thermal: fix Mediatek thermal controller build
[linux/fpc-iii.git] / net / ipv6 / route.c
blobed446639219c3ae8832a19a1f944e4dd6ddc6302
1 /*
2 * Linux INET6 implementation
3 * FIB front-end.
5 * Authors:
6 * Pedro Roque <roque@di.fc.ul.pt>
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public License
10 * as published by the Free Software Foundation; either version
11 * 2 of the License, or (at your option) any later version.
14 /* Changes:
16 * YOSHIFUJI Hideaki @USAGI
17 * reworked default router selection.
18 * - respect outgoing interface
19 * - select from (probably) reachable routers (i.e.
20 * routers in REACHABLE, STALE, DELAY or PROBE states).
21 * - always select the same router if it is (probably)
22 * reachable. otherwise, round-robin the list.
23 * Ville Nuorvala
24 * Fixed routing subtrees.
27 #define pr_fmt(fmt) "IPv6: " fmt
29 #include <linux/capability.h>
30 #include <linux/errno.h>
31 #include <linux/export.h>
32 #include <linux/types.h>
33 #include <linux/times.h>
34 #include <linux/socket.h>
35 #include <linux/sockios.h>
36 #include <linux/net.h>
37 #include <linux/route.h>
38 #include <linux/netdevice.h>
39 #include <linux/in6.h>
40 #include <linux/mroute6.h>
41 #include <linux/init.h>
42 #include <linux/if_arp.h>
43 #include <linux/proc_fs.h>
44 #include <linux/seq_file.h>
45 #include <linux/nsproxy.h>
46 #include <linux/slab.h>
47 #include <net/net_namespace.h>
48 #include <net/snmp.h>
49 #include <net/ipv6.h>
50 #include <net/ip6_fib.h>
51 #include <net/ip6_route.h>
52 #include <net/ndisc.h>
53 #include <net/addrconf.h>
54 #include <net/tcp.h>
55 #include <linux/rtnetlink.h>
56 #include <net/dst.h>
57 #include <net/dst_metadata.h>
58 #include <net/xfrm.h>
59 #include <net/netevent.h>
60 #include <net/netlink.h>
61 #include <net/nexthop.h>
62 #include <net/lwtunnel.h>
63 #include <net/ip_tunnels.h>
64 #include <net/l3mdev.h>
65 #include <trace/events/fib6.h>
67 #include <asm/uaccess.h>
69 #ifdef CONFIG_SYSCTL
70 #include <linux/sysctl.h>
71 #endif
73 enum rt6_nud_state {
74 RT6_NUD_FAIL_HARD = -3,
75 RT6_NUD_FAIL_PROBE = -2,
76 RT6_NUD_FAIL_DO_RR = -1,
77 RT6_NUD_SUCCEED = 1
80 static void ip6_rt_copy_init(struct rt6_info *rt, struct rt6_info *ort);
81 static struct dst_entry *ip6_dst_check(struct dst_entry *dst, u32 cookie);
82 static unsigned int ip6_default_advmss(const struct dst_entry *dst);
83 static unsigned int ip6_mtu(const struct dst_entry *dst);
84 static struct dst_entry *ip6_negative_advice(struct dst_entry *);
85 static void ip6_dst_destroy(struct dst_entry *);
86 static void ip6_dst_ifdown(struct dst_entry *,
87 struct net_device *dev, int how);
88 static int ip6_dst_gc(struct dst_ops *ops);
90 static int ip6_pkt_discard(struct sk_buff *skb);
91 static int ip6_pkt_discard_out(struct net *net, struct sock *sk, struct sk_buff *skb);
92 static int ip6_pkt_prohibit(struct sk_buff *skb);
93 static int ip6_pkt_prohibit_out(struct net *net, struct sock *sk, struct sk_buff *skb);
94 static void ip6_link_failure(struct sk_buff *skb);
95 static void ip6_rt_update_pmtu(struct dst_entry *dst, struct sock *sk,
96 struct sk_buff *skb, u32 mtu);
97 static void rt6_do_redirect(struct dst_entry *dst, struct sock *sk,
98 struct sk_buff *skb);
99 static void rt6_dst_from_metrics_check(struct rt6_info *rt);
100 static int rt6_score_route(struct rt6_info *rt, int oif, int strict);
102 #ifdef CONFIG_IPV6_ROUTE_INFO
103 static struct rt6_info *rt6_add_route_info(struct net *net,
104 const struct in6_addr *prefix, int prefixlen,
105 const struct in6_addr *gwaddr, int ifindex,
106 unsigned int pref);
107 static struct rt6_info *rt6_get_route_info(struct net *net,
108 const struct in6_addr *prefix, int prefixlen,
109 const struct in6_addr *gwaddr, int ifindex);
110 #endif
112 struct uncached_list {
113 spinlock_t lock;
114 struct list_head head;
117 static DEFINE_PER_CPU_ALIGNED(struct uncached_list, rt6_uncached_list);
119 static void rt6_uncached_list_add(struct rt6_info *rt)
121 struct uncached_list *ul = raw_cpu_ptr(&rt6_uncached_list);
123 rt->dst.flags |= DST_NOCACHE;
124 rt->rt6i_uncached_list = ul;
126 spin_lock_bh(&ul->lock);
127 list_add_tail(&rt->rt6i_uncached, &ul->head);
128 spin_unlock_bh(&ul->lock);
131 static void rt6_uncached_list_del(struct rt6_info *rt)
133 if (!list_empty(&rt->rt6i_uncached)) {
134 struct uncached_list *ul = rt->rt6i_uncached_list;
136 spin_lock_bh(&ul->lock);
137 list_del(&rt->rt6i_uncached);
138 spin_unlock_bh(&ul->lock);
142 static void rt6_uncached_list_flush_dev(struct net *net, struct net_device *dev)
144 struct net_device *loopback_dev = net->loopback_dev;
145 int cpu;
147 if (dev == loopback_dev)
148 return;
150 for_each_possible_cpu(cpu) {
151 struct uncached_list *ul = per_cpu_ptr(&rt6_uncached_list, cpu);
152 struct rt6_info *rt;
154 spin_lock_bh(&ul->lock);
155 list_for_each_entry(rt, &ul->head, rt6i_uncached) {
156 struct inet6_dev *rt_idev = rt->rt6i_idev;
157 struct net_device *rt_dev = rt->dst.dev;
159 if (rt_idev->dev == dev) {
160 rt->rt6i_idev = in6_dev_get(loopback_dev);
161 in6_dev_put(rt_idev);
164 if (rt_dev == dev) {
165 rt->dst.dev = loopback_dev;
166 dev_hold(rt->dst.dev);
167 dev_put(rt_dev);
170 spin_unlock_bh(&ul->lock);
174 static u32 *rt6_pcpu_cow_metrics(struct rt6_info *rt)
176 return dst_metrics_write_ptr(rt->dst.from);
179 static u32 *ipv6_cow_metrics(struct dst_entry *dst, unsigned long old)
181 struct rt6_info *rt = (struct rt6_info *)dst;
183 if (rt->rt6i_flags & RTF_PCPU)
184 return rt6_pcpu_cow_metrics(rt);
185 else if (rt->rt6i_flags & RTF_CACHE)
186 return NULL;
187 else
188 return dst_cow_metrics_generic(dst, old);
191 static inline const void *choose_neigh_daddr(struct rt6_info *rt,
192 struct sk_buff *skb,
193 const void *daddr)
195 struct in6_addr *p = &rt->rt6i_gateway;
197 if (!ipv6_addr_any(p))
198 return (const void *) p;
199 else if (skb)
200 return &ipv6_hdr(skb)->daddr;
201 return daddr;
204 static struct neighbour *ip6_neigh_lookup(const struct dst_entry *dst,
205 struct sk_buff *skb,
206 const void *daddr)
208 struct rt6_info *rt = (struct rt6_info *) dst;
209 struct neighbour *n;
211 daddr = choose_neigh_daddr(rt, skb, daddr);
212 n = __ipv6_neigh_lookup(dst->dev, daddr);
213 if (n)
214 return n;
215 return neigh_create(&nd_tbl, daddr, dst->dev);
218 static struct dst_ops ip6_dst_ops_template = {
219 .family = AF_INET6,
220 .gc = ip6_dst_gc,
221 .gc_thresh = 1024,
222 .check = ip6_dst_check,
223 .default_advmss = ip6_default_advmss,
224 .mtu = ip6_mtu,
225 .cow_metrics = ipv6_cow_metrics,
226 .destroy = ip6_dst_destroy,
227 .ifdown = ip6_dst_ifdown,
228 .negative_advice = ip6_negative_advice,
229 .link_failure = ip6_link_failure,
230 .update_pmtu = ip6_rt_update_pmtu,
231 .redirect = rt6_do_redirect,
232 .local_out = __ip6_local_out,
233 .neigh_lookup = ip6_neigh_lookup,
236 static unsigned int ip6_blackhole_mtu(const struct dst_entry *dst)
238 unsigned int mtu = dst_metric_raw(dst, RTAX_MTU);
240 return mtu ? : dst->dev->mtu;
243 static void ip6_rt_blackhole_update_pmtu(struct dst_entry *dst, struct sock *sk,
244 struct sk_buff *skb, u32 mtu)
248 static void ip6_rt_blackhole_redirect(struct dst_entry *dst, struct sock *sk,
249 struct sk_buff *skb)
253 static struct dst_ops ip6_dst_blackhole_ops = {
254 .family = AF_INET6,
255 .destroy = ip6_dst_destroy,
256 .check = ip6_dst_check,
257 .mtu = ip6_blackhole_mtu,
258 .default_advmss = ip6_default_advmss,
259 .update_pmtu = ip6_rt_blackhole_update_pmtu,
260 .redirect = ip6_rt_blackhole_redirect,
261 .cow_metrics = dst_cow_metrics_generic,
262 .neigh_lookup = ip6_neigh_lookup,
265 static const u32 ip6_template_metrics[RTAX_MAX] = {
266 [RTAX_HOPLIMIT - 1] = 0,
269 static const struct rt6_info ip6_null_entry_template = {
270 .dst = {
271 .__refcnt = ATOMIC_INIT(1),
272 .__use = 1,
273 .obsolete = DST_OBSOLETE_FORCE_CHK,
274 .error = -ENETUNREACH,
275 .input = ip6_pkt_discard,
276 .output = ip6_pkt_discard_out,
278 .rt6i_flags = (RTF_REJECT | RTF_NONEXTHOP),
279 .rt6i_protocol = RTPROT_KERNEL,
280 .rt6i_metric = ~(u32) 0,
281 .rt6i_ref = ATOMIC_INIT(1),
284 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
286 static const struct rt6_info ip6_prohibit_entry_template = {
287 .dst = {
288 .__refcnt = ATOMIC_INIT(1),
289 .__use = 1,
290 .obsolete = DST_OBSOLETE_FORCE_CHK,
291 .error = -EACCES,
292 .input = ip6_pkt_prohibit,
293 .output = ip6_pkt_prohibit_out,
295 .rt6i_flags = (RTF_REJECT | RTF_NONEXTHOP),
296 .rt6i_protocol = RTPROT_KERNEL,
297 .rt6i_metric = ~(u32) 0,
298 .rt6i_ref = ATOMIC_INIT(1),
301 static const struct rt6_info ip6_blk_hole_entry_template = {
302 .dst = {
303 .__refcnt = ATOMIC_INIT(1),
304 .__use = 1,
305 .obsolete = DST_OBSOLETE_FORCE_CHK,
306 .error = -EINVAL,
307 .input = dst_discard,
308 .output = dst_discard_out,
310 .rt6i_flags = (RTF_REJECT | RTF_NONEXTHOP),
311 .rt6i_protocol = RTPROT_KERNEL,
312 .rt6i_metric = ~(u32) 0,
313 .rt6i_ref = ATOMIC_INIT(1),
316 #endif
318 static void rt6_info_init(struct rt6_info *rt)
320 struct dst_entry *dst = &rt->dst;
322 memset(dst + 1, 0, sizeof(*rt) - sizeof(*dst));
323 INIT_LIST_HEAD(&rt->rt6i_siblings);
324 INIT_LIST_HEAD(&rt->rt6i_uncached);
327 /* allocate dst with ip6_dst_ops */
328 static struct rt6_info *__ip6_dst_alloc(struct net *net,
329 struct net_device *dev,
330 int flags)
332 struct rt6_info *rt = dst_alloc(&net->ipv6.ip6_dst_ops, dev,
333 0, DST_OBSOLETE_FORCE_CHK, flags);
335 if (rt)
336 rt6_info_init(rt);
338 return rt;
341 static struct rt6_info *ip6_dst_alloc(struct net *net,
342 struct net_device *dev,
343 int flags)
345 struct rt6_info *rt = __ip6_dst_alloc(net, dev, flags);
347 if (rt) {
348 rt->rt6i_pcpu = alloc_percpu_gfp(struct rt6_info *, GFP_ATOMIC);
349 if (rt->rt6i_pcpu) {
350 int cpu;
352 for_each_possible_cpu(cpu) {
353 struct rt6_info **p;
355 p = per_cpu_ptr(rt->rt6i_pcpu, cpu);
356 /* no one shares rt */
357 *p = NULL;
359 } else {
360 dst_destroy((struct dst_entry *)rt);
361 return NULL;
365 return rt;
368 static void ip6_dst_destroy(struct dst_entry *dst)
370 struct rt6_info *rt = (struct rt6_info *)dst;
371 struct dst_entry *from = dst->from;
372 struct inet6_dev *idev;
374 dst_destroy_metrics_generic(dst);
375 free_percpu(rt->rt6i_pcpu);
376 rt6_uncached_list_del(rt);
378 idev = rt->rt6i_idev;
379 if (idev) {
380 rt->rt6i_idev = NULL;
381 in6_dev_put(idev);
384 dst->from = NULL;
385 dst_release(from);
388 static void ip6_dst_ifdown(struct dst_entry *dst, struct net_device *dev,
389 int how)
391 struct rt6_info *rt = (struct rt6_info *)dst;
392 struct inet6_dev *idev = rt->rt6i_idev;
393 struct net_device *loopback_dev =
394 dev_net(dev)->loopback_dev;
396 if (dev != loopback_dev) {
397 if (idev && idev->dev == dev) {
398 struct inet6_dev *loopback_idev =
399 in6_dev_get(loopback_dev);
400 if (loopback_idev) {
401 rt->rt6i_idev = loopback_idev;
402 in6_dev_put(idev);
408 static bool __rt6_check_expired(const struct rt6_info *rt)
410 if (rt->rt6i_flags & RTF_EXPIRES)
411 return time_after(jiffies, rt->dst.expires);
412 else
413 return false;
416 static bool rt6_check_expired(const struct rt6_info *rt)
418 if (rt->rt6i_flags & RTF_EXPIRES) {
419 if (time_after(jiffies, rt->dst.expires))
420 return true;
421 } else if (rt->dst.from) {
422 return rt6_check_expired((struct rt6_info *) rt->dst.from);
424 return false;
427 /* Multipath route selection:
428 * Hash based function using packet header and flowlabel.
429 * Adapted from fib_info_hashfn()
431 static int rt6_info_hash_nhsfn(unsigned int candidate_count,
432 const struct flowi6 *fl6)
434 return get_hash_from_flowi6(fl6) % candidate_count;
437 static struct rt6_info *rt6_multipath_select(struct rt6_info *match,
438 struct flowi6 *fl6, int oif,
439 int strict)
441 struct rt6_info *sibling, *next_sibling;
442 int route_choosen;
444 route_choosen = rt6_info_hash_nhsfn(match->rt6i_nsiblings + 1, fl6);
445 /* Don't change the route, if route_choosen == 0
446 * (siblings does not include ourself)
448 if (route_choosen)
449 list_for_each_entry_safe(sibling, next_sibling,
450 &match->rt6i_siblings, rt6i_siblings) {
451 route_choosen--;
452 if (route_choosen == 0) {
453 if (rt6_score_route(sibling, oif, strict) < 0)
454 break;
455 match = sibling;
456 break;
459 return match;
463 * Route lookup. Any table->tb6_lock is implied.
466 static inline struct rt6_info *rt6_device_match(struct net *net,
467 struct rt6_info *rt,
468 const struct in6_addr *saddr,
469 int oif,
470 int flags)
472 struct rt6_info *local = NULL;
473 struct rt6_info *sprt;
475 if (!oif && ipv6_addr_any(saddr))
476 goto out;
478 for (sprt = rt; sprt; sprt = sprt->dst.rt6_next) {
479 struct net_device *dev = sprt->dst.dev;
481 if (oif) {
482 if (dev->ifindex == oif)
483 return sprt;
484 if (dev->flags & IFF_LOOPBACK) {
485 if (!sprt->rt6i_idev ||
486 sprt->rt6i_idev->dev->ifindex != oif) {
487 if (flags & RT6_LOOKUP_F_IFACE)
488 continue;
489 if (local &&
490 local->rt6i_idev->dev->ifindex == oif)
491 continue;
493 local = sprt;
495 } else {
496 if (ipv6_chk_addr(net, saddr, dev,
497 flags & RT6_LOOKUP_F_IFACE))
498 return sprt;
502 if (oif) {
503 if (local)
504 return local;
506 if (flags & RT6_LOOKUP_F_IFACE)
507 return net->ipv6.ip6_null_entry;
509 out:
510 return rt;
513 #ifdef CONFIG_IPV6_ROUTER_PREF
514 struct __rt6_probe_work {
515 struct work_struct work;
516 struct in6_addr target;
517 struct net_device *dev;
520 static void rt6_probe_deferred(struct work_struct *w)
522 struct in6_addr mcaddr;
523 struct __rt6_probe_work *work =
524 container_of(w, struct __rt6_probe_work, work);
526 addrconf_addr_solict_mult(&work->target, &mcaddr);
527 ndisc_send_ns(work->dev, &work->target, &mcaddr, NULL);
528 dev_put(work->dev);
529 kfree(work);
532 static void rt6_probe(struct rt6_info *rt)
534 struct __rt6_probe_work *work;
535 struct neighbour *neigh;
537 * Okay, this does not seem to be appropriate
538 * for now, however, we need to check if it
539 * is really so; aka Router Reachability Probing.
