2 * Linux INET6 implementation
6 * Pedro Roque <roque@di.fc.ul.pt>
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public License
10 * as published by the Free Software Foundation; either version
11 * 2 of the License, or (at your option) any later version.
16 * YOSHIFUJI Hideaki @USAGI
17 * reworked default router selection.
18 * - respect outgoing interface
19 * - select from (probably) reachable routers (i.e.
20 * routers in REACHABLE, STALE, DELAY or PROBE states).
21 * - always select the same router if it is (probably)
22 * reachable. otherwise, round-robin the list.
24 * Fixed routing subtrees.
27 #define pr_fmt(fmt) "IPv6: " fmt
29 #include <linux/capability.h>
30 #include <linux/errno.h>
31 #include <linux/export.h>
32 #include <linux/types.h>
33 #include <linux/times.h>
34 #include <linux/socket.h>
35 #include <linux/sockios.h>
36 #include <linux/net.h>
37 #include <linux/route.h>
38 #include <linux/netdevice.h>
39 #include <linux/in6.h>
40 #include <linux/mroute6.h>
41 #include <linux/init.h>
42 #include <linux/if_arp.h>
43 #include <linux/proc_fs.h>
44 #include <linux/seq_file.h>
45 #include <linux/nsproxy.h>
46 #include <linux/slab.h>
47 #include <net/net_namespace.h>
50 #include <net/ip6_fib.h>
51 #include <net/ip6_route.h>
52 #include <net/ndisc.h>
53 #include <net/addrconf.h>
55 #include <linux/rtnetlink.h>
58 #include <net/netevent.h>
59 #include <net/netlink.h>
60 #include <net/nexthop.h>
62 #include <asm/uaccess.h>
65 #include <linux/sysctl.h>
68 static struct rt6_info *ip6_rt_copy(struct rt6_info *ort,
69 const struct in6_addr *dest);
70 static struct dst_entry *ip6_dst_check(struct dst_entry *dst, u32 cookie);
71 static unsigned int ip6_default_advmss(const struct dst_entry *dst);
72 static unsigned int ip6_mtu(const struct dst_entry *dst);
73 static struct dst_entry *ip6_negative_advice(struct dst_entry *);
74 static void ip6_dst_destroy(struct dst_entry *);
75 static void ip6_dst_ifdown(struct dst_entry *,
76 struct net_device *dev, int how);
77 static int ip6_dst_gc(struct dst_ops *ops);
79 static int ip6_pkt_discard(struct sk_buff *skb);
80 static int ip6_pkt_discard_out(struct sk_buff *skb);
81 static void ip6_link_failure(struct sk_buff *skb);
82 static void ip6_rt_update_pmtu(struct dst_entry *dst, struct sock *sk,
83 struct sk_buff *skb, u32 mtu);
84 static void rt6_do_redirect(struct dst_entry *dst, struct sock *sk,
86 static int rt6_score_route(struct rt6_info *rt, int oif, int strict);
88 #ifdef CONFIG_IPV6_ROUTE_INFO
89 static struct rt6_info *rt6_add_route_info(struct net *net,
90 const struct in6_addr *prefix, int prefixlen,
91 const struct in6_addr *gwaddr, int ifindex,
93 static struct rt6_info *rt6_get_route_info(struct net *net,
94 const struct in6_addr *prefix, int prefixlen,
95 const struct in6_addr *gwaddr, int ifindex);
98 static u32 *ipv6_cow_metrics(struct dst_entry *dst, unsigned long old)
100 struct rt6_info *rt = (struct rt6_info *) dst;
101 struct inet_peer *peer;
104 if (!(rt->dst.flags & DST_HOST))
107 peer = rt6_get_peer_create(rt);
109 u32 *old_p = __DST_METRICS_PTR(old);
110 unsigned long prev, new;
113 if (inet_metrics_new(peer))
114 memcpy(p, old_p, sizeof(u32) * RTAX_MAX);
116 new = (unsigned long) p;
117 prev = cmpxchg(&dst->_metrics, old, new);
120 p = __DST_METRICS_PTR(prev);
121 if (prev & DST_METRICS_READ_ONLY)
128 static inline const void *choose_neigh_daddr(struct rt6_info *rt,
132 struct in6_addr *p = &rt->rt6i_gateway;
134 if (!ipv6_addr_any(p))
135 return (const void *) p;
137 return &ipv6_hdr(skb)->daddr;
141 static struct neighbour *ip6_neigh_lookup(const struct dst_entry *dst,
145 struct rt6_info *rt = (struct rt6_info *) dst;
148 daddr = choose_neigh_daddr(rt, skb, daddr);
149 n = __ipv6_neigh_lookup(dst->dev, daddr);
152 return neigh_create(&nd_tbl, daddr, dst->dev);
155 static struct dst_ops ip6_dst_ops_template = {
157 .protocol = cpu_to_be16(ETH_P_IPV6),
160 .check = ip6_dst_check,
161 .default_advmss = ip6_default_advmss,
163 .cow_metrics = ipv6_cow_metrics,
164 .destroy = ip6_dst_destroy,
165 .ifdown = ip6_dst_ifdown,
166 .negative_advice = ip6_negative_advice,
167 .link_failure = ip6_link_failure,
168 .update_pmtu = ip6_rt_update_pmtu,
169 .redirect = rt6_do_redirect,
170 .local_out = __ip6_local_out,
171 .neigh_lookup = ip6_neigh_lookup,
174 static unsigned int ip6_blackhole_mtu(const struct dst_entry *dst)
176 unsigned int mtu = dst_metric_raw(dst, RTAX_MTU);
178 return mtu ? : dst->dev->mtu;
181 static void ip6_rt_blackhole_update_pmtu(struct dst_entry *dst, struct sock *sk,
182 struct sk_buff *skb, u32 mtu)
186 static void ip6_rt_blackhole_redirect(struct dst_entry *dst, struct sock *sk,
191 static u32 *ip6_rt_blackhole_cow_metrics(struct dst_entry *dst,
197 static struct dst_ops ip6_dst_blackhole_ops = {
199 .protocol = cpu_to_be16(ETH_P_IPV6),
200 .destroy = ip6_dst_destroy,
201 .check = ip6_dst_check,
202 .mtu = ip6_blackhole_mtu,
203 .default_advmss = ip6_default_advmss,
204 .update_pmtu = ip6_rt_blackhole_update_pmtu,
205 .redirect = ip6_rt_blackhole_redirect,
206 .cow_metrics = ip6_rt_blackhole_cow_metrics,
207 .neigh_lookup = ip6_neigh_lookup,
210 static const u32 ip6_template_metrics[RTAX_MAX] = {
211 [RTAX_HOPLIMIT - 1] = 0,
214 static const struct rt6_info ip6_null_entry_template = {
216 .__refcnt = ATOMIC_INIT(1),
218 .obsolete = DST_OBSOLETE_FORCE_CHK,
219 .error = -ENETUNREACH,
220 .input = ip6_pkt_discard,
221 .output = ip6_pkt_discard_out,
223 .rt6i_flags = (RTF_REJECT | RTF_NONEXTHOP),
224 .rt6i_protocol = RTPROT_KERNEL,
225 .rt6i_metric = ~(u32) 0,
226 .rt6i_ref = ATOMIC_INIT(1),
229 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
231 static int ip6_pkt_prohibit(struct sk_buff *skb);
232 static int ip6_pkt_prohibit_out(struct sk_buff *skb);
234 static const struct rt6_info ip6_prohibit_entry_template = {
236 .__refcnt = ATOMIC_INIT(1),
238 .obsolete = DST_OBSOLETE_FORCE_CHK,
240 .input = ip6_pkt_prohibit,
241 .output = ip6_pkt_prohibit_out,
243 .rt6i_flags = (RTF_REJECT | RTF_NONEXTHOP),
244 .rt6i_protocol = RTPROT_KERNEL,
245 .rt6i_metric = ~(u32) 0,
246 .rt6i_ref = ATOMIC_INIT(1),
249 static const struct rt6_info ip6_blk_hole_entry_template = {
251 .__refcnt = ATOMIC_INIT(1),
253 .obsolete = DST_OBSOLETE_FORCE_CHK,
255 .input = dst_discard,
256 .output = dst_discard,
258 .rt6i_flags = (RTF_REJECT | RTF_NONEXTHOP),
259 .rt6i_protocol = RTPROT_KERNEL,
260 .rt6i_metric = ~(u32) 0,
261 .rt6i_ref = ATOMIC_INIT(1),
266 /* allocate dst with ip6_dst_ops */
267 static inline struct rt6_info *ip6_dst_alloc(struct net *net,
268 struct net_device *dev,
270 struct fib6_table *table)
272 struct rt6_info *rt = dst_alloc(&net->ipv6.ip6_dst_ops, dev,
273 0, DST_OBSOLETE_FORCE_CHK, flags);
276 struct dst_entry *dst = &rt->dst;
278 memset(dst + 1, 0, sizeof(*rt) - sizeof(*dst));
279 rt6_init_peer(rt, table ? &table->tb6_peers : net->ipv6.peers);
280 rt->rt6i_genid = rt_genid(net);
281 INIT_LIST_HEAD(&rt->rt6i_siblings);
282 rt->rt6i_nsiblings = 0;
287 static void ip6_dst_destroy(struct dst_entry *dst)
289 struct rt6_info *rt = (struct rt6_info *)dst;
290 struct inet6_dev *idev = rt->rt6i_idev;
291 struct dst_entry *from = dst->from;
293 if (!(rt->dst.flags & DST_HOST))
294 dst_destroy_metrics_generic(dst);
297 rt->rt6i_idev = NULL;
304 if (rt6_has_peer(rt)) {
305 struct inet_peer *peer = rt6_peer_ptr(rt);
310 void rt6_bind_peer(struct rt6_info *rt, int create)
312 struct inet_peer_base *base;
313 struct inet_peer *peer;
315 base = inetpeer_base_ptr(rt->_rt6i_peer);
319 peer = inet_getpeer_v6(base, &rt->rt6i_dst.addr, create);
321 if (!rt6_set_peer(rt, peer))
326 static void ip6_dst_ifdown(struct dst_entry *dst, struct net_device *dev,
329 struct rt6_info *rt = (struct rt6_info *)dst;
330 struct inet6_dev *idev = rt->rt6i_idev;
331 struct net_device *loopback_dev =
332 dev_net(dev)->loopback_dev;
334 if (dev != loopback_dev) {
335 if (idev && idev->dev == dev) {
336 struct inet6_dev *loopback_idev =
337 in6_dev_get(loopback_dev);
339 rt->rt6i_idev = loopback_idev;
346 static bool rt6_check_expired(const struct rt6_info *rt)
348 if (rt->rt6i_flags & RTF_EXPIRES) {
349 if (time_after(jiffies, rt->dst.expires))
351 } else if (rt->dst.from) {
352 return rt6_check_expired((struct rt6_info *) rt->dst.from);
357 static bool rt6_need_strict(const struct in6_addr *daddr)
359 return ipv6_addr_type(daddr) &
360 (IPV6_ADDR_MULTICAST | IPV6_ADDR_LINKLOCAL | IPV6_ADDR_LOOPBACK);
363 /* Multipath route selection:
364 * Hash based function using packet header and flowlabel.
365 * Adapted from fib_info_hashfn()
367 static int rt6_info_hash_nhsfn(unsigned int candidate_count,
368 const struct flowi6 *fl6)
370 unsigned int val = fl6->flowi6_proto;
372 val ^= ipv6_addr_hash(&fl6->daddr);
373 val ^= ipv6_addr_hash(&fl6->saddr);
375 /* Work only if this not encapsulated */
376 switch (fl6->flowi6_proto) {
380 val ^= (__force u16)fl6->fl6_sport;
381 val ^= (__force u16)fl6->fl6_dport;
385 val ^= (__force u16)fl6->fl6_icmp_type;
386 val ^= (__force u16)fl6->fl6_icmp_code;
389 /* RFC6438 recommands to use flowlabel */
390 val ^= (__force u32)fl6->flowlabel;
392 /* Perhaps, we need to tune, this function? */
393 val = val ^ (val >> 7) ^ (val >> 12);
394 return val % candidate_count;
397 static struct rt6_info *rt6_multipath_select(struct rt6_info *match,
398 struct flowi6 *fl6, int oif,
401 struct rt6_info *sibling, *next_sibling;
404 route_choosen = rt6_info_hash_nhsfn(match->rt6i_nsiblings + 1, fl6);
405 /* Don't change the route, if route_choosen == 0
406 * (siblings does not include ourself)
409 list_for_each_entry_safe(sibling, next_sibling,
410 &match->rt6i_siblings, rt6i_siblings) {
412 if (route_choosen == 0) {
413 if (rt6_score_route(sibling, oif, strict) < 0)
423 * Route lookup. Any table->tb6_lock is implied.
