Merge tag 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mst/vhost
[cris-mirror.git] / net / ipv6 / route.c
blob9dcfadddd800557e6c710a8e848dbfdb7d186393
1 /*
2 * Linux INET6 implementation
3 * FIB front-end.
5 * Authors:
6 * Pedro Roque <roque@di.fc.ul.pt>
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public License
10 * as published by the Free Software Foundation; either version
11 * 2 of the License, or (at your option) any later version.
14 /* Changes:
16 * YOSHIFUJI Hideaki @USAGI
17 * reworked default router selection.
18 * - respect outgoing interface
19 * - select from (probably) reachable routers (i.e.
20 * routers in REACHABLE, STALE, DELAY or PROBE states).
21 * - always select the same router if it is (probably)
22 * reachable. otherwise, round-robin the list.
23 * Ville Nuorvala
24 * Fixed routing subtrees.
27 #define pr_fmt(fmt) "IPv6: " fmt
29 #include <linux/capability.h>
30 #include <linux/errno.h>
31 #include <linux/export.h>
32 #include <linux/types.h>
33 #include <linux/times.h>
34 #include <linux/socket.h>
35 #include <linux/sockios.h>
36 #include <linux/net.h>
37 #include <linux/route.h>
38 #include <linux/netdevice.h>
39 #include <linux/in6.h>
40 #include <linux/mroute6.h>
41 #include <linux/init.h>
42 #include <linux/if_arp.h>
43 #include <linux/proc_fs.h>
44 #include <linux/seq_file.h>
45 #include <linux/nsproxy.h>
46 #include <linux/slab.h>
47 #include <linux/jhash.h>
48 #include <net/net_namespace.h>
49 #include <net/snmp.h>
50 #include <net/ipv6.h>
51 #include <net/ip6_fib.h>
52 #include <net/ip6_route.h>
53 #include <net/ndisc.h>
54 #include <net/addrconf.h>
55 #include <net/tcp.h>
56 #include <linux/rtnetlink.h>
57 #include <net/dst.h>
58 #include <net/dst_metadata.h>
59 #include <net/xfrm.h>
60 #include <net/netevent.h>
61 #include <net/netlink.h>
62 #include <net/nexthop.h>
63 #include <net/lwtunnel.h>
64 #include <net/ip_tunnels.h>
65 #include <net/l3mdev.h>
66 #include <trace/events/fib6.h>
68 #include <linux/uaccess.h>
70 #ifdef CONFIG_SYSCTL
71 #include <linux/sysctl.h>
72 #endif
74 enum rt6_nud_state {
75 RT6_NUD_FAIL_HARD = -3,
76 RT6_NUD_FAIL_PROBE = -2,
77 RT6_NUD_FAIL_DO_RR = -1,
78 RT6_NUD_SUCCEED = 1
81 static void ip6_rt_copy_init(struct rt6_info *rt, struct rt6_info *ort);
82 static struct dst_entry *ip6_dst_check(struct dst_entry *dst, u32 cookie);
83 static unsigned int ip6_default_advmss(const struct dst_entry *dst);
84 static unsigned int ip6_mtu(const struct dst_entry *dst);
85 static struct dst_entry *ip6_negative_advice(struct dst_entry *);
86 static void ip6_dst_destroy(struct dst_entry *);
87 static void ip6_dst_ifdown(struct dst_entry *,
88 struct net_device *dev, int how);
89 static int ip6_dst_gc(struct dst_ops *ops);
91 static int ip6_pkt_discard(struct sk_buff *skb);
92 static int ip6_pkt_discard_out(struct net *net, struct sock *sk, struct sk_buff *skb);
93 static int ip6_pkt_prohibit(struct sk_buff *skb);
94 static int ip6_pkt_prohibit_out(struct net *net, struct sock *sk, struct sk_buff *skb);
95 static void ip6_link_failure(struct sk_buff *skb);
96 static void ip6_rt_update_pmtu(struct dst_entry *dst, struct sock *sk,
97 struct sk_buff *skb, u32 mtu);
98 static void rt6_do_redirect(struct dst_entry *dst, struct sock *sk,
99 struct sk_buff *skb);
100 static void rt6_dst_from_metrics_check(struct rt6_info *rt);
101 static int rt6_score_route(struct rt6_info *rt, int oif, int strict);
102 static size_t rt6_nlmsg_size(struct rt6_info *rt);
103 static int rt6_fill_node(struct net *net,
104 struct sk_buff *skb, struct rt6_info *rt,
105 struct in6_addr *dst, struct in6_addr *src,
106 int iif, int type, u32 portid, u32 seq,
107 unsigned int flags);
108 static struct rt6_info *rt6_find_cached_rt(struct rt6_info *rt,
109 struct in6_addr *daddr,
110 struct in6_addr *saddr);
112 #ifdef CONFIG_IPV6_ROUTE_INFO
113 static struct rt6_info *rt6_add_route_info(struct net *net,
114 const struct in6_addr *prefix, int prefixlen,
115 const struct in6_addr *gwaddr,
116 struct net_device *dev,
117 unsigned int pref);
118 static struct rt6_info *rt6_get_route_info(struct net *net,
119 const struct in6_addr *prefix, int prefixlen,
120 const struct in6_addr *gwaddr,
121 struct net_device *dev);
122 #endif
124 struct uncached_list {
125 spinlock_t lock;
126 struct list_head head;
129 static DEFINE_PER_CPU_ALIGNED(struct uncached_list, rt6_uncached_list);
131 static void rt6_uncached_list_add(struct rt6_info *rt)
133 struct uncached_list *ul = raw_cpu_ptr(&rt6_uncached_list);
135 rt->rt6i_uncached_list = ul;
137 spin_lock_bh(&ul->lock);
138 list_add_tail(&rt->rt6i_uncached, &ul->head);
139 spin_unlock_bh(&ul->lock);
142 static void rt6_uncached_list_del(struct rt6_info *rt)
144 if (!list_empty(&rt->rt6i_uncached)) {
145 struct uncached_list *ul = rt->rt6i_uncached_list;
146 struct net *net = dev_net(rt->dst.dev);
148 spin_lock_bh(&ul->lock);
149 list_del(&rt->rt6i_uncached);
150 atomic_dec(&net->ipv6.rt6_stats->fib_rt_uncache);
151 spin_unlock_bh(&ul->lock);
155 static void rt6_uncached_list_flush_dev(struct net *net, struct net_device *dev)
157 struct net_device *loopback_dev = net->loopback_dev;
158 int cpu;
160 if (dev == loopback_dev)
161 return;
163 for_each_possible_cpu(cpu) {
164 struct uncached_list *ul = per_cpu_ptr(&rt6_uncached_list, cpu);
165 struct rt6_info *rt;
167 spin_lock_bh(&ul->lock);
168 list_for_each_entry(rt, &ul->head, rt6i_uncached) {
169 struct inet6_dev *rt_idev = rt->rt6i_idev;
170 struct net_device *rt_dev = rt->dst.dev;
172 if (rt_idev->dev == dev) {
173 rt->rt6i_idev = in6_dev_get(loopback_dev);
174 in6_dev_put(rt_idev);
177 if (rt_dev == dev) {
178 rt->dst.dev = loopback_dev;
179 dev_hold(rt->dst.dev);
180 dev_put(rt_dev);
183 spin_unlock_bh(&ul->lock);
187 static u32 *rt6_pcpu_cow_metrics(struct rt6_info *rt)
189 return dst_metrics_write_ptr(&rt->from->dst);
192 static u32 *ipv6_cow_metrics(struct dst_entry *dst, unsigned long old)
194 struct rt6_info *rt = (struct rt6_info *)dst;
196 if (rt->rt6i_flags & RTF_PCPU)
197 return rt6_pcpu_cow_metrics(rt);
198 else if (rt->rt6i_flags & RTF_CACHE)
199 return NULL;
200 else
201 return dst_cow_metrics_generic(dst, old);
204 static inline const void *choose_neigh_daddr(struct rt6_info *rt,
205 struct sk_buff *skb,
206 const void *daddr)
208 struct in6_addr *p = &rt->rt6i_gateway;
210 if (!ipv6_addr_any(p))
211 return (const void *) p;
212 else if (skb)
213 return &ipv6_hdr(skb)->daddr;
214 return daddr;
217 static struct neighbour *ip6_neigh_lookup(const struct dst_entry *dst,
218 struct sk_buff *skb,
219 const void *daddr)
221 struct rt6_info *rt = (struct rt6_info *) dst;
222 struct neighbour *n;
224 daddr = choose_neigh_daddr(rt, skb, daddr);
225 n = __ipv6_neigh_lookup(dst->dev, daddr);
226 if (n)
227 return n;
228 return neigh_create(&nd_tbl, daddr, dst->dev);
231 static void ip6_confirm_neigh(const struct dst_entry *dst, const void *daddr)
233 struct net_device *dev = dst->dev;
234 struct rt6_info *rt = (struct rt6_info *)dst;
236 daddr = choose_neigh_daddr(rt, NULL, daddr);
237 if (!daddr)
238 return;
239 if (dev->flags & (IFF_NOARP | IFF_LOOPBACK))
240 return;
241 if (ipv6_addr_is_multicast((const struct in6_addr *)daddr))
242 return;
243 __ipv6_confirm_neigh(dev, daddr);
246 static struct dst_ops ip6_dst_ops_template = {
247 .family = AF_INET6,
248 .gc = ip6_dst_gc,
249 .gc_thresh = 1024,
250 .check = ip6_dst_check,
251 .default_advmss = ip6_default_advmss,
252 .mtu = ip6_mtu,
253 .cow_metrics = ipv6_cow_metrics,
254 .destroy = ip6_dst_destroy,
255 .ifdown = ip6_dst_ifdown,
256 .negative_advice = ip6_negative_advice,
257 .link_failure = ip6_link_failure,
258 .update_pmtu = ip6_rt_update_pmtu,
259 .redirect = rt6_do_redirect,
260 .local_out = __ip6_local_out,
261 .neigh_lookup = ip6_neigh_lookup,
262 .confirm_neigh = ip6_confirm_neigh,
265 static unsigned int ip6_blackhole_mtu(const struct dst_entry *dst)
267 unsigned int mtu = dst_metric_raw(dst, RTAX_MTU);
269 return mtu ? : dst->dev->mtu;
272 static void ip6_rt_blackhole_update_pmtu(struct dst_entry *dst, struct sock *sk,
273 struct sk_buff *skb, u32 mtu)
277 static void ip6_rt_blackhole_redirect(struct dst_entry *dst, struct sock *sk,
278 struct sk_buff *skb)
282 static struct dst_ops ip6_dst_blackhole_ops = {
283 .family = AF_INET6,
284 .destroy = ip6_dst_destroy,
285 .check = ip6_dst_check,
286 .mtu = ip6_blackhole_mtu,
287 .default_advmss = ip6_default_advmss,
288 .update_pmtu = ip6_rt_blackhole_update_pmtu,
289 .redirect = ip6_rt_blackhole_redirect,
290 .cow_metrics = dst_cow_metrics_generic,
291 .neigh_lookup = ip6_neigh_lookup,
294 static const u32 ip6_template_metrics[RTAX_MAX] = {
295 [RTAX_HOPLIMIT - 1] = 0,
298 static const struct rt6_info ip6_null_entry_template = {
299 .dst = {
300 .__refcnt = ATOMIC_INIT(1),
301 .__use = 1,
302 .obsolete = DST_OBSOLETE_FORCE_CHK,
303 .error = -ENETUNREACH,
304 .input = ip6_pkt_discard,
305 .output = ip6_pkt_discard_out,
307 .rt6i_flags = (RTF_REJECT | RTF_NONEXTHOP),
308 .rt6i_protocol = RTPROT_KERNEL,
309 .rt6i_metric = ~(u32) 0,
310 .rt6i_ref = ATOMIC_INIT(1),
313 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
315 static const struct rt6_info ip6_prohibit_entry_template = {
316 .dst = {
317 .__refcnt = ATOMIC_INIT(1),
318 .__use = 1,
319 .obsolete = DST_OBSOLETE_FORCE_CHK,
320 .error = -EACCES,
321 .input = ip6_pkt_prohibit,
322 .output = ip6_pkt_prohibit_out,
324 .rt6i_flags = (RTF_REJECT | RTF_NONEXTHOP),
325 .rt6i_protocol = RTPROT_KERNEL,
326 .rt6i_metric = ~(u32) 0,
327 .rt6i_ref = ATOMIC_INIT(1),
330 static const struct rt6_info ip6_blk_hole_entry_template = {
331 .dst = {
332 .__refcnt = ATOMIC_INIT(1),
333 .__use = 1,
334 .obsolete = DST_OBSOLETE_FORCE_CHK,
335 .error = -EINVAL,
336 .input = dst_discard,
337 .output = dst_discard_out,
339 .rt6i_flags = (RTF_REJECT | RTF_NONEXTHOP),
340 .rt6i_protocol = RTPROT_KERNEL,
341 .rt6i_metric = ~(u32) 0,
342 .rt6i_ref = ATOMIC_INIT(1),
345 #endif
347 static void rt6_info_init(struct rt6_info *rt)
349 struct dst_entry *dst = &rt->dst;
351 memset(dst + 1, 0, sizeof(*rt) - sizeof(*dst));
352 INIT_LIST_HEAD(&rt->rt6i_siblings);
353 INIT_LIST_HEAD(&rt->rt6i_uncached);
356 /* allocate dst with ip6_dst_ops */
357 static struct rt6_info *__ip6_dst_alloc(struct net *net,
358 struct net_device *dev,
359 int flags)
361 struct rt6_info *rt = dst_alloc(&net->ipv6.ip6_dst_ops, dev,
362 1, DST_OBSOLETE_FORCE_CHK, flags);
364 if (rt) {
365 rt6_info_init(rt);
366 atomic_inc(&net->ipv6.rt6_stats->fib_rt_alloc);
369 return rt;
372 struct rt6_info *ip6_dst_alloc(struct net *net,
373 struct net_device *dev,
374 int flags)
376 struct rt6_info *rt = __ip6_dst_alloc(net, dev, flags);
378 if (rt) {
379 rt->rt6i_pcpu = alloc_percpu_gfp(struct rt6_info *, GFP_ATOMIC);
380 if (!rt->rt6i_pcpu) {
381 dst_release_immediate(&rt->dst);
382 return NULL;
386 return rt;
388 EXPORT_SYMBOL(ip6_dst_alloc);
390 static void ip6_dst_destroy(struct dst_entry *dst)
392 struct rt6_info *rt = (struct rt6_info *)dst;
393 struct rt6_exception_bucket *bucket;
394 struct rt6_info *from = rt->from;
395 struct inet6_dev *idev;
397 dst_destroy_metrics_generic(dst);
398 free_percpu(rt->rt6i_pcpu);
399 rt6_uncached_list_del(rt);
401 idev = rt->rt6i_idev;
402 if (idev) {
403 rt->rt6i_idev = NULL;
404 in6_dev_put(idev);
406 bucket = rcu_dereference_protected(rt->rt6i_exception_bucket, 1);
407 if (bucket) {
408 rt->rt6i_exception_bucket = NULL;
409 kfree(bucket);
412 rt->from = NULL;
413 dst_release(&from->dst);
416 static void ip6_dst_ifdown(struct dst_entry *dst, struct net_device *dev,
417 int how)
419 struct rt6_info *rt = (struct rt6_info *)dst;
420 struct inet6_dev *idev = rt->rt6i_idev;
421 struct net_device *loopback_dev =
422 dev_net(dev)->loopback_dev;
424 if (idev && idev->dev != loopback_dev) {
425 struct inet6_dev *loopback_idev = in6_dev_get(loopback_dev);
426 if (loopback_idev) {
427 rt->rt6i_idev = loopback_idev;
428 in6_dev_put(idev);
433 static bool __rt6_check_expired(const struct rt6_info *rt)
435 if (rt->rt6i_flags & RTF_EXPIRES)
436 return time_after(jiffies, rt->dst.expires);
437 else
438 return false;
441 static bool rt6_check_expired(const struct rt6_info *rt)
443 if (rt->rt6i_flags & RTF_EXPIRES) {
444 if (time_after(jiffies, rt->dst.expires))
445 return true;
446 } else if (rt->from) {
447 return rt->dst.obsolete != DST_OBSOLETE_FORCE_CHK ||
448 rt6_check_expired(rt->from);
450 return false;
453 static struct rt6_info *rt6_multipath_select(struct rt6_info *match,
454 struct flowi6 *fl6, int oif,
455 int strict)
457 struct rt6_info *sibling, *next_sibling;
459 /* We might have already computed the hash for ICMPv6 errors. In such
460 * case it will always be non-zero. Otherwise now is the time to do it.
462 if (!fl6->mp_hash)
463 fl6->mp_hash = rt6_multipath_hash(fl6, NULL);
465 if (fl6->mp_hash <= atomic_read(&match->rt6i_nh_upper_bound))
466 return match;
468 list_for_each_entry_safe(sibling, next_sibling, &match->rt6i_siblings,
469 rt6i_siblings) {
470 if (fl6->mp_hash > atomic_read(&sibling->rt6i_nh_upper_bound))
471 continue;
472 if (rt6_score_route(sibling, oif, strict) < 0)
473 break;
474 match = sibling;
475 break;
478 return match;
482 * Route lookup. rcu_read_lock() should be held.
485 static inline struct rt6_info *rt6_device_match(struct net *net,
486 struct rt6_info *rt,
487 const struct in6_addr *saddr,
488 int oif,
489 int flags)
491 struct rt6_info *local = NULL;
492 struct rt6_info *sprt;
494 if (!oif && ipv6_addr_any(saddr) && !(rt->rt6i_nh_flags & RTNH_F_DEAD))
495 return rt;
497 for (sprt = rt; sprt; sprt = rcu_dereference(sprt->rt6_next)) {
498 struct net_device *dev = sprt->dst.dev;
500 if (sprt->rt6i_nh_flags & RTNH_F_DEAD)
501 continue;
503 if (oif) {
504 if (dev->ifindex == oif)
505 return sprt;
506 if (dev->flags & IFF_LOOPBACK) {
507 if (!sprt->rt6i_idev ||
508 sprt->rt6i_idev->dev->ifindex != oif) {
509 if (flags & RT6_LOOKUP_F_IFACE)
510 continue;
511 if (local &&
512 local->rt6i_idev->dev->ifindex == oif)
513 continue;
515 local = sprt;
517 } else {
518 if (ipv6_chk_addr(net, saddr, dev,
519 flags & RT6_LOOKUP_F_IFACE))
520 return sprt;
524 if (oif) {
525 if (local)
526 return local;
528 if (flags & RT6_LOOKUP_F_IFACE)
529 return net->ipv6.ip6_null_entry;
532 return rt->rt6i_nh_flags & RTNH_F_DEAD ? net->ipv6.ip6_null_entry : rt;
535 #ifdef CONFIG_IPV6_ROUTER_PREF
536 struct __rt6_probe_work {
537 struct work_struct work;
538 struct in6_addr target;
539 struct net_device *dev;
542 static void rt6_probe_deferred(struct work_struct *w)
544 struct in6_addr mcaddr;
545 struct __rt6_probe_work *work =
546 container_of(w, struct __rt6_probe_work, work);
548 addrconf_addr_solict_mult(&work->target, &mcaddr);
549 ndisc_send_ns(work->dev, &work->target, &mcaddr, NULL, 0);
550 dev_put(work->dev);
551 kfree(work);
554 static void rt6_probe(struct rt6_info *rt)
556 struct __rt6_probe_work *work;
557 struct neighbour *neigh;
559 * Okay, this does not seem to be appropriate
560 * for now, however, we need to check if it
561 * is really so; aka Router Reachability Probing.
563 * Router Reachability Probe MUST be rate-limited
564 * to no more than one per minute.
566 if (!rt || !(rt->rt6i_flags & RTF_GATEWAY))
567 return;
568 rcu_read_lock_bh();
569 neigh = __ipv6_neigh_lookup_noref(rt->dst.dev, &rt->rt6i_gateway);
570 if (neigh) {
571 if (neigh->nud_state & NUD_VALID)
572 goto out;
574 work = NULL;
575 write_lock(&neigh->lock);
576 if (!(neigh->nud_state & NUD_VALID) &&
577 time_after(jiffies,
578 neigh->updated +
579 rt->rt6i_idev->cnf.rtr_probe_interval)) {
580 work = kmalloc(sizeof(*work), GFP_ATOMIC);
581 if (work)
582 __neigh_set_probe_once(neigh);
584 write_unlock(&neigh->lock);
585 } else {
586 work = kmalloc(sizeof(*work), GFP_ATOMIC);
589 if (work) {
590 INIT_WORK(&work->work, rt6_probe_deferred);
591 work->target = rt->rt6i_gateway;
592 dev_hold(rt->dst.dev);
593 work->dev = rt->dst.dev;
594 schedule_work(&work->work);
597 out:
598 rcu_read_unlock_bh();
600 #else
601 static inline void rt6_probe(struct rt6_info *rt)
604 #endif
607 * Default Router Selection (RFC 2461 6.3.6)
609 static inline int rt6_check_dev(struct rt6_info *rt, int oif)
611 struct net_device *dev = rt->dst.dev;
612 if (!oif || dev->ifindex == oif)
613 return 2;
614 if ((dev->flags & IFF_LOOPBACK) &&
615 rt->rt6i_idev && rt->rt6i_idev->dev->ifindex == oif)
616 return 1;
617 return 0;
620 static inline enum rt6_nud_state rt6_check_neigh(struct rt6_info *rt)
622 struct neighbour *neigh;
623 enum rt6_nud_state ret = RT6_NUD_FAIL_HARD;
625 if (rt->rt6i_flags & RTF_NONEXTHOP ||
626 !(rt->rt6i_flags & RTF_GATEWAY))
627 return RT6_NUD_SUCCEED;
629 rcu_read_lock_bh();
630 neigh = __ipv6_neigh_lookup_noref(rt->dst.dev, &rt->rt6i_gateway);
631 if (neigh) {
632 read_lock(&neigh->lock);
633 if (neigh->nud_state & NUD_VALID)
634 ret = RT6_NUD_SUCCEED;
635 #ifdef CONFIG_IPV6_ROUTER_PREF
636 else if (!(neigh->nud_state & NUD_FAILED))
637 ret = RT6_NUD_SUCCEED;
638 else
639 ret = RT6_NUD_FAIL_PROBE;
640 #endif
641 read_unlock(&neigh->lock);
642 } else {
643 ret = IS_ENABLED(CONFIG_IPV6_ROUTER_PREF) ?
