]> git.proxmox.com Git - mirror_ubuntu-focal-kernel.git/blob - net/ipv6/route.c
projects / mirror_ubuntu-focal-kernel.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
rtnetlink: Compute and store minimum ifinfo dump size
[mirror_ubuntu-focal-kernel.git] / net / ipv6 / route.c
1 /*
2 * Linux INET6 implementation
3 * FIB front-end.
4 *
5 * Authors:
6 * Pedro Roque <roque@di.fc.ul.pt>
7 *
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public License
10 * as published by the Free Software Foundation; either version
11 * 2 of the License, or (at your option) any later version.
12 */
13
14 /* Changes:
15 *
16 * YOSHIFUJI Hideaki @USAGI
17 * reworked default router selection.
18 * - respect outgoing interface
19 * - select from (probably) reachable routers (i.e.
20 * routers in REACHABLE, STALE, DELAY or PROBE states).
21 * - always select the same router if it is (probably)
22 * reachable. otherwise, round-robin the list.
23 * Ville Nuorvala
24 * Fixed routing subtrees.
25 */
26
27 #include <linux/capability.h>
28 #include <linux/errno.h>
29 #include <linux/types.h>
30 #include <linux/times.h>
31 #include <linux/socket.h>
32 #include <linux/sockios.h>
33 #include <linux/net.h>
34 #include <linux/route.h>
35 #include <linux/netdevice.h>
36 #include <linux/in6.h>
37 #include <linux/mroute6.h>
38 #include <linux/init.h>
39 #include <linux/if_arp.h>
40 #include <linux/proc_fs.h>
41 #include <linux/seq_file.h>
42 #include <linux/nsproxy.h>
43 #include <linux/slab.h>
44 #include <net/net_namespace.h>
45 #include <net/snmp.h>
46 #include <net/ipv6.h>
47 #include <net/ip6_fib.h>
48 #include <net/ip6_route.h>
49 #include <net/ndisc.h>
50 #include <net/addrconf.h>
51 #include <net/tcp.h>
52 #include <linux/rtnetlink.h>
53 #include <net/dst.h>
54 #include <net/xfrm.h>
55 #include <net/netevent.h>
56 #include <net/netlink.h>
57
58 #include <asm/uaccess.h>
59
60 #ifdef CONFIG_SYSCTL
61 #include <linux/sysctl.h>
62 #endif
63
64 /* Set to 3 to get tracing. */
65 #define RT6_DEBUG 2
66
67 #if RT6_DEBUG >= 3
68 #define RDBG(x) printk x
69 #define RT6_TRACE(x...) printk(KERN_DEBUG x)
70 #else
71 #define RDBG(x)
72 #define RT6_TRACE(x...) do { ; } while (0)
73 #endif
74
75 static struct rt6_info * ip6_rt_copy(struct rt6_info *ort);
76 static struct dst_entry *ip6_dst_check(struct dst_entry *dst, u32 cookie);
77 static unsigned int ip6_default_advmss(const struct dst_entry *dst);
78 static unsigned int ip6_default_mtu(const struct dst_entry *dst);
79 static struct dst_entry *ip6_negative_advice(struct dst_entry *);
80 static void ip6_dst_destroy(struct dst_entry *);
81 static void ip6_dst_ifdown(struct dst_entry *,
82 struct net_device *dev, int how);
83 static int ip6_dst_gc(struct dst_ops *ops);
84
85 static int ip6_pkt_discard(struct sk_buff *skb);
86 static int ip6_pkt_discard_out(struct sk_buff *skb);
87 static void ip6_link_failure(struct sk_buff *skb);
88 static void ip6_rt_update_pmtu(struct dst_entry *dst, u32 mtu);
89
90 #ifdef CONFIG_IPV6_ROUTE_INFO
91 static struct rt6_info *rt6_add_route_info(struct net *net,
92 const struct in6_addr *prefix, int prefixlen,
93 const struct in6_addr *gwaddr, int ifindex,
94 unsigned pref);
95 static struct rt6_info *rt6_get_route_info(struct net *net,
96 const struct in6_addr *prefix, int prefixlen,
97 const struct in6_addr *gwaddr, int ifindex);
98 #endif
99
100 static u32 *ipv6_cow_metrics(struct dst_entry *dst, unsigned long old)
101 {
102 struct rt6_info *rt = (struct rt6_info *) dst;
103 struct inet_peer *peer;
104 u32 *p = NULL;
105
106 if (!rt->rt6i_peer)
107 rt6_bind_peer(rt, 1);
108
109 peer = rt->rt6i_peer;
110 if (peer) {
111 u32 *old_p = __DST_METRICS_PTR(old);
112 unsigned long prev, new;
113
114 p = peer->metrics;
115 if (inet_metrics_new(peer))
116 memcpy(p, old_p, sizeof(u32) * RTAX_MAX);
117
118 new = (unsigned long) p;
119 prev = cmpxchg(&dst->_metrics, old, new);
120
121 if (prev != old) {
122 p = __DST_METRICS_PTR(prev);
123 if (prev & DST_METRICS_READ_ONLY)
124 p = NULL;
125 }
126 }
127 return p;
128 }
129
130 static struct dst_ops ip6_dst_ops_template = {
131 .family = AF_INET6,
132 .protocol = cpu_to_be16(ETH_P_IPV6),
133 .gc = ip6_dst_gc,
134 .gc_thresh = 1024,
135 .check = ip6_dst_check,
136 .default_advmss = ip6_default_advmss,
137 .default_mtu = ip6_default_mtu,
138 .cow_metrics = ipv6_cow_metrics,
139 .destroy = ip6_dst_destroy,
140 .ifdown = ip6_dst_ifdown,
141 .negative_advice = ip6_negative_advice,
142 .link_failure = ip6_link_failure,
143 .update_pmtu = ip6_rt_update_pmtu,
144 .local_out = __ip6_local_out,
145 };
146
147 static unsigned int ip6_blackhole_default_mtu(const struct dst_entry *dst)
148 {
149 return 0;
150 }
151
152 static void ip6_rt_blackhole_update_pmtu(struct dst_entry *dst, u32 mtu)
153 {
154 }
155
156 static u32 *ip6_rt_blackhole_cow_metrics(struct dst_entry *dst,
157 unsigned long old)
158 {
159 return NULL;
160 }
161
162 static struct dst_ops ip6_dst_blackhole_ops = {
163 .family = AF_INET6,
164 .protocol = cpu_to_be16(ETH_P_IPV6),
165 .destroy = ip6_dst_destroy,
166 .check = ip6_dst_check,
167 .default_mtu = ip6_blackhole_default_mtu,
168 .default_advmss = ip6_default_advmss,
169 .update_pmtu = ip6_rt_blackhole_update_pmtu,
170 .cow_metrics = ip6_rt_blackhole_cow_metrics,
171 };
172
173 static const u32 ip6_template_metrics[RTAX_MAX] = {
174 [RTAX_HOPLIMIT - 1] = 255,
175 };
176
177 static struct rt6_info ip6_null_entry_template = {
178 .dst = {
179 .__refcnt = ATOMIC_INIT(1),
180 .__use = 1,
181 .obsolete = -1,
182 .error = -ENETUNREACH,
183 .input = ip6_pkt_discard,
184 .output = ip6_pkt_discard_out,
185 },
186 .rt6i_flags = (RTF_REJECT | RTF_NONEXTHOP),
187 .rt6i_protocol = RTPROT_KERNEL,
188 .rt6i_metric = ~(u32) 0,
189 .rt6i_ref = ATOMIC_INIT(1),
190 };
191
192 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
193
194 static int ip6_pkt_prohibit(struct sk_buff *skb);
195 static int ip6_pkt_prohibit_out(struct sk_buff *skb);
196
197 static struct rt6_info ip6_prohibit_entry_template = {
198 .dst = {
199 .__refcnt = ATOMIC_INIT(1),
200 .__use = 1,
201 .obsolete = -1,
202 .error = -EACCES,
203 .input = ip6_pkt_prohibit,
204 .output = ip6_pkt_prohibit_out,
205 },
206 .rt6i_flags = (RTF_REJECT | RTF_NONEXTHOP),
207 .rt6i_protocol = RTPROT_KERNEL,
208 .rt6i_metric = ~(u32) 0,
209 .rt6i_ref = ATOMIC_INIT(1),
210 };
211
212 static struct rt6_info ip6_blk_hole_entry_template = {
213 .dst = {
214 .__refcnt = ATOMIC_INIT(1),
215 .__use = 1,
216 .obsolete = -1,
217 .error = -EINVAL,
218 .input = dst_discard,
219 .output = dst_discard,
220 },
221 .rt6i_flags = (RTF_REJECT | RTF_NONEXTHOP),
222 .rt6i_protocol = RTPROT_KERNEL,
223 .rt6i_metric = ~(u32) 0,
224 .rt6i_ref = ATOMIC_INIT(1),
225 };
226
227 #endif
228
229 /* allocate dst with ip6_dst_ops */
230 static inline struct rt6_info *ip6_dst_alloc(struct dst_ops *ops,
231 struct net_device *dev)
232 {
233 struct rt6_info *rt = dst_alloc(ops, dev, 0, 0, 0);
234
235 memset(&rt->rt6i_table, 0, sizeof(*rt) - sizeof(struct dst_entry));
236
237 return rt;
238 }
239
240 static void ip6_dst_destroy(struct dst_entry *dst)
241 {
242 struct rt6_info *rt = (struct rt6_info *)dst;
243 struct inet6_dev *idev = rt->rt6i_idev;
244 struct inet_peer *peer = rt->rt6i_peer;
245
246 if (idev != NULL) {
247 rt->rt6i_idev = NULL;
248 in6_dev_put(idev);
249 }
250 if (peer) {
251 rt->rt6i_peer = NULL;
252 inet_putpeer(peer);
253 }
254 }
255
256 static atomic_t __rt6_peer_genid = ATOMIC_INIT(0);
257
258 static u32 rt6_peer_genid(void)
259 {
260 return atomic_read(&__rt6_peer_genid);
261 }
262
263 void rt6_bind_peer(struct rt6_info *rt, int create)
264 {
265 struct inet_peer *peer;
266
267 peer = inet_getpeer_v6(&rt->rt6i_dst.addr, create);
268 if (peer && cmpxchg(&rt->rt6i_peer, NULL, peer) != NULL)
269 inet_putpeer(peer);
270 else
271 rt->rt6i_peer_genid = rt6_peer_genid();
272 }
273
274 static void ip6_dst_ifdown(struct dst_entry *dst, struct net_device *dev,
275 int how)
276 {
277 struct rt6_info *rt = (struct rt6_info *)dst;
278 struct inet6_dev *idev = rt->rt6i_idev;
279 struct net_device *loopback_dev =
280 dev_net(dev)->loopback_dev;
281
282 if (dev != loopback_dev && idev != NULL && idev->dev == dev) {
283 struct inet6_dev *loopback_idev =
284 in6_dev_get(loopback_dev);
285 if (loopback_idev != NULL) {
286 rt->rt6i_idev = loopback_idev;
287 in6_dev_put(idev);
288 }
289 }
290 }
291
292 static __inline__ int rt6_check_expired(const struct rt6_info *rt)
293 {
294 return (rt->rt6i_flags & RTF_EXPIRES) &&
295 time_after(jiffies, rt->rt6i_expires);
296 }
297
298 static inline int rt6_need_strict(const struct in6_addr *daddr)
299 {
300 return ipv6_addr_type(daddr) &
301 (IPV6_ADDR_MULTICAST | IPV6_ADDR_LINKLOCAL | IPV6_ADDR_LOOPBACK);
302 }
303
304 /*
305 * Route lookup. Any table->tb6_lock is implied.
306 */
307
308 static inline struct rt6_info *rt6_device_match(struct net *net,
309 struct rt6_info *rt,
310 const struct in6_addr *saddr,
311 int oif,
312 int flags)
313 {
314 struct rt6_info *local = NULL;
315 struct rt6_info *sprt;
316
317 if (!oif && ipv6_addr_any(saddr))
318 goto out;
319
320 for (sprt = rt; sprt; sprt = sprt->dst.rt6_next) {
321 struct net_device *dev = sprt->rt6i_dev;
322
323 if (oif) {
324 if (dev->ifindex == oif)
325 return sprt;
326 if (dev->flags & IFF_LOOPBACK) {
327 if (sprt->rt6i_idev == NULL ||
328 sprt->rt6i_idev->dev->ifindex != oif) {
329 if (flags & RT6_LOOKUP_F_IFACE && oif)
330 continue;
331 if (local && (!oif ||
332 local->rt6i_idev->dev->ifindex == oif))
333 continue;
334 }
335 local = sprt;
336 }
337 } else {
338 if (ipv6_chk_addr(net, saddr, dev,
339 flags & RT6_LOOKUP_F_IFACE))
340 return sprt;
341 }
342 }
343
344 if (oif) {
345 if (local)
346 return local;
347
348 if (flags & RT6_LOOKUP_F_IFACE)
349 return net->ipv6.ip6_null_entry;
350 }
351 out:
352 return rt;
353 }
354
355 #ifdef CONFIG_IPV6_ROUTER_PREF
356 static void rt6_probe(struct rt6_info *rt)
357 {
358 struct neighbour *neigh = rt ? rt->rt6i_nexthop : NULL;
359 /*
360 * Okay, this does not seem to be appropriate
361 * for now, however, we need to check if it
362 * is really so; aka Router Reachability Probing.
363 *
364 * Router Reachability Probe MUST be rate-limited
365 * to no more than one per minute.
