]> git.proxmox.com Git - mirror_ubuntu-bionic-kernel.git/blob - net/ipv6/route.c
projects / mirror_ubuntu-bionic-kernel.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
net-next: remove useless union keyword
[mirror_ubuntu-bionic-kernel.git] / net / ipv6 / route.c
1 /*
2 * Linux INET6 implementation
3 * FIB front-end.
4 *
5 * Authors:
6 * Pedro Roque <roque@di.fc.ul.pt>
7 *
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public License
10 * as published by the Free Software Foundation; either version
11 * 2 of the License, or (at your option) any later version.
12 */
13
14 /* Changes:
15 *
16 * YOSHIFUJI Hideaki @USAGI
17 * reworked default router selection.
18 * - respect outgoing interface
19 * - select from (probably) reachable routers (i.e.
20 * routers in REACHABLE, STALE, DELAY or PROBE states).
21 * - always select the same router if it is (probably)
22 * reachable. otherwise, round-robin the list.
23 * Ville Nuorvala
24 * Fixed routing subtrees.
25 */
26
27 #include <linux/capability.h>
28 #include <linux/errno.h>
29 #include <linux/types.h>
30 #include <linux/times.h>
31 #include <linux/socket.h>
32 #include <linux/sockios.h>
33 #include <linux/net.h>
34 #include <linux/route.h>
35 #include <linux/netdevice.h>
36 #include <linux/in6.h>
37 #include <linux/mroute6.h>
38 #include <linux/init.h>
39 #include <linux/if_arp.h>
40 #include <linux/proc_fs.h>
41 #include <linux/seq_file.h>
42 #include <linux/nsproxy.h>
43 #include <linux/slab.h>
44 #include <net/net_namespace.h>
45 #include <net/snmp.h>
46 #include <net/ipv6.h>
47 #include <net/ip6_fib.h>
48 #include <net/ip6_route.h>
49 #include <net/ndisc.h>
50 #include <net/addrconf.h>
51 #include <net/tcp.h>
52 #include <linux/rtnetlink.h>
53 #include <net/dst.h>
54 #include <net/xfrm.h>
55 #include <net/netevent.h>
56 #include <net/netlink.h>
57
58 #include <asm/uaccess.h>
59
60 #ifdef CONFIG_SYSCTL
61 #include <linux/sysctl.h>
62 #endif
63
64 /* Set to 3 to get tracing. */
65 #define RT6_DEBUG 2
66
67 #if RT6_DEBUG >= 3
68 #define RDBG(x) printk x
69 #define RT6_TRACE(x...) printk(KERN_DEBUG x)
70 #else
71 #define RDBG(x)
72 #define RT6_TRACE(x...) do { ; } while (0)
73 #endif
74
75 #define CLONE_OFFLINK_ROUTE 0
76
77 static struct rt6_info * ip6_rt_copy(struct rt6_info *ort);
78 static struct dst_entry *ip6_dst_check(struct dst_entry *dst, u32 cookie);
79 static struct dst_entry *ip6_negative_advice(struct dst_entry *);
80 static void ip6_dst_destroy(struct dst_entry *);
81 static void ip6_dst_ifdown(struct dst_entry *,
82 struct net_device *dev, int how);
83 static int ip6_dst_gc(struct dst_ops *ops);
84
85 static int ip6_pkt_discard(struct sk_buff *skb);
86 static int ip6_pkt_discard_out(struct sk_buff *skb);
87 static void ip6_link_failure(struct sk_buff *skb);
88 static void ip6_rt_update_pmtu(struct dst_entry *dst, u32 mtu);
89
90 #ifdef CONFIG_IPV6_ROUTE_INFO
91 static struct rt6_info *rt6_add_route_info(struct net *net,
92 struct in6_addr *prefix, int prefixlen,
93 struct in6_addr *gwaddr, int ifindex,
94 unsigned pref);
95 static struct rt6_info *rt6_get_route_info(struct net *net,
96 struct in6_addr *prefix, int prefixlen,
97 struct in6_addr *gwaddr, int ifindex);
98 #endif
99
100 static struct dst_ops ip6_dst_ops_template = {
101 .family = AF_INET6,
102 .protocol = cpu_to_be16(ETH_P_IPV6),
103 .gc = ip6_dst_gc,
104 .gc_thresh = 1024,
105 .check = ip6_dst_check,
106 .destroy = ip6_dst_destroy,
107 .ifdown = ip6_dst_ifdown,
108 .negative_advice = ip6_negative_advice,
109 .link_failure = ip6_link_failure,
110 .update_pmtu = ip6_rt_update_pmtu,
111 .local_out = __ip6_local_out,
112 .entries = ATOMIC_INIT(0),
113 };
114
115 static void ip6_rt_blackhole_update_pmtu(struct dst_entry *dst, u32 mtu)
116 {
117 }
118
119 static struct dst_ops ip6_dst_blackhole_ops = {
120 .family = AF_INET6,
121 .protocol = cpu_to_be16(ETH_P_IPV6),
122 .destroy = ip6_dst_destroy,
123 .check = ip6_dst_check,
124 .update_pmtu = ip6_rt_blackhole_update_pmtu,
125 .entries = ATOMIC_INIT(0),
126 };
127
128 static struct rt6_info ip6_null_entry_template = {
129 .dst = {
130 .__refcnt = ATOMIC_INIT(1),
131 .__use = 1,
132 .obsolete = -1,
133 .error = -ENETUNREACH,
134 .metrics = { [RTAX_HOPLIMIT - 1] = 255, },
135 .input = ip6_pkt_discard,
136 .output = ip6_pkt_discard_out,
137 },
138 .rt6i_flags = (RTF_REJECT | RTF_NONEXTHOP),
139 .rt6i_protocol = RTPROT_KERNEL,
140 .rt6i_metric = ~(u32) 0,
141 .rt6i_ref = ATOMIC_INIT(1),
142 };
143
144 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
145
146 static int ip6_pkt_prohibit(struct sk_buff *skb);
147 static int ip6_pkt_prohibit_out(struct sk_buff *skb);
148
149 static struct rt6_info ip6_prohibit_entry_template = {
150 .dst = {
151 .__refcnt = ATOMIC_INIT(1),
152 .__use = 1,
153 .obsolete = -1,
154 .error = -EACCES,
155 .metrics = { [RTAX_HOPLIMIT - 1] = 255, },
156 .input = ip6_pkt_prohibit,
157 .output = ip6_pkt_prohibit_out,
158 },
159 .rt6i_flags = (RTF_REJECT | RTF_NONEXTHOP),
160 .rt6i_protocol = RTPROT_KERNEL,
161 .rt6i_metric = ~(u32) 0,
162 .rt6i_ref = ATOMIC_INIT(1),
163 };
164
165 static struct rt6_info ip6_blk_hole_entry_template = {
166 .dst = {
167 .__refcnt = ATOMIC_INIT(1),
168 .__use = 1,
169 .obsolete = -1,
170 .error = -EINVAL,
171 .metrics = { [RTAX_HOPLIMIT - 1] = 255, },
172 .input = dst_discard,
173 .output = dst_discard,
174 },
175 .rt6i_flags = (RTF_REJECT | RTF_NONEXTHOP),
176 .rt6i_protocol = RTPROT_KERNEL,
177 .rt6i_metric = ~(u32) 0,
178 .rt6i_ref = ATOMIC_INIT(1),
179 };
180
181 #endif
182
183 /* allocate dst with ip6_dst_ops */
184 static inline struct rt6_info *ip6_dst_alloc(struct dst_ops *ops)
185 {
186 return (struct rt6_info *)dst_alloc(ops);
187 }
188
189 static void ip6_dst_destroy(struct dst_entry *dst)
190 {
191 struct rt6_info *rt = (struct rt6_info *)dst;
192 struct inet6_dev *idev = rt->rt6i_idev;
193
194 if (idev != NULL) {
195 rt->rt6i_idev = NULL;
196 in6_dev_put(idev);
197 }
198 }
199
200 static void ip6_dst_ifdown(struct dst_entry *dst, struct net_device *dev,
201 int how)
202 {
203 struct rt6_info *rt = (struct rt6_info *)dst;
204 struct inet6_dev *idev = rt->rt6i_idev;
205 struct net_device *loopback_dev =
206 dev_net(dev)->loopback_dev;
207
208 if (dev != loopback_dev && idev != NULL && idev->dev == dev) {
209 struct inet6_dev *loopback_idev =
210 in6_dev_get(loopback_dev);
211 if (loopback_idev != NULL) {
212 rt->rt6i_idev = loopback_idev;
213 in6_dev_put(idev);
214 }
215 }
216 }
217
218 static __inline__ int rt6_check_expired(const struct rt6_info *rt)
219 {
220 return (rt->rt6i_flags & RTF_EXPIRES &&
221 time_after(jiffies, rt->rt6i_expires));
222 }
223
224 static inline int rt6_need_strict(struct in6_addr *daddr)
225 {
226 return (ipv6_addr_type(daddr) &
227 (IPV6_ADDR_MULTICAST | IPV6_ADDR_LINKLOCAL | IPV6_ADDR_LOOPBACK));
228 }
229
230 /*
231 * Route lookup. Any table->tb6_lock is implied.
232 */
233
234 static inline struct rt6_info *rt6_device_match(struct net *net,
235 struct rt6_info *rt,
236 struct in6_addr *saddr,
237 int oif,
238 int flags)
239 {
240 struct rt6_info *local = NULL;
241 struct rt6_info *sprt;
242
243 if (!oif && ipv6_addr_any(saddr))
244 goto out;
245
246 for (sprt = rt; sprt; sprt = sprt->dst.rt6_next) {
247 struct net_device *dev = sprt->rt6i_dev;
248
249 if (oif) {
250 if (dev->ifindex == oif)
251 return sprt;
252 if (dev->flags & IFF_LOOPBACK) {
253 if (sprt->rt6i_idev == NULL ||
254 sprt->rt6i_idev->dev->ifindex != oif) {
255 if (flags & RT6_LOOKUP_F_IFACE && oif)
256 continue;
257 if (local && (!oif ||
258 local->rt6i_idev->dev->ifindex == oif))
259 continue;
260 }
261 local = sprt;
262 }
263 } else {
264 if (ipv6_chk_addr(net, saddr, dev,
265 flags & RT6_LOOKUP_F_IFACE))
266 return sprt;
267 }
268 }
269
270 if (oif) {
271 if (local)
272 return local;
273
274 if (flags & RT6_LOOKUP_F_IFACE)
275 return net->ipv6.ip6_null_entry;
276 }
277 out:
278 return rt;
279 }
280
281 #ifdef CONFIG_IPV6_ROUTER_PREF
282 static void rt6_probe(struct rt6_info *rt)
283 {
284 struct neighbour *neigh = rt ? rt->rt6i_nexthop : NULL;
285 /*
286 * Okay, this does not seem to be appropriate
287 * for now, however, we need to check if it
288 * is really so; aka Router Reachability Probing.
289 *
290 * Router Reachability Probe MUST be rate-limited
291 * to no more than one per minute.
