search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
xfs: add full xfs_dqblk verifier
[linux/fpc-iii.git] / net / ipv6 / route.c
blobf4d61736c41abe8cd7f439c4a37100e90c1eacca
1 /*
2 * Linux INET6 implementation
3 * FIB front-end.
4 *
5 * Authors:
6 * Pedro Roque <roque@di.fc.ul.pt>
7 *
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public License
10 * as published by the Free Software Foundation; either version
11 * 2 of the License, or (at your option) any later version.
12 */
13
14 /* Changes:
15 *
16 * YOSHIFUJI Hideaki @USAGI
17 * reworked default router selection.
18 * - respect outgoing interface
19 * - select from (probably) reachable routers (i.e.
20 * routers in REACHABLE, STALE, DELAY or PROBE states).
21 * - always select the same router if it is (probably)
22 * reachable. otherwise, round-robin the list.
23 * Ville Nuorvala
24 * Fixed routing subtrees.
25 */
26
27 #define pr_fmt(fmt) "IPv6: " fmt
28
29 #include <linux/capability.h>
30 #include <linux/errno.h>
31 #include <linux/export.h>
32 #include <linux/types.h>
33 #include <linux/times.h>
34 #include <linux/socket.h>
35 #include <linux/sockios.h>
36 #include <linux/net.h>
37 #include <linux/route.h>
38 #include <linux/netdevice.h>
39 #include <linux/in6.h>
40 #include <linux/mroute6.h>
41 #include <linux/init.h>
42 #include <linux/if_arp.h>
43 #include <linux/proc_fs.h>
44 #include <linux/seq_file.h>
45 #include <linux/nsproxy.h>
46 #include <linux/slab.h>
47 #include <linux/jhash.h>
48 #include <net/net_namespace.h>
49 #include <net/snmp.h>
50 #include <net/ipv6.h>
51 #include <net/ip6_fib.h>
52 #include <net/ip6_route.h>
53 #include <net/ndisc.h>
54 #include <net/addrconf.h>
55 #include <net/tcp.h>
56 #include <linux/rtnetlink.h>
57 #include <net/dst.h>
58 #include <net/dst_metadata.h>
59 #include <net/xfrm.h>
60 #include <net/netevent.h>
61 #include <net/netlink.h>
62 #include <net/nexthop.h>
63 #include <net/lwtunnel.h>
64 #include <net/ip_tunnels.h>
65 #include <net/l3mdev.h>
66 #include <trace/events/fib6.h>
67
68 #include <linux/uaccess.h>
69
70 #ifdef CONFIG_SYSCTL
71 #include <linux/sysctl.h>
72 #endif
73
74 enum rt6_nud_state {
75 RT6_NUD_FAIL_HARD = -3,
76 RT6_NUD_FAIL_PROBE = -2,
77 RT6_NUD_FAIL_DO_RR = -1,
78 RT6_NUD_SUCCEED = 1
79 };
80
81 static void ip6_rt_copy_init(struct rt6_info *rt, struct rt6_info *ort);
82 static struct dst_entry *ip6_dst_check(struct dst_entry *dst, u32 cookie);
83 static unsigned int ip6_default_advmss(const struct dst_entry *dst);
84 static unsigned int ip6_mtu(const struct dst_entry *dst);
85 static struct dst_entry *ip6_negative_advice(struct dst_entry *);
86 static void ip6_dst_destroy(struct dst_entry *);
87 static void ip6_dst_ifdown(struct dst_entry *,
88 struct net_device *dev, int how);
89 static int ip6_dst_gc(struct dst_ops *ops);
90
91 static int ip6_pkt_discard(struct sk_buff *skb);
92 static int ip6_pkt_discard_out(struct net *net, struct sock *sk, struct sk_buff *skb);
93 static int ip6_pkt_prohibit(struct sk_buff *skb);
94 static int ip6_pkt_prohibit_out(struct net *net, struct sock *sk, struct sk_buff *skb);
95 static void ip6_link_failure(struct sk_buff *skb);
96 static void ip6_rt_update_pmtu(struct dst_entry *dst, struct sock *sk,
97 struct sk_buff *skb, u32 mtu);
98 static void rt6_do_redirect(struct dst_entry *dst, struct sock *sk,
99 struct sk_buff *skb);
100 static void rt6_dst_from_metrics_check(struct rt6_info *rt);
101 static int rt6_score_route(struct rt6_info *rt, int oif, int strict);
102 static size_t rt6_nlmsg_size(struct rt6_info *rt);
103 static int rt6_fill_node(struct net *net,
104 struct sk_buff *skb, struct rt6_info *rt,
105 struct in6_addr *dst, struct in6_addr *src,
106 int iif, int type, u32 portid, u32 seq,
107 unsigned int flags);
108 static struct rt6_info *rt6_find_cached_rt(struct rt6_info *rt,
109 struct in6_addr *daddr,
110 struct in6_addr *saddr);
111
112 #ifdef CONFIG_IPV6_ROUTE_INFO
113 static struct rt6_info *rt6_add_route_info(struct net *net,
114 const struct in6_addr *prefix, int prefixlen,
115 const struct in6_addr *gwaddr,
116 struct net_device *dev,
117 unsigned int pref);
118 static struct rt6_info *rt6_get_route_info(struct net *net,
119 const struct in6_addr *prefix, int prefixlen,
120 const struct in6_addr *gwaddr,
121 struct net_device *dev);
122 #endif
123
124 struct uncached_list {
125 spinlock_t lock;
126 struct list_head head;
127 };
128
129 static DEFINE_PER_CPU_ALIGNED(struct uncached_list, rt6_uncached_list);
130
131 void rt6_uncached_list_add(struct rt6_info *rt)
132 {
133 struct uncached_list *ul = raw_cpu_ptr(&rt6_uncached_list);
134
135 rt->rt6i_uncached_list = ul;
136
137 spin_lock_bh(&ul->lock);
138 list_add_tail(&rt->rt6i_uncached, &ul->head);
139 spin_unlock_bh(&ul->lock);
140 }
141
142 void rt6_uncached_list_del(struct rt6_info *rt)
143 {
144 if (!list_empty(&rt->rt6i_uncached)) {
145 struct uncached_list *ul = rt->rt6i_uncached_list;
146 struct net *net = dev_net(rt->dst.dev);
147
148 spin_lock_bh(&ul->lock);
149 list_del(&rt->rt6i_uncached);
150 atomic_dec(&net->ipv6.rt6_stats->fib_rt_uncache);
151 spin_unlock_bh(&ul->lock);
152 }
153 }
154
155 static void rt6_uncached_list_flush_dev(struct net *net, struct net_device *dev)
156 {
157 struct net_device *loopback_dev = net->loopback_dev;
158 int cpu;
159
160 if (dev == loopback_dev)
161 return;
162
163 for_each_possible_cpu(cpu) {
164 struct uncached_list *ul = per_cpu_ptr(&rt6_uncached_list, cpu);
165 struct rt6_info *rt;
166
167 spin_lock_bh(&ul->lock);
168 list_for_each_entry(rt, &ul->head, rt6i_uncached) {
169 struct inet6_dev *rt_idev = rt->rt6i_idev;
170 struct net_device *rt_dev = rt->dst.dev;
171
172 if (rt_idev->dev == dev) {
173 rt->rt6i_idev = in6_dev_get(loopback_dev);
174 in6_dev_put(rt_idev);
175 }
176
177 if (rt_dev == dev) {
178 rt->dst.dev = loopback_dev;
179 dev_hold(rt->dst.dev);
180 dev_put(rt_dev);
181 }
182 }
183 spin_unlock_bh(&ul->lock);
184 }
185 }
186
187 static u32 *rt6_pcpu_cow_metrics(struct rt6_info *rt)
188 {
189 return dst_metrics_write_ptr(&rt->from->dst);
190 }
191
192 static u32 *ipv6_cow_metrics(struct dst_entry *dst, unsigned long old)
193 {
194 struct rt6_info *rt = (struct rt6_info *)dst;
195
196 if (rt->rt6i_flags & RTF_PCPU)
197 return rt6_pcpu_cow_metrics(rt);
198 else if (rt->rt6i_flags & RTF_CACHE)
199 return NULL;
200 else
201 return dst_cow_metrics_generic(dst, old);
202 }
203
204 static inline const void *choose_neigh_daddr(struct rt6_info *rt,
205 struct sk_buff *skb,
206 const void *daddr)
207 {
208 struct in6_addr *p = &rt->rt6i_gateway;
209
210 if (!ipv6_addr_any(p))
211 return (const void *) p;
212 else if (skb)
213 return &ipv6_hdr(skb)->daddr;
214 return daddr;
215 }
216
217 static struct neighbour *ip6_neigh_lookup(const struct dst_entry *dst,
218 struct sk_buff *skb,
219 const void *daddr)
220 {
221 struct rt6_info *rt = (struct rt6_info *) dst;
222 struct neighbour *n;
223
224 daddr = choose_neigh_daddr(rt, skb, daddr);
225 n = __ipv6_neigh_lookup(dst->dev, daddr);
226 if (n)
227 return n;
228 return neigh_create(&nd_tbl, daddr, dst->dev);
229 }
230
231 static void ip6_confirm_neigh(const struct dst_entry *dst, const void *daddr)
232 {
233 struct net_device *dev = dst->dev;
234 struct rt6_info *rt = (struct rt6_info *)dst;
235
236 daddr = choose_neigh_daddr(rt, NULL, daddr);
237 if (!daddr)
238 return;
239 if (dev->flags & (IFF_NOARP | IFF_LOOPBACK))
240 return;
241 if (ipv6_addr_is_multicast((const struct in6_addr *)daddr))
242 return;
243 __ipv6_confirm_neigh(dev, daddr);
244 }
245
246 static struct dst_ops ip6_dst_ops_template = {
247 .family = AF_INET6,
248 .gc = ip6_dst_gc,
249 .gc_thresh = 1024,
250 .check = ip6_dst_check,
251 .default_advmss = ip6_default_advmss,
252 .mtu = ip6_mtu,
253 .cow_metrics = ipv6_cow_metrics,
254 .destroy = ip6_dst_destroy,
255 .ifdown = ip6_dst_ifdown,
256 .negative_advice = ip6_negative_advice,
257 .link_failure = ip6_link_failure,
258 .update_pmtu = ip6_rt_update_pmtu,
259 .redirect = rt6_do_redirect,
260 .local_out = __ip6_local_out,
261 .neigh_lookup = ip6_neigh_lookup,
262 .confirm_neigh = ip6_confirm_neigh,
263 };
264
265 static unsigned int ip6_blackhole_mtu(const struct dst_entry *dst)
266 {
267 unsigned int mtu = dst_metric_raw(dst, RTAX_MTU);
268
269 return mtu ? : dst->dev->mtu;
270 }
271
272 static void ip6_rt_blackhole_update_pmtu(struct dst_entry *dst, struct sock *sk,
273 struct sk_buff *skb, u32 mtu)
274 {
275 }
276
277 static void ip6_rt_blackhole_redirect(struct dst_entry *dst, struct sock *sk,
278 struct sk_buff *skb)
279 {
280 }
281
282 static struct dst_ops ip6_dst_blackhole_ops = {
283 .family = AF_INET6,
284 .destroy = ip6_dst_destroy,
285 .check = ip6_dst_check,
286 .mtu = ip6_blackhole_mtu,
287 .default_advmss = ip6_default_advmss,
288 .update_pmtu = ip6_rt_blackhole_update_pmtu,
289 .redirect = ip6_rt_blackhole_redirect,
290 .cow_metrics = dst_cow_metrics_generic,
291 .neigh_lookup = ip6_neigh_lookup,
292 };
293
294 static const u32 ip6_template_metrics[RTAX_MAX] = {
295 [RTAX_HOPLIMIT - 1] = 0,
296 };
297
298 static const struct rt6_info ip6_null_entry_template = {
299 .dst = {
300 .__refcnt = ATOMIC_INIT(1),
301 .__use = 1,
302 .obsolete = DST_OBSOLETE_FORCE_CHK,
303 .error = -ENETUNREACH,
304 .input = ip6_pkt_discard,
305 .output = ip6_pkt_discard_out,
306 },
307 .rt6i_flags = (RTF_REJECT | RTF_NONEXTHOP),
308 .rt6i_protocol = RTPROT_KERNEL,
309 .rt6i_metric = ~(u32) 0,
310 .rt6i_ref = ATOMIC_INIT(1),
311 };
312
313 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
314
315 static const struct rt6_info ip6_prohibit_entry_template = {
316 .dst = {
317 .__refcnt = ATOMIC_INIT(1),
318 .__use = 1,
319 .obsolete = DST_OBSOLETE_FORCE_CHK,
320 .error = -EACCES,
321 .input = ip6_pkt_prohibit,
322 .output = ip6_pkt_prohibit_out,
323 },
324 .rt6i_flags = (RTF_REJECT | RTF_NONEXTHOP),
325 .rt6i_protocol = RTPROT_KERNEL,
326 .rt6i_metric = ~(u32) 0,
327 .rt6i_ref = ATOMIC_INIT(1),
328 };
329
330 static const struct rt6_info ip6_blk_hole_entry_template = {
331 .dst = {
332 .__refcnt = ATOMIC_INIT(1),
333 .__use = 1,
334 .obsolete = DST_OBSOLETE_FORCE_CHK,
335 .error = -EINVAL,
336 .input = dst_discard,
337 .output = dst_discard_out,
338 },
339 .rt6i_flags = (RTF_REJECT | RTF_NONEXTHOP),
340 .rt6i_protocol = RTPROT_KERNEL,
341 .rt6i_metric = ~(u32) 0,
342 .rt6i_ref = ATOMIC_INIT(1),
343 };
344
345 #endif
346
347 static void rt6_info_init(struct rt6_info *rt)
348 {
349 struct dst_entry *dst = &rt->dst;
350
351 memset(dst + 1, 0, sizeof(*rt) - sizeof(*dst));
352 INIT_LIST_HEAD(&rt->rt6i_siblings);
353 INIT_LIST_HEAD(&rt->rt6i_uncached);
354 }
355
356 /* allocate dst with ip6_dst_ops */
357 static struct rt6_info *__ip6_dst_alloc(struct net *net,
358 struct net_device *dev,
359 int flags)
360 {
361 struct rt6_info *rt = dst_alloc(&net->ipv6.ip6_dst_ops, dev,
362 1, DST_OBSOLETE_FORCE_CHK, flags);
363
364 if (rt) {
365 rt6_info_init(rt);
366 atomic_inc(&net->ipv6.rt6_stats->fib_rt_alloc);
367 }
368
369 return rt;
370 }
371
372 struct rt6_info *ip6_dst_alloc(struct net *net,
373 struct net_device *dev,
374 int flags)
375 {
376 struct rt6_info *rt = __ip6_dst_alloc(net, dev, flags);
377
378 if (rt) {
379 rt->rt6i_pcpu = alloc_percpu_gfp(struct rt6_info *, GFP_ATOMIC);
380 if (!rt->rt6i_pcpu) {
381 dst_release_immediate(&rt->dst);
382 return NULL;
383 }
384 }
385
386 return rt;
387 }
388 EXPORT_SYMBOL(ip6_dst_alloc);
389
390 static void ip6_dst_destroy(struct dst_entry *dst)
391 {
392 struct rt6_info *rt = (struct rt6_info *)dst;
393 struct rt6_exception_bucket *bucket;
394 struct rt6_info *from = rt->from;
395 struct inet6_dev *idev;
396
397 dst_destroy_metrics_generic(dst);
398 free_percpu(rt->rt6i_pcpu);
399 rt6_uncached_list_del(rt);
400
401 idev = rt->rt6i_idev;
402 if (idev) {
403 rt->rt6i_idev = NULL;
404 in6_dev_put(idev);
405 }
406 bucket = rcu_dereference_protected(rt->rt6i_exception_bucket, 1);
407 if (bucket) {
408 rt->rt6i_exception_bucket = NULL;
409 kfree(bucket);
410 }
411
412 rt->from = NULL;
413 dst_release(&from->dst);
414 }
415
416 static void ip6_dst_ifdown(struct dst_entry *dst, struct net_device *dev,
417 int how)
418 {
419 struct rt6_info *rt = (struct rt6_info *)dst;
420 struct inet6_dev *idev = rt->rt6i_idev;
421 struct net_device *loopback_dev =
422 dev_net(dev)->loopback_dev;
423
424 if (idev && idev->dev != loopback_dev) {
425 struct inet6_dev *loopback_idev = in6_dev_get(loopback_dev);
426 if (loopback_idev) {
427 rt->rt6i_idev = loopback_idev;
428 in6_dev_put(idev);
429 }
430 }
431 }
432
433 static bool __rt6_check_expired(const struct rt6_info *rt)
434 {
435 if (rt->rt6i_flags & RTF_EXPIRES)
436 return time_after(jiffies, rt->dst.expires);
437 else
438 return false;
439 }
440
441 static bool rt6_check_expired(const struct rt6_info *rt)
442 {
443 if (rt->rt6i_flags & RTF_EXPIRES) {
444 if (time_after(jiffies, rt->dst.expires))
445 return true;
446 } else if (rt->from) {
447 return rt->dst.obsolete != DST_OBSOLETE_FORCE_CHK ||
448 rt6_check_expired(rt->from);
449 }
450 return false;
451 }
452
453 static struct rt6_info *rt6_multipath_select(const struct net *net,
454 struct rt6_info *match,
455 struct flowi6 *fl6, int oif,
456 const struct sk_buff *skb,
457 int strict)
458 {
459 struct rt6_info *sibling, *next_sibling;
460
461 /* We might have already computed the hash for ICMPv6 errors. In such
462 * case it will always be non-zero. Otherwise now is the time to do it.
463 */
464 if (!fl6->mp_hash)
465 fl6->mp_hash = rt6_multipath_hash(net, fl6, skb, NULL);
466
467 if (fl6->mp_hash <= atomic_read(&match->rt6i_nh_upper_bound))
468 return match;
469
470 list_for_each_entry_safe(sibling, next_sibling, &match->rt6i_siblings,
471 rt6i_siblings) {
472 if (fl6->mp_hash > atomic_read(&sibling->rt6i_nh_upper_bound))
473 continue;
474 if (rt6_score_route(sibling, oif, strict) < 0)
475 break;
476 match = sibling;
477 break;
478 }
479
480 return match;
481 }
482
483 /*
484 * Route lookup. rcu_read_lock() should be held.
485 */
486
487 static inline struct rt6_info *rt6_device_match(struct net *net,
488 struct rt6_info *rt,
489 const struct in6_addr *saddr,
490 int oif,
491 int flags)
492 {
493 struct rt6_info *local = NULL;
494 struct rt6_info *sprt;
495
496 if (!oif && ipv6_addr_any(saddr) && !(rt->rt6i_nh_flags & RTNH_F_DEAD))
497 return rt;
498
499 for (sprt = rt; sprt; sprt = rcu_dereference(sprt->rt6_next)) {
500 struct net_device *dev = sprt->dst.dev;
501
502 if (sprt->rt6i_nh_flags & RTNH_F_DEAD)
503 continue;
504
505 if (oif) {
506 if (dev->ifindex == oif)
507 return sprt;
508 if (dev->flags & IFF_LOOPBACK) {
509 if (!sprt->rt6i_idev ||
510 sprt->rt6i_idev->dev->ifindex != oif) {
511 if (flags & RT6_LOOKUP_F_IFACE)
512 continue;
513 if (local &&
514 local->rt6i_idev->dev->ifindex == oif)
515 continue;
516 }
517 local = sprt;
518 }
519 } else {
520 if (ipv6_chk_addr(net, saddr, dev,
521 flags & RT6_LOOKUP_F_IFACE))
522 return sprt;
523 }
524 }
525
526 if (oif) {
527 if (local)
528 return local;
529
530 if (flags & RT6_LOOKUP_F_IFACE)
531 return net->ipv6.ip6_null_entry;
532 }
533
534 return rt->rt6i_nh_flags & RTNH_F_DEAD ? net->ipv6.ip6_null_entry : rt;
535 }
536
537 #ifdef CONFIG_IPV6_ROUTER_PREF
538 struct __rt6_probe_work {
539 struct work_struct work;
540 struct in6_addr target;
541 struct net_device *dev;
542 };
543
544 static void rt6_probe_deferred(struct work_struct *w)
545 {
546 struct in6_addr mcaddr;
547 struct __rt6_probe_work *work =
548 container_of(w, struct __rt6_probe_work, work);
549
550 addrconf_addr_solict_mult(&work->target, &mcaddr);
551 ndisc_send_ns(work->dev, &work->target, &mcaddr, NULL, 0);
552 dev_put(work->dev);
553 kfree(work);
554 }
555
556 static void rt6_probe(struct rt6_info *rt)
557 {
558 struct __rt6_probe_work *work;
559 struct neighbour *neigh;
560 /*
561 * Okay, this does not seem to be appropriate
562 * for now, however, we need to check if it
563 * is really so; aka Router Reachability Probing.
564 *
565 * Router Reachability Probe MUST be rate-limited
566 * to no more than one per minute.
567 */
568 if (!rt || !(rt->rt6i_flags & RTF_GATEWAY))
569 return;
570 rcu_read_lock_bh();
571 neigh = __ipv6_neigh_lookup_noref(rt->dst.dev, &rt->rt6i_gateway);
572 if (neigh) {
573 if (neigh->nud_state & NUD_VALID)
574 goto out;
575
576 work = NULL;
577 write_lock(&neigh->lock);
578 if (!(neigh->nud_state & NUD_VALID) &&
579 time_after(jiffies,
580 neigh->updated +
581 rt->rt6i_idev->cnf.rtr_probe_interval)) {
582 work = kmalloc(sizeof(*work), GFP_ATOMIC);
583 if (work)
584 __neigh_set_probe_once(neigh);
585 }
586 write_unlock(&neigh->lock);
587 } else {
588 work = kmalloc(sizeof(*work), GFP_ATOMIC);
589 }
590
591 if (work) {
592 INIT_WORK(&work->work, rt6_probe_deferred);
593 work->target = rt->rt6i_gateway;
594 dev_hold(rt->dst.dev);
595 work->dev = rt->dst.dev;
596 schedule_work(&work->work);
597 }
598
599 out:
600 rcu_read_unlock_bh();
601 }
602 #else
603 static inline void rt6_probe(struct rt6_info *rt)
604 {
605 }
606 #endif
607
608 /*
609 * Default Router Selection (RFC 2461 6.3.6)
610 */
611 static inline int rt6_check_dev(struct rt6_info *rt, int oif)
612 {
613 struct net_device *dev = rt->dst.dev;
614 if (!oif || dev->ifindex == oif)
615 return 2;
616 if ((dev->flags & IFF_LOOPBACK) &&
617 rt->rt6i_idev && rt->rt6i_idev->dev->ifindex == oif)
618 return 1;
619 return 0;
620 }
621
622 static inline enum rt6_nud_state rt6_check_neigh(struct rt6_info *rt)
623 {
624 struct neighbour *neigh;
625 enum rt6_nud_state ret = RT6_NUD_FAIL_HARD;
626
627 if (rt->rt6i_flags & RTF_NONEXTHOP ||
628 !(rt->rt6i_flags & RTF_GATEWAY))
629 return RT6_NUD_SUCCEED;
630
631 rcu_read_lock_bh();
632 neigh = __ipv6_neigh_lookup_noref(rt->dst.dev, &rt->rt6i_gateway);
633 if (neigh) {
634 read_lock(&neigh->lock);
635 if (neigh->nud_state & NUD_VALID)
636 ret = RT6_NUD_SUCCEED;
637 #ifdef CONFIG_IPV6_ROUTER_PREF
638 else if (!(neigh->nud_state & NUD_FAILED))
639 ret = RT6_NUD_SUCCEED;
640 else
641 ret = RT6_NUD_FAIL_PROBE;
642 #endif
643 read_unlock(&neigh->lock);
644 } else {
645 ret = IS_ENABLED(CONFIG_IPV6_ROUTER_PREF) ?
646 RT6_NUD_SUCCEED : RT6_NUD_FAIL_DO_RR;
647 }
648 rcu_read_unlock_bh();
649
650 return ret;
651 }
652
653 static int rt6_score_route(struct rt6_info *rt, int oif,
654 int strict)
655 {
656 int m;
657
658 m = rt6_check_dev(rt, oif);
659 if (!m && (strict & RT6_LOOKUP_F_IFACE))
660 return RT6_NUD_FAIL_HARD;
661 #ifdef CONFIG_IPV6_ROUTER_PREF
662 m |= IPV6_DECODE_PREF(IPV6_EXTRACT_PREF(rt->rt6i_flags)) << 2;
663 #endif
664 if (strict & RT6_LOOKUP_F_REACHABLE) {
665 int n = rt6_check_neigh(rt);
666 if (n < 0)
667 return n;
668 }
669 return m;
670 }
671
672 static struct rt6_info *find_match(struct rt6_info *rt, int oif, int strict,
673 int *mpri, struct rt6_info *match,
674 bool *do_rr)
675 {
676 int m;
677 bool match_do_rr = false;
678 struct inet6_dev *idev = rt->rt6i_idev;
679
680 if (rt->rt6i_nh_flags & RTNH_F_DEAD)
681 goto out;
682
683 if (idev->cnf.ignore_routes_with_linkdown &&
684 rt->rt6i_nh_flags & RTNH_F_LINKDOWN &&
685 !(strict & RT6_LOOKUP_F_IGNORE_LINKSTATE))
686 goto out;
687
688 if (rt6_check_expired(rt))
689 goto out;
690
691 m = rt6_score_route(rt, oif, strict);
692 if (m == RT6_NUD_FAIL_DO_RR) {
693 match_do_rr = true;
694 m = 0; /* lowest valid score */
695 } else if (m == RT6_NUD_FAIL_HARD) {
696 goto out;
697 }
698
699 if (strict & RT6_LOOKUP_F_REACHABLE)
700 rt6_probe(rt);
701
702 /* note that m can be RT6_NUD_FAIL_PROBE at this point */
703 if (m > *mpri) {
704 *do_rr = match_do_rr;
705 *mpri = m;
706 match = rt;
707 }
708 out:
709 return match;
710 }
711
712 static struct rt6_info *find_rr_leaf(struct fib6_node *fn,
713 struct rt6_info *leaf,
714 struct rt6_info *rr_head,
715 u32 metric, int oif, int strict,
716 bool *do_rr)
717 {
718 struct rt6_info *rt, *match, *cont;
719 int mpri = -1;
720
721 match = NULL;
722 cont = NULL;
723 for (rt = rr_head; rt; rt = rcu_dereference(rt->rt6_next)) {
724 if (rt->rt6i_metric != metric) {
725 cont = rt;
726 break;
727 }
728
729 match = find_match(rt, oif, strict, &mpri, match, do_rr);
730 }
731
732 for (rt = leaf; rt && rt != rr_head;
733 rt = rcu_dereference(rt->rt6_next)) {
734 if (rt->rt6i_metric != metric) {
735 cont = rt;
736 break;
737 }
738
739 match = find_match(rt, oif, strict, &mpri, match, do_rr);
740 }
741
742 if (match || !cont)
743 return match;
744
745 for (rt = cont; rt; rt = rcu_dereference(rt->rt6_next))
746 match = find_match(rt, oif, strict, &mpri, match, do_rr);
747
748 return match;
749 }
750
751 static struct rt6_info *rt6_select(struct net *net, struct fib6_node *fn,
752 int oif, int strict)
753 {
754 struct rt6_info *leaf = rcu_dereference(fn->leaf);
755 struct rt6_info *match, *rt0;
756 bool do_rr = false;
757 int key_plen;
758
759 if (!leaf || leaf == net->ipv6.ip6_null_entry)
760 return net->ipv6.ip6_null_entry;
761
762 rt0 = rcu_dereference(fn->rr_ptr);
763 if (!rt0)
764 rt0 = leaf;
765
766 /* Double check to make sure fn is not an intermediate node
767 * and fn->leaf does not points to its child's leaf
768 * (This might happen if all routes under fn are deleted from
769 * the tree and fib6_repair_tree() is called on the node.)