366 */
367 if (!neigh || (neigh->nud_state & NUD_VALID))
368 return;
369 read_lock_bh(&neigh->lock);
370 if (!(neigh->nud_state & NUD_VALID) &&
371 time_after(jiffies, neigh->updated + rt->rt6i_idev->cnf.rtr_probe_interval)) {
372 struct in6_addr mcaddr;
373 struct in6_addr *target;
374
375 neigh->updated = jiffies;
376 read_unlock_bh(&neigh->lock);
377
378 target = (struct in6_addr *)&neigh->primary_key;
379 addrconf_addr_solict_mult(target, &mcaddr);
380 ndisc_send_ns(rt->rt6i_dev, NULL, target, &mcaddr, NULL);
381 } else
382 read_unlock_bh(&neigh->lock);
383 }
384 #else
385 static inline void rt6_probe(struct rt6_info *rt)
386 {
387 }
388 #endif
389
390 /*
391 * Default Router Selection (RFC 2461 6.3.6)
392 */
393 static inline int rt6_check_dev(struct rt6_info *rt, int oif)
394 {
395 struct net_device *dev = rt->rt6i_dev;
396 if (!oif || dev->ifindex == oif)
397 return 2;
398 if ((dev->flags & IFF_LOOPBACK) &&
399 rt->rt6i_idev && rt->rt6i_idev->dev->ifindex == oif)
400 return 1;
401 return 0;
402 }
403
404 static inline int rt6_check_neigh(struct rt6_info *rt)
405 {
406 struct neighbour *neigh = rt->rt6i_nexthop;
407 int m;
408 if (rt->rt6i_flags & RTF_NONEXTHOP ||
409 !(rt->rt6i_flags & RTF_GATEWAY))
410 m = 1;
411 else if (neigh) {
412 read_lock_bh(&neigh->lock);
413 if (neigh->nud_state & NUD_VALID)
414 m = 2;
415 #ifdef CONFIG_IPV6_ROUTER_PREF
416 else if (neigh->nud_state & NUD_FAILED)
417 m = 0;
418 #endif
419 else
420 m = 1;
421 read_unlock_bh(&neigh->lock);
422 } else
423 m = 0;
424 return m;
425 }
426
427 static int rt6_score_route(struct rt6_info *rt, int oif,
428 int strict)
429 {
430 int m, n;
431
432 m = rt6_check_dev(rt, oif);
433 if (!m && (strict & RT6_LOOKUP_F_IFACE))
434 return -1;
435 #ifdef CONFIG_IPV6_ROUTER_PREF
436 m |= IPV6_DECODE_PREF(IPV6_EXTRACT_PREF(rt->rt6i_flags)) << 2;
437 #endif
438 n = rt6_check_neigh(rt);
439 if (!n && (strict & RT6_LOOKUP_F_REACHABLE))
440 return -1;
441 return m;
442 }
443
444 static struct rt6_info *find_match(struct rt6_info *rt, int oif, int strict,
445 int *mpri, struct rt6_info *match)
446 {
447 int m;
448
449 if (rt6_check_expired(rt))
450 goto out;
451
452 m = rt6_score_route(rt, oif, strict);
453 if (m < 0)
454 goto out;
455
456 if (m > *mpri) {
457 if (strict & RT6_LOOKUP_F_REACHABLE)
458 rt6_probe(match);
459 *mpri = m;
460 match = rt;
461 } else if (strict & RT6_LOOKUP_F_REACHABLE) {
462 rt6_probe(rt);
463 }
464
465 out:
466 return match;
467 }
468
469 static struct rt6_info *find_rr_leaf(struct fib6_node *fn,
470 struct rt6_info *rr_head,
471 u32 metric, int oif, int strict)
472 {
473 struct rt6_info *rt, *match;
474 int mpri = -1;
475
476 match = NULL;
477 for (rt = rr_head; rt && rt->rt6i_metric == metric;
478 rt = rt->dst.rt6_next)
479 match = find_match(rt, oif, strict, &mpri, match);
480 for (rt = fn->leaf; rt && rt != rr_head && rt->rt6i_metric == metric;
481 rt = rt->dst.rt6_next)
482 match = find_match(rt, oif, strict, &mpri, match);
483
484 return match;
485 }
486
487 static struct rt6_info *rt6_select(struct fib6_node *fn, int oif, int strict)
488 {
489 struct rt6_info *match, *rt0;
490 struct net *net;
491
492 RT6_TRACE("%s(fn->leaf=%p, oif=%d)\n",
493 __func__, fn->leaf, oif);
494
495 rt0 = fn->rr_ptr;
496 if (!rt0)
497 fn->rr_ptr = rt0 = fn->leaf;
498
499 match = find_rr_leaf(fn, rt0, rt0->rt6i_metric, oif, strict);
500
501 if (!match &&
502 (strict & RT6_LOOKUP_F_REACHABLE)) {
503 struct rt6_info *next = rt0->dst.rt6_next;
504
505 /* no entries matched; do round-robin */
506 if (!next || next->rt6i_metric != rt0->rt6i_metric)
507 next = fn->leaf;
508
509 if (next != rt0)
510 fn->rr_ptr = next;
511 }
512
513 RT6_TRACE("%s() => %p\n",
514 __func__, match);
515
516 net = dev_net(rt0->rt6i_dev);
517 return match ? match : net->ipv6.ip6_null_entry;
518 }
519
520 #ifdef CONFIG_IPV6_ROUTE_INFO
521 int rt6_route_rcv(struct net_device *dev, u8 *opt, int len,
522 const struct in6_addr *gwaddr)
523 {
524 struct net *net = dev_net(dev);
525 struct route_info *rinfo = (struct route_info *) opt;
526 struct in6_addr prefix_buf, *prefix;
527 unsigned int pref;
528 unsigned long lifetime;
529 struct rt6_info *rt;
530
531 if (len < sizeof(struct route_info)) {
532 return -EINVAL;
533 }
534
535 /* Sanity check for prefix_len and length */
536 if (rinfo->length > 3) {
537 return -EINVAL;
538 } else if (rinfo->prefix_len > 128) {
539 return -EINVAL;
540 } else if (rinfo->prefix_len > 64) {
541 if (rinfo->length < 2) {
542 return -EINVAL;
543 }
544 } else if (rinfo->prefix_len > 0) {
545 if (rinfo->length < 1) {
546 return -EINVAL;
547 }
548 }
549
550 pref = rinfo->route_pref;
551 if (pref == ICMPV6_ROUTER_PREF_INVALID)
552 return -EINVAL;
553
554 lifetime = addrconf_timeout_fixup(ntohl(rinfo->lifetime), HZ);
555
556 if (rinfo->length == 3)
557 prefix = (struct in6_addr *)rinfo->prefix;
558 else {
559 /* this function is safe */
560 ipv6_addr_prefix(&prefix_buf,
561 (struct in6_addr *)rinfo->prefix,
562 rinfo->prefix_len);
563 prefix = &prefix_buf;
564 }
565
566 rt = rt6_get_route_info(net, prefix, rinfo->prefix_len, gwaddr,
567 dev->ifindex);
568
569 if (rt && !lifetime) {
570 ip6_del_rt(rt);
571 rt = NULL;
572 }
573
574 if (!rt && lifetime)
575 rt = rt6_add_route_info(net, prefix, rinfo->prefix_len, gwaddr, dev->ifindex,
576 pref);
577 else if (rt)
578 rt->rt6i_flags = RTF_ROUTEINFO |
579 (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
580
581 if (rt) {
582 if (!addrconf_finite_timeout(lifetime)) {
583 rt->rt6i_flags &= ~RTF_EXPIRES;
584 } else {
585 rt->rt6i_expires = jiffies + HZ * lifetime;
586 rt->rt6i_flags |= RTF_EXPIRES;
587 }
588 dst_release(&rt->dst);
589 }
590 return 0;
591 }
592 #endif
593
594 #define BACKTRACK(__net, saddr) \
595 do { \
596 if (rt == __net->ipv6.ip6_null_entry) { \
597 struct fib6_node *pn; \
598 while (1) { \
599 if (fn->fn_flags & RTN_TL_ROOT) \
600 goto out; \
601 pn = fn->parent; \
602 if (FIB6_SUBTREE(pn) && FIB6_SUBTREE(pn) != fn) \
603 fn = fib6_lookup(FIB6_SUBTREE(pn), NULL, saddr); \
604 else \
605 fn = pn; \
606 if (fn->fn_flags & RTN_RTINFO) \
607 goto restart; \
608 } \
609 } \
610 } while(0)
611
612 static struct rt6_info *ip6_pol_route_lookup(struct net *net,
613 struct fib6_table *table,
614 struct flowi6 *fl6, int flags)
615 {
616 struct fib6_node *fn;
617 struct rt6_info *rt;
618
619 read_lock_bh(&table->tb6_lock);
620 fn = fib6_lookup(&table->tb6_root, &fl6->daddr, &fl6->saddr);
621 restart:
622 rt = fn->leaf;
623 rt = rt6_device_match(net, rt, &fl6->saddr, fl6->flowi6_oif, flags);
624 BACKTRACK(net, &fl6->saddr);
625 out:
626 dst_use(&rt->dst, jiffies);
627 read_unlock_bh(&table->tb6_lock);
628 return rt;
629
630 }
631
632 struct rt6_info *rt6_lookup(struct net *net, const struct in6_addr *daddr,
633 const struct in6_addr *saddr, int oif, int strict)
634 {
635 struct flowi6 fl6 = {
636 .flowi6_oif = oif,
637 .daddr = *daddr,
638 };
639 struct dst_entry *dst;
640 int flags = strict ? RT6_LOOKUP_F_IFACE : 0;
641
642 if (saddr) {
643 memcpy(&fl6.saddr, saddr, sizeof(*saddr));
644 flags |= RT6_LOOKUP_F_HAS_SADDR;
645 }
646
647 dst = fib6_rule_lookup(net, &fl6, flags, ip6_pol_route_lookup);
648 if (dst->error == 0)
649 return (struct rt6_info *) dst;
650
651 dst_release(dst);
652
653 return NULL;
654 }
655
656 EXPORT_SYMBOL(rt6_lookup);
657
658 /* ip6_ins_rt is called with FREE table->tb6_lock.
659 It takes new route entry, the addition fails by any reason the
660 route is freed. In any case, if caller does not hold it, it may
661 be destroyed.
662 */
663
664 static int __ip6_ins_rt(struct rt6_info *rt, struct nl_info *info)
665 {
666 int err;
667 struct fib6_table *table;
668
669 table = rt->rt6i_table;
670 write_lock_bh(&table->tb6_lock);
671 err = fib6_add(&table->tb6_root, rt, info);
672 write_unlock_bh(&table->tb6_lock);
673
674 return err;
675 }
676
677 int ip6_ins_rt(struct rt6_info *rt)
678 {
679 struct nl_info info = {
680 .nl_net = dev_net(rt->rt6i_dev),
681 };
682 return __ip6_ins_rt(rt, &info);
683 }
684
685 static struct rt6_info *rt6_alloc_cow(struct rt6_info *ort, const struct in6_addr *daddr,
686 const struct in6_addr *saddr)
687 {
688 struct rt6_info *rt;
689
690 /*
691 * Clone the route.
692 */
693
694 rt = ip6_rt_copy(ort);
695
696 if (rt) {
697 struct neighbour *neigh;
698 int attempts = !in_softirq();
699
700 if (!(rt->rt6i_flags&RTF_GATEWAY)) {
701 if (rt->rt6i_dst.plen != 128 &&
702 ipv6_addr_equal(&rt->rt6i_dst.addr, daddr))
703 rt->rt6i_flags |= RTF_ANYCAST;
704 ipv6_addr_copy(&rt->rt6i_gateway, daddr);
705 }
706
707 ipv6_addr_copy(&rt->rt6i_dst.addr, daddr);
708 rt->rt6i_dst.plen = 128;
709 rt->rt6i_flags |= RTF_CACHE;
710 rt->dst.flags |= DST_HOST;
711
712 #ifdef CONFIG_IPV6_SUBTREES
713 if (rt->rt6i_src.plen && saddr) {
714 ipv6_addr_copy(&rt->rt6i_src.addr, saddr);
715 rt->rt6i_src.plen = 128;
716 }
717 #endif
718
719 retry:
720 neigh = ndisc_get_neigh(rt->rt6i_dev, &rt->rt6i_gateway);
721 if (IS_ERR(neigh)) {
722 struct net *net = dev_net(rt->rt6i_dev);
723 int saved_rt_min_interval =
724 net->ipv6.sysctl.ip6_rt_gc_min_interval;
725 int saved_rt_elasticity =
726 net->ipv6.sysctl.ip6_rt_gc_elasticity;
727
728 if (attempts-- > 0) {
729 net->ipv6.sysctl.ip6_rt_gc_elasticity = 1;
730 net->ipv6.sysctl.ip6_rt_gc_min_interval = 0;
731
732 ip6_dst_gc(&net->ipv6.ip6_dst_ops);
733
734 net->ipv6.sysctl.ip6_rt_gc_elasticity =
735 saved_rt_elasticity;
736 net->ipv6.sysctl.ip6_rt_gc_min_interval =
737 saved_rt_min_interval;
738 goto retry;
739 }
740
741 if (net_ratelimit())
742 printk(KERN_WARNING
743 "ipv6: Neighbour table overflow.\n");
744 dst_free(&rt->dst);
745 return NULL;
746 }
747 rt->rt6i_nexthop = neigh;
748
749 }
750
751 return rt;
752 }
753
754 static struct rt6_info *rt6_alloc_clone(struct rt6_info *ort, const struct in6_addr *daddr)
755 {
756 struct rt6_info *rt = ip6_rt_copy(ort);
757 if (rt) {
758 ipv6_addr_copy(&rt->rt6i_dst.addr, daddr);
759 rt->rt6i_dst.plen = 128;
760 rt->rt6i_flags |= RTF_CACHE;
761 rt->dst.flags |= DST_HOST;
762 rt->rt6i_nexthop = neigh_clone(ort->rt6i_nexthop);
763 }
764 return rt;
765 }
766
767 static struct rt6_info *ip6_pol_route(struct net *net, struct fib6_table *table, int oif,
768 struct flowi6 *fl6, int flags)
769 {
770 struct fib6_node *fn;
771 struct rt6_info *rt, *nrt;
772 int strict = 0;
773 int attempts = 3;
774 int err;
775 int reachable = net->ipv6.devconf_all->forwarding ? 0 : RT6_LOOKUP_F_REACHABLE;
776
777 strict |= flags & RT6_LOOKUP_F_IFACE;
778
779 relookup:
780 read_lock_bh(&table->tb6_lock);
781
782 restart_2:
783 fn = fib6_lookup(&table->tb6_root, &fl6->daddr, &fl6->saddr);
784
785 restart:
786 rt = rt6_select(fn, oif, strict | reachable);
787
788 BACKTRACK(net, &fl6->saddr);
789 if (rt == net->ipv6.ip6_null_entry ||
790 rt->rt6i_flags & RTF_CACHE)
791 goto out;
792
793 dst_hold(&rt->dst);
794 read_unlock_bh(&table->tb6_lock);
795
796 if (!rt->rt6i_nexthop && !(rt->rt6i_flags & RTF_NONEXTHOP))
797 nrt = rt6_alloc_cow(rt, &fl6->daddr, &fl6->saddr);
798 else if (!(rt->dst.flags & DST_HOST))
799 nrt = rt6_alloc_clone(rt, &fl6->daddr);
800 else
801 goto out2;
802
803 dst_release(&rt->dst);
804 rt = nrt ? : net->ipv6.ip6_null_entry;
805
806 dst_hold(&rt->dst);
807 if (nrt) {
808 err = ip6_ins_rt(nrt);
809 if (!err)
810 goto out2;
811 }
812
813 if (--attempts <= 0)
814 goto out2;
815
816 /*
817 * Race condition! In the gap, when table->tb6_lock was
818 * released someone could insert this route. Relookup.
