2 * Linux INET6 implementation
6 * Pedro Roque <roque@di.fc.ul.pt>
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public License
10 * as published by the Free Software Foundation; either version
11 * 2 of the License, or (at your option) any later version.
16 * YOSHIFUJI Hideaki @USAGI
17 * reworked default router selection.
18 * - respect outgoing interface
19 * - select from (probably) reachable routers (i.e.
20 * routers in REACHABLE, STALE, DELAY or PROBE states).
21 * - always select the same router if it is (probably)
22 * reachable. otherwise, round-robin the list.
24 * Fixed routing subtrees.
27 #define pr_fmt(fmt) "IPv6: " fmt
29 #include <linux/capability.h>
30 #include <linux/errno.h>
31 #include <linux/export.h>
32 #include <linux/types.h>
33 #include <linux/times.h>
34 #include <linux/socket.h>
35 #include <linux/sockios.h>
36 #include <linux/net.h>
37 #include <linux/route.h>
38 #include <linux/netdevice.h>
39 #include <linux/in6.h>
40 #include <linux/mroute6.h>
41 #include <linux/init.h>
42 #include <linux/if_arp.h>
43 #include <linux/proc_fs.h>
44 #include <linux/seq_file.h>
45 #include <linux/nsproxy.h>
46 #include <linux/slab.h>
47 #include <linux/jhash.h>
48 #include <net/net_namespace.h>
51 #include <net/ip6_fib.h>
52 #include <net/ip6_route.h>
53 #include <net/ndisc.h>
54 #include <net/addrconf.h>
56 #include <linux/rtnetlink.h>
58 #include <net/dst_metadata.h>
60 #include <net/netevent.h>
61 #include <net/netlink.h>
62 #include <net/nexthop.h>
63 #include <net/lwtunnel.h>
64 #include <net/ip_tunnels.h>
65 #include <net/l3mdev.h>
67 #include <linux/uaccess.h>
70 #include <linux/sysctl.h>
73 static int ip6_rt_type_to_error(u8 fib6_type
);
75 #define CREATE_TRACE_POINTS
76 #include <trace/events/fib6.h>
77 EXPORT_TRACEPOINT_SYMBOL_GPL(fib6_table_lookup
);
78 #undef CREATE_TRACE_POINTS
81 RT6_NUD_FAIL_HARD
= -3,
82 RT6_NUD_FAIL_PROBE
= -2,
83 RT6_NUD_FAIL_DO_RR
= -1,
87 static struct dst_entry
*ip6_dst_check(struct dst_entry
*dst
, u32 cookie
);
88 static unsigned int ip6_default_advmss(const struct dst_entry
*dst
);
89 static unsigned int ip6_mtu(const struct dst_entry
*dst
);
90 static struct dst_entry
*ip6_negative_advice(struct dst_entry
*);
91 static void ip6_dst_destroy(struct dst_entry
*);
92 static void ip6_dst_ifdown(struct dst_entry
*,
93 struct net_device
*dev
, int how
);
94 static int ip6_dst_gc(struct dst_ops
*ops
);
96 static int ip6_pkt_discard(struct sk_buff
*skb
);
97 static int ip6_pkt_discard_out(struct net
*net
, struct sock
*sk
, struct sk_buff
*skb
);
98 static int ip6_pkt_prohibit(struct sk_buff
*skb
);
99 static int ip6_pkt_prohibit_out(struct net
*net
, struct sock
*sk
, struct sk_buff
*skb
);
100 static void ip6_link_failure(struct sk_buff
*skb
);
101 static void ip6_rt_update_pmtu(struct dst_entry
*dst
, struct sock
*sk
,
102 struct sk_buff
*skb
, u32 mtu
);
103 static void rt6_do_redirect(struct dst_entry
*dst
, struct sock
*sk
,
104 struct sk_buff
*skb
);
105 static int rt6_score_route(struct fib6_info
*rt
, int oif
, int strict
);
106 static size_t rt6_nlmsg_size(struct fib6_info
*rt
);
107 static int rt6_fill_node(struct net
*net
, struct sk_buff
*skb
,
108 struct fib6_info
*rt
, struct dst_entry
*dst
,
109 struct in6_addr
*dest
, struct in6_addr
*src
,
110 int iif
, int type
, u32 portid
, u32 seq
,
112 static struct rt6_info
*rt6_find_cached_rt(struct fib6_info
*rt
,
113 struct in6_addr
*daddr
,
114 struct in6_addr
*saddr
);
116 #ifdef CONFIG_IPV6_ROUTE_INFO
117 static struct fib6_info
*rt6_add_route_info(struct net
*net
,
118 const struct in6_addr
*prefix
, int prefixlen
,
119 const struct in6_addr
*gwaddr
,
120 struct net_device
*dev
,
122 static struct fib6_info
*rt6_get_route_info(struct net
*net
,
123 const struct in6_addr
*prefix
, int prefixlen
,
124 const struct in6_addr
*gwaddr
,
125 struct net_device
*dev
);
128 struct uncached_list
{
130 struct list_head head
;
133 static DEFINE_PER_CPU_ALIGNED(struct uncached_list
, rt6_uncached_list
);
135 void rt6_uncached_list_add(struct rt6_info
*rt
)
137 struct uncached_list
*ul
= raw_cpu_ptr(&rt6_uncached_list
);
139 rt
->rt6i_uncached_list
= ul
;
141 spin_lock_bh(&ul
->lock
);
142 list_add_tail(&rt
->rt6i_uncached
, &ul
->head
);
143 spin_unlock_bh(&ul
->lock
);
146 void rt6_uncached_list_del(struct rt6_info
*rt
)
148 if (!list_empty(&rt
->rt6i_uncached
)) {
149 struct uncached_list
*ul
= rt
->rt6i_uncached_list
;
150 struct net
*net
= dev_net(rt
->dst
.dev
);
152 spin_lock_bh(&ul
->lock
);
153 list_del(&rt
->rt6i_uncached
);
154 atomic_dec(&net
->ipv6
.rt6_stats
->fib_rt_uncache
);
155 spin_unlock_bh(&ul
->lock
);
159 static void rt6_uncached_list_flush_dev(struct net
*net
, struct net_device
*dev
)
161 struct net_device
*loopback_dev
= net
->loopback_dev
;
164 if (dev
== loopback_dev
)
167 for_each_possible_cpu(cpu
) {
168 struct uncached_list
*ul
= per_cpu_ptr(&rt6_uncached_list
, cpu
);
171 spin_lock_bh(&ul
->lock
);
172 list_for_each_entry(rt
, &ul
->head
, rt6i_uncached
) {
173 struct inet6_dev
*rt_idev
= rt
->rt6i_idev
;
174 struct net_device
*rt_dev
= rt
->dst
.dev
;
176 if (rt_idev
->dev
== dev
) {
177 rt
->rt6i_idev
= in6_dev_get(loopback_dev
);
178 in6_dev_put(rt_idev
);
182 rt
->dst
.dev
= loopback_dev
;
183 dev_hold(rt
->dst
.dev
);
187 spin_unlock_bh(&ul
->lock
);
191 static inline const void *choose_neigh_daddr(const struct in6_addr
*p
,
195 if (!ipv6_addr_any(p
))
196 return (const void *) p
;
198 return &ipv6_hdr(skb
)->daddr
;
202 struct neighbour
*ip6_neigh_lookup(const struct in6_addr
*gw
,
203 struct net_device
*dev
,
209 daddr
= choose_neigh_daddr(gw
, skb
, daddr
);
210 n
= __ipv6_neigh_lookup(dev
, daddr
);
213 return neigh_create(&nd_tbl
, daddr
, dev
);
216 static struct neighbour
*ip6_dst_neigh_lookup(const struct dst_entry
*dst
,
220 const struct rt6_info
*rt
= container_of(dst
, struct rt6_info
, dst
);
222 return ip6_neigh_lookup(&rt
->rt6i_gateway
, dst
->dev
, skb
, daddr
);
225 static void ip6_confirm_neigh(const struct dst_entry
*dst
, const void *daddr
)
227 struct net_device
*dev
= dst
->dev
;
228 struct rt6_info
*rt
= (struct rt6_info
*)dst
;
230 daddr
= choose_neigh_daddr(&rt
->rt6i_gateway
, NULL
, daddr
);
233 if (dev
->flags
& (IFF_NOARP
| IFF_LOOPBACK
))
235 if (ipv6_addr_is_multicast((const struct in6_addr
*)daddr
))
237 __ipv6_confirm_neigh(dev
, daddr
);
240 static struct dst_ops ip6_dst_ops_template
= {
244 .check
= ip6_dst_check
,
245 .default_advmss
= ip6_default_advmss
,
247 .cow_metrics
= dst_cow_metrics_generic
,
248 .destroy
= ip6_dst_destroy
,
249 .ifdown
= ip6_dst_ifdown
,
250 .negative_advice
= ip6_negative_advice
,
251 .link_failure
= ip6_link_failure
,
252 .update_pmtu
= ip6_rt_update_pmtu
,
253 .redirect
= rt6_do_redirect
,
254 .local_out
= __ip6_local_out
,
255 .neigh_lookup
= ip6_dst_neigh_lookup
,
256 .confirm_neigh
= ip6_confirm_neigh
,
259 static unsigned int ip6_blackhole_mtu(const struct dst_entry
*dst
)
261 unsigned int mtu
= dst_metric_raw(dst
, RTAX_MTU
);
263 return mtu
? : dst
->dev
->mtu
;
266 static void ip6_rt_blackhole_update_pmtu(struct dst_entry
*dst
, struct sock
*sk
,
267 struct sk_buff
*skb
, u32 mtu
)
271 static void ip6_rt_blackhole_redirect(struct dst_entry
*dst
, struct sock
*sk
,
276 static struct dst_ops ip6_dst_blackhole_ops
= {
278 .destroy
= ip6_dst_destroy
,
279 .check
= ip6_dst_check
,
280 .mtu
= ip6_blackhole_mtu
,
281 .default_advmss
= ip6_default_advmss
,
282 .update_pmtu
= ip6_rt_blackhole_update_pmtu
,
283 .redirect
= ip6_rt_blackhole_redirect
,
284 .cow_metrics
= dst_cow_metrics_generic
,
285 .neigh_lookup
= ip6_dst_neigh_lookup
,
288 static const u32 ip6_template_metrics
[RTAX_MAX
] = {
289 [RTAX_HOPLIMIT
- 1] = 0,
292 static const struct fib6_info fib6_null_entry_template
= {
293 .fib6_flags
= (RTF_REJECT
| RTF_NONEXTHOP
),
294 .fib6_protocol
= RTPROT_KERNEL
,
295 .fib6_metric
= ~(u32
)0,
296 .fib6_ref
= ATOMIC_INIT(1),
297 .fib6_type
= RTN_UNREACHABLE
,
298 .fib6_metrics
= (struct dst_metrics
*)&dst_default_metrics
,
301 static const struct rt6_info ip6_null_entry_template
= {
303 .__refcnt
= ATOMIC_INIT(1),
305 .obsolete
= DST_OBSOLETE_FORCE_CHK
,
306 .error
= -ENETUNREACH
,
307 .input
= ip6_pkt_discard
,
308 .output
= ip6_pkt_discard_out
,
310 .rt6i_flags
= (RTF_REJECT
| RTF_NONEXTHOP
),
313 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
315 static const struct rt6_info ip6_prohibit_entry_template
= {
317 .__refcnt
= ATOMIC_INIT(1),
319 .obsolete
= DST_OBSOLETE_FORCE_CHK
,
321 .input
= ip6_pkt_prohibit
,
322 .output
= ip6_pkt_prohibit_out
,
324 .rt6i_flags
= (RTF_REJECT
| RTF_NONEXTHOP
),
327 static const struct rt6_info ip6_blk_hole_entry_template
= {
329 .__refcnt
= ATOMIC_INIT(1),
331 .obsolete
= DST_OBSOLETE_FORCE_CHK
,
333 .input
= dst_discard
,
334 .output
= dst_discard_out
,
336 .rt6i_flags
= (RTF_REJECT
| RTF_NONEXTHOP
),
341 static void rt6_info_init(struct rt6_info
*rt
)
343 struct dst_entry
*dst
= &rt
->dst
;
345 memset(dst
+ 1, 0, sizeof(*rt
) - sizeof(*dst
));
346 INIT_LIST_HEAD(&rt
->rt6i_uncached
);
349 /* allocate dst with ip6_dst_ops */
350 struct rt6_info
*ip6_dst_alloc(struct net
*net
, struct net_device
*dev
,
353 struct rt6_info
*rt
= dst_alloc(&net
->ipv6
.ip6_dst_ops
, dev
,
354 1, DST_OBSOLETE_FORCE_CHK
, flags
);
358 atomic_inc(&net
->ipv6
.rt6_stats
->fib_rt_alloc
);
363 EXPORT_SYMBOL(ip6_dst_alloc
);
365 static void ip6_dst_destroy(struct dst_entry
*dst
)
367 struct rt6_info
*rt
= (struct rt6_info
*)dst
;
368 struct fib6_info
*from
;
369 struct inet6_dev
*idev
;
371 dst_destroy_metrics_generic(dst
);
372 rt6_uncached_list_del(rt
);
374 idev
= rt
->rt6i_idev
;
376 rt
->rt6i_idev
= NULL
;
381 from
= rcu_dereference(rt
->from
);
382 rcu_assign_pointer(rt
->from
, NULL
);
383 fib6_info_release(from
);
387 static void ip6_dst_ifdown(struct dst_entry
*dst
, struct net_device
*dev
,
390 struct rt6_info
*rt
= (struct rt6_info
*)dst
;
391 struct inet6_dev
*idev
= rt
->rt6i_idev
;
392 struct net_device
*loopback_dev
=
393 dev_net(dev
)->loopback_dev
;
395 if (idev
&& idev
->dev
!= loopback_dev
) {
396 struct inet6_dev
*loopback_idev
= in6_dev_get(loopback_dev
);
398 rt
->rt6i_idev
= loopback_idev
;
404 static bool __rt6_check_expired(const struct rt6_info
*rt
)
406 if (rt
->rt6i_flags
& RTF_EXPIRES
)
407 return time_after(jiffies
, rt
->dst
.expires
);
412 static bool rt6_check_expired(const struct rt6_info
*rt
)
414 struct fib6_info
*from
;
416 from
= rcu_dereference(rt
->from
);
418 if (rt
->rt6i_flags
& RTF_EXPIRES
) {
419 if (time_after(jiffies
, rt
->dst
.expires
))
422 return rt
->dst
.obsolete
!= DST_OBSOLETE_FORCE_CHK
||
423 fib6_check_expired(from
);
428 struct fib6_info
*fib6_multipath_select(const struct net
*net
,
429 struct fib6_info
*match
,
430 struct flowi6
*fl6
, int oif
,
431 const struct sk_buff
*skb
,
434 struct fib6_info
*sibling
, *next_sibling
;
436 /* We might have already computed the hash for ICMPv6 errors. In such
437 * case it will always be non-zero. Otherwise now is the time to do it.
440 fl6
->mp_hash
= rt6_multipath_hash(net
, fl6
, skb
, NULL
);
442 if (fl6
->mp_hash
<= atomic_read(&match
->fib6_nh
.nh_upper_bound
))
445 list_for_each_entry_safe(sibling
, next_sibling
, &match
->fib6_siblings
,
449 nh_upper_bound
= atomic_read(&sibling
->fib6_nh
.nh_upper_bound
);
450 if (fl6
->mp_hash
> nh_upper_bound
)
452 if (rt6_score_route(sibling
, oif
, strict
) < 0)
462 * Route lookup. rcu_read_lock() should be held.
465 static inline struct fib6_info
*rt6_device_match(struct net
*net
,
466 struct fib6_info
*rt
,
467 const struct in6_addr
*saddr
,
471 struct fib6_info
*sprt
;
473 if (!oif
&& ipv6_addr_any(saddr
) &&
474 !(rt
->fib6_nh
.nh_flags
& RTNH_F_DEAD
))
477 for (sprt
= rt
; sprt
; sprt
= rcu_dereference(sprt
->fib6_next
)) {
478 const struct net_device
*dev
= sprt
->fib6_nh
.nh_dev
;
480 if (sprt
->fib6_nh
.nh_flags
& RTNH_F_DEAD
)
484 if (dev
->ifindex
== oif
)
487 if (ipv6_chk_addr(net
, saddr
, dev
,
488 flags
& RT6_LOOKUP_F_IFACE
))
493 if (oif
&& flags
& RT6_LOOKUP_F_IFACE
)
494 return net
->ipv6
.fib6_null_entry
;
496 return rt
->fib6_nh
.nh_flags
& RTNH_F_DEAD
? net
->ipv6
.fib6_null_entry
: rt
;
499 #ifdef CONFIG_IPV6_ROUTER_PREF
500 struct __rt6_probe_work
{
501 struct work_struct work
;
502 struct in6_addr target
;
503 struct net_device
*dev
;
506 static void rt6_probe_deferred(struct work_struct
*w
)
508 struct in6_addr mcaddr
;
509 struct __rt6_probe_work
*work
=
510 container_of(w
, struct __rt6_probe_work
, work
);
512 addrconf_addr_solict_mult(&work
->target
, &mcaddr
);
513 ndisc_send_ns(work
->dev
, &work
->target
, &mcaddr
, NULL
, 0);
518 static void rt6_probe(struct fib6_info
*rt
)
520 struct __rt6_probe_work
*work
;
521 const struct in6_addr
*nh_gw
;
522 struct neighbour
*neigh
;
523 struct net_device
*dev
;
526 * Okay, this does not seem to be appropriate
527 * for now, however, we need to check if it
528 * is really so; aka Router Reachability Probing.
530 * Router Reachability Probe MUST be rate-limited
531 * to no more than one per minute.
533 if (!rt
|| !(rt
->fib6_flags
& RTF_GATEWAY
))
536 nh_gw
= &rt
->fib6_nh
.nh_gw
;
537 dev
= rt
->fib6_nh
.nh_dev
;
539 neigh
= __ipv6_neigh_lookup_noref(dev
, nh_gw
);
541 struct inet6_dev
*idev
;
543 if (neigh
->nud_state
& NUD_VALID
)
546 idev
= __in6_dev_get(dev
);
548 write_lock(&neigh
->lock
);
549 if (!(neigh
->nud_state
& NUD_VALID
) &&
551 neigh
->updated
+ idev
->cnf
.rtr_probe_interval
)) {
552 work
= kmalloc(sizeof(*work
), GFP_ATOMIC
);
554 __neigh_set_probe_once(neigh
);
556 write_unlock(&neigh
->lock
);
558 work
= kmalloc(sizeof(*work
), GFP_ATOMIC
);
562 INIT_WORK(&work
->work
, rt6_probe_deferred
);
563 work
->target
= *nh_gw
;
566 schedule_work(&work
->work
);
570 rcu_read_unlock_bh();
573 static inline void rt6_probe(struct fib6_info
*rt
)
579 * Default Router Selection (RFC 2461 6.3.6)
581 static inline int rt6_check_dev(struct fib6_info
*rt
, int oif
)
583 const struct net_device
*dev
= rt
->fib6_nh
.nh_dev
;
585 if (!oif
|| dev
->ifindex
== oif
)
590 static inline enum rt6_nud_state
rt6_check_neigh(struct fib6_info
*rt
)
592 enum rt6_nud_state ret
= RT6_NUD_FAIL_HARD
;
593 struct neighbour
*neigh
;
595 if (rt
->fib6_flags
& RTF_NONEXTHOP
||
596 !(rt
->fib6_flags
& RTF_GATEWAY
))
597 return RT6_NUD_SUCCEED
;
600 neigh
= __ipv6_neigh_lookup_noref(rt
->fib6_nh
.nh_dev
,
603 read_lock(&neigh
->lock
);
604 if (neigh
->nud_state
& NUD_VALID
)
605 ret
= RT6_NUD_SUCCEED
;
606 #ifdef CONFIG_IPV6_ROUTER_PREF
607 else if (!(neigh
->nud_state
& NUD_FAILED
))
608 ret
= RT6_NUD_SUCCEED
;
610 ret
= RT6_NUD_FAIL_PROBE
;
612 read_unlock(&neigh
->lock
);
614 ret
= IS_ENABLED(CONFIG_IPV6_ROUTER_PREF
) ?
615 RT6_NUD_SUCCEED
: RT6_NUD_FAIL_DO_RR
;
617 rcu_read_unlock_bh();
622 static int rt6_score_route(struct fib6_info
*rt
, int oif
, int strict
)
626 m
= rt6_check_dev(rt
, oif
);
627 if (!m
&& (strict
& RT6_LOOKUP_F_IFACE
))
628 return RT6_NUD_FAIL_HARD
;
629 #ifdef CONFIG_IPV6_ROUTER_PREF
630 m
|= IPV6_DECODE_PREF(IPV6_EXTRACT_PREF(rt
->fib6_flags
)) << 2;
632 if (strict
& RT6_LOOKUP_F_REACHABLE
) {
633 int n
= rt6_check_neigh(rt
);
640 /* called with rc_read_lock held */
641 static inline bool fib6_ignore_linkdown(const struct fib6_info
*f6i
)
643 const struct net_device
*dev
= fib6_info_nh_dev(f6i
);
647 const struct inet6_dev
*idev
= __in6_dev_get(dev
);
649 rc
= !!idev
->cnf
.ignore_routes_with_linkdown
;
655 static struct fib6_info
*find_match(struct fib6_info
*rt
, int oif
, int strict
,
656 int *mpri
, struct fib6_info
*match
,
660 bool match_do_rr
= false;
662 if (rt
->fib6_nh
.nh_flags
& RTNH_F_DEAD
)
665 if (fib6_ignore_linkdown(rt
) &&
666 rt
->fib6_nh
.nh_flags
& RTNH_F_LINKDOWN
&&
667 !(strict
& RT6_LOOKUP_F_IGNORE_LINKSTATE
))
670 if (fib6_check_expired(rt
))
673 m
= rt6_score_route(rt
, oif
, strict
);
674 if (m
== RT6_NUD_FAIL_DO_RR
) {
676 m
= 0; /* lowest valid score */
677 } else if (m
== RT6_NUD_FAIL_HARD
) {
681 if (strict
& RT6_LOOKUP_F_REACHABLE
)
684 /* note that m can be RT6_NUD_FAIL_PROBE at this point */
686 *do_rr
= match_do_rr
;
694 static struct fib6_info
*find_rr_leaf(struct fib6_node
*fn
,
695 struct fib6_info
*leaf
,
696 struct fib6_info
*rr_head
,
697 u32 metric
, int oif
, int strict
,
700 struct fib6_info
*rt
, *match
, *cont
;
705 for (rt
= rr_head
; rt
; rt
= rcu_dereference(rt
->fib6_next
)) {
706 if (rt
->fib6_metric
!= metric
) {
711 match
= find_match(rt
, oif
, strict
, &mpri
, match
, do_rr
);
714 for (rt
= leaf
; rt
&& rt
!= rr_head
;
715 rt
= rcu_dereference(rt
->fib6_next
)) {
716 if (rt
->fib6_metric
!= metric
) {
721 match
= find_match(rt
, oif
, strict
, &mpri
, match
, do_rr
);
727 for (rt
= cont
; rt
; rt
= rcu_dereference(rt
->fib6_next
))
728 match
= find_match(rt
, oif
, strict
, &mpri
, match
, do_rr
);
733 static struct fib6_info
*rt6_select(struct net
*net
, struct fib6_node
*fn
,
736 struct fib6_info
*leaf
= rcu_dereference(fn
->leaf
);
737 struct fib6_info
*match
, *rt0
;
741 if (!leaf
|| leaf
== net
->ipv6
.fib6_null_entry
)
742 return net
->ipv6
.fib6_null_entry
;
744 rt0
= rcu_dereference(fn
->rr_ptr
);
748 /* Double check to make sure fn is not an intermediate node
749 * and fn->leaf does not points to its child's leaf
750 * (This might happen if all routes under fn are deleted from
751 * the tree and fib6_repair_tree() is called on the node.)