644 RT6_NUD_SUCCEED : RT6_NUD_FAIL_DO_RR;
646 rcu_read_unlock_bh();
648 return ret;
651 static int rt6_score_route(struct rt6_info *rt, int oif,
652 int strict)
654 int m;
656 m = rt6_check_dev(rt, oif);
657 if (!m && (strict & RT6_LOOKUP_F_IFACE))
658 return RT6_NUD_FAIL_HARD;
659 #ifdef CONFIG_IPV6_ROUTER_PREF
660 m |= IPV6_DECODE_PREF(IPV6_EXTRACT_PREF(rt->rt6i_flags)) << 2;
661 #endif
662 if (strict & RT6_LOOKUP_F_REACHABLE) {
663 int n = rt6_check_neigh(rt);
664 if (n < 0)
665 return n;
667 return m;
670 static struct rt6_info *find_match(struct rt6_info *rt, int oif, int strict,
671 int *mpri, struct rt6_info *match,
672 bool *do_rr)
674 int m;
675 bool match_do_rr = false;
676 struct inet6_dev *idev = rt->rt6i_idev;
678 if (rt->rt6i_nh_flags & RTNH_F_DEAD)
679 goto out;
681 if (idev->cnf.ignore_routes_with_linkdown &&
682 rt->rt6i_nh_flags & RTNH_F_LINKDOWN &&
683 !(strict & RT6_LOOKUP_F_IGNORE_LINKSTATE))
684 goto out;
686 if (rt6_check_expired(rt))
687 goto out;
689 m = rt6_score_route(rt, oif, strict);
690 if (m == RT6_NUD_FAIL_DO_RR) {
691 match_do_rr = true;
692 m = 0; /* lowest valid score */
693 } else if (m == RT6_NUD_FAIL_HARD) {
694 goto out;
697 if (strict & RT6_LOOKUP_F_REACHABLE)
698 rt6_probe(rt);
700 /* note that m can be RT6_NUD_FAIL_PROBE at this point */
701 if (m > *mpri) {
702 *do_rr = match_do_rr;
703 *mpri = m;
704 match = rt;
706 out:
707 return match;
710 static struct rt6_info *find_rr_leaf(struct fib6_node *fn,
711 struct rt6_info *leaf,
712 struct rt6_info *rr_head,
713 u32 metric, int oif, int strict,
714 bool *do_rr)
716 struct rt6_info *rt, *match, *cont;
717 int mpri = -1;
719 match = NULL;
720 cont = NULL;
721 for (rt = rr_head; rt; rt = rcu_dereference(rt->rt6_next)) {
722 if (rt->rt6i_metric != metric) {
723 cont = rt;
724 break;
727 match = find_match(rt, oif, strict, &mpri, match, do_rr);
730 for (rt = leaf; rt && rt != rr_head;
731 rt = rcu_dereference(rt->rt6_next)) {
732 if (rt->rt6i_metric != metric) {
733 cont = rt;
734 break;
737 match = find_match(rt, oif, strict, &mpri, match, do_rr);
740 if (match || !cont)
741 return match;
743 for (rt = cont; rt; rt = rcu_dereference(rt->rt6_next))
744 match = find_match(rt, oif, strict, &mpri, match, do_rr);
746 return match;
749 static struct rt6_info *rt6_select(struct net *net, struct fib6_node *fn,
750 int oif, int strict)
752 struct rt6_info *leaf = rcu_dereference(fn->leaf);
753 struct rt6_info *match, *rt0;
754 bool do_rr = false;
755 int key_plen;
757 if (!leaf || leaf == net->ipv6.ip6_null_entry)
758 return net->ipv6.ip6_null_entry;
760 rt0 = rcu_dereference(fn->rr_ptr);
761 if (!rt0)
762 rt0 = leaf;
764 /* Double check to make sure fn is not an intermediate node
765 * and fn->leaf does not points to its child's leaf
766 * (This might happen if all routes under fn are deleted from
767 * the tree and fib6_repair_tree() is called on the node.)
769 key_plen = rt0->rt6i_dst.plen;
770 #ifdef CONFIG_IPV6_SUBTREES
771 if (rt0->rt6i_src.plen)
772 key_plen = rt0->rt6i_src.plen;
773 #endif
774 if (fn->fn_bit != key_plen)
775 return net->ipv6.ip6_null_entry;
777 match = find_rr_leaf(fn, leaf, rt0, rt0->rt6i_metric, oif, strict,
778 &do_rr);
780 if (do_rr) {
781 struct rt6_info *next = rcu_dereference(rt0->rt6_next);
783 /* no entries matched; do round-robin */
784 if (!next || next->rt6i_metric != rt0->rt6i_metric)
785 next = leaf;
787 if (next != rt0) {
788 spin_lock_bh(&leaf->rt6i_table->tb6_lock);
789 /* make sure next is not being deleted from the tree */
790 if (next->rt6i_node)
791 rcu_assign_pointer(fn->rr_ptr, next);
792 spin_unlock_bh(&leaf->rt6i_table->tb6_lock);
796 return match ? match : net->ipv6.ip6_null_entry;
799 static bool rt6_is_gw_or_nonexthop(const struct rt6_info *rt)
801 return (rt->rt6i_flags & (RTF_NONEXTHOP | RTF_GATEWAY));
804 #ifdef CONFIG_IPV6_ROUTE_INFO
805 int rt6_route_rcv(struct net_device *dev, u8 *opt, int len,
806 const struct in6_addr *gwaddr)
808 struct net *net = dev_net(dev);
809 struct route_info *rinfo = (struct route_info *) opt;
810 struct in6_addr prefix_buf, *prefix;
811 unsigned int pref;
812 unsigned long lifetime;
813 struct rt6_info *rt;
815 if (len < sizeof(struct route_info)) {
816 return -EINVAL;
819 /* Sanity check for prefix_len and length */
820 if (rinfo->length > 3) {
821 return -EINVAL;
822 } else if (rinfo->prefix_len > 128) {
823 return -EINVAL;
824 } else if (rinfo->prefix_len > 64) {
825 if (rinfo->length < 2) {
826 return -EINVAL;
828 } else if (rinfo->prefix_len > 0) {
829 if (rinfo->length < 1) {
830 return -EINVAL;
834 pref = rinfo->route_pref;
835 if (pref == ICMPV6_ROUTER_PREF_INVALID)
836 return -EINVAL;
838 lifetime = addrconf_timeout_fixup(ntohl(rinfo->lifetime), HZ);
840 if (rinfo->length == 3)
841 prefix = (struct in6_addr *)rinfo->prefix;
842 else {
843 /* this function is safe */
844 ipv6_addr_prefix(&prefix_buf,
845 (struct in6_addr *)rinfo->prefix,
846 rinfo->prefix_len);
847 prefix = &prefix_buf;
850 if (rinfo->prefix_len == 0)
851 rt = rt6_get_dflt_router(gwaddr, dev);
852 else
853 rt = rt6_get_route_info(net, prefix, rinfo->prefix_len,
854 gwaddr, dev);
856 if (rt && !lifetime) {
857 ip6_del_rt(rt);
858 rt = NULL;
861 if (!rt && lifetime)
862 rt = rt6_add_route_info(net, prefix, rinfo->prefix_len, gwaddr,
863 dev, pref);
864 else if (rt)
865 rt->rt6i_flags = RTF_ROUTEINFO |
866 (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
868 if (rt) {
869 if (!addrconf_finite_timeout(lifetime))
870 rt6_clean_expires(rt);
871 else
872 rt6_set_expires(rt, jiffies + HZ * lifetime);
874 ip6_rt_put(rt);
876 return 0;
878 #endif
880 static struct fib6_node* fib6_backtrack(struct fib6_node *fn,
881 struct in6_addr *saddr)
883 struct fib6_node *pn, *sn;
884 while (1) {
885 if (fn->fn_flags & RTN_TL_ROOT)
886 return NULL;
887 pn = rcu_dereference(fn->parent);
888 sn = FIB6_SUBTREE(pn);
889 if (sn && sn != fn)
890 fn = fib6_lookup(sn, NULL, saddr);
891 else
892 fn = pn;
893 if (fn->fn_flags & RTN_RTINFO)
894 return fn;
898 static bool ip6_hold_safe(struct net *net, struct rt6_info **prt,
899 bool null_fallback)
901 struct rt6_info *rt = *prt;
903 if (dst_hold_safe(&rt->dst))
904 return true;
905 if (null_fallback) {
906 rt = net->ipv6.ip6_null_entry;
907 dst_hold(&rt->dst);
908 } else {
909 rt = NULL;
911 *prt = rt;
912 return false;
915 static struct rt6_info *ip6_pol_route_lookup(struct net *net,
916 struct fib6_table *table,
917 struct flowi6 *fl6, int flags)
919 struct rt6_info *rt, *rt_cache;
920 struct fib6_node *fn;
922 rcu_read_lock();
923 fn = fib6_lookup(&table->tb6_root, &fl6->daddr, &fl6->saddr);
924 restart:
925 rt = rcu_dereference(fn->leaf);
926 if (!rt) {
927 rt = net->ipv6.ip6_null_entry;
928 } else {
929 rt = rt6_device_match(net, rt, &fl6->saddr,
930 fl6->flowi6_oif, flags);
931 if (rt->rt6i_nsiblings && fl6->flowi6_oif == 0)
932 rt = rt6_multipath_select(rt, fl6,
933 fl6->flowi6_oif, flags);
935 if (rt == net->ipv6.ip6_null_entry) {
936 fn = fib6_backtrack(fn, &fl6->saddr);
937 if (fn)
938 goto restart;
940 /* Search through exception table */
941 rt_cache = rt6_find_cached_rt(rt, &fl6->daddr, &fl6->saddr);
942 if (rt_cache)
943 rt = rt_cache;
945 if (ip6_hold_safe(net, &rt, true))
946 dst_use_noref(&rt->dst, jiffies);
948 rcu_read_unlock();
950 trace_fib6_table_lookup(net, rt, table, fl6);
952 return rt;
956 struct dst_entry *ip6_route_lookup(struct net *net, struct flowi6 *fl6,
957 int flags)
959 return fib6_rule_lookup(net, fl6, flags, ip6_pol_route_lookup);
961 EXPORT_SYMBOL_GPL(ip6_route_lookup);
963 struct rt6_info *rt6_lookup(struct net *net, const struct in6_addr *daddr,
964 const struct in6_addr *saddr, int oif, int strict)
966 struct flowi6 fl6 = {
967 .flowi6_oif = oif,
968 .daddr = *daddr,
970 struct dst_entry *dst;
971 int flags = strict ? RT6_LOOKUP_F_IFACE : 0;
973 if (saddr) {
974 memcpy(&fl6.saddr, saddr, sizeof(*saddr));
975 flags |= RT6_LOOKUP_F_HAS_SADDR;
978 dst = fib6_rule_lookup(net, &fl6, flags, ip6_pol_route_lookup);
979 if (dst->error == 0)
980 return (struct rt6_info *) dst;
982 dst_release(dst);
984 return NULL;
986 EXPORT_SYMBOL(rt6_lookup);
988 /* ip6_ins_rt is called with FREE table->tb6_lock.
989 * It takes new route entry, the addition fails by any reason the
990 * route is released.
991 * Caller must hold dst before calling it.
994 static int __ip6_ins_rt(struct rt6_info *rt, struct nl_info *info,
995 struct mx6_config *mxc,
996 struct netlink_ext_ack *extack)
998 int err;
999 struct fib6_table *table;
1001 table = rt->rt6i_table;
1002 spin_lock_bh(&table->tb6_lock);
1003 err = fib6_add(&table->tb6_root, rt, info, mxc, extack);
1004 spin_unlock_bh(&table->tb6_lock);
1006 return err;
1009 int ip6_ins_rt(struct rt6_info *rt)
1011 struct nl_info info = { .nl_net = dev_net(rt->dst.dev), };
1012 struct mx6_config mxc = { .mx = NULL, };
1014 /* Hold dst to account for the reference from the fib6 tree */
1015 dst_hold(&rt->dst);
1016 return __ip6_ins_rt(rt, &info, &mxc, NULL);
1019 /* called with rcu_lock held */
1020 static struct net_device *ip6_rt_get_dev_rcu(struct rt6_info *rt)
1022 struct net_device *dev = rt->dst.dev;
1024 if (rt->rt6i_flags & (RTF_LOCAL | RTF_ANYCAST)) {
1025 /* for copies of local routes, dst->dev needs to be the
1026 * device if it is a master device, the master device if
1027 * device is enslaved, and the loopback as the default
1029 if (netif_is_l3_slave(dev) &&
1030 !rt6_need_strict(&rt->rt6i_dst.addr))
1031 dev = l3mdev_master_dev_rcu(dev);
1032 else if (!netif_is_l3_master(dev))
1033 dev = dev_net(dev)->loopback_dev;
1034 /* last case is netif_is_l3_master(dev) is true in which
1035 * case we want dev returned to be dev
1039 return dev;
1042 static struct rt6_info *ip6_rt_cache_alloc(struct rt6_info *ort,
1043 const struct in6_addr *daddr,
1044 const struct in6_addr *saddr)
1046 struct net_device *dev;
1047 struct rt6_info *rt;
1050 * Clone the route.
1053 if (ort->rt6i_flags & (RTF_CACHE | RTF_PCPU))
1054 ort = ort->from;
1056 rcu_read_lock();
1057 dev = ip6_rt_get_dev_rcu(ort);
1058 rt = __ip6_dst_alloc(dev_net(dev), dev, 0);
1059 rcu_read_unlock();
1060 if (!rt)
1061 return NULL;
1063 ip6_rt_copy_init(rt, ort);
1064 rt->rt6i_flags |= RTF_CACHE;
1065 rt->rt6i_metric = 0;
1066 rt->dst.flags |= DST_HOST;
1067 rt->rt6i_dst.addr = *daddr;
1068 rt->rt6i_dst.plen = 128;
1070 if (!rt6_is_gw_or_nonexthop(ort)) {
1071 if (ort->rt6i_dst.plen != 128 &&
1072 ipv6_addr_equal(&ort->rt6i_dst.addr, daddr))
1073 rt->rt6i_flags |= RTF_ANYCAST;
1074 #ifdef CONFIG_IPV6_SUBTREES
1075 if (rt->rt6i_src.plen && saddr) {
1076 rt->rt6i_src.addr = *saddr;
1077 rt->rt6i_src.plen = 128;
1079 #endif
1082 return rt;
1085 static struct rt6_info *ip6_rt_pcpu_alloc(struct rt6_info *rt)
1087 struct net_device *dev;
1088 struct rt6_info *pcpu_rt;
1090 rcu_read_lock();
1091 dev = ip6_rt_get_dev_rcu(rt);
1092 pcpu_rt = __ip6_dst_alloc(dev_net(dev), dev, rt->dst.flags);
1093 rcu_read_unlock();
1094 if (!pcpu_rt)
1095 return NULL;
1096 ip6_rt_copy_init(pcpu_rt, rt);
1097 pcpu_rt->rt6i_protocol = rt->rt6i_protocol;
1098 pcpu_rt->rt6i_flags |= RTF_PCPU;
1099 return pcpu_rt;
1102 /* It should be called with rcu_read_lock() acquired */
1103 static struct rt6_info *rt6_get_pcpu_route(struct rt6_info *rt)
1105 struct rt6_info *pcpu_rt, **p;
1107 p = this_cpu_ptr(rt->rt6i_pcpu);
1108 pcpu_rt = *p;
1110 if (pcpu_rt && ip6_hold_safe(NULL, &pcpu_rt, false))
1111 rt6_dst_from_metrics_check(pcpu_rt);
1113 return pcpu_rt;
1116 static struct rt6_info *rt6_make_pcpu_route(struct rt6_info *rt)
1118 struct rt6_info *pcpu_rt, *prev, **p;
1120 pcpu_rt = ip6_rt_pcpu_alloc(rt);
1121 if (!pcpu_rt) {
1122 struct net *net = dev_net(rt->dst.dev);
1124 dst_hold(&net->ipv6.ip6_null_entry->dst);
1125 return net->ipv6.ip6_null_entry;
1128 dst_hold(&pcpu_rt->dst);
1129 p = this_cpu_ptr(rt->rt6i_pcpu);
1130 prev = cmpxchg(p, NULL, pcpu_rt);
1131 BUG_ON(prev);
1133 rt6_dst_from_metrics_check(pcpu_rt);
1134 return pcpu_rt;
1137 /* exception hash table implementation
1139 static DEFINE_SPINLOCK(rt6_exception_lock);
1141 /* Remove rt6_ex from hash table and free the memory
1142 * Caller must hold rt6_exception_lock
1144 static void rt6_remove_exception(struct rt6_exception_bucket *bucket,
1145 struct rt6_exception *rt6_ex)
1147 struct net *net;
1149 if (!bucket || !rt6_ex)
1150 return;
1152 net = dev_net(rt6_ex->rt6i->dst.dev);
1153 rt6_ex->rt6i->rt6i_node = NULL;
1154 hlist_del_rcu(&rt6_ex->hlist);
1155 rt6_release(rt6_ex->rt6i);
1156 kfree_rcu(rt6_ex, rcu);
1157 WARN_ON_ONCE(!bucket->depth);
1158 bucket->depth--;
1159 net->ipv6.rt6_stats->fib_rt_cache--;
1162 /* Remove oldest rt6_ex in bucket and free the memory
1163 * Caller must hold rt6_exception_lock
1165 static void rt6_exception_remove_oldest(struct rt6_exception_bucket *bucket)
1167 struct rt6_exception *rt6_ex, *oldest = NULL;
1169 if (!bucket)
1170 return;
1172 hlist_for_each_entry(rt6_ex, &bucket->chain, hlist) {
1173 if (!oldest || time_before(rt6_ex->stamp, oldest->stamp))
1174 oldest = rt6_ex;
1176 rt6_remove_exception(bucket, oldest);
1179 static u32 rt6_exception_hash(const struct in6_addr *dst,
1180 const struct in6_addr *src)
1182 static u32 seed __read_mostly;
1183 u32 val;
1185 net_get_random_once(&seed, sizeof(seed));
1186 val = jhash(dst, sizeof(*dst), seed);
1188 #ifdef CONFIG_IPV6_SUBTREES
1189 if (src)
1190 val = jhash(src, sizeof(*src), val);
1191 #endif
1192 return hash_32(val, FIB6_EXCEPTION_BUCKET_SIZE_SHIFT);
1195 /* Helper function to find the cached rt in the hash table
1196 * and update bucket pointer to point to the bucket for this
1197 * (daddr, saddr) pair
1198 * Caller must hold rt6_exception_lock
1200 static struct rt6_exception *
1201 __rt6_find_exception_spinlock(struct rt6_exception_bucket **bucket,
1202 const struct in6_addr *daddr,
1203 const struct in6_addr *saddr)
1205 struct rt6_exception *rt6_ex;
1206 u32 hval;
1208 if (!(*bucket) || !daddr)
1209 return NULL;
1211 hval = rt6_exception_hash(daddr, saddr);
1212 *bucket += hval;
1214 hlist_for_each_entry(rt6_ex, &(*bucket)->chain, hlist) {
1215 struct rt6_info *rt6 = rt6_ex->rt6i;
1216 bool matched = ipv6_addr_equal(daddr, &rt6->rt6i_dst.addr);
1218 #ifdef CONFIG_IPV6_SUBTREES
1219 if (matched && saddr)
1220 matched = ipv6_addr_equal(saddr, &rt6->rt6i_src.addr);
1221 #endif
1222 if (matched)
1223 return rt6_ex;
1225 return NULL;
1228 /* Helper function to find the cached rt in the hash table
1229 * and update bucket pointer to point to the bucket for this
1230 * (daddr, saddr) pair
1231 * Caller must hold rcu_read_lock()
1233 static struct rt6_exception *
1234 __rt6_find_exception_rcu(struct rt6_exception_bucket **bucket,
1235 const struct in6_addr *daddr,
1236 const struct in6_addr *saddr)
1238 struct rt6_exception *rt6_ex;
1239 u32 hval;
1241 WARN_ON_ONCE(!rcu_read_lock_held());
1243 if (!(*bucket) || !daddr)
1244 return NULL;
1246 hval = rt6_exception_hash(daddr, saddr);
1247 *bucket += hval;
1249 hlist_for_each_entry_rcu(rt6_ex, &(*bucket)->chain, hlist) {
1250 struct rt6_info *rt6 = rt6_ex->rt6i;
1251 bool matched = ipv6_addr_equal(daddr, &rt6->rt6i_dst.addr);
1253 #ifdef CONFIG_IPV6_SUBTREES
1254 if (matched && saddr)
1255 matched = ipv6_addr_equal(saddr, &rt6->rt6i_src.addr);
1256 #endif
1257 if (matched)
1258 return rt6_ex;
1260 return NULL;
1263 static int rt6_insert_exception(struct rt6_info *nrt,
1264 struct rt6_info *ort)
1266 struct net *net = dev_net(ort->dst.dev);
1267 struct rt6_exception_bucket *bucket;
1268 struct in6_addr *src_key = NULL;
1269 struct rt6_exception *rt6_ex;
1270 int err = 0;
1272 /* ort can't be a cache or pcpu route */
1273 if (ort->rt6i_flags & (RTF_CACHE | RTF_PCPU))
1274 ort = ort->from;
1275 WARN_ON_ONCE(ort->rt6i_flags & (RTF_CACHE | RTF_PCPU));
1277 spin_lock_bh(&rt6_exception_lock);
1279 if (ort->exception_bucket_flushed) {
1280 err = -EINVAL;
1281 goto out;
1284 bucket = rcu_dereference_protected(ort->rt6i_exception_bucket,
1285 lockdep_is_held(&rt6_exception_lock));
1286 if (!bucket) {
1287 bucket = kcalloc(FIB6_EXCEPTION_BUCKET_SIZE, sizeof(*bucket),
1288 GFP_ATOMIC);
1289 if (!bucket) {
1290 err = -ENOMEM;
1291 goto out;
1293 rcu_assign_pointer(ort->rt6i_exception_bucket, bucket);
1296 #ifdef CONFIG_IPV6_SUBTREES
1297 /* rt6i_src.plen != 0 indicates ort is in subtree
1298 * and exception table is indexed by a hash of
1299 * both rt6i_dst and rt6i_src.
1300 * Otherwise, the exception table is indexed by
1301 * a hash of only rt6i_dst.
1303 if (ort->rt6i_src.plen)
1304 src_key = &nrt->rt6i_src.addr;
1305 #endif
1307 /* Update rt6i_prefsrc as it could be changed
1308 * in rt6_remove_prefsrc()
1310 nrt->rt6i_prefsrc = ort->rt6i_prefsrc;
1311 /* rt6_mtu_change() might lower mtu on ort.
1312 * Only insert this exception route if its mtu
1313 * is less than ort's mtu value.
1315 if (nrt->rt6i_pmtu >= dst_mtu(&ort->dst)) {
1316 err = -EINVAL;
1317 goto out;
1320 rt6_ex = __rt6_find_exception_spinlock(&bucket, &nrt->rt6i_dst.addr,
1321 src_key);
1322 if (rt6_ex)
1323 rt6_remove_exception(bucket, rt6_ex);
1325 rt6_ex = kzalloc(sizeof(*rt6_ex), GFP_ATOMIC);
1326 if (!rt6_ex) {
1327 err = -ENOMEM;
1328 goto out;
1330 rt6_ex->rt6i = nrt;
1331 rt6_ex->stamp = jiffies;
1332 atomic_inc(&nrt->rt6i_ref);
1333 nrt->rt6i_node = ort->rt6i_node;
1334 hlist_add_head_rcu(&rt6_ex->hlist, &bucket->chain);
1335 bucket->depth++;
1336 net->ipv6.rt6_stats->fib_rt_cache++;
1338 if (bucket->depth > FIB6_MAX_DEPTH)
1339 rt6_exception_remove_oldest(bucket);
1341 out:
1342 spin_unlock_bh(&rt6_exception_lock);
1344 /* Update fn->fn_sernum to invalidate all cached dst */
1345 if (!err) {
1346 spin_lock_bh(&ort->rt6i_table->tb6_lock);
1347 fib6_update_sernum(ort);
1348 spin_unlock_bh(&ort->rt6i_table->tb6_lock);
1349 fib6_force_start_gc(net);
1352 return err;
1355 void rt6_flush_exceptions(struct rt6_info *rt)
1357 struct rt6_exception_bucket *bucket;
1358 struct rt6_exception *rt6_ex;
1359 struct hlist_node *tmp;
1360 int i;
1362 spin_lock_bh(&rt6_exception_lock);
1363 /* Prevent rt6_insert_exception() to recreate the bucket list */
1364 rt->exception_bucket_flushed = 1;
1366 bucket = rcu_dereference_protected(rt->rt6i_exception_bucket,
1367 lockdep_is_held(&rt6_exception_lock));
1368 if (!bucket)
1369 goto out;
1371 for (i = 0; i < FIB6_EXCEPTION_BUCKET_SIZE; i++) {
1372 hlist_for_each_entry_safe(rt6_ex, tmp, &bucket->chain, hlist)
1373 rt6_remove_exception(bucket, rt6_ex);
1374 WARN_ON_ONCE(bucket->depth);
1375 bucket++;
1378 out:
1379 spin_unlock_bh(&rt6_exception_lock);
1382 /* Find cached rt in the hash table inside passed in rt
1383 * Caller has to hold rcu_read_lock()
1385 static struct rt6_info *rt6_find_cached_rt(struct rt6_info *rt,
1386 struct in6_addr *daddr,
1387 struct in6_addr *saddr)
1389 struct rt6_exception_bucket *bucket;
1390 struct in6_addr *src_key = NULL;
1391 struct rt6_exception *rt6_ex;
1392 struct rt6_info *res = NULL;
1394 bucket = rcu_dereference(rt->rt6i_exception_bucket);
1396 #ifdef CONFIG_IPV6_SUBTREES
1397 /* rt6i_src.plen != 0 indicates rt is in subtree
1398 * and exception table is indexed by a hash of
1399 * both rt6i_dst and rt6i_src.
