1 /* 2 * Linux INET6 implementation 3 * FIB front-end. 4 * 5 * Authors: 6 * Pedro Roque <roque@di.fc.ul.pt> 7 * 8 * This program is free software; you can redistribute it and/or 9 * modify it under the terms of the GNU General Public License 10 * as published by the Free Software Foundation; either version 11 * 2 of the License, or (at your option) any later version. 12 */ 13 14 /* Changes: 15 * 16 * YOSHIFUJI Hideaki @USAGI 17 * reworked default router selection. 18 * - respect outgoing interface 19 * - select from (probably) reachable routers (i.e. 20 * routers in REACHABLE, STALE, DELAY or PROBE states). 21 * - always select the same router if it is (probably) 22 * reachable. otherwise, round-robin the list. 23 * Ville Nuorvala 24 * Fixed routing subtrees. 25 */ 26 27 #define pr_fmt(fmt) "IPv6: " fmt 28 29 #include <linux/capability.h> 30 #include <linux/errno.h> 31 #include <linux/export.h> 32 #include <linux/types.h> 33 #include <linux/times.h> 34 #include <linux/socket.h> 35 #include <linux/sockios.h> 36 #include <linux/net.h> 37 #include <linux/route.h> 38 #include <linux/netdevice.h> 39 #include <linux/in6.h> 40 #include <linux/mroute6.h> 41 #include <linux/init.h> 42 #include <linux/if_arp.h> 43 #include <linux/proc_fs.h> 44 #include <linux/seq_file.h> 45 #include <linux/nsproxy.h> 46 #include <linux/slab.h> 47 #include <net/net_namespace.h> 48 #include <net/snmp.h> 49 #include <net/ipv6.h> 50 #include <net/ip6_fib.h> 51 #include <net/ip6_route.h> 52 #include <net/ndisc.h> 53 #include <net/addrconf.h> 54 #include <net/tcp.h> 55 #include <linux/rtnetlink.h> 56 #include <net/dst.h> 57 #include <net/xfrm.h> 58 #include <net/netevent.h> 59 #include <net/netlink.h> 60 #include <net/nexthop.h> 61 62 #include <asm/uaccess.h> 63 64 #ifdef CONFIG_SYSCTL 65 #include <linux/sysctl.h> 66 #endif 67 68 enum rt6_nud_state { 69 RT6_NUD_FAIL_HARD = -3, 70 RT6_NUD_FAIL_PROBE = -2, 71 RT6_NUD_FAIL_DO_RR = -1, 72 RT6_NUD_SUCCEED = 1 73 }; 74 75 static struct rt6_info *ip6_rt_copy(struct rt6_info *ort, 76 const struct in6_addr *dest); 77 static struct dst_entry *ip6_dst_check(struct dst_entry *dst, u32 cookie); 78 static unsigned int ip6_default_advmss(const struct dst_entry *dst); 79 static unsigned int ip6_mtu(const struct dst_entry *dst); 80 static struct dst_entry *ip6_negative_advice(struct dst_entry *); 81 static void ip6_dst_destroy(struct dst_entry *); 82 static void ip6_dst_ifdown(struct dst_entry *, 83 struct net_device *dev, int how); 84 static int ip6_dst_gc(struct dst_ops *ops); 85 86 static int ip6_pkt_discard(struct sk_buff *skb); 87 static int ip6_pkt_discard_out(struct sock *sk, struct sk_buff *skb); 88 static int ip6_pkt_prohibit(struct sk_buff *skb); 89 static int ip6_pkt_prohibit_out(struct sock *sk, struct sk_buff *skb); 90 static void ip6_link_failure(struct sk_buff *skb); 91 static void ip6_rt_update_pmtu(struct dst_entry *dst, struct sock *sk, 92 struct sk_buff *skb, u32 mtu); 93 static void rt6_do_redirect(struct dst_entry *dst, struct sock *sk, 94 struct sk_buff *skb); 95 static int rt6_score_route(struct rt6_info *rt, int oif, int strict); 96 97 #ifdef CONFIG_IPV6_ROUTE_INFO 98 static struct rt6_info *rt6_add_route_info(struct net *net, 99 const struct in6_addr *prefix, int prefixlen, 100 const struct in6_addr *gwaddr, int ifindex, 101 unsigned int pref); 102 static struct rt6_info *rt6_get_route_info(struct net *net, 103 const struct in6_addr *prefix, int prefixlen, 104 const struct in6_addr *gwaddr, int ifindex); 105 #endif 106 107 static void rt6_bind_peer(struct rt6_info *rt, int create) 108 { 109 struct inet_peer_base *base; 110 struct inet_peer *peer; 111 112 base = inetpeer_base_ptr(rt->_rt6i_peer); 113 if (!base) 114 return; 115 116 peer = inet_getpeer_v6(base, &rt->rt6i_dst.addr, create); 117 if (peer) { 118 if (!rt6_set_peer(rt, peer)) 119 inet_putpeer(peer); 120 } 121 } 122 123 static struct inet_peer *__rt6_get_peer(struct rt6_info *rt, int create) 124 { 125 if (rt6_has_peer(rt)) 126 return rt6_peer_ptr(rt); 127 128 rt6_bind_peer(rt, create); 129 return (rt6_has_peer(rt) ? rt6_peer_ptr(rt) : NULL); 130 } 131 132 static struct inet_peer *rt6_get_peer_create(struct rt6_info *rt) 133 { 134 return __rt6_get_peer(rt, 1); 135 } 136 137 static u32 *ipv6_cow_metrics(struct dst_entry *dst, unsigned long old) 138 { 139 struct rt6_info *rt = (struct rt6_info *) dst; 140 struct inet_peer *peer; 141 u32 *p = NULL; 142 143 if (!(rt->dst.flags & DST_HOST)) 144 return NULL; 145 146 peer = rt6_get_peer_create(rt); 147 if (peer) { 148 u32 *old_p = __DST_METRICS_PTR(old); 149 unsigned long prev, new; 150 151 p = peer->metrics; 152 if (inet_metrics_new(peer) || 153 (old & DST_METRICS_FORCE_OVERWRITE)) 154 memcpy(p, old_p, sizeof(u32) * RTAX_MAX); 155 156 new = (unsigned long) p; 157 prev = cmpxchg(&dst->_metrics, old, new); 158 159 if (prev != old) { 160 p = __DST_METRICS_PTR(prev); 161 if (prev & DST_METRICS_READ_ONLY) 162 p = NULL; 163 } 164 } 165 return p; 166 } 167 168 static inline const void *choose_neigh_daddr(struct rt6_info *rt, 169 struct sk_buff *skb, 170 const void *daddr) 171 { 172 struct in6_addr *p = &rt->rt6i_gateway; 173 174 if (!ipv6_addr_any(p)) 175 return (const void *) p; 176 else if (skb) 177 return &ipv6_hdr(skb)->daddr; 178 return daddr; 179 } 180 181 static struct neighbour *ip6_neigh_lookup(const struct dst_entry *dst, 182 struct sk_buff *skb, 183 const void *daddr) 184 { 185 struct rt6_info *rt = (struct rt6_info *) dst; 186 struct neighbour *n; 187 188 daddr = choose_neigh_daddr(rt, skb, daddr); 189 n = __ipv6_neigh_lookup(dst->dev, daddr); 190 if (n) 191 return n; 192 return neigh_create(&nd_tbl, daddr, dst->dev); 193 } 194 195 static struct dst_ops ip6_dst_ops_template = { 196 .family = AF_INET6, 197 .protocol = cpu_to_be16(ETH_P_IPV6), 198 .gc = ip6_dst_gc, 199 .gc_thresh = 1024, 200 .check = ip6_dst_check, 201 .default_advmss = ip6_default_advmss, 202 .mtu = ip6_mtu, 203 .cow_metrics = ipv6_cow_metrics, 204 .destroy = ip6_dst_destroy, 205 .ifdown = ip6_dst_ifdown, 206 .negative_advice = ip6_negative_advice, 207 .link_failure = ip6_link_failure, 208 .update_pmtu = ip6_rt_update_pmtu, 209 .redirect = rt6_do_redirect, 210 .local_out = __ip6_local_out, 211 .neigh_lookup = ip6_neigh_lookup, 212 }; 213 214 static unsigned int ip6_blackhole_mtu(const struct dst_entry *dst) 215 { 216 unsigned int mtu = dst_metric_raw(dst, RTAX_MTU); 217 218 return mtu ? : dst->dev->mtu; 219 } 220 221 static void ip6_rt_blackhole_update_pmtu(struct dst_entry *dst, struct sock *sk, 222 struct sk_buff *skb, u32 mtu) 223 { 224 } 225 226 static void ip6_rt_blackhole_redirect(struct dst_entry *dst, struct sock *sk, 227 struct sk_buff *skb) 228 { 229 } 230 231 static u32 *ip6_rt_blackhole_cow_metrics(struct dst_entry *dst, 232 unsigned long old) 233 { 234 return NULL; 235 } 236 237 static struct dst_ops ip6_dst_blackhole_ops = { 238 .family = AF_INET6, 239 .protocol = cpu_to_be16(ETH_P_IPV6), 240 .destroy = ip6_dst_destroy, 241 .check = ip6_dst_check, 242 .mtu = ip6_blackhole_mtu, 243 .default_advmss = ip6_default_advmss, 244 .update_pmtu = ip6_rt_blackhole_update_pmtu, 245 .redirect = ip6_rt_blackhole_redirect, 246 .cow_metrics = ip6_rt_blackhole_cow_metrics, 247 .neigh_lookup = ip6_neigh_lookup, 248 }; 249 250 static const u32 ip6_template_metrics[RTAX_MAX] = { 251 [RTAX_HOPLIMIT - 1] = 0, 252 }; 253 254 static const struct rt6_info ip6_null_entry_template = { 255 .dst = { 256 .__refcnt = ATOMIC_INIT(1), 257 .__use = 1, 258 .obsolete = DST_OBSOLETE_FORCE_CHK, 259 .error = -ENETUNREACH, 260 .input = ip6_pkt_discard, 261 .output = ip6_pkt_discard_out, 262 }, 263 .rt6i_flags = (RTF_REJECT | RTF_NONEXTHOP), 264 .rt6i_protocol = RTPROT_KERNEL, 265 .rt6i_metric = ~(u32) 0, 266 .rt6i_ref = ATOMIC_INIT(1), 267 }; 268 269 #ifdef CONFIG_IPV6_MULTIPLE_TABLES 270 271 static const struct rt6_info ip6_prohibit_entry_template = { 272 .dst = { 273 .__refcnt = ATOMIC_INIT(1), 274 .__use = 1, 275 .obsolete = DST_OBSOLETE_FORCE_CHK, 276 .error = -EACCES, 277 .input = ip6_pkt_prohibit, 278 .output = ip6_pkt_prohibit_out, 279 }, 280 .rt6i_flags = (RTF_REJECT | RTF_NONEXTHOP), 281 .rt6i_protocol = RTPROT_KERNEL, 282 .rt6i_metric = ~(u32) 0, 283 .rt6i_ref = ATOMIC_INIT(1), 284 }; 285 286 static const struct rt6_info ip6_blk_hole_entry_template = { 287 .dst = { 288 .__refcnt = ATOMIC_INIT(1), 289 .__use = 1, 290 .obsolete = DST_OBSOLETE_FORCE_CHK, 291 .error = -EINVAL, 292 .input = dst_discard, 293 .output = dst_discard_sk, 294 }, 295 .rt6i_flags = (RTF_REJECT | RTF_NONEXTHOP), 296 .rt6i_protocol = RTPROT_KERNEL, 297 .rt6i_metric = ~(u32) 0, 298 .rt6i_ref = ATOMIC_INIT(1), 299 }; 300 301 #endif 302 303 /* allocate dst with ip6_dst_ops */ 304 static inline struct rt6_info *ip6_dst_alloc(struct net *net, 305 struct net_device *dev, 306 int flags, 307 struct fib6_table *table) 308 { 309 struct rt6_info *rt = dst_alloc(&net->ipv6.ip6_dst_ops, dev, 310 0, DST_OBSOLETE_FORCE_CHK, flags); 311 312 if (rt) { 313 struct dst_entry *dst = &rt->dst; 314 315 memset(dst + 1, 0, sizeof(*rt) - sizeof(*dst)); 316 rt6_init_peer(rt, table ? &table->tb6_peers : net->ipv6.peers); 317 INIT_LIST_HEAD(&rt->rt6i_siblings); 318 } 319 return rt; 320 } 321 322 static void ip6_dst_destroy(struct dst_entry *dst) 323 { 324 struct rt6_info *rt = (struct rt6_info *)dst; 325 struct inet6_dev *idev = rt->rt6i_idev; 326 struct dst_entry *from = dst->from; 327 328 if (!(rt->dst.flags & DST_HOST)) 329 dst_destroy_metrics_generic(dst); 330 331 if (idev) { 332 rt->rt6i_idev = NULL; 333 in6_dev_put(idev); 334 } 335 336 dst->from = NULL; 337 dst_release(from); 338 339 if (rt6_has_peer(rt)) { 340 struct inet_peer *peer = rt6_peer_ptr(rt); 341 inet_putpeer(peer); 342 } 343 } 344 345 static void ip6_dst_ifdown(struct dst_entry *dst, struct net_device *dev, 346 int how) 347 { 348 struct rt6_info *rt = (struct rt6_info *)dst; 349 struct inet6_dev *idev = rt->rt6i_idev; 350 struct net_device *loopback_dev = 351 dev_net(dev)->loopback_dev; 352 353 if (dev != loopback_dev) { 354 if (idev && idev->dev == dev) { 355 struct inet6_dev *loopback_idev = 356 in6_dev_get(loopback_dev); 357 if (loopback_idev) { 358 rt->rt6i_idev = loopback_idev; 359 in6_dev_put(idev); 360 } 361 } 362 } 363 } 364 365 static bool rt6_check_expired(const struct rt6_info *rt) 366 { 367 if (rt->rt6i_flags & RTF_EXPIRES) { 368 if (time_after(jiffies, rt->dst.expires)) 369 return true; 370 } else if (rt->dst.from) { 371 return rt6_check_expired((struct rt6_info *) rt->dst.from); 372 } 373 return false; 374 } 375 376 /* Multipath route selection: 377 * Hash based function using packet header and flowlabel. 