]> git.proxmox.com Git - mirror_ubuntu-bionic-kernel.git/blob - net/ipv6/route.c
projects / mirror_ubuntu-bionic-kernel.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge branch 'for-2.6.39' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/percpu
[mirror_ubuntu-bionic-kernel.git] / net / ipv6 / route.c
1 /*
2 * Linux INET6 implementation
3 * FIB front-end.
4 *
5 * Authors:
6 * Pedro Roque <roque@di.fc.ul.pt>
7 *
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public License
10 * as published by the Free Software Foundation; either version
11 * 2 of the License, or (at your option) any later version.
12 */
13
14 /* Changes:
15 *
16 * YOSHIFUJI Hideaki @USAGI
17 * reworked default router selection.
18 * - respect outgoing interface
19 * - select from (probably) reachable routers (i.e.
20 * routers in REACHABLE, STALE, DELAY or PROBE states).
21 * - always select the same router if it is (probably)
22 * reachable. otherwise, round-robin the list.
23 * Ville Nuorvala
24 * Fixed routing subtrees.
25 */
26
27 #include <linux/capability.h>
28 #include <linux/errno.h>
29 #include <linux/types.h>
30 #include <linux/times.h>
31 #include <linux/socket.h>
32 #include <linux/sockios.h>
33 #include <linux/net.h>
34 #include <linux/route.h>
35 #include <linux/netdevice.h>
36 #include <linux/in6.h>
37 #include <linux/mroute6.h>
38 #include <linux/init.h>
39 #include <linux/if_arp.h>
40 #include <linux/proc_fs.h>
41 #include <linux/seq_file.h>
42 #include <linux/nsproxy.h>
43 #include <linux/slab.h>
44 #include <net/net_namespace.h>
45 #include <net/snmp.h>
46 #include <net/ipv6.h>
47 #include <net/ip6_fib.h>
48 #include <net/ip6_route.h>
49 #include <net/ndisc.h>
50 #include <net/addrconf.h>
51 #include <net/tcp.h>
52 #include <linux/rtnetlink.h>
53 #include <net/dst.h>
54 #include <net/xfrm.h>
55 #include <net/netevent.h>
56 #include <net/netlink.h>
57
58 #include <asm/uaccess.h>
59
60 #ifdef CONFIG_SYSCTL
61 #include <linux/sysctl.h>
62 #endif
63
64 /* Set to 3 to get tracing. */
65 #define RT6_DEBUG 2
66
67 #if RT6_DEBUG >= 3
68 #define RDBG(x) printk x
69 #define RT6_TRACE(x...) printk(KERN_DEBUG x)
70 #else
71 #define RDBG(x)
72 #define RT6_TRACE(x...) do { ; } while (0)
73 #endif
74
75 static struct rt6_info * ip6_rt_copy(struct rt6_info *ort);
76 static struct dst_entry *ip6_dst_check(struct dst_entry *dst, u32 cookie);
77 static unsigned int ip6_default_advmss(const struct dst_entry *dst);
78 static unsigned int ip6_default_mtu(const struct dst_entry *dst);
79 static struct dst_entry *ip6_negative_advice(struct dst_entry *);
80 static void ip6_dst_destroy(struct dst_entry *);
81 static void ip6_dst_ifdown(struct dst_entry *,
82 struct net_device *dev, int how);
83 static int ip6_dst_gc(struct dst_ops *ops);
84
85 static int ip6_pkt_discard(struct sk_buff *skb);
86 static int ip6_pkt_discard_out(struct sk_buff *skb);
87 static void ip6_link_failure(struct sk_buff *skb);
88 static void ip6_rt_update_pmtu(struct dst_entry *dst, u32 mtu);
89
90 #ifdef CONFIG_IPV6_ROUTE_INFO
91 static struct rt6_info *rt6_add_route_info(struct net *net,
92 struct in6_addr *prefix, int prefixlen,
93 struct in6_addr *gwaddr, int ifindex,
94 unsigned pref);
95 static struct rt6_info *rt6_get_route_info(struct net *net,
96 struct in6_addr *prefix, int prefixlen,
97 struct in6_addr *gwaddr, int ifindex);
98 #endif
99
100 static struct dst_ops ip6_dst_ops_template = {
101 .family = AF_INET6,
102 .protocol = cpu_to_be16(ETH_P_IPV6),
103 .gc = ip6_dst_gc,
104 .gc_thresh = 1024,
105 .check = ip6_dst_check,
106 .default_advmss = ip6_default_advmss,
107 .default_mtu = ip6_default_mtu,
108 .destroy = ip6_dst_destroy,
109 .ifdown = ip6_dst_ifdown,
110 .negative_advice = ip6_negative_advice,
111 .link_failure = ip6_link_failure,
112 .update_pmtu = ip6_rt_update_pmtu,
113 .local_out = __ip6_local_out,
114 };
115
116 static unsigned int ip6_blackhole_default_mtu(const struct dst_entry *dst)
117 {
118 return 0;
119 }
120
121 static void ip6_rt_blackhole_update_pmtu(struct dst_entry *dst, u32 mtu)
122 {
123 }
124
125 static struct dst_ops ip6_dst_blackhole_ops = {
126 .family = AF_INET6,
127 .protocol = cpu_to_be16(ETH_P_IPV6),
128 .destroy = ip6_dst_destroy,
129 .check = ip6_dst_check,
130 .default_mtu = ip6_blackhole_default_mtu,
131 .default_advmss = ip6_default_advmss,
132 .update_pmtu = ip6_rt_blackhole_update_pmtu,
133 };
134
135 static struct rt6_info ip6_null_entry_template = {
136 .dst = {
137 .__refcnt = ATOMIC_INIT(1),
138 .__use = 1,
139 .obsolete = -1,
140 .error = -ENETUNREACH,
141 .input = ip6_pkt_discard,
142 .output = ip6_pkt_discard_out,
143 },
144 .rt6i_flags = (RTF_REJECT | RTF_NONEXTHOP),
145 .rt6i_protocol = RTPROT_KERNEL,
146 .rt6i_metric = ~(u32) 0,
147 .rt6i_ref = ATOMIC_INIT(1),
148 };
149
150 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
151
152 static int ip6_pkt_prohibit(struct sk_buff *skb);
153 static int ip6_pkt_prohibit_out(struct sk_buff *skb);
154
155 static struct rt6_info ip6_prohibit_entry_template = {
156 .dst = {
157 .__refcnt = ATOMIC_INIT(1),
158 .__use = 1,
159 .obsolete = -1,
160 .error = -EACCES,
161 .input = ip6_pkt_prohibit,
162 .output = ip6_pkt_prohibit_out,
163 },
164 .rt6i_flags = (RTF_REJECT | RTF_NONEXTHOP),
165 .rt6i_protocol = RTPROT_KERNEL,
166 .rt6i_metric = ~(u32) 0,
167 .rt6i_ref = ATOMIC_INIT(1),
168 };
169
170 static struct rt6_info ip6_blk_hole_entry_template = {
171 .dst = {
172 .__refcnt = ATOMIC_INIT(1),
173 .__use = 1,
174 .obsolete = -1,
175 .error = -EINVAL,
176 .input = dst_discard,
177 .output = dst_discard,
178 },
179 .rt6i_flags = (RTF_REJECT | RTF_NONEXTHOP),
180 .rt6i_protocol = RTPROT_KERNEL,
181 .rt6i_metric = ~(u32) 0,
182 .rt6i_ref = ATOMIC_INIT(1),
183 };
184
185 #endif
186
187 /* allocate dst with ip6_dst_ops */
188 static inline struct rt6_info *ip6_dst_alloc(struct dst_ops *ops)
189 {
190 return (struct rt6_info *)dst_alloc(ops);
191 }
192
193 static void ip6_dst_destroy(struct dst_entry *dst)
194 {
195 struct rt6_info *rt = (struct rt6_info *)dst;
196 struct inet6_dev *idev = rt->rt6i_idev;
197 struct inet_peer *peer = rt->rt6i_peer;
198
199 if (idev != NULL) {
200 rt->rt6i_idev = NULL;
201 in6_dev_put(idev);
202 }
203 if (peer) {
204 rt->rt6i_peer = NULL;
205 inet_putpeer(peer);
206 }
207 }
208
209 void rt6_bind_peer(struct rt6_info *rt, int create)
210 {
211 struct inet_peer *peer;
212
213 peer = inet_getpeer_v6(&rt->rt6i_dst.addr, create);
214 if (peer && cmpxchg(&rt->rt6i_peer, NULL, peer) != NULL)
215 inet_putpeer(peer);
216 }
217
218 static void ip6_dst_ifdown(struct dst_entry *dst, struct net_device *dev,
219 int how)
220 {
221 struct rt6_info *rt = (struct rt6_info *)dst;
222 struct inet6_dev *idev = rt->rt6i_idev;
223 struct net_device *loopback_dev =
224 dev_net(dev)->loopback_dev;
225
226 if (dev != loopback_dev && idev != NULL && idev->dev == dev) {
227 struct inet6_dev *loopback_idev =
228 in6_dev_get(loopback_dev);
229 if (loopback_idev != NULL) {
230 rt->rt6i_idev = loopback_idev;
231 in6_dev_put(idev);
232 }
233 }
234 }
235
236 static __inline__ int rt6_check_expired(const struct rt6_info *rt)
237 {
238 return (rt->rt6i_flags & RTF_EXPIRES) &&
239 time_after(jiffies, rt->rt6i_expires);
240 }
241
242 static inline int rt6_need_strict(struct in6_addr *daddr)
243 {
244 return ipv6_addr_type(daddr) &
245 (IPV6_ADDR_MULTICAST | IPV6_ADDR_LINKLOCAL | IPV6_ADDR_LOOPBACK);
246 }
247
248 /*
249 * Route lookup. Any table->tb6_lock is implied.
250 */
251
252 static inline struct rt6_info *rt6_device_match(struct net *net,
253 struct rt6_info *rt,
254 struct in6_addr *saddr,
255 int oif,
256 int flags)
257 {
258 struct rt6_info *local = NULL;
259 struct rt6_info *sprt;
260
261 if (!oif && ipv6_addr_any(saddr))
262 goto out;
263
264 for (sprt = rt; sprt; sprt = sprt->dst.rt6_next) {
265 struct net_device *dev = sprt->rt6i_dev;
266
267 if (oif) {
268 if (dev->ifindex == oif)
269 return sprt;
270 if (dev->flags & IFF_LOOPBACK) {
271 if (sprt->rt6i_idev == NULL ||
272 sprt->rt6i_idev->dev->ifindex != oif) {
273 if (flags & RT6_LOOKUP_F_IFACE && oif)
274 continue;
275 if (local && (!oif ||
276 local->rt6i_idev->dev->ifindex == oif))
277 continue;
278 }
279 local = sprt;
280 }
281 } else {
282 if (ipv6_chk_addr(net, saddr, dev,
283 flags & RT6_LOOKUP_F_IFACE))
284 return sprt;
285 }
286 }
287
288 if (oif) {
289 if (local)
290 return local;
291
292 if (flags & RT6_LOOKUP_F_IFACE)
293 return net->ipv6.ip6_null_entry;
294 }
295 out:
296 return rt;
297 }
298
299 #ifdef CONFIG_IPV6_ROUTER_PREF
300 static void rt6_probe(struct rt6_info *rt)
301 {
302 struct neighbour *neigh = rt ? rt->rt6i_nexthop : NULL;
303 /*
304 * Okay, this does not seem to be appropriate
305 * for now, however, we need to check if it
306 * is really so; aka Router Reachability Probing.
307 *
308 * Router Reachability Probe MUST be rate-limited
309 * to no more than one per minute.
