1 /* 2 * Linux INET6 implementation 3 * FIB front-end. 4 * 5 * Authors: 6 * Pedro Roque <roque@di.fc.ul.pt> 7 * 8 * This program is free software; you can redistribute it and/or 9 * modify it under the terms of the GNU General Public License 10 * as published by the Free Software Foundation; either version 11 * 2 of the License, or (at your option) any later version. 12 */ 13 14 /* Changes: 15 * 16 * YOSHIFUJI Hideaki @USAGI 17 * reworked default router selection. 18 * - respect outgoing interface 19 * - select from (probably) reachable routers (i.e. 20 * routers in REACHABLE, STALE, DELAY or PROBE states). 21 * - always select the same router if it is (probably) 22 * reachable. otherwise, round-robin the list. 23 * Ville Nuorvala 24 * Fixed routing subtrees. 25 */ 26 27 #define pr_fmt(fmt) "IPv6: " fmt 28 29 #include <linux/capability.h> 30 #include <linux/errno.h> 31 #include <linux/export.h> 32 #include <linux/types.h> 33 #include <linux/times.h> 34 #include <linux/socket.h> 35 #include <linux/sockios.h> 36 #include <linux/net.h> 37 #include <linux/route.h> 38 #include <linux/netdevice.h> 39 #include <linux/in6.h> 40 #include <linux/mroute6.h> 41 #include <linux/init.h> 42 #include <linux/if_arp.h> 43 #include <linux/proc_fs.h> 44 #include <linux/seq_file.h> 45 #include <linux/nsproxy.h> 46 #include <linux/slab.h> 47 #include <net/net_namespace.h> 48 #include <net/snmp.h> 49 #include <net/ipv6.h> 50 #include <net/ip6_fib.h> 51 #include <net/ip6_route.h> 52 #include <net/ndisc.h> 53 #include <net/addrconf.h> 54 #include <net/tcp.h> 55 #include <linux/rtnetlink.h> 56 #include <net/dst.h> 57 #include <net/xfrm.h> 58 #include <net/netevent.h> 59 #include <net/netlink.h> 60 #include <net/nexthop.h> 61 62 #include <asm/uaccess.h> 63 64 #ifdef CONFIG_SYSCTL 65 #include <linux/sysctl.h> 66 #endif 67 68 enum rt6_nud_state { 69 RT6_NUD_FAIL_HARD = -3, 70 RT6_NUD_FAIL_PROBE = -2, 71 RT6_NUD_FAIL_DO_RR = -1, 72 RT6_NUD_SUCCEED = 1 73 }; 74 75 static struct rt6_info *ip6_rt_copy(struct rt6_info *ort, 76 const struct in6_addr *dest); 77 static struct dst_entry *ip6_dst_check(struct dst_entry *dst, u32 cookie); 78 static unsigned int ip6_default_advmss(const struct dst_entry *dst); 79 static unsigned int ip6_mtu(const struct dst_entry *dst); 80 static struct dst_entry *ip6_negative_advice(struct dst_entry *); 81 static void ip6_dst_destroy(struct dst_entry *); 82 static void ip6_dst_ifdown(struct dst_entry *, 83 struct net_device *dev, int how); 84 static int ip6_dst_gc(struct dst_ops *ops); 85 86 static int ip6_pkt_discard(struct sk_buff *skb); 87 static int ip6_pkt_discard_out(struct sock *sk, struct sk_buff *skb); 88 static int ip6_pkt_prohibit(struct sk_buff *skb); 89 static int ip6_pkt_prohibit_out(struct sock *sk, struct sk_buff *skb); 90 static void ip6_link_failure(struct sk_buff *skb); 91 static void ip6_rt_update_pmtu(struct dst_entry *dst, struct sock *sk, 92 struct sk_buff *skb, u32 mtu); 93 static void rt6_do_redirect(struct dst_entry *dst, struct sock *sk, 94 struct sk_buff *skb); 95 static int rt6_score_route(struct rt6_info *rt, int oif, int strict); 96 97 #ifdef CONFIG_IPV6_ROUTE_INFO 98 static struct rt6_info *rt6_add_route_info(struct net *net, 99 const struct in6_addr *prefix, int prefixlen, 100 const struct in6_addr *gwaddr, int ifindex, 101 unsigned int pref); 102 static struct rt6_info *rt6_get_route_info(struct net *net, 103 const struct in6_addr *prefix, int prefixlen, 104 const struct in6_addr *gwaddr, int ifindex); 105 #endif 106 107 static void rt6_bind_peer(struct rt6_info *rt, int create) 108 { 109 struct inet_peer_base *base; 110 struct inet_peer *peer; 111 112 base = inetpeer_base_ptr(rt->_rt6i_peer); 113 if (!base) 114 return; 115 116 peer = inet_getpeer_v6(base, &rt->rt6i_dst.addr, create); 117 if (peer) { 118 if (!rt6_set_peer(rt, peer)) 119 inet_putpeer(peer); 120 } 121 } 122 123 static struct inet_peer *__rt6_get_peer(struct rt6_info *rt, int create) 124 { 125 if (rt6_has_peer(rt)) 126 return rt6_peer_ptr(rt); 127 128 rt6_bind_peer(rt, create); 129 return (rt6_has_peer(rt) ? rt6_peer_ptr(rt) : NULL); 130 } 131 132 static struct inet_peer *rt6_get_peer_create(struct rt6_info *rt) 133 { 134 return __rt6_get_peer(rt, 1); 135 } 136 137 static u32 *ipv6_cow_metrics(struct dst_entry *dst, unsigned long old) 138 { 139 struct rt6_info *rt = (struct rt6_info *) dst; 140 struct inet_peer *peer; 141 u32 *p = NULL; 142 143 if (!(rt->dst.flags & DST_HOST)) 144 return NULL; 145 146 peer = rt6_get_peer_create(rt); 147 if (peer) { 148 u32 *old_p = __DST_METRICS_PTR(old); 149 unsigned long prev, new; 150 151 p = peer->metrics; 152 if (inet_metrics_new(peer) || 153 (old & DST_METRICS_FORCE_OVERWRITE)) 154 memcpy(p, old_p, sizeof(u32) * RTAX_MAX); 155 156 new = (unsigned long) p; 157 prev = cmpxchg(&dst->_metrics, old, new); 158 159 if (prev != old) { 160 p = __DST_METRICS_PTR(prev); 161 if (prev & DST_METRICS_READ_ONLY) 162 p = NULL; 163 } 164 } 165 return p; 166 } 167 168 static inline const void *choose_neigh_daddr(struct rt6_info *rt, 169 struct sk_buff *skb, 170 const void *daddr) 171 { 172 struct in6_addr *p = &rt->rt6i_gateway; 173 174 if (!ipv6_addr_any(p)) 175 return (const void *) p; 176 else if (skb) 177 return &ipv6_hdr(skb)->daddr; 178 return daddr; 179 } 180 181 static struct neighbour *ip6_neigh_lookup(const struct dst_entry *dst, 182 struct sk_buff *skb, 183 const void *daddr) 184 { 185 struct rt6_info *rt = (struct rt6_info *) dst; 186 struct neighbour *n; 187 188 daddr = choose_neigh_daddr(rt, skb, daddr); 189 n = __ipv6_neigh_lookup(dst->dev, daddr); 190 if (n) 191 return n; 192 return neigh_create(&nd_tbl, daddr, dst->dev); 193 } 194 195 static struct dst_ops ip6_dst_ops_template = { 196 .family = AF_INET6, 197 .protocol = cpu_to_be16(ETH_P_IPV6), 198 .gc = ip6_dst_gc, 199 .gc_thresh = 1024, 200 .check = ip6_dst_check, 201 .default_advmss = ip6_default_advmss, 202 .mtu = ip6_mtu, 203 .cow_metrics = ipv6_cow_metrics, 204 .destroy = ip6_dst_destroy, 205 .ifdown = ip6_dst_ifdown, 206 .negative_advice = ip6_negative_advice, 207 .link_failure = ip6_link_failure, 208 .update_pmtu = ip6_rt_update_pmtu, 209 .redirect = rt6_do_redirect, 210 .local_out = __ip6_local_out, 211 .neigh_lookup = ip6_neigh_lookup, 212 }; 213 214 static unsigned int ip6_blackhole_mtu(const struct dst_entry *dst) 215 { 216 unsigned int mtu = dst_metric_raw(dst, RTAX_MTU); 217 218 return mtu ? : dst->dev->mtu; 219 } 220 221 static void ip6_rt_blackhole_update_pmtu(struct dst_entry *dst, struct sock *sk, 222 struct sk_buff *skb, u32 mtu) 223 { 224 } 225 226 static void ip6_rt_blackhole_redirect(struct dst_entry *dst, struct sock *sk, 227 struct sk_buff *skb) 228 { 229 } 230 231 static u32 *ip6_rt_blackhole_cow_metrics(struct dst_entry *dst, 232 unsigned long old) 233 { 234 return NULL; 235 } 236 237 static struct dst_ops ip6_dst_blackhole_ops = { 238 .family = AF_INET6, 239 .protocol = cpu_to_be16(ETH_P_IPV6), 240 .destroy = ip6_dst_destroy, 241 .check = ip6_dst_check, 242 .mtu = ip6_blackhole_mtu, 243 .default_advmss = ip6_default_advmss, 244 .update_pmtu = ip6_rt_blackhole_update_pmtu, 245 .redirect = ip6_rt_blackhole_redirect, 246 .cow_metrics = ip6_rt_blackhole_cow_metrics, 247 .neigh_lookup = ip6_neigh_lookup, 248 }; 249 250 static const u32 ip6_template_metrics[RTAX_MAX] = { 251 [RTAX_HOPLIMIT - 1] = 0, 252 }; 253 254 static const struct rt6_info ip6_null_entry_template = { 255 .dst = { 256 .__refcnt = ATOMIC_INIT(1), 257 .__use = 1, 258 .obsolete = DST_OBSOLETE_FORCE_CHK, 259 .error = -ENETUNREACH, 260 .input = ip6_pkt_discard, 261 .output = ip6_pkt_discard_out, 262 }, 263 .rt6i_flags = (RTF_REJECT | RTF_NONEXTHOP), 264 .rt6i_protocol = RTPROT_KERNEL, 265 .rt6i_metric = ~(u32) 0, 266 .rt6i_ref = ATOMIC_INIT(1), 267 }; 268 269 #ifdef CONFIG_IPV6_MULTIPLE_TABLES 270 271 static const struct rt6_info ip6_prohibit_entry_template = { 272 .dst = { 273 .__refcnt = ATOMIC_INIT(1), 274 .__use = 1, 275 .obsolete = DST_OBSOLETE_FORCE_CHK, 276 .error = -EACCES, 277 .input = ip6_pkt_prohibit, 278 .output = ip6_pkt_prohibit_out, 279 }, 280 .rt6i_flags = (RTF_REJECT | RTF_NONEXTHOP), 281 .rt6i_protocol = RTPROT_KERNEL, 282 .rt6i_metric = ~(u32) 0, 283 .rt6i_ref = ATOMIC_INIT(1), 284 }; 285 286 static const struct rt6_info ip6_blk_hole_entry_template = { 287 .dst = { 288 .__refcnt = ATOMIC_INIT(1), 289 .__use = 1, 290 .obsolete = DST_OBSOLETE_FORCE_CHK, 291 .error = -EINVAL, 292 .input = dst_discard, 293 .output = dst_discard_sk, 294 }, 295 .rt6i_flags = (RTF_REJECT | RTF_NONEXTHOP), 296 .rt6i_protocol = RTPROT_KERNEL, 297 .rt6i_metric = ~(u32) 0, 298 .rt6i_ref = ATOMIC_INIT(1), 299 }; 300 301 #endif 302 303 /* allocate dst with ip6_dst_ops */ 304 static inline struct rt6_info *ip6_dst_alloc(struct net *net, 305 struct net_device *dev, 306 int flags, 307 struct fib6_table *table) 308 { 309 struct rt6_info *rt = dst_alloc(&net->ipv6.ip6_dst_ops, dev, 310 0, DST_OBSOLETE_FORCE_CHK, flags); 311 312 if (rt) { 313 struct dst_entry *dst = &rt->dst; 314 315 memset(dst + 1, 0, sizeof(*rt) - sizeof(*dst)); 316 rt6_init_peer(rt, table ? &table->tb6_peers : net->ipv6.peers); 317 INIT_LIST_HEAD(&rt->rt6i_siblings); 318 } 319 return rt; 320 } 321 322 static void ip6_dst_destroy(struct dst_entry *dst) 323 { 324 struct rt6_info *rt = (struct rt6_info *)dst; 325 struct inet6_dev *idev = rt->rt6i_idev; 326 struct dst_entry *from = dst->from; 327 328 if (!(rt->dst.flags & DST_HOST)) 329 dst_destroy_metrics_generic(dst); 330 331 if (idev) { 332 rt->rt6i_idev = NULL; 333 in6_dev_put(idev); 334 } 335 336 dst->from = NULL; 337 dst_release(from); 338 339 if (rt6_has_peer(rt)) { 340 struct inet_peer *peer = rt6_peer_ptr(rt); 341 inet_putpeer(peer); 342 } 343 } 344 345 static void ip6_dst_ifdown(struct dst_entry *dst, struct net_device *dev, 346 int how) 347 { 348 struct rt6_info *rt = (struct rt6_info *)dst; 349 struct inet6_dev *idev = rt->rt6i_idev; 350 struct net_device *loopback_dev = 351 dev_net(dev)->loopback_dev; 352 353 if (dev != loopback_dev) { 354 if (idev && idev->dev == dev) { 355 struct inet6_dev *loopback_idev = 356 in6_dev_get(loopback_dev); 357 if (loopback_idev) { 358 rt->rt6i_idev = loopback_idev; 359 in6_dev_put(idev); 360 } 361 } 362 } 363 } 364 365 static bool rt6_check_expired(const struct rt6_info *rt) 366 { 367 if (rt->rt6i_flags & RTF_EXPIRES) { 368 if (time_after(jiffies, rt->dst.expires)) 369 return true; 370 } else if (rt->dst.from) { 371 return rt6_check_expired((struct rt6_info *) rt->dst.from); 372 } 373 return false; 374 } 375 376 /* Multipath route selection: 377 * Hash based function using packet header and flowlabel. 