1400 * Otherwise, the exception table is indexed by
1401 * a hash of only rt6i_dst.
1403 if (rt->rt6i_src.plen)
1404 src_key = saddr;
1405 #endif
1406 rt6_ex = __rt6_find_exception_rcu(&bucket, daddr, src_key);
1408 if (rt6_ex && !rt6_check_expired(rt6_ex->rt6i))
1409 res = rt6_ex->rt6i;
1411 return res;
1414 /* Remove the passed in cached rt from the hash table that contains it */
1415 int rt6_remove_exception_rt(struct rt6_info *rt)
1417 struct rt6_exception_bucket *bucket;
1418 struct rt6_info *from = rt->from;
1419 struct in6_addr *src_key = NULL;
1420 struct rt6_exception *rt6_ex;
1421 int err;
1423 if (!from ||
1424 !(rt->rt6i_flags & RTF_CACHE))
1425 return -EINVAL;
1427 if (!rcu_access_pointer(from->rt6i_exception_bucket))
1428 return -ENOENT;
1430 spin_lock_bh(&rt6_exception_lock);
1431 bucket = rcu_dereference_protected(from->rt6i_exception_bucket,
1432 lockdep_is_held(&rt6_exception_lock));
1433 #ifdef CONFIG_IPV6_SUBTREES
1434 /* rt6i_src.plen != 0 indicates 'from' is in subtree
1435 * and exception table is indexed by a hash of
1436 * both rt6i_dst and rt6i_src.
1437 * Otherwise, the exception table is indexed by
1438 * a hash of only rt6i_dst.
1440 if (from->rt6i_src.plen)
1441 src_key = &rt->rt6i_src.addr;
1442 #endif
1443 rt6_ex = __rt6_find_exception_spinlock(&bucket,
1444 &rt->rt6i_dst.addr,
1445 src_key);
1446 if (rt6_ex) {
1447 rt6_remove_exception(bucket, rt6_ex);
1448 err = 0;
1449 } else {
1450 err = -ENOENT;
1453 spin_unlock_bh(&rt6_exception_lock);
1454 return err;
1457 /* Find rt6_ex which contains the passed in rt cache and
1458 * refresh its stamp
1460 static void rt6_update_exception_stamp_rt(struct rt6_info *rt)
1462 struct rt6_exception_bucket *bucket;
1463 struct rt6_info *from = rt->from;
1464 struct in6_addr *src_key = NULL;
1465 struct rt6_exception *rt6_ex;
1467 if (!from ||
1468 !(rt->rt6i_flags & RTF_CACHE))
1469 return;
1471 rcu_read_lock();
1472 bucket = rcu_dereference(from->rt6i_exception_bucket);
1474 #ifdef CONFIG_IPV6_SUBTREES
1475 /* rt6i_src.plen != 0 indicates 'from' is in subtree
1476 * and exception table is indexed by a hash of
1477 * both rt6i_dst and rt6i_src.
1478 * Otherwise, the exception table is indexed by
1479 * a hash of only rt6i_dst.
1481 if (from->rt6i_src.plen)
1482 src_key = &rt->rt6i_src.addr;
1483 #endif
1484 rt6_ex = __rt6_find_exception_rcu(&bucket,
1485 &rt->rt6i_dst.addr,
1486 src_key);
1487 if (rt6_ex)
1488 rt6_ex->stamp = jiffies;
1490 rcu_read_unlock();
1493 static void rt6_exceptions_remove_prefsrc(struct rt6_info *rt)
1495 struct rt6_exception_bucket *bucket;
1496 struct rt6_exception *rt6_ex;
1497 int i;
1499 bucket = rcu_dereference_protected(rt->rt6i_exception_bucket,
1500 lockdep_is_held(&rt6_exception_lock));
1502 if (bucket) {
1503 for (i = 0; i < FIB6_EXCEPTION_BUCKET_SIZE; i++) {
1504 hlist_for_each_entry(rt6_ex, &bucket->chain, hlist) {
1505 rt6_ex->rt6i->rt6i_prefsrc.plen = 0;
1507 bucket++;
1512 static void rt6_exceptions_update_pmtu(struct rt6_info *rt, int mtu)
1514 struct rt6_exception_bucket *bucket;
1515 struct rt6_exception *rt6_ex;
1516 int i;
1518 bucket = rcu_dereference_protected(rt->rt6i_exception_bucket,
1519 lockdep_is_held(&rt6_exception_lock));
1521 if (bucket) {
1522 for (i = 0; i < FIB6_EXCEPTION_BUCKET_SIZE; i++) {
1523 hlist_for_each_entry(rt6_ex, &bucket->chain, hlist) {
1524 struct rt6_info *entry = rt6_ex->rt6i;
1525 /* For RTF_CACHE with rt6i_pmtu == 0
1526 * (i.e. a redirected route),
1527 * the metrics of its rt->dst.from has already
1528 * been updated.
1530 if (entry->rt6i_pmtu && entry->rt6i_pmtu > mtu)
1531 entry->rt6i_pmtu = mtu;
1533 bucket++;
1538 #define RTF_CACHE_GATEWAY (RTF_GATEWAY | RTF_CACHE)
1540 static void rt6_exceptions_clean_tohost(struct rt6_info *rt,
1541 struct in6_addr *gateway)
1543 struct rt6_exception_bucket *bucket;
1544 struct rt6_exception *rt6_ex;
1545 struct hlist_node *tmp;
1546 int i;
1548 if (!rcu_access_pointer(rt->rt6i_exception_bucket))
1549 return;
1551 spin_lock_bh(&rt6_exception_lock);
1552 bucket = rcu_dereference_protected(rt->rt6i_exception_bucket,
1553 lockdep_is_held(&rt6_exception_lock));
1555 if (bucket) {
1556 for (i = 0; i < FIB6_EXCEPTION_BUCKET_SIZE; i++) {
1557 hlist_for_each_entry_safe(rt6_ex, tmp,
1558 &bucket->chain, hlist) {
1559 struct rt6_info *entry = rt6_ex->rt6i;
1561 if ((entry->rt6i_flags & RTF_CACHE_GATEWAY) ==
1562 RTF_CACHE_GATEWAY &&
1563 ipv6_addr_equal(gateway,
1564 &entry->rt6i_gateway)) {
1565 rt6_remove_exception(bucket, rt6_ex);
1568 bucket++;
1572 spin_unlock_bh(&rt6_exception_lock);
1575 static void rt6_age_examine_exception(struct rt6_exception_bucket *bucket,
1576 struct rt6_exception *rt6_ex,
1577 struct fib6_gc_args *gc_args,
1578 unsigned long now)
1580 struct rt6_info *rt = rt6_ex->rt6i;
1582 /* we are pruning and obsoleting aged-out and non gateway exceptions
1583 * even if others have still references to them, so that on next
1584 * dst_check() such references can be dropped.
1585 * EXPIRES exceptions - e.g. pmtu-generated ones are pruned when
1586 * expired, independently from their aging, as per RFC 8201 section 4
1588 if (!(rt->rt6i_flags & RTF_EXPIRES)) {
1589 if (time_after_eq(now, rt->dst.lastuse + gc_args->timeout)) {
1590 RT6_TRACE("aging clone %p\n", rt);
1591 rt6_remove_exception(bucket, rt6_ex);
1592 return;
1594 } else if (time_after(jiffies, rt->dst.expires)) {
1595 RT6_TRACE("purging expired route %p\n", rt);
1596 rt6_remove_exception(bucket, rt6_ex);
1597 return;
1600 if (rt->rt6i_flags & RTF_GATEWAY) {
1601 struct neighbour *neigh;
1602 __u8 neigh_flags = 0;
1604 neigh = dst_neigh_lookup(&rt->dst, &rt->rt6i_gateway);
1605 if (neigh) {
1606 neigh_flags = neigh->flags;
1607 neigh_release(neigh);
1609 if (!(neigh_flags & NTF_ROUTER)) {
1610 RT6_TRACE("purging route %p via non-router but gateway\n",
1611 rt);
1612 rt6_remove_exception(bucket, rt6_ex);
1613 return;
1617 gc_args->more++;
1620 void rt6_age_exceptions(struct rt6_info *rt,
1621 struct fib6_gc_args *gc_args,
1622 unsigned long now)
1624 struct rt6_exception_bucket *bucket;
1625 struct rt6_exception *rt6_ex;
1626 struct hlist_node *tmp;
1627 int i;
1629 if (!rcu_access_pointer(rt->rt6i_exception_bucket))
1630 return;
1632 spin_lock_bh(&rt6_exception_lock);
1633 bucket = rcu_dereference_protected(rt->rt6i_exception_bucket,
1634 lockdep_is_held(&rt6_exception_lock));
1636 if (bucket) {
1637 for (i = 0; i < FIB6_EXCEPTION_BUCKET_SIZE; i++) {
1638 hlist_for_each_entry_safe(rt6_ex, tmp,
1639 &bucket->chain, hlist) {
1640 rt6_age_examine_exception(bucket, rt6_ex,
1641 gc_args, now);
1643 bucket++;
1646 spin_unlock_bh(&rt6_exception_lock);
1649 struct rt6_info *ip6_pol_route(struct net *net, struct fib6_table *table,
1650 int oif, struct flowi6 *fl6, int flags)
1652 struct fib6_node *fn, *saved_fn;
1653 struct rt6_info *rt, *rt_cache;
1654 int strict = 0;
1656 strict |= flags & RT6_LOOKUP_F_IFACE;
1657 strict |= flags & RT6_LOOKUP_F_IGNORE_LINKSTATE;
1658 if (net->ipv6.devconf_all->forwarding == 0)
1659 strict |= RT6_LOOKUP_F_REACHABLE;
1661 rcu_read_lock();
1663 fn = fib6_lookup(&table->tb6_root, &fl6->daddr, &fl6->saddr);
1664 saved_fn = fn;
1666 if (fl6->flowi6_flags & FLOWI_FLAG_SKIP_NH_OIF)
1667 oif = 0;
1669 redo_rt6_select:
1670 rt = rt6_select(net, fn, oif, strict);
1671 if (rt->rt6i_nsiblings)
1672 rt = rt6_multipath_select(rt, fl6, oif, strict);
1673 if (rt == net->ipv6.ip6_null_entry) {
1674 fn = fib6_backtrack(fn, &fl6->saddr);
1675 if (fn)
1676 goto redo_rt6_select;
1677 else if (strict & RT6_LOOKUP_F_REACHABLE) {
1678 /* also consider unreachable route */
1679 strict &= ~RT6_LOOKUP_F_REACHABLE;
1680 fn = saved_fn;
1681 goto redo_rt6_select;
1685 /*Search through exception table */
1686 rt_cache = rt6_find_cached_rt(rt, &fl6->daddr, &fl6->saddr);
1687 if (rt_cache)
1688 rt = rt_cache;
1690 if (rt == net->ipv6.ip6_null_entry) {
1691 rcu_read_unlock();
1692 dst_hold(&rt->dst);
1693 trace_fib6_table_lookup(net, rt, table, fl6);
1694 return rt;
1695 } else if (rt->rt6i_flags & RTF_CACHE) {
1696 if (ip6_hold_safe(net, &rt, true)) {
1697 dst_use_noref(&rt->dst, jiffies);
1698 rt6_dst_from_metrics_check(rt);
1700 rcu_read_unlock();
1701 trace_fib6_table_lookup(net, rt, table, fl6);
1702 return rt;
1703 } else if (unlikely((fl6->flowi6_flags & FLOWI_FLAG_KNOWN_NH) &&
1704 !(rt->rt6i_flags & RTF_GATEWAY))) {
1705 /* Create a RTF_CACHE clone which will not be
1706 * owned by the fib6 tree. It is for the special case where
1707 * the daddr in the skb during the neighbor look-up is different
1708 * from the fl6->daddr used to look-up route here.
1711 struct rt6_info *uncached_rt;
1713 if (ip6_hold_safe(net, &rt, true)) {
1714 dst_use_noref(&rt->dst, jiffies);
1715 } else {
1716 rcu_read_unlock();
1717 uncached_rt = rt;
1718 goto uncached_rt_out;
1720 rcu_read_unlock();
1722 uncached_rt = ip6_rt_cache_alloc(rt, &fl6->daddr, NULL);
1723 dst_release(&rt->dst);
1725 if (uncached_rt) {
1726 /* Uncached_rt's refcnt is taken during ip6_rt_cache_alloc()
1727 * No need for another dst_hold()
1729 rt6_uncached_list_add(uncached_rt);
1730 atomic_inc(&net->ipv6.rt6_stats->fib_rt_uncache);
1731 } else {
1732 uncached_rt = net->ipv6.ip6_null_entry;
1733 dst_hold(&uncached_rt->dst);
1736 uncached_rt_out:
1737 trace_fib6_table_lookup(net, uncached_rt, table, fl6);
1738 return uncached_rt;
1740 } else {
1741 /* Get a percpu copy */
1743 struct rt6_info *pcpu_rt;
1745 dst_use_noref(&rt->dst, jiffies);
1746 local_bh_disable();
1747 pcpu_rt = rt6_get_pcpu_route(rt);
1749 if (!pcpu_rt) {
1750 /* atomic_inc_not_zero() is needed when using rcu */
1751 if (atomic_inc_not_zero(&rt->rt6i_ref)) {
1752 /* No dst_hold() on rt is needed because grabbing
1753 * rt->rt6i_ref makes sure rt can't be released.
1755 pcpu_rt = rt6_make_pcpu_route(rt);
1756 rt6_release(rt);
1757 } else {
1758 /* rt is already removed from tree */
1759 pcpu_rt = net->ipv6.ip6_null_entry;
1760 dst_hold(&pcpu_rt->dst);
1763 local_bh_enable();
1764 rcu_read_unlock();
1765 trace_fib6_table_lookup(net, pcpu_rt, table, fl6);
1766 return pcpu_rt;
1769 EXPORT_SYMBOL_GPL(ip6_pol_route);
1771 static struct rt6_info *ip6_pol_route_input(struct net *net, struct fib6_table *table,
1772 struct flowi6 *fl6, int flags)
1774 return ip6_pol_route(net, table, fl6->flowi6_iif, fl6, flags);
1777 struct dst_entry *ip6_route_input_lookup(struct net *net,
1778 struct net_device *dev,
1779 struct flowi6 *fl6, int flags)
1781 if (rt6_need_strict(&fl6->daddr) && dev->type != ARPHRD_PIMREG)
1782 flags |= RT6_LOOKUP_F_IFACE;
1784 return fib6_rule_lookup(net, fl6, flags, ip6_pol_route_input);
1786 EXPORT_SYMBOL_GPL(ip6_route_input_lookup);
1788 static void ip6_multipath_l3_keys(const struct sk_buff *skb,
1789 struct flow_keys *keys)
1791 const struct ipv6hdr *outer_iph = ipv6_hdr(skb);
1792 const struct ipv6hdr *key_iph = outer_iph;
1793 const struct ipv6hdr *inner_iph;
1794 const struct icmp6hdr *icmph;
1795 struct ipv6hdr _inner_iph;
1797 if (likely(outer_iph->nexthdr != IPPROTO_ICMPV6))
1798 goto out;
1800 icmph = icmp6_hdr(skb);
1801 if (icmph->icmp6_type != ICMPV6_DEST_UNREACH &&
1802 icmph->icmp6_type != ICMPV6_PKT_TOOBIG &&
1803 icmph->icmp6_type != ICMPV6_TIME_EXCEED &&
1804 icmph->icmp6_type != ICMPV6_PARAMPROB)
1805 goto out;
1807 inner_iph = skb_header_pointer(skb,
1808 skb_transport_offset(skb) + sizeof(*icmph),
1809 sizeof(_inner_iph), &_inner_iph);
1810 if (!inner_iph)
1811 goto out;
1813 key_iph = inner_iph;
1814 out:
1815 memset(keys, 0, sizeof(*keys));
1816 keys->control.addr_type = FLOW_DISSECTOR_KEY_IPV6_ADDRS;
1817 keys->addrs.v6addrs.src = key_iph->saddr;
1818 keys->addrs.v6addrs.dst = key_iph->daddr;
1819 keys->tags.flow_label = ip6_flowinfo(key_iph);
1820 keys->basic.ip_proto = key_iph->nexthdr;
1823 /* if skb is set it will be used and fl6 can be NULL */
1824 u32 rt6_multipath_hash(const struct flowi6 *fl6, const struct sk_buff *skb)
1826 struct flow_keys hash_keys;
1828 if (skb) {
1829 ip6_multipath_l3_keys(skb, &hash_keys);
1830 return flow_hash_from_keys(&hash_keys) >> 1;
1833 return get_hash_from_flowi6(fl6) >> 1;
1836 void ip6_route_input(struct sk_buff *skb)
1838 const struct ipv6hdr *iph = ipv6_hdr(skb);
1839 struct net *net = dev_net(skb->dev);
1840 int flags = RT6_LOOKUP_F_HAS_SADDR;
1841 struct ip_tunnel_info *tun_info;
1842 struct flowi6 fl6 = {
1843 .flowi6_iif = skb->dev->ifindex,
1844 .daddr = iph->daddr,
1845 .saddr = iph->saddr,
1846 .flowlabel = ip6_flowinfo(iph),
1847 .flowi6_mark = skb->mark,
1848 .flowi6_proto = iph->nexthdr,
1851 tun_info = skb_tunnel_info(skb);
1852 if (tun_info && !(tun_info->mode & IP_TUNNEL_INFO_TX))
1853 fl6.flowi6_tun_key.tun_id = tun_info->key.tun_id;
1854 if (unlikely(fl6.flowi6_proto == IPPROTO_ICMPV6))
1855 fl6.mp_hash = rt6_multipath_hash(&fl6, skb);
1856 skb_dst_drop(skb);
1857 skb_dst_set(skb, ip6_route_input_lookup(net, skb->dev, &fl6, flags));
1860 static struct rt6_info *ip6_pol_route_output(struct net *net, struct fib6_table *table,
1861 struct flowi6 *fl6, int flags)
1863 return ip6_pol_route(net, table, fl6->flowi6_oif, fl6, flags);
1866 struct dst_entry *ip6_route_output_flags(struct net *net, const struct sock *sk,
1867 struct flowi6 *fl6, int flags)
1869 bool any_src;
1871 if (rt6_need_strict(&fl6->daddr)) {
1872 struct dst_entry *dst;
1874 dst = l3mdev_link_scope_lookup(net, fl6);
1875 if (dst)
1876 return dst;
1879 fl6->flowi6_iif = LOOPBACK_IFINDEX;
1881 any_src = ipv6_addr_any(&fl6->saddr);
1882 if ((sk && sk->sk_bound_dev_if) || rt6_need_strict(&fl6->daddr) ||
1883 (fl6->flowi6_oif && any_src))
1884 flags |= RT6_LOOKUP_F_IFACE;
1886 if (!any_src)
1887 flags |= RT6_LOOKUP_F_HAS_SADDR;
1888 else if (sk)
1889 flags |= rt6_srcprefs2flags(inet6_sk(sk)->srcprefs);
1891 return fib6_rule_lookup(net, fl6, flags, ip6_pol_route_output);
1893 EXPORT_SYMBOL_GPL(ip6_route_output_flags);
1895 struct dst_entry *ip6_blackhole_route(struct net *net, struct dst_entry *dst_orig)
1897 struct rt6_info *rt, *ort = (struct rt6_info *) dst_orig;
1898 struct net_device *loopback_dev = net->loopback_dev;
1899 struct dst_entry *new = NULL;
1901 rt = dst_alloc(&ip6_dst_blackhole_ops, loopback_dev, 1,
1902 DST_OBSOLETE_DEAD, 0);
1903 if (rt) {
1904 rt6_info_init(rt);
1905 atomic_inc(&net->ipv6.rt6_stats->fib_rt_alloc);
1907 new = &rt->dst;
1908 new->__use = 1;
1909 new->input = dst_discard;
1910 new->output = dst_discard_out;
1912 dst_copy_metrics(new, &ort->dst);
1914 rt->rt6i_idev = in6_dev_get(loopback_dev);
1915 rt->rt6i_gateway = ort->rt6i_gateway;
1916 rt->rt6i_flags = ort->rt6i_flags & ~RTF_PCPU;
1917 rt->rt6i_metric = 0;
1919 memcpy(&rt->rt6i_dst, &ort->rt6i_dst, sizeof(struct rt6key));
1920 #ifdef CONFIG_IPV6_SUBTREES
1921 memcpy(&rt->rt6i_src, &ort->rt6i_src, sizeof(struct rt6key));
1922 #endif
1925 dst_release(dst_orig);
1926 return new ? new : ERR_PTR(-ENOMEM);
1930 * Destination cache support functions
1933 static void rt6_dst_from_metrics_check(struct rt6_info *rt)
1935 if (rt->from &&
1936 dst_metrics_ptr(&rt->dst) != dst_metrics_ptr(&rt->from->dst))
1937 dst_init_metrics(&rt->dst, dst_metrics_ptr(&rt->from->dst), true);
1940 static struct dst_entry *rt6_check(struct rt6_info *rt, u32 cookie)
1942 u32 rt_cookie = 0;
1944 if (!rt6_get_cookie_safe(rt, &rt_cookie) || rt_cookie != cookie)
1945 return NULL;
1947 if (rt6_check_expired(rt))
1948 return NULL;
1950 return &rt->dst;
1953 static struct dst_entry *rt6_dst_from_check(struct rt6_info *rt, u32 cookie)
1955 if (!__rt6_check_expired(rt) &&
1956 rt->dst.obsolete == DST_OBSOLETE_FORCE_CHK &&
1957 rt6_check(rt->from, cookie))
1958 return &rt->dst;
1959 else
1960 return NULL;
1963 static struct dst_entry *ip6_dst_check(struct dst_entry *dst, u32 cookie)
1965 struct rt6_info *rt;
1967 rt = (struct rt6_info *) dst;
1969 /* All IPV6 dsts are created with ->obsolete set to the value
1970 * DST_OBSOLETE_FORCE_CHK which forces validation calls down
1971 * into this function always.
