xref: /openbmc/linux/net/ipv6/route.c (revision a1e58bbd)
1 /*
2  *	Linux INET6 implementation
3  *	FIB front-end.
4  *
5  *	Authors:
6  *	Pedro Roque		<roque@di.fc.ul.pt>
7  *
8  *	$Id: route.c,v 1.56 2001/10/31 21:55:55 davem Exp $
9  *
10  *	This program is free software; you can redistribute it and/or
11  *      modify it under the terms of the GNU General Public License
12  *      as published by the Free Software Foundation; either version
13  *      2 of the License, or (at your option) any later version.
14  */
15 
16 /*	Changes:
17  *
18  *	YOSHIFUJI Hideaki @USAGI
19  *		reworked default router selection.
20  *		- respect outgoing interface
21  *		- select from (probably) reachable routers (i.e.
22  *		routers in REACHABLE, STALE, DELAY or PROBE states).
23  *		- always select the same router if it is (probably)
24  *		reachable.  otherwise, round-robin the list.
25  *	Ville Nuorvala
26  *		Fixed routing subtrees.
27  */
28 
29 #include <linux/capability.h>
30 #include <linux/errno.h>
31 #include <linux/types.h>
32 #include <linux/times.h>
33 #include <linux/socket.h>
34 #include <linux/sockios.h>
35 #include <linux/net.h>
36 #include <linux/route.h>
37 #include <linux/netdevice.h>
38 #include <linux/in6.h>
39 #include <linux/init.h>
40 #include <linux/if_arp.h>
41 #include <linux/proc_fs.h>
42 #include <linux/seq_file.h>
43 #include <net/net_namespace.h>
44 #include <net/snmp.h>
45 #include <net/ipv6.h>
46 #include <net/ip6_fib.h>
47 #include <net/ip6_route.h>
48 #include <net/ndisc.h>
49 #include <net/addrconf.h>
50 #include <net/tcp.h>
51 #include <linux/rtnetlink.h>
52 #include <net/dst.h>
53 #include <net/xfrm.h>
54 #include <net/netevent.h>
55 #include <net/netlink.h>
56 
57 #include <asm/uaccess.h>
58 
59 #ifdef CONFIG_SYSCTL
60 #include <linux/sysctl.h>
61 #endif
62 
63 /* Set to 3 to get tracing. */
64 #define RT6_DEBUG 2
65 
66 #if RT6_DEBUG >= 3
67 #define RDBG(x) printk x
68 #define RT6_TRACE(x...) printk(KERN_DEBUG x)
69 #else
70 #define RDBG(x)
71 #define RT6_TRACE(x...) do { ; } while (0)
72 #endif
73 
74 #define CLONE_OFFLINK_ROUTE 0
75 
76 static struct rt6_info * ip6_rt_copy(struct rt6_info *ort);
77 static struct dst_entry	*ip6_dst_check(struct dst_entry *dst, u32 cookie);
78 static struct dst_entry *ip6_negative_advice(struct dst_entry *);
79 static void		ip6_dst_destroy(struct dst_entry *);
80 static void		ip6_dst_ifdown(struct dst_entry *,
81 				       struct net_device *dev, int how);
82 static int		 ip6_dst_gc(struct dst_ops *ops);
83 
84 static int		ip6_pkt_discard(struct sk_buff *skb);
85 static int		ip6_pkt_discard_out(struct sk_buff *skb);
86 static void		ip6_link_failure(struct sk_buff *skb);
87 static void		ip6_rt_update_pmtu(struct dst_entry *dst, u32 mtu);
88 
89 #ifdef CONFIG_IPV6_ROUTE_INFO
90 static struct rt6_info *rt6_add_route_info(struct in6_addr *prefix, int prefixlen,
91 					   struct in6_addr *gwaddr, int ifindex,
92 					   unsigned pref);
93 static struct rt6_info *rt6_get_route_info(struct in6_addr *prefix, int prefixlen,
94 					   struct in6_addr *gwaddr, int ifindex);
95 #endif
96 
97 static struct dst_ops ip6_dst_ops = {
98 	.family			=	AF_INET6,
99 	.protocol		=	__constant_htons(ETH_P_IPV6),
100 	.gc			=	ip6_dst_gc,
101 	.gc_thresh		=	1024,
102 	.check			=	ip6_dst_check,
103 	.destroy		=	ip6_dst_destroy,
104 	.ifdown			=	ip6_dst_ifdown,
105 	.negative_advice	=	ip6_negative_advice,
106 	.link_failure		=	ip6_link_failure,
107 	.update_pmtu		=	ip6_rt_update_pmtu,
108 	.local_out		=	ip6_local_out,
109 	.entry_size		=	sizeof(struct rt6_info),
110 	.entries		=	ATOMIC_INIT(0),
111 };
112 
113 static void ip6_rt_blackhole_update_pmtu(struct dst_entry *dst, u32 mtu)
114 {
115 }
116 
117 static struct dst_ops ip6_dst_blackhole_ops = {
118 	.family			=	AF_INET6,
119 	.protocol		=	__constant_htons(ETH_P_IPV6),
120 	.destroy		=	ip6_dst_destroy,
121 	.check			=	ip6_dst_check,
122 	.update_pmtu		=	ip6_rt_blackhole_update_pmtu,
123 	.entry_size		=	sizeof(struct rt6_info),
124 	.entries		=	ATOMIC_INIT(0),
125 };
126 
127 struct rt6_info ip6_null_entry = {
128 	.u = {
129 		.dst = {
130 			.__refcnt	= ATOMIC_INIT(1),
131 			.__use		= 1,
132 			.obsolete	= -1,
133 			.error		= -ENETUNREACH,
134 			.metrics	= { [RTAX_HOPLIMIT - 1] = 255, },
135 			.input		= ip6_pkt_discard,
136 			.output		= ip6_pkt_discard_out,
137 			.ops		= &ip6_dst_ops,
138 			.path		= (struct dst_entry*)&ip6_null_entry,
139 		}
140 	},
141 	.rt6i_flags	= (RTF_REJECT | RTF_NONEXTHOP),
142 	.rt6i_metric	= ~(u32) 0,
143 	.rt6i_ref	= ATOMIC_INIT(1),
144 };
145 
146 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
147 
148 static int ip6_pkt_prohibit(struct sk_buff *skb);
149 static int ip6_pkt_prohibit_out(struct sk_buff *skb);
150 
151 struct rt6_info ip6_prohibit_entry = {
152 	.u = {
153 		.dst = {
154 			.__refcnt	= ATOMIC_INIT(1),
155 			.__use		= 1,
156 			.obsolete	= -1,
157 			.error		= -EACCES,
158 			.metrics	= { [RTAX_HOPLIMIT - 1] = 255, },
159 			.input		= ip6_pkt_prohibit,
160 			.output		= ip6_pkt_prohibit_out,
161 			.ops		= &ip6_dst_ops,
162 			.path		= (struct dst_entry*)&ip6_prohibit_entry,
163 		}
164 	},
165 	.rt6i_flags	= (RTF_REJECT | RTF_NONEXTHOP),
166 	.rt6i_metric	= ~(u32) 0,
167 	.rt6i_ref	= ATOMIC_INIT(1),
168 };
169 
170 struct rt6_info ip6_blk_hole_entry = {
171 	.u = {
172 		.dst = {
173 			.__refcnt	= ATOMIC_INIT(1),
174 			.__use		= 1,
175 			.obsolete	= -1,
176 			.error		= -EINVAL,
177 			.metrics	= { [RTAX_HOPLIMIT - 1] = 255, },
178 			.input		= dst_discard,
179 			.output		= dst_discard,
180 			.ops		= &ip6_dst_ops,
181 			.path		= (struct dst_entry*)&ip6_blk_hole_entry,
182 		}
183 	},
184 	.rt6i_flags	= (RTF_REJECT | RTF_NONEXTHOP),
185 	.rt6i_metric	= ~(u32) 0,
186 	.rt6i_ref	= ATOMIC_INIT(1),
187 };
188 
189 #endif
190 
191 /* allocate dst with ip6_dst_ops */
192 static __inline__ struct rt6_info *ip6_dst_alloc(void)
193 {
194 	return (struct rt6_info *)dst_alloc(&ip6_dst_ops);
195 }
196 
197 static void ip6_dst_destroy(struct dst_entry *dst)
198 {
199 	struct rt6_info *rt = (struct rt6_info *)dst;
200 	struct inet6_dev *idev = rt->rt6i_idev;
201 
202 	if (idev != NULL) {
203 		rt->rt6i_idev = NULL;
204 		in6_dev_put(idev);
205 	}
206 }
207 
208 static void ip6_dst_ifdown(struct dst_entry *dst, struct net_device *dev,
209 			   int how)
210 {
211 	struct rt6_info *rt = (struct rt6_info *)dst;
212 	struct inet6_dev *idev = rt->rt6i_idev;
213 	struct net_device *loopback_dev =
214 		dev->nd_net->loopback_dev;
215 
216 	if (dev != loopback_dev && idev != NULL && idev->dev == dev) {
217 		struct inet6_dev *loopback_idev =
218 			in6_dev_get(loopback_dev);
219 		if (loopback_idev != NULL) {
220 			rt->rt6i_idev = loopback_idev;
221 			in6_dev_put(idev);
222 		}
223 	}
224 }
225 
226 static __inline__ int rt6_check_expired(const struct rt6_info *rt)
227 {
228 	return (rt->rt6i_flags & RTF_EXPIRES &&
229 		time_after(jiffies, rt->rt6i_expires));
230 }
231 
232 static inline int rt6_need_strict(struct in6_addr *daddr)
233 {
234 	return (ipv6_addr_type(daddr) &
235 		(IPV6_ADDR_MULTICAST | IPV6_ADDR_LINKLOCAL));
236 }
237 
238 /*
239  *	Route lookup. Any table->tb6_lock is implied.
240  */
241 
242 static __inline__ struct rt6_info *rt6_device_match(struct rt6_info *rt,
243 						    int oif,
244 						    int strict)
245 {
246 	struct rt6_info *local = NULL;
247 	struct rt6_info *sprt;
248 
249 	if (oif) {
250 		for (sprt = rt; sprt; sprt = sprt->u.dst.rt6_next) {
251 			struct net_device *dev = sprt->rt6i_dev;
252 			if (dev->ifindex == oif)
253 				return sprt;
254 			if (dev->flags & IFF_LOOPBACK) {
255 				if (sprt->rt6i_idev == NULL ||
256 				    sprt->rt6i_idev->dev->ifindex != oif) {
257 					if (strict && oif)
258 						continue;
259 					if (local && (!oif ||
260 						      local->rt6i_idev->dev->ifindex == oif))
261 						continue;
262 				}
263 				local = sprt;
264 			}
265 		}
266 
267 		if (local)
268 			return local;
269 
270 		if (strict)
271 			return &ip6_null_entry;
272 	}
273 	return rt;
274 }
275 
276 #ifdef CONFIG_IPV6_ROUTER_PREF
277 static void rt6_probe(struct rt6_info *rt)
278 {
279 	struct neighbour *neigh = rt ? rt->rt6i_nexthop : NULL;
280 	/*
281 	 * Okay, this does not seem to be appropriate
282 	 * for now, however, we need to check if it
283 	 * is really so; aka Router Reachability Probing.
284 	 *
285 	 * Router Reachability Probe MUST be rate-limited
286 	 * to no more than one per minute.