292 */
293 if (!neigh || (neigh->nud_state & NUD_VALID))
294 return;
295 read_lock_bh(&neigh->lock);
296 if (!(neigh->nud_state & NUD_VALID) &&
297 time_after(jiffies, neigh->updated + rt->rt6i_idev->cnf.rtr_probe_interval)) {
298 struct in6_addr mcaddr;
299 struct in6_addr *target;
300
301 neigh->updated = jiffies;
302 read_unlock_bh(&neigh->lock);
303
304 target = (struct in6_addr *)&neigh->primary_key;
305 addrconf_addr_solict_mult(target, &mcaddr);
306 ndisc_send_ns(rt->rt6i_dev, NULL, target, &mcaddr, NULL);
307 } else
308 read_unlock_bh(&neigh->lock);
309 }
310 #else
311 static inline void rt6_probe(struct rt6_info *rt)
312 {
313 }
314 #endif
315
316 /*
317 * Default Router Selection (RFC 2461 6.3.6)
318 */
319 static inline int rt6_check_dev(struct rt6_info *rt, int oif)
320 {
321 struct net_device *dev = rt->rt6i_dev;
322 if (!oif || dev->ifindex == oif)
323 return 2;
324 if ((dev->flags & IFF_LOOPBACK) &&
325 rt->rt6i_idev && rt->rt6i_idev->dev->ifindex == oif)
326 return 1;
327 return 0;
328 }
329
330 static inline int rt6_check_neigh(struct rt6_info *rt)
331 {
332 struct neighbour *neigh = rt->rt6i_nexthop;
333 int m;
334 if (rt->rt6i_flags & RTF_NONEXTHOP ||
335 !(rt->rt6i_flags & RTF_GATEWAY))
336 m = 1;
337 else if (neigh) {
338 read_lock_bh(&neigh->lock);
339 if (neigh->nud_state & NUD_VALID)
340 m = 2;
341 #ifdef CONFIG_IPV6_ROUTER_PREF
342 else if (neigh->nud_state & NUD_FAILED)
343 m = 0;
344 #endif
345 else
346 m = 1;
347 read_unlock_bh(&neigh->lock);
348 } else
349 m = 0;
350 return m;
351 }
352
353 static int rt6_score_route(struct rt6_info *rt, int oif,
354 int strict)
355 {
356 int m, n;
357
358 m = rt6_check_dev(rt, oif);
359 if (!m && (strict & RT6_LOOKUP_F_IFACE))
360 return -1;
361 #ifdef CONFIG_IPV6_ROUTER_PREF
362 m |= IPV6_DECODE_PREF(IPV6_EXTRACT_PREF(rt->rt6i_flags)) << 2;
363 #endif
364 n = rt6_check_neigh(rt);
365 if (!n && (strict & RT6_LOOKUP_F_REACHABLE))
366 return -1;
367 return m;
368 }
369
370 static struct rt6_info *find_match(struct rt6_info *rt, int oif, int strict,
371 int *mpri, struct rt6_info *match)
372 {
373 int m;
374
375 if (rt6_check_expired(rt))
376 goto out;
377
378 m = rt6_score_route(rt, oif, strict);
379 if (m < 0)
380 goto out;
381
382 if (m > *mpri) {
383 if (strict & RT6_LOOKUP_F_REACHABLE)
384 rt6_probe(match);
385 *mpri = m;
386 match = rt;
387 } else if (strict & RT6_LOOKUP_F_REACHABLE) {
388 rt6_probe(rt);
389 }
390
391 out:
392 return match;
393 }
394
395 static struct rt6_info *find_rr_leaf(struct fib6_node *fn,
396 struct rt6_info *rr_head,
397 u32 metric, int oif, int strict)
398 {
399 struct rt6_info *rt, *match;
400 int mpri = -1;
401
402 match = NULL;
403 for (rt = rr_head; rt && rt->rt6i_metric == metric;
404 rt = rt->dst.rt6_next)
405 match = find_match(rt, oif, strict, &mpri, match);
406 for (rt = fn->leaf; rt && rt != rr_head && rt->rt6i_metric == metric;
407 rt = rt->dst.rt6_next)
408 match = find_match(rt, oif, strict, &mpri, match);
409
410 return match;
411 }
412
413 static struct rt6_info *rt6_select(struct fib6_node *fn, int oif, int strict)
414 {
415 struct rt6_info *match, *rt0;
416 struct net *net;
417
418 RT6_TRACE("%s(fn->leaf=%p, oif=%d)\n",
419 __func__, fn->leaf, oif);
420
421 rt0 = fn->rr_ptr;
422 if (!rt0)
423 fn->rr_ptr = rt0 = fn->leaf;
424
425 match = find_rr_leaf(fn, rt0, rt0->rt6i_metric, oif, strict);
426
427 if (!match &&
428 (strict & RT6_LOOKUP_F_REACHABLE)) {
429 struct rt6_info *next = rt0->dst.rt6_next;
430
431 /* no entries matched; do round-robin */
432 if (!next || next->rt6i_metric != rt0->rt6i_metric)
433 next = fn->leaf;
434
435 if (next != rt0)
436 fn->rr_ptr = next;
437 }
438
439 RT6_TRACE("%s() => %p\n",
440 __func__, match);
441
442 net = dev_net(rt0->rt6i_dev);
443 return (match ? match : net->ipv6.ip6_null_entry);
444 }
445
446 #ifdef CONFIG_IPV6_ROUTE_INFO
447 int rt6_route_rcv(struct net_device *dev, u8 *opt, int len,
448 struct in6_addr *gwaddr)
449 {
450 struct net *net = dev_net(dev);
451 struct route_info *rinfo = (struct route_info *) opt;
452 struct in6_addr prefix_buf, *prefix;
453 unsigned int pref;
454 unsigned long lifetime;
455 struct rt6_info *rt;
456
457 if (len < sizeof(struct route_info)) {
458 return -EINVAL;
459 }
460
461 /* Sanity check for prefix_len and length */
462 if (rinfo->length > 3) {
463 return -EINVAL;
464 } else if (rinfo->prefix_len > 128) {
465 return -EINVAL;
466 } else if (rinfo->prefix_len > 64) {
467 if (rinfo->length < 2) {
468 return -EINVAL;
469 }
470 } else if (rinfo->prefix_len > 0) {
471 if (rinfo->length < 1) {
472 return -EINVAL;
473 }
474 }
475
476 pref = rinfo->route_pref;
477 if (pref == ICMPV6_ROUTER_PREF_INVALID)
478 return -EINVAL;
479
480 lifetime = addrconf_timeout_fixup(ntohl(rinfo->lifetime), HZ);
481
482 if (rinfo->length == 3)
483 prefix = (struct in6_addr *)rinfo->prefix;
484 else {
485 /* this function is safe */
486 ipv6_addr_prefix(&prefix_buf,
487 (struct in6_addr *)rinfo->prefix,
488 rinfo->prefix_len);
489 prefix = &prefix_buf;
490 }
491
492 rt = rt6_get_route_info(net, prefix, rinfo->prefix_len, gwaddr,
493 dev->ifindex);
494
495 if (rt && !lifetime) {
496 ip6_del_rt(rt);
497 rt = NULL;
498 }
499
500 if (!rt && lifetime)
501 rt = rt6_add_route_info(net, prefix, rinfo->prefix_len, gwaddr, dev->ifindex,
502 pref);
503 else if (rt)
504 rt->rt6i_flags = RTF_ROUTEINFO |
505 (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
506
507 if (rt) {
508 if (!addrconf_finite_timeout(lifetime)) {
509 rt->rt6i_flags &= ~RTF_EXPIRES;
510 } else {
511 rt->rt6i_expires = jiffies + HZ * lifetime;
512 rt->rt6i_flags |= RTF_EXPIRES;
513 }
514 dst_release(&rt->dst);
515 }
516 return 0;
517 }
518 #endif
519
520 #define BACKTRACK(__net, saddr) \
521 do { \
522 if (rt == __net->ipv6.ip6_null_entry) { \
523 struct fib6_node *pn; \
524 while (1) { \
525 if (fn->fn_flags & RTN_TL_ROOT) \
526 goto out; \
527 pn = fn->parent; \
528 if (FIB6_SUBTREE(pn) && FIB6_SUBTREE(pn) != fn) \
529 fn = fib6_lookup(FIB6_SUBTREE(pn), NULL, saddr); \
530 else \
531 fn = pn; \
532 if (fn->fn_flags & RTN_RTINFO) \
533 goto restart; \
534 } \
535 } \
536 } while(0)
537
538 static struct rt6_info *ip6_pol_route_lookup(struct net *net,
539 struct fib6_table *table,
540 struct flowi *fl, int flags)
541 {
542 struct fib6_node *fn;
543 struct rt6_info *rt;
544
545 read_lock_bh(&table->tb6_lock);
546 fn = fib6_lookup(&table->tb6_root, &fl->fl6_dst, &fl->fl6_src);
547 restart:
548 rt = fn->leaf;
549 rt = rt6_device_match(net, rt, &fl->fl6_src, fl->oif, flags);
550 BACKTRACK(net, &fl->fl6_src);
551 out:
552 dst_use(&rt->dst, jiffies);
553 read_unlock_bh(&table->tb6_lock);
554 return rt;
555
556 }
557
558 struct rt6_info *rt6_lookup(struct net *net, const struct in6_addr *daddr,
559 const struct in6_addr *saddr, int oif, int strict)
560 {
561 struct flowi fl = {
562 .oif = oif,
563 .nl_u = {
564 .ip6_u = {
565 .daddr = *daddr,
566 },
567 },
568 };
569 struct dst_entry *dst;
570 int flags = strict ? RT6_LOOKUP_F_IFACE : 0;
571
572 if (saddr) {
573 memcpy(&fl.fl6_src, saddr, sizeof(*saddr));
574 flags |= RT6_LOOKUP_F_HAS_SADDR;
575 }
576
577 dst = fib6_rule_lookup(net, &fl, flags, ip6_pol_route_lookup);
578 if (dst->error == 0)
579 return (struct rt6_info *) dst;
580
581 dst_release(dst);
582
583 return NULL;
584 }
585
586 EXPORT_SYMBOL(rt6_lookup);
587
588 /* ip6_ins_rt is called with FREE table->tb6_lock.
589 It takes new route entry, the addition fails by any reason the
590 route is freed. In any case, if caller does not hold it, it may
591 be destroyed.
592 */
593
594 static int __ip6_ins_rt(struct rt6_info *rt, struct nl_info *info)
595 {
596 int err;
597 struct fib6_table *table;
598
599 table = rt->rt6i_table;
600 write_lock_bh(&table->tb6_lock);
601 err = fib6_add(&table->tb6_root, rt, info);
602 write_unlock_bh(&table->tb6_lock);
603
604 return err;
605 }
606
607 int ip6_ins_rt(struct rt6_info *rt)
608 {
609 struct nl_info info = {
610 .nl_net = dev_net(rt->rt6i_dev),
611 };
612 return __ip6_ins_rt(rt, &info);
613 }
614
615 static struct rt6_info *rt6_alloc_cow(struct rt6_info *ort, struct in6_addr *daddr,
616 struct in6_addr *saddr)
617 {
618 struct rt6_info *rt;
619
620 /*
621 * Clone the route.
622 */
623
624 rt = ip6_rt_copy(ort);
625
626 if (rt) {
627 struct neighbour *neigh;
628 int attempts = !in_softirq();
629
630 if (!(rt->rt6i_flags&RTF_GATEWAY)) {
631 if (rt->rt6i_dst.plen != 128 &&
632 ipv6_addr_equal(&rt->rt6i_dst.addr, daddr))
633 rt->rt6i_flags |= RTF_ANYCAST;
634 ipv6_addr_copy(&rt->rt6i_gateway, daddr);
635 }
636
637 ipv6_addr_copy(&rt->rt6i_dst.addr, daddr);
638 rt->rt6i_dst.plen = 128;
639 rt->rt6i_flags |= RTF_CACHE;
640 rt->dst.flags |= DST_HOST;
641
642 #ifdef CONFIG_IPV6_SUBTREES
643 if (rt->rt6i_src.plen && saddr) {
644 ipv6_addr_copy(&rt->rt6i_src.addr, saddr);
645 rt->rt6i_src.plen = 128;
646 }
647 #endif
648
649 retry:
650 neigh = ndisc_get_neigh(rt->rt6i_dev, &rt->rt6i_gateway);
651 if (IS_ERR(neigh)) {
652 struct net *net = dev_net(rt->rt6i_dev);
653 int saved_rt_min_interval =
654 net->ipv6.sysctl.ip6_rt_gc_min_interval;
655 int saved_rt_elasticity =
656 net->ipv6.sysctl.ip6_rt_gc_elasticity;
657
658 if (attempts-- > 0) {
659 net->ipv6.sysctl.ip6_rt_gc_elasticity = 1;
660 net->ipv6.sysctl.ip6_rt_gc_min_interval = 0;
661
662 ip6_dst_gc(&net->ipv6.ip6_dst_ops);
663
664 net->ipv6.sysctl.ip6_rt_gc_elasticity =
665 saved_rt_elasticity;
666 net->ipv6.sysctl.ip6_rt_gc_min_interval =
667 saved_rt_min_interval;
668 goto retry;
669 }
670
671 if (net_ratelimit())
672 printk(KERN_WARNING
673 "Neighbour table overflow.\n");
674 dst_free(&rt->dst);
675 return NULL;
676 }
677 rt->rt6i_nexthop = neigh;
678
679 }
680
681 return rt;
682 }
683
684 static struct rt6_info *rt6_alloc_clone(struct rt6_info *ort, struct in6_addr *daddr)
685 {
686 struct rt6_info *rt = ip6_rt_copy(ort);
687 if (rt) {
688 ipv6_addr_copy(&rt->rt6i_dst.addr, daddr);
689 rt->rt6i_dst.plen = 128;
690 rt->rt6i_flags |= RTF_CACHE;
691 rt->dst.flags |= DST_HOST;
692 rt->rt6i_nexthop = neigh_clone(ort->rt6i_nexthop);
693 }
694 return rt;
695 }
696
697 static struct rt6_info *ip6_pol_route(struct net *net, struct fib6_table *table, int oif,
698 struct flowi *fl, int flags)
699 {
700 struct fib6_node *fn;
701 struct rt6_info *rt, *nrt;
702 int strict = 0;
703 int attempts = 3;
704 int err;
705 int reachable = net->ipv6.devconf_all->forwarding ? 0 : RT6_LOOKUP_F_REACHABLE;
706
707 strict |= flags & RT6_LOOKUP_F_IFACE;
708
709 relookup:
710 read_lock_bh(&table->tb6_lock);
711
712 restart_2:
713 fn = fib6_lookup(&table->tb6_root, &fl->fl6_dst, &fl->fl6_src);
714
715 restart:
716 rt = rt6_select(fn, oif, strict | reachable);
717
718 BACKTRACK(net, &fl->fl6_src);
719 if (rt == net->ipv6.ip6_null_entry ||
720 rt->rt6i_flags & RTF_CACHE)
721 goto out;
722
723 dst_hold(&rt->dst);
724 read_unlock_bh(&table->tb6_lock);
725
726 if (!rt->rt6i_nexthop && !(rt->rt6i_flags & RTF_NONEXTHOP))
727 nrt = rt6_alloc_cow(rt, &fl->fl6_dst, &fl->fl6_src);
728 else {
729 #if CLONE_OFFLINK_ROUTE
730 nrt = rt6_alloc_clone(rt, &fl->fl6_dst);
731 #else
732 goto out2;
733 #endif
734 }
735
736 dst_release(&rt->dst);
737 rt = nrt ? : net->ipv6.ip6_null_entry;
738
739 dst_hold(&rt->dst);
740 if (nrt) {
741 err = ip6_ins_rt(nrt);
742 if (!err)
743 goto out2;
744 }
745
746 if (--attempts <= 0)
747 goto out2;
748
749 /*
750 * Race condition! In the gap, when table->tb6_lock was
751 * released someone could insert this route. Relookup.
