search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Linux 5.1.5
[linux/fpc-iii.git] / net / ipv6 / route.c
blobe470589fb93b249b024d74624bbea88e9d59f408
1 /*
2 * Linux INET6 implementation
3 * FIB front-end.
4 *
5 * Authors:
6 * Pedro Roque <roque@di.fc.ul.pt>
7 *
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public License
10 * as published by the Free Software Foundation; either version
11 * 2 of the License, or (at your option) any later version.
12 */
13
14 /* Changes:
15 *
16 * YOSHIFUJI Hideaki @USAGI
17 * reworked default router selection.
18 * - respect outgoing interface
19 * - select from (probably) reachable routers (i.e.
20 * routers in REACHABLE, STALE, DELAY or PROBE states).
21 * - always select the same router if it is (probably)
22 * reachable. otherwise, round-robin the list.
23 * Ville Nuorvala
24 * Fixed routing subtrees.
25 */
26
27 #define pr_fmt(fmt) "IPv6: " fmt
28
29 #include <linux/capability.h>
30 #include <linux/errno.h>
31 #include <linux/export.h>
32 #include <linux/types.h>
33 #include <linux/times.h>
34 #include <linux/socket.h>
35 #include <linux/sockios.h>
36 #include <linux/net.h>
37 #include <linux/route.h>
38 #include <linux/netdevice.h>
39 #include <linux/in6.h>
40 #include <linux/mroute6.h>
41 #include <linux/init.h>
42 #include <linux/if_arp.h>
43 #include <linux/proc_fs.h>
44 #include <linux/seq_file.h>
45 #include <linux/nsproxy.h>
46 #include <linux/slab.h>
47 #include <linux/jhash.h>
48 #include <net/net_namespace.h>
49 #include <net/snmp.h>
50 #include <net/ipv6.h>
51 #include <net/ip6_fib.h>
52 #include <net/ip6_route.h>
53 #include <net/ndisc.h>
54 #include <net/addrconf.h>
55 #include <net/tcp.h>
56 #include <linux/rtnetlink.h>
57 #include <net/dst.h>
58 #include <net/dst_metadata.h>
59 #include <net/xfrm.h>
60 #include <net/netevent.h>
61 #include <net/netlink.h>
62 #include <net/nexthop.h>
63 #include <net/lwtunnel.h>
64 #include <net/ip_tunnels.h>
65 #include <net/l3mdev.h>
66 #include <net/ip.h>
67 #include <linux/uaccess.h>
68
69 #ifdef CONFIG_SYSCTL
70 #include <linux/sysctl.h>
71 #endif
72
73 static int ip6_rt_type_to_error(u8 fib6_type);
74
75 #define CREATE_TRACE_POINTS
76 #include <trace/events/fib6.h>
77 EXPORT_TRACEPOINT_SYMBOL_GPL(fib6_table_lookup);
78 #undef CREATE_TRACE_POINTS
79
80 enum rt6_nud_state {
81 RT6_NUD_FAIL_HARD = -3,
82 RT6_NUD_FAIL_PROBE = -2,
83 RT6_NUD_FAIL_DO_RR = -1,
84 RT6_NUD_SUCCEED = 1
85 };
86
87 static struct dst_entry *ip6_dst_check(struct dst_entry *dst, u32 cookie);
88 static unsigned int ip6_default_advmss(const struct dst_entry *dst);
89 static unsigned int ip6_mtu(const struct dst_entry *dst);
90 static struct dst_entry *ip6_negative_advice(struct dst_entry *);
91 static void ip6_dst_destroy(struct dst_entry *);
92 static void ip6_dst_ifdown(struct dst_entry *,
93 struct net_device *dev, int how);
94 static int ip6_dst_gc(struct dst_ops *ops);
95
96 static int ip6_pkt_discard(struct sk_buff *skb);
97 static int ip6_pkt_discard_out(struct net *net, struct sock *sk, struct sk_buff *skb);
98 static int ip6_pkt_prohibit(struct sk_buff *skb);
99 static int ip6_pkt_prohibit_out(struct net *net, struct sock *sk, struct sk_buff *skb);
100 static void ip6_link_failure(struct sk_buff *skb);
101 static void ip6_rt_update_pmtu(struct dst_entry *dst, struct sock *sk,
102 struct sk_buff *skb, u32 mtu);
103 static void rt6_do_redirect(struct dst_entry *dst, struct sock *sk,
104 struct sk_buff *skb);
105 static int rt6_score_route(struct fib6_info *rt, int oif, int strict);
106 static size_t rt6_nlmsg_size(struct fib6_info *rt);
107 static int rt6_fill_node(struct net *net, struct sk_buff *skb,
108 struct fib6_info *rt, struct dst_entry *dst,
109 struct in6_addr *dest, struct in6_addr *src,
110 int iif, int type, u32 portid, u32 seq,
111 unsigned int flags);
112 static struct rt6_info *rt6_find_cached_rt(struct fib6_info *rt,
113 const struct in6_addr *daddr,
114 const struct in6_addr *saddr);
115
116 #ifdef CONFIG_IPV6_ROUTE_INFO
117 static struct fib6_info *rt6_add_route_info(struct net *net,
118 const struct in6_addr *prefix, int prefixlen,
119 const struct in6_addr *gwaddr,
120 struct net_device *dev,
121 unsigned int pref);
122 static struct fib6_info *rt6_get_route_info(struct net *net,
123 const struct in6_addr *prefix, int prefixlen,
124 const struct in6_addr *gwaddr,
125 struct net_device *dev);
126 #endif
127
128 struct uncached_list {
129 spinlock_t lock;
130 struct list_head head;
131 };
132
133 static DEFINE_PER_CPU_ALIGNED(struct uncached_list, rt6_uncached_list);
134
135 void rt6_uncached_list_add(struct rt6_info *rt)
136 {
137 struct uncached_list *ul = raw_cpu_ptr(&rt6_uncached_list);
138
139 rt->rt6i_uncached_list = ul;
140
141 spin_lock_bh(&ul->lock);
142 list_add_tail(&rt->rt6i_uncached, &ul->head);
143 spin_unlock_bh(&ul->lock);
144 }
145
146 void rt6_uncached_list_del(struct rt6_info *rt)
147 {
148 if (!list_empty(&rt->rt6i_uncached)) {
149 struct uncached_list *ul = rt->rt6i_uncached_list;
150 struct net *net = dev_net(rt->dst.dev);
151
152 spin_lock_bh(&ul->lock);
153 list_del(&rt->rt6i_uncached);
154 atomic_dec(&net->ipv6.rt6_stats->fib_rt_uncache);
155 spin_unlock_bh(&ul->lock);
156 }
157 }
158
159 static void rt6_uncached_list_flush_dev(struct net *net, struct net_device *dev)
160 {
161 struct net_device *loopback_dev = net->loopback_dev;
162 int cpu;
163
164 if (dev == loopback_dev)
165 return;
166
167 for_each_possible_cpu(cpu) {
168 struct uncached_list *ul = per_cpu_ptr(&rt6_uncached_list, cpu);
169 struct rt6_info *rt;
170
171 spin_lock_bh(&ul->lock);
172 list_for_each_entry(rt, &ul->head, rt6i_uncached) {
173 struct inet6_dev *rt_idev = rt->rt6i_idev;
174 struct net_device *rt_dev = rt->dst.dev;
175
176 if (rt_idev->dev == dev) {
177 rt->rt6i_idev = in6_dev_get(loopback_dev);
178 in6_dev_put(rt_idev);
179 }
180
181 if (rt_dev == dev) {
182 rt->dst.dev = loopback_dev;
183 dev_hold(rt->dst.dev);
184 dev_put(rt_dev);
185 }
186 }
187 spin_unlock_bh(&ul->lock);
188 }
189 }
190
191 static inline const void *choose_neigh_daddr(const struct in6_addr *p,
192 struct sk_buff *skb,
193 const void *daddr)
194 {
195 if (!ipv6_addr_any(p))
196 return (const void *) p;
197 else if (skb)
198 return &ipv6_hdr(skb)->daddr;
199 return daddr;
200 }
201
202 struct neighbour *ip6_neigh_lookup(const struct in6_addr *gw,
203 struct net_device *dev,
204 struct sk_buff *skb,
205 const void *daddr)
206 {
207 struct neighbour *n;
208
209 daddr = choose_neigh_daddr(gw, skb, daddr);
210 n = __ipv6_neigh_lookup(dev, daddr);
211 if (n)
212 return n;
213
214 n = neigh_create(&nd_tbl, daddr, dev);
215 return IS_ERR(n) ? NULL : n;
216 }
217
218 static struct neighbour *ip6_dst_neigh_lookup(const struct dst_entry *dst,
219 struct sk_buff *skb,
220 const void *daddr)
221 {
222 const struct rt6_info *rt = container_of(dst, struct rt6_info, dst);
223
224 return ip6_neigh_lookup(&rt->rt6i_gateway, dst->dev, skb, daddr);
225 }
226
227 static void ip6_confirm_neigh(const struct dst_entry *dst, const void *daddr)
228 {
229 struct net_device *dev = dst->dev;
230 struct rt6_info *rt = (struct rt6_info *)dst;
231
232 daddr = choose_neigh_daddr(&rt->rt6i_gateway, NULL, daddr);
233 if (!daddr)
234 return;
235 if (dev->flags & (IFF_NOARP | IFF_LOOPBACK))
236 return;
237 if (ipv6_addr_is_multicast((const struct in6_addr *)daddr))
238 return;
239 __ipv6_confirm_neigh(dev, daddr);
240 }
241
242 static struct dst_ops ip6_dst_ops_template = {
243 .family = AF_INET6,
244 .gc = ip6_dst_gc,
245 .gc_thresh = 1024,
246 .check = ip6_dst_check,
247 .default_advmss = ip6_default_advmss,
248 .mtu = ip6_mtu,
249 .cow_metrics = dst_cow_metrics_generic,
250 .destroy = ip6_dst_destroy,
251 .ifdown = ip6_dst_ifdown,
252 .negative_advice = ip6_negative_advice,
253 .link_failure = ip6_link_failure,
254 .update_pmtu = ip6_rt_update_pmtu,
255 .redirect = rt6_do_redirect,
256 .local_out = __ip6_local_out,
257 .neigh_lookup = ip6_dst_neigh_lookup,
258 .confirm_neigh = ip6_confirm_neigh,
259 };
260
261 static unsigned int ip6_blackhole_mtu(const struct dst_entry *dst)
262 {
263 unsigned int mtu = dst_metric_raw(dst, RTAX_MTU);
264
265 return mtu ? : dst->dev->mtu;
266 }
267
268 static void ip6_rt_blackhole_update_pmtu(struct dst_entry *dst, struct sock *sk,
269 struct sk_buff *skb, u32 mtu)
270 {
271 }
272
273 static void ip6_rt_blackhole_redirect(struct dst_entry *dst, struct sock *sk,
274 struct sk_buff *skb)
275 {
276 }
277
278 static struct dst_ops ip6_dst_blackhole_ops = {
279 .family = AF_INET6,
280 .destroy = ip6_dst_destroy,
281 .check = ip6_dst_check,
282 .mtu = ip6_blackhole_mtu,
283 .default_advmss = ip6_default_advmss,
284 .update_pmtu = ip6_rt_blackhole_update_pmtu,
285 .redirect = ip6_rt_blackhole_redirect,
286 .cow_metrics = dst_cow_metrics_generic,
287 .neigh_lookup = ip6_dst_neigh_lookup,
288 };
289
290 static const u32 ip6_template_metrics[RTAX_MAX] = {
291 [RTAX_HOPLIMIT - 1] = 0,
292 };
293
294 static const struct fib6_info fib6_null_entry_template = {
295 .fib6_flags = (RTF_REJECT | RTF_NONEXTHOP),
296 .fib6_protocol = RTPROT_KERNEL,
297 .fib6_metric = ~(u32)0,
298 .fib6_ref = ATOMIC_INIT(1),
299 .fib6_type = RTN_UNREACHABLE,
300 .fib6_metrics = (struct dst_metrics *)&dst_default_metrics,
301 };
302
303 static const struct rt6_info ip6_null_entry_template = {
304 .dst = {
305 .__refcnt = ATOMIC_INIT(1),
306 .__use = 1,
307 .obsolete = DST_OBSOLETE_FORCE_CHK,
308 .error = -ENETUNREACH,
309 .input = ip6_pkt_discard,
310 .output = ip6_pkt_discard_out,
311 },
312 .rt6i_flags = (RTF_REJECT | RTF_NONEXTHOP),
313 };
314
315 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
316
317 static const struct rt6_info ip6_prohibit_entry_template = {
318 .dst = {
319 .__refcnt = ATOMIC_INIT(1),
320 .__use = 1,
321 .obsolete = DST_OBSOLETE_FORCE_CHK,
322 .error = -EACCES,
323 .input = ip6_pkt_prohibit,
324 .output = ip6_pkt_prohibit_out,
325 },
326 .rt6i_flags = (RTF_REJECT | RTF_NONEXTHOP),
327 };
328
329 static const struct rt6_info ip6_blk_hole_entry_template = {
330 .dst = {
331 .__refcnt = ATOMIC_INIT(1),
332 .__use = 1,
333 .obsolete = DST_OBSOLETE_FORCE_CHK,
334 .error = -EINVAL,
335 .input = dst_discard,
336 .output = dst_discard_out,
337 },
338 .rt6i_flags = (RTF_REJECT | RTF_NONEXTHOP),
339 };
340
341 #endif
342
343 static void rt6_info_init(struct rt6_info *rt)
344 {
345 struct dst_entry *dst = &rt->dst;
346
347 memset(dst + 1, 0, sizeof(*rt) - sizeof(*dst));
348 INIT_LIST_HEAD(&rt->rt6i_uncached);
349 }
350
351 /* allocate dst with ip6_dst_ops */
352 struct rt6_info *ip6_dst_alloc(struct net *net, struct net_device *dev,
353 int flags)
354 {
355 struct rt6_info *rt = dst_alloc(&net->ipv6.ip6_dst_ops, dev,
356 1, DST_OBSOLETE_FORCE_CHK, flags);
357
358 if (rt) {
359 rt6_info_init(rt);
360 atomic_inc(&net->ipv6.rt6_stats->fib_rt_alloc);
361 }
362
363 return rt;
364 }
365 EXPORT_SYMBOL(ip6_dst_alloc);
366
367 static void ip6_dst_destroy(struct dst_entry *dst)
368 {
369 struct rt6_info *rt = (struct rt6_info *)dst;
370 struct fib6_info *from;
371 struct inet6_dev *idev;
372
373 ip_dst_metrics_put(dst);
374 rt6_uncached_list_del(rt);
375
376 idev = rt->rt6i_idev;
377 if (idev) {
378 rt->rt6i_idev = NULL;
379 in6_dev_put(idev);
380 }
381
382 from = xchg((__force struct fib6_info **)&rt->from, NULL);
383 fib6_info_release(from);
384 }
385
386 static void ip6_dst_ifdown(struct dst_entry *dst, struct net_device *dev,
387 int how)
388 {
389 struct rt6_info *rt = (struct rt6_info *)dst;
390 struct inet6_dev *idev = rt->rt6i_idev;
391 struct net_device *loopback_dev =
392 dev_net(dev)->loopback_dev;
393
394 if (idev && idev->dev != loopback_dev) {
395 struct inet6_dev *loopback_idev = in6_dev_get(loopback_dev);
396 if (loopback_idev) {
397 rt->rt6i_idev = loopback_idev;
398 in6_dev_put(idev);
399 }
400 }
401 }
402
403 static bool __rt6_check_expired(const struct rt6_info *rt)
404 {
405 if (rt->rt6i_flags & RTF_EXPIRES)
406 return time_after(jiffies, rt->dst.expires);
407 else
408 return false;
409 }
410
411 static bool rt6_check_expired(const struct rt6_info *rt)
412 {
413 struct fib6_info *from;
414
415 from = rcu_dereference(rt->from);
416
417 if (rt->rt6i_flags & RTF_EXPIRES) {
418 if (time_after(jiffies, rt->dst.expires))
419 return true;
420 } else if (from) {
421 return rt->dst.obsolete != DST_OBSOLETE_FORCE_CHK ||
422 fib6_check_expired(from);
423 }
424 return false;
425 }
426
427 struct fib6_info *fib6_multipath_select(const struct net *net,
428 struct fib6_info *match,
429 struct flowi6 *fl6, int oif,
430 const struct sk_buff *skb,
431 int strict)
432 {
433 struct fib6_info *sibling, *next_sibling;
434
435 /* We might have already computed the hash for ICMPv6 errors. In such
436 * case it will always be non-zero. Otherwise now is the time to do it.
437 */
438 if (!fl6->mp_hash)
439 fl6->mp_hash = rt6_multipath_hash(net, fl6, skb, NULL);
440
441 if (fl6->mp_hash <= atomic_read(&match->fib6_nh.nh_upper_bound))
442 return match;
443
444 list_for_each_entry_safe(sibling, next_sibling, &match->fib6_siblings,
445 fib6_siblings) {
446 int nh_upper_bound;
447
448 nh_upper_bound = atomic_read(&sibling->fib6_nh.nh_upper_bound);
449 if (fl6->mp_hash > nh_upper_bound)
450 continue;
451 if (rt6_score_route(sibling, oif, strict) < 0)
452 break;
453 match = sibling;
454 break;
455 }
456
457 return match;
458 }
459
460 /*
461 * Route lookup. rcu_read_lock() should be held.
462 */
463
464 static inline struct fib6_info *rt6_device_match(struct net *net,
465 struct fib6_info *rt,
466 const struct in6_addr *saddr,
467 int oif,
468 int flags)
469 {
470 struct fib6_info *sprt;
471
472 if (!oif && ipv6_addr_any(saddr) &&
473 !(rt->fib6_nh.nh_flags & RTNH_F_DEAD))
474 return rt;
475
476 for (sprt = rt; sprt; sprt = rcu_dereference(sprt->fib6_next)) {
477 const struct net_device *dev = sprt->fib6_nh.nh_dev;
478
479 if (sprt->fib6_nh.nh_flags & RTNH_F_DEAD)
480 continue;
481
482 if (oif) {
483 if (dev->ifindex == oif)
484 return sprt;
485 } else {
486 if (ipv6_chk_addr(net, saddr, dev,
487 flags & RT6_LOOKUP_F_IFACE))
488 return sprt;
489 }
490 }
491
492 if (oif && flags & RT6_LOOKUP_F_IFACE)
493 return net->ipv6.fib6_null_entry;
494
495 return rt->fib6_nh.nh_flags & RTNH_F_DEAD ? net->ipv6.fib6_null_entry : rt;
496 }
497
498 #ifdef CONFIG_IPV6_ROUTER_PREF
499 struct __rt6_probe_work {
500 struct work_struct work;
501 struct in6_addr target;
502 struct net_device *dev;
503 };
504
505 static void rt6_probe_deferred(struct work_struct *w)
506 {
507 struct in6_addr mcaddr;
508 struct __rt6_probe_work *work =
509 container_of(w, struct __rt6_probe_work, work);
510
511 addrconf_addr_solict_mult(&work->target, &mcaddr);
512 ndisc_send_ns(work->dev, &work->target, &mcaddr, NULL, 0);
513 dev_put(work->dev);
514 kfree(work);
515 }
516
517 static void rt6_probe(struct fib6_info *rt)
518 {
519 struct __rt6_probe_work *work = NULL;
520 const struct in6_addr *nh_gw;
521 struct neighbour *neigh;
522 struct net_device *dev;
523 struct inet6_dev *idev;
524
525 /*
526 * Okay, this does not seem to be appropriate
527 * for now, however, we need to check if it
528 * is really so; aka Router Reachability Probing.
529 *
530 * Router Reachability Probe MUST be rate-limited
531 * to no more than one per minute.
532 */
533 if (!rt || !(rt->fib6_flags & RTF_GATEWAY))
534 return;
535
536 nh_gw = &rt->fib6_nh.nh_gw;
537 dev = rt->fib6_nh.nh_dev;
538 rcu_read_lock_bh();
539 idev = __in6_dev_get(dev);
540 neigh = __ipv6_neigh_lookup_noref(dev, nh_gw);
541 if (neigh) {
542 if (neigh->nud_state & NUD_VALID)
543 goto out;
544
545 write_lock(&neigh->lock);
546 if (!(neigh->nud_state & NUD_VALID) &&
547 time_after(jiffies,
548 neigh->updated + idev->cnf.rtr_probe_interval)) {
549 work = kmalloc(sizeof(*work), GFP_ATOMIC);
550 if (work)
551 __neigh_set_probe_once(neigh);
552 }
553 write_unlock(&neigh->lock);
554 } else if (time_after(jiffies, rt->last_probe +
555 idev->cnf.rtr_probe_interval)) {
556 work = kmalloc(sizeof(*work), GFP_ATOMIC);
557 }
558
559 if (work) {
560 rt->last_probe = jiffies;
561 INIT_WORK(&work->work, rt6_probe_deferred);
562 work->target = *nh_gw;
563 dev_hold(dev);
564 work->dev = dev;
565 schedule_work(&work->work);
566 }
567
568 out:
569 rcu_read_unlock_bh();
570 }
571 #else
572 static inline void rt6_probe(struct fib6_info *rt)
573 {
574 }
575 #endif
576
577 /*
578 * Default Router Selection (RFC 2461 6.3.6)
579 */
580 static inline int rt6_check_dev(struct fib6_info *rt, int oif)
581 {
582 const struct net_device *dev = rt->fib6_nh.nh_dev;
583
584 if (!oif || dev->ifindex == oif)
585 return 2;
586 return 0;
587 }
588
589 static inline enum rt6_nud_state rt6_check_neigh(struct fib6_info *rt)
590 {
591 enum rt6_nud_state ret = RT6_NUD_FAIL_HARD;
592 struct neighbour *neigh;
593
594 if (rt->fib6_flags & RTF_NONEXTHOP ||
595 !(rt->fib6_flags & RTF_GATEWAY))
596 return RT6_NUD_SUCCEED;
597
598 rcu_read_lock_bh();
599 neigh = __ipv6_neigh_lookup_noref(rt->fib6_nh.nh_dev,
600 &rt->fib6_nh.nh_gw);
601 if (neigh) {
602 read_lock(&neigh->lock);
603 if (neigh->nud_state & NUD_VALID)
604 ret = RT6_NUD_SUCCEED;
605 #ifdef CONFIG_IPV6_ROUTER_PREF
606 else if (!(neigh->nud_state & NUD_FAILED))
607 ret = RT6_NUD_SUCCEED;
608 else
609 ret = RT6_NUD_FAIL_PROBE;
610 #endif
611 read_unlock(&neigh->lock);
612 } else {
613 ret = IS_ENABLED(CONFIG_IPV6_ROUTER_PREF) ?
614 RT6_NUD_SUCCEED : RT6_NUD_FAIL_DO_RR;
615 }
616 rcu_read_unlock_bh();
617
618 return ret;
619 }
620
621 static int rt6_score_route(struct fib6_info *rt, int oif, int strict)
622 {
623 int m;
624
625 m = rt6_check_dev(rt, oif);
626 if (!m && (strict & RT6_LOOKUP_F_IFACE))
627 return RT6_NUD_FAIL_HARD;
628 #ifdef CONFIG_IPV6_ROUTER_PREF
629 m |= IPV6_DECODE_PREF(IPV6_EXTRACT_PREF(rt->fib6_flags)) << 2;
630 #endif
631 if (strict & RT6_LOOKUP_F_REACHABLE) {
632 int n = rt6_check_neigh(rt);
633 if (n < 0)
634 return n;
635 }
636 return m;
637 }
638
639 /* called with rc_read_lock held */
640 static inline bool fib6_ignore_linkdown(const struct fib6_info *f6i)
641 {
642 const struct net_device *dev = fib6_info_nh_dev(f6i);
643 bool rc = false;
644
645 if (dev) {
646 const struct inet6_dev *idev = __in6_dev_get(dev);
647
648 rc = !!idev->cnf.ignore_routes_with_linkdown;
649 }
650
651 return rc;
652 }
653
654 static struct fib6_info *find_match(struct fib6_info *rt, int oif, int strict,
655 int *mpri, struct fib6_info *match,
656 bool *do_rr)
657 {
658 int m;
659 bool match_do_rr = false;
660
661 if (rt->fib6_nh.nh_flags & RTNH_F_DEAD)
662 goto out;
663
664 if (fib6_ignore_linkdown(rt) &&
665 rt->fib6_nh.nh_flags & RTNH_F_LINKDOWN &&
666 !(strict & RT6_LOOKUP_F_IGNORE_LINKSTATE))
667 goto out;
668
669 if (fib6_check_expired(rt))
670 goto out;
671
672 m = rt6_score_route(rt, oif, strict);
673 if (m == RT6_NUD_FAIL_DO_RR) {
674 match_do_rr = true;
675 m = 0; /* lowest valid score */
676 } else if (m == RT6_NUD_FAIL_HARD) {
677 goto out;
678 }
679
680 if (strict & RT6_LOOKUP_F_REACHABLE)
681 rt6_probe(rt);
682
683 /* note that m can be RT6_NUD_FAIL_PROBE at this point */
684 if (m > *mpri) {
685 *do_rr = match_do_rr;
686 *mpri = m;
687 match = rt;
688 }
689 out:
690 return match;
691 }
692
693 static struct fib6_info *find_rr_leaf(struct fib6_node *fn,
694 struct fib6_info *leaf,
695 struct fib6_info *rr_head,
696 u32 metric, int oif, int strict,
697 bool *do_rr)
698 {
699 struct fib6_info *rt, *match, *cont;
700 int mpri = -1;
701
702 match = NULL;
703 cont = NULL;
704 for (rt = rr_head; rt; rt = rcu_dereference(rt->fib6_next)) {
705 if (rt->fib6_metric != metric) {
706 cont = rt;
707 break;
708 }
709
710 match = find_match(rt, oif, strict, &mpri, match, do_rr);
711 }
712
713 for (rt = leaf; rt && rt != rr_head;
714 rt = rcu_dereference(rt->fib6_next)) {
715 if (rt->fib6_metric != metric) {
716 cont = rt;
717 break;
718 }
719
720 match = find_match(rt, oif, strict, &mpri, match, do_rr);
721 }
722
723 if (match || !cont)
724 return match;
725
726 for (rt = cont; rt; rt = rcu_dereference(rt->fib6_next))
727 match = find_match(rt, oif, strict, &mpri, match, do_rr);
728
729 return match;
730 }
731
732 static struct fib6_info *rt6_select(struct net *net, struct fib6_node *fn,
733 int oif, int strict)
734 {
735 struct fib6_info *leaf = rcu_dereference(fn->leaf);
736 struct fib6_info *match, *rt0;
737 bool do_rr = false;
738 int key_plen;
739
740 if (!leaf || leaf == net->ipv6.fib6_null_entry)
741 return net->ipv6.fib6_null_entry;
742
743 rt0 = rcu_dereference(fn->rr_ptr);
744 if (!rt0)
745 rt0 = leaf;
746
747 /* Double check to make sure fn is not an intermediate node
748 * and fn->leaf does not points to its child's leaf
749 * (This might happen if all routes under fn are deleted from
750 * the tree and fib6_repair_tree() is called on the node.)
