1 /* 2 * Linux INET6 implementation 3 * FIB front-end. 4 * 5 * Authors: 6 * Pedro Roque <roque@di.fc.ul.pt> 7 * 8 * $Id: route.c,v 1.56 2001/10/31 21:55:55 davem Exp $ 9 * 10 * This program is free software; you can redistribute it and/or 11 * modify it under the terms of the GNU General Public License 12 * as published by the Free Software Foundation; either version 13 * 2 of the License, or (at your option) any later version. 14 */ 15 16 /* Changes: 17 * 18 * YOSHIFUJI Hideaki @USAGI 19 * reworked default router selection. 20 * - respect outgoing interface 21 * - select from (probably) reachable routers (i.e. 22 * routers in REACHABLE, STALE, DELAY or PROBE states). 23 * - always select the same router if it is (probably) 24 * reachable. otherwise, round-robin the list. 25 * Ville Nuorvala 26 * Fixed routing subtrees. 27 */ 28 29 #include <linux/capability.h> 30 #include <linux/errno.h> 31 #include <linux/types.h> 32 #include <linux/times.h> 33 #include <linux/socket.h> 34 #include <linux/sockios.h> 35 #include <linux/net.h> 36 #include <linux/route.h> 37 #include <linux/netdevice.h> 38 #include <linux/in6.h> 39 #include <linux/init.h> 40 #include <linux/if_arp.h> 41 #include <linux/proc_fs.h> 42 #include <linux/seq_file.h> 43 #include <net/net_namespace.h> 44 #include <net/snmp.h> 45 #include <net/ipv6.h> 46 #include <net/ip6_fib.h> 47 #include <net/ip6_route.h> 48 #include <net/ndisc.h> 49 #include <net/addrconf.h> 50 #include <net/tcp.h> 51 #include <linux/rtnetlink.h> 52 #include <net/dst.h> 53 #include <net/xfrm.h> 54 #include <net/netevent.h> 55 #include <net/netlink.h> 56 57 #include <asm/uaccess.h> 58 59 #ifdef CONFIG_SYSCTL 60 #include <linux/sysctl.h> 61 #endif 62 63 /* Set to 3 to get tracing. */ 64 #define RT6_DEBUG 2 65 66 #if RT6_DEBUG >= 3 67 #define RDBG(x) printk x 68 #define RT6_TRACE(x...) printk(KERN_DEBUG x) 69 #else 70 #define RDBG(x) 71 #define RT6_TRACE(x...) do { ; } while (0) 72 #endif 73 74 #define CLONE_OFFLINK_ROUTE 0 75 76 static struct rt6_info * ip6_rt_copy(struct rt6_info *ort); 77 static struct dst_entry *ip6_dst_check(struct dst_entry *dst, u32 cookie); 78 static struct dst_entry *ip6_negative_advice(struct dst_entry *); 79 static void ip6_dst_destroy(struct dst_entry *); 80 static void ip6_dst_ifdown(struct dst_entry *, 81 struct net_device *dev, int how); 82 static int ip6_dst_gc(struct dst_ops *ops); 83 84 static int ip6_pkt_discard(struct sk_buff *skb); 85 static int ip6_pkt_discard_out(struct sk_buff *skb); 86 static void ip6_link_failure(struct sk_buff *skb); 87 static void ip6_rt_update_pmtu(struct dst_entry *dst, u32 mtu); 88 89 #ifdef CONFIG_IPV6_ROUTE_INFO 90 static struct rt6_info *rt6_add_route_info(struct in6_addr *prefix, int prefixlen, 91 struct in6_addr *gwaddr, int ifindex, 92 unsigned pref); 93 static struct rt6_info *rt6_get_route_info(struct in6_addr *prefix, int prefixlen, 94 struct in6_addr *gwaddr, int ifindex); 95 #endif 96 97 static struct dst_ops ip6_dst_ops = { 98 .family = AF_INET6, 99 .protocol = __constant_htons(ETH_P_IPV6), 100 .gc = ip6_dst_gc, 101 .gc_thresh = 1024, 102 .check = ip6_dst_check, 103 .destroy = ip6_dst_destroy, 104 .ifdown = ip6_dst_ifdown, 105 .negative_advice = ip6_negative_advice, 106 .link_failure = ip6_link_failure, 107 .update_pmtu = ip6_rt_update_pmtu, 108 .local_out = ip6_local_out, 109 .entry_size = sizeof(struct rt6_info), 110 .entries = ATOMIC_INIT(0), 111 }; 112 113 static void ip6_rt_blackhole_update_pmtu(struct dst_entry *dst, u32 mtu) 114 { 115 } 116 117 static struct dst_ops ip6_dst_blackhole_ops = { 118 .family = AF_INET6, 119 .protocol = __constant_htons(ETH_P_IPV6), 120 .destroy = ip6_dst_destroy, 121 .check = ip6_dst_check, 122 .update_pmtu = ip6_rt_blackhole_update_pmtu, 123 .entry_size = sizeof(struct rt6_info), 124 .entries = ATOMIC_INIT(0), 125 }; 126 127 struct rt6_info ip6_null_entry = { 128 .u = { 129 .dst = { 130 .__refcnt = ATOMIC_INIT(1), 131 .__use = 1, 132 .obsolete = -1, 133 .error = -ENETUNREACH, 134 .metrics = { [RTAX_HOPLIMIT - 1] = 255, }, 135 .input = ip6_pkt_discard, 136 .output = ip6_pkt_discard_out, 137 .ops = &ip6_dst_ops, 138 .path = (struct dst_entry*)&ip6_null_entry, 139 } 140 }, 141 .rt6i_flags = (RTF_REJECT | RTF_NONEXTHOP), 142 .rt6i_metric = ~(u32) 0, 143 .rt6i_ref = ATOMIC_INIT(1), 144 }; 145 146 #ifdef CONFIG_IPV6_MULTIPLE_TABLES 147 148 static int ip6_pkt_prohibit(struct sk_buff *skb); 149 static int ip6_pkt_prohibit_out(struct sk_buff *skb); 150 151 struct rt6_info ip6_prohibit_entry = { 152 .u = { 153 .dst = { 154 .__refcnt = ATOMIC_INIT(1), 155 .__use = 1, 156 .obsolete = -1, 157 .error = -EACCES, 158 .metrics = { [RTAX_HOPLIMIT - 1] = 255, }, 159 .input = ip6_pkt_prohibit, 160 .output = ip6_pkt_prohibit_out, 161 .ops = &ip6_dst_ops, 162 .path = (struct dst_entry*)&ip6_prohibit_entry, 163 } 164 }, 165 .rt6i_flags = (RTF_REJECT | RTF_NONEXTHOP), 166 .rt6i_metric = ~(u32) 0, 167 .rt6i_ref = ATOMIC_INIT(1), 168 }; 169 170 struct rt6_info ip6_blk_hole_entry = { 171 .u = { 172 .dst = { 173 .__refcnt = ATOMIC_INIT(1), 174 .__use = 1, 175 .obsolete = -1, 176 .error = -EINVAL, 177 .metrics = { [RTAX_HOPLIMIT - 1] = 255, }, 178 .input = dst_discard, 179 .output = dst_discard, 180 .ops = &ip6_dst_ops, 181 .path = (struct dst_entry*)&ip6_blk_hole_entry, 182 } 183 }, 184 .rt6i_flags = (RTF_REJECT | RTF_NONEXTHOP), 185 .rt6i_metric = ~(u32) 0, 186 .rt6i_ref = ATOMIC_INIT(1), 187 }; 188 189 #endif 190 191 /* allocate dst with ip6_dst_ops */ 192 static __inline__ struct rt6_info *ip6_dst_alloc(void) 193 { 194 return (struct rt6_info *)dst_alloc(&ip6_dst_ops); 195 } 196 197 static void ip6_dst_destroy(struct dst_entry *dst) 198 { 199 struct rt6_info *rt = (struct rt6_info *)dst; 200 struct inet6_dev *idev = rt->rt6i_idev; 201 202 if (idev != NULL) { 203 rt->rt6i_idev = NULL; 204 in6_dev_put(idev); 205 } 206 } 207 208 static void ip6_dst_ifdown(struct dst_entry *dst, struct net_device *dev, 209 int how) 210 { 211 struct rt6_info *rt = (struct rt6_info *)dst; 212 struct inet6_dev *idev = rt->rt6i_idev; 213 struct net_device *loopback_dev = 214 dev->nd_net->loopback_dev; 215 216 if (dev != loopback_dev && idev != NULL && idev->dev == dev) { 217 struct inet6_dev *loopback_idev = 218 in6_dev_get(loopback_dev); 219 if (loopback_idev != NULL) { 220 rt->rt6i_idev = loopback_idev; 221 in6_dev_put(idev); 222 } 223 } 224 } 225 226 static __inline__ int rt6_check_expired(const struct rt6_info *rt) 227 { 228 return (rt->rt6i_flags & RTF_EXPIRES && 229 time_after(jiffies, rt->rt6i_expires)); 230 } 231 232 static inline int rt6_need_strict(struct in6_addr *daddr) 233 { 234 return (ipv6_addr_type(daddr) & 235 (IPV6_ADDR_MULTICAST | IPV6_ADDR_LINKLOCAL)); 236 } 237 238 /* 239 * Route lookup. Any table->tb6_lock is implied. 240 */ 241 242 static __inline__ struct rt6_info *rt6_device_match(struct rt6_info *rt, 243 int oif, 244 int strict) 245 { 246 struct rt6_info *local = NULL; 247 struct rt6_info *sprt; 248 249 if (oif) { 250 for (sprt = rt; sprt; sprt = sprt->u.dst.rt6_next) { 251 struct net_device *dev = sprt->rt6i_dev; 252 if (dev->ifindex == oif) 253 return sprt; 254 if (dev->flags & IFF_LOOPBACK) { 255 if (sprt->rt6i_idev == NULL || 256 sprt->rt6i_idev->dev->ifindex != oif) { 257 if (strict && oif) 258 continue; 259 if (local && (!oif || 260 local->rt6i_idev->dev->ifindex == oif)) 261 continue; 262 } 263 local = sprt; 264 } 265 } 266 267 if (local) 268 return local; 269 270 if (strict) 271 return &ip6_null_entry; 272 } 273 return rt; 274 } 275 276 #ifdef CONFIG_IPV6_ROUTER_PREF 277 static void rt6_probe(struct rt6_info *rt) 278 { 279 struct neighbour *neigh = rt ? rt->rt6i_nexthop : NULL; 280 /* 281 * Okay, this does not seem to be appropriate 282 * for now, however, we need to check if it 283 * is really so; aka Router Reachability Probing. 284 * 285 * Router Reachability Probe MUST be rate-limited 286 * to no more than one per minute. 287 */ 288 if (!neigh || (neigh->nud_state & NUD_VALID)) 289 return; 290 read_lock_bh(&neigh->lock); 291 if (!