1 /* 2 * Linux INET6 implementation 3 * FIB front-end. 4 * 5 * Authors: 6 * Pedro Roque <roque@di.fc.ul.pt> 7 * 8 * This program is free software; you can redistribute it and/or 9 * modify it under the terms of the GNU General Public License 10 * as published by the Free Software Foundation; either version 11 * 2 of the License, or (at your option) any later version. 12 */ 13 14 /* Changes: 15 * 16 * YOSHIFUJI Hideaki @USAGI 17 * reworked default router selection. 18 * - respect outgoing interface 19 * - select from (probably) reachable routers (i.e. 20 * routers in REACHABLE, STALE, DELAY or PROBE states). 21 * - always select the same router if it is (probably) 22 * reachable. otherwise, round-robin the list. 23 * Ville Nuorvala 24 * Fixed routing subtrees. 25 */ 26 27 #define pr_fmt(fmt) "IPv6: " fmt 28 29 #include <linux/capability.h> 30 #include <linux/errno.h> 31 #include <linux/export.h> 32 #include <linux/types.h> 33 #include <linux/times.h> 34 #include <linux/socket.h> 35 #include <linux/sockios.h> 36 #include <linux/net.h> 37 #include <linux/route.h> 38 #include <linux/netdevice.h> 39 #include <linux/in6.h> 40 #include <linux/mroute6.h> 41 #include <linux/init.h> 42 #include <linux/if_arp.h> 43 #include <linux/proc_fs.h> 44 #include <linux/seq_file.h> 45 #include <linux/nsproxy.h> 46 #include <linux/slab.h> 47 #include <net/net_namespace.h> 48 #include <net/snmp.h> 49 #include <net/ipv6.h> 50 #include <net/ip6_fib.h> 51 #include <net/ip6_route.h> 52 #include <net/ndisc.h> 53 #include <net/addrconf.h> 54 #include <net/tcp.h> 55 #include <linux/rtnetlink.h> 56 #include <net/dst.h> 57 #include <net/xfrm.h> 58 #include <net/netevent.h> 59 #include <net/netlink.h> 60 #include <net/nexthop.h> 61 62 #include <asm/uaccess.h> 63 64 #ifdef CONFIG_SYSCTL 65 #include <linux/sysctl.h> 66 #endif 67 68 enum rt6_nud_state { 69 RT6_NUD_FAIL_HARD = -2, 70 RT6_NUD_FAIL_SOFT = -1, 71 RT6_NUD_SUCCEED = 1 72 }; 73 74 static struct rt6_info *ip6_rt_copy(struct rt6_info *ort, 75 const struct in6_addr *dest); 76 static struct dst_entry *ip6_dst_check(struct dst_entry *dst, u32 cookie); 77 static unsigned int ip6_default_advmss(const struct dst_entry *dst); 78 static unsigned int ip6_mtu(const struct dst_entry *dst); 79 static struct dst_entry *ip6_negative_advice(struct dst_entry *); 80 static void ip6_dst_destroy(struct dst_entry *); 81 static void ip6_dst_ifdown(struct dst_entry *, 82 struct net_device *dev, int how); 83 static int ip6_dst_gc(struct dst_ops *ops); 84 85 static int ip6_pkt_discard(struct sk_buff *skb); 86 static int ip6_pkt_discard_out(struct sk_buff *skb); 87 static int ip6_pkt_prohibit(struct sk_buff *skb); 88 static int ip6_pkt_prohibit_out(struct sk_buff *skb); 89 static void ip6_link_failure(struct sk_buff *skb); 90 static void ip6_rt_update_pmtu(struct dst_entry *dst, struct sock *sk, 91 struct sk_buff *skb, u32 mtu); 92 static void rt6_do_redirect(struct dst_entry *dst, struct sock *sk, 93 struct sk_buff *skb); 94 static int rt6_score_route(struct rt6_info *rt, int oif, int strict); 95 96 #ifdef CONFIG_IPV6_ROUTE_INFO 97 static struct rt6_info *rt6_add_route_info(struct net *net, 98 const struct in6_addr *prefix, int prefixlen, 99 const struct in6_addr *gwaddr, int ifindex, 100 unsigned int pref); 101 static struct rt6_info *rt6_get_route_info(struct net *net, 102 const struct in6_addr *prefix, int prefixlen, 103 const struct in6_addr *gwaddr, int ifindex); 104 #endif 105 106 static u32 *ipv6_cow_metrics(struct dst_entry *dst, unsigned long old) 107 { 108 struct rt6_info *rt = (struct rt6_info *) dst; 109 struct inet_peer *peer; 110 u32 *p = NULL; 111 112 if (!(rt->dst.flags & DST_HOST)) 113 return NULL; 114 115 peer = rt6_get_peer_create(rt); 116 if (peer) { 117 u32 *old_p = __DST_METRICS_PTR(old); 118 unsigned long prev, new; 119 120 p = peer->metrics; 121 if (inet_metrics_new(peer)) 122 memcpy(p, old_p, sizeof(u32) * RTAX_MAX); 123 124 new = (unsigned long) p; 125 prev = cmpxchg(&dst->_metrics, old, new); 126 127 if (prev != old) { 128 p = __DST_METRICS_PTR(prev); 129 if (prev & DST_METRICS_READ_ONLY) 130 p = NULL; 131 } 132 } 133 return p; 134 } 135 136 static inline const void *choose_neigh_daddr(struct rt6_info *rt, 137 struct sk_buff *skb, 138 const void *daddr) 139 { 140 struct in6_addr *p = &rt->rt6i_gateway; 141 142 if (!ipv6_addr_any(p)) 143 return (const void *) p; 144 else if (skb) 145 return &ipv6_hdr(skb)->daddr; 146 return daddr; 147 } 148 149 static struct neighbour *ip6_neigh_lookup(const struct dst_entry *dst, 150 struct sk_buff *skb, 151 const void *daddr) 152 { 153 struct rt6_info *rt = (struct rt6_info *) dst; 154 struct neighbour *n; 155 156 daddr = choose_neigh_daddr(rt, skb, daddr); 157 n = __ipv6_neigh_lookup(dst->dev, daddr); 158 if (n) 159 return n; 160 return neigh_create(&nd_tbl, daddr, dst->dev); 161 } 162 163 static struct dst_ops ip6_dst_ops_template = { 164 .family = AF_INET6, 165 .protocol = cpu_to_be16(ETH_P_IPV6), 166 .gc = ip6_dst_gc, 167 .gc_thresh = 1024, 168 .check = ip6_dst_check, 169 .default_advmss = ip6_default_advmss, 170 .mtu = ip6_mtu, 171 .cow_metrics = ipv6_cow_metrics, 172 .destroy = ip6_dst_destroy, 173 .ifdown = ip6_dst_ifdown, 174 .negative_advice = ip6_negative_advice, 175 .link_failure = ip6_link_failure, 176 .update_pmtu = ip6_rt_update_pmtu, 177 .redirect = rt6_do_redirect, 178 .local_out = __ip6_local_out, 179 .neigh_lookup = ip6_neigh_lookup, 180 }; 181 182 static unsigned int ip6_blackhole_mtu(const struct dst_entry *dst) 183 { 184 unsigned int mtu = dst_metric_raw(dst, RTAX_MTU); 185 186 return mtu ? : dst->dev->mtu; 187 } 188 189 static void ip6_rt_blackhole_update_pmtu(struct dst_entry *dst, struct sock *sk, 190 struct sk_buff *skb, u32 mtu) 191 { 192 } 193 194 static void ip6_rt_blackhole_redirect(struct dst_entry *dst, struct sock *sk, 195 struct sk_buff *skb) 196 { 197 } 198 199 static u32 *ip6_rt_blackhole_cow_metrics(struct dst_entry *dst, 200 unsigned long old) 201 { 202 return NULL; 203 } 204 205 static struct dst_ops ip6_dst_blackhole_ops = { 206 .family = AF_INET6, 207 .protocol = cpu_to_be16(ETH_P_IPV6), 208 .destroy = ip6_dst_destroy, 209 .check = ip6_dst_check, 210 .mtu = ip6_blackhole_mtu, 211 .default_advmss = ip6_default_advmss, 212 .update_pmtu = ip6_rt_blackhole_update_pmtu, 213 .redirect = ip6_rt_blackhole_redirect, 214 .cow_metrics = ip6_rt_blackhole_cow_metrics, 215 .neigh_lookup = ip6_neigh_lookup, 216 }; 217 218 static const u32 ip6_template_metrics[RTAX_MAX] = { 219 [RTAX_HOPLIMIT - 1] = 0, 220 }; 221 222 static const struct rt6_info ip6_null_entry_template = { 223 .dst = { 224 .__refcnt = ATOMIC_INIT(1), 225 .__use = 1, 226 .obsolete = DST_OBSOLETE_FORCE_CHK, 227 .error = -ENETUNREACH, 228 .input = ip6_pkt_discard, 229 .output = ip6_pkt_discard_out, 230 }, 231 .rt6i_flags = (RTF_REJECT | RTF_NONEXTHOP), 232 .rt6i_protocol = RTPROT_KERNEL, 233 .rt6i_metric = ~(u32) 0, 234 .rt6i_ref = ATOMIC_INIT(1), 235 }; 236 237 #ifdef CONFIG_IPV6_MULTIPLE_TABLES 238 239 static const struct rt6_info ip6_prohibit_entry_template = { 240 .dst = { 241 .__refcnt = ATOMIC_INIT(1), 242 .__use = 1, 243 .obsolete = DST_OBSOLETE_FORCE_CHK, 244 .error = -EACCES, 245 .input = ip6_pkt_prohibit, 246 .output = ip6_pkt_prohibit_out, 247 }, 248 .rt6i_flags = (RTF_REJECT | RTF_NONEXTHOP), 249 .rt6i_protocol = RTPROT_KERNEL, 250 .rt6i_metric = ~(u32) 0, 251 .rt6i_ref = ATOMIC_INIT(1), 252 }; 253 254 static const struct rt6_info ip6_blk_hole_entry_template = { 255 .dst = { 256 .__refcnt = ATOMIC_INIT(1), 257 .__use = 1, 258 .obsolete = DST_OBSOLETE_FORCE_CHK, 259 .error = -EINVAL, 260 .input = dst_discard, 261 .output = dst_discard, 262 }, 263 .rt6i_flags = (RTF_REJECT | RTF_NONEXTHOP), 264 .rt6i_protocol = RTPROT_KERNEL, 265 .rt6i_metric = ~(u32) 0, 266 .rt6i_ref = ATOMIC_INIT(1), 267 }; 268 269 #endif 270 271 /* allocate dst with ip6_dst_ops */ 272 static inline struct rt6_info *ip6_dst_alloc(struct net *net, 273 struct net_device *dev, 274 int flags, 275 struct fib6_table *table) 276 { 277 struct rt6_info *rt = dst_alloc(&net->ipv6.ip6_dst_ops, dev, 278 0, DST_OBSOLETE_FORCE_CHK, flags); 279 280 if (rt) { 281 struct dst_entry *dst = &rt->dst; 282 283 memset(dst + 1, 0, sizeof(*rt) - sizeof(*dst)); 284 rt6_init_peer(rt, table ? &table->tb6_peers : net->ipv6.peers); 285 rt->rt6i_genid = rt_genid_ipv6(net); 286 INIT_LIST_HEAD(&rt->rt6i_siblings); 287 } 288 return rt; 289 } 290 291 static void ip6_dst_destroy(struct dst_entry *dst) 292 { 293 struct rt6_info *rt = (struct rt6_info *)dst; 294 struct inet6_dev *idev = rt->rt6i_idev; 295 struct dst_entry *from = dst->from; 296 297 if (!(rt->dst.flags & DST_HOST)) 298 dst_destroy_metrics_generic(dst); 299 300 if (idev) { 301 rt->rt6i_idev = NULL; 302 in6_dev_put(idev); 303 } 304 305 dst->from = NULL; 306 dst_release(from); 307 308 if (rt6_has_peer(rt)) { 309 struct inet_peer *peer = rt6_peer_ptr(rt); 310 inet_putpeer(peer); 311 } 312 } 313 314 void rt6_bind_peer(struct rt6_info *rt, int create) 315 { 316 struct inet_peer_base *base; 317 struct inet_peer *peer; 318 319 base = inetpeer_base_ptr(rt->_rt6i_peer); 320 if (!base) 321 return; 322 323 peer = inet_getpeer_v6(base, &rt->rt6i_dst.addr, create); 324 if (peer) { 325 if (!rt6_set_peer(rt, peer)) 326 inet_putpeer(peer); 327 } 328 } 329 330 static void ip6_dst_ifdown(struct dst_entry *dst, struct net_device *dev, 331 int how) 332 { 333 struct rt6_info *rt = (struct rt6_info *)dst; 334 struct inet6_dev *idev = rt->rt6i_idev; 335 struct net_device *loopback_dev = 336 dev_net(dev)->loopback_dev; 337 338 if (dev != loopback_dev) { 339 if (idev && idev->dev == dev) { 340 struct inet6_dev *loopback_idev = 341 in6_dev_get(loopback_dev); 342 if (loopback_idev) { 343 rt->rt6i_idev = loopback_idev; 344 in6_dev_put(idev); 345 } 346 } 347 } 348 } 349 350 static bool rt6_check_expired(const struct rt6_info *rt) 351 { 352 if (rt->rt6i_flags & RTF_EXPIRES) { 353 if (time_after(jiffies, rt->dst.expires)) 354 return true; 355 } else if (rt->dst.from) { 356 return rt6_check_expired((struct rt6_info *) rt->dst.from); 357 } 358 return false; 359 } 360 361 static bool rt6_need_strict(const struct in6_addr *daddr) 362 { 363 return ipv6_addr_type(daddr) & 364 (IPV6_ADDR_MULTICAST | IPV6_ADDR_LINKLOCAL | IPV6_ADDR_LOOPBACK); 365 } 366 367 /* Multipath route selection: 368 * Hash based function using packet header and flowlabel. 