1 /*
2 * IPv6 Address [auto]configuration
3 * Linux INET6 implementation
4 *
5 * Authors:
6 * Pedro Roque <roque@di.fc.ul.pt>
7 * Alexey Kuznetsov <kuznet@ms2.inr.ac.ru>
8 *
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version
12 * 2 of the License, or (at your option) any later version.
13 */
14
15 /*
16 * Changes:
17 *
18 * Janos Farkas : delete timer on ifdown
19 * <chexum@bankinf.banki.hu>
20 * Andi Kleen : kill double kfree on module
21 * unload.
22 * Maciej W. Rozycki : FDDI support
23 * sekiya@USAGI : Don't send too many RS
24 * packets.
25 * yoshfuji@USAGI : Fixed interval between DAD
26 * packets.
27 * YOSHIFUJI Hideaki @USAGI : improved accuracy of
28 * address validation timer.
29 * YOSHIFUJI Hideaki @USAGI : Privacy Extensions (RFC3041)
30 * support.
31 * Yuji SEKIYA @USAGI : Don't assign a same IPv6
32 * address on a same interface.
33 * YOSHIFUJI Hideaki @USAGI : ARCnet support
34 * YOSHIFUJI Hideaki @USAGI : convert /proc/net/if_inet6 to
35 * seq_file.
36 * YOSHIFUJI Hideaki @USAGI : improved source address
37 * selection; consider scope,
38 * status etc.
39 */
40
41 #define pr_fmt(fmt) "IPv6: " fmt
42
43 #include <linux/errno.h>
44 #include <linux/types.h>
45 #include <linux/kernel.h>
46 #include <linux/sched/signal.h>
47 #include <linux/socket.h>
48 #include <linux/sockios.h>
49 #include <linux/net.h>
50 #include <linux/inet.h>
51 #include <linux/in6.h>
52 #include <linux/netdevice.h>
53 #include <linux/if_addr.h>
54 #include <linux/if_arp.h>
55 #include <linux/if_arcnet.h>
56 #include <linux/if_infiniband.h>
57 #include <linux/route.h>
58 #include <linux/inetdevice.h>
59 #include <linux/init.h>
60 #include <linux/slab.h>
61 #ifdef CONFIG_SYSCTL
62 #include <linux/sysctl.h>
63 #endif
64 #include <linux/capability.h>
65 #include <linux/delay.h>
66 #include <linux/notifier.h>
67 #include <linux/string.h>
68 #include <linux/hash.h>
69
70 #include <net/net_namespace.h>
71 #include <net/sock.h>
72 #include <net/snmp.h>
73
74 #include <net/6lowpan.h>
75 #include <net/firewire.h>
76 #include <net/ipv6.h>
77 #include <net/protocol.h>
78 #include <net/ndisc.h>
79 #include <net/ip6_route.h>
80 #include <net/addrconf.h>
81 #include <net/tcp.h>
82 #include <net/ip.h>
83 #include <net/netlink.h>
84 #include <net/pkt_sched.h>
85 #include <net/l3mdev.h>
86 #include <linux/if_tunnel.h>
87 #include <linux/rtnetlink.h>
88 #include <linux/netconf.h>
89 #include <linux/random.h>
90 #include <linux/uaccess.h>
91 #include <asm/unaligned.h>
92
93 #include <linux/proc_fs.h>
94 #include <linux/seq_file.h>
95 #include <linux/export.h>
96
97 /* Set to 3 to get tracing... */
98 #define ACONF_DEBUG 2
99
100 #if ACONF_DEBUG >= 3
101 #define ADBG(fmt, ...) printk(fmt, ##__VA_ARGS__)
102 #else
103 #define ADBG(fmt, ...) do { if (0) printk(fmt, ##__VA_ARGS__); } while (0)
104 #endif
105
106 #define INFINITY_LIFE_TIME 0xFFFFFFFF
107
108 #define IPV6_MAX_STRLEN \
109 sizeof("ffff:ffff:ffff:ffff:ffff:ffff:255.255.255.255")
110
111 static inline u32 cstamp_delta(unsigned long cstamp)
112 {
113 return (cstamp - INITIAL_JIFFIES) * 100UL / HZ;
114 }
115
116 static inline s32 rfc3315_s14_backoff_init(s32 irt)
117 {
118 /* multiply 'initial retransmission time' by 0.9 .. 1.1 */
119 u64 tmp = (900000 + prandom_u32() % 200001) * (u64)irt;
120 do_div(tmp, 1000000);
121 return (s32)tmp;
122 }
123
124 static inline s32 rfc3315_s14_backoff_update(s32 rt, s32 mrt)
125 {
126 /* multiply 'retransmission timeout' by 1.9 .. 2.1 */
127 u64 tmp = (1900000 + prandom_u32() % 200001) * (u64)rt;
128 do_div(tmp, 1000000);
129 if ((s32)tmp > mrt) {
130 /* multiply 'maximum retransmission time' by 0.9 .. 1.1 */
131 tmp = (900000 + prandom_u32() % 200001) * (u64)mrt;
132 do_div(tmp, 1000000);
133 }
134 return (s32)tmp;
135 }
136
137 #ifdef CONFIG_SYSCTL
138 static int addrconf_sysctl_register(struct inet6_dev *idev);
139 static void addrconf_sysctl_unregister(struct inet6_dev *idev);
140 #else
141 static inline int addrconf_sysctl_register(struct inet6_dev *idev)
142 {
143 return 0;
144 }
145
146 static inline void addrconf_sysctl_unregister(struct inet6_dev *idev)
147 {
148 }
149 #endif
150
151 static void ipv6_regen_rndid(struct inet6_dev *idev);
152 static void ipv6_try_regen_rndid(struct inet6_dev *idev, struct in6_addr *tmpaddr);
153
154 static int ipv6_generate_eui64(u8 *eui, struct net_device *dev);
155 static int ipv6_count_addresses(struct inet6_dev *idev);
156 static int ipv6_generate_stable_address(struct in6_addr *addr,
157 u8 dad_count,
158 const struct inet6_dev *idev);
159
160 /*
161 * Configured unicast address hash table
162 */
163 static struct hlist_head inet6_addr_lst[IN6_ADDR_HSIZE];
164 static DEFINE_SPINLOCK(addrconf_hash_lock);
165
166 static void addrconf_verify(void);
167 static void addrconf_verify_rtnl(void);
168 static void addrconf_verify_work(struct work_struct *);
169
170 static struct workqueue_struct *addrconf_wq;
171 static DECLARE_DELAYED_WORK(addr_chk_work, addrconf_verify_work);
172
173 static void addrconf_join_anycast(struct inet6_ifaddr *ifp);
174 static void addrconf_leave_anycast(struct inet6_ifaddr *ifp);
175
176 static void addrconf_type_change(struct net_device *dev,
177 unsigned long event);
178 static int addrconf_ifdown(struct net_device *dev, int how);
179
180 static struct rt6_info *addrconf_get_prefix_route(const struct in6_addr *pfx,
181 int plen,
182 const struct net_device *dev,
183 u32 flags, u32 noflags);
184
185 static void addrconf_dad_start(struct inet6_ifaddr *ifp);
186 static void addrconf_dad_work(struct work_struct *w);
187 static void addrconf_dad_completed(struct inet6_ifaddr *ifp, bool bump_id);
188 static void addrconf_dad_run(struct inet6_dev *idev);
189 static void addrconf_rs_timer(unsigned long data);
190 static void __ipv6_ifa_notify(int event, struct inet6_ifaddr *ifa);
191 static void ipv6_ifa_notify(int event, struct inet6_ifaddr *ifa);
192
193 static void inet6_prefix_notify(int event, struct inet6_dev *idev,
194 struct prefix_info *pinfo);
195 static bool ipv6_chk_same_addr(struct net *net, const struct in6_addr *addr,
196 struct net_device *dev);
197
198 static struct ipv6_devconf ipv6_devconf __read_mostly = {
199 .forwarding = 0,
200 .hop_limit = IPV6_DEFAULT_HOPLIMIT,
201 .mtu6 = IPV6_MIN_MTU,
202 .accept_ra = 1,
203 .accept_redirects = 1,
204 .autoconf = 1,
205 .force_mld_version = 0,
206 .mldv1_unsolicited_report_interval = 10 * HZ,
207 .mldv2_unsolicited_report_interval = HZ,
208 .dad_transmits = 1,
209 .rtr_solicits = MAX_RTR_SOLICITATIONS,
210 .rtr_solicit_interval = RTR_SOLICITATION_INTERVAL,
211 .rtr_solicit_max_interval = RTR_SOLICITATION_MAX_INTERVAL,
212 .rtr_solicit_delay = MAX_RTR_SOLICITATION_DELAY,
213 .use_tempaddr = 0,
214 .temp_valid_lft = TEMP_VALID_LIFETIME,
215 .temp_prefered_lft = TEMP_PREFERRED_LIFETIME,
216 .regen_max_retry = REGEN_MAX_RETRY,
217 .max_desync_factor = MAX_DESYNC_FACTOR,
218 .max_addresses = IPV6_MAX_ADDRESSES,
219 .accept_ra_defrtr = 1,
220 .accept_ra_from_local = 0,
221 .accept_ra_min_hop_limit= 1,
222 .accept_ra_pinfo = 1,
223 #ifdef CONFIG_IPV6_ROUTER_PREF
224 .accept_ra_rtr_pref = 1,
225 .rtr_probe_interval = 60 * HZ,
226 #ifdef CONFIG_IPV6_ROUTE_INFO
227 .accept_ra_rt_info_min_plen = 0,
228 .accept_ra_rt_info_max_plen = 0,
229 #endif
230 #endif
231 .proxy_ndp = 0,
232 .accept_source_route = 0, /* we do not accept RH0 by default. */
233 .disable_ipv6 = 0,
234 .accept_dad = 1,
235 .suppress_frag_ndisc = 1,
236 .accept_ra_mtu = 1,
237 .stable_secret = {
238 .initialized = false,
239 },
240 .use_oif_addrs_only = 0,
241 .ignore_routes_with_linkdown = 0,
242 .keep_addr_on_down = 0,
243 .seg6_enabled = 0,
244 #ifdef CONFIG_IPV6_SEG6_HMAC
245 .seg6_require_hmac = 0,
246 #endif
247 .enhanced_dad = 1,
248 .addr_gen_mode = IN6_ADDR_GEN_MODE_EUI64,
249 .disable_policy = 0,
250 };
251
252 static struct ipv6_devconf ipv6_devconf_dflt __read_mostly = {
253 .forwarding = 0,
254 .hop_limit = IPV6_DEFAULT_HOPLIMIT,
255 .mtu6 = IPV6_MIN_MTU,
256 .accept_ra = 1,
257 .accept_redirects = 1,
258 .autoconf = 1,
259 .force_mld_version = 0,
260 .mldv1_unsolicited_report_interval = 10 * HZ,
261 .mldv2_unsolicited_report_interval = HZ,
262 .dad_transmits = 1,
263 .rtr_solicits = MAX_RTR_SOLICITATIONS,
264 .rtr_solicit_interval = RTR_SOLICITATION_INTERVAL,
265 .rtr_solicit_max_interval = RTR_SOLICITATION_MAX_INTERVAL,
266 .rtr_solicit_delay = MAX_RTR_SOLICITATION_DELAY,
267 .use_tempaddr = 0,
268 .temp_valid_lft = TEMP_VALID_LIFETIME,
269 .temp_prefered_lft = TEMP_PREFERRED_LIFETIME,
270 .regen_max_retry = REGEN_MAX_RETRY,
271 .max_desync_factor = MAX_DESYNC_FACTOR,
272 .max_addresses = IPV6_MAX_ADDRESSES,
273 .accept_ra_defrtr = 1,
274 .accept_ra_from_local = 0,
275 .accept_ra_min_hop_limit= 1,
276 .accept_ra_pinfo = 1,
277 #ifdef CONFIG_IPV6_ROUTER_PREF
278 .accept_ra_rtr_pref = 1,
279 .rtr_probe_interval = 60 * HZ,
280 #ifdef CONFIG_IPV6_ROUTE_INFO
281 .accept_ra_rt_info_min_plen = 0,
282 .accept_ra_rt_info_max_plen = 0,
283 #endif
284 #endif
285 .proxy_ndp = 0,
286 .accept_source_route = 0, /* we do not accept RH0 by default. */
287 .disable_ipv6 = 0,
288 .accept_dad = 1,
289 .suppress_frag_ndisc = 1,
290 .accept_ra_mtu = 1,
291 .stable_secret = {
292 .initialized = false,
293 },
294 .use_oif_addrs_only = 0,
295 .ignore_routes_with_linkdown = 0,
296 .keep_addr_on_down = 0,
297 .seg6_enabled = 0,
298 #ifdef CONFIG_IPV6_SEG6_HMAC
299 .seg6_require_hmac = 0,
300 #endif
301 .enhanced_dad = 1,
302 .addr_gen_mode = IN6_ADDR_GEN_MODE_EUI64,
303 .disable_policy = 0,
304 };
305
306 /* Check if a valid qdisc is available */
307 static inline bool addrconf_qdisc_ok(const struct net_device *dev)
308 {
309 return !qdisc_tx_is_noop(dev);
310 }
311
312 static void addrconf_del_rs_timer(struct inet6_dev *idev)
313 {
314 if (del_timer(&idev->rs_timer))
315 __in6_dev_put(idev);
316 }
317
318 static void addrconf_del_dad_work(struct inet6_ifaddr *ifp)
319 {
320 if (cancel_delayed_work(&ifp->dad_work))
321 __in6_ifa_put(ifp);
322 }
323
324 static void addrconf_mod_rs_timer(struct inet6_dev *idev,
325 unsigned long when)
326 {
327 if (!timer_pending(&idev->rs_timer))
328 in6_dev_hold(idev);
329 mod_timer(&idev->rs_timer, jiffies + when);
330 }
331
332 static void addrconf_mod_dad_work(struct inet6_ifaddr *ifp,
333 unsigned long delay)
334 {
335 in6_ifa_hold(ifp);
336 if (mod_delayed_work(addrconf_wq, &ifp->dad_work, delay))
337 in6_ifa_put(ifp);
338 }
339
340 static int snmp6_alloc_dev(struct inet6_dev *idev)
341 {
342 int i;
343
344 idev->stats.ipv6 = alloc_percpu(struct ipstats_mib);
345 if (!idev->stats.ipv6)
346 goto err_ip;
347
348 for_each_possible_cpu(i) {
349 struct ipstats_mib *addrconf_stats;
350 addrconf_stats = per_cpu_ptr(idev->stats.ipv6, i);
351 u64_stats_init(&addrconf_stats->syncp);
352 }
353
354
355 idev->stats.icmpv6dev = kzalloc(sizeof(struct icmpv6_mib_device),
356 GFP_KERNEL);
357 if (!idev->stats.icmpv6dev)
358 goto err_icmp;
359 idev->stats.icmpv6msgdev = kzalloc(sizeof(struct icmpv6msg_mib_device),
360 GFP_KERNEL);
361 if (!idev->stats.icmpv6msgdev)
362 goto err_icmpmsg;
363
364 return 0;
365
366 err_icmpmsg:
367 kfree(idev->stats.icmpv6dev);
368 err_icmp:
369 free_percpu(idev->stats.ipv6);
370 err_ip:
371 return -ENOMEM;
372 }
373
374 static struct inet6_dev *ipv6_add_dev(struct net_device *dev)
375 {
376 struct inet6_dev *ndev;
377 int err = -ENOMEM;
378
379 ASSERT_RTNL();
380
381 if (dev->mtu < IPV6_MIN_MTU)
382 return ERR_PTR(-EINVAL);
383
384 ndev = kzalloc(sizeof(struct inet6_dev), GFP_KERNEL);
385 if (!ndev)
386 return ERR_PTR(err);
387
388 rwlock_init(&ndev->lock);
389 ndev->dev = dev;
390 INIT_LIST_HEAD(&ndev->addr_list);
391 setup_timer(&ndev->rs_timer, addrconf_rs_timer,
392 (unsigned long)ndev);
393 memcpy(&ndev->cnf, dev_net(dev)->ipv6.devconf_dflt, sizeof(ndev->cnf));
394
395 if (ndev->cnf.stable_secret.initialized)
396 ndev->cnf.addr_gen_mode = IN6_ADDR_GEN_MODE_STABLE_PRIVACY;
397 else
398 ndev->cnf.addr_gen_mode = ipv6_devconf_dflt.addr_gen_mode;
399
400 ndev->cnf.mtu6 = dev->mtu;
401 ndev->nd_parms = neigh_parms_alloc(dev, &nd_tbl);
402 if (!ndev->nd_parms) {
403 kfree(ndev);
404 return ERR_PTR(err);
405 }
406 if (ndev->cnf.forwarding)
407 dev_disable_lro(dev);
408 /* We refer to the device */
409 dev_hold(dev);
410
411 if (snmp6_alloc_dev(ndev) < 0) {
412 ADBG(KERN_WARNING
413 "%s: cannot allocate memory for statistics; dev=%s.\n",
414 __func__, dev->name);
415 neigh_parms_release(&nd_tbl, ndev->nd_parms);
416 dev_put(dev);
417 kfree(ndev);
418 return ERR_PTR(err);
419 }
420
421 if (snmp6_register_dev(ndev) < 0) {
422 ADBG(KERN_WARNING
423 "%s: cannot create /proc/net/dev_snmp6/%s\n",
424 __func__, dev->name);
425 goto err_release;
426 }
427
428 /* One reference from device. */
429 refcount_set(&ndev->refcnt, 1);
430
431 if (dev->flags & (IFF_NOARP | IFF_LOOPBACK))
432 ndev->cnf.accept_dad = -1;
433
434 #if IS_ENABLED(CONFIG_IPV6_SIT)
435 if (dev->type == ARPHRD_SIT && (dev->priv_flags & IFF_ISATAP)) {
436 pr_info("%s: Disabled Multicast RS\n", dev->name);
437 ndev->cnf.rtr_solicits = 0;
438 }
439 #endif
440
441 INIT_LIST_HEAD(&ndev->tempaddr_list);
442 ndev->desync_factor = U32_MAX;
443 if ((dev->flags&IFF_LOOPBACK) ||
444 dev->type == ARPHRD_TUNNEL ||
445 dev->type == ARPHRD_TUNNEL6 ||
446 dev->type == ARPHRD_SIT ||
447 dev->type == ARPHRD_NONE) {
448 ndev->cnf.use_tempaddr = -1;
449 } else
450 ipv6_regen_rndid(ndev);
451
452 ndev->token = in6addr_any;
453
454 if (netif_running(dev) && addrconf_qdisc_ok(dev))
455 ndev->if_flags |= IF_READY;
456
457 ipv6_mc_init_dev(ndev);
458 ndev->tstamp = jiffies;
459 err = addrconf_sysctl_register(ndev);
460 if (err) {
461 ipv6_mc_destroy_dev(ndev);
462 snmp6_unregister_dev(ndev);
463 goto err_release;
464 }
465 /* protected by rtnl_lock */
466 rcu_assign_pointer(dev->ip6_ptr, ndev);
467
468 /* Join interface-local all-node multicast group */
469 ipv6_dev_mc_inc(dev, &in6addr_interfacelocal_allnodes);
470
471 /* Join all-node multicast group */
472 ipv6_dev_mc_inc(dev, &in6addr_linklocal_allnodes);
473
474 /* Join all-router multicast group if forwarding is set */
475 if (ndev->cnf.forwarding && (dev->flags & IFF_MULTICAST))
476 ipv6_dev_mc_inc(dev, &in6addr_linklocal_allrouters);
477
478 return ndev;
479
480 err_release:
481 neigh_parms_release(&nd_tbl, ndev->nd_parms);
482 ndev->dead = 1;
483 in6_dev_finish_destroy(ndev);
484 return ERR_PTR(err);
485 }
486
487 static struct inet6_dev *ipv6_find_idev(struct net_device *dev)
488 {
489 struct inet6_dev *idev;
490
491 ASSERT_RTNL();
492
493 idev = __in6_dev_get(dev);
494 if (!idev) {
495 idev = ipv6_add_dev(dev);
496 if (IS_ERR(idev))
497 return NULL;
498 }
499
500 if (dev->flags&IFF_UP)
501 ipv6_mc_up(idev);
502 return idev;
503 }
504
505 static int inet6_netconf_msgsize_devconf(int type)
506 {
507 int size = NLMSG_ALIGN(sizeof(struct netconfmsg))
508 + nla_total_size(4); /* NETCONFA_IFINDEX */
509 bool all = false;
510
511 if (type == NETCONFA_ALL)
512 all = true;
513
514 if (all || type == NETCONFA_FORWARDING)
515 size += nla_total_size(4);
516 #ifdef CONFIG_IPV6_MROUTE
517 if (all || type == NETCONFA_MC_FORWARDING)
518 size += nla_total_size(4);
519 #endif
520 if (all || type == NETCONFA_PROXY_NEIGH)
521 size += nla_total_size(4);
522
523 if (all || type == NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN)
524 size += nla_total_size(4);
525
526 return size;
527 }
528
529 static int inet6_netconf_fill_devconf(struct sk_buff *skb, int ifindex,
530 struct ipv6_devconf *devconf, u32 portid,
531 u32 seq, int event, unsigned int flags,
532 int type)
533 {
534 struct nlmsghdr *nlh;
535 struct netconfmsg *ncm;
536 bool all = false;
537
538 nlh = nlmsg_put(skb, portid, seq, event, sizeof(struct netconfmsg),
539 flags);
540 if (!nlh)
541 return -EMSGSIZE;
542
543 if (type == NETCONFA_ALL)
544 all = true;
545
546 ncm = nlmsg_data(nlh);
547 ncm->ncm_family = AF_INET6;
548
549 if (nla_put_s32(skb, NETCONFA_IFINDEX, ifindex) < 0)
550 goto nla_put_failure;
551
552 if (!devconf)
553 goto out;
554
555 if ((all || type == NETCONFA_FORWARDING) &&
556 nla_put_s32(skb, NETCONFA_FORWARDING, devconf->forwarding) < 0)
557 goto nla_put_failure;
558 #ifdef CONFIG_IPV6_MROUTE
559 if ((all || type == NETCONFA_MC_FORWARDING) &&
560 nla_put_s32(skb, NETCONFA_MC_FORWARDING,
561 devconf->mc_forwarding) < 0)
562 goto nla_put_failure;
563 #endif
564 if ((all || type == NETCONFA_PROXY_NEIGH) &&
565 nla_put_s32(skb, NETCONFA_PROXY_NEIGH, devconf->proxy_ndp) < 0)
566 goto nla_put_failure;
567
568 if ((all || type == NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN) &&
569 nla_put_s32(skb, NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN,
570 devconf->ignore_routes_with_linkdown) < 0)
571 goto nla_put_failure;
572
573 out:
574 nlmsg_end(skb, nlh);
575 return 0;
576
577 nla_put_failure:
578 nlmsg_cancel(skb, nlh);
579 return -EMSGSIZE;
580 }
581
582 void inet6_netconf_notify_devconf(struct net *net, int event, int type,
583 int ifindex, struct ipv6_devconf *devconf)
584 {
585 struct sk_buff *skb;
586 int err = -ENOBUFS;
587
588 skb = nlmsg_new(inet6_netconf_msgsize_devconf(type), GFP_KERNEL);
589 if (!skb)
590 goto errout;
591
592 err = inet6_netconf_fill_devconf(skb, ifindex, devconf, 0, 0,
593 event, 0, type);
594 if (err < 0) {
595 /* -EMSGSIZE implies BUG in inet6_netconf_msgsize_devconf() */
596 WARN_ON(err == -EMSGSIZE);
597 kfree_skb(skb);
598 goto errout;
599 }
600 rtnl_notify(skb, net, 0, RTNLGRP_IPV6_NETCONF, NULL, GFP_KERNEL);
601 return;
602 errout:
603 rtnl_set_sk_err(net, RTNLGRP_IPV6_NETCONF, err);
604 }
605
606 static const struct nla_policy devconf_ipv6_policy[NETCONFA_MAX+1] = {
607 [NETCONFA_IFINDEX] = { .len = sizeof(int) },
608 [NETCONFA_FORWARDING] = { .len = sizeof(int) },
609 [NETCONFA_PROXY_NEIGH] = { .len = sizeof(int) },
610 [NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN] = { .len = sizeof(int) },
611 };
612
613 static int inet6_netconf_get_devconf(struct sk_buff *in_skb,
614 struct nlmsghdr *nlh,
615 struct netlink_ext_ack *extack)
616 {
617 struct net *net = sock_net(in_skb->sk);
618 struct nlattr *tb[NETCONFA_MAX+1];
619 struct netconfmsg *ncm;
620 struct sk_buff *skb;
621 struct ipv6_devconf *devconf;
622 struct inet6_dev *in6_dev;
623 struct net_device *dev;
624 int ifindex;
625 int err;
626
627 err = nlmsg_parse(nlh, sizeof(*ncm), tb, NETCONFA_MAX,
628 devconf_ipv6_policy, extack);
629 if (err < 0)
630 goto errout;
631
632 err = -EINVAL;
633 if (!tb[NETCONFA_IFINDEX])
634 goto errout;
635
636 ifindex = nla_get_s32(tb[NETCONFA_IFINDEX]);
637 switch (ifindex) {
638 case NETCONFA_IFINDEX_ALL:
639 devconf = net->ipv6.devconf_all;
640 break;
641 case NETCONFA_IFINDEX_DEFAULT:
642 devconf = net->ipv6.devconf_dflt;
643 break;
644 default:
645 dev = __dev_get_by_index(net, ifindex);
646 if (!dev)
647 goto errout;
648 in6_dev = __in6_dev_get(dev);
649 if (!in6_dev)
650 goto errout;
651 devconf = &in6_dev->cnf;
652 break;
653 }
654
655 err = -ENOBUFS;
656 skb = nlmsg_new(inet6_netconf_msgsize_devconf(NETCONFA_ALL), GFP_ATOMIC);
657 if (!skb)
658 goto errout;
659
660 err = inet6_netconf_fill_devconf(skb, ifindex, devconf,
661 NETLINK_CB(in_skb).portid,
662 nlh->nlmsg_seq, RTM_NEWNETCONF, 0,
663 NETCONFA_ALL);
664 if (err < 0) {
665 /* -EMSGSIZE implies BUG in inet6_netconf_msgsize_devconf() */
666 WARN_ON(err == -EMSGSIZE);
667 kfree_skb(skb);
668 goto errout;
669 }
670 err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).portid);
671 errout:
672 return err;
673 }
674
675 static int inet6_netconf_dump_devconf(struct sk_buff *skb,
676 struct netlink_callback *cb)
677 {
678 struct net *net = sock_net(skb->sk);
679 int h, s_h;
680 int idx, s_idx;
681 struct net_device *dev;
682 struct inet6_dev *idev;
683 struct hlist_head *head;
684
685 s_h = cb->args[0];
686 s_idx = idx = cb->args[1];
687
688 for (h = s_h; h < NETDEV_HASHENTRIES; h++, s_idx = 0) {
689 idx = 0;
690 head = &net->dev_index_head[h];
691 rcu_read_lock();
692 cb->seq = atomic_read(&net->ipv6.dev_addr_genid) ^
693 net->dev_base_seq;
694 hlist_for_each_entry_rcu(dev, head, index_hlist) {
695 if (idx < s_idx)
696 goto cont;
697 idev = __in6_dev_get(dev);
698 if (!idev)
699 goto cont;
700
701 if (inet6_netconf_fill_devconf(skb, dev->ifindex,
702 &idev->cnf,
703 NETLINK_CB(cb->skb).portid,
704 cb->nlh->nlmsg_seq,
705 RTM_NEWNETCONF,
706 NLM_F_MULTI,
707 NETCONFA_ALL) < 0) {
708 rcu_read_unlock();
709 goto done;
710 }
711 nl_dump_check_consistent(cb, nlmsg_hdr(skb));
712 cont:
713 idx++;
714 }
715 rcu_read_unlock();
716 }
717 if (h == NETDEV_HASHENTRIES) {
718 if (inet6_netconf_fill_devconf(skb, NETCONFA_IFINDEX_ALL,
719 net->ipv6.devconf_all,
720 NETLINK_CB(cb->skb).portid,
721 cb->nlh->nlmsg_seq,
722 RTM_NEWNETCONF, NLM_F_MULTI,
723 NETCONFA_ALL) < 0)
724 goto done;
725 else
726 h++;
727 }
728 if (h == NETDEV_HASHENTRIES + 1) {
729 if (inet6_netconf_fill_devconf(skb, NETCONFA_IFINDEX_DEFAULT,
730 net->ipv6.devconf_dflt,
731 NETLINK_CB(cb->skb).portid,
732 cb->nlh->nlmsg_seq,
733 RTM_NEWNETCONF, NLM_F_MULTI,
734 NETCONFA_ALL) < 0)
735 goto done;
736 else
737 h++;
738 }
739 done:
740 cb->args[0] = h;
741 cb->args[1] = idx;
742
743 return skb->len;
744 }
745
746 #ifdef CONFIG_SYSCTL
747 static void dev_forward_change(struct inet6_dev *idev)
748 {
749 struct net_device *dev;
750 struct inet6_ifaddr *ifa;
751
752 if (!idev)
753 return;
754 dev = idev->dev;
755 if (idev->cnf.forwarding)
756 dev_disable_lro(dev);
757 if (dev->flags & IFF_MULTICAST) {
758 if (idev->cnf.forwarding) {
759 ipv6_dev_mc_inc(dev, &in6addr_linklocal_allrouters);
760 ipv6_dev_mc_inc(dev, &in6addr_interfacelocal_allrouters);
761 ipv6_dev_mc_inc(dev, &in6addr_sitelocal_allrouters);
762 } else {
763 ipv6_dev_mc_dec(dev, &in6addr_linklocal_allrouters);
764 ipv6_dev_mc_dec(dev, &in6addr_interfacelocal_allrouters);
765 ipv6_dev_mc_dec(dev, &in6addr_sitelocal_allrouters);
766 }
767 }
768
769 list_for_each_entry(ifa, &idev->addr_list, if_list) {
770 if (ifa->flags&IFA_F_TENTATIVE)
771 continue;
772 if (idev->cnf.forwarding)
773 addrconf_join_anycast(ifa);
774 else
775 addrconf_leave_anycast(ifa);
776 }
777 inet6_netconf_notify_devconf(dev_net(dev), RTM_NEWNETCONF,
778 NETCONFA_FORWARDING,
779 dev->ifindex, &idev->cnf);
780 }
781
782
783 static void addrconf_forward_change(struct net *net, __s32 newf)
784 {
785 struct net_device *dev;
786 struct inet6_dev *idev;
787
788 for_each_netdev(net, dev) {
789 idev = __in6_dev_get(dev);
790 if (idev) {
791 int changed = (!idev->cnf.forwarding) ^ (!newf);
792 idev->cnf.forwarding = newf;
793 if (changed)
794 dev_forward_change(idev);
795 }
796 }
797 }
798
799 static int addrconf_fixup_forwarding(struct ctl_table *table, int *p, int newf)
800 {
801 struct net *net;
802 int old;
803
804 if (!rtnl_trylock())
805 return restart_syscall();
806
807 net = (struct net *)table->extra2;
808 old = *p;
809 *p = newf;
810
811 if (p == &net->ipv6.devconf_dflt->forwarding) {
812 if ((!newf) ^ (!old))
813 inet6_netconf_notify_devconf(net, RTM_NEWNETCONF,
814 NETCONFA_FORWARDING,
815 NETCONFA_IFINDEX_DEFAULT,
816 net->ipv6.devconf_dflt);
817 rtnl_unlock();
818 return 0;
819 }
820
821 if (p == &net->ipv6.devconf_all->forwarding) {
822 int old_dflt = net->ipv6.devconf_dflt->forwarding;
823
824 net->ipv6.devconf_dflt->forwarding = newf;
825 if ((!newf) ^ (!old_dflt))
826 inet6_netconf_notify_devconf(net, RTM_NEWNETCONF,
827 NETCONFA_FORWARDING,
828 NETCONFA_IFINDEX_DEFAULT,
829 net->ipv6.devconf_dflt);
830
831 addrconf_forward_change(net, newf);
832 if ((!newf) ^ (!old))
833 inet6_netconf_notify_devconf(net, RTM_NEWNETCONF,
834 NETCONFA_FORWARDING,
835 NETCONFA_IFINDEX_ALL,
836 net->ipv6.devconf_all);
837 } else if ((!newf) ^ (!old))
838 dev_forward_change((struct inet6_dev *)table->extra1);
839 rtnl_unlock();
840
841 if (newf)
842 rt6_purge_dflt_routers(net);
843 return 1;
844 }
845
846 static void addrconf_linkdown_change(struct net *net, __s32 newf)
847 {
848 struct net_device *dev;
849 struct inet6_dev *idev;
850
851 for_each_netdev(net, dev) {
852 idev = __in6_dev_get(dev);
853 if (idev) {
854 int changed = (!idev->cnf.ignore_routes_with_linkdown) ^ (!newf);
855
856 idev->cnf.ignore_routes_with_linkdown = newf;
857 if (changed)
858 inet6_netconf_notify_devconf(dev_net(dev),
859 RTM_NEWNETCONF,
860 NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN,
861 dev->ifindex,
862 &idev->cnf);
863 }
864 }
865 }
866
867 static int addrconf_fixup_linkdown(struct ctl_table *table, int *p, int newf)
868 {
869 struct net *net;
870 int old;
871
872 if (!rtnl_trylock())
873 return restart_syscall();
874
875 net = (struct net *)table->extra2;
876 old = *p;
877 *p = newf;
878
879 if (p == &net->ipv6.devconf_dflt->ignore_routes_with_linkdown) {
880 if ((!newf) ^ (!old))
881 inet6_netconf_notify_devconf(net,
882 RTM_NEWNETCONF,
883 NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN,
884 NETCONFA_IFINDEX_DEFAULT,
885 net->ipv6.devconf_dflt);
886 rtnl_unlock();
887 return 0;
888 }
889
890 if (p == &net->ipv6.devconf_all->ignore_routes_with_linkdown) {
891 net->ipv6.devconf_dflt->ignore_routes_with_linkdown = newf;
892 addrconf_linkdown_change(net, newf);
893 if ((!newf) ^ (!old))
894 inet6_netconf_notify_devconf(net,
895 RTM_NEWNETCONF,
896 NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN,
897 NETCONFA_IFINDEX_ALL,
898 net->ipv6.devconf_all);
899 }
900 rtnl_unlock();
901
902 return 1;
903 }
904
905 #endif
906
907 /* Nobody refers to this ifaddr, destroy it */
908 void inet6_ifa_finish_destroy(struct inet6_ifaddr *ifp)
909 {
910 WARN_ON(!hlist_unhashed(&ifp->addr_lst));
911
912 #ifdef NET_REFCNT_DEBUG
913 pr_debug("%s\n", __func__);
914 #endif
915
916 in6_dev_put(ifp->idev);
917
918 if (cancel_delayed_work(&ifp->dad_work))
919 pr_notice("delayed DAD work was pending while freeing ifa=%p\n",
920 ifp);
921
922 if (ifp->state != INET6_IFADDR_STATE_DEAD) {
923 pr_warn("Freeing alive inet6 address %p\n", ifp);
924 return;
925 }
926 ip6_rt_put(ifp->rt);
927
928 kfree_rcu(ifp, rcu);
929 }
930
931 static void
932 ipv6_link_dev_addr(struct inet6_dev *idev, struct inet6_ifaddr *ifp)
933 {
934 struct list_head *p;
935 int ifp_scope = ipv6_addr_src_scope(&ifp->addr);
936
937 /*
938 * Each device address list is sorted in order of scope -
939 * global before linklocal.
