1 /* 2 * INET An implementation of the TCP/IP protocol suite for the LINUX 3 * operating system. INET is implemented using the BSD Socket 4 * interface as the means of communication with the user level. 5 * 6 * IPv4 Forwarding Information Base: semantics. 7 * 8 * Authors: Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru> 9 * 10 * This program is free software; you can redistribute it and/or 11 * modify it under the terms of the GNU General Public License 12 * as published by the Free Software Foundation; either version 13 * 2 of the License, or (at your option) any later version. 14 */ 15 16 #include <asm/uaccess.h> 17 #include <asm/system.h> 18 #include <linux/bitops.h> 19 #include <linux/types.h> 20 #include <linux/kernel.h> 21 #include <linux/jiffies.h> 22 #include <linux/mm.h> 23 #include <linux/string.h> 24 #include <linux/socket.h> 25 #include <linux/sockios.h> 26 #include <linux/errno.h> 27 #include <linux/in.h> 28 #include <linux/inet.h> 29 #include <linux/inetdevice.h> 30 #include <linux/netdevice.h> 31 #include <linux/if_arp.h> 32 #include <linux/proc_fs.h> 33 #include <linux/skbuff.h> 34 #include <linux/init.h> 35 #include <linux/slab.h> 36 37 #include <net/arp.h> 38 #include <net/ip.h> 39 #include <net/protocol.h> 40 #include <net/route.h> 41 #include <net/tcp.h> 42 #include <net/sock.h> 43 #include <net/ip_fib.h> 44 #include <net/netlink.h> 45 #include <net/nexthop.h> 46 47 #include "fib_lookup.h" 48 49 static DEFINE_SPINLOCK(fib_info_lock); 50 static struct hlist_head *fib_info_hash; 51 static struct hlist_head *fib_info_laddrhash; 52 static unsigned int fib_hash_size; 53 static unsigned int fib_info_cnt; 54 55 #define DEVINDEX_HASHBITS 8 56 #define DEVINDEX_HASHSIZE (1U << DEVINDEX_HASHBITS) 57 static struct hlist_head fib_info_devhash[DEVINDEX_HASHSIZE]; 58 59 #ifdef CONFIG_IP_ROUTE_MULTIPATH 60 61 static DEFINE_SPINLOCK(fib_multipath_lock); 62 63 #define for_nexthops(fi) { \ 64 int nhsel; const struct fib_nh *nh; \ 65 for (nhsel = 0, nh = (fi)->fib_nh; \ 66 nhsel < (fi)->fib_nhs; \ 67 nh++, nhsel++) 68 69 #define change_nexthops(fi) { \ 70 int nhsel; struct fib_nh *nexthop_nh; \ 71 for (nhsel = 0, nexthop_nh = (struct fib_nh *)((fi)->fib_nh); \ 72 nhsel < (fi)->fib_nhs; \ 73 nexthop_nh++, nhsel++) 74 75 #else /* CONFIG_IP_ROUTE_MULTIPATH */ 76 77 /* Hope, that gcc will optimize it to get rid of dummy loop */ 78 79 #define for_nexthops(fi) { \ 80 int nhsel; const struct fib_nh *nh = (fi)->fib_nh; \ 81 for (nhsel = 0; nhsel < 1; nhsel++) 82 83 #define change_nexthops(fi) { \ 84 int nhsel; \ 85 struct fib_nh *nexthop_nh = (struct fib_nh *)((fi)->fib_nh); \ 86 for (nhsel = 0; nhsel < 1; nhsel++) 87 88 #endif /* CONFIG_IP_ROUTE_MULTIPATH */ 89 90 #define endfor_nexthops(fi) } 91 92 93 static const struct 94 { 95 int error; 96 u8 scope; 97 } fib_props[RTN_MAX + 1] = { 98 [RTN_UNSPEC] = { 99 .error = 0, 100 .scope = RT_SCOPE_NOWHERE, 101 }, 102 [RTN_UNICAST] = { 103 .error = 0, 104 .scope = RT_SCOPE_UNIVERSE, 105 }, 106 [RTN_LOCAL] = { 107 .error = 0, 108 .scope = RT_SCOPE_HOST, 109 }, 110 [RTN_BROADCAST] = { 111 .error = 0, 112 .scope = RT_SCOPE_LINK, 113 }, 114 [RTN_ANYCAST] = { 115 .error = 0, 116 .scope = RT_SCOPE_LINK, 117 }, 118 [RTN_MULTICAST] = { 119 .error = 0, 120 .scope = RT_SCOPE_UNIVERSE, 121 }, 122 [RTN_BLACKHOLE] = { 123 .error = -EINVAL, 124 .scope = RT_SCOPE_UNIVERSE, 125 }, 126 [RTN_UNREACHABLE] = { 127 .error = -EHOSTUNREACH, 128 .scope = RT_SCOPE_UNIVERSE, 129 }, 130 [RTN_PROHIBIT] = { 131 .error = -EACCES, 132 .scope = RT_SCOPE_UNIVERSE, 133 }, 134 [RTN_THROW] = { 135 .error = -EAGAIN, 136 .scope = RT_SCOPE_UNIVERSE, 137 }, 138 [RTN_NAT] = { 139 .error = -EINVAL, 140 .scope = RT_SCOPE_NOWHERE, 141 }, 142 [RTN_XRESOLVE] = { 143 .error = -EINVAL, 144 .scope = RT_SCOPE_NOWHERE, 145 }, 146 }; 147 148 149 /* Release a nexthop info record */ 150 151 static void free_fib_info_rcu(struct rcu_head *head) 152 { 153 struct fib_info *fi = container_of(head, struct fib_info, rcu); 154 155 kfree(fi); 156 } 157 158 void