310 */
311 if (!neigh || (neigh->nud_state & NUD_VALID))
312 return;
313 read_lock_bh(&neigh->lock);
314 if (!(neigh->nud_state & NUD_VALID) &&
315 time_after(jiffies, neigh->updated + rt->rt6i_idev->cnf.rtr_probe_interval)) {
316 struct in6_addr mcaddr;
317 struct in6_addr *target;
318
319 neigh->updated = jiffies;
320 read_unlock_bh(&neigh->lock);
321
322 target = (struct in6_addr *)&neigh->primary_key;
323 addrconf_addr_solict_mult(target, &mcaddr);
324 ndisc_send_ns(rt->rt6i_dev, NULL, target, &mcaddr, NULL);
325 } else
326 read_unlock_bh(&neigh->lock);
327 }
328 #else
329 static inline void rt6_probe(struct rt6_info *rt)
330 {
331 }
332 #endif
333
334 /*
335 * Default Router Selection (RFC 2461 6.3.6)
336 */
337 static inline int rt6_check_dev(struct rt6_info *rt, int oif)
338 {
339 struct net_device *dev = rt->rt6i_dev;
340 if (!oif || dev->ifindex == oif)
341 return 2;
342 if ((dev->flags & IFF_LOOPBACK) &&
343 rt->rt6i_idev && rt->rt6i_idev->dev->ifindex == oif)
344 return 1;
345 return 0;
346 }
347
348 static inline int rt6_check_neigh(struct rt6_info *rt)
349 {
350 struct neighbour *neigh = rt->rt6i_nexthop;
351 int m;
352 if (rt->rt6i_flags & RTF_NONEXTHOP ||
353 !(rt->rt6i_flags & RTF_GATEWAY))
354 m = 1;
355 else if (neigh) {
356 read_lock_bh(&neigh->lock);
357 if (neigh->nud_state & NUD_VALID)
358 m = 2;
359 #ifdef CONFIG_IPV6_ROUTER_PREF
360 else if (neigh->nud_state & NUD_FAILED)
361 m = 0;
362 #endif
363 else
364 m = 1;
365 read_unlock_bh(&neigh->lock);
366 } else
367 m = 0;
368 return m;
369 }
370
371 static int rt6_score_route(struct rt6_info *rt, int oif,
372 int strict)
373 {
374 int m, n;
375
376 m = rt6_check_dev(rt, oif);
377 if (!m && (strict & RT6_LOOKUP_F_IFACE))
378 return -1;
379 #ifdef CONFIG_IPV6_ROUTER_PREF
380 m |= IPV6_DECODE_PREF(IPV6_EXTRACT_PREF(rt->rt6i_flags)) << 2;
381 #endif
382 n = rt6_check_neigh(rt);
383 if (!n && (strict & RT6_LOOKUP_F_REACHABLE))
384 return -1;
385 return m;
386 }
387
388 static struct rt6_info *find_match(struct rt6_info *rt, int oif, int strict,
389 int *mpri, struct rt6_info *match)
390 {
391 int m;
392
393 if (rt6_check_expired(rt))
394 goto out;
395
396 m = rt6_score_route(rt, oif, strict);
397 if (m < 0)
398 goto out;
399
400 if (m > *mpri) {
401 if (strict & RT6_LOOKUP_F_REACHABLE)
402 rt6_probe(match);
403 *mpri = m;
404 match = rt;
405 } else if (strict & RT6_LOOKUP_F_REACHABLE) {
406 rt6_probe(rt);
407 }
408
409 out:
410 return match;
411 }
412
413 static struct rt6_info *find_rr_leaf(struct fib6_node *fn,
414 struct rt6_info *rr_head,
415 u32 metric, int oif, int strict)
416 {
417 struct rt6_info *rt, *match;
418 int mpri = -1;
419
420 match = NULL;
421 for (rt = rr_head; rt && rt->rt6i_metric == metric;
422 rt = rt->dst.rt6_next)
423 match = find_match(rt, oif, strict, &mpri, match);
424 for (rt = fn->leaf; rt && rt != rr_head && rt->rt6i_metric == metric;
425 rt = rt->dst.rt6_next)
426 match = find_match(rt, oif, strict, &mpri, match);
427
428 return match;
429 }
430
431 static struct rt6_info *rt6_select(struct fib6_node *fn, int oif, int strict)
432 {
433 struct rt6_info *match, *rt0;
434 struct net *net;
435
436 RT6_TRACE("%s(fn->leaf=%p, oif=%d)\n",
437 __func__, fn->leaf, oif);
438
439 rt0 = fn->rr_ptr;
440 if (!rt0)
441 fn->rr_ptr = rt0 = fn->leaf;
442
443 match = find_rr_leaf(fn, rt0, rt0->rt6i_metric, oif, strict);
444
445 if (!match &&
446 (strict & RT6_LOOKUP_F_REACHABLE)) {
447 struct rt6_info *next = rt0->dst.rt6_next;
448
449 /* no entries matched; do round-robin */
450 if (!next || next->rt6i_metric != rt0->rt6i_metric)
451 next = fn->leaf;
452
453 if (next != rt0)
454 fn->rr_ptr = next;
455 }
456
457 RT6_TRACE("%s() => %p\n",
458 __func__, match);
459
460 net = dev_net(rt0->rt6i_dev);
461 return match ? match : net->ipv6.ip6_null_entry;
462 }
463
464 #ifdef CONFIG_IPV6_ROUTE_INFO
465 int rt6_route_rcv(struct net_device *dev, u8 *opt, int len,
466 struct in6_addr *gwaddr)
467 {
468 struct net *net = dev_net(dev);
469 struct route_info *rinfo = (struct route_info *) opt;
470 struct in6_addr prefix_buf, *prefix;
471 unsigned int pref;
472 unsigned long lifetime;
473 struct rt6_info *rt;
474
475 if (len < sizeof(struct route_info)) {
476 return -EINVAL;
477 }
478
479 /* Sanity check for prefix_len and length */
480 if (rinfo->length > 3) {
481 return -EINVAL;
482 } else if (rinfo->prefix_len > 128) {
483 return -EINVAL;
484 } else if (rinfo->prefix_len > 64) {
485 if (rinfo->length < 2) {
486 return -EINVAL;
487 }
488 } else if (rinfo->prefix_len > 0) {
489 if (rinfo->length < 1) {
490 return -EINVAL;
491 }
492 }
493
494 pref = rinfo->route_pref;
495 if (pref == ICMPV6_ROUTER_PREF_INVALID)
496 return -EINVAL;
497
498 lifetime = addrconf_timeout_fixup(ntohl(rinfo->lifetime), HZ);
499
500 if (rinfo->length == 3)
501 prefix = (struct in6_addr *)rinfo->prefix;
502 else {
503 /* this function is safe */
504 ipv6_addr_prefix(&prefix_buf,
505 (struct in6_addr *)rinfo->prefix,
506 rinfo->prefix_len);
507 prefix = &prefix_buf;
508 }
509
510 rt = rt6_get_route_info(net, prefix, rinfo->prefix_len, gwaddr,
511 dev->ifindex);
512
513 if (rt && !lifetime) {
514 ip6_del_rt(rt);
515 rt = NULL;
516 }
517
518 if (!rt && lifetime)
519 rt = rt6_add_route_info(net, prefix, rinfo->prefix_len, gwaddr, dev->ifindex,
520 pref);
521 else if (rt)
522 rt->rt6i_flags = RTF_ROUTEINFO |
523 (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
524
525 if (rt) {
526 if (!addrconf_finite_timeout(lifetime)) {
527 rt->rt6i_flags &= ~RTF_EXPIRES;
528 } else {
529 rt->rt6i_expires = jiffies + HZ * lifetime;
530 rt->rt6i_flags |= RTF_EXPIRES;
531 }
532 dst_release(&rt->dst);
533 }
534 return 0;
535 }
536 #endif
537
538 #define BACKTRACK(__net, saddr) \
539 do { \
540 if (rt == __net->ipv6.ip6_null_entry) { \
541 struct fib6_node *pn; \
542 while (1) { \
543 if (fn->fn_flags & RTN_TL_ROOT) \
544 goto out; \
545 pn = fn->parent; \
546 if (FIB6_SUBTREE(pn) && FIB6_SUBTREE(pn) != fn) \
547 fn = fib6_lookup(FIB6_SUBTREE(pn), NULL, saddr); \
548 else \
549 fn = pn; \
550 if (fn->fn_flags & RTN_RTINFO) \
551 goto restart; \
552 } \
553 } \
554 } while(0)
555
556 static struct rt6_info *ip6_pol_route_lookup(struct net *net,
557 struct fib6_table *table,
558 struct flowi *fl, int flags)
559 {
560 struct fib6_node *fn;
561 struct rt6_info *rt;
562
563 read_lock_bh(&table->tb6_lock);
564 fn = fib6_lookup(&table->tb6_root, &fl->fl6_dst, &fl->fl6_src);
565 restart:
566 rt = fn->leaf;
567 rt = rt6_device_match(net, rt, &fl->fl6_src, fl->oif, flags);
568 BACKTRACK(net, &fl->fl6_src);
569 out:
570 dst_use(&rt->dst, jiffies);
571 read_unlock_bh(&table->tb6_lock);
572 return rt;
573
574 }
575
576 struct rt6_info *rt6_lookup(struct net *net, const struct in6_addr *daddr,
577 const struct in6_addr *saddr, int oif, int strict)
578 {
579 struct flowi fl = {
580 .oif = oif,
581 .fl6_dst = *daddr,
582 };
583 struct dst_entry *dst;
584 int flags = strict ? RT6_LOOKUP_F_IFACE : 0;
585
586 if (saddr) {
587 memcpy(&fl.fl6_src, saddr, sizeof(*saddr));
588 flags |= RT6_LOOKUP_F_HAS_SADDR;
589 }
590
591 dst = fib6_rule_lookup(net, &fl, flags, ip6_pol_route_lookup);
592 if (dst->error == 0)
593 return (struct rt6_info *) dst;
594
595 dst_release(dst);
596
597 return NULL;
598 }
599
600 EXPORT_SYMBOL(rt6_lookup);
601
602 /* ip6_ins_rt is called with FREE table->tb6_lock.
603 It takes new route entry, the addition fails by any reason the
604 route is freed. In any case, if caller does not hold it, it may
605 be destroyed.
606 */
607
608 static int __ip6_ins_rt(struct rt6_info *rt, struct nl_info *info)
609 {
610 int err;
611 struct fib6_table *table;
612
613 table = rt->rt6i_table;
614 write_lock_bh(&table->tb6_lock);
615 err = fib6_add(&table->tb6_root, rt, info);
616 write_unlock_bh(&table->tb6_lock);
617
618 return err;
619 }
620
621 int ip6_ins_rt(struct rt6_info *rt)
622 {
623 struct nl_info info = {
624 .nl_net = dev_net(rt->rt6i_dev),
625 };
626 return __ip6_ins_rt(rt, &info);
627 }
628
629 static struct rt6_info *rt6_alloc_cow(struct rt6_info *ort, struct in6_addr *daddr,
630 struct in6_addr *saddr)
631 {
632 struct rt6_info *rt;
633
634 /*
635 * Clone the route.
636 */
637
638 rt = ip6_rt_copy(ort);
639
640 if (rt) {
641 struct neighbour *neigh;
642 int attempts = !in_softirq();
643
644 if (!(rt->rt6i_flags&RTF_GATEWAY)) {
645 if (rt->rt6i_dst.plen != 128 &&
646 ipv6_addr_equal(&rt->rt6i_dst.addr, daddr))
647 rt->rt6i_flags |= RTF_ANYCAST;
648 ipv6_addr_copy(&rt->rt6i_gateway, daddr);
649 }
650
651 ipv6_addr_copy(&rt->rt6i_dst.addr, daddr);
652 rt->rt6i_dst.plen = 128;
653 rt->rt6i_flags |= RTF_CACHE;
654 rt->dst.flags |= DST_HOST;
655
656 #ifdef CONFIG_IPV6_SUBTREES
657 if (rt->rt6i_src.plen && saddr) {
658 ipv6_addr_copy(&rt->rt6i_src.addr, saddr);
659 rt->rt6i_src.plen = 128;
660 }
661 #endif
662
663 retry:
664 neigh = ndisc_get_neigh(rt->rt6i_dev, &rt->rt6i_gateway);
665 if (IS_ERR(neigh)) {
666 struct net *net = dev_net(rt->rt6i_dev);
667 int saved_rt_min_interval =
668 net->ipv6.sysctl.ip6_rt_gc_min_interval;
669 int saved_rt_elasticity =
670 net->ipv6.sysctl.ip6_rt_gc_elasticity;
671
672 if (attempts-- > 0) {
673 net->ipv6.sysctl.ip6_rt_gc_elasticity = 1;
674 net->ipv6.sysctl.ip6_rt_gc_min_interval = 0;
675
676 ip6_dst_gc(&net->ipv6.ip6_dst_ops);
677
678 net->ipv6.sysctl.ip6_rt_gc_elasticity =
679 saved_rt_elasticity;
680 net->ipv6.sysctl.ip6_rt_gc_min_interval =
681 saved_rt_min_interval;
682 goto retry;
683 }
684
685 if (net_ratelimit())
686 printk(KERN_WARNING
687 "ipv6: Neighbour table overflow.\n");
688 dst_free(&rt->dst);
689 return NULL;
690 }
691 rt->rt6i_nexthop = neigh;
692
693 }
694
695 return rt;
696 }
697
698 static struct rt6_info *rt6_alloc_clone(struct rt6_info *ort, struct in6_addr *daddr)
699 {
700 struct rt6_info *rt = ip6_rt_copy(ort);
701 if (rt) {
702 ipv6_addr_copy(&rt->rt6i_dst.addr, daddr);
703 rt->rt6i_dst.plen = 128;
704 rt->rt6i_flags |= RTF_CACHE;
705 rt->dst.flags |= DST_HOST;
706 rt->rt6i_nexthop = neigh_clone(ort->rt6i_nexthop);
707 }
708 return rt;
709 }
710
711 static struct rt6_info *ip6_pol_route(struct net *net, struct fib6_table *table, int oif,
712 struct flowi *fl, int flags)
713 {
714 struct fib6_node *fn;
715 struct rt6_info *rt, *nrt;
716 int strict = 0;
717 int attempts = 3;
718 int err;
719 int reachable = net->ipv6.devconf_all->forwarding ? 0 : RT6_LOOKUP_F_REACHABLE;
720
721 strict |= flags & RT6_LOOKUP_F_IFACE;
722
723 relookup:
724 read_lock_bh(&table->tb6_lock);
725
726 restart_2:
727 fn = fib6_lookup(&table->tb6_root, &fl->fl6_dst, &fl->fl6_src);
728
729 restart:
730 rt = rt6_select(fn, oif, strict | reachable);
731
732 BACKTRACK(net, &fl->fl6_src);
733 if (rt == net->ipv6.ip6_null_entry ||
734 rt->rt6i_flags & RTF_CACHE)
735 goto out;
736
737 dst_hold(&rt->dst);
738 read_unlock_bh(&table->tb6_lock);
739
740 if (!rt->rt6i_nexthop && !(rt->rt6i_flags & RTF_NONEXTHOP))
741 nrt = rt6_alloc_cow(rt, &fl->fl6_dst, &fl->fl6_src);
742 else if (!(rt->dst.flags & DST_HOST))
743 nrt = rt6_alloc_clone(rt, &fl->fl6_dst);
744 else
745 goto out2;
746
747 dst_release(&rt->dst);
748 rt = nrt ? : net->ipv6.ip6_null_entry;
749
750 dst_hold(&rt->dst);
751 if (nrt) {
752 err = ip6_ins_rt(nrt);
753 if (!err)
754 goto out2;
755 }
756
757 if (--attempts <= 0)
758 goto out2;
759
760 /*
761 * Race condition! In the gap, when table->tb6_lock was
762 * released someone could insert this route. Relookup.