(neigh->nud_state & NUD_VALID) && 292 time_after(jiffies, neigh->updated + rt->rt6i_idev->cnf.rtr_probe_interval)) { 293 struct in6_addr mcaddr; 294 struct in6_addr *target; 295 296 neigh->updated = jiffies; 297 read_unlock_bh(&neigh->lock); 298 299 target = (struct in6_addr *)&neigh->primary_key; 300 addrconf_addr_solict_mult(target, &mcaddr); 301 ndisc_send_ns(rt->rt6i_dev, NULL, target, &mcaddr, NULL); 302 } else 303 read_unlock_bh(&neigh->lock); 304 } 305 #else 306 static inline void rt6_probe(struct rt6_info *rt) 307 { 308 return; 309 } 310 #endif 311 312 /* 313 * Default Router Selection (RFC 2461 6.3.6) 314 */ 315 static inline int rt6_check_dev(struct rt6_info *rt, int oif) 316 { 317 struct net_device *dev = rt->rt6i_dev; 318 if (!oif || dev->ifindex == oif) 319 return 2; 320 if ((dev->flags & IFF_LOOPBACK) && 321 rt->rt6i_idev && rt->rt6i_idev->dev->ifindex == oif) 322 return 1; 323 return 0; 324 } 325 326 static inline int rt6_check_neigh(struct rt6_info *rt) 327 { 328 struct neighbour *neigh = rt->rt6i_nexthop; 329 int m; 330 if (rt->rt6i_flags & RTF_NONEXTHOP || 331 !(rt->rt6i_flags & RTF_GATEWAY)) 332 m = 1; 333 else if (neigh) { 334 read_lock_bh(&neigh->lock); 335 if (neigh->nud_state & NUD_VALID) 336 m = 2; 337 #ifdef CONFIG_IPV6_ROUTER_PREF 338 else if (neigh->nud_state & NUD_FAILED) 339 m = 0; 340 #endif 341 else 342 m = 1; 343 read_unlock_bh(&neigh->lock); 344 } else 345 m = 0; 346 return m; 347 } 348 349 static int rt6_score_route(struct rt6_info *rt, int oif, 350 int strict) 351 { 352 int m, n; 353 354 m = rt6_check_dev(rt, oif); 355 if (!m && (strict & RT6_LOOKUP_F_IFACE)) 356 return -1; 357 #ifdef CONFIG_IPV6_ROUTER_PREF 358 m |= IPV6_DECODE_PREF(IPV6_EXTRACT_PREF(rt->rt6i_flags)) << 2; 359 #endif 360 n = rt6_check_neigh(rt); 361 if (!n && (strict & RT6_LOOKUP_F_REACHABLE)) 362 return -1; 363 return m; 364 } 365 366 static struct rt6_info *find_match(struct rt6_info *rt, int oif, int strict, 367 int *mpri, struct rt6_info *match) 368 { 369 int m; 370 371 if (rt6_check_expired(rt)) 372 goto out; 373 374 m = rt6_score_route(rt, oif, strict); 375 if (m < 0) 376 goto out; 377 378 if (m > *mpri) { 379 if (strict & RT6_LOOKUP_F_REACHABLE) 380 rt6_probe(match); 381 *mpri = m; 382 match = rt; 383 } else if (strict & RT6_LOOKUP_F_REACHABLE) { 384 rt6_probe(rt); 385 } 386 387 out: 388 return match; 389 } 390 391 static struct rt6_info *find_rr_leaf(struct fib6_node *fn, 392 struct rt6_info *rr_head, 393 u32 metric, int oif, int strict) 394 { 395 struct rt6_info *rt, *match; 396 int mpri = -1; 397 398 match = NULL; 399 for (rt = rr_head; rt && rt->rt6i_metric == metric; 400 rt = rt->u.dst.rt6_next) 401 match = find_match(rt, oif, strict, &mpri, match); 402 for (rt = fn->leaf; rt && rt != rr_head && rt->rt6i_metric == metric; 403 rt = rt->u.dst.rt6_next) 404 match = find_match(rt, oif, strict, &mpri, match); 405 406 return match; 407 } 408 409 static struct rt6_info *rt6_select(struct fib6_node *fn, int oif, int strict) 410 { 411 struct rt6_info *match, *rt0; 412 413 RT6_TRACE("%s(fn->leaf=%p, oif=%d)\n", 414 __FUNCTION__, fn->leaf, oif); 415 416 rt0 = fn->rr_ptr; 417 if (!rt0) 418 fn->rr_ptr = rt0 = fn->leaf; 419 420 match = find_rr_leaf(fn, rt0, rt0->rt6i_metric, oif, strict); 421 422 if (!match && 423 (strict & RT6_LOOKUP_F_REACHABLE)) { 424 struct rt6_info *next = rt0->u.dst.rt6_next; 425 426 /* no entries matched; do round-robin */ 427 if (!next || next->rt6i_metric != rt0->rt6i_metric) 428 next = fn->leaf; 429 430 if (next != rt0) 431 fn->rr_ptr = next; 432 } 433 434 RT6_TRACE("%s() => %p\n", 435 __FUNCTION__, match); 436 437 return (match ? match : &ip6_null_entry); 438 } 439 440 #ifdef CONFIG_IPV6_ROUTE_INFO 441 int rt6_route_rcv(struct net_device *dev, u8 *opt, int len, 442 struct in6_addr *gwaddr) 443 { 444 struct route_info *rinfo = (struct route_info *) opt; 445 struct in6_addr prefix_buf, *prefix; 446 unsigned int pref; 447 u32 lifetime; 448 struct rt6_info *rt; 449 450 if (len < sizeof(struct route_info)) { 451 return -EINVAL; 452 } 453 454 /* Sanity check for prefix_len and length */ 455 if (rinfo->length > 3) { 456 return -EINVAL; 457 } else if (rinfo->prefix_len > 128) { 458 return -EINVAL; 459 } else if (rinfo->prefix_len > 64) { 460 if (rinfo->length < 2) { 461 return -EINVAL; 462 } 463 } else if (rinfo->prefix_len > 0) { 464 if (rinfo->length < 1) { 465 return -EINVAL; 466 } 467 } 468 469 pref = rinfo->route_pref; 470 if (pref == ICMPV6_ROUTER_PREF_INVALID) 471 pref = ICMPV6_ROUTER_PREF_MEDIUM; 472 473 lifetime = ntohl(rinfo->lifetime); 474 if (lifetime == 0xffffffff) { 475 /* infinity */ 476 } else if (lifetime > 0x7fffffff/HZ) { 477 /* Avoid arithmetic overflow */ 478 lifetime = 0x7fffffff/HZ - 1; 479 } 480 481 if (rinfo->length == 3) 482 prefix = (struct in6_addr *)rinfo->prefix; 483 else { 484 /* this function is safe */ 485 ipv6_addr_prefix(&prefix_buf, 486 (struct in6_addr *)rinfo->prefix, 487 rinfo->prefix_len); 488 prefix = &prefix_buf; 489 } 490 491 rt = rt6_get_route_info(prefix, rinfo->prefix_len, gwaddr, dev->ifindex); 492 493 if (rt && !lifetime) { 494 ip6_del_rt(rt); 495 rt = NULL; 496 } 497 498 if (!rt && lifetime) 499 rt = rt6_add_route_info(prefix, rinfo->prefix_len, gwaddr, dev->ifindex, 500 pref); 501 else if (rt) 502 rt->rt6i_flags = RTF_ROUTEINFO | 503 (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref); 504 505 if (rt) { 506 if (lifetime == 0xffffffff) { 507 rt->rt6i_flags &= ~RTF_EXPIRES; 508 } else { 509 rt->rt6i_expires = jiffies + HZ * lifetime; 510 rt->rt6i_flags |= RTF_EXPIRES; 511 } 512 dst_release(&rt->u.dst); 513 } 514 return 0; 515 } 516 #endif 517 518 #define BACKTRACK(saddr) \ 519 do { \ 520 if (rt == &ip6_null_entry) { \ 521 struct fib6_node *pn; \ 522 while (1) { \ 523 if (fn->fn_flags & RTN_TL_ROOT) \ 524 goto out; \ 525 pn = fn->parent; \ 526 if (FIB6_SUBTREE(pn) && FIB6_SUBTREE(pn) != fn) \ 527 fn = fib6_lookup(FIB6_SUBTREE(pn), NULL, saddr); \ 528 else \ 529 fn = pn; \ 530 if (fn->fn_flags & RTN_RTINFO) \ 531 goto restart; \ 532 } \ 533 } \ 534 } while(0) 535 536 static struct rt6_info *ip6_pol_route_lookup(struct fib6_table *table, 537 struct flowi *fl, int flags) 538 { 539 struct fib6_node *fn; 540 struct rt6_info *rt; 541 542 read_lock_bh(&table->tb6_lock); 543 fn = fib6_lookup(&table->tb6_root, &fl->fl6_dst, &fl->fl6_src); 544 restart: 545 rt = fn->leaf; 546 rt = rt6_device_match(rt, fl->oif, flags); 547 BACKTRACK(&fl->fl6_src); 548 out: 549 dst_use(&rt->u.dst, jiffies); 550 read_unlock_bh(&table->tb6_lock); 551 return rt; 552 553 } 554 555 struct rt6_info *rt6_lookup(struct in6_addr *daddr, struct in6_addr *saddr, 556 int oif, int strict) 557 { 558 struct flowi fl = { 559 .oif = oif, 560 .nl_u = { 561 .ip6_u = { 562 .daddr = *daddr, 563 }, 564 }, 565 }; 566 struct dst_entry *dst; 567 int flags = strict ? RT6_LOOKUP_F_IFACE : 0; 568 569 if (saddr) { 570 memcpy(&fl.fl6_src, saddr, sizeof(*saddr)); 571 flags |= RT6_LOOKUP_F_HAS_SADDR; 572 } 573 574 dst = fib6_rule_lookup(&fl, flags, ip6_pol_route_lookup); 575 if (dst->error == 0) 576 return (struct rt6_info *) dst; 577 578 dst_release(dst); 579 580 return NULL; 581 } 582 583 EXPORT_SYMBOL(rt6_lookup); 584 585 /* ip6_ins_rt is called with FREE table->tb6_lock. 586 It takes new route entry, the addition fails by any reason the 587 route is freed. In any case, if caller does not hold it, it may 588 be destroyed. 589 */ 590 591 static int __ip6_ins_rt(struct rt6_info *rt, struct nl_info *info) 592 { 593 int err; 594 struct fib6_table *table; 595 596 table = rt->rt6i_table; 597 write_lock_bh(&table->tb6_lock); 598 err = fib6_add(&table->tb6_root, rt, info); 599 write_unlock_bh(&table->tb6_lock); 600 601 return err; 602 } 603 604 int ip6_ins_rt(struct rt6_info *rt) 605 { 606 struct nl_info info = { 607 .nl_net = &init_net, 608 }; 609 return __ip6_ins_rt(rt, &info); 610 } 611 612 static struct rt6_info *rt6_alloc_cow(struct rt6_info *ort, struct in6_addr *daddr, 613 struct in6_addr *saddr) 614 { 615 struct rt6_info *rt; 616 617 /* 618 * Clone the route. 619 */ 620 621 rt = ip6_rt_copy(ort); 622 623 if (rt) { 624 if (!(rt->rt6i_flags&RTF_GATEWAY)) { 625 if (rt->rt6i_dst.plen != 128 && 626 ipv6_addr_equal(&rt->rt6i_dst.addr, daddr)) 627 rt->rt6i_flags |= RTF_ANYCAST; 628 ipv6_addr_copy(&rt->rt6i_gateway, daddr); 629 } 630 631 ipv6_addr_copy(&rt->rt6i_dst.addr, daddr); 632 rt->rt6i_dst.plen = 128; 633 rt->rt6i_flags |= RTF_CACHE; 634 rt->u.dst.flags |= DST_HOST; 635 636 #ifdef CONFIG_IPV6_SUBTREES 637 if (rt->rt6i_src.plen && saddr) { 638 ipv6_addr_copy(&rt->rt6i_src.addr, saddr); 639 rt->rt6i_src.plen = 128; 640 } 641 #endif 642 643 rt->rt6i_nexthop = ndisc_get_neigh(rt->rt6i_dev, &rt->rt6i_gateway); 644 645 } 646 647 return rt; 648 } 649 650 static struct rt6_info *rt6_alloc_clone(struct rt6_info *ort, struct in6_addr *daddr) 651 { 652 struct rt6_info *rt = ip6_rt_copy(ort); 653 if (rt) { 654 ipv6_addr_copy(&rt->rt6i_dst.addr, daddr); 655 rt->rt6i_dst.plen = 128; 656 rt->rt6i_flags |= RTF_CACHE; 657 rt->u.dst.flags |= DST_HOST; 658 rt->rt6i_nexthop = neigh_clone(ort->rt6i_nexthop); 659 } 660 return rt; 661 } 662 663 static struct rt6_info *ip6_pol_route(struct fib6_table *table, int oif, 664 struct flowi *fl, int flags) 665 { 666 struct fib6_node *fn; 667 struct rt6_info *rt, *nrt; 668 int strict = 0; 669 int attempts = 3; 670 int err; 671 int reachable = ipv6_devconf.forwarding ? 