1974 rt6_dst_from_metrics_check(rt);
1976 if (rt->rt6i_flags & RTF_PCPU ||
1977 (unlikely(!list_empty(&rt->rt6i_uncached)) && rt->from))
1978 return rt6_dst_from_check(rt, cookie);
1979 else
1980 return rt6_check(rt, cookie);
1983 static struct dst_entry *ip6_negative_advice(struct dst_entry *dst)
1985 struct rt6_info *rt = (struct rt6_info *) dst;
1987 if (rt) {
1988 if (rt->rt6i_flags & RTF_CACHE) {
1989 if (rt6_check_expired(rt)) {
1990 ip6_del_rt(rt);
1991 dst = NULL;
1993 } else {
1994 dst_release(dst);
1995 dst = NULL;
1998 return dst;
2001 static void ip6_link_failure(struct sk_buff *skb)
2003 struct rt6_info *rt;
2005 icmpv6_send(skb, ICMPV6_DEST_UNREACH, ICMPV6_ADDR_UNREACH, 0);
2007 rt = (struct rt6_info *) skb_dst(skb);
2008 if (rt) {
2009 if (rt->rt6i_flags & RTF_CACHE) {
2010 if (dst_hold_safe(&rt->dst))
2011 ip6_del_rt(rt);
2012 } else {
2013 struct fib6_node *fn;
2015 rcu_read_lock();
2016 fn = rcu_dereference(rt->rt6i_node);
2017 if (fn && (rt->rt6i_flags & RTF_DEFAULT))
2018 fn->fn_sernum = -1;
2019 rcu_read_unlock();
2024 static void rt6_do_update_pmtu(struct rt6_info *rt, u32 mtu)
2026 struct net *net = dev_net(rt->dst.dev);
2028 rt->rt6i_flags |= RTF_MODIFIED;
2029 rt->rt6i_pmtu = mtu;
2030 rt6_update_expires(rt, net->ipv6.sysctl.ip6_rt_mtu_expires);
2033 static bool rt6_cache_allowed_for_pmtu(const struct rt6_info *rt)
2035 return !(rt->rt6i_flags & RTF_CACHE) &&
2036 (rt->rt6i_flags & RTF_PCPU ||
2037 rcu_access_pointer(rt->rt6i_node));
2040 static void __ip6_rt_update_pmtu(struct dst_entry *dst, const struct sock *sk,
2041 const struct ipv6hdr *iph, u32 mtu)
2043 const struct in6_addr *daddr, *saddr;
2044 struct rt6_info *rt6 = (struct rt6_info *)dst;
2046 if (rt6->rt6i_flags & RTF_LOCAL)
2047 return;
2049 if (dst_metric_locked(dst, RTAX_MTU))
2050 return;
2052 if (iph) {
2053 daddr = &iph->daddr;
2054 saddr = &iph->saddr;
2055 } else if (sk) {
2056 daddr = &sk->sk_v6_daddr;
2057 saddr = &inet6_sk(sk)->saddr;
2058 } else {
2059 daddr = NULL;
2060 saddr = NULL;
2062 dst_confirm_neigh(dst, daddr);
2063 mtu = max_t(u32, mtu, IPV6_MIN_MTU);
2064 if (mtu >= dst_mtu(dst))
2065 return;
2067 if (!rt6_cache_allowed_for_pmtu(rt6)) {
2068 rt6_do_update_pmtu(rt6, mtu);
2069 /* update rt6_ex->stamp for cache */
2070 if (rt6->rt6i_flags & RTF_CACHE)
2071 rt6_update_exception_stamp_rt(rt6);
2072 } else if (daddr) {
2073 struct rt6_info *nrt6;
2075 nrt6 = ip6_rt_cache_alloc(rt6, daddr, saddr);
2076 if (nrt6) {
2077 rt6_do_update_pmtu(nrt6, mtu);
2078 if (rt6_insert_exception(nrt6, rt6))
2079 dst_release_immediate(&nrt6->dst);
2084 static void ip6_rt_update_pmtu(struct dst_entry *dst, struct sock *sk,
2085 struct sk_buff *skb, u32 mtu)
2087 __ip6_rt_update_pmtu(dst, sk, skb ? ipv6_hdr(skb) : NULL, mtu);
2090 void ip6_update_pmtu(struct sk_buff *skb, struct net *net, __be32 mtu,
2091 int oif, u32 mark, kuid_t uid)
2093 const struct ipv6hdr *iph = (struct ipv6hdr *) skb->data;
2094 struct dst_entry *dst;
2095 struct flowi6 fl6;
2097 memset(&fl6, 0, sizeof(fl6));
2098 fl6.flowi6_oif = oif;
2099 fl6.flowi6_mark = mark ? mark : IP6_REPLY_MARK(net, skb->mark);
2100 fl6.daddr = iph->daddr;
2101 fl6.saddr = iph->saddr;
2102 fl6.flowlabel = ip6_flowinfo(iph);
2103 fl6.flowi6_uid = uid;
2105 dst = ip6_route_output(net, NULL, &fl6);
2106 if (!dst->error)
2107 __ip6_rt_update_pmtu(dst, NULL, iph, ntohl(mtu));
2108 dst_release(dst);
2110 EXPORT_SYMBOL_GPL(ip6_update_pmtu);
2112 void ip6_sk_update_pmtu(struct sk_buff *skb, struct sock *sk, __be32 mtu)
2114 struct dst_entry *dst;
2116 ip6_update_pmtu(skb, sock_net(sk), mtu,
2117 sk->sk_bound_dev_if, sk->sk_mark, sk->sk_uid);
2119 dst = __sk_dst_get(sk);
2120 if (!dst || !dst->obsolete ||
2121 dst->ops->check(dst, inet6_sk(sk)->dst_cookie))
2122 return;
2124 bh_lock_sock(sk);
2125 if (!sock_owned_by_user(sk) && !ipv6_addr_v4mapped(&sk->sk_v6_daddr))
2126 ip6_datagram_dst_update(sk, false);
2127 bh_unlock_sock(sk);
2129 EXPORT_SYMBOL_GPL(ip6_sk_update_pmtu);
2131 /* Handle redirects */
2132 struct ip6rd_flowi {
2133 struct flowi6 fl6;
2134 struct in6_addr gateway;
2137 static struct rt6_info *__ip6_route_redirect(struct net *net,
2138 struct fib6_table *table,
2139 struct flowi6 *fl6,
2140 int flags)
2142 struct ip6rd_flowi *rdfl = (struct ip6rd_flowi *)fl6;
2143 struct rt6_info *rt, *rt_cache;
2144 struct fib6_node *fn;
2146 /* Get the "current" route for this destination and
2147 * check if the redirect has come from appropriate router.
2149 * RFC 4861 specifies that redirects should only be
2150 * accepted if they come from the nexthop to the target.
2151 * Due to the way the routes are chosen, this notion
2152 * is a bit fuzzy and one might need to check all possible
2153 * routes.
2156 rcu_read_lock();
2157 fn = fib6_lookup(&table->tb6_root, &fl6->daddr, &fl6->saddr);
2158 restart:
2159 for_each_fib6_node_rt_rcu(fn) {
2160 if (rt->rt6i_nh_flags & RTNH_F_DEAD)
2161 continue;
2162 if (rt6_check_expired(rt))
2163 continue;
2164 if (rt->dst.error)
2165 break;
2166 if (!(rt->rt6i_flags & RTF_GATEWAY))
2167 continue;
2168 if (fl6->flowi6_oif != rt->dst.dev->ifindex)
2169 continue;
2170 /* rt_cache's gateway might be different from its 'parent'
2171 * in the case of an ip redirect.
2172 * So we keep searching in the exception table if the gateway
2173 * is different.
2175 if (!ipv6_addr_equal(&rdfl->gateway, &rt->rt6i_gateway)) {
2176 rt_cache = rt6_find_cached_rt(rt,
2177 &fl6->daddr,
2178 &fl6->saddr);
2179 if (rt_cache &&
2180 ipv6_addr_equal(&rdfl->gateway,
2181 &rt_cache->rt6i_gateway)) {
2182 rt = rt_cache;
2183 break;
2185 continue;
2187 break;
2190 if (!rt)
2191 rt = net->ipv6.ip6_null_entry;
2192 else if (rt->dst.error) {
2193 rt = net->ipv6.ip6_null_entry;
2194 goto out;
2197 if (rt == net->ipv6.ip6_null_entry) {
2198 fn = fib6_backtrack(fn, &fl6->saddr);
2199 if (fn)
2200 goto restart;
2203 out:
2204 ip6_hold_safe(net, &rt, true);
2206 rcu_read_unlock();
2208 trace_fib6_table_lookup(net, rt, table, fl6);
2209 return rt;
2212 static struct dst_entry *ip6_route_redirect(struct net *net,
2213 const struct flowi6 *fl6,
2214 const struct in6_addr *gateway)
2216 int flags = RT6_LOOKUP_F_HAS_SADDR;
2217 struct ip6rd_flowi rdfl;
2219 rdfl.fl6 = *fl6;
2220 rdfl.gateway = *gateway;
2222 return fib6_rule_lookup(net, &rdfl.fl6,
2223 flags, __ip6_route_redirect);
2226 void ip6_redirect(struct sk_buff *skb, struct net *net, int oif, u32 mark,
2227 kuid_t uid)
2229 const struct ipv6hdr *iph = (struct ipv6hdr *) skb->data;
2230 struct dst_entry *dst;
2231 struct flowi6 fl6;
2233 memset(&fl6, 0, sizeof(fl6));
2234 fl6.flowi6_iif = LOOPBACK_IFINDEX;
2235 fl6.flowi6_oif = oif;
2236 fl6.flowi6_mark = mark;
2237 fl6.daddr = iph->daddr;
2238 fl6.saddr = iph->saddr;
2239 fl6.flowlabel = ip6_flowinfo(iph);
2240 fl6.flowi6_uid = uid;
2242 dst = ip6_route_redirect(net, &fl6, &ipv6_hdr(skb)->saddr);
2243 rt6_do_redirect(dst, NULL, skb);
2244 dst_release(dst);
2246 EXPORT_SYMBOL_GPL(ip6_redirect);
2248 void ip6_redirect_no_header(struct sk_buff *skb, struct net *net, int oif,
2249 u32 mark)
2251 const struct ipv6hdr *iph = ipv6_hdr(skb);
2252 const struct rd_msg *msg = (struct rd_msg *)icmp6_hdr(skb);
2253 struct dst_entry *dst;
2254 struct flowi6 fl6;
2256 memset(&fl6, 0, sizeof(fl6));
2257 fl6.flowi6_iif = LOOPBACK_IFINDEX;
2258 fl6.flowi6_oif = oif;
2259 fl6.flowi6_mark = mark;
2260 fl6.daddr = msg->dest;
2261 fl6.saddr = iph->daddr;
2262 fl6.flowi6_uid = sock_net_uid(net, NULL);
2264 dst = ip6_route_redirect(net, &fl6, &iph->saddr);
2265 rt6_do_redirect(dst, NULL, skb);
2266 dst_release(dst);
2269 void ip6_sk_redirect(struct sk_buff *skb, struct sock *sk)
2271 ip6_redirect(skb, sock_net(sk), sk->sk_bound_dev_if, sk->sk_mark,
2272 sk->sk_uid);
2274 EXPORT_SYMBOL_GPL(ip6_sk_redirect);
2276 static unsigned int ip6_default_advmss(const struct dst_entry *dst)
2278 struct net_device *dev = dst->dev;
2279 unsigned int mtu = dst_mtu(dst);
2280 struct net *net = dev_net(dev);
2282 mtu -= sizeof(struct ipv6hdr) + sizeof(struct tcphdr);
2284 if (mtu < net->ipv6.sysctl.ip6_rt_min_advmss)
2285 mtu = net->ipv6.sysctl.ip6_rt_min_advmss;
2288 * Maximal non-jumbo IPv6 payload is IPV6_MAXPLEN and
2289 * corresponding MSS is IPV6_MAXPLEN - tcp_header_size.
2290 * IPV6_MAXPLEN is also valid and means: "any MSS,
2291 * rely only on pmtu discovery"
2293 if (mtu > IPV6_MAXPLEN - sizeof(struct tcphdr))
2294 mtu = IPV6_MAXPLEN;
2295 return mtu;
2298 static unsigned int ip6_mtu(const struct dst_entry *dst)
2300 const struct rt6_info *rt = (const struct rt6_info *)dst;
2301 unsigned int mtu = rt->rt6i_pmtu;
2302 struct inet6_dev *idev;
2304 if (mtu)
2305 goto out;
2307 mtu = dst_metric_raw(dst, RTAX_MTU);
2308 if (mtu)
2309 goto out;
2311 mtu = IPV6_MIN_MTU;
2313 rcu_read_lock();
2314 idev = __in6_dev_get(dst->dev);
2315 if (idev)
2316 mtu = idev->cnf.mtu6;
2317 rcu_read_unlock();
2319 out:
2320 mtu = min_t(unsigned int, mtu, IP6_MAX_MTU);
2322 return mtu - lwtunnel_headroom(dst->lwtstate, mtu);
2325 struct dst_entry *icmp6_dst_alloc(struct net_device *dev,
2326 struct flowi6 *fl6)
2328 struct dst_entry *dst;
2329 struct rt6_info *rt;
2330 struct inet6_dev *idev = in6_dev_get(dev);
2331 struct net *net = dev_net(dev);
2333 if (unlikely(!idev))
2334 return ERR_PTR(-ENODEV);
2336 rt = ip6_dst_alloc(net, dev, 0);
2337 if (unlikely(!rt)) {
2338 in6_dev_put(idev);
2339 dst = ERR_PTR(-ENOMEM);
2340 goto out;
2343 rt->dst.flags |= DST_HOST;
2344 rt->dst.input = ip6_input;
2345 rt->dst.output = ip6_output;
2346 rt->rt6i_gateway = fl6->daddr;
2347 rt->rt6i_dst.addr = fl6->daddr;
2348 rt->rt6i_dst.plen = 128;
2349 rt->rt6i_idev = idev;
2350 dst_metric_set(&rt->dst, RTAX_HOPLIMIT, 0);
2352 /* Add this dst into uncached_list so that rt6_disable_ip() can
2353 * do proper release of the net_device
2355 rt6_uncached_list_add(rt);
2356 atomic_inc(&net->ipv6.rt6_stats->fib_rt_uncache);
2358 dst = xfrm_lookup(net, &rt->dst, flowi6_to_flowi(fl6), NULL, 0);
2360 out:
2361 return dst;
2364 static int ip6_dst_gc(struct dst_ops *ops)
2366 struct net *net = container_of(ops, struct net, ipv6.ip6_dst_ops);
2367 int rt_min_interval = net->ipv6.sysctl.ip6_rt_gc_min_interval;
2368 int rt_max_size = net->ipv6.sysctl.ip6_rt_max_size;
2369 int rt_elasticity = net->ipv6.sysctl.ip6_rt_gc_elasticity;
2370 int rt_gc_timeout = net->ipv6.sysctl.ip6_rt_gc_timeout;
2371 unsigned long rt_last_gc = net->ipv6.ip6_rt_last_gc;
2372 int entries;
2374 entries = dst_entries_get_fast(ops);
2375 if (time_after(rt_last_gc + rt_min_interval, jiffies) &&
2376 entries <= rt_max_size)
2377 goto out;
2379 net->ipv6.ip6_rt_gc_expire++;
2380 fib6_run_gc(net->ipv6.ip6_rt_gc_expire, net, true);
2381 entries = dst_entries_get_slow(ops);
2382 if (entries < ops->gc_thresh)
2383 net->ipv6.ip6_rt_gc_expire = rt_gc_timeout>>1;
2384 out:
2385 net->ipv6.ip6_rt_gc_expire -= net->ipv6.ip6_rt_gc_expire>>rt_elasticity;
2386 return entries > rt_max_size;
2389 static int ip6_convert_metrics(struct mx6_config *mxc,
2390 const struct fib6_config *cfg)
2392 struct net *net = cfg->fc_nlinfo.nl_net;
2393 bool ecn_ca = false;
2394 struct nlattr *nla;
2395 int remaining;
2396 u32 *mp;
2398 if (!cfg->fc_mx)
2399 return 0;
2401 mp = kzalloc(sizeof(u32) * RTAX_MAX, GFP_KERNEL);
2402 if (unlikely(!mp))
2403 return -ENOMEM;
2405 nla_for_each_attr(nla, cfg->fc_mx, cfg->fc_mx_len, remaining) {
2406 int type = nla_type(nla);
2407 u32 val;
2409 if (!type)
2410 continue;
2411 if (unlikely(type > RTAX_MAX))
2412 goto err;
2414 if (type == RTAX_CC_ALGO) {
2415 char tmp[TCP_CA_NAME_MAX];
2417 nla_strlcpy(tmp, nla, sizeof(tmp));
2418 val = tcp_ca_get_key_by_name(net, tmp, &ecn_ca);
2419 if (val == TCP_CA_UNSPEC)
2420 goto err;
2421 } else {
2422 val = nla_get_u32(nla);
2424 if (type == RTAX_HOPLIMIT && val > 255)
2425 val = 255;
2426 if (type == RTAX_FEATURES && (val & ~RTAX_FEATURE_MASK))
2427 goto err;
2429 mp[type - 1] = val;
2430 __set_bit(type - 1, mxc->mx_valid);
2433 if (ecn_ca) {
2434 __set_bit(RTAX_FEATURES - 1, mxc->mx_valid);
2435 mp[RTAX_FEATURES - 1] |= DST_FEATURE_ECN_CA;
2438 mxc->mx = mp;
2439 return 0;
2440 err:
2441 kfree(mp);
2442 return -EINVAL;
2445 static struct rt6_info *ip6_nh_lookup_table(struct net *net,
2446 struct fib6_config *cfg,
2447 const struct in6_addr *gw_addr,
2448 u32 tbid, int flags)
2450 struct flowi6 fl6 = {
2451 .flowi6_oif = cfg->fc_ifindex,
2452 .daddr = *gw_addr,
2453 .saddr = cfg->fc_prefsrc,
2455 struct fib6_table *table;
2456 struct rt6_info *rt;
2458 table = fib6_get_table(net, tbid);
2459 if (!table)
2460 return NULL;
2462 if (!ipv6_addr_any(&cfg->fc_prefsrc))
2463 flags |= RT6_LOOKUP_F_HAS_SADDR;
2465 flags |= RT6_LOOKUP_F_IGNORE_LINKSTATE;
2466 rt = ip6_pol_route(net, table, cfg->fc_ifindex, &fl6, flags);
2468 /* if table lookup failed, fall back to full lookup */
2469 if (rt == net->ipv6.ip6_null_entry) {
2470 ip6_rt_put(rt);
2471 rt = NULL;
2474 return rt;
2477 static int ip6_route_check_nh_onlink(struct net *net,
2478 struct fib6_config *cfg,
2479 struct net_device *dev,
2480 struct netlink_ext_ack *extack)
2482 u32 tbid = l3mdev_fib_table(dev) ? : RT_TABLE_MAIN;
2483 const struct in6_addr *gw_addr = &cfg->fc_gateway;
2484 u32 flags = RTF_LOCAL | RTF_ANYCAST | RTF_REJECT;
2485 struct rt6_info *grt;
2486 int err;
2488 err = 0;
2489 grt = ip6_nh_lookup_table(net, cfg, gw_addr, tbid, 0);
2490 if (grt) {
2491 if (!grt->dst.error &&
2492 (grt->rt6i_flags & flags || dev != grt->dst.dev)) {
2493 NL_SET_ERR_MSG(extack,
2494 "Nexthop has invalid gateway or device mismatch");
2495 err = -EINVAL;
2498 ip6_rt_put(grt);
2501 return err;
2504 static int ip6_route_check_nh(struct net *net,
2505 struct fib6_config *cfg,
2506 struct net_device **_dev,
2507 struct inet6_dev **idev)
2509 const struct in6_addr *gw_addr = &cfg->fc_gateway;
2510 struct net_device *dev = _dev ? *_dev : NULL;
2511 struct rt6_info *grt = NULL;
2512 int err = -EHOSTUNREACH;
2514 if (cfg->fc_table) {
2515 int flags = RT6_LOOKUP_F_IFACE;
2517 grt = ip6_nh_lookup_table(net, cfg, gw_addr,
2518 cfg->fc_table, flags);
2519 if (grt) {
2520 if (grt->rt6i_flags & RTF_GATEWAY ||
2521 (dev && dev != grt->dst.dev)) {
2522 ip6_rt_put(grt);
2523 grt = NULL;
2528 if (!grt)
2529 grt = rt6_lookup(net, gw_addr, NULL, cfg->fc_ifindex, 1);
2531 if (!grt)
2532 goto out;
2534 if (dev) {
2535 if (dev != grt->dst.dev) {
2536 ip6_rt_put(grt);
2537 goto out;
2539 } else {
2540 *_dev = dev = grt->dst.dev;
2541 *idev = grt->rt6i_idev;
2542 dev_hold(dev);
2543 in6_dev_hold(grt->rt6i_idev);
2546 if (!(grt->rt6i_flags & RTF_GATEWAY))
2547 err = 0;
2549 ip6_rt_put(grt);
2551 out:
2552 return err;
2555 static struct rt6_info *ip6_route_info_create(struct fib6_config *cfg,
2556 struct netlink_ext_ack *extack)
2558 struct net *net = cfg->fc_nlinfo.nl_net;
2559 struct rt6_info *rt = NULL;
2560 struct net_device *dev = NULL;
2561 struct inet6_dev *idev = NULL;
2562 struct fib6_table *table;
2563 int addr_type;
2564 int err = -EINVAL;
2566 /* RTF_PCPU is an internal flag; can not be set by userspace */
2567 if (cfg->fc_flags & RTF_PCPU) {
2568 NL_SET_ERR_MSG(extack, "Userspace can not set RTF_PCPU");
2569 goto out;
2572 /* RTF_CACHE is an internal flag; can not be set by userspace */
2573 if (cfg->fc_flags & RTF_CACHE) {
2574 NL_SET_ERR_MSG(extack, "Userspace can not set RTF_CACHE");
2575 goto out;
2578 if (cfg->fc_dst_len > 128) {
2579 NL_SET_ERR_MSG(extack, "Invalid prefix length");
2580 goto out;
2582 if (cfg->fc_src_len > 128) {
2583 NL_SET_ERR_MSG(extack, "Invalid source address length");
2584 goto out;
2586 #ifndef CONFIG_IPV6_SUBTREES
2587 if (cfg->fc_src_len) {
2588 NL_SET_ERR_MSG(extack,
2589 "Specifying source address requires IPV6_SUBTREES to be enabled");
2590 goto out;
2592 #endif
2593 if (cfg->fc_ifindex) {
2594 err = -ENODEV;
2595 dev = dev_get_by_index(net, cfg->fc_ifindex);
2596 if (!dev)
2597 goto out;
2598 idev = in6_dev_get(dev);
2599 if (!idev)
2600 goto out;
2603 if (cfg->fc_metric == 0)
2604 cfg->fc_metric = IP6_RT_PRIO_USER;
2606 if (cfg->fc_flags & RTNH_F_ONLINK) {
2607 if (!dev) {
2608 NL_SET_ERR_MSG(extack,
2609 "Nexthop device required for onlink");
2610 err = -ENODEV;
2611 goto out;
2614 if (!(dev->flags & IFF_UP)) {
2615 NL_SET_ERR_MSG(extack, "Nexthop device is not up");
2616 err = -ENETDOWN;
2617 goto out;
2621 err = -ENOBUFS;
2622 if (cfg->fc_nlinfo.nlh &&
2623 !(cfg->fc_nlinfo.nlh->nlmsg_flags & NLM_F_CREATE)) {
2624 table = fib6_get_table(net, cfg->fc_table);
2625 if (!table) {
2626 pr_warn("NLM_F_CREATE should be specified when creating new route\n");
2627 table = fib6_new_table(net, cfg->fc_table);
2629 } else {
2630 table = fib6_new_table(net, cfg->fc_table);
2633 if (!table)
2634 goto out;
2636 rt = ip6_dst_alloc(net, NULL,
2637 (cfg->fc_flags & RTF_ADDRCONF) ? 0 : DST_NOCOUNT);
2639 if (!rt) {
2640 err = -ENOMEM;
2641 goto out;
2644 if (cfg->fc_flags & RTF_EXPIRES)
2645 rt6_set_expires(rt, jiffies +
2646 clock_t_to_jiffies(cfg->fc_expires));
2647 else
2648 rt6_clean_expires(rt);
2650 if (cfg->fc_protocol == RTPROT_UNSPEC)
2651 cfg->fc_protocol = RTPROT_BOOT;
2652 rt->rt6i_protocol = cfg->fc_protocol;
2654 addr_type = ipv6_addr_type(&cfg->fc_dst);
2656 if (addr_type & IPV6_ADDR_MULTICAST)
2657 rt->dst.input = ip6_mc_input;
2658 else if (cfg->fc_flags & RTF_LOCAL)
2659 rt->dst.input = ip6_input;
2660 else
2661 rt->dst.input = ip6_forward;
2663 rt->dst.output = ip6_output;
2665 if (cfg->fc_encap) {
2666 struct lwtunnel_state *lwtstate;
2668 err = lwtunnel_build_state(cfg->fc_encap_type,
2669 cfg->fc_encap, AF_INET6, cfg,
2670 &lwtstate, extack);
2671 if (err)
2672 goto out;
2673 rt->dst.lwtstate = lwtstate_get(lwtstate);
2674 if (lwtunnel_output_redirect(rt->dst.lwtstate)) {
2675 rt->dst.lwtstate->orig_output = rt->dst.output;
2676 rt->dst.output = lwtunnel_output;
2678 if (lwtunnel_input_redirect(rt->dst.lwtstate)) {
2679 rt->dst.lwtstate->orig_input = rt->dst.input;
2680 rt->dst.input = lwtunnel_input;
2684 ipv6_addr_prefix(&rt->rt6i_dst.addr, &cfg->fc_dst, cfg->fc_dst_len);
2685 rt->rt6i_dst.plen = cfg->fc_dst_len;
2686 if (rt->rt6i_dst.plen == 128)
2687 rt->dst.flags |= DST_HOST;
2689 #ifdef CONFIG_IPV6_SUBTREES
2690 ipv6_addr_prefix(&rt->rt6i_src.addr, &cfg->fc_src, cfg->fc_src_len);
2691 rt->rt6i_src.plen = cfg->fc_src_len;
2692 #endif
2694 rt->rt6i_metric = cfg->fc_metric;
2695 rt->rt6i_nh_weight = 1;
2697 /* We cannot add true routes via loopback here,
2698 they would result in kernel looping; promote them to reject routes
2700 if ((cfg->fc_flags & RTF_REJECT) ||
2701 (dev && (dev->flags & IFF_LOOPBACK) &&
2702 !(addr_type & IPV6_ADDR_LOOPBACK) &&
2703 !(cfg->fc_flags & RTF_LOCAL))) {
2704 /* hold loopback dev/idev if we haven't done so. */
2705 if (dev != net->loopback_dev) {
2706 if (dev) {
2707 dev_put(dev);
2708 in6_dev_put(idev);
2710 dev = net->loopback_dev;
2711 dev_hold(dev);
2712 idev = in6_dev_get(dev);
2713 if (!idev) {
2714 err = -ENODEV;
2715 goto out;
2718 rt->rt6i_flags = RTF_REJECT|RTF_NONEXTHOP;
2719 switch (cfg->fc_type) {
2720 case RTN_BLACKHOLE:
2721 rt->dst.error = -EINVAL;
2722 rt->dst.output = dst_discard_out;
2723 rt->dst.input = dst_discard;
2724 break;
2725 case RTN_PROHIBIT:
2726 rt->dst.error = -EACCES;
2727 rt->dst.output = ip6_pkt_prohibit_out;
2728 rt->dst.input = ip6_pkt_prohibit;
2729 break;
2730 case RTN_THROW:
2731 case RTN_UNREACHABLE:
2732 default:
2733 rt->dst.error = (cfg->fc_type == RTN_THROW) ? -EAGAIN
2734 : (cfg->fc_type == RTN_UNREACHABLE)
2735 ? -EHOSTUNREACH : -ENETUNREACH;
2736 rt->dst.output = ip6_pkt_discard_out;
2737 rt->dst.input = ip6_pkt_discard;
2738 break;
2740 goto install_route;
2743 if (cfg->fc_flags & RTF_GATEWAY) {
2744 const struct in6_addr *gw_addr;
2745 int gwa_type;
2747 gw_addr = &cfg->fc_gateway;
2748 gwa_type = ipv6_addr_type(gw_addr);
2750 /* if gw_addr is local we will fail to detect this in case
2751 * address is still TENTATIVE (DAD in progress). rt6_lookup()
2752 * will return already-added prefix route via interface that
2753 * prefix route was assigned to, which might be non-loopback.