763 */
764 dst_release(&rt->dst);
765 goto relookup;
766
767 out:
768 if (reachable) {
769 reachable = 0;
770 goto restart_2;
771 }
772 dst_hold(&rt->dst);
773 read_unlock_bh(&table->tb6_lock);
774 out2:
775 rt->dst.lastuse = jiffies;
776 rt->dst.__use++;
777
778 return rt;
779 }
780
781 static struct rt6_info *ip6_pol_route_input(struct net *net, struct fib6_table *table,
782 struct flowi *fl, int flags)
783 {
784 return ip6_pol_route(net, table, fl->iif, fl, flags);
785 }
786
787 void ip6_route_input(struct sk_buff *skb)
788 {
789 struct ipv6hdr *iph = ipv6_hdr(skb);
790 struct net *net = dev_net(skb->dev);
791 int flags = RT6_LOOKUP_F_HAS_SADDR;
792 struct flowi fl = {
793 .iif = skb->dev->ifindex,
794 .fl6_dst = iph->daddr,
795 .fl6_src = iph->saddr,
796 .fl6_flowlabel = (* (__be32 *) iph)&IPV6_FLOWINFO_MASK,
797 .mark = skb->mark,
798 .proto = iph->nexthdr,
799 };
800
801 if (rt6_need_strict(&iph->daddr) && skb->dev->type != ARPHRD_PIMREG)
802 flags |= RT6_LOOKUP_F_IFACE;
803
804 skb_dst_set(skb, fib6_rule_lookup(net, &fl, flags, ip6_pol_route_input));
805 }
806
807 static struct rt6_info *ip6_pol_route_output(struct net *net, struct fib6_table *table,
808 struct flowi *fl, int flags)
809 {
810 return ip6_pol_route(net, table, fl->oif, fl, flags);
811 }
812
813 struct dst_entry * ip6_route_output(struct net *net, struct sock *sk,
814 struct flowi *fl)
815 {
816 int flags = 0;
817
818 if ((sk && sk->sk_bound_dev_if) || rt6_need_strict(&fl->fl6_dst))
819 flags |= RT6_LOOKUP_F_IFACE;
820
821 if (!ipv6_addr_any(&fl->fl6_src))
822 flags |= RT6_LOOKUP_F_HAS_SADDR;
823 else if (sk)
824 flags |= rt6_srcprefs2flags(inet6_sk(sk)->srcprefs);
825
826 return fib6_rule_lookup(net, fl, flags, ip6_pol_route_output);
827 }
828
829 EXPORT_SYMBOL(ip6_route_output);
830
831 int ip6_dst_blackhole(struct sock *sk, struct dst_entry **dstp, struct flowi *fl)
832 {
833 struct rt6_info *ort = (struct rt6_info *) *dstp;
834 struct rt6_info *rt = (struct rt6_info *)
835 dst_alloc(&ip6_dst_blackhole_ops);
836 struct dst_entry *new = NULL;
837
838 if (rt) {
839 new = &rt->dst;
840
841 atomic_set(&new->__refcnt, 1);
842 new->__use = 1;
843 new->input = dst_discard;
844 new->output = dst_discard;
845
846 dst_copy_metrics(new, &ort->dst);
847 new->dev = ort->dst.dev;
848 if (new->dev)
849 dev_hold(new->dev);
850 rt->rt6i_idev = ort->rt6i_idev;
851 if (rt->rt6i_idev)
852 in6_dev_hold(rt->rt6i_idev);
853 rt->rt6i_expires = 0;
854
855 ipv6_addr_copy(&rt->rt6i_gateway, &ort->rt6i_gateway);
856 rt->rt6i_flags = ort->rt6i_flags & ~RTF_EXPIRES;
857 rt->rt6i_metric = 0;
858
859 memcpy(&rt->rt6i_dst, &ort->rt6i_dst, sizeof(struct rt6key));
860 #ifdef CONFIG_IPV6_SUBTREES
861 memcpy(&rt->rt6i_src, &ort->rt6i_src, sizeof(struct rt6key));
862 #endif
863
864 dst_free(new);
865 }
866
867 dst_release(*dstp);
868 *dstp = new;
869 return new ? 0 : -ENOMEM;
870 }
871 EXPORT_SYMBOL_GPL(ip6_dst_blackhole);
872
873 /*
874 * Destination cache support functions
875 */
876
877 static struct dst_entry *ip6_dst_check(struct dst_entry *dst, u32 cookie)
878 {
879 struct rt6_info *rt;
880
881 rt = (struct rt6_info *) dst;
882
883 if (rt->rt6i_node && (rt->rt6i_node->fn_sernum == cookie))
884 return dst;
885
886 return NULL;
887 }
888
889 static struct dst_entry *ip6_negative_advice(struct dst_entry *dst)
890 {
891 struct rt6_info *rt = (struct rt6_info *) dst;
892
893 if (rt) {
894 if (rt->rt6i_flags & RTF_CACHE) {
895 if (rt6_check_expired(rt)) {
896 ip6_del_rt(rt);
897 dst = NULL;
898 }
899 } else {
900 dst_release(dst);
901 dst = NULL;
902 }
903 }
904 return dst;
905 }
906
907 static void ip6_link_failure(struct sk_buff *skb)
908 {
909 struct rt6_info *rt;
910
911 icmpv6_send(skb, ICMPV6_DEST_UNREACH, ICMPV6_ADDR_UNREACH, 0);
912
913 rt = (struct rt6_info *) skb_dst(skb);
914 if (rt) {
915 if (rt->rt6i_flags&RTF_CACHE) {
916 dst_set_expires(&rt->dst, 0);
917 rt->rt6i_flags |= RTF_EXPIRES;
918 } else if (rt->rt6i_node && (rt->rt6i_flags & RTF_DEFAULT))
919 rt->rt6i_node->fn_sernum = -1;
920 }
921 }
922
923 static void ip6_rt_update_pmtu(struct dst_entry *dst, u32 mtu)
924 {
925 struct rt6_info *rt6 = (struct rt6_info*)dst;
926
927 if (mtu < dst_mtu(dst) && rt6->rt6i_dst.plen == 128) {
928 rt6->rt6i_flags |= RTF_MODIFIED;
929 if (mtu < IPV6_MIN_MTU) {
930 u32 features = dst_metric(dst, RTAX_FEATURES);
931 mtu = IPV6_MIN_MTU;
932 features |= RTAX_FEATURE_ALLFRAG;
933 dst_metric_set(dst, RTAX_FEATURES, features);
934 }
935 dst_metric_set(dst, RTAX_MTU, mtu);
936 call_netevent_notifiers(NETEVENT_PMTU_UPDATE, dst);
937 }
938 }
939
940 static unsigned int ip6_default_advmss(const struct dst_entry *dst)
941 {
942 struct net_device *dev = dst->dev;
943 unsigned int mtu = dst_mtu(dst);
944 struct net *net = dev_net(dev);
945
946 mtu -= sizeof(struct ipv6hdr) + sizeof(struct tcphdr);
947
948 if (mtu < net->ipv6.sysctl.ip6_rt_min_advmss)
949 mtu = net->ipv6.sysctl.ip6_rt_min_advmss;
950
951 /*
952 * Maximal non-jumbo IPv6 payload is IPV6_MAXPLEN and
953 * corresponding MSS is IPV6_MAXPLEN - tcp_header_size.
954 * IPV6_MAXPLEN is also valid and means: "any MSS,
955 * rely only on pmtu discovery"
956 */
957 if (mtu > IPV6_MAXPLEN - sizeof(struct tcphdr))
958 mtu = IPV6_MAXPLEN;
959 return mtu;
960 }
961
962 static unsigned int ip6_default_mtu(const struct dst_entry *dst)
963 {
964 unsigned int mtu = IPV6_MIN_MTU;
965 struct inet6_dev *idev;
966
967 rcu_read_lock();
968 idev = __in6_dev_get(dst->dev);
969 if (idev)
970 mtu = idev->cnf.mtu6;
971 rcu_read_unlock();
972
973 return mtu;
974 }
975
976 static struct dst_entry *icmp6_dst_gc_list;
977 static DEFINE_SPINLOCK(icmp6_dst_lock);
978
979 struct dst_entry *icmp6_dst_alloc(struct net_device *dev,
980 struct neighbour *neigh,
981 const struct in6_addr *addr)
982 {
983 struct rt6_info *rt;
984 struct inet6_dev *idev = in6_dev_get(dev);
985 struct net *net = dev_net(dev);
986
987 if (unlikely(idev == NULL))
988 return NULL;
989
990 rt = ip6_dst_alloc(&net->ipv6.ip6_dst_ops);
991 if (unlikely(rt == NULL)) {
992 in6_dev_put(idev);
993 goto out;
994 }
995
996 dev_hold(dev);
997 if (neigh)
998 neigh_hold(neigh);
999 else {
1000 neigh = ndisc_get_neigh(dev, addr);
1001 if (IS_ERR(neigh))
1002 neigh = NULL;
1003 }
1004
1005 rt->rt6i_dev = dev;
1006 rt->rt6i_idev = idev;
1007 rt->rt6i_nexthop = neigh;
1008 atomic_set(&rt->dst.__refcnt, 1);
1009 dst_metric_set(&rt->dst, RTAX_HOPLIMIT, 255);
1010 rt->dst.output = ip6_output;
1011
1012 #if 0 /* there's no chance to use these for ndisc */
1013 rt->dst.flags = ipv6_addr_type(addr) & IPV6_ADDR_UNICAST
1014 ? DST_HOST
1015 : 0;
1016 ipv6_addr_copy(&rt->rt6i_dst.addr, addr);
1017 rt->rt6i_dst.plen = 128;
1018 #endif
1019
1020 spin_lock_bh(&icmp6_dst_lock);
1021 rt->dst.next = icmp6_dst_gc_list;
1022 icmp6_dst_gc_list = &rt->dst;
1023 spin_unlock_bh(&icmp6_dst_lock);
1024
1025 fib6_force_start_gc(net);
1026
1027 out:
1028 return &rt->dst;
1029 }
1030
1031 int icmp6_dst_gc(void)
1032 {
1033 struct dst_entry *dst, *next, **pprev;
1034 int more = 0;
1035
1036 next = NULL;
1037
1038 spin_lock_bh(&icmp6_dst_lock);
1039 pprev = &icmp6_dst_gc_list;
1040
1041 while ((dst = *pprev) != NULL) {
1042 if (!atomic_read(&dst->__refcnt)) {
1043 *pprev = dst->next;
1044 dst_free(dst);
1045 } else {
1046 pprev = &dst->next;
1047 ++more;
1048 }
1049 }
1050
1051 spin_unlock_bh(&icmp6_dst_lock);
1052
1053 return more;
1054 }
1055
1056 static void icmp6_clean_all(int (*func)(struct rt6_info *rt, void *arg),
1057 void *arg)
1058 {
1059 struct dst_entry *dst, **pprev;
1060
1061 spin_lock_bh(&icmp6_dst_lock);
1062 pprev = &icmp6_dst_gc_list;
1063 while ((dst = *pprev) != NULL) {
1064 struct rt6_info *rt = (struct rt6_info *) dst;
1065 if (func(rt, arg)) {
1066 *pprev = dst->next;
1067 dst_free(dst);
1068 } else {
1069 pprev = &dst->next;
1070 }
1071 }
1072 spin_unlock_bh(&icmp6_dst_lock);
1073 }
1074
1075 static int ip6_dst_gc(struct dst_ops *ops)
1076 {
1077 unsigned long now = jiffies;
1078 struct net *net = container_of(ops, struct net, ipv6.ip6_dst_ops);
1079 int rt_min_interval = net->ipv6.sysctl.ip6_rt_gc_min_interval;
1080 int rt_max_size = net->ipv6.sysctl.ip6_rt_max_size;
1081 int rt_elasticity = net->ipv6.sysctl.ip6_rt_gc_elasticity;
1082 int rt_gc_timeout = net->ipv6.sysctl.ip6_rt_gc_timeout;
1083 unsigned long rt_last_gc = net->ipv6.ip6_rt_last_gc;
1084 int entries;
1085
1086 entries = dst_entries_get_fast(ops);
1087 if (time_after(rt_last_gc + rt_min_interval, now) &&
1088 entries <= rt_max_size)
1089 goto out;
1090
1091 net->ipv6.ip6_rt_gc_expire++;
1092 fib6_run_gc(net->ipv6.ip6_rt_gc_expire, net);
1093 net->ipv6.ip6_rt_last_gc = now;
1094 entries = dst_entries_get_slow(ops);
1095 if (entries < ops->gc_thresh)
1096 net->ipv6.ip6_rt_gc_expire = rt_gc_timeout>>1;
1097 out:
1098 net->ipv6.ip6_rt_gc_expire -= net->ipv6.ip6_rt_gc_expire>>rt_elasticity;
1099 return entries > rt_max_size;
1100 }
1101
1102 /* Clean host part of a prefix. Not necessary in radix tree,
1103 but results in cleaner routing tables.
1104
1105 Remove it only when all the things will work!
1106 */
1107
1108 int ip6_dst_hoplimit(struct dst_entry *dst)
1109 {
1110 int hoplimit = dst_metric_raw(dst, RTAX_HOPLIMIT);
1111 if (hoplimit == 0) {
1112 struct net_device *dev = dst->dev;
1113 struct inet6_dev *idev;
1114
1115 rcu_read_lock();
1116 idev = __in6_dev_get(dev);
1117 if (idev)
1118 hoplimit = idev->cnf.hop_limit;
1119 else
1120 hoplimit = dev_net(dev)->ipv6.devconf_all->hop_limit;
1121 rcu_read_unlock();
1122 }
1123 return hoplimit;
1124 }
1125 EXPORT_SYMBOL(ip6_dst_hoplimit);
1126
1127 /*
1128 *
1129 */
1130
1131 int ip6_route_add(struct fib6_config *cfg)
1132 {
1133 int err;
1134 struct net *net = cfg->fc_nlinfo.nl_net;
1135 struct rt6_info *rt = NULL;
1136 struct net_device *dev = NULL;
1137 struct inet6_dev *idev = NULL;
1138 struct fib6_table *table;
1139 int addr_type;
1140
1141 if (cfg->fc_dst_len > 128 || cfg->fc_src_len > 128)
1142 return -EINVAL;
1143 #ifndef CONFIG_IPV6_SUBTREES
1144 if (cfg->fc_src_len)
1145 return -EINVAL;
1146 #endif
1147 if (cfg->fc_ifindex) {
1148 err = -ENODEV;
1149 dev = dev_get_by_index(net, cfg->fc_ifindex);
1150 if (!dev)
1151 goto out;
1152 idev = in6_dev_get(dev);
1153 if (!idev)
1154 goto out;
1155 }
1156
1157 if (cfg->fc_metric == 0)
1158 cfg->fc_metric = IP6_RT_PRIO_USER;
1159
1160 table = fib6_new_table(net, cfg->fc_table);
1161 if (table == NULL) {
1162 err = -ENOBUFS;
1163 goto out;
1164 }
1165
1166 rt = ip6_dst_alloc(&net->ipv6.ip6_dst_ops);
1167
1168 if (rt == NULL) {
1169 err = -ENOMEM;
1170 goto out;
1171 }
1172
1173 rt->dst.obsolete = -1;
1174 rt->rt6i_expires = (cfg->fc_flags & RTF_EXPIRES) ?