free_fib_info(struct fib_info *fi) 159 { 160 if (fi->fib_dead == 0) { 161 pr_warning("Freeing alive fib_info %p\n", fi); 162 return; 163 } 164 change_nexthops(fi) { 165 if (nexthop_nh->nh_dev) 166 dev_put(nexthop_nh->nh_dev); 167 nexthop_nh->nh_dev = NULL; 168 } endfor_nexthops(fi); 169 fib_info_cnt--; 170 release_net(fi->fib_net); 171 call_rcu(&fi->rcu, free_fib_info_rcu); 172 } 173 174 void fib_release_info(struct fib_info *fi) 175 { 176 spin_lock_bh(&fib_info_lock); 177 if (fi && --fi->fib_treeref == 0) { 178 hlist_del(&fi->fib_hash); 179 if (fi->fib_prefsrc) 180 hlist_del(&fi->fib_lhash); 181 change_nexthops(fi) { 182 if (!nexthop_nh->nh_dev) 183 continue; 184 hlist_del(&nexthop_nh->nh_hash); 185 } endfor_nexthops(fi) 186 fi->fib_dead = 1; 187 fib_info_put(fi); 188 } 189 spin_unlock_bh(&fib_info_lock); 190 } 191 192 static inline int nh_comp(const struct fib_info *fi, const struct fib_info *ofi) 193 { 194 const struct fib_nh *onh = ofi->fib_nh; 195 196 for_nexthops(fi) { 197 if (nh->nh_oif != onh->nh_oif || 198 nh->nh_gw != onh->nh_gw || 199 nh->nh_scope != onh->nh_scope || 200 #ifdef CONFIG_IP_ROUTE_MULTIPATH 201 nh->nh_weight != onh->nh_weight || 202 #endif 203 #ifdef CONFIG_NET_CLS_ROUTE 204 nh->nh_tclassid != onh->nh_tclassid || 205 #endif 206 ((nh->nh_flags ^ onh->nh_flags) & ~RTNH_F_DEAD)) 207 return -1; 208 onh++; 209 } endfor_nexthops(fi); 210 return 0; 211 } 212 213 static inline unsigned int fib_devindex_hashfn(unsigned int val) 214 { 215 unsigned int mask = DEVINDEX_HASHSIZE - 1; 216 217 return (val ^ 218 (val >> DEVINDEX_HASHBITS) ^ 219 (val >> (DEVINDEX_HASHBITS * 2))) & mask; 220 } 221 222 static inline unsigned int fib_info_hashfn(const struct fib_info *fi) 223 { 224 unsigned int mask = (fib_hash_size - 1); 225 unsigned int val = fi->fib_nhs; 226 227 val ^= fi->fib_protocol; 228 val ^= (__force u32)fi->fib_prefsrc; 229 val ^= fi->fib_priority; 230 for_nexthops(fi) { 231 val ^= fib_devindex_hashfn(nh->nh_oif); 232 } endfor_nexthops(fi) 233 234 return (val ^ (val >> 7) ^ (val >> 12)) & mask; 235 } 236 237 static struct fib_info *fib_find_info(const struct fib_info *nfi) 238 { 239 struct hlist_head *head; 240 struct hlist_node *node; 241 struct fib_info *fi; 242 unsigned int hash; 243 244 hash = fib_info_hashfn(nfi); 245 head = &fib_info_hash[hash]; 246 247 hlist_for_each_entry(fi, node, head, fib_hash) { 248 if (!net_eq(fi->fib_net, nfi->fib_net)) 249 continue; 250 if (fi->fib_nhs != nfi->fib_nhs) 251 continue; 252 if (nfi->fib_protocol == fi->fib_protocol && 253 nfi->fib_prefsrc == fi->fib_prefsrc && 254 nfi->fib_priority == fi->fib_priority && 255 memcmp(nfi->fib_metrics, fi->fib_metrics, 256 sizeof(fi->fib_metrics)) == 0 && 257 ((nfi->fib_flags ^ fi->fib_flags) & ~RTNH_F_DEAD) == 0 && 258 (nfi->fib_nhs == 0 || nh_comp(fi, nfi) == 0)) 259 return fi; 260 } 261 262 return NULL; 263 } 264 265 /* Check, that the gateway is already configured. 266 * Used only by redirect accept routine. 267 */ 268 int ip_fib_check_default(__be32 gw, struct net_device *dev) 269 { 270 struct hlist_head *head; 271 struct hlist_node *node; 272 struct fib_nh *nh; 273 unsigned int hash; 274 275 spin_lock(&fib_info_lock); 276 277 hash = fib_devindex_hashfn(dev->ifindex); 278 head = &fib_info_devhash[hash]; 279 hlist_for_each_entry(nh, node, head, nh_hash) { 280 if (nh->nh_dev == dev && 281 nh->nh_gw == gw && 282 !(nh->nh_flags & RTNH_F_DEAD)) { 283 spin_unlock(&fib_info_lock); 284 return 0; 285 } 286 } 287 288 spin_unlock(&fib_info_lock); 289 290 return -1; 291 } 292 293 static inline size_t fib_nlmsg_size(struct fib_info *fi) 294 { 295 size_t payload = NLMSG_ALIGN(sizeof(struct rtmsg)) 296 + nla_total_size(4) /* RTA_TABLE */ 297 + nla_total_size(4) /* RTA_DST */ 298 + nla_total_size(4) /* RTA_PRIORITY */ 299 + nla_total_size(4); /* RTA_PREFSRC */ 300 301 /* space for nested metrics */ 302 payload += nla_total_size((RTAX_MAX * nla_total_size(4))); 303 304 if (fi->fib_nhs) { 305 /* Also handles the special case fib_nhs == 1 */ 306 307 /* each nexthop is packed in an