752 */
753 dst_release(&rt->dst);
754 goto relookup;
755
756 out:
757 if (reachable) {
758 reachable = 0;
759 goto restart_2;
760 }
761 dst_hold(&rt->dst);
762 read_unlock_bh(&table->tb6_lock);
763 out2:
764 rt->dst.lastuse = jiffies;
765 rt->dst.__use++;
766
767 return rt;
768 }
769
770 static struct rt6_info *ip6_pol_route_input(struct net *net, struct fib6_table *table,
771 struct flowi *fl, int flags)
772 {
773 return ip6_pol_route(net, table, fl->iif, fl, flags);
774 }
775
776 void ip6_route_input(struct sk_buff *skb)
777 {
778 struct ipv6hdr *iph = ipv6_hdr(skb);
779 struct net *net = dev_net(skb->dev);
780 int flags = RT6_LOOKUP_F_HAS_SADDR;
781 struct flowi fl = {
782 .iif = skb->dev->ifindex,
783 .nl_u = {
784 .ip6_u = {
785 .daddr = iph->daddr,
786 .saddr = iph->saddr,
787 .flowlabel = (* (__be32 *) iph)&IPV6_FLOWINFO_MASK,
788 },
789 },
790 .mark = skb->mark,
791 .proto = iph->nexthdr,
792 };
793
794 if (rt6_need_strict(&iph->daddr) && skb->dev->type != ARPHRD_PIMREG)
795 flags |= RT6_LOOKUP_F_IFACE;
796
797 skb_dst_set(skb, fib6_rule_lookup(net, &fl, flags, ip6_pol_route_input));
798 }
799
800 static struct rt6_info *ip6_pol_route_output(struct net *net, struct fib6_table *table,
801 struct flowi *fl, int flags)
802 {
803 return ip6_pol_route(net, table, fl->oif, fl, flags);
804 }
805
806 struct dst_entry * ip6_route_output(struct net *net, struct sock *sk,
807 struct flowi *fl)
808 {
809 int flags = 0;
810
811 if ((sk && sk->sk_bound_dev_if) || rt6_need_strict(&fl->fl6_dst))
812 flags |= RT6_LOOKUP_F_IFACE;
813
814 if (!ipv6_addr_any(&fl->fl6_src))
815 flags |= RT6_LOOKUP_F_HAS_SADDR;
816 else if (sk)
817 flags |= rt6_srcprefs2flags(inet6_sk(sk)->srcprefs);
818
819 return fib6_rule_lookup(net, fl, flags, ip6_pol_route_output);
820 }
821
822 EXPORT_SYMBOL(ip6_route_output);
823
824 int ip6_dst_blackhole(struct sock *sk, struct dst_entry **dstp, struct flowi *fl)
825 {
826 struct rt6_info *ort = (struct rt6_info *) *dstp;
827 struct rt6_info *rt = (struct rt6_info *)
828 dst_alloc(&ip6_dst_blackhole_ops);
829 struct dst_entry *new = NULL;
830
831 if (rt) {
832 new = &rt->dst;
833
834 atomic_set(&new->__refcnt, 1);
835 new->__use = 1;
836 new->input = dst_discard;
837 new->output = dst_discard;
838
839 memcpy(new->metrics, ort->dst.metrics, RTAX_MAX*sizeof(u32));
840 new->dev = ort->dst.dev;
841 if (new->dev)
842 dev_hold(new->dev);
843 rt->rt6i_idev = ort->rt6i_idev;
844 if (rt->rt6i_idev)
845 in6_dev_hold(rt->rt6i_idev);
846 rt->rt6i_expires = 0;
847
848 ipv6_addr_copy(&rt->rt6i_gateway, &ort->rt6i_gateway);
849 rt->rt6i_flags = ort->rt6i_flags & ~RTF_EXPIRES;
850 rt->rt6i_metric = 0;
851
852 memcpy(&rt->rt6i_dst, &ort->rt6i_dst, sizeof(struct rt6key));
853 #ifdef CONFIG_IPV6_SUBTREES
854 memcpy(&rt->rt6i_src, &ort->rt6i_src, sizeof(struct rt6key));
855 #endif
856
857 dst_free(new);
858 }
859
860 dst_release(*dstp);
861 *dstp = new;
862 return (new ? 0 : -ENOMEM);
863 }
864 EXPORT_SYMBOL_GPL(ip6_dst_blackhole);
865
866 /*
867 * Destination cache support functions
868 */
869
870 static struct dst_entry *ip6_dst_check(struct dst_entry *dst, u32 cookie)
871 {
872 struct rt6_info *rt;
873
874 rt = (struct rt6_info *) dst;
875
876 if (rt->rt6i_node && (rt->rt6i_node->fn_sernum == cookie))
877 return dst;
878
879 return NULL;
880 }
881
882 static struct dst_entry *ip6_negative_advice(struct dst_entry *dst)
883 {
884 struct rt6_info *rt = (struct rt6_info *) dst;
885
886 if (rt) {
887 if (rt->rt6i_flags & RTF_CACHE) {
888 if (rt6_check_expired(rt)) {
889 ip6_del_rt(rt);
890 dst = NULL;
891 }
892 } else {
893 dst_release(dst);
894 dst = NULL;
895 }
896 }
897 return dst;
898 }
899
900 static void ip6_link_failure(struct sk_buff *skb)
901 {
902 struct rt6_info *rt;
903
904 icmpv6_send(skb, ICMPV6_DEST_UNREACH, ICMPV6_ADDR_UNREACH, 0);
905
906 rt = (struct rt6_info *) skb_dst(skb);
907 if (rt) {
908 if (rt->rt6i_flags&RTF_CACHE) {
909 dst_set_expires(&rt->dst, 0);
910 rt->rt6i_flags |= RTF_EXPIRES;
911 } else if (rt->rt6i_node && (rt->rt6i_flags & RTF_DEFAULT))
912 rt->rt6i_node->fn_sernum = -1;
913 }
914 }
915
916 static void ip6_rt_update_pmtu(struct dst_entry *dst, u32 mtu)
917 {
918 struct rt6_info *rt6 = (struct rt6_info*)dst;
919
920 if (mtu < dst_mtu(dst) && rt6->rt6i_dst.plen == 128) {
921 rt6->rt6i_flags |= RTF_MODIFIED;
922 if (mtu < IPV6_MIN_MTU) {
923 mtu = IPV6_MIN_MTU;
924 dst->metrics[RTAX_FEATURES-1] |= RTAX_FEATURE_ALLFRAG;
925 }
926 dst->metrics[RTAX_MTU-1] = mtu;
927 call_netevent_notifiers(NETEVENT_PMTU_UPDATE, dst);
928 }
929 }
930
931 static int ipv6_get_mtu(struct net_device *dev);
932
933 static inline unsigned int ipv6_advmss(struct net *net, unsigned int mtu)
934 {
935 mtu -= sizeof(struct ipv6hdr) + sizeof(struct tcphdr);
936
937 if (mtu < net->ipv6.sysctl.ip6_rt_min_advmss)
938 mtu = net->ipv6.sysctl.ip6_rt_min_advmss;
939
940 /*
941 * Maximal non-jumbo IPv6 payload is IPV6_MAXPLEN and
942 * corresponding MSS is IPV6_MAXPLEN - tcp_header_size.
943 * IPV6_MAXPLEN is also valid and means: "any MSS,
944 * rely only on pmtu discovery"
945 */
946 if (mtu > IPV6_MAXPLEN - sizeof(struct tcphdr))
947 mtu = IPV6_MAXPLEN;
948 return mtu;
949 }
950
951 static struct dst_entry *icmp6_dst_gc_list;
952 static DEFINE_SPINLOCK(icmp6_dst_lock);
953
954 struct dst_entry *icmp6_dst_alloc(struct net_device *dev,
955 struct neighbour *neigh,
956 const struct in6_addr *addr)
957 {
958 struct rt6_info *rt;
959 struct inet6_dev *idev = in6_dev_get(dev);
960 struct net *net = dev_net(dev);
961
962 if (unlikely(idev == NULL))
963 return NULL;
964
965 rt = ip6_dst_alloc(&net->ipv6.ip6_dst_ops);
966 if (unlikely(rt == NULL)) {
967 in6_dev_put(idev);
968 goto out;
969 }
970
971 dev_hold(dev);
972 if (neigh)
973 neigh_hold(neigh);
974 else {
975 neigh = ndisc_get_neigh(dev, addr);
976 if (IS_ERR(neigh))
977 neigh = NULL;
978 }
979
980 rt->rt6i_dev = dev;
981 rt->rt6i_idev = idev;
982 rt->rt6i_nexthop = neigh;
983 atomic_set(&rt->dst.__refcnt, 1);
984 rt->dst.metrics[RTAX_HOPLIMIT-1] = 255;
985 rt->dst.metrics[RTAX_MTU-1] = ipv6_get_mtu(rt->rt6i_dev);
986 rt->dst.metrics[RTAX_ADVMSS-1] = ipv6_advmss(net, dst_mtu(&rt->dst));
987 rt->dst.output = ip6_output;
988
989 #if 0 /* there's no chance to use these for ndisc */
990 rt->dst.flags = ipv6_addr_type(addr) & IPV6_ADDR_UNICAST
991 ? DST_HOST
992 : 0;
993 ipv6_addr_copy(&rt->rt6i_dst.addr, addr);
994 rt->rt6i_dst.plen = 128;
995 #endif
996
997 spin_lock_bh(&icmp6_dst_lock);
998 rt->dst.next = icmp6_dst_gc_list;
999 icmp6_dst_gc_list = &rt->dst;
1000 spin_unlock_bh(&icmp6_dst_lock);
1001
1002 fib6_force_start_gc(net);
1003
1004 out:
1005 return &rt->dst;
1006 }
1007
1008 int icmp6_dst_gc(void)
1009 {
1010 struct dst_entry *dst, *next, **pprev;
1011 int more = 0;
1012
1013 next = NULL;
1014
1015 spin_lock_bh(&icmp6_dst_lock);
1016 pprev = &icmp6_dst_gc_list;
1017
1018 while ((dst = *pprev) != NULL) {
1019 if (!atomic_read(&dst->__refcnt)) {
1020 *pprev = dst->next;
1021 dst_free(dst);
1022 } else {
1023 pprev = &dst->next;
1024 ++more;
1025 }
1026 }
1027
1028 spin_unlock_bh(&icmp6_dst_lock);
1029
1030 return more;
1031 }
1032
1033 static void icmp6_clean_all(int (*func)(struct rt6_info *rt, void *arg),
1034 void *arg)
1035 {
1036 struct dst_entry *dst, **pprev;
1037
1038 spin_lock_bh(&icmp6_dst_lock);
1039 pprev = &icmp6_dst_gc_list;
1040 while ((dst = *pprev) != NULL) {
1041 struct rt6_info *rt = (struct rt6_info *) dst;
1042 if (func(rt, arg)) {
1043 *pprev = dst->next;
1044 dst_free(dst);
1045 } else {
1046 pprev = &dst->next;
1047 }
1048 }
1049 spin_unlock_bh(&icmp6_dst_lock);
1050 }
1051
1052 static int ip6_dst_gc(struct dst_ops *ops)
1053 {
1054 unsigned long now = jiffies;
1055 struct net *net = container_of(ops, struct net, ipv6.ip6_dst_ops);
1056 int rt_min_interval = net->ipv6.sysctl.ip6_rt_gc_min_interval;
1057 int rt_max_size = net->ipv6.sysctl.ip6_rt_max_size;
1058 int rt_elasticity = net->ipv6.sysctl.ip6_rt_gc_elasticity;
1059 int rt_gc_timeout = net->ipv6.sysctl.ip6_rt_gc_timeout;
1060 unsigned long rt_last_gc = net->ipv6.ip6_rt_last_gc;
1061
1062 if (time_after(rt_last_gc + rt_min_interval, now) &&
1063 atomic_read(&ops->entries) <= rt_max_size)
1064 goto out;
1065
1066 net->ipv6.ip6_rt_gc_expire++;
1067 fib6_run_gc(net->ipv6.ip6_rt_gc_expire, net);
1068 net->ipv6.ip6_rt_last_gc = now;
1069 if (atomic_read(&ops->entries) < ops->gc_thresh)
1070 net->ipv6.ip6_rt_gc_expire = rt_gc_timeout>>1;
1071 out:
1072 net->ipv6.ip6_rt_gc_expire -= net->ipv6.ip6_rt_gc_expire>>rt_elasticity;
1073 return (atomic_read(&ops->entries) > rt_max_size);
1074 }
1075
1076 /* Clean host part of a prefix. Not necessary in radix tree,
1077 but results in cleaner routing tables.
1078
1079 Remove it only when all the things will work!
1080 */
1081
1082 static int ipv6_get_mtu(struct net_device *dev)
1083 {
1084 int mtu = IPV6_MIN_MTU;
1085 struct inet6_dev *idev;
1086
1087 idev = in6_dev_get(dev);
1088 if (idev) {
1089 mtu = idev->cnf.mtu6;
1090 in6_dev_put(idev);
1091 }
1092 return mtu;
1093 }
1094
1095 int ip6_dst_hoplimit(struct dst_entry *dst)
1096 {
1097 int hoplimit = dst_metric(dst, RTAX_HOPLIMIT);
1098 if (hoplimit < 0) {
1099 struct net_device *dev = dst->dev;
1100 struct inet6_dev *idev = in6_dev_get(dev);
1101 if (idev) {
1102 hoplimit = idev->cnf.hop_limit;
1103 in6_dev_put(idev);
1104 } else
1105 hoplimit = dev_net(dev)->ipv6.devconf_all->hop_limit;
1106 }
1107 return hoplimit;
1108 }
1109
1110 /*
1111 *
1112 */
1113
1114 int ip6_route_add(struct fib6_config *cfg)
1115 {
1116 int err;
1117 struct net *net = cfg->fc_nlinfo.nl_net;
1118 struct rt6_info *rt = NULL;
1119 struct net_device *dev = NULL;
1120 struct inet6_dev *idev = NULL;
1121 struct fib6_table *table;
1122 int addr_type;
1123
1124 if (cfg->fc_dst_len > 128 || cfg->fc_src_len > 128)
1125 return -EINVAL;
1126 #ifndef CONFIG_IPV6_SUBTREES
1127 if (cfg->fc_src_len)
1128 return -EINVAL;
1129 #endif
1130 if (cfg->fc_ifindex) {
1131 err = -ENODEV;
1132 dev = dev_get_by_index(net, cfg->fc_ifindex);
1133 if (!dev)
1134 goto out;
1135 idev = in6_dev_get(dev);
1136 if (!idev)
1137 goto out;
1138 }
1139
1140 if (cfg->fc_metric == 0)
1141 cfg->fc_metric = IP6_RT_PRIO_USER;
1142
1143 table = fib6_new_table(net, cfg->fc_table);
1144 if (table == NULL) {
1145 err = -ENOBUFS;
1146 goto out;
1147 }
1148
1149 rt = ip6_dst_alloc(&net->ipv6.ip6_dst_ops);
1150
1151 if (rt == NULL) {
1152 err = -ENOMEM;
1153 goto out;
1154 }
1155
1156 rt->dst.obsolete = -1;
1157 rt->rt6i_expires = (cfg->fc_flags & RTF_EXPIRES) ?