1175 jiffies + clock_t_to_jiffies(cfg->fc_expires) :
1176 0;
1177
1178 if (cfg->fc_protocol == RTPROT_UNSPEC)
1179 cfg->fc_protocol = RTPROT_BOOT;
1180 rt->rt6i_protocol = cfg->fc_protocol;
1181
1182 addr_type = ipv6_addr_type(&cfg->fc_dst);
1183
1184 if (addr_type & IPV6_ADDR_MULTICAST)
1185 rt->dst.input = ip6_mc_input;
1186 else if (cfg->fc_flags & RTF_LOCAL)
1187 rt->dst.input = ip6_input;
1188 else
1189 rt->dst.input = ip6_forward;
1190
1191 rt->dst.output = ip6_output;
1192
1193 ipv6_addr_prefix(&rt->rt6i_dst.addr, &cfg->fc_dst, cfg->fc_dst_len);
1194 rt->rt6i_dst.plen = cfg->fc_dst_len;
1195 if (rt->rt6i_dst.plen == 128)
1196 rt->dst.flags = DST_HOST;
1197
1198 #ifdef CONFIG_IPV6_SUBTREES
1199 ipv6_addr_prefix(&rt->rt6i_src.addr, &cfg->fc_src, cfg->fc_src_len);
1200 rt->rt6i_src.plen = cfg->fc_src_len;
1201 #endif
1202
1203 rt->rt6i_metric = cfg->fc_metric;
1204
1205 /* We cannot add true routes via loopback here,
1206 they would result in kernel looping; promote them to reject routes
1207 */
1208 if ((cfg->fc_flags & RTF_REJECT) ||
1209 (dev && (dev->flags&IFF_LOOPBACK) && !(addr_type&IPV6_ADDR_LOOPBACK)
1210 && !(cfg->fc_flags&RTF_LOCAL))) {
1211 /* hold loopback dev/idev if we haven't done so. */
1212 if (dev != net->loopback_dev) {
1213 if (dev) {
1214 dev_put(dev);
1215 in6_dev_put(idev);
1216 }
1217 dev = net->loopback_dev;
1218 dev_hold(dev);
1219 idev = in6_dev_get(dev);
1220 if (!idev) {
1221 err = -ENODEV;
1222 goto out;
1223 }
1224 }
1225 rt->dst.output = ip6_pkt_discard_out;
1226 rt->dst.input = ip6_pkt_discard;
1227 rt->dst.error = -ENETUNREACH;
1228 rt->rt6i_flags = RTF_REJECT|RTF_NONEXTHOP;
1229 goto install_route;
1230 }
1231
1232 if (cfg->fc_flags & RTF_GATEWAY) {
1233 struct in6_addr *gw_addr;
1234 int gwa_type;
1235
1236 gw_addr = &cfg->fc_gateway;
1237 ipv6_addr_copy(&rt->rt6i_gateway, gw_addr);
1238 gwa_type = ipv6_addr_type(gw_addr);
1239
1240 if (gwa_type != (IPV6_ADDR_LINKLOCAL|IPV6_ADDR_UNICAST)) {
1241 struct rt6_info *grt;
1242
1243 /* IPv6 strictly inhibits using not link-local
1244 addresses as nexthop address.
1245 Otherwise, router will not able to send redirects.
1246 It is very good, but in some (rare!) circumstances
1247 (SIT, PtP, NBMA NOARP links) it is handy to allow
1248 some exceptions. --ANK
1249 */
1250 err = -EINVAL;
1251 if (!(gwa_type&IPV6_ADDR_UNICAST))
1252 goto out;
1253
1254 grt = rt6_lookup(net, gw_addr, NULL, cfg->fc_ifindex, 1);
1255
1256 err = -EHOSTUNREACH;
1257 if (grt == NULL)
1258 goto out;
1259 if (dev) {
1260 if (dev != grt->rt6i_dev) {
1261 dst_release(&grt->dst);
1262 goto out;
1263 }
1264 } else {
1265 dev = grt->rt6i_dev;
1266 idev = grt->rt6i_idev;
1267 dev_hold(dev);
1268 in6_dev_hold(grt->rt6i_idev);
1269 }
1270 if (!(grt->rt6i_flags&RTF_GATEWAY))
1271 err = 0;
1272 dst_release(&grt->dst);
1273
1274 if (err)
1275 goto out;
1276 }
1277 err = -EINVAL;
1278 if (dev == NULL || (dev->flags&IFF_LOOPBACK))
1279 goto out;
1280 }
1281
1282 err = -ENODEV;
1283 if (dev == NULL)
1284 goto out;
1285
1286 if (cfg->fc_flags & (RTF_GATEWAY | RTF_NONEXTHOP)) {
1287 rt->rt6i_nexthop = __neigh_lookup_errno(&nd_tbl, &rt->rt6i_gateway, dev);
1288 if (IS_ERR(rt->rt6i_nexthop)) {
1289 err = PTR_ERR(rt->rt6i_nexthop);
1290 rt->rt6i_nexthop = NULL;
1291 goto out;
1292 }
1293 }
1294
1295 rt->rt6i_flags = cfg->fc_flags;
1296
1297 install_route:
1298 if (cfg->fc_mx) {
1299 struct nlattr *nla;
1300 int remaining;
1301
1302 nla_for_each_attr(nla, cfg->fc_mx, cfg->fc_mx_len, remaining) {
1303 int type = nla_type(nla);
1304
1305 if (type) {
1306 if (type > RTAX_MAX) {
1307 err = -EINVAL;
1308 goto out;
1309 }
1310
1311 dst_metric_set(&rt->dst, type, nla_get_u32(nla));
1312 }
1313 }
1314 }
1315
1316 rt->dst.dev = dev;
1317 rt->rt6i_idev = idev;
1318 rt->rt6i_table = table;
1319
1320 cfg->fc_nlinfo.nl_net = dev_net(dev);
1321
1322 return __ip6_ins_rt(rt, &cfg->fc_nlinfo);
1323
1324 out:
1325 if (dev)
1326 dev_put(dev);
1327 if (idev)
1328 in6_dev_put(idev);
1329 if (rt)
1330 dst_free(&rt->dst);
1331 return err;
1332 }
1333
1334 static int __ip6_del_rt(struct rt6_info *rt, struct nl_info *info)
1335 {
1336 int err;
1337 struct fib6_table *table;
1338 struct net *net = dev_net(rt->rt6i_dev);
1339
1340 if (rt == net->ipv6.ip6_null_entry)
1341 return -ENOENT;
1342
1343 table = rt->rt6i_table;
1344 write_lock_bh(&table->tb6_lock);
1345
1346 err = fib6_del(rt, info);
1347 dst_release(&rt->dst);
1348
1349 write_unlock_bh(&table->tb6_lock);
1350
1351 return err;
1352 }
1353
1354 int ip6_del_rt(struct rt6_info *rt)
1355 {
1356 struct nl_info info = {
1357 .nl_net = dev_net(rt->rt6i_dev),
1358 };
1359 return __ip6_del_rt(rt, &info);
1360 }
1361
1362 static int ip6_route_del(struct fib6_config *cfg)
1363 {
1364 struct fib6_table *table;
1365 struct fib6_node *fn;
1366 struct rt6_info *rt;
1367 int err = -ESRCH;
1368
1369 table = fib6_get_table(cfg->fc_nlinfo.nl_net, cfg->fc_table);
1370 if (table == NULL)
1371 return err;
1372
1373 read_lock_bh(&table->tb6_lock);
1374
1375 fn = fib6_locate(&table->tb6_root,
1376 &cfg->fc_dst, cfg->fc_dst_len,
1377 &cfg->fc_src, cfg->fc_src_len);
1378
1379 if (fn) {
1380 for (rt = fn->leaf; rt; rt = rt->dst.rt6_next) {
1381 if (cfg->fc_ifindex &&
1382 (rt->rt6i_dev == NULL ||
1383 rt->rt6i_dev->ifindex != cfg->fc_ifindex))
1384 continue;
1385 if (cfg->fc_flags & RTF_GATEWAY &&
1386 !ipv6_addr_equal(&cfg->fc_gateway, &rt->rt6i_gateway))
1387 continue;
1388 if (cfg->fc_metric && cfg->fc_metric != rt->rt6i_metric)
1389 continue;
1390 dst_hold(&rt->dst);
1391 read_unlock_bh(&table->tb6_lock);
1392
1393 return __ip6_del_rt(rt, &cfg->fc_nlinfo);
1394 }
1395 }
1396 read_unlock_bh(&table->tb6_lock);
1397
1398 return err;
1399 }
1400
1401 /*
1402 * Handle redirects
1403 */
1404 struct ip6rd_flowi {
1405 struct flowi fl;
1406 struct in6_addr gateway;
1407 };
1408
1409 static struct rt6_info *__ip6_route_redirect(struct net *net,
1410 struct fib6_table *table,
1411 struct flowi *fl,
1412 int flags)
1413 {
1414 struct ip6rd_flowi *rdfl = (struct ip6rd_flowi *)fl;
1415 struct rt6_info *rt;
1416 struct fib6_node *fn;
1417
1418 /*
1419 * Get the "current" route for this destination and
1420 * check if the redirect has come from approriate router.
1421 *
1422 * RFC 2461 specifies that redirects should only be
1423 * accepted if they come from the nexthop to the target.
1424 * Due to the way the routes are chosen, this notion
1425 * is a bit fuzzy and one might need to check all possible
1426 * routes.
1427 */
1428
1429 read_lock_bh(&table->tb6_lock);
1430 fn = fib6_lookup(&table->tb6_root, &fl->fl6_dst, &fl->fl6_src);
1431 restart:
1432 for (rt = fn->leaf; rt; rt = rt->dst.rt6_next) {
1433 /*
1434 * Current route is on-link; redirect is always invalid.
1435 *
1436 * Seems, previous statement is not true. It could
1437 * be node, which looks for us as on-link (f.e. proxy ndisc)
1438 * But then router serving it might decide, that we should
1439 * know truth 8)8) --ANK (980726).
1440 */
1441 if (rt6_check_expired(rt))
1442 continue;
1443 if (!(rt->rt6i_flags & RTF_GATEWAY))
1444 continue;
1445 if (fl->oif != rt->rt6i_dev->ifindex)
1446 continue;
1447 if (!ipv6_addr_equal(&rdfl->gateway, &rt->rt6i_gateway))
1448 continue;
1449 break;
1450 }
1451
1452 if (!rt)
1453 rt = net->ipv6.ip6_null_entry;
1454 BACKTRACK(net, &fl->fl6_src);
1455 out:
1456 dst_hold(&rt->dst);
1457
1458 read_unlock_bh(&table->tb6_lock);
1459
1460 return rt;
1461 };
1462
1463 static struct rt6_info *ip6_route_redirect(struct in6_addr *dest,
1464 struct in6_addr *src,
1465 struct in6_addr *gateway,
1466 struct net_device *dev)
1467 {
1468 int flags = RT6_LOOKUP_F_HAS_SADDR;
1469 struct net *net = dev_net(dev);
1470 struct ip6rd_flowi rdfl = {
1471 .fl = {
1472 .oif = dev->ifindex,
1473 .fl6_dst = *dest,
1474 .fl6_src = *src,
1475 },
1476 };
1477
1478 ipv6_addr_copy(&rdfl.gateway, gateway);
1479
1480 if (rt6_need_strict(dest))
1481 flags |= RT6_LOOKUP_F_IFACE;
1482
1483 return (struct rt6_info *)fib6_rule_lookup(net, (struct flowi *)&rdfl,
1484 flags, __ip6_route_redirect);
1485 }
1486
1487 void rt6_redirect(struct in6_addr *dest, struct in6_addr *src,
1488 struct in6_addr *saddr,
1489 struct neighbour *neigh, u8 *lladdr, int on_link)
1490 {
1491 struct rt6_info *rt, *nrt = NULL;
1492 struct netevent_redirect netevent;
1493 struct net *net = dev_net(neigh->dev);
1494
1495 rt = ip6_route_redirect(dest, src, saddr, neigh->dev);
1496
1497 if (rt == net->ipv6.ip6_null_entry) {
1498 if (net_ratelimit())
1499 printk(KERN_DEBUG "rt6_redirect: source isn't a valid nexthop "
1500 "for redirect target\n");
1501 goto out;
1502 }
1503
1504 /*
1505 * We have finally decided to accept it.
1506 */
1507
1508 neigh_update(neigh, lladdr, NUD_STALE,
1509 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1510 NEIGH_UPDATE_F_OVERRIDE|
1511 (on_link ? 0 : (NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1512 NEIGH_UPDATE_F_ISROUTER))
1513 );
1514
1515 /*
1516 * Redirect received -> path was valid.