753 key_plen
= rt0
->fib6_dst
.plen
;
754 #ifdef CONFIG_IPV6_SUBTREES
755 if (rt0
->fib6_src
.plen
)
756 key_plen
= rt0
->fib6_src
.plen
;
758 if (fn
->fn_bit
!= key_plen
)
759 return net
->ipv6
.fib6_null_entry
;
761 match
= find_rr_leaf(fn
, leaf
, rt0
, rt0
->fib6_metric
, oif
, strict
,
765 struct fib6_info
*next
= rcu_dereference(rt0
->fib6_next
);
767 /* no entries matched; do round-robin */
768 if (!next
|| next
->fib6_metric
!= rt0
->fib6_metric
)
772 spin_lock_bh(&leaf
->fib6_table
->tb6_lock
);
773 /* make sure next is not being deleted from the tree */
775 rcu_assign_pointer(fn
->rr_ptr
, next
);
776 spin_unlock_bh(&leaf
->fib6_table
->tb6_lock
);
780 return match
? match
: net
->ipv6
.fib6_null_entry
;
783 static bool rt6_is_gw_or_nonexthop(const struct fib6_info
*rt
)
785 return (rt
->fib6_flags
& (RTF_NONEXTHOP
| RTF_GATEWAY
));
788 #ifdef CONFIG_IPV6_ROUTE_INFO
789 int rt6_route_rcv(struct net_device
*dev
, u8
*opt
, int len
,
790 const struct in6_addr
*gwaddr
)
792 struct net
*net
= dev_net(dev
);
793 struct route_info
*rinfo
= (struct route_info
*) opt
;
794 struct in6_addr prefix_buf
, *prefix
;
796 unsigned long lifetime
;
797 struct fib6_info
*rt
;
799 if (len
< sizeof(struct route_info
)) {
803 /* Sanity check for prefix_len and length */
804 if (rinfo
->length
> 3) {
806 } else if (rinfo
->prefix_len
> 128) {
808 } else if (rinfo
->prefix_len
> 64) {
809 if (rinfo
->length
< 2) {
812 } else if (rinfo
->prefix_len
> 0) {
813 if (rinfo
->length
< 1) {
818 pref
= rinfo
->route_pref
;
819 if (pref
== ICMPV6_ROUTER_PREF_INVALID
)
822 lifetime
= addrconf_timeout_fixup(ntohl(rinfo
->lifetime
), HZ
);
824 if (rinfo
->length
== 3)
825 prefix
= (struct in6_addr
*)rinfo
->prefix
;
827 /* this function is safe */
828 ipv6_addr_prefix(&prefix_buf
,
829 (struct in6_addr
*)rinfo
->prefix
,
831 prefix
= &prefix_buf
;
834 if (rinfo
->prefix_len
== 0)
835 rt
= rt6_get_dflt_router(net
, gwaddr
, dev
);
837 rt
= rt6_get_route_info(net
, prefix
, rinfo
->prefix_len
,
840 if (rt
&& !lifetime
) {
846 rt
= rt6_add_route_info(net
, prefix
, rinfo
->prefix_len
, gwaddr
,
849 rt
->fib6_flags
= RTF_ROUTEINFO
|
850 (rt
->fib6_flags
& ~RTF_PREF_MASK
) | RTF_PREF(pref
);
853 if (!addrconf_finite_timeout(lifetime
))
854 fib6_clean_expires(rt
);
856 fib6_set_expires(rt
, jiffies
+ HZ
* lifetime
);
858 fib6_info_release(rt
);
865 * Misc support functions
868 /* called with rcu_lock held */
869 static struct net_device
*ip6_rt_get_dev_rcu(struct fib6_info
*rt
)
871 struct net_device
*dev
= rt
->fib6_nh
.nh_dev
;
873 if (rt
->fib6_flags
& (RTF_LOCAL
| RTF_ANYCAST
)) {
874 /* for copies of local routes, dst->dev needs to be the
875 * device if it is a master device, the master device if
876 * device is enslaved, and the loopback as the default
878 if (netif_is_l3_slave(dev
) &&
879 !rt6_need_strict(&rt
->fib6_dst
.addr
))
880 dev
= l3mdev_master_dev_rcu(dev
);
881 else if (!netif_is_l3_master(dev
))
882 dev
= dev_net(dev
)->loopback_dev
;
883 /* last case is netif_is_l3_master(dev) is true in which
884 * case we want dev returned to be dev
891 static const int fib6_prop
[RTN_MAX
+ 1] = {
898 [RTN_BLACKHOLE
] = -EINVAL
,
899 [RTN_UNREACHABLE
] = -EHOSTUNREACH
,
900 [RTN_PROHIBIT
] = -EACCES
,
901 [RTN_THROW
] = -EAGAIN
,
903 [RTN_XRESOLVE
] = -EINVAL
,
906 static int ip6_rt_type_to_error(u8 fib6_type
)
908 return fib6_prop
[fib6_type
];
911 static unsigned short fib6_info_dst_flags(struct fib6_info
*rt
)
913 unsigned short flags
= 0;
916 flags
|= DST_NOCOUNT
;
917 if (rt
->dst_nopolicy
)
918 flags
|= DST_NOPOLICY
;
925 static void ip6_rt_init_dst_reject(struct rt6_info
*rt
, struct fib6_info
*ort
)
927 rt
->dst
.error
= ip6_rt_type_to_error(ort
->fib6_type
);
929 switch (ort
->fib6_type
) {
931 rt
->dst
.output
= dst_discard_out
;
932 rt
->dst
.input
= dst_discard
;
935 rt
->dst
.output
= ip6_pkt_prohibit_out
;
936 rt
->dst
.input
= ip6_pkt_prohibit
;
939 case RTN_UNREACHABLE
:
941 rt
->dst
.output
= ip6_pkt_discard_out
;
942 rt
->dst
.input
= ip6_pkt_discard
;
947 static void ip6_rt_init_dst(struct rt6_info
*rt
, struct fib6_info
*ort
)
949 rt
->dst
.flags
|= fib6_info_dst_flags(ort
);
951 if (ort
->fib6_flags
& RTF_REJECT
) {
952 ip6_rt_init_dst_reject(rt
, ort
);
957 rt
->dst
.output
= ip6_output
;
959 if (ort
->fib6_type
== RTN_LOCAL
) {
960 rt
->dst
.input
= ip6_input
;
961 } else if (ipv6_addr_type(&ort
->fib6_dst
.addr
) & IPV6_ADDR_MULTICAST
) {
962 rt
->dst
.input
= ip6_mc_input
;
964 rt
->dst
.input
= ip6_forward
;
967 if (ort
->fib6_nh
.nh_lwtstate
) {
968 rt
->dst
.lwtstate
= lwtstate_get(ort
->fib6_nh
.nh_lwtstate
);
969 lwtunnel_set_redirect(&rt
->dst
);
972 rt
->dst
.lastuse
= jiffies
;
975 /* Caller must already hold reference to @from */
976 static void rt6_set_from(struct rt6_info
*rt
, struct fib6_info
*from
)
978 rt
->rt6i_flags
&= ~RTF_EXPIRES
;
979 rcu_assign_pointer(rt
->from
, from
);
980 dst_init_metrics(&rt
->dst
, from
->fib6_metrics
->metrics
, true);
981 if (from
->fib6_metrics
!= &dst_default_metrics
) {
982 rt
->dst
._metrics
|= DST_METRICS_REFCOUNTED
;
983 refcount_inc(&from
->fib6_metrics
->refcnt
);
987 /* Caller must already hold reference to @ort */
988 static void ip6_rt_copy_init(struct rt6_info
*rt
, struct fib6_info
*ort
)
990 struct net_device
*dev
= fib6_info_nh_dev(ort
);
992 ip6_rt_init_dst(rt
, ort
);
994 rt
->rt6i_dst
= ort
->fib6_dst
;
995 rt
->rt6i_idev
= dev
? in6_dev_get(dev
) : NULL
;
996 rt
->rt6i_gateway
= ort
->fib6_nh
.nh_gw
;
997 rt
->rt6i_flags
= ort
->fib6_flags
;
998 rt6_set_from(rt
, ort
);
999 #ifdef CONFIG_IPV6_SUBTREES
1000 rt
->rt6i_src
= ort
->fib6_src
;
1002 rt
->rt6i_prefsrc
= ort
->fib6_prefsrc
;
1003 rt
->dst
.lwtstate
= lwtstate_get(ort
->fib6_nh
.nh_lwtstate
);
1006 static struct fib6_node
* fib6_backtrack(struct fib6_node
*fn
,
1007 struct in6_addr
*saddr
)
1009 struct fib6_node
*pn
, *sn
;
1011 if (fn
->fn_flags
& RTN_TL_ROOT
)
1013 pn
= rcu_dereference(fn
->parent
);
1014 sn
= FIB6_SUBTREE(pn
);
1016 fn
= fib6_node_lookup(sn
, NULL
, saddr
);
1019 if (fn
->fn_flags
& RTN_RTINFO
)
1024 static bool ip6_hold_safe(struct net
*net
, struct rt6_info
**prt
,
1027 struct rt6_info
*rt
= *prt
;
1029 if (dst_hold_safe(&rt
->dst
))
1031 if (null_fallback
) {
1032 rt
= net
->ipv6
.ip6_null_entry
;
1041 /* called with rcu_lock held */
1042 static struct rt6_info
*ip6_create_rt_rcu(struct fib6_info
*rt
)
1044 unsigned short flags
= fib6_info_dst_flags(rt
);
1045 struct net_device
*dev
= rt
->fib6_nh
.nh_dev
;
1046 struct rt6_info
*nrt
;
1048 if (!fib6_info_hold_safe(rt
))
1051 nrt
= ip6_dst_alloc(dev_net(dev
), dev
, flags
);
1053 ip6_rt_copy_init(nrt
, rt
);
1055 fib6_info_release(rt
);
1060 static struct rt6_info
*ip6_pol_route_lookup(struct net
*net
,
1061 struct fib6_table
*table
,
1063 const struct sk_buff
*skb
,
1066 struct fib6_info
*f6i
;
1067 struct fib6_node
*fn
;
1068 struct rt6_info
*rt
;
1070 if (fl6
->flowi6_flags
& FLOWI_FLAG_SKIP_NH_OIF
)
1071 flags
&= ~RT6_LOOKUP_F_IFACE
;
1074 fn
= fib6_node_lookup(&table
->tb6_root
, &fl6
->daddr
, &fl6
->saddr
);
1076 f6i
= rcu_dereference(fn
->leaf
);
1078 f6i
= net
->ipv6
.fib6_null_entry
;
1080 f6i
= rt6_device_match(net
, f6i
, &fl6
->saddr
,
1081 fl6
->flowi6_oif
, flags
);
1082 if (f6i
->fib6_nsiblings
&& fl6
->flowi6_oif
== 0)
1083 f6i
= fib6_multipath_select(net
, f6i
, fl6
,
1084 fl6
->flowi6_oif
, skb
,
1087 if (f6i
== net
->ipv6
.fib6_null_entry
) {
1088 fn
= fib6_backtrack(fn
, &fl6
->saddr
);
1093 trace_fib6_table_lookup(net
, f6i
, table
, fl6
);
1095 /* Search through exception table */
1096 rt
= rt6_find_cached_rt(f6i
, &fl6
->daddr
, &fl6
->saddr
);
1098 if (ip6_hold_safe(net
, &rt
, true))
1099 dst_use_noref(&rt
->dst
, jiffies
);
1100 } else if (f6i
== net
->ipv6
.fib6_null_entry
) {
1101 rt
= net
->ipv6
.ip6_null_entry
;
1104 rt
= ip6_create_rt_rcu(f6i
);
1106 rt
= net
->ipv6
.ip6_null_entry
;
1116 struct dst_entry
*ip6_route_lookup(struct net
*net
, struct flowi6
*fl6
,
1117 const struct sk_buff
*skb
, int flags
)
1119 return fib6_rule_lookup(net
, fl6
, skb
, flags
, ip6_pol_route_lookup
);
1121 EXPORT_SYMBOL_GPL(ip6_route_lookup
);
1123 struct rt6_info
*rt6_lookup(struct net
*net
, const struct in6_addr
*daddr
,
1124 const struct in6_addr
*saddr
, int oif
,
1125 const struct sk_buff
*skb
, int strict
)
1127 struct flowi6 fl6
= {
1131 struct dst_entry
*dst
;
1132 int flags
= strict
? RT6_LOOKUP_F_IFACE
: 0;
1135 memcpy(&fl6
.saddr
, saddr
, sizeof(*saddr
));
1136 flags
|= RT6_LOOKUP_F_HAS_SADDR
;
1139 dst
= fib6_rule_lookup(net
, &fl6
, skb
, flags
, ip6_pol_route_lookup
);
1140 if (dst
->error
== 0)
1141 return (struct rt6_info
*) dst
;
1147 EXPORT_SYMBOL(rt6_lookup
);
1149 /* ip6_ins_rt is called with FREE table->tb6_lock.
1150 * It takes new route entry, the addition fails by any reason the
1151 * route is released.
1152 * Caller must hold dst before calling it.
1155 static int __ip6_ins_rt(struct fib6_info
*rt
, struct nl_info
*info
,
1156 struct netlink_ext_ack
*extack
)
1159 struct fib6_table
*table
;
1161 table
= rt
->fib6_table
;
1162 spin_lock_bh(&table
->tb6_lock
);
1163 err
= fib6_add(&table
->tb6_root
, rt
, info
, extack
);
1164 spin_unlock_bh(&table
->tb6_lock
);
1169 int ip6_ins_rt(struct net
*net
, struct fib6_info
*rt
)
1171 struct nl_info info
= { .nl_net
= net
, };
1173 return __ip6_ins_rt(rt
, &info
, NULL
);
1176 static struct rt6_info
*ip6_rt_cache_alloc(struct fib6_info
*ort
,
1177 const struct in6_addr
*daddr
,
1178 const struct in6_addr
*saddr
)
1180 struct net_device
*dev
;
1181 struct rt6_info
*rt
;
1187 if (!fib6_info_hold_safe(ort
))
1190 dev
= ip6_rt_get_dev_rcu(ort
);
1191 rt
= ip6_dst_alloc(dev_net(dev
), dev
, 0);
1193 fib6_info_release(ort
);
1197 ip6_rt_copy_init(rt
, ort
);
1198 rt
->rt6i_flags
|= RTF_CACHE
;
1199 rt
->dst
.flags
|= DST_HOST
;
1200 rt
->rt6i_dst
.addr
= *daddr
;
1201 rt
->rt6i_dst
.plen
= 128;
1203 if (!rt6_is_gw_or_nonexthop(ort
)) {
1204 if (ort
->fib6_dst
.plen
!= 128 &&
1205 ipv6_addr_equal(&ort
->fib6_dst
.addr
, daddr
))
1206 rt
->rt6i_flags
|= RTF_ANYCAST
;
1207 #ifdef CONFIG_IPV6_SUBTREES
1208 if (rt
->rt6i_src
.plen
&& saddr
) {
1209 rt
->rt6i_src
.addr
= *saddr
;
1210 rt
->rt6i_src
.plen
= 128;
1218 static struct rt6_info
*ip6_rt_pcpu_alloc(struct fib6_info
*rt
)
1220 unsigned short flags
= fib6_info_dst_flags(rt
);
1221 struct net_device
*dev
;
1222 struct rt6_info
*pcpu_rt
;
1224 if (!fib6_info_hold_safe(rt
))
1228 dev
= ip6_rt_get_dev_rcu(rt
);
1229 pcpu_rt
= ip6_dst_alloc(dev_net(dev
), dev
, flags
);
1232 fib6_info_release(rt
);
1235 ip6_rt_copy_init(pcpu_rt
, rt
);
1236 pcpu_rt
->rt6i_flags
|= RTF_PCPU
;
1240 /* It should be called with rcu_read_lock() acquired */
1241 static struct rt6_info
*rt6_get_pcpu_route(struct fib6_info
*rt
)
1243 struct rt6_info
*pcpu_rt
, **p
;
1245 p
= this_cpu_ptr(rt
->rt6i_pcpu
);
1249 ip6_hold_safe(NULL
, &pcpu_rt
, false);
1254 static struct rt6_info
*rt6_make_pcpu_route(struct net
*net
,
1255 struct fib6_info
*rt
)
1257 struct rt6_info
*pcpu_rt
, *prev
, **p
;
1259 pcpu_rt
= ip6_rt_pcpu_alloc(rt
);
1261 dst_hold(&net
->ipv6
.ip6_null_entry
->dst
);
1262 return net
->ipv6
.ip6_null_entry
;
1265 dst_hold(&pcpu_rt
->dst
);
1266 p
= this_cpu_ptr(rt
->rt6i_pcpu
);
1267 prev
= cmpxchg(p
, NULL
, pcpu_rt
);
1273 /* exception hash table implementation
1275 static DEFINE_SPINLOCK(rt6_exception_lock
);
1277 /* Remove rt6_ex from hash table and free the memory
1278 * Caller must hold rt6_exception_lock
1280 static void rt6_remove_exception(struct rt6_exception_bucket
*bucket
,
1281 struct rt6_exception
*rt6_ex
)
1285 if (!bucket
|| !rt6_ex
)
1288 net
= dev_net(rt6_ex
->rt6i
->dst
.dev
);
1289 hlist_del_rcu(&rt6_ex
->hlist
);
1290 dst_release(&rt6_ex
->rt6i
->dst
);
1291 kfree_rcu(rt6_ex
, rcu
);
1292 WARN_ON_ONCE(!bucket
->depth
);
1294 net
->ipv6
.rt6_stats
->fib_rt_cache
--;
1297 /* Remove oldest rt6_ex in bucket and free the memory
1298 * Caller must hold rt6_exception_lock
1300 static void rt6_exception_remove_oldest(struct rt6_exception_bucket
*bucket
)
1302 struct rt6_exception
*rt6_ex
, *oldest
= NULL
;
1307 hlist_for_each_entry(rt6_ex
, &bucket
->chain
, hlist
) {
1308 if (!oldest
|| time_before(rt6_ex
->stamp
, oldest
->stamp
))
1311 rt6_remove_exception(bucket
, oldest
);
1314 static u32
rt6_exception_hash(const struct in6_addr
*dst
,
1315 const struct in6_addr
*src
)
1317 static u32 seed __read_mostly
;
1320 net_get_random_once(&seed
, sizeof(seed
));
1321 val
= jhash(dst
, sizeof(*dst
), seed
);
1323 #ifdef CONFIG_IPV6_SUBTREES
1325 val
= jhash(src
, sizeof(*src
), val
);
1327 return hash_32(val
, FIB6_EXCEPTION_BUCKET_SIZE_SHIFT
);
1330 /* Helper function to find the cached rt in the hash table
1331 * and update bucket pointer to point to the bucket for this
1332 * (daddr, saddr) pair
1333 * Caller must hold rt6_exception_lock
1335 static struct rt6_exception
*
1336 __rt6_find_exception_spinlock(struct rt6_exception_bucket
**bucket
,
1337 const struct in6_addr
*daddr
,
1338 const struct in6_addr
*saddr
)
1340 struct rt6_exception
*rt6_ex
;
1343 if (!(*bucket
) || !daddr
)
1346 hval
= rt6_exception_hash(daddr
, saddr
);
1349 hlist_for_each_entry(rt6_ex
, &(*bucket
)->chain
, hlist
) {
1350 struct rt6_info
*rt6
= rt6_ex
->rt6i
;
1351 bool matched
= ipv6_addr_equal(daddr
, &rt6
->rt6i_dst
.addr
);
1353 #ifdef CONFIG_IPV6_SUBTREES
1354 if (matched
&& saddr
)
1355 matched
= ipv6_addr_equal(saddr
, &rt6
->rt6i_src
.addr
);
1363 /* Helper function to find the cached rt in the hash table
1364 * and update bucket pointer to point to the bucket for this
1365 * (daddr, saddr) pair
1366 * Caller must hold rcu_read_lock()
1368 static struct rt6_exception
*
1369 __rt6_find_exception_rcu(struct rt6_exception_bucket
**bucket
,
1370 const struct in6_addr
*daddr
,
1371 const struct in6_addr
*saddr
)
1373 struct rt6_exception
*rt6_ex
;
1376 WARN_ON_ONCE(!rcu_read_lock_held());
1378 if (!(*bucket
) || !daddr
)
1381 hval
= rt6_exception_hash(daddr
, saddr
);
1384 hlist_for_each_entry_rcu(rt6_ex
, &(*bucket
)->chain
, hlist
) {
1385 struct rt6_info
*rt6
= rt6_ex
->rt6i
;
1386 bool matched
= ipv6_addr_equal(daddr
, &rt6
->rt6i_dst
.addr
);
1388 #ifdef CONFIG_IPV6_SUBTREES
1389 if (matched
&& saddr
)
1390 matched
= ipv6_addr_equal(saddr
, &rt6
->rt6i_src
.addr
);
1398 static unsigned int fib6_mtu(const struct fib6_info
*rt
)
1402 if (rt
->fib6_pmtu
) {
1403 mtu
= rt
->fib6_pmtu
;
1405 struct net_device
*dev
= fib6_info_nh_dev(rt
);
1406 struct inet6_dev
*idev
;
1409 idev
= __in6_dev_get(dev
);
1410 mtu
= idev
->cnf
.mtu6
;
1414 mtu
= min_t(unsigned int, mtu
, IP6_MAX_MTU
);
1416 return mtu
- lwtunnel_headroom(rt
->fib6_nh
.nh_lwtstate
, mtu
);
1419 static int rt6_insert_exception(struct rt6_info
*nrt
,
1420 struct fib6_info
*ort
)
1422 struct net
*net
= dev_net(nrt
->dst
.dev
);
1423 struct rt6_exception_bucket
*bucket
;
1424 struct in6_addr
*src_key
= NULL
;
1425 struct rt6_exception
*rt6_ex
;
1428 spin_lock_bh(&rt6_exception_lock
);
1430 if (ort
->exception_bucket_flushed
) {
1435 bucket
= rcu_dereference_protected(ort
->rt6i_exception_bucket
,
1436 lockdep_is_held(&rt6_exception_lock
));
1438 bucket
= kcalloc(FIB6_EXCEPTION_BUCKET_SIZE
, sizeof(*bucket
),
1444 rcu_assign_pointer(ort
->rt6i_exception_bucket
, bucket
);
1447 #ifdef CONFIG_IPV6_SUBTREES
1448 /* rt6i_src.plen != 0 indicates ort is in subtree
1449 * and exception table is indexed by a hash of
1450 * both rt6i_dst and rt6i_src.