0 : RT6_LOOKUP_F_REACHABLE; 672 673 strict |= flags & RT6_LOOKUP_F_IFACE; 674 675 relookup: 676 read_lock_bh(&table->tb6_lock); 677 678 restart_2: 679 fn = fib6_lookup(&table->tb6_root, &fl->fl6_dst, &fl->fl6_src); 680 681 restart: 682 rt = rt6_select(fn, oif, strict | reachable); 683 BACKTRACK(&fl->fl6_src); 684 if (rt == &ip6_null_entry || 685 rt->rt6i_flags & RTF_CACHE) 686 goto out; 687 688 dst_hold(&rt->u.dst); 689 read_unlock_bh(&table->tb6_lock); 690 691 if (!rt->rt6i_nexthop && !(rt->rt6i_flags & RTF_NONEXTHOP)) 692 nrt = rt6_alloc_cow(rt, &fl->fl6_dst, &fl->fl6_src); 693 else { 694 #if CLONE_OFFLINK_ROUTE 695 nrt = rt6_alloc_clone(rt, &fl->fl6_dst); 696 #else 697 goto out2; 698 #endif 699 } 700 701 dst_release(&rt->u.dst); 702 rt = nrt ? : &ip6_null_entry; 703 704 dst_hold(&rt->u.dst); 705 if (nrt) { 706 err = ip6_ins_rt(nrt); 707 if (!err) 708 goto out2; 709 } 710 711 if (--attempts <= 0) 712 goto out2; 713 714 /* 715 * Race condition! In the gap, when table->tb6_lock was 716 * released someone could insert this route. Relookup. 717 */ 718 dst_release(&rt->u.dst); 719 goto relookup; 720 721 out: 722 if (reachable) { 723 reachable = 0; 724 goto restart_2; 725 } 726 dst_hold(&rt->u.dst); 727 read_unlock_bh(&table->tb6_lock); 728 out2: 729 rt->u.dst.lastuse = jiffies; 730 rt->u.dst.__use++; 731 732 return rt; 733 } 734 735 static struct rt6_info *ip6_pol_route_input(struct fib6_table *table, 736 struct flowi *fl, int flags) 737 { 738 return ip6_pol_route(table, fl->iif, fl, flags); 739 } 740 741 void ip6_route_input(struct sk_buff *skb) 742 { 743 struct ipv6hdr *iph = ipv6_hdr(skb); 744 int flags = RT6_LOOKUP_F_HAS_SADDR; 745 struct flowi fl = { 746 .iif = skb->dev->ifindex, 747 .nl_u = { 748 .ip6_u = { 749 .daddr = iph->daddr, 750 .saddr = iph->saddr, 751 .flowlabel = (* (__be32 *) iph)&IPV6_FLOWINFO_MASK, 752 }, 753 }, 754 .mark = skb->mark, 755 .proto = iph->nexthdr, 756 }; 757 758 if (rt6_need_strict(&iph->daddr)) 759 flags |= RT6_LOOKUP_F_IFACE; 760 761 skb->dst = fib6_rule_lookup(&fl, flags, ip6_pol_route_input); 762 } 763 764 static struct rt6_info *ip6_pol_route_output(struct fib6_table *table, 765 struct flowi *fl, int flags) 766 { 767 return ip6_pol_route(table, fl->oif, fl, flags); 768 } 769 770 struct dst_entry * ip6_route_output(struct sock *sk, struct flowi *fl) 771 { 772 int flags = 0; 773 774 if (rt6_need_strict(&fl->fl6_dst)) 775 flags |= RT6_LOOKUP_F_IFACE; 776 777 if (!ipv6_addr_any(&fl->fl6_src)) 778 flags |= RT6_LOOKUP_F_HAS_SADDR; 779 780 return fib6_rule_lookup(fl, flags, ip6_pol_route_output); 781 } 782 783 EXPORT_SYMBOL(ip6_route_output); 784 785 int ip6_dst_blackhole(struct sock *sk, struct dst_entry **dstp, struct flowi *fl) 786 { 787 struct rt6_info *ort = (struct rt6_info *) *dstp; 788 struct rt6_info *rt = (struct rt6_info *) 789 dst_alloc(&ip6_dst_blackhole_ops); 790 struct dst_entry *new = NULL; 791 792 if (rt) { 793 new = &rt->u.dst; 794 795 atomic_set(&new->__refcnt, 1); 796 new->__use = 1; 797 new->input = dst_discard; 798 new->output = dst_discard; 799 800 memcpy(new->metrics, ort->u.dst.metrics, RTAX_MAX*sizeof(u32)); 801 new->dev = ort->u.dst.dev; 802 if (new->dev) 803 dev_hold(new->dev); 804 rt->rt6i_idev = ort->rt6i_idev; 805 if (rt->rt6i_idev) 806 in6_dev_hold(rt->rt6i_idev); 807 rt->rt6i_expires = 0; 808 809 ipv6_addr_copy(&rt->rt6i_gateway, &ort->rt6i_gateway); 810 rt->rt6i_flags = ort->rt6i_flags & ~RTF_EXPIRES; 811 rt->rt6i_metric = 0; 812 813 memcpy(&rt->rt6i_dst, &ort->rt6i_dst, sizeof(struct rt6key)); 814 #ifdef CONFIG_IPV6_SUBTREES 815 memcpy(&rt->rt6i_src, &ort->rt6i_src, sizeof(struct rt6key)); 816 #endif 817 818 dst_free(new); 819 } 820 821 dst_release(*dstp); 822 *dstp = new; 823 return (new ? 0 : -ENOMEM); 824 } 825 EXPORT_SYMBOL_GPL(ip6_dst_blackhole); 826 827 /* 828 * Destination cache support functions 829 */ 830 831 static struct dst_entry *ip6_dst_check(struct dst_entry *dst, u32 cookie) 832 { 833 struct rt6_info *rt; 834 835 rt = (struct rt6_info *) dst; 836 837 if (rt && rt->rt6i_node && (rt->rt6i_node->fn_sernum == cookie)) 838 return dst; 839 840 return NULL; 841 } 842 843 static struct dst_entry *ip6_negative_advice(struct dst_entry *dst) 844 { 845 struct rt6_info *rt = (struct rt6_info *) dst; 846 847 if (rt) { 848 if (rt->rt6i_flags & RTF_CACHE) 849 ip6_del_rt(rt); 850 else 851 dst_release(dst); 852 } 853 return NULL; 854 } 855 856 static void ip6_link_failure(struct sk_buff *skb) 857 { 858 struct rt6_info *rt; 859 860 icmpv6_send(skb, ICMPV6_DEST_UNREACH, ICMPV6_ADDR_UNREACH, 0, skb->dev); 861 862 rt = (struct rt6_info *) skb->dst; 863 if (rt) { 864 if (rt->rt6i_flags&RTF_CACHE) { 865 dst_set_expires(&rt->u.dst, 0); 866 rt->rt6i_flags |= RTF_EXPIRES; 867 } else if (rt->rt6i_node && (rt->rt6i_flags & RTF_DEFAULT)) 868 rt->rt6i_node->fn_sernum = -1; 869 } 870 } 871 872 static void ip6_rt_update_pmtu(struct dst_entry *dst, u32 mtu) 873 { 874 struct rt6_info *rt6 = (struct rt6_info*)dst; 875 876 if (mtu < dst_mtu(dst) && rt6->rt6i_dst.plen == 128) { 877 rt6->rt6i_flags |= RTF_MODIFIED; 878 if (mtu < IPV6_MIN_MTU) { 879 mtu = IPV6_MIN_MTU; 880 dst->metrics[RTAX_FEATURES-1] |= RTAX_FEATURE_ALLFRAG; 881 } 882 dst->metrics[RTAX_MTU-1] = mtu; 883 call_netevent_notifiers(NETEVENT_PMTU_UPDATE, dst); 884 } 885 } 886 887 static int ipv6_get_mtu(struct net_device *dev); 888 889 static inline unsigned int ipv6_advmss(unsigned int mtu) 890 { 891 mtu -= sizeof(struct ipv6hdr) + sizeof(struct tcphdr); 892 893 if (mtu < init_net.ipv6.sysctl.ip6_rt_min_advmss) 894 mtu = init_net.ipv6.sysctl.ip6_rt_min_advmss; 895 896 /* 897 * Maximal non-jumbo IPv6 payload is IPV6_MAXPLEN and 898 * corresponding MSS is IPV6_MAXPLEN - tcp_header_size. 899 * IPV6_MAXPLEN is also valid and means: "any MSS, 900 * rely only on pmtu discovery" 901 */ 902 if (mtu > IPV6_MAXPLEN - sizeof(struct tcphdr)) 903 mtu = IPV6_MAXPLEN; 904 return mtu; 905 } 906 907 static struct dst_entry *ndisc_dst_gc_list; 908 static DEFINE_SPINLOCK(ndisc_lock); 909 910 struct dst_entry *ndisc_dst_alloc(struct net_device *dev, 911 struct neighbour *neigh, 912 struct in6_addr *addr, 913 int (*output)(struct sk_buff *)) 914 { 915 struct rt6_info *rt; 916 struct inet6_dev *idev = in6_dev_get(dev); 917 918 if (unlikely(idev == NULL)) 919 return NULL; 920 921 rt = ip6_dst_alloc(); 922 if (unlikely(rt == NULL)) { 923 in6_dev_put(idev); 924 goto out; 925 } 926 927 dev_hold(dev); 928 if (neigh) 929 neigh_hold(neigh); 930 else 931 neigh = ndisc_get_neigh(dev, addr); 932 933 rt->rt6i_dev = dev; 934 rt->rt6i_idev = idev; 935 rt->rt6i_nexthop = neigh; 936 atomic_set(&rt->u.dst.__refcnt, 1); 937 rt->u.dst.metrics[RTAX_HOPLIMIT-1] = 255; 938 rt->u.dst.metrics[RTAX_MTU-1] = ipv6_get_mtu(rt->rt6i_dev); 939 rt->u.dst.metrics[RTAX_ADVMSS-1] = ipv6_advmss(dst_mtu(&rt->u.dst)); 940 rt->u.dst.output = output; 941 942 #if 0 /* there's no chance to use these for ndisc */ 943 rt->u.dst.flags = ipv6_addr_type(addr) & IPV6_ADDR_UNICAST 944 ? DST_HOST 945 : 0; 946 ipv6_addr_copy(&rt->rt6i_dst.addr, addr); 947 rt->rt6i_dst.plen = 128; 948 #endif 949 950 spin_lock_bh(&ndisc_lock); 951 rt->u.dst.next = ndisc_dst_gc_list; 952 ndisc_dst_gc_list = &rt->u.dst; 953 spin_unlock_bh(&ndisc_lock); 954 955 fib6_force_start_gc(); 956 957 out: 958 return &rt->u.dst; 959 } 960 961 int ndisc_dst_gc(int *more) 962 { 963 struct dst_entry *dst, *next, **pprev; 964 int freed; 965 966 next = NULL; 967 freed = 0; 968 969 spin_lock_bh(&ndisc_lock); 970 pprev = &ndisc_dst_gc_list; 971 972 while ((dst = *pprev) != NULL) { 973 if (!atomic_read(&dst->__refcnt)) { 974 *pprev = dst->next; 975 dst_free(dst); 976 freed++; 977 } else { 978 pprev = &dst->next; 979 (*more)++; 980 } 981 } 982 983 spin_unlock_bh(&ndisc_lock); 984 985 return freed; 986 } 987 988 static int ip6_dst_gc(struct dst_ops *ops) 989 { 990 static unsigned expire = 30*HZ; 991 static unsigned long last_gc; 992 unsigned long now = jiffies; 993 994 if (time_after(last_gc + init_net.ipv6.sysctl.ip6_rt_gc_min_interval, now) && 995 atomic_read(&ip6_dst_ops.entries) <= init_net.ipv6.sysctl.ip6_rt_max_size) 996 goto out; 997 998 expire++; 999 fib6_run_gc(expire); 1000 last_gc = now; 1001 if (atomic_read(&ip6_dst_ops.entries) < ip6_dst_ops.gc_thresh) 1002 expire = init_net.ipv6.sysctl.ip6_rt_gc_timeout>>1; 1003 1004 out: 1005 expire -= expire>>init_net.ipv6.sysctl.ip6_rt_gc_elasticity; 1006 return (atomic_read(&ip6_dst_ops.entries) > init_net.ipv6.sysctl.ip6_rt_max_size); 1007 } 1008 1009 /* Clean host part of a prefix. Not necessary in radix tree, 1010 but results in cleaner routing tables. 