct in_ifaddr *ifa)
484 return __inet_insert_ifa(ifa, NULL, 0);
487 static int inet_set_ifa(struct net_device *dev, struct in_ifaddr *ifa)
489 struct in_device *in_dev = __in_dev_get_rtnl(dev);
497 ipv4_devconf_setall(in_dev);
498 if (ifa->ifa_dev != in_dev) {
499 WARN_ON(ifa->ifa_dev);
501 ifa->ifa_dev = in_dev;
503 if (ipv4_is_loopback(ifa->ifa_local))
504 ifa->ifa_scope = RT_SCOPE_HOST;
505 return inet_insert_ifa(ifa);
508 /* Caller must hold RCU or RTNL :
509 * We dont take a reference on found in_device
511 struct in_device *inetdev_by_index(struct net *net, int ifindex)
513 struct net_device *dev;
514 struct in_device *in_dev = NULL;
517 dev = dev_get_by_index_rcu(net, ifindex);
519 in_dev = rcu_dereference_rtnl(dev->ip_ptr);
523 EXPORT_SYMBOL(inetdev_by_index);
525 /* Called only from RTNL semaphored context. No locks. */
527 struct in_ifaddr *inet_ifa_byprefix(struct in_device *in_dev, __be32 prefix,
532 for_primary_ifa(in_dev) {
533 if (ifa->ifa_mask == mask && inet_ifa_match(prefix, ifa))
535 } endfor_ifa(in_dev);
539 static int inet_rtm_deladdr(struct sk_buff *skb, struct nlmsghdr *nlh)
541 struct net *net = sock_net(skb->sk);
542 struct nlattr *tb[IFA_MAX+1];
543 struct in_device *in_dev;
544 struct ifaddrmsg *ifm;
545 struct in_ifaddr *ifa, **ifap;
550 err = nlmsg_parse(nlh, sizeof(*ifm), tb, IFA_MAX, ifa_ipv4_policy);
554 ifm = nlmsg_data(nlh);
555 in_dev = inetdev_by_index(net, ifm->ifa_index);
556 if (in_dev == NULL) {
561 for (ifap = &in_dev->ifa_list; (ifa = *ifap) != NULL;
562 ifap = &ifa->ifa_next) {
564 ifa->ifa_local != nla_get_be32(tb[IFA_LOCAL]))
567 if (tb[IFA_LABEL] && nla_strcmp(tb[IFA_LABEL], ifa->ifa_label))
570 if (tb[IFA_ADDRESS] &&
571 (ifm->ifa_prefixlen != ifa->ifa_prefixlen ||
572 !inet_ifa_match(nla_get_be32(tb[IFA_ADDRESS]), ifa)))
575 __inet_del_ifa(in_dev, ifap, 1, nlh, NETLINK_CB(skb).portid);
579 err = -EADDRNOTAVAIL;
584 #define INFINITY_LIFE_TIME 0xFFFFFFFF
586 static void check_lifetime(struct work_struct *work)
588 unsigned long now, next, next_sec, next_sched;
589 struct in_ifaddr *ifa;
590 struct hlist_node *n;
594 next = round_jiffies_up(now + ADDR_CHECK_FREQUENCY);
596 for (i = 0; i < IN4_ADDR_HSIZE; i++) {
597 bool change_needed = false;
600 hlist_for_each_entry_rcu(ifa, &inet_addr_lst[i], hash) {
603 if (ifa->ifa_flags & IFA_F_PERMANENT)
606 /* We try to batch several events at once. */
607 age = (now - ifa->ifa_tstamp +
608 ADDRCONF_TIMER_FUZZ_MINUS) / HZ;
610 if (ifa->ifa_valid_lft != INFINITY_LIFE_TIME &&
611 age >= ifa->ifa_valid_lft) {
612 change_needed = true;
613 } else if (ifa->ifa_preferred_lft ==
614 INFINITY_LIFE_TIME) {
616 } else if (age >= ifa->ifa_preferred_lft) {
617 if (time_before(ifa->ifa_tstamp +
618 ifa->ifa_valid_lft * HZ, next))
619 next = ifa->ifa_tstamp +
620 ifa->ifa_valid_lft * HZ;
622 if (!(ifa->ifa_flags & IFA_F_DEPRECATED))
623 change_needed = true;
624 } else if (time_before(ifa->ifa_tstamp +
625 ifa->ifa_preferred_lft * HZ,
627 next = ifa->ifa_tstamp +
628 ifa->ifa_preferred_lft * HZ;
635 hlist_for_each_entry_safe(ifa, n, &inet_addr_lst[i], hash) {
638 if (ifa->ifa_flags & IFA_F_PERMANENT)
641 /* We try to batch several events at once. */
642 age = (now - ifa->ifa_tstamp +
643 ADDRCONF_TIMER_FUZZ_MINUS) / HZ;
645 if (ifa->ifa_valid_lft != INFINITY_LIFE_TIME &&
646 age >= ifa->ifa_valid_lft) {
647 struct in_ifaddr **ifap;
649 for (ifap = &ifa->ifa_dev->ifa_list;
650 *ifap != NULL; ifap = &(*ifap)->ifa_next) {
652 inet_del_ifa(ifa->ifa_dev,
657 } else if (ifa->ifa_preferred_lft !=
658 INFINITY_LIFE_TIME &&
659 age >= ifa->ifa_preferred_lft &&
660 !(ifa->ifa_flags & IFA_F_DEPRECATED)) {
661 ifa->ifa_flags |= IFA_F_DEPRECATED;
662 rtmsg_ifa(RTM_NEWADDR, ifa, NULL, 0);
668 next_sec = round_jiffies_up(next);
671 /* If rounded timeout is accurate enough, accept it. */
672 if (time_before(next_sec, next + ADDRCONF_TIMER_FUZZ))
673 next_sched = next_sec;
676 /* And minimum interval is ADDRCONF_TIMER_FUZZ_MAX. */
677 if (time_before(next_sched, now + ADDRCONF_TIMER_FUZZ_MAX))
678 next_sched = now + ADDRCONF_TIMER_FUZZ_MAX;
680 schedule_delayed_work(&check_lifetime_work, next_sched - now);
683 static void set_ifa_lifetime(struct in_ifaddr *ifa, __u32 valid_lft,
686 unsigned long timeout;
688 ifa->ifa_flags &= ~(IFA_F_PERMANENT | IFA_F_DEPRECATED);
690 timeout = addrconf_timeout_fixup(valid_lft, HZ);
691 if (addrconf_finite_timeout(timeout))
692 ifa->ifa_valid_lft = timeout;
694 ifa->ifa_flags |= IFA_F_PERMANENT;
696 timeout = addrconf_timeout_fixup(prefered_lft, HZ);
697 if (addrconf_finite_timeout(timeout)) {
699 ifa->ifa_flags |= IFA_F_DEPRECATED;
700 ifa->ifa_preferred_lft = timeout;
702 ifa->ifa_tstamp = jiffies;
703 if (!ifa->ifa_cstamp)
704 ifa->ifa_cstamp = ifa->ifa_tstamp;
707 static struct in_ifaddr *rtm_to_ifaddr(struct net *net, struct nlmsghdr *nlh,
708 __u32 *pvalid_lft, __u32 *pprefered_lft)
710 struct nlattr *tb[IFA_MAX+1];
711 struct in_ifaddr *ifa;
712 struct ifaddrmsg *ifm;
713 struct net_device *dev;
714 struct in_device *in_dev;
717 err = nlmsg_parse(nlh, sizeof(*ifm), tb, IFA_MAX, ifa_ipv4_policy);
721 ifm = nlmsg_data(nlh);
723 if (ifm->ifa_prefixlen > 32 || tb[IFA_LOCAL] == NULL)
726 dev = __dev_get_by_index(net, ifm->ifa_index);
731 in_dev = __in_dev_get_rtnl(dev);
736 ifa = inet_alloc_ifa();
739 * A potential indev allocation can be left alive, it stays
740 * assigned to its device and is destroy with it.