1451 * Otherwise, the exception table is indexed by
1452 * a hash of only rt6i_dst.
1454 if (ort
->fib6_src
.plen
)
1455 src_key
= &nrt
->rt6i_src
.addr
;
1458 /* Update rt6i_prefsrc as it could be changed
1459 * in rt6_remove_prefsrc()
1461 nrt
->rt6i_prefsrc
= ort
->fib6_prefsrc
;
1462 /* rt6_mtu_change() might lower mtu on ort.
1463 * Only insert this exception route if its mtu
1464 * is less than ort's mtu value.
1466 if (dst_metric_raw(&nrt
->dst
, RTAX_MTU
) >= fib6_mtu(ort
)) {
1471 rt6_ex
= __rt6_find_exception_spinlock(&bucket
, &nrt
->rt6i_dst
.addr
,
1474 rt6_remove_exception(bucket
, rt6_ex
);
1476 rt6_ex
= kzalloc(sizeof(*rt6_ex
), GFP_ATOMIC
);
1482 rt6_ex
->stamp
= jiffies
;
1483 hlist_add_head_rcu(&rt6_ex
->hlist
, &bucket
->chain
);
1485 net
->ipv6
.rt6_stats
->fib_rt_cache
++;
1487 if (bucket
->depth
> FIB6_MAX_DEPTH
)
1488 rt6_exception_remove_oldest(bucket
);
1491 spin_unlock_bh(&rt6_exception_lock
);
1493 /* Update fn->fn_sernum to invalidate all cached dst */
1495 spin_lock_bh(&ort
->fib6_table
->tb6_lock
);
1496 fib6_update_sernum(net
, ort
);
1497 spin_unlock_bh(&ort
->fib6_table
->tb6_lock
);
1498 fib6_force_start_gc(net
);
1504 void rt6_flush_exceptions(struct fib6_info
*rt
)
1506 struct rt6_exception_bucket
*bucket
;
1507 struct rt6_exception
*rt6_ex
;
1508 struct hlist_node
*tmp
;
1511 spin_lock_bh(&rt6_exception_lock
);
1512 /* Prevent rt6_insert_exception() to recreate the bucket list */
1513 rt
->exception_bucket_flushed
= 1;
1515 bucket
= rcu_dereference_protected(rt
->rt6i_exception_bucket
,
1516 lockdep_is_held(&rt6_exception_lock
));
1520 for (i
= 0; i
< FIB6_EXCEPTION_BUCKET_SIZE
; i
++) {
1521 hlist_for_each_entry_safe(rt6_ex
, tmp
, &bucket
->chain
, hlist
)
1522 rt6_remove_exception(bucket
, rt6_ex
);
1523 WARN_ON_ONCE(bucket
->depth
);
1528 spin_unlock_bh(&rt6_exception_lock
);
1531 /* Find cached rt in the hash table inside passed in rt
1532 * Caller has to hold rcu_read_lock()
1534 static struct rt6_info
*rt6_find_cached_rt(struct fib6_info
*rt
,
1535 struct in6_addr
*daddr
,
1536 struct in6_addr
*saddr
)
1538 struct rt6_exception_bucket
*bucket
;
1539 struct in6_addr
*src_key
= NULL
;
1540 struct rt6_exception
*rt6_ex
;
1541 struct rt6_info
*res
= NULL
;
1543 bucket
= rcu_dereference(rt
->rt6i_exception_bucket
);
1545 #ifdef CONFIG_IPV6_SUBTREES
1546 /* rt6i_src.plen != 0 indicates rt is in subtree
1547 * and exception table is indexed by a hash of
1548 * both rt6i_dst and rt6i_src.
1549 * Otherwise, the exception table is indexed by
1550 * a hash of only rt6i_dst.
1552 if (rt
->fib6_src
.plen
)
1555 rt6_ex
= __rt6_find_exception_rcu(&bucket
, daddr
, src_key
);
1557 if (rt6_ex
&& !rt6_check_expired(rt6_ex
->rt6i
))
1563 /* Remove the passed in cached rt from the hash table that contains it */
1564 static int rt6_remove_exception_rt(struct rt6_info
*rt
)
1566 struct rt6_exception_bucket
*bucket
;
1567 struct in6_addr
*src_key
= NULL
;
1568 struct rt6_exception
*rt6_ex
;
1569 struct fib6_info
*from
;
1572 from
= rcu_dereference(rt
->from
);
1574 !(rt
->rt6i_flags
& RTF_CACHE
))
1577 if (!rcu_access_pointer(from
->rt6i_exception_bucket
))
1580 spin_lock_bh(&rt6_exception_lock
);
1581 bucket
= rcu_dereference_protected(from
->rt6i_exception_bucket
,
1582 lockdep_is_held(&rt6_exception_lock
));
1583 #ifdef CONFIG_IPV6_SUBTREES
1584 /* rt6i_src.plen != 0 indicates 'from' is in subtree
1585 * and exception table is indexed by a hash of
1586 * both rt6i_dst and rt6i_src.
1587 * Otherwise, the exception table is indexed by
1588 * a hash of only rt6i_dst.
1590 if (from
->fib6_src
.plen
)
1591 src_key
= &rt
->rt6i_src
.addr
;
1593 rt6_ex
= __rt6_find_exception_spinlock(&bucket
,
1597 rt6_remove_exception(bucket
, rt6_ex
);
1603 spin_unlock_bh(&rt6_exception_lock
);
1607 /* Find rt6_ex which contains the passed in rt cache and
1610 static void rt6_update_exception_stamp_rt(struct rt6_info
*rt
)
1612 struct rt6_exception_bucket
*bucket
;
1613 struct fib6_info
*from
= rt
->from
;
1614 struct in6_addr
*src_key
= NULL
;
1615 struct rt6_exception
*rt6_ex
;
1618 !(rt
->rt6i_flags
& RTF_CACHE
))
1622 bucket
= rcu_dereference(from
->rt6i_exception_bucket
);
1624 #ifdef CONFIG_IPV6_SUBTREES
1625 /* rt6i_src.plen != 0 indicates 'from' is in subtree
1626 * and exception table is indexed by a hash of
1627 * both rt6i_dst and rt6i_src.
1628 * Otherwise, the exception table is indexed by
1629 * a hash of only rt6i_dst.
1631 if (from
->fib6_src
.plen
)
1632 src_key
= &rt
->rt6i_src
.addr
;
1634 rt6_ex
= __rt6_find_exception_rcu(&bucket
,
1638 rt6_ex
->stamp
= jiffies
;
1643 static void rt6_exceptions_remove_prefsrc(struct fib6_info
*rt
)
1645 struct rt6_exception_bucket
*bucket
;
1646 struct rt6_exception
*rt6_ex
;
1649 bucket
= rcu_dereference_protected(rt
->rt6i_exception_bucket
,
1650 lockdep_is_held(&rt6_exception_lock
));
1653 for (i
= 0; i
< FIB6_EXCEPTION_BUCKET_SIZE
; i
++) {
1654 hlist_for_each_entry(rt6_ex
, &bucket
->chain
, hlist
) {
1655 rt6_ex
->rt6i
->rt6i_prefsrc
.plen
= 0;
1662 static bool rt6_mtu_change_route_allowed(struct inet6_dev
*idev
,
1663 struct rt6_info
*rt
, int mtu
)
1665 /* If the new MTU is lower than the route PMTU, this new MTU will be the
1666 * lowest MTU in the path: always allow updating the route PMTU to
1667 * reflect PMTU decreases.
1669 * If the new MTU is higher, and the route PMTU is equal to the local
1670 * MTU, this means the old MTU is the lowest in the path, so allow
1671 * updating it: if other nodes now have lower MTUs, PMTU discovery will
1675 if (dst_mtu(&rt
->dst
) >= mtu
)
1678 if (dst_mtu(&rt
->dst
) == idev
->cnf
.mtu6
)
1684 static void rt6_exceptions_update_pmtu(struct inet6_dev
*idev
,
1685 struct fib6_info
*rt
, int mtu
)
1687 struct rt6_exception_bucket
*bucket
;
1688 struct rt6_exception
*rt6_ex
;
1691 bucket
= rcu_dereference_protected(rt
->rt6i_exception_bucket
,
1692 lockdep_is_held(&rt6_exception_lock
));
1697 for (i
= 0; i
< FIB6_EXCEPTION_BUCKET_SIZE
; i
++) {
1698 hlist_for_each_entry(rt6_ex
, &bucket
->chain
, hlist
) {
1699 struct rt6_info
*entry
= rt6_ex
->rt6i
;
1701 /* For RTF_CACHE with rt6i_pmtu == 0 (i.e. a redirected
1702 * route), the metrics of its rt->from have already
1705 if (dst_metric_raw(&entry
->dst
, RTAX_MTU
) &&
1706 rt6_mtu_change_route_allowed(idev
, entry
, mtu
))
1707 dst_metric_set(&entry
->dst
, RTAX_MTU
, mtu
);
1713 #define RTF_CACHE_GATEWAY (RTF_GATEWAY | RTF_CACHE)
1715 static void rt6_exceptions_clean_tohost(struct fib6_info
*rt
,
1716 struct in6_addr
*gateway
)
1718 struct rt6_exception_bucket
*bucket
;
1719 struct rt6_exception
*rt6_ex
;
1720 struct hlist_node
*tmp
;
1723 if (!rcu_access_pointer(rt
->rt6i_exception_bucket
))
1726 spin_lock_bh(&rt6_exception_lock
);
1727 bucket
= rcu_dereference_protected(rt
->rt6i_exception_bucket
,
1728 lockdep_is_held(&rt6_exception_lock
));
1731 for (i
= 0; i
< FIB6_EXCEPTION_BUCKET_SIZE
; i
++) {
1732 hlist_for_each_entry_safe(rt6_ex
, tmp
,
1733 &bucket
->chain
, hlist
) {
1734 struct rt6_info
*entry
= rt6_ex
->rt6i
;
1736 if ((entry
->rt6i_flags
& RTF_CACHE_GATEWAY
) ==
1737 RTF_CACHE_GATEWAY
&&
1738 ipv6_addr_equal(gateway
,
1739 &entry
->rt6i_gateway
)) {
1740 rt6_remove_exception(bucket
, rt6_ex
);
1747 spin_unlock_bh(&rt6_exception_lock
);
1750 static void rt6_age_examine_exception(struct rt6_exception_bucket
*bucket
,
1751 struct rt6_exception
*rt6_ex
,
1752 struct fib6_gc_args
*gc_args
,
1755 struct rt6_info
*rt
= rt6_ex
->rt6i
;
1757 /* we are pruning and obsoleting aged-out and non gateway exceptions
1758 * even if others have still references to them, so that on next
1759 * dst_check() such references can be dropped.
1760 * EXPIRES exceptions - e.g. pmtu-generated ones are pruned when
1761 * expired, independently from their aging, as per RFC 8201 section 4
1763 if (!(rt
->rt6i_flags
& RTF_EXPIRES
)) {
1764 if (time_after_eq(now
, rt
->dst
.lastuse
+ gc_args
->timeout
)) {
1765 RT6_TRACE("aging clone %p\n", rt
);
1766 rt6_remove_exception(bucket
, rt6_ex
);
1769 } else if (time_after(jiffies
, rt
->dst
.expires
)) {
1770 RT6_TRACE("purging expired route %p\n", rt
);
1771 rt6_remove_exception(bucket
, rt6_ex
);
1775 if (rt
->rt6i_flags
& RTF_GATEWAY
) {
1776 struct neighbour
*neigh
;
1777 __u8 neigh_flags
= 0;
1779 neigh
= __ipv6_neigh_lookup_noref(rt
->dst
.dev
, &rt
->rt6i_gateway
);
1781 neigh_flags
= neigh
->flags
;
1783 if (!(neigh_flags
& NTF_ROUTER
)) {
1784 RT6_TRACE("purging route %p via non-router but gateway\n",
1786 rt6_remove_exception(bucket
, rt6_ex
);
1794 void rt6_age_exceptions(struct fib6_info
*rt
,
1795 struct fib6_gc_args
*gc_args
,
1798 struct rt6_exception_bucket
*bucket
;
1799 struct rt6_exception
*rt6_ex
;
1800 struct hlist_node
*tmp
;
1803 if (!rcu_access_pointer(rt
->rt6i_exception_bucket
))
1807 spin_lock(&rt6_exception_lock
);
1808 bucket
= rcu_dereference_protected(rt
->rt6i_exception_bucket
,
1809 lockdep_is_held(&rt6_exception_lock
));
1812 for (i
= 0; i
< FIB6_EXCEPTION_BUCKET_SIZE
; i
++) {
1813 hlist_for_each_entry_safe(rt6_ex
, tmp
,
1814 &bucket
->chain
, hlist
) {
1815 rt6_age_examine_exception(bucket
, rt6_ex
,
1821 spin_unlock(&rt6_exception_lock
);
1822 rcu_read_unlock_bh();
1825 /* must be called with rcu lock held */
1826 struct fib6_info
*fib6_table_lookup(struct net
*net
, struct fib6_table
*table
,
1827 int oif
, struct flowi6
*fl6
, int strict
)
1829 struct fib6_node
*fn
, *saved_fn
;
1830 struct fib6_info
*f6i
;
1832 fn
= fib6_node_lookup(&table
->tb6_root
, &fl6
->daddr
, &fl6
->saddr
);
1835 if (fl6
->flowi6_flags
& FLOWI_FLAG_SKIP_NH_OIF
)
1839 f6i
= rt6_select(net
, fn
, oif
, strict
);
1840 if (f6i
== net
->ipv6
.fib6_null_entry
) {
1841 fn
= fib6_backtrack(fn
, &fl6
->saddr
);
1843 goto redo_rt6_select
;
1844 else if (strict
& RT6_LOOKUP_F_REACHABLE
) {
1845 /* also consider unreachable route */
1846 strict
&= ~RT6_LOOKUP_F_REACHABLE
;
1848 goto redo_rt6_select
;
1852 trace_fib6_table_lookup(net
, f6i
, table
, fl6
);
1857 struct rt6_info
*ip6_pol_route(struct net
*net
, struct fib6_table
*table
,
1858 int oif
, struct flowi6
*fl6
,
1859 const struct sk_buff
*skb
, int flags
)
1861 struct fib6_info
*f6i
;
1862 struct rt6_info
*rt
;
1865 strict
|= flags
& RT6_LOOKUP_F_IFACE
;
1866 strict
|= flags
& RT6_LOOKUP_F_IGNORE_LINKSTATE
;
1867 if (net
->ipv6
.devconf_all
->forwarding
== 0)
1868 strict
|= RT6_LOOKUP_F_REACHABLE
;
1872 f6i
= fib6_table_lookup(net
, table
, oif
, fl6
, strict
);
1873 if (f6i
->fib6_nsiblings
)
1874 f6i
= fib6_multipath_select(net
, f6i
, fl6
, oif
, skb
, strict
);
1876 if (f6i
== net
->ipv6
.fib6_null_entry
) {
1877 rt
= net
->ipv6
.ip6_null_entry
;
1883 /*Search through exception table */
1884 rt
= rt6_find_cached_rt(f6i
, &fl6
->daddr
, &fl6
->saddr
);
1886 if (ip6_hold_safe(net
, &rt
, true))
1887 dst_use_noref(&rt
->dst
, jiffies
);
1891 } else if (unlikely((fl6
->flowi6_flags
& FLOWI_FLAG_KNOWN_NH
) &&
1892 !(f6i
->fib6_flags
& RTF_GATEWAY
))) {
1893 /* Create a RTF_CACHE clone which will not be
1894 * owned by the fib6 tree. It is for the special case where
1895 * the daddr in the skb during the neighbor look-up is different
1896 * from the fl6->daddr used to look-up route here.
1898 struct rt6_info
*uncached_rt
;
1900 uncached_rt
= ip6_rt_cache_alloc(f6i
, &fl6
->daddr
, NULL
);
1905 /* Uncached_rt's refcnt is taken during ip6_rt_cache_alloc()
1906 * No need for another dst_hold()
1908 rt6_uncached_list_add(uncached_rt
);
1909 atomic_inc(&net
->ipv6
.rt6_stats
->fib_rt_uncache
);
1911 uncached_rt
= net
->ipv6
.ip6_null_entry
;
1912 dst_hold(&uncached_rt
->dst
);
1917 /* Get a percpu copy */
1919 struct rt6_info
*pcpu_rt
;
1922 pcpu_rt
= rt6_get_pcpu_route(f6i
);
1925 pcpu_rt
= rt6_make_pcpu_route(net
, f6i
);
1933 EXPORT_SYMBOL_GPL(ip6_pol_route
);
1935 static struct rt6_info
*ip6_pol_route_input(struct net
*net
,
1936 struct fib6_table
*table
,
1938 const struct sk_buff
*skb
,
1941 return ip6_pol_route(net
, table
, fl6
->flowi6_iif
, fl6
, skb
, flags
);
1944 struct dst_entry
*ip6_route_input_lookup(struct net
*net
,
1945 struct net_device
*dev
,
1947 const struct sk_buff
*skb
,
1950 if (rt6_need_strict(&fl6
->daddr
) && dev
->type
!= ARPHRD_PIMREG
)
1951 flags
|= RT6_LOOKUP_F_IFACE
;
1953 return fib6_rule_lookup(net
, fl6
, skb
, flags
, ip6_pol_route_input
);
1955 EXPORT_SYMBOL_GPL(ip6_route_input_lookup
);
1957 static void ip6_multipath_l3_keys(const struct sk_buff
*skb
,
1958 struct flow_keys
*keys
,
1959 struct flow_keys
*flkeys
)
1961 const struct ipv6hdr
*outer_iph
= ipv6_hdr(skb
);
1962 const struct ipv6hdr
*key_iph
= outer_iph
;
1963 struct flow_keys
*_flkeys
= flkeys
;
1964 const struct ipv6hdr
*inner_iph
;
1965 const struct icmp6hdr
*icmph
;
1966 struct ipv6hdr _inner_iph
;
1967 struct icmp6hdr _icmph
;
1969 if (likely(outer_iph
->nexthdr
!= IPPROTO_ICMPV6
))
1972 icmph
= skb_header_pointer(skb
, skb_transport_offset(skb
),
1973 sizeof(_icmph
), &_icmph
);
1977 if (icmph
->icmp6_type
!= ICMPV6_DEST_UNREACH
&&
1978 icmph
->icmp6_type
!= ICMPV6_PKT_TOOBIG
&&
1979 icmph
->icmp6_type
!= ICMPV6_TIME_EXCEED
&&
1980 icmph
->icmp6_type
!= ICMPV6_PARAMPROB
)
1983 inner_iph
= skb_header_pointer(skb
,
1984 skb_transport_offset(skb
) + sizeof(*icmph
),
1985 sizeof(_inner_iph
), &_inner_iph
);
1989 key_iph
= inner_iph
;
1993 keys
->addrs
.v6addrs
.src
= _flkeys
->addrs
.v6addrs
.src
;
1994 keys
->addrs
.v6addrs
.dst
= _flkeys
->addrs
.v6addrs
.dst
;
1995 keys
->tags
.flow_label
= _flkeys
->tags
.flow_label
;
1996 keys
->basic
.ip_proto
= _flkeys
->basic
.ip_proto
;
1998 keys
->addrs
.v6addrs
.src
= key_iph
->saddr
;
1999 keys
->addrs
.v6addrs
.dst
= key_iph
->daddr
;
2000 keys
->tags
.flow_label
= ip6_flowlabel(key_iph
);
2001 keys
->basic
.ip_proto
= key_iph
->nexthdr
;
2005 /* if skb is set it will be used and fl6 can be NULL */
2006 u32
rt6_multipath_hash(const struct net
*net
, const struct flowi6
*fl6
,
2007 const struct sk_buff
*skb
, struct flow_keys
*flkeys
)
2009 struct flow_keys hash_keys
;
2012 switch (ip6_multipath_hash_policy(net
)) {
2014 memset(&hash_keys
, 0, sizeof(hash_keys
));
2015 hash_keys
.control
.addr_type
= FLOW_DISSECTOR_KEY_IPV6_ADDRS
;
2017 ip6_multipath_l3_keys(skb
, &hash_keys
, flkeys
);
2019 hash_keys
.addrs
.v6addrs
.src
= fl6
->saddr
;
2020 hash_keys
.addrs
.v6addrs
.dst
= fl6
->daddr
;
2021 hash_keys
.tags
.flow_label
= (__force u32
)flowi6_get_flowlabel(fl6
);
2022 hash_keys
.basic
.ip_proto
= fl6
->flowi6_proto
;
2027 unsigned int flag
= FLOW_DISSECTOR_F_STOP_AT_ENCAP
;
2028 struct flow_keys keys
;
2030 /* short-circuit if we already have L4 hash present */
2032 return skb_get_hash_raw(skb
) >> 1;
2034 memset(&hash_keys
, 0, sizeof(hash_keys
));
2037 skb_flow_dissect_flow_keys(skb
, &keys
, flag
);
2040 hash_keys
.control
.addr_type
= FLOW_DISSECTOR_KEY_IPV6_ADDRS
;
2041 hash_keys
.addrs
.v6addrs
.src
= flkeys
->addrs
.v6addrs
.src
;
2042 hash_keys
.addrs
.v6addrs
.dst
= flkeys
->addrs
.v6addrs
.dst
;
2043 hash_keys
.ports
.src
= flkeys
->ports
.src
;
2044 hash_keys
.ports
.dst
= flkeys
->ports
.dst
;
2045 hash_keys
.basic
.ip_proto
= flkeys
->basic
.ip_proto
;
2047 memset(&hash_keys
, 0, sizeof(hash_keys
));
2048 hash_keys
.control
.addr_type
= FLOW_DISSECTOR_KEY_IPV6_ADDRS
;
2049 hash_keys
.addrs
.v6addrs
.src
= fl6
->saddr
;
2050 hash_keys
.addrs
.v6addrs
.dst
= fl6
->daddr
;
2051 hash_keys
.ports
.src
= fl6
->fl6_sport
;
2052 hash_keys
.ports
.dst
= fl6
->fl6_dport
;
2053 hash_keys
.basic
.ip_proto
= fl6
->flowi6_proto
;
2057 mhash
= flow_hash_from_keys(&hash_keys
);
2062 void ip6_route_input(struct sk_buff
*skb
)
2064 const struct ipv6hdr
*iph
= ipv6_hdr(skb
);
2065 struct net
*net
= dev_net(skb
->dev
);
2066 int flags
= RT6_LOOKUP_F_HAS_SADDR
;
2067 struct ip_tunnel_info
*tun_info
;
2068 struct flowi6 fl6
= {
2069 .flowi6_iif
= skb
->dev
->ifindex
,
2070 .daddr
= iph
->daddr
,
2071 .saddr
= iph
->saddr
,
2072 .flowlabel
= ip6_flowinfo(iph
),
2073 .flowi6_mark
= skb
->mark
,
2074 .flowi6_proto
= iph
->nexthdr
,
2076 struct flow_keys
*flkeys
= NULL
, _flkeys
;
2078 tun_info
= skb_tunnel_info(skb
);
2079 if (tun_info
&& !(tun_info
->mode
& IP_TUNNEL_INFO_TX
))
2080 fl6
.flowi6_tun_key
.tun_id
= tun_info
->key
.tun_id
;
2082 if (fib6_rules_early_flow_dissect(net
, skb
, &fl6
, &_flkeys
))
2085 if (unlikely(fl6
.flowi6_proto
== IPPROTO_ICMPV6
))
2086 fl6
.mp_hash
= rt6_multipath_hash(net
, &fl6
, skb
, flkeys
);
2089 ip6_route_input_lookup(net
, skb
->dev
, &fl6
, skb
, flags
));
2092 static struct rt6_info
*ip6_pol_route_output(struct net
*net
,
2093 struct fib6_table
*table
,
2095 const struct sk_buff
*skb
,
2098 return ip6_pol_route(net
, table
, fl6
->flowi6_oif
, fl6
, skb
, flags
);
2101 struct dst_entry
*ip6_route_output_flags(struct net
*net
, const struct sock
*sk
,
2102 struct flowi6
*fl6
, int flags
)
2106 if (rt6_need_strict(&fl6
->daddr
)) {
2107 struct dst_entry
*dst
;
2109 dst
= l3mdev_link_scope_lookup(net
, fl6
);
2114 fl6
->flowi6_iif
= LOOPBACK_IFINDEX
;
2116 any_src
= ipv6_addr_any(&fl6
->saddr
);
2117 if ((sk
&& sk
->sk_bound_dev_if
) || rt6_need_strict(&fl6
->daddr
) ||
2118 (fl6
->flowi6_oif
&& any_src
))
2119 flags
|= RT6_LOOKUP_F_IFACE
;
2122 flags
|= RT6_LOOKUP_F_HAS_SADDR
;
2124 flags
|= rt6_srcprefs2flags(inet6_sk(sk
)->srcprefs
);
2126 return fib6_rule_lookup(net
, fl6
, NULL
, flags
, ip6_pol_route_output
);
2128 EXPORT_SYMBOL_GPL(ip6_route_output_flags
);
2130 struct dst_entry
*ip6_blackhole_route(struct net
*net
, struct dst_entry
*dst_orig
)
2132 struct rt6_info
*rt
, *ort
= (struct rt6_info
*) dst_orig
;
2133 struct net_device
*loopback_dev
= net
->loopback_dev
;
2134 struct dst_entry
*new = NULL
;
2136 rt
= dst_alloc(&ip6_dst_blackhole_ops
, loopback_dev
, 1,
2137 DST_OBSOLETE_DEAD
, 0);
2140 atomic_inc(&net
->ipv6
.rt6_stats
->fib_rt_alloc
);
2144 new->input
= dst_discard
;
2145 new->output
= dst_discard_out
;
2147 dst_copy_metrics(new, &ort
->dst
);
2149 rt
->rt6i_idev
= in6_dev_get(loopback_dev
);
2150 rt
->rt6i_gateway
= ort
->rt6i_gateway
;
2151 rt
->rt6i_flags
= ort
->rt6i_flags
& ~RTF_PCPU
;
2153 memcpy(&rt
->rt6i_dst
, &ort
->rt6i_dst
, sizeof(struct rt6key
));
2154 #ifdef CONFIG_IPV6_SUBTREES
2155 memcpy(&rt
->rt6i_src
, &ort
->rt6i_src
, sizeof(struct rt6key
));
2159 dst_release(dst_orig
);
2160 return new ? new : ERR_PTR(-ENOMEM
);
2164 * Destination cache support functions
2167 static bool fib6_check(struct fib6_info
*f6i
, u32 cookie
)
2171 if (!fib6_get_cookie_safe(f6i
, &rt_cookie
) || rt_cookie
!= cookie
)
2174 if (fib6_check_expired(f6i
))
2180 static struct dst_entry
*rt6_check(struct rt6_info
*rt
,
2181 struct fib6_info
*from
,
2186 if ((from
&& !fib6_get_cookie_safe(from
, &rt_cookie
)) ||
2187 rt_cookie
!= cookie
)
2190 if (rt6_check_expired(rt
))
2196 static struct dst_entry
*rt6_dst_from_check(struct rt6_info
*rt
,
2197 struct fib6_info
*from
,
2200 if (!__rt6_check_expired(rt
) &&
2201 rt
->dst
.obsolete
== DST_OBSOLETE_FORCE_CHK
&&
2202 fib6_check(from
, cookie
))
2208 static struct dst_entry
*ip6_dst_check(struct dst_entry
*dst
, u32 cookie
)
2210 struct dst_entry
*dst_ret
;
2211 struct fib6_info
*from
;
2212 struct rt6_info
*rt
;
2214 rt
= container_of(dst
, struct rt6_info
, dst
);
2218 /* All IPV6 dsts are created with ->obsolete set to the value
2219 * DST_OBSOLETE_FORCE_CHK which forces validation calls down
2220 * into this function always.