426 static inline struct rt6_info *rt6_device_match(struct net *net,
428 const struct in6_addr *saddr,
432 struct rt6_info *local = NULL;
433 struct rt6_info *sprt;
435 if (!oif && ipv6_addr_any(saddr))
438 for (sprt = rt; sprt; sprt = sprt->dst.rt6_next) {
439 struct net_device *dev = sprt->dst.dev;
442 if (dev->ifindex == oif)
444 if (dev->flags & IFF_LOOPBACK) {
445 if (!sprt->rt6i_idev ||
446 sprt->rt6i_idev->dev->ifindex != oif) {
447 if (flags & RT6_LOOKUP_F_IFACE && oif)
449 if (local && (!oif ||
450 local->rt6i_idev->dev->ifindex == oif))
456 if (ipv6_chk_addr(net, saddr, dev,
457 flags & RT6_LOOKUP_F_IFACE))
466 if (flags & RT6_LOOKUP_F_IFACE)
467 return net->ipv6.ip6_null_entry;
473 #ifdef CONFIG_IPV6_ROUTER_PREF
474 static void rt6_probe(struct rt6_info *rt)
476 struct neighbour *neigh;
478 * Okay, this does not seem to be appropriate
479 * for now, however, we need to check if it
480 * is really so; aka Router Reachability Probing.
482 * Router Reachability Probe MUST be rate-limited
483 * to no more than one per minute.
485 if (!rt || !(rt->rt6i_flags & RTF_GATEWAY))
488 neigh = __ipv6_neigh_lookup_noref(rt->dst.dev, &rt->rt6i_gateway);
490 write_lock(&neigh->lock);
491 if (neigh->nud_state & NUD_VALID)
496 time_after(jiffies, neigh->updated + rt->rt6i_idev->cnf.rtr_probe_interval)) {
497 struct in6_addr mcaddr;
498 struct in6_addr *target;
501 neigh->updated = jiffies;
502 write_unlock(&neigh->lock);
505 target = (struct in6_addr *)&rt->rt6i_gateway;
506 addrconf_addr_solict_mult(target, &mcaddr);
507 ndisc_send_ns(rt->dst.dev, NULL, target, &mcaddr, NULL);
510 write_unlock(&neigh->lock);
512 rcu_read_unlock_bh();
515 static inline void rt6_probe(struct rt6_info *rt)
521 * Default Router Selection (RFC 2461 6.3.6)
523 static inline int rt6_check_dev(struct rt6_info *rt, int oif)
525 struct net_device *dev = rt->dst.dev;
526 if (!oif || dev->ifindex == oif)
528 if ((dev->flags & IFF_LOOPBACK) &&
529 rt->rt6i_idev && rt->rt6i_idev->dev->ifindex == oif)
534 static inline bool rt6_check_neigh(struct rt6_info *rt)
536 struct neighbour *neigh;
539 if (rt->rt6i_flags & RTF_NONEXTHOP ||
540 !(rt->rt6i_flags & RTF_GATEWAY))
544 neigh = __ipv6_neigh_lookup_noref(rt->dst.dev, &rt->rt6i_gateway);
546 read_lock(&neigh->lock);
547 if (neigh->nud_state & NUD_VALID)
549 #ifdef CONFIG_IPV6_ROUTER_PREF
550 else if (!(neigh->nud_state & NUD_FAILED))
553 read_unlock(&neigh->lock);
554 } else if (IS_ENABLED(CONFIG_IPV6_ROUTER_PREF)) {
557 rcu_read_unlock_bh();
562 static int rt6_score_route(struct rt6_info *rt, int oif,
567 m = rt6_check_dev(rt, oif);
568 if (!m && (strict & RT6_LOOKUP_F_IFACE))
570 #ifdef CONFIG_IPV6_ROUTER_PREF
571 m |= IPV6_DECODE_PREF(IPV6_EXTRACT_PREF(rt->rt6i_flags)) << 2;
573 if (!rt6_check_neigh(rt) && (strict & RT6_LOOKUP_F_REACHABLE))
578 static struct rt6_info *find_match(struct rt6_info *rt, int oif, int strict,
579 int *mpri, struct rt6_info *match)
583 if (rt6_check_expired(rt))
586 m = rt6_score_route(rt, oif, strict);
591 if (strict & RT6_LOOKUP_F_REACHABLE)
595 } else if (strict & RT6_LOOKUP_F_REACHABLE) {
603 static struct rt6_info *find_rr_leaf(struct fib6_node *fn,
604 struct rt6_info *rr_head,
605 u32 metric, int oif, int strict)
607 struct rt6_info *rt, *match;
611 for (rt = rr_head; rt && rt->rt6i_metric == metric;
612 rt = rt->dst.rt6_next)
613 match = find_match(rt, oif, strict, &mpri, match);
614 for (rt = fn->leaf; rt && rt != rr_head && rt->rt6i_metric == metric;
615 rt = rt->dst.rt6_next)
616 match = find_match(rt, oif, strict, &mpri, match);
621 static struct rt6_info *rt6_select(struct fib6_node *fn, int oif, int strict)
623 struct rt6_info *match, *rt0;
628 fn->rr_ptr = rt0 = fn->leaf;
630 match = find_rr_leaf(fn, rt0, rt0->rt6i_metric, oif, strict);
633 (strict & RT6_LOOKUP_F_REACHABLE)) {
634 struct rt6_info *next = rt0->dst.rt6_next;
636 /* no entries matched; do round-robin */
637 if (!next || next->rt6i_metric != rt0->rt6i_metric)
644 net = dev_net(rt0->dst.dev);
645 return match ? match : net->ipv6.ip6_null_entry;
648 #ifdef CONFIG_IPV6_ROUTE_INFO
649 int rt6_route_rcv(struct net_device *dev, u8 *opt, int len,
650 const struct in6_addr *gwaddr)
652 struct net *net = dev_net(dev);
653 struct route_info *rinfo = (struct route_info *) opt;
654 struct in6_addr prefix_buf, *prefix;
656 unsigned long lifetime;
659 if (len < sizeof(struct route_info)) {
663 /* Sanity check for prefix_len and length */
664 if (rinfo->length > 3) {
666 } else if (rinfo->prefix_len > 128) {
668 } else if (rinfo->prefix_len > 64) {
669 if (rinfo->length < 2) {
672 } else if (rinfo->prefix_len > 0) {
673 if (rinfo->length < 1) {
678 pref = rinfo->route_pref;
679 if (pref == ICMPV6_ROUTER_PREF_INVALID)
682 lifetime = addrconf_timeout_fixup(ntohl(rinfo->lifetime), HZ);
684 if (rinfo->length == 3)
685 prefix = (struct in6_addr *)rinfo->prefix;
687 /* this function is safe */
688 ipv6_addr_prefix(&prefix_buf,
689 (struct in6_addr *)rinfo->prefix,
691 prefix = &prefix_buf;
694 rt = rt6_get_route_info(net, prefix, rinfo->prefix_len, gwaddr,
697 if (rt && !lifetime) {
703 rt = rt6_add_route_info(net, prefix, rinfo->prefix_len, gwaddr, dev->ifindex,
706 rt->rt6i_flags = RTF_ROUTEINFO |
707 (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
710 if (!addrconf_finite_timeout(lifetime))
711 rt6_clean_expires(rt);
713 rt6_set_expires(rt, jiffies + HZ * lifetime);
721 #define BACKTRACK(__net, saddr) \
723 if (rt == __net->ipv6.ip6_null_entry) { \
724 struct fib6_node *pn; \
726 if (fn->fn_flags & RTN_TL_ROOT) \
729 if (FIB6_SUBTREE(pn) && FIB6_SUBTREE(pn) != fn) \
730 fn = fib6_lookup(FIB6_SUBTREE(pn), NULL, saddr); \
733 if (fn->fn_flags & RTN_RTINFO) \
739 static struct rt6_info *ip6_pol_route_lookup(struct net *net,
740 struct fib6_table *table,
741 struct flowi6 *fl6, int flags)
743 struct fib6_node *fn;
746 read_lock_bh(&table->tb6_lock);
747 fn = fib6_lookup(&table->tb6_root, &fl6->daddr, &fl6->saddr);
750 rt = rt6_device_match(net, rt, &fl6->saddr, fl6->flowi6_oif, flags);
751 if (rt->rt6i_nsiblings && fl6->flowi6_oif == 0)
752 rt = rt6_multipath_select(rt, fl6, fl6->flowi6_oif, flags);
753 BACKTRACK(net, &fl6->saddr);
755 dst_use(&rt->dst, jiffies);
756 read_unlock_bh(&table->tb6_lock);
761 struct dst_entry * ip6_route_lookup(struct net *net, struct flowi6 *fl6,
764 return fib6_rule_lookup(net, fl6, flags, ip6_pol_route_lookup);
766 EXPORT_SYMBOL_GPL(ip6_route_lookup);
768 struct rt6_info *rt6_lookup(struct net *net, const struct in6_addr *daddr,
769 const struct in6_addr *saddr, int oif, int strict)
771 struct flowi6 fl6 = {
775 struct dst_entry *dst;
776 int flags = strict ? RT6_LOOKUP_F_IFACE : 0;
779 memcpy(&fl6.saddr, saddr, sizeof(*saddr));
780 flags |= RT6_LOOKUP_F_HAS_SADDR;
783 dst = fib6_rule_lookup(net, &fl6, flags, ip6_pol_route_lookup);
785 return (struct rt6_info *) dst;
792 EXPORT_SYMBOL(rt6_lookup);
794 /* ip6_ins_rt is called with FREE table->tb6_lock.
795 It takes new route entry, the addition fails by any reason the
796 route is freed. In any case, if caller does not hold it, it may
800 static int __ip6_ins_rt(struct rt6_info *rt, struct nl_info *info)
803 struct fib6_table *table;
805 table = rt->rt6i_table;
806 write_lock_bh(&table->tb6_lock);
807 err = fib6_add(&table->tb6_root, rt, info);
808 write_unlock_bh(&table->tb6_lock);
813 int ip6_ins_rt(struct rt6_info *rt)
815 struct nl_info info = {
816 .nl_net = dev_net(rt->dst.dev),
818 return __ip6_ins_rt(rt, &info);
821 static struct rt6_info *rt6_alloc_cow(struct rt6_info *ort,
822 const struct in6_addr *daddr,
823 const struct in6_addr *saddr)
831 rt = ip6_rt_copy(ort, daddr);
834 if (!(rt->rt6i_flags & RTF_GATEWAY)) {
835 if (ort->rt6i_dst.plen != 128 &&
836 ipv6_addr_equal(&ort->rt6i_dst.addr, daddr))
837 rt->rt6i_flags |= RTF_ANYCAST;
838 rt->rt6i_gateway = *daddr;
841 rt->rt6i_flags |= RTF_CACHE;
843 #ifdef CONFIG_IPV6_SUBTREES
844 if (rt->rt6i_src.plen && saddr) {
845 rt->rt6i_src.addr = *saddr;
846 rt->rt6i_src.plen = 128;
854 static struct rt6_info *rt6_alloc_clone(struct rt6_info *ort,
855 const struct in6_addr *daddr)
857 struct rt6_info *rt = ip6_rt_copy(ort, daddr);
860 rt->rt6i_flags |= RTF_CACHE;
864 static struct rt6_info *ip6_pol_route(struct net *net, struct fib6_table *table, int oif,
865 struct flowi6 *fl6, int flags)
867 struct fib6_node *fn;
868 struct rt6_info *rt, *nrt;
872 int reachable = net->ipv6.devconf_all->forwarding ? 0 : RT6_LOOKUP_F_REACHABLE;
874 strict |= flags & RT6_LOOKUP_F_IFACE;
877 read_lock_bh(&table->tb6_lock);
880 fn = fib6_lookup(&table->tb6_root, &fl6->daddr, &fl6->saddr);
883 rt = rt6_select(fn, oif, strict | reachable);
884 if (rt->rt6i_nsiblings)
885 rt = rt6_multipath_select(rt, fl6, oif, strict | reachable);
886 BACKTRACK(net, &fl6->saddr);
887 if (rt == net->ipv6.ip6_null_entry ||
888 rt->rt6i_flags & RTF_CACHE)
892 read_unlock_bh(&table->tb6_lock);
894 if (!(rt->rt6i_flags & (RTF_NONEXTHOP | RTF_GATEWAY)))
895 nrt = rt6_alloc_cow(rt, &fl6->daddr, &fl6->saddr);
896 else if (!(rt->dst.flags & DST_HOST))
897 nrt = rt6_alloc_clone(rt, &fl6->daddr);
902 rt = nrt ? : net->ipv6.ip6_null_entry;
906 err = ip6_ins_rt(nrt);
915 * Race condition! In the gap, when table->tb6_lock was
916 * released someone could insert this route. Relookup.