1158 jiffies + clock_t_to_jiffies(cfg->fc_expires) :
1159 0;
1160
1161 if (cfg->fc_protocol == RTPROT_UNSPEC)
1162 cfg->fc_protocol = RTPROT_BOOT;
1163 rt->rt6i_protocol = cfg->fc_protocol;
1164
1165 addr_type = ipv6_addr_type(&cfg->fc_dst);
1166
1167 if (addr_type & IPV6_ADDR_MULTICAST)
1168 rt->dst.input = ip6_mc_input;
1169 else
1170 rt->dst.input = ip6_forward;
1171
1172 rt->dst.output = ip6_output;
1173
1174 ipv6_addr_prefix(&rt->rt6i_dst.addr, &cfg->fc_dst, cfg->fc_dst_len);
1175 rt->rt6i_dst.plen = cfg->fc_dst_len;
1176 if (rt->rt6i_dst.plen == 128)
1177 rt->dst.flags = DST_HOST;
1178
1179 #ifdef CONFIG_IPV6_SUBTREES
1180 ipv6_addr_prefix(&rt->rt6i_src.addr, &cfg->fc_src, cfg->fc_src_len);
1181 rt->rt6i_src.plen = cfg->fc_src_len;
1182 #endif
1183
1184 rt->rt6i_metric = cfg->fc_metric;
1185
1186 /* We cannot add true routes via loopback here,
1187 they would result in kernel looping; promote them to reject routes
1188 */
1189 if ((cfg->fc_flags & RTF_REJECT) ||
1190 (dev && (dev->flags&IFF_LOOPBACK) && !(addr_type&IPV6_ADDR_LOOPBACK))) {
1191 /* hold loopback dev/idev if we haven't done so. */
1192 if (dev != net->loopback_dev) {
1193 if (dev) {
1194 dev_put(dev);
1195 in6_dev_put(idev);
1196 }
1197 dev = net->loopback_dev;
1198 dev_hold(dev);
1199 idev = in6_dev_get(dev);
1200 if (!idev) {
1201 err = -ENODEV;
1202 goto out;
1203 }
1204 }
1205 rt->dst.output = ip6_pkt_discard_out;
1206 rt->dst.input = ip6_pkt_discard;
1207 rt->dst.error = -ENETUNREACH;
1208 rt->rt6i_flags = RTF_REJECT|RTF_NONEXTHOP;
1209 goto install_route;
1210 }
1211
1212 if (cfg->fc_flags & RTF_GATEWAY) {
1213 struct in6_addr *gw_addr;
1214 int gwa_type;
1215
1216 gw_addr = &cfg->fc_gateway;
1217 ipv6_addr_copy(&rt->rt6i_gateway, gw_addr);
1218 gwa_type = ipv6_addr_type(gw_addr);
1219
1220 if (gwa_type != (IPV6_ADDR_LINKLOCAL|IPV6_ADDR_UNICAST)) {
1221 struct rt6_info *grt;
1222
1223 /* IPv6 strictly inhibits using not link-local
1224 addresses as nexthop address.
1225 Otherwise, router will not able to send redirects.
1226 It is very good, but in some (rare!) circumstances
1227 (SIT, PtP, NBMA NOARP links) it is handy to allow
1228 some exceptions. --ANK
1229 */
1230 err = -EINVAL;
1231 if (!(gwa_type&IPV6_ADDR_UNICAST))
1232 goto out;
1233
1234 grt = rt6_lookup(net, gw_addr, NULL, cfg->fc_ifindex, 1);
1235
1236 err = -EHOSTUNREACH;
1237 if (grt == NULL)
1238 goto out;
1239 if (dev) {
1240 if (dev != grt->rt6i_dev) {
1241 dst_release(&grt->dst);
1242 goto out;
1243 }
1244 } else {
1245 dev = grt->rt6i_dev;
1246 idev = grt->rt6i_idev;
1247 dev_hold(dev);
1248 in6_dev_hold(grt->rt6i_idev);
1249 }
1250 if (!(grt->rt6i_flags&RTF_GATEWAY))
1251 err = 0;
1252 dst_release(&grt->dst);
1253
1254 if (err)
1255 goto out;
1256 }
1257 err = -EINVAL;
1258 if (dev == NULL || (dev->flags&IFF_LOOPBACK))
1259 goto out;
1260 }
1261
1262 err = -ENODEV;
1263 if (dev == NULL)
1264 goto out;
1265
1266 if (cfg->fc_flags & (RTF_GATEWAY | RTF_NONEXTHOP)) {
1267 rt->rt6i_nexthop = __neigh_lookup_errno(&nd_tbl, &rt->rt6i_gateway, dev);
1268 if (IS_ERR(rt->rt6i_nexthop)) {
1269 err = PTR_ERR(rt->rt6i_nexthop);
1270 rt->rt6i_nexthop = NULL;
1271 goto out;
1272 }
1273 }
1274
1275 rt->rt6i_flags = cfg->fc_flags;
1276
1277 install_route:
1278 if (cfg->fc_mx) {
1279 struct nlattr *nla;
1280 int remaining;
1281
1282 nla_for_each_attr(nla, cfg->fc_mx, cfg->fc_mx_len, remaining) {
1283 int type = nla_type(nla);
1284
1285 if (type) {
1286 if (type > RTAX_MAX) {
1287 err = -EINVAL;
1288 goto out;
1289 }
1290
1291 rt->dst.metrics[type - 1] = nla_get_u32(nla);
1292 }
1293 }
1294 }
1295
1296 if (dst_metric(&rt->dst, RTAX_HOPLIMIT) == 0)
1297 rt->dst.metrics[RTAX_HOPLIMIT-1] = -1;
1298 if (!dst_mtu(&rt->dst))
1299 rt->dst.metrics[RTAX_MTU-1] = ipv6_get_mtu(dev);
1300 if (!dst_metric(&rt->dst, RTAX_ADVMSS))
1301 rt->dst.metrics[RTAX_ADVMSS-1] = ipv6_advmss(net, dst_mtu(&rt->dst));
1302 rt->dst.dev = dev;
1303 rt->rt6i_idev = idev;
1304 rt->rt6i_table = table;
1305
1306 cfg->fc_nlinfo.nl_net = dev_net(dev);
1307
1308 return __ip6_ins_rt(rt, &cfg->fc_nlinfo);
1309
1310 out:
1311 if (dev)
1312 dev_put(dev);
1313 if (idev)
1314 in6_dev_put(idev);
1315 if (rt)
1316 dst_free(&rt->dst);
1317 return err;
1318 }
1319
1320 static int __ip6_del_rt(struct rt6_info *rt, struct nl_info *info)
1321 {
1322 int err;
1323 struct fib6_table *table;
1324 struct net *net = dev_net(rt->rt6i_dev);
1325
1326 if (rt == net->ipv6.ip6_null_entry)
1327 return -ENOENT;
1328
1329 table = rt->rt6i_table;
1330 write_lock_bh(&table->tb6_lock);
1331
1332 err = fib6_del(rt, info);
1333 dst_release(&rt->dst);
1334
1335 write_unlock_bh(&table->tb6_lock);
1336
1337 return err;
1338 }
1339
1340 int ip6_del_rt(struct rt6_info *rt)
1341 {
1342 struct nl_info info = {
1343 .nl_net = dev_net(rt->rt6i_dev),
1344 };
1345 return __ip6_del_rt(rt, &info);
1346 }
1347
1348 static int ip6_route_del(struct fib6_config *cfg)
1349 {
1350 struct fib6_table *table;
1351 struct fib6_node *fn;
1352 struct rt6_info *rt;
1353 int err = -ESRCH;
1354
1355 table = fib6_get_table(cfg->fc_nlinfo.nl_net, cfg->fc_table);
1356 if (table == NULL)
1357 return err;
1358
1359 read_lock_bh(&table->tb6_lock);
1360
1361 fn = fib6_locate(&table->tb6_root,
1362 &cfg->fc_dst, cfg->fc_dst_len,
1363 &cfg->fc_src, cfg->fc_src_len);
1364
1365 if (fn) {
1366 for (rt = fn->leaf; rt; rt = rt->dst.rt6_next) {
1367 if (cfg->fc_ifindex &&
1368 (rt->rt6i_dev == NULL ||
1369 rt->rt6i_dev->ifindex != cfg->fc_ifindex))
1370 continue;
1371 if (cfg->fc_flags & RTF_GATEWAY &&
1372 !ipv6_addr_equal(&cfg->fc_gateway, &rt->rt6i_gateway))
1373 continue;
1374 if (cfg->fc_metric && cfg->fc_metric != rt->rt6i_metric)
1375 continue;
1376 dst_hold(&rt->dst);
1377 read_unlock_bh(&table->tb6_lock);
1378
1379 return __ip6_del_rt(rt, &cfg->fc_nlinfo);
1380 }
1381 }
1382 read_unlock_bh(&table->tb6_lock);
1383
1384 return err;
1385 }
1386
1387 /*
1388 * Handle redirects
1389 */
1390 struct ip6rd_flowi {
1391 struct flowi fl;
1392 struct in6_addr gateway;
1393 };
1394
1395 static struct rt6_info *__ip6_route_redirect(struct net *net,
1396 struct fib6_table *table,
1397 struct flowi *fl,
1398 int flags)
1399 {
1400 struct ip6rd_flowi *rdfl = (struct ip6rd_flowi *)fl;
1401 struct rt6_info *rt;
1402 struct fib6_node *fn;
1403
1404 /*
1405 * Get the "current" route for this destination and
1406 * check if the redirect has come from approriate router.
1407 *
1408 * RFC 2461 specifies that redirects should only be
1409 * accepted if they come from the nexthop to the target.
1410 * Due to the way the routes are chosen, this notion
1411 * is a bit fuzzy and one might need to check all possible
1412 * routes.
1413 */
1414
1415 read_lock_bh(&table->tb6_lock);
1416 fn = fib6_lookup(&table->tb6_root, &fl->fl6_dst, &fl->fl6_src);
1417 restart:
1418 for (rt = fn->leaf; rt; rt = rt->dst.rt6_next) {
1419 /*
1420 * Current route is on-link; redirect is always invalid.
1421 *
1422 * Seems, previous statement is not true. It could
1423 * be node, which looks for us as on-link (f.e. proxy ndisc)
1424 * But then router serving it might decide, that we should
1425 * know truth 8)8) --ANK (980726).
1426 */
1427 if (rt6_check_expired(rt))
1428 continue;
1429 if (!(rt->rt6i_flags & RTF_GATEWAY))
1430 continue;
1431 if (fl->oif != rt->rt6i_dev->ifindex)
1432 continue;
1433 if (!ipv6_addr_equal(&rdfl->gateway, &rt->rt6i_gateway))
1434 continue;
1435 break;
1436 }
1437
1438 if (!rt)
1439 rt = net->ipv6.ip6_null_entry;
1440 BACKTRACK(net, &fl->fl6_src);
1441 out:
1442 dst_hold(&rt->dst);
1443
1444 read_unlock_bh(&table->tb6_lock);
1445
1446 return rt;
1447 };
1448
1449 static struct rt6_info *ip6_route_redirect(struct in6_addr *dest,
1450 struct in6_addr *src,
1451 struct in6_addr *gateway,
1452 struct net_device *dev)
1453 {
1454 int flags = RT6_LOOKUP_F_HAS_SADDR;
1455 struct net *net = dev_net(dev);
1456 struct ip6rd_flowi rdfl = {
1457 .fl = {
1458 .oif = dev->ifindex,
1459 .nl_u = {
1460 .ip6_u = {
1461 .daddr = *dest,
1462 .saddr = *src,
1463 },
1464 },
1465 },
1466 };
1467
1468 ipv6_addr_copy(&rdfl.gateway, gateway);
1469
1470 if (rt6_need_strict(dest))
1471 flags |= RT6_LOOKUP_F_IFACE;
1472
1473 return (struct rt6_info *)fib6_rule_lookup(net, (struct flowi *)&rdfl,
1474 flags, __ip6_route_redirect);
1475 }
1476
1477 void rt6_redirect(struct in6_addr *dest, struct in6_addr *src,
1478 struct in6_addr *saddr,
1479 struct neighbour *neigh, u8 *lladdr, int on_link)
1480 {
1481 struct rt6_info *rt, *nrt = NULL;
1482 struct netevent_redirect netevent;
1483 struct net *net = dev_net(neigh->dev);
1484
1485 rt = ip6_route_redirect(dest, src, saddr, neigh->dev);
1486
1487 if (rt == net->ipv6.ip6_null_entry) {
1488 if (net_ratelimit())
1489 printk(KERN_DEBUG "rt6_redirect: source isn't a valid nexthop "
1490 "for redirect target\n");
1491 goto out;
1492 }
1493
1494 /*
1495 * We have finally decided to accept it.