378 * Adapted from fib_info_hashfn() 379 */ 380 static int rt6_info_hash_nhsfn(unsigned int candidate_count, 381 const struct flowi6 *fl6) 382 { 383 unsigned int val = fl6->flowi6_proto; 384 385 val ^= ipv6_addr_hash(&fl6->daddr); 386 val ^= ipv6_addr_hash(&fl6->saddr); 387 388 /* Work only if this not encapsulated */ 389 switch (fl6->flowi6_proto) { 390 case IPPROTO_UDP: 391 case IPPROTO_TCP: 392 case IPPROTO_SCTP: 393 val ^= (__force u16)fl6->fl6_sport; 394 val ^= (__force u16)fl6->fl6_dport; 395 break; 396 397 case IPPROTO_ICMPV6: 398 val ^= (__force u16)fl6->fl6_icmp_type; 399 val ^= (__force u16)fl6->fl6_icmp_code; 400 break; 401 } 402 /* RFC6438 recommands to use flowlabel */ 403 val ^= (__force u32)fl6->flowlabel; 404 405 /* Perhaps, we need to tune, this function? */ 406 val = val ^ (val >> 7) ^ (val >> 12); 407 return val % candidate_count; 408 } 409 410 static struct rt6_info *rt6_multipath_select(struct rt6_info *match, 411 struct flowi6 *fl6, int oif, 412 int strict) 413 { 414 struct rt6_info *sibling, *next_sibling; 415 int route_choosen; 416 417 route_choosen = rt6_info_hash_nhsfn(match->rt6i_nsiblings + 1, fl6); 418 /* Don't change the route, if route_choosen == 0 419 * (siblings does not include ourself) 420 */ 421 if (route_choosen) 422 list_for_each_entry_safe(sibling, next_sibling, 423 &match->rt6i_siblings, rt6i_siblings) { 424 route_choosen--; 425 if (route_choosen == 0) { 426 if (rt6_score_route(sibling, oif, strict) < 0) 427 break; 428 match = sibling; 429 break; 430 } 431 } 432 return match; 433 } 434 435 /* 436 * Route lookup. Any table->tb6_lock is implied. 437 */ 438 439 static inline struct rt6_info *rt6_device_match(struct net *net, 440 struct rt6_info *rt, 441 const struct in6_addr *saddr, 442 int oif, 443 int flags) 444 { 445 struct rt6_info *local = NULL; 446 struct rt6_info *sprt; 447 448 if (!oif && ipv6_addr_any(saddr)) 449 goto out; 450 451 for (sprt = rt; sprt; sprt = sprt->dst.rt6_next) { 452 struct net_device *dev = sprt->dst.dev; 453 454 if (oif) { 455 if (dev->ifindex == oif) 456 return sprt; 457 if (dev->flags & IFF_LOOPBACK) { 458 if (!sprt->rt6i_idev || 459 sprt->rt6i_idev->dev->ifindex != oif) { 460 if (flags & RT6_LOOKUP_F_IFACE && oif) 461 continue; 462 if (local && (!oif || 463 local->rt6i_idev->dev->ifindex == oif)) 464 continue; 465 } 466 local = sprt; 467 } 468 } else { 469 if (ipv6_chk_addr(net, saddr, dev, 470 flags & RT6_LOOKUP_F_IFACE)) 471 return sprt; 472 } 473 } 474 475 if (oif) { 476 if (local) 477 return local; 478 479 if (flags & RT6_LOOKUP_F_IFACE) 480 return net->ipv6.ip6_null_entry; 481 } 482 out: 483 return rt; 484 } 485 486 #ifdef CONFIG_IPV6_ROUTER_PREF 487 struct __rt6_probe_work { 488 struct work_struct work; 489 struct in6_addr target; 490 struct net_device *dev; 491 }; 492 493 static void rt6_probe_deferred(struct work_struct *w) 494 { 495 struct in6_addr mcaddr; 496 struct __rt6_probe_work *work = 497 container_of(w, struct __rt6_probe_work, work); 498 499 addrconf_addr_solict_mult(&work->target, &mcaddr); 500 ndisc_send_ns(work->dev, NULL, &work->target, &mcaddr, NULL); 501 dev_put(work->dev); 502 kfree(w); 503 } 504 505 static void rt6_probe(struct rt6_info *rt) 506 { 507 struct neighbour *neigh; 508 /* 509 * Okay, this does not seem to be appropriate 510 * for now, however, we need to check if it 511 * is really so; aka Router Reachability Probing. 512 * 513 * Router Reachability Probe MUST be rate-limited 514 * to no more than one per minute. 515 */ 516 if (!rt || !(rt->rt6i_flags & RTF_GATEWAY)) 517 return; 518 rcu_read_lock_bh(); 519 neigh = __ipv6_neigh_lookup_noref(rt->dst.dev, &rt->rt6i_gateway); 520 if (neigh) { 521 write_lock(&neigh->lock); 522 if (neigh->nud_state & NUD_VALID) 523 goto out; 524 } 525 526 if (!neigh || 527 time_after(jiffies, neigh->updated + rt->rt6i_idev->cnf.rtr_probe_interval)) { 528 struct __rt6_probe_work *work; 529 530 work = kmalloc(sizeof(*work), GFP_ATOMIC); 531 532 if (neigh && work) 533 __neigh_set_probe_once(neigh); 534 535 if (neigh) 536 write_unlock(&neigh->lock); 537 538 if (work) { 539 INIT_WORK(&work->work, rt6_probe_deferred); 540 work->target = rt->rt6i_gateway; 541 dev_hold(rt->dst.dev); 542 work->dev = rt->dst.dev; 543 schedule_work(&work->work); 544 } 545 } else { 546 out: 547 write_unlock(&neigh->lock); 548 } 549 rcu_read_unlock_bh(); 550 } 551 #else 552 static inline void rt6_probe(struct rt6_info *rt) 553 { 554 } 555 #endif 556 557 /* 558 * Default Router Selection (RFC 2461 6.3.6) 559 */ 560 static inline int rt6_check_dev(struct rt6_info *rt, int oif) 561 { 562 struct net_device *dev = rt->dst.dev; 563 if (!oif || dev->ifindex == oif) 564 return 2; 565 if ((dev->flags & IFF_LOOPBACK) && 566 rt->rt6i_idev && rt->rt6i_idev->dev->ifindex == oif) 567 return 1; 568 return 0; 569 } 570 571 static inline enum rt6_nud_state rt6_check_neigh(struct rt6_info *rt) 572 { 573 struct neighbour *neigh; 574 enum rt6_nud_state ret = RT6_NUD_FAIL_HARD; 575 576 if (rt->rt6i_flags & RTF_NONEXTHOP || 577 !(rt->rt6i_flags & RTF_GATEWAY)) 578 return RT6_NUD_SUCCEED; 579 580 rcu_read_lock_bh(); 581 neigh = __ipv6_neigh_lookup_noref(rt->dst.dev, &rt->rt6i_gateway); 582 if (neigh) { 583 read_lock(&neigh->lock); 584 if (neigh->nud_state & NUD_VALID) 585 ret = RT6_NUD_SUCCEED; 586 #ifdef CONFIG_IPV6_ROUTER_PREF 587 else if (!(neigh->nud_state & NUD_FAILED)) 588 ret = RT6_NUD_SUCCEED; 589 else 590 ret = RT6_NUD_FAIL_PROBE; 591 #endif 592 read_unlock(&neigh->lock); 593 } else { 594 ret = IS_ENABLED(CONFIG_IPV6_ROUTER_PREF) ? 595 RT6_NUD_SUCCEED : RT6_NUD_FAIL_DO_RR; 596 } 597 rcu_read_unlock_bh(); 598 599 return ret; 600 } 601 602 static int rt6_score_route(struct rt6_info *rt, int oif, 603 int strict) 604 { 605 int m; 606 607 m = rt6_check_dev(rt, oif); 608 if (!m && (strict & RT6_LOOKUP_F_IFACE)) 609 return RT6_NUD_FAIL_HARD; 610 #ifdef CONFIG_IPV6_ROUTER_PREF 611 m |= IPV6_DECODE_PREF(IPV6_EXTRACT_PREF(rt->rt6i_flags)) << 2; 612 #endif 613 if (strict & RT6_LOOKUP_F_REACHABLE) { 614 int n = rt6_check_neigh(rt); 615 if (n < 0) 616 return n; 617 } 618 return m; 619 } 620 621 static struct rt6_info *find_match(struct rt6_info *rt, int oif, int strict, 622 int *mpri, struct rt6_info *match, 623 bool *do_rr) 624 { 625 int m; 626 bool match_do_rr = false; 627 628 if (rt6_check_expired(rt)) 629 goto out; 630 631 m = rt6_score_route(rt, oif, strict); 632 if (m == RT6_NUD_FAIL_DO_RR) { 633 match_do_rr = true; 634 m = 0; /* lowest valid score */ 635 } else if (m == RT6_NUD_FAIL_HARD) { 636 goto out; 637 } 638 639 if (strict & RT6_LOOKUP_F_REACHABLE) 640 rt6_probe(rt); 641 642 /* note that m can be RT6_NUD_FAIL_PROBE at this point */ 643 if (m > *mpri) { 644 *do_rr = match_do_rr; 645 *mpri = m; 646 match = rt; 647 } 648 out: 649 return match; 650 } 651 652 static struct rt6_info *find_rr_leaf(struct fib6_node *fn, 653 struct rt6_info *rr_head, 654 u32 metric, int oif, int strict, 655 bool *do_rr) 656 { 657 struct rt6_info *rt, *match; 658 int mpri = -1; 659 660 match = NULL; 661 for (rt = rr_head; rt && rt->rt6i_metric == metric; 662 rt = rt->dst.rt6_next) 663 match = find_match(rt, oif, strict, &mpri, match, do_rr); 664 for (rt = fn->leaf; rt && rt != rr_head && rt->rt6i_metric == metric; 665 rt = rt->dst.rt6_next) 666 match = find_match(rt, oif, strict, &mpri, match, do_rr); 667 668 return match; 669 } 670 671 static struct rt6_info *rt6_select(struct fib6_node *fn, int oif, int strict) 672 { 673 struct rt6_info *match, *rt0; 674 struct net *net; 675 bool do_rr = false; 676 677 rt0 = fn->rr_ptr; 678 if (!rt0) 679 fn->rr_ptr = rt0 = fn->leaf; 680 681 match = find_rr_leaf(fn, rt0, rt0->rt6i_metric, oif, strict, 682 &do_rr); 683 684 if (do_rr) { 685 struct rt6_info *next = rt0->dst.rt6_next; 686 687 /* no entries matched; do round-robin */ 688 if (!next || next->rt6i_metric != rt0->rt6i_metric) 689 next = fn->leaf; 690 691 if (next != rt0) 692 fn->rr_ptr = next; 693 } 694 695 net = dev_net(rt0->dst.dev); 696 return match ? match : net->ipv6.ip6_null_entry; 697 } 698 699 #ifdef CONFIG_IPV6_ROUTE_INFO 700 int rt6_route_rcv(struct net_device *dev, u8 *opt, int len, 701 const struct in6_addr *gwaddr) 702 { 703 struct net *net = dev_net(dev); 704 struct route_info *rinfo = (struct route_info *) opt; 705 struct in6_addr prefix_buf, *prefix; 706 unsigned int pref; 707 unsigned long lifetime; 708 struct rt6_info *rt; 709 710 if (len < sizeof(struct route_info)) { 711 return -EINVAL; 712 } 713 714 /* Sanity check for prefix_len and length */ 715 if (rinfo->length > 3) { 716 return -EINVAL; 717 } else if (rinfo->prefix_len > 128) { 718 return -EINVAL; 719 } else if (rinfo->prefix_len > 64) { 720 if (rinfo->length < 2) { 721 return -EINVAL; 722 } 723 } else if (rinfo->prefix_len > 0) { 724 if (rinfo->length < 1) { 725 return -EINVAL; 726 } 727 } 728 729 pref = rinfo->route_pref; 730 if (pref == ICMPV6_ROUTER_PREF_INVALID) 731 return -EINVAL; 732 733 lifetime = addrconf_timeout_fixup(ntohl(rinfo->lifetime), HZ); 734 735 if (rinfo->length == 3) 736 prefix = (struct in6_addr *)rinfo->prefix; 737 else { 738 /* this function is safe */ 739 ipv6_addr_prefix(&prefix_buf, 740 (struct in6_addr *)rinfo->prefix, 741 rinfo->prefix_len); 742 prefix = &prefix_buf; 743 } 744 745 if (rinfo->prefix_len == 0) 746 rt = rt6_get_dflt_router(gwaddr, dev); 747 else 748 rt = rt6_get_route_info(net, prefix, rinfo->prefix_len, 749 gwaddr, dev->ifindex); 750 751 if (rt && !lifetime) { 752 ip6_del_rt(rt); 753 rt = NULL; 754 } 755 756 if (!rt && lifetime) 757 rt = rt6_add_route_info(net, prefix, rinfo->prefix_len, gwaddr, dev->ifindex, 758 pref); 759 else if (rt) 760 rt->rt6i_flags = RTF_ROUTEINFO | 761 (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref); 762 763 if (rt) { 764 if (!addrconf_finite_timeout(lifetime)) 765 rt6_clean_expires(rt); 766 else 767 rt6_set_expires(rt, jiffies + HZ * lifetime); 768 769 ip6_rt_put(rt); 770 } 771 return 0; 772 } 773 #endif 774 775 static struct fib6_node* fib6_backtrack(struct fib6_node *fn, 776 struct in6_addr *saddr) 777 { 778 struct fib6_node *pn; 779 while (1) { 780 if (fn->fn_flags & RTN_TL_ROOT) 781 return NULL; 782 pn = fn->parent; 783 if (FIB6_SUBTREE(pn) && FIB6_SUBTREE(pn) != fn) 784 fn = fib6_lookup(FIB6_SUBTREE(pn), NULL, saddr); 785 else 786 fn = pn; 787 if (fn->fn_flags & RTN_RTINFO) 788 return fn; 789 } 790 } 791 792 static struct rt6_info *ip6_pol_route_lookup(struct net *net, 793 struct fib6_table *table, 794 struct flowi6 *fl6, int flags) 795 { 796 struct fib6_node *fn; 797 struct rt6_info *rt; 798 799 read_lock_bh(&table->tb6_lock); 800 fn = fib6_lookup(&table->tb6_root, &fl6->daddr, &fl6->saddr); 801 restart: 802 rt = fn->leaf; 803 rt = rt6_device_match(net, rt, &fl6->saddr, fl6->flowi6_oif, flags); 804 if (rt->rt6i_nsiblings && fl6->flowi6_oif == 0) 805 rt = rt6_multipath_select(rt, fl6, fl6->flowi6_oif, flags); 806 if (rt == net->ipv6.ip6_null_entry) { 807 fn = fib6_backtrack(fn, &fl6->saddr); 808 if (fn) 809 goto restart; 810 } 811 dst_use(&rt->dst, jiffies); 812 read_unlock_bh(&table->tb6_lock); 813 return rt; 814 815 } 816 817 struct dst_entry *ip6_route_lookup(struct net *net, struct flowi6 *fl6, 818 int flags) 819 { 820 return fib6_rule_lookup(net, fl6, flags, ip6_pol_route_lookup); 821 } 822 EXPORT_SYMBOL_GPL(ip6_route_lookup); 823 824 struct rt6_info *rt6_lookup(struct net *net, const struct in6_addr *daddr, 825 const struct in6_addr *saddr, int oif, int strict) 826 { 827 struct flowi6 fl6 = { 828 .flowi6_oif = oif, 829 .daddr = *daddr, 830 }; 831 struct dst_entry *dst; 832 int flags = strict ? RT6_LOOKUP_F_IFACE : 0; 833 834 if (saddr) { 835 memcpy(&fl6.saddr, saddr, sizeof(*saddr)); 836 flags |= RT6_LOOKUP_F_HAS_SADDR; 837 } 838 839 dst = fib6_rule_lookup(net, &fl6, flags, ip6_pol_route_lookup); 840 if (dst->error == 0) 841 return (struct rt6_info *) dst; 842 843 dst_release(dst); 844 845 return NULL; 846 } 847 EXPORT_SYMBOL(rt6_lookup); 848 849 /* ip6_ins_rt is called with FREE table->tb6_lock. 850 It takes new route entry, the addition fails by any reason the 851 route is freed. In any case, if caller does not hold it, it may 852 be destroyed. 