1011 1012 Remove it only when all the things will work! 1013 */ 1014 1015 static int ipv6_get_mtu(struct net_device *dev) 1016 { 1017 int mtu = IPV6_MIN_MTU; 1018 struct inet6_dev *idev; 1019 1020 idev = in6_dev_get(dev); 1021 if (idev) { 1022 mtu = idev->cnf.mtu6; 1023 in6_dev_put(idev); 1024 } 1025 return mtu; 1026 } 1027 1028 int ipv6_get_hoplimit(struct net_device *dev) 1029 { 1030 int hoplimit = ipv6_devconf.hop_limit; 1031 struct inet6_dev *idev; 1032 1033 idev = in6_dev_get(dev); 1034 if (idev) { 1035 hoplimit = idev->cnf.hop_limit; 1036 in6_dev_put(idev); 1037 } 1038 return hoplimit; 1039 } 1040 1041 /* 1042 * 1043 */ 1044 1045 int ip6_route_add(struct fib6_config *cfg) 1046 { 1047 int err; 1048 struct rt6_info *rt = NULL; 1049 struct net_device *dev = NULL; 1050 struct inet6_dev *idev = NULL; 1051 struct fib6_table *table; 1052 int addr_type; 1053 1054 if (cfg->fc_dst_len > 128 || cfg->fc_src_len > 128) 1055 return -EINVAL; 1056 #ifndef CONFIG_IPV6_SUBTREES 1057 if (cfg->fc_src_len) 1058 return -EINVAL; 1059 #endif 1060 if (cfg->fc_ifindex) { 1061 err = -ENODEV; 1062 dev = dev_get_by_index(&init_net, cfg->fc_ifindex); 1063 if (!dev) 1064 goto out; 1065 idev = in6_dev_get(dev); 1066 if (!idev) 1067 goto out; 1068 } 1069 1070 if (cfg->fc_metric == 0) 1071 cfg->fc_metric = IP6_RT_PRIO_USER; 1072 1073 table = fib6_new_table(cfg->fc_table); 1074 if (table == NULL) { 1075 err = -ENOBUFS; 1076 goto out; 1077 } 1078 1079 rt = ip6_dst_alloc(); 1080 1081 if (rt == NULL) { 1082 err = -ENOMEM; 1083 goto out; 1084 } 1085 1086 rt->u.dst.obsolete = -1; 1087 rt->rt6i_expires = jiffies + clock_t_to_jiffies(cfg->fc_expires); 1088 1089 if (cfg->fc_protocol == RTPROT_UNSPEC) 1090 cfg->fc_protocol = RTPROT_BOOT; 1091 rt->rt6i_protocol = cfg->fc_protocol; 1092 1093 addr_type = ipv6_addr_type(&cfg->fc_dst); 1094 1095 if (addr_type & IPV6_ADDR_MULTICAST) 1096 rt->u.dst.input = ip6_mc_input; 1097 else 1098 rt->u.dst.input = ip6_forward; 1099 1100 rt->u.dst.output = ip6_output; 1101 1102 ipv6_addr_prefix(&rt->rt6i_dst.addr, &cfg->fc_dst, cfg->fc_dst_len); 1103 rt->rt6i_dst.plen = cfg->fc_dst_len; 1104 if (rt->rt6i_dst.plen == 128) 1105 rt->u.dst.flags = DST_HOST; 1106 1107 #ifdef CONFIG_IPV6_SUBTREES 1108 ipv6_addr_prefix(&rt->rt6i_src.addr, &cfg->fc_src, cfg->fc_src_len); 1109 rt->rt6i_src.plen = cfg->fc_src_len; 1110 #endif 1111 1112 rt->rt6i_metric = cfg->fc_metric; 1113 1114 /* We cannot add true routes via loopback here, 1115 they would result in kernel looping; promote them to reject routes 1116 */ 1117 if ((cfg->fc_flags & RTF_REJECT) || 1118 (dev && (dev->flags&IFF_LOOPBACK) && !(addr_type&IPV6_ADDR_LOOPBACK))) { 1119 /* hold loopback dev/idev if we haven't done so. */ 1120 if (dev != init_net.loopback_dev) { 1121 if (dev) { 1122 dev_put(dev); 1123 in6_dev_put(idev); 1124 } 1125 dev = init_net.loopback_dev; 1126 dev_hold(dev); 1127 idev = in6_dev_get(dev); 1128 if (!idev) { 1129 err = -ENODEV; 1130 goto out; 1131 } 1132 } 1133 rt->u.dst.output = ip6_pkt_discard_out; 1134 rt->u.dst.input = ip6_pkt_discard; 1135 rt->u.dst.error = -ENETUNREACH; 1136 rt->rt6i_flags = RTF_REJECT|RTF_NONEXTHOP; 1137 goto install_route; 1138 } 1139 1140 if (cfg->fc_flags & RTF_GATEWAY) { 1141 struct in6_addr *gw_addr; 1142 int gwa_type; 1143 1144 gw_addr = &cfg->fc_gateway; 1145 ipv6_addr_copy(&rt->rt6i_gateway, gw_addr); 1146 gwa_type = ipv6_addr_type(gw_addr); 1147 1148 if (gwa_type != (IPV6_ADDR_LINKLOCAL|IPV6_ADDR_UNICAST)) { 1149 struct rt6_info *grt; 1150 1151 /* IPv6 strictly inhibits using not link-local 1152 addresses as nexthop address. 1153 Otherwise, router will not able to send redirects. 1154 It is very good, but in some (rare!) circumstances 1155 (SIT, PtP, NBMA NOARP links) it is handy to allow 1156 some exceptions. --ANK 1157 */ 1158 err = -EINVAL; 1159 if (!(gwa_type&IPV6_ADDR_UNICAST)) 1160 goto out; 1161 1162 grt = rt6_lookup(gw_addr, NULL, cfg->fc_ifindex, 1); 1163 1164 err = -EHOSTUNREACH; 1165 if (grt == NULL) 1166 goto out; 1167 if (dev) { 1168 if (dev != grt->rt6i_dev) { 1169 dst_release(&grt->u.dst); 1170 goto out; 1171 } 1172 } else { 1173 dev = grt->rt6i_dev; 1174 idev = grt->rt6i_idev; 1175 dev_hold(dev); 1176 in6_dev_hold(grt->rt6i_idev); 1177 } 1178 if (!(grt->rt6i_flags&RTF_GATEWAY)) 1179 err = 0; 1180 dst_release(&grt->u.dst); 1181 1182 if (err) 1183 goto out; 1184 } 1185 err = -EINVAL; 1186 if (dev == NULL || (dev->flags&IFF_LOOPBACK)) 1187 goto out; 1188 } 1189 1190 err = -ENODEV; 1191 if (dev == NULL) 1192 goto out; 1193 1194 if (cfg->fc_flags & (RTF_GATEWAY | RTF_NONEXTHOP)) { 1195 rt->rt6i_nexthop = __neigh_lookup_errno(&nd_tbl, &rt->rt6i_gateway, dev); 1196 if (IS_ERR(rt->rt6i_nexthop)) { 1197 err = PTR_ERR(rt->rt6i_nexthop); 1198 rt->rt6i_nexthop = NULL; 1199 goto out; 1200 } 1201 } 1202 1203 rt->rt6i_flags = cfg->fc_flags; 1204 1205 install_route: 1206 if (cfg->fc_mx) { 1207 struct nlattr *nla; 1208 int remaining; 1209 1210 nla_for_each_attr(nla, cfg->fc_mx, cfg->fc_mx_len, remaining) { 1211 int type = nla_type(nla); 1212 1213 if (type) { 1214 if (type > RTAX_MAX) { 1215 err = -EINVAL; 1216 goto out; 1217 } 1218 1219 rt->u.dst.metrics[type - 1] = nla_get_u32(nla); 1220 } 1221 } 1222 } 1223 1224 if (rt->u.dst.metrics[RTAX_HOPLIMIT-1] == 0) 1225 rt->u.dst.metrics[RTAX_HOPLIMIT-1] = -1; 1226 if (!rt->u.dst.metrics[RTAX_MTU-1]) 1227 rt->u.dst.metrics[RTAX_MTU-1] = ipv6_get_mtu(dev); 1228 if (!rt->u.dst.metrics[RTAX_ADVMSS-1]) 1229 rt->u.dst.metrics[RTAX_ADVMSS-1] = ipv6_advmss(dst_mtu(&rt->u.dst)); 1230 rt->u.dst.dev = dev; 1231 rt->rt6i_idev = idev; 1232 rt->rt6i_table = table; 1233 return __ip6_ins_rt(rt, &cfg->fc_nlinfo); 1234 1235 out: 1236 if (dev) 1237 dev_put(dev); 1238 if (idev) 1239 in6_dev_put(idev); 1240 if (rt) 1241 dst_free(&rt->u.dst); 1242 return err; 1243 } 1244 1245 static int __ip6_del_rt(struct rt6_info *rt, struct nl_info *info) 1246 { 1247 int err; 1248 struct fib6_table *table; 1249 1250 if (rt == &ip6_null_entry) 1251 return -ENOENT; 1252 1253 table = rt->rt6i_table; 1254 write_lock_bh(&table->tb6_lock); 1255 1256 err = fib6_del(rt, info); 1257 dst_release(&rt->u.dst); 1258 1259 write_unlock_bh(&table->tb6_lock); 1260 1261 return err; 1262 } 1263 1264 int ip6_del_rt(struct rt6_info *rt) 1265 { 1266 struct nl_info info = { 1267 .nl_net = &init_net, 1268 }; 1269 return __ip6_del_rt(rt, &info); 1270 } 1271 1272 static int ip6_route_del(struct fib6_config *cfg) 1273 { 1274 struct fib6_table *table; 1275 struct fib6_node *fn; 1276 struct rt6_info *rt; 1277 int err = -ESRCH; 1278 1279 table = fib6_get_table(cfg->fc_table); 1280 if (table == NULL) 1281 return err; 1282 1283 read_lock_bh(&table->tb6_lock); 1284 1285 fn = fib6_locate(&table->tb6_root, 1286 &cfg->fc_dst, cfg->fc_dst_len, 1287 &cfg->fc_src, cfg->fc_src_len); 1288 1289 if (fn) { 1290 for (rt = fn->leaf; rt; rt = rt->u.dst.rt6_next) { 1291 if (cfg->fc_ifindex && 1292 (rt->rt6i_dev == NULL || 1293 rt->rt6i_dev->ifindex != cfg->fc_ifindex)) 1294 continue; 1295 if (cfg->fc_flags & RTF_GATEWAY && 1296 !ipv6_addr_equal(&cfg->fc_gateway, &rt->rt6i_gateway)) 1297 continue; 1298 if (cfg->fc_metric && cfg->fc_metric != rt->rt6i_metric) 1299 continue; 1300 dst_hold(&rt->u.dst); 1301 read_unlock_bh(&table->tb6_lock); 1302 1303 return __ip6_del_rt(rt, &cfg->fc_nlinfo); 1304 } 1305 } 1306 read_unlock_bh(&table->tb6_lock); 1307 1308 return err; 1309 } 1310 1311 /* 1312 * Handle redirects 1313 */ 1314 struct ip6rd_flowi { 1315 struct flowi fl; 1316 struct in6_addr gateway; 1317 }; 1318 1319 static struct rt6_info *__ip6_route_redirect(struct fib6_table *table, 1320 struct flowi *fl, 1321 int flags) 1322 { 1323 struct ip6rd_flowi *rdfl = (struct ip6rd_flowi *)fl; 1324 struct rt6_info *rt; 1325 struct fib6_node *fn; 1326 1327 /* 1328 * Get the "current" route for this destination and 1329 * check if the redirect has come from approriate router. 1330 * 1331 * RFC 2461 specifies that redirects should only be 1332 * accepted if they come from the nexthop to the target. 1333 * Due to the way the routes are chosen, this notion 1334 * is a bit fuzzy and one might need to check all possible 1335 * routes. 1336 */ 1337 1338 read_lock_bh(&table->tb6_lock); 1339 fn = fib6_lookup(&table->tb6_root, &fl->fl6_dst, &fl->fl6_src); 1340 restart: 1341 for (rt = fn->leaf; rt; rt = rt->u.dst.rt6_next) { 1342 /* 1343 * Current route is on-link; redirect is always invalid. 