940 */
941 list_for_each(p, &idev->addr_list) {
942 struct inet6_ifaddr *ifa
943 = list_entry(p, struct inet6_ifaddr, if_list);
944 if (ifp_scope >= ipv6_addr_src_scope(&ifa->addr))
945 break;
946 }
947
948 list_add_tail(&ifp->if_list, p);
949 }
950
951 static u32 inet6_addr_hash(const struct in6_addr *addr)
952 {
953 return hash_32(ipv6_addr_hash(addr), IN6_ADDR_HSIZE_SHIFT);
954 }
955
956 /* On success it returns ifp with increased reference count */
957
958 static struct inet6_ifaddr *
959 ipv6_add_addr(struct inet6_dev *idev, const struct in6_addr *addr,
960 const struct in6_addr *peer_addr, int pfxlen,
961 int scope, u32 flags, u32 valid_lft, u32 prefered_lft)
962 {
963 struct net *net = dev_net(idev->dev);
964 struct inet6_ifaddr *ifa = NULL;
965 struct rt6_info *rt;
966 struct in6_validator_info i6vi;
967 unsigned int hash;
968 int err = 0;
969 int addr_type = ipv6_addr_type(addr);
970
971 if (addr_type == IPV6_ADDR_ANY ||
972 addr_type & IPV6_ADDR_MULTICAST ||
973 (!(idev->dev->flags & IFF_LOOPBACK) &&
974 addr_type & IPV6_ADDR_LOOPBACK))
975 return ERR_PTR(-EADDRNOTAVAIL);
976
977 rcu_read_lock_bh();
978
979 in6_dev_hold(idev);
980
981 if (idev->dead) {
982 err = -ENODEV; /*XXX*/
983 goto out2;
984 }
985
986 if (idev->cnf.disable_ipv6) {
987 err = -EACCES;
988 goto out2;
989 }
990
991 i6vi.i6vi_addr = *addr;
992 i6vi.i6vi_dev = idev;
993 rcu_read_unlock_bh();
994
995 err = inet6addr_validator_notifier_call_chain(NETDEV_UP, &i6vi);
996
997 rcu_read_lock_bh();
998 err = notifier_to_errno(err);
999 if (err)
1000 goto out2;
1001
1002 spin_lock(&addrconf_hash_lock);
1003
1004 /* Ignore adding duplicate addresses on an interface */
1005 if (ipv6_chk_same_addr(dev_net(idev->dev), addr, idev->dev)) {
1006 ADBG("ipv6_add_addr: already assigned\n");
1007 err = -EEXIST;
1008 goto out;
1009 }
1010
1011 ifa = kzalloc(sizeof(struct inet6_ifaddr), GFP_ATOMIC);
1012
1013 if (!ifa) {
1014 ADBG("ipv6_add_addr: malloc failed\n");
1015 err = -ENOBUFS;
1016 goto out;
1017 }
1018
1019 rt = addrconf_dst_alloc(idev, addr, false);
1020 if (IS_ERR(rt)) {
1021 err = PTR_ERR(rt);
1022 goto out;
1023 }
1024
1025 if (net->ipv6.devconf_all->disable_policy ||
1026 idev->cnf.disable_policy)
1027 rt->dst.flags |= DST_NOPOLICY;
1028
1029 neigh_parms_data_state_setall(idev->nd_parms);
1030
1031 ifa->addr = *addr;
1032 if (peer_addr)
1033 ifa->peer_addr = *peer_addr;
1034
1035 spin_lock_init(&ifa->lock);
1036 INIT_DELAYED_WORK(&ifa->dad_work, addrconf_dad_work);
1037 INIT_HLIST_NODE(&ifa->addr_lst);
1038 ifa->scope = scope;
1039 ifa->prefix_len = pfxlen;
1040 ifa->flags = flags;
1041 /* No need to add the TENTATIVE flag for addresses with NODAD */
1042 if (!(flags & IFA_F_NODAD))
1043 ifa->flags |= IFA_F_TENTATIVE;
1044 ifa->valid_lft = valid_lft;
1045 ifa->prefered_lft = prefered_lft;
1046 ifa->cstamp = ifa->tstamp = jiffies;
1047 ifa->tokenized = false;
1048
1049 ifa->rt = rt;
1050
1051 ifa->idev = idev;
1052 /* For caller */
1053 refcount_set(&ifa->refcnt, 1);
1054
1055 /* Add to big hash table */
1056 hash = inet6_addr_hash(addr);
1057
1058 hlist_add_head_rcu(&ifa->addr_lst, &inet6_addr_lst[hash]);
1059 spin_unlock(&addrconf_hash_lock);
1060
1061 write_lock(&idev->lock);
1062 /* Add to inet6_dev unicast addr list. */
1063 ipv6_link_dev_addr(idev, ifa);
1064
1065 if (ifa->flags&IFA_F_TEMPORARY) {
1066 list_add(&ifa->tmp_list, &idev->tempaddr_list);
1067 in6_ifa_hold(ifa);
1068 }
1069
1070 in6_ifa_hold(ifa);
1071 write_unlock(&idev->lock);
1072 out2:
1073 rcu_read_unlock_bh();
1074
1075 if (likely(err == 0))
1076 inet6addr_notifier_call_chain(NETDEV_UP, ifa);
1077 else {
1078 kfree(ifa);
1079 in6_dev_put(idev);
1080 ifa = ERR_PTR(err);
1081 }
1082
1083 return ifa;
1084 out:
1085 spin_unlock(&addrconf_hash_lock);
1086 goto out2;
1087 }
1088
1089 enum cleanup_prefix_rt_t {
1090 CLEANUP_PREFIX_RT_NOP, /* no cleanup action for prefix route */
1091 CLEANUP_PREFIX_RT_DEL, /* delete the prefix route */
1092 CLEANUP_PREFIX_RT_EXPIRE, /* update the lifetime of the prefix route */
1093 };
1094
1095 /*
1096 * Check, whether the prefix for ifp would still need a prefix route
1097 * after deleting ifp. The function returns one of the CLEANUP_PREFIX_RT_*
1098 * constants.
1099 *
1100 * 1) we don't purge prefix if address was not permanent.
1101 * prefix is managed by its own lifetime.
1102 * 2) we also don't purge, if the address was IFA_F_NOPREFIXROUTE.
1103 * 3) if there are no addresses, delete prefix.
1104 * 4) if there are still other permanent address(es),
1105 * corresponding prefix is still permanent.
1106 * 5) if there are still other addresses with IFA_F_NOPREFIXROUTE,
1107 * don't purge the prefix, assume user space is managing it.
1108 * 6) otherwise, update prefix lifetime to the
1109 * longest valid lifetime among the corresponding
1110 * addresses on the device.
1111 * Note: subsequent RA will update lifetime.
1112 **/
1113 static enum cleanup_prefix_rt_t
1114 check_cleanup_prefix_route(struct inet6_ifaddr *ifp, unsigned long *expires)
1115 {
1116 struct inet6_ifaddr *ifa;
1117 struct inet6_dev *idev = ifp->idev;
1118 unsigned long lifetime;
1119 enum cleanup_prefix_rt_t action = CLEANUP_PREFIX_RT_DEL;
1120
1121 *expires = jiffies;
1122
1123 list_for_each_entry(ifa, &idev->addr_list, if_list) {
1124 if (ifa == ifp)
1125 continue;
1126 if (!ipv6_prefix_equal(&ifa->addr, &ifp->addr,
1127 ifp->prefix_len))
1128 continue;
1129 if (ifa->flags & (IFA_F_PERMANENT | IFA_F_NOPREFIXROUTE))
1130 return CLEANUP_PREFIX_RT_NOP;
1131
1132 action = CLEANUP_PREFIX_RT_EXPIRE;
1133
1134 spin_lock(&ifa->lock);
1135
1136 lifetime = addrconf_timeout_fixup(ifa->valid_lft, HZ);
1137 /*
1138 * Note: Because this address is
1139 * not permanent, lifetime <
1140 * LONG_MAX / HZ here.
1141 */
1142 if (time_before(*expires, ifa->tstamp + lifetime * HZ))
1143 *expires = ifa->tstamp + lifetime * HZ;
1144 spin_unlock(&ifa->lock);
1145 }
1146
1147 return action;
1148 }
1149
1150 static void
1151 cleanup_prefix_route(struct inet6_ifaddr *ifp, unsigned long expires, bool del_rt)
1152 {
1153 struct rt6_info *rt;
1154
1155 rt = addrconf_get_prefix_route(&ifp->addr,
1156 ifp->prefix_len,
1157 ifp->idev->dev,
1158 0, RTF_GATEWAY | RTF_DEFAULT);
1159 if (rt) {
1160 if (del_rt)
1161 ip6_del_rt(rt);
1162 else {
1163 if (!(rt->rt6i_flags & RTF_EXPIRES))
1164 rt6_set_expires(rt, expires);
1165 ip6_rt_put(rt);
1166 }
1167 }
1168 }
1169
1170
1171 /* This function wants to get referenced ifp and releases it before return */
1172
1173 static void ipv6_del_addr(struct inet6_ifaddr *ifp)
1174 {
1175 int state;
1176 enum cleanup_prefix_rt_t action = CLEANUP_PREFIX_RT_NOP;
1177 unsigned long expires;
1178
1179 ASSERT_RTNL();
1180
1181 spin_lock_bh(&ifp->lock);
1182 state = ifp->state;
1183 ifp->state = INET6_IFADDR_STATE_DEAD;
1184 spin_unlock_bh(&ifp->lock);
1185
1186 if (state == INET6_IFADDR_STATE_DEAD)
1187 goto out;
1188
1189 spin_lock_bh(&addrconf_hash_lock);
1190 hlist_del_init_rcu(&ifp->addr_lst);
1191 spin_unlock_bh(&addrconf_hash_lock);
1192
1193 write_lock_bh(&ifp->idev->lock);
1194
1195 if (ifp->flags&IFA_F_TEMPORARY) {
1196 list_del(&ifp->tmp_list);
1197 if (ifp->ifpub) {
1198 in6_ifa_put(ifp->ifpub);
1199 ifp->ifpub = NULL;
1200 }
1201 __in6_ifa_put(ifp);
1202 }
1203
1204 if (ifp->flags & IFA_F_PERMANENT && !(ifp->flags & IFA_F_NOPREFIXROUTE))
1205 action = check_cleanup_prefix_route(ifp, &expires);
1206
1207 list_del_init(&ifp->if_list);
1208 __in6_ifa_put(ifp);
1209
1210 write_unlock_bh(&ifp->idev->lock);
1211
1212 addrconf_del_dad_work(ifp);
1213
1214 ipv6_ifa_notify(RTM_DELADDR, ifp);
1215
1216 inet6addr_notifier_call_chain(NETDEV_DOWN, ifp);
1217
1218 if (action != CLEANUP_PREFIX_RT_NOP) {
1219 cleanup_prefix_route(ifp, expires,
1220 action == CLEANUP_PREFIX_RT_DEL);
1221 }
1222
1223 /* clean up prefsrc entries */
1224 rt6_remove_prefsrc(ifp);
1225 out:
1226 in6_ifa_put(ifp);
1227 }
1228
1229 static int ipv6_create_tempaddr(struct inet6_ifaddr *ifp, struct inet6_ifaddr *ift)
1230 {
1231 struct inet6_dev *idev = ifp->idev;
1232 struct in6_addr addr, *tmpaddr;
1233 unsigned long tmp_prefered_lft, tmp_valid_lft, tmp_tstamp, age;
1234 unsigned long regen_advance;
1235 int tmp_plen;
1236 int ret = 0;
1237 u32 addr_flags;
1238 unsigned long now = jiffies;
1239 long max_desync_factor;
1240 s32 cnf_temp_preferred_lft;
1241
1242 write_lock_bh(&idev->lock);
1243 if (ift) {
1244 spin_lock_bh(&ift->lock);
1245 memcpy(&addr.s6_addr[8], &ift->addr.s6_addr[8], 8);
1246 spin_unlock_bh(&ift->lock);
1247 tmpaddr = &addr;
1248 } else {
1249 tmpaddr = NULL;
1250 }
1251 retry:
1252 in6_dev_hold(idev);
1253 if (idev->cnf.use_tempaddr <= 0) {
1254 write_unlock_bh(&idev->lock);
1255 pr_info("%s: use_tempaddr is disabled\n", __func__);
1256 in6_dev_put(idev);
1257 ret = -1;
1258 goto out;
1259 }
1260 spin_lock_bh(&ifp->lock);
1261 if (ifp->regen_count++ >= idev->cnf.regen_max_retry) {
1262 idev->cnf.use_tempaddr = -1; /*XXX*/
1263 spin_unlock_bh(&ifp->lock);
1264 write_unlock_bh(&idev->lock);
1265 pr_warn("%s: regeneration time exceeded - disabled temporary address support\n",
1266 __func__);
1267 in6_dev_put(idev);
1268 ret = -1;
1269 goto out;
1270 }
1271 in6_ifa_hold(ifp);
1272 memcpy(addr.s6_addr, ifp->addr.s6_addr, 8);
1273 ipv6_try_regen_rndid(idev, tmpaddr);
1274 memcpy(&addr.s6_addr[8], idev->rndid, 8);
1275 age = (now - ifp->tstamp) / HZ;
1276
1277 regen_advance = idev->cnf.regen_max_retry *
1278 idev->cnf.dad_transmits *
1279 NEIGH_VAR(idev->nd_parms, RETRANS_TIME) / HZ;
1280
1281 /* recalculate max_desync_factor each time and update
1282 * idev->desync_factor if it's larger
1283 */
1284 cnf_temp_preferred_lft = READ_ONCE(idev->cnf.temp_prefered_lft);
1285 max_desync_factor = min_t(__u32,
1286 idev->cnf.max_desync_factor,
1287 cnf_temp_preferred_lft - regen_advance);
1288
1289 if (unlikely(idev->desync_factor > max_desync_factor)) {
1290 if (max_desync_factor > 0) {
1291 get_random_bytes(&idev->desync_factor,
1292 sizeof(idev->desync_factor));
1293 idev->desync_factor %= max_desync_factor;
1294 } else {
1295 idev->desync_factor = 0;
1296 }
1297 }
1298
1299 tmp_valid_lft = min_t(__u32,
1300 ifp->valid_lft,
1301 idev->cnf.temp_valid_lft + age);
1302 tmp_prefered_lft = cnf_temp_preferred_lft + age -
1303 idev->desync_factor;
1304 tmp_prefered_lft = min_t(__u32, ifp->prefered_lft, tmp_prefered_lft);
1305 tmp_plen = ifp->prefix_len;
1306 tmp_tstamp = ifp->tstamp;
1307 spin_unlock_bh(&ifp->lock);
1308
1309 write_unlock_bh(&idev->lock);
1310
1311 /* A temporary address is created only if this calculated Preferred
1312 * Lifetime is greater than REGEN_ADVANCE time units. In particular,
1313 * an implementation must not create a temporary address with a zero
1314 * Preferred Lifetime.
1315 * Use age calculation as in addrconf_verify to avoid unnecessary
1316 * temporary addresses being generated.
1317 */
1318 age = (now - tmp_tstamp + ADDRCONF_TIMER_FUZZ_MINUS) / HZ;
1319 if (tmp_prefered_lft <= regen_advance + age) {
1320 in6_ifa_put(ifp);
1321 in6_dev_put(idev);
1322 ret = -1;
1323 goto out;
1324 }
1325
1326 addr_flags = IFA_F_TEMPORARY;
1327 /* set in addrconf_prefix_rcv() */
1328 if (ifp->flags & IFA_F_OPTIMISTIC)
1329 addr_flags |= IFA_F_OPTIMISTIC;
1330
1331 ift = ipv6_add_addr(idev, &addr, NULL, tmp_plen,
1332 ipv6_addr_scope(&addr), addr_flags,
1333 tmp_valid_lft, tmp_prefered_lft);
1334 if (IS_ERR(ift)) {
1335 in6_ifa_put(ifp);
1336 in6_dev_put(idev);
1337 pr_info("%s: retry temporary address regeneration\n", __func__);
1338 tmpaddr = &addr;
1339 write_lock_bh(&idev->lock);
1340 goto retry;
1341 }
1342
1343 spin_lock_bh(&ift->lock);
1344 ift->ifpub = ifp;
1345 ift->cstamp = now;
1346 ift->tstamp = tmp_tstamp;
1347 spin_unlock_bh(&ift->lock);
1348
1349 addrconf_dad_start(ift);
1350 in6_ifa_put(ift);
1351 in6_dev_put(idev);
1352 out:
1353 return ret;
1354 }
1355
1356 /*
1357 * Choose an appropriate source address (RFC3484)
1358 */
1359 enum {
1360 IPV6_SADDR_RULE_INIT = 0,
1361 IPV6_SADDR_RULE_LOCAL,
1362 IPV6_SADDR_RULE_SCOPE,
1363 IPV6_SADDR_RULE_PREFERRED,
1364 #ifdef CONFIG_IPV6_MIP6
1365 IPV6_SADDR_RULE_HOA,
1366 #endif
1367 IPV6_SADDR_RULE_OIF,
1368 IPV6_SADDR_RULE_LABEL,
1369 IPV6_SADDR_RULE_PRIVACY,
1370 IPV6_SADDR_RULE_ORCHID,
1371 IPV6_SADDR_RULE_PREFIX,
1372 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
1373 IPV6_SADDR_RULE_NOT_OPTIMISTIC,
1374 #endif
1375 IPV6_SADDR_RULE_MAX
1376 };
1377
1378 struct ipv6_saddr_score {
1379 int rule;
1380 int addr_type;
1381 struct inet6_ifaddr *ifa;
1382 DECLARE_BITMAP(scorebits, IPV6_SADDR_RULE_MAX);
1383 int scopedist;
1384 int matchlen;
1385 };
1386
1387 struct ipv6_saddr_dst {
1388 const struct in6_addr *addr;
1389 int ifindex;
1390 int scope;
1391 int label;
1392 unsigned int prefs;
1393 };
1394
1395 static inline int ipv6_saddr_preferred(int type)
1396 {
1397 if (type & (IPV6_ADDR_MAPPED|IPV6_ADDR_COMPATv4|IPV6_ADDR_LOOPBACK))
1398 return 1;
1399 return 0;
1400 }
1401
1402 static inline bool ipv6_use_optimistic_addr(struct inet6_dev *idev)
1403 {
1404 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
1405 return idev && idev->cnf.optimistic_dad && idev->cnf.use_optimistic;
1406 #else
1407 return false;
1408 #endif
1409 }
1410
1411 static int ipv6_get_saddr_eval(struct net *net,
1412 struct ipv6_saddr_score *score,
1413 struct ipv6_saddr_dst *dst,
1414 int i)
1415 {
1416 int ret;
1417
1418 if (i <= score->rule) {
1419 switch (i) {
1420 case IPV6_SADDR_RULE_SCOPE:
1421 ret = score->scopedist;
1422 break;
1423 case IPV6_SADDR_RULE_PREFIX:
1424 ret = score->matchlen;
1425 break;
1426 default:
1427 ret = !!test_bit(i, score->scorebits);
1428 }
1429 goto out;
1430 }
1431
1432 switch (i) {
1433 case IPV6_SADDR_RULE_INIT:
1434 /* Rule 0: remember if hiscore is not ready yet */
1435 ret = !!score->ifa;
1436 break;
1437 case IPV6_SADDR_RULE_LOCAL:
1438 /* Rule 1: Prefer same address */
1439 ret = ipv6_addr_equal(&score->ifa->addr, dst->addr);
1440 break;
1441 case IPV6_SADDR_RULE_SCOPE:
1442 /* Rule 2: Prefer appropriate scope
1443 *
1444 * ret
1445 * ^
1446 * -1 | d 15
1447 * ---+--+-+---> scope
1448 * |
1449 * | d is scope of the destination.
1450 * B-d | \
1451 * | \ <- smaller scope is better if
1452 * B-15 | \ if scope is enough for destination.
1453 * | ret = B - scope (-1 <= scope >= d <= 15).
1454 * d-C-1 | /
1455 * |/ <- greater is better
1456 * -C / if scope is not enough for destination.
1457 * /| ret = scope - C (-1 <= d < scope <= 15).
1458 *
1459 * d - C - 1 < B -15 (for all -1 <= d <= 15).
1460 * C > d + 14 - B >= 15 + 14 - B = 29 - B.
1461 * Assume B = 0 and we get C > 29.
1462 */
1463 ret = __ipv6_addr_src_scope(score->addr_type);
1464 if (ret >= dst->scope)
1465 ret = -ret;
1466 else
1467 ret -= 128; /* 30 is enough */
1468 score->scopedist = ret;
1469 break;
1470 case IPV6_SADDR_RULE_PREFERRED:
1471 {
1472 /* Rule 3: Avoid deprecated and optimistic addresses */
1473 u8 avoid = IFA_F_DEPRECATED;
1474
1475 if (!ipv6_use_optimistic_addr(score->ifa->idev))
1476 avoid |= IFA_F_OPTIMISTIC;
1477 ret = ipv6_saddr_preferred(score->addr_type) ||
1478 !(score->ifa->flags & avoid);
1479 break;
1480 }
1481 #ifdef CONFIG_IPV6_MIP6
1482 case IPV6_SADDR_RULE_HOA:
1483 {
1484 /* Rule 4: Prefer home address */
1485 int prefhome = !(dst->prefs & IPV6_PREFER_SRC_COA);
1486 ret = !(score->ifa->flags & IFA_F_HOMEADDRESS) ^ prefhome;
1487 break;
1488 }
1489 #endif
1490 case IPV6_SADDR_RULE_OIF:
1491 /* Rule 5: Prefer outgoing interface */
1492 ret = (!dst->ifindex ||
1493 dst->ifindex == score->ifa->idev->dev->ifindex);
1494 break;
1495 case IPV6_SADDR_RULE_LABEL:
1496 /* Rule 6: Prefer matching label */
1497 ret = ipv6_addr_label(net,
1498 &score->ifa->addr, score->addr_type,
1499 score->ifa->idev->dev->ifindex) == dst->label;
1500 break;
1501 case IPV6_SADDR_RULE_PRIVACY:
1502 {
1503 /* Rule 7: Prefer public address
1504 * Note: prefer temporary address if use_tempaddr >= 2
1505 */
1506 int preftmp = dst->prefs & (IPV6_PREFER_SRC_PUBLIC|IPV6_PREFER_SRC_TMP) ?