770 */
771 key_plen = rt0->rt6i_dst.plen;
772 #ifdef CONFIG_IPV6_SUBTREES
773 if (rt0->rt6i_src.plen)
774 key_plen = rt0->rt6i_src.plen;
775 #endif
776 if (fn->fn_bit != key_plen)
777 return net->ipv6.ip6_null_entry;
778
779 match = find_rr_leaf(fn, leaf, rt0, rt0->rt6i_metric, oif, strict,
780 &do_rr);
781
782 if (do_rr) {
783 struct rt6_info *next = rcu_dereference(rt0->rt6_next);
784
785 /* no entries matched; do round-robin */
786 if (!next || next->rt6i_metric != rt0->rt6i_metric)
787 next = leaf;
788
789 if (next != rt0) {
790 spin_lock_bh(&leaf->rt6i_table->tb6_lock);
791 /* make sure next is not being deleted from the tree */
792 if (next->rt6i_node)
793 rcu_assign_pointer(fn->rr_ptr, next);
794 spin_unlock_bh(&leaf->rt6i_table->tb6_lock);
795 }
796 }
797
798 return match ? match : net->ipv6.ip6_null_entry;
799 }
800
801 static bool rt6_is_gw_or_nonexthop(const struct rt6_info *rt)
802 {
803 return (rt->rt6i_flags & (RTF_NONEXTHOP | RTF_GATEWAY));
804 }
805
806 #ifdef CONFIG_IPV6_ROUTE_INFO
807 int rt6_route_rcv(struct net_device *dev, u8 *opt, int len,
808 const struct in6_addr *gwaddr)
809 {
810 struct net *net = dev_net(dev);
811 struct route_info *rinfo = (struct route_info *) opt;
812 struct in6_addr prefix_buf, *prefix;
813 unsigned int pref;
814 unsigned long lifetime;
815 struct rt6_info *rt;
816
817 if (len < sizeof(struct route_info)) {
818 return -EINVAL;
819 }
820
821 /* Sanity check for prefix_len and length */
822 if (rinfo->length > 3) {
823 return -EINVAL;
824 } else if (rinfo->prefix_len > 128) {
825 return -EINVAL;
826 } else if (rinfo->prefix_len > 64) {
827 if (rinfo->length < 2) {
828 return -EINVAL;
829 }
830 } else if (rinfo->prefix_len > 0) {
831 if (rinfo->length < 1) {
832 return -EINVAL;
833 }
834 }
835
836 pref = rinfo->route_pref;
837 if (pref == ICMPV6_ROUTER_PREF_INVALID)
838 return -EINVAL;
839
840 lifetime = addrconf_timeout_fixup(ntohl(rinfo->lifetime), HZ);
841
842 if (rinfo->length == 3)
843 prefix = (struct in6_addr *)rinfo->prefix;
844 else {
845 /* this function is safe */
846 ipv6_addr_prefix(&prefix_buf,
847 (struct in6_addr *)rinfo->prefix,
848 rinfo->prefix_len);
849 prefix = &prefix_buf;
850 }
851
852 if (rinfo->prefix_len == 0)
853 rt = rt6_get_dflt_router(gwaddr, dev);
854 else
855 rt = rt6_get_route_info(net, prefix, rinfo->prefix_len,
856 gwaddr, dev);
857
858 if (rt && !lifetime) {
859 ip6_del_rt(rt);
860 rt = NULL;
861 }
862
863 if (!rt && lifetime)
864 rt = rt6_add_route_info(net, prefix, rinfo->prefix_len, gwaddr,
865 dev, pref);
866 else if (rt)
867 rt->rt6i_flags = RTF_ROUTEINFO |
868 (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
869
870 if (rt) {
871 if (!addrconf_finite_timeout(lifetime))
872 rt6_clean_expires(rt);
873 else
874 rt6_set_expires(rt, jiffies + HZ * lifetime);
875
876 ip6_rt_put(rt);
877 }
878 return 0;
879 }
880 #endif
881
882 static struct fib6_node* fib6_backtrack(struct fib6_node *fn,
883 struct in6_addr *saddr)
884 {
885 struct fib6_node *pn, *sn;
886 while (1) {
887 if (fn->fn_flags & RTN_TL_ROOT)
888 return NULL;
889 pn = rcu_dereference(fn->parent);
890 sn = FIB6_SUBTREE(pn);
891 if (sn && sn != fn)
892 fn = fib6_lookup(sn, NULL, saddr);
893 else
894 fn = pn;
895 if (fn->fn_flags & RTN_RTINFO)
896 return fn;
897 }
898 }
899
900 static bool ip6_hold_safe(struct net *net, struct rt6_info **prt,
901 bool null_fallback)
902 {
903 struct rt6_info *rt = *prt;
904
905 if (dst_hold_safe(&rt->dst))
906 return true;
907 if (null_fallback) {
908 rt = net->ipv6.ip6_null_entry;
909 dst_hold(&rt->dst);
910 } else {
911 rt = NULL;
912 }
913 *prt = rt;
914 return false;
915 }
916
917 static struct rt6_info *ip6_pol_route_lookup(struct net *net,
918 struct fib6_table *table,
919 struct flowi6 *fl6,
920 const struct sk_buff *skb,
921 int flags)
922 {
923 struct rt6_info *rt, *rt_cache;
924 struct fib6_node *fn;
925
926 if (fl6->flowi6_flags & FLOWI_FLAG_SKIP_NH_OIF)
927 flags &= ~RT6_LOOKUP_F_IFACE;
928
929 rcu_read_lock();
930 fn = fib6_lookup(&table->tb6_root, &fl6->daddr, &fl6->saddr);
931 restart:
932 rt = rcu_dereference(fn->leaf);
933 if (!rt) {
934 rt = net->ipv6.ip6_null_entry;
935 } else {
936 rt = rt6_device_match(net, rt, &fl6->saddr,
937 fl6->flowi6_oif, flags);
938 if (rt->rt6i_nsiblings && fl6->flowi6_oif == 0)
939 rt = rt6_multipath_select(net, rt, fl6, fl6->flowi6_oif,
940 skb, flags);
941 }
942 if (rt == net->ipv6.ip6_null_entry) {
943 fn = fib6_backtrack(fn, &fl6->saddr);
944 if (fn)
945 goto restart;
946 }
947 /* Search through exception table */
948 rt_cache = rt6_find_cached_rt(rt, &fl6->daddr, &fl6->saddr);
949 if (rt_cache)
950 rt = rt_cache;
951
952 if (ip6_hold_safe(net, &rt, true))
953 dst_use_noref(&rt->dst, jiffies);
954
955 rcu_read_unlock();
956
957 trace_fib6_table_lookup(net, rt, table, fl6);
958
959 return rt;
960
961 }
962
963 struct dst_entry *ip6_route_lookup(struct net *net, struct flowi6 *fl6,
964 const struct sk_buff *skb, int flags)
965 {
966 return fib6_rule_lookup(net, fl6, skb, flags, ip6_pol_route_lookup);
967 }
968 EXPORT_SYMBOL_GPL(ip6_route_lookup);
969
970 struct rt6_info *rt6_lookup(struct net *net, const struct in6_addr *daddr,
971 const struct in6_addr *saddr, int oif,
972 const struct sk_buff *skb, int strict)
973 {
974 struct flowi6 fl6 = {
975 .flowi6_oif = oif,
976 .daddr = *daddr,
977 };
978 struct dst_entry *dst;
979 int flags = strict ? RT6_LOOKUP_F_IFACE : 0;
980
981 if (saddr) {
982 memcpy(&fl6.saddr, saddr, sizeof(*saddr));
983 flags |= RT6_LOOKUP_F_HAS_SADDR;
984 }
985
986 dst = fib6_rule_lookup(net, &fl6, skb, flags, ip6_pol_route_lookup);
987 if (dst->error == 0)
988 return (struct rt6_info *) dst;
989
990 dst_release(dst);
991
992 return NULL;
993 }
994 EXPORT_SYMBOL(rt6_lookup);
995
996 /* ip6_ins_rt is called with FREE table->tb6_lock.
997 * It takes new route entry, the addition fails by any reason the
998 * route is released.
999 * Caller must hold dst before calling it.
1000 */
1001
1002 static int __ip6_ins_rt(struct rt6_info *rt, struct nl_info *info,
1003 struct mx6_config *mxc,
1004 struct netlink_ext_ack *extack)
1005 {
1006 int err;
1007 struct fib6_table *table;
1008
1009 table = rt->rt6i_table;
1010 spin_lock_bh(&table->tb6_lock);
1011 err = fib6_add(&table->tb6_root, rt, info, mxc, extack);
1012 spin_unlock_bh(&table->tb6_lock);
1013
1014 return err;
1015 }
1016
1017 int ip6_ins_rt(struct rt6_info *rt)
1018 {
1019 struct nl_info info = { .nl_net = dev_net(rt->dst.dev), };
1020 struct mx6_config mxc = { .mx = NULL, };
1021
1022 /* Hold dst to account for the reference from the fib6 tree */
1023 dst_hold(&rt->dst);
1024 return __ip6_ins_rt(rt, &info, &mxc, NULL);
1025 }
1026
1027 /* called with rcu_lock held */
1028 static struct net_device *ip6_rt_get_dev_rcu(struct rt6_info *rt)
1029 {
1030 struct net_device *dev = rt->dst.dev;
1031
1032 if (rt->rt6i_flags & (RTF_LOCAL | RTF_ANYCAST)) {
1033 /* for copies of local routes, dst->dev needs to be the
1034 * device if it is a master device, the master device if
1035 * device is enslaved, and the loopback as the default
1036 */
1037 if (netif_is_l3_slave(dev) &&
1038 !rt6_need_strict(&rt->rt6i_dst.addr))
1039 dev = l3mdev_master_dev_rcu(dev);
1040 else if (!netif_is_l3_master(dev))
1041 dev = dev_net(dev)->loopback_dev;
1042 /* last case is netif_is_l3_master(dev) is true in which
1043 * case we want dev returned to be dev
1044 */
1045 }
1046
1047 return dev;
1048 }
1049
1050 static struct rt6_info *ip6_rt_cache_alloc(struct rt6_info *ort,
1051 const struct in6_addr *daddr,
1052 const struct in6_addr *saddr)
1053 {
1054 struct net_device *dev;
1055 struct rt6_info *rt;
1056
1057 /*
1058 * Clone the route.
1059 */
1060
1061 if (ort->rt6i_flags & (RTF_CACHE | RTF_PCPU))
1062 ort = ort->from;
1063
1064 rcu_read_lock();
1065 dev = ip6_rt_get_dev_rcu(ort);
1066 rt = __ip6_dst_alloc(dev_net(dev), dev, 0);
1067 rcu_read_unlock();
1068 if (!rt)
1069 return NULL;
1070
1071 ip6_rt_copy_init(rt, ort);
1072 rt->rt6i_flags |= RTF_CACHE;
1073 rt->rt6i_metric = 0;
1074 rt->dst.flags |= DST_HOST;
1075 rt->rt6i_dst.addr = *daddr;
1076 rt->rt6i_dst.plen = 128;
1077
1078 if (!rt6_is_gw_or_nonexthop(ort)) {
1079 if (ort->rt6i_dst.plen != 128 &&
1080 ipv6_addr_equal(&ort->rt6i_dst.addr, daddr))
1081 rt->rt6i_flags |= RTF_ANYCAST;
1082 #ifdef CONFIG_IPV6_SUBTREES
1083 if (rt->rt6i_src.plen && saddr) {
1084 rt->rt6i_src.addr = *saddr;
1085 rt->rt6i_src.plen = 128;
1086 }
1087 #endif
1088 }
1089
1090 return rt;
1091 }
1092
1093 static struct rt6_info *ip6_rt_pcpu_alloc(struct rt6_info *rt)
1094 {
1095 struct net_device *dev;
1096 struct rt6_info *pcpu_rt;
1097
1098 rcu_read_lock();
1099 dev = ip6_rt_get_dev_rcu(rt);
1100 pcpu_rt = __ip6_dst_alloc(dev_net(dev), dev, rt->dst.flags);
1101 rcu_read_unlock();
1102 if (!pcpu_rt)
1103 return NULL;
1104 ip6_rt_copy_init(pcpu_rt, rt);
1105 pcpu_rt->rt6i_protocol = rt->rt6i_protocol;
1106 pcpu_rt->rt6i_flags |= RTF_PCPU;
1107 return pcpu_rt;
1108 }
1109
1110 /* It should be called with rcu_read_lock() acquired */
1111 static struct rt6_info *rt6_get_pcpu_route(struct rt6_info *rt)
1112 {
1113 struct rt6_info *pcpu_rt, **p;
1114
1115 p = this_cpu_ptr(rt->rt6i_pcpu);
1116 pcpu_rt = *p;
1117
1118 if (pcpu_rt && ip6_hold_safe(NULL, &pcpu_rt, false))
1119 rt6_dst_from_metrics_check(pcpu_rt);
1120
1121 return pcpu_rt;
1122 }
1123
1124 static struct rt6_info *rt6_make_pcpu_route(struct rt6_info *rt)
1125 {
1126 struct rt6_info *pcpu_rt, *prev, **p;
1127
1128 pcpu_rt = ip6_rt_pcpu_alloc(rt);
1129 if (!pcpu_rt) {
1130 struct net *net = dev_net(rt->dst.dev);
1131
1132 dst_hold(&net->ipv6.ip6_null_entry->dst);
1133 return net->ipv6.ip6_null_entry;
1134 }
1135
1136 dst_hold(&pcpu_rt->dst);
1137 p = this_cpu_ptr(rt->rt6i_pcpu);
1138 prev = cmpxchg(p, NULL, pcpu_rt);
1139 BUG_ON(prev);
1140
1141 rt6_dst_from_metrics_check(pcpu_rt);
1142 return pcpu_rt;
1143 }
1144
1145 /* exception hash table implementation
1146 */
1147 static DEFINE_SPINLOCK(rt6_exception_lock);
1148
1149 /* Remove rt6_ex from hash table and free the memory
1150 * Caller must hold rt6_exception_lock
1151 */
1152 static void rt6_remove_exception(struct rt6_exception_bucket *bucket,
1153 struct rt6_exception *rt6_ex)
1154 {
1155 struct net *net;
1156
1157 if (!bucket || !rt6_ex)
1158 return;
1159
1160 net = dev_net(rt6_ex->rt6i->dst.dev);
1161 rt6_ex->rt6i->rt6i_node = NULL;
1162 hlist_del_rcu(&rt6_ex->hlist);
1163 rt6_release(rt6_ex->rt6i);
1164 kfree_rcu(rt6_ex, rcu);
1165 WARN_ON_ONCE(!bucket->depth);
1166 bucket->depth--;
1167 net->ipv6.rt6_stats->fib_rt_cache--;
1168 }
1169
1170 /* Remove oldest rt6_ex in bucket and free the memory
1171 * Caller must hold rt6_exception_lock
1172 */
1173 static void rt6_exception_remove_oldest(struct rt6_exception_bucket *bucket)
1174 {
1175 struct rt6_exception *rt6_ex, *oldest = NULL;
1176
1177 if (!bucket)
1178 return;
1179
1180 hlist_for_each_entry(rt6_ex, &bucket->chain, hlist) {
1181 if (!oldest || time_before(rt6_ex->stamp, oldest->stamp))
1182 oldest = rt6_ex;
1183 }
1184 rt6_remove_exception(bucket, oldest);
1185 }
1186
1187 static u32 rt6_exception_hash(const struct in6_addr *dst,
1188 const struct in6_addr *src)
1189 {
1190 static u32 seed __read_mostly;
1191 u32 val;
1192
1193 net_get_random_once(&seed, sizeof(seed));
1194 val = jhash(dst, sizeof(*dst), seed);
1195
1196 #ifdef CONFIG_IPV6_SUBTREES
1197 if (src)
1198 val = jhash(src, sizeof(*src), val);
1199 #endif
1200 return hash_32(val, FIB6_EXCEPTION_BUCKET_SIZE_SHIFT);
1201 }
1202
1203 /* Helper function to find the cached rt in the hash table
1204 * and update bucket pointer to point to the bucket for this
1205 * (daddr, saddr) pair
1206 * Caller must hold rt6_exception_lock
1207 */
1208 static struct rt6_exception *
1209 __rt6_find_exception_spinlock(struct rt6_exception_bucket **bucket,
1210 const struct in6_addr *daddr,
1211 const struct in6_addr *saddr)
1212 {
1213 struct rt6_exception *rt6_ex;
1214 u32 hval;
1215
1216 if (!(*bucket) || !daddr)
1217 return NULL;
1218
1219 hval = rt6_exception_hash(daddr, saddr);
1220 *bucket += hval;
1221
1222 hlist_for_each_entry(rt6_ex, &(*bucket)->chain, hlist) {
1223 struct rt6_info *rt6 = rt6_ex->rt6i;
1224 bool matched = ipv6_addr_equal(daddr, &rt6->rt6i_dst.addr);
1225
1226 #ifdef CONFIG_IPV6_SUBTREES
1227 if (matched && saddr)
1228 matched = ipv6_addr_equal(saddr, &rt6->rt6i_src.addr);
1229 #endif
1230 if (matched)
1231 return rt6_ex;
1232 }
1233 return NULL;
1234 }
1235
1236 /* Helper function to find the cached rt in the hash table
1237 * and update bucket pointer to point to the bucket for this
1238 * (daddr, saddr) pair
1239 * Caller must hold rcu_read_lock()
1240 */
1241 static struct rt6_exception *
1242 __rt6_find_exception_rcu(struct rt6_exception_bucket **bucket,
1243 const struct in6_addr *daddr,
1244 const struct in6_addr *saddr)
1245 {
1246 struct rt6_exception *rt6_ex;
1247 u32 hval;
1248
1249 WARN_ON_ONCE(!rcu_read_lock_held());
1250
1251 if (!(*bucket) || !daddr)
1252 return NULL;
1253
1254 hval = rt6_exception_hash(daddr, saddr);
1255 *bucket += hval;
1256
1257 hlist_for_each_entry_rcu(rt6_ex, &(*bucket)->chain, hlist) {
1258 struct rt6_info *rt6 = rt6_ex->rt6i;
1259 bool matched = ipv6_addr_equal(daddr, &rt6->rt6i_dst.addr);
1260
1261 #ifdef CONFIG_IPV6_SUBTREES
1262 if (matched && saddr)
1263 matched = ipv6_addr_equal(saddr, &rt6->rt6i_src.addr);
1264 #endif
1265 if (matched)
1266 return rt6_ex;
1267 }
1268 return NULL;
1269 }
1270
1271 static int rt6_insert_exception(struct rt6_info *nrt,
1272 struct rt6_info *ort)
1273 {
1274 struct net *net = dev_net(ort->dst.dev);
1275 struct rt6_exception_bucket *bucket;
1276 struct in6_addr *src_key = NULL;
1277 struct rt6_exception *rt6_ex;
1278 int err = 0;
1279
1280 /* ort can't be a cache or pcpu route */
1281 if (ort->rt6i_flags & (RTF_CACHE | RTF_PCPU))
1282 ort = ort->from;
1283 WARN_ON_ONCE(ort->rt6i_flags & (RTF_CACHE | RTF_PCPU));
1284
1285 spin_lock_bh(&rt6_exception_lock);
1286
1287 if (ort->exception_bucket_flushed) {
1288 err = -EINVAL;
1289 goto out;
1290 }
1291
1292 bucket = rcu_dereference_protected(ort->rt6i_exception_bucket,
1293 lockdep_is_held(&rt6_exception_lock));
1294 if (!bucket) {
1295 bucket = kcalloc(FIB6_EXCEPTION_BUCKET_SIZE, sizeof(*bucket),
1296 GFP_ATOMIC);
1297 if (!bucket) {
1298 err = -ENOMEM;
1299 goto out;
1300 }
1301 rcu_assign_pointer(ort->rt6i_exception_bucket, bucket);
1302 }
1303
1304 #ifdef CONFIG_IPV6_SUBTREES
1305 /* rt6i_src.plen != 0 indicates ort is in subtree
1306 * and exception table is indexed by a hash of
1307 * both rt6i_dst and rt6i_src.
1308 * Otherwise, the exception table is indexed by
1309 * a hash of only rt6i_dst.
1310 */
1311 if (ort->rt6i_src.plen)
1312 src_key = &nrt->rt6i_src.addr;
1313 #endif
1314
1315 /* Update rt6i_prefsrc as it could be changed
1316 * in rt6_remove_prefsrc()
1317 */
1318 nrt->rt6i_prefsrc = ort->rt6i_prefsrc;
1319 /* rt6_mtu_change() might lower mtu on ort.
1320 * Only insert this exception route if its mtu
1321 * is less than ort's mtu value.
1322 */
1323 if (nrt->rt6i_pmtu >= dst_mtu(&ort->dst)) {
1324 err = -EINVAL;
1325 goto out;
1326 }
1327
1328 rt6_ex = __rt6_find_exception_spinlock(&bucket, &nrt->rt6i_dst.addr,
1329 src_key);
1330 if (rt6_ex)
1331 rt6_remove_exception(bucket, rt6_ex);
1332
1333 rt6_ex = kzalloc(sizeof(*rt6_ex), GFP_ATOMIC);
1334 if (!rt6_ex) {
1335 err = -ENOMEM;
1336 goto out;
1337 }
1338 rt6_ex->rt6i = nrt;
1339 rt6_ex->stamp = jiffies;
1340 atomic_inc(&nrt->rt6i_ref);
1341 nrt->rt6i_node = ort->rt6i_node;
1342 hlist_add_head_rcu(&rt6_ex->hlist, &bucket->chain);
1343 bucket->depth++;
1344 net->ipv6.rt6_stats->fib_rt_cache++;
1345
1346 if (bucket->depth > FIB6_MAX_DEPTH)
1347 rt6_exception_remove_oldest(bucket);
1348
1349 out:
1350 spin_unlock_bh(&rt6_exception_lock);
1351
1352 /* Update fn->fn_sernum to invalidate all cached dst */
1353 if (!err) {
1354 spin_lock_bh(&ort->rt6i_table->tb6_lock);
1355 fib6_update_sernum(ort);
1356 spin_unlock_bh(&ort->rt6i_table->tb6_lock);
1357 fib6_force_start_gc(net);
1358 }
1359
1360 return err;
1361 }
1362
1363 void rt6_flush_exceptions(struct rt6_info *rt)
1364 {
1365 struct rt6_exception_bucket *bucket;
1366 struct rt6_exception *rt6_ex;
1367 struct hlist_node *tmp;
1368 int i;
1369
1370 spin_lock_bh(&rt6_exception_lock);
1371 /* Prevent rt6_insert_exception() to recreate the bucket list */
1372 rt->exception_bucket_flushed = 1;
1373
1374 bucket = rcu_dereference_protected(rt->rt6i_exception_bucket,
1375 lockdep_is_held(&rt6_exception_lock));
1376 if (!bucket)
1377 goto out;
1378
1379 for (i = 0; i < FIB6_EXCEPTION_BUCKET_SIZE; i++) {
1380 hlist_for_each_entry_safe(rt6_ex, tmp, &bucket->chain, hlist)
1381 rt6_remove_exception(bucket, rt6_ex);
1382 WARN_ON_ONCE(bucket->depth);
1383 bucket++;
1384 }
1385
1386 out:
1387 spin_unlock_bh(&rt6_exception_lock);
1388 }
1389
1390 /* Find cached rt in the hash table inside passed in rt
1391 * Caller has to hold rcu_read_lock()
1392 */
1393 static struct rt6_info *rt6_find_cached_rt(struct rt6_info *rt,
1394 struct in6_addr *daddr,
1395 struct in6_addr *saddr)
1396 {
1397 struct rt6_exception_bucket *bucket;
1398 struct in6_addr *src_key = NULL;
1399 struct rt6_exception *rt6_ex;
1400 struct rt6_info *res = NULL;
1401
1402 bucket = rcu_dereference(rt->rt6i_exception_bucket);
1403
1404 #ifdef CONFIG_IPV6_SUBTREES
1405 /* rt6i_src.plen != 0 indicates rt is in subtree
1406 * and exception table is indexed by a hash of
1407 * both rt6i_dst and rt6i_src.