853 */ 854 855 static int __ip6_ins_rt(struct rt6_info *rt, struct nl_info *info, 856 struct nlattr *mx, int mx_len) 857 { 858 int err; 859 struct fib6_table *table; 860 861 table = rt->rt6i_table; 862 write_lock_bh(&table->tb6_lock); 863 err = fib6_add(&table->tb6_root, rt, info, mx, mx_len); 864 write_unlock_bh(&table->tb6_lock); 865 866 return err; 867 } 868 869 int ip6_ins_rt(struct rt6_info *rt) 870 { 871 struct nl_info info = { 872 .nl_net = dev_net(rt->dst.dev), 873 }; 874 return __ip6_ins_rt(rt, &info, NULL, 0); 875 } 876 877 static struct rt6_info *rt6_alloc_cow(struct rt6_info *ort, 878 const struct in6_addr *daddr, 879 const struct in6_addr *saddr) 880 { 881 struct rt6_info *rt; 882 883 /* 884 * Clone the route. 885 */ 886 887 rt = ip6_rt_copy(ort, daddr); 888 889 if (rt) { 890 if (ort->rt6i_dst.plen != 128 && 891 ipv6_addr_equal(&ort->rt6i_dst.addr, daddr)) 892 rt->rt6i_flags |= RTF_ANYCAST; 893 894 rt->rt6i_flags |= RTF_CACHE; 895 896 #ifdef CONFIG_IPV6_SUBTREES 897 if (rt->rt6i_src.plen && saddr) { 898 rt->rt6i_src.addr = *saddr; 899 rt->rt6i_src.plen = 128; 900 } 901 #endif 902 } 903 904 return rt; 905 } 906 907 static struct rt6_info *rt6_alloc_clone(struct rt6_info *ort, 908 const struct in6_addr *daddr) 909 { 910 struct rt6_info *rt = ip6_rt_copy(ort, daddr); 911 912 if (rt) 913 rt->rt6i_flags |= RTF_CACHE; 914 return rt; 915 } 916 917 static struct rt6_info *ip6_pol_route(struct net *net, struct fib6_table *table, int oif, 918 struct flowi6 *fl6, int flags) 919 { 920 struct fib6_node *fn; 921 struct rt6_info *rt, *nrt; 922 int strict = 0; 923 int attempts = 3; 924 int err; 925 int reachable = net->ipv6.devconf_all->forwarding ? 0 : RT6_LOOKUP_F_REACHABLE; 926 927 strict |= flags & RT6_LOOKUP_F_IFACE; 928 929 redo_fib6_lookup_lock: 930 read_lock_bh(&table->tb6_lock); 931 932 redo_fib6_lookup: 933 fn = fib6_lookup(&table->tb6_root, &fl6->daddr, &fl6->saddr); 934 935 redo_rt6_select: 936 rt = rt6_select(fn, oif, strict | reachable); 937 if (rt->rt6i_nsiblings) 938 rt = rt6_multipath_select(rt, fl6, oif, strict | reachable); 939 if (rt == net->ipv6.ip6_null_entry) { 940 fn = fib6_backtrack(fn, &fl6->saddr); 941 if (fn) 942 goto redo_rt6_select; 943 else 944 goto out; 945 } 946 947 if (rt->rt6i_flags & RTF_CACHE) 948 goto out; 949 950 dst_hold(&rt->dst); 951 read_unlock_bh(&table->tb6_lock); 952 953 if (!(rt->rt6i_flags & (RTF_NONEXTHOP | RTF_GATEWAY))) 954 nrt = rt6_alloc_cow(rt, &fl6->daddr, &fl6->saddr); 955 else if (!(rt->dst.flags & DST_HOST)) 956 nrt = rt6_alloc_clone(rt, &fl6->daddr); 957 else 958 goto out2; 959 960 ip6_rt_put(rt); 961 rt = nrt ? : net->ipv6.ip6_null_entry; 962 963 dst_hold(&rt->dst); 964 if (nrt) { 965 err = ip6_ins_rt(nrt); 966 if (!err) 967 goto out2; 968 } 969 970 if (--attempts <= 0) 971 goto out2; 972 973 /* 974 * Race condition! In the gap, when table->tb6_lock was 975 * released someone could insert this route. Relookup. 976 */ 977 ip6_rt_put(rt); 978 goto redo_fib6_lookup_lock; 979 980 out: 981 if (reachable) { 982 reachable = 0; 983 goto redo_fib6_lookup; 984 } 985 dst_hold(&rt->dst); 986 read_unlock_bh(&table->tb6_lock); 987 out2: 988 rt->dst.lastuse = jiffies; 989 rt->dst.__use++; 990 991 return rt; 992 } 993 994 static struct rt6_info *ip6_pol_route_input(struct net *net, struct fib6_table *table, 995 struct flowi6 *fl6, int flags) 996 { 997 return ip6_pol_route(net, table, fl6->flowi6_iif, fl6, flags); 998 } 999 1000 static struct dst_entry *ip6_route_input_lookup(struct net *net, 1001 struct net_device *dev, 1002 struct flowi6 *fl6, int flags) 1003 { 1004 if (rt6_need_strict(&fl6->daddr) && dev->type != ARPHRD_PIMREG) 1005 flags |= RT6_LOOKUP_F_IFACE; 1006 1007 return fib6_rule_lookup(net, fl6, flags, ip6_pol_route_input); 1008 } 1009 1010 void ip6_route_input(struct sk_buff *skb) 1011 { 1012 const struct ipv6hdr *iph = ipv6_hdr(skb); 1013 struct net *net = dev_net(skb->dev); 1014 int flags = RT6_LOOKUP_F_HAS_SADDR; 1015 struct flowi6 fl6 = { 1016 .flowi6_iif = skb->dev->ifindex, 1017 .daddr = iph->daddr, 1018 .saddr = iph->saddr, 1019 .flowlabel = ip6_flowinfo(iph), 1020 .flowi6_mark = skb->mark, 1021 .flowi6_proto = iph->nexthdr, 1022 }; 1023 1024 skb_dst_set(skb, ip6_route_input_lookup(net, skb->dev, &fl6, flags)); 1025 } 1026 1027 static struct rt6_info *ip6_pol_route_output(struct net *net, struct fib6_table *table, 1028 struct flowi6 *fl6, int flags) 1029 { 1030 return ip6_pol_route(net, table, fl6->flowi6_oif, fl6, flags); 1031 } 1032 1033 struct dst_entry *ip6_route_output(struct net *net, const struct sock *sk, 1034 struct flowi6 *fl6) 1035 { 1036 int flags = 0; 1037 1038 fl6->flowi6_iif = LOOPBACK_IFINDEX; 1039 1040 if ((sk && sk->sk_bound_dev_if) || rt6_need_strict(&fl6->daddr)) 1041 flags |= RT6_LOOKUP_F_IFACE; 1042 1043 if (!ipv6_addr_any(&fl6->saddr)) 1044 flags |= RT6_LOOKUP_F_HAS_SADDR; 1045 else if (sk) 1046 flags |= rt6_srcprefs2flags(inet6_sk(sk)->srcprefs); 1047 1048 return fib6_rule_lookup(net, fl6, flags, ip6_pol_route_output); 1049 } 1050 EXPORT_SYMBOL(ip6_route_output); 1051 1052 struct dst_entry *ip6_blackhole_route(struct net *net, struct dst_entry *dst_orig) 1053 { 1054 struct rt6_info *rt, *ort = (struct rt6_info *) dst_orig; 1055 struct dst_entry *new = NULL; 1056 1057 rt = dst_alloc(&ip6_dst_blackhole_ops, ort->dst.dev, 1, DST_OBSOLETE_NONE, 0); 1058 if (rt) { 1059 new = &rt->dst; 1060 1061 memset(new + 1, 0, sizeof(*rt) - sizeof(*new)); 1062 rt6_init_peer(rt, net->ipv6.peers); 1063 1064 new->__use = 1; 1065 new->input = dst_discard; 1066 new->output = dst_discard_sk; 1067 1068 if (dst_metrics_read_only(&ort->dst)) 1069 new->_metrics = ort->dst._metrics; 1070 else 1071 dst_copy_metrics(new, &ort->dst); 1072 rt->rt6i_idev = ort->rt6i_idev; 1073 if (rt->rt6i_idev) 1074 in6_dev_hold(rt->rt6i_idev); 1075 1076 rt->rt6i_gateway = ort->rt6i_gateway; 1077 rt->rt6i_flags = ort->rt6i_flags; 1078 rt->rt6i_metric = 0; 1079 1080 memcpy(&rt->rt6i_dst, &ort->rt6i_dst, sizeof(struct rt6key)); 1081 #ifdef CONFIG_IPV6_SUBTREES 1082 memcpy(&rt->rt6i_src, &ort->rt6i_src, sizeof(struct rt6key)); 1083 #endif 1084 1085 dst_free(new); 1086 } 1087 1088 dst_release(dst_orig); 1089 return new ? new : ERR_PTR(-ENOMEM); 1090 } 1091 1092 /* 1093 * Destination cache support functions 1094 */ 1095 1096 static struct dst_entry *ip6_dst_check(struct dst_entry *dst, u32 cookie) 1097 { 1098 struct rt6_info *rt; 1099 1100 rt = (struct rt6_info *) dst; 1101 1102 /* All IPV6 dsts are created with ->obsolete set to the value 1103 * DST_OBSOLETE_FORCE_CHK which forces validation calls down 1104 * into this function always. 1105 */ 1106 if (!rt->rt6i_node || (rt->rt6i_node->fn_sernum != cookie)) 1107 return NULL; 1108 1109 if (rt6_check_expired(rt)) 1110 return NULL; 1111 1112 return dst; 1113 } 1114 1115 static struct dst_entry *ip6_negative_advice(struct dst_entry *dst) 1116 { 1117 struct rt6_info *rt = (struct rt6_info *) dst; 1118 1119 if (rt) { 1120 if (rt->rt6i_flags & RTF_CACHE) { 1121 if (rt6_check_expired(rt)) { 1122 ip6_del_rt(rt); 1123 dst = NULL; 1124 } 1125 } else { 1126 dst_release(dst); 1127 dst = NULL; 1128 } 1129 } 1130 return dst; 1131 } 1132 1133 static void ip6_link_failure(struct sk_buff *skb) 1134 { 1135 struct rt6_info *rt; 1136 1137 icmpv6_send(skb, ICMPV6_DEST_UNREACH, ICMPV6_ADDR_UNREACH, 0); 1138 1139 rt = (struct rt6_info *) skb_dst(skb); 1140 if (rt) { 1141 if (rt->rt6i_flags & RTF_CACHE) { 1142 dst_hold(&rt->dst); 1143 if (ip6_del_rt(rt)) 1144 dst_free(&rt->dst); 1145 } else if (rt->rt6i_node && (rt->rt6i_flags & RTF_DEFAULT)) { 1146 rt->rt6i_node->fn_sernum = -1; 1147 } 1148 } 1149 } 1150 1151 static void ip6_rt_update_pmtu(struct dst_entry *dst, struct sock *sk, 1152 struct sk_buff *skb, u32 mtu) 1153 { 1154 struct rt6_info *rt6 = (struct rt6_info *)dst; 1155 1156 dst_confirm(dst); 1157 if (mtu < dst_mtu(dst) && rt6->rt6i_dst.plen == 128) { 1158 struct net *net = dev_net(dst->dev); 1159 1160 rt6->rt6i_flags |= RTF_MODIFIED; 1161 if (mtu < IPV6_MIN_MTU) { 1162 u32 features = dst_metric(dst, RTAX_FEATURES); 1163 mtu = IPV6_MIN_MTU; 1164 features |= RTAX_FEATURE_ALLFRAG; 1165 dst_metric_set(dst, RTAX_FEATURES, features); 1166 } 1167 dst_metric_set(dst, RTAX_MTU, mtu); 1168 rt6_update_expires(rt6, net->ipv6.sysctl.ip6_rt_mtu_expires); 1169 } 1170 } 1171 1172 void ip6_update_pmtu(struct sk_buff *skb, struct net *net, __be32 mtu, 1173 int oif, u32 mark) 1174 { 1175 const struct ipv6hdr *iph = (struct ipv6hdr *) skb->data; 1176 struct dst_entry *dst; 1177 struct flowi6 fl6; 1178 1179 memset(&fl6, 0, sizeof(fl6)); 1180 fl6.flowi6_oif = oif; 1181 fl6.flowi6_mark = mark ? mark : IP6_REPLY_MARK(net, skb->mark); 1182 fl6.daddr = iph->daddr; 1183 fl6.saddr = iph->saddr; 1184 fl6.flowlabel = ip6_flowinfo(iph); 1185 1186 dst = ip6_route_output(net, NULL, &fl6); 1187 if (!dst->error) 1188 ip6_rt_update_pmtu(dst, NULL, skb, ntohl(mtu)); 1189 dst_release(dst); 1190 } 1191 EXPORT_SYMBOL_GPL(ip6_update_pmtu); 1192 1193 void ip6_sk_update_pmtu(struct sk_buff *skb, struct sock *sk, __be32 mtu) 1194 { 1195 ip6_update_pmtu(skb, sock_net(sk), mtu, 1196 sk->sk_bound_dev_if, sk->sk_mark); 1197 } 1198 EXPORT_SYMBOL_GPL(ip6_sk_update_pmtu); 1199 1200 /* Handle redirects */ 1201 struct ip6rd_flowi { 1202 struct flowi6 fl6; 1203 struct in6_addr gateway; 1204 }; 1205 1206 static struct rt6_info *__ip6_route_redirect(struct net *net, 1207 struct fib6_table *table, 1208 struct flowi6 *fl6, 1209 int flags) 1210 { 1211 struct ip6rd_flowi *rdfl = (struct ip6rd_flowi *)fl6; 1212 struct rt6_info *rt; 1213 struct fib6_node *fn; 1214 1215 /* Get the "current" route for this destination and 1216 * check if the redirect has come from approriate router. 1217 * 1218 * RFC 4861 specifies that redirects should only be 1219 * accepted if they come from the nexthop to the target. 1220 * Due to the way the routes are chosen, this notion 1221 * is a bit fuzzy and one might need to check all possible 1222 * routes. 1223 */ 1224 1225 read_lock_bh(&table->tb6_lock); 1226 fn = fib6_lookup(&table->tb6_root, &fl6->daddr, &fl6->saddr); 1227 restart: 1228 for (rt = fn->leaf; rt; rt = rt->dst.rt6_next) { 1229 if (rt6_check_expired(rt)) 1230 continue; 1231 if (rt->dst.error) 1232 break; 1233 if (!