2 * Linux INET6 implementation
6 * Pedro Roque <roque@di.fc.ul.pt>
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public License
10 * as published by the Free Software Foundation; either version
11 * 2 of the License, or (at your option) any later version.
16 * YOSHIFUJI Hideaki @USAGI
17 * reworked default router selection.
18 * - respect outgoing interface
19 * - select from (probably) reachable routers (i.e.
20 * routers in REACHABLE, STALE, DELAY or PROBE states).
21 * - always select the same router if it is (probably)
22 * reachable. otherwise, round-robin the list.
24 * Fixed routing subtrees.
27 #define pr_fmt(fmt) "IPv6: " fmt
29 #include <linux/capability.h>
30 #include <linux/errno.h>
31 #include <linux/export.h>
32 #include <linux/types.h>
33 #include <linux/times.h>
34 #include <linux/socket.h>
35 #include <linux/sockios.h>
36 #include <linux/net.h>
37 #include <linux/route.h>
38 #include <linux/netdevice.h>
39 #include <linux/in6.h>
40 #include <linux/mroute6.h>
41 #include <linux/init.h>
42 #include <linux/if_arp.h>
43 #include <linux/proc_fs.h>
44 #include <linux/seq_file.h>
45 #include <linux/nsproxy.h>
46 #include <linux/slab.h>
47 #include <net/net_namespace.h>
50 #include <net/ip6_fib.h>
51 #include <net/ip6_route.h>
52 #include <net/ndisc.h>
53 #include <net/addrconf.h>
55 #include <linux/rtnetlink.h>
57 #include <net/dst_metadata.h>
59 #include <net/netevent.h>
60 #include <net/netlink.h>
61 #include <net/nexthop.h>
62 #include <net/lwtunnel.h>
63 #include <net/ip_tunnels.h>
64 #include <net/l3mdev.h>
65 #include <trace/events/fib6.h>
67 #include <linux/uaccess.h>
70 #include <linux/sysctl.h>
74 RT6_NUD_FAIL_HARD
= -3,
75 RT6_NUD_FAIL_PROBE
= -2,
76 RT6_NUD_FAIL_DO_RR
= -1,
80 static void ip6_rt_copy_init(struct rt6_info
*rt
, struct rt6_info
*ort
);
81 static struct dst_entry
*ip6_dst_check(struct dst_entry
*dst
, u32 cookie
);
82 static unsigned int ip6_default_advmss(const struct dst_entry
*dst
);
83 static unsigned int ip6_mtu(const struct dst_entry
*dst
);
84 static struct dst_entry
*ip6_negative_advice(struct dst_entry
*);
85 static void ip6_dst_destroy(struct dst_entry
*);
86 static void ip6_dst_ifdown(struct dst_entry
*,
87 struct net_device
*dev
, int how
);
88 static int ip6_dst_gc(struct dst_ops
*ops
);
90 static int ip6_pkt_discard(struct sk_buff
*skb
);
91 static int ip6_pkt_discard_out(struct net
*net
, struct sock
*sk
, struct sk_buff
*skb
);
92 static int ip6_pkt_prohibit(struct sk_buff
*skb
);
93 static int ip6_pkt_prohibit_out(struct net
*net
, struct sock
*sk
, struct sk_buff
*skb
);
94 static void ip6_link_failure(struct sk_buff
*skb
);
95 static void ip6_rt_update_pmtu(struct dst_entry
*dst
, struct sock
*sk
,
96 struct sk_buff
*skb
, u32 mtu
);
97 static void rt6_do_redirect(struct dst_entry
*dst
, struct sock
*sk
,
99 static void rt6_dst_from_metrics_check(struct rt6_info
*rt
);
100 static int rt6_score_route(struct rt6_info
*rt
, int oif
, int strict
);
101 static size_t rt6_nlmsg_size(struct rt6_info
*rt
);
102 static int rt6_fill_node(struct net
*net
,
103 struct sk_buff
*skb
, struct rt6_info
*rt
,
104 struct in6_addr
*dst
, struct in6_addr
*src
,
105 int iif
, int type
, u32 portid
, u32 seq
,
108 #ifdef CONFIG_IPV6_ROUTE_INFO
109 static struct rt6_info
*rt6_add_route_info(struct net
*net
,
110 const struct in6_addr
*prefix
, int prefixlen
,
111 const struct in6_addr
*gwaddr
,
112 struct net_device
*dev
,
114 static struct rt6_info
*rt6_get_route_info(struct net
*net
,
115 const struct in6_addr
*prefix
, int prefixlen
,
116 const struct in6_addr
*gwaddr
,
117 struct net_device
*dev
);
120 struct uncached_list
{
122 struct list_head head
;
125 static DEFINE_PER_CPU_ALIGNED(struct uncached_list
, rt6_uncached_list
);
127 static void rt6_uncached_list_add(struct rt6_info
*rt
)
129 struct uncached_list
*ul
= raw_cpu_ptr(&rt6_uncached_list
);
131 rt
->dst
.flags
|= DST_NOCACHE
;
132 rt
->rt6i_uncached_list
= ul
;
134 spin_lock_bh(&ul
->lock
);
135 list_add_tail(&rt
->rt6i_uncached
, &ul
->head
);
136 spin_unlock_bh(&ul
->lock
);
139 static void rt6_uncached_list_del(struct rt6_info
*rt
)
141 if (!list_empty(&rt
->rt6i_uncached
)) {
142 struct uncached_list
*ul
= rt
->rt6i_uncached_list
;
144 spin_lock_bh(&ul
->lock
);
145 list_del(&rt
->rt6i_uncached
);
146 spin_unlock_bh(&ul
->lock
);
150 static void rt6_uncached_list_flush_dev(struct net
*net
, struct net_device
*dev
)
152 struct net_device
*loopback_dev
= net
->loopback_dev
;
155 if (dev
== loopback_dev
)
158 for_each_possible_cpu(cpu
) {
159 struct uncached_list
*ul
= per_cpu_ptr(&rt6_uncached_list
, cpu
);
162 spin_lock_bh(&ul
->lock
);
163 list_for_each_entry(rt
, &ul
->head
, rt6i_uncached
) {
164 struct inet6_dev
*rt_idev
= rt
->rt6i_idev
;
165 struct net_device
*rt_dev
= rt
->dst
.dev
;
167 if (rt_idev
->dev
== dev
) {
168 rt
->rt6i_idev
= in6_dev_get(loopback_dev
);
169 in6_dev_put(rt_idev
);
173 rt
->dst
.dev
= loopback_dev
;
174 dev_hold(rt
->dst
.dev
);
178 spin_unlock_bh(&ul
->lock
);
182 static u32
*rt6_pcpu_cow_metrics(struct rt6_info
*rt
)
184 return dst_metrics_write_ptr(rt
->dst
.from
);
187 static u32
*ipv6_cow_metrics(struct dst_entry
*dst
, unsigned long old
)
189 struct rt6_info
*rt
= (struct rt6_info
*)dst
;
191 if (rt
->rt6i_flags
& RTF_PCPU
)
192 return rt6_pcpu_cow_metrics(rt
);
193 else if (rt
->rt6i_flags
& RTF_CACHE
)
196 return dst_cow_metrics_generic(dst
, old
);
199 static inline const void *choose_neigh_daddr(struct rt6_info
*rt
,
203 struct in6_addr
*p
= &rt
->rt6i_gateway
;
205 if (!ipv6_addr_any(p
))
206 return (const void *) p
;
208 return &ipv6_hdr(skb
)->daddr
;
212 static struct neighbour
*ip6_neigh_lookup(const struct dst_entry
*dst
,
216 struct rt6_info
*rt
= (struct rt6_info
*) dst
;
219 daddr
= choose_neigh_daddr(rt
, skb
, daddr
);
220 n
= __ipv6_neigh_lookup(dst
->dev
, daddr
);
223 return neigh_create(&nd_tbl
, daddr
, dst
->dev
);
226 static void ip6_confirm_neigh(const struct dst_entry
*dst
, const void *daddr
)
228 struct net_device
*dev
= dst
->dev
;
229 struct rt6_info
*rt
= (struct rt6_info
*)dst
;
231 daddr
= choose_neigh_daddr(rt
, NULL
, daddr
);
234 if (dev
->flags
& (IFF_NOARP
| IFF_LOOPBACK
))
236 if (ipv6_addr_is_multicast((const struct in6_addr
*)daddr
))
238 __ipv6_confirm_neigh(dev
, daddr
);
241 static struct dst_ops ip6_dst_ops_template
= {
245 .check
= ip6_dst_check
,
246 .default_advmss
= ip6_default_advmss
,
248 .cow_metrics
= ipv6_cow_metrics
,
249 .destroy
= ip6_dst_destroy
,
250 .ifdown
= ip6_dst_ifdown
,
251 .negative_advice
= ip6_negative_advice
,
252 .link_failure
= ip6_link_failure
,
253 .update_pmtu
= ip6_rt_update_pmtu
,
254 .redirect
= rt6_do_redirect
,
255 .local_out
= __ip6_local_out
,
256 .neigh_lookup
= ip6_neigh_lookup
,
257 .confirm_neigh
= ip6_confirm_neigh
,
260 static unsigned int ip6_blackhole_mtu(const struct dst_entry
*dst
)
262 unsigned int mtu
= dst_metric_raw(dst
, RTAX_MTU
);
264 return mtu
? : dst
->dev
->mtu
;
267 static void ip6_rt_blackhole_update_pmtu(struct dst_entry
*dst
, struct sock
*sk
,
268 struct sk_buff
*skb
, u32 mtu
)
272 static void ip6_rt_blackhole_redirect(struct dst_entry
*dst
, struct sock
*sk
,
277 static struct dst_ops ip6_dst_blackhole_ops
= {
279 .destroy
= ip6_dst_destroy
,
280 .check
= ip6_dst_check
,
281 .mtu
= ip6_blackhole_mtu
,
282 .default_advmss
= ip6_default_advmss
,
283 .update_pmtu
= ip6_rt_blackhole_update_pmtu
,
284 .redirect
= ip6_rt_blackhole_redirect
,
285 .cow_metrics
= dst_cow_metrics_generic
,
286 .neigh_lookup
= ip6_neigh_lookup
,
289 static const u32 ip6_template_metrics
[RTAX_MAX
] = {
290 [RTAX_HOPLIMIT
- 1] = 0,
293 static const struct rt6_info ip6_null_entry_template
= {
295 .__refcnt
= ATOMIC_INIT(1),
297 .obsolete
= DST_OBSOLETE_FORCE_CHK
,
298 .error
= -ENETUNREACH
,
299 .input
= ip6_pkt_discard
,
300 .output
= ip6_pkt_discard_out
,
302 .rt6i_flags
= (RTF_REJECT
| RTF_NONEXTHOP
),
303 .rt6i_protocol
= RTPROT_KERNEL
,
304 .rt6i_metric
= ~(u32
) 0,
305 .rt6i_ref
= ATOMIC_INIT(1),
308 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
310 static const struct rt6_info ip6_prohibit_entry_template
= {
312 .__refcnt
= ATOMIC_INIT(1),
314 .obsolete
= DST_OBSOLETE_FORCE_CHK
,
316 .input
= ip6_pkt_prohibit
,
317 .output
= ip6_pkt_prohibit_out
,
319 .rt6i_flags
= (RTF_REJECT
| RTF_NONEXTHOP
),
320 .rt6i_protocol
= RTPROT_KERNEL
,
321 .rt6i_metric
= ~(u32
) 0,
322 .rt6i_ref
= ATOMIC_INIT(1),
325 static const struct rt6_info ip6_blk_hole_entry_template
= {
327 .__refcnt
= ATOMIC_INIT(1),
329 .obsolete
= DST_OBSOLETE_FORCE_CHK
,
331 .input
= dst_discard
,
332 .output
= dst_discard_out
,
334 .rt6i_flags
= (RTF_REJECT
| RTF_NONEXTHOP
),
335 .rt6i_protocol
= RTPROT_KERNEL
,
336 .rt6i_metric
= ~(u32
) 0,
337 .rt6i_ref
= ATOMIC_INIT(1),
342 static void rt6_info_init(struct rt6_info
*rt
)
344 struct dst_entry
*dst
= &rt
->dst
;
346 memset(dst
+ 1, 0, sizeof(*rt
) - sizeof(*dst
));
347 INIT_LIST_HEAD(&rt
->rt6i_siblings
);
348 INIT_LIST_HEAD(&rt
->rt6i_uncached
);
351 /* allocate dst with ip6_dst_ops */
352 static struct rt6_info
*__ip6_dst_alloc(struct net
*net
,
353 struct net_device
*dev
,
356 struct rt6_info
*rt
= dst_alloc(&net
->ipv6
.ip6_dst_ops
, dev
,
357 0, DST_OBSOLETE_FORCE_CHK
, flags
);
365 struct rt6_info
*ip6_dst_alloc(struct net
*net
,
366 struct net_device
*dev
,
369 struct rt6_info
*rt
= __ip6_dst_alloc(net
, dev
, flags
);
372 rt
->rt6i_pcpu
= alloc_percpu_gfp(struct rt6_info
*, GFP_ATOMIC
);
376 for_each_possible_cpu(cpu
) {
379 p
= per_cpu_ptr(rt
->rt6i_pcpu
, cpu
);
380 /* no one shares rt */
384 dst_destroy((struct dst_entry
*)rt
);
391 EXPORT_SYMBOL(ip6_dst_alloc
);
393 static void ip6_dst_destroy(struct dst_entry
*dst
)
395 struct rt6_info
*rt
= (struct rt6_info
*)dst
;
396 struct dst_entry
*from
= dst
->from
;
397 struct inet6_dev
*idev
;
399 dst_destroy_metrics_generic(dst
);
400 free_percpu(rt
->rt6i_pcpu
);
401 rt6_uncached_list_del(rt
);
403 idev
= rt
->rt6i_idev
;
405 rt
->rt6i_idev
= NULL
;
413 static void ip6_dst_ifdown(struct dst_entry
*dst
, struct net_device
*dev
,
416 struct rt6_info
*rt
= (struct rt6_info
*)dst
;
417 struct inet6_dev
*idev
= rt
->rt6i_idev
;
418 struct net_device
*loopback_dev
=
419 dev_net(dev
)->loopback_dev
;
421 if (dev
!= loopback_dev
) {
422 if (idev
&& idev
->dev
== dev
) {
423 struct inet6_dev
*loopback_idev
=
424 in6_dev_get(loopback_dev
);
426 rt
->rt6i_idev
= loopback_idev
;
433 static bool __rt6_check_expired(const struct rt6_info
*rt
)
435 if (rt
->rt6i_flags
& RTF_EXPIRES
)
436 return time_after(jiffies
, rt
->dst
.expires
);
441 static bool rt6_check_expired(const struct rt6_info
*rt
)
443 if (rt
->rt6i_flags
& RTF_EXPIRES
) {
444 if (time_after(jiffies
, rt
->dst
.expires
))
446 } else if (rt
->dst
.from
) {
447 return rt6_check_expired((struct rt6_info
*) rt
->dst
.from
);
452 /* Multipath route selection:
453 * Hash based function using packet header and flowlabel.
454 * Adapted from fib_info_hashfn()
456 static int rt6_info_hash_nhsfn(unsigned int candidate_count
,
457 const struct flowi6
*fl6
)
459 return get_hash_from_flowi6(fl6
) % candidate_count
;
462 static struct rt6_info
*rt6_multipath_select(struct rt6_info
*match
,
463 struct flowi6
*fl6
, int oif
,
466 struct rt6_info
*sibling
, *next_sibling
;
469 route_choosen
= rt6_info_hash_nhsfn(match
->rt6i_nsiblings
+ 1, fl6
);
470 /* Don't change the route, if route_choosen == 0
471 * (siblings does not include ourself)
474 list_for_each_entry_safe(sibling
, next_sibling
,
475 &match
->rt6i_siblings
, rt6i_siblings
) {
477 if (route_choosen
== 0) {
478 if (rt6_score_route(sibling
, oif
, strict
) < 0)
488 * Route lookup. Any table->tb6_lock is implied.
491 static inline struct rt6_info
*rt6_device_match(struct net
*net
,
493 const struct in6_addr
*saddr
,
497 struct rt6_info
*local
= NULL
;
498 struct rt6_info
*sprt
;
500 if (!oif
&& ipv6_addr_any(saddr
))
503 for (sprt
= rt
; sprt
; sprt
= sprt
->dst
.rt6_next
) {
504 struct net_device
*dev
= sprt
->dst
.dev
;
507 if (dev
->ifindex
== oif
)
509 if (dev
->flags
& IFF_LOOPBACK
) {
510 if (!sprt
->rt6i_idev
||
511 sprt
->rt6i_idev
->dev
->ifindex
!= oif
) {
512 if (flags
& RT6_LOOKUP_F_IFACE
)
515 local
->rt6i_idev
->dev
->ifindex
== oif
)
521 if (ipv6_chk_addr(net
, saddr
, dev
,
522 flags
& RT6_LOOKUP_F_IFACE
))
531 if (flags
& RT6_LOOKUP_F_IFACE
)
532 return net
->ipv6
.ip6_null_entry
;
538 #ifdef CONFIG_IPV6_ROUTER_PREF
539 struct __rt6_probe_work
{
540 struct work_struct work
;
541 struct in6_addr target
;
542 struct net_device
*dev
;
545 static void rt6_probe_deferred(struct work_struct
*w
)
547 struct in6_addr mcaddr
;
548 struct __rt6_probe_work
*work
=
549 container_of(w
, struct __rt6_probe_work
, work
);
551 addrconf_addr_solict_mult(&work
->target
, &mcaddr
);
552 ndisc_send_ns(work
->dev
, &work
->target
, &mcaddr
, NULL
, 0);
557 static void rt6_probe(struct rt6_info
*rt
)
559 struct __rt6_probe_work
*work
;
560 struct neighbour
*neigh
;
562 * Okay, this does not seem to be appropriate
563 * for now, however, we need to check if it
564 * is really so; aka Router Reachability Probing.
566 * Router Reachability Probe MUST be rate-limited
567 * to no more than one per minute.