744 ipv4_devconf_setall(in_dev);
747 if (tb[IFA_ADDRESS] == NULL)
748 tb[IFA_ADDRESS] = tb[IFA_LOCAL];
750 INIT_HLIST_NODE(&ifa->hash);
751 ifa->ifa_prefixlen = ifm->ifa_prefixlen;
752 ifa->ifa_mask = inet_make_mask(ifm->ifa_prefixlen);
753 ifa->ifa_flags = ifm->ifa_flags;
754 ifa->ifa_scope = ifm->ifa_scope;
755 ifa->ifa_dev = in_dev;
757 ifa->ifa_local = nla_get_be32(tb[IFA_LOCAL]);
758 ifa->ifa_address = nla_get_be32(tb[IFA_ADDRESS]);
760 if (tb[IFA_BROADCAST])
761 ifa->ifa_broadcast = nla_get_be32(tb[IFA_BROADCAST]);
764 nla_strlcpy(ifa->ifa_label, tb[IFA_LABEL], IFNAMSIZ);
766 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
768 if (tb[IFA_CACHEINFO]) {
769 struct ifa_cacheinfo *ci;
771 ci = nla_data(tb[IFA_CACHEINFO]);
772 if (!ci->ifa_valid || ci->ifa_prefered > ci->ifa_valid) {
776 *pvalid_lft = ci->ifa_valid;
777 *pprefered_lft = ci->ifa_prefered;
786 static struct in_ifaddr *find_matching_ifa(struct in_ifaddr *ifa)
788 struct in_device *in_dev = ifa->ifa_dev;
789 struct in_ifaddr *ifa1, **ifap;
794 for (ifap = &in_dev->ifa_list; (ifa1 = *ifap) != NULL;
795 ifap = &ifa1->ifa_next) {
796 if (ifa1->ifa_mask == ifa->ifa_mask &&
797 inet_ifa_match(ifa1->ifa_address, ifa) &&
798 ifa1->ifa_local == ifa->ifa_local)
804 static int inet_rtm_newaddr(struct sk_buff *skb, struct nlmsghdr *nlh)
806 struct net *net = sock_net(skb->sk);
807 struct in_ifaddr *ifa;
808 struct in_ifaddr *ifa_existing;
809 __u32 valid_lft = INFINITY_LIFE_TIME;
810 __u32 prefered_lft = INFINITY_LIFE_TIME;
814 ifa = rtm_to_ifaddr(net, nlh, &valid_lft, &prefered_lft);
818 ifa_existing = find_matching_ifa(ifa);
820 /* It would be best to check for !NLM_F_CREATE here but
821 * userspace alreay relies on not having to provide this.
823 set_ifa_lifetime(ifa, valid_lft, prefered_lft);
824 return __inet_insert_ifa(ifa, nlh, NETLINK_CB(skb).portid);
828 if (nlh->nlmsg_flags & NLM_F_EXCL ||
829 !(nlh->nlmsg_flags & NLM_F_REPLACE))
832 set_ifa_lifetime(ifa, valid_lft, prefered_lft);
833 cancel_delayed_work(&check_lifetime_work);
834 schedule_delayed_work(&check_lifetime_work, 0);
835 rtmsg_ifa(RTM_NEWADDR, ifa, nlh, NETLINK_CB(skb).portid);
836 blocking_notifier_call_chain(&inetaddr_chain, NETDEV_UP, ifa);
842 * Determine a default network mask, based on the IP address.
845 static int inet_abc_len(__be32 addr)
847 int rc = -1; /* Something else, probably a multicast. */
849 if (ipv4_is_zeronet(addr))
852 __u32 haddr = ntohl(addr);
854 if (IN_CLASSA(haddr))
856 else if (IN_CLASSB(haddr))
858 else if (IN_CLASSC(haddr))
866 int devinet_ioctl(struct net *net, unsigned int cmd, void __user *arg)
869 struct sockaddr_in sin_orig;
870 struct sockaddr_in *sin = (struct sockaddr_in *)&ifr.ifr_addr;
871 struct in_device *in_dev;
872 struct in_ifaddr **ifap = NULL;
873 struct in_ifaddr *ifa = NULL;
874 struct net_device *dev;
877 int tryaddrmatch = 0;
880 * Fetch the caller's info block into kernel space
883 if (copy_from_user(&ifr, arg, sizeof(struct ifreq)))
885 ifr.ifr_name[IFNAMSIZ - 1] = 0;
887 /* save original address for comparison */
888 memcpy(&sin_orig, sin, sizeof(*sin));
890 colon = strchr(ifr.ifr_name, ':');
894 dev_load(net, ifr.ifr_name);
897 case SIOCGIFADDR: /* Get interface address */
898 case SIOCGIFBRDADDR: /* Get the broadcast address */
899 case SIOCGIFDSTADDR: /* Get the destination address */
900 case SIOCGIFNETMASK: /* Get the netmask for the interface */
901 /* Note that these ioctls will not sleep,
902 so that we do not impose a lock.
903 One day we will be forced to put shlock here (I mean SMP)
905 tryaddrmatch = (sin_orig.sin_family == AF_INET);
906 memset(sin, 0, sizeof(*sin));
907 sin->sin_family = AF_INET;
912 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
915 case SIOCSIFADDR: /* Set interface address (and family) */
916 case SIOCSIFBRDADDR: /* Set the broadcast address */
917 case SIOCSIFDSTADDR: /* Set the destination address */
918 case SIOCSIFNETMASK: /* Set the netmask for the interface */
920 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
923 if (sin->sin_family != AF_INET)
934 dev = __dev_get_by_name(net, ifr.ifr_name);
941 in_dev = __in_dev_get_rtnl(dev);
944 /* Matthias Andree */
945 /* compare label and address (4.4BSD style) */
946 /* note: we only do this for a limited set of ioctls
947 and only if the original address family was AF_INET.