287 	 */
288 	if (!neigh || (neigh->nud_state & NUD_VALID))
289 		return;
290 	read_lock_bh(&neigh->lock);
291 	if (!(neigh->nud_state & NUD_VALID) &&
292 	    time_after(jiffies, neigh->updated + rt->rt6i_idev->cnf.rtr_probe_interval)) {
293 		struct in6_addr mcaddr;
294 		struct in6_addr *target;
295 
296 		neigh->updated = jiffies;
297 		read_unlock_bh(&neigh->lock);
298 
299 		target = (struct in6_addr *)&neigh->primary_key;
300 		addrconf_addr_solict_mult(target, &mcaddr);
301 		ndisc_send_ns(rt->rt6i_dev, NULL, target, &mcaddr, NULL);
302 	} else
303 		read_unlock_bh(&neigh->lock);
304 }
305 #else
306 static inline void rt6_probe(struct rt6_info *rt)
307 {
308 	return;
309 }
310 #endif
311 
312 /*
313  * Default Router Selection (RFC 2461 6.3.6)
314  */
315 static inline int rt6_check_dev(struct rt6_info *rt, int oif)
316 {
317 	struct net_device *dev = rt->rt6i_dev;
318 	if (!oif || dev->ifindex == oif)
319 		return 2;
320 	if ((dev->flags & IFF_LOOPBACK) &&
321 	    rt->rt6i_idev && rt->rt6i_idev->dev->ifindex == oif)
322 		return 1;
323 	return 0;
324 }
325 
326 static inline int rt6_check_neigh(struct rt6_info *rt)
327 {
328 	struct neighbour *neigh = rt->rt6i_nexthop;
329 	int m;
330 	if (rt->rt6i_flags & RTF_NONEXTHOP ||
331 	    !(rt->rt6i_flags & RTF_GATEWAY))
332 		m = 1;
333 	else if (neigh) {
334 		read_lock_bh(&neigh->lock);
335 		if (neigh->nud_state & NUD_VALID)
336 			m = 2;
337 #ifdef CONFIG_IPV6_ROUTER_PREF
338 		else if (neigh->nud_state & NUD_FAILED)
339 			m = 0;
340 #endif
341 		else
342 			m = 1;
343 		read_unlock_bh(&neigh->lock);
344 	} else
345 		m = 0;
346 	return m;
347 }
348 
349 static int rt6_score_route(struct rt6_info *rt, int oif,
350 			   int strict)
351 {
352 	int m, n;
353 
354 	m = rt6_check_dev(rt, oif);
355 	if (!m && (strict & RT6_LOOKUP_F_IFACE))
356 		return -1;
357 #ifdef CONFIG_IPV6_ROUTER_PREF
358 	m |= IPV6_DECODE_PREF(IPV6_EXTRACT_PREF(rt->rt6i_flags)) << 2;
359 #endif
360 	n = rt6_check_neigh(rt);
361 	if (!n && (strict & RT6_LOOKUP_F_REACHABLE))
362 		return -1;
363 	return m;
364 }
365 
366 static struct rt6_info *find_match(struct rt6_info *rt, int oif, int strict,
367 				   int *mpri, struct rt6_info *match)
368 {
369 	int m;
370 
371 	if (rt6_check_expired(rt))
372 		goto out;
373 
374 	m = rt6_score_route(rt, oif, strict);
375 	if (m < 0)
376 		goto out;
377 
378 	if (m > *mpri) {
379 		if (strict & RT6_LOOKUP_F_REACHABLE)
380 			rt6_probe(match);
381 		*mpri = m;
382 		match = rt;
383 	} else if (strict & RT6_LOOKUP_F_REACHABLE) {
384 		rt6_probe(rt);
385 	}
386 
387 out:
388 	return match;
389 }
390 
391 static struct rt6_info *find_rr_leaf(struct fib6_node *fn,
392 				     struct rt6_info *rr_head,
393 				     u32 metric, int oif, int strict)
394 {
395 	struct rt6_info *rt, *match;
396 	int mpri = -1;
397 
398 	match = NULL;
399 	for (rt = rr_head; rt && rt->rt6i_metric == metric;
400 	     rt = rt->u.dst.rt6_next)
401 		match = find_match(rt, oif, strict, &mpri, match);
402 	for (rt = fn->leaf; rt && rt != rr_head && rt->rt6i_metric == metric;
403 	     rt = rt->u.dst.rt6_next)
404 		match = find_match(rt, oif, strict, &mpri, match);
405 
406 	return match;
407 }
408 
409 static struct rt6_info *rt6_select(struct fib6_node *fn, int oif, int strict)
410 {
411 	struct rt6_info *match, *rt0;
412 
413 	RT6_TRACE("%s(fn->leaf=%p, oif=%d)\n",
414 		  __FUNCTION__, fn->leaf, oif);
415 
416 	rt0 = fn->rr_ptr;
417 	if (!rt0)
418 		fn->rr_ptr = rt0 = fn->leaf;
419 
420 	match = find_rr_leaf(fn, rt0, rt0->rt6i_metric, oif, strict);
421 
422 	if (!match &&
423 	    (strict & RT6_LOOKUP_F_REACHABLE)) {
424 		struct rt6_info *next = rt0->u.dst.rt6_next;
425 
426 		/* no entries matched; do round-robin */
427 		if (!next || next->rt6i_metric != rt0->rt6i_metric)
428 			next = fn->leaf;
429 
430 		if (next != rt0)
431 			fn->rr_ptr = next;
432 	}
433 
434 	RT6_TRACE("%s() => %p\n",
435 		  __FUNCTION__, match);
436 
437 	return (match ? match : &ip6_null_entry);
438 }
439 
440 #ifdef CONFIG_IPV6_ROUTE_INFO
441 int rt6_route_rcv(struct net_device *dev, u8 *opt, int len,
442 		  struct in6_addr *gwaddr)
443 {
444 	struct route_info *rinfo = (struct route_info *) opt;
445 	struct in6_addr prefix_buf, *prefix;
446 	unsigned int pref;
447 	u32 lifetime;
448 	struct rt6_info *rt;
449 
450 	if (len < sizeof(struct route_info)) {
451 		return -EINVAL;
452 	}
453 
454 	/* Sanity check for prefix_len and length */
455 	if (rinfo->length > 3) {
456 		return -EINVAL;
457 	} else if (rinfo->prefix_len > 128) {
458 		return -EINVAL;
459 	} else if (rinfo->prefix_len > 64) {
460 		if (rinfo->length < 2) {
461 			return -EINVAL;
462 		}
463 	} else if (rinfo->prefix_len > 0) {
464 		if (rinfo->length < 1) {
465 			return -EINVAL;
466 		}
467 	}
468 
469 	pref = rinfo->route_pref;
470 	if (pref == ICMPV6_ROUTER_PREF_INVALID)
471 		pref = ICMPV6_ROUTER_PREF_MEDIUM;
472 
473 	lifetime = ntohl(rinfo->lifetime);
474 	if (lifetime == 0xffffffff) {
475 		/* infinity */
476 	} else if (lifetime > 0x7fffffff/HZ) {
477 		/* Avoid arithmetic overflow */
478 		lifetime = 0x7fffffff/HZ - 1;
479 	}
480 
481 	if (rinfo->length == 3)
482 		prefix = (struct in6_addr *)rinfo->prefix;
483 	else {
484 		/* this function is safe */
485 		ipv6_addr_prefix(&prefix_buf,
486 				 (struct in6_addr *)rinfo->prefix,
487 				 rinfo->prefix_len);
488 		prefix = &prefix_buf;
489 	}
490 
491 	rt = rt6_get_route_info(prefix, rinfo->prefix_len, gwaddr, dev->ifindex);
492 
493 	if (rt && !lifetime) {
494 		ip6_del_rt(rt);
495 		rt = NULL;
496 	}
497 
498 	if (!rt && lifetime)
499 		rt = rt6_add_route_info(prefix, rinfo->prefix_len, gwaddr, dev->ifindex,
500 					pref);
501 	else if (rt)
502 		rt->rt6i_flags = RTF_ROUTEINFO |
503 				 (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
504 
505 	if (rt) {
506 		if (lifetime == 0xffffffff) {
507 			rt->rt6i_flags &= ~RTF_EXPIRES;
508 		} else {
509 			rt->rt6i_expires = jiffies + HZ * lifetime;
510 			rt->rt6i_flags |= RTF_EXPIRES;
511 		}
512 		dst_release(&rt->u.dst);
513 	}
514 	return 0;
515 }
516 #endif
517 
518 #define BACKTRACK(saddr) \
519 do { \
520 	if (rt == &ip6_null_entry) { \
521 		struct fib6_node *pn; \
522 		while (1) { \
523 			if (fn->fn_flags & RTN_TL_ROOT) \
524 				goto out; \
525 			pn = fn->parent; \
526 			if (FIB6_SUBTREE(pn) && FIB6_SUBTREE(pn) != fn) \
527 				fn = fib6_lookup(FIB6_SUBTREE(pn), NULL, saddr); \
528 			else \
529 				fn = pn; \
530 			if (fn->fn_flags & RTN_RTINFO) \
531 				goto restart; \
532 		} \
533 	} \
534 } while(0)
535 
536 static struct rt6_info *ip6_pol_route_lookup(struct fib6_table *table,
537 					     struct flowi *fl, int flags)
538 {
539 	struct fib6_node *fn;
540 	struct rt6_info *rt;
541 
542 	read_lock_bh(&table->tb6_lock);
543 	fn = fib6_lookup(&table->tb6_root, &fl->fl6_dst, &fl->fl6_src);
544 restart:
545 	rt = fn->leaf;
546 	rt = rt6_device_match(rt, fl->oif, flags);
547 	BACKTRACK(&fl->fl6_src);
548 out:
549 	dst_use(&rt->u.dst, jiffies);
550 	read_unlock_bh(&table->tb6_lock);
551 	return rt;
552 
553 }
554 
555 struct rt6_info *rt6_lookup(struct in6_addr *daddr, struct in6_addr *saddr,
556 			    int oif, int strict)
557 {
558 	struct flowi fl = {
559 		.oif = oif,
560 		.nl_u = {
561 			.ip6_u = {
562 				.daddr = *daddr,
563 			},
564 		},
565 	};
566 	struct dst_entry *dst;
567 	int flags = strict ? RT6_LOOKUP_F_IFACE : 0;
568 
569 	if (saddr) {
570 		memcpy(&fl.fl6_src, saddr, sizeof(*saddr));
571 		flags |= RT6_LOOKUP_F_HAS_SADDR;
572 	}
573 
574 	dst = fib6_rule_lookup(&fl, flags, ip6_pol_route_lookup);
575 	if (dst->error == 0)
576 		return (struct rt6_info *) dst;
577 
578 	dst_release(dst);
579 
580 	return NULL;
581 }
582 
583 EXPORT_SYMBOL(rt6_lookup);
584 
585 /* ip6_ins_rt is called with FREE table->tb6_lock.
586    It takes new route entry, the addition fails by any reason the
587    route is freed. In any case, if caller does not hold it, it may
588    be destroyed.
589  */
590 
591 static int __ip6_ins_rt(struct rt6_info *rt, struct nl_info *info)
592 {
593 	int err;
594 	struct fib6_table *table;
595 
596 	table = rt->rt6i_table;
597 	write_lock_bh(&table->tb6_lock);
598 	err = fib6_add(&table->tb6_root, rt, info);
599 	write_unlock_bh(&table->tb6_lock);
600 
601 	return err;
602 }
603 
604 int ip6_ins_rt(struct rt6_info *rt)
605 {
606 	struct nl_info info = {
607 		.nl_net = &init_net,
608 	};
609 	return __ip6_ins_rt(rt, &info);
610 }
611 
612 static struct rt6_info *rt6_alloc_cow(struct rt6_info *ort, struct in6_addr *daddr,
613 				      struct in6_addr *saddr)
614 {
615 	struct rt6_info *rt;
616 
617 	/*
618 	 *	Clone the route.
619 	 */
620 
621 	rt = ip6_rt_copy(ort);
622 
623 	if (rt) {
624 		if (!(rt->rt6i_flags&RTF_GATEWAY)) {
625 			if (rt->rt6i_dst.plen != 128 &&
626 			    ipv6_addr_equal(&rt->rt6i_dst.addr, daddr))
627 				rt->rt6i_flags |= RTF_ANYCAST;
628 			ipv6_addr_copy(&rt->rt6i_gateway, daddr);
629 		}
630 
631 		ipv6_addr_copy(&rt->rt6i_dst.addr, daddr);
632 		rt->rt6i_dst.plen = 128;
633 		rt->rt6i_flags |= RTF_CACHE;
634 		rt->u.dst.flags |= DST_HOST;
635 
636 #ifdef CONFIG_IPV6_SUBTREES
637 		if (rt->rt6i_src.plen && saddr) {
638 			ipv6_addr_copy(&rt->rt6i_src.addr, saddr);
639 			rt->rt6i_src.plen = 128;
640 		}
641 #endif
642 
643 		rt->rt6i_nexthop = ndisc_get_neigh(rt->rt6i_dev, &rt->rt6i_gateway);
644 
645 	}
646 
647 	return rt;
648 }
649 
650 static struct rt6_info *rt6_alloc_clone(struct rt6_info *ort, struct in6_addr *daddr)
651 {
652 	struct rt6_info *rt = ip6_rt_copy(ort);
653 	if (rt) {
654 		ipv6_addr_copy(&rt->rt6i_dst.addr, daddr);
655 		rt->rt6i_dst.plen = 128;
656 		rt->rt6i_flags |= RTF_CACHE;
657 		rt->u.dst.flags |= DST_HOST;
658 		rt->rt6i_nexthop = neigh_clone(ort->rt6i_nexthop);
659 	}
660 	return rt;
661 }
662 
663 static struct rt6_info *ip6_pol_route(struct fib6_table *table, int oif,
664 					    struct flowi *fl, int flags)
665 {
666 	struct fib6_node *fn;
667 	struct rt6_info *rt, *nrt;
668 	int strict = 0;
669 	int attempts = 3;
670 	int err;
671 	int reachable = ipv6_devconf.forwarding ? 0 : RT6_LOOKUP_F_REACHABLE;
672 
673 	strict |= flags & RT6_LOOKUP_F_IFACE;
674 
675 relookup:
676 	read_lock_bh(&table->tb6_lock);
677 
678 restart_2:
679 	fn = fib6_lookup(&table->tb6_root, &fl->fl6_dst, &fl->fl6_src);
680 
681 restart:
682 	rt = rt6_select(fn, oif, strict | reachable);
683 	BACKTRACK(&fl->fl6_src);
684 	if (rt == &ip6_null_entry ||
685 	    rt->rt6i_flags & RTF_CACHE)
686 		goto out;
687 
688 	dst_hold(&rt->u.dst);
689 	read_unlock_bh(&table->tb6_lock);
690 
691 	if (!rt->rt6i_nexthop && !(rt->rt6i_flags & RTF_NONEXTHOP))
692 		nrt = rt6_alloc_cow(rt, &fl->fl6_dst, &fl->fl6_src);
693 	else {
694 #if CLONE_OFFLINK_ROUTE
695 		nrt = rt6_alloc_clone(rt, &fl->fl6_dst);
696 #else
697 		goto out2;
698 #endif
699 	}
700 
701 	dst_release(&rt->u.dst);
702 	rt = nrt ? : &ip6_null_entry;
703 
704 	dst_hold(&rt->u.dst);
705 	if (nrt) {
706 		err = ip6_ins_rt(nrt);
707 		if (!err)
708 			goto out2;
709 	}
710 
711 	if (--attempts <= 0)
712 		goto out2;
713 
714 	/*
715 	 * Race condition! In the gap, when table->tb6_lock was
716 	 * released someone could insert this route.  Relookup.