attribute */ 308 size_t nhsize = nla_total_size(sizeof(struct rtnexthop)); 309 310 /* may contain flow and gateway attribute */ 311 nhsize += 2 * nla_total_size(4); 312 313 /* all nexthops are packed in a nested attribute */ 314 payload += nla_total_size(fi->fib_nhs * nhsize); 315 } 316 317 return payload; 318 } 319 320 void rtmsg_fib(int event, __be32 key, struct fib_alias *fa, 321 int dst_len, u32 tb_id, struct nl_info *info, 322 unsigned int nlm_flags) 323 { 324 struct sk_buff *skb; 325 u32 seq = info->nlh ? info->nlh->nlmsg_seq : 0; 326 int err = -ENOBUFS; 327 328 skb = nlmsg_new(fib_nlmsg_size(fa->fa_info), GFP_KERNEL); 329 if (skb == NULL) 330 goto errout; 331 332 err = fib_dump_info(skb, info->pid, seq, event, tb_id, 333 fa->fa_type, fa->fa_scope, key, dst_len, 334 fa->fa_tos, fa->fa_info, nlm_flags); 335 if (err < 0) { 336 /* -EMSGSIZE implies BUG in fib_nlmsg_size() */ 337 WARN_ON(err == -EMSGSIZE); 338 kfree_skb(skb); 339 goto errout; 340 } 341 rtnl_notify(skb, info->nl_net, info->pid, RTNLGRP_IPV4_ROUTE, 342 info->nlh, GFP_KERNEL); 343 return; 344 errout: 345 if (err < 0) 346 rtnl_set_sk_err(info->nl_net, RTNLGRP_IPV4_ROUTE, err); 347 } 348 349 /* Return the first fib alias matching TOS with 350 * priority less than or equal to PRIO. 351 */ 352 struct fib_alias *fib_find_alias(struct list_head *fah, u8 tos, u32 prio) 353 { 354 if (fah) { 355 struct fib_alias *fa; 356 list_for_each_entry(fa, fah, fa_list) { 357 if (fa->fa_tos > tos) 358 continue; 359 if (fa->fa_info->fib_priority >= prio || 360 fa->fa_tos < tos) 361 return fa; 362 } 363 } 364 return NULL; 365 } 366 367 int fib_detect_death(struct fib_info *fi, int order, 368 struct fib_info **last_resort, int *last_idx, int dflt) 369 { 370 struct neighbour *n; 371 int state = NUD_NONE; 372 373 n = neigh_lookup(&arp_tbl, &fi->fib_nh[0].nh_gw, fi->fib_dev); 374 if (n) { 375 state = n->nud_state; 376 neigh_release(n); 377 } 378 if (state == NUD_REACHABLE) 379 return 0; 380 if ((state & NUD_VALID) && order != dflt) 381 return 0; 382 if ((state & NUD_VALID) || 383 (*last_idx < 0 && order > dflt)) { 384 *last_resort = fi; 385 *last_idx = order; 386 } 387 return 1; 388 } 389 390 #ifdef CONFIG_IP_ROUTE_MULTIPATH 391 392 static int fib_count_nexthops(struct rtnexthop *rtnh, int remaining) 393 { 394 int nhs = 0; 395 396 while (rtnh_ok(rtnh, remaining)) { 397 nhs++; 398 rtnh = rtnh_next(rtnh, &remaining); 399 } 400 401 /* leftover implies invalid nexthop configuration, discard it */ 402 return remaining > 0 ? 0 : nhs; 403 } 404 405 static int fib_get_nhs(struct fib_info *fi, struct rtnexthop *rtnh, 406 int remaining, struct fib_config *cfg) 407 { 408 change_nexthops(fi) { 409 int attrlen; 410 411 if (!rtnh_ok(rtnh, remaining)) 412 return -EINVAL; 413 414 nexthop_nh->nh_flags = 415 (cfg->fc_flags & ~0xFF) | rtnh->rtnh_flags; 416 nexthop_nh->nh_oif = rtnh->rtnh_ifindex; 417 nexthop_nh->nh_weight = rtnh->rtnh_hops + 1; 418 419 attrlen = rtnh_attrlen(rtnh); 420 if (attrlen > 0) { 421 struct nlattr *nla, *attrs = rtnh_attrs(rtnh); 422 423 nla = nla_find(attrs, attrlen, RTA_GATEWAY); 424 nexthop_nh->nh_gw = nla ? nla_get_be32(nla) : 0; 425 #ifdef CONFIG_NET_CLS_ROUTE 426 nla = nla_find(attrs, attrlen, RTA_FLOW); 427 nexthop_nh->nh_tclassid = nla ? nla_get_u32(nla) : 0; 428 #endif 429 } 430 431 rtnh = rtnh_next(rtnh, &remaining); 432 } endfor_nexthops(fi); 433 434 return 0; 435 } 436 437 #endif 438 439 int fib_nh_match(struct fib_config *cfg, struct fib_info *fi) 440 { 441 #ifdef CONFIG_IP_ROUTE_MULTIPATH 442 struct rtnexthop *rtnh; 443 int remaining; 444 #endif 445 446 if (cfg->fc_priority && cfg->fc_priority != fi->fib_priority) 447 return 1; 448 449 if (cfg->fc_oif || cfg->fc_gw) { 450 if ((!cfg->fc_oif || cfg->fc_oif == fi->fib_nh->nh_oif) && 451 (!cfg->fc_gw || cfg->fc_gw == fi->fib_nh->nh_gw)) 452 return 0; 453 return 1; 454 } 455 456 #ifdef CONFIG_IP_ROUTE_MULTIPATH 457 if (cfg->fc_mp == NULL) 458 return 0; 459 460 rtnh = cfg->fc_mp; 461 remaining = cfg->fc_mp_len; 462 463 for_nexthops(fi) { 464 int