1/* 2 * IPv6 Address [auto]configuration 3 * Linux INET6 implementation 4 * 5 * Authors: 6 * Pedro Roque <roque@di.fc.ul.pt> 7 * Alexey Kuznetsov <kuznet@ms2.inr.ac.ru> 8 * 9 * This program is free software; you can redistribute it and/or 10 * modify it under the terms of the GNU General Public License 11 * as published by the Free Software Foundation; either version 12 * 2 of the License, or (at your option) any later version. 13 */ 14 15/* 16 * Changes: 17 * 18 * Janos Farkas : delete timer on ifdown 19 * <chexum@bankinf.banki.hu> 20 * Andi Kleen : kill double kfree on module 21 * unload. 22 * Maciej W. Rozycki : FDDI support 23 * sekiya@USAGI : Don't send too many RS 24 * packets. 25 * yoshfuji@USAGI : Fixed interval between DAD 26 * packets. 27 * YOSHIFUJI Hideaki @USAGI : improved accuracy of 28 * address validation timer. 29 * YOSHIFUJI Hideaki @USAGI : Privacy Extensions (RFC3041) 30 * support. 31 * Yuji SEKIYA @USAGI : Don't assign a same IPv6 32 * address on a same interface. 33 * YOSHIFUJI Hideaki @USAGI : ARCnet support 34 * YOSHIFUJI Hideaki @USAGI : convert /proc/net/if_inet6 to 35 * seq_file. 36 * YOSHIFUJI Hideaki @USAGI : improved source address 37 * selection; consider scope, 38 * status etc. 39 */ 40 41#define pr_fmt(fmt) "IPv6: " fmt 42 43#include <linux/errno.h> 44#include <linux/types.h> 45#include <linux/kernel.h> 46#include <linux/socket.h> 47#include <linux/sockios.h> 48#include <linux/net.h> 49#include <linux/inet.h> 50#include <linux/in6.h> 51#include <linux/netdevice.h> 52#include <linux/if_addr.h> 53#include <linux/if_arp.h> 54#include <linux/if_arcnet.h> 55#include <linux/if_infiniband.h> 56#include <linux/route.h> 57#include <linux/inetdevice.h> 58#include <linux/init.h> 59#include <linux/slab.h> 60#ifdef CONFIG_SYSCTL 61#include <linux/sysctl.h> 62#endif 63#include <linux/capability.h> 64#include <linux/delay.h> 65#include <linux/notifier.h> 66#include <linux/string.h> 67#include <linux/hash.h> 68 69#include <net/net_namespace.h> 70#include <net/sock.h> 71#include <net/snmp.h> 72 73#include <net/af_ieee802154.h> 74#include <net/firewire.h> 75#include <net/ipv6.h> 76#include <net/protocol.h> 77#include <net/ndisc.h> 78#include <net/ip6_route.h> 79#include <net/addrconf.h> 80#include <net/tcp.h> 81#include <net/ip.h> 82#include <net/netlink.h> 83#include <net/pkt_sched.h> 84#include <net/l3mdev.h> 85#include <linux/if_tunnel.h> 86#include <linux/rtnetlink.h> 87#include <linux/netconf.h> 88#include <linux/random.h> 89#include <linux/uaccess.h> 90#include <asm/unaligned.h> 91 92#include <linux/proc_fs.h> 93#include <linux/seq_file.h> 94#include <linux/export.h> 95 96/* Set to 3 to get tracing... */ 97#define ACONF_DEBUG 2 98 99#if ACONF_DEBUG >= 3 100#define ADBG(fmt, ...) printk(fmt, ##__VA_ARGS__) 101#else 102#define ADBG(fmt, ...) do { if (0) printk(fmt, ##__VA_ARGS__); } while (0) 103#endif 104 105#define INFINITY_LIFE_TIME 0xFFFFFFFF 106 107#define IPV6_MAX_STRLEN \ 108 sizeof("ffff:ffff:ffff:ffff:ffff:ffff:255.255.255.255") 109 110static inline u32 cstamp_delta(unsigned long cstamp) 111{ 112 return (cstamp - INITIAL_JIFFIES) * 100UL / HZ; 113} 114 115#ifdef CONFIG_SYSCTL 116static int addrconf_sysctl_register(struct inet6_dev *idev); 117static void addrconf_sysctl_unregister(struct inet6_dev *idev); 118#else 119static inline int addrconf_sysctl_register(struct inet6_dev *idev) 120{ 121 return 0; 122} 123 124static inline void addrconf_sysctl_unregister(struct inet6_dev *idev) 125{ 126} 127#endif 128 129static void __ipv6_regen_rndid(struct inet6_dev *idev); 130static void __ipv6_try_regen_rndid(struct inet6_dev *idev, struct in6_addr *tmpaddr); 131static void ipv6_regen_rndid(unsigned long data); 132 133static int ipv6_generate_eui64(u8 *eui, struct net_device *dev); 134static int ipv6_count_addresses(struct inet6_dev *idev); 135static int ipv6_generate_stable_address(struct in6_addr *addr, 136 u8 dad_count, 137 const struct inet6_dev *idev); 138 139/* 140 * Configured unicast address hash table 141 */ 142static struct hlist_head inet6_addr_lst[IN6_ADDR_HSIZE]; 143static DEFINE_SPINLOCK(addrconf_hash_lock); 144 145static void addrconf_verify(void); 146static void addrconf_verify_rtnl(void); 147static void addrconf_verify_work(struct work_struct *); 148 149static struct workqueue_struct *addrconf_wq; 150static DECLARE_DELAYED_WORK(addr_chk_work, addrconf_verify_work); 151 152static void addrconf_join_anycast(struct inet6_ifaddr *ifp); 153static void addrconf_leave_anycast(struct inet6_ifaddr *ifp); 154 155static void addrconf_type_change(struct net_device *dev, 156 unsigned long event); 157static int addrconf_ifdown(struct net_device *dev, int how); 158 159static struct rt6_info *addrconf_get_prefix_route(const struct in6_addr *pfx, 160 int plen, 161 const struct net_device *dev, 162 u32 flags, u32 noflags); 163 164static void addrconf_dad_start(struct inet6_ifaddr *ifp); 165static void addrconf_dad_work(struct work_struct *w); 166static void addrconf_dad_completed(struct inet6_ifaddr *ifp); 167static void addrconf_dad_run(struct inet6_dev *idev); 168static void addrconf_rs_timer(unsigned long data); 169static void __ipv6_ifa_notify(int event, struct inet6_ifaddr *ifa); 170static void ipv6_ifa_notify(int event, struct inet6_ifaddr *ifa); 171 172static void inet6_prefix_notify(int event, struct inet6_dev *idev, 173 struct prefix_info *pinfo); 174static bool ipv6_chk_same_addr(struct net *net, const struct in6_addr *addr, 175 struct net_device *dev); 176 177static struct ipv6_devconf ipv6_devconf __read_mostly = { 178 .forwarding = 0, 179 .hop_limit = IPV6_DEFAULT_HOPLIMIT, 180 .mtu6 = IPV6_MIN_MTU, 181 .accept_ra = 1, 182 .accept_redirects = 1, 183 .autoconf = 1, 184 .force_mld_version = 0, 185 .mldv1_unsolicited_report_interval = 10 * HZ, 186 .mldv2_unsolicited_report_interval = HZ, 187 .dad_transmits = 1, 188 .rtr_solicits = MAX_RTR_SOLICITATIONS, 189 .rtr_solicit_interval = RTR_SOLICITATION_INTERVAL, 190 .rtr_solicit_delay = MAX_RTR_SOLICITATION_DELAY, 191 .use_tempaddr = 0, 192 .temp_valid_lft = TEMP_VALID_LIFETIME, 193 .temp_prefered_lft = TEMP_PREFERRED_LIFETIME, 194 .regen_max_retry = REGEN_MAX_RETRY, 195 .max_desync_factor = MAX_DESYNC_FACTOR, 196 .max_addresses = IPV6_MAX_ADDRESSES, 197 .accept_ra_defrtr = 1, 198 .accept_ra_from_local = 0, 199 .accept_ra_min_hop_limit= 1, 200 .accept_ra_pinfo = 1, 201#ifdef CONFIG_IPV6_ROUTER_PREF 202 .accept_ra_rtr_pref = 1, 203 .rtr_probe_interval = 60 * HZ, 204#ifdef CONFIG_IPV6_ROUTE_INFO 205 .accept_ra_rt_info_max_plen = 0, 206#endif 207#endif 208 .proxy_ndp = 0, 209 .accept_source_route = 0, /* we do not accept RH0 by default. */ 210 .disable_ipv6 = 0, 211 .accept_dad = 1, 212 .suppress_frag_ndisc = 1, 213 .accept_ra_mtu = 1, 214 .stable_secret = { 215 .initialized = false, 216 }, 217 .use_oif_addrs_only = 0, 218 .ignore_routes_with_linkdown = 0, 219}; 220 221static struct ipv6_devconf ipv6_devconf_dflt __read_mostly = { 222 .forwarding = 0, 223 .hop_limit = IPV6_DEFAULT_HOPLIMIT, 224 .mtu6 = IPV6_MIN_MTU, 225 .accept_ra = 1, 226 .accept_redirects = 1, 227 .autoconf = 1, 228 .force_mld_version = 0, 229 .mldv1_unsolicited_report_interval = 10 * HZ, 230 .mldv2_unsolicited_report_interval = HZ, 231 .dad_transmits = 1, 232 .rtr_solicits = MAX_RTR_SOLICITATIONS, 233 .rtr_solicit_interval = RTR_SOLICITATION_INTERVAL, 234 .rtr_solicit_delay = MAX_RTR_SOLICITATION_DELAY, 235 .use_tempaddr = 0, 236 .temp_valid_lft = TEMP_VALID_LIFETIME, 237 .temp_prefered_lft = TEMP_PREFERRED_LIFETIME, 238 .regen_max_retry = REGEN_MAX_RETRY, 239 .max_desync_factor = MAX_DESYNC_FACTOR, 240 .max_addresses = IPV6_MAX_ADDRESSES, 241 .accept_ra_defrtr = 1, 242 .accept_ra_from_local = 0, 243 .accept_ra_min_hop_limit= 1, 244 .accept_ra_pinfo = 1, 245#ifdef CONFIG_IPV6_ROUTER_PREF 246 .accept_ra_rtr_pref = 1, 247 .rtr_probe_interval = 60 * HZ, 248#ifdef CONFIG_IPV6_ROUTE_INFO 249 .accept_ra_rt_info_max_plen = 0, 250#endif 251#endif 252 .proxy_ndp = 0, 253 .accept_source_route = 0, /* we do not accept RH0 by default. */ 254 .disable_ipv6 = 0, 255 .accept_dad = 1, 256 .suppress_frag_ndisc = 1, 257 .accept_ra_mtu = 1, 258 .stable_secret = { 259 .initialized = false, 260 }, 261 .use_oif_addrs_only = 0, 262 .ignore_routes_with_linkdown = 0, 263}; 264 265/* Check if a valid qdisc is available */ 266static inline bool addrconf_qdisc_ok(const struct net_device *dev) 267{ 268 return !qdisc_tx_is_noop(dev); 269} 270 271static void addrconf_del_rs_timer(struct inet6_dev *idev) 272{ 273 if (del_timer(&idev->rs_timer)) 274 __in6_dev_put(idev); 275} 276 277static void addrconf_del_dad_work(struct inet6_ifaddr *ifp) 278{ 279 if (cancel_delayed_work(&ifp->dad_work)) 280 __in6_ifa_put(ifp); 281} 282 283static void addrconf_mod_rs_timer(struct inet6_dev *idev, 284 unsigned long when) 285{ 286 if (!timer_pending(&idev->rs_timer)) 287 in6_dev_hold(idev); 288 mod_timer(&idev->rs_timer, jiffies + when); 289} 290 291static void addrconf_mod_dad_work(struct inet6_ifaddr *ifp, 292 unsigned long delay) 293{ 294 if (!delayed_work_pending(&ifp->dad_work)) 295 in6_ifa_hold(ifp); 296 mod_delayed_work(addrconf_wq, &ifp->dad_work, delay); 297} 298 299static int snmp6_alloc_dev(struct inet6_dev *idev) 300{ 301 int i; 302 303 idev->stats.ipv6 = alloc_percpu(struct ipstats_mib); 304 if (!idev->stats.ipv6) 305 goto err_ip; 306 307 for_each_possible_cpu(i) { 308 struct ipstats_mib *addrconf_stats; 309 addrconf_stats = per_cpu_ptr(idev->stats.ipv6, i); 310 u64_stats_init(&addrconf_stats->syncp); 311 } 312 313 314 idev->stats.icmpv6dev = kzalloc(sizeof(struct icmpv6_mib_device), 315 GFP_KERNEL); 316 if (!idev->stats.icmpv6dev) 317 goto err_icmp; 318 idev->stats.icmpv6msgdev = kzalloc(sizeof(struct icmpv6msg_mib_device), 319 GFP_KERNEL); 320 if (!idev->stats.icmpv6msgdev) 321 goto err_icmpmsg; 322 323 return 0; 324 325err_icmpmsg: 326 kfree(idev->stats.icmpv6dev); 327err_icmp: 328 free_percpu(idev->stats.ipv6); 329err_ip: 330 return -ENOMEM; 331} 332 333static struct inet6_dev *ipv6_add_dev(struct net_device *dev) 334{ 335 struct inet6_dev *ndev; 336 int err = -ENOMEM; 337 338 ASSERT_RTNL(); 339 340 if (dev->mtu < IPV6_MIN_MTU) 341 return ERR_PTR(-EINVAL); 342 343 ndev = kzalloc(sizeof(struct inet6_dev), GFP_KERNEL); 344 if (!ndev) 345 return ERR_PTR(err); 346 347 rwlock_init(&ndev->lock); 348 ndev->dev = dev; 349 INIT_LIST_HEAD(&ndev->addr_list); 350 setup_timer(&ndev->rs_timer, addrconf_rs_timer, 351 (unsigned long)ndev); 352 memcpy(&ndev->cnf, dev_net(dev)->ipv6.devconf_dflt, sizeof(ndev->cnf)); 353 354 if (ndev->cnf.stable_secret.initialized) 355 ndev->addr_gen_mode = IN6_ADDR_GEN_MODE_STABLE_PRIVACY; 356 else 357 ndev->addr_gen_mode = IN6_ADDR_GEN_MODE_EUI64; 358 359 ndev->cnf.mtu6 = dev->mtu; 360 ndev->cnf.sysctl = NULL; 361 ndev->nd_parms = neigh_parms_alloc(dev, &nd_tbl); 362 if (!ndev->nd_parms) { 363 kfree(ndev); 364 return ERR_PTR(err); 365 } 366 if (ndev->cnf.forwarding) 367 dev_disable_lro(dev); 368 /* We refer to the device */ 369 dev_hold(dev); 370 371 if (snmp6_alloc_dev(ndev) < 0) { 372 ADBG(KERN_WARNING 373 "%s: cannot allocate memory for statistics; dev=%s.\n", 374 __func__, dev->name); 375 neigh_parms_release(&nd_tbl, ndev->nd_parms); 376 dev_put(dev); 377 kfree(ndev); 378 return ERR_PTR(err); 379 } 380 381 if (snmp6_register_dev(ndev) < 0) { 382 ADBG(KERN_WARNING 383 "%s: cannot create /proc/net/dev_snmp6/%s\n", 384 __func__, dev->name); 385 goto err_release; 386 } 387 388 /* One reference from device. We must do this before 389 * we invoke __ipv6_regen_rndid(). 390 */ 391 in6_dev_hold(ndev); 392 393 if (dev->flags & (IFF_NOARP | IFF_LOOPBACK)) 394 ndev->cnf.accept_dad = -1; 395 396#if IS_ENABLED(CONFIG_IPV6_SIT) 397 if (dev->type == ARPHRD_SIT && (dev->priv_flags & IFF_ISATAP)) { 398 pr_info("%s: Disabled Multicast RS\n", dev->name); 399 ndev->cnf.rtr_solicits = 0; 400 } 401#endif 402 403 INIT_LIST_HEAD(&ndev->tempaddr_list); 404 setup_timer(&ndev->regen_timer, ipv6_regen_rndid, (unsigned long)ndev); 405 if ((dev->flags&IFF_LOOPBACK) || 406 dev->type == ARPHRD_TUNNEL || 407 dev->type == ARPHRD_TUNNEL6 || 408 dev->type == ARPHRD_SIT || 409 dev->type == ARPHRD_NONE) { 410 ndev->cnf.use_tempaddr = -1; 411 } else { 412 in6_dev_hold(ndev); 413 ipv6_regen_rndid((unsigned long) ndev); 414 } 415 416 ndev->token = in6addr_any; 417 418 if (netif_running(dev) && addrconf_qdisc_ok(dev)) 419 ndev->if_flags |= IF_READY; 420 421 ipv6_mc_init_dev(ndev); 422 ndev->tstamp = jiffies; 423 err = addrconf_sysctl_register(ndev); 424 if (err) { 425 ipv6_mc_destroy_dev(ndev); 426 del_timer(&ndev->regen_timer); 427 snmp6_unregister_dev(ndev); 428 goto err_release; 429 } 430 /* protected by rtnl_lock */ 431 rcu_assign_pointer(dev->ip6_ptr, ndev); 432 433 /* Join interface-local all-node multicast group */ 434 ipv6_dev_mc_inc(dev, &in6addr_interfacelocal_allnodes); 435 436 /* Join all-node multicast group */ 437 ipv6_dev_mc_inc(dev, &in6addr_linklocal_allnodes); 438 439 /* Join all-router multicast group if forwarding is set */ 440 if (ndev->cnf.forwarding && (dev->flags & IFF_MULTICAST)) 441 ipv6_dev_mc_inc(dev, &in6addr_linklocal_allrouters); 442 443 return ndev; 444 445err_release: 446 neigh_parms_release(&nd_tbl, ndev->nd_parms); 447 ndev->dead = 1; 448 in6_dev_finish_destroy(ndev); 449 return ERR_PTR(err); 450} 451 452static struct inet6_dev *ipv6_find_idev(struct net_device *dev) 453{ 454 struct inet6_dev *idev; 455 456 ASSERT_RTNL(); 457 458 idev = __in6_dev_get(dev); 459 if (!idev) { 460 idev = ipv6_add_dev(dev); 461 if (IS_ERR(idev)) 462 return NULL; 463 } 464 465 if (dev->flags&IFF_UP) 466 ipv6_mc_up(idev); 467 return idev; 468} 469 470static int inet6_netconf_msgsize_devconf(int type) 471{ 472 int size = NLMSG_ALIGN(sizeof(struct netconfmsg)) 473 + nla_total_size(4); /* NETCONFA_IFINDEX */ 474 475 /* type -1 is used for ALL */ 476 if (type == -1 || type == NETCONFA_FORWARDING) 477 size += nla_total_size(4); 478#ifdef CONFIG_IPV6_MROUTE 479 if (type == -1 || type == NETCONFA_MC_FORWARDING) 480 size += nla_total_size(4); 481#endif 482 if (type == -1 || type == NETCONFA_PROXY_NEIGH) 483 size += nla_total_size(4); 484 485 if (type == -1 || type == NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN) 486 size += nla_total_size(4); 487 488 return size; 489} 490 491static int inet6_netconf_fill_devconf(struct sk_buff *skb, int ifindex, 492 struct ipv6_devconf *devconf, u32 portid, 493 u32 seq, int event, unsigned int flags, 494 int type) 495{ 496 struct nlmsghdr *nlh; 497 struct netconfmsg *ncm; 498 499 nlh = nlmsg_put(skb, portid, seq, event, sizeof(struct netconfmsg), 500 flags); 501 if (!nlh) 502 return -EMSGSIZE; 503 504 ncm = nlmsg_data(nlh); 505 ncm->ncm_family = AF_INET6; 506 507 if (nla_put_s32(skb, NETCONFA_IFINDEX, ifindex) < 0) 508 goto nla_put_failure; 509 510 /* type -1 is used for ALL */ 511 if ((type == -1 || type == NETCONFA_FORWARDING) && 512 nla_put_s32(skb, NETCONFA_FORWARDING, devconf->forwarding) < 0) 513 goto nla_put_failure; 514#ifdef CONFIG_IPV6_MROUTE 515 if ((type == -1 || type == NETCONFA_MC_FORWARDING) && 516 nla_put_s32(skb, NETCONFA_MC_FORWARDING, 517 devconf->mc_forwarding) < 0) 518 goto nla_put_failure; 519#endif 520 if ((type == -1 || type == NETCONFA_PROXY_NEIGH) && 521 nla_put_s32(skb, NETCONFA_PROXY_NEIGH, devconf->proxy_ndp) < 0) 522 goto nla_put_failure; 523 524 if ((type == -1 || type == NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN) && 525 nla_put_s32(skb, NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN, 526 devconf->ignore_routes_with_linkdown) < 0) 527 goto nla_put_failure; 528 529 nlmsg_end(skb, nlh); 530 return 0; 531 532nla_put_failure: 533 nlmsg_cancel(skb, nlh); 534 return -EMSGSIZE; 535} 536 537void inet6_netconf_notify_devconf(struct net *net, int type, int ifindex, 538 struct ipv6_devconf *devconf) 539{ 540 struct sk_buff *skb; 541 int err = -ENOBUFS; 542 543 skb = nlmsg_new(inet6_netconf_msgsize_devconf(type), GFP_ATOMIC); 544 if (!skb) 545 goto errout; 546 547 err = inet6_netconf_fill_devconf(skb, ifindex, devconf, 0, 0, 548 RTM_NEWNETCONF, 0, type); 549 if (err < 0) { 550 /* -EMSGSIZE implies BUG in inet6_netconf_msgsize_devconf() */ 551 WARN_ON(err == -EMSGSIZE); 552 kfree_skb(skb); 553 goto errout; 554 } 555 rtnl_notify(skb, net, 0, RTNLGRP_IPV6_NETCONF, NULL, GFP_ATOMIC); 556 return; 557errout: 558 rtnl_set_sk_err(net, RTNLGRP_IPV6_NETCONF, err); 559} 560 561static const struct nla_policy devconf_ipv6_policy[NETCONFA_MAX+1] = { 562 [NETCONFA_IFINDEX] = { .len = sizeof(int) }, 563 [NETCONFA_FORWARDING] = { .len = sizeof(int) }, 564 [NETCONFA_PROXY_NEIGH] = { .len = sizeof(int) }, 565 [NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN] = { .len = sizeof(int) }, 566}; 567 568static int inet6_netconf_get_devconf(struct sk_buff *in_skb, 569 struct nlmsghdr *nlh) 570{ 571 struct net *net = sock_net(in_skb->sk); 572 struct nlattr *tb[NETCONFA_MAX+1]; 573 struct netconfmsg *ncm; 574 struct sk_buff *skb; 575 struct ipv6_devconf *devconf; 576 struct inet6_dev *in6_dev; 577 struct net_device *dev; 578 int ifindex; 579 int err; 580 581 err = nlmsg_parse(nlh, sizeof(*ncm), tb, NETCONFA_MAX, 582 devconf_ipv6_policy); 583 if (err < 0) 584 goto errout; 585 586 err = -EINVAL; 587 if (!tb[NETCONFA_IFINDEX]) 588 goto errout; 589 590 ifindex = nla_get_s32(tb[NETCONFA_IFINDEX]); 591 switch (ifindex) { 592 case NETCONFA_IFINDEX_ALL: 593 devconf = net->ipv6.devconf_all; 594 break; 595 case NETCONFA_IFINDEX_DEFAULT: 596 devconf = net->ipv6.devconf_dflt; 597 break; 598 default: 599 dev = __dev_get_by_index(net, ifindex); 600 if (!dev) 601 goto errout; 602 in6_dev = __in6_dev_get(dev); 603 if (!in6_dev) 604 goto errout; 605 devconf = &in6_dev->cnf; 606 break; 607 } 608 609 err = -ENOBUFS; 610 skb = nlmsg_new(inet6_netconf_msgsize_devconf(-1), GFP_ATOMIC); 611 if (!skb) 612 goto errout; 613 614 err = inet6_netconf_fill_devconf(skb, ifindex, devconf, 615 NETLINK_CB(in_skb).portid, 616 nlh->nlmsg_seq, RTM_NEWNETCONF, 0, 617 -1); 618 if (err < 0) { 619 /* -EMSGSIZE implies BUG in inet6_netconf_msgsize_devconf() */ 620 WARN_ON(err == -EMSGSIZE); 621 kfree_skb(skb); 622 goto errout; 623 } 624 err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).portid); 625errout: 626 return err; 627} 628 629static int inet6_netconf_dump_devconf(struct sk_buff *skb, 630 struct netlink_callback *cb) 631{ 632 struct net *net = sock_net(skb->sk); 633 int h, s_h; 634 int idx, s_idx; 635 struct net_device *dev; 636 struct inet6_dev *idev; 637 struct hlist_head *head; 638 639 s_h = cb->args[0]; 640 s_idx = idx = cb->args[1]; 641 642 for (h = s_h; h < NETDEV_HASHENTRIES; h++, s_idx = 0) { 643 idx = 0; 644 head = &net->dev_index_head[h]; 645 rcu_read_lock(); 646 cb->seq = atomic_read(&net->ipv6.dev_addr_genid) ^ 647 net->dev_base_seq; 648 hlist_for_each_entry_rcu(dev, head, index_hlist) { 649 if (idx < s_idx) 650 goto cont; 651 idev = __in6_dev_get(dev); 652 if (!idev) 653 goto cont; 654 655 if (inet6_netconf_fill_devconf(skb, dev->ifindex, 656 &idev->cnf, 657 NETLINK_CB(cb->skb).portid, 658 cb->nlh->nlmsg_seq, 659 RTM_NEWNETCONF, 660 NLM_F_MULTI, 661 -1) < 0) { 662 rcu_read_unlock(); 663 goto done; 664 } 665 nl_dump_check_consistent(cb, nlmsg_hdr(skb)); 666cont: 667 idx++; 668 } 669 rcu_read_unlock(); 670 } 671 if (h == NETDEV_HASHENTRIES) { 672 if (inet6_netconf_fill_devconf(skb, NETCONFA_IFINDEX_ALL, 673 net->ipv6.devconf_all, 674 NETLINK_CB(cb->skb).portid, 675 cb->nlh->nlmsg_seq, 676 RTM_NEWNETCONF, NLM_F_MULTI, 677 -1) < 0) 678 goto done; 679 else 680 h++; 681 } 682 if (h == NETDEV_HASHENTRIES + 1) { 683 if (inet6_netconf_fill_devconf(skb, NETCONFA_IFINDEX_DEFAULT, 684 net->ipv6.devconf_dflt, 685 NETLINK_CB(cb->skb).portid, 686 cb->nlh->nlmsg_seq, 687 RTM_NEWNETCONF, NLM_F_MULTI, 688 -1) < 0) 689 goto done; 690 else 691 h++; 692 } 693done: 694 cb->args[0] = h; 695 cb->args[1] = idx; 696 697 return skb->len; 698} 699 700#ifdef CONFIG_SYSCTL 701static void dev_forward_change(struct inet6_dev *idev) 702{ 703 struct net_device *dev; 704 struct inet6_ifaddr *ifa; 705 706 if (!idev) 707 return; 708 dev = idev->dev; 709 if (idev->cnf.forwarding) 710 dev_disable_lro(dev); 711 if (dev->flags & IFF_MULTICAST) { 712 if (idev->cnf.forwarding) { 713 ipv6_dev_mc_inc(dev, &in6addr_linklocal_allrouters); 714 ipv6_dev_mc_inc(dev, &in6addr_interfacelocal_allrouters); 715 ipv6_dev_mc_inc(dev, &in6addr_sitelocal_allrouters); 716 } else { 717 ipv6_dev_mc_dec(dev, &in6addr_linklocal_allrouters); 718 ipv6_dev_mc_dec(dev, &in6addr_interfacelocal_allrouters); 719 ipv6_dev_mc_dec(dev, &in6addr_sitelocal_allrouters); 720 } 721 } 722 723 list_for_each_entry(ifa, &idev->addr_list, if_list) { 