927 read_unlock_bh(&table->tb6_lock);
929 rt->dst.lastuse = jiffies;
935 static struct rt6_info *ip6_pol_route_input(struct net *net, struct fib6_table *table,
936 struct flowi6 *fl6, int flags)
938 return ip6_pol_route(net, table, fl6->flowi6_iif, fl6, flags);
941 static struct dst_entry *ip6_route_input_lookup(struct net *net,
942 struct net_device *dev,
943 struct flowi6 *fl6, int flags)
945 if (rt6_need_strict(&fl6->daddr) && dev->type != ARPHRD_PIMREG)
946 flags |= RT6_LOOKUP_F_IFACE;
948 return fib6_rule_lookup(net, fl6, flags, ip6_pol_route_input);
951 void ip6_route_input(struct sk_buff *skb)
953 const struct ipv6hdr *iph = ipv6_hdr(skb);
954 struct net *net = dev_net(skb->dev);
955 int flags = RT6_LOOKUP_F_HAS_SADDR;
956 struct flowi6 fl6 = {
957 .flowi6_iif = skb->dev->ifindex,
960 .flowlabel = ip6_flowinfo(iph),
961 .flowi6_mark = skb->mark,
962 .flowi6_proto = iph->nexthdr,
965 skb_dst_set(skb, ip6_route_input_lookup(net, skb->dev, &fl6, flags));
968 static struct rt6_info *ip6_pol_route_output(struct net *net, struct fib6_table *table,
969 struct flowi6 *fl6, int flags)
971 return ip6_pol_route(net, table, fl6->flowi6_oif, fl6, flags);
974 struct dst_entry * ip6_route_output(struct net *net, const struct sock *sk,
979 fl6->flowi6_iif = LOOPBACK_IFINDEX;
981 if ((sk && sk->sk_bound_dev_if) || rt6_need_strict(&fl6->daddr))
982 flags |= RT6_LOOKUP_F_IFACE;
984 if (!ipv6_addr_any(&fl6->saddr))
985 flags |= RT6_LOOKUP_F_HAS_SADDR;
987 flags |= rt6_srcprefs2flags(inet6_sk(sk)->srcprefs);
989 return fib6_rule_lookup(net, fl6, flags, ip6_pol_route_output);
992 EXPORT_SYMBOL(ip6_route_output);
994 struct dst_entry *ip6_blackhole_route(struct net *net, struct dst_entry *dst_orig)
996 struct rt6_info *rt, *ort = (struct rt6_info *) dst_orig;
997 struct dst_entry *new = NULL;
999 rt = dst_alloc(&ip6_dst_blackhole_ops, ort->dst.dev, 1, DST_OBSOLETE_NONE, 0);
1003 memset(new + 1, 0, sizeof(*rt) - sizeof(*new));
1004 rt6_init_peer(rt, net->ipv6.peers);
1007 new->input = dst_discard;
1008 new->output = dst_discard;
1010 if (dst_metrics_read_only(&ort->dst))
1011 new->_metrics = ort->dst._metrics;
1013 dst_copy_metrics(new, &ort->dst);
1014 rt->rt6i_idev = ort->rt6i_idev;
1016 in6_dev_hold(rt->rt6i_idev);
1018 rt->rt6i_gateway = ort->rt6i_gateway;
1019 rt->rt6i_flags = ort->rt6i_flags;
1020 rt->rt6i_metric = 0;
1022 memcpy(&rt->rt6i_dst, &ort->rt6i_dst, sizeof(struct rt6key));
1023 #ifdef CONFIG_IPV6_SUBTREES
1024 memcpy(&rt->rt6i_src, &ort->rt6i_src, sizeof(struct rt6key));
1030 dst_release(dst_orig);
1031 return new ? new : ERR_PTR(-ENOMEM);
1035 * Destination cache support functions
1038 static struct dst_entry *ip6_dst_check(struct dst_entry *dst, u32 cookie)
1040 struct rt6_info *rt;
1042 rt = (struct rt6_info *) dst;
1044 /* All IPV6 dsts are created with ->obsolete set to the value
1045 * DST_OBSOLETE_FORCE_CHK which forces validation calls down
1046 * into this function always.
1048 if (rt->rt6i_genid != rt_genid(dev_net(rt->dst.dev)))
1051 if (rt->rt6i_node && (rt->rt6i_node->fn_sernum == cookie))
1057 static struct dst_entry *ip6_negative_advice(struct dst_entry *dst)
1059 struct rt6_info *rt = (struct rt6_info *) dst;
1062 if (rt->rt6i_flags & RTF_CACHE) {
1063 if (rt6_check_expired(rt)) {
1075 static void ip6_link_failure(struct sk_buff *skb)
1077 struct rt6_info *rt;
1079 icmpv6_send(skb, ICMPV6_DEST_UNREACH, ICMPV6_ADDR_UNREACH, 0);
1081 rt = (struct rt6_info *) skb_dst(skb);
1083 if (rt->rt6i_flags & RTF_CACHE) {
1087 } else if (rt->rt6i_node && (rt->rt6i_flags & RTF_DEFAULT)) {
1088 rt->rt6i_node->fn_sernum = -1;
1093 static void ip6_rt_update_pmtu(struct dst_entry *dst, struct sock *sk,
1094 struct sk_buff *skb, u32 mtu)
1096 struct rt6_info *rt6 = (struct rt6_info*)dst;
1099 if (mtu < dst_mtu(dst) && rt6->rt6i_dst.plen == 128) {
1100 struct net *net = dev_net(dst->dev);
1102 rt6->rt6i_flags |= RTF_MODIFIED;
1103 if (mtu < IPV6_MIN_MTU) {
1104 u32 features = dst_metric(dst, RTAX_FEATURES);
1106 features |= RTAX_FEATURE_ALLFRAG;
1107 dst_metric_set(dst, RTAX_FEATURES, features);
1109 dst_metric_set(dst, RTAX_MTU, mtu);
1110 rt6_update_expires(rt6, net->ipv6.sysctl.ip6_rt_mtu_expires);
1114 void ip6_update_pmtu(struct sk_buff *skb, struct net *net, __be32 mtu,
1117 const struct ipv6hdr *iph = (struct ipv6hdr *) skb->data;
1118 struct dst_entry *dst;
1121 memset(&fl6, 0, sizeof(fl6));
1122 fl6.flowi6_oif = oif;
1123 fl6.flowi6_mark = mark;
1124 fl6.flowi6_flags = 0;
1125 fl6.daddr = iph->daddr;
1126 fl6.saddr = iph->saddr;
1127 fl6.flowlabel = ip6_flowinfo(iph);
1129 dst = ip6_route_output(net, NULL, &fl6);
1131 ip6_rt_update_pmtu(dst, NULL, skb, ntohl(mtu));
1134 EXPORT_SYMBOL_GPL(ip6_update_pmtu);
1136 void ip6_sk_update_pmtu(struct sk_buff *skb, struct sock *sk, __be32 mtu)
1138 ip6_update_pmtu(skb, sock_net(sk), mtu,
1139 sk->sk_bound_dev_if, sk->sk_mark);
1141 EXPORT_SYMBOL_GPL(ip6_sk_update_pmtu);
1143 void ip6_redirect(struct sk_buff *skb, struct net *net, int oif, u32 mark)
1145 const struct ipv6hdr *iph = (struct ipv6hdr *) skb->data;
1146 struct dst_entry *dst;
1149 memset(&fl6, 0, sizeof(fl6));
1150 fl6.flowi6_oif = oif;
1151 fl6.flowi6_mark = mark;
1152 fl6.flowi6_flags = 0;
1153 fl6.daddr = iph->daddr;
1154 fl6.saddr = iph->saddr;
1155 fl6.flowlabel = ip6_flowinfo(iph);
1157 dst = ip6_route_output(net, NULL, &fl6);
1159 rt6_do_redirect(dst, NULL, skb);
1162 EXPORT_SYMBOL_GPL(ip6_redirect);
1164 void ip6_sk_redirect(struct sk_buff *skb, struct sock *sk)
1166 ip6_redirect(skb, sock_net(sk), sk->sk_bound_dev_if, sk->sk_mark);
1168 EXPORT_SYMBOL_GPL(ip6_sk_redirect);
1170 static unsigned int ip6_default_advmss(const struct dst_entry *dst)
1172 struct net_device *dev = dst->dev;
1173 unsigned int mtu = dst_mtu(dst);
1174 struct net *net = dev_net(dev);
1176 mtu -= sizeof(struct ipv6hdr) + sizeof(struct tcphdr);
1178 if (mtu < net->ipv6.sysctl.ip6_rt_min_advmss)
1179 mtu = net->ipv6.sysctl.ip6_rt_min_advmss;
1182 * Maximal non-jumbo IPv6 payload is IPV6_MAXPLEN and
1183 * corresponding MSS is IPV6_MAXPLEN - tcp_header_size.