1344 * 1345 * Seems, previous statement is not true. It could 1346 * be node, which looks for us as on-link (f.e. proxy ndisc) 1347 * But then router serving it might decide, that we should 1348 * know truth 8)8) --ANK (980726). 1349 */ 1350 if (rt6_check_expired(rt)) 1351 continue; 1352 if (!(rt->rt6i_flags & RTF_GATEWAY)) 1353 continue; 1354 if (fl->oif != rt->rt6i_dev->ifindex) 1355 continue; 1356 if (!ipv6_addr_equal(&rdfl->gateway, &rt->rt6i_gateway)) 1357 continue; 1358 break; 1359 } 1360 1361 if (!rt) 1362 rt = &ip6_null_entry; 1363 BACKTRACK(&fl->fl6_src); 1364 out: 1365 dst_hold(&rt->u.dst); 1366 1367 read_unlock_bh(&table->tb6_lock); 1368 1369 return rt; 1370 }; 1371 1372 static struct rt6_info *ip6_route_redirect(struct in6_addr *dest, 1373 struct in6_addr *src, 1374 struct in6_addr *gateway, 1375 struct net_device *dev) 1376 { 1377 int flags = RT6_LOOKUP_F_HAS_SADDR; 1378 struct ip6rd_flowi rdfl = { 1379 .fl = { 1380 .oif = dev->ifindex, 1381 .nl_u = { 1382 .ip6_u = { 1383 .daddr = *dest, 1384 .saddr = *src, 1385 }, 1386 }, 1387 }, 1388 .gateway = *gateway, 1389 }; 1390 1391 if (rt6_need_strict(dest)) 1392 flags |= RT6_LOOKUP_F_IFACE; 1393 1394 return (struct rt6_info *)fib6_rule_lookup((struct flowi *)&rdfl, flags, __ip6_route_redirect); 1395 } 1396 1397 void rt6_redirect(struct in6_addr *dest, struct in6_addr *src, 1398 struct in6_addr *saddr, 1399 struct neighbour *neigh, u8 *lladdr, int on_link) 1400 { 1401 struct rt6_info *rt, *nrt = NULL; 1402 struct netevent_redirect netevent; 1403 1404 rt = ip6_route_redirect(dest, src, saddr, neigh->dev); 1405 1406 if (rt == &ip6_null_entry) { 1407 if (net_ratelimit()) 1408 printk(KERN_DEBUG "rt6_redirect: source isn't a valid nexthop " 1409 "for redirect target\n"); 1410 goto out; 1411 } 1412 1413 /* 1414 * We have finally decided to accept it. 1415 */ 1416 1417 neigh_update(neigh, lladdr, NUD_STALE, 1418 NEIGH_UPDATE_F_WEAK_OVERRIDE| 1419 NEIGH_UPDATE_F_OVERRIDE| 1420 (on_link ? 0 : (NEIGH_UPDATE_F_OVERRIDE_ISROUTER| 1421 NEIGH_UPDATE_F_ISROUTER)) 1422 ); 1423 1424 /* 1425 * Redirect received -> path was valid. 1426 * Look, redirects are sent only in response to data packets, 1427 * so that this nexthop apparently is reachable. --ANK 1428 */ 1429 dst_confirm(&rt->u.dst); 1430 1431 /* Duplicate redirect: silently ignore. */ 1432 if (neigh == rt->u.dst.neighbour) 1433 goto out; 1434 1435 nrt = ip6_rt_copy(rt); 1436 if (nrt == NULL) 1437 goto out; 1438 1439 nrt->rt6i_flags = RTF_GATEWAY|RTF_UP|RTF_DYNAMIC|RTF_CACHE; 1440 if (on_link) 1441 nrt->rt6i_flags &= ~RTF_GATEWAY; 1442 1443 ipv6_addr_copy(&nrt->rt6i_dst.addr, dest); 1444 nrt->rt6i_dst.plen = 128; 1445 nrt->u.dst.flags |= DST_HOST; 1446 1447 ipv6_addr_copy(&nrt->rt6i_gateway, (struct in6_addr*)neigh->primary_key); 1448 nrt->rt6i_nexthop = neigh_clone(neigh); 1449 /* Reset pmtu, it may be better */ 1450 nrt->u.dst.metrics[RTAX_MTU-1] = ipv6_get_mtu(neigh->dev); 1451 nrt->u.dst.metrics[RTAX_ADVMSS-1] = ipv6_advmss(dst_mtu(&nrt->u.dst)); 1452 1453 if (ip6_ins_rt(nrt)) 1454 goto out; 1455 1456 netevent.old = &rt->u.dst; 1457 netevent.new = &nrt->u.dst; 1458 call_netevent_notifiers(NETEVENT_REDIRECT, &netevent); 1459 1460 if (rt->rt6i_flags&RTF_CACHE) { 1461 ip6_del_rt(rt); 1462 return; 1463 } 1464 1465 out: 1466 dst_release(&rt->u.dst); 1467 return; 1468 } 1469 1470 /* 1471 * Handle ICMP "packet too big" messages 1472 * i.e. Path MTU discovery 1473 */ 1474 1475 void rt6_pmtu_discovery(struct in6_addr *daddr, struct in6_addr *saddr, 1476 struct net_device *dev, u32 pmtu) 1477 { 1478 struct rt6_info *rt, *nrt; 1479 int allfrag = 0; 1480 1481 rt = rt6_lookup(daddr, saddr, dev->ifindex, 0); 1482 if (rt == NULL) 1483 return; 1484 1485 if (pmtu >= dst_mtu(&rt->u.dst)) 1486 goto out; 1487 1488 if (pmtu < IPV6_MIN_MTU) { 1489 /* 1490 * According to RFC2460, PMTU is set to the IPv6 Minimum Link 1491 * MTU (1280) and a fragment header should always be included 1492 * after a node receiving Too Big message reporting PMTU is 1493 * less than the IPv6 Minimum Link MTU. 1494 */ 1495 pmtu = IPV6_MIN_MTU; 1496 allfrag = 1; 1497 } 1498 1499 /* New mtu received -> path was valid. 1500 They are sent only in response to data packets, 1501 so that this nexthop apparently is reachable. --ANK 1502 */ 1503 dst_confirm(&rt->u.dst); 1504 1505 /* Host route. If it is static, it would be better 1506 not to override it, but add new one, so that 1507 when cache entry will expire old pmtu 1508 would return automatically. 1509 */ 1510 if (rt->rt6i_flags & RTF_CACHE) { 1511 rt->u.dst.metrics[RTAX_MTU-1] = pmtu; 1512 if (allfrag) 1513 rt->u.dst.metrics[RTAX_FEATURES-1] |= RTAX_FEATURE_ALLFRAG; 1514 dst_set_expires(&rt->u.dst, init_net.ipv6.sysctl.ip6_rt_mtu_expires); 1515 rt->rt6i_flags |= RTF_MODIFIED|RTF_EXPIRES; 1516 goto out; 1517 } 1518 1519 /* Network route. 1520 Two cases are possible: 1521 1. It is connected route. Action: COW 1522 2. It is gatewayed route or NONEXTHOP route. Action: clone it. 1523 */ 1524 if (!rt->rt6i_nexthop && !(rt->rt6i_flags & RTF_NONEXTHOP)) 1525 nrt = rt6_alloc_cow(rt, daddr, saddr); 1526 else 1527 nrt = rt6_alloc_clone(rt, daddr); 1528 1529 if (nrt) { 1530 nrt->u.dst.metrics[RTAX_MTU-1] = pmtu; 1531 if (allfrag) 1532 nrt->u.dst.metrics[RTAX_FEATURES-1] |= RTAX_FEATURE_ALLFRAG; 1533 1534 /* According to RFC 1981, detecting PMTU increase shouldn't be 1535 * happened within 5 mins, the recommended timer is 10 mins. 1536 * Here this route expiration time is set to ip6_rt_mtu_expires 1537 * which is 10 mins. After 10 mins the decreased pmtu is expired 1538 * and detecting PMTU increase will be automatically happened. 1539 */ 1540 dst_set_expires(&nrt->u.dst, init_net.ipv6.sysctl.ip6_rt_mtu_expires); 1541 nrt->rt6i_flags |= RTF_DYNAMIC|RTF_EXPIRES; 1542 1543 ip6_ins_rt(nrt); 1544 } 1545 out: 1546 dst_release(&rt->u.dst); 1547 } 1548 1549 /* 1550 * Misc support functions 1551 */ 1552 1553 static struct rt6_info * ip6_rt_copy(struct rt6_info *ort) 1554 { 1555 struct rt6_info *rt = ip6_dst_alloc(); 1556 1557 if (rt) { 1558 rt->u.dst.input = ort->u.dst.input; 1559 rt->u.dst.output = ort->u.dst.output; 1560 1561 memcpy(rt->u.dst.metrics, ort->u.dst.metrics, RTAX_MAX*sizeof(u32)); 1562 rt->u.dst.error = ort->u.dst.error; 1563 rt->u.dst.dev = ort->u.dst.dev; 1564 if (rt->u.dst.dev) 1565 dev_hold(rt->u.dst.dev); 1566 rt->rt6i_idev = ort->rt6i_idev; 1567 if (rt->rt6i_idev) 1568 in6_dev_hold(rt->rt6i_idev); 1569 rt->u.dst.lastuse = jiffies; 1570 rt->rt6i_expires = 0; 1571 1572 ipv6_addr_copy(&rt->rt6i_gateway, &ort->rt6i_gateway); 1573 rt->rt6i_flags = ort->rt6i_flags & ~RTF_EXPIRES; 1574 rt->rt6i_metric = 0; 1575 1576 memcpy(&rt->rt6i_dst, &ort->rt6i_dst, sizeof(struct rt6key)); 1577 #ifdef CONFIG_IPV6_SUBTREES 1578 memcpy(&rt->rt6i_src, &ort->rt6i_src, sizeof(struct rt6key)); 1579 #endif 1580 rt->rt6i_table = ort->rt6i_table; 1581 } 1582 return rt; 1583 } 1584 1585 #ifdef CONFIG_IPV6_ROUTE_INFO 1586 static struct rt6_info *rt6_get_route_info(struct in6_addr *prefix, int prefixlen, 1587 struct in6_addr *gwaddr, int ifindex) 1588 { 1589 struct fib6_node *fn; 1590 struct rt6_info *rt = NULL; 1591 struct fib6_table *table; 1592 1593 table = fib6_get_table(RT6_TABLE_INFO); 1594 if (table == NULL) 1595 return NULL; 1596 1597 write_lock_bh(&table->tb6_lock); 1598 fn = fib6_locate(&table->tb6_root, prefix ,prefixlen, NULL, 0); 1599 if (!fn) 1600 goto out; 1601 1602 for (rt = fn->leaf; rt; rt = rt->u.dst.rt6_next) { 1603 if (rt->rt6i_dev->ifindex != ifindex) 1604 continue; 1605 if ((rt->rt6i_flags & (RTF_ROUTEINFO|RTF_GATEWAY)) != (RTF_ROUTEINFO|RTF_GATEWAY)) 1606 continue; 1607 if (!ipv6_addr_equal(&rt->rt6i_gateway, gwaddr)) 1608 continue; 1609 dst_hold(&rt->u.dst); 1610 break; 1611 } 1612 out: 1613 write_unlock_bh(&table->tb6_lock); 1614 return rt; 1615 } 1616 1617 static struct rt6_info *rt6_add_route_info(struct in6_addr *prefix, int prefixlen, 1618 struct in6_addr *gwaddr, int ifindex, 1619 unsigned pref) 1620 { 1621 struct fib6_config cfg = { 1622 .fc_table = RT6_TABLE_INFO, 1623 .fc_metric = IP6_RT_PRIO_USER, 1624 .fc_ifindex = ifindex, 1625 .fc_dst_len = prefixlen, 1626 .fc_flags = RTF_GATEWAY | RTF_ADDRCONF | RTF_ROUTEINFO | 1627 RTF_UP | RTF_PREF(pref), 1628 }; 1629 1630 ipv6_addr_copy(&cfg.fc_dst, prefix); 1631 ipv6_addr_copy(&cfg.fc_gateway, gwaddr); 1632 1633 /* We should treat it as a default route if prefix length is 0. */ 1634 if (!prefixlen) 1635 cfg.fc_flags |= RTF_DEFAULT; 