948 This is checked above. */
949 for (ifap = &in_dev->ifa_list; (ifa = *ifap) != NULL;
950 ifap = &ifa->ifa_next) {
951 if (!strcmp(ifr.ifr_name, ifa->ifa_label) &&
952 sin_orig.sin_addr.s_addr ==
958 /* we didn't get a match, maybe the application is
959 4.3BSD-style and passed in junk so we fall back to
960 comparing just the label */
962 for (ifap = &in_dev->ifa_list; (ifa = *ifap) != NULL;
963 ifap = &ifa->ifa_next)
964 if (!strcmp(ifr.ifr_name, ifa->ifa_label))
969 ret = -EADDRNOTAVAIL;
970 if (!ifa && cmd != SIOCSIFADDR && cmd != SIOCSIFFLAGS)
974 case SIOCGIFADDR: /* Get interface address */
975 sin->sin_addr.s_addr = ifa->ifa_local;
978 case SIOCGIFBRDADDR: /* Get the broadcast address */
979 sin->sin_addr.s_addr = ifa->ifa_broadcast;
982 case SIOCGIFDSTADDR: /* Get the destination address */
983 sin->sin_addr.s_addr = ifa->ifa_address;
986 case SIOCGIFNETMASK: /* Get the netmask for the interface */
987 sin->sin_addr.s_addr = ifa->ifa_mask;
992 ret = -EADDRNOTAVAIL;
996 if (!(ifr.ifr_flags & IFF_UP))
997 inet_del_ifa(in_dev, ifap, 1);
1000 ret = dev_change_flags(dev, ifr.ifr_flags);
1003 case SIOCSIFADDR: /* Set interface address (and family) */
1005 if (inet_abc_len(sin->sin_addr.s_addr) < 0)
1010 ifa = inet_alloc_ifa();
1013 INIT_HLIST_NODE(&ifa->hash);
1015 memcpy(ifa->ifa_label, ifr.ifr_name, IFNAMSIZ);
1017 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
1020 if (ifa->ifa_local == sin->sin_addr.s_addr)
1022 inet_del_ifa(in_dev, ifap, 0);
1023 ifa->ifa_broadcast = 0;
1027 ifa->ifa_address = ifa->ifa_local = sin->sin_addr.s_addr;
1029 if (!(dev->flags & IFF_POINTOPOINT)) {
1030 ifa->ifa_prefixlen = inet_abc_len(ifa->ifa_address);
1031 ifa->ifa_mask = inet_make_mask(ifa->ifa_prefixlen);
1032 if ((dev->flags & IFF_BROADCAST) &&
1033 ifa->ifa_prefixlen < 31)
1034 ifa->ifa_broadcast = ifa->ifa_address |
1037 ifa->ifa_prefixlen = 32;
1038 ifa->ifa_mask = inet_make_mask(32);
1040 set_ifa_lifetime(ifa, INFINITY_LIFE_TIME, INFINITY_LIFE_TIME);
1041 ret = inet_set_ifa(dev, ifa);
1044 case SIOCSIFBRDADDR: /* Set the broadcast address */
1046 if (ifa->ifa_broadcast != sin->sin_addr.s_addr) {
1047 inet_del_ifa(in_dev, ifap, 0);
1048 ifa->ifa_broadcast = sin->sin_addr.s_addr;
1049 inet_insert_ifa(ifa);
1053 case SIOCSIFDSTADDR: /* Set the destination address */
1055 if (ifa->ifa_address == sin->sin_addr.s_addr)
1058 if (inet_abc_len(sin->sin_addr.s_addr) < 0)
1061 inet_del_ifa(in_dev, ifap, 0);
1062 ifa->ifa_address = sin->sin_addr.s_addr;
1063 inet_insert_ifa(ifa);
1066 case SIOCSIFNETMASK: /* Set the netmask for the interface */
1069 * The mask we set must be legal.
1072 if (bad_mask(sin->sin_addr.s_addr, 0))
1075 if (ifa->ifa_mask != sin->sin_addr.s_addr) {
1076 __be32 old_mask = ifa->ifa_mask;
1077 inet_del_ifa(in_dev, ifap, 0);
1078 ifa->ifa_mask = sin->sin_addr.s_addr;
1079 ifa->ifa_prefixlen = inet_mask_len(ifa->ifa_mask);
1081 /* See if current broadcast address matches
1082 * with current netmask, then recalculate
1083 * the broadcast address. Otherwise it's a
1084 * funny address, so don't touch it since
1085 * the user seems to know what (s)he's doing...
1087 if ((dev->flags & IFF_BROADCAST) &&
1088 (ifa->ifa_prefixlen < 31) &&
1089 (ifa->ifa_broadcast ==
1090 (ifa->ifa_local|~old_mask))) {
1091 ifa->ifa_broadcast = (ifa->ifa_local |
1092 ~sin->sin_addr.s_addr);
1094 inet_insert_ifa(ifa);
1104 ret = copy_to_user(arg, &ifr, sizeof(struct ifreq)) ? -EFAULT : 0;
1108 static int inet_gifconf(struct net_device *dev, char __user *buf, int len)
1110 struct in_device *in_dev = __in_dev_get_rtnl(dev);
1111 struct in_ifaddr *ifa;
1118 for (ifa = in_dev->ifa_list; ifa; ifa = ifa->ifa_next) {
1120 done += sizeof(ifr);
1123 if (len < (int) sizeof(ifr))
1125 memset(&ifr, 0, sizeof(struct ifreq));
1127 strcpy(ifr.ifr_name, ifa->ifa_label);
1129 strcpy(ifr.ifr_name, dev->name);
1131 (*(struct sockaddr_in *)&ifr.ifr_addr).sin_family = AF_INET;
1132 (*(struct sockaddr_in *)&ifr.ifr_addr).sin_addr.s_addr =
1135 if (copy_to_user(buf, &ifr, sizeof(struct ifreq))) {
1139 buf += sizeof(struct ifreq);
1140 len -= sizeof(struct ifreq);
1141 done += sizeof(struct ifreq);
1147 __be32 inet_select_addr(const struct net_device *dev, __be32 dst, int scope)
1150 struct in_device *in_dev;
1151 struct net *net = dev_net(dev);
1154 in_dev = __in_dev_get_rcu(dev);
1158 for_primary_ifa(in_dev) {
1159 if (ifa->ifa_scope > scope)
1161 if (!dst || inet_ifa_match(dst, ifa)) {
1162 addr = ifa->ifa_local;
1166 addr = ifa->ifa_local;
1167 } endfor_ifa(in_dev);
1173 /* Not loopback addresses on loopback should be preferred
1174 in this case. It is importnat that lo is the first interface
1177 for_each_netdev_rcu(net, dev) {
1178 in_dev = __in_dev_get_rcu(dev);
1182 for_primary_ifa(in_dev) {
1183 if (ifa->ifa_scope != RT_SCOPE_LINK &&
1184 ifa->ifa_scope <= scope) {
1185 addr = ifa->ifa_local;
1188 } endfor_ifa(in_dev);
1194 EXPORT_SYMBOL(inet_select_addr);
1196 static __be32 confirm_addr_indev(struct in_device *in_dev, __be32 dst,
1197 __be32 local, int scope)
1204 (local == ifa->ifa_local || !local) &&
1205 ifa->ifa_scope <= scope) {
1206 addr = ifa->ifa_local;
1211 same = (!local || inet_ifa_match(local, ifa)) &&
1212 (!dst || inet_ifa_match(dst, ifa));
1216 /* Is the selected addr into dst subnet? */
1217 if (inet_ifa_match(addr, ifa))
1219 /* No, then can we use new local src? */
1220 if (ifa->ifa_scope <= scope) {
1221 addr = ifa->ifa_local;
1224 /* search for large dst subnet for addr */
1228 } endfor_ifa(in_dev);
1230 return same ? addr : 0;
1234 * Confirm that local IP address exists using wildcards:
1235 * - in_dev: only on this interface, 0=any interface
1236 * - dst: only in the same subnet as dst, 0=any dst
1237 * - local: address, 0=autoselect the local address
1238 * - scope: maximum allowed scope value for the local address
1240 __be32 inet_confirm_addr(struct in_device *in_dev,
1241 __be32 dst, __be32 local, int scope)
1244 struct net_device *dev;
1247 if (scope != RT_SCOPE_LINK)
1248 return confirm_addr_indev(in_dev, dst, local, scope);
1250 net = dev_net(in_dev->dev);
1252 for_each_netdev_rcu(net, dev) {
1253 in_dev = __in_dev_get_rcu(dev);
1255 addr = confirm_addr_indev(in_dev, dst, local, scope);
1264 EXPORT_SYMBOL(inet_confirm_addr);
1270 int register_inetaddr_notifier(struct notifier_block *nb)
1272 return blocking_notifier_chain_register(&inetaddr_chain, nb);
1274 EXPORT_SYMBOL(register_inetaddr_notifier);
1276 int unregister_inetaddr_notifier(struct notifier_block *nb)
1278 return blocking_notifier_chain_unregister(&inetaddr_chain, nb);
1280 EXPORT_SYMBOL(unregister_inetaddr_notifier);
1282 /* Rename ifa_labels for a device name change. Make some effort to preserve
1283 * existing alias numbering and to create unique labels if possible.