1184 * IPV6_MAXPLEN is also valid and means: "any MSS,
1185 * rely only on pmtu discovery"
1187 if (mtu > IPV6_MAXPLEN - sizeof(struct tcphdr))
1192 static unsigned int ip6_mtu(const struct dst_entry *dst)
1194 struct inet6_dev *idev;
1195 unsigned int mtu = dst_metric_raw(dst, RTAX_MTU);
1203 idev = __in6_dev_get(dst->dev);
1205 mtu = idev->cnf.mtu6;
1211 static struct dst_entry *icmp6_dst_gc_list;
1212 static DEFINE_SPINLOCK(icmp6_dst_lock);
1214 struct dst_entry *icmp6_dst_alloc(struct net_device *dev,
1217 struct dst_entry *dst;
1218 struct rt6_info *rt;
1219 struct inet6_dev *idev = in6_dev_get(dev);
1220 struct net *net = dev_net(dev);
1222 if (unlikely(!idev))
1223 return ERR_PTR(-ENODEV);
1225 rt = ip6_dst_alloc(net, dev, 0, NULL);
1226 if (unlikely(!rt)) {
1228 dst = ERR_PTR(-ENOMEM);
1232 rt->dst.flags |= DST_HOST;
1233 rt->dst.output = ip6_output;
1234 atomic_set(&rt->dst.__refcnt, 1);
1235 rt->rt6i_dst.addr = fl6->daddr;
1236 rt->rt6i_dst.plen = 128;
1237 rt->rt6i_idev = idev;
1238 dst_metric_set(&rt->dst, RTAX_HOPLIMIT, 0);
1240 spin_lock_bh(&icmp6_dst_lock);
1241 rt->dst.next = icmp6_dst_gc_list;
1242 icmp6_dst_gc_list = &rt->dst;
1243 spin_unlock_bh(&icmp6_dst_lock);
1245 fib6_force_start_gc(net);
1247 dst = xfrm_lookup(net, &rt->dst, flowi6_to_flowi(fl6), NULL, 0);
1253 int icmp6_dst_gc(void)
1255 struct dst_entry *dst, **pprev;
1258 spin_lock_bh(&icmp6_dst_lock);
1259 pprev = &icmp6_dst_gc_list;
1261 while ((dst = *pprev) != NULL) {
1262 if (!atomic_read(&dst->__refcnt)) {
1271 spin_unlock_bh(&icmp6_dst_lock);
1276 static void icmp6_clean_all(int (*func)(struct rt6_info *rt, void *arg),
1279 struct dst_entry *dst, **pprev;
1281 spin_lock_bh(&icmp6_dst_lock);
1282 pprev = &icmp6_dst_gc_list;
1283 while ((dst = *pprev) != NULL) {
1284 struct rt6_info *rt = (struct rt6_info *) dst;
1285 if (func(rt, arg)) {
1292 spin_unlock_bh(&icmp6_dst_lock);
1295 static int ip6_dst_gc(struct dst_ops *ops)
1297 unsigned long now = jiffies;
1298 struct net *net = container_of(ops, struct net, ipv6.ip6_dst_ops);
1299 int rt_min_interval = net->ipv6.sysctl.ip6_rt_gc_min_interval;
1300 int rt_max_size = net->ipv6.sysctl.ip6_rt_max_size;
1301 int rt_elasticity = net->ipv6.sysctl.ip6_rt_gc_elasticity;
1302 int rt_gc_timeout = net->ipv6.sysctl.ip6_rt_gc_timeout;
1303 unsigned long rt_last_gc = net->ipv6.ip6_rt_last_gc;
1306 entries = dst_entries_get_fast(ops);
1307 if (time_after(rt_last_gc + rt_min_interval, now) &&
1308 entries <= rt_max_size)
1311 net->ipv6.ip6_rt_gc_expire++;
1312 fib6_run_gc(net->ipv6.ip6_rt_gc_expire, net);
1313 net->ipv6.ip6_rt_last_gc = now;
1314 entries = dst_entries_get_slow(ops);
1315 if (entries < ops->gc_thresh)
1316 net->ipv6.ip6_rt_gc_expire = rt_gc_timeout>>1;
1318 net->ipv6.ip6_rt_gc_expire -= net->ipv6.ip6_rt_gc_expire>>rt_elasticity;
1319 return entries > rt_max_size;
1322 int ip6_dst_hoplimit(struct dst_entry *dst)
1324 int hoplimit = dst_metric_raw(dst, RTAX_HOPLIMIT);
1325 if (hoplimit == 0) {
1326 struct net_device *dev = dst->dev;
1327 struct inet6_dev *idev;
1330 idev = __in6_dev_get(dev);
1332 hoplimit = idev->cnf.hop_limit;
1334 hoplimit = dev_net(dev)->ipv6.devconf_all->hop_limit;
1339 EXPORT_SYMBOL(ip6_dst_hoplimit);
1345 int ip6_route_add(struct fib6_config *cfg)
1348 struct net *net = cfg->fc_nlinfo.nl_net;
1349 struct rt6_info *rt = NULL;
1350 struct net_device *dev = NULL;
1351 struct inet6_dev *idev = NULL;
1352 struct fib6_table *table;
1355 if (cfg->fc_dst_len > 128 || cfg->fc_src_len > 128)
1357 #ifndef CONFIG_IPV6_SUBTREES
1358 if (cfg->fc_src_len)
1361 if (cfg->fc_ifindex) {
1363 dev = dev_get_by_index(net, cfg->fc_ifindex);
1366 idev = in6_dev_get(dev);
1371 if (cfg->fc_metric == 0)
1372 cfg->fc_metric = IP6_RT_PRIO_USER;
1375 if (cfg->fc_nlinfo.nlh &&
1376 !(cfg->fc_nlinfo.nlh->nlmsg_flags & NLM_F_CREATE)) {
1377 table = fib6_get_table(net, cfg->fc_table);
1379 pr_warn("NLM_F_CREATE should be specified when creating new route\n");
1380 table = fib6_new_table(net, cfg->fc_table);
1383 table = fib6_new_table(net, cfg->fc_table);
1389 rt = ip6_dst_alloc(net, NULL, DST_NOCOUNT, table);
1396 if (cfg->fc_flags & RTF_EXPIRES)
1397 rt6_set_expires(rt, jiffies +
1398 clock_t_to_jiffies(cfg->fc_expires));
1400 rt6_clean_expires(rt);
1402 if (cfg->fc_protocol == RTPROT_UNSPEC)
1403 cfg->fc_protocol = RTPROT_BOOT;
1404 rt->rt6i_protocol = cfg->fc_protocol;
1406 addr_type = ipv6_addr_type(&cfg->fc_dst);
1408 if (addr_type & IPV6_ADDR_MULTICAST)
1409 rt->dst.input = ip6_mc_input;
1410 else if (cfg->fc_flags & RTF_LOCAL)
1411 rt->dst.input = ip6_input;
1413 rt->dst.input = ip6_forward;
1415 rt->dst.output = ip6_output;
1417 ipv6_addr_prefix(&rt->rt6i_dst.addr, &cfg->fc_dst, cfg->fc_dst_len);
1418 rt->rt6i_dst.plen = cfg->fc_dst_len;
1419 if (rt->rt6i_dst.plen == 128)
1420 rt->dst.flags |= DST_HOST;
1422 if (!(rt->dst.flags & DST_HOST) && cfg->fc_mx) {
1423 u32 *metrics = kzalloc(sizeof(u32) * RTAX_MAX, GFP_KERNEL);
1428 dst_init_metrics(&rt->dst, metrics, 0);
1430 #ifdef CONFIG_IPV6_SUBTREES
1431 ipv6_addr_prefix(&rt->rt6i_src.addr, &cfg->fc_src, cfg->fc_src_len);
1432 rt->rt6i_src.plen = cfg->fc_src_len;
1435 rt->rt6i_metric = cfg->fc_metric;
1437 /* We cannot add true routes via loopback here,
1438 they would result in kernel looping; promote them to reject routes
1440 if ((cfg->fc_flags & RTF_REJECT) ||
1441 (dev && (dev->flags & IFF_LOOPBACK) &&
1442 !(addr_type & IPV6_ADDR_LOOPBACK) &&
1443 !(cfg->fc_flags & RTF_LOCAL))) {
1444 /* hold loopback dev/idev if we haven't done so. */
1445 if (dev != net->loopback_dev) {
1450 dev = net->loopback_dev;
1452 idev = in6_dev_get(dev);
1458 rt->dst.output = ip6_pkt_discard_out;
1459 rt->dst.input = ip6_pkt_discard;
1460 rt->rt6i_flags = RTF_REJECT|RTF_NONEXTHOP;
1461 switch (cfg->fc_type) {
1463 rt->dst.error = -EINVAL;
1466 rt->dst.error = -EACCES;
1469 rt->dst.error = -EAGAIN;
1472 rt->dst.error = -ENETUNREACH;
1478 if (cfg->fc_flags & RTF_GATEWAY) {
1479 const struct in6_addr *gw_addr;
1482 gw_addr = &cfg->fc_gateway;
1483 rt->rt6i_gateway = *gw_addr;
1484 gwa_type = ipv6_addr_type(gw_addr);
1486 if (gwa_type != (IPV6_ADDR_LINKLOCAL|IPV6_ADDR_UNICAST)) {
1487 struct rt6_info *grt;
1489 /* IPv6 strictly inhibits using not link-local
1490 addresses as nexthop address.
1491 Otherwise, router will not able to send redirects.
1492 It is very good, but in some (rare!) circumstances
1493 (SIT, PtP, NBMA NOARP links) it is handy to allow
1494 some exceptions. --ANK
1497 if (!(gwa_type & IPV6_ADDR_UNICAST))
1500 grt = rt6_lookup(net, gw_addr, NULL, cfg->fc_ifindex, 1);
1502 err = -EHOSTUNREACH;
1506 if (dev != grt->dst.dev) {
1512 idev = grt->rt6i_idev;
1514 in6_dev_hold(grt->rt6i_idev);
1516 if (!(grt->rt6i_flags & RTF_GATEWAY))
1524 if (!dev || (dev->flags & IFF_LOOPBACK))
1532 if (!ipv6_addr_any(&cfg->fc_prefsrc)) {
1533 if (!ipv6_chk_addr(net, &cfg->fc_prefsrc, dev, 0)) {
1537 rt->rt6i_prefsrc.addr = cfg->fc_prefsrc;
1538 rt->rt6i_prefsrc.plen = 128;
1540 rt->rt6i_prefsrc.plen = 0;
1542 rt->rt6i_flags = cfg->fc_flags;
1549 nla_for_each_attr(nla, cfg->fc_mx, cfg->fc_mx_len, remaining) {
1550 int type = nla_type(nla);
1553 if (type > RTAX_MAX) {
1558 dst_metric_set(&rt->dst, type, nla_get_u32(nla));
1564 rt->rt6i_idev = idev;
1565 rt->rt6i_table = table;
1567 cfg->fc_nlinfo.nl_net = dev_net(dev);
1569 return __ip6_ins_rt(rt, &cfg->fc_nlinfo);
1581 static int __ip6_del_rt(struct rt6_info *rt, struct nl_info *info)
1584 struct fib6_table *table;
1585 struct net *net = dev_net(rt->dst.dev);
1587 if (rt == net->ipv6.ip6_null_entry) {
1592 table = rt->rt6i_table;
1593 write_lock_bh(&table->tb6_lock);
1594 err = fib6_del(rt, info);
1595 write_unlock_bh(&table->tb6_lock);
1602 int ip6_del_rt(struct rt6_info *rt)
1604 struct nl_info info = {
1605 .nl_net = dev_net(rt->dst.dev),
1607 return __ip6_del_rt(rt, &info);
1610 static int ip6_route_del(struct fib6_config *cfg)
1612 struct fib6_table *table;
1613 struct fib6_node *fn;
1614 struct rt6_info *rt;
1617 table = fib6_get_table(cfg->fc_nlinfo.nl_net, cfg->fc_table);
1621 read_lock_bh(&table->tb6_lock);
1623 fn = fib6_locate(&table->tb6_root,
1624 &cfg->fc_dst, cfg->fc_dst_len,
1625 &cfg->fc_src, cfg->fc_src_len);
1628 for (rt = fn->leaf; rt; rt = rt->dst.rt6_next) {
1629 if (cfg->fc_ifindex &&
1631 rt->dst.dev->ifindex != cfg->fc_ifindex))
1633 if (cfg->fc_flags & RTF_GATEWAY &&
1634 !ipv6_addr_equal(&cfg->fc_gateway, &rt->rt6i_gateway))
1636 if (cfg->fc_metric && cfg->fc_metric != rt->rt6i_metric)
1639 read_unlock_bh(&table->tb6_lock);
1641 return __ip6_del_rt(rt, &cfg->fc_nlinfo);
1644 read_unlock_bh(&table->tb6_lock);
1649 static void rt6_do_redirect(struct dst_entry *dst, struct sock *sk, struct sk_buff *skb)
1651 struct net *net = dev_net(skb->dev);
1652 struct netevent_redirect netevent;
1653 struct rt6_info *rt, *nrt = NULL;
1654 struct ndisc_options ndopts;
1655 struct inet6_dev *in6_dev;
1656 struct neighbour *neigh;
1658 int optlen, on_link;
1661 optlen = skb_tail_pointer(skb) - skb_transport_header(skb);
1662 optlen -= sizeof(*msg);
1665 net_dbg_ratelimited("rt6_do_redirect: packet too short\n");
1669 msg = (struct rd_msg *)icmp6_hdr(skb);
1671 if (ipv6_addr_is_multicast(&msg->dest)) {
1672 net_dbg_ratelimited("rt6_do_redirect: destination address is multicast\n");
1677 if (ipv6_addr_equal(&msg->dest, &msg->target)) {
1679 } else if (ipv6_addr_type(&msg->target) !=
1680 (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
1681 net_dbg_ratelimited("rt6_do_redirect: target address is not link-local unicast\n");
1685 in6_dev = __in6_dev_get(skb->dev);
1688 if (in6_dev->cnf.forwarding || !in6_dev->cnf.accept_redirects)
1692 * The IP source address of the Redirect MUST be the same as the current
1693 * first-hop router for the specified ICMP Destination Address.