819 */
820 dst_release(&rt->dst);
821 goto relookup;
822
823 out:
824 if (reachable) {
825 reachable = 0;
826 goto restart_2;
827 }
828 dst_hold(&rt->dst);
829 read_unlock_bh(&table->tb6_lock);
830 out2:
831 rt->dst.lastuse = jiffies;
832 rt->dst.__use++;
833
834 return rt;
835 }
836
837 static struct rt6_info *ip6_pol_route_input(struct net *net, struct fib6_table *table,
838 struct flowi6 *fl6, int flags)
839 {
840 return ip6_pol_route(net, table, fl6->flowi6_iif, fl6, flags);
841 }
842
843 void ip6_route_input(struct sk_buff *skb)
844 {
845 const struct ipv6hdr *iph = ipv6_hdr(skb);
846 struct net *net = dev_net(skb->dev);
847 int flags = RT6_LOOKUP_F_HAS_SADDR;
848 struct flowi6 fl6 = {
849 .flowi6_iif = skb->dev->ifindex,
850 .daddr = iph->daddr,
851 .saddr = iph->saddr,
852 .flowlabel = (* (__be32 *) iph)&IPV6_FLOWINFO_MASK,
853 .flowi6_mark = skb->mark,
854 .flowi6_proto = iph->nexthdr,
855 };
856
857 if (rt6_need_strict(&iph->daddr) && skb->dev->type != ARPHRD_PIMREG)
858 flags |= RT6_LOOKUP_F_IFACE;
859
860 skb_dst_set(skb, fib6_rule_lookup(net, &fl6, flags, ip6_pol_route_input));
861 }
862
863 static struct rt6_info *ip6_pol_route_output(struct net *net, struct fib6_table *table,
864 struct flowi6 *fl6, int flags)
865 {
866 return ip6_pol_route(net, table, fl6->flowi6_oif, fl6, flags);
867 }
868
869 struct dst_entry * ip6_route_output(struct net *net, const struct sock *sk,
870 struct flowi6 *fl6)
871 {
872 int flags = 0;
873
874 if ((sk && sk->sk_bound_dev_if) || rt6_need_strict(&fl6->daddr))
875 flags |= RT6_LOOKUP_F_IFACE;
876
877 if (!ipv6_addr_any(&fl6->saddr))
878 flags |= RT6_LOOKUP_F_HAS_SADDR;
879 else if (sk)
880 flags |= rt6_srcprefs2flags(inet6_sk(sk)->srcprefs);
881
882 return fib6_rule_lookup(net, fl6, flags, ip6_pol_route_output);
883 }
884
885 EXPORT_SYMBOL(ip6_route_output);
886
887 struct dst_entry *ip6_blackhole_route(struct net *net, struct dst_entry *dst_orig)
888 {
889 struct rt6_info *rt, *ort = (struct rt6_info *) dst_orig;
890 struct dst_entry *new = NULL;
891
892 rt = dst_alloc(&ip6_dst_blackhole_ops, ort->dst.dev, 1, 0, 0);
893 if (rt) {
894 memset(&rt->rt6i_table, 0, sizeof(*rt) - sizeof(struct dst_entry));
895
896 new = &rt->dst;
897
898 new->__use = 1;
899 new->input = dst_discard;
900 new->output = dst_discard;
901
902 dst_copy_metrics(new, &ort->dst);
903 rt->rt6i_idev = ort->rt6i_idev;
904 if (rt->rt6i_idev)
905 in6_dev_hold(rt->rt6i_idev);
906 rt->rt6i_expires = 0;
907
908 ipv6_addr_copy(&rt->rt6i_gateway, &ort->rt6i_gateway);
909 rt->rt6i_flags = ort->rt6i_flags & ~RTF_EXPIRES;
910 rt->rt6i_metric = 0;
911
912 memcpy(&rt->rt6i_dst, &ort->rt6i_dst, sizeof(struct rt6key));
913 #ifdef CONFIG_IPV6_SUBTREES
914 memcpy(&rt->rt6i_src, &ort->rt6i_src, sizeof(struct rt6key));
915 #endif
916
917 dst_free(new);
918 }
919
920 dst_release(dst_orig);
921 return new ? new : ERR_PTR(-ENOMEM);
922 }
923
924 /*
925 * Destination cache support functions
926 */
927
928 static struct dst_entry *ip6_dst_check(struct dst_entry *dst, u32 cookie)
929 {
930 struct rt6_info *rt;
931
932 rt = (struct rt6_info *) dst;
933
934 if (rt->rt6i_node && (rt->rt6i_node->fn_sernum == cookie)) {
935 if (rt->rt6i_peer_genid != rt6_peer_genid()) {
936 if (!rt->rt6i_peer)
937 rt6_bind_peer(rt, 0);
938 rt->rt6i_peer_genid = rt6_peer_genid();
939 }
940 return dst;
941 }
942 return NULL;
943 }
944
945 static struct dst_entry *ip6_negative_advice(struct dst_entry *dst)
946 {
947 struct rt6_info *rt = (struct rt6_info *) dst;
948
949 if (rt) {
950 if (rt->rt6i_flags & RTF_CACHE) {
951 if (rt6_check_expired(rt)) {
952 ip6_del_rt(rt);
953 dst = NULL;
954 }
955 } else {
956 dst_release(dst);
957 dst = NULL;
958 }
959 }
960 return dst;
961 }
962
963 static void ip6_link_failure(struct sk_buff *skb)
964 {
965 struct rt6_info *rt;
966
967 icmpv6_send(skb, ICMPV6_DEST_UNREACH, ICMPV6_ADDR_UNREACH, 0);
968
969 rt = (struct rt6_info *) skb_dst(skb);
970 if (rt) {
971 if (rt->rt6i_flags&RTF_CACHE) {
972 dst_set_expires(&rt->dst, 0);
973 rt->rt6i_flags |= RTF_EXPIRES;
974 } else if (rt->rt6i_node && (rt->rt6i_flags & RTF_DEFAULT))
975 rt->rt6i_node->fn_sernum = -1;
976 }
977 }
978
979 static void ip6_rt_update_pmtu(struct dst_entry *dst, u32 mtu)
980 {
981 struct rt6_info *rt6 = (struct rt6_info*)dst;
982
983 if (mtu < dst_mtu(dst) && rt6->rt6i_dst.plen == 128) {
984 rt6->rt6i_flags |= RTF_MODIFIED;
985 if (mtu < IPV6_MIN_MTU) {
986 u32 features = dst_metric(dst, RTAX_FEATURES);
987 mtu = IPV6_MIN_MTU;
988 features |= RTAX_FEATURE_ALLFRAG;
989 dst_metric_set(dst, RTAX_FEATURES, features);
990 }
991 dst_metric_set(dst, RTAX_MTU, mtu);
992 }
993 }
994
995 static unsigned int ip6_default_advmss(const struct dst_entry *dst)
996 {
997 struct net_device *dev = dst->dev;
998 unsigned int mtu = dst_mtu(dst);
999 struct net *net = dev_net(dev);
1000
1001 mtu -= sizeof(struct ipv6hdr) + sizeof(struct tcphdr);
1002
1003 if (mtu < net->ipv6.sysctl.ip6_rt_min_advmss)
1004 mtu = net->ipv6.sysctl.ip6_rt_min_advmss;
1005
1006 /*
1007 * Maximal non-jumbo IPv6 payload is IPV6_MAXPLEN and
1008 * corresponding MSS is IPV6_MAXPLEN - tcp_header_size.
1009 * IPV6_MAXPLEN is also valid and means: "any MSS,
1010 * rely only on pmtu discovery"
1011 */
1012 if (mtu > IPV6_MAXPLEN - sizeof(struct tcphdr))
1013 mtu = IPV6_MAXPLEN;
1014 return mtu;
1015 }
1016
1017 static unsigned int ip6_default_mtu(const struct dst_entry *dst)
1018 {
1019 unsigned int mtu = IPV6_MIN_MTU;
1020 struct inet6_dev *idev;
1021
1022 rcu_read_lock();
1023 idev = __in6_dev_get(dst->dev);
1024 if (idev)
1025 mtu = idev->cnf.mtu6;
1026 rcu_read_unlock();
1027
1028 return mtu;
1029 }
1030
1031 static struct dst_entry *icmp6_dst_gc_list;
1032 static DEFINE_SPINLOCK(icmp6_dst_lock);
1033
1034 struct dst_entry *icmp6_dst_alloc(struct net_device *dev,
1035 struct neighbour *neigh,
1036 const struct in6_addr *addr)
1037 {
1038 struct rt6_info *rt;
1039 struct inet6_dev *idev = in6_dev_get(dev);
1040 struct net *net = dev_net(dev);
1041
1042 if (unlikely(idev == NULL))
1043 return NULL;
1044
1045 rt = ip6_dst_alloc(&net->ipv6.ip6_dst_ops, dev);
1046 if (unlikely(rt == NULL)) {
1047 in6_dev_put(idev);
1048 goto out;
1049 }
1050
1051 if (neigh)
1052 neigh_hold(neigh);
1053 else {
1054 neigh = ndisc_get_neigh(dev, addr);
1055 if (IS_ERR(neigh))
1056 neigh = NULL;
1057 }
1058
1059 rt->rt6i_idev = idev;
1060 rt->rt6i_nexthop = neigh;
1061 atomic_set(&rt->dst.__refcnt, 1);
1062 dst_metric_set(&rt->dst, RTAX_HOPLIMIT, 255);
1063 rt->dst.output = ip6_output;
1064
1065 #if 0 /* there's no chance to use these for ndisc */
1066 rt->dst.flags = ipv6_addr_type(addr) & IPV6_ADDR_UNICAST
1067 ? DST_HOST
1068 : 0;
1069 ipv6_addr_copy(&rt->rt6i_dst.addr, addr);
1070 rt->rt6i_dst.plen = 128;
1071 #endif
1072
1073 spin_lock_bh(&icmp6_dst_lock);
1074 rt->dst.next = icmp6_dst_gc_list;
1075 icmp6_dst_gc_list = &rt->dst;
1076 spin_unlock_bh(&icmp6_dst_lock);
1077
1078 fib6_force_start_gc(net);
1079
1080 out:
1081 return &rt->dst;
1082 }
1083
1084 int icmp6_dst_gc(void)
1085 {
1086 struct dst_entry *dst, **pprev;
1087 int more = 0;
1088
1089 spin_lock_bh(&icmp6_dst_lock);
1090 pprev = &icmp6_dst_gc_list;
1091
1092 while ((dst = *pprev) != NULL) {
1093 if (!atomic_read(&dst->__refcnt)) {
1094 *pprev = dst->next;
1095 dst_free(dst);
1096 } else {
1097 pprev = &dst->next;
1098 ++more;
1099 }
1100 }
1101
1102 spin_unlock_bh(&icmp6_dst_lock);
1103
1104 return more;
1105 }
1106
1107 static void icmp6_clean_all(int (*func)(struct rt6_info *rt, void *arg),
1108 void *arg)
1109 {
1110 struct dst_entry *dst, **pprev;
1111
1112 spin_lock_bh(&icmp6_dst_lock);
1113 pprev = &icmp6_dst_gc_list;
1114 while ((dst = *pprev) != NULL) {
1115 struct rt6_info *rt = (struct rt6_info *) dst;
1116 if (func(rt, arg)) {
1117 *pprev = dst->next;
1118 dst_free(dst);
1119 } else {
1120 pprev = &dst->next;
1121 }
1122 }
1123 spin_unlock_bh(&icmp6_dst_lock);
1124 }
1125
1126 static int ip6_dst_gc(struct dst_ops *ops)
1127 {
1128 unsigned long now = jiffies;
1129 struct net *net = container_of(ops, struct net, ipv6.ip6_dst_ops);
1130 int rt_min_interval = net->ipv6.sysctl.ip6_rt_gc_min_interval;
1131 int rt_max_size = net->ipv6.sysctl.ip6_rt_max_size;
1132 int rt_elasticity = net->ipv6.sysctl.ip6_rt_gc_elasticity;
1133 int rt_gc_timeout = net->ipv6.sysctl.ip6_rt_gc_timeout;
1134 unsigned long rt_last_gc = net->ipv6.ip6_rt_last_gc;
1135 int entries;
1136
1137 entries = dst_entries_get_fast(ops);
1138 if (time_after(rt_last_gc + rt_min_interval, now) &&
1139 entries <= rt_max_size)
1140 goto out;
1141
1142 net->ipv6.ip6_rt_gc_expire++;
1143 fib6_run_gc(net->ipv6.ip6_rt_gc_expire, net);
1144 net->ipv6.ip6_rt_last_gc = now;
1145 entries = dst_entries_get_slow(ops);
1146 if (entries < ops->gc_thresh)
1147 net->ipv6.ip6_rt_gc_expire = rt_gc_timeout>>1;
1148 out:
1149 net->ipv6.ip6_rt_gc_expire -= net->ipv6.ip6_rt_gc_expire>>rt_elasticity;
1150 return entries > rt_max_size;
1151 }
1152
1153 /* Clean host part of a prefix. Not necessary in radix tree,
1154 but results in cleaner routing tables.