1507 !!(dst->prefs & IPV6_PREFER_SRC_TMP) :
1508 score->ifa->idev->cnf.use_tempaddr >= 2;
1509 ret = (!(score->ifa->flags & IFA_F_TEMPORARY)) ^ preftmp;
1510 break;
1511 }
1512 case IPV6_SADDR_RULE_ORCHID:
1513 /* Rule 8-: Prefer ORCHID vs ORCHID or
1514 * non-ORCHID vs non-ORCHID
1515 */
1516 ret = !(ipv6_addr_orchid(&score->ifa->addr) ^
1517 ipv6_addr_orchid(dst->addr));
1518 break;
1519 case IPV6_SADDR_RULE_PREFIX:
1520 /* Rule 8: Use longest matching prefix */
1521 ret = ipv6_addr_diff(&score->ifa->addr, dst->addr);
1522 if (ret > score->ifa->prefix_len)
1523 ret = score->ifa->prefix_len;
1524 score->matchlen = ret;
1525 break;
1526 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
1527 case IPV6_SADDR_RULE_NOT_OPTIMISTIC:
1528 /* Optimistic addresses still have lower precedence than other
1529 * preferred addresses.
1530 */
1531 ret = !(score->ifa->flags & IFA_F_OPTIMISTIC);
1532 break;
1533 #endif
1534 default:
1535 ret = 0;
1536 }
1537
1538 if (ret)
1539 __set_bit(i, score->scorebits);
1540 score->rule = i;
1541 out:
1542 return ret;
1543 }
1544
1545 static int __ipv6_dev_get_saddr(struct net *net,
1546 struct ipv6_saddr_dst *dst,
1547 struct inet6_dev *idev,
1548 struct ipv6_saddr_score *scores,
1549 int hiscore_idx)
1550 {
1551 struct ipv6_saddr_score *score = &scores[1 - hiscore_idx], *hiscore = &scores[hiscore_idx];
1552
1553 read_lock_bh(&idev->lock);
1554 list_for_each_entry(score->ifa, &idev->addr_list, if_list) {
1555 int i;
1556
1557 /*
1558 * - Tentative Address (RFC2462 section 5.4)
1559 * - A tentative address is not considered
1560 * "assigned to an interface" in the traditional
1561 * sense, unless it is also flagged as optimistic.
1562 * - Candidate Source Address (section 4)
1563 * - In any case, anycast addresses, multicast
1564 * addresses, and the unspecified address MUST
1565 * NOT be included in a candidate set.
1566 */
1567 if ((score->ifa->flags & IFA_F_TENTATIVE) &&
1568 (!(score->ifa->flags & IFA_F_OPTIMISTIC)))
1569 continue;
1570
1571 score->addr_type = __ipv6_addr_type(&score->ifa->addr);
1572
1573 if (unlikely(score->addr_type == IPV6_ADDR_ANY ||
1574 score->addr_type & IPV6_ADDR_MULTICAST)) {
1575 net_dbg_ratelimited("ADDRCONF: unspecified / multicast address assigned as unicast address on %s",
1576 idev->dev->name);
1577 continue;
1578 }
1579
1580 score->rule = -1;
1581 bitmap_zero(score->scorebits, IPV6_SADDR_RULE_MAX);
1582
1583 for (i = 0; i < IPV6_SADDR_RULE_MAX; i++) {
1584 int minihiscore, miniscore;
1585
1586 minihiscore = ipv6_get_saddr_eval(net, hiscore, dst, i);
1587 miniscore = ipv6_get_saddr_eval(net, score, dst, i);
1588
1589 if (minihiscore > miniscore) {
1590 if (i == IPV6_SADDR_RULE_SCOPE &&
1591 score->scopedist > 0) {
1592 /*
1593 * special case:
1594 * each remaining entry
1595 * has too small (not enough)
1596 * scope, because ifa entries
1597 * are sorted by their scope
1598 * values.
1599 */
1600 goto out;
1601 }
1602 break;
1603 } else if (minihiscore < miniscore) {
1604 if (hiscore->ifa)
1605 in6_ifa_put(hiscore->ifa);
1606
1607 in6_ifa_hold(score->ifa);
1608
1609 swap(hiscore, score);
1610 hiscore_idx = 1 - hiscore_idx;
1611
1612 /* restore our iterator */
1613 score->ifa = hiscore->ifa;
1614
1615 break;
1616 }
1617 }
1618 }
1619 out:
1620 read_unlock_bh(&idev->lock);
1621 return hiscore_idx;
1622 }
1623
1624 static int ipv6_get_saddr_master(struct net *net,
1625 const struct net_device *dst_dev,
1626 const struct net_device *master,
1627 struct ipv6_saddr_dst *dst,
1628 struct ipv6_saddr_score *scores,
1629 int hiscore_idx)
1630 {
1631 struct inet6_dev *idev;
1632
1633 idev = __in6_dev_get(dst_dev);
1634 if (idev)
1635 hiscore_idx = __ipv6_dev_get_saddr(net, dst, idev,
1636 scores, hiscore_idx);
1637
1638 idev = __in6_dev_get(master);
1639 if (idev)
1640 hiscore_idx = __ipv6_dev_get_saddr(net, dst, idev,
1641 scores, hiscore_idx);
1642
1643 return hiscore_idx;
1644 }
1645
1646 int ipv6_dev_get_saddr(struct net *net, const struct net_device *dst_dev,
1647 const struct in6_addr *daddr, unsigned int prefs,
1648 struct in6_addr *saddr)
1649 {
1650 struct ipv6_saddr_score scores[2], *hiscore;
1651 struct ipv6_saddr_dst dst;
1652 struct inet6_dev *idev;
1653 struct net_device *dev;
1654 int dst_type;
1655 bool use_oif_addr = false;
1656 int hiscore_idx = 0;
1657
1658 dst_type = __ipv6_addr_type(daddr);
1659 dst.addr = daddr;
1660 dst.ifindex = dst_dev ? dst_dev->ifindex : 0;
1661 dst.scope = __ipv6_addr_src_scope(dst_type);
1662 dst.label = ipv6_addr_label(net, daddr, dst_type, dst.ifindex);
1663 dst.prefs = prefs;
1664
1665 scores[hiscore_idx].rule = -1;
1666 scores[hiscore_idx].ifa = NULL;
1667
1668 rcu_read_lock();
1669
1670 /* Candidate Source Address (section 4)
1671 * - multicast and link-local destination address,
1672 * the set of candidate source address MUST only
1673 * include addresses assigned to interfaces
1674 * belonging to the same link as the outgoing
1675 * interface.
1676 * (- For site-local destination addresses, the
1677 * set of candidate source addresses MUST only
1678 * include addresses assigned to interfaces
1679 * belonging to the same site as the outgoing
1680 * interface.)
1681 * - "It is RECOMMENDED that the candidate source addresses
1682 * be the set of unicast addresses assigned to the
1683 * interface that will be used to send to the destination
1684 * (the 'outgoing' interface)." (RFC 6724)
1685 */
1686 if (dst_dev) {
1687 idev = __in6_dev_get(dst_dev);
1688 if ((dst_type & IPV6_ADDR_MULTICAST) ||
1689 dst.scope <= IPV6_ADDR_SCOPE_LINKLOCAL ||
1690 (idev && idev->cnf.use_oif_addrs_only)) {
1691 use_oif_addr = true;
1692 }
1693 }
1694
1695 if (use_oif_addr) {
1696 if (idev)
1697 hiscore_idx = __ipv6_dev_get_saddr(net, &dst, idev, scores, hiscore_idx);
1698 } else {
1699 const struct net_device *master;
1700 int master_idx = 0;
1701
1702 /* if dst_dev exists and is enslaved to an L3 device, then
1703 * prefer addresses from dst_dev and then the master over
1704 * any other enslaved devices in the L3 domain.
1705 */
1706 master = l3mdev_master_dev_rcu(dst_dev);
1707 if (master) {
1708 master_idx = master->ifindex;
1709
1710 hiscore_idx = ipv6_get_saddr_master(net, dst_dev,
1711 master, &dst,
1712 scores, hiscore_idx);
1713
1714 if (scores[hiscore_idx].ifa)
1715 goto out;
1716 }
1717
1718 for_each_netdev_rcu(net, dev) {
1719 /* only consider addresses on devices in the
1720 * same L3 domain
1721 */
1722 if (l3mdev_master_ifindex_rcu(dev) != master_idx)
1723 continue;
1724 idev = __in6_dev_get(dev);
1725 if (!idev)
1726 continue;
1727 hiscore_idx = __ipv6_dev_get_saddr(net, &dst, idev, scores, hiscore_idx);
1728 }
1729 }
1730
1731 out:
1732 rcu_read_unlock();
1733
1734 hiscore = &scores[hiscore_idx];
1735 if (!hiscore->ifa)
1736 return -EADDRNOTAVAIL;
1737
1738 *saddr = hiscore->ifa->addr;
1739 in6_ifa_put(hiscore->ifa);
1740 return 0;
1741 }
1742 EXPORT_SYMBOL(ipv6_dev_get_saddr);
1743
1744 int __ipv6_get_lladdr(struct inet6_dev *idev, struct in6_addr *addr,
1745 u32 banned_flags)
1746 {
1747 struct inet6_ifaddr *ifp;
1748 int err = -EADDRNOTAVAIL;
1749
1750 list_for_each_entry_reverse(ifp, &idev->addr_list, if_list) {
1751 if (ifp->scope > IFA_LINK)
1752 break;
1753 if (ifp->scope == IFA_LINK &&
1754 !(ifp->flags & banned_flags)) {
1755 *addr = ifp->addr;
1756 err = 0;
1757 break;
1758 }
1759 }
1760 return err;
1761 }
1762
1763 int ipv6_get_lladdr(struct net_device *dev, struct in6_addr *addr,
1764 u32 banned_flags)
1765 {
1766 struct inet6_dev *idev;
1767 int err = -EADDRNOTAVAIL;
1768
1769 rcu_read_lock();
1770 idev = __in6_dev_get(dev);
1771 if (idev) {
1772 read_lock_bh(&idev->lock);
1773 err = __ipv6_get_lladdr(idev, addr, banned_flags);
1774 read_unlock_bh(&idev->lock);
1775 }
1776 rcu_read_unlock();
1777 return err;
1778 }
1779
1780 static int ipv6_count_addresses(struct inet6_dev *idev)
1781 {
1782 int cnt = 0;
1783 struct inet6_ifaddr *ifp;
1784
1785 read_lock_bh(&idev->lock);
1786 list_for_each_entry(ifp, &idev->addr_list, if_list)
1787 cnt++;
1788 read_unlock_bh(&idev->lock);
1789 return cnt;
1790 }
1791
1792 int ipv6_chk_addr(struct net *net, const struct in6_addr *addr,
1793 const struct net_device *dev, int strict)
1794 {
1795 return ipv6_chk_addr_and_flags(net, addr, dev, strict, IFA_F_TENTATIVE);
1796 }
1797 EXPORT_SYMBOL(ipv6_chk_addr);
1798
1799 int ipv6_chk_addr_and_flags(struct net *net, const struct in6_addr *addr,
1800 const struct net_device *dev, int strict,
1801 u32 banned_flags)
1802 {
1803 struct inet6_ifaddr *ifp;
1804 unsigned int hash = inet6_addr_hash(addr);
1805 u32 ifp_flags;
1806
1807 rcu_read_lock_bh();
1808 hlist_for_each_entry_rcu(ifp, &inet6_addr_lst[hash], addr_lst) {
1809 if (!net_eq(dev_net(ifp->idev->dev), net))
1810 continue;
1811 /* Decouple optimistic from tentative for evaluation here.
1812 * Ban optimistic addresses explicitly, when required.
1813 */
1814 ifp_flags = (ifp->flags&IFA_F_OPTIMISTIC)
1815 ? (ifp->flags&~IFA_F_TENTATIVE)
1816 : ifp->flags;
1817 if (ipv6_addr_equal(&ifp->addr, addr) &&
1818 !(ifp_flags&banned_flags) &&
1819 (!dev || ifp->idev->dev == dev ||
1820 !(ifp->scope&(IFA_LINK|IFA_HOST) || strict))) {
1821 rcu_read_unlock_bh();
1822 return 1;
1823 }
1824 }
1825
1826 rcu_read_unlock_bh();
1827 return 0;
1828 }
1829 EXPORT_SYMBOL(ipv6_chk_addr_and_flags);
1830
1831 static bool ipv6_chk_same_addr(struct net *net, const struct in6_addr *addr,
1832 struct net_device *dev)
1833 {
1834 unsigned int hash = inet6_addr_hash(addr);
1835 struct inet6_ifaddr *ifp;
1836
1837 hlist_for_each_entry(ifp, &inet6_addr_lst[hash], addr_lst) {
1838 if (!net_eq(dev_net(ifp->idev->dev), net))
1839 continue;
1840 if (ipv6_addr_equal(&ifp->addr, addr)) {
1841 if (!dev || ifp->idev->dev == dev)
1842 return true;
1843 }
1844 }
1845 return false;
1846 }
1847
1848 /* Compares an address/prefix_len with addresses on device @dev.
1849 * If one is found it returns true.
1850 */
1851 bool ipv6_chk_custom_prefix(const struct in6_addr *addr,
1852 const unsigned int prefix_len, struct net_device *dev)
1853 {
1854 struct inet6_dev *idev;
1855 struct inet6_ifaddr *ifa;
1856 bool ret = false;
1857
1858 rcu_read_lock();
1859 idev = __in6_dev_get(dev);
1860 if (idev) {
1861 read_lock_bh(&idev->lock);
1862 list_for_each_entry(ifa, &idev->addr_list, if_list) {
1863 ret = ipv6_prefix_equal(addr, &ifa->addr, prefix_len);
1864 if (ret)
1865 break;
1866 }
1867 read_unlock_bh(&idev->lock);
1868 }
1869 rcu_read_unlock();
1870
1871 return ret;
1872 }
1873 EXPORT_SYMBOL(ipv6_chk_custom_prefix);
1874
1875 int ipv6_chk_prefix(const struct in6_addr *addr, struct net_device *dev)
1876 {
1877 struct inet6_dev *idev;
1878 struct inet6_ifaddr *ifa;
1879 int onlink;
1880
1881 onlink = 0;
1882 rcu_read_lock();
1883 idev = __in6_dev_get(dev);
1884 if (idev) {
1885 read_lock_bh(&idev->lock);
1886 list_for_each_entry(ifa, &idev->addr_list, if_list) {
1887 onlink = ipv6_prefix_equal(addr, &ifa->addr,
1888 ifa->prefix_len);
1889 if (onlink)
1890 break;
1891 }
1892 read_unlock_bh(&idev->lock);
1893 }
1894 rcu_read_unlock();
1895 return onlink;
1896 }
1897 EXPORT_SYMBOL(ipv6_chk_prefix);
1898
1899 struct inet6_ifaddr *ipv6_get_ifaddr(struct net *net, const struct in6_addr *addr,
1900 struct net_device *dev, int strict)
1901 {
1902 struct inet6_ifaddr *ifp, *result = NULL;
1903 unsigned int hash = inet6_addr_hash(addr);
1904
1905 rcu_read_lock_bh();
1906 hlist_for_each_entry_rcu_bh(ifp, &inet6_addr_lst[hash], addr_lst) {
1907 if (!net_eq(dev_net(ifp->idev->dev), net))
1908 continue;
1909 if (ipv6_addr_equal(&ifp->addr, addr)) {
1910 if (!dev || ifp->idev->dev == dev ||
1911 !(ifp->scope&(IFA_LINK|IFA_HOST) || strict)) {
1912 result = ifp;
1913 in6_ifa_hold(ifp);
1914 break;
1915 }
1916 }
1917 }
1918 rcu_read_unlock_bh();
1919
1920 return result;
1921 }
1922
1923 /* Gets referenced address, destroys ifaddr */
1924
1925 static void addrconf_dad_stop(struct inet6_ifaddr *ifp, int dad_failed)
1926 {
1927 if (dad_failed)
1928 ifp->flags |= IFA_F_DADFAILED;
1929
1930 if (ifp->flags&IFA_F_TEMPORARY) {
1931 struct inet6_ifaddr *ifpub;
1932 spin_lock_bh(&ifp->lock);
1933 ifpub = ifp->ifpub;
1934 if (ifpub) {
1935 in6_ifa_hold(ifpub);
1936 spin_unlock_bh(&ifp->lock);
1937 ipv6_create_tempaddr(ifpub, ifp);
1938 in6_ifa_put(ifpub);
1939 } else {
1940 spin_unlock_bh(&ifp->lock);
1941 }
1942 ipv6_del_addr(ifp);
1943 } else if (ifp->flags&IFA_F_PERMANENT || !dad_failed) {
1944 spin_lock_bh(&ifp->lock);
1945 addrconf_del_dad_work(ifp);
1946 ifp->flags |= IFA_F_TENTATIVE;
1947 spin_unlock_bh(&ifp->lock);
1948 if (dad_failed)
1949 ipv6_ifa_notify(0, ifp);
1950 in6_ifa_put(ifp);
1951 } else {
1952 ipv6_del_addr(ifp);
1953 }
1954 }
1955
1956 static int addrconf_dad_end(struct inet6_ifaddr *ifp)
1957 {
1958 int err = -ENOENT;
1959
1960 spin_lock_bh(&ifp->lock);
1961 if (ifp->state == INET6_IFADDR_STATE_DAD) {
1962 ifp->state = INET6_IFADDR_STATE_POSTDAD;
1963 err = 0;
1964 }
1965 spin_unlock_bh(&ifp->lock);
1966
1967 return err;
1968 }
1969
1970 void addrconf_dad_failure(struct inet6_ifaddr *ifp)
1971 {
1972 struct inet6_dev *idev = ifp->idev;
1973 struct net *net = dev_net(ifp->idev->dev);
1974
1975 if (addrconf_dad_end(ifp)) {
1976 in6_ifa_put(ifp);
1977 return;
1978 }
1979
1980 net_info_ratelimited("%s: IPv6 duplicate address %pI6c detected!\n",
1981 ifp->idev->dev->name, &ifp->addr);
1982
1983 spin_lock_bh(&ifp->lock);
1984
1985 if (ifp->flags & IFA_F_STABLE_PRIVACY) {
1986 int scope = ifp->scope;
1987 u32 flags = ifp->flags;
1988 struct in6_addr new_addr;
1989 struct inet6_ifaddr *ifp2;
1990 u32 valid_lft, preferred_lft;
1991 int pfxlen = ifp->prefix_len;
1992 int retries = ifp->stable_privacy_retry + 1;
1993
1994 if (retries > net->ipv6.sysctl.idgen_retries) {
1995 net_info_ratelimited("%s: privacy stable address generation failed because of DAD conflicts!\n",
1996 ifp->idev->dev->name);
1997 goto errdad;
1998 }
1999
2000 new_addr = ifp->addr;
2001 if (ipv6_generate_stable_address(&new_addr, retries,
2002 idev))
2003 goto errdad;
2004
2005 valid_lft = ifp->valid_lft;
2006 preferred_lft = ifp->prefered_lft;
2007
2008 spin_unlock_bh(&ifp->lock);
2009
2010 if (idev->cnf.max_addresses &&
2011 ipv6_count_addresses(idev) >=
2012 idev->cnf.max_addresses)
2013 goto lock_errdad;
2014
2015 net_info_ratelimited("%s: generating new stable privacy address because of DAD conflict\n",
2016 ifp->idev->dev->name);
2017
2018 ifp2 = ipv6_add_addr(idev, &new_addr, NULL, pfxlen,
2019 scope, flags, valid_lft,
2020 preferred_lft);
2021 if (IS_ERR(ifp2))
2022 goto lock_errdad;
2023
2024 spin_lock_bh(&ifp2->lock);
2025 ifp2->stable_privacy_retry = retries;
2026 ifp2->state = INET6_IFADDR_STATE_PREDAD;
2027 spin_unlock_bh(&ifp2->lock);
2028
2029 addrconf_mod_dad_work(ifp2, net->ipv6.sysctl.idgen_delay);
2030 in6_ifa_put(ifp2);
2031 lock_errdad:
2032 spin_lock_bh(&ifp->lock);
2033 }
2034
2035 errdad:
2036 /* transition from _POSTDAD to _ERRDAD */
2037 ifp->state = INET6_IFADDR_STATE_ERRDAD;
2038 spin_unlock_bh(&ifp->lock);
2039
2040 addrconf_mod_dad_work(ifp, 0);
2041 in6_ifa_put(ifp);
2042 }
2043
2044 /* Join to solicited addr multicast group.
2045 * caller must hold RTNL */
2046 void addrconf_join_solict(struct net_device *dev, const struct in6_addr *addr)
2047 {
2048 struct in6_addr maddr;
2049
2050 if (dev->flags&(IFF_LOOPBACK|IFF_NOARP))
2051 return;
2052
2053 addrconf_addr_solict_mult(addr, &maddr);
2054 ipv6_dev_mc_inc(dev, &maddr);
2055 }
2056
2057 /* caller must hold RTNL */
2058 void addrconf_leave_solict(struct inet6_dev *idev, const struct in6_addr *addr)
2059 {
2060 struct in6_addr maddr;
2061
2062 if (idev->dev->flags&(IFF_LOOPBACK|IFF_NOARP))
2063 return;
2064
2065 addrconf_addr_solict_mult(addr, &maddr);
2066 __ipv6_dev_mc_dec(idev, &maddr);
2067 }
2068
2069 /* caller must hold RTNL */
2070 static void addrconf_join_anycast(struct inet6_ifaddr *ifp)
2071 {
2072 struct in6_addr addr;
2073
2074 if (ifp->prefix_len >= 127) /* RFC 6164 */
2075 return;
2076 ipv6_addr_prefix(&addr, &ifp->addr, ifp->prefix_len);
2077 if (ipv6_addr_any(&addr))
2078 return;
2079 __ipv6_dev_ac_inc(ifp->idev, &addr);
2080 }
2081
2082 /* caller must hold RTNL */
2083 static void addrconf_leave_anycast(struct inet6_ifaddr *ifp)
2084 {
2085 struct in6_addr addr;
2086
2087 if (ifp->prefix_len >= 127) /* RFC 6164 */
2088 return;
2089 ipv6_addr_prefix(&addr, &ifp->addr, ifp->prefix_len);
2090 if (ipv6_addr_any(&addr))
2091 return;
2092 __ipv6_dev_ac_dec(ifp->idev, &addr);
2093 }
2094
2095 static int addrconf_ifid_6lowpan(u8 *eui, struct net_device *dev)
2096 {
2097 switch (dev->addr_len) {
2098 case ETH_ALEN:
2099 memcpy(eui, dev->dev_addr, 3);
2100 eui[3] = 0xFF;
2101 eui[4] = 0xFE;
2102 memcpy(eui + 5, dev->dev_addr + 3, 3);
2103 break;
2104 case EUI64_ADDR_LEN:
2105 memcpy(eui, dev->dev_addr, EUI64_ADDR_LEN);
2106 eui[0] ^= 2;
2107 break;
2108 default:
2109 return -1;
2110 }
2111
2112 return 0;
2113 }
2114
2115 static int addrconf_ifid_ieee1394(u8 *eui, struct net_device *dev)
2116 {
2117 union fwnet_hwaddr *ha;
2118
2119 if (dev->addr_len != FWNET_ALEN)
2120 return -1;
2121
2122 ha = (union fwnet_hwaddr *)dev->dev_addr;
2123
2124 memcpy(eui, &ha->uc.uniq_id, sizeof(ha->uc.uniq_id));
2125 eui[0] ^= 2;
2126 return 0;
2127 }
2128
2129 static int addrconf_ifid_arcnet(u8 *eui, struct net_device *dev)
2130 {
2131 /* XXX: inherit EUI-64 from other interface -- yoshfuji */
2132 if (dev->addr_len != ARCNET_ALEN)
2133 return -1;
2134 memset(eui, 0, 7);
2135 eui[7] = *(u8 *)dev->dev_addr;
2136 return 0;
2137 }
2138
2139 static int addrconf_ifid_infiniband(u8 *eui, struct net_device *dev)
2140 {
2141 if (dev->addr_len != INFINIBAND_ALEN)
2142 return -1;
2143 memcpy(eui, dev->dev_addr + 12, 8);
2144 eui[0] |= 2;
2145 return 0;
2146 }
2147
2148 static int __ipv6_isatap_ifid(u8 *eui, __be32 addr)
2149 {
2150 if (addr == 0)
2151 return -1;
2152 eui[0] = (ipv4_is_zeronet(addr) || ipv4_is_private_10(addr) ||
2153 ipv4_is_loopback(addr) || ipv4_is_linklocal_169(addr) ||
2154 ipv4_is_private_172(addr) || ipv4_is_test_192(addr) ||
2155 ipv4_is_anycast_6to4(addr) || ipv4_is_private_192(addr) ||
2156 ipv4_is_test_198(addr) || ipv4_is_multicast(addr) ||
2157 ipv4_is_lbcast(addr)) ? 0x00 : 0x02;
2158 eui[1] = 0;
2159 eui[2] = 0x5E;
2160 eui[3] = 0xFE;
2161 memcpy(eui + 4, &addr, 4);
2162 return 0;
2163 }
2164
2165 static int addrconf_ifid_sit(u8 *eui, struct net_device *dev)
2166 {
2167 if (dev->priv_flags & IFF_ISATAP)
2168 return __ipv6_isatap_ifid(eui, *(__be32 *)dev->dev_addr);
2169 return -1;
2170 }
2171
2172 static int addrconf_ifid_gre(u8 *eui, struct net_device *dev)
2173 {
2174 return __ipv6_isatap_ifid(eui, *(__be32 *)dev->dev_addr);
2175 }
2176
2177 static int addrconf_ifid_ip6tnl(u8 *eui, struct net_device *dev)
2178 {
2179 memcpy(eui, dev->perm_addr, 3);
2180 memcpy(eui + 5, dev->perm_addr + 3, 3);
2181 eui[3] = 0xFF;
2182 eui[4] = 0xFE;
2183 eui[0] ^= 2;
2184 return 0;
2185 }
2186
2187 static int ipv6_generate_eui64(u8 *eui, struct net_device *dev)
2188 {
2189 switch (dev->type) {
2190 case ARPHRD_ETHER:
2191 case ARPHRD_FDDI:
2192 return addrconf_ifid_eui48(eui, dev);
2193 case ARPHRD_ARCNET:
2194 return addrconf_ifid_arcnet(eui, dev);
2195 case ARPHRD_INFINIBAND:
2196 return addrconf_ifid_infiniband(eui, dev);
2197 case ARPHRD_SIT:
2198 return addrconf_ifid_sit(eui, dev);
2199 case ARPHRD_IPGRE:
2200 case ARPHRD_TUNNEL:
2201 return addrconf_ifid_gre(eui, dev);
2202 case ARPHRD_6LOWPAN:
2203 return addrconf_ifid_6lowpan(eui, dev);
2204 case ARPHRD_IEEE1394:
2205 return addrconf_ifid_ieee1394(eui, dev);
2206 case ARPHRD_TUNNEL6:
2207 case ARPHRD_IP6GRE:
2208 return addrconf_ifid_ip6tnl(eui, dev);
2209 }
2210 return -1;
2211 }
2212
2213 static int ipv6_inherit_eui64(u8 *eui, struct inet6_dev *idev)
2214 {
2215 int err = -1;
2216 struct inet6_ifaddr *ifp;
2217
2218 read_lock_bh(&idev->lock);
2219 list_for_each_entry_reverse(ifp, &idev->addr_list, if_list) {
2220 if (ifp->scope > IFA_LINK)
2221 break;
2222 if (ifp->scope == IFA_LINK && !(ifp->flags&IFA_F_TENTATIVE)) {
2223 memcpy(eui, ifp->addr.s6_addr+8, 8);
2224 err = 0;
2225 break;
2226 }
2227 }
2228 read_unlock_bh(&idev->lock);
2229 return err;
2230 }
2231
2232 /* (re)generation of randomized interface identifier (RFC 3041 3.2, 3.5) */
2233 static void ipv6_regen_rndid(struct inet6_dev *idev)
2234 {
2235 regen:
2236 get_random_bytes(idev->rndid, sizeof(idev->rndid));
2237 idev->rndid[0] &= ~0x02;
2238
2239 /*
2240 * <draft-ietf-ipngwg-temp-addresses-v2-00.txt>:
2241 * check if generated address is not inappropriate
2242 *
2243 * - Reserved subnet anycast (RFC 2526)
2244 * 11111101 11....11 1xxxxxxx
2245 * - ISATAP (RFC4214) 6.1
2246 * 00-00-5E-FE-xx-xx-xx-xx
2247 * - value 0
2248 * - XXX: already assigned to an address on the device
2249 */
2250 if (idev->rndid[0] == 0xfd &&
2251 (idev->rndid[1]&idev->rndid[2]&idev->rndid[3]&idev->rndid[4]&idev->rndid[5]&idev->rndid[6]) == 0xff &&
2252 (idev->rndid[7]&0x80))
2253 goto regen;
2254 if ((idev->rndid[0]|idev->rndid[1]) == 0) {
2255 if (idev->rndid[2] == 0x5e && idev->rndid[3] == 0xfe)
2256 goto regen;
2257 if ((idev->rndid[2]|idev->rndid[3]|idev->rndid[4]|idev->rndid[5]|idev->rndid[6]|idev->rndid[7]) == 0x00)
2258 goto regen;
2259 }
2260 }
2261
2262 static void ipv6_try_regen_rndid(struct inet6_dev *idev, struct in6_addr *tmpaddr)
2263 {
2264 if (tmpaddr && memcmp(idev->rndid, &tmpaddr->s6_addr[8], 8) == 0)
2265 ipv6_regen_rndid(idev);
2266 }
2267
2268 /*
2269 * Add prefix route.