569 if (!rt
|| !(rt
->rt6i_flags
& RTF_GATEWAY
))
572 neigh
= __ipv6_neigh_lookup_noref(rt
->dst
.dev
, &rt
->rt6i_gateway
);
574 if (neigh
->nud_state
& NUD_VALID
)
578 write_lock(&neigh
->lock
);
579 if (!(neigh
->nud_state
& NUD_VALID
) &&
582 rt
->rt6i_idev
->cnf
.rtr_probe_interval
)) {
583 work
= kmalloc(sizeof(*work
), GFP_ATOMIC
);
585 __neigh_set_probe_once(neigh
);
587 write_unlock(&neigh
->lock
);
589 work
= kmalloc(sizeof(*work
), GFP_ATOMIC
);
593 INIT_WORK(&work
->work
, rt6_probe_deferred
);
594 work
->target
= rt
->rt6i_gateway
;
595 dev_hold(rt
->dst
.dev
);
596 work
->dev
= rt
->dst
.dev
;
597 schedule_work(&work
->work
);
601 rcu_read_unlock_bh();
604 static inline void rt6_probe(struct rt6_info
*rt
)
610 * Default Router Selection (RFC 2461 6.3.6)
612 static inline int rt6_check_dev(struct rt6_info
*rt
, int oif
)
614 struct net_device
*dev
= rt
->dst
.dev
;
615 if (!oif
|| dev
->ifindex
== oif
)
617 if ((dev
->flags
& IFF_LOOPBACK
) &&
618 rt
->rt6i_idev
&& rt
->rt6i_idev
->dev
->ifindex
== oif
)
623 static inline enum rt6_nud_state
rt6_check_neigh(struct rt6_info
*rt
)
625 struct neighbour
*neigh
;
626 enum rt6_nud_state ret
= RT6_NUD_FAIL_HARD
;
628 if (rt
->rt6i_flags
& RTF_NONEXTHOP
||
629 !(rt
->rt6i_flags
& RTF_GATEWAY
))
630 return RT6_NUD_SUCCEED
;
633 neigh
= __ipv6_neigh_lookup_noref(rt
->dst
.dev
, &rt
->rt6i_gateway
);
635 read_lock(&neigh
->lock
);
636 if (neigh
->nud_state
& NUD_VALID
)
637 ret
= RT6_NUD_SUCCEED
;
638 #ifdef CONFIG_IPV6_ROUTER_PREF
639 else if (!(neigh
->nud_state
& NUD_FAILED
))
640 ret
= RT6_NUD_SUCCEED
;
642 ret
= RT6_NUD_FAIL_PROBE
;
644 read_unlock(&neigh
->lock
);
646 ret
= IS_ENABLED(CONFIG_IPV6_ROUTER_PREF
) ?
647 RT6_NUD_SUCCEED
: RT6_NUD_FAIL_DO_RR
;
649 rcu_read_unlock_bh();
654 static int rt6_score_route(struct rt6_info
*rt
, int oif
,
659 m
= rt6_check_dev(rt
, oif
);
660 if (!m
&& (strict
& RT6_LOOKUP_F_IFACE
))
661 return RT6_NUD_FAIL_HARD
;
662 #ifdef CONFIG_IPV6_ROUTER_PREF
663 m
|= IPV6_DECODE_PREF(IPV6_EXTRACT_PREF(rt
->rt6i_flags
)) << 2;
665 if (strict
& RT6_LOOKUP_F_REACHABLE
) {
666 int n
= rt6_check_neigh(rt
);
673 static struct rt6_info
*find_match(struct rt6_info
*rt
, int oif
, int strict
,
674 int *mpri
, struct rt6_info
*match
,
678 bool match_do_rr
= false;
679 struct inet6_dev
*idev
= rt
->rt6i_idev
;
680 struct net_device
*dev
= rt
->dst
.dev
;
682 if (dev
&& !netif_carrier_ok(dev
) &&
683 idev
->cnf
.ignore_routes_with_linkdown
&&
684 !(strict
& RT6_LOOKUP_F_IGNORE_LINKSTATE
))
687 if (rt6_check_expired(rt
))
690 m
= rt6_score_route(rt
, oif
, strict
);
691 if (m
== RT6_NUD_FAIL_DO_RR
) {
693 m
= 0; /* lowest valid score */
694 } else if (m
== RT6_NUD_FAIL_HARD
) {
698 if (strict
& RT6_LOOKUP_F_REACHABLE
)
701 /* note that m can be RT6_NUD_FAIL_PROBE at this point */
703 *do_rr
= match_do_rr
;
711 static struct rt6_info
*find_rr_leaf(struct fib6_node
*fn
,
712 struct rt6_info
*rr_head
,
713 u32 metric
, int oif
, int strict
,
716 struct rt6_info
*rt
, *match
, *cont
;
721 for (rt
= rr_head
; rt
; rt
= rt
->dst
.rt6_next
) {
722 if (rt
->rt6i_metric
!= metric
) {
727 match
= find_match(rt
, oif
, strict
, &mpri
, match
, do_rr
);
730 for (rt
= fn
->leaf
; rt
&& rt
!= rr_head
; rt
= rt
->dst
.rt6_next
) {
731 if (rt
->rt6i_metric
!= metric
) {
736 match
= find_match(rt
, oif
, strict
, &mpri
, match
, do_rr
);
742 for (rt
= cont
; rt
; rt
= rt
->dst
.rt6_next
)
743 match
= find_match(rt
, oif
, strict
, &mpri
, match
, do_rr
);
748 static struct rt6_info
*rt6_select(struct fib6_node
*fn
, int oif
, int strict
)
750 struct rt6_info
*match
, *rt0
;
756 fn
->rr_ptr
= rt0
= fn
->leaf
;
758 match
= find_rr_leaf(fn
, rt0
, rt0
->rt6i_metric
, oif
, strict
,
762 struct rt6_info
*next
= rt0
->dst
.rt6_next
;
764 /* no entries matched; do round-robin */
765 if (!next
|| next
->rt6i_metric
!= rt0
->rt6i_metric
)
772 net
= dev_net(rt0
->dst
.dev
);
773 return match
? match
: net
->ipv6
.ip6_null_entry
;
776 static bool rt6_is_gw_or_nonexthop(const struct rt6_info
*rt
)
778 return (rt
->rt6i_flags
& (RTF_NONEXTHOP
| RTF_GATEWAY
));
781 #ifdef CONFIG_IPV6_ROUTE_INFO
782 int rt6_route_rcv(struct net_device
*dev
, u8
*opt
, int len
,
783 const struct in6_addr
*gwaddr
)
785 struct net
*net
= dev_net(dev
);
786 struct route_info
*rinfo
= (struct route_info
*) opt
;
787 struct in6_addr prefix_buf
, *prefix
;
789 unsigned long lifetime
;
792 if (len
< sizeof(struct route_info
)) {
796 /* Sanity check for prefix_len and length */
797 if (rinfo
->length
> 3) {
799 } else if (rinfo
->prefix_len
> 128) {
801 } else if (rinfo
->prefix_len
> 64) {
802 if (rinfo
->length
< 2) {
805 } else if (rinfo
->prefix_len
> 0) {
806 if (rinfo
->length
< 1) {
811 pref
= rinfo
->route_pref
;
812 if (pref
== ICMPV6_ROUTER_PREF_INVALID
)
815 lifetime
= addrconf_timeout_fixup(ntohl(rinfo
->lifetime
), HZ
);
817 if (rinfo
->length
== 3)
818 prefix
= (struct in6_addr
*)rinfo
->prefix
;
820 /* this function is safe */
821 ipv6_addr_prefix(&prefix_buf
,
822 (struct in6_addr
*)rinfo
->prefix
,
824 prefix
= &prefix_buf
;
827 if (rinfo
->prefix_len
== 0)
828 rt
= rt6_get_dflt_router(gwaddr
, dev
);
830 rt
= rt6_get_route_info(net
, prefix
, rinfo
->prefix_len
,
833 if (rt
&& !lifetime
) {
839 rt
= rt6_add_route_info(net
, prefix
, rinfo
->prefix_len
, gwaddr
,
842 rt
->rt6i_flags
= RTF_ROUTEINFO
|
843 (rt
->rt6i_flags
& ~RTF_PREF_MASK
) | RTF_PREF(pref
);
846 if (!addrconf_finite_timeout(lifetime
))
847 rt6_clean_expires(rt
);
849 rt6_set_expires(rt
, jiffies
+ HZ
* lifetime
);
857 static struct fib6_node
* fib6_backtrack(struct fib6_node
*fn
,
858 struct in6_addr
*saddr
)
860 struct fib6_node
*pn
;
862 if (fn
->fn_flags
& RTN_TL_ROOT
)
865 if (FIB6_SUBTREE(pn
) && FIB6_SUBTREE(pn
) != fn
)
866 fn
= fib6_lookup(FIB6_SUBTREE(pn
), NULL
, saddr
);
869 if (fn
->fn_flags
& RTN_RTINFO
)
874 static struct rt6_info
*ip6_pol_route_lookup(struct net
*net
,
875 struct fib6_table
*table
,
876 struct flowi6
*fl6
, int flags
)
878 struct fib6_node
*fn
;
881 read_lock_bh(&table
->tb6_lock
);
882 fn
= fib6_lookup(&table
->tb6_root
, &fl6
->daddr
, &fl6
->saddr
);
885 rt
= rt6_device_match(net
, rt
, &fl6
->saddr
, fl6
->flowi6_oif
, flags
);
886 if (rt
->rt6i_nsiblings
&& fl6
->flowi6_oif
== 0)
887 rt
= rt6_multipath_select(rt
, fl6
, fl6
->flowi6_oif
, flags
);
888 if (rt
== net
->ipv6
.ip6_null_entry
) {
889 fn
= fib6_backtrack(fn
, &fl6
->saddr
);
893 dst_use(&rt
->dst
, jiffies
);
894 read_unlock_bh(&table
->tb6_lock
);
896 trace_fib6_table_lookup(net
, rt
, table
->tb6_id
, fl6
);
902 struct dst_entry
*ip6_route_lookup(struct net
*net
, struct flowi6
*fl6
,
905 return fib6_rule_lookup(net
, fl6
, flags
, ip6_pol_route_lookup
);
907 EXPORT_SYMBOL_GPL(ip6_route_lookup
);
909 struct rt6_info
*rt6_lookup(struct net
*net
, const struct in6_addr
*daddr
,
910 const struct in6_addr
*saddr
, int oif
, int strict
)
912 struct flowi6 fl6
= {
916 struct dst_entry
*dst
;
917 int flags
= strict
? RT6_LOOKUP_F_IFACE
: 0;
920 memcpy(&fl6
.saddr
, saddr
, sizeof(*saddr
));
921 flags
|= RT6_LOOKUP_F_HAS_SADDR
;
924 dst
= fib6_rule_lookup(net
, &fl6
, flags
, ip6_pol_route_lookup
);
926 return (struct rt6_info
*) dst
;
932 EXPORT_SYMBOL(rt6_lookup
);
934 /* ip6_ins_rt is called with FREE table->tb6_lock.
935 It takes new route entry, the addition fails by any reason the
936 route is freed. In any case, if caller does not hold it, it may
940 static int __ip6_ins_rt(struct rt6_info
*rt
, struct nl_info
*info
,
941 struct mx6_config
*mxc
,
942 struct netlink_ext_ack
*extack
)
945 struct fib6_table
*table
;
947 table
= rt
->rt6i_table
;
948 write_lock_bh(&table
->tb6_lock
);
949 err
= fib6_add(&table
->tb6_root
, rt
, info
, mxc
, extack
);
950 write_unlock_bh(&table
->tb6_lock
);
955 int ip6_ins_rt(struct rt6_info
*rt
)
957 struct nl_info info
= { .nl_net
= dev_net(rt
->dst
.dev
), };
958 struct mx6_config mxc
= { .mx
= NULL
, };
960 return __ip6_ins_rt(rt
, &info
, &mxc
, NULL
);
963 static struct rt6_info
*ip6_rt_cache_alloc(struct rt6_info
*ort
,
964 const struct in6_addr
*daddr
,
965 const struct in6_addr
*saddr
)
973 if (ort
->rt6i_flags
& (RTF_CACHE
| RTF_PCPU
))
974 ort
= (struct rt6_info
*)ort
->dst
.from
;
976 rt
= __ip6_dst_alloc(dev_net(ort
->dst
.dev
), ort
->dst
.dev
, 0);
981 ip6_rt_copy_init(rt
, ort
);
982 rt
->rt6i_flags
|= RTF_CACHE
;
984 rt
->dst
.flags
|= DST_HOST
;
985 rt
->rt6i_dst
.addr
= *daddr
;
986 rt
->rt6i_dst
.plen
= 128;
988 if (!rt6_is_gw_or_nonexthop(ort
)) {
989 if (ort
->rt6i_dst
.plen
!= 128 &&
990 ipv6_addr_equal(&ort
->rt6i_dst
.addr
, daddr
))
991 rt
->rt6i_flags
|= RTF_ANYCAST
;
992 #ifdef CONFIG_IPV6_SUBTREES
993 if (rt
->rt6i_src
.plen
&& saddr
) {
994 rt
->rt6i_src
.addr
= *saddr
;
995 rt
->rt6i_src
.plen
= 128;
1003 static struct rt6_info
*ip6_rt_pcpu_alloc(struct rt6_info
*rt
)
1005 struct rt6_info
*pcpu_rt
;
1007 pcpu_rt
= __ip6_dst_alloc(dev_net(rt
->dst
.dev
),
1008 rt
->dst
.dev
, rt
->dst
.flags
);
1012 ip6_rt_copy_init(pcpu_rt
, rt
);
1013 pcpu_rt
->rt6i_protocol
= rt
->rt6i_protocol
;
1014 pcpu_rt
->rt6i_flags
|= RTF_PCPU
;
1018 /* It should be called with read_lock_bh(&tb6_lock) acquired */
1019 static struct rt6_info
*rt6_get_pcpu_route(struct rt6_info
*rt
)
1021 struct rt6_info
*pcpu_rt
, **p
;
1023 p
= this_cpu_ptr(rt
->rt6i_pcpu
);
1027 dst_hold(&pcpu_rt
->dst
);
1028 rt6_dst_from_metrics_check(pcpu_rt
);
1033 static struct rt6_info
*rt6_make_pcpu_route(struct rt6_info
*rt
)
1035 struct fib6_table
*table
= rt
->rt6i_table
;
1036 struct rt6_info
*pcpu_rt
, *prev
, **p
;
1038 pcpu_rt
= ip6_rt_pcpu_alloc(rt
);
1040 struct net
*net
= dev_net(rt
->dst
.dev
);
1042 dst_hold(&net
->ipv6
.ip6_null_entry
->dst
);
1043 return net
->ipv6
.ip6_null_entry
;
1046 read_lock_bh(&table
->tb6_lock
);
1047 if (rt
->rt6i_pcpu
) {
1048 p
= this_cpu_ptr(rt
->rt6i_pcpu
);
1049 prev
= cmpxchg(p
, NULL
, pcpu_rt
);
1051 /* If someone did it before us, return prev instead */
1052 dst_destroy(&pcpu_rt
->dst
);
1056 /* rt has been removed from the fib6 tree
1057 * before we have a chance to acquire the read_lock.
1058 * In this case, don't brother to create a pcpu rt
1059 * since rt is going away anyway. The next
1060 * dst_check() will trigger a re-lookup.
1062 dst_destroy(&pcpu_rt
->dst
);
1065 dst_hold(&pcpu_rt
->dst
);
1066 rt6_dst_from_metrics_check(pcpu_rt
);
1067 read_unlock_bh(&table
->tb6_lock
);
1071 struct rt6_info
*ip6_pol_route(struct net
*net
, struct fib6_table
*table
,
1072 int oif
, struct flowi6
*fl6
, int flags
)
1074 struct fib6_node
*fn
, *saved_fn
;
1075 struct rt6_info
*rt
;
1078 strict
|= flags
& RT6_LOOKUP_F_IFACE
;
1079 strict
|= flags
& RT6_LOOKUP_F_IGNORE_LINKSTATE
;
1080 if (net
->ipv6
.devconf_all
->forwarding
== 0)
1081 strict
|= RT6_LOOKUP_F_REACHABLE
;
1083 read_lock_bh(&table
->tb6_lock
);
1085 fn
= fib6_lookup(&table
->tb6_root
, &fl6
->daddr
, &fl6
->saddr
);
1088 if (fl6
->flowi6_flags
& FLOWI_FLAG_SKIP_NH_OIF
)
1092 rt
= rt6_select(fn
, oif
, strict
);
1093 if (rt
->rt6i_nsiblings
)
1094 rt
= rt6_multipath_select(rt
, fl6
, oif
, strict
);
1095 if (rt
== net
->ipv6
.ip6_null_entry
) {
1096 fn
= fib6_backtrack(fn
, &fl6
->saddr
);
1098 goto redo_rt6_select
;
1099 else if (strict
& RT6_LOOKUP_F_REACHABLE
) {
1100 /* also consider unreachable route */
1101 strict
&= ~RT6_LOOKUP_F_REACHABLE
;
1103 goto redo_rt6_select
;
1108 if (rt
== net
->ipv6
.ip6_null_entry
|| (rt
->rt6i_flags
& RTF_CACHE
)) {
1109 dst_use(&rt
->dst
, jiffies
);
1110 read_unlock_bh(&table
->tb6_lock
);
1112 rt6_dst_from_metrics_check(rt
);
1114 trace_fib6_table_lookup(net
, rt
, table
->tb6_id
, fl6
);
1116 } else if (unlikely((fl6
->flowi6_flags
& FLOWI_FLAG_KNOWN_NH
) &&
1117 !(rt
->rt6i_flags
& RTF_GATEWAY
))) {
1118 /* Create a RTF_CACHE clone which will not be
1119 * owned by the fib6 tree. It is for the special case where
1120 * the daddr in the skb during the neighbor look-up is different
1121 * from the fl6->daddr used to look-up route here.
1124 struct rt6_info
*uncached_rt
;
1126 dst_use(&rt
->dst
, jiffies
);
1127 read_unlock_bh(&table
->tb6_lock
);
1129 uncached_rt
= ip6_rt_cache_alloc(rt
, &fl6
->daddr
, NULL
);
1130 dst_release(&rt
->dst
);
1133 rt6_uncached_list_add(uncached_rt
);
1135 uncached_rt
= net
->ipv6
.ip6_null_entry
;
1137 dst_hold(&uncached_rt
->dst
);
1139 trace_fib6_table_lookup(net
, uncached_rt
, table
->tb6_id
, fl6
);
1143 /* Get a percpu copy */
1145 struct rt6_info
*pcpu_rt
;
1147 rt
->dst
.lastuse
= jiffies
;
1149 pcpu_rt
= rt6_get_pcpu_route(rt
);
1152 read_unlock_bh(&table
->tb6_lock
);
1154 /* We have to do the read_unlock first
1155 * because rt6_make_pcpu_route() may trigger
1156 * ip6_dst_gc() which will take the write_lock.