541 * Router Reachability Probe MUST be rate-limited
542 * to no more than one per minute.
544 if (!rt || !(rt->rt6i_flags & RTF_GATEWAY))
545 return;
546 rcu_read_lock_bh();
547 neigh = __ipv6_neigh_lookup_noref(rt->dst.dev, &rt->rt6i_gateway);
548 if (neigh) {
549 if (neigh->nud_state & NUD_VALID)
550 goto out;
552 work = NULL;
553 write_lock(&neigh->lock);
554 if (!(neigh->nud_state & NUD_VALID) &&
555 time_after(jiffies,
556 neigh->updated +
557 rt->rt6i_idev->cnf.rtr_probe_interval)) {
558 work = kmalloc(sizeof(*work), GFP_ATOMIC);
559 if (work)
560 __neigh_set_probe_once(neigh);
562 write_unlock(&neigh->lock);
563 } else {
564 work = kmalloc(sizeof(*work), GFP_ATOMIC);
567 if (work) {
568 INIT_WORK(&work->work, rt6_probe_deferred);
569 work->target = rt->rt6i_gateway;
570 dev_hold(rt->dst.dev);
571 work->dev = rt->dst.dev;
572 schedule_work(&work->work);
575 out:
576 rcu_read_unlock_bh();
578 #else
579 static inline void rt6_probe(struct rt6_info *rt)
582 #endif
585 * Default Router Selection (RFC 2461 6.3.6)
587 static inline int rt6_check_dev(struct rt6_info *rt, int oif)
589 struct net_device *dev = rt->dst.dev;
590 if (!oif || dev->ifindex == oif)
591 return 2;
592 if ((dev->flags & IFF_LOOPBACK) &&
593 rt->rt6i_idev && rt->rt6i_idev->dev->ifindex == oif)
594 return 1;
595 return 0;
598 static inline enum rt6_nud_state rt6_check_neigh(struct rt6_info *rt)
600 struct neighbour *neigh;
601 enum rt6_nud_state ret = RT6_NUD_FAIL_HARD;
603 if (rt->rt6i_flags & RTF_NONEXTHOP ||
604 !(rt->rt6i_flags & RTF_GATEWAY))
605 return RT6_NUD_SUCCEED;
607 rcu_read_lock_bh();
608 neigh = __ipv6_neigh_lookup_noref(rt->dst.dev, &rt->rt6i_gateway);
609 if (neigh) {
610 read_lock(&neigh->lock);
611 if (neigh->nud_state & NUD_VALID)
612 ret = RT6_NUD_SUCCEED;
613 #ifdef CONFIG_IPV6_ROUTER_PREF
614 else if (!(neigh->nud_state & NUD_FAILED))
615 ret = RT6_NUD_SUCCEED;
616 else
617 ret = RT6_NUD_FAIL_PROBE;
618 #endif
619 read_unlock(&neigh->lock);
620 } else {
621 ret = IS_ENABLED(CONFIG_IPV6_ROUTER_PREF) ?
622 RT6_NUD_SUCCEED : RT6_NUD_FAIL_DO_RR;
624 rcu_read_unlock_bh();
626 return ret;
629 static int rt6_score_route(struct rt6_info *rt, int oif,
630 int strict)
632 int m;
634 m = rt6_check_dev(rt, oif);
635 if (!m && (strict & RT6_LOOKUP_F_IFACE))
636 return RT6_NUD_FAIL_HARD;
637 #ifdef CONFIG_IPV6_ROUTER_PREF
638 m |= IPV6_DECODE_PREF(IPV6_EXTRACT_PREF(rt->rt6i_flags)) << 2;
639 #endif
640 if (strict & RT6_LOOKUP_F_REACHABLE) {
641 int n = rt6_check_neigh(rt);
642 if (n < 0)
643 return n;
645 return m;
648 static struct rt6_info *find_match(struct rt6_info *rt, int oif, int strict,
649 int *mpri, struct rt6_info *match,
650 bool *do_rr)
652 int m;
653 bool match_do_rr = false;
654 struct inet6_dev *idev = rt->rt6i_idev;
655 struct net_device *dev = rt->dst.dev;
657 if (dev && !netif_carrier_ok(dev) &&
658 idev->cnf.ignore_routes_with_linkdown)
659 goto out;
661 if (rt6_check_expired(rt))
662 goto out;
664 m = rt6_score_route(rt, oif, strict);
665 if (m == RT6_NUD_FAIL_DO_RR) {
666 match_do_rr = true;
667 m = 0; /* lowest valid score */
668 } else if (m == RT6_NUD_FAIL_HARD) {
669 goto out;
672 if (strict & RT6_LOOKUP_F_REACHABLE)
673 rt6_probe(rt);
675 /* note that m can be RT6_NUD_FAIL_PROBE at this point */
676 if (m > *mpri) {
677 *do_rr = match_do_rr;
678 *mpri = m;
679 match = rt;
681 out:
682 return match;
685 static struct rt6_info *find_rr_leaf(struct fib6_node *fn,
686 struct rt6_info *rr_head,
687 u32 metric, int oif, int strict,
688 bool *do_rr)
690 struct rt6_info *rt, *match, *cont;
691 int mpri = -1;
693 match = NULL;
694 cont = NULL;
695 for (rt = rr_head; rt; rt = rt->dst.rt6_next) {
696 if (rt->rt6i_metric != metric) {
697 cont = rt;
698 break;
701 match = find_match(rt, oif, strict, &mpri, match, do_rr);
704 for (rt = fn->leaf; rt && rt != rr_head; rt = rt->dst.rt6_next) {
705 if (rt->rt6i_metric != metric) {
706 cont = rt;
707 break;
710 match = find_match(rt, oif, strict, &mpri, match, do_rr);
713 if (match || !cont)
714 return match;
716 for (rt = cont; rt; rt = rt->dst.rt6_next)
717 match = find_match(rt, oif, strict, &mpri, match, do_rr);
719 return match;
722 static struct rt6_info *rt6_select(struct fib6_node *fn, int oif, int strict)
724 struct rt6_info *match, *rt0;
725 struct net *net;
726 bool do_rr = false;
728 rt0 = fn->rr_ptr;
729 if (!rt0)
730 fn->rr_ptr = rt0 = fn->leaf;
732 match = find_rr_leaf(fn, rt0, rt0->rt6i_metric, oif, strict,
733 &do_rr);
735 if (do_rr) {
736 struct rt6_info *next = rt0->dst.rt6_next;
738 /* no entries matched; do round-robin */
739 if (!next || next->rt6i_metric != rt0->rt6i_metric)
740 next = fn->leaf;
742 if (next != rt0)
743 fn->rr_ptr = next;
746 net = dev_net(rt0->dst.dev);
747 return match ? match : net->ipv6.ip6_null_entry;
750 static bool rt6_is_gw_or_nonexthop(const struct rt6_info *rt)
752 return (rt->rt6i_flags & (RTF_NONEXTHOP | RTF_GATEWAY));
755 #ifdef CONFIG_IPV6_ROUTE_INFO
756 int rt6_route_rcv(struct net_device *dev, u8 *opt, int len,
757 const struct in6_addr *gwaddr)
759 struct net *net = dev_net(dev);
760 struct route_info *rinfo = (struct route_info *) opt;
761 struct in6_addr prefix_buf, *prefix;
762 unsigned int pref;
763 unsigned long lifetime;
764 struct rt6_info *rt;
766 if (len < sizeof(struct route_info)) {
767 return -EINVAL;
770 /* Sanity check for prefix_len and length */
771 if (rinfo->length > 3) {
772 return -EINVAL;
773 } else if (rinfo->prefix_len > 128) {
774 return -EINVAL;
775 } else if (rinfo->prefix_len > 64) {
776 if (rinfo->length < 2) {
777 return -EINVAL;
779 } else if (rinfo->prefix_len > 0) {
780 if (rinfo->length < 1) {
781 return -EINVAL;
785 pref = rinfo->route_pref;
786 if (pref == ICMPV6_ROUTER_PREF_INVALID)
787 return -EINVAL;
789 lifetime = addrconf_timeout_fixup(ntohl(rinfo->lifetime), HZ);
791 if (rinfo->length == 3)
792 prefix = (struct in6_addr *)rinfo->prefix;
793 else {
794 /* this function is safe */
795 ipv6_addr_prefix(&prefix_buf,
796 (struct in6_addr *)rinfo->prefix,
797 rinfo->prefix_len);
798 prefix = &prefix_buf;
801 if (rinfo->prefix_len == 0)
802 rt = rt6_get_dflt_router(gwaddr, dev);
803 else
804 rt = rt6_get_route_info(net, prefix, rinfo->prefix_len,
805 gwaddr, dev->ifindex);
807 if (rt && !lifetime) {
808 ip6_del_rt(rt);
809 rt = NULL;
812 if (!rt && lifetime)
813 rt = rt6_add_route_info(net, prefix, rinfo->prefix_len, gwaddr, dev->ifindex,
814 pref);
815 else if (rt)
816 rt->rt6i_flags = RTF_ROUTEINFO |
817 (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
819 if (rt) {
820 if (!addrconf_finite_timeout(lifetime))
821 rt6_clean_expires(rt);
822 else
823 rt6_set_expires(rt, jiffies + HZ * lifetime);
825 ip6_rt_put(rt);
827 return 0;
829 #endif
831 static struct fib6_node* fib6_backtrack(struct fib6_node *fn,
832 struct in6_addr *saddr)
834 struct fib6_node *pn;
835 while (1) {
836 if (fn->fn_flags & RTN_TL_ROOT)
837 return NULL;
838 pn = fn->parent;
839 if (FIB6_SUBTREE(pn) && FIB6_SUBTREE(pn) != fn)
840 fn = fib6_lookup(FIB6_SUBTREE(pn), NULL, saddr);
841 else
842 fn = pn;
843 if (fn->fn_flags & RTN_RTINFO)
844 return fn;
848 static struct rt6_info *ip6_pol_route_lookup(struct net *net,
849 struct fib6_table *table,
850 struct flowi6 *fl6, int flags)
852 struct fib6_node *fn;
853 struct rt6_info *rt;
855 read_lock_bh(&table->tb6_lock);
856 fn = fib6_lookup(&table->tb6_root, &fl6->daddr, &fl6->saddr);
857 restart:
858 rt = fn->leaf;
859 rt = rt6_device_match(net, rt, &fl6->saddr, fl6->flowi6_oif, flags);
860 if (rt->rt6i_nsiblings && fl6->flowi6_oif == 0)
861 rt = rt6_multipath_select(rt, fl6, fl6->flowi6_oif, flags);
862 if (rt == net->ipv6.ip6_null_entry) {
863 fn = fib6_backtrack(fn, &fl6->saddr);
864 if (fn)
865 goto restart;
867 dst_use(&rt->dst, jiffies);
868 read_unlock_bh(&table->tb6_lock);
870 trace_fib6_table_lookup(net, rt, table->tb6_id, fl6);
872 return rt;
876 struct dst_entry *ip6_route_lookup(struct net *net, struct flowi6 *fl6,
877 int flags)
879 return fib6_rule_lookup(net, fl6, flags, ip6_pol_route_lookup);
881 EXPORT_SYMBOL_GPL(ip6_route_lookup);
883 struct rt6_info *rt6_lookup(struct net *net, const struct in6_addr *daddr,
884 const struct in6_addr *saddr, int oif, int strict)
886 struct flowi6 fl6 = {
887 .flowi6_oif = oif,
888 .daddr = *daddr,
890 struct dst_entry *dst;
891 int flags = strict ? RT6_LOOKUP_F_IFACE : 0;
893 if (saddr) {
894 memcpy(&fl6.saddr, saddr, sizeof(*saddr));
895 flags |= RT6_LOOKUP_F_HAS_SADDR;
898 dst = fib6_rule_lookup(net, &fl6, flags, ip6_pol_route_lookup);
899 if (dst->error == 0)
900 return (struct rt6_info *) dst;
902 dst_release(dst);
904 return NULL;
906 EXPORT_SYMBOL(rt6_lookup);
908 /* ip6_ins_rt is called with FREE table->tb6_lock.
909 It takes new route entry, the addition fails by any reason the
910 route is freed. In any case, if caller does not hold it, it may
911 be destroyed.
914 static int __ip6_ins_rt(struct rt6_info *rt, struct nl_info *info,
915 struct mx6_config *mxc)
917 int err;
918 struct fib6_table *table;
920 table = rt->rt6i_table;
921 write_lock_bh(&table->tb6_lock);
922 err = fib6_add(&table->tb6_root, rt, info, mxc);
923 write_unlock_bh(&table->tb6_lock);
925 return err;
928 int ip6_ins_rt(struct rt6_info *rt)
930 struct nl_info info = { .nl_net = dev_net(rt->dst.dev), };
931 struct mx6_config mxc = { .mx = NULL, };
933 return __ip6_ins_rt(rt, &info, &mxc);
936 static struct rt6_info *ip6_rt_cache_alloc(struct rt6_info *ort,
937 const struct in6_addr *daddr,
938 const struct in6_addr *saddr)
940 struct rt6_info *rt;
943 * Clone the route.
946 if (ort->rt6i_flags & (RTF_CACHE | RTF_PCPU))
947 ort = (struct rt6_info *)ort->dst.from;
949 rt = __ip6_dst_alloc(dev_net(ort->dst.dev), ort->dst.dev, 0);
951 if (!rt)
952 return NULL;
954 ip6_rt_copy_init(rt, ort);
955 rt->rt6i_flags |= RTF_CACHE;
956 rt->rt6i_metric = 0;
957 rt->dst.flags |= DST_HOST;
958 rt->rt6i_dst.addr = *daddr;
959 rt->rt6i_dst.plen = 128;
961 if (!rt6_is_gw_or_nonexthop(ort)) {
962 if (ort->rt6i_dst.plen != 128 &&
963 ipv6_addr_equal(&ort->rt6i_dst.addr, daddr))
964 rt->rt6i_flags |= RTF_ANYCAST;
965 #ifdef CONFIG_IPV6_SUBTREES
966 if (rt->rt6i_src.plen && saddr) {
967 rt->rt6i_src.addr = *saddr;
968 rt->rt6i_src.plen = 128;
970 #endif
973 return rt;
976 static struct rt6_info *ip6_rt_pcpu_alloc(struct rt6_info *rt)
978 struct rt6_info *pcpu_rt;
980 pcpu_rt = __ip6_dst_alloc(dev_net(rt->dst.dev),
981 rt->dst.dev, rt->dst.flags);
983 if (!pcpu_rt)
984 return NULL;
985 ip6_rt_copy_init(pcpu_rt, rt);
986 pcpu_rt->rt6i_protocol = rt->rt6i_protocol;
987 pcpu_rt->rt6i_flags |= RTF_PCPU;
988 return pcpu_rt;
991 /* It should be called with read_lock_bh(&tb6_lock) acquired */
992 static struct rt6_info *rt6_get_pcpu_route(struct rt6_info *rt)
994 struct rt6_info *pcpu_rt, **p;
996 p = this_cpu_ptr(rt->rt6i_pcpu);
997 pcpu_rt = *p;
999 if (pcpu_rt) {
1000 dst_hold(&pcpu_rt->dst);
1001 rt6_dst_from_metrics_check(pcpu_rt);
1003 return pcpu_rt;
1006 static struct rt6_info *rt6_make_pcpu_route(struct rt6_info *rt)
1008 struct fib6_table *table = rt->rt6i_table;
1009 struct rt6_info *pcpu_rt, *prev, **p;
1011 pcpu_rt = ip6_rt_pcpu_alloc(rt);
1012 if (!pcpu_rt) {
1013 struct net *net = dev_net(rt->dst.dev);
1015 dst_hold(&net->ipv6.ip6_null_entry->dst);
1016 return net->ipv6.ip6_null_entry;
1019 read_lock_bh(&table->tb6_lock);
1020 if (rt->rt6i_pcpu) {
1021 p = this_cpu_ptr(rt->rt6i_pcpu);
1022 prev = cmpxchg(p, NULL, pcpu_rt);
1023 if (prev) {
1024 /* If someone did it before us, return prev instead */
1025 dst_destroy(&pcpu_rt->dst);
1026 pcpu_rt = prev;
1028 } else {
1029 /* rt has been removed from the fib6 tree
1030 * before we have a chance to acquire the read_lock.
1031 * In this case, don't brother to create a pcpu rt
1032 * since rt is going away anyway. The next
1033 * dst_check() will trigger a re-lookup.