724 if (ifa->flags&IFA_F_TENTATIVE) 725 continue; 726 if (idev->cnf.forwarding) 727 addrconf_join_anycast(ifa); 728 else 729 addrconf_leave_anycast(ifa); 730 } 731 inet6_netconf_notify_devconf(dev_net(dev), NETCONFA_FORWARDING, 732 dev->ifindex, &idev->cnf); 733} 734 735 736static void addrconf_forward_change(struct net *net, __s32 newf) 737{ 738 struct net_device *dev; 739 struct inet6_dev *idev; 740 741 for_each_netdev(net, dev) { 742 idev = __in6_dev_get(dev); 743 if (idev) { 744 int changed = (!idev->cnf.forwarding) ^ (!newf); 745 idev->cnf.forwarding = newf; 746 if (changed) 747 dev_forward_change(idev); 748 } 749 } 750} 751 752static int addrconf_fixup_forwarding(struct ctl_table *table, int *p, int newf) 753{ 754 struct net *net; 755 int old; 756 757 if (!rtnl_trylock()) 758 return restart_syscall(); 759 760 net = (struct net *)table->extra2; 761 old = *p; 762 *p = newf; 763 764 if (p == &net->ipv6.devconf_dflt->forwarding) { 765 if ((!newf) ^ (!old)) 766 inet6_netconf_notify_devconf(net, NETCONFA_FORWARDING, 767 NETCONFA_IFINDEX_DEFAULT, 768 net->ipv6.devconf_dflt); 769 rtnl_unlock(); 770 return 0; 771 } 772 773 if (p == &net->ipv6.devconf_all->forwarding) { 774 net->ipv6.devconf_dflt->forwarding = newf; 775 addrconf_forward_change(net, newf); 776 if ((!newf) ^ (!old)) 777 inet6_netconf_notify_devconf(net, NETCONFA_FORWARDING, 778 NETCONFA_IFINDEX_ALL, 779 net->ipv6.devconf_all); 780 } else if ((!newf) ^ (!old)) 781 dev_forward_change((struct inet6_dev *)table->extra1); 782 rtnl_unlock(); 783 784 if (newf) 785 rt6_purge_dflt_routers(net); 786 return 1; 787} 788 789static void addrconf_linkdown_change(struct net *net, __s32 newf) 790{ 791 struct net_device *dev; 792 struct inet6_dev *idev; 793 794 for_each_netdev(net, dev) { 795 idev = __in6_dev_get(dev); 796 if (idev) { 797 int changed = (!idev->cnf.ignore_routes_with_linkdown) ^ (!newf); 798 799 idev->cnf.ignore_routes_with_linkdown = newf; 800 if (changed) 801 inet6_netconf_notify_devconf(dev_net(dev), 802 NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN, 803 dev->ifindex, 804 &idev->cnf); 805 } 806 } 807} 808 809static int addrconf_fixup_linkdown(struct ctl_table *table, int *p, int newf) 810{ 811 struct net *net; 812 int old; 813 814 if (!rtnl_trylock()) 815 return restart_syscall(); 816 817 net = (struct net *)table->extra2; 818 old = *p; 819 *p = newf; 820 821 if (p == &net->ipv6.devconf_dflt->ignore_routes_with_linkdown) { 822 if ((!newf) ^ (!old)) 823 inet6_netconf_notify_devconf(net, 824 NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN, 825 NETCONFA_IFINDEX_DEFAULT, 826 net->ipv6.devconf_dflt); 827 rtnl_unlock(); 828 return 0; 829 } 830 831 if (p == &net->ipv6.devconf_all->ignore_routes_with_linkdown) { 832 net->ipv6.devconf_dflt->ignore_routes_with_linkdown = newf; 833 addrconf_linkdown_change(net, newf); 834 if ((!newf) ^ (!old)) 835 inet6_netconf_notify_devconf(net, 836 NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN, 837 NETCONFA_IFINDEX_ALL, 838 net->ipv6.devconf_all); 839 } 840 rtnl_unlock(); 841 842 return 1; 843} 844 845#endif 846 847/* Nobody refers to this ifaddr, destroy it */ 848void inet6_ifa_finish_destroy(struct inet6_ifaddr *ifp) 849{ 850 WARN_ON(!hlist_unhashed(&ifp->addr_lst)); 851 852#ifdef NET_REFCNT_DEBUG 853 pr_debug("%s\n", __func__); 854#endif 855 856 in6_dev_put(ifp->idev); 857 858 if (cancel_delayed_work(&ifp->dad_work)) 859 pr_notice("delayed DAD work was pending while freeing ifa=%p\n", 860 ifp); 861 862 if (ifp->state != INET6_IFADDR_STATE_DEAD) { 863 pr_warn("Freeing alive inet6 address %p\n", ifp); 864 return; 865 } 866 ip6_rt_put(ifp->rt); 867 868 kfree_rcu(ifp, rcu); 869} 870 871static void 872ipv6_link_dev_addr(struct inet6_dev *idev, struct inet6_ifaddr *ifp) 873{ 874 struct list_head *p; 875 int ifp_scope = ipv6_addr_src_scope(&ifp->addr); 876 877 /* 878 * Each device address list is sorted in order of scope - 879 * global before linklocal. 880 */ 881 list_for_each(p, &idev->addr_list) { 882 struct inet6_ifaddr *ifa 883 = list_entry(p, struct inet6_ifaddr, if_list); 884 if (ifp_scope >= ipv6_addr_src_scope(&ifa->addr)) 885 break; 886 } 887 888 list_add_tail(&ifp->if_list, p); 889} 890 891static u32 inet6_addr_hash(const struct in6_addr *addr) 892{ 893 return hash_32(ipv6_addr_hash(addr), IN6_ADDR_HSIZE_SHIFT); 894} 895 896/* On success it returns ifp with increased reference count */ 897 898static struct inet6_ifaddr * 899ipv6_add_addr(struct inet6_dev *idev, const struct in6_addr *addr, 900 const struct in6_addr *peer_addr, int pfxlen, 901 int scope, u32 flags, u32 valid_lft, u32 prefered_lft) 902{ 903 struct inet6_ifaddr *ifa = NULL; 904 struct rt6_info *rt; 905 unsigned int hash; 906 int err = 0; 907 int addr_type = ipv6_addr_type(addr); 908 909 if (addr_type == IPV6_ADDR_ANY || 910 addr_type & IPV6_ADDR_MULTICAST || 911 (!(idev->dev->flags & IFF_LOOPBACK) && 912 addr_type & IPV6_ADDR_LOOPBACK)) 913 return ERR_PTR(-EADDRNOTAVAIL); 914 915 rcu_read_lock_bh(); 916 if (idev->dead) { 917 err = -ENODEV; /*XXX*/ 918 goto out2; 919 } 920 921 if (idev->cnf.disable_ipv6) { 922 err = -EACCES; 923 goto out2; 924 } 925 926 spin_lock(&addrconf_hash_lock); 927 928 /* Ignore adding duplicate addresses on an interface */ 929 if (ipv6_chk_same_addr(dev_net(idev->dev), addr, idev->dev)) { 930 ADBG("ipv6_add_addr: already assigned\n"); 931 err = -EEXIST; 932 goto out; 933 } 934 935 ifa = kzalloc(sizeof(struct inet6_ifaddr), GFP_ATOMIC); 936 937 if (!ifa) { 938 ADBG("ipv6_add_addr: malloc failed\n"); 939 err = -ENOBUFS; 940 goto out; 941 } 942 943 rt = addrconf_dst_alloc(idev, addr, false); 944 if (IS_ERR(rt)) { 945 err = PTR_ERR(rt); 946 goto out; 947 } 948 949 neigh_parms_data_state_setall(idev->nd_parms); 950 951 ifa->addr = *addr; 952 if (peer_addr) 953 ifa->peer_addr = *peer_addr; 954 955 spin_lock_init(&ifa->lock); 956 INIT_DELAYED_WORK(&ifa->dad_work, addrconf_dad_work); 957 INIT_HLIST_NODE(&ifa->addr_lst); 958 ifa->scope = scope; 959 ifa->prefix_len = pfxlen; 960 ifa->flags = flags | IFA_F_TENTATIVE; 961 ifa->valid_lft = valid_lft; 962 ifa->prefered_lft = prefered_lft; 963 ifa->cstamp = ifa->tstamp = jiffies; 964 ifa->tokenized = false; 965 966 ifa->rt = rt; 967 968 ifa->idev = idev; 969 in6_dev_hold(idev); 970 /* For caller */ 971 in6_ifa_hold(ifa); 972 973 /* Add to big hash table */ 974 hash = inet6_addr_hash(addr); 975 976 hlist_add_head_rcu(&ifa->addr_lst, &inet6_addr_lst[hash]); 977 spin_unlock(&addrconf_hash_lock); 978 979 write_lock(&idev->lock); 980 /* Add to inet6_dev unicast addr list. */ 981 ipv6_link_dev_addr(idev, ifa); 982 983 if (ifa->flags&IFA_F_TEMPORARY) { 984 list_add(&ifa->tmp_list, &idev->tempaddr_list); 985 in6_ifa_hold(ifa); 986 } 987 988 in6_ifa_hold(ifa); 989 write_unlock(&idev->lock); 990out2: 991 rcu_read_unlock_bh(); 992 993 if (likely(err == 0)) 994 inet6addr_notifier_call_chain(NETDEV_UP, ifa); 995 else { 996 kfree(ifa); 997 ifa = ERR_PTR(err); 998 } 999 1000 return ifa; 1001out: 1002 spin_unlock(&addrconf_hash_lock); 1003 goto out2; 1004} 1005 1006enum cleanup_prefix_rt_t { 1007 CLEANUP_PREFIX_RT_NOP, /* no cleanup action for prefix route */ 1008 CLEANUP_PREFIX_RT_DEL, /* delete the prefix route */ 1009 CLEANUP_PREFIX_RT_EXPIRE, /* update the lifetime of the prefix route */ 1010}; 1011 1012/* 1013 * Check, whether the prefix for ifp would still need a prefix route 1014 * after deleting ifp. The function returns one of the CLEANUP_PREFIX_RT_* 1015 * constants. 1016 * 1017 * 1) we don't purge prefix if address was not permanent. 1018 * prefix is managed by its own lifetime. 1019 * 2) we also don't purge, if the address was IFA_F_NOPREFIXROUTE. 1020 * 3) if there are no addresses, delete prefix. 1021 * 4) if there are still other permanent address(es), 1022 * corresponding prefix is still permanent. 1023 * 5) if there are still other addresses with IFA_F_NOPREFIXROUTE, 1024 * don't purge the prefix, assume user space is managing it. 1025 * 6) otherwise, update prefix lifetime to the 1026 * longest valid lifetime among the corresponding 1027 * addresses on the device. 1028 * Note: subsequent RA will update lifetime. 1029 **/ 1030static enum cleanup_prefix_rt_t 1031check_cleanup_prefix_route(struct inet6_ifaddr *ifp, unsigned long *expires) 1032{ 1033 struct inet6_ifaddr *ifa; 1034 struct inet6_dev *idev = ifp->idev; 1035 unsigned long lifetime; 1036 enum cleanup_prefix_rt_t action = CLEANUP_PREFIX_RT_DEL; 1037 1038 *expires = jiffies; 1039 1040 list_for_each_entry(ifa, &idev->addr_list, if_list) { 1041 if (ifa == ifp) 1042 continue; 1043 if (!ipv6_prefix_equal(&ifa->addr, &ifp->addr, 1044 ifp->prefix_len)) 1045 continue; 1046 if (ifa->flags & (IFA_F_PERMANENT | IFA_F_NOPREFIXROUTE)) 1047 return CLEANUP_PREFIX_RT_NOP; 1048 1049 action = CLEANUP_PREFIX_RT_EXPIRE; 1050 1051 spin_lock(&ifa->lock); 1052 1053 lifetime = addrconf_timeout_fixup(ifa->valid_lft, HZ); 1054 /* 1055 * Note: Because this address is 1056 * not permanent, lifetime < 1057 * LONG_MAX / HZ here. 1058 */ 1059 if (time_before(*expires, ifa->tstamp + lifetime * HZ)) 1060 *expires = ifa->tstamp + lifetime * HZ; 1061 spin_unlock(&ifa->lock); 1062 } 1063 1064 return action; 1065} 1066 1067static void 1068cleanup_prefix_route(struct inet6_ifaddr *ifp, unsigned long expires, bool del_rt) 1069{ 1070 struct rt6_info *rt; 1071 1072 rt = addrconf_get_prefix_route(&ifp->addr, 1073 ifp->prefix_len, 1074 ifp->idev->dev, 1075 0, RTF_GATEWAY | RTF_DEFAULT); 1076 if (rt) { 1077 if (del_rt) 1078 ip6_del_rt(rt); 1079 else { 1080 if (!(rt->rt6i_flags & RTF_EXPIRES)) 1081 rt6_set_expires(rt, expires); 1082 ip6_rt_put(rt); 1083 } 1084 } 1085} 1086 1087 1088/* This function wants to get referenced ifp and releases it before return */ 1089 1090static void ipv6_del_addr(struct inet6_ifaddr *ifp) 1091{ 1092 int state; 1093 enum cleanup_prefix_rt_t action = CLEANUP_PREFIX_RT_NOP; 1094 unsigned long expires; 1095 1096 ASSERT_RTNL(); 1097 1098 spin_lock_bh(&ifp->lock); 1099 state = ifp->state; 1100 ifp->state = INET6_IFADDR_STATE_DEAD; 1101 spin_unlock_bh(&ifp->lock); 1102 1103 if (state == INET6_IFADDR_STATE_DEAD) 1104 goto out; 1105 1106 spin_lock_bh(&addrconf_hash_lock); 1107 hlist_del_init_rcu(&ifp->addr_lst); 1108 spin_unlock_bh(&addrconf_hash_lock); 1109 1110 write_lock_bh(&ifp->idev->lock); 1111 1112 if (ifp->flags&IFA_F_TEMPORARY) { 1113 list_del(&ifp->tmp_list); 1114 if (ifp->ifpub) { 1115 in6_ifa_put(ifp->ifpub); 1116 ifp->ifpub = NULL; 1117 } 1118 __in6_ifa_put(ifp); 1119 } 1120 1121 if (ifp->flags & IFA_F_PERMANENT && !(ifp->flags & IFA_F_NOPREFIXROUTE)) 1122 action = check_cleanup_prefix_route(ifp, &expires); 1123 1124 list_del_init(&ifp->if_list); 1125 __in6_ifa_put(ifp); 1126 1127 write_unlock_bh(&ifp->idev->lock); 1128 1129 addrconf_del_dad_work(ifp); 1130 1131 ipv6_ifa_notify(RTM_DELADDR, ifp); 1132 1133 inet6addr_notifier_call_chain(NETDEV_DOWN, ifp); 1134 1135 if (action != CLEANUP_PREFIX_RT_NOP) { 1136 cleanup_prefix_route(ifp, expires, 1137 action == CLEANUP_PREFIX_RT_DEL); 1138 } 1139 1140 /* clean up prefsrc entries */ 1141 rt6_remove_prefsrc(ifp); 1142out: 1143 in6_ifa_put(ifp); 1144} 1145 1146static int ipv6_create_tempaddr(struct inet6_ifaddr *ifp, struct inet6_ifaddr *ift) 1147{ 1148 struct inet6_dev *idev = ifp->idev; 1149 struct in6_addr addr, *tmpaddr; 1150 unsigned long tmp_prefered_lft, tmp_valid_lft, tmp_tstamp, age; 1151 unsigned long regen_advance; 1152 int tmp_plen; 1153 int ret = 0; 1154 u32 addr_flags; 1155 unsigned long now = jiffies; 1156 1157 write_lock_bh(&idev->lock); 1158 if (ift) { 1159 spin_lock_bh(&ift->lock); 1160 memcpy(&addr.s6_addr[8], &ift->addr.s6_addr[8], 8); 1161 spin_unlock_bh(&ift->lock); 1162 tmpaddr = &addr; 1163 } else { 1164 tmpaddr = NULL; 1165 } 1166retry: 1167 in6_dev_hold(idev); 1168 if (idev->cnf.use_tempaddr <= 0) { 1169 write_unlock_bh(&idev->lock); 1170 pr_info("%s: use_tempaddr is disabled\n", __func__); 1171 in6_dev_put(idev); 1172 ret = -1; 1173 goto out; 1174 } 1175 spin_lock_bh(&ifp->lock); 1176 if (ifp->regen_count++ >= idev->cnf.regen_max_retry) { 1177 idev->cnf.use_tempaddr = -1; /*XXX*/ 1178 spin_unlock_bh(&ifp->lock); 1179 write_unlock_bh(&idev->lock); 1180 pr_warn("%s: regeneration time exceeded - disabled temporary address support\n", 1181 __func__); 1182 in6_dev_put(idev); 1183 ret = -1; 1184 goto out; 1185 } 1186 in6_ifa_hold(ifp); 1187 memcpy(addr.s6_addr, ifp->addr.s6_addr, 8); 1188 __ipv6_try_regen_rndid(idev, tmpaddr); 1189 memcpy(&addr.s6_addr[8], idev->rndid, 8); 1190 age = (now - ifp->tstamp) / HZ; 1191 tmp_valid_lft = min_t(__u32, 1192 ifp->valid_lft, 1193 idev->cnf.temp_valid_lft + age); 1194 tmp_prefered_lft = min_t(__u32, 1195 ifp->prefered_lft, 1196 idev->cnf.temp_prefered_lft + age - 1197 idev->cnf.max_desync_factor); 1198 tmp_plen = ifp->prefix_len; 1199 tmp_tstamp = ifp->tstamp; 1200 spin_unlock_bh(&ifp->lock); 1201 1202 regen_advance = idev->cnf.regen_max_retry * 1203 idev->cnf.dad_transmits * 1204 NEIGH_VAR(idev->nd_parms, RETRANS_TIME) / HZ; 1205 write_unlock_bh(&idev->lock); 1206 1207 /* A temporary address is created only if this calculated Preferred 1208 * Lifetime is greater than REGEN_ADVANCE time units. In particular, 1209 * an implementation must not create a temporary address with a zero 1210 * Preferred Lifetime. 1211 * Use age calculation as in addrconf_verify to avoid unnecessary 1212 * temporary addresses being generated. 1213 */ 1214 age = (now - tmp_tstamp + ADDRCONF_TIMER_FUZZ_MINUS) / HZ; 1215 if (tmp_prefered_lft <= regen_advance + age) { 1216 in6_ifa_put(ifp); 1217 in6_dev_put(idev); 1218 ret = -1; 1219 goto out; 1220 } 1221 1222 addr_flags = IFA_F_TEMPORARY; 1223 /* set in addrconf_prefix_rcv() */ 1224 if (ifp->flags & IFA_F_OPTIMISTIC) 1225 addr_flags |= IFA_F_OPTIMISTIC; 1226 1227 ift = ipv6_add_addr(idev, &addr, NULL, tmp_plen, 1228 ipv6_addr_scope(&addr), addr_flags, 1229 tmp_valid_lft, tmp_prefered_lft); 1230 if (IS_ERR(ift)) { 1231 in6_ifa_put(ifp); 1232 in6_dev_put(idev); 1233 pr_info("%s: retry temporary address regeneration\n", __func__); 1234 tmpaddr = &addr; 1235 write_lock_bh(&idev->lock); 1236 goto retry; 1237 } 1238 1239 spin_lock_bh(&ift->lock); 1240 ift->ifpub = ifp; 1241 ift->cstamp = now; 1242 ift->tstamp = tmp_tstamp; 1243 spin_unlock_bh(&ift->lock); 1244 1245 addrconf_dad_start(ift); 1246 in6_ifa_put(ift); 1247 in6_dev_put(idev); 1248out: 1249 return ret; 1250} 1251 1252/* 1253 * Choose an appropriate source address (RFC3484) 1254 */ 1255enum { 1256 IPV6_SADDR_RULE_INIT = 0, 1257 IPV6_SADDR_RULE_LOCAL, 1258 IPV6_SADDR_RULE_SCOPE, 1259 IPV6_SADDR_RULE_PREFERRED, 1260#ifdef CONFIG_IPV6_MIP6 1261 IPV6_SADDR_RULE_HOA, 1262#endif 1263 IPV6_SADDR_RULE_OIF, 1264 IPV6_SADDR_RULE_LABEL, 1265 IPV6_SADDR_RULE_PRIVACY, 1266 IPV6_SADDR_RULE_ORCHID, 1267 IPV6_SADDR_RULE_PREFIX, 1268#ifdef CONFIG_IPV6_OPTIMISTIC_DAD 1269 IPV6_SADDR_RULE_NOT_OPTIMISTIC, 1270#endif 1271 IPV6_SADDR_RULE_MAX 1272}; 1273 1274struct ipv6_saddr_score { 1275 int rule; 1276 int addr_type; 1277 struct inet6_ifaddr *ifa; 1278 DECLARE_BITMAP(scorebits, IPV6_SADDR_RULE_MAX); 1279 int scopedist; 1280 int matchlen; 1281}; 1282 1283struct ipv6_saddr_dst { 1284 const struct in6_addr *addr; 1285 int ifindex; 1286 int scope; 1287 int label; 1288 unsigned int prefs; 1289}; 1290 1291static inline int ipv6_saddr_preferred(int type) 1292{ 1293 if (type & (IPV6_ADDR_MAPPED|IPV6_ADDR_COMPATv4|IPV6_ADDR_LOOPBACK)) 1294 return 1; 1295 return 0; 1296} 1297 1298static inline bool ipv6_use_optimistic_addr(struct inet6_dev *idev) 1299{ 1300#ifdef CONFIG_IPV6_OPTIMISTIC_DAD 1301 return idev && idev->cnf.optimistic_dad && idev->cnf.use_optimistic; 1302#else 1303 return false; 1304#endif 1305} 1306 1307static int ipv6_get_saddr_eval(struct net *net, 1308 struct ipv6_saddr_score *score, 1309 struct ipv6_saddr_dst *dst, 1310 int i) 1311{ 1312 int ret; 1313 1314 if (i <= score->rule) { 1315 switch (i) { 1316 case IPV6_SADDR_RULE_SCOPE: 1317 ret = score->scopedist; 1318 break; 1319 case IPV6_SADDR_RULE_PREFIX: 1320 ret = score->matchlen; 1321 break; 1322 default: 1323 ret = !!test_bit(i, score->scorebits); 1324 } 1325 goto out; 1326 } 1327 1328 switch (i) { 1329 case IPV6_SADDR_RULE_INIT: 1330 /* Rule 0: remember if hiscore is not ready yet */ 1331 ret = !!score->ifa; 1332 break; 1333 case IPV6_SADDR_RULE_LOCAL: 1334 /* Rule 1: Prefer same address */ 1335 ret = ipv6_addr_equal(&score->ifa->addr, dst->addr); 1336 break; 1337 case IPV6_SADDR_RULE_SCOPE: 1338 /* Rule 2: Prefer appropriate scope 1339 * 1340 * ret 1341 * ^ 1342 * -1 | d 15 1343 * ---+--+-+---> scope 1344 * | 1345 * | d is scope of the destination. 1346 * B-d | \ 1347 * | \ <- smaller scope is better if 1348 * B-15 | \ if scope is enough for destination. 1349 * | ret = B - scope (-1 <= scope >= d <= 15). 1350 * d-C-1 | / 1351 * |/ <- greater is better 1352 * -C / if scope is not enough for destination. 1353 * /| ret = scope - C (-1 <= d < scope <= 15). 1354 * 1355 * d - C - 1 < B -15 (for all -1 <= d <= 15). 1356 * C > d + 14 - B >= 15 + 14 - B = 29 - B. 1357 * Assume B = 0 and we get C > 29. 1358 */ 1359 ret = __ipv6_addr_src_scope(score->addr_type); 1360 if (ret >= dst->scope) 1361 ret = -ret; 1362 else 1363 ret -= 128; /* 30 is enough */ 1364 score->scopedist = ret; 1365 break; 1366 case IPV6_SADDR_RULE_PREFERRED: 1367 { 1368 /* Rule 3: Avoid deprecated and optimistic addresses */ 1369 u8 avoid = IFA_F_DEPRECATED; 1370 1371 if (!ipv6_use_optimistic_addr(score->ifa->idev)) 1372 avoid |= IFA_F_OPTIMISTIC; 1373 ret = ipv6_saddr_preferred(score->addr_type) || 1374 !(score->ifa->flags & avoid); 1375 break; 1376 } 1377#ifdef CONFIG_IPV6_MIP6 1378 case IPV6_SADDR_RULE_HOA: 1379 { 1380 /* Rule 4: Prefer home address */ 1381 int prefhome = !(dst->prefs & IPV6_PREFER_SRC_COA); 1382 ret = !(score->ifa->flags & IFA_F_HOMEADDRESS) ^ prefhome; 1383 break; 1384 } 1385#endif 1386 case IPV6_SADDR_RULE_OIF: 1387 /* Rule 5: Prefer outgoing interface */ 1388 ret = (!dst->ifindex || 1389 dst->ifindex == score->ifa->idev->dev->ifindex); 1390 break; 1391 case IPV6_SADDR_RULE_LABEL: 1392 /* Rule 6: Prefer matching label */ 1393 ret = ipv6_addr_label(net, 1394 &score->ifa->addr, score->addr_type, 1395 score->ifa->idev->dev->ifindex) == dst->label; 1396 break; 1397 case IPV6_SADDR_RULE_PRIVACY: 1398 { 1399 /* Rule 7: Prefer public address 1400 * Note: prefer temporary address if use_tempaddr >= 2 1401 */ 1402 int preftmp = dst->prefs & (IPV6_PREFER_SRC_PUBLIC|IPV6_PREFER_SRC_TMP) ? 1403 !!(dst->prefs & IPV6_PREFER_SRC_TMP) : 1404 score->ifa->idev->cnf.use_tempaddr >= 2; 1405 ret = (!(score->ifa->flags & IFA_F_TEMPORARY)) ^ preftmp; 1406 break; 1407 } 1408 case IPV6_SADDR_RULE_ORCHID: 1409 /* Rule 8-: Prefer ORCHID vs ORCHID or 1410 * non-ORCHID vs non-ORCHID 1411 */ 1412 ret = !(ipv6_addr_orchid(&score->ifa->addr) ^ 1413 ipv6_addr_orchid(dst->addr)); 1414 break; 1415 case IPV6_SADDR_RULE_PREFIX: 1416 /* Rule 8: Use longest matching prefix */ 1417 ret = ipv6_addr_diff(&score->ifa->addr, dst->addr); 1418 if (ret > score->ifa->prefix_len) 1419 ret = score->ifa->prefix_len; 1420 score->matchlen = ret; 1421 break; 1422#ifdef CONFIG_IPV6_OPTIMISTIC_DAD 1423 case IPV6_SADDR_RULE_NOT_OPTIMISTIC: 1424 /* Optimistic addresses still have lower precedence than other 1425 * preferred addresses. 1426 */ 1427 ret = !(score->ifa->flags & IFA_F_OPTIMISTIC); 1428 break; 1429#endif 1430 default: 1431 ret = 0; 1432 } 1433 1434 if (ret) 1435 __set_bit(i, score->scorebits); 1436 score->rule = i; 1437out: 1438 return ret; 1439} 1440 1441static int __ipv6_dev_get_saddr(struct net *net, 1442 struct ipv6_saddr_dst *dst, 1443 struct inet6_dev *idev, 1444 struct ipv6_saddr_score *scores, 1445 int hiscore_idx) 1446{ 1447 struct ipv6_saddr_score *score = &scores[1 - hiscore_idx], *hiscore = &scores[hiscore_idx]; 1448 1449 read_lock_bh(&idev->lock); 1450 list_for_each_entry(score->ifa, &idev->addr_list, if_list) { 1451 int i; 1452 1453 /* 1454 * - Tentative Address (RFC2462 section 5.4) 1455 * - A tentative address is not considered 1456 * "assigned to an interface" in the traditional 1457 * sense, unless it is also flagged as optimistic. 1458 * - Candidate Source Address (section 4) 1459 * - In any case, anycast addresses, multicast 1460 * addresses, and the unspecified address MUST 1461 * NOT be included in a candidate set. 1462 */ 1463 if ((score->ifa->flags & IFA_F_TENTATIVE) && 1464 (!