1496 */
1497
1498 neigh_update(neigh, lladdr, NUD_STALE,
1499 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1500 NEIGH_UPDATE_F_OVERRIDE|
1501 (on_link ? 0 : (NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1502 NEIGH_UPDATE_F_ISROUTER))
1503 );
1504
1505 /*
1506 * Redirect received -> path was valid.
1507 * Look, redirects are sent only in response to data packets,
1508 * so that this nexthop apparently is reachable. --ANK
1509 */
1510 dst_confirm(&rt->dst);
1511
1512 /* Duplicate redirect: silently ignore. */
1513 if (neigh == rt->dst.neighbour)
1514 goto out;
1515
1516 nrt = ip6_rt_copy(rt);
1517 if (nrt == NULL)
1518 goto out;
1519
1520 nrt->rt6i_flags = RTF_GATEWAY|RTF_UP|RTF_DYNAMIC|RTF_CACHE;
1521 if (on_link)
1522 nrt->rt6i_flags &= ~RTF_GATEWAY;
1523
1524 ipv6_addr_copy(&nrt->rt6i_dst.addr, dest);
1525 nrt->rt6i_dst.plen = 128;
1526 nrt->dst.flags |= DST_HOST;
1527
1528 ipv6_addr_copy(&nrt->rt6i_gateway, (struct in6_addr*)neigh->primary_key);
1529 nrt->rt6i_nexthop = neigh_clone(neigh);
1530 /* Reset pmtu, it may be better */
1531 nrt->dst.metrics[RTAX_MTU-1] = ipv6_get_mtu(neigh->dev);
1532 nrt->dst.metrics[RTAX_ADVMSS-1] = ipv6_advmss(dev_net(neigh->dev),
1533 dst_mtu(&nrt->dst));
1534
1535 if (ip6_ins_rt(nrt))
1536 goto out;
1537
1538 netevent.old = &rt->dst;
1539 netevent.new = &nrt->dst;
1540 call_netevent_notifiers(NETEVENT_REDIRECT, &netevent);
1541
1542 if (rt->rt6i_flags&RTF_CACHE) {
1543 ip6_del_rt(rt);
1544 return;
1545 }
1546
1547 out:
1548 dst_release(&rt->dst);
1549 }
1550
1551 /*
1552 * Handle ICMP "packet too big" messages
1553 * i.e. Path MTU discovery
1554 */
1555
1556 void rt6_pmtu_discovery(struct in6_addr *daddr, struct in6_addr *saddr,
1557 struct net_device *dev, u32 pmtu)
1558 {
1559 struct rt6_info *rt, *nrt;
1560 struct net *net = dev_net(dev);
1561 int allfrag = 0;
1562
1563 rt = rt6_lookup(net, daddr, saddr, dev->ifindex, 0);
1564 if (rt == NULL)
1565 return;
1566
1567 if (pmtu >= dst_mtu(&rt->dst))
1568 goto out;
1569
1570 if (pmtu < IPV6_MIN_MTU) {
1571 /*
1572 * According to RFC2460, PMTU is set to the IPv6 Minimum Link
1573 * MTU (1280) and a fragment header should always be included
1574 * after a node receiving Too Big message reporting PMTU is
1575 * less than the IPv6 Minimum Link MTU.
1576 */
1577 pmtu = IPV6_MIN_MTU;
1578 allfrag = 1;
1579 }
1580
1581 /* New mtu received -> path was valid.
1582 They are sent only in response to data packets,
1583 so that this nexthop apparently is reachable. --ANK
1584 */
1585 dst_confirm(&rt->dst);
1586
1587 /* Host route. If it is static, it would be better
1588 not to override it, but add new one, so that
1589 when cache entry will expire old pmtu
1590 would return automatically.
1591 */
1592 if (rt->rt6i_flags & RTF_CACHE) {
1593 rt->dst.metrics[RTAX_MTU-1] = pmtu;
1594 if (allfrag)
1595 rt->dst.metrics[RTAX_FEATURES-1] |= RTAX_FEATURE_ALLFRAG;
1596 dst_set_expires(&rt->dst, net->ipv6.sysctl.ip6_rt_mtu_expires);
1597 rt->rt6i_flags |= RTF_MODIFIED|RTF_EXPIRES;
1598 goto out;
1599 }
1600
1601 /* Network route.
1602 Two cases are possible:
1603 1. It is connected route. Action: COW
1604 2. It is gatewayed route or NONEXTHOP route. Action: clone it.
1605 */
1606 if (!rt->rt6i_nexthop && !(rt->rt6i_flags & RTF_NONEXTHOP))
1607 nrt = rt6_alloc_cow(rt, daddr, saddr);
1608 else
1609 nrt = rt6_alloc_clone(rt, daddr);
1610
1611 if (nrt) {
1612 nrt->dst.metrics[RTAX_MTU-1] = pmtu;
1613 if (allfrag)
1614 nrt->dst.metrics[RTAX_FEATURES-1] |= RTAX_FEATURE_ALLFRAG;
1615
1616 /* According to RFC 1981, detecting PMTU increase shouldn't be
1617 * happened within 5 mins, the recommended timer is 10 mins.
1618 * Here this route expiration time is set to ip6_rt_mtu_expires
1619 * which is 10 mins. After 10 mins the decreased pmtu is expired
1620 * and detecting PMTU increase will be automatically happened.
1621 */
1622 dst_set_expires(&nrt->dst, net->ipv6.sysctl.ip6_rt_mtu_expires);
1623 nrt->rt6i_flags |= RTF_DYNAMIC|RTF_EXPIRES;
1624
1625 ip6_ins_rt(nrt);
1626 }
1627 out:
1628 dst_release(&rt->dst);
1629 }
1630
1631 /*
1632 * Misc support functions
1633 */
1634
1635 static struct rt6_info * ip6_rt_copy(struct rt6_info *ort)
1636 {
1637 struct net *net = dev_net(ort->rt6i_dev);
1638 struct rt6_info *rt = ip6_dst_alloc(&net->ipv6.ip6_dst_ops);
1639
1640 if (rt) {
1641 rt->dst.input = ort->dst.input;
1642 rt->dst.output = ort->dst.output;
1643
1644 memcpy(rt->dst.metrics, ort->dst.metrics, RTAX_MAX*sizeof(u32));
1645 rt->dst.error = ort->dst.error;
1646 rt->dst.dev = ort->dst.dev;
1647 if (rt->dst.dev)
1648 dev_hold(rt->dst.dev);
1649 rt->rt6i_idev = ort->rt6i_idev;
1650 if (rt->rt6i_idev)
1651 in6_dev_hold(rt->rt6i_idev);
1652 rt->dst.lastuse = jiffies;
1653 rt->rt6i_expires = 0;
1654
1655 ipv6_addr_copy(&rt->rt6i_gateway, &ort->rt6i_gateway);
1656 rt->rt6i_flags = ort->rt6i_flags & ~RTF_EXPIRES;
1657 rt->rt6i_metric = 0;
1658
1659 memcpy(&rt->rt6i_dst, &ort->rt6i_dst, sizeof(struct rt6key));
1660 #ifdef CONFIG_IPV6_SUBTREES
1661 memcpy(&rt->rt6i_src, &ort->rt6i_src, sizeof(struct rt6key));
1662 #endif
1663 rt->rt6i_table = ort->rt6i_table;
1664 }
1665 return rt;
1666 }
1667
1668 #ifdef CONFIG_IPV6_ROUTE_INFO
1669 static struct rt6_info *rt6_get_route_info(struct net *net,
1670 struct in6_addr *prefix, int prefixlen,
1671 struct in6_addr *gwaddr, int ifindex)
1672 {
1673 struct fib6_node *fn;
1674 struct rt6_info *rt = NULL;
1675 struct fib6_table *table;
1676
1677 table = fib6_get_table(net, RT6_TABLE_INFO);
1678 if (table == NULL)
1679 return NULL;
1680
1681 write_lock_bh(&table->tb6_lock);
1682 fn = fib6_locate(&table->tb6_root, prefix ,prefixlen, NULL, 0);
1683 if (!fn)
1684 goto out;
1685
1686 for (rt = fn->leaf; rt; rt = rt->dst.rt6_next) {
1687 if (rt->rt6i_dev->ifindex != ifindex)
1688 continue;
1689 if ((rt->rt6i_flags & (RTF_ROUTEINFO|RTF_GATEWAY)) != (RTF_ROUTEINFO|RTF_GATEWAY))
1690 continue;
1691 if (!ipv6_addr_equal(&rt->rt6i_gateway, gwaddr))
1692 continue;
1693 dst_hold(&rt->dst);
1694 break;
1695 }
1696 out:
1697 write_unlock_bh(&table->tb6_lock);
1698 return rt;
1699 }
1700
1701 static struct rt6_info *rt6_add_route_info(struct net *net,
1702 struct in6_addr *prefix, int prefixlen,
1703 struct in6_addr *gwaddr, int ifindex,
1704 unsigned pref)
1705 {
1706 struct fib6_config cfg = {
1707 .fc_table = RT6_TABLE_INFO,
1708 .fc_metric = IP6_RT_PRIO_USER,
1709 .fc_ifindex = ifindex,
1710 .fc_dst_len = prefixlen,
1711 .fc_flags = RTF_GATEWAY | RTF_ADDRCONF | RTF_ROUTEINFO |
1712 RTF_UP | RTF_PREF(pref),
1713 .fc_nlinfo.pid = 0,
1714 .fc_nlinfo.nlh = NULL,
1715 .fc_nlinfo.nl_net = net,
1716 };
1717
1718 ipv6_addr_copy(&cfg.fc_dst, prefix);
1719 ipv6_addr_copy(&cfg.fc_gateway, gwaddr);
1720
1721 /* We should treat it as a default route if prefix length is 0. */
1722 if (!prefixlen)
1723 cfg.fc_flags |= RTF_DEFAULT;
1724
1725 ip6_route_add(&cfg);
1726
1727 return rt6_get_route_info(net, prefix, prefixlen, gwaddr, ifindex);
1728 }
1729 #endif
1730
1731 struct rt6_info *rt6_get_dflt_router(struct in6_addr *addr, struct net_device *dev)
1732 {
1733 struct rt6_info *rt;
1734 struct fib6_table *table;
1735
1736 table = fib6_get_table(dev_net(dev), RT6_TABLE_DFLT);
1737 if (table == NULL)
1738 return NULL;
1739
1740 write_lock_bh(&table->tb6_lock);
1741 for (rt = table->tb6_root.leaf; rt; rt=rt->dst.rt6_next) {
1742 if (dev == rt->rt6i_dev &&
1743 ((rt->rt6i_flags & (RTF_ADDRCONF | RTF_DEFAULT)) == (RTF_ADDRCONF | RTF_DEFAULT)) &&
1744 ipv6_addr_equal(&rt->rt6i_gateway, addr))
1745 break;
1746 }
1747 if (rt)
1748 dst_hold(&rt->dst);
1749 write_unlock_bh(&table->tb6_lock);
1750 return rt;
1751 }
1752
1753 struct rt6_info *rt6_add_dflt_router(struct in6_addr *gwaddr,
1754 struct net_device *dev,
1755 unsigned int pref)
1756 {
1757 struct fib6_config cfg = {
1758 .fc_table = RT6_TABLE_DFLT,
1759 .fc_metric = IP6_RT_PRIO_USER,
1760 .fc_ifindex = dev->ifindex,
1761 .fc_flags = RTF_GATEWAY | RTF_ADDRCONF | RTF_DEFAULT |
1762 RTF_UP | RTF_EXPIRES | RTF_PREF(pref),
1763 .fc_nlinfo.pid = 0,
1764 .fc_nlinfo.nlh = NULL,
1765 .fc_nlinfo.nl_net = dev_net(dev),
1766 };
1767
1768 ipv6_addr_copy(&cfg.fc_gateway, gwaddr);
1769
1770 ip6_route_add(&cfg);
1771
1772 return rt6_get_dflt_router(gwaddr, dev);
1773 }
1774
1775 void rt6_purge_dflt_routers(struct net *net)
1776 {
1777 struct rt6_info *rt;
1778 struct fib6_table *table;
1779
1780 /* NOTE: Keep consistent with rt6_get_dflt_router */
1781 table = fib6_get_table(net, RT6_TABLE_DFLT);
1782 if (table == NULL)
1783 return;
1784
1785 restart:
1786 read_lock_bh(&table->tb6_lock);
1787 for (rt = table->tb6_root.leaf; rt; rt = rt->dst.rt6_next) {
1788 if (rt->rt6i_flags & (RTF_DEFAULT | RTF_ADDRCONF)) {
1789 dst_hold(&rt->dst);
1790 read_unlock_bh(&table->tb6_lock);
1791 ip6_del_rt(rt);
1792 goto restart;
1793 }
1794 }
1795 read_unlock_bh(&table->tb6_lock);
1796 }
1797
1798 static void rtmsg_to_fib6_config(struct net *net,
1799 struct in6_rtmsg *rtmsg,
1800 struct fib6_config *cfg)
1801 {
1802 memset(cfg, 0, sizeof(*cfg));
1803
1804 cfg->fc_table = RT6_TABLE_MAIN;
1805 cfg->fc_ifindex = rtmsg->rtmsg_ifindex;
1806 cfg->fc_metric = rtmsg->rtmsg_metric;
1807 cfg->fc_expires = rtmsg->rtmsg_info;
1808 cfg->fc_dst_len = rtmsg->rtmsg_dst_len;
1809 cfg->fc_src_len = rtmsg->rtmsg_src_len;
1810 cfg->fc_flags = rtmsg->rtmsg_flags;
1811
1812 cfg->fc_nlinfo.nl_net = net;
1813
1814 ipv6_addr_copy(&cfg->fc_dst, &rtmsg->rtmsg_dst);
1815 ipv6_addr_copy(&cfg->fc_src, &rtmsg->rtmsg_src);
1816 ipv6_addr_copy(&cfg->fc_gateway, &rtmsg->rtmsg_gateway);
1817 }
1818
1819 int ipv6_route_ioctl(struct net *net, unsigned int cmd, void __user *arg)
1820 {
1821 struct fib6_config cfg;
1822 struct in6_rtmsg rtmsg;
1823 int err;
1824
1825 switch(cmd) {
1826 case SIOCADDRT: /* Add a route */
1827 case SIOCDELRT: /* Delete a route */
1828 if (!capable(CAP_NET_ADMIN))
1829 return -EPERM;
1830 err = copy_from_user(&rtmsg, arg,
1831 sizeof(struct in6_rtmsg));
1832 if (err)
1833 return -EFAULT;
1834
1835 rtmsg_to_fib6_config(net, &rtmsg, &cfg);
1836
1837 rtnl_lock();
1838 switch (cmd) {
1839 case SIOCADDRT:
1840 err = ip6_route_add(&cfg);
1841 break;
1842 case SIOCDELRT:
1843 err = ip6_route_del(&cfg);
1844 break;
1845 default:
1846 err = -EINVAL;
1847 }
1848 rtnl_unlock();
1849
1850 return err;
1851 }
1852
1853 return -EINVAL;
1854 }
1855
1856 /*
1857 * Drop the packet on the floor
1858 */
1859
1860 static int ip6_pkt_drop(struct sk_buff *skb, u8 code, int ipstats_mib_noroutes)
1861 {
1862 int type;
1863 struct dst_entry *dst = skb_dst(skb);
1864 switch (ipstats_mib_noroutes) {
1865 case IPSTATS_MIB_INNOROUTES:
1866 type = ipv6_addr_type(&ipv6_hdr(skb)->daddr);
1867 if (type == IPV6_ADDR_ANY) {
1868 IP6_INC_STATS(dev_net(dst->dev), ip6_dst_idev(dst),
1869 IPSTATS_MIB_INADDRERRORS);
1870 break;
1871 }
1872 /* FALLTHROUGH */
1873 case IPSTATS_MIB_OUTNOROUTES:
1874 IP6_INC_STATS(dev_net(dst->dev), ip6_dst_idev(dst),
1875 ipstats_mib_noroutes);
1876 break;
1877 }
1878 icmpv6_send(skb, ICMPV6_DEST_UNREACH, code, 0);
1879 kfree_skb(skb);
1880 return 0;
1881 }
1882
1883 static int ip6_pkt_discard(struct sk_buff *skb)
1884 {
1885 return ip6_pkt_drop(skb, ICMPV6_NOROUTE, IPSTATS_MIB_INNOROUTES);
1886 }
1887
1888 static int ip6_pkt_discard_out(struct sk_buff *skb)
1889 {
1890 skb->dev = skb_dst(skb)->dev;
1891 return ip6_pkt_drop(skb, ICMPV6_NOROUTE, IPSTATS_MIB_OUTNOROUTES);
1892 }
1893
1894 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
1895
1896 static int ip6_pkt_prohibit(struct sk_buff *skb)
1897 {
1898 return ip6_pkt_drop(skb, ICMPV6_ADM_PROHIBITED, IPSTATS_MIB_INNOROUTES);
1899 }
1900
1901 static int ip6_pkt_prohibit_out(struct sk_buff *skb)
1902 {
1903 skb->dev = skb_dst(skb)->dev;
1904 return ip6_pkt_drop(skb, ICMPV6_ADM_PROHIBITED, IPSTATS_MIB_OUTNOROUTES);
1905 }
1906
1907 #endif
1908
1909 /*
1910 * Allocate a dst for local (unicast / anycast) address.