1035 dst_destroy(&pcpu_rt->dst);
1036 pcpu_rt = rt;
1038 dst_hold(&pcpu_rt->dst);
1039 rt6_dst_from_metrics_check(pcpu_rt);
1040 read_unlock_bh(&table->tb6_lock);
1041 return pcpu_rt;
1044 static struct rt6_info *ip6_pol_route(struct net *net, struct fib6_table *table, int oif,
1045 struct flowi6 *fl6, int flags)
1047 struct fib6_node *fn, *saved_fn;
1048 struct rt6_info *rt;
1049 int strict = 0;
1051 strict |= flags & RT6_LOOKUP_F_IFACE;
1052 if (net->ipv6.devconf_all->forwarding == 0)
1053 strict |= RT6_LOOKUP_F_REACHABLE;
1055 read_lock_bh(&table->tb6_lock);
1057 fn = fib6_lookup(&table->tb6_root, &fl6->daddr, &fl6->saddr);
1058 saved_fn = fn;
1060 if (fl6->flowi6_flags & FLOWI_FLAG_SKIP_NH_OIF)
1061 oif = 0;
1063 redo_rt6_select:
1064 rt = rt6_select(fn, oif, strict);
1065 if (rt->rt6i_nsiblings)
1066 rt = rt6_multipath_select(rt, fl6, oif, strict);
1067 if (rt == net->ipv6.ip6_null_entry) {
1068 fn = fib6_backtrack(fn, &fl6->saddr);
1069 if (fn)
1070 goto redo_rt6_select;
1071 else if (strict & RT6_LOOKUP_F_REACHABLE) {
1072 /* also consider unreachable route */
1073 strict &= ~RT6_LOOKUP_F_REACHABLE;
1074 fn = saved_fn;
1075 goto redo_rt6_select;
1080 if (rt == net->ipv6.ip6_null_entry || (rt->rt6i_flags & RTF_CACHE)) {
1081 dst_use(&rt->dst, jiffies);
1082 read_unlock_bh(&table->tb6_lock);
1084 rt6_dst_from_metrics_check(rt);
1086 trace_fib6_table_lookup(net, rt, table->tb6_id, fl6);
1087 return rt;
1088 } else if (unlikely((fl6->flowi6_flags & FLOWI_FLAG_KNOWN_NH) &&
1089 !(rt->rt6i_flags & RTF_GATEWAY))) {
1090 /* Create a RTF_CACHE clone which will not be
1091 * owned by the fib6 tree. It is for the special case where
1092 * the daddr in the skb during the neighbor look-up is different
1093 * from the fl6->daddr used to look-up route here.
1096 struct rt6_info *uncached_rt;
1098 dst_use(&rt->dst, jiffies);
1099 read_unlock_bh(&table->tb6_lock);
1101 uncached_rt = ip6_rt_cache_alloc(rt, &fl6->daddr, NULL);
1102 dst_release(&rt->dst);
1104 if (uncached_rt)
1105 rt6_uncached_list_add(uncached_rt);
1106 else
1107 uncached_rt = net->ipv6.ip6_null_entry;
1109 dst_hold(&uncached_rt->dst);
1111 trace_fib6_table_lookup(net, uncached_rt, table->tb6_id, fl6);
1112 return uncached_rt;
1114 } else {
1115 /* Get a percpu copy */
1117 struct rt6_info *pcpu_rt;
1119 rt->dst.lastuse = jiffies;
1120 rt->dst.__use++;
1121 pcpu_rt = rt6_get_pcpu_route(rt);
1123 if (pcpu_rt) {
1124 read_unlock_bh(&table->tb6_lock);
1125 } else {
1126 /* We have to do the read_unlock first
1127 * because rt6_make_pcpu_route() may trigger
1128 * ip6_dst_gc() which will take the write_lock.
1130 dst_hold(&rt->dst);
1131 read_unlock_bh(&table->tb6_lock);
1132 pcpu_rt = rt6_make_pcpu_route(rt);
1133 dst_release(&rt->dst);
1136 trace_fib6_table_lookup(net, pcpu_rt, table->tb6_id, fl6);
1137 return pcpu_rt;
1142 static struct rt6_info *ip6_pol_route_input(struct net *net, struct fib6_table *table,
1143 struct flowi6 *fl6, int flags)
1145 return ip6_pol_route(net, table, fl6->flowi6_iif, fl6, flags);
1148 static struct dst_entry *ip6_route_input_lookup(struct net *net,
1149 struct net_device *dev,
1150 struct flowi6 *fl6, int flags)
1152 if (rt6_need_strict(&fl6->daddr) && dev->type != ARPHRD_PIMREG)
1153 flags |= RT6_LOOKUP_F_IFACE;
1155 return fib6_rule_lookup(net, fl6, flags, ip6_pol_route_input);
1158 void ip6_route_input(struct sk_buff *skb)
1160 const struct ipv6hdr *iph = ipv6_hdr(skb);
1161 struct net *net = dev_net(skb->dev);
1162 int flags = RT6_LOOKUP_F_HAS_SADDR;
1163 struct ip_tunnel_info *tun_info;
1164 struct flowi6 fl6 = {
1165 .flowi6_iif = l3mdev_fib_oif(skb->dev),
1166 .daddr = iph->daddr,
1167 .saddr = iph->saddr,
1168 .flowlabel = ip6_flowinfo(iph),
1169 .flowi6_mark = skb->mark,
1170 .flowi6_proto = iph->nexthdr,
1173 tun_info = skb_tunnel_info(skb);
1174 if (tun_info && !(tun_info->mode & IP_TUNNEL_INFO_TX))
1175 fl6.flowi6_tun_key.tun_id = tun_info->key.tun_id;
1176 skb_dst_drop(skb);
1177 skb_dst_set(skb, ip6_route_input_lookup(net, skb->dev, &fl6, flags));
1180 static struct rt6_info *ip6_pol_route_output(struct net *net, struct fib6_table *table,
1181 struct flowi6 *fl6, int flags)
1183 return ip6_pol_route(net, table, fl6->flowi6_oif, fl6, flags);
1186 struct dst_entry *ip6_route_output_flags(struct net *net, const struct sock *sk,
1187 struct flowi6 *fl6, int flags)
1189 struct dst_entry *dst;
1190 bool any_src;
1192 dst = l3mdev_rt6_dst_by_oif(net, fl6);
1193 if (dst)
1194 return dst;
1196 fl6->flowi6_iif = LOOPBACK_IFINDEX;
1198 any_src = ipv6_addr_any(&fl6->saddr);
1199 if ((sk && sk->sk_bound_dev_if) || rt6_need_strict(&fl6->daddr) ||
1200 (fl6->flowi6_oif && any_src))
1201 flags |= RT6_LOOKUP_F_IFACE;
1203 if (!any_src)
1204 flags |= RT6_LOOKUP_F_HAS_SADDR;
1205 else if (sk)
1206 flags |= rt6_srcprefs2flags(inet6_sk(sk)->srcprefs);
1208 return fib6_rule_lookup(net, fl6, flags, ip6_pol_route_output);
1210 EXPORT_SYMBOL_GPL(ip6_route_output_flags);
1212 struct dst_entry *ip6_blackhole_route(struct net *net, struct dst_entry *dst_orig)
1214 struct rt6_info *rt, *ort = (struct rt6_info *) dst_orig;
1215 struct dst_entry *new = NULL;
1217 rt = dst_alloc(&ip6_dst_blackhole_ops, ort->dst.dev, 1, DST_OBSOLETE_NONE, 0);
1218 if (rt) {
1219 rt6_info_init(rt);
1221 new = &rt->dst;
1222 new->__use = 1;
1223 new->input = dst_discard;
1224 new->output = dst_discard_out;
1226 dst_copy_metrics(new, &ort->dst);
1227 rt->rt6i_idev = ort->rt6i_idev;
1228 if (rt->rt6i_idev)
1229 in6_dev_hold(rt->rt6i_idev);
1231 rt->rt6i_gateway = ort->rt6i_gateway;
1232 rt->rt6i_flags = ort->rt6i_flags & ~RTF_PCPU;
1233 rt->rt6i_metric = 0;
1235 memcpy(&rt->rt6i_dst, &ort->rt6i_dst, sizeof(struct rt6key));
1236 #ifdef CONFIG_IPV6_SUBTREES
1237 memcpy(&rt->rt6i_src, &ort->rt6i_src, sizeof(struct rt6key));
1238 #endif
1240 dst_free(new);
1243 dst_release(dst_orig);
1244 return new ? new : ERR_PTR(-ENOMEM);
1248 * Destination cache support functions
1251 static void rt6_dst_from_metrics_check(struct rt6_info *rt)
1253 if (rt->dst.from &&
1254 dst_metrics_ptr(&rt->dst) != dst_metrics_ptr(rt->dst.from))
1255 dst_init_metrics(&rt->dst, dst_metrics_ptr(rt->dst.from), true);
1258 static struct dst_entry *rt6_check(struct rt6_info *rt, u32 cookie)
1260 if (!rt->rt6i_node || (rt->rt6i_node->fn_sernum != cookie))
1261 return NULL;
1263 if (rt6_check_expired(rt))
1264 return NULL;
1266 return &rt->dst;
1269 static struct dst_entry *rt6_dst_from_check(struct rt6_info *rt, u32 cookie)
1271 if (!__rt6_check_expired(rt) &&
1272 rt->dst.obsolete == DST_OBSOLETE_FORCE_CHK &&
1273 rt6_check((struct rt6_info *)(rt->dst.from), cookie))
1274 return &rt->dst;
1275 else
1276 return NULL;
1279 static struct dst_entry *ip6_dst_check(struct dst_entry *dst, u32 cookie)
1281 struct rt6_info *rt;
1283 rt = (struct rt6_info *) dst;
1285 /* All IPV6 dsts are created with ->obsolete set to the value
1286 * DST_OBSOLETE_FORCE_CHK which forces validation calls down
1287 * into this function always.
1290 rt6_dst_from_metrics_check(rt);
1292 if (rt->rt6i_flags & RTF_PCPU ||
1293 (unlikely(dst->flags & DST_NOCACHE) && rt->dst.from))
1294 return rt6_dst_from_check(rt, cookie);
1295 else
1296 return rt6_check(rt, cookie);
1299 static struct dst_entry *ip6_negative_advice(struct dst_entry *dst)
1301 struct rt6_info *rt = (struct rt6_info *) dst;
1303 if (rt) {
1304 if (rt->rt6i_flags & RTF_CACHE) {
1305 if (rt6_check_expired(rt)) {
1306 ip6_del_rt(rt);
1307 dst = NULL;
1309 } else {
1310 dst_release(dst);
1311 dst = NULL;
1314 return dst;
1317 static void ip6_link_failure(struct sk_buff *skb)
1319 struct rt6_info *rt;
1321 icmpv6_send(skb, ICMPV6_DEST_UNREACH, ICMPV6_ADDR_UNREACH, 0);
1323 rt = (struct rt6_info *) skb_dst(skb);
1324 if (rt) {
1325 if (rt->rt6i_flags & RTF_CACHE) {
1326 dst_hold(&rt->dst);
1327 ip6_del_rt(rt);
1328 } else if (rt->rt6i_node && (rt->rt6i_flags & RTF_DEFAULT)) {
1329 rt->rt6i_node->fn_sernum = -1;
1334 static void rt6_do_update_pmtu(struct rt6_info *rt, u32 mtu)
1336 struct net *net = dev_net(rt->dst.dev);
1338 rt->rt6i_flags |= RTF_MODIFIED;
1339 rt->rt6i_pmtu = mtu;
1340 rt6_update_expires(rt, net->ipv6.sysctl.ip6_rt_mtu_expires);
1343 static bool rt6_cache_allowed_for_pmtu(const struct rt6_info *rt)
1345 return !(rt->rt6i_flags & RTF_CACHE) &&
1346 (rt->rt6i_flags & RTF_PCPU || rt->rt6i_node);
1349 static void __ip6_rt_update_pmtu(struct dst_entry *dst, const struct sock *sk,
1350 const struct ipv6hdr *iph, u32 mtu)
1352 struct rt6_info *rt6 = (struct rt6_info *)dst;
1354 if (rt6->rt6i_flags & RTF_LOCAL)
1355 return;
1357 dst_confirm(dst);
1358 mtu = max_t(u32, mtu, IPV6_MIN_MTU);
1359 if (mtu >= dst_mtu(dst))
1360 return;
1362 if (!rt6_cache_allowed_for_pmtu(rt6)) {
1363 rt6_do_update_pmtu(rt6, mtu);
1364 } else {
1365 const struct in6_addr *daddr, *saddr;
1366 struct rt6_info *nrt6;
1368 if (iph) {
1369 daddr = &iph->daddr;
1370 saddr = &iph->saddr;
1371 } else if (sk) {
1372 daddr = &sk->sk_v6_daddr;
1373 saddr = &inet6_sk(sk)->saddr;
1374 } else {
1375 return;
1377 nrt6 = ip6_rt_cache_alloc(rt6, daddr, saddr);
1378 if (nrt6) {
1379 rt6_do_update_pmtu(nrt6, mtu);
1381 /* ip6_ins_rt(nrt6) will bump the
1382 * rt6->rt6i_node->fn_sernum
1383 * which will fail the next rt6_check() and
1384 * invalidate the sk->sk_dst_cache.
1386 ip6_ins_rt(nrt6);
1391 static void ip6_rt_update_pmtu(struct dst_entry *dst, struct sock *sk,
1392 struct sk_buff *skb, u32 mtu)
1394 __ip6_rt_update_pmtu(dst, sk, skb ? ipv6_hdr(skb) : NULL, mtu);
1397 void ip6_update_pmtu(struct sk_buff *skb, struct net *net, __be32 mtu,
1398 int oif, u32 mark)
1400 const struct ipv6hdr *iph = (struct ipv6hdr *) skb->data;
1401 struct dst_entry *dst;
1402 struct flowi6 fl6;
1404 memset(&fl6, 0, sizeof(fl6));
1405 fl6.flowi6_oif = oif;
1406 fl6.flowi6_mark = mark ? mark : IP6_REPLY_MARK(net, skb->mark);
1407 fl6.daddr = iph->daddr;
1408 fl6.saddr = iph->saddr;
1409 fl6.flowlabel = ip6_flowinfo(iph);
1411 dst = ip6_route_output(net, NULL, &fl6);
1412 if (!dst->error)
1413 __ip6_rt_update_pmtu(dst, NULL, iph, ntohl(mtu));
1414 dst_release(dst);
1416 EXPORT_SYMBOL_GPL(ip6_update_pmtu);
1418 void ip6_sk_update_pmtu(struct sk_buff *skb, struct sock *sk, __be32 mtu)
1420 ip6_update_pmtu(skb, sock_net(sk), mtu,
1421 sk->sk_bound_dev_if, sk->sk_mark);
1423 EXPORT_SYMBOL_GPL(ip6_sk_update_pmtu);
1425 /* Handle redirects */
1426 struct ip6rd_flowi {
1427 struct flowi6 fl6;
1428 struct in6_addr gateway;
1431 static struct rt6_info *__ip6_route_redirect(struct net *net,
1432 struct fib6_table *table,
1433 struct flowi6 *fl6,
1434 int flags)
1436 struct ip6rd_flowi *rdfl = (struct ip6rd_flowi *)fl6;
1437 struct rt6_info *rt;
1438 struct fib6_node *fn;
1440 /* Get the "current" route for this destination and
1441 * check if the redirect has come from approriate router.
1443 * RFC 4861 specifies that redirects should only be
1444 * accepted if they come from the nexthop to the target.
1445 * Due to the way the routes are chosen, this notion
1446 * is a bit fuzzy and one might need to check all possible
1447 * routes.