1155
1156 Remove it only when all the things will work!
1157 */
1158
1159 int ip6_dst_hoplimit(struct dst_entry *dst)
1160 {
1161 int hoplimit = dst_metric_raw(dst, RTAX_HOPLIMIT);
1162 if (hoplimit == 0) {
1163 struct net_device *dev = dst->dev;
1164 struct inet6_dev *idev;
1165
1166 rcu_read_lock();
1167 idev = __in6_dev_get(dev);
1168 if (idev)
1169 hoplimit = idev->cnf.hop_limit;
1170 else
1171 hoplimit = dev_net(dev)->ipv6.devconf_all->hop_limit;
1172 rcu_read_unlock();
1173 }
1174 return hoplimit;
1175 }
1176 EXPORT_SYMBOL(ip6_dst_hoplimit);
1177
1178 /*
1179 *
1180 */
1181
1182 int ip6_route_add(struct fib6_config *cfg)
1183 {
1184 int err;
1185 struct net *net = cfg->fc_nlinfo.nl_net;
1186 struct rt6_info *rt = NULL;
1187 struct net_device *dev = NULL;
1188 struct inet6_dev *idev = NULL;
1189 struct fib6_table *table;
1190 int addr_type;
1191
1192 if (cfg->fc_dst_len > 128 || cfg->fc_src_len > 128)
1193 return -EINVAL;
1194 #ifndef CONFIG_IPV6_SUBTREES
1195 if (cfg->fc_src_len)
1196 return -EINVAL;
1197 #endif
1198 if (cfg->fc_ifindex) {
1199 err = -ENODEV;
1200 dev = dev_get_by_index(net, cfg->fc_ifindex);
1201 if (!dev)
1202 goto out;
1203 idev = in6_dev_get(dev);
1204 if (!idev)
1205 goto out;
1206 }
1207
1208 if (cfg->fc_metric == 0)
1209 cfg->fc_metric = IP6_RT_PRIO_USER;
1210
1211 table = fib6_new_table(net, cfg->fc_table);
1212 if (table == NULL) {
1213 err = -ENOBUFS;
1214 goto out;
1215 }
1216
1217 rt = ip6_dst_alloc(&net->ipv6.ip6_dst_ops, NULL);
1218
1219 if (rt == NULL) {
1220 err = -ENOMEM;
1221 goto out;
1222 }
1223
1224 rt->dst.obsolete = -1;
1225 rt->rt6i_expires = (cfg->fc_flags & RTF_EXPIRES) ?
1226 jiffies + clock_t_to_jiffies(cfg->fc_expires) :
1227 0;
1228
1229 if (cfg->fc_protocol == RTPROT_UNSPEC)
1230 cfg->fc_protocol = RTPROT_BOOT;
1231 rt->rt6i_protocol = cfg->fc_protocol;
1232
1233 addr_type = ipv6_addr_type(&cfg->fc_dst);
1234
1235 if (addr_type & IPV6_ADDR_MULTICAST)
1236 rt->dst.input = ip6_mc_input;
1237 else if (cfg->fc_flags & RTF_LOCAL)
1238 rt->dst.input = ip6_input;
1239 else
1240 rt->dst.input = ip6_forward;
1241
1242 rt->dst.output = ip6_output;
1243
1244 ipv6_addr_prefix(&rt->rt6i_dst.addr, &cfg->fc_dst, cfg->fc_dst_len);
1245 rt->rt6i_dst.plen = cfg->fc_dst_len;
1246 if (rt->rt6i_dst.plen == 128)
1247 rt->dst.flags = DST_HOST;
1248
1249 #ifdef CONFIG_IPV6_SUBTREES
1250 ipv6_addr_prefix(&rt->rt6i_src.addr, &cfg->fc_src, cfg->fc_src_len);
1251 rt->rt6i_src.plen = cfg->fc_src_len;
1252 #endif
1253
1254 rt->rt6i_metric = cfg->fc_metric;
1255
1256 /* We cannot add true routes via loopback here,
1257 they would result in kernel looping; promote them to reject routes
1258 */
1259 if ((cfg->fc_flags & RTF_REJECT) ||
1260 (dev && (dev->flags&IFF_LOOPBACK) && !(addr_type&IPV6_ADDR_LOOPBACK)
1261 && !(cfg->fc_flags&RTF_LOCAL))) {
1262 /* hold loopback dev/idev if we haven't done so. */
1263 if (dev != net->loopback_dev) {
1264 if (dev) {
1265 dev_put(dev);
1266 in6_dev_put(idev);
1267 }
1268 dev = net->loopback_dev;
1269 dev_hold(dev);
1270 idev = in6_dev_get(dev);
1271 if (!idev) {
1272 err = -ENODEV;
1273 goto out;
1274 }
1275 }
1276 rt->dst.output = ip6_pkt_discard_out;
1277 rt->dst.input = ip6_pkt_discard;
1278 rt->dst.error = -ENETUNREACH;
1279 rt->rt6i_flags = RTF_REJECT|RTF_NONEXTHOP;
1280 goto install_route;
1281 }
1282
1283 if (cfg->fc_flags & RTF_GATEWAY) {
1284 const struct in6_addr *gw_addr;
1285 int gwa_type;
1286
1287 gw_addr = &cfg->fc_gateway;
1288 ipv6_addr_copy(&rt->rt6i_gateway, gw_addr);
1289 gwa_type = ipv6_addr_type(gw_addr);
1290
1291 if (gwa_type != (IPV6_ADDR_LINKLOCAL|IPV6_ADDR_UNICAST)) {
1292 struct rt6_info *grt;
1293
1294 /* IPv6 strictly inhibits using not link-local
1295 addresses as nexthop address.
1296 Otherwise, router will not able to send redirects.
1297 It is very good, but in some (rare!) circumstances
1298 (SIT, PtP, NBMA NOARP links) it is handy to allow
1299 some exceptions. --ANK
1300 */
1301 err = -EINVAL;
1302 if (!(gwa_type&IPV6_ADDR_UNICAST))
1303 goto out;
1304
1305 grt = rt6_lookup(net, gw_addr, NULL, cfg->fc_ifindex, 1);
1306
1307 err = -EHOSTUNREACH;
1308 if (grt == NULL)
1309 goto out;
1310 if (dev) {
1311 if (dev != grt->rt6i_dev) {
1312 dst_release(&grt->dst);
1313 goto out;
1314 }
1315 } else {
1316 dev = grt->rt6i_dev;
1317 idev = grt->rt6i_idev;
1318 dev_hold(dev);
1319 in6_dev_hold(grt->rt6i_idev);
1320 }
1321 if (!(grt->rt6i_flags&RTF_GATEWAY))
1322 err = 0;
1323 dst_release(&grt->dst);
1324
1325 if (err)
1326 goto out;
1327 }
1328 err = -EINVAL;
1329 if (dev == NULL || (dev->flags&IFF_LOOPBACK))
1330 goto out;
1331 }
1332
1333 err = -ENODEV;
1334 if (dev == NULL)
1335 goto out;
1336
1337 if (!ipv6_addr_any(&cfg->fc_prefsrc)) {
1338 if (!ipv6_chk_addr(net, &cfg->fc_prefsrc, dev, 0)) {
1339 err = -EINVAL;
1340 goto out;
1341 }
1342 ipv6_addr_copy(&rt->rt6i_prefsrc.addr, &cfg->fc_prefsrc);
1343 rt->rt6i_prefsrc.plen = 128;
1344 } else
1345 rt->rt6i_prefsrc.plen = 0;
1346
1347 if (cfg->fc_flags & (RTF_GATEWAY | RTF_NONEXTHOP)) {
1348 rt->rt6i_nexthop = __neigh_lookup_errno(&nd_tbl, &rt->rt6i_gateway, dev);
1349 if (IS_ERR(rt->rt6i_nexthop)) {
1350 err = PTR_ERR(rt->rt6i_nexthop);
1351 rt->rt6i_nexthop = NULL;
1352 goto out;
1353 }
1354 }
1355
1356 rt->rt6i_flags = cfg->fc_flags;
1357
1358 install_route:
1359 if (cfg->fc_mx) {
1360 struct nlattr *nla;
1361 int remaining;
1362
1363 nla_for_each_attr(nla, cfg->fc_mx, cfg->fc_mx_len, remaining) {
1364 int type = nla_type(nla);
1365
1366 if (type) {
1367 if (type > RTAX_MAX) {
1368 err = -EINVAL;
1369 goto out;
1370 }
1371
1372 dst_metric_set(&rt->dst, type, nla_get_u32(nla));
1373 }
1374 }
1375 }
1376
1377 rt->dst.dev = dev;
1378 rt->rt6i_idev = idev;
1379 rt->rt6i_table = table;
1380
1381 cfg->fc_nlinfo.nl_net = dev_net(dev);
1382
1383 return __ip6_ins_rt(rt, &cfg->fc_nlinfo);
1384
1385 out:
1386 if (dev)
1387 dev_put(dev);
1388 if (idev)
1389 in6_dev_put(idev);
1390 if (rt)
1391 dst_free(&rt->dst);
1392 return err;
1393 }
1394
1395 static int __ip6_del_rt(struct rt6_info *rt, struct nl_info *info)
1396 {
1397 int err;
1398 struct fib6_table *table;
1399 struct net *net = dev_net(rt->rt6i_dev);
1400
1401 if (rt == net->ipv6.ip6_null_entry)
1402 return -ENOENT;
1403
1404 table = rt->rt6i_table;
1405 write_lock_bh(&table->tb6_lock);
1406
1407 err = fib6_del(rt, info);
1408 dst_release(&rt->dst);
1409
1410 write_unlock_bh(&table->tb6_lock);
1411
1412 return err;
1413 }
1414
1415 int ip6_del_rt(struct rt6_info *rt)
1416 {
1417 struct nl_info info = {
1418 .nl_net = dev_net(rt->rt6i_dev),
1419 };
1420 return __ip6_del_rt(rt, &info);
1421 }
1422
1423 static int ip6_route_del(struct fib6_config *cfg)
1424 {
1425 struct fib6_table *table;
1426 struct fib6_node *fn;
1427 struct rt6_info *rt;
1428 int err = -ESRCH;
1429
1430 table = fib6_get_table(cfg->fc_nlinfo.nl_net, cfg->fc_table);
1431 if (table == NULL)
1432 return err;
1433
1434 read_lock_bh(&table->tb6_lock);
1435
1436 fn = fib6_locate(&table->tb6_root,
1437 &cfg->fc_dst, cfg->fc_dst_len,
1438 &cfg->fc_src, cfg->fc_src_len);
1439
1440 if (fn) {
1441 for (rt = fn->leaf; rt; rt = rt->dst.rt6_next) {
1442 if (cfg->fc_ifindex &&
1443 (rt->rt6i_dev == NULL ||
1444 rt->rt6i_dev->ifindex != cfg->fc_ifindex))
1445 continue;
1446 if (cfg->fc_flags & RTF_GATEWAY &&
1447 !ipv6_addr_equal(&cfg->fc_gateway, &rt->rt6i_gateway))
1448 continue;
1449 if (cfg->fc_metric && cfg->fc_metric != rt->rt6i_metric)
1450 continue;
1451 dst_hold(&rt->dst);
1452 read_unlock_bh(&table->tb6_lock);
1453
1454 return __ip6_del_rt(rt, &cfg->fc_nlinfo);
1455 }
1456 }
1457 read_unlock_bh(&table->tb6_lock);
1458
1459 return err;
1460 }
1461
1462 /*
1463 * Handle redirects
1464 */
1465 struct ip6rd_flowi {
1466 struct flowi6 fl6;
1467 struct in6_addr gateway;
1468 };
1469
1470 static struct rt6_info *__ip6_route_redirect(struct net *net,
1471 struct fib6_table *table,
1472 struct flowi6 *fl6,
1473 int flags)
1474 {
1475 struct ip6rd_flowi *rdfl = (struct ip6rd_flowi *)fl6;
1476 struct rt6_info *rt;
1477 struct fib6_node *fn;
1478
1479 /*
1480 * Get the "current" route for this destination and
1481 * check if the redirect has come from approriate router.
1482 *
1483 * RFC 2461 specifies that redirects should only be
1484 * accepted if they come from the nexthop to the target.
1485 * Due to the way the routes are chosen, this notion
1486 * is a bit fuzzy and one might need to check all possible
1487 * routes.
1488 */
1489
1490 read_lock_bh(&table->tb6_lock);
1491 fn = fib6_lookup(&table->tb6_root, &fl6->daddr, &fl6->saddr);
1492 restart:
1493 for (rt = fn->leaf; rt; rt = rt->dst.rt6_next) {
1494 /*
1495 * Current route is on-link; redirect is always invalid.
1496 *
1497 * Seems, previous statement is not true. It could
1498 * be node, which looks for us as on-link (f.e. proxy ndisc)
1499 * But then router serving it might decide, that we should
1500 * know truth 8)8) --ANK (980726).
1501 */
1502 if (rt6_check_expired(rt))
1503 continue;
1504 if (!(rt->rt6i_flags & RTF_GATEWAY))
1505 continue;
1506 if (fl6->flowi6_oif != rt->rt6i_dev->ifindex)
1507 continue;
1508 if (!ipv6_addr_equal(&rdfl->gateway, &rt->rt6i_gateway))
1509 continue;
1510 break;
1511 }
1512
1513 if (!rt)
1514 rt = net->ipv6.ip6_null_entry;
1515 BACKTRACK(net, &fl6->saddr);
1516 out:
1517 dst_hold(&rt->dst);
1518
1519 read_unlock_bh(&table->tb6_lock);
1520
1521 return rt;
1522 };
1523
1524 static struct rt6_info *ip6_route_redirect(const struct in6_addr *dest,
1525 const struct in6_addr *src,
1526 const struct in6_addr *gateway,
1527 struct net_device *dev)
1528 {
1529 int flags = RT6_LOOKUP_F_HAS_SADDR;
1530 struct net *net = dev_net(dev);
1531 struct ip6rd_flowi rdfl = {
1532 .fl6 = {
1533 .flowi6_oif = dev->ifindex,
1534 .daddr = *dest,
1535 .saddr = *src,
1536 },
1537 };
1538
1539 ipv6_addr_copy(&rdfl.gateway, gateway);
1540
1541 if (rt6_need_strict(dest))
1542 flags |= RT6_LOOKUP_F_IFACE;
1543
1544 return (struct rt6_info *)fib6_rule_lookup(net, &rdfl.fl6,
1545 flags, __ip6_route_redirect);
1546 }
1547
1548 void rt6_redirect(const struct in6_addr *dest, const struct in6_addr *src,
1549 const struct in6_addr *saddr,
1550 struct neighbour *neigh, u8 *lladdr, int on_link)
1551 {
1552 struct rt6_info *rt, *nrt = NULL;
1553 struct netevent_redirect netevent;
1554 struct net *net = dev_net(neigh->dev);
1555
1556 rt = ip6_route_redirect(dest, src, saddr, neigh->dev);
1557
1558 if (rt == net->ipv6.ip6_null_entry) {
1559 if (net_ratelimit())
1560 printk(KERN_DEBUG "rt6_redirect: source isn't a valid nexthop "
1561 "for redirect target\n");
1562 goto out;
1563 }
1564
1565 /*
1566 * We have finally decided to accept it.
1567 */
1568
1569 neigh_update(neigh, lladdr, NUD_STALE,
1570 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1571 NEIGH_UPDATE_F_OVERRIDE|
1572 (on_link ? 0 : (NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1573 NEIGH_UPDATE_F_ISROUTER))
1574 );
1575
1576 /*
1577 * Redirect received -> path was valid.