378 * Adapted from fib_info_hashfn() 379 */ 380 static int rt6_info_hash_nhsfn(unsigned int candidate_count, 381 const struct flowi6 *fl6) 382 { 383 unsigned int val = fl6->flowi6_proto; 384 385 val ^= ipv6_addr_hash(&fl6->daddr); 386 val ^= ipv6_addr_hash(&fl6->saddr); 387 388 /* Work only if this not encapsulated */ 389 switch (fl6->flowi6_proto) { 390 case IPPROTO_UDP: 391 case IPPROTO_TCP: 392 case IPPROTO_SCTP: 393 val ^= (__force u16)fl6->fl6_sport; 394 val ^= (__force u16)fl6->fl6_dport; 395 break; 396 397 case IPPROTO_ICMPV6: 398 val ^= (__force u16)fl6->fl6_icmp_type; 399 val ^= (__force u16)fl6->fl6_icmp_code; 400 break; 401 } 402 /* RFC6438 recommands to use flowlabel */ 403 val ^= (__force u32)fl6->flowlabel; 404 405 /* Perhaps, we need to tune, this function? */ 406 val = val ^ (val >> 7) ^ (val >> 12); 407 return val % candidate_count; 408 } 409 410 static struct rt6_info *rt6_multipath_select(struct rt6_info *match, 411 struct flowi6 *fl6, int oif, 412 int strict) 413 { 414 struct rt6_info *sibling, *next_sibling; 415 int route_choosen; 416 417 route_choosen = rt6_info_hash_nhsfn(match->rt6i_nsiblings + 1, fl6); 418 /* Don't change the route, if route_choosen == 0 419 * (siblings does not include ourself) 420 */ 421 if (route_choosen) 422 list_for_each_entry_safe(sibling, next_sibling, 423 &match->rt6i_siblings, rt6i_siblings) { 424 route_choosen--; 425 if (route_choosen == 0) { 426 if (rt6_score_route(sibling, oif, strict) < 0) 427 break; 428 match = sibling; 429 break; 430 } 431 } 432 return match; 433 } 434 435 /* 436 * Route lookup. Any table->tb6_lock is implied. 437 */ 438 439 static inline struct rt6_info *rt6_device_match(struct net *net, 440 struct rt6_info *rt, 441 const struct in6_addr *saddr, 442 int oif, 443 int flags) 444 { 445 struct rt6_info *local = NULL; 446 struct rt6_info *sprt; 447 448 if (!oif && ipv6_addr_any(saddr)) 449 goto out; 450 451 for (sprt = rt; sprt; sprt = sprt->dst.rt6_next) { 452 struct net_device *dev = sprt->dst.dev; 453 454 if (oif) { 455 if (dev->ifindex == oif) 456 return sprt; 457 if (dev->flags & IFF_LOOPBACK) { 458 if (!sprt->rt6i_idev || 459 sprt->rt6i_idev->dev->ifindex != oif) { 460 if (flags & RT6_LOOKUP_F_IFACE && oif) 461 continue; 462 if (local && (!oif || 463 local->rt6i_idev->dev->ifindex == oif)) 464 continue; 465 } 466 local = sprt; 467 } 468 } else { 469 if (ipv6_chk_addr(net, saddr, dev, 470 flags & RT6_LOOKUP_F_IFACE)) 471 return sprt; 472 } 473 } 474 475 if (oif) { 476 if (local) 477 return local; 478 479 if (flags & RT6_LOOKUP_F_IFACE) 480 return net->ipv6.ip6_null_entry; 481 } 482 out: 483 return rt; 484 } 485 486 #ifdef CONFIG_IPV6_ROUTER_PREF 487 struct __rt6_probe_work { 488 struct work_struct work; 489 struct in6_addr target; 490 struct net_device *dev; 491 }; 492 493 static void rt6_probe_deferred(struct work_struct *w) 494 { 495 struct in6_addr mcaddr; 496 struct __rt6_probe_work *work = 497 container_of(w, struct __rt6_probe_work, work); 498 499 addrconf_addr_solict_mult(&work->target, &mcaddr); 500 ndisc_send_ns(work->dev, NULL, &work->target, &mcaddr, NULL); 501 dev_put(work->dev); 502 kfree(w); 503 } 504 505 static void rt6_probe(struct rt6_info *rt) 506 { 507 struct neighbour *neigh; 508 /* 509 * Okay, this does not seem to be appropriate 510 * for now, however, we need to check if it 511 * is really so; aka Router Reachability Probing. 512 * 513 * Router Reachability Probe MUST be rate-limited 514 * to no more than one per minute. 515 */ 516 if (!rt || !(rt->rt6i_flags & RTF_GATEWAY)) 517 return; 518 rcu_read_lock_bh(); 519 neigh = __ipv6_neigh_lookup_noref(rt->dst.dev, &rt->rt6i_gateway); 520 if (neigh) { 521 write_lock(&neigh->lock); 522 if (neigh->nud_state & NUD_VALID) 523 goto out; 524 } 525 526 if (!neigh || 527 time_after(jiffies, neigh->updated + rt->rt6i_idev->cnf.rtr_probe_interval)) { 528 struct __rt6_probe_work *work; 529 530 work = kmalloc(sizeof(*work), GFP_ATOMIC); 531 532 if (neigh && work) 533 __neigh_set_probe_once(neigh); 534 535 if (neigh) 536 write_unlock(&neigh->lock); 537 538 if (work) { 539 INIT_WORK(&work->work, rt6_probe_deferred); 540 work->target = rt->rt6i_gateway; 541 dev_hold(rt->dst.dev); 542 work->dev = rt->dst.dev; 543 schedule_work(&work->work); 544 } 545 } else { 546 out: 547 write_unlock(&neigh->lock); 548 } 549 rcu_read_unlock_bh(); 550 } 551 #else 552 static inline void rt6_probe(struct rt6_info *rt) 553 { 554 } 555 #endif 556 557 /* 558 * Default Router Selection (RFC 2461 6.3.6) 559 */ 560 static inline int rt6_check_dev(struct rt6_info *rt, int oif) 561 { 562 struct net_device *dev = rt->dst.dev; 563 if (!oif || dev->ifindex == oif) 564 return 2; 565 if ((dev->flags & IFF_LOOPBACK) && 566 rt->rt6i_idev && rt->rt6i_idev->dev->ifindex == oif) 567 return 1; 568 return 0; 569 } 570 571 static inline enum rt6_nud_state rt6_check_neigh(struct rt6_info *rt) 572 { 573 struct neighbour *neigh; 574 enum rt6_nud_state ret = RT6_NUD_FAIL_HARD; 575 576 if (rt->rt6i_flags & RTF_NONEXTHOP || 577 !(rt->rt6i_flags & RTF_GATEWAY)) 578 return RT6_NUD_SUCCEED; 579 580 rcu_read_lock_bh(); 581 neigh = __ipv6_neigh_lookup_noref(rt->dst.dev, &rt->rt6i_gateway); 582 if (neigh) { 583 read_lock(&neigh->lock); 584 if (neigh->nud_state & NUD_VALID) 585 ret = RT6_NUD_SUCCEED; 586 #ifdef CONFIG_IPV6_ROUTER_PREF 587 else if (!(neigh->nud_state & NUD_FAILED)) 588 ret = RT6_NUD_SUCCEED; 589 else 590 ret = RT6_NUD_FAIL_PROBE; 591 #endif 592 read_unlock(&neigh->lock); 593 } else { 594 ret = IS_ENABLED(CONFIG_IPV6_ROUTER_PREF) ? 595 RT6_NUD_SUCCEED : RT6_NUD_FAIL_DO_RR; 596 } 597 rcu_read_unlock_bh(); 598 599 return ret; 600 } 601 602 static int rt6_score_route(struct rt6_info *rt, int oif, 603 int strict) 604 { 605 int m; 606 607 m = rt6_check_dev(rt, oif); 608 if (!m && (strict & RT6_LOOKUP_F_IFACE)) 609 return RT6_NUD_FAIL_HARD; 610 #ifdef CONFIG_IPV6_ROUTER_PREF 611 m |= IPV6_DECODE_PREF(IPV6_EXTRACT_PREF(rt->rt6i_flags)) << 2; 612 #endif 613 if (strict & RT6_LOOKUP_F_REACHABLE) { 614 int n = rt6_check_neigh(rt); 615 if (n < 0) 616 return n; 617 } 618 return m; 619 } 620 621 static struct rt6_info *find_match(struct rt6_info *rt, int oif, int strict, 622 int *mpri, struct rt6_info *match, 623 bool *do_rr) 624 { 625 int m; 626 bool match_do_rr = false; 627 628 if (rt6_check_expired(rt)) 629 goto out; 630 631 m = rt6_score_route(rt, oif, strict); 632 if (m == RT6_NUD_FAIL_DO_RR) { 633 match_do_rr = true; 634 m = 0; /* lowest valid score */ 635 } else if (m == RT6_NUD_FAIL_HARD) { 636 goto out; 637 } 638 639 if (strict & RT6_LOOKUP_F_REACHABLE) 640 rt6_probe(rt); 641 642 /* note that m can be RT6_NUD_FAIL_PROBE at this point */ 643 if (m > *mpri) { 644 *do_rr = match_do_rr; 645 *mpri = m; 646 match = rt; 647 } 648 out: 649 return match; 650 } 651 652 static struct rt6_info *find_rr_leaf(struct fib6_node *fn, 653 struct rt6_info *rr_head, 654 u32 metric, int oif, int strict, 655 bool *do_rr) 656 { 657 struct rt6_info *rt, *match; 658 int mpri = -1; 659 660 match = NULL; 661 for (rt = rr_head; rt && rt->rt6i_metric == metric; 662 rt = rt->dst.rt6_next) 663 match = find_match(rt, oif, strict, &mpri, match, do_rr); 664 for (rt = fn->leaf; rt && rt != rr_head && rt->rt6i_metric == metric; 665 rt = rt->dst.rt6_next) 666 match = find_match(rt, oif, strict, &mpri, match, do_rr); 667 668 return match; 669 } 670 671 static struct rt6_info *rt6_select(struct fib6_node *fn, int oif, int strict) 672 { 673 struct rt6_info *match, *rt0; 674 struct net *net; 675 bool do_rr = false; 676 677 rt0 = fn->rr_ptr; 678 if (!rt0) 679 fn->rr_ptr = rt0 = fn->leaf; 680 681 match = find_rr_leaf(fn, rt0, rt0->rt6i_metric, oif, strict, 682 &do_rr); 683 684 if (do_rr) { 685 struct rt6_info *next = rt0->dst.rt6_next; 686 687 /* no entries matched; do round-robin */ 688 if (!next || next->rt6i_metric != rt0->rt6i_metric) 689 next = fn->leaf; 690 691 if (next != rt0) 692 fn->rr_ptr = next; 693 } 694 695 net = dev_net(rt0->dst.dev); 696 return match ? match : net->ipv6.ip6_null_entry; 697 } 698 699 #ifdef CONFIG_IPV6_ROUTE_INFO 700 int rt6_route_rcv(struct net_device *dev, u8 *opt, int len, 701 const struct in6_addr *gwaddr) 702 { 703 struct net *net = dev_net(dev); 704 struct route_info *rinfo = (struct route_info *) opt; 705 struct in6_addr prefix_buf, *prefix; 706 unsigned int pref; 707 unsigned long lifetime; 708 struct rt6_info *rt; 709 710 if (len < sizeof(struct route_info)) { 711 return -EINVAL; 712 } 713 714 /* Sanity check for prefix_len and length */ 715 if (rinfo->length > 3) { 716 return -EINVAL; 717 } else if (rinfo->prefix_len > 128) { 718 return -EINVAL; 719 } else if (rinfo->prefix_len > 64) { 720 if (rinfo->length < 2) { 721 return -EINVAL; 722 } 723 } else if (rinfo->prefix_len > 0) { 724 if (rinfo->length < 1) { 725 return -EINVAL; 726 } 727 } 728 729 pref = rinfo->route_pref; 730 if (pref == ICMPV6_ROUTER_PREF_INVALID) 731 return -EINVAL; 732 733 lifetime = addrconf_timeout_fixup(ntohl(rinfo->lifetime), HZ); 734 735 if (rinfo->length == 3) 736 prefix = (struct in6_addr *)rinfo->prefix; 737 else { 738 /* this function is safe */ 739 ipv6_addr_prefix(&prefix_buf, 740 (struct in6_addr *)rinfo->prefix, 741 rinfo->prefix_len); 742 prefix = &prefix_buf; 743 } 744 745 if (rinfo->prefix_len == 0) 746 rt = rt6_get_dflt_router(gwaddr, dev); 747 else 748 rt = rt6_get_route_info(net, prefix, rinfo->prefix_len, 749 gwaddr, dev->ifindex); 750 751 if (rt && !lifetime) { 752 ip6_del_rt(rt); 753 rt = NULL; 754 } 755 756 if (!rt && lifetime) 757 rt = rt6_add_route_info(net, prefix, rinfo->prefix_len, gwaddr, dev->ifindex, 758 pref); 759 else if (rt) 760 rt->rt6i_flags = RTF_ROUTEINFO | 761 (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref); 762 763 if (rt) { 764 if (!addrconf_finite_timeout(lifetime)) 765 rt6_clean_expires(rt); 766 else 767 rt6_set_expires(rt, jiffies + HZ * lifetime); 768 769 ip6_rt_put(rt); 770 } 771 return 0; 772 } 773 #endif 774 775 static struct fib6_node* fib6_backtrack(struct fib6_node *fn, 776 struct in6_addr *saddr) 777 { 778 struct fib6_node *pn; 779 while (1) { 780 if (fn->fn_flags & RTN_TL_ROOT) 781 return NULL; 782 pn = fn->parent; 783 if (FIB6_SUBTREE(pn) && FIB6_SUBTREE(pn) != fn) 784 fn = fib6_lookup(FIB6_SUBTREE(pn), NULL, saddr); 785 else 786 fn = pn; 787 if (fn->fn_flags & RTN_RTINFO) 788 return fn; 789 } 790 } 791 792 static struct rt6_info *ip6_pol_route_lookup(struct net *net, 793 struct fib6_table *table, 794 struct flowi6 *fl6, int flags) 795 { 796 struct fib6_node *fn; 797 struct rt6_info *rt; 798 799 read_lock_bh(&table->tb6_lock); 800 fn = fib6_lookup(&table->tb6_root, &fl6->daddr, &fl6->saddr); 801 restart: 802 rt = fn->leaf; 803 rt = rt6_device_match(net, rt, &fl6->saddr, fl6->flowi6_oif, flags); 804 if (rt->rt6i_nsiblings && fl6->flowi6_oif == 0) 805 rt = rt6_multipath_select(rt, fl6, fl6->flowi6_oif, flags); 806 if (rt == net->ipv6.ip6_null_entry) { 807 fn = fib6_backtrack(fn, &fl6->saddr); 808 if (fn) 809 goto restart; 810 } 811 dst_use(&rt->dst, jiffies); 812 read_unlock_bh(&table->tb6_lock); 813 return rt; 814 815 } 816 817 struct dst_entry *ip6_route_lookup(struct net *net, struct flowi6 *fl6, 818 int flags) 819 { 820 return fib6_rule_lookup(net, fl6, flags, ip6_pol_route_lookup); 821 } 822 EXPORT_SYMBOL_GPL(ip6_route_lookup); 823 824 struct rt6_info *rt6_lookup(struct net *net, const struct in6_addr *daddr, 825 const struct in6_addr *saddr, int oif, int strict) 826 { 827 struct flowi6 fl6 = { 828 .flowi6_oif = oif, 829 .daddr = *daddr, 830 }; 831 struct dst_entry *dst; 832 int flags = strict ? RT6_LOOKUP_F_IFACE : 0; 833 834 if (saddr) { 835 memcpy(&fl6.saddr, saddr, sizeof(*saddr)); 836 flags |= RT6_LOOKUP_F_HAS_SADDR; 837 } 838 839 dst = fib6_rule_lookup(net, &fl6, flags, ip6_pol_route_lookup); 840 if (dst->error == 0) 841 return (struct rt6_info *) dst; 842 843 dst_release(dst); 844 845 return NULL; 846 } 847 EXPORT_SYMBOL(rt6_lookup); 848 849 /* ip6_ins_rt is called with FREE table->tb6_lock. 850 It takes new route entry, the addition fails by any reason the 851 route is freed. In any case, if caller does not hold it, it may 852 be destroyed. 