1636 1637 ip6_route_add(&cfg); 1638 1639 return rt6_get_route_info(prefix, prefixlen, gwaddr, ifindex); 1640 } 1641 #endif 1642 1643 struct rt6_info *rt6_get_dflt_router(struct in6_addr *addr, struct net_device *dev) 1644 { 1645 struct rt6_info *rt; 1646 struct fib6_table *table; 1647 1648 table = fib6_get_table(RT6_TABLE_DFLT); 1649 if (table == NULL) 1650 return NULL; 1651 1652 write_lock_bh(&table->tb6_lock); 1653 for (rt = table->tb6_root.leaf; rt; rt=rt->u.dst.rt6_next) { 1654 if (dev == rt->rt6i_dev && 1655 ((rt->rt6i_flags & (RTF_ADDRCONF | RTF_DEFAULT)) == (RTF_ADDRCONF | RTF_DEFAULT)) && 1656 ipv6_addr_equal(&rt->rt6i_gateway, addr)) 1657 break; 1658 } 1659 if (rt) 1660 dst_hold(&rt->u.dst); 1661 write_unlock_bh(&table->tb6_lock); 1662 return rt; 1663 } 1664 1665 EXPORT_SYMBOL(rt6_get_dflt_router); 1666 1667 struct rt6_info *rt6_add_dflt_router(struct in6_addr *gwaddr, 1668 struct net_device *dev, 1669 unsigned int pref) 1670 { 1671 struct fib6_config cfg = { 1672 .fc_table = RT6_TABLE_DFLT, 1673 .fc_metric = IP6_RT_PRIO_USER, 1674 .fc_ifindex = dev->ifindex, 1675 .fc_flags = RTF_GATEWAY | RTF_ADDRCONF | RTF_DEFAULT | 1676 RTF_UP | RTF_EXPIRES | RTF_PREF(pref), 1677 }; 1678 1679 ipv6_addr_copy(&cfg.fc_gateway, gwaddr); 1680 1681 ip6_route_add(&cfg); 1682 1683 return rt6_get_dflt_router(gwaddr, dev); 1684 } 1685 1686 void rt6_purge_dflt_routers(void) 1687 { 1688 struct rt6_info *rt; 1689 struct fib6_table *table; 1690 1691 /* NOTE: Keep consistent with rt6_get_dflt_router */ 1692 table = fib6_get_table(RT6_TABLE_DFLT); 1693 if (table == NULL) 1694 return; 1695 1696 restart: 1697 read_lock_bh(&table->tb6_lock); 1698 for (rt = table->tb6_root.leaf; rt; rt = rt->u.dst.rt6_next) { 1699 if (rt->rt6i_flags & (RTF_DEFAULT | RTF_ADDRCONF)) { 1700 dst_hold(&rt->u.dst); 1701 read_unlock_bh(&table->tb6_lock); 1702 ip6_del_rt(rt); 1703 goto restart; 1704 } 1705 } 1706 read_unlock_bh(&table->tb6_lock); 1707 } 1708 1709 static void rtmsg_to_fib6_config(struct in6_rtmsg *rtmsg, 1710 struct fib6_config *cfg) 1711 { 1712 memset(cfg, 0, sizeof(*cfg)); 1713 1714 cfg->fc_table = RT6_TABLE_MAIN; 1715 cfg->fc_ifindex = rtmsg->rtmsg_ifindex; 1716 cfg->fc_metric = rtmsg->rtmsg_metric; 1717 cfg->fc_expires = rtmsg->rtmsg_info; 1718 cfg->fc_dst_len = rtmsg->rtmsg_dst_len; 1719 cfg->fc_src_len = rtmsg->rtmsg_src_len; 1720 cfg->fc_flags = rtmsg->rtmsg_flags; 1721 1722 cfg->fc_nlinfo.nl_net = &init_net; 1723 1724 ipv6_addr_copy(&cfg->fc_dst, &rtmsg->rtmsg_dst); 1725 ipv6_addr_copy(&cfg->fc_src, &rtmsg->rtmsg_src); 1726 ipv6_addr_copy(&cfg->fc_gateway, &rtmsg->rtmsg_gateway); 1727 } 1728 1729 int ipv6_route_ioctl(unsigned int cmd, void __user *arg) 1730 { 1731 struct fib6_config cfg; 1732 struct in6_rtmsg rtmsg; 1733 int err; 1734 1735 switch(cmd) { 1736 case SIOCADDRT: /* Add a route */ 1737 case SIOCDELRT: /* Delete a route */ 1738 if (!capable(CAP_NET_ADMIN)) 1739 return -EPERM; 1740 err = copy_from_user(&rtmsg, arg, 1741 sizeof(struct in6_rtmsg)); 1742 if (err) 1743 return -EFAULT; 1744 1745 rtmsg_to_fib6_config(&rtmsg, &cfg); 1746 1747 rtnl_lock(); 1748 switch (cmd) { 1749 case SIOCADDRT: 1750 err = ip6_route_add(&cfg); 1751 break; 1752 case SIOCDELRT: 1753 err = ip6_route_del(&cfg); 1754 break; 1755 default: 1756 err = -EINVAL; 1757 } 1758 rtnl_unlock(); 1759 1760 return err; 1761 } 1762 1763 return -EINVAL; 1764 } 1765 1766 /* 1767 * Drop the packet on the floor 1768 */ 1769 1770 static int ip6_pkt_drop(struct sk_buff *skb, int code, int ipstats_mib_noroutes) 1771 { 1772 int type; 1773 switch (ipstats_mib_noroutes) { 1774 case IPSTATS_MIB_INNOROUTES: 1775 type = ipv6_addr_type(&ipv6_hdr(skb)->daddr); 1776 if (type == IPV6_ADDR_ANY || type == IPV6_ADDR_RESERVED) { 1777 IP6_INC_STATS(ip6_dst_idev(skb->dst), IPSTATS_MIB_INADDRERRORS); 1778 break; 1779 } 1780 /* FALLTHROUGH */ 1781 case IPSTATS_MIB_OUTNOROUTES: 1782 IP6_INC_STATS(ip6_dst_idev(skb->dst), ipstats_mib_noroutes); 1783 break; 1784 } 1785 icmpv6_send(skb, ICMPV6_DEST_UNREACH, code, 0, skb->dev); 1786 kfree_skb(skb); 1787 return 0; 1788 } 1789 1790 static int ip6_pkt_discard(struct sk_buff *skb) 1791 { 1792 return ip6_pkt_drop(skb, ICMPV6_NOROUTE, IPSTATS_MIB_INNOROUTES); 1793 } 1794 1795 static int ip6_pkt_discard_out(struct sk_buff *skb) 1796 { 1797 skb->dev = skb->dst->dev; 1798 return ip6_pkt_drop(skb, ICMPV6_NOROUTE, IPSTATS_MIB_OUTNOROUTES); 1799 } 1800 1801 #ifdef CONFIG_IPV6_MULTIPLE_TABLES 1802 1803 static int ip6_pkt_prohibit(struct sk_buff *skb) 1804 { 1805 return ip6_pkt_drop(skb, ICMPV6_ADM_PROHIBITED, IPSTATS_MIB_INNOROUTES); 1806 } 1807 1808 static int ip6_pkt_prohibit_out(struct sk_buff *skb) 1809 { 1810 skb->dev = skb->dst->dev; 1811 return ip6_pkt_drop(skb, ICMPV6_ADM_PROHIBITED, IPSTATS_MIB_OUTNOROUTES); 1812 } 1813 1814 #endif 1815 1816 /* 1817 * Allocate a dst for local (unicast / anycast) address. 1818 */ 1819 1820 struct rt6_info *addrconf_dst_alloc(struct inet6_dev *idev, 1821 const struct in6_addr *addr, 1822 int anycast) 1823 { 1824 struct rt6_info *rt = ip6_dst_alloc(); 1825 1826 if (rt == NULL) 1827 return ERR_PTR(-ENOMEM); 1828 1829 dev_hold(init_net.loopback_dev); 1830 in6_dev_hold(idev); 1831 1832 rt->u.dst.flags = DST_HOST; 1833 rt->u.dst.input = ip6_input; 1834 rt->u.dst.output = ip6_output; 1835 rt->rt6i_dev = init_net.loopback_dev; 1836 rt->rt6i_idev = idev; 1837 rt->u.dst.metrics[RTAX_MTU-1] = ipv6_get_mtu(rt->rt6i_dev); 1838 rt->u.dst.metrics[RTAX_ADVMSS-1] = ipv6_advmss(dst_mtu(&rt->u.dst)); 1839 rt->u.dst.metrics[RTAX_HOPLIMIT-1] = -1; 1840 rt->u.dst.obsolete = -1; 1841 1842 rt->rt6i_flags = RTF_UP | RTF_NONEXTHOP; 1843 if (anycast) 1844 rt->rt6i_flags |= RTF_ANYCAST; 1845 else 1846 rt->rt6i_flags |= RTF_LOCAL; 1847 rt->rt6i_nexthop = ndisc_get_neigh(rt->rt6i_dev, &rt->rt6i_gateway); 1848 if (rt->rt6i_nexthop == NULL) { 1849 dst_free(&rt->u.dst); 1850 return ERR_PTR(-ENOMEM); 1851 } 1852 1853 ipv6_addr_copy(&rt->rt6i_dst.addr, addr); 1854 rt->rt6i_dst.plen = 128; 1855 rt->rt6i_table = fib6_get_table(RT6_TABLE_LOCAL); 1856 1857 atomic_set(&rt->u.dst.__refcnt, 1); 1858 1859 return rt; 1860 } 1861 1862 static int fib6_ifdown(struct rt6_info *rt, void *arg) 1863 { 1864 if (((void*)rt->rt6i_dev == arg || arg == NULL) && 1865 rt != &ip6_null_entry) { 1866 RT6_TRACE("deleted by ifdown %p\n", rt); 1867 return -1; 1868 } 1869 return 0; 1870 } 1871 1872 void rt6_ifdown(struct net_device *dev) 1873 { 1874 fib6_clean_all(fib6_ifdown, 0, dev); 1875 } 1876 1877 struct rt6_mtu_change_arg 1878 { 1879 struct net_device *dev; 1880 unsigned mtu; 1881 }; 1882 1883 static int rt6_mtu_change_route(struct rt6_info *rt, void *p_arg) 1884 { 1885 struct rt6_mtu_change_arg *arg = (struct rt6_mtu_change_arg *) p_arg; 1886 struct inet6_dev *idev; 1887 1888 /* In IPv6 pmtu discovery is not optional, 1889 so that RTAX_MTU lock cannot disable it. 1890 We still use this lock to block changes 1891 caused by addrconf/ndisc. 1892 */ 1893 1894 idev = __in6_dev_get(arg->dev); 1895 if (idev == NULL) 1896 return 0; 1897 1898 /* For administrative MTU increase, there is no way to discover 1899 IPv6 PMTU increase, so PMTU increase should be updated here. 1900 Since RFC 1981 doesn't include administrative MTU increase 1901 update PMTU increase is a MUST. (i.e. jumbo frame) 1902 */ 1903 /* 1904 If new MTU is less than route PMTU, this new MTU will be the 1905 lowest MTU in the path, update the route PMTU to reflect PMTU 1906 decreases; if new MTU is greater than route PMTU, and the 1907 old MTU is the lowest MTU in the path, update the route PMTU 1908 to reflect the increase. In this case if the other nodes' MTU 1909 also have the lowest MTU, TOO BIG MESSAGE will be lead to 1910 PMTU discouvery. 