369 * Adapted from fib_info_hashfn() 370 */ 371 static int rt6_info_hash_nhsfn(unsigned int candidate_count, 372 const struct flowi6 *fl6) 373 { 374 unsigned int val = fl6->flowi6_proto; 375 376 val ^= ipv6_addr_hash(&fl6->daddr); 377 val ^= ipv6_addr_hash(&fl6->saddr); 378 379 /* Work only if this not encapsulated */ 380 switch (fl6->flowi6_proto) { 381 case IPPROTO_UDP: 382 case IPPROTO_TCP: 383 case IPPROTO_SCTP: 384 val ^= (__force u16)fl6->fl6_sport; 385 val ^= (__force u16)fl6->fl6_dport; 386 break; 387 388 case IPPROTO_ICMPV6: 389 val ^= (__force u16)fl6->fl6_icmp_type; 390 val ^= (__force u16)fl6->fl6_icmp_code; 391 break; 392 } 393 /* RFC6438 recommands to use flowlabel */ 394 val ^= (__force u32)fl6->flowlabel; 395 396 /* Perhaps, we need to tune, this function? */ 397 val = val ^ (val >> 7) ^ (val >> 12); 398 return val % candidate_count; 399 } 400 401 static struct rt6_info *rt6_multipath_select(struct rt6_info *match, 402 struct flowi6 *fl6, int oif, 403 int strict) 404 { 405 struct rt6_info *sibling, *next_sibling; 406 int route_choosen; 407 408 route_choosen = rt6_info_hash_nhsfn(match->rt6i_nsiblings + 1, fl6); 409 /* Don't change the route, if route_choosen == 0 410 * (siblings does not include ourself) 411 */ 412 if (route_choosen) 413 list_for_each_entry_safe(sibling, next_sibling, 414 &match->rt6i_siblings, rt6i_siblings) { 415 route_choosen--; 416 if (route_choosen == 0) { 417 if (rt6_score_route(sibling, oif, strict) < 0) 418 break; 419 match = sibling; 420 break; 421 } 422 } 423 return match; 424 } 425 426 /* 427 * Route lookup. Any table->tb6_lock is implied. 428 */ 429 430 static inline struct rt6_info *rt6_device_match(struct net *net, 431 struct rt6_info *rt, 432 const struct in6_addr *saddr, 433 int oif, 434 int flags) 435 { 436 struct rt6_info *local = NULL; 437 struct rt6_info *sprt; 438 439 if (!oif && ipv6_addr_any(saddr)) 440 goto out; 441 442 for (sprt = rt; sprt; sprt = sprt->dst.rt6_next) { 443 struct net_device *dev = sprt->dst.dev; 444 445 if (oif) { 446 if (dev->ifindex == oif) 447 return sprt; 448 if (dev->flags & IFF_LOOPBACK) { 449 if (!sprt->rt6i_idev || 450 sprt->rt6i_idev->dev->ifindex != oif) { 451 if (flags & RT6_LOOKUP_F_IFACE && oif) 452 continue; 453 if (local && (!oif || 454 local->rt6i_idev->dev->ifindex == oif)) 455 continue; 456 } 457 local = sprt; 458 } 459 } else { 460 if (ipv6_chk_addr(net, saddr, dev, 461 flags & RT6_LOOKUP_F_IFACE)) 462 return sprt; 463 } 464 } 465 466 if (oif) { 467 if (local) 468 return local; 469 470 if (flags & RT6_LOOKUP_F_IFACE) 471 return net->ipv6.ip6_null_entry; 472 } 473 out: 474 return rt; 475 } 476 477 #ifdef CONFIG_IPV6_ROUTER_PREF 478 struct __rt6_probe_work { 479 struct work_struct work; 480 struct in6_addr target; 481 struct net_device *dev; 482 }; 483 484 static void rt6_probe_deferred(struct work_struct *w) 485 { 486 struct in6_addr mcaddr; 487 struct __rt6_probe_work *work = 488 container_of(w, struct __rt6_probe_work, work); 489 490 addrconf_addr_solict_mult(&work->target, &mcaddr); 491 ndisc_send_ns(work->dev, NULL, &work->target, &mcaddr, NULL); 492 dev_put(work->dev); 493 kfree(w); 494 } 495 496 static void rt6_probe(struct rt6_info *rt) 497 { 498 struct neighbour *neigh; 499 /* 500 * Okay, this does not seem to be appropriate 501 * for now, however, we need to check if it 502 * is really so; aka Router Reachability Probing. 503 * 504 * Router Reachability Probe MUST be rate-limited 505 * to no more than one per minute. 506 */ 507 if (!rt || !(rt->rt6i_flags & RTF_GATEWAY)) 508 return; 509 rcu_read_lock_bh(); 510 neigh = __ipv6_neigh_lookup_noref(rt->dst.dev, &rt->rt6i_gateway); 511 if (neigh) { 512 write_lock(&neigh->lock); 513 if (neigh->nud_state & NUD_VALID) 514 goto out; 515 } 516 517 if (!neigh || 518 time_after(jiffies, neigh->updated + rt->rt6i_idev->cnf.rtr_probe_interval)) { 519 struct __rt6_probe_work *work; 520 521 work = kmalloc(sizeof(*work), GFP_ATOMIC); 522 523 if (neigh && work) 524 neigh->updated = jiffies; 525 526 if (neigh) 527 write_unlock(&neigh->lock); 528 529 if (work) { 530 INIT_WORK(&work->work, rt6_probe_deferred); 531 work->target = rt->rt6i_gateway; 532 dev_hold(rt->dst.dev); 533 work->dev = rt->dst.dev; 534 schedule_work(&work->work); 535 } 536 } else { 537 out: 538 write_unlock(&neigh->lock); 539 } 540 rcu_read_unlock_bh(); 541 } 542 #else 543 static inline void rt6_probe(struct rt6_info *rt) 544 { 545 } 546 #endif 547 548 /* 549 * Default Router Selection (RFC 2461 6.3.6) 550 */ 551 static inline int rt6_check_dev(struct rt6_info *rt, int oif) 552 { 553 struct net_device *dev = rt->dst.dev; 554 if (!oif || dev->ifindex == oif) 555 return 2; 556 if ((dev->flags & IFF_LOOPBACK) && 557 rt->rt6i_idev && rt->rt6i_idev->dev->ifindex == oif) 558 return 1; 559 return 0; 560 } 561 562 static inline enum rt6_nud_state rt6_check_neigh(struct rt6_info *rt) 563 { 564 struct neighbour *neigh; 565 enum rt6_nud_state ret = RT6_NUD_FAIL_HARD; 566 567 if (rt->rt6i_flags & RTF_NONEXTHOP || 568 !(rt->rt6i_flags & RTF_GATEWAY)) 569 return RT6_NUD_SUCCEED; 570 571 rcu_read_lock_bh(); 572 neigh = __ipv6_neigh_lookup_noref(rt->dst.dev, &rt->rt6i_gateway); 573 if (neigh) { 574 read_lock(&neigh->lock); 575 if (neigh->nud_state & NUD_VALID) 576 ret = RT6_NUD_SUCCEED; 577 #ifdef CONFIG_IPV6_ROUTER_PREF 578 else if (!(neigh->nud_state & NUD_FAILED)) 579 ret = RT6_NUD_SUCCEED; 580 #endif 581 read_unlock(&neigh->lock); 582 } else { 583 ret = IS_ENABLED(CONFIG_IPV6_ROUTER_PREF) ? 584 RT6_NUD_SUCCEED : RT6_NUD_FAIL_SOFT; 585 } 586 rcu_read_unlock_bh(); 587 588 return ret; 589 } 590 591 static int rt6_score_route(struct rt6_info *rt, int oif, 592 int strict) 593 { 594 int m; 595 596 m = rt6_check_dev(rt, oif); 597 if (!m && (strict & RT6_LOOKUP_F_IFACE)) 598 return RT6_NUD_FAIL_HARD; 599 #ifdef CONFIG_IPV6_ROUTER_PREF 600 m |= IPV6_DECODE_PREF(IPV6_EXTRACT_PREF(rt->rt6i_flags)) << 2; 601 #endif 602 if (strict & RT6_LOOKUP_F_REACHABLE) { 603 int n = rt6_check_neigh(rt); 604 if (n < 0) 605 return n; 606 } 607 return m; 608 } 609 610 static struct rt6_info *find_match(struct rt6_info *rt, int oif, int strict, 611 int *mpri, struct rt6_info *match, 612 bool *do_rr) 613 { 614 int m; 615 bool match_do_rr = false; 616 617 if (rt6_check_expired(rt)) 618 goto out; 619 620 m = rt6_score_route(rt, oif, strict); 621 if (m == RT6_NUD_FAIL_SOFT) { 622 match_do_rr = true; 623 m = 0; /* lowest valid score */ 624 } else if (m < 0) { 625 goto out; 626 } 627 628 if (strict & RT6_LOOKUP_F_REACHABLE) 629 rt6_probe(rt); 630 631 if (m > *mpri) { 632 *do_rr = match_do_rr; 633 *mpri = m; 634 match = rt; 635 } 636 out: 637 return match; 638 } 639 640 static struct rt6_info *find_rr_leaf(struct fib6_node *fn, 641 struct rt6_info *rr_head, 642 u32 metric, int oif, int strict, 643 bool *do_rr) 644 { 645 struct rt6_info *rt, *match; 646 int mpri = -1; 647 648 match = NULL; 649 for (rt = rr_head; rt && rt->rt6i_metric == metric; 650 rt = rt->dst.rt6_next) 651 match = find_match(rt, oif, strict, &mpri, match, do_rr); 652 for (rt = fn->leaf; rt && rt != rr_head && rt->rt6i_metric == metric; 653 rt = rt->dst.rt6_next) 654 match = find_match(rt, oif, strict, &mpri, match, do_rr); 655 656 return match; 657 } 658 659 static struct rt6_info *rt6_select(struct fib6_node *fn, int oif, int strict) 660 { 661 struct rt6_info *match, *rt0; 662 struct net *net; 663 bool do_rr = false; 664 665 rt0 = fn->rr_ptr; 666 if (!rt0) 667 fn->rr_ptr = rt0 = fn->leaf; 668 669 match = find_rr_leaf(fn, rt0, rt0->rt6i_metric, oif, strict, 670 &do_rr); 671 672 if (do_rr) { 673 struct rt6_info *next = rt0->dst.rt6_next; 674 675 /* no entries matched; do round-robin */ 676 if (!next || next->rt6i_metric != rt0->rt6i_metric) 677 next = fn->leaf; 678 679 if (next != rt0) 680 fn->rr_ptr = next; 681 } 682 683 net = dev_net(rt0->dst.dev); 684 return match ? match : net->ipv6.ip6_null_entry; 685 } 686 687 #ifdef CONFIG_IPV6_ROUTE_INFO 688 int rt6_route_rcv(struct net_device *dev, u8 *opt, int len, 689 const struct in6_addr *gwaddr) 690 { 691 struct net *net = dev_net(dev); 692 struct route_info *rinfo = (struct route_info *) opt; 693 struct in6_addr prefix_buf, *prefix; 694 unsigned int pref; 695 unsigned long lifetime; 696 struct rt6_info *rt; 697 698 if (len < sizeof(struct route_info)) { 699 return -EINVAL; 700 } 701 702 /* Sanity check for prefix_len and length */ 703 if (rinfo->length > 3) { 704 return -EINVAL; 705 } else if (rinfo->prefix_len > 128) { 706 return -EINVAL; 707 } else if (rinfo->prefix_len > 64) { 708 if (rinfo->length < 2) { 709 return -EINVAL; 710 } 711 } else if (rinfo->prefix_len > 0) { 712 if (rinfo->length < 1) { 713 return -EINVAL; 714 } 715 } 716 717 pref = rinfo->route_pref; 718 if (pref == ICMPV6_ROUTER_PREF_INVALID) 719 return -EINVAL; 720 721 lifetime = addrconf_timeout_fixup(ntohl(rinfo->lifetime), HZ); 722 723 if (rinfo->length == 3) 724 prefix = (struct in6_addr *)rinfo->prefix; 725 else { 726 /* this function is safe */ 727 ipv6_addr_prefix(&prefix_buf, 728 (struct in6_addr *)rinfo->prefix, 729 rinfo->prefix_len); 730 prefix = &prefix_buf; 731 } 732 733 if (rinfo->prefix_len == 0) 734 rt = rt6_get_dflt_router(gwaddr, dev); 735 else 736 rt = rt6_get_route_info(net, prefix, rinfo->prefix_len, 737 gwaddr, dev->ifindex); 738 739 if (rt && !lifetime) { 740 ip6_del_rt(rt); 741 rt = NULL; 742 } 743 744 if (!rt && lifetime) 745 rt = rt6_add_route_info(net, prefix, rinfo->prefix_len, gwaddr, dev->ifindex, 746 pref); 747 else if (rt) 748 rt->rt6i_flags = RTF_ROUTEINFO | 749 (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref); 750 751 if (rt) { 752 if (!addrconf_finite_timeout(lifetime)) 753 rt6_clean_expires(rt); 754 else 755 rt6_set_expires(rt, jiffies + HZ * lifetime); 756 757 ip6_rt_put(rt); 758 } 759 return 0; 760 } 761 #endif 762 763 #define BACKTRACK(__net, saddr) \ 764 do { \ 765 if (rt == __net->ipv6.ip6_null_entry) { \ 766 struct fib6_node *pn; \ 767 while (1) { \ 768 if (fn->fn_flags & RTN_TL_ROOT) \ 769 goto out; \ 770 pn = fn->parent; \ 771 if (FIB6_SUBTREE(pn) && FIB6_SUBTREE(pn) != fn) \ 772 fn = fib6_lookup(FIB6_SUBTREE(pn), NULL, saddr); \ 773 else \ 774 fn = pn; \ 775 if (fn->fn_flags & RTN_RTINFO) \ 776 goto restart; \ 777 } \ 778 } \ 779 } while (0) 780 781 static struct rt6_info *ip6_pol_route_lookup(struct net *net, 782 struct fib6_table *table, 783 struct flowi6 *fl6, int flags) 784 { 785 struct fib6_node *fn; 786 struct rt6_info *rt; 787 788 read_lock_bh(&table->tb6_lock); 789 fn = fib6_lookup(&table->tb6_root, &fl6->daddr, &fl6->saddr); 790 restart: 791 rt = fn->leaf; 792 rt = rt6_device_match(net, rt, &fl6->saddr, fl6->flowi6_oif, flags); 793 if (rt->rt6i_nsiblings && fl6->flowi6_oif == 0) 794 rt = rt6_multipath_select(rt, fl6, fl6->flowi6_oif, flags); 795 BACKTRACK(net, &fl6->saddr); 796 out: 797 dst_use(&rt->dst, jiffies); 798 read_unlock_bh(&table->tb6_lock); 799 return rt; 800 801 } 802 803 struct dst_entry * ip6_route_lookup(struct net *net, struct flowi6 *fl6, 804 int flags) 805 { 806 return fib6_rule_lookup(net, fl6, flags, ip6_pol_route_lookup); 807 } 808 EXPORT_SYMBOL_GPL(ip6_route_lookup); 809 810 struct rt6_info *rt6_lookup(struct net *net, const struct in6_addr *daddr, 811 const struct in6_addr *saddr, int oif, int strict) 812 { 813 struct flowi6 fl6 = { 814 .flowi6_oif = oif, 815 .daddr = *daddr, 816 }; 817 struct dst_entry *dst; 818 int flags = strict ? RT6_LOOKUP_F_IFACE : 0; 819 820 if (saddr) { 821 memcpy(&fl6.saddr, saddr, sizeof(*saddr)); 822 flags |= RT6_LOOKUP_F_HAS_SADDR; 823 } 824 825 dst = fib6_rule_lookup(net, &fl6, flags, ip6_pol_route_lookup); 826 if (dst->error == 0) 827 return (struct rt6_info *) dst; 828 829 dst_release(dst); 830 831 return NULL; 832 } 833 834 EXPORT_SYMBOL(rt6_lookup); 835 836 /* ip6_ins_rt is called with FREE table->tb6_lock. 837 It takes new route entry, the addition fails by any reason the 838 route is freed. In any case, if caller does not hold it, it may 839 be destroyed. 