1285 static void inetdev_changename(struct net_device *dev, struct in_device *in_dev)
1287 struct in_ifaddr *ifa;
1290 for (ifa = in_dev->ifa_list; ifa; ifa = ifa->ifa_next) {
1291 char old[IFNAMSIZ], *dot;
1293 memcpy(old, ifa->ifa_label, IFNAMSIZ);
1294 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
1297 dot = strchr(old, ':');
1299 sprintf(old, ":%d", named);
1302 if (strlen(dot) + strlen(dev->name) < IFNAMSIZ)
1303 strcat(ifa->ifa_label, dot);
1305 strcpy(ifa->ifa_label + (IFNAMSIZ - strlen(dot) - 1), dot);
1307 rtmsg_ifa(RTM_NEWADDR, ifa, NULL, 0);
1311 static bool inetdev_valid_mtu(unsigned int mtu)
1316 static void inetdev_send_gratuitous_arp(struct net_device *dev,
1317 struct in_device *in_dev)
1320 struct in_ifaddr *ifa;
1322 for (ifa = in_dev->ifa_list; ifa;
1323 ifa = ifa->ifa_next) {
1324 arp_send(ARPOP_REQUEST, ETH_P_ARP,
1325 ifa->ifa_local, dev,
1326 ifa->ifa_local, NULL,
1327 dev->dev_addr, NULL);
1331 /* Called only under RTNL semaphore */
1333 static int inetdev_event(struct notifier_block *this, unsigned long event,
1336 struct net_device *dev = ptr;
1337 struct in_device *in_dev = __in_dev_get_rtnl(dev);
1342 if (event == NETDEV_REGISTER) {
1343 in_dev = inetdev_init(dev);
1345 return notifier_from_errno(-ENOMEM);
1346 if (dev->flags & IFF_LOOPBACK) {
1347 IN_DEV_CONF_SET(in_dev, NOXFRM, 1);
1348 IN_DEV_CONF_SET(in_dev, NOPOLICY, 1);
1350 } else if (event == NETDEV_CHANGEMTU) {
1351 /* Re-enabling IP */
1352 if (inetdev_valid_mtu(dev->mtu))
1353 in_dev = inetdev_init(dev);
1359 case NETDEV_REGISTER:
1360 pr_debug("%s: bug\n", __func__);
1361 RCU_INIT_POINTER(dev->ip_ptr, NULL);
1364 if (!inetdev_valid_mtu(dev->mtu))
1366 if (dev->flags & IFF_LOOPBACK) {
1367 struct in_ifaddr *ifa = inet_alloc_ifa();
1370 INIT_HLIST_NODE(&ifa->hash);
1372 ifa->ifa_address = htonl(INADDR_LOOPBACK);
1373 ifa->ifa_prefixlen = 8;
1374 ifa->ifa_mask = inet_make_mask(8);
1375 in_dev_hold(in_dev);
1376 ifa->ifa_dev = in_dev;
1377 ifa->ifa_scope = RT_SCOPE_HOST;
1378 memcpy(ifa->ifa_label, dev->name, IFNAMSIZ);
1379 set_ifa_lifetime(ifa, INFINITY_LIFE_TIME,
1380 INFINITY_LIFE_TIME);
1381 inet_insert_ifa(ifa);
1386 case NETDEV_CHANGEADDR:
1387 if (!IN_DEV_ARP_NOTIFY(in_dev))
1390 case NETDEV_NOTIFY_PEERS:
1391 /* Send gratuitous ARP to notify of link change */
1392 inetdev_send_gratuitous_arp(dev, in_dev);
1397 case NETDEV_PRE_TYPE_CHANGE:
1398 ip_mc_unmap(in_dev);
1400 case NETDEV_POST_TYPE_CHANGE:
1401 ip_mc_remap(in_dev);
1403 case NETDEV_CHANGEMTU:
1404 if (inetdev_valid_mtu(dev->mtu))
1406 /* disable IP when MTU is not enough */
1407 case NETDEV_UNREGISTER:
1408 inetdev_destroy(in_dev);
1410 case NETDEV_CHANGENAME:
1411 /* Do not notify about label change, this event is
1412 * not interesting to applications using netlink.
