1 /* 2 * Linux INET6 implementation 3 * FIB front-end. 4 * 5 * Authors: 6 * Pedro Roque <roque@di.fc.ul.pt> 7 * 8 * This program is free software; you can redistribute it and/or 9 * modify it under the terms of the GNU General Public License 10 * as published by the Free Software Foundation; either version 11 * 2 of the License, or (at your option) any later version. 12 */ 13 14 /* Changes: 15 * 16 * YOSHIFUJI Hideaki @USAGI 17 * reworked default router selection. 18 * - respect outgoing interface 19 * - select from (probably) reachable routers (i.e. 20 * routers in REACHABLE, STALE, DELAY or PROBE states). 21 * - always select the same router if it is (probably) 22 * reachable. otherwise, round-robin the list. 23 * Ville Nuorvala 24 * Fixed routing subtrees. 25 */ 26 27 #define pr_fmt(fmt) "IPv6: " fmt 28 29 #include <linux/capability.h> 30 #include <linux/errno.h> 31 #include <linux/export.h> 32 #include <linux/types.h> 33 #include <linux/times.h> 34 #include <linux/socket.h> 35 #include <linux/sockios.h> 36 #include <linux/net.h> 37 #include <linux/route.h> 38 #include <linux/netdevice.h> 39 #include <linux/in6.h> 40 #include <linux/mroute6.h> 41 #include <linux/init.h> 42 #include <linux/if_arp.h> 43 #include <linux/proc_fs.h> 44 #include <linux/seq_file.h> 45 #include <linux/nsproxy.h> 46 #include <linux/slab.h> 47 #include <net/net_namespace.h> 48 #include <net/snmp.h> 49 #include <net/ipv6.h> 50 #include <net/ip6_fib.h> 51 #include <net/ip6_route.h> 52 #include <net/ndisc.h> 53 #include <net/addrconf.h> 54 #include <net/tcp.h> 55 #include <linux/rtnetlink.h> 56 #include <net/dst.h> 57 #include <net/dst_metadata.h> 58 #include <net/xfrm.h> 59 #include <net/netevent.h> 60 #include <net/netlink.h> 61 #include <net/nexthop.h> 62 #include <net/lwtunnel.h> 63 #include <net/ip_tunnels.h> 64 #include <net/l3mdev.h> 65 #include <trace/events/fib6.h> 66 67 #include <asm/uaccess.h> 68 69 #ifdef CONFIG_SYSCTL 70 #include <linux/sysctl.h> 71 #endif 72 73 enum rt6_nud_state { 74 RT6_NUD_FAIL_HARD = -3, 75 RT6_NUD_FAIL_PROBE = -2, 76 RT6_NUD_FAIL_DO_RR = -1, 77 RT6_NUD_SUCCEED = 1 78 }; 79 80 static void ip6_rt_copy_init(struct rt6_info *rt, struct rt6_info *ort); 81 static struct dst_entry *ip6_dst_check(struct dst_entry *dst, u32 cookie); 82 static unsigned int ip6_default_advmss(const struct dst_entry *dst); 83 static unsigned int ip6_mtu(const struct dst_entry *dst); 84 static struct dst_entry *ip6_negative_advice(struct dst_entry *); 85 static void ip6_dst_destroy(struct dst_entry *); 86 static void ip6_dst_ifdown(struct dst_entry *, 87 struct net_device *dev, int how); 88 static int ip6_dst_gc(struct dst_ops *ops); 89 90 static int ip6_pkt_discard(struct sk_buff *skb); 91 static int ip6_pkt_discard_out(struct net *net, struct sock *sk, struct sk_buff *skb); 92 static int ip6_pkt_prohibit(struct sk_buff *skb); 93 static int ip6_pkt_prohibit_out(struct net *net, struct sock *sk, struct sk_buff *skb); 94 static void ip6_link_failure(struct sk_buff *skb); 95 static void ip6_rt_update_pmtu(struct dst_entry *dst, struct sock *sk, 96 struct sk_buff *skb, u32 mtu); 97 static void rt6_do_redirect(struct dst_entry *dst, struct sock *sk, 98 struct sk_buff *skb); 99 static void rt6_dst_from_metrics_check(struct rt6_info *rt); 100 static int rt6_score_route(struct rt6_info *rt, int oif, int strict); 101 102 #ifdef CONFIG_IPV6_ROUTE_INFO 103 static struct rt6_info *rt6_add_route_info(struct net *net, 104 const struct in6_addr *prefix, int prefixlen, 105 const struct in6_addr *gwaddr, int ifindex, 106 unsigned int pref); 107 static struct rt6_info *rt6_get_route_info(struct net *net, 108 const struct in6_addr *prefix, int prefixlen, 109 const struct in6_addr *gwaddr, int ifindex); 110 #endif 111 112 struct uncached_list { 113 spinlock_t lock; 114 struct list_head head; 115 }; 116 117 static DEFINE_PER_CPU_ALIGNED(struct uncached_list, rt6_uncached_list); 118 119 static void rt6_uncached_list_add(struct rt6_info *rt) 120 { 121 struct uncached_list *ul = raw_cpu_ptr(&rt6_uncached_list); 122 123 rt->dst.flags |= DST_NOCACHE; 124 rt->rt6i_uncached_list = ul; 125 126 spin_lock_bh(&ul->lock); 127 list_add_tail(&rt->rt6i_uncached, &ul->head); 128 spin_unlock_bh(&ul->lock); 129 } 130 131 static void rt6_uncached_list_del(struct rt6_info *rt) 132 { 133 if (!list_empty(&rt->rt6i_uncached)) { 134 struct uncached_list *ul = rt->rt6i_uncached_list; 135 136 spin_lock_bh(&ul->lock); 137 list_del(&rt->rt6i_uncached); 138 spin_unlock_bh(&ul->lock); 139 } 140 } 141 142 static void rt6_uncached_list_flush_dev(struct net *net, struct net_device *dev) 143 { 144 struct net_device *loopback_dev = net->loopback_dev; 145 int cpu; 146 147 if (dev == loopback_dev) 148 return; 149 150 for_each_possible_cpu(cpu) { 151 struct uncached_list *ul = per_cpu_ptr(&rt6_uncached_list, cpu); 152 struct rt6_info *rt; 153 154 spin_lock_bh(&ul->lock); 155 list_for_each_entry(rt, &ul->head, rt6i_uncached) { 156 struct inet6_dev *rt_idev = rt->rt6i_idev; 157 struct net_device *rt_dev = rt->dst.dev; 158 159 if (rt_idev->dev == dev) { 160 rt->rt6i_idev = in6_dev_get(loopback_dev); 161 in6_dev_put(rt_idev); 162 } 163 164 if (rt_dev == dev) { 165 rt->dst.dev = loopback_dev; 166 dev_hold(rt->dst.dev); 167 dev_put(rt_dev); 168 } 169 } 170 spin_unlock_bh(&ul->lock); 171 } 172 } 173 174 static u32 *rt6_pcpu_cow_metrics(struct rt6_info *rt) 175 { 176 return dst_metrics_write_ptr(rt->dst.from); 177 } 178 179 static u32 *ipv6_cow_metrics(struct dst_entry *dst, unsigned long old) 180 { 181 struct rt6_info *rt = (struct rt6_info *)dst; 182 183 if (rt->rt6i_flags & RTF_PCPU) 184 return rt6_pcpu_cow_metrics(rt); 185 else if (rt->rt6i_flags & RTF_CACHE) 186 return NULL; 187 else 188 return dst_cow_metrics_generic(dst, old); 189 } 190 191 static inline const void *choose_neigh_daddr(struct rt6_info *rt, 192 struct sk_buff *skb, 193 const void *daddr) 194 { 195 struct in6_addr *p = &rt->rt6i_gateway; 196 197 if (!ipv6_addr_any(p)) 198 return (const void *) p; 199 else if (skb) 200 return &ipv6_hdr(skb)->daddr; 201 return daddr; 202 } 203 204 static struct neighbour *ip6_neigh_lookup(const struct dst_entry *dst, 205 struct sk_buff *skb, 206 const void *daddr) 207 { 208 struct rt6_info *rt = (struct rt6_info *) dst; 209 struct neighbour *n; 210 211 daddr = choose_neigh_daddr(rt, skb, daddr); 212 n = __ipv6_neigh_lookup(dst->dev, daddr); 213 if (n) 214 return n; 215 return neigh_create(&nd_tbl, daddr, dst->dev); 216 } 217 218 static struct dst_ops ip6_dst_ops_template = { 219 .family = AF_INET6, 220 .gc = ip6_dst_gc, 221 .gc_thresh = 1024, 222 .check = ip6_dst_check, 223 .default_advmss = ip6_default_advmss, 224 .mtu = ip6_mtu, 225 .cow_metrics = ipv6_cow_metrics, 226 .destroy = ip6_dst_destroy, 227 .ifdown = ip6_dst_ifdown, 228 .negative_advice = ip6_negative_advice, 229 .link_failure = ip6_link_failure, 230 .update_pmtu = ip6_rt_update_pmtu, 231 .redirect = rt6_do_redirect, 232 .local_out = __ip6_local_out, 233 .neigh_lookup = ip6_neigh_lookup, 234 }; 235 236 static unsigned int ip6_blackhole_mtu(const struct dst_entry *dst) 237 { 238 unsigned int mtu = dst_metric_raw(dst, RTAX_MTU); 239 240 return mtu ? : dst->dev->mtu; 241 } 242 243 static void ip6_rt_blackhole_update_pmtu(struct dst_entry *dst, struct sock *sk, 244 struct sk_buff *skb, u32 mtu) 245 { 246 } 247 248 static void ip6_rt_blackhole_redirect(struct dst_entry *dst, struct sock *sk, 249 struct sk_buff *skb) 250 { 251 } 252 253 static struct dst_ops ip6_dst_blackhole_ops = { 254 .family = AF_INET6, 255 .destroy = ip6_dst_destroy, 256 .check = ip6_dst_check, 257 .mtu = ip6_blackhole_mtu, 258 .default_advmss = ip6_default_advmss, 259 .update_pmtu = ip6_rt_blackhole_update_pmtu, 260 .redirect = ip6_rt_blackhole_redirect, 261 .cow_metrics = dst_cow_metrics_generic, 262 .neigh_lookup = ip6_neigh_lookup, 263 }; 264 265 static const u32 ip6_template_metrics[RTAX_MAX] = { 266 [RTAX_HOPLIMIT - 1] = 0, 267 }; 268 269 static const struct rt6_info ip6_null_entry_template = { 270 .dst = { 271 .__refcnt = ATOMIC_INIT(1), 272 .__use = 1, 273 .obsolete = DST_OBSOLETE_FORCE_CHK, 274 .error = -ENETUNREACH, 275 .input = ip6_pkt_discard, 276 .output = ip6_pkt_discard_out, 277 }, 278 .rt6i_flags = (RTF_REJECT | RTF_NONEXTHOP), 279 .rt6i_protocol = RTPROT_KERNEL, 280 .rt6i_metric = ~(u32) 0, 281 .rt6i_ref = ATOMIC_INIT(1), 282 }; 283 284 #ifdef CONFIG_IPV6_MULTIPLE_TABLES 285 286 static const struct rt6_info ip6_prohibit_entry_template = { 287 .dst = { 288 .__refcnt = ATOMIC_INIT(1), 289 .__use = 1, 290 .obsolete = DST_OBSOLETE_FORCE_CHK, 291 .error = -EACCES, 292 .input = ip6_pkt_prohibit, 293 .output = ip6_pkt_prohibit_out, 294 }, 295 .rt6i_flags = (RTF_REJECT | RTF_NONEXTHOP), 296 .rt6i_protocol = RTPROT_KERNEL, 297 .rt6i_metric = ~(u32) 0, 298 .rt6i_ref = ATOMIC_INIT(1), 299 }; 300 301 static const struct rt6_info ip6_blk_hole_entry_template = { 302 .dst = { 303 .__refcnt = ATOMIC_INIT(1), 304 .__use = 1, 305 .obsolete = DST_OBSOLETE_FORCE_CHK, 306 .error = -EINVAL, 307 .input = dst_discard, 308 .output = dst_discard_out, 309 }, 310 .rt6i_flags = (RTF_REJECT | RTF_NONEXTHOP), 311 .rt6i_protocol = RTPROT_KERNEL, 312 .rt6i_metric = ~(u32) 0, 313 .rt6i_ref = ATOMIC_INIT(1), 314 }; 315 316 #endif 317 318 static void rt6_info_init(struct rt6_info *rt) 319 { 320 struct dst_entry *dst = &rt->dst; 321 322 memset(dst + 1, 0, sizeof(*rt) - sizeof(*dst)); 323 INIT_LIST_HEAD(&rt->rt6i_siblings); 324 INIT_LIST_HEAD(&rt->rt6i_uncached); 325 } 326 327 /* allocate dst with ip6_dst_ops */ 328 static struct rt6_info *__ip6_dst_alloc(struct net *net, 329 struct net_device *dev, 330 int flags) 331 { 332 struct rt6_info *rt = dst_alloc(&net->ipv6.ip6_dst_ops, dev, 333 0, DST_OBSOLETE_FORCE_CHK, flags); 334 335 if (rt) 336 rt6_info_init(rt); 337 338 return rt; 339 } 340 341 struct rt6_info *ip6_dst_alloc(struct net *net, 342 struct net_device *dev, 343 int flags) 344 { 345 struct rt6_info *rt = __ip6_dst_alloc(net, dev, flags); 346 347 if (rt) { 348 rt->rt6i_pcpu = alloc_percpu_gfp(struct rt6_info *, GFP_ATOMIC); 349 if (rt->rt6i_pcpu) { 350 int cpu; 351 352 for_each_possible_cpu(cpu) { 353 struct rt6_info **p; 354 355 p = per_cpu_ptr(rt->rt6i_pcpu, cpu); 356 /* no one shares rt */ 357 *p = NULL; 358 } 359 } else { 360 dst_destroy((struct dst_entry *)rt); 361 return NULL; 362 } 363 } 364 365 return rt; 366 } 367 EXPORT_SYMBOL(ip6_dst_alloc); 368 369 static void ip6_dst_destroy(struct dst_entry *dst) 370 { 371 struct rt6_info *rt = (struct rt6_info *)dst; 372 struct dst_entry *from = dst->from; 373 struct inet6_dev *idev; 374 375 dst_destroy_metrics_generic(dst); 376 free_percpu(rt->rt6i_pcpu); 377 rt6_uncached_list_del(rt); 378 379 idev = rt->rt6i_idev; 380 if (idev) { 381 rt->rt6i_idev = NULL; 382 in6_dev_put(idev); 383 } 384 385 dst->from = NULL; 386 dst_release(from); 387 } 388 389 static void ip6_dst_ifdown(struct dst_entry *dst, struct net_device *dev, 390 int how) 391 { 392 struct rt6_info *rt = (struct rt6_info *)dst; 393 struct inet6_dev *idev = rt->rt6i_idev; 394 struct net_device *loopback_dev = 395 dev_net(dev)->loopback_dev; 396 397 if (dev != loopback_dev) { 398 if (idev && idev->dev == dev) { 399 struct inet6_dev *loopback_idev = 400 in6_dev_get(loopback_dev); 401 if (loopback_idev) { 402 rt->rt6i_idev = loopback_idev; 403 in6_dev_put(idev); 404 } 405 } 406 } 407 } 408 409 static bool __rt6_check_expired(const struct rt6_info *rt) 410 { 411 if (rt->rt6i_flags & RTF_EXPIRES) 412 return time_after(jiffies, rt->dst.expires); 413 else 414 return false; 415 } 416 417 static bool rt6_check_expired(const struct rt6_info *rt) 418 { 419 if (rt->rt6i_flags & RTF_EXPIRES) { 420 if (time_after(jiffies, rt->dst.expires)) 421 return true; 422 } else if (rt->dst.from) { 423 return rt6_check_expired((struct rt6_info *) rt->dst.from); 424 } 425 return false; 426 } 427 428 /* Multipath route selection: 429 * Hash based function using packet header and flowlabel. 430 * Adapted from fib_info_hashfn() 431 */ 432 static int rt6_info_hash_nhsfn(unsigned int candidate_count, 433 const struct flowi6 *fl6) 434 { 435 return get_hash_from_flowi6(fl6) % candidate_count; 436 } 437 438 static struct rt6_info *rt6_multipath_select(struct rt6_info *match, 439 struct flowi6 *fl6, int oif, 440 int strict) 441 { 442 struct rt6_info *sibling, *next_sibling; 443 int route_choosen; 444 445 route_choosen = rt6_info_hash_nhsfn(match->rt6i_nsiblings + 1, fl6); 446 /* Don't change the route, if route_choosen == 0 447 * (siblings does not include ourself) 448 */ 449 if (route_choosen) 450 list_for_each_entry_safe(sibling, next_sibling, 451 &match->rt6i_siblings, rt6i_siblings) { 452 route_choosen--; 453 if (route_choosen == 0) { 454 if (rt6_score_route(sibling, oif, strict) < 0) 455 break; 456 match = sibling; 457 break; 458 } 459 } 460 return match; 461 } 462 463 /* 464 * Route lookup. Any table->tb6_lock is implied. 