853 */ 854 855 static int __ip6_ins_rt(struct rt6_info *rt, struct nl_info *info, 856 struct nlattr *mx, int mx_len) 857 { 858 int err; 859 struct fib6_table *table; 860 861 table = rt->rt6i_table; 862 write_lock_bh(&table->tb6_lock); 863 err = fib6_add(&table->tb6_root, rt, info, mx, mx_len); 864 write_unlock_bh(&table->tb6_lock); 865 866 return err; 867 } 868 869 int ip6_ins_rt(struct rt6_info *rt) 870 { 871 struct nl_info info = { 872 .nl_net = dev_net(rt->dst.dev), 873 }; 874 return __ip6_ins_rt(rt, &info, NULL, 0); 875 } 876 877 static struct rt6_info *rt6_alloc_cow(struct rt6_info *ort, 878 const struct in6_addr *daddr, 879 const struct in6_addr *saddr) 880 { 881 struct rt6_info *rt; 882 883 /* 884 * Clone the route. 885 */ 886 887 rt = ip6_rt_copy(ort, daddr); 888 889 if (rt) { 890 if (ort->rt6i_dst.plen != 128 && 891 ipv6_addr_equal(&ort->rt6i_dst.addr, daddr)) 892 rt->rt6i_flags |= RTF_ANYCAST; 893 894 rt->rt6i_flags |= RTF_CACHE; 895 896 #ifdef CONFIG_IPV6_SUBTREES 897 if (rt->rt6i_src.plen && saddr) { 898 rt->rt6i_src.addr = *saddr; 899 rt->rt6i_src.plen = 128; 900 } 901 #endif 902 } 903 904 return rt; 905 } 906 907 static struct rt6_info *rt6_alloc_clone(struct rt6_info *ort, 908 const struct in6_addr *daddr) 909 { 910 struct rt6_info *rt = ip6_rt_copy(ort, daddr); 911 912 if (rt) 913 rt->rt6i_flags |= RTF_CACHE; 914 return rt; 915 } 916 917 static struct rt6_info *ip6_pol_route(struct net *net, struct fib6_table *table, int oif, 918 struct flowi6 *fl6, int flags) 919 { 920 struct fib6_node *fn, *saved_fn; 921 struct rt6_info *rt, *nrt; 922 int strict = 0; 923 int attempts = 3; 924 int err; 925 926 strict |= flags & RT6_LOOKUP_F_IFACE; 927 if (net->ipv6.devconf_all->forwarding == 0) 928 strict |= RT6_LOOKUP_F_REACHABLE; 929 930 redo_fib6_lookup_lock: 931 read_lock_bh(&table->tb6_lock); 932 933 fn = fib6_lookup(&table->tb6_root, &fl6->daddr, &fl6->saddr); 934 saved_fn = fn; 935 936 redo_rt6_select: 937 rt = rt6_select(fn, oif, strict); 938 if (rt->rt6i_nsiblings) 939 rt = rt6_multipath_select(rt, fl6, oif, strict); 940 if (rt == net->ipv6.ip6_null_entry) { 941 fn = fib6_backtrack(fn, &fl6->saddr); 942 if (fn) 943 goto redo_rt6_select; 944 else if (strict & RT6_LOOKUP_F_REACHABLE) { 945 /* also consider unreachable route */ 946 strict &= ~RT6_LOOKUP_F_REACHABLE; 947 fn = saved_fn; 948 goto redo_rt6_select; 949 } else { 950 dst_hold(&rt->dst); 951 read_unlock_bh(&table->tb6_lock); 952 goto out2; 953 } 954 } 955 956 dst_hold(&rt->dst); 957 read_unlock_bh(&table->tb6_lock); 958 959 if (rt->rt6i_flags & RTF_CACHE) 960 goto out2; 961 962 if (!(rt->rt6i_flags & (RTF_NONEXTHOP | RTF_GATEWAY))) 963 nrt = rt6_alloc_cow(rt, &fl6->daddr, &fl6->saddr); 964 else if (!(rt->dst.flags & DST_HOST)) 965 nrt = rt6_alloc_clone(rt, &fl6->daddr); 966 else 967 goto out2; 968 969 ip6_rt_put(rt); 970 rt = nrt ? : net->ipv6.ip6_null_entry; 971 972 dst_hold(&rt->dst); 973 if (nrt) { 974 err = ip6_ins_rt(nrt); 975 if (!err) 976 goto out2; 977 } 978 979 if (--attempts <= 0) 980 goto out2; 981 982 /* 983 * Race condition! In the gap, when table->tb6_lock was 984 * released someone could insert this route. Relookup. 985 */ 986 ip6_rt_put(rt); 987 goto redo_fib6_lookup_lock; 988 989 out2: 990 rt->dst.lastuse = jiffies; 991 rt->dst.__use++; 992 993 return rt; 994 } 995 996 static struct rt6_info *ip6_pol_route_input(struct net *net, struct fib6_table *table, 997 struct flowi6 *fl6, int flags) 998 { 999 return ip6_pol_route(net, table, fl6->flowi6_iif, fl6, flags); 1000 } 1001 1002 static struct dst_entry *ip6_route_input_lookup(struct net *net, 1003 struct net_device *dev, 1004 struct flowi6 *fl6, int flags) 1005 { 1006 if (rt6_need_strict(&fl6->daddr) && dev->type != ARPHRD_PIMREG) 1007 flags |= RT6_LOOKUP_F_IFACE; 1008 1009 return fib6_rule_lookup(net, fl6, flags, ip6_pol_route_input); 1010 } 1011 1012 void ip6_route_input(struct sk_buff *skb) 1013 { 1014 const struct ipv6hdr *iph = ipv6_hdr(skb); 1015 struct net *net = dev_net(skb->dev); 1016 int flags = RT6_LOOKUP_F_HAS_SADDR; 1017 struct flowi6 fl6 = { 1018 .flowi6_iif = skb->dev->ifindex, 1019 .daddr = iph->daddr, 1020 .saddr = iph->saddr, 1021 .flowlabel = ip6_flowinfo(iph), 1022 .flowi6_mark = skb->mark, 1023 .flowi6_proto = iph->nexthdr, 1024 }; 1025 1026 skb_dst_set(skb, ip6_route_input_lookup(net, skb->dev, &fl6, flags)); 1027 } 1028 1029 static struct rt6_info *ip6_pol_route_output(struct net *net, struct fib6_table *table, 1030 struct flowi6 *fl6, int flags) 1031 { 1032 return ip6_pol_route(net, table, fl6->flowi6_oif, fl6, flags); 1033 } 1034 1035 struct dst_entry *ip6_route_output(struct net *net, const struct sock *sk, 1036 struct flowi6 *fl6) 1037 { 1038 int flags = 0; 1039 1040 fl6->flowi6_iif = LOOPBACK_IFINDEX; 1041 1042 if ((sk && sk->sk_bound_dev_if) || rt6_need_strict(&fl6->daddr)) 1043 flags |= RT6_LOOKUP_F_IFACE; 1044 1045 if (!ipv6_addr_any(&fl6->saddr)) 1046 flags |= RT6_LOOKUP_F_HAS_SADDR; 1047 else if (sk) 1048 flags |= rt6_srcprefs2flags(inet6_sk(sk)->srcprefs); 1049 1050 return fib6_rule_lookup(net, fl6, flags, ip6_pol_route_output); 1051 } 1052 EXPORT_SYMBOL(ip6_route_output); 1053 1054 struct dst_entry *ip6_blackhole_route(struct net *net, struct dst_entry *dst_orig) 1055 { 1056 struct rt6_info *rt, *ort = (struct rt6_info *) dst_orig; 1057 struct dst_entry *new = NULL; 1058 1059 rt = dst_alloc(&ip6_dst_blackhole_ops, ort->dst.dev, 1, DST_OBSOLETE_NONE, 0); 1060 if (rt) { 1061 new = &rt->dst; 1062 1063 memset(new + 1, 0, sizeof(*rt) - sizeof(*new)); 1064 rt6_init_peer(rt, net->ipv6.peers); 1065 1066 new->__use = 1; 1067 new->input = dst_discard; 1068 new->output = dst_discard_sk; 1069 1070 if (dst_metrics_read_only(&ort->dst)) 1071 new->_metrics = ort->dst._metrics; 1072 else 1073 dst_copy_metrics(new, &ort->dst); 1074 rt->rt6i_idev = ort->rt6i_idev; 1075 if (rt->rt6i_idev) 1076 in6_dev_hold(rt->rt6i_idev); 1077 1078 rt->rt6i_gateway = ort->rt6i_gateway; 1079 rt->rt6i_flags = ort->rt6i_flags; 1080 rt->rt6i_metric = 0; 1081 1082 memcpy(&rt->rt6i_dst, &ort->rt6i_dst, sizeof(struct rt6key)); 1083 #ifdef CONFIG_IPV6_SUBTREES 1084 memcpy(&rt->rt6i_src, &ort->rt6i_src, sizeof(struct rt6key)); 1085 #endif 1086 1087 dst_free(new); 1088 } 1089 1090 dst_release(dst_orig); 1091 return new ? new : ERR_PTR(-ENOMEM); 1092 } 1093 1094 /* 1095 * Destination cache support functions 1096 */ 1097 1098 static struct dst_entry *ip6_dst_check(struct dst_entry *dst, u32 cookie) 1099 { 1100 struct rt6_info *rt; 1101 1102 rt = (struct rt6_info *) dst; 1103 1104 /* All IPV6 dsts are created with ->obsolete set to the value 1105 * DST_OBSOLETE_FORCE_CHK which forces validation calls down 1106 * into this function always. 1107 */ 1108 if (!rt->rt6i_node || (rt->rt6i_node->fn_sernum != cookie)) 1109 return NULL; 1110 1111 if (rt6_check_expired(rt)) 1112 return NULL; 1113 1114 return dst; 1115 } 1116 1117 static struct dst_entry *ip6_negative_advice(struct dst_entry *dst) 1118 { 1119 struct rt6_info *rt = (struct rt6_info *) dst; 1120 1121 if (rt) { 1122 if (rt->rt6i_flags & RTF_CACHE) { 1123 if (rt6_check_expired(rt)) { 1124 ip6_del_rt(rt); 1125 dst = NULL; 1126 } 1127 } else { 1128 dst_release(dst); 1129 dst = NULL; 1130 } 1131 } 1132 return dst; 1133 } 1134 1135 static void ip6_link_failure(struct sk_buff *skb) 1136 { 1137 struct rt6_info *rt; 1138 1139 icmpv6_send(skb, ICMPV6_DEST_UNREACH, ICMPV6_ADDR_UNREACH, 0); 1140 1141 rt = (struct rt6_info *) skb_dst(skb); 1142 if (rt) { 1143 if (rt->rt6i_flags & RTF_CACHE) { 1144 dst_hold(&rt->dst); 1145 if (ip6_del_rt(rt)) 1146 dst_free(&rt->dst); 1147 } else if (rt->rt6i_node && (rt->rt6i_flags & RTF_DEFAULT)) { 1148 rt->rt6i_node->fn_sernum = -1; 1149 } 1150 } 1151 } 1152 1153 static void ip6_rt_update_pmtu(struct dst_entry *dst, struct sock *sk, 1154 struct sk_buff *skb, u32 mtu) 1155 { 1156 struct rt6_info *rt6 = (struct rt6_info *)dst; 1157 1158 dst_confirm(dst); 1159 if (mtu < dst_mtu(dst) && rt6->rt6i_dst.plen == 128) { 1160 struct net *net = dev_net(dst->dev); 1161 1162 rt6->rt6i_flags |= RTF_MODIFIED; 1163 if (mtu < IPV6_MIN_MTU) 1164 mtu = IPV6_MIN_MTU; 1165 1166 dst_metric_set(dst, RTAX_MTU, mtu); 1167 rt6_update_expires(rt6, net->ipv6.sysctl.ip6_rt_mtu_expires); 1168 } 1169 } 1170 1171 void ip6_update_pmtu(struct sk_buff *skb, struct net *net, __be32 mtu, 1172 int oif, u32 mark) 1173 { 1174 const struct ipv6hdr *iph = (struct ipv6hdr *) skb->data; 1175 struct dst_entry *dst; 1176 struct flowi6 fl6; 1177 1178 memset(&fl6, 0, sizeof(fl6)); 1179 fl6.flowi6_oif = oif; 1180 fl6.flowi6_mark = mark ? mark : IP6_REPLY_MARK(net, skb->mark); 1181 fl6.daddr = iph->daddr; 1182 fl6.saddr = iph->saddr; 1183 fl6.flowlabel = ip6_flowinfo(iph); 1184 1185 dst = ip6_route_output(net, NULL, &fl6); 1186 if (!dst->error) 1187 ip6_rt_update_pmtu(dst, NULL, skb, ntohl(mtu)); 1188 dst_release(dst); 1189 } 1190 EXPORT_SYMBOL_GPL(ip6_update_pmtu); 1191 1192 void ip6_sk_update_pmtu(struct sk_buff *skb, struct sock *sk, __be32 mtu) 1193 { 1194 ip6_update_pmtu(skb, sock_net(sk), mtu, 1195 sk->sk_bound_dev_if, sk->sk_mark); 1196 } 1197 EXPORT_SYMBOL_GPL(ip6_sk_update_pmtu); 1198 1199 /* Handle redirects */ 1200 struct ip6rd_flowi { 1201 struct flowi6 fl6; 1202 struct in6_addr gateway; 1203 }; 1204 1205 static struct rt6_info *__ip6_route_redirect(struct net *net, 1206 struct fib6_table *table, 1207 struct flowi6 *fl6, 1208 int flags) 1209 { 1210 struct ip6rd_flowi *rdfl = (struct ip6rd_flowi *)fl6; 1211 struct rt6_info *rt; 1212 struct fib6_node *fn; 1213 1214 /* Get the "current" route for this destination and 1215 * check if the redirect has come from approriate router. 1216 * 1217 * RFC 4861 specifies that redirects should only be 1218 * accepted if they come from the nexthop to the target. 1219 * Due to the way the routes are chosen, this notion 1220 * is a bit fuzzy and one might need to check all possible 1221 * routes. 1222 */ 1223 1224 read_lock_bh(&table->tb6_lock); 1225 fn = fib6_lookup(&table->tb6_root, &fl6->daddr, &fl6->saddr); 1226 restart: 1227 for (rt = fn->leaf; rt; rt = rt->dst.rt6_next) { 1228 if (rt6_check_expired(rt)) 1229 continue; 1230 if (rt->dst.error) 1231 break; 1232 if (!