751 */
752 key_plen = rt0->fib6_dst.plen;
753 #ifdef CONFIG_IPV6_SUBTREES
754 if (rt0->fib6_src.plen)
755 key_plen = rt0->fib6_src.plen;
756 #endif
757 if (fn->fn_bit != key_plen)
758 return net->ipv6.fib6_null_entry;
759
760 match = find_rr_leaf(fn, leaf, rt0, rt0->fib6_metric, oif, strict,
761 &do_rr);
762
763 if (do_rr) {
764 struct fib6_info *next = rcu_dereference(rt0->fib6_next);
765
766 /* no entries matched; do round-robin */
767 if (!next || next->fib6_metric != rt0->fib6_metric)
768 next = leaf;
769
770 if (next != rt0) {
771 spin_lock_bh(&leaf->fib6_table->tb6_lock);
772 /* make sure next is not being deleted from the tree */
773 if (next->fib6_node)
774 rcu_assign_pointer(fn->rr_ptr, next);
775 spin_unlock_bh(&leaf->fib6_table->tb6_lock);
776 }
777 }
778
779 return match ? match : net->ipv6.fib6_null_entry;
780 }
781
782 static bool rt6_is_gw_or_nonexthop(const struct fib6_info *rt)
783 {
784 return (rt->fib6_flags & (RTF_NONEXTHOP | RTF_GATEWAY));
785 }
786
787 #ifdef CONFIG_IPV6_ROUTE_INFO
788 int rt6_route_rcv(struct net_device *dev, u8 *opt, int len,
789 const struct in6_addr *gwaddr)
790 {
791 struct net *net = dev_net(dev);
792 struct route_info *rinfo = (struct route_info *) opt;
793 struct in6_addr prefix_buf, *prefix;
794 unsigned int pref;
795 unsigned long lifetime;
796 struct fib6_info *rt;
797
798 if (len < sizeof(struct route_info)) {
799 return -EINVAL;
800 }
801
802 /* Sanity check for prefix_len and length */
803 if (rinfo->length > 3) {
804 return -EINVAL;
805 } else if (rinfo->prefix_len > 128) {
806 return -EINVAL;
807 } else if (rinfo->prefix_len > 64) {
808 if (rinfo->length < 2) {
809 return -EINVAL;
810 }
811 } else if (rinfo->prefix_len > 0) {
812 if (rinfo->length < 1) {
813 return -EINVAL;
814 }
815 }
816
817 pref = rinfo->route_pref;
818 if (pref == ICMPV6_ROUTER_PREF_INVALID)
819 return -EINVAL;
820
821 lifetime = addrconf_timeout_fixup(ntohl(rinfo->lifetime), HZ);
822
823 if (rinfo->length == 3)
824 prefix = (struct in6_addr *)rinfo->prefix;
825 else {
826 /* this function is safe */
827 ipv6_addr_prefix(&prefix_buf,
828 (struct in6_addr *)rinfo->prefix,
829 rinfo->prefix_len);
830 prefix = &prefix_buf;
831 }
832
833 if (rinfo->prefix_len == 0)
834 rt = rt6_get_dflt_router(net, gwaddr, dev);
835 else
836 rt = rt6_get_route_info(net, prefix, rinfo->prefix_len,
837 gwaddr, dev);
838
839 if (rt && !lifetime) {
840 ip6_del_rt(net, rt);
841 rt = NULL;
842 }
843
844 if (!rt && lifetime)
845 rt = rt6_add_route_info(net, prefix, rinfo->prefix_len, gwaddr,
846 dev, pref);
847 else if (rt)
848 rt->fib6_flags = RTF_ROUTEINFO |
849 (rt->fib6_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
850
851 if (rt) {
852 if (!addrconf_finite_timeout(lifetime))
853 fib6_clean_expires(rt);
854 else
855 fib6_set_expires(rt, jiffies + HZ * lifetime);
856
857 fib6_info_release(rt);
858 }
859 return 0;
860 }
861 #endif
862
863 /*
864 * Misc support functions
865 */
866
867 /* called with rcu_lock held */
868 static struct net_device *ip6_rt_get_dev_rcu(struct fib6_info *rt)
869 {
870 struct net_device *dev = rt->fib6_nh.nh_dev;
871
872 if (rt->fib6_flags & (RTF_LOCAL | RTF_ANYCAST)) {
873 /* for copies of local routes, dst->dev needs to be the
874 * device if it is a master device, the master device if
875 * device is enslaved, and the loopback as the default
876 */
877 if (netif_is_l3_slave(dev) &&
878 !rt6_need_strict(&rt->fib6_dst.addr))
879 dev = l3mdev_master_dev_rcu(dev);
880 else if (!netif_is_l3_master(dev))
881 dev = dev_net(dev)->loopback_dev;
882 /* last case is netif_is_l3_master(dev) is true in which
883 * case we want dev returned to be dev
884 */
885 }
886
887 return dev;
888 }
889
890 static const int fib6_prop[RTN_MAX + 1] = {
891 [RTN_UNSPEC] = 0,
892 [RTN_UNICAST] = 0,
893 [RTN_LOCAL] = 0,
894 [RTN_BROADCAST] = 0,
895 [RTN_ANYCAST] = 0,
896 [RTN_MULTICAST] = 0,
897 [RTN_BLACKHOLE] = -EINVAL,
898 [RTN_UNREACHABLE] = -EHOSTUNREACH,
899 [RTN_PROHIBIT] = -EACCES,
900 [RTN_THROW] = -EAGAIN,
901 [RTN_NAT] = -EINVAL,
902 [RTN_XRESOLVE] = -EINVAL,
903 };
904
905 static int ip6_rt_type_to_error(u8 fib6_type)
906 {
907 return fib6_prop[fib6_type];
908 }
909
910 static unsigned short fib6_info_dst_flags(struct fib6_info *rt)
911 {
912 unsigned short flags = 0;
913
914 if (rt->dst_nocount)
915 flags |= DST_NOCOUNT;
916 if (rt->dst_nopolicy)
917 flags |= DST_NOPOLICY;
918 if (rt->dst_host)
919 flags |= DST_HOST;
920
921 return flags;
922 }
923
924 static void ip6_rt_init_dst_reject(struct rt6_info *rt, struct fib6_info *ort)
925 {
926 rt->dst.error = ip6_rt_type_to_error(ort->fib6_type);
927
928 switch (ort->fib6_type) {
929 case RTN_BLACKHOLE:
930 rt->dst.output = dst_discard_out;
931 rt->dst.input = dst_discard;
932 break;
933 case RTN_PROHIBIT:
934 rt->dst.output = ip6_pkt_prohibit_out;
935 rt->dst.input = ip6_pkt_prohibit;
936 break;
937 case RTN_THROW:
938 case RTN_UNREACHABLE:
939 default:
940 rt->dst.output = ip6_pkt_discard_out;
941 rt->dst.input = ip6_pkt_discard;
942 break;
943 }
944 }
945
946 static void ip6_rt_init_dst(struct rt6_info *rt, struct fib6_info *ort)
947 {
948 if (ort->fib6_flags & RTF_REJECT) {
949 ip6_rt_init_dst_reject(rt, ort);
950 return;
951 }
952
953 rt->dst.error = 0;
954 rt->dst.output = ip6_output;
955
956 if (ort->fib6_type == RTN_LOCAL || ort->fib6_type == RTN_ANYCAST) {
957 rt->dst.input = ip6_input;
958 } else if (ipv6_addr_type(&ort->fib6_dst.addr) & IPV6_ADDR_MULTICAST) {
959 rt->dst.input = ip6_mc_input;
960 } else {
961 rt->dst.input = ip6_forward;
962 }
963
964 if (ort->fib6_nh.nh_lwtstate) {
965 rt->dst.lwtstate = lwtstate_get(ort->fib6_nh.nh_lwtstate);
966 lwtunnel_set_redirect(&rt->dst);
967 }
968
969 rt->dst.lastuse = jiffies;
970 }
971
972 /* Caller must already hold reference to @from */
973 static void rt6_set_from(struct rt6_info *rt, struct fib6_info *from)
974 {
975 rt->rt6i_flags &= ~RTF_EXPIRES;
976 rcu_assign_pointer(rt->from, from);
977 ip_dst_init_metrics(&rt->dst, from->fib6_metrics);
978 }
979
980 /* Caller must already hold reference to @ort */
981 static void ip6_rt_copy_init(struct rt6_info *rt, struct fib6_info *ort)
982 {
983 struct net_device *dev = fib6_info_nh_dev(ort);
984
985 ip6_rt_init_dst(rt, ort);
986
987 rt->rt6i_dst = ort->fib6_dst;
988 rt->rt6i_idev = dev ? in6_dev_get(dev) : NULL;
989 rt->rt6i_gateway = ort->fib6_nh.nh_gw;
990 rt->rt6i_flags = ort->fib6_flags;
991 rt6_set_from(rt, ort);
992 #ifdef CONFIG_IPV6_SUBTREES
993 rt->rt6i_src = ort->fib6_src;
994 #endif
995 }
996
997 static struct fib6_node* fib6_backtrack(struct fib6_node *fn,
998 struct in6_addr *saddr)
999 {
1000 struct fib6_node *pn, *sn;
1001 while (1) {
1002 if (fn->fn_flags & RTN_TL_ROOT)
1003 return NULL;
1004 pn = rcu_dereference(fn->parent);
1005 sn = FIB6_SUBTREE(pn);
1006 if (sn && sn != fn)
1007 fn = fib6_node_lookup(sn, NULL, saddr);
1008 else
1009 fn = pn;
1010 if (fn->fn_flags & RTN_RTINFO)
1011 return fn;
1012 }
1013 }
1014
1015 static bool ip6_hold_safe(struct net *net, struct rt6_info **prt,
1016 bool null_fallback)
1017 {
1018 struct rt6_info *rt = *prt;
1019
1020 if (dst_hold_safe(&rt->dst))
1021 return true;
1022 if (null_fallback) {
1023 rt = net->ipv6.ip6_null_entry;
1024 dst_hold(&rt->dst);
1025 } else {
1026 rt = NULL;
1027 }
1028 *prt = rt;
1029 return false;
1030 }
1031
1032 /* called with rcu_lock held */
1033 static struct rt6_info *ip6_create_rt_rcu(struct fib6_info *rt)
1034 {
1035 unsigned short flags = fib6_info_dst_flags(rt);
1036 struct net_device *dev = rt->fib6_nh.nh_dev;
1037 struct rt6_info *nrt;
1038
1039 if (!fib6_info_hold_safe(rt))
1040 goto fallback;
1041
1042 nrt = ip6_dst_alloc(dev_net(dev), dev, flags);
1043 if (!nrt) {
1044 fib6_info_release(rt);
1045 goto fallback;
1046 }
1047
1048 ip6_rt_copy_init(nrt, rt);
1049 return nrt;
1050
1051 fallback:
1052 nrt = dev_net(dev)->ipv6.ip6_null_entry;
1053 dst_hold(&nrt->dst);
1054 return nrt;
1055 }
1056
1057 static struct rt6_info *ip6_pol_route_lookup(struct net *net,
1058 struct fib6_table *table,
1059 struct flowi6 *fl6,
1060 const struct sk_buff *skb,
1061 int flags)
1062 {
1063 struct fib6_info *f6i;
1064 struct fib6_node *fn;
1065 struct rt6_info *rt;
1066
1067 if (fl6->flowi6_flags & FLOWI_FLAG_SKIP_NH_OIF)
1068 flags &= ~RT6_LOOKUP_F_IFACE;
1069
1070 rcu_read_lock();
1071 fn = fib6_node_lookup(&table->tb6_root, &fl6->daddr, &fl6->saddr);
1072 restart:
1073 f6i = rcu_dereference(fn->leaf);
1074 if (!f6i) {
1075 f6i = net->ipv6.fib6_null_entry;
1076 } else {
1077 f6i = rt6_device_match(net, f6i, &fl6->saddr,
1078 fl6->flowi6_oif, flags);
1079 if (f6i->fib6_nsiblings && fl6->flowi6_oif == 0)
1080 f6i = fib6_multipath_select(net, f6i, fl6,
1081 fl6->flowi6_oif, skb,
1082 flags);
1083 }
1084 if (f6i == net->ipv6.fib6_null_entry) {
1085 fn = fib6_backtrack(fn, &fl6->saddr);
1086 if (fn)
1087 goto restart;
1088 }
1089
1090 trace_fib6_table_lookup(net, f6i, table, fl6);
1091
1092 /* Search through exception table */
1093 rt = rt6_find_cached_rt(f6i, &fl6->daddr, &fl6->saddr);
1094 if (rt) {
1095 if (ip6_hold_safe(net, &rt, true))
1096 dst_use_noref(&rt->dst, jiffies);
1097 } else if (f6i == net->ipv6.fib6_null_entry) {
1098 rt = net->ipv6.ip6_null_entry;
1099 dst_hold(&rt->dst);
1100 } else {
1101 rt = ip6_create_rt_rcu(f6i);
1102 }
1103
1104 rcu_read_unlock();
1105
1106 return rt;
1107 }
1108
1109 struct dst_entry *ip6_route_lookup(struct net *net, struct flowi6 *fl6,
1110 const struct sk_buff *skb, int flags)
1111 {
1112 return fib6_rule_lookup(net, fl6, skb, flags, ip6_pol_route_lookup);
1113 }
1114 EXPORT_SYMBOL_GPL(ip6_route_lookup);
1115
1116 struct rt6_info *rt6_lookup(struct net *net, const struct in6_addr *daddr,
1117 const struct in6_addr *saddr, int oif,
1118 const struct sk_buff *skb, int strict)
1119 {
1120 struct flowi6 fl6 = {
1121 .flowi6_oif = oif,
1122 .daddr = *daddr,
1123 };
1124 struct dst_entry *dst;
1125 int flags = strict ? RT6_LOOKUP_F_IFACE : 0;
1126
1127 if (saddr) {
1128 memcpy(&fl6.saddr, saddr, sizeof(*saddr));
1129 flags |= RT6_LOOKUP_F_HAS_SADDR;
1130 }
1131
1132 dst = fib6_rule_lookup(net, &fl6, skb, flags, ip6_pol_route_lookup);
1133 if (dst->error == 0)
1134 return (struct rt6_info *) dst;
1135
1136 dst_release(dst);
1137
1138 return NULL;
1139 }
1140 EXPORT_SYMBOL(rt6_lookup);
1141
1142 /* ip6_ins_rt is called with FREE table->tb6_lock.
1143 * It takes new route entry, the addition fails by any reason the
1144 * route is released.
1145 * Caller must hold dst before calling it.
1146 */
1147
1148 static int __ip6_ins_rt(struct fib6_info *rt, struct nl_info *info,
1149 struct netlink_ext_ack *extack)
1150 {
1151 int err;
1152 struct fib6_table *table;
1153
1154 table = rt->fib6_table;
1155 spin_lock_bh(&table->tb6_lock);
1156 err = fib6_add(&table->tb6_root, rt, info, extack);
1157 spin_unlock_bh(&table->tb6_lock);
1158
1159 return err;
1160 }
1161
1162 int ip6_ins_rt(struct net *net, struct fib6_info *rt)
1163 {
1164 struct nl_info info = { .nl_net = net, };
1165
1166 return __ip6_ins_rt(rt, &info, NULL);
1167 }
1168
1169 static struct rt6_info *ip6_rt_cache_alloc(struct fib6_info *ort,
1170 const struct in6_addr *daddr,
1171 const struct in6_addr *saddr)
1172 {
1173 struct net_device *dev;
1174 struct rt6_info *rt;
1175
1176 /*
1177 * Clone the route.
1178 */
1179
1180 if (!fib6_info_hold_safe(ort))
1181 return NULL;
1182
1183 dev = ip6_rt_get_dev_rcu(ort);
1184 rt = ip6_dst_alloc(dev_net(dev), dev, 0);
1185 if (!rt) {
1186 fib6_info_release(ort);
1187 return NULL;
1188 }
1189
1190 ip6_rt_copy_init(rt, ort);
1191 rt->rt6i_flags |= RTF_CACHE;
1192 rt->dst.flags |= DST_HOST;
1193 rt->rt6i_dst.addr = *daddr;
1194 rt->rt6i_dst.plen = 128;
1195
1196 if (!rt6_is_gw_or_nonexthop(ort)) {
1197 if (ort->fib6_dst.plen != 128 &&
1198 ipv6_addr_equal(&ort->fib6_dst.addr, daddr))
1199 rt->rt6i_flags |= RTF_ANYCAST;
1200 #ifdef CONFIG_IPV6_SUBTREES
1201 if (rt->rt6i_src.plen && saddr) {
1202 rt->rt6i_src.addr = *saddr;
1203 rt->rt6i_src.plen = 128;
1204 }
1205 #endif
1206 }
1207
1208 return rt;
1209 }
1210
1211 static struct rt6_info *ip6_rt_pcpu_alloc(struct fib6_info *rt)
1212 {
1213 unsigned short flags = fib6_info_dst_flags(rt);
1214 struct net_device *dev;
1215 struct rt6_info *pcpu_rt;
1216
1217 if (!fib6_info_hold_safe(rt))
1218 return NULL;
1219
1220 rcu_read_lock();
1221 dev = ip6_rt_get_dev_rcu(rt);
1222 pcpu_rt = ip6_dst_alloc(dev_net(dev), dev, flags);
1223 rcu_read_unlock();
1224 if (!pcpu_rt) {
1225 fib6_info_release(rt);
1226 return NULL;
1227 }
1228 ip6_rt_copy_init(pcpu_rt, rt);
1229 pcpu_rt->rt6i_flags |= RTF_PCPU;
1230 return pcpu_rt;
1231 }
1232
1233 /* It should be called with rcu_read_lock() acquired */
1234 static struct rt6_info *rt6_get_pcpu_route(struct fib6_info *rt)
1235 {
1236 struct rt6_info *pcpu_rt, **p;
1237
1238 p = this_cpu_ptr(rt->rt6i_pcpu);
1239 pcpu_rt = *p;
1240
1241 if (pcpu_rt)
1242 ip6_hold_safe(NULL, &pcpu_rt, false);
1243
1244 return pcpu_rt;
1245 }
1246
1247 static struct rt6_info *rt6_make_pcpu_route(struct net *net,
1248 struct fib6_info *rt)
1249 {
1250 struct rt6_info *pcpu_rt, *prev, **p;
1251
1252 pcpu_rt = ip6_rt_pcpu_alloc(rt);
1253 if (!pcpu_rt) {
1254 dst_hold(&net->ipv6.ip6_null_entry->dst);
1255 return net->ipv6.ip6_null_entry;
1256 }
1257
1258 dst_hold(&pcpu_rt->dst);
1259 p = this_cpu_ptr(rt->rt6i_pcpu);
1260 prev = cmpxchg(p, NULL, pcpu_rt);
1261 BUG_ON(prev);
1262
1263 if (rt->fib6_destroying) {
1264 struct fib6_info *from;
1265
1266 from = xchg((__force struct fib6_info **)&pcpu_rt->from, NULL);
1267 fib6_info_release(from);
1268 }
1269
1270 return pcpu_rt;
1271 }
1272
1273 /* exception hash table implementation
1274 */
1275 static DEFINE_SPINLOCK(rt6_exception_lock);
1276
1277 /* Remove rt6_ex from hash table and free the memory
1278 * Caller must hold rt6_exception_lock
1279 */
1280 static void rt6_remove_exception(struct rt6_exception_bucket *bucket,
1281 struct rt6_exception *rt6_ex)
1282 {
1283 struct fib6_info *from;
1284 struct net *net;
1285
1286 if (!bucket || !rt6_ex)
1287 return;
1288
1289 net = dev_net(rt6_ex->rt6i->dst.dev);
1290 net->ipv6.rt6_stats->fib_rt_cache--;
1291
1292 /* purge completely the exception to allow releasing the held resources:
1293 * some [sk] cache may keep the dst around for unlimited time
1294 */
1295 from = xchg((__force struct fib6_info **)&rt6_ex->rt6i->from, NULL);
1296 fib6_info_release(from);
1297 dst_dev_put(&rt6_ex->rt6i->dst);
1298
1299 hlist_del_rcu(&rt6_ex->hlist);
1300 dst_release(&rt6_ex->rt6i->dst);
1301 kfree_rcu(rt6_ex, rcu);
1302 WARN_ON_ONCE(!bucket->depth);
1303 bucket->depth--;
1304 }
1305
1306 /* Remove oldest rt6_ex in bucket and free the memory
1307 * Caller must hold rt6_exception_lock
1308 */
1309 static void rt6_exception_remove_oldest(struct rt6_exception_bucket *bucket)
1310 {
1311 struct rt6_exception *rt6_ex, *oldest = NULL;
1312
1313 if (!bucket)
1314 return;
1315
1316 hlist_for_each_entry(rt6_ex, &bucket->chain, hlist) {
1317 if (!oldest || time_before(rt6_ex->stamp, oldest->stamp))
1318 oldest = rt6_ex;
1319 }
1320 rt6_remove_exception(bucket, oldest);
1321 }
1322
1323 static u32 rt6_exception_hash(const struct in6_addr *dst,
1324 const struct in6_addr *src)
1325 {
1326 static u32 seed __read_mostly;
1327 u32 val;
1328
1329 net_get_random_once(&seed, sizeof(seed));
1330 val = jhash(dst, sizeof(*dst), seed);
1331
1332 #ifdef CONFIG_IPV6_SUBTREES
1333 if (src)
1334 val = jhash(src, sizeof(*src), val);
1335 #endif
1336 return hash_32(val, FIB6_EXCEPTION_BUCKET_SIZE_SHIFT);
1337 }
1338
1339 /* Helper function to find the cached rt in the hash table
1340 * and update bucket pointer to point to the bucket for this
1341 * (daddr, saddr) pair
1342 * Caller must hold rt6_exception_lock
1343 */
1344 static struct rt6_exception *
1345 __rt6_find_exception_spinlock(struct rt6_exception_bucket **bucket,
1346 const struct in6_addr *daddr,
1347 const struct in6_addr *saddr)
1348 {
1349 struct rt6_exception *rt6_ex;
1350 u32 hval;
1351
1352 if (!(*bucket) || !daddr)
1353 return NULL;
1354
1355 hval = rt6_exception_hash(daddr, saddr);
1356 *bucket += hval;
1357
1358 hlist_for_each_entry(rt6_ex, &(*bucket)->chain, hlist) {
1359 struct rt6_info *rt6 = rt6_ex->rt6i;
1360 bool matched = ipv6_addr_equal(daddr, &rt6->rt6i_dst.addr);
1361
1362 #ifdef CONFIG_IPV6_SUBTREES
1363 if (matched && saddr)
1364 matched = ipv6_addr_equal(saddr, &rt6->rt6i_src.addr);
1365 #endif
1366 if (matched)
1367 return rt6_ex;
1368 }
1369 return NULL;
1370 }
1371
1372 /* Helper function to find the cached rt in the hash table
1373 * and update bucket pointer to point to the bucket for this
1374 * (daddr, saddr) pair
1375 * Caller must hold rcu_read_lock()
1376 */
1377 static struct rt6_exception *
1378 __rt6_find_exception_rcu(struct rt6_exception_bucket **bucket,
1379 const struct in6_addr *daddr,
1380 const struct in6_addr *saddr)
1381 {
1382 struct rt6_exception *rt6_ex;
1383 u32 hval;
1384
1385 WARN_ON_ONCE(!rcu_read_lock_held());
1386
1387 if (!(*bucket) || !daddr)
1388 return NULL;
1389
1390 hval = rt6_exception_hash(daddr, saddr);
1391 *bucket += hval;
1392
1393 hlist_for_each_entry_rcu(rt6_ex, &(*bucket)->chain, hlist) {
1394 struct rt6_info *rt6 = rt6_ex->rt6i;
1395 bool matched = ipv6_addr_equal(daddr, &rt6->rt6i_dst.addr);
1396
1397 #ifdef CONFIG_IPV6_SUBTREES
1398 if (matched && saddr)
1399 matched = ipv6_addr_equal(saddr, &rt6->rt6i_src.addr);
1400 #endif
1401 if (matched)
1402 return rt6_ex;
1403 }
1404 return NULL;
1405 }
1406
1407 static unsigned int fib6_mtu(const struct fib6_info *rt)
1408 {
1409 unsigned int mtu;
1410
1411 if (rt->fib6_pmtu) {
1412 mtu = rt->fib6_pmtu;
1413 } else {
1414 struct net_device *dev = fib6_info_nh_dev(rt);
1415 struct inet6_dev *idev;
1416
1417 rcu_read_lock();
1418 idev = __in6_dev_get(dev);
1419 mtu = idev->cnf.mtu6;
1420 rcu_read_unlock();
1421 }
1422
1423 mtu = min_t(unsigned int, mtu, IP6_MAX_MTU);
1424
1425 return mtu - lwtunnel_headroom(rt->fib6_nh.nh_lwtstate, mtu);
1426 }
1427
1428 static int rt6_insert_exception(struct rt6_info *nrt,
1429 struct fib6_info *ort)
1430 {
1431 struct net *net = dev_net(nrt->dst.dev);
1432 struct rt6_exception_bucket *bucket;
1433 struct in6_addr *src_key = NULL;
1434 struct rt6_exception *rt6_ex;
1435 int err = 0;
1436
1437 spin_lock_bh(&rt6_exception_lock);
1438
1439 if (ort->exception_bucket_flushed) {
1440 err = -EINVAL;
1441 goto out;
1442 }
1443
1444 bucket = rcu_dereference_protected(ort->rt6i_exception_bucket,
1445 lockdep_is_held(&rt6_exception_lock));
1446 if (!bucket) {
1447 bucket = kcalloc(FIB6_EXCEPTION_BUCKET_SIZE, sizeof(*bucket),
1448 GFP_ATOMIC);
1449 if (!bucket) {
1450 err = -ENOMEM;
1451 goto out;
1452 }
1453 rcu_assign_pointer(ort->rt6i_exception_bucket, bucket);
1454 }
1455
1456 #ifdef CONFIG_IPV6_SUBTREES
1457 /* rt6i_src.plen != 0 indicates ort is in subtree
1458 * and exception table is indexed by a hash of
1459 * both rt6i_dst and rt6i_src.
1460 * Otherwise, the exception table is indexed by
1461 * a hash of only rt6i_dst.
1462 */
1463 if (ort->fib6_src.plen)
1464 src_key = &nrt->rt6i_src.addr;
1465 #endif
1466 /* rt6_mtu_change() might lower mtu on ort.
1467 * Only insert this exception route if its mtu
1468 * is less than ort's mtu value.