(rt->rt6i_flags & RTF_GATEWAY)) 1234 continue; 1235 if (fl6->flowi6_oif != rt->dst.dev->ifindex) 1236 continue; 1237 if (!ipv6_addr_equal(&rdfl->gateway, &rt->rt6i_gateway)) 1238 continue; 1239 break; 1240 } 1241 1242 if (!rt) 1243 rt = net->ipv6.ip6_null_entry; 1244 else if (rt->dst.error) { 1245 rt = net->ipv6.ip6_null_entry; 1246 } else if (rt == net->ipv6.ip6_null_entry) { 1247 fn = fib6_backtrack(fn, &fl6->saddr); 1248 if (fn) 1249 goto restart; 1250 } 1251 1252 dst_hold(&rt->dst); 1253 1254 read_unlock_bh(&table->tb6_lock); 1255 1256 return rt; 1257 }; 1258 1259 static struct dst_entry *ip6_route_redirect(struct net *net, 1260 const struct flowi6 *fl6, 1261 const struct in6_addr *gateway) 1262 { 1263 int flags = RT6_LOOKUP_F_HAS_SADDR; 1264 struct ip6rd_flowi rdfl; 1265 1266 rdfl.fl6 = *fl6; 1267 rdfl.gateway = *gateway; 1268 1269 return fib6_rule_lookup(net, &rdfl.fl6, 1270 flags, __ip6_route_redirect); 1271 } 1272 1273 void ip6_redirect(struct sk_buff *skb, struct net *net, int oif, u32 mark) 1274 { 1275 const struct ipv6hdr *iph = (struct ipv6hdr *) skb->data; 1276 struct dst_entry *dst; 1277 struct flowi6 fl6; 1278 1279 memset(&fl6, 0, sizeof(fl6)); 1280 fl6.flowi6_iif = LOOPBACK_IFINDEX; 1281 fl6.flowi6_oif = oif; 1282 fl6.flowi6_mark = mark; 1283 fl6.daddr = iph->daddr; 1284 fl6.saddr = iph->saddr; 1285 fl6.flowlabel = ip6_flowinfo(iph); 1286 1287 dst = ip6_route_redirect(net, &fl6, &ipv6_hdr(skb)->saddr); 1288 rt6_do_redirect(dst, NULL, skb); 1289 dst_release(dst); 1290 } 1291 EXPORT_SYMBOL_GPL(ip6_redirect); 1292 1293 void ip6_redirect_no_header(struct sk_buff *skb, struct net *net, int oif, 1294 u32 mark) 1295 { 1296 const struct ipv6hdr *iph = ipv6_hdr(skb); 1297 const struct rd_msg *msg = (struct rd_msg *)icmp6_hdr(skb); 1298 struct dst_entry *dst; 1299 struct flowi6 fl6; 1300 1301 memset(&fl6, 0, sizeof(fl6)); 1302 fl6.flowi6_iif = LOOPBACK_IFINDEX; 1303 fl6.flowi6_oif = oif; 1304 fl6.flowi6_mark = mark; 1305 fl6.daddr = msg->dest; 1306 fl6.saddr = iph->daddr; 1307 1308 dst = ip6_route_redirect(net, &fl6, &iph->saddr); 1309 rt6_do_redirect(dst, NULL, skb); 1310 dst_release(dst); 1311 } 1312 1313 void ip6_sk_redirect(struct sk_buff *skb, struct sock *sk) 1314 { 1315 ip6_redirect(skb, sock_net(sk), sk->sk_bound_dev_if, sk->sk_mark); 1316 } 1317 EXPORT_SYMBOL_GPL(ip6_sk_redirect); 1318 1319 static unsigned int ip6_default_advmss(const struct dst_entry *dst) 1320 { 1321 struct net_device *dev = dst->dev; 1322 unsigned int mtu = dst_mtu(dst); 1323 struct net *net = dev_net(dev); 1324 1325 mtu -= sizeof(struct ipv6hdr) + sizeof(struct tcphdr); 1326 1327 if (mtu < net->ipv6.sysctl.ip6_rt_min_advmss) 1328 mtu = net->ipv6.sysctl.ip6_rt_min_advmss; 1329 1330 /* 1331 * Maximal non-jumbo IPv6 payload is IPV6_MAXPLEN and 1332 * corresponding MSS is IPV6_MAXPLEN - tcp_header_size. 1333 * IPV6_MAXPLEN is also valid and means: "any MSS, 1334 * rely only on pmtu discovery" 1335 */ 1336 if (mtu > IPV6_MAXPLEN - sizeof(struct tcphdr)) 1337 mtu = IPV6_MAXPLEN; 1338 return mtu; 1339 } 1340 1341 static unsigned int ip6_mtu(const struct dst_entry *dst) 1342 { 1343 struct inet6_dev *idev; 1344 unsigned int mtu = dst_metric_raw(dst, RTAX_MTU); 1345 1346 if (mtu) 1347 goto out; 1348 1349 mtu = IPV6_MIN_MTU; 1350 1351 rcu_read_lock(); 1352 idev = __in6_dev_get(dst->dev); 1353 if (idev) 1354 mtu = idev->cnf.mtu6; 1355 rcu_read_unlock(); 1356 1357 out: 1358 return min_t(unsigned int, mtu, IP6_MAX_MTU); 1359 } 1360 1361 static struct dst_entry *icmp6_dst_gc_list; 1362 static DEFINE_SPINLOCK(icmp6_dst_lock); 1363 1364 struct dst_entry *icmp6_dst_alloc(struct net_device *dev, 1365 struct flowi6 *fl6) 1366 { 1367 struct dst_entry *dst; 1368 struct rt6_info *rt; 1369 struct inet6_dev *idev = in6_dev_get(dev); 1370 struct net *net = dev_net(dev); 1371 1372 if (unlikely(!idev)) 1373 return ERR_PTR(-ENODEV); 1374 1375 rt = ip6_dst_alloc(net, dev, 0, NULL); 1376 if (unlikely(!rt)) { 1377 in6_dev_put(idev); 1378 dst = ERR_PTR(-ENOMEM); 1379 goto out; 1380 } 1381 1382 rt->dst.flags |= DST_HOST; 1383 rt->dst.output = ip6_output; 1384 atomic_set(&rt->dst.__refcnt, 1); 1385 rt->rt6i_gateway = fl6->daddr; 1386 rt->rt6i_dst.addr = fl6->daddr; 1387 rt->rt6i_dst.plen = 128; 1388 rt->rt6i_idev = idev; 1389 dst_metric_set(&rt->dst, RTAX_HOPLIMIT, 0); 1390 1391 spin_lock_bh(&icmp6_dst_lock); 1392 rt->dst.next = icmp6_dst_gc_list; 1393 icmp6_dst_gc_list = &rt->dst; 1394 spin_unlock_bh(&icmp6_dst_lock); 1395 1396 fib6_force_start_gc(net); 1397 1398 dst = xfrm_lookup(net, &rt->dst, flowi6_to_flowi(fl6), NULL, 0); 1399 1400 out: 1401 return dst; 1402 } 1403 1404 int icmp6_dst_gc(void) 1405 { 1406 struct dst_entry *dst, **pprev; 1407 int more = 0; 1408 1409 spin_lock_bh(&icmp6_dst_lock); 1410 pprev = &icmp6_dst_gc_list; 1411 1412 while ((dst = *pprev) != NULL) { 1413 if (!atomic_read(&dst->__refcnt)) { 1414 *pprev = dst->next; 1415 dst_free(dst); 1416 } else { 1417 pprev = &dst->next; 1418 ++more; 1419 } 1420 } 1421 1422 spin_unlock_bh(&icmp6_dst_lock); 1423 1424 return more; 1425 } 1426 1427 static void icmp6_clean_all(int (*func)(struct rt6_info *rt, void *arg), 1428 void *arg) 1429 { 1430 struct dst_entry *dst, **pprev; 1431 1432 spin_lock_bh(&icmp6_dst_lock); 1433 pprev = &icmp6_dst_gc_list; 1434 while ((dst = *pprev) != NULL) { 1435 struct rt6_info *rt = (struct rt6_info *) dst; 1436 if (func(rt, arg)) { 1437 *pprev = dst->next; 1438 dst_free(dst); 1439 } else { 1440 pprev = &dst->next; 1441 } 1442 } 1443 spin_unlock_bh(&icmp6_dst_lock); 1444 } 1445 1446 static int ip6_dst_gc(struct dst_ops *ops) 1447 { 1448 struct net *net = container_of(ops, struct net, ipv6.ip6_dst_ops); 1449 int rt_min_interval = net->ipv6.sysctl.ip6_rt_gc_min_interval; 1450 int rt_max_size = net->ipv6.sysctl.ip6_rt_max_size; 1451 int rt_elasticity = net->ipv6.sysctl.ip6_rt_gc_elasticity; 1452 int rt_gc_timeout = net->ipv6.sysctl.ip6_rt_gc_timeout; 1453 unsigned long rt_last_gc = net->ipv6.ip6_rt_last_gc; 1454 int entries; 1455 1456 entries = dst_entries_get_fast(ops); 1457 if (time_after(rt_last_gc + rt_min_interval, jiffies) && 1458 entries <= rt_max_size) 1459 goto out; 1460 1461 net->ipv6.ip6_rt_gc_expire++; 1462 fib6_run_gc(net->ipv6.ip6_rt_gc_expire, net, true); 1463 entries = dst_entries_get_slow(ops); 1464 if (entries < ops->gc_thresh) 1465 net->ipv6.ip6_rt_gc_expire = rt_gc_timeout>>1; 1466 out: 1467 net->ipv6.ip6_rt_gc_expire -= net->ipv6.ip6_rt_gc_expire>>rt_elasticity; 1468 return entries > rt_max_size; 1469 } 1470 1471 /* 1472 * 1473 */ 1474 1475 int ip6_route_add(struct fib6_config *cfg) 1476 { 1477 int err; 1478 struct net *net = cfg->fc_nlinfo.nl_net; 1479 struct rt6_info *rt = NULL; 1480 struct net_device *dev = NULL; 1481 struct inet6_dev *idev = NULL; 1482 struct fib6_table *table; 1483 int addr_type; 1484 1485 if (cfg->fc_dst_len > 128 || cfg->fc_src_len > 128) 1486 return -EINVAL; 1487 #ifndef CONFIG_IPV6_SUBTREES 1488 if (cfg->fc_src_len) 1489 return -EINVAL; 1490 #endif 1491 if (cfg->fc_ifindex) { 1492 err = -ENODEV; 1493 dev = dev_get_by_index(net, cfg->fc_ifindex); 1494 if (!dev) 1495 goto out; 1496 idev = in6_dev_get(dev); 1497 if (!idev) 1498 goto out; 1499 } 1500 1501 if (cfg->fc_metric == 0) 1502 cfg->fc_metric = IP6_RT_PRIO_USER; 1503 1504 err = -ENOBUFS; 1505 if (cfg->fc_nlinfo.nlh && 1506 !(cfg->fc_nlinfo.nlh->nlmsg_flags & NLM_F_CREATE)) { 1507 table = fib6_get_table(net, cfg->fc_table); 1508 if (!table) { 1509 pr_warn("NLM_F_CREATE should be specified when creating new route\n"); 1510 table = fib6_new_table(net, cfg->fc_table); 1511 } 1512 } else { 1513 table = fib6_new_table(net, cfg->fc_table); 1514 } 1515 1516 if (!table) 1517 goto out; 1518 1519 rt = ip6_dst_alloc(net, NULL, (cfg->fc_flags & RTF_ADDRCONF) ? 0 : DST_NOCOUNT, table); 1520 1521 if (!rt) { 1522 err = -ENOMEM; 1523 goto out; 1524 } 1525 1526 if (cfg->fc_flags & RTF_EXPIRES) 1527 rt6_set_expires(rt, jiffies + 1528 clock_t_to_jiffies(cfg->fc_expires)); 1529 else 1530 rt6_clean_expires(rt); 1531 1532 if (cfg->fc_protocol == RTPROT_UNSPEC) 1533 cfg->fc_protocol = RTPROT_BOOT; 1534 rt->rt6i_protocol = cfg->fc_protocol; 1535 1536 addr_type = ipv6_addr_type(&cfg->fc_dst); 1537 1538 if (addr_type & IPV6_ADDR_MULTICAST) 1539 rt->dst.input = ip6_mc_input; 1540 else if (cfg->fc_flags & RTF_LOCAL) 1541 rt->dst.input = ip6_input; 1542 else 1543 rt->dst.input = ip6_forward; 1544 1545 rt->dst.output = ip6_output; 1546 1547 ipv6_addr_prefix(&rt->rt6i_dst.addr, &cfg->fc_dst, cfg->fc_dst_len); 1548 rt->rt6i_dst.plen = cfg->fc_dst_len; 1549 if (rt->rt6i_dst.plen == 128) { 1550 rt->dst.flags |= DST_HOST; 1551 dst_metrics_set_force_overwrite(&rt->dst); 1552 } 1553 1554 #ifdef CONFIG_IPV6_SUBTREES 1555 ipv6_addr_prefix(&rt->rt6i_src.addr, &cfg->fc_src, cfg->fc_src_len); 1556 rt->rt6i_src.plen = cfg->fc_src_len; 1557 #endif 1558 1559 rt->rt6i_metric = cfg->fc_metric; 1560 1561 /* We cannot add true routes via loopback here, 1562 they would result in kernel looping; promote them to reject routes 1563 */ 1564 if ((cfg->fc_flags & RTF_REJECT) || 1565 (dev && (dev->flags & IFF_LOOPBACK) && 1566 !(addr_type & IPV6_ADDR_LOOPBACK) && 1567 !(cfg->fc_flags & RTF_LOCAL))) { 1568 /* hold loopback dev/idev if we haven't done so. */ 1569 if (dev != net->loopback_dev) { 1570 if (dev) { 1571 dev_put(dev); 1572 in6_dev_put(idev); 1573 } 1574 dev = net->loopback_dev; 1575 dev_hold(dev); 1576 idev = in6_dev_get(dev); 1577 if (!idev) { 1578 err = -ENODEV; 1579 goto out; 1580 } 1581 } 1582 rt->rt6i_flags = RTF_REJECT|RTF_NONEXTHOP; 1583 switch (cfg->fc_type) { 1584 case RTN_BLACKHOLE: 1585 rt->dst.error = -EINVAL; 1586 rt->dst.output = dst_discard_sk; 1587 rt->dst.input = dst_discard; 1588 break; 1589 case RTN_PROHIBIT: 1590 rt->dst.error = -EACCES; 1591 rt->dst.output = ip6_pkt_prohibit_out; 1592 rt->dst.input = ip6_pkt_prohibit; 1593 break; 1594 case RTN_THROW: 1595 default: 1596 rt->dst.error = (cfg->fc_type == RTN_THROW) ? -EAGAIN 1597 : -ENETUNREACH; 1598 rt->dst.output = ip6_pkt_discard_out; 1599 rt->dst.input = ip6_pkt_discard; 1600 break; 1601 } 1602 goto install_route; 1603 } 1604 1605 if (cfg->fc_flags & RTF_GATEWAY) { 1606 const struct in6_addr *gw_addr; 1607 int gwa_type; 1608 1609 gw_addr = &cfg->fc_gateway; 1610 rt->rt6i_gateway = *gw_addr; 1611 gwa_type = ipv6_addr_type(gw_addr); 1612 1613 if (gwa_type != (IPV6_ADDR_LINKLOCAL|IPV6_ADDR_UNICAST)) { 1614 struct rt6_info *grt; 1615 1616 /* IPv6 strictly inhibits using not link-local 1617 addresses as nexthop address. 1618 Otherwise, router will not able to send redirects. 1619 It is very good, but in some (rare!) circumstances 1620 (SIT, PtP, NBMA NOARP links) it is handy to allow 1621 some exceptions. --ANK 1622 */ 1623 err = -EINVAL; 1624 if (!(gwa_type & IPV6_ADDR_UNICAST)) 1625 goto out; 1626 1627 grt = rt6_lookup(net, gw_addr, NULL, cfg->fc_ifindex, 1); 1628 1629 err = -EHOSTUNREACH; 1630 if (!grt) 1631 goto out; 1632 if (dev) { 1633 if (dev != grt->dst.dev) { 1634 ip6_rt_put(grt); 1635 goto out; 1636 } 1637 } else { 1638 dev = grt->dst.dev; 1639 idev = grt->rt6i_idev; 1640 dev_hold(dev); 1641 in6_dev_hold(grt->rt6i_idev); 1642 } 1643 if (!