1414 inetdev_changename(dev, in_dev);
1416 devinet_sysctl_unregister(in_dev);
1417 devinet_sysctl_register(in_dev);
1424 static struct notifier_block ip_netdev_notifier = {
1425 .notifier_call = inetdev_event,
1428 static size_t inet_nlmsg_size(void)
1430 return NLMSG_ALIGN(sizeof(struct ifaddrmsg))
1431 + nla_total_size(4) /* IFA_ADDRESS */
1432 + nla_total_size(4) /* IFA_LOCAL */
1433 + nla_total_size(4) /* IFA_BROADCAST */
1434 + nla_total_size(IFNAMSIZ); /* IFA_LABEL */
1437 static inline u32 cstamp_delta(unsigned long cstamp)
1439 return (cstamp - INITIAL_JIFFIES) * 100UL / HZ;
1442 static int put_cacheinfo(struct sk_buff *skb, unsigned long cstamp,
1443 unsigned long tstamp, u32 preferred, u32 valid)
1445 struct ifa_cacheinfo ci;
1447 ci.cstamp = cstamp_delta(cstamp);
1448 ci.tstamp = cstamp_delta(tstamp);
1449 ci.ifa_prefered = preferred;
1450 ci.ifa_valid = valid;
1452 return nla_put(skb, IFA_CACHEINFO, sizeof(ci), &ci);
1455 static int inet_fill_ifaddr(struct sk_buff *skb, struct in_ifaddr *ifa,
1456 u32 portid, u32 seq, int event, unsigned int flags)
1458 struct ifaddrmsg *ifm;
1459 struct nlmsghdr *nlh;
1460 u32 preferred, valid;
1462 nlh = nlmsg_put(skb, portid, seq, event, sizeof(*ifm), flags);
1466 ifm = nlmsg_data(nlh);
1467 ifm->ifa_family = AF_INET;
1468 ifm->ifa_prefixlen = ifa->ifa_prefixlen;
1469 ifm->ifa_flags = ifa->ifa_flags;
1470 ifm->ifa_scope = ifa->ifa_scope;
1471 ifm->ifa_index = ifa->ifa_dev->dev->ifindex;
1473 if (!(ifm->ifa_flags & IFA_F_PERMANENT)) {
1474 preferred = ifa->ifa_preferred_lft;
1475 valid = ifa->ifa_valid_lft;
1476 if (preferred != INFINITY_LIFE_TIME) {
1477 long tval = (jiffies - ifa->ifa_tstamp) / HZ;
1479 if (preferred > tval)
1483 if (valid != INFINITY_LIFE_TIME) {
1491 preferred = INFINITY_LIFE_TIME;
1492 valid = INFINITY_LIFE_TIME;
1494 if ((ifa->ifa_address &&
1495 nla_put_be32(skb, IFA_ADDRESS, ifa->ifa_address)) ||
1497 nla_put_be32(skb, IFA_LOCAL, ifa->ifa_local)) ||
1498 (ifa->ifa_broadcast &&
1499 nla_put_be32(skb, IFA_BROADCAST, ifa->ifa_broadcast)) ||
1500 (ifa->ifa_label[0] &&
1501 nla_put_string(skb, IFA_LABEL, ifa->ifa_label)) ||
1502 put_cacheinfo(skb, ifa->ifa_cstamp, ifa->ifa_tstamp,
1504 goto nla_put_failure;
1506 return nlmsg_end(skb, nlh);
1509 nlmsg_cancel(skb, nlh);
1513 static int inet_dump_ifaddr(struct sk_buff *skb, struct netlink_callback *cb)
1515 struct net *net = sock_net(skb->sk);
1518 int ip_idx, s_ip_idx;
1519 struct net_device *dev;
1520 struct in_device *in_dev;
1521 struct in_ifaddr *ifa;
1522 struct hlist_head *head;
1525 s_idx = idx = cb->args[1];
1526 s_ip_idx = ip_idx = cb->args[2];
1528 for (h = s_h; h < NETDEV_HASHENTRIES; h++, s_idx = 0) {
1530 head = &net->dev_index_head[h];
1532 cb->seq = atomic_read(&net->ipv4.dev_addr_genid) ^
1534 hlist_for_each_entry_rcu(dev, head, index_hlist) {
1537 if (h > s_h || idx > s_idx)
1539 in_dev = __in_dev_get_rcu(dev);
1543 for (ifa = in_dev->ifa_list, ip_idx = 0; ifa;
1544 ifa = ifa->ifa_next, ip_idx++) {
1545 if (ip_idx < s_ip_idx)
1547 if (inet_fill_ifaddr(skb, ifa,
1548 NETLINK_CB(cb->skb).portid,
1550 RTM_NEWADDR, NLM_F_MULTI) <= 0) {
1554 nl_dump_check_consistent(cb, nlmsg_hdr(skb));
1565 cb->args[2] = ip_idx;
1570 static void rtmsg_ifa(int event, struct in_ifaddr *ifa, struct nlmsghdr *nlh,
1573 struct sk_buff *skb;
1574 u32 seq = nlh ? nlh->nlmsg_seq : 0;
1578 net = dev_net(ifa->ifa_dev->dev);
1579 skb = nlmsg_new(inet_nlmsg_size(), GFP_KERNEL);
1583 err = inet_fill_ifaddr(skb, ifa, portid, seq, event, 0);
1585 /* -EMSGSIZE implies BUG in inet_nlmsg_size() */
1586 WARN_ON(err == -EMSGSIZE);
1590 rtnl_notify(skb, net, portid, RTNLGRP_IPV4_IFADDR, nlh, GFP_KERNEL);
1594 rtnl_set_sk_err(net, RTNLGRP_IPV4_IFADDR, err);
1597 static size_t inet_get_link_af_size(const struct net_device *dev)
1599 struct in_device *in_dev = rcu_dereference_rtnl(dev->ip_ptr);
1604 return nla_total_size(IPV4_DEVCONF_MAX * 4); /* IFLA_INET_CONF */
1607 static int inet_fill_link_af(struct sk_buff *skb, const struct net_device *dev)
1609 struct in_device *in_dev = rcu_dereference_rtnl(dev->ip_ptr);
1616 nla = nla_reserve(skb, IFLA_INET_CONF, IPV4_DEVCONF_MAX * 4);
1620 for (i = 0; i < IPV4_DEVCONF_MAX; i++)
1621 ((u32 *) nla_data(nla))[i] = in_dev->cnf.data[i];
1626 static const struct nla_policy inet_af_policy[IFLA_INET_MAX+1] = {
1627 [IFLA_INET_CONF] = { .type = NLA_NESTED },
1630 static int inet_validate_link_af(const struct net_device *dev,
1631 const struct nlattr *nla)
1633 struct nlattr *a, *tb[IFLA_INET_MAX+1];
1636 if (dev && !__in_dev_get_rtnl(dev))
1637 return -EAFNOSUPPORT;
1639 err = nla_parse_nested(tb, IFLA_INET_MAX, nla, inet_af_policy);
1643 if (tb[IFLA_INET_CONF]) {
1644 nla_for_each_nested(a, tb[IFLA_INET_CONF], rem) {
1645 int cfgid = nla_type(a);
1650 if (cfgid <= 0 || cfgid > IPV4_DEVCONF_MAX)
1658 static int inet_set_link_af(struct net_device *dev, const struct nlattr *nla)