465 */ 466 467 static inline struct rt6_info *rt6_device_match(struct net *net, 468 struct rt6_info *rt, 469 const struct in6_addr *saddr, 470 int oif, 471 int flags) 472 { 473 struct rt6_info *local = NULL; 474 struct rt6_info *sprt; 475 476 if (!oif && ipv6_addr_any(saddr)) 477 goto out; 478 479 for (sprt = rt; sprt; sprt = sprt->dst.rt6_next) { 480 struct net_device *dev = sprt->dst.dev; 481 482 if (oif) { 483 if (dev->ifindex == oif) 484 return sprt; 485 if (dev->flags & IFF_LOOPBACK) { 486 if (!sprt->rt6i_idev || 487 sprt->rt6i_idev->dev->ifindex != oif) { 488 if (flags & RT6_LOOKUP_F_IFACE) 489 continue; 490 if (local && 491 local->rt6i_idev->dev->ifindex == oif) 492 continue; 493 } 494 local = sprt; 495 } 496 } else { 497 if (ipv6_chk_addr(net, saddr, dev, 498 flags & RT6_LOOKUP_F_IFACE)) 499 return sprt; 500 } 501 } 502 503 if (oif) { 504 if (local) 505 return local; 506 507 if (flags & RT6_LOOKUP_F_IFACE) 508 return net->ipv6.ip6_null_entry; 509 } 510 out: 511 return rt; 512 } 513 514 #ifdef CONFIG_IPV6_ROUTER_PREF 515 struct __rt6_probe_work { 516 struct work_struct work; 517 struct in6_addr target; 518 struct net_device *dev; 519 }; 520 521 static void rt6_probe_deferred(struct work_struct *w) 522 { 523 struct in6_addr mcaddr; 524 struct __rt6_probe_work *work = 525 container_of(w, struct __rt6_probe_work, work); 526 527 addrconf_addr_solict_mult(&work->target, &mcaddr); 528 ndisc_send_ns(work->dev, &work->target, &mcaddr, NULL); 529 dev_put(work->dev); 530 kfree(work); 531 } 532 533 static void rt6_probe(struct rt6_info *rt) 534 { 535 struct __rt6_probe_work *work; 536 struct neighbour *neigh; 537 /* 538 * Okay, this does not seem to be appropriate 539 * for now, however, we need to check if it 540 * is really so; aka Router Reachability Probing. 541 * 542 * Router Reachability Probe MUST be rate-limited 543 * to no more than one per minute. 544 */ 545 if (!rt || !(rt->rt6i_flags & RTF_GATEWAY)) 546 return; 547 rcu_read_lock_bh(); 548 neigh = __ipv6_neigh_lookup_noref(rt->dst.dev, &rt->rt6i_gateway); 549 if (neigh) { 550 if (neigh->nud_state & NUD_VALID) 551 goto out; 552 553 work = NULL; 554 write_lock(&neigh->lock); 555 if (!(neigh->nud_state & NUD_VALID) && 556 time_after(jiffies, 557 neigh->updated + 558 rt->rt6i_idev->cnf.rtr_probe_interval)) { 559 work = kmalloc(sizeof(*work), GFP_ATOMIC); 560 if (work) 561 __neigh_set_probe_once(neigh); 562 } 563 write_unlock(&neigh->lock); 564 } else { 565 work = kmalloc(sizeof(*work), GFP_ATOMIC); 566 } 567 568 if (work) { 569 INIT_WORK(&work->work, rt6_probe_deferred); 570 work->target = rt->rt6i_gateway; 571 dev_hold(rt->dst.dev); 572 work->dev = rt->dst.dev; 573 schedule_work(&work->work); 574 } 575 576 out: 577 rcu_read_unlock_bh(); 578 } 579 #else 580 static inline void rt6_probe(struct rt6_info *rt) 581 { 582 } 583 #endif 584 585 /* 586 * Default Router Selection (RFC 2461 6.3.6) 587 */ 588 static inline int rt6_check_dev(struct rt6_info *rt, int oif) 589 { 590 struct net_device *dev = rt->dst.dev; 591 if (!oif || dev->ifindex == oif) 592 return 2; 593 if ((dev->flags & IFF_LOOPBACK) && 594 rt->rt6i_idev && rt->rt6i_idev->dev->ifindex == oif) 595 return 1; 596 return 0; 597 } 598 599 static inline enum rt6_nud_state rt6_check_neigh(struct rt6_info *rt) 600 { 601 struct neighbour *neigh; 602 enum rt6_nud_state ret = RT6_NUD_FAIL_HARD; 603 604 if (rt->rt6i_flags & RTF_NONEXTHOP || 605 !(rt->rt6i_flags & RTF_GATEWAY)) 606 return RT6_NUD_SUCCEED; 607 608 rcu_read_lock_bh(); 609 neigh = __ipv6_neigh_lookup_noref(rt->dst.dev, &rt->rt6i_gateway); 610 if (neigh) { 611 read_lock(&neigh->lock); 612 if (neigh->nud_state & NUD_VALID) 613 ret = RT6_NUD_SUCCEED; 614 #ifdef CONFIG_IPV6_ROUTER_PREF 615 else if (!(neigh->nud_state & NUD_FAILED)) 616 ret = RT6_NUD_SUCCEED; 617 else 618 ret = RT6_NUD_FAIL_PROBE; 619 #endif 620 read_unlock(&neigh->lock); 621 } else { 622 ret = IS_ENABLED(CONFIG_IPV6_ROUTER_PREF) ? 623 RT6_NUD_SUCCEED : RT6_NUD_FAIL_DO_RR; 624 } 625 rcu_read_unlock_bh(); 626 627 return ret; 628 } 629 630 static int rt6_score_route(struct rt6_info *rt, int oif, 631 int strict) 632 { 633 int m; 634 635 m = rt6_check_dev(rt, oif); 636 if (!m && (strict & RT6_LOOKUP_F_IFACE)) 637 return RT6_NUD_FAIL_HARD; 638 #ifdef CONFIG_IPV6_ROUTER_PREF 639 m |= IPV6_DECODE_PREF(IPV6_EXTRACT_PREF(rt->rt6i_flags)) << 2; 640 #endif 641 if (strict & RT6_LOOKUP_F_REACHABLE) { 642 int n = rt6_check_neigh(rt); 643 if (n < 0) 644 return n; 645 } 646 return m; 647 } 648 649 static struct rt6_info *find_match(struct rt6_info *rt, int oif, int strict, 650 int *mpri, struct rt6_info *match, 651 bool *do_rr) 652 { 653 int m; 654 bool match_do_rr = false; 655 struct inet6_dev *idev = rt->rt6i_idev; 656 struct net_device *dev = rt->dst.dev; 657 658 if (dev && !netif_carrier_ok(dev) && 659 idev->cnf.ignore_routes_with_linkdown) 660 goto out; 661 662 if (rt6_check_expired(rt)) 663 goto out; 664 665 m = rt6_score_route(rt, oif, strict); 666 if (m == RT6_NUD_FAIL_DO_RR) { 667 match_do_rr = true; 668 m = 0; /* lowest valid score */ 669 } else if (m == RT6_NUD_FAIL_HARD) { 670 goto out; 671 } 672 673 if (strict & RT6_LOOKUP_F_REACHABLE) 674 rt6_probe(rt); 675 676 /* note that m can be RT6_NUD_FAIL_PROBE at this point */ 677 if (m > *mpri) { 678 *do_rr = match_do_rr; 679 *mpri = m; 680 match = rt; 681 } 682 out: 683 return match; 684 } 685 686 static struct rt6_info *find_rr_leaf(struct fib6_node *fn, 687 struct rt6_info *rr_head, 688 u32 metric, int oif, int strict, 689 bool *do_rr) 690 { 691 struct rt6_info *rt, *match, *cont; 692 int mpri = -1; 693 694 match = NULL; 695 cont = NULL; 696 for (rt = rr_head; rt; rt = rt->dst.rt6_next) { 697 if (rt->rt6i_metric != metric) { 698 cont = rt; 699 break; 700 } 701 702 match = find_match(rt, oif, strict, &mpri, match, do_rr); 703 } 704 705 for (rt = fn->leaf; rt && rt != rr_head; rt = rt->dst.rt6_next) { 706 if (rt->rt6i_metric != metric) { 707 cont = rt; 708 break; 709 } 710 711 match = find_match(rt, oif, strict, &mpri, match, do_rr); 712 } 713 714 if (match || !cont) 715 return match; 716 717 for (rt = cont; rt; rt = rt->dst.rt6_next) 718 match = find_match(rt, oif, strict, &mpri, match, do_rr); 719 720 return match; 721 } 722 723 static struct rt6_info *rt6_select(struct fib6_node *fn, int oif, int strict) 724 { 725 struct rt6_info *match, *rt0; 726 struct net *net; 727 bool do_rr = false; 728 729 rt0 = fn->rr_ptr; 730 if (!rt0) 731 fn->rr_ptr = rt0 = fn->leaf; 732 733 match = find_rr_leaf(fn, rt0, rt0->rt6i_metric, oif, strict, 734 &do_rr); 735 736 if (do_rr) { 737 struct rt6_info *next = rt0->dst.rt6_next; 738 739 /* no entries matched; do round-robin */ 740 if (!next || next->rt6i_metric != rt0->rt6i_metric) 741 next = fn->leaf; 742 743 if (next != rt0) 744 fn->rr_ptr = next; 745 } 746 747 net = dev_net(rt0->dst.dev); 748 return match ? match : net->ipv6.ip6_null_entry; 749 } 750 751 static bool rt6_is_gw_or_nonexthop(const struct rt6_info *rt) 752 { 753 return (rt->rt6i_flags & (RTF_NONEXTHOP | RTF_GATEWAY)); 754 } 755 756 #ifdef CONFIG_IPV6_ROUTE_INFO 757 int rt6_route_rcv(struct net_device *dev, u8 *opt, int len, 758 const struct in6_addr *gwaddr) 759 { 760 struct net *net = dev_net(dev); 761 struct route_info *rinfo = (struct route_info *) opt; 762 struct in6_addr prefix_buf, *prefix; 763 unsigned int pref; 764 unsigned long lifetime; 765 struct rt6_info *rt; 766 767 if (len < sizeof(struct route_info)) { 768 return -EINVAL; 769 } 770 771 /* Sanity check for prefix_len and length */ 772 if (rinfo->length > 3) { 773 return -EINVAL; 774 } else if (rinfo->prefix_len > 128) { 775 return -EINVAL; 776 } else if (rinfo->prefix_len > 64) { 777 if (rinfo->length < 2) { 778 return -EINVAL; 779 } 780 } else if (rinfo->prefix_len > 0) { 781 if (rinfo->length < 1) { 782 return -EINVAL; 783 } 784 } 785 786 pref = rinfo->route_pref; 787 if (pref == ICMPV6_ROUTER_PREF_INVALID) 788 return -EINVAL; 789 790 lifetime = addrconf_timeout_fixup(ntohl(rinfo->lifetime), HZ); 791 792 if (rinfo->length == 3) 793 prefix = (struct in6_addr *)rinfo->prefix; 794 else { 795 /* this function is safe */ 796 ipv6_addr_prefix(&prefix_buf, 797 (struct in6_addr *)rinfo->prefix, 798 rinfo->prefix_len); 799 prefix = &prefix_buf; 800 } 801 802 if (rinfo->prefix_len == 0) 803 rt = rt6_get_dflt_router(gwaddr, dev); 804 else 805 rt = rt6_get_route_info(net, prefix, rinfo->prefix_len, 806 gwaddr, dev->ifindex); 807 808 if (rt && !lifetime) { 809 ip6_del_rt(rt); 810 rt = NULL; 811 } 812 813 if (!rt && lifetime) 814 rt = rt6_add_route_info(net, prefix, rinfo->prefix_len, gwaddr, dev->ifindex, 815 pref); 816 else if (rt) 817 rt->rt6i_flags = RTF_ROUTEINFO | 818 (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref); 819 820 if (rt) { 821 if (!addrconf_finite_timeout(lifetime)) 822 rt6_clean_expires(rt); 823 else 824 rt6_set_expires(rt, jiffies + HZ * lifetime); 825 826 ip6_rt_put(rt); 827 } 828 return 0; 829 } 830 #endif 831 832 static struct fib6_node* fib6_backtrack(struct fib6_node *fn, 833 struct in6_addr *saddr) 834 { 835 struct fib6_node *pn; 836 while (1) { 837 if (fn->fn_flags & RTN_TL_ROOT) 838 return NULL; 839 pn = fn->parent; 840 if (FIB6_SUBTREE(pn) && FIB6_SUBTREE(pn) != fn) 841 fn = fib6_lookup(FIB6_SUBTREE(pn), NULL, saddr); 842 else 843 fn = pn; 844 if (fn->fn_flags & RTN_RTINFO) 845 return fn; 846 } 847 } 848 849 static struct rt6_info *ip6_pol_route_lookup(struct net *net, 850 struct fib6_table *table, 851 struct flowi6 *fl6, int flags) 852 { 853 struct fib6_node *fn; 854 struct rt6_info *rt; 855 856 read_lock_bh(&table->tb6_lock); 857 fn = fib6_lookup(&table->tb6_root, &fl6->daddr, &fl6->saddr); 858 restart: 859 rt = fn->leaf; 860 rt = rt6_device_match(net, rt, &fl6->saddr, fl6->flowi6_oif, flags); 861 if (rt->rt6i_nsiblings && fl6->flowi6_oif == 0) 862 rt = rt6_multipath_select(rt, fl6, fl6->flowi6_oif, flags); 863 if (rt == net->ipv6.ip6_null_entry) { 864 fn = fib6_backtrack(fn, &fl6->saddr); 865 if (fn) 866 goto restart; 867 } 868 dst_use(&rt->dst, jiffies); 869 read_unlock_bh(&table->tb6_lock); 870 871 trace_fib6_table_lookup(net, rt, table->tb6_id, fl6); 872 873 return rt; 874 875 } 876 877 struct dst_entry *ip6_route_lookup(struct net *net, struct flowi6 *fl6, 878 int flags) 879 { 880 return fib6_rule_lookup(net, fl6, flags, ip6_pol_route_lookup); 881 } 882 EXPORT_SYMBOL_GPL(ip6_route_lookup); 883 884 struct rt6_info *rt6_lookup(struct net *net, const struct in6_addr *daddr, 885 const struct in6_addr *saddr, int oif, int strict) 886 { 887 struct flowi6 fl6 = { 888 .flowi6_oif = oif, 889 .daddr = *daddr, 890 }; 891 struct dst_entry *dst; 892 int flags = strict ? RT6_LOOKUP_F_IFACE : 0; 893 894 if (saddr) { 895 memcpy(&fl6.saddr, saddr, sizeof(*saddr)); 896 flags |= RT6_LOOKUP_F_HAS_SADDR; 897 } 898 899 dst = fib6_rule_lookup(net, &fl6, flags, ip6_pol_route_lookup); 900 if (dst->error == 0) 901 return (struct rt6_info *) dst; 902 903 dst_release(dst); 904 905 return NULL; 906 } 907 EXPORT_SYMBOL(rt6_lookup); 908 909 /* ip6_ins_rt is called with FREE table->tb6_lock. 910 It takes new route entry, the addition fails by any reason the 911 route is freed. In any case, if caller does not hold it, it may 912 be destroyed. 913 */ 914 915 static int __ip6_ins_rt(struct rt6_info *rt, struct nl_info *info, 916 struct mx6_config *mxc) 917 { 918 int err; 919 struct fib6_table *table; 920 921 table = rt->rt6i_table; 922 write_lock_bh(&table->tb6_lock); 923 err = fib6_add(&table->tb6_root, rt, info, mxc); 924 write_unlock_bh(&table->tb6_lock); 925 926 return err; 927 } 928 929 int ip6_ins_rt(struct rt6_info *rt) 930 { 931 struct nl_info info = { .nl_net = dev_net(rt->dst.dev), }; 932 struct mx6_config mxc = { .mx = NULL, }; 933 934 return __ip6_ins_rt(rt, &info, &mxc); 935 } 936 937 static struct rt6_info *ip6_rt_cache_alloc(struct rt6_info *ort, 938 const struct in6_addr *daddr, 939 const struct in6_addr *saddr) 940 { 941 struct rt6_info *rt; 942 943 /* 944 * Clone the route. 945 */ 946 947 if (ort->rt6i_flags & (RTF_CACHE | RTF_PCPU)) 948 ort = (struct rt6_info *)ort->dst.from; 949 950 rt = __ip6_dst_alloc(dev_net(ort->dst.dev), ort->dst.dev, 0); 951 952 if (!rt) 953 return NULL; 954 955 ip6_rt_copy_init(rt, ort); 956 rt->rt6i_flags |= RTF_CACHE; 957 rt->rt6i_metric = 0; 958 rt->dst.flags |= DST_HOST; 959 rt->rt6i_dst.addr = *daddr; 960 rt->rt6i_dst.plen = 128; 961 962 if (!rt6_is_gw_or_nonexthop(ort)) { 963 if (ort->rt6i_dst.plen != 128 && 964 ipv6_addr_equal(&ort->rt6i_dst.addr, daddr)) 965 rt->rt6i_flags |= RTF_ANYCAST; 966 #ifdef CONFIG_IPV6_SUBTREES 967 if (rt->rt6i_src.plen && saddr) { 968 rt->rt6i_src.addr = *saddr; 969 rt->rt6i_src.plen = 128; 970 } 971 #endif 972 } 973 974 return rt; 975 } 976 977 static struct rt6_info *ip6_rt_pcpu_alloc(struct rt6_info *rt) 978 { 979 struct rt6_info *pcpu_rt; 980 981 pcpu_rt = __ip6_dst_alloc(dev_net(rt->dst.dev), 982 rt->dst.dev, rt->dst.flags); 983 984 if (!pcpu_rt) 985 return NULL; 986 ip6_rt_copy_init(pcpu_rt, rt); 987 pcpu_rt->rt6i_protocol = rt->rt6i_protocol; 988 pcpu_rt->rt6i_flags |= RTF_PCPU; 989 return pcpu_rt; 990 } 991 992 /* It should be called with read_lock_bh(&tb6_lock) acquired */ 993 static struct rt6_info *rt6_get_pcpu_route(struct rt6_info *rt) 994 { 995 struct rt6_info *pcpu_rt, **p; 996 997 p = this_cpu_ptr(rt->rt6i_pcpu); 998 pcpu_rt = *p; 999 1000 if (pcpu_rt) { 1001 dst_hold(&pcpu_rt->dst); 1002 rt6_dst_from_metrics_check(pcpu_rt); 1003 } 1004 return pcpu_rt; 1005 } 1006 1007 static struct rt6_info *rt6_make_pcpu_route(struct rt6_info *rt) 1008 { 1009 struct fib6_table *table = rt->rt6i_table; 1010 struct rt6_info *pcpu_rt, *prev, **p; 1011 1012 pcpu_rt = ip6_rt_pcpu_alloc(rt); 1013 if (!pcpu_rt) { 1014 struct net *net = dev_net(rt->dst.dev); 1015 1016 dst_hold(&net->ipv6.ip6_null_entry->dst); 1017 return net->ipv6.ip6_null_entry; 1018 } 1019 1020 read_lock_bh(&table->tb6_lock); 1021 if (rt->rt6i_pcpu) { 1022 p = this_cpu_ptr(rt->rt6i_pcpu); 1023 prev = cmpxchg(p, NULL, pcpu_rt); 1024 if (prev) { 1025 /* If someone did it before us, return prev instead */ 1026 dst_destroy(&pcpu_rt->dst); 1027 pcpu_rt = prev; 1028 } 1029 } else { 1030 /* rt has been removed from the fib6 tree 1031 * before we have a chance to acquire the read_lock. 1032 * In this case, don't brother to create a pcpu rt 1033 * since rt is going away anyway. The next 1034 * dst_check() will trigger a re-lookup. 