2223 from
= rcu_dereference(rt
->from
);
2225 if (from
&& (rt
->rt6i_flags
& RTF_PCPU
||
2226 unlikely(!list_empty(&rt
->rt6i_uncached
))))
2227 dst_ret
= rt6_dst_from_check(rt
, from
, cookie
);
2229 dst_ret
= rt6_check(rt
, from
, cookie
);
2236 static struct dst_entry
*ip6_negative_advice(struct dst_entry
*dst
)
2238 struct rt6_info
*rt
= (struct rt6_info
*) dst
;
2241 if (rt
->rt6i_flags
& RTF_CACHE
) {
2243 if (rt6_check_expired(rt
)) {
2244 rt6_remove_exception_rt(rt
);
2256 static void ip6_link_failure(struct sk_buff
*skb
)
2258 struct rt6_info
*rt
;
2260 icmpv6_send(skb
, ICMPV6_DEST_UNREACH
, ICMPV6_ADDR_UNREACH
, 0);
2262 rt
= (struct rt6_info
*) skb_dst(skb
);
2265 if (rt
->rt6i_flags
& RTF_CACHE
) {
2266 if (dst_hold_safe(&rt
->dst
))
2267 rt6_remove_exception_rt(rt
);
2269 struct fib6_info
*from
;
2270 struct fib6_node
*fn
;
2272 from
= rcu_dereference(rt
->from
);
2274 fn
= rcu_dereference(from
->fib6_node
);
2275 if (fn
&& (rt
->rt6i_flags
& RTF_DEFAULT
))
2283 static void rt6_update_expires(struct rt6_info
*rt0
, int timeout
)
2285 if (!(rt0
->rt6i_flags
& RTF_EXPIRES
)) {
2286 struct fib6_info
*from
;
2289 from
= rcu_dereference(rt0
->from
);
2291 rt0
->dst
.expires
= from
->expires
;
2295 dst_set_expires(&rt0
->dst
, timeout
);
2296 rt0
->rt6i_flags
|= RTF_EXPIRES
;
2299 static void rt6_do_update_pmtu(struct rt6_info
*rt
, u32 mtu
)
2301 struct net
*net
= dev_net(rt
->dst
.dev
);
2303 dst_metric_set(&rt
->dst
, RTAX_MTU
, mtu
);
2304 rt
->rt6i_flags
|= RTF_MODIFIED
;
2305 rt6_update_expires(rt
, net
->ipv6
.sysctl
.ip6_rt_mtu_expires
);
2308 static bool rt6_cache_allowed_for_pmtu(const struct rt6_info
*rt
)
2313 from_set
= !!rcu_dereference(rt
->from
);
2316 return !(rt
->rt6i_flags
& RTF_CACHE
) &&
2317 (rt
->rt6i_flags
& RTF_PCPU
|| from_set
);
2320 static void __ip6_rt_update_pmtu(struct dst_entry
*dst
, const struct sock
*sk
,
2321 const struct ipv6hdr
*iph
, u32 mtu
)
2323 const struct in6_addr
*daddr
, *saddr
;
2324 struct rt6_info
*rt6
= (struct rt6_info
*)dst
;
2326 if (dst_metric_locked(dst
, RTAX_MTU
))
2330 daddr
= &iph
->daddr
;
2331 saddr
= &iph
->saddr
;
2333 daddr
= &sk
->sk_v6_daddr
;
2334 saddr
= &inet6_sk(sk
)->saddr
;
2339 dst_confirm_neigh(dst
, daddr
);
2340 mtu
= max_t(u32
, mtu
, IPV6_MIN_MTU
);
2341 if (mtu
>= dst_mtu(dst
))
2344 if (!rt6_cache_allowed_for_pmtu(rt6
)) {
2345 rt6_do_update_pmtu(rt6
, mtu
);
2346 /* update rt6_ex->stamp for cache */
2347 if (rt6
->rt6i_flags
& RTF_CACHE
)
2348 rt6_update_exception_stamp_rt(rt6
);
2350 struct fib6_info
*from
;
2351 struct rt6_info
*nrt6
;
2354 from
= rcu_dereference(rt6
->from
);
2355 nrt6
= ip6_rt_cache_alloc(from
, daddr
, saddr
);
2357 rt6_do_update_pmtu(nrt6
, mtu
);
2358 if (rt6_insert_exception(nrt6
, from
))
2359 dst_release_immediate(&nrt6
->dst
);
2365 static void ip6_rt_update_pmtu(struct dst_entry
*dst
, struct sock
*sk
,
2366 struct sk_buff
*skb
, u32 mtu
)
2368 __ip6_rt_update_pmtu(dst
, sk
, skb
? ipv6_hdr(skb
) : NULL
, mtu
);
2371 void ip6_update_pmtu(struct sk_buff
*skb
, struct net
*net
, __be32 mtu
,
2372 int oif
, u32 mark
, kuid_t uid
)
2374 const struct ipv6hdr
*iph
= (struct ipv6hdr
*) skb
->data
;
2375 struct dst_entry
*dst
;
2378 memset(&fl6
, 0, sizeof(fl6
));
2379 fl6
.flowi6_oif
= oif
;
2380 fl6
.flowi6_mark
= mark
? mark
: IP6_REPLY_MARK(net
, skb
->mark
);
2381 fl6
.daddr
= iph
->daddr
;
2382 fl6
.saddr
= iph
->saddr
;
2383 fl6
.flowlabel
= ip6_flowinfo(iph
);
2384 fl6
.flowi6_uid
= uid
;
2386 dst
= ip6_route_output(net
, NULL
, &fl6
);
2388 __ip6_rt_update_pmtu(dst
, NULL
, iph
, ntohl(mtu
));
2391 EXPORT_SYMBOL_GPL(ip6_update_pmtu
);
2393 void ip6_sk_update_pmtu(struct sk_buff
*skb
, struct sock
*sk
, __be32 mtu
)
2395 struct dst_entry
*dst
;
2397 ip6_update_pmtu(skb
, sock_net(sk
), mtu
,
2398 sk
->sk_bound_dev_if
, sk
->sk_mark
, sk
->sk_uid
);
2400 dst
= __sk_dst_get(sk
);
2401 if (!dst
|| !dst
->obsolete
||
2402 dst
->ops
->check(dst
, inet6_sk(sk
)->dst_cookie
))
2406 if (!sock_owned_by_user(sk
) && !ipv6_addr_v4mapped(&sk
->sk_v6_daddr
))
2407 ip6_datagram_dst_update(sk
, false);
2410 EXPORT_SYMBOL_GPL(ip6_sk_update_pmtu
);
2412 void ip6_sk_dst_store_flow(struct sock
*sk
, struct dst_entry
*dst
,
2413 const struct flowi6
*fl6
)
2415 #ifdef CONFIG_IPV6_SUBTREES
2416 struct ipv6_pinfo
*np
= inet6_sk(sk
);
2419 ip6_dst_store(sk
, dst
,
2420 ipv6_addr_equal(&fl6
->daddr
, &sk
->sk_v6_daddr
) ?
2421 &sk
->sk_v6_daddr
: NULL
,
2422 #ifdef CONFIG_IPV6_SUBTREES
2423 ipv6_addr_equal(&fl6
->saddr
, &np
->saddr
) ?
2429 /* Handle redirects */
2430 struct ip6rd_flowi
{
2432 struct in6_addr gateway
;
2435 static struct rt6_info
*__ip6_route_redirect(struct net
*net
,
2436 struct fib6_table
*table
,
2438 const struct sk_buff
*skb
,
2441 struct ip6rd_flowi
*rdfl
= (struct ip6rd_flowi
*)fl6
;
2442 struct rt6_info
*ret
= NULL
, *rt_cache
;
2443 struct fib6_info
*rt
;
2444 struct fib6_node
*fn
;
2446 /* Get the "current" route for this destination and
2447 * check if the redirect has come from appropriate router.
2449 * RFC 4861 specifies that redirects should only be
2450 * accepted if they come from the nexthop to the target.
2451 * Due to the way the routes are chosen, this notion
2452 * is a bit fuzzy and one might need to check all possible
2457 fn
= fib6_node_lookup(&table
->tb6_root
, &fl6
->daddr
, &fl6
->saddr
);
2459 for_each_fib6_node_rt_rcu(fn
) {
2460 if (rt
->fib6_nh
.nh_flags
& RTNH_F_DEAD
)
2462 if (fib6_check_expired(rt
))
2464 if (rt
->fib6_flags
& RTF_REJECT
)
2466 if (!(rt
->fib6_flags
& RTF_GATEWAY
))
2468 if (fl6
->flowi6_oif
!= rt
->fib6_nh
.nh_dev
->ifindex
)
2470 /* rt_cache's gateway might be different from its 'parent'
2471 * in the case of an ip redirect.
2472 * So we keep searching in the exception table if the gateway
2475 if (!ipv6_addr_equal(&rdfl
->gateway
, &rt
->fib6_nh
.nh_gw
)) {
2476 rt_cache
= rt6_find_cached_rt(rt
,
2480 ipv6_addr_equal(&rdfl
->gateway
,
2481 &rt_cache
->rt6i_gateway
)) {
2491 rt
= net
->ipv6
.fib6_null_entry
;
2492 else if (rt
->fib6_flags
& RTF_REJECT
) {
2493 ret
= net
->ipv6
.ip6_null_entry
;
2497 if (rt
== net
->ipv6
.fib6_null_entry
) {
2498 fn
= fib6_backtrack(fn
, &fl6
->saddr
);
2505 ip6_hold_safe(net
, &ret
, true);
2507 ret
= ip6_create_rt_rcu(rt
);
2511 trace_fib6_table_lookup(net
, rt
, table
, fl6
);
2515 static struct dst_entry
*ip6_route_redirect(struct net
*net
,
2516 const struct flowi6
*fl6
,
2517 const struct sk_buff
*skb
,
2518 const struct in6_addr
*gateway
)
2520 int flags
= RT6_LOOKUP_F_HAS_SADDR
;
2521 struct ip6rd_flowi rdfl
;
2524 rdfl
.gateway
= *gateway
;
2526 return fib6_rule_lookup(net
, &rdfl
.fl6
, skb
,
2527 flags
, __ip6_route_redirect
);
2530 void ip6_redirect(struct sk_buff
*skb
, struct net
*net
, int oif
, u32 mark
,
2533 const struct ipv6hdr
*iph
= (struct ipv6hdr
*) skb
->data
;
2534 struct dst_entry
*dst
;
2537 memset(&fl6
, 0, sizeof(fl6
));
2538 fl6
.flowi6_iif
= LOOPBACK_IFINDEX
;
2539 fl6
.flowi6_oif
= oif
;
2540 fl6
.flowi6_mark
= mark
;
2541 fl6
.daddr
= iph
->daddr
;
2542 fl6
.saddr
= iph
->saddr
;
2543 fl6
.flowlabel
= ip6_flowinfo(iph
);
2544 fl6
.flowi6_uid
= uid
;
2546 dst
= ip6_route_redirect(net
, &fl6
, skb
, &ipv6_hdr(skb
)->saddr
);
2547 rt6_do_redirect(dst
, NULL
, skb
);
2550 EXPORT_SYMBOL_GPL(ip6_redirect
);
2552 void ip6_redirect_no_header(struct sk_buff
*skb
, struct net
*net
, int oif
,
2555 const struct ipv6hdr
*iph
= ipv6_hdr(skb
);
2556 const struct rd_msg
*msg
= (struct rd_msg
*)icmp6_hdr(skb
);
2557 struct dst_entry
*dst
;
2560 memset(&fl6
, 0, sizeof(fl6
));
2561 fl6
.flowi6_iif
= LOOPBACK_IFINDEX
;
2562 fl6
.flowi6_oif
= oif
;
2563 fl6
.flowi6_mark
= mark
;
2564 fl6
.daddr
= msg
->dest
;
2565 fl6
.saddr
= iph
->daddr
;
2566 fl6
.flowi6_uid
= sock_net_uid(net
, NULL
);
2568 dst
= ip6_route_redirect(net
, &fl6
, skb
, &iph
->saddr
);
2569 rt6_do_redirect(dst
, NULL
, skb
);
2573 void ip6_sk_redirect(struct sk_buff
*skb
, struct sock
*sk
)
2575 ip6_redirect(skb
, sock_net(sk
), sk
->sk_bound_dev_if
, sk
->sk_mark
,
2578 EXPORT_SYMBOL_GPL(ip6_sk_redirect
);
2580 static unsigned int ip6_default_advmss(const struct dst_entry
*dst
)
2582 struct net_device
*dev
= dst
->dev
;
2583 unsigned int mtu
= dst_mtu(dst
);
2584 struct net
*net
= dev_net(dev
);
2586 mtu
-= sizeof(struct ipv6hdr
) + sizeof(struct tcphdr
);
2588 if (mtu
< net
->ipv6
.sysctl
.ip6_rt_min_advmss
)
2589 mtu
= net
->ipv6
.sysctl
.ip6_rt_min_advmss
;
2592 * Maximal non-jumbo IPv6 payload is IPV6_MAXPLEN and
2593 * corresponding MSS is IPV6_MAXPLEN - tcp_header_size.