1159 read_unlock_bh(&table
->tb6_lock
);
1160 pcpu_rt
= rt6_make_pcpu_route(rt
);
1161 dst_release(&rt
->dst
);
1164 trace_fib6_table_lookup(net
, pcpu_rt
, table
->tb6_id
, fl6
);
1169 EXPORT_SYMBOL_GPL(ip6_pol_route
);
1171 static struct rt6_info
*ip6_pol_route_input(struct net
*net
, struct fib6_table
*table
,
1172 struct flowi6
*fl6
, int flags
)
1174 return ip6_pol_route(net
, table
, fl6
->flowi6_iif
, fl6
, flags
);
1177 struct dst_entry
*ip6_route_input_lookup(struct net
*net
,
1178 struct net_device
*dev
,
1179 struct flowi6
*fl6
, int flags
)
1181 if (rt6_need_strict(&fl6
->daddr
) && dev
->type
!= ARPHRD_PIMREG
)
1182 flags
|= RT6_LOOKUP_F_IFACE
;
1184 return fib6_rule_lookup(net
, fl6
, flags
, ip6_pol_route_input
);
1186 EXPORT_SYMBOL_GPL(ip6_route_input_lookup
);
1188 void ip6_route_input(struct sk_buff
*skb
)
1190 const struct ipv6hdr
*iph
= ipv6_hdr(skb
);
1191 struct net
*net
= dev_net(skb
->dev
);
1192 int flags
= RT6_LOOKUP_F_HAS_SADDR
;
1193 struct ip_tunnel_info
*tun_info
;
1194 struct flowi6 fl6
= {
1195 .flowi6_iif
= skb
->dev
->ifindex
,
1196 .daddr
= iph
->daddr
,
1197 .saddr
= iph
->saddr
,
1198 .flowlabel
= ip6_flowinfo(iph
),
1199 .flowi6_mark
= skb
->mark
,
1200 .flowi6_proto
= iph
->nexthdr
,
1203 tun_info
= skb_tunnel_info(skb
);
1204 if (tun_info
&& !(tun_info
->mode
& IP_TUNNEL_INFO_TX
))
1205 fl6
.flowi6_tun_key
.tun_id
= tun_info
->key
.tun_id
;
1207 skb_dst_set(skb
, ip6_route_input_lookup(net
, skb
->dev
, &fl6
, flags
));
1210 static struct rt6_info
*ip6_pol_route_output(struct net
*net
, struct fib6_table
*table
,
1211 struct flowi6
*fl6
, int flags
)
1213 return ip6_pol_route(net
, table
, fl6
->flowi6_oif
, fl6
, flags
);
1216 struct dst_entry
*ip6_route_output_flags(struct net
*net
, const struct sock
*sk
,
1217 struct flowi6
*fl6
, int flags
)
1221 if (rt6_need_strict(&fl6
->daddr
)) {
1222 struct dst_entry
*dst
;
1224 dst
= l3mdev_link_scope_lookup(net
, fl6
);
1229 fl6
->flowi6_iif
= LOOPBACK_IFINDEX
;
1231 any_src
= ipv6_addr_any(&fl6
->saddr
);
1232 if ((sk
&& sk
->sk_bound_dev_if
) || rt6_need_strict(&fl6
->daddr
) ||
1233 (fl6
->flowi6_oif
&& any_src
))
1234 flags
|= RT6_LOOKUP_F_IFACE
;
1237 flags
|= RT6_LOOKUP_F_HAS_SADDR
;
1239 flags
|= rt6_srcprefs2flags(inet6_sk(sk
)->srcprefs
);
1241 return fib6_rule_lookup(net
, fl6
, flags
, ip6_pol_route_output
);
1243 EXPORT_SYMBOL_GPL(ip6_route_output_flags
);
1245 struct dst_entry
*ip6_blackhole_route(struct net
*net
, struct dst_entry
*dst_orig
)
1247 struct rt6_info
*rt
, *ort
= (struct rt6_info
*) dst_orig
;
1248 struct dst_entry
*new = NULL
;
1250 rt
= dst_alloc(&ip6_dst_blackhole_ops
, ort
->dst
.dev
, 1, DST_OBSOLETE_NONE
, 0);
1256 new->input
= dst_discard
;
1257 new->output
= dst_discard_out
;
1259 dst_copy_metrics(new, &ort
->dst
);
1260 rt
->rt6i_idev
= ort
->rt6i_idev
;
1262 in6_dev_hold(rt
->rt6i_idev
);
1264 rt
->rt6i_gateway
= ort
->rt6i_gateway
;
1265 rt
->rt6i_flags
= ort
->rt6i_flags
& ~RTF_PCPU
;
1266 rt
->rt6i_metric
= 0;
1268 memcpy(&rt
->rt6i_dst
, &ort
->rt6i_dst
, sizeof(struct rt6key
));
1269 #ifdef CONFIG_IPV6_SUBTREES
1270 memcpy(&rt
->rt6i_src
, &ort
->rt6i_src
, sizeof(struct rt6key
));
1276 dst_release(dst_orig
);
1277 return new ? new : ERR_PTR(-ENOMEM
);
1281 * Destination cache support functions
1284 static void rt6_dst_from_metrics_check(struct rt6_info
*rt
)
1287 dst_metrics_ptr(&rt
->dst
) != dst_metrics_ptr(rt
->dst
.from
))
1288 dst_init_metrics(&rt
->dst
, dst_metrics_ptr(rt
->dst
.from
), true);
1291 static struct dst_entry
*rt6_check(struct rt6_info
*rt
, u32 cookie
)
1293 if (!rt
->rt6i_node
|| (rt
->rt6i_node
->fn_sernum
!= cookie
))
1296 if (rt6_check_expired(rt
))
1302 static struct dst_entry
*rt6_dst_from_check(struct rt6_info
*rt
, u32 cookie
)
1304 if (!__rt6_check_expired(rt
) &&
1305 rt
->dst
.obsolete
== DST_OBSOLETE_FORCE_CHK
&&
1306 rt6_check((struct rt6_info
*)(rt
->dst
.from
), cookie
))
1312 static struct dst_entry
*ip6_dst_check(struct dst_entry
*dst
, u32 cookie
)
1314 struct rt6_info
*rt
;
1316 rt
= (struct rt6_info
*) dst
;
1318 /* All IPV6 dsts are created with ->obsolete set to the value
1319 * DST_OBSOLETE_FORCE_CHK which forces validation calls down
1320 * into this function always.
1323 rt6_dst_from_metrics_check(rt
);
1325 if (rt
->rt6i_flags
& RTF_PCPU
||
1326 (unlikely(dst
->flags
& DST_NOCACHE
) && rt
->dst
.from
))
1327 return rt6_dst_from_check(rt
, cookie
);
1329 return rt6_check(rt
, cookie
);
1332 static struct dst_entry
*ip6_negative_advice(struct dst_entry
*dst
)
1334 struct rt6_info
*rt
= (struct rt6_info
*) dst
;
1337 if (rt
->rt6i_flags
& RTF_CACHE
) {
1338 if (rt6_check_expired(rt
)) {
1350 static void ip6_link_failure(struct sk_buff
*skb
)
1352 struct rt6_info
*rt
;
1354 icmpv6_send(skb
, ICMPV6_DEST_UNREACH
, ICMPV6_ADDR_UNREACH
, 0);
1356 rt
= (struct rt6_info
*) skb_dst(skb
);
1358 if (rt
->rt6i_flags
& RTF_CACHE
) {
1361 } else if (rt
->rt6i_node
&& (rt
->rt6i_flags
& RTF_DEFAULT
)) {
1362 rt
->rt6i_node
->fn_sernum
= -1;
1367 static void rt6_do_update_pmtu(struct rt6_info
*rt
, u32 mtu
)
1369 struct net
*net
= dev_net(rt
->dst
.dev
);
1371 rt
->rt6i_flags
|= RTF_MODIFIED
;
1372 rt
->rt6i_pmtu
= mtu
;
1373 rt6_update_expires(rt
, net
->ipv6
.sysctl
.ip6_rt_mtu_expires
);
1376 static bool rt6_cache_allowed_for_pmtu(const struct rt6_info
*rt
)
1378 return !(rt
->rt6i_flags
& RTF_CACHE
) &&
1379 (rt
->rt6i_flags
& RTF_PCPU
|| rt
->rt6i_node
);
1382 static void __ip6_rt_update_pmtu(struct dst_entry
*dst
, const struct sock
*sk
,
1383 const struct ipv6hdr
*iph
, u32 mtu
)
1385 const struct in6_addr
*daddr
, *saddr
;
1386 struct rt6_info
*rt6
= (struct rt6_info
*)dst
;
1388 if (rt6
->rt6i_flags
& RTF_LOCAL
)
1391 if (dst_metric_locked(dst
, RTAX_MTU
))
1395 daddr
= &iph
->daddr
;
1396 saddr
= &iph
->saddr
;
1398 daddr
= &sk
->sk_v6_daddr
;
1399 saddr
= &inet6_sk(sk
)->saddr
;
1404 dst_confirm_neigh(dst
, daddr
);
1405 mtu
= max_t(u32
, mtu
, IPV6_MIN_MTU
);
1406 if (mtu
>= dst_mtu(dst
))
1409 if (!rt6_cache_allowed_for_pmtu(rt6
)) {
1410 rt6_do_update_pmtu(rt6
, mtu
);
1412 struct rt6_info
*nrt6
;
1414 nrt6
= ip6_rt_cache_alloc(rt6
, daddr
, saddr
);
1416 rt6_do_update_pmtu(nrt6
, mtu
);
1418 /* ip6_ins_rt(nrt6) will bump the
1419 * rt6->rt6i_node->fn_sernum
1420 * which will fail the next rt6_check() and
1421 * invalidate the sk->sk_dst_cache.
1428 static void ip6_rt_update_pmtu(struct dst_entry
*dst
, struct sock
*sk
,
1429 struct sk_buff
*skb
, u32 mtu
)
1431 __ip6_rt_update_pmtu(dst
, sk
, skb
? ipv6_hdr(skb
) : NULL
, mtu
);
1434 void ip6_update_pmtu(struct sk_buff
*skb
, struct net
*net
, __be32 mtu
,
1435 int oif
, u32 mark
, kuid_t uid
)
1437 const struct ipv6hdr
*iph
= (struct ipv6hdr
*) skb
->data
;
1438 struct dst_entry
*dst
;
1441 memset(&fl6
, 0, sizeof(fl6
));
1442 fl6
.flowi6_oif
= oif
;
1443 fl6
.flowi6_mark
= mark
? mark
: IP6_REPLY_MARK(net
, skb
->mark
);
1444 fl6
.daddr
= iph
->daddr
;
1445 fl6
.saddr
= iph
->saddr
;
1446 fl6
.flowlabel
= ip6_flowinfo(iph
);
1447 fl6
.flowi6_uid
= uid
;
1449 dst
= ip6_route_output(net
, NULL
, &fl6
);
1451 __ip6_rt_update_pmtu(dst
, NULL
, iph
, ntohl(mtu
));
1454 EXPORT_SYMBOL_GPL(ip6_update_pmtu
);
1456 void ip6_sk_update_pmtu(struct sk_buff
*skb
, struct sock
*sk
, __be32 mtu
)
1458 struct dst_entry
*dst
;
1460 ip6_update_pmtu(skb
, sock_net(sk
), mtu
,
1461 sk
->sk_bound_dev_if
, sk
->sk_mark
, sk
->sk_uid
);
1463 dst
= __sk_dst_get(sk
);
1464 if (!dst
|| !dst
->obsolete
||
1465 dst
->ops
->check(dst
, inet6_sk(sk
)->dst_cookie
))
1469 if (!sock_owned_by_user(sk
) && !ipv6_addr_v4mapped(&sk
->sk_v6_daddr
))
1470 ip6_datagram_dst_update(sk
, false);
1473 EXPORT_SYMBOL_GPL(ip6_sk_update_pmtu
);
1475 /* Handle redirects */
1476 struct ip6rd_flowi
{
1478 struct in6_addr gateway
;
1481 static struct rt6_info
*__ip6_route_redirect(struct net
*net
,
1482 struct fib6_table
*table
,
1486 struct ip6rd_flowi
*rdfl
= (struct ip6rd_flowi
*)fl6
;
1487 struct rt6_info
*rt
;
1488 struct fib6_node
*fn
;
1490 /* Get the "current" route for this destination and
1491 * check if the redirect has come from appropriate router.
1493 * RFC 4861 specifies that redirects should only be
1494 * accepted if they come from the nexthop to the target.
1495 * Due to the way the routes are chosen, this notion
1496 * is a bit fuzzy and one might need to check all possible
1500 read_lock_bh(&table
->tb6_lock
);
1501 fn
= fib6_lookup(&table
->tb6_root
, &fl6
->daddr
, &fl6
->saddr
);
1503 for (rt
= fn
->leaf
; rt
; rt
= rt
->dst
.rt6_next
) {
1504 if (rt6_check_expired(rt
))
1508 if (!(rt
->rt6i_flags
& RTF_GATEWAY
))
1510 if (fl6
->flowi6_oif
!= rt
->dst
.dev
->ifindex
)
1512 if (!ipv6_addr_equal(&rdfl
->gateway
, &rt
->rt6i_gateway
))
1518 rt
= net
->ipv6
.ip6_null_entry
;
1519 else if (rt
->dst
.error
) {
1520 rt
= net
->ipv6
.ip6_null_entry
;
1524 if (rt
== net
->ipv6
.ip6_null_entry
) {
1525 fn
= fib6_backtrack(fn
, &fl6
->saddr
);
1533 read_unlock_bh(&table
->tb6_lock
);
1535 trace_fib6_table_lookup(net
, rt
, table
->tb6_id
, fl6
);
1539 static struct dst_entry
*ip6_route_redirect(struct net
*net
,
1540 const struct flowi6
*fl6
,
1541 const struct in6_addr
*gateway
)
1543 int flags
= RT6_LOOKUP_F_HAS_SADDR
;
1544 struct ip6rd_flowi rdfl
;
1547 rdfl
.gateway
= *gateway
;
1549 return fib6_rule_lookup(net
, &rdfl
.fl6
,
1550 flags
, __ip6_route_redirect
);
1553 void ip6_redirect(struct sk_buff
*skb
, struct net
*net
, int oif
, u32 mark
,
1556 const struct ipv6hdr
*iph
= (struct ipv6hdr
*) skb
->data
;
1557 struct dst_entry
*dst
;
1560 memset(&fl6
, 0, sizeof(fl6
));
1561 fl6
.flowi6_iif
= LOOPBACK_IFINDEX
;
1562 fl6
.flowi6_oif
= oif
;
1563 fl6
.flowi6_mark
= mark
;
1564 fl6
.daddr
= iph
->daddr
;
1565 fl6
.saddr
= iph
->saddr
;
1566 fl6
.flowlabel
= ip6_flowinfo(iph
);
1567 fl6
.flowi6_uid
= uid
;
1569 dst
= ip6_route_redirect(net
, &fl6
, &ipv6_hdr(skb
)->saddr
);
1570 rt6_do_redirect(dst
, NULL
, skb
);
1573 EXPORT_SYMBOL_GPL(ip6_redirect
);
1575 void ip6_redirect_no_header(struct sk_buff
*skb
, struct net
*net
, int oif
,
1578 const struct ipv6hdr
*iph
= ipv6_hdr(skb
);
1579 const struct rd_msg
*msg
= (struct rd_msg
*)icmp6_hdr(skb
);
1580 struct dst_entry
*dst
;
1583 memset(&fl6
, 0, sizeof(fl6
));
1584 fl6
.flowi6_iif
= LOOPBACK_IFINDEX
;
1585 fl6
.flowi6_oif
= oif
;
1586 fl6
.flowi6_mark
= mark
;
1587 fl6
.daddr
= msg
->dest
;
1588 fl6
.saddr
= iph
->daddr
;
1589 fl6
.flowi6_uid
= sock_net_uid(net
, NULL
);
1591 dst
= ip6_route_redirect(net
, &fl6
, &iph
->saddr
);
1592 rt6_do_redirect(dst
, NULL
, skb
);
1596 void ip6_sk_redirect(struct sk_buff
*skb
, struct sock
*sk
)
1598 ip6_redirect(skb
, sock_net(sk
), sk
->sk_bound_dev_if
, sk
->sk_mark
,
1601 EXPORT_SYMBOL_GPL(ip6_sk_redirect
);
1603 static unsigned int ip6_default_advmss(const struct dst_entry
*dst
)
1605 struct net_device
*dev
= dst
->dev
;
1606 unsigned int mtu
= dst_mtu(dst
);
1607 struct net
*net
= dev_net(dev
);
1609 mtu
-= sizeof(struct ipv6hdr
) + sizeof(struct tcphdr
);
1611 if (mtu
< net
->ipv6
.sysctl
.ip6_rt_min_advmss
)
1612 mtu
= net
->ipv6
.sysctl
.ip6_rt_min_advmss
;
1615 * Maximal non-jumbo IPv6 payload is IPV6_MAXPLEN and
1616 * corresponding MSS is IPV6_MAXPLEN - tcp_header_size.