1911 */
1912
1913 struct rt6_info *addrconf_dst_alloc(struct inet6_dev *idev,
1914 const struct in6_addr *addr,
1915 int anycast)
1916 {
1917 struct net *net = dev_net(idev->dev);
1918 struct rt6_info *rt = ip6_dst_alloc(&net->ipv6.ip6_dst_ops);
1919 struct neighbour *neigh;
1920
1921 if (rt == NULL)
1922 return ERR_PTR(-ENOMEM);
1923
1924 dev_hold(net->loopback_dev);
1925 in6_dev_hold(idev);
1926
1927 rt->dst.flags = DST_HOST;
1928 rt->dst.input = ip6_input;
1929 rt->dst.output = ip6_output;
1930 rt->rt6i_dev = net->loopback_dev;
1931 rt->rt6i_idev = idev;
1932 rt->dst.metrics[RTAX_MTU-1] = ipv6_get_mtu(rt->rt6i_dev);
1933 rt->dst.metrics[RTAX_ADVMSS-1] = ipv6_advmss(net, dst_mtu(&rt->dst));
1934 rt->dst.metrics[RTAX_HOPLIMIT-1] = -1;
1935 rt->dst.obsolete = -1;
1936
1937 rt->rt6i_flags = RTF_UP | RTF_NONEXTHOP;
1938 if (anycast)
1939 rt->rt6i_flags |= RTF_ANYCAST;
1940 else
1941 rt->rt6i_flags |= RTF_LOCAL;
1942 neigh = ndisc_get_neigh(rt->rt6i_dev, &rt->rt6i_gateway);
1943 if (IS_ERR(neigh)) {
1944 dst_free(&rt->dst);
1945
1946 /* We are casting this because that is the return
1947 * value type. But an errno encoded pointer is the
1948 * same regardless of the underlying pointer type,
1949 * and that's what we are returning. So this is OK.
1950 */
1951 return (struct rt6_info *) neigh;
1952 }
1953 rt->rt6i_nexthop = neigh;
1954
1955 ipv6_addr_copy(&rt->rt6i_dst.addr, addr);
1956 rt->rt6i_dst.plen = 128;
1957 rt->rt6i_table = fib6_get_table(net, RT6_TABLE_LOCAL);
1958
1959 atomic_set(&rt->dst.__refcnt, 1);
1960
1961 return rt;
1962 }
1963
1964 struct arg_dev_net {
1965 struct net_device *dev;
1966 struct net *net;
1967 };
1968
1969 static int fib6_ifdown(struct rt6_info *rt, void *arg)
1970 {
1971 struct net_device *dev = ((struct arg_dev_net *)arg)->dev;
1972 struct net *net = ((struct arg_dev_net *)arg)->net;
1973
1974 if (((void *)rt->rt6i_dev == dev || dev == NULL) &&
1975 rt != net->ipv6.ip6_null_entry) {
1976 RT6_TRACE("deleted by ifdown %p\n", rt);
1977 return -1;
1978 }
1979 return 0;
1980 }
1981
1982 void rt6_ifdown(struct net *net, struct net_device *dev)
1983 {
1984 struct arg_dev_net adn = {
1985 .dev = dev,
1986 .net = net,
1987 };
1988
1989 fib6_clean_all(net, fib6_ifdown, 0, &adn);
1990 icmp6_clean_all(fib6_ifdown, &adn);
1991 }
1992
1993 struct rt6_mtu_change_arg
1994 {
1995 struct net_device *dev;
1996 unsigned mtu;
1997 };
1998
1999 static int rt6_mtu_change_route(struct rt6_info *rt, void *p_arg)
2000 {
2001 struct rt6_mtu_change_arg *arg = (struct rt6_mtu_change_arg *) p_arg;
2002 struct inet6_dev *idev;
2003 struct net *net = dev_net(arg->dev);
2004
2005 /* In IPv6 pmtu discovery is not optional,
2006 so that RTAX_MTU lock cannot disable it.
2007 We still use this lock to block changes
2008 caused by addrconf/ndisc.
2009 */
2010
2011 idev = __in6_dev_get(arg->dev);
2012 if (idev == NULL)
2013 return 0;
2014
2015 /* For administrative MTU increase, there is no way to discover
2016 IPv6 PMTU increase, so PMTU increase should be updated here.
2017 Since RFC 1981 doesn't include administrative MTU increase
2018 update PMTU increase is a MUST. (i.e. jumbo frame)
2019 */
2020 /*
2021 If new MTU is less than route PMTU, this new MTU will be the
2022 lowest MTU in the path, update the route PMTU to reflect PMTU
2023 decreases; if new MTU is greater than route PMTU, and the
2024 old MTU is the lowest MTU in the path, update the route PMTU
2025 to reflect the increase. In this case if the other nodes' MTU
2026 also have the lowest MTU, TOO BIG MESSAGE will be lead to
2027 PMTU discouvery.
2028 */
2029 if (rt->rt6i_dev == arg->dev &&
2030 !dst_metric_locked(&rt->dst, RTAX_MTU) &&
2031 (dst_mtu(&rt->dst) >= arg->mtu ||
2032 (dst_mtu(&rt->dst) < arg->mtu &&
2033 dst_mtu(&rt->dst) == idev->cnf.mtu6))) {
2034 rt->dst.metrics[RTAX_MTU-1] = arg->mtu;
2035 rt->dst.metrics[RTAX_ADVMSS-1] = ipv6_advmss(net, arg->mtu);
2036 }
2037 return 0;
2038 }
2039
2040 void rt6_mtu_change(struct net_device *dev, unsigned mtu)
2041 {
2042 struct rt6_mtu_change_arg arg = {
2043 .dev = dev,
2044 .mtu = mtu,
2045 };
2046
2047 fib6_clean_all(dev_net(dev), rt6_mtu_change_route, 0, &arg);
2048 }
2049
2050 static const struct nla_policy rtm_ipv6_policy[RTA_MAX+1] = {
2051 [RTA_GATEWAY] = { .len = sizeof(struct in6_addr) },
2052 [RTA_OIF] = { .type = NLA_U32 },
2053 [RTA_IIF] = { .type = NLA_U32 },
2054 [RTA_PRIORITY] = { .type = NLA_U32 },
2055 [RTA_METRICS] = { .type = NLA_NESTED },
2056 };
2057
2058 static int rtm_to_fib6_config(struct sk_buff *skb, struct nlmsghdr *nlh,
2059 struct fib6_config *cfg)
2060 {
2061 struct rtmsg *rtm;
2062 struct nlattr *tb[RTA_MAX+1];
2063 int err;
2064
2065 err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_ipv6_policy);
2066 if (err < 0)
2067 goto errout;
2068
2069 err = -EINVAL;
2070 rtm = nlmsg_data(nlh);
2071 memset(cfg, 0, sizeof(*cfg));
2072
2073 cfg->fc_table = rtm->rtm_table;
2074 cfg->fc_dst_len = rtm->rtm_dst_len;
2075 cfg->fc_src_len = rtm->rtm_src_len;
2076 cfg->fc_flags = RTF_UP;
2077 cfg->fc_protocol = rtm->rtm_protocol;
2078
2079 if (rtm->rtm_type == RTN_UNREACHABLE)
2080 cfg->fc_flags |= RTF_REJECT;
2081
2082 cfg->fc_nlinfo.pid = NETLINK_CB(skb).pid;
2083 cfg->fc_nlinfo.nlh = nlh;
2084 cfg->fc_nlinfo.nl_net = sock_net(skb->sk);
2085
2086 if (tb[RTA_GATEWAY]) {
2087 nla_memcpy(&cfg->fc_gateway, tb[RTA_GATEWAY], 16);
2088 cfg->fc_flags |= RTF_GATEWAY;
2089 }
2090
2091 if (tb[RTA_DST]) {
2092 int plen = (rtm->rtm_dst_len + 7) >> 3;
2093
2094 if (nla_len(tb[RTA_DST]) < plen)
2095 goto errout;
2096
2097 nla_memcpy(&cfg->fc_dst, tb[RTA_DST], plen);
2098 }
2099
2100 if (tb[RTA_SRC]) {
2101 int plen = (rtm->rtm_src_len + 7) >> 3;
2102
2103 if (nla_len(tb[RTA_SRC]) < plen)
2104 goto errout;
2105
2106 nla_memcpy(&cfg->fc_src, tb[RTA_SRC], plen);
2107 }
2108
2109 if (tb[RTA_OIF])
2110 cfg->fc_ifindex = nla_get_u32(tb[RTA_OIF]);
2111
2112 if (tb[RTA_PRIORITY])
2113 cfg->fc_metric = nla_get_u32(tb[RTA_PRIORITY]);
2114
2115 if (tb[RTA_METRICS]) {
2116 cfg->fc_mx = nla_data(tb[RTA_METRICS]);
2117 cfg->fc_mx_len = nla_len(tb[RTA_METRICS]);
2118 }
2119
2120 if (tb[RTA_TABLE])
2121 cfg->fc_table = nla_get_u32(tb[RTA_TABLE]);
2122
2123 err = 0;
2124 errout:
2125 return err;
2126 }
2127
2128 static int inet6_rtm_delroute(struct sk_buff *skb, struct nlmsghdr* nlh, void *arg)
2129 {
2130 struct fib6_config cfg;
2131 int err;
2132
2133 err = rtm_to_fib6_config(skb, nlh, &cfg);
2134 if (err < 0)
2135 return err;
2136
2137 return ip6_route_del(&cfg);
2138 }
2139
2140 static int inet6_rtm_newroute(struct sk_buff *skb, struct nlmsghdr* nlh, void *arg)
2141 {
2142 struct fib6_config cfg;
2143 int err;
2144
2145 err = rtm_to_fib6_config(skb, nlh, &cfg);
2146 if (err < 0)
2147 return err;
2148
2149 return ip6_route_add(&cfg);
2150 }
2151
2152 static inline size_t rt6_nlmsg_size(void)
2153 {
2154 return NLMSG_ALIGN(sizeof(struct rtmsg))
2155 + nla_total_size(16) /* RTA_SRC */
2156 + nla_total_size(16) /* RTA_DST */
2157 + nla_total_size(16) /* RTA_GATEWAY */
2158 + nla_total_size(16) /* RTA_PREFSRC */
2159 + nla_total_size(4) /* RTA_TABLE */
2160 + nla_total_size(4) /* RTA_IIF */
2161 + nla_total_size(4) /* RTA_OIF */
2162 + nla_total_size(4) /* RTA_PRIORITY */
2163 + RTAX_MAX * nla_total_size(4) /* RTA_METRICS */
2164 + nla_total_size(sizeof(struct rta_cacheinfo));
2165 }
2166
2167 static int rt6_fill_node(struct net *net,
2168 struct sk_buff *skb, struct rt6_info *rt,
2169 struct in6_addr *dst, struct in6_addr *src,
2170 int iif, int type, u32 pid, u32 seq,
2171 int prefix, int nowait, unsigned int flags)
2172 {
2173 struct rtmsg *rtm;
2174 struct nlmsghdr *nlh;
2175 long expires;
2176 u32 table;
2177
2178 if (prefix) { /* user wants prefix routes only */
2179 if (!(rt->rt6i_flags & RTF_PREFIX_RT)) {
2180 /* success since this is not a prefix route */
2181 return 1;
2182 }
2183 }
2184
2185 nlh = nlmsg_put(skb, pid, seq, type, sizeof(*rtm), flags);
2186 if (nlh == NULL)
2187 return -EMSGSIZE;
2188
2189 rtm = nlmsg_data(nlh);
2190 rtm->rtm_family = AF_INET6;
2191 rtm->rtm_dst_len = rt->rt6i_dst.plen;
2192 rtm->rtm_src_len = rt->rt6i_src.plen;
2193 rtm->rtm_tos = 0;
2194 if (rt->rt6i_table)
2195 table = rt->rt6i_table->tb6_id;
2196 else
2197 table = RT6_TABLE_UNSPEC;
2198 rtm->rtm_table = table;
2199 NLA_PUT_U32(skb, RTA_TABLE, table);
2200 if (rt->rt6i_flags&RTF_REJECT)
2201 rtm->rtm_type = RTN_UNREACHABLE;
2202 else if (rt->rt6i_dev && (rt->rt6i_dev->flags&IFF_LOOPBACK))
2203 rtm->rtm_type = RTN_LOCAL;
2204 else
2205 rtm->rtm_type = RTN_UNICAST;
2206 rtm->rtm_flags = 0;
2207 rtm->rtm_scope = RT_SCOPE_UNIVERSE;
2208 rtm->rtm_protocol = rt->rt6i_protocol;
2209 if (rt->rt6i_flags&RTF_DYNAMIC)
