2 * Linux INET6 implementation
6 * Pedro Roque <roque@di.fc.ul.pt>
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public License
10 * as published by the Free Software Foundation; either version
11 * 2 of the License, or (at your option) any later version.
16 * YOSHIFUJI Hideaki @USAGI
17 * reworked default router selection.
18 * - respect outgoing interface
19 * - select from (probably) reachable routers (i.e.
20 * routers in REACHABLE, STALE, DELAY or PROBE states).
21 * - always select the same router if it is (probably)
22 * reachable. otherwise, round-robin the list.
24 * Fixed routing subtrees.
27 #define pr_fmt(fmt) "IPv6: " fmt
29 #include <linux/capability.h>
30 #include <linux/errno.h>
31 #include <linux/export.h>
32 #include <linux/types.h>
33 #include <linux/times.h>
34 #include <linux/socket.h>
35 #include <linux/sockios.h>
36 #include <linux/net.h>
37 #include <linux/route.h>
38 #include <linux/netdevice.h>
39 #include <linux/in6.h>
40 #include <linux/mroute6.h>
41 #include <linux/init.h>
42 #include <linux/if_arp.h>
43 #include <linux/proc_fs.h>
44 #include <linux/seq_file.h>
45 #include <linux/nsproxy.h>
46 #include <linux/slab.h>
47 #include <net/net_namespace.h>
50 #include <net/ip6_fib.h>
51 #include <net/ip6_route.h>
52 #include <net/ndisc.h>
53 #include <net/addrconf.h>
55 #include <linux/rtnetlink.h>
57 #include <net/dst_metadata.h>
59 #include <net/netevent.h>
60 #include <net/netlink.h>
61 #include <net/nexthop.h>
62 #include <net/lwtunnel.h>
63 #include <net/ip_tunnels.h>
64 #include <net/l3mdev.h>
65 #include <trace/events/fib6.h>
67 #include <asm/uaccess.h>
70 #include <linux/sysctl.h>
74 RT6_NUD_FAIL_HARD = -3,
75 RT6_NUD_FAIL_PROBE = -2,
76 RT6_NUD_FAIL_DO_RR = -1,
80 static void ip6_rt_copy_init(struct rt6_info *rt, struct rt6_info *ort);
81 static struct dst_entry *ip6_dst_check(struct dst_entry *dst, u32 cookie);
82 static unsigned int ip6_default_advmss(const struct dst_entry *dst);
83 static unsigned int ip6_mtu(const struct dst_entry *dst);
84 static struct dst_entry *ip6_negative_advice(struct dst_entry *);
85 static void ip6_dst_destroy(struct dst_entry *);
86 static void ip6_dst_ifdown(struct dst_entry *,
87 struct net_device *dev, int how);
88 static int ip6_dst_gc(struct dst_ops *ops);
90 static int ip6_pkt_discard(struct sk_buff *skb);
91 static int ip6_pkt_discard_out(struct net *net, struct sock *sk, struct sk_buff *skb);
92 static int ip6_pkt_prohibit(struct sk_buff *skb);
93 static int ip6_pkt_prohibit_out(struct net *net, struct sock *sk, struct sk_buff *skb);
94 static void ip6_link_failure(struct sk_buff *skb);
95 static void ip6_rt_update_pmtu(struct dst_entry *dst, struct sock *sk,
96 struct sk_buff *skb, u32 mtu);
97 static void rt6_do_redirect(struct dst_entry *dst, struct sock *sk,
99 static void rt6_dst_from_metrics_check(struct rt6_info *rt);
100 static int rt6_score_route(struct rt6_info *rt, int oif, int strict);
102 #ifdef CONFIG_IPV6_ROUTE_INFO
103 static struct rt6_info *rt6_add_route_info(struct net *net,
104 const struct in6_addr *prefix, int prefixlen,
105 const struct in6_addr *gwaddr,
106 struct net_device *dev,
108 static struct rt6_info *rt6_get_route_info(struct net *net,
109 const struct in6_addr *prefix, int prefixlen,
110 const struct in6_addr *gwaddr,
111 struct net_device *dev);
114 struct uncached_list {
116 struct list_head head;
119 static DEFINE_PER_CPU_ALIGNED(struct uncached_list, rt6_uncached_list);
121 static void rt6_uncached_list_add(struct rt6_info *rt)
123 struct uncached_list *ul = raw_cpu_ptr(&rt6_uncached_list);
125 rt->dst.flags |= DST_NOCACHE;
126 rt->rt6i_uncached_list = ul;
128 spin_lock_bh(&ul->lock);
129 list_add_tail(&rt->rt6i_uncached, &ul->head);
130 spin_unlock_bh(&ul->lock);
133 static void rt6_uncached_list_del(struct rt6_info *rt)
135 if (!list_empty(&rt->rt6i_uncached)) {
136 struct uncached_list *ul = rt->rt6i_uncached_list;
138 spin_lock_bh(&ul->lock);
139 list_del(&rt->rt6i_uncached);
140 spin_unlock_bh(&ul->lock);
144 static void rt6_uncached_list_flush_dev(struct net *net, struct net_device *dev)
146 struct net_device *loopback_dev = net->loopback_dev;
149 if (dev == loopback_dev)
152 for_each_possible_cpu(cpu) {
153 struct uncached_list *ul = per_cpu_ptr(&rt6_uncached_list, cpu);
156 spin_lock_bh(&ul->lock);
157 list_for_each_entry(rt, &ul->head, rt6i_uncached) {
158 struct inet6_dev *rt_idev = rt->rt6i_idev;
159 struct net_device *rt_dev = rt->dst.dev;
161 if (rt_idev->dev == dev) {
162 rt->rt6i_idev = in6_dev_get(loopback_dev);
163 in6_dev_put(rt_idev);
167 rt->dst.dev = loopback_dev;
168 dev_hold(rt->dst.dev);
172 spin_unlock_bh(&ul->lock);
176 static u32 *rt6_pcpu_cow_metrics(struct rt6_info *rt)
178 return dst_metrics_write_ptr(rt->dst.from);
181 static u32 *ipv6_cow_metrics(struct dst_entry *dst, unsigned long old)
183 struct rt6_info *rt = (struct rt6_info *)dst;
185 if (rt->rt6i_flags & RTF_PCPU)
186 return rt6_pcpu_cow_metrics(rt);
187 else if (rt->rt6i_flags & RTF_CACHE)
190 return dst_cow_metrics_generic(dst, old);
193 static inline const void *choose_neigh_daddr(struct rt6_info *rt,
197 struct in6_addr *p = &rt->rt6i_gateway;
199 if (!ipv6_addr_any(p))
200 return (const void *) p;
202 return &ipv6_hdr(skb)->daddr;
206 static struct neighbour *ip6_neigh_lookup(const struct dst_entry *dst,
210 struct rt6_info *rt = (struct rt6_info *) dst;
213 daddr = choose_neigh_daddr(rt, skb, daddr);
214 n = __ipv6_neigh_lookup(dst->dev, daddr);
217 return neigh_create(&nd_tbl, daddr, dst->dev);
220 static struct dst_ops ip6_dst_ops_template = {
224 .check = ip6_dst_check,
225 .default_advmss = ip6_default_advmss,
227 .cow_metrics = ipv6_cow_metrics,
228 .destroy = ip6_dst_destroy,
229 .ifdown = ip6_dst_ifdown,
230 .negative_advice = ip6_negative_advice,
231 .link_failure = ip6_link_failure,
232 .update_pmtu = ip6_rt_update_pmtu,
233 .redirect = rt6_do_redirect,
234 .local_out = __ip6_local_out,
235 .neigh_lookup = ip6_neigh_lookup,
238 static unsigned int ip6_blackhole_mtu(const struct dst_entry *dst)
240 unsigned int mtu = dst_metric_raw(dst, RTAX_MTU);
242 return mtu ? : dst->dev->mtu;
245 static void ip6_rt_blackhole_update_pmtu(struct dst_entry *dst, struct sock *sk,
246 struct sk_buff *skb, u32 mtu)
250 static void ip6_rt_blackhole_redirect(struct dst_entry *dst, struct sock *sk,
255 static struct dst_ops ip6_dst_blackhole_ops = {
257 .destroy = ip6_dst_destroy,
258 .check = ip6_dst_check,
259 .mtu = ip6_blackhole_mtu,
260 .default_advmss = ip6_default_advmss,
261 .update_pmtu = ip6_rt_blackhole_update_pmtu,
262 .redirect = ip6_rt_blackhole_redirect,
263 .cow_metrics = dst_cow_metrics_generic,
264 .neigh_lookup = ip6_neigh_lookup,
267 static const u32 ip6_template_metrics[RTAX_MAX] = {
268 [RTAX_HOPLIMIT - 1] = 0,
271 static const struct rt6_info ip6_null_entry_template = {
273 .__refcnt = ATOMIC_INIT(1),
275 .obsolete = DST_OBSOLETE_FORCE_CHK,
276 .error = -ENETUNREACH,
277 .input = ip6_pkt_discard,
278 .output = ip6_pkt_discard_out,
280 .rt6i_flags = (RTF_REJECT | RTF_NONEXTHOP),
281 .rt6i_protocol = RTPROT_KERNEL,
282 .rt6i_metric = ~(u32) 0,
283 .rt6i_ref = ATOMIC_INIT(1),
286 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
288 static const struct rt6_info ip6_prohibit_entry_template = {
290 .__refcnt = ATOMIC_INIT(1),
292 .obsolete = DST_OBSOLETE_FORCE_CHK,
294 .input = ip6_pkt_prohibit,
295 .output = ip6_pkt_prohibit_out,
297 .rt6i_flags = (RTF_REJECT | RTF_NONEXTHOP),
298 .rt6i_protocol = RTPROT_KERNEL,
299 .rt6i_metric = ~(u32) 0,
300 .rt6i_ref = ATOMIC_INIT(1),
303 static const struct rt6_info ip6_blk_hole_entry_template = {
305 .__refcnt = ATOMIC_INIT(1),
307 .obsolete = DST_OBSOLETE_FORCE_CHK,
309 .input = dst_discard,
310 .output = dst_discard_out,
312 .rt6i_flags = (RTF_REJECT | RTF_NONEXTHOP),
313 .rt6i_protocol = RTPROT_KERNEL,
314 .rt6i_metric = ~(u32) 0,
315 .rt6i_ref = ATOMIC_INIT(1),
320 static void rt6_info_init(struct rt6_info *rt)
322 struct dst_entry *dst = &rt->dst;
324 memset(dst + 1, 0, sizeof(*rt) - sizeof(*dst));
325 INIT_LIST_HEAD(&rt->rt6i_siblings);
326 INIT_LIST_HEAD(&rt->rt6i_uncached);
329 /* allocate dst with ip6_dst_ops */
330 static struct rt6_info *__ip6_dst_alloc(struct net *net,
331 struct net_device *dev,
334 struct rt6_info *rt = dst_alloc(&net->ipv6.ip6_dst_ops, dev,
335 0, DST_OBSOLETE_FORCE_CHK, flags);
343 struct rt6_info *ip6_dst_alloc(struct net *net,
344 struct net_device *dev,
347 struct rt6_info *rt = __ip6_dst_alloc(net, dev, flags);
350 rt->rt6i_pcpu = alloc_percpu_gfp(struct rt6_info *, GFP_ATOMIC);
354 for_each_possible_cpu(cpu) {
357 p = per_cpu_ptr(rt->rt6i_pcpu, cpu);
358 /* no one shares rt */
362 dst_destroy((struct dst_entry *)rt);
369 EXPORT_SYMBOL(ip6_dst_alloc);
371 static void ip6_dst_destroy(struct dst_entry *dst)
373 struct rt6_info *rt = (struct rt6_info *)dst;
374 struct dst_entry *from = dst->from;
375 struct inet6_dev *idev;
377 dst_destroy_metrics_generic(dst);
378 free_percpu(rt->rt6i_pcpu);
379 rt6_uncached_list_del(rt);
381 idev = rt->rt6i_idev;
383 rt->rt6i_idev = NULL;
391 static void ip6_dst_ifdown(struct dst_entry *dst, struct net_device *dev,
394 struct rt6_info *rt = (struct rt6_info *)dst;
395 struct inet6_dev *idev = rt->rt6i_idev;
396 struct net_device *loopback_dev =
397 dev_net(dev)->loopback_dev;
399 if (dev != loopback_dev) {
400 if (idev && idev->dev == dev) {
401 struct inet6_dev *loopback_idev =
402 in6_dev_get(loopback_dev);
404 rt->rt6i_idev = loopback_idev;
411 static bool __rt6_check_expired(const struct rt6_info *rt)
413 if (rt->rt6i_flags & RTF_EXPIRES)
414 return time_after(jiffies, rt->dst.expires);
419 static bool rt6_check_expired(const struct rt6_info *rt)
421 if (rt->rt6i_flags & RTF_EXPIRES) {
422 if (time_after(jiffies, rt->dst.expires))
424 } else if (rt->dst.from) {
425 return rt6_check_expired((struct rt6_info *) rt->dst.from);
430 /* Multipath route selection:
431 * Hash based function using packet header and flowlabel.
432 * Adapted from fib_info_hashfn()
434 static int rt6_info_hash_nhsfn(unsigned int candidate_count,
435 const struct flowi6 *fl6)
437 return get_hash_from_flowi6(fl6) % candidate_count;
440 static struct rt6_info *rt6_multipath_select(struct rt6_info *match,
441 struct flowi6 *fl6, int oif,
444 struct rt6_info *sibling, *next_sibling;
447 route_choosen = rt6_info_hash_nhsfn(match->rt6i_nsiblings + 1, fl6);
448 /* Don't change the route, if route_choosen == 0
449 * (siblings does not include ourself)
452 list_for_each_entry_safe(sibling, next_sibling,
453 &match->rt6i_siblings, rt6i_siblings) {
455 if (route_choosen == 0) {
456 if (rt6_score_route(sibling, oif, strict) < 0)
466 * Route lookup. Any table->tb6_lock is implied.
469 static inline struct rt6_info *rt6_device_match(struct net *net,
471 const struct in6_addr *saddr,
475 struct rt6_info *local = NULL;
476 struct rt6_info *sprt;
478 if (!oif && ipv6_addr_any(saddr))
481 for (sprt = rt; sprt; sprt = sprt->dst.rt6_next) {
482 struct net_device *dev = sprt->dst.dev;
485 if (dev->ifindex == oif)
487 if (dev->flags & IFF_LOOPBACK) {
488 if (!sprt->rt6i_idev ||
489 sprt->rt6i_idev->dev->ifindex != oif) {
490 if (flags & RT6_LOOKUP_F_IFACE)
493 local->rt6i_idev->dev->ifindex == oif)
499 if (ipv6_chk_addr(net, saddr, dev,
500 flags & RT6_LOOKUP_F_IFACE))
509 if (flags & RT6_LOOKUP_F_IFACE)
510 return net->ipv6.ip6_null_entry;
516 #ifdef CONFIG_IPV6_ROUTER_PREF
517 struct __rt6_probe_work {
518 struct work_struct work;
519 struct in6_addr target;
520 struct net_device *dev;
523 static void rt6_probe_deferred(struct work_struct *w)
525 struct in6_addr mcaddr;
526 struct __rt6_probe_work *work =
527 container_of(w, struct __rt6_probe_work, work);
529 addrconf_addr_solict_mult(&work->target, &mcaddr);
530 ndisc_send_ns(work->dev, &work->target, &mcaddr, NULL);
535 static void rt6_probe(struct rt6_info *rt)
537 struct __rt6_probe_work *work;
538 struct neighbour *neigh;
540 * Okay, this does not seem to be appropriate
541 * for now, however, we need to check if it
542 * is really so; aka Router Reachability Probing.