(score->ifa->flags & IFA_F_OPTIMISTIC))) 1465 continue; 1466 1467 score->addr_type = __ipv6_addr_type(&score->ifa->addr); 1468 1469 if (unlikely(score->addr_type == IPV6_ADDR_ANY || 1470 score->addr_type & IPV6_ADDR_MULTICAST)) { 1471 net_dbg_ratelimited("ADDRCONF: unspecified / multicast address assigned as unicast address on %s", 1472 idev->dev->name); 1473 continue; 1474 } 1475 1476 score->rule = -1; 1477 bitmap_zero(score->scorebits, IPV6_SADDR_RULE_MAX); 1478 1479 for (i = 0; i < IPV6_SADDR_RULE_MAX; i++) { 1480 int minihiscore, miniscore; 1481 1482 minihiscore = ipv6_get_saddr_eval(net, hiscore, dst, i); 1483 miniscore = ipv6_get_saddr_eval(net, score, dst, i); 1484 1485 if (minihiscore > miniscore) { 1486 if (i == IPV6_SADDR_RULE_SCOPE && 1487 score->scopedist > 0) { 1488 /* 1489 * special case: 1490 * each remaining entry 1491 * has too small (not enough) 1492 * scope, because ifa entries 1493 * are sorted by their scope 1494 * values. 1495 */ 1496 goto out; 1497 } 1498 break; 1499 } else if (minihiscore < miniscore) { 1500 if (hiscore->ifa) 1501 in6_ifa_put(hiscore->ifa); 1502 1503 in6_ifa_hold(score->ifa); 1504 1505 swap(hiscore, score); 1506 hiscore_idx = 1 - hiscore_idx; 1507 1508 /* restore our iterator */ 1509 score->ifa = hiscore->ifa; 1510 1511 break; 1512 } 1513 } 1514 } 1515out: 1516 read_unlock_bh(&idev->lock); 1517 return hiscore_idx; 1518} 1519 1520int ipv6_dev_get_saddr(struct net *net, const struct net_device *dst_dev, 1521 const struct in6_addr *daddr, unsigned int prefs, 1522 struct in6_addr *saddr) 1523{ 1524 struct ipv6_saddr_score scores[2], *hiscore; 1525 struct ipv6_saddr_dst dst; 1526 struct inet6_dev *idev; 1527 struct net_device *dev; 1528 int dst_type; 1529 bool use_oif_addr = false; 1530 int hiscore_idx = 0; 1531 1532 dst_type = __ipv6_addr_type(daddr); 1533 dst.addr = daddr; 1534 dst.ifindex = dst_dev ? dst_dev->ifindex : 0; 1535 dst.scope = __ipv6_addr_src_scope(dst_type); 1536 dst.label = ipv6_addr_label(net, daddr, dst_type, dst.ifindex); 1537 dst.prefs = prefs; 1538 1539 scores[hiscore_idx].rule = -1; 1540 scores[hiscore_idx].ifa = NULL; 1541 1542 rcu_read_lock(); 1543 1544 /* Candidate Source Address (section 4) 1545 * - multicast and link-local destination address, 1546 * the set of candidate source address MUST only 1547 * include addresses assigned to interfaces 1548 * belonging to the same link as the outgoing 1549 * interface. 1550 * (- For site-local destination addresses, the 1551 * set of candidate source addresses MUST only 1552 * include addresses assigned to interfaces 1553 * belonging to the same site as the outgoing 1554 * interface.) 1555 * - "It is RECOMMENDED that the candidate source addresses 1556 * be the set of unicast addresses assigned to the 1557 * interface that will be used to send to the destination 1558 * (the 'outgoing' interface)." (RFC 6724) 1559 */ 1560 if (dst_dev) { 1561 idev = __in6_dev_get(dst_dev); 1562 if ((dst_type & IPV6_ADDR_MULTICAST) || 1563 dst.scope <= IPV6_ADDR_SCOPE_LINKLOCAL || 1564 (idev && idev->cnf.use_oif_addrs_only)) { 1565 use_oif_addr = true; 1566 } 1567 } 1568 1569 if (use_oif_addr) { 1570 if (idev) 1571 hiscore_idx = __ipv6_dev_get_saddr(net, &dst, idev, scores, hiscore_idx); 1572 } else { 1573 for_each_netdev_rcu(net, dev) { 1574 idev = __in6_dev_get(dev); 1575 if (!idev) 1576 continue; 1577 hiscore_idx = __ipv6_dev_get_saddr(net, &dst, idev, scores, hiscore_idx); 1578 } 1579 } 1580 rcu_read_unlock(); 1581 1582 hiscore = &scores[hiscore_idx]; 1583 if (!hiscore->ifa) 1584 return -EADDRNOTAVAIL; 1585 1586 *saddr = hiscore->ifa->addr; 1587 in6_ifa_put(hiscore->ifa); 1588 return 0; 1589} 1590EXPORT_SYMBOL(ipv6_dev_get_saddr); 1591 1592int __ipv6_get_lladdr(struct inet6_dev *idev, struct in6_addr *addr, 1593 u32 banned_flags) 1594{ 1595 struct inet6_ifaddr *ifp; 1596 int err = -EADDRNOTAVAIL; 1597 1598 list_for_each_entry_reverse(ifp, &idev->addr_list, if_list) { 1599 if (ifp->scope > IFA_LINK) 1600 break; 1601 if (ifp->scope == IFA_LINK && 1602 !(ifp->flags & banned_flags)) { 1603 *addr = ifp->addr; 1604 err = 0; 1605 break; 1606 } 1607 } 1608 return err; 1609} 1610 1611int ipv6_get_lladdr(struct net_device *dev, struct in6_addr *addr, 1612 u32 banned_flags) 1613{ 1614 struct inet6_dev *idev; 1615 int err = -EADDRNOTAVAIL; 1616 1617 rcu_read_lock(); 1618 idev = __in6_dev_get(dev); 1619 if (idev) { 1620 read_lock_bh(&idev->lock); 1621 err = __ipv6_get_lladdr(idev, addr, banned_flags); 1622 read_unlock_bh(&idev->lock); 1623 } 1624 rcu_read_unlock(); 1625 return err; 1626} 1627 1628static int ipv6_count_addresses(struct inet6_dev *idev) 1629{ 1630 int cnt = 0; 1631 struct inet6_ifaddr *ifp; 1632 1633 read_lock_bh(&idev->lock); 1634 list_for_each_entry(ifp, &idev->addr_list, if_list) 1635 cnt++; 1636 read_unlock_bh(&idev->lock); 1637 return cnt; 1638} 1639 1640int ipv6_chk_addr(struct net *net, const struct in6_addr *addr, 1641 const struct net_device *dev, int strict) 1642{ 1643 return ipv6_chk_addr_and_flags(net, addr, dev, strict, IFA_F_TENTATIVE); 1644} 1645EXPORT_SYMBOL(ipv6_chk_addr); 1646 1647int ipv6_chk_addr_and_flags(struct net *net, const struct in6_addr *addr, 1648 const struct net_device *dev, int strict, 1649 u32 banned_flags) 1650{ 1651 struct inet6_ifaddr *ifp; 1652 unsigned int hash = inet6_addr_hash(addr); 1653 u32 ifp_flags; 1654 1655 rcu_read_lock_bh(); 1656 hlist_for_each_entry_rcu(ifp, &inet6_addr_lst[hash], addr_lst) { 1657 if (!net_eq(dev_net(ifp->idev->dev), net)) 1658 continue; 1659 /* Decouple optimistic from tentative for evaluation here. 1660 * Ban optimistic addresses explicitly, when required. 1661 */ 1662 ifp_flags = (ifp->flags&IFA_F_OPTIMISTIC) 1663 ? (ifp->flags&~IFA_F_TENTATIVE) 1664 : ifp->flags; 1665 if (ipv6_addr_equal(&ifp->addr, addr) && 1666 !(ifp_flags&banned_flags) && 1667 (!dev || ifp->idev->dev == dev || 1668 !(ifp->scope&(IFA_LINK|IFA_HOST) || strict))) { 1669 rcu_read_unlock_bh(); 1670 return 1; 1671 } 1672 } 1673 1674 rcu_read_unlock_bh(); 1675 return 0; 1676} 1677EXPORT_SYMBOL(ipv6_chk_addr_and_flags); 1678 1679static bool ipv6_chk_same_addr(struct net *net, const struct in6_addr *addr, 1680 struct net_device *dev) 1681{ 1682 unsigned int hash = inet6_addr_hash(addr); 1683 struct inet6_ifaddr *ifp; 1684 1685 hlist_for_each_entry(ifp, &inet6_addr_lst[hash], addr_lst) { 1686 if (!net_eq(dev_net(ifp->idev->dev), net)) 1687 continue; 1688 if (ipv6_addr_equal(&ifp->addr, addr)) { 1689 if (!dev || ifp->idev->dev == dev) 1690 return true; 1691 } 1692 } 1693 return false; 1694} 1695 1696/* Compares an address/prefix_len with addresses on device @dev. 1697 * If one is found it returns true. 1698 */ 1699bool ipv6_chk_custom_prefix(const struct in6_addr *addr, 1700 const unsigned int prefix_len, struct net_device *dev) 1701{ 1702 struct inet6_dev *idev; 1703 struct inet6_ifaddr *ifa; 1704 bool ret = false; 1705 1706 rcu_read_lock(); 1707 idev = __in6_dev_get(dev); 1708 if (idev) { 1709 read_lock_bh(&idev->lock); 1710 list_for_each_entry(ifa, &idev->addr_list, if_list) { 1711 ret = ipv6_prefix_equal(addr, &ifa->addr, prefix_len); 1712 if (ret) 1713 break; 1714 } 1715 read_unlock_bh(&idev->lock); 1716 } 1717 rcu_read_unlock(); 1718 1719 return ret; 1720} 1721EXPORT_SYMBOL(ipv6_chk_custom_prefix); 1722 1723int ipv6_chk_prefix(const struct in6_addr *addr, struct net_device *dev) 1724{ 1725 struct inet6_dev *idev; 1726 struct inet6_ifaddr *ifa; 1727 int onlink; 1728 1729 onlink = 0; 1730 rcu_read_lock(); 1731 idev = __in6_dev_get(dev); 1732 if (idev) { 1733 read_lock_bh(&idev->lock); 1734 list_for_each_entry(ifa, &idev->addr_list, if_list) { 1735 onlink = ipv6_prefix_equal(addr, &ifa->addr, 1736 ifa->prefix_len); 1737 if (onlink) 1738 break; 1739 } 1740 read_unlock_bh(&idev->lock); 1741 } 1742 rcu_read_unlock(); 1743 return onlink; 1744} 1745EXPORT_SYMBOL(ipv6_chk_prefix); 1746 1747struct inet6_ifaddr *ipv6_get_ifaddr(struct net *net, const struct in6_addr *addr, 1748 struct net_device *dev, int strict) 1749{ 1750 struct inet6_ifaddr *ifp, *result = NULL; 1751 unsigned int hash = inet6_addr_hash(addr); 1752 1753 rcu_read_lock_bh(); 1754 hlist_for_each_entry_rcu_bh(ifp, &inet6_addr_lst[hash], addr_lst) { 1755 if (!net_eq(dev_net(ifp->idev->dev), net)) 1756 continue; 1757 if (ipv6_addr_equal(&ifp->addr, addr)) { 1758 if (!dev || ifp->idev->dev == dev || 1759 !(ifp->scope&(IFA_LINK|IFA_HOST) || strict)) { 1760 result = ifp; 1761 in6_ifa_hold(ifp); 1762 break; 1763 } 1764 } 1765 } 1766 rcu_read_unlock_bh(); 1767 1768 return result; 1769} 1770 1771/* Gets referenced address, destroys ifaddr */ 1772 1773static void addrconf_dad_stop(struct inet6_ifaddr *ifp, int dad_failed) 1774{ 1775 if (ifp->flags&IFA_F_PERMANENT) { 1776 spin_lock_bh(&ifp->lock); 1777 addrconf_del_dad_work(ifp); 1778 ifp->flags |= IFA_F_TENTATIVE; 1779 if (dad_failed) 1780 ifp->flags |= IFA_F_DADFAILED; 1781 spin_unlock_bh(&ifp->lock); 1782 if (dad_failed) 1783 ipv6_ifa_notify(0, ifp); 1784 in6_ifa_put(ifp); 1785 } else if (ifp->flags&IFA_F_TEMPORARY) { 1786 struct inet6_ifaddr *ifpub; 1787 spin_lock_bh(&ifp->lock); 1788 ifpub = ifp->ifpub; 1789 if (ifpub) { 1790 in6_ifa_hold(ifpub); 1791 spin_unlock_bh(&ifp->lock); 1792 ipv6_create_tempaddr(ifpub, ifp); 1793 in6_ifa_put(ifpub); 1794 } else { 1795 spin_unlock_bh(&ifp->lock); 1796 } 1797 ipv6_del_addr(ifp); 1798 } else { 1799 ipv6_del_addr(ifp); 1800 } 1801} 1802 1803static int addrconf_dad_end(struct inet6_ifaddr *ifp) 1804{ 1805 int err = -ENOENT; 1806 1807 spin_lock_bh(&ifp->lock); 1808 if (ifp->state == INET6_IFADDR_STATE_DAD) { 1809 ifp->state = INET6_IFADDR_STATE_POSTDAD; 1810 err = 0; 1811 } 1812 spin_unlock_bh(&ifp->lock); 1813 1814 return err; 1815} 1816 1817void addrconf_dad_failure(struct inet6_ifaddr *ifp) 1818{ 1819 struct in6_addr addr; 1820 struct inet6_dev *idev = ifp->idev; 1821 struct net *net = dev_net(ifp->idev->dev); 1822 1823 if (addrconf_dad_end(ifp)) { 1824 in6_ifa_put(ifp); 1825 return; 1826 } 1827 1828 net_info_ratelimited("%s: IPv6 duplicate address %pI6c detected!\n", 1829 ifp->idev->dev->name, &ifp->addr); 1830 1831 spin_lock_bh(&ifp->lock); 1832 1833 if (ifp->flags & IFA_F_STABLE_PRIVACY) { 1834 int scope = ifp->scope; 1835 u32 flags = ifp->flags; 1836 struct in6_addr new_addr; 1837 struct inet6_ifaddr *ifp2; 1838 u32 valid_lft, preferred_lft; 1839 int pfxlen = ifp->prefix_len; 1840 int retries = ifp->stable_privacy_retry + 1; 1841 1842 if (retries > net->ipv6.sysctl.idgen_retries) { 1843 net_info_ratelimited("%s: privacy stable address generation failed because of DAD conflicts!\n", 1844 ifp->idev->dev->name); 1845 goto errdad; 1846 } 1847 1848 new_addr = ifp->addr; 1849 if (ipv6_generate_stable_address(&new_addr, retries, 1850 idev)) 1851 goto errdad; 1852 1853 valid_lft = ifp->valid_lft; 1854 preferred_lft = ifp->prefered_lft; 1855 1856 spin_unlock_bh(&ifp->lock); 1857 1858 if (idev->cnf.max_addresses && 1859 ipv6_count_addresses(idev) >= 1860 idev->cnf.max_addresses) 1861 goto lock_errdad; 1862 1863 net_info_ratelimited("%s: generating new stable privacy address because of DAD conflict\n", 1864 ifp->idev->dev->name); 1865 1866 ifp2 = ipv6_add_addr(idev, &new_addr, NULL, pfxlen, 1867 scope, flags, valid_lft, 1868 preferred_lft); 1869 if (IS_ERR(ifp2)) 1870 goto lock_errdad; 1871 1872 spin_lock_bh(&ifp2->lock); 1873 ifp2->stable_privacy_retry = retries; 1874 ifp2->state = INET6_IFADDR_STATE_PREDAD; 1875 spin_unlock_bh(&ifp2->lock); 1876 1877 addrconf_mod_dad_work(ifp2, net->ipv6.sysctl.idgen_delay); 1878 in6_ifa_put(ifp2); 1879lock_errdad: 1880 spin_lock_bh(&ifp->lock); 1881 } else if (idev->cnf.accept_dad > 1 && !idev->cnf.disable_ipv6) { 1882 addr.s6_addr32[0] = htonl(0xfe800000); 1883 addr.s6_addr32[1] = 0; 1884 1885 if (!ipv6_generate_eui64(addr.s6_addr + 8, idev->dev) && 1886 ipv6_addr_equal(&ifp->addr, &addr)) { 1887 /* DAD failed for link-local based on MAC address */ 1888 idev->cnf.disable_ipv6 = 1; 1889 1890 pr_info("%s: IPv6 being disabled!\n", 1891 ifp->idev->dev->name); 1892 } 1893 } 1894 1895errdad: 1896 /* transition from _POSTDAD to _ERRDAD */ 1897 ifp->state = INET6_IFADDR_STATE_ERRDAD; 1898 spin_unlock_bh(&ifp->lock); 1899 1900 addrconf_mod_dad_work(ifp, 0); 1901} 1902 1903/* Join to solicited addr multicast group. 1904 * caller must hold RTNL */ 1905void addrconf_join_solict(struct net_device *dev, const struct in6_addr *addr) 1906{ 1907 struct in6_addr maddr; 1908 1909 if (dev->flags&(IFF_LOOPBACK|IFF_NOARP)) 1910 return; 1911 1912 addrconf_addr_solict_mult(addr, &maddr); 1913 ipv6_dev_mc_inc(dev, &maddr); 1914} 1915 1916/* caller must hold RTNL */ 1917void addrconf_leave_solict(struct inet6_dev *idev, const struct in6_addr *addr) 1918{ 1919 struct in6_addr maddr; 1920 1921 if (idev->dev->flags&(IFF_LOOPBACK|IFF_NOARP)) 1922 return; 1923 1924 addrconf_addr_solict_mult(addr, &maddr); 1925 __ipv6_dev_mc_dec(idev, &maddr); 1926} 1927 1928/* caller must hold RTNL */ 1929static void addrconf_join_anycast(struct inet6_ifaddr *ifp) 1930{ 1931 struct in6_addr addr; 1932 1933 if (ifp->prefix_len >= 127) /* RFC 6164 */ 1934 return; 1935 ipv6_addr_prefix(&addr, &ifp->addr, ifp->prefix_len); 1936 if (ipv6_addr_any(&addr)) 1937 return; 1938 __ipv6_dev_ac_inc(ifp->idev, &addr); 1939} 1940 1941/* caller must hold RTNL */ 1942static void addrconf_leave_anycast(struct inet6_ifaddr *ifp) 1943{ 1944 struct in6_addr addr; 1945 1946 if (ifp->prefix_len >= 127) /* RFC 6164 */ 1947 return; 1948 ipv6_addr_prefix(&addr, &ifp->addr, ifp->prefix_len); 1949 if (ipv6_addr_any(&addr)) 1950 return; 1951 __ipv6_dev_ac_dec(ifp->idev, &addr); 1952} 1953 1954static int addrconf_ifid_eui64(u8 *eui, struct net_device *dev) 1955{ 1956 if (dev->addr_len != IEEE802154_ADDR_LEN) 1957 return -1; 1958 memcpy(eui, dev->dev_addr, 8); 1959 eui[0] ^= 2; 1960 return 0; 1961} 1962 1963static int addrconf_ifid_ieee1394(u8 *eui, struct net_device *dev) 1964{ 1965 union fwnet_hwaddr *ha; 1966 1967 if (dev->addr_len != FWNET_ALEN) 1968 return -1; 1969 1970 ha = (union fwnet_hwaddr *)dev->dev_addr; 1971 1972 memcpy(eui, &ha->uc.uniq_id, sizeof(ha->uc.uniq_id)); 1973 eui[0] ^= 2; 1974 return 0; 1975} 1976 1977static int addrconf_ifid_arcnet(u8 *eui, struct net_device *dev) 1978{ 1979 /* XXX: inherit EUI-64 from other interface -- yoshfuji */ 1980 if (dev->addr_len != ARCNET_ALEN) 1981 return -1; 1982 memset(eui, 0, 7); 1983 eui[7] = *(u8 *)dev->dev_addr; 1984 return 0; 1985} 1986 1987static int addrconf_ifid_infiniband(u8 *eui, struct net_device *dev) 1988{ 1989 if (dev->addr_len != INFINIBAND_ALEN) 1990 return -1; 1991 memcpy(eui, dev->dev_addr + 12, 8); 1992 eui[0] |= 2; 1993 return 0; 1994} 1995 1996static int __ipv6_isatap_ifid(u8 *eui, __be32 addr) 1997{ 1998 if (addr == 0) 1999 return -1; 2000 eui[0] = (ipv4_is_zeronet(addr) || ipv4_is_private_10(addr) || 2001 ipv4_is_loopback(addr) || ipv4_is_linklocal_169(addr) || 2002 ipv4_is_private_172(addr) || ipv4_is_test_192(addr) || 2003 ipv4_is_anycast_6to4(addr) || ipv4_is_private_192(addr) || 2004 ipv4_is_test_198(addr) || ipv4_is_multicast(addr) || 2005 ipv4_is_lbcast(addr)) ? 0x00 : 0x02; 2006 eui[1] = 0; 2007 eui[2] = 0x5E; 2008 eui[3] = 0xFE; 2009 memcpy(eui + 4, &addr, 4); 2010 return 0; 2011} 2012 2013static int addrconf_ifid_sit(u8 *eui, struct net_device *dev) 2014{ 2015 if (dev->priv_flags & IFF_ISATAP) 2016 return __ipv6_isatap_ifid(eui, *(__be32 *)dev->dev_addr); 2017 return -1; 2018} 2019 2020static int addrconf_ifid_gre(u8 *eui, struct net_device *dev) 2021{ 2022 return __ipv6_isatap_ifid(eui, *(__be32 *)dev->dev_addr); 2023} 2024 2025static int addrconf_ifid_ip6tnl(u8 *eui, struct net_device *dev) 2026{ 2027 memcpy(eui, dev->perm_addr, 3); 2028 memcpy(eui + 5, dev->perm_addr + 3, 3); 2029 eui[3] = 0xFF; 2030 eui[4] = 0xFE; 2031 eui[0] ^= 2; 2032 return 0; 2033} 2034 2035static int ipv6_generate_eui64(u8 *eui, struct net_device *dev) 2036{ 2037 switch (dev->type) { 2038 case ARPHRD_ETHER: 2039 case ARPHRD_FDDI: 2040 return addrconf_ifid_eui48(eui, dev); 2041 case ARPHRD_ARCNET: 2042 return addrconf_ifid_arcnet(eui, dev); 2043 case ARPHRD_INFINIBAND: 2044 return addrconf_ifid_infiniband(eui, dev); 2045 case ARPHRD_SIT: 2046 return addrconf_ifid_sit(eui, dev); 2047 case ARPHRD_IPGRE: 2048 return addrconf_ifid_gre(eui, dev); 2049 case ARPHRD_6LOWPAN: 2050 case ARPHRD_IEEE802154: 2051 return addrconf_ifid_eui64(eui, dev); 2052 case ARPHRD_IEEE1394: 2053 return addrconf_ifid_ieee1394(eui, dev); 2054 case ARPHRD_TUNNEL6: 2055 return addrconf_ifid_ip6tnl(eui, dev); 2056 } 2057 return -1; 2058} 2059 2060static int ipv6_inherit_eui64(u8 *eui, struct inet6_dev *idev) 2061{ 2062 int err = -1; 2063 struct inet6_ifaddr *ifp; 2064 2065 read_lock_bh(&idev->lock); 2066 list_for_each_entry_reverse(ifp, &idev->addr_list, if_list) { 2067 if (ifp->scope > IFA_LINK) 2068 break; 2069 if (ifp->scope == IFA_LINK && !(ifp->flags&IFA_F_TENTATIVE)) { 2070 memcpy(eui, ifp->addr.s6_addr+8, 8); 2071 err = 0; 2072 break; 2073 } 2074 } 2075 read_unlock_bh(&idev->lock); 2076 return err; 2077} 2078 2079/* (re)generation of randomized interface identifier (RFC 3041 3.2, 3.5) */ 2080static void __ipv6_regen_rndid(struct inet6_dev *idev) 2081{ 2082regen: 2083 get_random_bytes(idev->rndid, sizeof(idev->rndid)); 2084 idev->rndid[0] &= ~0x02; 2085 2086 /* 2087 * <draft-ietf-ipngwg-temp-addresses-v2-00.txt>: 2088 * check if generated address is not inappropriate 2089 * 2090 * - Reserved subnet anycast (RFC 2526) 2091 * 11111101 11....11 1xxxxxxx 2092 * - ISATAP (RFC4214) 6.1 2093 * 00-00-5E-FE-xx-xx-xx-xx 2094 * - value 0 2095 * - XXX: already assigned to an address on the device 2096 */ 2097 if (idev->rndid[0] == 0xfd && 2098 (idev->rndid[1]&idev->rndid[2]&idev->rndid[3]&idev->rndid[4]&idev->rndid[5]&idev->rndid[6]) == 0xff && 2099 (idev->rndid[7]&0x80)) 2100 goto regen; 2101 if ((idev->rndid[0]|idev->rndid[1]) == 0) { 2102 if (idev->rndid[2] == 0x5e && idev->rndid[3] == 0xfe) 2103 goto regen; 2104 if ((idev->rndid[2]|idev->rndid[3]|idev->rndid[4]|idev->rndid[5]|idev->rndid[6]|idev->rndid[7]) == 0x00) 2105 goto regen; 2106 } 2107} 2108 2109static void ipv6_regen_rndid(unsigned long data) 2110{ 2111 struct inet6_dev *idev = (struct inet6_dev *) data; 2112 unsigned long expires; 2113 2114 rcu_read_lock_bh(); 2115 write_lock_bh(&idev->lock); 2116 2117 if (idev->dead) 2118 goto out; 2119 2120 __ipv6_regen_rndid(idev); 2121 2122 expires = jiffies + 2123 idev->cnf.temp_prefered_lft * HZ - 2124 idev->cnf.regen_max_retry * idev->cnf.dad_transmits * 2125 NEIGH_VAR(idev->nd_parms, RETRANS_TIME) - 2126 idev->cnf.max_desync_factor * HZ; 2127 if (time_before(expires, jiffies)) { 2128 pr_warn("%s: too short regeneration interval; timer disabled for %s\n", 2129 __func__, idev->dev->name); 2130 goto out; 2131 } 2132 2133 if (!mod_timer(&idev->regen_timer, expires)) 2134 in6_dev_hold(idev); 2135 2136out: 2137 write_unlock_bh(&idev->lock); 2138 rcu_read_unlock_bh(); 2139 in6_dev_put(idev); 2140} 2141 2142static void __ipv6_try_regen_rndid(struct inet6_dev *idev, struct in6_addr *tmpaddr) 2143{ 2144 if (tmpaddr && memcmp(idev->rndid, &tmpaddr->s6_addr[8], 8) == 0) 2145 __ipv6_regen_rndid(idev); 2146} 2147 2148/* 2149 * Add prefix route. 2150 */ 2151 2152static void 2153addrconf_prefix_route(struct in6_addr *pfx, int plen, struct net_device *dev, 2154 unsigned long expires, u32 flags) 2155{ 2156 struct fib6_config cfg = { 2157 .fc_table = l3mdev_fib_table(dev) ? : RT6_TABLE_PREFIX, 2158 .fc_metric = IP6_RT_PRIO_ADDRCONF, 2159 .fc_ifindex = dev->ifindex, 2160 .fc_expires = expires, 2161 .fc_dst_len = plen, 2162 .fc_flags = RTF_UP | flags, 2163 .fc_nlinfo.nl_net = dev_net(dev), 2164 .fc_protocol = RTPROT_KERNEL, 2165 }; 2166 2167 cfg.fc_dst = *pfx; 2168 2169 /* Prevent useless cloning on PtP SIT. 2170 This thing is done here expecting that the whole 2171 class of non-broadcast devices need not cloning. 2172 */ 2173#if IS_ENABLED(CONFIG_IPV6_SIT) 2174 if (dev->type == ARPHRD_SIT && (dev->flags & IFF_POINTOPOINT)) 2175 cfg.fc_flags |= RTF_NONEXTHOP; 2176#endif 2177 2178 ip6_route_add(&cfg); 2179} 2180 2181 2182static struct rt6_info *addrconf_get_prefix_route(const struct in6_addr *pfx, 2183 int plen, 2184 const struct net_device *dev, 2185 u32 flags, u32 noflags) 2186{ 2187 struct fib6_node *fn; 2188 struct rt6_info *rt = NULL; 2189 struct fib6_table *table; 2190 u32 tb_id = l3mdev_fib_table(dev) ? : RT6_TABLE_PREFIX; 2191 2192 table = fib6_get_table(dev_net(dev), tb_id); 2193 if (!table) 2194 return NULL; 2195 2196 read_lock_bh(&table->tb6_lock); 2197 fn = fib6_locate(&table->tb6_root, pfx, plen, NULL, 0); 2198 if (!fn) 2199 goto out; 2200 2201 noflags |= RTF_CACHE; 2202 for (rt = fn->leaf; rt; rt = rt->dst.rt6_next) { 2203 if (rt->dst.dev->ifindex != dev->ifindex) 2204 continue; 2205 if ((rt->rt6i_flags & flags) != flags) 2206 continue; 2207 if ((rt->rt6i_flags & noflags) != 0) 2208 continue; 2209 dst_hold(&rt->dst); 2210 break; 2211 } 2212out: 2213 read_unlock_bh(&table->tb6_lock); 2214 return rt; 2215} 2216 2217 2218/* Create "default" multicast route to the interface */ 2219 2220static void addrconf_add_mroute(struct net_device *dev) 2221{ 2222 struct fib6_config cfg = { 2223 .fc_table = l3mdev_fib_table(dev) ? : RT6_TABLE_LOCAL, 2224 .fc_metric = IP6_RT_PRIO_ADDRCONF, 2225 .fc_ifindex = dev->ifindex, 2226 .fc_dst_len = 8, 2227 .fc_flags = RTF_UP, 2228 .fc_nlinfo.nl_net = dev_net(dev), 2229 }; 2230 2231 ipv6_addr_set(&cfg.fc_dst, htonl(0xFF000000), 0, 0, 0); 2232 2233 ip6_route_add(&cfg); 2234} 2235 2236static struct inet6_dev *addrconf_add_dev(struct net_device *dev) 2237{ 2238 struct inet6_dev *idev; 2239 2240 ASSERT_RTNL(); 2241 2242 idev = ipv6_find_idev(dev); 2243 if (!idev) 2244 return ERR_PTR(-ENOBUFS); 2245 2246 if (idev->cnf.disable_ipv6) 2247 return ERR_PTR(-EACCES); 2248 2249 /* Add default multicast route */ 2250 if (!