1911 */ 1912 if (rt->rt6i_dev == arg->dev && 1913 !dst_metric_locked(&rt->u.dst, RTAX_MTU) && 1914 (dst_mtu(&rt->u.dst) >= arg->mtu || 1915 (dst_mtu(&rt->u.dst) < arg->mtu && 1916 dst_mtu(&rt->u.dst) == idev->cnf.mtu6))) { 1917 rt->u.dst.metrics[RTAX_MTU-1] = arg->mtu; 1918 rt->u.dst.metrics[RTAX_ADVMSS-1] = ipv6_advmss(arg->mtu); 1919 } 1920 return 0; 1921 } 1922 1923 void rt6_mtu_change(struct net_device *dev, unsigned mtu) 1924 { 1925 struct rt6_mtu_change_arg arg = { 1926 .dev = dev, 1927 .mtu = mtu, 1928 }; 1929 1930 fib6_clean_all(rt6_mtu_change_route, 0, &arg); 1931 } 1932 1933 static const struct nla_policy rtm_ipv6_policy[RTA_MAX+1] = { 1934 [RTA_GATEWAY] = { .len = sizeof(struct in6_addr) }, 1935 [RTA_OIF] = { .type = NLA_U32 }, 1936 [RTA_IIF] = { .type = NLA_U32 }, 1937 [RTA_PRIORITY] = { .type = NLA_U32 }, 1938 [RTA_METRICS] = { .type = NLA_NESTED }, 1939 }; 1940 1941 static int rtm_to_fib6_config(struct sk_buff *skb, struct nlmsghdr *nlh, 1942 struct fib6_config *cfg) 1943 { 1944 struct rtmsg *rtm; 1945 struct nlattr *tb[RTA_MAX+1]; 1946 int err; 1947 1948 err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_ipv6_policy); 1949 if (err < 0) 1950 goto errout; 1951 1952 err = -EINVAL; 1953 rtm = nlmsg_data(nlh); 1954 memset(cfg, 0, sizeof(*cfg)); 1955 1956 cfg->fc_table = rtm->rtm_table; 1957 cfg->fc_dst_len = rtm->rtm_dst_len; 1958 cfg->fc_src_len = rtm->rtm_src_len; 1959 cfg->fc_flags = RTF_UP; 1960 cfg->fc_protocol = rtm->rtm_protocol; 1961 1962 if (rtm->rtm_type == RTN_UNREACHABLE) 1963 cfg->fc_flags |= RTF_REJECT; 1964 1965 cfg->fc_nlinfo.pid = NETLINK_CB(skb).pid; 1966 cfg->fc_nlinfo.nlh = nlh; 1967 cfg->fc_nlinfo.nl_net = skb->sk->sk_net; 1968 1969 if (tb[RTA_GATEWAY]) { 1970 nla_memcpy(&cfg->fc_gateway, tb[RTA_GATEWAY], 16); 1971 cfg->fc_flags |= RTF_GATEWAY; 1972 } 1973 1974 if (tb[RTA_DST]) { 1975 int plen = (rtm->rtm_dst_len + 7) >> 3; 1976 1977 if (nla_len(tb[RTA_DST]) < plen) 1978 goto errout; 1979 1980 nla_memcpy(&cfg->fc_dst, tb[RTA_DST], plen); 1981 } 1982 1983 if (tb[RTA_SRC]) { 1984 int plen = (rtm->rtm_src_len + 7) >> 3; 1985 1986 if (nla_len(tb[RTA_SRC]) < plen) 1987 goto errout; 1988 1989 nla_memcpy(&cfg->fc_src, tb[RTA_SRC], plen); 1990 } 1991 1992 if (tb[RTA_OIF]) 1993 cfg->fc_ifindex = nla_get_u32(tb[RTA_OIF]); 1994 1995 if (tb[RTA_PRIORITY]) 1996 cfg->fc_metric = nla_get_u32(tb[RTA_PRIORITY]); 1997 1998 if (tb[RTA_METRICS]) { 1999 cfg->fc_mx = nla_data(tb[RTA_METRICS]); 2000 cfg->fc_mx_len = nla_len(tb[RTA_METRICS]); 2001 } 2002 2003 if (tb[RTA_TABLE]) 2004 cfg->fc_table = nla_get_u32(tb[RTA_TABLE]); 2005 2006 err = 0; 2007 errout: 2008 return err; 2009 } 2010 2011 static int inet6_rtm_delroute(struct sk_buff *skb, struct nlmsghdr* nlh, void *arg) 2012 { 2013 struct net *net = skb->sk->sk_net; 2014 struct fib6_config cfg; 2015 int err; 2016 2017 if (net != &init_net) 2018 return -EINVAL; 2019 2020 err = rtm_to_fib6_config(skb, nlh, &cfg); 2021 if (err < 0) 2022 return err; 2023 2024 return ip6_route_del(&cfg); 2025 } 2026 2027 static int inet6_rtm_newroute(struct sk_buff *skb, struct nlmsghdr* nlh, void *arg) 2028 { 2029 struct net *net = skb->sk->sk_net; 2030 struct fib6_config cfg; 2031 int err; 2032 2033 if (net != &init_net) 2034 return -EINVAL; 2035 2036 err = rtm_to_fib6_config(skb, nlh, &cfg); 2037 if (err < 0) 2038 return err; 2039 2040 return ip6_route_add(&cfg); 2041 } 2042 2043 static inline size_t rt6_nlmsg_size(void) 2044 { 2045 return NLMSG_ALIGN(sizeof(struct rtmsg)) 2046 + nla_total_size(16) /* RTA_SRC */ 2047 + nla_total_size(16) /* RTA_DST */ 2048 + nla_total_size(16) /* RTA_GATEWAY */ 2049 + nla_total_size(16) /* RTA_PREFSRC */ 2050 + nla_total_size(4) /* RTA_TABLE */ 2051 + nla_total_size(4) /* RTA_IIF */ 2052 + nla_total_size(4) /* RTA_OIF */ 2053 + nla_total_size(4) /* RTA_PRIORITY */ 2054 + RTAX_MAX * nla_total_size(4) /* RTA_METRICS */ 2055 + nla_total_size(sizeof(struct rta_cacheinfo)); 2056 } 2057 2058 static int rt6_fill_node(struct sk_buff *skb, struct rt6_info *rt, 2059 struct in6_addr *dst, struct in6_addr *src, 2060 int iif, int type, u32 pid, u32 seq, 2061 int prefix, unsigned int flags) 2062 { 2063 struct rtmsg *rtm; 2064 struct nlmsghdr *nlh; 2065 long expires; 2066 u32 table; 2067 2068 if (prefix) { /* user wants prefix routes only */ 2069 if (!(rt->rt6i_flags & RTF_PREFIX_RT)) { 2070 /* success since this is not a prefix route */ 2071 return 1; 2072 } 2073 } 2074 2075 nlh = nlmsg_put(skb, pid, seq, type, sizeof(*rtm), flags); 2076 if (nlh == NULL) 2077 return -EMSGSIZE; 2078 2079 rtm = nlmsg_data(nlh); 2080 rtm->rtm_family = AF_INET6; 2081 rtm->rtm_dst_len = rt->rt6i_dst.plen; 2082 rtm->rtm_src_len = rt->rt6i_src.plen; 2083 rtm->rtm_tos = 0; 2084 if (rt->rt6i_table) 2085 table = rt->rt6i_table->tb6_id; 2086 else 2087 table = RT6_TABLE_UNSPEC; 2088 rtm->rtm_table = table; 2089 NLA_PUT_U32(skb, RTA_TABLE, table); 2090 if (rt->rt6i_flags&RTF_REJECT) 2091 rtm->rtm_type = RTN_UNREACHABLE; 2092 else if (rt->rt6i_dev && (rt->rt6i_dev->flags&IFF_LOOPBACK)) 2093 rtm->rtm_type = RTN_LOCAL; 2094 else 2095 rtm->rtm_type = RTN_UNICAST; 2096 rtm->rtm_flags = 0; 2097 rtm->rtm_scope = RT_SCOPE_UNIVERSE; 2098 rtm->rtm_protocol = rt->rt6i_protocol; 2099 if (rt->rt6i_flags&RTF_DYNAMIC) 2100 rtm->rtm_protocol = RTPROT_REDIRECT; 2101 else if (rt->rt6i_flags & RTF_ADDRCONF) 2102 rtm->rtm_protocol = RTPROT_KERNEL; 2103 else if (rt->rt6i_flags&RTF_DEFAULT) 2104 rtm->rtm_protocol = RTPROT_RA; 2105 2106 if (rt->rt6i_flags&RTF_CACHE) 2107 rtm->rtm_flags |= RTM_F_CLONED; 2108 2109 if (dst) { 2110 NLA_PUT(skb, RTA_DST, 16, dst); 2111 rtm->rtm_dst_len = 128; 2112 } else if (rtm->rtm_dst_len) 2113 NLA_PUT(skb, RTA_DST, 16, &rt->rt6i_dst.addr); 2114 #ifdef CONFIG_IPV6_SUBTREES 2115 if (src) { 2116 NLA_PUT(skb, RTA_SRC, 16, src); 2117 rtm->rtm_src_len = 128; 2118 } else if (rtm->rtm_src_len) 2119 NLA_PUT(skb, RTA_SRC, 16, &rt->rt6i_src.addr); 2120 #endif 2121 if (iif) 2122 NLA_PUT_U32(skb, RTA_IIF, iif); 2123 else if (dst) { 2124 struct in6_addr saddr_buf; 2125 if (ipv6_get_saddr(&rt->u.dst, dst, &saddr_buf) == 0) 2126 NLA_PUT(skb, RTA_PREFSRC, 16, &saddr_buf); 2127 } 2128 2129 if (rtnetlink_put_metrics(skb, rt->u.dst.metrics) < 0) 2130 goto nla_put_failure; 2131 2132 if (rt->u.dst.neighbour) 2133 NLA_PUT(skb, RTA_GATEWAY, 16, &rt->u.dst.neighbour->primary_key); 2134 2135 if (rt->u.dst.dev) 2136 NLA_PUT_U32(skb, RTA_OIF, rt->rt6i_dev->ifindex); 2137 2138 NLA_PUT_U32(skb, RTA_PRIORITY, rt->rt6i_metric); 2139 2140 expires = rt->rt6i_expires ? rt->rt6i_expires - jiffies : 0; 2141 if (rtnl_put_cacheinfo(skb, &rt->u.dst, 0, 0, 0, 2142 expires, rt->u.dst.error) < 0) 2143 goto nla_put_failure; 2144 2145 return nlmsg_end(skb, nlh); 2146 2147 nla_put_failure: 2148 nlmsg_cancel(skb, nlh); 2149 return -EMSGSIZE; 2150 } 2151 2152 int rt6_dump_route(struct rt6_info *rt, void *p_arg) 2153 { 2154 struct rt6_rtnl_dump_arg *arg = (struct rt6_rtnl_dump_arg *) p_arg; 2155 int prefix; 2156 2157 if (nlmsg_len(arg->cb->nlh) >= sizeof(struct rtmsg)) { 2158 struct rtmsg *rtm = nlmsg_data(arg->cb->nlh); 2159 prefix = (rtm->rtm_flags & RTM_F_PREFIX) != 0; 2160 } else 2161 prefix = 0; 2162 2163 return rt6_fill_node(arg->skb, rt, NULL, NULL, 0, RTM_NEWROUTE, 2164 NETLINK_CB(arg->cb->skb).pid, arg->cb->nlh->nlmsg_seq, 2165 prefix, NLM_F_MULTI); 2166 } 2167 2168 static int inet6_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr* nlh, void *arg) 2169 { 2170 struct net *net = in_skb->sk->sk_net; 2171 struct nlattr *tb[RTA_MAX+1]; 2172 struct rt6_info *rt; 2173 struct sk_buff *skb; 2174 struct rtmsg *rtm; 2175 struct flowi fl; 2176 int err, iif = 0; 2177 2178 if (net != &init_net) 2179 return -EINVAL; 2180 2181 err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_ipv6_policy); 2182 if (err < 0) 2183 goto errout; 2184 2185 err = -EINVAL; 2186 memset(&fl, 0, sizeof(fl)); 2187 2188 if (tb[RTA_SRC]) { 2189 if (nla_len(tb[RTA_SRC]) < sizeof(struct in6_addr)) 2190 goto errout; 2191 2192 ipv6_addr_copy(&fl.fl6_src, nla_data(tb[RTA_SRC])); 2193 } 2194 2195 if (tb[RTA_DST]) { 2196 if (nla_len(tb[RTA_DST]) < sizeof(struct in6_addr)) 2197 goto errout; 2198 2199 ipv6_addr_copy(&fl.fl6_dst, nla_data(tb[RTA_DST])); 2200 } 2201 2202 if (tb[RTA_IIF]) 2203 iif = nla_get_u32(tb[RTA_IIF]); 2204 2205 if (tb[RTA_OIF]) 2206 fl.oif = nla_get_u32(tb[RTA_OIF]); 2207 2208 if (iif) { 2209 struct net_device *dev; 2210 dev = __dev_get_by_index(&init_net, iif); 2211 if (!dev) { 2212 err = -ENODEV; 2213 goto errout; 2214 } 2215 } 2216 2217 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL); 2218 if (skb == NULL) { 2219 err = -ENOBUFS; 2220 goto errout; 2221 } 2222 2223 /* Reserve room for dummy headers, this skb can pass 2224 through good chunk of routing engine. 