2594 * IPV6_MAXPLEN is also valid and means: "any MSS,
2595 * rely only on pmtu discovery"
2597 if (mtu
> IPV6_MAXPLEN
- sizeof(struct tcphdr
))
2602 static unsigned int ip6_mtu(const struct dst_entry
*dst
)
2604 struct inet6_dev
*idev
;
2607 mtu
= dst_metric_raw(dst
, RTAX_MTU
);
2614 idev
= __in6_dev_get(dst
->dev
);
2616 mtu
= idev
->cnf
.mtu6
;
2620 mtu
= min_t(unsigned int, mtu
, IP6_MAX_MTU
);
2622 return mtu
- lwtunnel_headroom(dst
->lwtstate
, mtu
);
2626 * 1. mtu on route is locked - use it
2627 * 2. mtu from nexthop exception
2628 * 3. mtu from egress device
2630 * based on ip6_dst_mtu_forward and exception logic of
2631 * rt6_find_cached_rt; called with rcu_read_lock
2633 u32
ip6_mtu_from_fib6(struct fib6_info
*f6i
, struct in6_addr
*daddr
,
2634 struct in6_addr
*saddr
)
2636 struct rt6_exception_bucket
*bucket
;
2637 struct rt6_exception
*rt6_ex
;
2638 struct in6_addr
*src_key
;
2639 struct inet6_dev
*idev
;
2642 if (unlikely(fib6_metric_locked(f6i
, RTAX_MTU
))) {
2643 mtu
= f6i
->fib6_pmtu
;
2649 #ifdef CONFIG_IPV6_SUBTREES
2650 if (f6i
->fib6_src
.plen
)
2654 bucket
= rcu_dereference(f6i
->rt6i_exception_bucket
);
2655 rt6_ex
= __rt6_find_exception_rcu(&bucket
, daddr
, src_key
);
2656 if (rt6_ex
&& !rt6_check_expired(rt6_ex
->rt6i
))
2657 mtu
= dst_metric_raw(&rt6_ex
->rt6i
->dst
, RTAX_MTU
);
2660 struct net_device
*dev
= fib6_info_nh_dev(f6i
);
2663 idev
= __in6_dev_get(dev
);
2664 if (idev
&& idev
->cnf
.mtu6
> mtu
)
2665 mtu
= idev
->cnf
.mtu6
;
2668 mtu
= min_t(unsigned int, mtu
, IP6_MAX_MTU
);
2670 return mtu
- lwtunnel_headroom(fib6_info_nh_lwt(f6i
), mtu
);
2673 struct dst_entry
*icmp6_dst_alloc(struct net_device
*dev
,
2676 struct dst_entry
*dst
;
2677 struct rt6_info
*rt
;
2678 struct inet6_dev
*idev
= in6_dev_get(dev
);
2679 struct net
*net
= dev_net(dev
);
2681 if (unlikely(!idev
))
2682 return ERR_PTR(-ENODEV
);
2684 rt
= ip6_dst_alloc(net
, dev
, 0);
2685 if (unlikely(!rt
)) {
2687 dst
= ERR_PTR(-ENOMEM
);
2691 rt
->dst
.flags
|= DST_HOST
;
2692 rt
->dst
.input
= ip6_input
;
2693 rt
->dst
.output
= ip6_output
;
2694 rt
->rt6i_gateway
= fl6
->daddr
;
2695 rt
->rt6i_dst
.addr
= fl6
->daddr
;
2696 rt
->rt6i_dst
.plen
= 128;
2697 rt
->rt6i_idev
= idev
;
2698 dst_metric_set(&rt
->dst
, RTAX_HOPLIMIT
, 0);
2700 /* Add this dst into uncached_list so that rt6_disable_ip() can
2701 * do proper release of the net_device
2703 rt6_uncached_list_add(rt
);
2704 atomic_inc(&net
->ipv6
.rt6_stats
->fib_rt_uncache
);
2706 dst
= xfrm_lookup(net
, &rt
->dst
, flowi6_to_flowi(fl6
), NULL
, 0);
2712 static int ip6_dst_gc(struct dst_ops
*ops
)
2714 struct net
*net
= container_of(ops
, struct net
, ipv6
.ip6_dst_ops
);
2715 int rt_min_interval
= net
->ipv6
.sysctl
.ip6_rt_gc_min_interval
;
2716 int rt_max_size
= net
->ipv6
.sysctl
.ip6_rt_max_size
;
2717 int rt_elasticity
= net
->ipv6
.sysctl
.ip6_rt_gc_elasticity
;
2718 int rt_gc_timeout
= net
->ipv6
.sysctl
.ip6_rt_gc_timeout
;
2719 unsigned long rt_last_gc
= net
->ipv6
.ip6_rt_last_gc
;
2722 entries
= dst_entries_get_fast(ops
);
2723 if (time_after(rt_last_gc
+ rt_min_interval
, jiffies
) &&
2724 entries
<= rt_max_size
)
2727 net
->ipv6
.ip6_rt_gc_expire
++;
2728 fib6_run_gc(net
->ipv6
.ip6_rt_gc_expire
, net
, true);
2729 entries
= dst_entries_get_slow(ops
);
2730 if (entries
< ops
->gc_thresh
)
2731 net
->ipv6
.ip6_rt_gc_expire
= rt_gc_timeout
>>1;
2733 net
->ipv6
.ip6_rt_gc_expire
-= net
->ipv6
.ip6_rt_gc_expire
>>rt_elasticity
;
2734 return entries
> rt_max_size
;
2737 static int ip6_convert_metrics(struct net
*net
, struct fib6_info
*rt
,
2738 struct fib6_config
*cfg
)
2740 struct dst_metrics
*p
;
2745 p
= kzalloc(sizeof(*rt
->fib6_metrics
), GFP_KERNEL
);
2749 refcount_set(&p
->refcnt
, 1);
2750 rt
->fib6_metrics
= p
;
2752 return ip_metrics_convert(net
, cfg
->fc_mx
, cfg
->fc_mx_len
, p
->metrics
);
2755 static struct rt6_info
*ip6_nh_lookup_table(struct net
*net
,
2756 struct fib6_config
*cfg
,
2757 const struct in6_addr
*gw_addr
,
2758 u32 tbid
, int flags
)
2760 struct flowi6 fl6
= {
2761 .flowi6_oif
= cfg
->fc_ifindex
,
2763 .saddr
= cfg
->fc_prefsrc
,
2765 struct fib6_table
*table
;
2766 struct rt6_info
*rt
;
2768 table
= fib6_get_table(net
, tbid
);
2772 if (!ipv6_addr_any(&cfg
->fc_prefsrc
))
2773 flags
|= RT6_LOOKUP_F_HAS_SADDR
;
2775 flags
|= RT6_LOOKUP_F_IGNORE_LINKSTATE
;
2776 rt
= ip6_pol_route(net
, table
, cfg
->fc_ifindex
, &fl6
, NULL
, flags
);
2778 /* if table lookup failed, fall back to full lookup */
2779 if (rt
== net
->ipv6
.ip6_null_entry
) {
2787 static int ip6_route_check_nh_onlink(struct net
*net
,
2788 struct fib6_config
*cfg
,
2789 const struct net_device
*dev
,
2790 struct netlink_ext_ack
*extack
)
2792 u32 tbid
= l3mdev_fib_table(dev
) ? : RT_TABLE_MAIN
;
2793 const struct in6_addr
*gw_addr
= &cfg
->fc_gateway
;
2794 u32 flags
= RTF_LOCAL
| RTF_ANYCAST
| RTF_REJECT
;
2795 struct rt6_info
*grt
;
2799 grt
= ip6_nh_lookup_table(net
, cfg
, gw_addr
, tbid
, 0);
2801 if (!grt
->dst
.error
&&
2802 (grt
->rt6i_flags
& flags
|| dev
!= grt
->dst
.dev
)) {
2803 NL_SET_ERR_MSG(extack
,
2804 "Nexthop has invalid gateway or device mismatch");
2814 static int ip6_route_check_nh(struct net
*net
,
2815 struct fib6_config
*cfg
,
2816 struct net_device
**_dev
,
2817 struct inet6_dev
**idev
)
2819 const struct in6_addr
*gw_addr
= &cfg
->fc_gateway
;
2820 struct net_device
*dev
= _dev
? *_dev
: NULL
;
2821 struct rt6_info
*grt
= NULL
;
2822 int err
= -EHOSTUNREACH
;
2824 if (cfg
->fc_table
) {
2825 int flags
= RT6_LOOKUP_F_IFACE
;
2827 grt
= ip6_nh_lookup_table(net
, cfg
, gw_addr
,
2828 cfg
->fc_table
, flags
);
2830 if (grt
->rt6i_flags
& RTF_GATEWAY
||
2831 (dev
&& dev
!= grt
->dst
.dev
)) {
2839 grt
= rt6_lookup(net
, gw_addr
, NULL
, cfg
->fc_ifindex
, NULL
, 1);
2845 if (dev
!= grt
->dst
.dev
) {
2850 *_dev
= dev
= grt
->dst
.dev
;
2851 *idev
= grt
->rt6i_idev
;
2853 in6_dev_hold(grt
->rt6i_idev
);
2856 if (!(grt
->rt6i_flags
& RTF_GATEWAY
))
2865 static int ip6_validate_gw(struct net
*net
, struct fib6_config
*cfg
,
2866 struct net_device
**_dev
, struct inet6_dev
**idev
,
2867 struct netlink_ext_ack
*extack
)
2869 const struct in6_addr
*gw_addr
= &cfg
->fc_gateway
;
2870 int gwa_type
= ipv6_addr_type(gw_addr
);
2871 bool skip_dev
= gwa_type
& IPV6_ADDR_LINKLOCAL
? false : true;
2872 const struct net_device
*dev
= *_dev
;
2873 bool need_addr_check
= !dev
;
2876 /* if gw_addr is local we will fail to detect this in case
2877 * address is still TENTATIVE (DAD in progress). rt6_lookup()
2878 * will return already-added prefix route via interface that
2879 * prefix route was assigned to, which might be non-loopback.
2882 ipv6_chk_addr_and_flags(net
, gw_addr
, dev
, skip_dev
, 0, 0)) {
2883 NL_SET_ERR_MSG(extack
, "Gateway can not be a local address");
2887 if (gwa_type
!= (IPV6_ADDR_LINKLOCAL
| IPV6_ADDR_UNICAST
)) {
2888 /* IPv6 strictly inhibits using not link-local
2889 * addresses as nexthop address.
2890 * Otherwise, router will not able to send redirects.
2891 * It is very good, but in some (rare!) circumstances
2892 * (SIT, PtP, NBMA NOARP links) it is handy to allow
2893 * some exceptions. --ANK
2894 * We allow IPv4-mapped nexthops to support RFC4798-type
2897 if (!(gwa_type
& (IPV6_ADDR_UNICAST
| IPV6_ADDR_MAPPED
))) {
2898 NL_SET_ERR_MSG(extack
, "Invalid gateway address");
2902 if (cfg
->fc_flags
& RTNH_F_ONLINK
)
2903 err
= ip6_route_check_nh_onlink(net
, cfg
, dev
, extack
);
2905 err
= ip6_route_check_nh(net
, cfg
, _dev
, idev
);
2911 /* reload in case device was changed */
2916 NL_SET_ERR_MSG(extack
, "Egress device not specified");
2918 } else if (dev
->flags
& IFF_LOOPBACK
) {
2919 NL_SET_ERR_MSG(extack
,
2920 "Egress device can not be loopback device for this route");
2924 /* if we did not check gw_addr above, do so now that the
2925 * egress device has been resolved.
2927 if (need_addr_check
&&
2928 ipv6_chk_addr_and_flags(net
, gw_addr
, dev
, skip_dev
, 0, 0)) {
2929 NL_SET_ERR_MSG(extack
, "Gateway can not be a local address");
2938 static struct fib6_info
*ip6_route_info_create(struct fib6_config
*cfg
,
2940 struct netlink_ext_ack
*extack
)
2942 struct net
*net
= cfg
->fc_nlinfo
.nl_net
;
2943 struct fib6_info
*rt
= NULL
;
2944 struct net_device
*dev
= NULL
;
2945 struct inet6_dev
*idev
= NULL
;
2946 struct fib6_table
*table
;
2950 /* RTF_PCPU is an internal flag; can not be set by userspace */
2951 if (cfg
->fc_flags
& RTF_PCPU
) {
2952 NL_SET_ERR_MSG(extack
, "Userspace can not set RTF_PCPU");
2956 /* RTF_CACHE is an internal flag; can not be set by userspace */
2957 if (cfg
->fc_flags
& RTF_CACHE
) {
2958 NL_SET_ERR_MSG(extack
, "Userspace can not set RTF_CACHE");
2962 if (cfg
->fc_type
> RTN_MAX
) {
2963 NL_SET_ERR_MSG(extack
, "Invalid route type");
2967 if (cfg
->fc_dst_len
> 128) {
2968 NL_SET_ERR_MSG(extack
, "Invalid prefix length");
2971 if (cfg
->fc_src_len
> 128) {
2972 NL_SET_ERR_MSG(extack
, "Invalid source address length");
2975 #ifndef CONFIG_IPV6_SUBTREES
2976 if (cfg
->fc_src_len
) {
2977 NL_SET_ERR_MSG(extack
,
2978 "Specifying source address requires IPV6_SUBTREES to be enabled");
2982 if (cfg
->fc_ifindex
) {
2984 dev
= dev_get_by_index(net
, cfg
->fc_ifindex
);
2987 idev
= in6_dev_get(dev
);
2992 if (cfg
->fc_metric
== 0)
2993 cfg
->fc_metric
= IP6_RT_PRIO_USER
;
2995 if (cfg
->fc_flags
& RTNH_F_ONLINK
) {
2997 NL_SET_ERR_MSG(extack
,
2998 "Nexthop device required for onlink");
3003 if (!(dev
->flags
& IFF_UP
)) {
3004 NL_SET_ERR_MSG(extack
, "Nexthop device is not up");
3011 if (cfg
->fc_nlinfo
.nlh
&&
3012 !(cfg
->fc_nlinfo
.nlh
->nlmsg_flags
& NLM_F_CREATE
)) {
3013 table
= fib6_get_table(net
, cfg
->fc_table
);
3015 pr_warn("NLM_F_CREATE should be specified when creating new route\n");
3016 table
= fib6_new_table(net
, cfg
->fc_table
);
3019 table
= fib6_new_table(net
, cfg
->fc_table
);
3026 rt
= fib6_info_alloc(gfp_flags
);
3030 if (cfg
->fc_flags
& RTF_ADDRCONF
)
3031 rt
->dst_nocount
= true;
3033 err
= ip6_convert_metrics(net
, rt
, cfg
);
3037 if (cfg
->fc_flags
& RTF_EXPIRES
)
3038 fib6_set_expires(rt
, jiffies
+
3039 clock_t_to_jiffies(cfg
->fc_expires
));
3041 fib6_clean_expires(rt
);
3043 if (cfg
->fc_protocol
== RTPROT_UNSPEC
)
3044 cfg
->fc_protocol
= RTPROT_BOOT
;
3045 rt
->fib6_protocol
= cfg
->fc_protocol
;
3047 addr_type
= ipv6_addr_type(&cfg
->fc_dst
);
3049 if (cfg
->fc_encap
) {
3050 struct lwtunnel_state
*lwtstate
;
3052 err
= lwtunnel_build_state(cfg
->fc_encap_type
,
3053 cfg
->fc_encap
, AF_INET6
, cfg
,
3057 rt
->fib6_nh
.nh_lwtstate
= lwtstate_get(lwtstate
);
3060 ipv6_addr_prefix(&rt
->fib6_dst
.addr
, &cfg
->fc_dst
, cfg
->fc_dst_len
);
3061 rt
->fib6_dst
.plen
= cfg
->fc_dst_len
;
3062 if (rt
->fib6_dst
.plen
== 128)
3063 rt
->dst_host
= true;
3065 #ifdef CONFIG_IPV6_SUBTREES
3066 ipv6_addr_prefix(&rt
->fib6_src
.addr
, &cfg
->fc_src
, cfg
->fc_src_len
);
3067 rt
->fib6_src
.plen
= cfg
->fc_src_len
;
3070 rt
->fib6_metric
= cfg
->fc_metric
;
3071 rt
->fib6_nh
.nh_weight
= 1;
3073 rt
->fib6_type
= cfg
->fc_type
;
3075 /* We cannot add true routes via loopback here,
3076 they would result in kernel looping; promote them to reject routes
3078 if ((cfg
->fc_flags
& RTF_REJECT
) ||
3079 (dev
&& (dev
->flags
& IFF_LOOPBACK
) &&
3080 !(addr_type
& IPV6_ADDR_LOOPBACK
) &&
3081 !(cfg
->fc_flags
& RTF_LOCAL
))) {
3082 /* hold loopback dev/idev if we haven't done so. */
3083 if (dev
!= net
->loopback_dev
) {
3088 dev
= net
->loopback_dev
;
3090 idev
= in6_dev_get(dev
);
3096 rt
->fib6_flags
= RTF_REJECT
|RTF_NONEXTHOP
;
3100 if (cfg
->fc_flags
& RTF_GATEWAY
) {
3101 err
= ip6_validate_gw(net
, cfg
, &dev
, &idev
, extack
);
3105 rt
->fib6_nh
.nh_gw
= cfg
->fc_gateway
;
3112 if (idev
->cnf
.disable_ipv6
) {
3113 NL_SET_ERR_MSG(extack
, "IPv6 is disabled on nexthop device");
3118 if (!(dev
->flags
& IFF_UP
)) {
3119 NL_SET_ERR_MSG(extack
, "Nexthop device is not up");
3124 if (!ipv6_addr_any(&cfg
->fc_prefsrc
)) {
3125 if (!ipv6_chk_addr(net
, &cfg
->fc_prefsrc
, dev
, 0)) {
3126 NL_SET_ERR_MSG(extack
, "Invalid source address");
3130 rt
->fib6_prefsrc
.addr
= cfg
->fc_prefsrc
;
3131 rt
->fib6_prefsrc
.plen
= 128;
3133 rt
->fib6_prefsrc
.plen
= 0;
3135 rt
->fib6_flags
= cfg
->fc_flags
;
3138 if (!(rt
->fib6_flags
& (RTF_LOCAL
| RTF_ANYCAST
)) &&
3139 !netif_carrier_ok(dev
))
3140 rt
->fib6_nh
.nh_flags
|= RTNH_F_LINKDOWN
;
3141 rt
->fib6_nh
.nh_flags
|= (cfg
->fc_flags
& RTNH_F_ONLINK
);
3142 rt
->fib6_nh
.nh_dev
= dev
;
3143 rt
->fib6_table
= table
;
3145 cfg
->fc_nlinfo
.nl_net
= dev_net(dev
);
3157 fib6_info_release(rt
);
3158 return ERR_PTR(err
);
3161 int ip6_route_add(struct fib6_config
*cfg
, gfp_t gfp_flags
,
3162 struct netlink_ext_ack
*extack
)
3164 struct fib6_info
*rt
;
3167 rt
= ip6_route_info_create(cfg
, gfp_flags
, extack
);
3171 err
= __ip6_ins_rt(rt
, &cfg
->fc_nlinfo
, extack
);
3172 fib6_info_release(rt
);
3177 static int __ip6_del_rt(struct fib6_info
*rt
, struct nl_info
*info
)
3179 struct net
*net
= info
->nl_net
;
3180 struct fib6_table
*table
;
3183 if (rt
== net
->ipv6
.fib6_null_entry
) {
3188 table
= rt
->fib6_table
;
3189 spin_lock_bh(&table
->tb6_lock
);
3190 err
= fib6_del(rt
, info
);
3191 spin_unlock_bh(&table
->tb6_lock
);
3194 fib6_info_release(rt
);
3198 int ip6_del_rt(struct net
*net
, struct fib6_info
*rt
)
3200 struct nl_info info
= { .nl_net
= net
};
3202 return __ip6_del_rt(rt
, &info
);
3205 static int __ip6_del_rt_siblings(struct fib6_info
*rt
, struct fib6_config
*cfg
)
3207 struct nl_info
*info
= &cfg
->fc_nlinfo
;
3208 struct net
*net
= info
->nl_net
;
3209 struct sk_buff
*skb
= NULL
;
3210 struct fib6_table
*table
;
3213 if (rt
== net
->ipv6
.fib6_null_entry
)
3215 table
= rt
->fib6_table
;
3216 spin_lock_bh(&table
->tb6_lock
);
3218 if (rt
->fib6_nsiblings
&& cfg
->fc_delete_all_nh
) {
3219 struct fib6_info
*sibling
, *next_sibling
;
3221 /* prefer to send a single notification with all hops */
3222 skb
= nlmsg_new(rt6_nlmsg_size(rt
), gfp_any());
3224 u32 seq
= info
->nlh
? info
->nlh
->nlmsg_seq
: 0;
3226 if (rt6_fill_node(net
, skb
, rt
, NULL
,
3227 NULL
, NULL
, 0, RTM_DELROUTE
,
3228 info
->portid
, seq
, 0) < 0) {
3232 info
->skip_notify
= 1;
3235 list_for_each_entry_safe(sibling
, next_sibling
,
3238 err
= fib6_del(sibling
, info
);
3244 err
= fib6_del(rt
, info
);
3246 spin_unlock_bh(&table
->tb6_lock
);
3248 fib6_info_release(rt
);
3251 rtnl_notify(skb
, net
, info
->portid
, RTNLGRP_IPV6_ROUTE
,
3252 info
->nlh
, gfp_any());
3257 static int ip6_del_cached_rt(struct rt6_info
*rt
, struct fib6_config
*cfg
)
3261 if (cfg
->fc_ifindex
&& rt
->dst
.dev
->ifindex
!= cfg
->fc_ifindex
)
3264 if (cfg
->fc_flags
& RTF_GATEWAY
&&
3265 !ipv6_addr_equal(&cfg
->fc_gateway
, &rt
->rt6i_gateway
))
3267 if (dst_hold_safe(&rt
->dst
))
3268 rc
= rt6_remove_exception_rt(rt
);
3273 static int ip6_route_del(struct fib6_config
*cfg
,
3274 struct netlink_ext_ack
*extack
)
3276 struct rt6_info
*rt_cache
;
3277 struct fib6_table
*table
;
3278 struct fib6_info
*rt
;
3279 struct fib6_node
*fn
;
3282 table
= fib6_get_table(cfg
->fc_nlinfo
.nl_net
, cfg
->fc_table
);
3284 NL_SET_ERR_MSG(extack
, "FIB table does not exist");
3290 fn
= fib6_locate(&table
->tb6_root
,
3291 &cfg
->fc_dst
, cfg
->fc_dst_len
,
3292 &cfg
->fc_src
, cfg
->fc_src_len
,
3293 !(cfg
->fc_flags
& RTF_CACHE
));
3296 for_each_fib6_node_rt_rcu(fn
) {
3297 if (cfg
->fc_flags
& RTF_CACHE
) {
3300 rt_cache
= rt6_find_cached_rt(rt
, &cfg
->fc_dst
,
3303 rc
= ip6_del_cached_rt(rt_cache
, cfg
);
3311 if (cfg
->fc_ifindex
&&
3312 (!rt
->fib6_nh
.nh_dev
||
3313 rt
->fib6_nh
.nh_dev
->ifindex
!= cfg
->fc_ifindex
))
3315 if (cfg
->fc_flags
& RTF_GATEWAY
&&
3316 !ipv6_addr_equal(&cfg
->fc_gateway
, &rt
->fib6_nh
.nh_gw
))
3318 if (cfg
->fc_metric
&& cfg
->fc_metric
!= rt
->fib6_metric
)
3320 if (cfg
->fc_protocol
&& cfg
->fc_protocol
!= rt
->fib6_protocol
)
3322 if (!fib6_info_hold_safe(rt
))
3326 /* if gateway was specified only delete the one hop */
3327 if (cfg
->fc_flags
& RTF_GATEWAY
)
3328 return __ip6_del_rt(rt
, &cfg
->fc_nlinfo
);
3330 return __ip6_del_rt_siblings(rt
, cfg
);
3338 static void rt6_do_redirect(struct dst_entry
*dst
, struct sock
*sk
, struct sk_buff
*skb
)
3340 struct netevent_redirect netevent
;
3341 struct rt6_info
*rt
, *nrt
= NULL
;
3342 struct ndisc_options ndopts
;
3343 struct inet6_dev
*in6_dev
;
3344 struct neighbour
*neigh
;
3345 struct fib6_info
*from
;
3347 int optlen
, on_link
;
3350 optlen
= skb_tail_pointer(skb
) - skb_transport_header(skb
);
3351 optlen
-= sizeof(*msg
);
3354 net_dbg_ratelimited("rt6_do_redirect: packet too short\n");
3358 msg
= (struct rd_msg
*)icmp6_hdr(skb
);
3360 if (ipv6_addr_is_multicast(&msg
->dest
)) {
3361 net_dbg_ratelimited("rt6_do_redirect: destination address is multicast\n");
3366 if (ipv6_addr_equal(&msg
->dest
, &msg
->target
)) {
3368 } else if (ipv6_addr_type(&msg
->target
) !=
3369 (IPV6_ADDR_UNICAST
|IPV6_ADDR_LINKLOCAL
)) {
3370 net_dbg_ratelimited("rt6_do_redirect: target address is not link-local unicast\n");
3374 in6_dev
= __in6_dev_get(skb
->dev
);
3377 if (in6_dev
->cnf
.forwarding
|| !in6_dev
->cnf
.accept_redirects
)
3381 * The IP source address of the Redirect MUST be the same as the current
3382 * first-hop router for the specified ICMP Destination Address.
3385 if (!ndisc_parse_options(skb
->dev
, msg
->opt
, optlen
, &ndopts
)) {
3386 net_dbg_ratelimited("rt6_redirect: invalid ND options\n");
3391 if (ndopts
.nd_opts_tgt_lladdr
) {
3392 lladdr
= ndisc_opt_addr_data(ndopts
.nd_opts_tgt_lladdr
,
3395 net_dbg_ratelimited("rt6_redirect: invalid link-layer address length\n");
3400 rt
= (struct rt6_info
*) dst
;
3401 if (rt
->rt6i_flags
& RTF_REJECT
) {
3402 net_dbg_ratelimited("rt6_redirect: source isn't a valid nexthop for redirect target\n");
3406 /* Redirect received -> path was valid.
3407 * Look, redirects are sent only in response to data packets,
3408 * so that this nexthop apparently is reachable. --ANK
3410 dst_confirm_neigh(&rt
->dst
, &ipv6_hdr(skb
)->saddr
);
3412 neigh
= __neigh_lookup(&nd_tbl
, &msg
->target
, skb
->dev
, 1);
3417 * We have finally decided to accept it.