(dev->flags & IFF_LOOPBACK)) 2251 addrconf_add_mroute(dev); 2252 2253 return idev; 2254} 2255 2256static void manage_tempaddrs(struct inet6_dev *idev, 2257 struct inet6_ifaddr *ifp, 2258 __u32 valid_lft, __u32 prefered_lft, 2259 bool create, unsigned long now) 2260{ 2261 u32 flags; 2262 struct inet6_ifaddr *ift; 2263 2264 read_lock_bh(&idev->lock); 2265 /* update all temporary addresses in the list */ 2266 list_for_each_entry(ift, &idev->tempaddr_list, tmp_list) { 2267 int age, max_valid, max_prefered; 2268 2269 if (ifp != ift->ifpub) 2270 continue; 2271 2272 /* RFC 4941 section 3.3: 2273 * If a received option will extend the lifetime of a public 2274 * address, the lifetimes of temporary addresses should 2275 * be extended, subject to the overall constraint that no 2276 * temporary addresses should ever remain "valid" or "preferred" 2277 * for a time longer than (TEMP_VALID_LIFETIME) or 2278 * (TEMP_PREFERRED_LIFETIME - DESYNC_FACTOR), respectively. 2279 */ 2280 age = (now - ift->cstamp) / HZ; 2281 max_valid = idev->cnf.temp_valid_lft - age; 2282 if (max_valid < 0) 2283 max_valid = 0; 2284 2285 max_prefered = idev->cnf.temp_prefered_lft - 2286 idev->cnf.max_desync_factor - age; 2287 if (max_prefered < 0) 2288 max_prefered = 0; 2289 2290 if (valid_lft > max_valid) 2291 valid_lft = max_valid; 2292 2293 if (prefered_lft > max_prefered) 2294 prefered_lft = max_prefered; 2295 2296 spin_lock(&ift->lock); 2297 flags = ift->flags; 2298 ift->valid_lft = valid_lft; 2299 ift->prefered_lft = prefered_lft; 2300 ift->tstamp = now; 2301 if (prefered_lft > 0) 2302 ift->flags &= ~IFA_F_DEPRECATED; 2303 2304 spin_unlock(&ift->lock); 2305 if (!(flags&IFA_F_TENTATIVE)) 2306 ipv6_ifa_notify(0, ift); 2307 } 2308 2309 if ((create || list_empty(&idev->tempaddr_list)) && 2310 idev->cnf.use_tempaddr > 0) { 2311 /* When a new public address is created as described 2312 * in [ADDRCONF], also create a new temporary address. 2313 * Also create a temporary address if it's enabled but 2314 * no temporary address currently exists. 2315 */ 2316 read_unlock_bh(&idev->lock); 2317 ipv6_create_tempaddr(ifp, NULL); 2318 } else { 2319 read_unlock_bh(&idev->lock); 2320 } 2321} 2322 2323void addrconf_prefix_rcv(struct net_device *dev, u8 *opt, int len, bool sllao) 2324{ 2325 struct prefix_info *pinfo; 2326 __u32 valid_lft; 2327 __u32 prefered_lft; 2328 int addr_type; 2329 u32 addr_flags = 0; 2330 struct inet6_dev *in6_dev; 2331 struct net *net = dev_net(dev); 2332 2333 pinfo = (struct prefix_info *) opt; 2334 2335 if (len < sizeof(struct prefix_info)) { 2336 ADBG("addrconf: prefix option too short\n"); 2337 return; 2338 } 2339 2340 /* 2341 * Validation checks ([ADDRCONF], page 19) 2342 */ 2343 2344 addr_type = ipv6_addr_type(&pinfo->prefix); 2345 2346 if (addr_type & (IPV6_ADDR_MULTICAST|IPV6_ADDR_LINKLOCAL)) 2347 return; 2348 2349 valid_lft = ntohl(pinfo->valid); 2350 prefered_lft = ntohl(pinfo->prefered); 2351 2352 if (prefered_lft > valid_lft) { 2353 net_warn_ratelimited("addrconf: prefix option has invalid lifetime\n"); 2354 return; 2355 } 2356 2357 in6_dev = in6_dev_get(dev); 2358 2359 if (!in6_dev) { 2360 net_dbg_ratelimited("addrconf: device %s not configured\n", 2361 dev->name); 2362 return; 2363 } 2364 2365 /* 2366 * Two things going on here: 2367 * 1) Add routes for on-link prefixes 2368 * 2) Configure prefixes with the auto flag set 2369 */ 2370 2371 if (pinfo->onlink) { 2372 struct rt6_info *rt; 2373 unsigned long rt_expires; 2374 2375 /* Avoid arithmetic overflow. Really, we could 2376 * save rt_expires in seconds, likely valid_lft, 2377 * but it would require division in fib gc, that it 2378 * not good. 2379 */ 2380 if (HZ > USER_HZ) 2381 rt_expires = addrconf_timeout_fixup(valid_lft, HZ); 2382 else 2383 rt_expires = addrconf_timeout_fixup(valid_lft, USER_HZ); 2384 2385 if (addrconf_finite_timeout(rt_expires)) 2386 rt_expires *= HZ; 2387 2388 rt = addrconf_get_prefix_route(&pinfo->prefix, 2389 pinfo->prefix_len, 2390 dev, 2391 RTF_ADDRCONF | RTF_PREFIX_RT, 2392 RTF_GATEWAY | RTF_DEFAULT); 2393 2394 if (rt) { 2395 /* Autoconf prefix route */ 2396 if (valid_lft == 0) { 2397 ip6_del_rt(rt); 2398 rt = NULL; 2399 } else if (addrconf_finite_timeout(rt_expires)) { 2400 /* not infinity */ 2401 rt6_set_expires(rt, jiffies + rt_expires); 2402 } else { 2403 rt6_clean_expires(rt); 2404 } 2405 } else if (valid_lft) { 2406 clock_t expires = 0; 2407 int flags = RTF_ADDRCONF | RTF_PREFIX_RT; 2408 if (addrconf_finite_timeout(rt_expires)) { 2409 /* not infinity */ 2410 flags |= RTF_EXPIRES; 2411 expires = jiffies_to_clock_t(rt_expires); 2412 } 2413 addrconf_prefix_route(&pinfo->prefix, pinfo->prefix_len, 2414 dev, expires, flags); 2415 } 2416 ip6_rt_put(rt); 2417 } 2418 2419 /* Try to figure out our local address for this prefix */ 2420 2421 if (pinfo->autoconf && in6_dev->cnf.autoconf) { 2422 struct inet6_ifaddr *ifp; 2423 struct in6_addr addr; 2424 int create = 0, update_lft = 0; 2425 bool tokenized = false; 2426 2427 if (pinfo->prefix_len == 64) { 2428 memcpy(&addr, &pinfo->prefix, 8); 2429 2430 if (!ipv6_addr_any(&in6_dev->token)) { 2431 read_lock_bh(&in6_dev->lock); 2432 memcpy(addr.s6_addr + 8, 2433 in6_dev->token.s6_addr + 8, 8); 2434 read_unlock_bh(&in6_dev->lock); 2435 tokenized = true; 2436 } else if (in6_dev->addr_gen_mode == 2437 IN6_ADDR_GEN_MODE_STABLE_PRIVACY && 2438 !ipv6_generate_stable_address(&addr, 0, 2439 in6_dev)) { 2440 addr_flags |= IFA_F_STABLE_PRIVACY; 2441 goto ok; 2442 } else if (ipv6_generate_eui64(addr.s6_addr + 8, dev) && 2443 ipv6_inherit_eui64(addr.s6_addr + 8, in6_dev)) { 2444 in6_dev_put(in6_dev); 2445 return; 2446 } 2447 goto ok; 2448 } 2449 net_dbg_ratelimited("IPv6 addrconf: prefix with wrong length %d\n", 2450 pinfo->prefix_len); 2451 in6_dev_put(in6_dev); 2452 return; 2453 2454ok: 2455 2456 ifp = ipv6_get_ifaddr(net, &addr, dev, 1); 2457 2458 if (!ifp && valid_lft) { 2459 int max_addresses = in6_dev->cnf.max_addresses; 2460 2461#ifdef CONFIG_IPV6_OPTIMISTIC_DAD 2462 if (in6_dev->cnf.optimistic_dad && 2463 !net->ipv6.devconf_all->forwarding && sllao) 2464 addr_flags |= IFA_F_OPTIMISTIC; 2465#endif 2466 2467 /* Do not allow to create too much of autoconfigured 2468 * addresses; this would be too easy way to crash kernel. 2469 */ 2470 if (!max_addresses || 2471 ipv6_count_addresses(in6_dev) < max_addresses) 2472 ifp = ipv6_add_addr(in6_dev, &addr, NULL, 2473 pinfo->prefix_len, 2474 addr_type&IPV6_ADDR_SCOPE_MASK, 2475 addr_flags, valid_lft, 2476 prefered_lft); 2477 2478 if (IS_ERR_OR_NULL(ifp)) { 2479 in6_dev_put(in6_dev); 2480 return; 2481 } 2482 2483 update_lft = 0; 2484 create = 1; 2485 spin_lock_bh(&ifp->lock); 2486 ifp->flags |= IFA_F_MANAGETEMPADDR; 2487 ifp->cstamp = jiffies; 2488 ifp->tokenized = tokenized; 2489 spin_unlock_bh(&ifp->lock); 2490 addrconf_dad_start(ifp); 2491 } 2492 2493 if (ifp) { 2494 u32 flags; 2495 unsigned long now; 2496 u32 stored_lft; 2497 2498 /* update lifetime (RFC2462 5.5.3 e) */ 2499 spin_lock_bh(&ifp->lock); 2500 now = jiffies; 2501 if (ifp->valid_lft > (now - ifp->tstamp) / HZ) 2502 stored_lft = ifp->valid_lft - (now - ifp->tstamp) / HZ; 2503 else 2504 stored_lft = 0; 2505 if (!update_lft && !create && stored_lft) { 2506 const u32 minimum_lft = min_t(u32, 2507 stored_lft, MIN_VALID_LIFETIME); 2508 valid_lft = max(valid_lft, minimum_lft); 2509 2510 /* RFC4862 Section 5.5.3e: 2511 * "Note that the preferred lifetime of the 2512 * corresponding address is always reset to 2513 * the Preferred Lifetime in the received 2514 * Prefix Information option, regardless of 2515 * whether the valid lifetime is also reset or 2516 * ignored." 2517 * 2518 * So we should always update prefered_lft here. 2519 */ 2520 update_lft = 1; 2521 } 2522 2523 if (update_lft) { 2524 ifp->valid_lft = valid_lft; 2525 ifp->prefered_lft = prefered_lft; 2526 ifp->tstamp = now; 2527 flags = ifp->flags; 2528 ifp->flags &= ~IFA_F_DEPRECATED; 2529 spin_unlock_bh(&ifp->lock); 2530 2531 if (!(flags&IFA_F_TENTATIVE)) 2532 ipv6_ifa_notify(0, ifp); 2533 } else 2534 spin_unlock_bh(&ifp->lock); 2535 2536 manage_tempaddrs(in6_dev, ifp, valid_lft, prefered_lft, 2537 create, now); 2538 2539 in6_ifa_put(ifp); 2540 addrconf_verify(); 2541 } 2542 } 2543 inet6_prefix_notify(RTM_NEWPREFIX, in6_dev, pinfo); 2544 in6_dev_put(in6_dev); 2545} 2546 2547/* 2548 * Set destination address. 2549 * Special case for SIT interfaces where we create a new "virtual" 2550 * device. 2551 */ 2552int addrconf_set_dstaddr(struct net *net, void __user *arg) 2553{ 2554 struct in6_ifreq ireq; 2555 struct net_device *dev; 2556 int err = -EINVAL; 2557 2558 rtnl_lock(); 2559 2560 err = -EFAULT; 2561 if (copy_from_user(&ireq, arg, sizeof(struct in6_ifreq))) 2562 goto err_exit; 2563 2564 dev = __dev_get_by_index(net, ireq.ifr6_ifindex); 2565 2566 err = -ENODEV; 2567 if (!dev) 2568 goto err_exit; 2569 2570#if IS_ENABLED(CONFIG_IPV6_SIT) 2571 if (dev->type == ARPHRD_SIT) { 2572 const struct net_device_ops *ops = dev->netdev_ops; 2573 struct ifreq ifr; 2574 struct ip_tunnel_parm p; 2575 2576 err = -EADDRNOTAVAIL; 2577 if (!(ipv6_addr_type(&ireq.ifr6_addr) & IPV6_ADDR_COMPATv4)) 2578 goto err_exit; 2579 2580 memset(&p, 0, sizeof(p)); 2581 p.iph.daddr = ireq.ifr6_addr.s6_addr32[3]; 2582 p.iph.saddr = 0; 2583 p.iph.version = 4; 2584 p.iph.ihl = 5; 2585 p.iph.protocol = IPPROTO_IPV6; 2586 p.iph.ttl = 64; 2587 ifr.ifr_ifru.ifru_data = (__force void __user *)&p; 2588 2589 if (ops->ndo_do_ioctl) { 2590 mm_segment_t oldfs = get_fs(); 2591 2592 set_fs(KERNEL_DS); 2593 err = ops->ndo_do_ioctl(dev, &ifr, SIOCADDTUNNEL); 2594 set_fs(oldfs); 2595 } else 2596 err = -EOPNOTSUPP; 2597 2598 if (err == 0) { 2599 err = -ENOBUFS; 2600 dev = __dev_get_by_name(net, p.name); 2601 if (!dev) 2602 goto err_exit; 2603 err = dev_open(dev); 2604 } 2605 } 2606#endif 2607 2608err_exit: 2609 rtnl_unlock(); 2610 return err; 2611} 2612 2613static int ipv6_mc_config(struct sock *sk, bool join, 2614 const struct in6_addr *addr, int ifindex) 2615{ 2616 int ret; 2617 2618 ASSERT_RTNL(); 2619 2620 lock_sock(sk); 2621 if (join) 2622 ret = ipv6_sock_mc_join(sk, ifindex, addr); 2623 else 2624 ret = ipv6_sock_mc_drop(sk, ifindex, addr); 2625 release_sock(sk); 2626 2627 return ret; 2628} 2629 2630/* 2631 * Manual configuration of address on an interface 2632 */ 2633static int inet6_addr_add(struct net *net, int ifindex, 2634 const struct in6_addr *pfx, 2635 const struct in6_addr *peer_pfx, 2636 unsigned int plen, __u32 ifa_flags, 2637 __u32 prefered_lft, __u32 valid_lft) 2638{ 2639 struct inet6_ifaddr *ifp; 2640 struct inet6_dev *idev; 2641 struct net_device *dev; 2642 unsigned long timeout; 2643 clock_t expires; 2644 int scope; 2645 u32 flags; 2646 2647 ASSERT_RTNL(); 2648 2649 if (plen > 128) 2650 return -EINVAL; 2651 2652 /* check the lifetime */ 2653 if (!valid_lft || prefered_lft > valid_lft) 2654 return -EINVAL; 2655 2656 if (ifa_flags & IFA_F_MANAGETEMPADDR && plen != 64) 2657 return -EINVAL; 2658 2659 dev = __dev_get_by_index(net, ifindex); 2660 if (!dev) 2661 return -ENODEV; 2662 2663 idev = addrconf_add_dev(dev); 2664 if (IS_ERR(idev)) 2665 return PTR_ERR(idev); 2666 2667 if (ifa_flags & IFA_F_MCAUTOJOIN) { 2668 int ret = ipv6_mc_config(net->ipv6.mc_autojoin_sk, 2669 true, pfx, ifindex); 2670 2671 if (ret < 0) 2672 return ret; 2673 } 2674 2675 scope = ipv6_addr_scope(pfx); 2676 2677 timeout = addrconf_timeout_fixup(valid_lft, HZ); 2678 if (addrconf_finite_timeout(timeout)) { 2679 expires = jiffies_to_clock_t(timeout * HZ); 2680 valid_lft = timeout; 2681 flags = RTF_EXPIRES; 2682 } else { 2683 expires = 0; 2684 flags = 0; 2685 ifa_flags |= IFA_F_PERMANENT; 2686 } 2687 2688 timeout = addrconf_timeout_fixup(prefered_lft, HZ); 2689 if (addrconf_finite_timeout(timeout)) { 2690 if (timeout == 0) 2691 ifa_flags |= IFA_F_DEPRECATED; 2692 prefered_lft = timeout; 2693 } 2694 2695 ifp = ipv6_add_addr(idev, pfx, peer_pfx, plen, scope, ifa_flags, 2696 valid_lft, prefered_lft); 2697 2698 if (!IS_ERR(ifp)) { 2699 if (!(ifa_flags & IFA_F_NOPREFIXROUTE)) { 2700 addrconf_prefix_route(&ifp->addr, ifp->prefix_len, dev, 2701 expires, flags); 2702 } 2703 2704 /* 2705 * Note that section 3.1 of RFC 4429 indicates 2706 * that the Optimistic flag should not be set for 2707 * manually configured addresses 2708 */ 2709 addrconf_dad_start(ifp); 2710 if (ifa_flags & IFA_F_MANAGETEMPADDR) 2711 manage_tempaddrs(idev, ifp, valid_lft, prefered_lft, 2712 true, jiffies); 2713 in6_ifa_put(ifp); 2714 addrconf_verify_rtnl(); 2715 return 0; 2716 } else if (ifa_flags & IFA_F_MCAUTOJOIN) { 2717 ipv6_mc_config(net->ipv6.mc_autojoin_sk, 2718 false, pfx, ifindex); 2719 } 2720 2721 return PTR_ERR(ifp); 2722} 2723 2724static int inet6_addr_del(struct net *net, int ifindex, u32 ifa_flags, 2725 const struct in6_addr *pfx, unsigned int plen) 2726{ 2727 struct inet6_ifaddr *ifp; 2728 struct inet6_dev *idev; 2729 struct net_device *dev; 2730 2731 if (plen > 128) 2732 return -EINVAL; 2733 2734 dev = __dev_get_by_index(net, ifindex); 2735 if (!dev) 2736 return -ENODEV; 2737 2738 idev = __in6_dev_get(dev); 2739 if (!idev) 2740 return -ENXIO; 2741 2742 read_lock_bh(&idev->lock); 2743 list_for_each_entry(ifp, &idev->addr_list, if_list) { 2744 if (ifp->prefix_len == plen && 2745 ipv6_addr_equal(pfx, &ifp->addr)) { 2746 in6_ifa_hold(ifp); 2747 read_unlock_bh(&idev->lock); 2748 2749 if (!(ifp->flags & IFA_F_TEMPORARY) && 2750 (ifa_flags & IFA_F_MANAGETEMPADDR)) 2751 manage_tempaddrs(idev, ifp, 0, 0, false, 2752 jiffies); 2753 ipv6_del_addr(ifp); 2754 addrconf_verify_rtnl(); 2755 if (ipv6_addr_is_multicast(pfx)) { 2756 ipv6_mc_config(net->ipv6.mc_autojoin_sk, 2757 false, pfx, dev->ifindex); 2758 } 2759 return 0; 2760 } 2761 } 2762 read_unlock_bh(&idev->lock); 2763 return -EADDRNOTAVAIL; 2764} 2765 2766 2767int addrconf_add_ifaddr(struct net *net, void __user *arg) 2768{ 2769 struct in6_ifreq ireq; 2770 int err; 2771 2772 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) 2773 return -EPERM; 2774 2775 if (copy_from_user(&ireq, arg, sizeof(struct in6_ifreq))) 2776 return -EFAULT; 2777 2778 rtnl_lock(); 2779 err = inet6_addr_add(net, ireq.ifr6_ifindex, &ireq.ifr6_addr, NULL, 2780 ireq.ifr6_prefixlen, IFA_F_PERMANENT, 2781 INFINITY_LIFE_TIME, INFINITY_LIFE_TIME); 2782 rtnl_unlock(); 2783 return err; 2784} 2785 2786int addrconf_del_ifaddr(struct net *net, void __user *arg) 2787{ 2788 struct in6_ifreq ireq; 2789 int err; 2790 2791 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) 2792 return -EPERM; 2793 2794 if (copy_from_user(&ireq, arg, sizeof(struct in6_ifreq))) 2795 return -EFAULT; 2796 2797 rtnl_lock(); 2798 err = inet6_addr_del(net, ireq.ifr6_ifindex, 0, &ireq.ifr6_addr, 2799 ireq.ifr6_prefixlen); 2800 rtnl_unlock(); 2801 return err; 2802} 2803 2804static void add_addr(struct inet6_dev *idev, const struct in6_addr *addr, 2805 int plen, int scope) 2806{ 2807 struct inet6_ifaddr *ifp; 2808 2809 ifp = ipv6_add_addr(idev, addr, NULL, plen, 2810 scope, IFA_F_PERMANENT, 2811 INFINITY_LIFE_TIME, INFINITY_LIFE_TIME); 2812 if (!IS_ERR(ifp)) { 2813 spin_lock_bh(&ifp->lock); 2814 ifp->flags &= ~IFA_F_TENTATIVE; 2815 spin_unlock_bh(&ifp->lock); 2816 ipv6_ifa_notify(RTM_NEWADDR, ifp); 2817 in6_ifa_put(ifp); 2818 } 2819} 2820 2821#if IS_ENABLED(CONFIG_IPV6_SIT) 2822static void sit_add_v4_addrs(struct inet6_dev *idev) 2823{ 2824 struct in6_addr addr; 2825 struct net_device *dev; 2826 struct net *net = dev_net(idev->dev); 2827 int scope, plen; 2828 u32 pflags = 0; 2829 2830 ASSERT_RTNL(); 2831 2832 memset(&addr, 0, sizeof(struct in6_addr)); 2833 memcpy(&addr.s6_addr32[3], idev->dev->dev_addr, 4); 2834 2835 if (idev->dev->flags&IFF_POINTOPOINT) { 2836 addr.s6_addr32[0] = htonl(0xfe800000); 2837 scope = IFA_LINK; 2838 plen = 64; 2839 } else { 2840 scope = IPV6_ADDR_COMPATv4; 2841 plen = 96; 2842 pflags |= RTF_NONEXTHOP; 2843 } 2844 2845 if (addr.s6_addr32[3]) { 2846 add_addr(idev, &addr, plen, scope); 2847 addrconf_prefix_route(&addr, plen, idev->dev, 0, pflags); 2848 return; 2849 } 2850 2851 for_each_netdev(net, dev) { 2852 struct in_device *in_dev = __in_dev_get_rtnl(dev); 2853 if (in_dev && (dev->flags & IFF_UP)) { 2854 struct in_ifaddr *ifa; 2855 2856 int flag = scope; 2857 2858 for (ifa = in_dev->ifa_list; ifa; ifa = ifa->ifa_next) { 2859 2860 addr.s6_addr32[3] = ifa->ifa_local; 2861 2862 if (ifa->ifa_scope == RT_SCOPE_LINK) 2863 continue; 2864 if (ifa->ifa_scope >= RT_SCOPE_HOST) { 2865 if (idev->dev->flags&IFF_POINTOPOINT) 2866 continue; 2867 flag |= IFA_HOST; 2868 } 2869 2870 add_addr(idev, &addr, plen, flag); 2871 addrconf_prefix_route(&addr, plen, idev->dev, 0, 2872 pflags); 2873 } 2874 } 2875 } 2876} 2877#endif 2878 2879static void init_loopback(struct net_device *dev) 2880{ 2881 struct inet6_dev *idev; 2882 struct net_device *sp_dev; 2883 struct inet6_ifaddr *sp_ifa; 2884 struct rt6_info *sp_rt; 2885 2886 /* ::1 */ 2887 2888 ASSERT_RTNL(); 2889 2890 idev = ipv6_find_idev(dev); 2891 if (!idev) { 2892 pr_debug("%s: add_dev failed\n", __func__); 2893 return; 2894 } 2895 2896 add_addr(idev, &in6addr_loopback, 128, IFA_HOST); 2897 2898 /* Add routes to other interface's IPv6 addresses */ 2899 for_each_netdev(dev_net(dev), sp_dev) { 2900 if (!strcmp(sp_dev->name, dev->name)) 2901 continue; 2902 2903 idev = __in6_dev_get(sp_dev); 2904 if (!idev) 2905 continue; 2906 2907 read_lock_bh(&idev->lock); 2908 list_for_each_entry(sp_ifa, &idev->addr_list, if_list) { 2909 2910 if (sp_ifa->flags & (IFA_F_DADFAILED | IFA_F_TENTATIVE)) 2911 continue; 2912 2913 if (sp_ifa->rt) { 2914 /* This dst has been added to garbage list when 2915 * lo device down, release this obsolete dst and 2916 * reallocate a new router for ifa. 2917 */ 2918 if (sp_ifa->rt->dst.obsolete > 0) { 2919 ip6_rt_put(sp_ifa->rt); 2920 sp_ifa->rt = NULL; 2921 } else { 2922 continue; 2923 } 2924 } 2925 2926 sp_rt = addrconf_dst_alloc(idev, &sp_ifa->addr, false); 2927 2928 /* Failure cases are ignored */ 2929 if (!IS_ERR(sp_rt)) { 2930 sp_ifa->rt = sp_rt; 2931 ip6_ins_rt(sp_rt); 2932 } 2933 } 2934 read_unlock_bh(&idev->lock); 2935 } 2936} 2937 2938static void addrconf_add_linklocal(struct inet6_dev *idev, 2939 const struct in6_addr *addr, u32 flags) 2940{ 2941 struct inet6_ifaddr *ifp; 2942 u32 addr_flags = flags | IFA_F_PERMANENT; 2943 2944#ifdef CONFIG_IPV6_OPTIMISTIC_DAD 2945 if (idev->cnf.optimistic_dad && 2946 !dev_net(idev->dev)->ipv6.devconf_all->forwarding) 2947 addr_flags |= IFA_F_OPTIMISTIC; 2948#endif 2949 2950 ifp = ipv6_add_addr(idev, addr, NULL, 64, IFA_LINK, addr_flags, 2951 INFINITY_LIFE_TIME, INFINITY_LIFE_TIME); 2952 if (!IS_ERR(ifp)) { 2953 addrconf_prefix_route(&ifp->addr, ifp->prefix_len, idev->dev, 0, 0); 2954 addrconf_dad_start(ifp); 2955 in6_ifa_put(ifp); 2956 } 2957} 2958 2959static bool ipv6_reserved_interfaceid(struct in6_addr address) 2960{ 2961 if ((address.s6_addr32[2] | address.s6_addr32[3]) == 0) 2962 return true; 2963 2964 if (address.s6_addr32[2] == htonl(0x02005eff) && 2965 ((address.s6_addr32[3] & htonl(0xfe000000)) == htonl(0xfe000000))) 2966 return true; 2967 2968 if (address.s6_addr32[2] == htonl(0xfdffffff) && 2969 ((address.s6_addr32[3] & htonl(0xffffff80)) == htonl(0xffffff80))) 2970 return true; 2971 2972 return false; 2973} 2974 2975static int ipv6_generate_stable_address(struct in6_addr *address, 2976 u8 dad_count, 2977 const struct inet6_dev *idev) 2978{ 2979 static DEFINE_SPINLOCK(lock); 2980 static __u32 digest[SHA_DIGEST_WORDS]; 2981 static __u32 workspace[SHA_WORKSPACE_WORDS]; 2982 2983 static union { 2984 char __data[SHA_MESSAGE_BYTES]; 2985 struct { 2986 struct in6_addr secret; 2987 __be32 prefix[2]; 2988 unsigned char hwaddr[MAX_ADDR_LEN]; 2989 u8 dad_count; 2990 } __packed; 2991 } data; 2992 2993 struct in6_addr secret; 2994 struct in6_addr temp; 2995 struct net *net = dev_net(idev->dev); 2996 2997 BUILD_BUG_ON(sizeof(data.