1035 */ 1036 dst_destroy(&pcpu_rt->dst); 1037 pcpu_rt = rt; 1038 } 1039 dst_hold(&pcpu_rt->dst); 1040 rt6_dst_from_metrics_check(pcpu_rt); 1041 read_unlock_bh(&table->tb6_lock); 1042 return pcpu_rt; 1043 } 1044 1045 static struct rt6_info *ip6_pol_route(struct net *net, struct fib6_table *table, int oif, 1046 struct flowi6 *fl6, int flags) 1047 { 1048 struct fib6_node *fn, *saved_fn; 1049 struct rt6_info *rt; 1050 int strict = 0; 1051 1052 strict |= flags & RT6_LOOKUP_F_IFACE; 1053 if (net->ipv6.devconf_all->forwarding == 0) 1054 strict |= RT6_LOOKUP_F_REACHABLE; 1055 1056 read_lock_bh(&table->tb6_lock); 1057 1058 fn = fib6_lookup(&table->tb6_root, &fl6->daddr, &fl6->saddr); 1059 saved_fn = fn; 1060 1061 if (fl6->flowi6_flags & FLOWI_FLAG_SKIP_NH_OIF) 1062 oif = 0; 1063 1064 redo_rt6_select: 1065 rt = rt6_select(fn, oif, strict); 1066 if (rt->rt6i_nsiblings) 1067 rt = rt6_multipath_select(rt, fl6, oif, strict); 1068 if (rt == net->ipv6.ip6_null_entry) { 1069 fn = fib6_backtrack(fn, &fl6->saddr); 1070 if (fn) 1071 goto redo_rt6_select; 1072 else if (strict & RT6_LOOKUP_F_REACHABLE) { 1073 /* also consider unreachable route */ 1074 strict &= ~RT6_LOOKUP_F_REACHABLE; 1075 fn = saved_fn; 1076 goto redo_rt6_select; 1077 } 1078 } 1079 1080 1081 if (rt == net->ipv6.ip6_null_entry || (rt->rt6i_flags & RTF_CACHE)) { 1082 dst_use(&rt->dst, jiffies); 1083 read_unlock_bh(&table->tb6_lock); 1084 1085 rt6_dst_from_metrics_check(rt); 1086 1087 trace_fib6_table_lookup(net, rt, table->tb6_id, fl6); 1088 return rt; 1089 } else if (unlikely((fl6->flowi6_flags & FLOWI_FLAG_KNOWN_NH) && 1090 !(rt->rt6i_flags & RTF_GATEWAY))) { 1091 /* Create a RTF_CACHE clone which will not be 1092 * owned by the fib6 tree. It is for the special case where 1093 * the daddr in the skb during the neighbor look-up is different 1094 * from the fl6->daddr used to look-up route here. 1095 */ 1096 1097 struct rt6_info *uncached_rt; 1098 1099 dst_use(&rt->dst, jiffies); 1100 read_unlock_bh(&table->tb6_lock); 1101 1102 uncached_rt = ip6_rt_cache_alloc(rt, &fl6->daddr, NULL); 1103 dst_release(&rt->dst); 1104 1105 if (uncached_rt) 1106 rt6_uncached_list_add(uncached_rt); 1107 else 1108 uncached_rt = net->ipv6.ip6_null_entry; 1109 1110 dst_hold(&uncached_rt->dst); 1111 1112 trace_fib6_table_lookup(net, uncached_rt, table->tb6_id, fl6); 1113 return uncached_rt; 1114 1115 } else { 1116 /* Get a percpu copy */ 1117 1118 struct rt6_info *pcpu_rt; 1119 1120 rt->dst.lastuse = jiffies; 1121 rt->dst.__use++; 1122 pcpu_rt = rt6_get_pcpu_route(rt); 1123 1124 if (pcpu_rt) { 1125 read_unlock_bh(&table->tb6_lock); 1126 } else { 1127 /* We have to do the read_unlock first 1128 * because rt6_make_pcpu_route() may trigger 1129 * ip6_dst_gc() which will take the write_lock. 1130 */ 1131 dst_hold(&rt->dst); 1132 read_unlock_bh(&table->tb6_lock); 1133 pcpu_rt = rt6_make_pcpu_route(rt); 1134 dst_release(&rt->dst); 1135 } 1136 1137 trace_fib6_table_lookup(net, pcpu_rt, table->tb6_id, fl6); 1138 return pcpu_rt; 1139 1140 } 1141 } 1142 1143 static struct rt6_info *ip6_pol_route_input(struct net *net, struct fib6_table *table, 1144 struct flowi6 *fl6, int flags) 1145 { 1146 return ip6_pol_route(net, table, fl6->flowi6_iif, fl6, flags); 1147 } 1148 1149 static struct dst_entry *ip6_route_input_lookup(struct net *net, 1150 struct net_device *dev, 1151 struct flowi6 *fl6, int flags) 1152 { 1153 if (rt6_need_strict(&fl6->daddr) && dev->type != ARPHRD_PIMREG) 1154 flags |= RT6_LOOKUP_F_IFACE; 1155 1156 return fib6_rule_lookup(net, fl6, flags, ip6_pol_route_input); 1157 } 1158 1159 void ip6_route_input(struct sk_buff *skb) 1160 { 1161 const struct ipv6hdr *iph = ipv6_hdr(skb); 1162 struct net *net = dev_net(skb->dev); 1163 int flags = RT6_LOOKUP_F_HAS_SADDR; 1164 struct ip_tunnel_info *tun_info; 1165 struct flowi6 fl6 = { 1166 .flowi6_iif = l3mdev_fib_oif(skb->dev), 1167 .daddr = iph->daddr, 1168 .saddr = iph->saddr, 1169 .flowlabel = ip6_flowinfo(iph), 1170 .flowi6_mark = skb->mark, 1171 .flowi6_proto = iph->nexthdr, 1172 }; 1173 1174 tun_info = skb_tunnel_info(skb); 1175 if (tun_info && !(tun_info->mode & IP_TUNNEL_INFO_TX)) 1176 fl6.flowi6_tun_key.tun_id = tun_info->key.tun_id; 1177 skb_dst_drop(skb); 1178 skb_dst_set(skb, ip6_route_input_lookup(net, skb->dev, &fl6, flags)); 1179 } 1180 1181 static struct rt6_info *ip6_pol_route_output(struct net *net, struct fib6_table *table, 1182 struct flowi6 *fl6, int flags) 1183 { 1184 return ip6_pol_route(net, table, fl6->flowi6_oif, fl6, flags); 1185 } 1186 1187 struct dst_entry *ip6_route_output_flags(struct net *net, const struct sock *sk, 1188 struct flowi6 *fl6, int flags) 1189 { 1190 struct dst_entry *dst; 1191 bool any_src; 1192 1193 dst = l3mdev_get_rt6_dst(net, fl6); 1194 if (dst) 1195 return dst; 1196 1197 fl6->flowi6_iif = LOOPBACK_IFINDEX; 1198 1199 any_src = ipv6_addr_any(&fl6->saddr); 1200 if ((sk && sk->sk_bound_dev_if) || rt6_need_strict(&fl6->daddr) || 1201 (fl6->flowi6_oif && any_src)) 1202 flags |= RT6_LOOKUP_F_IFACE; 1203 1204 if (!any_src) 1205 flags |= RT6_LOOKUP_F_HAS_SADDR; 1206 else if (sk) 1207 flags |= rt6_srcprefs2flags(inet6_sk(sk)->srcprefs); 1208 1209 return fib6_rule_lookup(net, fl6, flags, ip6_pol_route_output); 1210 } 1211 EXPORT_SYMBOL_GPL(ip6_route_output_flags); 1212 1213 struct dst_entry *ip6_blackhole_route(struct net *net, struct dst_entry *dst_orig) 1214 { 1215 struct rt6_info *rt, *ort = (struct rt6_info *) dst_orig; 1216 struct dst_entry *new = NULL; 1217 1218 rt = dst_alloc(&ip6_dst_blackhole_ops, ort->dst.dev, 1, DST_OBSOLETE_NONE, 0); 1219 if (rt) { 1220 rt6_info_init(rt); 1221 1222 new = &rt->dst; 1223 new->__use = 1; 1224 new->input = dst_discard; 1225 new->output = dst_discard_out; 1226 1227 dst_copy_metrics(new, &ort->dst); 1228 rt->rt6i_idev = ort->rt6i_idev; 1229 if (rt->rt6i_idev) 1230 in6_dev_hold(rt->rt6i_idev); 1231 1232 rt->rt6i_gateway = ort->rt6i_gateway; 1233 rt->rt6i_flags = ort->rt6i_flags & ~RTF_PCPU; 1234 rt->rt6i_metric = 0; 1235 1236 memcpy(&rt->rt6i_dst, &ort->rt6i_dst, sizeof(struct rt6key)); 1237 #ifdef CONFIG_IPV6_SUBTREES 1238 memcpy(&rt->rt6i_src, &ort->rt6i_src, sizeof(struct rt6key)); 1239 #endif 1240 1241 dst_free(new); 1242 } 1243 1244 dst_release(dst_orig); 1245 return new ? new : ERR_PTR(-ENOMEM); 1246 } 1247 1248 /* 1249 * Destination cache support functions 1250 */ 1251 1252 static void rt6_dst_from_metrics_check(struct rt6_info *rt) 1253 { 1254 if (rt->dst.from && 1255 dst_metrics_ptr(&rt->dst) != dst_metrics_ptr(rt->dst.from)) 1256 dst_init_metrics(&rt->dst, dst_metrics_ptr(rt->dst.from), true); 1257 } 1258 1259 static struct dst_entry *rt6_check(struct rt6_info *rt, u32 cookie) 1260 { 1261 if (!rt->rt6i_node || (rt->rt6i_node->fn_sernum != cookie)) 1262 return NULL; 1263 1264 if (rt6_check_expired(rt)) 1265 return NULL; 1266 1267 return &rt->dst; 1268 } 1269 1270 static struct dst_entry *rt6_dst_from_check(struct rt6_info *rt, u32 cookie) 1271 { 1272 if (!__rt6_check_expired(rt) && 1273 rt->dst.obsolete == DST_OBSOLETE_FORCE_CHK && 1274 rt6_check((struct rt6_info *)(rt->dst.from), cookie)) 1275 return &rt->dst; 1276 else 1277 return NULL; 1278 } 1279 1280 static struct dst_entry *ip6_dst_check(struct dst_entry *dst, u32 cookie) 1281 { 1282 struct rt6_info *rt; 1283 1284 rt = (struct rt6_info *) dst; 1285 1286 /* All IPV6 dsts are created with ->obsolete set to the value 1287 * DST_OBSOLETE_FORCE_CHK which forces validation calls down 1288 * into this function always. 1289 */ 1290 1291 rt6_dst_from_metrics_check(rt); 1292 1293 if (rt->rt6i_flags & RTF_PCPU || 1294 (unlikely(dst->flags & DST_NOCACHE) && rt->dst.from)) 1295 return rt6_dst_from_check(rt, cookie); 1296 else 1297 return rt6_check(rt, cookie); 1298 } 1299 1300 static struct dst_entry *ip6_negative_advice(struct dst_entry *dst) 1301 { 1302 struct rt6_info *rt = (struct rt6_info *) dst; 1303 1304 if (rt) { 1305 if (rt->rt6i_flags & RTF_CACHE) { 1306 if (rt6_check_expired(rt)) { 1307 ip6_del_rt(rt); 1308 dst = NULL; 1309 } 1310 } else { 1311 dst_release(dst); 1312 dst = NULL; 1313 } 1314 } 1315 return dst; 1316 } 1317 1318 static void ip6_link_failure(struct sk_buff *skb) 1319 { 1320 struct rt6_info *rt; 1321 1322 icmpv6_send(skb, ICMPV6_DEST_UNREACH, ICMPV6_ADDR_UNREACH, 0); 1323 1324 rt = (struct rt6_info *) skb_dst(skb); 1325 if (rt) { 1326 if (rt->rt6i_flags & RTF_CACHE) { 1327 dst_hold(&rt->dst); 1328 ip6_del_rt(rt); 1329 } else if (rt->rt6i_node && (rt->rt6i_flags & RTF_DEFAULT)) { 1330 rt->rt6i_node->fn_sernum = -1; 1331 } 1332 } 1333 } 1334 1335 static void rt6_do_update_pmtu(struct rt6_info *rt, u32 mtu) 1336 { 1337 struct net *net = dev_net(rt->dst.dev); 1338 1339 rt->rt6i_flags |= RTF_MODIFIED; 1340 rt->rt6i_pmtu = mtu; 1341 rt6_update_expires(rt, net->ipv6.sysctl.ip6_rt_mtu_expires); 1342 } 1343 1344 static bool rt6_cache_allowed_for_pmtu(const struct rt6_info *rt) 1345 { 1346 return !(rt->rt6i_flags & RTF_CACHE) && 1347 (rt->rt6i_flags & RTF_PCPU || rt->rt6i_node); 1348 } 1349 1350 static void __ip6_rt_update_pmtu(struct dst_entry *dst, const struct sock *sk, 1351 const struct ipv6hdr *iph, u32 mtu) 1352 { 1353 struct rt6_info *rt6 = (struct rt6_info *)dst; 1354 1355 if (rt6->rt6i_flags & RTF_LOCAL) 1356 return; 1357 1358 dst_confirm(dst); 1359 mtu = max_t(u32, mtu, IPV6_MIN_MTU); 1360 if (mtu >= dst_mtu(dst)) 1361 return; 1362 1363 if (!rt6_cache_allowed_for_pmtu(rt6)) { 1364 rt6_do_update_pmtu(rt6, mtu); 1365 } else { 1366 const struct in6_addr *daddr, *saddr; 1367 struct rt6_info *nrt6; 1368 1369 if (iph) { 1370 daddr = &iph->daddr; 1371 saddr = &iph->saddr; 1372 } else if (sk) { 1373 daddr = &sk->sk_v6_daddr; 1374 saddr = &inet6_sk(sk)->saddr; 1375 } else { 1376 return; 1377 } 1378 nrt6 = ip6_rt_cache_alloc(rt6, daddr, saddr); 1379 if (nrt6) { 1380 rt6_do_update_pmtu(nrt6, mtu); 1381 1382 /* ip6_ins_rt(nrt6) will bump the 1383 * rt6->rt6i_node->fn_sernum 1384 * which will fail the next rt6_check() and 1385 * invalidate the sk->sk_dst_cache. 1386 */ 1387 ip6_ins_rt(nrt6); 1388 } 1389 } 1390 } 1391 1392 static void ip6_rt_update_pmtu(struct dst_entry *dst, struct sock *sk, 1393 struct sk_buff *skb, u32 mtu) 1394 { 1395 __ip6_rt_update_pmtu(dst, sk, skb ? ipv6_hdr(skb) : NULL, mtu); 1396 } 1397 1398 void ip6_update_pmtu(struct sk_buff *skb, struct net *net, __be32 mtu, 1399 int oif, u32 mark) 1400 { 1401 const struct ipv6hdr *iph = (struct ipv6hdr *) skb->data; 1402 struct dst_entry *dst; 1403 struct flowi6 fl6; 1404 1405 memset(&fl6, 0, sizeof(fl6)); 1406 fl6.flowi6_oif = oif; 1407 fl6.flowi6_mark = mark ? mark : IP6_REPLY_MARK(net, skb->mark); 1408 fl6.daddr = iph->daddr; 1409 fl6.saddr = iph->saddr; 1410 fl6.flowlabel = ip6_flowinfo(iph); 1411 1412 dst = ip6_route_output(net, NULL, &fl6); 1413 if (!dst->error) 1414 __ip6_rt_update_pmtu(dst, NULL, iph, ntohl(mtu)); 1415 dst_release(dst); 1416 } 1417 EXPORT_SYMBOL_GPL(ip6_update_pmtu); 1418 1419 void ip6_sk_update_pmtu(struct sk_buff *skb, struct sock *sk, __be32 mtu) 1420 { 1421 struct dst_entry *dst; 1422 1423 ip6_update_pmtu(skb, sock_net(sk), mtu, 1424 sk->sk_bound_dev_if, sk->sk_mark); 1425 1426 dst = __sk_dst_get(sk); 1427 if (!dst || !dst->obsolete || 1428 dst->ops->check(dst, inet6_sk(sk)->dst_cookie)) 1429 return; 1430 1431 bh_lock_sock(sk); 1432 if (!sock_owned_by_user(sk) && !ipv6_addr_v4mapped(&sk->sk_v6_daddr)) 1433 ip6_datagram_dst_update(sk, false); 1434 bh_unlock_sock(sk); 1435 } 1436 EXPORT_SYMBOL_GPL(ip6_sk_update_pmtu); 1437 1438 /* Handle redirects */ 1439 struct ip6rd_flowi { 1440 struct flowi6 fl6; 1441 struct in6_addr gateway; 1442 }; 1443 1444 static struct rt6_info *__ip6_route_redirect(struct net *net, 1445 struct fib6_table *table, 1446 struct flowi6 *fl6, 1447 int flags) 1448 { 1449 struct ip6rd_flowi *rdfl = (struct ip6rd_flowi *)fl6; 1450 struct rt6_info *rt; 1451 struct fib6_node *fn; 1452 1453 /* Get the "current" route for this destination and 1454 * check if the redirect has come from approriate router. 1455 * 1456 * RFC 4861 specifies that redirects should only be 1457 * accepted if they come from the nexthop to the target. 1458 * Due to the way the routes are chosen, this notion 1459 * is a bit fuzzy and one might need to check all possible 1460 * routes. 1461 */ 1462 1463 read_lock_bh(&table->tb6_lock); 1464 fn = fib6_lookup(&table->tb6_root, &fl6->daddr, &fl6->saddr); 1465 restart: 1466 for (rt = fn->leaf; rt; rt = rt->dst.rt6_next) { 1467 if (rt6_check_expired(rt)) 1468 continue; 1469 if (rt->dst.error) 1470 break; 1471 if (!