2270 */
2271
2272 static void
2273 addrconf_prefix_route(struct in6_addr *pfx, int plen, struct net_device *dev,
2274 unsigned long expires, u32 flags)
2275 {
2276 struct fib6_config cfg = {
2277 .fc_table = l3mdev_fib_table(dev) ? : RT6_TABLE_PREFIX,
2278 .fc_metric = IP6_RT_PRIO_ADDRCONF,
2279 .fc_ifindex = dev->ifindex,
2280 .fc_expires = expires,
2281 .fc_dst_len = plen,
2282 .fc_flags = RTF_UP | flags,
2283 .fc_nlinfo.nl_net = dev_net(dev),
2284 .fc_protocol = RTPROT_KERNEL,
2285 };
2286
2287 cfg.fc_dst = *pfx;
2288
2289 /* Prevent useless cloning on PtP SIT.
2290 This thing is done here expecting that the whole
2291 class of non-broadcast devices need not cloning.
2292 */
2293 #if IS_ENABLED(CONFIG_IPV6_SIT)
2294 if (dev->type == ARPHRD_SIT && (dev->flags & IFF_POINTOPOINT))
2295 cfg.fc_flags |= RTF_NONEXTHOP;
2296 #endif
2297
2298 ip6_route_add(&cfg, NULL);
2299 }
2300
2301
2302 static struct rt6_info *addrconf_get_prefix_route(const struct in6_addr *pfx,
2303 int plen,
2304 const struct net_device *dev,
2305 u32 flags, u32 noflags)
2306 {
2307 struct fib6_node *fn;
2308 struct rt6_info *rt = NULL;
2309 struct fib6_table *table;
2310 u32 tb_id = l3mdev_fib_table(dev) ? : RT6_TABLE_PREFIX;
2311
2312 table = fib6_get_table(dev_net(dev), tb_id);
2313 if (!table)
2314 return NULL;
2315
2316 read_lock_bh(&table->tb6_lock);
2317 fn = fib6_locate(&table->tb6_root, pfx, plen, NULL, 0);
2318 if (!fn)
2319 goto out;
2320
2321 noflags |= RTF_CACHE;
2322 for (rt = fn->leaf; rt; rt = rt->dst.rt6_next) {
2323 if (rt->dst.dev->ifindex != dev->ifindex)
2324 continue;
2325 if ((rt->rt6i_flags & flags) != flags)
2326 continue;
2327 if ((rt->rt6i_flags & noflags) != 0)
2328 continue;
2329 dst_hold(&rt->dst);
2330 break;
2331 }
2332 out:
2333 read_unlock_bh(&table->tb6_lock);
2334 return rt;
2335 }
2336
2337
2338 /* Create "default" multicast route to the interface */
2339
2340 static void addrconf_add_mroute(struct net_device *dev)
2341 {
2342 struct fib6_config cfg = {
2343 .fc_table = l3mdev_fib_table(dev) ? : RT6_TABLE_LOCAL,
2344 .fc_metric = IP6_RT_PRIO_ADDRCONF,
2345 .fc_ifindex = dev->ifindex,
2346 .fc_dst_len = 8,
2347 .fc_flags = RTF_UP,
2348 .fc_nlinfo.nl_net = dev_net(dev),
2349 };
2350
2351 ipv6_addr_set(&cfg.fc_dst, htonl(0xFF000000), 0, 0, 0);
2352
2353 ip6_route_add(&cfg, NULL);
2354 }
2355
2356 static struct inet6_dev *addrconf_add_dev(struct net_device *dev)
2357 {
2358 struct inet6_dev *idev;
2359
2360 ASSERT_RTNL();
2361
2362 idev = ipv6_find_idev(dev);
2363 if (!idev)
2364 return ERR_PTR(-ENOBUFS);
2365
2366 if (idev->cnf.disable_ipv6)
2367 return ERR_PTR(-EACCES);
2368
2369 /* Add default multicast route */
2370 if (!(dev->flags & IFF_LOOPBACK) && !netif_is_l3_master(dev))
2371 addrconf_add_mroute(dev);
2372
2373 return idev;
2374 }
2375
2376 static void manage_tempaddrs(struct inet6_dev *idev,
2377 struct inet6_ifaddr *ifp,
2378 __u32 valid_lft, __u32 prefered_lft,
2379 bool create, unsigned long now)
2380 {
2381 u32 flags;
2382 struct inet6_ifaddr *ift;
2383
2384 read_lock_bh(&idev->lock);
2385 /* update all temporary addresses in the list */
2386 list_for_each_entry(ift, &idev->tempaddr_list, tmp_list) {
2387 int age, max_valid, max_prefered;
2388
2389 if (ifp != ift->ifpub)
2390 continue;
2391
2392 /* RFC 4941 section 3.3:
2393 * If a received option will extend the lifetime of a public
2394 * address, the lifetimes of temporary addresses should
2395 * be extended, subject to the overall constraint that no
2396 * temporary addresses should ever remain "valid" or "preferred"
2397 * for a time longer than (TEMP_VALID_LIFETIME) or
2398 * (TEMP_PREFERRED_LIFETIME - DESYNC_FACTOR), respectively.
2399 */
2400 age = (now - ift->cstamp) / HZ;
2401 max_valid = idev->cnf.temp_valid_lft - age;
2402 if (max_valid < 0)
2403 max_valid = 0;
2404
2405 max_prefered = idev->cnf.temp_prefered_lft -
2406 idev->desync_factor - age;
2407 if (max_prefered < 0)
2408 max_prefered = 0;
2409
2410 if (valid_lft > max_valid)
2411 valid_lft = max_valid;
2412
2413 if (prefered_lft > max_prefered)
2414 prefered_lft = max_prefered;
2415
2416 spin_lock(&ift->lock);
2417 flags = ift->flags;
2418 ift->valid_lft = valid_lft;
2419 ift->prefered_lft = prefered_lft;
2420 ift->tstamp = now;
2421 if (prefered_lft > 0)
2422 ift->flags &= ~IFA_F_DEPRECATED;
2423
2424 spin_unlock(&ift->lock);
2425 if (!(flags&IFA_F_TENTATIVE))
2426 ipv6_ifa_notify(0, ift);
2427 }
2428
2429 if ((create || list_empty(&idev->tempaddr_list)) &&
2430 idev->cnf.use_tempaddr > 0) {
2431 /* When a new public address is created as described
2432 * in [ADDRCONF], also create a new temporary address.
2433 * Also create a temporary address if it's enabled but
2434 * no temporary address currently exists.
2435 */
2436 read_unlock_bh(&idev->lock);
2437 ipv6_create_tempaddr(ifp, NULL);
2438 } else {
2439 read_unlock_bh(&idev->lock);
2440 }
2441 }
2442
2443 static bool is_addr_mode_generate_stable(struct inet6_dev *idev)
2444 {
2445 return idev->cnf.addr_gen_mode == IN6_ADDR_GEN_MODE_STABLE_PRIVACY ||
2446 idev->cnf.addr_gen_mode == IN6_ADDR_GEN_MODE_RANDOM;
2447 }
2448
2449 int addrconf_prefix_rcv_add_addr(struct net *net, struct net_device *dev,
2450 const struct prefix_info *pinfo,
2451 struct inet6_dev *in6_dev,
2452 const struct in6_addr *addr, int addr_type,
2453 u32 addr_flags, bool sllao, bool tokenized,
2454 __u32 valid_lft, u32 prefered_lft)
2455 {
2456 struct inet6_ifaddr *ifp = ipv6_get_ifaddr(net, addr, dev, 1);
2457 int create = 0, update_lft = 0;
2458
2459 if (!ifp && valid_lft) {
2460 int max_addresses = in6_dev->cnf.max_addresses;
2461
2462 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
2463 if (in6_dev->cnf.optimistic_dad &&
2464 !net->ipv6.devconf_all->forwarding && sllao)
2465 addr_flags |= IFA_F_OPTIMISTIC;
2466 #endif
2467
2468 /* Do not allow to create too much of autoconfigured
2469 * addresses; this would be too easy way to crash kernel.
2470 */
2471 if (!max_addresses ||
2472 ipv6_count_addresses(in6_dev) < max_addresses)
2473 ifp = ipv6_add_addr(in6_dev, addr, NULL,
2474 pinfo->prefix_len,
2475 addr_type&IPV6_ADDR_SCOPE_MASK,
2476 addr_flags, valid_lft,
2477 prefered_lft);
2478
2479 if (IS_ERR_OR_NULL(ifp))
2480 return -1;
2481
2482 update_lft = 0;
2483 create = 1;
2484 spin_lock_bh(&ifp->lock);
2485 ifp->flags |= IFA_F_MANAGETEMPADDR;
2486 ifp->cstamp = jiffies;
2487 ifp->tokenized = tokenized;
2488 spin_unlock_bh(&ifp->lock);
2489 addrconf_dad_start(ifp);
2490 }
2491
2492 if (ifp) {
2493 u32 flags;
2494 unsigned long now;
2495 u32 stored_lft;
2496
2497 /* update lifetime (RFC2462 5.5.3 e) */
2498 spin_lock_bh(&ifp->lock);
2499 now = jiffies;
2500 if (ifp->valid_lft > (now - ifp->tstamp) / HZ)
2501 stored_lft = ifp->valid_lft - (now - ifp->tstamp) / HZ;
2502 else
2503 stored_lft = 0;
2504 if (!update_lft && !create && stored_lft) {
2505 const u32 minimum_lft = min_t(u32,
2506 stored_lft, MIN_VALID_LIFETIME);
2507 valid_lft = max(valid_lft, minimum_lft);
2508
2509 /* RFC4862 Section 5.5.3e:
2510 * "Note that the preferred lifetime of the
2511 * corresponding address is always reset to
2512 * the Preferred Lifetime in the received
2513 * Prefix Information option, regardless of
2514 * whether the valid lifetime is also reset or
2515 * ignored."
2516 *
2517 * So we should always update prefered_lft here.
2518 */
2519 update_lft = 1;
2520 }
2521
2522 if (update_lft) {
2523 ifp->valid_lft = valid_lft;
2524 ifp->prefered_lft = prefered_lft;
2525 ifp->tstamp = now;
2526 flags = ifp->flags;
2527 ifp->flags &= ~IFA_F_DEPRECATED;
2528 spin_unlock_bh(&ifp->lock);
2529
2530 if (!(flags&IFA_F_TENTATIVE))
2531 ipv6_ifa_notify(0, ifp);
2532 } else
2533 spin_unlock_bh(&ifp->lock);
2534
2535 manage_tempaddrs(in6_dev, ifp, valid_lft, prefered_lft,
2536 create, now);
2537
2538 in6_ifa_put(ifp);
2539 addrconf_verify();
2540 }
2541
2542 return 0;
2543 }
2544 EXPORT_SYMBOL_GPL(addrconf_prefix_rcv_add_addr);
2545
2546 void addrconf_prefix_rcv(struct net_device *dev, u8 *opt, int len, bool sllao)
2547 {
2548 struct prefix_info *pinfo;
2549 __u32 valid_lft;
2550 __u32 prefered_lft;
2551 int addr_type, err;
2552 u32 addr_flags = 0;
2553 struct inet6_dev *in6_dev;
2554 struct net *net = dev_net(dev);
2555
2556 pinfo = (struct prefix_info *) opt;
2557
2558 if (len < sizeof(struct prefix_info)) {
2559 ADBG("addrconf: prefix option too short\n");
2560 return;
2561 }
2562
2563 /*
2564 * Validation checks ([ADDRCONF], page 19)
2565 */
2566
2567 addr_type = ipv6_addr_type(&pinfo->prefix);
2568
2569 if (addr_type & (IPV6_ADDR_MULTICAST|IPV6_ADDR_LINKLOCAL))
2570 return;
2571
2572 valid_lft = ntohl(pinfo->valid);
2573 prefered_lft = ntohl(pinfo->prefered);
2574
2575 if (prefered_lft > valid_lft) {
2576 net_warn_ratelimited("addrconf: prefix option has invalid lifetime\n");
2577 return;
2578 }
2579
2580 in6_dev = in6_dev_get(dev);
2581
2582 if (!in6_dev) {
2583 net_dbg_ratelimited("addrconf: device %s not configured\n",
2584 dev->name);
2585 return;
2586 }
2587
2588 /*
2589 * Two things going on here:
2590 * 1) Add routes for on-link prefixes
2591 * 2) Configure prefixes with the auto flag set
2592 */
2593
2594 if (pinfo->onlink) {
2595 struct rt6_info *rt;
2596 unsigned long rt_expires;
2597
2598 /* Avoid arithmetic overflow. Really, we could
2599 * save rt_expires in seconds, likely valid_lft,
2600 * but it would require division in fib gc, that it
2601 * not good.
2602 */
2603 if (HZ > USER_HZ)
2604 rt_expires = addrconf_timeout_fixup(valid_lft, HZ);
2605 else
2606 rt_expires = addrconf_timeout_fixup(valid_lft, USER_HZ);
2607
2608 if (addrconf_finite_timeout(rt_expires))
2609 rt_expires *= HZ;
2610
2611 rt = addrconf_get_prefix_route(&pinfo->prefix,
2612 pinfo->prefix_len,
2613 dev,
2614 RTF_ADDRCONF | RTF_PREFIX_RT,
2615 RTF_GATEWAY | RTF_DEFAULT);
2616
2617 if (rt) {
2618 /* Autoconf prefix route */
2619 if (valid_lft == 0) {
2620 ip6_del_rt(rt);
2621 rt = NULL;
2622 } else if (addrconf_finite_timeout(rt_expires)) {
2623 /* not infinity */
2624 rt6_set_expires(rt, jiffies + rt_expires);
2625 } else {
2626 rt6_clean_expires(rt);
2627 }
2628 } else if (valid_lft) {
2629 clock_t expires = 0;
2630 int flags = RTF_ADDRCONF | RTF_PREFIX_RT;
2631 if (addrconf_finite_timeout(rt_expires)) {
2632 /* not infinity */
2633 flags |= RTF_EXPIRES;
2634 expires = jiffies_to_clock_t(rt_expires);
2635 }
2636 addrconf_prefix_route(&pinfo->prefix, pinfo->prefix_len,
2637 dev, expires, flags);
2638 }
2639 ip6_rt_put(rt);
2640 }
2641
2642 /* Try to figure out our local address for this prefix */
2643
2644 if (pinfo->autoconf && in6_dev->cnf.autoconf) {
2645 struct in6_addr addr;
2646 bool tokenized = false, dev_addr_generated = false;
2647
2648 if (pinfo->prefix_len == 64) {
2649 memcpy(&addr, &pinfo->prefix, 8);
2650
2651 if (!ipv6_addr_any(&in6_dev->token)) {
2652 read_lock_bh(&in6_dev->lock);
2653 memcpy(addr.s6_addr + 8,
2654 in6_dev->token.s6_addr + 8, 8);
2655 read_unlock_bh(&in6_dev->lock);
2656 tokenized = true;
2657 } else if (is_addr_mode_generate_stable(in6_dev) &&
2658 !ipv6_generate_stable_address(&addr, 0,
2659 in6_dev)) {
2660 addr_flags |= IFA_F_STABLE_PRIVACY;
2661 goto ok;
2662 } else if (ipv6_generate_eui64(addr.s6_addr + 8, dev) &&
2663 ipv6_inherit_eui64(addr.s6_addr + 8, in6_dev)) {
2664 goto put;
2665 } else {
2666 dev_addr_generated = true;
2667 }
2668 goto ok;
2669 }
2670 net_dbg_ratelimited("IPv6 addrconf: prefix with wrong length %d\n",
2671 pinfo->prefix_len);
2672 goto put;
2673
2674 ok:
2675 err = addrconf_prefix_rcv_add_addr(net, dev, pinfo, in6_dev,
2676 &addr, addr_type,
2677 addr_flags, sllao,
2678 tokenized, valid_lft,
2679 prefered_lft);
2680 if (err)
2681 goto put;
2682
2683 /* Ignore error case here because previous prefix add addr was
2684 * successful which will be notified.
2685 */
2686 ndisc_ops_prefix_rcv_add_addr(net, dev, pinfo, in6_dev, &addr,
2687 addr_type, addr_flags, sllao,
2688 tokenized, valid_lft,
2689 prefered_lft,
2690 dev_addr_generated);
2691 }
2692 inet6_prefix_notify(RTM_NEWPREFIX, in6_dev, pinfo);
2693 put:
2694 in6_dev_put(in6_dev);
2695 }
2696
2697 /*
2698 * Set destination address.
2699 * Special case for SIT interfaces where we create a new "virtual"
2700 * device.
2701 */
2702 int addrconf_set_dstaddr(struct net *net, void __user *arg)
2703 {
2704 struct in6_ifreq ireq;
2705 struct net_device *dev;
2706 int err = -EINVAL;
2707
2708 rtnl_lock();
2709
2710 err = -EFAULT;
2711 if (copy_from_user(&ireq, arg, sizeof(struct in6_ifreq)))
2712 goto err_exit;
2713
2714 dev = __dev_get_by_index(net, ireq.ifr6_ifindex);
2715
2716 err = -ENODEV;
2717 if (!dev)
2718 goto err_exit;
2719
2720 #if IS_ENABLED(CONFIG_IPV6_SIT)
2721 if (dev->type == ARPHRD_SIT) {
2722 const struct net_device_ops *ops = dev->netdev_ops;
2723 struct ifreq ifr;
2724 struct ip_tunnel_parm p;
2725
2726 err = -EADDRNOTAVAIL;
2727 if (!(ipv6_addr_type(&ireq.ifr6_addr) & IPV6_ADDR_COMPATv4))
2728 goto err_exit;
2729
2730 memset(&p, 0, sizeof(p));
2731 p.iph.daddr = ireq.ifr6_addr.s6_addr32[3];
2732 p.iph.saddr = 0;
2733 p.iph.version = 4;
2734 p.iph.ihl = 5;
2735 p.iph.protocol = IPPROTO_IPV6;
2736 p.iph.ttl = 64;
2737 ifr.ifr_ifru.ifru_data = (__force void __user *)&p;
2738
2739 if (ops->ndo_do_ioctl) {
2740 mm_segment_t oldfs = get_fs();
2741
2742 set_fs(KERNEL_DS);
2743 err = ops->ndo_do_ioctl(dev, &ifr, SIOCADDTUNNEL);
2744 set_fs(oldfs);
2745 } else
2746 err = -EOPNOTSUPP;
2747
2748 if (err == 0) {
2749 err = -ENOBUFS;
2750 dev = __dev_get_by_name(net, p.name);
2751 if (!dev)
2752 goto err_exit;
2753 err = dev_open(dev);
2754 }
2755 }
2756 #endif
2757
2758 err_exit:
2759 rtnl_unlock();
2760 return err;
2761 }
2762
2763 static int ipv6_mc_config(struct sock *sk, bool join,
2764 const struct in6_addr *addr, int ifindex)
2765 {
2766 int ret;
2767
2768 ASSERT_RTNL();
2769
2770 lock_sock(sk);
2771 if (join)
2772 ret = ipv6_sock_mc_join(sk, ifindex, addr);
2773 else
2774 ret = ipv6_sock_mc_drop(sk, ifindex, addr);
2775 release_sock(sk);
2776
2777 return ret;
2778 }
2779
2780 /*
2781 * Manual configuration of address on an interface
2782 */
2783 static int inet6_addr_add(struct net *net, int ifindex,
2784 const struct in6_addr *pfx,
2785 const struct in6_addr *peer_pfx,
2786 unsigned int plen, __u32 ifa_flags,
2787 __u32 prefered_lft, __u32 valid_lft)
2788 {
2789 struct inet6_ifaddr *ifp;
2790 struct inet6_dev *idev;
2791 struct net_device *dev;
2792 unsigned long timeout;
2793 clock_t expires;
2794 int scope;
2795 u32 flags;
2796
2797 ASSERT_RTNL();
2798
2799 if (plen > 128)
2800 return -EINVAL;
2801
2802 /* check the lifetime */
2803 if (!valid_lft || prefered_lft > valid_lft)
2804 return -EINVAL;
2805
2806 if (ifa_flags & IFA_F_MANAGETEMPADDR && plen != 64)
2807 return -EINVAL;
2808
2809 dev = __dev_get_by_index(net, ifindex);
2810 if (!dev)
2811 return -ENODEV;
2812
2813 idev = addrconf_add_dev(dev);
2814 if (IS_ERR(idev))
2815 return PTR_ERR(idev);
2816
2817 if (ifa_flags & IFA_F_MCAUTOJOIN) {
2818 int ret = ipv6_mc_config(net->ipv6.mc_autojoin_sk,
2819 true, pfx, ifindex);
2820
2821 if (ret < 0)
2822 return ret;
2823 }
2824
2825 scope = ipv6_addr_scope(pfx);
2826
2827 timeout = addrconf_timeout_fixup(valid_lft, HZ);
2828 if (addrconf_finite_timeout(timeout)) {
2829 expires = jiffies_to_clock_t(timeout * HZ);
2830 valid_lft = timeout;
2831 flags = RTF_EXPIRES;
2832 } else {
2833 expires = 0;
2834 flags = 0;
2835 ifa_flags |= IFA_F_PERMANENT;
2836 }
2837
2838 timeout = addrconf_timeout_fixup(prefered_lft, HZ);
2839 if (addrconf_finite_timeout(timeout)) {
2840 if (timeout == 0)
2841 ifa_flags |= IFA_F_DEPRECATED;
2842 prefered_lft = timeout;
2843 }
2844
2845 ifp = ipv6_add_addr(idev, pfx, peer_pfx, plen, scope, ifa_flags,
2846 valid_lft, prefered_lft);
2847
2848 if (!IS_ERR(ifp)) {
2849 if (!(ifa_flags & IFA_F_NOPREFIXROUTE)) {
2850 addrconf_prefix_route(&ifp->addr, ifp->prefix_len, dev,
2851 expires, flags);
2852 }
2853
2854 /*
2855 * Note that section 3.1 of RFC 4429 indicates
2856 * that the Optimistic flag should not be set for
2857 * manually configured addresses
2858 */
2859 addrconf_dad_start(ifp);
2860 if (ifa_flags & IFA_F_MANAGETEMPADDR)
2861 manage_tempaddrs(idev, ifp, valid_lft, prefered_lft,
2862 true, jiffies);
2863 in6_ifa_put(ifp);
2864 addrconf_verify_rtnl();
2865 return 0;
2866 } else if (ifa_flags & IFA_F_MCAUTOJOIN) {
2867 ipv6_mc_config(net->ipv6.mc_autojoin_sk,
2868 false, pfx, ifindex);
2869 }
2870
2871 return PTR_ERR(ifp);
2872 }
2873
2874 static int inet6_addr_del(struct net *net, int ifindex, u32 ifa_flags,
2875 const struct in6_addr *pfx, unsigned int plen)
2876 {
2877 struct inet6_ifaddr *ifp;
2878 struct inet6_dev *idev;
2879 struct net_device *dev;
2880
2881 if (plen > 128)
2882 return -EINVAL;
2883
2884 dev = __dev_get_by_index(net, ifindex);
2885 if (!dev)
2886 return -ENODEV;
2887
2888 idev = __in6_dev_get(dev);
2889 if (!idev)
2890 return -ENXIO;
2891
2892 read_lock_bh(&idev->lock);
2893 list_for_each_entry(ifp, &idev->addr_list, if_list) {
2894 if (ifp->prefix_len == plen &&
2895 ipv6_addr_equal(pfx, &ifp->addr)) {
2896 in6_ifa_hold(ifp);
2897 read_unlock_bh(&idev->lock);
2898
2899 if (!(ifp->flags & IFA_F_TEMPORARY) &&
2900 (ifa_flags & IFA_F_MANAGETEMPADDR))
2901 manage_tempaddrs(idev, ifp, 0, 0, false,
2902 jiffies);
2903 ipv6_del_addr(ifp);
2904 addrconf_verify_rtnl();
2905 if (ipv6_addr_is_multicast(pfx)) {
2906 ipv6_mc_config(net->ipv6.mc_autojoin_sk,
2907 false, pfx, dev->ifindex);
2908 }
2909 return 0;
2910 }
2911 }
2912 read_unlock_bh(&idev->lock);
2913 return -EADDRNOTAVAIL;
2914 }
2915
2916
2917 int addrconf_add_ifaddr(struct net *net, void __user *arg)
2918 {
2919 struct in6_ifreq ireq;
2920 int err;
2921
2922 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
2923 return -EPERM;
2924
2925 if (copy_from_user(&ireq, arg, sizeof(struct in6_ifreq)))
2926 return -EFAULT;
2927
2928 rtnl_lock();
2929 err = inet6_addr_add(net, ireq.ifr6_ifindex, &ireq.ifr6_addr, NULL,
2930 ireq.ifr6_prefixlen, IFA_F_PERMANENT,
2931 INFINITY_LIFE_TIME, INFINITY_LIFE_TIME);
2932 rtnl_unlock();
2933 return err;
2934 }
2935
2936 int addrconf_del_ifaddr(struct net *net, void __user *arg)
2937 {
2938 struct in6_ifreq ireq;
2939 int err;
2940
2941 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
2942 return -EPERM;
2943
2944 if (copy_from_user(&ireq, arg, sizeof(struct in6_ifreq)))
2945 return -EFAULT;
2946
2947 rtnl_lock();
2948 err = inet6_addr_del(net, ireq.ifr6_ifindex, 0, &ireq.ifr6_addr,
2949 ireq.ifr6_prefixlen);
2950 rtnl_unlock();
2951 return err;
2952 }
2953
2954 static void add_addr(struct inet6_dev *idev, const struct in6_addr *addr,
2955 int plen, int scope)
2956 {
2957 struct inet6_ifaddr *ifp;
2958
2959 ifp = ipv6_add_addr(idev, addr, NULL, plen,
2960 scope, IFA_F_PERMANENT,
2961 INFINITY_LIFE_TIME, INFINITY_LIFE_TIME);
2962 if (!IS_ERR(ifp)) {
2963 spin_lock_bh(&ifp->lock);
2964 ifp->flags &= ~IFA_F_TENTATIVE;
2965 spin_unlock_bh(&ifp->lock);
2966 rt_genid_bump_ipv6(dev_net(idev->dev));
2967 ipv6_ifa_notify(RTM_NEWADDR, ifp);
2968 in6_ifa_put(ifp);
2969 }
2970 }
2971
2972 #if IS_ENABLED(CONFIG_IPV6_SIT)
2973 static void sit_add_v4_addrs(struct inet6_dev *idev)
2974 {
2975 struct in6_addr addr;
2976 struct net_device *dev;
2977 struct net *net = dev_net(idev->dev);
2978 int scope, plen;
2979 u32 pflags = 0;
2980
2981 ASSERT_RTNL();
2982
2983 memset(&addr, 0, sizeof(struct in6_addr));
2984 memcpy(&addr.s6_addr32[3], idev->dev->dev_addr, 4);
2985
2986 if (idev->dev->flags&IFF_POINTOPOINT) {
2987 addr.s6_addr32[0] = htonl(0xfe800000);
2988 scope = IFA_LINK;
2989 plen = 64;
2990 } else {
2991 scope = IPV6_ADDR_COMPATv4;
2992 plen = 96;
2993 pflags |= RTF_NONEXTHOP;
2994 }
2995
2996 if (addr.s6_addr32[3]) {
2997 add_addr(idev, &addr, plen, scope);
2998 addrconf_prefix_route(&addr, plen, idev->dev, 0, pflags);
2999 return;
3000 }
3001
3002 for_each_netdev(net, dev) {
3003 struct in_device *in_dev = __in_dev_get_rtnl(dev);
3004 if (in_dev && (dev->flags & IFF_UP)) {
3005 struct in_ifaddr *ifa;
3006
3007 int flag = scope;
3008
3009 for (ifa = in_dev->ifa_list; ifa; ifa = ifa->ifa_next) {
3010
3011 addr.s6_addr32[3] = ifa->ifa_local;
3012
3013 if (ifa->ifa_scope == RT_SCOPE_LINK)
3014 continue;
3015 if (ifa->ifa_scope >= RT_SCOPE_HOST) {
3016 if (idev->dev->flags&IFF_POINTOPOINT)
3017 continue;
3018 flag |= IFA_HOST;
3019 }
3020
3021 add_addr(idev, &addr, plen, flag);
3022 addrconf_prefix_route(&addr, plen, idev->dev, 0,
3023 pflags);
3024 }
3025 }
3026 }
3027 }
3028 #endif
3029
3030 static void init_loopback(struct net_device *dev)
3031 {
3032 struct inet6_dev *idev;
3033 struct net_device *sp_dev;
3034 struct inet6_ifaddr *sp_ifa;
3035 struct rt6_info *sp_rt;
3036
3037 /* ::1 */
3038
3039 ASSERT_RTNL();
3040
3041 idev = ipv6_find_idev(dev);
3042 if (!idev) {
3043 pr_debug("%s: add_dev failed\n", __func__);
3044 return;
3045 }
3046
3047 add_addr(idev, &in6addr_loopback, 128, IFA_HOST);
3048
3049 /* Add routes to other interface's IPv6 addresses */
3050 for_each_netdev(dev_net(dev), sp_dev) {
3051 if (!strcmp(sp_dev->name, dev->name))
3052 continue;
3053
3054 idev = __in6_dev_get(sp_dev);
3055 if (!idev)
3056 continue;
3057
3058 read_lock_bh(&idev->lock);
3059 list_for_each_entry(sp_ifa, &idev->addr_list, if_list) {
3060
3061 if (sp_ifa->flags & (IFA_F_DADFAILED | IFA_F_TENTATIVE))
3062 continue;
3063
3064 if (sp_ifa->rt) {
3065 /* This dst has been added to garbage list when
3066 * lo device down, release this obsolete dst and
3067 * reallocate a new router for ifa.