(rt->rt6i_flags & RTF_GATEWAY)) 1233 continue; 1234 if (fl6->flowi6_oif != rt->dst.dev->ifindex) 1235 continue; 1236 if (!ipv6_addr_equal(&rdfl->gateway, &rt->rt6i_gateway)) 1237 continue; 1238 break; 1239 } 1240 1241 if (!rt) 1242 rt = net->ipv6.ip6_null_entry; 1243 else if (rt->dst.error) { 1244 rt = net->ipv6.ip6_null_entry; 1245 } else if (rt == net->ipv6.ip6_null_entry) { 1246 fn = fib6_backtrack(fn, &fl6->saddr); 1247 if (fn) 1248 goto restart; 1249 } 1250 1251 dst_hold(&rt->dst); 1252 1253 read_unlock_bh(&table->tb6_lock); 1254 1255 return rt; 1256 }; 1257 1258 static struct dst_entry *ip6_route_redirect(struct net *net, 1259 const struct flowi6 *fl6, 1260 const struct in6_addr *gateway) 1261 { 1262 int flags = RT6_LOOKUP_F_HAS_SADDR; 1263 struct ip6rd_flowi rdfl; 1264 1265 rdfl.fl6 = *fl6; 1266 rdfl.gateway = *gateway; 1267 1268 return fib6_rule_lookup(net, &rdfl.fl6, 1269 flags, __ip6_route_redirect); 1270 } 1271 1272 void ip6_redirect(struct sk_buff *skb, struct net *net, int oif, u32 mark) 1273 { 1274 const struct ipv6hdr *iph = (struct ipv6hdr *) skb->data; 1275 struct dst_entry *dst; 1276 struct flowi6 fl6; 1277 1278 memset(&fl6, 0, sizeof(fl6)); 1279 fl6.flowi6_iif = LOOPBACK_IFINDEX; 1280 fl6.flowi6_oif = oif; 1281 fl6.flowi6_mark = mark; 1282 fl6.daddr = iph->daddr; 1283 fl6.saddr = iph->saddr; 1284 fl6.flowlabel = ip6_flowinfo(iph); 1285 1286 dst = ip6_route_redirect(net, &fl6, &ipv6_hdr(skb)->saddr); 1287 rt6_do_redirect(dst, NULL, skb); 1288 dst_release(dst); 1289 } 1290 EXPORT_SYMBOL_GPL(ip6_redirect); 1291 1292 void ip6_redirect_no_header(struct sk_buff *skb, struct net *net, int oif, 1293 u32 mark) 1294 { 1295 const struct ipv6hdr *iph = ipv6_hdr(skb); 1296 const struct rd_msg *msg = (struct rd_msg *)icmp6_hdr(skb); 1297 struct dst_entry *dst; 1298 struct flowi6 fl6; 1299 1300 memset(&fl6, 0, sizeof(fl6)); 1301 fl6.flowi6_iif = LOOPBACK_IFINDEX; 1302 fl6.flowi6_oif = oif; 1303 fl6.flowi6_mark = mark; 1304 fl6.daddr = msg->dest; 1305 fl6.saddr = iph->daddr; 1306 1307 dst = ip6_route_redirect(net, &fl6, &iph->saddr); 1308 rt6_do_redirect(dst, NULL, skb); 1309 dst_release(dst); 1310 } 1311 1312 void ip6_sk_redirect(struct sk_buff *skb, struct sock *sk) 1313 { 1314 ip6_redirect(skb, sock_net(sk), sk->sk_bound_dev_if, sk->sk_mark); 1315 } 1316 EXPORT_SYMBOL_GPL(ip6_sk_redirect); 1317 1318 static unsigned int ip6_default_advmss(const struct dst_entry *dst) 1319 { 1320 struct net_device *dev = dst->dev; 1321 unsigned int mtu = dst_mtu(dst); 1322 struct net *net = dev_net(dev); 1323 1324 mtu -= sizeof(struct ipv6hdr) + sizeof(struct tcphdr); 1325 1326 if (mtu < net->ipv6.sysctl.ip6_rt_min_advmss) 1327 mtu = net->ipv6.sysctl.ip6_rt_min_advmss; 1328 1329 /* 1330 * Maximal non-jumbo IPv6 payload is IPV6_MAXPLEN and 1331 * corresponding MSS is IPV6_MAXPLEN - tcp_header_size. 1332 * IPV6_MAXPLEN is also valid and means: "any MSS, 1333 * rely only on pmtu discovery" 1334 */ 1335 if (mtu > IPV6_MAXPLEN - sizeof(struct tcphdr)) 1336 mtu = IPV6_MAXPLEN; 1337 return mtu; 1338 } 1339 1340 static unsigned int ip6_mtu(const struct dst_entry *dst) 1341 { 1342 struct inet6_dev *idev; 1343 unsigned int mtu = dst_metric_raw(dst, RTAX_MTU); 1344 1345 if (mtu) 1346 goto out; 1347 1348 mtu = IPV6_MIN_MTU; 1349 1350 rcu_read_lock(); 1351 idev = __in6_dev_get(dst->dev); 1352 if (idev) 1353 mtu = idev->cnf.mtu6; 1354 rcu_read_unlock(); 1355 1356 out: 1357 return min_t(unsigned int, mtu, IP6_MAX_MTU); 1358 } 1359 1360 static struct dst_entry *icmp6_dst_gc_list; 1361 static DEFINE_SPINLOCK(icmp6_dst_lock); 1362 1363 struct dst_entry *icmp6_dst_alloc(struct net_device *dev, 1364 struct flowi6 *fl6) 1365 { 1366 struct dst_entry *dst; 1367 struct rt6_info *rt; 1368 struct inet6_dev *idev = in6_dev_get(dev); 1369 struct net *net = dev_net(dev); 1370 1371 if (unlikely(!idev)) 1372 return ERR_PTR(-ENODEV); 1373 1374 rt = ip6_dst_alloc(net, dev, 0, NULL); 1375 if (unlikely(!rt)) { 1376 in6_dev_put(idev); 1377 dst = ERR_PTR(-ENOMEM); 1378 goto out; 1379 } 1380 1381 rt->dst.flags |= DST_HOST; 1382 rt->dst.output = ip6_output; 1383 atomic_set(&rt->dst.__refcnt, 1); 1384 rt->rt6i_gateway = fl6->daddr; 1385 rt->rt6i_dst.addr = fl6->daddr; 1386 rt->rt6i_dst.plen = 128; 1387 rt->rt6i_idev = idev; 1388 dst_metric_set(&rt->dst, RTAX_HOPLIMIT, 0); 1389 1390 spin_lock_bh(&icmp6_dst_lock); 1391 rt->dst.next = icmp6_dst_gc_list; 1392 icmp6_dst_gc_list = &rt->dst; 1393 spin_unlock_bh(&icmp6_dst_lock); 1394 1395 fib6_force_start_gc(net); 1396 1397 dst = xfrm_lookup(net, &rt->dst, flowi6_to_flowi(fl6), NULL, 0); 1398 1399 out: 1400 return dst; 1401 } 1402 1403 int icmp6_dst_gc(void) 1404 { 1405 struct dst_entry *dst, **pprev; 1406 int more = 0; 1407 1408 spin_lock_bh(&icmp6_dst_lock); 1409 pprev = &icmp6_dst_gc_list; 1410 1411 while ((dst = *pprev) != NULL) { 1412 if (!atomic_read(&dst->__refcnt)) { 1413 *pprev = dst->next; 1414 dst_free(dst); 1415 } else { 1416 pprev = &dst->next; 1417 ++more; 1418 } 1419 } 1420 1421 spin_unlock_bh(&icmp6_dst_lock); 1422 1423 return more; 1424 } 1425 1426 static void icmp6_clean_all(int (*func)(struct rt6_info *rt, void *arg), 1427 void *arg) 1428 { 1429 struct dst_entry *dst, **pprev; 1430 1431 spin_lock_bh(&icmp6_dst_lock); 1432 pprev = &icmp6_dst_gc_list; 1433 while ((dst = *pprev) != NULL) { 1434 struct rt6_info *rt = (struct rt6_info *) dst; 1435 if (func(rt, arg)) { 1436 *pprev = dst->next; 1437 dst_free(dst); 1438 } else { 1439 pprev = &dst->next; 1440 } 1441 } 1442 spin_unlock_bh(&icmp6_dst_lock); 1443 } 1444 1445 static int ip6_dst_gc(struct dst_ops *ops) 1446 { 1447 struct net *net = container_of(ops, struct net, ipv6.ip6_dst_ops); 1448 int rt_min_interval = net->ipv6.sysctl.ip6_rt_gc_min_interval; 1449 int rt_max_size = net->ipv6.sysctl.ip6_rt_max_size; 1450 int rt_elasticity = net->ipv6.sysctl.ip6_rt_gc_elasticity; 1451 int rt_gc_timeout = net->ipv6.sysctl.ip6_rt_gc_timeout; 1452 unsigned long rt_last_gc = net->ipv6.ip6_rt_last_gc; 1453 int entries; 1454 1455 entries = dst_entries_get_fast(ops); 1456 if (time_after(rt_last_gc + rt_min_interval, jiffies) && 1457 entries <= rt_max_size) 1458 goto out; 1459 1460 net->ipv6.ip6_rt_gc_expire++; 1461 fib6_run_gc(net->ipv6.ip6_rt_gc_expire, net, true); 1462 entries = dst_entries_get_slow(ops); 1463 if (entries < ops->gc_thresh) 1464 net->ipv6.ip6_rt_gc_expire = rt_gc_timeout>>1; 1465 out: 1466 net->ipv6.ip6_rt_gc_expire -= net->ipv6.ip6_rt_gc_expire>>rt_elasticity; 1467 return entries > rt_max_size; 1468 } 1469 1470 /* 1471 * 1472 */ 1473 1474 int ip6_route_add(struct fib6_config *cfg) 1475 { 1476 int err; 1477 struct net *net = cfg->fc_nlinfo.nl_net; 1478 struct rt6_info *rt = NULL; 1479 struct net_device *dev = NULL; 1480 struct inet6_dev *idev = NULL; 1481 struct fib6_table *table; 1482 int addr_type; 1483 1484 if (cfg->fc_dst_len > 128 || cfg->fc_src_len > 128) 1485 return -EINVAL; 1486 #ifndef CONFIG_IPV6_SUBTREES 1487 if (cfg->fc_src_len) 1488 return -EINVAL; 1489 #endif 1490 if (cfg->fc_ifindex) { 1491 err = -ENODEV; 1492 dev = dev_get_by_index(net, cfg->fc_ifindex); 1493 if (!dev) 1494 goto out; 1495 idev = in6_dev_get(dev); 1496 if (!idev) 1497 goto out; 1498 } 1499 1500 if (cfg->fc_metric == 0) 1501 cfg->fc_metric = IP6_RT_PRIO_USER; 1502 1503 err = -ENOBUFS; 1504 if (cfg->fc_nlinfo.nlh && 1505 !(cfg->fc_nlinfo.nlh->nlmsg_flags & NLM_F_CREATE)) { 1506 table = fib6_get_table(net, cfg->fc_table); 1507 if (!table) { 1508 pr_warn("NLM_F_CREATE should be specified when creating new route\n"); 1509 table = fib6_new_table(net, cfg->fc_table); 1510 } 1511 } else { 1512 table = fib6_new_table(net, cfg->fc_table); 1513 } 1514 1515 if (!table) 1516 goto out; 1517 1518 rt = ip6_dst_alloc(net, NULL, (cfg->fc_flags & RTF_ADDRCONF) ? 0 : DST_NOCOUNT, table); 1519 1520 if (!rt) { 1521 err = -ENOMEM; 1522 goto out; 1523 } 1524 1525 if (cfg->fc_flags & RTF_EXPIRES) 1526 rt6_set_expires(rt, jiffies + 1527 clock_t_to_jiffies(cfg->fc_expires)); 1528 else 1529 rt6_clean_expires(rt); 1530 1531 if (cfg->fc_protocol == RTPROT_UNSPEC) 1532 cfg->fc_protocol = RTPROT_BOOT; 1533 rt->rt6i_protocol = cfg->fc_protocol; 1534 1535 addr_type = ipv6_addr_type(&cfg->fc_dst); 1536 1537 if (addr_type & IPV6_ADDR_MULTICAST) 1538 rt->dst.input = ip6_mc_input; 1539 else if (cfg->fc_flags & RTF_LOCAL) 1540 rt->dst.input = ip6_input; 1541 else 1542 rt->dst.input = ip6_forward; 1543 1544 rt->dst.output = ip6_output; 1545 1546 ipv6_addr_prefix(&rt->rt6i_dst.addr, &cfg->fc_dst, cfg->fc_dst_len); 1547 rt->rt6i_dst.plen = cfg->fc_dst_len; 1548 if (rt->rt6i_dst.plen == 128) { 1549 rt->dst.flags |= DST_HOST; 1550 dst_metrics_set_force_overwrite(&rt->dst); 1551 } 1552 1553 #ifdef CONFIG_IPV6_SUBTREES 1554 ipv6_addr_prefix(&rt->rt6i_src.addr, &cfg->fc_src, cfg->fc_src_len); 1555 rt->rt6i_src.plen = cfg->fc_src_len; 1556 #endif 1557 1558 rt->rt6i_metric = cfg->fc_metric; 1559 1560 /* We cannot add true routes via loopback here, 1561 they would result in kernel looping; promote them to reject routes 1562 */ 1563 if ((cfg->fc_flags & RTF_REJECT) || 1564 (dev && (dev->flags & IFF_LOOPBACK) && 1565 !(addr_type & IPV6_ADDR_LOOPBACK) && 1566 !(cfg->fc_flags & RTF_LOCAL))) { 1567 /* hold loopback dev/idev if we haven't done so. */ 1568 if (dev != net->loopback_dev) { 1569 if (dev) { 1570 dev_put(dev); 1571 in6_dev_put(idev); 1572 } 1573 dev = net->loopback_dev; 1574 dev_hold(dev); 1575 idev = in6_dev_get(dev); 1576 if (!idev) { 1577 err = -ENODEV; 1578 goto out; 1579 } 1580 } 1581 rt->rt6i_flags = RTF_REJECT|RTF_NONEXTHOP; 1582 switch (cfg->fc_type) { 1583 case RTN_BLACKHOLE: 1584 rt->dst.error = -EINVAL; 1585 rt->dst.output = dst_discard_sk; 1586 rt->dst.input = dst_discard; 1587 break; 1588 case RTN_PROHIBIT: 1589 rt->dst.error = -EACCES; 1590 rt->dst.output = ip6_pkt_prohibit_out; 1591 rt->dst.input = ip6_pkt_prohibit; 1592 break; 1593 case RTN_THROW: 1594 default: 1595 rt->dst.error = (cfg->fc_type == RTN_THROW) ? -EAGAIN 1596 : -ENETUNREACH; 1597 rt->dst.output = ip6_pkt_discard_out; 1598 rt->dst.input = ip6_pkt_discard; 1599 break; 1600 } 1601 goto install_route; 1602 } 1603 1604 if (cfg->fc_flags & RTF_GATEWAY) { 1605 const struct in6_addr *gw_addr; 1606 int gwa_type; 1607 1608 gw_addr = &cfg->fc_gateway; 1609 rt->rt6i_gateway = *gw_addr; 1610 gwa_type = ipv6_addr_type(gw_addr); 1611 1612 if (gwa_type != (IPV6_ADDR_LINKLOCAL|IPV6_ADDR_UNICAST)) { 1613 struct rt6_info *grt; 1614 1615 /* IPv6 strictly inhibits using not link-local 1616 addresses as nexthop address. 1617 Otherwise, router will not able to send redirects. 1618 It is very good, but in some (rare!) circumstances 1619 (SIT, PtP, NBMA NOARP links) it is handy to allow 1620 some exceptions. --ANK 1621 */ 1622 err = -EINVAL; 1623 if (!(gwa_type & IPV6_ADDR_UNICAST)) 1624 goto out; 1625 1626 grt = rt6_lookup(net, gw_addr, NULL, cfg->fc_ifindex, 1); 1627 1628 err = -EHOSTUNREACH; 1629 if (!grt) 1630 goto out; 1631 if (dev) { 1632 if (dev != grt->dst.dev) { 1633 ip6_rt_put(grt); 1634 goto out; 1635 } 1636 } else { 1637 dev = grt->dst.dev; 1638 idev = grt->rt6i_idev; 1639 dev_hold(dev); 1640 in6_dev_hold(grt->rt6i_idev); 1641 } 1642 if (!