1469 */
1470 if (dst_metric_raw(&nrt->dst, RTAX_MTU) >= fib6_mtu(ort)) {
1471 err = -EINVAL;
1472 goto out;
1473 }
1474
1475 rt6_ex = __rt6_find_exception_spinlock(&bucket, &nrt->rt6i_dst.addr,
1476 src_key);
1477 if (rt6_ex)
1478 rt6_remove_exception(bucket, rt6_ex);
1479
1480 rt6_ex = kzalloc(sizeof(*rt6_ex), GFP_ATOMIC);
1481 if (!rt6_ex) {
1482 err = -ENOMEM;
1483 goto out;
1484 }
1485 rt6_ex->rt6i = nrt;
1486 rt6_ex->stamp = jiffies;
1487 hlist_add_head_rcu(&rt6_ex->hlist, &bucket->chain);
1488 bucket->depth++;
1489 net->ipv6.rt6_stats->fib_rt_cache++;
1490
1491 if (bucket->depth > FIB6_MAX_DEPTH)
1492 rt6_exception_remove_oldest(bucket);
1493
1494 out:
1495 spin_unlock_bh(&rt6_exception_lock);
1496
1497 /* Update fn->fn_sernum to invalidate all cached dst */
1498 if (!err) {
1499 spin_lock_bh(&ort->fib6_table->tb6_lock);
1500 fib6_update_sernum(net, ort);
1501 spin_unlock_bh(&ort->fib6_table->tb6_lock);
1502 fib6_force_start_gc(net);
1503 }
1504
1505 return err;
1506 }
1507
1508 void rt6_flush_exceptions(struct fib6_info *rt)
1509 {
1510 struct rt6_exception_bucket *bucket;
1511 struct rt6_exception *rt6_ex;
1512 struct hlist_node *tmp;
1513 int i;
1514
1515 spin_lock_bh(&rt6_exception_lock);
1516 /* Prevent rt6_insert_exception() to recreate the bucket list */
1517 rt->exception_bucket_flushed = 1;
1518
1519 bucket = rcu_dereference_protected(rt->rt6i_exception_bucket,
1520 lockdep_is_held(&rt6_exception_lock));
1521 if (!bucket)
1522 goto out;
1523
1524 for (i = 0; i < FIB6_EXCEPTION_BUCKET_SIZE; i++) {
1525 hlist_for_each_entry_safe(rt6_ex, tmp, &bucket->chain, hlist)
1526 rt6_remove_exception(bucket, rt6_ex);
1527 WARN_ON_ONCE(bucket->depth);
1528 bucket++;
1529 }
1530
1531 out:
1532 spin_unlock_bh(&rt6_exception_lock);
1533 }
1534
1535 /* Find cached rt in the hash table inside passed in rt
1536 * Caller has to hold rcu_read_lock()
1537 */
1538 static struct rt6_info *rt6_find_cached_rt(struct fib6_info *rt,
1539 const struct in6_addr *daddr,
1540 const struct in6_addr *saddr)
1541 {
1542 const struct in6_addr *src_key = NULL;
1543 struct rt6_exception_bucket *bucket;
1544 struct rt6_exception *rt6_ex;
1545 struct rt6_info *res = NULL;
1546
1547 #ifdef CONFIG_IPV6_SUBTREES
1548 /* rt6i_src.plen != 0 indicates rt is in subtree
1549 * and exception table is indexed by a hash of
1550 * both rt6i_dst and rt6i_src.
1551 * However, the src addr used to create the hash
1552 * might not be exactly the passed in saddr which
1553 * is a /128 addr from the flow.
1554 * So we need to use f6i->fib6_src to redo lookup
1555 * if the passed in saddr does not find anything.
1556 * (See the logic in ip6_rt_cache_alloc() on how
1557 * rt->rt6i_src is updated.)
1558 */
1559 if (rt->fib6_src.plen)
1560 src_key = saddr;
1561 find_ex:
1562 #endif
1563 bucket = rcu_dereference(rt->rt6i_exception_bucket);
1564 rt6_ex = __rt6_find_exception_rcu(&bucket, daddr, src_key);
1565
1566 if (rt6_ex && !rt6_check_expired(rt6_ex->rt6i))
1567 res = rt6_ex->rt6i;
1568
1569 #ifdef CONFIG_IPV6_SUBTREES
1570 /* Use fib6_src as src_key and redo lookup */
1571 if (!res && src_key && src_key != &rt->fib6_src.addr) {
1572 src_key = &rt->fib6_src.addr;
1573 goto find_ex;
1574 }
1575 #endif
1576
1577 return res;
1578 }
1579
1580 /* Remove the passed in cached rt from the hash table that contains it */
1581 static int rt6_remove_exception_rt(struct rt6_info *rt)
1582 {
1583 struct rt6_exception_bucket *bucket;
1584 struct in6_addr *src_key = NULL;
1585 struct rt6_exception *rt6_ex;
1586 struct fib6_info *from;
1587 int err;
1588
1589 from = rcu_dereference(rt->from);
1590 if (!from ||
1591 !(rt->rt6i_flags & RTF_CACHE))
1592 return -EINVAL;
1593
1594 if (!rcu_access_pointer(from->rt6i_exception_bucket))
1595 return -ENOENT;
1596
1597 spin_lock_bh(&rt6_exception_lock);
1598 bucket = rcu_dereference_protected(from->rt6i_exception_bucket,
1599 lockdep_is_held(&rt6_exception_lock));
1600 #ifdef CONFIG_IPV6_SUBTREES
1601 /* rt6i_src.plen != 0 indicates 'from' is in subtree
1602 * and exception table is indexed by a hash of
1603 * both rt6i_dst and rt6i_src.
1604 * Otherwise, the exception table is indexed by
1605 * a hash of only rt6i_dst.
1606 */
1607 if (from->fib6_src.plen)
1608 src_key = &rt->rt6i_src.addr;
1609 #endif
1610 rt6_ex = __rt6_find_exception_spinlock(&bucket,
1611 &rt->rt6i_dst.addr,
1612 src_key);
1613 if (rt6_ex) {
1614 rt6_remove_exception(bucket, rt6_ex);
1615 err = 0;
1616 } else {
1617 err = -ENOENT;
1618 }
1619
1620 spin_unlock_bh(&rt6_exception_lock);
1621 return err;
1622 }
1623
1624 /* Find rt6_ex which contains the passed in rt cache and
1625 * refresh its stamp
1626 */
1627 static void rt6_update_exception_stamp_rt(struct rt6_info *rt)
1628 {
1629 struct rt6_exception_bucket *bucket;
1630 struct in6_addr *src_key = NULL;
1631 struct rt6_exception *rt6_ex;
1632 struct fib6_info *from;
1633
1634 rcu_read_lock();
1635 from = rcu_dereference(rt->from);
1636 if (!from || !(rt->rt6i_flags & RTF_CACHE))
1637 goto unlock;
1638
1639 bucket = rcu_dereference(from->rt6i_exception_bucket);
1640
1641 #ifdef CONFIG_IPV6_SUBTREES
1642 /* rt6i_src.plen != 0 indicates 'from' is in subtree
1643 * and exception table is indexed by a hash of
1644 * both rt6i_dst and rt6i_src.
1645 * Otherwise, the exception table is indexed by
1646 * a hash of only rt6i_dst.
1647 */
1648 if (from->fib6_src.plen)
1649 src_key = &rt->rt6i_src.addr;
1650 #endif
1651 rt6_ex = __rt6_find_exception_rcu(&bucket,
1652 &rt->rt6i_dst.addr,
1653 src_key);
1654 if (rt6_ex)
1655 rt6_ex->stamp = jiffies;
1656
1657 unlock:
1658 rcu_read_unlock();
1659 }
1660
1661 static bool rt6_mtu_change_route_allowed(struct inet6_dev *idev,
1662 struct rt6_info *rt, int mtu)
1663 {
1664 /* If the new MTU is lower than the route PMTU, this new MTU will be the
1665 * lowest MTU in the path: always allow updating the route PMTU to
1666 * reflect PMTU decreases.
1667 *
1668 * If the new MTU is higher, and the route PMTU is equal to the local
1669 * MTU, this means the old MTU is the lowest in the path, so allow
1670 * updating it: if other nodes now have lower MTUs, PMTU discovery will
1671 * handle this.
1672 */
1673
1674 if (dst_mtu(&rt->dst) >= mtu)
1675 return true;
1676
1677 if (dst_mtu(&rt->dst) == idev->cnf.mtu6)
1678 return true;
1679
1680 return false;
1681 }
1682
1683 static void rt6_exceptions_update_pmtu(struct inet6_dev *idev,
1684 struct fib6_info *rt, int mtu)
1685 {
1686 struct rt6_exception_bucket *bucket;
1687 struct rt6_exception *rt6_ex;
1688 int i;
1689
1690 bucket = rcu_dereference_protected(rt->rt6i_exception_bucket,
1691 lockdep_is_held(&rt6_exception_lock));
1692
1693 if (!bucket)
1694 return;
1695
1696 for (i = 0; i < FIB6_EXCEPTION_BUCKET_SIZE; i++) {
1697 hlist_for_each_entry(rt6_ex, &bucket->chain, hlist) {
1698 struct rt6_info *entry = rt6_ex->rt6i;
1699
1700 /* For RTF_CACHE with rt6i_pmtu == 0 (i.e. a redirected
1701 * route), the metrics of its rt->from have already
1702 * been updated.
1703 */
1704 if (dst_metric_raw(&entry->dst, RTAX_MTU) &&
1705 rt6_mtu_change_route_allowed(idev, entry, mtu))
1706 dst_metric_set(&entry->dst, RTAX_MTU, mtu);
1707 }
1708 bucket++;
1709 }
1710 }
1711
1712 #define RTF_CACHE_GATEWAY (RTF_GATEWAY | RTF_CACHE)
1713
1714 static void rt6_exceptions_clean_tohost(struct fib6_info *rt,
1715 struct in6_addr *gateway)
1716 {
1717 struct rt6_exception_bucket *bucket;
1718 struct rt6_exception *rt6_ex;
1719 struct hlist_node *tmp;
1720 int i;
1721
1722 if (!rcu_access_pointer(rt->rt6i_exception_bucket))
1723 return;
1724
1725 spin_lock_bh(&rt6_exception_lock);
1726 bucket = rcu_dereference_protected(rt->rt6i_exception_bucket,
1727 lockdep_is_held(&rt6_exception_lock));
1728
1729 if (bucket) {
1730 for (i = 0; i < FIB6_EXCEPTION_BUCKET_SIZE; i++) {
1731 hlist_for_each_entry_safe(rt6_ex, tmp,
1732 &bucket->chain, hlist) {
1733 struct rt6_info *entry = rt6_ex->rt6i;
1734
1735 if ((entry->rt6i_flags & RTF_CACHE_GATEWAY) ==
1736 RTF_CACHE_GATEWAY &&
1737 ipv6_addr_equal(gateway,
1738 &entry->rt6i_gateway)) {
1739 rt6_remove_exception(bucket, rt6_ex);
1740 }
1741 }
1742 bucket++;
1743 }
1744 }
1745
1746 spin_unlock_bh(&rt6_exception_lock);
1747 }
1748
1749 static void rt6_age_examine_exception(struct rt6_exception_bucket *bucket,
1750 struct rt6_exception *rt6_ex,
1751 struct fib6_gc_args *gc_args,
1752 unsigned long now)
1753 {
1754 struct rt6_info *rt = rt6_ex->rt6i;
1755
1756 /* we are pruning and obsoleting aged-out and non gateway exceptions
1757 * even if others have still references to them, so that on next
1758 * dst_check() such references can be dropped.
1759 * EXPIRES exceptions - e.g. pmtu-generated ones are pruned when
1760 * expired, independently from their aging, as per RFC 8201 section 4
1761 */
1762 if (!(rt->rt6i_flags & RTF_EXPIRES)) {
1763 if (time_after_eq(now, rt->dst.lastuse + gc_args->timeout)) {
1764 RT6_TRACE("aging clone %p\n", rt);
1765 rt6_remove_exception(bucket, rt6_ex);
1766 return;
1767 }
1768 } else if (time_after(jiffies, rt->dst.expires)) {
1769 RT6_TRACE("purging expired route %p\n", rt);
1770 rt6_remove_exception(bucket, rt6_ex);
1771 return;
1772 }
1773
1774 if (rt->rt6i_flags & RTF_GATEWAY) {
1775 struct neighbour *neigh;
1776 __u8 neigh_flags = 0;
1777
1778 neigh = __ipv6_neigh_lookup_noref(rt->dst.dev, &rt->rt6i_gateway);
1779 if (neigh)
1780 neigh_flags = neigh->flags;
1781
1782 if (!(neigh_flags & NTF_ROUTER)) {
1783 RT6_TRACE("purging route %p via non-router but gateway\n",
1784 rt);
1785 rt6_remove_exception(bucket, rt6_ex);
1786 return;
1787 }
1788 }
1789
1790 gc_args->more++;
1791 }
1792
1793 void rt6_age_exceptions(struct fib6_info *rt,
1794 struct fib6_gc_args *gc_args,
1795 unsigned long now)
1796 {
1797 struct rt6_exception_bucket *bucket;
1798 struct rt6_exception *rt6_ex;
1799 struct hlist_node *tmp;
1800 int i;
1801
1802 if (!rcu_access_pointer(rt->rt6i_exception_bucket))
1803 return;
1804
1805 rcu_read_lock_bh();
1806 spin_lock(&rt6_exception_lock);
1807 bucket = rcu_dereference_protected(rt->rt6i_exception_bucket,
1808 lockdep_is_held(&rt6_exception_lock));
1809
1810 if (bucket) {
1811 for (i = 0; i < FIB6_EXCEPTION_BUCKET_SIZE; i++) {
1812 hlist_for_each_entry_safe(rt6_ex, tmp,
1813 &bucket->chain, hlist) {
1814 rt6_age_examine_exception(bucket, rt6_ex,
1815 gc_args, now);
1816 }
1817 bucket++;
1818 }
1819 }
1820 spin_unlock(&rt6_exception_lock);
1821 rcu_read_unlock_bh();
1822 }
1823
1824 /* must be called with rcu lock held */
1825 struct fib6_info *fib6_table_lookup(struct net *net, struct fib6_table *table,
1826 int oif, struct flowi6 *fl6, int strict)
1827 {
1828 struct fib6_node *fn, *saved_fn;
1829 struct fib6_info *f6i;
1830
1831 fn = fib6_node_lookup(&table->tb6_root, &fl6->daddr, &fl6->saddr);
1832 saved_fn = fn;
1833
1834 if (fl6->flowi6_flags & FLOWI_FLAG_SKIP_NH_OIF)
1835 oif = 0;
1836
1837 redo_rt6_select:
1838 f6i = rt6_select(net, fn, oif, strict);
1839 if (f6i == net->ipv6.fib6_null_entry) {
1840 fn = fib6_backtrack(fn, &fl6->saddr);
1841 if (fn)
1842 goto redo_rt6_select;
1843 else if (strict & RT6_LOOKUP_F_REACHABLE) {
1844 /* also consider unreachable route */
1845 strict &= ~RT6_LOOKUP_F_REACHABLE;
1846 fn = saved_fn;
1847 goto redo_rt6_select;
1848 }
1849 }
1850
1851 trace_fib6_table_lookup(net, f6i, table, fl6);
1852
1853 return f6i;
1854 }
1855
1856 struct rt6_info *ip6_pol_route(struct net *net, struct fib6_table *table,
1857 int oif, struct flowi6 *fl6,
1858 const struct sk_buff *skb, int flags)
1859 {
1860 struct fib6_info *f6i;
1861 struct rt6_info *rt;
1862 int strict = 0;
1863
1864 strict |= flags & RT6_LOOKUP_F_IFACE;
1865 strict |= flags & RT6_LOOKUP_F_IGNORE_LINKSTATE;
1866 if (net->ipv6.devconf_all->forwarding == 0)
1867 strict |= RT6_LOOKUP_F_REACHABLE;
1868
1869 rcu_read_lock();
1870
1871 f6i = fib6_table_lookup(net, table, oif, fl6, strict);
1872 if (f6i->fib6_nsiblings)
1873 f6i = fib6_multipath_select(net, f6i, fl6, oif, skb, strict);
1874
1875 if (f6i == net->ipv6.fib6_null_entry) {
1876 rt = net->ipv6.ip6_null_entry;
1877 rcu_read_unlock();
1878 dst_hold(&rt->dst);
1879 return rt;
1880 }
1881
1882 /*Search through exception table */
1883 rt = rt6_find_cached_rt(f6i, &fl6->daddr, &fl6->saddr);
1884 if (rt) {
1885 if (ip6_hold_safe(net, &rt, true))
1886 dst_use_noref(&rt->dst, jiffies);
1887
1888 rcu_read_unlock();
1889 return rt;
1890 } else if (unlikely((fl6->flowi6_flags & FLOWI_FLAG_KNOWN_NH) &&
1891 !(f6i->fib6_flags & RTF_GATEWAY))) {
1892 /* Create a RTF_CACHE clone which will not be
1893 * owned by the fib6 tree. It is for the special case where
1894 * the daddr in the skb during the neighbor look-up is different
1895 * from the fl6->daddr used to look-up route here.
1896 */
1897 struct rt6_info *uncached_rt;
1898
1899 uncached_rt = ip6_rt_cache_alloc(f6i, &fl6->daddr, NULL);
1900
1901 rcu_read_unlock();
1902
1903 if (uncached_rt) {
1904 /* Uncached_rt's refcnt is taken during ip6_rt_cache_alloc()
1905 * No need for another dst_hold()
1906 */
1907 rt6_uncached_list_add(uncached_rt);
1908 atomic_inc(&net->ipv6.rt6_stats->fib_rt_uncache);
1909 } else {
1910 uncached_rt = net->ipv6.ip6_null_entry;
1911 dst_hold(&uncached_rt->dst);
1912 }
1913
1914 return uncached_rt;
1915 } else {
1916 /* Get a percpu copy */
1917
1918 struct rt6_info *pcpu_rt;
1919
1920 local_bh_disable();
1921 pcpu_rt = rt6_get_pcpu_route(f6i);
1922
1923 if (!pcpu_rt)
1924 pcpu_rt = rt6_make_pcpu_route(net, f6i);
1925
1926 local_bh_enable();
1927 rcu_read_unlock();
1928
1929 return pcpu_rt;
1930 }
1931 }
1932 EXPORT_SYMBOL_GPL(ip6_pol_route);
1933
1934 static struct rt6_info *ip6_pol_route_input(struct net *net,
1935 struct fib6_table *table,
1936 struct flowi6 *fl6,
1937 const struct sk_buff *skb,
1938 int flags)
1939 {
1940 return ip6_pol_route(net, table, fl6->flowi6_iif, fl6, skb, flags);
1941 }
1942
1943 struct dst_entry *ip6_route_input_lookup(struct net *net,
1944 struct net_device *dev,
1945 struct flowi6 *fl6,
1946 const struct sk_buff *skb,
1947 int flags)
1948 {
1949 if (rt6_need_strict(&fl6->daddr) && dev->type != ARPHRD_PIMREG)
1950 flags |= RT6_LOOKUP_F_IFACE;
1951
1952 return fib6_rule_lookup(net, fl6, skb, flags, ip6_pol_route_input);
1953 }
1954 EXPORT_SYMBOL_GPL(ip6_route_input_lookup);
1955
1956 static void ip6_multipath_l3_keys(const struct sk_buff *skb,
1957 struct flow_keys *keys,
1958 struct flow_keys *flkeys)
1959 {
1960 const struct ipv6hdr *outer_iph = ipv6_hdr(skb);
1961 const struct ipv6hdr *key_iph = outer_iph;
1962 struct flow_keys *_flkeys = flkeys;
1963 const struct ipv6hdr *inner_iph;
1964 const struct icmp6hdr *icmph;
1965 struct ipv6hdr _inner_iph;
1966 struct icmp6hdr _icmph;
1967
1968 if (likely(outer_iph->nexthdr != IPPROTO_ICMPV6))
1969 goto out;
1970
1971 icmph = skb_header_pointer(skb, skb_transport_offset(skb),
1972 sizeof(_icmph), &_icmph);
1973 if (!icmph)
1974 goto out;
1975
1976 if (icmph->icmp6_type != ICMPV6_DEST_UNREACH &&
1977 icmph->icmp6_type != ICMPV6_PKT_TOOBIG &&
1978 icmph->icmp6_type != ICMPV6_TIME_EXCEED &&
1979 icmph->icmp6_type != ICMPV6_PARAMPROB)
1980 goto out;
1981
1982 inner_iph = skb_header_pointer(skb,
1983 skb_transport_offset(skb) + sizeof(*icmph),
1984 sizeof(_inner_iph), &_inner_iph);
1985 if (!inner_iph)
1986 goto out;
1987
1988 key_iph = inner_iph;
1989 _flkeys = NULL;
1990 out:
1991 if (_flkeys) {
1992 keys->addrs.v6addrs.src = _flkeys->addrs.v6addrs.src;
1993 keys->addrs.v6addrs.dst = _flkeys->addrs.v6addrs.dst;
1994 keys->tags.flow_label = _flkeys->tags.flow_label;
1995 keys->basic.ip_proto = _flkeys->basic.ip_proto;
1996 } else {
1997 keys->addrs.v6addrs.src = key_iph->saddr;
1998 keys->addrs.v6addrs.dst = key_iph->daddr;
1999 keys->tags.flow_label = ip6_flowlabel(key_iph);
2000 keys->basic.ip_proto = key_iph->nexthdr;
2001 }
2002 }
2003
2004 /* if skb is set it will be used and fl6 can be NULL */
2005 u32 rt6_multipath_hash(const struct net *net, const struct flowi6 *fl6,
2006 const struct sk_buff *skb, struct flow_keys *flkeys)
2007 {
2008 struct flow_keys hash_keys;
2009 u32 mhash;
2010
2011 switch (ip6_multipath_hash_policy(net)) {
2012 case 0:
2013 memset(&hash_keys, 0, sizeof(hash_keys));
2014 hash_keys.control.addr_type = FLOW_DISSECTOR_KEY_IPV6_ADDRS;
2015 if (skb) {
2016 ip6_multipath_l3_keys(skb, &hash_keys, flkeys);
2017 } else {
2018 hash_keys.addrs.v6addrs.src = fl6->saddr;
2019 hash_keys.addrs.v6addrs.dst = fl6->daddr;
2020 hash_keys.tags.flow_label = (__force u32)flowi6_get_flowlabel(fl6);
2021 hash_keys.basic.ip_proto = fl6->flowi6_proto;
2022 }
2023 break;
2024 case 1:
2025 if (skb) {
2026 unsigned int flag = FLOW_DISSECTOR_F_STOP_AT_ENCAP;
2027 struct flow_keys keys;
2028
2029 /* short-circuit if we already have L4 hash present */
2030 if (skb->l4_hash)
2031 return skb_get_hash_raw(skb) >> 1;
2032
2033 memset(&hash_keys, 0, sizeof(hash_keys));
2034
2035 if (!flkeys) {
2036 skb_flow_dissect_flow_keys(skb, &keys, flag);
2037 flkeys = &keys;
2038 }
2039 hash_keys.control.addr_type = FLOW_DISSECTOR_KEY_IPV6_ADDRS;
2040 hash_keys.addrs.v6addrs.src = flkeys->addrs.v6addrs.src;
2041 hash_keys.addrs.v6addrs.dst = flkeys->addrs.v6addrs.dst;
2042 hash_keys.ports.src = flkeys->ports.src;
2043 hash_keys.ports.dst = flkeys->ports.dst;
2044 hash_keys.basic.ip_proto = flkeys->basic.ip_proto;
2045 } else {
2046 memset(&hash_keys, 0, sizeof(hash_keys));
2047 hash_keys.control.addr_type = FLOW_DISSECTOR_KEY_IPV6_ADDRS;
2048 hash_keys.addrs.v6addrs.src = fl6->saddr;
2049 hash_keys.addrs.v6addrs.dst = fl6->daddr;
2050 hash_keys.ports.src = fl6->fl6_sport;
2051 hash_keys.ports.dst = fl6->fl6_dport;
2052 hash_keys.basic.ip_proto = fl6->flowi6_proto;
2053 }
2054 break;
2055 }
2056 mhash = flow_hash_from_keys(&hash_keys);
2057
2058 return mhash >> 1;
2059 }
2060
2061 void ip6_route_input(struct sk_buff *skb)
2062 {
2063 const struct ipv6hdr *iph = ipv6_hdr(skb);
2064 struct net *net = dev_net(skb->dev);
2065 int flags = RT6_LOOKUP_F_HAS_SADDR;
2066 struct ip_tunnel_info *tun_info;
2067 struct flowi6 fl6 = {
2068 .flowi6_iif = skb->dev->ifindex,
2069 .daddr = iph->daddr,
2070 .saddr = iph->saddr,
2071 .flowlabel = ip6_flowinfo(iph),
2072 .flowi6_mark = skb->mark,
2073 .flowi6_proto = iph->nexthdr,
2074 };
2075 struct flow_keys *flkeys = NULL, _flkeys;
2076
2077 tun_info = skb_tunnel_info(skb);
2078 if (tun_info && !(tun_info->mode & IP_TUNNEL_INFO_TX))
2079 fl6.flowi6_tun_key.tun_id = tun_info->key.tun_id;
2080
2081 if (fib6_rules_early_flow_dissect(net, skb, &fl6, &_flkeys))
2082 flkeys = &_flkeys;
2083
2084 if (unlikely(fl6.flowi6_proto == IPPROTO_ICMPV6))
2085 fl6.mp_hash = rt6_multipath_hash(net, &fl6, skb, flkeys);
2086 skb_dst_drop(skb);
2087 skb_dst_set(skb,
2088 ip6_route_input_lookup(net, skb->dev, &fl6, skb, flags));
2089 }
2090
2091 static struct rt6_info *ip6_pol_route_output(struct net *net,
2092 struct fib6_table *table,
2093 struct flowi6 *fl6,
2094 const struct sk_buff *skb,
2095 int flags)
2096 {
2097 return ip6_pol_route(net, table, fl6->flowi6_oif, fl6, skb, flags);
2098 }
2099
2100 struct dst_entry *ip6_route_output_flags(struct net *net, const struct sock *sk,
2101 struct flowi6 *fl6, int flags)
2102 {
2103 bool any_src;
2104
2105 if (ipv6_addr_type(&fl6->daddr) &
2106 (IPV6_ADDR_MULTICAST | IPV6_ADDR_LINKLOCAL)) {
2107 struct dst_entry *dst;
2108
2109 dst = l3mdev_link_scope_lookup(net, fl6);
2110 if (dst)
2111 return dst;
2112 }
2113
2114 fl6->flowi6_iif = LOOPBACK_IFINDEX;
2115
2116 any_src = ipv6_addr_any(&fl6->saddr);
2117 if ((sk && sk->sk_bound_dev_if) || rt6_need_strict(&fl6->daddr) ||
2118 (fl6->flowi6_oif && any_src))
2119 flags |= RT6_LOOKUP_F_IFACE;
2120
2121 if (!any_src)
2122 flags |= RT6_LOOKUP_F_HAS_SADDR;
2123 else if (sk)
2124 flags |= rt6_srcprefs2flags(inet6_sk(sk)->srcprefs);
2125
2126 return fib6_rule_lookup(net, fl6, NULL, flags, ip6_pol_route_output);
2127 }
2128 EXPORT_SYMBOL_GPL(ip6_route_output_flags);
2129
2130 struct dst_entry *ip6_blackhole_route(struct net *net, struct dst_entry *dst_orig)
2131 {
2132 struct rt6_info *rt, *ort = (struct rt6_info *) dst_orig;
2133 struct net_device *loopback_dev = net->loopback_dev;
2134 struct dst_entry *new = NULL;
2135
2136 rt = dst_alloc(&ip6_dst_blackhole_ops, loopback_dev, 1,
2137 DST_OBSOLETE_DEAD, 0);
2138 if (rt) {
2139 rt6_info_init(rt);
2140 atomic_inc(&net->ipv6.rt6_stats->fib_rt_alloc);
2141
2142 new = &rt->dst;
2143 new->__use = 1;
2144 new->input = dst_discard;
2145 new->output = dst_discard_out;
2146
2147 dst_copy_metrics(new, &ort->dst);
2148
2149 rt->rt6i_idev = in6_dev_get(loopback_dev);
2150 rt->rt6i_gateway = ort->rt6i_gateway;
2151 rt->rt6i_flags = ort->rt6i_flags & ~RTF_PCPU;
2152
2153 memcpy(&rt->rt6i_dst, &ort->rt6i_dst, sizeof(struct rt6key));
2154 #ifdef CONFIG_IPV6_SUBTREES
2155 memcpy(&rt->rt6i_src, &ort->rt6i_src, sizeof(struct rt6key));
2156 #endif
2157 }
2158
2159 dst_release(dst_orig);
2160 return new ? new : ERR_PTR(-ENOMEM);
2161 }
2162
2163 /*
2164 * Destination cache support functions
2165 */
2166
2167 static bool fib6_check(struct fib6_info *f6i, u32 cookie)
2168 {
2169 u32 rt_cookie = 0;
2170
2171 if (!fib6_get_cookie_safe(f6i, &rt_cookie) || rt_cookie != cookie)
2172 return false;
2173
2174 if (fib6_check_expired(f6i))
2175 return false;
2176
2177 return true;
2178 }
2179
2180 static struct dst_entry *rt6_check(struct rt6_info *rt,
2181 struct fib6_info *from,
2182 u32 cookie)
2183 {
2184 u32 rt_cookie = 0;
2185
2186 if ((from && !fib6_get_cookie_safe(from, &rt_cookie)) ||
2187 rt_cookie != cookie)
2188 return NULL;
2189
2190 if (rt6_check_expired(rt))
2191 return NULL;
2192
2193 return &rt->dst;
2194 }
2195
2196 static struct dst_entry *rt6_dst_from_check(struct rt6_info *rt,
2197 struct fib6_info *from,
2198 u32 cookie)
2199 {
2200 if (!__rt6_check_expired(rt) &&
2201 rt->dst.obsolete == DST_OBSOLETE_FORCE_CHK &&
2202 fib6_check(from, cookie))
2203 return &rt->dst;
2204 else
2205 return NULL;
2206 }
2207
2208 static struct dst_entry *ip6_dst_check(struct dst_entry *dst, u32 cookie)
2209 {
2210 struct dst_entry *dst_ret;
2211 struct fib6_info *from;
2212 struct rt6_info *rt;
2213
2214 rt = container_of(dst, struct rt6_info, dst);
2215
2216 rcu_read_lock();
2217
2218 /* All IPV6 dsts are created with ->obsolete set to the value
2219 * DST_OBSOLETE_FORCE_CHK which forces validation calls down
2220 * into this function always.