1617 * IPV6_MAXPLEN is also valid and means: "any MSS,
1618 * rely only on pmtu discovery"
1620 if (mtu
> IPV6_MAXPLEN
- sizeof(struct tcphdr
))
1625 static unsigned int ip6_mtu(const struct dst_entry
*dst
)
1627 const struct rt6_info
*rt
= (const struct rt6_info
*)dst
;
1628 unsigned int mtu
= rt
->rt6i_pmtu
;
1629 struct inet6_dev
*idev
;
1634 mtu
= dst_metric_raw(dst
, RTAX_MTU
);
1641 idev
= __in6_dev_get(dst
->dev
);
1643 mtu
= idev
->cnf
.mtu6
;
1647 mtu
= min_t(unsigned int, mtu
, IP6_MAX_MTU
);
1649 return mtu
- lwtunnel_headroom(dst
->lwtstate
, mtu
);
1652 static struct dst_entry
*icmp6_dst_gc_list
;
1653 static DEFINE_SPINLOCK(icmp6_dst_lock
);
1655 struct dst_entry
*icmp6_dst_alloc(struct net_device
*dev
,
1658 struct dst_entry
*dst
;
1659 struct rt6_info
*rt
;
1660 struct inet6_dev
*idev
= in6_dev_get(dev
);
1661 struct net
*net
= dev_net(dev
);
1663 if (unlikely(!idev
))
1664 return ERR_PTR(-ENODEV
);
1666 rt
= ip6_dst_alloc(net
, dev
, 0);
1667 if (unlikely(!rt
)) {
1669 dst
= ERR_PTR(-ENOMEM
);
1673 rt
->dst
.flags
|= DST_HOST
;
1674 rt
->dst
.output
= ip6_output
;
1675 atomic_set(&rt
->dst
.__refcnt
, 1);
1676 rt
->rt6i_gateway
= fl6
->daddr
;
1677 rt
->rt6i_dst
.addr
= fl6
->daddr
;
1678 rt
->rt6i_dst
.plen
= 128;
1679 rt
->rt6i_idev
= idev
;
1680 dst_metric_set(&rt
->dst
, RTAX_HOPLIMIT
, 0);
1682 spin_lock_bh(&icmp6_dst_lock
);
1683 rt
->dst
.next
= icmp6_dst_gc_list
;
1684 icmp6_dst_gc_list
= &rt
->dst
;
1685 spin_unlock_bh(&icmp6_dst_lock
);
1687 fib6_force_start_gc(net
);
1689 dst
= xfrm_lookup(net
, &rt
->dst
, flowi6_to_flowi(fl6
), NULL
, 0);
1695 int icmp6_dst_gc(void)
1697 struct dst_entry
*dst
, **pprev
;
1700 spin_lock_bh(&icmp6_dst_lock
);
1701 pprev
= &icmp6_dst_gc_list
;
1703 while ((dst
= *pprev
) != NULL
) {
1704 if (!atomic_read(&dst
->__refcnt
)) {
1713 spin_unlock_bh(&icmp6_dst_lock
);
1718 static void icmp6_clean_all(int (*func
)(struct rt6_info
*rt
, void *arg
),
1721 struct dst_entry
*dst
, **pprev
;
1723 spin_lock_bh(&icmp6_dst_lock
);
1724 pprev
= &icmp6_dst_gc_list
;
1725 while ((dst
= *pprev
) != NULL
) {
1726 struct rt6_info
*rt
= (struct rt6_info
*) dst
;
1727 if (func(rt
, arg
)) {
1734 spin_unlock_bh(&icmp6_dst_lock
);
1737 static int ip6_dst_gc(struct dst_ops
*ops
)
1739 struct net
*net
= container_of(ops
, struct net
, ipv6
.ip6_dst_ops
);
1740 int rt_min_interval
= net
->ipv6
.sysctl
.ip6_rt_gc_min_interval
;
1741 int rt_max_size
= net
->ipv6
.sysctl
.ip6_rt_max_size
;
1742 int rt_elasticity
= net
->ipv6
.sysctl
.ip6_rt_gc_elasticity
;
1743 int rt_gc_timeout
= net
->ipv6
.sysctl
.ip6_rt_gc_timeout
;
1744 unsigned long rt_last_gc
= net
->ipv6
.ip6_rt_last_gc
;
1747 entries
= dst_entries_get_fast(ops
);
1748 if (time_after(rt_last_gc
+ rt_min_interval
, jiffies
) &&
1749 entries
<= rt_max_size
)
1752 net
->ipv6
.ip6_rt_gc_expire
++;
1753 fib6_run_gc(net
->ipv6
.ip6_rt_gc_expire
, net
, true);
1754 entries
= dst_entries_get_slow(ops
);
1755 if (entries
< ops
->gc_thresh
)
1756 net
->ipv6
.ip6_rt_gc_expire
= rt_gc_timeout
>>1;
1758 net
->ipv6
.ip6_rt_gc_expire
-= net
->ipv6
.ip6_rt_gc_expire
>>rt_elasticity
;
1759 return entries
> rt_max_size
;
1762 static int ip6_convert_metrics(struct mx6_config
*mxc
,
1763 const struct fib6_config
*cfg
)
1765 bool ecn_ca
= false;
1773 mp
= kzalloc(sizeof(u32
) * RTAX_MAX
, GFP_KERNEL
);
1777 nla_for_each_attr(nla
, cfg
->fc_mx
, cfg
->fc_mx_len
, remaining
) {
1778 int type
= nla_type(nla
);
1783 if (unlikely(type
> RTAX_MAX
))
1786 if (type
== RTAX_CC_ALGO
) {
1787 char tmp
[TCP_CA_NAME_MAX
];
1789 nla_strlcpy(tmp
, nla
, sizeof(tmp
));
1790 val
= tcp_ca_get_key_by_name(tmp
, &ecn_ca
);
1791 if (val
== TCP_CA_UNSPEC
)
1794 val
= nla_get_u32(nla
);
1796 if (type
== RTAX_HOPLIMIT
&& val
> 255)
1798 if (type
== RTAX_FEATURES
&& (val
& ~RTAX_FEATURE_MASK
))
1802 __set_bit(type
- 1, mxc
->mx_valid
);
1806 __set_bit(RTAX_FEATURES
- 1, mxc
->mx_valid
);
1807 mp
[RTAX_FEATURES
- 1] |= DST_FEATURE_ECN_CA
;
1817 static struct rt6_info
*ip6_nh_lookup_table(struct net
*net
,
1818 struct fib6_config
*cfg
,
1819 const struct in6_addr
*gw_addr
)
1821 struct flowi6 fl6
= {
1822 .flowi6_oif
= cfg
->fc_ifindex
,
1824 .saddr
= cfg
->fc_prefsrc
,
1826 struct fib6_table
*table
;
1827 struct rt6_info
*rt
;
1828 int flags
= RT6_LOOKUP_F_IFACE
| RT6_LOOKUP_F_IGNORE_LINKSTATE
;
1830 table
= fib6_get_table(net
, cfg
->fc_table
);
1834 if (!ipv6_addr_any(&cfg
->fc_prefsrc
))
1835 flags
|= RT6_LOOKUP_F_HAS_SADDR
;
1837 rt
= ip6_pol_route(net
, table
, cfg
->fc_ifindex
, &fl6
, flags
);
1839 /* if table lookup failed, fall back to full lookup */
1840 if (rt
== net
->ipv6
.ip6_null_entry
) {
1848 static struct rt6_info
*ip6_route_info_create(struct fib6_config
*cfg
,
1849 struct netlink_ext_ack
*extack
)
1851 struct net
*net
= cfg
->fc_nlinfo
.nl_net
;
1852 struct rt6_info
*rt
= NULL
;
1853 struct net_device
*dev
= NULL
;
1854 struct inet6_dev
*idev
= NULL
;
1855 struct fib6_table
*table
;
1859 /* RTF_PCPU is an internal flag; can not be set by userspace */
1860 if (cfg
->fc_flags
& RTF_PCPU
) {
1861 NL_SET_ERR_MSG(extack
, "Userspace can not set RTF_PCPU");
1865 if (cfg
->fc_dst_len
> 128) {
1866 NL_SET_ERR_MSG(extack
, "Invalid prefix length");
1869 if (cfg
->fc_src_len
> 128) {
1870 NL_SET_ERR_MSG(extack
, "Invalid source address length");
1873 #ifndef CONFIG_IPV6_SUBTREES
1874 if (cfg
->fc_src_len
) {
1875 NL_SET_ERR_MSG(extack
,
1876 "Specifying source address requires IPV6_SUBTREES to be enabled");
1880 if (cfg
->fc_ifindex
) {
1882 dev
= dev_get_by_index(net
, cfg
->fc_ifindex
);
1885 idev
= in6_dev_get(dev
);
1890 if (cfg
->fc_metric
== 0)
1891 cfg
->fc_metric
= IP6_RT_PRIO_USER
;
1894 if (cfg
->fc_nlinfo
.nlh
&&
1895 !(cfg
->fc_nlinfo
.nlh
->nlmsg_flags
& NLM_F_CREATE
)) {
1896 table
= fib6_get_table(net
, cfg
->fc_table
);
1898 pr_warn("NLM_F_CREATE should be specified when creating new route\n");
1899 table
= fib6_new_table(net
, cfg
->fc_table
);
1902 table
= fib6_new_table(net
, cfg
->fc_table
);
1908 rt
= ip6_dst_alloc(net
, NULL
,
1909 (cfg
->fc_flags
& RTF_ADDRCONF
) ? 0 : DST_NOCOUNT
);
1916 if (cfg
->fc_flags
& RTF_EXPIRES
)
1917 rt6_set_expires(rt
, jiffies
+
1918 clock_t_to_jiffies(cfg
->fc_expires
));
1920 rt6_clean_expires(rt
);
1922 if (cfg
->fc_protocol
== RTPROT_UNSPEC
)
1923 cfg
->fc_protocol
= RTPROT_BOOT
;
1924 rt
->rt6i_protocol
= cfg
->fc_protocol
;
1926 addr_type
= ipv6_addr_type(&cfg
->fc_dst
);
1928 if (addr_type
& IPV6_ADDR_MULTICAST
)
1929 rt
->dst
.input
= ip6_mc_input
;
1930 else if (cfg
->fc_flags
& RTF_LOCAL
)
1931 rt
->dst
.input
= ip6_input
;
1933 rt
->dst
.input
= ip6_forward
;
1935 rt
->dst
.output
= ip6_output
;
1937 if (cfg
->fc_encap
) {
1938 struct lwtunnel_state
*lwtstate
;
1940 err
= lwtunnel_build_state(cfg
->fc_encap_type
,
1941 cfg
->fc_encap
, AF_INET6
, cfg
,
1945 rt
->dst
.lwtstate
= lwtstate_get(lwtstate
);
1946 if (lwtunnel_output_redirect(rt
->dst
.lwtstate
)) {
1947 rt
->dst
.lwtstate
->orig_output
= rt
->dst
.output
;
1948 rt
->dst
.output
= lwtunnel_output
;
1950 if (lwtunnel_input_redirect(rt
->dst
.lwtstate
)) {
1951 rt
->dst
.lwtstate
->orig_input
= rt
->dst
.input
;
1952 rt
->dst
.input
= lwtunnel_input
;
1956 ipv6_addr_prefix(&rt
->rt6i_dst
.addr
, &cfg
->fc_dst
, cfg
->fc_dst_len
);
1957 rt
->rt6i_dst
.plen
= cfg
->fc_dst_len
;
1958 if (rt
->rt6i_dst
.plen
== 128)
1959 rt
->dst
.flags
|= DST_HOST
;
1961 #ifdef CONFIG_IPV6_SUBTREES
1962 ipv6_addr_prefix(&rt
->rt6i_src
.addr
, &cfg
->fc_src
, cfg
->fc_src_len
);
1963 rt
->rt6i_src
.plen
= cfg
->fc_src_len
;
1966 rt
->rt6i_metric
= cfg
->fc_metric
;
1968 /* We cannot add true routes via loopback here,
1969 they would result in kernel looping; promote them to reject routes
1971 if ((cfg
->fc_flags
& RTF_REJECT
) ||
1972 (dev
&& (dev
->flags
& IFF_LOOPBACK
) &&
1973 !(addr_type
& IPV6_ADDR_LOOPBACK
) &&
1974 !(cfg
->fc_flags
& RTF_LOCAL
))) {
1975 /* hold loopback dev/idev if we haven't done so. */
1976 if (dev
!= net
->loopback_dev
) {
1981 dev
= net
->loopback_dev
;
1983 idev
= in6_dev_get(dev
);
1989 rt
->rt6i_flags
= RTF_REJECT
|RTF_NONEXTHOP
;
1990 switch (cfg
->fc_type
) {
1992 rt
->dst
.error
= -EINVAL
;
1993 rt
->dst
.output
= dst_discard_out
;
1994 rt
->dst
.input
= dst_discard
;
1997 rt
->dst
.error
= -EACCES
;
1998 rt
->dst
.output
= ip6_pkt_prohibit_out
;
1999 rt
->dst
.input
= ip6_pkt_prohibit
;
2002 case RTN_UNREACHABLE
:
2004 rt
->dst
.error
= (cfg
->fc_type
== RTN_THROW
) ? -EAGAIN
2005 : (cfg
->fc_type
== RTN_UNREACHABLE
)
2006 ? -EHOSTUNREACH
: -ENETUNREACH
;
2007 rt
->dst
.output
= ip6_pkt_discard_out
;
2008 rt
->dst
.input
= ip6_pkt_discard
;
2014 if (cfg
->fc_flags
& RTF_GATEWAY
) {
2015 const struct in6_addr
*gw_addr
;
2018 gw_addr
= &cfg
->fc_gateway
;
2019 gwa_type
= ipv6_addr_type(gw_addr
);
2021 /* if gw_addr is local we will fail to detect this in case
2022 * address is still TENTATIVE (DAD in progress). rt6_lookup()
2023 * will return already-added prefix route via interface that
2024 * prefix route was assigned to, which might be non-loopback.
2027 if (ipv6_chk_addr_and_flags(net
, gw_addr
,
2028 gwa_type
& IPV6_ADDR_LINKLOCAL
?
2029 dev
: NULL
, 0, 0)) {
2030 NL_SET_ERR_MSG(extack
, "Invalid gateway address");
2033 rt
->rt6i_gateway
= *gw_addr
;
2035 if (gwa_type
!= (IPV6_ADDR_LINKLOCAL
|IPV6_ADDR_UNICAST
)) {
2036 struct rt6_info
*grt
= NULL
;
2038 /* IPv6 strictly inhibits using not link-local
2039 addresses as nexthop address.
2040 Otherwise, router will not able to send redirects.
2041 It is very good, but in some (rare!) circumstances
2042 (SIT, PtP, NBMA NOARP links) it is handy to allow
2043 some exceptions. --ANK
2044 We allow IPv4-mapped nexthops to support RFC4798-type
2047 if (!(gwa_type
& (IPV6_ADDR_UNICAST
|
2048 IPV6_ADDR_MAPPED
))) {
2049 NL_SET_ERR_MSG(extack
,
2050 "Invalid gateway address");
2054 if (cfg
->fc_table
) {
2055 grt
= ip6_nh_lookup_table(net
, cfg
, gw_addr
);
2058 if (grt
->rt6i_flags
& RTF_GATEWAY
||
2059 (dev
&& dev
!= grt
->dst
.dev
)) {
2067 grt
= rt6_lookup(net
, gw_addr
, NULL
,
2068 cfg
->fc_ifindex
, 1);
2070 err
= -EHOSTUNREACH
;
2074 if (dev
!= grt
->dst
.dev
) {
2080 idev
= grt
->rt6i_idev
;
2082 in6_dev_hold(grt
->rt6i_idev
);
2084 if (!(grt
->rt6i_flags
& RTF_GATEWAY
))
2093 NL_SET_ERR_MSG(extack
, "Egress device not specified");
2095 } else if (dev
->flags
& IFF_LOOPBACK
) {
2096 NL_SET_ERR_MSG(extack
,
2097 "Egress device can not be loopback device for this route");
2106 if (!ipv6_addr_any(&cfg
->fc_prefsrc
)) {
2107 if (!ipv6_chk_addr(net
, &cfg
->fc_prefsrc
, dev
, 0)) {
2108 NL_SET_ERR_MSG(extack
, "Invalid source address");
2112 rt
->rt6i_prefsrc
.addr
= cfg
->fc_prefsrc
;
2113 rt
->rt6i_prefsrc
.plen
= 128;
2115 rt
->rt6i_prefsrc
.plen
= 0;
2117 rt
->rt6i_flags
= cfg
->fc_flags
;
2121 rt
->rt6i_idev
= idev
;
2122 rt
->rt6i_table
= table
;
2124 cfg
->fc_nlinfo
.nl_net
= dev_net(dev
);
2135 return ERR_PTR(err
);
2138 int ip6_route_add(struct fib6_config
*cfg
,
2139 struct netlink_ext_ack
*extack
)
2141 struct mx6_config mxc
= { .mx
= NULL
, };
2142 struct rt6_info
*rt
;
2145 rt
= ip6_route_info_create(cfg
, extack
);
2152 err
= ip6_convert_metrics(&mxc
, cfg
);
2156 err
= __ip6_ins_rt(rt
, &cfg
->fc_nlinfo
, &mxc
, extack
);
2168 static int __ip6_del_rt(struct rt6_info
*rt
, struct nl_info
*info
)
2171 struct fib6_table
*table
;
2172 struct net
*net
= dev_net(rt
->dst
.dev
);
2174 if (rt
== net
->ipv6
.ip6_null_entry
||
2175 rt
->dst
.flags
& DST_NOCACHE
) {
2180 table
= rt
->rt6i_table
;
2181 write_lock_bh(&table
->tb6_lock
);
2182 err
= fib6_del(rt
, info
);
2183 write_unlock_bh(&table
->tb6_lock
);
2190 int ip6_del_rt(struct rt6_info
*rt
)
2192 struct nl_info info
= {
2193 .nl_net
= dev_net(rt
->dst
.dev
),
2195 return __ip6_del_rt(rt
, &info
);
2198 static int __ip6_del_rt_siblings(struct rt6_info
*rt
, struct fib6_config
*cfg
)
2200 struct nl_info
*info
= &cfg
->fc_nlinfo
;
2201 struct net
*net
= info
->nl_net
;
2202 struct sk_buff
*skb
= NULL
;
2203 struct fib6_table
*table
;
2206 if (rt
== net
->ipv6
.ip6_null_entry
)
2208 table
= rt
->rt6i_table
;
2209 write_lock_bh(&table
->tb6_lock
);
2211 if (rt
->rt6i_nsiblings
&& cfg
->fc_delete_all_nh
) {
2212 struct rt6_info
*sibling
, *next_sibling
;
2214 /* prefer to send a single notification with all hops */
2215 skb
= nlmsg_new(rt6_nlmsg_size(rt
), gfp_any());
2217 u32 seq
= info
->nlh
? info
->nlh
->nlmsg_seq
: 0;
2219 if (rt6_fill_node(net
, skb
, rt
,
2220 NULL
, NULL
, 0, RTM_DELROUTE
,
2221 info
->portid
, seq
, 0) < 0) {
2225 info
->skip_notify
= 1;
2228 list_for_each_entry_safe(sibling
, next_sibling
,
2231 err
= fib6_del(sibling
, info
);
2237 err
= fib6_del(rt
, info
);
2239 write_unlock_bh(&table
->tb6_lock
);
2244 rtnl_notify(skb
, net
, info
->portid
, RTNLGRP_IPV6_ROUTE
,
2245 info
->nlh
, gfp_any());
2250 static int ip6_route_del(struct fib6_config
*cfg
,
2251 struct netlink_ext_ack
*extack
)
2253 struct fib6_table
*table
;
2254 struct fib6_node
*fn
;
2255 struct rt6_info
*rt
;
2258 table
= fib6_get_table(cfg
->fc_nlinfo
.nl_net
, cfg
->fc_table
);
2260 NL_SET_ERR_MSG(extack
, "FIB table does not exist");
2264 read_lock_bh(&table
->tb6_lock
);
2266 fn
= fib6_locate(&table
->tb6_root
,
2267 &cfg
->fc_dst
, cfg
->fc_dst_len
,
2268 &cfg
->fc_src
, cfg
->fc_src_len
);
2271 for (rt
= fn
->leaf
; rt
; rt
= rt
->dst
.rt6_next
) {
2272 if ((rt
->rt6i_flags
& RTF_CACHE
) &&
2273 !(cfg
->fc_flags
& RTF_CACHE
))
2275 if (cfg
->fc_ifindex
&&
2277 rt
->dst
.dev
->ifindex
!= cfg
->fc_ifindex
))
2279 if (cfg
->fc_flags
& RTF_GATEWAY
&&
2280 !ipv6_addr_equal(&cfg
->fc_gateway
, &rt
->rt6i_gateway
))
2282 if (cfg
->fc_metric
&& cfg
->fc_metric
!= rt
->rt6i_metric
)
2284 if (cfg
->fc_protocol
&& cfg
->fc_protocol
!= rt
->rt6i_protocol
)
2287 read_unlock_bh(&table
->tb6_lock
);
2289 /* if gateway was specified only delete the one hop */
2290 if (cfg
->fc_flags
& RTF_GATEWAY
)
2291 return __ip6_del_rt(rt
, &cfg
->fc_nlinfo
);
2293 return __ip6_del_rt_siblings(rt
, cfg
);
2296 read_unlock_bh(&table
->tb6_lock
);
2301 static void rt6_do_redirect(struct dst_entry
*dst
, struct sock
*sk
, struct sk_buff
*skb
)
2303 struct netevent_redirect netevent
;
2304 struct rt6_info
*rt
, *nrt
= NULL
;
2305 struct ndisc_options ndopts
;
2306 struct inet6_dev
*in6_dev
;
2307 struct neighbour
*neigh
;
2309 int optlen
, on_link
;
2312 optlen
= skb_tail_pointer(skb
) - skb_transport_header(skb
);
2313 optlen
-= sizeof(*msg
);
2316 net_dbg_ratelimited("rt6_do_redirect: packet too short\n");
2320 msg
= (struct rd_msg
*)icmp6_hdr(skb
);
2322 if (ipv6_addr_is_multicast(&msg
->dest
)) {
2323 net_dbg_ratelimited("rt6_do_redirect: destination address is multicast\n");
2328 if (ipv6_addr_equal(&msg
->dest
, &msg
->target
)) {
2330 } else if (ipv6_addr_type(&msg
->target
) !=
2331 (IPV6_ADDR_UNICAST
|IPV6_ADDR_LINKLOCAL
)) {
2332 net_dbg_ratelimited("rt6_do_redirect: target address is not link-local unicast\n");
2336 in6_dev
= __in6_dev_get(skb
->dev
);
2339 if (in6_dev
->cnf
.forwarding
|| !in6_dev
->cnf
.accept_redirects
)
2343 * The IP source address of the Redirect MUST be the same as the current
2344 * first-hop router for the specified ICMP Destination Address.