__data) != sizeof(data)); 2998 2999 if (idev->cnf.stable_secret.initialized) 3000 secret = idev->cnf.stable_secret.secret; 3001 else if (net->ipv6.devconf_dflt->stable_secret.initialized) 3002 secret = net->ipv6.devconf_dflt->stable_secret.secret; 3003 else 3004 return -1; 3005 3006retry: 3007 spin_lock_bh(&lock); 3008 3009 sha_init(digest); 3010 memset(&data, 0, sizeof(data)); 3011 memset(workspace, 0, sizeof(workspace)); 3012 memcpy(data.hwaddr, idev->dev->perm_addr, idev->dev->addr_len); 3013 data.prefix[0] = address->s6_addr32[0]; 3014 data.prefix[1] = address->s6_addr32[1]; 3015 data.secret = secret; 3016 data.dad_count = dad_count; 3017 3018 sha_transform(digest, data.__data, workspace); 3019 3020 temp = *address; 3021 temp.s6_addr32[2] = (__force __be32)digest[0]; 3022 temp.s6_addr32[3] = (__force __be32)digest[1]; 3023 3024 spin_unlock_bh(&lock); 3025 3026 if (ipv6_reserved_interfaceid(temp)) { 3027 dad_count++; 3028 if (dad_count > dev_net(idev->dev)->ipv6.sysctl.idgen_retries) 3029 return -1; 3030 goto retry; 3031 } 3032 3033 *address = temp; 3034 return 0; 3035} 3036 3037static void addrconf_addr_gen(struct inet6_dev *idev, bool prefix_route) 3038{ 3039 struct in6_addr addr; 3040 3041 /* no link local addresses on L3 master devices */ 3042 if (netif_is_l3_master(idev->dev)) 3043 return; 3044 3045 ipv6_addr_set(&addr, htonl(0xFE800000), 0, 0, 0); 3046 3047 if (idev->addr_gen_mode == IN6_ADDR_GEN_MODE_STABLE_PRIVACY) { 3048 if (!ipv6_generate_stable_address(&addr, 0, idev)) 3049 addrconf_add_linklocal(idev, &addr, 3050 IFA_F_STABLE_PRIVACY); 3051 else if (prefix_route) 3052 addrconf_prefix_route(&addr, 64, idev->dev, 0, 0); 3053 } else if (idev->addr_gen_mode == IN6_ADDR_GEN_MODE_EUI64) { 3054 /* addrconf_add_linklocal also adds a prefix_route and we 3055 * only need to care about prefix routes if ipv6_generate_eui64 3056 * couldn't generate one. 3057 */ 3058 if (ipv6_generate_eui64(addr.s6_addr + 8, idev->dev) == 0) 3059 addrconf_add_linklocal(idev, &addr, 0); 3060 else if (prefix_route) 3061 addrconf_prefix_route(&addr, 64, idev->dev, 0, 0); 3062 } 3063} 3064 3065static void addrconf_dev_config(struct net_device *dev) 3066{ 3067 struct inet6_dev *idev; 3068 3069 ASSERT_RTNL(); 3070 3071 if ((dev->type != ARPHRD_ETHER) && 3072 (dev->type != ARPHRD_FDDI) && 3073 (dev->type != ARPHRD_ARCNET) && 3074 (dev->type != ARPHRD_INFINIBAND) && 3075 (dev->type != ARPHRD_IEEE802154) && 3076 (dev->type != ARPHRD_IEEE1394) && 3077 (dev->type != ARPHRD_TUNNEL6) && 3078 (dev->type != ARPHRD_6LOWPAN)) { 3079 /* Alas, we support only Ethernet autoconfiguration. */ 3080 return; 3081 } 3082 3083 idev = addrconf_add_dev(dev); 3084 if (IS_ERR(idev)) 3085 return; 3086 3087 addrconf_addr_gen(idev, false); 3088} 3089 3090#if IS_ENABLED(CONFIG_IPV6_SIT) 3091static void addrconf_sit_config(struct net_device *dev) 3092{ 3093 struct inet6_dev *idev; 3094 3095 ASSERT_RTNL(); 3096 3097 /* 3098 * Configure the tunnel with one of our IPv4 3099 * addresses... we should configure all of 3100 * our v4 addrs in the tunnel 3101 */ 3102 3103 idev = ipv6_find_idev(dev); 3104 if (!idev) { 3105 pr_debug("%s: add_dev failed\n", __func__); 3106 return; 3107 } 3108 3109 if (dev->priv_flags & IFF_ISATAP) { 3110 addrconf_addr_gen(idev, false); 3111 return; 3112 } 3113 3114 sit_add_v4_addrs(idev); 3115 3116 if (dev->flags&IFF_POINTOPOINT) 3117 addrconf_add_mroute(dev); 3118} 3119#endif 3120 3121#if IS_ENABLED(CONFIG_NET_IPGRE) 3122static void addrconf_gre_config(struct net_device *dev) 3123{ 3124 struct inet6_dev *idev; 3125 3126 ASSERT_RTNL(); 3127 3128 idev = ipv6_find_idev(dev); 3129 if (!idev) { 3130 pr_debug("%s: add_dev failed\n", __func__); 3131 return; 3132 } 3133 3134 addrconf_addr_gen(idev, true); 3135 if (dev->flags & IFF_POINTOPOINT) 3136 addrconf_add_mroute(dev); 3137} 3138#endif 3139 3140static int addrconf_notify(struct notifier_block *this, unsigned long event, 3141 void *ptr) 3142{ 3143 struct net_device *dev = netdev_notifier_info_to_dev(ptr); 3144 struct inet6_dev *idev = __in6_dev_get(dev); 3145 int run_pending = 0; 3146 int err; 3147 3148 switch (event) { 3149 case NETDEV_REGISTER: 3150 if (!idev && dev->mtu >= IPV6_MIN_MTU) { 3151 idev = ipv6_add_dev(dev); 3152 if (IS_ERR(idev)) 3153 return notifier_from_errno(PTR_ERR(idev)); 3154 } 3155 break; 3156 3157 case NETDEV_CHANGEMTU: 3158 /* if MTU under IPV6_MIN_MTU stop IPv6 on this interface. */ 3159 if (dev->mtu < IPV6_MIN_MTU) { 3160 addrconf_ifdown(dev, 1); 3161 break; 3162 } 3163 3164 if (idev) { 3165 rt6_mtu_change(dev, dev->mtu); 3166 idev->cnf.mtu6 = dev->mtu; 3167 break; 3168 } 3169 3170 /* allocate new idev */ 3171 idev = ipv6_add_dev(dev); 3172 if (IS_ERR(idev)) 3173 break; 3174 3175 /* device is still not ready */ 3176 if (!(idev->if_flags & IF_READY)) 3177 break; 3178 3179 run_pending = 1; 3180 3181 /* fall through */ 3182 3183 case NETDEV_UP: 3184 case NETDEV_CHANGE: 3185 if (dev->flags & IFF_SLAVE) 3186 break; 3187 3188 if (idev && idev->cnf.disable_ipv6) 3189 break; 3190 3191 if (event == NETDEV_UP) { 3192 if (!addrconf_qdisc_ok(dev)) { 3193 /* device is not ready yet. */ 3194 pr_info("ADDRCONF(NETDEV_UP): %s: link is not ready\n", 3195 dev->name); 3196 break; 3197 } 3198 3199 if (!idev && dev->mtu >= IPV6_MIN_MTU) 3200 idev = ipv6_add_dev(dev); 3201 3202 if (!IS_ERR_OR_NULL(idev)) { 3203 idev->if_flags |= IF_READY; 3204 run_pending = 1; 3205 } 3206 } else if (event == NETDEV_CHANGE) { 3207 if (!addrconf_qdisc_ok(dev)) { 3208 /* device is still not ready. */ 3209 break; 3210 } 3211 3212 if (idev) { 3213 if (idev->if_flags & IF_READY) 3214 /* device is already configured. */ 3215 break; 3216 idev->if_flags |= IF_READY; 3217 } 3218 3219 pr_info("ADDRCONF(NETDEV_CHANGE): %s: link becomes ready\n", 3220 dev->name); 3221 3222 run_pending = 1; 3223 } 3224 3225 switch (dev->type) { 3226#if IS_ENABLED(CONFIG_IPV6_SIT) 3227 case ARPHRD_SIT: 3228 addrconf_sit_config(dev); 3229 break; 3230#endif 3231#if IS_ENABLED(CONFIG_NET_IPGRE) 3232 case ARPHRD_IPGRE: 3233 addrconf_gre_config(dev); 3234 break; 3235#endif 3236 case ARPHRD_LOOPBACK: 3237 init_loopback(dev); 3238 break; 3239 3240 default: 3241 addrconf_dev_config(dev); 3242 break; 3243 } 3244 3245 if (!IS_ERR_OR_NULL(idev)) { 3246 if (run_pending) 3247 addrconf_dad_run(idev); 3248 3249 /* 3250 * If the MTU changed during the interface down, 3251 * when the interface up, the changed MTU must be 3252 * reflected in the idev as well as routers. 3253 */ 3254 if (idev->cnf.mtu6 != dev->mtu && 3255 dev->mtu >= IPV6_MIN_MTU) { 3256 rt6_mtu_change(dev, dev->mtu); 3257 idev->cnf.mtu6 = dev->mtu; 3258 } 3259 idev->tstamp = jiffies; 3260 inet6_ifinfo_notify(RTM_NEWLINK, idev); 3261 3262 /* 3263 * If the changed mtu during down is lower than 3264 * IPV6_MIN_MTU stop IPv6 on this interface. 3265 */ 3266 if (dev->mtu < IPV6_MIN_MTU) 3267 addrconf_ifdown(dev, 1); 3268 } 3269 break; 3270 3271 case NETDEV_DOWN: 3272 case NETDEV_UNREGISTER: 3273 /* 3274 * Remove all addresses from this interface. 3275 */ 3276 addrconf_ifdown(dev, event != NETDEV_DOWN); 3277 break; 3278 3279 case NETDEV_CHANGENAME: 3280 if (idev) { 3281 snmp6_unregister_dev(idev); 3282 addrconf_sysctl_unregister(idev); 3283 err = addrconf_sysctl_register(idev); 3284 if (err) 3285 return notifier_from_errno(err); 3286 err = snmp6_register_dev(idev); 3287 if (err) { 3288 addrconf_sysctl_unregister(idev); 3289 return notifier_from_errno(err); 3290 } 3291 } 3292 break; 3293 3294 case NETDEV_PRE_TYPE_CHANGE: 3295 case NETDEV_POST_TYPE_CHANGE: 3296 addrconf_type_change(dev, event); 3297 break; 3298 } 3299 3300 return NOTIFY_OK; 3301} 3302 3303/* 3304 * addrconf module should be notified of a device going up 3305 */ 3306static struct notifier_block ipv6_dev_notf = { 3307 .notifier_call = addrconf_notify, 3308}; 3309 3310static void addrconf_type_change(struct net_device *dev, unsigned long event) 3311{ 3312 struct inet6_dev *idev; 3313 ASSERT_RTNL(); 3314 3315 idev = __in6_dev_get(dev); 3316 3317 if (event == NETDEV_POST_TYPE_CHANGE) 3318 ipv6_mc_remap(idev); 3319 else if (event == NETDEV_PRE_TYPE_CHANGE) 3320 ipv6_mc_unmap(idev); 3321} 3322 3323static int addrconf_ifdown(struct net_device *dev, int how) 3324{ 3325 struct net *net = dev_net(dev); 3326 struct inet6_dev *idev; 3327 struct inet6_ifaddr *ifa; 3328 int state, i; 3329 3330 ASSERT_RTNL(); 3331 3332 rt6_ifdown(net, dev); 3333 neigh_ifdown(&nd_tbl, dev); 3334 3335 idev = __in6_dev_get(dev); 3336 if (!idev) 3337 return -ENODEV; 3338 3339 /* 3340 * Step 1: remove reference to ipv6 device from parent device. 3341 * Do not dev_put! 3342 */ 3343 if (how) { 3344 idev->dead = 1; 3345 3346 /* protected by rtnl_lock */ 3347 RCU_INIT_POINTER(dev->ip6_ptr, NULL); 3348 3349 /* Step 1.5: remove snmp6 entry */ 3350 snmp6_unregister_dev(idev); 3351 3352 } 3353 3354 /* Step 2: clear hash table */ 3355 for (i = 0; i < IN6_ADDR_HSIZE; i++) { 3356 struct hlist_head *h = &inet6_addr_lst[i]; 3357 3358 spin_lock_bh(&addrconf_hash_lock); 3359restart: 3360 hlist_for_each_entry_rcu(ifa, h, addr_lst) { 3361 if (ifa->idev == idev) { 3362 hlist_del_init_rcu(&ifa->addr_lst); 3363 addrconf_del_dad_work(ifa); 3364 goto restart; 3365 } 3366 } 3367 spin_unlock_bh(&addrconf_hash_lock); 3368 } 3369 3370 write_lock_bh(&idev->lock); 3371 3372 addrconf_del_rs_timer(idev); 3373 3374 /* Step 2: clear flags for stateless addrconf */ 3375 if (!how) 3376 idev->if_flags &= ~(IF_RS_SENT|IF_RA_RCVD|IF_READY); 3377 3378 if (how && del_timer(&idev->regen_timer)) 3379 in6_dev_put(idev); 3380 3381 /* Step 3: clear tempaddr list */ 3382 while (!list_empty(&idev->tempaddr_list)) { 3383 ifa = list_first_entry(&idev->tempaddr_list, 3384 struct inet6_ifaddr, tmp_list); 3385 list_del(&ifa->tmp_list); 3386 write_unlock_bh(&idev->lock); 3387 spin_lock_bh(&ifa->lock); 3388 3389 if (ifa->ifpub) { 3390 in6_ifa_put(ifa->ifpub); 3391 ifa->ifpub = NULL; 3392 } 3393 spin_unlock_bh(&ifa->lock); 3394 in6_ifa_put(ifa); 3395 write_lock_bh(&idev->lock); 3396 } 3397 3398 while (!list_empty(&idev->addr_list)) { 3399 ifa = list_first_entry(&idev->addr_list, 3400 struct inet6_ifaddr, if_list); 3401 addrconf_del_dad_work(ifa); 3402 3403 list_del(&ifa->if_list); 3404 3405 write_unlock_bh(&idev->lock); 3406 3407 spin_lock_bh(&ifa->lock); 3408 state = ifa->state; 3409 ifa->state = INET6_IFADDR_STATE_DEAD; 3410 spin_unlock_bh(&ifa->lock); 3411 3412 if (state != INET6_IFADDR_STATE_DEAD) { 3413 __ipv6_ifa_notify(RTM_DELADDR, ifa); 3414 inet6addr_notifier_call_chain(NETDEV_DOWN, ifa); 3415 } 3416 in6_ifa_put(ifa); 3417 3418 write_lock_bh(&idev->lock); 3419 } 3420 3421 write_unlock_bh(&idev->lock); 3422 3423 /* Step 5: Discard anycast and multicast list */ 3424 if (how) { 3425 ipv6_ac_destroy_dev(idev); 3426 ipv6_mc_destroy_dev(idev); 3427 } else { 3428 ipv6_mc_down(idev); 3429 } 3430 3431 idev->tstamp = jiffies; 3432 3433 /* Last: Shot the device (if unregistered) */ 3434 if (how) { 3435 addrconf_sysctl_unregister(idev); 3436 neigh_parms_release(&nd_tbl, idev->nd_parms); 3437 neigh_ifdown(&nd_tbl, dev); 3438 in6_dev_put(idev); 3439 } 3440 return 0; 3441} 3442 3443static void addrconf_rs_timer(unsigned long data) 3444{ 3445 struct inet6_dev *idev = (struct inet6_dev *)data; 3446 struct net_device *dev = idev->dev; 3447 struct in6_addr lladdr; 3448 3449 write_lock(&idev->lock); 3450 if (idev->dead || !(idev->if_flags & IF_READY)) 3451 goto out; 3452 3453 if (!ipv6_accept_ra(idev)) 3454 goto out; 3455 3456 /* Announcement received after solicitation was sent */ 3457 if (idev->if_flags & IF_RA_RCVD) 3458 goto out; 3459 3460 if (idev->rs_probes++ < idev->cnf.rtr_solicits) { 3461 write_unlock(&idev->lock); 3462 if (!ipv6_get_lladdr(dev, &lladdr, IFA_F_TENTATIVE)) 3463 ndisc_send_rs(dev, &lladdr, 3464 &in6addr_linklocal_allrouters); 3465 else 3466 goto put; 3467 3468 write_lock(&idev->lock); 3469 /* The wait after the last probe can be shorter */ 3470 addrconf_mod_rs_timer(idev, (idev->rs_probes == 3471 idev->cnf.rtr_solicits) ? 3472 idev->cnf.rtr_solicit_delay : 3473 idev->cnf.rtr_solicit_interval); 3474 } else { 3475 /* 3476 * Note: we do not support deprecated "all on-link" 3477 * assumption any longer. 3478 */ 3479 pr_debug("%s: no IPv6 routers present\n", idev->dev->name); 3480 } 3481 3482out: 3483 write_unlock(&idev->lock); 3484put: 3485 in6_dev_put(idev); 3486} 3487 3488/* 3489 * Duplicate Address Detection 3490 */ 3491static void addrconf_dad_kick(struct inet6_ifaddr *ifp) 3492{ 3493 unsigned long rand_num; 3494 struct inet6_dev *idev = ifp->idev; 3495 3496 if (ifp->flags & IFA_F_OPTIMISTIC) 3497 rand_num = 0; 3498 else 3499 rand_num = prandom_u32() % (idev->cnf.rtr_solicit_delay ? : 1); 3500 3501 ifp->dad_probes = idev->cnf.dad_transmits; 3502 addrconf_mod_dad_work(ifp, rand_num); 3503} 3504 3505static void addrconf_dad_begin(struct inet6_ifaddr *ifp) 3506{ 3507 struct inet6_dev *idev = ifp->idev; 3508 struct net_device *dev = idev->dev; 3509 bool notify = false; 3510 3511 addrconf_join_solict(dev, &ifp->addr); 3512 3513 prandom_seed((__force u32) ifp->addr.s6_addr32[3]); 3514 3515 read_lock_bh(&idev->lock); 3516 spin_lock(&ifp->lock); 3517 if (ifp->state == INET6_IFADDR_STATE_DEAD) 3518 goto out; 3519 3520 if (dev->flags&(IFF_NOARP|IFF_LOOPBACK) || 3521 idev->cnf.accept_dad < 1 || 3522 !(ifp->flags&IFA_F_TENTATIVE) || 3523 ifp->flags & IFA_F_NODAD) { 3524 ifp->flags &= ~(IFA_F_TENTATIVE|IFA_F_OPTIMISTIC|IFA_F_DADFAILED); 3525 spin_unlock(&ifp->lock); 3526 read_unlock_bh(&idev->lock); 3527 3528 addrconf_dad_completed(ifp); 3529 return; 3530 } 3531 3532 if (!(idev->if_flags & IF_READY)) { 3533 spin_unlock(&ifp->lock); 3534 read_unlock_bh(&idev->lock); 3535 /* 3536 * If the device is not ready: 3537 * - keep it tentative if it is a permanent address. 3538 * - otherwise, kill it. 3539 */ 3540 in6_ifa_hold(ifp); 3541 addrconf_dad_stop(ifp, 0); 3542 return; 3543 } 3544 3545 /* 3546 * Optimistic nodes can start receiving 3547 * Frames right away 3548 */ 3549 if (ifp->flags & IFA_F_OPTIMISTIC) { 3550 ip6_ins_rt(ifp->rt); 3551 if (ipv6_use_optimistic_addr(idev)) { 3552 /* Because optimistic nodes can use this address, 3553 * notify listeners. If DAD fails, RTM_DELADDR is sent. 3554 */ 3555 notify = true; 3556 } 3557 } 3558 3559 addrconf_dad_kick(ifp); 3560out: 3561 spin_unlock(&ifp->lock); 3562 read_unlock_bh(&idev->lock); 3563 if (notify) 3564 ipv6_ifa_notify(RTM_NEWADDR, ifp); 3565} 3566 3567static void addrconf_dad_start(struct inet6_ifaddr *ifp) 3568{ 3569 bool begin_dad = false; 3570 3571 spin_lock_bh(&ifp->lock); 3572 if (ifp->state != INET6_IFADDR_STATE_DEAD) { 3573 ifp->state = INET6_IFADDR_STATE_PREDAD; 3574 begin_dad = true; 3575 } 3576 spin_unlock_bh(&ifp->lock); 3577 3578 if (begin_dad) 3579 addrconf_mod_dad_work(ifp, 0); 3580} 3581 3582static void addrconf_dad_work(struct work_struct *w) 3583{ 3584 struct inet6_ifaddr *ifp = container_of(to_delayed_work(w), 3585 struct inet6_ifaddr, 3586 dad_work); 3587 struct inet6_dev *idev = ifp->idev; 3588 struct in6_addr mcaddr; 3589 3590 enum { 3591 DAD_PROCESS, 3592 DAD_BEGIN, 3593 DAD_ABORT, 3594 } action = DAD_PROCESS; 3595 3596 rtnl_lock(); 3597 3598 spin_lock_bh(&ifp->lock); 3599 if (ifp->state == INET6_IFADDR_STATE_PREDAD) { 3600 action = DAD_BEGIN; 3601 ifp->state = INET6_IFADDR_STATE_DAD; 3602 } else if (ifp->state == INET6_IFADDR_STATE_ERRDAD) { 3603 action = DAD_ABORT; 3604 ifp->state = INET6_IFADDR_STATE_POSTDAD; 3605 } 3606 spin_unlock_bh(&ifp->lock); 3607 3608 if (action == DAD_BEGIN) { 3609 addrconf_dad_begin(ifp); 3610 goto out; 3611 } else if (action == DAD_ABORT) { 3612 addrconf_dad_stop(ifp, 1); 3613 goto out; 3614 } 3615 3616 if (!ifp->dad_probes && addrconf_dad_end(ifp)) 3617 goto out; 3618 3619 write_lock_bh(&idev->lock); 3620 if (idev->dead || !(idev->if_flags & IF_READY)) { 3621 write_unlock_bh(&idev->lock); 3622 goto out; 3623 } 3624 3625 spin_lock(&ifp->lock); 3626 if (ifp->state == INET6_IFADDR_STATE_DEAD) { 3627 spin_unlock(&ifp->lock); 3628 write_unlock_bh(&idev->lock); 3629 goto out; 3630 } 3631 3632 if (ifp->dad_probes == 0) { 3633 /* 3634 * DAD was successful 3635 */ 3636 3637 ifp->flags &= ~(IFA_F_TENTATIVE|IFA_F_OPTIMISTIC|IFA_F_DADFAILED); 3638 spin_unlock(&ifp->lock); 3639 write_unlock_bh(&idev->lock); 3640 3641 addrconf_dad_completed(ifp); 3642 3643 goto out; 3644 } 3645 3646 ifp->dad_probes--; 3647 addrconf_mod_dad_work(ifp, 3648 NEIGH_VAR(ifp->idev->nd_parms, RETRANS_TIME)); 3649 spin_unlock(&ifp->lock); 3650 write_unlock_bh(&idev->lock); 3651 3652 /* send a neighbour solicitation for our addr */ 3653 addrconf_addr_solict_mult(&ifp->addr, &mcaddr); 3654 ndisc_send_ns(ifp->idev->dev, &ifp->addr, &mcaddr, &in6addr_any); 3655out: 3656 in6_ifa_put(ifp); 3657 rtnl_unlock(); 3658} 3659 3660/* ifp->idev must be at least read locked */ 3661static bool ipv6_lonely_lladdr(struct inet6_ifaddr *ifp) 3662{ 3663 struct inet6_ifaddr *ifpiter; 3664 struct inet6_dev *idev = ifp->idev; 3665 3666 list_for_each_entry_reverse(ifpiter, &idev->addr_list, if_list) { 3667 if (ifpiter->scope > IFA_LINK) 3668 break; 3669 if (ifp != ifpiter && ifpiter->scope == IFA_LINK && 3670 (ifpiter->flags & (IFA_F_PERMANENT|IFA_F_TENTATIVE| 3671 IFA_F_OPTIMISTIC|IFA_F_DADFAILED)) == 3672 IFA_F_PERMANENT) 3673 return false; 3674 } 3675 return true; 3676} 3677 3678static void addrconf_dad_completed(struct inet6_ifaddr *ifp) 3679{ 3680 struct net_device *dev = ifp->idev->dev; 3681 struct in6_addr lladdr; 3682 bool send_rs, send_mld; 3683 3684 addrconf_del_dad_work(ifp); 3685 3686 /* 3687 * Configure the address for reception. Now it is valid. 3688 */ 3689 3690 ipv6_ifa_notify(RTM_NEWADDR, ifp); 3691 3692 /* If added prefix is link local and we are prepared to process 3693 router advertisements, start sending router solicitations. 3694 */ 3695 3696 read_lock_bh(&ifp->idev->lock); 3697 send_mld = ifp->scope == IFA_LINK && ipv6_lonely_lladdr(ifp); 3698 send_rs = send_mld && 3699 ipv6_accept_ra(ifp->idev) && 3700 ifp->idev->cnf.rtr_solicits > 0 && 3701 (dev->flags&IFF_LOOPBACK) == 0; 3702 read_unlock_bh(&ifp->idev->lock); 3703 3704 /* While dad is in progress mld report's source address is in6_addrany. 