2755 err = -EINVAL;
2756 if (ipv6_chk_addr_and_flags(net, gw_addr,
2757 gwa_type & IPV6_ADDR_LINKLOCAL ?
2758 dev : NULL, 0, 0)) {
2759 NL_SET_ERR_MSG(extack, "Invalid gateway address");
2760 goto out;
2762 rt->rt6i_gateway = *gw_addr;
2764 if (gwa_type != (IPV6_ADDR_LINKLOCAL|IPV6_ADDR_UNICAST)) {
2765 /* IPv6 strictly inhibits using not link-local
2766 addresses as nexthop address.
2767 Otherwise, router will not able to send redirects.
2768 It is very good, but in some (rare!) circumstances
2769 (SIT, PtP, NBMA NOARP links) it is handy to allow
2770 some exceptions. --ANK
2771 We allow IPv4-mapped nexthops to support RFC4798-type
2772 addressing
2774 if (!(gwa_type & (IPV6_ADDR_UNICAST |
2775 IPV6_ADDR_MAPPED))) {
2776 NL_SET_ERR_MSG(extack,
2777 "Invalid gateway address");
2778 goto out;
2781 if (cfg->fc_flags & RTNH_F_ONLINK) {
2782 err = ip6_route_check_nh_onlink(net, cfg, dev,
2783 extack);
2784 } else {
2785 err = ip6_route_check_nh(net, cfg, &dev, &idev);
2787 if (err)
2788 goto out;
2790 err = -EINVAL;
2791 if (!dev) {
2792 NL_SET_ERR_MSG(extack, "Egress device not specified");
2793 goto out;
2794 } else if (dev->flags & IFF_LOOPBACK) {
2795 NL_SET_ERR_MSG(extack,
2796 "Egress device can not be loopback device for this route");
2797 goto out;
2801 err = -ENODEV;
2802 if (!dev)
2803 goto out;
2805 if (!(dev->flags & IFF_UP)) {
2806 NL_SET_ERR_MSG(extack, "Nexthop device is not up");
2807 err = -ENETDOWN;
2808 goto out;
2811 if (!ipv6_addr_any(&cfg->fc_prefsrc)) {
2812 if (!ipv6_chk_addr(net, &cfg->fc_prefsrc, dev, 0)) {
2813 NL_SET_ERR_MSG(extack, "Invalid source address");
2814 err = -EINVAL;
2815 goto out;
2817 rt->rt6i_prefsrc.addr = cfg->fc_prefsrc;
2818 rt->rt6i_prefsrc.plen = 128;
2819 } else
2820 rt->rt6i_prefsrc.plen = 0;
2822 rt->rt6i_flags = cfg->fc_flags;
2824 install_route:
2825 if (!(rt->rt6i_flags & (RTF_LOCAL | RTF_ANYCAST)) &&
2826 !netif_carrier_ok(dev))
2827 rt->rt6i_nh_flags |= RTNH_F_LINKDOWN;
2828 rt->rt6i_nh_flags |= (cfg->fc_flags & RTNH_F_ONLINK);
2829 rt->dst.dev = dev;
2830 rt->rt6i_idev = idev;
2831 rt->rt6i_table = table;
2833 cfg->fc_nlinfo.nl_net = dev_net(dev);
2835 return rt;
2836 out:
2837 if (dev)
2838 dev_put(dev);
2839 if (idev)
2840 in6_dev_put(idev);
2841 if (rt)
2842 dst_release_immediate(&rt->dst);
2844 return ERR_PTR(err);
2847 int ip6_route_add(struct fib6_config *cfg,
2848 struct netlink_ext_ack *extack)
2850 struct mx6_config mxc = { .mx = NULL, };
2851 struct rt6_info *rt;
2852 int err;
2854 rt = ip6_route_info_create(cfg, extack);
2855 if (IS_ERR(rt)) {
2856 err = PTR_ERR(rt);
2857 rt = NULL;
2858 goto out;
2861 err = ip6_convert_metrics(&mxc, cfg);
2862 if (err)
2863 goto out;
2865 err = __ip6_ins_rt(rt, &cfg->fc_nlinfo, &mxc, extack);
2867 kfree(mxc.mx);
2869 return err;
2870 out:
2871 if (rt)
2872 dst_release_immediate(&rt->dst);
2874 return err;
2877 static int __ip6_del_rt(struct rt6_info *rt, struct nl_info *info)
2879 int err;
2880 struct fib6_table *table;
2881 struct net *net = dev_net(rt->dst.dev);
2883 if (rt == net->ipv6.ip6_null_entry) {
2884 err = -ENOENT;
2885 goto out;
2888 table = rt->rt6i_table;
2889 spin_lock_bh(&table->tb6_lock);
2890 err = fib6_del(rt, info);
2891 spin_unlock_bh(&table->tb6_lock);
2893 out:
2894 ip6_rt_put(rt);
2895 return err;
2898 int ip6_del_rt(struct rt6_info *rt)
2900 struct nl_info info = {
2901 .nl_net = dev_net(rt->dst.dev),
2903 return __ip6_del_rt(rt, &info);
2906 static int __ip6_del_rt_siblings(struct rt6_info *rt, struct fib6_config *cfg)
2908 struct nl_info *info = &cfg->fc_nlinfo;
2909 struct net *net = info->nl_net;
2910 struct sk_buff *skb = NULL;
2911 struct fib6_table *table;
2912 int err = -ENOENT;
2914 if (rt == net->ipv6.ip6_null_entry)
2915 goto out_put;
2916 table = rt->rt6i_table;
2917 spin_lock_bh(&table->tb6_lock);
2919 if (rt->rt6i_nsiblings && cfg->fc_delete_all_nh) {
2920 struct rt6_info *sibling, *next_sibling;
2922 /* prefer to send a single notification with all hops */
2923 skb = nlmsg_new(rt6_nlmsg_size(rt), gfp_any());
2924 if (skb) {
2925 u32 seq = info->nlh ? info->nlh->nlmsg_seq : 0;
2927 if (rt6_fill_node(net, skb, rt,
2928 NULL, NULL, 0, RTM_DELROUTE,
2929 info->portid, seq, 0) < 0) {
2930 kfree_skb(skb);
2931 skb = NULL;
2932 } else
2933 info->skip_notify = 1;
2936 list_for_each_entry_safe(sibling, next_sibling,
2937 &rt->rt6i_siblings,
2938 rt6i_siblings) {
2939 err = fib6_del(sibling, info);
2940 if (err)
2941 goto out_unlock;
2945 err = fib6_del(rt, info);
2946 out_unlock:
2947 spin_unlock_bh(&table->tb6_lock);
2948 out_put:
2949 ip6_rt_put(rt);
2951 if (skb) {
2952 rtnl_notify(skb, net, info->portid, RTNLGRP_IPV6_ROUTE,
2953 info->nlh, gfp_any());
2955 return err;
2958 static int ip6_route_del(struct fib6_config *cfg,
2959 struct netlink_ext_ack *extack)
2961 struct rt6_info *rt, *rt_cache;
2962 struct fib6_table *table;
2963 struct fib6_node *fn;
2964 int err = -ESRCH;
2966 table = fib6_get_table(cfg->fc_nlinfo.nl_net, cfg->fc_table);
2967 if (!table) {
2968 NL_SET_ERR_MSG(extack, "FIB table does not exist");
2969 return err;
2972 rcu_read_lock();
2974 fn = fib6_locate(&table->tb6_root,
2975 &cfg->fc_dst, cfg->fc_dst_len,
2976 &cfg->fc_src, cfg->fc_src_len,
2977 !(cfg->fc_flags & RTF_CACHE));
2979 if (fn) {
2980 for_each_fib6_node_rt_rcu(fn) {
2981 if (cfg->fc_flags & RTF_CACHE) {
2982 rt_cache = rt6_find_cached_rt(rt, &cfg->fc_dst,
2983 &cfg->fc_src);
2984 if (!rt_cache)
2985 continue;
2986 rt = rt_cache;
2988 if (cfg->fc_ifindex &&
2989 (!rt->dst.dev ||
2990 rt->dst.dev->ifindex != cfg->fc_ifindex))
2991 continue;
2992 if (cfg->fc_flags & RTF_GATEWAY &&
2993 !ipv6_addr_equal(&cfg->fc_gateway, &rt->rt6i_gateway))
2994 continue;
2995 if (cfg->fc_metric && cfg->fc_metric != rt->rt6i_metric)
2996 continue;
2997 if (cfg->fc_protocol && cfg->fc_protocol != rt->rt6i_protocol)
2998 continue;
2999 if (!dst_hold_safe(&rt->dst))
3000 break;
3001 rcu_read_unlock();
3003 /* if gateway was specified only delete the one hop */
3004 if (cfg->fc_flags & RTF_GATEWAY)
3005 return __ip6_del_rt(rt, &cfg->fc_nlinfo);
3007 return __ip6_del_rt_siblings(rt, cfg);
3010 rcu_read_unlock();
3012 return err;
3015 static void rt6_do_redirect(struct dst_entry *dst, struct sock *sk, struct sk_buff *skb)
3017 struct netevent_redirect netevent;
3018 struct rt6_info *rt, *nrt = NULL;
3019 struct ndisc_options ndopts;
3020 struct inet6_dev *in6_dev;
3021 struct neighbour *neigh;
3022 struct rd_msg *msg;
3023 int optlen, on_link;
3024 u8 *lladdr;
3026 optlen = skb_tail_pointer(skb) - skb_transport_header(skb);
3027 optlen -= sizeof(*msg);
3029 if (optlen < 0) {
3030 net_dbg_ratelimited("rt6_do_redirect: packet too short\n");
3031 return;
3034 msg = (struct rd_msg *)icmp6_hdr(skb);
3036 if (ipv6_addr_is_multicast(&msg->dest)) {
3037 net_dbg_ratelimited("rt6_do_redirect: destination address is multicast\n");
3038 return;
3041 on_link = 0;
3042 if (ipv6_addr_equal(&msg->dest, &msg->target)) {
3043 on_link = 1;
3044 } else if (ipv6_addr_type(&msg->target) !=
3045 (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
3046 net_dbg_ratelimited("rt6_do_redirect: target address is not link-local unicast\n");
3047 return;
3050 in6_dev = __in6_dev_get(skb->dev);
3051 if (!in6_dev)
3052 return;
3053 if (in6_dev->cnf.forwarding || !in6_dev->cnf.accept_redirects)
3054 return;
3056 /* RFC2461 8.1:
3057 * The IP source address of the Redirect MUST be the same as the current
3058 * first-hop router for the specified ICMP Destination Address.
3061 if (!ndisc_parse_options(skb->dev, msg->opt, optlen, &ndopts)) {
3062 net_dbg_ratelimited("rt6_redirect: invalid ND options\n");
3063 return;
3066 lladdr = NULL;
3067 if (ndopts.nd_opts_tgt_lladdr) {
3068 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr,
3069 skb->dev);
3070 if (!lladdr) {
3071 net_dbg_ratelimited("rt6_redirect: invalid link-layer address length\n");
3072 return;
3076 rt = (struct rt6_info *) dst;
3077 if (rt->rt6i_flags & RTF_REJECT) {
3078 net_dbg_ratelimited("rt6_redirect: source isn't a valid nexthop for redirect target\n");
3079 return;
3082 /* Redirect received -> path was valid.
3083 * Look, redirects are sent only in response to data packets,
3084 * so that this nexthop apparently is reachable. --ANK
3086 dst_confirm_neigh(&rt->dst, &ipv6_hdr(skb)->saddr);
3088 neigh = __neigh_lookup(&nd_tbl, &msg->target, skb->dev, 1);
3089 if (!neigh)
3090 return;
3093 * We have finally decided to accept it.
3096 ndisc_update(skb->dev, neigh, lladdr, NUD_STALE,
3097 NEIGH_UPDATE_F_WEAK_OVERRIDE|
3098 NEIGH_UPDATE_F_OVERRIDE|
3099 (on_link ? 0 : (NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
3100 NEIGH_UPDATE_F_ISROUTER)),
3101 NDISC_REDIRECT, &ndopts);
3103 nrt = ip6_rt_cache_alloc(rt, &msg->dest, NULL);
3104 if (!nrt)
3105 goto out;
3107 nrt->rt6i_flags = RTF_GATEWAY|RTF_UP|RTF_DYNAMIC|RTF_CACHE;
3108 if (on_link)
3109 nrt->rt6i_flags &= ~RTF_GATEWAY;
3111 nrt->rt6i_protocol = RTPROT_REDIRECT;
3112 nrt->rt6i_gateway = *(struct in6_addr *)neigh->primary_key;
3114 /* No need to remove rt from the exception table if rt is
3115 * a cached route because rt6_insert_exception() will
3116 * takes care of it
3118 if (rt6_insert_exception(nrt, rt)) {
3119 dst_release_immediate(&nrt->dst);
3120 goto out;
3123 netevent.old = &rt->dst;
3124 netevent.new = &nrt->dst;
3125 netevent.daddr = &msg->dest;
3126 netevent.neigh = neigh;
3127 call_netevent_notifiers(NETEVENT_REDIRECT, &netevent);
3129 out:
3130 neigh_release(neigh);
3134 * Misc support functions
3137 static void rt6_set_from(struct rt6_info *rt, struct rt6_info *from)
3139 BUG_ON(from->from);
3141 rt->rt6i_flags &= ~RTF_EXPIRES;
3142 dst_hold(&from->dst);
3143 rt->from = from;
3144 dst_init_metrics(&rt->dst, dst_metrics_ptr(&from->dst), true);
3147 static void ip6_rt_copy_init(struct rt6_info *rt, struct rt6_info *ort)
3149 rt->dst.input = ort->dst.input;
3150 rt->dst.output = ort->dst.output;
3151 rt->rt6i_dst = ort->rt6i_dst;
3152 rt->dst.error = ort->dst.error;
3153 rt->rt6i_idev = ort->rt6i_idev;
3154 if (rt->rt6i_idev)
3155 in6_dev_hold(rt->rt6i_idev);
3156 rt->dst.lastuse = jiffies;
3157 rt->rt6i_gateway = ort->rt6i_gateway;
3158 rt->rt6i_flags = ort->rt6i_flags;
3159 rt6_set_from(rt, ort);
3160 rt->rt6i_metric = ort->rt6i_metric;
3161 #ifdef CONFIG_IPV6_SUBTREES
3162 rt->rt6i_src = ort->rt6i_src;
3163 #endif
3164 rt->rt6i_prefsrc = ort->rt6i_prefsrc;
3165 rt->rt6i_table = ort->rt6i_table;
3166 rt->dst.lwtstate = lwtstate_get(ort->dst.lwtstate);
3169 #ifdef CONFIG_IPV6_ROUTE_INFO
3170 static struct rt6_info *rt6_get_route_info(struct net *net,
3171 const struct in6_addr *prefix, int prefixlen,
3172 const struct in6_addr *gwaddr,
3173 struct net_device *dev)
3175 u32 tb_id = l3mdev_fib_table(dev) ? : RT6_TABLE_INFO;
3176 int ifindex = dev->ifindex;
3177 struct fib6_node *fn;
3178 struct rt6_info *rt = NULL;
3179 struct fib6_table *table;
3181 table = fib6_get_table(net, tb_id);
3182 if (!table)
3183 return NULL;
3185 rcu_read_lock();
3186 fn = fib6_locate(&table->tb6_root, prefix, prefixlen, NULL, 0, true);
3187 if (!fn)
3188 goto out;
3190 for_each_fib6_node_rt_rcu(fn) {
3191 if (rt->dst.dev->ifindex != ifindex)
3192 continue;
3193 if ((rt->rt6i_flags & (RTF_ROUTEINFO|RTF_GATEWAY)) != (RTF_ROUTEINFO|RTF_GATEWAY))
3194 continue;
3195 if (!ipv6_addr_equal(&rt->rt6i_gateway, gwaddr))
3196 continue;
3197 ip6_hold_safe(NULL, &rt, false);
3198 break;
3200 out:
3201 rcu_read_unlock();
3202 return rt;
3205 static struct rt6_info *rt6_add_route_info(struct net *net,
3206 const struct in6_addr *prefix, int prefixlen,
3207 const struct in6_addr *gwaddr,
3208 struct net_device *dev,
3209 unsigned int pref)
3211 struct fib6_config cfg = {
3212 .fc_metric = IP6_RT_PRIO_USER,
3213 .fc_ifindex = dev->ifindex,
3214 .fc_dst_len = prefixlen,
3215 .fc_flags = RTF_GATEWAY | RTF_ADDRCONF | RTF_ROUTEINFO |
3216 RTF_UP | RTF_PREF(pref),
3217 .fc_protocol = RTPROT_RA,
3218 .fc_nlinfo.portid = 0,
3219 .fc_nlinfo.nlh = NULL,
3220 .fc_nlinfo.nl_net = net,
3223 cfg.fc_table = l3mdev_fib_table(dev) ? : RT6_TABLE_INFO,
3224 cfg.fc_dst = *prefix;
3225 cfg.fc_gateway = *gwaddr;
3227 /* We should treat it as a default route if prefix length is 0. */
3228 if (!prefixlen)
3229 cfg.fc_flags |= RTF_DEFAULT;
3231 ip6_route_add(&cfg, NULL);
3233 return rt6_get_route_info(net, prefix, prefixlen, gwaddr, dev);
3235 #endif
3237 struct rt6_info *rt6_get_dflt_router(const struct in6_addr *addr, struct net_device *dev)
3239 u32 tb_id = l3mdev_fib_table(dev) ? : RT6_TABLE_DFLT;
3240 struct rt6_info *rt;
3241 struct fib6_table *table;
3243 table = fib6_get_table(dev_net(dev), tb_id);
3244 if (!table)
3245 return NULL;
3247 rcu_read_lock();
3248 for_each_fib6_node_rt_rcu(&table->tb6_root) {
3249 if (dev == rt->dst.dev &&
3250 ((rt->rt6i_flags & (RTF_ADDRCONF | RTF_DEFAULT)) == (RTF_ADDRCONF | RTF_DEFAULT)) &&
3251 ipv6_addr_equal(&rt->rt6i_gateway, addr))
3252 break;
3254 if (rt)
3255 ip6_hold_safe(NULL, &rt, false);
3256 rcu_read_unlock();
3257 return rt;
3260 struct rt6_info *rt6_add_dflt_router(const struct in6_addr *gwaddr,
3261 struct net_device *dev,
3262 unsigned int pref)
3264 struct fib6_config cfg = {
3265 .fc_table = l3mdev_fib_table(dev) ? : RT6_TABLE_DFLT,
3266 .fc_metric = IP6_RT_PRIO_USER,
3267 .fc_ifindex = dev->ifindex,
3268 .fc_flags = RTF_GATEWAY | RTF_ADDRCONF | RTF_DEFAULT |
3269 RTF_UP | RTF_EXPIRES | RTF_PREF(pref),
3270 .fc_protocol = RTPROT_RA,
3271 .fc_nlinfo.portid = 0,
3272 .fc_nlinfo.nlh = NULL,
3273 .fc_nlinfo.nl_net = dev_net(dev),
3276 cfg.fc_gateway = *gwaddr;
3278 if (!ip6_route_add(&cfg, NULL)) {
3279 struct fib6_table *table;
3281 table = fib6_get_table(dev_net(dev), cfg.fc_table);
3282 if (table)
3283 table->flags |= RT6_TABLE_HAS_DFLT_ROUTER;
3286 return rt6_get_dflt_router(gwaddr, dev);
3289 static void __rt6_purge_dflt_routers(struct fib6_table *table)
3291 struct rt6_info *rt;
3293 restart:
3294 rcu_read_lock();
3295 for_each_fib6_node_rt_rcu(&table->tb6_root) {
3296 if (rt->rt6i_flags & (RTF_DEFAULT | RTF_ADDRCONF) &&
3297 (!rt->rt6i_idev || rt->rt6i_idev->cnf.accept_ra != 2)) {
3298 if (dst_hold_safe(&rt->dst)) {
3299 rcu_read_unlock();
3300 ip6_del_rt(rt);
3301 } else {
3302 rcu_read_unlock();
3304 goto restart;
3307 rcu_read_unlock();
3309 table->flags &= ~RT6_TABLE_HAS_DFLT_ROUTER;
3312 void rt6_purge_dflt_routers(struct net *net)
3314 struct fib6_table *table;
3315 struct hlist_head *head;
3316 unsigned int h;
3318 rcu_read_lock();
3320 for (h = 0; h < FIB6_TABLE_HASHSZ; h++) {
3321 head = &net->ipv6.fib_table_hash[h];
3322 hlist_for_each_entry_rcu(table, head, tb6_hlist) {
3323 if (table->flags & RT6_TABLE_HAS_DFLT_ROUTER)
3324 __rt6_purge_dflt_routers(table);
3328 rcu_read_unlock();
3331 static void rtmsg_to_fib6_config(struct net *net,
3332 struct in6_rtmsg *rtmsg,
3333 struct fib6_config *cfg)
3335 memset(cfg, 0, sizeof(*cfg));
3337 cfg->fc_table = l3mdev_fib_table_by_index(net, rtmsg->rtmsg_ifindex) ?