3068 */
3069 if (!atomic_read(&sp_ifa->rt->rt6i_ref)) {
3070 ip6_rt_put(sp_ifa->rt);
3071 sp_ifa->rt = NULL;
3072 } else {
3073 continue;
3074 }
3075 }
3076
3077 sp_rt = addrconf_dst_alloc(idev, &sp_ifa->addr, false);
3078
3079 /* Failure cases are ignored */
3080 if (!IS_ERR(sp_rt)) {
3081 sp_ifa->rt = sp_rt;
3082 ip6_ins_rt(sp_rt);
3083 }
3084 }
3085 read_unlock_bh(&idev->lock);
3086 }
3087 }
3088
3089 void addrconf_add_linklocal(struct inet6_dev *idev,
3090 const struct in6_addr *addr, u32 flags)
3091 {
3092 struct inet6_ifaddr *ifp;
3093 u32 addr_flags = flags | IFA_F_PERMANENT;
3094
3095 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
3096 if (idev->cnf.optimistic_dad &&
3097 !dev_net(idev->dev)->ipv6.devconf_all->forwarding)
3098 addr_flags |= IFA_F_OPTIMISTIC;
3099 #endif
3100
3101 ifp = ipv6_add_addr(idev, addr, NULL, 64, IFA_LINK, addr_flags,
3102 INFINITY_LIFE_TIME, INFINITY_LIFE_TIME);
3103 if (!IS_ERR(ifp)) {
3104 addrconf_prefix_route(&ifp->addr, ifp->prefix_len, idev->dev, 0, 0);
3105 addrconf_dad_start(ifp);
3106 in6_ifa_put(ifp);
3107 }
3108 }
3109 EXPORT_SYMBOL_GPL(addrconf_add_linklocal);
3110
3111 static bool ipv6_reserved_interfaceid(struct in6_addr address)
3112 {
3113 if ((address.s6_addr32[2] | address.s6_addr32[3]) == 0)
3114 return true;
3115
3116 if (address.s6_addr32[2] == htonl(0x02005eff) &&
3117 ((address.s6_addr32[3] & htonl(0xfe000000)) == htonl(0xfe000000)))
3118 return true;
3119
3120 if (address.s6_addr32[2] == htonl(0xfdffffff) &&
3121 ((address.s6_addr32[3] & htonl(0xffffff80)) == htonl(0xffffff80)))
3122 return true;
3123
3124 return false;
3125 }
3126
3127 static int ipv6_generate_stable_address(struct in6_addr *address,
3128 u8 dad_count,
3129 const struct inet6_dev *idev)
3130 {
3131 static DEFINE_SPINLOCK(lock);
3132 static __u32 digest[SHA_DIGEST_WORDS];
3133 static __u32 workspace[SHA_WORKSPACE_WORDS];
3134
3135 static union {
3136 char __data[SHA_MESSAGE_BYTES];
3137 struct {
3138 struct in6_addr secret;
3139 __be32 prefix[2];
3140 unsigned char hwaddr[MAX_ADDR_LEN];
3141 u8 dad_count;
3142 } __packed;
3143 } data;
3144
3145 struct in6_addr secret;
3146 struct in6_addr temp;
3147 struct net *net = dev_net(idev->dev);
3148
3149 BUILD_BUG_ON(sizeof(data.__data) != sizeof(data));
3150
3151 if (idev->cnf.stable_secret.initialized)
3152 secret = idev->cnf.stable_secret.secret;
3153 else if (net->ipv6.devconf_dflt->stable_secret.initialized)
3154 secret = net->ipv6.devconf_dflt->stable_secret.secret;
3155 else
3156 return -1;
3157
3158 retry:
3159 spin_lock_bh(&lock);
3160
3161 sha_init(digest);
3162 memset(&data, 0, sizeof(data));
3163 memset(workspace, 0, sizeof(workspace));
3164 memcpy(data.hwaddr, idev->dev->perm_addr, idev->dev->addr_len);
3165 data.prefix[0] = address->s6_addr32[0];
3166 data.prefix[1] = address->s6_addr32[1];
3167 data.secret = secret;
3168 data.dad_count = dad_count;
3169
3170 sha_transform(digest, data.__data, workspace);
3171
3172 temp = *address;
3173 temp.s6_addr32[2] = (__force __be32)digest[0];
3174 temp.s6_addr32[3] = (__force __be32)digest[1];
3175
3176 spin_unlock_bh(&lock);
3177
3178 if (ipv6_reserved_interfaceid(temp)) {
3179 dad_count++;
3180 if (dad_count > dev_net(idev->dev)->ipv6.sysctl.idgen_retries)
3181 return -1;
3182 goto retry;
3183 }
3184
3185 *address = temp;
3186 return 0;
3187 }
3188
3189 static void ipv6_gen_mode_random_init(struct inet6_dev *idev)
3190 {
3191 struct ipv6_stable_secret *s = &idev->cnf.stable_secret;
3192
3193 if (s->initialized)
3194 return;
3195 s = &idev->cnf.stable_secret;
3196 get_random_bytes(&s->secret, sizeof(s->secret));
3197 s->initialized = true;
3198 }
3199
3200 static void addrconf_addr_gen(struct inet6_dev *idev, bool prefix_route)
3201 {
3202 struct in6_addr addr;
3203
3204 /* no link local addresses on L3 master devices */
3205 if (netif_is_l3_master(idev->dev))
3206 return;
3207
3208 ipv6_addr_set(&addr, htonl(0xFE800000), 0, 0, 0);
3209
3210 switch (idev->cnf.addr_gen_mode) {
3211 case IN6_ADDR_GEN_MODE_RANDOM:
3212 ipv6_gen_mode_random_init(idev);
3213 /* fallthrough */
3214 case IN6_ADDR_GEN_MODE_STABLE_PRIVACY:
3215 if (!ipv6_generate_stable_address(&addr, 0, idev))
3216 addrconf_add_linklocal(idev, &addr,
3217 IFA_F_STABLE_PRIVACY);
3218 else if (prefix_route)
3219 addrconf_prefix_route(&addr, 64, idev->dev, 0, 0);
3220 break;
3221 case IN6_ADDR_GEN_MODE_EUI64:
3222 /* addrconf_add_linklocal also adds a prefix_route and we
3223 * only need to care about prefix routes if ipv6_generate_eui64
3224 * couldn't generate one.
3225 */
3226 if (ipv6_generate_eui64(addr.s6_addr + 8, idev->dev) == 0)
3227 addrconf_add_linklocal(idev, &addr, 0);
3228 else if (prefix_route)
3229 addrconf_prefix_route(&addr, 64, idev->dev, 0, 0);
3230 break;
3231 case IN6_ADDR_GEN_MODE_NONE:
3232 default:
3233 /* will not add any link local address */
3234 break;
3235 }
3236 }
3237
3238 static void addrconf_dev_config(struct net_device *dev)
3239 {
3240 struct inet6_dev *idev;
3241
3242 ASSERT_RTNL();
3243
3244 if ((dev->type != ARPHRD_ETHER) &&
3245 (dev->type != ARPHRD_FDDI) &&
3246 (dev->type != ARPHRD_ARCNET) &&
3247 (dev->type != ARPHRD_INFINIBAND) &&
3248 (dev->type != ARPHRD_IEEE1394) &&
3249 (dev->type != ARPHRD_TUNNEL6) &&
3250 (dev->type != ARPHRD_6LOWPAN) &&
3251 (dev->type != ARPHRD_IP6GRE) &&
3252 (dev->type != ARPHRD_IPGRE) &&
3253 (dev->type != ARPHRD_TUNNEL) &&
3254 (dev->type != ARPHRD_NONE)) {
3255 /* Alas, we support only Ethernet autoconfiguration. */
3256 return;
3257 }
3258
3259 idev = addrconf_add_dev(dev);
3260 if (IS_ERR(idev))
3261 return;
3262
3263 /* this device type has no EUI support */
3264 if (dev->type == ARPHRD_NONE &&
3265 idev->cnf.addr_gen_mode == IN6_ADDR_GEN_MODE_EUI64)
3266 idev->cnf.addr_gen_mode = IN6_ADDR_GEN_MODE_RANDOM;
3267
3268 addrconf_addr_gen(idev, false);
3269 }
3270
3271 #if IS_ENABLED(CONFIG_IPV6_SIT)
3272 static void addrconf_sit_config(struct net_device *dev)
3273 {
3274 struct inet6_dev *idev;
3275
3276 ASSERT_RTNL();
3277
3278 /*
3279 * Configure the tunnel with one of our IPv4
3280 * addresses... we should configure all of
3281 * our v4 addrs in the tunnel
3282 */
3283
3284 idev = ipv6_find_idev(dev);
3285 if (!idev) {
3286 pr_debug("%s: add_dev failed\n", __func__);
3287 return;
3288 }
3289
3290 if (dev->priv_flags & IFF_ISATAP) {
3291 addrconf_addr_gen(idev, false);
3292 return;
3293 }
3294
3295 sit_add_v4_addrs(idev);
3296
3297 if (dev->flags&IFF_POINTOPOINT)
3298 addrconf_add_mroute(dev);
3299 }
3300 #endif
3301
3302 #if IS_ENABLED(CONFIG_NET_IPGRE)
3303 static void addrconf_gre_config(struct net_device *dev)
3304 {
3305 struct inet6_dev *idev;
3306
3307 ASSERT_RTNL();
3308
3309 idev = ipv6_find_idev(dev);
3310 if (!idev) {
3311 pr_debug("%s: add_dev failed\n", __func__);
3312 return;
3313 }
3314
3315 addrconf_addr_gen(idev, true);
3316 if (dev->flags & IFF_POINTOPOINT)
3317 addrconf_add_mroute(dev);
3318 }
3319 #endif
3320
3321 static int fixup_permanent_addr(struct inet6_dev *idev,
3322 struct inet6_ifaddr *ifp)
3323 {
3324 /* rt6i_ref == 0 means the host route was removed from the
3325 * FIB, for example, if 'lo' device is taken down. In that
3326 * case regenerate the host route.
3327 */
3328 if (!ifp->rt || !atomic_read(&ifp->rt->rt6i_ref)) {
3329 struct rt6_info *rt, *prev;
3330
3331 rt = addrconf_dst_alloc(idev, &ifp->addr, false);
3332 if (unlikely(IS_ERR(rt)))
3333 return PTR_ERR(rt);
3334
3335 /* ifp->rt can be accessed outside of rtnl */
3336 spin_lock(&ifp->lock);
3337 prev = ifp->rt;
3338 ifp->rt = rt;
3339 spin_unlock(&ifp->lock);
3340
3341 ip6_rt_put(prev);
3342 }
3343
3344 if (!(ifp->flags & IFA_F_NOPREFIXROUTE)) {
3345 addrconf_prefix_route(&ifp->addr, ifp->prefix_len,
3346 idev->dev, 0, 0);
3347 }
3348
3349 if (ifp->state == INET6_IFADDR_STATE_PREDAD)
3350 addrconf_dad_start(ifp);
3351
3352 return 0;
3353 }
3354
3355 static void addrconf_permanent_addr(struct net_device *dev)
3356 {
3357 struct inet6_ifaddr *ifp, *tmp;
3358 struct inet6_dev *idev;
3359
3360 idev = __in6_dev_get(dev);
3361 if (!idev)
3362 return;
3363
3364 write_lock_bh(&idev->lock);
3365
3366 list_for_each_entry_safe(ifp, tmp, &idev->addr_list, if_list) {
3367 if ((ifp->flags & IFA_F_PERMANENT) &&
3368 fixup_permanent_addr(idev, ifp) < 0) {
3369 write_unlock_bh(&idev->lock);
3370 in6_ifa_hold(ifp);
3371 ipv6_del_addr(ifp);
3372 write_lock_bh(&idev->lock);
3373
3374 net_info_ratelimited("%s: Failed to add prefix route for address %pI6c; dropping\n",
3375 idev->dev->name, &ifp->addr);
3376 }
3377 }
3378
3379 write_unlock_bh(&idev->lock);
3380 }
3381
3382 static int addrconf_notify(struct notifier_block *this, unsigned long event,
3383 void *ptr)
3384 {
3385 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
3386 struct netdev_notifier_changeupper_info *info;
3387 struct inet6_dev *idev = __in6_dev_get(dev);
3388 struct net *net = dev_net(dev);
3389 int run_pending = 0;
3390 int err;
3391
3392 switch (event) {
3393 case NETDEV_REGISTER:
3394 if (!idev && dev->mtu >= IPV6_MIN_MTU) {
3395 idev = ipv6_add_dev(dev);
3396 if (IS_ERR(idev))
3397 return notifier_from_errno(PTR_ERR(idev));
3398 }
3399 break;
3400
3401 case NETDEV_CHANGEMTU:
3402 /* if MTU under IPV6_MIN_MTU stop IPv6 on this interface. */
3403 if (dev->mtu < IPV6_MIN_MTU) {
3404 addrconf_ifdown(dev, dev != net->loopback_dev);
3405 break;
3406 }
3407
3408 if (idev) {
3409 rt6_mtu_change(dev, dev->mtu);
3410 idev->cnf.mtu6 = dev->mtu;
3411 break;
3412 }
3413
3414 /* allocate new idev */
3415 idev = ipv6_add_dev(dev);
3416 if (IS_ERR(idev))
3417 break;
3418
3419 /* device is still not ready */
3420 if (!(idev->if_flags & IF_READY))
3421 break;
3422
3423 run_pending = 1;
3424
3425 /* fall through */
3426
3427 case NETDEV_UP:
3428 case NETDEV_CHANGE:
3429 if (dev->flags & IFF_SLAVE)
3430 break;
3431
3432 if (idev && idev->cnf.disable_ipv6)
3433 break;
3434
3435 if (event == NETDEV_UP) {
3436 /* restore routes for permanent addresses */
3437 addrconf_permanent_addr(dev);
3438
3439 if (!addrconf_qdisc_ok(dev)) {
3440 /* device is not ready yet. */
3441 pr_info("ADDRCONF(NETDEV_UP): %s: link is not ready\n",
3442 dev->name);
3443 break;
3444 }
3445
3446 if (!idev && dev->mtu >= IPV6_MIN_MTU)
3447 idev = ipv6_add_dev(dev);
3448
3449 if (!IS_ERR_OR_NULL(idev)) {
3450 idev->if_flags |= IF_READY;
3451 run_pending = 1;
3452 }
3453 } else if (event == NETDEV_CHANGE) {
3454 if (!addrconf_qdisc_ok(dev)) {
3455 /* device is still not ready. */
3456 break;
3457 }
3458
3459 if (idev) {
3460 if (idev->if_flags & IF_READY) {
3461 /* device is already configured -
3462 * but resend MLD reports, we might
3463 * have roamed and need to update
3464 * multicast snooping switches
3465 */
3466 ipv6_mc_up(idev);
3467 break;
3468 }
3469 idev->if_flags |= IF_READY;
3470 }
3471
3472 pr_info("ADDRCONF(NETDEV_CHANGE): %s: link becomes ready\n",
3473 dev->name);
3474
3475 run_pending = 1;
3476 }
3477
3478 switch (dev->type) {
3479 #if IS_ENABLED(CONFIG_IPV6_SIT)
3480 case ARPHRD_SIT:
3481 addrconf_sit_config(dev);
3482 break;
3483 #endif
3484 #if IS_ENABLED(CONFIG_NET_IPGRE)
3485 case ARPHRD_IPGRE:
3486 addrconf_gre_config(dev);
3487 break;
3488 #endif
3489 case ARPHRD_LOOPBACK:
3490 init_loopback(dev);
3491 break;
3492
3493 default:
3494 addrconf_dev_config(dev);
3495 break;
3496 }
3497
3498 if (!IS_ERR_OR_NULL(idev)) {
3499 if (run_pending)
3500 addrconf_dad_run(idev);
3501
3502 /*
3503 * If the MTU changed during the interface down,
3504 * when the interface up, the changed MTU must be
3505 * reflected in the idev as well as routers.
3506 */
3507 if (idev->cnf.mtu6 != dev->mtu &&
3508 dev->mtu >= IPV6_MIN_MTU) {
3509 rt6_mtu_change(dev, dev->mtu);
3510 idev->cnf.mtu6 = dev->mtu;
3511 }
3512 idev->tstamp = jiffies;
3513 inet6_ifinfo_notify(RTM_NEWLINK, idev);
3514
3515 /*
3516 * If the changed mtu during down is lower than
3517 * IPV6_MIN_MTU stop IPv6 on this interface.
3518 */
3519 if (dev->mtu < IPV6_MIN_MTU)
3520 addrconf_ifdown(dev, dev != net->loopback_dev);
3521 }
3522 break;
3523
3524 case NETDEV_DOWN:
3525 case NETDEV_UNREGISTER:
3526 /*
3527 * Remove all addresses from this interface.
3528 */
3529 addrconf_ifdown(dev, event != NETDEV_DOWN);
3530 break;
3531
3532 case NETDEV_CHANGENAME:
3533 if (idev) {
3534 snmp6_unregister_dev(idev);
3535 addrconf_sysctl_unregister(idev);
3536 err = addrconf_sysctl_register(idev);
3537 if (err)
3538 return notifier_from_errno(err);
3539 err = snmp6_register_dev(idev);
3540 if (err) {
3541 addrconf_sysctl_unregister(idev);
3542 return notifier_from_errno(err);
3543 }
3544 }
3545 break;
3546
3547 case NETDEV_PRE_TYPE_CHANGE:
3548 case NETDEV_POST_TYPE_CHANGE:
3549 if (idev)
3550 addrconf_type_change(dev, event);
3551 break;
3552
3553 case NETDEV_CHANGEUPPER:
3554 info = ptr;
3555
3556 /* flush all routes if dev is linked to or unlinked from
3557 * an L3 master device (e.g., VRF)
3558 */
3559 if (info->upper_dev && netif_is_l3_master(info->upper_dev))
3560 addrconf_ifdown(dev, 0);
3561 }
3562
3563 return NOTIFY_OK;
3564 }
3565
3566 /*
3567 * addrconf module should be notified of a device going up
3568 */
3569 static struct notifier_block ipv6_dev_notf = {
3570 .notifier_call = addrconf_notify,
3571 .priority = ADDRCONF_NOTIFY_PRIORITY,
3572 };
3573
3574 static void addrconf_type_change(struct net_device *dev, unsigned long event)
3575 {
3576 struct inet6_dev *idev;
3577 ASSERT_RTNL();
3578
3579 idev = __in6_dev_get(dev);
3580
3581 if (event == NETDEV_POST_TYPE_CHANGE)
3582 ipv6_mc_remap(idev);
3583 else if (event == NETDEV_PRE_TYPE_CHANGE)
3584 ipv6_mc_unmap(idev);
3585 }
3586
3587 static bool addr_is_local(const struct in6_addr *addr)
3588 {
3589 return ipv6_addr_type(addr) &
3590 (IPV6_ADDR_LINKLOCAL | IPV6_ADDR_LOOPBACK);
3591 }
3592
3593 static int addrconf_ifdown(struct net_device *dev, int how)
3594 {
3595 struct net *net = dev_net(dev);
3596 struct inet6_dev *idev;
3597 struct inet6_ifaddr *ifa, *tmp;
3598 struct list_head del_list;
3599 int _keep_addr;
3600 bool keep_addr;
3601 int state, i;
3602
3603 ASSERT_RTNL();
3604
3605 rt6_ifdown(net, dev);
3606 neigh_ifdown(&nd_tbl, dev);
3607
3608 idev = __in6_dev_get(dev);
3609 if (!idev)
3610 return -ENODEV;
3611
3612 /*
3613 * Step 1: remove reference to ipv6 device from parent device.
3614 * Do not dev_put!
3615 */
3616 if (how) {
3617 idev->dead = 1;
3618
3619 /* protected by rtnl_lock */
3620 RCU_INIT_POINTER(dev->ip6_ptr, NULL);
3621
3622 /* Step 1.5: remove snmp6 entry */
3623 snmp6_unregister_dev(idev);
3624
3625 }
3626
3627 /* aggregate the system setting and interface setting */
3628 _keep_addr = net->ipv6.devconf_all->keep_addr_on_down;
3629 if (!_keep_addr)
3630 _keep_addr = idev->cnf.keep_addr_on_down;
3631
3632 /* combine the user config with event to determine if permanent
3633 * addresses are to be removed from address hash table
3634 */
3635 keep_addr = !(how || _keep_addr <= 0 || idev->cnf.disable_ipv6);
3636
3637 /* Step 2: clear hash table */
3638 for (i = 0; i < IN6_ADDR_HSIZE; i++) {
3639 struct hlist_head *h = &inet6_addr_lst[i];
3640
3641 spin_lock_bh(&addrconf_hash_lock);
3642 restart:
3643 hlist_for_each_entry_rcu(ifa, h, addr_lst) {
3644 if (ifa->idev == idev) {
3645 addrconf_del_dad_work(ifa);
3646 /* combined flag + permanent flag decide if
3647 * address is retained on a down event
3648 */
3649 if (!keep_addr ||
3650 !(ifa->flags & IFA_F_PERMANENT) ||
3651 addr_is_local(&ifa->addr)) {
3652 hlist_del_init_rcu(&ifa->addr_lst);
3653 goto restart;
3654 }
3655 }
3656 }
3657 spin_unlock_bh(&addrconf_hash_lock);
3658 }
3659
3660 write_lock_bh(&idev->lock);
3661
3662 addrconf_del_rs_timer(idev);
3663
3664 /* Step 2: clear flags for stateless addrconf */
3665 if (!how)
3666 idev->if_flags &= ~(IF_RS_SENT|IF_RA_RCVD|IF_READY);
3667
3668 /* Step 3: clear tempaddr list */
3669 while (!list_empty(&idev->tempaddr_list)) {
3670 ifa = list_first_entry(&idev->tempaddr_list,
3671 struct inet6_ifaddr, tmp_list);
3672 list_del(&ifa->tmp_list);
3673 write_unlock_bh(&idev->lock);
3674 spin_lock_bh(&ifa->lock);
3675
3676 if (ifa->ifpub) {
3677 in6_ifa_put(ifa->ifpub);
3678 ifa->ifpub = NULL;
3679 }
3680 spin_unlock_bh(&ifa->lock);
3681 in6_ifa_put(ifa);
3682 write_lock_bh(&idev->lock);
3683 }
3684
3685 /* re-combine the user config with event to determine if permanent
3686 * addresses are to be removed from the interface list
3687 */
3688 keep_addr = (!how && _keep_addr > 0 && !idev->cnf.disable_ipv6);
3689
3690 INIT_LIST_HEAD(&del_list);
3691 list_for_each_entry_safe(ifa, tmp, &idev->addr_list, if_list) {
3692 struct rt6_info *rt = NULL;
3693 bool keep;
3694
3695 addrconf_del_dad_work(ifa);
3696
3697 keep = keep_addr && (ifa->flags & IFA_F_PERMANENT) &&
3698 !addr_is_local(&ifa->addr);
3699 if (!keep)
3700 list_move(&ifa->if_list, &del_list);
3701
3702 write_unlock_bh(&idev->lock);
3703 spin_lock_bh(&ifa->lock);
3704
3705 if (keep) {
3706 /* set state to skip the notifier below */
3707 state = INET6_IFADDR_STATE_DEAD;
3708 ifa->state = INET6_IFADDR_STATE_PREDAD;
3709 if (!(ifa->flags & IFA_F_NODAD))
3710 ifa->flags |= IFA_F_TENTATIVE;
3711
3712 rt = ifa->rt;
3713 ifa->rt = NULL;
3714 } else {
3715 state = ifa->state;
3716 ifa->state = INET6_IFADDR_STATE_DEAD;
3717 }
3718
3719 spin_unlock_bh(&ifa->lock);
3720
3721 if (rt)
3722 ip6_del_rt(rt);
3723
3724 if (state != INET6_IFADDR_STATE_DEAD) {
3725 __ipv6_ifa_notify(RTM_DELADDR, ifa);
3726 inet6addr_notifier_call_chain(NETDEV_DOWN, ifa);
3727 } else {
3728 if (idev->cnf.forwarding)
3729 addrconf_leave_anycast(ifa);
3730 addrconf_leave_solict(ifa->idev, &ifa->addr);
3731 }
3732
3733 write_lock_bh(&idev->lock);
3734 }
3735
3736 write_unlock_bh(&idev->lock);
3737
3738 /* now clean up addresses to be removed */
3739 while (!list_empty(&del_list)) {
3740 ifa = list_first_entry(&del_list,
3741 struct inet6_ifaddr, if_list);
3742 list_del(&ifa->if_list);
3743
3744 in6_ifa_put(ifa);
3745 }
3746
3747 /* Step 5: Discard anycast and multicast list */
3748 if (how) {
3749 ipv6_ac_destroy_dev(idev);
3750 ipv6_mc_destroy_dev(idev);
3751 } else {
3752 ipv6_mc_down(idev);
3753 }
3754
3755 idev->tstamp = jiffies;
3756
3757 /* Last: Shot the device (if unregistered) */
3758 if (how) {
3759 addrconf_sysctl_unregister(idev);
3760 neigh_parms_release(&nd_tbl, idev->nd_parms);
3761 neigh_ifdown(&nd_tbl, dev);
3762 in6_dev_put(idev);
3763 }
3764 return 0;
3765 }
3766
3767 static void addrconf_rs_timer(unsigned long data)
3768 {
3769 struct inet6_dev *idev = (struct inet6_dev *)data;
3770 struct net_device *dev = idev->dev;
3771 struct in6_addr lladdr;
3772
3773 write_lock(&idev->lock);
3774 if (idev->dead || !(idev->if_flags & IF_READY))
3775 goto out;
3776
3777 if (!ipv6_accept_ra(idev))
3778 goto out;
3779
3780 /* Announcement received after solicitation was sent */
3781 if (idev->if_flags & IF_RA_RCVD)
3782 goto out;
3783
3784 if (idev->rs_probes++ < idev->cnf.rtr_solicits || idev->cnf.rtr_solicits < 0) {
3785 write_unlock(&idev->lock);
3786 if (!ipv6_get_lladdr(dev, &lladdr, IFA_F_TENTATIVE))
3787 ndisc_send_rs(dev, &lladdr,
3788 &in6addr_linklocal_allrouters);
3789 else
3790 goto put;
3791
3792 write_lock(&idev->lock);
3793 idev->rs_interval = rfc3315_s14_backoff_update(
3794 idev->rs_interval, idev->cnf.rtr_solicit_max_interval);
3795 /* The wait after the last probe can be shorter */
3796 addrconf_mod_rs_timer(idev, (idev->rs_probes ==
3797 idev->cnf.rtr_solicits) ?
3798 idev->cnf.rtr_solicit_delay :
3799 idev->rs_interval);
3800 } else {
3801 /*
3802 * Note: we do not support deprecated "all on-link"
3803 * assumption any longer.
3804 */
3805 pr_debug("%s: no IPv6 routers present\n", idev->dev->name);
3806 }
3807
3808 out:
3809 write_unlock(&idev->lock);
3810 put:
3811 in6_dev_put(idev);
3812 }
3813
3814 /*
3815 * Duplicate Address Detection
3816 */
3817 static void addrconf_dad_kick(struct inet6_ifaddr *ifp)
3818 {
3819 unsigned long rand_num;
3820 struct inet6_dev *idev = ifp->idev;
3821 u64 nonce;
3822
3823 if (ifp->flags & IFA_F_OPTIMISTIC)
3824 rand_num = 0;
3825 else
3826 rand_num = prandom_u32() % (idev->cnf.rtr_solicit_delay ? : 1);
3827
3828 nonce = 0;
3829 if (idev->cnf.enhanced_dad ||
3830 dev_net(idev->dev)->ipv6.devconf_all->enhanced_dad) {
3831 do
3832 get_random_bytes(&nonce, 6);
3833 while (nonce == 0);
3834 }
3835 ifp->dad_nonce = nonce;
3836 ifp->dad_probes = idev->cnf.dad_transmits;
3837 addrconf_mod_dad_work(ifp, rand_num);
3838 }
3839
3840 static void addrconf_dad_begin(struct inet6_ifaddr *ifp)
3841 {
3842 struct inet6_dev *idev = ifp->idev;
3843 struct net_device *dev = idev->dev;
3844 bool bump_id, notify = false;
3845
3846 addrconf_join_solict(dev, &ifp->addr);
3847
3848 prandom_seed((__force u32) ifp->addr.s6_addr32[3]);
3849
3850 read_lock_bh(&idev->lock);
3851 spin_lock(&ifp->lock);
3852 if (ifp->state == INET6_IFADDR_STATE_DEAD)
3853 goto out;
3854
3855 if (dev->flags&(IFF_NOARP|IFF_LOOPBACK) ||
3856 idev->cnf.accept_dad < 1 ||
3857 !(ifp->flags&IFA_F_TENTATIVE) ||
3858 ifp->flags & IFA_F_NODAD) {
3859 bump_id = ifp->flags & IFA_F_TENTATIVE;
3860 ifp->flags &= ~(IFA_F_TENTATIVE|IFA_F_OPTIMISTIC|IFA_F_DADFAILED);
3861 spin_unlock(&ifp->lock);
3862 read_unlock_bh(&idev->lock);
3863
3864 addrconf_dad_completed(ifp, bump_id);
3865 return;
3866 }
3867
3868 if (!(idev->if_flags & IF_READY)) {
3869 spin_unlock(&ifp->lock);
3870 read_unlock_bh(&idev->lock);
3871 /*
3872 * If the device is not ready:
3873 * - keep it tentative if it is a permanent address.