1517 * Look, redirects are sent only in response to data packets,
1518 * so that this nexthop apparently is reachable. --ANK
1519 */
1520 dst_confirm(&rt->dst);
1521
1522 /* Duplicate redirect: silently ignore. */
1523 if (neigh == rt->dst.neighbour)
1524 goto out;
1525
1526 nrt = ip6_rt_copy(rt);
1527 if (nrt == NULL)
1528 goto out;
1529
1530 nrt->rt6i_flags = RTF_GATEWAY|RTF_UP|RTF_DYNAMIC|RTF_CACHE;
1531 if (on_link)
1532 nrt->rt6i_flags &= ~RTF_GATEWAY;
1533
1534 ipv6_addr_copy(&nrt->rt6i_dst.addr, dest);
1535 nrt->rt6i_dst.plen = 128;
1536 nrt->dst.flags |= DST_HOST;
1537
1538 ipv6_addr_copy(&nrt->rt6i_gateway, (struct in6_addr*)neigh->primary_key);
1539 nrt->rt6i_nexthop = neigh_clone(neigh);
1540
1541 if (ip6_ins_rt(nrt))
1542 goto out;
1543
1544 netevent.old = &rt->dst;
1545 netevent.new = &nrt->dst;
1546 call_netevent_notifiers(NETEVENT_REDIRECT, &netevent);
1547
1548 if (rt->rt6i_flags&RTF_CACHE) {
1549 ip6_del_rt(rt);
1550 return;
1551 }
1552
1553 out:
1554 dst_release(&rt->dst);
1555 }
1556
1557 /*
1558 * Handle ICMP "packet too big" messages
1559 * i.e. Path MTU discovery
1560 */
1561
1562 static void rt6_do_pmtu_disc(struct in6_addr *daddr, struct in6_addr *saddr,
1563 struct net *net, u32 pmtu, int ifindex)
1564 {
1565 struct rt6_info *rt, *nrt;
1566 int allfrag = 0;
1567 again:
1568 rt = rt6_lookup(net, daddr, saddr, ifindex, 0);
1569 if (rt == NULL)
1570 return;
1571
1572 if (rt6_check_expired(rt)) {
1573 ip6_del_rt(rt);
1574 goto again;
1575 }
1576
1577 if (pmtu >= dst_mtu(&rt->dst))
1578 goto out;
1579
1580 if (pmtu < IPV6_MIN_MTU) {
1581 /*
1582 * According to RFC2460, PMTU is set to the IPv6 Minimum Link
1583 * MTU (1280) and a fragment header should always be included
1584 * after a node receiving Too Big message reporting PMTU is
1585 * less than the IPv6 Minimum Link MTU.
1586 */
1587 pmtu = IPV6_MIN_MTU;
1588 allfrag = 1;
1589 }
1590
1591 /* New mtu received -> path was valid.
1592 They are sent only in response to data packets,
1593 so that this nexthop apparently is reachable. --ANK
1594 */
1595 dst_confirm(&rt->dst);
1596
1597 /* Host route. If it is static, it would be better
1598 not to override it, but add new one, so that
1599 when cache entry will expire old pmtu
1600 would return automatically.
1601 */
1602 if (rt->rt6i_flags & RTF_CACHE) {
1603 dst_metric_set(&rt->dst, RTAX_MTU, pmtu);
1604 if (allfrag) {
1605 u32 features = dst_metric(&rt->dst, RTAX_FEATURES);
1606 features |= RTAX_FEATURE_ALLFRAG;
1607 dst_metric_set(&rt->dst, RTAX_FEATURES, features);
1608 }
1609 dst_set_expires(&rt->dst, net->ipv6.sysctl.ip6_rt_mtu_expires);
1610 rt->rt6i_flags |= RTF_MODIFIED|RTF_EXPIRES;
1611 goto out;
1612 }
1613
1614 /* Network route.
1615 Two cases are possible:
1616 1. It is connected route. Action: COW
1617 2. It is gatewayed route or NONEXTHOP route. Action: clone it.
1618 */
1619 if (!rt->rt6i_nexthop && !(rt->rt6i_flags & RTF_NONEXTHOP))
1620 nrt = rt6_alloc_cow(rt, daddr, saddr);
1621 else
1622 nrt = rt6_alloc_clone(rt, daddr);
1623
1624 if (nrt) {
1625 dst_metric_set(&nrt->dst, RTAX_MTU, pmtu);
1626 if (allfrag) {
1627 u32 features = dst_metric(&nrt->dst, RTAX_FEATURES);
1628 features |= RTAX_FEATURE_ALLFRAG;
1629 dst_metric_set(&nrt->dst, RTAX_FEATURES, features);
1630 }
1631
1632 /* According to RFC 1981, detecting PMTU increase shouldn't be
1633 * happened within 5 mins, the recommended timer is 10 mins.
1634 * Here this route expiration time is set to ip6_rt_mtu_expires
1635 * which is 10 mins. After 10 mins the decreased pmtu is expired
1636 * and detecting PMTU increase will be automatically happened.
1637 */
1638 dst_set_expires(&nrt->dst, net->ipv6.sysctl.ip6_rt_mtu_expires);
1639 nrt->rt6i_flags |= RTF_DYNAMIC|RTF_EXPIRES;
1640
1641 ip6_ins_rt(nrt);
1642 }
1643 out:
1644 dst_release(&rt->dst);
1645 }
1646
1647 void rt6_pmtu_discovery(struct in6_addr *daddr, struct in6_addr *saddr,
1648 struct net_device *dev, u32 pmtu)
1649 {
1650 struct net *net = dev_net(dev);
1651
1652 /*
1653 * RFC 1981 states that a node "MUST reduce the size of the packets it
1654 * is sending along the path" that caused the Packet Too Big message.
1655 * Since it's not possible in the general case to determine which
1656 * interface was used to send the original packet, we update the MTU
1657 * on the interface that will be used to send future packets. We also
1658 * update the MTU on the interface that received the Packet Too Big in
1659 * case the original packet was forced out that interface with
1660 * SO_BINDTODEVICE or similar. This is the next best thing to the
1661 * correct behaviour, which would be to update the MTU on all
1662 * interfaces.
1663 */
1664 rt6_do_pmtu_disc(daddr, saddr, net, pmtu, 0);
1665 rt6_do_pmtu_disc(daddr, saddr, net, pmtu, dev->ifindex);
1666 }
1667
1668 /*
1669 * Misc support functions
1670 */
1671
1672 static struct rt6_info * ip6_rt_copy(struct rt6_info *ort)
1673 {
1674 struct net *net = dev_net(ort->rt6i_dev);
1675 struct rt6_info *rt = ip6_dst_alloc(&net->ipv6.ip6_dst_ops);
1676
1677 if (rt) {
1678 rt->dst.input = ort->dst.input;
1679 rt->dst.output = ort->dst.output;
1680
1681 dst_copy_metrics(&rt->dst, &ort->dst);
1682 rt->dst.error = ort->dst.error;
1683 rt->dst.dev = ort->dst.dev;
1684 if (rt->dst.dev)
1685 dev_hold(rt->dst.dev);
1686 rt->rt6i_idev = ort->rt6i_idev;
1687 if (rt->rt6i_idev)
1688 in6_dev_hold(rt->rt6i_idev);
1689 rt->dst.lastuse = jiffies;
1690 rt->rt6i_expires = 0;
1691
1692 ipv6_addr_copy(&rt->rt6i_gateway, &ort->rt6i_gateway);
1693 rt->rt6i_flags = ort->rt6i_flags & ~RTF_EXPIRES;
1694 rt->rt6i_metric = 0;
1695
1696 memcpy(&rt->rt6i_dst, &ort->rt6i_dst, sizeof(struct rt6key));
1697 #ifdef CONFIG_IPV6_SUBTREES
1698 memcpy(&rt->rt6i_src, &ort->rt6i_src, sizeof(struct rt6key));
1699 #endif
1700 rt->rt6i_table = ort->rt6i_table;
1701 }
1702 return rt;
1703 }
1704
1705 #ifdef CONFIG_IPV6_ROUTE_INFO
1706 static struct rt6_info *rt6_get_route_info(struct net *net,
1707 struct in6_addr *prefix, int prefixlen,
1708 struct in6_addr *gwaddr, int ifindex)
1709 {
1710 struct fib6_node *fn;
1711 struct rt6_info *rt = NULL;
1712 struct fib6_table *table;
1713
1714 table = fib6_get_table(net, RT6_TABLE_INFO);
1715 if (table == NULL)
1716 return NULL;
1717
1718 write_lock_bh(&table->tb6_lock);
1719 fn = fib6_locate(&table->tb6_root, prefix ,prefixlen, NULL, 0);
1720 if (!fn)
1721 goto out;
1722
1723 for (rt = fn->leaf; rt; rt = rt->dst.rt6_next) {
1724 if (rt->rt6i_dev->ifindex != ifindex)
1725 continue;
1726 if ((rt->rt6i_flags & (RTF_ROUTEINFO|RTF_GATEWAY)) != (RTF_ROUTEINFO|RTF_GATEWAY))
1727 continue;
1728 if (!ipv6_addr_equal(&rt->rt6i_gateway, gwaddr))
1729 continue;
1730 dst_hold(&rt->dst);
1731 break;
1732 }
1733 out:
1734 write_unlock_bh(&table->tb6_lock);
1735 return rt;
1736 }
1737
1738 static struct rt6_info *rt6_add_route_info(struct net *net,
1739 struct in6_addr *prefix, int prefixlen,
1740 struct in6_addr *gwaddr, int ifindex,
1741 unsigned pref)
1742 {
1743 struct fib6_config cfg = {
1744 .fc_table = RT6_TABLE_INFO,
1745 .fc_metric = IP6_RT_PRIO_USER,
1746 .fc_ifindex = ifindex,
1747 .fc_dst_len = prefixlen,
1748 .fc_flags = RTF_GATEWAY | RTF_ADDRCONF | RTF_ROUTEINFO |
1749 RTF_UP | RTF_PREF(pref),
1750 .fc_nlinfo.pid = 0,
1751 .fc_nlinfo.nlh = NULL,
1752 .fc_nlinfo.nl_net = net,
1753 };
1754
1755 ipv6_addr_copy(&cfg.fc_dst, prefix);
1756 ipv6_addr_copy(&cfg.fc_gateway, gwaddr);
1757
1758 /* We should treat it as a default route if prefix length is 0. */
1759 if (!prefixlen)
1760 cfg.fc_flags |= RTF_DEFAULT;
1761
1762 ip6_route_add(&cfg);
1763
1764 return rt6_get_route_info(net, prefix, prefixlen, gwaddr, ifindex);
1765 }
1766 #endif
1767
1768 struct rt6_info *rt6_get_dflt_router(struct in6_addr *addr, struct net_device *dev)
1769 {
1770 struct rt6_info *rt;
1771 struct fib6_table *table;
1772
1773 table = fib6_get_table(dev_net(dev), RT6_TABLE_DFLT);
1774 if (table == NULL)
1775 return NULL;
1776
1777 write_lock_bh(&table->tb6_lock);
1778 for (rt = table->tb6_root.leaf; rt; rt=rt->dst.rt6_next) {
1779 if (dev == rt->rt6i_dev &&
1780 ((rt->rt6i_flags & (RTF_ADDRCONF | RTF_DEFAULT)) == (RTF_ADDRCONF | RTF_DEFAULT)) &&
1781 ipv6_addr_equal(&rt->rt6i_gateway, addr))
1782 break;
1783 }
1784 if (rt)
1785 dst_hold(&rt->dst);
1786 write_unlock_bh(&table->tb6_lock);
1787 return rt;
1788 }
1789
1790 struct rt6_info *rt6_add_dflt_router(struct in6_addr *gwaddr,
1791 struct net_device *dev,
1792 unsigned int pref)
1793 {
1794 struct fib6_config cfg = {
1795 .fc_table = RT6_TABLE_DFLT,
1796 .fc_metric = IP6_RT_PRIO_USER,
1797 .fc_ifindex = dev->ifindex,
1798 .fc_flags = RTF_GATEWAY | RTF_ADDRCONF | RTF_DEFAULT |
1799 RTF_UP | RTF_EXPIRES | RTF_PREF(pref),
1800 .fc_nlinfo.pid = 0,
1801 .fc_nlinfo.nlh = NULL,
1802 .fc_nlinfo.nl_net = dev_net(dev),
1803 };
1804
1805 ipv6_addr_copy(&cfg.fc_gateway, gwaddr);
1806
1807 ip6_route_add(&cfg);
1808
1809 return rt6_get_dflt_router(gwaddr, dev);
1810 }
1811
1812 void rt6_purge_dflt_routers(struct net *net)
1813 {
1814 struct rt6_info *rt;
1815 struct fib6_table *table;
1816
1817 /* NOTE: Keep consistent with rt6_get_dflt_router */
1818 table = fib6_get_table(net, RT6_TABLE_DFLT);
1819 if (table == NULL)
1820 return;
1821
1822 restart:
1823 read_lock_bh(&table->tb6_lock);
1824 for (rt = table->tb6_root.leaf; rt; rt = rt->dst.rt6_next) {
1825 if (rt->rt6i_flags & (RTF_DEFAULT | RTF_ADDRCONF)) {
1826 dst_hold(&rt->dst);
1827 read_unlock_bh(&table->tb6_lock);
1828 ip6_del_rt(rt);
1829 goto restart;
1830 }
1831 }
1832 read_unlock_bh(&table->tb6_lock);
1833 }
1834
1835 static void rtmsg_to_fib6_config(struct net *net,
1836 struct in6_rtmsg *rtmsg,
1837 struct fib6_config *cfg)
1838 {
1839 memset(cfg, 0, sizeof(*cfg));
1840
1841 cfg->fc_table = RT6_TABLE_MAIN;
1842 cfg->fc_ifindex = rtmsg->rtmsg_ifindex;
1843 cfg->fc_metric = rtmsg->rtmsg_metric;
1844 cfg->fc_expires = rtmsg->rtmsg_info;
1845 cfg->fc_dst_len = rtmsg->rtmsg_dst_len;
1846 cfg->fc_src_len = rtmsg->rtmsg_src_len;
1847 cfg->fc_flags = rtmsg->rtmsg_flags;
1848
1849 cfg->fc_nlinfo.nl_net = net;
1850
1851 ipv6_addr_copy(&cfg->fc_dst, &rtmsg->rtmsg_dst);
1852 ipv6_addr_copy(&cfg->fc_src, &rtmsg->rtmsg_src);
1853 ipv6_addr_copy(&cfg->fc_gateway, &rtmsg->rtmsg_gateway);
1854 }
1855
1856 int ipv6_route_ioctl(struct net *net, unsigned int cmd, void __user *arg)
1857 {
1858 struct fib6_config cfg;
1859 struct in6_rtmsg rtmsg;
1860 int err;
1861
1862 switch(cmd) {
1863 case SIOCADDRT: /* Add a route */
1864 case SIOCDELRT: /* Delete a route */
1865 if (!capable(CAP_NET_ADMIN))
1866 return -EPERM;
1867 err = copy_from_user(&rtmsg, arg,
1868 sizeof(struct in6_rtmsg));
1869 if (err)
1870 return -EFAULT;
1871
1872 rtmsg_to_fib6_config(net, &rtmsg, &cfg);
1873
1874 rtnl_lock();
1875 switch (cmd) {
1876 case SIOCADDRT:
1877 err = ip6_route_add(&cfg);
1878 break;
1879 case SIOCDELRT:
1880 err = ip6_route_del(&cfg);
1881 break;
1882 default:
1883 err = -EINVAL;
1884 }
1885 rtnl_unlock();
1886
1887 return err;
1888 }
1889
1890 return -EINVAL;
1891 }
1892
1893 /*
1894 * Drop the packet on the floor
1895 */
1896
1897 static int ip6_pkt_drop(struct sk_buff *skb, u8 code, int ipstats_mib_noroutes)
1898 {
1899 int type;
1900 struct dst_entry *dst = skb_dst(skb);
1901 switch (ipstats_mib_noroutes) {
1902 case IPSTATS_MIB_INNOROUTES:
1903 type = ipv6_addr_type(&ipv6_hdr(skb)->daddr);
1904 if (type == IPV6_ADDR_ANY) {
1905 IP6_INC_STATS(dev_net(dst->dev), ip6_dst_idev(dst),
1906 IPSTATS_MIB_INADDRERRORS);
1907 break;
1908 }
1909 /* FALLTHROUGH */
1910 case IPSTATS_MIB_OUTNOROUTES:
1911 IP6_INC_STATS(dev_net(dst->dev), ip6_dst_idev(dst),
1912 ipstats_mib_noroutes);
1913 break;
1914 }
1915 icmpv6_send(skb, ICMPV6_DEST_UNREACH, code, 0);
1916 kfree_skb(skb);
1917 return 0;
1918 }
1919
1920 static int ip6_pkt_discard(struct sk_buff *skb)
1921 {
1922 return ip6_pkt_drop(skb, ICMPV6_NOROUTE, IPSTATS_MIB_INNOROUTES);
1923 }
1924
1925 static int ip6_pkt_discard_out(struct sk_buff *skb)
1926 {
1927 skb->dev = skb_dst(skb)->dev;
1928 return ip6_pkt_drop(skb, ICMPV6_NOROUTE, IPSTATS_MIB_OUTNOROUTES);
1929 }
1930
1931 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
1932
1933 static int ip6_pkt_prohibit(struct sk_buff *skb)
1934 {
1935 return ip6_pkt_drop(skb, ICMPV6_ADM_PROHIBITED, IPSTATS_MIB_INNOROUTES);
1936 }
1937
1938 static int ip6_pkt_prohibit_out(struct sk_buff *skb)
1939 {
1940 skb->dev = skb_dst(skb)->dev;
1941 return ip6_pkt_drop(skb, ICMPV6_ADM_PROHIBITED, IPSTATS_MIB_OUTNOROUTES);
1942 }
1943
1944 #endif
1945
1946 /*
1947 * Allocate a dst for local (unicast / anycast) address.