3338 : RT6_TABLE_MAIN;
3339 cfg->fc_ifindex = rtmsg->rtmsg_ifindex;
3340 cfg->fc_metric = rtmsg->rtmsg_metric;
3341 cfg->fc_expires = rtmsg->rtmsg_info;
3342 cfg->fc_dst_len = rtmsg->rtmsg_dst_len;
3343 cfg->fc_src_len = rtmsg->rtmsg_src_len;
3344 cfg->fc_flags = rtmsg->rtmsg_flags;
3346 cfg->fc_nlinfo.nl_net = net;
3348 cfg->fc_dst = rtmsg->rtmsg_dst;
3349 cfg->fc_src = rtmsg->rtmsg_src;
3350 cfg->fc_gateway = rtmsg->rtmsg_gateway;
3353 int ipv6_route_ioctl(struct net *net, unsigned int cmd, void __user *arg)
3355 struct fib6_config cfg;
3356 struct in6_rtmsg rtmsg;
3357 int err;
3359 switch (cmd) {
3360 case SIOCADDRT: /* Add a route */
3361 case SIOCDELRT: /* Delete a route */
3362 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
3363 return -EPERM;
3364 err = copy_from_user(&rtmsg, arg,
3365 sizeof(struct in6_rtmsg));
3366 if (err)
3367 return -EFAULT;
3369 rtmsg_to_fib6_config(net, &rtmsg, &cfg);
3371 rtnl_lock();
3372 switch (cmd) {
3373 case SIOCADDRT:
3374 err = ip6_route_add(&cfg, NULL);
3375 break;
3376 case SIOCDELRT:
3377 err = ip6_route_del(&cfg, NULL);
3378 break;
3379 default:
3380 err = -EINVAL;
3382 rtnl_unlock();
3384 return err;
3387 return -EINVAL;
3391 * Drop the packet on the floor
3394 static int ip6_pkt_drop(struct sk_buff *skb, u8 code, int ipstats_mib_noroutes)
3396 int type;
3397 struct dst_entry *dst = skb_dst(skb);
3398 switch (ipstats_mib_noroutes) {
3399 case IPSTATS_MIB_INNOROUTES:
3400 type = ipv6_addr_type(&ipv6_hdr(skb)->daddr);
3401 if (type == IPV6_ADDR_ANY) {
3402 IP6_INC_STATS(dev_net(dst->dev), ip6_dst_idev(dst),
3403 IPSTATS_MIB_INADDRERRORS);
3404 break;
3406 /* FALLTHROUGH */
3407 case IPSTATS_MIB_OUTNOROUTES:
3408 IP6_INC_STATS(dev_net(dst->dev), ip6_dst_idev(dst),
3409 ipstats_mib_noroutes);
3410 break;
3412 icmpv6_send(skb, ICMPV6_DEST_UNREACH, code, 0);
3413 kfree_skb(skb);
3414 return 0;
3417 static int ip6_pkt_discard(struct sk_buff *skb)
3419 return ip6_pkt_drop(skb, ICMPV6_NOROUTE, IPSTATS_MIB_INNOROUTES);
3422 static int ip6_pkt_discard_out(struct net *net, struct sock *sk, struct sk_buff *skb)
3424 skb->dev = skb_dst(skb)->dev;
3425 return ip6_pkt_drop(skb, ICMPV6_NOROUTE, IPSTATS_MIB_OUTNOROUTES);
3428 static int ip6_pkt_prohibit(struct sk_buff *skb)
3430 return ip6_pkt_drop(skb, ICMPV6_ADM_PROHIBITED, IPSTATS_MIB_INNOROUTES);
3433 static int ip6_pkt_prohibit_out(struct net *net, struct sock *sk, struct sk_buff *skb)
3435 skb->dev = skb_dst(skb)->dev;
3436 return ip6_pkt_drop(skb, ICMPV6_ADM_PROHIBITED, IPSTATS_MIB_OUTNOROUTES);
3440 * Allocate a dst for local (unicast / anycast) address.
3443 struct rt6_info *addrconf_dst_alloc(struct inet6_dev *idev,
3444 const struct in6_addr *addr,
3445 bool anycast)
3447 u32 tb_id;
3448 struct net *net = dev_net(idev->dev);
3449 struct net_device *dev = idev->dev;
3450 struct rt6_info *rt;
3452 rt = ip6_dst_alloc(net, dev, DST_NOCOUNT);
3453 if (!rt)
3454 return ERR_PTR(-ENOMEM);
3456 in6_dev_hold(idev);
3458 rt->dst.flags |= DST_HOST;
3459 rt->dst.input = ip6_input;
3460 rt->dst.output = ip6_output;
3461 rt->rt6i_idev = idev;
3463 rt->rt6i_protocol = RTPROT_KERNEL;
3464 rt->rt6i_flags = RTF_UP | RTF_NONEXTHOP;
3465 if (anycast)
3466 rt->rt6i_flags |= RTF_ANYCAST;
3467 else
3468 rt->rt6i_flags |= RTF_LOCAL;
3470 rt->rt6i_gateway = *addr;
3471 rt->rt6i_dst.addr = *addr;
3472 rt->rt6i_dst.plen = 128;
3473 tb_id = l3mdev_fib_table(idev->dev) ? : RT6_TABLE_LOCAL;
3474 rt->rt6i_table = fib6_get_table(net, tb_id);
3476 return rt;
3479 /* remove deleted ip from prefsrc entries */
3480 struct arg_dev_net_ip {
3481 struct net_device *dev;
3482 struct net *net;
3483 struct in6_addr *addr;
3486 static int fib6_remove_prefsrc(struct rt6_info *rt, void *arg)
3488 struct net_device *dev = ((struct arg_dev_net_ip *)arg)->dev;
3489 struct net *net = ((struct arg_dev_net_ip *)arg)->net;
3490 struct in6_addr *addr = ((struct arg_dev_net_ip *)arg)->addr;
3492 if (((void *)rt->dst.dev == dev || !dev) &&
3493 rt != net->ipv6.ip6_null_entry &&
3494 ipv6_addr_equal(addr, &rt->rt6i_prefsrc.addr)) {
3495 spin_lock_bh(&rt6_exception_lock);
3496 /* remove prefsrc entry */
3497 rt->rt6i_prefsrc.plen = 0;
3498 /* need to update cache as well */
3499 rt6_exceptions_remove_prefsrc(rt);
3500 spin_unlock_bh(&rt6_exception_lock);
3502 return 0;
3505 void rt6_remove_prefsrc(struct inet6_ifaddr *ifp)
3507 struct net *net = dev_net(ifp->idev->dev);
3508 struct arg_dev_net_ip adni = {
3509 .dev = ifp->idev->dev,
3510 .net = net,
3511 .addr = &ifp->addr,
3513 fib6_clean_all(net, fib6_remove_prefsrc, &adni);
3516 #define RTF_RA_ROUTER (RTF_ADDRCONF | RTF_DEFAULT | RTF_GATEWAY)
3518 /* Remove routers and update dst entries when gateway turn into host. */
3519 static int fib6_clean_tohost(struct rt6_info *rt, void *arg)
3521 struct in6_addr *gateway = (struct in6_addr *)arg;
3523 if (((rt->rt6i_flags & RTF_RA_ROUTER) == RTF_RA_ROUTER) &&
3524 ipv6_addr_equal(gateway, &rt->rt6i_gateway)) {
3525 return -1;
3528 /* Further clean up cached routes in exception table.
3529 * This is needed because cached route may have a different
3530 * gateway than its 'parent' in the case of an ip redirect.
3532 rt6_exceptions_clean_tohost(rt, gateway);
3534 return 0;
3537 void rt6_clean_tohost(struct net *net, struct in6_addr *gateway)
3539 fib6_clean_all(net, fib6_clean_tohost, gateway);
3542 struct arg_netdev_event {
3543 const struct net_device *dev;
3544 union {
3545 unsigned int nh_flags;
3546 unsigned long event;
3550 static struct rt6_info *rt6_multipath_first_sibling(const struct rt6_info *rt)
3552 struct rt6_info *iter;
3553 struct fib6_node *fn;
3555 fn = rcu_dereference_protected(rt->rt6i_node,
3556 lockdep_is_held(&rt->rt6i_table->tb6_lock));
3557 iter = rcu_dereference_protected(fn->leaf,
3558 lockdep_is_held(&rt->rt6i_table->tb6_lock));
3559 while (iter) {
3560 if (iter->rt6i_metric == rt->rt6i_metric &&
3561 rt6_qualify_for_ecmp(iter))
3562 return iter;
3563 iter = rcu_dereference_protected(iter->rt6_next,
3564 lockdep_is_held(&rt->rt6i_table->tb6_lock));
3567 return NULL;
3570 static bool rt6_is_dead(const struct rt6_info *rt)
3572 if (rt->rt6i_nh_flags & RTNH_F_DEAD ||
3573 (rt->rt6i_nh_flags & RTNH_F_LINKDOWN &&
3574 rt->rt6i_idev->cnf.ignore_routes_with_linkdown))
3575 return true;
3577 return false;
3580 static int rt6_multipath_total_weight(const struct rt6_info *rt)
3582 struct rt6_info *iter;
3583 int total = 0;
3585 if (!rt6_is_dead(rt))
3586 total += rt->rt6i_nh_weight;
3588 list_for_each_entry(iter, &rt->rt6i_siblings, rt6i_siblings) {
3589 if (!rt6_is_dead(iter))
3590 total += iter->rt6i_nh_weight;
3593 return total;
3596 static void rt6_upper_bound_set(struct rt6_info *rt, int *weight, int total)
3598 int upper_bound = -1;
3600 if (!rt6_is_dead(rt)) {
3601 *weight += rt->rt6i_nh_weight;
3602 upper_bound = DIV_ROUND_CLOSEST_ULL((u64) (*weight) << 31,
3603 total) - 1;
3605 atomic_set(&rt->rt6i_nh_upper_bound, upper_bound);
3608 static void rt6_multipath_upper_bound_set(struct rt6_info *rt, int total)
3610 struct rt6_info *iter;
3611 int weight = 0;
3613 rt6_upper_bound_set(rt, &weight, total);
3615 list_for_each_entry(iter, &rt->rt6i_siblings, rt6i_siblings)
3616 rt6_upper_bound_set(iter, &weight, total);
3619 void rt6_multipath_rebalance(struct rt6_info *rt)
3621 struct rt6_info *first;
3622 int total;
3624 /* In case the entire multipath route was marked for flushing,
3625 * then there is no need to rebalance upon the removal of every
3626 * sibling route.
3628 if (!rt->rt6i_nsiblings || rt->should_flush)
3629 return;
3631 /* During lookup routes are evaluated in order, so we need to
3632 * make sure upper bounds are assigned from the first sibling
3633 * onwards.
3635 first = rt6_multipath_first_sibling(rt);
3636 if (WARN_ON_ONCE(!first))
3637 return;
3639 total = rt6_multipath_total_weight(first);
3640 rt6_multipath_upper_bound_set(first, total);
3643 static int fib6_ifup(struct rt6_info *rt, void *p_arg)
3645 const struct arg_netdev_event *arg = p_arg;
3646 const struct net *net = dev_net(arg->dev);
3648 if (rt != net->ipv6.ip6_null_entry && rt->dst.dev == arg->dev) {
3649 rt->rt6i_nh_flags &= ~arg->nh_flags;
3650 fib6_update_sernum_upto_root(dev_net(rt->dst.dev), rt);
3651 rt6_multipath_rebalance(rt);
3654 return 0;
3657 void rt6_sync_up(struct net_device *dev, unsigned int nh_flags)
3659 struct arg_netdev_event arg = {
3660 .dev = dev,
3662 .nh_flags = nh_flags,
3666 if (nh_flags & RTNH_F_DEAD && netif_carrier_ok(dev))
3667 arg.nh_flags |= RTNH_F_LINKDOWN;
3669 fib6_clean_all(dev_net(dev), fib6_ifup, &arg);
3672 static bool rt6_multipath_uses_dev(const struct rt6_info *rt,
3673 const struct net_device *dev)
3675 struct rt6_info *iter;
3677 if (rt->dst.dev == dev)
3678 return true;
3679 list_for_each_entry(iter, &rt->rt6i_siblings, rt6i_siblings)
3680 if (iter->dst.dev == dev)
3681 return true;
3683 return false;
3686 static void rt6_multipath_flush(struct rt6_info *rt)
3688 struct rt6_info *iter;
3690 rt->should_flush = 1;
3691 list_for_each_entry(iter, &rt->rt6i_siblings, rt6i_siblings)
3692 iter->should_flush = 1;
3695 static unsigned int rt6_multipath_dead_count(const struct rt6_info *rt,
3696 const struct net_device *down_dev)
3698 struct rt6_info *iter;
3699 unsigned int dead = 0;
3701 if (rt->dst.dev == down_dev || rt->rt6i_nh_flags & RTNH_F_DEAD)
3702 dead++;
3703 list_for_each_entry(iter, &rt->rt6i_siblings, rt6i_siblings)
3704 if (iter->dst.dev == down_dev ||
3705 iter->rt6i_nh_flags & RTNH_F_DEAD)
3706 dead++;
3708 return dead;
3711 static void rt6_multipath_nh_flags_set(struct rt6_info *rt,
3712 const struct net_device *dev,
3713 unsigned int nh_flags)
3715 struct rt6_info *iter;
3717 if (rt->dst.dev == dev)
3718 rt->rt6i_nh_flags |= nh_flags;
3719 list_for_each_entry(iter, &rt->rt6i_siblings, rt6i_siblings)
3720 if (iter->dst.dev == dev)
3721 iter->rt6i_nh_flags |= nh_flags;
3724 /* called with write lock held for table with rt */
3725 static int fib6_ifdown(struct rt6_info *rt, void *p_arg)
3727 const struct arg_netdev_event *arg = p_arg;
3728 const struct net_device *dev = arg->dev;
3729 const struct net *net = dev_net(dev);
3731 if (rt == net->ipv6.ip6_null_entry)
3732 return 0;
3734 switch (arg->event) {
3735 case NETDEV_UNREGISTER:
3736 return rt->dst.dev == dev ? -1 : 0;
3737 case NETDEV_DOWN:
3738 if (rt->should_flush)
3739 return -1;
3740 if (!rt->rt6i_nsiblings)
3741 return rt->dst.dev == dev ? -1 : 0;
3742 if (rt6_multipath_uses_dev(rt, dev)) {
3743 unsigned int count;
3745 count = rt6_multipath_dead_count(rt, dev);
3746 if (rt->rt6i_nsiblings + 1 == count) {
3747 rt6_multipath_flush(rt);
3748 return -1;
3750 rt6_multipath_nh_flags_set(rt, dev, RTNH_F_DEAD |
3751 RTNH_F_LINKDOWN);
3752 fib6_update_sernum(rt);
3753 rt6_multipath_rebalance(rt);
3755 return -2;
3756 case NETDEV_CHANGE:
3757 if (rt->dst.dev != dev ||
3758 rt->rt6i_flags & (RTF_LOCAL | RTF_ANYCAST))
3759 break;
3760 rt->rt6i_nh_flags |= RTNH_F_LINKDOWN;
3761 rt6_multipath_rebalance(rt);
3762 break;
3765 return 0;
3768 void rt6_sync_down_dev(struct net_device *dev, unsigned long event)
3770 struct arg_netdev_event arg = {
3771 .dev = dev,
3773 .event = event,
3777 fib6_clean_all(dev_net(dev), fib6_ifdown, &arg);
3780 void rt6_disable_ip(struct net_device *dev, unsigned long event)
3782 rt6_sync_down_dev(dev, event);
3783 rt6_uncached_list_flush_dev(dev_net(dev), dev);
3784 neigh_ifdown(&nd_tbl, dev);
3787 struct rt6_mtu_change_arg {
3788 struct net_device *dev;
3789 unsigned int mtu;
3792 static int rt6_mtu_change_route(struct rt6_info *rt, void *p_arg)
3794 struct rt6_mtu_change_arg *arg = (struct rt6_mtu_change_arg *) p_arg;
3795 struct inet6_dev *idev;
3797 /* In IPv6 pmtu discovery is not optional,
3798 so that RTAX_MTU lock cannot disable it.
3799 We still use this lock to block changes
3800 caused by addrconf/ndisc.
3803 idev = __in6_dev_get(arg->dev);
3804 if (!idev)
3805 return 0;
3807 /* For administrative MTU increase, there is no way to discover
3808 IPv6 PMTU increase, so PMTU increase should be updated here.
3809 Since RFC 1981 doesn't include administrative MTU increase
3810 update PMTU increase is a MUST. (i.e. jumbo frame)