3874 * - otherwise, kill it.
3875 */
3876 in6_ifa_hold(ifp);
3877 addrconf_dad_stop(ifp, 0);
3878 return;
3879 }
3880
3881 /*
3882 * Optimistic nodes can start receiving
3883 * Frames right away
3884 */
3885 if (ifp->flags & IFA_F_OPTIMISTIC) {
3886 ip6_ins_rt(ifp->rt);
3887 if (ipv6_use_optimistic_addr(idev)) {
3888 /* Because optimistic nodes can use this address,
3889 * notify listeners. If DAD fails, RTM_DELADDR is sent.
3890 */
3891 notify = true;
3892 }
3893 }
3894
3895 addrconf_dad_kick(ifp);
3896 out:
3897 spin_unlock(&ifp->lock);
3898 read_unlock_bh(&idev->lock);
3899 if (notify)
3900 ipv6_ifa_notify(RTM_NEWADDR, ifp);
3901 }
3902
3903 static void addrconf_dad_start(struct inet6_ifaddr *ifp)
3904 {
3905 bool begin_dad = false;
3906
3907 spin_lock_bh(&ifp->lock);
3908 if (ifp->state != INET6_IFADDR_STATE_DEAD) {
3909 ifp->state = INET6_IFADDR_STATE_PREDAD;
3910 begin_dad = true;
3911 }
3912 spin_unlock_bh(&ifp->lock);
3913
3914 if (begin_dad)
3915 addrconf_mod_dad_work(ifp, 0);
3916 }
3917
3918 static void addrconf_dad_work(struct work_struct *w)
3919 {
3920 struct inet6_ifaddr *ifp = container_of(to_delayed_work(w),
3921 struct inet6_ifaddr,
3922 dad_work);
3923 struct inet6_dev *idev = ifp->idev;
3924 bool bump_id, disable_ipv6 = false;
3925 struct in6_addr mcaddr;
3926
3927 enum {
3928 DAD_PROCESS,
3929 DAD_BEGIN,
3930 DAD_ABORT,
3931 } action = DAD_PROCESS;
3932
3933 rtnl_lock();
3934
3935 spin_lock_bh(&ifp->lock);
3936 if (ifp->state == INET6_IFADDR_STATE_PREDAD) {
3937 action = DAD_BEGIN;
3938 ifp->state = INET6_IFADDR_STATE_DAD;
3939 } else if (ifp->state == INET6_IFADDR_STATE_ERRDAD) {
3940 action = DAD_ABORT;
3941 ifp->state = INET6_IFADDR_STATE_POSTDAD;
3942
3943 if (idev->cnf.accept_dad > 1 && !idev->cnf.disable_ipv6 &&
3944 !(ifp->flags & IFA_F_STABLE_PRIVACY)) {
3945 struct in6_addr addr;
3946
3947 addr.s6_addr32[0] = htonl(0xfe800000);
3948 addr.s6_addr32[1] = 0;
3949
3950 if (!ipv6_generate_eui64(addr.s6_addr + 8, idev->dev) &&
3951 ipv6_addr_equal(&ifp->addr, &addr)) {
3952 /* DAD failed for link-local based on MAC */
3953 idev->cnf.disable_ipv6 = 1;
3954
3955 pr_info("%s: IPv6 being disabled!\n",
3956 ifp->idev->dev->name);
3957 disable_ipv6 = true;
3958 }
3959 }
3960 }
3961 spin_unlock_bh(&ifp->lock);
3962
3963 if (action == DAD_BEGIN) {
3964 addrconf_dad_begin(ifp);
3965 goto out;
3966 } else if (action == DAD_ABORT) {
3967 in6_ifa_hold(ifp);
3968 addrconf_dad_stop(ifp, 1);
3969 if (disable_ipv6)
3970 addrconf_ifdown(idev->dev, 0);
3971 goto out;
3972 }
3973
3974 if (!ifp->dad_probes && addrconf_dad_end(ifp))
3975 goto out;
3976
3977 write_lock_bh(&idev->lock);
3978 if (idev->dead || !(idev->if_flags & IF_READY)) {
3979 write_unlock_bh(&idev->lock);
3980 goto out;
3981 }
3982
3983 spin_lock(&ifp->lock);
3984 if (ifp->state == INET6_IFADDR_STATE_DEAD) {
3985 spin_unlock(&ifp->lock);
3986 write_unlock_bh(&idev->lock);
3987 goto out;
3988 }
3989
3990 if (ifp->dad_probes == 0) {
3991 /*
3992 * DAD was successful
3993 */
3994
3995 bump_id = ifp->flags & IFA_F_TENTATIVE;
3996 ifp->flags &= ~(IFA_F_TENTATIVE|IFA_F_OPTIMISTIC|IFA_F_DADFAILED);
3997 spin_unlock(&ifp->lock);
3998 write_unlock_bh(&idev->lock);
3999
4000 addrconf_dad_completed(ifp, bump_id);
4001
4002 goto out;
4003 }
4004
4005 ifp->dad_probes--;
4006 addrconf_mod_dad_work(ifp,
4007 NEIGH_VAR(ifp->idev->nd_parms, RETRANS_TIME));
4008 spin_unlock(&ifp->lock);
4009 write_unlock_bh(&idev->lock);
4010
4011 /* send a neighbour solicitation for our addr */
4012 addrconf_addr_solict_mult(&ifp->addr, &mcaddr);
4013 ndisc_send_ns(ifp->idev->dev, &ifp->addr, &mcaddr, &in6addr_any,
4014 ifp->dad_nonce);
4015 out:
4016 in6_ifa_put(ifp);
4017 rtnl_unlock();
4018 }
4019
4020 /* ifp->idev must be at least read locked */
4021 static bool ipv6_lonely_lladdr(struct inet6_ifaddr *ifp)
4022 {
4023 struct inet6_ifaddr *ifpiter;
4024 struct inet6_dev *idev = ifp->idev;
4025
4026 list_for_each_entry_reverse(ifpiter, &idev->addr_list, if_list) {
4027 if (ifpiter->scope > IFA_LINK)
4028 break;
4029 if (ifp != ifpiter && ifpiter->scope == IFA_LINK &&
4030 (ifpiter->flags & (IFA_F_PERMANENT|IFA_F_TENTATIVE|
4031 IFA_F_OPTIMISTIC|IFA_F_DADFAILED)) ==
4032 IFA_F_PERMANENT)
4033 return false;
4034 }
4035 return true;
4036 }
4037
4038 static void addrconf_dad_completed(struct inet6_ifaddr *ifp, bool bump_id)
4039 {
4040 struct net_device *dev = ifp->idev->dev;
4041 struct in6_addr lladdr;
4042 bool send_rs, send_mld;
4043
4044 addrconf_del_dad_work(ifp);
4045
4046 /*
4047 * Configure the address for reception. Now it is valid.
4048 */
4049
4050 ipv6_ifa_notify(RTM_NEWADDR, ifp);
4051
4052 /* If added prefix is link local and we are prepared to process
4053 router advertisements, start sending router solicitations.
4054 */
4055
4056 read_lock_bh(&ifp->idev->lock);
4057 send_mld = ifp->scope == IFA_LINK && ipv6_lonely_lladdr(ifp);
4058 send_rs = send_mld &&
4059 ipv6_accept_ra(ifp->idev) &&
4060 ifp->idev->cnf.rtr_solicits != 0 &&
4061 (dev->flags&IFF_LOOPBACK) == 0;
4062 read_unlock_bh(&ifp->idev->lock);
4063
4064 /* While dad is in progress mld report's source address is in6_addrany.
4065 * Resend with proper ll now.
4066 */
4067 if (send_mld)
4068 ipv6_mc_dad_complete(ifp->idev);
4069
4070 if (send_rs) {
4071 /*
4072 * If a host as already performed a random delay
4073 * [...] as part of DAD [...] there is no need
4074 * to delay again before sending the first RS
4075 */
4076 if (ipv6_get_lladdr(dev, &lladdr, IFA_F_TENTATIVE))
4077 return;
4078 ndisc_send_rs(dev, &lladdr, &in6addr_linklocal_allrouters);
4079
4080 write_lock_bh(&ifp->idev->lock);
4081 spin_lock(&ifp->lock);
4082 ifp->idev->rs_interval = rfc3315_s14_backoff_init(
4083 ifp->idev->cnf.rtr_solicit_interval);
4084 ifp->idev->rs_probes = 1;
4085 ifp->idev->if_flags |= IF_RS_SENT;
4086 addrconf_mod_rs_timer(ifp->idev, ifp->idev->rs_interval);
4087 spin_unlock(&ifp->lock);
4088 write_unlock_bh(&ifp->idev->lock);
4089 }
4090
4091 if (bump_id)
4092 rt_genid_bump_ipv6(dev_net(dev));
4093
4094 /* Make sure that a new temporary address will be created
4095 * before this temporary address becomes deprecated.
4096 */
4097 if (ifp->flags & IFA_F_TEMPORARY)
4098 addrconf_verify_rtnl();
4099 }
4100
4101 static void addrconf_dad_run(struct inet6_dev *idev)
4102 {
4103 struct inet6_ifaddr *ifp;
4104
4105 read_lock_bh(&idev->lock);
4106 list_for_each_entry(ifp, &idev->addr_list, if_list) {
4107 spin_lock(&ifp->lock);
4108 if (ifp->flags & IFA_F_TENTATIVE &&
4109 ifp->state == INET6_IFADDR_STATE_DAD)
4110 addrconf_dad_kick(ifp);
4111 spin_unlock(&ifp->lock);
4112 }
4113 read_unlock_bh(&idev->lock);
4114 }
4115
4116 #ifdef CONFIG_PROC_FS
4117 struct if6_iter_state {
4118 struct seq_net_private p;
4119 int bucket;
4120 int offset;
4121 };
4122
4123 static struct inet6_ifaddr *if6_get_first(struct seq_file *seq, loff_t pos)
4124 {
4125 struct inet6_ifaddr *ifa = NULL;
4126 struct if6_iter_state *state = seq->private;
4127 struct net *net = seq_file_net(seq);
4128 int p = 0;
4129
4130 /* initial bucket if pos is 0 */
4131 if (pos == 0) {
4132 state->bucket = 0;
4133 state->offset = 0;
4134 }
4135
4136 for (; state->bucket < IN6_ADDR_HSIZE; ++state->bucket) {
4137 hlist_for_each_entry_rcu_bh(ifa, &inet6_addr_lst[state->bucket],
4138 addr_lst) {
4139 if (!net_eq(dev_net(ifa->idev->dev), net))
4140 continue;
4141 /* sync with offset */
4142 if (p < state->offset) {
4143 p++;
4144 continue;
4145 }
4146 state->offset++;
4147 return ifa;
4148 }
4149
4150 /* prepare for next bucket */
4151 state->offset = 0;
4152 p = 0;
4153 }
4154 return NULL;
4155 }
4156
4157 static struct inet6_ifaddr *if6_get_next(struct seq_file *seq,
4158 struct inet6_ifaddr *ifa)
4159 {
4160 struct if6_iter_state *state = seq->private;
4161 struct net *net = seq_file_net(seq);
4162
4163 hlist_for_each_entry_continue_rcu_bh(ifa, addr_lst) {
4164 if (!net_eq(dev_net(ifa->idev->dev), net))
4165 continue;
4166 state->offset++;
4167 return ifa;
4168 }
4169
4170 while (++state->bucket < IN6_ADDR_HSIZE) {
4171 state->offset = 0;
4172 hlist_for_each_entry_rcu_bh(ifa,
4173 &inet6_addr_lst[state->bucket], addr_lst) {
4174 if (!net_eq(dev_net(ifa->idev->dev), net))
4175 continue;
4176 state->offset++;
4177 return ifa;
4178 }
4179 }
4180
4181 return NULL;
4182 }
4183
4184 static void *if6_seq_start(struct seq_file *seq, loff_t *pos)
4185 __acquires(rcu_bh)
4186 {
4187 rcu_read_lock_bh();
4188 return if6_get_first(seq, *pos);
4189 }
4190
4191 static void *if6_seq_next(struct seq_file *seq, void *v, loff_t *pos)
4192 {
4193 struct inet6_ifaddr *ifa;
4194
4195 ifa = if6_get_next(seq, v);
4196 ++*pos;
4197 return ifa;
4198 }
4199
4200 static void if6_seq_stop(struct seq_file *seq, void *v)
4201 __releases(rcu_bh)
4202 {
4203 rcu_read_unlock_bh();
4204 }
4205
4206 static int if6_seq_show(struct seq_file *seq, void *v)
4207 {
4208 struct inet6_ifaddr *ifp = (struct inet6_ifaddr *)v;
4209 seq_printf(seq, "%pi6 %02x %02x %02x %02x %8s\n",
4210 &ifp->addr,
4211 ifp->idev->dev->ifindex,
4212 ifp->prefix_len,
4213 ifp->scope,
4214 (u8) ifp->flags,
4215 ifp->idev->dev->name);
4216 return 0;
4217 }
4218
4219 static const struct seq_operations if6_seq_ops = {
4220 .start = if6_seq_start,
4221 .next = if6_seq_next,
4222 .show = if6_seq_show,
4223 .stop = if6_seq_stop,
4224 };
4225
4226 static int if6_seq_open(struct inode *inode, struct file *file)
4227 {
4228 return seq_open_net(inode, file, &if6_seq_ops,
4229 sizeof(struct if6_iter_state));
4230 }
4231
4232 static const struct file_operations if6_fops = {
4233 .owner = THIS_MODULE,
4234 .open = if6_seq_open,
4235 .read = seq_read,
4236 .llseek = seq_lseek,
4237 .release = seq_release_net,
4238 };
4239
4240 static int __net_init if6_proc_net_init(struct net *net)
4241 {
4242 if (!proc_create("if_inet6", S_IRUGO, net->proc_net, &if6_fops))
4243 return -ENOMEM;
4244 return 0;
4245 }
4246
4247 static void __net_exit if6_proc_net_exit(struct net *net)
4248 {
4249 remove_proc_entry("if_inet6", net->proc_net);
4250 }
4251
4252 static struct pernet_operations if6_proc_net_ops = {
4253 .init = if6_proc_net_init,
4254 .exit = if6_proc_net_exit,
4255 };
4256
4257 int __init if6_proc_init(void)
4258 {
4259 return register_pernet_subsys(&if6_proc_net_ops);
4260 }
4261
4262 void if6_proc_exit(void)
4263 {
4264 unregister_pernet_subsys(&if6_proc_net_ops);
4265 }
4266 #endif /* CONFIG_PROC_FS */
4267
4268 #if IS_ENABLED(CONFIG_IPV6_MIP6)
4269 /* Check if address is a home address configured on any interface. */
4270 int ipv6_chk_home_addr(struct net *net, const struct in6_addr *addr)
4271 {
4272 int ret = 0;
4273 struct inet6_ifaddr *ifp = NULL;
4274 unsigned int hash = inet6_addr_hash(addr);
4275
4276 rcu_read_lock_bh();
4277 hlist_for_each_entry_rcu_bh(ifp, &inet6_addr_lst[hash], addr_lst) {
4278 if (!net_eq(dev_net(ifp->idev->dev), net))
4279 continue;
4280 if (ipv6_addr_equal(&ifp->addr, addr) &&
4281 (ifp->flags & IFA_F_HOMEADDRESS)) {
4282 ret = 1;
4283 break;
4284 }
4285 }
4286 rcu_read_unlock_bh();
4287 return ret;
4288 }
4289 #endif
4290
4291 /*
4292 * Periodic address status verification
4293 */
4294
4295 static void addrconf_verify_rtnl(void)
4296 {
4297 unsigned long now, next, next_sec, next_sched;
4298 struct inet6_ifaddr *ifp;
4299 int i;
4300
4301 ASSERT_RTNL();
4302
4303 rcu_read_lock_bh();
4304 now = jiffies;
4305 next = round_jiffies_up(now + ADDR_CHECK_FREQUENCY);
4306
4307 cancel_delayed_work(&addr_chk_work);
4308
4309 for (i = 0; i < IN6_ADDR_HSIZE; i++) {
4310 restart:
4311 hlist_for_each_entry_rcu_bh(ifp, &inet6_addr_lst[i], addr_lst) {
4312 unsigned long age;
4313
4314 /* When setting preferred_lft to a value not zero or
4315 * infinity, while valid_lft is infinity
4316 * IFA_F_PERMANENT has a non-infinity life time.
4317 */
4318 if ((ifp->flags & IFA_F_PERMANENT) &&
4319 (ifp->prefered_lft == INFINITY_LIFE_TIME))
4320 continue;
4321
4322 spin_lock(&ifp->lock);
4323 /* We try to batch several events at once. */
4324 age = (now - ifp->tstamp + ADDRCONF_TIMER_FUZZ_MINUS) / HZ;
4325
4326 if (ifp->valid_lft != INFINITY_LIFE_TIME &&
4327 age >= ifp->valid_lft) {
4328 spin_unlock(&ifp->lock);
4329 in6_ifa_hold(ifp);
4330 ipv6_del_addr(ifp);
4331 goto restart;
4332 } else if (ifp->prefered_lft == INFINITY_LIFE_TIME) {
4333 spin_unlock(&ifp->lock);
4334 continue;
4335 } else if (age >= ifp->prefered_lft) {
4336 /* jiffies - ifp->tstamp > age >= ifp->prefered_lft */
4337 int deprecate = 0;
4338
4339 if (!(ifp->flags&IFA_F_DEPRECATED)) {
4340 deprecate = 1;
4341 ifp->flags |= IFA_F_DEPRECATED;
4342 }
4343
4344 if ((ifp->valid_lft != INFINITY_LIFE_TIME) &&
4345 (time_before(ifp->tstamp + ifp->valid_lft * HZ, next)))
4346 next = ifp->tstamp + ifp->valid_lft * HZ;
4347
4348 spin_unlock(&ifp->lock);
4349
4350 if (deprecate) {
4351 in6_ifa_hold(ifp);
4352
4353 ipv6_ifa_notify(0, ifp);
4354 in6_ifa_put(ifp);
4355 goto restart;
4356 }
4357 } else if ((ifp->flags&IFA_F_TEMPORARY) &&
4358 !(ifp->flags&IFA_F_TENTATIVE)) {
4359 unsigned long regen_advance = ifp->idev->cnf.regen_max_retry *
4360 ifp->idev->cnf.dad_transmits *
4361 NEIGH_VAR(ifp->idev->nd_parms, RETRANS_TIME) / HZ;
4362
4363 if (age >= ifp->prefered_lft - regen_advance) {
4364 struct inet6_ifaddr *ifpub = ifp->ifpub;
4365 if (time_before(ifp->tstamp + ifp->prefered_lft * HZ, next))
4366 next = ifp->tstamp + ifp->prefered_lft * HZ;
4367 if (!ifp->regen_count && ifpub) {
4368 ifp->regen_count++;
4369 in6_ifa_hold(ifp);
4370 in6_ifa_hold(ifpub);
4371 spin_unlock(&ifp->lock);
4372
4373 spin_lock(&ifpub->lock);
4374 ifpub->regen_count = 0;
4375 spin_unlock(&ifpub->lock);
4376 ipv6_create_tempaddr(ifpub, ifp);
4377 in6_ifa_put(ifpub);
4378 in6_ifa_put(ifp);
4379 goto restart;
4380 }
4381 } else if (time_before(ifp->tstamp + ifp->prefered_lft * HZ - regen_advance * HZ, next))
4382 next = ifp->tstamp + ifp->prefered_lft * HZ - regen_advance * HZ;
4383 spin_unlock(&ifp->lock);
4384 } else {
4385 /* ifp->prefered_lft <= ifp->valid_lft */
4386 if (time_before(ifp->tstamp + ifp->prefered_lft * HZ, next))
4387 next = ifp->tstamp + ifp->prefered_lft * HZ;
4388 spin_unlock(&ifp->lock);
4389 }
4390 }
4391 }
4392
4393 next_sec = round_jiffies_up(next);
4394 next_sched = next;
4395
4396 /* If rounded timeout is accurate enough, accept it. */
4397 if (time_before(next_sec, next + ADDRCONF_TIMER_FUZZ))
4398 next_sched = next_sec;
4399
4400 /* And minimum interval is ADDRCONF_TIMER_FUZZ_MAX. */
4401 if (time_before(next_sched, jiffies + ADDRCONF_TIMER_FUZZ_MAX))
4402 next_sched = jiffies + ADDRCONF_TIMER_FUZZ_MAX;
4403
4404 ADBG(KERN_DEBUG "now = %lu, schedule = %lu, rounded schedule = %lu => %lu\n",
4405 now, next, next_sec, next_sched);
4406 mod_delayed_work(addrconf_wq, &addr_chk_work, next_sched - now);
4407 rcu_read_unlock_bh();
4408 }
4409
4410 static void addrconf_verify_work(struct work_struct *w)
4411 {
4412 rtnl_lock();
4413 addrconf_verify_rtnl();
4414 rtnl_unlock();
4415 }
4416
4417 static void addrconf_verify(void)
4418 {
4419 mod_delayed_work(addrconf_wq, &addr_chk_work, 0);
4420 }
4421
4422 static struct in6_addr *extract_addr(struct nlattr *addr, struct nlattr *local,
4423 struct in6_addr **peer_pfx)
4424 {
4425 struct in6_addr *pfx = NULL;
4426
4427 *peer_pfx = NULL;
4428
4429 if (addr)
4430 pfx = nla_data(addr);
4431
4432 if (local) {
4433 if (pfx && nla_memcmp(local, pfx, sizeof(*pfx)))
4434 *peer_pfx = pfx;
4435 pfx = nla_data(local);
4436 }
4437
4438 return pfx;
4439 }
4440
4441 static const struct nla_policy ifa_ipv6_policy[IFA_MAX+1] = {
4442 [IFA_ADDRESS] = { .len = sizeof(struct in6_addr) },
4443 [IFA_LOCAL] = { .len = sizeof(struct in6_addr) },
4444 [IFA_CACHEINFO] = { .len = sizeof(struct ifa_cacheinfo) },
4445 [IFA_FLAGS] = { .len = sizeof(u32) },
4446 };
4447
4448 static int
4449 inet6_rtm_deladdr(struct sk_buff *skb, struct nlmsghdr *nlh,
4450 struct netlink_ext_ack *extack)
4451 {
4452 struct net *net = sock_net(skb->sk);
4453 struct ifaddrmsg *ifm;
4454 struct nlattr *tb[IFA_MAX+1];
4455 struct in6_addr *pfx, *peer_pfx;
4456 u32 ifa_flags;
4457 int err;
4458
4459 err = nlmsg_parse(nlh, sizeof(*ifm), tb, IFA_MAX, ifa_ipv6_policy,
4460 extack);
4461 if (err < 0)
4462 return err;
4463
4464 ifm = nlmsg_data(nlh);
4465 pfx = extract_addr(tb[IFA_ADDRESS], tb[IFA_LOCAL], &peer_pfx);
4466 if (!pfx)
4467 return -EINVAL;
4468
4469 ifa_flags = tb[IFA_FLAGS] ? nla_get_u32(tb[IFA_FLAGS]) : ifm->ifa_flags;
4470
4471 /* We ignore other flags so far. */
4472 ifa_flags &= IFA_F_MANAGETEMPADDR;
4473
4474 return inet6_addr_del(net, ifm->ifa_index, ifa_flags, pfx,
4475 ifm->ifa_prefixlen);
4476 }
4477
4478 static int inet6_addr_modify(struct inet6_ifaddr *ifp, u32 ifa_flags,
4479 u32 prefered_lft, u32 valid_lft)
4480 {
4481 u32 flags;
4482 clock_t expires;
4483 unsigned long timeout;
4484 bool was_managetempaddr;
4485 bool had_prefixroute;
4486
4487 ASSERT_RTNL();
4488
4489 if (!valid_lft || (prefered_lft > valid_lft))
4490 return -EINVAL;
4491
4492 if (ifa_flags & IFA_F_MANAGETEMPADDR &&
4493 (ifp->flags & IFA_F_TEMPORARY || ifp->prefix_len != 64))
4494 return -EINVAL;
4495
4496 timeout = addrconf_timeout_fixup(valid_lft, HZ);
4497 if (addrconf_finite_timeout(timeout)) {
4498 expires = jiffies_to_clock_t(timeout * HZ);
4499 valid_lft = timeout;
4500 flags = RTF_EXPIRES;
4501 } else {
4502 expires = 0;
4503 flags = 0;
4504 ifa_flags |= IFA_F_PERMANENT;
4505 }
4506
4507 timeout = addrconf_timeout_fixup(prefered_lft, HZ);
4508 if (addrconf_finite_timeout(timeout)) {
4509 if (timeout == 0)
4510 ifa_flags |= IFA_F_DEPRECATED;
4511 prefered_lft = timeout;
4512 }
4513
4514 spin_lock_bh(&ifp->lock);
4515 was_managetempaddr = ifp->flags & IFA_F_MANAGETEMPADDR;
4516 had_prefixroute = ifp->flags & IFA_F_PERMANENT &&
4517 !(ifp->flags & IFA_F_NOPREFIXROUTE);
4518 ifp->flags &= ~(IFA_F_DEPRECATED | IFA_F_PERMANENT | IFA_F_NODAD |
4519 IFA_F_HOMEADDRESS | IFA_F_MANAGETEMPADDR |
4520 IFA_F_NOPREFIXROUTE);
4521 ifp->flags |= ifa_flags;
4522 ifp->tstamp = jiffies;
4523 ifp->valid_lft = valid_lft;
4524 ifp->prefered_lft = prefered_lft;
4525
4526 spin_unlock_bh(&ifp->lock);
4527 if (!(ifp->flags&IFA_F_TENTATIVE))
4528 ipv6_ifa_notify(0, ifp);
4529
4530 if (!(ifa_flags & IFA_F_NOPREFIXROUTE)) {
4531 addrconf_prefix_route(&ifp->addr, ifp->prefix_len, ifp->idev->dev,
4532 expires, flags);
4533 } else if (had_prefixroute) {
4534 enum cleanup_prefix_rt_t action;
4535 unsigned long rt_expires;
4536
4537 write_lock_bh(&ifp->idev->lock);
4538 action = check_cleanup_prefix_route(ifp, &rt_expires);
4539 write_unlock_bh(&ifp->idev->lock);
4540
4541 if (action != CLEANUP_PREFIX_RT_NOP) {
4542 cleanup_prefix_route(ifp, rt_expires,
4543 action == CLEANUP_PREFIX_RT_DEL);
4544 }
4545 }
4546
4547 if (was_managetempaddr || ifp->flags & IFA_F_MANAGETEMPADDR) {
4548 if (was_managetempaddr && !(ifp->flags & IFA_F_MANAGETEMPADDR))
4549 valid_lft = prefered_lft = 0;
4550 manage_tempaddrs(ifp->idev, ifp, valid_lft, prefered_lft,
4551 !was_managetempaddr, jiffies);
4552 }
4553
4554 addrconf_verify_rtnl();
4555
4556 return 0;
4557 }
4558
4559 static int
4560 inet6_rtm_newaddr(struct sk_buff *skb, struct nlmsghdr *nlh,
4561 struct netlink_ext_ack *extack)
4562 {
4563 struct net *net = sock_net(skb->sk);
4564 struct ifaddrmsg *ifm;
4565 struct nlattr *tb[IFA_MAX+1];
4566 struct in6_addr *pfx, *peer_pfx;
4567 struct inet6_ifaddr *ifa;
4568 struct net_device *dev;
4569 u32 valid_lft = INFINITY_LIFE_TIME, preferred_lft = INFINITY_LIFE_TIME;
4570 u32 ifa_flags;
4571 int err;
4572
4573 err = nlmsg_parse(nlh, sizeof(*ifm), tb, IFA_MAX, ifa_ipv6_policy,
4574 extack);
4575 if (err < 0)
4576 return err;
4577
4578 ifm = nlmsg_data(nlh);
4579 pfx = extract_addr(tb[IFA_ADDRESS], tb[IFA_LOCAL], &peer_pfx);
4580 if (!pfx)
4581 return -EINVAL;
4582
4583 if (tb[IFA_CACHEINFO]) {
4584 struct ifa_cacheinfo *ci;
4585
4586 ci = nla_data(tb[IFA_CACHEINFO]);
4587 valid_lft = ci->ifa_valid;
4588 preferred_lft = ci->ifa_prefered;
4589 } else {
4590 preferred_lft = INFINITY_LIFE_TIME;
4591 valid_lft = INFINITY_LIFE_TIME;
4592 }
4593
4594 dev = __dev_get_by_index(net, ifm->ifa_index);
4595 if (!dev)
4596 return -ENODEV;
4597
4598 ifa_flags = tb[IFA_FLAGS] ? nla_get_u32(tb[IFA_FLAGS]) : ifm->ifa_flags;
4599
4600 /* We ignore other flags so far. */
4601 ifa_flags &= IFA_F_NODAD | IFA_F_HOMEADDRESS | IFA_F_MANAGETEMPADDR |
4602 IFA_F_NOPREFIXROUTE | IFA_F_MCAUTOJOIN;
4603
4604 ifa = ipv6_get_ifaddr(net, pfx, dev, 1);
4605 if (!ifa) {
4606 /*
4607 * It would be best to check for !NLM_F_CREATE here but
4608 * userspace already relies on not having to provide this.