1948 */
1949
1950 struct rt6_info *addrconf_dst_alloc(struct inet6_dev *idev,
1951 const struct in6_addr *addr,
1952 int anycast)
1953 {
1954 struct net *net = dev_net(idev->dev);
1955 struct rt6_info *rt = ip6_dst_alloc(&net->ipv6.ip6_dst_ops);
1956 struct neighbour *neigh;
1957
1958 if (rt == NULL) {
1959 if (net_ratelimit())
1960 pr_warning("IPv6: Maximum number of routes reached,"
1961 " consider increasing route/max_size.\n");
1962 return ERR_PTR(-ENOMEM);
1963 }
1964
1965 dev_hold(net->loopback_dev);
1966 in6_dev_hold(idev);
1967
1968 rt->dst.flags = DST_HOST;
1969 rt->dst.input = ip6_input;
1970 rt->dst.output = ip6_output;
1971 rt->rt6i_dev = net->loopback_dev;
1972 rt->rt6i_idev = idev;
1973 dst_metric_set(&rt->dst, RTAX_HOPLIMIT, -1);
1974 rt->dst.obsolete = -1;
1975
1976 rt->rt6i_flags = RTF_UP | RTF_NONEXTHOP;
1977 if (anycast)
1978 rt->rt6i_flags |= RTF_ANYCAST;
1979 else
1980 rt->rt6i_flags |= RTF_LOCAL;
1981 neigh = ndisc_get_neigh(rt->rt6i_dev, &rt->rt6i_gateway);
1982 if (IS_ERR(neigh)) {
1983 dst_free(&rt->dst);
1984
1985 /* We are casting this because that is the return
1986 * value type. But an errno encoded pointer is the
1987 * same regardless of the underlying pointer type,
1988 * and that's what we are returning. So this is OK.
1989 */
1990 return (struct rt6_info *) neigh;
1991 }
1992 rt->rt6i_nexthop = neigh;
1993
1994 ipv6_addr_copy(&rt->rt6i_dst.addr, addr);
1995 rt->rt6i_dst.plen = 128;
1996 rt->rt6i_table = fib6_get_table(net, RT6_TABLE_LOCAL);
1997
1998 atomic_set(&rt->dst.__refcnt, 1);
1999
2000 return rt;
2001 }
2002
2003 struct arg_dev_net {
2004 struct net_device *dev;
2005 struct net *net;
2006 };
2007
2008 static int fib6_ifdown(struct rt6_info *rt, void *arg)
2009 {
2010 const struct arg_dev_net *adn = arg;
2011 const struct net_device *dev = adn->dev;
2012
2013 if ((rt->rt6i_dev == dev || dev == NULL) &&
2014 rt != adn->net->ipv6.ip6_null_entry) {
2015 RT6_TRACE("deleted by ifdown %p\n", rt);
2016 return -1;
2017 }
2018 return 0;
2019 }
2020
2021 void rt6_ifdown(struct net *net, struct net_device *dev)
2022 {
2023 struct arg_dev_net adn = {
2024 .dev = dev,
2025 .net = net,
2026 };
2027
2028 fib6_clean_all(net, fib6_ifdown, 0, &adn);
2029 icmp6_clean_all(fib6_ifdown, &adn);
2030 }
2031
2032 struct rt6_mtu_change_arg
2033 {
2034 struct net_device *dev;
2035 unsigned mtu;
2036 };
2037
2038 static int rt6_mtu_change_route(struct rt6_info *rt, void *p_arg)
2039 {
2040 struct rt6_mtu_change_arg *arg = (struct rt6_mtu_change_arg *) p_arg;
2041 struct inet6_dev *idev;
2042
2043 /* In IPv6 pmtu discovery is not optional,
2044 so that RTAX_MTU lock cannot disable it.
2045 We still use this lock to block changes
2046 caused by addrconf/ndisc.
2047 */
2048
2049 idev = __in6_dev_get(arg->dev);
2050 if (idev == NULL)
2051 return 0;
2052
2053 /* For administrative MTU increase, there is no way to discover
2054 IPv6 PMTU increase, so PMTU increase should be updated here.
2055 Since RFC 1981 doesn't include administrative MTU increase
2056 update PMTU increase is a MUST. (i.e. jumbo frame)
2057 */
2058 /*
2059 If new MTU is less than route PMTU, this new MTU will be the
2060 lowest MTU in the path, update the route PMTU to reflect PMTU
2061 decreases; if new MTU is greater than route PMTU, and the
2062 old MTU is the lowest MTU in the path, update the route PMTU
2063 to reflect the increase. In this case if the other nodes' MTU
2064 also have the lowest MTU, TOO BIG MESSAGE will be lead to
2065 PMTU discouvery.
2066 */
2067 if (rt->rt6i_dev == arg->dev &&
2068 !dst_metric_locked(&rt->dst, RTAX_MTU) &&
2069 (dst_mtu(&rt->dst) >= arg->mtu ||
2070 (dst_mtu(&rt->dst) < arg->mtu &&
2071 dst_mtu(&rt->dst) == idev->cnf.mtu6))) {
2072 dst_metric_set(&rt->dst, RTAX_MTU, arg->mtu);
2073 }
2074 return 0;
2075 }
2076
2077 void rt6_mtu_change(struct net_device *dev, unsigned mtu)
2078 {
2079 struct rt6_mtu_change_arg arg = {
2080 .dev = dev,
2081 .mtu = mtu,
2082 };
2083
2084 fib6_clean_all(dev_net(dev), rt6_mtu_change_route, 0, &arg);
2085 }
2086
2087 static const struct nla_policy rtm_ipv6_policy[RTA_MAX+1] = {
2088 [RTA_GATEWAY] = { .len = sizeof(struct in6_addr) },
2089 [RTA_OIF] = { .type = NLA_U32 },
2090 [RTA_IIF] = { .type = NLA_U32 },
2091 [RTA_PRIORITY] = { .type = NLA_U32 },
2092 [RTA_METRICS] = { .type = NLA_NESTED },
2093 };
2094
2095 static int rtm_to_fib6_config(struct sk_buff *skb, struct nlmsghdr *nlh,
2096 struct fib6_config *cfg)
2097 {
2098 struct rtmsg *rtm;
2099 struct nlattr *tb[RTA_MAX+1];
2100 int err;
2101
2102 err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_ipv6_policy);
2103 if (err < 0)
2104 goto errout;
2105
2106 err = -EINVAL;
2107 rtm = nlmsg_data(nlh);
2108 memset(cfg, 0, sizeof(*cfg));
2109
2110 cfg->fc_table = rtm->rtm_table;
2111 cfg->fc_dst_len = rtm->rtm_dst_len;
2112 cfg->fc_src_len = rtm->rtm_src_len;
2113 cfg->fc_flags = RTF_UP;
2114 cfg->fc_protocol = rtm->rtm_protocol;
2115
2116 if (rtm->rtm_type == RTN_UNREACHABLE)
2117 cfg->fc_flags |= RTF_REJECT;
2118
2119 if (rtm->rtm_type == RTN_LOCAL)
2120 cfg->fc_flags |= RTF_LOCAL;
2121
2122 cfg->fc_nlinfo.pid = NETLINK_CB(skb).pid;
2123 cfg->fc_nlinfo.nlh = nlh;
2124 cfg->fc_nlinfo.nl_net = sock_net(skb->sk);
2125
2126 if (tb[RTA_GATEWAY]) {
2127 nla_memcpy(&cfg->fc_gateway, tb[RTA_GATEWAY], 16);
2128 cfg->fc_flags |= RTF_GATEWAY;
2129 }
2130
2131 if (tb[RTA_DST]) {
2132 int plen = (rtm->rtm_dst_len + 7) >> 3;
2133
2134 if (nla_len(tb[RTA_DST]) < plen)
2135 goto errout;
2136
2137 nla_memcpy(&cfg->fc_dst, tb[RTA_DST], plen);
2138 }
2139
2140 if (tb[RTA_SRC]) {
2141 int plen = (rtm->rtm_src_len + 7) >> 3;
2142
2143 if (nla_len(tb[RTA_SRC]) < plen)
2144 goto errout;
2145
2146 nla_memcpy(&cfg->fc_src, tb[RTA_SRC], plen);
2147 }
2148
2149 if (tb[RTA_OIF])
2150 cfg->fc_ifindex = nla_get_u32(tb[RTA_OIF]);
2151
2152 if (tb[RTA_PRIORITY])
2153 cfg->fc_metric = nla_get_u32(tb[RTA_PRIORITY]);
2154
2155 if (tb[RTA_METRICS]) {
2156 cfg->fc_mx = nla_data(tb[RTA_METRICS]);
2157 cfg->fc_mx_len = nla_len(tb[RTA_METRICS]);
2158 }
2159
2160 if (tb[RTA_TABLE])
2161 cfg->fc_table = nla_get_u32(tb[RTA_TABLE]);
2162
2163 err = 0;
2164 errout:
2165 return err;
2166 }
2167
2168 static int inet6_rtm_delroute(struct sk_buff *skb, struct nlmsghdr* nlh, void *arg)
2169 {
2170 struct fib6_config cfg;
2171 int err;
2172
2173 err = rtm_to_fib6_config(skb, nlh, &cfg);
2174 if (err < 0)
2175 return err;
2176
2177 return ip6_route_del(&cfg);
2178 }
2179
2180 static int inet6_rtm_newroute(struct sk_buff *skb, struct nlmsghdr* nlh, void *arg)
2181 {
2182 struct fib6_config cfg;
2183 int err;
2184
2185 err = rtm_to_fib6_config(skb, nlh, &cfg);
2186 if (err < 0)
2187 return err;
2188
2189 return ip6_route_add(&cfg);
2190 }
2191
2192 static inline size_t rt6_nlmsg_size(void)
2193 {
2194 return NLMSG_ALIGN(sizeof(struct rtmsg))
2195 + nla_total_size(16) /* RTA_SRC */
2196 + nla_total_size(16) /* RTA_DST */
2197 + nla_total_size(16) /* RTA_GATEWAY */
2198 + nla_total_size(16) /* RTA_PREFSRC */
2199 + nla_total_size(4) /* RTA_TABLE */
2200 + nla_total_size(4) /* RTA_IIF */
2201 + nla_total_size(4) /* RTA_OIF */
2202 + nla_total_size(4) /* RTA_PRIORITY */
2203 + RTAX_MAX * nla_total_size(4) /* RTA_METRICS */
2204 + nla_total_size(sizeof(struct rta_cacheinfo));
2205 }
2206
2207 static int rt6_fill_node(struct net *net,
2208 struct sk_buff *skb, struct rt6_info *rt,
2209 struct in6_addr *dst, struct in6_addr *src,
2210 int iif, int type, u32 pid, u32 seq,
2211 int prefix, int nowait, unsigned int flags)
2212 {
2213 struct rtmsg *rtm;
2214 struct nlmsghdr *nlh;
2215 long expires;
2216 u32 table;
2217
2218 if (prefix) { /* user wants prefix routes only */
2219 if (!(rt->rt6i_flags & RTF_PREFIX_RT)) {
2220 /* success since this is not a prefix route */
2221 return 1;
2222 }
2223 }
2224
2225 nlh = nlmsg_put(skb, pid, seq, type, sizeof(*rtm), flags);
2226 if (nlh == NULL)
2227 return -EMSGSIZE;
2228
2229 rtm = nlmsg_data(nlh);
2230 rtm->rtm_family = AF_INET6;
2231 rtm->rtm_dst_len = rt->rt6i_dst.plen;
2232 rtm->rtm_src_len = rt->rt6i_src.plen;
2233 rtm->rtm_tos = 0;
2234 if (rt->rt6i_table)
2235 table = rt->rt6i_table->tb6_id;
2236 else
2237 table = RT6_TABLE_UNSPEC;
2238 rtm->rtm_table = table;
2239 NLA_PUT_U32(skb, RTA_TABLE, table);
2240 if (rt->rt6i_flags&RTF_REJECT)
2241 rtm->rtm_type = RTN_UNREACHABLE;
2242 else if (rt->rt6i_flags&RTF_LOCAL)
2243 rtm->rtm_type = RTN_LOCAL;
2244 else if (rt->rt6i_dev && (rt->rt6i_dev->flags&IFF_LOOPBACK))
2245 rtm->rtm_type = RTN_LOCAL;
2246 else
2247 rtm->rtm_type = RTN_UNICAST;
2248 rtm->rtm_flags = 0;
2249 rtm->rtm_scope = RT_SCOPE_UNIVERSE;
2250 rtm->rtm_protocol = rt->rt6i_protocol;
2251 if (rt->rt6i_flags&RTF_DYNAMIC)
2252 rtm->rtm_protocol = RTPROT_REDIRECT;
2253 else if (rt->rt6i_flags & RTF_ADDRCONF)
2254 rtm->rtm_protocol = RTPROT_KERNEL;
2255 else if (rt->rt6i_flags&RTF_DEFAULT)
2256 rtm->rtm_protocol = RTPROT_RA;