3813 If new MTU is less than route PMTU, this new MTU will be the
3814 lowest MTU in the path, update the route PMTU to reflect PMTU
3815 decreases; if new MTU is greater than route PMTU, and the
3816 old MTU is the lowest MTU in the path, update the route PMTU
3817 to reflect the increase. In this case if the other nodes' MTU
3818 also have the lowest MTU, TOO BIG MESSAGE will be lead to
3819 PMTU discovery.
3821 if (rt->dst.dev == arg->dev &&
3822 dst_metric_raw(&rt->dst, RTAX_MTU) &&
3823 !dst_metric_locked(&rt->dst, RTAX_MTU)) {
3824 spin_lock_bh(&rt6_exception_lock);
3825 if (dst_mtu(&rt->dst) >= arg->mtu ||
3826 (dst_mtu(&rt->dst) < arg->mtu &&
3827 dst_mtu(&rt->dst) == idev->cnf.mtu6)) {
3828 dst_metric_set(&rt->dst, RTAX_MTU, arg->mtu);
3830 rt6_exceptions_update_pmtu(rt, arg->mtu);
3831 spin_unlock_bh(&rt6_exception_lock);
3833 return 0;
3836 void rt6_mtu_change(struct net_device *dev, unsigned int mtu)
3838 struct rt6_mtu_change_arg arg = {
3839 .dev = dev,
3840 .mtu = mtu,
3843 fib6_clean_all(dev_net(dev), rt6_mtu_change_route, &arg);
3846 static const struct nla_policy rtm_ipv6_policy[RTA_MAX+1] = {
3847 [RTA_GATEWAY] = { .len = sizeof(struct in6_addr) },
3848 [RTA_OIF] = { .type = NLA_U32 },
3849 [RTA_IIF] = { .type = NLA_U32 },
3850 [RTA_PRIORITY] = { .type = NLA_U32 },
3851 [RTA_METRICS] = { .type = NLA_NESTED },
3852 [RTA_MULTIPATH] = { .len = sizeof(struct rtnexthop) },
3853 [RTA_PREF] = { .type = NLA_U8 },
3854 [RTA_ENCAP_TYPE] = { .type = NLA_U16 },
3855 [RTA_ENCAP] = { .type = NLA_NESTED },
3856 [RTA_EXPIRES] = { .type = NLA_U32 },
3857 [RTA_UID] = { .type = NLA_U32 },
3858 [RTA_MARK] = { .type = NLA_U32 },
3861 static int rtm_to_fib6_config(struct sk_buff *skb, struct nlmsghdr *nlh,
3862 struct fib6_config *cfg,
3863 struct netlink_ext_ack *extack)
3865 struct rtmsg *rtm;
3866 struct nlattr *tb[RTA_MAX+1];
3867 unsigned int pref;
3868 int err;
3870 err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_ipv6_policy,
3871 NULL);
3872 if (err < 0)
3873 goto errout;
3875 err = -EINVAL;
3876 rtm = nlmsg_data(nlh);
3877 memset(cfg, 0, sizeof(*cfg));
3879 cfg->fc_table = rtm->rtm_table;
3880 cfg->fc_dst_len = rtm->rtm_dst_len;
3881 cfg->fc_src_len = rtm->rtm_src_len;
3882 cfg->fc_flags = RTF_UP;
3883 cfg->fc_protocol = rtm->rtm_protocol;
3884 cfg->fc_type = rtm->rtm_type;
3886 if (rtm->rtm_type == RTN_UNREACHABLE ||
3887 rtm->rtm_type == RTN_BLACKHOLE ||
3888 rtm->rtm_type == RTN_PROHIBIT ||
3889 rtm->rtm_type == RTN_THROW)
3890 cfg->fc_flags |= RTF_REJECT;
3892 if (rtm->rtm_type == RTN_LOCAL)
3893 cfg->fc_flags |= RTF_LOCAL;
3895 if (rtm->rtm_flags & RTM_F_CLONED)
3896 cfg->fc_flags |= RTF_CACHE;
3898 cfg->fc_flags |= (rtm->rtm_flags & RTNH_F_ONLINK);
3900 cfg->fc_nlinfo.portid = NETLINK_CB(skb).portid;
3901 cfg->fc_nlinfo.nlh = nlh;
3902 cfg->fc_nlinfo.nl_net = sock_net(skb->sk);
3904 if (tb[RTA_GATEWAY]) {
3905 cfg->fc_gateway = nla_get_in6_addr(tb[RTA_GATEWAY]);
3906 cfg->fc_flags |= RTF_GATEWAY;
3909 if (tb[RTA_DST]) {
3910 int plen = (rtm->rtm_dst_len + 7) >> 3;
3912 if (nla_len(tb[RTA_DST]) < plen)
3913 goto errout;
3915 nla_memcpy(&cfg->fc_dst, tb[RTA_DST], plen);
3918 if (tb[RTA_SRC]) {
3919 int plen = (rtm->rtm_src_len + 7) >> 3;
3921 if (nla_len(tb[RTA_SRC]) < plen)
3922 goto errout;
3924 nla_memcpy(&cfg->fc_src, tb[RTA_SRC], plen);
3927 if (tb[RTA_PREFSRC])
3928 cfg->fc_prefsrc = nla_get_in6_addr(tb[RTA_PREFSRC]);
3930 if (tb[RTA_OIF])
3931 cfg->fc_ifindex = nla_get_u32(tb[RTA_OIF]);
3933 if (tb[RTA_PRIORITY])
3934 cfg->fc_metric = nla_get_u32(tb[RTA_PRIORITY]);
3936 if (tb[RTA_METRICS]) {
3937 cfg->fc_mx = nla_data(tb[RTA_METRICS]);
3938 cfg->fc_mx_len = nla_len(tb[RTA_METRICS]);
3941 if (tb[RTA_TABLE])
3942 cfg->fc_table = nla_get_u32(tb[RTA_TABLE]);
3944 if (tb[RTA_MULTIPATH]) {
3945 cfg->fc_mp = nla_data(tb[RTA_MULTIPATH]);
3946 cfg->fc_mp_len = nla_len(tb[RTA_MULTIPATH]);
3948 err = lwtunnel_valid_encap_type_attr(cfg->fc_mp,
3949 cfg->fc_mp_len, extack);
3950 if (err < 0)
3951 goto errout;
3954 if (tb[RTA_PREF]) {
3955 pref = nla_get_u8(tb[RTA_PREF]);
3956 if (pref != ICMPV6_ROUTER_PREF_LOW &&
3957 pref != ICMPV6_ROUTER_PREF_HIGH)
3958 pref = ICMPV6_ROUTER_PREF_MEDIUM;
3959 cfg->fc_flags |= RTF_PREF(pref);
3962 if (tb[RTA_ENCAP])
3963 cfg->fc_encap = tb[RTA_ENCAP];
3965 if (tb[RTA_ENCAP_TYPE]) {
3966 cfg->fc_encap_type = nla_get_u16(tb[RTA_ENCAP_TYPE]);
3968 err = lwtunnel_valid_encap_type(cfg->fc_encap_type, extack);
3969 if (err < 0)
3970 goto errout;
3973 if (tb[RTA_EXPIRES]) {
3974 unsigned long timeout = addrconf_timeout_fixup(nla_get_u32(tb[RTA_EXPIRES]), HZ);
3976 if (addrconf_finite_timeout(timeout)) {
3977 cfg->fc_expires = jiffies_to_clock_t(timeout * HZ);
3978 cfg->fc_flags |= RTF_EXPIRES;
3982 err = 0;
3983 errout:
3984 return err;
3987 struct rt6_nh {
3988 struct rt6_info *rt6_info;
3989 struct fib6_config r_cfg;
3990 struct mx6_config mxc;
3991 struct list_head next;
3994 static void ip6_print_replace_route_err(struct list_head *rt6_nh_list)
3996 struct rt6_nh *nh;
3998 list_for_each_entry(nh, rt6_nh_list, next) {
3999 pr_warn("IPV6: multipath route replace failed (check consistency of installed routes): %pI6c nexthop %pI6c ifi %d\n",
4000 &nh->r_cfg.fc_dst, &nh->r_cfg.fc_gateway,
4001 nh->r_cfg.fc_ifindex);
4005 static int ip6_route_info_append(struct list_head *rt6_nh_list,
4006 struct rt6_info *rt, struct fib6_config *r_cfg)
4008 struct rt6_nh *nh;
4009 int err = -EEXIST;
4011 list_for_each_entry(nh, rt6_nh_list, next) {
4012 /* check if rt6_info already exists */
4013 if (rt6_duplicate_nexthop(nh->rt6_info, rt))
4014 return err;
4017 nh = kzalloc(sizeof(*nh), GFP_KERNEL);
4018 if (!nh)
4019 return -ENOMEM;
4020 nh->rt6_info = rt;
4021 err = ip6_convert_metrics(&nh->mxc, r_cfg);
4022 if (err) {
4023 kfree(nh);
4024 return err;
4026 memcpy(&nh->r_cfg, r_cfg, sizeof(*r_cfg));
4027 list_add_tail(&nh->next, rt6_nh_list);
4029 return 0;
4032 static void ip6_route_mpath_notify(struct rt6_info *rt,
4033 struct rt6_info *rt_last,
4034 struct nl_info *info,
4035 __u16 nlflags)
4037 /* if this is an APPEND route, then rt points to the first route
4038 * inserted and rt_last points to last route inserted. Userspace
4039 * wants a consistent dump of the route which starts at the first
4040 * nexthop. Since sibling routes are always added at the end of
4041 * the list, find the first sibling of the last route appended
4043 if ((nlflags & NLM_F_APPEND) && rt_last && rt_last->rt6i_nsiblings) {
4044 rt = list_first_entry(&rt_last->rt6i_siblings,
4045 struct rt6_info,
4046 rt6i_siblings);
4049 if (rt)
4050 inet6_rt_notify(RTM_NEWROUTE, rt, info, nlflags);
4053 static int ip6_route_multipath_add(struct fib6_config *cfg,
4054 struct netlink_ext_ack *extack)
4056 struct rt6_info *rt_notif = NULL, *rt_last = NULL;
4057 struct nl_info *info = &cfg->fc_nlinfo;
4058 struct fib6_config r_cfg;
4059 struct rtnexthop *rtnh;
4060 struct rt6_info *rt;
4061 struct rt6_nh *err_nh;
4062 struct rt6_nh *nh, *nh_safe;
4063 __u16 nlflags;
4064 int remaining;
4065 int attrlen;
4066 int err = 1;
4067 int nhn = 0;
4068 int replace = (cfg->fc_nlinfo.nlh &&
4069 (cfg->fc_nlinfo.nlh->nlmsg_flags & NLM_F_REPLACE));
4070 LIST_HEAD(rt6_nh_list);
4072 nlflags = replace ? NLM_F_REPLACE : NLM_F_CREATE;
4073 if (info->nlh && info->nlh->nlmsg_flags & NLM_F_APPEND)
4074 nlflags |= NLM_F_APPEND;
4076 remaining = cfg->fc_mp_len;
4077 rtnh = (struct rtnexthop *)cfg->fc_mp;
4079 /* Parse a Multipath Entry and build a list (rt6_nh_list) of
4080 * rt6_info structs per nexthop
4082 while (rtnh_ok(rtnh, remaining)) {
4083 memcpy(&r_cfg, cfg, sizeof(*cfg));
4084 if (rtnh->rtnh_ifindex)
4085 r_cfg.fc_ifindex = rtnh->rtnh_ifindex;
4087 attrlen = rtnh_attrlen(rtnh);
4088 if (attrlen > 0) {
4089 struct nlattr *nla, *attrs = rtnh_attrs(rtnh);
4091 nla = nla_find(attrs, attrlen, RTA_GATEWAY);
4092 if (nla) {
4093 r_cfg.fc_gateway = nla_get_in6_addr(nla);
4094 r_cfg.fc_flags |= RTF_GATEWAY;
4096 r_cfg.fc_encap = nla_find(attrs, attrlen, RTA_ENCAP);
4097 nla = nla_find(attrs, attrlen, RTA_ENCAP_TYPE);
4098 if (nla)
4099 r_cfg.fc_encap_type = nla_get_u16(nla);
4102 rt = ip6_route_info_create(&r_cfg, extack);
4103 if (IS_ERR(rt)) {
4104 err = PTR_ERR(rt);
4105 rt = NULL;
4106 goto cleanup;
4109 rt->rt6i_nh_weight = rtnh->rtnh_hops + 1;
4111 err = ip6_route_info_append(&rt6_nh_list, rt, &r_cfg);
4112 if (err) {
4113 dst_release_immediate(&rt->dst);
4114 goto cleanup;
4117 rtnh = rtnh_next(rtnh, &remaining);
4120 /* for add and replace send one notification with all nexthops.
4121 * Skip the notification in fib6_add_rt2node and send one with
4122 * the full route when done
4124 info->skip_notify = 1;
4126 err_nh = NULL;
4127 list_for_each_entry(nh, &rt6_nh_list, next) {
4128 rt_last = nh->rt6_info;
4129 err = __ip6_ins_rt(nh->rt6_info, info, &nh->mxc, extack);
4130 /* save reference to first route for notification */
4131 if (!rt_notif && !err)
4132 rt_notif = nh->rt6_info;
4134 /* nh->rt6_info is used or freed at this point, reset to NULL*/
4135 nh->rt6_info = NULL;
4136 if (err) {
4137 if (replace && nhn)
4138 ip6_print_replace_route_err(&rt6_nh_list);
4139 err_nh = nh;
4140 goto add_errout;
4143 /* Because each route is added like a single route we remove
4144 * these flags after the first nexthop: if there is a collision,
4145 * we have already failed to add the first nexthop:
4146 * fib6_add_rt2node() has rejected it; when replacing, old
4147 * nexthops have been replaced by first new, the rest should
4148 * be added to it.
4150 cfg->fc_nlinfo.nlh->nlmsg_flags &= ~(NLM_F_EXCL |
4151 NLM_F_REPLACE);
4152 nhn++;
4155 /* success ... tell user about new route */
4156 ip6_route_mpath_notify(rt_notif, rt_last, info, nlflags);
4157 goto cleanup;
4159 add_errout:
4160 /* send notification for routes that were added so that
4161 * the delete notifications sent by ip6_route_del are
4162 * coherent
4164 if (rt_notif)
4165 ip6_route_mpath_notify(rt_notif, rt_last, info, nlflags);
4167 /* Delete routes that were already added */
4168 list_for_each_entry(nh, &rt6_nh_list, next) {
4169 if (err_nh == nh)
4170 break;
4171 ip6_route_del(&nh->r_cfg, extack);
4174 cleanup:
4175 list_for_each_entry_safe(nh, nh_safe, &rt6_nh_list, next) {
4176 if (nh->rt6_info)
4177 dst_release_immediate(&nh->rt6_info->dst);
4178 kfree(nh->mxc.mx);
4179 list_del(&nh->next);
4180 kfree(nh);
4183 return err;
4186 static int ip6_route_multipath_del(struct fib6_config *cfg,
4187 struct netlink_ext_ack *extack)
4189 struct fib6_config r_cfg;
4190 struct rtnexthop *rtnh;
4191 int remaining;
4192 int attrlen;
4193 int err = 1, last_err = 0;
4195 remaining = cfg->fc_mp_len;
4196 rtnh = (struct rtnexthop *)cfg->fc_mp;
4198 /* Parse a Multipath Entry */
4199 while (rtnh_ok(rtnh, remaining)) {
4200 memcpy(&r_cfg, cfg, sizeof(*cfg));
4201 if (rtnh->rtnh_ifindex)
4202 r_cfg.fc_ifindex = rtnh->rtnh_ifindex;
4204 attrlen = rtnh_attrlen(rtnh);
4205 if (attrlen > 0) {
4206 struct nlattr *nla, *attrs = rtnh_attrs(rtnh);
4208 nla = nla_find(attrs, attrlen, RTA_GATEWAY);
4209 if (nla) {
4210 nla_memcpy(&r_cfg.fc_gateway, nla, 16);
4211 r_cfg.fc_flags |= RTF_GATEWAY;
4214 err = ip6_route_del(&r_cfg, extack);
4215 if (err)
4216 last_err = err;
4218 rtnh = rtnh_next(rtnh, &remaining);
4221 return last_err;
4224 static int inet6_rtm_delroute(struct sk_buff *skb, struct nlmsghdr *nlh,
4225 struct netlink_ext_ack *extack)
4227 struct fib6_config cfg;
4228 int err;
4230 err = rtm_to_fib6_config(skb, nlh, &cfg, extack);
4231 if (err < 0)
4232 return err;
4234 if (cfg.fc_mp)
4235 return ip6_route_multipath_del(&cfg, extack);
4236 else {
4237 cfg.fc_delete_all_nh = 1;
4238 return ip6_route_del(&cfg, extack);
4242 static int inet6_rtm_newroute(struct sk_buff *skb, struct nlmsghdr *nlh,
4243 struct netlink_ext_ack *extack)
4245 struct fib6_config cfg;
4246 int err;
4248 err = rtm_to_fib6_config(skb, nlh, &cfg, extack);
4249 if (err < 0)
4250 return err;
4252 if (cfg.fc_mp)
4253 return ip6_route_multipath_add(&cfg, extack);
4254 else
4255 return ip6_route_add(&cfg, extack);
4258 static size_t rt6_nlmsg_size(struct rt6_info *rt)
4260 int nexthop_len = 0;
4262 if (rt->rt6i_nsiblings) {
4263 nexthop_len = nla_total_size(0) /* RTA_MULTIPATH */
4264 + NLA_ALIGN(sizeof(struct rtnexthop))
4265 + nla_total_size(16) /* RTA_GATEWAY */
4266 + lwtunnel_get_encap_size(rt->dst.lwtstate);
4268 nexthop_len *= rt->rt6i_nsiblings;
4271 return NLMSG_ALIGN(sizeof(struct rtmsg))
4272 + nla_total_size(16) /* RTA_SRC */
4273 + nla_total_size(16) /* RTA_DST */
4274 + nla_total_size(16) /* RTA_GATEWAY */
4275 + nla_total_size(16) /* RTA_PREFSRC */
4276 + nla_total_size(4) /* RTA_TABLE */
4277 + nla_total_size(4) /* RTA_IIF */
4278 + nla_total_size(4) /* RTA_OIF */
4279 + nla_total_size(4) /* RTA_PRIORITY */
4280 + RTAX_MAX * nla_total_size(4) /* RTA_METRICS */
4281 + nla_total_size(sizeof(struct rta_cacheinfo))
4282 + nla_total_size(TCP_CA_NAME_MAX) /* RTAX_CC_ALGO */
4283 + nla_total_size(1) /* RTA_PREF */
4284 + lwtunnel_get_encap_size(rt->dst.lwtstate)
4285 + nexthop_len;
4288 static int rt6_nexthop_info(struct sk_buff *skb, struct rt6_info *rt,
4289 unsigned int *flags, bool skip_oif)
4291 if (rt->rt6i_nh_flags & RTNH_F_DEAD)
4292 *flags |= RTNH_F_DEAD;
4294 if (rt->rt6i_nh_flags & RTNH_F_LINKDOWN) {
4295 *flags |= RTNH_F_LINKDOWN;
4296 if (rt->rt6i_idev->cnf.ignore_routes_with_linkdown)
4297 *flags |= RTNH_F_DEAD;
4300 if (rt->rt6i_flags & RTF_GATEWAY) {
4301 if (nla_put_in6_addr(skb, RTA_GATEWAY, &rt->rt6i_gateway) < 0)
4302 goto nla_put_failure;
4305 *flags |= (rt->rt6i_nh_flags & RTNH_F_ONLINK);
4306 if (rt->rt6i_nh_flags & RTNH_F_OFFLOAD)
4307 *flags |= RTNH_F_OFFLOAD;
4309 /* not needed for multipath encoding b/c it has a rtnexthop struct */
4310 if (!skip_oif && rt->dst.dev &&
4311 nla_put_u32(skb, RTA_OIF, rt->dst.dev->ifindex))
4312 goto nla_put_failure;
4314 if (rt->dst.lwtstate &&
4315 lwtunnel_fill_encap(skb, rt->dst.lwtstate) < 0)
4316 goto nla_put_failure;
4318 return 0;
4320 nla_put_failure:
4321 return -EMSGSIZE;
4324 /* add multipath next hop */
4325 static int rt6_add_nexthop(struct sk_buff *skb, struct rt6_info *rt)
4327 struct rtnexthop *rtnh;
4328 unsigned int flags = 0;
4330 rtnh = nla_reserve_nohdr(skb, sizeof(*rtnh));
4331 if (!rtnh)
4332 goto nla_put_failure;
4334 rtnh->rtnh_hops = rt->rt6i_nh_weight - 1;
4335 rtnh->rtnh_ifindex = rt->dst.dev ? rt->dst.dev->ifindex : 0;
4337 if (rt6_nexthop_info(skb, rt, &flags, true) < 0)
4338 goto nla_put_failure;
4340 rtnh->rtnh_flags = flags;
4342 /* length of rtnetlink header + attributes */
4343 rtnh->rtnh_len = nlmsg_get_pos(skb) - (void *)rtnh;
4345 return 0;
4347 nla_put_failure:
4348 return -EMSGSIZE;
4351 static int rt6_fill_node(struct net *net,
4352 struct sk_buff *skb, struct rt6_info *rt,
4353 struct in6_addr *dst, struct in6_addr *src,
4354 int iif, int type, u32 portid, u32 seq,
4355 unsigned int flags)
4357 u32 metrics[RTAX_MAX];
4358 struct rtmsg *rtm;
4359 struct nlmsghdr *nlh;
4360 long expires;
4361 u32 table;
4363 nlh = nlmsg_put(skb, portid, seq, type, sizeof(*rtm), flags);
4364 if (!nlh)
4365 return -EMSGSIZE;
4367 rtm = nlmsg_data(nlh);
4368 rtm->rtm_family = AF_INET6;
4369 rtm->rtm_dst_len = rt->rt6i_dst.plen;
4370 rtm->rtm_src_len = rt->rt6i_src.plen;
4371 rtm->rtm_tos = 0;
4372 if (rt->rt6i_table)
4373 table = rt->rt6i_table->tb6_id;
4374 else
4375 table = RT6_TABLE_UNSPEC;
4376 rtm->rtm_table = table;
4377 if (nla_put_u32(skb, RTA_TABLE, table))
4378 goto nla_put_failure;
4379 if (rt->rt6i_flags & RTF_REJECT) {
4380 switch (rt->dst.error) {
4381 case -EINVAL:
4382 rtm->rtm_type = RTN_BLACKHOLE;
4383 break;
4384 case -EACCES:
4385 rtm->rtm_type = RTN_PROHIBIT;
4386 break;
4387 case -EAGAIN:
4388 rtm->rtm_type = RTN_THROW;
4389 break;
4390 default:
4391 rtm->rtm_type = RTN_UNREACHABLE;
4392 break;
4395 else if (rt->rt6i_flags & RTF_LOCAL)
4396 rtm->rtm_type = RTN_LOCAL;
4397 else if (rt->rt6i_flags & RTF_ANYCAST)
4398 rtm->rtm_type = RTN_ANYCAST;
4399 else if (rt->dst.dev && (rt->dst.dev->flags & IFF_LOOPBACK))
4400 rtm->rtm_type = RTN_LOCAL;
4401 else
4402 rtm->rtm_type = RTN_UNICAST;
4403 rtm->rtm_flags = 0;
4404 rtm->rtm_scope = RT_SCOPE_UNIVERSE;
4405 rtm->rtm_protocol = rt->rt6i_protocol;
4407 if (rt->rt6i_flags & RTF_CACHE)
4408 rtm->rtm_flags |= RTM_F_CLONED;
4410 if (dst) {
4411 if (nla_put_in6_addr(skb, RTA_DST, dst))
4412 goto nla_put_failure;
4413 rtm->rtm_dst_len = 128;
4414 } else if (rtm->rtm_dst_len)
4415 if (nla_put_in6_addr(skb, RTA_DST, &rt->rt6i_dst.addr))
4416 goto nla_put_failure;
4417 #ifdef CONFIG_IPV6_SUBTREES
4418 if (src) {
4419 if (nla_put_in6_addr(skb, RTA_SRC, src))
4420 goto nla_put_failure;
4421 rtm->rtm_src_len = 128;
4422 } else if (rtm->rtm_src_len &&
4423 nla_put_in6_addr(skb, RTA_SRC, &rt->rt6i_src.addr))
4424 goto nla_put_failure;
4425 #endif
4426 if (iif) {
4427 #ifdef CONFIG_IPV6_MROUTE
4428 if (ipv6_addr_is_multicast(&rt->rt6i_dst.addr)) {
4429 int err = ip6mr_get_route(net, skb, rtm, portid);
4431 if (err == 0)
4432 return 0;
4433 if (err < 0)
4434 goto nla_put_failure;
4435 } else
4436 #endif
4437 if (nla_put_u32(skb, RTA_IIF, iif))
4438 goto nla_put_failure;
4439 } else if (dst) {
4440 struct in6_addr saddr_buf;
4441 if (ip6_route_get_saddr(net, rt, dst, 0, &saddr_buf) == 0 &&
4442 nla_put_in6_addr(skb, RTA_PREFSRC, &saddr_buf))
4443 goto nla_put_failure;
4446 if (rt->rt6i_prefsrc.plen) {
4447 struct in6_addr saddr_buf;
4448 saddr_buf = rt->rt6i_prefsrc.addr;
4449 if (nla_put_in6_addr(skb, RTA_PREFSRC, &saddr_buf))
4450 goto nla_put_failure;
4453 memcpy(metrics, dst_metrics_ptr(&rt->dst), sizeof(metrics));
4454 if (rt->rt6i_pmtu)
4455 metrics[RTAX_MTU - 1] = rt->rt6i_pmtu;
4456 if (rtnetlink_put_metrics(skb, metrics) < 0)
4457 goto nla_put_failure;
4459 if (nla_put_u32(skb, RTA_PRIORITY, rt->rt6i_metric))
4460 goto nla_put_failure;
4462 /* For multipath routes, walk the siblings list and add
4463 * each as a nexthop within RTA_MULTIPATH.