(grt->rt6i_flags & RTF_GATEWAY)) 1644 err = 0; 1645 ip6_rt_put(grt); 1646 1647 if (err) 1648 goto out; 1649 } 1650 err = -EINVAL; 1651 if (!dev || (dev->flags & IFF_LOOPBACK)) 1652 goto out; 1653 } 1654 1655 err = -ENODEV; 1656 if (!dev) 1657 goto out; 1658 1659 if (!ipv6_addr_any(&cfg->fc_prefsrc)) { 1660 if (!ipv6_chk_addr(net, &cfg->fc_prefsrc, dev, 0)) { 1661 err = -EINVAL; 1662 goto out; 1663 } 1664 rt->rt6i_prefsrc.addr = cfg->fc_prefsrc; 1665 rt->rt6i_prefsrc.plen = 128; 1666 } else 1667 rt->rt6i_prefsrc.plen = 0; 1668 1669 rt->rt6i_flags = cfg->fc_flags; 1670 1671 install_route: 1672 rt->dst.dev = dev; 1673 rt->rt6i_idev = idev; 1674 rt->rt6i_table = table; 1675 1676 cfg->fc_nlinfo.nl_net = dev_net(dev); 1677 1678 return __ip6_ins_rt(rt, &cfg->fc_nlinfo, cfg->fc_mx, cfg->fc_mx_len); 1679 1680 out: 1681 if (dev) 1682 dev_put(dev); 1683 if (idev) 1684 in6_dev_put(idev); 1685 if (rt) 1686 dst_free(&rt->dst); 1687 return err; 1688 } 1689 1690 static int __ip6_del_rt(struct rt6_info *rt, struct nl_info *info) 1691 { 1692 int err; 1693 struct fib6_table *table; 1694 struct net *net = dev_net(rt->dst.dev); 1695 1696 if (rt == net->ipv6.ip6_null_entry) { 1697 err = -ENOENT; 1698 goto out; 1699 } 1700 1701 table = rt->rt6i_table; 1702 write_lock_bh(&table->tb6_lock); 1703 err = fib6_del(rt, info); 1704 write_unlock_bh(&table->tb6_lock); 1705 1706 out: 1707 ip6_rt_put(rt); 1708 return err; 1709 } 1710 1711 int ip6_del_rt(struct rt6_info *rt) 1712 { 1713 struct nl_info info = { 1714 .nl_net = dev_net(rt->dst.dev), 1715 }; 1716 return __ip6_del_rt(rt, &info); 1717 } 1718 1719 static int ip6_route_del(struct fib6_config *cfg) 1720 { 1721 struct fib6_table *table; 1722 struct fib6_node *fn; 1723 struct rt6_info *rt; 1724 int err = -ESRCH; 1725 1726 table = fib6_get_table(cfg->fc_nlinfo.nl_net, cfg->fc_table); 1727 if (!table) 1728 return err; 1729 1730 read_lock_bh(&table->tb6_lock); 1731 1732 fn = fib6_locate(&table->tb6_root, 1733 &cfg->fc_dst, cfg->fc_dst_len, 1734 &cfg->fc_src, cfg->fc_src_len); 1735 1736 if (fn) { 1737 for (rt = fn->leaf; rt; rt = rt->dst.rt6_next) { 1738 if (cfg->fc_ifindex && 1739 (!rt->dst.dev || 1740 rt->dst.dev->ifindex != cfg->fc_ifindex)) 1741 continue; 1742 if (cfg->fc_flags & RTF_GATEWAY && 1743 !ipv6_addr_equal(&cfg->fc_gateway, &rt->rt6i_gateway)) 1744 continue; 1745 if (cfg->fc_metric && cfg->fc_metric != rt->rt6i_metric) 1746 continue; 1747 dst_hold(&rt->dst); 1748 read_unlock_bh(&table->tb6_lock); 1749 1750 return __ip6_del_rt(rt, &cfg->fc_nlinfo); 1751 } 1752 } 1753 read_unlock_bh(&table->tb6_lock); 1754 1755 return err; 1756 } 1757 1758 static void rt6_do_redirect(struct dst_entry *dst, struct sock *sk, struct sk_buff *skb) 1759 { 1760 struct net *net = dev_net(skb->dev); 1761 struct netevent_redirect netevent; 1762 struct rt6_info *rt, *nrt = NULL; 1763 struct ndisc_options ndopts; 1764 struct inet6_dev *in6_dev; 1765 struct neighbour *neigh; 1766 struct rd_msg *msg; 1767 int optlen, on_link; 1768 u8 *lladdr; 1769 1770 optlen = skb_tail_pointer(skb) - skb_transport_header(skb); 1771 optlen -= sizeof(*msg); 1772 1773 if (optlen < 0) { 1774 net_dbg_ratelimited("rt6_do_redirect: packet too short\n"); 1775 return; 1776 } 1777 1778 msg = (struct rd_msg *)icmp6_hdr(skb); 1779 1780 if (ipv6_addr_is_multicast(&msg->dest)) { 1781 net_dbg_ratelimited("rt6_do_redirect: destination address is multicast\n"); 1782 return; 1783 } 1784 1785 on_link = 0; 1786 if (ipv6_addr_equal(&msg->dest, &msg->target)) { 1787 on_link = 1; 1788 } else if (ipv6_addr_type(&msg->target) != 1789 (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) { 1790 net_dbg_ratelimited("rt6_do_redirect: target address is not link-local unicast\n"); 1791 return; 1792 } 1793 1794 in6_dev = __in6_dev_get(skb->dev); 1795 if (!in6_dev) 1796 return; 1797 if (in6_dev->cnf.forwarding || !in6_dev->cnf.accept_redirects) 1798 return; 1799 1800 /* RFC2461 8.1: 1801 * The IP source address of the Redirect MUST be the same as the current 1802 * first-hop router for the specified ICMP Destination Address. 1803 */ 1804 1805 if (!ndisc_parse_options(msg->opt, optlen, &ndopts)) { 1806 net_dbg_ratelimited("rt6_redirect: invalid ND options\n"); 1807 return; 1808 } 1809 1810 lladdr = NULL; 1811 if (ndopts.nd_opts_tgt_lladdr) { 1812 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, 1813 skb->dev); 1814 if (!lladdr) { 1815 net_dbg_ratelimited("rt6_redirect: invalid link-layer address length\n"); 1816 return; 1817 } 1818 } 1819 1820 rt = (struct rt6_info *) dst; 1821 if (rt == net->ipv6.ip6_null_entry) { 1822 net_dbg_ratelimited("rt6_redirect: source isn't a valid nexthop for redirect target\n"); 1823 return; 1824 } 1825 1826 /* Redirect received -> path was valid. 1827 * Look, redirects are sent only in response to data packets, 1828 * so that this nexthop apparently is reachable. --ANK 1829 */ 1830 dst_confirm(&rt->dst); 1831 1832 neigh = __neigh_lookup(&nd_tbl, &msg->target, skb->dev, 1); 1833 if (!neigh) 1834 return; 1835 1836 /* 1837 * We have finally decided to accept it. 1838 */ 1839 1840 neigh_update(neigh, lladdr, NUD_STALE, 1841 NEIGH_UPDATE_F_WEAK_OVERRIDE| 1842 NEIGH_UPDATE_F_OVERRIDE| 1843 (on_link ? 0 : (NEIGH_UPDATE_F_OVERRIDE_ISROUTER| 1844 NEIGH_UPDATE_F_ISROUTER)) 1845 ); 1846 1847 nrt = ip6_rt_copy(rt, &msg->dest); 1848 if (!nrt) 1849 goto out; 1850 1851 nrt->rt6i_flags = RTF_GATEWAY|RTF_UP|RTF_DYNAMIC|RTF_CACHE; 1852 if (on_link) 1853 nrt->rt6i_flags &= ~RTF_GATEWAY; 1854 1855 nrt->rt6i_gateway = *(struct in6_addr *)neigh->primary_key; 1856 1857 if (ip6_ins_rt(nrt)) 1858 goto out; 1859 1860 netevent.old = &rt->dst; 1861 netevent.new = &nrt->dst; 1862 netevent.daddr = &msg->dest; 1863 netevent.neigh = neigh; 1864 call_netevent_notifiers(NETEVENT_REDIRECT, &netevent); 1865 1866 if (rt->rt6i_flags & RTF_CACHE) { 1867 rt = (struct rt6_info *) dst_clone(&rt->dst); 1868 ip6_del_rt(rt); 1869 } 1870 1871 out: 1872 neigh_release(neigh); 1873 } 1874 1875 /* 1876 * Misc support functions 1877 */ 1878 1879 static struct rt6_info *ip6_rt_copy(struct rt6_info *ort, 1880 const struct in6_addr *dest) 1881 { 1882 struct net *net = dev_net(ort->dst.dev); 1883 struct rt6_info *rt = ip6_dst_alloc(net, ort->dst.dev, 0, 1884 ort->rt6i_table); 1885 1886 if (rt) { 1887 rt->dst.input = ort->dst.input; 1888 rt->dst.output = ort->dst.output; 1889 rt->dst.flags |= DST_HOST; 1890 1891 rt->rt6i_dst.addr = *dest; 1892 rt->rt6i_dst.plen = 128; 1893 dst_copy_metrics(&rt->dst, &ort->dst); 1894 rt->dst.error = ort->dst.error; 1895 rt->rt6i_idev = ort->rt6i_idev; 1896 if (rt->rt6i_idev) 1897 in6_dev_hold(rt->rt6i_idev); 1898 rt->dst.lastuse = jiffies; 1899 1900 if (ort->rt6i_flags & RTF_GATEWAY) 1901 rt->rt6i_gateway = ort->rt6i_gateway; 1902 else 1903 rt->rt6i_gateway = *dest; 1904 rt->rt6i_flags = ort->rt6i_flags; 1905 rt6_set_from(rt, ort); 1906 rt->rt6i_metric = 0; 1907 1908 #ifdef CONFIG_IPV6_SUBTREES 1909 memcpy(&rt->rt6i_src, &ort->rt6i_src, sizeof(struct rt6key)); 1910 #endif 1911 memcpy(&rt->rt6i_prefsrc, &ort->rt6i_prefsrc, sizeof(struct rt6key)); 1912 rt->rt6i_table = ort->rt6i_table; 1913 } 1914 return rt; 1915 } 1916 1917 #ifdef CONFIG_IPV6_ROUTE_INFO 1918 static struct rt6_info *rt6_get_route_info(struct net *net, 1919 const struct in6_addr *prefix, int prefixlen, 1920 const struct in6_addr *gwaddr, int ifindex) 1921 { 1922 struct fib6_node *fn; 1923 struct rt6_info *rt = NULL; 1924 struct fib6_table *table; 1925 1926 table = fib6_get_table(net, RT6_TABLE_INFO); 1927 if (!table) 1928 return NULL; 1929 1930 read_lock_bh(&table->tb6_lock); 1931 fn = fib6_locate(&table->tb6_root, prefix, prefixlen, NULL, 0); 1932 if (!fn) 1933 goto out; 1934 1935 for (rt = fn->leaf; rt; rt = rt->dst.rt6_next) { 1936 if (rt->dst.dev->ifindex != ifindex) 1937 continue; 1938 if ((rt->rt6i_flags & (RTF_ROUTEINFO|RTF_GATEWAY)) != (RTF_ROUTEINFO|RTF_GATEWAY)) 1939 continue; 1940 if (!ipv6_addr_equal(&rt->rt6i_gateway, gwaddr)) 1941 continue; 1942 dst_hold(&rt->dst); 1943 break; 1944 } 1945 out: 1946 read_unlock_bh(&table->tb6_lock); 1947 return rt; 1948 } 1949 1950 static struct rt6_info *rt6_add_route_info(struct net *net, 1951 const struct in6_addr *prefix, int prefixlen, 1952 const struct in6_addr *gwaddr, int ifindex, 1953 unsigned int pref) 1954 { 1955 struct fib6_config cfg = { 1956 .fc_table = RT6_TABLE_INFO, 1957 .fc_metric = IP6_RT_PRIO_USER, 1958 .fc_ifindex = ifindex, 1959 .fc_dst_len = prefixlen, 1960 .fc_flags = RTF_GATEWAY | RTF_ADDRCONF | RTF_ROUTEINFO | 1961 RTF_UP | RTF_PREF(pref), 1962 .fc_nlinfo.portid = 0, 1963 .fc_nlinfo.nlh = NULL, 1964 .fc_nlinfo.nl_net = net, 1965 }; 1966 1967 cfg.fc_dst = *prefix; 1968 cfg.fc_gateway = *gwaddr; 1969 1970 /* We should treat it as a default route if prefix length is 0. */ 1971 if (!prefixlen) 1972 cfg.fc_flags |= RTF_DEFAULT; 1973 1974 ip6_route_add(&cfg); 1975 1976 return rt6_get_route_info(net, prefix, prefixlen, gwaddr, ifindex); 1977 } 1978 #endif 1979 1980 struct rt6_info *rt6_get_dflt_router(const struct in6_addr *addr, struct net_device *dev) 1981 { 1982 struct rt6_info *rt; 1983 struct fib6_table *table; 1984 1985 table = fib6_get_table(dev_net(dev), RT6_TABLE_DFLT); 1986 if (!table) 1987 return NULL; 1988 1989 read_lock_bh(&table->tb6_lock); 1990 for (rt = table->tb6_root.leaf; rt; rt = rt->dst.rt6_next) { 1991 if (dev == rt->dst.dev && 1992 ((rt->rt6i_flags & (RTF_ADDRCONF | RTF_DEFAULT)) == (RTF_ADDRCONF | RTF_DEFAULT)) && 1993 ipv6_addr_equal(&rt->rt6i_gateway, addr)) 1994 break; 1995 } 1996 if (rt) 1997 dst_hold(&rt->dst); 1998 read_unlock_bh(&table->tb6_lock); 1999 return rt; 2000 } 2001 2002 struct rt6_info *rt6_add_dflt_router(const struct in6_addr *gwaddr, 2003 struct net_device *dev, 2004 unsigned int pref) 2005 { 2006 struct fib6_config cfg = { 2007 .fc_table = RT6_TABLE_DFLT, 2008 .fc_metric = IP6_RT_PRIO_USER, 2009 .fc_ifindex = dev->ifindex, 2010 .fc_flags = RTF_GATEWAY | RTF_ADDRCONF | RTF_DEFAULT | 2011 RTF_UP | RTF_EXPIRES | RTF_PREF(pref), 2012 .fc_nlinfo.portid = 0, 2013 .fc_nlinfo.nlh = NULL, 2014 .fc_nlinfo.nl_net = dev_net(dev), 2015 }; 2016 2017 cfg.fc_gateway = *gwaddr; 2018 2019 ip6_route_add(&cfg); 2020 2021 return rt6_get_dflt_router(gwaddr, dev); 2022 } 2023 2024 void rt6_purge_dflt_routers(struct net *net) 2025 { 2026 struct rt6_info *rt; 2027 struct fib6_table *table; 2028 2029 /* NOTE: Keep consistent with rt6_get_dflt_router */ 2030 table = fib6_get_table(net, RT6_TABLE_DFLT); 2031 if (!table) 2032 return; 2033 2034 restart: 2035 read_lock_bh(&table->tb6_lock); 2036 for (rt = table->tb6_root.leaf; rt; rt = rt->dst.rt6_next) { 2037 if (rt->rt6i_flags & (RTF_DEFAULT | RTF_ADDRCONF) && 2038 (!rt->rt6i_idev || rt->rt6i_idev->cnf.accept_ra != 2)) { 2039 dst_hold(&rt->dst); 2040 read_unlock_bh(&table->tb6_lock); 2041 ip6_del_rt(rt); 2042 goto restart; 2043 } 2044 } 2045 read_unlock_bh(&table->tb6_lock); 2046 } 2047 2048 static void rtmsg_to_fib6_config(struct net *net, 2049 struct in6_rtmsg *rtmsg, 2050 struct fib6_config *cfg) 2051 { 2052 memset(cfg, 0, sizeof(*cfg)); 2053 2054 cfg->fc_table = RT6_TABLE_MAIN; 2055 cfg->fc_ifindex = rtmsg->rtmsg_ifindex; 2056 cfg->fc_metric = rtmsg->rtmsg_metric; 2057 cfg->fc_expires = rtmsg->rtmsg_info; 2058 cfg->fc_dst_len = rtmsg->rtmsg_dst_len; 2059 cfg->fc_src_len = rtmsg->rtmsg_src_len; 2060 cfg->fc_flags = rtmsg->rtmsg_flags; 2061 2062 cfg->fc_nlinfo.nl_net = net; 2063 2064 cfg->fc_dst = rtmsg->rtmsg_dst; 2065 cfg->fc_src = rtmsg->rtmsg_src; 2066 cfg->fc_gateway = rtmsg->rtmsg_gateway; 2067 } 2068 2069 int ipv6_route_ioctl(struct net *net, unsigned int cmd, void __user *arg) 2070 { 2071 struct fib6_config cfg; 2072 struct in6_rtmsg rtmsg; 2073 int err; 2074 2075 switch (cmd) { 2076 case SIOCADDRT: /* Add a route */ 2077 case SIOCDELRT: /* Delete a route */ 2078 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) 2079 return -EPERM; 2080 err = copy_from_user(&rtmsg, arg, 2081 sizeof(struct in6_rtmsg)); 2082 if (err) 2083 return -EFAULT; 2084 2085 rtmsg_to_fib6_config(net, &rtmsg, &cfg); 2086 2087 rtnl_lock(); 2088 switch (cmd) { 2089 case SIOCADDRT: 2090 err = ip6_route_add(&cfg); 2091 break; 2092 case SIOCDELRT: 2093 err = ip6_route_del(&cfg); 2094 break; 2095 default: 2096 err = -EINVAL; 2097 } 2098 rtnl_unlock(); 2099 2100 return err; 2101 } 2102 2103 return -EINVAL; 2104 } 2105 2106 /* 2107 * Drop the packet on the floor 2108 */ 2109 2110 static int ip6_pkt_drop(struct sk_buff *skb, u8 code, int ipstats_mib_noroutes) 2111 { 2112 int type; 2113 struct dst_entry *dst = skb_dst(skb); 2114 switch (ipstats_mib_noroutes) { 2115 case IPSTATS_MIB_INNOROUTES: 2116 type = ipv6_addr_type(&ipv6_hdr(skb)->daddr); 2117 if (type == IPV6_ADDR_ANY) { 2118 IP6_INC_STATS(dev_net(dst->dev), ip6_dst_idev(dst), 2119 IPSTATS_MIB_INADDRERRORS); 2120 break; 2121 } 2122 /* FALLTHROUGH */ 2123 case IPSTATS_MIB_OUTNOROUTES: 2124 IP6_INC_STATS(dev_net(dst->dev), ip6_dst_idev(dst), 2125 ipstats_mib_noroutes); 2126 break; 2127 } 2128 icmpv6_send(skb, ICMPV6_DEST_UNREACH, code, 0); 2129 kfree_skb(skb); 2130 return 0; 2131 } 2132 2133 static int ip6_pkt_discard(struct sk_buff *skb) 2134 { 2135 return ip6_pkt_drop(skb, ICMPV6_NOROUTE, IPSTATS_MIB_INNOROUTES); 2136 } 2137 2138 static int ip6_pkt_discard_out(struct sock *sk, struct sk_buff *skb) 2139 { 2140 skb->dev = skb_dst(skb)->dev; 2141 return ip6_pkt_drop(skb, ICMPV6_NOROUTE, IPSTATS_MIB_OUTNOROUTES); 2142 } 2143 2144 static int ip6_pkt_prohibit(struct sk_buff *skb) 2145 { 2146 return ip6_pkt_drop(skb, ICMPV6_ADM_PROHIBITED, IPSTATS_MIB_INNOROUTES); 2147 } 2148 2149 static int ip6_pkt_prohibit_out(struct sock *sk, struct sk_buff *skb) 2150 { 2151 skb->dev = skb_dst(skb)->dev; 2152 return ip6_pkt_drop(skb, ICMPV6_ADM_PROHIBITED, IPSTATS_MIB_OUTNOROUTES); 2153 } 2154 2155 /* 2156 * Allocate a dst for local (unicast / anycast) address. 2157 */ 2158 2159 struct rt6_info *addrconf_dst_alloc(struct inet6_dev *idev, 2160 const struct in6_addr *addr, 2161 bool anycast) 2162 { 2163 struct net *net = dev_net(idev->dev); 2164 struct rt6_info *rt = ip6_dst_alloc(net, net->loopback_dev, 2165 DST_NOCOUNT, NULL); 2166 if (!rt) 2167 return ERR_PTR(-ENOMEM); 2168 2169 in6_dev_hold(idev); 2170 2171 rt->dst.flags |= DST_HOST; 2172 rt->dst.input = ip6_input; 2173 rt->dst.output = ip6_output; 2174 rt->rt6i_idev = idev; 2175 2176 rt->rt6i_flags = RTF_UP | RTF_NONEXTHOP; 2177 if (anycast) 2178 rt->rt6i_flags |= RTF_ANYCAST; 2179 else 2180 rt->rt6i_flags |= RTF_LOCAL; 2181 2182 rt->rt6i_gateway = *addr; 2183 rt->rt6i_dst.addr = *addr; 2184 rt->rt6i_dst.plen = 128; 2185 rt->rt6i_table = fib6_get_table(net, RT6_TABLE_LOCAL); 2186 2187 atomic_set(&rt->dst.__refcnt, 1); 2188 2189 return rt; 2190 } 2191 2192 int ip6_route_get_saddr(struct net *net, 2193 struct rt6_info *rt, 2194 const struct in6_addr *daddr, 2195 unsigned int prefs, 2196 struct in6_addr *saddr) 2197 { 2198 struct inet6_dev *idev = ip6_dst_idev((struct dst_entry *)rt); 2199 int err = 0; 2200 if (rt->rt6i_prefsrc.plen) 2201 *saddr = rt->rt6i_prefsrc.addr; 2202 else 2203 err = ipv6_dev_get_saddr(net, idev ? idev->dev : NULL, 2204 daddr, prefs, saddr); 2205 return err; 2206 } 2207 2208 /* remove deleted ip from prefsrc entries */ 2209 struct arg_dev_net_ip { 2210 struct net_device *dev; 2211 struct net *net; 2212 struct in6_addr *addr; 2213 }; 2214 2215 static int fib6_remove_prefsrc(struct rt6_info *rt, void *arg) 2216 { 2217 struct net_device *dev = ((struct arg_dev_net_ip *)arg)->dev; 2218 struct net *net = ((struct arg_dev_net_ip *)arg)->net; 2219 struct in6_addr *addr = ((struct arg_dev_net_ip *)arg)->addr; 2220 2221 if (((void *)rt->dst.dev == dev || !dev) && 2222 rt != net->ipv6.ip6_null_entry && 2223 ipv6_addr_equal(addr, &rt->rt6i_prefsrc.addr)) { 2224 /* remove prefsrc entry */ 2225 rt->rt6i_prefsrc.plen = 0; 2226 } 2227 return 0; 2228 } 2229 2230 void rt6_remove_prefsrc(struct inet6_ifaddr *ifp) 2231 { 2232 struct net *net = dev_net(ifp->idev->dev); 2233 struct arg_dev_net_ip adni = { 2234 .dev = ifp->idev->dev, 2235 .net = net, 2236 .addr = &ifp->addr, 2237 }; 2238 fib6_clean_all(net, fib6_remove_prefsrc, &adni); 2239 } 2240 2241 #define RTF_RA_ROUTER (RTF_ADDRCONF | RTF_DEFAULT | RTF_GATEWAY) 2242 #define RTF_CACHE_GATEWAY (RTF_GATEWAY | RTF_CACHE) 2243 2244 /* Remove routers and update dst entries when gateway turn into host. */ 2245 static int fib6_clean_tohost(struct rt6_info *rt, void *arg) 2246 { 2247 struct in6_addr *gateway = (struct in6_addr *)arg; 2248 2249 if ((((rt->rt6i_flags & RTF_RA_ROUTER) == RTF_RA_ROUTER) || 2250 ((rt->rt6i_flags & RTF_CACHE_GATEWAY) == RTF_CACHE_GATEWAY)) && 2251 ipv6_addr_equal(gateway, &rt->rt6i_gateway)) { 2252 return -1; 2253 } 2254 return 0; 2255 } 2256 2257 void rt6_clean_tohost(struct net *net, struct in6_addr *gateway) 2258 { 2259 fib6_clean_all(net, fib6_clean_tohost, gateway); 2260 } 2261 2262 struct arg_dev_net { 2263 struct net_device *dev; 2264 struct net *net; 2265 }; 2266 2267 static int fib6_ifdown(struct rt6_info *rt, void *arg) 2268 { 2269 const struct arg_dev_net *adn = arg; 2270 const struct net_device *dev = adn->dev; 2271 2272 if ((rt->dst.dev == dev || !dev) && 2273 rt != adn->net->ipv6.ip6_null_entry) 2274 return -1; 2275 2276 return 0; 2277 } 2278 2279 void rt6_ifdown(struct net *net, struct net_device *dev) 2280 { 2281 struct arg_dev_net adn = { 2282 .dev = dev, 2283 .net = net, 2284 }; 2285 2286 fib6_clean_all(net, fib6_ifdown, &adn); 2287 icmp6_clean_all(fib6_ifdown, &adn); 2288 } 2289 2290 struct rt6_mtu_change_arg { 2291 struct net_device *dev; 2292 unsigned int mtu; 2293 }; 2294 2295 static int rt6_mtu_change_route(struct rt6_info *rt, void *p_arg) 2296 { 2297 struct rt6_mtu_change_arg *arg = (struct rt6_mtu_change_arg *) p_arg; 2298 struct inet6_dev *idev; 2299 2300 /* In IPv6 pmtu discovery is not optional, 2301 so that RTAX_MTU lock cannot disable it. 2302 We still use this lock to block changes 2303 caused by addrconf/ndisc. 2304 */ 2305 2306 idev = __in6_dev_get(arg->dev); 2307 if (!idev) 2308 return 0; 2309 2310 /* For administrative MTU increase, there is no way to discover 2311 IPv6 PMTU increase, so PMTU increase should be updated here. 2312 Since RFC 1981 doesn't include administrative MTU increase 2313 update PMTU increase is a MUST. (i.e. jumbo frame) 2314 */ 2315 /* 2316 If new MTU is less than route PMTU, this new MTU will be the 2317 lowest MTU in the path, update the route PMTU to reflect PMTU 2318 decreases; if new MTU is greater than route PMTU, and the 2319 old MTU is the lowest MTU in the path, update the route PMTU 2320 to reflect the increase. In this case if the other nodes' MTU 2321 also have the lowest MTU, TOO BIG MESSAGE will be lead to 2322 PMTU discouvery. 2323 */ 2324 if (rt->dst.dev == arg->dev && 2325 !dst_metric_locked(&rt->dst, RTAX_MTU) && 2326 (dst_mtu(&rt->dst) >= arg->mtu || 2327 (dst_mtu(&rt->dst) < arg->mtu && 2328 dst_mtu(&rt->dst) == idev->cnf.mtu6))) { 2329 dst_metric_set(&rt->dst, RTAX_MTU, arg->mtu); 2330 } 2331 return 0; 2332 } 2333 2334 void rt6_mtu_change(struct net_device *dev, unsigned int mtu) 2335 { 2336 struct rt6_mtu_change_arg arg = { 2337 .dev = dev, 2338 .mtu = mtu, 2339 }; 2340 2341 fib6_clean_all(dev_net(dev), rt6_mtu_change_route, &arg); 2342 } 2343 2344 static const struct nla_policy rtm_ipv6_policy[RTA_MAX+1] = { 2345 [RTA_GATEWAY] = { .len = sizeof(struct in6_addr) }, 2346 [RTA_OIF] = { .type = NLA_U32 }, 2347 [RTA_IIF] = { .type = NLA_U32 }, 2348 [RTA_PRIORITY] = { .type = NLA_U32 }, 2349 [RTA_METRICS] = { .type = NLA_NESTED }, 2350 [RTA_MULTIPATH] = { .len = sizeof(struct rtnexthop) }, 2351 }; 2352 2353 static int rtm_to_fib6_config(struct sk_buff *skb, struct nlmsghdr *nlh, 2354 struct fib6_config *cfg) 2355 { 2356 struct rtmsg *rtm; 2357 struct nlattr *tb[RTA_MAX+1]; 2358 int err; 2359 2360 err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_ipv6_policy); 2361 if (err < 0) 2362 goto errout; 2363 2364 err = -EINVAL; 2365 rtm = nlmsg_data(nlh); 2366 memset(cfg, 0, sizeof(*cfg)); 2367 2368 cfg->fc_table = rtm->rtm_table; 2369 cfg->fc_dst_len = rtm->rtm_dst_len; 2370 cfg->fc_src_len = rtm->rtm_src_len; 2371 cfg->fc_flags = RTF_UP; 2372 cfg->fc_protocol = rtm->rtm_protocol; 2373 cfg->fc_type = rtm->rtm_type; 2374 2375 if (rtm->rtm_type == RTN_UNREACHABLE || 2376 rtm->rtm_type == RTN_BLACKHOLE || 2377 rtm->rtm_type == RTN_PROHIBIT || 2378 rtm->rtm_type == RTN_THROW) 2379 cfg->fc_flags |= RTF_REJECT; 2380 2381 if (rtm->rtm_type == RTN_LOCAL) 2382 cfg->fc_flags |= RTF_LOCAL; 2383 2384 cfg->fc_nlinfo.portid = NETLINK_CB(skb).portid; 2385 cfg->fc_nlinfo.nlh = nlh; 2386 cfg->fc_nlinfo.nl_net = sock_net(skb->sk); 2387 2388 if (tb[RTA_GATEWAY]) { 2389 nla_memcpy(&cfg->fc_gateway, tb[RTA_GATEWAY], 16); 2390 cfg->fc_flags |= RTF_GATEWAY; 2391 } 2392 2393 if (tb[RTA_DST]) { 2394 int plen = (rtm->rtm_dst_len + 7) >> 3; 2395 2396 if (nla_len(tb[RTA_DST]) < plen) 2397 goto errout; 2398 2399 nla_memcpy(&cfg->fc_dst, tb[RTA_DST], plen); 2400 } 2401 2402 if (tb[RTA_SRC]) { 2403 int plen = (rtm->rtm_src_len + 7) >> 3; 2404 2405 if (nla_len(tb[RTA_SRC]) < plen) 2406 goto errout; 2407 2408 nla_memcpy(&cfg->fc_src, tb[RTA_SRC], plen); 2409 } 2410 2411 if (tb[RTA_PREFSRC]) 2412 nla_memcpy(&cfg->fc_prefsrc, tb[RTA_PREFSRC], 16); 2413 2414 if (tb[RTA_OIF]) 2415 cfg->fc_ifindex = nla_get_u32(tb[RTA_OIF]); 2416 2417 if (tb[RTA_PRIORITY]) 2418 cfg->fc_metric = nla_get_u32(tb[RTA_PRIORITY]); 2419 2420 if (tb[RTA_METRICS]) { 2421 cfg->fc_mx = nla_data(tb[RTA_METRICS]); 2422 cfg->fc_mx_len = nla_len(tb[RTA_METRICS]); 2423 } 2424 2425 if (tb[RTA_TABLE]) 2426 cfg->fc_table = nla_get_u32(tb[RTA_TABLE]); 2427 2428 if (tb[RTA_MULTIPATH]) { 2429 cfg->fc_mp = nla_data(tb[RTA_MULTIPATH]); 2430 cfg->fc_mp_len = nla_len(tb[RTA_MULTIPATH]); 2431 } 2432 2433 err = 0; 2434 errout: 2435 return err; 2436 } 2437 2438 static int ip6_route_multipath(struct fib6_config *cfg, int add) 2439 { 2440 struct fib6_config r_cfg; 2441 struct rtnexthop *rtnh; 2442 int remaining; 2443 int attrlen; 2444 int err = 0, last_err = 0; 2445 2446 beginning: 2447 rtnh = (struct rtnexthop *)cfg->fc_mp; 2448 remaining = cfg->fc_mp_len; 2449 2450 /* Parse a Multipath Entry */ 2451 while (rtnh_ok(rtnh, remaining)) { 2452 memcpy(&r_cfg, cfg, sizeof(*cfg)); 2453 if (rtnh->rtnh_ifindex) 2454 r_cfg.fc_ifindex = rtnh->rtnh_ifindex; 2455 2456 attrlen = rtnh_attrlen(rtnh); 2457 if (attrlen > 0) { 2458 struct nlattr *nla, *attrs = rtnh_attrs(rtnh); 2459 2460 nla = nla_find(attrs, attrlen, RTA_GATEWAY); 2461 if (nla) { 2462 nla_memcpy(&r_cfg.fc_gateway, nla, 16); 2463 r_cfg.fc_flags |= RTF_GATEWAY; 2464 } 2465 } 2466 err = add ? ip6_route_add(&r_cfg) : ip6_route_del(&r_cfg); 2467 if (err) { 2468 last_err = err; 2469 /* If we are trying to remove a route, do not stop the 2470 * loop when ip6_route_del() fails (because next hop is 2471 * already gone), we should try to remove all next hops. 2472 */ 2473 if (add) { 2474 /* If add fails, we should try to delete all 2475 * next hops that have been already added. 