840 */ 841 842 static int __ip6_ins_rt(struct rt6_info *rt, struct nl_info *info) 843 { 844 int err; 845 struct fib6_table *table; 846 847 table = rt->rt6i_table; 848 write_lock_bh(&table->tb6_lock); 849 err = fib6_add(&table->tb6_root, rt, info); 850 write_unlock_bh(&table->tb6_lock); 851 852 return err; 853 } 854 855 int ip6_ins_rt(struct rt6_info *rt) 856 { 857 struct nl_info info = { 858 .nl_net = dev_net(rt->dst.dev), 859 }; 860 return __ip6_ins_rt(rt, &info); 861 } 862 863 static struct rt6_info *rt6_alloc_cow(struct rt6_info *ort, 864 const struct in6_addr *daddr, 865 const struct in6_addr *saddr) 866 { 867 struct rt6_info *rt; 868 869 /* 870 * Clone the route. 871 */ 872 873 rt = ip6_rt_copy(ort, daddr); 874 875 if (rt) { 876 if (ort->rt6i_dst.plen != 128 && 877 ipv6_addr_equal(&ort->rt6i_dst.addr, daddr)) 878 rt->rt6i_flags |= RTF_ANYCAST; 879 880 rt->rt6i_flags |= RTF_CACHE; 881 882 #ifdef CONFIG_IPV6_SUBTREES 883 if (rt->rt6i_src.plen && saddr) { 884 rt->rt6i_src.addr = *saddr; 885 rt->rt6i_src.plen = 128; 886 } 887 #endif 888 } 889 890 return rt; 891 } 892 893 static struct rt6_info *rt6_alloc_clone(struct rt6_info *ort, 894 const struct in6_addr *daddr) 895 { 896 struct rt6_info *rt = ip6_rt_copy(ort, daddr); 897 898 if (rt) 899 rt->rt6i_flags |= RTF_CACHE; 900 return rt; 901 } 902 903 static struct rt6_info *ip6_pol_route(struct net *net, struct fib6_table *table, int oif, 904 struct flowi6 *fl6, int flags) 905 { 906 struct fib6_node *fn; 907 struct rt6_info *rt, *nrt; 908 int strict = 0; 909 int attempts = 3; 910 int err; 911 int reachable = net->ipv6.devconf_all->forwarding ? 0 : RT6_LOOKUP_F_REACHABLE; 912 913 strict |= flags & RT6_LOOKUP_F_IFACE; 914 915 relookup: 916 read_lock_bh(&table->tb6_lock); 917 918 restart_2: 919 fn = fib6_lookup(&table->tb6_root, &fl6->daddr, &fl6->saddr); 920 921 restart: 922 rt = rt6_select(fn, oif, strict | reachable); 923 if (rt->rt6i_nsiblings) 924 rt = rt6_multipath_select(rt, fl6, oif, strict | reachable); 925 BACKTRACK(net, &fl6->saddr); 926 if (rt == net->ipv6.ip6_null_entry || 927 rt->rt6i_flags & RTF_CACHE) 928 goto out; 929 930 dst_hold(&rt->dst); 931 read_unlock_bh(&table->tb6_lock); 932 933 if (!(rt->rt6i_flags & (RTF_NONEXTHOP | RTF_GATEWAY))) 934 nrt = rt6_alloc_cow(rt, &fl6->daddr, &fl6->saddr); 935 else if (!(rt->dst.flags & DST_HOST)) 936 nrt = rt6_alloc_clone(rt, &fl6->daddr); 937 else 938 goto out2; 939 940 ip6_rt_put(rt); 941 rt = nrt ? : net->ipv6.ip6_null_entry; 942 943 dst_hold(&rt->dst); 944 if (nrt) { 945 err = ip6_ins_rt(nrt); 946 if (!err) 947 goto out2; 948 } 949 950 if (--attempts <= 0) 951 goto out2; 952 953 /* 954 * Race condition! In the gap, when table->tb6_lock was 955 * released someone could insert this route. Relookup. 956 */ 957 ip6_rt_put(rt); 958 goto relookup; 959 960 out: 961 if (reachable) { 962 reachable = 0; 963 goto restart_2; 964 } 965 dst_hold(&rt->dst); 966 read_unlock_bh(&table->tb6_lock); 967 out2: 968 rt->dst.lastuse = jiffies; 969 rt->dst.__use++; 970 971 return rt; 972 } 973 974 static struct rt6_info *ip6_pol_route_input(struct net *net, struct fib6_table *table, 975 struct flowi6 *fl6, int flags) 976 { 977 return ip6_pol_route(net, table, fl6->flowi6_iif, fl6, flags); 978 } 979 980 static struct dst_entry *ip6_route_input_lookup(struct net *net, 981 struct net_device *dev, 982 struct flowi6 *fl6, int flags) 983 { 984 if (rt6_need_strict(&fl6->daddr) && dev->type != ARPHRD_PIMREG) 985 flags |= RT6_LOOKUP_F_IFACE; 986 987 return fib6_rule_lookup(net, fl6, flags, ip6_pol_route_input); 988 } 989 990 void ip6_route_input(struct sk_buff *skb) 991 { 992 const struct ipv6hdr *iph = ipv6_hdr(skb); 993 struct net *net = dev_net(skb->dev); 994 int flags = RT6_LOOKUP_F_HAS_SADDR; 995 struct flowi6 fl6 = { 996 .flowi6_iif = skb->dev->ifindex, 997 .daddr = iph->daddr, 998 .saddr = iph->saddr, 999 .flowlabel = ip6_flowinfo(iph), 1000 .flowi6_mark = skb->mark, 1001 .flowi6_proto = iph->nexthdr, 1002 }; 1003 1004 skb_dst_set(skb, ip6_route_input_lookup(net, skb->dev, &fl6, flags)); 1005 } 1006 1007 static struct rt6_info *ip6_pol_route_output(struct net *net, struct fib6_table *table, 1008 struct flowi6 *fl6, int flags) 1009 { 1010 return ip6_pol_route(net, table, fl6->flowi6_oif, fl6, flags); 1011 } 1012 1013 struct dst_entry * ip6_route_output(struct net *net, const struct sock *sk, 1014 struct flowi6 *fl6) 1015 { 1016 int flags = 0; 1017 1018 fl6->flowi6_iif = LOOPBACK_IFINDEX; 1019 1020 if ((sk && sk->sk_bound_dev_if) || rt6_need_strict(&fl6->daddr)) 1021 flags |= RT6_LOOKUP_F_IFACE; 1022 1023 if (!ipv6_addr_any(&fl6->saddr)) 1024 flags |= RT6_LOOKUP_F_HAS_SADDR; 1025 else if (sk) 1026 flags |= rt6_srcprefs2flags(inet6_sk(sk)->srcprefs); 1027 1028 return fib6_rule_lookup(net, fl6, flags, ip6_pol_route_output); 1029 } 1030 1031 EXPORT_SYMBOL(ip6_route_output); 1032 1033 struct dst_entry *ip6_blackhole_route(struct net *net, struct dst_entry *dst_orig) 1034 { 1035 struct rt6_info *rt, *ort = (struct rt6_info *) dst_orig; 1036 struct dst_entry *new = NULL; 1037 1038 rt = dst_alloc(&ip6_dst_blackhole_ops, ort->dst.dev, 1, DST_OBSOLETE_NONE, 0); 1039 if (rt) { 1040 new = &rt->dst; 1041 1042 memset(new + 1, 0, sizeof(*rt) - sizeof(*new)); 1043 rt6_init_peer(rt, net->ipv6.peers); 1044 1045 new->__use = 1; 1046 new->input = dst_discard; 1047 new->output = dst_discard; 1048 1049 if (dst_metrics_read_only(&ort->dst)) 1050 new->_metrics = ort->dst._metrics; 1051 else 1052 dst_copy_metrics(new, &ort->dst); 1053 rt->rt6i_idev = ort->rt6i_idev; 1054 if (rt->rt6i_idev) 1055 in6_dev_hold(rt->rt6i_idev); 1056 1057 rt->rt6i_gateway = ort->rt6i_gateway; 1058 rt->rt6i_flags = ort->rt6i_flags; 1059 rt->rt6i_metric = 0; 1060 1061 memcpy(&rt->rt6i_dst, &ort->rt6i_dst, sizeof(struct rt6key)); 1062 #ifdef CONFIG_IPV6_SUBTREES 1063 memcpy(&rt->rt6i_src, &ort->rt6i_src, sizeof(struct rt6key)); 1064 #endif 1065 1066 dst_free(new); 1067 } 1068 1069 dst_release(dst_orig); 1070 return new ? new : ERR_PTR(-ENOMEM); 1071 } 1072 1073 /* 1074 * Destination cache support functions 1075 */ 1076 1077 static struct dst_entry *ip6_dst_check(struct dst_entry *dst, u32 cookie) 1078 { 1079 struct rt6_info *rt; 1080 1081 rt = (struct rt6_info *) dst; 1082 1083 /* All IPV6 dsts are created with ->obsolete set to the value 1084 * DST_OBSOLETE_FORCE_CHK which forces validation calls down 1085 * into this function always. 1086 */ 1087 if (rt->rt6i_genid != rt_genid_ipv6(dev_net(rt->dst.dev))) 1088 return NULL; 1089 1090 if (!rt->rt6i_node || (rt->rt6i_node->fn_sernum != cookie)) 1091 return NULL; 1092 1093 if (rt6_check_expired(rt)) 1094 return NULL; 1095 1096 return dst; 1097 } 1098 1099 static struct dst_entry *ip6_negative_advice(struct dst_entry *dst) 1100 { 1101 struct rt6_info *rt = (struct rt6_info *) dst; 1102 1103 if (rt) { 1104 if (rt->rt6i_flags & RTF_CACHE) { 1105 if (rt6_check_expired(rt)) { 1106 ip6_del_rt(rt); 1107 dst = NULL; 1108 } 1109 } else { 1110 dst_release(dst); 1111 dst = NULL; 1112 } 1113 } 1114 return dst; 1115 } 1116 1117 static void ip6_link_failure(struct sk_buff *skb) 1118 { 1119 struct rt6_info *rt; 1120 1121 icmpv6_send(skb, ICMPV6_DEST_UNREACH, ICMPV6_ADDR_UNREACH, 0); 1122 1123 rt = (struct rt6_info *) skb_dst(skb); 1124 if (rt) { 1125 if (rt->rt6i_flags & RTF_CACHE) { 1126 dst_hold(&rt->dst); 1127 if (ip6_del_rt(rt)) 1128 dst_free(&rt->dst); 1129 } else if (rt->rt6i_node && (rt->rt6i_flags & RTF_DEFAULT)) { 1130 rt->rt6i_node->fn_sernum = -1; 1131 } 1132 } 1133 } 1134 1135 static void ip6_rt_update_pmtu(struct dst_entry *dst, struct sock *sk, 1136 struct sk_buff *skb, u32 mtu) 1137 { 1138 struct rt6_info *rt6 = (struct rt6_info*)dst; 1139 1140 dst_confirm(dst); 1141 if (mtu < dst_mtu(dst) && rt6->rt6i_dst.plen == 128) { 1142 struct net *net = dev_net(dst->dev); 1143 1144 rt6->rt6i_flags |= RTF_MODIFIED; 1145 if (mtu < IPV6_MIN_MTU) { 1146 u32 features = dst_metric(dst, RTAX_FEATURES); 1147 mtu = IPV6_MIN_MTU; 1148 features |= RTAX_FEATURE_ALLFRAG; 1149 dst_metric_set(dst, RTAX_FEATURES, features); 1150 } 1151 dst_metric_set(dst, RTAX_MTU, mtu); 1152 rt6_update_expires(rt6, net->ipv6.sysctl.ip6_rt_mtu_expires); 1153 } 1154 } 1155 1156 void ip6_update_pmtu(struct sk_buff *skb, struct net *net, __be32 mtu, 1157 int oif, u32 mark) 1158 { 1159 const struct ipv6hdr *iph = (struct ipv6hdr *) skb->data; 1160 struct dst_entry *dst; 1161 struct flowi6 fl6; 1162 1163 memset(&fl6, 0, sizeof(fl6)); 1164 fl6.flowi6_oif = oif; 1165 fl6.flowi6_mark = mark; 1166 fl6.daddr = iph->daddr; 1167 fl6.saddr = iph->saddr; 1168 fl6.flowlabel = ip6_flowinfo(iph); 1169 1170 dst = ip6_route_output(net, NULL, &fl6); 1171 if (!dst->error) 1172 ip6_rt_update_pmtu(dst, NULL, skb, ntohl(mtu)); 1173 dst_release(dst); 1174 } 1175 EXPORT_SYMBOL_GPL(ip6_update_pmtu); 1176 1177 void ip6_sk_update_pmtu(struct sk_buff *skb, struct sock *sk, __be32 mtu) 1178 { 1179 ip6_update_pmtu(skb, sock_net(sk), mtu, 1180 sk->sk_bound_dev_if, sk->sk_mark); 1181 } 1182 EXPORT_SYMBOL_GPL(ip6_sk_update_pmtu); 1183 1184 /* Handle redirects */ 1185 struct ip6rd_flowi { 1186 struct flowi6 fl6; 1187 struct in6_addr gateway; 1188 }; 1189 1190 static struct rt6_info *__ip6_route_redirect(struct net *net, 1191 struct fib6_table *table, 1192 struct flowi6 *fl6, 1193 int flags) 1194 { 1195 struct ip6rd_flowi *rdfl = (struct ip6rd_flowi *)fl6; 1196 struct rt6_info *rt; 1197 struct fib6_node *fn; 1198 1199 /* Get the "current" route for this destination and 1200 * check if the redirect has come from approriate router. 1201 * 1202 * RFC 4861 specifies that redirects should only be 1203 * accepted if they come from the nexthop to the target. 1204 * Due to the way the routes are chosen, this notion 1205 * is a bit fuzzy and one might need to check all possible 1206 * routes. 1207 */ 1208 1209 read_lock_bh(&table->tb6_lock); 1210 fn = fib6_lookup(&table->tb6_root, &fl6->daddr, &fl6->saddr); 1211 restart: 1212 for (rt = fn->leaf; rt; rt = rt->dst.rt6_next) { 1213 if (rt6_check_expired(rt)) 1214 continue; 1215 if (rt->dst.error) 1216 break; 1217 if (!