1660 struct in_device *in_dev = __in_dev_get_rtnl(dev);
1661 struct nlattr *a, *tb[IFLA_INET_MAX+1];
1665 return -EAFNOSUPPORT;
1667 if (nla_parse_nested(tb, IFLA_INET_MAX, nla, NULL) < 0)
1670 if (tb[IFLA_INET_CONF]) {
1671 nla_for_each_nested(a, tb[IFLA_INET_CONF], rem)
1672 ipv4_devconf_set(in_dev, nla_type(a), nla_get_u32(a));
1678 static int inet_netconf_msgsize_devconf(int type)
1680 int size = NLMSG_ALIGN(sizeof(struct netconfmsg))
1681 + nla_total_size(4); /* NETCONFA_IFINDEX */
1683 /* type -1 is used for ALL */
1684 if (type == -1 || type == NETCONFA_FORWARDING)
1685 size += nla_total_size(4);
1686 if (type == -1 || type == NETCONFA_RP_FILTER)
1687 size += nla_total_size(4);
1688 if (type == -1 || type == NETCONFA_MC_FORWARDING)
1689 size += nla_total_size(4);
1694 static int inet_netconf_fill_devconf(struct sk_buff *skb, int ifindex,
1695 struct ipv4_devconf *devconf, u32 portid,
1696 u32 seq, int event, unsigned int flags,
1699 struct nlmsghdr *nlh;
1700 struct netconfmsg *ncm;
1702 nlh = nlmsg_put(skb, portid, seq, event, sizeof(struct netconfmsg),
1707 ncm = nlmsg_data(nlh);
1708 ncm->ncm_family = AF_INET;
1710 if (nla_put_s32(skb, NETCONFA_IFINDEX, ifindex) < 0)
1711 goto nla_put_failure;
1713 /* type -1 is used for ALL */
1714 if ((type == -1 || type == NETCONFA_FORWARDING) &&
1715 nla_put_s32(skb, NETCONFA_FORWARDING,
1716 IPV4_DEVCONF(*devconf, FORWARDING)) < 0)
1717 goto nla_put_failure;
1718 if ((type == -1 || type == NETCONFA_RP_FILTER) &&
1719 nla_put_s32(skb, NETCONFA_RP_FILTER,
1720 IPV4_DEVCONF(*devconf, RP_FILTER)) < 0)
1721 goto nla_put_failure;
1722 if ((type == -1 || type == NETCONFA_MC_FORWARDING) &&
1723 nla_put_s32(skb, NETCONFA_MC_FORWARDING,
1724 IPV4_DEVCONF(*devconf, MC_FORWARDING)) < 0)
1725 goto nla_put_failure;
1727 return nlmsg_end(skb, nlh);
1730 nlmsg_cancel(skb, nlh);
1734 void inet_netconf_notify_devconf(struct net *net, int type, int ifindex,
1735 struct ipv4_devconf *devconf)
1737 struct sk_buff *skb;
1740 skb = nlmsg_new(inet_netconf_msgsize_devconf(type), GFP_ATOMIC);
1744 err = inet_netconf_fill_devconf(skb, ifindex, devconf, 0, 0,
1745 RTM_NEWNETCONF, 0, type);
1747 /* -EMSGSIZE implies BUG in inet_netconf_msgsize_devconf() */
1748 WARN_ON(err == -EMSGSIZE);
1752 rtnl_notify(skb, net, 0, RTNLGRP_IPV4_NETCONF, NULL, GFP_ATOMIC);
1756 rtnl_set_sk_err(net, RTNLGRP_IPV4_NETCONF, err);
1759 static const struct nla_policy devconf_ipv4_policy[NETCONFA_MAX+1] = {
1760 [NETCONFA_IFINDEX] = { .len = sizeof(int) },
1761 [NETCONFA_FORWARDING] = { .len = sizeof(int) },
1762 [NETCONFA_RP_FILTER] = { .len = sizeof(int) },
1765 static int inet_netconf_get_devconf(struct sk_buff *in_skb,
1766 struct nlmsghdr *nlh)
1768 struct net *net = sock_net(in_skb->sk);
1769 struct nlattr *tb[NETCONFA_MAX+1];
1770 struct netconfmsg *ncm;
1771 struct sk_buff *skb;
1772 struct ipv4_devconf *devconf;
1773 struct in_device *in_dev;
1774 struct net_device *dev;
1778 err = nlmsg_parse(nlh, sizeof(*ncm), tb, NETCONFA_MAX,
1779 devconf_ipv4_policy);
1784 if (!tb[NETCONFA_IFINDEX])
1787 ifindex = nla_get_s32(tb[NETCONFA_IFINDEX]);
1789 case NETCONFA_IFINDEX_ALL:
1790 devconf = net->ipv4.devconf_all;
1792 case NETCONFA_IFINDEX_DEFAULT:
1793 devconf = net->ipv4.devconf_dflt;
1796 dev = __dev_get_by_index(net, ifindex);
1799 in_dev = __in_dev_get_rtnl(dev);
1802 devconf = &in_dev->cnf;
1807 skb = nlmsg_new(inet_netconf_msgsize_devconf(-1), GFP_ATOMIC);
1811 err = inet_netconf_fill_devconf(skb, ifindex, devconf,
1812 NETLINK_CB(in_skb).portid,
1813 nlh->nlmsg_seq, RTM_NEWNETCONF, 0,
1816 /* -EMSGSIZE implies BUG in inet_netconf_msgsize_devconf() */
1817 WARN_ON(err == -EMSGSIZE);
1821 err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).portid);
1826 static int inet_netconf_dump_devconf(struct sk_buff *skb,
1827 struct netlink_callback *cb)
1829 struct net *net = sock_net(skb->sk);
1832 struct net_device *dev;
1833 struct in_device *in_dev;
1834 struct hlist_head *head;
1837 s_idx = idx = cb->args[1];
1839 for (h = s_h; h < NETDEV_HASHENTRIES; h++, s_idx = 0) {
1841 head = &net->dev_index_head[h];
1843 cb->seq = atomic_read(&net->ipv4.dev_addr_genid) ^
1845 hlist_for_each_entry_rcu(dev, head, index_hlist) {
1848 in_dev = __in_dev_get_rcu(dev);
1852 if (inet_netconf_fill_devconf(skb, dev->ifindex,
1854 NETLINK_CB(cb->skb).portid,
1862 nl_dump_check_consistent(cb, nlmsg_hdr(skb));
1868 if (h == NETDEV_HASHENTRIES) {
1869 if (inet_netconf_fill_devconf(skb, NETCONFA_IFINDEX_ALL,
1870 net->ipv4.devconf_all,
1871 NETLINK_CB(cb->skb).portid,
1873 RTM_NEWNETCONF, NLM_F_MULTI,
1879 if (h == NETDEV_HASHENTRIES + 1) {
1880 if (inet_netconf_fill_devconf(skb, NETCONFA_IFINDEX_DEFAULT,
1881 net->ipv4.devconf_dflt,
1882 NETLINK_CB(cb->skb).portid,
1884 RTM_NEWNETCONF, NLM_F_MULTI,
1897 #ifdef CONFIG_SYSCTL
1899 static void devinet_copy_dflt_conf(struct net *net, int i)
1901 struct net_device *dev;