2221 */
2222
2223 from = rcu_dereference(rt->from);
2224
2225 if (from && (rt->rt6i_flags & RTF_PCPU ||
2226 unlikely(!list_empty(&rt->rt6i_uncached))))
2227 dst_ret = rt6_dst_from_check(rt, from, cookie);
2228 else
2229 dst_ret = rt6_check(rt, from, cookie);
2230
2231 rcu_read_unlock();
2232
2233 return dst_ret;
2234 }
2235
2236 static struct dst_entry *ip6_negative_advice(struct dst_entry *dst)
2237 {
2238 struct rt6_info *rt = (struct rt6_info *) dst;
2239
2240 if (rt) {
2241 if (rt->rt6i_flags & RTF_CACHE) {
2242 rcu_read_lock();
2243 if (rt6_check_expired(rt)) {
2244 rt6_remove_exception_rt(rt);
2245 dst = NULL;
2246 }
2247 rcu_read_unlock();
2248 } else {
2249 dst_release(dst);
2250 dst = NULL;
2251 }
2252 }
2253 return dst;
2254 }
2255
2256 static void ip6_link_failure(struct sk_buff *skb)
2257 {
2258 struct rt6_info *rt;
2259
2260 icmpv6_send(skb, ICMPV6_DEST_UNREACH, ICMPV6_ADDR_UNREACH, 0);
2261
2262 rt = (struct rt6_info *) skb_dst(skb);
2263 if (rt) {
2264 rcu_read_lock();
2265 if (rt->rt6i_flags & RTF_CACHE) {
2266 rt6_remove_exception_rt(rt);
2267 } else {
2268 struct fib6_info *from;
2269 struct fib6_node *fn;
2270
2271 from = rcu_dereference(rt->from);
2272 if (from) {
2273 fn = rcu_dereference(from->fib6_node);
2274 if (fn && (rt->rt6i_flags & RTF_DEFAULT))
2275 fn->fn_sernum = -1;
2276 }
2277 }
2278 rcu_read_unlock();
2279 }
2280 }
2281
2282 static void rt6_update_expires(struct rt6_info *rt0, int timeout)
2283 {
2284 if (!(rt0->rt6i_flags & RTF_EXPIRES)) {
2285 struct fib6_info *from;
2286
2287 rcu_read_lock();
2288 from = rcu_dereference(rt0->from);
2289 if (from)
2290 rt0->dst.expires = from->expires;
2291 rcu_read_unlock();
2292 }
2293
2294 dst_set_expires(&rt0->dst, timeout);
2295 rt0->rt6i_flags |= RTF_EXPIRES;
2296 }
2297
2298 static void rt6_do_update_pmtu(struct rt6_info *rt, u32 mtu)
2299 {
2300 struct net *net = dev_net(rt->dst.dev);
2301
2302 dst_metric_set(&rt->dst, RTAX_MTU, mtu);
2303 rt->rt6i_flags |= RTF_MODIFIED;
2304 rt6_update_expires(rt, net->ipv6.sysctl.ip6_rt_mtu_expires);
2305 }
2306
2307 static bool rt6_cache_allowed_for_pmtu(const struct rt6_info *rt)
2308 {
2309 return !(rt->rt6i_flags & RTF_CACHE) &&
2310 (rt->rt6i_flags & RTF_PCPU || rcu_access_pointer(rt->from));
2311 }
2312
2313 static void __ip6_rt_update_pmtu(struct dst_entry *dst, const struct sock *sk,
2314 const struct ipv6hdr *iph, u32 mtu)
2315 {
2316 const struct in6_addr *daddr, *saddr;
2317 struct rt6_info *rt6 = (struct rt6_info *)dst;
2318
2319 if (dst_metric_locked(dst, RTAX_MTU))
2320 return;
2321
2322 if (iph) {
2323 daddr = &iph->daddr;
2324 saddr = &iph->saddr;
2325 } else if (sk) {
2326 daddr = &sk->sk_v6_daddr;
2327 saddr = &inet6_sk(sk)->saddr;
2328 } else {
2329 daddr = NULL;
2330 saddr = NULL;
2331 }
2332 dst_confirm_neigh(dst, daddr);
2333 mtu = max_t(u32, mtu, IPV6_MIN_MTU);
2334 if (mtu >= dst_mtu(dst))
2335 return;
2336
2337 if (!rt6_cache_allowed_for_pmtu(rt6)) {
2338 rt6_do_update_pmtu(rt6, mtu);
2339 /* update rt6_ex->stamp for cache */
2340 if (rt6->rt6i_flags & RTF_CACHE)
2341 rt6_update_exception_stamp_rt(rt6);
2342 } else if (daddr) {
2343 struct fib6_info *from;
2344 struct rt6_info *nrt6;
2345
2346 rcu_read_lock();
2347 from = rcu_dereference(rt6->from);
2348 if (!from) {
2349 rcu_read_unlock();
2350 return;
2351 }
2352 nrt6 = ip6_rt_cache_alloc(from, daddr, saddr);
2353 if (nrt6) {
2354 rt6_do_update_pmtu(nrt6, mtu);
2355 if (rt6_insert_exception(nrt6, from))
2356 dst_release_immediate(&nrt6->dst);
2357 }
2358 rcu_read_unlock();
2359 }
2360 }
2361
2362 static void ip6_rt_update_pmtu(struct dst_entry *dst, struct sock *sk,
2363 struct sk_buff *skb, u32 mtu)
2364 {
2365 __ip6_rt_update_pmtu(dst, sk, skb ? ipv6_hdr(skb) : NULL, mtu);
2366 }
2367
2368 void ip6_update_pmtu(struct sk_buff *skb, struct net *net, __be32 mtu,
2369 int oif, u32 mark, kuid_t uid)
2370 {
2371 const struct ipv6hdr *iph = (struct ipv6hdr *) skb->data;
2372 struct dst_entry *dst;
2373 struct flowi6 fl6 = {
2374 .flowi6_oif = oif,
2375 .flowi6_mark = mark ? mark : IP6_REPLY_MARK(net, skb->mark),
2376 .daddr = iph->daddr,
2377 .saddr = iph->saddr,
2378 .flowlabel = ip6_flowinfo(iph),
2379 .flowi6_uid = uid,
2380 };
2381
2382 dst = ip6_route_output(net, NULL, &fl6);
2383 if (!dst->error)
2384 __ip6_rt_update_pmtu(dst, NULL, iph, ntohl(mtu));
2385 dst_release(dst);
2386 }
2387 EXPORT_SYMBOL_GPL(ip6_update_pmtu);
2388
2389 void ip6_sk_update_pmtu(struct sk_buff *skb, struct sock *sk, __be32 mtu)
2390 {
2391 int oif = sk->sk_bound_dev_if;
2392 struct dst_entry *dst;
2393
2394 if (!oif && skb->dev)
2395 oif = l3mdev_master_ifindex(skb->dev);
2396
2397 ip6_update_pmtu(skb, sock_net(sk), mtu, oif, sk->sk_mark, sk->sk_uid);
2398
2399 dst = __sk_dst_get(sk);
2400 if (!dst || !dst->obsolete ||
2401 dst->ops->check(dst, inet6_sk(sk)->dst_cookie))
2402 return;
2403
2404 bh_lock_sock(sk);
2405 if (!sock_owned_by_user(sk) && !ipv6_addr_v4mapped(&sk->sk_v6_daddr))
2406 ip6_datagram_dst_update(sk, false);
2407 bh_unlock_sock(sk);
2408 }
2409 EXPORT_SYMBOL_GPL(ip6_sk_update_pmtu);
2410
2411 void ip6_sk_dst_store_flow(struct sock *sk, struct dst_entry *dst,
2412 const struct flowi6 *fl6)
2413 {
2414 #ifdef CONFIG_IPV6_SUBTREES
2415 struct ipv6_pinfo *np = inet6_sk(sk);
2416 #endif
2417
2418 ip6_dst_store(sk, dst,
2419 ipv6_addr_equal(&fl6->daddr, &sk->sk_v6_daddr) ?
2420 &sk->sk_v6_daddr : NULL,
2421 #ifdef CONFIG_IPV6_SUBTREES
2422 ipv6_addr_equal(&fl6->saddr, &np->saddr) ?
2423 &np->saddr :
2424 #endif
2425 NULL);
2426 }
2427
2428 /* Handle redirects */
2429 struct ip6rd_flowi {
2430 struct flowi6 fl6;
2431 struct in6_addr gateway;
2432 };
2433
2434 static struct rt6_info *__ip6_route_redirect(struct net *net,
2435 struct fib6_table *table,
2436 struct flowi6 *fl6,
2437 const struct sk_buff *skb,
2438 int flags)
2439 {
2440 struct ip6rd_flowi *rdfl = (struct ip6rd_flowi *)fl6;
2441 struct rt6_info *ret = NULL, *rt_cache;
2442 struct fib6_info *rt;
2443 struct fib6_node *fn;
2444
2445 /* Get the "current" route for this destination and
2446 * check if the redirect has come from appropriate router.
2447 *
2448 * RFC 4861 specifies that redirects should only be
2449 * accepted if they come from the nexthop to the target.
2450 * Due to the way the routes are chosen, this notion
2451 * is a bit fuzzy and one might need to check all possible
2452 * routes.
2453 */
2454
2455 rcu_read_lock();
2456 fn = fib6_node_lookup(&table->tb6_root, &fl6->daddr, &fl6->saddr);
2457 restart:
2458 for_each_fib6_node_rt_rcu(fn) {
2459 if (rt->fib6_nh.nh_flags & RTNH_F_DEAD)
2460 continue;
2461 if (fib6_check_expired(rt))
2462 continue;
2463 if (rt->fib6_flags & RTF_REJECT)
2464 break;
2465 if (!(rt->fib6_flags & RTF_GATEWAY))
2466 continue;
2467 if (fl6->flowi6_oif != rt->fib6_nh.nh_dev->ifindex)
2468 continue;
2469 /* rt_cache's gateway might be different from its 'parent'
2470 * in the case of an ip redirect.
2471 * So we keep searching in the exception table if the gateway
2472 * is different.
2473 */
2474 if (!ipv6_addr_equal(&rdfl->gateway, &rt->fib6_nh.nh_gw)) {
2475 rt_cache = rt6_find_cached_rt(rt,
2476 &fl6->daddr,
2477 &fl6->saddr);
2478 if (rt_cache &&
2479 ipv6_addr_equal(&rdfl->gateway,
2480 &rt_cache->rt6i_gateway)) {
2481 ret = rt_cache;
2482 break;
2483 }
2484 continue;
2485 }
2486 break;
2487 }
2488
2489 if (!rt)
2490 rt = net->ipv6.fib6_null_entry;
2491 else if (rt->fib6_flags & RTF_REJECT) {
2492 ret = net->ipv6.ip6_null_entry;
2493 goto out;
2494 }
2495
2496 if (rt == net->ipv6.fib6_null_entry) {
2497 fn = fib6_backtrack(fn, &fl6->saddr);
2498 if (fn)
2499 goto restart;
2500 }
2501
2502 out:
2503 if (ret)
2504 ip6_hold_safe(net, &ret, true);
2505 else
2506 ret = ip6_create_rt_rcu(rt);
2507
2508 rcu_read_unlock();
2509
2510 trace_fib6_table_lookup(net, rt, table, fl6);
2511 return ret;
2512 };
2513
2514 static struct dst_entry *ip6_route_redirect(struct net *net,
2515 const struct flowi6 *fl6,
2516 const struct sk_buff *skb,
2517 const struct in6_addr *gateway)
2518 {
2519 int flags = RT6_LOOKUP_F_HAS_SADDR;
2520 struct ip6rd_flowi rdfl;
2521
2522 rdfl.fl6 = *fl6;
2523 rdfl.gateway = *gateway;
2524
2525 return fib6_rule_lookup(net, &rdfl.fl6, skb,
2526 flags, __ip6_route_redirect);
2527 }
2528
2529 void ip6_redirect(struct sk_buff *skb, struct net *net, int oif, u32 mark,
2530 kuid_t uid)
2531 {
2532 const struct ipv6hdr *iph = (struct ipv6hdr *) skb->data;
2533 struct dst_entry *dst;
2534 struct flowi6 fl6 = {
2535 .flowi6_iif = LOOPBACK_IFINDEX,
2536 .flowi6_oif = oif,
2537 .flowi6_mark = mark,
2538 .daddr = iph->daddr,
2539 .saddr = iph->saddr,
2540 .flowlabel = ip6_flowinfo(iph),
2541 .flowi6_uid = uid,
2542 };
2543
2544 dst = ip6_route_redirect(net, &fl6, skb, &ipv6_hdr(skb)->saddr);
2545 rt6_do_redirect(dst, NULL, skb);
2546 dst_release(dst);
2547 }
2548 EXPORT_SYMBOL_GPL(ip6_redirect);
2549
2550 void ip6_redirect_no_header(struct sk_buff *skb, struct net *net, int oif)
2551 {
2552 const struct ipv6hdr *iph = ipv6_hdr(skb);
2553 const struct rd_msg *msg = (struct rd_msg *)icmp6_hdr(skb);
2554 struct dst_entry *dst;
2555 struct flowi6 fl6 = {
2556 .flowi6_iif = LOOPBACK_IFINDEX,
2557 .flowi6_oif = oif,
2558 .daddr = msg->dest,
2559 .saddr = iph->daddr,
2560 .flowi6_uid = sock_net_uid(net, NULL),
2561 };
2562
2563 dst = ip6_route_redirect(net, &fl6, skb, &iph->saddr);
2564 rt6_do_redirect(dst, NULL, skb);
2565 dst_release(dst);
2566 }
2567
2568 void ip6_sk_redirect(struct sk_buff *skb, struct sock *sk)
2569 {
2570 ip6_redirect(skb, sock_net(sk), sk->sk_bound_dev_if, sk->sk_mark,
2571 sk->sk_uid);
2572 }
2573 EXPORT_SYMBOL_GPL(ip6_sk_redirect);
2574
2575 static unsigned int ip6_default_advmss(const struct dst_entry *dst)
2576 {
2577 struct net_device *dev = dst->dev;
2578 unsigned int mtu = dst_mtu(dst);
2579 struct net *net = dev_net(dev);
2580
2581 mtu -= sizeof(struct ipv6hdr) + sizeof(struct tcphdr);
2582
2583 if (mtu < net->ipv6.sysctl.ip6_rt_min_advmss)
2584 mtu = net->ipv6.sysctl.ip6_rt_min_advmss;
2585
2586 /*
2587 * Maximal non-jumbo IPv6 payload is IPV6_MAXPLEN and
2588 * corresponding MSS is IPV6_MAXPLEN - tcp_header_size.
2589 * IPV6_MAXPLEN is also valid and means: "any MSS,
2590 * rely only on pmtu discovery"
2591 */
2592 if (mtu > IPV6_MAXPLEN - sizeof(struct tcphdr))
2593 mtu = IPV6_MAXPLEN;
2594 return mtu;
2595 }
2596
2597 static unsigned int ip6_mtu(const struct dst_entry *dst)
2598 {
2599 struct inet6_dev *idev;
2600 unsigned int mtu;
2601
2602 mtu = dst_metric_raw(dst, RTAX_MTU);
2603 if (mtu)
2604 goto out;
2605
2606 mtu = IPV6_MIN_MTU;
2607
2608 rcu_read_lock();
2609 idev = __in6_dev_get(dst->dev);
2610 if (idev)
2611 mtu = idev->cnf.mtu6;
2612 rcu_read_unlock();
2613
2614 out:
2615 mtu = min_t(unsigned int, mtu, IP6_MAX_MTU);
2616
2617 return mtu - lwtunnel_headroom(dst->lwtstate, mtu);
2618 }
2619
2620 /* MTU selection:
2621 * 1. mtu on route is locked - use it
2622 * 2. mtu from nexthop exception
2623 * 3. mtu from egress device
2624 *
2625 * based on ip6_dst_mtu_forward and exception logic of
2626 * rt6_find_cached_rt; called with rcu_read_lock
2627 */
2628 u32 ip6_mtu_from_fib6(struct fib6_info *f6i, struct in6_addr *daddr,
2629 struct in6_addr *saddr)
2630 {
2631 struct inet6_dev *idev;
2632 struct rt6_info *rt;
2633 u32 mtu = 0;
2634
2635 if (unlikely(fib6_metric_locked(f6i, RTAX_MTU))) {
2636 mtu = f6i->fib6_pmtu;
2637 if (mtu)
2638 goto out;
2639 }
2640
2641 rt = rt6_find_cached_rt(f6i, daddr, saddr);
2642 if (unlikely(rt)) {
2643 mtu = dst_metric_raw(&rt->dst, RTAX_MTU);
2644 } else {
2645 struct net_device *dev = fib6_info_nh_dev(f6i);
2646
2647 mtu = IPV6_MIN_MTU;
2648 idev = __in6_dev_get(dev);
2649 if (idev && idev->cnf.mtu6 > mtu)
2650 mtu = idev->cnf.mtu6;
2651 }
2652
2653 mtu = min_t(unsigned int, mtu, IP6_MAX_MTU);
2654 out:
2655 return mtu - lwtunnel_headroom(fib6_info_nh_lwt(f6i), mtu);
2656 }
2657
2658 struct dst_entry *icmp6_dst_alloc(struct net_device *dev,
2659 struct flowi6 *fl6)
2660 {
2661 struct dst_entry *dst;
2662 struct rt6_info *rt;
2663 struct inet6_dev *idev = in6_dev_get(dev);
2664 struct net *net = dev_net(dev);
2665
2666 if (unlikely(!idev))
2667 return ERR_PTR(-ENODEV);
2668
2669 rt = ip6_dst_alloc(net, dev, 0);
2670 if (unlikely(!rt)) {
2671 in6_dev_put(idev);
2672 dst = ERR_PTR(-ENOMEM);
2673 goto out;
2674 }
2675
2676 rt->dst.flags |= DST_HOST;
2677 rt->dst.input = ip6_input;
2678 rt->dst.output = ip6_output;
2679 rt->rt6i_gateway = fl6->daddr;
2680 rt->rt6i_dst.addr = fl6->daddr;
2681 rt->rt6i_dst.plen = 128;
2682 rt->rt6i_idev = idev;
2683 dst_metric_set(&rt->dst, RTAX_HOPLIMIT, 0);
2684
2685 /* Add this dst into uncached_list so that rt6_disable_ip() can
2686 * do proper release of the net_device
2687 */
2688 rt6_uncached_list_add(rt);
2689 atomic_inc(&net->ipv6.rt6_stats->fib_rt_uncache);
2690
2691 dst = xfrm_lookup(net, &rt->dst, flowi6_to_flowi(fl6), NULL, 0);
2692
2693 out:
2694 return dst;
2695 }
2696
2697 static int ip6_dst_gc(struct dst_ops *ops)
2698 {
2699 struct net *net = container_of(ops, struct net, ipv6.ip6_dst_ops);
2700 int rt_min_interval = net->ipv6.sysctl.ip6_rt_gc_min_interval;
2701 int rt_max_size = net->ipv6.sysctl.ip6_rt_max_size;
2702 int rt_elasticity = net->ipv6.sysctl.ip6_rt_gc_elasticity;
2703 int rt_gc_timeout = net->ipv6.sysctl.ip6_rt_gc_timeout;
2704 unsigned long rt_last_gc = net->ipv6.ip6_rt_last_gc;
2705 int entries;
2706
2707 entries = dst_entries_get_fast(ops);
2708 if (time_after(rt_last_gc + rt_min_interval, jiffies) &&
2709 entries <= rt_max_size)
2710 goto out;
2711
2712 net->ipv6.ip6_rt_gc_expire++;
2713 fib6_run_gc(net->ipv6.ip6_rt_gc_expire, net, true);
2714 entries = dst_entries_get_slow(ops);
2715 if (entries < ops->gc_thresh)
2716 net->ipv6.ip6_rt_gc_expire = rt_gc_timeout>>1;
2717 out:
2718 net->ipv6.ip6_rt_gc_expire -= net->ipv6.ip6_rt_gc_expire>>rt_elasticity;
2719 return entries > rt_max_size;
2720 }
2721
2722 static struct rt6_info *ip6_nh_lookup_table(struct net *net,
2723 struct fib6_config *cfg,
2724 const struct in6_addr *gw_addr,
2725 u32 tbid, int flags)
2726 {
2727 struct flowi6 fl6 = {
2728 .flowi6_oif = cfg->fc_ifindex,
2729 .daddr = *gw_addr,
2730 .saddr = cfg->fc_prefsrc,
2731 };
2732 struct fib6_table *table;
2733 struct rt6_info *rt;
2734
2735 table = fib6_get_table(net, tbid);
2736 if (!table)
2737 return NULL;
2738
2739 if (!ipv6_addr_any(&cfg->fc_prefsrc))
2740 flags |= RT6_LOOKUP_F_HAS_SADDR;
2741
2742 flags |= RT6_LOOKUP_F_IGNORE_LINKSTATE;
2743 rt = ip6_pol_route(net, table, cfg->fc_ifindex, &fl6, NULL, flags);
2744
2745 /* if table lookup failed, fall back to full lookup */
2746 if (rt == net->ipv6.ip6_null_entry) {
2747 ip6_rt_put(rt);
2748 rt = NULL;
2749 }
2750
2751 return rt;
2752 }
2753
2754 static int ip6_route_check_nh_onlink(struct net *net,
2755 struct fib6_config *cfg,
2756 const struct net_device *dev,
2757 struct netlink_ext_ack *extack)
2758 {
2759 u32 tbid = l3mdev_fib_table(dev) ? : RT_TABLE_MAIN;
2760 const struct in6_addr *gw_addr = &cfg->fc_gateway;
2761 u32 flags = RTF_LOCAL | RTF_ANYCAST | RTF_REJECT;
2762 struct fib6_info *from;
2763 struct rt6_info *grt;
2764 int err;
2765
2766 err = 0;
2767 grt = ip6_nh_lookup_table(net, cfg, gw_addr, tbid, 0);
2768 if (grt) {
2769 rcu_read_lock();
2770 from = rcu_dereference(grt->from);
2771 if (!grt->dst.error &&
2772 /* ignore match if it is the default route */
2773 from && !ipv6_addr_any(&from->fib6_dst.addr) &&
2774 (grt->rt6i_flags & flags || dev != grt->dst.dev)) {
2775 NL_SET_ERR_MSG(extack,
2776 "Nexthop has invalid gateway or device mismatch");
2777 err = -EINVAL;
2778 }
2779 rcu_read_unlock();
2780
2781 ip6_rt_put(grt);
2782 }
2783
2784 return err;
2785 }
2786
2787 static int ip6_route_check_nh(struct net *net,
2788 struct fib6_config *cfg,
2789 struct net_device **_dev,
2790 struct inet6_dev **idev)
2791 {
2792 const struct in6_addr *gw_addr = &cfg->fc_gateway;
2793 struct net_device *dev = _dev ? *_dev : NULL;
2794 struct rt6_info *grt = NULL;
2795 int err = -EHOSTUNREACH;
2796
2797 if (cfg->fc_table) {
2798 int flags = RT6_LOOKUP_F_IFACE;
2799
2800 grt = ip6_nh_lookup_table(net, cfg, gw_addr,
2801 cfg->fc_table, flags);
2802 if (grt) {
2803 if (grt->rt6i_flags & RTF_GATEWAY ||
2804 (dev && dev != grt->dst.dev)) {
2805 ip6_rt_put(grt);
2806 grt = NULL;
2807 }
2808 }
2809 }
2810
2811 if (!grt)
2812 grt = rt6_lookup(net, gw_addr, NULL, cfg->fc_ifindex, NULL, 1);
2813
2814 if (!grt)
2815 goto out;
2816
2817 if (dev) {
2818 if (dev != grt->dst.dev) {
2819 ip6_rt_put(grt);
2820 goto out;
2821 }
2822 } else {
2823 *_dev = dev = grt->dst.dev;
2824 *idev = grt->rt6i_idev;
2825 dev_hold(dev);
2826 in6_dev_hold(grt->rt6i_idev);
2827 }
2828
2829 if (!(grt->rt6i_flags & RTF_GATEWAY))
2830 err = 0;
2831
2832 ip6_rt_put(grt);
2833
2834 out:
2835 return err;
2836 }
2837
2838 static int ip6_validate_gw(struct net *net, struct fib6_config *cfg,
2839 struct net_device **_dev, struct inet6_dev **idev,
2840 struct netlink_ext_ack *extack)
2841 {
2842 const struct in6_addr *gw_addr = &cfg->fc_gateway;
2843 int gwa_type = ipv6_addr_type(gw_addr);
2844 bool skip_dev = gwa_type & IPV6_ADDR_LINKLOCAL ? false : true;
2845 const struct net_device *dev = *_dev;
2846 bool need_addr_check = !dev;
2847 int err = -EINVAL;
2848
2849 /* if gw_addr is local we will fail to detect this in case
2850 * address is still TENTATIVE (DAD in progress). rt6_lookup()
2851 * will return already-added prefix route via interface that
2852 * prefix route was assigned to, which might be non-loopback.