2347 if (!ndisc_parse_options(skb
->dev
, msg
->opt
, optlen
, &ndopts
)) {
2348 net_dbg_ratelimited("rt6_redirect: invalid ND options\n");
2353 if (ndopts
.nd_opts_tgt_lladdr
) {
2354 lladdr
= ndisc_opt_addr_data(ndopts
.nd_opts_tgt_lladdr
,
2357 net_dbg_ratelimited("rt6_redirect: invalid link-layer address length\n");
2362 rt
= (struct rt6_info
*) dst
;
2363 if (rt
->rt6i_flags
& RTF_REJECT
) {
2364 net_dbg_ratelimited("rt6_redirect: source isn't a valid nexthop for redirect target\n");
2368 /* Redirect received -> path was valid.
2369 * Look, redirects are sent only in response to data packets,
2370 * so that this nexthop apparently is reachable. --ANK
2372 dst_confirm_neigh(&rt
->dst
, &ipv6_hdr(skb
)->saddr
);
2374 neigh
= __neigh_lookup(&nd_tbl
, &msg
->target
, skb
->dev
, 1);
2379 * We have finally decided to accept it.
2382 ndisc_update(skb
->dev
, neigh
, lladdr
, NUD_STALE
,
2383 NEIGH_UPDATE_F_WEAK_OVERRIDE
|
2384 NEIGH_UPDATE_F_OVERRIDE
|
2385 (on_link
? 0 : (NEIGH_UPDATE_F_OVERRIDE_ISROUTER
|
2386 NEIGH_UPDATE_F_ISROUTER
)),
2387 NDISC_REDIRECT
, &ndopts
);
2389 nrt
= ip6_rt_cache_alloc(rt
, &msg
->dest
, NULL
);
2393 nrt
->rt6i_flags
= RTF_GATEWAY
|RTF_UP
|RTF_DYNAMIC
|RTF_CACHE
;
2395 nrt
->rt6i_flags
&= ~RTF_GATEWAY
;
2397 nrt
->rt6i_gateway
= *(struct in6_addr
*)neigh
->primary_key
;
2399 if (ip6_ins_rt(nrt
))
2402 netevent
.old
= &rt
->dst
;
2403 netevent
.new = &nrt
->dst
;
2404 netevent
.daddr
= &msg
->dest
;
2405 netevent
.neigh
= neigh
;
2406 call_netevent_notifiers(NETEVENT_REDIRECT
, &netevent
);
2408 if (rt
->rt6i_flags
& RTF_CACHE
) {
2409 rt
= (struct rt6_info
*) dst_clone(&rt
->dst
);
2414 neigh_release(neigh
);
2418 * Misc support functions
2421 static void rt6_set_from(struct rt6_info
*rt
, struct rt6_info
*from
)
2423 BUG_ON(from
->dst
.from
);
2425 rt
->rt6i_flags
&= ~RTF_EXPIRES
;
2426 dst_hold(&from
->dst
);
2427 rt
->dst
.from
= &from
->dst
;
2428 dst_init_metrics(&rt
->dst
, dst_metrics_ptr(&from
->dst
), true);
2431 static void ip6_rt_copy_init(struct rt6_info
*rt
, struct rt6_info
*ort
)
2433 rt
->dst
.input
= ort
->dst
.input
;
2434 rt
->dst
.output
= ort
->dst
.output
;
2435 rt
->rt6i_dst
= ort
->rt6i_dst
;
2436 rt
->dst
.error
= ort
->dst
.error
;
2437 rt
->rt6i_idev
= ort
->rt6i_idev
;
2439 in6_dev_hold(rt
->rt6i_idev
);
2440 rt
->dst
.lastuse
= jiffies
;
2441 rt
->rt6i_gateway
= ort
->rt6i_gateway
;
2442 rt
->rt6i_flags
= ort
->rt6i_flags
;
2443 rt6_set_from(rt
, ort
);
2444 rt
->rt6i_metric
= ort
->rt6i_metric
;
2445 #ifdef CONFIG_IPV6_SUBTREES
2446 rt
->rt6i_src
= ort
->rt6i_src
;
2448 rt
->rt6i_prefsrc
= ort
->rt6i_prefsrc
;
2449 rt
->rt6i_table
= ort
->rt6i_table
;
2450 rt
->dst
.lwtstate
= lwtstate_get(ort
->dst
.lwtstate
);
2453 #ifdef CONFIG_IPV6_ROUTE_INFO
2454 static struct rt6_info
*rt6_get_route_info(struct net
*net
,
2455 const struct in6_addr
*prefix
, int prefixlen
,
2456 const struct in6_addr
*gwaddr
,
2457 struct net_device
*dev
)
2459 u32 tb_id
= l3mdev_fib_table(dev
) ? : RT6_TABLE_INFO
;
2460 int ifindex
= dev
->ifindex
;
2461 struct fib6_node
*fn
;
2462 struct rt6_info
*rt
= NULL
;
2463 struct fib6_table
*table
;
2465 table
= fib6_get_table(net
, tb_id
);
2469 read_lock_bh(&table
->tb6_lock
);
2470 fn
= fib6_locate(&table
->tb6_root
, prefix
, prefixlen
, NULL
, 0);
2474 for (rt
= fn
->leaf
; rt
; rt
= rt
->dst
.rt6_next
) {
2475 if (rt
->dst
.dev
->ifindex
!= ifindex
)
2477 if ((rt
->rt6i_flags
& (RTF_ROUTEINFO
|RTF_GATEWAY
)) != (RTF_ROUTEINFO
|RTF_GATEWAY
))
2479 if (!ipv6_addr_equal(&rt
->rt6i_gateway
, gwaddr
))
2485 read_unlock_bh(&table
->tb6_lock
);
2489 static struct rt6_info
*rt6_add_route_info(struct net
*net
,
2490 const struct in6_addr
*prefix
, int prefixlen
,
2491 const struct in6_addr
*gwaddr
,
2492 struct net_device
*dev
,
2495 struct fib6_config cfg
= {
2496 .fc_metric
= IP6_RT_PRIO_USER
,
2497 .fc_ifindex
= dev
->ifindex
,
2498 .fc_dst_len
= prefixlen
,
2499 .fc_flags
= RTF_GATEWAY
| RTF_ADDRCONF
| RTF_ROUTEINFO
|
2500 RTF_UP
| RTF_PREF(pref
),
2501 .fc_nlinfo
.portid
= 0,
2502 .fc_nlinfo
.nlh
= NULL
,
2503 .fc_nlinfo
.nl_net
= net
,
2506 cfg
.fc_table
= l3mdev_fib_table(dev
) ? : RT6_TABLE_INFO
,
2507 cfg
.fc_dst
= *prefix
;
2508 cfg
.fc_gateway
= *gwaddr
;
2510 /* We should treat it as a default route if prefix length is 0. */
2512 cfg
.fc_flags
|= RTF_DEFAULT
;
2514 ip6_route_add(&cfg
, NULL
);
2516 return rt6_get_route_info(net
, prefix
, prefixlen
, gwaddr
, dev
);
2520 struct rt6_info
*rt6_get_dflt_router(const struct in6_addr
*addr
, struct net_device
*dev
)
2522 u32 tb_id
= l3mdev_fib_table(dev
) ? : RT6_TABLE_DFLT
;
2523 struct rt6_info
*rt
;
2524 struct fib6_table
*table
;
2526 table
= fib6_get_table(dev_net(dev
), tb_id
);
2530 read_lock_bh(&table
->tb6_lock
);
2531 for (rt
= table
->tb6_root
.leaf
; rt
; rt
= rt
->dst
.rt6_next
) {
2532 if (dev
== rt
->dst
.dev
&&
2533 ((rt
->rt6i_flags
& (RTF_ADDRCONF
| RTF_DEFAULT
)) == (RTF_ADDRCONF
| RTF_DEFAULT
)) &&
2534 ipv6_addr_equal(&rt
->rt6i_gateway
, addr
))
2539 read_unlock_bh(&table
->tb6_lock
);
2543 struct rt6_info
*rt6_add_dflt_router(const struct in6_addr
*gwaddr
,
2544 struct net_device
*dev
,
2547 struct fib6_config cfg
= {
2548 .fc_table
= l3mdev_fib_table(dev
) ? : RT6_TABLE_DFLT
,
2549 .fc_metric
= IP6_RT_PRIO_USER
,
2550 .fc_ifindex
= dev
->ifindex
,
2551 .fc_flags
= RTF_GATEWAY
| RTF_ADDRCONF
| RTF_DEFAULT
|
2552 RTF_UP
| RTF_EXPIRES
| RTF_PREF(pref
),
2553 .fc_nlinfo
.portid
= 0,
2554 .fc_nlinfo
.nlh
= NULL
,
2555 .fc_nlinfo
.nl_net
= dev_net(dev
),
2558 cfg
.fc_gateway
= *gwaddr
;
2560 if (!ip6_route_add(&cfg
, NULL
)) {
2561 struct fib6_table
*table
;
2563 table
= fib6_get_table(dev_net(dev
), cfg
.fc_table
);
2565 table
->flags
|= RT6_TABLE_HAS_DFLT_ROUTER
;
2568 return rt6_get_dflt_router(gwaddr
, dev
);
2571 static void __rt6_purge_dflt_routers(struct fib6_table
*table
)
2573 struct rt6_info
*rt
;
2576 read_lock_bh(&table
->tb6_lock
);
2577 for (rt
= table
->tb6_root
.leaf
; rt
; rt
= rt
->dst
.rt6_next
) {
2578 if (rt
->rt6i_flags
& (RTF_DEFAULT
| RTF_ADDRCONF
) &&
2579 (!rt
->rt6i_idev
|| rt
->rt6i_idev
->cnf
.accept_ra
!= 2)) {
2581 read_unlock_bh(&table
->tb6_lock
);
2586 read_unlock_bh(&table
->tb6_lock
);
2588 table
->flags
&= ~RT6_TABLE_HAS_DFLT_ROUTER
;
2591 void rt6_purge_dflt_routers(struct net
*net
)
2593 struct fib6_table
*table
;
2594 struct hlist_head
*head
;
2599 for (h
= 0; h
< FIB6_TABLE_HASHSZ
; h
++) {
2600 head
= &net
->ipv6
.fib_table_hash
[h
];
2601 hlist_for_each_entry_rcu(table
, head
, tb6_hlist
) {
2602 if (table
->flags
& RT6_TABLE_HAS_DFLT_ROUTER
)
2603 __rt6_purge_dflt_routers(table
);
2610 static void rtmsg_to_fib6_config(struct net
*net
,
2611 struct in6_rtmsg
*rtmsg
,
2612 struct fib6_config
*cfg
)
2614 memset(cfg
, 0, sizeof(*cfg
));
2616 cfg
->fc_table
= l3mdev_fib_table_by_index(net
, rtmsg
->rtmsg_ifindex
) ?
2618 cfg
->fc_ifindex
= rtmsg
->rtmsg_ifindex
;
2619 cfg
->fc_metric
= rtmsg
->rtmsg_metric
;
2620 cfg
->fc_expires
= rtmsg
->rtmsg_info
;
2621 cfg
->fc_dst_len
= rtmsg
->rtmsg_dst_len
;
2622 cfg
->fc_src_len
= rtmsg
->rtmsg_src_len
;
2623 cfg
->fc_flags
= rtmsg
->rtmsg_flags
;
2625 cfg
->fc_nlinfo
.nl_net
= net
;
2627 cfg
->fc_dst
= rtmsg
->rtmsg_dst
;
2628 cfg
->fc_src
= rtmsg
->rtmsg_src
;
2629 cfg
->fc_gateway
= rtmsg
->rtmsg_gateway
;
2632 int ipv6_route_ioctl(struct net
*net
, unsigned int cmd
, void __user
*arg
)
2634 struct fib6_config cfg
;
2635 struct in6_rtmsg rtmsg
;
2639 case SIOCADDRT
: /* Add a route */
2640 case SIOCDELRT
: /* Delete a route */
2641 if (!ns_capable(net
->user_ns
, CAP_NET_ADMIN
))
2643 err
= copy_from_user(&rtmsg
, arg
,
2644 sizeof(struct in6_rtmsg
));
2648 rtmsg_to_fib6_config(net
, &rtmsg
, &cfg
);
2653 err
= ip6_route_add(&cfg
, NULL
);
2656 err
= ip6_route_del(&cfg
, NULL
);
2670 * Drop the packet on the floor
2673 static int ip6_pkt_drop(struct sk_buff
*skb
, u8 code
, int ipstats_mib_noroutes
)
2676 struct dst_entry
*dst
= skb_dst(skb
);
2677 switch (ipstats_mib_noroutes
) {
2678 case IPSTATS_MIB_INNOROUTES
:
2679 type
= ipv6_addr_type(&ipv6_hdr(skb
)->daddr
);
2680 if (type
== IPV6_ADDR_ANY
) {
2681 IP6_INC_STATS(dev_net(dst
->dev
), ip6_dst_idev(dst
),
2682 IPSTATS_MIB_INADDRERRORS
);
2686 case IPSTATS_MIB_OUTNOROUTES
:
2687 IP6_INC_STATS(dev_net(dst
->dev
), ip6_dst_idev(dst
),
2688 ipstats_mib_noroutes
);
2691 icmpv6_send(skb
, ICMPV6_DEST_UNREACH
, code
, 0);
2696 static int ip6_pkt_discard(struct sk_buff
*skb
)
2698 return ip6_pkt_drop(skb
, ICMPV6_NOROUTE
, IPSTATS_MIB_INNOROUTES
);
2701 static int ip6_pkt_discard_out(struct net
*net
, struct sock
*sk
, struct sk_buff
*skb
)
2703 skb
->dev
= skb_dst(skb
)->dev
;
2704 return ip6_pkt_drop(skb
, ICMPV6_NOROUTE
, IPSTATS_MIB_OUTNOROUTES
);
2707 static int ip6_pkt_prohibit(struct sk_buff
*skb
)
2709 return ip6_pkt_drop(skb
, ICMPV6_ADM_PROHIBITED
, IPSTATS_MIB_INNOROUTES
);
2712 static int ip6_pkt_prohibit_out(struct net
*net
, struct sock
*sk
, struct sk_buff
*skb
)
2714 skb
->dev
= skb_dst(skb
)->dev
;
2715 return ip6_pkt_drop(skb
, ICMPV6_ADM_PROHIBITED
, IPSTATS_MIB_OUTNOROUTES
);
2719 * Allocate a dst for local (unicast / anycast) address.