544 * Router Reachability Probe MUST be rate-limited
545 * to no more than one per minute.
547 if (!rt || !(rt->rt6i_flags & RTF_GATEWAY))
550 neigh = __ipv6_neigh_lookup_noref(rt->dst.dev, &rt->rt6i_gateway);
552 if (neigh->nud_state & NUD_VALID)
556 write_lock(&neigh->lock);
557 if (!(neigh->nud_state & NUD_VALID) &&
560 rt->rt6i_idev->cnf.rtr_probe_interval)) {
561 work = kmalloc(sizeof(*work), GFP_ATOMIC);
563 __neigh_set_probe_once(neigh);
565 write_unlock(&neigh->lock);
567 work = kmalloc(sizeof(*work), GFP_ATOMIC);
571 INIT_WORK(&work->work, rt6_probe_deferred);
572 work->target = rt->rt6i_gateway;
573 dev_hold(rt->dst.dev);
574 work->dev = rt->dst.dev;
575 schedule_work(&work->work);
579 rcu_read_unlock_bh();
582 static inline void rt6_probe(struct rt6_info *rt)
588 * Default Router Selection (RFC 2461 6.3.6)
590 static inline int rt6_check_dev(struct rt6_info *rt, int oif)
592 struct net_device *dev = rt->dst.dev;
593 if (!oif || dev->ifindex == oif)
595 if ((dev->flags & IFF_LOOPBACK) &&
596 rt->rt6i_idev && rt->rt6i_idev->dev->ifindex == oif)
601 static inline enum rt6_nud_state rt6_check_neigh(struct rt6_info *rt)
603 struct neighbour *neigh;
604 enum rt6_nud_state ret = RT6_NUD_FAIL_HARD;
606 if (rt->rt6i_flags & RTF_NONEXTHOP ||
607 !(rt->rt6i_flags & RTF_GATEWAY))
608 return RT6_NUD_SUCCEED;
611 neigh = __ipv6_neigh_lookup_noref(rt->dst.dev, &rt->rt6i_gateway);
613 read_lock(&neigh->lock);
614 if (neigh->nud_state & NUD_VALID)
615 ret = RT6_NUD_SUCCEED;
616 #ifdef CONFIG_IPV6_ROUTER_PREF
617 else if (!(neigh->nud_state & NUD_FAILED))
618 ret = RT6_NUD_SUCCEED;
620 ret = RT6_NUD_FAIL_PROBE;
622 read_unlock(&neigh->lock);
624 ret = IS_ENABLED(CONFIG_IPV6_ROUTER_PREF) ?
625 RT6_NUD_SUCCEED : RT6_NUD_FAIL_DO_RR;
627 rcu_read_unlock_bh();
632 static int rt6_score_route(struct rt6_info *rt, int oif,
637 m = rt6_check_dev(rt, oif);
638 if (!m && (strict & RT6_LOOKUP_F_IFACE))
639 return RT6_NUD_FAIL_HARD;
640 #ifdef CONFIG_IPV6_ROUTER_PREF
641 m |= IPV6_DECODE_PREF(IPV6_EXTRACT_PREF(rt->rt6i_flags)) << 2;
643 if (strict & RT6_LOOKUP_F_REACHABLE) {
644 int n = rt6_check_neigh(rt);
651 static struct rt6_info *find_match(struct rt6_info *rt, int oif, int strict,
652 int *mpri, struct rt6_info *match,
656 bool match_do_rr = false;
657 struct inet6_dev *idev = rt->rt6i_idev;
658 struct net_device *dev = rt->dst.dev;
660 if (dev && !netif_carrier_ok(dev) &&
661 idev->cnf.ignore_routes_with_linkdown &&
662 !(strict & RT6_LOOKUP_F_IGNORE_LINKSTATE))
665 if (rt6_check_expired(rt))
668 m = rt6_score_route(rt, oif, strict);
669 if (m == RT6_NUD_FAIL_DO_RR) {
671 m = 0; /* lowest valid score */
672 } else if (m == RT6_NUD_FAIL_HARD) {
676 if (strict & RT6_LOOKUP_F_REACHABLE)
679 /* note that m can be RT6_NUD_FAIL_PROBE at this point */
681 *do_rr = match_do_rr;
689 static struct rt6_info *find_rr_leaf(struct fib6_node *fn,
690 struct rt6_info *rr_head,
691 u32 metric, int oif, int strict,
694 struct rt6_info *rt, *match, *cont;
699 for (rt = rr_head; rt; rt = rt->dst.rt6_next) {
700 if (rt->rt6i_metric != metric) {
705 match = find_match(rt, oif, strict, &mpri, match, do_rr);
708 for (rt = fn->leaf; rt && rt != rr_head; rt = rt->dst.rt6_next) {
709 if (rt->rt6i_metric != metric) {
714 match = find_match(rt, oif, strict, &mpri, match, do_rr);
720 for (rt = cont; rt; rt = rt->dst.rt6_next)
721 match = find_match(rt, oif, strict, &mpri, match, do_rr);
726 static struct rt6_info *rt6_select(struct fib6_node *fn, int oif, int strict)
728 struct rt6_info *match, *rt0;
734 fn->rr_ptr = rt0 = fn->leaf;
736 match = find_rr_leaf(fn, rt0, rt0->rt6i_metric, oif, strict,
740 struct rt6_info *next = rt0->dst.rt6_next;
742 /* no entries matched; do round-robin */
743 if (!next || next->rt6i_metric != rt0->rt6i_metric)
750 net = dev_net(rt0->dst.dev);
751 return match ? match : net->ipv6.ip6_null_entry;
754 static bool rt6_is_gw_or_nonexthop(const struct rt6_info *rt)
756 return (rt->rt6i_flags & (RTF_NONEXTHOP | RTF_GATEWAY));
759 #ifdef CONFIG_IPV6_ROUTE_INFO
760 int rt6_route_rcv(struct net_device *dev, u8 *opt, int len,
761 const struct in6_addr *gwaddr)
763 struct net *net = dev_net(dev);
764 struct route_info *rinfo = (struct route_info *) opt;
765 struct in6_addr prefix_buf, *prefix;
767 unsigned long lifetime;
770 if (len < sizeof(struct route_info)) {
774 /* Sanity check for prefix_len and length */
775 if (rinfo->length > 3) {
777 } else if (rinfo->prefix_len > 128) {
779 } else if (rinfo->prefix_len > 64) {
780 if (rinfo->length < 2) {
783 } else if (rinfo->prefix_len > 0) {
784 if (rinfo->length < 1) {
789 pref = rinfo->route_pref;
790 if (pref == ICMPV6_ROUTER_PREF_INVALID)
793 lifetime = addrconf_timeout_fixup(ntohl(rinfo->lifetime), HZ);
795 if (rinfo->length == 3)
796 prefix = (struct in6_addr *)rinfo->prefix;
798 /* this function is safe */
799 ipv6_addr_prefix(&prefix_buf,
800 (struct in6_addr *)rinfo->prefix,
802 prefix = &prefix_buf;
805 if (rinfo->prefix_len == 0)
806 rt = rt6_get_dflt_router(gwaddr, dev);
808 rt = rt6_get_route_info(net, prefix, rinfo->prefix_len,
811 if (rt && !lifetime) {
817 rt = rt6_add_route_info(net, prefix, rinfo->prefix_len, gwaddr,
820 rt->rt6i_flags = RTF_ROUTEINFO |
821 (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
824 if (!addrconf_finite_timeout(lifetime))
825 rt6_clean_expires(rt);
827 rt6_set_expires(rt, jiffies + HZ * lifetime);
835 static struct fib6_node* fib6_backtrack(struct fib6_node *fn,
836 struct in6_addr *saddr)
838 struct fib6_node *pn;
840 if (fn->fn_flags & RTN_TL_ROOT)
843 if (FIB6_SUBTREE(pn) && FIB6_SUBTREE(pn) != fn)
844 fn = fib6_lookup(FIB6_SUBTREE(pn), NULL, saddr);
847 if (fn->fn_flags & RTN_RTINFO)
852 static struct rt6_info *ip6_pol_route_lookup(struct net *net,
853 struct fib6_table *table,
854 struct flowi6 *fl6, int flags)
856 struct fib6_node *fn;
859 read_lock_bh(&table->tb6_lock);
860 fn = fib6_lookup(&table->tb6_root, &fl6->daddr, &fl6->saddr);
863 rt = rt6_device_match(net, rt, &fl6->saddr, fl6->flowi6_oif, flags);
864 if (rt->rt6i_nsiblings && fl6->flowi6_oif == 0)
865 rt = rt6_multipath_select(rt, fl6, fl6->flowi6_oif, flags);
866 if (rt == net->ipv6.ip6_null_entry) {
867 fn = fib6_backtrack(fn, &fl6->saddr);
871 dst_use(&rt->dst, jiffies);
872 read_unlock_bh(&table->tb6_lock);
874 trace_fib6_table_lookup(net, rt, table->tb6_id, fl6);
880 struct dst_entry *ip6_route_lookup(struct net *net, struct flowi6 *fl6,
883 return fib6_rule_lookup(net, fl6, flags, ip6_pol_route_lookup);
885 EXPORT_SYMBOL_GPL(ip6_route_lookup);
887 struct rt6_info *rt6_lookup(struct net *net, const struct in6_addr *daddr,
888 const struct in6_addr *saddr, int oif, int strict)
890 struct flowi6 fl6 = {
894 struct dst_entry *dst;
895 int flags = strict ? RT6_LOOKUP_F_IFACE : 0;
898 memcpy(&fl6.saddr, saddr, sizeof(*saddr));
899 flags |= RT6_LOOKUP_F_HAS_SADDR;
902 dst = fib6_rule_lookup(net, &fl6, flags, ip6_pol_route_lookup);
904 return (struct rt6_info *) dst;
910 EXPORT_SYMBOL(rt6_lookup);
912 /* ip6_ins_rt is called with FREE table->tb6_lock.
913 It takes new route entry, the addition fails by any reason the
914 route is freed. In any case, if caller does not hold it, it may
918 static int __ip6_ins_rt(struct rt6_info *rt, struct nl_info *info,
919 struct mx6_config *mxc)
922 struct fib6_table *table;
924 table = rt->rt6i_table;
925 write_lock_bh(&table->tb6_lock);
926 err = fib6_add(&table->tb6_root, rt, info, mxc);
927 write_unlock_bh(&table->tb6_lock);
932 int ip6_ins_rt(struct rt6_info *rt)
934 struct nl_info info = { .nl_net = dev_net(rt->dst.dev), };
935 struct mx6_config mxc = { .mx = NULL, };
937 return __ip6_ins_rt(rt, &info, &mxc);
940 static struct rt6_info *ip6_rt_cache_alloc(struct rt6_info *ort,
941 const struct in6_addr *daddr,
942 const struct in6_addr *saddr)
950 if (ort->rt6i_flags & (RTF_CACHE | RTF_PCPU))
951 ort = (struct rt6_info *)ort->dst.from;
953 rt = __ip6_dst_alloc(dev_net(ort->dst.dev), ort->dst.dev, 0);
958 ip6_rt_copy_init(rt, ort);
959 rt->rt6i_flags |= RTF_CACHE;
961 rt->dst.flags |= DST_HOST;
962 rt->rt6i_dst.addr = *daddr;
963 rt->rt6i_dst.plen = 128;
965 if (!rt6_is_gw_or_nonexthop(ort)) {
966 if (ort->rt6i_dst.plen != 128 &&
967 ipv6_addr_equal(&ort->rt6i_dst.addr, daddr))
968 rt->rt6i_flags |= RTF_ANYCAST;
969 #ifdef CONFIG_IPV6_SUBTREES
970 if (rt->rt6i_src.plen && saddr) {
971 rt->rt6i_src.addr = *saddr;
972 rt->rt6i_src.plen = 128;
980 static struct rt6_info *ip6_rt_pcpu_alloc(struct rt6_info *rt)
982 struct rt6_info *pcpu_rt;
984 pcpu_rt = __ip6_dst_alloc(dev_net(rt->dst.dev),
985 rt->dst.dev, rt->dst.flags);
989 ip6_rt_copy_init(pcpu_rt, rt);
990 pcpu_rt->rt6i_protocol = rt->rt6i_protocol;
991 pcpu_rt->rt6i_flags |= RTF_PCPU;
995 /* It should be called with read_lock_bh(&tb6_lock) acquired */
996 static struct rt6_info *rt6_get_pcpu_route(struct rt6_info *rt)
998 struct rt6_info *pcpu_rt, **p;
1000 p = this_cpu_ptr(rt->rt6i_pcpu);
1004 dst_hold(&pcpu_rt->dst);
1005 rt6_dst_from_metrics_check(pcpu_rt);
1010 static struct rt6_info *rt6_make_pcpu_route(struct rt6_info *rt)
1012 struct fib6_table *table = rt->rt6i_table;
1013 struct rt6_info *pcpu_rt, *prev, **p;
1015 pcpu_rt = ip6_rt_pcpu_alloc(rt);
1017 struct net *net = dev_net(rt->dst.dev);
1019 dst_hold(&net->ipv6.ip6_null_entry->dst);
1020 return net->ipv6.ip6_null_entry;
1023 read_lock_bh(&table->tb6_lock);
1024 if (rt->rt6i_pcpu) {
1025 p = this_cpu_ptr(rt->rt6i_pcpu);
1026 prev = cmpxchg(p, NULL, pcpu_rt);
1028 /* If someone did it before us, return prev instead */
1029 dst_destroy(&pcpu_rt->dst);
1033 /* rt has been removed from the fib6 tree
1034 * before we have a chance to acquire the read_lock.
1035 * In this case, don't brother to create a pcpu rt
1036 * since rt is going away anyway. The next
1037 * dst_check() will trigger a re-lookup.