(grt->rt6i_flags & RTF_GATEWAY)) 1643 err = 0; 1644 ip6_rt_put(grt); 1645 1646 if (err) 1647 goto out; 1648 } 1649 err = -EINVAL; 1650 if (!dev || (dev->flags & IFF_LOOPBACK)) 1651 goto out; 1652 } 1653 1654 err = -ENODEV; 1655 if (!dev) 1656 goto out; 1657 1658 if (!ipv6_addr_any(&cfg->fc_prefsrc)) { 1659 if (!ipv6_chk_addr(net, &cfg->fc_prefsrc, dev, 0)) { 1660 err = -EINVAL; 1661 goto out; 1662 } 1663 rt->rt6i_prefsrc.addr = cfg->fc_prefsrc; 1664 rt->rt6i_prefsrc.plen = 128; 1665 } else 1666 rt->rt6i_prefsrc.plen = 0; 1667 1668 rt->rt6i_flags = cfg->fc_flags; 1669 1670 install_route: 1671 rt->dst.dev = dev; 1672 rt->rt6i_idev = idev; 1673 rt->rt6i_table = table; 1674 1675 cfg->fc_nlinfo.nl_net = dev_net(dev); 1676 1677 return __ip6_ins_rt(rt, &cfg->fc_nlinfo, cfg->fc_mx, cfg->fc_mx_len); 1678 1679 out: 1680 if (dev) 1681 dev_put(dev); 1682 if (idev) 1683 in6_dev_put(idev); 1684 if (rt) 1685 dst_free(&rt->dst); 1686 return err; 1687 } 1688 1689 static int __ip6_del_rt(struct rt6_info *rt, struct nl_info *info) 1690 { 1691 int err; 1692 struct fib6_table *table; 1693 struct net *net = dev_net(rt->dst.dev); 1694 1695 if (rt == net->ipv6.ip6_null_entry) { 1696 err = -ENOENT; 1697 goto out; 1698 } 1699 1700 table = rt->rt6i_table; 1701 write_lock_bh(&table->tb6_lock); 1702 err = fib6_del(rt, info); 1703 write_unlock_bh(&table->tb6_lock); 1704 1705 out: 1706 ip6_rt_put(rt); 1707 return err; 1708 } 1709 1710 int ip6_del_rt(struct rt6_info *rt) 1711 { 1712 struct nl_info info = { 1713 .nl_net = dev_net(rt->dst.dev), 1714 }; 1715 return __ip6_del_rt(rt, &info); 1716 } 1717 1718 static int ip6_route_del(struct fib6_config *cfg) 1719 { 1720 struct fib6_table *table; 1721 struct fib6_node *fn; 1722 struct rt6_info *rt; 1723 int err = -ESRCH; 1724 1725 table = fib6_get_table(cfg->fc_nlinfo.nl_net, cfg->fc_table); 1726 if (!table) 1727 return err; 1728 1729 read_lock_bh(&table->tb6_lock); 1730 1731 fn = fib6_locate(&table->tb6_root, 1732 &cfg->fc_dst, cfg->fc_dst_len, 1733 &cfg->fc_src, cfg->fc_src_len); 1734 1735 if (fn) { 1736 for (rt = fn->leaf; rt; rt = rt->dst.rt6_next) { 1737 if (cfg->fc_ifindex && 1738 (!rt->dst.dev || 1739 rt->dst.dev->ifindex != cfg->fc_ifindex)) 1740 continue; 1741 if (cfg->fc_flags & RTF_GATEWAY && 1742 !ipv6_addr_equal(&cfg->fc_gateway, &rt->rt6i_gateway)) 1743 continue; 1744 if (cfg->fc_metric && cfg->fc_metric != rt->rt6i_metric) 1745 continue; 1746 dst_hold(&rt->dst); 1747 read_unlock_bh(&table->tb6_lock); 1748 1749 return __ip6_del_rt(rt, &cfg->fc_nlinfo); 1750 } 1751 } 1752 read_unlock_bh(&table->tb6_lock); 1753 1754 return err; 1755 } 1756 1757 static void rt6_do_redirect(struct dst_entry *dst, struct sock *sk, struct sk_buff *skb) 1758 { 1759 struct net *net = dev_net(skb->dev); 1760 struct netevent_redirect netevent; 1761 struct rt6_info *rt, *nrt = NULL; 1762 struct ndisc_options ndopts; 1763 struct inet6_dev *in6_dev; 1764 struct neighbour *neigh; 1765 struct rd_msg *msg; 1766 int optlen, on_link; 1767 u8 *lladdr; 1768 1769 optlen = skb_tail_pointer(skb) - skb_transport_header(skb); 1770 optlen -= sizeof(*msg); 1771 1772 if (optlen < 0) { 1773 net_dbg_ratelimited("rt6_do_redirect: packet too short\n"); 1774 return; 1775 } 1776 1777 msg = (struct rd_msg *)icmp6_hdr(skb); 1778 1779 if (ipv6_addr_is_multicast(&msg->dest)) { 1780 net_dbg_ratelimited("rt6_do_redirect: destination address is multicast\n"); 1781 return; 1782 } 1783 1784 on_link = 0; 1785 if (ipv6_addr_equal(&msg->dest, &msg->target)) { 1786 on_link = 1; 1787 } else if (ipv6_addr_type(&msg->target) != 1788 (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) { 1789 net_dbg_ratelimited("rt6_do_redirect: target address is not link-local unicast\n"); 1790 return; 1791 } 1792 1793 in6_dev = __in6_dev_get(skb->dev); 1794 if (!in6_dev) 1795 return; 1796 if (in6_dev->cnf.forwarding || !in6_dev->cnf.accept_redirects) 1797 return; 1798 1799 /* RFC2461 8.1: 1800 * The IP source address of the Redirect MUST be the same as the current 1801 * first-hop router for the specified ICMP Destination Address. 1802 */ 1803 1804 if (!ndisc_parse_options(msg->opt, optlen, &ndopts)) { 1805 net_dbg_ratelimited("rt6_redirect: invalid ND options\n"); 1806 return; 1807 } 1808 1809 lladdr = NULL; 1810 if (ndopts.nd_opts_tgt_lladdr) { 1811 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, 1812 skb->dev); 1813 if (!lladdr) { 1814 net_dbg_ratelimited("rt6_redirect: invalid link-layer address length\n"); 1815 return; 1816 } 1817 } 1818 1819 rt = (struct rt6_info *) dst; 1820 if (rt == net->ipv6.ip6_null_entry) { 1821 net_dbg_ratelimited("rt6_redirect: source isn't a valid nexthop for redirect target\n"); 1822 return; 1823 } 1824 1825 /* Redirect received -> path was valid. 1826 * Look, redirects are sent only in response to data packets, 1827 * so that this nexthop apparently is reachable. --ANK 1828 */ 1829 dst_confirm(&rt->dst); 1830 1831 neigh = __neigh_lookup(&nd_tbl, &msg->target, skb->dev, 1); 1832 if (!neigh) 1833 return; 1834 1835 /* 1836 * We have finally decided to accept it. 1837 */ 1838 1839 neigh_update(neigh, lladdr, NUD_STALE, 1840 NEIGH_UPDATE_F_WEAK_OVERRIDE| 1841 NEIGH_UPDATE_F_OVERRIDE| 1842 (on_link ? 0 : (NEIGH_UPDATE_F_OVERRIDE_ISROUTER| 1843 NEIGH_UPDATE_F_ISROUTER)) 1844 ); 1845 1846 nrt = ip6_rt_copy(rt, &msg->dest); 1847 if (!nrt) 1848 goto out; 1849 1850 nrt->rt6i_flags = RTF_GATEWAY|RTF_UP|RTF_DYNAMIC|RTF_CACHE; 1851 if (on_link) 1852 nrt->rt6i_flags &= ~RTF_GATEWAY; 1853 1854 nrt->rt6i_gateway = *(struct in6_addr *)neigh->primary_key; 1855 1856 if (ip6_ins_rt(nrt)) 1857 goto out; 1858 1859 netevent.old = &rt->dst; 1860 netevent.new = &nrt->dst; 1861 netevent.daddr = &msg->dest; 1862 netevent.neigh = neigh; 1863 call_netevent_notifiers(NETEVENT_REDIRECT, &netevent); 1864 1865 if (rt->rt6i_flags & RTF_CACHE) { 1866 rt = (struct rt6_info *) dst_clone(&rt->dst); 1867 ip6_del_rt(rt); 1868 } 1869 1870 out: 1871 neigh_release(neigh); 1872 } 1873 1874 /* 1875 * Misc support functions 1876 */ 1877 1878 static struct rt6_info *ip6_rt_copy(struct rt6_info *ort, 1879 const struct in6_addr *dest) 1880 { 1881 struct net *net = dev_net(ort->dst.dev); 1882 struct rt6_info *rt = ip6_dst_alloc(net, ort->dst.dev, 0, 1883 ort->rt6i_table); 1884 1885 if (rt) { 1886 rt->dst.input = ort->dst.input; 1887 rt->dst.output = ort->dst.output; 1888 rt->dst.flags |= DST_HOST; 1889 1890 rt->rt6i_dst.addr = *dest; 1891 rt->rt6i_dst.plen = 128; 1892 dst_copy_metrics(&rt->dst, &ort->dst); 1893 rt->dst.error = ort->dst.error; 1894 rt->rt6i_idev = ort->rt6i_idev; 1895 if (rt->rt6i_idev) 1896 in6_dev_hold(rt->rt6i_idev); 1897 rt->dst.lastuse = jiffies; 1898 1899 if (ort->rt6i_flags & RTF_GATEWAY) 1900 rt->rt6i_gateway = ort->rt6i_gateway; 1901 else 1902 rt->rt6i_gateway = *dest; 1903 rt->rt6i_flags = ort->rt6i_flags; 1904 rt6_set_from(rt, ort); 1905 rt->rt6i_metric = 0; 1906 1907 #ifdef CONFIG_IPV6_SUBTREES 1908 memcpy(&rt->rt6i_src, &ort->rt6i_src, sizeof(struct rt6key)); 1909 #endif 1910 memcpy(&rt->rt6i_prefsrc, &ort->rt6i_prefsrc, sizeof(struct rt6key)); 1911 rt->rt6i_table = ort->rt6i_table; 1912 } 1913 return rt; 1914 } 1915 1916 #ifdef CONFIG_IPV6_ROUTE_INFO 1917 static struct rt6_info *rt6_get_route_info(struct net *net, 1918 const struct in6_addr *prefix, int prefixlen, 1919 const struct in6_addr *gwaddr, int ifindex) 1920 { 1921 struct fib6_node *fn; 1922 struct rt6_info *rt = NULL; 1923 struct fib6_table *table; 1924 1925 table = fib6_get_table(net, RT6_TABLE_INFO); 1926 if (!table) 1927 return NULL; 1928 1929 read_lock_bh(&table->tb6_lock); 1930 fn = fib6_locate(&table->tb6_root, prefix, prefixlen, NULL, 0); 1931 if (!fn) 1932 goto out; 1933 1934 for (rt = fn->leaf; rt; rt = rt->dst.rt6_next) { 1935 if (rt->dst.dev->ifindex != ifindex) 1936 continue; 1937 if ((rt->rt6i_flags & (RTF_ROUTEINFO|RTF_GATEWAY)) != (RTF_ROUTEINFO|RTF_GATEWAY)) 1938 continue; 1939 if (!ipv6_addr_equal(&rt->rt6i_gateway, gwaddr)) 1940 continue; 1941 dst_hold(&rt->dst); 1942 break; 1943 } 1944 out: 1945 read_unlock_bh(&table->tb6_lock); 1946 return rt; 1947 } 1948 1949 static struct rt6_info *rt6_add_route_info(struct net *net, 1950 const struct in6_addr *prefix, int prefixlen, 1951 const struct in6_addr *gwaddr, int ifindex, 1952 unsigned int pref) 1953 { 1954 struct fib6_config cfg = { 1955 .fc_table = RT6_TABLE_INFO, 1956 .fc_metric = IP6_RT_PRIO_USER, 1957 .fc_ifindex = ifindex, 1958 .fc_dst_len = prefixlen, 1959 .fc_flags = RTF_GATEWAY | RTF_ADDRCONF | RTF_ROUTEINFO | 1960 RTF_UP | RTF_PREF(pref), 1961 .fc_nlinfo.portid = 0, 1962 .fc_nlinfo.nlh = NULL, 1963 .fc_nlinfo.nl_net = net, 1964 }; 1965 1966 cfg.fc_dst = *prefix; 1967 cfg.fc_gateway = *gwaddr; 1968 1969 /* We should treat it as a default route if prefix length is 0. */ 1970 if (!prefixlen) 1971 cfg.fc_flags |= RTF_DEFAULT; 1972 1973 ip6_route_add(&cfg); 1974 1975 return rt6_get_route_info(net, prefix, prefixlen, gwaddr, ifindex); 1976 } 1977 #endif 1978 1979 struct rt6_info *rt6_get_dflt_router(const struct in6_addr *addr, struct net_device *dev) 1980 { 1981 struct rt6_info *rt; 1982 struct fib6_table *table; 1983 1984 table = fib6_get_table(dev_net(dev), RT6_TABLE_DFLT); 1985 if (!table) 1986 return NULL; 1987 1988 read_lock_bh(&table->tb6_lock); 1989 for (rt = table->tb6_root.leaf; rt; rt = rt->dst.rt6_next) { 1990 if (dev == rt->dst.dev && 1991 ((rt->rt6i_flags & (RTF_ADDRCONF | RTF_DEFAULT)) == (RTF_ADDRCONF | RTF_DEFAULT)) && 1992 ipv6_addr_equal(&rt->rt6i_gateway, addr)) 1993 break; 1994 } 1995 if (rt) 1996 dst_hold(&rt->dst); 1997 read_unlock_bh(&table->tb6_lock); 1998 return rt; 1999 } 2000 2001 struct rt6_info *rt6_add_dflt_router(const struct in6_addr *gwaddr, 2002 struct net_device *dev, 2003 unsigned int pref) 2004 { 2005 struct fib6_config cfg = { 2006 .fc_table = RT6_TABLE_DFLT, 2007 .fc_metric = IP6_RT_PRIO_USER, 2008 .fc_ifindex = dev->ifindex, 2009 .fc_flags = RTF_GATEWAY | RTF_ADDRCONF | RTF_DEFAULT | 2010 RTF_UP | RTF_EXPIRES | RTF_PREF(pref), 2011 .fc_nlinfo.portid = 0, 2012 .fc_nlinfo.nlh = NULL, 2013 .fc_nlinfo.nl_net = dev_net(dev), 2014 }; 2015 2016 cfg.fc_gateway = *gwaddr; 2017 2018 ip6_route_add(&cfg); 2019 2020 return rt6_get_dflt_router(gwaddr, dev); 2021 } 2022 2023 void rt6_purge_dflt_routers(struct net *net) 2024 { 2025 struct rt6_info *rt; 2026 struct fib6_table *table; 2027 2028 /* NOTE: Keep consistent with rt6_get_dflt_router */ 2029 table = fib6_get_table(net, RT6_TABLE_DFLT); 2030 if (!table) 2031 return; 2032 2033 restart: 2034 read_lock_bh(&table->tb6_lock); 2035 for (rt = table->tb6_root.leaf; rt; rt = rt->dst.rt6_next) { 2036 if (rt->rt6i_flags & (RTF_DEFAULT | RTF_ADDRCONF) && 2037 (!rt->rt6i_idev || rt->rt6i_idev->cnf.accept_ra != 2)) { 2038 dst_hold(&rt->dst); 2039 read_unlock_bh(&table->tb6_lock); 2040 ip6_del_rt(rt); 2041 goto restart; 2042 } 2043 } 2044 read_unlock_bh(&table->tb6_lock); 2045 } 2046 2047 static void rtmsg_to_fib6_config(struct net *net, 2048 struct in6_rtmsg *rtmsg, 2049 struct fib6_config *cfg) 2050 { 2051 memset(cfg, 0, sizeof(*cfg)); 2052 2053 cfg->fc_table = RT6_TABLE_MAIN; 2054 cfg->fc_ifindex = rtmsg->rtmsg_ifindex; 2055 cfg->fc_metric = rtmsg->rtmsg_metric; 2056 cfg->fc_expires = rtmsg->rtmsg_info; 2057 cfg->fc_dst_len = rtmsg->rtmsg_dst_len; 2058 cfg->fc_src_len = rtmsg->rtmsg_src_len; 2059 cfg->fc_flags = rtmsg->rtmsg_flags; 2060 2061 cfg->fc_nlinfo.nl_net = net; 2062 2063 cfg->fc_dst = rtmsg->rtmsg_dst; 2064 cfg->fc_src = rtmsg->rtmsg_src; 2065 cfg->fc_gateway = rtmsg->rtmsg_gateway; 2066 } 2067 2068 int ipv6_route_ioctl(struct net *net, unsigned int cmd, void __user *arg) 2069 { 2070 struct fib6_config cfg; 2071 struct in6_rtmsg rtmsg; 2072 int err; 2073 2074 switch (cmd) { 2075 case SIOCADDRT: /* Add a route */ 2076 case SIOCDELRT: /* Delete a route */ 2077 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) 2078 return -EPERM; 2079 err = copy_from_user(&rtmsg, arg, 2080 sizeof(struct in6_rtmsg)); 2081 if (err) 2082 return -EFAULT; 2083 2084 rtmsg_to_fib6_config(net, &rtmsg, &cfg); 2085 2086 rtnl_lock(); 2087 switch (cmd) { 2088 case SIOCADDRT: 2089 err = ip6_route_add(&cfg); 2090 break; 2091 case SIOCDELRT: 2092 err = ip6_route_del(&cfg); 2093 break; 2094 default: 2095 err = -EINVAL; 2096 } 2097 rtnl_unlock(); 2098 2099 return err; 2100 } 2101 2102 return -EINVAL; 2103 } 2104 2105 /* 2106 * Drop the packet on the floor 2107 */ 2108 2109 static int ip6_pkt_drop(struct sk_buff *skb, u8 code, int ipstats_mib_noroutes) 2110 { 2111 int type; 2112 struct dst_entry *dst = skb_dst(skb); 2113 switch (ipstats_mib_noroutes) { 2114 case IPSTATS_MIB_INNOROUTES: 2115 type = ipv6_addr_type(&ipv6_hdr(skb)->daddr); 2116 if (type == IPV6_ADDR_ANY) { 2117 IP6_INC_STATS(dev_net(dst->dev), ip6_dst_idev(dst), 2118 IPSTATS_MIB_INADDRERRORS); 2119 break; 2120 } 2121 /* FALLTHROUGH */ 2122 case IPSTATS_MIB_OUTNOROUTES: 2123 IP6_INC_STATS(dev_net(dst->dev), ip6_dst_idev(dst), 2124 ipstats_mib_noroutes); 2125 break; 2126 } 2127 icmpv6_send(skb, ICMPV6_DEST_UNREACH, code, 0); 2128 kfree_skb(skb); 2129 return 0; 2130 } 2131 2132 static int ip6_pkt_discard(struct sk_buff *skb) 2133 { 2134 return ip6_pkt_drop(skb, ICMPV6_NOROUTE, IPSTATS_MIB_INNOROUTES); 2135 } 2136 2137 static int ip6_pkt_discard_out(struct sock *sk, struct sk_buff *skb) 2138 { 2139 skb->dev = skb_dst(skb)->dev; 2140 return ip6_pkt_drop(skb, ICMPV6_NOROUTE, IPSTATS_MIB_OUTNOROUTES); 2141 } 2142 2143 static int ip6_pkt_prohibit(struct sk_buff *skb) 2144 { 2145 return ip6_pkt_drop(skb, ICMPV6_ADM_PROHIBITED, IPSTATS_MIB_INNOROUTES); 2146 } 2147 2148 static int ip6_pkt_prohibit_out(struct sock *sk, struct sk_buff *skb) 2149 { 2150 skb->dev = skb_dst(skb)->dev; 2151 return ip6_pkt_drop(skb, ICMPV6_ADM_PROHIBITED, IPSTATS_MIB_OUTNOROUTES); 2152 } 2153 2154 /* 2155 * Allocate a dst for local (unicast / anycast) address. 2156 */ 2157 2158 struct rt6_info *addrconf_dst_alloc(struct inet6_dev *idev, 2159 const struct in6_addr *addr, 2160 bool anycast) 2161 { 2162 struct net *net = dev_net(idev->dev); 2163 struct rt6_info *rt = ip6_dst_alloc(net, net->loopback_dev, 2164 DST_NOCOUNT, NULL); 2165 if (!rt) 2166 return ERR_PTR(-ENOMEM); 2167 2168 in6_dev_hold(idev); 2169 2170 rt->dst.flags |= DST_HOST; 2171 rt->dst.input = ip6_input; 2172 rt->dst.output = ip6_output; 2173 rt->rt6i_idev = idev; 2174 2175 rt->rt6i_flags = RTF_UP | RTF_NONEXTHOP; 2176 if (anycast) 2177 rt->rt6i_flags |= RTF_ANYCAST; 2178 else 2179 rt->rt6i_flags |= RTF_LOCAL; 2180 2181 rt->rt6i_gateway = *addr; 2182 rt->rt6i_dst.addr = *addr; 2183 rt->rt6i_dst.plen = 128; 2184 rt->rt6i_table = fib6_get_table(net, RT6_TABLE_LOCAL); 2185 2186 atomic_set(&rt->dst.__refcnt, 1); 2187 2188 return rt; 2189 } 2190 2191 int ip6_route_get_saddr(struct net *net, 2192 struct rt6_info *rt, 2193 const struct in6_addr *daddr, 2194 unsigned int prefs, 2195 struct in6_addr *saddr) 2196 { 2197 struct inet6_dev *idev = ip6_dst_idev((struct dst_entry *)rt); 2198 int err = 0; 2199 if (rt->rt6i_prefsrc.plen) 2200 *saddr = rt->rt6i_prefsrc.addr; 2201 else 2202 err = ipv6_dev_get_saddr(net, idev ? idev->dev : NULL, 2203 daddr, prefs, saddr); 2204 return err; 2205 } 2206 2207 /* remove deleted ip from prefsrc entries */ 2208 struct arg_dev_net_ip { 2209 struct net_device *dev; 2210 struct net *net; 2211 struct in6_addr *addr; 2212 }; 2213 2214 static int fib6_remove_prefsrc(struct rt6_info *rt, void *arg) 2215 { 2216 struct net_device *dev = ((struct arg_dev_net_ip *)arg)->dev; 2217 struct net *net = ((struct arg_dev_net_ip *)arg)->net; 2218 struct in6_addr *addr = ((struct arg_dev_net_ip *)arg)->addr; 2219 2220 if (((void *)rt->dst.dev == dev || !dev) && 2221 rt != net->ipv6.ip6_null_entry && 2222 ipv6_addr_equal(addr, &rt->rt6i_prefsrc.addr)) { 2223 /* remove prefsrc entry */ 2224 rt->rt6i_prefsrc.plen = 0; 2225 } 2226 return 0; 2227 } 2228 2229 void rt6_remove_prefsrc(struct inet6_ifaddr *ifp) 2230 { 2231 struct net *net = dev_net(ifp->idev->dev); 2232 struct arg_dev_net_ip adni = { 2233 .dev = ifp->idev->dev, 2234 .net = net, 2235 .addr = &ifp->addr, 2236 }; 2237 fib6_clean_all(net, fib6_remove_prefsrc, &adni); 2238 } 2239 2240 #define RTF_RA_ROUTER (RTF_ADDRCONF | RTF_DEFAULT | RTF_GATEWAY) 2241 #define RTF_CACHE_GATEWAY (RTF_GATEWAY | RTF_CACHE) 2242 2243 /* Remove routers and update dst entries when gateway turn into host. */ 2244 static int fib6_clean_tohost(struct rt6_info *rt, void *arg) 2245 { 2246 struct in6_addr *gateway = (struct in6_addr *)arg; 2247 2248 if ((((rt->rt6i_flags & RTF_RA_ROUTER) == RTF_RA_ROUTER) || 2249 ((rt->rt6i_flags & RTF_CACHE_GATEWAY) == RTF_CACHE_GATEWAY)) && 2250 ipv6_addr_equal(gateway, &rt->rt6i_gateway)) { 2251 return -1; 2252 } 2253 return 0; 2254 } 2255 2256 void rt6_clean_tohost(struct net *net, struct in6_addr *gateway) 2257 { 2258 fib6_clean_all(net, fib6_clean_tohost, gateway); 2259 } 2260 2261 struct arg_dev_net { 2262 struct net_device *dev; 2263 struct net *net; 2264 }; 2265 2266 static int fib6_ifdown(struct rt6_info *rt, void *arg) 2267 { 2268 const struct arg_dev_net *adn = arg; 2269 const struct net_device *dev = adn->dev; 2270 2271 if ((rt->dst.dev == dev || !dev) && 2272 rt != adn->net->ipv6.ip6_null_entry) 2273 return -1; 2274 2275 return 0; 2276 } 2277 2278 void rt6_ifdown(struct net *net, struct net_device *dev) 2279 { 2280 struct arg_dev_net adn = { 2281 .dev = dev, 2282 .net = net, 2283 }; 2284 2285 fib6_clean_all(net, fib6_ifdown, &adn); 2286 icmp6_clean_all(fib6_ifdown, &adn); 2287 } 2288 2289 struct rt6_mtu_change_arg { 2290 struct net_device *dev; 2291 unsigned int mtu; 2292 }; 2293 2294 static int rt6_mtu_change_route(struct rt6_info *rt, void *p_arg) 2295 { 2296 struct rt6_mtu_change_arg *arg = (struct rt6_mtu_change_arg *) p_arg; 2297 struct inet6_dev *idev; 2298 2299 /* In IPv6 pmtu discovery is not optional, 2300 so that RTAX_MTU lock cannot disable it. 2301 We still use this lock to block changes 2302 caused by addrconf/ndisc. 2303 */ 2304 2305 idev = __in6_dev_get(arg->dev); 2306 if (!idev) 2307 return 0; 2308 2309 /* For administrative MTU increase, there is no way to discover 2310 IPv6 PMTU increase, so PMTU increase should be updated here. 2311 Since RFC 1981 doesn't include administrative MTU increase 2312 update PMTU increase is a MUST. (i.e. jumbo frame) 2313 */ 2314 /* 2315 If new MTU is less than route PMTU, this new MTU will be the 2316 lowest MTU in the path, update the route PMTU to reflect PMTU 2317 decreases; if new MTU is greater than route PMTU, and the 2318 old MTU is the lowest MTU in the path, update the route PMTU 2319 to reflect the increase. In this case if the other nodes' MTU 2320 also have the lowest MTU, TOO BIG MESSAGE will be lead to 2321 PMTU discouvery. 2322 */ 2323 if (rt->dst.dev == arg->dev && 2324 !dst_metric_locked(&rt->dst, RTAX_MTU) && 2325 (dst_mtu(&rt->dst) >= arg->mtu || 2326 (dst_mtu(&rt->dst) < arg->mtu && 2327 dst_mtu(&rt->dst) == idev->cnf.mtu6))) { 2328 dst_metric_set(&rt->dst, RTAX_MTU, arg->mtu); 2329 } 2330 return 0; 2331 } 2332 2333 void rt6_mtu_change(struct net_device *dev, unsigned int mtu) 2334 { 2335 struct rt6_mtu_change_arg arg = { 2336 .dev = dev, 2337 .mtu = mtu, 2338 }; 2339 2340 fib6_clean_all(dev_net(dev), rt6_mtu_change_route, &arg); 2341 } 2342 2343 static const struct nla_policy rtm_ipv6_policy[RTA_MAX+1] = { 2344 [RTA_GATEWAY] = { .len = sizeof(struct in6_addr) }, 2345 [RTA_OIF] = { .type = NLA_U32 }, 2346 [RTA_IIF] = { .type = NLA_U32 }, 2347 [RTA_PRIORITY] = { .type = NLA_U32 }, 2348 [RTA_METRICS] = { .type = NLA_NESTED }, 2349 [RTA_MULTIPATH] = { .len = sizeof(struct rtnexthop) }, 2350 }; 2351 2352 static int rtm_to_fib6_config(struct sk_buff *skb, struct nlmsghdr *nlh, 2353 struct fib6_config *cfg) 2354 { 2355 struct rtmsg *rtm; 2356 struct nlattr *tb[RTA_MAX+1]; 2357 int err; 2358 2359 err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_ipv6_policy); 2360 if (err < 0) 2361 goto errout; 2362 2363 err = -EINVAL; 2364 rtm = nlmsg_data(nlh); 2365 memset(cfg, 0, sizeof(*cfg)); 2366 2367 cfg->fc_table = rtm->rtm_table; 2368 cfg->fc_dst_len = rtm->rtm_dst_len; 2369 cfg->fc_src_len = rtm->rtm_src_len; 2370 cfg->fc_flags = RTF_UP; 2371 cfg->fc_protocol = rtm->rtm_protocol; 2372 cfg->fc_type = rtm->rtm_type; 2373 2374 if (rtm->rtm_type == RTN_UNREACHABLE || 2375 rtm->rtm_type == RTN_BLACKHOLE || 2376 rtm->rtm_type == RTN_PROHIBIT || 2377 rtm->rtm_type == RTN_THROW) 2378 cfg->fc_flags |= RTF_REJECT; 2379 2380 if (rtm->rtm_type == RTN_LOCAL) 2381 cfg->fc_flags |= RTF_LOCAL; 2382 2383 cfg->fc_nlinfo.portid = NETLINK_CB(skb).portid; 2384 cfg->fc_nlinfo.nlh = nlh; 2385 cfg->fc_nlinfo.nl_net = sock_net(skb->sk); 2386 2387 if (tb[RTA_GATEWAY]) { 2388 nla_memcpy(&cfg->fc_gateway, tb[RTA_GATEWAY], 16); 2389 cfg->fc_flags |= RTF_GATEWAY; 2390 } 2391 2392 if (tb[RTA_DST]) { 2393 int plen = (rtm->rtm_dst_len + 7) >> 3; 2394 2395 if (nla_len(tb[RTA_DST]) < plen) 2396 goto errout; 2397 2398 nla_memcpy(&cfg->fc_dst, tb[RTA_DST], plen); 2399 } 2400 2401 if (tb[RTA_SRC]) { 2402 int plen = (rtm->rtm_src_len + 7) >> 3; 2403 2404 if (nla_len(tb[RTA_SRC]) < plen) 2405 goto errout; 2406 2407 nla_memcpy(&cfg->fc_src, tb[RTA_SRC], plen); 2408 } 2409 2410 if (tb[RTA_PREFSRC]) 2411 nla_memcpy(&cfg->fc_prefsrc, tb[RTA_PREFSRC], 16); 2412 2413 if (tb[RTA_OIF]) 2414 cfg->fc_ifindex = nla_get_u32(tb[RTA_OIF]); 2415 2416 if (tb[RTA_PRIORITY]) 2417 cfg->fc_metric = nla_get_u32(tb[RTA_PRIORITY]); 2418 2419 if (tb[RTA_METRICS]) { 2420 cfg->fc_mx = nla_data(tb[RTA_METRICS]); 2421 cfg->fc_mx_len = nla_len(tb[RTA_METRICS]); 2422 } 2423 2424 if (tb[RTA_TABLE]) 2425 cfg->fc_table = nla_get_u32(tb[RTA_TABLE]); 2426 2427 if (tb[RTA_MULTIPATH]) { 2428 cfg->fc_mp = nla_data(tb[RTA_MULTIPATH]); 2429 cfg->fc_mp_len = nla_len(tb[RTA_MULTIPATH]); 2430 } 2431 2432 err = 0; 2433 errout: 2434 return err; 2435 } 2436 2437 static int ip6_route_multipath(struct fib6_config *cfg, int add) 2438 { 2439 struct fib6_config r_cfg; 2440 struct rtnexthop *rtnh; 2441 int remaining; 2442 int attrlen; 2443 int err = 0, last_err = 0; 2444 2445 beginning: 2446 rtnh = (struct rtnexthop *)cfg->fc_mp; 2447 remaining = cfg->fc_mp_len; 2448 2449 /* Parse a Multipath Entry */ 2450 while (rtnh_ok(rtnh, remaining)) { 2451 memcpy(&r_cfg, cfg, sizeof(*cfg)); 2452 if (rtnh->rtnh_ifindex) 2453 r_cfg.fc_ifindex = rtnh->rtnh_ifindex; 2454 2455 attrlen = rtnh_attrlen(rtnh); 2456 if (attrlen > 0) { 2457 struct nlattr *nla, *attrs = rtnh_attrs(rtnh); 2458 2459 nla = nla_find(attrs, attrlen, RTA_GATEWAY); 2460 if (nla) { 2461 nla_memcpy(&r_cfg.fc_gateway, nla, 16); 2462 r_cfg.fc_flags |= RTF_GATEWAY; 2463 } 2464 } 2465 err = add ? ip6_route_add(&r_cfg) : ip6_route_del(&r_cfg); 2466 if (err) { 2467 last_err = err; 2468 /* If we are trying to remove a route, do not stop the 2469 * loop when ip6_route_del() fails (because next hop is 2470 * already gone), we should try to remove all next hops. 2471 */ 2472 if (add) { 2473 /* If add fails, we should try to delete all 2474 * next hops that have been already added. 