1450 read_lock_bh(&table->tb6_lock);
1451 fn = fib6_lookup(&table->tb6_root, &fl6->daddr, &fl6->saddr);
1452 restart:
1453 for (rt = fn->leaf; rt; rt = rt->dst.rt6_next) {
1454 if (rt6_check_expired(rt))
1455 continue;
1456 if (rt->dst.error)
1457 break;
1458 if (!(rt->rt6i_flags & RTF_GATEWAY))
1459 continue;
1460 if (fl6->flowi6_oif != rt->dst.dev->ifindex)
1461 continue;
1462 if (!ipv6_addr_equal(&rdfl->gateway, &rt->rt6i_gateway))
1463 continue;
1464 break;
1467 if (!rt)
1468 rt = net->ipv6.ip6_null_entry;
1469 else if (rt->dst.error) {
1470 rt = net->ipv6.ip6_null_entry;
1471 goto out;
1474 if (rt == net->ipv6.ip6_null_entry) {
1475 fn = fib6_backtrack(fn, &fl6->saddr);
1476 if (fn)
1477 goto restart;
1480 out:
1481 dst_hold(&rt->dst);
1483 read_unlock_bh(&table->tb6_lock);
1485 trace_fib6_table_lookup(net, rt, table->tb6_id, fl6);
1486 return rt;
1489 static struct dst_entry *ip6_route_redirect(struct net *net,
1490 const struct flowi6 *fl6,
1491 const struct in6_addr *gateway)
1493 int flags = RT6_LOOKUP_F_HAS_SADDR;
1494 struct ip6rd_flowi rdfl;
1496 rdfl.fl6 = *fl6;
1497 rdfl.gateway = *gateway;
1499 return fib6_rule_lookup(net, &rdfl.fl6,
1500 flags, __ip6_route_redirect);
1503 void ip6_redirect(struct sk_buff *skb, struct net *net, int oif, u32 mark)
1505 const struct ipv6hdr *iph = (struct ipv6hdr *) skb->data;
1506 struct dst_entry *dst;
1507 struct flowi6 fl6;
1509 memset(&fl6, 0, sizeof(fl6));
1510 fl6.flowi6_iif = LOOPBACK_IFINDEX;
1511 fl6.flowi6_oif = oif;
1512 fl6.flowi6_mark = mark;
1513 fl6.daddr = iph->daddr;
1514 fl6.saddr = iph->saddr;
1515 fl6.flowlabel = ip6_flowinfo(iph);
1517 dst = ip6_route_redirect(net, &fl6, &ipv6_hdr(skb)->saddr);
1518 rt6_do_redirect(dst, NULL, skb);
1519 dst_release(dst);
1521 EXPORT_SYMBOL_GPL(ip6_redirect);
1523 void ip6_redirect_no_header(struct sk_buff *skb, struct net *net, int oif,
1524 u32 mark)
1526 const struct ipv6hdr *iph = ipv6_hdr(skb);
1527 const struct rd_msg *msg = (struct rd_msg *)icmp6_hdr(skb);
1528 struct dst_entry *dst;
1529 struct flowi6 fl6;
1531 memset(&fl6, 0, sizeof(fl6));
1532 fl6.flowi6_iif = LOOPBACK_IFINDEX;
1533 fl6.flowi6_oif = oif;
1534 fl6.flowi6_mark = mark;
1535 fl6.daddr = msg->dest;
1536 fl6.saddr = iph->daddr;
1538 dst = ip6_route_redirect(net, &fl6, &iph->saddr);
1539 rt6_do_redirect(dst, NULL, skb);
1540 dst_release(dst);
1543 void ip6_sk_redirect(struct sk_buff *skb, struct sock *sk)
1545 ip6_redirect(skb, sock_net(sk), sk->sk_bound_dev_if, sk->sk_mark);
1547 EXPORT_SYMBOL_GPL(ip6_sk_redirect);
1549 static unsigned int ip6_default_advmss(const struct dst_entry *dst)
1551 struct net_device *dev = dst->dev;
1552 unsigned int mtu = dst_mtu(dst);
1553 struct net *net = dev_net(dev);
1555 mtu -= sizeof(struct ipv6hdr) + sizeof(struct tcphdr);
1557 if (mtu < net->ipv6.sysctl.ip6_rt_min_advmss)
1558 mtu = net->ipv6.sysctl.ip6_rt_min_advmss;
1561 * Maximal non-jumbo IPv6 payload is IPV6_MAXPLEN and
1562 * corresponding MSS is IPV6_MAXPLEN - tcp_header_size.
1563 * IPV6_MAXPLEN is also valid and means: "any MSS,
1564 * rely only on pmtu discovery"
1566 if (mtu > IPV6_MAXPLEN - sizeof(struct tcphdr))
1567 mtu = IPV6_MAXPLEN;
1568 return mtu;
1571 static unsigned int ip6_mtu(const struct dst_entry *dst)
1573 const struct rt6_info *rt = (const struct rt6_info *)dst;
1574 unsigned int mtu = rt->rt6i_pmtu;
1575 struct inet6_dev *idev;
1577 if (mtu)
1578 goto out;
1580 mtu = dst_metric_raw(dst, RTAX_MTU);
1581 if (mtu)
1582 goto out;
1584 mtu = IPV6_MIN_MTU;
1586 rcu_read_lock();
1587 idev = __in6_dev_get(dst->dev);
1588 if (idev)
1589 mtu = idev->cnf.mtu6;
1590 rcu_read_unlock();
1592 out:
1593 return min_t(unsigned int, mtu, IP6_MAX_MTU);
1596 static struct dst_entry *icmp6_dst_gc_list;
1597 static DEFINE_SPINLOCK(icmp6_dst_lock);
1599 struct dst_entry *icmp6_dst_alloc(struct net_device *dev,
1600 struct flowi6 *fl6)
1602 struct dst_entry *dst;
1603 struct rt6_info *rt;
1604 struct inet6_dev *idev = in6_dev_get(dev);
1605 struct net *net = dev_net(dev);
1607 if (unlikely(!idev))
1608 return ERR_PTR(-ENODEV);
1610 rt = ip6_dst_alloc(net, dev, 0);
1611 if (unlikely(!rt)) {
1612 in6_dev_put(idev);
1613 dst = ERR_PTR(-ENOMEM);
1614 goto out;
1617 rt->dst.flags |= DST_HOST;
1618 rt->dst.output = ip6_output;
1619 atomic_set(&rt->dst.__refcnt, 1);
1620 rt->rt6i_gateway = fl6->daddr;
1621 rt->rt6i_dst.addr = fl6->daddr;
1622 rt->rt6i_dst.plen = 128;
1623 rt->rt6i_idev = idev;
1624 dst_metric_set(&rt->dst, RTAX_HOPLIMIT, 0);
1626 spin_lock_bh(&icmp6_dst_lock);
1627 rt->dst.next = icmp6_dst_gc_list;
1628 icmp6_dst_gc_list = &rt->dst;
1629 spin_unlock_bh(&icmp6_dst_lock);
1631 fib6_force_start_gc(net);
1633 dst = xfrm_lookup(net, &rt->dst, flowi6_to_flowi(fl6), NULL, 0);
1635 out:
1636 return dst;
1639 int icmp6_dst_gc(void)
1641 struct dst_entry *dst, **pprev;
1642 int more = 0;
1644 spin_lock_bh(&icmp6_dst_lock);
1645 pprev = &icmp6_dst_gc_list;
1647 while ((dst = *pprev) != NULL) {
1648 if (!atomic_read(&dst->__refcnt)) {
1649 *pprev = dst->next;
1650 dst_free(dst);
1651 } else {
1652 pprev = &dst->next;
1653 ++more;
1657 spin_unlock_bh(&icmp6_dst_lock);
1659 return more;
1662 static void icmp6_clean_all(int (*func)(struct rt6_info *rt, void *arg),
1663 void *arg)
1665 struct dst_entry *dst, **pprev;
1667 spin_lock_bh(&icmp6_dst_lock);
1668 pprev = &icmp6_dst_gc_list;
1669 while ((dst = *pprev) != NULL) {
1670 struct rt6_info *rt = (struct rt6_info *) dst;
1671 if (func(rt, arg)) {
1672 *pprev = dst->next;
1673 dst_free(dst);
1674 } else {
1675 pprev = &dst->next;
1678 spin_unlock_bh(&icmp6_dst_lock);
1681 static int ip6_dst_gc(struct dst_ops *ops)
1683 struct net *net = container_of(ops, struct net, ipv6.ip6_dst_ops);
1684 int rt_min_interval = net->ipv6.sysctl.ip6_rt_gc_min_interval;
1685 int rt_max_size = net->ipv6.sysctl.ip6_rt_max_size;
1686 int rt_elasticity = net->ipv6.sysctl.ip6_rt_gc_elasticity;
1687 int rt_gc_timeout = net->ipv6.sysctl.ip6_rt_gc_timeout;
1688 unsigned long rt_last_gc = net->ipv6.ip6_rt_last_gc;
1689 int entries;
1691 entries = dst_entries_get_fast(ops);
1692 if (time_after(rt_last_gc + rt_min_interval, jiffies) &&
1693 entries <= rt_max_size)
1694 goto out;
1696 net->ipv6.ip6_rt_gc_expire++;
1697 fib6_run_gc(net->ipv6.ip6_rt_gc_expire, net, true);
1698 entries = dst_entries_get_slow(ops);
1699 if (entries < ops->gc_thresh)
1700 net->ipv6.ip6_rt_gc_expire = rt_gc_timeout>>1;
1701 out:
1702 net->ipv6.ip6_rt_gc_expire -= net->ipv6.ip6_rt_gc_expire>>rt_elasticity;
1703 return entries > rt_max_size;
1706 static int ip6_convert_metrics(struct mx6_config *mxc,
1707 const struct fib6_config *cfg)
1709 bool ecn_ca = false;
1710 struct nlattr *nla;
1711 int remaining;
1712 u32 *mp;
1714 if (!cfg->fc_mx)
1715 return 0;
1717 mp = kzalloc(sizeof(u32) * RTAX_MAX, GFP_KERNEL);
1718 if (unlikely(!mp))
1719 return -ENOMEM;
1721 nla_for_each_attr(nla, cfg->fc_mx, cfg->fc_mx_len, remaining) {
1722 int type = nla_type(nla);
1723 u32 val;
1725 if (!type)
1726 continue;
1727 if (unlikely(type > RTAX_MAX))
1728 goto err;
1730 if (type == RTAX_CC_ALGO) {
1731 char tmp[TCP_CA_NAME_MAX];
1733 nla_strlcpy(tmp, nla, sizeof(tmp));
1734 val = tcp_ca_get_key_by_name(tmp, &ecn_ca);
1735 if (val == TCP_CA_UNSPEC)
1736 goto err;
1737 } else {
1738 val = nla_get_u32(nla);
1740 if (type == RTAX_FEATURES && (val & ~RTAX_FEATURE_MASK))
1741 goto err;
1743 mp[type - 1] = val;
1744 __set_bit(type - 1, mxc->mx_valid);
1747 if (ecn_ca) {
1748 __set_bit(RTAX_FEATURES - 1, mxc->mx_valid);
1749 mp[RTAX_FEATURES - 1] |= DST_FEATURE_ECN_CA;
1752 mxc->mx = mp;
1753 return 0;
1754 err:
1755 kfree(mp);
1756 return -EINVAL;
1759 static struct rt6_info *ip6_route_info_create(struct fib6_config *cfg)
1761 struct net *net = cfg->fc_nlinfo.nl_net;
1762 struct rt6_info *rt = NULL;
1763 struct net_device *dev = NULL;
1764 struct inet6_dev *idev = NULL;
1765 struct fib6_table *table;
1766 int addr_type;
1767 int err = -EINVAL;
1769 if (cfg->fc_dst_len > 128 || cfg->fc_src_len > 128)
1770 goto out;
1771 #ifndef CONFIG_IPV6_SUBTREES
1772 if (cfg->fc_src_len)
1773 goto out;
1774 #endif
1775 if (cfg->fc_ifindex) {
1776 err = -ENODEV;
1777 dev = dev_get_by_index(net, cfg->fc_ifindex);
1778 if (!dev)
1779 goto out;
1780 idev = in6_dev_get(dev);
1781 if (!idev)
1782 goto out;
1785 if (cfg->fc_metric == 0)
1786 cfg->fc_metric = IP6_RT_PRIO_USER;
1788 err = -ENOBUFS;
1789 if (cfg->fc_nlinfo.nlh &&
1790 !(cfg->fc_nlinfo.nlh->nlmsg_flags & NLM_F_CREATE)) {
1791 table = fib6_get_table(net, cfg->fc_table);
1792 if (!table) {
1793 pr_warn("NLM_F_CREATE should be specified when creating new route\n");
1794 table = fib6_new_table(net, cfg->fc_table);
1796 } else {
1797 table = fib6_new_table(net, cfg->fc_table);
1800 if (!table)
1801 goto out;
1803 rt = ip6_dst_alloc(net, NULL,
1804 (cfg->fc_flags & RTF_ADDRCONF) ? 0 : DST_NOCOUNT);
1806 if (!rt) {
1807 err = -ENOMEM;
1808 goto out;
1811 if (cfg->fc_flags & RTF_EXPIRES)
1812 rt6_set_expires(rt, jiffies +
1813 clock_t_to_jiffies(cfg->fc_expires));
1814 else
1815 rt6_clean_expires(rt);
1817 if (cfg->fc_protocol == RTPROT_UNSPEC)
1818 cfg->fc_protocol = RTPROT_BOOT;
1819 rt->rt6i_protocol = cfg->fc_protocol;
1821 addr_type = ipv6_addr_type(&cfg->fc_dst);
1823 if (addr_type & IPV6_ADDR_MULTICAST)
1824 rt->dst.input = ip6_mc_input;
1825 else if (cfg->fc_flags & RTF_LOCAL)
1826 rt->dst.input = ip6_input;
1827 else
1828 rt->dst.input = ip6_forward;
1830 rt->dst.output = ip6_output;
1832 if (cfg->fc_encap) {
1833 struct lwtunnel_state *lwtstate;
1835 err = lwtunnel_build_state(dev, cfg->fc_encap_type,
1836 cfg->fc_encap, AF_INET6, cfg,
1837 &lwtstate);
1838 if (err)
1839 goto out;
1840 rt->dst.lwtstate = lwtstate_get(lwtstate);
1841 if (lwtunnel_output_redirect(rt->dst.lwtstate)) {
1842 rt->dst.lwtstate->orig_output = rt->dst.output;
1843 rt->dst.output = lwtunnel_output;
1845 if (lwtunnel_input_redirect(rt->dst.lwtstate)) {
1846 rt->dst.lwtstate->orig_input = rt->dst.input;
1847 rt->dst.input = lwtunnel_input;
1851 ipv6_addr_prefix(&rt->rt6i_dst.addr, &cfg->fc_dst, cfg->fc_dst_len);
1852 rt->rt6i_dst.plen = cfg->fc_dst_len;
1853 if (rt->rt6i_dst.plen == 128)
1854 rt->dst.flags |= DST_HOST;
1856 #ifdef CONFIG_IPV6_SUBTREES
1857 ipv6_addr_prefix(&rt->rt6i_src.addr, &cfg->fc_src, cfg->fc_src_len);
1858 rt->rt6i_src.plen = cfg->fc_src_len;
1859 #endif
1861 rt->rt6i_metric = cfg->fc_metric;
1863 /* We cannot add true routes via loopback here,
1864 they would result in kernel looping; promote them to reject routes
1866 if ((cfg->fc_flags & RTF_REJECT) ||
1867 (dev && (dev->flags & IFF_LOOPBACK) &&
1868 !(addr_type & IPV6_ADDR_LOOPBACK) &&
1869 !(cfg->fc_flags & RTF_LOCAL))) {
1870 /* hold loopback dev/idev if we haven't done so. */
1871 if (dev != net->loopback_dev) {
1872 if (dev) {
1873 dev_put(dev);
1874 in6_dev_put(idev);
1876 dev = net->loopback_dev;
1877 dev_hold(dev);
1878 idev = in6_dev_get(dev);
1879 if (!idev) {
1880 err = -ENODEV;
1881 goto out;
1884 rt->rt6i_flags = RTF_REJECT|RTF_NONEXTHOP;
1885 switch (cfg->fc_type) {
1886 case RTN_BLACKHOLE:
1887 rt->dst.error = -EINVAL;
1888 rt->dst.output = dst_discard_out;
1889 rt->dst.input = dst_discard;
1890 break;
1891 case RTN_PROHIBIT:
1892 rt->dst.error = -EACCES;
1893 rt->dst.output = ip6_pkt_prohibit_out;
1894 rt->dst.input = ip6_pkt_prohibit;
1895 break;
1896 case RTN_THROW:
1897 case RTN_UNREACHABLE:
1898 default:
1899 rt->dst.error = (cfg->fc_type == RTN_THROW) ? -EAGAIN
1900 : (cfg->fc_type == RTN_UNREACHABLE)
1901 ? -EHOSTUNREACH : -ENETUNREACH;
1902 rt->dst.output = ip6_pkt_discard_out;
1903 rt->dst.input = ip6_pkt_discard;
1904 break;
1906 goto install_route;
1909 if (cfg->fc_flags & RTF_GATEWAY) {
1910 const struct in6_addr *gw_addr;
1911 int gwa_type;
1913 gw_addr = &cfg->fc_gateway;
1914 gwa_type = ipv6_addr_type(gw_addr);
1916 /* if gw_addr is local we will fail to detect this in case
1917 * address is still TENTATIVE (DAD in progress). rt6_lookup()
1918 * will return already-added prefix route via interface that
1919 * prefix route was assigned to, which might be non-loopback.
1921 err = -EINVAL;
1922 if (ipv6_chk_addr_and_flags(net, gw_addr,
1923 gwa_type & IPV6_ADDR_LINKLOCAL ?
1924 dev : NULL, 0, 0))
1925 goto out;
1927 rt->rt6i_gateway = *gw_addr;
1929 if (gwa_type != (IPV6_ADDR_LINKLOCAL|IPV6_ADDR_UNICAST)) {
1930 struct rt6_info *grt;
1932 /* IPv6 strictly inhibits using not link-local
1933 addresses as nexthop address.