1039 dst_destroy(&pcpu_rt->dst);
1042 dst_hold(&pcpu_rt->dst);
1043 rt6_dst_from_metrics_check(pcpu_rt);
1044 read_unlock_bh(&table->tb6_lock);
1048 struct rt6_info *ip6_pol_route(struct net *net, struct fib6_table *table,
1049 int oif, struct flowi6 *fl6, int flags)
1051 struct fib6_node *fn, *saved_fn;
1052 struct rt6_info *rt;
1055 strict |= flags & RT6_LOOKUP_F_IFACE;
1056 strict |= flags & RT6_LOOKUP_F_IGNORE_LINKSTATE;
1057 if (net->ipv6.devconf_all->forwarding == 0)
1058 strict |= RT6_LOOKUP_F_REACHABLE;
1060 read_lock_bh(&table->tb6_lock);
1062 fn = fib6_lookup(&table->tb6_root, &fl6->daddr, &fl6->saddr);
1065 if (fl6->flowi6_flags & FLOWI_FLAG_SKIP_NH_OIF)
1069 rt = rt6_select(fn, oif, strict);
1070 if (rt->rt6i_nsiblings)
1071 rt = rt6_multipath_select(rt, fl6, oif, strict);
1072 if (rt == net->ipv6.ip6_null_entry) {
1073 fn = fib6_backtrack(fn, &fl6->saddr);
1075 goto redo_rt6_select;
1076 else if (strict & RT6_LOOKUP_F_REACHABLE) {
1077 /* also consider unreachable route */
1078 strict &= ~RT6_LOOKUP_F_REACHABLE;
1080 goto redo_rt6_select;
1085 if (rt == net->ipv6.ip6_null_entry || (rt->rt6i_flags & RTF_CACHE)) {
1086 dst_use(&rt->dst, jiffies);
1087 read_unlock_bh(&table->tb6_lock);
1089 rt6_dst_from_metrics_check(rt);
1091 trace_fib6_table_lookup(net, rt, table->tb6_id, fl6);
1093 } else if (unlikely((fl6->flowi6_flags & FLOWI_FLAG_KNOWN_NH) &&
1094 !(rt->rt6i_flags & RTF_GATEWAY))) {
1095 /* Create a RTF_CACHE clone which will not be
1096 * owned by the fib6 tree. It is for the special case where
1097 * the daddr in the skb during the neighbor look-up is different
1098 * from the fl6->daddr used to look-up route here.
1101 struct rt6_info *uncached_rt;
1103 dst_use(&rt->dst, jiffies);
1104 read_unlock_bh(&table->tb6_lock);
1106 uncached_rt = ip6_rt_cache_alloc(rt, &fl6->daddr, NULL);
1107 dst_release(&rt->dst);
1110 rt6_uncached_list_add(uncached_rt);
1112 uncached_rt = net->ipv6.ip6_null_entry;
1114 dst_hold(&uncached_rt->dst);
1116 trace_fib6_table_lookup(net, uncached_rt, table->tb6_id, fl6);
1120 /* Get a percpu copy */
1122 struct rt6_info *pcpu_rt;
1124 rt->dst.lastuse = jiffies;
1126 pcpu_rt = rt6_get_pcpu_route(rt);
1129 read_unlock_bh(&table->tb6_lock);
1131 /* We have to do the read_unlock first
1132 * because rt6_make_pcpu_route() may trigger
1133 * ip6_dst_gc() which will take the write_lock.
1136 read_unlock_bh(&table->tb6_lock);
1137 pcpu_rt = rt6_make_pcpu_route(rt);
1138 dst_release(&rt->dst);
1141 trace_fib6_table_lookup(net, pcpu_rt, table->tb6_id, fl6);
1146 EXPORT_SYMBOL_GPL(ip6_pol_route);
1148 static struct rt6_info *ip6_pol_route_input(struct net *net, struct fib6_table *table,
1149 struct flowi6 *fl6, int flags)
1151 return ip6_pol_route(net, table, fl6->flowi6_iif, fl6, flags);
1154 struct dst_entry *ip6_route_input_lookup(struct net *net,
1155 struct net_device *dev,
1156 struct flowi6 *fl6, int flags)
1158 if (rt6_need_strict(&fl6->daddr) && dev->type != ARPHRD_PIMREG)
1159 flags |= RT6_LOOKUP_F_IFACE;
1161 return fib6_rule_lookup(net, fl6, flags, ip6_pol_route_input);
1163 EXPORT_SYMBOL_GPL(ip6_route_input_lookup);
1165 void ip6_route_input(struct sk_buff *skb)
1167 const struct ipv6hdr *iph = ipv6_hdr(skb);
1168 struct net *net = dev_net(skb->dev);
1169 int flags = RT6_LOOKUP_F_HAS_SADDR;
1170 struct ip_tunnel_info *tun_info;
1171 struct flowi6 fl6 = {
1172 .flowi6_iif = skb->dev->ifindex,
1173 .daddr = iph->daddr,
1174 .saddr = iph->saddr,
1175 .flowlabel = ip6_flowinfo(iph),
1176 .flowi6_mark = skb->mark,
1177 .flowi6_proto = iph->nexthdr,
1180 tun_info = skb_tunnel_info(skb);
1181 if (tun_info && !(tun_info->mode & IP_TUNNEL_INFO_TX))
1182 fl6.flowi6_tun_key.tun_id = tun_info->key.tun_id;
1184 skb_dst_set(skb, ip6_route_input_lookup(net, skb->dev, &fl6, flags));
1187 static struct rt6_info *ip6_pol_route_output(struct net *net, struct fib6_table *table,
1188 struct flowi6 *fl6, int flags)
1190 return ip6_pol_route(net, table, fl6->flowi6_oif, fl6, flags);
1193 struct dst_entry *ip6_route_output_flags(struct net *net, const struct sock *sk,
1194 struct flowi6 *fl6, int flags)
1198 if (rt6_need_strict(&fl6->daddr)) {
1199 struct dst_entry *dst;
1201 dst = l3mdev_link_scope_lookup(net, fl6);
1206 fl6->flowi6_iif = LOOPBACK_IFINDEX;
1208 any_src = ipv6_addr_any(&fl6->saddr);
1209 if ((sk && sk->sk_bound_dev_if) || rt6_need_strict(&fl6->daddr) ||
1210 (fl6->flowi6_oif && any_src))
1211 flags |= RT6_LOOKUP_F_IFACE;
1214 flags |= RT6_LOOKUP_F_HAS_SADDR;
1216 flags |= rt6_srcprefs2flags(inet6_sk(sk)->srcprefs);
1218 return fib6_rule_lookup(net, fl6, flags, ip6_pol_route_output);
1220 EXPORT_SYMBOL_GPL(ip6_route_output_flags);
1222 struct dst_entry *ip6_blackhole_route(struct net *net, struct dst_entry *dst_orig)
1224 struct rt6_info *rt, *ort = (struct rt6_info *) dst_orig;
1225 struct dst_entry *new = NULL;
1227 rt = dst_alloc(&ip6_dst_blackhole_ops, ort->dst.dev, 1, DST_OBSOLETE_NONE, 0);
1233 new->input = dst_discard;
1234 new->output = dst_discard_out;
1236 dst_copy_metrics(new, &ort->dst);
1237 rt->rt6i_idev = ort->rt6i_idev;
1239 in6_dev_hold(rt->rt6i_idev);
1241 rt->rt6i_gateway = ort->rt6i_gateway;
1242 rt->rt6i_flags = ort->rt6i_flags & ~RTF_PCPU;
1243 rt->rt6i_metric = 0;
1245 memcpy(&rt->rt6i_dst, &ort->rt6i_dst, sizeof(struct rt6key));
1246 #ifdef CONFIG_IPV6_SUBTREES
1247 memcpy(&rt->rt6i_src, &ort->rt6i_src, sizeof(struct rt6key));
1253 dst_release(dst_orig);
1254 return new ? new : ERR_PTR(-ENOMEM);
1258 * Destination cache support functions
1261 static void rt6_dst_from_metrics_check(struct rt6_info *rt)
1264 dst_metrics_ptr(&rt->dst) != dst_metrics_ptr(rt->dst.from))
1265 dst_init_metrics(&rt->dst, dst_metrics_ptr(rt->dst.from), true);
1268 static struct dst_entry *rt6_check(struct rt6_info *rt, u32 cookie)
1270 if (!rt->rt6i_node || (rt->rt6i_node->fn_sernum != cookie))
1273 if (rt6_check_expired(rt))
1279 static struct dst_entry *rt6_dst_from_check(struct rt6_info *rt, u32 cookie)
1281 if (!__rt6_check_expired(rt) &&
1282 rt->dst.obsolete == DST_OBSOLETE_FORCE_CHK &&
1283 rt6_check((struct rt6_info *)(rt->dst.from), cookie))
1289 static struct dst_entry *ip6_dst_check(struct dst_entry *dst, u32 cookie)
1291 struct rt6_info *rt;
1293 rt = (struct rt6_info *) dst;
1295 /* All IPV6 dsts are created with ->obsolete set to the value
1296 * DST_OBSOLETE_FORCE_CHK which forces validation calls down
1297 * into this function always.
1300 rt6_dst_from_metrics_check(rt);
1302 if (rt->rt6i_flags & RTF_PCPU ||
1303 (unlikely(dst->flags & DST_NOCACHE) && rt->dst.from))
1304 return rt6_dst_from_check(rt, cookie);
1306 return rt6_check(rt, cookie);
1309 static struct dst_entry *ip6_negative_advice(struct dst_entry *dst)
1311 struct rt6_info *rt = (struct rt6_info *) dst;
1314 if (rt->rt6i_flags & RTF_CACHE) {
1315 if (rt6_check_expired(rt)) {
1327 static void ip6_link_failure(struct sk_buff *skb)
1329 struct rt6_info *rt;
1331 icmpv6_send(skb, ICMPV6_DEST_UNREACH, ICMPV6_ADDR_UNREACH, 0);
1333 rt = (struct rt6_info *) skb_dst(skb);
1335 if (rt->rt6i_flags & RTF_CACHE) {
1338 } else if (rt->rt6i_node && (rt->rt6i_flags & RTF_DEFAULT)) {
1339 rt->rt6i_node->fn_sernum = -1;
1344 static void rt6_do_update_pmtu(struct rt6_info *rt, u32 mtu)
1346 struct net *net = dev_net(rt->dst.dev);
1348 rt->rt6i_flags |= RTF_MODIFIED;
1349 rt->rt6i_pmtu = mtu;
1350 rt6_update_expires(rt, net->ipv6.sysctl.ip6_rt_mtu_expires);
1353 static bool rt6_cache_allowed_for_pmtu(const struct rt6_info *rt)
1355 return !(rt->rt6i_flags & RTF_CACHE) &&
1356 (rt->rt6i_flags & RTF_PCPU || rt->rt6i_node);
1359 static void __ip6_rt_update_pmtu(struct dst_entry *dst, const struct sock *sk,
1360 const struct ipv6hdr *iph, u32 mtu)
1362 struct rt6_info *rt6 = (struct rt6_info *)dst;
1364 if (rt6->rt6i_flags & RTF_LOCAL)
1368 mtu = max_t(u32, mtu, IPV6_MIN_MTU);
1369 if (mtu >= dst_mtu(dst))
1372 if (!rt6_cache_allowed_for_pmtu(rt6)) {
1373 rt6_do_update_pmtu(rt6, mtu);
1375 const struct in6_addr *daddr, *saddr;
1376 struct rt6_info *nrt6;
1379 daddr = &iph->daddr;
1380 saddr = &iph->saddr;
1382 daddr = &sk->sk_v6_daddr;
1383 saddr = &inet6_sk(sk)->saddr;
1387 nrt6 = ip6_rt_cache_alloc(rt6, daddr, saddr);
1389 rt6_do_update_pmtu(nrt6, mtu);
1391 /* ip6_ins_rt(nrt6) will bump the
1392 * rt6->rt6i_node->fn_sernum
1393 * which will fail the next rt6_check() and
1394 * invalidate the sk->sk_dst_cache.
1401 static void ip6_rt_update_pmtu(struct dst_entry *dst, struct sock *sk,
1402 struct sk_buff *skb, u32 mtu)
1404 __ip6_rt_update_pmtu(dst, sk, skb ? ipv6_hdr(skb) : NULL, mtu);
1407 void ip6_update_pmtu(struct sk_buff *skb, struct net *net, __be32 mtu,
1410 const struct ipv6hdr *iph = (struct ipv6hdr *) skb->data;
1411 struct dst_entry *dst;
1414 memset(&fl6, 0, sizeof(fl6));
1415 fl6.flowi6_oif = oif;
1416 fl6.flowi6_mark = mark ? mark : IP6_REPLY_MARK(net, skb->mark);
1417 fl6.daddr = iph->daddr;
1418 fl6.saddr = iph->saddr;
1419 fl6.flowlabel = ip6_flowinfo(iph);
1421 dst = ip6_route_output(net, NULL, &fl6);
1423 __ip6_rt_update_pmtu(dst, NULL, iph, ntohl(mtu));
1426 EXPORT_SYMBOL_GPL(ip6_update_pmtu);
1428 void ip6_sk_update_pmtu(struct sk_buff *skb, struct sock *sk, __be32 mtu)
1430 struct dst_entry *dst;
1432 ip6_update_pmtu(skb, sock_net(sk), mtu,
1433 sk->sk_bound_dev_if, sk->sk_mark);
1435 dst = __sk_dst_get(sk);
1436 if (!dst || !dst->obsolete ||
1437 dst->ops->check(dst, inet6_sk(sk)->dst_cookie))
1441 if (!sock_owned_by_user(sk) && !ipv6_addr_v4mapped(&sk->sk_v6_daddr))
1442 ip6_datagram_dst_update(sk, false);
1445 EXPORT_SYMBOL_GPL(ip6_sk_update_pmtu);
1447 /* Handle redirects */
1448 struct ip6rd_flowi {
1450 struct in6_addr gateway;
1453 static struct rt6_info *__ip6_route_redirect(struct net *net,
1454 struct fib6_table *table,
1458 struct ip6rd_flowi *rdfl = (struct ip6rd_flowi *)fl6;
1459 struct rt6_info *rt;
1460 struct fib6_node *fn;
1462 /* Get the "current" route for this destination and
1463 * check if the redirect has come from approriate router.
1465 * RFC 4861 specifies that redirects should only be
1466 * accepted if they come from the nexthop to the target.