1696 if (!ndisc_parse_options(msg->opt, optlen, &ndopts)) {
1697 net_dbg_ratelimited("rt6_redirect: invalid ND options\n");
1702 if (ndopts.nd_opts_tgt_lladdr) {
1703 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr,
1706 net_dbg_ratelimited("rt6_redirect: invalid link-layer address length\n");
1711 rt = (struct rt6_info *) dst;
1712 if (rt == net->ipv6.ip6_null_entry) {
1713 net_dbg_ratelimited("rt6_redirect: source isn't a valid nexthop for redirect target\n");
1717 /* Redirect received -> path was valid.
1718 * Look, redirects are sent only in response to data packets,
1719 * so that this nexthop apparently is reachable. --ANK
1721 dst_confirm(&rt->dst);
1723 neigh = __neigh_lookup(&nd_tbl, &msg->target, skb->dev, 1);
1728 * We have finally decided to accept it.
1731 neigh_update(neigh, lladdr, NUD_STALE,
1732 NEIGH_UPDATE_F_WEAK_OVERRIDE|
1733 NEIGH_UPDATE_F_OVERRIDE|
1734 (on_link ? 0 : (NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1735 NEIGH_UPDATE_F_ISROUTER))
1738 nrt = ip6_rt_copy(rt, &msg->dest);
1742 nrt->rt6i_flags = RTF_GATEWAY|RTF_UP|RTF_DYNAMIC|RTF_CACHE;
1744 nrt->rt6i_flags &= ~RTF_GATEWAY;
1746 nrt->rt6i_gateway = *(struct in6_addr *)neigh->primary_key;
1748 if (ip6_ins_rt(nrt))
1751 netevent.old = &rt->dst;
1752 netevent.new = &nrt->dst;
1753 netevent.daddr = &msg->dest;
1754 netevent.neigh = neigh;
1755 call_netevent_notifiers(NETEVENT_REDIRECT, &netevent);
1757 if (rt->rt6i_flags & RTF_CACHE) {
1758 rt = (struct rt6_info *) dst_clone(&rt->dst);
1763 neigh_release(neigh);
1767 * Misc support functions
1770 static struct rt6_info *ip6_rt_copy(struct rt6_info *ort,
1771 const struct in6_addr *dest)
1773 struct net *net = dev_net(ort->dst.dev);
1774 struct rt6_info *rt = ip6_dst_alloc(net, ort->dst.dev, 0,
1778 rt->dst.input = ort->dst.input;
1779 rt->dst.output = ort->dst.output;
1780 rt->dst.flags |= DST_HOST;
1782 rt->rt6i_dst.addr = *dest;
1783 rt->rt6i_dst.plen = 128;
1784 dst_copy_metrics(&rt->dst, &ort->dst);
1785 rt->dst.error = ort->dst.error;
1786 rt->rt6i_idev = ort->rt6i_idev;
1788 in6_dev_hold(rt->rt6i_idev);
1789 rt->dst.lastuse = jiffies;
1791 rt->rt6i_gateway = ort->rt6i_gateway;
1792 rt->rt6i_flags = ort->rt6i_flags;
1793 if ((ort->rt6i_flags & (RTF_DEFAULT | RTF_ADDRCONF)) ==
1794 (RTF_DEFAULT | RTF_ADDRCONF))
1795 rt6_set_from(rt, ort);
1796 rt->rt6i_metric = 0;
1798 #ifdef CONFIG_IPV6_SUBTREES
1799 memcpy(&rt->rt6i_src, &ort->rt6i_src, sizeof(struct rt6key));
1801 memcpy(&rt->rt6i_prefsrc, &ort->rt6i_prefsrc, sizeof(struct rt6key));
1802 rt->rt6i_table = ort->rt6i_table;
1807 #ifdef CONFIG_IPV6_ROUTE_INFO
1808 static struct rt6_info *rt6_get_route_info(struct net *net,
1809 const struct in6_addr *prefix, int prefixlen,
1810 const struct in6_addr *gwaddr, int ifindex)
1812 struct fib6_node *fn;
1813 struct rt6_info *rt = NULL;
1814 struct fib6_table *table;
1816 table = fib6_get_table(net, RT6_TABLE_INFO);
1820 read_lock_bh(&table->tb6_lock);
1821 fn = fib6_locate(&table->tb6_root, prefix ,prefixlen, NULL, 0);
1825 for (rt = fn->leaf; rt; rt = rt->dst.rt6_next) {
1826 if (rt->dst.dev->ifindex != ifindex)
1828 if ((rt->rt6i_flags & (RTF_ROUTEINFO|RTF_GATEWAY)) != (RTF_ROUTEINFO|RTF_GATEWAY))
1830 if (!ipv6_addr_equal(&rt->rt6i_gateway, gwaddr))
1836 read_unlock_bh(&table->tb6_lock);
1840 static struct rt6_info *rt6_add_route_info(struct net *net,
1841 const struct in6_addr *prefix, int prefixlen,
1842 const struct in6_addr *gwaddr, int ifindex,
1845 struct fib6_config cfg = {
1846 .fc_table = RT6_TABLE_INFO,
1847 .fc_metric = IP6_RT_PRIO_USER,
1848 .fc_ifindex = ifindex,
1849 .fc_dst_len = prefixlen,
1850 .fc_flags = RTF_GATEWAY | RTF_ADDRCONF | RTF_ROUTEINFO |
1851 RTF_UP | RTF_PREF(pref),
1852 .fc_nlinfo.portid = 0,
1853 .fc_nlinfo.nlh = NULL,
1854 .fc_nlinfo.nl_net = net,
1857 cfg.fc_dst = *prefix;
1858 cfg.fc_gateway = *gwaddr;
1860 /* We should treat it as a default route if prefix length is 0. */
1862 cfg.fc_flags |= RTF_DEFAULT;
1864 ip6_route_add(&cfg);
1866 return rt6_get_route_info(net, prefix, prefixlen, gwaddr, ifindex);
1870 struct rt6_info *rt6_get_dflt_router(const struct in6_addr *addr, struct net_device *dev)
1872 struct rt6_info *rt;
1873 struct fib6_table *table;
1875 table = fib6_get_table(dev_net(dev), RT6_TABLE_DFLT);
1879 read_lock_bh(&table->tb6_lock);
1880 for (rt = table->tb6_root.leaf; rt; rt=rt->dst.rt6_next) {
1881 if (dev == rt->dst.dev &&
1882 ((rt->rt6i_flags & (RTF_ADDRCONF | RTF_DEFAULT)) == (RTF_ADDRCONF | RTF_DEFAULT)) &&
1883 ipv6_addr_equal(&rt->rt6i_gateway, addr))
1888 read_unlock_bh(&table->tb6_lock);
1892 struct rt6_info *rt6_add_dflt_router(const struct in6_addr *gwaddr,
1893 struct net_device *dev,
1896 struct fib6_config cfg = {
1897 .fc_table = RT6_TABLE_DFLT,
1898 .fc_metric = IP6_RT_PRIO_USER,
1899 .fc_ifindex = dev->ifindex,
1900 .fc_flags = RTF_GATEWAY | RTF_ADDRCONF | RTF_DEFAULT |
1901 RTF_UP | RTF_EXPIRES | RTF_PREF(pref),
1902 .fc_nlinfo.portid = 0,
1903 .fc_nlinfo.nlh = NULL,
1904 .fc_nlinfo.nl_net = dev_net(dev),
1907 cfg.fc_gateway = *gwaddr;
1909 ip6_route_add(&cfg);
1911 return rt6_get_dflt_router(gwaddr, dev);
1914 void rt6_purge_dflt_routers(struct net *net)
1916 struct rt6_info *rt;
1917 struct fib6_table *table;
1919 /* NOTE: Keep consistent with rt6_get_dflt_router */
1920 table = fib6_get_table(net, RT6_TABLE_DFLT);
1925 read_lock_bh(&table->tb6_lock);
1926 for (rt = table->tb6_root.leaf; rt; rt = rt->dst.rt6_next) {
1927 if (rt->rt6i_flags & (RTF_DEFAULT | RTF_ADDRCONF) &&
1928 (!rt->rt6i_idev || rt->rt6i_idev->cnf.accept_ra != 2)) {
1930 read_unlock_bh(&table->tb6_lock);
1935 read_unlock_bh(&table->tb6_lock);
1938 static void rtmsg_to_fib6_config(struct net *net,
1939 struct in6_rtmsg *rtmsg,
1940 struct fib6_config *cfg)
1942 memset(cfg, 0, sizeof(*cfg));
1944 cfg->fc_table = RT6_TABLE_MAIN;
1945 cfg->fc_ifindex = rtmsg->rtmsg_ifindex;
1946 cfg->fc_metric = rtmsg->rtmsg_metric;
1947 cfg->fc_expires = rtmsg->rtmsg_info;
1948 cfg->fc_dst_len = rtmsg->rtmsg_dst_len;
1949 cfg->fc_src_len = rtmsg->rtmsg_src_len;
1950 cfg->fc_flags = rtmsg->rtmsg_flags;
1952 cfg->fc_nlinfo.nl_net = net;
1954 cfg->fc_dst = rtmsg->rtmsg_dst;
1955 cfg->fc_src = rtmsg->rtmsg_src;
1956 cfg->fc_gateway = rtmsg->rtmsg_gateway;
1959 int ipv6_route_ioctl(struct net *net, unsigned int cmd, void __user *arg)
1961 struct fib6_config cfg;
1962 struct in6_rtmsg rtmsg;
1966 case SIOCADDRT: /* Add a route */
1967 case SIOCDELRT: /* Delete a route */
1968 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
1970 err = copy_from_user(&rtmsg, arg,
1971 sizeof(struct in6_rtmsg));
1975 rtmsg_to_fib6_config(net, &rtmsg, &cfg);
1980 err = ip6_route_add(&cfg);
1983 err = ip6_route_del(&cfg);
1997 * Drop the packet on the floor
2000 static int ip6_pkt_drop(struct sk_buff *skb, u8 code, int ipstats_mib_noroutes)
2003 struct dst_entry *dst = skb_dst(skb);
2004 switch (ipstats_mib_noroutes) {
2005 case IPSTATS_MIB_INNOROUTES:
2006 type = ipv6_addr_type(&ipv6_hdr(skb)->daddr);
2007 if (type == IPV6_ADDR_ANY) {
2008 IP6_INC_STATS(dev_net(dst->dev), ip6_dst_idev(dst),
2009 IPSTATS_MIB_INADDRERRORS);
2013 case IPSTATS_MIB_OUTNOROUTES:
2014 IP6_INC_STATS(dev_net(dst->dev), ip6_dst_idev(dst),
2015 ipstats_mib_noroutes);
2018 icmpv6_send(skb, ICMPV6_DEST_UNREACH, code, 0);
2023 static int ip6_pkt_discard(struct sk_buff *skb)
2025 return ip6_pkt_drop(skb, ICMPV6_NOROUTE, IPSTATS_MIB_INNOROUTES);
2028 static int ip6_pkt_discard_out(struct sk_buff *skb)
2030 skb->dev = skb_dst(skb)->dev;
2031 return ip6_pkt_drop(skb, ICMPV6_NOROUTE, IPSTATS_MIB_OUTNOROUTES);
2034 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
2036 static int ip6_pkt_prohibit(struct sk_buff *skb)
2038 return ip6_pkt_drop(skb, ICMPV6_ADM_PROHIBITED, IPSTATS_MIB_INNOROUTES);
2041 static int ip6_pkt_prohibit_out(struct sk_buff *skb)
2043 skb->dev = skb_dst(skb)->dev;
2044 return ip6_pkt_drop(skb, ICMPV6_ADM_PROHIBITED, IPSTATS_MIB_OUTNOROUTES);
2050 * Allocate a dst for local (unicast / anycast) address.