1934 Otherwise, router will not able to send redirects.
1935 It is very good, but in some (rare!) circumstances
1936 (SIT, PtP, NBMA NOARP links) it is handy to allow
1937 some exceptions. --ANK
1939 if (!(gwa_type & IPV6_ADDR_UNICAST))
1940 goto out;
1942 grt = rt6_lookup(net, gw_addr, NULL, cfg->fc_ifindex, 1);
1944 err = -EHOSTUNREACH;
1945 if (!grt)
1946 goto out;
1947 if (dev) {
1948 if (dev != grt->dst.dev) {
1949 ip6_rt_put(grt);
1950 goto out;
1952 } else {
1953 dev = grt->dst.dev;
1954 idev = grt->rt6i_idev;
1955 dev_hold(dev);
1956 in6_dev_hold(grt->rt6i_idev);
1958 if (!(grt->rt6i_flags & RTF_GATEWAY))
1959 err = 0;
1960 ip6_rt_put(grt);
1962 if (err)
1963 goto out;
1965 err = -EINVAL;
1966 if (!dev || (dev->flags & IFF_LOOPBACK))
1967 goto out;
1970 err = -ENODEV;
1971 if (!dev)
1972 goto out;
1974 if (!ipv6_addr_any(&cfg->fc_prefsrc)) {
1975 if (!ipv6_chk_addr(net, &cfg->fc_prefsrc, dev, 0)) {
1976 err = -EINVAL;
1977 goto out;
1979 rt->rt6i_prefsrc.addr = cfg->fc_prefsrc;
1980 rt->rt6i_prefsrc.plen = 128;
1981 } else
1982 rt->rt6i_prefsrc.plen = 0;
1984 rt->rt6i_flags = cfg->fc_flags;
1986 install_route:
1987 rt->dst.dev = dev;
1988 rt->rt6i_idev = idev;
1989 rt->rt6i_table = table;
1991 cfg->fc_nlinfo.nl_net = dev_net(dev);
1993 return rt;
1994 out:
1995 if (dev)
1996 dev_put(dev);
1997 if (idev)
1998 in6_dev_put(idev);
1999 if (rt)
2000 dst_free(&rt->dst);
2002 return ERR_PTR(err);
2005 int ip6_route_add(struct fib6_config *cfg)
2007 struct mx6_config mxc = { .mx = NULL, };
2008 struct rt6_info *rt;
2009 int err;
2011 rt = ip6_route_info_create(cfg);
2012 if (IS_ERR(rt)) {
2013 err = PTR_ERR(rt);
2014 rt = NULL;
2015 goto out;
2018 err = ip6_convert_metrics(&mxc, cfg);
2019 if (err)
2020 goto out;
2022 err = __ip6_ins_rt(rt, &cfg->fc_nlinfo, &mxc);
2024 kfree(mxc.mx);
2026 return err;
2027 out:
2028 if (rt)
2029 dst_free(&rt->dst);
2031 return err;
2034 static int __ip6_del_rt(struct rt6_info *rt, struct nl_info *info)
2036 int err;
2037 struct fib6_table *table;
2038 struct net *net = dev_net(rt->dst.dev);
2040 if (rt == net->ipv6.ip6_null_entry ||
2041 rt->dst.flags & DST_NOCACHE) {
2042 err = -ENOENT;
2043 goto out;
2046 table = rt->rt6i_table;
2047 write_lock_bh(&table->tb6_lock);
2048 err = fib6_del(rt, info);
2049 write_unlock_bh(&table->tb6_lock);
2051 out:
2052 ip6_rt_put(rt);
2053 return err;
2056 int ip6_del_rt(struct rt6_info *rt)
2058 struct nl_info info = {
2059 .nl_net = dev_net(rt->dst.dev),
2061 return __ip6_del_rt(rt, &info);
2064 static int ip6_route_del(struct fib6_config *cfg)
2066 struct fib6_table *table;
2067 struct fib6_node *fn;
2068 struct rt6_info *rt;
2069 int err = -ESRCH;
2071 table = fib6_get_table(cfg->fc_nlinfo.nl_net, cfg->fc_table);
2072 if (!table)
2073 return err;
2075 read_lock_bh(&table->tb6_lock);
2077 fn = fib6_locate(&table->tb6_root,
2078 &cfg->fc_dst, cfg->fc_dst_len,
2079 &cfg->fc_src, cfg->fc_src_len);
2081 if (fn) {
2082 for (rt = fn->leaf; rt; rt = rt->dst.rt6_next) {
2083 if ((rt->rt6i_flags & RTF_CACHE) &&
2084 !(cfg->fc_flags & RTF_CACHE))
2085 continue;
2086 if (cfg->fc_ifindex &&
2087 (!rt->dst.dev ||
2088 rt->dst.dev->ifindex != cfg->fc_ifindex))
2089 continue;
2090 if (cfg->fc_flags & RTF_GATEWAY &&
2091 !ipv6_addr_equal(&cfg->fc_gateway, &rt->rt6i_gateway))
2092 continue;
2093 if (cfg->fc_metric && cfg->fc_metric != rt->rt6i_metric)
2094 continue;
2095 dst_hold(&rt->dst);
2096 read_unlock_bh(&table->tb6_lock);
2098 return __ip6_del_rt(rt, &cfg->fc_nlinfo);
2101 read_unlock_bh(&table->tb6_lock);
2103 return err;
2106 static void rt6_do_redirect(struct dst_entry *dst, struct sock *sk, struct sk_buff *skb)
2108 struct netevent_redirect netevent;
2109 struct rt6_info *rt, *nrt = NULL;
2110 struct ndisc_options ndopts;
2111 struct inet6_dev *in6_dev;
2112 struct neighbour *neigh;
2113 struct rd_msg *msg;
2114 int optlen, on_link;
2115 u8 *lladdr;
2117 optlen = skb_tail_pointer(skb) - skb_transport_header(skb);
2118 optlen -= sizeof(*msg);
2120 if (optlen < 0) {
2121 net_dbg_ratelimited("rt6_do_redirect: packet too short\n");
2122 return;
2125 msg = (struct rd_msg *)icmp6_hdr(skb);
2127 if (ipv6_addr_is_multicast(&msg->dest)) {
2128 net_dbg_ratelimited("rt6_do_redirect: destination address is multicast\n");
2129 return;
2132 on_link = 0;
2133 if (ipv6_addr_equal(&msg->dest, &msg->target)) {
2134 on_link = 1;
2135 } else if (ipv6_addr_type(&msg->target) !=
2136 (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
2137 net_dbg_ratelimited("rt6_do_redirect: target address is not link-local unicast\n");
2138 return;
2141 in6_dev = __in6_dev_get(skb->dev);
2142 if (!in6_dev)
2143 return;
2144 if (in6_dev->cnf.forwarding || !in6_dev->cnf.accept_redirects)
2145 return;
2147 /* RFC2461 8.1:
2148 * The IP source address of the Redirect MUST be the same as the current
2149 * first-hop router for the specified ICMP Destination Address.
2152 if (!ndisc_parse_options(msg->opt, optlen, &ndopts)) {
2153 net_dbg_ratelimited("rt6_redirect: invalid ND options\n");
2154 return;
2157 lladdr = NULL;
2158 if (ndopts.nd_opts_tgt_lladdr) {
2159 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr,
2160 skb->dev);
2161 if (!lladdr) {
2162 net_dbg_ratelimited("rt6_redirect: invalid link-layer address length\n");
2163 return;
2167 rt = (struct rt6_info *) dst;
2168 if (rt->rt6i_flags & RTF_REJECT) {
2169 net_dbg_ratelimited("rt6_redirect: source isn't a valid nexthop for redirect target\n");
2170 return;
2173 /* Redirect received -> path was valid.
2174 * Look, redirects are sent only in response to data packets,
2175 * so that this nexthop apparently is reachable. --ANK
2177 dst_confirm(&rt->dst);
2179 neigh = __neigh_lookup(&nd_tbl, &msg->target, skb->dev, 1);
2180 if (!neigh)
2181 return;
2184 * We have finally decided to accept it.
2187 neigh_update(neigh, lladdr, NUD_STALE,
2188 NEIGH_UPDATE_F_WEAK_OVERRIDE|
2189 NEIGH_UPDATE_F_OVERRIDE|
2190 (on_link ? 0 : (NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
2191 NEIGH_UPDATE_F_ISROUTER))
2194 nrt = ip6_rt_cache_alloc(rt, &msg->dest, NULL);
2195 if (!nrt)
2196 goto out;
2198 nrt->rt6i_flags = RTF_GATEWAY|RTF_UP|RTF_DYNAMIC|RTF_CACHE;
2199 if (on_link)
2200 nrt->rt6i_flags &= ~RTF_GATEWAY;
2202 nrt->rt6i_gateway = *(struct in6_addr *)neigh->primary_key;
2204 if (ip6_ins_rt(nrt))
2205 goto out;
2207 netevent.old = &rt->dst;
2208 netevent.new = &nrt->dst;
2209 netevent.daddr = &msg->dest;
2210 netevent.neigh = neigh;
2211 call_netevent_notifiers(NETEVENT_REDIRECT, &netevent);
2213 if (rt->rt6i_flags & RTF_CACHE) {
2214 rt = (struct rt6_info *) dst_clone(&rt->dst);
2215 ip6_del_rt(rt);
2218 out:
2219 neigh_release(neigh);
2223 * Misc support functions
2226 static void rt6_set_from(struct rt6_info *rt, struct rt6_info *from)
2228 BUG_ON(from->dst.from);
2230 rt->rt6i_flags &= ~RTF_EXPIRES;
2231 dst_hold(&from->dst);
2232 rt->dst.from = &from->dst;
2233 dst_init_metrics(&rt->dst, dst_metrics_ptr(&from->dst), true);
2236 static void ip6_rt_copy_init(struct rt6_info *rt, struct rt6_info *ort)
2238 rt->dst.input = ort->dst.input;
2239 rt->dst.output = ort->dst.output;
2240 rt->rt6i_dst = ort->rt6i_dst;
2241 rt->dst.error = ort->dst.error;
2242 rt->rt6i_idev = ort->rt6i_idev;
2243 if (rt->rt6i_idev)
2244 in6_dev_hold(rt->rt6i_idev);
2245 rt->dst.lastuse = jiffies;
2246 rt->rt6i_gateway = ort->rt6i_gateway;
2247 rt->rt6i_flags = ort->rt6i_flags;
2248 rt6_set_from(rt, ort);
2249 rt->rt6i_metric = ort->rt6i_metric;
2250 #ifdef CONFIG_IPV6_SUBTREES
2251 rt->rt6i_src = ort->rt6i_src;
2252 #endif
2253 rt->rt6i_prefsrc = ort->rt6i_prefsrc;
2254 rt->rt6i_table = ort->rt6i_table;
2255 rt->dst.lwtstate = lwtstate_get(ort->dst.lwtstate);
2258 #ifdef CONFIG_IPV6_ROUTE_INFO
2259 static struct rt6_info *rt6_get_route_info(struct net *net,
2260 const struct in6_addr *prefix, int prefixlen,
2261 const struct in6_addr *gwaddr, int ifindex)
2263 struct fib6_node *fn;
2264 struct rt6_info *rt = NULL;
2265 struct fib6_table *table;
2267 table = fib6_get_table(net, RT6_TABLE_INFO);
2268 if (!table)
2269 return NULL;
2271 read_lock_bh(&table->tb6_lock);
2272 fn = fib6_locate(&table->tb6_root, prefix, prefixlen, NULL, 0);
2273 if (!fn)
2274 goto out;
2276 for (rt = fn->leaf; rt; rt = rt->dst.rt6_next) {
2277 if (rt->dst.dev->ifindex != ifindex)
2278 continue;
2279 if ((rt->rt6i_flags & (RTF_ROUTEINFO|RTF_GATEWAY)) != (RTF_ROUTEINFO|RTF_GATEWAY))
2280 continue;
2281 if (!ipv6_addr_equal(&rt->rt6i_gateway, gwaddr))
2282 continue;
2283 dst_hold(&rt->dst);
2284 break;
2286 out:
2287 read_unlock_bh(&table->tb6_lock);
2288 return rt;
2291 static struct rt6_info *rt6_add_route_info(struct net *net,
2292 const struct in6_addr *prefix, int prefixlen,
2293 const struct in6_addr *gwaddr, int ifindex,
2294 unsigned int pref)
2296 struct fib6_config cfg = {
2297 .fc_metric = IP6_RT_PRIO_USER,
2298 .fc_ifindex = ifindex,
2299 .fc_dst_len = prefixlen,
2300 .fc_flags = RTF_GATEWAY | RTF_ADDRCONF | RTF_ROUTEINFO |
2301 RTF_UP | RTF_PREF(pref),
2302 .fc_nlinfo.portid = 0,
2303 .fc_nlinfo.nlh = NULL,
2304 .fc_nlinfo.nl_net = net,
2307 cfg.fc_table = l3mdev_fib_table_by_index(net, ifindex) ? : RT6_TABLE_INFO;
2308 cfg.fc_dst = *prefix;
2309 cfg.fc_gateway = *gwaddr;
2311 /* We should treat it as a default route if prefix length is 0. */
2312 if (!prefixlen)
2313 cfg.fc_flags |= RTF_DEFAULT;
2315 ip6_route_add(&cfg);
2317 return rt6_get_route_info(net, prefix, prefixlen, gwaddr, ifindex);
2319 #endif
2321 struct rt6_info *rt6_get_dflt_router(const struct in6_addr *addr, struct net_device *dev)
2323 struct rt6_info *rt;
2324 struct fib6_table *table;
2326 table = fib6_get_table(dev_net(dev), RT6_TABLE_DFLT);
2327 if (!table)
2328 return NULL;
2330 read_lock_bh(&table->tb6_lock);
2331 for (rt = table->tb6_root.leaf; rt; rt = rt->dst.rt6_next) {
2332 if (dev == rt->dst.dev &&
2333 ((rt->rt6i_flags & (RTF_ADDRCONF | RTF_DEFAULT)) == (RTF_ADDRCONF | RTF_DEFAULT)) &&
2334 ipv6_addr_equal(&rt->rt6i_gateway, addr))
2335 break;
2337 if (rt)
2338 dst_hold(&rt->dst);
2339 read_unlock_bh(&table->tb6_lock);
2340 return rt;
2343 struct rt6_info *rt6_add_dflt_router(const struct in6_addr *gwaddr,
2344 struct net_device *dev,
2345 unsigned int pref)
2347 struct fib6_config cfg = {
2348 .fc_table = l3mdev_fib_table(dev) ? : RT6_TABLE_DFLT,
2349 .fc_metric = IP6_RT_PRIO_USER,
2350 .fc_ifindex = dev->ifindex,
2351 .fc_flags = RTF_GATEWAY | RTF_ADDRCONF | RTF_DEFAULT |
2352 RTF_UP | RTF_EXPIRES | RTF_PREF(pref),
2353 .fc_nlinfo.portid = 0,
2354 .fc_nlinfo.nlh = NULL,
2355 .fc_nlinfo.nl_net = dev_net(dev),
2358 cfg.fc_gateway = *gwaddr;
2360 ip6_route_add(&cfg);
2362 return rt6_get_dflt_router(gwaddr, dev);
2365 void rt6_purge_dflt_routers(struct net *net)
2367 struct rt6_info *rt;
2368 struct fib6_table *table;
2370 /* NOTE: Keep consistent with rt6_get_dflt_router */
2371 table = fib6_get_table(net, RT6_TABLE_DFLT);
2372 if (!table)
2373 return;
2375 restart:
2376 read_lock_bh(&table->tb6_lock);
2377 for (rt = table->tb6_root.leaf; rt; rt = rt->dst.rt6_next) {
2378 if (rt->rt6i_flags & (RTF_DEFAULT | RTF_ADDRCONF) &&
2379 (!rt->rt6i_idev || rt->rt6i_idev->cnf.accept_ra != 2)) {
2380 dst_hold(&rt->dst);
2381 read_unlock_bh(&table->tb6_lock);
2382 ip6_del_rt(rt);
2383 goto restart;
2386 read_unlock_bh(&table->tb6_lock);
2389 static void rtmsg_to_fib6_config(struct net *net,
2390 struct in6_rtmsg *rtmsg,
2391 struct fib6_config *cfg)
2393 memset(cfg, 0, sizeof(*cfg));
2395 cfg->fc_table = l3mdev_fib_table_by_index(net, rtmsg->rtmsg_ifindex) ?
2396 : RT6_TABLE_MAIN;
2397 cfg->fc_ifindex = rtmsg->rtmsg_ifindex;
2398 cfg->fc_metric = rtmsg->rtmsg_metric;
2399 cfg->fc_expires = rtmsg->rtmsg_info;
2400 cfg->fc_dst_len = rtmsg->rtmsg_dst_len;
2401 cfg->fc_src_len = rtmsg->rtmsg_src_len;
2402 cfg->fc_flags = rtmsg->rtmsg_flags;
2404 cfg->fc_nlinfo.nl_net = net;
2406 cfg->fc_dst = rtmsg->rtmsg_dst;
2407 cfg->fc_src = rtmsg->rtmsg_src;
2408 cfg->fc_gateway = rtmsg->rtmsg_gateway;
2411 int ipv6_route_ioctl(struct net *net, unsigned int cmd, void __user *arg)
2413 struct fib6_config cfg;
2414 struct in6_rtmsg rtmsg;
2415 int err;
2417 switch (cmd) {
2418 case SIOCADDRT: /* Add a route */
2419 case SIOCDELRT: /* Delete a route */
2420 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
2421 return -EPERM;
2422 err = copy_from_user(&rtmsg, arg,
2423 sizeof(struct in6_rtmsg));
2424 if (err)
2425 return -EFAULT;
2427 rtmsg_to_fib6_config(net, &rtmsg, &cfg);
2429 rtnl_lock();
2430 switch (cmd) {
2431 case SIOCADDRT:
2432 err = ip6_route_add(&cfg);
2433 break;
2434 case SIOCDELRT:
2435 err = ip6_route_del(&cfg);
2436 break;
2437 default:
2438 err = -EINVAL;
2440 rtnl_unlock();
2442 return err;
2445 return -EINVAL;
2449 * Drop the packet on the floor
2452 static int ip6_pkt_drop(struct sk_buff *skb, u8 code, int ipstats_mib_noroutes)
2454 int type;
2455 struct dst_entry *dst = skb_dst(skb);
2456 switch (ipstats_mib_noroutes) {
2457 case IPSTATS_MIB_INNOROUTES:
2458 type = ipv6_addr_type(&ipv6_hdr(skb)->daddr);
2459 if (type == IPV6_ADDR_ANY) {
2460 IP6_INC_STATS(dev_net(dst->dev), ip6_dst_idev(dst),
2461 IPSTATS_MIB_INADDRERRORS);
2462 break;
2464 /* FALLTHROUGH */
2465 case IPSTATS_MIB_OUTNOROUTES:
2466 IP6_INC_STATS(dev_net(dst->dev), ip6_dst_idev(dst),
2467 ipstats_mib_noroutes);
2468 break;
2470 icmpv6_send(skb, ICMPV6_DEST_UNREACH, code, 0);
2471 kfree_skb(skb);
2472 return 0;
2475 static int ip6_pkt_discard(struct sk_buff *skb)
2477 return ip6_pkt_drop(skb, ICMPV6_NOROUTE, IPSTATS_MIB_INNOROUTES);
2480 static int ip6_pkt_discard_out(struct net *net, struct sock *sk, struct sk_buff *skb)
2482 skb->dev = skb_dst(skb)->dev;
2483 return ip6_pkt_drop(skb, ICMPV6_NOROUTE, IPSTATS_MIB_OUTNOROUTES);
2486 static int ip6_pkt_prohibit(struct sk_buff *skb)
2488 return ip6_pkt_drop(skb, ICMPV6_ADM_PROHIBITED, IPSTATS_MIB_INNOROUTES);
2491 static int ip6_pkt_prohibit_out(struct net *net, struct sock *sk, struct sk_buff *skb)
2493 skb->dev = skb_dst(skb)->dev;
2494 return ip6_pkt_drop(skb, ICMPV6_ADM_PROHIBITED, IPSTATS_MIB_OUTNOROUTES);
2498 * Allocate a dst for local (unicast / anycast) address.