717 	 */
718 	dst_release(&rt->u.dst);
719 	goto relookup;
720 
721 out:
722 	if (reachable) {
723 		reachable = 0;
724 		goto restart_2;
725 	}
726 	dst_hold(&rt->u.dst);
727 	read_unlock_bh(&table->tb6_lock);
728 out2:
729 	rt->u.dst.lastuse = jiffies;
730 	rt->u.dst.__use++;
731 
732 	return rt;
733 }
734 
735 static struct rt6_info *ip6_pol_route_input(struct fib6_table *table,
736 					    struct flowi *fl, int flags)
737 {
738 	return ip6_pol_route(table, fl->iif, fl, flags);
739 }
740 
741 void ip6_route_input(struct sk_buff *skb)
742 {
743 	struct ipv6hdr *iph = ipv6_hdr(skb);
744 	int flags = RT6_LOOKUP_F_HAS_SADDR;
745 	struct flowi fl = {
746 		.iif = skb->dev->ifindex,
747 		.nl_u = {
748 			.ip6_u = {
749 				.daddr = iph->daddr,
750 				.saddr = iph->saddr,
751 				.flowlabel = (* (__be32 *) iph)&IPV6_FLOWINFO_MASK,
752 			},
753 		},
754 		.mark = skb->mark,
755 		.proto = iph->nexthdr,
756 	};
757 
758 	if (rt6_need_strict(&iph->daddr))
759 		flags |= RT6_LOOKUP_F_IFACE;
760 
761 	skb->dst = fib6_rule_lookup(&fl, flags, ip6_pol_route_input);
762 }
763 
764 static struct rt6_info *ip6_pol_route_output(struct fib6_table *table,
765 					     struct flowi *fl, int flags)
766 {
767 	return ip6_pol_route(table, fl->oif, fl, flags);
768 }
769 
770 struct dst_entry * ip6_route_output(struct sock *sk, struct flowi *fl)
771 {
772 	int flags = 0;
773 
774 	if (rt6_need_strict(&fl->fl6_dst))
775 		flags |= RT6_LOOKUP_F_IFACE;
776 
777 	if (!ipv6_addr_any(&fl->fl6_src))
778 		flags |= RT6_LOOKUP_F_HAS_SADDR;
779 
780 	return fib6_rule_lookup(fl, flags, ip6_pol_route_output);
781 }
782 
783 EXPORT_SYMBOL(ip6_route_output);
784 
785 int ip6_dst_blackhole(struct sock *sk, struct dst_entry **dstp, struct flowi *fl)
786 {
787 	struct rt6_info *ort = (struct rt6_info *) *dstp;
788 	struct rt6_info *rt = (struct rt6_info *)
789 		dst_alloc(&ip6_dst_blackhole_ops);
790 	struct dst_entry *new = NULL;
791 
792 	if (rt) {
793 		new = &rt->u.dst;
794 
795 		atomic_set(&new->__refcnt, 1);
796 		new->__use = 1;
797 		new->input = dst_discard;
798 		new->output = dst_discard;
799 
800 		memcpy(new->metrics, ort->u.dst.metrics, RTAX_MAX*sizeof(u32));
801 		new->dev = ort->u.dst.dev;
802 		if (new->dev)
803 			dev_hold(new->dev);
804 		rt->rt6i_idev = ort->rt6i_idev;
805 		if (rt->rt6i_idev)
806 			in6_dev_hold(rt->rt6i_idev);
807 		rt->rt6i_expires = 0;
808 
809 		ipv6_addr_copy(&rt->rt6i_gateway, &ort->rt6i_gateway);
810 		rt->rt6i_flags = ort->rt6i_flags & ~RTF_EXPIRES;
811 		rt->rt6i_metric = 0;
812 
813 		memcpy(&rt->rt6i_dst, &ort->rt6i_dst, sizeof(struct rt6key));
814 #ifdef CONFIG_IPV6_SUBTREES
815 		memcpy(&rt->rt6i_src, &ort->rt6i_src, sizeof(struct rt6key));
816 #endif
817 
818 		dst_free(new);
819 	}
820 
821 	dst_release(*dstp);
822 	*dstp = new;
823 	return (new ? 0 : -ENOMEM);
824 }
825 EXPORT_SYMBOL_GPL(ip6_dst_blackhole);
826 
827 /*
828  *	Destination cache support functions
829  */
830 
831 static struct dst_entry *ip6_dst_check(struct dst_entry *dst, u32 cookie)
832 {
833 	struct rt6_info *rt;
834 
835 	rt = (struct rt6_info *) dst;
836 
837 	if (rt && rt->rt6i_node && (rt->rt6i_node->fn_sernum == cookie))
838 		return dst;
839 
840 	return NULL;
841 }
842 
843 static struct dst_entry *ip6_negative_advice(struct dst_entry *dst)
844 {
845 	struct rt6_info *rt = (struct rt6_info *) dst;
846 
847 	if (rt) {
848 		if (rt->rt6i_flags & RTF_CACHE)
849 			ip6_del_rt(rt);
850 		else
851 			dst_release(dst);
852 	}
853 	return NULL;
854 }
855 
856 static void ip6_link_failure(struct sk_buff *skb)
857 {
858 	struct rt6_info *rt;
859 
860 	icmpv6_send(skb, ICMPV6_DEST_UNREACH, ICMPV6_ADDR_UNREACH, 0, skb->dev);
861 
862 	rt = (struct rt6_info *) skb->dst;
863 	if (rt) {
864 		if (rt->rt6i_flags&RTF_CACHE) {
865 			dst_set_expires(&rt->u.dst, 0);
866 			rt->rt6i_flags |= RTF_EXPIRES;
867 		} else if (rt->rt6i_node && (rt->rt6i_flags & RTF_DEFAULT))
868 			rt->rt6i_node->fn_sernum = -1;
869 	}
870 }
871 
872 static void ip6_rt_update_pmtu(struct dst_entry *dst, u32 mtu)
873 {
874 	struct rt6_info *rt6 = (struct rt6_info*)dst;
875 
876 	if (mtu < dst_mtu(dst) && rt6->rt6i_dst.plen == 128) {
877 		rt6->rt6i_flags |= RTF_MODIFIED;
878 		if (mtu < IPV6_MIN_MTU) {
879 			mtu = IPV6_MIN_MTU;
880 			dst->metrics[RTAX_FEATURES-1] |= RTAX_FEATURE_ALLFRAG;
881 		}
882 		dst->metrics[RTAX_MTU-1] = mtu;
883 		call_netevent_notifiers(NETEVENT_PMTU_UPDATE, dst);
884 	}
885 }
886 
887 static int ipv6_get_mtu(struct net_device *dev);
888 
889 static inline unsigned int ipv6_advmss(unsigned int mtu)
890 {
891 	mtu -= sizeof(struct ipv6hdr) + sizeof(struct tcphdr);
892 
893 	if (mtu < init_net.ipv6.sysctl.ip6_rt_min_advmss)
894 		mtu = init_net.ipv6.sysctl.ip6_rt_min_advmss;
895 
896 	/*
897 	 * Maximal non-jumbo IPv6 payload is IPV6_MAXPLEN and
898 	 * corresponding MSS is IPV6_MAXPLEN - tcp_header_size.
899 	 * IPV6_MAXPLEN is also valid and means: "any MSS,
900 	 * rely only on pmtu discovery"
901 	 */
902 	if (mtu > IPV6_MAXPLEN - sizeof(struct tcphdr))
903 		mtu = IPV6_MAXPLEN;
904 	return mtu;
905 }
906 
907 static struct dst_entry *ndisc_dst_gc_list;
908 static DEFINE_SPINLOCK(ndisc_lock);
909 
910 struct dst_entry *ndisc_dst_alloc(struct net_device *dev,
911 				  struct neighbour *neigh,
912 				  struct in6_addr *addr,
913 				  int (*output)(struct sk_buff *))
914 {
915 	struct rt6_info *rt;
916 	struct inet6_dev *idev = in6_dev_get(dev);
917 
918 	if (unlikely(idev == NULL))
919 		return NULL;
920 
921 	rt = ip6_dst_alloc();
922 	if (unlikely(rt == NULL)) {
923 		in6_dev_put(idev);
924 		goto out;
925 	}
926 
927 	dev_hold(dev);
928 	if (neigh)
929 		neigh_hold(neigh);
930 	else
931 		neigh = ndisc_get_neigh(dev, addr);
932 
933 	rt->rt6i_dev	  = dev;
934 	rt->rt6i_idev     = idev;
935 	rt->rt6i_nexthop  = neigh;
936 	atomic_set(&rt->u.dst.__refcnt, 1);
937 	rt->u.dst.metrics[RTAX_HOPLIMIT-1] = 255;
938 	rt->u.dst.metrics[RTAX_MTU-1] = ipv6_get_mtu(rt->rt6i_dev);
939 	rt->u.dst.metrics[RTAX_ADVMSS-1] = ipv6_advmss(dst_mtu(&rt->u.dst));
940 	rt->u.dst.output  = output;
941 
942 #if 0	/* there's no chance to use these for ndisc */
943 	rt->u.dst.flags   = ipv6_addr_type(addr) & IPV6_ADDR_UNICAST
944 				? DST_HOST
945 				: 0;
946 	ipv6_addr_copy(&rt->rt6i_dst.addr, addr);
947 	rt->rt6i_dst.plen = 128;
948 #endif
949 
950 	spin_lock_bh(&ndisc_lock);
951 	rt->u.dst.next = ndisc_dst_gc_list;
952 	ndisc_dst_gc_list = &rt->u.dst;
953 	spin_unlock_bh(&ndisc_lock);
954 
955 	fib6_force_start_gc();
956 
957 out:
958 	return &rt->u.dst;
959 }
960 
961 int ndisc_dst_gc(int *more)
962 {
963 	struct dst_entry *dst, *next, **pprev;
964 	int freed;
965 
966 	next = NULL;
967 	freed = 0;
968 
969 	spin_lock_bh(&ndisc_lock);
970 	pprev = &ndisc_dst_gc_list;
971 
972 	while ((dst = *pprev) != NULL) {
973 		if (!atomic_read(&dst->__refcnt)) {
974 			*pprev = dst->next;
975 			dst_free(dst);
976 			freed++;
977 		} else {
978 			pprev = &dst->next;
979 			(*more)++;
980 		}
981 	}
982 
983 	spin_unlock_bh(&ndisc_lock);
984 
985 	return freed;
986 }
987 
988 static int ip6_dst_gc(struct dst_ops *ops)
989 {
990 	static unsigned expire = 30*HZ;
991 	static unsigned long last_gc;
992 	unsigned long now = jiffies;
993 
994 	if (time_after(last_gc + init_net.ipv6.sysctl.ip6_rt_gc_min_interval, now) &&
995 	    atomic_read(&ip6_dst_ops.entries) <= init_net.ipv6.sysctl.ip6_rt_max_size)
996 		goto out;
997 
998 	expire++;
999 	fib6_run_gc(expire);
1000 	last_gc = now;
1001 	if (atomic_read(&ip6_dst_ops.entries) < ip6_dst_ops.gc_thresh)
1002 		expire = init_net.ipv6.sysctl.ip6_rt_gc_timeout>>1;
1003 
1004 out:
1005 	expire -= expire>>init_net.ipv6.sysctl.ip6_rt_gc_elasticity;
1006 	return (atomic_read(&ip6_dst_ops.entries) > init_net.ipv6.sysctl.ip6_rt_max_size);
1007 }
1008 
1009 /* Clean host part of a prefix. Not necessary in radix tree,
1010    but results in cleaner routing tables.