1578 * Look, redirects are sent only in response to data packets,
1579 * so that this nexthop apparently is reachable. --ANK
1580 */
1581 dst_confirm(&rt->dst);
1582
1583 /* Duplicate redirect: silently ignore. */
1584 if (neigh == rt->dst.neighbour)
1585 goto out;
1586
1587 nrt = ip6_rt_copy(rt);
1588 if (nrt == NULL)
1589 goto out;
1590
1591 nrt->rt6i_flags = RTF_GATEWAY|RTF_UP|RTF_DYNAMIC|RTF_CACHE;
1592 if (on_link)
1593 nrt->rt6i_flags &= ~RTF_GATEWAY;
1594
1595 ipv6_addr_copy(&nrt->rt6i_dst.addr, dest);
1596 nrt->rt6i_dst.plen = 128;
1597 nrt->dst.flags |= DST_HOST;
1598
1599 ipv6_addr_copy(&nrt->rt6i_gateway, (struct in6_addr*)neigh->primary_key);
1600 nrt->rt6i_nexthop = neigh_clone(neigh);
1601
1602 if (ip6_ins_rt(nrt))
1603 goto out;
1604
1605 netevent.old = &rt->dst;
1606 netevent.new = &nrt->dst;
1607 call_netevent_notifiers(NETEVENT_REDIRECT, &netevent);
1608
1609 if (rt->rt6i_flags&RTF_CACHE) {
1610 ip6_del_rt(rt);
1611 return;
1612 }
1613
1614 out:
1615 dst_release(&rt->dst);
1616 }
1617
1618 /*
1619 * Handle ICMP "packet too big" messages
1620 * i.e. Path MTU discovery
1621 */
1622
1623 static void rt6_do_pmtu_disc(const struct in6_addr *daddr, const struct in6_addr *saddr,
1624 struct net *net, u32 pmtu, int ifindex)
1625 {
1626 struct rt6_info *rt, *nrt;
1627 int allfrag = 0;
1628 again:
1629 rt = rt6_lookup(net, daddr, saddr, ifindex, 0);
1630 if (rt == NULL)
1631 return;
1632
1633 if (rt6_check_expired(rt)) {
1634 ip6_del_rt(rt);
1635 goto again;
1636 }
1637
1638 if (pmtu >= dst_mtu(&rt->dst))
1639 goto out;
1640
1641 if (pmtu < IPV6_MIN_MTU) {
1642 /*
1643 * According to RFC2460, PMTU is set to the IPv6 Minimum Link
1644 * MTU (1280) and a fragment header should always be included
1645 * after a node receiving Too Big message reporting PMTU is
1646 * less than the IPv6 Minimum Link MTU.
1647 */
1648 pmtu = IPV6_MIN_MTU;
1649 allfrag = 1;
1650 }
1651
1652 /* New mtu received -> path was valid.
1653 They are sent only in response to data packets,
1654 so that this nexthop apparently is reachable. --ANK
1655 */
1656 dst_confirm(&rt->dst);
1657
1658 /* Host route. If it is static, it would be better
1659 not to override it, but add new one, so that
1660 when cache entry will expire old pmtu
1661 would return automatically.
1662 */
1663 if (rt->rt6i_flags & RTF_CACHE) {
1664 dst_metric_set(&rt->dst, RTAX_MTU, pmtu);
1665 if (allfrag) {
1666 u32 features = dst_metric(&rt->dst, RTAX_FEATURES);
1667 features |= RTAX_FEATURE_ALLFRAG;
1668 dst_metric_set(&rt->dst, RTAX_FEATURES, features);
1669 }
1670 dst_set_expires(&rt->dst, net->ipv6.sysctl.ip6_rt_mtu_expires);
1671 rt->rt6i_flags |= RTF_MODIFIED|RTF_EXPIRES;
1672 goto out;
1673 }
1674
1675 /* Network route.
1676 Two cases are possible:
1677 1. It is connected route. Action: COW
1678 2. It is gatewayed route or NONEXTHOP route. Action: clone it.
1679 */
1680 if (!rt->rt6i_nexthop && !(rt->rt6i_flags & RTF_NONEXTHOP))
1681 nrt = rt6_alloc_cow(rt, daddr, saddr);
1682 else
1683 nrt = rt6_alloc_clone(rt, daddr);
1684
1685 if (nrt) {
1686 dst_metric_set(&nrt->dst, RTAX_MTU, pmtu);
1687 if (allfrag) {
1688 u32 features = dst_metric(&nrt->dst, RTAX_FEATURES);
1689 features |= RTAX_FEATURE_ALLFRAG;
1690 dst_metric_set(&nrt->dst, RTAX_FEATURES, features);
1691 }
1692
1693 /* According to RFC 1981, detecting PMTU increase shouldn't be
1694 * happened within 5 mins, the recommended timer is 10 mins.
1695 * Here this route expiration time is set to ip6_rt_mtu_expires
1696 * which is 10 mins. After 10 mins the decreased pmtu is expired
1697 * and detecting PMTU increase will be automatically happened.
1698 */
1699 dst_set_expires(&nrt->dst, net->ipv6.sysctl.ip6_rt_mtu_expires);
1700 nrt->rt6i_flags |= RTF_DYNAMIC|RTF_EXPIRES;
1701
1702 ip6_ins_rt(nrt);
1703 }
1704 out:
1705 dst_release(&rt->dst);
1706 }
1707
1708 void rt6_pmtu_discovery(const struct in6_addr *daddr, const struct in6_addr *saddr,
1709 struct net_device *dev, u32 pmtu)
1710 {
1711 struct net *net = dev_net(dev);
1712
1713 /*
1714 * RFC 1981 states that a node "MUST reduce the size of the packets it
1715 * is sending along the path" that caused the Packet Too Big message.
1716 * Since it's not possible in the general case to determine which
1717 * interface was used to send the original packet, we update the MTU
1718 * on the interface that will be used to send future packets. We also
1719 * update the MTU on the interface that received the Packet Too Big in
1720 * case the original packet was forced out that interface with
1721 * SO_BINDTODEVICE or similar. This is the next best thing to the
1722 * correct behaviour, which would be to update the MTU on all
1723 * interfaces.
1724 */
1725 rt6_do_pmtu_disc(daddr, saddr, net, pmtu, 0);
1726 rt6_do_pmtu_disc(daddr, saddr, net, pmtu, dev->ifindex);
1727 }
1728
1729 /*
1730 * Misc support functions
1731 */
1732
1733 static struct rt6_info * ip6_rt_copy(struct rt6_info *ort)
1734 {
1735 struct net *net = dev_net(ort->rt6i_dev);
1736 struct rt6_info *rt = ip6_dst_alloc(&net->ipv6.ip6_dst_ops,
1737 ort->dst.dev);
1738
1739 if (rt) {
1740 rt->dst.input = ort->dst.input;
1741 rt->dst.output = ort->dst.output;
1742
1743 dst_copy_metrics(&rt->dst, &ort->dst);
1744 rt->dst.error = ort->dst.error;
1745 rt->rt6i_idev = ort->rt6i_idev;
1746 if (rt->rt6i_idev)
1747 in6_dev_hold(rt->rt6i_idev);
1748 rt->dst.lastuse = jiffies;
1749 rt->rt6i_expires = 0;
1750
1751 ipv6_addr_copy(&rt->rt6i_gateway, &ort->rt6i_gateway);
1752 rt->rt6i_flags = ort->rt6i_flags & ~RTF_EXPIRES;
1753 rt->rt6i_metric = 0;
1754
1755 memcpy(&rt->rt6i_dst, &ort->rt6i_dst, sizeof(struct rt6key));
1756 #ifdef CONFIG_IPV6_SUBTREES
1757 memcpy(&rt->rt6i_src, &ort->rt6i_src, sizeof(struct rt6key));
1758 #endif
1759 memcpy(&rt->rt6i_prefsrc, &ort->rt6i_prefsrc, sizeof(struct rt6key));
1760 rt->rt6i_table = ort->rt6i_table;
1761 }
1762 return rt;
1763 }
1764
1765 #ifdef CONFIG_IPV6_ROUTE_INFO
1766 static struct rt6_info *rt6_get_route_info(struct net *net,
1767 const struct in6_addr *prefix, int prefixlen,
1768 const struct in6_addr *gwaddr, int ifindex)
1769 {
1770 struct fib6_node *fn;
1771 struct rt6_info *rt = NULL;
1772 struct fib6_table *table;
1773
1774 table = fib6_get_table(net, RT6_TABLE_INFO);
1775 if (table == NULL)
1776 return NULL;
1777
1778 write_lock_bh(&table->tb6_lock);
1779 fn = fib6_locate(&table->tb6_root, prefix ,prefixlen, NULL, 0);
1780 if (!fn)
1781 goto out;
1782
1783 for (rt = fn->leaf; rt; rt = rt->dst.rt6_next) {
1784 if (rt->rt6i_dev->ifindex != ifindex)
1785 continue;
1786 if ((rt->rt6i_flags & (RTF_ROUTEINFO|RTF_GATEWAY)) != (RTF_ROUTEINFO|RTF_GATEWAY))
1787 continue;
1788 if (!ipv6_addr_equal(&rt->rt6i_gateway, gwaddr))
1789 continue;
1790 dst_hold(&rt->dst);
1791 break;
1792 }
1793 out:
1794 write_unlock_bh(&table->tb6_lock);
1795 return rt;
1796 }
1797
1798 static struct rt6_info *rt6_add_route_info(struct net *net,
1799 const struct in6_addr *prefix, int prefixlen,
1800 const struct in6_addr *gwaddr, int ifindex,
1801 unsigned pref)
1802 {
1803 struct fib6_config cfg = {
1804 .fc_table = RT6_TABLE_INFO,
1805 .fc_metric = IP6_RT_PRIO_USER,
1806 .fc_ifindex = ifindex,
1807 .fc_dst_len = prefixlen,
1808 .fc_flags = RTF_GATEWAY | RTF_ADDRCONF | RTF_ROUTEINFO |
1809 RTF_UP | RTF_PREF(pref),
1810 .fc_nlinfo.pid = 0,
1811 .fc_nlinfo.nlh = NULL,
1812 .fc_nlinfo.nl_net = net,
1813 };
1814
1815 ipv6_addr_copy(&cfg.fc_dst, prefix);
1816 ipv6_addr_copy(&cfg.fc_gateway, gwaddr);
1817
1818 /* We should treat it as a default route if prefix length is 0. */
1819 if (!prefixlen)
1820 cfg.fc_flags |= RTF_DEFAULT;
1821
1822 ip6_route_add(&cfg);
1823
1824 return rt6_get_route_info(net, prefix, prefixlen, gwaddr, ifindex);
1825 }
1826 #endif
1827
1828 struct rt6_info *rt6_get_dflt_router(const struct in6_addr *addr, struct net_device *dev)
1829 {
1830 struct rt6_info *rt;
1831 struct fib6_table *table;
1832
1833 table = fib6_get_table(dev_net(dev), RT6_TABLE_DFLT);
1834 if (table == NULL)
1835 return NULL;
1836
1837 write_lock_bh(&table->tb6_lock);
1838 for (rt = table->tb6_root.leaf; rt; rt=rt->dst.rt6_next) {
1839 if (dev == rt->rt6i_dev &&
1840 ((rt->rt6i_flags & (RTF_ADDRCONF | RTF_DEFAULT)) == (RTF_ADDRCONF | RTF_DEFAULT)) &&
1841 ipv6_addr_equal(&rt->rt6i_gateway, addr))
1842 break;
1843 }
1844 if (rt)
1845 dst_hold(&rt->dst);
1846 write_unlock_bh(&table->tb6_lock);
1847 return rt;
1848 }
1849
1850 struct rt6_info *rt6_add_dflt_router(const struct in6_addr *gwaddr,
1851 struct net_device *dev,
1852 unsigned int pref)
1853 {
1854 struct fib6_config cfg = {
1855 .fc_table = RT6_TABLE_DFLT,
1856 .fc_metric = IP6_RT_PRIO_USER,
1857 .fc_ifindex = dev->ifindex,
1858 .fc_flags = RTF_GATEWAY | RTF_ADDRCONF | RTF_DEFAULT |
1859 RTF_UP | RTF_EXPIRES | RTF_PREF(pref),
1860 .fc_nlinfo.pid = 0,
1861 .fc_nlinfo.nlh = NULL,
1862 .fc_nlinfo.nl_net = dev_net(dev),
1863 };
1864
1865 ipv6_addr_copy(&cfg.fc_gateway, gwaddr);
1866
1867 ip6_route_add(&cfg);
1868
1869 return rt6_get_dflt_router(gwaddr, dev);
1870 }
1871
1872 void rt6_purge_dflt_routers(struct net *net)
1873 {
1874 struct rt6_info *rt;
1875 struct fib6_table *table;
1876
1877 /* NOTE: Keep consistent with rt6_get_dflt_router */
1878 table = fib6_get_table(net, RT6_TABLE_DFLT);
1879 if (table == NULL)
1880 return;
1881
1882 restart:
1883 read_lock_bh(&table->tb6_lock);
1884 for (rt = table->tb6_root.leaf; rt; rt = rt->dst.rt6_next) {
1885 if (rt->rt6i_flags & (RTF_DEFAULT | RTF_ADDRCONF)) {
1886 dst_hold(&rt->dst);
1887 read_unlock_bh(&table->tb6_lock);
1888 ip6_del_rt(rt);
1889 goto restart;
1890 }
1891 }
1892 read_unlock_bh(&table->tb6_lock);
1893 }
1894
1895 static void rtmsg_to_fib6_config(struct net *net,
1896 struct in6_rtmsg *rtmsg,
1897 struct fib6_config *cfg)
1898 {
1899 memset(cfg, 0, sizeof(*cfg));
1900
1901 cfg->fc_table = RT6_TABLE_MAIN;
1902 cfg->fc_ifindex = rtmsg->rtmsg_ifindex;
1903 cfg->fc_metric = rtmsg->rtmsg_metric;
1904 cfg->fc_expires = rtmsg->rtmsg_info;
1905 cfg->fc_dst_len = rtmsg->rtmsg_dst_len;
1906 cfg->fc_src_len = rtmsg->rtmsg_src_len;
1907 cfg->fc_flags = rtmsg->rtmsg_flags;
1908
1909 cfg->fc_nlinfo.nl_net = net;
1910
1911 ipv6_addr_copy(&cfg->fc_dst, &rtmsg->rtmsg_dst);
1912 ipv6_addr_copy(&cfg->fc_src, &rtmsg->rtmsg_src);
1913 ipv6_addr_copy(&cfg->fc_gateway, &rtmsg->rtmsg_gateway);
1914 }
1915
1916 int ipv6_route_ioctl(struct net *net, unsigned int cmd, void __user *arg)
1917 {
1918 struct fib6_config cfg;
1919 struct in6_rtmsg rtmsg;
1920 int err;
1921
1922 switch(cmd) {
1923 case SIOCADDRT: /* Add a route */
1924 case SIOCDELRT: /* Delete a route */
1925 if (!capable(CAP_NET_ADMIN))
1926 return -EPERM;
1927 err = copy_from_user(&rtmsg, arg,
1928 sizeof(struct in6_rtmsg));
1929 if (err)
1930 return -EFAULT;
1931
1932 rtmsg_to_fib6_config(net, &rtmsg, &cfg);
1933
1934 rtnl_lock();
1935 switch (cmd) {
1936 case SIOCADDRT:
1937 err = ip6_route_add(&cfg);
1938 break;
1939 case SIOCDELRT:
1940 err = ip6_route_del(&cfg);
1941 break;
1942 default:
1943 err = -EINVAL;
1944 }
1945 rtnl_unlock();
1946
1947 return err;
1948 }
1949
1950 return -EINVAL;
1951 }
1952
1953 /*
1954 * Drop the packet on the floor
1955 */
1956
1957 static int ip6_pkt_drop(struct sk_buff *skb, u8 code, int ipstats_mib_noroutes)
1958 {
1959 int type;
1960 struct dst_entry *dst = skb_dst(skb);
1961 switch (ipstats_mib_noroutes) {
1962 case IPSTATS_MIB_INNOROUTES:
1963 type = ipv6_addr_type(&ipv6_hdr(skb)->daddr);
1964 if (type == IPV6_ADDR_ANY) {
1965 IP6_INC_STATS(dev_net(dst->dev), ip6_dst_idev(dst),
1966 IPSTATS_MIB_INADDRERRORS);
1967 break;
1968 }
1969 /* FALLTHROUGH */
1970 case IPSTATS_MIB_OUTNOROUTES:
1971 IP6_INC_STATS(dev_net(dst->dev), ip6_dst_idev(dst),
1972 ipstats_mib_noroutes);
1973 break;
1974 }
1975 icmpv6_send(skb, ICMPV6_DEST_UNREACH, code, 0);
1976 kfree_skb(skb);
1977 return 0;
1978 }
1979
1980 static int ip6_pkt_discard(struct sk_buff *skb)
1981 {
1982 return ip6_pkt_drop(skb, ICMPV6_NOROUTE, IPSTATS_MIB_INNOROUTES);
1983 }
1984
1985 static int ip6_pkt_discard_out(struct sk_buff *skb)
1986 {
1987 skb->dev = skb_dst(skb)->dev;
1988 return ip6_pkt_drop(skb, ICMPV6_NOROUTE, IPSTATS_MIB_OUTNOROUTES);
1989 }
1990
1991 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
1992
1993 static int ip6_pkt_prohibit(struct sk_buff *skb)
1994 {
1995 return ip6_pkt_drop(skb, ICMPV6_ADM_PROHIBITED, IPSTATS_MIB_INNOROUTES);
1996 }
1997
1998 static int ip6_pkt_prohibit_out(struct sk_buff *skb)
1999 {
2000 skb->dev = skb_dst(skb)->dev;
2001 return ip6_pkt_drop(skb, ICMPV6_ADM_PROHIBITED, IPSTATS_MIB_OUTNOROUTES);
2002 }
2003
2004 #endif
2005
2006 /*
2007 * Allocate a dst for local (unicast / anycast) address.