3420 ndisc_update(skb
->dev
, neigh
, lladdr
, NUD_STALE
,
3421 NEIGH_UPDATE_F_WEAK_OVERRIDE
|
3422 NEIGH_UPDATE_F_OVERRIDE
|
3423 (on_link
? 0 : (NEIGH_UPDATE_F_OVERRIDE_ISROUTER
|
3424 NEIGH_UPDATE_F_ISROUTER
)),
3425 NDISC_REDIRECT
, &ndopts
);
3428 from
= rcu_dereference(rt
->from
);
3429 /* This fib6_info_hold() is safe here because we hold reference to rt
3430 * and rt already holds reference to fib6_info.
3432 fib6_info_hold(from
);
3435 nrt
= ip6_rt_cache_alloc(from
, &msg
->dest
, NULL
);
3439 nrt
->rt6i_flags
= RTF_GATEWAY
|RTF_UP
|RTF_DYNAMIC
|RTF_CACHE
;
3441 nrt
->rt6i_flags
&= ~RTF_GATEWAY
;
3443 nrt
->rt6i_gateway
= *(struct in6_addr
*)neigh
->primary_key
;
3445 /* No need to remove rt from the exception table if rt is
3446 * a cached route because rt6_insert_exception() will
3449 if (rt6_insert_exception(nrt
, from
)) {
3450 dst_release_immediate(&nrt
->dst
);
3454 netevent
.old
= &rt
->dst
;
3455 netevent
.new = &nrt
->dst
;
3456 netevent
.daddr
= &msg
->dest
;
3457 netevent
.neigh
= neigh
;
3458 call_netevent_notifiers(NETEVENT_REDIRECT
, &netevent
);
3461 fib6_info_release(from
);
3462 neigh_release(neigh
);
3465 #ifdef CONFIG_IPV6_ROUTE_INFO
3466 static struct fib6_info
*rt6_get_route_info(struct net
*net
,
3467 const struct in6_addr
*prefix
, int prefixlen
,
3468 const struct in6_addr
*gwaddr
,
3469 struct net_device
*dev
)
3471 u32 tb_id
= l3mdev_fib_table(dev
) ? : RT6_TABLE_INFO
;
3472 int ifindex
= dev
->ifindex
;
3473 struct fib6_node
*fn
;
3474 struct fib6_info
*rt
= NULL
;
3475 struct fib6_table
*table
;
3477 table
= fib6_get_table(net
, tb_id
);
3482 fn
= fib6_locate(&table
->tb6_root
, prefix
, prefixlen
, NULL
, 0, true);
3486 for_each_fib6_node_rt_rcu(fn
) {
3487 if (rt
->fib6_nh
.nh_dev
->ifindex
!= ifindex
)
3489 if ((rt
->fib6_flags
& (RTF_ROUTEINFO
|RTF_GATEWAY
)) != (RTF_ROUTEINFO
|RTF_GATEWAY
))
3491 if (!ipv6_addr_equal(&rt
->fib6_nh
.nh_gw
, gwaddr
))
3493 if (!fib6_info_hold_safe(rt
))
3502 static struct fib6_info
*rt6_add_route_info(struct net
*net
,
3503 const struct in6_addr
*prefix
, int prefixlen
,
3504 const struct in6_addr
*gwaddr
,
3505 struct net_device
*dev
,
3508 struct fib6_config cfg
= {
3509 .fc_metric
= IP6_RT_PRIO_USER
,
3510 .fc_ifindex
= dev
->ifindex
,
3511 .fc_dst_len
= prefixlen
,
3512 .fc_flags
= RTF_GATEWAY
| RTF_ADDRCONF
| RTF_ROUTEINFO
|
3513 RTF_UP
| RTF_PREF(pref
),
3514 .fc_protocol
= RTPROT_RA
,
3515 .fc_type
= RTN_UNICAST
,
3516 .fc_nlinfo
.portid
= 0,
3517 .fc_nlinfo
.nlh
= NULL
,
3518 .fc_nlinfo
.nl_net
= net
,
3521 cfg
.fc_table
= l3mdev_fib_table(dev
) ? : RT6_TABLE_INFO
,
3522 cfg
.fc_dst
= *prefix
;
3523 cfg
.fc_gateway
= *gwaddr
;
3525 /* We should treat it as a default route if prefix length is 0. */
3527 cfg
.fc_flags
|= RTF_DEFAULT
;
3529 ip6_route_add(&cfg
, GFP_ATOMIC
, NULL
);
3531 return rt6_get_route_info(net
, prefix
, prefixlen
, gwaddr
, dev
);
3535 struct fib6_info
*rt6_get_dflt_router(struct net
*net
,
3536 const struct in6_addr
*addr
,
3537 struct net_device
*dev
)
3539 u32 tb_id
= l3mdev_fib_table(dev
) ? : RT6_TABLE_DFLT
;
3540 struct fib6_info
*rt
;
3541 struct fib6_table
*table
;
3543 table
= fib6_get_table(net
, tb_id
);
3548 for_each_fib6_node_rt_rcu(&table
->tb6_root
) {
3549 if (dev
== rt
->fib6_nh
.nh_dev
&&
3550 ((rt
->fib6_flags
& (RTF_ADDRCONF
| RTF_DEFAULT
)) == (RTF_ADDRCONF
| RTF_DEFAULT
)) &&
3551 ipv6_addr_equal(&rt
->fib6_nh
.nh_gw
, addr
))
3554 if (rt
&& !fib6_info_hold_safe(rt
))
3560 struct fib6_info
*rt6_add_dflt_router(struct net
*net
,
3561 const struct in6_addr
*gwaddr
,
3562 struct net_device
*dev
,
3565 struct fib6_config cfg
= {
3566 .fc_table
= l3mdev_fib_table(dev
) ? : RT6_TABLE_DFLT
,
3567 .fc_metric
= IP6_RT_PRIO_USER
,
3568 .fc_ifindex
= dev
->ifindex
,
3569 .fc_flags
= RTF_GATEWAY
| RTF_ADDRCONF
| RTF_DEFAULT
|
3570 RTF_UP
| RTF_EXPIRES
| RTF_PREF(pref
),
3571 .fc_protocol
= RTPROT_RA
,
3572 .fc_type
= RTN_UNICAST
,
3573 .fc_nlinfo
.portid
= 0,
3574 .fc_nlinfo
.nlh
= NULL
,
3575 .fc_nlinfo
.nl_net
= net
,
3578 cfg
.fc_gateway
= *gwaddr
;
3580 if (!ip6_route_add(&cfg
, GFP_ATOMIC
, NULL
)) {
3581 struct fib6_table
*table
;
3583 table
= fib6_get_table(dev_net(dev
), cfg
.fc_table
);
3585 table
->flags
|= RT6_TABLE_HAS_DFLT_ROUTER
;
3588 return rt6_get_dflt_router(net
, gwaddr
, dev
);
3591 static void __rt6_purge_dflt_routers(struct net
*net
,
3592 struct fib6_table
*table
)
3594 struct fib6_info
*rt
;
3598 for_each_fib6_node_rt_rcu(&table
->tb6_root
) {
3599 struct net_device
*dev
= fib6_info_nh_dev(rt
);
3600 struct inet6_dev
*idev
= dev
? __in6_dev_get(dev
) : NULL
;
3602 if (rt
->fib6_flags
& (RTF_DEFAULT
| RTF_ADDRCONF
) &&
3603 (!idev
|| idev
->cnf
.accept_ra
!= 2) &&
3604 fib6_info_hold_safe(rt
)) {
3606 ip6_del_rt(net
, rt
);
3612 table
->flags
&= ~RT6_TABLE_HAS_DFLT_ROUTER
;
3615 void rt6_purge_dflt_routers(struct net
*net
)
3617 struct fib6_table
*table
;
3618 struct hlist_head
*head
;
3623 for (h
= 0; h
< FIB6_TABLE_HASHSZ
; h
++) {
3624 head
= &net
->ipv6
.fib_table_hash
[h
];
3625 hlist_for_each_entry_rcu(table
, head
, tb6_hlist
) {
3626 if (table
->flags
& RT6_TABLE_HAS_DFLT_ROUTER
)
3627 __rt6_purge_dflt_routers(net
, table
);
3634 static void rtmsg_to_fib6_config(struct net
*net
,
3635 struct in6_rtmsg
*rtmsg
,
3636 struct fib6_config
*cfg
)
3638 memset(cfg
, 0, sizeof(*cfg
));
3640 cfg
->fc_table
= l3mdev_fib_table_by_index(net
, rtmsg
->rtmsg_ifindex
) ?
3642 cfg
->fc_ifindex
= rtmsg
->rtmsg_ifindex
;
3643 cfg
->fc_metric
= rtmsg
->rtmsg_metric
;
3644 cfg
->fc_expires
= rtmsg
->rtmsg_info
;
3645 cfg
->fc_dst_len
= rtmsg
->rtmsg_dst_len
;
3646 cfg
->fc_src_len
= rtmsg
->rtmsg_src_len
;
3647 cfg
->fc_flags
= rtmsg
->rtmsg_flags
;
3648 cfg
->fc_type
= rtmsg
->rtmsg_type
;
3650 cfg
->fc_nlinfo
.nl_net
= net
;
3652 cfg
->fc_dst
= rtmsg
->rtmsg_dst
;
3653 cfg
->fc_src
= rtmsg
->rtmsg_src
;
3654 cfg
->fc_gateway
= rtmsg
->rtmsg_gateway
;
3657 int ipv6_route_ioctl(struct net
*net
, unsigned int cmd
, void __user
*arg
)
3659 struct fib6_config cfg
;
3660 struct in6_rtmsg rtmsg
;
3664 case SIOCADDRT
: /* Add a route */
3665 case SIOCDELRT
: /* Delete a route */
3666 if (!ns_capable(net
->user_ns
, CAP_NET_ADMIN
))
3668 err
= copy_from_user(&rtmsg
, arg
,
3669 sizeof(struct in6_rtmsg
));
3673 rtmsg_to_fib6_config(net
, &rtmsg
, &cfg
);
3678 err
= ip6_route_add(&cfg
, GFP_KERNEL
, NULL
);
3681 err
= ip6_route_del(&cfg
, NULL
);
3695 * Drop the packet on the floor
3698 static int ip6_pkt_drop(struct sk_buff
*skb
, u8 code
, int ipstats_mib_noroutes
)
3701 struct dst_entry
*dst
= skb_dst(skb
);
3702 switch (ipstats_mib_noroutes
) {
3703 case IPSTATS_MIB_INNOROUTES
:
3704 type
= ipv6_addr_type(&ipv6_hdr(skb
)->daddr
);
3705 if (type
== IPV6_ADDR_ANY
) {
3706 IP6_INC_STATS(dev_net(dst
->dev
),
3707 __in6_dev_get_safely(skb
->dev
),
3708 IPSTATS_MIB_INADDRERRORS
);
3712 case IPSTATS_MIB_OUTNOROUTES
:
3713 IP6_INC_STATS(dev_net(dst
->dev
), ip6_dst_idev(dst
),
3714 ipstats_mib_noroutes
);
3717 icmpv6_send(skb
, ICMPV6_DEST_UNREACH
, code
, 0);
3722 static int ip6_pkt_discard(struct sk_buff
*skb
)
3724 return ip6_pkt_drop(skb
, ICMPV6_NOROUTE
, IPSTATS_MIB_INNOROUTES
);
3727 static int ip6_pkt_discard_out(struct net
*net
, struct sock
*sk
, struct sk_buff
*skb
)
3729 skb
->dev
= skb_dst(skb
)->dev
;
3730 return ip6_pkt_drop(skb
, ICMPV6_NOROUTE
, IPSTATS_MIB_OUTNOROUTES
);
3733 static int ip6_pkt_prohibit(struct sk_buff
*skb
)
3735 return ip6_pkt_drop(skb
, ICMPV6_ADM_PROHIBITED
, IPSTATS_MIB_INNOROUTES
);
3738 static int ip6_pkt_prohibit_out(struct net
*net
, struct sock
*sk
, struct sk_buff
*skb
)
3740 skb
->dev
= skb_dst(skb
)->dev
;
3741 return ip6_pkt_drop(skb
, ICMPV6_ADM_PROHIBITED
, IPSTATS_MIB_OUTNOROUTES
);
3745 * Allocate a dst for local (unicast / anycast) address.
3748 struct fib6_info
*addrconf_f6i_alloc(struct net
*net
,
3749 struct inet6_dev
*idev
,
3750 const struct in6_addr
*addr
,
3751 bool anycast
, gfp_t gfp_flags
)
3754 struct net_device
*dev
= idev
->dev
;
3755 struct fib6_info
*f6i
;
3757 f6i
= fib6_info_alloc(gfp_flags
);
3759 return ERR_PTR(-ENOMEM
);
3761 f6i
->dst_nocount
= true;
3762 f6i
->dst_host
= true;
3763 f6i
->fib6_protocol
= RTPROT_KERNEL
;
3764 f6i
->fib6_flags
= RTF_UP
| RTF_NONEXTHOP
;
3766 f6i
->fib6_type
= RTN_ANYCAST
;
3767 f6i
->fib6_flags
|= RTF_ANYCAST
;
3769 f6i
->fib6_type
= RTN_LOCAL
;
3770 f6i
->fib6_flags
|= RTF_LOCAL
;
3773 f6i
->fib6_nh
.nh_gw
= *addr
;
3775 f6i
->fib6_nh
.nh_dev
= dev
;
3776 f6i
->fib6_dst
.addr
= *addr
;
3777 f6i
->fib6_dst
.plen
= 128;
3778 tb_id
= l3mdev_fib_table(idev
->dev
) ? : RT6_TABLE_LOCAL
;
3779 f6i
->fib6_table
= fib6_get_table(net
, tb_id
);
3784 /* remove deleted ip from prefsrc entries */
3785 struct arg_dev_net_ip
{
3786 struct net_device
*dev
;
3788 struct in6_addr
*addr
;
3791 static int fib6_remove_prefsrc(struct fib6_info
*rt
, void *arg
)
3793 struct net_device
*dev
= ((struct arg_dev_net_ip
*)arg
)->dev
;
3794 struct net
*net
= ((struct arg_dev_net_ip
*)arg
)->net
;
3795 struct in6_addr
*addr
= ((struct arg_dev_net_ip
*)arg
)->addr
;
3797 if (((void *)rt
->fib6_nh
.nh_dev
== dev
|| !dev
) &&
3798 rt
!= net
->ipv6
.fib6_null_entry
&&
3799 ipv6_addr_equal(addr
, &rt
->fib6_prefsrc
.addr
)) {
3800 spin_lock_bh(&rt6_exception_lock
);
3801 /* remove prefsrc entry */
3802 rt
->fib6_prefsrc
.plen
= 0;
3803 /* need to update cache as well */
3804 rt6_exceptions_remove_prefsrc(rt
);
3805 spin_unlock_bh(&rt6_exception_lock
);
3810 void rt6_remove_prefsrc(struct inet6_ifaddr
*ifp
)
3812 struct net
*net
= dev_net(ifp
->idev
->dev
);
3813 struct arg_dev_net_ip adni
= {
3814 .dev
= ifp
->idev
->dev
,
3818 fib6_clean_all(net
, fib6_remove_prefsrc
, &adni
);
3821 #define RTF_RA_ROUTER (RTF_ADDRCONF | RTF_DEFAULT | RTF_GATEWAY)
3823 /* Remove routers and update dst entries when gateway turn into host. */
3824 static int fib6_clean_tohost(struct fib6_info
*rt
, void *arg
)
3826 struct in6_addr
*gateway
= (struct in6_addr
*)arg
;
3828 if (((rt
->fib6_flags
& RTF_RA_ROUTER
) == RTF_RA_ROUTER
) &&
3829 ipv6_addr_equal(gateway
, &rt
->fib6_nh
.nh_gw
)) {
3833 /* Further clean up cached routes in exception table.
3834 * This is needed because cached route may have a different
3835 * gateway than its 'parent' in the case of an ip redirect.
3837 rt6_exceptions_clean_tohost(rt
, gateway
);
3842 void rt6_clean_tohost(struct net
*net
, struct in6_addr
*gateway
)
3844 fib6_clean_all(net
, fib6_clean_tohost
, gateway
);
3847 struct arg_netdev_event
{
3848 const struct net_device
*dev
;
3850 unsigned int nh_flags
;
3851 unsigned long event
;
3855 static struct fib6_info
*rt6_multipath_first_sibling(const struct fib6_info
*rt
)
3857 struct fib6_info
*iter
;
3858 struct fib6_node
*fn
;
3860 fn
= rcu_dereference_protected(rt
->fib6_node
,
3861 lockdep_is_held(&rt
->fib6_table
->tb6_lock
));
3862 iter
= rcu_dereference_protected(fn
->leaf
,
3863 lockdep_is_held(&rt
->fib6_table
->tb6_lock
));
3865 if (iter
->fib6_metric
== rt
->fib6_metric
&&
3866 rt6_qualify_for_ecmp(iter
))
3868 iter
= rcu_dereference_protected(iter
->fib6_next
,
3869 lockdep_is_held(&rt
->fib6_table
->tb6_lock
));
3875 static bool rt6_is_dead(const struct fib6_info
*rt
)
3877 if (rt
->fib6_nh
.nh_flags
& RTNH_F_DEAD
||
3878 (rt
->fib6_nh
.nh_flags
& RTNH_F_LINKDOWN
&&
3879 fib6_ignore_linkdown(rt
)))
3885 static int rt6_multipath_total_weight(const struct fib6_info
*rt
)
3887 struct fib6_info
*iter
;
3890 if (!rt6_is_dead(rt
))
3891 total
+= rt
->fib6_nh
.nh_weight
;
3893 list_for_each_entry(iter
, &rt
->fib6_siblings
, fib6_siblings
) {
3894 if (!rt6_is_dead(iter
))
3895 total
+= iter
->fib6_nh
.nh_weight
;
3901 static void rt6_upper_bound_set(struct fib6_info
*rt
, int *weight
, int total
)
3903 int upper_bound
= -1;
3905 if (!rt6_is_dead(rt
)) {
3906 *weight
+= rt
->fib6_nh
.nh_weight
;
3907 upper_bound
= DIV_ROUND_CLOSEST_ULL((u64
) (*weight
) << 31,
3910 atomic_set(&rt
->fib6_nh
.nh_upper_bound
, upper_bound
);
3913 static void rt6_multipath_upper_bound_set(struct fib6_info
*rt
, int total
)
3915 struct fib6_info
*iter
;
3918 rt6_upper_bound_set(rt
, &weight
, total
);
3920 list_for_each_entry(iter
, &rt
->fib6_siblings
, fib6_siblings
)
3921 rt6_upper_bound_set(iter
, &weight
, total
);
3924 void rt6_multipath_rebalance(struct fib6_info
*rt
)
3926 struct fib6_info
*first
;
3929 /* In case the entire multipath route was marked for flushing,
3930 * then there is no need to rebalance upon the removal of every
3933 if (!rt
->fib6_nsiblings
|| rt
->should_flush
)
3936 /* During lookup routes are evaluated in order, so we need to
3937 * make sure upper bounds are assigned from the first sibling
3940 first
= rt6_multipath_first_sibling(rt
);
3941 if (WARN_ON_ONCE(!first
))
3944 total
= rt6_multipath_total_weight(first
);
3945 rt6_multipath_upper_bound_set(first
, total
);
3948 static int fib6_ifup(struct fib6_info
*rt
, void *p_arg
)
3950 const struct arg_netdev_event
*arg
= p_arg
;
3951 struct net
*net
= dev_net(arg
->dev
);
3953 if (rt
!= net
->ipv6
.fib6_null_entry
&& rt
->fib6_nh
.nh_dev
== arg
->dev
) {
3954 rt
->fib6_nh
.nh_flags
&= ~arg
->nh_flags
;
3955 fib6_update_sernum_upto_root(net
, rt
);
3956 rt6_multipath_rebalance(rt
);
3962 void rt6_sync_up(struct net_device
*dev
, unsigned int nh_flags
)
3964 struct arg_netdev_event arg
= {
3967 .nh_flags
= nh_flags
,
3971 if (nh_flags
& RTNH_F_DEAD
&& netif_carrier_ok(dev
))
3972 arg
.nh_flags
|= RTNH_F_LINKDOWN
;
3974 fib6_clean_all(dev_net(dev
), fib6_ifup
, &arg
);
3977 static bool rt6_multipath_uses_dev(const struct fib6_info
*rt
,
3978 const struct net_device
*dev
)
3980 struct fib6_info
*iter
;
3982 if (rt
->fib6_nh
.nh_dev
== dev
)
3984 list_for_each_entry(iter
, &rt
->fib6_siblings
, fib6_siblings
)
3985 if (iter
->fib6_nh
.nh_dev
== dev
)
3991 static void rt6_multipath_flush(struct fib6_info
*rt
)
3993 struct fib6_info
*iter
;
3995 rt
->should_flush
= 1;
3996 list_for_each_entry(iter
, &rt
->fib6_siblings
, fib6_siblings
)
3997 iter
->should_flush
= 1;
4000 static unsigned int rt6_multipath_dead_count(const struct fib6_info
*rt
,
4001 const struct net_device
*down_dev
)
4003 struct fib6_info
*iter
;
4004 unsigned int dead
= 0;
4006 if (rt
->fib6_nh
.nh_dev
== down_dev
||
4007 rt
->fib6_nh
.nh_flags
& RTNH_F_DEAD
)
4009 list_for_each_entry(iter
, &rt
->fib6_siblings
, fib6_siblings
)
4010 if (iter
->fib6_nh
.nh_dev
== down_dev
||
4011 iter
->fib6_nh
.nh_flags
& RTNH_F_DEAD
)
4017 static void rt6_multipath_nh_flags_set(struct fib6_info
*rt
,
4018 const struct net_device
*dev
,
4019 unsigned int nh_flags
)
4021 struct fib6_info
*iter
;
4023 if (rt
->fib6_nh
.nh_dev
== dev
)
4024 rt
->fib6_nh
.nh_flags
|= nh_flags
;
4025 list_for_each_entry(iter
, &rt
->fib6_siblings
, fib6_siblings
)
4026 if (iter
->fib6_nh
.nh_dev
== dev
)
4027 iter
->fib6_nh
.nh_flags
|= nh_flags
;
4030 /* called with write lock held for table with rt */
4031 static int fib6_ifdown(struct fib6_info
*rt
, void *p_arg
)
4033 const struct arg_netdev_event
*arg
= p_arg
;
4034 const struct net_device
*dev
= arg
->dev
;
4035 struct net
*net
= dev_net(dev
);
4037 if (rt
== net
->ipv6
.fib6_null_entry
)
4040 switch (arg
->event
) {
4041 case NETDEV_UNREGISTER
:
4042 return rt
->fib6_nh
.nh_dev
== dev
? -1 : 0;
4044 if (rt
->should_flush
)
4046 if (!rt
->fib6_nsiblings
)
4047 return rt
->fib6_nh
.nh_dev
== dev
? -1 : 0;
4048 if (rt6_multipath_uses_dev(rt
, dev
)) {
4051 count
= rt6_multipath_dead_count(rt
, dev
);
4052 if (rt
->fib6_nsiblings
+ 1 == count
) {
4053 rt6_multipath_flush(rt
);
4056 rt6_multipath_nh_flags_set(rt
, dev
, RTNH_F_DEAD
|
4058 fib6_update_sernum(net
, rt
);
4059 rt6_multipath_rebalance(rt
);
4063 if (rt
->fib6_nh
.nh_dev
!= dev
||
4064 rt
->fib6_flags
& (RTF_LOCAL
| RTF_ANYCAST
))
4066 rt
->fib6_nh
.nh_flags
|= RTNH_F_LINKDOWN
;
4067 rt6_multipath_rebalance(rt
);
4074 void rt6_sync_down_dev(struct net_device
*dev
, unsigned long event
)
4076 struct arg_netdev_event arg
= {
4083 fib6_clean_all(dev_net(dev
), fib6_ifdown
, &arg
);
4086 void rt6_disable_ip(struct net_device
*dev
, unsigned long event
)
4088 rt6_sync_down_dev(dev
, event
);
4089 rt6_uncached_list_flush_dev(dev_net(dev
), dev
);
4090 neigh_ifdown(&nd_tbl
, dev
);
4093 struct rt6_mtu_change_arg
{
4094 struct net_device
*dev
;
4098 static int rt6_mtu_change_route(struct fib6_info
*rt
, void *p_arg
)
4100 struct rt6_mtu_change_arg
*arg
= (struct rt6_mtu_change_arg
*) p_arg
;
4101 struct inet6_dev
*idev
;
4103 /* In IPv6 pmtu discovery is not optional,
4104 so that RTAX_MTU lock cannot disable it.