2853 */
2854 if (dev &&
2855 ipv6_chk_addr_and_flags(net, gw_addr, dev, skip_dev, 0, 0)) {
2856 NL_SET_ERR_MSG(extack, "Gateway can not be a local address");
2857 goto out;
2858 }
2859
2860 if (gwa_type != (IPV6_ADDR_LINKLOCAL | IPV6_ADDR_UNICAST)) {
2861 /* IPv6 strictly inhibits using not link-local
2862 * addresses as nexthop address.
2863 * Otherwise, router will not able to send redirects.
2864 * It is very good, but in some (rare!) circumstances
2865 * (SIT, PtP, NBMA NOARP links) it is handy to allow
2866 * some exceptions. --ANK
2867 * We allow IPv4-mapped nexthops to support RFC4798-type
2868 * addressing
2869 */
2870 if (!(gwa_type & (IPV6_ADDR_UNICAST | IPV6_ADDR_MAPPED))) {
2871 NL_SET_ERR_MSG(extack, "Invalid gateway address");
2872 goto out;
2873 }
2874
2875 if (cfg->fc_flags & RTNH_F_ONLINK)
2876 err = ip6_route_check_nh_onlink(net, cfg, dev, extack);
2877 else
2878 err = ip6_route_check_nh(net, cfg, _dev, idev);
2879
2880 if (err)
2881 goto out;
2882 }
2883
2884 /* reload in case device was changed */
2885 dev = *_dev;
2886
2887 err = -EINVAL;
2888 if (!dev) {
2889 NL_SET_ERR_MSG(extack, "Egress device not specified");
2890 goto out;
2891 } else if (dev->flags & IFF_LOOPBACK) {
2892 NL_SET_ERR_MSG(extack,
2893 "Egress device can not be loopback device for this route");
2894 goto out;
2895 }
2896
2897 /* if we did not check gw_addr above, do so now that the
2898 * egress device has been resolved.
2899 */
2900 if (need_addr_check &&
2901 ipv6_chk_addr_and_flags(net, gw_addr, dev, skip_dev, 0, 0)) {
2902 NL_SET_ERR_MSG(extack, "Gateway can not be a local address");
2903 goto out;
2904 }
2905
2906 err = 0;
2907 out:
2908 return err;
2909 }
2910
2911 static struct fib6_info *ip6_route_info_create(struct fib6_config *cfg,
2912 gfp_t gfp_flags,
2913 struct netlink_ext_ack *extack)
2914 {
2915 struct net *net = cfg->fc_nlinfo.nl_net;
2916 struct fib6_info *rt = NULL;
2917 struct net_device *dev = NULL;
2918 struct inet6_dev *idev = NULL;
2919 struct fib6_table *table;
2920 int addr_type;
2921 int err = -EINVAL;
2922
2923 /* RTF_PCPU is an internal flag; can not be set by userspace */
2924 if (cfg->fc_flags & RTF_PCPU) {
2925 NL_SET_ERR_MSG(extack, "Userspace can not set RTF_PCPU");
2926 goto out;
2927 }
2928
2929 /* RTF_CACHE is an internal flag; can not be set by userspace */
2930 if (cfg->fc_flags & RTF_CACHE) {
2931 NL_SET_ERR_MSG(extack, "Userspace can not set RTF_CACHE");
2932 goto out;
2933 }
2934
2935 if (cfg->fc_type > RTN_MAX) {
2936 NL_SET_ERR_MSG(extack, "Invalid route type");
2937 goto out;
2938 }
2939
2940 if (cfg->fc_dst_len > 128) {
2941 NL_SET_ERR_MSG(extack, "Invalid prefix length");
2942 goto out;
2943 }
2944 if (cfg->fc_src_len > 128) {
2945 NL_SET_ERR_MSG(extack, "Invalid source address length");
2946 goto out;
2947 }
2948 #ifndef CONFIG_IPV6_SUBTREES
2949 if (cfg->fc_src_len) {
2950 NL_SET_ERR_MSG(extack,
2951 "Specifying source address requires IPV6_SUBTREES to be enabled");
2952 goto out;
2953 }
2954 #endif
2955 if (cfg->fc_ifindex) {
2956 err = -ENODEV;
2957 dev = dev_get_by_index(net, cfg->fc_ifindex);
2958 if (!dev)
2959 goto out;
2960 idev = in6_dev_get(dev);
2961 if (!idev)
2962 goto out;
2963 }
2964
2965 if (cfg->fc_metric == 0)
2966 cfg->fc_metric = IP6_RT_PRIO_USER;
2967
2968 if (cfg->fc_flags & RTNH_F_ONLINK) {
2969 if (!dev) {
2970 NL_SET_ERR_MSG(extack,
2971 "Nexthop device required for onlink");
2972 err = -ENODEV;
2973 goto out;
2974 }
2975
2976 if (!(dev->flags & IFF_UP)) {
2977 NL_SET_ERR_MSG(extack, "Nexthop device is not up");
2978 err = -ENETDOWN;
2979 goto out;
2980 }
2981 }
2982
2983 err = -ENOBUFS;
2984 if (cfg->fc_nlinfo.nlh &&
2985 !(cfg->fc_nlinfo.nlh->nlmsg_flags & NLM_F_CREATE)) {
2986 table = fib6_get_table(net, cfg->fc_table);
2987 if (!table) {
2988 pr_warn("NLM_F_CREATE should be specified when creating new route\n");
2989 table = fib6_new_table(net, cfg->fc_table);
2990 }
2991 } else {
2992 table = fib6_new_table(net, cfg->fc_table);
2993 }
2994
2995 if (!table)
2996 goto out;
2997
2998 err = -ENOMEM;
2999 rt = fib6_info_alloc(gfp_flags);
3000 if (!rt)
3001 goto out;
3002
3003 rt->fib6_metrics = ip_fib_metrics_init(net, cfg->fc_mx, cfg->fc_mx_len,
3004 extack);
3005 if (IS_ERR(rt->fib6_metrics)) {
3006 err = PTR_ERR(rt->fib6_metrics);
3007 /* Do not leave garbage there. */
3008 rt->fib6_metrics = (struct dst_metrics *)&dst_default_metrics;
3009 goto out;
3010 }
3011
3012 if (cfg->fc_flags & RTF_ADDRCONF)
3013 rt->dst_nocount = true;
3014
3015 if (cfg->fc_flags & RTF_EXPIRES)
3016 fib6_set_expires(rt, jiffies +
3017 clock_t_to_jiffies(cfg->fc_expires));
3018 else
3019 fib6_clean_expires(rt);
3020
3021 if (cfg->fc_protocol == RTPROT_UNSPEC)
3022 cfg->fc_protocol = RTPROT_BOOT;
3023 rt->fib6_protocol = cfg->fc_protocol;
3024
3025 addr_type = ipv6_addr_type(&cfg->fc_dst);
3026
3027 if (cfg->fc_encap) {
3028 struct lwtunnel_state *lwtstate;
3029
3030 err = lwtunnel_build_state(cfg->fc_encap_type,
3031 cfg->fc_encap, AF_INET6, cfg,
3032 &lwtstate, extack);
3033 if (err)
3034 goto out;
3035 rt->fib6_nh.nh_lwtstate = lwtstate_get(lwtstate);
3036 }
3037
3038 ipv6_addr_prefix(&rt->fib6_dst.addr, &cfg->fc_dst, cfg->fc_dst_len);
3039 rt->fib6_dst.plen = cfg->fc_dst_len;
3040 if (rt->fib6_dst.plen == 128)
3041 rt->dst_host = true;
3042
3043 #ifdef CONFIG_IPV6_SUBTREES
3044 ipv6_addr_prefix(&rt->fib6_src.addr, &cfg->fc_src, cfg->fc_src_len);
3045 rt->fib6_src.plen = cfg->fc_src_len;
3046 #endif
3047
3048 rt->fib6_metric = cfg->fc_metric;
3049 rt->fib6_nh.nh_weight = 1;
3050
3051 rt->fib6_type = cfg->fc_type;
3052
3053 /* We cannot add true routes via loopback here,
3054 they would result in kernel looping; promote them to reject routes
3055 */
3056 if ((cfg->fc_flags & RTF_REJECT) ||
3057 (dev && (dev->flags & IFF_LOOPBACK) &&
3058 !(addr_type & IPV6_ADDR_LOOPBACK) &&
3059 !(cfg->fc_flags & RTF_LOCAL))) {
3060 /* hold loopback dev/idev if we haven't done so. */
3061 if (dev != net->loopback_dev) {
3062 if (dev) {
3063 dev_put(dev);
3064 in6_dev_put(idev);
3065 }
3066 dev = net->loopback_dev;
3067 dev_hold(dev);
3068 idev = in6_dev_get(dev);
3069 if (!idev) {
3070 err = -ENODEV;
3071 goto out;
3072 }
3073 }
3074 rt->fib6_flags = RTF_REJECT|RTF_NONEXTHOP;
3075 goto install_route;
3076 }
3077
3078 if (cfg->fc_flags & RTF_GATEWAY) {
3079 err = ip6_validate_gw(net, cfg, &dev, &idev, extack);
3080 if (err)
3081 goto out;
3082
3083 rt->fib6_nh.nh_gw = cfg->fc_gateway;
3084 }
3085
3086 err = -ENODEV;
3087 if (!dev)
3088 goto out;
3089
3090 if (idev->cnf.disable_ipv6) {
3091 NL_SET_ERR_MSG(extack, "IPv6 is disabled on nexthop device");
3092 err = -EACCES;
3093 goto out;
3094 }
3095
3096 if (!(dev->flags & IFF_UP)) {
3097 NL_SET_ERR_MSG(extack, "Nexthop device is not up");
3098 err = -ENETDOWN;
3099 goto out;
3100 }
3101
3102 if (!ipv6_addr_any(&cfg->fc_prefsrc)) {
3103 if (!ipv6_chk_addr(net, &cfg->fc_prefsrc, dev, 0)) {
3104 NL_SET_ERR_MSG(extack, "Invalid source address");
3105 err = -EINVAL;
3106 goto out;
3107 }
3108 rt->fib6_prefsrc.addr = cfg->fc_prefsrc;
3109 rt->fib6_prefsrc.plen = 128;
3110 } else
3111 rt->fib6_prefsrc.plen = 0;
3112
3113 rt->fib6_flags = cfg->fc_flags;
3114
3115 install_route:
3116 if (!(rt->fib6_flags & (RTF_LOCAL | RTF_ANYCAST)) &&
3117 !netif_carrier_ok(dev))
3118 rt->fib6_nh.nh_flags |= RTNH_F_LINKDOWN;
3119 rt->fib6_nh.nh_flags |= (cfg->fc_flags & RTNH_F_ONLINK);
3120 rt->fib6_nh.nh_dev = dev;
3121 rt->fib6_table = table;
3122
3123 if (idev)
3124 in6_dev_put(idev);
3125
3126 return rt;
3127 out:
3128 if (dev)
3129 dev_put(dev);
3130 if (idev)
3131 in6_dev_put(idev);
3132
3133 fib6_info_release(rt);
3134 return ERR_PTR(err);
3135 }
3136
3137 int ip6_route_add(struct fib6_config *cfg, gfp_t gfp_flags,
3138 struct netlink_ext_ack *extack)
3139 {
3140 struct fib6_info *rt;
3141 int err;
3142
3143 rt = ip6_route_info_create(cfg, gfp_flags, extack);
3144 if (IS_ERR(rt))
3145 return PTR_ERR(rt);
3146
3147 err = __ip6_ins_rt(rt, &cfg->fc_nlinfo, extack);
3148 fib6_info_release(rt);
3149
3150 return err;
3151 }
3152
3153 static int __ip6_del_rt(struct fib6_info *rt, struct nl_info *info)
3154 {
3155 struct net *net = info->nl_net;
3156 struct fib6_table *table;
3157 int err;
3158
3159 if (rt == net->ipv6.fib6_null_entry) {
3160 err = -ENOENT;
3161 goto out;
3162 }
3163
3164 table = rt->fib6_table;
3165 spin_lock_bh(&table->tb6_lock);
3166 err = fib6_del(rt, info);
3167 spin_unlock_bh(&table->tb6_lock);
3168
3169 out:
3170 fib6_info_release(rt);
3171 return err;
3172 }
3173
3174 int ip6_del_rt(struct net *net, struct fib6_info *rt)
3175 {
3176 struct nl_info info = { .nl_net = net };
3177
3178 return __ip6_del_rt(rt, &info);
3179 }
3180
3181 static int __ip6_del_rt_siblings(struct fib6_info *rt, struct fib6_config *cfg)
3182 {
3183 struct nl_info *info = &cfg->fc_nlinfo;
3184 struct net *net = info->nl_net;
3185 struct sk_buff *skb = NULL;
3186 struct fib6_table *table;
3187 int err = -ENOENT;
3188
3189 if (rt == net->ipv6.fib6_null_entry)
3190 goto out_put;
3191 table = rt->fib6_table;
3192 spin_lock_bh(&table->tb6_lock);
3193
3194 if (rt->fib6_nsiblings && cfg->fc_delete_all_nh) {
3195 struct fib6_info *sibling, *next_sibling;
3196
3197 /* prefer to send a single notification with all hops */
3198 skb = nlmsg_new(rt6_nlmsg_size(rt), gfp_any());
3199 if (skb) {
3200 u32 seq = info->nlh ? info->nlh->nlmsg_seq : 0;
3201
3202 if (rt6_fill_node(net, skb, rt, NULL,
3203 NULL, NULL, 0, RTM_DELROUTE,
3204 info->portid, seq, 0) < 0) {
3205 kfree_skb(skb);
3206 skb = NULL;
3207 } else
3208 info->skip_notify = 1;
3209 }
3210
3211 list_for_each_entry_safe(sibling, next_sibling,
3212 &rt->fib6_siblings,
3213 fib6_siblings) {
3214 err = fib6_del(sibling, info);
3215 if (err)
3216 goto out_unlock;
3217 }
3218 }
3219
3220 err = fib6_del(rt, info);
3221 out_unlock:
3222 spin_unlock_bh(&table->tb6_lock);
3223 out_put:
3224 fib6_info_release(rt);
3225
3226 if (skb) {
3227 rtnl_notify(skb, net, info->portid, RTNLGRP_IPV6_ROUTE,
3228 info->nlh, gfp_any());
3229 }
3230 return err;
3231 }
3232
3233 static int ip6_del_cached_rt(struct rt6_info *rt, struct fib6_config *cfg)
3234 {
3235 int rc = -ESRCH;
3236
3237 if (cfg->fc_ifindex && rt->dst.dev->ifindex != cfg->fc_ifindex)
3238 goto out;
3239
3240 if (cfg->fc_flags & RTF_GATEWAY &&
3241 !ipv6_addr_equal(&cfg->fc_gateway, &rt->rt6i_gateway))
3242 goto out;
3243
3244 rc = rt6_remove_exception_rt(rt);
3245 out:
3246 return rc;
3247 }
3248
3249 static int ip6_route_del(struct fib6_config *cfg,
3250 struct netlink_ext_ack *extack)
3251 {
3252 struct rt6_info *rt_cache;
3253 struct fib6_table *table;
3254 struct fib6_info *rt;
3255 struct fib6_node *fn;
3256 int err = -ESRCH;
3257
3258 table = fib6_get_table(cfg->fc_nlinfo.nl_net, cfg->fc_table);
3259 if (!table) {
3260 NL_SET_ERR_MSG(extack, "FIB table does not exist");
3261 return err;
3262 }
3263
3264 rcu_read_lock();
3265
3266 fn = fib6_locate(&table->tb6_root,
3267 &cfg->fc_dst, cfg->fc_dst_len,
3268 &cfg->fc_src, cfg->fc_src_len,
3269 !(cfg->fc_flags & RTF_CACHE));
3270
3271 if (fn) {
3272 for_each_fib6_node_rt_rcu(fn) {
3273 if (cfg->fc_flags & RTF_CACHE) {
3274 int rc;
3275
3276 rt_cache = rt6_find_cached_rt(rt, &cfg->fc_dst,
3277 &cfg->fc_src);
3278 if (rt_cache) {
3279 rc = ip6_del_cached_rt(rt_cache, cfg);
3280 if (rc != -ESRCH) {
3281 rcu_read_unlock();
3282 return rc;
3283 }
3284 }
3285 continue;
3286 }
3287 if (cfg->fc_ifindex &&
3288 (!rt->fib6_nh.nh_dev ||
3289 rt->fib6_nh.nh_dev->ifindex != cfg->fc_ifindex))
3290 continue;
3291 if (cfg->fc_flags & RTF_GATEWAY &&
3292 !ipv6_addr_equal(&cfg->fc_gateway, &rt->fib6_nh.nh_gw))
3293 continue;
3294 if (cfg->fc_metric && cfg->fc_metric != rt->fib6_metric)
3295 continue;
3296 if (cfg->fc_protocol && cfg->fc_protocol != rt->fib6_protocol)
3297 continue;
3298 if (!fib6_info_hold_safe(rt))
3299 continue;
3300 rcu_read_unlock();
3301
3302 /* if gateway was specified only delete the one hop */
3303 if (cfg->fc_flags & RTF_GATEWAY)
3304 return __ip6_del_rt(rt, &cfg->fc_nlinfo);
3305
3306 return __ip6_del_rt_siblings(rt, cfg);
3307 }
3308 }
3309 rcu_read_unlock();
3310
3311 return err;
3312 }
3313
3314 static void rt6_do_redirect(struct dst_entry *dst, struct sock *sk, struct sk_buff *skb)
3315 {
3316 struct netevent_redirect netevent;
3317 struct rt6_info *rt, *nrt = NULL;
3318 struct ndisc_options ndopts;
3319 struct inet6_dev *in6_dev;
3320 struct neighbour *neigh;
3321 struct fib6_info *from;
3322 struct rd_msg *msg;
3323 int optlen, on_link;
3324 u8 *lladdr;
3325
3326 optlen = skb_tail_pointer(skb) - skb_transport_header(skb);
3327 optlen -= sizeof(*msg);
3328
3329 if (optlen < 0) {
3330 net_dbg_ratelimited("rt6_do_redirect: packet too short\n");
3331 return;
3332 }
3333
3334 msg = (struct rd_msg *)icmp6_hdr(skb);
3335
3336 if (ipv6_addr_is_multicast(&msg->dest)) {
3337 net_dbg_ratelimited("rt6_do_redirect: destination address is multicast\n");
3338 return;
3339 }
3340
3341 on_link = 0;
3342 if (ipv6_addr_equal(&msg->dest, &msg->target)) {
3343 on_link = 1;
3344 } else if (ipv6_addr_type(&msg->target) !=
3345 (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
3346 net_dbg_ratelimited("rt6_do_redirect: target address is not link-local unicast\n");
3347 return;
3348 }
3349
3350 in6_dev = __in6_dev_get(skb->dev);
3351 if (!in6_dev)
3352 return;
3353 if (in6_dev->cnf.forwarding || !in6_dev->cnf.accept_redirects)
3354 return;
3355
3356 /* RFC2461 8.1:
3357 * The IP source address of the Redirect MUST be the same as the current
3358 * first-hop router for the specified ICMP Destination Address.
3359 */
3360
3361 if (!ndisc_parse_options(skb->dev, msg->opt, optlen, &ndopts)) {
3362 net_dbg_ratelimited("rt6_redirect: invalid ND options\n");
3363 return;
3364 }
3365
3366 lladdr = NULL;
3367 if (ndopts.nd_opts_tgt_lladdr) {
3368 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr,
3369 skb->dev);
3370 if (!lladdr) {
3371 net_dbg_ratelimited("rt6_redirect: invalid link-layer address length\n");
3372 return;
3373 }
3374 }
3375
3376 rt = (struct rt6_info *) dst;
3377 if (rt->rt6i_flags & RTF_REJECT) {
3378 net_dbg_ratelimited("rt6_redirect: source isn't a valid nexthop for redirect target\n");
3379 return;
3380 }
3381
3382 /* Redirect received -> path was valid.
3383 * Look, redirects are sent only in response to data packets,
3384 * so that this nexthop apparently is reachable. --ANK
3385 */
3386 dst_confirm_neigh(&rt->dst, &ipv6_hdr(skb)->saddr);
3387
3388 neigh = __neigh_lookup(&nd_tbl, &msg->target, skb->dev, 1);
3389 if (!neigh)
3390 return;
3391
3392 /*
3393 * We have finally decided to accept it.
3394 */
3395
3396 ndisc_update(skb->dev, neigh, lladdr, NUD_STALE,
3397 NEIGH_UPDATE_F_WEAK_OVERRIDE|
3398 NEIGH_UPDATE_F_OVERRIDE|
3399 (on_link ? 0 : (NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
3400 NEIGH_UPDATE_F_ISROUTER)),
3401 NDISC_REDIRECT, &ndopts);
3402
3403 rcu_read_lock();
3404 from = rcu_dereference(rt->from);
3405 if (!from)
3406 goto out;
3407
3408 nrt = ip6_rt_cache_alloc(from, &msg->dest, NULL);
3409 if (!nrt)
3410 goto out;
3411
3412 nrt->rt6i_flags = RTF_GATEWAY|RTF_UP|RTF_DYNAMIC|RTF_CACHE;
3413 if (on_link)
3414 nrt->rt6i_flags &= ~RTF_GATEWAY;
3415
3416 nrt->rt6i_gateway = *(struct in6_addr *)neigh->primary_key;
3417
3418 /* rt6_insert_exception() will take care of duplicated exceptions */
3419 if (rt6_insert_exception(nrt, from)) {
3420 dst_release_immediate(&nrt->dst);
3421 goto out;
3422 }
3423
3424 netevent.old = &rt->dst;
3425 netevent.new = &nrt->dst;
3426 netevent.daddr = &msg->dest;
3427 netevent.neigh = neigh;
3428 call_netevent_notifiers(NETEVENT_REDIRECT, &netevent);
3429
3430 out:
3431 rcu_read_unlock();
3432 neigh_release(neigh);
3433 }
3434
3435 #ifdef CONFIG_IPV6_ROUTE_INFO
3436 static struct fib6_info *rt6_get_route_info(struct net *net,
3437 const struct in6_addr *prefix, int prefixlen,
3438 const struct in6_addr *gwaddr,
3439 struct net_device *dev)
3440 {
3441 u32 tb_id = l3mdev_fib_table(dev) ? : RT6_TABLE_INFO;
3442 int ifindex = dev->ifindex;
3443 struct fib6_node *fn;
3444 struct fib6_info *rt = NULL;
3445 struct fib6_table *table;
3446
3447 table = fib6_get_table(net, tb_id);
3448 if (!table)
3449 return NULL;
3450
3451 rcu_read_lock();
3452 fn = fib6_locate(&table->tb6_root, prefix, prefixlen, NULL, 0, true);
3453 if (!fn)
3454 goto out;
3455
3456 for_each_fib6_node_rt_rcu(fn) {
3457 if (rt->fib6_nh.nh_dev->ifindex != ifindex)
3458 continue;
3459 if ((rt->fib6_flags & (RTF_ROUTEINFO|RTF_GATEWAY)) != (RTF_ROUTEINFO|RTF_GATEWAY))
3460 continue;
3461 if (!ipv6_addr_equal(&rt->fib6_nh.nh_gw, gwaddr))
3462 continue;
3463 if (!fib6_info_hold_safe(rt))
3464 continue;
3465 break;
3466 }
3467 out:
3468 rcu_read_unlock();
3469 return rt;
3470 }
3471
3472 static struct fib6_info *rt6_add_route_info(struct net *net,
3473 const struct in6_addr *prefix, int prefixlen,
3474 const struct in6_addr *gwaddr,
3475 struct net_device *dev,
3476 unsigned int pref)
3477 {
3478 struct fib6_config cfg = {
3479 .fc_metric = IP6_RT_PRIO_USER,
3480 .fc_ifindex = dev->ifindex,
3481 .fc_dst_len = prefixlen,
3482 .fc_flags = RTF_GATEWAY | RTF_ADDRCONF | RTF_ROUTEINFO |
3483 RTF_UP | RTF_PREF(pref),
3484 .fc_protocol = RTPROT_RA,
3485 .fc_type = RTN_UNICAST,
3486 .fc_nlinfo.portid = 0,
3487 .fc_nlinfo.nlh = NULL,
3488 .fc_nlinfo.nl_net = net,
3489 };
3490
3491 cfg.fc_table = l3mdev_fib_table(dev) ? : RT6_TABLE_INFO,
3492 cfg.fc_dst = *prefix;
3493 cfg.fc_gateway = *gwaddr;
3494
3495 /* We should treat it as a default route if prefix length is 0. */
3496 if (!prefixlen)
3497 cfg.fc_flags |= RTF_DEFAULT;
3498
3499 ip6_route_add(&cfg, GFP_ATOMIC, NULL);
3500
3501 return rt6_get_route_info(net, prefix, prefixlen, gwaddr, dev);
3502 }
3503 #endif
3504
3505 struct fib6_info *rt6_get_dflt_router(struct net *net,
3506 const struct in6_addr *addr,
3507 struct net_device *dev)
3508 {
3509 u32 tb_id = l3mdev_fib_table(dev) ? : RT6_TABLE_DFLT;
3510 struct fib6_info *rt;
3511 struct fib6_table *table;
3512
3513 table = fib6_get_table(net, tb_id);
3514 if (!table)
3515 return NULL;
3516
3517 rcu_read_lock();
3518 for_each_fib6_node_rt_rcu(&table->tb6_root) {
3519 if (dev == rt->fib6_nh.nh_dev &&
3520 ((rt->fib6_flags & (RTF_ADDRCONF | RTF_DEFAULT)) == (RTF_ADDRCONF | RTF_DEFAULT)) &&
3521 ipv6_addr_equal(&rt->fib6_nh.nh_gw, addr))
3522 break;
3523 }
3524 if (rt && !fib6_info_hold_safe(rt))
3525 rt = NULL;
3526 rcu_read_unlock();
3527 return rt;
3528 }
3529
3530 struct fib6_info *rt6_add_dflt_router(struct net *net,
3531 const struct in6_addr *gwaddr,
3532 struct net_device *dev,
3533 unsigned int pref)
3534 {
3535 struct fib6_config cfg = {
3536 .fc_table = l3mdev_fib_table(dev) ? : RT6_TABLE_DFLT,
3537 .fc_metric = IP6_RT_PRIO_USER,
3538 .fc_ifindex = dev->ifindex,
3539 .fc_flags = RTF_GATEWAY | RTF_ADDRCONF | RTF_DEFAULT |
3540 RTF_UP | RTF_EXPIRES | RTF_PREF(pref),
3541 .fc_protocol = RTPROT_RA,
3542 .fc_type = RTN_UNICAST,
3543 .fc_nlinfo.portid = 0,
3544 .fc_nlinfo.nlh = NULL,
3545 .fc_nlinfo.nl_net = net,
3546 };
3547
3548 cfg.fc_gateway = *gwaddr;
3549
3550 if (!ip6_route_add(&cfg, GFP_ATOMIC, NULL)) {
3551 struct fib6_table *table;
3552
3553 table = fib6_get_table(dev_net(dev), cfg.fc_table);
3554 if (table)
3555 table->flags |= RT6_TABLE_HAS_DFLT_ROUTER;
3556 }
3557
3558 return rt6_get_dflt_router(net, gwaddr, dev);
3559 }
3560
3561 static void __rt6_purge_dflt_routers(struct net *net,
3562 struct fib6_table *table)
3563 {
3564 struct fib6_info *rt;
3565
3566 restart:
3567 rcu_read_lock();
3568 for_each_fib6_node_rt_rcu(&table->tb6_root) {
3569 struct net_device *dev = fib6_info_nh_dev(rt);
3570 struct inet6_dev *idev = dev ? __in6_dev_get(dev) : NULL;
3571
3572 if (rt->fib6_flags & (RTF_DEFAULT | RTF_ADDRCONF) &&
3573 (!idev || idev->cnf.accept_ra != 2) &&
3574 fib6_info_hold_safe(rt)) {
3575 rcu_read_unlock();
3576 ip6_del_rt(net, rt);
3577 goto restart;
3578 }
3579 }
3580 rcu_read_unlock();
3581
3582 table->flags &= ~RT6_TABLE_HAS_DFLT_ROUTER;
3583 }
3584
3585 void rt6_purge_dflt_routers(struct net *net)
3586 {
3587 struct fib6_table *table;
3588 struct hlist_head *head;
3589 unsigned int h;
3590
3591 rcu_read_lock();
3592
3593 for (h = 0; h < FIB6_TABLE_HASHSZ; h++) {
3594 head = &net->ipv6.fib_table_hash[h];
3595 hlist_for_each_entry_rcu(table, head, tb6_hlist) {
3596 if (table->flags & RT6_TABLE_HAS_DFLT_ROUTER)
3597 __rt6_purge_dflt_routers(net, table);
3598 }
3599 }
3600
3601 rcu_read_unlock();
3602 }
3603
3604 static void rtmsg_to_fib6_config(struct net *net,
3605 struct in6_rtmsg *rtmsg,
3606 struct fib6_config *cfg)
3607 {
3608 *cfg = (struct fib6_config){
3609 .fc_table = l3mdev_fib_table_by_index(net, rtmsg->rtmsg_ifindex) ?