2722 struct rt6_info
*addrconf_dst_alloc(struct inet6_dev
*idev
,
2723 const struct in6_addr
*addr
,
2727 struct net
*net
= dev_net(idev
->dev
);
2728 struct net_device
*dev
= net
->loopback_dev
;
2729 struct rt6_info
*rt
;
2731 /* use L3 Master device as loopback for host routes if device
2732 * is enslaved and address is not link local or multicast
2734 if (!rt6_need_strict(addr
))
2735 dev
= l3mdev_master_dev_rcu(idev
->dev
) ? : dev
;
2737 rt
= ip6_dst_alloc(net
, dev
, DST_NOCOUNT
);
2739 return ERR_PTR(-ENOMEM
);
2743 rt
->dst
.flags
|= DST_HOST
;
2744 rt
->dst
.input
= ip6_input
;
2745 rt
->dst
.output
= ip6_output
;
2746 rt
->rt6i_idev
= idev
;
2748 rt
->rt6i_protocol
= RTPROT_KERNEL
;
2749 rt
->rt6i_flags
= RTF_UP
| RTF_NONEXTHOP
;
2751 rt
->rt6i_flags
|= RTF_ANYCAST
;
2753 rt
->rt6i_flags
|= RTF_LOCAL
;
2755 rt
->rt6i_gateway
= *addr
;
2756 rt
->rt6i_dst
.addr
= *addr
;
2757 rt
->rt6i_dst
.plen
= 128;
2758 tb_id
= l3mdev_fib_table(idev
->dev
) ? : RT6_TABLE_LOCAL
;
2759 rt
->rt6i_table
= fib6_get_table(net
, tb_id
);
2760 rt
->dst
.flags
|= DST_NOCACHE
;
2762 atomic_set(&rt
->dst
.__refcnt
, 1);
2767 /* remove deleted ip from prefsrc entries */
2768 struct arg_dev_net_ip
{
2769 struct net_device
*dev
;
2771 struct in6_addr
*addr
;
2774 static int fib6_remove_prefsrc(struct rt6_info
*rt
, void *arg
)
2776 struct net_device
*dev
= ((struct arg_dev_net_ip
*)arg
)->dev
;
2777 struct net
*net
= ((struct arg_dev_net_ip
*)arg
)->net
;
2778 struct in6_addr
*addr
= ((struct arg_dev_net_ip
*)arg
)->addr
;
2780 if (((void *)rt
->dst
.dev
== dev
|| !dev
) &&
2781 rt
!= net
->ipv6
.ip6_null_entry
&&
2782 ipv6_addr_equal(addr
, &rt
->rt6i_prefsrc
.addr
)) {
2783 /* remove prefsrc entry */
2784 rt
->rt6i_prefsrc
.plen
= 0;
2789 void rt6_remove_prefsrc(struct inet6_ifaddr
*ifp
)
2791 struct net
*net
= dev_net(ifp
->idev
->dev
);
2792 struct arg_dev_net_ip adni
= {
2793 .dev
= ifp
->idev
->dev
,
2797 fib6_clean_all(net
, fib6_remove_prefsrc
, &adni
);
2800 #define RTF_RA_ROUTER (RTF_ADDRCONF | RTF_DEFAULT | RTF_GATEWAY)
2801 #define RTF_CACHE_GATEWAY (RTF_GATEWAY | RTF_CACHE)
2803 /* Remove routers and update dst entries when gateway turn into host. */
2804 static int fib6_clean_tohost(struct rt6_info
*rt
, void *arg
)
2806 struct in6_addr
*gateway
= (struct in6_addr
*)arg
;
2808 if ((((rt
->rt6i_flags
& RTF_RA_ROUTER
) == RTF_RA_ROUTER
) ||
2809 ((rt
->rt6i_flags
& RTF_CACHE_GATEWAY
) == RTF_CACHE_GATEWAY
)) &&
2810 ipv6_addr_equal(gateway
, &rt
->rt6i_gateway
)) {
2816 void rt6_clean_tohost(struct net
*net
, struct in6_addr
*gateway
)
2818 fib6_clean_all(net
, fib6_clean_tohost
, gateway
);
2821 struct arg_dev_net
{
2822 struct net_device
*dev
;
2826 /* called with write lock held for table with rt */
2827 static int fib6_ifdown(struct rt6_info
*rt
, void *arg
)
2829 const struct arg_dev_net
*adn
= arg
;
2830 const struct net_device
*dev
= adn
->dev
;
2832 if ((rt
->dst
.dev
== dev
|| !dev
) &&
2833 rt
!= adn
->net
->ipv6
.ip6_null_entry
&&
2834 (rt
->rt6i_nsiblings
== 0 ||
2835 !rt
->rt6i_idev
->cnf
.ignore_routes_with_linkdown
))
2841 void rt6_ifdown(struct net
*net
, struct net_device
*dev
)
2843 struct arg_dev_net adn
= {
2848 fib6_clean_all(net
, fib6_ifdown
, &adn
);
2849 icmp6_clean_all(fib6_ifdown
, &adn
);
2851 rt6_uncached_list_flush_dev(net
, dev
);
2854 struct rt6_mtu_change_arg
{
2855 struct net_device
*dev
;
2859 static int rt6_mtu_change_route(struct rt6_info
*rt
, void *p_arg
)
2861 struct rt6_mtu_change_arg
*arg
= (struct rt6_mtu_change_arg
*) p_arg
;
2862 struct inet6_dev
*idev
;
2864 /* In IPv6 pmtu discovery is not optional,
2865 so that RTAX_MTU lock cannot disable it.
2866 We still use this lock to block changes
2867 caused by addrconf/ndisc.
2870 idev
= __in6_dev_get(arg
->dev
);
2874 /* For administrative MTU increase, there is no way to discover
2875 IPv6 PMTU increase, so PMTU increase should be updated here.
2876 Since RFC 1981 doesn't include administrative MTU increase
2877 update PMTU increase is a MUST. (i.e. jumbo frame)
2880 If new MTU is less than route PMTU, this new MTU will be the
2881 lowest MTU in the path, update the route PMTU to reflect PMTU
2882 decreases; if new MTU is greater than route PMTU, and the
2883 old MTU is the lowest MTU in the path, update the route PMTU
2884 to reflect the increase. In this case if the other nodes' MTU
2885 also have the lowest MTU, TOO BIG MESSAGE will be lead to
2888 if (rt
->dst
.dev
== arg
->dev
&&
2889 dst_metric_raw(&rt
->dst
, RTAX_MTU
) &&
2890 !dst_metric_locked(&rt
->dst
, RTAX_MTU
)) {
2891 if (rt
->rt6i_flags
& RTF_CACHE
) {
2892 /* For RTF_CACHE with rt6i_pmtu == 0
2893 * (i.e. a redirected route),
2894 * the metrics of its rt->dst.from has already
2897 if (rt
->rt6i_pmtu
&& rt
->rt6i_pmtu
> arg
->mtu
)
2898 rt
->rt6i_pmtu
= arg
->mtu
;
2899 } else if (dst_mtu(&rt
->dst
) >= arg
->mtu
||
2900 (dst_mtu(&rt
->dst
) < arg
->mtu
&&
2901 dst_mtu(&rt
->dst
) == idev
->cnf
.mtu6
)) {
2902 dst_metric_set(&rt
->dst
, RTAX_MTU
, arg
->mtu
);
2908 void rt6_mtu_change(struct net_device
*dev
, unsigned int mtu
)
2910 struct rt6_mtu_change_arg arg
= {
2915 fib6_clean_all(dev_net(dev
), rt6_mtu_change_route
, &arg
);
2918 static const struct nla_policy rtm_ipv6_policy
[RTA_MAX
+1] = {
2919 [RTA_GATEWAY
] = { .len
= sizeof(struct in6_addr
) },
2920 [RTA_OIF
] = { .type
= NLA_U32
},
2921 [RTA_IIF
] = { .type
= NLA_U32
},
2922 [RTA_PRIORITY
] = { .type
= NLA_U32
},
2923 [RTA_METRICS
] = { .type
= NLA_NESTED
},
2924 [RTA_MULTIPATH
] = { .len
= sizeof(struct rtnexthop
) },
2925 [RTA_PREF
] = { .type
= NLA_U8
},
2926 [RTA_ENCAP_TYPE
] = { .type
= NLA_U16
},
2927 [RTA_ENCAP
] = { .type
= NLA_NESTED
},
2928 [RTA_EXPIRES
] = { .type
= NLA_U32
},
2929 [RTA_UID
] = { .type
= NLA_U32
},
2930 [RTA_MARK
] = { .type
= NLA_U32
},
2933 static int rtm_to_fib6_config(struct sk_buff
*skb
, struct nlmsghdr
*nlh
,
2934 struct fib6_config
*cfg
,
2935 struct netlink_ext_ack
*extack
)
2938 struct nlattr
*tb
[RTA_MAX
+1];
2942 err
= nlmsg_parse(nlh
, sizeof(*rtm
), tb
, RTA_MAX
, rtm_ipv6_policy
,
2948 rtm
= nlmsg_data(nlh
);
2949 memset(cfg
, 0, sizeof(*cfg
));
2951 cfg
->fc_table
= rtm
->rtm_table
;
2952 cfg
->fc_dst_len
= rtm
->rtm_dst_len
;
2953 cfg
->fc_src_len
= rtm
->rtm_src_len
;
2954 cfg
->fc_flags
= RTF_UP
;
2955 cfg
->fc_protocol
= rtm
->rtm_protocol
;
2956 cfg
->fc_type
= rtm
->rtm_type
;
2958 if (rtm
->rtm_type
== RTN_UNREACHABLE
||
2959 rtm
->rtm_type
== RTN_BLACKHOLE
||
2960 rtm
->rtm_type
== RTN_PROHIBIT
||
2961 rtm
->rtm_type
== RTN_THROW
)
2962 cfg
->fc_flags
|= RTF_REJECT
;
2964 if (rtm
->rtm_type
== RTN_LOCAL
)
2965 cfg
->fc_flags
|= RTF_LOCAL
;
2967 if (rtm
->rtm_flags
& RTM_F_CLONED
)
2968 cfg
->fc_flags
|= RTF_CACHE
;
2970 cfg
->fc_nlinfo
.portid
= NETLINK_CB(skb
).portid
;
2971 cfg
->fc_nlinfo
.nlh
= nlh
;
2972 cfg
->fc_nlinfo
.nl_net
= sock_net(skb
->sk
);
2974 if (tb
[RTA_GATEWAY
]) {
2975 cfg
->fc_gateway
= nla_get_in6_addr(tb
[RTA_GATEWAY
]);
2976 cfg
->fc_flags
|= RTF_GATEWAY
;
2980 int plen
= (rtm
->rtm_dst_len
+ 7) >> 3;
2982 if (nla_len(tb
[RTA_DST
]) < plen
)
2985 nla_memcpy(&cfg
->fc_dst
, tb
[RTA_DST
], plen
);
2989 int plen
= (rtm
->rtm_src_len
+ 7) >> 3;
2991 if (nla_len(tb
[RTA_SRC
]) < plen
)
2994 nla_memcpy(&cfg
->fc_src
, tb
[RTA_SRC
], plen
);
2997 if (tb
[RTA_PREFSRC
])
2998 cfg
->fc_prefsrc
= nla_get_in6_addr(tb
[RTA_PREFSRC
]);
3001 cfg
->fc_ifindex
= nla_get_u32(tb
[RTA_OIF
]);
3003 if (tb
[RTA_PRIORITY
])
3004 cfg
->fc_metric
= nla_get_u32(tb
[RTA_PRIORITY
]);
3006 if (tb
[RTA_METRICS
]) {
3007 cfg
->fc_mx
= nla_data(tb
[RTA_METRICS
]);
3008 cfg
->fc_mx_len
= nla_len(tb
[RTA_METRICS
]);
3012 cfg
->fc_table
= nla_get_u32(tb
[RTA_TABLE
]);
3014 if (tb
[RTA_MULTIPATH
]) {
3015 cfg
->fc_mp
= nla_data(tb
[RTA_MULTIPATH
]);
3016 cfg
->fc_mp_len
= nla_len(tb
[RTA_MULTIPATH
]);
3018 err
= lwtunnel_valid_encap_type_attr(cfg
->fc_mp
,
3019 cfg
->fc_mp_len
, extack
);
3025 pref
= nla_get_u8(tb
[RTA_PREF
]);
3026 if (pref
!= ICMPV6_ROUTER_PREF_LOW
&&
3027 pref
!= ICMPV6_ROUTER_PREF_HIGH
)
3028 pref
= ICMPV6_ROUTER_PREF_MEDIUM
;
3029 cfg
->fc_flags
|= RTF_PREF(pref
);
3033 cfg
->fc_encap
= tb
[RTA_ENCAP
];
3035 if (tb
[RTA_ENCAP_TYPE
]) {
3036 cfg
->fc_encap_type
= nla_get_u16(tb
[RTA_ENCAP_TYPE
]);
3038 err
= lwtunnel_valid_encap_type(cfg
->fc_encap_type
, extack
);
3043 if (tb
[RTA_EXPIRES
]) {
3044 unsigned long timeout
= addrconf_timeout_fixup(nla_get_u32(tb
[RTA_EXPIRES
]), HZ
);
3046 if (addrconf_finite_timeout(timeout
)) {
3047 cfg
->fc_expires
= jiffies_to_clock_t(timeout
* HZ
);
3048 cfg
->fc_flags
|= RTF_EXPIRES
;
3058 struct rt6_info
*rt6_info
;
3059 struct fib6_config r_cfg
;
3060 struct mx6_config mxc
;
3061 struct list_head next
;
3064 static void ip6_print_replace_route_err(struct list_head
*rt6_nh_list
)
3068 list_for_each_entry(nh
, rt6_nh_list
, next
) {
3069 pr_warn("IPV6: multipath route replace failed (check consistency of installed routes): %pI6c nexthop %pI6c ifi %d\n",
3070 &nh
->r_cfg
.fc_dst
, &nh
->r_cfg
.fc_gateway
,
3071 nh
->r_cfg
.fc_ifindex
);
3075 static int ip6_route_info_append(struct list_head
*rt6_nh_list
,
3076 struct rt6_info
*rt
, struct fib6_config
*r_cfg
)
3079 struct rt6_info
*rtnh
;
3082 list_for_each_entry(nh
, rt6_nh_list
, next
) {
3083 /* check if rt6_info already exists */
3084 rtnh
= nh
->rt6_info
;
3086 if (rtnh
->dst
.dev
== rt
->dst
.dev
&&
3087 rtnh
->rt6i_idev
== rt
->rt6i_idev
&&
3088 ipv6_addr_equal(&rtnh
->rt6i_gateway
,
3093 nh
= kzalloc(sizeof(*nh
), GFP_KERNEL
);
3097 err
= ip6_convert_metrics(&nh
->mxc
, r_cfg
);
3102 memcpy(&nh
->r_cfg
, r_cfg
, sizeof(*r_cfg
));
3103 list_add_tail(&nh
->next
, rt6_nh_list
);
3108 static void ip6_route_mpath_notify(struct rt6_info
*rt
,
3109 struct rt6_info
*rt_last
,
3110 struct nl_info
*info
,
3113 /* if this is an APPEND route, then rt points to the first route
3114 * inserted and rt_last points to last route inserted. Userspace
3115 * wants a consistent dump of the route which starts at the first
3116 * nexthop. Since sibling routes are always added at the end of
3117 * the list, find the first sibling of the last route appended
3119 if ((nlflags
& NLM_F_APPEND
) && rt_last
&& rt_last
->rt6i_nsiblings
) {
3120 rt
= list_first_entry(&rt_last
->rt6i_siblings
,
3126 inet6_rt_notify(RTM_NEWROUTE
, rt
, info
, nlflags
);
3129 static int ip6_route_multipath_add(struct fib6_config
*cfg
,
3130 struct netlink_ext_ack
*extack
)
3132 struct rt6_info
*rt_notif
= NULL
, *rt_last
= NULL
;
3133 struct nl_info
*info
= &cfg
->fc_nlinfo
;
3134 struct fib6_config r_cfg
;
3135 struct rtnexthop
*rtnh
;
3136 struct rt6_info
*rt
;
3137 struct rt6_nh
*err_nh
;
3138 struct rt6_nh
*nh
, *nh_safe
;
3144 int replace
= (cfg
->fc_nlinfo
.nlh
&&
3145 (cfg
->fc_nlinfo
.nlh
->nlmsg_flags
& NLM_F_REPLACE
));
3146 LIST_HEAD(rt6_nh_list
);
3148 nlflags
= replace
? NLM_F_REPLACE
: NLM_F_CREATE
;
3149 if (info
->nlh
&& info
->nlh
->nlmsg_flags
& NLM_F_APPEND
)
3150 nlflags
|= NLM_F_APPEND
;
3152 remaining
= cfg
->fc_mp_len
;
3153 rtnh
= (struct rtnexthop
*)cfg
->fc_mp
;
3155 /* Parse a Multipath Entry and build a list (rt6_nh_list) of
3156 * rt6_info structs per nexthop
3158 while (rtnh_ok(rtnh
, remaining
)) {
3159 memcpy(&r_cfg
, cfg
, sizeof(*cfg
));
3160 if (rtnh
->rtnh_ifindex
)
3161 r_cfg
.fc_ifindex
= rtnh
->rtnh_ifindex
;
3163 attrlen
= rtnh_attrlen(rtnh
);
3165 struct nlattr
*nla
, *attrs
= rtnh_attrs(rtnh
);
3167 nla
= nla_find(attrs
, attrlen
, RTA_GATEWAY
);
3169 r_cfg
.fc_gateway
= nla_get_in6_addr(nla
);
3170 r_cfg
.fc_flags
|= RTF_GATEWAY
;
3172 r_cfg
.fc_encap
= nla_find(attrs
, attrlen
, RTA_ENCAP
);
3173 nla
= nla_find(attrs
, attrlen
, RTA_ENCAP_TYPE
);
3175 r_cfg
.fc_encap_type
= nla_get_u16(nla
);
3178 rt
= ip6_route_info_create(&r_cfg
, extack
);
3185 err
= ip6_route_info_append(&rt6_nh_list
, rt
, &r_cfg
);
3191 rtnh
= rtnh_next(rtnh
, &remaining
);
3194 /* for add and replace send one notification with all nexthops.