1408 * Otherwise, the exception table is indexed by
1409 * a hash of only rt6i_dst.
1410 */
1411 if (rt->rt6i_src.plen)
1412 src_key = saddr;
1413 #endif
1414 rt6_ex = __rt6_find_exception_rcu(&bucket, daddr, src_key);
1415
1416 if (rt6_ex && !rt6_check_expired(rt6_ex->rt6i))
1417 res = rt6_ex->rt6i;
1418
1419 return res;
1420 }
1421
1422 /* Remove the passed in cached rt from the hash table that contains it */
1423 int rt6_remove_exception_rt(struct rt6_info *rt)
1424 {
1425 struct rt6_exception_bucket *bucket;
1426 struct rt6_info *from = rt->from;
1427 struct in6_addr *src_key = NULL;
1428 struct rt6_exception *rt6_ex;
1429 int err;
1430
1431 if (!from ||
1432 !(rt->rt6i_flags & RTF_CACHE))
1433 return -EINVAL;
1434
1435 if (!rcu_access_pointer(from->rt6i_exception_bucket))
1436 return -ENOENT;
1437
1438 spin_lock_bh(&rt6_exception_lock);
1439 bucket = rcu_dereference_protected(from->rt6i_exception_bucket,
1440 lockdep_is_held(&rt6_exception_lock));
1441 #ifdef CONFIG_IPV6_SUBTREES
1442 /* rt6i_src.plen != 0 indicates 'from' is in subtree
1443 * and exception table is indexed by a hash of
1444 * both rt6i_dst and rt6i_src.
1445 * Otherwise, the exception table is indexed by
1446 * a hash of only rt6i_dst.
1447 */
1448 if (from->rt6i_src.plen)
1449 src_key = &rt->rt6i_src.addr;
1450 #endif
1451 rt6_ex = __rt6_find_exception_spinlock(&bucket,
1452 &rt->rt6i_dst.addr,
1453 src_key);
1454 if (rt6_ex) {
1455 rt6_remove_exception(bucket, rt6_ex);
1456 err = 0;
1457 } else {
1458 err = -ENOENT;
1459 }
1460
1461 spin_unlock_bh(&rt6_exception_lock);
1462 return err;
1463 }
1464
1465 /* Find rt6_ex which contains the passed in rt cache and
1466 * refresh its stamp
1467 */
1468 static void rt6_update_exception_stamp_rt(struct rt6_info *rt)
1469 {
1470 struct rt6_exception_bucket *bucket;
1471 struct rt6_info *from = rt->from;
1472 struct in6_addr *src_key = NULL;
1473 struct rt6_exception *rt6_ex;
1474
1475 if (!from ||
1476 !(rt->rt6i_flags & RTF_CACHE))
1477 return;
1478
1479 rcu_read_lock();
1480 bucket = rcu_dereference(from->rt6i_exception_bucket);
1481
1482 #ifdef CONFIG_IPV6_SUBTREES
1483 /* rt6i_src.plen != 0 indicates 'from' is in subtree
1484 * and exception table is indexed by a hash of
1485 * both rt6i_dst and rt6i_src.
1486 * Otherwise, the exception table is indexed by
1487 * a hash of only rt6i_dst.
1488 */
1489 if (from->rt6i_src.plen)
1490 src_key = &rt->rt6i_src.addr;
1491 #endif
1492 rt6_ex = __rt6_find_exception_rcu(&bucket,
1493 &rt->rt6i_dst.addr,
1494 src_key);
1495 if (rt6_ex)
1496 rt6_ex->stamp = jiffies;
1497
1498 rcu_read_unlock();
1499 }
1500
1501 static void rt6_exceptions_remove_prefsrc(struct rt6_info *rt)
1502 {
1503 struct rt6_exception_bucket *bucket;
1504 struct rt6_exception *rt6_ex;
1505 int i;
1506
1507 bucket = rcu_dereference_protected(rt->rt6i_exception_bucket,
1508 lockdep_is_held(&rt6_exception_lock));
1509
1510 if (bucket) {
1511 for (i = 0; i < FIB6_EXCEPTION_BUCKET_SIZE; i++) {
1512 hlist_for_each_entry(rt6_ex, &bucket->chain, hlist) {
1513 rt6_ex->rt6i->rt6i_prefsrc.plen = 0;
1514 }
1515 bucket++;
1516 }
1517 }
1518 }
1519
1520 static bool rt6_mtu_change_route_allowed(struct inet6_dev *idev,
1521 struct rt6_info *rt, int mtu)
1522 {
1523 /* If the new MTU is lower than the route PMTU, this new MTU will be the
1524 * lowest MTU in the path: always allow updating the route PMTU to
1525 * reflect PMTU decreases.
1526 *
1527 * If the new MTU is higher, and the route PMTU is equal to the local
1528 * MTU, this means the old MTU is the lowest in the path, so allow
1529 * updating it: if other nodes now have lower MTUs, PMTU discovery will
1530 * handle this.
1531 */
1532
1533 if (dst_mtu(&rt->dst) >= mtu)
1534 return true;
1535
1536 if (dst_mtu(&rt->dst) == idev->cnf.mtu6)
1537 return true;
1538
1539 return false;
1540 }
1541
1542 static void rt6_exceptions_update_pmtu(struct inet6_dev *idev,
1543 struct rt6_info *rt, int mtu)
1544 {
1545 struct rt6_exception_bucket *bucket;
1546 struct rt6_exception *rt6_ex;
1547 int i;
1548
1549 bucket = rcu_dereference_protected(rt->rt6i_exception_bucket,
1550 lockdep_is_held(&rt6_exception_lock));
1551
1552 if (!bucket)
1553 return;
1554
1555 for (i = 0; i < FIB6_EXCEPTION_BUCKET_SIZE; i++) {
1556 hlist_for_each_entry(rt6_ex, &bucket->chain, hlist) {
1557 struct rt6_info *entry = rt6_ex->rt6i;
1558
1559 /* For RTF_CACHE with rt6i_pmtu == 0 (i.e. a redirected
1560 * route), the metrics of its rt->dst.from have already
1561 * been updated.
1562 */
1563 if (entry->rt6i_pmtu &&
1564 rt6_mtu_change_route_allowed(idev, entry, mtu))
1565 entry->rt6i_pmtu = mtu;
1566 }
1567 bucket++;
1568 }
1569 }
1570
1571 #define RTF_CACHE_GATEWAY (RTF_GATEWAY | RTF_CACHE)
1572
1573 static void rt6_exceptions_clean_tohost(struct rt6_info *rt,
1574 struct in6_addr *gateway)
1575 {
1576 struct rt6_exception_bucket *bucket;
1577 struct rt6_exception *rt6_ex;
1578 struct hlist_node *tmp;
1579 int i;
1580
1581 if (!rcu_access_pointer(rt->rt6i_exception_bucket))
1582 return;
1583
1584 spin_lock_bh(&rt6_exception_lock);
1585 bucket = rcu_dereference_protected(rt->rt6i_exception_bucket,
1586 lockdep_is_held(&rt6_exception_lock));
1587
1588 if (bucket) {
1589 for (i = 0; i < FIB6_EXCEPTION_BUCKET_SIZE; i++) {
1590 hlist_for_each_entry_safe(rt6_ex, tmp,
1591 &bucket->chain, hlist) {
1592 struct rt6_info *entry = rt6_ex->rt6i;
1593
1594 if ((entry->rt6i_flags & RTF_CACHE_GATEWAY) ==
1595 RTF_CACHE_GATEWAY &&
1596 ipv6_addr_equal(gateway,
1597 &entry->rt6i_gateway)) {
1598 rt6_remove_exception(bucket, rt6_ex);
1599 }
1600 }
1601 bucket++;
1602 }
1603 }
1604
1605 spin_unlock_bh(&rt6_exception_lock);
1606 }
1607
1608 static void rt6_age_examine_exception(struct rt6_exception_bucket *bucket,
1609 struct rt6_exception *rt6_ex,
1610 struct fib6_gc_args *gc_args,
1611 unsigned long now)
1612 {
1613 struct rt6_info *rt = rt6_ex->rt6i;
1614
1615 /* we are pruning and obsoleting aged-out and non gateway exceptions
1616 * even if others have still references to them, so that on next
1617 * dst_check() such references can be dropped.
1618 * EXPIRES exceptions - e.g. pmtu-generated ones are pruned when
1619 * expired, independently from their aging, as per RFC 8201 section 4
1620 */
1621 if (!(rt->rt6i_flags & RTF_EXPIRES)) {
1622 if (time_after_eq(now, rt->dst.lastuse + gc_args->timeout)) {
1623 RT6_TRACE("aging clone %p\n", rt);
1624 rt6_remove_exception(bucket, rt6_ex);
1625 return;
1626 }
1627 } else if (time_after(jiffies, rt->dst.expires)) {
1628 RT6_TRACE("purging expired route %p\n", rt);
1629 rt6_remove_exception(bucket, rt6_ex);
1630 return;
1631 }
1632
1633 if (rt->rt6i_flags & RTF_GATEWAY) {
1634 struct neighbour *neigh;
1635 __u8 neigh_flags = 0;
1636
1637 neigh = __ipv6_neigh_lookup_noref(rt->dst.dev, &rt->rt6i_gateway);
1638 if (neigh)
1639 neigh_flags = neigh->flags;
1640
1641 if (!(neigh_flags & NTF_ROUTER)) {
1642 RT6_TRACE("purging route %p via non-router but gateway\n",
1643 rt);
1644 rt6_remove_exception(bucket, rt6_ex);
1645 return;
1646 }
1647 }
1648
1649 gc_args->more++;
1650 }
1651
1652 void rt6_age_exceptions(struct rt6_info *rt,
1653 struct fib6_gc_args *gc_args,
1654 unsigned long now)
1655 {
1656 struct rt6_exception_bucket *bucket;
1657 struct rt6_exception *rt6_ex;
1658 struct hlist_node *tmp;
1659 int i;
1660
1661 if (!rcu_access_pointer(rt->rt6i_exception_bucket))
1662 return;
1663
1664 rcu_read_lock_bh();
1665 spin_lock(&rt6_exception_lock);
1666 bucket = rcu_dereference_protected(rt->rt6i_exception_bucket,
1667 lockdep_is_held(&rt6_exception_lock));
1668
1669 if (bucket) {
1670 for (i = 0; i < FIB6_EXCEPTION_BUCKET_SIZE; i++) {
1671 hlist_for_each_entry_safe(rt6_ex, tmp,
1672 &bucket->chain, hlist) {
1673 rt6_age_examine_exception(bucket, rt6_ex,
1674 gc_args, now);
1675 }
1676 bucket++;
1677 }
1678 }
1679 spin_unlock(&rt6_exception_lock);
1680 rcu_read_unlock_bh();
1681 }
1682
1683 struct rt6_info *ip6_pol_route(struct net *net, struct fib6_table *table,
1684 int oif, struct flowi6 *fl6,
1685 const struct sk_buff *skb, int flags)
1686 {
1687 struct fib6_node *fn, *saved_fn;
1688 struct rt6_info *rt, *rt_cache;
1689 int strict = 0;
1690
1691 strict |= flags & RT6_LOOKUP_F_IFACE;
1692 strict |= flags & RT6_LOOKUP_F_IGNORE_LINKSTATE;
1693 if (net->ipv6.devconf_all->forwarding == 0)
1694 strict |= RT6_LOOKUP_F_REACHABLE;
1695
1696 rcu_read_lock();
1697
1698 fn = fib6_lookup(&table->tb6_root, &fl6->daddr, &fl6->saddr);
1699 saved_fn = fn;
1700
1701 if (fl6->flowi6_flags & FLOWI_FLAG_SKIP_NH_OIF)
1702 oif = 0;
1703
1704 redo_rt6_select:
1705 rt = rt6_select(net, fn, oif, strict);
1706 if (rt->rt6i_nsiblings)
1707 rt = rt6_multipath_select(net, rt, fl6, oif, skb, strict);
1708 if (rt == net->ipv6.ip6_null_entry) {
1709 fn = fib6_backtrack(fn, &fl6->saddr);
1710 if (fn)
1711 goto redo_rt6_select;
1712 else if (strict & RT6_LOOKUP_F_REACHABLE) {
1713 /* also consider unreachable route */
1714 strict &= ~RT6_LOOKUP_F_REACHABLE;
1715 fn = saved_fn;
1716 goto redo_rt6_select;
1717 }
1718 }
1719
1720 /*Search through exception table */
1721 rt_cache = rt6_find_cached_rt(rt, &fl6->daddr, &fl6->saddr);
1722 if (rt_cache)
1723 rt = rt_cache;
1724
1725 if (rt == net->ipv6.ip6_null_entry) {
1726 rcu_read_unlock();
1727 dst_hold(&rt->dst);
1728 trace_fib6_table_lookup(net, rt, table, fl6);
1729 return rt;
1730 } else if (rt->rt6i_flags & RTF_CACHE) {
1731 if (ip6_hold_safe(net, &rt, true)) {
1732 dst_use_noref(&rt->dst, jiffies);
1733 rt6_dst_from_metrics_check(rt);
1734 }
1735 rcu_read_unlock();
1736 trace_fib6_table_lookup(net, rt, table, fl6);
1737 return rt;
1738 } else if (unlikely((fl6->flowi6_flags & FLOWI_FLAG_KNOWN_NH) &&
1739 !(rt->rt6i_flags & RTF_GATEWAY))) {
1740 /* Create a RTF_CACHE clone which will not be
1741 * owned by the fib6 tree. It is for the special case where
1742 * the daddr in the skb during the neighbor look-up is different
1743 * from the fl6->daddr used to look-up route here.
1744 */
1745
1746 struct rt6_info *uncached_rt;
1747
1748 if (ip6_hold_safe(net, &rt, true)) {
1749 dst_use_noref(&rt->dst, jiffies);
1750 } else {
1751 rcu_read_unlock();
1752 uncached_rt = rt;
1753 goto uncached_rt_out;
1754 }
1755 rcu_read_unlock();
1756
1757 uncached_rt = ip6_rt_cache_alloc(rt, &fl6->daddr, NULL);
1758 dst_release(&rt->dst);
1759
1760 if (uncached_rt) {
1761 /* Uncached_rt's refcnt is taken during ip6_rt_cache_alloc()
1762 * No need for another dst_hold()
1763 */
1764 rt6_uncached_list_add(uncached_rt);
1765 atomic_inc(&net->ipv6.rt6_stats->fib_rt_uncache);
1766 } else {
1767 uncached_rt = net->ipv6.ip6_null_entry;
1768 dst_hold(&uncached_rt->dst);
1769 }
1770
1771 uncached_rt_out:
1772 trace_fib6_table_lookup(net, uncached_rt, table, fl6);
1773 return uncached_rt;
1774
1775 } else {
1776 /* Get a percpu copy */
1777
1778 struct rt6_info *pcpu_rt;
1779
1780 dst_use_noref(&rt->dst, jiffies);
1781 local_bh_disable();
1782 pcpu_rt = rt6_get_pcpu_route(rt);
1783
1784 if (!pcpu_rt) {
1785 /* atomic_inc_not_zero() is needed when using rcu */
1786 if (atomic_inc_not_zero(&rt->rt6i_ref)) {
1787 /* No dst_hold() on rt is needed because grabbing
1788 * rt->rt6i_ref makes sure rt can't be released.
1789 */
1790 pcpu_rt = rt6_make_pcpu_route(rt);
1791 rt6_release(rt);
1792 } else {
1793 /* rt is already removed from tree */
1794 pcpu_rt = net->ipv6.ip6_null_entry;
1795 dst_hold(&pcpu_rt->dst);
1796 }
1797 }
1798 local_bh_enable();
1799 rcu_read_unlock();
1800 trace_fib6_table_lookup(net, pcpu_rt, table, fl6);
1801 return pcpu_rt;
1802 }
1803 }
1804 EXPORT_SYMBOL_GPL(ip6_pol_route);
1805
1806 static struct rt6_info *ip6_pol_route_input(struct net *net,
1807 struct fib6_table *table,
1808 struct flowi6 *fl6,
1809 const struct sk_buff *skb,
1810 int flags)
1811 {
1812 return ip6_pol_route(net, table, fl6->flowi6_iif, fl6, skb, flags);
1813 }
1814
1815 struct dst_entry *ip6_route_input_lookup(struct net *net,
1816 struct net_device *dev,
1817 struct flowi6 *fl6,
1818 const struct sk_buff *skb,
1819 int flags)
1820 {
1821 if (rt6_need_strict(&fl6->daddr) && dev->type != ARPHRD_PIMREG)
1822 flags |= RT6_LOOKUP_F_IFACE;
1823
1824 return fib6_rule_lookup(net, fl6, skb, flags, ip6_pol_route_input);
1825 }
1826 EXPORT_SYMBOL_GPL(ip6_route_input_lookup);
1827
1828 static void ip6_multipath_l3_keys(const struct sk_buff *skb,
1829 struct flow_keys *keys,
1830 struct flow_keys *flkeys)
1831 {
1832 const struct ipv6hdr *outer_iph = ipv6_hdr(skb);
1833 const struct ipv6hdr *key_iph = outer_iph;
1834 struct flow_keys *_flkeys = flkeys;
1835 const struct ipv6hdr *inner_iph;
1836 const struct icmp6hdr *icmph;
1837 struct ipv6hdr _inner_iph;
1838 struct icmp6hdr _icmph;
1839
1840 if (likely(outer_iph->nexthdr != IPPROTO_ICMPV6))
1841 goto out;
1842
1843 icmph = skb_header_pointer(skb, skb_transport_offset(skb),
1844 sizeof(_icmph), &_icmph);
1845 if (!icmph)
1846 goto out;
1847
1848 if (icmph->icmp6_type != ICMPV6_DEST_UNREACH &&
1849 icmph->icmp6_type != ICMPV6_PKT_TOOBIG &&
1850 icmph->icmp6_type != ICMPV6_TIME_EXCEED &&
1851 icmph->icmp6_type != ICMPV6_PARAMPROB)
1852 goto out;
1853
1854 inner_iph = skb_header_pointer(skb,
1855 skb_transport_offset(skb) + sizeof(*icmph),
1856 sizeof(_inner_iph), &_inner_iph);
1857 if (!inner_iph)
1858 goto out;
1859
1860 key_iph = inner_iph;
1861 _flkeys = NULL;
1862 out:
1863 if (_flkeys) {
1864 keys->addrs.v6addrs.src = _flkeys->addrs.v6addrs.src;
1865 keys->addrs.v6addrs.dst = _flkeys->addrs.v6addrs.dst;
1866 keys->tags.flow_label = _flkeys->tags.flow_label;
1867 keys->basic.ip_proto = _flkeys->basic.ip_proto;
1868 } else {
1869 keys->addrs.v6addrs.src = key_iph->saddr;
1870 keys->addrs.v6addrs.dst = key_iph->daddr;
1871 keys->tags.flow_label = ip6_flowinfo(key_iph);
1872 keys->basic.ip_proto = key_iph->nexthdr;
1873 }
1874 }
1875
1876 /* if skb is set it will be used and fl6 can be NULL */
1877 u32 rt6_multipath_hash(const struct net *net, const struct flowi6 *fl6,
1878 const struct sk_buff *skb, struct flow_keys *flkeys)
1879 {
1880 struct flow_keys hash_keys;
1881 u32 mhash;
1882
1883 switch (ip6_multipath_hash_policy(net)) {
1884 case 0:
1885 memset(&hash_keys, 0, sizeof(hash_keys));
1886 hash_keys.control.addr_type = FLOW_DISSECTOR_KEY_IPV6_ADDRS;
1887 if (skb) {
1888 ip6_multipath_l3_keys(skb, &hash_keys, flkeys);
1889 } else {
1890 hash_keys.addrs.v6addrs.src = fl6->saddr;
1891 hash_keys.addrs.v6addrs.dst = fl6->daddr;
1892 hash_keys.tags.flow_label = (__force u32)fl6->flowlabel;
1893 hash_keys.basic.ip_proto = fl6->flowi6_proto;
1894 }
1895 break;
1896 case 1:
1897 if (skb) {
1898 unsigned int flag = FLOW_DISSECTOR_F_STOP_AT_ENCAP;
1899 struct flow_keys keys;
1900
1901 /* short-circuit if we already have L4 hash present */
1902 if (skb->l4_hash)
1903 return skb_get_hash_raw(skb) >> 1;
1904
1905 memset(&hash_keys, 0, sizeof(hash_keys));
1906
1907 if (!flkeys) {
1908 skb_flow_dissect_flow_keys(skb, &keys, flag);
1909 flkeys = &keys;
1910 }
1911 hash_keys.control.addr_type = FLOW_DISSECTOR_KEY_IPV6_ADDRS;
1912 hash_keys.addrs.v6addrs.src = flkeys->addrs.v6addrs.src;
1913 hash_keys.addrs.v6addrs.dst = flkeys->addrs.v6addrs.dst;
1914 hash_keys.ports.src = flkeys->ports.src;
1915 hash_keys.ports.dst = flkeys->ports.dst;
1916 hash_keys.basic.ip_proto = flkeys->basic.ip_proto;
1917 } else {
1918 memset(&hash_keys, 0, sizeof(hash_keys));
1919 hash_keys.control.addr_type = FLOW_DISSECTOR_KEY_IPV6_ADDRS;
1920 hash_keys.addrs.v6addrs.src = fl6->saddr;
1921 hash_keys.addrs.v6addrs.dst = fl6->daddr;
1922 hash_keys.ports.src = fl6->fl6_sport;
1923 hash_keys.ports.dst = fl6->fl6_dport;
1924 hash_keys.basic.ip_proto = fl6->flowi6_proto;
1925 }
1926 break;
1927 }
1928 mhash = flow_hash_from_keys(&hash_keys);
1929
1930 return mhash >> 1;
1931 }
1932
1933 void ip6_route_input(struct sk_buff *skb)
1934 {
1935 const struct ipv6hdr *iph = ipv6_hdr(skb);
1936 struct net *net = dev_net(skb->dev);
1937 int flags = RT6_LOOKUP_F_HAS_SADDR;
1938 struct ip_tunnel_info *tun_info;
1939 struct flowi6 fl6 = {
1940 .flowi6_iif = skb->dev->ifindex,
1941 .daddr = iph->daddr,
1942 .saddr = iph->saddr,
1943 .flowlabel = ip6_flowinfo(iph),
1944 .flowi6_mark = skb->mark,
1945 .flowi6_proto = iph->nexthdr,
1946 };
1947 struct flow_keys *flkeys = NULL, _flkeys;
1948
1949 tun_info = skb_tunnel_info(skb);
1950 if (tun_info && !(tun_info->mode & IP_TUNNEL_INFO_TX))
1951 fl6.flowi6_tun_key.tun_id = tun_info->key.tun_id;
1952
1953 if (fib6_rules_early_flow_dissect(net, skb, &fl6, &_flkeys))
1954 flkeys = &_flkeys;
1955
1956 if (unlikely(fl6.flowi6_proto == IPPROTO_ICMPV6))
1957 fl6.mp_hash = rt6_multipath_hash(net, &fl6, skb, flkeys);
1958 skb_dst_drop(skb);
1959 skb_dst_set(skb,
1960 ip6_route_input_lookup(net, skb->dev, &fl6, skb, flags));
1961 }
1962
1963 static struct rt6_info *ip6_pol_route_output(struct net *net,
1964 struct fib6_table *table,
1965 struct flowi6 *fl6,
1966 const struct sk_buff *skb,
1967 int flags)
1968 {
1969 return ip6_pol_route(net, table, fl6->flowi6_oif, fl6, skb, flags);
1970 }
1971
1972 struct dst_entry *ip6_route_output_flags(struct net *net, const struct sock *sk,
1973 struct flowi6 *fl6, int flags)
1974 {
1975 bool any_src;
1976
1977 if (rt6_need_strict(&fl6->daddr)) {
1978 struct dst_entry *dst;
1979
1980 dst = l3mdev_link_scope_lookup(net, fl6);
1981 if (dst)
1982 return dst;
1983 }
1984
1985 fl6->flowi6_iif = LOOPBACK_IFINDEX;
1986
1987 any_src = ipv6_addr_any(&fl6->saddr);
1988 if ((sk && sk->sk_bound_dev_if) || rt6_need_strict(&fl6->daddr) ||
1989 (fl6->flowi6_oif && any_src))
1990 flags |= RT6_LOOKUP_F_IFACE;
1991
1992 if (!any_src)
1993 flags |= RT6_LOOKUP_F_HAS_SADDR;
1994 else if (sk)
1995 flags |= rt6_srcprefs2flags(inet6_sk(sk)->srcprefs);
1996
1997 return fib6_rule_lookup(net, fl6, NULL, flags, ip6_pol_route_output);
1998 }
1999 EXPORT_SYMBOL_GPL(ip6_route_output_flags);
2000
2001 struct dst_entry *ip6_blackhole_route(struct net *net, struct dst_entry *dst_orig)
2002 {
2003 struct rt6_info *rt, *ort = (struct rt6_info *) dst_orig;
2004 struct net_device *loopback_dev = net->loopback_dev;
2005 struct dst_entry *new = NULL;
2006
2007 rt = dst_alloc(&ip6_dst_blackhole_ops, loopback_dev, 1,
2008 DST_OBSOLETE_DEAD, 0);
2009 if (rt) {
2010 rt6_info_init(rt);
2011 atomic_inc(&net->ipv6.rt6_stats->fib_rt_alloc);
2012
2013 new = &rt->dst;
2014 new->__use = 1;
2015 new->input = dst_discard;
2016 new->output = dst_discard_out;
2017
2018 dst_copy_metrics(new, &ort->dst);
2019
2020 rt->rt6i_idev = in6_dev_get(loopback_dev);
2021 rt->rt6i_gateway = ort->rt6i_gateway;
2022 rt->rt6i_flags = ort->rt6i_flags & ~RTF_PCPU;
2023 rt->rt6i_metric = 0;
2024
2025 memcpy(&rt->rt6i_dst, &ort->rt6i_dst, sizeof(struct rt6key));
2026 #ifdef CONFIG_IPV6_SUBTREES
2027 memcpy(&rt->rt6i_src, &ort->rt6i_src, sizeof(struct rt6key));
2028 #endif
2029 }
2030
2031 dst_release(dst_orig);
2032 return new ? new : ERR_PTR(-ENOMEM);
2033 }
2034
2035 /*
2036 * Destination cache support functions
2037 */
2038
2039 static void rt6_dst_from_metrics_check(struct rt6_info *rt)
2040 {
2041 if (rt->from &&
2042 dst_metrics_ptr(&rt->dst) != dst_metrics_ptr(&rt->from->dst))
2043 dst_init_metrics(&rt->dst, dst_metrics_ptr(&rt->from->dst), true);
2044 }
2045
2046 static struct dst_entry *rt6_check(struct rt6_info *rt, u32 cookie)
2047 {
2048 u32 rt_cookie = 0;
2049
2050 if (!rt6_get_cookie_safe(rt, &rt_cookie) || rt_cookie != cookie)
2051 return NULL;
2052
2053 if (rt6_check_expired(rt))
2054 return NULL;
2055
2056 return &rt->dst;
2057 }
2058
2059 static struct dst_entry *rt6_dst_from_check(struct rt6_info *rt, u32 cookie)
2060 {
2061 if (!__rt6_check_expired(rt) &&
2062 rt->dst.obsolete == DST_OBSOLETE_FORCE_CHK &&
2063 rt6_check(rt->from, cookie))
2064 return &rt->dst;
2065 else
2066 return NULL;
2067 }
2068
2069 static struct dst_entry *ip6_dst_check(struct dst_entry *dst, u32 cookie)
2070 {
2071 struct rt6_info *rt;
2072
2073 rt = (struct rt6_info *) dst;
2074
2075 /* All IPV6 dsts are created with ->obsolete set to the value
2076 * DST_OBSOLETE_FORCE_CHK which forces validation calls down
2077 * into this function always.