4609 */
4610 return inet6_addr_add(net, ifm->ifa_index, pfx, peer_pfx,
4611 ifm->ifa_prefixlen, ifa_flags,
4612 preferred_lft, valid_lft);
4613 }
4614
4615 if (nlh->nlmsg_flags & NLM_F_EXCL ||
4616 !(nlh->nlmsg_flags & NLM_F_REPLACE))
4617 err = -EEXIST;
4618 else
4619 err = inet6_addr_modify(ifa, ifa_flags, preferred_lft, valid_lft);
4620
4621 in6_ifa_put(ifa);
4622
4623 return err;
4624 }
4625
4626 static void put_ifaddrmsg(struct nlmsghdr *nlh, u8 prefixlen, u32 flags,
4627 u8 scope, int ifindex)
4628 {
4629 struct ifaddrmsg *ifm;
4630
4631 ifm = nlmsg_data(nlh);
4632 ifm->ifa_family = AF_INET6;
4633 ifm->ifa_prefixlen = prefixlen;
4634 ifm->ifa_flags = flags;
4635 ifm->ifa_scope = scope;
4636 ifm->ifa_index = ifindex;
4637 }
4638
4639 static int put_cacheinfo(struct sk_buff *skb, unsigned long cstamp,
4640 unsigned long tstamp, u32 preferred, u32 valid)
4641 {
4642 struct ifa_cacheinfo ci;
4643
4644 ci.cstamp = cstamp_delta(cstamp);
4645 ci.tstamp = cstamp_delta(tstamp);
4646 ci.ifa_prefered = preferred;
4647 ci.ifa_valid = valid;
4648
4649 return nla_put(skb, IFA_CACHEINFO, sizeof(ci), &ci);
4650 }
4651
4652 static inline int rt_scope(int ifa_scope)
4653 {
4654 if (ifa_scope & IFA_HOST)
4655 return RT_SCOPE_HOST;
4656 else if (ifa_scope & IFA_LINK)
4657 return RT_SCOPE_LINK;
4658 else if (ifa_scope & IFA_SITE)
4659 return RT_SCOPE_SITE;
4660 else
4661 return RT_SCOPE_UNIVERSE;
4662 }
4663
4664 static inline int inet6_ifaddr_msgsize(void)
4665 {
4666 return NLMSG_ALIGN(sizeof(struct ifaddrmsg))
4667 + nla_total_size(16) /* IFA_LOCAL */
4668 + nla_total_size(16) /* IFA_ADDRESS */
4669 + nla_total_size(sizeof(struct ifa_cacheinfo))
4670 + nla_total_size(4) /* IFA_FLAGS */;
4671 }
4672
4673 static int inet6_fill_ifaddr(struct sk_buff *skb, struct inet6_ifaddr *ifa,
4674 u32 portid, u32 seq, int event, unsigned int flags)
4675 {
4676 struct nlmsghdr *nlh;
4677 u32 preferred, valid;
4678
4679 nlh = nlmsg_put(skb, portid, seq, event, sizeof(struct ifaddrmsg), flags);
4680 if (!nlh)
4681 return -EMSGSIZE;
4682
4683 put_ifaddrmsg(nlh, ifa->prefix_len, ifa->flags, rt_scope(ifa->scope),
4684 ifa->idev->dev->ifindex);
4685
4686 if (!((ifa->flags&IFA_F_PERMANENT) &&
4687 (ifa->prefered_lft == INFINITY_LIFE_TIME))) {
4688 preferred = ifa->prefered_lft;
4689 valid = ifa->valid_lft;
4690 if (preferred != INFINITY_LIFE_TIME) {
4691 long tval = (jiffies - ifa->tstamp)/HZ;
4692 if (preferred > tval)
4693 preferred -= tval;
4694 else
4695 preferred = 0;
4696 if (valid != INFINITY_LIFE_TIME) {
4697 if (valid > tval)
4698 valid -= tval;
4699 else
4700 valid = 0;
4701 }
4702 }
4703 } else {
4704 preferred = INFINITY_LIFE_TIME;
4705 valid = INFINITY_LIFE_TIME;
4706 }
4707
4708 if (!ipv6_addr_any(&ifa->peer_addr)) {
4709 if (nla_put_in6_addr(skb, IFA_LOCAL, &ifa->addr) < 0 ||
4710 nla_put_in6_addr(skb, IFA_ADDRESS, &ifa->peer_addr) < 0)
4711 goto error;
4712 } else
4713 if (nla_put_in6_addr(skb, IFA_ADDRESS, &ifa->addr) < 0)
4714 goto error;
4715
4716 if (put_cacheinfo(skb, ifa->cstamp, ifa->tstamp, preferred, valid) < 0)
4717 goto error;
4718
4719 if (nla_put_u32(skb, IFA_FLAGS, ifa->flags) < 0)
4720 goto error;
4721
4722 nlmsg_end(skb, nlh);
4723 return 0;
4724
4725 error:
4726 nlmsg_cancel(skb, nlh);
4727 return -EMSGSIZE;
4728 }
4729
4730 static int inet6_fill_ifmcaddr(struct sk_buff *skb, struct ifmcaddr6 *ifmca,
4731 u32 portid, u32 seq, int event, u16 flags)
4732 {
4733 struct nlmsghdr *nlh;
4734 u8 scope = RT_SCOPE_UNIVERSE;
4735 int ifindex = ifmca->idev->dev->ifindex;
4736
4737 if (ipv6_addr_scope(&ifmca->mca_addr) & IFA_SITE)
4738 scope = RT_SCOPE_SITE;
4739
4740 nlh = nlmsg_put(skb, portid, seq, event, sizeof(struct ifaddrmsg), flags);
4741 if (!nlh)
4742 return -EMSGSIZE;
4743
4744 put_ifaddrmsg(nlh, 128, IFA_F_PERMANENT, scope, ifindex);
4745 if (nla_put_in6_addr(skb, IFA_MULTICAST, &ifmca->mca_addr) < 0 ||
4746 put_cacheinfo(skb, ifmca->mca_cstamp, ifmca->mca_tstamp,
4747 INFINITY_LIFE_TIME, INFINITY_LIFE_TIME) < 0) {
4748 nlmsg_cancel(skb, nlh);
4749 return -EMSGSIZE;
4750 }
4751
4752 nlmsg_end(skb, nlh);
4753 return 0;
4754 }
4755
4756 static int inet6_fill_ifacaddr(struct sk_buff *skb, struct ifacaddr6 *ifaca,
4757 u32 portid, u32 seq, int event, unsigned int flags)
4758 {
4759 struct nlmsghdr *nlh;
4760 u8 scope = RT_SCOPE_UNIVERSE;
4761 int ifindex = ifaca->aca_idev->dev->ifindex;
4762
4763 if (ipv6_addr_scope(&ifaca->aca_addr) & IFA_SITE)
4764 scope = RT_SCOPE_SITE;
4765
4766 nlh = nlmsg_put(skb, portid, seq, event, sizeof(struct ifaddrmsg), flags);
4767 if (!nlh)
4768 return -EMSGSIZE;
4769
4770 put_ifaddrmsg(nlh, 128, IFA_F_PERMANENT, scope, ifindex);
4771 if (nla_put_in6_addr(skb, IFA_ANYCAST, &ifaca->aca_addr) < 0 ||
4772 put_cacheinfo(skb, ifaca->aca_cstamp, ifaca->aca_tstamp,
4773 INFINITY_LIFE_TIME, INFINITY_LIFE_TIME) < 0) {
4774 nlmsg_cancel(skb, nlh);
4775 return -EMSGSIZE;
4776 }
4777
4778 nlmsg_end(skb, nlh);
4779 return 0;
4780 }
4781
4782 enum addr_type_t {
4783 UNICAST_ADDR,
4784 MULTICAST_ADDR,
4785 ANYCAST_ADDR,
4786 };
4787
4788 /* called with rcu_read_lock() */
4789 static int in6_dump_addrs(struct inet6_dev *idev, struct sk_buff *skb,
4790 struct netlink_callback *cb, enum addr_type_t type,
4791 int s_ip_idx, int *p_ip_idx)
4792 {
4793 struct ifmcaddr6 *ifmca;
4794 struct ifacaddr6 *ifaca;
4795 int err = 1;
4796 int ip_idx = *p_ip_idx;
4797
4798 read_lock_bh(&idev->lock);
4799 switch (type) {
4800 case UNICAST_ADDR: {
4801 struct inet6_ifaddr *ifa;
4802
4803 /* unicast address incl. temp addr */
4804 list_for_each_entry(ifa, &idev->addr_list, if_list) {
4805 if (++ip_idx < s_ip_idx)
4806 continue;
4807 err = inet6_fill_ifaddr(skb, ifa,
4808 NETLINK_CB(cb->skb).portid,
4809 cb->nlh->nlmsg_seq,
4810 RTM_NEWADDR,
4811 NLM_F_MULTI);
4812 if (err < 0)
4813 break;
4814 nl_dump_check_consistent(cb, nlmsg_hdr(skb));
4815 }
4816 break;
4817 }
4818 case MULTICAST_ADDR:
4819 /* multicast address */
4820 for (ifmca = idev->mc_list; ifmca;
4821 ifmca = ifmca->next, ip_idx++) {
4822 if (ip_idx < s_ip_idx)
4823 continue;
4824 err = inet6_fill_ifmcaddr(skb, ifmca,
4825 NETLINK_CB(cb->skb).portid,
4826 cb->nlh->nlmsg_seq,
4827 RTM_GETMULTICAST,
4828 NLM_F_MULTI);
4829 if (err < 0)
4830 break;
4831 }
4832 break;
4833 case ANYCAST_ADDR:
4834 /* anycast address */
4835 for (ifaca = idev->ac_list; ifaca;
4836 ifaca = ifaca->aca_next, ip_idx++) {
4837 if (ip_idx < s_ip_idx)
4838 continue;
4839 err = inet6_fill_ifacaddr(skb, ifaca,
4840 NETLINK_CB(cb->skb).portid,
4841 cb->nlh->nlmsg_seq,
4842 RTM_GETANYCAST,
4843 NLM_F_MULTI);
4844 if (err < 0)
4845 break;
4846 }
4847 break;
4848 default:
4849 break;
4850 }
4851 read_unlock_bh(&idev->lock);
4852 *p_ip_idx = ip_idx;
4853 return err;
4854 }
4855
4856 static int inet6_dump_addr(struct sk_buff *skb, struct netlink_callback *cb,
4857 enum addr_type_t type)
4858 {
4859 struct net *net = sock_net(skb->sk);
4860 int h, s_h;
4861 int idx, ip_idx;
4862 int s_idx, s_ip_idx;
4863 struct net_device *dev;
4864 struct inet6_dev *idev;
4865 struct hlist_head *head;
4866
4867 s_h = cb->args[0];
4868 s_idx = idx = cb->args[1];
4869 s_ip_idx = ip_idx = cb->args[2];
4870
4871 rcu_read_lock();
4872 cb->seq = atomic_read(&net->ipv6.dev_addr_genid) ^ net->dev_base_seq;
4873 for (h = s_h; h < NETDEV_HASHENTRIES; h++, s_idx = 0) {
4874 idx = 0;
4875 head = &net->dev_index_head[h];
4876 hlist_for_each_entry_rcu(dev, head, index_hlist) {
4877 if (idx < s_idx)
4878 goto cont;
4879 if (h > s_h || idx > s_idx)
4880 s_ip_idx = 0;
4881 ip_idx = 0;
4882 idev = __in6_dev_get(dev);
4883 if (!idev)
4884 goto cont;
4885
4886 if (in6_dump_addrs(idev, skb, cb, type,
4887 s_ip_idx, &ip_idx) < 0)
4888 goto done;
4889 cont:
4890 idx++;
4891 }
4892 }
4893 done:
4894 rcu_read_unlock();
4895 cb->args[0] = h;
4896 cb->args[1] = idx;
4897 cb->args[2] = ip_idx;
4898
4899 return skb->len;
4900 }
4901
4902 static int inet6_dump_ifaddr(struct sk_buff *skb, struct netlink_callback *cb)
4903 {
4904 enum addr_type_t type = UNICAST_ADDR;
4905
4906 return inet6_dump_addr(skb, cb, type);
4907 }
4908
4909 static int inet6_dump_ifmcaddr(struct sk_buff *skb, struct netlink_callback *cb)
4910 {
4911 enum addr_type_t type = MULTICAST_ADDR;
4912
4913 return inet6_dump_addr(skb, cb, type);
4914 }
4915
4916
4917 static int inet6_dump_ifacaddr(struct sk_buff *skb, struct netlink_callback *cb)
4918 {
4919 enum addr_type_t type = ANYCAST_ADDR;
4920
4921 return inet6_dump_addr(skb, cb, type);
4922 }
4923
4924 static int inet6_rtm_getaddr(struct sk_buff *in_skb, struct nlmsghdr *nlh,
4925 struct netlink_ext_ack *extack)
4926 {
4927 struct net *net = sock_net(in_skb->sk);
4928 struct ifaddrmsg *ifm;
4929 struct nlattr *tb[IFA_MAX+1];
4930 struct in6_addr *addr = NULL, *peer;
4931 struct net_device *dev = NULL;
4932 struct inet6_ifaddr *ifa;
4933 struct sk_buff *skb;
4934 int err;
4935
4936 err = nlmsg_parse(nlh, sizeof(*ifm), tb, IFA_MAX, ifa_ipv6_policy,
4937 extack);
4938 if (err < 0)
4939 goto errout;
4940
4941 addr = extract_addr(tb[IFA_ADDRESS], tb[IFA_LOCAL], &peer);
4942 if (!addr) {
4943 err = -EINVAL;
4944 goto errout;
4945 }
4946
4947 ifm = nlmsg_data(nlh);
4948 if (ifm->ifa_index)
4949 dev = __dev_get_by_index(net, ifm->ifa_index);
4950
4951 ifa = ipv6_get_ifaddr(net, addr, dev, 1);
4952 if (!ifa) {
4953 err = -EADDRNOTAVAIL;
4954 goto errout;
4955 }
4956
4957 skb = nlmsg_new(inet6_ifaddr_msgsize(), GFP_KERNEL);
4958 if (!skb) {
4959 err = -ENOBUFS;
4960 goto errout_ifa;
4961 }
4962
4963 err = inet6_fill_ifaddr(skb, ifa, NETLINK_CB(in_skb).portid,
4964 nlh->nlmsg_seq, RTM_NEWADDR, 0);
4965 if (err < 0) {
4966 /* -EMSGSIZE implies BUG in inet6_ifaddr_msgsize() */
4967 WARN_ON(err == -EMSGSIZE);
4968 kfree_skb(skb);
4969 goto errout_ifa;
4970 }
4971 err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).portid);
4972 errout_ifa:
4973 in6_ifa_put(ifa);
4974 errout:
4975 return err;
4976 }
4977
4978 static void inet6_ifa_notify(int event, struct inet6_ifaddr *ifa)
4979 {
4980 struct sk_buff *skb;
4981 struct net *net = dev_net(ifa->idev->dev);
4982 int err = -ENOBUFS;
4983
4984 /* Don't send DELADDR notification for TENTATIVE address,
4985 * since NEWADDR notification is sent only after removing
4986 * TENTATIVE flag, if DAD has not failed.
4987 */
4988 if (ifa->flags & IFA_F_TENTATIVE && !(ifa->flags & IFA_F_DADFAILED) &&
4989 event == RTM_DELADDR)
4990 return;
4991
4992 skb = nlmsg_new(inet6_ifaddr_msgsize(), GFP_ATOMIC);
4993 if (!skb)
4994 goto errout;
4995
4996 err = inet6_fill_ifaddr(skb, ifa, 0, 0, event, 0);
4997 if (err < 0) {
4998 /* -EMSGSIZE implies BUG in inet6_ifaddr_msgsize() */
4999 WARN_ON(err == -EMSGSIZE);
5000 kfree_skb(skb);
5001 goto errout;
5002 }
5003 rtnl_notify(skb, net, 0, RTNLGRP_IPV6_IFADDR, NULL, GFP_ATOMIC);
5004 return;
5005 errout:
5006 if (err < 0)
5007 rtnl_set_sk_err(net, RTNLGRP_IPV6_IFADDR, err);
5008 }
5009
5010 static inline void ipv6_store_devconf(struct ipv6_devconf *cnf,
5011 __s32 *array, int bytes)
5012 {
5013 BUG_ON(bytes < (DEVCONF_MAX * 4));
5014
5015 memset(array, 0, bytes);
5016 array[DEVCONF_FORWARDING] = cnf->forwarding;
5017 array[DEVCONF_HOPLIMIT] = cnf->hop_limit;
5018 array[DEVCONF_MTU6] = cnf->mtu6;
5019 array[DEVCONF_ACCEPT_RA] = cnf->accept_ra;
5020 array[DEVCONF_ACCEPT_REDIRECTS] = cnf->accept_redirects;
5021 array[DEVCONF_AUTOCONF] = cnf->autoconf;
5022 array[DEVCONF_DAD_TRANSMITS] = cnf->dad_transmits;
5023 array[DEVCONF_RTR_SOLICITS] = cnf->rtr_solicits;
5024 array[DEVCONF_RTR_SOLICIT_INTERVAL] =
5025 jiffies_to_msecs(cnf->rtr_solicit_interval);
5026 array[DEVCONF_RTR_SOLICIT_MAX_INTERVAL] =
5027 jiffies_to_msecs(cnf->rtr_solicit_max_interval);
5028 array[DEVCONF_RTR_SOLICIT_DELAY] =
5029 jiffies_to_msecs(cnf->rtr_solicit_delay);
5030 array[DEVCONF_FORCE_MLD_VERSION] = cnf->force_mld_version;
5031 array[DEVCONF_MLDV1_UNSOLICITED_REPORT_INTERVAL] =
5032 jiffies_to_msecs(cnf->mldv1_unsolicited_report_interval);
5033 array[DEVCONF_MLDV2_UNSOLICITED_REPORT_INTERVAL] =
5034 jiffies_to_msecs(cnf->mldv2_unsolicited_report_interval);
5035 array[DEVCONF_USE_TEMPADDR] = cnf->use_tempaddr;
5036 array[DEVCONF_TEMP_VALID_LFT] = cnf->temp_valid_lft;
5037 array[DEVCONF_TEMP_PREFERED_LFT] = cnf->temp_prefered_lft;
5038 array[DEVCONF_REGEN_MAX_RETRY] = cnf->regen_max_retry;
5039 array[DEVCONF_MAX_DESYNC_FACTOR] = cnf->max_desync_factor;
5040 array[DEVCONF_MAX_ADDRESSES] = cnf->max_addresses;
5041 array[DEVCONF_ACCEPT_RA_DEFRTR] = cnf->accept_ra_defrtr;
5042 array[DEVCONF_ACCEPT_RA_MIN_HOP_LIMIT] = cnf->accept_ra_min_hop_limit;
5043 array[DEVCONF_ACCEPT_RA_PINFO] = cnf->accept_ra_pinfo;
5044 #ifdef CONFIG_IPV6_ROUTER_PREF
5045 array[DEVCONF_ACCEPT_RA_RTR_PREF] = cnf->accept_ra_rtr_pref;
5046 array[DEVCONF_RTR_PROBE_INTERVAL] =
5047 jiffies_to_msecs(cnf->rtr_probe_interval);
5048 #ifdef CONFIG_IPV6_ROUTE_INFO
5049 array[DEVCONF_ACCEPT_RA_RT_INFO_MIN_PLEN] = cnf->accept_ra_rt_info_min_plen;
5050 array[DEVCONF_ACCEPT_RA_RT_INFO_MAX_PLEN] = cnf->accept_ra_rt_info_max_plen;
5051 #endif
5052 #endif
5053 array[DEVCONF_PROXY_NDP] = cnf->proxy_ndp;
5054 array[DEVCONF_ACCEPT_SOURCE_ROUTE] = cnf->accept_source_route;
5055 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
5056 array[DEVCONF_OPTIMISTIC_DAD] = cnf->optimistic_dad;
5057 array[DEVCONF_USE_OPTIMISTIC] = cnf->use_optimistic;
5058 #endif
5059 #ifdef CONFIG_IPV6_MROUTE
5060 array[DEVCONF_MC_FORWARDING] = cnf->mc_forwarding;
5061 #endif
5062 array[DEVCONF_DISABLE_IPV6] = cnf->disable_ipv6;
5063 array[DEVCONF_ACCEPT_DAD] = cnf->accept_dad;
5064 array[DEVCONF_FORCE_TLLAO] = cnf->force_tllao;
5065 array[DEVCONF_NDISC_NOTIFY] = cnf->ndisc_notify;
5066 array[DEVCONF_SUPPRESS_FRAG_NDISC] = cnf->suppress_frag_ndisc;
5067 array[DEVCONF_ACCEPT_RA_FROM_LOCAL] = cnf->accept_ra_from_local;
5068 array[DEVCONF_ACCEPT_RA_MTU] = cnf->accept_ra_mtu;
5069 array[DEVCONF_IGNORE_ROUTES_WITH_LINKDOWN] = cnf->ignore_routes_with_linkdown;
5070 /* we omit DEVCONF_STABLE_SECRET for now */
5071 array[DEVCONF_USE_OIF_ADDRS_ONLY] = cnf->use_oif_addrs_only;
5072 array[DEVCONF_DROP_UNICAST_IN_L2_MULTICAST] = cnf->drop_unicast_in_l2_multicast;
5073 array[DEVCONF_DROP_UNSOLICITED_NA] = cnf->drop_unsolicited_na;
5074 array[DEVCONF_KEEP_ADDR_ON_DOWN] = cnf->keep_addr_on_down;
5075 array[DEVCONF_SEG6_ENABLED] = cnf->seg6_enabled;
5076 #ifdef CONFIG_IPV6_SEG6_HMAC
5077 array[DEVCONF_SEG6_REQUIRE_HMAC] = cnf->seg6_require_hmac;
5078 #endif
5079 array[DEVCONF_ENHANCED_DAD] = cnf->enhanced_dad;
5080 array[DEVCONF_ADDR_GEN_MODE] = cnf->addr_gen_mode;
5081 array[DEVCONF_DISABLE_POLICY] = cnf->disable_policy;
5082 }
5083
5084 static inline size_t inet6_ifla6_size(void)
5085 {
5086 return nla_total_size(4) /* IFLA_INET6_FLAGS */
5087 + nla_total_size(sizeof(struct ifla_cacheinfo))
5088 + nla_total_size(DEVCONF_MAX * 4) /* IFLA_INET6_CONF */
5089 + nla_total_size(IPSTATS_MIB_MAX * 8) /* IFLA_INET6_STATS */
5090 + nla_total_size(ICMP6_MIB_MAX * 8) /* IFLA_INET6_ICMP6STATS */
5091 + nla_total_size(sizeof(struct in6_addr)); /* IFLA_INET6_TOKEN */
5092 }
5093
5094 static inline size_t inet6_if_nlmsg_size(void)
5095 {
5096 return NLMSG_ALIGN(sizeof(struct ifinfomsg))
5097 + nla_total_size(IFNAMSIZ) /* IFLA_IFNAME */
5098 + nla_total_size(MAX_ADDR_LEN) /* IFLA_ADDRESS */
5099 + nla_total_size(4) /* IFLA_MTU */
5100 + nla_total_size(4) /* IFLA_LINK */
5101 + nla_total_size(1) /* IFLA_OPERSTATE */
5102 + nla_total_size(inet6_ifla6_size()); /* IFLA_PROTINFO */
5103 }
5104
5105 static inline void __snmp6_fill_statsdev(u64 *stats, atomic_long_t *mib,
5106 int bytes)
5107 {
5108 int i;
5109 int pad = bytes - sizeof(u64) * ICMP6_MIB_MAX;
5110 BUG_ON(pad < 0);
5111
5112 /* Use put_unaligned() because stats may not be aligned for u64. */
5113 put_unaligned(ICMP6_MIB_MAX, &stats[0]);
5114 for (i = 1; i < ICMP6_MIB_MAX; i++)
5115 put_unaligned(atomic_long_read(&mib[i]), &stats[i]);
5116
5117 memset(&stats[ICMP6_MIB_MAX], 0, pad);
5118 }
5119
5120 static inline void __snmp6_fill_stats64(u64 *stats, void __percpu *mib,
5121 int bytes, size_t syncpoff)
5122 {
5123 int i, c;
5124 u64 buff[IPSTATS_MIB_MAX];
5125 int pad = bytes - sizeof(u64) * IPSTATS_MIB_MAX;
5126
5127 BUG_ON(pad < 0);
5128
5129 memset(buff, 0, sizeof(buff));
5130 buff[0] = IPSTATS_MIB_MAX;
5131
5132 for_each_possible_cpu(c) {
5133 for (i = 1; i < IPSTATS_MIB_MAX; i++)
5134 buff[i] += snmp_get_cpu_field64(mib, c, i, syncpoff);
5135 }
5136
5137 memcpy(stats, buff, IPSTATS_MIB_MAX * sizeof(u64));
5138 memset(&stats[IPSTATS_MIB_MAX], 0, pad);
5139 }
5140
5141 static void snmp6_fill_stats(u64 *stats, struct inet6_dev *idev, int attrtype,
5142 int bytes)
5143 {
5144 switch (attrtype) {
5145 case IFLA_INET6_STATS:
5146 __snmp6_fill_stats64(stats, idev->stats.ipv6, bytes,
5147 offsetof(struct ipstats_mib, syncp));
5148 break;
5149 case IFLA_INET6_ICMP6STATS:
5150 __snmp6_fill_statsdev(stats, idev->stats.icmpv6dev->mibs, bytes);
5151 break;
5152 }
5153 }
5154
5155 static int inet6_fill_ifla6_attrs(struct sk_buff *skb, struct inet6_dev *idev,
5156 u32 ext_filter_mask)
5157 {
5158 struct nlattr *nla;
5159 struct ifla_cacheinfo ci;
5160
5161 if (nla_put_u32(skb, IFLA_INET6_FLAGS, idev->if_flags))
5162 goto nla_put_failure;
5163 ci.max_reasm_len = IPV6_MAXPLEN;
5164 ci.tstamp = cstamp_delta(idev->tstamp);
5165 ci.reachable_time = jiffies_to_msecs(idev->nd_parms->reachable_time);
5166 ci.retrans_time = jiffies_to_msecs(NEIGH_VAR(idev->nd_parms, RETRANS_TIME));
5167 if (nla_put(skb, IFLA_INET6_CACHEINFO, sizeof(ci), &ci))
5168 goto nla_put_failure;
5169 nla = nla_reserve(skb, IFLA_INET6_CONF, DEVCONF_MAX * sizeof(s32));
5170 if (!nla)
5171 goto nla_put_failure;
5172 ipv6_store_devconf(&idev->cnf, nla_data(nla), nla_len(nla));
5173
5174 /* XXX - MC not implemented */
5175
5176 if (ext_filter_mask & RTEXT_FILTER_SKIP_STATS)
5177 return 0;
5178
5179 nla = nla_reserve(skb, IFLA_INET6_STATS, IPSTATS_MIB_MAX * sizeof(u64));
5180 if (!nla)
5181 goto nla_put_failure;
5182 snmp6_fill_stats(nla_data(nla), idev, IFLA_INET6_STATS, nla_len(nla));
5183
5184 nla = nla_reserve(skb, IFLA_INET6_ICMP6STATS, ICMP6_MIB_MAX * sizeof(u64));
5185 if (!nla)
5186 goto nla_put_failure;
5187 snmp6_fill_stats(nla_data(nla), idev, IFLA_INET6_ICMP6STATS, nla_len(nla));
5188
5189 nla = nla_reserve(skb, IFLA_INET6_TOKEN, sizeof(struct in6_addr));
5190 if (!nla)
5191 goto nla_put_failure;
5192
5193 if (nla_put_u8(skb, IFLA_INET6_ADDR_GEN_MODE, idev->cnf.addr_gen_mode))
5194 goto nla_put_failure;
5195
5196 read_lock_bh(&idev->lock);
5197 memcpy(nla_data(nla), idev->token.s6_addr, nla_len(nla));
5198 read_unlock_bh(&idev->lock);
5199
5200 return 0;
5201
5202 nla_put_failure:
5203 return -EMSGSIZE;
5204 }
5205
5206 static size_t inet6_get_link_af_size(const struct net_device *dev,
5207 u32 ext_filter_mask)
5208 {
5209 if (!__in6_dev_get(dev))
5210 return 0;
5211
5212 return inet6_ifla6_size();
5213 }
5214
5215 static int inet6_fill_link_af(struct sk_buff *skb, const struct net_device *dev,
5216 u32 ext_filter_mask)
5217 {
5218 struct inet6_dev *idev = __in6_dev_get(dev);
5219
5220 if (!idev)
5221 return -ENODATA;
5222
5223 if (inet6_fill_ifla6_attrs(skb, idev, ext_filter_mask) < 0)
5224 return -EMSGSIZE;
5225
5226 return 0;
5227 }
5228
5229 static int inet6_set_iftoken(struct inet6_dev *idev, struct in6_addr *token)
5230 {
5231 struct inet6_ifaddr *ifp;
5232 struct net_device *dev = idev->dev;
5233 bool clear_token, update_rs = false;
5234 struct in6_addr ll_addr;
5235
5236 ASSERT_RTNL();
5237
5238 if (!token)
5239 return -EINVAL;
5240 if (dev->flags & (IFF_LOOPBACK | IFF_NOARP))
5241 return -EINVAL;
5242 if (!ipv6_accept_ra(idev))
5243 return -EINVAL;
5244 if (idev->cnf.rtr_solicits == 0)
5245 return -EINVAL;
5246
5247 write_lock_bh(&idev->lock);
5248
5249 BUILD_BUG_ON(sizeof(token->s6_addr) != 16);
5250 memcpy(idev->token.s6_addr + 8, token->s6_addr + 8, 8);
5251
5252 write_unlock_bh(&idev->lock);
5253
5254 clear_token = ipv6_addr_any(token);
5255 if (clear_token)
5256 goto update_lft;
5257
5258 if (!idev->dead && (idev->if_flags & IF_READY) &&
5259 !ipv6_get_lladdr(dev, &ll_addr, IFA_F_TENTATIVE |
5260 IFA_F_OPTIMISTIC)) {
5261 /* If we're not ready, then normal ifup will take care
5262 * of this. Otherwise, we need to request our rs here.