1011 
1012    Remove it only when all the things will work!
1013  */
1014 
1015 static int ipv6_get_mtu(struct net_device *dev)
1016 {
1017 	int mtu = IPV6_MIN_MTU;
1018 	struct inet6_dev *idev;
1019 
1020 	idev = in6_dev_get(dev);
1021 	if (idev) {
1022 		mtu = idev->cnf.mtu6;
1023 		in6_dev_put(idev);
1024 	}
1025 	return mtu;
1026 }
1027 
1028 int ipv6_get_hoplimit(struct net_device *dev)
1029 {
1030 	int hoplimit = ipv6_devconf.hop_limit;
1031 	struct inet6_dev *idev;
1032 
1033 	idev = in6_dev_get(dev);
1034 	if (idev) {
1035 		hoplimit = idev->cnf.hop_limit;
1036 		in6_dev_put(idev);
1037 	}
1038 	return hoplimit;
1039 }
1040 
1041 /*
1042  *
1043  */
1044 
1045 int ip6_route_add(struct fib6_config *cfg)
1046 {
1047 	int err;
1048 	struct rt6_info *rt = NULL;
1049 	struct net_device *dev = NULL;
1050 	struct inet6_dev *idev = NULL;
1051 	struct fib6_table *table;
1052 	int addr_type;
1053 
1054 	if (cfg->fc_dst_len > 128 || cfg->fc_src_len > 128)
1055 		return -EINVAL;
1056 #ifndef CONFIG_IPV6_SUBTREES
1057 	if (cfg->fc_src_len)
1058 		return -EINVAL;
1059 #endif
1060 	if (cfg->fc_ifindex) {
1061 		err = -ENODEV;
1062 		dev = dev_get_by_index(&init_net, cfg->fc_ifindex);
1063 		if (!dev)
1064 			goto out;
1065 		idev = in6_dev_get(dev);
1066 		if (!idev)
1067 			goto out;
1068 	}
1069 
1070 	if (cfg->fc_metric == 0)
1071 		cfg->fc_metric = IP6_RT_PRIO_USER;
1072 
1073 	table = fib6_new_table(cfg->fc_table);
1074 	if (table == NULL) {
1075 		err = -ENOBUFS;
1076 		goto out;
1077 	}
1078 
1079 	rt = ip6_dst_alloc();
1080 
1081 	if (rt == NULL) {
1082 		err = -ENOMEM;
1083 		goto out;
1084 	}
1085 
1086 	rt->u.dst.obsolete = -1;
1087 	rt->rt6i_expires = jiffies + clock_t_to_jiffies(cfg->fc_expires);
1088 
1089 	if (cfg->fc_protocol == RTPROT_UNSPEC)
1090 		cfg->fc_protocol = RTPROT_BOOT;
1091 	rt->rt6i_protocol = cfg->fc_protocol;
1092 
1093 	addr_type = ipv6_addr_type(&cfg->fc_dst);
1094 
1095 	if (addr_type & IPV6_ADDR_MULTICAST)
1096 		rt->u.dst.input = ip6_mc_input;
1097 	else
1098 		rt->u.dst.input = ip6_forward;
1099 
1100 	rt->u.dst.output = ip6_output;
1101 
1102 	ipv6_addr_prefix(&rt->rt6i_dst.addr, &cfg->fc_dst, cfg->fc_dst_len);
1103 	rt->rt6i_dst.plen = cfg->fc_dst_len;
1104 	if (rt->rt6i_dst.plen == 128)
1105 	       rt->u.dst.flags = DST_HOST;
1106 
1107 #ifdef CONFIG_IPV6_SUBTREES
1108 	ipv6_addr_prefix(&rt->rt6i_src.addr, &cfg->fc_src, cfg->fc_src_len);
1109 	rt->rt6i_src.plen = cfg->fc_src_len;
1110 #endif
1111 
1112 	rt->rt6i_metric = cfg->fc_metric;
1113 
1114 	/* We cannot add true routes via loopback here,
1115 	   they would result in kernel looping; promote them to reject routes
1116 	 */
1117 	if ((cfg->fc_flags & RTF_REJECT) ||
1118 	    (dev && (dev->flags&IFF_LOOPBACK) && !(addr_type&IPV6_ADDR_LOOPBACK))) {
1119 		/* hold loopback dev/idev if we haven't done so. */
1120 		if (dev != init_net.loopback_dev) {
1121 			if (dev) {
1122 				dev_put(dev);
1123 				in6_dev_put(idev);
1124 			}
1125 			dev = init_net.loopback_dev;
1126 			dev_hold(dev);
1127 			idev = in6_dev_get(dev);
1128 			if (!idev) {
1129 				err = -ENODEV;
1130 				goto out;
1131 			}
1132 		}
1133 		rt->u.dst.output = ip6_pkt_discard_out;
1134 		rt->u.dst.input = ip6_pkt_discard;
1135 		rt->u.dst.error = -ENETUNREACH;
1136 		rt->rt6i_flags = RTF_REJECT|RTF_NONEXTHOP;
1137 		goto install_route;
1138 	}
1139 
1140 	if (cfg->fc_flags & RTF_GATEWAY) {
1141 		struct in6_addr *gw_addr;
1142 		int gwa_type;
1143 
1144 		gw_addr = &cfg->fc_gateway;
1145 		ipv6_addr_copy(&rt->rt6i_gateway, gw_addr);
1146 		gwa_type = ipv6_addr_type(gw_addr);
1147 
1148 		if (gwa_type != (IPV6_ADDR_LINKLOCAL|IPV6_ADDR_UNICAST)) {
1149 			struct rt6_info *grt;
1150 
1151 			/* IPv6 strictly inhibits using not link-local
1152 			   addresses as nexthop address.
1153 			   Otherwise, router will not able to send redirects.
1154 			   It is very good, but in some (rare!) circumstances
1155 			   (SIT, PtP, NBMA NOARP links) it is handy to allow
1156 			   some exceptions. --ANK
1157 			 */
1158 			err = -EINVAL;
1159 			if (!(gwa_type&IPV6_ADDR_UNICAST))
1160 				goto out;
1161 
1162 			grt = rt6_lookup(gw_addr, NULL, cfg->fc_ifindex, 1);
1163 
1164 			err = -EHOSTUNREACH;
1165 			if (grt == NULL)
1166 				goto out;
1167 			if (dev) {
1168 				if (dev != grt->rt6i_dev) {
1169 					dst_release(&grt->u.dst);
1170 					goto out;
1171 				}
1172 			} else {
1173 				dev = grt->rt6i_dev;
1174 				idev = grt->rt6i_idev;
1175 				dev_hold(dev);
1176 				in6_dev_hold(grt->rt6i_idev);
1177 			}
1178 			if (!(grt->rt6i_flags&RTF_GATEWAY))
1179 				err = 0;
1180 			dst_release(&grt->u.dst);
1181 
1182 			if (err)
1183 				goto out;
1184 		}
1185 		err = -EINVAL;
1186 		if (dev == NULL || (dev->flags&IFF_LOOPBACK))
1187 			goto out;
1188 	}
1189 
1190 	err = -ENODEV;
1191 	if (dev == NULL)
1192 		goto out;
1193 
1194 	if (cfg->fc_flags & (RTF_GATEWAY | RTF_NONEXTHOP)) {
1195 		rt->rt6i_nexthop = __neigh_lookup_errno(&nd_tbl, &rt->rt6i_gateway, dev);
1196 		if (IS_ERR(rt->rt6i_nexthop)) {
1197 			err = PTR_ERR(rt->rt6i_nexthop);
1198 			rt->rt6i_nexthop = NULL;
1199 			goto out;
1200 		}
1201 	}
1202 
1203 	rt->rt6i_flags = cfg->fc_flags;
1204 
1205 install_route:
1206 	if (cfg->fc_mx) {
1207 		struct nlattr *nla;
1208 		int remaining;
1209 
1210 		nla_for_each_attr(nla, cfg->fc_mx, cfg->fc_mx_len, remaining) {
1211 			int type = nla_type(nla);
1212 
1213 			if (type) {
1214 				if (type > RTAX_MAX) {
1215 					err = -EINVAL;
1216 					goto out;
1217 				}
1218 
1219 				rt->u.dst.metrics[type - 1] = nla_get_u32(nla);
1220 			}
1221 		}
1222 	}
1223 
1224 	if (rt->u.dst.metrics[RTAX_HOPLIMIT-1] == 0)
1225 		rt->u.dst.metrics[RTAX_HOPLIMIT-1] = -1;
1226 	if (!rt->u.dst.metrics[RTAX_MTU-1])
1227 		rt->u.dst.metrics[RTAX_MTU-1] = ipv6_get_mtu(dev);
1228 	if (!rt->u.dst.metrics[RTAX_ADVMSS-1])
1229 		rt->u.dst.metrics[RTAX_ADVMSS-1] = ipv6_advmss(dst_mtu(&rt->u.dst));
1230 	rt->u.dst.dev = dev;
1231 	rt->rt6i_idev = idev;
1232 	rt->rt6i_table = table;
1233 	return __ip6_ins_rt(rt, &cfg->fc_nlinfo);
1234 
1235 out:
1236 	if (dev)
1237 		dev_put(dev);
1238 	if (idev)
1239 		in6_dev_put(idev);
1240 	if (rt)
1241 		dst_free(&rt->u.dst);
1242 	return err;
1243 }
1244 
1245 static int __ip6_del_rt(struct rt6_info *rt, struct nl_info *info)
1246 {
1247 	int err;
1248 	struct fib6_table *table;
1249 
1250 	if (rt == &ip6_null_entry)
1251 		return -ENOENT;
1252 
1253 	table = rt->rt6i_table;
1254 	write_lock_bh(&table->tb6_lock);
1255 
1256 	err = fib6_del(rt, info);
1257 	dst_release(&rt->u.dst);
1258 
1259 	write_unlock_bh(&table->tb6_lock);
1260 
1261 	return err;
1262 }
1263 
1264 int ip6_del_rt(struct rt6_info *rt)
1265 {
1266 	struct nl_info info = {
1267 		.nl_net = &init_net,
1268 	};
1269 	return __ip6_del_rt(rt, &info);
1270 }
1271 
1272 static int ip6_route_del(struct fib6_config *cfg)
1273 {
1274 	struct fib6_table *table;
1275 	struct fib6_node *fn;
1276 	struct rt6_info *rt;
1277 	int err = -ESRCH;
1278 
1279 	table = fib6_get_table(cfg->fc_table);
1280 	if (table == NULL)
1281 		return err;
1282 
1283 	read_lock_bh(&table->tb6_lock);
1284 
1285 	fn = fib6_locate(&table->tb6_root,
1286 			 &cfg->fc_dst, cfg->fc_dst_len,
1287 			 &cfg->fc_src, cfg->fc_src_len);
1288 
1289 	if (fn) {
1290 		for (rt = fn->leaf; rt; rt = rt->u.dst.rt6_next) {
1291 			if (cfg->fc_ifindex &&
1292 			    (rt->rt6i_dev == NULL ||
1293 			     rt->rt6i_dev->ifindex != cfg->fc_ifindex))
1294 				continue;
1295 			if (cfg->fc_flags & RTF_GATEWAY &&
1296 			    !ipv6_addr_equal(&cfg->fc_gateway, &rt->rt6i_gateway))
1297 				continue;
1298 			if (cfg->fc_metric && cfg->fc_metric != rt->rt6i_metric)
1299 				continue;
1300 			dst_hold(&rt->u.dst);
1301 			read_unlock_bh(&table->tb6_lock);
1302 
1303 			return __ip6_del_rt(rt, &cfg->fc_nlinfo);
1304 		}
1305 	}
1306 	read_unlock_bh(&table->tb6_lock);
1307 
1308 	return err;
1309 }
1310 
1311 /*
1312  *	Handle redirects
1313  */
1314 struct ip6rd_flowi {
1315 	struct flowi fl;
1316 	struct in6_addr gateway;
1317 };
1318 
1319 static struct rt6_info *__ip6_route_redirect(struct fib6_table *table,
1320 					     struct flowi *fl,
1321 					     int flags)
1322 {
1323 	struct ip6rd_flowi *rdfl = (struct ip6rd_flowi *)fl;
1324 	struct rt6_info *rt;
1325 	struct fib6_node *fn;
1326 
1327 	/*
1328 	 * Get the "current" route for this destination and
1329 	 * check if the redirect has come from approriate router.
1330 	 *
1331 	 * RFC 2461 specifies that redirects should only be
1332 	 * accepted if they come from the nexthop to the target.
1333 	 * Due to the way the routes are chosen, this notion
1334 	 * is a bit fuzzy and one might need to check all possible
1335 	 * routes.
1336 	 */
1337 
1338 	read_lock_bh(&table->tb6_lock);
1339 	fn = fib6_lookup(&table->tb6_root, &fl->fl6_dst, &fl->fl6_src);
1340 restart:
1341 	for (rt = fn->leaf; rt; rt = rt->u.dst.rt6_next) {
1342 		/*
1343 		 * Current route is on-link; redirect is always invalid.
1344 		 *
1345 		 * Seems, previous statement is not true. It could
1346 		 * be node, which looks for us as on-link (f.e. proxy ndisc)
1347 		 * But then router serving it might decide, that we should
1348 		 * know truth 8)8) --ANK (980726).