2078 */
2079
2080 rt6_dst_from_metrics_check(rt);
2081
2082 if (rt->rt6i_flags & RTF_PCPU ||
2083 (unlikely(!list_empty(&rt->rt6i_uncached)) && rt->from))
2084 return rt6_dst_from_check(rt, cookie);
2085 else
2086 return rt6_check(rt, cookie);
2087 }
2088
2089 static struct dst_entry *ip6_negative_advice(struct dst_entry *dst)
2090 {
2091 struct rt6_info *rt = (struct rt6_info *) dst;
2092
2093 if (rt) {
2094 if (rt->rt6i_flags & RTF_CACHE) {
2095 if (rt6_check_expired(rt)) {
2096 ip6_del_rt(rt);
2097 dst = NULL;
2098 }
2099 } else {
2100 dst_release(dst);
2101 dst = NULL;
2102 }
2103 }
2104 return dst;
2105 }
2106
2107 static void ip6_link_failure(struct sk_buff *skb)
2108 {
2109 struct rt6_info *rt;
2110
2111 icmpv6_send(skb, ICMPV6_DEST_UNREACH, ICMPV6_ADDR_UNREACH, 0);
2112
2113 rt = (struct rt6_info *) skb_dst(skb);
2114 if (rt) {
2115 if (rt->rt6i_flags & RTF_CACHE) {
2116 if (dst_hold_safe(&rt->dst))
2117 ip6_del_rt(rt);
2118 } else {
2119 struct fib6_node *fn;
2120
2121 rcu_read_lock();
2122 fn = rcu_dereference(rt->rt6i_node);
2123 if (fn && (rt->rt6i_flags & RTF_DEFAULT))
2124 fn->fn_sernum = -1;
2125 rcu_read_unlock();
2126 }
2127 }
2128 }
2129
2130 static void rt6_do_update_pmtu(struct rt6_info *rt, u32 mtu)
2131 {
2132 struct net *net = dev_net(rt->dst.dev);
2133
2134 rt->rt6i_flags |= RTF_MODIFIED;
2135 rt->rt6i_pmtu = mtu;
2136 rt6_update_expires(rt, net->ipv6.sysctl.ip6_rt_mtu_expires);
2137 }
2138
2139 static bool rt6_cache_allowed_for_pmtu(const struct rt6_info *rt)
2140 {
2141 return !(rt->rt6i_flags & RTF_CACHE) &&
2142 (rt->rt6i_flags & RTF_PCPU ||
2143 rcu_access_pointer(rt->rt6i_node));
2144 }
2145
2146 static void __ip6_rt_update_pmtu(struct dst_entry *dst, const struct sock *sk,
2147 const struct ipv6hdr *iph, u32 mtu)
2148 {
2149 const struct in6_addr *daddr, *saddr;
2150 struct rt6_info *rt6 = (struct rt6_info *)dst;
2151
2152 if (rt6->rt6i_flags & RTF_LOCAL)
2153 return;
2154
2155 if (dst_metric_locked(dst, RTAX_MTU))
2156 return;
2157
2158 if (iph) {
2159 daddr = &iph->daddr;
2160 saddr = &iph->saddr;
2161 } else if (sk) {
2162 daddr = &sk->sk_v6_daddr;
2163 saddr = &inet6_sk(sk)->saddr;
2164 } else {
2165 daddr = NULL;
2166 saddr = NULL;
2167 }
2168 dst_confirm_neigh(dst, daddr);
2169 mtu = max_t(u32, mtu, IPV6_MIN_MTU);
2170 if (mtu >= dst_mtu(dst))
2171 return;
2172
2173 if (!rt6_cache_allowed_for_pmtu(rt6)) {
2174 rt6_do_update_pmtu(rt6, mtu);
2175 /* update rt6_ex->stamp for cache */
2176 if (rt6->rt6i_flags & RTF_CACHE)
2177 rt6_update_exception_stamp_rt(rt6);
2178 } else if (daddr) {
2179 struct rt6_info *nrt6;
2180
2181 nrt6 = ip6_rt_cache_alloc(rt6, daddr, saddr);
2182 if (nrt6) {
2183 rt6_do_update_pmtu(nrt6, mtu);
2184 if (rt6_insert_exception(nrt6, rt6))
2185 dst_release_immediate(&nrt6->dst);
2186 }
2187 }
2188 }
2189
2190 static void ip6_rt_update_pmtu(struct dst_entry *dst, struct sock *sk,
2191 struct sk_buff *skb, u32 mtu)
2192 {
2193 __ip6_rt_update_pmtu(dst, sk, skb ? ipv6_hdr(skb) : NULL, mtu);
2194 }
2195
2196 void ip6_update_pmtu(struct sk_buff *skb, struct net *net, __be32 mtu,
2197 int oif, u32 mark, kuid_t uid)
2198 {
2199 const struct ipv6hdr *iph = (struct ipv6hdr *) skb->data;
2200 struct dst_entry *dst;
2201 struct flowi6 fl6;
2202
2203 memset(&fl6, 0, sizeof(fl6));
2204 fl6.flowi6_oif = oif;
2205 fl6.flowi6_mark = mark ? mark : IP6_REPLY_MARK(net, skb->mark);
2206 fl6.daddr = iph->daddr;
2207 fl6.saddr = iph->saddr;
2208 fl6.flowlabel = ip6_flowinfo(iph);
2209 fl6.flowi6_uid = uid;
2210
2211 dst = ip6_route_output(net, NULL, &fl6);
2212 if (!dst->error)
2213 __ip6_rt_update_pmtu(dst, NULL, iph, ntohl(mtu));
2214 dst_release(dst);
2215 }
2216 EXPORT_SYMBOL_GPL(ip6_update_pmtu);
2217
2218 void ip6_sk_update_pmtu(struct sk_buff *skb, struct sock *sk, __be32 mtu)
2219 {
2220 struct dst_entry *dst;
2221
2222 ip6_update_pmtu(skb, sock_net(sk), mtu,
2223 sk->sk_bound_dev_if, sk->sk_mark, sk->sk_uid);
2224
2225 dst = __sk_dst_get(sk);
2226 if (!dst || !dst->obsolete ||
2227 dst->ops->check(dst, inet6_sk(sk)->dst_cookie))
2228 return;
2229
2230 bh_lock_sock(sk);
2231 if (!sock_owned_by_user(sk) && !ipv6_addr_v4mapped(&sk->sk_v6_daddr))
2232 ip6_datagram_dst_update(sk, false);
2233 bh_unlock_sock(sk);
2234 }
2235 EXPORT_SYMBOL_GPL(ip6_sk_update_pmtu);
2236
2237 void ip6_sk_dst_store_flow(struct sock *sk, struct dst_entry *dst,
2238 const struct flowi6 *fl6)
2239 {
2240 #ifdef CONFIG_IPV6_SUBTREES
2241 struct ipv6_pinfo *np = inet6_sk(sk);
2242 #endif
2243
2244 ip6_dst_store(sk, dst,
2245 ipv6_addr_equal(&fl6->daddr, &sk->sk_v6_daddr) ?
2246 &sk->sk_v6_daddr : NULL,
2247 #ifdef CONFIG_IPV6_SUBTREES
2248 ipv6_addr_equal(&fl6->saddr, &np->saddr) ?
2249 &np->saddr :
2250 #endif
2251 NULL);
2252 }
2253
2254 /* Handle redirects */
2255 struct ip6rd_flowi {
2256 struct flowi6 fl6;
2257 struct in6_addr gateway;
2258 };
2259
2260 static struct rt6_info *__ip6_route_redirect(struct net *net,
2261 struct fib6_table *table,
2262 struct flowi6 *fl6,
2263 const struct sk_buff *skb,
2264 int flags)
2265 {
2266 struct ip6rd_flowi *rdfl = (struct ip6rd_flowi *)fl6;
2267 struct rt6_info *rt, *rt_cache;
2268 struct fib6_node *fn;
2269
2270 /* Get the "current" route for this destination and
2271 * check if the redirect has come from appropriate router.
2272 *
2273 * RFC 4861 specifies that redirects should only be
2274 * accepted if they come from the nexthop to the target.
2275 * Due to the way the routes are chosen, this notion
2276 * is a bit fuzzy and one might need to check all possible
2277 * routes.
2278 */
2279
2280 rcu_read_lock();
2281 fn = fib6_lookup(&table->tb6_root, &fl6->daddr, &fl6->saddr);
2282 restart:
2283 for_each_fib6_node_rt_rcu(fn) {
2284 if (rt->rt6i_nh_flags & RTNH_F_DEAD)
2285 continue;
2286 if (rt6_check_expired(rt))
2287 continue;
2288 if (rt->dst.error)
2289 break;
2290 if (!(rt->rt6i_flags & RTF_GATEWAY))
2291 continue;
2292 if (fl6->flowi6_oif != rt->dst.dev->ifindex)
2293 continue;
2294 /* rt_cache's gateway might be different from its 'parent'
2295 * in the case of an ip redirect.
2296 * So we keep searching in the exception table if the gateway
2297 * is different.
2298 */
2299 if (!ipv6_addr_equal(&rdfl->gateway, &rt->rt6i_gateway)) {
2300 rt_cache = rt6_find_cached_rt(rt,
2301 &fl6->daddr,
2302 &fl6->saddr);
2303 if (rt_cache &&
2304 ipv6_addr_equal(&rdfl->gateway,
2305 &rt_cache->rt6i_gateway)) {
2306 rt = rt_cache;
2307 break;
2308 }
2309 continue;
2310 }
2311 break;
2312 }
2313
2314 if (!rt)
2315 rt = net->ipv6.ip6_null_entry;
2316 else if (rt->dst.error) {
2317 rt = net->ipv6.ip6_null_entry;
2318 goto out;
2319 }
2320
2321 if (rt == net->ipv6.ip6_null_entry) {
2322 fn = fib6_backtrack(fn, &fl6->saddr);
2323 if (fn)
2324 goto restart;
2325 }
2326
2327 out:
2328 ip6_hold_safe(net, &rt, true);
2329
2330 rcu_read_unlock();
2331
2332 trace_fib6_table_lookup(net, rt, table, fl6);
2333 return rt;
2334 };
2335
2336 static struct dst_entry *ip6_route_redirect(struct net *net,
2337 const struct flowi6 *fl6,
2338 const struct sk_buff *skb,
2339 const struct in6_addr *gateway)
2340 {
2341 int flags = RT6_LOOKUP_F_HAS_SADDR;
2342 struct ip6rd_flowi rdfl;
2343
2344 rdfl.fl6 = *fl6;
2345 rdfl.gateway = *gateway;
2346
2347 return fib6_rule_lookup(net, &rdfl.fl6, skb,
2348 flags, __ip6_route_redirect);
2349 }
2350
2351 void ip6_redirect(struct sk_buff *skb, struct net *net, int oif, u32 mark,
2352 kuid_t uid)
2353 {
2354 const struct ipv6hdr *iph = (struct ipv6hdr *) skb->data;
2355 struct dst_entry *dst;
2356 struct flowi6 fl6;
2357
2358 memset(&fl6, 0, sizeof(fl6));
2359 fl6.flowi6_iif = LOOPBACK_IFINDEX;
2360 fl6.flowi6_oif = oif;
2361 fl6.flowi6_mark = mark;
2362 fl6.daddr = iph->daddr;
2363 fl6.saddr = iph->saddr;
2364 fl6.flowlabel = ip6_flowinfo(iph);
2365 fl6.flowi6_uid = uid;
2366
2367 dst = ip6_route_redirect(net, &fl6, skb, &ipv6_hdr(skb)->saddr);
2368 rt6_do_redirect(dst, NULL, skb);
2369 dst_release(dst);
2370 }
2371 EXPORT_SYMBOL_GPL(ip6_redirect);
2372
2373 void ip6_redirect_no_header(struct sk_buff *skb, struct net *net, int oif,
2374 u32 mark)
2375 {
2376 const struct ipv6hdr *iph = ipv6_hdr(skb);
2377 const struct rd_msg *msg = (struct rd_msg *)icmp6_hdr(skb);
2378 struct dst_entry *dst;
2379 struct flowi6 fl6;
2380
2381 memset(&fl6, 0, sizeof(fl6));
2382 fl6.flowi6_iif = LOOPBACK_IFINDEX;
2383 fl6.flowi6_oif = oif;
2384 fl6.flowi6_mark = mark;
2385 fl6.daddr = msg->dest;
2386 fl6.saddr = iph->daddr;
2387 fl6.flowi6_uid = sock_net_uid(net, NULL);
2388
2389 dst = ip6_route_redirect(net, &fl6, skb, &iph->saddr);
2390 rt6_do_redirect(dst, NULL, skb);
2391 dst_release(dst);
2392 }
2393
2394 void ip6_sk_redirect(struct sk_buff *skb, struct sock *sk)
2395 {
2396 ip6_redirect(skb, sock_net(sk), sk->sk_bound_dev_if, sk->sk_mark,
2397 sk->sk_uid);
2398 }
2399 EXPORT_SYMBOL_GPL(ip6_sk_redirect);
2400
2401 static unsigned int ip6_default_advmss(const struct dst_entry *dst)
2402 {
2403 struct net_device *dev = dst->dev;
2404 unsigned int mtu = dst_mtu(dst);
2405 struct net *net = dev_net(dev);
2406
2407 mtu -= sizeof(struct ipv6hdr) + sizeof(struct tcphdr);
2408
2409 if (mtu < net->ipv6.sysctl.ip6_rt_min_advmss)
2410 mtu = net->ipv6.sysctl.ip6_rt_min_advmss;
2411
2412 /*
2413 * Maximal non-jumbo IPv6 payload is IPV6_MAXPLEN and
2414 * corresponding MSS is IPV6_MAXPLEN - tcp_header_size.
2415 * IPV6_MAXPLEN is also valid and means: "any MSS,
2416 * rely only on pmtu discovery"
2417 */
2418 if (mtu > IPV6_MAXPLEN - sizeof(struct tcphdr))
2419 mtu = IPV6_MAXPLEN;
2420 return mtu;
2421 }
2422
2423 static unsigned int ip6_mtu(const struct dst_entry *dst)
2424 {
2425 const struct rt6_info *rt = (const struct rt6_info *)dst;
2426 unsigned int mtu = rt->rt6i_pmtu;
2427 struct inet6_dev *idev;
2428
2429 if (mtu)
2430 goto out;
2431
2432 mtu = dst_metric_raw(dst, RTAX_MTU);
2433 if (mtu)
2434 goto out;
2435
2436 mtu = IPV6_MIN_MTU;
2437
2438 rcu_read_lock();
2439 idev = __in6_dev_get(dst->dev);
2440 if (idev)
2441 mtu = idev->cnf.mtu6;
2442 rcu_read_unlock();
2443
2444 out:
2445 mtu = min_t(unsigned int, mtu, IP6_MAX_MTU);
2446
2447 return mtu - lwtunnel_headroom(dst->lwtstate, mtu);
2448 }
2449
2450 struct dst_entry *icmp6_dst_alloc(struct net_device *dev,
2451 struct flowi6 *fl6)
2452 {
2453 struct dst_entry *dst;
2454 struct rt6_info *rt;
2455 struct inet6_dev *idev = in6_dev_get(dev);
2456 struct net *net = dev_net(dev);
2457
2458 if (unlikely(!idev))
2459 return ERR_PTR(-ENODEV);
2460
2461 rt = ip6_dst_alloc(net, dev, 0);
2462 if (unlikely(!rt)) {
2463 in6_dev_put(idev);
2464 dst = ERR_PTR(-ENOMEM);
2465 goto out;
2466 }
2467
2468 rt->dst.flags |= DST_HOST;
2469 rt->dst.input = ip6_input;
2470 rt->dst.output = ip6_output;
2471 rt->rt6i_gateway = fl6->daddr;
2472 rt->rt6i_dst.addr = fl6->daddr;
2473 rt->rt6i_dst.plen = 128;
2474 rt->rt6i_idev = idev;
2475 dst_metric_set(&rt->dst, RTAX_HOPLIMIT, 0);
2476
2477 /* Add this dst into uncached_list so that rt6_disable_ip() can
2478 * do proper release of the net_device
2479 */
2480 rt6_uncached_list_add(rt);
2481 atomic_inc(&net->ipv6.rt6_stats->fib_rt_uncache);
2482
2483 dst = xfrm_lookup(net, &rt->dst, flowi6_to_flowi(fl6), NULL, 0);
2484
2485 out:
2486 return dst;
2487 }
2488
2489 static int ip6_dst_gc(struct dst_ops *ops)
2490 {
2491 struct net *net = container_of(ops, struct net, ipv6.ip6_dst_ops);
2492 int rt_min_interval = net->ipv6.sysctl.ip6_rt_gc_min_interval;
2493 int rt_max_size = net->ipv6.sysctl.ip6_rt_max_size;
2494 int rt_elasticity = net->ipv6.sysctl.ip6_rt_gc_elasticity;
2495 int rt_gc_timeout = net->ipv6.sysctl.ip6_rt_gc_timeout;
2496 unsigned long rt_last_gc = net->ipv6.ip6_rt_last_gc;
2497 int entries;
2498
2499 entries = dst_entries_get_fast(ops);
2500 if (time_after(rt_last_gc + rt_min_interval, jiffies) &&
2501 entries <= rt_max_size)
2502 goto out;
2503
2504 net->ipv6.ip6_rt_gc_expire++;
2505 fib6_run_gc(net->ipv6.ip6_rt_gc_expire, net, true);
2506 entries = dst_entries_get_slow(ops);
2507 if (entries < ops->gc_thresh)
2508 net->ipv6.ip6_rt_gc_expire = rt_gc_timeout>>1;
2509 out:
2510 net->ipv6.ip6_rt_gc_expire -= net->ipv6.ip6_rt_gc_expire>>rt_elasticity;
2511 return entries > rt_max_size;
2512 }
2513
2514 static int ip6_convert_metrics(struct mx6_config *mxc,
2515 const struct fib6_config *cfg)
2516 {
2517 struct net *net = cfg->fc_nlinfo.nl_net;
2518 bool ecn_ca = false;
2519 struct nlattr *nla;
2520 int remaining;
2521 u32 *mp;
2522
2523 if (!cfg->fc_mx)
2524 return 0;
2525
2526 mp = kzalloc(sizeof(u32) * RTAX_MAX, GFP_KERNEL);
2527 if (unlikely(!mp))
2528 return -ENOMEM;
2529
2530 nla_for_each_attr(nla, cfg->fc_mx, cfg->fc_mx_len, remaining) {
2531 int type = nla_type(nla);
2532 u32 val;
2533
2534 if (!type)
2535 continue;
2536 if (unlikely(type > RTAX_MAX))
2537 goto err;
2538
2539 if (type == RTAX_CC_ALGO) {
2540 char tmp[TCP_CA_NAME_MAX];
2541
2542 nla_strlcpy(tmp, nla, sizeof(tmp));
2543 val = tcp_ca_get_key_by_name(net, tmp, &ecn_ca);
2544 if (val == TCP_CA_UNSPEC)
2545 goto err;
2546 } else {
2547 val = nla_get_u32(nla);
2548 }
2549 if (type == RTAX_HOPLIMIT && val > 255)
2550 val = 255;
2551 if (type == RTAX_FEATURES && (val & ~RTAX_FEATURE_MASK))
2552 goto err;
2553
2554 mp[type - 1] = val;
2555 __set_bit(type - 1, mxc->mx_valid);
2556 }
2557
2558 if (ecn_ca) {
2559 __set_bit(RTAX_FEATURES - 1, mxc->mx_valid);
2560 mp[RTAX_FEATURES - 1] |= DST_FEATURE_ECN_CA;
2561 }
2562
2563 mxc->mx = mp;
2564 return 0;
2565 err:
2566 kfree(mp);
2567 return -EINVAL;
2568 }
2569
2570 static struct rt6_info *ip6_nh_lookup_table(struct net *net,
2571 struct fib6_config *cfg,
2572 const struct in6_addr *gw_addr,
2573 u32 tbid, int flags)
2574 {
2575 struct flowi6 fl6 = {
2576 .flowi6_oif = cfg->fc_ifindex,
2577 .daddr = *gw_addr,
2578 .saddr = cfg->fc_prefsrc,
2579 };
2580 struct fib6_table *table;
2581 struct rt6_info *rt;
2582
2583 table = fib6_get_table(net, tbid);
2584 if (!table)
2585 return NULL;
2586
2587 if (!ipv6_addr_any(&cfg->fc_prefsrc))
2588 flags |= RT6_LOOKUP_F_HAS_SADDR;
2589
2590 flags |= RT6_LOOKUP_F_IGNORE_LINKSTATE;
2591 rt = ip6_pol_route(net, table, cfg->fc_ifindex, &fl6, NULL, flags);
2592
2593 /* if table lookup failed, fall back to full lookup */
2594 if (rt == net->ipv6.ip6_null_entry) {
2595 ip6_rt_put(rt);
2596 rt = NULL;
2597 }
2598
2599 return rt;
2600 }
2601
2602 static int ip6_route_check_nh_onlink(struct net *net,
2603 struct fib6_config *cfg,
2604 const struct net_device *dev,
2605 struct netlink_ext_ack *extack)
2606 {
2607 u32 tbid = l3mdev_fib_table(dev) ? : RT_TABLE_MAIN;
2608 const struct in6_addr *gw_addr = &cfg->fc_gateway;
2609 u32 flags = RTF_LOCAL | RTF_ANYCAST | RTF_REJECT;
2610 struct rt6_info *grt;
2611 int err;
2612
2613 err = 0;
2614 grt = ip6_nh_lookup_table(net, cfg, gw_addr, tbid, 0);
2615 if (grt) {
2616 if (!grt->dst.error &&
2617 (grt->rt6i_flags & flags || dev != grt->dst.dev)) {
2618 NL_SET_ERR_MSG(extack,
2619 "Nexthop has invalid gateway or device mismatch");
2620 err = -EINVAL;
2621 }
2622
2623 ip6_rt_put(grt);
2624 }
2625
2626 return err;
2627 }
2628
2629 static int ip6_route_check_nh(struct net *net,
2630 struct fib6_config *cfg,
2631 struct net_device **_dev,
2632 struct inet6_dev **idev)
2633 {
2634 const struct in6_addr *gw_addr = &cfg->fc_gateway;
2635 struct net_device *dev = _dev ? *_dev : NULL;
2636 struct rt6_info *grt = NULL;
2637 int err = -EHOSTUNREACH;
2638
2639 if (cfg->fc_table) {
2640 int flags = RT6_LOOKUP_F_IFACE;
2641
2642 grt = ip6_nh_lookup_table(net, cfg, gw_addr,
2643 cfg->fc_table, flags);
2644 if (grt) {
2645 if (grt->rt6i_flags & RTF_GATEWAY ||
2646 (dev && dev != grt->dst.dev)) {
2647 ip6_rt_put(grt);
2648 grt = NULL;
2649 }
2650 }
2651 }
2652
2653 if (!grt)
2654 grt = rt6_lookup(net, gw_addr, NULL, cfg->fc_ifindex, NULL, 1);
2655
2656 if (!grt)
2657 goto out;
2658
2659 if (dev) {
2660 if (dev != grt->dst.dev) {
2661 ip6_rt_put(grt);
2662 goto out;
2663 }
2664 } else {
2665 *_dev = dev = grt->dst.dev;
2666 *idev = grt->rt6i_idev;
2667 dev_hold(dev);
2668 in6_dev_hold(grt->rt6i_idev);
2669 }
2670
2671 if (!(grt->rt6i_flags & RTF_GATEWAY))
2672 err = 0;
2673
2674 ip6_rt_put(grt);
2675
2676 out:
2677 return err;
2678 }
2679
2680 static int ip6_validate_gw(struct net *net, struct fib6_config *cfg,
2681 struct net_device **_dev, struct inet6_dev **idev,
2682 struct netlink_ext_ack *extack)
2683 {
2684 const struct in6_addr *gw_addr = &cfg->fc_gateway;
2685 int gwa_type = ipv6_addr_type(gw_addr);
2686 bool skip_dev = gwa_type & IPV6_ADDR_LINKLOCAL ? false : true;
2687 const struct net_device *dev = *_dev;
2688 bool need_addr_check = !dev;
2689 int err = -EINVAL;
2690
2691 /* if gw_addr is local we will fail to detect this in case
2692 * address is still TENTATIVE (DAD in progress). rt6_lookup()
2693 * will return already-added prefix route via interface that
2694 * prefix route was assigned to, which might be non-loopback.