2008 */
2009
2010 struct rt6_info *addrconf_dst_alloc(struct inet6_dev *idev,
2011 const struct in6_addr *addr,
2012 int anycast)
2013 {
2014 struct net *net = dev_net(idev->dev);
2015 struct rt6_info *rt = ip6_dst_alloc(&net->ipv6.ip6_dst_ops,
2016 net->loopback_dev);
2017 struct neighbour *neigh;
2018
2019 if (rt == NULL) {
2020 if (net_ratelimit())
2021 pr_warning("IPv6: Maximum number of routes reached,"
2022 " consider increasing route/max_size.\n");
2023 return ERR_PTR(-ENOMEM);
2024 }
2025
2026 in6_dev_hold(idev);
2027
2028 rt->dst.flags = DST_HOST;
2029 rt->dst.input = ip6_input;
2030 rt->dst.output = ip6_output;
2031 rt->rt6i_idev = idev;
2032 rt->dst.obsolete = -1;
2033
2034 rt->rt6i_flags = RTF_UP | RTF_NONEXTHOP;
2035 if (anycast)
2036 rt->rt6i_flags |= RTF_ANYCAST;
2037 else
2038 rt->rt6i_flags |= RTF_LOCAL;
2039 neigh = ndisc_get_neigh(rt->rt6i_dev, &rt->rt6i_gateway);
2040 if (IS_ERR(neigh)) {
2041 dst_free(&rt->dst);
2042
2043 return ERR_CAST(neigh);
2044 }
2045 rt->rt6i_nexthop = neigh;
2046
2047 ipv6_addr_copy(&rt->rt6i_dst.addr, addr);
2048 rt->rt6i_dst.plen = 128;
2049 rt->rt6i_table = fib6_get_table(net, RT6_TABLE_LOCAL);
2050
2051 atomic_set(&rt->dst.__refcnt, 1);
2052
2053 return rt;
2054 }
2055
2056 int ip6_route_get_saddr(struct net *net,
2057 struct rt6_info *rt,
2058 const struct in6_addr *daddr,
2059 unsigned int prefs,
2060 struct in6_addr *saddr)
2061 {
2062 struct inet6_dev *idev = ip6_dst_idev((struct dst_entry*)rt);
2063 int err = 0;
2064 if (rt->rt6i_prefsrc.plen)
2065 ipv6_addr_copy(saddr, &rt->rt6i_prefsrc.addr);
2066 else
2067 err = ipv6_dev_get_saddr(net, idev ? idev->dev : NULL,
2068 daddr, prefs, saddr);
2069 return err;
2070 }
2071
2072 /* remove deleted ip from prefsrc entries */
2073 struct arg_dev_net_ip {
2074 struct net_device *dev;
2075 struct net *net;
2076 struct in6_addr *addr;
2077 };
2078
2079 static int fib6_remove_prefsrc(struct rt6_info *rt, void *arg)
2080 {
2081 struct net_device *dev = ((struct arg_dev_net_ip *)arg)->dev;
2082 struct net *net = ((struct arg_dev_net_ip *)arg)->net;
2083 struct in6_addr *addr = ((struct arg_dev_net_ip *)arg)->addr;
2084
2085 if (((void *)rt->rt6i_dev == dev || dev == NULL) &&
2086 rt != net->ipv6.ip6_null_entry &&
2087 ipv6_addr_equal(addr, &rt->rt6i_prefsrc.addr)) {
2088 /* remove prefsrc entry */
2089 rt->rt6i_prefsrc.plen = 0;
2090 }
2091 return 0;
2092 }
2093
2094 void rt6_remove_prefsrc(struct inet6_ifaddr *ifp)
2095 {
2096 struct net *net = dev_net(ifp->idev->dev);
2097 struct arg_dev_net_ip adni = {
2098 .dev = ifp->idev->dev,
2099 .net = net,
2100 .addr = &ifp->addr,
2101 };
2102 fib6_clean_all(net, fib6_remove_prefsrc, 0, &adni);
2103 }
2104
2105 struct arg_dev_net {
2106 struct net_device *dev;
2107 struct net *net;
2108 };
2109
2110 static int fib6_ifdown(struct rt6_info *rt, void *arg)
2111 {
2112 const struct arg_dev_net *adn = arg;
2113 const struct net_device *dev = adn->dev;
2114
2115 if ((rt->rt6i_dev == dev || dev == NULL) &&
2116 rt != adn->net->ipv6.ip6_null_entry) {
2117 RT6_TRACE("deleted by ifdown %p\n", rt);
2118 return -1;
2119 }
2120 return 0;
2121 }
2122
2123 void rt6_ifdown(struct net *net, struct net_device *dev)
2124 {
2125 struct arg_dev_net adn = {
2126 .dev = dev,
2127 .net = net,
2128 };
2129
2130 fib6_clean_all(net, fib6_ifdown, 0, &adn);
2131 icmp6_clean_all(fib6_ifdown, &adn);
2132 }
2133
2134 struct rt6_mtu_change_arg
2135 {
2136 struct net_device *dev;
2137 unsigned mtu;
2138 };
2139
2140 static int rt6_mtu_change_route(struct rt6_info *rt, void *p_arg)
2141 {
2142 struct rt6_mtu_change_arg *arg = (struct rt6_mtu_change_arg *) p_arg;
2143 struct inet6_dev *idev;
2144
2145 /* In IPv6 pmtu discovery is not optional,
2146 so that RTAX_MTU lock cannot disable it.
2147 We still use this lock to block changes
2148 caused by addrconf/ndisc.
2149 */
2150
2151 idev = __in6_dev_get(arg->dev);
2152 if (idev == NULL)
2153 return 0;
2154
2155 /* For administrative MTU increase, there is no way to discover
2156 IPv6 PMTU increase, so PMTU increase should be updated here.
2157 Since RFC 1981 doesn't include administrative MTU increase
2158 update PMTU increase is a MUST. (i.e. jumbo frame)
2159 */
2160 /*
2161 If new MTU is less than route PMTU, this new MTU will be the
2162 lowest MTU in the path, update the route PMTU to reflect PMTU
2163 decreases; if new MTU is greater than route PMTU, and the
2164 old MTU is the lowest MTU in the path, update the route PMTU
2165 to reflect the increase. In this case if the other nodes' MTU
2166 also have the lowest MTU, TOO BIG MESSAGE will be lead to
2167 PMTU discouvery.
2168 */
2169 if (rt->rt6i_dev == arg->dev &&
2170 !dst_metric_locked(&rt->dst, RTAX_MTU) &&
2171 (dst_mtu(&rt->dst) >= arg->mtu ||
2172 (dst_mtu(&rt->dst) < arg->mtu &&
2173 dst_mtu(&rt->dst) == idev->cnf.mtu6))) {
2174 dst_metric_set(&rt->dst, RTAX_MTU, arg->mtu);
2175 }
2176 return 0;
2177 }
2178
2179 void rt6_mtu_change(struct net_device *dev, unsigned mtu)
2180 {
2181 struct rt6_mtu_change_arg arg = {
2182 .dev = dev,
2183 .mtu = mtu,
2184 };
2185
2186 fib6_clean_all(dev_net(dev), rt6_mtu_change_route, 0, &arg);
2187 }
2188
2189 static const struct nla_policy rtm_ipv6_policy[RTA_MAX+1] = {
2190 [RTA_GATEWAY] = { .len = sizeof(struct in6_addr) },
2191 [RTA_OIF] = { .type = NLA_U32 },
2192 [RTA_IIF] = { .type = NLA_U32 },
2193 [RTA_PRIORITY] = { .type = NLA_U32 },
2194 [RTA_METRICS] = { .type = NLA_NESTED },
2195 };
2196
2197 static int rtm_to_fib6_config(struct sk_buff *skb, struct nlmsghdr *nlh,
2198 struct fib6_config *cfg)
2199 {
2200 struct rtmsg *rtm;
2201 struct nlattr *tb[RTA_MAX+1];
2202 int err;
2203
2204 err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_ipv6_policy);
2205 if (err < 0)
2206 goto errout;
2207
2208 err = -EINVAL;
2209 rtm = nlmsg_data(nlh);
2210 memset(cfg, 0, sizeof(*cfg));
2211
2212 cfg->fc_table = rtm->rtm_table;
2213 cfg->fc_dst_len = rtm->rtm_dst_len;
2214 cfg->fc_src_len = rtm->rtm_src_len;
2215 cfg->fc_flags = RTF_UP;
2216 cfg->fc_protocol = rtm->rtm_protocol;
2217
2218 if (rtm->rtm_type == RTN_UNREACHABLE)
2219 cfg->fc_flags |= RTF_REJECT;
2220
2221 if (rtm->rtm_type == RTN_LOCAL)
2222 cfg->fc_flags |= RTF_LOCAL;
2223
2224 cfg->fc_nlinfo.pid = NETLINK_CB(skb).pid;
2225 cfg->fc_nlinfo.nlh = nlh;
2226 cfg->fc_nlinfo.nl_net = sock_net(skb->sk);
2227
2228 if (tb[RTA_GATEWAY]) {
2229 nla_memcpy(&cfg->fc_gateway, tb[RTA_GATEWAY], 16);
2230 cfg->fc_flags |= RTF_GATEWAY;
2231 }
2232
2233 if (tb[RTA_DST]) {
2234 int plen = (rtm->rtm_dst_len + 7) >> 3;
2235
2236 if (nla_len(tb[RTA_DST]) < plen)
2237 goto errout;
2238
2239 nla_memcpy(&cfg->fc_dst, tb[RTA_DST], plen);
2240 }
2241
2242 if (tb[RTA_SRC]) {
2243 int plen = (rtm->rtm_src_len + 7) >> 3;
2244
2245 if (nla_len(tb[RTA_SRC]) < plen)
2246 goto errout;
2247
2248 nla_memcpy(&cfg->fc_src, tb[RTA_SRC], plen);
2249 }
2250
2251 if (tb[RTA_PREFSRC])
2252 nla_memcpy(&cfg->fc_prefsrc, tb[RTA_PREFSRC], 16);
2253
2254 if (tb[RTA_OIF])
2255 cfg->fc_ifindex = nla_get_u32(tb[RTA_OIF]);
2256
2257 if (tb[RTA_PRIORITY])
2258 cfg->fc_metric = nla_get_u32(tb[RTA_PRIORITY]);
2259
2260 if (tb[RTA_METRICS]) {
2261 cfg->fc_mx = nla_data(tb[RTA_METRICS]);
2262 cfg->fc_mx_len = nla_len(tb[RTA_METRICS]);
2263 }
2264
2265 if (tb[RTA_TABLE])
2266 cfg->fc_table = nla_get_u32(tb[RTA_TABLE]);
2267
2268 err = 0;
2269 errout:
2270 return err;
2271 }
2272
2273 static int inet6_rtm_delroute(struct sk_buff *skb, struct nlmsghdr* nlh, void *arg)
2274 {
2275 struct fib6_config cfg;
2276 int err;
2277
2278 err = rtm_to_fib6_config(skb, nlh, &cfg);
2279 if (err < 0)
2280 return err;
2281
2282 return ip6_route_del(&cfg);
2283 }
2284
2285 static int inet6_rtm_newroute(struct sk_buff *skb, struct nlmsghdr* nlh, void *arg)
2286 {
2287 struct fib6_config cfg;
2288 int err;
2289
2290 err = rtm_to_fib6_config(skb, nlh, &cfg);
2291 if (err < 0)
2292 return err;
2293
2294 return ip6_route_add(&cfg);
2295 }
2296
2297 static inline size_t rt6_nlmsg_size(void)
2298 {
2299 return NLMSG_ALIGN(sizeof(struct rtmsg))
2300 + nla_total_size(16) /* RTA_SRC */
2301 + nla_total_size(16) /* RTA_DST */
2302 + nla_total_size(16) /* RTA_GATEWAY */
2303 + nla_total_size(16) /* RTA_PREFSRC */
2304 + nla_total_size(4) /* RTA_TABLE */
2305 + nla_total_size(4) /* RTA_IIF */
2306 + nla_total_size(4) /* RTA_OIF */
2307 + nla_total_size(4) /* RTA_PRIORITY */
2308 + RTAX_MAX * nla_total_size(4) /* RTA_METRICS */
2309 + nla_total_size(sizeof(struct rta_cacheinfo));
2310 }
2311
2312 static int rt6_fill_node(struct net *net,
2313 struct sk_buff *skb, struct rt6_info *rt,
2314 struct in6_addr *dst, struct in6_addr *src,
2315 int iif, int type, u32 pid, u32 seq,
2316 int prefix, int nowait, unsigned int flags)
2317 {
2318 struct rtmsg *rtm;
2319 struct nlmsghdr *nlh;
2320 long expires;
2321 u32 table;
2322
2323 if (prefix) { /* user wants prefix routes only */
2324 if (!(rt->rt6i_flags & RTF_PREFIX_RT)) {
2325 /* success since this is not a prefix route */
2326 return 1;
2327 }
2328 }
2329
2330 nlh = nlmsg_put(skb, pid, seq, type, sizeof(*rtm), flags);
2331 if (nlh == NULL)
2332 return -EMSGSIZE;
2333
2334 rtm = nlmsg_data(nlh);
2335 rtm->rtm_family = AF_INET6;
2336 rtm->rtm_dst_len = rt->rt6i_dst.plen;
2337 rtm->rtm_src_len = rt->rt6i_src.plen;
2338 rtm->rtm_tos = 0;
2339 if (rt->rt6i_table)
2340 table = rt->rt6i_table->tb6_id;
2341 else