3195 * Skip the notification in fib6_add_rt2node and send one with
3196 * the full route when done
3198 info
->skip_notify
= 1;
3201 list_for_each_entry(nh
, &rt6_nh_list
, next
) {
3202 rt_last
= nh
->rt6_info
;
3203 err
= __ip6_ins_rt(nh
->rt6_info
, info
, &nh
->mxc
, extack
);
3204 /* save reference to first route for notification */
3205 if (!rt_notif
&& !err
)
3206 rt_notif
= nh
->rt6_info
;
3208 /* nh->rt6_info is used or freed at this point, reset to NULL*/
3209 nh
->rt6_info
= NULL
;
3212 ip6_print_replace_route_err(&rt6_nh_list
);
3217 /* Because each route is added like a single route we remove
3218 * these flags after the first nexthop: if there is a collision,
3219 * we have already failed to add the first nexthop:
3220 * fib6_add_rt2node() has rejected it; when replacing, old
3221 * nexthops have been replaced by first new, the rest should
3224 cfg
->fc_nlinfo
.nlh
->nlmsg_flags
&= ~(NLM_F_EXCL
|
3229 /* success ... tell user about new route */
3230 ip6_route_mpath_notify(rt_notif
, rt_last
, info
, nlflags
);
3234 /* send notification for routes that were added so that
3235 * the delete notifications sent by ip6_route_del are
3239 ip6_route_mpath_notify(rt_notif
, rt_last
, info
, nlflags
);
3241 /* Delete routes that were already added */
3242 list_for_each_entry(nh
, &rt6_nh_list
, next
) {
3245 ip6_route_del(&nh
->r_cfg
, extack
);
3249 list_for_each_entry_safe(nh
, nh_safe
, &rt6_nh_list
, next
) {
3251 dst_free(&nh
->rt6_info
->dst
);
3253 list_del(&nh
->next
);
3260 static int ip6_route_multipath_del(struct fib6_config
*cfg
,
3261 struct netlink_ext_ack
*extack
)
3263 struct fib6_config r_cfg
;
3264 struct rtnexthop
*rtnh
;
3267 int err
= 1, last_err
= 0;
3269 remaining
= cfg
->fc_mp_len
;
3270 rtnh
= (struct rtnexthop
*)cfg
->fc_mp
;
3272 /* Parse a Multipath Entry */
3273 while (rtnh_ok(rtnh
, remaining
)) {
3274 memcpy(&r_cfg
, cfg
, sizeof(*cfg
));
3275 if (rtnh
->rtnh_ifindex
)
3276 r_cfg
.fc_ifindex
= rtnh
->rtnh_ifindex
;
3278 attrlen
= rtnh_attrlen(rtnh
);
3280 struct nlattr
*nla
, *attrs
= rtnh_attrs(rtnh
);
3282 nla
= nla_find(attrs
, attrlen
, RTA_GATEWAY
);
3284 nla_memcpy(&r_cfg
.fc_gateway
, nla
, 16);
3285 r_cfg
.fc_flags
|= RTF_GATEWAY
;
3288 err
= ip6_route_del(&r_cfg
, extack
);
3292 rtnh
= rtnh_next(rtnh
, &remaining
);
3298 static int inet6_rtm_delroute(struct sk_buff
*skb
, struct nlmsghdr
*nlh
,
3299 struct netlink_ext_ack
*extack
)
3301 struct fib6_config cfg
;
3304 err
= rtm_to_fib6_config(skb
, nlh
, &cfg
, extack
);
3309 return ip6_route_multipath_del(&cfg
, extack
);
3311 cfg
.fc_delete_all_nh
= 1;
3312 return ip6_route_del(&cfg
, extack
);
3316 static int inet6_rtm_newroute(struct sk_buff
*skb
, struct nlmsghdr
*nlh
,
3317 struct netlink_ext_ack
*extack
)
3319 struct fib6_config cfg
;
3322 err
= rtm_to_fib6_config(skb
, nlh
, &cfg
, extack
);
3327 return ip6_route_multipath_add(&cfg
, extack
);
3329 return ip6_route_add(&cfg
, extack
);
3332 static size_t rt6_nlmsg_size(struct rt6_info
*rt
)
3334 int nexthop_len
= 0;
3336 if (rt
->rt6i_nsiblings
) {
3337 nexthop_len
= nla_total_size(0) /* RTA_MULTIPATH */
3338 + NLA_ALIGN(sizeof(struct rtnexthop
))
3339 + nla_total_size(16) /* RTA_GATEWAY */
3340 + lwtunnel_get_encap_size(rt
->dst
.lwtstate
);
3342 nexthop_len
*= rt
->rt6i_nsiblings
;
3345 return NLMSG_ALIGN(sizeof(struct rtmsg
))
3346 + nla_total_size(16) /* RTA_SRC */
3347 + nla_total_size(16) /* RTA_DST */
3348 + nla_total_size(16) /* RTA_GATEWAY */
3349 + nla_total_size(16) /* RTA_PREFSRC */
3350 + nla_total_size(4) /* RTA_TABLE */
3351 + nla_total_size(4) /* RTA_IIF */
3352 + nla_total_size(4) /* RTA_OIF */
3353 + nla_total_size(4) /* RTA_PRIORITY */
3354 + RTAX_MAX
* nla_total_size(4) /* RTA_METRICS */
3355 + nla_total_size(sizeof(struct rta_cacheinfo
))
3356 + nla_total_size(TCP_CA_NAME_MAX
) /* RTAX_CC_ALGO */
3357 + nla_total_size(1) /* RTA_PREF */
3358 + lwtunnel_get_encap_size(rt
->dst
.lwtstate
)
3362 static int rt6_nexthop_info(struct sk_buff
*skb
, struct rt6_info
*rt
,
3363 unsigned int *flags
, bool skip_oif
)
3365 if (!netif_running(rt
->dst
.dev
) || !netif_carrier_ok(rt
->dst
.dev
)) {
3366 *flags
|= RTNH_F_LINKDOWN
;
3367 if (rt
->rt6i_idev
->cnf
.ignore_routes_with_linkdown
)
3368 *flags
|= RTNH_F_DEAD
;
3371 if (rt
->rt6i_flags
& RTF_GATEWAY
) {
3372 if (nla_put_in6_addr(skb
, RTA_GATEWAY
, &rt
->rt6i_gateway
) < 0)
3373 goto nla_put_failure
;
3376 /* not needed for multipath encoding b/c it has a rtnexthop struct */
3377 if (!skip_oif
&& rt
->dst
.dev
&&
3378 nla_put_u32(skb
, RTA_OIF
, rt
->dst
.dev
->ifindex
))
3379 goto nla_put_failure
;
3381 if (rt
->dst
.lwtstate
&&
3382 lwtunnel_fill_encap(skb
, rt
->dst
.lwtstate
) < 0)
3383 goto nla_put_failure
;
3391 /* add multipath next hop */
3392 static int rt6_add_nexthop(struct sk_buff
*skb
, struct rt6_info
*rt
)
3394 struct rtnexthop
*rtnh
;
3395 unsigned int flags
= 0;
3397 rtnh
= nla_reserve_nohdr(skb
, sizeof(*rtnh
));
3399 goto nla_put_failure
;
3401 rtnh
->rtnh_hops
= 0;
3402 rtnh
->rtnh_ifindex
= rt
->dst
.dev
? rt
->dst
.dev
->ifindex
: 0;
3404 if (rt6_nexthop_info(skb
, rt
, &flags
, true) < 0)
3405 goto nla_put_failure
;
3407 rtnh
->rtnh_flags
= flags
;
3409 /* length of rtnetlink header + attributes */
3410 rtnh
->rtnh_len
= nlmsg_get_pos(skb
) - (void *)rtnh
;
3418 static int rt6_fill_node(struct net
*net
,
3419 struct sk_buff
*skb
, struct rt6_info
*rt
,
3420 struct in6_addr
*dst
, struct in6_addr
*src
,
3421 int iif
, int type
, u32 portid
, u32 seq
,
3424 u32 metrics
[RTAX_MAX
];
3426 struct nlmsghdr
*nlh
;
3430 nlh
= nlmsg_put(skb
, portid
, seq
, type
, sizeof(*rtm
), flags
);
3434 rtm
= nlmsg_data(nlh
);
3435 rtm
->rtm_family
= AF_INET6
;
3436 rtm
->rtm_dst_len
= rt
->rt6i_dst
.plen
;
3437 rtm
->rtm_src_len
= rt
->rt6i_src
.plen
;
3440 table
= rt
->rt6i_table
->tb6_id
;
3442 table
= RT6_TABLE_UNSPEC
;
3443 rtm
->rtm_table
= table
;
3444 if (nla_put_u32(skb
, RTA_TABLE
, table
))
3445 goto nla_put_failure
;
3446 if (rt
->rt6i_flags
& RTF_REJECT
) {
3447 switch (rt
->dst
.error
) {
3449 rtm
->rtm_type
= RTN_BLACKHOLE
;
3452 rtm
->rtm_type
= RTN_PROHIBIT
;
3455 rtm
->rtm_type
= RTN_THROW
;
3458 rtm
->rtm_type
= RTN_UNREACHABLE
;
3462 else if (rt
->rt6i_flags
& RTF_LOCAL
)
3463 rtm
->rtm_type
= RTN_LOCAL
;
3464 else if (rt
->rt6i_flags
& RTF_ANYCAST
)
3465 rtm
->rtm_type
= RTN_ANYCAST
;
3466 else if (rt
->dst
.dev
&& (rt
->dst
.dev
->flags
& IFF_LOOPBACK
))
3467 rtm
->rtm_type
= RTN_LOCAL
;
3469 rtm
->rtm_type
= RTN_UNICAST
;
3471 rtm
->rtm_scope
= RT_SCOPE_UNIVERSE
;
3472 rtm
->rtm_protocol
= rt
->rt6i_protocol
;
3473 if (rt
->rt6i_flags
& RTF_DYNAMIC
)
3474 rtm
->rtm_protocol
= RTPROT_REDIRECT
;
3475 else if (rt
->rt6i_flags
& RTF_ADDRCONF
) {
3476 if (rt
->rt6i_flags
& (RTF_DEFAULT
| RTF_ROUTEINFO
))
3477 rtm
->rtm_protocol
= RTPROT_RA
;
3479 rtm
->rtm_protocol
= RTPROT_KERNEL
;
3482 if (rt
->rt6i_flags
& RTF_CACHE
)
3483 rtm
->rtm_flags
|= RTM_F_CLONED
;
3486 if (nla_put_in6_addr(skb
, RTA_DST
, dst
))
3487 goto nla_put_failure
;
3488 rtm
->rtm_dst_len
= 128;
3489 } else if (rtm
->rtm_dst_len
)
3490 if (nla_put_in6_addr(skb
, RTA_DST
, &rt
->rt6i_dst
.addr
))
3491 goto nla_put_failure
;
3492 #ifdef CONFIG_IPV6_SUBTREES
3494 if (nla_put_in6_addr(skb
, RTA_SRC
, src
))
3495 goto nla_put_failure
;
3496 rtm
->rtm_src_len
= 128;
3497 } else if (rtm
->rtm_src_len
&&
3498 nla_put_in6_addr(skb
, RTA_SRC
, &rt
->rt6i_src
.addr
))
3499 goto nla_put_failure
;
3502 #ifdef CONFIG_IPV6_MROUTE
3503 if (ipv6_addr_is_multicast(&rt
->rt6i_dst
.addr
)) {
3504 int err
= ip6mr_get_route(net
, skb
, rtm
, portid
);
3509 goto nla_put_failure
;
3512 if (nla_put_u32(skb
, RTA_IIF
, iif
))
3513 goto nla_put_failure
;
3515 struct in6_addr saddr_buf
;
3516 if (ip6_route_get_saddr(net
, rt
, dst
, 0, &saddr_buf
) == 0 &&
3517 nla_put_in6_addr(skb
, RTA_PREFSRC
, &saddr_buf
))
3518 goto nla_put_failure
;
3521 if (rt
->rt6i_prefsrc
.plen
) {
3522 struct in6_addr saddr_buf
;
3523 saddr_buf
= rt
->rt6i_prefsrc
.addr
;
3524 if (nla_put_in6_addr(skb
, RTA_PREFSRC
, &saddr_buf
))
3525 goto nla_put_failure
;
3528 memcpy(metrics
, dst_metrics_ptr(&rt
->dst
), sizeof(metrics
));
3530 metrics
[RTAX_MTU
- 1] = rt
->rt6i_pmtu
;
3531 if (rtnetlink_put_metrics(skb
, metrics
) < 0)
3532 goto nla_put_failure
;
3534 if (nla_put_u32(skb
, RTA_PRIORITY
, rt
->rt6i_metric
))
3535 goto nla_put_failure
;
3537 /* For multipath routes, walk the siblings list and add
3538 * each as a nexthop within RTA_MULTIPATH.
3540 if (rt
->rt6i_nsiblings
) {
3541 struct rt6_info
*sibling
, *next_sibling
;
3544 mp
= nla_nest_start(skb
, RTA_MULTIPATH
);
3546 goto nla_put_failure
;
3548 if (rt6_add_nexthop(skb
, rt
) < 0)
3549 goto nla_put_failure
;
3551 list_for_each_entry_safe(sibling
, next_sibling
,
3552 &rt
->rt6i_siblings
, rt6i_siblings
) {
3553 if (rt6_add_nexthop(skb
, sibling
) < 0)
3554 goto nla_put_failure
;
3557 nla_nest_end(skb
, mp
);
3559 if (rt6_nexthop_info(skb
, rt
, &rtm
->rtm_flags
, false) < 0)
3560 goto nla_put_failure
;
3563 expires
= (rt
->rt6i_flags
& RTF_EXPIRES
) ? rt
->dst
.expires
- jiffies
: 0;
3565 if (rtnl_put_cacheinfo(skb
, &rt
->dst
, 0, expires
, rt
->dst
.error
) < 0)
3566 goto nla_put_failure
;
3568 if (nla_put_u8(skb
, RTA_PREF
, IPV6_EXTRACT_PREF(rt
->rt6i_flags
)))
3569 goto nla_put_failure
;
3572 nlmsg_end(skb
, nlh
);
3576 nlmsg_cancel(skb
, nlh
);
3580 int rt6_dump_route(struct rt6_info
*rt
, void *p_arg
)
3582 struct rt6_rtnl_dump_arg
*arg
= (struct rt6_rtnl_dump_arg
*) p_arg
;
3583 struct net
*net
= arg
->net
;
3585 if (rt
== net
->ipv6
.ip6_null_entry
)
3588 if (nlmsg_len(arg
->cb
->nlh
) >= sizeof(struct rtmsg
)) {
3589 struct rtmsg
*rtm
= nlmsg_data(arg
->cb
->nlh
);
3591 /* user wants prefix routes only */
3592 if (rtm
->rtm_flags
& RTM_F_PREFIX
&&
3593 !(rt
->rt6i_flags
& RTF_PREFIX_RT
)) {
3594 /* success since this is not a prefix route */
3599 return rt6_fill_node(net
,
3600 arg
->skb
, rt
, NULL
, NULL
, 0, RTM_NEWROUTE
,
3601 NETLINK_CB(arg
->cb
->skb
).portid
, arg
->cb
->nlh
->nlmsg_seq
,
3605 static int inet6_rtm_getroute(struct sk_buff
*in_skb
, struct nlmsghdr
*nlh
,
3606 struct netlink_ext_ack
*extack
)
3608 struct net
*net
= sock_net(in_skb
->sk
);
3609 struct nlattr
*tb
[RTA_MAX
+1];
3610 int err
, iif
= 0, oif
= 0;
3611 struct dst_entry
*dst
;
3612 struct rt6_info
*rt
;
3613 struct sk_buff
*skb
;
3618 err
= nlmsg_parse(nlh
, sizeof(*rtm
), tb
, RTA_MAX
, rtm_ipv6_policy
,
3624 memset(&fl6
, 0, sizeof(fl6
));
3625 rtm
= nlmsg_data(nlh
);
3626 fl6
.flowlabel
= ip6_make_flowinfo(rtm
->rtm_tos
, 0);
3627 fibmatch
= !!(rtm
->rtm_flags
& RTM_F_FIB_MATCH
);
3630 if (nla_len(tb
[RTA_SRC
]) < sizeof(struct in6_addr
))
3633 fl6
.saddr
= *(struct in6_addr
*)nla_data(tb
[RTA_SRC
]);
3637 if (nla_len(tb
[RTA_DST
]) < sizeof(struct in6_addr
))
3640 fl6
.daddr
= *(struct in6_addr
*)nla_data(tb
[RTA_DST
]);
3644 iif
= nla_get_u32(tb
[RTA_IIF
]);
3647 oif
= nla_get_u32(tb
[RTA_OIF
]);
3650 fl6
.flowi6_mark
= nla_get_u32(tb
[RTA_MARK
]);
3653 fl6
.flowi6_uid
= make_kuid(current_user_ns(),
3654 nla_get_u32(tb
[RTA_UID
]));
3656 fl6
.flowi6_uid
= iif
? INVALID_UID
: current_uid();
3659 struct net_device
*dev
;
3662 dev
= __dev_get_by_index(net
, iif
);
3668 fl6
.flowi6_iif
= iif
;
3670 if (!ipv6_addr_any(&fl6
.saddr
))
3671 flags
|= RT6_LOOKUP_F_HAS_SADDR
;
3674 dst
= ip6_route_input_lookup(net
, dev
, &fl6
, flags
);
3676 fl6
.flowi6_oif
= oif
;
3679 dst
= ip6_route_output(net
, NULL
, &fl6
);
3683 dst
= ip6_route_lookup(net
, &fl6
, 0);
3685 rt
= container_of(dst
, struct rt6_info
, dst
);
3686 if (rt
->dst
.error
) {
3687 err
= rt
->dst
.error
;
3692 if (rt
== net
->ipv6
.ip6_null_entry
) {
3693 err
= rt
->dst
.error
;
3698 skb
= alloc_skb(NLMSG_GOODSIZE
, GFP_KERNEL
);
3705 skb_dst_set(skb
, &rt
->dst
);
3707 err
= rt6_fill_node(net
, skb
, rt
, NULL
, NULL
, iif
,
3708 RTM_NEWROUTE
, NETLINK_CB(in_skb
).portid
,
3711 err
= rt6_fill_node(net
, skb
, rt
, &fl6
.daddr
, &fl6
.saddr
, iif
,
3712 RTM_NEWROUTE
, NETLINK_CB(in_skb
).portid
,
3719 err
= rtnl_unicast(skb
, net
, NETLINK_CB(in_skb
).portid
);
3724 void inet6_rt_notify(int event
, struct rt6_info
*rt
, struct nl_info
*info
,
3725 unsigned int nlm_flags
)
3727 struct sk_buff
*skb
;
3728 struct net
*net
= info
->nl_net
;
3733 seq
= info
->nlh
? info
->nlh
->nlmsg_seq
: 0;
3735 skb
= nlmsg_new(rt6_nlmsg_size(rt
), gfp_any());
3739 err
= rt6_fill_node(net
, skb
, rt
, NULL
, NULL
, 0,