2695 */
2696 if (dev &&
2697 ipv6_chk_addr_and_flags(net, gw_addr, dev, skip_dev, 0, 0)) {
2698 NL_SET_ERR_MSG(extack, "Gateway can not be a local address");
2699 goto out;
2700 }
2701
2702 if (gwa_type != (IPV6_ADDR_LINKLOCAL | IPV6_ADDR_UNICAST)) {
2703 /* IPv6 strictly inhibits using not link-local
2704 * addresses as nexthop address.
2705 * Otherwise, router will not able to send redirects.
2706 * It is very good, but in some (rare!) circumstances
2707 * (SIT, PtP, NBMA NOARP links) it is handy to allow
2708 * some exceptions. --ANK
2709 * We allow IPv4-mapped nexthops to support RFC4798-type
2710 * addressing
2711 */
2712 if (!(gwa_type & (IPV6_ADDR_UNICAST | IPV6_ADDR_MAPPED))) {
2713 NL_SET_ERR_MSG(extack, "Invalid gateway address");
2714 goto out;
2715 }
2716
2717 if (cfg->fc_flags & RTNH_F_ONLINK)
2718 err = ip6_route_check_nh_onlink(net, cfg, dev, extack);
2719 else
2720 err = ip6_route_check_nh(net, cfg, _dev, idev);
2721
2722 if (err)
2723 goto out;
2724 }
2725
2726 /* reload in case device was changed */
2727 dev = *_dev;
2728
2729 err = -EINVAL;
2730 if (!dev) {
2731 NL_SET_ERR_MSG(extack, "Egress device not specified");
2732 goto out;
2733 } else if (dev->flags & IFF_LOOPBACK) {
2734 NL_SET_ERR_MSG(extack,
2735 "Egress device can not be loopback device for this route");
2736 goto out;
2737 }
2738
2739 /* if we did not check gw_addr above, do so now that the
2740 * egress device has been resolved.
2741 */
2742 if (need_addr_check &&
2743 ipv6_chk_addr_and_flags(net, gw_addr, dev, skip_dev, 0, 0)) {
2744 NL_SET_ERR_MSG(extack, "Gateway can not be a local address");
2745 goto out;
2746 }
2747
2748 err = 0;
2749 out:
2750 return err;
2751 }
2752
2753 static struct rt6_info *ip6_route_info_create(struct fib6_config *cfg,
2754 struct netlink_ext_ack *extack)
2755 {
2756 struct net *net = cfg->fc_nlinfo.nl_net;
2757 struct rt6_info *rt = NULL;
2758 struct net_device *dev = NULL;
2759 struct inet6_dev *idev = NULL;
2760 struct fib6_table *table;
2761 int addr_type;
2762 int err = -EINVAL;
2763
2764 /* RTF_PCPU is an internal flag; can not be set by userspace */
2765 if (cfg->fc_flags & RTF_PCPU) {
2766 NL_SET_ERR_MSG(extack, "Userspace can not set RTF_PCPU");
2767 goto out;
2768 }
2769
2770 /* RTF_CACHE is an internal flag; can not be set by userspace */
2771 if (cfg->fc_flags & RTF_CACHE) {
2772 NL_SET_ERR_MSG(extack, "Userspace can not set RTF_CACHE");
2773 goto out;
2774 }
2775
2776 if (cfg->fc_dst_len > 128) {
2777 NL_SET_ERR_MSG(extack, "Invalid prefix length");
2778 goto out;
2779 }
2780 if (cfg->fc_src_len > 128) {
2781 NL_SET_ERR_MSG(extack, "Invalid source address length");
2782 goto out;
2783 }
2784 #ifndef CONFIG_IPV6_SUBTREES
2785 if (cfg->fc_src_len) {
2786 NL_SET_ERR_MSG(extack,
2787 "Specifying source address requires IPV6_SUBTREES to be enabled");
2788 goto out;
2789 }
2790 #endif
2791 if (cfg->fc_ifindex) {
2792 err = -ENODEV;
2793 dev = dev_get_by_index(net, cfg->fc_ifindex);
2794 if (!dev)
2795 goto out;
2796 idev = in6_dev_get(dev);
2797 if (!idev)
2798 goto out;
2799 }
2800
2801 if (cfg->fc_metric == 0)
2802 cfg->fc_metric = IP6_RT_PRIO_USER;
2803
2804 if (cfg->fc_flags & RTNH_F_ONLINK) {
2805 if (!dev) {
2806 NL_SET_ERR_MSG(extack,
2807 "Nexthop device required for onlink");
2808 err = -ENODEV;
2809 goto out;
2810 }
2811
2812 if (!(dev->flags & IFF_UP)) {
2813 NL_SET_ERR_MSG(extack, "Nexthop device is not up");
2814 err = -ENETDOWN;
2815 goto out;
2816 }
2817 }
2818
2819 err = -ENOBUFS;
2820 if (cfg->fc_nlinfo.nlh &&
2821 !(cfg->fc_nlinfo.nlh->nlmsg_flags & NLM_F_CREATE)) {
2822 table = fib6_get_table(net, cfg->fc_table);
2823 if (!table) {
2824 pr_warn("NLM_F_CREATE should be specified when creating new route\n");
2825 table = fib6_new_table(net, cfg->fc_table);
2826 }
2827 } else {
2828 table = fib6_new_table(net, cfg->fc_table);
2829 }
2830
2831 if (!table)
2832 goto out;
2833
2834 rt = ip6_dst_alloc(net, NULL,
2835 (cfg->fc_flags & RTF_ADDRCONF) ? 0 : DST_NOCOUNT);
2836
2837 if (!rt) {
2838 err = -ENOMEM;
2839 goto out;
2840 }
2841
2842 if (cfg->fc_flags & RTF_EXPIRES)
2843 rt6_set_expires(rt, jiffies +
2844 clock_t_to_jiffies(cfg->fc_expires));
2845 else
2846 rt6_clean_expires(rt);
2847
2848 if (cfg->fc_protocol == RTPROT_UNSPEC)
2849 cfg->fc_protocol = RTPROT_BOOT;
2850 rt->rt6i_protocol = cfg->fc_protocol;
2851
2852 addr_type = ipv6_addr_type(&cfg->fc_dst);
2853
2854 if (addr_type & IPV6_ADDR_MULTICAST)
2855 rt->dst.input = ip6_mc_input;
2856 else if (cfg->fc_flags & RTF_LOCAL)
2857 rt->dst.input = ip6_input;
2858 else
2859 rt->dst.input = ip6_forward;
2860
2861 rt->dst.output = ip6_output;
2862
2863 if (cfg->fc_encap) {
2864 struct lwtunnel_state *lwtstate;
2865
2866 err = lwtunnel_build_state(cfg->fc_encap_type,
2867 cfg->fc_encap, AF_INET6, cfg,
2868 &lwtstate, extack);
2869 if (err)
2870 goto out;
2871 rt->dst.lwtstate = lwtstate_get(lwtstate);
2872 lwtunnel_set_redirect(&rt->dst);
2873 }
2874
2875 ipv6_addr_prefix(&rt->rt6i_dst.addr, &cfg->fc_dst, cfg->fc_dst_len);
2876 rt->rt6i_dst.plen = cfg->fc_dst_len;
2877 if (rt->rt6i_dst.plen == 128)
2878 rt->dst.flags |= DST_HOST;
2879
2880 #ifdef CONFIG_IPV6_SUBTREES
2881 ipv6_addr_prefix(&rt->rt6i_src.addr, &cfg->fc_src, cfg->fc_src_len);
2882 rt->rt6i_src.plen = cfg->fc_src_len;
2883 #endif
2884
2885 rt->rt6i_metric = cfg->fc_metric;
2886 rt->rt6i_nh_weight = 1;
2887
2888 /* We cannot add true routes via loopback here,
2889 they would result in kernel looping; promote them to reject routes
2890 */
2891 if ((cfg->fc_flags & RTF_REJECT) ||
2892 (dev && (dev->flags & IFF_LOOPBACK) &&
2893 !(addr_type & IPV6_ADDR_LOOPBACK) &&
2894 !(cfg->fc_flags & RTF_LOCAL))) {
2895 /* hold loopback dev/idev if we haven't done so. */
2896 if (dev != net->loopback_dev) {
2897 if (dev) {
2898 dev_put(dev);
2899 in6_dev_put(idev);
2900 }
2901 dev = net->loopback_dev;
2902 dev_hold(dev);
2903 idev = in6_dev_get(dev);
2904 if (!idev) {
2905 err = -ENODEV;
2906 goto out;
2907 }
2908 }
2909 rt->rt6i_flags = RTF_REJECT|RTF_NONEXTHOP;
2910 switch (cfg->fc_type) {
2911 case RTN_BLACKHOLE:
2912 rt->dst.error = -EINVAL;
2913 rt->dst.output = dst_discard_out;
2914 rt->dst.input = dst_discard;
2915 break;
2916 case RTN_PROHIBIT:
2917 rt->dst.error = -EACCES;
2918 rt->dst.output = ip6_pkt_prohibit_out;
2919 rt->dst.input = ip6_pkt_prohibit;
2920 break;
2921 case RTN_THROW:
2922 case RTN_UNREACHABLE:
2923 default:
2924 rt->dst.error = (cfg->fc_type == RTN_THROW) ? -EAGAIN
2925 : (cfg->fc_type == RTN_UNREACHABLE)
2926 ? -EHOSTUNREACH : -ENETUNREACH;
2927 rt->dst.output = ip6_pkt_discard_out;
2928 rt->dst.input = ip6_pkt_discard;
2929 break;
2930 }
2931 goto install_route;
2932 }
2933
2934 if (cfg->fc_flags & RTF_GATEWAY) {
2935 err = ip6_validate_gw(net, cfg, &dev, &idev, extack);
2936 if (err)
2937 goto out;
2938
2939 rt->rt6i_gateway = cfg->fc_gateway;
2940 }
2941
2942 err = -ENODEV;
2943 if (!dev)
2944 goto out;
2945
2946 if (idev->cnf.disable_ipv6) {
2947 NL_SET_ERR_MSG(extack, "IPv6 is disabled on nexthop device");
2948 err = -EACCES;
2949 goto out;
2950 }
2951
2952 if (!(dev->flags & IFF_UP)) {
2953 NL_SET_ERR_MSG(extack, "Nexthop device is not up");
2954 err = -ENETDOWN;
2955 goto out;
2956 }
2957
2958 if (!ipv6_addr_any(&cfg->fc_prefsrc)) {
2959 if (!ipv6_chk_addr(net, &cfg->fc_prefsrc, dev, 0)) {
2960 NL_SET_ERR_MSG(extack, "Invalid source address");
2961 err = -EINVAL;
2962 goto out;
2963 }
2964 rt->rt6i_prefsrc.addr = cfg->fc_prefsrc;
2965 rt->rt6i_prefsrc.plen = 128;
2966 } else
2967 rt->rt6i_prefsrc.plen = 0;
2968
2969 rt->rt6i_flags = cfg->fc_flags;
2970
2971 install_route:
2972 if (!(rt->rt6i_flags & (RTF_LOCAL | RTF_ANYCAST)) &&
2973 !netif_carrier_ok(dev))
2974 rt->rt6i_nh_flags |= RTNH_F_LINKDOWN;
2975 rt->rt6i_nh_flags |= (cfg->fc_flags & RTNH_F_ONLINK);
2976 rt->dst.dev = dev;
2977 rt->rt6i_idev = idev;
2978 rt->rt6i_table = table;
2979
2980 cfg->fc_nlinfo.nl_net = dev_net(dev);
2981
2982 return rt;
2983 out:
2984 if (dev)
2985 dev_put(dev);
2986 if (idev)
2987 in6_dev_put(idev);
2988 if (rt)
2989 dst_release_immediate(&rt->dst);
2990
2991 return ERR_PTR(err);
2992 }
2993
2994 int ip6_route_add(struct fib6_config *cfg,
2995 struct netlink_ext_ack *extack)
2996 {
2997 struct mx6_config mxc = { .mx = NULL, };
2998 struct rt6_info *rt;
2999 int err;
3000
3001 rt = ip6_route_info_create(cfg, extack);
3002 if (IS_ERR(rt)) {
3003 err = PTR_ERR(rt);
3004 rt = NULL;
3005 goto out;
3006 }
3007
3008 err = ip6_convert_metrics(&mxc, cfg);
3009 if (err)
3010 goto out;
3011
3012 err = __ip6_ins_rt(rt, &cfg->fc_nlinfo, &mxc, extack);
3013
3014 kfree(mxc.mx);
3015
3016 return err;
3017 out:
3018 if (rt)
3019 dst_release_immediate(&rt->dst);
3020
3021 return err;
3022 }
3023
3024 static int __ip6_del_rt(struct rt6_info *rt, struct nl_info *info)
3025 {
3026 int err;
3027 struct fib6_table *table;
3028 struct net *net = dev_net(rt->dst.dev);
3029
3030 if (rt == net->ipv6.ip6_null_entry) {
3031 err = -ENOENT;
3032 goto out;
3033 }
3034
3035 table = rt->rt6i_table;
3036 spin_lock_bh(&table->tb6_lock);
3037 err = fib6_del(rt, info);
3038 spin_unlock_bh(&table->tb6_lock);
3039
3040 out:
3041 ip6_rt_put(rt);
3042 return err;
3043 }
3044
3045 int ip6_del_rt(struct rt6_info *rt)
3046 {
3047 struct nl_info info = {
3048 .nl_net = dev_net(rt->dst.dev),
3049 };
3050 return __ip6_del_rt(rt, &info);
3051 }
3052
3053 static int __ip6_del_rt_siblings(struct rt6_info *rt, struct fib6_config *cfg)
3054 {
3055 struct nl_info *info = &cfg->fc_nlinfo;
3056 struct net *net = info->nl_net;
3057 struct sk_buff *skb = NULL;
3058 struct fib6_table *table;
3059 int err = -ENOENT;
3060
3061 if (rt == net->ipv6.ip6_null_entry)
3062 goto out_put;
3063 table = rt->rt6i_table;
3064 spin_lock_bh(&table->tb6_lock);
3065
3066 if (rt->rt6i_nsiblings && cfg->fc_delete_all_nh) {
3067 struct rt6_info *sibling, *next_sibling;
3068
3069 /* prefer to send a single notification with all hops */
3070 skb = nlmsg_new(rt6_nlmsg_size(rt), gfp_any());
3071 if (skb) {
3072 u32 seq = info->nlh ? info->nlh->nlmsg_seq : 0;
3073
3074 if (rt6_fill_node(net, skb, rt,
3075 NULL, NULL, 0, RTM_DELROUTE,
3076 info->portid, seq, 0) < 0) {
3077 kfree_skb(skb);
3078 skb = NULL;
3079 } else
3080 info->skip_notify = 1;
3081 }
3082
3083 list_for_each_entry_safe(sibling, next_sibling,
3084 &rt->rt6i_siblings,
3085 rt6i_siblings) {
3086 err = fib6_del(sibling, info);
3087 if (err)
3088 goto out_unlock;
3089 }
3090 }
3091
3092 err = fib6_del(rt, info);
3093 out_unlock:
3094 spin_unlock_bh(&table->tb6_lock);
3095 out_put:
3096 ip6_rt_put(rt);
3097
3098 if (skb) {
3099 rtnl_notify(skb, net, info->portid, RTNLGRP_IPV6_ROUTE,
3100 info->nlh, gfp_any());
3101 }
3102 return err;
3103 }
3104
3105 static int ip6_route_del(struct fib6_config *cfg,
3106 struct netlink_ext_ack *extack)
3107 {
3108 struct rt6_info *rt, *rt_cache;
3109 struct fib6_table *table;
3110 struct fib6_node *fn;
3111 int err = -ESRCH;
3112
3113 table = fib6_get_table(cfg->fc_nlinfo.nl_net, cfg->fc_table);
3114 if (!table) {
3115 NL_SET_ERR_MSG(extack, "FIB table does not exist");
3116 return err;
3117 }
3118
3119 rcu_read_lock();
3120
3121 fn = fib6_locate(&table->tb6_root,
3122 &cfg->fc_dst, cfg->fc_dst_len,
3123 &cfg->fc_src, cfg->fc_src_len,
3124 !(cfg->fc_flags & RTF_CACHE));
3125
3126 if (fn) {
3127 for_each_fib6_node_rt_rcu(fn) {
3128 if (cfg->fc_flags & RTF_CACHE) {
3129 rt_cache = rt6_find_cached_rt(rt, &cfg->fc_dst,
3130 &cfg->fc_src);
3131 if (!rt_cache)
3132 continue;
3133 rt = rt_cache;
3134 }
3135 if (cfg->fc_ifindex &&
3136 (!rt->dst.dev ||
3137 rt->dst.dev->ifindex != cfg->fc_ifindex))
3138 continue;
3139 if (cfg->fc_flags & RTF_GATEWAY &&
3140 !ipv6_addr_equal(&cfg->fc_gateway, &rt->rt6i_gateway))
3141 continue;
3142 if (cfg->fc_metric && cfg->fc_metric != rt->rt6i_metric)
3143 continue;
3144 if (cfg->fc_protocol && cfg->fc_protocol != rt->rt6i_protocol)
3145 continue;
3146 if (!dst_hold_safe(&rt->dst))
3147 break;
3148 rcu_read_unlock();
3149
3150 /* if gateway was specified only delete the one hop */
3151 if (cfg->fc_flags & RTF_GATEWAY)
3152 return __ip6_del_rt(rt, &cfg->fc_nlinfo);
3153
3154 return __ip6_del_rt_siblings(rt, cfg);
3155 }
3156 }
3157 rcu_read_unlock();
3158
3159 return err;
3160 }
3161
3162 static void rt6_do_redirect(struct dst_entry *dst, struct sock *sk, struct sk_buff *skb)
3163 {
3164 struct netevent_redirect netevent;
3165 struct rt6_info *rt, *nrt = NULL;
3166 struct ndisc_options ndopts;
3167 struct inet6_dev *in6_dev;
3168 struct neighbour *neigh;
3169 struct rd_msg *msg;
3170 int optlen, on_link;
3171 u8 *lladdr;
3172
3173 optlen = skb_tail_pointer(skb) - skb_transport_header(skb);
3174 optlen -= sizeof(*msg);
3175
3176 if (optlen < 0) {
3177 net_dbg_ratelimited("rt6_do_redirect: packet too short\n");
3178 return;
3179 }
3180
3181 msg = (struct rd_msg *)icmp6_hdr(skb);
3182
3183 if (ipv6_addr_is_multicast(&msg->dest)) {
3184 net_dbg_ratelimited("rt6_do_redirect: destination address is multicast\n");
3185 return;
3186 }
3187
3188 on_link = 0;
3189 if (ipv6_addr_equal(&msg->dest, &msg->target)) {
3190 on_link = 1;
3191 } else if (ipv6_addr_type(&msg->target) !=
3192 (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
3193 net_dbg_ratelimited("rt6_do_redirect: target address is not link-local unicast\n");
3194 return;
3195 }
3196
3197 in6_dev = __in6_dev_get(skb->dev);
3198 if (!in6_dev)
3199 return;
3200 if (in6_dev->cnf.forwarding || !in6_dev->cnf.accept_redirects)
3201 return;
3202
3203 /* RFC2461 8.1:
3204 * The IP source address of the Redirect MUST be the same as the current
3205 * first-hop router for the specified ICMP Destination Address.
3206 */
3207
3208 if (!ndisc_parse_options(skb->dev, msg->opt, optlen, &ndopts)) {
3209 net_dbg_ratelimited("rt6_redirect: invalid ND options\n");
3210 return;
3211 }
3212
3213 lladdr = NULL;
3214 if (ndopts.nd_opts_tgt_lladdr) {
3215 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr,
3216 skb->dev);
3217 if (!lladdr) {
3218 net_dbg_ratelimited("rt6_redirect: invalid link-layer address length\n");
3219 return;
3220 }
3221 }
3222
3223 rt = (struct rt6_info *) dst;
3224 if (rt->rt6i_flags & RTF_REJECT) {
3225 net_dbg_ratelimited("rt6_redirect: source isn't a valid nexthop for redirect target\n");
3226 return;
3227 }
3228
3229 /* Redirect received -> path was valid.
3230 * Look, redirects are sent only in response to data packets,
3231 * so that this nexthop apparently is reachable. --ANK
3232 */
3233 dst_confirm_neigh(&rt->dst, &ipv6_hdr(skb)->saddr);
3234
3235 neigh = __neigh_lookup(&nd_tbl, &msg->target, skb->dev, 1);
3236 if (!neigh)
3237 return;
3238
3239 /*
3240 * We have finally decided to accept it.