4105 We still use this lock to block changes
4106 caused by addrconf/ndisc.
4109 idev
= __in6_dev_get(arg
->dev
);
4113 /* For administrative MTU increase, there is no way to discover
4114 IPv6 PMTU increase, so PMTU increase should be updated here.
4115 Since RFC 1981 doesn't include administrative MTU increase
4116 update PMTU increase is a MUST. (i.e. jumbo frame)
4118 if (rt
->fib6_nh
.nh_dev
== arg
->dev
&&
4119 !fib6_metric_locked(rt
, RTAX_MTU
)) {
4120 u32 mtu
= rt
->fib6_pmtu
;
4122 if (mtu
>= arg
->mtu
||
4123 (mtu
< arg
->mtu
&& mtu
== idev
->cnf
.mtu6
))
4124 fib6_metric_set(rt
, RTAX_MTU
, arg
->mtu
);
4126 spin_lock_bh(&rt6_exception_lock
);
4127 rt6_exceptions_update_pmtu(idev
, rt
, arg
->mtu
);
4128 spin_unlock_bh(&rt6_exception_lock
);
4133 void rt6_mtu_change(struct net_device
*dev
, unsigned int mtu
)
4135 struct rt6_mtu_change_arg arg
= {
4140 fib6_clean_all(dev_net(dev
), rt6_mtu_change_route
, &arg
);
4143 static const struct nla_policy rtm_ipv6_policy
[RTA_MAX
+1] = {
4144 [RTA_GATEWAY
] = { .len
= sizeof(struct in6_addr
) },
4145 [RTA_PREFSRC
] = { .len
= sizeof(struct in6_addr
) },
4146 [RTA_OIF
] = { .type
= NLA_U32
},
4147 [RTA_IIF
] = { .type
= NLA_U32
},
4148 [RTA_PRIORITY
] = { .type
= NLA_U32
},
4149 [RTA_METRICS
] = { .type
= NLA_NESTED
},
4150 [RTA_MULTIPATH
] = { .len
= sizeof(struct rtnexthop
) },
4151 [RTA_PREF
] = { .type
= NLA_U8
},
4152 [RTA_ENCAP_TYPE
] = { .type
= NLA_U16
},
4153 [RTA_ENCAP
] = { .type
= NLA_NESTED
},
4154 [RTA_EXPIRES
] = { .type
= NLA_U32
},
4155 [RTA_UID
] = { .type
= NLA_U32
},
4156 [RTA_MARK
] = { .type
= NLA_U32
},
4157 [RTA_TABLE
] = { .type
= NLA_U32
},
4158 [RTA_IP_PROTO
] = { .type
= NLA_U8
},
4159 [RTA_SPORT
] = { .type
= NLA_U16
},
4160 [RTA_DPORT
] = { .type
= NLA_U16
},
4163 static int rtm_to_fib6_config(struct sk_buff
*skb
, struct nlmsghdr
*nlh
,
4164 struct fib6_config
*cfg
,
4165 struct netlink_ext_ack
*extack
)
4168 struct nlattr
*tb
[RTA_MAX
+1];
4172 err
= nlmsg_parse(nlh
, sizeof(*rtm
), tb
, RTA_MAX
, rtm_ipv6_policy
,
4178 rtm
= nlmsg_data(nlh
);
4179 memset(cfg
, 0, sizeof(*cfg
));
4181 cfg
->fc_table
= rtm
->rtm_table
;
4182 cfg
->fc_dst_len
= rtm
->rtm_dst_len
;
4183 cfg
->fc_src_len
= rtm
->rtm_src_len
;
4184 cfg
->fc_flags
= RTF_UP
;
4185 cfg
->fc_protocol
= rtm
->rtm_protocol
;
4186 cfg
->fc_type
= rtm
->rtm_type
;
4188 if (rtm
->rtm_type
== RTN_UNREACHABLE
||
4189 rtm
->rtm_type
== RTN_BLACKHOLE
||
4190 rtm
->rtm_type
== RTN_PROHIBIT
||
4191 rtm
->rtm_type
== RTN_THROW
)
4192 cfg
->fc_flags
|= RTF_REJECT
;
4194 if (rtm
->rtm_type
== RTN_LOCAL
)
4195 cfg
->fc_flags
|= RTF_LOCAL
;
4197 if (rtm
->rtm_flags
& RTM_F_CLONED
)
4198 cfg
->fc_flags
|= RTF_CACHE
;
4200 cfg
->fc_flags
|= (rtm
->rtm_flags
& RTNH_F_ONLINK
);
4202 cfg
->fc_nlinfo
.portid
= NETLINK_CB(skb
).portid
;
4203 cfg
->fc_nlinfo
.nlh
= nlh
;
4204 cfg
->fc_nlinfo
.nl_net
= sock_net(skb
->sk
);
4206 if (tb
[RTA_GATEWAY
]) {
4207 cfg
->fc_gateway
= nla_get_in6_addr(tb
[RTA_GATEWAY
]);
4208 cfg
->fc_flags
|= RTF_GATEWAY
;
4212 int plen
= (rtm
->rtm_dst_len
+ 7) >> 3;
4214 if (nla_len(tb
[RTA_DST
]) < plen
)
4217 nla_memcpy(&cfg
->fc_dst
, tb
[RTA_DST
], plen
);
4221 int plen
= (rtm
->rtm_src_len
+ 7) >> 3;
4223 if (nla_len(tb
[RTA_SRC
]) < plen
)
4226 nla_memcpy(&cfg
->fc_src
, tb
[RTA_SRC
], plen
);
4229 if (tb
[RTA_PREFSRC
])
4230 cfg
->fc_prefsrc
= nla_get_in6_addr(tb
[RTA_PREFSRC
]);
4233 cfg
->fc_ifindex
= nla_get_u32(tb
[RTA_OIF
]);
4235 if (tb
[RTA_PRIORITY
])
4236 cfg
->fc_metric
= nla_get_u32(tb
[RTA_PRIORITY
]);
4238 if (tb
[RTA_METRICS
]) {
4239 cfg
->fc_mx
= nla_data(tb
[RTA_METRICS
]);
4240 cfg
->fc_mx_len
= nla_len(tb
[RTA_METRICS
]);
4244 cfg
->fc_table
= nla_get_u32(tb
[RTA_TABLE
]);
4246 if (tb
[RTA_MULTIPATH
]) {
4247 cfg
->fc_mp
= nla_data(tb
[RTA_MULTIPATH
]);
4248 cfg
->fc_mp_len
= nla_len(tb
[RTA_MULTIPATH
]);
4250 err
= lwtunnel_valid_encap_type_attr(cfg
->fc_mp
,
4251 cfg
->fc_mp_len
, extack
);
4257 pref
= nla_get_u8(tb
[RTA_PREF
]);
4258 if (pref
!= ICMPV6_ROUTER_PREF_LOW
&&
4259 pref
!= ICMPV6_ROUTER_PREF_HIGH
)
4260 pref
= ICMPV6_ROUTER_PREF_MEDIUM
;
4261 cfg
->fc_flags
|= RTF_PREF(pref
);
4265 cfg
->fc_encap
= tb
[RTA_ENCAP
];
4267 if (tb
[RTA_ENCAP_TYPE
]) {
4268 cfg
->fc_encap_type
= nla_get_u16(tb
[RTA_ENCAP_TYPE
]);
4270 err
= lwtunnel_valid_encap_type(cfg
->fc_encap_type
, extack
);
4275 if (tb
[RTA_EXPIRES
]) {
4276 unsigned long timeout
= addrconf_timeout_fixup(nla_get_u32(tb
[RTA_EXPIRES
]), HZ
);
4278 if (addrconf_finite_timeout(timeout
)) {
4279 cfg
->fc_expires
= jiffies_to_clock_t(timeout
* HZ
);
4280 cfg
->fc_flags
|= RTF_EXPIRES
;
4290 struct fib6_info
*fib6_info
;
4291 struct fib6_config r_cfg
;
4292 struct list_head next
;
4295 static void ip6_print_replace_route_err(struct list_head
*rt6_nh_list
)
4299 list_for_each_entry(nh
, rt6_nh_list
, next
) {
4300 pr_warn("IPV6: multipath route replace failed (check consistency of installed routes): %pI6c nexthop %pI6c ifi %d\n",
4301 &nh
->r_cfg
.fc_dst
, &nh
->r_cfg
.fc_gateway
,
4302 nh
->r_cfg
.fc_ifindex
);
4306 static int ip6_route_info_append(struct net
*net
,
4307 struct list_head
*rt6_nh_list
,
4308 struct fib6_info
*rt
,
4309 struct fib6_config
*r_cfg
)
4314 list_for_each_entry(nh
, rt6_nh_list
, next
) {
4315 /* check if fib6_info already exists */
4316 if (rt6_duplicate_nexthop(nh
->fib6_info
, rt
))
4320 nh
= kzalloc(sizeof(*nh
), GFP_KERNEL
);
4324 err
= ip6_convert_metrics(net
, rt
, r_cfg
);
4329 memcpy(&nh
->r_cfg
, r_cfg
, sizeof(*r_cfg
));
4330 list_add_tail(&nh
->next
, rt6_nh_list
);
4335 static void ip6_route_mpath_notify(struct fib6_info
*rt
,
4336 struct fib6_info
*rt_last
,
4337 struct nl_info
*info
,
4340 /* if this is an APPEND route, then rt points to the first route
4341 * inserted and rt_last points to last route inserted. Userspace
4342 * wants a consistent dump of the route which starts at the first
4343 * nexthop. Since sibling routes are always added at the end of
4344 * the list, find the first sibling of the last route appended
4346 if ((nlflags
& NLM_F_APPEND
) && rt_last
&& rt_last
->fib6_nsiblings
) {
4347 rt
= list_first_entry(&rt_last
->fib6_siblings
,
4353 inet6_rt_notify(RTM_NEWROUTE
, rt
, info
, nlflags
);
4356 static int ip6_route_multipath_add(struct fib6_config
*cfg
,
4357 struct netlink_ext_ack
*extack
)
4359 struct fib6_info
*rt_notif
= NULL
, *rt_last
= NULL
;
4360 struct nl_info
*info
= &cfg
->fc_nlinfo
;
4361 struct fib6_config r_cfg
;
4362 struct rtnexthop
*rtnh
;
4363 struct fib6_info
*rt
;
4364 struct rt6_nh
*err_nh
;
4365 struct rt6_nh
*nh
, *nh_safe
;
4371 int replace
= (cfg
->fc_nlinfo
.nlh
&&
4372 (cfg
->fc_nlinfo
.nlh
->nlmsg_flags
& NLM_F_REPLACE
));
4373 LIST_HEAD(rt6_nh_list
);
4375 nlflags
= replace
? NLM_F_REPLACE
: NLM_F_CREATE
;
4376 if (info
->nlh
&& info
->nlh
->nlmsg_flags
& NLM_F_APPEND
)
4377 nlflags
|= NLM_F_APPEND
;
4379 remaining
= cfg
->fc_mp_len
;
4380 rtnh
= (struct rtnexthop
*)cfg
->fc_mp
;
4382 /* Parse a Multipath Entry and build a list (rt6_nh_list) of
4383 * fib6_info structs per nexthop
4385 while (rtnh_ok(rtnh
, remaining
)) {
4386 memcpy(&r_cfg
, cfg
, sizeof(*cfg
));
4387 if (rtnh
->rtnh_ifindex
)
4388 r_cfg
.fc_ifindex
= rtnh
->rtnh_ifindex
;
4390 attrlen
= rtnh_attrlen(rtnh
);
4392 struct nlattr
*nla
, *attrs
= rtnh_attrs(rtnh
);
4394 nla
= nla_find(attrs
, attrlen
, RTA_GATEWAY
);
4396 r_cfg
.fc_gateway
= nla_get_in6_addr(nla
);
4397 r_cfg
.fc_flags
|= RTF_GATEWAY
;
4399 r_cfg
.fc_encap
= nla_find(attrs
, attrlen
, RTA_ENCAP
);
4400 nla
= nla_find(attrs
, attrlen
, RTA_ENCAP_TYPE
);
4402 r_cfg
.fc_encap_type
= nla_get_u16(nla
);
4405 r_cfg
.fc_flags
|= (rtnh
->rtnh_flags
& RTNH_F_ONLINK
);
4406 rt
= ip6_route_info_create(&r_cfg
, GFP_KERNEL
, extack
);
4412 if (!rt6_qualify_for_ecmp(rt
)) {
4414 NL_SET_ERR_MSG(extack
,
4415 "Device only routes can not be added for IPv6 using the multipath API.");
4416 fib6_info_release(rt
);
4420 rt
->fib6_nh
.nh_weight
= rtnh
->rtnh_hops
+ 1;
4422 err
= ip6_route_info_append(info
->nl_net
, &rt6_nh_list
,
4425 fib6_info_release(rt
);
4429 rtnh
= rtnh_next(rtnh
, &remaining
);
4432 /* for add and replace send one notification with all nexthops.
4433 * Skip the notification in fib6_add_rt2node and send one with
4434 * the full route when done
4436 info
->skip_notify
= 1;
4439 list_for_each_entry(nh
, &rt6_nh_list
, next
) {
4440 err
= __ip6_ins_rt(nh
->fib6_info
, info
, extack
);
4441 fib6_info_release(nh
->fib6_info
);
4444 /* save reference to last route successfully inserted */
4445 rt_last
= nh
->fib6_info
;
4447 /* save reference to first route for notification */
4449 rt_notif
= nh
->fib6_info
;
4452 /* nh->fib6_info is used or freed at this point, reset to NULL*/
4453 nh
->fib6_info
= NULL
;
4456 ip6_print_replace_route_err(&rt6_nh_list
);
4461 /* Because each route is added like a single route we remove
4462 * these flags after the first nexthop: if there is a collision,
4463 * we have already failed to add the first nexthop:
4464 * fib6_add_rt2node() has rejected it; when replacing, old
4465 * nexthops have been replaced by first new, the rest should
4468 cfg
->fc_nlinfo
.nlh
->nlmsg_flags
&= ~(NLM_F_EXCL
|
4473 /* success ... tell user about new route */
4474 ip6_route_mpath_notify(rt_notif
, rt_last
, info
, nlflags
);
4478 /* send notification for routes that were added so that
4479 * the delete notifications sent by ip6_route_del are
4483 ip6_route_mpath_notify(rt_notif
, rt_last
, info
, nlflags
);
4485 /* Delete routes that were already added */
4486 list_for_each_entry(nh
, &rt6_nh_list
, next
) {
4489 ip6_route_del(&nh
->r_cfg
, extack
);
4493 list_for_each_entry_safe(nh
, nh_safe
, &rt6_nh_list
, next
) {
4495 fib6_info_release(nh
->fib6_info
);
4496 list_del(&nh
->next
);
4503 static int ip6_route_multipath_del(struct fib6_config
*cfg
,
4504 struct netlink_ext_ack
*extack
)
4506 struct fib6_config r_cfg
;
4507 struct rtnexthop
*rtnh
;
4510 int err
= 1, last_err
= 0;
4512 remaining
= cfg
->fc_mp_len
;
4513 rtnh
= (struct rtnexthop
*)cfg
->fc_mp
;
4515 /* Parse a Multipath Entry */
4516 while (rtnh_ok(rtnh
, remaining
)) {
4517 memcpy(&r_cfg
, cfg
, sizeof(*cfg
));
4518 if (rtnh
->rtnh_ifindex
)
4519 r_cfg
.fc_ifindex
= rtnh
->rtnh_ifindex
;
4521 attrlen
= rtnh_attrlen(rtnh
);
4523 struct nlattr
*nla
, *attrs
= rtnh_attrs(rtnh
);
4525 nla
= nla_find(attrs
, attrlen
, RTA_GATEWAY
);
4527 nla_memcpy(&r_cfg
.fc_gateway
, nla
, 16);
4528 r_cfg
.fc_flags
|= RTF_GATEWAY
;
4531 err
= ip6_route_del(&r_cfg
, extack
);
4535 rtnh
= rtnh_next(rtnh
, &remaining
);
4541 static int inet6_rtm_delroute(struct sk_buff
*skb
, struct nlmsghdr
*nlh
,
4542 struct netlink_ext_ack
*extack
)
4544 struct fib6_config cfg
;
4547 err
= rtm_to_fib6_config(skb
, nlh
, &cfg
, extack
);
4552 return ip6_route_multipath_del(&cfg
, extack
);
4554 cfg
.fc_delete_all_nh
= 1;
4555 return ip6_route_del(&cfg
, extack
);
4559 static int inet6_rtm_newroute(struct sk_buff
*skb
, struct nlmsghdr
*nlh
,
4560 struct netlink_ext_ack
*extack
)
4562 struct fib6_config cfg
;
4565 err
= rtm_to_fib6_config(skb
, nlh
, &cfg
, extack
);
4570 return ip6_route_multipath_add(&cfg
, extack
);
4572 return ip6_route_add(&cfg
, GFP_KERNEL
, extack
);
4575 static size_t rt6_nlmsg_size(struct fib6_info
*rt
)
4577 int nexthop_len
= 0;
4579 if (rt
->fib6_nsiblings
) {
4580 nexthop_len
= nla_total_size(0) /* RTA_MULTIPATH */
4581 + NLA_ALIGN(sizeof(struct rtnexthop
))
4582 + nla_total_size(16) /* RTA_GATEWAY */
4583 + lwtunnel_get_encap_size(rt
->fib6_nh
.nh_lwtstate
);
4585 nexthop_len
*= rt
->fib6_nsiblings
;
4588 return NLMSG_ALIGN(sizeof(struct rtmsg
))
4589 + nla_total_size(16) /* RTA_SRC */
4590 + nla_total_size(16) /* RTA_DST */
4591 + nla_total_size(16) /* RTA_GATEWAY */
4592 + nla_total_size(16) /* RTA_PREFSRC */
4593 + nla_total_size(4) /* RTA_TABLE */
4594 + nla_total_size(4) /* RTA_IIF */
4595 + nla_total_size(4) /* RTA_OIF */
4596 + nla_total_size(4) /* RTA_PRIORITY */
4597 + RTAX_MAX
* nla_total_size(4) /* RTA_METRICS */
4598 + nla_total_size(sizeof(struct rta_cacheinfo
))
4599 + nla_total_size(TCP_CA_NAME_MAX
) /* RTAX_CC_ALGO */
4600 + nla_total_size(1) /* RTA_PREF */
4601 + lwtunnel_get_encap_size(rt
->fib6_nh
.nh_lwtstate
)
4605 static int rt6_nexthop_info(struct sk_buff
*skb
, struct fib6_info
*rt
,
4606 unsigned int *flags
, bool skip_oif
)
4608 if (rt
->fib6_nh
.nh_flags
& RTNH_F_DEAD
)
4609 *flags
|= RTNH_F_DEAD
;
4611 if (rt
->fib6_nh
.nh_flags
& RTNH_F_LINKDOWN
) {
4612 *flags
|= RTNH_F_LINKDOWN
;
4615 if (fib6_ignore_linkdown(rt
))
4616 *flags
|= RTNH_F_DEAD
;
4620 if (rt
->fib6_flags
& RTF_GATEWAY
) {
4621 if (nla_put_in6_addr(skb
, RTA_GATEWAY
, &rt
->fib6_nh
.nh_gw
) < 0)
4622 goto nla_put_failure
;
4625 *flags
|= (rt
->fib6_nh
.nh_flags
& RTNH_F_ONLINK
);
4626 if (rt
->fib6_nh
.nh_flags
& RTNH_F_OFFLOAD
)
4627 *flags
|= RTNH_F_OFFLOAD
;
4629 /* not needed for multipath encoding b/c it has a rtnexthop struct */
4630 if (!skip_oif
&& rt
->fib6_nh
.nh_dev
&&
4631 nla_put_u32(skb
, RTA_OIF
, rt
->fib6_nh
.nh_dev
->ifindex
))
4632 goto nla_put_failure
;
4634 if (rt
->fib6_nh
.nh_lwtstate
&&
4635 lwtunnel_fill_encap(skb
, rt
->fib6_nh
.nh_lwtstate
) < 0)
4636 goto nla_put_failure
;
4644 /* add multipath next hop */
4645 static int rt6_add_nexthop(struct sk_buff
*skb
, struct fib6_info
*rt
)
4647 const struct net_device
*dev
= rt
->fib6_nh
.nh_dev
;
4648 struct rtnexthop
*rtnh
;
4649 unsigned int flags
= 0;
4651 rtnh
= nla_reserve_nohdr(skb
, sizeof(*rtnh
));
4653 goto nla_put_failure
;
4655 rtnh
->rtnh_hops
= rt
->fib6_nh
.nh_weight
- 1;
4656 rtnh
->rtnh_ifindex
= dev
? dev
->ifindex
: 0;
4658 if (rt6_nexthop_info(skb
, rt
, &flags
, true) < 0)
4659 goto nla_put_failure
;
4661 rtnh
->rtnh_flags
= flags
;
4663 /* length of rtnetlink header + attributes */
4664 rtnh
->rtnh_len
= nlmsg_get_pos(skb
) - (void *)rtnh
;
4672 static int rt6_fill_node(struct net
*net
, struct sk_buff
*skb
,
4673 struct fib6_info
*rt
, struct dst_entry
*dst
,
4674 struct in6_addr
*dest
, struct in6_addr
*src
,
4675 int iif
, int type
, u32 portid
, u32 seq
,
4679 struct nlmsghdr
*nlh
;
4684 nlh
= nlmsg_put(skb
, portid
, seq
, type
, sizeof(*rtm
), flags
);
4688 rtm
= nlmsg_data(nlh
);
4689 rtm
->rtm_family
= AF_INET6
;
4690 rtm
->rtm_dst_len
= rt
->fib6_dst
.plen
;
4691 rtm
->rtm_src_len
= rt
->fib6_src
.plen
;
4694 table
= rt
->fib6_table
->tb6_id
;
4696 table
= RT6_TABLE_UNSPEC
;
4697 rtm
->rtm_table
= table
;
4698 if (nla_put_u32(skb
, RTA_TABLE
, table
))
4699 goto nla_put_failure
;
4701 rtm
->rtm_type
= rt
->fib6_type
;
4703 rtm
->rtm_scope
= RT_SCOPE_UNIVERSE
;
4704 rtm
->rtm_protocol
= rt
->fib6_protocol
;
4706 if (rt
->fib6_flags
& RTF_CACHE
)
4707 rtm
->rtm_flags
|= RTM_F_CLONED
;
4710 if (nla_put_in6_addr(skb
, RTA_DST
, dest
))
4711 goto nla_put_failure
;
4712 rtm
->rtm_dst_len
= 128;
4713 } else if (rtm
->rtm_dst_len
)
4714 if (nla_put_in6_addr(skb
, RTA_DST
, &rt
->fib6_dst
.addr
))
4715 goto nla_put_failure
;
4716 #ifdef CONFIG_IPV6_SUBTREES
4718 if (nla_put_in6_addr(skb
, RTA_SRC
, src
))
4719 goto nla_put_failure
;
4720 rtm
->rtm_src_len
= 128;
4721 } else if (rtm
->rtm_src_len
&&
4722 nla_put_in6_addr(skb
, RTA_SRC
, &rt
->fib6_src
.addr
))
4723 goto nla_put_failure
;
4726 #ifdef CONFIG_IPV6_MROUTE
4727 if (ipv6_addr_is_multicast(&rt
->fib6_dst
.addr
)) {
4728 int err
= ip6mr_get_route(net
, skb
, rtm
, portid
);
4733 goto nla_put_failure
;
4736 if (nla_put_u32(skb
, RTA_IIF
, iif
))
4737 goto nla_put_failure
;
4739 struct in6_addr saddr_buf
;
4740 if (ip6_route_get_saddr(net
, rt
, dest
, 0, &saddr_buf
) == 0 &&
4741 nla_put_in6_addr(skb
, RTA_PREFSRC
, &saddr_buf
))
4742 goto nla_put_failure
;
4745 if (rt
->fib6_prefsrc
.plen
) {
4746 struct in6_addr saddr_buf
;
4747 saddr_buf
= rt
->fib6_prefsrc
.addr
;
4748 if (nla_put_in6_addr(skb
, RTA_PREFSRC
, &saddr_buf
))
4749 goto nla_put_failure
;
4752 pmetrics
= dst
? dst_metrics_ptr(dst
) : rt
->fib6_metrics
->metrics
;
4753 if (rtnetlink_put_metrics(skb
, pmetrics
) < 0)
4754 goto nla_put_failure
;
4756 if (nla_put_u32(skb
, RTA_PRIORITY
, rt
->fib6_metric
))
4757 goto nla_put_failure
;
4759 /* For multipath routes, walk the siblings list and add
4760 * each as a nexthop within RTA_MULTIPATH.