(rt->rt6i_flags & RTF_GATEWAY)) 1218 continue; 1219 if (fl6->flowi6_oif != rt->dst.dev->ifindex) 1220 continue; 1221 if (!ipv6_addr_equal(&rdfl->gateway, &rt->rt6i_gateway)) 1222 continue; 1223 break; 1224 } 1225 1226 if (!rt) 1227 rt = net->ipv6.ip6_null_entry; 1228 else if (rt->dst.error) { 1229 rt = net->ipv6.ip6_null_entry; 1230 goto out; 1231 } 1232 BACKTRACK(net, &fl6->saddr); 1233 out: 1234 dst_hold(&rt->dst); 1235 1236 read_unlock_bh(&table->tb6_lock); 1237 1238 return rt; 1239 }; 1240 1241 static struct dst_entry *ip6_route_redirect(struct net *net, 1242 const struct flowi6 *fl6, 1243 const struct in6_addr *gateway) 1244 { 1245 int flags = RT6_LOOKUP_F_HAS_SADDR; 1246 struct ip6rd_flowi rdfl; 1247 1248 rdfl.fl6 = *fl6; 1249 rdfl.gateway = *gateway; 1250 1251 return fib6_rule_lookup(net, &rdfl.fl6, 1252 flags, __ip6_route_redirect); 1253 } 1254 1255 void ip6_redirect(struct sk_buff *skb, struct net *net, int oif, u32 mark) 1256 { 1257 const struct ipv6hdr *iph = (struct ipv6hdr *) skb->data; 1258 struct dst_entry *dst; 1259 struct flowi6 fl6; 1260 1261 memset(&fl6, 0, sizeof(fl6)); 1262 fl6.flowi6_oif = oif; 1263 fl6.flowi6_mark = mark; 1264 fl6.daddr = iph->daddr; 1265 fl6.saddr = iph->saddr; 1266 fl6.flowlabel = ip6_flowinfo(iph); 1267 1268 dst = ip6_route_redirect(net, &fl6, &ipv6_hdr(skb)->saddr); 1269 rt6_do_redirect(dst, NULL, skb); 1270 dst_release(dst); 1271 } 1272 EXPORT_SYMBOL_GPL(ip6_redirect); 1273 1274 void ip6_redirect_no_header(struct sk_buff *skb, struct net *net, int oif, 1275 u32 mark) 1276 { 1277 const struct ipv6hdr *iph = ipv6_hdr(skb); 1278 const struct rd_msg *msg = (struct rd_msg *)icmp6_hdr(skb); 1279 struct dst_entry *dst; 1280 struct flowi6 fl6; 1281 1282 memset(&fl6, 0, sizeof(fl6)); 1283 fl6.flowi6_oif = oif; 1284 fl6.flowi6_mark = mark; 1285 fl6.daddr = msg->dest; 1286 fl6.saddr = iph->daddr; 1287 1288 dst = ip6_route_redirect(net, &fl6, &iph->saddr); 1289 rt6_do_redirect(dst, NULL, skb); 1290 dst_release(dst); 1291 } 1292 1293 void ip6_sk_redirect(struct sk_buff *skb, struct sock *sk) 1294 { 1295 ip6_redirect(skb, sock_net(sk), sk->sk_bound_dev_if, sk->sk_mark); 1296 } 1297 EXPORT_SYMBOL_GPL(ip6_sk_redirect); 1298 1299 static unsigned int ip6_default_advmss(const struct dst_entry *dst) 1300 { 1301 struct net_device *dev = dst->dev; 1302 unsigned int mtu = dst_mtu(dst); 1303 struct net *net = dev_net(dev); 1304 1305 mtu -= sizeof(struct ipv6hdr) + sizeof(struct tcphdr); 1306 1307 if (mtu < net->ipv6.sysctl.ip6_rt_min_advmss) 1308 mtu = net->ipv6.sysctl.ip6_rt_min_advmss; 1309 1310 /* 1311 * Maximal non-jumbo IPv6 payload is IPV6_MAXPLEN and 1312 * corresponding MSS is IPV6_MAXPLEN - tcp_header_size. 1313 * IPV6_MAXPLEN is also valid and means: "any MSS, 1314 * rely only on pmtu discovery" 1315 */ 1316 if (mtu > IPV6_MAXPLEN - sizeof(struct tcphdr)) 1317 mtu = IPV6_MAXPLEN; 1318 return mtu; 1319 } 1320 1321 static unsigned int ip6_mtu(const struct dst_entry *dst) 1322 { 1323 struct inet6_dev *idev; 1324 unsigned int mtu = dst_metric_raw(dst, RTAX_MTU); 1325 1326 if (mtu) 1327 return mtu; 1328 1329 mtu = IPV6_MIN_MTU; 1330 1331 rcu_read_lock(); 1332 idev = __in6_dev_get(dst->dev); 1333 if (idev) 1334 mtu = idev->cnf.mtu6; 1335 rcu_read_unlock(); 1336 1337 return mtu; 1338 } 1339 1340 static struct dst_entry *icmp6_dst_gc_list; 1341 static DEFINE_SPINLOCK(icmp6_dst_lock); 1342 1343 struct dst_entry *icmp6_dst_alloc(struct net_device *dev, 1344 struct flowi6 *fl6) 1345 { 1346 struct dst_entry *dst; 1347 struct rt6_info *rt; 1348 struct inet6_dev *idev = in6_dev_get(dev); 1349 struct net *net = dev_net(dev); 1350 1351 if (unlikely(!idev)) 1352 return ERR_PTR(-ENODEV); 1353 1354 rt = ip6_dst_alloc(net, dev, 0, NULL); 1355 if (unlikely(!rt)) { 1356 in6_dev_put(idev); 1357 dst = ERR_PTR(-ENOMEM); 1358 goto out; 1359 } 1360 1361 rt->dst.flags |= DST_HOST; 1362 rt->dst.output = ip6_output; 1363 atomic_set(&rt->dst.__refcnt, 1); 1364 rt->rt6i_gateway = fl6->daddr; 1365 rt->rt6i_dst.addr = fl6->daddr; 1366 rt->rt6i_dst.plen = 128; 1367 rt->rt6i_idev = idev; 1368 dst_metric_set(&rt->dst, RTAX_HOPLIMIT, 0); 1369 1370 spin_lock_bh(&icmp6_dst_lock); 1371 rt->dst.next = icmp6_dst_gc_list; 1372 icmp6_dst_gc_list = &rt->dst; 1373 spin_unlock_bh(&icmp6_dst_lock); 1374 1375 fib6_force_start_gc(net); 1376 1377 dst = xfrm_lookup(net, &rt->dst, flowi6_to_flowi(fl6), NULL, 0); 1378 1379 out: 1380 return dst; 1381 } 1382 1383 int icmp6_dst_gc(void) 1384 { 1385 struct dst_entry *dst, **pprev; 1386 int more = 0; 1387 1388 spin_lock_bh(&icmp6_dst_lock); 1389 pprev = &icmp6_dst_gc_list; 1390 1391 while ((dst = *pprev) != NULL) { 1392 if (!atomic_read(&dst->__refcnt)) { 1393 *pprev = dst->next; 1394 dst_free(dst); 1395 } else { 1396 pprev = &dst->next; 1397 ++more; 1398 } 1399 } 1400 1401 spin_unlock_bh(&icmp6_dst_lock); 1402 1403 return more; 1404 } 1405 1406 static void icmp6_clean_all(int (*func)(struct rt6_info *rt, void *arg), 1407 void *arg) 1408 { 1409 struct dst_entry *dst, **pprev; 1410 1411 spin_lock_bh(&icmp6_dst_lock); 1412 pprev = &icmp6_dst_gc_list; 1413 while ((dst = *pprev) != NULL) { 1414 struct rt6_info *rt = (struct rt6_info *) dst; 1415 if (func(rt, arg)) { 1416 *pprev = dst->next; 1417 dst_free(dst); 1418 } else { 1419 pprev = &dst->next; 1420 } 1421 } 1422 spin_unlock_bh(&icmp6_dst_lock); 1423 } 1424 1425 static int ip6_dst_gc(struct dst_ops *ops) 1426 { 1427 struct net *net = container_of(ops, struct net, ipv6.ip6_dst_ops); 1428 int rt_min_interval = net->ipv6.sysctl.ip6_rt_gc_min_interval; 1429 int rt_max_size = net->ipv6.sysctl.ip6_rt_max_size; 1430 int rt_elasticity = net->ipv6.sysctl.ip6_rt_gc_elasticity; 1431 int rt_gc_timeout = net->ipv6.sysctl.ip6_rt_gc_timeout; 1432 unsigned long rt_last_gc = net->ipv6.ip6_rt_last_gc; 1433 int entries; 1434 1435 entries = dst_entries_get_fast(ops); 1436 if (time_after(rt_last_gc + rt_min_interval, jiffies) && 1437 entries <= rt_max_size) 1438 goto out; 1439 1440 net->ipv6.ip6_rt_gc_expire++; 1441 fib6_run_gc(net->ipv6.ip6_rt_gc_expire, net, entries > rt_max_size); 1442 entries = dst_entries_get_slow(ops); 1443 if (entries < ops->gc_thresh) 1444 net->ipv6.ip6_rt_gc_expire = rt_gc_timeout>>1; 1445 out: 1446 net->ipv6.ip6_rt_gc_expire -= net->ipv6.ip6_rt_gc_expire>>rt_elasticity; 1447 return entries > rt_max_size; 1448 } 1449 1450 /* 1451 * 1452 */ 1453 1454 int ip6_route_add(struct fib6_config *cfg) 1455 { 1456 int err; 1457 struct net *net = cfg->fc_nlinfo.nl_net; 1458 struct rt6_info *rt = NULL; 1459 struct net_device *dev = NULL; 1460 struct inet6_dev *idev = NULL; 1461 struct fib6_table *table; 1462 int addr_type; 1463 1464 if (cfg->fc_dst_len > 128 || cfg->fc_src_len > 128) 1465 return -EINVAL; 1466 #ifndef CONFIG_IPV6_SUBTREES 1467 if (cfg->fc_src_len) 1468 return -EINVAL; 1469 #endif 1470 if (cfg->fc_ifindex) { 1471 err = -ENODEV; 1472 dev = dev_get_by_index(net, cfg->fc_ifindex); 1473 if (!dev) 1474 goto out; 1475 idev = in6_dev_get(dev); 1476 if (!idev) 1477 goto out; 1478 } 1479 1480 if (cfg->fc_metric == 0) 1481 cfg->fc_metric = IP6_RT_PRIO_USER; 1482 1483 err = -ENOBUFS; 1484 if (cfg->fc_nlinfo.nlh && 1485 !(cfg->fc_nlinfo.nlh->nlmsg_flags & NLM_F_CREATE)) { 1486 table = fib6_get_table(net, cfg->fc_table); 1487 if (!table) { 1488 pr_warn("NLM_F_CREATE should be specified when creating new route\n"); 1489 table = fib6_new_table(net, cfg->fc_table); 1490 } 1491 } else { 1492 table = fib6_new_table(net, cfg->fc_table); 1493 } 1494 1495 if (!table) 1496 goto out; 1497 1498 rt = ip6_dst_alloc(net, NULL, DST_NOCOUNT, table); 1499 1500 if (!rt) { 1501 err = -ENOMEM; 1502 goto out; 1503 } 1504 1505 if (cfg->fc_flags & RTF_EXPIRES) 1506 rt6_set_expires(rt, jiffies + 1507 clock_t_to_jiffies(cfg->fc_expires)); 1508 else 1509 rt6_clean_expires(rt); 1510 1511 if (cfg->fc_protocol == RTPROT_UNSPEC) 1512 cfg->fc_protocol = RTPROT_BOOT; 1513 rt->rt6i_protocol = cfg->fc_protocol; 1514 1515 addr_type = ipv6_addr_type(&cfg->fc_dst); 1516 1517 if (addr_type & IPV6_ADDR_MULTICAST) 1518 rt->dst.input = ip6_mc_input; 1519 else if (cfg->fc_flags & RTF_LOCAL) 1520 rt->dst.input = ip6_input; 1521 else 1522 rt->dst.input = ip6_forward; 1523 1524 rt->dst.output = ip6_output; 1525 1526 ipv6_addr_prefix(&rt->rt6i_dst.addr, &cfg->fc_dst, cfg->fc_dst_len); 1527 rt->rt6i_dst.plen = cfg->fc_dst_len; 1528 if (rt->rt6i_dst.plen == 128) 1529 rt->dst.flags |= DST_HOST; 1530 1531 if (!(rt->dst.flags & DST_HOST) && cfg->fc_mx) { 1532 u32 *metrics = kzalloc(sizeof(u32) * RTAX_MAX, GFP_KERNEL); 1533 if (!metrics) { 1534 err = -ENOMEM; 1535 goto out; 1536 } 1537 dst_init_metrics(&rt->dst, metrics, 0); 1538 } 1539 #ifdef CONFIG_IPV6_SUBTREES 1540 ipv6_addr_prefix(&rt->rt6i_src.addr, &cfg->fc_src, cfg->fc_src_len); 1541 rt->rt6i_src.plen = cfg->fc_src_len; 1542 #endif 1543 1544 rt->rt6i_metric = cfg->fc_metric; 1545 1546 /* We cannot add true routes via loopback here, 1547 they would result in kernel looping; promote them to reject routes 1548 */ 1549 if ((cfg->fc_flags & RTF_REJECT) || 1550 (dev && (dev->flags & IFF_LOOPBACK) && 1551 !(addr_type & IPV6_ADDR_LOOPBACK) && 1552 !(cfg->fc_flags & RTF_LOCAL))) { 1553 /* hold loopback dev/idev if we haven't done so. */ 1554 if (dev != net->loopback_dev) { 1555 if (dev) { 1556 dev_put(dev); 1557 in6_dev_put(idev); 1558 } 1559 dev = net->loopback_dev; 1560 dev_hold(dev); 1561 idev = in6_dev_get(dev); 1562 if (!idev) { 1563 err = -ENODEV; 1564 goto out; 1565 } 1566 } 1567 rt->rt6i_flags = RTF_REJECT|RTF_NONEXTHOP; 1568 switch (cfg->fc_type) { 1569 case RTN_BLACKHOLE: 1570 rt->dst.error = -EINVAL; 1571 rt->dst.output = dst_discard; 1572 rt->dst.input = dst_discard; 1573 break; 1574 case RTN_PROHIBIT: 1575 rt->dst.error = -EACCES; 1576 rt->dst.output = ip6_pkt_prohibit_out; 1577 rt->dst.input = ip6_pkt_prohibit; 1578 break; 1579 case RTN_THROW: 1580 default: 1581 rt->dst.error = (cfg->fc_type == RTN_THROW) ? -EAGAIN 1582 : -ENETUNREACH; 1583 rt->dst.output = ip6_pkt_discard_out; 1584 rt->dst.input = ip6_pkt_discard; 1585 break; 1586 } 1587 goto install_route; 1588 } 1589 1590 if (cfg->fc_flags & RTF_GATEWAY) { 1591 const struct in6_addr *gw_addr; 1592 int gwa_type; 1593 1594 gw_addr = &cfg->fc_gateway; 1595 rt->rt6i_gateway = *gw_addr; 1596 gwa_type = ipv6_addr_type(gw_addr); 1597 1598 if (gwa_type != (IPV6_ADDR_LINKLOCAL|IPV6_ADDR_UNICAST)) { 1599 struct rt6_info *grt; 1600 1601 /* IPv6 strictly inhibits using not link-local 1602 addresses as nexthop address. 1603 Otherwise, router will not able to send redirects. 1604 It is very good, but in some (rare!) circumstances 1605 (SIT, PtP, NBMA NOARP links) it is handy to allow 1606 some exceptions. --ANK 1607 */ 1608 err = -EINVAL; 1609 if (!(gwa_type & IPV6_ADDR_UNICAST)) 1610 goto out; 1611 1612 grt = rt6_lookup(net, gw_addr, NULL, cfg->fc_ifindex, 1); 1613 1614 err = -EHOSTUNREACH; 1615 if (!grt) 1616 goto out; 1617 if (dev) { 1618 if (dev != grt->dst.dev) { 1619 ip6_rt_put(grt); 1620 goto out; 1621 } 1622 } else { 1623 dev = grt->dst.dev; 1624 idev = grt->rt6i_idev; 1625 dev_hold(dev); 1626 in6_dev_hold(grt->rt6i_idev); 1627 } 1628 if (!