5263 */
5264 ndisc_send_rs(dev, &ll_addr, &in6addr_linklocal_allrouters);
5265 update_rs = true;
5266 }
5267
5268 update_lft:
5269 write_lock_bh(&idev->lock);
5270
5271 if (update_rs) {
5272 idev->if_flags |= IF_RS_SENT;
5273 idev->rs_interval = rfc3315_s14_backoff_init(
5274 idev->cnf.rtr_solicit_interval);
5275 idev->rs_probes = 1;
5276 addrconf_mod_rs_timer(idev, idev->rs_interval);
5277 }
5278
5279 /* Well, that's kinda nasty ... */
5280 list_for_each_entry(ifp, &idev->addr_list, if_list) {
5281 spin_lock(&ifp->lock);
5282 if (ifp->tokenized) {
5283 ifp->valid_lft = 0;
5284 ifp->prefered_lft = 0;
5285 }
5286 spin_unlock(&ifp->lock);
5287 }
5288
5289 write_unlock_bh(&idev->lock);
5290 inet6_ifinfo_notify(RTM_NEWLINK, idev);
5291 addrconf_verify_rtnl();
5292 return 0;
5293 }
5294
5295 static const struct nla_policy inet6_af_policy[IFLA_INET6_MAX + 1] = {
5296 [IFLA_INET6_ADDR_GEN_MODE] = { .type = NLA_U8 },
5297 [IFLA_INET6_TOKEN] = { .len = sizeof(struct in6_addr) },
5298 };
5299
5300 static int inet6_validate_link_af(const struct net_device *dev,
5301 const struct nlattr *nla)
5302 {
5303 struct nlattr *tb[IFLA_INET6_MAX + 1];
5304
5305 if (dev && !__in6_dev_get(dev))
5306 return -EAFNOSUPPORT;
5307
5308 return nla_parse_nested(tb, IFLA_INET6_MAX, nla, inet6_af_policy,
5309 NULL);
5310 }
5311
5312 static int check_addr_gen_mode(int mode)
5313 {
5314 if (mode != IN6_ADDR_GEN_MODE_EUI64 &&
5315 mode != IN6_ADDR_GEN_MODE_NONE &&
5316 mode != IN6_ADDR_GEN_MODE_STABLE_PRIVACY &&
5317 mode != IN6_ADDR_GEN_MODE_RANDOM)
5318 return -EINVAL;
5319 return 1;
5320 }
5321
5322 static int check_stable_privacy(struct inet6_dev *idev, struct net *net,
5323 int mode)
5324 {
5325 if (mode == IN6_ADDR_GEN_MODE_STABLE_PRIVACY &&
5326 !idev->cnf.stable_secret.initialized &&
5327 !net->ipv6.devconf_dflt->stable_secret.initialized)
5328 return -EINVAL;
5329 return 1;
5330 }
5331
5332 static int inet6_set_link_af(struct net_device *dev, const struct nlattr *nla)
5333 {
5334 int err = -EINVAL;
5335 struct inet6_dev *idev = __in6_dev_get(dev);
5336 struct nlattr *tb[IFLA_INET6_MAX + 1];
5337
5338 if (!idev)
5339 return -EAFNOSUPPORT;
5340
5341 if (nla_parse_nested(tb, IFLA_INET6_MAX, nla, NULL, NULL) < 0)
5342 BUG();
5343
5344 if (tb[IFLA_INET6_TOKEN]) {
5345 err = inet6_set_iftoken(idev, nla_data(tb[IFLA_INET6_TOKEN]));
5346 if (err)
5347 return err;
5348 }
5349
5350 if (tb[IFLA_INET6_ADDR_GEN_MODE]) {
5351 u8 mode = nla_get_u8(tb[IFLA_INET6_ADDR_GEN_MODE]);
5352
5353 if (check_addr_gen_mode(mode) < 0 ||
5354 check_stable_privacy(idev, dev_net(dev), mode) < 0)
5355 return -EINVAL;
5356
5357 idev->cnf.addr_gen_mode = mode;
5358 err = 0;
5359 }
5360
5361 return err;
5362 }
5363
5364 static int inet6_fill_ifinfo(struct sk_buff *skb, struct inet6_dev *idev,
5365 u32 portid, u32 seq, int event, unsigned int flags)
5366 {
5367 struct net_device *dev = idev->dev;
5368 struct ifinfomsg *hdr;
5369 struct nlmsghdr *nlh;
5370 void *protoinfo;
5371
5372 nlh = nlmsg_put(skb, portid, seq, event, sizeof(*hdr), flags);
5373 if (!nlh)
5374 return -EMSGSIZE;
5375
5376 hdr = nlmsg_data(nlh);
5377 hdr->ifi_family = AF_INET6;
5378 hdr->__ifi_pad = 0;
5379 hdr->ifi_type = dev->type;
5380 hdr->ifi_index = dev->ifindex;
5381 hdr->ifi_flags = dev_get_flags(dev);
5382 hdr->ifi_change = 0;
5383
5384 if (nla_put_string(skb, IFLA_IFNAME, dev->name) ||
5385 (dev->addr_len &&
5386 nla_put(skb, IFLA_ADDRESS, dev->addr_len, dev->dev_addr)) ||
5387 nla_put_u32(skb, IFLA_MTU, dev->mtu) ||
5388 (dev->ifindex != dev_get_iflink(dev) &&
5389 nla_put_u32(skb, IFLA_LINK, dev_get_iflink(dev))) ||
5390 nla_put_u8(skb, IFLA_OPERSTATE,
5391 netif_running(dev) ? dev->operstate : IF_OPER_DOWN))
5392 goto nla_put_failure;
5393 protoinfo = nla_nest_start(skb, IFLA_PROTINFO);
5394 if (!protoinfo)
5395 goto nla_put_failure;
5396
5397 if (inet6_fill_ifla6_attrs(skb, idev, 0) < 0)
5398 goto nla_put_failure;
5399
5400 nla_nest_end(skb, protoinfo);
5401 nlmsg_end(skb, nlh);
5402 return 0;
5403
5404 nla_put_failure:
5405 nlmsg_cancel(skb, nlh);
5406 return -EMSGSIZE;
5407 }
5408
5409 static int inet6_dump_ifinfo(struct sk_buff *skb, struct netlink_callback *cb)
5410 {
5411 struct net *net = sock_net(skb->sk);
5412 int h, s_h;
5413 int idx = 0, s_idx;
5414 struct net_device *dev;
5415 struct inet6_dev *idev;
5416 struct hlist_head *head;
5417
5418 s_h = cb->args[0];
5419 s_idx = cb->args[1];
5420
5421 rcu_read_lock();
5422 for (h = s_h; h < NETDEV_HASHENTRIES; h++, s_idx = 0) {
5423 idx = 0;
5424 head = &net->dev_index_head[h];
5425 hlist_for_each_entry_rcu(dev, head, index_hlist) {
5426 if (idx < s_idx)
5427 goto cont;
5428 idev = __in6_dev_get(dev);
5429 if (!idev)
5430 goto cont;
5431 if (inet6_fill_ifinfo(skb, idev,
5432 NETLINK_CB(cb->skb).portid,
5433 cb->nlh->nlmsg_seq,
5434 RTM_NEWLINK, NLM_F_MULTI) < 0)
5435 goto out;
5436 cont:
5437 idx++;
5438 }
5439 }
5440 out:
5441 rcu_read_unlock();
5442 cb->args[1] = idx;
5443 cb->args[0] = h;
5444
5445 return skb->len;
5446 }
5447
5448 void inet6_ifinfo_notify(int event, struct inet6_dev *idev)
5449 {
5450 struct sk_buff *skb;
5451 struct net *net = dev_net(idev->dev);
5452 int err = -ENOBUFS;
5453
5454 skb = nlmsg_new(inet6_if_nlmsg_size(), GFP_ATOMIC);
5455 if (!skb)
5456 goto errout;
5457
5458 err = inet6_fill_ifinfo(skb, idev, 0, 0, event, 0);
5459 if (err < 0) {
5460 /* -EMSGSIZE implies BUG in inet6_if_nlmsg_size() */
5461 WARN_ON(err == -EMSGSIZE);
5462 kfree_skb(skb);
5463 goto errout;
5464 }
5465 rtnl_notify(skb, net, 0, RTNLGRP_IPV6_IFINFO, NULL, GFP_ATOMIC);
5466 return;
5467 errout:
5468 if (err < 0)
5469 rtnl_set_sk_err(net, RTNLGRP_IPV6_IFINFO, err);
5470 }
5471
5472 static inline size_t inet6_prefix_nlmsg_size(void)
5473 {
5474 return NLMSG_ALIGN(sizeof(struct prefixmsg))
5475 + nla_total_size(sizeof(struct in6_addr))
5476 + nla_total_size(sizeof(struct prefix_cacheinfo));
5477 }
5478
5479 static int inet6_fill_prefix(struct sk_buff *skb, struct inet6_dev *idev,
5480 struct prefix_info *pinfo, u32 portid, u32 seq,
5481 int event, unsigned int flags)
5482 {
5483 struct prefixmsg *pmsg;
5484 struct nlmsghdr *nlh;
5485 struct prefix_cacheinfo ci;
5486
5487 nlh = nlmsg_put(skb, portid, seq, event, sizeof(*pmsg), flags);
5488 if (!nlh)
5489 return -EMSGSIZE;
5490
5491 pmsg = nlmsg_data(nlh);
5492 pmsg->prefix_family = AF_INET6;
5493 pmsg->prefix_pad1 = 0;
5494 pmsg->prefix_pad2 = 0;
5495 pmsg->prefix_ifindex = idev->dev->ifindex;
5496 pmsg->prefix_len = pinfo->prefix_len;
5497 pmsg->prefix_type = pinfo->type;
5498 pmsg->prefix_pad3 = 0;
5499 pmsg->prefix_flags = 0;
5500 if (pinfo->onlink)
5501 pmsg->prefix_flags |= IF_PREFIX_ONLINK;
5502 if (pinfo->autoconf)
5503 pmsg->prefix_flags |= IF_PREFIX_AUTOCONF;
5504
5505 if (nla_put(skb, PREFIX_ADDRESS, sizeof(pinfo->prefix), &pinfo->prefix))
5506 goto nla_put_failure;
5507 ci.preferred_time = ntohl(pinfo->prefered);
5508 ci.valid_time = ntohl(pinfo->valid);
5509 if (nla_put(skb, PREFIX_CACHEINFO, sizeof(ci), &ci))
5510 goto nla_put_failure;
5511 nlmsg_end(skb, nlh);
5512 return 0;
5513
5514 nla_put_failure:
5515 nlmsg_cancel(skb, nlh);
5516 return -EMSGSIZE;
5517 }
5518
5519 static void inet6_prefix_notify(int event, struct inet6_dev *idev,
5520 struct prefix_info *pinfo)
5521 {
5522 struct sk_buff *skb;
5523 struct net *net = dev_net(idev->dev);
5524 int err = -ENOBUFS;
5525
5526 skb = nlmsg_new(inet6_prefix_nlmsg_size(), GFP_ATOMIC);
5527 if (!skb)
5528 goto errout;
5529
5530 err = inet6_fill_prefix(skb, idev, pinfo, 0, 0, event, 0);
5531 if (err < 0) {
5532 /* -EMSGSIZE implies BUG in inet6_prefix_nlmsg_size() */
5533 WARN_ON(err == -EMSGSIZE);
5534 kfree_skb(skb);
5535 goto errout;
5536 }
5537 rtnl_notify(skb, net, 0, RTNLGRP_IPV6_PREFIX, NULL, GFP_ATOMIC);
5538 return;
5539 errout:
5540 if (err < 0)
5541 rtnl_set_sk_err(net, RTNLGRP_IPV6_PREFIX, err);
5542 }
5543
5544 static void __ipv6_ifa_notify(int event, struct inet6_ifaddr *ifp)
5545 {
5546 struct net *net = dev_net(ifp->idev->dev);
5547
5548 if (event)
5549 ASSERT_RTNL();
5550
5551 inet6_ifa_notify(event ? : RTM_NEWADDR, ifp);
5552
5553 switch (event) {
5554 case RTM_NEWADDR:
5555 /*
5556 * If the address was optimistic
5557 * we inserted the route at the start of
5558 * our DAD process, so we don't need
5559 * to do it again
5560 */
5561 if (!rcu_access_pointer(ifp->rt->rt6i_node))
5562 ip6_ins_rt(ifp->rt);
5563 if (ifp->idev->cnf.forwarding)
5564 addrconf_join_anycast(ifp);
5565 if (!ipv6_addr_any(&ifp->peer_addr))
5566 addrconf_prefix_route(&ifp->peer_addr, 128,
5567 ifp->idev->dev, 0, 0);
5568 break;
5569 case RTM_DELADDR:
5570 if (ifp->idev->cnf.forwarding)
5571 addrconf_leave_anycast(ifp);
5572 addrconf_leave_solict(ifp->idev, &ifp->addr);
5573 if (!ipv6_addr_any(&ifp->peer_addr)) {
5574 struct rt6_info *rt;
5575
5576 rt = addrconf_get_prefix_route(&ifp->peer_addr, 128,
5577 ifp->idev->dev, 0, 0);
5578 if (rt)
5579 ip6_del_rt(rt);
5580 }
5581 if (ifp->rt) {
5582 if (dst_hold_safe(&ifp->rt->dst))
5583 ip6_del_rt(ifp->rt);
5584 }
5585 rt_genid_bump_ipv6(net);
5586 break;
5587 }
5588 atomic_inc(&net->ipv6.dev_addr_genid);
5589 }
5590
5591 static void ipv6_ifa_notify(int event, struct inet6_ifaddr *ifp)
5592 {
5593 rcu_read_lock_bh();
5594 if (likely(ifp->idev->dead == 0))
5595 __ipv6_ifa_notify(event, ifp);
5596 rcu_read_unlock_bh();
5597 }
5598
5599 #ifdef CONFIG_SYSCTL
5600
5601 static
5602 int addrconf_sysctl_forward(struct ctl_table *ctl, int write,
5603 void __user *buffer, size_t *lenp, loff_t *ppos)
5604 {
5605 int *valp = ctl->data;
5606 int val = *valp;
5607 loff_t pos = *ppos;
5608 struct ctl_table lctl;
5609 int ret;
5610
5611 /*
5612 * ctl->data points to idev->cnf.forwarding, we should
5613 * not modify it until we get the rtnl lock.
5614 */
5615 lctl = *ctl;
5616 lctl.data = &val;
5617
5618 ret = proc_dointvec(&lctl, write, buffer, lenp, ppos);
5619
5620 if (write)
5621 ret = addrconf_fixup_forwarding(ctl, valp, val);
5622 if (ret)
5623 *ppos = pos;
5624 return ret;
5625 }
5626
5627 static
5628 int addrconf_sysctl_mtu(struct ctl_table *ctl, int write,
5629 void __user *buffer, size_t *lenp, loff_t *ppos)
5630 {
5631 struct inet6_dev *idev = ctl->extra1;
5632 int min_mtu = IPV6_MIN_MTU;
5633 struct ctl_table lctl;
5634
5635 lctl = *ctl;
5636 lctl.extra1 = &min_mtu;
5637 lctl.extra2 = idev ? &idev->dev->mtu : NULL;
5638
5639 return proc_dointvec_minmax(&lctl, write, buffer, lenp, ppos);
5640 }
5641
5642 static void dev_disable_change(struct inet6_dev *idev)
5643 {
5644 struct netdev_notifier_info info;
5645
5646 if (!idev || !idev->dev)
5647 return;
5648
5649 netdev_notifier_info_init(&info, idev->dev);
5650 if (idev->cnf.disable_ipv6)
5651 addrconf_notify(NULL, NETDEV_DOWN, &info);
5652 else
5653 addrconf_notify(NULL, NETDEV_UP, &info);
5654 }
5655
5656 static void addrconf_disable_change(struct net *net, __s32 newf)
5657 {
5658 struct net_device *dev;
5659 struct inet6_dev *idev;
5660
5661 for_each_netdev(net, dev) {
5662 idev = __in6_dev_get(dev);
5663 if (idev) {
5664 int changed = (!idev->cnf.disable_ipv6) ^ (!newf);
5665 idev->cnf.disable_ipv6 = newf;
5666 if (changed)
5667 dev_disable_change(idev);
5668 }
5669 }
5670 }
5671
5672 static int addrconf_disable_ipv6(struct ctl_table *table, int *p, int newf)
5673 {
5674 struct net *net;
5675 int old;
5676
5677 if (!rtnl_trylock())
5678 return restart_syscall();
5679
5680 net = (struct net *)table->extra2;
5681 old = *p;
5682 *p = newf;
5683
5684 if (p == &net->ipv6.devconf_dflt->disable_ipv6) {
5685 rtnl_unlock();
5686 return 0;
5687 }
5688
5689 if (p == &net->ipv6.devconf_all->disable_ipv6) {
5690 net->ipv6.devconf_dflt->disable_ipv6 = newf;
5691 addrconf_disable_change(net, newf);
5692 } else if ((!newf) ^ (!old))
5693 dev_disable_change((struct inet6_dev *)table->extra1);
5694
5695 rtnl_unlock();
5696 return 0;
5697 }
5698
5699 static
5700 int addrconf_sysctl_disable(struct ctl_table *ctl, int write,
5701 void __user *buffer, size_t *lenp, loff_t *ppos)
5702 {
5703 int *valp = ctl->data;
5704 int val = *valp;
5705 loff_t pos = *ppos;
5706 struct ctl_table lctl;
5707 int ret;
5708
5709 /*
5710 * ctl->data points to idev->cnf.disable_ipv6, we should
5711 * not modify it until we get the rtnl lock.
5712 */
5713 lctl = *ctl;
5714 lctl.data = &val;
5715
5716 ret = proc_dointvec(&lctl, write, buffer, lenp, ppos);
5717
5718 if (write)
5719 ret = addrconf_disable_ipv6(ctl, valp, val);
5720 if (ret)
5721 *ppos = pos;
5722 return ret;
5723 }
5724
5725 static
5726 int addrconf_sysctl_proxy_ndp(struct ctl_table *ctl, int write,
5727 void __user *buffer, size_t *lenp, loff_t *ppos)
5728 {
5729 int *valp = ctl->data;
5730 int ret;
5731 int old, new;
5732
5733 old = *valp;
5734 ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
5735 new = *valp;
5736
5737 if (write && old != new) {
5738 struct net *net = ctl->extra2;
5739
5740 if (!rtnl_trylock())
5741 return restart_syscall();
5742
5743 if (valp == &net->ipv6.devconf_dflt->proxy_ndp)
5744 inet6_netconf_notify_devconf(net, RTM_NEWNETCONF,
5745 NETCONFA_PROXY_NEIGH,
5746 NETCONFA_IFINDEX_DEFAULT,
5747 net->ipv6.devconf_dflt);
5748 else if (valp == &net->ipv6.devconf_all->proxy_ndp)
5749 inet6_netconf_notify_devconf(net, RTM_NEWNETCONF,
5750 NETCONFA_PROXY_NEIGH,
5751 NETCONFA_IFINDEX_ALL,
5752 net->ipv6.devconf_all);
5753 else {
5754 struct inet6_dev *idev = ctl->extra1;
5755
5756 inet6_netconf_notify_devconf(net, RTM_NEWNETCONF,
5757 NETCONFA_PROXY_NEIGH,
5758 idev->dev->ifindex,
5759 &idev->cnf);
5760 }
5761 rtnl_unlock();
5762 }
5763
5764 return ret;
5765 }
5766
5767 static int addrconf_sysctl_addr_gen_mode(struct ctl_table *ctl, int write,
5768 void __user *buffer, size_t *lenp,
5769 loff_t *ppos)
5770 {
5771 int ret = 0;
5772 int new_val;
5773 struct inet6_dev *idev = (struct inet6_dev *)ctl->extra1;
5774 struct net *net = (struct net *)ctl->extra2;
5775
5776 if (!rtnl_trylock())
5777 return restart_syscall();
5778
5779 ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
5780
5781 if (write) {
5782 new_val = *((int *)ctl->data);
5783
5784 if (check_addr_gen_mode(new_val) < 0) {
5785 ret = -EINVAL;
5786 goto out;
5787 }
5788
5789 /* request for default */
5790 if (&net->ipv6.devconf_dflt->addr_gen_mode == ctl->data) {
5791 ipv6_devconf_dflt.addr_gen_mode = new_val;
5792
5793 /* request for individual net device */
5794 } else {
5795 if (!idev)
5796 goto out;
5797
5798 if (check_stable_privacy(idev, net, new_val) < 0) {
5799 ret = -EINVAL;
5800 goto out;
5801 }
5802
5803 if (idev->cnf.addr_gen_mode != new_val) {
5804 idev->cnf.addr_gen_mode = new_val;
5805 addrconf_dev_config(idev->dev);
5806 }
5807 }
5808 }
5809
5810 out:
5811 rtnl_unlock();
5812
5813 return ret;
5814 }
5815
5816 static int addrconf_sysctl_stable_secret(struct ctl_table *ctl, int write,
5817 void __user *buffer, size_t *lenp,
5818 loff_t *ppos)
5819 {
5820 int err;
5821 struct in6_addr addr;
5822 char str[IPV6_MAX_STRLEN];
5823 struct ctl_table lctl = *ctl;
5824 struct net *net = ctl->extra2;
5825 struct ipv6_stable_secret *secret = ctl->data;
5826
5827 if (&net->ipv6.devconf_all->stable_secret == ctl->data)
5828 return -EIO;
5829
5830 lctl.maxlen = IPV6_MAX_STRLEN;
5831 lctl.data = str;
5832
5833 if (!rtnl_trylock())
5834 return restart_syscall();
5835
5836 if (!write && !secret->initialized) {
5837 err = -EIO;
5838 goto out;
5839 }
5840
5841 err = snprintf(str, sizeof(str), "%pI6", &secret->secret);
5842 if (err >= sizeof(str)) {
5843 err = -EIO;
5844 goto out;
5845 }
5846
5847 err = proc_dostring(&lctl, write, buffer, lenp, ppos);
5848 if (err || !write)
5849 goto out;
5850
5851 if (in6_pton(str, -1, addr.in6_u.u6_addr8, -1, NULL) != 1) {
5852 err = -EIO;
5853 goto out;
5854 }
5855
5856 secret->initialized = true;
5857 secret->secret = addr;
5858
5859 if (&net->ipv6.devconf_dflt->stable_secret == ctl->data) {
5860 struct net_device *dev;
5861
5862 for_each_netdev(net, dev) {
5863 struct inet6_dev *idev = __in6_dev_get(dev);
5864
5865 if (idev) {
5866 idev->cnf.addr_gen_mode =
5867 IN6_ADDR_GEN_MODE_STABLE_PRIVACY;
5868 }
5869 }
5870 } else {
5871 struct inet6_dev *idev = ctl->extra1;
5872
5873 idev->cnf.addr_gen_mode = IN6_ADDR_GEN_MODE_STABLE_PRIVACY;
5874 }
5875
5876 out:
5877 rtnl_unlock();
5878
5879 return err;
5880 }
5881
5882 static
5883 int addrconf_sysctl_ignore_routes_with_linkdown(struct ctl_table *ctl,
5884 int write,
5885 void __user *buffer,
5886 size_t *lenp,
5887 loff_t *ppos)
5888 {
5889 int *valp = ctl->data;
5890 int val = *valp;
5891 loff_t pos = *ppos;
5892 struct ctl_table lctl;
5893 int ret;
5894
5895 /* ctl->data points to idev->cnf.ignore_routes_when_linkdown
5896 * we should not modify it until we get the rtnl lock.
5897 */
5898 lctl = *ctl;
5899 lctl.data = &val;
5900
5901 ret = proc_dointvec(&lctl, write, buffer, lenp, ppos);
5902
5903 if (write)
5904 ret = addrconf_fixup_linkdown(ctl, valp, val);
5905 if (ret)
5906 *ppos = pos;
5907 return ret;
5908 }
5909
5910 static
5911 void addrconf_set_nopolicy(struct rt6_info *rt, int action)
5912 {
5913 if (rt) {
5914 if (action)
5915 rt->dst.flags |= DST_NOPOLICY;
5916 else
5917 rt->dst.flags &= ~DST_NOPOLICY;
5918 }
5919 }
5920
5921 static
5922 void addrconf_disable_policy_idev(struct inet6_dev *idev, int val)
5923 {
5924 struct inet6_ifaddr *ifa;
5925
5926 read_lock_bh(&idev->lock);
5927 list_for_each_entry(ifa, &idev->addr_list, if_list) {
5928 spin_lock(&ifa->lock);
5929 if (ifa->rt) {
5930 struct rt6_info *rt = ifa->rt;
5931 struct fib6_table *table = rt->rt6i_table;
5932 int cpu;
5933
5934 read_lock(&table->tb6_lock);
5935 addrconf_set_nopolicy(ifa->rt, val);
5936 if (rt->rt6i_pcpu) {
5937 for_each_possible_cpu(cpu) {
5938 struct rt6_info **rtp;
5939
5940 rtp = per_cpu_ptr(rt->rt6i_pcpu, cpu);
5941 addrconf_set_nopolicy(*rtp, val);
5942 }
5943 }
5944 read_unlock(&table->tb6_lock);
5945 }
5946 spin_unlock(&ifa->lock);
5947 }
5948 read_unlock_bh(&idev->lock);
5949 }
5950
5951 static
5952 int addrconf_disable_policy(struct ctl_table *ctl, int *valp, int val)
5953 {
5954 struct inet6_dev *idev;
5955 struct net *net;
5956
5957 if (!rtnl_trylock())
5958 return restart_syscall();
5959
5960 *valp = val;
5961
5962 net = (struct net *)ctl->extra2;
5963 if (valp == &net->ipv6.devconf_dflt->disable_policy) {
5964 rtnl_unlock();
5965 return 0;
5966 }
5967
5968 if (valp == &net->ipv6.devconf_all->disable_policy) {
5969 struct net_device *dev;
5970
5971 for_each_netdev(net, dev) {
5972 idev = __in6_dev_get(dev);
5973 if (idev)
5974 addrconf_disable_policy_idev(idev, val);
5975 }
5976 } else {
5977 idev = (struct inet6_dev *)ctl->extra1;
5978 addrconf_disable_policy_idev(idev, val);
5979 }
5980
5981 rtnl_unlock();
5982 return 0;
5983 }
5984
5985 static
5986 int addrconf_sysctl_disable_policy(struct ctl_table *ctl, int write,
5987 void __user *buffer, size_t *lenp,
5988 loff_t *ppos)
5989 {
5990 int *valp = ctl->data;
5991 int val = *valp;
5992 loff_t pos = *ppos;
5993 struct ctl_table lctl;
5994 int ret;
5995
5996 lctl = *ctl;
5997 lctl.data = &val;
5998 ret = proc_dointvec(&lctl, write, buffer, lenp, ppos);
5999
6000 if (write && (*valp != val))
6001 ret = addrconf_disable_policy(ctl, valp, val);
6002
6003 if (ret)
6004 *ppos = pos;
6005
6006 return ret;
6007 }
6008
6009 static int minus_one = -1;
6010 static const int one = 1;
6011 static const int two_five_five = 255;
6012
6013 static const struct ctl_table addrconf_sysctl[] = {
6014 {
6015 .procname = "forwarding",
6016 .data = &ipv6_devconf.forwarding,
6017 .maxlen = sizeof(int),
6018 .mode = 0644,
6019 .proc_handler = addrconf_sysctl_forward,
6020 },
6021 {
6022 .procname = "hop_limit",