1349 		 */
1350 		if (rt6_check_expired(rt))
1351 			continue;
1352 		if (!(rt->rt6i_flags & RTF_GATEWAY))
1353 			continue;
1354 		if (fl->oif != rt->rt6i_dev->ifindex)
1355 			continue;
1356 		if (!ipv6_addr_equal(&rdfl->gateway, &rt->rt6i_gateway))
1357 			continue;
1358 		break;
1359 	}
1360 
1361 	if (!rt)
1362 		rt = &ip6_null_entry;
1363 	BACKTRACK(&fl->fl6_src);
1364 out:
1365 	dst_hold(&rt->u.dst);
1366 
1367 	read_unlock_bh(&table->tb6_lock);
1368 
1369 	return rt;
1370 };
1371 
1372 static struct rt6_info *ip6_route_redirect(struct in6_addr *dest,
1373 					   struct in6_addr *src,
1374 					   struct in6_addr *gateway,
1375 					   struct net_device *dev)
1376 {
1377 	int flags = RT6_LOOKUP_F_HAS_SADDR;
1378 	struct ip6rd_flowi rdfl = {
1379 		.fl = {
1380 			.oif = dev->ifindex,
1381 			.nl_u = {
1382 				.ip6_u = {
1383 					.daddr = *dest,
1384 					.saddr = *src,
1385 				},
1386 			},
1387 		},
1388 		.gateway = *gateway,
1389 	};
1390 
1391 	if (rt6_need_strict(dest))
1392 		flags |= RT6_LOOKUP_F_IFACE;
1393 
1394 	return (struct rt6_info *)fib6_rule_lookup((struct flowi *)&rdfl, flags, __ip6_route_redirect);
1395 }
1396 
1397 void rt6_redirect(struct in6_addr *dest, struct in6_addr *src,
1398 		  struct in6_addr *saddr,
1399 		  struct neighbour *neigh, u8 *lladdr, int on_link)
1400 {
1401 	struct rt6_info *rt, *nrt = NULL;
1402 	struct netevent_redirect netevent;
1403 
1404 	rt = ip6_route_redirect(dest, src, saddr, neigh->dev);
1405 
1406 	if (rt == &ip6_null_entry) {
1407 		if (net_ratelimit())
1408 			printk(KERN_DEBUG "rt6_redirect: source isn't a valid nexthop "
1409 			       "for redirect target\n");
1410 		goto out;
1411 	}
1412 
1413 	/*
1414 	 *	We have finally decided to accept it.
1415 	 */
1416 
1417 	neigh_update(neigh, lladdr, NUD_STALE,
1418 		     NEIGH_UPDATE_F_WEAK_OVERRIDE|
1419 		     NEIGH_UPDATE_F_OVERRIDE|
1420 		     (on_link ? 0 : (NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1421 				     NEIGH_UPDATE_F_ISROUTER))
1422 		     );
1423 
1424 	/*
1425 	 * Redirect received -> path was valid.
1426 	 * Look, redirects are sent only in response to data packets,
1427 	 * so that this nexthop apparently is reachable. --ANK
1428 	 */
1429 	dst_confirm(&rt->u.dst);
1430 
1431 	/* Duplicate redirect: silently ignore. */
1432 	if (neigh == rt->u.dst.neighbour)
1433 		goto out;
1434 
1435 	nrt = ip6_rt_copy(rt);
1436 	if (nrt == NULL)
1437 		goto out;
1438 
1439 	nrt->rt6i_flags = RTF_GATEWAY|RTF_UP|RTF_DYNAMIC|RTF_CACHE;
1440 	if (on_link)
1441 		nrt->rt6i_flags &= ~RTF_GATEWAY;
1442 
1443 	ipv6_addr_copy(&nrt->rt6i_dst.addr, dest);
1444 	nrt->rt6i_dst.plen = 128;
1445 	nrt->u.dst.flags |= DST_HOST;
1446 
1447 	ipv6_addr_copy(&nrt->rt6i_gateway, (struct in6_addr*)neigh->primary_key);
1448 	nrt->rt6i_nexthop = neigh_clone(neigh);
1449 	/* Reset pmtu, it may be better */
1450 	nrt->u.dst.metrics[RTAX_MTU-1] = ipv6_get_mtu(neigh->dev);
1451 	nrt->u.dst.metrics[RTAX_ADVMSS-1] = ipv6_advmss(dst_mtu(&nrt->u.dst));
1452 
1453 	if (ip6_ins_rt(nrt))
1454 		goto out;
1455 
1456 	netevent.old = &rt->u.dst;
1457 	netevent.new = &nrt->u.dst;
1458 	call_netevent_notifiers(NETEVENT_REDIRECT, &netevent);
1459 
1460 	if (rt->rt6i_flags&RTF_CACHE) {
1461 		ip6_del_rt(rt);
1462 		return;
1463 	}
1464 
1465 out:
1466 	dst_release(&rt->u.dst);
1467 	return;
1468 }
1469 
1470 /*
1471  *	Handle ICMP "packet too big" messages
1472  *	i.e. Path MTU discovery
1473  */
1474 
1475 void rt6_pmtu_discovery(struct in6_addr *daddr, struct in6_addr *saddr,
1476 			struct net_device *dev, u32 pmtu)
1477 {
1478 	struct rt6_info *rt, *nrt;
1479 	int allfrag = 0;
1480 
1481 	rt = rt6_lookup(daddr, saddr, dev->ifindex, 0);
1482 	if (rt == NULL)
1483 		return;
1484 
1485 	if (pmtu >= dst_mtu(&rt->u.dst))
1486 		goto out;
1487 
1488 	if (pmtu < IPV6_MIN_MTU) {
1489 		/*
1490 		 * According to RFC2460, PMTU is set to the IPv6 Minimum Link
1491 		 * MTU (1280) and a fragment header should always be included
1492 		 * after a node receiving Too Big message reporting PMTU is
1493 		 * less than the IPv6 Minimum Link MTU.
1494 		 */
1495 		pmtu = IPV6_MIN_MTU;
1496 		allfrag = 1;
1497 	}
1498 
1499 	/* New mtu received -> path was valid.
1500 	   They are sent only in response to data packets,
1501 	   so that this nexthop apparently is reachable. --ANK
1502 	 */
1503 	dst_confirm(&rt->u.dst);
1504 
1505 	/* Host route. If it is static, it would be better
1506 	   not to override it, but add new one, so that
1507 	   when cache entry will expire old pmtu
1508 	   would return automatically.
1509 	 */
1510 	if (rt->rt6i_flags & RTF_CACHE) {
1511 		rt->u.dst.metrics[RTAX_MTU-1] = pmtu;
1512 		if (allfrag)
1513 			rt->u.dst.metrics[RTAX_FEATURES-1] |= RTAX_FEATURE_ALLFRAG;
1514 		dst_set_expires(&rt->u.dst, init_net.ipv6.sysctl.ip6_rt_mtu_expires);
1515 		rt->rt6i_flags |= RTF_MODIFIED|RTF_EXPIRES;
1516 		goto out;
1517 	}
1518 
1519 	/* Network route.
1520 	   Two cases are possible:
1521 	   1. It is connected route. Action: COW
1522 	   2. It is gatewayed route or NONEXTHOP route. Action: clone it.
1523 	 */
1524 	if (!rt->rt6i_nexthop && !(rt->rt6i_flags & RTF_NONEXTHOP))
1525 		nrt = rt6_alloc_cow(rt, daddr, saddr);
1526 	else
1527 		nrt = rt6_alloc_clone(rt, daddr);
1528 
1529 	if (nrt) {
1530 		nrt->u.dst.metrics[RTAX_MTU-1] = pmtu;
1531 		if (allfrag)
1532 			nrt->u.dst.metrics[RTAX_FEATURES-1] |= RTAX_FEATURE_ALLFRAG;
1533 
1534 		/* According to RFC 1981, detecting PMTU increase shouldn't be
1535 		 * happened within 5 mins, the recommended timer is 10 mins.
1536 		 * Here this route expiration time is set to ip6_rt_mtu_expires
1537 		 * which is 10 mins. After 10 mins the decreased pmtu is expired
1538 		 * and detecting PMTU increase will be automatically happened.
1539 		 */
1540 		dst_set_expires(&nrt->u.dst, init_net.ipv6.sysctl.ip6_rt_mtu_expires);
1541 		nrt->rt6i_flags |= RTF_DYNAMIC|RTF_EXPIRES;
1542 
1543 		ip6_ins_rt(nrt);
1544 	}
1545 out:
1546 	dst_release(&rt->u.dst);
1547 }
1548 
1549 /*
1550  *	Misc support functions
1551  */
1552 
1553 static struct rt6_info * ip6_rt_copy(struct rt6_info *ort)
1554 {
1555 	struct rt6_info *rt = ip6_dst_alloc();
1556 
1557 	if (rt) {
1558 		rt->u.dst.input = ort->u.dst.input;
1559 		rt->u.dst.output = ort->u.dst.output;
1560 
1561 		memcpy(rt->u.dst.metrics, ort->u.dst.metrics, RTAX_MAX*sizeof(u32));
1562 		rt->u.dst.error = ort->u.dst.error;
1563 		rt->u.dst.dev = ort->u.dst.dev;
1564 		if (rt->u.dst.dev)
1565 			dev_hold(rt->u.dst.dev);
1566 		rt->rt6i_idev = ort->rt6i_idev;
1567 		if (rt->rt6i_idev)
1568 			in6_dev_hold(rt->rt6i_idev);
1569 		rt->u.dst.lastuse = jiffies;
1570 		rt->rt6i_expires = 0;
1571 
1572 		ipv6_addr_copy(&rt->rt6i_gateway, &ort->rt6i_gateway);
1573 		rt->rt6i_flags = ort->rt6i_flags & ~RTF_EXPIRES;
1574 		rt->rt6i_metric = 0;
1575 
1576 		memcpy(&rt->rt6i_dst, &ort->rt6i_dst, sizeof(struct rt6key));
1577 #ifdef CONFIG_IPV6_SUBTREES
1578 		memcpy(&rt->rt6i_src, &ort->rt6i_src, sizeof(struct rt6key));
1579 #endif
1580 		rt->rt6i_table = ort->rt6i_table;
1581 	}
1582 	return rt;
1583 }
1584 
1585 #ifdef CONFIG_IPV6_ROUTE_INFO
1586 static struct rt6_info *rt6_get_route_info(struct in6_addr *prefix, int prefixlen,
1587 					   struct in6_addr *gwaddr, int ifindex)
1588 {
1589 	struct fib6_node *fn;
1590 	struct rt6_info *rt = NULL;
1591 	struct fib6_table *table;
1592 
1593 	table = fib6_get_table(RT6_TABLE_INFO);
1594 	if (table == NULL)
1595 		return NULL;
1596 
1597 	write_lock_bh(&table->tb6_lock);
1598 	fn = fib6_locate(&table->tb6_root, prefix ,prefixlen, NULL, 0);
1599 	if (!fn)
1600 		goto out;
1601 
1602 	for (rt = fn->leaf; rt; rt = rt->u.dst.rt6_next) {
1603 		if (rt->rt6i_dev->ifindex != ifindex)
1604 			continue;
1605 		if ((rt->rt6i_flags & (RTF_ROUTEINFO|RTF_GATEWAY)) != (RTF_ROUTEINFO|RTF_GATEWAY))
1606 			continue;
1607 		if (!ipv6_addr_equal(&rt->rt6i_gateway, gwaddr))
1608 			continue;
1609 		dst_hold(&rt->u.dst);
1610 		break;
1611 	}
1612 out:
1613 	write_unlock_bh(&table->tb6_lock);
1614 	return rt;
1615 }
1616 
1617 static struct rt6_info *rt6_add_route_info(struct in6_addr *prefix, int prefixlen,
1618 					   struct in6_addr *gwaddr, int ifindex,