(grt->rt6i_flags & RTF_GATEWAY)) 1629 err = 0; 1630 ip6_rt_put(grt); 1631 1632 if (err) 1633 goto out; 1634 } 1635 err = -EINVAL; 1636 if (!dev || (dev->flags & IFF_LOOPBACK)) 1637 goto out; 1638 } 1639 1640 err = -ENODEV; 1641 if (!dev) 1642 goto out; 1643 1644 if (!ipv6_addr_any(&cfg->fc_prefsrc)) { 1645 if (!ipv6_chk_addr(net, &cfg->fc_prefsrc, dev, 0)) { 1646 err = -EINVAL; 1647 goto out; 1648 } 1649 rt->rt6i_prefsrc.addr = cfg->fc_prefsrc; 1650 rt->rt6i_prefsrc.plen = 128; 1651 } else 1652 rt->rt6i_prefsrc.plen = 0; 1653 1654 rt->rt6i_flags = cfg->fc_flags; 1655 1656 install_route: 1657 if (cfg->fc_mx) { 1658 struct nlattr *nla; 1659 int remaining; 1660 1661 nla_for_each_attr(nla, cfg->fc_mx, cfg->fc_mx_len, remaining) { 1662 int type = nla_type(nla); 1663 1664 if (type) { 1665 if (type > RTAX_MAX) { 1666 err = -EINVAL; 1667 goto out; 1668 } 1669 1670 dst_metric_set(&rt->dst, type, nla_get_u32(nla)); 1671 } 1672 } 1673 } 1674 1675 rt->dst.dev = dev; 1676 rt->rt6i_idev = idev; 1677 rt->rt6i_table = table; 1678 1679 cfg->fc_nlinfo.nl_net = dev_net(dev); 1680 1681 return __ip6_ins_rt(rt, &cfg->fc_nlinfo); 1682 1683 out: 1684 if (dev) 1685 dev_put(dev); 1686 if (idev) 1687 in6_dev_put(idev); 1688 if (rt) 1689 dst_free(&rt->dst); 1690 return err; 1691 } 1692 1693 static int __ip6_del_rt(struct rt6_info *rt, struct nl_info *info) 1694 { 1695 int err; 1696 struct fib6_table *table; 1697 struct net *net = dev_net(rt->dst.dev); 1698 1699 if (rt == net->ipv6.ip6_null_entry) { 1700 err = -ENOENT; 1701 goto out; 1702 } 1703 1704 table = rt->rt6i_table; 1705 write_lock_bh(&table->tb6_lock); 1706 err = fib6_del(rt, info); 1707 write_unlock_bh(&table->tb6_lock); 1708 1709 out: 1710 ip6_rt_put(rt); 1711 return err; 1712 } 1713 1714 int ip6_del_rt(struct rt6_info *rt) 1715 { 1716 struct nl_info info = { 1717 .nl_net = dev_net(rt->dst.dev), 1718 }; 1719 return __ip6_del_rt(rt, &info); 1720 } 1721 1722 static int ip6_route_del(struct fib6_config *cfg) 1723 { 1724 struct fib6_table *table; 1725 struct fib6_node *fn; 1726 struct rt6_info *rt; 1727 int err = -ESRCH; 1728 1729 table = fib6_get_table(cfg->fc_nlinfo.nl_net, cfg->fc_table); 1730 if (!table) 1731 return err; 1732 1733 read_lock_bh(&table->tb6_lock); 1734 1735 fn = fib6_locate(&table->tb6_root, 1736 &cfg->fc_dst, cfg->fc_dst_len, 1737 &cfg->fc_src, cfg->fc_src_len); 1738 1739 if (fn) { 1740 for (rt = fn->leaf; rt; rt = rt->dst.rt6_next) { 1741 if (cfg->fc_ifindex && 1742 (!rt->dst.dev || 1743 rt->dst.dev->ifindex != cfg->fc_ifindex)) 1744 continue; 1745 if (cfg->fc_flags & RTF_GATEWAY && 1746 !ipv6_addr_equal(&cfg->fc_gateway, &rt->rt6i_gateway)) 1747 continue; 1748 if (cfg->fc_metric && cfg->fc_metric != rt->rt6i_metric) 1749 continue; 1750 dst_hold(&rt->dst); 1751 read_unlock_bh(&table->tb6_lock); 1752 1753 return __ip6_del_rt(rt, &cfg->fc_nlinfo); 1754 } 1755 } 1756 read_unlock_bh(&table->tb6_lock); 1757 1758 return err; 1759 } 1760 1761 static void rt6_do_redirect(struct dst_entry *dst, struct sock *sk, struct sk_buff *skb) 1762 { 1763 struct net *net = dev_net(skb->dev); 1764 struct netevent_redirect netevent; 1765 struct rt6_info *rt, *nrt = NULL; 1766 struct ndisc_options ndopts; 1767 struct inet6_dev *in6_dev; 1768 struct neighbour *neigh; 1769 struct rd_msg *msg; 1770 int optlen, on_link; 1771 u8 *lladdr; 1772 1773 optlen = skb_tail_pointer(skb) - skb_transport_header(skb); 1774 optlen -= sizeof(*msg); 1775 1776 if (optlen < 0) { 1777 net_dbg_ratelimited("rt6_do_redirect: packet too short\n"); 1778 return; 1779 } 1780 1781 msg = (struct rd_msg *)icmp6_hdr(skb); 1782 1783 if (ipv6_addr_is_multicast(&msg->dest)) { 1784 net_dbg_ratelimited("rt6_do_redirect: destination address is multicast\n"); 1785 return; 1786 } 1787 1788 on_link = 0; 1789 if (ipv6_addr_equal(&msg->dest, &msg->target)) { 1790 on_link = 1; 1791 } else if (ipv6_addr_type(&msg->target) != 1792 (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) { 1793 net_dbg_ratelimited("rt6_do_redirect: target address is not link-local unicast\n"); 1794 return; 1795 } 1796 1797 in6_dev = __in6_dev_get(skb->dev); 1798 if (!in6_dev) 1799 return; 1800 if (in6_dev->cnf.forwarding || !in6_dev->cnf.accept_redirects) 1801 return; 1802 1803 /* RFC2461 8.1: 1804 * The IP source address of the Redirect MUST be the same as the current 1805 * first-hop router for the specified ICMP Destination Address. 1806 */ 1807 1808 if (!ndisc_parse_options(msg->opt, optlen, &ndopts)) { 1809 net_dbg_ratelimited("rt6_redirect: invalid ND options\n"); 1810 return; 1811 } 1812 1813 lladdr = NULL; 1814 if (ndopts.nd_opts_tgt_lladdr) { 1815 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, 1816 skb->dev); 1817 if (!lladdr) { 1818 net_dbg_ratelimited("rt6_redirect: invalid link-layer address length\n"); 1819 return; 1820 } 1821 } 1822 1823 rt = (struct rt6_info *) dst; 1824 if (rt == net->ipv6.ip6_null_entry) { 1825 net_dbg_ratelimited("rt6_redirect: source isn't a valid nexthop for redirect target\n"); 1826 return; 1827 } 1828 1829 /* Redirect received -> path was valid. 1830 * Look, redirects are sent only in response to data packets, 1831 * so that this nexthop apparently is reachable. --ANK 1832 */ 1833 dst_confirm(&rt->dst); 1834 1835 neigh = __neigh_lookup(&nd_tbl, &msg->target, skb->dev, 1); 1836 if (!neigh) 1837 return; 1838 1839 /* 1840 * We have finally decided to accept it. 1841 */ 1842 1843 neigh_update(neigh, lladdr, NUD_STALE, 1844 NEIGH_UPDATE_F_WEAK_OVERRIDE| 1845 NEIGH_UPDATE_F_OVERRIDE| 1846 (on_link ? 0 : (NEIGH_UPDATE_F_OVERRIDE_ISROUTER| 1847 NEIGH_UPDATE_F_ISROUTER)) 1848 ); 1849 1850 nrt = ip6_rt_copy(rt, &msg->dest); 1851 if (!nrt) 1852 goto out; 1853 1854 nrt->rt6i_flags = RTF_GATEWAY|RTF_UP|RTF_DYNAMIC|RTF_CACHE; 1855 if (on_link) 1856 nrt->rt6i_flags &= ~RTF_GATEWAY; 1857 1858 nrt->rt6i_gateway = *(struct in6_addr *)neigh->primary_key; 1859 1860 if (ip6_ins_rt(nrt)) 1861 goto out; 1862 1863 netevent.old = &rt->dst; 1864 netevent.new = &nrt->dst; 1865 netevent.daddr = &msg->dest; 1866 netevent.neigh = neigh; 1867 call_netevent_notifiers(NETEVENT_REDIRECT, &netevent); 1868 1869 if (rt->rt6i_flags & RTF_CACHE) { 1870 rt = (struct rt6_info *) dst_clone(&rt->dst); 1871 ip6_del_rt(rt); 1872 } 1873 1874 out: 1875 neigh_release(neigh); 1876 } 1877 1878 /* 1879 * Misc support functions 1880 */ 1881 1882 static struct rt6_info *ip6_rt_copy(struct rt6_info *ort, 1883 const struct in6_addr *dest) 1884 { 1885 struct net *net = dev_net(ort->dst.dev); 1886 struct rt6_info *rt = ip6_dst_alloc(net, ort->dst.dev, 0, 1887 ort->rt6i_table); 1888 1889 if (rt) { 1890 rt->dst.input = ort->dst.input; 1891 rt->dst.output = ort->dst.output; 1892 rt->dst.flags |= DST_HOST; 1893 1894 rt->rt6i_dst.addr = *dest; 1895 rt->rt6i_dst.plen = 128; 1896 dst_copy_metrics(&rt->dst, &ort->dst); 1897 rt->dst.error = ort->dst.error; 1898 rt->rt6i_idev = ort->rt6i_idev; 1899 if (rt->rt6i_idev) 1900 in6_dev_hold(rt->rt6i_idev); 1901 rt->dst.lastuse = jiffies; 1902 1903 if (ort->rt6i_flags & RTF_GATEWAY) 1904 rt->rt6i_gateway = ort->rt6i_gateway; 1905 else 1906 rt->rt6i_gateway = *dest; 1907 rt->rt6i_flags = ort->rt6i_flags; 1908 if ((ort->rt6i_flags & (RTF_DEFAULT | RTF_ADDRCONF)) == 1909 (RTF_DEFAULT | RTF_ADDRCONF)) 1910 rt6_set_from(rt, ort); 1911 rt->rt6i_metric = 0; 1912 1913 #ifdef CONFIG_IPV6_SUBTREES 1914 memcpy(&rt->rt6i_src, &ort->rt6i_src, sizeof(struct rt6key)); 1915 #endif 1916 memcpy(&rt->rt6i_prefsrc, &ort->rt6i_prefsrc, sizeof(struct rt6key)); 1917 rt->rt6i_table = ort->rt6i_table; 1918 } 1919 return rt; 1920 } 1921 1922 #ifdef CONFIG_IPV6_ROUTE_INFO 1923 static struct rt6_info *rt6_get_route_info(struct net *net, 1924 const struct in6_addr *prefix, int prefixlen, 1925 const struct in6_addr *gwaddr, int ifindex) 1926 { 1927 struct fib6_node *fn; 1928 struct rt6_info *rt = NULL; 1929 struct fib6_table *table; 1930 1931 table = fib6_get_table(net, RT6_TABLE_INFO); 1932 if (!table) 1933 return NULL; 1934 1935 read_lock_bh(&table->tb6_lock); 1936 fn = fib6_locate(&table->tb6_root, prefix ,prefixlen, NULL, 0); 1937 if (!fn) 1938 goto out; 1939 1940 for (rt = fn->leaf; rt; rt = rt->dst.rt6_next) { 1941 if (rt->dst.dev->ifindex != ifindex) 1942 continue; 1943 if ((rt->rt6i_flags & (RTF_ROUTEINFO|RTF_GATEWAY)) != (RTF_ROUTEINFO|RTF_GATEWAY)) 1944 continue; 1945 if (!ipv6_addr_equal(&rt->rt6i_gateway, gwaddr)) 1946 continue; 1947 dst_hold(&rt->dst); 1948 break; 1949 } 1950 out: 1951 read_unlock_bh(&table->tb6_lock); 1952 return rt; 1953 } 1954 1955 static struct rt6_info *rt6_add_route_info(struct net *net, 1956 const struct in6_addr *prefix, int prefixlen, 1957 const struct in6_addr *gwaddr, int ifindex, 1958 unsigned int pref) 1959 { 1960 struct fib6_config cfg = { 1961 .fc_table = RT6_TABLE_INFO, 1962 .fc_metric = IP6_RT_PRIO_USER, 1963 .fc_ifindex = ifindex, 1964 .fc_dst_len = prefixlen, 1965 .fc_flags = RTF_GATEWAY | RTF_ADDRCONF | RTF_ROUTEINFO | 1966 RTF_UP | RTF_PREF(pref), 1967 .fc_nlinfo.portid = 0, 1968 .fc_nlinfo.nlh = NULL, 1969 .fc_nlinfo.nl_net = net, 1970 }; 1971 1972 cfg.fc_dst = *prefix; 1973 cfg.fc_gateway = *gwaddr; 1974 1975 /* We should treat it as a default route if prefix length is 0. */ 1976 if (!prefixlen) 1977 cfg.fc_flags |= RTF_DEFAULT; 1978 1979 ip6_route_add(&cfg); 1980 1981 return rt6_get_route_info(net, prefix, prefixlen, gwaddr, ifindex); 1982 } 1983 #endif 1984 1985 struct rt6_info *rt6_get_dflt_router(const struct in6_addr *addr, struct net_device *dev) 1986 { 1987 struct rt6_info *rt; 1988 struct fib6_table *table; 1989 1990 table = fib6_get_table(dev_net(dev), RT6_TABLE_DFLT); 1991 if (!table) 1992 return NULL; 1993 1994 read_lock_bh(&table->tb6_lock); 1995 for (rt = table->tb6_root.leaf; rt; rt=rt->dst.rt6_next) { 1996 if (dev == rt->dst.dev && 1997 ((rt->rt6i_flags & (RTF_ADDRCONF | RTF_DEFAULT)) == (RTF_ADDRCONF | RTF_DEFAULT)) && 1998 ipv6_addr_equal(&rt->rt6i_gateway, addr)) 1999 break; 2000 } 2001 if (rt) 2002 dst_hold(&rt->dst); 2003 read_unlock_bh(&table->tb6_lock); 2004 return rt; 2005 } 2006 2007 struct rt6_info *rt6_add_dflt_router(const struct in6_addr *gwaddr, 2008 struct net_device *dev, 2009 unsigned int pref) 2010 { 2011 struct fib6_config cfg = { 2012 .fc_table = RT6_TABLE_DFLT, 2013 .fc_metric = IP6_RT_PRIO_USER, 2014 .fc_ifindex = dev->ifindex, 2015 .fc_flags = RTF_GATEWAY | RTF_ADDRCONF | RTF_DEFAULT | 2016 RTF_UP | RTF_EXPIRES | RTF_PREF(pref), 2017 .fc_nlinfo.portid = 0, 2018 .fc_nlinfo.nlh = NULL, 2019 .fc_nlinfo.nl_net = dev_net(dev), 2020 }; 2021 2022 cfg.fc_gateway = *gwaddr; 2023 2024 ip6_route_add(&cfg); 2025 2026 return rt6_get_dflt_router(gwaddr, dev); 2027 } 2028 2029 void rt6_purge_dflt_routers(struct net *net) 2030 { 2031 struct rt6_info *rt; 2032 struct fib6_table *table; 2033 2034 /* NOTE: Keep consistent with rt6_get_dflt_router */ 2035 table = fib6_get_table(net, RT6_TABLE_DFLT); 2036 if (!table) 2037 return; 2038 2039 restart: 2040 read_lock_bh(&table->tb6_lock); 2041 for (rt = table->tb6_root.leaf; rt; rt = rt->dst.rt6_next) { 2042 if (rt->rt6i_flags & (RTF_DEFAULT | RTF_ADDRCONF) && 2043 (!rt->rt6i_idev || rt->rt6i_idev->cnf.accept_ra != 2)) { 2044 dst_hold(&rt->dst); 2045 read_unlock_bh(&table->tb6_lock); 2046 ip6_del_rt(rt); 2047 goto restart; 2048 } 2049 } 2050 read_unlock_bh(&table->tb6_lock); 2051 } 2052 2053 static void rtmsg_to_fib6_config(struct net *net, 2054 struct in6_rtmsg *rtmsg, 2055 struct fib6_config *cfg) 2056 { 2057 memset(cfg, 0, sizeof(*cfg)); 2058 2059 cfg->fc_table = RT6_TABLE_MAIN; 2060 cfg->fc_ifindex = rtmsg->rtmsg_ifindex; 2061 cfg->fc_metric = rtmsg->rtmsg_metric; 2062 cfg->fc_expires = rtmsg->rtmsg_info; 2063 cfg->fc_dst_len = rtmsg->rtmsg_dst_len; 2064 cfg->fc_src_len = rtmsg->rtmsg_src_len; 2065 cfg->fc_flags = rtmsg->rtmsg_flags; 2066 2067 cfg->fc_nlinfo.nl_net = net; 2068 2069 cfg->fc_dst = rtmsg->rtmsg_dst; 2070 cfg->fc_src = rtmsg->rtmsg_src; 2071 cfg->fc_gateway = rtmsg->rtmsg_gateway; 2072 } 2073 2074 int ipv6_route_ioctl(struct net *net, unsigned int cmd, void __user *arg) 2075 { 2076 struct fib6_config cfg; 2077 struct in6_rtmsg rtmsg; 2078 int err; 2079 2080 switch(cmd) { 2081 case SIOCADDRT: /* Add a route */ 2082 case SIOCDELRT: /* Delete a route */ 2083 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) 2084 return -EPERM; 2085 err = copy_from_user(&rtmsg, arg, 2086 sizeof(struct in6_rtmsg)); 2087 if (err) 2088 return -EFAULT; 2089 2090 rtmsg_to_fib6_config(net, &rtmsg, &cfg); 2091 2092 rtnl_lock(); 2093 switch (cmd) { 2094 case SIOCADDRT: 2095 err = ip6_route_add(&cfg); 2096 break; 2097 case SIOCDELRT: 2098 err = ip6_route_del(&cfg); 2099 break; 2100 default: 2101 err = -EINVAL; 2102 } 2103 rtnl_unlock(); 2104 2105 return err; 2106 } 2107 2108 return -EINVAL; 2109 } 2110 2111 /* 2112 * Drop the packet on the floor 2113 */ 2114 2115 static int ip6_pkt_drop(struct sk_buff *skb, u8 code, int ipstats_mib_noroutes) 2116 { 2117 int type; 2118 struct dst_entry *dst = skb_dst(skb); 2119 switch (ipstats_mib_noroutes) { 2120 case IPSTATS_MIB_INNOROUTES: 2121 type = ipv6_addr_type(&ipv6_hdr(skb)->daddr); 2122 if (type == IPV6_ADDR_ANY) { 2123 IP6_INC_STATS(dev_net(dst->dev), ip6_dst_idev(dst), 2124 IPSTATS_MIB_INADDRERRORS); 2125 break; 2126 } 2127 /* FALLTHROUGH */ 2128 case IPSTATS_MIB_OUTNOROUTES: 2129 IP6_INC_STATS(dev_net(dst->dev), ip6_dst_idev(dst), 2130 ipstats_mib_noroutes); 2131 break; 2132 } 2133 icmpv6_send(skb, ICMPV6_DEST_UNREACH, code, 0); 2134 kfree_skb(skb); 2135 return 0; 2136 } 2137 2138 static int ip6_pkt_discard(struct sk_buff *skb) 2139 { 2140 return ip6_pkt_drop(skb, ICMPV6_NOROUTE, IPSTATS_MIB_INNOROUTES); 2141 } 2142 2143 static int ip6_pkt_discard_out(struct sk_buff *skb) 2144 { 2145 skb->dev = skb_dst(skb)->dev; 2146 return ip6_pkt_drop(skb, ICMPV6_NOROUTE, IPSTATS_MIB_OUTNOROUTES); 2147 } 2148 2149 static int ip6_pkt_prohibit(struct sk_buff *skb) 2150 { 2151 return ip6_pkt_drop(skb, ICMPV6_ADM_PROHIBITED, IPSTATS_MIB_INNOROUTES); 2152 } 2153 2154 static int ip6_pkt_prohibit_out(struct sk_buff *skb) 2155 { 2156 skb->dev = skb_dst(skb)->dev; 2157 return ip6_pkt_drop(skb, ICMPV6_ADM_PROHIBITED, IPSTATS_MIB_OUTNOROUTES); 2158 } 2159 2160 /* 2161 * Allocate a dst for local (unicast / anycast) address. 2162 */ 2163 2164 struct rt6_info *addrconf_dst_alloc(struct inet6_dev *idev, 2165 const struct in6_addr *addr, 2166 bool anycast) 2167 { 2168 struct net *net = dev_net(idev->dev); 2169 struct rt6_info *rt = ip6_dst_alloc(net, net->loopback_dev, 2170 DST_NOCOUNT, NULL); 2171 if (!rt) 2172 return ERR_PTR(-ENOMEM); 2173 2174 in6_dev_hold(idev); 2175 2176 rt->dst.flags |= DST_HOST; 2177 rt->dst.input = ip6_input; 2178 rt->dst.output = ip6_output; 2179 rt->rt6i_idev = idev; 2180 2181 rt->rt6i_flags = RTF_UP | RTF_NONEXTHOP; 2182 if (anycast) 2183 rt->rt6i_flags |= RTF_ANYCAST; 2184 else 2185 rt->rt6i_flags |= RTF_LOCAL; 2186 2187 rt->rt6i_gateway = *addr; 2188 rt->rt6i_dst.addr = *addr; 2189 rt->rt6i_dst.plen = 128; 2190 rt->rt6i_table = fib6_get_table(net, RT6_TABLE_LOCAL); 2191 2192 atomic_set(&rt->dst.__refcnt, 1); 2193 2194 return rt; 2195 } 2196 2197 int ip6_route_get_saddr(struct net *net, 2198 struct rt6_info *rt, 2199 const struct in6_addr *daddr, 2200 unsigned int prefs, 2201 struct in6_addr *saddr) 2202 { 2203 struct inet6_dev *idev = ip6_dst_idev((struct dst_entry*)rt); 2204 int err = 0; 2205 if (rt->rt6i_prefsrc.plen) 2206 *saddr = rt->rt6i_prefsrc.addr; 2207 else 2208 err = ipv6_dev_get_saddr(net, idev ? idev->dev : NULL, 2209 daddr, prefs, saddr); 2210 return err; 2211 } 2212 2213 /* remove deleted ip from prefsrc entries */ 2214 struct arg_dev_net_ip { 2215 struct net_device *dev; 2216 struct net *net; 2217 struct in6_addr *addr; 2218 }; 2219 2220 static int fib6_remove_prefsrc(struct rt6_info *rt, void *arg) 2221 { 2222 struct net_device *dev = ((struct arg_dev_net_ip *)arg)->dev; 2223 struct net *net = ((struct arg_dev_net_ip *)arg)->net; 2224 struct in6_addr *addr = ((struct arg_dev_net_ip *)arg)->addr; 2225 2226 if (((void *)rt->dst.dev == dev || !dev) && 2227 rt != net->ipv6.ip6_null_entry && 2228 ipv6_addr_equal(addr, &rt->rt6i_prefsrc.addr)) { 2229 /* remove prefsrc entry */ 2230 rt->rt6i_prefsrc.plen = 0; 2231 } 2232 return 0; 2233 } 2234 2235 void rt6_remove_prefsrc(struct inet6_ifaddr *ifp) 2236 { 2237 struct net *net = dev_net(ifp->idev->dev); 2238 struct arg_dev_net_ip adni = { 2239 .dev = ifp->idev->dev, 2240 .net = net, 2241 .addr = &ifp->addr, 2242 }; 2243 fib6_clean_all(net, fib6_remove_prefsrc, 0, &adni); 2244 } 2245 2246 struct arg_dev_net { 2247 struct net_device *dev; 2248 struct net *net; 2249 }; 2250 2251 static int fib6_ifdown(struct rt6_info *rt, void *arg) 2252 { 2253 const struct arg_dev_net *adn = arg; 2254 const struct net_device *dev = adn->dev; 2255 2256 if ((rt->dst.dev == dev || !dev) && 2257 rt != adn->net->ipv6.ip6_null_entry) 2258 return -1; 2259 2260 return 0; 2261 } 2262 2263 void rt6_ifdown(struct net *net, struct net_device *dev) 2264 { 2265 struct arg_dev_net adn = { 2266 .dev = dev, 2267 .net = net, 2268 }; 2269 2270 fib6_clean_all(net, fib6_ifdown, 0, &adn); 2271 icmp6_clean_all(fib6_ifdown, &adn); 2272 } 2273 2274 struct rt6_mtu_change_arg { 2275 struct net_device *dev; 2276 unsigned int mtu; 2277 }; 2278 2279 static int rt6_mtu_change_route(struct rt6_info *rt, void *p_arg) 2280 { 2281 struct rt6_mtu_change_arg *arg = (struct rt6_mtu_change_arg *) p_arg; 2282 struct inet6_dev *idev; 2283 2284 /* In IPv6 pmtu discovery is not optional, 2285 so that RTAX_MTU lock cannot disable it. 2286 We still use this lock to block changes 2287 caused by addrconf/ndisc. 2288 */ 2289 2290 idev = __in6_dev_get(arg->dev); 2291 if (!idev) 2292 return 0; 2293 2294 /* For administrative MTU increase, there is no way to discover 2295 IPv6 PMTU increase, so PMTU increase should be updated here. 2296 Since RFC 1981 doesn't include administrative MTU increase 2297 update PMTU increase is a MUST. (i.e. jumbo frame) 2298 */ 2299 /* 2300 If new MTU is less than route PMTU, this new MTU will be the 2301 lowest MTU in the path, update the route PMTU to reflect PMTU 2302 decreases; if new MTU is greater than route PMTU, and the 2303 old MTU is the lowest MTU in the path, update the route PMTU 2304 to reflect the increase. In this case if the other nodes' MTU 2305 also have the lowest MTU, TOO BIG MESSAGE will be lead to 2306 PMTU discouvery. 2307 */ 2308 if (rt->dst.dev == arg->dev && 2309 !dst_metric_locked(&rt->dst, RTAX_MTU) && 2310 (dst_mtu(&rt->dst) >= arg->mtu || 2311 (dst_mtu(&rt->dst) < arg->mtu && 2312 dst_mtu(&rt->dst) == idev->cnf.mtu6))) { 2313 dst_metric_set(&rt->dst, RTAX_MTU, arg->mtu); 2314 } 2315 return 0; 2316 } 2317 2318 void rt6_mtu_change(struct net_device *dev, unsigned int mtu) 2319 { 2320 struct rt6_mtu_change_arg arg = { 2321 .dev = dev, 2322 .mtu = mtu, 2323 }; 2324 2325 fib6_clean_all(dev_net(dev), rt6_mtu_change_route, 0, &arg); 2326 } 2327 2328 static const struct nla_policy rtm_ipv6_policy[RTA_MAX+1] = { 2329 [RTA_GATEWAY] = { .len = sizeof(struct in6_addr) }, 2330 [RTA_OIF] = { .type = NLA_U32 }, 2331 [RTA_IIF] = { .type = NLA_U32 }, 2332 [RTA_PRIORITY] = { .type = NLA_U32 }, 2333 [RTA_METRICS] = { .type = NLA_NESTED }, 2334 [RTA_MULTIPATH] = { .len = sizeof(struct rtnexthop) }, 2335 }; 2336 2337 static int rtm_to_fib6_config(struct sk_buff *skb, struct nlmsghdr *nlh, 2338 struct fib6_config *cfg) 2339 { 2340 struct rtmsg *rtm; 2341 struct nlattr *tb[RTA_MAX+1]; 2342 int err; 2343 2344 err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_ipv6_policy); 2345 if (err < 0) 2346 goto errout; 2347 2348 err = -EINVAL; 2349 rtm = nlmsg_data(nlh); 2350 memset(cfg, 0, sizeof(*cfg)); 2351 2352 cfg->fc_table = rtm->rtm_table; 2353 cfg->fc_dst_len = rtm->rtm_dst_len; 2354 cfg->fc_src_len = rtm->rtm_src_len; 2355 cfg->fc_flags = RTF_UP; 2356 cfg->fc_protocol = rtm->rtm_protocol; 2357 cfg->fc_type = rtm->rtm_type; 2358 2359 if (rtm->rtm_type == RTN_UNREACHABLE || 2360 rtm->rtm_type == RTN_BLACKHOLE || 2361 rtm->rtm_type == RTN_PROHIBIT || 2362 rtm->rtm_type == RTN_THROW) 2363 cfg->fc_flags |= RTF_REJECT; 2364 2365 if (rtm->rtm_type == RTN_LOCAL) 2366 cfg->fc_flags |= RTF_LOCAL; 2367 2368 cfg->fc_nlinfo.portid = NETLINK_CB(skb).portid; 2369 cfg->fc_nlinfo.nlh = nlh; 2370 cfg->fc_nlinfo.nl_net = sock_net(skb->sk); 2371 2372 if (tb[RTA_GATEWAY]) { 2373 nla_memcpy(&cfg->fc_gateway, tb[RTA_GATEWAY], 16); 2374 cfg->fc_flags |= RTF_GATEWAY; 2375 } 2376 2377 if (tb[RTA_DST]) { 2378 int plen = (rtm->rtm_dst_len + 7) >> 3; 2379 2380 if (nla_len(tb[RTA_DST]) < plen) 2381 goto errout; 2382 2383 nla_memcpy(&cfg->fc_dst, tb[RTA_DST], plen); 2384 } 2385 2386 if (tb[RTA_SRC]) { 2387 int plen = (rtm->rtm_src_len + 7) >> 3; 2388 2389 if (nla_len(tb[RTA_SRC]) < plen) 2390 goto errout; 2391 2392 nla_memcpy(&cfg->fc_src, tb[RTA_SRC], plen); 2393 } 2394 2395 if (tb[RTA_PREFSRC]) 2396 nla_memcpy(&cfg->fc_prefsrc, tb[RTA_PREFSRC], 16); 2397 2398 if (tb[RTA_OIF]) 2399 cfg->fc_ifindex = nla_get_u32(tb[RTA_OIF]); 2400 2401 if (tb[RTA_PRIORITY]) 2402 cfg->fc_metric = nla_get_u32(tb[RTA_PRIORITY]); 2403 2404 if (tb[RTA_METRICS]) { 2405 cfg->fc_mx = nla_data(tb[RTA_METRICS]); 2406 cfg->fc_mx_len = nla_len(tb[RTA_METRICS]); 2407 } 2408 2409 if (tb[RTA_TABLE]) 2410 cfg->fc_table = nla_get_u32(tb[RTA_TABLE]); 2411 2412 if (tb[RTA_MULTIPATH]) { 2413 cfg->fc_mp = nla_data(tb[RTA_MULTIPATH]); 2414 cfg->fc_mp_len = nla_len(tb[RTA_MULTIPATH]); 2415 } 2416 2417 err = 0; 2418 errout: 2419 return err; 2420 } 2421 2422 static int ip6_route_multipath(struct fib6_config *cfg, int add) 2423 { 2424 struct fib6_config r_cfg; 2425 struct rtnexthop *rtnh; 2426 int remaining; 2427 int attrlen; 2428 int err = 0, last_err = 0; 2429 2430 beginning: 2431 rtnh = (struct rtnexthop *)cfg->fc_mp; 2432 remaining = cfg->fc_mp_len; 2433 2434 /* Parse a Multipath Entry */ 2435 while (rtnh_ok(rtnh, remaining)) { 2436 memcpy(&r_cfg, cfg, sizeof(*cfg)); 2437 if (rtnh->rtnh_ifindex) 2438 r_cfg.fc_ifindex = rtnh->rtnh_ifindex; 2439 2440 attrlen = rtnh_attrlen(rtnh); 2441 if (attrlen > 0) { 2442 struct nlattr *nla, *attrs = rtnh_attrs(rtnh); 2443 2444 nla = nla_find(attrs, attrlen, RTA_GATEWAY); 2445 if (nla) { 2446 nla_memcpy(&r_cfg.fc_gateway, nla, 16); 2447 r_cfg.fc_flags |= RTF_GATEWAY; 2448 } 2449 } 2450 err = add ? ip6_route_add(&r_cfg) : ip6_route_del(&r_cfg); 2451 if (err) { 2452 last_err = err; 2453 /* If we are trying to remove a route, do not stop the 2454 * loop when ip6_route_del() fails (because next hop is 2455 * already gone), we should try to remove all next hops. 2456 */ 2457 if (add) { 2458 /* If add fails, we should try to delete all 2459 * next hops that have been already added. 2460 */ 2461 add = 0; 2462 goto beginning; 2463 } 2464 } 2465 /* Because each route is added like a single route we remove 2466 * this flag after the first nexthop (if there is a collision, 2467 * we have already fail to add the first nexthop: 2468 * fib6_add_rt2node() has reject it). 