2257
2258 if (rt->rt6i_flags&RTF_CACHE)
2259 rtm->rtm_flags |= RTM_F_CLONED;
2260
2261 if (dst) {
2262 NLA_PUT(skb, RTA_DST, 16, dst);
2263 rtm->rtm_dst_len = 128;
2264 } else if (rtm->rtm_dst_len)
2265 NLA_PUT(skb, RTA_DST, 16, &rt->rt6i_dst.addr);
2266 #ifdef CONFIG_IPV6_SUBTREES
2267 if (src) {
2268 NLA_PUT(skb, RTA_SRC, 16, src);
2269 rtm->rtm_src_len = 128;
2270 } else if (rtm->rtm_src_len)
2271 NLA_PUT(skb, RTA_SRC, 16, &rt->rt6i_src.addr);
2272 #endif
2273 if (iif) {
2274 #ifdef CONFIG_IPV6_MROUTE
2275 if (ipv6_addr_is_multicast(&rt->rt6i_dst.addr)) {
2276 int err = ip6mr_get_route(net, skb, rtm, nowait);
2277 if (err <= 0) {
2278 if (!nowait) {
2279 if (err == 0)
2280 return 0;
2281 goto nla_put_failure;
2282 } else {
2283 if (err == -EMSGSIZE)
2284 goto nla_put_failure;
2285 }
2286 }
2287 } else
2288 #endif
2289 NLA_PUT_U32(skb, RTA_IIF, iif);
2290 } else if (dst) {
2291 struct inet6_dev *idev = ip6_dst_idev(&rt->dst);
2292 struct in6_addr saddr_buf;
2293 if (ipv6_dev_get_saddr(net, idev ? idev->dev : NULL,
2294 dst, 0, &saddr_buf) == 0)
2295 NLA_PUT(skb, RTA_PREFSRC, 16, &saddr_buf);
2296 }
2297
2298 if (rtnetlink_put_metrics(skb, dst_metrics_ptr(&rt->dst)) < 0)
2299 goto nla_put_failure;
2300
2301 if (rt->dst.neighbour)
2302 NLA_PUT(skb, RTA_GATEWAY, 16, &rt->dst.neighbour->primary_key);
2303
2304 if (rt->dst.dev)
2305 NLA_PUT_U32(skb, RTA_OIF, rt->rt6i_dev->ifindex);
2306
2307 NLA_PUT_U32(skb, RTA_PRIORITY, rt->rt6i_metric);
2308
2309 if (!(rt->rt6i_flags & RTF_EXPIRES))
2310 expires = 0;
2311 else if (rt->rt6i_expires - jiffies < INT_MAX)
2312 expires = rt->rt6i_expires - jiffies;
2313 else
2314 expires = INT_MAX;
2315
2316 if (rtnl_put_cacheinfo(skb, &rt->dst, 0, 0, 0,
2317 expires, rt->dst.error) < 0)
2318 goto nla_put_failure;
2319
2320 return nlmsg_end(skb, nlh);
2321
2322 nla_put_failure:
2323 nlmsg_cancel(skb, nlh);
2324 return -EMSGSIZE;
2325 }
2326
2327 int rt6_dump_route(struct rt6_info *rt, void *p_arg)
2328 {
2329 struct rt6_rtnl_dump_arg *arg = (struct rt6_rtnl_dump_arg *) p_arg;
2330 int prefix;
2331
2332 if (nlmsg_len(arg->cb->nlh) >= sizeof(struct rtmsg)) {
2333 struct rtmsg *rtm = nlmsg_data(arg->cb->nlh);
2334 prefix = (rtm->rtm_flags & RTM_F_PREFIX) != 0;
2335 } else
2336 prefix = 0;
2337
2338 return rt6_fill_node(arg->net,
2339 arg->skb, rt, NULL, NULL, 0, RTM_NEWROUTE,
2340 NETLINK_CB(arg->cb->skb).pid, arg->cb->nlh->nlmsg_seq,
2341 prefix, 0, NLM_F_MULTI);
2342 }
2343
2344 static int inet6_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr* nlh, void *arg)
2345 {
2346 struct net *net = sock_net(in_skb->sk);
2347 struct nlattr *tb[RTA_MAX+1];
2348 struct rt6_info *rt;
2349 struct sk_buff *skb;
2350 struct rtmsg *rtm;
2351 struct flowi fl;
2352 int err, iif = 0;
2353
2354 err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_ipv6_policy);
2355 if (err < 0)
2356 goto errout;
2357
2358 err = -EINVAL;
2359 memset(&fl, 0, sizeof(fl));
2360
2361 if (tb[RTA_SRC]) {
2362 if (nla_len(tb[RTA_SRC]) < sizeof(struct in6_addr))
2363 goto errout;
2364
2365 ipv6_addr_copy(&fl.fl6_src, nla_data(tb[RTA_SRC]));
2366 }
2367
2368 if (tb[RTA_DST]) {
2369 if (nla_len(tb[RTA_DST]) < sizeof(struct in6_addr))
2370 goto errout;
2371
2372 ipv6_addr_copy(&fl.fl6_dst, nla_data(tb[RTA_DST]));
2373 }
2374
2375 if (tb[RTA_IIF])
2376 iif = nla_get_u32(tb[RTA_IIF]);
2377
2378 if (tb[RTA_OIF])
2379 fl.oif = nla_get_u32(tb[RTA_OIF]);
2380
2381 if (iif) {
2382 struct net_device *dev;
2383 dev = __dev_get_by_index(net, iif);
2384 if (!dev) {
2385 err = -ENODEV;
2386 goto errout;
2387 }
2388 }
2389
2390 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL);
2391 if (skb == NULL) {
2392 err = -ENOBUFS;
2393 goto errout;
2394 }
2395
2396 /* Reserve room for dummy headers, this skb can pass
2397 through good chunk of routing engine.
2398 */
2399 skb_reset_mac_header(skb);
2400 skb_reserve(skb, MAX_HEADER + sizeof(struct ipv6hdr));
2401
2402 rt = (struct rt6_info*) ip6_route_output(net, NULL, &fl);
2403 skb_dst_set(skb, &rt->dst);
2404
2405 err = rt6_fill_node(net, skb, rt, &fl.fl6_dst, &fl.fl6_src, iif,
2406 RTM_NEWROUTE, NETLINK_CB(in_skb).pid,
2407 nlh->nlmsg_seq, 0, 0, 0);
2408 if (err < 0) {
2409 kfree_skb(skb);
2410 goto errout;
2411 }
2412
2413 err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).pid);
2414 errout:
2415 return err;
2416 }
2417
2418 void inet6_rt_notify(int event, struct rt6_info *rt, struct nl_info *info)
2419 {
2420 struct sk_buff *skb;
2421 struct net *net = info->nl_net;
2422 u32 seq;
2423 int err;
2424
2425 err = -ENOBUFS;
2426 seq = info->nlh != NULL ? info->nlh->nlmsg_seq : 0;
2427
2428 skb = nlmsg_new(rt6_nlmsg_size(), gfp_any());
2429 if (skb == NULL)
2430 goto errout;
2431
2432 err = rt6_fill_node(net, skb, rt, NULL, NULL, 0,
2433 event, info->pid, seq, 0, 0, 0);
2434 if (err < 0) {
2435 /* -EMSGSIZE implies BUG in rt6_nlmsg_size() */
2436 WARN_ON(err == -EMSGSIZE);
2437 kfree_skb(skb);
2438 goto errout;
2439 }
2440 rtnl_notify(skb, net, info->pid, RTNLGRP_IPV6_ROUTE,
2441 info->nlh, gfp_any());
2442 return;
2443 errout:
2444 if (err < 0)
2445 rtnl_set_sk_err(net, RTNLGRP_IPV6_ROUTE, err);
2446 }
2447
2448 static int ip6_route_dev_notify(struct notifier_block *this,
2449 unsigned long event, void *data)
2450 {
2451 struct net_device *dev = (struct net_device *)data;
2452 struct net *net = dev_net(dev);
2453
2454 if (event == NETDEV_REGISTER && (dev->flags & IFF_LOOPBACK)) {
2455 net->ipv6.ip6_null_entry->dst.dev = dev;
2456 net->ipv6.ip6_null_entry->rt6i_idev = in6_dev_get(dev);
2457 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
2458 net->ipv6.ip6_prohibit_entry->dst.dev = dev;
2459 net->ipv6.ip6_prohibit_entry->rt6i_idev = in6_dev_get(dev);
2460 net->ipv6.ip6_blk_hole_entry->dst.dev = dev;
2461 net->ipv6.ip6_blk_hole_entry->rt6i_idev = in6_dev_get(dev);
2462 #endif
2463 }
2464
2465 return NOTIFY_OK;
2466 }
2467
2468 /*
2469 * /proc
2470 */
2471
2472 #ifdef CONFIG_PROC_FS
2473
2474 struct rt6_proc_arg
2475 {
2476 char *buffer;
2477 int offset;
2478 int length;
2479 int skip;
2480 int len;
2481 };
2482
2483 static int rt6_info_route(struct rt6_info *rt, void *p_arg)
2484 {
2485 struct seq_file *m = p_arg;
2486
2487 seq_printf(m, "%pi6 %02x ", &rt->rt6i_dst.addr, rt->rt6i_dst.plen);
2488
2489 #ifdef CONFIG_IPV6_SUBTREES
2490 seq_printf(m, "%pi6 %02x ", &rt->rt6i_src.addr, rt->rt6i_src.plen);
2491 #else
2492 seq_puts(m, "00000000000000000000000000000000 00 ");
2493 #endif
2494
2495 if (rt->rt6i_nexthop) {
2496 seq_printf(m, "%pi6", rt->rt6i_nexthop->primary_key);
2497 } else {
2498 seq_puts(m, "00000000000000000000000000000000");
2499 }
2500 seq_printf(m, " %08x %08x %08x %08x %8s\n",
2501 rt->rt6i_metric, atomic_read(&rt->dst.__refcnt),
2502 rt->dst.__use, rt->rt6i_flags,
2503 rt->rt6i_dev ? rt->rt6i_dev->name : "");
2504 return 0;
2505 }
2506
2507 static int ipv6_route_show(struct seq_file *m, void *v)
2508 {
2509 struct net *net = (struct net *)m->private;
2510 fib6_clean_all(net, rt6_info_route, 0, m);
2511 return 0;
2512 }
2513
2514 static int ipv6_route_open(struct inode *inode, struct file *file)
2515 {
2516 return single_open_net(inode, file, ipv6_route_show);
2517 }
2518
2519 static const struct file_operations ipv6_route_proc_fops = {
2520 .owner = THIS_MODULE,
2521 .open = ipv6_route_open,
2522 .read = seq_read,
2523 .llseek = seq_lseek,
2524 .release = single_release_net,
2525 };
2526
2527 static int rt6_stats_seq_show(struct seq_file *seq, void *v)
2528 {
2529 struct net *net = (struct net *)seq->private;
2530 seq_printf(seq, "%04x %04x %04x %04x %04x %04x %04x\n",
2531 net->ipv6.rt6_stats->fib_nodes,
2532 net->ipv6.rt6_stats->fib_route_nodes,
2533 net->ipv6.rt6_stats->fib_rt_alloc,
2534 net->ipv6.rt6_stats->fib_rt_entries,
2535 net->ipv6.rt6_stats->fib_rt_cache,
2536 dst_entries_get_slow(&net->ipv6.ip6_dst_ops),
2537 net->ipv6.rt6_stats->fib_discarded_routes);
2538
2539 return 0;
2540 }
2541
2542 static int rt6_stats_seq_open(struct inode *inode, struct file *file)
2543 {
2544 return single_open_net(inode, file, rt6_stats_seq_show);
2545 }
2546
2547 static const struct file_operations rt6_stats_seq_fops = {
2548 .owner = THIS_MODULE,
2549 .open = rt6_stats_seq_open,
2550 .read = seq_read,
2551 .llseek = seq_lseek,
2552 .release = single_release_net,
2553 };
2554 #endif /* CONFIG_PROC_FS */
2555
2556 #ifdef CONFIG_SYSCTL
2557
2558 static
2559 int ipv6_sysctl_rtcache_flush(ctl_table *ctl, int write,
2560 void __user *buffer, size_t *lenp, loff_t *ppos)
2561 {
2562 struct net *net;
2563 int delay;
2564 if (!write)
2565 return -EINVAL;
2566
2567 net = (struct net *)ctl->extra1;
2568 delay = net->ipv6.sysctl.flush_delay;
2569 proc_dointvec(ctl, write, buffer, lenp, ppos);
2570 fib6_run_gc(delay <= 0 ? ~0UL : (unsigned long)delay, net);
2571 return 0;
2572 }
2573
2574 ctl_table ipv6_route_table_template[] = {
2575 {
2576 .procname = "flush",
2577 .data = &init_net.ipv6.sysctl.flush_delay,