attrlen; 465 466 if (!rtnh_ok(rtnh, remaining)) 467 return -EINVAL; 468 469 if (rtnh->rtnh_ifindex && rtnh->rtnh_ifindex != nh->nh_oif) 470 return 1; 471 472 attrlen = rtnh_attrlen(rtnh); 473 if (attrlen < 0) { 474 struct nlattr *nla, *attrs = rtnh_attrs(rtnh); 475 476 nla = nla_find(attrs, attrlen, RTA_GATEWAY); 477 if (nla && nla_get_be32(nla) != nh->nh_gw) 478 return 1; 479 #ifdef CONFIG_NET_CLS_ROUTE 480 nla = nla_find(attrs, attrlen, RTA_FLOW); 481 if (nla && nla_get_u32(nla) != nh->nh_tclassid) 482 return 1; 483 #endif 484 } 485 486 rtnh = rtnh_next(rtnh, &remaining); 487 } endfor_nexthops(fi); 488 #endif 489 return 0; 490 } 491 492 493 /* 494 * Picture 495 * ------- 496 * 497 * Semantics of nexthop is very messy by historical reasons. 498 * We have to take into account, that: 499 * a) gateway can be actually local interface address, 500 * so that gatewayed route is direct. 501 * b) gateway must be on-link address, possibly 502 * described not by an ifaddr, but also by a direct route. 503 * c) If both gateway and interface are specified, they should not 504 * contradict. 505 * d) If we use tunnel routes, gateway could be not on-link. 506 * 507 * Attempt to reconcile all of these (alas, self-contradictory) conditions 508 * results in pretty ugly and hairy code with obscure logic. 509 * 510 * I chose to generalized it instead, so that the size 511 * of code does not increase practically, but it becomes 512 * much more general. 513 * Every prefix is assigned a "scope" value: "host" is local address, 514 * "link" is direct route, 515 * [ ... "site" ... "interior" ... ] 516 * and "universe" is true gateway route with global meaning. 517 * 518 * Every prefix refers to a set of "nexthop"s (gw, oif), 519 * where gw must have narrower scope. This recursion stops 520 * when gw has LOCAL scope or if "nexthop" is declared ONLINK, 521 * which means that gw is forced to be on link. 522 * 523 * Code is still hairy, but now it is apparently logically 524 * consistent and very flexible. F.e. as by-product it allows 525 * to co-exists in peace independent exterior and interior 526 * routing processes. 527 * 528 * Normally it looks as following. 529 * 530 * {universe prefix} -> (gw, oif) [scope link] 531 * | 532 * |-> {link prefix} -> (gw, oif) [scope local] 533 * | 534 * |-> {local prefix} (terminal node) 535 */ 536 static int fib_check_nh(struct fib_config *cfg, struct fib_info *fi, 537 struct fib_nh *nh) 538 { 539 int err; 540 struct net *net; 541 struct net_device *dev; 542 543 net = cfg->fc_nlinfo.nl_net; 544 if (nh->nh_gw) { 545 struct fib_result res; 546 547 if (nh->nh_flags & RTNH_F_ONLINK) { 548 549 if (cfg->fc_scope >= RT_SCOPE_LINK) 550 return -EINVAL; 551 if (inet_addr_type(net, nh->nh_gw) != RTN_UNICAST) 552 return -EINVAL; 553 dev = __dev_get_by_index(net, nh->nh_oif); 554 if (!dev) 555 return -ENODEV; 556 if (!(dev->flags & IFF_UP)) 557 return -ENETDOWN; 558 nh->nh_dev = dev; 559 dev_hold(dev); 560 nh->nh_scope = RT_SCOPE_LINK; 561 return 0; 562 } 563 rcu_read_lock(); 564 { 565 struct flowi fl = { 566 .nl_u = { 567 .ip4_u = { 568 .daddr = nh->nh_gw, 569 .scope = cfg->fc_scope + 1, 570 }, 571 }, 572 .oif = nh->nh_oif, 573 }; 574 575 /* It is not necessary, but requires a bit of thinking */ 576 if (fl.fl4_scope < RT_SCOPE_LINK) 577 fl.fl4_scope = RT_SCOPE_LINK; 578 err = fib_lookup(net, &fl, &res); 579 if (err) { 580 rcu_read_unlock(); 581 return err; 582 } 583 } 584 err = -EINVAL; 585 if (res.type != RTN_UNICAST && res.type != RTN_LOCAL) 586 goto out; 587 nh->nh_scope = res.scope; 588 nh->nh_oif = FIB_RES_OIF(res); 589 nh->nh_dev = dev = FIB_RES_DEV(res); 590 if (!dev) 591 goto out; 592 dev_hold(dev); 593 err = (dev->flags & IFF_UP) ? 0 : -ENETDOWN; 594 } else { 595 struct in_device *in_dev; 596 597 if (nh->nh_flags & (RTNH_F_PERVASIVE | RTNH_F_ONLINK)) 598 return -EINVAL; 599 600 rcu_read_lock(); 601 err = -ENODEV; 602 in_dev = inetdev_by_index(net, nh->nh_oif); 603 if (in_dev == NULL) 604 goto out; 605 err = -ENETDOWN; 606 if (!