2501 struct rt6_info *addrconf_dst_alloc(struct inet6_dev *idev,
2502 const struct in6_addr *addr,
2503 bool anycast)
2505 u32 tb_id;
2506 struct net *net = dev_net(idev->dev);
2507 struct rt6_info *rt = ip6_dst_alloc(net, net->loopback_dev,
2508 DST_NOCOUNT);
2509 if (!rt)
2510 return ERR_PTR(-ENOMEM);
2512 in6_dev_hold(idev);
2514 rt->dst.flags |= DST_HOST;
2515 rt->dst.input = ip6_input;
2516 rt->dst.output = ip6_output;
2517 rt->rt6i_idev = idev;
2519 rt->rt6i_flags = RTF_UP | RTF_NONEXTHOP;
2520 if (anycast)
2521 rt->rt6i_flags |= RTF_ANYCAST;
2522 else
2523 rt->rt6i_flags |= RTF_LOCAL;
2525 rt->rt6i_gateway = *addr;
2526 rt->rt6i_dst.addr = *addr;
2527 rt->rt6i_dst.plen = 128;
2528 tb_id = l3mdev_fib_table(idev->dev) ? : RT6_TABLE_LOCAL;
2529 rt->rt6i_table = fib6_get_table(net, tb_id);
2530 rt->dst.flags |= DST_NOCACHE;
2532 atomic_set(&rt->dst.__refcnt, 1);
2534 return rt;
2537 int ip6_route_get_saddr(struct net *net,
2538 struct rt6_info *rt,
2539 const struct in6_addr *daddr,
2540 unsigned int prefs,
2541 struct in6_addr *saddr)
2543 struct inet6_dev *idev =
2544 rt ? ip6_dst_idev((struct dst_entry *)rt) : NULL;
2545 int err = 0;
2546 if (rt && rt->rt6i_prefsrc.plen)
2547 *saddr = rt->rt6i_prefsrc.addr;
2548 else
2549 err = ipv6_dev_get_saddr(net, idev ? idev->dev : NULL,
2550 daddr, prefs, saddr);
2551 return err;
2554 /* remove deleted ip from prefsrc entries */
2555 struct arg_dev_net_ip {
2556 struct net_device *dev;
2557 struct net *net;
2558 struct in6_addr *addr;
2561 static int fib6_remove_prefsrc(struct rt6_info *rt, void *arg)
2563 struct net_device *dev = ((struct arg_dev_net_ip *)arg)->dev;
2564 struct net *net = ((struct arg_dev_net_ip *)arg)->net;
2565 struct in6_addr *addr = ((struct arg_dev_net_ip *)arg)->addr;
2567 if (((void *)rt->dst.dev == dev || !dev) &&
2568 rt != net->ipv6.ip6_null_entry &&
2569 ipv6_addr_equal(addr, &rt->rt6i_prefsrc.addr)) {
2570 /* remove prefsrc entry */
2571 rt->rt6i_prefsrc.plen = 0;
2573 return 0;
2576 void rt6_remove_prefsrc(struct inet6_ifaddr *ifp)
2578 struct net *net = dev_net(ifp->idev->dev);
2579 struct arg_dev_net_ip adni = {
2580 .dev = ifp->idev->dev,
2581 .net = net,
2582 .addr = &ifp->addr,
2584 fib6_clean_all(net, fib6_remove_prefsrc, &adni);
2587 #define RTF_RA_ROUTER (RTF_ADDRCONF | RTF_DEFAULT | RTF_GATEWAY)
2588 #define RTF_CACHE_GATEWAY (RTF_GATEWAY | RTF_CACHE)
2590 /* Remove routers and update dst entries when gateway turn into host. */
2591 static int fib6_clean_tohost(struct rt6_info *rt, void *arg)
2593 struct in6_addr *gateway = (struct in6_addr *)arg;
2595 if ((((rt->rt6i_flags & RTF_RA_ROUTER) == RTF_RA_ROUTER) ||
2596 ((rt->rt6i_flags & RTF_CACHE_GATEWAY) == RTF_CACHE_GATEWAY)) &&
2597 ipv6_addr_equal(gateway, &rt->rt6i_gateway)) {
2598 return -1;
2600 return 0;
2603 void rt6_clean_tohost(struct net *net, struct in6_addr *gateway)
2605 fib6_clean_all(net, fib6_clean_tohost, gateway);
2608 struct arg_dev_net {
2609 struct net_device *dev;
2610 struct net *net;
2613 static int fib6_ifdown(struct rt6_info *rt, void *arg)
2615 const struct arg_dev_net *adn = arg;
2616 const struct net_device *dev = adn->dev;
2618 if ((rt->dst.dev == dev || !dev) &&
2619 rt != adn->net->ipv6.ip6_null_entry)
2620 return -1;
2622 return 0;
2625 void rt6_ifdown(struct net *net, struct net_device *dev)
2627 struct arg_dev_net adn = {
2628 .dev = dev,
2629 .net = net,
2632 fib6_clean_all(net, fib6_ifdown, &adn);
2633 icmp6_clean_all(fib6_ifdown, &adn);
2634 if (dev)
2635 rt6_uncached_list_flush_dev(net, dev);
2638 struct rt6_mtu_change_arg {
2639 struct net_device *dev;
2640 unsigned int mtu;
2643 static int rt6_mtu_change_route(struct rt6_info *rt, void *p_arg)
2645 struct rt6_mtu_change_arg *arg = (struct rt6_mtu_change_arg *) p_arg;
2646 struct inet6_dev *idev;
2648 /* In IPv6 pmtu discovery is not optional,
2649 so that RTAX_MTU lock cannot disable it.
2650 We still use this lock to block changes
2651 caused by addrconf/ndisc.
2654 idev = __in6_dev_get(arg->dev);
2655 if (!idev)
2656 return 0;
2658 /* For administrative MTU increase, there is no way to discover
2659 IPv6 PMTU increase, so PMTU increase should be updated here.
2660 Since RFC 1981 doesn't include administrative MTU increase
2661 update PMTU increase is a MUST. (i.e. jumbo frame)
2664 If new MTU is less than route PMTU, this new MTU will be the
2665 lowest MTU in the path, update the route PMTU to reflect PMTU
2666 decreases; if new MTU is greater than route PMTU, and the
2667 old MTU is the lowest MTU in the path, update the route PMTU
2668 to reflect the increase. In this case if the other nodes' MTU
2669 also have the lowest MTU, TOO BIG MESSAGE will be lead to
2670 PMTU discouvery.
2672 if (rt->dst.dev == arg->dev &&
2673 !dst_metric_locked(&rt->dst, RTAX_MTU)) {
2674 if (rt->rt6i_flags & RTF_CACHE) {
2675 /* For RTF_CACHE with rt6i_pmtu == 0
2676 * (i.e. a redirected route),
2677 * the metrics of its rt->dst.from has already
2678 * been updated.
2680 if (rt->rt6i_pmtu && rt->rt6i_pmtu > arg->mtu)
2681 rt->rt6i_pmtu = arg->mtu;
2682 } else if (dst_mtu(&rt->dst) >= arg->mtu ||
2683 (dst_mtu(&rt->dst) < arg->mtu &&
2684 dst_mtu(&rt->dst) == idev->cnf.mtu6)) {
2685 dst_metric_set(&rt->dst, RTAX_MTU, arg->mtu);
2688 return 0;
2691 void rt6_mtu_change(struct net_device *dev, unsigned int mtu)
2693 struct rt6_mtu_change_arg arg = {
2694 .dev = dev,
2695 .mtu = mtu,
2698 fib6_clean_all(dev_net(dev), rt6_mtu_change_route, &arg);
2701 static const struct nla_policy rtm_ipv6_policy[RTA_MAX+1] = {
2702 [RTA_GATEWAY] = { .len = sizeof(struct in6_addr) },
2703 [RTA_OIF] = { .type = NLA_U32 },
2704 [RTA_IIF] = { .type = NLA_U32 },
2705 [RTA_PRIORITY] = { .type = NLA_U32 },
2706 [RTA_METRICS] = { .type = NLA_NESTED },
2707 [RTA_MULTIPATH] = { .len = sizeof(struct rtnexthop) },
2708 [RTA_PREF] = { .type = NLA_U8 },
2709 [RTA_ENCAP_TYPE] = { .type = NLA_U16 },
2710 [RTA_ENCAP] = { .type = NLA_NESTED },
2711 [RTA_EXPIRES] = { .type = NLA_U32 },
2714 static int rtm_to_fib6_config(struct sk_buff *skb, struct nlmsghdr *nlh,
2715 struct fib6_config *cfg)
2717 struct rtmsg *rtm;
2718 struct nlattr *tb[RTA_MAX+1];
2719 unsigned int pref;
2720 int err;
2722 err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_ipv6_policy);
2723 if (err < 0)
2724 goto errout;
2726 err = -EINVAL;
2727 rtm = nlmsg_data(nlh);
2728 memset(cfg, 0, sizeof(*cfg));
2730 cfg->fc_table = rtm->rtm_table;
2731 cfg->fc_dst_len = rtm->rtm_dst_len;
2732 cfg->fc_src_len = rtm->rtm_src_len;
2733 cfg->fc_flags = RTF_UP;
2734 cfg->fc_protocol = rtm->rtm_protocol;
2735 cfg->fc_type = rtm->rtm_type;
2737 if (rtm->rtm_type == RTN_UNREACHABLE ||
2738 rtm->rtm_type == RTN_BLACKHOLE ||
2739 rtm->rtm_type == RTN_PROHIBIT ||
2740 rtm->rtm_type == RTN_THROW)
2741 cfg->fc_flags |= RTF_REJECT;
2743 if (rtm->rtm_type == RTN_LOCAL)
2744 cfg->fc_flags |= RTF_LOCAL;
2746 if (rtm->rtm_flags & RTM_F_CLONED)
2747 cfg->fc_flags |= RTF_CACHE;
2749 cfg->fc_nlinfo.portid = NETLINK_CB(skb).portid;
2750 cfg->fc_nlinfo.nlh = nlh;
2751 cfg->fc_nlinfo.nl_net = sock_net(skb->sk);
2753 if (tb[RTA_GATEWAY]) {
2754 cfg->fc_gateway = nla_get_in6_addr(tb[RTA_GATEWAY]);
2755 cfg->fc_flags |= RTF_GATEWAY;
2758 if (tb[RTA_DST]) {
2759 int plen = (rtm->rtm_dst_len + 7) >> 3;
2761 if (nla_len(tb[RTA_DST]) < plen)
2762 goto errout;
2764 nla_memcpy(&cfg->fc_dst, tb[RTA_DST], plen);
2767 if (tb[RTA_SRC]) {
2768 int plen = (rtm->rtm_src_len + 7) >> 3;
2770 if (nla_len(tb[RTA_SRC]) < plen)
2771 goto errout;
2773 nla_memcpy(&cfg->fc_src, tb[RTA_SRC], plen);
2776 if (tb[RTA_PREFSRC])
2777 cfg->fc_prefsrc = nla_get_in6_addr(tb[RTA_PREFSRC]);
2779 if (tb[RTA_OIF])
2780 cfg->fc_ifindex = nla_get_u32(tb[RTA_OIF]);
2782 if (tb[RTA_PRIORITY])
2783 cfg->fc_metric = nla_get_u32(tb[RTA_PRIORITY]);
2785 if (tb[RTA_METRICS]) {
2786 cfg->fc_mx = nla_data(tb[RTA_METRICS]);
2787 cfg->fc_mx_len = nla_len(tb[RTA_METRICS]);
2790 if (tb[RTA_TABLE])
2791 cfg->fc_table = nla_get_u32(tb[RTA_TABLE]);
2793 if (tb[RTA_MULTIPATH]) {
2794 cfg->fc_mp = nla_data(tb[RTA_MULTIPATH]);
2795 cfg->fc_mp_len = nla_len(tb[RTA_MULTIPATH]);
2798 if (tb[RTA_PREF]) {
2799 pref = nla_get_u8(tb[RTA_PREF]);
2800 if (pref != ICMPV6_ROUTER_PREF_LOW &&
2801 pref != ICMPV6_ROUTER_PREF_HIGH)
2802 pref = ICMPV6_ROUTER_PREF_MEDIUM;
2803 cfg->fc_flags |= RTF_PREF(pref);
2806 if (tb[RTA_ENCAP])
2807 cfg->fc_encap = tb[RTA_ENCAP];
2809 if (tb[RTA_ENCAP_TYPE])
2810 cfg->fc_encap_type = nla_get_u16(tb[RTA_ENCAP_TYPE]);
2812 if (tb[RTA_EXPIRES]) {
2813 unsigned long timeout = addrconf_timeout_fixup(nla_get_u32(tb[RTA_EXPIRES]), HZ);
2815 if (addrconf_finite_timeout(timeout)) {
2816 cfg->fc_expires = jiffies_to_clock_t(timeout * HZ);
2817 cfg->fc_flags |= RTF_EXPIRES;
2821 err = 0;
2822 errout:
2823 return err;
2826 struct rt6_nh {
2827 struct rt6_info *rt6_info;
2828 struct fib6_config r_cfg;
2829 struct mx6_config mxc;
2830 struct list_head next;
2833 static void ip6_print_replace_route_err(struct list_head *rt6_nh_list)
2835 struct rt6_nh *nh;
2837 list_for_each_entry(nh, rt6_nh_list, next) {
2838 pr_warn("IPV6: multipath route replace failed (check consistency of installed routes): %pI6 nexthop %pI6 ifi %d\n",
2839 &nh->r_cfg.fc_dst, &nh->r_cfg.fc_gateway,
2840 nh->r_cfg.fc_ifindex);
2844 static int ip6_route_info_append(struct list_head *rt6_nh_list,
2845 struct rt6_info *rt, struct fib6_config *r_cfg)
2847 struct rt6_nh *nh;
2848 struct rt6_info *rtnh;
2849 int err = -EEXIST;
2851 list_for_each_entry(nh, rt6_nh_list, next) {
2852 /* check if rt6_info already exists */
2853 rtnh = nh->rt6_info;
2855 if (rtnh->dst.dev == rt->dst.dev &&
2856 rtnh->rt6i_idev == rt->rt6i_idev &&
2857 ipv6_addr_equal(&rtnh->rt6i_gateway,
2858 &rt->rt6i_gateway))
2859 return err;
2862 nh = kzalloc(sizeof(*nh), GFP_KERNEL);
2863 if (!nh)
2864 return -ENOMEM;
2865 nh->rt6_info = rt;
2866 err = ip6_convert_metrics(&nh->mxc, r_cfg);
2867 if (err) {
2868 kfree(nh);
2869 return err;
2871 memcpy(&nh->r_cfg, r_cfg, sizeof(*r_cfg));
2872 list_add_tail(&nh->next, rt6_nh_list);
2874 return 0;
2877 static int ip6_route_multipath_add(struct fib6_config *cfg)
2879 struct fib6_config r_cfg;
2880 struct rtnexthop *rtnh;
2881 struct rt6_info *rt;
2882 struct rt6_nh *err_nh;
2883 struct rt6_nh *nh, *nh_safe;
2884 int remaining;
2885 int attrlen;
2886 int err = 1;
2887 int nhn = 0;
2888 int replace = (cfg->fc_nlinfo.nlh &&
2889 (cfg->fc_nlinfo.nlh->nlmsg_flags & NLM_F_REPLACE));
2890 LIST_HEAD(rt6_nh_list);
2892 remaining = cfg->fc_mp_len;
2893 rtnh = (struct rtnexthop *)cfg->fc_mp;
2895 /* Parse a Multipath Entry and build a list (rt6_nh_list) of
2896 * rt6_info structs per nexthop
2898 while (rtnh_ok(rtnh, remaining)) {
2899 memcpy(&r_cfg, cfg, sizeof(*cfg));
2900 if (rtnh->rtnh_ifindex)
2901 r_cfg.fc_ifindex = rtnh->rtnh_ifindex;
2903 attrlen = rtnh_attrlen(rtnh);
2904 if (attrlen > 0) {
2905 struct nlattr *nla, *attrs = rtnh_attrs(rtnh);
2907 nla = nla_find(attrs, attrlen, RTA_GATEWAY);
2908 if (nla) {
2909 r_cfg.fc_gateway = nla_get_in6_addr(nla);
2910 r_cfg.fc_flags |= RTF_GATEWAY;
2912 r_cfg.fc_encap = nla_find(attrs, attrlen, RTA_ENCAP);
2913 nla = nla_find(attrs, attrlen, RTA_ENCAP_TYPE);
2914 if (nla)
2915 r_cfg.fc_encap_type = nla_get_u16(nla);
2918 rt = ip6_route_info_create(&r_cfg);
2919 if (IS_ERR(rt)) {
2920 err = PTR_ERR(rt);
2921 rt = NULL;
2922 goto cleanup;
2925 err = ip6_route_info_append(&rt6_nh_list, rt, &r_cfg);
2926 if (err) {
2927 dst_free(&rt->dst);
2928 goto cleanup;
2931 rtnh = rtnh_next(rtnh, &remaining);
2934 err_nh = NULL;
2935 list_for_each_entry(nh, &rt6_nh_list, next) {
2936 err = __ip6_ins_rt(nh->rt6_info, &cfg->fc_nlinfo, &nh->mxc);
2937 /* nh->rt6_info is used or freed at this point, reset to NULL*/
2938 nh->rt6_info = NULL;
2939 if (err) {
2940 if (replace && nhn)
2941 ip6_print_replace_route_err(&rt6_nh_list);
2942 err_nh = nh;
2943 goto add_errout;
2946 /* Because each route is added like a single route we remove
2947 * these flags after the first nexthop: if there is a collision,
2948 * we have already failed to add the first nexthop:
2949 * fib6_add_rt2node() has rejected it; when replacing, old
2950 * nexthops have been replaced by first new, the rest should
2951 * be added to it.