3241 */
3242
3243 ndisc_update(skb->dev, neigh, lladdr, NUD_STALE,
3244 NEIGH_UPDATE_F_WEAK_OVERRIDE|
3245 NEIGH_UPDATE_F_OVERRIDE|
3246 (on_link ? 0 : (NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
3247 NEIGH_UPDATE_F_ISROUTER)),
3248 NDISC_REDIRECT, &ndopts);
3249
3250 nrt = ip6_rt_cache_alloc(rt, &msg->dest, NULL);
3251 if (!nrt)
3252 goto out;
3253
3254 nrt->rt6i_flags = RTF_GATEWAY|RTF_UP|RTF_DYNAMIC|RTF_CACHE;
3255 if (on_link)
3256 nrt->rt6i_flags &= ~RTF_GATEWAY;
3257
3258 nrt->rt6i_protocol = RTPROT_REDIRECT;
3259 nrt->rt6i_gateway = *(struct in6_addr *)neigh->primary_key;
3260
3261 /* No need to remove rt from the exception table if rt is
3262 * a cached route because rt6_insert_exception() will
3263 * takes care of it
3264 */
3265 if (rt6_insert_exception(nrt, rt)) {
3266 dst_release_immediate(&nrt->dst);
3267 goto out;
3268 }
3269
3270 netevent.old = &rt->dst;
3271 netevent.new = &nrt->dst;
3272 netevent.daddr = &msg->dest;
3273 netevent.neigh = neigh;
3274 call_netevent_notifiers(NETEVENT_REDIRECT, &netevent);
3275
3276 out:
3277 neigh_release(neigh);
3278 }
3279
3280 /*
3281 * Misc support functions
3282 */
3283
3284 static void rt6_set_from(struct rt6_info *rt, struct rt6_info *from)
3285 {
3286 BUG_ON(from->from);
3287
3288 rt->rt6i_flags &= ~RTF_EXPIRES;
3289 dst_hold(&from->dst);
3290 rt->from = from;
3291 dst_init_metrics(&rt->dst, dst_metrics_ptr(&from->dst), true);
3292 }
3293
3294 static void ip6_rt_copy_init(struct rt6_info *rt, struct rt6_info *ort)
3295 {
3296 rt->dst.input = ort->dst.input;
3297 rt->dst.output = ort->dst.output;
3298 rt->rt6i_dst = ort->rt6i_dst;
3299 rt->dst.error = ort->dst.error;
3300 rt->rt6i_idev = ort->rt6i_idev;
3301 if (rt->rt6i_idev)
3302 in6_dev_hold(rt->rt6i_idev);
3303 rt->dst.lastuse = jiffies;
3304 rt->rt6i_gateway = ort->rt6i_gateway;
3305 rt->rt6i_flags = ort->rt6i_flags;
3306 rt6_set_from(rt, ort);
3307 rt->rt6i_metric = ort->rt6i_metric;
3308 #ifdef CONFIG_IPV6_SUBTREES
3309 rt->rt6i_src = ort->rt6i_src;
3310 #endif
3311 rt->rt6i_prefsrc = ort->rt6i_prefsrc;
3312 rt->rt6i_table = ort->rt6i_table;
3313 rt->dst.lwtstate = lwtstate_get(ort->dst.lwtstate);
3314 }
3315
3316 #ifdef CONFIG_IPV6_ROUTE_INFO
3317 static struct rt6_info *rt6_get_route_info(struct net *net,
3318 const struct in6_addr *prefix, int prefixlen,
3319 const struct in6_addr *gwaddr,
3320 struct net_device *dev)
3321 {
3322 u32 tb_id = l3mdev_fib_table(dev) ? : RT6_TABLE_INFO;
3323 int ifindex = dev->ifindex;
3324 struct fib6_node *fn;
3325 struct rt6_info *rt = NULL;
3326 struct fib6_table *table;
3327
3328 table = fib6_get_table(net, tb_id);
3329 if (!table)
3330 return NULL;
3331
3332 rcu_read_lock();
3333 fn = fib6_locate(&table->tb6_root, prefix, prefixlen, NULL, 0, true);
3334 if (!fn)
3335 goto out;
3336
3337 for_each_fib6_node_rt_rcu(fn) {
3338 if (rt->dst.dev->ifindex != ifindex)
3339 continue;
3340 if ((rt->rt6i_flags & (RTF_ROUTEINFO|RTF_GATEWAY)) != (RTF_ROUTEINFO|RTF_GATEWAY))
3341 continue;
3342 if (!ipv6_addr_equal(&rt->rt6i_gateway, gwaddr))
3343 continue;
3344 ip6_hold_safe(NULL, &rt, false);
3345 break;
3346 }
3347 out:
3348 rcu_read_unlock();
3349 return rt;
3350 }
3351
3352 static struct rt6_info *rt6_add_route_info(struct net *net,
3353 const struct in6_addr *prefix, int prefixlen,
3354 const struct in6_addr *gwaddr,
3355 struct net_device *dev,
3356 unsigned int pref)
3357 {
3358 struct fib6_config cfg = {
3359 .fc_metric = IP6_RT_PRIO_USER,
3360 .fc_ifindex = dev->ifindex,
3361 .fc_dst_len = prefixlen,
3362 .fc_flags = RTF_GATEWAY | RTF_ADDRCONF | RTF_ROUTEINFO |
3363 RTF_UP | RTF_PREF(pref),
3364 .fc_protocol = RTPROT_RA,
3365 .fc_nlinfo.portid = 0,
3366 .fc_nlinfo.nlh = NULL,
3367 .fc_nlinfo.nl_net = net,
3368 };
3369
3370 cfg.fc_table = l3mdev_fib_table(dev) ? : RT6_TABLE_INFO,
3371 cfg.fc_dst = *prefix;
3372 cfg.fc_gateway = *gwaddr;
3373
3374 /* We should treat it as a default route if prefix length is 0. */
3375 if (!prefixlen)
3376 cfg.fc_flags |= RTF_DEFAULT;
3377
3378 ip6_route_add(&cfg, NULL);
3379
3380 return rt6_get_route_info(net, prefix, prefixlen, gwaddr, dev);
3381 }
3382 #endif
3383
3384 struct rt6_info *rt6_get_dflt_router(const struct in6_addr *addr, struct net_device *dev)
3385 {
3386 u32 tb_id = l3mdev_fib_table(dev) ? : RT6_TABLE_DFLT;
3387 struct rt6_info *rt;
3388 struct fib6_table *table;
3389
3390 table = fib6_get_table(dev_net(dev), tb_id);
3391 if (!table)
3392 return NULL;
3393
3394 rcu_read_lock();
3395 for_each_fib6_node_rt_rcu(&table->tb6_root) {
3396 if (dev == rt->dst.dev &&
3397 ((rt->rt6i_flags & (RTF_ADDRCONF | RTF_DEFAULT)) == (RTF_ADDRCONF | RTF_DEFAULT)) &&
3398 ipv6_addr_equal(&rt->rt6i_gateway, addr))
3399 break;
3400 }
3401 if (rt)
3402 ip6_hold_safe(NULL, &rt, false);
3403 rcu_read_unlock();
3404 return rt;
3405 }
3406
3407 struct rt6_info *rt6_add_dflt_router(const struct in6_addr *gwaddr,
3408 struct net_device *dev,
3409 unsigned int pref)
3410 {
3411 struct fib6_config cfg = {
3412 .fc_table = l3mdev_fib_table(dev) ? : RT6_TABLE_DFLT,
3413 .fc_metric = IP6_RT_PRIO_USER,
3414 .fc_ifindex = dev->ifindex,
3415 .fc_flags = RTF_GATEWAY | RTF_ADDRCONF | RTF_DEFAULT |
3416 RTF_UP | RTF_EXPIRES | RTF_PREF(pref),
3417 .fc_protocol = RTPROT_RA,
3418 .fc_nlinfo.portid = 0,
3419 .fc_nlinfo.nlh = NULL,
3420 .fc_nlinfo.nl_net = dev_net(dev),
3421 };
3422
3423 cfg.fc_gateway = *gwaddr;
3424
3425 if (!ip6_route_add(&cfg, NULL)) {
3426 struct fib6_table *table;
3427
3428 table = fib6_get_table(dev_net(dev), cfg.fc_table);
3429 if (table)
3430 table->flags |= RT6_TABLE_HAS_DFLT_ROUTER;
3431 }
3432
3433 return rt6_get_dflt_router(gwaddr, dev);
3434 }
3435
3436 static void __rt6_purge_dflt_routers(struct fib6_table *table)
3437 {
3438 struct rt6_info *rt;
3439
3440 restart:
3441 rcu_read_lock();
3442 for_each_fib6_node_rt_rcu(&table->tb6_root) {
3443 if (rt->rt6i_flags & (RTF_DEFAULT | RTF_ADDRCONF) &&
3444 (!rt->rt6i_idev || rt->rt6i_idev->cnf.accept_ra != 2)) {
3445 if (dst_hold_safe(&rt->dst)) {
3446 rcu_read_unlock();
3447 ip6_del_rt(rt);
3448 } else {
3449 rcu_read_unlock();
3450 }
3451 goto restart;
3452 }
3453 }
3454 rcu_read_unlock();
3455
3456 table->flags &= ~RT6_TABLE_HAS_DFLT_ROUTER;
3457 }
3458
3459 void rt6_purge_dflt_routers(struct net *net)
3460 {
3461 struct fib6_table *table;
3462 struct hlist_head *head;
3463 unsigned int h;
3464
3465 rcu_read_lock();
3466
3467 for (h = 0; h < FIB6_TABLE_HASHSZ; h++) {
3468 head = &net->ipv6.fib_table_hash[h];
3469 hlist_for_each_entry_rcu(table, head, tb6_hlist) {
3470 if (table->flags & RT6_TABLE_HAS_DFLT_ROUTER)
3471 __rt6_purge_dflt_routers(table);
3472 }
3473 }
3474
3475 rcu_read_unlock();
3476 }
3477
3478 static void rtmsg_to_fib6_config(struct net *net,
3479 struct in6_rtmsg *rtmsg,
3480 struct fib6_config *cfg)
3481 {
3482 memset(cfg, 0, sizeof(*cfg));
3483
3484 cfg->fc_table = l3mdev_fib_table_by_index(net, rtmsg->rtmsg_ifindex) ?
3485 : RT6_TABLE_MAIN;
3486 cfg->fc_ifindex = rtmsg->rtmsg_ifindex;
3487 cfg->fc_metric = rtmsg->rtmsg_metric;
3488 cfg->fc_expires = rtmsg->rtmsg_info;
3489 cfg->fc_dst_len = rtmsg->rtmsg_dst_len;
3490 cfg->fc_src_len = rtmsg->rtmsg_src_len;
3491 cfg->fc_flags = rtmsg->rtmsg_flags;
3492
3493 cfg->fc_nlinfo.nl_net = net;
3494
3495 cfg->fc_dst = rtmsg->rtmsg_dst;
3496 cfg->fc_src = rtmsg->rtmsg_src;
3497 cfg->fc_gateway = rtmsg->rtmsg_gateway;
3498 }
3499
3500 int ipv6_route_ioctl(struct net *net, unsigned int cmd, void __user *arg)
3501 {
3502 struct fib6_config cfg;
3503 struct in6_rtmsg rtmsg;
3504 int err;
3505
3506 switch (cmd) {
3507 case SIOCADDRT: /* Add a route */
3508 case SIOCDELRT: /* Delete a route */
3509 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
3510 return -EPERM;
3511 err = copy_from_user(&rtmsg, arg,
3512 sizeof(struct in6_rtmsg));
3513 if (err)
3514 return -EFAULT;
3515
3516 rtmsg_to_fib6_config(net, &rtmsg, &cfg);
3517
3518 rtnl_lock();
3519 switch (cmd) {
3520 case SIOCADDRT:
3521 err = ip6_route_add(&cfg, NULL);
3522 break;
3523 case SIOCDELRT:
3524 err = ip6_route_del(&cfg, NULL);
3525 break;
3526 default:
3527 err = -EINVAL;
3528 }
3529 rtnl_unlock();
3530
3531 return err;
3532 }
3533
3534 return -EINVAL;
3535 }
3536
3537 /*
3538 * Drop the packet on the floor
3539 */
3540
3541 static int ip6_pkt_drop(struct sk_buff *skb, u8 code, int ipstats_mib_noroutes)
3542 {
3543 int type;
3544 struct dst_entry *dst = skb_dst(skb);
3545 switch (ipstats_mib_noroutes) {
3546 case IPSTATS_MIB_INNOROUTES:
3547 type = ipv6_addr_type(&ipv6_hdr(skb)->daddr);
3548 if (type == IPV6_ADDR_ANY) {
3549 IP6_INC_STATS(dev_net(dst->dev), ip6_dst_idev(dst),
3550 IPSTATS_MIB_INADDRERRORS);
3551 break;
3552 }
3553 /* FALLTHROUGH */
3554 case IPSTATS_MIB_OUTNOROUTES:
3555 IP6_INC_STATS(dev_net(dst->dev), ip6_dst_idev(dst),
3556 ipstats_mib_noroutes);
3557 break;
3558 }
3559 icmpv6_send(skb, ICMPV6_DEST_UNREACH, code, 0);
3560 kfree_skb(skb);
3561 return 0;
3562 }
3563
3564 static int ip6_pkt_discard(struct sk_buff *skb)
3565 {
3566 return ip6_pkt_drop(skb, ICMPV6_NOROUTE, IPSTATS_MIB_INNOROUTES);
3567 }
3568
3569 static int ip6_pkt_discard_out(struct net *net, struct sock *sk, struct sk_buff *skb)
3570 {
3571 skb->dev = skb_dst(skb)->dev;
3572 return ip6_pkt_drop(skb, ICMPV6_NOROUTE, IPSTATS_MIB_OUTNOROUTES);
3573 }
3574
3575 static int ip6_pkt_prohibit(struct sk_buff *skb)
3576 {
3577 return ip6_pkt_drop(skb, ICMPV6_ADM_PROHIBITED, IPSTATS_MIB_INNOROUTES);
3578 }
3579
3580 static int ip6_pkt_prohibit_out(struct net *net, struct sock *sk, struct sk_buff *skb)
3581 {
3582 skb->dev = skb_dst(skb)->dev;
3583 return ip6_pkt_drop(skb, ICMPV6_ADM_PROHIBITED, IPSTATS_MIB_OUTNOROUTES);
3584 }
3585
3586 /*
3587 * Allocate a dst for local (unicast / anycast) address.
3588 */
3589
3590 struct rt6_info *addrconf_dst_alloc(struct inet6_dev *idev,
3591 const struct in6_addr *addr,
3592 bool anycast)
3593 {
3594 u32 tb_id;
3595 struct net *net = dev_net(idev->dev);
3596 struct net_device *dev = idev->dev;
3597 struct rt6_info *rt;
3598
3599 rt = ip6_dst_alloc(net, dev, DST_NOCOUNT);
3600 if (!rt)
3601 return ERR_PTR(-ENOMEM);
3602
3603 in6_dev_hold(idev);
3604
3605 rt->dst.flags |= DST_HOST;
3606 rt->dst.input = ip6_input;
3607 rt->dst.output = ip6_output;
3608 rt->rt6i_idev = idev;
3609
3610 rt->rt6i_protocol = RTPROT_KERNEL;
3611 rt->rt6i_flags = RTF_UP | RTF_NONEXTHOP;
3612 if (anycast)
3613 rt->rt6i_flags |= RTF_ANYCAST;
3614 else
3615 rt->rt6i_flags |= RTF_LOCAL;
3616
3617 rt->rt6i_gateway = *addr;
3618 rt->rt6i_dst.addr = *addr;
3619 rt->rt6i_dst.plen = 128;
3620 tb_id = l3mdev_fib_table(idev->dev) ? : RT6_TABLE_LOCAL;
3621 rt->rt6i_table = fib6_get_table(net, tb_id);
3622
3623 return rt;
3624 }
3625
3626 /* remove deleted ip from prefsrc entries */
3627 struct arg_dev_net_ip {
3628 struct net_device *dev;
3629 struct net *net;
3630 struct in6_addr *addr;
3631 };
3632
3633 static int fib6_remove_prefsrc(struct rt6_info *rt, void *arg)
3634 {
3635 struct net_device *dev = ((struct arg_dev_net_ip *)arg)->dev;
3636 struct net *net = ((struct arg_dev_net_ip *)arg)->net;
3637 struct in6_addr *addr = ((struct arg_dev_net_ip *)arg)->addr;
3638
3639 if (((void *)rt->dst.dev == dev || !dev) &&
3640 rt != net->ipv6.ip6_null_entry &&
3641 ipv6_addr_equal(addr, &rt->rt6i_prefsrc.addr)) {
3642 spin_lock_bh(&rt6_exception_lock);
3643 /* remove prefsrc entry */
3644 rt->rt6i_prefsrc.plen = 0;
3645 /* need to update cache as well */
3646 rt6_exceptions_remove_prefsrc(rt);
3647 spin_unlock_bh(&rt6_exception_lock);
3648 }
3649 return 0;
3650 }
3651
3652 void rt6_remove_prefsrc(struct inet6_ifaddr *ifp)
3653 {
3654 struct net *net = dev_net(ifp->idev->dev);
3655 struct arg_dev_net_ip adni = {
3656 .dev = ifp->idev->dev,
3657 .net = net,
3658 .addr = &ifp->addr,
3659 };
3660 fib6_clean_all(net, fib6_remove_prefsrc, &adni);
3661 }
3662
3663 #define RTF_RA_ROUTER (RTF_ADDRCONF | RTF_DEFAULT | RTF_GATEWAY)
3664
3665 /* Remove routers and update dst entries when gateway turn into host. */
3666 static int fib6_clean_tohost(struct rt6_info *rt, void *arg)
3667 {
3668 struct in6_addr *gateway = (struct in6_addr *)arg;
3669
3670 if (((rt->rt6i_flags & RTF_RA_ROUTER) == RTF_RA_ROUTER) &&
3671 ipv6_addr_equal(gateway, &rt->rt6i_gateway)) {
3672 return -1;
3673 }
3674
3675 /* Further clean up cached routes in exception table.
3676 * This is needed because cached route may have a different
3677 * gateway than its 'parent' in the case of an ip redirect.
3678 */
3679 rt6_exceptions_clean_tohost(rt, gateway);
3680
3681 return 0;
3682 }
3683
3684 void rt6_clean_tohost(struct net *net, struct in6_addr *gateway)
3685 {
3686 fib6_clean_all(net, fib6_clean_tohost, gateway);
3687 }
3688
3689 struct arg_netdev_event {
3690 const struct net_device *dev;
3691 union {
3692 unsigned int nh_flags;
3693 unsigned long event;
3694 };
3695 };
3696
3697 static struct rt6_info *rt6_multipath_first_sibling(const struct rt6_info *rt)
3698 {
3699 struct rt6_info *iter;
3700 struct fib6_node *fn;
3701
3702 fn = rcu_dereference_protected(rt->rt6i_node,
3703 lockdep_is_held(&rt->rt6i_table->tb6_lock));
3704 iter = rcu_dereference_protected(fn->leaf,
3705 lockdep_is_held(&rt->rt6i_table->tb6_lock));
3706 while (iter) {
3707 if (iter->rt6i_metric == rt->rt6i_metric &&
3708 rt6_qualify_for_ecmp(iter))
3709 return iter;
3710 iter = rcu_dereference_protected(iter->rt6_next,
3711 lockdep_is_held(&rt->rt6i_table->tb6_lock));
3712 }
3713
3714 return NULL;
3715 }
3716
3717 static bool rt6_is_dead(const struct rt6_info *rt)
3718 {
3719 if (rt->rt6i_nh_flags & RTNH_F_DEAD ||
3720 (rt->rt6i_nh_flags & RTNH_F_LINKDOWN &&
3721 rt->rt6i_idev->cnf.ignore_routes_with_linkdown))
3722 return true;
3723
3724 return false;
3725 }
3726
3727 static int rt6_multipath_total_weight(const struct rt6_info *rt)
3728 {
3729 struct rt6_info *iter;
3730 int total = 0;
3731
3732 if (!rt6_is_dead(rt))
3733 total += rt->rt6i_nh_weight;
3734
3735 list_for_each_entry(iter, &rt->rt6i_siblings, rt6i_siblings) {
3736 if (!rt6_is_dead(iter))
3737 total += iter->rt6i_nh_weight;
3738 }
3739
3740 return total;
3741 }
3742
3743 static void rt6_upper_bound_set(struct rt6_info *rt, int *weight, int total)
3744 {
3745 int upper_bound = -1;
3746
3747 if (!rt6_is_dead(rt)) {
3748 *weight += rt->rt6i_nh_weight;
3749 upper_bound = DIV_ROUND_CLOSEST_ULL((u64) (*weight) << 31,
3750 total) - 1;
3751 }
3752 atomic_set(&rt->rt6i_nh_upper_bound, upper_bound);
3753 }
3754
3755 static void rt6_multipath_upper_bound_set(struct rt6_info *rt, int total)
3756 {
3757 struct rt6_info *iter;
3758 int weight = 0;
3759
3760 rt6_upper_bound_set(rt, &weight, total);
3761
3762 list_for_each_entry(iter, &rt->rt6i_siblings, rt6i_siblings)
3763 rt6_upper_bound_set(iter, &weight, total);
3764 }
3765
3766 void rt6_multipath_rebalance(struct rt6_info *rt)
3767 {
3768 struct rt6_info *first;
3769 int total;
3770
3771 /* In case the entire multipath route was marked for flushing,
3772 * then there is no need to rebalance upon the removal of every
3773 * sibling route.
3774 */
3775 if (!rt->rt6i_nsiblings || rt->should_flush)
3776 return;
3777
3778 /* During lookup routes are evaluated in order, so we need to
3779 * make sure upper bounds are assigned from the first sibling
3780 * onwards.
3781 */
3782 first = rt6_multipath_first_sibling(rt);
3783 if (WARN_ON_ONCE(!first))
3784 return;
3785
3786 total = rt6_multipath_total_weight(first);
3787 rt6_multipath_upper_bound_set(first, total);
3788 }
3789
3790 static int fib6_ifup(struct rt6_info *rt, void *p_arg)
3791 {
3792 const struct arg_netdev_event *arg = p_arg;
3793 const struct net *net = dev_net(arg->dev);
3794
3795 if (rt != net->ipv6.ip6_null_entry && rt->dst.dev == arg->dev) {
3796 rt->rt6i_nh_flags &= ~arg->nh_flags;
3797 fib6_update_sernum_upto_root(dev_net(rt->dst.dev), rt);
3798 rt6_multipath_rebalance(rt);
3799 }
3800
3801 return 0;
3802 }
3803
3804 void rt6_sync_up(struct net_device *dev, unsigned int nh_flags)
3805 {
3806 struct arg_netdev_event arg = {
3807 .dev = dev,
3808 {
3809 .nh_flags = nh_flags,
3810 },
3811 };
3812
3813 if (nh_flags & RTNH_F_DEAD && netif_carrier_ok(dev))
3814 arg.nh_flags |= RTNH_F_LINKDOWN;
3815
3816 fib6_clean_all(dev_net(dev), fib6_ifup, &arg);
3817 }
3818
3819 static bool rt6_multipath_uses_dev(const struct rt6_info *rt,
3820 const struct net_device *dev)
3821 {
3822 struct rt6_info *iter;
3823
3824 if (rt->dst.dev == dev)
3825 return true;
3826 list_for_each_entry(iter, &rt->rt6i_siblings, rt6i_siblings)
3827 if (iter->dst.dev == dev)
3828 return true;
3829
3830 return false;
3831 }
3832
3833 static void rt6_multipath_flush(struct rt6_info *rt)
3834 {
3835 struct rt6_info *iter;
3836
3837 rt->should_flush = 1;
3838 list_for_each_entry(iter, &rt->rt6i_siblings, rt6i_siblings)
3839 iter->should_flush = 1;
3840 }
3841
3842 static unsigned int rt6_multipath_dead_count(const struct rt6_info *rt,
3843 const struct net_device *down_dev)
3844 {
3845 struct rt6_info *iter;
3846 unsigned int dead = 0;
3847
3848 if (rt->dst.dev == down_dev || rt->rt6i_nh_flags & RTNH_F_DEAD)
3849 dead++;
3850 list_for_each_entry(iter, &rt->rt6i_siblings, rt6i_siblings)
3851 if (iter->dst.dev == down_dev ||
3852 iter->rt6i_nh_flags & RTNH_F_DEAD)
3853 dead++;
3854
3855 return dead;
3856 }
3857
3858 static void rt6_multipath_nh_flags_set(struct rt6_info *rt,
3859 const struct net_device *dev,
3860 unsigned int nh_flags)
3861 {
3862 struct rt6_info *iter;
3863
3864 if (rt->dst.dev == dev)
3865 rt->rt6i_nh_flags |= nh_flags;
3866 list_for_each_entry(iter, &rt->rt6i_siblings, rt6i_siblings)
3867 if (iter->dst.dev == dev)
3868 iter->rt6i_nh_flags |= nh_flags;
3869 }
3870
3871 /* called with write lock held for table with rt */
3872 static int fib6_ifdown(struct rt6_info *rt, void *p_arg)
3873 {
3874 const struct arg_netdev_event *arg = p_arg;
3875 const struct net_device *dev = arg->dev;
3876 const struct net *net = dev_net(dev);
3877
3878 if (rt == net->ipv6.ip6_null_entry)
3879 return 0;
3880
3881 switch (arg->event) {
3882 case NETDEV_UNREGISTER:
3883 return rt->dst.dev == dev ? -1 : 0;
3884 case NETDEV_DOWN:
3885 if (rt->should_flush)
3886 return -1;
3887 if (!rt->rt6i_nsiblings)
3888 return rt->dst.dev == dev ? -1 : 0;
3889 if (rt6_multipath_uses_dev(rt, dev)) {
3890 unsigned int count;
3891
3892 count = rt6_multipath_dead_count(rt, dev);
3893 if (rt->rt6i_nsiblings + 1 == count) {
3894 rt6_multipath_flush(rt);
3895 return -1;
3896 }
3897 rt6_multipath_nh_flags_set(rt, dev, RTNH_F_DEAD |
3898 RTNH_F_LINKDOWN);
3899 fib6_update_sernum(rt);
3900 rt6_multipath_rebalance(rt);
3901 }
3902 return -2;
3903 case NETDEV_CHANGE:
3904 if (rt->dst.dev != dev ||
3905 rt->rt6i_flags & (RTF_LOCAL | RTF_ANYCAST))
3906 break;
3907 rt->rt6i_nh_flags |= RTNH_F_LINKDOWN;
3908 rt6_multipath_rebalance(rt);
3909 break;
3910 }
3911
3912 return 0;
3913 }
3914
3915 void rt6_sync_down_dev(struct net_device *dev, unsigned long event)
3916 {
3917 struct arg_netdev_event arg = {
3918 .dev = dev,
3919 {
3920 .event = event,
3921 },
3922 };
3923
3924 fib6_clean_all(dev_net(dev), fib6_ifdown, &arg);
3925 }
3926
3927 void rt6_disable_ip(struct net_device *dev, unsigned long event)
3928 {
3929 rt6_sync_down_dev(dev, event);
3930 rt6_uncached_list_flush_dev(dev_net(dev), dev);
3931 neigh_ifdown(&nd_tbl, dev);
3932 }
3933
3934 struct rt6_mtu_change_arg {
3935 struct net_device *dev;
3936 unsigned int mtu;
3937 };
3938
3939 static int rt6_mtu_change_route(struct rt6_info *rt, void *p_arg)
3940 {
3941 struct rt6_mtu_change_arg *arg = (struct rt6_mtu_change_arg *) p_arg;
3942 struct inet6_dev *idev;
3943
3944 /* In IPv6 pmtu discovery is not optional,
3945 so that RTAX_MTU lock cannot disable it.
3946 We still use this lock to block changes
3947 caused by addrconf/ndisc.