(rt->rt6i_flags & RTF_GATEWAY)) 1472 continue; 1473 if (fl6->flowi6_oif != rt->dst.dev->ifindex) 1474 continue; 1475 if (!ipv6_addr_equal(&rdfl->gateway, &rt->rt6i_gateway)) 1476 continue; 1477 break; 1478 } 1479 1480 if (!rt) 1481 rt = net->ipv6.ip6_null_entry; 1482 else if (rt->dst.error) { 1483 rt = net->ipv6.ip6_null_entry; 1484 goto out; 1485 } 1486 1487 if (rt == net->ipv6.ip6_null_entry) { 1488 fn = fib6_backtrack(fn, &fl6->saddr); 1489 if (fn) 1490 goto restart; 1491 } 1492 1493 out: 1494 dst_hold(&rt->dst); 1495 1496 read_unlock_bh(&table->tb6_lock); 1497 1498 trace_fib6_table_lookup(net, rt, table->tb6_id, fl6); 1499 return rt; 1500 }; 1501 1502 static struct dst_entry *ip6_route_redirect(struct net *net, 1503 const struct flowi6 *fl6, 1504 const struct in6_addr *gateway) 1505 { 1506 int flags = RT6_LOOKUP_F_HAS_SADDR; 1507 struct ip6rd_flowi rdfl; 1508 1509 rdfl.fl6 = *fl6; 1510 rdfl.gateway = *gateway; 1511 1512 return fib6_rule_lookup(net, &rdfl.fl6, 1513 flags, __ip6_route_redirect); 1514 } 1515 1516 void ip6_redirect(struct sk_buff *skb, struct net *net, int oif, u32 mark) 1517 { 1518 const struct ipv6hdr *iph = (struct ipv6hdr *) skb->data; 1519 struct dst_entry *dst; 1520 struct flowi6 fl6; 1521 1522 memset(&fl6, 0, sizeof(fl6)); 1523 fl6.flowi6_iif = LOOPBACK_IFINDEX; 1524 fl6.flowi6_oif = oif; 1525 fl6.flowi6_mark = mark; 1526 fl6.daddr = iph->daddr; 1527 fl6.saddr = iph->saddr; 1528 fl6.flowlabel = ip6_flowinfo(iph); 1529 1530 dst = ip6_route_redirect(net, &fl6, &ipv6_hdr(skb)->saddr); 1531 rt6_do_redirect(dst, NULL, skb); 1532 dst_release(dst); 1533 } 1534 EXPORT_SYMBOL_GPL(ip6_redirect); 1535 1536 void ip6_redirect_no_header(struct sk_buff *skb, struct net *net, int oif, 1537 u32 mark) 1538 { 1539 const struct ipv6hdr *iph = ipv6_hdr(skb); 1540 const struct rd_msg *msg = (struct rd_msg *)icmp6_hdr(skb); 1541 struct dst_entry *dst; 1542 struct flowi6 fl6; 1543 1544 memset(&fl6, 0, sizeof(fl6)); 1545 fl6.flowi6_iif = LOOPBACK_IFINDEX; 1546 fl6.flowi6_oif = oif; 1547 fl6.flowi6_mark = mark; 1548 fl6.daddr = msg->dest; 1549 fl6.saddr = iph->daddr; 1550 1551 dst = ip6_route_redirect(net, &fl6, &iph->saddr); 1552 rt6_do_redirect(dst, NULL, skb); 1553 dst_release(dst); 1554 } 1555 1556 void ip6_sk_redirect(struct sk_buff *skb, struct sock *sk) 1557 { 1558 ip6_redirect(skb, sock_net(sk), sk->sk_bound_dev_if, sk->sk_mark); 1559 } 1560 EXPORT_SYMBOL_GPL(ip6_sk_redirect); 1561 1562 static unsigned int ip6_default_advmss(const struct dst_entry *dst) 1563 { 1564 struct net_device *dev = dst->dev; 1565 unsigned int mtu = dst_mtu(dst); 1566 struct net *net = dev_net(dev); 1567 1568 mtu -= sizeof(struct ipv6hdr) + sizeof(struct tcphdr); 1569 1570 if (mtu < net->ipv6.sysctl.ip6_rt_min_advmss) 1571 mtu = net->ipv6.sysctl.ip6_rt_min_advmss; 1572 1573 /* 1574 * Maximal non-jumbo IPv6 payload is IPV6_MAXPLEN and 1575 * corresponding MSS is IPV6_MAXPLEN - tcp_header_size. 1576 * IPV6_MAXPLEN is also valid and means: "any MSS, 1577 * rely only on pmtu discovery" 1578 */ 1579 if (mtu > IPV6_MAXPLEN - sizeof(struct tcphdr)) 1580 mtu = IPV6_MAXPLEN; 1581 return mtu; 1582 } 1583 1584 static unsigned int ip6_mtu(const struct dst_entry *dst) 1585 { 1586 const struct rt6_info *rt = (const struct rt6_info *)dst; 1587 unsigned int mtu = rt->rt6i_pmtu; 1588 struct inet6_dev *idev; 1589 1590 if (mtu) 1591 goto out; 1592 1593 mtu = dst_metric_raw(dst, RTAX_MTU); 1594 if (mtu) 1595 goto out; 1596 1597 mtu = IPV6_MIN_MTU; 1598 1599 rcu_read_lock(); 1600 idev = __in6_dev_get(dst->dev); 1601 if (idev) 1602 mtu = idev->cnf.mtu6; 1603 rcu_read_unlock(); 1604 1605 out: 1606 return min_t(unsigned int, mtu, IP6_MAX_MTU); 1607 } 1608 1609 static struct dst_entry *icmp6_dst_gc_list; 1610 static DEFINE_SPINLOCK(icmp6_dst_lock); 1611 1612 struct dst_entry *icmp6_dst_alloc(struct net_device *dev, 1613 struct flowi6 *fl6) 1614 { 1615 struct dst_entry *dst; 1616 struct rt6_info *rt; 1617 struct inet6_dev *idev = in6_dev_get(dev); 1618 struct net *net = dev_net(dev); 1619 1620 if (unlikely(!idev)) 1621 return ERR_PTR(-ENODEV); 1622 1623 rt = ip6_dst_alloc(net, dev, 0); 1624 if (unlikely(!rt)) { 1625 in6_dev_put(idev); 1626 dst = ERR_PTR(-ENOMEM); 1627 goto out; 1628 } 1629 1630 rt->dst.flags |= DST_HOST; 1631 rt->dst.output = ip6_output; 1632 atomic_set(&rt->dst.__refcnt, 1); 1633 rt->rt6i_gateway = fl6->daddr; 1634 rt->rt6i_dst.addr = fl6->daddr; 1635 rt->rt6i_dst.plen = 128; 1636 rt->rt6i_idev = idev; 1637 dst_metric_set(&rt->dst, RTAX_HOPLIMIT, 0); 1638 1639 spin_lock_bh(&icmp6_dst_lock); 1640 rt->dst.next = icmp6_dst_gc_list; 1641 icmp6_dst_gc_list = &rt->dst; 1642 spin_unlock_bh(&icmp6_dst_lock); 1643 1644 fib6_force_start_gc(net); 1645 1646 dst = xfrm_lookup(net, &rt->dst, flowi6_to_flowi(fl6), NULL, 0); 1647 1648 out: 1649 return dst; 1650 } 1651 1652 int icmp6_dst_gc(void) 1653 { 1654 struct dst_entry *dst, **pprev; 1655 int more = 0; 1656 1657 spin_lock_bh(&icmp6_dst_lock); 1658 pprev = &icmp6_dst_gc_list; 1659 1660 while ((dst = *pprev) != NULL) { 1661 if (!atomic_read(&dst->__refcnt)) { 1662 *pprev = dst->next; 1663 dst_free(dst); 1664 } else { 1665 pprev = &dst->next; 1666 ++more; 1667 } 1668 } 1669 1670 spin_unlock_bh(&icmp6_dst_lock); 1671 1672 return more; 1673 } 1674 1675 static void icmp6_clean_all(int (*func)(struct rt6_info *rt, void *arg), 1676 void *arg) 1677 { 1678 struct dst_entry *dst, **pprev; 1679 1680 spin_lock_bh(&icmp6_dst_lock); 1681 pprev = &icmp6_dst_gc_list; 1682 while ((dst = *pprev) != NULL) { 1683 struct rt6_info *rt = (struct rt6_info *) dst; 1684 if (func(rt, arg)) { 1685 *pprev = dst->next; 1686 dst_free(dst); 1687 } else { 1688 pprev = &dst->next; 1689 } 1690 } 1691 spin_unlock_bh(&icmp6_dst_lock); 1692 } 1693 1694 static int ip6_dst_gc(struct dst_ops *ops) 1695 { 1696 struct net *net = container_of(ops, struct net, ipv6.ip6_dst_ops); 1697 int rt_min_interval = net->ipv6.sysctl.ip6_rt_gc_min_interval; 1698 int rt_max_size = net->ipv6.sysctl.ip6_rt_max_size; 1699 int rt_elasticity = net->ipv6.sysctl.ip6_rt_gc_elasticity; 1700 int rt_gc_timeout = net->ipv6.sysctl.ip6_rt_gc_timeout; 1701 unsigned long rt_last_gc = net->ipv6.ip6_rt_last_gc; 1702 int entries; 1703 1704 entries = dst_entries_get_fast(ops); 1705 if (time_after(rt_last_gc + rt_min_interval, jiffies) && 1706 entries <= rt_max_size) 1707 goto out; 1708 1709 net->ipv6.ip6_rt_gc_expire++; 1710 fib6_run_gc(net->ipv6.ip6_rt_gc_expire, net, true); 1711 entries = dst_entries_get_slow(ops); 1712 if (entries < ops->gc_thresh) 1713 net->ipv6.ip6_rt_gc_expire = rt_gc_timeout>>1; 1714 out: 1715 net->ipv6.ip6_rt_gc_expire -= net->ipv6.ip6_rt_gc_expire>>rt_elasticity; 1716 return entries > rt_max_size; 1717 } 1718 1719 static int ip6_convert_metrics(struct mx6_config *mxc, 1720 const struct fib6_config *cfg) 1721 { 1722 bool ecn_ca = false; 1723 struct nlattr *nla; 1724 int remaining; 1725 u32 *mp; 1726 1727 if (!cfg->fc_mx) 1728 return 0; 1729 1730 mp = kzalloc(sizeof(u32) * RTAX_MAX, GFP_KERNEL); 1731 if (unlikely(!mp)) 1732 return -ENOMEM; 1733 1734 nla_for_each_attr(nla, cfg->fc_mx, cfg->fc_mx_len, remaining) { 1735 int type = nla_type(nla); 1736 u32 val; 1737 1738 if (!type) 1739 continue; 1740 if (unlikely(type > RTAX_MAX)) 1741 goto err; 1742 1743 if (type == RTAX_CC_ALGO) { 1744 char tmp[TCP_CA_NAME_MAX]; 1745 1746 nla_strlcpy(tmp, nla, sizeof(tmp)); 1747 val = tcp_ca_get_key_by_name(tmp, &ecn_ca); 1748 if (val == TCP_CA_UNSPEC) 1749 goto err; 1750 } else { 1751 val = nla_get_u32(nla); 1752 } 1753 if (type == RTAX_FEATURES && (val & ~RTAX_FEATURE_MASK)) 1754 goto err; 1755 1756 mp[type - 1] = val; 1757 __set_bit(type - 1, mxc->mx_valid); 1758 } 1759 1760 if (ecn_ca) { 1761 __set_bit(RTAX_FEATURES - 1, mxc->mx_valid); 1762 mp[RTAX_FEATURES - 1] |= DST_FEATURE_ECN_CA; 1763 } 1764 1765 mxc->mx = mp; 1766 return 0; 1767 err: 1768 kfree(mp); 1769 return -EINVAL; 1770 } 1771 1772 static struct rt6_info *ip6_nh_lookup_table(struct net *net, 1773 struct fib6_config *cfg, 1774 const struct in6_addr *gw_addr) 1775 { 1776 struct flowi6 fl6 = { 1777 .flowi6_oif = cfg->fc_ifindex, 1778 .daddr = *gw_addr, 1779 .saddr = cfg->fc_prefsrc, 1780 }; 1781 struct fib6_table *table; 1782 struct rt6_info *rt; 1783 int flags = 0; 1784 1785 table = fib6_get_table(net, cfg->fc_table); 1786 if (!table) 1787 return NULL; 1788 1789 if (!ipv6_addr_any(&cfg->fc_prefsrc)) 1790 flags |= RT6_LOOKUP_F_HAS_SADDR; 1791 1792 rt = ip6_pol_route(net, table, cfg->fc_ifindex, &fl6, flags); 1793 1794 /* if table lookup failed, fall back to full lookup */ 1795 if (rt == net->ipv6.ip6_null_entry) { 1796 ip6_rt_put(rt); 1797 rt = NULL; 1798 } 1799 1800 return rt; 1801 } 1802 1803 static struct rt6_info *ip6_route_info_create(struct fib6_config *cfg) 1804 { 1805 struct net *net = cfg->fc_nlinfo.nl_net; 1806 struct rt6_info *rt = NULL; 1807 struct net_device *dev = NULL; 1808 struct inet6_dev *idev = NULL; 1809 struct fib6_table *table; 1810 int addr_type; 1811 int err = -EINVAL; 1812 1813 if (cfg->fc_dst_len > 128 || cfg->fc_src_len > 128) 1814 goto out; 1815 #ifndef CONFIG_IPV6_SUBTREES 1816 if (cfg->fc_src_len) 1817 goto out; 1818 #endif 1819 if (cfg->fc_ifindex) { 1820 err = -ENODEV; 1821 dev = dev_get_by_index(net, cfg->fc_ifindex); 1822 if (!dev) 1823 goto out; 1824 idev = in6_dev_get(dev); 1825 if (!idev) 1826 goto out; 1827 } 1828 1829 if (cfg->fc_metric == 0) 1830 cfg->fc_metric = IP6_RT_PRIO_USER; 1831 1832 err = -ENOBUFS; 1833 if (cfg->fc_nlinfo.nlh && 1834 !(cfg->fc_nlinfo.nlh->nlmsg_flags & NLM_F_CREATE)) { 1835 table = fib6_get_table(net, cfg->fc_table); 1836 if (!table) { 1837 pr_warn("NLM_F_CREATE should be specified when creating new route\n"); 1838 table = fib6_new_table(net, cfg->fc_table); 1839 } 1840 } else { 1841 table = fib6_new_table(net, cfg->fc_table); 1842 } 1843 1844 if (!table) 1845 goto out; 1846 1847 rt = ip6_dst_alloc(net, NULL, 1848 (cfg->fc_flags & RTF_ADDRCONF) ? 0 : DST_NOCOUNT); 1849 1850 if (!rt) { 1851 err = -ENOMEM; 1852 goto out; 1853 } 1854 1855 if (cfg->fc_flags & RTF_EXPIRES) 1856 rt6_set_expires(rt, jiffies + 1857 clock_t_to_jiffies(cfg->fc_expires)); 1858 else 1859 rt6_clean_expires(rt); 1860 1861 if (cfg->fc_protocol == RTPROT_UNSPEC) 1862 cfg->fc_protocol = RTPROT_BOOT; 1863 rt->rt6i_protocol = cfg->fc_protocol; 1864 1865 addr_type = ipv6_addr_type(&cfg->fc_dst); 1866 1867 if (addr_type & IPV6_ADDR_MULTICAST) 1868 rt->dst.input = ip6_mc_input; 1869 else if (cfg->fc_flags & RTF_LOCAL) 1870 rt->dst.input = ip6_input; 1871 else 1872 rt->dst.input = ip6_forward; 1873 1874 rt->dst.output = ip6_output; 1875 1876 if (cfg->fc_encap) { 1877 struct lwtunnel_state *lwtstate; 1878 1879 err = lwtunnel_build_state(dev, cfg->fc_encap_type, 1880 cfg->fc_encap, AF_INET6, cfg, 1881 &lwtstate); 1882 if (err) 1883 goto out; 1884 rt->dst.lwtstate = lwtstate_get(lwtstate); 1885 if (lwtunnel_output_redirect(rt->dst.lwtstate)) { 1886 rt->dst.lwtstate->orig_output = rt->dst.output; 1887 rt->dst.output = lwtunnel_output; 1888 } 1889 if (lwtunnel_input_redirect(rt->dst.lwtstate)) { 1890 rt->dst.lwtstate->orig_input = rt->dst.input; 1891 rt->dst.input = lwtunnel_input; 1892 } 1893 } 1894 1895 ipv6_addr_prefix(&rt->rt6i_dst.addr, &cfg->fc_dst, cfg->fc_dst_len); 1896 rt->rt6i_dst.plen = cfg->fc_dst_len; 1897 if (rt->rt6i_dst.plen == 128) 1898 rt->dst.flags |= DST_HOST; 1899 1900 #ifdef CONFIG_IPV6_SUBTREES 1901 ipv6_addr_prefix(&rt->rt6i_src.addr, &cfg->fc_src, cfg->fc_src_len); 1902 rt->rt6i_src.plen = cfg->fc_src_len; 1903 #endif 1904 1905 rt->rt6i_metric = cfg->fc_metric; 1906 1907 /* We cannot add true routes via loopback here, 1908 they would result in kernel looping; promote them to reject routes 1909 */ 1910 if ((cfg->fc_flags & RTF_REJECT) || 1911 (dev && (dev->flags & IFF_LOOPBACK) && 1912 !(addr_type & IPV6_ADDR_LOOPBACK) && 1913 !(cfg->fc_flags & RTF_LOCAL))) { 1914 /* hold loopback dev/idev if we haven't done so. */ 1915 if (dev != net->loopback_dev) { 1916 if (dev) { 1917 dev_put(dev); 1918 in6_dev_put(idev); 1919 } 1920 dev = net->loopback_dev; 1921 dev_hold(dev); 1922 idev = in6_dev_get(dev); 1923 if (!idev) { 1924 err = -ENODEV; 1925 goto out; 1926 } 1927 } 1928 rt->rt6i_flags = RTF_REJECT|RTF_NONEXTHOP; 1929 switch (cfg->fc_type) { 1930 case RTN_BLACKHOLE: 1931 rt->dst.error = -EINVAL; 1932 rt->dst.output = dst_discard_out; 1933 rt->dst.input = dst_discard; 1934 break; 1935 case RTN_PROHIBIT: 1936 rt->dst.error = -EACCES; 1937 rt->dst.output = ip6_pkt_prohibit_out; 1938 rt->dst.input = ip6_pkt_prohibit; 1939 break; 1940 case RTN_THROW: 1941 case RTN_UNREACHABLE: 1942 default: 1943 rt->dst.error = (cfg->fc_type == RTN_THROW) ? -EAGAIN 1944 : (cfg->fc_type == RTN_UNREACHABLE) 1945 ? -EHOSTUNREACH : -ENETUNREACH; 1946 rt->dst.output = ip6_pkt_discard_out; 1947 rt->dst.input = ip6_pkt_discard; 1948 break; 1949 } 1950 goto install_route; 1951 } 1952 1953 if (cfg->fc_flags & RTF_GATEWAY) { 1954 const struct in6_addr *gw_addr; 1955 int gwa_type; 1956 1957 gw_addr = &cfg->fc_gateway; 1958 gwa_type = ipv6_addr_type(gw_addr); 1959 1960 /* if gw_addr is local we will fail to detect this in case 1961 * address is still TENTATIVE (DAD in progress). rt6_lookup() 1962 * will return already-added prefix route via interface that 1963 * prefix route was assigned to, which might be non-loopback. 