1619 					   unsigned pref)
1620 {
1621 	struct fib6_config cfg = {
1622 		.fc_table	= RT6_TABLE_INFO,
1623 		.fc_metric	= IP6_RT_PRIO_USER,
1624 		.fc_ifindex	= ifindex,
1625 		.fc_dst_len	= prefixlen,
1626 		.fc_flags	= RTF_GATEWAY | RTF_ADDRCONF | RTF_ROUTEINFO |
1627 				  RTF_UP | RTF_PREF(pref),
1628 	};
1629 
1630 	ipv6_addr_copy(&cfg.fc_dst, prefix);
1631 	ipv6_addr_copy(&cfg.fc_gateway, gwaddr);
1632 
1633 	/* We should treat it as a default route if prefix length is 0. */
1634 	if (!prefixlen)
1635 		cfg.fc_flags |= RTF_DEFAULT;
1636 
1637 	ip6_route_add(&cfg);
1638 
1639 	return rt6_get_route_info(prefix, prefixlen, gwaddr, ifindex);
1640 }
1641 #endif
1642 
1643 struct rt6_info *rt6_get_dflt_router(struct in6_addr *addr, struct net_device *dev)
1644 {
1645 	struct rt6_info *rt;
1646 	struct fib6_table *table;
1647 
1648 	table = fib6_get_table(RT6_TABLE_DFLT);
1649 	if (table == NULL)
1650 		return NULL;
1651 
1652 	write_lock_bh(&table->tb6_lock);
1653 	for (rt = table->tb6_root.leaf; rt; rt=rt->u.dst.rt6_next) {
1654 		if (dev == rt->rt6i_dev &&
1655 		    ((rt->rt6i_flags & (RTF_ADDRCONF | RTF_DEFAULT)) == (RTF_ADDRCONF | RTF_DEFAULT)) &&
1656 		    ipv6_addr_equal(&rt->rt6i_gateway, addr))
1657 			break;
1658 	}
1659 	if (rt)
1660 		dst_hold(&rt->u.dst);
1661 	write_unlock_bh(&table->tb6_lock);
1662 	return rt;
1663 }
1664 
1665 EXPORT_SYMBOL(rt6_get_dflt_router);
1666 
1667 struct rt6_info *rt6_add_dflt_router(struct in6_addr *gwaddr,
1668 				     struct net_device *dev,
1669 				     unsigned int pref)
1670 {
1671 	struct fib6_config cfg = {
1672 		.fc_table	= RT6_TABLE_DFLT,
1673 		.fc_metric	= IP6_RT_PRIO_USER,
1674 		.fc_ifindex	= dev->ifindex,
1675 		.fc_flags	= RTF_GATEWAY | RTF_ADDRCONF | RTF_DEFAULT |
1676 				  RTF_UP | RTF_EXPIRES | RTF_PREF(pref),
1677 	};
1678 
1679 	ipv6_addr_copy(&cfg.fc_gateway, gwaddr);
1680 
1681 	ip6_route_add(&cfg);
1682 
1683 	return rt6_get_dflt_router(gwaddr, dev);
1684 }
1685 
1686 void rt6_purge_dflt_routers(void)
1687 {
1688 	struct rt6_info *rt;
1689 	struct fib6_table *table;
1690 
1691 	/* NOTE: Keep consistent with rt6_get_dflt_router */
1692 	table = fib6_get_table(RT6_TABLE_DFLT);
1693 	if (table == NULL)
1694 		return;
1695 
1696 restart:
1697 	read_lock_bh(&table->tb6_lock);
1698 	for (rt = table->tb6_root.leaf; rt; rt = rt->u.dst.rt6_next) {
1699 		if (rt->rt6i_flags & (RTF_DEFAULT | RTF_ADDRCONF)) {
1700 			dst_hold(&rt->u.dst);
1701 			read_unlock_bh(&table->tb6_lock);
1702 			ip6_del_rt(rt);
1703 			goto restart;
1704 		}
1705 	}
1706 	read_unlock_bh(&table->tb6_lock);
1707 }
1708 
1709 static void rtmsg_to_fib6_config(struct in6_rtmsg *rtmsg,
1710 				 struct fib6_config *cfg)
1711 {
1712 	memset(cfg, 0, sizeof(*cfg));
1713 
1714 	cfg->fc_table = RT6_TABLE_MAIN;
1715 	cfg->fc_ifindex = rtmsg->rtmsg_ifindex;
1716 	cfg->fc_metric = rtmsg->rtmsg_metric;
1717 	cfg->fc_expires = rtmsg->rtmsg_info;
1718 	cfg->fc_dst_len = rtmsg->rtmsg_dst_len;
1719 	cfg->fc_src_len = rtmsg->rtmsg_src_len;
1720 	cfg->fc_flags = rtmsg->rtmsg_flags;
1721 
1722 	cfg->fc_nlinfo.nl_net = &init_net;
1723 
1724 	ipv6_addr_copy(&cfg->fc_dst, &rtmsg->rtmsg_dst);
1725 	ipv6_addr_copy(&cfg->fc_src, &rtmsg->rtmsg_src);
1726 	ipv6_addr_copy(&cfg->fc_gateway, &rtmsg->rtmsg_gateway);
1727 }
1728 
1729 int ipv6_route_ioctl(unsigned int cmd, void __user *arg)
1730 {
1731 	struct fib6_config cfg;
1732 	struct in6_rtmsg rtmsg;
1733 	int err;
1734 
1735 	switch(cmd) {
1736 	case SIOCADDRT:		/* Add a route */
1737 	case SIOCDELRT:		/* Delete a route */
1738 		if (!capable(CAP_NET_ADMIN))
1739 			return -EPERM;
1740 		err = copy_from_user(&rtmsg, arg,
1741 				     sizeof(struct in6_rtmsg));
1742 		if (err)
1743 			return -EFAULT;
1744 
1745 		rtmsg_to_fib6_config(&rtmsg, &cfg);
1746 
1747 		rtnl_lock();
1748 		switch (cmd) {
1749 		case SIOCADDRT:
1750 			err = ip6_route_add(&cfg);
1751 			break;
1752 		case SIOCDELRT:
1753 			err = ip6_route_del(&cfg);
1754 			break;
1755 		default:
1756 			err = -EINVAL;
1757 		}
1758 		rtnl_unlock();
1759 
1760 		return err;
1761 	}
1762 
1763 	return -EINVAL;
1764 }
1765 
1766 /*
1767  *	Drop the packet on the floor
1768  */
1769 
1770 static int ip6_pkt_drop(struct sk_buff *skb, int code, int ipstats_mib_noroutes)
1771 {
1772 	int type;
1773 	switch (ipstats_mib_noroutes) {
1774 	case IPSTATS_MIB_INNOROUTES:
1775 		type = ipv6_addr_type(&ipv6_hdr(skb)->daddr);
1776 		if (type == IPV6_ADDR_ANY || type == IPV6_ADDR_RESERVED) {
1777 			IP6_INC_STATS(ip6_dst_idev(skb->dst), IPSTATS_MIB_INADDRERRORS);
1778 			break;
1779 		}
1780 		/* FALLTHROUGH */
1781 	case IPSTATS_MIB_OUTNOROUTES:
1782 		IP6_INC_STATS(ip6_dst_idev(skb->dst), ipstats_mib_noroutes);
1783 		break;
1784 	}
1785 	icmpv6_send(skb, ICMPV6_DEST_UNREACH, code, 0, skb->dev);
1786 	kfree_skb(skb);
1787 	return 0;
1788 }
1789 
1790 static int ip6_pkt_discard(struct sk_buff *skb)
1791 {
1792 	return ip6_pkt_drop(skb, ICMPV6_NOROUTE, IPSTATS_MIB_INNOROUTES);
1793 }
1794 
1795 static int ip6_pkt_discard_out(struct sk_buff *skb)
1796 {
1797 	skb->dev = skb->dst->dev;
1798 	return ip6_pkt_drop(skb, ICMPV6_NOROUTE, IPSTATS_MIB_OUTNOROUTES);
1799 }
1800 
1801 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
1802 
1803 static int ip6_pkt_prohibit(struct sk_buff *skb)
1804 {
1805 	return ip6_pkt_drop(skb, ICMPV6_ADM_PROHIBITED, IPSTATS_MIB_INNOROUTES);
1806 }
1807 
1808 static int ip6_pkt_prohibit_out(struct sk_buff *skb)
1809 {
1810 	skb->dev = skb->dst->dev;
1811 	return ip6_pkt_drop(skb, ICMPV6_ADM_PROHIBITED, IPSTATS_MIB_OUTNOROUTES);
1812 }
1813 
1814 #endif
1815 
1816 /*
1817  *	Allocate a dst for local (unicast / anycast) address.
1818  */
1819 
1820 struct rt6_info *addrconf_dst_alloc(struct inet6_dev *idev,
1821 				    const struct in6_addr *addr,
1822 				    int anycast)
1823 {
1824 	struct rt6_info *rt = ip6_dst_alloc();
1825 
1826 	if (rt == NULL)
1827 		return ERR_PTR(-ENOMEM);
1828 
1829 	dev_hold(init_net.loopback_dev);
1830 	in6_dev_hold(idev);
1831 
1832 	rt->u.dst.flags = DST_HOST;
1833 	rt->u.dst.input = ip6_input;
1834 	rt->u.dst.output = ip6_output;
1835 	rt->rt6i_dev = init_net.loopback_dev;
1836 	rt->rt6i_idev = idev;
1837 	rt->u.dst.metrics[RTAX_MTU-1] = ipv6_get_mtu(rt->rt6i_dev);
1838 	rt->u.dst.metrics[RTAX_ADVMSS-1] = ipv6_advmss(dst_mtu(&rt->u.dst));
1839 	rt->u.dst.metrics[RTAX_HOPLIMIT-1] = -1;
1840 	rt->u.dst.obsolete = -1;
1841 
1842 	rt->rt6i_flags = RTF_UP | RTF_NONEXTHOP;
1843 	if (anycast)
1844 		rt->rt6i_flags |= RTF_ANYCAST;
1845 	else
1846 		rt->rt6i_flags |= RTF_LOCAL;
1847 	rt->rt6i_nexthop = ndisc_get_neigh(rt->rt6i_dev, &rt->rt6i_gateway);
1848 	if (rt->rt6i_nexthop == NULL) {
1849 		dst_free(&rt->u.dst);
1850 		return ERR_PTR(-ENOMEM);
1851 	}
1852 
1853 	ipv6_addr_copy(&rt->rt6i_dst.addr, addr);
1854 	rt->rt6i_dst.plen = 128;
1855 	rt->rt6i_table = fib6_get_table(RT6_TABLE_LOCAL);
1856 
1857 	atomic_set(&rt->u.dst.__refcnt, 1);
1858 
1859 	return rt;
1860 }
1861 
1862 static int fib6_ifdown(struct rt6_info *rt, void *arg)
1863 {
1864 	if (((void*)rt->rt6i_dev == arg || arg == NULL) &&
1865 	    rt != &ip6_null_entry) {
1866 		RT6_TRACE("deleted by ifdown %p\n", rt);
1867 		return -1;
1868 	}
1869 	return 0;
1870 }
1871 
1872 void rt6_ifdown(struct net_device *dev)
1873 {
1874 	fib6_clean_all(fib6_ifdown, 0, dev);
1875 }
1876 
1877 struct rt6_mtu_change_arg
1878 {
1879 	struct net_device *dev;
1880 	unsigned mtu;
1881 };
1882 
1883 static int rt6_mtu_change_route(struct rt6_info *rt, void *p_arg)
1884 {
1885 	struct rt6_mtu_change_arg *arg = (struct rt6_mtu_change_arg *) p_arg;
1886 	struct inet6_dev *idev;
1887 
1888 	/* In IPv6 pmtu discovery is not optional,
1889 	   so that RTAX_MTU lock cannot disable it.
1890 	   We still use this lock to block changes
1891 	   caused by addrconf/ndisc.
1892 	*/
1893 
1894 	idev = __in6_dev_get(arg->dev);
1895 	if (idev == NULL)
1896 		return 0;
1897 
1898 	/* For administrative MTU increase, there is no way to discover
1899 	   IPv6 PMTU increase, so PMTU increase should be updated here.
1900 	   Since RFC 1981 doesn't include administrative MTU increase
1901 	   update PMTU increase is a MUST. (i.e. jumbo frame)