3705 * Resend with proper ll now. 3706 */ 3707 if (send_mld) 3708 ipv6_mc_dad_complete(ifp->idev); 3709 3710 if (send_rs) { 3711 /* 3712 * If a host as already performed a random delay 3713 * [...] as part of DAD [...] there is no need 3714 * to delay again before sending the first RS 3715 */ 3716 if (ipv6_get_lladdr(dev, &lladdr, IFA_F_TENTATIVE)) 3717 return; 3718 ndisc_send_rs(dev, &lladdr, &in6addr_linklocal_allrouters); 3719 3720 write_lock_bh(&ifp->idev->lock); 3721 spin_lock(&ifp->lock); 3722 ifp->idev->rs_probes = 1; 3723 ifp->idev->if_flags |= IF_RS_SENT; 3724 addrconf_mod_rs_timer(ifp->idev, 3725 ifp->idev->cnf.rtr_solicit_interval); 3726 spin_unlock(&ifp->lock); 3727 write_unlock_bh(&ifp->idev->lock); 3728 } 3729} 3730 3731static void addrconf_dad_run(struct inet6_dev *idev) 3732{ 3733 struct inet6_ifaddr *ifp; 3734 3735 read_lock_bh(&idev->lock); 3736 list_for_each_entry(ifp, &idev->addr_list, if_list) { 3737 spin_lock(&ifp->lock); 3738 if (ifp->flags & IFA_F_TENTATIVE && 3739 ifp->state == INET6_IFADDR_STATE_DAD) 3740 addrconf_dad_kick(ifp); 3741 spin_unlock(&ifp->lock); 3742 } 3743 read_unlock_bh(&idev->lock); 3744} 3745 3746#ifdef CONFIG_PROC_FS 3747struct if6_iter_state { 3748 struct seq_net_private p; 3749 int bucket; 3750 int offset; 3751}; 3752 3753static struct inet6_ifaddr *if6_get_first(struct seq_file *seq, loff_t pos) 3754{ 3755 struct inet6_ifaddr *ifa = NULL; 3756 struct if6_iter_state *state = seq->private; 3757 struct net *net = seq_file_net(seq); 3758 int p = 0; 3759 3760 /* initial bucket if pos is 0 */ 3761 if (pos == 0) { 3762 state->bucket = 0; 3763 state->offset = 0; 3764 } 3765 3766 for (; state->bucket < IN6_ADDR_HSIZE; ++state->bucket) { 3767 hlist_for_each_entry_rcu_bh(ifa, &inet6_addr_lst[state->bucket], 3768 addr_lst) { 3769 if (!net_eq(dev_net(ifa->idev->dev), net)) 3770 continue; 3771 /* sync with offset */ 3772 if (p < state->offset) { 3773 p++; 3774 continue; 3775 } 3776 state->offset++; 3777 return ifa; 3778 } 3779 3780 /* prepare for next bucket */ 3781 state->offset = 0; 3782 p = 0; 3783 } 3784 return NULL; 3785} 3786 3787static struct inet6_ifaddr *if6_get_next(struct seq_file *seq, 3788 struct inet6_ifaddr *ifa) 3789{ 3790 struct if6_iter_state *state = seq->private; 3791 struct net *net = seq_file_net(seq); 3792 3793 hlist_for_each_entry_continue_rcu_bh(ifa, addr_lst) { 3794 if (!net_eq(dev_net(ifa->idev->dev), net)) 3795 continue; 3796 state->offset++; 3797 return ifa; 3798 } 3799 3800 while (++state->bucket < IN6_ADDR_HSIZE) { 3801 state->offset = 0; 3802 hlist_for_each_entry_rcu_bh(ifa, 3803 &inet6_addr_lst[state->bucket], addr_lst) { 3804 if (!net_eq(dev_net(ifa->idev->dev), net)) 3805 continue; 3806 state->offset++; 3807 return ifa; 3808 } 3809 } 3810 3811 return NULL; 3812} 3813 3814static void *if6_seq_start(struct seq_file *seq, loff_t *pos) 3815 __acquires(rcu_bh) 3816{ 3817 rcu_read_lock_bh(); 3818 return if6_get_first(seq, *pos); 3819} 3820 3821static void *if6_seq_next(struct seq_file *seq, void *v, loff_t *pos) 3822{ 3823 struct inet6_ifaddr *ifa; 3824 3825 ifa = if6_get_next(seq, v); 3826 ++*pos; 3827 return ifa; 3828} 3829 3830static void if6_seq_stop(struct seq_file *seq, void *v) 3831 __releases(rcu_bh) 3832{ 3833 rcu_read_unlock_bh(); 3834} 3835 3836static int if6_seq_show(struct seq_file *seq, void *v) 3837{ 3838 struct inet6_ifaddr *ifp = (struct inet6_ifaddr *)v; 3839 seq_printf(seq, "%pi6 %02x %02x %02x %02x %8s\n", 3840 &ifp->addr, 3841 ifp->idev->dev->ifindex, 3842 ifp->prefix_len, 3843 ifp->scope, 3844 (u8) ifp->flags, 3845 ifp->idev->dev->name); 3846 return 0; 3847} 3848 3849static const struct seq_operations if6_seq_ops = { 3850 .start = if6_seq_start, 3851 .next = if6_seq_next, 3852 .show = if6_seq_show, 3853 .stop = if6_seq_stop, 3854}; 3855 3856static int if6_seq_open(struct inode *inode, struct file *file) 3857{ 3858 return seq_open_net(inode, file, &if6_seq_ops, 3859 sizeof(struct if6_iter_state)); 3860} 3861 3862static const struct file_operations if6_fops = { 3863 .owner = THIS_MODULE, 3864 .open = if6_seq_open, 3865 .read = seq_read, 3866 .llseek = seq_lseek, 3867 .release = seq_release_net, 3868}; 3869 3870static int __net_init if6_proc_net_init(struct net *net) 3871{ 3872 if (!proc_create("if_inet6", S_IRUGO, net->proc_net, &if6_fops)) 3873 return -ENOMEM; 3874 return 0; 3875} 3876 3877static void __net_exit if6_proc_net_exit(struct net *net) 3878{ 3879 remove_proc_entry("if_inet6", net->proc_net); 3880} 3881 3882static struct pernet_operations if6_proc_net_ops = { 3883 .init = if6_proc_net_init, 3884 .exit = if6_proc_net_exit, 3885}; 3886 3887int __init if6_proc_init(void) 3888{ 3889 return register_pernet_subsys(&if6_proc_net_ops); 3890} 3891 3892void if6_proc_exit(void) 3893{ 3894 unregister_pernet_subsys(&if6_proc_net_ops); 3895} 3896#endif /* CONFIG_PROC_FS */ 3897 3898#if IS_ENABLED(CONFIG_IPV6_MIP6) 3899/* Check if address is a home address configured on any interface. */ 3900int ipv6_chk_home_addr(struct net *net, const struct in6_addr *addr) 3901{ 3902 int ret = 0; 3903 struct inet6_ifaddr *ifp = NULL; 3904 unsigned int hash = inet6_addr_hash(addr); 3905 3906 rcu_read_lock_bh(); 3907 hlist_for_each_entry_rcu_bh(ifp, &inet6_addr_lst[hash], addr_lst) { 3908 if (!net_eq(dev_net(ifp->idev->dev), net)) 3909 continue; 3910 if (ipv6_addr_equal(&ifp->addr, addr) && 3911 (ifp->flags & IFA_F_HOMEADDRESS)) { 3912 ret = 1; 3913 break; 3914 } 3915 } 3916 rcu_read_unlock_bh(); 3917 return ret; 3918} 3919#endif 3920 3921/* 3922 * Periodic address status verification 3923 */ 3924 3925static void addrconf_verify_rtnl(void) 3926{ 3927 unsigned long now, next, next_sec, next_sched; 3928 struct inet6_ifaddr *ifp; 3929 int i; 3930 3931 ASSERT_RTNL(); 3932 3933 rcu_read_lock_bh(); 3934 now = jiffies; 3935 next = round_jiffies_up(now + ADDR_CHECK_FREQUENCY); 3936 3937 cancel_delayed_work(&addr_chk_work); 3938 3939 for (i = 0; i < IN6_ADDR_HSIZE; i++) { 3940restart: 3941 hlist_for_each_entry_rcu_bh(ifp, &inet6_addr_lst[i], addr_lst) { 3942 unsigned long age; 3943 3944 /* When setting preferred_lft to a value not zero or 3945 * infinity, while valid_lft is infinity 3946 * IFA_F_PERMANENT has a non-infinity life time. 3947 */ 3948 if ((ifp->flags & IFA_F_PERMANENT) && 3949 (ifp->prefered_lft == INFINITY_LIFE_TIME)) 3950 continue; 3951 3952 spin_lock(&ifp->lock); 3953 /* We try to batch several events at once. */ 3954 age = (now - ifp->tstamp + ADDRCONF_TIMER_FUZZ_MINUS) / HZ; 3955 3956 if (ifp->valid_lft != INFINITY_LIFE_TIME && 3957 age >= ifp->valid_lft) { 3958 spin_unlock(&ifp->lock); 3959 in6_ifa_hold(ifp); 3960 ipv6_del_addr(ifp); 3961 goto restart; 3962 } else if (ifp->prefered_lft == INFINITY_LIFE_TIME) { 3963 spin_unlock(&ifp->lock); 3964 continue; 3965 } else if (age >= ifp->prefered_lft) { 3966 /* jiffies - ifp->tstamp > age >= ifp->prefered_lft */ 3967 int deprecate = 0; 3968 3969 if (!(ifp->flags&IFA_F_DEPRECATED)) { 3970 deprecate = 1; 3971 ifp->flags |= IFA_F_DEPRECATED; 3972 } 3973 3974 if ((ifp->valid_lft != INFINITY_LIFE_TIME) && 3975 (time_before(ifp->tstamp + ifp->valid_lft * HZ, next))) 3976 next = ifp->tstamp + ifp->valid_lft * HZ; 3977 3978 spin_unlock(&ifp->lock); 3979 3980 if (deprecate) { 3981 in6_ifa_hold(ifp); 3982 3983 ipv6_ifa_notify(0, ifp); 3984 in6_ifa_put(ifp); 3985 goto restart; 3986 } 3987 } else if ((ifp->flags&IFA_F_TEMPORARY) && 3988 !(ifp->flags&IFA_F_TENTATIVE)) { 3989 unsigned long regen_advance = ifp->idev->cnf.regen_max_retry * 3990 ifp->idev->cnf.dad_transmits * 3991 NEIGH_VAR(ifp->idev->nd_parms, RETRANS_TIME) / HZ; 3992 3993 if (age >= ifp->prefered_lft - regen_advance) { 3994 struct inet6_ifaddr *ifpub = ifp->ifpub; 3995 if (time_before(ifp->tstamp + ifp->prefered_lft * HZ, next)) 3996 next = ifp->tstamp + ifp->prefered_lft * HZ; 3997 if (!ifp->regen_count && ifpub) { 3998 ifp->regen_count++; 3999 in6_ifa_hold(ifp); 4000 in6_ifa_hold(ifpub); 4001 spin_unlock(&ifp->lock); 4002 4003 spin_lock(&ifpub->lock); 4004 ifpub->regen_count = 0; 4005 spin_unlock(&ifpub->lock); 4006 ipv6_create_tempaddr(ifpub, ifp); 4007 in6_ifa_put(ifpub); 4008 in6_ifa_put(ifp); 4009 goto restart; 4010 } 4011 } else if (time_before(ifp->tstamp + ifp->prefered_lft * HZ - regen_advance * HZ, next)) 4012 next = ifp->tstamp + ifp->prefered_lft * HZ - regen_advance * HZ; 4013 spin_unlock(&ifp->lock); 4014 } else { 4015 /* ifp->prefered_lft <= ifp->valid_lft */ 4016 if (time_before(ifp->tstamp + ifp->prefered_lft * HZ, next)) 4017 next = ifp->tstamp + ifp->prefered_lft * HZ; 4018 spin_unlock(&ifp->lock); 4019 } 4020 } 4021 } 4022 4023 next_sec = round_jiffies_up(next); 4024 next_sched = next; 4025 4026 /* If rounded timeout is accurate enough, accept it. */ 4027 if (time_before(next_sec, next + ADDRCONF_TIMER_FUZZ)) 4028 next_sched = next_sec; 4029 4030 /* And minimum interval is ADDRCONF_TIMER_FUZZ_MAX. */ 4031 if (time_before(next_sched, jiffies + ADDRCONF_TIMER_FUZZ_MAX)) 4032 next_sched = jiffies + ADDRCONF_TIMER_FUZZ_MAX; 4033 4034 ADBG(KERN_DEBUG "now = %lu, schedule = %lu, rounded schedule = %lu => %lu\n", 4035 now, next, next_sec, next_sched); 4036 mod_delayed_work(addrconf_wq, &addr_chk_work, next_sched - now); 4037 rcu_read_unlock_bh(); 4038} 4039 4040static void addrconf_verify_work(struct work_struct *w) 4041{ 4042 rtnl_lock(); 4043 addrconf_verify_rtnl(); 4044 rtnl_unlock(); 4045} 4046 4047static void addrconf_verify(void) 4048{ 4049 mod_delayed_work(addrconf_wq, &addr_chk_work, 0); 4050} 4051 4052static struct in6_addr *extract_addr(struct nlattr *addr, struct nlattr *local, 4053 struct in6_addr **peer_pfx) 4054{ 4055 struct in6_addr *pfx = NULL; 4056 4057 *peer_pfx = NULL; 4058 4059 if (addr) 4060 pfx = nla_data(addr); 4061 4062 if (local) { 4063 if (pfx && nla_memcmp(local, pfx, sizeof(*pfx))) 4064 *peer_pfx = pfx; 4065 pfx = nla_data(local); 4066 } 4067 4068 return pfx; 4069} 4070 4071static const struct nla_policy ifa_ipv6_policy[IFA_MAX+1] = { 4072 [IFA_ADDRESS] = { .len = sizeof(struct in6_addr) }, 4073 [IFA_LOCAL] = { .len = sizeof(struct in6_addr) }, 4074 [IFA_CACHEINFO] = { .len = sizeof(struct ifa_cacheinfo) }, 4075 [IFA_FLAGS] = { .len = sizeof(u32) }, 4076}; 4077 4078static int 4079inet6_rtm_deladdr(struct sk_buff *skb, struct nlmsghdr *nlh) 4080{ 4081 struct net *net = sock_net(skb->sk); 4082 struct ifaddrmsg *ifm; 4083 struct nlattr *tb[IFA_MAX+1]; 4084 struct in6_addr *pfx, *peer_pfx; 4085 u32 ifa_flags; 4086 int err; 4087 4088 err = nlmsg_parse(nlh, sizeof(*ifm), tb, IFA_MAX, ifa_ipv6_policy); 4089 if (err < 0) 4090 return err; 4091 4092 ifm = nlmsg_data(nlh); 4093 pfx = extract_addr(tb[IFA_ADDRESS], tb[IFA_LOCAL], &peer_pfx); 4094 if (!pfx) 4095 return -EINVAL; 4096 4097 ifa_flags = tb[IFA_FLAGS] ? nla_get_u32(tb[IFA_FLAGS]) : ifm->ifa_flags; 4098 4099 /* We ignore other flags so far. */ 4100 ifa_flags &= IFA_F_MANAGETEMPADDR; 4101 4102 return inet6_addr_del(net, ifm->ifa_index, ifa_flags, pfx, 4103 ifm->ifa_prefixlen); 4104} 4105 4106static int inet6_addr_modify(struct inet6_ifaddr *ifp, u32 ifa_flags, 4107 u32 prefered_lft, u32 valid_lft) 4108{ 4109 u32 flags; 4110 clock_t expires; 4111 unsigned long timeout; 4112 bool was_managetempaddr; 4113 bool had_prefixroute; 4114 4115 ASSERT_RTNL(); 4116 4117 if (!valid_lft || (prefered_lft > valid_lft)) 4118 return -EINVAL; 4119 4120 if (ifa_flags & IFA_F_MANAGETEMPADDR && 4121 (ifp->flags & IFA_F_TEMPORARY || ifp->prefix_len != 64)) 4122 return -EINVAL; 4123 4124 timeout = addrconf_timeout_fixup(valid_lft, HZ); 4125 if (addrconf_finite_timeout(timeout)) { 4126 expires = jiffies_to_clock_t(timeout * HZ); 4127 valid_lft = timeout; 4128 flags = RTF_EXPIRES; 4129 } else { 4130 expires = 0; 4131 flags = 0; 4132 ifa_flags |= IFA_F_PERMANENT; 4133 } 4134 4135 timeout = addrconf_timeout_fixup(prefered_lft, HZ); 4136 if (addrconf_finite_timeout(timeout)) { 4137 if (timeout == 0) 4138 ifa_flags |= IFA_F_DEPRECATED; 4139 prefered_lft = timeout; 4140 } 4141 4142 spin_lock_bh(&ifp->lock); 4143 was_managetempaddr = ifp->flags & IFA_F_MANAGETEMPADDR; 4144 had_prefixroute = ifp->flags & IFA_F_PERMANENT && 4145 !(ifp->flags & IFA_F_NOPREFIXROUTE); 4146 ifp->flags &= ~(IFA_F_DEPRECATED | IFA_F_PERMANENT | IFA_F_NODAD | 4147 IFA_F_HOMEADDRESS | IFA_F_MANAGETEMPADDR | 4148 IFA_F_NOPREFIXROUTE); 4149 ifp->flags |= ifa_flags; 4150 ifp->tstamp = jiffies; 4151 ifp->valid_lft = valid_lft; 4152 ifp->prefered_lft = prefered_lft; 4153 4154 spin_unlock_bh(&ifp->lock); 4155 if (!(ifp->flags&IFA_F_TENTATIVE)) 4156 ipv6_ifa_notify(0, ifp); 4157 4158 if (!(ifa_flags & IFA_F_NOPREFIXROUTE)) { 4159 addrconf_prefix_route(&ifp->addr, ifp->prefix_len, ifp->idev->dev, 4160 expires, flags); 4161 } else if (had_prefixroute) { 4162 enum cleanup_prefix_rt_t action; 4163 unsigned long rt_expires; 4164 4165 write_lock_bh(&ifp->idev->lock); 4166 action = check_cleanup_prefix_route(ifp, &rt_expires); 4167 write_unlock_bh(&ifp->idev->lock); 4168 4169 if (action != CLEANUP_PREFIX_RT_NOP) { 4170 cleanup_prefix_route(ifp, rt_expires, 4171 action == CLEANUP_PREFIX_RT_DEL); 4172 } 4173 } 4174 4175 if (was_managetempaddr || ifp->flags & IFA_F_MANAGETEMPADDR) { 4176 if (was_managetempaddr && !(ifp->flags & IFA_F_MANAGETEMPADDR)) 4177 valid_lft = prefered_lft = 0; 4178 manage_tempaddrs(ifp->idev, ifp, valid_lft, prefered_lft, 4179 !was_managetempaddr, jiffies); 4180 } 4181 4182 addrconf_verify_rtnl(); 4183 4184 return 0; 4185} 4186 4187static int 4188inet6_rtm_newaddr(struct sk_buff *skb, struct nlmsghdr *nlh) 4189{ 4190 struct net *net = sock_net(skb->sk); 4191 struct ifaddrmsg *ifm; 4192 struct nlattr *tb[IFA_MAX+1]; 4193 struct in6_addr *pfx, *peer_pfx; 4194 struct inet6_ifaddr *ifa; 4195 struct net_device *dev; 4196 u32 valid_lft = INFINITY_LIFE_TIME, preferred_lft = INFINITY_LIFE_TIME; 4197 u32 ifa_flags; 4198 int err; 4199 4200 err = nlmsg_parse(nlh, sizeof(*ifm), tb, IFA_MAX, ifa_ipv6_policy); 4201 if (err < 0) 4202 return err; 4203 4204 ifm = nlmsg_data(nlh); 4205 pfx = extract_addr(tb[IFA_ADDRESS], tb[IFA_LOCAL], &peer_pfx); 4206 if (!pfx) 4207 return -EINVAL; 4208 4209 if (tb[IFA_CACHEINFO]) { 4210 struct ifa_cacheinfo *ci; 4211 4212 ci = nla_data(tb[IFA_CACHEINFO]); 4213 valid_lft = ci->ifa_valid; 4214 preferred_lft = ci->ifa_prefered; 4215 } else { 4216 preferred_lft = INFINITY_LIFE_TIME; 4217 valid_lft = INFINITY_LIFE_TIME; 4218 } 4219 4220 dev = __dev_get_by_index(net, ifm->ifa_index); 4221 if (!dev) 4222 return -ENODEV; 4223 4224 ifa_flags = tb[IFA_FLAGS] ? nla_get_u32(tb[IFA_FLAGS]) : ifm->ifa_flags; 4225 4226 /* We ignore other flags so far. */ 4227 ifa_flags &= IFA_F_NODAD | IFA_F_HOMEADDRESS | IFA_F_MANAGETEMPADDR | 4228 IFA_F_NOPREFIXROUTE | IFA_F_MCAUTOJOIN; 4229 4230 ifa = ipv6_get_ifaddr(net, pfx, dev, 1); 4231 if (!ifa) { 4232 /* 4233 * It would be best to check for !NLM_F_CREATE here but 4234 * userspace already relies on not having to provide this. 4235 */ 4236 return inet6_addr_add(net, ifm->ifa_index, pfx, peer_pfx, 4237 ifm->ifa_prefixlen, ifa_flags, 4238 preferred_lft, valid_lft); 4239 } 4240 4241 if (nlh->nlmsg_flags & NLM_F_EXCL || 4242 !(nlh->nlmsg_flags & NLM_F_REPLACE)) 4243 err = -EEXIST; 4244 else 4245 err = inet6_addr_modify(ifa, ifa_flags, preferred_lft, valid_lft); 4246 4247 in6_ifa_put(ifa); 4248 4249 return err; 4250} 4251 4252static void put_ifaddrmsg(struct nlmsghdr *nlh, u8 prefixlen, u32 flags, 4253 u8 scope, int ifindex) 4254{ 4255 struct ifaddrmsg *ifm; 4256 4257 ifm = nlmsg_data(nlh); 4258 ifm->ifa_family = AF_INET6; 4259 ifm->ifa_prefixlen = prefixlen; 4260 ifm->ifa_flags = flags; 4261 ifm->ifa_scope = scope; 4262 ifm->ifa_index = ifindex; 4263} 4264 4265static int put_cacheinfo(struct sk_buff *skb, unsigned long cstamp, 4266 unsigned long tstamp, u32 preferred, u32 valid) 4267{ 4268 struct ifa_cacheinfo ci; 4269 4270 ci.cstamp = cstamp_delta(cstamp); 4271 ci.tstamp = cstamp_delta(tstamp); 4272 ci.ifa_prefered = preferred; 4273 ci.ifa_valid = valid; 4274 4275 return nla_put(skb, IFA_CACHEINFO, sizeof(ci), &ci); 4276} 4277 4278static inline int rt_scope(int ifa_scope) 4279{ 4280 if (ifa_scope & IFA_HOST) 4281 return RT_SCOPE_HOST; 4282 else if (ifa_scope & IFA_LINK) 4283 return RT_SCOPE_LINK; 4284 else if (ifa_scope & IFA_SITE) 4285 return RT_SCOPE_SITE; 4286 else 4287 return RT_SCOPE_UNIVERSE; 4288} 4289 4290static inline int inet6_ifaddr_msgsize(void) 4291{ 4292 return NLMSG_ALIGN(sizeof(struct ifaddrmsg)) 4293 + nla_total_size(16) /* IFA_LOCAL */ 4294 + nla_total_size(16) /* IFA_ADDRESS */ 4295 + nla_total_size(sizeof(struct ifa_cacheinfo)) 4296 + nla_total_size(4) /* IFA_FLAGS */; 4297} 4298 4299static int inet6_fill_ifaddr(struct sk_buff *skb, struct inet6_ifaddr *ifa, 4300 u32 portid, u32 seq, int event, unsigned int flags) 4301{ 4302 struct nlmsghdr *nlh; 4303 u32 preferred, valid; 4304 4305 nlh = nlmsg_put(skb, portid, seq, event, sizeof(struct ifaddrmsg), flags); 4306 if (!nlh) 4307 return -EMSGSIZE; 4308 4309 put_ifaddrmsg(nlh, ifa->prefix_len, ifa->flags, rt_scope(ifa->scope), 4310 ifa->idev->dev->ifindex); 4311 4312 if (!((ifa->flags&IFA_F_PERMANENT) && 4313 (ifa->prefered_lft == INFINITY_LIFE_TIME))) { 4314 preferred = ifa->prefered_lft; 4315 valid = ifa->valid_lft; 4316 if (preferred != INFINITY_LIFE_TIME) { 4317 long tval = (jiffies - ifa->tstamp)/HZ; 4318 if (preferred > tval) 4319 preferred -= tval; 4320 else 4321 preferred = 0; 4322 if (valid != INFINITY_LIFE_TIME) { 4323 if (valid > tval) 4324 valid -= tval; 4325 else 4326 valid = 0; 4327 } 4328 } 4329 } else { 4330 preferred = INFINITY_LIFE_TIME; 4331 valid = INFINITY_LIFE_TIME; 4332 } 4333 4334 if (!ipv6_addr_any(&ifa->peer_addr)) { 4335 if (nla_put_in6_addr(skb, IFA_LOCAL, &ifa->addr) < 0 || 4336 nla_put_in6_addr(skb, IFA_ADDRESS, &ifa->peer_addr) < 0) 4337 goto error; 4338 } else 4339 if (nla_put_in6_addr(skb, IFA_ADDRESS, &ifa->addr) < 0) 4340 goto error; 4341 4342 if (put_cacheinfo(skb, ifa->cstamp, ifa->tstamp, preferred, valid) < 0) 4343 goto error; 4344 4345 if (nla_put_u32(skb, IFA_FLAGS, ifa->flags) < 0) 4346 goto error; 4347 4348 nlmsg_end(skb, nlh); 4349 return 0; 4350 4351error: 4352 nlmsg_cancel(skb, nlh); 4353 return -EMSGSIZE; 4354} 4355 4356static int inet6_fill_ifmcaddr(struct sk_buff *skb, struct ifmcaddr6 *ifmca, 4357 u32 portid, u32 seq, int event, u16 flags) 4358{ 4359 struct nlmsghdr *nlh; 4360 u8 scope = RT_SCOPE_UNIVERSE; 4361 int ifindex = ifmca->idev->dev->ifindex; 4362 4363 if (ipv6_addr_scope(&ifmca->mca_addr) & IFA_SITE) 4364 scope = RT_SCOPE_SITE; 4365 4366 nlh = nlmsg_put(skb, portid, seq, event, sizeof(struct ifaddrmsg), flags); 4367 if (!nlh) 4368 return -EMSGSIZE; 4369 4370 put_ifaddrmsg(nlh, 128, IFA_F_PERMANENT, scope, ifindex); 4371 if (nla_put_in6_addr(skb, IFA_MULTICAST, &ifmca->mca_addr) < 0 || 4372 put_cacheinfo(skb, ifmca->mca_cstamp, ifmca->mca_tstamp, 4373 INFINITY_LIFE_TIME, INFINITY_LIFE_TIME) < 0) { 4374 nlmsg_cancel(skb, nlh); 4375 return -EMSGSIZE; 4376 } 4377 4378 nlmsg_end(skb, nlh); 4379 return 0; 4380} 4381 4382static int inet6_fill_ifacaddr(struct sk_buff *skb, struct ifacaddr6 *ifaca, 4383 u32 portid, u32 seq, int event, unsigned int flags) 4384{ 4385 struct nlmsghdr *nlh; 4386 u8 scope = RT_SCOPE_UNIVERSE; 4387 int ifindex = ifaca->aca_idev->dev->ifindex; 4388 4389 if (ipv6_addr_scope(&ifaca->aca_addr) & IFA_SITE) 4390 scope = RT_SCOPE_SITE; 4391 4392 nlh = nlmsg_put(skb, portid, seq, event, sizeof(struct ifaddrmsg), flags); 4393 if (!nlh) 4394 return -EMSGSIZE; 4395 4396 put_ifaddrmsg(nlh, 128, IFA_F_PERMANENT, scope, ifindex); 4397 if (nla_put_in6_addr(skb, IFA_ANYCAST, &ifaca->aca_addr) < 0 || 4398 put_cacheinfo(skb, ifaca->aca_cstamp, ifaca->aca_tstamp, 4399 INFINITY_LIFE_TIME, INFINITY_LIFE_TIME) < 0) { 4400 nlmsg_cancel(skb, nlh); 4401 return -EMSGSIZE; 4402 } 4403 4404 nlmsg_end(skb, nlh); 4405 return 0; 4406} 4407 4408enum addr_type_t { 4409 UNICAST_ADDR, 4410 MULTICAST_ADDR, 4411 ANYCAST_ADDR, 4412}; 4413 4414/* called with rcu_read_lock() */ 4415static int in6_dump_addrs(struct inet6_dev *idev, struct sk_buff *skb, 4416 struct netlink_callback *cb, enum addr_type_t type, 4417 int s_ip_idx, int *p_ip_idx) 4418{ 4419 struct ifmcaddr6 *ifmca; 4420 struct ifacaddr6 *ifaca; 4421 int err = 1; 4422 int ip_idx = *p_ip_idx; 4423 4424 read_lock_bh(&idev->lock); 4425 switch (type) { 4426 case UNICAST_ADDR: { 4427 struct inet6_ifaddr *ifa; 4428 4429 /* unicast address incl. temp addr */ 4430 list_for_each_entry(ifa, &idev->addr_list, if_list) { 4431 if (++ip_idx < s_ip_idx) 4432 continue; 4433 err = inet6_fill_ifaddr(skb, ifa, 4434 NETLINK_CB(cb->skb).portid, 4435 cb->nlh->nlmsg_seq, 4436 RTM_NEWADDR, 4437 NLM_F_MULTI); 4438 if (err < 0) 4439 break; 4440 nl_dump_check_consistent(cb, nlmsg_hdr(skb)); 4441 } 4442 break; 4443 } 4444 case MULTICAST_ADDR: 4445 /* multicast address */ 4446 for (ifmca = idev->mc_list; ifmca; 4447 ifmca = ifmca->next, ip_idx++) { 4448 if (ip_idx < s_ip_idx) 4449 continue; 4450 err = inet6_fill_ifmcaddr(skb, ifmca, 4451 NETLINK_CB(cb->skb).portid, 4452 cb->nlh->nlmsg_seq, 4453 RTM_GETMULTICAST, 4454 NLM_F_MULTI); 4455 if (err < 0) 4456 break; 4457 } 4458 break; 4459 case ANYCAST_ADDR: 4460 /* anycast address */ 4461 for (ifaca = idev->ac_list; ifaca; 4462 ifaca = ifaca->aca_next, ip_idx++) { 4463 if (ip_idx < s_ip_idx) 4464 continue; 4465 err = inet6_fill_ifacaddr(skb, ifaca, 4466 NETLINK_CB(cb->skb).portid, 4467 cb->nlh->nlmsg_seq, 4468 RTM_GETANYCAST, 4469 NLM_F_MULTI); 4470 if (err < 0) 4471 break; 4472 } 4473 break; 4474 default: 4475 break; 4476 } 4477 read_unlock_bh(&idev->lock); 4478 *p_ip_idx = ip_idx; 4479 return err; 4480} 4481 4482static int inet6_dump_addr(struct sk_buff *skb, struct netlink_callback *cb, 4483 enum addr_type_t type) 4484{ 4485 struct net *net = sock_net(skb->sk); 4486 int h, s_h; 4487 int idx, ip_idx; 4488 int s_idx, s_ip_idx; 4489 struct net_device *dev; 4490 struct inet6_dev *idev; 4491 struct hlist_head *head; 4492 4493 s_h = cb->args[0]; 4494 s_idx = idx = cb->args[1]; 4495 s_ip_idx = ip_idx = cb->args[2]; 4496 4497 rcu_read_lock(); 4498 cb->seq = atomic_read(&net->ipv6.dev_addr_genid) ^ net->dev_base_seq; 4499 for (h = s_h; h < NETDEV_HASHENTRIES; h++, s_idx = 0) { 4500 idx = 0; 4501 head = &net->dev_index_head[h]; 4502 hlist_for_each_entry_rcu(dev, head, index_hlist) { 4503 if (idx < s_idx) 4504 goto cont; 4505 if (h > s_h || idx > s_idx) 4506 s_ip_idx = 0; 4507 ip_idx = 0; 4508 idev = __in6_dev_get(dev); 4509 if (!idev) 4510 goto cont; 4511 4512 if (in6_dump_addrs(idev, skb, cb, type, 4513 s_ip_idx, &ip_idx) < 0) 4514 goto done; 4515cont: 4516 idx++; 4517 } 4518 } 4519done: 4520 rcu_read_unlock(); 4521 cb->args[0] = h; 4522 cb->args[1] = idx; 4523 cb->args[2] = ip_idx; 4524 4525 return skb->len; 4526} 4527 4528static int inet6_dump_ifaddr(struct sk_buff *skb, struct netlink_callback *cb) 4529{ 4530 enum addr_type_t type = UNICAST_ADDR; 4531 4532 return inet6_dump_addr(skb, cb, type); 4533} 4534 4535static int inet6_dump_ifmcaddr(struct sk_buff *skb, struct netlink_callback *cb) 4536{ 4537 enum addr_type_t type = MULTICAST_ADDR; 4538 4539 return inet6_dump_addr(skb, cb, type); 4540} 4541 4542 4543static int inet6_dump_ifacaddr(struct sk_buff *skb, struct netlink_callback *cb) 4544{ 4545 enum addr_type_t type = ANYCAST_ADDR; 4546 4547 return inet6_dump_addr(skb, cb, type); 4548} 4549 4550static int inet6_rtm_getaddr(struct sk_buff *in_skb, struct nlmsghdr *nlh) 4551{ 4552 struct net *net = sock_net(in_skb->sk); 4553 struct ifaddrmsg *ifm; 4554 struct nlattr *tb[IFA_MAX+1]; 4555 struct in6_addr *addr = NULL, *peer; 4556 struct net_device *dev = NULL; 4557 struct inet6_ifaddr *ifa; 4558 struct sk_buff *skb; 4559 int err; 4560 4561 err = nlmsg_parse(nlh, sizeof(*ifm), tb, IFA_MAX, ifa_ipv6_policy); 4562 if (err < 0) 4563 goto errout; 4564 4565 addr = extract_addr(tb[IFA_ADDRESS], tb[IFA_LOCAL], &peer); 4566 if (!addr) { 4567 err = -EINVAL; 4568 goto errout; 4569 } 4570 4571 ifm = nlmsg_data(nlh); 4572 if (ifm->ifa_index) 4573 dev = __dev_get_by_index(net, ifm->ifa_index); 4574 4575 ifa = ipv6_get_ifaddr(net, addr, dev, 1); 4576 if (!ifa) { 4577 err = -EADDRNOTAVAIL; 4578 goto errout; 4579 } 4580 4581 skb = nlmsg_new(inet6_ifaddr_msgsize(), GFP_KERNEL); 4582 if (!skb) { 4583 err = -ENOBUFS; 4584 goto errout_ifa; 4585 } 4586 4587 err = inet6_fill_ifaddr(skb, ifa, NETLINK_CB(in_skb).portid, 4588 nlh->nlmsg_seq, RTM_NEWADDR, 0); 4589 if (err < 0) { 4590 /* -EMSGSIZE implies BUG in inet6_ifaddr_msgsize() */ 4591 WARN_ON(err == -EMSGSIZE); 4592 kfree_skb(skb); 4593 goto errout_ifa; 4594 } 4595 err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).portid); 4596errout_ifa: 4597 in6_ifa_put(ifa); 4598errout: 4599 return err; 4600} 4601 4602static void inet6_ifa_notify(int event, struct inet6_ifaddr *ifa) 4603{ 4604 struct sk_buff *skb; 4605 struct net *net = dev_net(ifa->idev->dev); 4606 int err = -ENOBUFS; 4607 4608 skb = nlmsg_new(inet6_ifaddr_msgsize(), GFP_ATOMIC); 4609 if (!skb) 4610 goto errout; 4611 4612 err = inet6_fill_ifaddr(skb, ifa, 0, 0, event, 0); 4613 if (err < 0) { 4614 /* -EMSGSIZE implies BUG in inet6_ifaddr_msgsize() */ 4615 WARN_ON(err == -EMSGSIZE); 4616 kfree_skb(skb); 4617 goto errout; 4618 } 4619 rtnl_notify(skb, net, 0, RTNLGRP_IPV6_IFADDR, NULL, GFP_ATOMIC); 4620 return; 4621errout: 4622 if (err < 0) 4623 rtnl_set_sk_err(net, RTNLGRP_IPV6_IFADDR, err); 4624} 4625 4626static inline void ipv6_store_devconf(struct ipv6_devconf *cnf, 4627 __s32 *array, int bytes) 4628{ 4629 BUG_ON(bytes < (DEVCONF_MAX * 4)); 4630 4631 memset(array, 0, bytes); 4632 array[DEVCONF_FORWARDING] = cnf->forwarding; 4633 array[DEVCONF_HOPLIMIT] = cnf->hop_limit; 4634 array[DEVCONF_MTU6] = cnf->mtu6; 4635 array[DEVCONF_ACCEPT_RA] = cnf->accept_ra; 4636 array[DEVCONF_ACCEPT_REDIRECTS] = cnf->accept_redirects; 4637 array[DEVCONF_AUTOCONF] = cnf->autoconf; 4638 array[DEVCONF_DAD_TRANSMITS] = cnf->dad_transmits; 4639 array[DEVCONF_RTR_SOLICITS] = cnf->rtr_solicits; 4640 array[DEVCONF_RTR_SOLICIT_INTERVAL] = 4641 jiffies_to_msecs(cnf->rtr_solicit_interval); 4642 array[DEVCONF_RTR_SOLICIT_DELAY] = 4643 jiffies_to_msecs(cnf->rtr_solicit_delay); 4644 array[DEVCONF_FORCE_MLD_VERSION] = cnf->force_mld_version; 4645 array[DEVCONF_MLDV1_UNSOLICITED_REPORT_INTERVAL] = 4646 jiffies_to_msecs(cnf->mldv1_unsolicited_report_interval); 4647 array[DEVCONF_MLDV2_UNSOLICITED_REPORT_INTERVAL] = 4648 jiffies_to_msecs(cnf->mldv2_unsolicited_report_interval); 4649 array[DEVCONF_USE_TEMPADDR] = cnf->use_tempaddr; 4650 array[DEVCONF_TEMP_VALID_LFT] = cnf->temp_valid_lft; 4651 array[DEVCONF_TEMP_PREFERED_LFT] = cnf->temp_prefered_lft; 4652 array[DEVCONF_REGEN_MAX_RETRY] = cnf->regen_max_retry; 4653 array[DEVCONF_MAX_DESYNC_FACTOR] = cnf->max_desync_factor; 4654 array[DEVCONF_MAX_ADDRESSES] = cnf->max_addresses; 4655 array[DEVCONF_ACCEPT_RA_DEFRTR] = cnf->accept_ra_defrtr; 4656 array[DEVCONF_ACCEPT_RA_MIN_HOP_LIMIT] = cnf->accept_ra_min_hop_limit; 4657 array[DEVCONF_ACCEPT_RA_PINFO] = cnf->accept_ra_pinfo; 4658#ifdef CONFIG_IPV6_ROUTER_PREF 4659 array[DEVCONF_ACCEPT_RA_RTR_PREF] = cnf->accept_ra_rtr_pref; 4660 array[DEVCONF_RTR_PROBE_INTERVAL] = 4661 jiffies_to_msecs(cnf->rtr_probe_interval); 4662#ifdef CONFIG_IPV6_ROUTE_INFO 4663 array[DEVCONF_ACCEPT_RA_RT_INFO_MAX_PLEN] = cnf->accept_ra_rt_info_max_plen; 4664#endif 4665#endif 4666 array[DEVCONF_PROXY_NDP] = cnf->proxy_ndp; 4667 array[DEVCONF_ACCEPT_SOURCE_ROUTE] = cnf->accept_source_route; 4668#ifdef CONFIG_IPV6_OPTIMISTIC_DAD 4669 array[DEVCONF_OPTIMISTIC_DAD] = cnf->optimistic_dad; 4670 array[DEVCONF_USE_OPTIMISTIC] = cnf->use_optimistic; 4671#endif 4672#ifdef CONFIG_IPV6_MROUTE 4673 array[DEVCONF_MC_FORWARDING] = cnf->mc_forwarding; 4674#endif 4675 array[DEVCONF_DISABLE_IPV6] = cnf->disable_ipv6; 4676 array[DEVCONF_ACCEPT_DAD] = cnf->accept_dad; 4677 array[DEVCONF_FORCE_TLLAO] = cnf->force_tllao; 4678 array[DEVCONF_NDISC_NOTIFY] = cnf->ndisc_notify; 4679 array[DEVCONF_SUPPRESS_FRAG_NDISC] = cnf->suppress_frag_ndisc; 4680 array[DEVCONF_ACCEPT_RA_FROM_LOCAL] = cnf->accept_ra_from_local; 4681 array[DEVCONF_ACCEPT_RA_MTU] = cnf->accept_ra_mtu; 4682 array[DEVCONF_IGNORE_ROUTES_WITH_LINKDOWN] = cnf->ignore_routes_with_linkdown; 4683 /* we omit DEVCONF_STABLE_SECRET for now */ 4684 array[DEVCONF_USE_OIF_ADDRS_ONLY] = cnf->use_oif_addrs_only; 4685} 4686 4687static inline size_t inet6_ifla6_size(void) 4688{ 4689 return nla_total_size(4) /* IFLA_INET6_FLAGS */ 4690 + nla_total_size(sizeof(struct ifla_cacheinfo)) 4691 + nla_total_size(DEVCONF_MAX * 4) /* IFLA_INET6_CONF */ 4692 + nla_total_size(IPSTATS_MIB_MAX * 8) /* IFLA_INET6_STATS */ 4693 + nla_total_size(ICMP6_MIB_MAX * 8) /* IFLA_INET6_ICMP6STATS */ 4694 + nla_total_size(sizeof(struct in6_addr)); /* IFLA_INET6_TOKEN */ 4695} 4696 4697static inline size_t inet6_if_nlmsg_size(void) 4698{ 4699 return NLMSG_ALIGN(sizeof(struct ifinfomsg)) 4700 + nla_total_size(IFNAMSIZ) /* IFLA_IFNAME */ 4701 + nla_total_size(MAX_ADDR_LEN) /* IFLA_ADDRESS */ 4702 + nla_total_size(4) /* IFLA_MTU */ 4703 + nla_total_size(4) /* IFLA_LINK */ 4704 + nla_total_size(1) /* IFLA_OPERSTATE */ 4705 + nla_total_size(inet6_ifla6_size()); /* IFLA_PROTINFO */ 4706} 4707 4708static inline void __snmp6_fill_statsdev(u64 *stats, atomic_long_t *mib, 4709 int items, int bytes) 4710{ 4711 int i; 4712 int pad = bytes - sizeof(u64) * items; 4713 BUG_ON(pad < 0); 4714 4715 /* Use put_unaligned() because stats may not be aligned for u64. */ 4716 put_unaligned(items, &stats[0]); 4717 for (i = 1; i < items; i++) 4718 put_unaligned(atomic_long_read(&mib[i]), &stats[i]); 4719 4720 memset(&stats[items], 0, pad); 4721} 4722 4723static inline void __snmp6_fill_stats64(u64 *stats, void __percpu *mib, 4724 int bytes, size_t syncpoff) 4725{ 4726 int i, c; 4727 u64 buff[IPSTATS_MIB_MAX]; 4728 int pad = bytes - sizeof(u64) * IPSTATS_MIB_MAX; 4729 4730 BUG_ON(pad < 0); 4731 4732 memset(buff, 0, sizeof(buff)); 4733 buff[0] = IPSTATS_MIB_MAX; 4734 4735 for_each_possible_cpu(c) { 4736 for (i = 1; i < IPSTATS_MIB_MAX; i++) 4737 buff[i] += snmp_get_cpu_field64(mib, c, i, syncpoff); 4738 } 4739 4740 memcpy(stats, buff, IPSTATS_MIB_MAX * sizeof(u64)); 4741 memset(&stats[IPSTATS_MIB_MAX], 0, pad); 4742} 4743 4744static void snmp6_fill_stats(u64 *stats, struct inet6_dev *idev, int attrtype, 4745 int bytes) 4746{ 4747 switch (attrtype) { 4748 case IFLA_INET6_STATS: 4749 __snmp6_fill_stats64(stats, idev->stats.ipv6, bytes, 4750 offsetof(struct ipstats_mib, syncp)); 4751 break; 4752 case IFLA_INET6_ICMP6STATS: 4753 __snmp6_fill_statsdev(stats, idev->stats.icmpv6dev->mibs, ICMP6_MIB_MAX, bytes); 4754 break; 4755 } 4756} 4757 4758static int inet6_fill_ifla6_attrs(struct sk_buff *skb, struct inet6_dev *idev, 4759 u32 ext_filter_mask) 4760{ 4761 struct nlattr *nla; 4762 struct ifla_cacheinfo ci; 4763 4764 if (nla_put_u32(skb, IFLA_INET6_FLAGS, idev->if_flags)) 4765 goto nla_put_failure; 4766 ci.max_reasm_len = IPV6_MAXPLEN; 4767 ci.tstamp = cstamp_delta(idev->tstamp); 4768 ci.reachable_time = jiffies_to_msecs(idev->nd_parms->reachable_time); 4769 ci.retrans_time = jiffies_to_msecs(NEIGH_VAR(idev->nd_parms, RETRANS_TIME)); 4770 if (nla_put(skb, IFLA_INET6_CACHEINFO, sizeof(ci), &ci)) 4771 goto nla_put_failure; 4772 nla = nla_reserve(skb, IFLA_INET6_CONF, DEVCONF_MAX * sizeof(s32)); 4773 if (!nla) 4774 goto nla_put_failure; 4775 ipv6_store_devconf(&idev->cnf, nla_data(nla), nla_len(nla)); 4776 4777 /* XXX - MC not implemented */ 4778 4779 if (ext_filter_mask & RTEXT_FILTER_SKIP_STATS) 4780 return 0; 4781 4782 nla = nla_reserve(skb, IFLA_INET6_STATS, IPSTATS_MIB_MAX * sizeof(u64)); 4783 if (!nla) 4784 goto nla_put_failure; 4785 snmp6_fill_stats(nla_data(nla), idev, IFLA_INET6_STATS, nla_len(nla)); 4786 4787 nla = nla_reserve(skb, IFLA_INET6_ICMP6STATS, ICMP6_MIB_MAX * sizeof(u64)); 4788 if (!nla) 4789 goto nla_put_failure; 4790 snmp6_fill_stats(nla_data(nla), idev, IFLA_INET6_ICMP6STATS, nla_len(nla)); 4791 4792 nla = nla_reserve(skb, IFLA_INET6_TOKEN, sizeof(struct in6_addr)); 4793 if (!nla) 4794 goto nla_put_failure; 4795 4796 if (nla_put_u8(skb, IFLA_INET6_ADDR_GEN_MODE, idev->addr_gen_mode)) 4797 goto nla_put_failure; 4798 4799 read_lock_bh(&idev->lock); 4800 memcpy(nla_data(nla), idev->token.s6_addr, nla_len(nla)); 4801 read_unlock_bh(&idev->lock); 4802 4803 return 0; 4804 4805nla_put_failure: 4806 return -EMSGSIZE; 4807} 4808 4809static size_t inet6_get_link_af_size(const struct net_device *dev, 4810 u32 ext_filter_mask) 4811{ 4812 if (!__in6_dev_get(dev)) 4813 return 0; 4814 4815 return inet6_ifla6_size(); 4816} 4817 4818static int inet6_fill_link_af(struct sk_buff *skb, const struct net_device *dev, 4819 u32 ext_filter_mask) 4820{ 4821 struct inet6_dev *idev = __in6_dev_get(dev); 4822 4823 if (!idev) 4824 return -ENODATA; 4825 4826 if (inet6_fill_ifla6_attrs(skb, idev, ext_filter_mask) < 0) 4827 return -EMSGSIZE; 4828 4829 return 0; 4830} 4831 4832static int inet6_set_iftoken(struct inet6_dev *idev, struct in6_addr *token) 4833{ 4834 struct inet6_ifaddr *ifp; 4835 struct net_device *dev = idev->dev; 4836 bool update_rs = false; 4837 struct in6_addr ll_addr; 4838 4839 ASSERT_RTNL(); 4840 4841 if (!token) 4842 return -EINVAL; 4843 if (ipv6_addr_any(token)) 4844 return -EINVAL; 4845 if (dev->flags & (IFF_LOOPBACK | IFF_NOARP)) 4846 return -EINVAL; 4847 if (!ipv6_accept_ra(idev)) 4848 return -EINVAL; 4849 if (idev->cnf.rtr_solicits <= 0) 4850 return -EINVAL; 4851 4852 write_lock_bh(&idev->lock); 4853 4854 BUILD_BUG_ON(sizeof(token->s6_addr) != 16); 4855 memcpy(idev->token.s6_addr + 8, token->s6_addr + 8, 8); 4856 4857 write_unlock_bh(&idev->lock); 4858 4859 if (!idev->dead && (idev->if_flags & IF_READY) && 4860 !ipv6_get_lladdr(dev, &ll_addr, IFA_F_TENTATIVE | 4861 IFA_F_OPTIMISTIC)) { 4862 4863 /* If we're not ready, then normal ifup will take care 4864 * of this. Otherwise, we need to request our rs here. 4865 */ 4866 ndisc_send_rs(dev, &ll_addr, &in6addr_linklocal_allrouters); 4867 update_rs = true; 4868 } 4869 4870 write_lock_bh(&idev->lock); 4871 4872 if (update_rs) { 4873 idev->if_flags |= IF_RS_SENT; 4874 idev->rs_probes = 1; 4875 addrconf_mod_rs_timer(idev, idev->cnf.rtr_solicit_interval); 4876 } 4877 4878 /* Well, that's kinda nasty ... */ 4879 list_for_each_entry(ifp, &idev->addr_list, if_list) { 4880 spin_lock(&ifp->lock); 4881 if (ifp->tokenized) { 4882 ifp->valid_lft = 0; 4883 ifp->prefered_lft = 0; 4884 } 4885 spin_unlock(&ifp->lock); 4886 } 4887 4888 write_unlock_bh(&idev->lock); 4889 inet6_ifinfo_notify(RTM_NEWLINK, idev); 4890 addrconf_verify_rtnl(); 4891 return 0; 4892} 4893 4894static const struct nla_policy inet6_af_policy[IFLA_INET6_MAX + 1] = { 4895 [IFLA_INET6_ADDR_GEN_MODE] = { .type = NLA_U8 }, 4896 [IFLA_INET6_TOKEN] = { .len = sizeof(struct in6_addr) }, 4897}; 4898 4899static int inet6_validate_link_af(const struct net_device *dev, 4900 const struct nlattr *nla) 4901{ 4902 struct nlattr *tb[IFLA_INET6_MAX + 1]; 4903 4904 if (dev && !__in6_dev_get(dev)) 4905 return -EAFNOSUPPORT; 4906 4907 return nla_parse_nested(tb, IFLA_INET6_MAX, nla, inet6_af_policy); 4908} 4909 4910static int inet6_set_link_af(struct net_device *dev, const struct nlattr *nla) 4911{ 4912 int err = -EINVAL; 4913 struct inet6_dev *idev = __in6_dev_get(dev); 4914 struct nlattr *tb[IFLA_INET6_MAX + 1]; 4915 4916 if (!idev) 4917 return -EAFNOSUPPORT; 4918 4919 if (nla_parse_nested(tb, IFLA_INET6_MAX, nla, NULL) < 0) 4920 BUG(); 4921 4922 if (tb[IFLA_INET6_TOKEN]) { 4923 err = inet6_set_iftoken(idev, nla_data(tb[IFLA_INET6_TOKEN])); 4924 if (err) 4925 return err; 4926 } 4927 4928 if (tb[IFLA_INET6_ADDR_GEN_MODE]) { 4929 u8 mode = nla_get_u8(tb[IFLA_INET6_ADDR_GEN_MODE]); 4930 4931 if (mode != IN6_ADDR_GEN_MODE_EUI64 && 4932 mode != IN6_ADDR_GEN_MODE_NONE && 4933 mode != IN6_ADDR_GEN_MODE_STABLE_PRIVACY) 4934 return -EINVAL; 4935 4936 if (mode == IN6_ADDR_GEN_MODE_STABLE_PRIVACY && 4937 !idev->cnf.stable_secret.initialized && 4938 !dev_net(dev)->ipv6.devconf_dflt->stable_secret.initialized) 4939 return -EINVAL; 4940 4941 idev->addr_gen_mode = mode; 4942 err = 0; 4943 } 4944 4945 return err; 4946} 4947 4948static int inet6_fill_ifinfo(struct sk_buff *skb, struct inet6_dev *idev, 4949 u32 portid, u32 seq, int event, unsigned int flags) 4950{ 4951 struct net_device *dev = idev->dev; 4952 struct ifinfomsg *hdr; 4953 struct nlmsghdr *nlh; 4954 void *protoinfo; 4955 4956 nlh = nlmsg_put(skb, portid, seq, event, sizeof(*hdr), flags); 4957 if (!nlh) 4958 return -EMSGSIZE; 4959 4960 hdr = nlmsg_data(nlh); 4961 hdr->ifi_family = AF_INET6; 4962 hdr->__ifi_pad = 0; 4963 hdr->ifi_type = dev->type; 4964 hdr->ifi_index = dev->ifindex; 4965 hdr->ifi_flags = dev_get_flags(dev); 4966 hdr->ifi_change = 0; 4967 4968 if (nla_put_string(skb, IFLA_IFNAME, dev->name) || 4969 (dev->addr_len && 4970 nla_put(skb, IFLA_ADDRESS, dev->addr_len, dev->dev_addr)) || 4971 nla_put_u32(skb, IFLA_MTU, dev->mtu) || 4972 (dev->ifindex != dev_get_iflink(dev) && 4973 nla_put_u32(skb, IFLA_LINK, dev_get_iflink(dev))) || 4974 nla_put_u8(skb, IFLA_OPERSTATE, 4975 netif_running(dev) ? dev->operstate : IF_OPER_DOWN)) 4976 goto nla_put_failure; 4977 protoinfo = nla_nest_start(skb, IFLA_PROTINFO); 4978 if (!protoinfo) 4979 goto nla_put_failure; 4980 4981 if (inet6_fill_ifla6_attrs(skb, idev, 0) < 0) 4982 goto nla_put_failure; 4983 4984 nla_nest_end(skb, protoinfo); 4985 nlmsg_end(skb, nlh); 4986 return 0; 4987 4988nla_put_failure: 4989 nlmsg_cancel(skb, nlh); 4990 return -EMSGSIZE; 4991} 4992 4993static int inet6_dump_ifinfo(struct sk_buff *skb, struct netlink_callback *cb) 4994{ 4995 struct net *net = sock_net(skb->sk); 4996 int h, s_h; 4997 int idx = 0, s_idx; 4998 struct net_device *dev; 4999 struct inet6_dev *idev; 5000 struct hlist_head *head; 5001 5002 s_h = cb->args[0]; 5003 s_idx = cb->args[1]; 5004 5005 rcu_read_lock(); 5006 for (h = s_h; h < NETDEV_HASHENTRIES; h++, s_idx = 0) { 5007 idx = 0; 5008 head = &net->dev_index_head[h]; 5009 hlist_for_each_entry_rcu(dev, head, index_hlist) { 5010 if (idx < s_idx) 5011 goto cont; 5012 idev = __in6_dev_get(dev); 5013 if (!idev) 5014 goto cont; 5015 if (inet6_fill_ifinfo(skb, idev, 5016 NETLINK_CB(cb->skb).portid, 5017 cb->nlh->nlmsg_seq, 5018 RTM_NEWLINK, NLM_F_MULTI) < 0) 5019 goto out; 5020cont: 5021 idx++; 5022 } 5023 } 5024out: 5025 rcu_read_unlock(); 5026 cb->args[1] = idx; 5027 cb->args[0] = h; 5028 5029 return skb->len; 5030} 5031 5032void inet6_ifinfo_notify(int event, struct inet6_dev *idev) 5033{ 5034 struct sk_buff *skb; 5035 struct net *net = dev_net(idev->dev); 5036 int err = -ENOBUFS; 5037 5038 skb = nlmsg_new(inet6_if_nlmsg_size(), GFP_ATOMIC); 5039 if (!skb) 5040 goto errout; 5041 5042 err = inet6_fill_ifinfo(skb, idev, 0, 0, event, 0); 5043 if (err < 0) { 5044 /* -EMSGSIZE implies BUG in inet6_if_nlmsg_size() */ 5045 WARN_ON(err == -EMSGSIZE); 5046 kfree_skb(skb); 5047 goto errout; 5048 } 5049 rtnl_notify(skb, net, 0, RTNLGRP_IPV6_IFINFO, NULL, GFP_ATOMIC); 5050 return; 5051errout: 5052 if (err < 0) 5053 rtnl_set_sk_err(net, RTNLGRP_IPV6_IFINFO, err); 5054} 5055 5056static inline size_t inet6_prefix_nlmsg_size(void) 5057{ 5058 return NLMSG_ALIGN(sizeof(struct prefixmsg)) 5059 + nla_total_size(sizeof(struct in6_addr)) 5060 + nla_total_size(sizeof(struct prefix_cacheinfo)); 5061} 5062 5063static int inet6_fill_prefix(struct sk_buff *skb, struct inet6_dev *idev, 5064 struct prefix_info *pinfo, u32 portid, u32 seq, 5065 int event, unsigned int flags) 5066{ 5067 struct prefixmsg *pmsg; 5068 struct nlmsghdr *nlh; 5069 struct prefix_cacheinfo ci; 5070 5071 nlh = nlmsg_put(skb, portid, seq, event, sizeof(*pmsg), flags); 5072 if (!nlh) 5073 return -EMSGSIZE; 5074 5075 pmsg = nlmsg_data(nlh); 5076 pmsg->prefix_family = AF_INET6; 5077 pmsg->prefix_pad1 = 0; 5078 pmsg->prefix_pad2 = 0; 5079 pmsg->prefix_ifindex = idev->dev->ifindex; 5080 pmsg->prefix_len = pinfo->prefix_len; 5081 pmsg->prefix_type = pinfo->type; 5082 pmsg->prefix_pad3 = 0; 5083 pmsg->prefix_flags = 0; 5084 if (pinfo->onlink) 5085 pmsg->prefix_flags |= IF_PREFIX_ONLINK; 5086 if (pinfo->autoconf) 5087 pmsg->prefix_flags |= IF_PREFIX_AUTOCONF; 5088 5089 if (nla_put(skb, PREFIX_ADDRESS, sizeof(pinfo->prefix), &pinfo->prefix)) 5090 goto nla_put_failure; 5091 ci.preferred_time = ntohl(pinfo->prefered); 5092 ci.valid_time = ntohl(pinfo->valid); 5093 if (nla_put(skb, PREFIX_CACHEINFO, sizeof(ci), &ci)) 5094 goto nla_put_failure; 5095 nlmsg_end(skb, nlh); 5096 return 0; 5097 5098nla_put_failure: 5099 nlmsg_cancel(skb, nlh); 5100 return -EMSGSIZE; 5101} 5102 5103static void inet6_prefix_notify(int event, struct inet6_dev *idev, 5104 struct prefix_info *pinfo) 5105{ 5106 struct sk_buff *skb; 5107 struct net *net = dev_net(idev->dev); 5108 int err = -ENOBUFS; 5109 5110 skb = nlmsg_new(inet6_prefix_nlmsg_size(), GFP_ATOMIC); 5111 if (!skb) 5112 goto errout; 5113 5114 err = inet6_fill_prefix(skb, idev, pinfo, 0, 0, event, 0); 5115 if (err < 0) { 5116 /* -EMSGSIZE implies BUG in inet6_prefix_nlmsg_size() */ 5117 WARN_ON(err == -EMSGSIZE); 5118 kfree_skb(skb); 5119 goto errout; 5120 } 5121 rtnl_notify(skb, net, 0, RTNLGRP_IPV6_PREFIX, NULL, GFP_ATOMIC); 5122 return; 5123errout: 5124 if (err < 0) 5125 rtnl_set_sk_err(net, RTNLGRP_IPV6_PREFIX, err); 5126} 5127 5128static void __ipv6_ifa_notify(int event, struct inet6_ifaddr *ifp) 5129{ 5130 struct net *net = dev_net(ifp->idev->dev); 5131 5132 if (event) 5133 ASSERT_RTNL(); 5134 5135 inet6_ifa_notify(event ? : RTM_NEWADDR, ifp); 5136 5137 switch (event) { 5138 case RTM_NEWADDR: 5139 /* 5140 * If the address was optimistic 5141 * we inserted the route at the start of 5142 * our DAD process, so we don't need 5143 * to do it again 5144 */ 5145 if (!