1964 */ 1965 err = -EINVAL; 1966 if (ipv6_chk_addr_and_flags(net, gw_addr, 1967 gwa_type & IPV6_ADDR_LINKLOCAL ? 1968 dev : NULL, 0, 0)) 1969 goto out; 1970 1971 rt->rt6i_gateway = *gw_addr; 1972 1973 if (gwa_type != (IPV6_ADDR_LINKLOCAL|IPV6_ADDR_UNICAST)) { 1974 struct rt6_info *grt = NULL; 1975 1976 /* IPv6 strictly inhibits using not link-local 1977 addresses as nexthop address. 1978 Otherwise, router will not able to send redirects. 1979 It is very good, but in some (rare!) circumstances 1980 (SIT, PtP, NBMA NOARP links) it is handy to allow 1981 some exceptions. --ANK 1982 */ 1983 if (!(gwa_type & IPV6_ADDR_UNICAST)) 1984 goto out; 1985 1986 if (cfg->fc_table) 1987 grt = ip6_nh_lookup_table(net, cfg, gw_addr); 1988 1989 if (!grt) 1990 grt = rt6_lookup(net, gw_addr, NULL, 1991 cfg->fc_ifindex, 1); 1992 1993 err = -EHOSTUNREACH; 1994 if (!grt) 1995 goto out; 1996 if (dev) { 1997 if (dev != grt->dst.dev) { 1998 ip6_rt_put(grt); 1999 goto out; 2000 } 2001 } else { 2002 dev = grt->dst.dev; 2003 idev = grt->rt6i_idev; 2004 dev_hold(dev); 2005 in6_dev_hold(grt->rt6i_idev); 2006 } 2007 if (!(grt->rt6i_flags & RTF_GATEWAY)) 2008 err = 0; 2009 ip6_rt_put(grt); 2010 2011 if (err) 2012 goto out; 2013 } 2014 err = -EINVAL; 2015 if (!dev || (dev->flags & IFF_LOOPBACK)) 2016 goto out; 2017 } 2018 2019 err = -ENODEV; 2020 if (!dev) 2021 goto out; 2022 2023 if (!ipv6_addr_any(&cfg->fc_prefsrc)) { 2024 if (!ipv6_chk_addr(net, &cfg->fc_prefsrc, dev, 0)) { 2025 err = -EINVAL; 2026 goto out; 2027 } 2028 rt->rt6i_prefsrc.addr = cfg->fc_prefsrc; 2029 rt->rt6i_prefsrc.plen = 128; 2030 } else 2031 rt->rt6i_prefsrc.plen = 0; 2032 2033 rt->rt6i_flags = cfg->fc_flags; 2034 2035 install_route: 2036 rt->dst.dev = dev; 2037 rt->rt6i_idev = idev; 2038 rt->rt6i_table = table; 2039 2040 cfg->fc_nlinfo.nl_net = dev_net(dev); 2041 2042 return rt; 2043 out: 2044 if (dev) 2045 dev_put(dev); 2046 if (idev) 2047 in6_dev_put(idev); 2048 if (rt) 2049 dst_free(&rt->dst); 2050 2051 return ERR_PTR(err); 2052 } 2053 2054 int ip6_route_add(struct fib6_config *cfg) 2055 { 2056 struct mx6_config mxc = { .mx = NULL, }; 2057 struct rt6_info *rt; 2058 int err; 2059 2060 rt = ip6_route_info_create(cfg); 2061 if (IS_ERR(rt)) { 2062 err = PTR_ERR(rt); 2063 rt = NULL; 2064 goto out; 2065 } 2066 2067 err = ip6_convert_metrics(&mxc, cfg); 2068 if (err) 2069 goto out; 2070 2071 err = __ip6_ins_rt(rt, &cfg->fc_nlinfo, &mxc); 2072 2073 kfree(mxc.mx); 2074 2075 return err; 2076 out: 2077 if (rt) 2078 dst_free(&rt->dst); 2079 2080 return err; 2081 } 2082 2083 static int __ip6_del_rt(struct rt6_info *rt, struct nl_info *info) 2084 { 2085 int err; 2086 struct fib6_table *table; 2087 struct net *net = dev_net(rt->dst.dev); 2088 2089 if (rt == net->ipv6.ip6_null_entry || 2090 rt->dst.flags & DST_NOCACHE) { 2091 err = -ENOENT; 2092 goto out; 2093 } 2094 2095 table = rt->rt6i_table; 2096 write_lock_bh(&table->tb6_lock); 2097 err = fib6_del(rt, info); 2098 write_unlock_bh(&table->tb6_lock); 2099 2100 out: 2101 ip6_rt_put(rt); 2102 return err; 2103 } 2104 2105 int ip6_del_rt(struct rt6_info *rt) 2106 { 2107 struct nl_info info = { 2108 .nl_net = dev_net(rt->dst.dev), 2109 }; 2110 return __ip6_del_rt(rt, &info); 2111 } 2112 2113 static int ip6_route_del(struct fib6_config *cfg) 2114 { 2115 struct fib6_table *table; 2116 struct fib6_node *fn; 2117 struct rt6_info *rt; 2118 int err = -ESRCH; 2119 2120 table = fib6_get_table(cfg->fc_nlinfo.nl_net, cfg->fc_table); 2121 if (!table) 2122 return err; 2123 2124 read_lock_bh(&table->tb6_lock); 2125 2126 fn = fib6_locate(&table->tb6_root, 2127 &cfg->fc_dst, cfg->fc_dst_len, 2128 &cfg->fc_src, cfg->fc_src_len); 2129 2130 if (fn) { 2131 for (rt = fn->leaf; rt; rt = rt->dst.rt6_next) { 2132 if ((rt->rt6i_flags & RTF_CACHE) && 2133 !(cfg->fc_flags & RTF_CACHE)) 2134 continue; 2135 if (cfg->fc_ifindex && 2136 (!rt->dst.dev || 2137 rt->dst.dev->ifindex != cfg->fc_ifindex)) 2138 continue; 2139 if (cfg->fc_flags & RTF_GATEWAY && 2140 !ipv6_addr_equal(&cfg->fc_gateway, &rt->rt6i_gateway)) 2141 continue; 2142 if (cfg->fc_metric && cfg->fc_metric != rt->rt6i_metric) 2143 continue; 2144 dst_hold(&rt->dst); 2145 read_unlock_bh(&table->tb6_lock); 2146 2147 return __ip6_del_rt(rt, &cfg->fc_nlinfo); 2148 } 2149 } 2150 read_unlock_bh(&table->tb6_lock); 2151 2152 return err; 2153 } 2154 2155 static void rt6_do_redirect(struct dst_entry *dst, struct sock *sk, struct sk_buff *skb) 2156 { 2157 struct netevent_redirect netevent; 2158 struct rt6_info *rt, *nrt = NULL; 2159 struct ndisc_options ndopts; 2160 struct inet6_dev *in6_dev; 2161 struct neighbour *neigh; 2162 struct rd_msg *msg; 2163 int optlen, on_link; 2164 u8 *lladdr; 2165 2166 optlen = skb_tail_pointer(skb) - skb_transport_header(skb); 2167 optlen -= sizeof(*msg); 2168 2169 if (optlen < 0) { 2170 net_dbg_ratelimited("rt6_do_redirect: packet too short\n"); 2171 return; 2172 } 2173 2174 msg = (struct rd_msg *)icmp6_hdr(skb); 2175 2176 if (ipv6_addr_is_multicast(&msg->dest)) { 2177 net_dbg_ratelimited("rt6_do_redirect: destination address is multicast\n"); 2178 return; 2179 } 2180 2181 on_link = 0; 2182 if (ipv6_addr_equal(&msg->dest, &msg->target)) { 2183 on_link = 1; 2184 } else if (ipv6_addr_type(&msg->target) != 2185 (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) { 2186 net_dbg_ratelimited("rt6_do_redirect: target address is not link-local unicast\n"); 2187 return; 2188 } 2189 2190 in6_dev = __in6_dev_get(skb->dev); 2191 if (!in6_dev) 2192 return; 2193 if (in6_dev->cnf.forwarding || !in6_dev->cnf.accept_redirects) 2194 return; 2195 2196 /* RFC2461 8.1: 2197 * The IP source address of the Redirect MUST be the same as the current 2198 * first-hop router for the specified ICMP Destination Address. 2199 */ 2200 2201 if (!ndisc_parse_options(msg->opt, optlen, &ndopts)) { 2202 net_dbg_ratelimited("rt6_redirect: invalid ND options\n"); 2203 return; 2204 } 2205 2206 lladdr = NULL; 2207 if (ndopts.nd_opts_tgt_lladdr) { 2208 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, 2209 skb->dev); 2210 if (!lladdr) { 2211 net_dbg_ratelimited("rt6_redirect: invalid link-layer address length\n"); 2212 return; 2213 } 2214 } 2215 2216 rt = (struct rt6_info *) dst; 2217 if (rt->rt6i_flags & RTF_REJECT) { 2218 net_dbg_ratelimited("rt6_redirect: source isn't a valid nexthop for redirect target\n"); 2219 return; 2220 } 2221 2222 /* Redirect received -> path was valid. 2223 * Look, redirects are sent only in response to data packets, 2224 * so that this nexthop apparently is reachable. --ANK 2225 */ 2226 dst_confirm(&rt->dst); 2227 2228 neigh = __neigh_lookup(&nd_tbl, &msg->target, skb->dev, 1); 2229 if (!neigh) 2230 return; 2231 2232 /* 2233 * We have finally decided to accept it. 2234 */ 2235 2236 neigh_update(neigh, lladdr, NUD_STALE, 2237 NEIGH_UPDATE_F_WEAK_OVERRIDE| 2238 NEIGH_UPDATE_F_OVERRIDE| 2239 (on_link ? 0 : (NEIGH_UPDATE_F_OVERRIDE_ISROUTER| 2240 NEIGH_UPDATE_F_ISROUTER)) 2241 ); 2242 2243 nrt = ip6_rt_cache_alloc(rt, &msg->dest, NULL); 2244 if (!nrt) 2245 goto out; 2246 2247 nrt->rt6i_flags = RTF_GATEWAY|RTF_UP|RTF_DYNAMIC|RTF_CACHE; 2248 if (on_link) 2249 nrt->rt6i_flags &= ~RTF_GATEWAY; 2250 2251 nrt->rt6i_gateway = *(struct in6_addr *)neigh->primary_key; 2252 2253 if (ip6_ins_rt(nrt)) 2254 goto out; 2255 2256 netevent.old = &rt->dst; 2257 netevent.new = &nrt->dst; 2258 netevent.daddr = &msg->dest; 2259 netevent.neigh = neigh; 2260 call_netevent_notifiers(NETEVENT_REDIRECT, &netevent); 2261 2262 if (rt->rt6i_flags & RTF_CACHE) { 2263 rt = (struct rt6_info *) dst_clone(&rt->dst); 2264 ip6_del_rt(rt); 2265 } 2266 2267 out: 2268 neigh_release(neigh); 2269 } 2270 2271 /* 2272 * Misc support functions 2273 */ 2274 2275 static void rt6_set_from(struct rt6_info *rt, struct rt6_info *from) 2276 { 2277 BUG_ON(from->dst.from); 2278 2279 rt->rt6i_flags &= ~RTF_EXPIRES; 2280 dst_hold(&from->dst); 2281 rt->dst.from = &from->dst; 2282 dst_init_metrics(&rt->dst, dst_metrics_ptr(&from->dst), true); 2283 } 2284 2285 static void ip6_rt_copy_init(struct rt6_info *rt, struct rt6_info *ort) 2286 { 2287 rt->dst.input = ort->dst.input; 2288 rt->dst.output = ort->dst.output; 2289 rt->rt6i_dst = ort->rt6i_dst; 2290 rt->dst.error = ort->dst.error; 2291 rt->rt6i_idev = ort->rt6i_idev; 2292 if (rt->rt6i_idev) 2293 in6_dev_hold(rt->rt6i_idev); 2294 rt->dst.lastuse = jiffies; 2295 rt->rt6i_gateway = ort->rt6i_gateway; 2296 rt->rt6i_flags = ort->rt6i_flags; 2297 rt6_set_from(rt, ort); 2298 rt->rt6i_metric = ort->rt6i_metric; 2299 #ifdef CONFIG_IPV6_SUBTREES 2300 rt->rt6i_src = ort->rt6i_src; 2301 #endif 2302 rt->rt6i_prefsrc = ort->rt6i_prefsrc; 2303 rt->rt6i_table = ort->rt6i_table; 2304 rt->dst.lwtstate = lwtstate_get(ort->dst.lwtstate); 2305 } 2306 2307 #ifdef CONFIG_IPV6_ROUTE_INFO 2308 static struct rt6_info *rt6_get_route_info(struct net *net, 2309 const struct in6_addr *prefix, int prefixlen, 2310 const struct in6_addr *gwaddr, int ifindex) 2311 { 2312 struct fib6_node *fn; 2313 struct rt6_info *rt = NULL; 2314 struct fib6_table *table; 2315 2316 table = fib6_get_table(net, RT6_TABLE_INFO); 2317 if (!table) 2318 return NULL; 2319 2320 read_lock_bh(&table->tb6_lock); 2321 fn = fib6_locate(&table->tb6_root, prefix, prefixlen, NULL, 0); 2322 if (!fn) 2323 goto out; 2324 2325 for (rt = fn->leaf; rt; rt = rt->dst.rt6_next) { 2326 if (rt->dst.dev->ifindex != ifindex) 2327 continue; 2328 if ((rt->rt6i_flags & (RTF_ROUTEINFO|RTF_GATEWAY)) != (RTF_ROUTEINFO|RTF_GATEWAY)) 2329 continue; 2330 if (!ipv6_addr_equal(&rt->rt6i_gateway, gwaddr)) 2331 continue; 2332 dst_hold(&rt->dst); 2333 break; 2334 } 2335 out: 2336 read_unlock_bh(&table->tb6_lock); 2337 return rt; 2338 } 2339 2340 static struct rt6_info *rt6_add_route_info(struct net *net, 2341 const struct in6_addr *prefix, int prefixlen, 2342 const struct in6_addr *gwaddr, int ifindex, 2343 unsigned int pref) 2344 { 2345 struct fib6_config cfg = { 2346 .fc_metric = IP6_RT_PRIO_USER, 2347 .fc_ifindex = ifindex, 2348 .fc_dst_len = prefixlen, 2349 .fc_flags = RTF_GATEWAY | RTF_ADDRCONF | RTF_ROUTEINFO | 2350 RTF_UP | RTF_PREF(pref), 2351 .fc_nlinfo.portid = 0, 2352 .fc_nlinfo.nlh = NULL, 2353 .fc_nlinfo.nl_net = net, 2354 }; 2355 2356 cfg.fc_table = l3mdev_fib_table_by_index(net, ifindex) ? : RT6_TABLE_INFO; 2357 cfg.fc_dst = *prefix; 2358 cfg.fc_gateway = *gwaddr; 2359 2360 /* We should treat it as a default route if prefix length is 0. */ 2361 if (!prefixlen) 2362 cfg.fc_flags |= RTF_DEFAULT; 2363 2364 ip6_route_add(&cfg); 2365 2366 return rt6_get_route_info(net, prefix, prefixlen, gwaddr, ifindex); 2367 } 2368 #endif 2369 2370 struct rt6_info *rt6_get_dflt_router(const struct in6_addr *addr, struct net_device *dev) 2371 { 2372 struct rt6_info *rt; 2373 struct fib6_table *table; 2374 2375 table = fib6_get_table(dev_net(dev), RT6_TABLE_DFLT); 2376 if (!table) 2377 return NULL; 2378 2379 read_lock_bh(&table->tb6_lock); 2380 for (rt = table->tb6_root.leaf; rt; rt = rt->dst.rt6_next) { 2381 if (dev == rt->dst.dev && 2382 ((rt->rt6i_flags & (RTF_ADDRCONF | RTF_DEFAULT)) == (RTF_ADDRCONF | RTF_DEFAULT)) && 2383 ipv6_addr_equal(&rt->rt6i_gateway, addr)) 2384 break; 2385 } 2386 if (rt) 2387 dst_hold(&rt->dst); 2388 read_unlock_bh(&table->tb6_lock); 2389 return rt; 2390 } 2391 2392 struct rt6_info *rt6_add_dflt_router(const struct in6_addr *gwaddr, 2393 struct net_device *dev, 2394 unsigned int pref) 2395 { 2396 struct fib6_config cfg = { 2397 .fc_table = l3mdev_fib_table(dev) ? : RT6_TABLE_DFLT, 2398 .fc_metric = IP6_RT_PRIO_USER, 2399 .fc_ifindex = dev->ifindex, 2400 .fc_flags = RTF_GATEWAY | RTF_ADDRCONF | RTF_DEFAULT | 2401 RTF_UP | RTF_EXPIRES | RTF_PREF(pref), 2402 .fc_nlinfo.portid = 0, 2403 .fc_nlinfo.nlh = NULL, 2404 .fc_nlinfo.nl_net = dev_net(dev), 2405 }; 2406 2407 cfg.fc_gateway = *gwaddr; 2408 2409 ip6_route_add(&cfg); 2410 2411 return rt6_get_dflt_router(gwaddr, dev); 2412 } 2413 2414 void rt6_purge_dflt_routers(struct net *net) 2415 { 2416 struct rt6_info *rt; 2417 struct fib6_table *table; 2418 2419 /* NOTE: Keep consistent with rt6_get_dflt_router */ 2420 table = fib6_get_table(net, RT6_TABLE_DFLT); 2421 if (!table) 2422 return; 2423 2424 restart: 2425 read_lock_bh(&table->tb6_lock); 2426 for (rt = table->tb6_root.leaf; rt; rt = rt->dst.rt6_next) { 2427 if (rt->rt6i_flags & (RTF_DEFAULT | RTF_ADDRCONF) && 2428 (!rt->rt6i_idev || rt->rt6i_idev->cnf.accept_ra != 2)) { 2429 dst_hold(&rt->dst); 2430 read_unlock_bh(&table->tb6_lock); 2431 ip6_del_rt(rt); 2432 goto restart; 2433 } 2434 } 2435 read_unlock_bh(&table->tb6_lock); 2436 } 2437 2438 static void rtmsg_to_fib6_config(struct net *net, 2439 struct in6_rtmsg *rtmsg, 2440 struct fib6_config *cfg) 2441 { 2442 memset(cfg, 0, sizeof(*cfg)); 2443 2444 cfg->fc_table = l3mdev_fib_table_by_index(net, rtmsg->rtmsg_ifindex) ? 