1902 	 */
1903 	/*
1904 	   If new MTU is less than route PMTU, this new MTU will be the
1905 	   lowest MTU in the path, update the route PMTU to reflect PMTU
1906 	   decreases; if new MTU is greater than route PMTU, and the
1907 	   old MTU is the lowest MTU in the path, update the route PMTU
1908 	   to reflect the increase. In this case if the other nodes' MTU
1909 	   also have the lowest MTU, TOO BIG MESSAGE will be lead to
1910 	   PMTU discouvery.
1911 	 */
1912 	if (rt->rt6i_dev == arg->dev &&
1913 	    !dst_metric_locked(&rt->u.dst, RTAX_MTU) &&
1914 	    (dst_mtu(&rt->u.dst) >= arg->mtu ||
1915 	     (dst_mtu(&rt->u.dst) < arg->mtu &&
1916 	      dst_mtu(&rt->u.dst) == idev->cnf.mtu6))) {
1917 		rt->u.dst.metrics[RTAX_MTU-1] = arg->mtu;
1918 		rt->u.dst.metrics[RTAX_ADVMSS-1] = ipv6_advmss(arg->mtu);
1919 	}
1920 	return 0;
1921 }
1922 
1923 void rt6_mtu_change(struct net_device *dev, unsigned mtu)
1924 {
1925 	struct rt6_mtu_change_arg arg = {
1926 		.dev = dev,
1927 		.mtu = mtu,
1928 	};
1929 
1930 	fib6_clean_all(rt6_mtu_change_route, 0, &arg);
1931 }
1932 
1933 static const struct nla_policy rtm_ipv6_policy[RTA_MAX+1] = {
1934 	[RTA_GATEWAY]           = { .len = sizeof(struct in6_addr) },
1935 	[RTA_OIF]               = { .type = NLA_U32 },
1936 	[RTA_IIF]		= { .type = NLA_U32 },
1937 	[RTA_PRIORITY]          = { .type = NLA_U32 },
1938 	[RTA_METRICS]           = { .type = NLA_NESTED },
1939 };
1940 
1941 static int rtm_to_fib6_config(struct sk_buff *skb, struct nlmsghdr *nlh,
1942 			      struct fib6_config *cfg)
1943 {
1944 	struct rtmsg *rtm;
1945 	struct nlattr *tb[RTA_MAX+1];
1946 	int err;
1947 
1948 	err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_ipv6_policy);
1949 	if (err < 0)
1950 		goto errout;
1951 
1952 	err = -EINVAL;
1953 	rtm = nlmsg_data(nlh);
1954 	memset(cfg, 0, sizeof(*cfg));
1955 
1956 	cfg->fc_table = rtm->rtm_table;
1957 	cfg->fc_dst_len = rtm->rtm_dst_len;
1958 	cfg->fc_src_len = rtm->rtm_src_len;
1959 	cfg->fc_flags = RTF_UP;
1960 	cfg->fc_protocol = rtm->rtm_protocol;
1961 
1962 	if (rtm->rtm_type == RTN_UNREACHABLE)
1963 		cfg->fc_flags |= RTF_REJECT;
1964 
1965 	cfg->fc_nlinfo.pid = NETLINK_CB(skb).pid;
1966 	cfg->fc_nlinfo.nlh = nlh;
1967 	cfg->fc_nlinfo.nl_net = skb->sk->sk_net;
1968 
1969 	if (tb[RTA_GATEWAY]) {
1970 		nla_memcpy(&cfg->fc_gateway, tb[RTA_GATEWAY], 16);
1971 		cfg->fc_flags |= RTF_GATEWAY;
1972 	}
1973 
1974 	if (tb[RTA_DST]) {
1975 		int plen = (rtm->rtm_dst_len + 7) >> 3;
1976 
1977 		if (nla_len(tb[RTA_DST]) < plen)
1978 			goto errout;
1979 
1980 		nla_memcpy(&cfg->fc_dst, tb[RTA_DST], plen);
1981 	}
1982 
1983 	if (tb[RTA_SRC]) {
1984 		int plen = (rtm->rtm_src_len + 7) >> 3;
1985 
1986 		if (nla_len(tb[RTA_SRC]) < plen)
1987 			goto errout;
1988 
1989 		nla_memcpy(&cfg->fc_src, tb[RTA_SRC], plen);
1990 	}
1991 
1992 	if (tb[RTA_OIF])
1993 		cfg->fc_ifindex = nla_get_u32(tb[RTA_OIF]);
1994 
1995 	if (tb[RTA_PRIORITY])
1996 		cfg->fc_metric = nla_get_u32(tb[RTA_PRIORITY]);
1997 
1998 	if (tb[RTA_METRICS]) {
1999 		cfg->fc_mx = nla_data(tb[RTA_METRICS]);
2000 		cfg->fc_mx_len = nla_len(tb[RTA_METRICS]);
2001 	}
2002 
2003 	if (tb[RTA_TABLE])
2004 		cfg->fc_table = nla_get_u32(tb[RTA_TABLE]);
2005 
2006 	err = 0;
2007 errout:
2008 	return err;
2009 }
2010 
2011 static int inet6_rtm_delroute(struct sk_buff *skb, struct nlmsghdr* nlh, void *arg)
2012 {
2013 	struct net *net = skb->sk->sk_net;
2014 	struct fib6_config cfg;
2015 	int err;
2016 
2017 	if (net != &init_net)
2018 		return -EINVAL;
2019 
2020 	err = rtm_to_fib6_config(skb, nlh, &cfg);
2021 	if (err < 0)
2022 		return err;
2023 
2024 	return ip6_route_del(&cfg);
2025 }
2026 
2027 static int inet6_rtm_newroute(struct sk_buff *skb, struct nlmsghdr* nlh, void *arg)
2028 {
2029 	struct net *net = skb->sk->sk_net;
2030 	struct fib6_config cfg;
2031 	int err;
2032 
2033 	if (net != &init_net)
2034 		return -EINVAL;
2035 
2036 	err = rtm_to_fib6_config(skb, nlh, &cfg);
2037 	if (err < 0)
2038 		return err;
2039 
2040 	return ip6_route_add(&cfg);
2041 }
2042 
2043 static inline size_t rt6_nlmsg_size(void)
2044 {
2045 	return NLMSG_ALIGN(sizeof(struct rtmsg))
2046 	       + nla_total_size(16) /* RTA_SRC */
2047 	       + nla_total_size(16) /* RTA_DST */
2048 	       + nla_total_size(16) /* RTA_GATEWAY */
2049 	       + nla_total_size(16) /* RTA_PREFSRC */
2050 	       + nla_total_size(4) /* RTA_TABLE */
2051 	       + nla_total_size(4) /* RTA_IIF */
2052 	       + nla_total_size(4) /* RTA_OIF */
2053 	       + nla_total_size(4) /* RTA_PRIORITY */
2054 	       + RTAX_MAX * nla_total_size(4) /* RTA_METRICS */
2055 	       + nla_total_size(sizeof(struct rta_cacheinfo));
2056 }
2057 
2058 static int rt6_fill_node(struct sk_buff *skb, struct rt6_info *rt,
2059 			 struct in6_addr *dst, struct in6_addr *src,
2060 			 int iif, int type, u32 pid, u32 seq,
2061 			 int prefix, unsigned int flags)
2062 {
2063 	struct rtmsg *rtm;
2064 	struct nlmsghdr *nlh;
2065 	long expires;
2066 	u32 table;
2067 
2068 	if (prefix) {	/* user wants prefix routes only */
2069 		if (!(rt->rt6i_flags & RTF_PREFIX_RT)) {
2070 			/* success since this is not a prefix route */
2071 			return 1;
2072 		}
2073 	}
2074 
2075 	nlh = nlmsg_put(skb, pid, seq, type, sizeof(*rtm), flags);
2076 	if (nlh == NULL)
2077 		return -EMSGSIZE;
2078 
2079 	rtm = nlmsg_data(nlh);
2080 	rtm->rtm_family = AF_INET6;
2081 	rtm->rtm_dst_len = rt->rt6i_dst.plen;
2082 	rtm->rtm_src_len = rt->rt6i_src.plen;
2083 	rtm->rtm_tos = 0;
2084 	if (rt->rt6i_table)
2085 		table = rt->rt6i_table->tb6_id;
2086 	else
2087 		table = RT6_TABLE_UNSPEC;
2088 	rtm->rtm_table = table;
2089 	NLA_PUT_U32(skb, RTA_TABLE, table);
2090 	if (rt->rt6i_flags&RTF_REJECT)
2091 		rtm->rtm_type = RTN_UNREACHABLE;
2092 	else if (rt->rt6i_dev && (rt->rt6i_dev->flags&IFF_LOOPBACK))
2093 		rtm->rtm_type = RTN_LOCAL;
2094 	else
2095 		rtm->rtm_type = RTN_UNICAST;
2096 	rtm->rtm_flags = 0;
2097 	rtm->rtm_scope = RT_SCOPE_UNIVERSE;
2098 	rtm->rtm_protocol = rt->rt6i_protocol;
2099 	if (rt->rt6i_flags&RTF_DYNAMIC)
2100 		rtm->rtm_protocol = RTPROT_REDIRECT;
2101 	else if (rt->rt6i_flags & RTF_ADDRCONF)
2102 		rtm->rtm_protocol = RTPROT_KERNEL;
2103 	else if (rt->rt6i_flags&RTF_DEFAULT)
2104 		rtm->rtm_protocol = RTPROT_RA;
2105 
2106 	if (rt->rt6i_flags&RTF_CACHE)
2107 		rtm->rtm_flags |= RTM_F_CLONED;
2108 
2109 	if (dst) {
2110 		NLA_PUT(skb, RTA_DST, 16, dst);
2111 		rtm->rtm_dst_len = 128;
2112 	} else if (rtm->rtm_dst_len)
2113 		NLA_PUT(skb, RTA_DST, 16, &rt->rt6i_dst.addr);
2114 #ifdef CONFIG_IPV6_SUBTREES
2115 	if (src) {
2116 		NLA_PUT(skb, RTA_SRC, 16, src);
2117 		rtm->rtm_src_len = 128;
2118 	} else if (rtm->rtm_src_len)
2119 		NLA_PUT(skb, RTA_SRC, 16, &rt->rt6i_src.addr);
2120 #endif
2121 	if (iif)
2122 		NLA_PUT_U32(skb, RTA_IIF, iif);
2123 	else if (dst) {
2124 		struct in6_addr saddr_buf;
2125 		if (ipv6_get_saddr(&rt->u.dst, dst, &saddr_buf) == 0)
2126 			NLA_PUT(skb, RTA_PREFSRC, 16, &saddr_buf);
2127 	}
2128 
2129 	if (rtnetlink_put_metrics(skb, rt->u.dst.metrics) < 0)
2130 		goto nla_put_failure;
2131 
2132 	if (rt->u.dst.neighbour)
2133 		NLA_PUT(skb, RTA_GATEWAY, 16, &rt->u.dst.neighbour->primary_key);
2134 
2135 	if (rt->u.dst.dev)
2136 		NLA_PUT_U32(skb, RTA_OIF, rt->rt6i_dev->ifindex);
2137 
2138 	NLA_PUT_U32(skb, RTA_PRIORITY, rt->rt6i_metric);
2139 
2140 	expires = rt->rt6i_expires ? rt->rt6i_expires - jiffies : 0;
2141 	if (rtnl_put_cacheinfo(skb, &rt->u.dst, 0, 0, 0,
2142 			       expires, rt->u.dst.error) < 0)
2143 		goto nla_put_failure;
2144 
2145 	return nlmsg_end(skb, nlh);
2146 
2147 nla_put_failure:
2148 	nlmsg_cancel(skb, nlh);
2149 	return -EMSGSIZE;
2150 }
2151 
2152 int rt6_dump_route(struct rt6_info *rt, void *p_arg)
2153 {
2154 	struct rt6_rtnl_dump_arg *arg = (struct rt6_rtnl_dump_arg *) p_arg;
2155 	int prefix;
2156 
2157 	if (nlmsg_len(arg->cb->nlh) >= sizeof(struct rtmsg)) {
2158 		struct rtmsg *rtm = nlmsg_data(arg->cb->nlh);
2159 		prefix = (rtm->rtm_flags & RTM_F_PREFIX) != 0;
2160 	} else
2161 		prefix = 0;
2162 
2163 	return rt6_fill_node(arg->skb, rt, NULL, NULL, 0, RTM_NEWROUTE,
2164 		     NETLINK_CB(arg->cb->skb).pid, arg->cb->nlh->nlmsg_seq,
2165 		     prefix, NLM_F_MULTI);
2166 }
2167 
2168 static int inet6_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr* nlh, void *arg)
2169 {
2170 	struct net *net = in_skb->sk->sk_net;
2171 	struct nlattr *tb[RTA_MAX+1];
2172 	struct rt6_info *rt;
2173 	struct sk_buff *skb;
2174 	struct rtmsg *rtm;
2175 	struct flowi fl;
2176 	int err, iif = 0;
2177 
2178 	if (net != &init_net)
2179 		return -EINVAL;
2180 
2181 	err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_ipv6_policy);
2182 	if (err < 0)
2183 		goto errout;
2184 
2185 	err = -EINVAL;
2186 	memset(&fl, 0, sizeof(fl));
2187 
2188 	if (tb[RTA_SRC]) {
2189 		if (nla_len(tb[RTA_SRC]) < sizeof(struct in6_addr))
2190 			goto errout;
2191 
2192 		ipv6_addr_copy(&fl.fl6_src, nla_data(tb[RTA_SRC]));
2193 	}
2194 
2195 	if (tb[RTA_DST]) {
2196 		if (nla_len(tb[RTA_DST]) < sizeof(struct in6_addr))
2197 			goto errout;
2198 
2199 		ipv6_addr_copy(&fl.fl6_dst, nla_data(tb[RTA_DST]));
2200 	}
2201 
2202 	if (tb[RTA_IIF])
2203 		iif = nla_get_u32(tb[RTA_IIF]);
2204 
2205 	if (tb[RTA_OIF])
2206 		fl.oif = nla_get_u32(tb[RTA_OIF]);
2207 
2208 	if (iif) {
2209 		struct net_device *dev;
2210 		dev = __dev_get_by_index(&init_net, iif);
2211 		if (!dev) {
2212 			err = -ENODEV;
2213 			goto errout;
2214 		}
2215 	}
2216 
2217 	skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL);
2218 	if (skb == NULL) {
2219 		err = -ENOBUFS;
2220 		goto errout;
2221 	}
2222 
2223 	/* Reserve room for dummy headers, this skb can pass
2224 	   through good chunk of routing engine.