2578 .maxlen = sizeof(int),
2579 .mode = 0200,
2580 .proc_handler = ipv6_sysctl_rtcache_flush
2581 },
2582 {
2583 .procname = "gc_thresh",
2584 .data = &ip6_dst_ops_template.gc_thresh,
2585 .maxlen = sizeof(int),
2586 .mode = 0644,
2587 .proc_handler = proc_dointvec,
2588 },
2589 {
2590 .procname = "max_size",
2591 .data = &init_net.ipv6.sysctl.ip6_rt_max_size,
2592 .maxlen = sizeof(int),
2593 .mode = 0644,
2594 .proc_handler = proc_dointvec,
2595 },
2596 {
2597 .procname = "gc_min_interval",
2598 .data = &init_net.ipv6.sysctl.ip6_rt_gc_min_interval,
2599 .maxlen = sizeof(int),
2600 .mode = 0644,
2601 .proc_handler = proc_dointvec_jiffies,
2602 },
2603 {
2604 .procname = "gc_timeout",
2605 .data = &init_net.ipv6.sysctl.ip6_rt_gc_timeout,
2606 .maxlen = sizeof(int),
2607 .mode = 0644,
2608 .proc_handler = proc_dointvec_jiffies,
2609 },
2610 {
2611 .procname = "gc_interval",
2612 .data = &init_net.ipv6.sysctl.ip6_rt_gc_interval,
2613 .maxlen = sizeof(int),
2614 .mode = 0644,
2615 .proc_handler = proc_dointvec_jiffies,
2616 },
2617 {
2618 .procname = "gc_elasticity",
2619 .data = &init_net.ipv6.sysctl.ip6_rt_gc_elasticity,
2620 .maxlen = sizeof(int),
2621 .mode = 0644,
2622 .proc_handler = proc_dointvec,
2623 },
2624 {
2625 .procname = "mtu_expires",
2626 .data = &init_net.ipv6.sysctl.ip6_rt_mtu_expires,
2627 .maxlen = sizeof(int),
2628 .mode = 0644,
2629 .proc_handler = proc_dointvec_jiffies,
2630 },
2631 {
2632 .procname = "min_adv_mss",
2633 .data = &init_net.ipv6.sysctl.ip6_rt_min_advmss,
2634 .maxlen = sizeof(int),
2635 .mode = 0644,
2636 .proc_handler = proc_dointvec,
2637 },
2638 {
2639 .procname = "gc_min_interval_ms",
2640 .data = &init_net.ipv6.sysctl.ip6_rt_gc_min_interval,
2641 .maxlen = sizeof(int),
2642 .mode = 0644,
2643 .proc_handler = proc_dointvec_ms_jiffies,
2644 },
2645 { }
2646 };
2647
2648 struct ctl_table * __net_init ipv6_route_sysctl_init(struct net *net)
2649 {
2650 struct ctl_table *table;
2651
2652 table = kmemdup(ipv6_route_table_template,
2653 sizeof(ipv6_route_table_template),
2654 GFP_KERNEL);
2655
2656 if (table) {
2657 table[0].data = &net->ipv6.sysctl.flush_delay;
2658 table[0].extra1 = net;
2659 table[1].data = &net->ipv6.ip6_dst_ops.gc_thresh;
2660 table[2].data = &net->ipv6.sysctl.ip6_rt_max_size;
2661 table[3].data = &net->ipv6.sysctl.ip6_rt_gc_min_interval;
2662 table[4].data = &net->ipv6.sysctl.ip6_rt_gc_timeout;
2663 table[5].data = &net->ipv6.sysctl.ip6_rt_gc_interval;
2664 table[6].data = &net->ipv6.sysctl.ip6_rt_gc_elasticity;
2665 table[7].data = &net->ipv6.sysctl.ip6_rt_mtu_expires;
2666 table[8].data = &net->ipv6.sysctl.ip6_rt_min_advmss;
2667 table[9].data = &net->ipv6.sysctl.ip6_rt_gc_min_interval;
2668 }
2669
2670 return table;
2671 }
2672 #endif
2673
2674 static int __net_init ip6_route_net_init(struct net *net)
2675 {
2676 int ret = -ENOMEM;
2677
2678 memcpy(&net->ipv6.ip6_dst_ops, &ip6_dst_ops_template,
2679 sizeof(net->ipv6.ip6_dst_ops));
2680
2681 if (dst_entries_init(&net->ipv6.ip6_dst_ops) < 0)
2682 goto out_ip6_dst_ops;
2683
2684 net->ipv6.ip6_null_entry = kmemdup(&ip6_null_entry_template,
2685 sizeof(*net->ipv6.ip6_null_entry),
2686 GFP_KERNEL);
2687 if (!net->ipv6.ip6_null_entry)
2688 goto out_ip6_dst_entries;
2689 net->ipv6.ip6_null_entry->dst.path =
2690 (struct dst_entry *)net->ipv6.ip6_null_entry;
2691 net->ipv6.ip6_null_entry->dst.ops = &net->ipv6.ip6_dst_ops;
2692 dst_metric_set(&net->ipv6.ip6_null_entry->dst, RTAX_HOPLIMIT, 255);
2693
2694 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
2695 net->ipv6.ip6_prohibit_entry = kmemdup(&ip6_prohibit_entry_template,
2696 sizeof(*net->ipv6.ip6_prohibit_entry),
2697 GFP_KERNEL);
2698 if (!net->ipv6.ip6_prohibit_entry)
2699 goto out_ip6_null_entry;
2700 net->ipv6.ip6_prohibit_entry->dst.path =
2701 (struct dst_entry *)net->ipv6.ip6_prohibit_entry;
2702 net->ipv6.ip6_prohibit_entry->dst.ops = &net->ipv6.ip6_dst_ops;
2703 dst_metric_set(&net->ipv6.ip6_prohibit_entry->dst, RTAX_HOPLIMIT, 255);
2704
2705 net->ipv6.ip6_blk_hole_entry = kmemdup(&ip6_blk_hole_entry_template,
2706 sizeof(*net->ipv6.ip6_blk_hole_entry),
2707 GFP_KERNEL);
2708 if (!net->ipv6.ip6_blk_hole_entry)
2709 goto out_ip6_prohibit_entry;
2710 net->ipv6.ip6_blk_hole_entry->dst.path =
2711 (struct dst_entry *)net->ipv6.ip6_blk_hole_entry;
2712 net->ipv6.ip6_blk_hole_entry->dst.ops = &net->ipv6.ip6_dst_ops;
2713 dst_metric_set(&net->ipv6.ip6_blk_hole_entry->dst, RTAX_HOPLIMIT, 255);
2714 #endif
2715
2716 net->ipv6.sysctl.flush_delay = 0;
2717 net->ipv6.sysctl.ip6_rt_max_size = 4096;
2718 net->ipv6.sysctl.ip6_rt_gc_min_interval = HZ / 2;
2719 net->ipv6.sysctl.ip6_rt_gc_timeout = 60*HZ;
2720 net->ipv6.sysctl.ip6_rt_gc_interval = 30*HZ;
2721 net->ipv6.sysctl.ip6_rt_gc_elasticity = 9;
2722 net->ipv6.sysctl.ip6_rt_mtu_expires = 10*60*HZ;
2723 net->ipv6.sysctl.ip6_rt_min_advmss = IPV6_MIN_MTU - 20 - 40;
2724
2725 #ifdef CONFIG_PROC_FS
2726 proc_net_fops_create(net, "ipv6_route", 0, &ipv6_route_proc_fops);
2727 proc_net_fops_create(net, "rt6_stats", S_IRUGO, &rt6_stats_seq_fops);
2728 #endif
2729 net->ipv6.ip6_rt_gc_expire = 30*HZ;
2730
2731 ret = 0;
2732 out:
2733 return ret;
2734
2735 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
2736 out_ip6_prohibit_entry:
2737 kfree(net->ipv6.ip6_prohibit_entry);
2738 out_ip6_null_entry:
2739 kfree(net->ipv6.ip6_null_entry);
2740 #endif
2741 out_ip6_dst_entries:
2742 dst_entries_destroy(&net->ipv6.ip6_dst_ops);
2743 out_ip6_dst_ops:
2744 goto out;
2745 }
2746
2747 static void __net_exit ip6_route_net_exit(struct net *net)
2748 {
2749 #ifdef CONFIG_PROC_FS
2750 proc_net_remove(net, "ipv6_route");
2751 proc_net_remove(net, "rt6_stats");
2752 #endif
2753 kfree(net->ipv6.ip6_null_entry);
2754 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
2755 kfree(net->ipv6.ip6_prohibit_entry);
2756 kfree(net->ipv6.ip6_blk_hole_entry);
2757 #endif
2758 dst_entries_destroy(&net->ipv6.ip6_dst_ops);
2759 }
2760
2761 static struct pernet_operations ip6_route_net_ops = {
2762 .init = ip6_route_net_init,
2763 .exit = ip6_route_net_exit,
2764 };
2765
2766 static struct notifier_block ip6_route_dev_notifier = {
2767 .notifier_call = ip6_route_dev_notify,
2768 .priority = 0,
2769 };
2770
2771 int __init ip6_route_init(void)
2772 {
2773 int ret;
2774
2775 ret = -ENOMEM;
2776 ip6_dst_ops_template.kmem_cachep =
2777 kmem_cache_create("ip6_dst_cache", sizeof(struct rt6_info), 0,
2778 SLAB_HWCACHE_ALIGN, NULL);
2779 if (!ip6_dst_ops_template.kmem_cachep)
2780 goto out;
2781
2782 ret = dst_entries_init(&ip6_dst_blackhole_ops);
2783 if (ret)
2784 goto out_kmem_cache;
2785
2786 ret = register_pernet_subsys(&ip6_route_net_ops);
2787 if (ret)
2788 goto out_dst_entries;
2789
2790 ip6_dst_blackhole_ops.kmem_cachep = ip6_dst_ops_template.kmem_cachep;
2791
2792 /* Registering of the loopback is done before this portion of code,
2793 * the loopback reference in rt6_info will not be taken, do it
2794 * manually for init_net */
2795 init_net.ipv6.ip6_null_entry->dst.dev = init_net.loopback_dev;
2796 init_net.ipv6.ip6_null_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev);
2797 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
2798 init_net.ipv6.ip6_prohibit_entry->dst.dev = init_net.loopback_dev;
2799 init_net.ipv6.ip6_prohibit_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev);
2800 init_net.ipv6.ip6_blk_hole_entry->dst.dev = init_net.loopback_dev;
2801 init_net.ipv6.ip6_blk_hole_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev);
2802 #endif
2803 ret = fib6_init();
2804 if (ret)
2805 goto out_register_subsys;
2806
2807 ret = xfrm6_init();
2808 if (ret)
2809 goto out_fib6_init;
2810
2811 ret = fib6_rules_init();
2812 if (ret)
2813 goto xfrm6_init;
2814
2815 ret = -ENOBUFS;
2816 if (__rtnl_register(PF_INET6, RTM_NEWROUTE, inet6_rtm_newroute, NULL) ||
2817 __rtnl_register(PF_INET6, RTM_DELROUTE, inet6_rtm_delroute, NULL) ||
2818 __rtnl_register(PF_INET6, RTM_GETROUTE, inet6_rtm_getroute, NULL))
2819 goto fib6_rules_init;
2820
2821 ret = register_netdevice_notifier(&ip6_route_dev_notifier);
2822 if (ret)
2823 goto fib6_rules_init;
2824
2825 out:
2826 return ret;
2827
2828 fib6_rules_init:
2829 fib6_rules_cleanup();
2830 xfrm6_init:
2831 xfrm6_fini();
2832 out_fib6_init:
2833 fib6_gc_cleanup();
2834 out_register_subsys:
2835 unregister_pernet_subsys(&ip6_route_net_ops);
2836 out_dst_entries:
2837 dst_entries_destroy(&ip6_dst_blackhole_ops);
2838 out_kmem_cache:
2839 kmem_cache_destroy(ip6_dst_ops_template.kmem_cachep);
2840 goto out;
2841 }
2842
2843 void ip6_route_cleanup(void)
2844 {
2845 unregister_netdevice_notifier(&ip6_route_dev_notifier);
2846 fib6_rules_cleanup();
2847 xfrm6_fini();
2848 fib6_gc_cleanup();
2849 unregister_pernet_subsys(&ip6_route_net_ops);
2850 dst_entries_destroy(&ip6_dst_blackhole_ops);
2851 kmem_cache_destroy(ip6_dst_ops_template.kmem_cachep);
2852 }
ubuntu-bionic-kernel mirror