2469 */ 2470 cfg->fc_nlinfo.nlh->nlmsg_flags &= ~NLM_F_EXCL; 2471 rtnh = rtnh_next(rtnh, &remaining); 2472 } 2473 2474 return last_err; 2475 } 2476 2477 static int inet6_rtm_delroute(struct sk_buff *skb, struct nlmsghdr* nlh) 2478 { 2479 struct fib6_config cfg; 2480 int err; 2481 2482 err = rtm_to_fib6_config(skb, nlh, &cfg); 2483 if (err < 0) 2484 return err; 2485 2486 if (cfg.fc_mp) 2487 return ip6_route_multipath(&cfg, 0); 2488 else 2489 return ip6_route_del(&cfg); 2490 } 2491 2492 static int inet6_rtm_newroute(struct sk_buff *skb, struct nlmsghdr* nlh) 2493 { 2494 struct fib6_config cfg; 2495 int err; 2496 2497 err = rtm_to_fib6_config(skb, nlh, &cfg); 2498 if (err < 0) 2499 return err; 2500 2501 if (cfg.fc_mp) 2502 return ip6_route_multipath(&cfg, 1); 2503 else 2504 return ip6_route_add(&cfg); 2505 } 2506 2507 static inline size_t rt6_nlmsg_size(void) 2508 { 2509 return NLMSG_ALIGN(sizeof(struct rtmsg)) 2510 + nla_total_size(16) /* RTA_SRC */ 2511 + nla_total_size(16) /* RTA_DST */ 2512 + nla_total_size(16) /* RTA_GATEWAY */ 2513 + nla_total_size(16) /* RTA_PREFSRC */ 2514 + nla_total_size(4) /* RTA_TABLE */ 2515 + nla_total_size(4) /* RTA_IIF */ 2516 + nla_total_size(4) /* RTA_OIF */ 2517 + nla_total_size(4) /* RTA_PRIORITY */ 2518 + RTAX_MAX * nla_total_size(4) /* RTA_METRICS */ 2519 + nla_total_size(sizeof(struct rta_cacheinfo)); 2520 } 2521 2522 static int rt6_fill_node(struct net *net, 2523 struct sk_buff *skb, struct rt6_info *rt, 2524 struct in6_addr *dst, struct in6_addr *src, 2525 int iif, int type, u32 portid, u32 seq, 2526 int prefix, int nowait, unsigned int flags) 2527 { 2528 struct rtmsg *rtm; 2529 struct nlmsghdr *nlh; 2530 long expires; 2531 u32 table; 2532 2533 if (prefix) { /* user wants prefix routes only */ 2534 if (!(rt->rt6i_flags & RTF_PREFIX_RT)) { 2535 /* success since this is not a prefix route */ 2536 return 1; 2537 } 2538 } 2539 2540 nlh = nlmsg_put(skb, portid, seq, type, sizeof(*rtm), flags); 2541 if (!nlh) 2542 return -EMSGSIZE; 2543 2544 rtm = nlmsg_data(nlh); 2545 rtm->rtm_family = AF_INET6; 2546 rtm->rtm_dst_len = rt->rt6i_dst.plen; 2547 rtm->rtm_src_len = rt->rt6i_src.plen; 2548 rtm->rtm_tos = 0; 2549 if (rt->rt6i_table) 2550 table = rt->rt6i_table->tb6_id; 2551 else 2552 table = RT6_TABLE_UNSPEC; 2553 rtm->rtm_table = table; 2554 if (nla_put_u32(skb, RTA_TABLE, table)) 2555 goto nla_put_failure; 2556 if (rt->rt6i_flags & RTF_REJECT) { 2557 switch (rt->dst.error) { 2558 case -EINVAL: 2559 rtm->rtm_type = RTN_BLACKHOLE; 2560 break; 2561 case -EACCES: 2562 rtm->rtm_type = RTN_PROHIBIT; 2563 break; 2564 case -EAGAIN: 2565 rtm->rtm_type = RTN_THROW; 2566 break; 2567 default: 2568 rtm->rtm_type = RTN_UNREACHABLE; 2569 break; 2570 } 2571 } 2572 else if (rt->rt6i_flags & RTF_LOCAL) 2573 rtm->rtm_type = RTN_LOCAL; 2574 else if (rt->dst.dev && (rt->dst.dev->flags & IFF_LOOPBACK)) 2575 rtm->rtm_type = RTN_LOCAL; 2576 else 2577 rtm->rtm_type = RTN_UNICAST; 2578 rtm->rtm_flags = 0; 2579 rtm->rtm_scope = RT_SCOPE_UNIVERSE; 2580 rtm->rtm_protocol = rt->rt6i_protocol; 2581 if (rt->rt6i_flags & RTF_DYNAMIC) 2582 rtm->rtm_protocol = RTPROT_REDIRECT; 2583 else if (rt->rt6i_flags & RTF_ADDRCONF) { 2584 if (rt->rt6i_flags & (RTF_DEFAULT | RTF_ROUTEINFO)) 2585 rtm->rtm_protocol = RTPROT_RA; 2586 else 2587 rtm->rtm_protocol = RTPROT_KERNEL; 2588 } 2589 2590 if (rt->rt6i_flags & RTF_CACHE) 2591 rtm->rtm_flags |= RTM_F_CLONED; 2592 2593 if (dst) { 2594 if (nla_put(skb, RTA_DST, 16, dst)) 2595 goto nla_put_failure; 2596 rtm->rtm_dst_len = 128; 2597 } else if (rtm->rtm_dst_len) 2598 if (nla_put(skb, RTA_DST, 16, &rt->rt6i_dst.addr)) 2599 goto nla_put_failure; 2600 #ifdef CONFIG_IPV6_SUBTREES 2601 if (src) { 2602 if (nla_put(skb, RTA_SRC, 16, src)) 2603 goto nla_put_failure; 2604 rtm->rtm_src_len = 128; 2605 } else if (rtm->rtm_src_len && 2606 nla_put(skb, RTA_SRC, 16, &rt->rt6i_src.addr)) 2607 goto nla_put_failure; 2608 #endif 2609 if (iif) { 2610 #ifdef CONFIG_IPV6_MROUTE 2611 if (ipv6_addr_is_multicast(&rt->rt6i_dst.addr)) { 2612 int err = ip6mr_get_route(net, skb, rtm, nowait); 2613 if (err <= 0) { 2614 if (!nowait) { 2615 if (err == 0) 2616 return 0; 2617 goto nla_put_failure; 2618 } else { 2619 if (err == -EMSGSIZE) 2620 goto nla_put_failure; 2621 } 2622 } 2623 } else 2624 #endif 2625 if (nla_put_u32(skb, RTA_IIF, iif)) 2626 goto nla_put_failure; 2627 } else if (dst) { 2628 struct in6_addr saddr_buf; 2629 if (ip6_route_get_saddr(net, rt, dst, 0, &saddr_buf) == 0 && 2630 nla_put(skb, RTA_PREFSRC, 16, &saddr_buf)) 2631 goto nla_put_failure; 2632 } 2633 2634 if (rt->rt6i_prefsrc.plen) { 2635 struct in6_addr saddr_buf; 2636 saddr_buf = rt->rt6i_prefsrc.addr; 2637 if (nla_put(skb, RTA_PREFSRC, 16, &saddr_buf)) 2638 goto nla_put_failure; 2639 } 2640 2641 if (rtnetlink_put_metrics(skb, dst_metrics_ptr(&rt->dst)) < 0) 2642 goto nla_put_failure; 2643 2644 if (rt->rt6i_flags & RTF_GATEWAY) { 2645 if (nla_put(skb, RTA_GATEWAY, 16, &rt->rt6i_gateway) < 0) 2646 goto nla_put_failure; 2647 } 2648 2649 if (rt->dst.dev && 2650 nla_put_u32(skb, RTA_OIF, rt->dst.dev->ifindex)) 2651 goto nla_put_failure; 2652 if (nla_put_u32(skb, RTA_PRIORITY, rt->rt6i_metric)) 2653 goto nla_put_failure; 2654 2655 expires = (rt->rt6i_flags & RTF_EXPIRES) ? rt->dst.expires - jiffies : 0; 2656 2657 if (rtnl_put_cacheinfo(skb, &rt->dst, 0, expires, rt->dst.error) < 0) 2658 goto nla_put_failure; 2659 2660 return nlmsg_end(skb, nlh); 2661 2662 nla_put_failure: 2663 nlmsg_cancel(skb, nlh); 2664 return -EMSGSIZE; 2665 } 2666 2667 int rt6_dump_route(struct rt6_info *rt, void *p_arg) 2668 { 2669 struct rt6_rtnl_dump_arg *arg = (struct rt6_rtnl_dump_arg *) p_arg; 2670 int prefix; 2671 2672 if (nlmsg_len(arg->cb->nlh) >= sizeof(struct rtmsg)) { 2673 struct rtmsg *rtm = nlmsg_data(arg->cb->nlh); 2674 prefix = (rtm->rtm_flags & RTM_F_PREFIX) != 0; 2675 } else 2676 prefix = 0; 2677 2678 return rt6_fill_node(arg->net, 2679 arg->skb, rt, NULL, NULL, 0, RTM_NEWROUTE, 2680 NETLINK_CB(arg->cb->skb).portid, arg->cb->nlh->nlmsg_seq, 2681 prefix, 0, NLM_F_MULTI); 2682 } 2683 2684 static int inet6_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr* nlh) 2685 { 2686 struct net *net = sock_net(in_skb->sk); 2687 struct nlattr *tb[RTA_MAX+1]; 2688 struct rt6_info *rt; 2689 struct sk_buff *skb; 2690 struct rtmsg *rtm; 2691 struct flowi6 fl6; 2692 int err, iif = 0, oif = 0; 2693 2694 err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_ipv6_policy); 2695 if (err < 0) 2696 goto errout; 2697 2698 err = -EINVAL; 2699 memset(&fl6, 0, sizeof(fl6)); 2700 2701 if (tb[RTA_SRC]) { 2702 if (nla_len(tb[RTA_SRC]) < sizeof(struct in6_addr)) 2703 goto errout; 2704 2705 fl6.saddr = *(struct in6_addr *)nla_data(tb[RTA_SRC]); 2706 } 2707 2708 if (tb[RTA_DST]) { 2709 if (nla_len(tb[RTA_DST]) < sizeof(struct in6_addr)) 2710 goto errout; 2711 2712 fl6.daddr = *(struct in6_addr *)nla_data(tb[RTA_DST]); 2713 } 2714 2715 if (tb[RTA_IIF]) 2716 iif = nla_get_u32(tb[RTA_IIF]); 2717 2718 if (tb[RTA_OIF]) 2719 oif = nla_get_u32(tb[RTA_OIF]); 2720 2721 if (iif) { 2722 struct net_device *dev; 2723 int flags = 0; 2724 2725 dev = __dev_get_by_index(net, iif); 2726 if (!dev) { 2727 err = -ENODEV; 2728 goto errout; 2729 } 2730 2731 fl6.flowi6_iif = iif; 2732 2733 if (!ipv6_addr_any(&fl6.saddr)) 2734 flags |= RT6_LOOKUP_F_HAS_SADDR; 2735 2736 rt = (struct rt6_info *)ip6_route_input_lookup(net, dev, &fl6, 2737 flags); 2738 } else { 2739 fl6.flowi6_oif = oif; 2740 2741 rt = (struct rt6_info *)ip6_route_output(net, NULL, &fl6); 2742 } 2743 2744 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL); 2745 if (!skb) { 2746 ip6_rt_put(rt); 2747 err = -ENOBUFS; 2748 goto errout; 2749 } 2750 2751 /* Reserve room for dummy headers, this skb can pass 2752 through good chunk of routing engine. 2753 */ 2754 skb_reset_mac_header(skb); 2755 skb_reserve(skb, MAX_HEADER + sizeof(struct ipv6hdr)); 2756 2757 skb_dst_set(skb, &rt->dst); 2758 2759 err = rt6_fill_node(net, skb, rt, &fl6.daddr, &fl6.saddr, iif, 2760 RTM_NEWROUTE, NETLINK_CB(in_skb).portid, 2761 nlh->nlmsg_seq, 0, 0, 0); 2762 if (err < 0) { 2763 kfree_skb(skb); 2764 goto errout; 2765 } 2766 2767 err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).portid); 2768 errout: 2769 return err; 2770 } 2771 2772 void inet6_rt_notify(int event, struct rt6_info *rt, struct nl_info *info) 2773 { 2774 struct sk_buff *skb; 2775 struct net *net = info->nl_net; 2776 u32 seq; 2777 int err; 2778 2779 err = -ENOBUFS; 2780 seq = info->nlh ? info->nlh->nlmsg_seq : 0; 2781 2782 skb = nlmsg_new(rt6_nlmsg_size(), gfp_any()); 2783 if (!skb) 2784 goto errout; 2785 2786 err = rt6_fill_node(net, skb, rt, NULL, NULL, 0, 2787 event, info->portid, seq, 0, 0, 0); 2788 if (err < 0) { 2789 /* -EMSGSIZE implies BUG in rt6_nlmsg_size() */ 2790 WARN_ON(err == -EMSGSIZE); 2791 kfree_skb(skb); 2792 goto errout; 2793 } 2794 rtnl_notify(skb, net, info->portid, RTNLGRP_IPV6_ROUTE, 2795 info->nlh, gfp_any()); 2796 return; 2797 errout: 2798 if (err < 0) 2799 rtnl_set_sk_err(net, RTNLGRP_IPV6_ROUTE, err); 2800 } 2801 2802 static int ip6_route_dev_notify(struct notifier_block *this, 2803 unsigned long event, void *ptr) 2804 { 2805 struct net_device *dev = netdev_notifier_info_to_dev(ptr); 2806 struct net *net = dev_net(dev); 2807 2808 if (event == NETDEV_REGISTER && (dev->flags & IFF_LOOPBACK)) { 2809 net->ipv6.ip6_null_entry->dst.dev = dev; 2810 net->ipv6.ip6_null_entry->rt6i_idev = in6_dev_get(dev); 2811 #ifdef CONFIG_IPV6_MULTIPLE_TABLES 2812 net->ipv6.ip6_prohibit_entry->dst.dev = dev; 2813 net->ipv6.ip6_prohibit_entry->rt6i_idev = in6_dev_get(dev); 2814 net->ipv6.ip6_blk_hole_entry->dst.dev = dev; 2815 net->ipv6.ip6_blk_hole_entry->rt6i_idev = in6_dev_get(dev); 2816 #endif 2817 } 2818 2819 return NOTIFY_OK; 2820 } 2821 2822 /* 2823 * /proc 2824 */ 2825 2826 #ifdef CONFIG_PROC_FS 2827 2828 static const struct file_operations ipv6_route_proc_fops = { 2829 .owner = THIS_MODULE, 2830 .open = ipv6_route_open, 2831 .read = seq_read, 2832 .llseek = seq_lseek, 2833 .release = seq_release_net, 2834 }; 2835 2836 static int rt6_stats_seq_show(struct seq_file *seq, void *v) 2837 { 2838 struct net *net = (struct net *)seq->private; 2839 seq_printf(seq, "%04x %04x %04x %04x %04x %04x %04x\n", 2840 net->ipv6.rt6_stats->fib_nodes, 2841 net->ipv6.rt6_stats->fib_route_nodes, 2842 net->ipv6.rt6_stats->fib_rt_alloc, 2843 net->ipv6.rt6_stats->fib_rt_entries, 2844 net->ipv6.rt6_stats->fib_rt_cache, 2845 dst_entries_get_slow(&net->ipv6.ip6_dst_ops), 2846 net->ipv6.rt6_stats->fib_discarded_routes); 2847 2848 return 0; 2849 } 2850 2851 static int rt6_stats_seq_open(struct inode *inode, struct file *file) 2852 { 2853 return single_open_net(inode, file, rt6_stats_seq_show); 2854 } 2855 2856 static const struct file_operations rt6_stats_seq_fops = { 2857 .owner = THIS_MODULE, 2858 .open = rt6_stats_seq_open, 2859 .read = seq_read, 2860 .llseek = seq_lseek, 2861 .release = single_release_net, 2862 }; 2863 #endif /* CONFIG_PROC_FS */ 2864 2865 #ifdef CONFIG_SYSCTL 2866 2867 static 2868 int ipv6_sysctl_rtcache_flush(struct ctl_table *ctl, int write, 2869 void __user *buffer, size_t *lenp, loff_t *ppos) 2870 { 2871 struct net *net; 2872 int delay; 2873 if (!write) 2874 return -EINVAL; 2875 2876 net = (struct net *)ctl->extra1; 2877 delay = net->ipv6.sysctl.flush_delay; 2878 proc_dointvec(ctl, write, buffer, lenp, ppos); 2879 fib6_run_gc(delay <= 0 ? 