2476 */ 2477 add = 0; 2478 goto beginning; 2479 } 2480 } 2481 /* Because each route is added like a single route we remove 2482 * this flag after the first nexthop (if there is a collision, 2483 * we have already fail to add the first nexthop: 2484 * fib6_add_rt2node() has reject it). 2485 */ 2486 cfg->fc_nlinfo.nlh->nlmsg_flags &= ~NLM_F_EXCL; 2487 rtnh = rtnh_next(rtnh, &remaining); 2488 } 2489 2490 return last_err; 2491 } 2492 2493 static int inet6_rtm_delroute(struct sk_buff *skb, struct nlmsghdr *nlh) 2494 { 2495 struct fib6_config cfg; 2496 int err; 2497 2498 err = rtm_to_fib6_config(skb, nlh, &cfg); 2499 if (err < 0) 2500 return err; 2501 2502 if (cfg.fc_mp) 2503 return ip6_route_multipath(&cfg, 0); 2504 else 2505 return ip6_route_del(&cfg); 2506 } 2507 2508 static int inet6_rtm_newroute(struct sk_buff *skb, struct nlmsghdr *nlh) 2509 { 2510 struct fib6_config cfg; 2511 int err; 2512 2513 err = rtm_to_fib6_config(skb, nlh, &cfg); 2514 if (err < 0) 2515 return err; 2516 2517 if (cfg.fc_mp) 2518 return ip6_route_multipath(&cfg, 1); 2519 else 2520 return ip6_route_add(&cfg); 2521 } 2522 2523 static inline size_t rt6_nlmsg_size(void) 2524 { 2525 return NLMSG_ALIGN(sizeof(struct rtmsg)) 2526 + nla_total_size(16) /* RTA_SRC */ 2527 + nla_total_size(16) /* RTA_DST */ 2528 + nla_total_size(16) /* RTA_GATEWAY */ 2529 + nla_total_size(16) /* RTA_PREFSRC */ 2530 + nla_total_size(4) /* RTA_TABLE */ 2531 + nla_total_size(4) /* RTA_IIF */ 2532 + nla_total_size(4) /* RTA_OIF */ 2533 + nla_total_size(4) /* RTA_PRIORITY */ 2534 + RTAX_MAX * nla_total_size(4) /* RTA_METRICS */ 2535 + nla_total_size(sizeof(struct rta_cacheinfo)); 2536 } 2537 2538 static int rt6_fill_node(struct net *net, 2539 struct sk_buff *skb, struct rt6_info *rt, 2540 struct in6_addr *dst, struct in6_addr *src, 2541 int iif, int type, u32 portid, u32 seq, 2542 int prefix, int nowait, unsigned int flags) 2543 { 2544 struct rtmsg *rtm; 2545 struct nlmsghdr *nlh; 2546 long expires; 2547 u32 table; 2548 2549 if (prefix) { /* user wants prefix routes only */ 2550 if (!(rt->rt6i_flags & RTF_PREFIX_RT)) { 2551 /* success since this is not a prefix route */ 2552 return 1; 2553 } 2554 } 2555 2556 nlh = nlmsg_put(skb, portid, seq, type, sizeof(*rtm), flags); 2557 if (!nlh) 2558 return -EMSGSIZE; 2559 2560 rtm = nlmsg_data(nlh); 2561 rtm->rtm_family = AF_INET6; 2562 rtm->rtm_dst_len = rt->rt6i_dst.plen; 2563 rtm->rtm_src_len = rt->rt6i_src.plen; 2564 rtm->rtm_tos = 0; 2565 if (rt->rt6i_table) 2566 table = rt->rt6i_table->tb6_id; 2567 else 2568 table = RT6_TABLE_UNSPEC; 2569 rtm->rtm_table = table; 2570 if (nla_put_u32(skb, RTA_TABLE, table)) 2571 goto nla_put_failure; 2572 if (rt->rt6i_flags & RTF_REJECT) { 2573 switch (rt->dst.error) { 2574 case -EINVAL: 2575 rtm->rtm_type = RTN_BLACKHOLE; 2576 break; 2577 case -EACCES: 2578 rtm->rtm_type = RTN_PROHIBIT; 2579 break; 2580 case -EAGAIN: 2581 rtm->rtm_type = RTN_THROW; 2582 break; 2583 default: 2584 rtm->rtm_type = RTN_UNREACHABLE; 2585 break; 2586 } 2587 } 2588 else if (rt->rt6i_flags & RTF_LOCAL) 2589 rtm->rtm_type = RTN_LOCAL; 2590 else if (rt->dst.dev && (rt->dst.dev->flags & IFF_LOOPBACK)) 2591 rtm->rtm_type = RTN_LOCAL; 2592 else 2593 rtm->rtm_type = RTN_UNICAST; 2594 rtm->rtm_flags = 0; 2595 rtm->rtm_scope = RT_SCOPE_UNIVERSE; 2596 rtm->rtm_protocol = rt->rt6i_protocol; 2597 if (rt->rt6i_flags & RTF_DYNAMIC) 2598 rtm->rtm_protocol = RTPROT_REDIRECT; 2599 else if (rt->rt6i_flags & RTF_ADDRCONF) { 2600 if (rt->rt6i_flags & (RTF_DEFAULT | RTF_ROUTEINFO)) 2601 rtm->rtm_protocol = RTPROT_RA; 2602 else 2603 rtm->rtm_protocol = RTPROT_KERNEL; 2604 } 2605 2606 if (rt->rt6i_flags & RTF_CACHE) 2607 rtm->rtm_flags |= RTM_F_CLONED; 2608 2609 if (dst) { 2610 if (nla_put(skb, RTA_DST, 16, dst)) 2611 goto nla_put_failure; 2612 rtm->rtm_dst_len = 128; 2613 } else if (rtm->rtm_dst_len) 2614 if (nla_put(skb, RTA_DST, 16, &rt->rt6i_dst.addr)) 2615 goto nla_put_failure; 2616 #ifdef CONFIG_IPV6_SUBTREES 2617 if (src) { 2618 if (nla_put(skb, RTA_SRC, 16, src)) 2619 goto nla_put_failure; 2620 rtm->rtm_src_len = 128; 2621 } else if (rtm->rtm_src_len && 2622 nla_put(skb, RTA_SRC, 16, &rt->rt6i_src.addr)) 2623 goto nla_put_failure; 2624 #endif 2625 if (iif) { 2626 #ifdef CONFIG_IPV6_MROUTE 2627 if (ipv6_addr_is_multicast(&rt->rt6i_dst.addr)) { 2628 int err = ip6mr_get_route(net, skb, rtm, nowait); 2629 if (err <= 0) { 2630 if (!nowait) { 2631 if (err == 0) 2632 return 0; 2633 goto nla_put_failure; 2634 } else { 2635 if (err == -EMSGSIZE) 2636 goto nla_put_failure; 2637 } 2638 } 2639 } else 2640 #endif 2641 if (nla_put_u32(skb, RTA_IIF, iif)) 2642 goto nla_put_failure; 2643 } else if (dst) { 2644 struct in6_addr saddr_buf; 2645 if (ip6_route_get_saddr(net, rt, dst, 0, &saddr_buf) == 0 && 2646 nla_put(skb, RTA_PREFSRC, 16, &saddr_buf)) 2647 goto nla_put_failure; 2648 } 2649 2650 if (rt->rt6i_prefsrc.plen) { 2651 struct in6_addr saddr_buf; 2652 saddr_buf = rt->rt6i_prefsrc.addr; 2653 if (nla_put(skb, RTA_PREFSRC, 16, &saddr_buf)) 2654 goto nla_put_failure; 2655 } 2656 2657 if (rtnetlink_put_metrics(skb, dst_metrics_ptr(&rt->dst)) < 0) 2658 goto nla_put_failure; 2659 2660 if (rt->rt6i_flags & RTF_GATEWAY) { 2661 if (nla_put(skb, RTA_GATEWAY, 16, &rt->rt6i_gateway) < 0) 2662 goto nla_put_failure; 2663 } 2664 2665 if (rt->dst.dev && 2666 nla_put_u32(skb, RTA_OIF, rt->dst.dev->ifindex)) 2667 goto nla_put_failure; 2668 if (nla_put_u32(skb, RTA_PRIORITY, rt->rt6i_metric)) 2669 goto nla_put_failure; 2670 2671 expires = (rt->rt6i_flags & RTF_EXPIRES) ? rt->dst.expires - jiffies : 0; 2672 2673 if (rtnl_put_cacheinfo(skb, &rt->dst, 0, expires, rt->dst.error) < 0) 2674 goto nla_put_failure; 2675 2676 return nlmsg_end(skb, nlh); 2677 2678 nla_put_failure: 2679 nlmsg_cancel(skb, nlh); 2680 return -EMSGSIZE; 2681 } 2682 2683 int rt6_dump_route(struct rt6_info *rt, void *p_arg) 2684 { 2685 struct rt6_rtnl_dump_arg *arg = (struct rt6_rtnl_dump_arg *) p_arg; 2686 int prefix; 2687 2688 if (nlmsg_len(arg->cb->nlh) >= sizeof(struct rtmsg)) { 2689 struct rtmsg *rtm = nlmsg_data(arg->cb->nlh); 2690 prefix = (rtm->rtm_flags & RTM_F_PREFIX) != 0; 2691 } else 2692 prefix = 0; 2693 2694 return rt6_fill_node(arg->net, 2695 arg->skb, rt, NULL, NULL, 0, RTM_NEWROUTE, 2696 NETLINK_CB(arg->cb->skb).portid, arg->cb->nlh->nlmsg_seq, 2697 prefix, 0, NLM_F_MULTI); 2698 } 2699 2700 static int inet6_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr *nlh) 2701 { 2702 struct net *net = sock_net(in_skb->sk); 2703 struct nlattr *tb[RTA_MAX+1]; 2704 struct rt6_info *rt; 2705 struct sk_buff *skb; 2706 struct rtmsg *rtm; 2707 struct flowi6 fl6; 2708 int err, iif = 0, oif = 0; 2709 2710 err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_ipv6_policy); 2711 if (err < 0) 2712 goto errout; 2713 2714 err = -EINVAL; 2715 memset(&fl6, 0, sizeof(fl6)); 2716 2717 if (tb[RTA_SRC]) { 2718 if (nla_len(tb[RTA_SRC]) < sizeof(struct in6_addr)) 2719 goto errout; 2720 2721 fl6.saddr = *(struct in6_addr *)nla_data(tb[RTA_SRC]); 2722 } 2723 2724 if (tb[RTA_DST]) { 2725 if (nla_len(tb[RTA_DST]) < sizeof(struct in6_addr)) 2726 goto errout; 2727 2728 fl6.daddr = *(struct in6_addr *)nla_data(tb[RTA_DST]); 2729 } 2730 2731 if (tb[RTA_IIF]) 2732 iif = nla_get_u32(tb[RTA_IIF]); 2733 2734 if (tb[RTA_OIF]) 2735 oif = nla_get_u32(tb[RTA_OIF]); 2736 2737 if (tb[RTA_MARK]) 2738 fl6.flowi6_mark = nla_get_u32(tb[RTA_MARK]); 2739 2740 if (iif) { 2741 struct net_device *dev; 2742 int flags = 0; 2743 2744 dev = __dev_get_by_index(net, iif); 2745 if (!dev) { 2746 err = -ENODEV; 2747 goto errout; 2748 } 2749 2750 fl6.flowi6_iif = iif; 2751 2752 if (!ipv6_addr_any(&fl6.saddr)) 2753 flags |= RT6_LOOKUP_F_HAS_SADDR; 2754 2755 rt = (struct rt6_info *)ip6_route_input_lookup(net, dev, &fl6, 2756 flags); 2757 } else { 2758 fl6.flowi6_oif = oif; 2759 2760 rt = (struct rt6_info *)ip6_route_output(net, NULL, &fl6); 2761 } 2762 2763 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL); 2764 if (!skb) { 2765 ip6_rt_put(rt); 2766 err = -ENOBUFS; 2767 goto errout; 2768 } 2769 2770 /* Reserve room for dummy headers, this skb can pass 2771 through good chunk of routing engine. 2772 */ 2773 skb_reset_mac_header(skb); 2774 skb_reserve(skb, MAX_HEADER + sizeof(struct ipv6hdr)); 2775 2776 skb_dst_set(skb, &rt->dst); 2777 2778 err = rt6_fill_node(net, skb, rt, &fl6.daddr, &fl6.saddr, iif, 2779 RTM_NEWROUTE, NETLINK_CB(in_skb).portid, 2780 nlh->nlmsg_seq, 0, 0, 0); 2781 if (err < 0) { 2782 kfree_skb(skb); 2783 goto errout; 2784 } 2785 2786 err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).portid); 2787 errout: 2788 return err; 2789 } 2790 2791 void inet6_rt_notify(int event, struct rt6_info *rt, struct nl_info *info) 2792 { 2793 struct sk_buff *skb; 2794 struct net *net = info->nl_net; 2795 u32 seq; 2796 int err; 2797 2798 err = -ENOBUFS; 2799 seq = info->nlh ? info->nlh->nlmsg_seq : 0; 2800 2801 skb = nlmsg_new(rt6_nlmsg_size(), gfp_any()); 2802 if (!skb) 2803 goto errout; 2804 2805 err = rt6_fill_node(net, skb, rt, NULL, NULL, 0, 2806 event, info->portid, seq, 0, 0, 0); 2807 if (err < 0) { 2808 /* -EMSGSIZE implies BUG in rt6_nlmsg_size() */ 2809 WARN_ON(err == -EMSGSIZE); 2810 kfree_skb(skb); 2811 goto errout; 2812 } 2813 rtnl_notify(skb, net, info->portid, RTNLGRP_IPV6_ROUTE, 2814 info->nlh, gfp_any()); 2815 return; 2816 errout: 2817 if (err < 0) 2818 rtnl_set_sk_err(net, RTNLGRP_IPV6_ROUTE, err); 2819 } 2820 2821 static int ip6_route_dev_notify(struct notifier_block *this, 2822 unsigned long event, void *ptr) 2823 { 2824 struct net_device *dev = netdev_notifier_info_to_dev(ptr); 2825 struct net *net = dev_net(dev); 2826 2827 if (event == NETDEV_REGISTER && (dev->flags & IFF_LOOPBACK)) { 2828 net->ipv6.ip6_null_entry->dst.dev = dev; 2829 net->ipv6.ip6_null_entry->rt6i_idev = in6_dev_get(dev); 2830 #ifdef CONFIG_IPV6_MULTIPLE_TABLES 2831 net->ipv6.ip6_prohibit_entry->dst.dev = dev; 2832 net->ipv6.ip6_prohibit_entry->rt6i_idev = in6_dev_get(dev); 2833 net->ipv6.ip6_blk_hole_entry->dst.dev = dev; 2834 net->ipv6.ip6_blk_hole_entry->rt6i_idev = in6_dev_get(dev); 2835 #endif 2836 } 2837 2838 return NOTIFY_OK; 2839 } 2840 2841 /* 2842 * /proc 2843 */ 2844 2845 #ifdef CONFIG_PROC_FS 2846 2847 static const struct file_operations ipv6_route_proc_fops = { 2848 .owner = THIS_MODULE, 2849 .open = ipv6_route_open, 2850 .read = seq_read, 2851 .llseek = seq_lseek, 2852 .release = seq_release_net, 2853 }; 2854 2855 static int rt6_stats_seq_show(struct seq_file *seq, void *v) 2856 { 2857 struct net *net = (struct net *)seq->private; 2858 seq_printf(seq, "%04x %04x %04x %04x %04x %04x %04x\n", 2859 net->ipv6.rt6_stats->fib_nodes, 2860 net->ipv6.rt6_stats->fib_route_nodes, 2861 net->ipv6.rt6_stats->fib_rt_alloc, 2862 net->ipv6.rt6_stats->fib_rt_entries, 2863 net->ipv6.rt6_stats->fib_rt_cache, 2864 dst_entries_get_slow(&net->ipv6.ip6_dst_ops), 2865 net->ipv6.rt6_stats->fib_discarded_routes); 2866 2867 return 0; 2868 } 2869 2870 static int rt6_stats_seq_open(struct inode *inode, struct file *file) 2871 { 2872 return single_open_net(inode, file, rt6_stats_seq_show); 2873 } 2874 2875 static const struct file_operations rt6_stats_seq_fops = { 2876 .owner = THIS_MODULE, 2877 .open = rt6_stats_seq_open, 2878 .read = seq_read, 2879 .llseek = seq_lseek, 2880 .release = single_release_net, 2881 }; 2882 #endif /* CONFIG_PROC_FS */ 2883 2884 #ifdef CONFIG_SYSCTL 2885 2886 static 2887 int ipv6_sysctl_rtcache_flush(struct ctl_table *ctl, int write, 2888 void __user *buffer, size_t *lenp, loff_t *ppos) 2889 { 2890 struct net *net; 2891 int delay; 2892 if (!write) 2893 return -EINVAL; 2894 2895 net = (struct net *)ctl->extra1; 2896 delay = net->ipv6.sysctl.flush_delay; 2897 proc_dointvec(ctl, write, buffer, lenp, ppos); 2898 fib6_run_gc(delay <= 0 ? 