2445 : RT6_TABLE_MAIN; 2446 cfg->fc_ifindex = rtmsg->rtmsg_ifindex; 2447 cfg->fc_metric = rtmsg->rtmsg_metric; 2448 cfg->fc_expires = rtmsg->rtmsg_info; 2449 cfg->fc_dst_len = rtmsg->rtmsg_dst_len; 2450 cfg->fc_src_len = rtmsg->rtmsg_src_len; 2451 cfg->fc_flags = rtmsg->rtmsg_flags; 2452 2453 cfg->fc_nlinfo.nl_net = net; 2454 2455 cfg->fc_dst = rtmsg->rtmsg_dst; 2456 cfg->fc_src = rtmsg->rtmsg_src; 2457 cfg->fc_gateway = rtmsg->rtmsg_gateway; 2458 } 2459 2460 int ipv6_route_ioctl(struct net *net, unsigned int cmd, void __user *arg) 2461 { 2462 struct fib6_config cfg; 2463 struct in6_rtmsg rtmsg; 2464 int err; 2465 2466 switch (cmd) { 2467 case SIOCADDRT: /* Add a route */ 2468 case SIOCDELRT: /* Delete a route */ 2469 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) 2470 return -EPERM; 2471 err = copy_from_user(&rtmsg, arg, 2472 sizeof(struct in6_rtmsg)); 2473 if (err) 2474 return -EFAULT; 2475 2476 rtmsg_to_fib6_config(net, &rtmsg, &cfg); 2477 2478 rtnl_lock(); 2479 switch (cmd) { 2480 case SIOCADDRT: 2481 err = ip6_route_add(&cfg); 2482 break; 2483 case SIOCDELRT: 2484 err = ip6_route_del(&cfg); 2485 break; 2486 default: 2487 err = -EINVAL; 2488 } 2489 rtnl_unlock(); 2490 2491 return err; 2492 } 2493 2494 return -EINVAL; 2495 } 2496 2497 /* 2498 * Drop the packet on the floor 2499 */ 2500 2501 static int ip6_pkt_drop(struct sk_buff *skb, u8 code, int ipstats_mib_noroutes) 2502 { 2503 int type; 2504 struct dst_entry *dst = skb_dst(skb); 2505 switch (ipstats_mib_noroutes) { 2506 case IPSTATS_MIB_INNOROUTES: 2507 type = ipv6_addr_type(&ipv6_hdr(skb)->daddr); 2508 if (type == IPV6_ADDR_ANY) { 2509 IP6_INC_STATS(dev_net(dst->dev), ip6_dst_idev(dst), 2510 IPSTATS_MIB_INADDRERRORS); 2511 break; 2512 } 2513 /* FALLTHROUGH */ 2514 case IPSTATS_MIB_OUTNOROUTES: 2515 IP6_INC_STATS(dev_net(dst->dev), ip6_dst_idev(dst), 2516 ipstats_mib_noroutes); 2517 break; 2518 } 2519 icmpv6_send(skb, ICMPV6_DEST_UNREACH, code, 0); 2520 kfree_skb(skb); 2521 return 0; 2522 } 2523 2524 static int ip6_pkt_discard(struct sk_buff *skb) 2525 { 2526 return ip6_pkt_drop(skb, ICMPV6_NOROUTE, IPSTATS_MIB_INNOROUTES); 2527 } 2528 2529 static int ip6_pkt_discard_out(struct net *net, struct sock *sk, struct sk_buff *skb) 2530 { 2531 skb->dev = skb_dst(skb)->dev; 2532 return ip6_pkt_drop(skb, ICMPV6_NOROUTE, IPSTATS_MIB_OUTNOROUTES); 2533 } 2534 2535 static int ip6_pkt_prohibit(struct sk_buff *skb) 2536 { 2537 return ip6_pkt_drop(skb, ICMPV6_ADM_PROHIBITED, IPSTATS_MIB_INNOROUTES); 2538 } 2539 2540 static int ip6_pkt_prohibit_out(struct net *net, struct sock *sk, struct sk_buff *skb) 2541 { 2542 skb->dev = skb_dst(skb)->dev; 2543 return ip6_pkt_drop(skb, ICMPV6_ADM_PROHIBITED, IPSTATS_MIB_OUTNOROUTES); 2544 } 2545 2546 /* 2547 * Allocate a dst for local (unicast / anycast) address. 2548 */ 2549 2550 struct rt6_info *addrconf_dst_alloc(struct inet6_dev *idev, 2551 const struct in6_addr *addr, 2552 bool anycast) 2553 { 2554 u32 tb_id; 2555 struct net *net = dev_net(idev->dev); 2556 struct rt6_info *rt = ip6_dst_alloc(net, net->loopback_dev, 2557 DST_NOCOUNT); 2558 if (!rt) 2559 return ERR_PTR(-ENOMEM); 2560 2561 in6_dev_hold(idev); 2562 2563 rt->dst.flags |= DST_HOST; 2564 rt->dst.input = ip6_input; 2565 rt->dst.output = ip6_output; 2566 rt->rt6i_idev = idev; 2567 2568 rt->rt6i_flags = RTF_UP | RTF_NONEXTHOP; 2569 if (anycast) 2570 rt->rt6i_flags |= RTF_ANYCAST; 2571 else 2572 rt->rt6i_flags |= RTF_LOCAL; 2573 2574 rt->rt6i_gateway = *addr; 2575 rt->rt6i_dst.addr = *addr; 2576 rt->rt6i_dst.plen = 128; 2577 tb_id = l3mdev_fib_table(idev->dev) ? : RT6_TABLE_LOCAL; 2578 rt->rt6i_table = fib6_get_table(net, tb_id); 2579 rt->dst.flags |= DST_NOCACHE; 2580 2581 atomic_set(&rt->dst.__refcnt, 1); 2582 2583 return rt; 2584 } 2585 2586 int ip6_route_get_saddr(struct net *net, 2587 struct rt6_info *rt, 2588 const struct in6_addr *daddr, 2589 unsigned int prefs, 2590 struct in6_addr *saddr) 2591 { 2592 struct inet6_dev *idev = 2593 rt ? ip6_dst_idev((struct dst_entry *)rt) : NULL; 2594 int err = 0; 2595 if (rt && rt->rt6i_prefsrc.plen) 2596 *saddr = rt->rt6i_prefsrc.addr; 2597 else 2598 err = ipv6_dev_get_saddr(net, idev ? idev->dev : NULL, 2599 daddr, prefs, saddr); 2600 return err; 2601 } 2602 2603 /* remove deleted ip from prefsrc entries */ 2604 struct arg_dev_net_ip { 2605 struct net_device *dev; 2606 struct net *net; 2607 struct in6_addr *addr; 2608 }; 2609 2610 static int fib6_remove_prefsrc(struct rt6_info *rt, void *arg) 2611 { 2612 struct net_device *dev = ((struct arg_dev_net_ip *)arg)->dev; 2613 struct net *net = ((struct arg_dev_net_ip *)arg)->net; 2614 struct in6_addr *addr = ((struct arg_dev_net_ip *)arg)->addr; 2615 2616 if (((void *)rt->dst.dev == dev || !dev) && 2617 rt != net->ipv6.ip6_null_entry && 2618 ipv6_addr_equal(addr, &rt->rt6i_prefsrc.addr)) { 2619 /* remove prefsrc entry */ 2620 rt->rt6i_prefsrc.plen = 0; 2621 } 2622 return 0; 2623 } 2624 2625 void rt6_remove_prefsrc(struct inet6_ifaddr *ifp) 2626 { 2627 struct net *net = dev_net(ifp->idev->dev); 2628 struct arg_dev_net_ip adni = { 2629 .dev = ifp->idev->dev, 2630 .net = net, 2631 .addr = &ifp->addr, 2632 }; 2633 fib6_clean_all(net, fib6_remove_prefsrc, &adni); 2634 } 2635 2636 #define RTF_RA_ROUTER (RTF_ADDRCONF | RTF_DEFAULT | RTF_GATEWAY) 2637 #define RTF_CACHE_GATEWAY (RTF_GATEWAY | RTF_CACHE) 2638 2639 /* Remove routers and update dst entries when gateway turn into host. */ 2640 static int fib6_clean_tohost(struct rt6_info *rt, void *arg) 2641 { 2642 struct in6_addr *gateway = (struct in6_addr *)arg; 2643 2644 if ((((rt->rt6i_flags & RTF_RA_ROUTER) == RTF_RA_ROUTER) || 2645 ((rt->rt6i_flags & RTF_CACHE_GATEWAY) == RTF_CACHE_GATEWAY)) && 2646 ipv6_addr_equal(gateway, &rt->rt6i_gateway)) { 2647 return -1; 2648 } 2649 return 0; 2650 } 2651 2652 void rt6_clean_tohost(struct net *net, struct in6_addr *gateway) 2653 { 2654 fib6_clean_all(net, fib6_clean_tohost, gateway); 2655 } 2656 2657 struct arg_dev_net { 2658 struct net_device *dev; 2659 struct net *net; 2660 }; 2661 2662 static int fib6_ifdown(struct rt6_info *rt, void *arg) 2663 { 2664 const struct arg_dev_net *adn = arg; 2665 const struct net_device *dev = adn->dev; 2666 2667 if ((rt->dst.dev == dev || !dev) && 2668 rt != adn->net->ipv6.ip6_null_entry) 2669 return -1; 2670 2671 return 0; 2672 } 2673 2674 void rt6_ifdown(struct net *net, struct net_device *dev) 2675 { 2676 struct arg_dev_net adn = { 2677 .dev = dev, 2678 .net = net, 2679 }; 2680 2681 fib6_clean_all(net, fib6_ifdown, &adn); 2682 icmp6_clean_all(fib6_ifdown, &adn); 2683 if (dev) 2684 rt6_uncached_list_flush_dev(net, dev); 2685 } 2686 2687 struct rt6_mtu_change_arg { 2688 struct net_device *dev; 2689 unsigned int mtu; 2690 }; 2691 2692 static int rt6_mtu_change_route(struct rt6_info *rt, void *p_arg) 2693 { 2694 struct rt6_mtu_change_arg *arg = (struct rt6_mtu_change_arg *) p_arg; 2695 struct inet6_dev *idev; 2696 2697 /* In IPv6 pmtu discovery is not optional, 2698 so that RTAX_MTU lock cannot disable it. 2699 We still use this lock to block changes 2700 caused by addrconf/ndisc. 2701 */ 2702 2703 idev = __in6_dev_get(arg->dev); 2704 if (!idev) 2705 return 0; 2706 2707 /* For administrative MTU increase, there is no way to discover 2708 IPv6 PMTU increase, so PMTU increase should be updated here. 2709 Since RFC 1981 doesn't include administrative MTU increase 2710 update PMTU increase is a MUST. (i.e. jumbo frame) 2711 */ 2712 /* 2713 If new MTU is less than route PMTU, this new MTU will be the 2714 lowest MTU in the path, update the route PMTU to reflect PMTU 2715 decreases; if new MTU is greater than route PMTU, and the 2716 old MTU is the lowest MTU in the path, update the route PMTU 2717 to reflect the increase. In this case if the other nodes' MTU 2718 also have the lowest MTU, TOO BIG MESSAGE will be lead to 2719 PMTU discouvery. 2720 */ 2721 if (rt->dst.dev == arg->dev && 2722 !dst_metric_locked(&rt->dst, RTAX_MTU)) { 2723 if (rt->rt6i_flags & RTF_CACHE) { 2724 /* For RTF_CACHE with rt6i_pmtu == 0 2725 * (i.e. a redirected route), 2726 * the metrics of its rt->dst.from has already 2727 * been updated. 2728 */ 2729 if (rt->rt6i_pmtu && rt->rt6i_pmtu > arg->mtu) 2730 rt->rt6i_pmtu = arg->mtu; 2731 } else if (dst_mtu(&rt->dst) >= arg->mtu || 2732 (dst_mtu(&rt->dst) < arg->mtu && 2733 dst_mtu(&rt->dst) == idev->cnf.mtu6)) { 2734 dst_metric_set(&rt->dst, RTAX_MTU, arg->mtu); 2735 } 2736 } 2737 return 0; 2738 } 2739 2740 void rt6_mtu_change(struct net_device *dev, unsigned int mtu) 2741 { 2742 struct rt6_mtu_change_arg arg = { 2743 .dev = dev, 2744 .mtu = mtu, 2745 }; 2746 2747 fib6_clean_all(dev_net(dev), rt6_mtu_change_route, &arg); 2748 } 2749 2750 static const struct nla_policy rtm_ipv6_policy[RTA_MAX+1] = { 2751 [RTA_GATEWAY] = { .len = sizeof(struct in6_addr) }, 2752 [RTA_OIF] = { .type = NLA_U32 }, 2753 [RTA_IIF] = { .type = NLA_U32 }, 2754 [RTA_PRIORITY] = { .type = NLA_U32 }, 2755 [RTA_METRICS] = { .type = NLA_NESTED }, 2756 [RTA_MULTIPATH] = { .len = sizeof(struct rtnexthop) }, 2757 [RTA_PREF] = { .type = NLA_U8 }, 2758 [RTA_ENCAP_TYPE] = { .type = NLA_U16 }, 2759 [RTA_ENCAP] = { .type = NLA_NESTED }, 2760 [RTA_EXPIRES] = { .type = NLA_U32 }, 2761 }; 2762 2763 static int rtm_to_fib6_config(struct sk_buff *skb, struct nlmsghdr *nlh, 2764 struct fib6_config *cfg) 2765 { 2766 struct rtmsg *rtm; 2767 struct nlattr *tb[RTA_MAX+1]; 2768 unsigned int pref; 2769 int err; 2770 2771 err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_ipv6_policy); 2772 if (err < 0) 2773 goto errout; 2774 2775 err = -EINVAL; 2776 rtm = nlmsg_data(nlh); 2777 memset(cfg, 0, sizeof(*cfg)); 2778 2779 cfg->fc_table = rtm->rtm_table; 2780 cfg->fc_dst_len = rtm->rtm_dst_len; 2781 cfg->fc_src_len = rtm->rtm_src_len; 2782 cfg->fc_flags = RTF_UP; 2783 cfg->fc_protocol = rtm->rtm_protocol; 2784 cfg->fc_type = rtm->rtm_type; 2785 2786 if (rtm->rtm_type == RTN_UNREACHABLE || 2787 rtm->rtm_type == RTN_BLACKHOLE || 2788 rtm->rtm_type == RTN_PROHIBIT || 2789 rtm->rtm_type == RTN_THROW) 2790 cfg->fc_flags |= RTF_REJECT; 2791 2792 if (rtm->rtm_type == RTN_LOCAL) 2793 cfg->fc_flags |= RTF_LOCAL; 2794 2795 if (rtm->rtm_flags & RTM_F_CLONED) 2796 cfg->fc_flags |= RTF_CACHE; 2797 2798 cfg->fc_nlinfo.portid = NETLINK_CB(skb).portid; 2799 cfg->fc_nlinfo.nlh = nlh; 2800 cfg->fc_nlinfo.nl_net = sock_net(skb->sk); 2801 2802 if (tb[RTA_GATEWAY]) { 2803 cfg->fc_gateway = nla_get_in6_addr(tb[RTA_GATEWAY]); 2804 cfg->fc_flags |= RTF_GATEWAY; 2805 } 2806 2807 if (tb[RTA_DST]) { 2808 int plen = (rtm->rtm_dst_len + 7) >> 3; 2809 2810 if (nla_len(tb[RTA_DST]) < plen) 2811 goto errout; 2812 2813 nla_memcpy(&cfg->fc_dst, tb[RTA_DST], plen); 2814 } 2815 2816 if (tb[RTA_SRC]) { 2817 int plen = (rtm->rtm_src_len + 7) >> 3; 2818 2819 if (nla_len(tb[RTA_SRC]) < plen) 2820 goto errout; 2821 2822 nla_memcpy(&cfg->fc_src, tb[RTA_SRC], plen); 2823 } 2824 2825 if (tb[RTA_PREFSRC]) 2826 cfg->fc_prefsrc = nla_get_in6_addr(tb[RTA_PREFSRC]); 2827 2828 if (tb[RTA_OIF]) 2829 cfg->fc_ifindex = nla_get_u32(tb[RTA_OIF]); 2830 2831 if (tb[RTA_PRIORITY]) 2832 cfg->fc_metric = nla_get_u32(tb[RTA_PRIORITY]); 2833 2834 if (tb[RTA_METRICS]) { 2835 cfg->fc_mx = nla_data(tb[RTA_METRICS]); 2836 cfg->fc_mx_len = nla_len(tb[RTA_METRICS]); 2837 } 2838 2839 if (tb[RTA_TABLE]) 2840 cfg->fc_table = nla_get_u32(tb[RTA_TABLE]); 2841 2842 if (tb[RTA_MULTIPATH]) { 2843 cfg->fc_mp = nla_data(tb[RTA_MULTIPATH]); 2844 cfg->fc_mp_len = nla_len(tb[RTA_MULTIPATH]); 2845 } 2846 2847 if (tb[RTA_PREF]) { 2848 pref = nla_get_u8(tb[RTA_PREF]); 2849 if (pref != ICMPV6_ROUTER_PREF_LOW && 2850 pref != ICMPV6_ROUTER_PREF_HIGH) 2851 pref = ICMPV6_ROUTER_PREF_MEDIUM; 2852 cfg->fc_flags |= RTF_PREF(pref); 2853 } 2854 2855 if (tb[RTA_ENCAP]) 2856 cfg->fc_encap = tb[RTA_ENCAP]; 2857 2858 if (tb[RTA_ENCAP_TYPE]) 2859 cfg->fc_encap_type = nla_get_u16(tb[RTA_ENCAP_TYPE]); 2860 2861 if (tb[RTA_EXPIRES]) { 2862 unsigned long timeout = addrconf_timeout_fixup(nla_get_u32(tb[RTA_EXPIRES]), HZ); 2863 2864 if (addrconf_finite_timeout(timeout)) { 2865 cfg->fc_expires = jiffies_to_clock_t(timeout * HZ); 2866 cfg->fc_flags |= RTF_EXPIRES; 2867 } 2868 } 2869 2870 err = 0; 2871 errout: 2872 return err; 2873 } 2874 2875 struct rt6_nh { 2876 struct rt6_info *rt6_info; 2877 struct fib6_config r_cfg; 2878 struct mx6_config mxc; 2879 struct list_head next; 2880 }; 2881 2882 static void ip6_print_replace_route_err(struct list_head *rt6_nh_list) 2883 { 2884 struct rt6_nh *nh; 2885 2886 list_for_each_entry(nh, rt6_nh_list, next) { 2887 pr_warn("IPV6: multipath route replace failed (check consistency of installed routes): %pI6 nexthop %pI6 ifi %d\n", 2888 &nh->r_cfg.fc_dst, &nh->r_cfg.fc_gateway, 2889 nh->r_cfg.fc_ifindex); 2890 } 2891 } 2892 2893 static int ip6_route_info_append(struct list_head *rt6_nh_list, 2894 struct rt6_info *rt, struct fib6_config *r_cfg) 2895 { 2896 struct rt6_nh *nh; 2897 struct rt6_info *rtnh; 2898 int err = -EEXIST; 2899 2900 list_for_each_entry(nh, rt6_nh_list, next) { 2901 /* check if rt6_info already exists */ 2902 rtnh = nh->rt6_info; 2903 2904 if (rtnh->dst.dev == rt->dst.dev && 2905 rtnh->rt6i_idev == rt->rt6i_idev && 2906 ipv6_addr_equal(&rtnh->rt6i_gateway, 2907 &rt->rt6i_gateway)) 2908 return err; 2909 } 2910 2911 nh = kzalloc(sizeof(*nh), GFP_KERNEL); 2912 if (!nh) 2913 return -ENOMEM; 2914 nh->rt6_info = rt; 2915 err = ip6_convert_metrics(&nh->mxc, r_cfg); 2916 if (err) { 2917 kfree(nh); 2918 return err; 2919 } 2920 memcpy(&nh->r_cfg, r_cfg, sizeof(*r_cfg)); 2921 list_add_tail(&nh->next, rt6_nh_list); 2922 2923 return 0; 2924 } 2925 2926 static int ip6_route_multipath_add(struct fib6_config *cfg) 2927 { 2928 struct fib6_config r_cfg; 2929 struct rtnexthop *rtnh; 2930 struct rt6_info *rt; 2931 struct rt6_nh *err_nh; 2932 struct rt6_nh *nh, *nh_safe; 2933 int remaining; 2934 int attrlen; 2935 