0 : (unsigned long)delay, net, delay > 0); 2880 return 0; 2881 } 2882 2883 struct ctl_table ipv6_route_table_template[] = { 2884 { 2885 .procname = "flush", 2886 .data = &init_net.ipv6.sysctl.flush_delay, 2887 .maxlen = sizeof(int), 2888 .mode = 0200, 2889 .proc_handler = ipv6_sysctl_rtcache_flush 2890 }, 2891 { 2892 .procname = "gc_thresh", 2893 .data = &ip6_dst_ops_template.gc_thresh, 2894 .maxlen = sizeof(int), 2895 .mode = 0644, 2896 .proc_handler = proc_dointvec, 2897 }, 2898 { 2899 .procname = "max_size", 2900 .data = &init_net.ipv6.sysctl.ip6_rt_max_size, 2901 .maxlen = sizeof(int), 2902 .mode = 0644, 2903 .proc_handler = proc_dointvec, 2904 }, 2905 { 2906 .procname = "gc_min_interval", 2907 .data = &init_net.ipv6.sysctl.ip6_rt_gc_min_interval, 2908 .maxlen = sizeof(int), 2909 .mode = 0644, 2910 .proc_handler = proc_dointvec_jiffies, 2911 }, 2912 { 2913 .procname = "gc_timeout", 2914 .data = &init_net.ipv6.sysctl.ip6_rt_gc_timeout, 2915 .maxlen = sizeof(int), 2916 .mode = 0644, 2917 .proc_handler = proc_dointvec_jiffies, 2918 }, 2919 { 2920 .procname = "gc_interval", 2921 .data = &init_net.ipv6.sysctl.ip6_rt_gc_interval, 2922 .maxlen = sizeof(int), 2923 .mode = 0644, 2924 .proc_handler = proc_dointvec_jiffies, 2925 }, 2926 { 2927 .procname = "gc_elasticity", 2928 .data = &init_net.ipv6.sysctl.ip6_rt_gc_elasticity, 2929 .maxlen = sizeof(int), 2930 .mode = 0644, 2931 .proc_handler = proc_dointvec, 2932 }, 2933 { 2934 .procname = "mtu_expires", 2935 .data = &init_net.ipv6.sysctl.ip6_rt_mtu_expires, 2936 .maxlen = sizeof(int), 2937 .mode = 0644, 2938 .proc_handler = proc_dointvec_jiffies, 2939 }, 2940 { 2941 .procname = "min_adv_mss", 2942 .data = &init_net.ipv6.sysctl.ip6_rt_min_advmss, 2943 .maxlen = sizeof(int), 2944 .mode = 0644, 2945 .proc_handler = proc_dointvec, 2946 }, 2947 { 2948 .procname = "gc_min_interval_ms", 2949 .data = &init_net.ipv6.sysctl.ip6_rt_gc_min_interval, 2950 .maxlen = sizeof(int), 2951 .mode = 0644, 2952 .proc_handler = proc_dointvec_ms_jiffies, 2953 }, 2954 { } 2955 }; 2956 2957 struct ctl_table * __net_init ipv6_route_sysctl_init(struct net *net) 2958 { 2959 struct ctl_table *table; 2960 2961 table = kmemdup(ipv6_route_table_template, 2962 sizeof(ipv6_route_table_template), 2963 GFP_KERNEL); 2964 2965 if (table) { 2966 table[0].data = &net->ipv6.sysctl.flush_delay; 2967 table[0].extra1 = net; 2968 table[1].data = &net->ipv6.ip6_dst_ops.gc_thresh; 2969 table[2].data = &net->ipv6.sysctl.ip6_rt_max_size; 2970 table[3].data = &net->ipv6.sysctl.ip6_rt_gc_min_interval; 2971 table[4].data = &net->ipv6.sysctl.ip6_rt_gc_timeout; 2972 table[5].data = &net->ipv6.sysctl.ip6_rt_gc_interval; 2973 table[6].data = &net->ipv6.sysctl.ip6_rt_gc_elasticity; 2974 table[7].data = &net->ipv6.sysctl.ip6_rt_mtu_expires; 2975 table[8].data = &net->ipv6.sysctl.ip6_rt_min_advmss; 2976 table[9].data = &net->ipv6.sysctl.ip6_rt_gc_min_interval; 2977 2978 /* Don't export sysctls to unprivileged users */ 2979 if (net->user_ns != &init_user_ns) 2980 table[0].procname = NULL; 2981 } 2982 2983 return table; 2984 } 2985 #endif 2986 2987 static int __net_init ip6_route_net_init(struct net *net) 2988 { 2989 int ret = -ENOMEM; 2990 2991 memcpy(&net->ipv6.ip6_dst_ops, &ip6_dst_ops_template, 2992 sizeof(net->ipv6.ip6_dst_ops)); 2993 2994 if (dst_entries_init(&net->ipv6.ip6_dst_ops) < 0) 2995 goto out_ip6_dst_ops; 2996 2997 net->ipv6.ip6_null_entry = kmemdup(&ip6_null_entry_template, 2998 sizeof(*net->ipv6.ip6_null_entry), 2999 GFP_KERNEL); 3000 if (!net->ipv6.ip6_null_entry) 3001 goto out_ip6_dst_entries; 3002 net->ipv6.ip6_null_entry->dst.path = 3003 (struct dst_entry *)net->ipv6.ip6_null_entry; 3004 net->ipv6.ip6_null_entry->dst.ops = &net->ipv6.ip6_dst_ops; 3005 dst_init_metrics(&net->ipv6.ip6_null_entry->dst, 3006 ip6_template_metrics, true); 3007 3008 #ifdef CONFIG_IPV6_MULTIPLE_TABLES 3009 net->ipv6.ip6_prohibit_entry = kmemdup(&ip6_prohibit_entry_template, 3010 sizeof(*net->ipv6.ip6_prohibit_entry), 3011 GFP_KERNEL); 3012 if (!net->ipv6.ip6_prohibit_entry) 3013 goto out_ip6_null_entry; 3014 net->ipv6.ip6_prohibit_entry->dst.path = 3015 (struct dst_entry *)net->ipv6.ip6_prohibit_entry; 3016 net->ipv6.ip6_prohibit_entry->dst.ops = &net->ipv6.ip6_dst_ops; 3017 dst_init_metrics(&net->ipv6.ip6_prohibit_entry->dst, 3018 ip6_template_metrics, true); 3019 3020 net->ipv6.ip6_blk_hole_entry = kmemdup(&ip6_blk_hole_entry_template, 3021 sizeof(*net->ipv6.ip6_blk_hole_entry), 3022 GFP_KERNEL); 3023 if (!net->ipv6.ip6_blk_hole_entry) 3024 goto out_ip6_prohibit_entry; 3025 net->ipv6.ip6_blk_hole_entry->dst.path = 3026 (struct dst_entry *)net->ipv6.ip6_blk_hole_entry; 3027 net->ipv6.ip6_blk_hole_entry->dst.ops = &net->ipv6.ip6_dst_ops; 3028 dst_init_metrics(&net->ipv6.ip6_blk_hole_entry->dst, 3029 ip6_template_metrics, true); 3030 #endif 3031 3032 net->ipv6.sysctl.flush_delay = 0; 3033 net->ipv6.sysctl.ip6_rt_max_size = 4096; 3034 net->ipv6.sysctl.ip6_rt_gc_min_interval = HZ / 2; 3035 net->ipv6.sysctl.ip6_rt_gc_timeout = 60*HZ; 3036 net->ipv6.sysctl.ip6_rt_gc_interval = 30*HZ; 3037 net->ipv6.sysctl.ip6_rt_gc_elasticity = 9; 3038 net->ipv6.sysctl.ip6_rt_mtu_expires = 10*60*HZ; 3039 net->ipv6.sysctl.ip6_rt_min_advmss = IPV6_MIN_MTU - 20 - 40; 3040 3041 net->ipv6.ip6_rt_gc_expire = 30*HZ; 3042 3043 ret = 0; 3044 out: 3045 return ret; 3046 3047 #ifdef CONFIG_IPV6_MULTIPLE_TABLES 3048 out_ip6_prohibit_entry: 3049 kfree(net->ipv6.ip6_prohibit_entry); 3050 out_ip6_null_entry: 3051 kfree(net->ipv6.ip6_null_entry); 3052 #endif 3053 out_ip6_dst_entries: 3054 dst_entries_destroy(&net->ipv6.ip6_dst_ops); 3055 out_ip6_dst_ops: 3056 goto out; 3057 } 3058 3059 static void __net_exit ip6_route_net_exit(struct net *net) 3060 { 3061 kfree(net->ipv6.ip6_null_entry); 3062 #ifdef CONFIG_IPV6_MULTIPLE_TABLES 3063 kfree(net->ipv6.ip6_prohibit_entry); 3064 kfree(net->ipv6.ip6_blk_hole_entry); 3065 #endif 3066 dst_entries_destroy(&net->ipv6.ip6_dst_ops); 3067 } 3068 3069 static int __net_init ip6_route_net_init_late(struct net *net) 3070 { 3071 #ifdef CONFIG_PROC_FS 3072 proc_create("ipv6_route", 0, net->proc_net, &ipv6_route_proc_fops); 3073 proc_create("rt6_stats", S_IRUGO, net->proc_net, &rt6_stats_seq_fops); 3074 #endif 3075 return 0; 3076 } 3077 3078 static void __net_exit ip6_route_net_exit_late(struct net *net) 3079 { 3080 #ifdef CONFIG_PROC_FS 3081 remove_proc_entry("ipv6_route", net->proc_net); 3082 remove_proc_entry("rt6_stats", net->proc_net); 3083 #endif 3084 } 3085 3086 static struct pernet_operations ip6_route_net_ops = { 3087 .init = ip6_route_net_init, 3088 .exit = ip6_route_net_exit, 3089 }; 3090 3091 static int __net_init ipv6_inetpeer_init(struct net *net) 3092 { 3093 struct inet_peer_base *bp = kmalloc(sizeof(*bp), GFP_KERNEL); 3094 3095 if (!bp) 3096 return -ENOMEM; 3097 inet_peer_base_init(bp); 3098 net->ipv6.peers = bp; 3099 return 0; 3100 } 3101 3102 static void __net_exit ipv6_inetpeer_exit(struct net *net) 3103 { 3104 struct inet_peer_base *bp = net->ipv6.peers; 3105 3106 net->ipv6.peers = NULL; 3107 inetpeer_invalidate_tree(bp); 3108 kfree(bp); 3109 } 3110 3111 static struct pernet_operations ipv6_inetpeer_ops = { 3112 .init = ipv6_inetpeer_init, 3113 .exit = ipv6_inetpeer_exit, 3114 }; 3115 3116 static struct pernet_operations ip6_route_net_late_ops = { 3117 .init = ip6_route_net_init_late, 3118 .exit = ip6_route_net_exit_late, 3119 }; 3120 3121 static struct notifier_block ip6_route_dev_notifier = { 3122 .notifier_call = ip6_route_dev_notify, 3123 .priority = 0, 3124 }; 3125 3126 int __init ip6_route_init(void) 3127 { 3128 int ret; 3129 3130 ret = -ENOMEM; 3131 ip6_dst_ops_template.kmem_cachep = 3132 kmem_cache_create("ip6_dst_cache", sizeof(struct rt6_info), 0, 3133 SLAB_HWCACHE_ALIGN, NULL); 3134 if (!ip6_dst_ops_template.kmem_cachep) 3135 goto out; 3136 3137 ret = dst_entries_init(&ip6_dst_blackhole_ops); 3138 if (ret) 3139 goto out_kmem_cache; 3140 3141 ret = register_pernet_subsys(&ipv6_inetpeer_ops); 3142 if (ret) 3143 goto out_dst_entries; 3144 3145 ret = register_pernet_subsys(&ip6_route_net_ops); 3146 if (ret) 3147 goto out_register_inetpeer; 3148 3149 ip6_dst_blackhole_ops.kmem_cachep = ip6_dst_ops_template.kmem_cachep; 3150 3151 /* Registering of the loopback is done before this portion of code, 3152 * the loopback reference in rt6_info will not be taken, do it 3153 * manually for init_net */ 3154 init_net.ipv6.ip6_null_entry->dst.dev = init_net.loopback_dev; 3155 init_net.ipv6.ip6_null_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev); 3156 #ifdef CONFIG_IPV6_MULTIPLE_TABLES 3157 init_net.ipv6.ip6_prohibit_entry->dst.dev = init_net.loopback_dev; 3158 init_net.ipv6.ip6_prohibit_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev); 3159 init_net.ipv6.ip6_blk_hole_entry->dst.dev = init_net.loopback_dev; 3160 init_net.ipv6.ip6_blk_hole_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev); 3161 #endif 3162 ret = fib6_init(); 3163 if (ret) 3164 goto out_register_subsys; 3165 3166 ret = xfrm6_init(); 3167 if (ret) 3168 goto out_fib6_init; 3169 3170 ret = fib6_rules_init(); 3171 if (ret) 3172 goto xfrm6_init; 3173 3174 ret = register_pernet_subsys(&ip6_route_net_late_ops); 3175 if (ret) 3176 goto fib6_rules_init; 3177 3178 ret = -ENOBUFS; 3179 if (__rtnl_register(PF_INET6, RTM_NEWROUTE, inet6_rtm_newroute, NULL, NULL) || 3180 __rtnl_register(PF_INET6, RTM_DELROUTE, inet6_rtm_delroute, NULL, NULL) || 3181 __rtnl_register(PF_INET6, RTM_GETROUTE, inet6_rtm_getroute, NULL, NULL)) 3182 goto out_register_late_subsys; 3183 3184 ret = register_netdevice_notifier(&ip6_route_dev_notifier); 3185 if (ret) 3186 goto out_register_late_subsys; 3187 3188 out: 3189 return ret; 3190 3191 out_register_late_subsys: 3192 unregister_pernet_subsys(&ip6_route_net_late_ops); 3193 fib6_rules_init: 3194 fib6_rules_cleanup(); 3195 xfrm6_init: 3196 xfrm6_fini(); 3197 out_fib6_init: 3198 fib6_gc_cleanup(); 3199 out_register_subsys: 3200 unregister_pernet_subsys(&ip6_route_net_ops); 3201 out_register_inetpeer: 3202 unregister_pernet_subsys(&ipv6_inetpeer_ops); 3203 out_dst_entries: 3204 dst_entries_destroy(&ip6_dst_blackhole_ops); 3205 out_kmem_cache: 3206 kmem_cache_destroy(ip6_dst_ops_template.kmem_cachep); 3207 goto out; 3208 } 3209 3210 void ip6_route_cleanup(void) 3211 { 3212 unregister_netdevice_notifier(&ip6_route_dev_notifier); 3213 unregister_pernet_subsys(&ip6_route_net_late_ops); 3214 fib6_rules_cleanup(); 3215 xfrm6_fini(); 3216 fib6_gc_cleanup(); 3217 unregister_pernet_subsys(&ipv6_inetpeer_ops); 3218 unregister_pernet_subsys(&ip6_route_net_ops); 3219 dst_entries_destroy(&ip6_dst_blackhole_ops); 3220 kmem_cache_destroy(ip6_dst_ops_template.kmem_cachep); 3221 } 3222