0 : (unsigned long)delay, net, delay > 0); 2899 return 0; 2900 } 2901 2902 struct ctl_table ipv6_route_table_template[] = { 2903 { 2904 .procname = "flush", 2905 .data = &init_net.ipv6.sysctl.flush_delay, 2906 .maxlen = sizeof(int), 2907 .mode = 0200, 2908 .proc_handler = ipv6_sysctl_rtcache_flush 2909 }, 2910 { 2911 .procname = "gc_thresh", 2912 .data = &ip6_dst_ops_template.gc_thresh, 2913 .maxlen = sizeof(int), 2914 .mode = 0644, 2915 .proc_handler = proc_dointvec, 2916 }, 2917 { 2918 .procname = "max_size", 2919 .data = &init_net.ipv6.sysctl.ip6_rt_max_size, 2920 .maxlen = sizeof(int), 2921 .mode = 0644, 2922 .proc_handler = proc_dointvec, 2923 }, 2924 { 2925 .procname = "gc_min_interval", 2926 .data = &init_net.ipv6.sysctl.ip6_rt_gc_min_interval, 2927 .maxlen = sizeof(int), 2928 .mode = 0644, 2929 .proc_handler = proc_dointvec_jiffies, 2930 }, 2931 { 2932 .procname = "gc_timeout", 2933 .data = &init_net.ipv6.sysctl.ip6_rt_gc_timeout, 2934 .maxlen = sizeof(int), 2935 .mode = 0644, 2936 .proc_handler = proc_dointvec_jiffies, 2937 }, 2938 { 2939 .procname = "gc_interval", 2940 .data = &init_net.ipv6.sysctl.ip6_rt_gc_interval, 2941 .maxlen = sizeof(int), 2942 .mode = 0644, 2943 .proc_handler = proc_dointvec_jiffies, 2944 }, 2945 { 2946 .procname = "gc_elasticity", 2947 .data = &init_net.ipv6.sysctl.ip6_rt_gc_elasticity, 2948 .maxlen = sizeof(int), 2949 .mode = 0644, 2950 .proc_handler = proc_dointvec, 2951 }, 2952 { 2953 .procname = "mtu_expires", 2954 .data = &init_net.ipv6.sysctl.ip6_rt_mtu_expires, 2955 .maxlen = sizeof(int), 2956 .mode = 0644, 2957 .proc_handler = proc_dointvec_jiffies, 2958 }, 2959 { 2960 .procname = "min_adv_mss", 2961 .data = &init_net.ipv6.sysctl.ip6_rt_min_advmss, 2962 .maxlen = sizeof(int), 2963 .mode = 0644, 2964 .proc_handler = proc_dointvec, 2965 }, 2966 { 2967 .procname = "gc_min_interval_ms", 2968 .data = &init_net.ipv6.sysctl.ip6_rt_gc_min_interval, 2969 .maxlen = sizeof(int), 2970 .mode = 0644, 2971 .proc_handler = proc_dointvec_ms_jiffies, 2972 }, 2973 { } 2974 }; 2975 2976 struct ctl_table * __net_init ipv6_route_sysctl_init(struct net *net) 2977 { 2978 struct ctl_table *table; 2979 2980 table = kmemdup(ipv6_route_table_template, 2981 sizeof(ipv6_route_table_template), 2982 GFP_KERNEL); 2983 2984 if (table) { 2985 table[0].data = &net->ipv6.sysctl.flush_delay; 2986 table[0].extra1 = net; 2987 table[1].data = &net->ipv6.ip6_dst_ops.gc_thresh; 2988 table[2].data = &net->ipv6.sysctl.ip6_rt_max_size; 2989 table[3].data = &net->ipv6.sysctl.ip6_rt_gc_min_interval; 2990 table[4].data = &net->ipv6.sysctl.ip6_rt_gc_timeout; 2991 table[5].data = &net->ipv6.sysctl.ip6_rt_gc_interval; 2992 table[6].data = &net->ipv6.sysctl.ip6_rt_gc_elasticity; 2993 table[7].data = &net->ipv6.sysctl.ip6_rt_mtu_expires; 2994 table[8].data = &net->ipv6.sysctl.ip6_rt_min_advmss; 2995 table[9].data = &net->ipv6.sysctl.ip6_rt_gc_min_interval; 2996 2997 /* Don't export sysctls to unprivileged users */ 2998 if (net->user_ns != &init_user_ns) 2999 table[0].procname = NULL; 3000 } 3001 3002 return table; 3003 } 3004 #endif 3005 3006 static int __net_init ip6_route_net_init(struct net *net) 3007 { 3008 int ret = -ENOMEM; 3009 3010 memcpy(&net->ipv6.ip6_dst_ops, &ip6_dst_ops_template, 3011 sizeof(net->ipv6.ip6_dst_ops)); 3012 3013 if (dst_entries_init(&net->ipv6.ip6_dst_ops) < 0) 3014 goto out_ip6_dst_ops; 3015 3016 net->ipv6.ip6_null_entry = kmemdup(&ip6_null_entry_template, 3017 sizeof(*net->ipv6.ip6_null_entry), 3018 GFP_KERNEL); 3019 if (!net->ipv6.ip6_null_entry) 3020 goto out_ip6_dst_entries; 3021 net->ipv6.ip6_null_entry->dst.path = 3022 (struct dst_entry *)net->ipv6.ip6_null_entry; 3023 net->ipv6.ip6_null_entry->dst.ops = &net->ipv6.ip6_dst_ops; 3024 dst_init_metrics(&net->ipv6.ip6_null_entry->dst, 3025 ip6_template_metrics, true); 3026 3027 #ifdef CONFIG_IPV6_MULTIPLE_TABLES 3028 net->ipv6.ip6_prohibit_entry = kmemdup(&ip6_prohibit_entry_template, 3029 sizeof(*net->ipv6.ip6_prohibit_entry), 3030 GFP_KERNEL); 3031 if (!net->ipv6.ip6_prohibit_entry) 3032 goto out_ip6_null_entry; 3033 net->ipv6.ip6_prohibit_entry->dst.path = 3034 (struct dst_entry *)net->ipv6.ip6_prohibit_entry; 3035 net->ipv6.ip6_prohibit_entry->dst.ops = &net->ipv6.ip6_dst_ops; 3036 dst_init_metrics(&net->ipv6.ip6_prohibit_entry->dst, 3037 ip6_template_metrics, true); 3038 3039 net->ipv6.ip6_blk_hole_entry = kmemdup(&ip6_blk_hole_entry_template, 3040 sizeof(*net->ipv6.ip6_blk_hole_entry), 3041 GFP_KERNEL); 3042 if (!net->ipv6.ip6_blk_hole_entry) 3043 goto out_ip6_prohibit_entry; 3044 net->ipv6.ip6_blk_hole_entry->dst.path = 3045 (struct dst_entry *)net->ipv6.ip6_blk_hole_entry; 3046 net->ipv6.ip6_blk_hole_entry->dst.ops = &net->ipv6.ip6_dst_ops; 3047 dst_init_metrics(&net->ipv6.ip6_blk_hole_entry->dst, 3048 ip6_template_metrics, true); 3049 #endif 3050 3051 net->ipv6.sysctl.flush_delay = 0; 3052 net->ipv6.sysctl.ip6_rt_max_size = 4096; 3053 net->ipv6.sysctl.ip6_rt_gc_min_interval = HZ / 2; 3054 net->ipv6.sysctl.ip6_rt_gc_timeout = 60*HZ; 3055 net->ipv6.sysctl.ip6_rt_gc_interval = 30*HZ; 3056 net->ipv6.sysctl.ip6_rt_gc_elasticity = 9; 3057 net->ipv6.sysctl.ip6_rt_mtu_expires = 10*60*HZ; 3058 net->ipv6.sysctl.ip6_rt_min_advmss = IPV6_MIN_MTU - 20 - 40; 3059 3060 net->ipv6.ip6_rt_gc_expire = 30*HZ; 3061 3062 ret = 0; 3063 out: 3064 return ret; 3065 3066 #ifdef CONFIG_IPV6_MULTIPLE_TABLES 3067 out_ip6_prohibit_entry: 3068 kfree(net->ipv6.ip6_prohibit_entry); 3069 out_ip6_null_entry: 3070 kfree(net->ipv6.ip6_null_entry); 3071 #endif 3072 out_ip6_dst_entries: 3073 dst_entries_destroy(&net->ipv6.ip6_dst_ops); 3074 out_ip6_dst_ops: 3075 goto out; 3076 } 3077 3078 static void __net_exit ip6_route_net_exit(struct net *net) 3079 { 3080 kfree(net->ipv6.ip6_null_entry); 3081 #ifdef CONFIG_IPV6_MULTIPLE_TABLES 3082 kfree(net->ipv6.ip6_prohibit_entry); 3083 kfree(net->ipv6.ip6_blk_hole_entry); 3084 #endif 3085 dst_entries_destroy(&net->ipv6.ip6_dst_ops); 3086 } 3087 3088 static int __net_init ip6_route_net_init_late(struct net *net) 3089 { 3090 #ifdef CONFIG_PROC_FS 3091 proc_create("ipv6_route", 0, net->proc_net, &ipv6_route_proc_fops); 3092 proc_create("rt6_stats", S_IRUGO, net->proc_net, &rt6_stats_seq_fops); 3093 #endif 3094 return 0; 3095 } 3096 3097 static void __net_exit ip6_route_net_exit_late(struct net *net) 3098 { 3099 #ifdef CONFIG_PROC_FS 3100 remove_proc_entry("ipv6_route", net->proc_net); 3101 remove_proc_entry("rt6_stats", net->proc_net); 3102 #endif 3103 } 3104 3105 static struct pernet_operations ip6_route_net_ops = { 3106 .init = ip6_route_net_init, 3107 .exit = ip6_route_net_exit, 3108 }; 3109 3110 static int __net_init ipv6_inetpeer_init(struct net *net) 3111 { 3112 struct inet_peer_base *bp = kmalloc(sizeof(*bp), GFP_KERNEL); 3113 3114 if (!bp) 3115 return -ENOMEM; 3116 inet_peer_base_init(bp); 3117 net->ipv6.peers = bp; 3118 return 0; 3119 } 3120 3121 static void __net_exit ipv6_inetpeer_exit(struct net *net) 3122 { 3123 struct inet_peer_base *bp = net->ipv6.peers; 3124 3125 net->ipv6.peers = NULL; 3126 inetpeer_invalidate_tree(bp); 3127 kfree(bp); 3128 } 3129 3130 static struct pernet_operations ipv6_inetpeer_ops = { 3131 .init = ipv6_inetpeer_init, 3132 .exit = ipv6_inetpeer_exit, 3133 }; 3134 3135 static struct pernet_operations ip6_route_net_late_ops = { 3136 .init = ip6_route_net_init_late, 3137 .exit = ip6_route_net_exit_late, 3138 }; 3139 3140 static struct notifier_block ip6_route_dev_notifier = { 3141 .notifier_call = ip6_route_dev_notify, 3142 .priority = 0, 3143 }; 3144 3145 int __init ip6_route_init(void) 3146 { 3147 int ret; 3148 3149 ret = -ENOMEM; 3150 ip6_dst_ops_template.kmem_cachep = 3151 kmem_cache_create("ip6_dst_cache", sizeof(struct rt6_info), 0, 3152 SLAB_HWCACHE_ALIGN, NULL); 3153 if (!ip6_dst_ops_template.kmem_cachep) 3154 goto out; 3155 3156 ret = dst_entries_init(&ip6_dst_blackhole_ops); 3157 if (ret) 3158 goto out_kmem_cache; 3159 3160 ret = register_pernet_subsys(&ipv6_inetpeer_ops); 3161 if (ret) 3162 goto out_dst_entries; 3163 3164 ret = register_pernet_subsys(&ip6_route_net_ops); 3165 if (ret) 3166 goto out_register_inetpeer; 3167 3168 ip6_dst_blackhole_ops.kmem_cachep = ip6_dst_ops_template.kmem_cachep; 3169 3170 /* Registering of the loopback is done before this portion of code, 3171 * the loopback reference in rt6_info will not be taken, do it 3172 * manually for init_net */ 3173 init_net.ipv6.ip6_null_entry->dst.dev = init_net.loopback_dev; 3174 init_net.ipv6.ip6_null_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev); 3175 #ifdef CONFIG_IPV6_MULTIPLE_TABLES 3176 init_net.ipv6.ip6_prohibit_entry->dst.dev = init_net.loopback_dev; 3177 init_net.ipv6.ip6_prohibit_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev); 3178 init_net.ipv6.ip6_blk_hole_entry->dst.dev = init_net.loopback_dev; 3179 init_net.ipv6.ip6_blk_hole_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev); 3180 #endif 3181 ret = fib6_init(); 3182 if (ret) 3183 goto out_register_subsys; 3184 3185 ret = xfrm6_init(); 3186 if (ret) 3187 goto out_fib6_init; 3188 3189 ret = fib6_rules_init(); 3190 if (ret) 3191 goto xfrm6_init; 3192 3193 ret = register_pernet_subsys(&ip6_route_net_late_ops); 3194 if (ret) 3195 goto fib6_rules_init; 3196 3197 ret = -ENOBUFS; 3198 if (__rtnl_register(PF_INET6, RTM_NEWROUTE, inet6_rtm_newroute, NULL, NULL) || 3199 __rtnl_register(PF_INET6, RTM_DELROUTE, inet6_rtm_delroute, NULL, NULL) || 3200 __rtnl_register(PF_INET6, RTM_GETROUTE, inet6_rtm_getroute, NULL, NULL)) 3201 goto out_register_late_subsys; 3202 3203 ret = register_netdevice_notifier(&ip6_route_dev_notifier); 3204 if (ret) 3205 goto out_register_late_subsys; 3206 3207 out: 3208 return ret; 3209 3210 out_register_late_subsys: 3211 unregister_pernet_subsys(&ip6_route_net_late_ops); 3212 fib6_rules_init: 3213 fib6_rules_cleanup(); 3214 xfrm6_init: 3215 xfrm6_fini(); 3216 out_fib6_init: 3217 fib6_gc_cleanup(); 3218 out_register_subsys: 3219 unregister_pernet_subsys(&ip6_route_net_ops); 3220 out_register_inetpeer: 3221 unregister_pernet_subsys(&ipv6_inetpeer_ops); 3222 out_dst_entries: 3223 dst_entries_destroy(&ip6_dst_blackhole_ops); 3224 out_kmem_cache: 3225 kmem_cache_destroy(ip6_dst_ops_template.kmem_cachep); 3226 goto out; 3227 } 3228 3229 void ip6_route_cleanup(void) 3230 { 3231 unregister_netdevice_notifier(&ip6_route_dev_notifier); 3232 unregister_pernet_subsys(&ip6_route_net_late_ops); 3233 fib6_rules_cleanup(); 3234 xfrm6_fini(); 3235 fib6_gc_cleanup(); 3236 unregister_pernet_subsys(&ipv6_inetpeer_ops); 3237 unregister_pernet_subsys(&ip6_route_net_ops); 3238 dst_entries_destroy(&ip6_dst_blackhole_ops); 3239 kmem_cache_destroy(ip6_dst_ops_template.kmem_cachep); 3240 } 3241