1904 for_each_netdev_rcu(net, dev) {
1905 struct in_device *in_dev;
1907 in_dev = __in_dev_get_rcu(dev);
1908 if (in_dev && !test_bit(i, in_dev->cnf.state))
1909 in_dev->cnf.data[i] = net->ipv4.devconf_dflt->data[i];
1914 /* called with RTNL locked */
1915 static void inet_forward_change(struct net *net)
1917 struct net_device *dev;
1918 int on = IPV4_DEVCONF_ALL(net, FORWARDING);
1920 IPV4_DEVCONF_ALL(net, ACCEPT_REDIRECTS) = !on;
1921 IPV4_DEVCONF_DFLT(net, FORWARDING) = on;
1922 inet_netconf_notify_devconf(net, NETCONFA_FORWARDING,
1923 NETCONFA_IFINDEX_ALL,
1924 net->ipv4.devconf_all);
1925 inet_netconf_notify_devconf(net, NETCONFA_FORWARDING,
1926 NETCONFA_IFINDEX_DEFAULT,
1927 net->ipv4.devconf_dflt);
1929 for_each_netdev(net, dev) {
1930 struct in_device *in_dev;
1932 dev_disable_lro(dev);
1934 in_dev = __in_dev_get_rcu(dev);
1936 IN_DEV_CONF_SET(in_dev, FORWARDING, on);
1937 inet_netconf_notify_devconf(net, NETCONFA_FORWARDING,
1938 dev->ifindex, &in_dev->cnf);
1944 static int devinet_conf_proc(ctl_table *ctl, int write,
1945 void __user *buffer,
1946 size_t *lenp, loff_t *ppos)
1948 int old_value = *(int *)ctl->data;
1949 int ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
1950 int new_value = *(int *)ctl->data;
1953 struct ipv4_devconf *cnf = ctl->extra1;
1954 struct net *net = ctl->extra2;
1955 int i = (int *)ctl->data - cnf->data;
1957 set_bit(i, cnf->state);
1959 if (cnf == net->ipv4.devconf_dflt)
1960 devinet_copy_dflt_conf(net, i);
1961 if (i == IPV4_DEVCONF_ACCEPT_LOCAL - 1 ||
1962 i == IPV4_DEVCONF_ROUTE_LOCALNET - 1)
1963 if ((new_value == 0) && (old_value != 0))
1964 rt_cache_flush(net);
1965 if (i == IPV4_DEVCONF_RP_FILTER - 1 &&
1966 new_value != old_value) {
1969 if (cnf == net->ipv4.devconf_dflt)
1970 ifindex = NETCONFA_IFINDEX_DEFAULT;
1971 else if (cnf == net->ipv4.devconf_all)
1972 ifindex = NETCONFA_IFINDEX_ALL;
1974 struct in_device *idev =
1975 container_of(cnf, struct in_device,
1977 ifindex = idev->dev->ifindex;
1979 inet_netconf_notify_devconf(net, NETCONFA_RP_FILTER,
1987 static int devinet_sysctl_forward(ctl_table *ctl, int write,
1988 void __user *buffer,
1989 size_t *lenp, loff_t *ppos)
1991 int *valp = ctl->data;
1994 int ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
1996 if (write && *valp != val) {
1997 struct net *net = ctl->extra2;
1999 if (valp != &IPV4_DEVCONF_DFLT(net, FORWARDING)) {
2000 if (!rtnl_trylock()) {
2001 /* Restore the original values before restarting */
2004 return restart_syscall();
2006 if (valp == &IPV4_DEVCONF_ALL(net, FORWARDING)) {
2007 inet_forward_change(net);
2009 struct ipv4_devconf *cnf = ctl->extra1;
2010 struct in_device *idev =
2011 container_of(cnf, struct in_device, cnf);
2013 dev_disable_lro(idev->dev);
2014 inet_netconf_notify_devconf(net,
2015 NETCONFA_FORWARDING,
2020 rt_cache_flush(net);
2022 inet_netconf_notify_devconf(net, NETCONFA_FORWARDING,
2023 NETCONFA_IFINDEX_DEFAULT,
2024 net->ipv4.devconf_dflt);
2030 static int ipv4_doint_and_flush(ctl_table *ctl, int write,
2031 void __user *buffer,
2032 size_t *lenp, loff_t *ppos)
2034 int *valp = ctl->data;
2036 int ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
2037 struct net *net = ctl->extra2;
2039 if (write && *valp != val)
2040 rt_cache_flush(net);
2045 #define DEVINET_SYSCTL_ENTRY(attr, name, mval, proc) \
2048 .data = ipv4_devconf.data + \
2049 IPV4_DEVCONF_ ## attr - 1, \
2050 .maxlen = sizeof(int), \
2052 .proc_handler = proc, \
2053 .extra1 = &ipv4_devconf, \
2056 #define DEVINET_SYSCTL_RW_ENTRY(attr, name) \
2057 DEVINET_SYSCTL_ENTRY(attr, name, 0644, devinet_conf_proc)
2059 #define DEVINET_SYSCTL_RO_ENTRY(attr, name) \
2060 DEVINET_SYSCTL_ENTRY(attr, name, 0444, devinet_conf_proc)
2062 #define DEVINET_SYSCTL_COMPLEX_ENTRY(attr, name, proc) \
2063 DEVINET_SYSCTL_ENTRY(attr, name, 0644, proc)
2065 #define DEVINET_SYSCTL_FLUSHING_ENTRY(attr, name) \
2066 DEVINET_SYSCTL_COMPLEX_ENTRY(attr, name, ipv4_doint_and_flush)
2068 static struct devinet_sysctl_table {
2069 struct ctl_table_header *sysctl_header;
2070 struct ctl_table devinet_vars[__IPV4_DEVCONF_MAX];
2071 } devinet_sysctl = {
2073 DEVINET_SYSCTL_COMPLEX_ENTRY(FORWARDING, "forwarding",
2074 devinet_sysctl_forward),
2075 DEVINET_SYSCTL_RO_ENTRY(MC_FORWARDING, "mc_forwarding"),
2077 DEVINET_SYSCTL_RW_ENTRY(ACCEPT_REDIRECTS, "accept_redirects"),
2078 DEVINET_SYSCTL_RW_ENTRY(SECURE_REDIRECTS, "secure_redirects"),
2079 DEVINET_SYSCTL_RW_ENTRY(SHARED_MEDIA, "shared_media"),
2080 DEVINET_SYSCTL_RW_ENTRY(RP_FILTER, "rp_filter"),
2081 DEVINET_SYSCTL_RW_ENTRY(SEND_REDIRECTS, "send_redirects"),
2082 DEVINET_SYSCTL_RW_ENTRY(ACCEPT_SOURCE_ROUTE,
2083 "accept_source_route"),
2084 DEVINET_SYSCTL_RW_ENTRY(ACCEPT_LOCAL, "accept_local"),
2085 DEVINET_SYSCTL_RW_ENTRY(SRC_VMARK, "src_valid_mark"),
2086 DEVINET_SYSCTL_RW_ENTRY(PROXY_ARP, "proxy_arp"),
2087 DEVINET_SYSCTL_RW_ENTRY(MEDIUM_ID, "medium_id"),