int err = 1; 2936 int nhn = 0; 2937 int replace = (cfg->fc_nlinfo.nlh && 2938 (cfg->fc_nlinfo.nlh->nlmsg_flags & NLM_F_REPLACE)); 2939 LIST_HEAD(rt6_nh_list); 2940 2941 remaining = cfg->fc_mp_len; 2942 rtnh = (struct rtnexthop *)cfg->fc_mp; 2943 2944 /* Parse a Multipath Entry and build a list (rt6_nh_list) of 2945 * rt6_info structs per nexthop 2946 */ 2947 while (rtnh_ok(rtnh, remaining)) { 2948 memcpy(&r_cfg, cfg, sizeof(*cfg)); 2949 if (rtnh->rtnh_ifindex) 2950 r_cfg.fc_ifindex = rtnh->rtnh_ifindex; 2951 2952 attrlen = rtnh_attrlen(rtnh); 2953 if (attrlen > 0) { 2954 struct nlattr *nla, *attrs = rtnh_attrs(rtnh); 2955 2956 nla = nla_find(attrs, attrlen, RTA_GATEWAY); 2957 if (nla) { 2958 r_cfg.fc_gateway = nla_get_in6_addr(nla); 2959 r_cfg.fc_flags |= RTF_GATEWAY; 2960 } 2961 r_cfg.fc_encap = nla_find(attrs, attrlen, RTA_ENCAP); 2962 nla = nla_find(attrs, attrlen, RTA_ENCAP_TYPE); 2963 if (nla) 2964 r_cfg.fc_encap_type = nla_get_u16(nla); 2965 } 2966 2967 rt = ip6_route_info_create(&r_cfg); 2968 if (IS_ERR(rt)) { 2969 err = PTR_ERR(rt); 2970 rt = NULL; 2971 goto cleanup; 2972 } 2973 2974 err = ip6_route_info_append(&rt6_nh_list, rt, &r_cfg); 2975 if (err) { 2976 dst_free(&rt->dst); 2977 goto cleanup; 2978 } 2979 2980 rtnh = rtnh_next(rtnh, &remaining); 2981 } 2982 2983 err_nh = NULL; 2984 list_for_each_entry(nh, &rt6_nh_list, next) { 2985 err = __ip6_ins_rt(nh->rt6_info, &cfg->fc_nlinfo, &nh->mxc); 2986 /* nh->rt6_info is used or freed at this point, reset to NULL*/ 2987 nh->rt6_info = NULL; 2988 if (err) { 2989 if (replace && nhn) 2990 ip6_print_replace_route_err(&rt6_nh_list); 2991 err_nh = nh; 2992 goto add_errout; 2993 } 2994 2995 /* Because each route is added like a single route we remove 2996 * these flags after the first nexthop: if there is a collision, 2997 * we have already failed to add the first nexthop: 2998 * fib6_add_rt2node() has rejected it; when replacing, old 2999 * nexthops have been replaced by first new, the rest should 3000 * be added to it. 3001 */ 3002 cfg->fc_nlinfo.nlh->nlmsg_flags &= ~(NLM_F_EXCL | 3003 NLM_F_REPLACE); 3004 nhn++; 3005 } 3006 3007 goto cleanup; 3008 3009 add_errout: 3010 /* Delete routes that were already added */ 3011 list_for_each_entry(nh, &rt6_nh_list, next) { 3012 if (err_nh == nh) 3013 break; 3014 ip6_route_del(&nh->r_cfg); 3015 } 3016 3017 cleanup: 3018 list_for_each_entry_safe(nh, nh_safe, &rt6_nh_list, next) { 3019 if (nh->rt6_info) 3020 dst_free(&nh->rt6_info->dst); 3021 kfree(nh->mxc.mx); 3022 list_del(&nh->next); 3023 kfree(nh); 3024 } 3025 3026 return err; 3027 } 3028 3029 static int ip6_route_multipath_del(struct fib6_config *cfg) 3030 { 3031 struct fib6_config r_cfg; 3032 struct rtnexthop *rtnh; 3033 int remaining; 3034 int attrlen; 3035 int err = 1, last_err = 0; 3036 3037 remaining = cfg->fc_mp_len; 3038 rtnh = (struct rtnexthop *)cfg->fc_mp; 3039 3040 /* Parse a Multipath Entry */ 3041 while (rtnh_ok(rtnh, remaining)) { 3042 memcpy(&r_cfg, cfg, sizeof(*cfg)); 3043 if (rtnh->rtnh_ifindex) 3044 r_cfg.fc_ifindex = rtnh->rtnh_ifindex; 3045 3046 attrlen = rtnh_attrlen(rtnh); 3047 if (attrlen > 0) { 3048 struct nlattr *nla, *attrs = rtnh_attrs(rtnh); 3049 3050 nla = nla_find(attrs, attrlen, RTA_GATEWAY); 3051 if (nla) { 3052 nla_memcpy(&r_cfg.fc_gateway, nla, 16); 3053 r_cfg.fc_flags |= RTF_GATEWAY; 3054 } 3055 } 3056 err = ip6_route_del(&r_cfg); 3057 if (err) 3058 last_err = err; 3059 3060 rtnh = rtnh_next(rtnh, &remaining); 3061 } 3062 3063 return last_err; 3064 } 3065 3066 static int inet6_rtm_delroute(struct sk_buff *skb, struct nlmsghdr *nlh) 3067 { 3068 struct fib6_config cfg; 3069 int err; 3070 3071 err = rtm_to_fib6_config(skb, nlh, &cfg); 3072 if (err < 0) 3073 return err; 3074 3075 if (cfg.fc_mp) 3076 return ip6_route_multipath_del(&cfg); 3077 else 3078 return ip6_route_del(&cfg); 3079 } 3080 3081 static int inet6_rtm_newroute(struct sk_buff *skb, struct nlmsghdr *nlh) 3082 { 3083 struct fib6_config cfg; 3084 int err; 3085 3086 err = rtm_to_fib6_config(skb, nlh, &cfg); 3087 if (err < 0) 3088 return err; 3089 3090 if (cfg.fc_mp) 3091 return ip6_route_multipath_add(&cfg); 3092 else 3093 return ip6_route_add(&cfg); 3094 } 3095 3096 static inline size_t rt6_nlmsg_size(struct rt6_info *rt) 3097 { 3098 return NLMSG_ALIGN(sizeof(struct rtmsg)) 3099 + nla_total_size(16) /* RTA_SRC */ 3100 + nla_total_size(16) /* RTA_DST */ 3101 + nla_total_size(16) /* RTA_GATEWAY */ 3102 + nla_total_size(16) /* RTA_PREFSRC */ 3103 + nla_total_size(4) /* RTA_TABLE */ 3104 + nla_total_size(4) /* RTA_IIF */ 3105 + nla_total_size(4) /* RTA_OIF */ 3106 + nla_total_size(4) /* RTA_PRIORITY */ 3107 + RTAX_MAX * nla_total_size(4) /* RTA_METRICS */ 3108 + nla_total_size(sizeof(struct rta_cacheinfo)) 3109 + nla_total_size(TCP_CA_NAME_MAX) /* RTAX_CC_ALGO */ 3110 + nla_total_size(1) /* RTA_PREF */ 3111 + lwtunnel_get_encap_size(rt->dst.lwtstate); 3112 } 3113 3114 static int rt6_fill_node(struct net *net, 3115 struct sk_buff *skb, struct rt6_info *rt, 3116 struct in6_addr *dst, struct in6_addr *src, 3117 int iif, int type, u32 portid, u32 seq, 3118 int prefix, int nowait, unsigned int flags) 3119 { 3120 u32 metrics[RTAX_MAX]; 3121 struct rtmsg *rtm; 3122 struct nlmsghdr *nlh; 3123 long expires; 3124 u32 table; 3125 3126 if (prefix) { /* user wants prefix routes only */ 3127 if (!(rt->rt6i_flags & RTF_PREFIX_RT)) { 3128 /* success since this is not a prefix route */ 3129 return 1; 3130 } 3131 } 3132 3133 nlh = nlmsg_put(skb, portid, seq, type, sizeof(*rtm), flags); 3134 if (!nlh) 3135 return -EMSGSIZE; 3136 3137 rtm = nlmsg_data(nlh); 3138 rtm->rtm_family = AF_INET6; 3139 rtm->rtm_dst_len = rt->rt6i_dst.plen; 3140 rtm->rtm_src_len = rt->rt6i_src.plen; 3141 rtm->rtm_tos = 0; 3142 if (rt->rt6i_table) 3143 table = rt->rt6i_table->tb6_id; 3144 else 3145 table = RT6_TABLE_UNSPEC; 3146 rtm->rtm_table = table; 3147 if (nla_put_u32(skb, RTA_TABLE, table)) 3148 goto nla_put_failure; 3149 if (rt->rt6i_flags & RTF_REJECT) { 3150 switch (rt->dst.error) { 3151 case -EINVAL: 3152 rtm->rtm_type = RTN_BLACKHOLE; 3153 break; 3154 case -EACCES: 3155 rtm->rtm_type = RTN_PROHIBIT; 3156 break; 3157 case -EAGAIN: 3158 rtm->rtm_type = RTN_THROW; 3159 break; 3160 default: 3161 rtm->rtm_type = RTN_UNREACHABLE; 3162 break; 3163 } 3164 } 3165 else if (rt->rt6i_flags & RTF_LOCAL) 3166 rtm->rtm_type = RTN_LOCAL; 3167 else if (rt->dst.dev && (rt->dst.dev->flags & IFF_LOOPBACK)) 3168 rtm->rtm_type = RTN_LOCAL; 3169 else 3170 rtm->rtm_type = RTN_UNICAST; 3171 rtm->rtm_flags = 0; 3172 if (!netif_carrier_ok(rt->dst.dev)) { 3173 rtm->rtm_flags |= RTNH_F_LINKDOWN; 3174 if (rt->rt6i_idev->cnf.ignore_routes_with_linkdown) 3175 rtm->rtm_flags |= RTNH_F_DEAD; 3176 } 3177 rtm->rtm_scope = RT_SCOPE_UNIVERSE; 3178 rtm->rtm_protocol = rt->rt6i_protocol; 3179 if (rt->rt6i_flags & RTF_DYNAMIC) 3180 rtm->rtm_protocol = RTPROT_REDIRECT; 3181 else if (rt->rt6i_flags & RTF_ADDRCONF) { 3182 if (rt->rt6i_flags & (RTF_DEFAULT | RTF_ROUTEINFO)) 3183 rtm->rtm_protocol = RTPROT_RA; 3184 else 3185 rtm->rtm_protocol = RTPROT_KERNEL; 3186 } 3187 3188 if (rt->rt6i_flags & RTF_CACHE) 3189 rtm->rtm_flags |= RTM_F_CLONED; 3190 3191 if (dst) { 3192 if (nla_put_in6_addr(skb, RTA_DST, dst)) 3193 goto nla_put_failure; 3194 rtm->rtm_dst_len = 128; 3195 } else if (rtm->rtm_dst_len) 3196 if (nla_put_in6_addr(skb, RTA_DST, &rt->rt6i_dst.addr)) 3197 goto nla_put_failure; 3198 #ifdef CONFIG_IPV6_SUBTREES 3199 if (src) { 3200 if (nla_put_in6_addr(skb, RTA_SRC, src)) 3201 goto nla_put_failure; 3202 rtm->rtm_src_len = 128; 3203 } else if (rtm->rtm_src_len && 3204 nla_put_in6_addr(skb, RTA_SRC, &rt->rt6i_src.addr)) 3205 goto nla_put_failure; 3206 #endif 3207 if (iif) { 3208 #ifdef CONFIG_IPV6_MROUTE 3209 if (ipv6_addr_is_multicast(&rt->rt6i_dst.addr)) { 3210 int err = ip6mr_get_route(net, skb, rtm, nowait); 3211 if (err <= 0) { 3212 if (!nowait) { 3213 if (err == 0) 3214 return 0; 3215 goto nla_put_failure; 3216 } else { 3217 if (err == -EMSGSIZE) 3218 goto nla_put_failure; 3219 } 3220 } 3221 } else 3222 #endif 3223 if (nla_put_u32(skb, RTA_IIF, iif)) 3224 goto nla_put_failure; 3225 } else if (dst) { 3226 struct in6_addr saddr_buf; 3227 if (ip6_route_get_saddr(net, rt, dst, 0, &saddr_buf) == 0 && 3228 nla_put_in6_addr(skb, RTA_PREFSRC, &saddr_buf)) 3229 goto nla_put_failure; 3230 } 3231 3232 if (rt->rt6i_prefsrc.plen) { 3233 struct in6_addr saddr_buf; 3234 saddr_buf = rt->rt6i_prefsrc.addr; 3235 if (nla_put_in6_addr(skb, RTA_PREFSRC, &saddr_buf)) 3236 goto nla_put_failure; 3237 } 3238 3239 memcpy(metrics, dst_metrics_ptr(&rt->dst), sizeof(metrics)); 3240 if (rt->rt6i_pmtu) 3241 metrics[RTAX_MTU - 1] = rt->rt6i_pmtu; 3242 if (rtnetlink_put_metrics(skb, metrics) < 0) 3243 goto nla_put_failure; 3244 3245 if (rt->rt6i_flags & RTF_GATEWAY) { 3246 if (nla_put_in6_addr(skb, RTA_GATEWAY, &rt->rt6i_gateway) < 0) 3247 goto nla_put_failure; 3248 } 3249 3250 if (rt->dst.dev && 3251 nla_put_u32(skb, RTA_OIF, rt->dst.dev->ifindex)) 3252 goto nla_put_failure; 3253 if (nla_put_u32(skb, RTA_PRIORITY, rt->rt6i_metric)) 3254 goto nla_put_failure; 3255 3256 expires = (rt->rt6i_flags & RTF_EXPIRES) ? rt->dst.expires - jiffies : 0; 3257 3258 if (rtnl_put_cacheinfo(skb, &rt->dst, 0, expires, rt->dst.error) < 0) 3259 goto nla_put_failure; 3260 3261 if (nla_put_u8(skb, RTA_PREF, IPV6_EXTRACT_PREF(rt->rt6i_flags))) 3262 goto nla_put_failure; 3263 3264 lwtunnel_fill_encap(skb, rt->dst.lwtstate); 3265 3266 nlmsg_end(skb, nlh); 3267 return 0; 3268 3269 nla_put_failure: 3270 nlmsg_cancel(skb, nlh); 3271 return -EMSGSIZE; 3272 } 3273 3274 int rt6_dump_route(struct rt6_info *rt, void *p_arg) 3275 { 3276 struct rt6_rtnl_dump_arg *arg = (struct rt6_rtnl_dump_arg *) p_arg; 3277 int prefix; 3278 3279 if (nlmsg_len(arg->cb->nlh) >= sizeof(struct rtmsg)) { 3280 struct rtmsg *rtm = nlmsg_data(arg->cb->nlh); 3281 prefix = (rtm->rtm_flags & RTM_F_PREFIX) != 0; 3282 } else 3283 prefix = 0; 3284 3285 return rt6_fill_node(arg->net, 3286 arg->skb, rt, NULL, NULL, 0, RTM_NEWROUTE, 3287 NETLINK_CB(arg->cb->skb).portid, arg->cb->nlh->nlmsg_seq, 3288 prefix, 0, NLM_F_MULTI); 3289 } 3290 3291 static int inet6_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr *nlh) 3292 { 3293 struct net *net = sock_net(in_skb->sk); 3294 struct nlattr *tb[RTA_MAX+1]; 3295 struct rt6_info *rt; 3296 struct sk_buff *skb; 3297 struct rtmsg *rtm; 3298 struct flowi6 fl6; 3299 int err, iif = 0, oif = 0; 3300 3301 err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_ipv6_policy); 3302 if (err < 0) 3303 goto errout; 3304 3305 err = -EINVAL; 3306 memset(&fl6, 0, sizeof(fl6)); 3307 3308 if (tb[RTA_SRC]) { 3309 if (nla_len(tb[RTA_SRC]) < sizeof(struct in6_addr)) 3310 goto errout; 3311 3312 fl6.saddr = *(struct in6_addr *)nla_data(tb[RTA_SRC]); 3313 } 3314 3315 if (tb[RTA_DST]) { 3316 if (nla_len(tb[RTA_DST]) < sizeof(struct in6_addr)) 3317 goto errout; 3318 3319 fl6.daddr = *(struct in6_addr *)nla_data(tb[RTA_DST]); 3320 } 3321 3322 if (tb[RTA_IIF]) 3323 iif = nla_get_u32(tb[RTA_IIF]); 3324 3325 if (tb[RTA_OIF]) 3326 oif = nla_get_u32(tb[RTA_OIF]); 3327 3328 if (tb[RTA_MARK]) 3329 fl6.flowi6_mark = nla_get_u32(tb[RTA_MARK]); 3330 3331 if (iif) { 3332 struct net_device *dev; 3333 int flags = 0; 3334 3335 dev = __dev_get_by_index(net, iif); 3336 if (!dev) { 3337 err = -ENODEV; 3338 goto errout; 3339 } 3340 3341 fl6.flowi6_iif = iif; 3342 3343 if (!ipv6_addr_any(&fl6.saddr)) 3344 flags |= RT6_LOOKUP_F_HAS_SADDR; 3345 3346 rt = (struct rt6_info *)ip6_route_input_lookup(net, dev, &fl6, 3347 flags); 3348 } else { 3349 fl6.flowi6_oif = oif; 3350 3351 if (netif_index_is_l3_master(net, oif)) { 3352 fl6.flowi6_flags = FLOWI_FLAG_L3MDEV_SRC | 3353 FLOWI_FLAG_SKIP_NH_OIF; 3354 } 3355 3356 rt = (struct rt6_info *)ip6_route_output(net, NULL, &fl6); 3357 } 3358 3359 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL); 3360 if (!skb) { 3361 ip6_rt_put(rt); 3362 err = -ENOBUFS; 3363 goto errout; 3364 } 3365 3366 /* Reserve room for dummy headers, this skb can pass 3367 through good chunk of routing engine. 