3740 event
, info
->portid
, seq
, nlm_flags
);
3742 /* -EMSGSIZE implies BUG in rt6_nlmsg_size() */
3743 WARN_ON(err
== -EMSGSIZE
);
3747 rtnl_notify(skb
, net
, info
->portid
, RTNLGRP_IPV6_ROUTE
,
3748 info
->nlh
, gfp_any());
3752 rtnl_set_sk_err(net
, RTNLGRP_IPV6_ROUTE
, err
);
3755 static int ip6_route_dev_notify(struct notifier_block
*this,
3756 unsigned long event
, void *ptr
)
3758 struct net_device
*dev
= netdev_notifier_info_to_dev(ptr
);
3759 struct net
*net
= dev_net(dev
);
3761 if (!(dev
->flags
& IFF_LOOPBACK
))
3764 if (event
== NETDEV_REGISTER
) {
3765 net
->ipv6
.ip6_null_entry
->dst
.dev
= dev
;
3766 net
->ipv6
.ip6_null_entry
->rt6i_idev
= in6_dev_get(dev
);
3767 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
3768 net
->ipv6
.ip6_prohibit_entry
->dst
.dev
= dev
;
3769 net
->ipv6
.ip6_prohibit_entry
->rt6i_idev
= in6_dev_get(dev
);
3770 net
->ipv6
.ip6_blk_hole_entry
->dst
.dev
= dev
;
3771 net
->ipv6
.ip6_blk_hole_entry
->rt6i_idev
= in6_dev_get(dev
);
3773 } else if (event
== NETDEV_UNREGISTER
) {
3774 in6_dev_put(net
->ipv6
.ip6_null_entry
->rt6i_idev
);
3775 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
3776 in6_dev_put(net
->ipv6
.ip6_prohibit_entry
->rt6i_idev
);
3777 in6_dev_put(net
->ipv6
.ip6_blk_hole_entry
->rt6i_idev
);
3788 #ifdef CONFIG_PROC_FS
3790 static const struct file_operations ipv6_route_proc_fops
= {
3791 .owner
= THIS_MODULE
,
3792 .open
= ipv6_route_open
,
3794 .llseek
= seq_lseek
,
3795 .release
= seq_release_net
,
3798 static int rt6_stats_seq_show(struct seq_file
*seq
, void *v
)
3800 struct net
*net
= (struct net
*)seq
->private;
3801 seq_printf(seq
, "%04x %04x %04x %04x %04x %04x %04x\n",
3802 net
->ipv6
.rt6_stats
->fib_nodes
,
3803 net
->ipv6
.rt6_stats
->fib_route_nodes
,
3804 net
->ipv6
.rt6_stats
->fib_rt_alloc
,
3805 net
->ipv6
.rt6_stats
->fib_rt_entries
,
3806 net
->ipv6
.rt6_stats
->fib_rt_cache
,
3807 dst_entries_get_slow(&net
->ipv6
.ip6_dst_ops
),
3808 net
->ipv6
.rt6_stats
->fib_discarded_routes
);
3813 static int rt6_stats_seq_open(struct inode
*inode
, struct file
*file
)
3815 return single_open_net(inode
, file
, rt6_stats_seq_show
);
3818 static const struct file_operations rt6_stats_seq_fops
= {
3819 .owner
= THIS_MODULE
,
3820 .open
= rt6_stats_seq_open
,
3822 .llseek
= seq_lseek
,
3823 .release
= single_release_net
,
3825 #endif /* CONFIG_PROC_FS */
3827 #ifdef CONFIG_SYSCTL
3830 int ipv6_sysctl_rtcache_flush(struct ctl_table
*ctl
, int write
,
3831 void __user
*buffer
, size_t *lenp
, loff_t
*ppos
)
3838 net
= (struct net
*)ctl
->extra1
;
3839 delay
= net
->ipv6
.sysctl
.flush_delay
;
3840 proc_dointvec(ctl
, write
, buffer
, lenp
, ppos
);
3841 fib6_run_gc(delay
<= 0 ? 0 : (unsigned long)delay
, net
, delay
> 0);
3845 struct ctl_table ipv6_route_table_template
[] = {
3847 .procname
= "flush",
3848 .data
= &init_net
.ipv6
.sysctl
.flush_delay
,
3849 .maxlen
= sizeof(int),
3851 .proc_handler
= ipv6_sysctl_rtcache_flush
3854 .procname
= "gc_thresh",
3855 .data
= &ip6_dst_ops_template
.gc_thresh
,
3856 .maxlen
= sizeof(int),
3858 .proc_handler
= proc_dointvec
,
3861 .procname
= "max_size",
3862 .data
= &init_net
.ipv6
.sysctl
.ip6_rt_max_size
,
3863 .maxlen
= sizeof(int),
3865 .proc_handler
= proc_dointvec
,
3868 .procname
= "gc_min_interval",
3869 .data
= &init_net
.ipv6
.sysctl
.ip6_rt_gc_min_interval
,
3870 .maxlen
= sizeof(int),
3872 .proc_handler
= proc_dointvec_jiffies
,
3875 .procname
= "gc_timeout",
3876 .data
= &init_net
.ipv6
.sysctl
.ip6_rt_gc_timeout
,
3877 .maxlen
= sizeof(int),
3879 .proc_handler
= proc_dointvec_jiffies
,
3882 .procname
= "gc_interval",
3883 .data
= &init_net
.ipv6
.sysctl
.ip6_rt_gc_interval
,
3884 .maxlen
= sizeof(int),
3886 .proc_handler
= proc_dointvec_jiffies
,
3889 .procname
= "gc_elasticity",
3890 .data
= &init_net
.ipv6
.sysctl
.ip6_rt_gc_elasticity
,
3891 .maxlen
= sizeof(int),
3893 .proc_handler
= proc_dointvec
,
3896 .procname
= "mtu_expires",
3897 .data
= &init_net
.ipv6
.sysctl
.ip6_rt_mtu_expires
,
3898 .maxlen
= sizeof(int),
3900 .proc_handler
= proc_dointvec_jiffies
,
3903 .procname
= "min_adv_mss",
3904 .data
= &init_net
.ipv6
.sysctl
.ip6_rt_min_advmss
,
3905 .maxlen
= sizeof(int),
3907 .proc_handler
= proc_dointvec
,
3910 .procname
= "gc_min_interval_ms",
3911 .data
= &init_net
.ipv6
.sysctl
.ip6_rt_gc_min_interval
,
3912 .maxlen
= sizeof(int),
3914 .proc_handler
= proc_dointvec_ms_jiffies
,
3919 struct ctl_table
* __net_init
ipv6_route_sysctl_init(struct net
*net
)
3921 struct ctl_table
*table
;
3923 table
= kmemdup(ipv6_route_table_template
,
3924 sizeof(ipv6_route_table_template
),
3928 table
[0].data
= &net
->ipv6
.sysctl
.flush_delay
;
3929 table
[0].extra1
= net
;
3930 table
[1].data
= &net
->ipv6
.ip6_dst_ops
.gc_thresh
;
3931 table
[2].data
= &net
->ipv6
.sysctl
.ip6_rt_max_size
;
3932 table
[3].data
= &net
->ipv6
.sysctl
.ip6_rt_gc_min_interval
;
3933 table
[4].data
= &net
->ipv6
.sysctl
.ip6_rt_gc_timeout
;
3934 table
[5].data
= &net
->ipv6
.sysctl
.ip6_rt_gc_interval
;
3935 table
[6].data
= &net
->ipv6
.sysctl
.ip6_rt_gc_elasticity
;
3936 table
[7].data
= &net
->ipv6
.sysctl
.ip6_rt_mtu_expires
;
3937 table
[8].data
= &net
->ipv6
.sysctl
.ip6_rt_min_advmss
;
3938 table
[9].data
= &net
->ipv6
.sysctl
.ip6_rt_gc_min_interval
;
3940 /* Don't export sysctls to unprivileged users */
3941 if (net
->user_ns
!= &init_user_ns
)
3942 table
[0].procname
= NULL
;
3949 static int __net_init
ip6_route_net_init(struct net
*net
)
3953 memcpy(&net
->ipv6
.ip6_dst_ops
, &ip6_dst_ops_template
,
3954 sizeof(net
->ipv6
.ip6_dst_ops
));
3956 if (dst_entries_init(&net
->ipv6
.ip6_dst_ops
) < 0)
3957 goto out_ip6_dst_ops
;
3959 net
->ipv6
.ip6_null_entry
= kmemdup(&ip6_null_entry_template
,
3960 sizeof(*net
->ipv6
.ip6_null_entry
),
3962 if (!net
->ipv6
.ip6_null_entry
)
3963 goto out_ip6_dst_entries
;
3964 net
->ipv6
.ip6_null_entry
->dst
.path
=
3965 (struct dst_entry
*)net
->ipv6
.ip6_null_entry
;
3966 net
->ipv6
.ip6_null_entry
->dst
.ops
= &net
->ipv6
.ip6_dst_ops
;
3967 dst_init_metrics(&net
->ipv6
.ip6_null_entry
->dst
,
3968 ip6_template_metrics
, true);
3970 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
3971 net
->ipv6
.ip6_prohibit_entry
= kmemdup(&ip6_prohibit_entry_template
,
3972 sizeof(*net
->ipv6
.ip6_prohibit_entry
),
3974 if (!net
->ipv6
.ip6_prohibit_entry
)
3975 goto out_ip6_null_entry
;
3976 net
->ipv6
.ip6_prohibit_entry
->dst
.path
=
3977 (struct dst_entry
*)net
->ipv6
.ip6_prohibit_entry
;
3978 net
->ipv6
.ip6_prohibit_entry
->dst
.ops
= &net
->ipv6
.ip6_dst_ops
;
3979 dst_init_metrics(&net
->ipv6
.ip6_prohibit_entry
->dst
,
3980 ip6_template_metrics
, true);
3982 net
->ipv6
.ip6_blk_hole_entry
= kmemdup(&ip6_blk_hole_entry_template
,
3983 sizeof(*net
->ipv6
.ip6_blk_hole_entry
),
3985 if (!net
->ipv6
.ip6_blk_hole_entry
)
3986 goto out_ip6_prohibit_entry
;
3987 net
->ipv6
.ip6_blk_hole_entry
->dst
.path
=
3988 (struct dst_entry
*)net
->ipv6
.ip6_blk_hole_entry
;
3989 net
->ipv6
.ip6_blk_hole_entry
->dst
.ops
= &net
->ipv6
.ip6_dst_ops
;
3990 dst_init_metrics(&net
->ipv6
.ip6_blk_hole_entry
->dst
,
3991 ip6_template_metrics
, true);
3994 net
->ipv6
.sysctl
.flush_delay
= 0;
3995 net
->ipv6
.sysctl
.ip6_rt_max_size
= 4096;
3996 net
->ipv6
.sysctl
.ip6_rt_gc_min_interval
= HZ
/ 2;
3997 net
->ipv6
.sysctl
.ip6_rt_gc_timeout
= 60*HZ
;
3998 net
->ipv6
.sysctl
.ip6_rt_gc_interval
= 30*HZ
;
3999 net
->ipv6
.sysctl
.ip6_rt_gc_elasticity
= 9;
4000 net
->ipv6
.sysctl
.ip6_rt_mtu_expires
= 10*60*HZ
;
4001 net
->ipv6
.sysctl
.ip6_rt_min_advmss
= IPV6_MIN_MTU
- 20 - 40;
4003 net
->ipv6
.ip6_rt_gc_expire
= 30*HZ
;
4009 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
4010 out_ip6_prohibit_entry
:
4011 kfree(net
->ipv6
.ip6_prohibit_entry
);
4013 kfree(net
->ipv6
.ip6_null_entry
);
4015 out_ip6_dst_entries
:
4016 dst_entries_destroy(&net
->ipv6
.ip6_dst_ops
);
4021 static void __net_exit
ip6_route_net_exit(struct net
*net
)
4023 kfree(net
->ipv6
.ip6_null_entry
);
4024 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
4025 kfree(net
->ipv6
.ip6_prohibit_entry
);
4026 kfree(net
->ipv6
.ip6_blk_hole_entry
);
4028 dst_entries_destroy(&net
->ipv6
.ip6_dst_ops
);
4031 static int __net_init
ip6_route_net_init_late(struct net
*net
)
4033 #ifdef CONFIG_PROC_FS
4034 proc_create("ipv6_route", 0, net
->proc_net
, &ipv6_route_proc_fops
);
4035 proc_create("rt6_stats", S_IRUGO
, net
->proc_net
, &rt6_stats_seq_fops
);
4040 static void __net_exit
ip6_route_net_exit_late(struct net
*net
)
4042 #ifdef CONFIG_PROC_FS
4043 remove_proc_entry("ipv6_route", net
->proc_net
);
4044 remove_proc_entry("rt6_stats", net
->proc_net
);
4048 static struct pernet_operations ip6_route_net_ops
= {
4049 .init
= ip6_route_net_init
,
4050 .exit
= ip6_route_net_exit
,
4053 static int __net_init
ipv6_inetpeer_init(struct net
*net
)
4055 struct inet_peer_base
*bp
= kmalloc(sizeof(*bp
), GFP_KERNEL
);
4059 inet_peer_base_init(bp
);
4060 net
->ipv6
.peers
= bp
;
4064 static void __net_exit
ipv6_inetpeer_exit(struct net
*net
)
4066 struct inet_peer_base
*bp
= net
->ipv6
.peers
;
4068 net
->ipv6
.peers
= NULL
;
4069 inetpeer_invalidate_tree(bp
);
4073 static struct pernet_operations ipv6_inetpeer_ops
= {
4074 .init
= ipv6_inetpeer_init
,
4075 .exit
= ipv6_inetpeer_exit
,
4078 static struct pernet_operations ip6_route_net_late_ops
= {
4079 .init
= ip6_route_net_init_late
,
4080 .exit
= ip6_route_net_exit_late
,
4083 static struct notifier_block ip6_route_dev_notifier
= {
4084 .notifier_call
= ip6_route_dev_notify
,
4085 .priority
= ADDRCONF_NOTIFY_PRIORITY
- 10,
4088 void __init
ip6_route_init_special_entries(void)
4090 /* Registering of the loopback is done before this portion of code,
4091 * the loopback reference in rt6_info will not be taken, do it
4092 * manually for init_net */
4093 init_net
.ipv6
.ip6_null_entry
->dst
.dev
= init_net
.loopback_dev
;
4094 init_net
.ipv6
.ip6_null_entry
->rt6i_idev
= in6_dev_get(init_net
.loopback_dev
);
4095 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
4096 init_net
.ipv6
.ip6_prohibit_entry
->dst
.dev
= init_net
.loopback_dev
;
4097 init_net
.ipv6
.ip6_prohibit_entry
->rt6i_idev
= in6_dev_get(init_net
.loopback_dev
);
4098 init_net
.ipv6
.ip6_blk_hole_entry
->dst
.dev
= init_net
.loopback_dev
;
4099 init_net
.ipv6
.ip6_blk_hole_entry
->rt6i_idev
= in6_dev_get(init_net
.loopback_dev
);
4103 int __init
ip6_route_init(void)
4109 ip6_dst_ops_template
.kmem_cachep
=
4110 kmem_cache_create("ip6_dst_cache", sizeof(struct rt6_info
), 0,
4111 SLAB_HWCACHE_ALIGN
, NULL
);
4112 if (!ip6_dst_ops_template
.kmem_cachep
)
4115 ret
= dst_entries_init(&ip6_dst_blackhole_ops
);
4117 goto out_kmem_cache
;
4119 ret
= register_pernet_subsys(&ipv6_inetpeer_ops
);
4121 goto out_dst_entries
;
4123 ret
= register_pernet_subsys(&ip6_route_net_ops
);
4125 goto out_register_inetpeer
;
4127 ip6_dst_blackhole_ops
.kmem_cachep
= ip6_dst_ops_template
.kmem_cachep
;
4131 goto out_register_subsys
;
4137 ret
= fib6_rules_init();
4141 ret
= register_pernet_subsys(&ip6_route_net_late_ops
);
4143 goto fib6_rules_init
;
4146 if (__rtnl_register(PF_INET6
, RTM_NEWROUTE
, inet6_rtm_newroute
, NULL
, NULL
) ||
4147 __rtnl_register(PF_INET6
, RTM_DELROUTE
, inet6_rtm_delroute
, NULL
, NULL
) ||
4148 __rtnl_register(PF_INET6
, RTM_GETROUTE
, inet6_rtm_getroute
, NULL
, NULL
))
4149 goto out_register_late_subsys
;
4151 ret
= register_netdevice_notifier(&ip6_route_dev_notifier
);
4153 goto out_register_late_subsys
;
4155 for_each_possible_cpu(cpu
) {
4156 struct uncached_list
*ul
= per_cpu_ptr(&rt6_uncached_list
, cpu
);
4158 INIT_LIST_HEAD(&ul
->head
);
4159 spin_lock_init(&ul
->lock
);
4165 out_register_late_subsys
:
4166 unregister_pernet_subsys(&ip6_route_net_late_ops
);
4168 fib6_rules_cleanup();
4173 out_register_subsys
:
4174 unregister_pernet_subsys(&ip6_route_net_ops
);
4175 out_register_inetpeer
:
4176 unregister_pernet_subsys(&ipv6_inetpeer_ops
);
4178 dst_entries_destroy(&ip6_dst_blackhole_ops
);
4180 kmem_cache_destroy(ip6_dst_ops_template
.kmem_cachep
);
4184 void ip6_route_cleanup(void)
4186 unregister_netdevice_notifier(&ip6_route_dev_notifier
);
4187 unregister_pernet_subsys(&ip6_route_net_late_ops
);
4188 fib6_rules_cleanup();
4191 unregister_pernet_subsys(&ipv6_inetpeer_ops
);
4192 unregister_pernet_subsys(&ip6_route_net_ops
);
4193 dst_entries_destroy(&ip6_dst_blackhole_ops
);
4194 kmem_cache_destroy(ip6_dst_ops_template
.kmem_cachep
);