2053 struct rt6_info *addrconf_dst_alloc(struct inet6_dev *idev,
2054 const struct in6_addr *addr,
2057 struct net *net = dev_net(idev->dev);
2058 struct rt6_info *rt = ip6_dst_alloc(net, net->loopback_dev, 0, NULL);
2061 net_warn_ratelimited("Maximum number of routes reached, consider increasing route/max_size\n");
2062 return ERR_PTR(-ENOMEM);
2067 rt->dst.flags |= DST_HOST;
2068 rt->dst.input = ip6_input;
2069 rt->dst.output = ip6_output;
2070 rt->rt6i_idev = idev;
2072 rt->rt6i_flags = RTF_UP | RTF_NONEXTHOP;
2074 rt->rt6i_flags |= RTF_ANYCAST;
2076 rt->rt6i_flags |= RTF_LOCAL;
2078 rt->rt6i_dst.addr = *addr;
2079 rt->rt6i_dst.plen = 128;
2080 rt->rt6i_table = fib6_get_table(net, RT6_TABLE_LOCAL);
2082 atomic_set(&rt->dst.__refcnt, 1);
2087 int ip6_route_get_saddr(struct net *net,
2088 struct rt6_info *rt,
2089 const struct in6_addr *daddr,
2091 struct in6_addr *saddr)
2093 struct inet6_dev *idev = ip6_dst_idev((struct dst_entry*)rt);
2095 if (rt->rt6i_prefsrc.plen)
2096 *saddr = rt->rt6i_prefsrc.addr;
2098 err = ipv6_dev_get_saddr(net, idev ? idev->dev : NULL,
2099 daddr, prefs, saddr);
2103 /* remove deleted ip from prefsrc entries */
2104 struct arg_dev_net_ip {
2105 struct net_device *dev;
2107 struct in6_addr *addr;
2110 static int fib6_remove_prefsrc(struct rt6_info *rt, void *arg)
2112 struct net_device *dev = ((struct arg_dev_net_ip *)arg)->dev;
2113 struct net *net = ((struct arg_dev_net_ip *)arg)->net;
2114 struct in6_addr *addr = ((struct arg_dev_net_ip *)arg)->addr;
2116 if (((void *)rt->dst.dev == dev || !dev) &&
2117 rt != net->ipv6.ip6_null_entry &&
2118 ipv6_addr_equal(addr, &rt->rt6i_prefsrc.addr)) {
2119 /* remove prefsrc entry */
2120 rt->rt6i_prefsrc.plen = 0;
2125 void rt6_remove_prefsrc(struct inet6_ifaddr *ifp)
2127 struct net *net = dev_net(ifp->idev->dev);
2128 struct arg_dev_net_ip adni = {
2129 .dev = ifp->idev->dev,
2133 fib6_clean_all(net, fib6_remove_prefsrc, 0, &adni);
2136 struct arg_dev_net {
2137 struct net_device *dev;
2141 static int fib6_ifdown(struct rt6_info *rt, void *arg)
2143 const struct arg_dev_net *adn = arg;
2144 const struct net_device *dev = adn->dev;
2146 if ((rt->dst.dev == dev || !dev) &&
2147 rt != adn->net->ipv6.ip6_null_entry)
2153 void rt6_ifdown(struct net *net, struct net_device *dev)
2155 struct arg_dev_net adn = {
2160 fib6_clean_all(net, fib6_ifdown, 0, &adn);
2161 icmp6_clean_all(fib6_ifdown, &adn);
2164 struct rt6_mtu_change_arg {
2165 struct net_device *dev;
2169 static int rt6_mtu_change_route(struct rt6_info *rt, void *p_arg)
2171 struct rt6_mtu_change_arg *arg = (struct rt6_mtu_change_arg *) p_arg;
2172 struct inet6_dev *idev;
2174 /* In IPv6 pmtu discovery is not optional,
2175 so that RTAX_MTU lock cannot disable it.
2176 We still use this lock to block changes
2177 caused by addrconf/ndisc.
2180 idev = __in6_dev_get(arg->dev);
2184 /* For administrative MTU increase, there is no way to discover
2185 IPv6 PMTU increase, so PMTU increase should be updated here.
2186 Since RFC 1981 doesn't include administrative MTU increase
2187 update PMTU increase is a MUST. (i.e. jumbo frame)
2190 If new MTU is less than route PMTU, this new MTU will be the
2191 lowest MTU in the path, update the route PMTU to reflect PMTU
2192 decreases; if new MTU is greater than route PMTU, and the
2193 old MTU is the lowest MTU in the path, update the route PMTU
2194 to reflect the increase. In this case if the other nodes' MTU
2195 also have the lowest MTU, TOO BIG MESSAGE will be lead to
2198 if (rt->dst.dev == arg->dev &&
2199 !dst_metric_locked(&rt->dst, RTAX_MTU) &&
2200 (dst_mtu(&rt->dst) >= arg->mtu ||
2201 (dst_mtu(&rt->dst) < arg->mtu &&
2202 dst_mtu(&rt->dst) == idev->cnf.mtu6))) {
2203 dst_metric_set(&rt->dst, RTAX_MTU, arg->mtu);
2208 void rt6_mtu_change(struct net_device *dev, unsigned int mtu)
2210 struct rt6_mtu_change_arg arg = {
2215 fib6_clean_all(dev_net(dev), rt6_mtu_change_route, 0, &arg);
2218 static const struct nla_policy rtm_ipv6_policy[RTA_MAX+1] = {
2219 [RTA_GATEWAY] = { .len = sizeof(struct in6_addr) },
2220 [RTA_OIF] = { .type = NLA_U32 },
2221 [RTA_IIF] = { .type = NLA_U32 },
2222 [RTA_PRIORITY] = { .type = NLA_U32 },
2223 [RTA_METRICS] = { .type = NLA_NESTED },
2224 [RTA_MULTIPATH] = { .len = sizeof(struct rtnexthop) },
2227 static int rtm_to_fib6_config(struct sk_buff *skb, struct nlmsghdr *nlh,
2228 struct fib6_config *cfg)
2231 struct nlattr *tb[RTA_MAX+1];
2234 err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_ipv6_policy);
2239 rtm = nlmsg_data(nlh);
2240 memset(cfg, 0, sizeof(*cfg));
2242 cfg->fc_table = rtm->rtm_table;
2243 cfg->fc_dst_len = rtm->rtm_dst_len;
2244 cfg->fc_src_len = rtm->rtm_src_len;
2245 cfg->fc_flags = RTF_UP;
2246 cfg->fc_protocol = rtm->rtm_protocol;
2247 cfg->fc_type = rtm->rtm_type;
2249 if (rtm->rtm_type == RTN_UNREACHABLE ||
2250 rtm->rtm_type == RTN_BLACKHOLE ||
2251 rtm->rtm_type == RTN_PROHIBIT ||
2252 rtm->rtm_type == RTN_THROW)
2253 cfg->fc_flags |= RTF_REJECT;
2255 if (rtm->rtm_type == RTN_LOCAL)
2256 cfg->fc_flags |= RTF_LOCAL;
2258 cfg->fc_nlinfo.portid = NETLINK_CB(skb).portid;
2259 cfg->fc_nlinfo.nlh = nlh;
2260 cfg->fc_nlinfo.nl_net = sock_net(skb->sk);
2262 if (tb[RTA_GATEWAY]) {
2263 nla_memcpy(&cfg->fc_gateway, tb[RTA_GATEWAY], 16);
2264 cfg->fc_flags |= RTF_GATEWAY;
2268 int plen = (rtm->rtm_dst_len + 7) >> 3;
2270 if (nla_len(tb[RTA_DST]) < plen)
2273 nla_memcpy(&cfg->fc_dst, tb[RTA_DST], plen);
2277 int plen = (rtm->rtm_src_len + 7) >> 3;
2279 if (nla_len(tb[RTA_SRC]) < plen)
2282 nla_memcpy(&cfg->fc_src, tb[RTA_SRC], plen);
2285 if (tb[RTA_PREFSRC])
2286 nla_memcpy(&cfg->fc_prefsrc, tb[RTA_PREFSRC], 16);
2289 cfg->fc_ifindex = nla_get_u32(tb[RTA_OIF]);
2291 if (tb[RTA_PRIORITY])
2292 cfg->fc_metric = nla_get_u32(tb[RTA_PRIORITY]);
2294 if (tb[RTA_METRICS]) {
2295 cfg->fc_mx = nla_data(tb[RTA_METRICS]);
2296 cfg->fc_mx_len = nla_len(tb[RTA_METRICS]);
2300 cfg->fc_table = nla_get_u32(tb[RTA_TABLE]);
2302 if (tb[RTA_MULTIPATH]) {
2303 cfg->fc_mp = nla_data(tb[RTA_MULTIPATH]);
2304 cfg->fc_mp_len = nla_len(tb[RTA_MULTIPATH]);
2312 static int ip6_route_multipath(struct fib6_config *cfg, int add)
2314 struct fib6_config r_cfg;
2315 struct rtnexthop *rtnh;
2318 int err = 0, last_err = 0;
2321 rtnh = (struct rtnexthop *)cfg->fc_mp;
2322 remaining = cfg->fc_mp_len;
2324 /* Parse a Multipath Entry */
2325 while (rtnh_ok(rtnh, remaining)) {
2326 memcpy(&r_cfg, cfg, sizeof(*cfg));
2327 if (rtnh->rtnh_ifindex)
2328 r_cfg.fc_ifindex = rtnh->rtnh_ifindex;
2330 attrlen = rtnh_attrlen(rtnh);
2332 struct nlattr *nla, *attrs = rtnh_attrs(rtnh);
2334 nla = nla_find(attrs, attrlen, RTA_GATEWAY);
2336 nla_memcpy(&r_cfg.fc_gateway, nla, 16);
2337 r_cfg.fc_flags |= RTF_GATEWAY;
2340 err = add ? ip6_route_add(&r_cfg) : ip6_route_del(&r_cfg);
2343 /* If we are trying to remove a route, do not stop the
2344 * loop when ip6_route_del() fails (because next hop is
2345 * already gone), we should try to remove all next hops.
2348 /* If add fails, we should try to delete all
2349 * next hops that have been already added.
2355 /* Because each route is added like a single route we remove
2356 * this flag after the first nexthop (if there is a collision,
2357 * we have already fail to add the first nexthop:
2358 * fib6_add_rt2node() has reject it).