3948 */
3949
3950 idev = __in6_dev_get(arg->dev);
3951 if (!idev)
3952 return 0;
3953
3954 /* For administrative MTU increase, there is no way to discover
3955 IPv6 PMTU increase, so PMTU increase should be updated here.
3956 Since RFC 1981 doesn't include administrative MTU increase
3957 update PMTU increase is a MUST. (i.e. jumbo frame)
3958 */
3959 if (rt->dst.dev == arg->dev &&
3960 !dst_metric_locked(&rt->dst, RTAX_MTU)) {
3961 spin_lock_bh(&rt6_exception_lock);
3962 if (dst_metric_raw(&rt->dst, RTAX_MTU) &&
3963 rt6_mtu_change_route_allowed(idev, rt, arg->mtu))
3964 dst_metric_set(&rt->dst, RTAX_MTU, arg->mtu);
3965 rt6_exceptions_update_pmtu(idev, rt, arg->mtu);
3966 spin_unlock_bh(&rt6_exception_lock);
3967 }
3968 return 0;
3969 }
3970
3971 void rt6_mtu_change(struct net_device *dev, unsigned int mtu)
3972 {
3973 struct rt6_mtu_change_arg arg = {
3974 .dev = dev,
3975 .mtu = mtu,
3976 };
3977
3978 fib6_clean_all(dev_net(dev), rt6_mtu_change_route, &arg);
3979 }
3980
3981 static const struct nla_policy rtm_ipv6_policy[RTA_MAX+1] = {
3982 [RTA_GATEWAY] = { .len = sizeof(struct in6_addr) },
3983 [RTA_PREFSRC] = { .len = sizeof(struct in6_addr) },
3984 [RTA_OIF] = { .type = NLA_U32 },
3985 [RTA_IIF] = { .type = NLA_U32 },
3986 [RTA_PRIORITY] = { .type = NLA_U32 },
3987 [RTA_METRICS] = { .type = NLA_NESTED },
3988 [RTA_MULTIPATH] = { .len = sizeof(struct rtnexthop) },
3989 [RTA_PREF] = { .type = NLA_U8 },
3990 [RTA_ENCAP_TYPE] = { .type = NLA_U16 },
3991 [RTA_ENCAP] = { .type = NLA_NESTED },
3992 [RTA_EXPIRES] = { .type = NLA_U32 },
3993 [RTA_UID] = { .type = NLA_U32 },
3994 [RTA_MARK] = { .type = NLA_U32 },
3995 [RTA_TABLE] = { .type = NLA_U32 },
3996 };
3997
3998 static int rtm_to_fib6_config(struct sk_buff *skb, struct nlmsghdr *nlh,
3999 struct fib6_config *cfg,
4000 struct netlink_ext_ack *extack)
4001 {
4002 struct rtmsg *rtm;
4003 struct nlattr *tb[RTA_MAX+1];
4004 unsigned int pref;
4005 int err;
4006
4007 err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_ipv6_policy,
4008 NULL);
4009 if (err < 0)
4010 goto errout;
4011
4012 err = -EINVAL;
4013 rtm = nlmsg_data(nlh);
4014 memset(cfg, 0, sizeof(*cfg));
4015
4016 cfg->fc_table = rtm->rtm_table;
4017 cfg->fc_dst_len = rtm->rtm_dst_len;
4018 cfg->fc_src_len = rtm->rtm_src_len;
4019 cfg->fc_flags = RTF_UP;
4020 cfg->fc_protocol = rtm->rtm_protocol;
4021 cfg->fc_type = rtm->rtm_type;
4022
4023 if (rtm->rtm_type == RTN_UNREACHABLE ||
4024 rtm->rtm_type == RTN_BLACKHOLE ||
4025 rtm->rtm_type == RTN_PROHIBIT ||
4026 rtm->rtm_type == RTN_THROW)
4027 cfg->fc_flags |= RTF_REJECT;
4028
4029 if (rtm->rtm_type == RTN_LOCAL)
4030 cfg->fc_flags |= RTF_LOCAL;
4031
4032 if (rtm->rtm_flags & RTM_F_CLONED)
4033 cfg->fc_flags |= RTF_CACHE;
4034
4035 cfg->fc_flags |= (rtm->rtm_flags & RTNH_F_ONLINK);
4036
4037 cfg->fc_nlinfo.portid = NETLINK_CB(skb).portid;
4038 cfg->fc_nlinfo.nlh = nlh;
4039 cfg->fc_nlinfo.nl_net = sock_net(skb->sk);
4040
4041 if (tb[RTA_GATEWAY]) {
4042 cfg->fc_gateway = nla_get_in6_addr(tb[RTA_GATEWAY]);
4043 cfg->fc_flags |= RTF_GATEWAY;
4044 }
4045
4046 if (tb[RTA_DST]) {
4047 int plen = (rtm->rtm_dst_len + 7) >> 3;
4048
4049 if (nla_len(tb[RTA_DST]) < plen)
4050 goto errout;
4051
4052 nla_memcpy(&cfg->fc_dst, tb[RTA_DST], plen);
4053 }
4054
4055 if (tb[RTA_SRC]) {
4056 int plen = (rtm->rtm_src_len + 7) >> 3;
4057
4058 if (nla_len(tb[RTA_SRC]) < plen)
4059 goto errout;
4060
4061 nla_memcpy(&cfg->fc_src, tb[RTA_SRC], plen);
4062 }
4063
4064 if (tb[RTA_PREFSRC])
4065 cfg->fc_prefsrc = nla_get_in6_addr(tb[RTA_PREFSRC]);
4066
4067 if (tb[RTA_OIF])
4068 cfg->fc_ifindex = nla_get_u32(tb[RTA_OIF]);
4069
4070 if (tb[RTA_PRIORITY])
4071 cfg->fc_metric = nla_get_u32(tb[RTA_PRIORITY]);
4072
4073 if (tb[RTA_METRICS]) {
4074 cfg->fc_mx = nla_data(tb[RTA_METRICS]);
4075 cfg->fc_mx_len = nla_len(tb[RTA_METRICS]);
4076 }
4077
4078 if (tb[RTA_TABLE])
4079 cfg->fc_table = nla_get_u32(tb[RTA_TABLE]);
4080
4081 if (tb[RTA_MULTIPATH]) {
4082 cfg->fc_mp = nla_data(tb[RTA_MULTIPATH]);
4083 cfg->fc_mp_len = nla_len(tb[RTA_MULTIPATH]);
4084
4085 err = lwtunnel_valid_encap_type_attr(cfg->fc_mp,
4086 cfg->fc_mp_len, extack);
4087 if (err < 0)
4088 goto errout;
4089 }
4090
4091 if (tb[RTA_PREF]) {
4092 pref = nla_get_u8(tb[RTA_PREF]);
4093 if (pref != ICMPV6_ROUTER_PREF_LOW &&
4094 pref != ICMPV6_ROUTER_PREF_HIGH)
4095 pref = ICMPV6_ROUTER_PREF_MEDIUM;
4096 cfg->fc_flags |= RTF_PREF(pref);
4097 }
4098
4099 if (tb[RTA_ENCAP])
4100 cfg->fc_encap = tb[RTA_ENCAP];
4101
4102 if (tb[RTA_ENCAP_TYPE]) {
4103 cfg->fc_encap_type = nla_get_u16(tb[RTA_ENCAP_TYPE]);
4104
4105 err = lwtunnel_valid_encap_type(cfg->fc_encap_type, extack);
4106 if (err < 0)
4107 goto errout;
4108 }
4109
4110 if (tb[RTA_EXPIRES]) {
4111 unsigned long timeout = addrconf_timeout_fixup(nla_get_u32(tb[RTA_EXPIRES]), HZ);
4112
4113 if (addrconf_finite_timeout(timeout)) {
4114 cfg->fc_expires = jiffies_to_clock_t(timeout * HZ);
4115 cfg->fc_flags |= RTF_EXPIRES;
4116 }
4117 }
4118
4119 err = 0;
4120 errout:
4121 return err;
4122 }
4123
4124 struct rt6_nh {
4125 struct rt6_info *rt6_info;
4126 struct fib6_config r_cfg;
4127 struct mx6_config mxc;
4128 struct list_head next;
4129 };
4130
4131 static void ip6_print_replace_route_err(struct list_head *rt6_nh_list)
4132 {
4133 struct rt6_nh *nh;
4134
4135 list_for_each_entry(nh, rt6_nh_list, next) {
4136 pr_warn("IPV6: multipath route replace failed (check consistency of installed routes): %pI6c nexthop %pI6c ifi %d\n",
4137 &nh->r_cfg.fc_dst, &nh->r_cfg.fc_gateway,
4138 nh->r_cfg.fc_ifindex);
4139 }
4140 }
4141
4142 static int ip6_route_info_append(struct list_head *rt6_nh_list,
4143 struct rt6_info *rt, struct fib6_config *r_cfg)
4144 {
4145 struct rt6_nh *nh;
4146 int err = -EEXIST;
4147
4148 list_for_each_entry(nh, rt6_nh_list, next) {
4149 /* check if rt6_info already exists */
4150 if (rt6_duplicate_nexthop(nh->rt6_info, rt))
4151 return err;
4152 }
4153
4154 nh = kzalloc(sizeof(*nh), GFP_KERNEL);
4155 if (!nh)
4156 return -ENOMEM;
4157 nh->rt6_info = rt;
4158 err = ip6_convert_metrics(&nh->mxc, r_cfg);
4159 if (err) {
4160 kfree(nh);
4161 return err;
4162 }
4163 memcpy(&nh->r_cfg, r_cfg, sizeof(*r_cfg));
4164 list_add_tail(&nh->next, rt6_nh_list);
4165
4166 return 0;
4167 }
4168
4169 static void ip6_route_mpath_notify(struct rt6_info *rt,
4170 struct rt6_info *rt_last,
4171 struct nl_info *info,
4172 __u16 nlflags)
4173 {
4174 /* if this is an APPEND route, then rt points to the first route
4175 * inserted and rt_last points to last route inserted. Userspace
4176 * wants a consistent dump of the route which starts at the first
4177 * nexthop. Since sibling routes are always added at the end of
4178 * the list, find the first sibling of the last route appended
4179 */
4180 if ((nlflags & NLM_F_APPEND) && rt_last && rt_last->rt6i_nsiblings) {
4181 rt = list_first_entry(&rt_last->rt6i_siblings,
4182 struct rt6_info,
4183 rt6i_siblings);
4184 }
4185
4186 if (rt)
4187 inet6_rt_notify(RTM_NEWROUTE, rt, info, nlflags);
4188 }
4189
4190 static int ip6_route_multipath_add(struct fib6_config *cfg,
4191 struct netlink_ext_ack *extack)
4192 {
4193 struct rt6_info *rt_notif = NULL, *rt_last = NULL;
4194 struct nl_info *info = &cfg->fc_nlinfo;
4195 struct fib6_config r_cfg;
4196 struct rtnexthop *rtnh;
4197 struct rt6_info *rt;
4198 struct rt6_nh *err_nh;
4199 struct rt6_nh *nh, *nh_safe;
4200 __u16 nlflags;
4201 int remaining;
4202 int attrlen;
4203 int err = 1;
4204 int nhn = 0;
4205 int replace = (cfg->fc_nlinfo.nlh &&
4206 (cfg->fc_nlinfo.nlh->nlmsg_flags & NLM_F_REPLACE));
4207 LIST_HEAD(rt6_nh_list);
4208
4209 nlflags = replace ? NLM_F_REPLACE : NLM_F_CREATE;
4210 if (info->nlh && info->nlh->nlmsg_flags & NLM_F_APPEND)
4211 nlflags |= NLM_F_APPEND;
4212
4213 remaining = cfg->fc_mp_len;
4214 rtnh = (struct rtnexthop *)cfg->fc_mp;
4215
4216 /* Parse a Multipath Entry and build a list (rt6_nh_list) of
4217 * rt6_info structs per nexthop
4218 */
4219 while (rtnh_ok(rtnh, remaining)) {
4220 memcpy(&r_cfg, cfg, sizeof(*cfg));
4221 if (rtnh->rtnh_ifindex)
4222 r_cfg.fc_ifindex = rtnh->rtnh_ifindex;
4223
4224 attrlen = rtnh_attrlen(rtnh);
4225 if (attrlen > 0) {
4226 struct nlattr *nla, *attrs = rtnh_attrs(rtnh);
4227
4228 nla = nla_find(attrs, attrlen, RTA_GATEWAY);
4229 if (nla) {
4230 r_cfg.fc_gateway = nla_get_in6_addr(nla);
4231 r_cfg.fc_flags |= RTF_GATEWAY;
4232 }
4233 r_cfg.fc_encap = nla_find(attrs, attrlen, RTA_ENCAP);
4234 nla = nla_find(attrs, attrlen, RTA_ENCAP_TYPE);
4235 if (nla)
4236 r_cfg.fc_encap_type = nla_get_u16(nla);
4237 }
4238
4239 r_cfg.fc_flags |= (rtnh->rtnh_flags & RTNH_F_ONLINK);
4240 rt = ip6_route_info_create(&r_cfg, extack);
4241 if (IS_ERR(rt)) {
4242 err = PTR_ERR(rt);
4243 rt = NULL;
4244 goto cleanup;
4245 }
4246
4247 rt->rt6i_nh_weight = rtnh->rtnh_hops + 1;
4248
4249 err = ip6_route_info_append(&rt6_nh_list, rt, &r_cfg);
4250 if (err) {
4251 dst_release_immediate(&rt->dst);
4252 goto cleanup;
4253 }
4254
4255 rtnh = rtnh_next(rtnh, &remaining);
4256 }
4257
4258 /* for add and replace send one notification with all nexthops.
4259 * Skip the notification in fib6_add_rt2node and send one with
4260 * the full route when done
4261 */
4262 info->skip_notify = 1;
4263
4264 err_nh = NULL;
4265 list_for_each_entry(nh, &rt6_nh_list, next) {
4266 rt_last = nh->rt6_info;
4267 err = __ip6_ins_rt(nh->rt6_info, info, &nh->mxc, extack);
4268 /* save reference to first route for notification */
4269 if (!rt_notif && !err)
4270 rt_notif = nh->rt6_info;
4271
4272 /* nh->rt6_info is used or freed at this point, reset to NULL*/
4273 nh->rt6_info = NULL;
4274 if (err) {
4275 if (replace && nhn)
4276 ip6_print_replace_route_err(&rt6_nh_list);
4277 err_nh = nh;
4278 goto add_errout;
4279 }
4280
4281 /* Because each route is added like a single route we remove
4282 * these flags after the first nexthop: if there is a collision,
4283 * we have already failed to add the first nexthop:
4284 * fib6_add_rt2node() has rejected it; when replacing, old
4285 * nexthops have been replaced by first new, the rest should
4286 * be added to it.
4287 */
4288 cfg->fc_nlinfo.nlh->nlmsg_flags &= ~(NLM_F_EXCL |
4289 NLM_F_REPLACE);
4290 nhn++;
4291 }
4292
4293 /* success ... tell user about new route */
4294 ip6_route_mpath_notify(rt_notif, rt_last, info, nlflags);
4295 goto cleanup;
4296
4297 add_errout:
4298 /* send notification for routes that were added so that
4299 * the delete notifications sent by ip6_route_del are
4300 * coherent
4301 */
4302 if (rt_notif)
4303 ip6_route_mpath_notify(rt_notif, rt_last, info, nlflags);
4304
4305 /* Delete routes that were already added */
4306 list_for_each_entry(nh, &rt6_nh_list, next) {
4307 if (err_nh == nh)
4308 break;
4309 ip6_route_del(&nh->r_cfg, extack);
4310 }
4311
4312 cleanup:
4313 list_for_each_entry_safe(nh, nh_safe, &rt6_nh_list, next) {
4314 if (nh->rt6_info)
4315 dst_release_immediate(&nh->rt6_info->dst);
4316 kfree(nh->mxc.mx);
4317 list_del(&nh->next);
4318 kfree(nh);
4319 }
4320
4321 return err;
4322 }
4323
4324 static int ip6_route_multipath_del(struct fib6_config *cfg,
4325 struct netlink_ext_ack *extack)
4326 {
4327 struct fib6_config r_cfg;
4328 struct rtnexthop *rtnh;
4329 int remaining;
4330 int attrlen;
4331 int err = 1, last_err = 0;
4332
4333 remaining = cfg->fc_mp_len;
4334 rtnh = (struct rtnexthop *)cfg->fc_mp;
4335
4336 /* Parse a Multipath Entry */
4337 while (rtnh_ok(rtnh, remaining)) {
4338 memcpy(&r_cfg, cfg, sizeof(*cfg));
4339 if (rtnh->rtnh_ifindex)
4340 r_cfg.fc_ifindex = rtnh->rtnh_ifindex;
4341
4342 attrlen = rtnh_attrlen(rtnh);
4343 if (attrlen > 0) {
4344 struct nlattr *nla, *attrs = rtnh_attrs(rtnh);
4345
4346 nla = nla_find(attrs, attrlen, RTA_GATEWAY);
4347 if (nla) {
4348 nla_memcpy(&r_cfg.fc_gateway, nla, 16);
4349 r_cfg.fc_flags |= RTF_GATEWAY;
4350 }
4351 }
4352 err = ip6_route_del(&r_cfg, extack);
4353 if (err)
4354 last_err = err;
4355
4356 rtnh = rtnh_next(rtnh, &remaining);
4357 }
4358
4359 return last_err;
4360 }
4361
4362 static int inet6_rtm_delroute(struct sk_buff *skb, struct nlmsghdr *nlh,
4363 struct netlink_ext_ack *extack)
4364 {
4365 struct fib6_config cfg;
4366 int err;
4367
4368 err = rtm_to_fib6_config(skb, nlh, &cfg, extack);
4369 if (err < 0)
4370 return err;
4371
4372 if (cfg.fc_mp)
4373 return ip6_route_multipath_del(&cfg, extack);
4374 else {
4375 cfg.fc_delete_all_nh = 1;
4376 return ip6_route_del(&cfg, extack);
4377 }
4378 }
4379
4380 static int inet6_rtm_newroute(struct sk_buff *skb, struct nlmsghdr *nlh,
4381 struct netlink_ext_ack *extack)
4382 {
4383 struct fib6_config cfg;
4384 int err;
4385
4386 err = rtm_to_fib6_config(skb, nlh, &cfg, extack);
4387 if (err < 0)
4388 return err;
4389
4390 if (cfg.fc_mp)
4391 return ip6_route_multipath_add(&cfg, extack);
4392 else
4393 return ip6_route_add(&cfg, extack);
4394 }
4395
4396 static size_t rt6_nlmsg_size(struct rt6_info *rt)
4397 {
4398 int nexthop_len = 0;
4399
4400 if (rt->rt6i_nsiblings) {
4401 nexthop_len = nla_total_size(0) /* RTA_MULTIPATH */
4402 + NLA_ALIGN(sizeof(struct rtnexthop))
4403 + nla_total_size(16) /* RTA_GATEWAY */
4404 + lwtunnel_get_encap_size(rt->dst.lwtstate);
4405
4406 nexthop_len *= rt->rt6i_nsiblings;
4407 }
4408
4409 return NLMSG_ALIGN(sizeof(struct rtmsg))
4410 + nla_total_size(16) /* RTA_SRC */
4411 + nla_total_size(16) /* RTA_DST */
4412 + nla_total_size(16) /* RTA_GATEWAY */
4413 + nla_total_size(16) /* RTA_PREFSRC */
4414 + nla_total_size(4) /* RTA_TABLE */
4415 + nla_total_size(4) /* RTA_IIF */
4416 + nla_total_size(4) /* RTA_OIF */
4417 + nla_total_size(4) /* RTA_PRIORITY */
4418 + RTAX_MAX * nla_total_size(4) /* RTA_METRICS */
4419 + nla_total_size(sizeof(struct rta_cacheinfo))
4420 + nla_total_size(TCP_CA_NAME_MAX) /* RTAX_CC_ALGO */
4421 + nla_total_size(1) /* RTA_PREF */
4422 + lwtunnel_get_encap_size(rt->dst.lwtstate)
4423 + nexthop_len;
4424 }
4425
4426 static int rt6_nexthop_info(struct sk_buff *skb, struct rt6_info *rt,
4427 unsigned int *flags, bool skip_oif)
4428 {
4429 if (rt->rt6i_nh_flags & RTNH_F_DEAD)
4430 *flags |= RTNH_F_DEAD;
4431
4432 if (rt->rt6i_nh_flags & RTNH_F_LINKDOWN) {
4433 *flags |= RTNH_F_LINKDOWN;
4434 if (rt->rt6i_idev->cnf.ignore_routes_with_linkdown)
4435 *flags |= RTNH_F_DEAD;
4436 }
4437
4438 if (rt->rt6i_flags & RTF_GATEWAY) {
4439 if (nla_put_in6_addr(skb, RTA_GATEWAY, &rt->rt6i_gateway) < 0)
4440 goto nla_put_failure;
4441 }
4442
4443 *flags |= (rt->rt6i_nh_flags & RTNH_F_ONLINK);
4444 if (rt->rt6i_nh_flags & RTNH_F_OFFLOAD)
4445 *flags |= RTNH_F_OFFLOAD;
4446
4447 /* not needed for multipath encoding b/c it has a rtnexthop struct */
4448 if (!skip_oif && rt->dst.dev &&
4449 nla_put_u32(skb, RTA_OIF, rt->dst.dev->ifindex))
4450 goto nla_put_failure;
4451
4452 if (rt->dst.lwtstate &&
4453 lwtunnel_fill_encap(skb, rt->dst.lwtstate) < 0)
4454 goto nla_put_failure;
4455
4456 return 0;
4457
4458 nla_put_failure:
4459 return -EMSGSIZE;
4460 }
4461
4462 /* add multipath next hop */
4463 static int rt6_add_nexthop(struct sk_buff *skb, struct rt6_info *rt)
4464 {
4465 struct rtnexthop *rtnh;
4466 unsigned int flags = 0;
4467
4468 rtnh = nla_reserve_nohdr(skb, sizeof(*rtnh));
4469 if (!rtnh)
4470 goto nla_put_failure;
4471
4472 rtnh->rtnh_hops = rt->rt6i_nh_weight - 1;
4473 rtnh->rtnh_ifindex = rt->dst.dev ? rt->dst.dev->ifindex : 0;
4474
4475 if (rt6_nexthop_info(skb, rt, &flags, true) < 0)
4476 goto nla_put_failure;
4477
4478 rtnh->rtnh_flags = flags;
4479
4480 /* length of rtnetlink header + attributes */
4481 rtnh->rtnh_len = nlmsg_get_pos(skb) - (void *)rtnh;
4482
4483 return 0;
4484
4485 nla_put_failure:
4486 return -EMSGSIZE;
4487 }
4488
4489 static int rt6_fill_node(struct net *net,
4490 struct sk_buff *skb, struct rt6_info *rt,
4491 struct in6_addr *dst, struct in6_addr *src,
4492 int iif, int type, u32 portid, u32 seq,
4493 unsigned int flags)
4494 {
4495 u32 metrics[RTAX_MAX];
4496 struct rtmsg *rtm;
4497 struct nlmsghdr *nlh;
4498 long expires;
4499 u32 table;
4500
4501 nlh = nlmsg_put(skb, portid, seq, type, sizeof(*rtm), flags);
4502 if (!nlh)
4503 return -EMSGSIZE;
4504
4505 rtm = nlmsg_data(nlh);
4506 rtm->rtm_family = AF_INET6;
4507 rtm->rtm_dst_len = rt->rt6i_dst.plen;
4508 rtm->rtm_src_len = rt->rt6i_src.plen;
4509 rtm->rtm_tos = 0;
4510 if (rt->rt6i_table)
4511 table = rt->rt6i_table->tb6_id;
4512 else
4513 table = RT6_TABLE_UNSPEC;
4514 rtm->rtm_table = table;
4515 if (nla_put_u32(skb, RTA_TABLE, table))
4516 goto nla_put_failure;
4517 if (rt->rt6i_flags & RTF_REJECT) {
4518 switch (rt->dst.error) {
4519 case -EINVAL:
4520 rtm->rtm_type = RTN_BLACKHOLE;
4521 break;
4522 case -EACCES:
4523 rtm->rtm_type = RTN_PROHIBIT;
4524 break;
4525 case -EAGAIN:
4526 rtm->rtm_type = RTN_THROW;
4527 break;
4528 default:
4529 rtm->rtm_type = RTN_UNREACHABLE;
4530 break;
4531 }
4532 }
4533 else if (rt->rt6i_flags & RTF_LOCAL)
4534 rtm->rtm_type = RTN_LOCAL;
4535 else if (rt->rt6i_flags & RTF_ANYCAST)
4536 rtm->rtm_type = RTN_ANYCAST;
4537 else if (rt->dst.dev && (rt->dst.dev->flags & IFF_LOOPBACK))
4538 rtm->rtm_type = RTN_LOCAL;
4539 else
4540 rtm->rtm_type = RTN_UNICAST;
4541 rtm->rtm_flags = 0;
4542 rtm->rtm_scope = RT_SCOPE_UNIVERSE;
4543 rtm->rtm_protocol = rt->rt6i_protocol;
4544
4545 if (rt->rt6i_flags & RTF_CACHE)
4546 rtm->rtm_flags |= RTM_F_CLONED;
4547
4548 if (dst) {
4549 if (nla_put_in6_addr(skb, RTA_DST, dst))
4550 goto nla_put_failure;
4551 rtm->rtm_dst_len = 128;
4552 } else if (rtm->rtm_dst_len)
4553 if (nla_put_in6_addr(skb, RTA_DST, &rt->rt6i_dst.addr))
4554 goto nla_put_failure;
4555 #ifdef CONFIG_IPV6_SUBTREES
4556 if (src) {
4557 if (nla_put_in6_addr(skb, RTA_SRC, src))
4558 goto nla_put_failure;
4559 rtm->rtm_src_len = 128;
4560 } else if (rtm->rtm_src_len &&
4561 nla_put_in6_addr(skb, RTA_SRC, &rt->rt6i_src.addr))
4562 goto nla_put_failure;
4563 #endif
4564 if (iif) {
4565 #ifdef CONFIG_IPV6_MROUTE
4566 if (ipv6_addr_is_multicast(&rt->rt6i_dst.addr)) {
4567 int err = ip6mr_get_route(net, skb, rtm, portid);
4568
4569 if (err == 0)
4570 return 0;
4571 if (err < 0)
4572 goto nla_put_failure;
4573 } else
4574 #endif
4575 if (nla_put_u32(skb, RTA_IIF, iif))
4576 goto nla_put_failure;
4577 } else if (dst) {
4578 struct in6_addr saddr_buf;
4579 if (ip6_route_get_saddr(net, rt, dst, 0, &saddr_buf) == 0 &&
4580 nla_put_in6_addr(skb, RTA_PREFSRC, &saddr_buf))
4581 goto nla_put_failure;
4582 }
4583
4584 if (rt->rt6i_prefsrc.plen) {
4585 struct in6_addr saddr_buf;
4586 saddr_buf = rt->rt6i_prefsrc.addr;
4587 if (nla_put_in6_addr(skb, RTA_PREFSRC, &saddr_buf))
4588 goto nla_put_failure;
4589 }
4590
4591 memcpy(metrics, dst_metrics_ptr(&rt->dst), sizeof(metrics));
4592 if (rt->rt6i_pmtu)
4593 metrics[RTAX_MTU - 1] = rt->rt6i_pmtu;
4594 if (rtnetlink_put_metrics(skb, metrics) < 0)
4595 goto nla_put_failure;
4596
4597 if (nla_put_u32(skb, RTA_PRIORITY, rt->rt6i_metric))
4598 goto nla_put_failure;
4599
4600 /* For multipath routes, walk the siblings list and add
4601 * each as a nexthop within RTA_MULTIPATH.