1467 * Due to the way the routes are chosen, this notion
1468 * is a bit fuzzy and one might need to check all possible
1472 read_lock_bh(&table->tb6_lock);
1473 fn = fib6_lookup(&table->tb6_root, &fl6->daddr, &fl6->saddr);
1475 for (rt = fn->leaf; rt; rt = rt->dst.rt6_next) {
1476 if (rt6_check_expired(rt))
1480 if (!(rt->rt6i_flags & RTF_GATEWAY))
1482 if (fl6->flowi6_oif != rt->dst.dev->ifindex)
1484 if (!ipv6_addr_equal(&rdfl->gateway, &rt->rt6i_gateway))
1490 rt = net->ipv6.ip6_null_entry;
1491 else if (rt->dst.error) {
1492 rt = net->ipv6.ip6_null_entry;
1496 if (rt == net->ipv6.ip6_null_entry) {
1497 fn = fib6_backtrack(fn, &fl6->saddr);
1505 read_unlock_bh(&table->tb6_lock);
1507 trace_fib6_table_lookup(net, rt, table->tb6_id, fl6);
1511 static struct dst_entry *ip6_route_redirect(struct net *net,
1512 const struct flowi6 *fl6,
1513 const struct in6_addr *gateway)
1515 int flags = RT6_LOOKUP_F_HAS_SADDR;
1516 struct ip6rd_flowi rdfl;
1519 rdfl.gateway = *gateway;
1521 return fib6_rule_lookup(net, &rdfl.fl6,
1522 flags, __ip6_route_redirect);
1525 void ip6_redirect(struct sk_buff *skb, struct net *net, int oif, u32 mark)
1527 const struct ipv6hdr *iph = (struct ipv6hdr *) skb->data;
1528 struct dst_entry *dst;
1531 memset(&fl6, 0, sizeof(fl6));
1532 fl6.flowi6_iif = LOOPBACK_IFINDEX;
1533 fl6.flowi6_oif = oif;
1534 fl6.flowi6_mark = mark;
1535 fl6.daddr = iph->daddr;
1536 fl6.saddr = iph->saddr;
1537 fl6.flowlabel = ip6_flowinfo(iph);
1539 dst = ip6_route_redirect(net, &fl6, &ipv6_hdr(skb)->saddr);
1540 rt6_do_redirect(dst, NULL, skb);
1543 EXPORT_SYMBOL_GPL(ip6_redirect);
1545 void ip6_redirect_no_header(struct sk_buff *skb, struct net *net, int oif,
1548 const struct ipv6hdr *iph = ipv6_hdr(skb);
1549 const struct rd_msg *msg = (struct rd_msg *)icmp6_hdr(skb);
1550 struct dst_entry *dst;
1553 memset(&fl6, 0, sizeof(fl6));
1554 fl6.flowi6_iif = LOOPBACK_IFINDEX;
1555 fl6.flowi6_oif = oif;
1556 fl6.flowi6_mark = mark;
1557 fl6.daddr = msg->dest;
1558 fl6.saddr = iph->daddr;
1560 dst = ip6_route_redirect(net, &fl6, &iph->saddr);
1561 rt6_do_redirect(dst, NULL, skb);
1565 void ip6_sk_redirect(struct sk_buff *skb, struct sock *sk)
1567 ip6_redirect(skb, sock_net(sk), sk->sk_bound_dev_if, sk->sk_mark);
1569 EXPORT_SYMBOL_GPL(ip6_sk_redirect);
1571 static unsigned int ip6_default_advmss(const struct dst_entry *dst)
1573 struct net_device *dev = dst->dev;
1574 unsigned int mtu = dst_mtu(dst);
1575 struct net *net = dev_net(dev);
1577 mtu -= sizeof(struct ipv6hdr) + sizeof(struct tcphdr);
1579 if (mtu < net->ipv6.sysctl.ip6_rt_min_advmss)
1580 mtu = net->ipv6.sysctl.ip6_rt_min_advmss;
1583 * Maximal non-jumbo IPv6 payload is IPV6_MAXPLEN and
1584 * corresponding MSS is IPV6_MAXPLEN - tcp_header_size.
1585 * IPV6_MAXPLEN is also valid and means: "any MSS,
1586 * rely only on pmtu discovery"
1588 if (mtu > IPV6_MAXPLEN - sizeof(struct tcphdr))
1593 static unsigned int ip6_mtu(const struct dst_entry *dst)
1595 const struct rt6_info *rt = (const struct rt6_info *)dst;
1596 unsigned int mtu = rt->rt6i_pmtu;
1597 struct inet6_dev *idev;
1602 mtu = dst_metric_raw(dst, RTAX_MTU);
1609 idev = __in6_dev_get(dst->dev);
1611 mtu = idev->cnf.mtu6;
1615 mtu = min_t(unsigned int, mtu, IP6_MAX_MTU);
1617 return mtu - lwtunnel_headroom(dst->lwtstate, mtu);
1620 static struct dst_entry *icmp6_dst_gc_list;
1621 static DEFINE_SPINLOCK(icmp6_dst_lock);
1623 struct dst_entry *icmp6_dst_alloc(struct net_device *dev,
1626 struct dst_entry *dst;
1627 struct rt6_info *rt;
1628 struct inet6_dev *idev = in6_dev_get(dev);
1629 struct net *net = dev_net(dev);
1631 if (unlikely(!idev))
1632 return ERR_PTR(-ENODEV);
1634 rt = ip6_dst_alloc(net, dev, 0);
1635 if (unlikely(!rt)) {
1637 dst = ERR_PTR(-ENOMEM);
1641 rt->dst.flags |= DST_HOST;
1642 rt->dst.output = ip6_output;
1643 atomic_set(&rt->dst.__refcnt, 1);
1644 rt->rt6i_gateway = fl6->daddr;
1645 rt->rt6i_dst.addr = fl6->daddr;
1646 rt->rt6i_dst.plen = 128;
1647 rt->rt6i_idev = idev;
1648 dst_metric_set(&rt->dst, RTAX_HOPLIMIT, 0);
1650 spin_lock_bh(&icmp6_dst_lock);
1651 rt->dst.next = icmp6_dst_gc_list;
1652 icmp6_dst_gc_list = &rt->dst;
1653 spin_unlock_bh(&icmp6_dst_lock);
1655 fib6_force_start_gc(net);
1657 dst = xfrm_lookup(net, &rt->dst, flowi6_to_flowi(fl6), NULL, 0);
1663 int icmp6_dst_gc(void)
1665 struct dst_entry *dst, **pprev;
1668 spin_lock_bh(&icmp6_dst_lock);
1669 pprev = &icmp6_dst_gc_list;
1671 while ((dst = *pprev) != NULL) {
1672 if (!atomic_read(&dst->__refcnt)) {
1681 spin_unlock_bh(&icmp6_dst_lock);
1686 static void icmp6_clean_all(int (*func)(struct rt6_info *rt, void *arg),
1689 struct dst_entry *dst, **pprev;
1691 spin_lock_bh(&icmp6_dst_lock);
1692 pprev = &icmp6_dst_gc_list;
1693 while ((dst = *pprev) != NULL) {
1694 struct rt6_info *rt = (struct rt6_info *) dst;
1695 if (func(rt, arg)) {
1702 spin_unlock_bh(&icmp6_dst_lock);
1705 static int ip6_dst_gc(struct dst_ops *ops)
1707 struct net *net = container_of(ops, struct net, ipv6.ip6_dst_ops);
1708 int rt_min_interval = net->ipv6.sysctl.ip6_rt_gc_min_interval;
1709 int rt_max_size = net->ipv6.sysctl.ip6_rt_max_size;
1710 int rt_elasticity = net->ipv6.sysctl.ip6_rt_gc_elasticity;
1711 int rt_gc_timeout = net->ipv6.sysctl.ip6_rt_gc_timeout;
1712 unsigned long rt_last_gc = net->ipv6.ip6_rt_last_gc;
1715 entries = dst_entries_get_fast(ops);
1716 if (time_after(rt_last_gc + rt_min_interval, jiffies) &&
1717 entries <= rt_max_size)
1720 net->ipv6.ip6_rt_gc_expire++;
1721 fib6_run_gc(net->ipv6.ip6_rt_gc_expire, net, true);
1722 entries = dst_entries_get_slow(ops);
1723 if (entries < ops->gc_thresh)
1724 net->ipv6.ip6_rt_gc_expire = rt_gc_timeout>>1;
1726 net->ipv6.ip6_rt_gc_expire -= net->ipv6.ip6_rt_gc_expire>>rt_elasticity;
1727 return entries > rt_max_size;
1730 static int ip6_convert_metrics(struct mx6_config *mxc,
1731 const struct fib6_config *cfg)
1733 bool ecn_ca = false;
1741 mp = kzalloc(sizeof(u32) * RTAX_MAX, GFP_KERNEL);
1745 nla_for_each_attr(nla, cfg->fc_mx, cfg->fc_mx_len, remaining) {
1746 int type = nla_type(nla);
1751 if (unlikely(type > RTAX_MAX))
1754 if (type == RTAX_CC_ALGO) {
1755 char tmp[TCP_CA_NAME_MAX];
1757 nla_strlcpy(tmp, nla, sizeof(tmp));
1758 val = tcp_ca_get_key_by_name(tmp, &ecn_ca);
1759 if (val == TCP_CA_UNSPEC)
1762 val = nla_get_u32(nla);
1764 if (type == RTAX_HOPLIMIT && val > 255)
1766 if (type == RTAX_FEATURES && (val & ~RTAX_FEATURE_MASK))
1770 __set_bit(type - 1, mxc->mx_valid);
1774 __set_bit(RTAX_FEATURES - 1, mxc->mx_valid);
1775 mp[RTAX_FEATURES - 1] |= DST_FEATURE_ECN_CA;
1785 static struct rt6_info *ip6_nh_lookup_table(struct net *net,
1786 struct fib6_config *cfg,
1787 const struct in6_addr *gw_addr)
1789 struct flowi6 fl6 = {
1790 .flowi6_oif = cfg->fc_ifindex,
1792 .saddr = cfg->fc_prefsrc,
1794 struct fib6_table *table;
1795 struct rt6_info *rt;
1796 int flags = RT6_LOOKUP_F_IFACE | RT6_LOOKUP_F_IGNORE_LINKSTATE;
1798 table = fib6_get_table(net, cfg->fc_table);
1802 if (!ipv6_addr_any(&cfg->fc_prefsrc))
1803 flags |= RT6_LOOKUP_F_HAS_SADDR;
1805 rt = ip6_pol_route(net, table, cfg->fc_ifindex, &fl6, flags);
1807 /* if table lookup failed, fall back to full lookup */
1808 if (rt == net->ipv6.ip6_null_entry) {
1816 static struct rt6_info *ip6_route_info_create(struct fib6_config *cfg)
1818 struct net *net = cfg->fc_nlinfo.nl_net;
1819 struct rt6_info *rt = NULL;
1820 struct net_device *dev = NULL;
1821 struct inet6_dev *idev = NULL;
1822 struct fib6_table *table;
1826 if (cfg->fc_dst_len > 128 || cfg->fc_src_len > 128)
1828 #ifndef CONFIG_IPV6_SUBTREES
1829 if (cfg->fc_src_len)
1832 if (cfg->fc_ifindex) {
1834 dev = dev_get_by_index(net, cfg->fc_ifindex);
1837 idev = in6_dev_get(dev);
1842 if (cfg->fc_metric == 0)
1843 cfg->fc_metric = IP6_RT_PRIO_USER;
1846 if (cfg->fc_nlinfo.nlh &&
1847 !(cfg->fc_nlinfo.nlh->nlmsg_flags & NLM_F_CREATE)) {
1848 table = fib6_get_table(net, cfg->fc_table);
1850 pr_warn("NLM_F_CREATE should be specified when creating new route\n");
1851 table = fib6_new_table(net, cfg->fc_table);
1854 table = fib6_new_table(net, cfg->fc_table);
1860 rt = ip6_dst_alloc(net, NULL,
1861 (cfg->fc_flags & RTF_ADDRCONF) ? 0 : DST_NOCOUNT);
1868 if (cfg->fc_flags & RTF_EXPIRES)
1869 rt6_set_expires(rt, jiffies +
1870 clock_t_to_jiffies(cfg->fc_expires));
1872 rt6_clean_expires(rt);
1874 if (cfg->fc_protocol == RTPROT_UNSPEC)
1875 cfg->fc_protocol = RTPROT_BOOT;
1876 rt->rt6i_protocol = cfg->fc_protocol;
1878 addr_type = ipv6_addr_type(&cfg->fc_dst);
1880 if (addr_type & IPV6_ADDR_MULTICAST)
1881 rt->dst.input = ip6_mc_input;
1882 else if (cfg->fc_flags & RTF_LOCAL)
1883 rt->dst.input = ip6_input;
1885 rt->dst.input = ip6_forward;
1887 rt->dst.output = ip6_output;
1889 if (cfg->fc_encap) {
1890 struct lwtunnel_state *lwtstate;
1892 err = lwtunnel_build_state(dev, cfg->fc_encap_type,
1893 cfg->fc_encap, AF_INET6, cfg,
1897 rt->dst.lwtstate = lwtstate_get(lwtstate);
1898 if (lwtunnel_output_redirect(rt->dst.lwtstate)) {
1899 rt->dst.lwtstate->orig_output = rt->dst.output;
1900 rt->dst.output = lwtunnel_output;
1902 if (lwtunnel_input_redirect(rt->dst.lwtstate)) {
1903 rt->dst.lwtstate->orig_input = rt->dst.input;
1904 rt->dst.input = lwtunnel_input;
1908 ipv6_addr_prefix(&rt->rt6i_dst.addr, &cfg->fc_dst, cfg->fc_dst_len);
1909 rt->rt6i_dst.plen = cfg->fc_dst_len;
1910 if (rt->rt6i_dst.plen == 128)
1911 rt->dst.flags |= DST_HOST;
1913 #ifdef CONFIG_IPV6_SUBTREES
1914 ipv6_addr_prefix(&rt->rt6i_src.addr, &cfg->fc_src, cfg->fc_src_len);
1915 rt->rt6i_src.plen = cfg->fc_src_len;
1918 rt->rt6i_metric = cfg->fc_metric;
1920 /* We cannot add true routes via loopback here,
1921 they would result in kernel looping; promote them to reject routes
1923 if ((cfg->fc_flags & RTF_REJECT) ||
1924 (dev && (dev->flags & IFF_LOOPBACK) &&
1925 !(addr_type & IPV6_ADDR_LOOPBACK) &&
1926 !(cfg->fc_flags & RTF_LOCAL))) {
1927 /* hold loopback dev/idev if we haven't done so. */
1928 if (dev != net->loopback_dev) {
1933 dev = net->loopback_dev;
1935 idev = in6_dev_get(dev);
1941 rt->rt6i_flags = RTF_REJECT|RTF_NONEXTHOP;
1942 switch (cfg->fc_type) {
1944 rt->dst.error = -EINVAL;
1945 rt->dst.output = dst_discard_out;
1946 rt->dst.input = dst_discard;
1949 rt->dst.error = -EACCES;
1950 rt->dst.output = ip6_pkt_prohibit_out;
1951 rt->dst.input = ip6_pkt_prohibit;
1954 case RTN_UNREACHABLE:
1956 rt->dst.error = (cfg->fc_type == RTN_THROW) ? -EAGAIN
1957 : (cfg->fc_type == RTN_UNREACHABLE)
1958 ? -EHOSTUNREACH : -ENETUNREACH;
1959 rt->dst.output = ip6_pkt_discard_out;
1960 rt->dst.input = ip6_pkt_discard;
1966 if (cfg->fc_flags & RTF_GATEWAY) {
1967 const struct in6_addr *gw_addr;
1970 gw_addr = &cfg->fc_gateway;
1971 gwa_type = ipv6_addr_type(gw_addr);
1973 /* if gw_addr is local we will fail to detect this in case
1974 * address is still TENTATIVE (DAD in progress). rt6_lookup()
1975 * will return already-added prefix route via interface that
1976 * prefix route was assigned to, which might be non-loopback.
1979 if (ipv6_chk_addr_and_flags(net, gw_addr,
1980 gwa_type & IPV6_ADDR_LINKLOCAL ?
1984 rt->rt6i_gateway = *gw_addr;
1986 if (gwa_type != (IPV6_ADDR_LINKLOCAL|IPV6_ADDR_UNICAST)) {
1987 struct rt6_info *grt = NULL;
1989 /* IPv6 strictly inhibits using not link-local
1990 addresses as nexthop address.