2360 cfg->fc_nlinfo.nlh->nlmsg_flags &= ~NLM_F_EXCL;
2361 rtnh = rtnh_next(rtnh, &remaining);
2367 static int inet6_rtm_delroute(struct sk_buff *skb, struct nlmsghdr* nlh)
2369 struct fib6_config cfg;
2372 err = rtm_to_fib6_config(skb, nlh, &cfg);
2377 return ip6_route_multipath(&cfg, 0);
2379 return ip6_route_del(&cfg);
2382 static int inet6_rtm_newroute(struct sk_buff *skb, struct nlmsghdr* nlh)
2384 struct fib6_config cfg;
2387 err = rtm_to_fib6_config(skb, nlh, &cfg);
2392 return ip6_route_multipath(&cfg, 1);
2394 return ip6_route_add(&cfg);
2397 static inline size_t rt6_nlmsg_size(void)
2399 return NLMSG_ALIGN(sizeof(struct rtmsg))
2400 + nla_total_size(16) /* RTA_SRC */
2401 + nla_total_size(16) /* RTA_DST */
2402 + nla_total_size(16) /* RTA_GATEWAY */
2403 + nla_total_size(16) /* RTA_PREFSRC */
2404 + nla_total_size(4) /* RTA_TABLE */
2405 + nla_total_size(4) /* RTA_IIF */
2406 + nla_total_size(4) /* RTA_OIF */
2407 + nla_total_size(4) /* RTA_PRIORITY */
2408 + RTAX_MAX * nla_total_size(4) /* RTA_METRICS */
2409 + nla_total_size(sizeof(struct rta_cacheinfo));
2412 static int rt6_fill_node(struct net *net,
2413 struct sk_buff *skb, struct rt6_info *rt,
2414 struct in6_addr *dst, struct in6_addr *src,
2415 int iif, int type, u32 portid, u32 seq,
2416 int prefix, int nowait, unsigned int flags)
2419 struct nlmsghdr *nlh;
2423 if (prefix) { /* user wants prefix routes only */
2424 if (!(rt->rt6i_flags & RTF_PREFIX_RT)) {
2425 /* success since this is not a prefix route */
2430 nlh = nlmsg_put(skb, portid, seq, type, sizeof(*rtm), flags);
2434 rtm = nlmsg_data(nlh);
2435 rtm->rtm_family = AF_INET6;
2436 rtm->rtm_dst_len = rt->rt6i_dst.plen;
2437 rtm->rtm_src_len = rt->rt6i_src.plen;
2440 table = rt->rt6i_table->tb6_id;
2442 table = RT6_TABLE_UNSPEC;
2443 rtm->rtm_table = table;
2444 if (nla_put_u32(skb, RTA_TABLE, table))
2445 goto nla_put_failure;
2446 if (rt->rt6i_flags & RTF_REJECT) {
2447 switch (rt->dst.error) {
2449 rtm->rtm_type = RTN_BLACKHOLE;
2452 rtm->rtm_type = RTN_PROHIBIT;
2455 rtm->rtm_type = RTN_THROW;
2458 rtm->rtm_type = RTN_UNREACHABLE;
2462 else if (rt->rt6i_flags & RTF_LOCAL)
2463 rtm->rtm_type = RTN_LOCAL;
2464 else if (rt->dst.dev && (rt->dst.dev->flags & IFF_LOOPBACK))
2465 rtm->rtm_type = RTN_LOCAL;
2467 rtm->rtm_type = RTN_UNICAST;
2469 rtm->rtm_scope = RT_SCOPE_UNIVERSE;
2470 rtm->rtm_protocol = rt->rt6i_protocol;
2471 if (rt->rt6i_flags & RTF_DYNAMIC)
2472 rtm->rtm_protocol = RTPROT_REDIRECT;
2473 else if (rt->rt6i_flags & RTF_ADDRCONF) {
2474 if (rt->rt6i_flags & (RTF_DEFAULT | RTF_ROUTEINFO))
2475 rtm->rtm_protocol = RTPROT_RA;
2477 rtm->rtm_protocol = RTPROT_KERNEL;
2480 if (rt->rt6i_flags & RTF_CACHE)
2481 rtm->rtm_flags |= RTM_F_CLONED;
2484 if (nla_put(skb, RTA_DST, 16, dst))
2485 goto nla_put_failure;
2486 rtm->rtm_dst_len = 128;
2487 } else if (rtm->rtm_dst_len)
2488 if (nla_put(skb, RTA_DST, 16, &rt->rt6i_dst.addr))
2489 goto nla_put_failure;
2490 #ifdef CONFIG_IPV6_SUBTREES
2492 if (nla_put(skb, RTA_SRC, 16, src))
2493 goto nla_put_failure;
2494 rtm->rtm_src_len = 128;
2495 } else if (rtm->rtm_src_len &&
2496 nla_put(skb, RTA_SRC, 16, &rt->rt6i_src.addr))
2497 goto nla_put_failure;
2500 #ifdef CONFIG_IPV6_MROUTE
2501 if (ipv6_addr_is_multicast(&rt->rt6i_dst.addr)) {
2502 int err = ip6mr_get_route(net, skb, rtm, nowait);
2507 goto nla_put_failure;
2509 if (err == -EMSGSIZE)
2510 goto nla_put_failure;
2515 if (nla_put_u32(skb, RTA_IIF, iif))
2516 goto nla_put_failure;
2518 struct in6_addr saddr_buf;
2519 if (ip6_route_get_saddr(net, rt, dst, 0, &saddr_buf) == 0 &&
2520 nla_put(skb, RTA_PREFSRC, 16, &saddr_buf))
2521 goto nla_put_failure;
2524 if (rt->rt6i_prefsrc.plen) {
2525 struct in6_addr saddr_buf;
2526 saddr_buf = rt->rt6i_prefsrc.addr;
2527 if (nla_put(skb, RTA_PREFSRC, 16, &saddr_buf))
2528 goto nla_put_failure;
2531 if (rtnetlink_put_metrics(skb, dst_metrics_ptr(&rt->dst)) < 0)
2532 goto nla_put_failure;
2534 if (rt->rt6i_flags & RTF_GATEWAY) {
2535 if (nla_put(skb, RTA_GATEWAY, 16, &rt->rt6i_gateway) < 0)
2536 goto nla_put_failure;
2540 nla_put_u32(skb, RTA_OIF, rt->dst.dev->ifindex))
2541 goto nla_put_failure;
2542 if (nla_put_u32(skb, RTA_PRIORITY, rt->rt6i_metric))
2543 goto nla_put_failure;
2545 expires = (rt->rt6i_flags & RTF_EXPIRES) ? rt->dst.expires - jiffies : 0;
2547 if (rtnl_put_cacheinfo(skb, &rt->dst, 0, expires, rt->dst.error) < 0)
2548 goto nla_put_failure;
2550 return nlmsg_end(skb, nlh);
2553 nlmsg_cancel(skb, nlh);
2557 int rt6_dump_route(struct rt6_info *rt, void *p_arg)
2559 struct rt6_rtnl_dump_arg *arg = (struct rt6_rtnl_dump_arg *) p_arg;
2562 if (nlmsg_len(arg->cb->nlh) >= sizeof(struct rtmsg)) {
2563 struct rtmsg *rtm = nlmsg_data(arg->cb->nlh);
2564 prefix = (rtm->rtm_flags & RTM_F_PREFIX) != 0;
2568 return rt6_fill_node(arg->net,
2569 arg->skb, rt, NULL, NULL, 0, RTM_NEWROUTE,
2570 NETLINK_CB(arg->cb->skb).portid, arg->cb->nlh->nlmsg_seq,
2571 prefix, 0, NLM_F_MULTI);
2574 static int inet6_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr* nlh)
2576 struct net *net = sock_net(in_skb->sk);
2577 struct nlattr *tb[RTA_MAX+1];
2578 struct rt6_info *rt;
2579 struct sk_buff *skb;
2582 int err, iif = 0, oif = 0;
2584 err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_ipv6_policy);
2589 memset(&fl6, 0, sizeof(fl6));
2592 if (nla_len(tb[RTA_SRC]) < sizeof(struct in6_addr))
2595 fl6.saddr = *(struct in6_addr *)nla_data(tb[RTA_SRC]);
2599 if (nla_len(tb[RTA_DST]) < sizeof(struct in6_addr))
2602 fl6.daddr = *(struct in6_addr *)nla_data(tb[RTA_DST]);
2606 iif = nla_get_u32(tb[RTA_IIF]);
2609 oif = nla_get_u32(tb[RTA_OIF]);
2612 struct net_device *dev;
2615 dev = __dev_get_by_index(net, iif);
2621 fl6.flowi6_iif = iif;
2623 if (!ipv6_addr_any(&fl6.saddr))
2624 flags |= RT6_LOOKUP_F_HAS_SADDR;
2626 rt = (struct rt6_info *)ip6_route_input_lookup(net, dev, &fl6,
2629 fl6.flowi6_oif = oif;
2631 rt = (struct rt6_info *)ip6_route_output(net, NULL, &fl6);
2634 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL);
2641 /* Reserve room for dummy headers, this skb can pass
2642 through good chunk of routing engine.
2644 skb_reset_mac_header(skb);
2645 skb_reserve(skb, MAX_HEADER + sizeof(struct ipv6hdr));
2647 skb_dst_set(skb, &rt->dst);
2649 err = rt6_fill_node(net, skb, rt, &fl6.daddr, &fl6.saddr, iif,
2650 RTM_NEWROUTE, NETLINK_CB(in_skb).portid,
2651 nlh->nlmsg_seq, 0, 0, 0);
2657 err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).portid);
2662 void inet6_rt_notify(int event, struct rt6_info *rt, struct nl_info *info)
2664 struct sk_buff *skb;
2665 struct net *net = info->nl_net;
2670 seq = info->nlh ? info->nlh->nlmsg_seq : 0;
2672 skb = nlmsg_new(rt6_nlmsg_size(), gfp_any());
2676 err = rt6_fill_node(net, skb, rt, NULL, NULL, 0,
2677 event, info->portid, seq, 0, 0, 0);
2679 /* -EMSGSIZE implies BUG in rt6_nlmsg_size() */
2680 WARN_ON(err == -EMSGSIZE);
2684 rtnl_notify(skb, net, info->portid, RTNLGRP_IPV6_ROUTE,
2685 info->nlh, gfp_any());
2689 rtnl_set_sk_err(net, RTNLGRP_IPV6_ROUTE, err);
2692 static int ip6_route_dev_notify(struct notifier_block *this,
2693 unsigned long event, void *ptr)
2695 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
2696 struct net *net = dev_net(dev);
2698 if (event == NETDEV_REGISTER && (dev->flags & IFF_LOOPBACK)) {
2699 net->ipv6.ip6_null_entry->dst.dev = dev;
2700 net->ipv6.ip6_null_entry->rt6i_idev = in6_dev_get(dev);
2701 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
2702 net->ipv6.ip6_prohibit_entry->dst.dev = dev;
2703 net->ipv6.ip6_prohibit_entry->rt6i_idev = in6_dev_get(dev);
2704 net->ipv6.ip6_blk_hole_entry->dst.dev = dev;
2705 net->ipv6.ip6_blk_hole_entry->rt6i_idev = in6_dev_get(dev);
2716 #ifdef CONFIG_PROC_FS
2727 static int rt6_info_route(struct rt6_info *rt, void *p_arg)
2729 struct seq_file *m = p_arg;
2731 seq_printf(m, "%pi6 %02x ", &rt->rt6i_dst.addr, rt->rt6i_dst.plen);
2733 #ifdef CONFIG_IPV6_SUBTREES
2734 seq_printf(m, "%pi6 %02x ", &rt->rt6i_src.addr, rt->rt6i_src.plen);
2736 seq_puts(m, "00000000000000000000000000000000 00 ");
2738 if (rt->rt6i_flags & RTF_GATEWAY) {
2739 seq_printf(m, "%pi6", &rt->rt6i_gateway);
2741 seq_puts(m, "00000000000000000000000000000000");
2743 seq_printf(m, " %08x %08x %08x %08x %8s\n",
2744 rt->rt6i_metric, atomic_read(&rt->dst.__refcnt),
2745 rt->dst.__use, rt->rt6i_flags,
2746 rt->dst.dev ? rt->dst.dev->name : "");
2750 static int ipv6_route_show(struct seq_file *m, void *v)
2752 struct net *net = (struct net *)m->private;
2753 fib6_clean_all_ro(net, rt6_info_route, 0, m);
2757 static int ipv6_route_open(struct inode *inode, struct file *file)
2759 return single_open_net(inode, file, ipv6_route_show);
2762 static const struct file_operations ipv6_route_proc_fops = {
2763 .owner = THIS_MODULE,
2764 .open = ipv6_route_open,
2766 .llseek = seq_lseek,
2767 .release = single_release_net,
2770 static int rt6_stats_seq_show(struct seq_file *seq, void *v)
2772 struct net *net = (struct net *)seq->private;
2773 seq_printf(seq, "%04x %04x %04x %04x %04x %04x %04x\n",
2774 net->ipv6.rt6_stats->fib_nodes,
2775 net->ipv6.rt6_stats->fib_route_nodes,
2776 net->ipv6.rt6_stats->fib_rt_alloc,
2777 net->ipv6.rt6_stats->fib_rt_entries,
2778 net->ipv6.rt6_stats->fib_rt_cache,
2779 dst_entries_get_slow(&net->ipv6.ip6_dst_ops),
2780 net->ipv6.rt6_stats->fib_discarded_routes);
2785 static int rt6_stats_seq_open(struct inode *inode, struct file *file)
2787 return single_open_net(inode, file, rt6_stats_seq_show);
2790 static const struct file_operations rt6_stats_seq_fops = {