2210 rtm->rtm_protocol = RTPROT_REDIRECT;
2211 else if (rt->rt6i_flags & RTF_ADDRCONF)
2212 rtm->rtm_protocol = RTPROT_KERNEL;
2213 else if (rt->rt6i_flags&RTF_DEFAULT)
2214 rtm->rtm_protocol = RTPROT_RA;
2215
2216 if (rt->rt6i_flags&RTF_CACHE)
2217 rtm->rtm_flags |= RTM_F_CLONED;
2218
2219 if (dst) {
2220 NLA_PUT(skb, RTA_DST, 16, dst);
2221 rtm->rtm_dst_len = 128;
2222 } else if (rtm->rtm_dst_len)
2223 NLA_PUT(skb, RTA_DST, 16, &rt->rt6i_dst.addr);
2224 #ifdef CONFIG_IPV6_SUBTREES
2225 if (src) {
2226 NLA_PUT(skb, RTA_SRC, 16, src);
2227 rtm->rtm_src_len = 128;
2228 } else if (rtm->rtm_src_len)
2229 NLA_PUT(skb, RTA_SRC, 16, &rt->rt6i_src.addr);
2230 #endif
2231 if (iif) {
2232 #ifdef CONFIG_IPV6_MROUTE
2233 if (ipv6_addr_is_multicast(&rt->rt6i_dst.addr)) {
2234 int err = ip6mr_get_route(net, skb, rtm, nowait);
2235 if (err <= 0) {
2236 if (!nowait) {
2237 if (err == 0)
2238 return 0;
2239 goto nla_put_failure;
2240 } else {
2241 if (err == -EMSGSIZE)
2242 goto nla_put_failure;
2243 }
2244 }
2245 } else
2246 #endif
2247 NLA_PUT_U32(skb, RTA_IIF, iif);
2248 } else if (dst) {
2249 struct inet6_dev *idev = ip6_dst_idev(&rt->dst);
2250 struct in6_addr saddr_buf;
2251 if (ipv6_dev_get_saddr(net, idev ? idev->dev : NULL,
2252 dst, 0, &saddr_buf) == 0)
2253 NLA_PUT(skb, RTA_PREFSRC, 16, &saddr_buf);
2254 }
2255
2256 if (rtnetlink_put_metrics(skb, rt->dst.metrics) < 0)
2257 goto nla_put_failure;
2258
2259 if (rt->dst.neighbour)
2260 NLA_PUT(skb, RTA_GATEWAY, 16, &rt->dst.neighbour->primary_key);
2261
2262 if (rt->dst.dev)
2263 NLA_PUT_U32(skb, RTA_OIF, rt->rt6i_dev->ifindex);
2264
2265 NLA_PUT_U32(skb, RTA_PRIORITY, rt->rt6i_metric);
2266
2267 if (!(rt->rt6i_flags & RTF_EXPIRES))
2268 expires = 0;
2269 else if (rt->rt6i_expires - jiffies < INT_MAX)
2270 expires = rt->rt6i_expires - jiffies;
2271 else
2272 expires = INT_MAX;
2273
2274 if (rtnl_put_cacheinfo(skb, &rt->dst, 0, 0, 0,
2275 expires, rt->dst.error) < 0)
2276 goto nla_put_failure;
2277
2278 return nlmsg_end(skb, nlh);
2279
2280 nla_put_failure:
2281 nlmsg_cancel(skb, nlh);
2282 return -EMSGSIZE;
2283 }
2284
2285 int rt6_dump_route(struct rt6_info *rt, void *p_arg)
2286 {
2287 struct rt6_rtnl_dump_arg *arg = (struct rt6_rtnl_dump_arg *) p_arg;
2288 int prefix;
2289
2290 if (nlmsg_len(arg->cb->nlh) >= sizeof(struct rtmsg)) {
2291 struct rtmsg *rtm = nlmsg_data(arg->cb->nlh);
2292 prefix = (rtm->rtm_flags & RTM_F_PREFIX) != 0;
2293 } else
2294 prefix = 0;
2295
2296 return rt6_fill_node(arg->net,
2297 arg->skb, rt, NULL, NULL, 0, RTM_NEWROUTE,
2298 NETLINK_CB(arg->cb->skb).pid, arg->cb->nlh->nlmsg_seq,
2299 prefix, 0, NLM_F_MULTI);
2300 }
2301
2302 static int inet6_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr* nlh, void *arg)
2303 {
2304 struct net *net = sock_net(in_skb->sk);
2305 struct nlattr *tb[RTA_MAX+1];
2306 struct rt6_info *rt;
2307 struct sk_buff *skb;
2308 struct rtmsg *rtm;
2309 struct flowi fl;
2310 int err, iif = 0;
2311
2312 err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_ipv6_policy);
2313 if (err < 0)
2314 goto errout;
2315
2316 err = -EINVAL;
2317 memset(&fl, 0, sizeof(fl));
2318
2319 if (tb[RTA_SRC]) {
2320 if (nla_len(tb[RTA_SRC]) < sizeof(struct in6_addr))
2321 goto errout;
2322
2323 ipv6_addr_copy(&fl.fl6_src, nla_data(tb[RTA_SRC]));
2324 }
2325
2326 if (tb[RTA_DST]) {
2327 if (nla_len(tb[RTA_DST]) < sizeof(struct in6_addr))
2328 goto errout;
2329
2330 ipv6_addr_copy(&fl.fl6_dst, nla_data(tb[RTA_DST]));
2331 }
2332
2333 if (tb[RTA_IIF])
2334 iif = nla_get_u32(tb[RTA_IIF]);
2335
2336 if (tb[RTA_OIF])
2337 fl.oif = nla_get_u32(tb[RTA_OIF]);
2338
2339 if (iif) {
2340 struct net_device *dev;
2341 dev = __dev_get_by_index(net, iif);
2342 if (!dev) {
2343 err = -ENODEV;
2344 goto errout;
2345 }
2346 }
2347
2348 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL);
2349 if (skb == NULL) {
2350 err = -ENOBUFS;
2351 goto errout;
2352 }
2353
2354 /* Reserve room for dummy headers, this skb can pass
2355 through good chunk of routing engine.
2356 */
2357 skb_reset_mac_header(skb);
2358 skb_reserve(skb, MAX_HEADER + sizeof(struct ipv6hdr));
2359
2360 rt = (struct rt6_info*) ip6_route_output(net, NULL, &fl);
2361 skb_dst_set(skb, &rt->dst);
2362
2363 err = rt6_fill_node(net, skb, rt, &fl.fl6_dst, &fl.fl6_src, iif,
2364 RTM_NEWROUTE, NETLINK_CB(in_skb).pid,
2365 nlh->nlmsg_seq, 0, 0, 0);
2366 if (err < 0) {
2367 kfree_skb(skb);
2368 goto errout;
2369 }
2370
2371 err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).pid);
2372 errout:
2373 return err;
2374 }
2375
2376 void inet6_rt_notify(int event, struct rt6_info *rt, struct nl_info *info)
2377 {
2378 struct sk_buff *skb;
2379 struct net *net = info->nl_net;
2380 u32 seq;
2381 int err;
2382
2383 err = -ENOBUFS;
2384 seq = info->nlh != NULL ? info->nlh->nlmsg_seq : 0;
2385
2386 skb = nlmsg_new(rt6_nlmsg_size(), gfp_any());
2387 if (skb == NULL)
2388 goto errout;
2389
2390 err = rt6_fill_node(net, skb, rt, NULL, NULL, 0,
2391 event, info->pid, seq, 0, 0, 0);
2392 if (err < 0) {
2393 /* -EMSGSIZE implies BUG in rt6_nlmsg_size() */
2394 WARN_ON(err == -EMSGSIZE);
2395 kfree_skb(skb);
2396 goto errout;
2397 }
2398 rtnl_notify(skb, net, info->pid, RTNLGRP_IPV6_ROUTE,
2399 info->nlh, gfp_any());
2400 return;
2401 errout:
2402 if (err < 0)
2403 rtnl_set_sk_err(net, RTNLGRP_IPV6_ROUTE, err);
2404 }
2405
2406 static int ip6_route_dev_notify(struct notifier_block *this,
2407 unsigned long event, void *data)
2408 {
2409 struct net_device *dev = (struct net_device *)data;
2410 struct net *net = dev_net(dev);
2411
2412 if (event == NETDEV_REGISTER && (dev->flags & IFF_LOOPBACK)) {
2413 net->ipv6.ip6_null_entry->dst.dev = dev;
2414 net->ipv6.ip6_null_entry->rt6i_idev = in6_dev_get(dev);
2415 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
2416 net->ipv6.ip6_prohibit_entry->dst.dev = dev;
2417 net->ipv6.ip6_prohibit_entry->rt6i_idev = in6_dev_get(dev);
2418 net->ipv6.ip6_blk_hole_entry->dst.dev = dev;
2419 net->ipv6.ip6_blk_hole_entry->rt6i_idev = in6_dev_get(dev);
2420 #endif
2421 }
2422
2423 return NOTIFY_OK;
2424 }
2425
2426 /*
2427 * /proc
2428 */
2429
2430 #ifdef CONFIG_PROC_FS
2431
2432 #define RT6_INFO_LEN (32 + 4 + 32 + 4 + 32 + 40 + 5 + 1)
2433
2434 struct rt6_proc_arg
2435 {
2436 char *buffer;
2437 int offset;
2438 int length;
2439 int skip;
2440 int len;
2441 };
2442
2443 static int rt6_info_route(struct rt6_info *rt, void *p_arg)
2444 {
2445 struct seq_file *m = p_arg;
2446
2447 seq_printf(m, "%pi6 %02x ", &rt->rt6i_dst.addr, rt->rt6i_dst.plen);
2448
2449 #ifdef CONFIG_IPV6_SUBTREES
2450 seq_printf(m, "%pi6 %02x ", &rt->rt6i_src.addr, rt->rt6i_src.plen);
2451 #else
2452 seq_puts(m, "00000000000000000000000000000000 00 ");
2453 #endif
2454
2455 if (rt->rt6i_nexthop) {
2456 seq_printf(m, "%pi6", rt->rt6i_nexthop->primary_key);
2457 } else {
2458 seq_puts(m, "00000000000000000000000000000000");
2459 }
2460 seq_printf(m, " %08x %08x %08x %08x %8s\n",
2461 rt->rt6i_metric, atomic_read(&rt->dst.__refcnt),
2462 rt->dst.__use, rt->rt6i_flags,
2463 rt->rt6i_dev ? rt->rt6i_dev->name : "");
2464 return 0;
2465 }
2466
2467 static int ipv6_route_show(struct seq_file *m, void *v)
2468 {
2469 struct net *net = (struct net *)m->private;
2470 fib6_clean_all(net, rt6_info_route, 0, m);
2471 return 0;
2472 }
2473
2474 static int ipv6_route_open(struct inode *inode, struct file *file)
2475 {
2476 return single_open_net(inode, file, ipv6_route_show);
2477 }
2478
2479 static const struct file_operations ipv6_route_proc_fops = {
2480 .owner = THIS_MODULE,
2481 .open = ipv6_route_open,
2482 .read = seq_read,
2483 .llseek = seq_lseek,
2484 .release = single_release_net,
2485 };
2486
2487 static int rt6_stats_seq_show(struct seq_file *seq, void *v)
2488 {
2489 struct net *net = (struct net *)seq->private;
2490 seq_printf(seq, "%04x %04x %04x %04x %04x %04x %04x\n",
2491 net->ipv6.rt6_stats->fib_nodes,
2492 net->ipv6.rt6_stats->fib_route_nodes,
2493 net->ipv6.rt6_stats->fib_rt_alloc,
2494 net->ipv6.rt6_stats->fib_rt_entries,
2495 net->ipv6.rt6_stats->fib_rt_cache,
2496 atomic_read(&net->ipv6.ip6_dst_ops.entries),
2497 net->ipv6.rt6_stats->fib_discarded_routes);
2498
2499 return 0;
2500 }
2501
2502 static int rt6_stats_seq_open(struct inode *inode, struct file *file)
2503 {
2504 return single_open_net(inode, file, rt6_stats_seq_show);
2505 }
2506
2507 static const struct file_operations rt6_stats_seq_fops = {
2508 .owner = THIS_MODULE,
2509 .open = rt6_stats_seq_open,
2510 .read = seq_read,
2511 .llseek = seq_lseek,
2512 .release = single_release_net,
2513 };
2514 #endif /* CONFIG_PROC_FS */
2515
2516 #ifdef CONFIG_SYSCTL
2517
2518 static
2519 int ipv6_sysctl_rtcache_flush(ctl_table *ctl, int write,