2342 table = RT6_TABLE_UNSPEC;
2343 rtm->rtm_table = table;
2344 NLA_PUT_U32(skb, RTA_TABLE, table);
2345 if (rt->rt6i_flags&RTF_REJECT)
2346 rtm->rtm_type = RTN_UNREACHABLE;
2347 else if (rt->rt6i_flags&RTF_LOCAL)
2348 rtm->rtm_type = RTN_LOCAL;
2349 else if (rt->rt6i_dev && (rt->rt6i_dev->flags&IFF_LOOPBACK))
2350 rtm->rtm_type = RTN_LOCAL;
2351 else
2352 rtm->rtm_type = RTN_UNICAST;
2353 rtm->rtm_flags = 0;
2354 rtm->rtm_scope = RT_SCOPE_UNIVERSE;
2355 rtm->rtm_protocol = rt->rt6i_protocol;
2356 if (rt->rt6i_flags&RTF_DYNAMIC)
2357 rtm->rtm_protocol = RTPROT_REDIRECT;
2358 else if (rt->rt6i_flags & RTF_ADDRCONF)
2359 rtm->rtm_protocol = RTPROT_KERNEL;
2360 else if (rt->rt6i_flags&RTF_DEFAULT)
2361 rtm->rtm_protocol = RTPROT_RA;
2362
2363 if (rt->rt6i_flags&RTF_CACHE)
2364 rtm->rtm_flags |= RTM_F_CLONED;
2365
2366 if (dst) {
2367 NLA_PUT(skb, RTA_DST, 16, dst);
2368 rtm->rtm_dst_len = 128;
2369 } else if (rtm->rtm_dst_len)
2370 NLA_PUT(skb, RTA_DST, 16, &rt->rt6i_dst.addr);
2371 #ifdef CONFIG_IPV6_SUBTREES
2372 if (src) {
2373 NLA_PUT(skb, RTA_SRC, 16, src);
2374 rtm->rtm_src_len = 128;
2375 } else if (rtm->rtm_src_len)
2376 NLA_PUT(skb, RTA_SRC, 16, &rt->rt6i_src.addr);
2377 #endif
2378 if (iif) {
2379 #ifdef CONFIG_IPV6_MROUTE
2380 if (ipv6_addr_is_multicast(&rt->rt6i_dst.addr)) {
2381 int err = ip6mr_get_route(net, skb, rtm, nowait);
2382 if (err <= 0) {
2383 if (!nowait) {
2384 if (err == 0)
2385 return 0;
2386 goto nla_put_failure;
2387 } else {
2388 if (err == -EMSGSIZE)
2389 goto nla_put_failure;
2390 }
2391 }
2392 } else
2393 #endif
2394 NLA_PUT_U32(skb, RTA_IIF, iif);
2395 } else if (dst) {
2396 struct in6_addr saddr_buf;
2397 if (ip6_route_get_saddr(net, rt, dst, 0, &saddr_buf) == 0)
2398 NLA_PUT(skb, RTA_PREFSRC, 16, &saddr_buf);
2399 }
2400
2401 if (rt->rt6i_prefsrc.plen) {
2402 struct in6_addr saddr_buf;
2403 ipv6_addr_copy(&saddr_buf, &rt->rt6i_prefsrc.addr);
2404 NLA_PUT(skb, RTA_PREFSRC, 16, &saddr_buf);
2405 }
2406
2407 if (rtnetlink_put_metrics(skb, dst_metrics_ptr(&rt->dst)) < 0)
2408 goto nla_put_failure;
2409
2410 if (rt->dst.neighbour)
2411 NLA_PUT(skb, RTA_GATEWAY, 16, &rt->dst.neighbour->primary_key);
2412
2413 if (rt->dst.dev)
2414 NLA_PUT_U32(skb, RTA_OIF, rt->rt6i_dev->ifindex);
2415
2416 NLA_PUT_U32(skb, RTA_PRIORITY, rt->rt6i_metric);
2417
2418 if (!(rt->rt6i_flags & RTF_EXPIRES))
2419 expires = 0;
2420 else if (rt->rt6i_expires - jiffies < INT_MAX)
2421 expires = rt->rt6i_expires - jiffies;
2422 else
2423 expires = INT_MAX;
2424
2425 if (rtnl_put_cacheinfo(skb, &rt->dst, 0, 0, 0,
2426 expires, rt->dst.error) < 0)
2427 goto nla_put_failure;
2428
2429 return nlmsg_end(skb, nlh);
2430
2431 nla_put_failure:
2432 nlmsg_cancel(skb, nlh);
2433 return -EMSGSIZE;
2434 }
2435
2436 int rt6_dump_route(struct rt6_info *rt, void *p_arg)
2437 {
2438 struct rt6_rtnl_dump_arg *arg = (struct rt6_rtnl_dump_arg *) p_arg;
2439 int prefix;
2440
2441 if (nlmsg_len(arg->cb->nlh) >= sizeof(struct rtmsg)) {
2442 struct rtmsg *rtm = nlmsg_data(arg->cb->nlh);
2443 prefix = (rtm->rtm_flags & RTM_F_PREFIX) != 0;
2444 } else
2445 prefix = 0;
2446
2447 return rt6_fill_node(arg->net,
2448 arg->skb, rt, NULL, NULL, 0, RTM_NEWROUTE,
2449 NETLINK_CB(arg->cb->skb).pid, arg->cb->nlh->nlmsg_seq,
2450 prefix, 0, NLM_F_MULTI);
2451 }
2452
2453 static int inet6_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr* nlh, void *arg)
2454 {
2455 struct net *net = sock_net(in_skb->sk);
2456 struct nlattr *tb[RTA_MAX+1];
2457 struct rt6_info *rt;
2458 struct sk_buff *skb;
2459 struct rtmsg *rtm;
2460 struct flowi6 fl6;
2461 int err, iif = 0;
2462
2463 err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_ipv6_policy);
2464 if (err < 0)
2465 goto errout;
2466
2467 err = -EINVAL;
2468 memset(&fl6, 0, sizeof(fl6));
2469
2470 if (tb[RTA_SRC]) {
2471 if (nla_len(tb[RTA_SRC]) < sizeof(struct in6_addr))
2472 goto errout;
2473
2474 ipv6_addr_copy(&fl6.saddr, nla_data(tb[RTA_SRC]));
2475 }
2476
2477 if (tb[RTA_DST]) {
2478 if (nla_len(tb[RTA_DST]) < sizeof(struct in6_addr))
2479 goto errout;
2480
2481 ipv6_addr_copy(&fl6.daddr, nla_data(tb[RTA_DST]));
2482 }
2483
2484 if (tb[RTA_IIF])
2485 iif = nla_get_u32(tb[RTA_IIF]);
2486
2487 if (tb[RTA_OIF])
2488 fl6.flowi6_oif = nla_get_u32(tb[RTA_OIF]);
2489
2490 if (iif) {
2491 struct net_device *dev;
2492 dev = __dev_get_by_index(net, iif);
2493 if (!dev) {
2494 err = -ENODEV;
2495 goto errout;
2496 }
2497 }
2498
2499 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL);
2500 if (skb == NULL) {
2501 err = -ENOBUFS;
2502 goto errout;
2503 }
2504
2505 /* Reserve room for dummy headers, this skb can pass
2506 through good chunk of routing engine.
2507 */
2508 skb_reset_mac_header(skb);
2509 skb_reserve(skb, MAX_HEADER + sizeof(struct ipv6hdr));
2510
2511 rt = (struct rt6_info*) ip6_route_output(net, NULL, &fl6);
2512 skb_dst_set(skb, &rt->dst);
2513
2514 err = rt6_fill_node(net, skb, rt, &fl6.daddr, &fl6.saddr, iif,
2515 RTM_NEWROUTE, NETLINK_CB(in_skb).pid,
2516 nlh->nlmsg_seq, 0, 0, 0);
2517 if (err < 0) {
2518 kfree_skb(skb);
2519 goto errout;
2520 }
2521
2522 err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).pid);
2523 errout:
2524 return err;
2525 }
2526
2527 void inet6_rt_notify(int event, struct rt6_info *rt, struct nl_info *info)
2528 {
2529 struct sk_buff *skb;
2530 struct net *net = info->nl_net;
2531 u32 seq;
2532 int err;
2533
2534 err = -ENOBUFS;
2535 seq = info->nlh != NULL ? info->nlh->nlmsg_seq : 0;
2536
2537 skb = nlmsg_new(rt6_nlmsg_size(), gfp_any());
2538 if (skb == NULL)
2539 goto errout;
2540
2541 err = rt6_fill_node(net, skb, rt, NULL, NULL, 0,
2542 event, info->pid, seq, 0, 0, 0);
2543 if (err < 0) {
2544 /* -EMSGSIZE implies BUG in rt6_nlmsg_size() */
2545 WARN_ON(err == -EMSGSIZE);
2546 kfree_skb(skb);
2547 goto errout;
2548 }
2549 rtnl_notify(skb, net, info->pid, RTNLGRP_IPV6_ROUTE,
2550 info->nlh, gfp_any());
2551 return;
2552 errout:
2553 if (err < 0)
2554 rtnl_set_sk_err(net, RTNLGRP_IPV6_ROUTE, err);
2555 }
2556
2557 static int ip6_route_dev_notify(struct notifier_block *this,
2558 unsigned long event, void *data)
2559 {
2560 struct net_device *dev = (struct net_device *)data;
2561 struct net *net = dev_net(dev);
2562
2563 if (event == NETDEV_REGISTER && (dev->flags & IFF_LOOPBACK)) {
2564 net->ipv6.ip6_null_entry->dst.dev = dev;
2565 net->ipv6.ip6_null_entry->rt6i_idev = in6_dev_get(dev);
2566 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
2567 net->ipv6.ip6_prohibit_entry->dst.dev = dev;
2568 net->ipv6.ip6_prohibit_entry->rt6i_idev = in6_dev_get(dev);
2569 net->ipv6.ip6_blk_hole_entry->dst.dev = dev;
2570 net->ipv6.ip6_blk_hole_entry->rt6i_idev = in6_dev_get(dev);
2571 #endif
2572 }
2573
2574 return NOTIFY_OK;
2575 }
2576
2577 /*
2578 * /proc
2579 */
2580
2581 #ifdef CONFIG_PROC_FS
2582
2583 struct rt6_proc_arg
2584 {
2585 char *buffer;
2586 int offset;
2587 int length;
2588 int skip;
2589 int len;
2590 };
2591
2592 static int rt6_info_route(struct rt6_info *rt, void *p_arg)
2593 {
2594 struct seq_file *m = p_arg;
2595
2596 seq_printf(m, "%pi6 %02x ", &rt->rt6i_dst.addr, rt->rt6i_dst.plen);
2597
2598 #ifdef CONFIG_IPV6_SUBTREES
2599 seq_printf(m, "%pi6 %02x ", &rt->rt6i_src.addr, rt->rt6i_src.plen);
2600 #else
2601 seq_puts(m, "00000000000000000000000000000000 00 ");
2602 #endif
2603
2604 if (rt->rt6i_nexthop) {
2605 seq_printf(m, "%pi6", rt->rt6i_nexthop->primary_key);
2606 } else {
2607 seq_puts(m, "00000000000000000000000000000000");
2608 }
2609 seq_printf(m, " %08x %08x %08x %08x %8s\n",
2610 rt->rt6i_metric, atomic_read(&rt->dst.__refcnt),
2611 rt->dst.__use, rt->rt6i_flags,
2612 rt->rt6i_dev ? rt->rt6i_dev->name : "");
2613 return 0;
2614 }
2615
2616 static int ipv6_route_show(struct seq_file *m, void *v)
2617 {
2618 struct net *net = (struct net *)m->private;
2619 fib6_clean_all(net, rt6_info_route, 0, m);
2620 return 0;
2621 }
2622
2623 static int ipv6_route_open(struct inode *inode, struct file *file)
2624 {
2625 return single_open_net(inode, file, ipv6_route_show);
2626 }
2627
2628 static const struct file_operations ipv6_route_proc_fops = {
2629 .owner = THIS_MODULE,
2630 .open = ipv6_route_open,
2631 .read = seq_read,
2632 .llseek = seq_lseek,
2633 .release = single_release_net,
2634 };
2635
2636 static int rt6_stats_seq_show(struct seq_file *seq, void *v)
2637 {
2638 struct net *net = (struct net *)seq->private;
2639 seq_printf(seq, "%04x %04x %04x %04x %04x %04x %04x\n",
2640 net->ipv6.rt6_stats->fib_nodes,
2641 net->ipv6.rt6_stats->fib_route_nodes,
2642 net->ipv6.rt6_stats->fib_rt_alloc,
2643 net->ipv6.rt6_stats->fib_rt_entries,
2644 net->ipv6.rt6_stats->fib_rt_cache,
2645 dst_entries_get_slow(&net->ipv6.ip6_dst_ops),
2646 net->ipv6.rt6_stats->fib_discarded_routes);
2647
2648 return 0;
2649 }
2650
2651 static int rt6_stats_seq_open(struct inode *inode, struct file *file)
2652 {
2653 return single_open_net(inode, file, rt6_stats_seq_show);
2654 }
2655
2656 static const struct file_operations rt6_stats_seq_fops = {
2657 .owner = THIS_MODULE,
2658 .open = rt6_stats_seq_open,
2659 .read = seq_read,
2660 .llseek = seq_lseek,
2661 .release = single_release_net,
2662 };
2663 #endif /* CONFIG_PROC_FS */
2664
2665 #ifdef CONFIG_SYSCTL
2666
2667 static
2668 int ipv6_sysctl_rtcache_flush(ctl_table *ctl, int write,
2669 void __user *buffer, size_t *lenp, loff_t *ppos)
2670 {
2671 struct net *net;