4465 if (rt->rt6i_nsiblings) {
4466 struct rt6_info *sibling, *next_sibling;
4467 struct nlattr *mp;
4469 mp = nla_nest_start(skb, RTA_MULTIPATH);
4470 if (!mp)
4471 goto nla_put_failure;
4473 if (rt6_add_nexthop(skb, rt) < 0)
4474 goto nla_put_failure;
4476 list_for_each_entry_safe(sibling, next_sibling,
4477 &rt->rt6i_siblings, rt6i_siblings) {
4478 if (rt6_add_nexthop(skb, sibling) < 0)
4479 goto nla_put_failure;
4482 nla_nest_end(skb, mp);
4483 } else {
4484 if (rt6_nexthop_info(skb, rt, &rtm->rtm_flags, false) < 0)
4485 goto nla_put_failure;
4488 expires = (rt->rt6i_flags & RTF_EXPIRES) ? rt->dst.expires - jiffies : 0;
4490 if (rtnl_put_cacheinfo(skb, &rt->dst, 0, expires, rt->dst.error) < 0)
4491 goto nla_put_failure;
4493 if (nla_put_u8(skb, RTA_PREF, IPV6_EXTRACT_PREF(rt->rt6i_flags)))
4494 goto nla_put_failure;
4497 nlmsg_end(skb, nlh);
4498 return 0;
4500 nla_put_failure:
4501 nlmsg_cancel(skb, nlh);
4502 return -EMSGSIZE;
4505 int rt6_dump_route(struct rt6_info *rt, void *p_arg)
4507 struct rt6_rtnl_dump_arg *arg = (struct rt6_rtnl_dump_arg *) p_arg;
4508 struct net *net = arg->net;
4510 if (rt == net->ipv6.ip6_null_entry)
4511 return 0;
4513 if (nlmsg_len(arg->cb->nlh) >= sizeof(struct rtmsg)) {
4514 struct rtmsg *rtm = nlmsg_data(arg->cb->nlh);
4516 /* user wants prefix routes only */
4517 if (rtm->rtm_flags & RTM_F_PREFIX &&
4518 !(rt->rt6i_flags & RTF_PREFIX_RT)) {
4519 /* success since this is not a prefix route */
4520 return 1;
4524 return rt6_fill_node(net,
4525 arg->skb, rt, NULL, NULL, 0, RTM_NEWROUTE,
4526 NETLINK_CB(arg->cb->skb).portid, arg->cb->nlh->nlmsg_seq,
4527 NLM_F_MULTI);
4530 static int inet6_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr *nlh,
4531 struct netlink_ext_ack *extack)
4533 struct net *net = sock_net(in_skb->sk);
4534 struct nlattr *tb[RTA_MAX+1];
4535 int err, iif = 0, oif = 0;
4536 struct dst_entry *dst;
4537 struct rt6_info *rt;
4538 struct sk_buff *skb;
4539 struct rtmsg *rtm;
4540 struct flowi6 fl6;
4541 bool fibmatch;
4543 err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_ipv6_policy,
4544 extack);
4545 if (err < 0)
4546 goto errout;
4548 err = -EINVAL;
4549 memset(&fl6, 0, sizeof(fl6));
4550 rtm = nlmsg_data(nlh);
4551 fl6.flowlabel = ip6_make_flowinfo(rtm->rtm_tos, 0);
4552 fibmatch = !!(rtm->rtm_flags & RTM_F_FIB_MATCH);
4554 if (tb[RTA_SRC]) {
4555 if (nla_len(tb[RTA_SRC]) < sizeof(struct in6_addr))
4556 goto errout;
4558 fl6.saddr = *(struct in6_addr *)nla_data(tb[RTA_SRC]);
4561 if (tb[RTA_DST]) {
4562 if (nla_len(tb[RTA_DST]) < sizeof(struct in6_addr))
4563 goto errout;
4565 fl6.daddr = *(struct in6_addr *)nla_data(tb[RTA_DST]);
4568 if (tb[RTA_IIF])
4569 iif = nla_get_u32(tb[RTA_IIF]);
4571 if (tb[RTA_OIF])
4572 oif = nla_get_u32(tb[RTA_OIF]);
4574 if (tb[RTA_MARK])
4575 fl6.flowi6_mark = nla_get_u32(tb[RTA_MARK]);
4577 if (tb[RTA_UID])
4578 fl6.flowi6_uid = make_kuid(current_user_ns(),
4579 nla_get_u32(tb[RTA_UID]));
4580 else
4581 fl6.flowi6_uid = iif ? INVALID_UID : current_uid();
4583 if (iif) {
4584 struct net_device *dev;
4585 int flags = 0;
4587 rcu_read_lock();
4589 dev = dev_get_by_index_rcu(net, iif);
4590 if (!dev) {
4591 rcu_read_unlock();
4592 err = -ENODEV;
4593 goto errout;
4596 fl6.flowi6_iif = iif;
4598 if (!ipv6_addr_any(&fl6.saddr))
4599 flags |= RT6_LOOKUP_F_HAS_SADDR;
4601 dst = ip6_route_input_lookup(net, dev, &fl6, flags);
4603 rcu_read_unlock();
4604 } else {
4605 fl6.flowi6_oif = oif;
4607 dst = ip6_route_output(net, NULL, &fl6);
4611 rt = container_of(dst, struct rt6_info, dst);
4612 if (rt->dst.error) {
4613 err = rt->dst.error;
4614 ip6_rt_put(rt);
4615 goto errout;
4618 if (rt == net->ipv6.ip6_null_entry) {
4619 err = rt->dst.error;
4620 ip6_rt_put(rt);
4621 goto errout;
4624 if (fibmatch && rt->from) {
4625 struct rt6_info *ort = rt->from;
4627 dst_hold(&ort->dst);
4628 ip6_rt_put(rt);
4629 rt = ort;
4632 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL);
4633 if (!skb) {
4634 ip6_rt_put(rt);
4635 err = -ENOBUFS;
4636 goto errout;
4639 skb_dst_set(skb, &rt->dst);
4640 if (fibmatch)
4641 err = rt6_fill_node(net, skb, rt, NULL, NULL, iif,
4642 RTM_NEWROUTE, NETLINK_CB(in_skb).portid,
4643 nlh->nlmsg_seq, 0);
4644 else
4645 err = rt6_fill_node(net, skb, rt, &fl6.daddr, &fl6.saddr, iif,
4646 RTM_NEWROUTE, NETLINK_CB(in_skb).portid,
4647 nlh->nlmsg_seq, 0);
4648 if (err < 0) {
4649 kfree_skb(skb);
4650 goto errout;
4653 err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).portid);
4654 errout:
4655 return err;
4658 void inet6_rt_notify(int event, struct rt6_info *rt, struct nl_info *info,
4659 unsigned int nlm_flags)
4661 struct sk_buff *skb;
4662 struct net *net = info->nl_net;
4663 u32 seq;
4664 int err;
4666 err = -ENOBUFS;
4667 seq = info->nlh ? info->nlh->nlmsg_seq : 0;
4669 skb = nlmsg_new(rt6_nlmsg_size(rt), gfp_any());
4670 if (!skb)
4671 goto errout;
4673 err = rt6_fill_node(net, skb, rt, NULL, NULL, 0,
4674 event, info->portid, seq, nlm_flags);
4675 if (err < 0) {
4676 /* -EMSGSIZE implies BUG in rt6_nlmsg_size() */
4677 WARN_ON(err == -EMSGSIZE);
4678 kfree_skb(skb);
4679 goto errout;
4681 rtnl_notify(skb, net, info->portid, RTNLGRP_IPV6_ROUTE,
4682 info->nlh, gfp_any());
4683 return;
4684 errout:
4685 if (err < 0)
4686 rtnl_set_sk_err(net, RTNLGRP_IPV6_ROUTE, err);
4689 static int ip6_route_dev_notify(struct notifier_block *this,
4690 unsigned long event, void *ptr)
4692 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
4693 struct net *net = dev_net(dev);
4695 if (!(dev->flags & IFF_LOOPBACK))
4696 return NOTIFY_OK;
4698 if (event == NETDEV_REGISTER) {
4699 net->ipv6.ip6_null_entry->dst.dev = dev;
4700 net->ipv6.ip6_null_entry->rt6i_idev = in6_dev_get(dev);
4701 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
4702 net->ipv6.ip6_prohibit_entry->dst.dev = dev;
4703 net->ipv6.ip6_prohibit_entry->rt6i_idev = in6_dev_get(dev);
4704 net->ipv6.ip6_blk_hole_entry->dst.dev = dev;
4705 net->ipv6.ip6_blk_hole_entry->rt6i_idev = in6_dev_get(dev);
4706 #endif
4707 } else if (event == NETDEV_UNREGISTER &&
4708 dev->reg_state != NETREG_UNREGISTERED) {
4709 /* NETDEV_UNREGISTER could be fired for multiple times by
4710 * netdev_wait_allrefs(). Make sure we only call this once.
4712 in6_dev_put_clear(&net->ipv6.ip6_null_entry->rt6i_idev);
4713 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
4714 in6_dev_put_clear(&net->ipv6.ip6_prohibit_entry->rt6i_idev);
4715 in6_dev_put_clear(&net->ipv6.ip6_blk_hole_entry->rt6i_idev);
4716 #endif
4719 return NOTIFY_OK;
4723 * /proc
4726 #ifdef CONFIG_PROC_FS
4728 static const struct file_operations ipv6_route_proc_fops = {
4729 .open = ipv6_route_open,
4730 .read = seq_read,
4731 .llseek = seq_lseek,
4732 .release = seq_release_net,
4735 static int rt6_stats_seq_show(struct seq_file *seq, void *v)
4737 struct net *net = (struct net *)seq->private;
4738 seq_printf(seq, "%04x %04x %04x %04x %04x %04x %04x\n",
4739 net->ipv6.rt6_stats->fib_nodes,
4740 net->ipv6.rt6_stats->fib_route_nodes,
4741 atomic_read(&net->ipv6.rt6_stats->fib_rt_alloc),
4742 net->ipv6.rt6_stats->fib_rt_entries,
4743 net->ipv6.rt6_stats->fib_rt_cache,
4744 dst_entries_get_slow(&net->ipv6.ip6_dst_ops),
4745 net->ipv6.rt6_stats->fib_discarded_routes);
4747 return 0;
4750 static int rt6_stats_seq_open(struct inode *inode, struct file *file)
4752 return single_open_net(inode, file, rt6_stats_seq_show);
4755 static const struct file_operations rt6_stats_seq_fops = {
4756 .open = rt6_stats_seq_open,
4757 .read = seq_read,
4758 .llseek = seq_lseek,
4759 .release = single_release_net,
4761 #endif /* CONFIG_PROC_FS */
4763 #ifdef CONFIG_SYSCTL
4765 static
4766 int ipv6_sysctl_rtcache_flush(struct ctl_table *ctl, int write,
4767 void __user *buffer, size_t *lenp, loff_t *ppos)
4769 struct net *net;
4770 int delay;
4771 if (!write)
4772 return -EINVAL;
4774 net = (struct net *)ctl->extra1;
4775 delay = net->ipv6.sysctl.flush_delay;
4776 proc_dointvec(ctl, write, buffer, lenp, ppos);
4777 fib6_run_gc(delay <= 0 ? 0 : (unsigned long)delay, net, delay > 0);
4778 return 0;
4781 struct ctl_table ipv6_route_table_template[] = {
4783 .procname = "flush",
4784 .data = &init_net.ipv6.sysctl.flush_delay,
4785 .maxlen = sizeof(int),
4786 .mode = 0200,
4787 .proc_handler = ipv6_sysctl_rtcache_flush
4790 .procname = "gc_thresh",
4791 .data = &ip6_dst_ops_template.gc_thresh,
4792 .maxlen = sizeof(int),
4793 .mode = 0644,
4794 .proc_handler = proc_dointvec,
4797 .procname = "max_size",
4798 .data = &init_net.ipv6.sysctl.ip6_rt_max_size,
4799 .maxlen = sizeof(int),
4800 .mode = 0644,
4801 .proc_handler = proc_dointvec,
4804 .procname = "gc_min_interval",
4805 .data = &init_net.ipv6.sysctl.ip6_rt_gc_min_interval,
4806 .maxlen = sizeof(int),
4807 .mode = 0644,
4808 .proc_handler = proc_dointvec_jiffies,
4811 .procname = "gc_timeout",
4812 .data = &init_net.ipv6.sysctl.ip6_rt_gc_timeout,
4813 .maxlen = sizeof(int),
4814 .mode = 0644,
4815 .proc_handler = proc_dointvec_jiffies,
4818 .procname = "gc_interval",
4819 .data = &init_net.ipv6.sysctl.ip6_rt_gc_interval,
4820 .maxlen = sizeof(int),
4821 .mode = 0644,
4822 .proc_handler = proc_dointvec_jiffies,
4825 .procname = "gc_elasticity",
4826 .data = &init_net.ipv6.sysctl.ip6_rt_gc_elasticity,
4827 .maxlen = sizeof(int),
4828 .mode = 0644,
4829 .proc_handler = proc_dointvec,
4832 .procname = "mtu_expires",
4833 .data = &init_net.ipv6.sysctl.ip6_rt_mtu_expires,
4834 .maxlen = sizeof(int),
4835 .mode = 0644,
4836 .proc_handler = proc_dointvec_jiffies,
4839 .procname = "min_adv_mss",
4840 .data = &init_net.ipv6.sysctl.ip6_rt_min_advmss,
4841 .maxlen = sizeof(int),
4842 .mode = 0644,
4843 .proc_handler = proc_dointvec,
4846 .procname = "gc_min_interval_ms",
4847 .data = &init_net.ipv6.sysctl.ip6_rt_gc_min_interval,
4848 .maxlen = sizeof(int),
4849 .mode = 0644,
4850 .proc_handler = proc_dointvec_ms_jiffies,
4855 struct ctl_table * __net_init ipv6_route_sysctl_init(struct net *net)
4857 struct ctl_table *table;
4859 table = kmemdup(ipv6_route_table_template,
4860 sizeof(ipv6_route_table_template),
4861 GFP_KERNEL);
4863 if (table) {
4864 table[0].data = &net->ipv6.sysctl.flush_delay;
4865 table[0].extra1 = net;
4866 table[1].data = &net->ipv6.ip6_dst_ops.gc_thresh;
4867 table[2].data = &net->ipv6.sysctl.ip6_rt_max_size;
4868 table[3].data = &net->ipv6.sysctl.ip6_rt_gc_min_interval;
4869 table[4].data = &net->ipv6.sysctl.ip6_rt_gc_timeout;
4870 table[5].data = &net->ipv6.sysctl.ip6_rt_gc_interval;
4871 table[6].data = &net->ipv6.sysctl.ip6_rt_gc_elasticity;
4872 table[7].data = &net->ipv6.sysctl.ip6_rt_mtu_expires;
4873 table[8].data = &net->ipv6.sysctl.ip6_rt_min_advmss;
4874 table[9].data = &net->ipv6.sysctl.ip6_rt_gc_min_interval;
4876 /* Don't export sysctls to unprivileged users */
4877 if (net->user_ns != &init_user_ns)
4878 table[0].procname = NULL;
4881 return table;
4883 #endif
4885 static int __net_init ip6_route_net_init(struct net *net)
4887 int ret = -ENOMEM;
4889 memcpy(&net->ipv6.ip6_dst_ops, &ip6_dst_ops_template,
4890 sizeof(net->ipv6.ip6_dst_ops));
4892 if (dst_entries_init(&net->ipv6.ip6_dst_ops) < 0)
4893 goto out_ip6_dst_ops;
4895 net->ipv6.ip6_null_entry = kmemdup(&ip6_null_entry_template,
4896 sizeof(*net->ipv6.ip6_null_entry),
4897 GFP_KERNEL);
4898 if (!net->ipv6.ip6_null_entry)
4899 goto out_ip6_dst_entries;
4900 net->ipv6.ip6_null_entry->dst.ops = &net->ipv6.ip6_dst_ops;
4901 dst_init_metrics(&net->ipv6.ip6_null_entry->dst,
4902 ip6_template_metrics, true);
4904 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
4905 net->ipv6.fib6_has_custom_rules = false;
4906 net->ipv6.ip6_prohibit_entry = kmemdup(&ip6_prohibit_entry_template,
4907 sizeof(*net->ipv6.ip6_prohibit_entry),
4908 GFP_KERNEL);
4909 if (!net->ipv6.ip6_prohibit_entry)
4910 goto out_ip6_null_entry;
4911 net->ipv6.ip6_prohibit_entry->dst.ops = &net->ipv6.ip6_dst_ops;
4912 dst_init_metrics(&net->ipv6.ip6_prohibit_entry->dst,
4913 ip6_template_metrics, true);
4915 net->ipv6.ip6_blk_hole_entry = kmemdup(&ip6_blk_hole_entry_template,
4916 sizeof(*net->ipv6.ip6_blk_hole_entry),
4917 GFP_KERNEL);
4918 if (!net->ipv6.ip6_blk_hole_entry)
4919 goto out_ip6_prohibit_entry;
4920 net->ipv6.ip6_blk_hole_entry->dst.ops = &net->ipv6.ip6_dst_ops;
4921 dst_init_metrics(&net->ipv6.ip6_blk_hole_entry->dst,
4922 ip6_template_metrics, true);
4923 #endif
4925 net->ipv6.sysctl.flush_delay = 0;
4926 net->ipv6.sysctl.ip6_rt_max_size = 4096;
4927 net->ipv6.sysctl.ip6_rt_gc_min_interval = HZ / 2;
4928 net->ipv6.sysctl.ip6_rt_gc_timeout = 60*HZ;
4929 net->ipv6.sysctl.ip6_rt_gc_interval = 30*HZ;
4930 net->ipv6.sysctl.ip6_rt_gc_elasticity = 9;
4931 net->ipv6.sysctl.ip6_rt_mtu_expires = 10*60*HZ;
4932 net->ipv6.sysctl.ip6_rt_min_advmss = IPV6_MIN_MTU - 20 - 40;
4934 net->ipv6.ip6_rt_gc_expire = 30*HZ;
4936 ret = 0;
4937 out:
4938 return ret;
4940 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
4941 out_ip6_prohibit_entry:
4942 kfree(net->ipv6.ip6_prohibit_entry);
4943 out_ip6_null_entry:
4944 kfree(net->ipv6.ip6_null_entry);
4945 #endif
4946 out_ip6_dst_entries:
4947 dst_entries_destroy(&net->ipv6.ip6_dst_ops);
4948 out_ip6_dst_ops:
4949 goto out;
4952 static void __net_exit ip6_route_net_exit(struct net *net)
4954 kfree(net->ipv6.ip6_null_entry);
4955 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
4956 kfree(net->ipv6.ip6_prohibit_entry);
4957 kfree(net->ipv6.ip6_blk_hole_entry);
4958 #endif
4959 dst_entries_destroy(&net->ipv6.ip6_dst_ops);
4962 static int __net_init ip6_route_net_init_late(struct net *net)
4964 #ifdef CONFIG_PROC_FS
4965 proc_create("ipv6_route", 0, net->proc_net, &ipv6_route_proc_fops);
4966 proc_create("rt6_stats", S_IRUGO, net->proc_net, &rt6_stats_seq_fops);
4967 #endif
4968 return 0;
4971 static void __net_exit ip6_route_net_exit_late(struct net *net)
4973 #ifdef CONFIG_PROC_FS
4974 remove_proc_entry("ipv6_route", net->proc_net);
4975 remove_proc_entry("rt6_stats", net->proc_net);
4976 #endif
4979 static struct pernet_operations ip6_route_net_ops = {
4980 .init = ip6_route_net_init,
4981 .exit = ip6_route_net_exit,
4984 static int __net_init ipv6_inetpeer_init(struct net *net)
4986 struct inet_peer_base *bp = kmalloc(sizeof(*bp), GFP_KERNEL);
4988 if (!bp)
4989 return -ENOMEM;
4990 inet_peer_base_init(bp);
4991 net->ipv6.peers = bp;
4992 return 0;
4995 static void __net_exit ipv6_inetpeer_exit(struct net *net)
4997 struct inet_peer_base *bp = net->ipv6.peers;
4999 net->ipv6.peers = NULL;
5000 inetpeer_invalidate_tree(bp);
5001 kfree(bp);
5004 static struct pernet_operations ipv6_inetpeer_ops = {
5005 .init = ipv6_inetpeer_init,
5006 .exit = ipv6_inetpeer_exit,
5009 static struct pernet_operations ip6_route_net_late_ops = {
5010 .init = ip6_route_net_init_late,
5011 .exit = ip6_route_net_exit_late,
5014 static struct notifier_block ip6_route_dev_notifier = {
5015 .notifier_call = ip6_route_dev_notify,
5016 .priority = ADDRCONF_NOTIFY_PRIORITY - 10,
5019 void __init ip6_route_init_special_entries(void)
5021 /* Registering of the loopback is done before this portion of code,
5022 * the loopback reference in rt6_info will not be taken, do it
5023 * manually for init_net */
5024 init_net.ipv6.ip6_null_entry->dst.dev = init_net.loopback_dev;
5025 init_net.ipv6.ip6_null_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev);
5026 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
5027 init_net.ipv6.ip6_prohibit_entry->dst.dev = init_net.loopback_dev;
5028 init_net.ipv6.ip6_prohibit_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev);
5029 init_net.ipv6.ip6_blk_hole_entry->dst.dev = init_net.loopback_dev;
5030 init_net.ipv6.ip6_blk_hole_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev);
5031 #endif
5034 int __init ip6_route_init(void)
5036 int ret;
5037 int cpu;
5039 ret = -ENOMEM;
5040 ip6_dst_ops_template.kmem_cachep =
5041 kmem_cache_create("ip6_dst_cache", sizeof(struct rt6_info), 0,
5042 SLAB_HWCACHE_ALIGN, NULL);
5043 if (!ip6_dst_ops_template.kmem_cachep)
5044 goto out;
5046 ret = dst_entries_init(&ip6_dst_blackhole_ops);
5047 if (ret)
5048 goto out_kmem_cache;
5050 ret = register_pernet_subsys(&ipv6_inetpeer_ops);
5051 if (ret)
5052 goto out_dst_entries;
5054 ret = register_pernet_subsys(&ip6_route_net_ops);
5055 if (ret)
5056 goto out_register_inetpeer;
5058 ip6_dst_blackhole_ops.kmem_cachep = ip6_dst_ops_template.kmem_cachep;
5060 ret = fib6_init();
5061 if (ret)
5062 goto out_register_subsys;
5064 ret = xfrm6_init();
5065 if (ret)
5066 goto out_fib6_init;
5068 ret = fib6_rules_init();
5069 if (ret)
5070 goto xfrm6_init;
5072 ret = register_pernet_subsys(&ip6_route_net_late_ops);
5073 if (ret)
5074 goto fib6_rules_init;
5076 ret = rtnl_register_module(THIS_MODULE, PF_INET6, RTM_NEWROUTE,
5077 inet6_rtm_newroute, NULL, 0);
5078 if (ret < 0)
5079 goto out_register_late_subsys;
5081 ret = rtnl_register_module(THIS_MODULE, PF_INET6, RTM_DELROUTE,
5082 inet6_rtm_delroute, NULL, 0);
5083 if (ret < 0)
5084 goto out_register_late_subsys;
5086 ret = rtnl_register_module(THIS_MODULE, PF_INET6, RTM_GETROUTE,
5087 inet6_rtm_getroute, NULL,
5088 RTNL_FLAG_DOIT_UNLOCKED);
5089 if (ret < 0)
5090 goto out_register_late_subsys;
5092 ret = register_netdevice_notifier(&ip6_route_dev_notifier);
5093 if (ret)
5094 goto out_register_late_subsys;
5096 for_each_possible_cpu(cpu) {
5097 struct uncached_list *ul = per_cpu_ptr(&rt6_uncached_list, cpu);
5099 INIT_LIST_HEAD(&ul->head);
5100 spin_lock_init(&ul->lock);
5103 out:
5104 return ret;
5106 out_register_late_subsys:
5107 rtnl_unregister_all(PF_INET6);
5108 unregister_pernet_subsys(&ip6_route_net_late_ops);
5109 fib6_rules_init:
5110 fib6_rules_cleanup();
5111 xfrm6_init:
5112 xfrm6_fini();
5113 out_fib6_init:
5114 fib6_gc_cleanup();
5115 out_register_subsys:
5116 unregister_pernet_subsys(&ip6_route_net_ops);
5117 out_register_inetpeer:
5118 unregister_pernet_subsys(&ipv6_inetpeer_ops);
5119 out_dst_entries:
5120 dst_entries_destroy(&ip6_dst_blackhole_ops);
5121 out_kmem_cache:
5122 kmem_cache_destroy(ip6_dst_ops_template.kmem_cachep);
5123 goto out;
5126 void ip6_route_cleanup(void)
5128 unregister_netdevice_notifier(&ip6_route_dev_notifier);
5129 unregister_pernet_subsys(&ip6_route_net_late_ops);
5130 fib6_rules_cleanup();
5131 xfrm6_fini();
5132 fib6_gc_cleanup();
5133 unregister_pernet_subsys(&ipv6_inetpeer_ops);
5134 unregister_pernet_subsys(&ip6_route_net_ops);
5135 dst_entries_destroy(&ip6_dst_blackhole_ops);
5136 kmem_cache_destroy(ip6_dst_ops_template.kmem_cachep);