1991 Otherwise, router will not able to send redirects.
1992 It is very good, but in some (rare!) circumstances
1993 (SIT, PtP, NBMA NOARP links) it is handy to allow
1994 some exceptions. --ANK
1996 if (!(gwa_type & IPV6_ADDR_UNICAST))
1999 if (cfg->fc_table) {
2000 grt = ip6_nh_lookup_table(net, cfg, gw_addr);
2003 if (grt->rt6i_flags & RTF_GATEWAY ||
2004 (dev && dev != grt->dst.dev)) {
2012 grt = rt6_lookup(net, gw_addr, NULL,
2013 cfg->fc_ifindex, 1);
2015 err = -EHOSTUNREACH;
2019 if (dev != grt->dst.dev) {
2025 idev = grt->rt6i_idev;
2027 in6_dev_hold(grt->rt6i_idev);
2029 if (!(grt->rt6i_flags & RTF_GATEWAY))
2037 if (!dev || (dev->flags & IFF_LOOPBACK))
2045 if (!ipv6_addr_any(&cfg->fc_prefsrc)) {
2046 if (!ipv6_chk_addr(net, &cfg->fc_prefsrc, dev, 0)) {
2050 rt->rt6i_prefsrc.addr = cfg->fc_prefsrc;
2051 rt->rt6i_prefsrc.plen = 128;
2053 rt->rt6i_prefsrc.plen = 0;
2055 rt->rt6i_flags = cfg->fc_flags;
2059 rt->rt6i_idev = idev;
2060 rt->rt6i_table = table;
2062 cfg->fc_nlinfo.nl_net = dev_net(dev);
2073 return ERR_PTR(err);
2076 int ip6_route_add(struct fib6_config *cfg)
2078 struct mx6_config mxc = { .mx = NULL, };
2079 struct rt6_info *rt;
2082 rt = ip6_route_info_create(cfg);
2089 err = ip6_convert_metrics(&mxc, cfg);
2093 err = __ip6_ins_rt(rt, &cfg->fc_nlinfo, &mxc);
2105 static int __ip6_del_rt(struct rt6_info *rt, struct nl_info *info)
2108 struct fib6_table *table;
2109 struct net *net = dev_net(rt->dst.dev);
2111 if (rt == net->ipv6.ip6_null_entry ||
2112 rt->dst.flags & DST_NOCACHE) {
2117 table = rt->rt6i_table;
2118 write_lock_bh(&table->tb6_lock);
2119 err = fib6_del(rt, info);
2120 write_unlock_bh(&table->tb6_lock);
2127 int ip6_del_rt(struct rt6_info *rt)
2129 struct nl_info info = {
2130 .nl_net = dev_net(rt->dst.dev),
2132 return __ip6_del_rt(rt, &info);
2135 static int ip6_route_del(struct fib6_config *cfg)
2137 struct fib6_table *table;
2138 struct fib6_node *fn;
2139 struct rt6_info *rt;
2142 table = fib6_get_table(cfg->fc_nlinfo.nl_net, cfg->fc_table);
2146 read_lock_bh(&table->tb6_lock);
2148 fn = fib6_locate(&table->tb6_root,
2149 &cfg->fc_dst, cfg->fc_dst_len,
2150 &cfg->fc_src, cfg->fc_src_len);
2153 for (rt = fn->leaf; rt; rt = rt->dst.rt6_next) {
2154 if ((rt->rt6i_flags & RTF_CACHE) &&
2155 !(cfg->fc_flags & RTF_CACHE))
2157 if (cfg->fc_ifindex &&
2159 rt->dst.dev->ifindex != cfg->fc_ifindex))
2161 if (cfg->fc_flags & RTF_GATEWAY &&
2162 !ipv6_addr_equal(&cfg->fc_gateway, &rt->rt6i_gateway))
2164 if (cfg->fc_metric && cfg->fc_metric != rt->rt6i_metric)
2167 read_unlock_bh(&table->tb6_lock);
2169 return __ip6_del_rt(rt, &cfg->fc_nlinfo);
2172 read_unlock_bh(&table->tb6_lock);
2177 static void rt6_do_redirect(struct dst_entry *dst, struct sock *sk, struct sk_buff *skb)
2179 struct netevent_redirect netevent;
2180 struct rt6_info *rt, *nrt = NULL;
2181 struct ndisc_options ndopts;
2182 struct inet6_dev *in6_dev;
2183 struct neighbour *neigh;
2185 int optlen, on_link;
2188 optlen = skb_tail_pointer(skb) - skb_transport_header(skb);
2189 optlen -= sizeof(*msg);
2192 net_dbg_ratelimited("rt6_do_redirect: packet too short\n");
2196 msg = (struct rd_msg *)icmp6_hdr(skb);
2198 if (ipv6_addr_is_multicast(&msg->dest)) {
2199 net_dbg_ratelimited("rt6_do_redirect: destination address is multicast\n");
2204 if (ipv6_addr_equal(&msg->dest, &msg->target)) {
2206 } else if (ipv6_addr_type(&msg->target) !=
2207 (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
2208 net_dbg_ratelimited("rt6_do_redirect: target address is not link-local unicast\n");
2212 in6_dev = __in6_dev_get(skb->dev);
2215 if (in6_dev->cnf.forwarding || !in6_dev->cnf.accept_redirects)
2219 * The IP source address of the Redirect MUST be the same as the current
2220 * first-hop router for the specified ICMP Destination Address.
2223 if (!ndisc_parse_options(skb->dev, msg->opt, optlen, &ndopts)) {
2224 net_dbg_ratelimited("rt6_redirect: invalid ND options\n");
2229 if (ndopts.nd_opts_tgt_lladdr) {
2230 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr,
2233 net_dbg_ratelimited("rt6_redirect: invalid link-layer address length\n");
2238 rt = (struct rt6_info *) dst;
2239 if (rt->rt6i_flags & RTF_REJECT) {
2240 net_dbg_ratelimited("rt6_redirect: source isn't a valid nexthop for redirect target\n");
2244 /* Redirect received -> path was valid.
2245 * Look, redirects are sent only in response to data packets,
2246 * so that this nexthop apparently is reachable. --ANK
2248 dst_confirm(&rt->dst);
2250 neigh = __neigh_lookup(&nd_tbl, &msg->target, skb->dev, 1);
2255 * We have finally decided to accept it.
2258 ndisc_update(skb->dev, neigh, lladdr, NUD_STALE,
2259 NEIGH_UPDATE_F_WEAK_OVERRIDE|
2260 NEIGH_UPDATE_F_OVERRIDE|
2261 (on_link ? 0 : (NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
2262 NEIGH_UPDATE_F_ISROUTER)),
2263 NDISC_REDIRECT, &ndopts);
2265 nrt = ip6_rt_cache_alloc(rt, &msg->dest, NULL);
2269 nrt->rt6i_flags = RTF_GATEWAY|RTF_UP|RTF_DYNAMIC|RTF_CACHE;
2271 nrt->rt6i_flags &= ~RTF_GATEWAY;
2273 nrt->rt6i_gateway = *(struct in6_addr *)neigh->primary_key;
2275 if (ip6_ins_rt(nrt))
2278 netevent.old = &rt->dst;
2279 netevent.new = &nrt->dst;
2280 netevent.daddr = &msg->dest;
2281 netevent.neigh = neigh;
2282 call_netevent_notifiers(NETEVENT_REDIRECT, &netevent);
2284 if (rt->rt6i_flags & RTF_CACHE) {
2285 rt = (struct rt6_info *) dst_clone(&rt->dst);
2290 neigh_release(neigh);
2294 * Misc support functions
2297 static void rt6_set_from(struct rt6_info *rt, struct rt6_info *from)
2299 BUG_ON(from->dst.from);
2301 rt->rt6i_flags &= ~RTF_EXPIRES;
2302 dst_hold(&from->dst);
2303 rt->dst.from = &from->dst;
2304 dst_init_metrics(&rt->dst, dst_metrics_ptr(&from->dst), true);
2307 static void ip6_rt_copy_init(struct rt6_info *rt, struct rt6_info *ort)
2309 rt->dst.input = ort->dst.input;
2310 rt->dst.output = ort->dst.output;
2311 rt->rt6i_dst = ort->rt6i_dst;
2312 rt->dst.error = ort->dst.error;
2313 rt->rt6i_idev = ort->rt6i_idev;
2315 in6_dev_hold(rt->rt6i_idev);
2316 rt->dst.lastuse = jiffies;
2317 rt->rt6i_gateway = ort->rt6i_gateway;
2318 rt->rt6i_flags = ort->rt6i_flags;
2319 rt6_set_from(rt, ort);
2320 rt->rt6i_metric = ort->rt6i_metric;
2321 #ifdef CONFIG_IPV6_SUBTREES
2322 rt->rt6i_src = ort->rt6i_src;
2324 rt->rt6i_prefsrc = ort->rt6i_prefsrc;
2325 rt->rt6i_table = ort->rt6i_table;
2326 rt->dst.lwtstate = lwtstate_get(ort->dst.lwtstate);
2329 #ifdef CONFIG_IPV6_ROUTE_INFO
2330 static struct rt6_info *rt6_get_route_info(struct net *net,
2331 const struct in6_addr *prefix, int prefixlen,
2332 const struct in6_addr *gwaddr,
2333 struct net_device *dev)
2335 u32 tb_id = l3mdev_fib_table(dev) ? : RT6_TABLE_INFO;
2336 int ifindex = dev->ifindex;
2337 struct fib6_node *fn;
2338 struct rt6_info *rt = NULL;
2339 struct fib6_table *table;
2341 table = fib6_get_table(net, tb_id);
2345 read_lock_bh(&table->tb6_lock);
2346 fn = fib6_locate(&table->tb6_root, prefix, prefixlen, NULL, 0);
2350 for (rt = fn->leaf; rt; rt = rt->dst.rt6_next) {
2351 if (rt->dst.dev->ifindex != ifindex)
2353 if ((rt->rt6i_flags & (RTF_ROUTEINFO|RTF_GATEWAY)) != (RTF_ROUTEINFO|RTF_GATEWAY))
2355 if (!ipv6_addr_equal(&rt->rt6i_gateway, gwaddr))
2361 read_unlock_bh(&table->tb6_lock);
2365 static struct rt6_info *rt6_add_route_info(struct net *net,
2366 const struct in6_addr *prefix, int prefixlen,
2367 const struct in6_addr *gwaddr,
2368 struct net_device *dev,
2371 struct fib6_config cfg = {
2372 .fc_metric = IP6_RT_PRIO_USER,
2373 .fc_ifindex = dev->ifindex,
2374 .fc_dst_len = prefixlen,
2375 .fc_flags = RTF_GATEWAY | RTF_ADDRCONF | RTF_ROUTEINFO |
2376 RTF_UP | RTF_PREF(pref),
2377 .fc_nlinfo.portid = 0,
2378 .fc_nlinfo.nlh = NULL,
2379 .fc_nlinfo.nl_net = net,
2382 cfg.fc_table = l3mdev_fib_table(dev) ? : RT6_TABLE_INFO,
2383 cfg.fc_dst = *prefix;
2384 cfg.fc_gateway = *gwaddr;
2386 /* We should treat it as a default route if prefix length is 0. */
2388 cfg.fc_flags |= RTF_DEFAULT;
2390 ip6_route_add(&cfg);
2392 return rt6_get_route_info(net, prefix, prefixlen, gwaddr, dev);
2396 struct rt6_info *rt6_get_dflt_router(const struct in6_addr *addr, struct net_device *dev)
2398 u32 tb_id = l3mdev_fib_table(dev) ? : RT6_TABLE_DFLT;
2399 struct rt6_info *rt;
2400 struct fib6_table *table;
2402 table = fib6_get_table(dev_net(dev), tb_id);
2406 read_lock_bh(&table->tb6_lock);
2407 for (rt = table->tb6_root.leaf; rt; rt = rt->dst.rt6_next) {
2408 if (dev == rt->dst.dev &&
2409 ((rt->rt6i_flags & (RTF_ADDRCONF | RTF_DEFAULT)) == (RTF_ADDRCONF | RTF_DEFAULT)) &&
2410 ipv6_addr_equal(&rt->rt6i_gateway, addr))
2415 read_unlock_bh(&table->tb6_lock);
2419 struct rt6_info *rt6_add_dflt_router(const struct in6_addr *gwaddr,
2420 struct net_device *dev,
2423 struct fib6_config cfg = {
2424 .fc_table = l3mdev_fib_table(dev) ? : RT6_TABLE_DFLT,
2425 .fc_metric = IP6_RT_PRIO_USER,
2426 .fc_ifindex = dev->ifindex,
2427 .fc_flags = RTF_GATEWAY | RTF_ADDRCONF | RTF_DEFAULT |
2428 RTF_UP | RTF_EXPIRES | RTF_PREF(pref),
2429 .fc_nlinfo.portid = 0,
2430 .fc_nlinfo.nlh = NULL,
2431 .fc_nlinfo.nl_net = dev_net(dev),
2434 cfg.fc_gateway = *gwaddr;
2436 if (!ip6_route_add(&cfg)) {
2437 struct fib6_table *table;
2439 table = fib6_get_table(dev_net(dev), cfg.fc_table);
2441 table->flags |= RT6_TABLE_HAS_DFLT_ROUTER;
2444 return rt6_get_dflt_router(gwaddr, dev);
2447 static void __rt6_purge_dflt_routers(struct fib6_table *table)
2449 struct rt6_info *rt;
2452 read_lock_bh(&table->tb6_lock);
2453 for (rt = table->tb6_root.leaf; rt; rt = rt->dst.rt6_next) {
2454 if (rt->rt6i_flags & (RTF_DEFAULT | RTF_ADDRCONF) &&
2455 (!rt->rt6i_idev || rt->rt6i_idev->cnf.accept_ra != 2)) {
2457 read_unlock_bh(&table->tb6_lock);
2462 read_unlock_bh(&table->tb6_lock);
2464 table->flags &= ~RT6_TABLE_HAS_DFLT_ROUTER;
2467 void rt6_purge_dflt_routers(struct net *net)
2469 struct fib6_table *table;
2470 struct hlist_head *head;
2475 for (h = 0; h < FIB6_TABLE_HASHSZ; h++) {
2476 head = &net->ipv6.fib_table_hash[h];
2477 hlist_for_each_entry_rcu(table, head, tb6_hlist) {
2478 if (table->flags & RT6_TABLE_HAS_DFLT_ROUTER)
2479 __rt6_purge_dflt_routers(table);
2486 static void rtmsg_to_fib6_config(struct net *net,
2487 struct in6_rtmsg *rtmsg,
2488 struct fib6_config *cfg)
2490 memset(cfg, 0, sizeof(*cfg));
2492 cfg->fc_table = l3mdev_fib_table_by_index(net, rtmsg->rtmsg_ifindex) ?