3610 : RT6_TABLE_MAIN,
3611 .fc_ifindex = rtmsg->rtmsg_ifindex,
3612 .fc_metric = rtmsg->rtmsg_metric,
3613 .fc_expires = rtmsg->rtmsg_info,
3614 .fc_dst_len = rtmsg->rtmsg_dst_len,
3615 .fc_src_len = rtmsg->rtmsg_src_len,
3616 .fc_flags = rtmsg->rtmsg_flags,
3617 .fc_type = rtmsg->rtmsg_type,
3618
3619 .fc_nlinfo.nl_net = net,
3620
3621 .fc_dst = rtmsg->rtmsg_dst,
3622 .fc_src = rtmsg->rtmsg_src,
3623 .fc_gateway = rtmsg->rtmsg_gateway,
3624 };
3625 }
3626
3627 int ipv6_route_ioctl(struct net *net, unsigned int cmd, void __user *arg)
3628 {
3629 struct fib6_config cfg;
3630 struct in6_rtmsg rtmsg;
3631 int err;
3632
3633 switch (cmd) {
3634 case SIOCADDRT: /* Add a route */
3635 case SIOCDELRT: /* Delete a route */
3636 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
3637 return -EPERM;
3638 err = copy_from_user(&rtmsg, arg,
3639 sizeof(struct in6_rtmsg));
3640 if (err)
3641 return -EFAULT;
3642
3643 rtmsg_to_fib6_config(net, &rtmsg, &cfg);
3644
3645 rtnl_lock();
3646 switch (cmd) {
3647 case SIOCADDRT:
3648 err = ip6_route_add(&cfg, GFP_KERNEL, NULL);
3649 break;
3650 case SIOCDELRT:
3651 err = ip6_route_del(&cfg, NULL);
3652 break;
3653 default:
3654 err = -EINVAL;
3655 }
3656 rtnl_unlock();
3657
3658 return err;
3659 }
3660
3661 return -EINVAL;
3662 }
3663
3664 /*
3665 * Drop the packet on the floor
3666 */
3667
3668 static int ip6_pkt_drop(struct sk_buff *skb, u8 code, int ipstats_mib_noroutes)
3669 {
3670 struct dst_entry *dst = skb_dst(skb);
3671 struct net *net = dev_net(dst->dev);
3672 struct inet6_dev *idev;
3673 int type;
3674
3675 if (netif_is_l3_master(skb->dev) &&
3676 dst->dev == net->loopback_dev)
3677 idev = __in6_dev_get_safely(dev_get_by_index_rcu(net, IP6CB(skb)->iif));
3678 else
3679 idev = ip6_dst_idev(dst);
3680
3681 switch (ipstats_mib_noroutes) {
3682 case IPSTATS_MIB_INNOROUTES:
3683 type = ipv6_addr_type(&ipv6_hdr(skb)->daddr);
3684 if (type == IPV6_ADDR_ANY) {
3685 IP6_INC_STATS(net, idev, IPSTATS_MIB_INADDRERRORS);
3686 break;
3687 }
3688 /* FALLTHROUGH */
3689 case IPSTATS_MIB_OUTNOROUTES:
3690 IP6_INC_STATS(net, idev, ipstats_mib_noroutes);
3691 break;
3692 }
3693
3694 /* Start over by dropping the dst for l3mdev case */
3695 if (netif_is_l3_master(skb->dev))
3696 skb_dst_drop(skb);
3697
3698 icmpv6_send(skb, ICMPV6_DEST_UNREACH, code, 0);
3699 kfree_skb(skb);
3700 return 0;
3701 }
3702
3703 static int ip6_pkt_discard(struct sk_buff *skb)
3704 {
3705 return ip6_pkt_drop(skb, ICMPV6_NOROUTE, IPSTATS_MIB_INNOROUTES);
3706 }
3707
3708 static int ip6_pkt_discard_out(struct net *net, struct sock *sk, struct sk_buff *skb)
3709 {
3710 skb->dev = skb_dst(skb)->dev;
3711 return ip6_pkt_drop(skb, ICMPV6_NOROUTE, IPSTATS_MIB_OUTNOROUTES);
3712 }
3713
3714 static int ip6_pkt_prohibit(struct sk_buff *skb)
3715 {
3716 return ip6_pkt_drop(skb, ICMPV6_ADM_PROHIBITED, IPSTATS_MIB_INNOROUTES);
3717 }
3718
3719 static int ip6_pkt_prohibit_out(struct net *net, struct sock *sk, struct sk_buff *skb)
3720 {
3721 skb->dev = skb_dst(skb)->dev;
3722 return ip6_pkt_drop(skb, ICMPV6_ADM_PROHIBITED, IPSTATS_MIB_OUTNOROUTES);
3723 }
3724
3725 /*
3726 * Allocate a dst for local (unicast / anycast) address.
3727 */
3728
3729 struct fib6_info *addrconf_f6i_alloc(struct net *net,
3730 struct inet6_dev *idev,
3731 const struct in6_addr *addr,
3732 bool anycast, gfp_t gfp_flags)
3733 {
3734 u32 tb_id;
3735 struct net_device *dev = idev->dev;
3736 struct fib6_info *f6i;
3737
3738 f6i = fib6_info_alloc(gfp_flags);
3739 if (!f6i)
3740 return ERR_PTR(-ENOMEM);
3741
3742 f6i->fib6_metrics = ip_fib_metrics_init(net, NULL, 0, NULL);
3743 f6i->dst_nocount = true;
3744 f6i->dst_host = true;
3745 f6i->fib6_protocol = RTPROT_KERNEL;
3746 f6i->fib6_flags = RTF_UP | RTF_NONEXTHOP;
3747 if (anycast) {
3748 f6i->fib6_type = RTN_ANYCAST;
3749 f6i->fib6_flags |= RTF_ANYCAST;
3750 } else {
3751 f6i->fib6_type = RTN_LOCAL;
3752 f6i->fib6_flags |= RTF_LOCAL;
3753 }
3754
3755 f6i->fib6_nh.nh_gw = *addr;
3756 dev_hold(dev);
3757 f6i->fib6_nh.nh_dev = dev;
3758 f6i->fib6_dst.addr = *addr;
3759 f6i->fib6_dst.plen = 128;
3760 tb_id = l3mdev_fib_table(idev->dev) ? : RT6_TABLE_LOCAL;
3761 f6i->fib6_table = fib6_get_table(net, tb_id);
3762
3763 return f6i;
3764 }
3765
3766 /* remove deleted ip from prefsrc entries */
3767 struct arg_dev_net_ip {
3768 struct net_device *dev;
3769 struct net *net;
3770 struct in6_addr *addr;
3771 };
3772
3773 static int fib6_remove_prefsrc(struct fib6_info *rt, void *arg)
3774 {
3775 struct net_device *dev = ((struct arg_dev_net_ip *)arg)->dev;
3776 struct net *net = ((struct arg_dev_net_ip *)arg)->net;
3777 struct in6_addr *addr = ((struct arg_dev_net_ip *)arg)->addr;
3778
3779 if (((void *)rt->fib6_nh.nh_dev == dev || !dev) &&
3780 rt != net->ipv6.fib6_null_entry &&
3781 ipv6_addr_equal(addr, &rt->fib6_prefsrc.addr)) {
3782 spin_lock_bh(&rt6_exception_lock);
3783 /* remove prefsrc entry */
3784 rt->fib6_prefsrc.plen = 0;
3785 spin_unlock_bh(&rt6_exception_lock);
3786 }
3787 return 0;
3788 }
3789
3790 void rt6_remove_prefsrc(struct inet6_ifaddr *ifp)
3791 {
3792 struct net *net = dev_net(ifp->idev->dev);
3793 struct arg_dev_net_ip adni = {
3794 .dev = ifp->idev->dev,
3795 .net = net,
3796 .addr = &ifp->addr,
3797 };
3798 fib6_clean_all(net, fib6_remove_prefsrc, &adni);
3799 }
3800
3801 #define RTF_RA_ROUTER (RTF_ADDRCONF | RTF_DEFAULT | RTF_GATEWAY)
3802
3803 /* Remove routers and update dst entries when gateway turn into host. */
3804 static int fib6_clean_tohost(struct fib6_info *rt, void *arg)
3805 {
3806 struct in6_addr *gateway = (struct in6_addr *)arg;
3807
3808 if (((rt->fib6_flags & RTF_RA_ROUTER) == RTF_RA_ROUTER) &&
3809 ipv6_addr_equal(gateway, &rt->fib6_nh.nh_gw)) {
3810 return -1;
3811 }
3812
3813 /* Further clean up cached routes in exception table.
3814 * This is needed because cached route may have a different
3815 * gateway than its 'parent' in the case of an ip redirect.
3816 */
3817 rt6_exceptions_clean_tohost(rt, gateway);
3818
3819 return 0;
3820 }
3821
3822 void rt6_clean_tohost(struct net *net, struct in6_addr *gateway)
3823 {
3824 fib6_clean_all(net, fib6_clean_tohost, gateway);
3825 }
3826
3827 struct arg_netdev_event {
3828 const struct net_device *dev;
3829 union {
3830 unsigned int nh_flags;
3831 unsigned long event;
3832 };
3833 };
3834
3835 static struct fib6_info *rt6_multipath_first_sibling(const struct fib6_info *rt)
3836 {
3837 struct fib6_info *iter;
3838 struct fib6_node *fn;
3839
3840 fn = rcu_dereference_protected(rt->fib6_node,
3841 lockdep_is_held(&rt->fib6_table->tb6_lock));
3842 iter = rcu_dereference_protected(fn->leaf,
3843 lockdep_is_held(&rt->fib6_table->tb6_lock));
3844 while (iter) {
3845 if (iter->fib6_metric == rt->fib6_metric &&
3846 rt6_qualify_for_ecmp(iter))
3847 return iter;
3848 iter = rcu_dereference_protected(iter->fib6_next,
3849 lockdep_is_held(&rt->fib6_table->tb6_lock));
3850 }
3851
3852 return NULL;
3853 }
3854
3855 static bool rt6_is_dead(const struct fib6_info *rt)
3856 {
3857 if (rt->fib6_nh.nh_flags & RTNH_F_DEAD ||
3858 (rt->fib6_nh.nh_flags & RTNH_F_LINKDOWN &&
3859 fib6_ignore_linkdown(rt)))
3860 return true;
3861
3862 return false;
3863 }
3864
3865 static int rt6_multipath_total_weight(const struct fib6_info *rt)
3866 {
3867 struct fib6_info *iter;
3868 int total = 0;
3869
3870 if (!rt6_is_dead(rt))
3871 total += rt->fib6_nh.nh_weight;
3872
3873 list_for_each_entry(iter, &rt->fib6_siblings, fib6_siblings) {
3874 if (!rt6_is_dead(iter))
3875 total += iter->fib6_nh.nh_weight;
3876 }
3877
3878 return total;
3879 }
3880
3881 static void rt6_upper_bound_set(struct fib6_info *rt, int *weight, int total)
3882 {
3883 int upper_bound = -1;
3884
3885 if (!rt6_is_dead(rt)) {
3886 *weight += rt->fib6_nh.nh_weight;
3887 upper_bound = DIV_ROUND_CLOSEST_ULL((u64) (*weight) << 31,
3888 total) - 1;
3889 }
3890 atomic_set(&rt->fib6_nh.nh_upper_bound, upper_bound);
3891 }
3892
3893 static void rt6_multipath_upper_bound_set(struct fib6_info *rt, int total)
3894 {
3895 struct fib6_info *iter;
3896 int weight = 0;
3897
3898 rt6_upper_bound_set(rt, &weight, total);
3899
3900 list_for_each_entry(iter, &rt->fib6_siblings, fib6_siblings)
3901 rt6_upper_bound_set(iter, &weight, total);
3902 }
3903
3904 void rt6_multipath_rebalance(struct fib6_info *rt)
3905 {
3906 struct fib6_info *first;
3907 int total;
3908
3909 /* In case the entire multipath route was marked for flushing,
3910 * then there is no need to rebalance upon the removal of every
3911 * sibling route.
3912 */
3913 if (!rt->fib6_nsiblings || rt->should_flush)
3914 return;
3915
3916 /* During lookup routes are evaluated in order, so we need to
3917 * make sure upper bounds are assigned from the first sibling
3918 * onwards.
3919 */
3920 first = rt6_multipath_first_sibling(rt);
3921 if (WARN_ON_ONCE(!first))
3922 return;
3923
3924 total = rt6_multipath_total_weight(first);
3925 rt6_multipath_upper_bound_set(first, total);
3926 }
3927
3928 static int fib6_ifup(struct fib6_info *rt, void *p_arg)
3929 {
3930 const struct arg_netdev_event *arg = p_arg;
3931 struct net *net = dev_net(arg->dev);
3932
3933 if (rt != net->ipv6.fib6_null_entry && rt->fib6_nh.nh_dev == arg->dev) {
3934 rt->fib6_nh.nh_flags &= ~arg->nh_flags;
3935 fib6_update_sernum_upto_root(net, rt);
3936 rt6_multipath_rebalance(rt);
3937 }
3938
3939 return 0;
3940 }
3941
3942 void rt6_sync_up(struct net_device *dev, unsigned int nh_flags)
3943 {
3944 struct arg_netdev_event arg = {
3945 .dev = dev,
3946 {
3947 .nh_flags = nh_flags,
3948 },
3949 };
3950
3951 if (nh_flags & RTNH_F_DEAD && netif_carrier_ok(dev))
3952 arg.nh_flags |= RTNH_F_LINKDOWN;
3953
3954 fib6_clean_all(dev_net(dev), fib6_ifup, &arg);
3955 }
3956
3957 static bool rt6_multipath_uses_dev(const struct fib6_info *rt,
3958 const struct net_device *dev)
3959 {
3960 struct fib6_info *iter;
3961
3962 if (rt->fib6_nh.nh_dev == dev)
3963 return true;
3964 list_for_each_entry(iter, &rt->fib6_siblings, fib6_siblings)
3965 if (iter->fib6_nh.nh_dev == dev)
3966 return true;
3967
3968 return false;
3969 }
3970
3971 static void rt6_multipath_flush(struct fib6_info *rt)
3972 {
3973 struct fib6_info *iter;
3974
3975 rt->should_flush = 1;
3976 list_for_each_entry(iter, &rt->fib6_siblings, fib6_siblings)
3977 iter->should_flush = 1;
3978 }
3979
3980 static unsigned int rt6_multipath_dead_count(const struct fib6_info *rt,
3981 const struct net_device *down_dev)
3982 {
3983 struct fib6_info *iter;
3984 unsigned int dead = 0;
3985
3986 if (rt->fib6_nh.nh_dev == down_dev ||
3987 rt->fib6_nh.nh_flags & RTNH_F_DEAD)
3988 dead++;
3989 list_for_each_entry(iter, &rt->fib6_siblings, fib6_siblings)
3990 if (iter->fib6_nh.nh_dev == down_dev ||
3991 iter->fib6_nh.nh_flags & RTNH_F_DEAD)
3992 dead++;
3993
3994 return dead;
3995 }
3996
3997 static void rt6_multipath_nh_flags_set(struct fib6_info *rt,
3998 const struct net_device *dev,
3999 unsigned int nh_flags)
4000 {
4001 struct fib6_info *iter;
4002
4003 if (rt->fib6_nh.nh_dev == dev)
4004 rt->fib6_nh.nh_flags |= nh_flags;
4005 list_for_each_entry(iter, &rt->fib6_siblings, fib6_siblings)
4006 if (iter->fib6_nh.nh_dev == dev)
4007 iter->fib6_nh.nh_flags |= nh_flags;
4008 }
4009
4010 /* called with write lock held for table with rt */
4011 static int fib6_ifdown(struct fib6_info *rt, void *p_arg)
4012 {
4013 const struct arg_netdev_event *arg = p_arg;
4014 const struct net_device *dev = arg->dev;
4015 struct net *net = dev_net(dev);
4016
4017 if (rt == net->ipv6.fib6_null_entry)
4018 return 0;
4019
4020 switch (arg->event) {
4021 case NETDEV_UNREGISTER:
4022 return rt->fib6_nh.nh_dev == dev ? -1 : 0;
4023 case NETDEV_DOWN:
4024 if (rt->should_flush)
4025 return -1;
4026 if (!rt->fib6_nsiblings)
4027 return rt->fib6_nh.nh_dev == dev ? -1 : 0;
4028 if (rt6_multipath_uses_dev(rt, dev)) {
4029 unsigned int count;
4030
4031 count = rt6_multipath_dead_count(rt, dev);
4032 if (rt->fib6_nsiblings + 1 == count) {
4033 rt6_multipath_flush(rt);
4034 return -1;
4035 }
4036 rt6_multipath_nh_flags_set(rt, dev, RTNH_F_DEAD |
4037 RTNH_F_LINKDOWN);
4038 fib6_update_sernum(net, rt);
4039 rt6_multipath_rebalance(rt);
4040 }
4041 return -2;
4042 case NETDEV_CHANGE:
4043 if (rt->fib6_nh.nh_dev != dev ||
4044 rt->fib6_flags & (RTF_LOCAL | RTF_ANYCAST))
4045 break;
4046 rt->fib6_nh.nh_flags |= RTNH_F_LINKDOWN;
4047 rt6_multipath_rebalance(rt);
4048 break;
4049 }
4050
4051 return 0;
4052 }
4053
4054 void rt6_sync_down_dev(struct net_device *dev, unsigned long event)
4055 {
4056 struct arg_netdev_event arg = {
4057 .dev = dev,
4058 {
4059 .event = event,
4060 },
4061 };
4062 struct net *net = dev_net(dev);
4063
4064 if (net->ipv6.sysctl.skip_notify_on_dev_down)
4065 fib6_clean_all_skip_notify(net, fib6_ifdown, &arg);
4066 else
4067 fib6_clean_all(net, fib6_ifdown, &arg);
4068 }
4069
4070 void rt6_disable_ip(struct net_device *dev, unsigned long event)
4071 {
4072 rt6_sync_down_dev(dev, event);
4073 rt6_uncached_list_flush_dev(dev_net(dev), dev);
4074 neigh_ifdown(&nd_tbl, dev);
4075 }
4076
4077 struct rt6_mtu_change_arg {
4078 struct net_device *dev;
4079 unsigned int mtu;
4080 };
4081
4082 static int rt6_mtu_change_route(struct fib6_info *rt, void *p_arg)
4083 {
4084 struct rt6_mtu_change_arg *arg = (struct rt6_mtu_change_arg *) p_arg;
4085 struct inet6_dev *idev;
4086
4087 /* In IPv6 pmtu discovery is not optional,
4088 so that RTAX_MTU lock cannot disable it.
4089 We still use this lock to block changes
4090 caused by addrconf/ndisc.
4091 */
4092
4093 idev = __in6_dev_get(arg->dev);
4094 if (!idev)
4095 return 0;