2953 cfg->fc_nlinfo.nlh->nlmsg_flags &= ~(NLM_F_EXCL |
2954 NLM_F_REPLACE);
2955 nhn++;
2958 goto cleanup;
2960 add_errout:
2961 /* Delete routes that were already added */
2962 list_for_each_entry(nh, &rt6_nh_list, next) {
2963 if (err_nh == nh)
2964 break;
2965 ip6_route_del(&nh->r_cfg);
2968 cleanup:
2969 list_for_each_entry_safe(nh, nh_safe, &rt6_nh_list, next) {
2970 if (nh->rt6_info)
2971 dst_free(&nh->rt6_info->dst);
2972 kfree(nh->mxc.mx);
2973 list_del(&nh->next);
2974 kfree(nh);
2977 return err;
2980 static int ip6_route_multipath_del(struct fib6_config *cfg)
2982 struct fib6_config r_cfg;
2983 struct rtnexthop *rtnh;
2984 int remaining;
2985 int attrlen;
2986 int err = 1, last_err = 0;
2988 remaining = cfg->fc_mp_len;
2989 rtnh = (struct rtnexthop *)cfg->fc_mp;
2991 /* Parse a Multipath Entry */
2992 while (rtnh_ok(rtnh, remaining)) {
2993 memcpy(&r_cfg, cfg, sizeof(*cfg));
2994 if (rtnh->rtnh_ifindex)
2995 r_cfg.fc_ifindex = rtnh->rtnh_ifindex;
2997 attrlen = rtnh_attrlen(rtnh);
2998 if (attrlen > 0) {
2999 struct nlattr *nla, *attrs = rtnh_attrs(rtnh);
3001 nla = nla_find(attrs, attrlen, RTA_GATEWAY);
3002 if (nla) {
3003 nla_memcpy(&r_cfg.fc_gateway, nla, 16);
3004 r_cfg.fc_flags |= RTF_GATEWAY;
3007 err = ip6_route_del(&r_cfg);
3008 if (err)
3009 last_err = err;
3011 rtnh = rtnh_next(rtnh, &remaining);
3014 return last_err;
3017 static int inet6_rtm_delroute(struct sk_buff *skb, struct nlmsghdr *nlh)
3019 struct fib6_config cfg;
3020 int err;
3022 err = rtm_to_fib6_config(skb, nlh, &cfg);
3023 if (err < 0)
3024 return err;
3026 if (cfg.fc_mp)
3027 return ip6_route_multipath_del(&cfg);
3028 else
3029 return ip6_route_del(&cfg);
3032 static int inet6_rtm_newroute(struct sk_buff *skb, struct nlmsghdr *nlh)
3034 struct fib6_config cfg;
3035 int err;
3037 err = rtm_to_fib6_config(skb, nlh, &cfg);
3038 if (err < 0)
3039 return err;
3041 if (cfg.fc_mp)
3042 return ip6_route_multipath_add(&cfg);
3043 else
3044 return ip6_route_add(&cfg);
3047 static inline size_t rt6_nlmsg_size(struct rt6_info *rt)
3049 return NLMSG_ALIGN(sizeof(struct rtmsg))
3050 + nla_total_size(16) /* RTA_SRC */
3051 + nla_total_size(16) /* RTA_DST */
3052 + nla_total_size(16) /* RTA_GATEWAY */
3053 + nla_total_size(16) /* RTA_PREFSRC */
3054 + nla_total_size(4) /* RTA_TABLE */
3055 + nla_total_size(4) /* RTA_IIF */
3056 + nla_total_size(4) /* RTA_OIF */
3057 + nla_total_size(4) /* RTA_PRIORITY */
3058 + RTAX_MAX * nla_total_size(4) /* RTA_METRICS */
3059 + nla_total_size(sizeof(struct rta_cacheinfo))
3060 + nla_total_size(TCP_CA_NAME_MAX) /* RTAX_CC_ALGO */
3061 + nla_total_size(1) /* RTA_PREF */
3062 + lwtunnel_get_encap_size(rt->dst.lwtstate);
3065 static int rt6_fill_node(struct net *net,
3066 struct sk_buff *skb, struct rt6_info *rt,
3067 struct in6_addr *dst, struct in6_addr *src,
3068 int iif, int type, u32 portid, u32 seq,
3069 int prefix, int nowait, unsigned int flags)
3071 u32 metrics[RTAX_MAX];
3072 struct rtmsg *rtm;
3073 struct nlmsghdr *nlh;
3074 long expires;
3075 u32 table;
3077 if (prefix) { /* user wants prefix routes only */
3078 if (!(rt->rt6i_flags & RTF_PREFIX_RT)) {
3079 /* success since this is not a prefix route */
3080 return 1;
3084 nlh = nlmsg_put(skb, portid, seq, type, sizeof(*rtm), flags);
3085 if (!nlh)
3086 return -EMSGSIZE;
3088 rtm = nlmsg_data(nlh);
3089 rtm->rtm_family = AF_INET6;
3090 rtm->rtm_dst_len = rt->rt6i_dst.plen;
3091 rtm->rtm_src_len = rt->rt6i_src.plen;
3092 rtm->rtm_tos = 0;
3093 if (rt->rt6i_table)
3094 table = rt->rt6i_table->tb6_id;
3095 else
3096 table = RT6_TABLE_UNSPEC;
3097 rtm->rtm_table = table;
3098 if (nla_put_u32(skb, RTA_TABLE, table))
3099 goto nla_put_failure;
3100 if (rt->rt6i_flags & RTF_REJECT) {
3101 switch (rt->dst.error) {
3102 case -EINVAL:
3103 rtm->rtm_type = RTN_BLACKHOLE;
3104 break;
3105 case -EACCES:
3106 rtm->rtm_type = RTN_PROHIBIT;
3107 break;
3108 case -EAGAIN:
3109 rtm->rtm_type = RTN_THROW;
3110 break;
3111 default:
3112 rtm->rtm_type = RTN_UNREACHABLE;
3113 break;
3116 else if (rt->rt6i_flags & RTF_LOCAL)
3117 rtm->rtm_type = RTN_LOCAL;
3118 else if (rt->dst.dev && (rt->dst.dev->flags & IFF_LOOPBACK))
3119 rtm->rtm_type = RTN_LOCAL;
3120 else
3121 rtm->rtm_type = RTN_UNICAST;
3122 rtm->rtm_flags = 0;
3123 if (!netif_carrier_ok(rt->dst.dev)) {
3124 rtm->rtm_flags |= RTNH_F_LINKDOWN;
3125 if (rt->rt6i_idev->cnf.ignore_routes_with_linkdown)
3126 rtm->rtm_flags |= RTNH_F_DEAD;
3128 rtm->rtm_scope = RT_SCOPE_UNIVERSE;
3129 rtm->rtm_protocol = rt->rt6i_protocol;
3130 if (rt->rt6i_flags & RTF_DYNAMIC)
3131 rtm->rtm_protocol = RTPROT_REDIRECT;
3132 else if (rt->rt6i_flags & RTF_ADDRCONF) {
3133 if (rt->rt6i_flags & (RTF_DEFAULT | RTF_ROUTEINFO))
3134 rtm->rtm_protocol = RTPROT_RA;
3135 else
3136 rtm->rtm_protocol = RTPROT_KERNEL;
3139 if (rt->rt6i_flags & RTF_CACHE)
3140 rtm->rtm_flags |= RTM_F_CLONED;
3142 if (dst) {
3143 if (nla_put_in6_addr(skb, RTA_DST, dst))
3144 goto nla_put_failure;
3145 rtm->rtm_dst_len = 128;
3146 } else if (rtm->rtm_dst_len)
3147 if (nla_put_in6_addr(skb, RTA_DST, &rt->rt6i_dst.addr))
3148 goto nla_put_failure;
3149 #ifdef CONFIG_IPV6_SUBTREES
3150 if (src) {
3151 if (nla_put_in6_addr(skb, RTA_SRC, src))
3152 goto nla_put_failure;
3153 rtm->rtm_src_len = 128;
3154 } else if (rtm->rtm_src_len &&
3155 nla_put_in6_addr(skb, RTA_SRC, &rt->rt6i_src.addr))
3156 goto nla_put_failure;
3157 #endif
3158 if (iif) {
3159 #ifdef CONFIG_IPV6_MROUTE
3160 if (ipv6_addr_is_multicast(&rt->rt6i_dst.addr)) {
3161 int err = ip6mr_get_route(net, skb, rtm, nowait);
3162 if (err <= 0) {
3163 if (!nowait) {
3164 if (err == 0)
3165 return 0;
3166 goto nla_put_failure;
3167 } else {
3168 if (err == -EMSGSIZE)
3169 goto nla_put_failure;
3172 } else
3173 #endif
3174 if (nla_put_u32(skb, RTA_IIF, iif))
3175 goto nla_put_failure;
3176 } else if (dst) {
3177 struct in6_addr saddr_buf;
3178 if (ip6_route_get_saddr(net, rt, dst, 0, &saddr_buf) == 0 &&
3179 nla_put_in6_addr(skb, RTA_PREFSRC, &saddr_buf))
3180 goto nla_put_failure;
3183 if (rt->rt6i_prefsrc.plen) {
3184 struct in6_addr saddr_buf;
3185 saddr_buf = rt->rt6i_prefsrc.addr;
3186 if (nla_put_in6_addr(skb, RTA_PREFSRC, &saddr_buf))
3187 goto nla_put_failure;
3190 memcpy(metrics, dst_metrics_ptr(&rt->dst), sizeof(metrics));
3191 if (rt->rt6i_pmtu)
3192 metrics[RTAX_MTU - 1] = rt->rt6i_pmtu;
3193 if (rtnetlink_put_metrics(skb, metrics) < 0)
3194 goto nla_put_failure;
3196 if (rt->rt6i_flags & RTF_GATEWAY) {
3197 if (nla_put_in6_addr(skb, RTA_GATEWAY, &rt->rt6i_gateway) < 0)
3198 goto nla_put_failure;
3201 if (rt->dst.dev &&
3202 nla_put_u32(skb, RTA_OIF, rt->dst.dev->ifindex))
3203 goto nla_put_failure;
3204 if (nla_put_u32(skb, RTA_PRIORITY, rt->rt6i_metric))
3205 goto nla_put_failure;
3207 expires = (rt->rt6i_flags & RTF_EXPIRES) ? rt->dst.expires - jiffies : 0;
3209 if (rtnl_put_cacheinfo(skb, &rt->dst, 0, expires, rt->dst.error) < 0)
3210 goto nla_put_failure;
3212 if (nla_put_u8(skb, RTA_PREF, IPV6_EXTRACT_PREF(rt->rt6i_flags)))
3213 goto nla_put_failure;
3215 lwtunnel_fill_encap(skb, rt->dst.lwtstate);
3217 nlmsg_end(skb, nlh);
3218 return 0;
3220 nla_put_failure:
3221 nlmsg_cancel(skb, nlh);
3222 return -EMSGSIZE;
3225 int rt6_dump_route(struct rt6_info *rt, void *p_arg)
3227 struct rt6_rtnl_dump_arg *arg = (struct rt6_rtnl_dump_arg *) p_arg;
3228 int prefix;
3230 if (nlmsg_len(arg->cb->nlh) >= sizeof(struct rtmsg)) {
3231 struct rtmsg *rtm = nlmsg_data(arg->cb->nlh);
3232 prefix = (rtm->rtm_flags & RTM_F_PREFIX) != 0;
3233 } else
3234 prefix = 0;
3236 return rt6_fill_node(arg->net,
3237 arg->skb, rt, NULL, NULL, 0, RTM_NEWROUTE,
3238 NETLINK_CB(arg->cb->skb).portid, arg->cb->nlh->nlmsg_seq,
3239 prefix, 0, NLM_F_MULTI);
3242 static int inet6_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr *nlh)
3244 struct net *net = sock_net(in_skb->sk);
3245 struct nlattr *tb[RTA_MAX+1];
3246 struct rt6_info *rt;
3247 struct sk_buff *skb;
3248 struct rtmsg *rtm;
3249 struct flowi6 fl6;
3250 int err, iif = 0, oif = 0;
3252 err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_ipv6_policy);
3253 if (err < 0)
3254 goto errout;
3256 err = -EINVAL;
3257 memset(&fl6, 0, sizeof(fl6));
3259 if (tb[RTA_SRC]) {
3260 if (nla_len(tb[RTA_SRC]) < sizeof(struct in6_addr))
3261 goto errout;
3263 fl6.saddr = *(struct in6_addr *)nla_data(tb[RTA_SRC]);
3266 if (tb[RTA_DST]) {
3267 if (nla_len(tb[RTA_DST]) < sizeof(struct in6_addr))
3268 goto errout;
3270 fl6.daddr = *(struct in6_addr *)nla_data(tb[RTA_DST]);
3273 if (tb[RTA_IIF])
3274 iif = nla_get_u32(tb[RTA_IIF]);
3276 if (tb[RTA_OIF])
3277 oif = nla_get_u32(tb[RTA_OIF]);
3279 if (tb[RTA_MARK])
3280 fl6.flowi6_mark = nla_get_u32(tb[RTA_MARK]);
3282 if (iif) {
3283 struct net_device *dev;
3284 int flags = 0;
3286 dev = __dev_get_by_index(net, iif);
3287 if (!dev) {
3288 err = -ENODEV;
3289 goto errout;
3292 fl6.flowi6_iif = iif;
3294 if (!ipv6_addr_any(&fl6.saddr))
3295 flags |= RT6_LOOKUP_F_HAS_SADDR;
3297 rt = (struct rt6_info *)ip6_route_input_lookup(net, dev, &fl6,
3298 flags);
3299 } else {
3300 fl6.flowi6_oif = oif;
3302 if (netif_index_is_l3_master(net, oif)) {
3303 fl6.flowi6_flags = FLOWI_FLAG_L3MDEV_SRC |
3304 FLOWI_FLAG_SKIP_NH_OIF;
3307 rt = (struct rt6_info *)ip6_route_output(net, NULL, &fl6);
3310 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL);
3311 if (!skb) {
3312 ip6_rt_put(rt);
3313 err = -ENOBUFS;
3314 goto errout;
3317 /* Reserve room for dummy headers, this skb can pass
3318 through good chunk of routing engine.