2475 */ 2476 add = 0; 2477 goto beginning; 2478 } 2479 } 2480 /* Because each route is added like a single route we remove 2481 * this flag after the first nexthop (if there is a collision, 2482 * we have already fail to add the first nexthop: 2483 * fib6_add_rt2node() has reject it). 2484 */ 2485 cfg->fc_nlinfo.nlh->nlmsg_flags &= ~NLM_F_EXCL; 2486 rtnh = rtnh_next(rtnh, &remaining); 2487 } 2488 2489 return last_err; 2490 } 2491 2492 static int inet6_rtm_delroute(struct sk_buff *skb, struct nlmsghdr *nlh) 2493 { 2494 struct fib6_config cfg; 2495 int err; 2496 2497 err = rtm_to_fib6_config(skb, nlh, &cfg); 2498 if (err < 0) 2499 return err; 2500 2501 if (cfg.fc_mp) 2502 return ip6_route_multipath(&cfg, 0); 2503 else 2504 return ip6_route_del(&cfg); 2505 } 2506 2507 static int inet6_rtm_newroute(struct sk_buff *skb, struct nlmsghdr *nlh) 2508 { 2509 struct fib6_config cfg; 2510 int err; 2511 2512 err = rtm_to_fib6_config(skb, nlh, &cfg); 2513 if (err < 0) 2514 return err; 2515 2516 if (cfg.fc_mp) 2517 return ip6_route_multipath(&cfg, 1); 2518 else 2519 return ip6_route_add(&cfg); 2520 } 2521 2522 static inline size_t rt6_nlmsg_size(void) 2523 { 2524 return NLMSG_ALIGN(sizeof(struct rtmsg)) 2525 + nla_total_size(16) /* RTA_SRC */ 2526 + nla_total_size(16) /* RTA_DST */ 2527 + nla_total_size(16) /* RTA_GATEWAY */ 2528 + nla_total_size(16) /* RTA_PREFSRC */ 2529 + nla_total_size(4) /* RTA_TABLE */ 2530 + nla_total_size(4) /* RTA_IIF */ 2531 + nla_total_size(4) /* RTA_OIF */ 2532 + nla_total_size(4) /* RTA_PRIORITY */ 2533 + RTAX_MAX * nla_total_size(4) /* RTA_METRICS */ 2534 + nla_total_size(sizeof(struct rta_cacheinfo)); 2535 } 2536 2537 static int rt6_fill_node(struct net *net, 2538 struct sk_buff *skb, struct rt6_info *rt, 2539 struct in6_addr *dst, struct in6_addr *src, 2540 int iif, int type, u32 portid, u32 seq, 2541 int prefix, int nowait, unsigned int flags) 2542 { 2543 struct rtmsg *rtm; 2544 struct nlmsghdr *nlh; 2545 long expires; 2546 u32 table; 2547 2548 if (prefix) { /* user wants prefix routes only */ 2549 if (!(rt->rt6i_flags & RTF_PREFIX_RT)) { 2550 /* success since this is not a prefix route */ 2551 return 1; 2552 } 2553 } 2554 2555 nlh = nlmsg_put(skb, portid, seq, type, sizeof(*rtm), flags); 2556 if (!nlh) 2557 return -EMSGSIZE; 2558 2559 rtm = nlmsg_data(nlh); 2560 rtm->rtm_family = AF_INET6; 2561 rtm->rtm_dst_len = rt->rt6i_dst.plen; 2562 rtm->rtm_src_len = rt->rt6i_src.plen; 2563 rtm->rtm_tos = 0; 2564 if (rt->rt6i_table) 2565 table = rt->rt6i_table->tb6_id; 2566 else 2567 table = RT6_TABLE_UNSPEC; 2568 rtm->rtm_table = table; 2569 if (nla_put_u32(skb, RTA_TABLE, table)) 2570 goto nla_put_failure; 2571 if (rt->rt6i_flags & RTF_REJECT) { 2572 switch (rt->dst.error) { 2573 case -EINVAL: 2574 rtm->rtm_type = RTN_BLACKHOLE; 2575 break; 2576 case -EACCES: 2577 rtm->rtm_type = RTN_PROHIBIT; 2578 break; 2579 case -EAGAIN: 2580 rtm->rtm_type = RTN_THROW; 2581 break; 2582 default: 2583 rtm->rtm_type = RTN_UNREACHABLE; 2584 break; 2585 } 2586 } 2587 else if (rt->rt6i_flags & RTF_LOCAL) 2588 rtm->rtm_type = RTN_LOCAL; 2589 else if (rt->dst.dev && (rt->dst.dev->flags & IFF_LOOPBACK)) 2590 rtm->rtm_type = RTN_LOCAL; 2591 else 2592 rtm->rtm_type = RTN_UNICAST; 2593 rtm->rtm_flags = 0; 2594 rtm->rtm_scope = RT_SCOPE_UNIVERSE; 2595 rtm->rtm_protocol = rt->rt6i_protocol; 2596 if (rt->rt6i_flags & RTF_DYNAMIC) 2597 rtm->rtm_protocol = RTPROT_REDIRECT; 2598 else if (rt->rt6i_flags & RTF_ADDRCONF) { 2599 if (rt->rt6i_flags & (RTF_DEFAULT | RTF_ROUTEINFO)) 2600 rtm->rtm_protocol = RTPROT_RA; 2601 else 2602 rtm->rtm_protocol = RTPROT_KERNEL; 2603 } 2604 2605 if (rt->rt6i_flags & RTF_CACHE) 2606 rtm->rtm_flags |= RTM_F_CLONED; 2607 2608 if (dst) { 2609 if (nla_put(skb, RTA_DST, 16, dst)) 2610 goto nla_put_failure; 2611 rtm->rtm_dst_len = 128; 2612 } else if (rtm->rtm_dst_len) 2613 if (nla_put(skb, RTA_DST, 16, &rt->rt6i_dst.addr)) 2614 goto nla_put_failure; 2615 #ifdef CONFIG_IPV6_SUBTREES 2616 if (src) { 2617 if (nla_put(skb, RTA_SRC, 16, src)) 2618 goto nla_put_failure; 2619 rtm->rtm_src_len = 128; 2620 } else if (rtm->rtm_src_len && 2621 nla_put(skb, RTA_SRC, 16, &rt->rt6i_src.addr)) 2622 goto nla_put_failure; 2623 #endif 2624 if (iif) { 2625 #ifdef CONFIG_IPV6_MROUTE 2626 if (ipv6_addr_is_multicast(&rt->rt6i_dst.addr)) { 2627 int err = ip6mr_get_route(net, skb, rtm, nowait); 2628 if (err <= 0) { 2629 if (!nowait) { 2630 if (err == 0) 2631 return 0; 2632 goto nla_put_failure; 2633 } else { 2634 if (err == -EMSGSIZE) 2635 goto nla_put_failure; 2636 } 2637 } 2638 } else 2639 #endif 2640 if (nla_put_u32(skb, RTA_IIF, iif)) 2641 goto nla_put_failure; 2642 } else if (dst) { 2643 struct in6_addr saddr_buf; 2644 if (ip6_route_get_saddr(net, rt, dst, 0, &saddr_buf) == 0 && 2645 nla_put(skb, RTA_PREFSRC, 16, &saddr_buf)) 2646 goto nla_put_failure; 2647 } 2648 2649 if (rt->rt6i_prefsrc.plen) { 2650 struct in6_addr saddr_buf; 2651 saddr_buf = rt->rt6i_prefsrc.addr; 2652 if (nla_put(skb, RTA_PREFSRC, 16, &saddr_buf)) 2653 goto nla_put_failure; 2654 } 2655 2656 if (rtnetlink_put_metrics(skb, dst_metrics_ptr(&rt->dst)) < 0) 2657 goto nla_put_failure; 2658 2659 if (rt->rt6i_flags & RTF_GATEWAY) { 2660 if (nla_put(skb, RTA_GATEWAY, 16, &rt->rt6i_gateway) < 0) 2661 goto nla_put_failure; 2662 } 2663 2664 if (rt->dst.dev && 2665 nla_put_u32(skb, RTA_OIF, rt->dst.dev->ifindex)) 2666 goto nla_put_failure; 2667 if (nla_put_u32(skb, RTA_PRIORITY, rt->rt6i_metric)) 2668 goto nla_put_failure; 2669 2670 expires = (rt->rt6i_flags & RTF_EXPIRES) ? rt->dst.expires - jiffies : 0; 2671 2672 if (rtnl_put_cacheinfo(skb, &rt->dst, 0, expires, rt->dst.error) < 0) 2673 goto nla_put_failure; 2674 2675 return nlmsg_end(skb, nlh); 2676 2677 nla_put_failure: 2678 nlmsg_cancel(skb, nlh); 2679 return -EMSGSIZE; 2680 } 2681 2682 int rt6_dump_route(struct rt6_info *rt, void *p_arg) 2683 { 2684 struct rt6_rtnl_dump_arg *arg = (struct rt6_rtnl_dump_arg *) p_arg; 2685 int prefix; 2686 2687 if (nlmsg_len(arg->cb->nlh) >= sizeof(struct rtmsg)) { 2688 struct rtmsg *rtm = nlmsg_data(arg->cb->nlh); 2689 prefix = (rtm->rtm_flags & RTM_F_PREFIX) != 0; 2690 } else 2691 prefix = 0; 2692 2693 return rt6_fill_node(arg->net, 2694 arg->skb, rt, NULL, NULL, 0, RTM_NEWROUTE, 2695 NETLINK_CB(arg->cb->skb).portid, arg->cb->nlh->nlmsg_seq, 2696 prefix, 0, NLM_F_MULTI); 2697 } 2698 2699 static int inet6_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr *nlh) 2700 { 2701 struct net *net = sock_net(in_skb->sk); 2702 struct nlattr *tb[RTA_MAX+1]; 2703 struct rt6_info *rt; 2704 struct sk_buff *skb; 2705 struct rtmsg *rtm; 2706 struct flowi6 fl6; 2707 int err, iif = 0, oif = 0; 2708 2709 err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_ipv6_policy); 2710 if (err < 0) 2711 goto errout; 2712 2713 err = -EINVAL; 2714 memset(&fl6, 0, sizeof(fl6)); 2715 2716 if (tb[RTA_SRC]) { 2717 if (nla_len(tb[RTA_SRC]) < sizeof(struct in6_addr)) 2718 goto errout; 2719 2720 fl6.saddr = *(struct in6_addr *)nla_data(tb[RTA_SRC]); 2721 } 2722 2723 if (tb[RTA_DST]) { 2724 if (nla_len(tb[RTA_DST]) < sizeof(struct in6_addr)) 2725 goto errout; 2726 2727 fl6.daddr = *(struct in6_addr *)nla_data(tb[RTA_DST]); 2728 } 2729 2730 if (tb[RTA_IIF]) 2731 iif = nla_get_u32(tb[RTA_IIF]); 2732 2733 if (tb[RTA_OIF]) 2734 oif = nla_get_u32(tb[RTA_OIF]); 2735 2736 if (tb[RTA_MARK]) 2737 fl6.flowi6_mark = nla_get_u32(tb[RTA_MARK]); 2738 2739 if (iif) { 2740 struct net_device *dev; 2741 int flags = 0; 2742 2743 dev = __dev_get_by_index(net, iif); 2744 if (!dev) { 2745 err = -ENODEV; 2746 goto errout; 2747 } 2748 2749 fl6.flowi6_iif = iif; 2750 2751 if (!ipv6_addr_any(&fl6.saddr)) 2752 flags |= RT6_LOOKUP_F_HAS_SADDR; 2753 2754 rt = (struct rt6_info *)ip6_route_input_lookup(net, dev, &fl6, 2755 flags); 2756 } else { 2757 fl6.flowi6_oif = oif; 2758 2759 rt = (struct rt6_info *)ip6_route_output(net, NULL, &fl6); 2760 } 2761 2762 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL); 2763 if (!skb) { 2764 ip6_rt_put(rt); 2765 err = -ENOBUFS; 2766 goto errout; 2767 } 2768 2769 /* Reserve room for dummy headers, this skb can pass 2770 through good chunk of routing engine. 2771 */ 2772 skb_reset_mac_header(skb); 2773 skb_reserve(skb, MAX_HEADER + sizeof(struct ipv6hdr)); 2774 2775 skb_dst_set(skb, &rt->dst); 2776 2777 err = rt6_fill_node(net, skb, rt, &fl6.daddr, &fl6.saddr, iif, 2778 RTM_NEWROUTE, NETLINK_CB(in_skb).portid, 2779 nlh->nlmsg_seq, 0, 0, 0); 2780 if (err < 0) { 2781 kfree_skb(skb); 2782 goto errout; 2783 } 2784 2785 err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).portid); 2786 errout: 2787 return err; 2788 } 2789 2790 void inet6_rt_notify(int event, struct rt6_info *rt, struct nl_info *info) 2791 { 2792 struct sk_buff *skb; 2793 struct net *net = info->nl_net; 2794 u32 seq; 2795 int err; 2796 2797 err = -ENOBUFS; 2798 seq = info->nlh ? info->nlh->nlmsg_seq : 0; 2799 2800 skb = nlmsg_new(rt6_nlmsg_size(), gfp_any()); 2801 if (!skb) 2802 goto errout; 2803 2804 err = rt6_fill_node(net, skb, rt, NULL, NULL, 0, 2805 event, info->portid, seq, 0, 0, 0); 2806 if (err < 0) { 2807 /* -EMSGSIZE implies BUG in rt6_nlmsg_size() */ 2808 WARN_ON(err == -EMSGSIZE); 2809 kfree_skb(skb); 2810 goto errout; 2811 } 2812 rtnl_notify(skb, net, info->portid, RTNLGRP_IPV6_ROUTE, 2813 info->nlh, gfp_any()); 2814 return; 2815 errout: 2816 if (err < 0) 2817 rtnl_set_sk_err(net, RTNLGRP_IPV6_ROUTE, err); 2818 } 2819 2820 static int ip6_route_dev_notify(struct notifier_block *this, 2821 unsigned long event, void *ptr) 2822 { 2823 struct net_device *dev = netdev_notifier_info_to_dev(ptr); 2824 struct net *net = dev_net(dev); 2825 2826 if (event == NETDEV_REGISTER && (dev->flags & IFF_LOOPBACK)) { 2827 net->ipv6.ip6_null_entry->dst.dev = dev; 2828 net->ipv6.ip6_null_entry->rt6i_idev = in6_dev_get(dev); 2829 #ifdef CONFIG_IPV6_MULTIPLE_TABLES 2830 net->ipv6.ip6_prohibit_entry->dst.dev = dev; 2831 net->ipv6.ip6_prohibit_entry->rt6i_idev = in6_dev_get(dev); 2832 net->ipv6.ip6_blk_hole_entry->dst.dev = dev; 2833 net->ipv6.ip6_blk_hole_entry->rt6i_idev = in6_dev_get(dev); 2834 #endif 2835 } 2836 2837 return NOTIFY_OK; 2838 } 2839 2840 /* 2841 * /proc 2842 */ 2843 2844 #ifdef CONFIG_PROC_FS 2845 2846 static const struct file_operations ipv6_route_proc_fops = { 2847 .owner = THIS_MODULE, 2848 .open = ipv6_route_open, 2849 .read = seq_read, 2850 .llseek = seq_lseek, 2851 .release = seq_release_net, 2852 }; 2853 2854 static int rt6_stats_seq_show(struct seq_file *seq, void *v) 2855 { 2856 struct net *net = (struct net *)seq->private; 2857 seq_printf(seq, "%04x %04x %04x %04x %04x %04x %04x\n", 2858 net->ipv6.rt6_stats->fib_nodes, 2859 net->ipv6.rt6_stats->fib_route_nodes, 2860 net->ipv6.rt6_stats->fib_rt_alloc, 2861 net->ipv6.rt6_stats->fib_rt_entries, 2862 net->ipv6.rt6_stats->fib_rt_cache, 2863 dst_entries_get_slow(&net->ipv6.ip6_dst_ops), 2864 net->ipv6.rt6_stats->fib_discarded_routes); 2865 2866 return 0; 2867 } 2868 2869 static int rt6_stats_seq_open(struct inode *inode, struct file *file) 2870 { 2871 return single_open_net(inode, file, rt6_stats_seq_show); 2872 } 2873 2874 static const struct file_operations rt6_stats_seq_fops = { 2875 .owner = THIS_MODULE, 2876 .open = rt6_stats_seq_open, 2877 .read = seq_read, 2878 .llseek = seq_lseek, 2879 .release = single_release_net, 2880 }; 2881 #endif /* CONFIG_PROC_FS */ 2882 2883 #ifdef CONFIG_SYSCTL 2884 2885 static 2886 int ipv6_sysctl_rtcache_flush(struct ctl_table *ctl, int write, 2887 void __user *buffer, size_t *lenp, loff_t *ppos) 2888 { 2889 struct net *net; 2890 int delay; 2891 if (!write) 2892 return -EINVAL; 2893 2894 net = (struct net *)ctl->extra1; 2895 delay = net->ipv6.sysctl.flush_delay; 2896 proc_dointvec(ctl, write, buffer, lenp, ppos); 2897 fib6_run_gc(delay <= 0 ? 