3368 */ 3369 skb_reset_mac_header(skb); 3370 skb_reserve(skb, MAX_HEADER + sizeof(struct ipv6hdr)); 3371 3372 skb_dst_set(skb, &rt->dst); 3373 3374 err = rt6_fill_node(net, skb, rt, &fl6.daddr, &fl6.saddr, iif, 3375 RTM_NEWROUTE, NETLINK_CB(in_skb).portid, 3376 nlh->nlmsg_seq, 0, 0, 0); 3377 if (err < 0) { 3378 kfree_skb(skb); 3379 goto errout; 3380 } 3381 3382 err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).portid); 3383 errout: 3384 return err; 3385 } 3386 3387 void inet6_rt_notify(int event, struct rt6_info *rt, struct nl_info *info, 3388 unsigned int nlm_flags) 3389 { 3390 struct sk_buff *skb; 3391 struct net *net = info->nl_net; 3392 u32 seq; 3393 int err; 3394 3395 err = -ENOBUFS; 3396 seq = info->nlh ? info->nlh->nlmsg_seq : 0; 3397 3398 skb = nlmsg_new(rt6_nlmsg_size(rt), gfp_any()); 3399 if (!skb) 3400 goto errout; 3401 3402 err = rt6_fill_node(net, skb, rt, NULL, NULL, 0, 3403 event, info->portid, seq, 0, 0, nlm_flags); 3404 if (err < 0) { 3405 /* -EMSGSIZE implies BUG in rt6_nlmsg_size() */ 3406 WARN_ON(err == -EMSGSIZE); 3407 kfree_skb(skb); 3408 goto errout; 3409 } 3410 rtnl_notify(skb, net, info->portid, RTNLGRP_IPV6_ROUTE, 3411 info->nlh, gfp_any()); 3412 return; 3413 errout: 3414 if (err < 0) 3415 rtnl_set_sk_err(net, RTNLGRP_IPV6_ROUTE, err); 3416 } 3417 3418 static int ip6_route_dev_notify(struct notifier_block *this, 3419 unsigned long event, void *ptr) 3420 { 3421 struct net_device *dev = netdev_notifier_info_to_dev(ptr); 3422 struct net *net = dev_net(dev); 3423 3424 if (event == NETDEV_REGISTER && (dev->flags & IFF_LOOPBACK)) { 3425 net->ipv6.ip6_null_entry->dst.dev = dev; 3426 net->ipv6.ip6_null_entry->rt6i_idev = in6_dev_get(dev); 3427 #ifdef CONFIG_IPV6_MULTIPLE_TABLES 3428 net->ipv6.ip6_prohibit_entry->dst.dev = dev; 3429 net->ipv6.ip6_prohibit_entry->rt6i_idev = in6_dev_get(dev); 3430 net->ipv6.ip6_blk_hole_entry->dst.dev = dev; 3431 net->ipv6.ip6_blk_hole_entry->rt6i_idev = in6_dev_get(dev); 3432 #endif 3433 } 3434 3435 return NOTIFY_OK; 3436 } 3437 3438 /* 3439 * /proc 3440 */ 3441 3442 #ifdef CONFIG_PROC_FS 3443 3444 static const struct file_operations ipv6_route_proc_fops = { 3445 .owner = THIS_MODULE, 3446 .open = ipv6_route_open, 3447 .read = seq_read, 3448 .llseek = seq_lseek, 3449 .release = seq_release_net, 3450 }; 3451 3452 static int rt6_stats_seq_show(struct seq_file *seq, void *v) 3453 { 3454 struct net *net = (struct net *)seq->private; 3455 seq_printf(seq, "%04x %04x %04x %04x %04x %04x %04x\n", 3456 net->ipv6.rt6_stats->fib_nodes, 3457 net->ipv6.rt6_stats->fib_route_nodes, 3458 net->ipv6.rt6_stats->fib_rt_alloc, 3459 net->ipv6.rt6_stats->fib_rt_entries, 3460 net->ipv6.rt6_stats->fib_rt_cache, 3461 dst_entries_get_slow(&net->ipv6.ip6_dst_ops), 3462 net->ipv6.rt6_stats->fib_discarded_routes); 3463 3464 return 0; 3465 } 3466 3467 static int rt6_stats_seq_open(struct inode *inode, struct file *file) 3468 { 3469 return single_open_net(inode, file, rt6_stats_seq_show); 3470 } 3471 3472 static const struct file_operations rt6_stats_seq_fops = { 3473 .owner = THIS_MODULE, 3474 .open = rt6_stats_seq_open, 3475 .read = seq_read, 3476 .llseek = seq_lseek, 3477 .release = single_release_net, 3478 }; 3479 #endif /* CONFIG_PROC_FS */ 3480 3481 #ifdef CONFIG_SYSCTL 3482 3483 static 3484 int ipv6_sysctl_rtcache_flush(struct ctl_table *ctl, int write, 3485 void __user *buffer, size_t *lenp, loff_t *ppos) 3486 { 3487 struct net *net; 3488 int delay; 3489 if (!write) 3490 return -EINVAL; 3491 3492 net = (struct net *)ctl->extra1; 3493 delay = net->ipv6.sysctl.flush_delay; 3494 proc_dointvec(ctl, write, buffer, lenp, ppos); 3495 fib6_run_gc(delay <= 0 ? 0 : (unsigned long)delay, net, delay > 0); 3496 return 0; 3497 } 3498 3499 struct ctl_table ipv6_route_table_template[] = { 3500 { 3501 .procname = "flush", 3502 .data = &init_net.ipv6.sysctl.flush_delay, 3503 .maxlen = sizeof(int), 3504 .mode = 0200, 3505 .proc_handler = ipv6_sysctl_rtcache_flush 3506 }, 3507 { 3508 .procname = "gc_thresh", 3509 .data = &ip6_dst_ops_template.gc_thresh, 3510 .maxlen = sizeof(int), 3511 .mode = 0644, 3512 .proc_handler = proc_dointvec, 3513 }, 3514 { 3515 .procname = "max_size", 3516 .data = &init_net.ipv6.sysctl.ip6_rt_max_size, 3517 .maxlen = sizeof(int), 3518 .mode = 0644, 3519 .proc_handler = proc_dointvec, 3520 }, 3521 { 3522 .procname = "gc_min_interval", 3523 .data = &init_net.ipv6.sysctl.ip6_rt_gc_min_interval, 3524 .maxlen = sizeof(int), 3525 .mode = 0644, 3526 .proc_handler = proc_dointvec_jiffies, 3527 }, 3528 { 3529 .procname = "gc_timeout", 3530 .data = &init_net.ipv6.sysctl.ip6_rt_gc_timeout, 3531 .maxlen = sizeof(int), 3532 .mode = 0644, 3533 .proc_handler = proc_dointvec_jiffies, 3534 }, 3535 { 3536 .procname = "gc_interval", 3537 .data = &init_net.ipv6.sysctl.ip6_rt_gc_interval, 3538 .maxlen = sizeof(int), 3539 .mode = 0644, 3540 .proc_handler = proc_dointvec_jiffies, 3541 }, 3542 { 3543 .procname = "gc_elasticity", 3544 .data = &init_net.ipv6.sysctl.ip6_rt_gc_elasticity, 3545 .maxlen = sizeof(int), 3546 .mode = 0644, 3547 .proc_handler = proc_dointvec, 3548 }, 3549 { 3550 .procname = "mtu_expires", 3551 .data = &init_net.ipv6.sysctl.ip6_rt_mtu_expires, 3552 .maxlen = sizeof(int), 3553 .mode = 0644, 3554 .proc_handler = proc_dointvec_jiffies, 3555 }, 3556 { 3557 .procname = "min_adv_mss", 3558 .data = &init_net.ipv6.sysctl.ip6_rt_min_advmss, 3559 .maxlen = sizeof(int), 3560 .mode = 0644, 3561 .proc_handler = proc_dointvec, 3562 }, 3563 { 3564 .procname = "gc_min_interval_ms", 3565 .data = &init_net.ipv6.sysctl.ip6_rt_gc_min_interval, 3566 .maxlen = sizeof(int), 3567 .mode = 0644, 3568 .proc_handler = proc_dointvec_ms_jiffies, 3569 }, 3570 { } 3571 }; 3572 3573 struct ctl_table * __net_init ipv6_route_sysctl_init(struct net *net) 3574 { 3575 struct ctl_table *table; 3576 3577 table = kmemdup(ipv6_route_table_template, 3578 sizeof(ipv6_route_table_template), 3579 GFP_KERNEL); 3580 3581 if (table) { 3582 table[0].data = &net->ipv6.sysctl.flush_delay; 3583 table[0].extra1 = net; 3584 table[1].data = &net->ipv6.ip6_dst_ops.gc_thresh; 3585 table[2].data = &net->ipv6.sysctl.ip6_rt_max_size; 3586 table[3].data = &net->ipv6.sysctl.ip6_rt_gc_min_interval; 3587 table[4].data = &net->ipv6.sysctl.ip6_rt_gc_timeout; 3588 table[5].data = &net->ipv6.sysctl.ip6_rt_gc_interval; 3589 table[6].data = &net->ipv6.sysctl.ip6_rt_gc_elasticity; 3590 table[7].data = &net->ipv6.sysctl.ip6_rt_mtu_expires; 3591 table[8].data = &net->ipv6.sysctl.ip6_rt_min_advmss; 3592 table[9].data = &net->ipv6.sysctl.ip6_rt_gc_min_interval; 3593 3594 /* Don't export sysctls to unprivileged users */ 3595 if (net->user_ns != &init_user_ns) 3596 table[0].procname = NULL; 3597 } 3598 3599 return table; 3600 } 3601 #endif 3602 3603 static int __net_init ip6_route_net_init(struct net *net) 3604 { 3605 int ret = -ENOMEM; 3606 3607 memcpy(&net->ipv6.ip6_dst_ops, &ip6_dst_ops_template, 3608 sizeof(net->ipv6.ip6_dst_ops)); 3609 3610 if (dst_entries_init(&net->ipv6.ip6_dst_ops) < 0) 3611 goto out_ip6_dst_ops; 3612 3613 net->ipv6.ip6_null_entry = kmemdup(&ip6_null_entry_template, 3614 sizeof(*net->ipv6.ip6_null_entry), 3615 GFP_KERNEL); 3616 if (!net->ipv6.ip6_null_entry) 3617 goto out_ip6_dst_entries; 3618 net->ipv6.ip6_null_entry->dst.path = 3619 (struct dst_entry *)net->ipv6.ip6_null_entry; 3620 net->ipv6.ip6_null_entry->dst.ops = &net->ipv6.ip6_dst_ops; 3621 dst_init_metrics(&net->ipv6.ip6_null_entry->dst, 3622 ip6_template_metrics, true); 3623 3624 #ifdef CONFIG_IPV6_MULTIPLE_TABLES 3625 net->ipv6.ip6_prohibit_entry = kmemdup(&ip6_prohibit_entry_template, 3626 sizeof(*net->ipv6.ip6_prohibit_entry), 3627 GFP_KERNEL); 3628 if (!net->ipv6.ip6_prohibit_entry) 3629 goto out_ip6_null_entry; 3630 net->ipv6.ip6_prohibit_entry->dst.path = 3631 (struct dst_entry *)net->ipv6.ip6_prohibit_entry; 3632 net->ipv6.ip6_prohibit_entry->dst.ops = &net->ipv6.ip6_dst_ops; 3633 dst_init_metrics(&net->ipv6.ip6_prohibit_entry->dst, 3634 ip6_template_metrics, true); 3635 3636 net->ipv6.ip6_blk_hole_entry = kmemdup(&ip6_blk_hole_entry_template, 3637 sizeof(*net->ipv6.ip6_blk_hole_entry), 3638 GFP_KERNEL); 3639 if (!net->ipv6.ip6_blk_hole_entry) 3640 goto out_ip6_prohibit_entry; 3641 net->ipv6.ip6_blk_hole_entry->dst.path = 3642 (struct dst_entry *)net->ipv6.ip6_blk_hole_entry; 3643 net->ipv6.ip6_blk_hole_entry->dst.ops = &net->ipv6.ip6_dst_ops; 3644 dst_init_metrics(&net->ipv6.ip6_blk_hole_entry->dst, 3645 ip6_template_metrics, true); 3646 #endif 3647 3648 net->ipv6.sysctl.flush_delay = 0; 3649 net->ipv6.sysctl.ip6_rt_max_size = 4096; 3650 net->ipv6.sysctl.ip6_rt_gc_min_interval = HZ / 2; 3651 net->ipv6.sysctl.ip6_rt_gc_timeout = 60*HZ; 3652 net->ipv6.sysctl.ip6_rt_gc_interval = 30*HZ; 3653 net->ipv6.sysctl.ip6_rt_gc_elasticity = 9; 3654 net->ipv6.sysctl.ip6_rt_mtu_expires = 10*60*HZ; 3655 net->ipv6.sysctl.ip6_rt_min_advmss = IPV6_MIN_MTU - 20 - 40; 3656 3657 net->ipv6.ip6_rt_gc_expire = 30*HZ; 3658 3659 ret = 0; 3660 out: 3661 return ret; 3662 3663 #ifdef CONFIG_IPV6_MULTIPLE_TABLES 3664 out_ip6_prohibit_entry: 3665 kfree(net->ipv6.ip6_prohibit_entry); 3666 out_ip6_null_entry: 3667 kfree(net->ipv6.ip6_null_entry); 3668 #endif 3669 out_ip6_dst_entries: 3670 dst_entries_destroy(&net->ipv6.ip6_dst_ops); 3671 out_ip6_dst_ops: 3672 goto out; 3673 } 3674 3675 static void __net_exit ip6_route_net_exit(struct net *net) 3676 { 3677 kfree(net->ipv6.ip6_null_entry); 3678 #ifdef CONFIG_IPV6_MULTIPLE_TABLES 3679 kfree(net->ipv6.ip6_prohibit_entry); 3680 kfree(net->ipv6.ip6_blk_hole_entry); 3681 #endif 3682 dst_entries_destroy(&net->ipv6.ip6_dst_ops); 3683 } 3684 3685 static int __net_init ip6_route_net_init_late(struct net *net) 3686 { 3687 #ifdef CONFIG_PROC_FS 3688 proc_create("ipv6_route", 0, net->proc_net, &ipv6_route_proc_fops); 3689 proc_create("rt6_stats", S_IRUGO, net->proc_net, &rt6_stats_seq_fops); 3690 #endif 3691 return 0; 3692 } 3693 3694 static void __net_exit ip6_route_net_exit_late(struct net *net) 3695 { 3696 #ifdef CONFIG_PROC_FS 3697 remove_proc_entry("ipv6_route", net->proc_net); 3698 remove_proc_entry("rt6_stats", net->proc_net); 3699 #endif 3700 } 3701 3702 static struct pernet_operations ip6_route_net_ops = { 3703 .init = ip6_route_net_init, 3704 .exit = ip6_route_net_exit, 3705 }; 3706 3707 static int __net_init ipv6_inetpeer_init(struct net *net) 3708 { 3709 struct inet_peer_base *bp = kmalloc(sizeof(*bp), GFP_KERNEL); 3710 3711 if (!bp) 3712 return -ENOMEM; 3713 inet_peer_base_init(bp); 3714 net->ipv6.peers = bp; 3715 return 0; 3716 } 3717 3718 static void __net_exit ipv6_inetpeer_exit(struct net *net) 3719 { 3720 struct inet_peer_base *bp = net->ipv6.peers; 3721 3722 net->ipv6.peers = NULL; 3723 inetpeer_invalidate_tree(bp); 3724 kfree(bp); 3725 } 3726 3727 static struct pernet_operations ipv6_inetpeer_ops = { 3728 .init = ipv6_inetpeer_init, 3729 .exit = ipv6_inetpeer_exit, 3730 }; 3731 3732 static struct pernet_operations ip6_route_net_late_ops = { 3733 .init = ip6_route_net_init_late, 3734 .exit = ip6_route_net_exit_late, 3735 }; 3736 3737 static struct notifier_block ip6_route_dev_notifier = { 3738 .notifier_call = ip6_route_dev_notify, 3739 .priority = 0, 3740 }; 3741 3742 int __init ip6_route_init(void) 3743 { 3744 int ret; 3745 int cpu; 3746 3747 ret = -ENOMEM; 3748 ip6_dst_ops_template.kmem_cachep = 3749 kmem_cache_create("ip6_dst_cache", sizeof(struct rt6_info), 0, 3750 SLAB_HWCACHE_ALIGN, NULL); 3751 if (!ip6_dst_ops_template.kmem_cachep) 3752 goto out; 3753 3754 ret = dst_entries_init(&ip6_dst_blackhole_ops); 3755 if (ret) 3756 goto out_kmem_cache; 3757 3758 ret = register_pernet_subsys(&ipv6_inetpeer_ops); 3759 if (ret) 3760 goto out_dst_entries; 3761 3762 ret = register_pernet_subsys(&ip6_route_net_ops); 3763 if (ret) 3764 goto out_register_inetpeer; 3765 3766 ip6_dst_blackhole_ops.kmem_cachep = ip6_dst_ops_template.kmem_cachep; 3767 3768 /* Registering of the loopback is done before this portion of code, 3769 * the loopback reference in rt6_info will not be taken, do it 3770 * manually for init_net */ 3771 init_net.ipv6.ip6_null_entry->dst.dev = init_net.loopback_dev; 3772 init_net.ipv6.ip6_null_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev); 3773 #ifdef CONFIG_IPV6_MULTIPLE_TABLES 3774 init_net.ipv6.ip6_prohibit_entry->dst.dev = init_net.loopback_dev; 3775 init_net.ipv6.ip6_prohibit_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev); 3776 init_net.ipv6.ip6_blk_hole_entry->dst.dev = init_net.loopback_dev; 3777 init_net.ipv6.ip6_blk_hole_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev); 3778 #endif 3779 ret = fib6_init(); 3780 if (ret) 3781 goto out_register_subsys; 3782 3783 ret = xfrm6_init(); 3784 if (ret) 3785 goto out_fib6_init; 3786 3787 ret = fib6_rules_init(); 3788 if (ret) 3789 goto xfrm6_init; 3790 3791 ret = register_pernet_subsys(&ip6_route_net_late_ops); 3792 if (ret) 3793 goto fib6_rules_init; 3794 3795 ret = -ENOBUFS; 3796 if (__rtnl_register(PF_INET6, RTM_NEWROUTE, inet6_rtm_newroute, NULL, NULL) || 3797 __rtnl_register(PF_INET6, RTM_DELROUTE, inet6_rtm_delroute, NULL, NULL) || 3798 __rtnl_register(PF_INET6, RTM_GETROUTE, inet6_rtm_getroute, NULL, NULL)) 3799 goto out_register_late_subsys; 3800 3801 ret = register_netdevice_notifier(&ip6_route_dev_notifier); 3802 if (ret) 3803 goto out_register_late_subsys; 3804 3805 for_each_possible_cpu(cpu) { 3806 struct uncached_list *ul = per_cpu_ptr(&rt6_uncached_list, cpu); 3807 3808 INIT_LIST_HEAD(&ul->head); 3809 spin_lock_init(&ul->lock); 3810 } 3811 3812 out: 3813 return ret; 3814 3815 out_register_late_subsys: 3816 unregister_pernet_subsys(&ip6_route_net_late_ops); 3817 fib6_rules_init: 3818 fib6_rules_cleanup(); 3819 xfrm6_init: 3820 xfrm6_fini(); 3821 out_fib6_init: 3822 fib6_gc_cleanup(); 3823 out_register_subsys: 3824 unregister_pernet_subsys(&ip6_route_net_ops); 3825 out_register_inetpeer: 3826 unregister_pernet_subsys(&ipv6_inetpeer_ops); 3827 out_dst_entries: 3828 dst_entries_destroy(&ip6_dst_blackhole_ops); 3829 out_kmem_cache: 3830 kmem_cache_destroy(ip6_dst_ops_template.kmem_cachep); 3831 goto out; 3832 } 3833 3834 void ip6_route_cleanup(void) 3835 { 3836 unregister_netdevice_notifier(&ip6_route_dev_notifier); 3837 unregister_pernet_subsys(&ip6_route_net_late_ops); 3838 fib6_rules_cleanup(); 3839 xfrm6_fini(); 3840 fib6_gc_cleanup(); 3841 unregister_pernet_subsys(&ipv6_inetpeer_ops); 3842 unregister_pernet_subsys(&ip6_route_net_ops); 3843 dst_entries_destroy(&ip6_dst_blackhole_ops); 3844 kmem_cache_destroy(ip6_dst_ops_template.kmem_cachep); 3845 } 3846