4096
4097 /* For administrative MTU increase, there is no way to discover
4098 IPv6 PMTU increase, so PMTU increase should be updated here.
4099 Since RFC 1981 doesn't include administrative MTU increase
4100 update PMTU increase is a MUST. (i.e. jumbo frame)
4101 */
4102 if (rt->fib6_nh.nh_dev == arg->dev &&
4103 !fib6_metric_locked(rt, RTAX_MTU)) {
4104 u32 mtu = rt->fib6_pmtu;
4105
4106 if (mtu >= arg->mtu ||
4107 (mtu < arg->mtu && mtu == idev->cnf.mtu6))
4108 fib6_metric_set(rt, RTAX_MTU, arg->mtu);
4109
4110 spin_lock_bh(&rt6_exception_lock);
4111 rt6_exceptions_update_pmtu(idev, rt, arg->mtu);
4112 spin_unlock_bh(&rt6_exception_lock);
4113 }
4114 return 0;
4115 }
4116
4117 void rt6_mtu_change(struct net_device *dev, unsigned int mtu)
4118 {
4119 struct rt6_mtu_change_arg arg = {
4120 .dev = dev,
4121 .mtu = mtu,
4122 };
4123
4124 fib6_clean_all(dev_net(dev), rt6_mtu_change_route, &arg);
4125 }
4126
4127 static const struct nla_policy rtm_ipv6_policy[RTA_MAX+1] = {
4128 [RTA_GATEWAY] = { .len = sizeof(struct in6_addr) },
4129 [RTA_PREFSRC] = { .len = sizeof(struct in6_addr) },
4130 [RTA_OIF] = { .type = NLA_U32 },
4131 [RTA_IIF] = { .type = NLA_U32 },
4132 [RTA_PRIORITY] = { .type = NLA_U32 },
4133 [RTA_METRICS] = { .type = NLA_NESTED },
4134 [RTA_MULTIPATH] = { .len = sizeof(struct rtnexthop) },
4135 [RTA_PREF] = { .type = NLA_U8 },
4136 [RTA_ENCAP_TYPE] = { .type = NLA_U16 },
4137 [RTA_ENCAP] = { .type = NLA_NESTED },
4138 [RTA_EXPIRES] = { .type = NLA_U32 },
4139 [RTA_UID] = { .type = NLA_U32 },
4140 [RTA_MARK] = { .type = NLA_U32 },
4141 [RTA_TABLE] = { .type = NLA_U32 },
4142 [RTA_IP_PROTO] = { .type = NLA_U8 },
4143 [RTA_SPORT] = { .type = NLA_U16 },
4144 [RTA_DPORT] = { .type = NLA_U16 },
4145 };
4146
4147 static int rtm_to_fib6_config(struct sk_buff *skb, struct nlmsghdr *nlh,
4148 struct fib6_config *cfg,
4149 struct netlink_ext_ack *extack)
4150 {
4151 struct rtmsg *rtm;
4152 struct nlattr *tb[RTA_MAX+1];
4153 unsigned int pref;
4154 int err;
4155
4156 err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_ipv6_policy,
4157 extack);
4158 if (err < 0)
4159 goto errout;
4160
4161 err = -EINVAL;
4162 rtm = nlmsg_data(nlh);
4163
4164 *cfg = (struct fib6_config){
4165 .fc_table = rtm->rtm_table,
4166 .fc_dst_len = rtm->rtm_dst_len,
4167 .fc_src_len = rtm->rtm_src_len,
4168 .fc_flags = RTF_UP,
4169 .fc_protocol = rtm->rtm_protocol,
4170 .fc_type = rtm->rtm_type,
4171
4172 .fc_nlinfo.portid = NETLINK_CB(skb).portid,
4173 .fc_nlinfo.nlh = nlh,
4174 .fc_nlinfo.nl_net = sock_net(skb->sk),
4175 };
4176
4177 if (rtm->rtm_type == RTN_UNREACHABLE ||
4178 rtm->rtm_type == RTN_BLACKHOLE ||
4179 rtm->rtm_type == RTN_PROHIBIT ||
4180 rtm->rtm_type == RTN_THROW)
4181 cfg->fc_flags |= RTF_REJECT;
4182
4183 if (rtm->rtm_type == RTN_LOCAL)
4184 cfg->fc_flags |= RTF_LOCAL;
4185
4186 if (rtm->rtm_flags & RTM_F_CLONED)
4187 cfg->fc_flags |= RTF_CACHE;
4188
4189 cfg->fc_flags |= (rtm->rtm_flags & RTNH_F_ONLINK);
4190
4191 if (tb[RTA_GATEWAY]) {
4192 cfg->fc_gateway = nla_get_in6_addr(tb[RTA_GATEWAY]);
4193 cfg->fc_flags |= RTF_GATEWAY;
4194 }
4195 if (tb[RTA_VIA]) {
4196 NL_SET_ERR_MSG(extack, "IPv6 does not support RTA_VIA attribute");
4197 goto errout;
4198 }
4199
4200 if (tb[RTA_DST]) {
4201 int plen = (rtm->rtm_dst_len + 7) >> 3;
4202
4203 if (nla_len(tb[RTA_DST]) < plen)
4204 goto errout;
4205
4206 nla_memcpy(&cfg->fc_dst, tb[RTA_DST], plen);
4207 }
4208
4209 if (tb[RTA_SRC]) {
4210 int plen = (rtm->rtm_src_len + 7) >> 3;
4211
4212 if (nla_len(tb[RTA_SRC]) < plen)
4213 goto errout;
4214
4215 nla_memcpy(&cfg->fc_src, tb[RTA_SRC], plen);
4216 }
4217
4218 if (tb[RTA_PREFSRC])
4219 cfg->fc_prefsrc = nla_get_in6_addr(tb[RTA_PREFSRC]);
4220
4221 if (tb[RTA_OIF])
4222 cfg->fc_ifindex = nla_get_u32(tb[RTA_OIF]);
4223
4224 if (tb[RTA_PRIORITY])
4225 cfg->fc_metric = nla_get_u32(tb[RTA_PRIORITY]);
4226
4227 if (tb[RTA_METRICS]) {
4228 cfg->fc_mx = nla_data(tb[RTA_METRICS]);
4229 cfg->fc_mx_len = nla_len(tb[RTA_METRICS]);
4230 }
4231
4232 if (tb[RTA_TABLE])
4233 cfg->fc_table = nla_get_u32(tb[RTA_TABLE]);
4234
4235 if (tb[RTA_MULTIPATH]) {
4236 cfg->fc_mp = nla_data(tb[RTA_MULTIPATH]);
4237 cfg->fc_mp_len = nla_len(tb[RTA_MULTIPATH]);
4238
4239 err = lwtunnel_valid_encap_type_attr(cfg->fc_mp,
4240 cfg->fc_mp_len, extack);
4241 if (err < 0)
4242 goto errout;
4243 }
4244
4245 if (tb[RTA_PREF]) {
4246 pref = nla_get_u8(tb[RTA_PREF]);
4247 if (pref != ICMPV6_ROUTER_PREF_LOW &&
4248 pref != ICMPV6_ROUTER_PREF_HIGH)
4249 pref = ICMPV6_ROUTER_PREF_MEDIUM;
4250 cfg->fc_flags |= RTF_PREF(pref);
4251 }
4252
4253 if (tb[RTA_ENCAP])
4254 cfg->fc_encap = tb[RTA_ENCAP];
4255
4256 if (tb[RTA_ENCAP_TYPE]) {
4257 cfg->fc_encap_type = nla_get_u16(tb[RTA_ENCAP_TYPE]);
4258
4259 err = lwtunnel_valid_encap_type(cfg->fc_encap_type, extack);
4260 if (err < 0)
4261 goto errout;
4262 }
4263
4264 if (tb[RTA_EXPIRES]) {
4265 unsigned long timeout = addrconf_timeout_fixup(nla_get_u32(tb[RTA_EXPIRES]), HZ);
4266
4267 if (addrconf_finite_timeout(timeout)) {
4268 cfg->fc_expires = jiffies_to_clock_t(timeout * HZ);
4269 cfg->fc_flags |= RTF_EXPIRES;
4270 }
4271 }
4272
4273 err = 0;
4274 errout:
4275 return err;
4276 }
4277
4278 struct rt6_nh {
4279 struct fib6_info *fib6_info;
4280 struct fib6_config r_cfg;
4281 struct list_head next;
4282 };
4283
4284 static int ip6_route_info_append(struct net *net,
4285 struct list_head *rt6_nh_list,
4286 struct fib6_info *rt,
4287 struct fib6_config *r_cfg)
4288 {
4289 struct rt6_nh *nh;
4290 int err = -EEXIST;
4291
4292 list_for_each_entry(nh, rt6_nh_list, next) {
4293 /* check if fib6_info already exists */
4294 if (rt6_duplicate_nexthop(nh->fib6_info, rt))
4295 return err;
4296 }
4297
4298 nh = kzalloc(sizeof(*nh), GFP_KERNEL);
4299 if (!nh)
4300 return -ENOMEM;
4301 nh->fib6_info = rt;
4302 memcpy(&nh->r_cfg, r_cfg, sizeof(*r_cfg));
4303 list_add_tail(&nh->next, rt6_nh_list);
4304
4305 return 0;
4306 }
4307
4308 static void ip6_route_mpath_notify(struct fib6_info *rt,
4309 struct fib6_info *rt_last,
4310 struct nl_info *info,
4311 __u16 nlflags)
4312 {
4313 /* if this is an APPEND route, then rt points to the first route
4314 * inserted and rt_last points to last route inserted. Userspace
4315 * wants a consistent dump of the route which starts at the first
4316 * nexthop. Since sibling routes are always added at the end of
4317 * the list, find the first sibling of the last route appended
4318 */
4319 if ((nlflags & NLM_F_APPEND) && rt_last && rt_last->fib6_nsiblings) {
4320 rt = list_first_entry(&rt_last->fib6_siblings,
4321 struct fib6_info,
4322 fib6_siblings);
4323 }
4324
4325 if (rt)
4326 inet6_rt_notify(RTM_NEWROUTE, rt, info, nlflags);
4327 }
4328
4329 static int ip6_route_multipath_add(struct fib6_config *cfg,
4330 struct netlink_ext_ack *extack)
4331 {
4332 struct fib6_info *rt_notif = NULL, *rt_last = NULL;
4333 struct nl_info *info = &cfg->fc_nlinfo;
4334 struct fib6_config r_cfg;
4335 struct rtnexthop *rtnh;
4336 struct fib6_info *rt;
4337 struct rt6_nh *err_nh;
4338 struct rt6_nh *nh, *nh_safe;
4339 __u16 nlflags;
4340 int remaining;
4341 int attrlen;
4342 int err = 1;
4343 int nhn = 0;
4344 int replace = (cfg->fc_nlinfo.nlh &&
4345 (cfg->fc_nlinfo.nlh->nlmsg_flags & NLM_F_REPLACE));
4346 LIST_HEAD(rt6_nh_list);
4347
4348 nlflags = replace ? NLM_F_REPLACE : NLM_F_CREATE;
4349 if (info->nlh && info->nlh->nlmsg_flags & NLM_F_APPEND)
4350 nlflags |= NLM_F_APPEND;
4351
4352 remaining = cfg->fc_mp_len;
4353 rtnh = (struct rtnexthop *)cfg->fc_mp;
4354
4355 /* Parse a Multipath Entry and build a list (rt6_nh_list) of
4356 * fib6_info structs per nexthop
4357 */
4358 while (rtnh_ok(rtnh, remaining)) {
4359 memcpy(&r_cfg, cfg, sizeof(*cfg));
4360 if (rtnh->rtnh_ifindex)
4361 r_cfg.fc_ifindex = rtnh->rtnh_ifindex;
4362
4363 attrlen = rtnh_attrlen(rtnh);
4364 if (attrlen > 0) {
4365 struct nlattr *nla, *attrs = rtnh_attrs(rtnh);
4366
4367 nla = nla_find(attrs, attrlen, RTA_GATEWAY);
4368 if (nla) {
4369 r_cfg.fc_gateway = nla_get_in6_addr(nla);
4370 r_cfg.fc_flags |= RTF_GATEWAY;
4371 }
4372 r_cfg.fc_encap = nla_find(attrs, attrlen, RTA_ENCAP);
4373 nla = nla_find(attrs, attrlen, RTA_ENCAP_TYPE);
4374 if (nla)
4375 r_cfg.fc_encap_type = nla_get_u16(nla);
4376 }
4377
4378 r_cfg.fc_flags |= (rtnh->rtnh_flags & RTNH_F_ONLINK);
4379 rt = ip6_route_info_create(&r_cfg, GFP_KERNEL, extack);
4380 if (IS_ERR(rt)) {
4381 err = PTR_ERR(rt);
4382 rt = NULL;
4383 goto cleanup;
4384 }
4385 if (!rt6_qualify_for_ecmp(rt)) {
4386 err = -EINVAL;
4387 NL_SET_ERR_MSG(extack,
4388 "Device only routes can not be added for IPv6 using the multipath API.");
4389 fib6_info_release(rt);
4390 goto cleanup;
4391 }
4392
4393 rt->fib6_nh.nh_weight = rtnh->rtnh_hops + 1;
4394
4395 err = ip6_route_info_append(info->nl_net, &rt6_nh_list,
4396 rt, &r_cfg);
4397 if (err) {
4398 fib6_info_release(rt);
4399 goto cleanup;
4400 }
4401
4402 rtnh = rtnh_next(rtnh, &remaining);
4403 }
4404
4405 /* for add and replace send one notification with all nexthops.
4406 * Skip the notification in fib6_add_rt2node and send one with
4407 * the full route when done
4408 */
4409 info->skip_notify = 1;
4410
4411 err_nh = NULL;
4412 list_for_each_entry(nh, &rt6_nh_list, next) {
4413 err = __ip6_ins_rt(nh->fib6_info, info, extack);
4414 fib6_info_release(nh->fib6_info);
4415
4416 if (!err) {
4417 /* save reference to last route successfully inserted */
4418 rt_last = nh->fib6_info;
4419
4420 /* save reference to first route for notification */
4421 if (!rt_notif)
4422 rt_notif = nh->fib6_info;
4423 }
4424
4425 /* nh->fib6_info is used or freed at this point, reset to NULL*/
4426 nh->fib6_info = NULL;
4427 if (err) {
4428 if (replace && nhn)
4429 NL_SET_ERR_MSG_MOD(extack,
4430 "multipath route replace failed (check consistency of installed routes)");
4431 err_nh = nh;
4432 goto add_errout;
4433 }
4434
4435 /* Because each route is added like a single route we remove
4436 * these flags after the first nexthop: if there is a collision,
4437 * we have already failed to add the first nexthop:
4438 * fib6_add_rt2node() has rejected it; when replacing, old
4439 * nexthops have been replaced by first new, the rest should
4440 * be added to it.
4441 */
4442 cfg->fc_nlinfo.nlh->nlmsg_flags &= ~(NLM_F_EXCL |
4443 NLM_F_REPLACE);
4444 nhn++;
4445 }
4446
4447 /* success ... tell user about new route */
4448 ip6_route_mpath_notify(rt_notif, rt_last, info, nlflags);
4449 goto cleanup;
4450
4451 add_errout:
4452 /* send notification for routes that were added so that
4453 * the delete notifications sent by ip6_route_del are
4454 * coherent
4455 */
4456 if (rt_notif)
4457 ip6_route_mpath_notify(rt_notif, rt_last, info, nlflags);
4458
4459 /* Delete routes that were already added */
4460 list_for_each_entry(nh, &rt6_nh_list, next) {
4461 if (err_nh == nh)
4462 break;
4463 ip6_route_del(&nh->r_cfg, extack);
4464 }
4465
4466 cleanup:
4467 list_for_each_entry_safe(nh, nh_safe, &rt6_nh_list, next) {
4468 if (nh->fib6_info)
4469 fib6_info_release(nh->fib6_info);
4470 list_del(&nh->next);
4471 kfree(nh);
4472 }
4473
4474 return err;
4475 }
4476
4477 static int ip6_route_multipath_del(struct fib6_config *cfg,
4478 struct netlink_ext_ack *extack)
4479 {
4480 struct fib6_config r_cfg;
4481 struct rtnexthop *rtnh;
4482 int remaining;
4483 int attrlen;
4484 int err = 1, last_err = 0;
4485
4486 remaining = cfg->fc_mp_len;
4487 rtnh = (struct rtnexthop *)cfg->fc_mp;
4488
4489 /* Parse a Multipath Entry */
4490 while (rtnh_ok(rtnh, remaining)) {
4491 memcpy(&r_cfg, cfg, sizeof(*cfg));
4492 if (rtnh->rtnh_ifindex)
4493 r_cfg.fc_ifindex = rtnh->rtnh_ifindex;
4494
4495 attrlen = rtnh_attrlen(rtnh);
4496 if (attrlen > 0) {
4497 struct nlattr *nla, *attrs = rtnh_attrs(rtnh);
4498
4499 nla = nla_find(attrs, attrlen, RTA_GATEWAY);
4500 if (nla) {
4501 nla_memcpy(&r_cfg.fc_gateway, nla, 16);
4502 r_cfg.fc_flags |= RTF_GATEWAY;
4503 }
4504 }
4505 err = ip6_route_del(&r_cfg, extack);
4506 if (err)
4507 last_err = err;
4508
4509 rtnh = rtnh_next(rtnh, &remaining);
4510 }
4511
4512 return last_err;
4513 }
4514
4515 static int inet6_rtm_delroute(struct sk_buff *skb, struct nlmsghdr *nlh,
4516 struct netlink_ext_ack *extack)
4517 {
4518 struct fib6_config cfg;
4519 int err;
4520
4521 err = rtm_to_fib6_config(skb, nlh, &cfg, extack);
4522 if (err < 0)
4523 return err;
4524
4525 if (cfg.fc_mp)
4526 return ip6_route_multipath_del(&cfg, extack);
4527 else {
4528 cfg.fc_delete_all_nh = 1;
4529 return ip6_route_del(&cfg, extack);
4530 }
4531 }
4532
4533 static int inet6_rtm_newroute(struct sk_buff *skb, struct nlmsghdr *nlh,
4534 struct netlink_ext_ack *extack)
4535 {
4536 struct fib6_config cfg;
4537 int err;
4538
4539 err = rtm_to_fib6_config(skb, nlh, &cfg, extack);
4540 if (err < 0)
4541 return err;
4542
4543 if (cfg.fc_mp)
4544 return ip6_route_multipath_add(&cfg, extack);
4545 else
4546 return ip6_route_add(&cfg, GFP_KERNEL, extack);
4547 }
4548
4549 static size_t rt6_nlmsg_size(struct fib6_info *rt)
4550 {
4551 int nexthop_len = 0;
4552
4553 if (rt->fib6_nsiblings) {
4554 nexthop_len = nla_total_size(0) /* RTA_MULTIPATH */
4555 + NLA_ALIGN(sizeof(struct rtnexthop))
4556 + nla_total_size(16) /* RTA_GATEWAY */
4557 + lwtunnel_get_encap_size(rt->fib6_nh.nh_lwtstate);
4558
4559 nexthop_len *= rt->fib6_nsiblings;
4560 }
4561
4562 return NLMSG_ALIGN(sizeof(struct rtmsg))
4563 + nla_total_size(16) /* RTA_SRC */
4564 + nla_total_size(16) /* RTA_DST */
4565 + nla_total_size(16) /* RTA_GATEWAY */
4566 + nla_total_size(16) /* RTA_PREFSRC */
4567 + nla_total_size(4) /* RTA_TABLE */
4568 + nla_total_size(4) /* RTA_IIF */
4569 + nla_total_size(4) /* RTA_OIF */
4570 + nla_total_size(4) /* RTA_PRIORITY */
4571 + RTAX_MAX * nla_total_size(4) /* RTA_METRICS */
4572 + nla_total_size(sizeof(struct rta_cacheinfo))
4573 + nla_total_size(TCP_CA_NAME_MAX) /* RTAX_CC_ALGO */
4574 + nla_total_size(1) /* RTA_PREF */
4575 + lwtunnel_get_encap_size(rt->fib6_nh.nh_lwtstate)
4576 + nexthop_len;
4577 }
4578
4579 static int rt6_nexthop_info(struct sk_buff *skb, struct fib6_info *rt,
4580 unsigned int *flags, bool skip_oif)
4581 {
4582 if (rt->fib6_nh.nh_flags & RTNH_F_DEAD)
4583 *flags |= RTNH_F_DEAD;
4584
4585 if (rt->fib6_nh.nh_flags & RTNH_F_LINKDOWN) {
4586 *flags |= RTNH_F_LINKDOWN;
4587
4588 rcu_read_lock();
4589 if (fib6_ignore_linkdown(rt))
4590 *flags |= RTNH_F_DEAD;
4591 rcu_read_unlock();
4592 }
4593
4594 if (rt->fib6_flags & RTF_GATEWAY) {
4595 if (nla_put_in6_addr(skb, RTA_GATEWAY, &rt->fib6_nh.nh_gw) < 0)
4596 goto nla_put_failure;
4597 }
4598
4599 *flags |= (rt->fib6_nh.nh_flags & RTNH_F_ONLINK);
4600 if (rt->fib6_nh.nh_flags & RTNH_F_OFFLOAD)
4601 *flags |= RTNH_F_OFFLOAD;
4602
4603 /* not needed for multipath encoding b/c it has a rtnexthop struct */
4604 if (!skip_oif && rt->fib6_nh.nh_dev &&
4605 nla_put_u32(skb, RTA_OIF, rt->fib6_nh.nh_dev->ifindex))
4606 goto nla_put_failure;
4607
4608 if (rt->fib6_nh.nh_lwtstate &&
4609 lwtunnel_fill_encap(skb, rt->fib6_nh.nh_lwtstate) < 0)
4610 goto nla_put_failure;
4611
4612 return 0;
4613
4614 nla_put_failure:
4615 return -EMSGSIZE;
4616 }
4617
4618 /* add multipath next hop */
4619 static int rt6_add_nexthop(struct sk_buff *skb, struct fib6_info *rt)
4620 {
4621 const struct net_device *dev = rt->fib6_nh.nh_dev;
4622 struct rtnexthop *rtnh;
4623 unsigned int flags = 0;
4624
4625 rtnh = nla_reserve_nohdr(skb, sizeof(*rtnh));
4626 if (!rtnh)
4627 goto nla_put_failure;
4628
4629 rtnh->rtnh_hops = rt->fib6_nh.nh_weight - 1;
4630 rtnh->rtnh_ifindex = dev ? dev->ifindex : 0;
4631
4632 if (rt6_nexthop_info(skb, rt, &flags, true) < 0)
4633 goto nla_put_failure;
4634
4635 rtnh->rtnh_flags = flags;
4636
4637 /* length of rtnetlink header + attributes */
4638 rtnh->rtnh_len = nlmsg_get_pos(skb) - (void *)rtnh;
4639
4640 return 0;
4641
4642 nla_put_failure:
4643 return -EMSGSIZE;
4644 }
4645
4646 static int rt6_fill_node(struct net *net, struct sk_buff *skb,
4647 struct fib6_info *rt, struct dst_entry *dst,
4648 struct in6_addr *dest, struct in6_addr *src,
4649 int iif, int type, u32 portid, u32 seq,
4650 unsigned int flags)
4651 {
4652 struct rt6_info *rt6 = (struct rt6_info *)dst;
4653 struct rt6key *rt6_dst, *rt6_src;
4654 u32 *pmetrics, table, rt6_flags;
4655 struct nlmsghdr *nlh;
4656 struct rtmsg *rtm;
4657 long expires = 0;
4658
4659 nlh = nlmsg_put(skb, portid, seq, type, sizeof(*rtm), flags);
4660 if (!nlh)
4661 return -EMSGSIZE;
4662
4663 if (rt6) {
4664 rt6_dst = &rt6->rt6i_dst;
4665 rt6_src = &rt6->rt6i_src;
4666 rt6_flags = rt6->rt6i_flags;
4667 } else {
4668 rt6_dst = &rt->fib6_dst;
4669 rt6_src = &rt->fib6_src;
4670 rt6_flags = rt->fib6_flags;
4671 }
4672
4673 rtm = nlmsg_data(nlh);
4674 rtm->rtm_family = AF_INET6;
4675 rtm->rtm_dst_len = rt6_dst->plen;
4676 rtm->rtm_src_len = rt6_src->plen;
4677 rtm->rtm_tos = 0;
4678 if (rt->fib6_table)
4679 table = rt->fib6_table->tb6_id;
4680 else
4681 table = RT6_TABLE_UNSPEC;
4682 rtm->rtm_table = table < 256 ? table : RT_TABLE_COMPAT;
4683 if (nla_put_u32(skb, RTA_TABLE, table))
4684 goto nla_put_failure;
4685
4686 rtm->rtm_type = rt->fib6_type;
4687 rtm->rtm_flags = 0;
4688 rtm->rtm_scope = RT_SCOPE_UNIVERSE;
4689 rtm->rtm_protocol = rt->fib6_protocol;
4690
4691 if (rt6_flags & RTF_CACHE)
4692 rtm->rtm_flags |= RTM_F_CLONED;
4693
4694 if (dest) {
4695 if (nla_put_in6_addr(skb, RTA_DST, dest))
4696 goto nla_put_failure;
4697 rtm->rtm_dst_len = 128;
4698 } else if (rtm->rtm_dst_len)
4699 if (nla_put_in6_addr(skb, RTA_DST, &rt6_dst->addr))
4700 goto nla_put_failure;
4701 #ifdef CONFIG_IPV6_SUBTREES
4702 if (src) {
4703 if (nla_put_in6_addr(skb, RTA_SRC, src))
4704 goto nla_put_failure;
4705 rtm->rtm_src_len = 128;
4706 } else if (rtm->rtm_src_len &&
4707 nla_put_in6_addr(skb, RTA_SRC, &rt6_src->addr))
4708 goto nla_put_failure;
4709 #endif
4710 if (iif) {
4711 #ifdef CONFIG_IPV6_MROUTE
4712 if (ipv6_addr_is_multicast(&rt6_dst->addr)) {
4713 int err = ip6mr_get_route(net, skb, rtm, portid);
4714
4715 if (err == 0)
4716 return 0;
4717 if (err < 0)
4718 goto nla_put_failure;
4719 } else
4720 #endif
4721 if (nla_put_u32(skb, RTA_IIF, iif))
4722 goto nla_put_failure;
4723 } else if (dest) {
4724 struct in6_addr saddr_buf;
4725 if (ip6_route_get_saddr(net, rt, dest, 0, &saddr_buf) == 0 &&
4726 nla_put_in6_addr(skb, RTA_PREFSRC, &saddr_buf))
4727 goto nla_put_failure;
4728 }
4729
4730 if (rt->fib6_prefsrc.plen) {
4731 struct in6_addr saddr_buf;
4732 saddr_buf = rt->fib6_prefsrc.addr;
4733 if (nla_put_in6_addr(skb, RTA_PREFSRC, &saddr_buf))
4734 goto nla_put_failure;
4735 }
4736
4737 pmetrics = dst ? dst_metrics_ptr(dst) : rt->fib6_metrics->metrics;
4738 if (rtnetlink_put_metrics(skb, pmetrics) < 0)
4739 goto nla_put_failure;
4740
4741 if (nla_put_u32(skb, RTA_PRIORITY, rt->fib6_metric))
4742 goto nla_put_failure;
4743
4744 /* For multipath routes, walk the siblings list and add
4745 * each as a nexthop within RTA_MULTIPATH.