0 : (unsigned long)delay, net, delay > 0); 2898 return 0; 2899 } 2900 2901 struct ctl_table ipv6_route_table_template[] = { 2902 { 2903 .procname = "flush", 2904 .data = &init_net.ipv6.sysctl.flush_delay, 2905 .maxlen = sizeof(int), 2906 .mode = 0200, 2907 .proc_handler = ipv6_sysctl_rtcache_flush 2908 }, 2909 { 2910 .procname = "gc_thresh", 2911 .data = &ip6_dst_ops_template.gc_thresh, 2912 .maxlen = sizeof(int), 2913 .mode = 0644, 2914 .proc_handler = proc_dointvec, 2915 }, 2916 { 2917 .procname = "max_size", 2918 .data = &init_net.ipv6.sysctl.ip6_rt_max_size, 2919 .maxlen = sizeof(int), 2920 .mode = 0644, 2921 .proc_handler = proc_dointvec, 2922 }, 2923 { 2924 .procname = "gc_min_interval", 2925 .data = &init_net.ipv6.sysctl.ip6_rt_gc_min_interval, 2926 .maxlen = sizeof(int), 2927 .mode = 0644, 2928 .proc_handler = proc_dointvec_jiffies, 2929 }, 2930 { 2931 .procname = "gc_timeout", 2932 .data = &init_net.ipv6.sysctl.ip6_rt_gc_timeout, 2933 .maxlen = sizeof(int), 2934 .mode = 0644, 2935 .proc_handler = proc_dointvec_jiffies, 2936 }, 2937 { 2938 .procname = "gc_interval", 2939 .data = &init_net.ipv6.sysctl.ip6_rt_gc_interval, 2940 .maxlen = sizeof(int), 2941 .mode = 0644, 2942 .proc_handler = proc_dointvec_jiffies, 2943 }, 2944 { 2945 .procname = "gc_elasticity", 2946 .data = &init_net.ipv6.sysctl.ip6_rt_gc_elasticity, 2947 .maxlen = sizeof(int), 2948 .mode = 0644, 2949 .proc_handler = proc_dointvec, 2950 }, 2951 { 2952 .procname = "mtu_expires", 2953 .data = &init_net.ipv6.sysctl.ip6_rt_mtu_expires, 2954 .maxlen = sizeof(int), 2955 .mode = 0644, 2956 .proc_handler = proc_dointvec_jiffies, 2957 }, 2958 { 2959 .procname = "min_adv_mss", 2960 .data = &init_net.ipv6.sysctl.ip6_rt_min_advmss, 2961 .maxlen = sizeof(int), 2962 .mode = 0644, 2963 .proc_handler = proc_dointvec, 2964 }, 2965 { 2966 .procname = "gc_min_interval_ms", 2967 .data = &init_net.ipv6.sysctl.ip6_rt_gc_min_interval, 2968 .maxlen = sizeof(int), 2969 .mode = 0644, 2970 .proc_handler = proc_dointvec_ms_jiffies, 2971 }, 2972 { } 2973 }; 2974 2975 struct ctl_table * __net_init ipv6_route_sysctl_init(struct net *net) 2976 { 2977 struct ctl_table *table; 2978 2979 table = kmemdup(ipv6_route_table_template, 2980 sizeof(ipv6_route_table_template), 2981 GFP_KERNEL); 2982 2983 if (table) { 2984 table[0].data = &net->ipv6.sysctl.flush_delay; 2985 table[0].extra1 = net; 2986 table[1].data = &net->ipv6.ip6_dst_ops.gc_thresh; 2987 table[2].data = &net->ipv6.sysctl.ip6_rt_max_size; 2988 table[3].data = &net->ipv6.sysctl.ip6_rt_gc_min_interval; 2989 table[4].data = &net->ipv6.sysctl.ip6_rt_gc_timeout; 2990 table[5].data = &net->ipv6.sysctl.ip6_rt_gc_interval; 2991 table[6].data = &net->ipv6.sysctl.ip6_rt_gc_elasticity; 2992 table[7].data = &net->ipv6.sysctl.ip6_rt_mtu_expires; 2993 table[8].data = &net->ipv6.sysctl.ip6_rt_min_advmss; 2994 table[9].data = &net->ipv6.sysctl.ip6_rt_gc_min_interval; 2995 2996 /* Don't export sysctls to unprivileged users */ 2997 if (net->user_ns != &init_user_ns) 2998 table[0].procname = NULL; 2999 } 3000 3001 return table; 3002 } 3003 #endif 3004 3005 static int __net_init ip6_route_net_init(struct net *net) 3006 { 3007 int ret = -ENOMEM; 3008 3009 memcpy(&net->ipv6.ip6_dst_ops, &ip6_dst_ops_template, 3010 sizeof(net->ipv6.ip6_dst_ops)); 3011 3012 if (dst_entries_init(&net->ipv6.ip6_dst_ops) < 0) 3013 goto out_ip6_dst_ops; 3014 3015 net->ipv6.ip6_null_entry = kmemdup(&ip6_null_entry_template, 3016 sizeof(*net->ipv6.ip6_null_entry), 3017 GFP_KERNEL); 3018 if (!net->ipv6.ip6_null_entry) 3019 goto out_ip6_dst_entries; 3020 net->ipv6.ip6_null_entry->dst.path = 3021 (struct dst_entry *)net->ipv6.ip6_null_entry; 3022 net->ipv6.ip6_null_entry->dst.ops = &net->ipv6.ip6_dst_ops; 3023 dst_init_metrics(&net->ipv6.ip6_null_entry->dst, 3024 ip6_template_metrics, true); 3025 3026 #ifdef CONFIG_IPV6_MULTIPLE_TABLES 3027 net->ipv6.ip6_prohibit_entry = kmemdup(&ip6_prohibit_entry_template, 3028 sizeof(*net->ipv6.ip6_prohibit_entry), 3029 GFP_KERNEL); 3030 if (!net->ipv6.ip6_prohibit_entry) 3031 goto out_ip6_null_entry; 3032 net->ipv6.ip6_prohibit_entry->dst.path = 3033 (struct dst_entry *)net->ipv6.ip6_prohibit_entry; 3034 net->ipv6.ip6_prohibit_entry->dst.ops = &net->ipv6.ip6_dst_ops; 3035 dst_init_metrics(&net->ipv6.ip6_prohibit_entry->dst, 3036 ip6_template_metrics, true); 3037 3038 net->ipv6.ip6_blk_hole_entry = kmemdup(&ip6_blk_hole_entry_template, 3039 sizeof(*net->ipv6.ip6_blk_hole_entry), 3040 GFP_KERNEL); 3041 if (!net->ipv6.ip6_blk_hole_entry) 3042 goto out_ip6_prohibit_entry; 3043 net->ipv6.ip6_blk_hole_entry->dst.path = 3044 (struct dst_entry *)net->ipv6.ip6_blk_hole_entry; 3045 net->ipv6.ip6_blk_hole_entry->dst.ops = &net->ipv6.ip6_dst_ops; 3046 dst_init_metrics(&net->ipv6.ip6_blk_hole_entry->dst, 3047 ip6_template_metrics, true); 3048 #endif 3049 3050 net->ipv6.sysctl.flush_delay = 0; 3051 net->ipv6.sysctl.ip6_rt_max_size = 4096; 3052 net->ipv6.sysctl.ip6_rt_gc_min_interval = HZ / 2; 3053 net->ipv6.sysctl.ip6_rt_gc_timeout = 60*HZ; 3054 net->ipv6.sysctl.ip6_rt_gc_interval = 30*HZ; 3055 net->ipv6.sysctl.ip6_rt_gc_elasticity = 9; 3056 net->ipv6.sysctl.ip6_rt_mtu_expires = 10*60*HZ; 3057 net->ipv6.sysctl.ip6_rt_min_advmss = IPV6_MIN_MTU - 20 - 40; 3058 3059 net->ipv6.ip6_rt_gc_expire = 30*HZ; 3060 3061 ret = 0; 3062 out: 3063 return ret; 3064 3065 #ifdef CONFIG_IPV6_MULTIPLE_TABLES 3066 out_ip6_prohibit_entry: 3067 kfree(net->ipv6.ip6_prohibit_entry); 3068 out_ip6_null_entry: 3069 kfree(net->ipv6.ip6_null_entry); 3070 #endif 3071 out_ip6_dst_entries: 3072 dst_entries_destroy(&net->ipv6.ip6_dst_ops); 3073 out_ip6_dst_ops: 3074 goto out; 3075 } 3076 3077 static void __net_exit ip6_route_net_exit(struct net *net) 3078 { 3079 kfree(net->ipv6.ip6_null_entry); 3080 #ifdef CONFIG_IPV6_MULTIPLE_TABLES 3081 kfree(net->ipv6.ip6_prohibit_entry); 3082 kfree(net->ipv6.ip6_blk_hole_entry); 3083 #endif 3084 dst_entries_destroy(&net->ipv6.ip6_dst_ops); 3085 } 3086 3087 static int __net_init ip6_route_net_init_late(struct net *net) 3088 { 3089 #ifdef CONFIG_PROC_FS 3090 proc_create("ipv6_route", 0, net->proc_net, &ipv6_route_proc_fops); 3091 proc_create("rt6_stats", S_IRUGO, net->proc_net, &rt6_stats_seq_fops); 3092 #endif 3093 return 0; 3094 } 3095 3096 static void __net_exit ip6_route_net_exit_late(struct net *net) 3097 { 3098 #ifdef CONFIG_PROC_FS 3099 remove_proc_entry("ipv6_route", net->proc_net); 3100 remove_proc_entry("rt6_stats", net->proc_net); 3101 #endif 3102 } 3103 3104 static struct pernet_operations ip6_route_net_ops = { 3105 .init = ip6_route_net_init, 3106 .exit = ip6_route_net_exit, 3107 }; 3108 3109 static int __net_init ipv6_inetpeer_init(struct net *net) 3110 { 3111 struct inet_peer_base *bp = kmalloc(sizeof(*bp), GFP_KERNEL); 3112 3113 if (!bp) 3114 return -ENOMEM; 3115 inet_peer_base_init(bp); 3116 net->ipv6.peers = bp; 3117 return 0; 3118 } 3119 3120 static void __net_exit ipv6_inetpeer_exit(struct net *net) 3121 { 3122 struct inet_peer_base *bp = net->ipv6.peers; 3123 3124 net->ipv6.peers = NULL; 3125 inetpeer_invalidate_tree(bp); 3126 kfree(bp); 3127 } 3128 3129 static struct pernet_operations ipv6_inetpeer_ops = { 3130 .init = ipv6_inetpeer_init, 3131 .exit = ipv6_inetpeer_exit, 3132 }; 3133 3134 static struct pernet_operations ip6_route_net_late_ops = { 3135 .init = ip6_route_net_init_late, 3136 .exit = ip6_route_net_exit_late, 3137 }; 3138 3139 static struct notifier_block ip6_route_dev_notifier = { 3140 .notifier_call = ip6_route_dev_notify, 3141 .priority = 0, 3142 }; 3143 3144 int __init ip6_route_init(void) 3145 { 3146 int ret; 3147 3148 ret = -ENOMEM; 3149 ip6_dst_ops_template.kmem_cachep = 3150 kmem_cache_create("ip6_dst_cache", sizeof(struct rt6_info), 0, 3151 SLAB_HWCACHE_ALIGN, NULL); 3152 if (!ip6_dst_ops_template.kmem_cachep) 3153 goto out; 3154 3155 ret = dst_entries_init(&ip6_dst_blackhole_ops); 3156 if (ret) 3157 goto out_kmem_cache; 3158 3159 ret = register_pernet_subsys(&ipv6_inetpeer_ops); 3160 if (ret) 3161 goto out_dst_entries; 3162 3163 ret = register_pernet_subsys(&ip6_route_net_ops); 3164 if (ret) 3165 goto out_register_inetpeer; 3166 3167 ip6_dst_blackhole_ops.kmem_cachep = ip6_dst_ops_template.kmem_cachep; 3168 3169 /* Registering of the loopback is done before this portion of code, 3170 * the loopback reference in rt6_info will not be taken, do it 3171 * manually for init_net */ 3172 init_net.ipv6.ip6_null_entry->dst.dev = init_net.loopback_dev; 3173 init_net.ipv6.ip6_null_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev); 3174 #ifdef CONFIG_IPV6_MULTIPLE_TABLES 3175 init_net.ipv6.ip6_prohibit_entry->dst.dev = init_net.loopback_dev; 3176 init_net.ipv6.ip6_prohibit_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev); 3177 init_net.ipv6.ip6_blk_hole_entry->dst.dev = init_net.loopback_dev; 3178 init_net.ipv6.ip6_blk_hole_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev); 3179 #endif 3180 ret = fib6_init(); 3181 if (ret) 3182 goto out_register_subsys; 3183 3184 ret = xfrm6_init(); 3185 if (ret) 3186 goto out_fib6_init; 3187 3188 ret = fib6_rules_init(); 3189 if (ret) 3190 goto xfrm6_init; 3191 3192 ret = register_pernet_subsys(&ip6_route_net_late_ops); 3193 if (ret) 3194 goto fib6_rules_init; 3195 3196 ret = -ENOBUFS; 3197 if (__rtnl_register(PF_INET6, RTM_NEWROUTE, inet6_rtm_newroute, NULL, NULL) || 3198 __rtnl_register(PF_INET6, RTM_DELROUTE, inet6_rtm_delroute, NULL, NULL) || 3199 __rtnl_register(PF_INET6, RTM_GETROUTE, inet6_rtm_getroute, NULL, NULL)) 3200 goto out_register_late_subsys; 3201 3202 ret = register_netdevice_notifier(&ip6_route_dev_notifier); 3203 if (ret) 3204 goto out_register_late_subsys; 3205 3206 out: 3207 return ret; 3208 3209 out_register_late_subsys: 3210 unregister_pernet_subsys(&ip6_route_net_late_ops); 3211 fib6_rules_init: 3212 fib6_rules_cleanup(); 3213 xfrm6_init: 3214 xfrm6_fini(); 3215 out_fib6_init: 3216 fib6_gc_cleanup(); 3217 out_register_subsys: 3218 unregister_pernet_subsys(&ip6_route_net_ops); 3219 out_register_inetpeer: 3220 unregister_pernet_subsys(&ipv6_inetpeer_ops); 3221 out_dst_entries: 3222 dst_entries_destroy(&ip6_dst_blackhole_ops); 3223 out_kmem_cache: 3224 kmem_cache_destroy(ip6_dst_ops_template.kmem_cachep); 3225 goto out; 3226 } 3227 3228 void ip6_route_cleanup(void) 3229 { 3230 unregister_netdevice_notifier(&ip6_route_dev_notifier); 3231 unregister_pernet_subsys(&ip6_route_net_late_ops); 3232 fib6_rules_cleanup(); 3233 xfrm6_fini(); 3234 fib6_gc_cleanup(); 3235 unregister_pernet_subsys(&ipv6_inetpeer_ops); 3236 unregister_pernet_subsys(&ip6_route_net_ops); 3237 dst_entries_destroy(&ip6_dst_blackhole_ops); 3238 kmem_cache_destroy(ip6_dst_ops_template.kmem_cachep); 3239 } 3240