2494 cfg->fc_ifindex = rtmsg->rtmsg_ifindex;
2495 cfg->fc_metric = rtmsg->rtmsg_metric;
2496 cfg->fc_expires = rtmsg->rtmsg_info;
2497 cfg->fc_dst_len = rtmsg->rtmsg_dst_len;
2498 cfg->fc_src_len = rtmsg->rtmsg_src_len;
2499 cfg->fc_flags = rtmsg->rtmsg_flags;
2501 cfg->fc_nlinfo.nl_net = net;
2503 cfg->fc_dst = rtmsg->rtmsg_dst;
2504 cfg->fc_src = rtmsg->rtmsg_src;
2505 cfg->fc_gateway = rtmsg->rtmsg_gateway;
2508 int ipv6_route_ioctl(struct net *net, unsigned int cmd, void __user *arg)
2510 struct fib6_config cfg;
2511 struct in6_rtmsg rtmsg;
2515 case SIOCADDRT: /* Add a route */
2516 case SIOCDELRT: /* Delete a route */
2517 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
2519 err = copy_from_user(&rtmsg, arg,
2520 sizeof(struct in6_rtmsg));
2524 rtmsg_to_fib6_config(net, &rtmsg, &cfg);
2529 err = ip6_route_add(&cfg);
2532 err = ip6_route_del(&cfg);
2546 * Drop the packet on the floor
2549 static int ip6_pkt_drop(struct sk_buff *skb, u8 code, int ipstats_mib_noroutes)
2552 struct dst_entry *dst = skb_dst(skb);
2553 switch (ipstats_mib_noroutes) {
2554 case IPSTATS_MIB_INNOROUTES:
2555 type = ipv6_addr_type(&ipv6_hdr(skb)->daddr);
2556 if (type == IPV6_ADDR_ANY) {
2557 IP6_INC_STATS(dev_net(dst->dev), ip6_dst_idev(dst),
2558 IPSTATS_MIB_INADDRERRORS);
2562 case IPSTATS_MIB_OUTNOROUTES:
2563 IP6_INC_STATS(dev_net(dst->dev), ip6_dst_idev(dst),
2564 ipstats_mib_noroutes);
2567 icmpv6_send(skb, ICMPV6_DEST_UNREACH, code, 0);
2572 static int ip6_pkt_discard(struct sk_buff *skb)
2574 return ip6_pkt_drop(skb, ICMPV6_NOROUTE, IPSTATS_MIB_INNOROUTES);
2577 static int ip6_pkt_discard_out(struct net *net, struct sock *sk, struct sk_buff *skb)
2579 skb->dev = skb_dst(skb)->dev;
2580 return ip6_pkt_drop(skb, ICMPV6_NOROUTE, IPSTATS_MIB_OUTNOROUTES);
2583 static int ip6_pkt_prohibit(struct sk_buff *skb)
2585 return ip6_pkt_drop(skb, ICMPV6_ADM_PROHIBITED, IPSTATS_MIB_INNOROUTES);
2588 static int ip6_pkt_prohibit_out(struct net *net, struct sock *sk, struct sk_buff *skb)
2590 skb->dev = skb_dst(skb)->dev;
2591 return ip6_pkt_drop(skb, ICMPV6_ADM_PROHIBITED, IPSTATS_MIB_OUTNOROUTES);
2595 * Allocate a dst for local (unicast / anycast) address.
2598 struct rt6_info *addrconf_dst_alloc(struct inet6_dev *idev,
2599 const struct in6_addr *addr,
2603 struct net *net = dev_net(idev->dev);
2604 struct net_device *dev = net->loopback_dev;
2605 struct rt6_info *rt;
2607 /* use L3 Master device as loopback for host routes if device
2608 * is enslaved and address is not link local or multicast
2610 if (!rt6_need_strict(addr))
2611 dev = l3mdev_master_dev_rcu(idev->dev) ? : dev;
2613 rt = ip6_dst_alloc(net, dev, DST_NOCOUNT);
2615 return ERR_PTR(-ENOMEM);
2619 rt->dst.flags |= DST_HOST;
2620 rt->dst.input = ip6_input;
2621 rt->dst.output = ip6_output;
2622 rt->rt6i_idev = idev;
2624 rt->rt6i_flags = RTF_UP | RTF_NONEXTHOP;
2626 rt->rt6i_flags |= RTF_ANYCAST;
2628 rt->rt6i_flags |= RTF_LOCAL;
2630 rt->rt6i_gateway = *addr;
2631 rt->rt6i_dst.addr = *addr;
2632 rt->rt6i_dst.plen = 128;
2633 tb_id = l3mdev_fib_table(idev->dev) ? : RT6_TABLE_LOCAL;
2634 rt->rt6i_table = fib6_get_table(net, tb_id);
2635 rt->dst.flags |= DST_NOCACHE;
2637 atomic_set(&rt->dst.__refcnt, 1);
2642 /* remove deleted ip from prefsrc entries */
2643 struct arg_dev_net_ip {
2644 struct net_device *dev;
2646 struct in6_addr *addr;
2649 static int fib6_remove_prefsrc(struct rt6_info *rt, void *arg)
2651 struct net_device *dev = ((struct arg_dev_net_ip *)arg)->dev;
2652 struct net *net = ((struct arg_dev_net_ip *)arg)->net;
2653 struct in6_addr *addr = ((struct arg_dev_net_ip *)arg)->addr;
2655 if (((void *)rt->dst.dev == dev || !dev) &&
2656 rt != net->ipv6.ip6_null_entry &&
2657 ipv6_addr_equal(addr, &rt->rt6i_prefsrc.addr)) {
2658 /* remove prefsrc entry */
2659 rt->rt6i_prefsrc.plen = 0;
2664 void rt6_remove_prefsrc(struct inet6_ifaddr *ifp)
2666 struct net *net = dev_net(ifp->idev->dev);
2667 struct arg_dev_net_ip adni = {
2668 .dev = ifp->idev->dev,
2672 fib6_clean_all(net, fib6_remove_prefsrc, &adni);
2675 #define RTF_RA_ROUTER (RTF_ADDRCONF | RTF_DEFAULT | RTF_GATEWAY)
2676 #define RTF_CACHE_GATEWAY (RTF_GATEWAY | RTF_CACHE)
2678 /* Remove routers and update dst entries when gateway turn into host. */
2679 static int fib6_clean_tohost(struct rt6_info *rt, void *arg)
2681 struct in6_addr *gateway = (struct in6_addr *)arg;
2683 if ((((rt->rt6i_flags & RTF_RA_ROUTER) == RTF_RA_ROUTER) ||
2684 ((rt->rt6i_flags & RTF_CACHE_GATEWAY) == RTF_CACHE_GATEWAY)) &&
2685 ipv6_addr_equal(gateway, &rt->rt6i_gateway)) {
2691 void rt6_clean_tohost(struct net *net, struct in6_addr *gateway)
2693 fib6_clean_all(net, fib6_clean_tohost, gateway);
2696 struct arg_dev_net {
2697 struct net_device *dev;
2701 static int fib6_ifdown(struct rt6_info *rt, void *arg)
2703 const struct arg_dev_net *adn = arg;
2704 const struct net_device *dev = adn->dev;
2706 if ((rt->dst.dev == dev || !dev) &&
2707 rt != adn->net->ipv6.ip6_null_entry)
2713 void rt6_ifdown(struct net *net, struct net_device *dev)
2715 struct arg_dev_net adn = {
2720 fib6_clean_all(net, fib6_ifdown, &adn);
2721 icmp6_clean_all(fib6_ifdown, &adn);
2723 rt6_uncached_list_flush_dev(net, dev);
2726 struct rt6_mtu_change_arg {
2727 struct net_device *dev;
2731 static int rt6_mtu_change_route(struct rt6_info *rt, void *p_arg)
2733 struct rt6_mtu_change_arg *arg = (struct rt6_mtu_change_arg *) p_arg;
2734 struct inet6_dev *idev;
2736 /* In IPv6 pmtu discovery is not optional,
2737 so that RTAX_MTU lock cannot disable it.
2738 We still use this lock to block changes
2739 caused by addrconf/ndisc.
2742 idev = __in6_dev_get(arg->dev);
2746 /* For administrative MTU increase, there is no way to discover
2747 IPv6 PMTU increase, so PMTU increase should be updated here.
2748 Since RFC 1981 doesn't include administrative MTU increase
2749 update PMTU increase is a MUST. (i.e. jumbo frame)
2752 If new MTU is less than route PMTU, this new MTU will be the
2753 lowest MTU in the path, update the route PMTU to reflect PMTU
2754 decreases; if new MTU is greater than route PMTU, and the
2755 old MTU is the lowest MTU in the path, update the route PMTU
2756 to reflect the increase. In this case if the other nodes' MTU
2757 also have the lowest MTU, TOO BIG MESSAGE will be lead to
2760 if (rt->dst.dev == arg->dev &&
2761 !dst_metric_locked(&rt->dst, RTAX_MTU)) {
2762 if (rt->rt6i_flags & RTF_CACHE) {
2763 /* For RTF_CACHE with rt6i_pmtu == 0
2764 * (i.e. a redirected route),
2765 * the metrics of its rt->dst.from has already
2768 if (rt->rt6i_pmtu && rt->rt6i_pmtu > arg->mtu)
2769 rt->rt6i_pmtu = arg->mtu;
2770 } else if (dst_mtu(&rt->dst) >= arg->mtu ||
2771 (dst_mtu(&rt->dst) < arg->mtu &&
2772 dst_mtu(&rt->dst) == idev->cnf.mtu6)) {
2773 dst_metric_set(&rt->dst, RTAX_MTU, arg->mtu);
2779 void rt6_mtu_change(struct net_device *dev, unsigned int mtu)
2781 struct rt6_mtu_change_arg arg = {
2786 fib6_clean_all(dev_net(dev), rt6_mtu_change_route, &arg);
2789 static const struct nla_policy rtm_ipv6_policy[RTA_MAX+1] = {
2790 [RTA_GATEWAY] = { .len = sizeof(struct in6_addr) },
2791 [RTA_OIF] = { .type = NLA_U32 },
2792 [RTA_IIF] = { .type = NLA_U32 },
2793 [RTA_PRIORITY] = { .type = NLA_U32 },
2794 [RTA_METRICS] = { .type = NLA_NESTED },
2795 [RTA_MULTIPATH] = { .len = sizeof(struct rtnexthop) },
2796 [RTA_PREF] = { .type = NLA_U8 },
2797 [RTA_ENCAP_TYPE] = { .type = NLA_U16 },
2798 [RTA_ENCAP] = { .type = NLA_NESTED },
2799 [RTA_EXPIRES] = { .type = NLA_U32 },
2802 static int rtm_to_fib6_config(struct sk_buff *skb, struct nlmsghdr *nlh,
2803 struct fib6_config *cfg)
2806 struct nlattr *tb[RTA_MAX+1];
2810 err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_ipv6_policy);
2815 rtm = nlmsg_data(nlh);
2816 memset(cfg, 0, sizeof(*cfg));
2818 cfg->fc_table = rtm->rtm_table;
2819 cfg->fc_dst_len = rtm->rtm_dst_len;
2820 cfg->fc_src_len = rtm->rtm_src_len;
2821 cfg->fc_flags = RTF_UP;
2822 cfg->fc_protocol = rtm->rtm_protocol;
2823 cfg->fc_type = rtm->rtm_type;
2825 if (rtm->rtm_type == RTN_UNREACHABLE ||
2826 rtm->rtm_type == RTN_BLACKHOLE ||
2827 rtm->rtm_type == RTN_PROHIBIT ||
2828 rtm->rtm_type == RTN_THROW)
2829 cfg->fc_flags |= RTF_REJECT;
2831 if (rtm->rtm_type == RTN_LOCAL)
2832 cfg->fc_flags |= RTF_LOCAL;
2834 if (rtm->rtm_flags & RTM_F_CLONED)
2835 cfg->fc_flags |= RTF_CACHE;
2837 cfg->fc_nlinfo.portid = NETLINK_CB(skb).portid;
2838 cfg->fc_nlinfo.nlh = nlh;
2839 cfg->fc_nlinfo.nl_net = sock_net(skb->sk);
2841 if (tb[RTA_GATEWAY]) {
2842 cfg->fc_gateway = nla_get_in6_addr(tb[RTA_GATEWAY]);
2843 cfg->fc_flags |= RTF_GATEWAY;
2847 int plen = (rtm->rtm_dst_len + 7) >> 3;
2849 if (nla_len(tb[RTA_DST]) < plen)
2852 nla_memcpy(&cfg->fc_dst, tb[RTA_DST], plen);
2856 int plen = (rtm->rtm_src_len + 7) >> 3;
2858 if (nla_len(tb[RTA_SRC]) < plen)
2861 nla_memcpy(&cfg->fc_src, tb[RTA_SRC], plen);
2864 if (tb[RTA_PREFSRC])
2865 cfg->fc_prefsrc = nla_get_in6_addr(tb[RTA_PREFSRC]);
2868 cfg->fc_ifindex = nla_get_u32(tb[RTA_OIF]);
2870 if (tb[RTA_PRIORITY])
2871 cfg->fc_metric = nla_get_u32(tb[RTA_PRIORITY]);
2873 if (tb[RTA_METRICS]) {
2874 cfg->fc_mx = nla_data(tb[RTA_METRICS]);
2875 cfg->fc_mx_len = nla_len(tb[RTA_METRICS]);
2879 cfg->fc_table = nla_get_u32(tb[RTA_TABLE]);
2881 if (tb[RTA_MULTIPATH]) {
2882 cfg->fc_mp = nla_data(tb[RTA_MULTIPATH]);
2883 cfg->fc_mp_len = nla_len(tb[RTA_MULTIPATH]);
2887 pref = nla_get_u8(tb[RTA_PREF]);
2888 if (pref != ICMPV6_ROUTER_PREF_LOW &&
2889 pref != ICMPV6_ROUTER_PREF_HIGH)
2890 pref = ICMPV6_ROUTER_PREF_MEDIUM;
2891 cfg->fc_flags |= RTF_PREF(pref);
2895 cfg->fc_encap = tb[RTA_ENCAP];
2897 if (tb[RTA_ENCAP_TYPE])
2898 cfg->fc_encap_type = nla_get_u16(tb[RTA_ENCAP_TYPE]);
2900 if (tb[RTA_EXPIRES]) {
2901 unsigned long timeout = addrconf_timeout_fixup(nla_get_u32(tb[RTA_EXPIRES]), HZ);
2903 if (addrconf_finite_timeout(timeout)) {
2904 cfg->fc_expires = jiffies_to_clock_t(timeout * HZ);
2905 cfg->fc_flags |= RTF_EXPIRES;
2915 struct rt6_info *rt6_info;
2916 struct fib6_config r_cfg;
2917 struct mx6_config mxc;
2918 struct list_head next;
2921 static void ip6_print_replace_route_err(struct list_head *rt6_nh_list)
2925 list_for_each_entry(nh, rt6_nh_list, next) {
2926 pr_warn("IPV6: multipath route replace failed (check consistency of installed routes): %pI6 nexthop %pI6 ifi %d\n",