(ifp->rt->rt6i_node)) 5146 ip6_ins_rt(ifp->rt); 5147 if (ifp->idev->cnf.forwarding) 5148 addrconf_join_anycast(ifp); 5149 if (!ipv6_addr_any(&ifp->peer_addr)) 5150 addrconf_prefix_route(&ifp->peer_addr, 128, 5151 ifp->idev->dev, 0, 0); 5152 break; 5153 case RTM_DELADDR: 5154 if (ifp->idev->cnf.forwarding) 5155 addrconf_leave_anycast(ifp); 5156 addrconf_leave_solict(ifp->idev, &ifp->addr); 5157 if (!ipv6_addr_any(&ifp->peer_addr)) { 5158 struct rt6_info *rt; 5159 5160 rt = addrconf_get_prefix_route(&ifp->peer_addr, 128, 5161 ifp->idev->dev, 0, 0); 5162 if (rt) 5163 ip6_del_rt(rt); 5164 } 5165 dst_hold(&ifp->rt->dst); 5166 5167 ip6_del_rt(ifp->rt); 5168 5169 rt_genid_bump_ipv6(net); 5170 break; 5171 } 5172 atomic_inc(&net->ipv6.dev_addr_genid); 5173} 5174 5175static void ipv6_ifa_notify(int event, struct inet6_ifaddr *ifp) 5176{ 5177 rcu_read_lock_bh(); 5178 if (likely(ifp->idev->dead == 0)) 5179 __ipv6_ifa_notify(event, ifp); 5180 rcu_read_unlock_bh(); 5181} 5182 5183#ifdef CONFIG_SYSCTL 5184 5185static 5186int addrconf_sysctl_forward(struct ctl_table *ctl, int write, 5187 void __user *buffer, size_t *lenp, loff_t *ppos) 5188{ 5189 int *valp = ctl->data; 5190 int val = *valp; 5191 loff_t pos = *ppos; 5192 struct ctl_table lctl; 5193 int ret; 5194 5195 /* 5196 * ctl->data points to idev->cnf.forwarding, we should 5197 * not modify it until we get the rtnl lock. 5198 */ 5199 lctl = *ctl; 5200 lctl.data = &val; 5201 5202 ret = proc_dointvec(&lctl, write, buffer, lenp, ppos); 5203 5204 if (write) 5205 ret = addrconf_fixup_forwarding(ctl, valp, val); 5206 if (ret) 5207 *ppos = pos; 5208 return ret; 5209} 5210 5211static 5212int addrconf_sysctl_mtu(struct ctl_table *ctl, int write, 5213 void __user *buffer, size_t *lenp, loff_t *ppos) 5214{ 5215 struct inet6_dev *idev = ctl->extra1; 5216 int min_mtu = IPV6_MIN_MTU; 5217 struct ctl_table lctl; 5218 5219 lctl = *ctl; 5220 lctl.extra1 = &min_mtu; 5221 lctl.extra2 = idev ? &idev->dev->mtu : NULL; 5222 5223 return proc_dointvec_minmax(&lctl, write, buffer, lenp, ppos); 5224} 5225 5226static void dev_disable_change(struct inet6_dev *idev) 5227{ 5228 struct netdev_notifier_info info; 5229 5230 if (!idev || !idev->dev) 5231 return; 5232 5233 netdev_notifier_info_init(&info, idev->dev); 5234 if (idev->cnf.disable_ipv6) 5235 addrconf_notify(NULL, NETDEV_DOWN, &info); 5236 else 5237 addrconf_notify(NULL, NETDEV_UP, &info); 5238} 5239 5240static void addrconf_disable_change(struct net *net, __s32 newf) 5241{ 5242 struct net_device *dev; 5243 struct inet6_dev *idev; 5244 5245 rcu_read_lock(); 5246 for_each_netdev_rcu(net, dev) { 5247 idev = __in6_dev_get(dev); 5248 if (idev) { 5249 int changed = (!idev->cnf.disable_ipv6) ^ (!newf); 5250 idev->cnf.disable_ipv6 = newf; 5251 if (changed) 5252 dev_disable_change(idev); 5253 } 5254 } 5255 rcu_read_unlock(); 5256} 5257 5258static int addrconf_disable_ipv6(struct ctl_table *table, int *p, int newf) 5259{ 5260 struct net *net; 5261 int old; 5262 5263 if (!rtnl_trylock()) 5264 return restart_syscall(); 5265 5266 net = (struct net *)table->extra2; 5267 old = *p; 5268 *p = newf; 5269 5270 if (p == &net->ipv6.devconf_dflt->disable_ipv6) { 5271 rtnl_unlock(); 5272 return 0; 5273 } 5274 5275 if (p == &net->ipv6.devconf_all->disable_ipv6) { 5276 net->ipv6.devconf_dflt->disable_ipv6 = newf; 5277 addrconf_disable_change(net, newf); 5278 } else if ((!newf) ^ (!old)) 5279 dev_disable_change((struct inet6_dev *)table->extra1); 5280 5281 rtnl_unlock(); 5282 return 0; 5283} 5284 5285static 5286int addrconf_sysctl_disable(struct ctl_table *ctl, int write, 5287 void __user *buffer, size_t *lenp, loff_t *ppos) 5288{ 5289 int *valp = ctl->data; 5290 int val = *valp; 5291 loff_t pos = *ppos; 5292 struct ctl_table lctl; 5293 int ret; 5294 5295 /* 5296 * ctl->data points to idev->cnf.disable_ipv6, we should 5297 * not modify it until we get the rtnl lock. 5298 */ 5299 lctl = *ctl; 5300 lctl.data = &val; 5301 5302 ret = proc_dointvec(&lctl, write, buffer, lenp, ppos); 5303 5304 if (write) 5305 ret = addrconf_disable_ipv6(ctl, valp, val); 5306 if (ret) 5307 *ppos = pos; 5308 return ret; 5309} 5310 5311static 5312int addrconf_sysctl_proxy_ndp(struct ctl_table *ctl, int write, 5313 void __user *buffer, size_t *lenp, loff_t *ppos) 5314{ 5315 int *valp = ctl->data; 5316 int ret; 5317 int old, new; 5318 5319 old = *valp; 5320 ret = proc_dointvec(ctl, write, buffer, lenp, ppos); 5321 new = *valp; 5322 5323 if (write && old != new) { 5324 struct net *net = ctl->extra2; 5325 5326 if (!rtnl_trylock()) 5327 return restart_syscall(); 5328 5329 if (valp == &net->ipv6.devconf_dflt->proxy_ndp) 5330 inet6_netconf_notify_devconf(net, NETCONFA_PROXY_NEIGH, 5331 NETCONFA_IFINDEX_DEFAULT, 5332 net->ipv6.devconf_dflt); 5333 else if (valp == &net->ipv6.devconf_all->proxy_ndp) 5334 inet6_netconf_notify_devconf(net, NETCONFA_PROXY_NEIGH, 5335 NETCONFA_IFINDEX_ALL, 5336 net->ipv6.devconf_all); 5337 else { 5338 struct inet6_dev *idev = ctl->extra1; 5339 5340 inet6_netconf_notify_devconf(net, NETCONFA_PROXY_NEIGH, 5341 idev->dev->ifindex, 5342 &idev->cnf); 5343 } 5344 rtnl_unlock(); 5345 } 5346 5347 return ret; 5348} 5349 5350static int addrconf_sysctl_stable_secret(struct ctl_table *ctl, int write, 5351 void __user *buffer, size_t *lenp, 5352 loff_t *ppos) 5353{ 5354 int err; 5355 struct in6_addr addr; 5356 char str[IPV6_MAX_STRLEN]; 5357 struct ctl_table lctl = *ctl; 5358 struct net *net = ctl->extra2; 5359 struct ipv6_stable_secret *secret = ctl->data; 5360 5361 if (&net->ipv6.devconf_all->stable_secret == ctl->data) 5362 return -EIO; 5363 5364 lctl.maxlen = IPV6_MAX_STRLEN; 5365 lctl.data = str; 5366 5367 if (!rtnl_trylock()) 5368 return restart_syscall(); 5369 5370 if (!write && !secret->initialized) { 5371 err = -EIO; 5372 goto out; 5373 } 5374 5375 err = snprintf(str, sizeof(str), "%pI6", &secret->secret); 5376 if (err >= sizeof(str)) { 5377 err = -EIO; 5378 goto out; 5379 } 5380 5381 err = proc_dostring(&lctl, write, buffer, lenp, ppos); 5382 if (err || !write) 5383 goto out; 5384 5385 if (in6_pton(str, -1, addr.in6_u.u6_addr8, -1, NULL) != 1) { 5386 err = -EIO; 5387 goto out; 5388 } 5389 5390 secret->initialized = true; 5391 secret->secret = addr; 5392 5393 if (&net->ipv6.devconf_dflt->stable_secret == ctl->data) { 5394 struct net_device *dev; 5395 5396 for_each_netdev(net, dev) { 5397 struct inet6_dev *idev = __in6_dev_get(dev); 5398 5399 if (idev) { 5400 idev->addr_gen_mode = 5401 IN6_ADDR_GEN_MODE_STABLE_PRIVACY; 5402 } 5403 } 5404 } else { 5405 struct inet6_dev *idev = ctl->extra1; 5406 5407 idev->addr_gen_mode = IN6_ADDR_GEN_MODE_STABLE_PRIVACY; 5408 } 5409 5410out: 5411 rtnl_unlock(); 5412 5413 return err; 5414} 5415 5416static 5417int addrconf_sysctl_ignore_routes_with_linkdown(struct ctl_table *ctl, 5418 int write, 5419 void __user *buffer, 5420 size_t *lenp, 5421 loff_t *ppos) 5422{ 5423 int *valp = ctl->data; 5424 int val = *valp; 5425 loff_t pos = *ppos; 5426 struct ctl_table lctl; 5427 int ret; 5428 5429 /* ctl->data points to idev->cnf.ignore_routes_when_linkdown 5430 * we should not modify it until we get the rtnl lock. 5431 */ 5432 lctl = *ctl; 5433 lctl.data = &val; 5434 5435 ret = proc_dointvec(&lctl, write, buffer, lenp, ppos); 5436 5437 if (write) 5438 ret = addrconf_fixup_linkdown(ctl, valp, val); 5439 if (ret) 5440 *ppos = pos; 5441 return ret; 5442} 5443 5444static struct addrconf_sysctl_table 5445{ 5446 struct ctl_table_header *sysctl_header; 5447 struct ctl_table addrconf_vars[DEVCONF_MAX+1]; 5448} addrconf_sysctl __read_mostly = { 5449 .sysctl_header = NULL, 5450 .addrconf_vars = { 5451 { 5452 .procname = "forwarding", 5453 .data = &ipv6_devconf.forwarding, 5454 .maxlen = sizeof(int), 5455 .mode = 0644, 5456 .proc_handler = addrconf_sysctl_forward, 5457 }, 5458 { 5459 .procname = "hop_limit", 5460 .data = &ipv6_devconf.hop_limit, 5461 .maxlen = sizeof(int), 5462 .mode = 0644, 5463 .proc_handler = proc_dointvec, 5464 }, 5465 { 5466 .procname = "mtu", 5467 .data = &ipv6_devconf.mtu6, 5468 .maxlen = sizeof(int), 5469 .mode = 0644, 5470 .proc_handler = addrconf_sysctl_mtu, 5471 }, 5472 { 5473 .procname = "accept_ra", 5474 .data = &ipv6_devconf.accept_ra, 5475 .maxlen = sizeof(int), 5476 .mode = 0644, 5477 .proc_handler = proc_dointvec, 5478 }, 5479 { 5480 .procname = "accept_redirects", 5481 .data = &ipv6_devconf.accept_redirects, 5482 .maxlen = sizeof(int), 5483 .mode = 0644, 5484 .proc_handler = proc_dointvec, 5485 }, 5486 { 5487 .procname = "autoconf", 5488 .data = &ipv6_devconf.autoconf, 5489 .maxlen = sizeof(int), 5490 .mode = 0644, 5491 .proc_handler = proc_dointvec, 5492 }, 5493 { 5494 .procname = "dad_transmits", 5495 .data = &ipv6_devconf.dad_transmits, 5496 .maxlen = sizeof(int), 5497 .mode = 0644, 5498 .proc_handler = proc_dointvec, 5499 }, 5500 { 5501 .procname = "router_solicitations", 5502 .data = &ipv6_devconf.rtr_solicits, 5503 .maxlen = sizeof(int), 5504 .mode = 0644, 5505 .proc_handler = proc_dointvec, 5506 }, 5507 { 5508 .procname = "router_solicitation_interval", 5509 .data = &ipv6_devconf.rtr_solicit_interval, 5510 .maxlen = sizeof(int), 5511 .mode = 0644, 5512 .proc_handler = proc_dointvec_jiffies, 5513 }, 5514 { 5515 .procname = "router_solicitation_delay", 5516 .data = &ipv6_devconf.rtr_solicit_delay, 5517 .maxlen = sizeof(int), 5518 .mode = 0644, 5519 .proc_handler = proc_dointvec_jiffies, 5520 }, 5521 { 5522 .procname = "force_mld_version", 5523 .data = &ipv6_devconf.force_mld_version, 5524 .maxlen = sizeof(int), 5525 .mode = 0644, 5526 .proc_handler = proc_dointvec, 5527 }, 5528 { 5529 .procname = "mldv1_unsolicited_report_interval", 5530 .data = 5531 &ipv6_devconf.mldv1_unsolicited_report_interval, 5532 .maxlen = sizeof(int), 5533 .mode = 0644, 5534 .proc_handler = proc_dointvec_ms_jiffies, 5535 }, 5536 { 5537 .procname = "mldv2_unsolicited_report_interval", 5538 .data = 5539 &ipv6_devconf.mldv2_unsolicited_report_interval, 5540 .maxlen = sizeof(int), 5541 .mode = 0644, 5542 .proc_handler = proc_dointvec_ms_jiffies, 5543 }, 5544 { 5545 .procname = "use_tempaddr", 5546 .data = &ipv6_devconf.use_tempaddr, 5547 .maxlen = sizeof(int), 5548 .mode = 0644, 5549 .proc_handler = proc_dointvec, 5550 }, 5551 { 5552 .procname = "temp_valid_lft", 5553 .data = &ipv6_devconf.temp_valid_lft, 5554 .maxlen = sizeof(int), 5555 .mode = 0644, 5556 .proc_handler = proc_dointvec, 5557 }, 5558 { 5559 .procname = "temp_prefered_lft", 5560 .data = &ipv6_devconf.temp_prefered_lft, 5561 .maxlen = sizeof(int), 5562 .mode = 0644, 5563 .proc_handler = proc_dointvec, 5564 }, 5565 { 5566 .procname = "regen_max_retry", 5567 .data = &ipv6_devconf.regen_max_retry, 5568 .maxlen = sizeof(int), 5569 .mode = 0644, 5570 .proc_handler = proc_dointvec, 5571 }, 5572 { 5573 .procname = "max_desync_factor", 5574 .data = &ipv6_devconf.max_desync_factor, 5575 .maxlen = sizeof(int), 5576 .mode = 0644, 5577 .proc_handler = proc_dointvec, 5578 }, 5579 { 5580 .procname = "max_addresses", 5581 .data = &ipv6_devconf.max_addresses, 5582 .maxlen = sizeof(int), 5583 .mode = 0644, 5584 .proc_handler = proc_dointvec, 5585 }, 5586 { 5587 .procname = "accept_ra_defrtr", 5588 .data = &ipv6_devconf.accept_ra_defrtr, 5589 .maxlen = sizeof(int), 5590 .mode = 0644, 5591 .proc_handler = proc_dointvec, 5592 }, 5593 { 5594 .procname = "accept_ra_min_hop_limit", 5595 .data = &ipv6_devconf.accept_ra_min_hop_limit, 5596 .maxlen = sizeof(int), 5597 .mode = 0644, 5598 .proc_handler = proc_dointvec, 5599 }, 5600 { 5601 .procname = "accept_ra_pinfo", 5602 .data = &ipv6_devconf.accept_ra_pinfo, 5603 .maxlen = sizeof(int), 5604 .mode = 0644, 5605 .proc_handler = proc_dointvec, 5606 }, 5607#ifdef CONFIG_IPV6_ROUTER_PREF 5608 { 5609 .procname = "accept_ra_rtr_pref", 5610 .data = &ipv6_devconf.accept_ra_rtr_pref, 5611 .maxlen = sizeof(int), 5612 .mode = 0644, 5613 .proc_handler = proc_dointvec, 5614 }, 5615 { 5616 .procname = "router_probe_interval", 5617 .data = &ipv6_devconf.rtr_probe_interval, 5618 .maxlen = sizeof(int), 5619 .mode = 0644, 5620 .proc_handler = proc_dointvec_jiffies, 5621 }, 5622#ifdef CONFIG_IPV6_ROUTE_INFO 5623 { 5624 .procname = "accept_ra_rt_info_max_plen", 5625 .data = &ipv6_devconf.accept_ra_rt_info_max_plen, 5626 .maxlen = sizeof(int), 5627 .mode = 0644, 5628 .proc_handler = proc_dointvec, 5629 }, 5630#endif 5631#endif 5632 { 5633 .procname = "proxy_ndp", 5634 .data = &ipv6_devconf.proxy_ndp, 5635 .maxlen = sizeof(int), 5636 .mode = 0644, 5637 .proc_handler = addrconf_sysctl_proxy_ndp, 5638 }, 5639 { 5640 .procname = "accept_source_route", 5641 .data = &ipv6_devconf.accept_source_route, 5642 .maxlen = sizeof(int), 5643 .mode = 0644, 5644 .proc_handler = proc_dointvec, 5645 }, 5646#ifdef CONFIG_IPV6_OPTIMISTIC_DAD 5647 { 5648 .procname = "optimistic_dad", 5649 .data = &ipv6_devconf.optimistic_dad, 5650 .maxlen = sizeof(int), 5651 .mode = 0644, 5652 .proc_handler = proc_dointvec, 5653 5654 }, 5655 { 5656 .procname = "use_optimistic", 5657 .data = &ipv6_devconf.use_optimistic, 5658 .maxlen = sizeof(int), 5659 .mode = 0644, 5660 .proc_handler = proc_dointvec, 5661 5662 }, 5663#endif 5664#ifdef CONFIG_IPV6_MROUTE 5665 { 5666 .procname = "mc_forwarding", 5667 .data = &ipv6_devconf.mc_forwarding, 5668 .maxlen = sizeof(int), 5669 .mode = 0444, 5670 .proc_handler = proc_dointvec, 5671 }, 5672#endif 5673 { 5674 .procname = "disable_ipv6", 5675 .data = &ipv6_devconf.disable_ipv6, 5676 .maxlen = sizeof(int), 5677 .mode = 0644, 5678 .proc_handler = addrconf_sysctl_disable, 5679 }, 5680 { 5681 .procname = "accept_dad", 5682 .data = &ipv6_devconf.accept_dad, 5683 .maxlen = sizeof(int), 5684 .mode = 0644, 5685 .proc_handler = proc_dointvec, 5686 }, 5687 { 5688 .procname = "force_tllao", 5689 .data = &ipv6_devconf.force_tllao, 5690 .maxlen = sizeof(int), 5691 .mode = 0644, 5692 .proc_handler = proc_dointvec 5693 }, 5694 { 5695 .procname = "ndisc_notify", 5696 .data = &ipv6_devconf.ndisc_notify, 5697 .maxlen = sizeof(int), 5698 .mode = 0644, 5699 .proc_handler = proc_dointvec 5700 }, 5701 { 5702 .procname = "suppress_frag_ndisc", 5703 .data = &ipv6_devconf.suppress_frag_ndisc, 5704 .maxlen = sizeof(int), 5705 .mode = 0644, 5706 .proc_handler = proc_dointvec 5707 }, 5708 { 5709 .procname = "accept_ra_from_local", 5710 .data = &ipv6_devconf.accept_ra_from_local, 5711 .maxlen = sizeof(int), 5712 .mode = 0644, 5713 .proc_handler = proc_dointvec, 5714 }, 5715 { 5716 .procname = "accept_ra_mtu", 5717 .data = &ipv6_devconf.accept_ra_mtu, 5718 .maxlen = sizeof(int), 5719 .mode = 0644, 5720 .proc_handler = proc_dointvec, 5721 }, 5722 { 5723 .procname = "stable_secret", 5724 .data = &ipv6_devconf.stable_secret, 5725 .maxlen = IPV6_MAX_STRLEN, 5726 .mode = 0600, 5727 .proc_handler = addrconf_sysctl_stable_secret, 5728 }, 5729 { 5730 .procname = "use_oif_addrs_only", 5731 .data = &ipv6_devconf.use_oif_addrs_only, 5732 .maxlen = sizeof(int), 5733 .mode = 0644, 5734 .proc_handler = proc_dointvec, 5735 }, 5736 { 5737 .procname = "ignore_routes_with_linkdown", 5738 .data = &ipv6_devconf.ignore_routes_with_linkdown, 5739 .maxlen = sizeof(int), 5740 .mode = 0644, 5741 .proc_handler = addrconf_sysctl_ignore_routes_with_linkdown, 5742 }, 5743 { 5744 /* sentinel */ 5745 } 5746 }, 5747}; 5748 5749static int __addrconf_sysctl_register(struct net *net, char *dev_name, 5750 struct inet6_dev *idev, struct ipv6_devconf *p) 5751{ 5752 int i; 5753 struct addrconf_sysctl_table *t; 5754 char path[sizeof("net/ipv6/conf/") + IFNAMSIZ]; 5755 5756 t = kmemdup(&addrconf_sysctl, sizeof(*t), GFP_KERNEL); 5757 if (!t) 5758 goto out; 5759 5760 for (i = 0; t->addrconf_vars[i].data; i++) { 5761 t->addrconf_vars[i].data += (char *)p - (char *)&ipv6_devconf; 5762 t->addrconf_vars[i].extra1 = idev; /* embedded; no ref */ 5763 t->addrconf_vars[i].extra2 = net; 5764 } 5765 5766 snprintf(path, sizeof(path), "net/ipv6/conf/%s", dev_name); 5767 5768 t->sysctl_header = register_net_sysctl(net, path, t->addrconf_vars); 5769 if (!t->sysctl_header) 5770 goto free; 5771 5772 p->sysctl = t; 5773 return 0; 5774 5775free: 5776 kfree(t); 5777out: 5778 return -ENOBUFS; 5779} 5780 5781static void __addrconf_sysctl_unregister(struct ipv6_devconf *p) 5782{ 5783 struct addrconf_sysctl_table *t; 5784 5785 if (!p->sysctl) 5786 return; 5787 5788 t = p->sysctl; 5789 p->sysctl = NULL; 5790 unregister_net_sysctl_table(t->sysctl_header); 5791 kfree(t); 5792} 5793 5794static int addrconf_sysctl_register(struct inet6_dev *idev) 5795{ 5796 int err; 5797 5798 if (!sysctl_dev_name_is_allowed(idev->dev->name)) 5799 return -EINVAL; 5800 5801 err = neigh_sysctl_register(idev->dev, idev->nd_parms, 5802 &ndisc_ifinfo_sysctl_change); 5803 if (err) 5804 return err; 5805 err = __addrconf_sysctl_register(dev_net(idev->dev), idev->dev->name, 5806 idev, &idev->cnf); 5807 if (err) 5808 neigh_sysctl_unregister(idev->nd_parms); 5809 5810 return err; 5811} 5812 5813static void addrconf_sysctl_unregister(struct inet6_dev *idev) 5814{ 5815 __addrconf_sysctl_unregister(&idev->cnf); 5816 neigh_sysctl_unregister(idev->nd_parms); 5817} 5818 5819 5820#endif 5821 5822static int __net_init addrconf_init_net(struct net *net) 5823{ 5824 int err = -ENOMEM; 5825 struct ipv6_devconf *all, *dflt; 5826 5827 all = kmemdup(&ipv6_devconf, sizeof(ipv6_devconf), GFP_KERNEL); 5828 if (!all) 5829 goto err_alloc_all; 5830 5831 dflt = kmemdup(&ipv6_devconf_dflt, sizeof(ipv6_devconf_dflt), GFP_KERNEL); 5832 if (!dflt) 5833 goto err_alloc_dflt; 5834 5835 /* these will be inherited by all namespaces */ 5836 dflt->autoconf = ipv6_defaults.autoconf; 5837 dflt->disable_ipv6 = ipv6_defaults.disable_ipv6; 5838 5839 dflt->stable_secret.initialized = false; 5840 all->stable_secret.initialized = false; 5841 5842 net->ipv6.devconf_all = all; 5843 net->ipv6.devconf_dflt = dflt; 5844 5845#ifdef CONFIG_SYSCTL 5846 err = __addrconf_sysctl_register(net, "all", NULL, all); 5847 if (err < 0) 5848 goto err_reg_all; 5849 5850 err = __addrconf_sysctl_register(net, "default", NULL, dflt); 5851 if (err < 0) 5852 goto err_reg_dflt; 5853#endif 5854 return 0; 5855 5856#ifdef CONFIG_SYSCTL 5857err_reg_dflt: 5858 __addrconf_sysctl_unregister(all); 5859err_reg_all: 5860 kfree(dflt); 5861#endif 5862err_alloc_dflt: 5863 kfree(all); 5864err_alloc_all: 5865 return err; 5866} 5867 5868static void __net_exit addrconf_exit_net(struct net *net) 5869{ 5870#ifdef CONFIG_SYSCTL 5871 __addrconf_sysctl_unregister(net->ipv6.devconf_dflt); 5872 __addrconf_sysctl_unregister(net->ipv6.devconf_all); 5873#endif 5874 kfree(net->ipv6.devconf_dflt); 5875 kfree(net->ipv6.devconf_all); 5876} 5877 5878static struct pernet_operations addrconf_ops = { 5879 .init = addrconf_init_net, 5880 .exit = addrconf_exit_net, 5881}; 5882 5883static struct rtnl_af_ops inet6_ops __read_mostly = { 5884 .family = AF_INET6, 5885 .fill_link_af = inet6_fill_link_af, 5886 .get_link_af_size = inet6_get_link_af_size, 5887 .validate_link_af = inet6_validate_link_af, 5888 .set_link_af = inet6_set_link_af, 5889}; 5890 5891/* 5892 * Init / cleanup code 5893 */ 5894 5895int __init addrconf_init(void) 5896{ 5897 struct inet6_dev *idev; 5898 int i, err; 5899 5900 err = ipv6_addr_label_init(); 5901 if (err < 0) { 5902 pr_crit("%s: cannot initialize default policy table: %d\n", 5903 __func__, err); 5904 goto out; 5905 } 5906 5907 err = register_pernet_subsys(&addrconf_ops); 5908 if (err < 0) 5909 goto out_addrlabel; 5910 5911 addrconf_wq = create_workqueue("ipv6_addrconf"); 5912 if (!addrconf_wq) { 5913 err = -ENOMEM; 5914 goto out_nowq; 5915 } 5916 5917 /* The addrconf netdev notifier requires that loopback_dev 5918 * has it's ipv6 private information allocated and setup 5919 * before it can bring up and give link-local addresses 5920 * to other devices which are up. 5921 * 5922 * Unfortunately, loopback_dev is not necessarily the first 5923 * entry in the global dev_base list of net devices. In fact, 5924 * it is likely to be the very last entry on that list. 5925 * So this causes the notifier registry below to try and 5926 * give link-local addresses to all devices besides loopback_dev 5927 * first, then loopback_dev, which cases all the non-loopback_dev 5928 * devices to fail to get a link-local address. 5929 * 5930 * So, as a temporary fix, allocate the ipv6 structure for 5931 * loopback_dev first by hand. 5932 * Longer term, all of the dependencies ipv6 has upon the loopback 5933 * device and it being up should be removed. 5934 */ 5935 rtnl_lock(); 5936 idev = ipv6_add_dev(init_net.loopback_dev); 5937 rtnl_unlock(); 5938 if (IS_ERR(idev)) { 5939 err = PTR_ERR(idev); 5940 goto errlo; 5941 } 5942 5943 for (i = 0; i < IN6_ADDR_HSIZE; i++) 5944 INIT_HLIST_HEAD(&inet6_addr_lst[i]); 5945 5946 register_netdevice_notifier(&ipv6_dev_notf); 5947 5948 addrconf_verify(); 5949 5950 rtnl_af_register(&inet6_ops); 5951 5952 err = __rtnl_register(PF_INET6, RTM_GETLINK, NULL, inet6_dump_ifinfo, 5953 NULL); 5954 if (err < 0) 5955 goto errout; 5956 5957 /* Only the first call to __rtnl_register can fail */ 5958 __rtnl_register(PF_INET6, RTM_NEWADDR, inet6_rtm_newaddr, NULL, NULL); 5959 __rtnl_register(PF_INET6, RTM_DELADDR, inet6_rtm_deladdr, NULL, NULL); 5960 __rtnl_register(PF_INET6, RTM_GETADDR, inet6_rtm_getaddr, 5961 inet6_dump_ifaddr, NULL); 5962 __rtnl_register(PF_INET6, RTM_GETMULTICAST, NULL, 5963 inet6_dump_ifmcaddr, NULL); 5964 __rtnl_register(PF_INET6, RTM_GETANYCAST, NULL, 5965 inet6_dump_ifacaddr, NULL); 5966 __rtnl_register(PF_INET6, RTM_GETNETCONF, inet6_netconf_get_devconf, 5967 inet6_netconf_dump_devconf, NULL); 5968 5969 ipv6_addr_label_rtnl_register(); 5970 5971 return 0; 5972errout: 5973 rtnl_af_unregister(&inet6_ops); 5974 unregister_netdevice_notifier(&ipv6_dev_notf); 5975errlo: 5976 destroy_workqueue(addrconf_wq); 5977out_nowq: 5978 unregister_pernet_subsys(&addrconf_ops); 5979out_addrlabel: 5980 ipv6_addr_label_cleanup(); 5981out: 5982 return err; 5983} 5984 5985void addrconf_cleanup(void) 5986{ 5987 struct net_device *dev; 5988 int i; 5989 5990 unregister_netdevice_notifier(&ipv6_dev_notf); 5991 unregister_pernet_subsys(&addrconf_ops); 5992 ipv6_addr_label_cleanup(); 5993 5994 rtnl_lock(); 5995 5996 __rtnl_af_unregister(&inet6_ops); 5997 5998 /* clean dev list */ 5999 for_each_netdev(&init_net, dev) { 6000 if (__in6_dev_get(dev) == NULL) 6001 continue; 6002 addrconf_ifdown(dev, 1); 6003 } 6004 addrconf_ifdown(init_net.loopback_dev, 2); 6005 6006 /* 6007 * Check hash table. 6008 */ 6009 spin_lock_bh(&addrconf_hash_lock); 6010 for (i = 0; i < IN6_ADDR_HSIZE; i++) 6011 WARN_ON(!hlist_empty(&inet6_addr_lst[i])); 6012 spin_unlock_bh(&addrconf_hash_lock); 6013 cancel_delayed_work(&addr_chk_work); 6014 rtnl_unlock(); 6015 6016 destroy_workqueue(addrconf_wq); 6017} 6018