4746 */
4747 if (rt6) {
4748 if (rt6_flags & RTF_GATEWAY &&
4749 nla_put_in6_addr(skb, RTA_GATEWAY, &rt6->rt6i_gateway))
4750 goto nla_put_failure;
4751
4752 if (dst->dev && nla_put_u32(skb, RTA_OIF, dst->dev->ifindex))
4753 goto nla_put_failure;
4754 } else if (rt->fib6_nsiblings) {
4755 struct fib6_info *sibling, *next_sibling;
4756 struct nlattr *mp;
4757
4758 mp = nla_nest_start(skb, RTA_MULTIPATH);
4759 if (!mp)
4760 goto nla_put_failure;
4761
4762 if (rt6_add_nexthop(skb, rt) < 0)
4763 goto nla_put_failure;
4764
4765 list_for_each_entry_safe(sibling, next_sibling,
4766 &rt->fib6_siblings, fib6_siblings) {
4767 if (rt6_add_nexthop(skb, sibling) < 0)
4768 goto nla_put_failure;
4769 }
4770
4771 nla_nest_end(skb, mp);
4772 } else {
4773 if (rt6_nexthop_info(skb, rt, &rtm->rtm_flags, false) < 0)
4774 goto nla_put_failure;
4775 }
4776
4777 if (rt6_flags & RTF_EXPIRES) {
4778 expires = dst ? dst->expires : rt->expires;
4779 expires -= jiffies;
4780 }
4781
4782 if (rtnl_put_cacheinfo(skb, dst, 0, expires, dst ? dst->error : 0) < 0)
4783 goto nla_put_failure;
4784
4785 if (nla_put_u8(skb, RTA_PREF, IPV6_EXTRACT_PREF(rt6_flags)))
4786 goto nla_put_failure;
4787
4788
4789 nlmsg_end(skb, nlh);
4790 return 0;
4791
4792 nla_put_failure:
4793 nlmsg_cancel(skb, nlh);
4794 return -EMSGSIZE;
4795 }
4796
4797 static bool fib6_info_uses_dev(const struct fib6_info *f6i,
4798 const struct net_device *dev)
4799 {
4800 if (f6i->fib6_nh.nh_dev == dev)
4801 return true;
4802
4803 if (f6i->fib6_nsiblings) {
4804 struct fib6_info *sibling, *next_sibling;
4805
4806 list_for_each_entry_safe(sibling, next_sibling,
4807 &f6i->fib6_siblings, fib6_siblings) {
4808 if (sibling->fib6_nh.nh_dev == dev)
4809 return true;
4810 }
4811 }
4812
4813 return false;
4814 }
4815
4816 int rt6_dump_route(struct fib6_info *rt, void *p_arg)
4817 {
4818 struct rt6_rtnl_dump_arg *arg = (struct rt6_rtnl_dump_arg *) p_arg;
4819 struct fib_dump_filter *filter = &arg->filter;
4820 unsigned int flags = NLM_F_MULTI;
4821 struct net *net = arg->net;
4822
4823 if (rt == net->ipv6.fib6_null_entry)
4824 return 0;
4825
4826 if ((filter->flags & RTM_F_PREFIX) &&
4827 !(rt->fib6_flags & RTF_PREFIX_RT)) {
4828 /* success since this is not a prefix route */
4829 return 1;
4830 }
4831 if (filter->filter_set) {
4832 if ((filter->rt_type && rt->fib6_type != filter->rt_type) ||
4833 (filter->dev && !fib6_info_uses_dev(rt, filter->dev)) ||
4834 (filter->protocol && rt->fib6_protocol != filter->protocol)) {
4835 return 1;
4836 }
4837 flags |= NLM_F_DUMP_FILTERED;
4838 }
4839
4840 return rt6_fill_node(net, arg->skb, rt, NULL, NULL, NULL, 0,
4841 RTM_NEWROUTE, NETLINK_CB(arg->cb->skb).portid,
4842 arg->cb->nlh->nlmsg_seq, flags);
4843 }
4844
4845 static int inet6_rtm_valid_getroute_req(struct sk_buff *skb,
4846 const struct nlmsghdr *nlh,
4847 struct nlattr **tb,
4848 struct netlink_ext_ack *extack)
4849 {
4850 struct rtmsg *rtm;
4851 int i, err;
4852
4853 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*rtm))) {
4854 NL_SET_ERR_MSG_MOD(extack,
4855 "Invalid header for get route request");
4856 return -EINVAL;
4857 }
4858
4859 if (!netlink_strict_get_check(skb))
4860 return nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX,
4861 rtm_ipv6_policy, extack);
4862
4863 rtm = nlmsg_data(nlh);
4864 if ((rtm->rtm_src_len && rtm->rtm_src_len != 128) ||
4865 (rtm->rtm_dst_len && rtm->rtm_dst_len != 128) ||
4866 rtm->rtm_table || rtm->rtm_protocol || rtm->rtm_scope ||
4867 rtm->rtm_type) {
4868 NL_SET_ERR_MSG_MOD(extack, "Invalid values in header for get route request");
4869 return -EINVAL;
4870 }
4871 if (rtm->rtm_flags & ~RTM_F_FIB_MATCH) {
4872 NL_SET_ERR_MSG_MOD(extack,
4873 "Invalid flags for get route request");
4874 return -EINVAL;
4875 }
4876
4877 err = nlmsg_parse_strict(nlh, sizeof(*rtm), tb, RTA_MAX,
4878 rtm_ipv6_policy, extack);
4879 if (err)
4880 return err;
4881
4882 if ((tb[RTA_SRC] && !rtm->rtm_src_len) ||
4883 (tb[RTA_DST] && !rtm->rtm_dst_len)) {
4884 NL_SET_ERR_MSG_MOD(extack, "rtm_src_len and rtm_dst_len must be 128 for IPv6");
4885 return -EINVAL;
4886 }
4887
4888 for (i = 0; i <= RTA_MAX; i++) {
4889 if (!tb[i])
4890 continue;
4891
4892 switch (i) {
4893 case RTA_SRC:
4894 case RTA_DST:
4895 case RTA_IIF:
4896 case RTA_OIF:
4897 case RTA_MARK:
4898 case RTA_UID:
4899 case RTA_SPORT:
4900 case RTA_DPORT:
4901 case RTA_IP_PROTO:
4902 break;
4903 default:
4904 NL_SET_ERR_MSG_MOD(extack, "Unsupported attribute in get route request");
4905 return -EINVAL;
4906 }
4907 }
4908
4909 return 0;
4910 }
4911
4912 static int inet6_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr *nlh,
4913 struct netlink_ext_ack *extack)
4914 {
4915 struct net *net = sock_net(in_skb->sk);
4916 struct nlattr *tb[RTA_MAX+1];
4917 int err, iif = 0, oif = 0;
4918 struct fib6_info *from;
4919 struct dst_entry *dst;
4920 struct rt6_info *rt;
4921 struct sk_buff *skb;
4922 struct rtmsg *rtm;
4923 struct flowi6 fl6 = {};
4924 bool fibmatch;
4925
4926 err = inet6_rtm_valid_getroute_req(in_skb, nlh, tb, extack);
4927 if (err < 0)
4928 goto errout;
4929
4930 err = -EINVAL;
4931 rtm = nlmsg_data(nlh);
4932 fl6.flowlabel = ip6_make_flowinfo(rtm->rtm_tos, 0);
4933 fibmatch = !!(rtm->rtm_flags & RTM_F_FIB_MATCH);
4934
4935 if (tb[RTA_SRC]) {
4936 if (nla_len(tb[RTA_SRC]) < sizeof(struct in6_addr))
4937 goto errout;
4938
4939 fl6.saddr = *(struct in6_addr *)nla_data(tb[RTA_SRC]);
4940 }
4941
4942 if (tb[RTA_DST]) {
4943 if (nla_len(tb[RTA_DST]) < sizeof(struct in6_addr))
4944 goto errout;
4945
4946 fl6.daddr = *(struct in6_addr *)nla_data(tb[RTA_DST]);
4947 }
4948
4949 if (tb[RTA_IIF])
4950 iif = nla_get_u32(tb[RTA_IIF]);
4951
4952 if (tb[RTA_OIF])
4953 oif = nla_get_u32(tb[RTA_OIF]);
4954
4955 if (tb[RTA_MARK])
4956 fl6.flowi6_mark = nla_get_u32(tb[RTA_MARK]);
4957
4958 if (tb[RTA_UID])
4959 fl6.flowi6_uid = make_kuid(current_user_ns(),
4960 nla_get_u32(tb[RTA_UID]));
4961 else
4962 fl6.flowi6_uid = iif ? INVALID_UID : current_uid();
4963
4964 if (tb[RTA_SPORT])
4965 fl6.fl6_sport = nla_get_be16(tb[RTA_SPORT]);
4966
4967 if (tb[RTA_DPORT])
4968 fl6.fl6_dport = nla_get_be16(tb[RTA_DPORT]);
4969
4970 if (tb[RTA_IP_PROTO]) {
4971 err = rtm_getroute_parse_ip_proto(tb[RTA_IP_PROTO],
4972 &fl6.flowi6_proto, AF_INET6,
4973 extack);
4974 if (err)
4975 goto errout;
4976 }
4977
4978 if (iif) {
4979 struct net_device *dev;
4980 int flags = 0;
4981
4982 rcu_read_lock();
4983
4984 dev = dev_get_by_index_rcu(net, iif);
4985 if (!dev) {
4986 rcu_read_unlock();
4987 err = -ENODEV;
4988 goto errout;
4989 }
4990
4991 fl6.flowi6_iif = iif;
4992
4993 if (!ipv6_addr_any(&fl6.saddr))
4994 flags |= RT6_LOOKUP_F_HAS_SADDR;
4995
4996 dst = ip6_route_input_lookup(net, dev, &fl6, NULL, flags);
4997
4998 rcu_read_unlock();
4999 } else {
5000 fl6.flowi6_oif = oif;
5001
5002 dst = ip6_route_output(net, NULL, &fl6);
5003 }
5004
5005
5006 rt = container_of(dst, struct rt6_info, dst);
5007 if (rt->dst.error) {
5008 err = rt->dst.error;
5009 ip6_rt_put(rt);
5010 goto errout;
5011 }
5012
5013 if (rt == net->ipv6.ip6_null_entry) {
5014 err = rt->dst.error;
5015 ip6_rt_put(rt);
5016 goto errout;
5017 }
5018
5019 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL);
5020 if (!skb) {
5021 ip6_rt_put(rt);
5022 err = -ENOBUFS;
5023 goto errout;
5024 }
5025
5026 skb_dst_set(skb, &rt->dst);
5027
5028 rcu_read_lock();
5029 from = rcu_dereference(rt->from);
5030 if (from) {
5031 if (fibmatch)
5032 err = rt6_fill_node(net, skb, from, NULL, NULL, NULL,
5033 iif, RTM_NEWROUTE,
5034 NETLINK_CB(in_skb).portid,
5035 nlh->nlmsg_seq, 0);
5036 else
5037 err = rt6_fill_node(net, skb, from, dst, &fl6.daddr,
5038 &fl6.saddr, iif, RTM_NEWROUTE,
5039 NETLINK_CB(in_skb).portid,
5040 nlh->nlmsg_seq, 0);
5041 } else {
5042 err = -ENETUNREACH;
5043 }
5044 rcu_read_unlock();
5045
5046 if (err < 0) {
5047 kfree_skb(skb);
5048 goto errout;
5049 }
5050
5051 err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).portid);
5052 errout:
5053 return err;
5054 }
5055
5056 void inet6_rt_notify(int event, struct fib6_info *rt, struct nl_info *info,
5057 unsigned int nlm_flags)
5058 {
5059 struct sk_buff *skb;
5060 struct net *net = info->nl_net;
5061 u32 seq;
5062 int err;
5063
5064 err = -ENOBUFS;
5065 seq = info->nlh ? info->nlh->nlmsg_seq : 0;
5066
5067 skb = nlmsg_new(rt6_nlmsg_size(rt), gfp_any());
5068 if (!skb)
5069 goto errout;
5070
5071 err = rt6_fill_node(net, skb, rt, NULL, NULL, NULL, 0,
5072 event, info->portid, seq, nlm_flags);
5073 if (err < 0) {
5074 /* -EMSGSIZE implies BUG in rt6_nlmsg_size() */
5075 WARN_ON(err == -EMSGSIZE);
5076 kfree_skb(skb);
5077 goto errout;
5078 }
5079 rtnl_notify(skb, net, info->portid, RTNLGRP_IPV6_ROUTE,
5080 info->nlh, gfp_any());
5081 return;
5082 errout:
5083 if (err < 0)
5084 rtnl_set_sk_err(net, RTNLGRP_IPV6_ROUTE, err);
5085 }
5086
5087 static int ip6_route_dev_notify(struct notifier_block *this,
5088 unsigned long event, void *ptr)
5089 {
5090 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
5091 struct net *net = dev_net(dev);
5092
5093 if (!(dev->flags & IFF_LOOPBACK))
5094 return NOTIFY_OK;
5095
5096 if (event == NETDEV_REGISTER) {
5097 net->ipv6.fib6_null_entry->fib6_nh.nh_dev = dev;
5098 net->ipv6.ip6_null_entry->dst.dev = dev;
5099 net->ipv6.ip6_null_entry->rt6i_idev = in6_dev_get(dev);
5100 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
5101 net->ipv6.ip6_prohibit_entry->dst.dev = dev;
5102 net->ipv6.ip6_prohibit_entry->rt6i_idev = in6_dev_get(dev);
5103 net->ipv6.ip6_blk_hole_entry->dst.dev = dev;
5104 net->ipv6.ip6_blk_hole_entry->rt6i_idev = in6_dev_get(dev);
5105 #endif
5106 } else if (event == NETDEV_UNREGISTER &&
5107 dev->reg_state != NETREG_UNREGISTERED) {
5108 /* NETDEV_UNREGISTER could be fired for multiple times by
5109 * netdev_wait_allrefs(). Make sure we only call this once.
5110 */
5111 in6_dev_put_clear(&net->ipv6.ip6_null_entry->rt6i_idev);
5112 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
5113 in6_dev_put_clear(&net->ipv6.ip6_prohibit_entry->rt6i_idev);
5114 in6_dev_put_clear(&net->ipv6.ip6_blk_hole_entry->rt6i_idev);
5115 #endif
5116 }
5117
5118 return NOTIFY_OK;
5119 }
5120
5121 /*
5122 * /proc
5123 */
5124
5125 #ifdef CONFIG_PROC_FS
5126 static int rt6_stats_seq_show(struct seq_file *seq, void *v)
5127 {
5128 struct net *net = (struct net *)seq->private;
5129 seq_printf(seq, "%04x %04x %04x %04x %04x %04x %04x\n",
5130 net->ipv6.rt6_stats->fib_nodes,
5131 net->ipv6.rt6_stats->fib_route_nodes,
5132 atomic_read(&net->ipv6.rt6_stats->fib_rt_alloc),
5133 net->ipv6.rt6_stats->fib_rt_entries,
5134 net->ipv6.rt6_stats->fib_rt_cache,
5135 dst_entries_get_slow(&net->ipv6.ip6_dst_ops),
5136 net->ipv6.rt6_stats->fib_discarded_routes);
5137
5138 return 0;
5139 }
5140 #endif /* CONFIG_PROC_FS */
5141
5142 #ifdef CONFIG_SYSCTL
5143
5144 static
5145 int ipv6_sysctl_rtcache_flush(struct ctl_table *ctl, int write,
5146 void __user *buffer, size_t *lenp, loff_t *ppos)
5147 {
5148 struct net *net;
5149 int delay;
5150 int ret;
5151 if (!write)
5152 return -EINVAL;
5153
5154 net = (struct net *)ctl->extra1;
5155 delay = net->ipv6.sysctl.flush_delay;
5156 ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
5157 if (ret)
5158 return ret;
5159
5160 fib6_run_gc(delay <= 0 ? 0 : (unsigned long)delay, net, delay > 0);
5161 return 0;
5162 }
5163
5164 static int zero;
5165 static int one = 1;
5166
5167 static struct ctl_table ipv6_route_table_template[] = {
5168 {
5169 .procname = "flush",
5170 .data = &init_net.ipv6.sysctl.flush_delay,
5171 .maxlen = sizeof(int),
5172 .mode = 0200,
5173 .proc_handler = ipv6_sysctl_rtcache_flush
5174 },
5175 {
5176 .procname = "gc_thresh",
5177 .data = &ip6_dst_ops_template.gc_thresh,
5178 .maxlen = sizeof(int),
5179 .mode = 0644,
5180 .proc_handler = proc_dointvec,
5181 },
5182 {
5183 .procname = "max_size",
5184 .data = &init_net.ipv6.sysctl.ip6_rt_max_size,
5185 .maxlen = sizeof(int),
5186 .mode = 0644,
5187 .proc_handler = proc_dointvec,
5188 },
5189 {
5190 .procname = "gc_min_interval",
5191 .data = &init_net.ipv6.sysctl.ip6_rt_gc_min_interval,
5192 .maxlen = sizeof(int),
5193 .mode = 0644,
5194 .proc_handler = proc_dointvec_jiffies,
5195 },
5196 {
5197 .procname = "gc_timeout",
5198 .data = &init_net.ipv6.sysctl.ip6_rt_gc_timeout,
5199 .maxlen = sizeof(int),
5200 .mode = 0644,
5201 .proc_handler = proc_dointvec_jiffies,
5202 },
5203 {
5204 .procname = "gc_interval",
5205 .data = &init_net.ipv6.sysctl.ip6_rt_gc_interval,
5206 .maxlen = sizeof(int),
5207 .mode = 0644,
5208 .proc_handler = proc_dointvec_jiffies,
5209 },
5210 {
5211 .procname = "gc_elasticity",
5212 .data = &init_net.ipv6.sysctl.ip6_rt_gc_elasticity,
5213 .maxlen = sizeof(int),
5214 .mode = 0644,
5215 .proc_handler = proc_dointvec,
5216 },
5217 {
5218 .procname = "mtu_expires",
5219 .data = &init_net.ipv6.sysctl.ip6_rt_mtu_expires,
5220 .maxlen = sizeof(int),
5221 .mode = 0644,
5222 .proc_handler = proc_dointvec_jiffies,
5223 },
5224 {
5225 .procname = "min_adv_mss",
5226 .data = &init_net.ipv6.sysctl.ip6_rt_min_advmss,
5227 .maxlen = sizeof(int),
5228 .mode = 0644,
5229 .proc_handler = proc_dointvec,
5230 },
5231 {
5232 .procname = "gc_min_interval_ms",
5233 .data = &init_net.ipv6.sysctl.ip6_rt_gc_min_interval,
5234 .maxlen = sizeof(int),
5235 .mode = 0644,
5236 .proc_handler = proc_dointvec_ms_jiffies,
5237 },
5238 {
5239 .procname = "skip_notify_on_dev_down",
5240 .data = &init_net.ipv6.sysctl.skip_notify_on_dev_down,
5241 .maxlen = sizeof(int),
5242 .mode = 0644,
5243 .proc_handler = proc_dointvec,
5244 .extra1 = &zero,
5245 .extra2 = &one,
5246 },
5247 { }
5248 };
5249
5250 struct ctl_table * __net_init ipv6_route_sysctl_init(struct net *net)
5251 {
5252 struct ctl_table *table;
5253
5254 table = kmemdup(ipv6_route_table_template,
5255 sizeof(ipv6_route_table_template),
5256 GFP_KERNEL);
5257
5258 if (table) {
5259 table[0].data = &net->ipv6.sysctl.flush_delay;
5260 table[0].extra1 = net;
5261 table[1].data = &net->ipv6.ip6_dst_ops.gc_thresh;
5262 table[2].data = &net->ipv6.sysctl.ip6_rt_max_size;
5263 table[3].data = &net->ipv6.sysctl.ip6_rt_gc_min_interval;
5264 table[4].data = &net->ipv6.sysctl.ip6_rt_gc_timeout;
5265 table[5].data = &net->ipv6.sysctl.ip6_rt_gc_interval;
5266 table[6].data = &net->ipv6.sysctl.ip6_rt_gc_elasticity;
5267 table[7].data = &net->ipv6.sysctl.ip6_rt_mtu_expires;
5268 table[8].data = &net->ipv6.sysctl.ip6_rt_min_advmss;
5269 table[9].data = &net->ipv6.sysctl.ip6_rt_gc_min_interval;
5270 table[10].data = &net->ipv6.sysctl.skip_notify_on_dev_down;
5271
5272 /* Don't export sysctls to unprivileged users */
5273 if (net->user_ns != &init_user_ns)
5274 table[0].procname = NULL;
5275 }
5276
5277 return table;
5278 }
5279 #endif
5280
5281 static int __net_init ip6_route_net_init(struct net *net)
5282 {
5283 int ret = -ENOMEM;
5284
5285 memcpy(&net->ipv6.ip6_dst_ops, &ip6_dst_ops_template,
5286 sizeof(net->ipv6.ip6_dst_ops));
5287
5288 if (dst_entries_init(&net->ipv6.ip6_dst_ops) < 0)
5289 goto out_ip6_dst_ops;
5290
5291 net->ipv6.fib6_null_entry = kmemdup(&fib6_null_entry_template,
5292 sizeof(*net->ipv6.fib6_null_entry),
5293 GFP_KERNEL);
5294 if (!net->ipv6.fib6_null_entry)
5295 goto out_ip6_dst_entries;
5296
5297 net->ipv6.ip6_null_entry = kmemdup(&ip6_null_entry_template,
5298 sizeof(*net->ipv6.ip6_null_entry),
5299 GFP_KERNEL);
5300 if (!net->ipv6.ip6_null_entry)
5301 goto out_fib6_null_entry;
5302 net->ipv6.ip6_null_entry->dst.ops = &net->ipv6.ip6_dst_ops;
5303 dst_init_metrics(&net->ipv6.ip6_null_entry->dst,
5304 ip6_template_metrics, true);
5305
5306 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
5307 net->ipv6.fib6_has_custom_rules = false;
5308 net->ipv6.ip6_prohibit_entry = kmemdup(&ip6_prohibit_entry_template,
5309 sizeof(*net->ipv6.ip6_prohibit_entry),
5310 GFP_KERNEL);
5311 if (!net->ipv6.ip6_prohibit_entry)
5312 goto out_ip6_null_entry;
5313 net->ipv6.ip6_prohibit_entry->dst.ops = &net->ipv6.ip6_dst_ops;
5314 dst_init_metrics(&net->ipv6.ip6_prohibit_entry->dst,
5315 ip6_template_metrics, true);
5316
5317 net->ipv6.ip6_blk_hole_entry = kmemdup(&ip6_blk_hole_entry_template,
5318 sizeof(*net->ipv6.ip6_blk_hole_entry),
5319 GFP_KERNEL);
5320 if (!net->ipv6.ip6_blk_hole_entry)
5321 goto out_ip6_prohibit_entry;
5322 net->ipv6.ip6_blk_hole_entry->dst.ops = &net->ipv6.ip6_dst_ops;
5323 dst_init_metrics(&net->ipv6.ip6_blk_hole_entry->dst,
5324 ip6_template_metrics, true);
5325 #endif
5326
5327 net->ipv6.sysctl.flush_delay = 0;
5328 net->ipv6.sysctl.ip6_rt_max_size = 4096;
5329 net->ipv6.sysctl.ip6_rt_gc_min_interval = HZ / 2;
5330 net->ipv6.sysctl.ip6_rt_gc_timeout = 60*HZ;
5331 net->ipv6.sysctl.ip6_rt_gc_interval = 30*HZ;
5332 net->ipv6.sysctl.ip6_rt_gc_elasticity = 9;
5333 net->ipv6.sysctl.ip6_rt_mtu_expires = 10*60*HZ;
5334 net->ipv6.sysctl.ip6_rt_min_advmss = IPV6_MIN_MTU - 20 - 40;
5335 net->ipv6.sysctl.skip_notify_on_dev_down = 0;
5336
5337 net->ipv6.ip6_rt_gc_expire = 30*HZ;
5338
5339 ret = 0;
5340 out:
5341 return ret;
5342
5343 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
5344 out_ip6_prohibit_entry:
5345 kfree(net->ipv6.ip6_prohibit_entry);
5346 out_ip6_null_entry:
5347 kfree(net->ipv6.ip6_null_entry);
5348 #endif
5349 out_fib6_null_entry:
5350 kfree(net->ipv6.fib6_null_entry);
5351 out_ip6_dst_entries:
5352 dst_entries_destroy(&net->ipv6.ip6_dst_ops);
5353 out_ip6_dst_ops:
5354 goto out;
5355 }
5356
5357 static void __net_exit ip6_route_net_exit(struct net *net)
5358 {
5359 kfree(net->ipv6.fib6_null_entry);
5360 kfree(net->ipv6.ip6_null_entry);
5361 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
5362 kfree(net->ipv6.ip6_prohibit_entry);
5363 kfree(net->ipv6.ip6_blk_hole_entry);
5364 #endif
5365 dst_entries_destroy(&net->ipv6.ip6_dst_ops);
5366 }
5367
5368 static int __net_init ip6_route_net_init_late(struct net *net)
5369 {
5370 #ifdef CONFIG_PROC_FS
5371 proc_create_net("ipv6_route", 0, net->proc_net, &ipv6_route_seq_ops,
5372 sizeof(struct ipv6_route_iter));
5373 proc_create_net_single("rt6_stats", 0444, net->proc_net,
5374 rt6_stats_seq_show, NULL);
5375 #endif
5376 return 0;
5377 }
5378
5379 static void __net_exit ip6_route_net_exit_late(struct net *net)
5380 {
5381 #ifdef CONFIG_PROC_FS
5382 remove_proc_entry("ipv6_route", net->proc_net);
5383 remove_proc_entry("rt6_stats", net->proc_net);
5384 #endif
5385 }
5386
5387 static struct pernet_operations ip6_route_net_ops = {
5388 .init = ip6_route_net_init,
5389 .exit = ip6_route_net_exit,
5390 };
5391
5392 static int __net_init ipv6_inetpeer_init(struct net *net)
5393 {
5394 struct inet_peer_base *bp = kmalloc(sizeof(*bp), GFP_KERNEL);
5395
5396 if (!bp)
5397 return -ENOMEM;
5398 inet_peer_base_init(bp);
5399 net->ipv6.peers = bp;
5400 return 0;
5401 }
5402
5403 static void __net_exit ipv6_inetpeer_exit(struct net *net)
5404 {
5405 struct inet_peer_base *bp = net->ipv6.peers;
5406
5407 net->ipv6.peers = NULL;
5408 inetpeer_invalidate_tree(bp);
5409 kfree(bp);
5410 }
5411
5412 static struct pernet_operations ipv6_inetpeer_ops = {
5413 .init = ipv6_inetpeer_init,
5414 .exit = ipv6_inetpeer_exit,
5415 };
5416
5417 static struct pernet_operations ip6_route_net_late_ops = {
5418 .init = ip6_route_net_init_late,
5419 .exit = ip6_route_net_exit_late,
5420 };
5421
5422 static struct notifier_block ip6_route_dev_notifier = {
5423 .notifier_call = ip6_route_dev_notify,
5424 .priority = ADDRCONF_NOTIFY_PRIORITY - 10,
5425 };
5426
5427 void __init ip6_route_init_special_entries(void)
5428 {
5429 /* Registering of the loopback is done before this portion of code,
5430 * the loopback reference in rt6_info will not be taken, do it
5431 * manually for init_net */
5432 init_net.ipv6.fib6_null_entry->fib6_nh.nh_dev = init_net.loopback_dev;
5433 init_net.ipv6.ip6_null_entry->dst.dev = init_net.loopback_dev;
5434 init_net.ipv6.ip6_null_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev);
5435 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
5436 init_net.ipv6.ip6_prohibit_entry->dst.dev = init_net.loopback_dev;
5437 init_net.ipv6.ip6_prohibit_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev);
5438 init_net.ipv6.ip6_blk_hole_entry->dst.dev = init_net.loopback_dev;
5439 init_net.ipv6.ip6_blk_hole_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev);
5440 #endif
5441 }
5442
5443 int __init ip6_route_init(void)
5444 {
5445 int ret;
5446 int cpu;
5447
5448 ret = -ENOMEM;
5449 ip6_dst_ops_template.kmem_cachep =
5450 kmem_cache_create("ip6_dst_cache", sizeof(struct rt6_info), 0,
5451 SLAB_HWCACHE_ALIGN, NULL);
5452 if (!ip6_dst_ops_template.kmem_cachep)
5453 goto out;
5454
5455 ret = dst_entries_init(&ip6_dst_blackhole_ops);
5456 if (ret)
5457 goto out_kmem_cache;
5458
5459 ret = register_pernet_subsys(&ipv6_inetpeer_ops);
5460 if (ret)
5461 goto out_dst_entries;
5462
5463 ret = register_pernet_subsys(&ip6_route_net_ops);
5464 if (ret)
5465 goto out_register_inetpeer;
5466
5467 ip6_dst_blackhole_ops.kmem_cachep = ip6_dst_ops_template.kmem_cachep;
5468
5469 ret = fib6_init();
5470 if (ret)
5471 goto out_register_subsys;
5472
5473 ret = xfrm6_init();
5474 if (ret)
5475 goto out_fib6_init;
5476
5477 ret = fib6_rules_init();
5478 if (ret)
5479 goto xfrm6_init;
5480
5481 ret = register_pernet_subsys(&ip6_route_net_late_ops);
5482 if (ret)
5483 goto fib6_rules_init;
5484
5485 ret = rtnl_register_module(THIS_MODULE, PF_INET6, RTM_NEWROUTE,
5486 inet6_rtm_newroute, NULL, 0);
5487 if (ret < 0)
5488 goto out_register_late_subsys;
5489
5490 ret = rtnl_register_module(THIS_MODULE, PF_INET6, RTM_DELROUTE,
5491 inet6_rtm_delroute, NULL, 0);
5492 if (ret < 0)
5493 goto out_register_late_subsys;
5494
5495 ret = rtnl_register_module(THIS_MODULE, PF_INET6, RTM_GETROUTE,
5496 inet6_rtm_getroute, NULL,
5497 RTNL_FLAG_DOIT_UNLOCKED);
5498 if (ret < 0)
5499 goto out_register_late_subsys;
5500
5501 ret = register_netdevice_notifier(&ip6_route_dev_notifier);
5502 if (ret)
5503 goto out_register_late_subsys;
5504
5505 for_each_possible_cpu(cpu) {
5506 struct uncached_list *ul = per_cpu_ptr(&rt6_uncached_list, cpu);
5507
5508 INIT_LIST_HEAD(&ul->head);
5509 spin_lock_init(&ul->lock);
5510 }
5511
5512 out:
5513 return ret;
5514
5515 out_register_late_subsys:
5516 rtnl_unregister_all(PF_INET6);
5517 unregister_pernet_subsys(&ip6_route_net_late_ops);
5518 fib6_rules_init:
5519 fib6_rules_cleanup();
5520 xfrm6_init:
5521 xfrm6_fini();
5522 out_fib6_init:
5523 fib6_gc_cleanup();
5524 out_register_subsys:
5525 unregister_pernet_subsys(&ip6_route_net_ops);
5526 out_register_inetpeer:
5527 unregister_pernet_subsys(&ipv6_inetpeer_ops);
5528 out_dst_entries:
5529 dst_entries_destroy(&ip6_dst_blackhole_ops);
5530 out_kmem_cache:
5531 kmem_cache_destroy(ip6_dst_ops_template.kmem_cachep);
5532 goto out;
5533 }
5534
5535 void ip6_route_cleanup(void)
5536 {
5537 unregister_netdevice_notifier(&ip6_route_dev_notifier);
5538 unregister_pernet_subsys(&ip6_route_net_late_ops);
5539 fib6_rules_cleanup();
5540 xfrm6_fini();
5541 fib6_gc_cleanup();
5542 unregister_pernet_subsys(&ipv6_inetpeer_ops);
5543 unregister_pernet_subsys(&ip6_route_net_ops);
5544 dst_entries_destroy(&ip6_dst_blackhole_ops);
5545 kmem_cache_destroy(ip6_dst_ops_template.kmem_cachep);
5546 }
Linux with added FPC-III support