2927 &nh->r_cfg.fc_dst, &nh->r_cfg.fc_gateway,
2928 nh->r_cfg.fc_ifindex);
2932 static int ip6_route_info_append(struct list_head *rt6_nh_list,
2933 struct rt6_info *rt, struct fib6_config *r_cfg)
2936 struct rt6_info *rtnh;
2939 list_for_each_entry(nh, rt6_nh_list, next) {
2940 /* check if rt6_info already exists */
2941 rtnh = nh->rt6_info;
2943 if (rtnh->dst.dev == rt->dst.dev &&
2944 rtnh->rt6i_idev == rt->rt6i_idev &&
2945 ipv6_addr_equal(&rtnh->rt6i_gateway,
2950 nh = kzalloc(sizeof(*nh), GFP_KERNEL);
2954 err = ip6_convert_metrics(&nh->mxc, r_cfg);
2959 memcpy(&nh->r_cfg, r_cfg, sizeof(*r_cfg));
2960 list_add_tail(&nh->next, rt6_nh_list);
2965 static int ip6_route_multipath_add(struct fib6_config *cfg)
2967 struct fib6_config r_cfg;
2968 struct rtnexthop *rtnh;
2969 struct rt6_info *rt;
2970 struct rt6_nh *err_nh;
2971 struct rt6_nh *nh, *nh_safe;
2976 int replace = (cfg->fc_nlinfo.nlh &&
2977 (cfg->fc_nlinfo.nlh->nlmsg_flags & NLM_F_REPLACE));
2978 LIST_HEAD(rt6_nh_list);
2980 remaining = cfg->fc_mp_len;
2981 rtnh = (struct rtnexthop *)cfg->fc_mp;
2983 /* Parse a Multipath Entry and build a list (rt6_nh_list) of
2984 * rt6_info structs per nexthop
2986 while (rtnh_ok(rtnh, remaining)) {
2987 memcpy(&r_cfg, cfg, sizeof(*cfg));
2988 if (rtnh->rtnh_ifindex)
2989 r_cfg.fc_ifindex = rtnh->rtnh_ifindex;
2991 attrlen = rtnh_attrlen(rtnh);
2993 struct nlattr *nla, *attrs = rtnh_attrs(rtnh);
2995 nla = nla_find(attrs, attrlen, RTA_GATEWAY);
2997 r_cfg.fc_gateway = nla_get_in6_addr(nla);
2998 r_cfg.fc_flags |= RTF_GATEWAY;
3000 r_cfg.fc_encap = nla_find(attrs, attrlen, RTA_ENCAP);
3001 nla = nla_find(attrs, attrlen, RTA_ENCAP_TYPE);
3003 r_cfg.fc_encap_type = nla_get_u16(nla);
3006 rt = ip6_route_info_create(&r_cfg);
3013 err = ip6_route_info_append(&rt6_nh_list, rt, &r_cfg);
3019 rtnh = rtnh_next(rtnh, &remaining);
3023 list_for_each_entry(nh, &rt6_nh_list, next) {
3024 err = __ip6_ins_rt(nh->rt6_info, &cfg->fc_nlinfo, &nh->mxc);
3025 /* nh->rt6_info is used or freed at this point, reset to NULL*/
3026 nh->rt6_info = NULL;
3029 ip6_print_replace_route_err(&rt6_nh_list);
3034 /* Because each route is added like a single route we remove
3035 * these flags after the first nexthop: if there is a collision,
3036 * we have already failed to add the first nexthop:
3037 * fib6_add_rt2node() has rejected it; when replacing, old
3038 * nexthops have been replaced by first new, the rest should
3041 cfg->fc_nlinfo.nlh->nlmsg_flags &= ~(NLM_F_EXCL |
3049 /* Delete routes that were already added */
3050 list_for_each_entry(nh, &rt6_nh_list, next) {
3053 ip6_route_del(&nh->r_cfg);
3057 list_for_each_entry_safe(nh, nh_safe, &rt6_nh_list, next) {
3059 dst_free(&nh->rt6_info->dst);
3061 list_del(&nh->next);
3068 static int ip6_route_multipath_del(struct fib6_config *cfg)
3070 struct fib6_config r_cfg;
3071 struct rtnexthop *rtnh;
3074 int err = 1, last_err = 0;
3076 remaining = cfg->fc_mp_len;
3077 rtnh = (struct rtnexthop *)cfg->fc_mp;
3079 /* Parse a Multipath Entry */
3080 while (rtnh_ok(rtnh, remaining)) {
3081 memcpy(&r_cfg, cfg, sizeof(*cfg));
3082 if (rtnh->rtnh_ifindex)
3083 r_cfg.fc_ifindex = rtnh->rtnh_ifindex;
3085 attrlen = rtnh_attrlen(rtnh);
3087 struct nlattr *nla, *attrs = rtnh_attrs(rtnh);
3089 nla = nla_find(attrs, attrlen, RTA_GATEWAY);
3091 nla_memcpy(&r_cfg.fc_gateway, nla, 16);
3092 r_cfg.fc_flags |= RTF_GATEWAY;
3095 err = ip6_route_del(&r_cfg);
3099 rtnh = rtnh_next(rtnh, &remaining);
3105 static int inet6_rtm_delroute(struct sk_buff *skb, struct nlmsghdr *nlh)
3107 struct fib6_config cfg;
3110 err = rtm_to_fib6_config(skb, nlh, &cfg);
3115 return ip6_route_multipath_del(&cfg);
3117 return ip6_route_del(&cfg);
3120 static int inet6_rtm_newroute(struct sk_buff *skb, struct nlmsghdr *nlh)
3122 struct fib6_config cfg;
3125 err = rtm_to_fib6_config(skb, nlh, &cfg);
3130 return ip6_route_multipath_add(&cfg);
3132 return ip6_route_add(&cfg);
3135 static inline size_t rt6_nlmsg_size(struct rt6_info *rt)
3137 return NLMSG_ALIGN(sizeof(struct rtmsg))
3138 + nla_total_size(16) /* RTA_SRC */
3139 + nla_total_size(16) /* RTA_DST */
3140 + nla_total_size(16) /* RTA_GATEWAY */
3141 + nla_total_size(16) /* RTA_PREFSRC */
3142 + nla_total_size(4) /* RTA_TABLE */
3143 + nla_total_size(4) /* RTA_IIF */
3144 + nla_total_size(4) /* RTA_OIF */
3145 + nla_total_size(4) /* RTA_PRIORITY */
3146 + RTAX_MAX * nla_total_size(4) /* RTA_METRICS */
3147 + nla_total_size(sizeof(struct rta_cacheinfo))
3148 + nla_total_size(TCP_CA_NAME_MAX) /* RTAX_CC_ALGO */
3149 + nla_total_size(1) /* RTA_PREF */
3150 + lwtunnel_get_encap_size(rt->dst.lwtstate);
3153 static int rt6_fill_node(struct net *net,
3154 struct sk_buff *skb, struct rt6_info *rt,
3155 struct in6_addr *dst, struct in6_addr *src,
3156 int iif, int type, u32 portid, u32 seq,
3157 int prefix, int nowait, unsigned int flags)
3159 u32 metrics[RTAX_MAX];
3161 struct nlmsghdr *nlh;
3165 if (prefix) { /* user wants prefix routes only */
3166 if (!(rt->rt6i_flags & RTF_PREFIX_RT)) {
3167 /* success since this is not a prefix route */
3172 nlh = nlmsg_put(skb, portid, seq, type, sizeof(*rtm), flags);
3176 rtm = nlmsg_data(nlh);
3177 rtm->rtm_family = AF_INET6;
3178 rtm->rtm_dst_len = rt->rt6i_dst.plen;
3179 rtm->rtm_src_len = rt->rt6i_src.plen;
3182 table = rt->rt6i_table->tb6_id;
3184 table = RT6_TABLE_UNSPEC;
3185 rtm->rtm_table = table;
3186 if (nla_put_u32(skb, RTA_TABLE, table))
3187 goto nla_put_failure;
3188 if (rt->rt6i_flags & RTF_REJECT) {
3189 switch (rt->dst.error) {
3191 rtm->rtm_type = RTN_BLACKHOLE;
3194 rtm->rtm_type = RTN_PROHIBIT;
3197 rtm->rtm_type = RTN_THROW;
3200 rtm->rtm_type = RTN_UNREACHABLE;
3204 else if (rt->rt6i_flags & RTF_LOCAL)
3205 rtm->rtm_type = RTN_LOCAL;
3206 else if (rt->dst.dev && (rt->dst.dev->flags & IFF_LOOPBACK))
3207 rtm->rtm_type = RTN_LOCAL;
3209 rtm->rtm_type = RTN_UNICAST;
3211 if (!netif_carrier_ok(rt->dst.dev)) {
3212 rtm->rtm_flags |= RTNH_F_LINKDOWN;
3213 if (rt->rt6i_idev->cnf.ignore_routes_with_linkdown)
3214 rtm->rtm_flags |= RTNH_F_DEAD;
3216 rtm->rtm_scope = RT_SCOPE_UNIVERSE;
3217 rtm->rtm_protocol = rt->rt6i_protocol;
3218 if (rt->rt6i_flags & RTF_DYNAMIC)
3219 rtm->rtm_protocol = RTPROT_REDIRECT;
3220 else if (rt->rt6i_flags & RTF_ADDRCONF) {
3221 if (rt->rt6i_flags & (RTF_DEFAULT | RTF_ROUTEINFO))
3222 rtm->rtm_protocol = RTPROT_RA;
3224 rtm->rtm_protocol = RTPROT_KERNEL;
3227 if (rt->rt6i_flags & RTF_CACHE)
3228 rtm->rtm_flags |= RTM_F_CLONED;
3231 if (nla_put_in6_addr(skb, RTA_DST, dst))
3232 goto nla_put_failure;
3233 rtm->rtm_dst_len = 128;
3234 } else if (rtm->rtm_dst_len)
3235 if (nla_put_in6_addr(skb, RTA_DST, &rt->rt6i_dst.addr))
3236 goto nla_put_failure;
3237 #ifdef CONFIG_IPV6_SUBTREES
3239 if (nla_put_in6_addr(skb, RTA_SRC, src))
3240 goto nla_put_failure;
3241 rtm->rtm_src_len = 128;
3242 } else if (rtm->rtm_src_len &&
3243 nla_put_in6_addr(skb, RTA_SRC, &rt->rt6i_src.addr))
3244 goto nla_put_failure;
3247 #ifdef CONFIG_IPV6_MROUTE
3248 if (ipv6_addr_is_multicast(&rt->rt6i_dst.addr)) {
3249 int err = ip6mr_get_route(net, skb, rtm, nowait,
3256 goto nla_put_failure;
3258 if (err == -EMSGSIZE)
3259 goto nla_put_failure;
3264 if (nla_put_u32(skb, RTA_IIF, iif))
3265 goto nla_put_failure;
3267 struct in6_addr saddr_buf;
3268 if (ip6_route_get_saddr(net, rt, dst, 0, &saddr_buf) == 0 &&
3269 nla_put_in6_addr(skb, RTA_PREFSRC, &saddr_buf))
3270 goto nla_put_failure;
3273 if (rt->rt6i_prefsrc.plen) {
3274 struct in6_addr saddr_buf;
3275 saddr_buf = rt->rt6i_prefsrc.addr;
3276 if (nla_put_in6_addr(skb, RTA_PREFSRC, &saddr_buf))
3277 goto nla_put_failure;
3280 memcpy(metrics, dst_metrics_ptr(&rt->dst), sizeof(metrics));
3282 metrics[RTAX_MTU - 1] = rt->rt6i_pmtu;
3283 if (rtnetlink_put_metrics(skb, metrics) < 0)
3284 goto nla_put_failure;
3286 if (rt->rt6i_flags & RTF_GATEWAY) {
3287 if (nla_put_in6_addr(skb, RTA_GATEWAY, &rt->rt6i_gateway) < 0)
3288 goto nla_put_failure;
3292 nla_put_u32(skb, RTA_OIF, rt->dst.dev->ifindex))
3293 goto nla_put_failure;
3294 if (nla_put_u32(skb, RTA_PRIORITY, rt->rt6i_metric))
3295 goto nla_put_failure;
3297 expires = (rt->rt6i_flags & RTF_EXPIRES) ? rt->dst.expires - jiffies : 0;
3299 if (rtnl_put_cacheinfo(skb, &rt->dst, 0, expires, rt->dst.error) < 0)
3300 goto nla_put_failure;
3302 if (nla_put_u8(skb, RTA_PREF, IPV6_EXTRACT_PREF(rt->rt6i_flags)))
3303 goto nla_put_failure;
3305 lwtunnel_fill_encap(skb, rt->dst.lwtstate);
3307 nlmsg_end(skb, nlh);
3311 nlmsg_cancel(skb, nlh);
3315 int rt6_dump_route(struct rt6_info *rt, void *p_arg)
3317 struct rt6_rtnl_dump_arg *arg = (struct rt6_rtnl_dump_arg *) p_arg;
3320 if (nlmsg_len(arg->cb->nlh) >= sizeof(struct rtmsg)) {
3321 struct rtmsg *rtm = nlmsg_data(arg->cb->nlh);
3322 prefix = (rtm->rtm_flags & RTM_F_PREFIX) != 0;
3326 return rt6_fill_node(arg->net,
3327 arg->skb, rt, NULL, NULL, 0, RTM_NEWROUTE,
3328 NETLINK_CB(arg->cb->skb).portid, arg->cb->nlh->nlmsg_seq,
3329 prefix, 0, NLM_F_MULTI);
3332 static int inet6_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr *nlh)
3334 struct net *net = sock_net(in_skb->sk);
3335 struct nlattr *tb[RTA_MAX+1];
3336 struct rt6_info *rt;
3337 struct sk_buff *skb;
3340 int err, iif = 0, oif = 0;
3342 err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_ipv6_policy);
3347 memset(&fl6, 0, sizeof(fl6));
3348 rtm = nlmsg_data(nlh);
3349 fl6.flowlabel = ip6_make_flowinfo(rtm->rtm_tos, 0);
3352 if (nla_len(tb[RTA_SRC]) < sizeof(struct in6_addr))
3355 fl6.saddr = *(struct in6_addr *)nla_data(tb[RTA_SRC]);
3359 if (nla_len(tb[RTA_DST]) < sizeof(struct in6_addr))
3362 fl6.daddr = *(struct in6_addr *)nla_data(tb[RTA_DST]);
3366 iif = nla_get_u32(tb[RTA_IIF]);
3369 oif = nla_get_u32(tb[RTA_OIF]);
3372 fl6.flowi6_mark = nla_get_u32(tb[RTA_MARK]);
3375 struct net_device *dev;
3378 dev = __dev_get_by_index(net, iif);
3384 fl6.flowi6_iif = iif;
3386 if (!ipv6_addr_any(&fl6.saddr))
3387 flags |= RT6_LOOKUP_F_HAS_SADDR;
3389 rt = (struct rt6_info *)ip6_route_input_lookup(net, dev, &fl6,
3392 fl6.flowi6_oif = oif;
3394 rt = (struct rt6_info *)ip6_route_output(net, NULL, &fl6);
3397 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL);
3404 /* Reserve room for dummy headers, this skb can pass
3405 through good chunk of routing engine.