3320 skb_reset_mac_header(skb);
3321 skb_reserve(skb, MAX_HEADER + sizeof(struct ipv6hdr));
3323 skb_dst_set(skb, &rt->dst);
3325 err = rt6_fill_node(net, skb, rt, &fl6.daddr, &fl6.saddr, iif,
3326 RTM_NEWROUTE, NETLINK_CB(in_skb).portid,
3327 nlh->nlmsg_seq, 0, 0, 0);
3328 if (err < 0) {
3329 kfree_skb(skb);
3330 goto errout;
3333 err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).portid);
3334 errout:
3335 return err;
3338 void inet6_rt_notify(int event, struct rt6_info *rt, struct nl_info *info,
3339 unsigned int nlm_flags)
3341 struct sk_buff *skb;
3342 struct net *net = info->nl_net;
3343 u32 seq;
3344 int err;
3346 err = -ENOBUFS;
3347 seq = info->nlh ? info->nlh->nlmsg_seq : 0;
3349 skb = nlmsg_new(rt6_nlmsg_size(rt), gfp_any());
3350 if (!skb)
3351 goto errout;
3353 err = rt6_fill_node(net, skb, rt, NULL, NULL, 0,
3354 event, info->portid, seq, 0, 0, nlm_flags);
3355 if (err < 0) {
3356 /* -EMSGSIZE implies BUG in rt6_nlmsg_size() */
3357 WARN_ON(err == -EMSGSIZE);
3358 kfree_skb(skb);
3359 goto errout;
3361 rtnl_notify(skb, net, info->portid, RTNLGRP_IPV6_ROUTE,
3362 info->nlh, gfp_any());
3363 return;
3364 errout:
3365 if (err < 0)
3366 rtnl_set_sk_err(net, RTNLGRP_IPV6_ROUTE, err);
3369 static int ip6_route_dev_notify(struct notifier_block *this,
3370 unsigned long event, void *ptr)
3372 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
3373 struct net *net = dev_net(dev);
3375 if (event == NETDEV_REGISTER && (dev->flags & IFF_LOOPBACK)) {
3376 net->ipv6.ip6_null_entry->dst.dev = dev;
3377 net->ipv6.ip6_null_entry->rt6i_idev = in6_dev_get(dev);
3378 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
3379 net->ipv6.ip6_prohibit_entry->dst.dev = dev;
3380 net->ipv6.ip6_prohibit_entry->rt6i_idev = in6_dev_get(dev);
3381 net->ipv6.ip6_blk_hole_entry->dst.dev = dev;
3382 net->ipv6.ip6_blk_hole_entry->rt6i_idev = in6_dev_get(dev);
3383 #endif
3386 return NOTIFY_OK;
3390 * /proc
3393 #ifdef CONFIG_PROC_FS
3395 static const struct file_operations ipv6_route_proc_fops = {
3396 .owner = THIS_MODULE,
3397 .open = ipv6_route_open,
3398 .read = seq_read,
3399 .llseek = seq_lseek,
3400 .release = seq_release_net,
3403 static int rt6_stats_seq_show(struct seq_file *seq, void *v)
3405 struct net *net = (struct net *)seq->private;
3406 seq_printf(seq, "%04x %04x %04x %04x %04x %04x %04x\n",
3407 net->ipv6.rt6_stats->fib_nodes,
3408 net->ipv6.rt6_stats->fib_route_nodes,
3409 net->ipv6.rt6_stats->fib_rt_alloc,
3410 net->ipv6.rt6_stats->fib_rt_entries,
3411 net->ipv6.rt6_stats->fib_rt_cache,
3412 dst_entries_get_slow(&net->ipv6.ip6_dst_ops),
3413 net->ipv6.rt6_stats->fib_discarded_routes);
3415 return 0;
3418 static int rt6_stats_seq_open(struct inode *inode, struct file *file)
3420 return single_open_net(inode, file, rt6_stats_seq_show);
3423 static const struct file_operations rt6_stats_seq_fops = {
3424 .owner = THIS_MODULE,
3425 .open = rt6_stats_seq_open,
3426 .read = seq_read,
3427 .llseek = seq_lseek,
3428 .release = single_release_net,
3430 #endif /* CONFIG_PROC_FS */
3432 #ifdef CONFIG_SYSCTL
3434 static
3435 int ipv6_sysctl_rtcache_flush(struct ctl_table *ctl, int write,
3436 void __user *buffer, size_t *lenp, loff_t *ppos)
3438 struct net *net;
3439 int delay;
3440 if (!write)
3441 return -EINVAL;
3443 net = (struct net *)ctl->extra1;
3444 delay = net->ipv6.sysctl.flush_delay;
3445 proc_dointvec(ctl, write, buffer, lenp, ppos);
3446 fib6_run_gc(delay <= 0 ? 0 : (unsigned long)delay, net, delay > 0);
3447 return 0;
3450 struct ctl_table ipv6_route_table_template[] = {
3452 .procname = "flush",
3453 .data = &init_net.ipv6.sysctl.flush_delay,
3454 .maxlen = sizeof(int),
3455 .mode = 0200,
3456 .proc_handler = ipv6_sysctl_rtcache_flush
3459 .procname = "gc_thresh",
3460 .data = &ip6_dst_ops_template.gc_thresh,
3461 .maxlen = sizeof(int),
3462 .mode = 0644,
3463 .proc_handler = proc_dointvec,
3466 .procname = "max_size",
3467 .data = &init_net.ipv6.sysctl.ip6_rt_max_size,
3468 .maxlen = sizeof(int),
3469 .mode = 0644,
3470 .proc_handler = proc_dointvec,
3473 .procname = "gc_min_interval",
3474 .data = &init_net.ipv6.sysctl.ip6_rt_gc_min_interval,
3475 .maxlen = sizeof(int),
3476 .mode = 0644,
3477 .proc_handler = proc_dointvec_jiffies,
3480 .procname = "gc_timeout",
3481 .data = &init_net.ipv6.sysctl.ip6_rt_gc_timeout,
3482 .maxlen = sizeof(int),
3483 .mode = 0644,
3484 .proc_handler = proc_dointvec_jiffies,
3487 .procname = "gc_interval",
3488 .data = &init_net.ipv6.sysctl.ip6_rt_gc_interval,
3489 .maxlen = sizeof(int),
3490 .mode = 0644,
3491 .proc_handler = proc_dointvec_jiffies,
3494 .procname = "gc_elasticity",
3495 .data = &init_net.ipv6.sysctl.ip6_rt_gc_elasticity,
3496 .maxlen = sizeof(int),
3497 .mode = 0644,
3498 .proc_handler = proc_dointvec,
3501 .procname = "mtu_expires",
3502 .data = &init_net.ipv6.sysctl.ip6_rt_mtu_expires,
3503 .maxlen = sizeof(int),
3504 .mode = 0644,
3505 .proc_handler = proc_dointvec_jiffies,
3508 .procname = "min_adv_mss",
3509 .data = &init_net.ipv6.sysctl.ip6_rt_min_advmss,
3510 .maxlen = sizeof(int),
3511 .mode = 0644,
3512 .proc_handler = proc_dointvec,
3515 .procname = "gc_min_interval_ms",
3516 .data = &init_net.ipv6.sysctl.ip6_rt_gc_min_interval,
3517 .maxlen = sizeof(int),
3518 .mode = 0644,
3519 .proc_handler = proc_dointvec_ms_jiffies,
3524 struct ctl_table * __net_init ipv6_route_sysctl_init(struct net *net)
3526 struct ctl_table *table;
3528 table = kmemdup(ipv6_route_table_template,
3529 sizeof(ipv6_route_table_template),
3530 GFP_KERNEL);
3532 if (table) {
3533 table[0].data = &net->ipv6.sysctl.flush_delay;
3534 table[0].extra1 = net;
3535 table[1].data = &net->ipv6.ip6_dst_ops.gc_thresh;
3536 table[2].data = &net->ipv6.sysctl.ip6_rt_max_size;
3537 table[3].data = &net->ipv6.sysctl.ip6_rt_gc_min_interval;
3538 table[4].data = &net->ipv6.sysctl.ip6_rt_gc_timeout;
3539 table[5].data = &net->ipv6.sysctl.ip6_rt_gc_interval;
3540 table[6].data = &net->ipv6.sysctl.ip6_rt_gc_elasticity;
3541 table[7].data = &net->ipv6.sysctl.ip6_rt_mtu_expires;
3542 table[8].data = &net->ipv6.sysctl.ip6_rt_min_advmss;
3543 table[9].data = &net->ipv6.sysctl.ip6_rt_gc_min_interval;
3545 /* Don't export sysctls to unprivileged users */
3546 if (net->user_ns != &init_user_ns)
3547 table[0].procname = NULL;
3550 return table;
3552 #endif
3554 static int __net_init ip6_route_net_init(struct net *net)
3556 int ret = -ENOMEM;
3558 memcpy(&net->ipv6.ip6_dst_ops, &ip6_dst_ops_template,
3559 sizeof(net->ipv6.ip6_dst_ops));
3561 if (dst_entries_init(&net->ipv6.ip6_dst_ops) < 0)
3562 goto out_ip6_dst_ops;
3564 net->ipv6.ip6_null_entry = kmemdup(&ip6_null_entry_template,
3565 sizeof(*net->ipv6.ip6_null_entry),
3566 GFP_KERNEL);
3567 if (!net->ipv6.ip6_null_entry)
3568 goto out_ip6_dst_entries;
3569 net->ipv6.ip6_null_entry->dst.path =
3570 (struct dst_entry *)net->ipv6.ip6_null_entry;
3571 net->ipv6.ip6_null_entry->dst.ops = &net->ipv6.ip6_dst_ops;
3572 dst_init_metrics(&net->ipv6.ip6_null_entry->dst,
3573 ip6_template_metrics, true);
3575 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
3576 net->ipv6.ip6_prohibit_entry = kmemdup(&ip6_prohibit_entry_template,
3577 sizeof(*net->ipv6.ip6_prohibit_entry),
3578 GFP_KERNEL);
3579 if (!net->ipv6.ip6_prohibit_entry)
3580 goto out_ip6_null_entry;
3581 net->ipv6.ip6_prohibit_entry->dst.path =
3582 (struct dst_entry *)net->ipv6.ip6_prohibit_entry;
3583 net->ipv6.ip6_prohibit_entry->dst.ops = &net->ipv6.ip6_dst_ops;
3584 dst_init_metrics(&net->ipv6.ip6_prohibit_entry->dst,
3585 ip6_template_metrics, true);
3587 net->ipv6.ip6_blk_hole_entry = kmemdup(&ip6_blk_hole_entry_template,
3588 sizeof(*net->ipv6.ip6_blk_hole_entry),
3589 GFP_KERNEL);
3590 if (!net->ipv6.ip6_blk_hole_entry)
3591 goto out_ip6_prohibit_entry;
3592 net->ipv6.ip6_blk_hole_entry->dst.path =
3593 (struct dst_entry *)net->ipv6.ip6_blk_hole_entry;
3594 net->ipv6.ip6_blk_hole_entry->dst.ops = &net->ipv6.ip6_dst_ops;
3595 dst_init_metrics(&net->ipv6.ip6_blk_hole_entry->dst,
3596 ip6_template_metrics, true);
3597 #endif
3599 net->ipv6.sysctl.flush_delay = 0;
3600 net->ipv6.sysctl.ip6_rt_max_size = 4096;
3601 net->ipv6.sysctl.ip6_rt_gc_min_interval = HZ / 2;
3602 net->ipv6.sysctl.ip6_rt_gc_timeout = 60*HZ;
3603 net->ipv6.sysctl.ip6_rt_gc_interval = 30*HZ;
3604 net->ipv6.sysctl.ip6_rt_gc_elasticity = 9;
3605 net->ipv6.sysctl.ip6_rt_mtu_expires = 10*60*HZ;
3606 net->ipv6.sysctl.ip6_rt_min_advmss = IPV6_MIN_MTU - 20 - 40;
3608 net->ipv6.ip6_rt_gc_expire = 30*HZ;
3610 ret = 0;
3611 out:
3612 return ret;
3614 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
3615 out_ip6_prohibit_entry:
3616 kfree(net->ipv6.ip6_prohibit_entry);
3617 out_ip6_null_entry:
3618 kfree(net->ipv6.ip6_null_entry);
3619 #endif
3620 out_ip6_dst_entries:
3621 dst_entries_destroy(&net->ipv6.ip6_dst_ops);
3622 out_ip6_dst_ops:
3623 goto out;
3626 static void __net_exit ip6_route_net_exit(struct net *net)
3628 kfree(net->ipv6.ip6_null_entry);
3629 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
3630 kfree(net->ipv6.ip6_prohibit_entry);
3631 kfree(net->ipv6.ip6_blk_hole_entry);
3632 #endif
3633 dst_entries_destroy(&net->ipv6.ip6_dst_ops);
3636 static int __net_init ip6_route_net_init_late(struct net *net)
3638 #ifdef CONFIG_PROC_FS
3639 proc_create("ipv6_route", 0, net->proc_net, &ipv6_route_proc_fops);
3640 proc_create("rt6_stats", S_IRUGO, net->proc_net, &rt6_stats_seq_fops);
3641 #endif
3642 return 0;
3645 static void __net_exit ip6_route_net_exit_late(struct net *net)
3647 #ifdef CONFIG_PROC_FS
3648 remove_proc_entry("ipv6_route", net->proc_net);
3649 remove_proc_entry("rt6_stats", net->proc_net);
3650 #endif
3653 static struct pernet_operations ip6_route_net_ops = {
3654 .init = ip6_route_net_init,
3655 .exit = ip6_route_net_exit,
3658 static int __net_init ipv6_inetpeer_init(struct net *net)
3660 struct inet_peer_base *bp = kmalloc(sizeof(*bp), GFP_KERNEL);
3662 if (!bp)
3663 return -ENOMEM;
3664 inet_peer_base_init(bp);
3665 net->ipv6.peers = bp;
3666 return 0;
3669 static void __net_exit ipv6_inetpeer_exit(struct net *net)
3671 struct inet_peer_base *bp = net->ipv6.peers;
3673 net->ipv6.peers = NULL;
3674 inetpeer_invalidate_tree(bp);
3675 kfree(bp);
3678 static struct pernet_operations ipv6_inetpeer_ops = {
3679 .init = ipv6_inetpeer_init,
3680 .exit = ipv6_inetpeer_exit,
3683 static struct pernet_operations ip6_route_net_late_ops = {
3684 .init = ip6_route_net_init_late,
3685 .exit = ip6_route_net_exit_late,
3688 static struct notifier_block ip6_route_dev_notifier = {
3689 .notifier_call = ip6_route_dev_notify,
3690 .priority = 0,
3693 int __init ip6_route_init(void)
3695 int ret;
3696 int cpu;
3698 ret = -ENOMEM;
3699 ip6_dst_ops_template.kmem_cachep =
3700 kmem_cache_create("ip6_dst_cache", sizeof(struct rt6_info), 0,
3701 SLAB_HWCACHE_ALIGN, NULL);
3702 if (!ip6_dst_ops_template.kmem_cachep)
3703 goto out;
3705 ret = dst_entries_init(&ip6_dst_blackhole_ops);
3706 if (ret)
3707 goto out_kmem_cache;
3709 ret = register_pernet_subsys(&ipv6_inetpeer_ops);
3710 if (ret)
3711 goto out_dst_entries;
3713 ret = register_pernet_subsys(&ip6_route_net_ops);
3714 if (ret)
3715 goto out_register_inetpeer;
3717 ip6_dst_blackhole_ops.kmem_cachep = ip6_dst_ops_template.kmem_cachep;
3719 /* Registering of the loopback is done before this portion of code,
3720 * the loopback reference in rt6_info will not be taken, do it
3721 * manually for init_net */
3722 init_net.ipv6.ip6_null_entry->dst.dev = init_net.loopback_dev;
3723 init_net.ipv6.ip6_null_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev);
3724 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
3725 init_net.ipv6.ip6_prohibit_entry->dst.dev = init_net.loopback_dev;
3726 init_net.ipv6.ip6_prohibit_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev);
3727 init_net.ipv6.ip6_blk_hole_entry->dst.dev = init_net.loopback_dev;
3728 init_net.ipv6.ip6_blk_hole_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev);
3729 #endif
3730 ret = fib6_init();
3731 if (ret)
3732 goto out_register_subsys;
3734 ret = xfrm6_init();
3735 if (ret)
3736 goto out_fib6_init;
3738 ret = fib6_rules_init();
3739 if (ret)
3740 goto xfrm6_init;
3742 ret = register_pernet_subsys(&ip6_route_net_late_ops);
3743 if (ret)
3744 goto fib6_rules_init;
3746 ret = -ENOBUFS;
3747 if (__rtnl_register(PF_INET6, RTM_NEWROUTE, inet6_rtm_newroute, NULL, NULL) ||
3748 __rtnl_register(PF_INET6, RTM_DELROUTE, inet6_rtm_delroute, NULL, NULL) ||
3749 __rtnl_register(PF_INET6, RTM_GETROUTE, inet6_rtm_getroute, NULL, NULL))
3750 goto out_register_late_subsys;
3752 ret = register_netdevice_notifier(&ip6_route_dev_notifier);
3753 if (ret)
3754 goto out_register_late_subsys;
3756 for_each_possible_cpu(cpu) {
3757 struct uncached_list *ul = per_cpu_ptr(&rt6_uncached_list, cpu);
3759 INIT_LIST_HEAD(&ul->head);
3760 spin_lock_init(&ul->lock);
3763 out:
3764 return ret;
3766 out_register_late_subsys:
3767 unregister_pernet_subsys(&ip6_route_net_late_ops);
3768 fib6_rules_init:
3769 fib6_rules_cleanup();
3770 xfrm6_init:
3771 xfrm6_fini();
3772 out_fib6_init:
3773 fib6_gc_cleanup();
3774 out_register_subsys:
3775 unregister_pernet_subsys(&ip6_route_net_ops);
3776 out_register_inetpeer:
3777 unregister_pernet_subsys(&ipv6_inetpeer_ops);
3778 out_dst_entries:
3779 dst_entries_destroy(&ip6_dst_blackhole_ops);
3780 out_kmem_cache:
3781 kmem_cache_destroy(ip6_dst_ops_template.kmem_cachep);
3782 goto out;
3785 void ip6_route_cleanup(void)
3787 unregister_netdevice_notifier(&ip6_route_dev_notifier);
3788 unregister_pernet_subsys(&ip6_route_net_late_ops);
3789 fib6_rules_cleanup();
3790 xfrm6_fini();
3791 fib6_gc_cleanup();
3792 unregister_pernet_subsys(&ipv6_inetpeer_ops);
3793 unregister_pernet_subsys(&ip6_route_net_ops);
3794 dst_entries_destroy(&ip6_dst_blackhole_ops);
3795 kmem_cache_destroy(ip6_dst_ops_template.kmem_cachep);