(in_dev->dev->flags & IFF_UP)) 607 goto out; 608 nh->nh_dev = in_dev->dev; 609 dev_hold(nh->nh_dev); 610 nh->nh_scope = RT_SCOPE_HOST; 611 err = 0; 612 } 613 out: 614 rcu_read_unlock(); 615 return err; 616 } 617 618 static inline unsigned int fib_laddr_hashfn(__be32 val) 619 { 620 unsigned int mask = (fib_hash_size - 1); 621 622 return ((__force u32)val ^ 623 ((__force u32)val >> 7) ^ 624 ((__force u32)val >> 14)) & mask; 625 } 626 627 static struct hlist_head *fib_hash_alloc(int bytes) 628 { 629 if (bytes <= PAGE_SIZE) 630 return kzalloc(bytes, GFP_KERNEL); 631 else 632 return (struct hlist_head *) 633 __get_free_pages(GFP_KERNEL | __GFP_ZERO, 634 get_order(bytes)); 635 } 636 637 static void fib_hash_free(struct hlist_head *hash, int bytes) 638 { 639 if (!hash) 640 return; 641 642 if (bytes <= PAGE_SIZE) 643 kfree(hash); 644 else 645 free_pages((unsigned long) hash, get_order(bytes)); 646 } 647 648 static void fib_hash_move(struct hlist_head *new_info_hash, 649 struct hlist_head *new_laddrhash, 650 unsigned int new_size) 651 { 652 struct hlist_head *old_info_hash, *old_laddrhash; 653 unsigned int old_size = fib_hash_size; 654 unsigned int i, bytes; 655 656 spin_lock_bh(&fib_info_lock); 657 old_info_hash = fib_info_hash; 658 old_laddrhash = fib_info_laddrhash; 659 fib_hash_size = new_size; 660 661 for (i = 0; i < old_size; i++) { 662 struct hlist_head *head = &fib_info_hash[i]; 663 struct hlist_node *node, *n; 664 struct fib_info *fi; 665 666 hlist_for_each_entry_safe(fi, node, n, head, fib_hash) { 667 struct hlist_head *dest; 668 unsigned int new_hash; 669 670 hlist_del(&fi->fib_hash); 671 672 new_hash = fib_info_hashfn(fi); 673 dest = &new_info_hash[new_hash]; 674 hlist_add_head(&fi->fib_hash, dest); 675 } 676 } 677 fib_info_hash = new_info_hash; 678 679 for (i = 0; i < old_size; i++) { 680 struct hlist_head *lhead = &fib_info_laddrhash[i]; 681 struct hlist_node *node, *n; 682 struct fib_info *fi; 683 684 hlist_for_each_entry_safe(fi, node, n, lhead, fib_lhash) { 685 struct hlist_head *ldest; 686 unsigned int new_hash; 687 688 hlist_del(&fi->fib_lhash); 689 690 new_hash = fib_laddr_hashfn(fi->fib_prefsrc); 691 ldest = &new_laddrhash[new_hash]; 692 hlist_add_head(&fi->fib_lhash, ldest); 693 } 694 } 695 fib_info_laddrhash = new_laddrhash; 696 697 spin_unlock_bh(&fib_info_lock); 698 699 bytes = old_size * sizeof(struct hlist_head *); 700 fib_hash_free(old_info_hash, bytes); 701 fib_hash_free(old_laddrhash, bytes); 702 } 703 704 struct fib_info *fib_create_info(struct fib_config *cfg) 705 { 706 int err; 707 struct fib_info *fi = NULL; 708 struct fib_info *ofi; 709 int nhs = 1; 710 struct net *net = cfg->fc_nlinfo.nl_net; 711 712 /* Fast check to catch the most weird cases */ 713 if (fib_props[cfg->fc_type].scope > cfg->fc_scope) 714 goto err_inval; 715 716 #ifdef CONFIG_IP_ROUTE_MULTIPATH 717 if (cfg->fc_mp) { 718 nhs = fib_count_nexthops(cfg->fc_mp, cfg->fc_mp_len); 719 if (nhs == 0) 720 goto err_inval; 721 } 722 #endif 723 724 err = -ENOBUFS; 725 if (fib_info_cnt >= fib_hash_size) { 726 unsigned int new_size = fib_hash_size << 1; 727 struct hlist_head *new_info_hash; 728 struct hlist_head *new_laddrhash; 729 unsigned int bytes; 730 731 if (!new_size) 732 new_size = 1; 733 bytes = new_size * sizeof(struct hlist_head *); 734 new_info_hash = fib_hash_alloc(bytes); 735 new_laddrhash = fib_hash_alloc(bytes); 736 if (!new_info_hash || !new_laddrhash) { 737 fib_hash_free(new_info_hash, bytes); 738 fib_hash_free(new_laddrhash, bytes); 739 } else 740 fib_hash_move(new_info_hash, new_laddrhash, new_size); 741 742 if (!fib_hash_size) 743 goto failure; 744 } 745 746 fi = kzalloc(sizeof(*fi)+nhs*sizeof(struct fib_nh), GFP_KERNEL); 747 if (fi == NULL) 748 goto failure; 749 fib_info_cnt++; 750 751 fi->fib_net = hold_net(net); 752 fi->fib_protocol = cfg->fc_protocol; 753 fi->fib_flags = cfg->fc_flags; 754 fi->fib_priority = cfg->fc_priority; 755 fi->fib_prefsrc = cfg->fc_prefsrc; 756 757 fi->fib_nhs = nhs; 758 change_nexthops(fi) { 759 nexthop_nh->nh_parent = fi; 760 } endfor_nexthops(fi) 