2088 DEVINET_SYSCTL_RW_ENTRY(BOOTP_RELAY, "bootp_relay"),
2089 DEVINET_SYSCTL_RW_ENTRY(LOG_MARTIANS, "log_martians"),
2090 DEVINET_SYSCTL_RW_ENTRY(TAG, "tag"),
2091 DEVINET_SYSCTL_RW_ENTRY(ARPFILTER, "arp_filter"),
2092 DEVINET_SYSCTL_RW_ENTRY(ARP_ANNOUNCE, "arp_announce"),
2093 DEVINET_SYSCTL_RW_ENTRY(ARP_IGNORE, "arp_ignore"),
2094 DEVINET_SYSCTL_RW_ENTRY(ARP_ACCEPT, "arp_accept"),
2095 DEVINET_SYSCTL_RW_ENTRY(ARP_NOTIFY, "arp_notify"),
2096 DEVINET_SYSCTL_RW_ENTRY(PROXY_ARP_PVLAN, "proxy_arp_pvlan"),
2098 DEVINET_SYSCTL_FLUSHING_ENTRY(NOXFRM, "disable_xfrm"),
2099 DEVINET_SYSCTL_FLUSHING_ENTRY(NOPOLICY, "disable_policy"),
2100 DEVINET_SYSCTL_FLUSHING_ENTRY(FORCE_IGMP_VERSION,
2101 "force_igmp_version"),
2102 DEVINET_SYSCTL_FLUSHING_ENTRY(PROMOTE_SECONDARIES,
2103 "promote_secondaries"),
2104 DEVINET_SYSCTL_FLUSHING_ENTRY(ROUTE_LOCALNET,
2109 static int __devinet_sysctl_register(struct net *net, char *dev_name,
2110 struct ipv4_devconf *p)
2113 struct devinet_sysctl_table *t;
2114 char path[sizeof("net/ipv4/conf/") + IFNAMSIZ];
2116 t = kmemdup(&devinet_sysctl, sizeof(*t), GFP_KERNEL);
2120 for (i = 0; i < ARRAY_SIZE(t->devinet_vars) - 1; i++) {
2121 t->devinet_vars[i].data += (char *)p - (char *)&ipv4_devconf;
2122 t->devinet_vars[i].extra1 = p;
2123 t->devinet_vars[i].extra2 = net;
2126 snprintf(path, sizeof(path), "net/ipv4/conf/%s", dev_name);
2128 t->sysctl_header = register_net_sysctl(net, path, t->devinet_vars);
2129 if (!t->sysctl_header)
2141 static void __devinet_sysctl_unregister(struct ipv4_devconf *cnf)
2143 struct devinet_sysctl_table *t = cnf->sysctl;
2149 unregister_net_sysctl_table(t->sysctl_header);
2153 static void devinet_sysctl_register(struct in_device *idev)
2155 neigh_sysctl_register(idev->dev, idev->arp_parms, "ipv4", NULL);
2156 __devinet_sysctl_register(dev_net(idev->dev), idev->dev->name,
2160 static void devinet_sysctl_unregister(struct in_device *idev)
2162 __devinet_sysctl_unregister(&idev->cnf);
2163 neigh_sysctl_unregister(idev->arp_parms);
2166 static struct ctl_table ctl_forward_entry[] = {
2168 .procname = "ip_forward",
2169 .data = &ipv4_devconf.data[
2170 IPV4_DEVCONF_FORWARDING - 1],
2171 .maxlen = sizeof(int),
2173 .proc_handler = devinet_sysctl_forward,
2174 .extra1 = &ipv4_devconf,
2175 .extra2 = &init_net,
2181 static __net_init int devinet_init_net(struct net *net)
2184 struct ipv4_devconf *all, *dflt;
2185 #ifdef CONFIG_SYSCTL
2186 struct ctl_table *tbl = ctl_forward_entry;
2187 struct ctl_table_header *forw_hdr;
2191 all = &ipv4_devconf;
2192 dflt = &ipv4_devconf_dflt;
2194 if (!net_eq(net, &init_net)) {
2195 all = kmemdup(all, sizeof(ipv4_devconf), GFP_KERNEL);
2199 dflt = kmemdup(dflt, sizeof(ipv4_devconf_dflt), GFP_KERNEL);
2201 goto err_alloc_dflt;
2203 #ifdef CONFIG_SYSCTL
2204 tbl = kmemdup(tbl, sizeof(ctl_forward_entry), GFP_KERNEL);
2208 tbl[0].data = &all->data[IPV4_DEVCONF_FORWARDING - 1];
2209 tbl[0].extra1 = all;
2210 tbl[0].extra2 = net;
2214 #ifdef CONFIG_SYSCTL
2215 err = __devinet_sysctl_register(net, "all", all);
2219 err = __devinet_sysctl_register(net, "default", dflt);
2224 forw_hdr = register_net_sysctl(net, "net/ipv4", tbl);
2225 if (forw_hdr == NULL)
2227 net->ipv4.forw_hdr = forw_hdr;
2230 net->ipv4.devconf_all = all;
2231 net->ipv4.devconf_dflt = dflt;
2234 #ifdef CONFIG_SYSCTL
2236 __devinet_sysctl_unregister(dflt);
2238 __devinet_sysctl_unregister(all);
2240 if (tbl != ctl_forward_entry)
2244 if (dflt != &ipv4_devconf_dflt)
2247 if (all != &ipv4_devconf)
2253 static __net_exit void devinet_exit_net(struct net *net)
2255 #ifdef CONFIG_SYSCTL
2256 struct ctl_table *tbl;
2258 tbl = net->ipv4.forw_hdr->ctl_table_arg;
2259 unregister_net_sysctl_table(net->ipv4.forw_hdr);
2260 __devinet_sysctl_unregister(net->ipv4.devconf_dflt);
2261 __devinet_sysctl_unregister(net->ipv4.devconf_all);
2264 kfree(net->ipv4.devconf_dflt);
2265 kfree(net->ipv4.devconf_all);
2268 static __net_initdata struct pernet_operations devinet_ops = {
2269 .init = devinet_init_net,
2270 .exit = devinet_exit_net,
2273 static struct rtnl_af_ops inet_af_ops = {
2275 .fill_link_af = inet_fill_link_af,
2276 .get_link_af_size = inet_get_link_af_size,
2277 .validate_link_af = inet_validate_link_af,
2278 .set_link_af = inet_set_link_af,
2281 void __init devinet_init(void)
2285 for (i = 0; i < IN4_ADDR_HSIZE; i++)
2286 INIT_HLIST_HEAD(&inet_addr_lst[i]);
2288 register_pernet_subsys(&devinet_ops);
2290 register_gifconf(PF_INET, inet_gifconf);
2291 register_netdevice_notifier(&ip_netdev_notifier);
2293 schedule_delayed_work(&check_lifetime_work, 0);
2295 rtnl_af_register(&inet_af_ops);
2297 rtnl_register(PF_INET, RTM_NEWADDR, inet_rtm_newaddr, NULL, NULL);
2298 rtnl_register(PF_INET, RTM_DELADDR, inet_rtm_deladdr, NULL, NULL);
2299 rtnl_register(PF_INET, RTM_GETADDR, NULL, inet_dump_ifaddr, NULL);
2300 rtnl_register(PF_INET, RTM_GETNETCONF, inet_netconf_get_devconf,
2301 inet_netconf_dump_devconf, NULL);