4602 */
4603 if (rt->rt6i_nsiblings) {
4604 struct rt6_info *sibling, *next_sibling;
4605 struct nlattr *mp;
4606
4607 mp = nla_nest_start(skb, RTA_MULTIPATH);
4608 if (!mp)
4609 goto nla_put_failure;
4610
4611 if (rt6_add_nexthop(skb, rt) < 0)
4612 goto nla_put_failure;
4613
4614 list_for_each_entry_safe(sibling, next_sibling,
4615 &rt->rt6i_siblings, rt6i_siblings) {
4616 if (rt6_add_nexthop(skb, sibling) < 0)
4617 goto nla_put_failure;
4618 }
4619
4620 nla_nest_end(skb, mp);
4621 } else {
4622 if (rt6_nexthop_info(skb, rt, &rtm->rtm_flags, false) < 0)
4623 goto nla_put_failure;
4624 }
4625
4626 expires = (rt->rt6i_flags & RTF_EXPIRES) ? rt->dst.expires - jiffies : 0;
4627
4628 if (rtnl_put_cacheinfo(skb, &rt->dst, 0, expires, rt->dst.error) < 0)
4629 goto nla_put_failure;
4630
4631 if (nla_put_u8(skb, RTA_PREF, IPV6_EXTRACT_PREF(rt->rt6i_flags)))
4632 goto nla_put_failure;
4633
4634
4635 nlmsg_end(skb, nlh);
4636 return 0;
4637
4638 nla_put_failure:
4639 nlmsg_cancel(skb, nlh);
4640 return -EMSGSIZE;
4641 }
4642
4643 int rt6_dump_route(struct rt6_info *rt, void *p_arg)
4644 {
4645 struct rt6_rtnl_dump_arg *arg = (struct rt6_rtnl_dump_arg *) p_arg;
4646 struct net *net = arg->net;
4647
4648 if (rt == net->ipv6.ip6_null_entry)
4649 return 0;
4650
4651 if (nlmsg_len(arg->cb->nlh) >= sizeof(struct rtmsg)) {
4652 struct rtmsg *rtm = nlmsg_data(arg->cb->nlh);
4653
4654 /* user wants prefix routes only */
4655 if (rtm->rtm_flags & RTM_F_PREFIX &&
4656 !(rt->rt6i_flags & RTF_PREFIX_RT)) {
4657 /* success since this is not a prefix route */
4658 return 1;
4659 }
4660 }
4661
4662 return rt6_fill_node(net,
4663 arg->skb, rt, NULL, NULL, 0, RTM_NEWROUTE,
4664 NETLINK_CB(arg->cb->skb).portid, arg->cb->nlh->nlmsg_seq,
4665 NLM_F_MULTI);
4666 }
4667
4668 static int inet6_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr *nlh,
4669 struct netlink_ext_ack *extack)
4670 {
4671 struct net *net = sock_net(in_skb->sk);
4672 struct nlattr *tb[RTA_MAX+1];
4673 int err, iif = 0, oif = 0;
4674 struct dst_entry *dst;
4675 struct rt6_info *rt;
4676 struct sk_buff *skb;
4677 struct rtmsg *rtm;
4678 struct flowi6 fl6;
4679 bool fibmatch;
4680
4681 err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_ipv6_policy,
4682 extack);
4683 if (err < 0)
4684 goto errout;
4685
4686 err = -EINVAL;
4687 memset(&fl6, 0, sizeof(fl6));
4688 rtm = nlmsg_data(nlh);
4689 fl6.flowlabel = ip6_make_flowinfo(rtm->rtm_tos, 0);
4690 fibmatch = !!(rtm->rtm_flags & RTM_F_FIB_MATCH);
4691
4692 if (tb[RTA_SRC]) {
4693 if (nla_len(tb[RTA_SRC]) < sizeof(struct in6_addr))
4694 goto errout;
4695
4696 fl6.saddr = *(struct in6_addr *)nla_data(tb[RTA_SRC]);
4697 }
4698
4699 if (tb[RTA_DST]) {
4700 if (nla_len(tb[RTA_DST]) < sizeof(struct in6_addr))
4701 goto errout;
4702
4703 fl6.daddr = *(struct in6_addr *)nla_data(tb[RTA_DST]);
4704 }
4705
4706 if (tb[RTA_IIF])
4707 iif = nla_get_u32(tb[RTA_IIF]);
4708
4709 if (tb[RTA_OIF])
4710 oif = nla_get_u32(tb[RTA_OIF]);
4711
4712 if (tb[RTA_MARK])
4713 fl6.flowi6_mark = nla_get_u32(tb[RTA_MARK]);
4714
4715 if (tb[RTA_UID])
4716 fl6.flowi6_uid = make_kuid(current_user_ns(),
4717 nla_get_u32(tb[RTA_UID]));
4718 else
4719 fl6.flowi6_uid = iif ? INVALID_UID : current_uid();
4720
4721 if (iif) {
4722 struct net_device *dev;
4723 int flags = 0;
4724
4725 rcu_read_lock();
4726
4727 dev = dev_get_by_index_rcu(net, iif);
4728 if (!dev) {
4729 rcu_read_unlock();
4730 err = -ENODEV;
4731 goto errout;
4732 }
4733
4734 fl6.flowi6_iif = iif;
4735
4736 if (!ipv6_addr_any(&fl6.saddr))
4737 flags |= RT6_LOOKUP_F_HAS_SADDR;
4738
4739 dst = ip6_route_input_lookup(net, dev, &fl6, NULL, flags);
4740
4741 rcu_read_unlock();
4742 } else {
4743 fl6.flowi6_oif = oif;
4744
4745 dst = ip6_route_output(net, NULL, &fl6);
4746 }
4747
4748
4749 rt = container_of(dst, struct rt6_info, dst);
4750 if (rt->dst.error) {
4751 err = rt->dst.error;
4752 ip6_rt_put(rt);
4753 goto errout;
4754 }
4755
4756 if (rt == net->ipv6.ip6_null_entry) {
4757 err = rt->dst.error;
4758 ip6_rt_put(rt);
4759 goto errout;
4760 }
4761
4762 if (fibmatch && rt->from) {
4763 struct rt6_info *ort = rt->from;
4764
4765 dst_hold(&ort->dst);
4766 ip6_rt_put(rt);
4767 rt = ort;
4768 }
4769
4770 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL);
4771 if (!skb) {
4772 ip6_rt_put(rt);
4773 err = -ENOBUFS;
4774 goto errout;
4775 }
4776
4777 skb_dst_set(skb, &rt->dst);
4778 if (fibmatch)
4779 err = rt6_fill_node(net, skb, rt, NULL, NULL, iif,
4780 RTM_NEWROUTE, NETLINK_CB(in_skb).portid,
4781 nlh->nlmsg_seq, 0);
4782 else
4783 err = rt6_fill_node(net, skb, rt, &fl6.daddr, &fl6.saddr, iif,
4784 RTM_NEWROUTE, NETLINK_CB(in_skb).portid,
4785 nlh->nlmsg_seq, 0);
4786 if (err < 0) {
4787 kfree_skb(skb);
4788 goto errout;
4789 }
4790
4791 err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).portid);
4792 errout:
4793 return err;
4794 }
4795
4796 void inet6_rt_notify(int event, struct rt6_info *rt, struct nl_info *info,
4797 unsigned int nlm_flags)
4798 {
4799 struct sk_buff *skb;
4800 struct net *net = info->nl_net;
4801 u32 seq;
4802 int err;
4803
4804 err = -ENOBUFS;
4805 seq = info->nlh ? info->nlh->nlmsg_seq : 0;
4806
4807 skb = nlmsg_new(rt6_nlmsg_size(rt), gfp_any());
4808 if (!skb)
4809 goto errout;
4810
4811 err = rt6_fill_node(net, skb, rt, NULL, NULL, 0,
4812 event, info->portid, seq, nlm_flags);
4813 if (err < 0) {
4814 /* -EMSGSIZE implies BUG in rt6_nlmsg_size() */
4815 WARN_ON(err == -EMSGSIZE);
4816 kfree_skb(skb);
4817 goto errout;
4818 }
4819 rtnl_notify(skb, net, info->portid, RTNLGRP_IPV6_ROUTE,
4820 info->nlh, gfp_any());
4821 return;
4822 errout:
4823 if (err < 0)
4824 rtnl_set_sk_err(net, RTNLGRP_IPV6_ROUTE, err);
4825 }
4826
4827 static int ip6_route_dev_notify(struct notifier_block *this,
4828 unsigned long event, void *ptr)
4829 {
4830 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
4831 struct net *net = dev_net(dev);
4832
4833 if (!(dev->flags & IFF_LOOPBACK))
4834 return NOTIFY_OK;
4835
4836 if (event == NETDEV_REGISTER) {
4837 net->ipv6.ip6_null_entry->dst.dev = dev;
4838 net->ipv6.ip6_null_entry->rt6i_idev = in6_dev_get(dev);
4839 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
4840 net->ipv6.ip6_prohibit_entry->dst.dev = dev;
4841 net->ipv6.ip6_prohibit_entry->rt6i_idev = in6_dev_get(dev);
4842 net->ipv6.ip6_blk_hole_entry->dst.dev = dev;
4843 net->ipv6.ip6_blk_hole_entry->rt6i_idev = in6_dev_get(dev);
4844 #endif
4845 } else if (event == NETDEV_UNREGISTER &&
4846 dev->reg_state != NETREG_UNREGISTERED) {
4847 /* NETDEV_UNREGISTER could be fired for multiple times by
4848 * netdev_wait_allrefs(). Make sure we only call this once.
4849 */
4850 in6_dev_put_clear(&net->ipv6.ip6_null_entry->rt6i_idev);
4851 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
4852 in6_dev_put_clear(&net->ipv6.ip6_prohibit_entry->rt6i_idev);
4853 in6_dev_put_clear(&net->ipv6.ip6_blk_hole_entry->rt6i_idev);
4854 #endif
4855 }
4856
4857 return NOTIFY_OK;
4858 }
4859
4860 /*
4861 * /proc
4862 */
4863
4864 #ifdef CONFIG_PROC_FS
4865
4866 static const struct file_operations ipv6_route_proc_fops = {
4867 .open = ipv6_route_open,
4868 .read = seq_read,
4869 .llseek = seq_lseek,
4870 .release = seq_release_net,
4871 };
4872
4873 static int rt6_stats_seq_show(struct seq_file *seq, void *v)
4874 {
4875 struct net *net = (struct net *)seq->private;
4876 seq_printf(seq, "%04x %04x %04x %04x %04x %04x %04x\n",
4877 net->ipv6.rt6_stats->fib_nodes,
4878 net->ipv6.rt6_stats->fib_route_nodes,
4879 atomic_read(&net->ipv6.rt6_stats->fib_rt_alloc),
4880 net->ipv6.rt6_stats->fib_rt_entries,
4881 net->ipv6.rt6_stats->fib_rt_cache,
4882 dst_entries_get_slow(&net->ipv6.ip6_dst_ops),
4883 net->ipv6.rt6_stats->fib_discarded_routes);
4884
4885 return 0;
4886 }
4887
4888 static int rt6_stats_seq_open(struct inode *inode, struct file *file)
4889 {
4890 return single_open_net(inode, file, rt6_stats_seq_show);
4891 }
4892
4893 static const struct file_operations rt6_stats_seq_fops = {
4894 .open = rt6_stats_seq_open,
4895 .read = seq_read,
4896 .llseek = seq_lseek,
4897 .release = single_release_net,
4898 };
4899 #endif /* CONFIG_PROC_FS */
4900
4901 #ifdef CONFIG_SYSCTL
4902
4903 static
4904 int ipv6_sysctl_rtcache_flush(struct ctl_table *ctl, int write,
4905 void __user *buffer, size_t *lenp, loff_t *ppos)
4906 {
4907 struct net *net;
4908 int delay;
4909 if (!write)
4910 return -EINVAL;
4911
4912 net = (struct net *)ctl->extra1;
4913 delay = net->ipv6.sysctl.flush_delay;
4914 proc_dointvec(ctl, write, buffer, lenp, ppos);
4915 fib6_run_gc(delay <= 0 ? 0 : (unsigned long)delay, net, delay > 0);
4916 return 0;
4917 }
4918
4919 struct ctl_table ipv6_route_table_template[] = {
4920 {
4921 .procname = "flush",
4922 .data = &init_net.ipv6.sysctl.flush_delay,
4923 .maxlen = sizeof(int),
4924 .mode = 0200,
4925 .proc_handler = ipv6_sysctl_rtcache_flush
4926 },
4927 {
4928 .procname = "gc_thresh",
4929 .data = &ip6_dst_ops_template.gc_thresh,
4930 .maxlen = sizeof(int),
4931 .mode = 0644,
4932 .proc_handler = proc_dointvec,
4933 },
4934 {
4935 .procname = "max_size",
4936 .data = &init_net.ipv6.sysctl.ip6_rt_max_size,
4937 .maxlen = sizeof(int),
4938 .mode = 0644,
4939 .proc_handler = proc_dointvec,
4940 },
4941 {
4942 .procname = "gc_min_interval",
4943 .data = &init_net.ipv6.sysctl.ip6_rt_gc_min_interval,
4944 .maxlen = sizeof(int),
4945 .mode = 0644,
4946 .proc_handler = proc_dointvec_jiffies,
4947 },
4948 {
4949 .procname = "gc_timeout",
4950 .data = &init_net.ipv6.sysctl.ip6_rt_gc_timeout,
4951 .maxlen = sizeof(int),
4952 .mode = 0644,
4953 .proc_handler = proc_dointvec_jiffies,
4954 },
4955 {
4956 .procname = "gc_interval",
4957 .data = &init_net.ipv6.sysctl.ip6_rt_gc_interval,
4958 .maxlen = sizeof(int),
4959 .mode = 0644,
4960 .proc_handler = proc_dointvec_jiffies,
4961 },
4962 {
4963 .procname = "gc_elasticity",
4964 .data = &init_net.ipv6.sysctl.ip6_rt_gc_elasticity,
4965 .maxlen = sizeof(int),
4966 .mode = 0644,
4967 .proc_handler = proc_dointvec,
4968 },
4969 {
4970 .procname = "mtu_expires",
4971 .data = &init_net.ipv6.sysctl.ip6_rt_mtu_expires,
4972 .maxlen = sizeof(int),
4973 .mode = 0644,
4974 .proc_handler = proc_dointvec_jiffies,
4975 },
4976 {
4977 .procname = "min_adv_mss",
4978 .data = &init_net.ipv6.sysctl.ip6_rt_min_advmss,
4979 .maxlen = sizeof(int),
4980 .mode = 0644,
4981 .proc_handler = proc_dointvec,
4982 },
4983 {
4984 .procname = "gc_min_interval_ms",
4985 .data = &init_net.ipv6.sysctl.ip6_rt_gc_min_interval,
4986 .maxlen = sizeof(int),
4987 .mode = 0644,
4988 .proc_handler = proc_dointvec_ms_jiffies,
4989 },
4990 { }
4991 };
4992
4993 struct ctl_table * __net_init ipv6_route_sysctl_init(struct net *net)
4994 {
4995 struct ctl_table *table;
4996
4997 table = kmemdup(ipv6_route_table_template,
4998 sizeof(ipv6_route_table_template),
4999 GFP_KERNEL);
5000
5001 if (table) {
5002 table[0].data = &net->ipv6.sysctl.flush_delay;
5003 table[0].extra1 = net;
5004 table[1].data = &net->ipv6.ip6_dst_ops.gc_thresh;
5005 table[2].data = &net->ipv6.sysctl.ip6_rt_max_size;
5006 table[3].data = &net->ipv6.sysctl.ip6_rt_gc_min_interval;
5007 table[4].data = &net->ipv6.sysctl.ip6_rt_gc_timeout;
5008 table[5].data = &net->ipv6.sysctl.ip6_rt_gc_interval;
5009 table[6].data = &net->ipv6.sysctl.ip6_rt_gc_elasticity;
5010 table[7].data = &net->ipv6.sysctl.ip6_rt_mtu_expires;
5011 table[8].data = &net->ipv6.sysctl.ip6_rt_min_advmss;
5012 table[9].data = &net->ipv6.sysctl.ip6_rt_gc_min_interval;
5013
5014 /* Don't export sysctls to unprivileged users */
5015 if (net->user_ns != &init_user_ns)
5016 table[0].procname = NULL;
5017 }
5018
5019 return table;
5020 }
5021 #endif
5022
5023 static int __net_init ip6_route_net_init(struct net *net)
5024 {
5025 int ret = -ENOMEM;
5026
5027 memcpy(&net->ipv6.ip6_dst_ops, &ip6_dst_ops_template,
5028 sizeof(net->ipv6.ip6_dst_ops));
5029
5030 if (dst_entries_init(&net->ipv6.ip6_dst_ops) < 0)
5031 goto out_ip6_dst_ops;
5032
5033 net->ipv6.ip6_null_entry = kmemdup(&ip6_null_entry_template,
5034 sizeof(*net->ipv6.ip6_null_entry),
5035 GFP_KERNEL);
5036 if (!net->ipv6.ip6_null_entry)
5037 goto out_ip6_dst_entries;
5038 net->ipv6.ip6_null_entry->dst.ops = &net->ipv6.ip6_dst_ops;
5039 dst_init_metrics(&net->ipv6.ip6_null_entry->dst,
5040 ip6_template_metrics, true);
5041
5042 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
5043 net->ipv6.fib6_has_custom_rules = false;
5044 net->ipv6.ip6_prohibit_entry = kmemdup(&ip6_prohibit_entry_template,
5045 sizeof(*net->ipv6.ip6_prohibit_entry),
5046 GFP_KERNEL);
5047 if (!net->ipv6.ip6_prohibit_entry)
5048 goto out_ip6_null_entry;
5049 net->ipv6.ip6_prohibit_entry->dst.ops = &net->ipv6.ip6_dst_ops;
5050 dst_init_metrics(&net->ipv6.ip6_prohibit_entry->dst,
5051 ip6_template_metrics, true);
5052
5053 net->ipv6.ip6_blk_hole_entry = kmemdup(&ip6_blk_hole_entry_template,
5054 sizeof(*net->ipv6.ip6_blk_hole_entry),
5055 GFP_KERNEL);
5056 if (!net->ipv6.ip6_blk_hole_entry)
5057 goto out_ip6_prohibit_entry;
5058 net->ipv6.ip6_blk_hole_entry->dst.ops = &net->ipv6.ip6_dst_ops;
5059 dst_init_metrics(&net->ipv6.ip6_blk_hole_entry->dst,
5060 ip6_template_metrics, true);
5061 #endif
5062
5063 net->ipv6.sysctl.flush_delay = 0;
5064 net->ipv6.sysctl.ip6_rt_max_size = 4096;
5065 net->ipv6.sysctl.ip6_rt_gc_min_interval = HZ / 2;
5066 net->ipv6.sysctl.ip6_rt_gc_timeout = 60*HZ;
5067 net->ipv6.sysctl.ip6_rt_gc_interval = 30*HZ;
5068 net->ipv6.sysctl.ip6_rt_gc_elasticity = 9;
5069 net->ipv6.sysctl.ip6_rt_mtu_expires = 10*60*HZ;
5070 net->ipv6.sysctl.ip6_rt_min_advmss = IPV6_MIN_MTU - 20 - 40;
5071
5072 net->ipv6.ip6_rt_gc_expire = 30*HZ;
5073
5074 ret = 0;
5075 out:
5076 return ret;
5077
5078 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
5079 out_ip6_prohibit_entry:
5080 kfree(net->ipv6.ip6_prohibit_entry);
5081 out_ip6_null_entry:
5082 kfree(net->ipv6.ip6_null_entry);
5083 #endif
5084 out_ip6_dst_entries:
5085 dst_entries_destroy(&net->ipv6.ip6_dst_ops);
5086 out_ip6_dst_ops:
5087 goto out;
5088 }
5089
5090 static void __net_exit ip6_route_net_exit(struct net *net)
5091 {
5092 kfree(net->ipv6.ip6_null_entry);
5093 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
5094 kfree(net->ipv6.ip6_prohibit_entry);
5095 kfree(net->ipv6.ip6_blk_hole_entry);
5096 #endif
5097 dst_entries_destroy(&net->ipv6.ip6_dst_ops);
5098 }
5099
5100 static int __net_init ip6_route_net_init_late(struct net *net)
5101 {
5102 #ifdef CONFIG_PROC_FS
5103 proc_create("ipv6_route", 0, net->proc_net, &ipv6_route_proc_fops);
5104 proc_create("rt6_stats", 0444, net->proc_net, &rt6_stats_seq_fops);
5105 #endif
5106 return 0;
5107 }
5108
5109 static void __net_exit ip6_route_net_exit_late(struct net *net)
5110 {
5111 #ifdef CONFIG_PROC_FS
5112 remove_proc_entry("ipv6_route", net->proc_net);
5113 remove_proc_entry("rt6_stats", net->proc_net);
5114 #endif
5115 }
5116
5117 static struct pernet_operations ip6_route_net_ops = {
5118 .init = ip6_route_net_init,
5119 .exit = ip6_route_net_exit,
5120 };
5121
5122 static int __net_init ipv6_inetpeer_init(struct net *net)
5123 {
5124 struct inet_peer_base *bp = kmalloc(sizeof(*bp), GFP_KERNEL);
5125
5126 if (!bp)
5127 return -ENOMEM;
5128 inet_peer_base_init(bp);
5129 net->ipv6.peers = bp;
5130 return 0;
5131 }
5132
5133 static void __net_exit ipv6_inetpeer_exit(struct net *net)
5134 {
5135 struct inet_peer_base *bp = net->ipv6.peers;
5136
5137 net->ipv6.peers = NULL;
5138 inetpeer_invalidate_tree(bp);
5139 kfree(bp);
5140 }
5141
5142 static struct pernet_operations ipv6_inetpeer_ops = {
5143 .init = ipv6_inetpeer_init,
5144 .exit = ipv6_inetpeer_exit,
5145 };
5146
5147 static struct pernet_operations ip6_route_net_late_ops = {
5148 .init = ip6_route_net_init_late,
5149 .exit = ip6_route_net_exit_late,
5150 };
5151
5152 static struct notifier_block ip6_route_dev_notifier = {
5153 .notifier_call = ip6_route_dev_notify,
5154 .priority = ADDRCONF_NOTIFY_PRIORITY - 10,
5155 };
5156
5157 void __init ip6_route_init_special_entries(void)
5158 {
5159 /* Registering of the loopback is done before this portion of code,
5160 * the loopback reference in rt6_info will not be taken, do it
5161 * manually for init_net */
5162 init_net.ipv6.ip6_null_entry->dst.dev = init_net.loopback_dev;
5163 init_net.ipv6.ip6_null_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev);
5164 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
5165 init_net.ipv6.ip6_prohibit_entry->dst.dev = init_net.loopback_dev;
5166 init_net.ipv6.ip6_prohibit_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev);
5167 init_net.ipv6.ip6_blk_hole_entry->dst.dev = init_net.loopback_dev;
5168 init_net.ipv6.ip6_blk_hole_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev);
5169 #endif
5170 }
5171
5172 int __init ip6_route_init(void)
5173 {
5174 int ret;
5175 int cpu;
5176
5177 ret = -ENOMEM;
5178 ip6_dst_ops_template.kmem_cachep =
5179 kmem_cache_create("ip6_dst_cache", sizeof(struct rt6_info), 0,
5180 SLAB_HWCACHE_ALIGN, NULL);
5181 if (!ip6_dst_ops_template.kmem_cachep)
5182 goto out;
5183
5184 ret = dst_entries_init(&ip6_dst_blackhole_ops);
5185 if (ret)
5186 goto out_kmem_cache;
5187
5188 ret = register_pernet_subsys(&ipv6_inetpeer_ops);
5189 if (ret)
5190 goto out_dst_entries;
5191
5192 ret = register_pernet_subsys(&ip6_route_net_ops);
5193 if (ret)
5194 goto out_register_inetpeer;
5195
5196 ip6_dst_blackhole_ops.kmem_cachep = ip6_dst_ops_template.kmem_cachep;
5197
5198 ret = fib6_init();
5199 if (ret)
5200 goto out_register_subsys;
5201
5202 ret = xfrm6_init();
5203 if (ret)
5204 goto out_fib6_init;
5205
5206 ret = fib6_rules_init();
5207 if (ret)
5208 goto xfrm6_init;
5209
5210 ret = register_pernet_subsys(&ip6_route_net_late_ops);
5211 if (ret)
5212 goto fib6_rules_init;
5213
5214 ret = rtnl_register_module(THIS_MODULE, PF_INET6, RTM_NEWROUTE,
5215 inet6_rtm_newroute, NULL, 0);
5216 if (ret < 0)
5217 goto out_register_late_subsys;
5218
5219 ret = rtnl_register_module(THIS_MODULE, PF_INET6, RTM_DELROUTE,
5220 inet6_rtm_delroute, NULL, 0);
5221 if (ret < 0)
5222 goto out_register_late_subsys;
5223
5224 ret = rtnl_register_module(THIS_MODULE, PF_INET6, RTM_GETROUTE,
5225 inet6_rtm_getroute, NULL,
5226 RTNL_FLAG_DOIT_UNLOCKED);
5227 if (ret < 0)
5228 goto out_register_late_subsys;
5229
5230 ret = register_netdevice_notifier(&ip6_route_dev_notifier);
5231 if (ret)
5232 goto out_register_late_subsys;
5233
5234 for_each_possible_cpu(cpu) {
5235 struct uncached_list *ul = per_cpu_ptr(&rt6_uncached_list, cpu);
5236
5237 INIT_LIST_HEAD(&ul->head);
5238 spin_lock_init(&ul->lock);
5239 }
5240
5241 out:
5242 return ret;
5243
5244 out_register_late_subsys:
5245 rtnl_unregister_all(PF_INET6);
5246 unregister_pernet_subsys(&ip6_route_net_late_ops);
5247 fib6_rules_init:
5248 fib6_rules_cleanup();
5249 xfrm6_init:
5250 xfrm6_fini();
5251 out_fib6_init:
5252 fib6_gc_cleanup();
5253 out_register_subsys:
5254 unregister_pernet_subsys(&ip6_route_net_ops);
5255 out_register_inetpeer:
5256 unregister_pernet_subsys(&ipv6_inetpeer_ops);
5257 out_dst_entries:
5258 dst_entries_destroy(&ip6_dst_blackhole_ops);
5259 out_kmem_cache:
5260 kmem_cache_destroy(ip6_dst_ops_template.kmem_cachep);
5261 goto out;
5262 }
5263
5264 void ip6_route_cleanup(void)
5265 {
5266 unregister_netdevice_notifier(&ip6_route_dev_notifier);
5267 unregister_pernet_subsys(&ip6_route_net_late_ops);
5268 fib6_rules_cleanup();
5269 xfrm6_fini();
5270 fib6_gc_cleanup();
5271 unregister_pernet_subsys(&ipv6_inetpeer_ops);
5272 unregister_pernet_subsys(&ip6_route_net_ops);
5273 dst_entries_destroy(&ip6_dst_blackhole_ops);
5274 kmem_cache_destroy(ip6_dst_ops_template.kmem_cachep);
5275 }
Linux with added FPC-III support