761 762 if (cfg->fc_mx) { 763 struct nlattr *nla; 764 int remaining; 765 766 nla_for_each_attr(nla, cfg->fc_mx, cfg->fc_mx_len, remaining) { 767 int type = nla_type(nla); 768 769 if (type) { 770 if (type > RTAX_MAX) 771 goto err_inval; 772 fi->fib_metrics[type - 1] = nla_get_u32(nla); 773 } 774 } 775 } 776 777 if (cfg->fc_mp) { 778 #ifdef CONFIG_IP_ROUTE_MULTIPATH 779 err = fib_get_nhs(fi, cfg->fc_mp, cfg->fc_mp_len, cfg); 780 if (err != 0) 781 goto failure; 782 if (cfg->fc_oif && fi->fib_nh->nh_oif != cfg->fc_oif) 783 goto err_inval; 784 if (cfg->fc_gw && fi->fib_nh->nh_gw != cfg->fc_gw) 785 goto err_inval; 786 #ifdef CONFIG_NET_CLS_ROUTE 787 if (cfg->fc_flow && fi->fib_nh->nh_tclassid != cfg->fc_flow) 788 goto err_inval; 789 #endif 790 #else 791 goto err_inval; 792 #endif 793 } else { 794 struct fib_nh *nh = fi->fib_nh; 795 796 nh->nh_oif = cfg->fc_oif; 797 nh->nh_gw = cfg->fc_gw; 798 nh->nh_flags = cfg->fc_flags; 799 #ifdef CONFIG_NET_CLS_ROUTE 800 nh->nh_tclassid = cfg->fc_flow; 801 #endif 802 #ifdef CONFIG_IP_ROUTE_MULTIPATH 803 nh->nh_weight = 1; 804 #endif 805 } 806 807 if (fib_props[cfg->fc_type].error) { 808 if (cfg->fc_gw || cfg->fc_oif || cfg->fc_mp) 809 goto err_inval; 810 goto link_it; 811 } 812 813 if (cfg->fc_scope > RT_SCOPE_HOST) 814 goto err_inval; 815 816 if (cfg->fc_scope == RT_SCOPE_HOST) { 817 struct fib_nh *nh = fi->fib_nh; 818 819 /* Local address is added. */ 820 if (nhs != 1 || nh->nh_gw) 821 goto err_inval; 822 nh->nh_scope = RT_SCOPE_NOWHERE; 823 nh->nh_dev = dev_get_by_index(net, fi->fib_nh->nh_oif); 824 err = -ENODEV; 825 if (nh->nh_dev == NULL) 826 goto failure; 827 } else { 828 change_nexthops(fi) { 829 err = fib_check_nh(cfg, fi, nexthop_nh); 830 if (err != 0) 831 goto failure; 832 } endfor_nexthops(fi) 833 } 834 835 if (fi->fib_prefsrc) { 836 if (cfg->fc_type != RTN_LOCAL || !cfg->fc_dst || 837 fi->fib_prefsrc != cfg->fc_dst) 838 if (inet_addr_type(net, fi->fib_prefsrc) != RTN_LOCAL) 839 goto err_inval; 840 } 841 842 link_it: 843 ofi = fib_find_info(fi); 844 if (ofi) { 845 fi->fib_dead = 1; 846 free_fib_info(fi); 847 ofi->fib_treeref++; 848 return ofi; 849 } 850 851 fi->fib_treeref++; 852 atomic_inc(&fi->fib_clntref); 853 spin_lock_bh(&fib_info_lock); 854 hlist_add_head(&fi->fib_hash, 855 &fib_info_hash[fib_info_hashfn(fi)]); 856 if (fi->fib_prefsrc) { 857 struct hlist_head *head; 858 859 head = &fib_info_laddrhash[fib_laddr_hashfn(fi->fib_prefsrc)]; 860 hlist_add_head(&fi->fib_lhash, head); 861 } 862 change_nexthops(fi) { 863 struct hlist_head *head; 864 unsigned int hash; 865 866 if (!nexthop_nh->nh_dev) 867 continue; 868 hash = fib_devindex_hashfn(nexthop_nh->nh_dev->ifindex); 869 head = &fib_info_devhash[hash]; 870 hlist_add_head(&nexthop_nh->nh_hash, head); 871 } endfor_nexthops(fi) 872 spin_unlock_bh(&fib_info_lock); 873 return fi; 874 875 err_inval: 876 err = -EINVAL; 877 878 failure: 879 if (fi) { 880 fi->fib_dead = 1; 881 free_fib_info(fi); 882 } 883 884 return ERR_PTR(err); 885 } 886 887 /* Note! fib_semantic_match intentionally uses RCU list functions. */ 888 int fib_semantic_match(struct list_head *head, const struct flowi *flp, 889 struct fib_result *res, int prefixlen, int fib_flags) 890 { 891 struct fib_alias *fa; 892 int nh_sel = 0; 893 894 list_for_each_entry_rcu(fa, head, fa_list) { 895 int err; 896 897 if (fa->fa_tos && 898 fa->fa_tos != flp->fl4_tos) 899 continue; 900 901 if (fa->fa_scope < flp->fl4_scope) 902 continue; 903 904 fib_alias_accessed(fa); 905 906 err = fib_props[fa->fa_type].error; 907 if (err == 0) { 908 struct fib_info *fi = fa->fa_info; 909 910 if (fi->fib_flags & RTNH_F_DEAD) 911 continue; 912 913 switch (fa->fa_type) { 914 case RTN_UNICAST: 915 case RTN_LOCAL: 916 case RTN_BROADCAST: 917 case RTN_ANYCAST: 918 case RTN_MULTICAST: 919 for_nexthops(fi) { 920 if (nh->nh_flags & RTNH_F_DEAD) 921 continue; 922 if (!flp->oif || flp->oif == nh->nh_oif) 923 break; 924 } 925 #ifdef CONFIG_IP_ROUTE_MULTIPATH 926 if (nhsel < fi->fib_nhs) { 927 nh_sel = nhsel; 928 goto out_fill_res; 929 } 930 #else 931 if (nhsel < 1) 932 goto out_fill_res; 933 #endif 934 endfor_nexthops(fi); 935 continue; 936 937 default: 938 pr_warning("fib_semantic_match bad type %#x\n", 939 fa->fa_type); 940 return -EINVAL; 941 } 942 } 943 return err; 944 } 945 return 1; 946 947 out_fill_res: 948 res->prefixlen = prefixlen; 949 res->nh_sel = nh_sel; 950 res->type = fa->fa_type; 951 res->scope = fa->fa_scope; 952 res->fi = fa->fa_info; 953 if (!