2520 void __user *buffer, size_t *lenp, loff_t *ppos)
2521 {
2522 struct net *net = current->nsproxy->net_ns;
2523 int delay = net->ipv6.sysctl.flush_delay;
2524 if (write) {
2525 proc_dointvec(ctl, write, buffer, lenp, ppos);
2526 fib6_run_gc(delay <= 0 ? ~0UL : (unsigned long)delay, net);
2527 return 0;
2528 } else
2529 return -EINVAL;
2530 }
2531
2532 ctl_table ipv6_route_table_template[] = {
2533 {
2534 .procname = "flush",
2535 .data = &init_net.ipv6.sysctl.flush_delay,
2536 .maxlen = sizeof(int),
2537 .mode = 0200,
2538 .proc_handler = ipv6_sysctl_rtcache_flush
2539 },
2540 {
2541 .procname = "gc_thresh",
2542 .data = &ip6_dst_ops_template.gc_thresh,
2543 .maxlen = sizeof(int),
2544 .mode = 0644,
2545 .proc_handler = proc_dointvec,
2546 },
2547 {
2548 .procname = "max_size",
2549 .data = &init_net.ipv6.sysctl.ip6_rt_max_size,
2550 .maxlen = sizeof(int),
2551 .mode = 0644,
2552 .proc_handler = proc_dointvec,
2553 },
2554 {
2555 .procname = "gc_min_interval",
2556 .data = &init_net.ipv6.sysctl.ip6_rt_gc_min_interval,
2557 .maxlen = sizeof(int),
2558 .mode = 0644,
2559 .proc_handler = proc_dointvec_jiffies,
2560 },
2561 {
2562 .procname = "gc_timeout",
2563 .data = &init_net.ipv6.sysctl.ip6_rt_gc_timeout,
2564 .maxlen = sizeof(int),
2565 .mode = 0644,
2566 .proc_handler = proc_dointvec_jiffies,
2567 },
2568 {
2569 .procname = "gc_interval",
2570 .data = &init_net.ipv6.sysctl.ip6_rt_gc_interval,
2571 .maxlen = sizeof(int),
2572 .mode = 0644,
2573 .proc_handler = proc_dointvec_jiffies,
2574 },
2575 {
2576 .procname = "gc_elasticity",
2577 .data = &init_net.ipv6.sysctl.ip6_rt_gc_elasticity,
2578 .maxlen = sizeof(int),
2579 .mode = 0644,
2580 .proc_handler = proc_dointvec_jiffies,
2581 },
2582 {
2583 .procname = "mtu_expires",
2584 .data = &init_net.ipv6.sysctl.ip6_rt_mtu_expires,
2585 .maxlen = sizeof(int),
2586 .mode = 0644,
2587 .proc_handler = proc_dointvec_jiffies,
2588 },
2589 {
2590 .procname = "min_adv_mss",
2591 .data = &init_net.ipv6.sysctl.ip6_rt_min_advmss,
2592 .maxlen = sizeof(int),
2593 .mode = 0644,
2594 .proc_handler = proc_dointvec_jiffies,
2595 },
2596 {
2597 .procname = "gc_min_interval_ms",
2598 .data = &init_net.ipv6.sysctl.ip6_rt_gc_min_interval,
2599 .maxlen = sizeof(int),
2600 .mode = 0644,
2601 .proc_handler = proc_dointvec_ms_jiffies,
2602 },
2603 { }
2604 };
2605
2606 struct ctl_table * __net_init ipv6_route_sysctl_init(struct net *net)
2607 {
2608 struct ctl_table *table;
2609
2610 table = kmemdup(ipv6_route_table_template,
2611 sizeof(ipv6_route_table_template),
2612 GFP_KERNEL);
2613
2614 if (table) {
2615 table[0].data = &net->ipv6.sysctl.flush_delay;
2616 table[1].data = &net->ipv6.ip6_dst_ops.gc_thresh;
2617 table[2].data = &net->ipv6.sysctl.ip6_rt_max_size;
2618 table[3].data = &net->ipv6.sysctl.ip6_rt_gc_min_interval;
2619 table[4].data = &net->ipv6.sysctl.ip6_rt_gc_timeout;
2620 table[5].data = &net->ipv6.sysctl.ip6_rt_gc_interval;
2621 table[6].data = &net->ipv6.sysctl.ip6_rt_gc_elasticity;
2622 table[7].data = &net->ipv6.sysctl.ip6_rt_mtu_expires;
2623 table[8].data = &net->ipv6.sysctl.ip6_rt_min_advmss;
2624 table[9].data = &net->ipv6.sysctl.ip6_rt_gc_min_interval;
2625 }
2626
2627 return table;
2628 }
2629 #endif
2630
2631 static int __net_init ip6_route_net_init(struct net *net)
2632 {
2633 int ret = -ENOMEM;
2634
2635 memcpy(&net->ipv6.ip6_dst_ops, &ip6_dst_ops_template,
2636 sizeof(net->ipv6.ip6_dst_ops));
2637
2638 net->ipv6.ip6_null_entry = kmemdup(&ip6_null_entry_template,
2639 sizeof(*net->ipv6.ip6_null_entry),
2640 GFP_KERNEL);
2641 if (!net->ipv6.ip6_null_entry)
2642 goto out_ip6_dst_ops;
2643 net->ipv6.ip6_null_entry->dst.path =
2644 (struct dst_entry *)net->ipv6.ip6_null_entry;
2645 net->ipv6.ip6_null_entry->dst.ops = &net->ipv6.ip6_dst_ops;
2646
2647 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
2648 net->ipv6.ip6_prohibit_entry = kmemdup(&ip6_prohibit_entry_template,
2649 sizeof(*net->ipv6.ip6_prohibit_entry),
2650 GFP_KERNEL);
2651 if (!net->ipv6.ip6_prohibit_entry)
2652 goto out_ip6_null_entry;
2653 net->ipv6.ip6_prohibit_entry->dst.path =
2654 (struct dst_entry *)net->ipv6.ip6_prohibit_entry;
2655 net->ipv6.ip6_prohibit_entry->dst.ops = &net->ipv6.ip6_dst_ops;
2656
2657 net->ipv6.ip6_blk_hole_entry = kmemdup(&ip6_blk_hole_entry_template,
2658 sizeof(*net->ipv6.ip6_blk_hole_entry),
2659 GFP_KERNEL);
2660 if (!net->ipv6.ip6_blk_hole_entry)
2661 goto out_ip6_prohibit_entry;
2662 net->ipv6.ip6_blk_hole_entry->dst.path =
2663 (struct dst_entry *)net->ipv6.ip6_blk_hole_entry;
2664 net->ipv6.ip6_blk_hole_entry->dst.ops = &net->ipv6.ip6_dst_ops;
2665 #endif
2666
2667 net->ipv6.sysctl.flush_delay = 0;
2668 net->ipv6.sysctl.ip6_rt_max_size = 4096;
2669 net->ipv6.sysctl.ip6_rt_gc_min_interval = HZ / 2;
2670 net->ipv6.sysctl.ip6_rt_gc_timeout = 60*HZ;
2671 net->ipv6.sysctl.ip6_rt_gc_interval = 30*HZ;
2672 net->ipv6.sysctl.ip6_rt_gc_elasticity = 9;
2673 net->ipv6.sysctl.ip6_rt_mtu_expires = 10*60*HZ;
2674 net->ipv6.sysctl.ip6_rt_min_advmss = IPV6_MIN_MTU - 20 - 40;
2675
2676 #ifdef CONFIG_PROC_FS
2677 proc_net_fops_create(net, "ipv6_route", 0, &ipv6_route_proc_fops);
2678 proc_net_fops_create(net, "rt6_stats", S_IRUGO, &rt6_stats_seq_fops);
2679 #endif
2680 net->ipv6.ip6_rt_gc_expire = 30*HZ;
2681
2682 ret = 0;
2683 out:
2684 return ret;
2685
2686 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
2687 out_ip6_prohibit_entry:
2688 kfree(net->ipv6.ip6_prohibit_entry);
2689 out_ip6_null_entry:
2690 kfree(net->ipv6.ip6_null_entry);
2691 #endif
2692 out_ip6_dst_ops:
2693 goto out;
2694 }
2695
2696 static void __net_exit ip6_route_net_exit(struct net *net)
2697 {
2698 #ifdef CONFIG_PROC_FS
2699 proc_net_remove(net, "ipv6_route");
2700 proc_net_remove(net, "rt6_stats");
2701 #endif
2702 kfree(net->ipv6.ip6_null_entry);
2703 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
2704 kfree(net->ipv6.ip6_prohibit_entry);
2705 kfree(net->ipv6.ip6_blk_hole_entry);
2706 #endif
2707 }
2708
2709 static struct pernet_operations ip6_route_net_ops = {
2710 .init = ip6_route_net_init,
2711 .exit = ip6_route_net_exit,
2712 };
2713
2714 static struct notifier_block ip6_route_dev_notifier = {
2715 .notifier_call = ip6_route_dev_notify,
2716 .priority = 0,
2717 };
2718
2719 int __init ip6_route_init(void)
2720 {
2721 int ret;
2722
2723 ret = -ENOMEM;
2724 ip6_dst_ops_template.kmem_cachep =
2725 kmem_cache_create("ip6_dst_cache", sizeof(struct rt6_info), 0,
2726 SLAB_HWCACHE_ALIGN, NULL);
2727 if (!ip6_dst_ops_template.kmem_cachep)
2728 goto out;
2729
2730 ret = register_pernet_subsys(&ip6_route_net_ops);
2731 if (ret)
2732 goto out_kmem_cache;
2733
2734 ip6_dst_blackhole_ops.kmem_cachep = ip6_dst_ops_template.kmem_cachep;
2735
2736 /* Registering of the loopback is done before this portion of code,
2737 * the loopback reference in rt6_info will not be taken, do it
2738 * manually for init_net */
2739 init_net.ipv6.ip6_null_entry->dst.dev = init_net.loopback_dev;
2740 init_net.ipv6.ip6_null_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev);
2741 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
2742 init_net.ipv6.ip6_prohibit_entry->dst.dev = init_net.loopback_dev;
2743 init_net.ipv6.ip6_prohibit_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev);
2744 init_net.ipv6.ip6_blk_hole_entry->dst.dev = init_net.loopback_dev;
2745 init_net.ipv6.ip6_blk_hole_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev);
2746 #endif
2747 ret = fib6_init();
2748 if (ret)
2749 goto out_register_subsys;
2750
2751 ret = xfrm6_init();
2752 if (ret)
2753 goto out_fib6_init;
2754
2755 ret = fib6_rules_init();
2756 if (ret)
2757 goto xfrm6_init;
2758
2759 ret = -ENOBUFS;
2760 if (__rtnl_register(PF_INET6, RTM_NEWROUTE, inet6_rtm_newroute, NULL) ||
2761 __rtnl_register(PF_INET6, RTM_DELROUTE, inet6_rtm_delroute, NULL) ||
2762 __rtnl_register(PF_INET6, RTM_GETROUTE, inet6_rtm_getroute, NULL))
2763 goto fib6_rules_init;
2764
2765 ret = register_netdevice_notifier(&ip6_route_dev_notifier);
2766 if (ret)
2767 goto fib6_rules_init;
2768
2769 out:
2770 return ret;
2771
2772 fib6_rules_init:
2773 fib6_rules_cleanup();
2774 xfrm6_init:
2775 xfrm6_fini();
2776 out_fib6_init:
2777 fib6_gc_cleanup();
2778 out_register_subsys:
2779 unregister_pernet_subsys(&ip6_route_net_ops);
2780 out_kmem_cache:
2781 kmem_cache_destroy(ip6_dst_ops_template.kmem_cachep);
2782 goto out;
2783 }
2784
2785 void ip6_route_cleanup(void)
2786 {
2787 unregister_netdevice_notifier(&ip6_route_dev_notifier);
2788 fib6_rules_cleanup();
2789 xfrm6_fini();
2790 fib6_gc_cleanup();
2791 unregister_pernet_subsys(&ip6_route_net_ops);
2792 kmem_cache_destroy(ip6_dst_ops_template.kmem_cachep);
2793 }
ubuntu-bionic-kernel mirror