2225 */ 2226 skb_reset_mac_header(skb); 2227 skb_reserve(skb, MAX_HEADER + sizeof(struct ipv6hdr)); 2228 2229 rt = (struct rt6_info*) ip6_route_output(NULL, &fl); 2230 skb->dst = &rt->u.dst; 2231 2232 err = rt6_fill_node(skb, rt, &fl.fl6_dst, &fl.fl6_src, iif, 2233 RTM_NEWROUTE, NETLINK_CB(in_skb).pid, 2234 nlh->nlmsg_seq, 0, 0); 2235 if (err < 0) { 2236 kfree_skb(skb); 2237 goto errout; 2238 } 2239 2240 err = rtnl_unicast(skb, &init_net, NETLINK_CB(in_skb).pid); 2241 errout: 2242 return err; 2243 } 2244 2245 void inet6_rt_notify(int event, struct rt6_info *rt, struct nl_info *info) 2246 { 2247 struct sk_buff *skb; 2248 u32 seq; 2249 int err; 2250 2251 err = -ENOBUFS; 2252 seq = info->nlh != NULL ? info->nlh->nlmsg_seq : 0; 2253 2254 skb = nlmsg_new(rt6_nlmsg_size(), gfp_any()); 2255 if (skb == NULL) 2256 goto errout; 2257 2258 err = rt6_fill_node(skb, rt, NULL, NULL, 0, 2259 event, info->pid, seq, 0, 0); 2260 if (err < 0) { 2261 /* -EMSGSIZE implies BUG in rt6_nlmsg_size() */ 2262 WARN_ON(err == -EMSGSIZE); 2263 kfree_skb(skb); 2264 goto errout; 2265 } 2266 err = rtnl_notify(skb, &init_net, info->pid, 2267 RTNLGRP_IPV6_ROUTE, info->nlh, gfp_any()); 2268 errout: 2269 if (err < 0) 2270 rtnl_set_sk_err(&init_net, RTNLGRP_IPV6_ROUTE, err); 2271 } 2272 2273 /* 2274 * /proc 2275 */ 2276 2277 #ifdef CONFIG_PROC_FS 2278 2279 #define RT6_INFO_LEN (32 + 4 + 32 + 4 + 32 + 40 + 5 + 1) 2280 2281 struct rt6_proc_arg 2282 { 2283 char *buffer; 2284 int offset; 2285 int length; 2286 int skip; 2287 int len; 2288 }; 2289 2290 static int rt6_info_route(struct rt6_info *rt, void *p_arg) 2291 { 2292 struct seq_file *m = p_arg; 2293 2294 seq_printf(m, NIP6_SEQFMT " %02x ", NIP6(rt->rt6i_dst.addr), 2295 rt->rt6i_dst.plen); 2296 2297 #ifdef CONFIG_IPV6_SUBTREES 2298 seq_printf(m, NIP6_SEQFMT " %02x ", NIP6(rt->rt6i_src.addr), 2299 rt->rt6i_src.plen); 2300 #else 2301 seq_puts(m, "00000000000000000000000000000000 00 "); 2302 #endif 2303 2304 if (rt->rt6i_nexthop) { 2305 seq_printf(m, NIP6_SEQFMT, 2306 NIP6(*((struct in6_addr *)rt->rt6i_nexthop->primary_key))); 2307 } else { 2308 seq_puts(m, "00000000000000000000000000000000"); 2309 } 2310 seq_printf(m, " %08x %08x %08x %08x %8s\n", 2311 rt->rt6i_metric, atomic_read(&rt->u.dst.__refcnt), 2312 rt->u.dst.__use, rt->rt6i_flags, 2313 rt->rt6i_dev ? rt->rt6i_dev->name : ""); 2314 return 0; 2315 } 2316 2317 static int ipv6_route_show(struct seq_file *m, void *v) 2318 { 2319 fib6_clean_all(rt6_info_route, 0, m); 2320 return 0; 2321 } 2322 2323 static int ipv6_route_open(struct inode *inode, struct file *file) 2324 { 2325 return single_open(file, ipv6_route_show, NULL); 2326 } 2327 2328 static const struct file_operations ipv6_route_proc_fops = { 2329 .owner = THIS_MODULE, 2330 .open = ipv6_route_open, 2331 .read = seq_read, 2332 .llseek = seq_lseek, 2333 .release = single_release, 2334 }; 2335 2336 static int rt6_stats_seq_show(struct seq_file *seq, void *v) 2337 { 2338 seq_printf(seq, "%04x %04x %04x %04x %04x %04x %04x\n", 2339 rt6_stats.fib_nodes, rt6_stats.fib_route_nodes, 2340 rt6_stats.fib_rt_alloc, rt6_stats.fib_rt_entries, 2341 rt6_stats.fib_rt_cache, 2342 atomic_read(&ip6_dst_ops.entries), 2343 rt6_stats.fib_discarded_routes); 2344 2345 return 0; 2346 } 2347 2348 static int rt6_stats_seq_open(struct inode *inode, struct file *file) 2349 { 2350 return single_open(file, rt6_stats_seq_show, NULL); 2351 } 2352 2353 static const struct file_operations rt6_stats_seq_fops = { 2354 .owner = THIS_MODULE, 2355 .open = rt6_stats_seq_open, 2356 .read = seq_read, 2357 .llseek = seq_lseek, 2358 .release = single_release, 2359 }; 2360 2361 static int ipv6_route_proc_init(struct net *net) 2362 { 2363 int ret = -ENOMEM; 2364 if (!proc_net_fops_create(net, "ipv6_route", 2365 0, &ipv6_route_proc_fops)) 2366 goto out; 2367 2368 if (!proc_net_fops_create(net, "rt6_stats", 2369 S_IRUGO, &rt6_stats_seq_fops)) 2370 goto out_ipv6_route; 2371 2372 ret = 0; 2373 out: 2374 return ret; 2375 out_ipv6_route: 2376 proc_net_remove(net, "ipv6_route"); 2377 goto out; 2378 } 2379 2380 static void ipv6_route_proc_fini(struct net *net) 2381 { 2382 proc_net_remove(net, "ipv6_route"); 2383 proc_net_remove(net, "rt6_stats"); 2384 } 2385 #else 2386 static inline int ipv6_route_proc_init(struct net *net) 2387 { 2388 return 0; 2389 } 2390 static inline void ipv6_route_proc_fini(struct net *net) 2391 { 2392 return ; 2393 } 2394 #endif /* CONFIG_PROC_FS */ 2395 2396 #ifdef CONFIG_SYSCTL 2397 2398 static 2399 int ipv6_sysctl_rtcache_flush(ctl_table *ctl, int write, struct file * filp, 2400 void __user *buffer, size_t *lenp, loff_t *ppos) 2401 { 2402 int delay = init_net.ipv6.sysctl.flush_delay; 2403 if (write) { 2404 proc_dointvec(ctl, write, filp, buffer, lenp, ppos); 2405 fib6_run_gc(delay <= 0 ? ~0UL : (unsigned long)delay); 2406 return 0; 2407 } else 2408 return -EINVAL; 2409 } 2410 2411 ctl_table ipv6_route_table_template[] = { 2412 { 2413 .procname = "flush", 2414 .data = &init_net.ipv6.sysctl.flush_delay, 2415 .maxlen = sizeof(int), 2416 .mode = 0200, 2417 .proc_handler = &ipv6_sysctl_rtcache_flush 2418 }, 2419 { 2420 .ctl_name = NET_IPV6_ROUTE_GC_THRESH, 2421 .procname = "gc_thresh", 2422 .data = &ip6_dst_ops.gc_thresh, 2423 .maxlen = sizeof(int), 2424 .mode = 0644, 2425 .proc_handler = &proc_dointvec, 2426 }, 2427 { 2428 .ctl_name = NET_IPV6_ROUTE_MAX_SIZE, 2429 .procname = "max_size", 2430 .data = &init_net.ipv6.sysctl.ip6_rt_max_size, 2431 .maxlen = sizeof(int), 2432 .mode = 0644, 2433 .proc_handler = &proc_dointvec, 2434 }, 2435 { 2436 .ctl_name = NET_IPV6_ROUTE_GC_MIN_INTERVAL, 2437 .procname = "gc_min_interval", 2438 .data = &init_net.ipv6.sysctl.ip6_rt_gc_min_interval, 2439 .maxlen = sizeof(int), 2440 .mode = 0644, 2441 .proc_handler = &proc_dointvec_jiffies, 2442 .strategy = &sysctl_jiffies, 2443 }, 2444 { 2445 .ctl_name = NET_IPV6_ROUTE_GC_TIMEOUT, 2446 .procname = "gc_timeout", 2447 .data = &init_net.ipv6.sysctl.ip6_rt_gc_timeout, 2448 .maxlen = sizeof(int), 2449 .mode = 0644, 2450 .proc_handler = &proc_dointvec_jiffies, 2451 .strategy = &sysctl_jiffies, 2452 }, 2453 { 2454 .ctl_name = NET_IPV6_ROUTE_GC_INTERVAL, 2455 .procname = "gc_interval", 2456 .data = &init_net.ipv6.sysctl.ip6_rt_gc_interval, 2457 .maxlen = sizeof(int), 2458 .mode = 0644, 2459 .proc_handler = &proc_dointvec_jiffies, 2460 .strategy = &sysctl_jiffies, 2461 }, 2462 { 2463 .ctl_name = NET_IPV6_ROUTE_GC_ELASTICITY, 2464 .procname = "gc_elasticity", 2465 .data = &init_net.ipv6.sysctl.ip6_rt_gc_elasticity, 2466 .maxlen = sizeof(int), 2467 .mode = 0644, 2468 .proc_handler = &proc_dointvec_jiffies, 2469 .strategy = &sysctl_jiffies, 2470 }, 2471 { 2472 .ctl_name = NET_IPV6_ROUTE_MTU_EXPIRES, 2473 .procname = "mtu_expires", 2474 .data = &init_net.ipv6.sysctl.ip6_rt_mtu_expires, 2475 .maxlen = sizeof(int), 2476 .mode = 0644, 2477 .proc_handler = &proc_dointvec_jiffies, 2478 .strategy = &sysctl_jiffies, 2479 }, 2480 { 2481 .ctl_name = NET_IPV6_ROUTE_MIN_ADVMSS, 2482 .procname = "min_adv_mss", 2483 .data = &init_net.ipv6.sysctl.ip6_rt_min_advmss, 2484 .maxlen = sizeof(int), 2485 .mode = 0644, 2486 .proc_handler = &proc_dointvec_jiffies, 2487 .strategy = &sysctl_jiffies, 2488 }, 2489 { 2490 .ctl_name = NET_IPV6_ROUTE_GC_MIN_INTERVAL_MS, 2491 .procname = "gc_min_interval_ms", 2492 .data = &init_net.ipv6.sysctl.ip6_rt_gc_min_interval, 2493 .maxlen = sizeof(int), 2494 .mode = 0644, 2495 .proc_handler = &proc_dointvec_ms_jiffies, 2496 .strategy = &sysctl_ms_jiffies, 2497 }, 2498 { .ctl_name = 0 } 2499 }; 2500 2501 struct ctl_table *ipv6_route_sysctl_init(struct net *net) 2502 { 2503 struct ctl_table *table; 2504 2505 table = kmemdup(ipv6_route_table_template, 2506 sizeof(ipv6_route_table_template), 2507 GFP_KERNEL); 2508 return table; 2509 } 2510 #endif 2511 2512 int __init ip6_route_init(void) 2513 { 2514 int ret; 2515 2516 ip6_dst_ops.kmem_cachep = 2517 kmem_cache_create("ip6_dst_cache", sizeof(struct rt6_info), 0, 2518 SLAB_HWCACHE_ALIGN, NULL); 2519 if (!ip6_dst_ops.kmem_cachep) 2520 return -ENOMEM; 2521 2522 ip6_dst_blackhole_ops.kmem_cachep = ip6_dst_ops.kmem_cachep; 2523 2524 ret = fib6_init(); 2525 if (ret) 2526 goto out_kmem_cache; 2527 2528 ret = ipv6_route_proc_init(&init_net); 2529 if (ret) 2530 goto out_fib6_init; 2531 2532 ret = xfrm6_init(); 2533 if (ret) 2534 goto out_proc_init; 2535 2536 ret = fib6_rules_init(); 2537 if (ret) 2538 goto xfrm6_init; 2539 2540 ret = -ENOBUFS; 2541 if (__rtnl_register(PF_INET6, RTM_NEWROUTE, inet6_rtm_newroute, NULL) || 2542 __rtnl_register(PF_INET6, RTM_DELROUTE, inet6_rtm_delroute, NULL) || 2543 __rtnl_register(PF_INET6, RTM_GETROUTE, inet6_rtm_getroute, NULL)) 2544 goto fib6_rules_init; 2545 2546 ret = 0; 2547 out: 2548 return ret; 2549 2550 fib6_rules_init: 2551 fib6_rules_cleanup(); 2552 xfrm6_init: 2553 xfrm6_fini(); 2554 out_proc_init: 2555 ipv6_route_proc_fini(&init_net); 2556 out_fib6_init: 2557 rt6_ifdown(NULL); 2558 fib6_gc_cleanup(); 2559 out_kmem_cache: 2560 kmem_cache_destroy(ip6_dst_ops.kmem_cachep); 2561 goto out; 2562 } 2563 2564 void ip6_route_cleanup(void) 2565 { 2566 fib6_rules_cleanup(); 2567 ipv6_route_proc_fini(&init_net); 2568 xfrm6_fini(); 2569 rt6_ifdown(NULL); 2570 fib6_gc_cleanup(); 2571 kmem_cache_destroy(ip6_dst_ops.kmem_cachep); 2572 } 2573