2225 	 */
2226 	skb_reset_mac_header(skb);
2227 	skb_reserve(skb, MAX_HEADER + sizeof(struct ipv6hdr));
2228 
2229 	rt = (struct rt6_info*) ip6_route_output(NULL, &fl);
2230 	skb->dst = &rt->u.dst;
2231 
2232 	err = rt6_fill_node(skb, rt, &fl.fl6_dst, &fl.fl6_src, iif,
2233 			    RTM_NEWROUTE, NETLINK_CB(in_skb).pid,
2234 			    nlh->nlmsg_seq, 0, 0);
2235 	if (err < 0) {
2236 		kfree_skb(skb);
2237 		goto errout;
2238 	}
2239 
2240 	err = rtnl_unicast(skb, &init_net, NETLINK_CB(in_skb).pid);
2241 errout:
2242 	return err;
2243 }
2244 
2245 void inet6_rt_notify(int event, struct rt6_info *rt, struct nl_info *info)
2246 {
2247 	struct sk_buff *skb;
2248 	u32 seq;
2249 	int err;
2250 
2251 	err = -ENOBUFS;
2252 	seq = info->nlh != NULL ? info->nlh->nlmsg_seq : 0;
2253 
2254 	skb = nlmsg_new(rt6_nlmsg_size(), gfp_any());
2255 	if (skb == NULL)
2256 		goto errout;
2257 
2258 	err = rt6_fill_node(skb, rt, NULL, NULL, 0,
2259 				event, info->pid, seq, 0, 0);
2260 	if (err < 0) {
2261 		/* -EMSGSIZE implies BUG in rt6_nlmsg_size() */
2262 		WARN_ON(err == -EMSGSIZE);
2263 		kfree_skb(skb);
2264 		goto errout;
2265 	}
2266 	err = rtnl_notify(skb, &init_net, info->pid,
2267 				RTNLGRP_IPV6_ROUTE, info->nlh, gfp_any());
2268 errout:
2269 	if (err < 0)
2270 		rtnl_set_sk_err(&init_net, RTNLGRP_IPV6_ROUTE, err);
2271 }
2272 
2273 /*
2274  *	/proc
2275  */
2276 
2277 #ifdef CONFIG_PROC_FS
2278 
2279 #define RT6_INFO_LEN (32 + 4 + 32 + 4 + 32 + 40 + 5 + 1)
2280 
2281 struct rt6_proc_arg
2282 {
2283 	char *buffer;
2284 	int offset;
2285 	int length;
2286 	int skip;
2287 	int len;
2288 };
2289 
2290 static int rt6_info_route(struct rt6_info *rt, void *p_arg)
2291 {
2292 	struct seq_file *m = p_arg;
2293 
2294 	seq_printf(m, NIP6_SEQFMT " %02x ", NIP6(rt->rt6i_dst.addr),
2295 		   rt->rt6i_dst.plen);
2296 
2297 #ifdef CONFIG_IPV6_SUBTREES
2298 	seq_printf(m, NIP6_SEQFMT " %02x ", NIP6(rt->rt6i_src.addr),
2299 		   rt->rt6i_src.plen);
2300 #else
2301 	seq_puts(m, "00000000000000000000000000000000 00 ");
2302 #endif
2303 
2304 	if (rt->rt6i_nexthop) {
2305 		seq_printf(m, NIP6_SEQFMT,
2306 			   NIP6(*((struct in6_addr *)rt->rt6i_nexthop->primary_key)));
2307 	} else {
2308 		seq_puts(m, "00000000000000000000000000000000");
2309 	}
2310 	seq_printf(m, " %08x %08x %08x %08x %8s\n",
2311 		   rt->rt6i_metric, atomic_read(&rt->u.dst.__refcnt),
2312 		   rt->u.dst.__use, rt->rt6i_flags,
2313 		   rt->rt6i_dev ? rt->rt6i_dev->name : "");
2314 	return 0;
2315 }
2316 
2317 static int ipv6_route_show(struct seq_file *m, void *v)
2318 {
2319 	fib6_clean_all(rt6_info_route, 0, m);
2320 	return 0;
2321 }
2322 
2323 static int ipv6_route_open(struct inode *inode, struct file *file)
2324 {
2325 	return single_open(file, ipv6_route_show, NULL);
2326 }
2327 
2328 static const struct file_operations ipv6_route_proc_fops = {
2329 	.owner		= THIS_MODULE,
2330 	.open		= ipv6_route_open,
2331 	.read		= seq_read,
2332 	.llseek		= seq_lseek,
2333 	.release	= single_release,
2334 };
2335 
2336 static int rt6_stats_seq_show(struct seq_file *seq, void *v)
2337 {
2338 	seq_printf(seq, "%04x %04x %04x %04x %04x %04x %04x\n",
2339 		      rt6_stats.fib_nodes, rt6_stats.fib_route_nodes,
2340 		      rt6_stats.fib_rt_alloc, rt6_stats.fib_rt_entries,
2341 		      rt6_stats.fib_rt_cache,
2342 		      atomic_read(&ip6_dst_ops.entries),
2343 		      rt6_stats.fib_discarded_routes);
2344 
2345 	return 0;
2346 }
2347 
2348 static int rt6_stats_seq_open(struct inode *inode, struct file *file)
2349 {
2350 	return single_open(file, rt6_stats_seq_show, NULL);
2351 }
2352 
2353 static const struct file_operations rt6_stats_seq_fops = {
2354 	.owner	 = THIS_MODULE,
2355 	.open	 = rt6_stats_seq_open,
2356 	.read	 = seq_read,
2357 	.llseek	 = seq_lseek,
2358 	.release = single_release,
2359 };
2360 
2361 static int ipv6_route_proc_init(struct net *net)
2362 {
2363 	int ret = -ENOMEM;
2364 	if (!proc_net_fops_create(net, "ipv6_route",
2365 				  0, &ipv6_route_proc_fops))
2366 		goto out;
2367 
2368 	if (!proc_net_fops_create(net, "rt6_stats",
2369 				  S_IRUGO, &rt6_stats_seq_fops))
2370 		goto out_ipv6_route;
2371 
2372 	ret = 0;
2373 out:
2374 	return ret;
2375 out_ipv6_route:
2376 	proc_net_remove(net, "ipv6_route");
2377 	goto out;
2378 }
2379 
2380 static void ipv6_route_proc_fini(struct net *net)
2381 {
2382 	proc_net_remove(net, "ipv6_route");
2383 	proc_net_remove(net, "rt6_stats");
2384 }
2385 #else
2386 static inline int ipv6_route_proc_init(struct net *net)
2387 {
2388 	return 0;
2389 }
2390 static inline void ipv6_route_proc_fini(struct net *net)
2391 {
2392 	return ;
2393 }
2394 #endif	/* CONFIG_PROC_FS */
2395 
2396 #ifdef CONFIG_SYSCTL
2397 
2398 static
2399 int ipv6_sysctl_rtcache_flush(ctl_table *ctl, int write, struct file * filp,
2400 			      void __user *buffer, size_t *lenp, loff_t *ppos)
2401 {
2402 	int delay = init_net.ipv6.sysctl.flush_delay;
2403 	if (write) {
2404 		proc_dointvec(ctl, write, filp, buffer, lenp, ppos);
2405 		fib6_run_gc(delay <= 0 ? ~0UL : (unsigned long)delay);
2406 		return 0;
2407 	} else
2408 		return -EINVAL;
2409 }
2410 
2411 ctl_table ipv6_route_table_template[] = {
2412 	{
2413 		.procname	=	"flush",
2414 		.data		=	&init_net.ipv6.sysctl.flush_delay,
2415 		.maxlen		=	sizeof(int),
2416 		.mode		=	0200,
2417 		.proc_handler	=	&ipv6_sysctl_rtcache_flush
2418 	},
2419 	{
2420 		.ctl_name	=	NET_IPV6_ROUTE_GC_THRESH,
2421 		.procname	=	"gc_thresh",
2422 		.data		=	&ip6_dst_ops.gc_thresh,
2423 		.maxlen		=	sizeof(int),
2424 		.mode		=	0644,
2425 		.proc_handler	=	&proc_dointvec,
2426 	},
2427 	{
2428 		.ctl_name	=	NET_IPV6_ROUTE_MAX_SIZE,
2429 		.procname	=	"max_size",
2430 		.data		=	&init_net.ipv6.sysctl.ip6_rt_max_size,
2431 		.maxlen		=	sizeof(int),
2432 		.mode		=	0644,
2433 		.proc_handler	=	&proc_dointvec,
2434 	},
2435 	{
2436 		.ctl_name	=	NET_IPV6_ROUTE_GC_MIN_INTERVAL,
2437 		.procname	=	"gc_min_interval",
2438 		.data		=	&init_net.ipv6.sysctl.ip6_rt_gc_min_interval,
2439 		.maxlen		=	sizeof(int),
2440 		.mode		=	0644,
2441 		.proc_handler	=	&proc_dointvec_jiffies,
2442 		.strategy	=	&sysctl_jiffies,
2443 	},
2444 	{
2445 		.ctl_name	=	NET_IPV6_ROUTE_GC_TIMEOUT,
2446 		.procname	=	"gc_timeout",
2447 		.data		=	&init_net.ipv6.sysctl.ip6_rt_gc_timeout,
2448 		.maxlen		=	sizeof(int),
2449 		.mode		=	0644,
2450 		.proc_handler	=	&proc_dointvec_jiffies,
2451 		.strategy	=	&sysctl_jiffies,
2452 	},
2453 	{
2454 		.ctl_name	=	NET_IPV6_ROUTE_GC_INTERVAL,
2455 		.procname	=	"gc_interval",
2456 		.data		=	&init_net.ipv6.sysctl.ip6_rt_gc_interval,
2457 		.maxlen		=	sizeof(int),
2458 		.mode		=	0644,
2459 		.proc_handler	=	&proc_dointvec_jiffies,
2460 		.strategy	=	&sysctl_jiffies,
2461 	},
2462 	{
2463 		.ctl_name	=	NET_IPV6_ROUTE_GC_ELASTICITY,
2464 		.procname	=	"gc_elasticity",
2465 		.data		=	&init_net.ipv6.sysctl.ip6_rt_gc_elasticity,
2466 		.maxlen		=	sizeof(int),
2467 		.mode		=	0644,
2468 		.proc_handler	=	&proc_dointvec_jiffies,
2469 		.strategy	=	&sysctl_jiffies,
2470 	},
2471 	{
2472 		.ctl_name	=	NET_IPV6_ROUTE_MTU_EXPIRES,
2473 		.procname	=	"mtu_expires",
2474 		.data		=	&init_net.ipv6.sysctl.ip6_rt_mtu_expires,
2475 		.maxlen		=	sizeof(int),
2476 		.mode		=	0644,
2477 		.proc_handler	=	&proc_dointvec_jiffies,
2478 		.strategy	=	&sysctl_jiffies,
2479 	},
2480 	{
2481 		.ctl_name	=	NET_IPV6_ROUTE_MIN_ADVMSS,
2482 		.procname	=	"min_adv_mss",
2483 		.data		=	&init_net.ipv6.sysctl.ip6_rt_min_advmss,
2484 		.maxlen		=	sizeof(int),
2485 		.mode		=	0644,
2486 		.proc_handler	=	&proc_dointvec_jiffies,
2487 		.strategy	=	&sysctl_jiffies,
2488 	},
2489 	{
2490 		.ctl_name	=	NET_IPV6_ROUTE_GC_MIN_INTERVAL_MS,
2491 		.procname	=	"gc_min_interval_ms",
2492 		.data		=	&init_net.ipv6.sysctl.ip6_rt_gc_min_interval,
2493 		.maxlen		=	sizeof(int),
2494 		.mode		=	0644,
2495 		.proc_handler	=	&proc_dointvec_ms_jiffies,
2496 		.strategy	=	&sysctl_ms_jiffies,
2497 	},
2498 	{ .ctl_name = 0 }
2499 };
2500 
2501 struct ctl_table *ipv6_route_sysctl_init(struct net *net)
2502 {
2503 	struct ctl_table *table;
2504 
2505 	table = kmemdup(ipv6_route_table_template,
2506 			sizeof(ipv6_route_table_template),
2507 			GFP_KERNEL);
2508 	return table;
2509 }
2510 #endif
2511 
2512 int __init ip6_route_init(void)
2513 {
2514 	int ret;
2515 
2516 	ip6_dst_ops.kmem_cachep =
2517 		kmem_cache_create("ip6_dst_cache", sizeof(struct rt6_info), 0,
2518 				  SLAB_HWCACHE_ALIGN, NULL);
2519 	if (!ip6_dst_ops.kmem_cachep)
2520 		return -ENOMEM;
2521 
2522 	ip6_dst_blackhole_ops.kmem_cachep = ip6_dst_ops.kmem_cachep;
2523 
2524 	ret = fib6_init();
2525 	if (ret)
2526 		goto out_kmem_cache;
2527 
2528 	ret = ipv6_route_proc_init(&init_net);
2529 	if (ret)
2530 		goto out_fib6_init;
2531 
2532 	ret = xfrm6_init();
2533 	if (ret)
2534 		goto out_proc_init;
2535 
2536 	ret = fib6_rules_init();
2537 	if (ret)
2538 		goto xfrm6_init;
2539 
2540 	ret = -ENOBUFS;
2541 	if (__rtnl_register(PF_INET6, RTM_NEWROUTE, inet6_rtm_newroute, NULL) ||
2542 	    __rtnl_register(PF_INET6, RTM_DELROUTE, inet6_rtm_delroute, NULL) ||
2543 	    __rtnl_register(PF_INET6, RTM_GETROUTE, inet6_rtm_getroute, NULL))
2544 		goto fib6_rules_init;
2545 
2546 	ret = 0;
2547 out:
2548 	return ret;
2549 
2550 fib6_rules_init:
2551 	fib6_rules_cleanup();
2552 xfrm6_init:
2553 	xfrm6_fini();
2554 out_proc_init:
2555 	ipv6_route_proc_fini(&init_net);
2556 out_fib6_init:
2557 	rt6_ifdown(NULL);
2558 	fib6_gc_cleanup();
2559 out_kmem_cache:
2560 	kmem_cache_destroy(ip6_dst_ops.kmem_cachep);
2561 	goto out;
2562 }
2563 
2564 void ip6_route_cleanup(void)
2565 {
2566 	fib6_rules_cleanup();
2567 	ipv6_route_proc_fini(&init_net);
2568 	xfrm6_fini();
2569 	rt6_ifdown(NULL);
2570 	fib6_gc_cleanup();
2571 	kmem_cache_destroy(ip6_dst_ops.kmem_cachep);
2572 }
2573