2791 .owner = THIS_MODULE,
2792 .open = rt6_stats_seq_open,
2794 .llseek = seq_lseek,
2795 .release = single_release_net,
2797 #endif /* CONFIG_PROC_FS */
2799 #ifdef CONFIG_SYSCTL
2802 int ipv6_sysctl_rtcache_flush(struct ctl_table *ctl, int write,
2803 void __user *buffer, size_t *lenp, loff_t *ppos)
2810 net = (struct net *)ctl->extra1;
2811 delay = net->ipv6.sysctl.flush_delay;
2812 proc_dointvec(ctl, write, buffer, lenp, ppos);
2813 fib6_run_gc(delay <= 0 ? ~0UL : (unsigned long)delay, net);
2817 struct ctl_table ipv6_route_table_template[] = {
2819 .procname = "flush",
2820 .data = &init_net.ipv6.sysctl.flush_delay,
2821 .maxlen = sizeof(int),
2823 .proc_handler = ipv6_sysctl_rtcache_flush
2826 .procname = "gc_thresh",
2827 .data = &ip6_dst_ops_template.gc_thresh,
2828 .maxlen = sizeof(int),
2830 .proc_handler = proc_dointvec,
2833 .procname = "max_size",
2834 .data = &init_net.ipv6.sysctl.ip6_rt_max_size,
2835 .maxlen = sizeof(int),
2837 .proc_handler = proc_dointvec,
2840 .procname = "gc_min_interval",
2841 .data = &init_net.ipv6.sysctl.ip6_rt_gc_min_interval,
2842 .maxlen = sizeof(int),
2844 .proc_handler = proc_dointvec_jiffies,
2847 .procname = "gc_timeout",
2848 .data = &init_net.ipv6.sysctl.ip6_rt_gc_timeout,
2849 .maxlen = sizeof(int),
2851 .proc_handler = proc_dointvec_jiffies,
2854 .procname = "gc_interval",
2855 .data = &init_net.ipv6.sysctl.ip6_rt_gc_interval,
2856 .maxlen = sizeof(int),
2858 .proc_handler = proc_dointvec_jiffies,
2861 .procname = "gc_elasticity",
2862 .data = &init_net.ipv6.sysctl.ip6_rt_gc_elasticity,
2863 .maxlen = sizeof(int),
2865 .proc_handler = proc_dointvec,
2868 .procname = "mtu_expires",
2869 .data = &init_net.ipv6.sysctl.ip6_rt_mtu_expires,
2870 .maxlen = sizeof(int),
2872 .proc_handler = proc_dointvec_jiffies,
2875 .procname = "min_adv_mss",
2876 .data = &init_net.ipv6.sysctl.ip6_rt_min_advmss,
2877 .maxlen = sizeof(int),
2879 .proc_handler = proc_dointvec,
2882 .procname = "gc_min_interval_ms",
2883 .data = &init_net.ipv6.sysctl.ip6_rt_gc_min_interval,
2884 .maxlen = sizeof(int),
2886 .proc_handler = proc_dointvec_ms_jiffies,
2891 struct ctl_table * __net_init ipv6_route_sysctl_init(struct net *net)
2893 struct ctl_table *table;
2895 table = kmemdup(ipv6_route_table_template,
2896 sizeof(ipv6_route_table_template),
2900 table[0].data = &net->ipv6.sysctl.flush_delay;
2901 table[0].extra1 = net;
2902 table[1].data = &net->ipv6.ip6_dst_ops.gc_thresh;
2903 table[2].data = &net->ipv6.sysctl.ip6_rt_max_size;
2904 table[3].data = &net->ipv6.sysctl.ip6_rt_gc_min_interval;
2905 table[4].data = &net->ipv6.sysctl.ip6_rt_gc_timeout;
2906 table[5].data = &net->ipv6.sysctl.ip6_rt_gc_interval;
2907 table[6].data = &net->ipv6.sysctl.ip6_rt_gc_elasticity;
2908 table[7].data = &net->ipv6.sysctl.ip6_rt_mtu_expires;
2909 table[8].data = &net->ipv6.sysctl.ip6_rt_min_advmss;
2910 table[9].data = &net->ipv6.sysctl.ip6_rt_gc_min_interval;
2912 /* Don't export sysctls to unprivileged users */
2913 if (net->user_ns != &init_user_ns)
2914 table[0].procname = NULL;
2921 static int __net_init ip6_route_net_init(struct net *net)
2925 memcpy(&net->ipv6.ip6_dst_ops, &ip6_dst_ops_template,
2926 sizeof(net->ipv6.ip6_dst_ops));
2928 if (dst_entries_init(&net->ipv6.ip6_dst_ops) < 0)
2929 goto out_ip6_dst_ops;
2931 net->ipv6.ip6_null_entry = kmemdup(&ip6_null_entry_template,
2932 sizeof(*net->ipv6.ip6_null_entry),
2934 if (!net->ipv6.ip6_null_entry)
2935 goto out_ip6_dst_entries;
2936 net->ipv6.ip6_null_entry->dst.path =
2937 (struct dst_entry *)net->ipv6.ip6_null_entry;
2938 net->ipv6.ip6_null_entry->dst.ops = &net->ipv6.ip6_dst_ops;
2939 dst_init_metrics(&net->ipv6.ip6_null_entry->dst,
2940 ip6_template_metrics, true);
2942 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
2943 net->ipv6.ip6_prohibit_entry = kmemdup(&ip6_prohibit_entry_template,
2944 sizeof(*net->ipv6.ip6_prohibit_entry),
2946 if (!net->ipv6.ip6_prohibit_entry)
2947 goto out_ip6_null_entry;
2948 net->ipv6.ip6_prohibit_entry->dst.path =
2949 (struct dst_entry *)net->ipv6.ip6_prohibit_entry;
2950 net->ipv6.ip6_prohibit_entry->dst.ops = &net->ipv6.ip6_dst_ops;
2951 dst_init_metrics(&net->ipv6.ip6_prohibit_entry->dst,
2952 ip6_template_metrics, true);
2954 net->ipv6.ip6_blk_hole_entry = kmemdup(&ip6_blk_hole_entry_template,
2955 sizeof(*net->ipv6.ip6_blk_hole_entry),
2957 if (!net->ipv6.ip6_blk_hole_entry)
2958 goto out_ip6_prohibit_entry;
2959 net->ipv6.ip6_blk_hole_entry->dst.path =
2960 (struct dst_entry *)net->ipv6.ip6_blk_hole_entry;
2961 net->ipv6.ip6_blk_hole_entry->dst.ops = &net->ipv6.ip6_dst_ops;
2962 dst_init_metrics(&net->ipv6.ip6_blk_hole_entry->dst,
2963 ip6_template_metrics, true);
2966 net->ipv6.sysctl.flush_delay = 0;
2967 net->ipv6.sysctl.ip6_rt_max_size = 4096;
2968 net->ipv6.sysctl.ip6_rt_gc_min_interval = HZ / 2;
2969 net->ipv6.sysctl.ip6_rt_gc_timeout = 60*HZ;
2970 net->ipv6.sysctl.ip6_rt_gc_interval = 30*HZ;
2971 net->ipv6.sysctl.ip6_rt_gc_elasticity = 9;
2972 net->ipv6.sysctl.ip6_rt_mtu_expires = 10*60*HZ;
2973 net->ipv6.sysctl.ip6_rt_min_advmss = IPV6_MIN_MTU - 20 - 40;
2975 net->ipv6.ip6_rt_gc_expire = 30*HZ;
2981 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
2982 out_ip6_prohibit_entry:
2983 kfree(net->ipv6.ip6_prohibit_entry);
2985 kfree(net->ipv6.ip6_null_entry);
2987 out_ip6_dst_entries:
2988 dst_entries_destroy(&net->ipv6.ip6_dst_ops);
2993 static void __net_exit ip6_route_net_exit(struct net *net)
2995 kfree(net->ipv6.ip6_null_entry);
2996 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
2997 kfree(net->ipv6.ip6_prohibit_entry);
2998 kfree(net->ipv6.ip6_blk_hole_entry);
3000 dst_entries_destroy(&net->ipv6.ip6_dst_ops);
3003 static int __net_init ip6_route_net_init_late(struct net *net)
3005 #ifdef CONFIG_PROC_FS
3006 proc_create("ipv6_route", 0, net->proc_net, &ipv6_route_proc_fops);
3007 proc_create("rt6_stats", S_IRUGO, net->proc_net, &rt6_stats_seq_fops);
3012 static void __net_exit ip6_route_net_exit_late(struct net *net)
3014 #ifdef CONFIG_PROC_FS
3015 remove_proc_entry("ipv6_route", net->proc_net);
3016 remove_proc_entry("rt6_stats", net->proc_net);
3020 static struct pernet_operations ip6_route_net_ops = {
3021 .init = ip6_route_net_init,
3022 .exit = ip6_route_net_exit,
3025 static int __net_init ipv6_inetpeer_init(struct net *net)
3027 struct inet_peer_base *bp = kmalloc(sizeof(*bp), GFP_KERNEL);
3031 inet_peer_base_init(bp);
3032 net->ipv6.peers = bp;
3036 static void __net_exit ipv6_inetpeer_exit(struct net *net)
3038 struct inet_peer_base *bp = net->ipv6.peers;
3040 net->ipv6.peers = NULL;
3041 inetpeer_invalidate_tree(bp);
3045 static struct pernet_operations ipv6_inetpeer_ops = {
3046 .init = ipv6_inetpeer_init,
3047 .exit = ipv6_inetpeer_exit,
3050 static struct pernet_operations ip6_route_net_late_ops = {
3051 .init = ip6_route_net_init_late,
3052 .exit = ip6_route_net_exit_late,
3055 static struct notifier_block ip6_route_dev_notifier = {
3056 .notifier_call = ip6_route_dev_notify,
3060 int __init ip6_route_init(void)
3065 ip6_dst_ops_template.kmem_cachep =
3066 kmem_cache_create("ip6_dst_cache", sizeof(struct rt6_info), 0,
3067 SLAB_HWCACHE_ALIGN, NULL);
3068 if (!ip6_dst_ops_template.kmem_cachep)
3071 ret = dst_entries_init(&ip6_dst_blackhole_ops);
3073 goto out_kmem_cache;
3075 ret = register_pernet_subsys(&ipv6_inetpeer_ops);
3077 goto out_dst_entries;
3079 ret = register_pernet_subsys(&ip6_route_net_ops);
3081 goto out_register_inetpeer;
3083 ip6_dst_blackhole_ops.kmem_cachep = ip6_dst_ops_template.kmem_cachep;
3085 /* Registering of the loopback is done before this portion of code,
3086 * the loopback reference in rt6_info will not be taken, do it
3087 * manually for init_net */
3088 init_net.ipv6.ip6_null_entry->dst.dev = init_net.loopback_dev;
3089 init_net.ipv6.ip6_null_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev);
3090 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
3091 init_net.ipv6.ip6_prohibit_entry->dst.dev = init_net.loopback_dev;
3092 init_net.ipv6.ip6_prohibit_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev);
3093 init_net.ipv6.ip6_blk_hole_entry->dst.dev = init_net.loopback_dev;
3094 init_net.ipv6.ip6_blk_hole_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev);
3098 goto out_register_subsys;
3104 ret = fib6_rules_init();
3108 ret = register_pernet_subsys(&ip6_route_net_late_ops);
3110 goto fib6_rules_init;
3113 if (__rtnl_register(PF_INET6, RTM_NEWROUTE, inet6_rtm_newroute, NULL, NULL) ||
3114 __rtnl_register(PF_INET6, RTM_DELROUTE, inet6_rtm_delroute, NULL, NULL) ||
3115 __rtnl_register(PF_INET6, RTM_GETROUTE, inet6_rtm_getroute, NULL, NULL))
3116 goto out_register_late_subsys;
3118 ret = register_netdevice_notifier(&ip6_route_dev_notifier);
3120 goto out_register_late_subsys;
3125 out_register_late_subsys:
3126 unregister_pernet_subsys(&ip6_route_net_late_ops);
3128 fib6_rules_cleanup();
3133 out_register_subsys:
3134 unregister_pernet_subsys(&ip6_route_net_ops);
3135 out_register_inetpeer:
3136 unregister_pernet_subsys(&ipv6_inetpeer_ops);
3138 dst_entries_destroy(&ip6_dst_blackhole_ops);
3140 kmem_cache_destroy(ip6_dst_ops_template.kmem_cachep);
3144 void ip6_route_cleanup(void)
3146 unregister_netdevice_notifier(&ip6_route_dev_notifier);
3147 unregister_pernet_subsys(&ip6_route_net_late_ops);
3148 fib6_rules_cleanup();
3151 unregister_pernet_subsys(&ipv6_inetpeer_ops);
3152 unregister_pernet_subsys(&ip6_route_net_ops);
3153 dst_entries_destroy(&ip6_dst_blackhole_ops);
3154 kmem_cache_destroy(ip6_dst_ops_template.kmem_cachep);