2672 int delay;
2673 if (!write)
2674 return -EINVAL;
2675
2676 net = (struct net *)ctl->extra1;
2677 delay = net->ipv6.sysctl.flush_delay;
2678 proc_dointvec(ctl, write, buffer, lenp, ppos);
2679 fib6_run_gc(delay <= 0 ? ~0UL : (unsigned long)delay, net);
2680 return 0;
2681 }
2682
2683 ctl_table ipv6_route_table_template[] = {
2684 {
2685 .procname = "flush",
2686 .data = &init_net.ipv6.sysctl.flush_delay,
2687 .maxlen = sizeof(int),
2688 .mode = 0200,
2689 .proc_handler = ipv6_sysctl_rtcache_flush
2690 },
2691 {
2692 .procname = "gc_thresh",
2693 .data = &ip6_dst_ops_template.gc_thresh,
2694 .maxlen = sizeof(int),
2695 .mode = 0644,
2696 .proc_handler = proc_dointvec,
2697 },
2698 {
2699 .procname = "max_size",
2700 .data = &init_net.ipv6.sysctl.ip6_rt_max_size,
2701 .maxlen = sizeof(int),
2702 .mode = 0644,
2703 .proc_handler = proc_dointvec,
2704 },
2705 {
2706 .procname = "gc_min_interval",
2707 .data = &init_net.ipv6.sysctl.ip6_rt_gc_min_interval,
2708 .maxlen = sizeof(int),
2709 .mode = 0644,
2710 .proc_handler = proc_dointvec_jiffies,
2711 },
2712 {
2713 .procname = "gc_timeout",
2714 .data = &init_net.ipv6.sysctl.ip6_rt_gc_timeout,
2715 .maxlen = sizeof(int),
2716 .mode = 0644,
2717 .proc_handler = proc_dointvec_jiffies,
2718 },
2719 {
2720 .procname = "gc_interval",
2721 .data = &init_net.ipv6.sysctl.ip6_rt_gc_interval,
2722 .maxlen = sizeof(int),
2723 .mode = 0644,
2724 .proc_handler = proc_dointvec_jiffies,
2725 },
2726 {
2727 .procname = "gc_elasticity",
2728 .data = &init_net.ipv6.sysctl.ip6_rt_gc_elasticity,
2729 .maxlen = sizeof(int),
2730 .mode = 0644,
2731 .proc_handler = proc_dointvec,
2732 },
2733 {
2734 .procname = "mtu_expires",
2735 .data = &init_net.ipv6.sysctl.ip6_rt_mtu_expires,
2736 .maxlen = sizeof(int),
2737 .mode = 0644,
2738 .proc_handler = proc_dointvec_jiffies,
2739 },
2740 {
2741 .procname = "min_adv_mss",
2742 .data = &init_net.ipv6.sysctl.ip6_rt_min_advmss,
2743 .maxlen = sizeof(int),
2744 .mode = 0644,
2745 .proc_handler = proc_dointvec,
2746 },
2747 {
2748 .procname = "gc_min_interval_ms",
2749 .data = &init_net.ipv6.sysctl.ip6_rt_gc_min_interval,
2750 .maxlen = sizeof(int),
2751 .mode = 0644,
2752 .proc_handler = proc_dointvec_ms_jiffies,
2753 },
2754 { }
2755 };
2756
2757 struct ctl_table * __net_init ipv6_route_sysctl_init(struct net *net)
2758 {
2759 struct ctl_table *table;
2760
2761 table = kmemdup(ipv6_route_table_template,
2762 sizeof(ipv6_route_table_template),
2763 GFP_KERNEL);
2764
2765 if (table) {
2766 table[0].data = &net->ipv6.sysctl.flush_delay;
2767 table[0].extra1 = net;
2768 table[1].data = &net->ipv6.ip6_dst_ops.gc_thresh;
2769 table[2].data = &net->ipv6.sysctl.ip6_rt_max_size;
2770 table[3].data = &net->ipv6.sysctl.ip6_rt_gc_min_interval;
2771 table[4].data = &net->ipv6.sysctl.ip6_rt_gc_timeout;
2772 table[5].data = &net->ipv6.sysctl.ip6_rt_gc_interval;
2773 table[6].data = &net->ipv6.sysctl.ip6_rt_gc_elasticity;
2774 table[7].data = &net->ipv6.sysctl.ip6_rt_mtu_expires;
2775 table[8].data = &net->ipv6.sysctl.ip6_rt_min_advmss;
2776 table[9].data = &net->ipv6.sysctl.ip6_rt_gc_min_interval;
2777 }
2778
2779 return table;
2780 }
2781 #endif
2782
2783 static int __net_init ip6_route_net_init(struct net *net)
2784 {
2785 int ret = -ENOMEM;
2786
2787 memcpy(&net->ipv6.ip6_dst_ops, &ip6_dst_ops_template,
2788 sizeof(net->ipv6.ip6_dst_ops));
2789
2790 if (dst_entries_init(&net->ipv6.ip6_dst_ops) < 0)
2791 goto out_ip6_dst_ops;
2792
2793 net->ipv6.ip6_null_entry = kmemdup(&ip6_null_entry_template,
2794 sizeof(*net->ipv6.ip6_null_entry),
2795 GFP_KERNEL);
2796 if (!net->ipv6.ip6_null_entry)
2797 goto out_ip6_dst_entries;
2798 net->ipv6.ip6_null_entry->dst.path =
2799 (struct dst_entry *)net->ipv6.ip6_null_entry;
2800 net->ipv6.ip6_null_entry->dst.ops = &net->ipv6.ip6_dst_ops;
2801 dst_init_metrics(&net->ipv6.ip6_null_entry->dst,
2802 ip6_template_metrics, true);
2803
2804 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
2805 net->ipv6.ip6_prohibit_entry = kmemdup(&ip6_prohibit_entry_template,
2806 sizeof(*net->ipv6.ip6_prohibit_entry),
2807 GFP_KERNEL);
2808 if (!net->ipv6.ip6_prohibit_entry)
2809 goto out_ip6_null_entry;
2810 net->ipv6.ip6_prohibit_entry->dst.path =
2811 (struct dst_entry *)net->ipv6.ip6_prohibit_entry;
2812 net->ipv6.ip6_prohibit_entry->dst.ops = &net->ipv6.ip6_dst_ops;
2813 dst_init_metrics(&net->ipv6.ip6_prohibit_entry->dst,
2814 ip6_template_metrics, true);
2815
2816 net->ipv6.ip6_blk_hole_entry = kmemdup(&ip6_blk_hole_entry_template,
2817 sizeof(*net->ipv6.ip6_blk_hole_entry),
2818 GFP_KERNEL);
2819 if (!net->ipv6.ip6_blk_hole_entry)
2820 goto out_ip6_prohibit_entry;
2821 net->ipv6.ip6_blk_hole_entry->dst.path =
2822 (struct dst_entry *)net->ipv6.ip6_blk_hole_entry;
2823 net->ipv6.ip6_blk_hole_entry->dst.ops = &net->ipv6.ip6_dst_ops;
2824 dst_init_metrics(&net->ipv6.ip6_blk_hole_entry->dst,
2825 ip6_template_metrics, true);
2826 #endif
2827
2828 net->ipv6.sysctl.flush_delay = 0;
2829 net->ipv6.sysctl.ip6_rt_max_size = 4096;
2830 net->ipv6.sysctl.ip6_rt_gc_min_interval = HZ / 2;
2831 net->ipv6.sysctl.ip6_rt_gc_timeout = 60*HZ;
2832 net->ipv6.sysctl.ip6_rt_gc_interval = 30*HZ;
2833 net->ipv6.sysctl.ip6_rt_gc_elasticity = 9;
2834 net->ipv6.sysctl.ip6_rt_mtu_expires = 10*60*HZ;
2835 net->ipv6.sysctl.ip6_rt_min_advmss = IPV6_MIN_MTU - 20 - 40;
2836
2837 #ifdef CONFIG_PROC_FS
2838 proc_net_fops_create(net, "ipv6_route", 0, &ipv6_route_proc_fops);
2839 proc_net_fops_create(net, "rt6_stats", S_IRUGO, &rt6_stats_seq_fops);
2840 #endif
2841 net->ipv6.ip6_rt_gc_expire = 30*HZ;
2842
2843 ret = 0;
2844 out:
2845 return ret;
2846
2847 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
2848 out_ip6_prohibit_entry:
2849 kfree(net->ipv6.ip6_prohibit_entry);
2850 out_ip6_null_entry:
2851 kfree(net->ipv6.ip6_null_entry);
2852 #endif
2853 out_ip6_dst_entries:
2854 dst_entries_destroy(&net->ipv6.ip6_dst_ops);
2855 out_ip6_dst_ops:
2856 goto out;
2857 }
2858
2859 static void __net_exit ip6_route_net_exit(struct net *net)
2860 {
2861 #ifdef CONFIG_PROC_FS
2862 proc_net_remove(net, "ipv6_route");
2863 proc_net_remove(net, "rt6_stats");
2864 #endif
2865 kfree(net->ipv6.ip6_null_entry);
2866 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
2867 kfree(net->ipv6.ip6_prohibit_entry);
2868 kfree(net->ipv6.ip6_blk_hole_entry);
2869 #endif
2870 dst_entries_destroy(&net->ipv6.ip6_dst_ops);
2871 }
2872
2873 static struct pernet_operations ip6_route_net_ops = {
2874 .init = ip6_route_net_init,
2875 .exit = ip6_route_net_exit,
2876 };
2877
2878 static struct notifier_block ip6_route_dev_notifier = {
2879 .notifier_call = ip6_route_dev_notify,
2880 .priority = 0,
2881 };
2882
2883 int __init ip6_route_init(void)
2884 {
2885 int ret;
2886
2887 ret = -ENOMEM;
2888 ip6_dst_ops_template.kmem_cachep =
2889 kmem_cache_create("ip6_dst_cache", sizeof(struct rt6_info), 0,
2890 SLAB_HWCACHE_ALIGN, NULL);
2891 if (!ip6_dst_ops_template.kmem_cachep)
2892 goto out;
2893
2894 ret = dst_entries_init(&ip6_dst_blackhole_ops);
2895 if (ret)
2896 goto out_kmem_cache;
2897
2898 ret = register_pernet_subsys(&ip6_route_net_ops);
2899 if (ret)
2900 goto out_dst_entries;
2901
2902 ip6_dst_blackhole_ops.kmem_cachep = ip6_dst_ops_template.kmem_cachep;
2903
2904 /* Registering of the loopback is done before this portion of code,
2905 * the loopback reference in rt6_info will not be taken, do it
2906 * manually for init_net */
2907 init_net.ipv6.ip6_null_entry->dst.dev = init_net.loopback_dev;
2908 init_net.ipv6.ip6_null_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev);
2909 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
2910 init_net.ipv6.ip6_prohibit_entry->dst.dev = init_net.loopback_dev;
2911 init_net.ipv6.ip6_prohibit_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev);
2912 init_net.ipv6.ip6_blk_hole_entry->dst.dev = init_net.loopback_dev;
2913 init_net.ipv6.ip6_blk_hole_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev);
2914 #endif
2915 ret = fib6_init();
2916 if (ret)
2917 goto out_register_subsys;
2918
2919 ret = xfrm6_init();
2920 if (ret)
2921 goto out_fib6_init;
2922
2923 ret = fib6_rules_init();
2924 if (ret)
2925 goto xfrm6_init;
2926
2927 ret = -ENOBUFS;
2928 if (__rtnl_register(PF_INET6, RTM_NEWROUTE, inet6_rtm_newroute, NULL, NULL) ||
2929 __rtnl_register(PF_INET6, RTM_DELROUTE, inet6_rtm_delroute, NULL, NULL) ||
2930 __rtnl_register(PF_INET6, RTM_GETROUTE, inet6_rtm_getroute, NULL, NULL))
2931 goto fib6_rules_init;
2932
2933 ret = register_netdevice_notifier(&ip6_route_dev_notifier);
2934 if (ret)
2935 goto fib6_rules_init;
2936
2937 out:
2938 return ret;
2939
2940 fib6_rules_init:
2941 fib6_rules_cleanup();
2942 xfrm6_init:
2943 xfrm6_fini();
2944 out_fib6_init:
2945 fib6_gc_cleanup();
2946 out_register_subsys:
2947 unregister_pernet_subsys(&ip6_route_net_ops);
2948 out_dst_entries:
2949 dst_entries_destroy(&ip6_dst_blackhole_ops);
2950 out_kmem_cache:
2951 kmem_cache_destroy(ip6_dst_ops_template.kmem_cachep);
2952 goto out;
2953 }
2954
2955 void ip6_route_cleanup(void)
2956 {
2957 unregister_netdevice_notifier(&ip6_route_dev_notifier);
2958 fib6_rules_cleanup();
2959 xfrm6_fini();
2960 fib6_gc_cleanup();
2961 unregister_pernet_subsys(&ip6_route_net_ops);
2962 dst_entries_destroy(&ip6_dst_blackhole_ops);
2963 kmem_cache_destroy(ip6_dst_ops_template.kmem_cachep);
2964 }
Ubuntu Focal Linux kernel mirror