3407 skb_reset_mac_header(skb);
3408 skb_reserve(skb, MAX_HEADER + sizeof(struct ipv6hdr));
3410 skb_dst_set(skb, &rt->dst);
3412 err = rt6_fill_node(net, skb, rt, &fl6.daddr, &fl6.saddr, iif,
3413 RTM_NEWROUTE, NETLINK_CB(in_skb).portid,
3414 nlh->nlmsg_seq, 0, 0, 0);
3420 err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).portid);
3425 void inet6_rt_notify(int event, struct rt6_info *rt, struct nl_info *info,
3426 unsigned int nlm_flags)
3428 struct sk_buff *skb;
3429 struct net *net = info->nl_net;
3434 seq = info->nlh ? info->nlh->nlmsg_seq : 0;
3436 skb = nlmsg_new(rt6_nlmsg_size(rt), gfp_any());
3440 err = rt6_fill_node(net, skb, rt, NULL, NULL, 0,
3441 event, info->portid, seq, 0, 0, nlm_flags);
3443 /* -EMSGSIZE implies BUG in rt6_nlmsg_size() */
3444 WARN_ON(err == -EMSGSIZE);
3448 rtnl_notify(skb, net, info->portid, RTNLGRP_IPV6_ROUTE,
3449 info->nlh, gfp_any());
3453 rtnl_set_sk_err(net, RTNLGRP_IPV6_ROUTE, err);
3456 static int ip6_route_dev_notify(struct notifier_block *this,
3457 unsigned long event, void *ptr)
3459 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
3460 struct net *net = dev_net(dev);
3462 if (event == NETDEV_REGISTER && (dev->flags & IFF_LOOPBACK)) {
3463 net->ipv6.ip6_null_entry->dst.dev = dev;
3464 net->ipv6.ip6_null_entry->rt6i_idev = in6_dev_get(dev);
3465 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
3466 net->ipv6.ip6_prohibit_entry->dst.dev = dev;
3467 net->ipv6.ip6_prohibit_entry->rt6i_idev = in6_dev_get(dev);
3468 net->ipv6.ip6_blk_hole_entry->dst.dev = dev;
3469 net->ipv6.ip6_blk_hole_entry->rt6i_idev = in6_dev_get(dev);
3480 #ifdef CONFIG_PROC_FS
3482 static const struct file_operations ipv6_route_proc_fops = {
3483 .owner = THIS_MODULE,
3484 .open = ipv6_route_open,
3486 .llseek = seq_lseek,
3487 .release = seq_release_net,
3490 static int rt6_stats_seq_show(struct seq_file *seq, void *v)
3492 struct net *net = (struct net *)seq->private;
3493 seq_printf(seq, "%04x %04x %04x %04x %04x %04x %04x\n",
3494 net->ipv6.rt6_stats->fib_nodes,
3495 net->ipv6.rt6_stats->fib_route_nodes,
3496 net->ipv6.rt6_stats->fib_rt_alloc,
3497 net->ipv6.rt6_stats->fib_rt_entries,
3498 net->ipv6.rt6_stats->fib_rt_cache,
3499 dst_entries_get_slow(&net->ipv6.ip6_dst_ops),
3500 net->ipv6.rt6_stats->fib_discarded_routes);
3505 static int rt6_stats_seq_open(struct inode *inode, struct file *file)
3507 return single_open_net(inode, file, rt6_stats_seq_show);
3510 static const struct file_operations rt6_stats_seq_fops = {
3511 .owner = THIS_MODULE,
3512 .open = rt6_stats_seq_open,
3514 .llseek = seq_lseek,
3515 .release = single_release_net,
3517 #endif /* CONFIG_PROC_FS */
3519 #ifdef CONFIG_SYSCTL
3522 int ipv6_sysctl_rtcache_flush(struct ctl_table *ctl, int write,
3523 void __user *buffer, size_t *lenp, loff_t *ppos)
3530 net = (struct net *)ctl->extra1;
3531 delay = net->ipv6.sysctl.flush_delay;
3532 proc_dointvec(ctl, write, buffer, lenp, ppos);
3533 fib6_run_gc(delay <= 0 ? 0 : (unsigned long)delay, net, delay > 0);
3537 struct ctl_table ipv6_route_table_template[] = {
3539 .procname = "flush",
3540 .data = &init_net.ipv6.sysctl.flush_delay,
3541 .maxlen = sizeof(int),
3543 .proc_handler = ipv6_sysctl_rtcache_flush
3546 .procname = "gc_thresh",
3547 .data = &ip6_dst_ops_template.gc_thresh,
3548 .maxlen = sizeof(int),
3550 .proc_handler = proc_dointvec,
3553 .procname = "max_size",
3554 .data = &init_net.ipv6.sysctl.ip6_rt_max_size,
3555 .maxlen = sizeof(int),
3557 .proc_handler = proc_dointvec,
3560 .procname = "gc_min_interval",
3561 .data = &init_net.ipv6.sysctl.ip6_rt_gc_min_interval,
3562 .maxlen = sizeof(int),
3564 .proc_handler = proc_dointvec_jiffies,
3567 .procname = "gc_timeout",
3568 .data = &init_net.ipv6.sysctl.ip6_rt_gc_timeout,
3569 .maxlen = sizeof(int),
3571 .proc_handler = proc_dointvec_jiffies,
3574 .procname = "gc_interval",
3575 .data = &init_net.ipv6.sysctl.ip6_rt_gc_interval,
3576 .maxlen = sizeof(int),
3578 .proc_handler = proc_dointvec_jiffies,
3581 .procname = "gc_elasticity",
3582 .data = &init_net.ipv6.sysctl.ip6_rt_gc_elasticity,
3583 .maxlen = sizeof(int),
3585 .proc_handler = proc_dointvec,
3588 .procname = "mtu_expires",
3589 .data = &init_net.ipv6.sysctl.ip6_rt_mtu_expires,
3590 .maxlen = sizeof(int),
3592 .proc_handler = proc_dointvec_jiffies,
3595 .procname = "min_adv_mss",
3596 .data = &init_net.ipv6.sysctl.ip6_rt_min_advmss,
3597 .maxlen = sizeof(int),
3599 .proc_handler = proc_dointvec,
3602 .procname = "gc_min_interval_ms",
3603 .data = &init_net.ipv6.sysctl.ip6_rt_gc_min_interval,
3604 .maxlen = sizeof(int),
3606 .proc_handler = proc_dointvec_ms_jiffies,
3611 struct ctl_table * __net_init ipv6_route_sysctl_init(struct net *net)
3613 struct ctl_table *table;
3615 table = kmemdup(ipv6_route_table_template,
3616 sizeof(ipv6_route_table_template),
3620 table[0].data = &net->ipv6.sysctl.flush_delay;
3621 table[0].extra1 = net;
3622 table[1].data = &net->ipv6.ip6_dst_ops.gc_thresh;
3623 table[2].data = &net->ipv6.sysctl.ip6_rt_max_size;
3624 table[3].data = &net->ipv6.sysctl.ip6_rt_gc_min_interval;
3625 table[4].data = &net->ipv6.sysctl.ip6_rt_gc_timeout;
3626 table[5].data = &net->ipv6.sysctl.ip6_rt_gc_interval;
3627 table[6].data = &net->ipv6.sysctl.ip6_rt_gc_elasticity;
3628 table[7].data = &net->ipv6.sysctl.ip6_rt_mtu_expires;
3629 table[8].data = &net->ipv6.sysctl.ip6_rt_min_advmss;
3630 table[9].data = &net->ipv6.sysctl.ip6_rt_gc_min_interval;
3632 /* Don't export sysctls to unprivileged users */
3633 if (net->user_ns != &init_user_ns)
3634 table[0].procname = NULL;
3641 static int __net_init ip6_route_net_init(struct net *net)
3645 memcpy(&net->ipv6.ip6_dst_ops, &ip6_dst_ops_template,
3646 sizeof(net->ipv6.ip6_dst_ops));
3648 if (dst_entries_init(&net->ipv6.ip6_dst_ops) < 0)
3649 goto out_ip6_dst_ops;
3651 net->ipv6.ip6_null_entry = kmemdup(&ip6_null_entry_template,
3652 sizeof(*net->ipv6.ip6_null_entry),
3654 if (!net->ipv6.ip6_null_entry)
3655 goto out_ip6_dst_entries;
3656 net->ipv6.ip6_null_entry->dst.path =
3657 (struct dst_entry *)net->ipv6.ip6_null_entry;
3658 net->ipv6.ip6_null_entry->dst.ops = &net->ipv6.ip6_dst_ops;
3659 dst_init_metrics(&net->ipv6.ip6_null_entry->dst,
3660 ip6_template_metrics, true);
3662 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
3663 net->ipv6.ip6_prohibit_entry = kmemdup(&ip6_prohibit_entry_template,
3664 sizeof(*net->ipv6.ip6_prohibit_entry),
3666 if (!net->ipv6.ip6_prohibit_entry)
3667 goto out_ip6_null_entry;
3668 net->ipv6.ip6_prohibit_entry->dst.path =
3669 (struct dst_entry *)net->ipv6.ip6_prohibit_entry;
3670 net->ipv6.ip6_prohibit_entry->dst.ops = &net->ipv6.ip6_dst_ops;
3671 dst_init_metrics(&net->ipv6.ip6_prohibit_entry->dst,
3672 ip6_template_metrics, true);
3674 net->ipv6.ip6_blk_hole_entry = kmemdup(&ip6_blk_hole_entry_template,
3675 sizeof(*net->ipv6.ip6_blk_hole_entry),
3677 if (!net->ipv6.ip6_blk_hole_entry)
3678 goto out_ip6_prohibit_entry;
3679 net->ipv6.ip6_blk_hole_entry->dst.path =
3680 (struct dst_entry *)net->ipv6.ip6_blk_hole_entry;
3681 net->ipv6.ip6_blk_hole_entry->dst.ops = &net->ipv6.ip6_dst_ops;
3682 dst_init_metrics(&net->ipv6.ip6_blk_hole_entry->dst,
3683 ip6_template_metrics, true);
3686 net->ipv6.sysctl.flush_delay = 0;
3687 net->ipv6.sysctl.ip6_rt_max_size = 4096;
3688 net->ipv6.sysctl.ip6_rt_gc_min_interval = HZ / 2;
3689 net->ipv6.sysctl.ip6_rt_gc_timeout = 60*HZ;
3690 net->ipv6.sysctl.ip6_rt_gc_interval = 30*HZ;
3691 net->ipv6.sysctl.ip6_rt_gc_elasticity = 9;
3692 net->ipv6.sysctl.ip6_rt_mtu_expires = 10*60*HZ;
3693 net->ipv6.sysctl.ip6_rt_min_advmss = IPV6_MIN_MTU - 20 - 40;
3695 net->ipv6.ip6_rt_gc_expire = 30*HZ;
3701 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
3702 out_ip6_prohibit_entry:
3703 kfree(net->ipv6.ip6_prohibit_entry);
3705 kfree(net->ipv6.ip6_null_entry);
3707 out_ip6_dst_entries:
3708 dst_entries_destroy(&net->ipv6.ip6_dst_ops);
3713 static void __net_exit ip6_route_net_exit(struct net *net)
3715 kfree(net->ipv6.ip6_null_entry);
3716 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
3717 kfree(net->ipv6.ip6_prohibit_entry);
3718 kfree(net->ipv6.ip6_blk_hole_entry);
3720 dst_entries_destroy(&net->ipv6.ip6_dst_ops);
3723 static int __net_init ip6_route_net_init_late(struct net *net)
3725 #ifdef CONFIG_PROC_FS
3726 proc_create("ipv6_route", 0, net->proc_net, &ipv6_route_proc_fops);
3727 proc_create("rt6_stats", S_IRUGO, net->proc_net, &rt6_stats_seq_fops);
3732 static void __net_exit ip6_route_net_exit_late(struct net *net)
3734 #ifdef CONFIG_PROC_FS
3735 remove_proc_entry("ipv6_route", net->proc_net);
3736 remove_proc_entry("rt6_stats", net->proc_net);
3740 static struct pernet_operations ip6_route_net_ops = {
3741 .init = ip6_route_net_init,
3742 .exit = ip6_route_net_exit,
3745 static int __net_init ipv6_inetpeer_init(struct net *net)
3747 struct inet_peer_base *bp = kmalloc(sizeof(*bp), GFP_KERNEL);
3751 inet_peer_base_init(bp);
3752 net->ipv6.peers = bp;
3756 static void __net_exit ipv6_inetpeer_exit(struct net *net)
3758 struct inet_peer_base *bp = net->ipv6.peers;
3760 net->ipv6.peers = NULL;
3761 inetpeer_invalidate_tree(bp);
3765 static struct pernet_operations ipv6_inetpeer_ops = {
3766 .init = ipv6_inetpeer_init,
3767 .exit = ipv6_inetpeer_exit,
3770 static struct pernet_operations ip6_route_net_late_ops = {
3771 .init = ip6_route_net_init_late,
3772 .exit = ip6_route_net_exit_late,
3775 static struct notifier_block ip6_route_dev_notifier = {
3776 .notifier_call = ip6_route_dev_notify,
3780 int __init ip6_route_init(void)
3786 ip6_dst_ops_template.kmem_cachep =
3787 kmem_cache_create("ip6_dst_cache", sizeof(struct rt6_info), 0,
3788 SLAB_HWCACHE_ALIGN, NULL);
3789 if (!ip6_dst_ops_template.kmem_cachep)
3792 ret = dst_entries_init(&ip6_dst_blackhole_ops);
3794 goto out_kmem_cache;
3796 ret = register_pernet_subsys(&ipv6_inetpeer_ops);
3798 goto out_dst_entries;
3800 ret = register_pernet_subsys(&ip6_route_net_ops);
3802 goto out_register_inetpeer;
3804 ip6_dst_blackhole_ops.kmem_cachep = ip6_dst_ops_template.kmem_cachep;
3806 /* Registering of the loopback is done before this portion of code,
3807 * the loopback reference in rt6_info will not be taken, do it
3808 * manually for init_net */
3809 init_net.ipv6.ip6_null_entry->dst.dev = init_net.loopback_dev;
3810 init_net.ipv6.ip6_null_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev);
3811 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
3812 init_net.ipv6.ip6_prohibit_entry->dst.dev = init_net.loopback_dev;
3813 init_net.ipv6.ip6_prohibit_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev);
3814 init_net.ipv6.ip6_blk_hole_entry->dst.dev = init_net.loopback_dev;
3815 init_net.ipv6.ip6_blk_hole_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev);
3819 goto out_register_subsys;
3825 ret = fib6_rules_init();
3829 ret = register_pernet_subsys(&ip6_route_net_late_ops);
3831 goto fib6_rules_init;
3834 if (__rtnl_register(PF_INET6, RTM_NEWROUTE, inet6_rtm_newroute, NULL, NULL) ||
3835 __rtnl_register(PF_INET6, RTM_DELROUTE, inet6_rtm_delroute, NULL, NULL) ||
3836 __rtnl_register(PF_INET6, RTM_GETROUTE, inet6_rtm_getroute, NULL, NULL))
3837 goto out_register_late_subsys;
3839 ret = register_netdevice_notifier(&ip6_route_dev_notifier);
3841 goto out_register_late_subsys;
3843 for_each_possible_cpu(cpu) {
3844 struct uncached_list *ul = per_cpu_ptr(&rt6_uncached_list, cpu);
3846 INIT_LIST_HEAD(&ul->head);
3847 spin_lock_init(&ul->lock);
3853 out_register_late_subsys:
3854 unregister_pernet_subsys(&ip6_route_net_late_ops);
3856 fib6_rules_cleanup();
3861 out_register_subsys:
3862 unregister_pernet_subsys(&ip6_route_net_ops);
3863 out_register_inetpeer:
3864 unregister_pernet_subsys(&ipv6_inetpeer_ops);
3866 dst_entries_destroy(&ip6_dst_blackhole_ops);
3868 kmem_cache_destroy(ip6_dst_ops_template.kmem_cachep);
3872 void ip6_route_cleanup(void)
3874 unregister_netdevice_notifier(&ip6_route_dev_notifier);
3875 unregister_pernet_subsys(&ip6_route_net_late_ops);
3876 fib6_rules_cleanup();
3879 unregister_pernet_subsys(&ipv6_inetpeer_ops);
3880 unregister_pernet_subsys(&ip6_route_net_ops);
3881 dst_entries_destroy(&ip6_dst_blackhole_ops);
3882 kmem_cache_destroy(ip6_dst_ops_template.kmem_cachep);
projects / cascardo / linux.git / blob