(fib_flags & FIB_LOOKUP_NOREF)) 954 atomic_inc(&res->fi->fib_clntref); 955 return 0; 956 } 957 958 /* Find appropriate source address to this destination */ 959 960 __be32 __fib_res_prefsrc(struct fib_result *res) 961 { 962 return inet_select_addr(FIB_RES_DEV(*res), FIB_RES_GW(*res), res->scope); 963 } 964 965 int fib_dump_info(struct sk_buff *skb, u32 pid, u32 seq, int event, 966 u32 tb_id, u8 type, u8 scope, __be32 dst, int dst_len, u8 tos, 967 struct fib_info *fi, unsigned int flags) 968 { 969 struct nlmsghdr *nlh; 970 struct rtmsg *rtm; 971 972 nlh = nlmsg_put(skb, pid, seq, event, sizeof(*rtm), flags); 973 if (nlh == NULL) 974 return -EMSGSIZE; 975 976 rtm = nlmsg_data(nlh); 977 rtm->rtm_family = AF_INET; 978 rtm->rtm_dst_len = dst_len; 979 rtm->rtm_src_len = 0; 980 rtm->rtm_tos = tos; 981 if (tb_id < 256) 982 rtm->rtm_table = tb_id; 983 else 984 rtm->rtm_table = RT_TABLE_COMPAT; 985 NLA_PUT_U32(skb, RTA_TABLE, tb_id); 986 rtm->rtm_type = type; 987 rtm->rtm_flags = fi->fib_flags; 988 rtm->rtm_scope = scope; 989 rtm->rtm_protocol = fi->fib_protocol; 990 991 if (rtm->rtm_dst_len) 992 NLA_PUT_BE32(skb, RTA_DST, dst); 993 994 if (fi->fib_priority) 995 NLA_PUT_U32(skb, RTA_PRIORITY, fi->fib_priority); 996 997 if (rtnetlink_put_metrics(skb, fi->fib_metrics) < 0) 998 goto nla_put_failure; 999 1000 if (fi->fib_prefsrc) 1001 NLA_PUT_BE32(skb, RTA_PREFSRC, fi->fib_prefsrc); 1002 1003 if (fi->fib_nhs == 1) { 1004 if (fi->fib_nh->nh_gw) 1005 NLA_PUT_BE32(skb, RTA_GATEWAY, fi->fib_nh->nh_gw); 1006 1007 if (fi->fib_nh->nh_oif) 1008 NLA_PUT_U32(skb, RTA_OIF, fi->fib_nh->nh_oif); 1009 #ifdef CONFIG_NET_CLS_ROUTE 1010 if (fi->fib_nh[0].nh_tclassid) 1011 NLA_PUT_U32(skb, RTA_FLOW, fi->fib_nh[0].nh_tclassid); 1012 #endif 1013 } 1014 #ifdef CONFIG_IP_ROUTE_MULTIPATH 1015 if (fi->fib_nhs > 1) { 1016 struct rtnexthop *rtnh; 1017 struct nlattr *mp; 1018 1019 mp = nla_nest_start(skb, RTA_MULTIPATH); 1020 if (mp == NULL) 1021 goto nla_put_failure; 1022 1023 for_nexthops(fi) { 1024 rtnh = nla_reserve_nohdr(skb, sizeof(*rtnh)); 1025 if (rtnh == NULL) 1026 goto nla_put_failure; 1027 1028 rtnh->rtnh_flags = nh->nh_flags & 0xFF; 1029 rtnh->rtnh_hops = nh->nh_weight - 1; 1030 rtnh->rtnh_ifindex = nh->nh_oif; 1031 1032 if (nh->nh_gw) 1033 NLA_PUT_BE32(skb, RTA_GATEWAY, nh->nh_gw); 1034 #ifdef CONFIG_NET_CLS_ROUTE 1035 if (nh->nh_tclassid) 1036 NLA_PUT_U32(skb, RTA_FLOW, nh->nh_tclassid); 1037 #endif 1038 /* length of rtnetlink header + attributes */ 1039 rtnh->rtnh_len = nlmsg_get_pos(skb) - (void *) rtnh; 1040 } endfor_nexthops(fi); 1041 1042 nla_nest_end(skb, mp); 1043 } 1044 #endif 1045 return nlmsg_end(skb, nlh); 1046 1047 nla_put_failure: 1048 nlmsg_cancel(skb, nlh); 1049 return -EMSGSIZE; 1050 } 1051 1052 /* 1053 * Update FIB if: 1054 * - local address disappeared -> we must delete all the entries 1055 * referring to it. 1056 * - device went down -> we must shutdown all nexthops going via it. 1057 */ 1058 int fib_sync_down_addr(struct net *net, __be32 local) 1059 { 1060 int ret = 0; 1061 unsigned int hash = fib_laddr_hashfn(local); 1062 struct hlist_head *head = &fib_info_laddrhash[hash]; 1063 struct hlist_node *node; 1064 struct fib_info *fi; 1065 1066 if (fib_info_laddrhash == NULL || local == 0) 1067 return 0; 1068 1069 hlist_for_each_entry(fi, node, head, fib_lhash) { 1070 if (!net_eq(fi->fib_net, net)) 1071 continue; 1072 if (fi->fib_prefsrc == local) { 1073 fi->fib_flags |= RTNH_F_DEAD; 1074 ret++; 1075 } 1076 } 1077 return ret; 1078 } 1079 1080 int fib_sync_down_dev(struct net_device *dev, int force) 1081 { 1082 int ret = 0; 1083 int scope = RT_SCOPE_NOWHERE; 1084 struct fib_info *prev_fi = NULL; 1085 unsigned int hash = fib_devindex_hashfn(dev->ifindex); 1086 struct hlist_head *head = &fib_info_devhash[hash]; 1087 struct hlist_node *node; 1088 struct fib_nh *nh; 1089 1090 if (force) 1091 scope = -1; 1092 1093 hlist_for_each_entry(nh, node, head, nh_hash) { 1094 struct fib_info *fi = nh->nh_parent; 1095 int dead; 1096 1097 BUG_ON(!fi->fib_nhs); 1098 if (nh->nh_dev != dev || fi == prev_fi) 1099 continue; 1100 prev_fi = fi; 1101 dead = 0; 1102 change_nexthops(fi) { 1103 if (nexthop_nh->nh_flags & RTNH_F_DEAD) 1104 dead++; 1105 else if (nexthop_nh->nh_dev == dev && 1106 nexthop_nh->nh_scope != scope) { 1107 nexthop_nh->nh_flags |= RTNH_F_DEAD; 1108 #ifdef CONFIG_IP_ROUTE_MULTIPATH 1109 spin_lock_bh(&fib_multipath_lock); 1110 fi->fib_power -= nexthop_nh->nh_power; 1111 nexthop_nh->nh_power = 0; 1112 spin_unlock_bh(&fib_multipath_lock); 1113 #endif 1114 dead++; 1115 } 1116 #ifdef CONFIG_IP_ROUTE_MULTIPATH 1117 if (force > 1 && nexthop_nh->nh_dev == dev) { 1118 dead = fi->fib_nhs; 1119 break; 1120 } 1121 #endif 1122 } endfor_nexthops(fi) 1123 if (dead == fi->fib_nhs) { 1124 fi->fib_flags |= RTNH_F_DEAD; 1125 ret++; 1126 } 1127 } 1128 1129 return ret; 1130 } 1131 1132 #ifdef CONFIG_IP_ROUTE_MULTIPATH 1133 1134 /* 1135 * Dead device goes up. We wake up dead nexthops. 1136 * It takes sense only on multipath routes. 1137 */ 1138 int fib_sync_up(struct net_device *dev) 1139 { 1140 struct fib_info *prev_fi; 1141 unsigned int hash; 1142 struct hlist_head *head; 1143 struct hlist_node *node; 1144 struct fib_nh *nh; 1145 int ret; 1146 1147 if (!(dev->flags & IFF_UP)) 1148 return 0; 1149 1150 prev_fi = NULL; 1151 hash = fib_devindex_hashfn(dev->ifindex); 1152 head = &fib_info_devhash[hash]; 1153 ret = 0; 1154 1155 hlist_for_each_entry(nh, node, head, nh_hash) { 1156 struct fib_info *fi = nh->nh_parent; 1157 int alive; 1158 1159 BUG_ON(!fi->fib_nhs); 1160 if (nh->nh_dev != dev || fi == prev_fi) 1161 continue; 1162 1163 prev_fi = fi; 1164 alive = 0; 1165 change_nexthops(fi) { 1166 if (!(nexthop_nh->nh_flags & RTNH_F_DEAD)) { 1167 alive++; 1168 continue; 1169 } 1170 if (nexthop_nh->nh_dev == NULL || 1171 !(nexthop_nh->nh_dev->flags & IFF_UP)) 1172 continue; 1173 if (nexthop_nh->nh_dev != dev || 1174 !__in_dev_get_rtnl(dev)) 1175 continue; 1176 alive++; 1177 spin_lock_bh(&fib_multipath_lock); 1178 nexthop_nh->nh_power = 0; 1179 nexthop_nh->nh_flags &= ~RTNH_F_DEAD; 1180 spin_unlock_bh(&fib_multipath_lock); 1181 } endfor_nexthops(fi) 1182 1183 if (alive > 0) { 1184 fi->fib_flags &= ~RTNH_F_DEAD; 1185 ret++; 1186 } 1187 } 1188 1189 return ret; 1190 } 1191 1192 /* 1193 * The algorithm is suboptimal, but it provides really 1194 * fair weighted route distribution. 1195 */ 1196 void fib_select_multipath(const struct flowi *flp, struct fib_result *res) 1197 { 1198 struct fib_info *fi = res->fi; 1199 int w; 1200 1201 spin_lock_bh(&fib_multipath_lock); 1202 if (fi->fib_power <= 0) { 1203 int power = 0; 1204 change_nexthops(fi) { 1205 if (!(nexthop_nh->nh_flags & RTNH_F_DEAD)) { 1206 power += nexthop_nh->nh_weight; 1207 nexthop_nh->nh_power = nexthop_nh->nh_weight; 1208 } 1209 } endfor_nexthops(fi); 1210 fi->fib_power = power; 1211 if (power <= 0) { 1212 spin_unlock_bh(&fib_multipath_lock); 1213 /* Race condition: route has just become dead. */ 1214 res->nh_sel = 0; 1215 return; 1216 } 1217 } 1218 1219 1220 /* w should be random number [0..fi->fib_power-1], 1221 * it is pretty bad approximation. 1222 */ 1223 1224 w = jiffies % fi->fib_power; 1225 1226 change_nexthops(fi) { 1227 if (!(nexthop_nh->nh_flags & RTNH_F_DEAD) && 1228 nexthop_nh->nh_power) { 1229 w -= nexthop_nh->nh_power; 1230 if (w <= 0) { 1231 nexthop_nh->nh_power--; 1232 fi->fib_power--; 1233 res->nh_sel = nhsel; 1234 spin_unlock_bh(&fib_multipath_lock); 1235 return; 1236 } 1237 } 1238 } endfor_nexthops(fi); 1239 1240 /* Race condition: route has just become dead. */ 1241 res->nh_sel = 0; 1242 spin_unlock_bh(&fib_multipath_lock); 1243 } 1244 #endif 1245