4762 if (rt
->fib6_nsiblings
) {
4763 struct fib6_info
*sibling
, *next_sibling
;
4766 mp
= nla_nest_start(skb
, RTA_MULTIPATH
);
4768 goto nla_put_failure
;
4770 if (rt6_add_nexthop(skb
, rt
) < 0)
4771 goto nla_put_failure
;
4773 list_for_each_entry_safe(sibling
, next_sibling
,
4774 &rt
->fib6_siblings
, fib6_siblings
) {
4775 if (rt6_add_nexthop(skb
, sibling
) < 0)
4776 goto nla_put_failure
;
4779 nla_nest_end(skb
, mp
);
4781 if (rt6_nexthop_info(skb
, rt
, &rtm
->rtm_flags
, false) < 0)
4782 goto nla_put_failure
;
4785 if (rt
->fib6_flags
& RTF_EXPIRES
) {
4786 expires
= dst
? dst
->expires
: rt
->expires
;
4790 if (rtnl_put_cacheinfo(skb
, dst
, 0, expires
, dst
? dst
->error
: 0) < 0)
4791 goto nla_put_failure
;
4793 if (nla_put_u8(skb
, RTA_PREF
, IPV6_EXTRACT_PREF(rt
->fib6_flags
)))
4794 goto nla_put_failure
;
4797 nlmsg_end(skb
, nlh
);
4801 nlmsg_cancel(skb
, nlh
);
4805 int rt6_dump_route(struct fib6_info
*rt
, void *p_arg
)
4807 struct rt6_rtnl_dump_arg
*arg
= (struct rt6_rtnl_dump_arg
*) p_arg
;
4808 struct net
*net
= arg
->net
;
4810 if (rt
== net
->ipv6
.fib6_null_entry
)
4813 if (nlmsg_len(arg
->cb
->nlh
) >= sizeof(struct rtmsg
)) {
4814 struct rtmsg
*rtm
= nlmsg_data(arg
->cb
->nlh
);
4816 /* user wants prefix routes only */
4817 if (rtm
->rtm_flags
& RTM_F_PREFIX
&&
4818 !(rt
->fib6_flags
& RTF_PREFIX_RT
)) {
4819 /* success since this is not a prefix route */
4824 return rt6_fill_node(net
, arg
->skb
, rt
, NULL
, NULL
, NULL
, 0,
4825 RTM_NEWROUTE
, NETLINK_CB(arg
->cb
->skb
).portid
,
4826 arg
->cb
->nlh
->nlmsg_seq
, NLM_F_MULTI
);
4829 static int inet6_rtm_getroute(struct sk_buff
*in_skb
, struct nlmsghdr
*nlh
,
4830 struct netlink_ext_ack
*extack
)
4832 struct net
*net
= sock_net(in_skb
->sk
);
4833 struct nlattr
*tb
[RTA_MAX
+1];
4834 int err
, iif
= 0, oif
= 0;
4835 struct fib6_info
*from
;
4836 struct dst_entry
*dst
;
4837 struct rt6_info
*rt
;
4838 struct sk_buff
*skb
;
4843 err
= nlmsg_parse(nlh
, sizeof(*rtm
), tb
, RTA_MAX
, rtm_ipv6_policy
,
4849 memset(&fl6
, 0, sizeof(fl6
));
4850 rtm
= nlmsg_data(nlh
);
4851 fl6
.flowlabel
= ip6_make_flowinfo(rtm
->rtm_tos
, 0);
4852 fibmatch
= !!(rtm
->rtm_flags
& RTM_F_FIB_MATCH
);
4855 if (nla_len(tb
[RTA_SRC
]) < sizeof(struct in6_addr
))
4858 fl6
.saddr
= *(struct in6_addr
*)nla_data(tb
[RTA_SRC
]);
4862 if (nla_len(tb
[RTA_DST
]) < sizeof(struct in6_addr
))
4865 fl6
.daddr
= *(struct in6_addr
*)nla_data(tb
[RTA_DST
]);
4869 iif
= nla_get_u32(tb
[RTA_IIF
]);
4872 oif
= nla_get_u32(tb
[RTA_OIF
]);
4875 fl6
.flowi6_mark
= nla_get_u32(tb
[RTA_MARK
]);
4878 fl6
.flowi6_uid
= make_kuid(current_user_ns(),
4879 nla_get_u32(tb
[RTA_UID
]));
4881 fl6
.flowi6_uid
= iif
? INVALID_UID
: current_uid();
4884 fl6
.fl6_sport
= nla_get_be16(tb
[RTA_SPORT
]);
4887 fl6
.fl6_dport
= nla_get_be16(tb
[RTA_DPORT
]);
4889 if (tb
[RTA_IP_PROTO
]) {
4890 err
= rtm_getroute_parse_ip_proto(tb
[RTA_IP_PROTO
],
4891 &fl6
.flowi6_proto
, extack
);
4897 struct net_device
*dev
;
4902 dev
= dev_get_by_index_rcu(net
, iif
);
4909 fl6
.flowi6_iif
= iif
;
4911 if (!ipv6_addr_any(&fl6
.saddr
))
4912 flags
|= RT6_LOOKUP_F_HAS_SADDR
;
4914 dst
= ip6_route_input_lookup(net
, dev
, &fl6
, NULL
, flags
);
4918 fl6
.flowi6_oif
= oif
;
4920 dst
= ip6_route_output(net
, NULL
, &fl6
);
4924 rt
= container_of(dst
, struct rt6_info
, dst
);
4925 if (rt
->dst
.error
) {
4926 err
= rt
->dst
.error
;
4931 if (rt
== net
->ipv6
.ip6_null_entry
) {
4932 err
= rt
->dst
.error
;
4937 skb
= alloc_skb(NLMSG_GOODSIZE
, GFP_KERNEL
);
4944 skb_dst_set(skb
, &rt
->dst
);
4947 from
= rcu_dereference(rt
->from
);
4950 err
= rt6_fill_node(net
, skb
, from
, NULL
, NULL
, NULL
, iif
,
4951 RTM_NEWROUTE
, NETLINK_CB(in_skb
).portid
,
4954 err
= rt6_fill_node(net
, skb
, from
, dst
, &fl6
.daddr
,
4955 &fl6
.saddr
, iif
, RTM_NEWROUTE
,
4956 NETLINK_CB(in_skb
).portid
, nlh
->nlmsg_seq
,
4965 err
= rtnl_unicast(skb
, net
, NETLINK_CB(in_skb
).portid
);
4970 void inet6_rt_notify(int event
, struct fib6_info
*rt
, struct nl_info
*info
,
4971 unsigned int nlm_flags
)
4973 struct sk_buff
*skb
;
4974 struct net
*net
= info
->nl_net
;
4979 seq
= info
->nlh
? info
->nlh
->nlmsg_seq
: 0;
4981 skb
= nlmsg_new(rt6_nlmsg_size(rt
), gfp_any());
4985 err
= rt6_fill_node(net
, skb
, rt
, NULL
, NULL
, NULL
, 0,
4986 event
, info
->portid
, seq
, nlm_flags
);
4988 /* -EMSGSIZE implies BUG in rt6_nlmsg_size() */
4989 WARN_ON(err
== -EMSGSIZE
);
4993 rtnl_notify(skb
, net
, info
->portid
, RTNLGRP_IPV6_ROUTE
,
4994 info
->nlh
, gfp_any());
4998 rtnl_set_sk_err(net
, RTNLGRP_IPV6_ROUTE
, err
);
5001 static int ip6_route_dev_notify(struct notifier_block
*this,
5002 unsigned long event
, void *ptr
)
5004 struct net_device
*dev
= netdev_notifier_info_to_dev(ptr
);
5005 struct net
*net
= dev_net(dev
);
5007 if (!(dev
->flags
& IFF_LOOPBACK
))
5010 if (event
== NETDEV_REGISTER
) {
5011 net
->ipv6
.fib6_null_entry
->fib6_nh
.nh_dev
= dev
;
5012 net
->ipv6
.ip6_null_entry
->dst
.dev
= dev
;
5013 net
->ipv6
.ip6_null_entry
->rt6i_idev
= in6_dev_get(dev
);
5014 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
5015 net
->ipv6
.ip6_prohibit_entry
->dst
.dev
= dev
;
5016 net
->ipv6
.ip6_prohibit_entry
->rt6i_idev
= in6_dev_get(dev
);
5017 net
->ipv6
.ip6_blk_hole_entry
->dst
.dev
= dev
;
5018 net
->ipv6
.ip6_blk_hole_entry
->rt6i_idev
= in6_dev_get(dev
);
5020 } else if (event
== NETDEV_UNREGISTER
&&
5021 dev
->reg_state
!= NETREG_UNREGISTERED
) {
5022 /* NETDEV_UNREGISTER could be fired for multiple times by
5023 * netdev_wait_allrefs(). Make sure we only call this once.
5025 in6_dev_put_clear(&net
->ipv6
.ip6_null_entry
->rt6i_idev
);
5026 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
5027 in6_dev_put_clear(&net
->ipv6
.ip6_prohibit_entry
->rt6i_idev
);
5028 in6_dev_put_clear(&net
->ipv6
.ip6_blk_hole_entry
->rt6i_idev
);
5039 #ifdef CONFIG_PROC_FS
5040 static int rt6_stats_seq_show(struct seq_file
*seq
, void *v
)
5042 struct net
*net
= (struct net
*)seq
->private;
5043 seq_printf(seq
, "%04x %04x %04x %04x %04x %04x %04x\n",
5044 net
->ipv6
.rt6_stats
->fib_nodes
,
5045 net
->ipv6
.rt6_stats
->fib_route_nodes
,
5046 atomic_read(&net
->ipv6
.rt6_stats
->fib_rt_alloc
),
5047 net
->ipv6
.rt6_stats
->fib_rt_entries
,
5048 net
->ipv6
.rt6_stats
->fib_rt_cache
,
5049 dst_entries_get_slow(&net
->ipv6
.ip6_dst_ops
),
5050 net
->ipv6
.rt6_stats
->fib_discarded_routes
);
5054 #endif /* CONFIG_PROC_FS */
5056 #ifdef CONFIG_SYSCTL
5059 int ipv6_sysctl_rtcache_flush(struct ctl_table
*ctl
, int write
,
5060 void __user
*buffer
, size_t *lenp
, loff_t
*ppos
)
5067 net
= (struct net
*)ctl
->extra1
;
5068 delay
= net
->ipv6
.sysctl
.flush_delay
;
5069 proc_dointvec(ctl
, write
, buffer
, lenp
, ppos
);
5070 fib6_run_gc(delay
<= 0 ? 0 : (unsigned long)delay
, net
, delay
> 0);
5074 struct ctl_table ipv6_route_table_template
[] = {
5076 .procname
= "flush",
5077 .data
= &init_net
.ipv6
.sysctl
.flush_delay
,
5078 .maxlen
= sizeof(int),
5080 .proc_handler
= ipv6_sysctl_rtcache_flush
5083 .procname
= "gc_thresh",
5084 .data
= &ip6_dst_ops_template
.gc_thresh
,
5085 .maxlen
= sizeof(int),
5087 .proc_handler
= proc_dointvec
,
5090 .procname
= "max_size",
5091 .data
= &init_net
.ipv6
.sysctl
.ip6_rt_max_size
,
5092 .maxlen
= sizeof(int),
5094 .proc_handler
= proc_dointvec
,
5097 .procname
= "gc_min_interval",
5098 .data
= &init_net
.ipv6
.sysctl
.ip6_rt_gc_min_interval
,
5099 .maxlen
= sizeof(int),
5101 .proc_handler
= proc_dointvec_jiffies
,
5104 .procname
= "gc_timeout",
5105 .data
= &init_net
.ipv6
.sysctl
.ip6_rt_gc_timeout
,
5106 .maxlen
= sizeof(int),
5108 .proc_handler
= proc_dointvec_jiffies
,
5111 .procname
= "gc_interval",
5112 .data
= &init_net
.ipv6
.sysctl
.ip6_rt_gc_interval
,
5113 .maxlen
= sizeof(int),
5115 .proc_handler
= proc_dointvec_jiffies
,
5118 .procname
= "gc_elasticity",
5119 .data
= &init_net
.ipv6
.sysctl
.ip6_rt_gc_elasticity
,
5120 .maxlen
= sizeof(int),
5122 .proc_handler
= proc_dointvec
,
5125 .procname
= "mtu_expires",
5126 .data
= &init_net
.ipv6
.sysctl
.ip6_rt_mtu_expires
,
5127 .maxlen
= sizeof(int),
5129 .proc_handler
= proc_dointvec_jiffies
,
5132 .procname
= "min_adv_mss",
5133 .data
= &init_net
.ipv6
.sysctl
.ip6_rt_min_advmss
,
5134 .maxlen
= sizeof(int),
5136 .proc_handler
= proc_dointvec
,
5139 .procname
= "gc_min_interval_ms",
5140 .data
= &init_net
.ipv6
.sysctl
.ip6_rt_gc_min_interval
,
5141 .maxlen
= sizeof(int),
5143 .proc_handler
= proc_dointvec_ms_jiffies
,
5148 struct ctl_table
* __net_init
ipv6_route_sysctl_init(struct net
*net
)
5150 struct ctl_table
*table
;
5152 table
= kmemdup(ipv6_route_table_template
,
5153 sizeof(ipv6_route_table_template
),
5157 table
[0].data
= &net
->ipv6
.sysctl
.flush_delay
;
5158 table
[0].extra1
= net
;
5159 table
[1].data
= &net
->ipv6
.ip6_dst_ops
.gc_thresh
;
5160 table
[2].data
= &net
->ipv6
.sysctl
.ip6_rt_max_size
;
5161 table
[3].data
= &net
->ipv6
.sysctl
.ip6_rt_gc_min_interval
;
5162 table
[4].data
= &net
->ipv6
.sysctl
.ip6_rt_gc_timeout
;
5163 table
[5].data
= &net
->ipv6
.sysctl
.ip6_rt_gc_interval
;
5164 table
[6].data
= &net
->ipv6
.sysctl
.ip6_rt_gc_elasticity
;
5165 table
[7].data
= &net
->ipv6
.sysctl
.ip6_rt_mtu_expires
;
5166 table
[8].data
= &net
->ipv6
.sysctl
.ip6_rt_min_advmss
;
5167 table
[9].data
= &net
->ipv6
.sysctl
.ip6_rt_gc_min_interval
;
5169 /* Don't export sysctls to unprivileged users */
5170 if (net
->user_ns
!= &init_user_ns
)
5171 table
[0].procname
= NULL
;
5178 static int __net_init
ip6_route_net_init(struct net
*net
)
5182 memcpy(&net
->ipv6
.ip6_dst_ops
, &ip6_dst_ops_template
,
5183 sizeof(net
->ipv6
.ip6_dst_ops
));
5185 if (dst_entries_init(&net
->ipv6
.ip6_dst_ops
) < 0)
5186 goto out_ip6_dst_ops
;
5188 net
->ipv6
.fib6_null_entry
= kmemdup(&fib6_null_entry_template
,
5189 sizeof(*net
->ipv6
.fib6_null_entry
),
5191 if (!net
->ipv6
.fib6_null_entry
)
5192 goto out_ip6_dst_entries
;
5194 net
->ipv6
.ip6_null_entry
= kmemdup(&ip6_null_entry_template
,
5195 sizeof(*net
->ipv6
.ip6_null_entry
),
5197 if (!net
->ipv6
.ip6_null_entry
)
5198 goto out_fib6_null_entry
;
5199 net
->ipv6
.ip6_null_entry
->dst
.ops
= &net
->ipv6
.ip6_dst_ops
;
5200 dst_init_metrics(&net
->ipv6
.ip6_null_entry
->dst
,
5201 ip6_template_metrics
, true);
5203 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
5204 net
->ipv6
.fib6_has_custom_rules
= false;
5205 net
->ipv6
.ip6_prohibit_entry
= kmemdup(&ip6_prohibit_entry_template
,
5206 sizeof(*net
->ipv6
.ip6_prohibit_entry
),
5208 if (!net
->ipv6
.ip6_prohibit_entry
)
5209 goto out_ip6_null_entry
;
5210 net
->ipv6
.ip6_prohibit_entry
->dst
.ops
= &net
->ipv6
.ip6_dst_ops
;
5211 dst_init_metrics(&net
->ipv6
.ip6_prohibit_entry
->dst
,
5212 ip6_template_metrics
, true);
5214 net
->ipv6
.ip6_blk_hole_entry
= kmemdup(&ip6_blk_hole_entry_template
,
5215 sizeof(*net
->ipv6
.ip6_blk_hole_entry
),
5217 if (!net
->ipv6
.ip6_blk_hole_entry
)
5218 goto out_ip6_prohibit_entry
;
5219 net
->ipv6
.ip6_blk_hole_entry
->dst
.ops
= &net
->ipv6
.ip6_dst_ops
;
5220 dst_init_metrics(&net
->ipv6
.ip6_blk_hole_entry
->dst
,
5221 ip6_template_metrics
, true);
5224 net
->ipv6
.sysctl
.flush_delay
= 0;
5225 net
->ipv6
.sysctl
.ip6_rt_max_size
= 4096;
5226 net
->ipv6
.sysctl
.ip6_rt_gc_min_interval
= HZ
/ 2;
5227 net
->ipv6
.sysctl
.ip6_rt_gc_timeout
= 60*HZ
;
5228 net
->ipv6
.sysctl
.ip6_rt_gc_interval
= 30*HZ
;
5229 net
->ipv6
.sysctl
.ip6_rt_gc_elasticity
= 9;
5230 net
->ipv6
.sysctl
.ip6_rt_mtu_expires
= 10*60*HZ
;
5231 net
->ipv6
.sysctl
.ip6_rt_min_advmss
= IPV6_MIN_MTU
- 20 - 40;
5233 net
->ipv6
.ip6_rt_gc_expire
= 30*HZ
;
5239 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
5240 out_ip6_prohibit_entry
:
5241 kfree(net
->ipv6
.ip6_prohibit_entry
);
5243 kfree(net
->ipv6
.ip6_null_entry
);
5245 out_fib6_null_entry
:
5246 kfree(net
->ipv6
.fib6_null_entry
);
5247 out_ip6_dst_entries
:
5248 dst_entries_destroy(&net
->ipv6
.ip6_dst_ops
);
5253 static void __net_exit
ip6_route_net_exit(struct net
*net
)
5255 kfree(net
->ipv6
.fib6_null_entry
);
5256 kfree(net
->ipv6
.ip6_null_entry
);
5257 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
5258 kfree(net
->ipv6
.ip6_prohibit_entry
);
5259 kfree(net
->ipv6
.ip6_blk_hole_entry
);
5261 dst_entries_destroy(&net
->ipv6
.ip6_dst_ops
);
5264 static int __net_init
ip6_route_net_init_late(struct net
*net
)
5266 #ifdef CONFIG_PROC_FS
5267 proc_create_net("ipv6_route", 0, net
->proc_net
, &ipv6_route_seq_ops
,
5268 sizeof(struct ipv6_route_iter
));
5269 proc_create_net_single("rt6_stats", 0444, net
->proc_net
,
5270 rt6_stats_seq_show
, NULL
);
5275 static void __net_exit
ip6_route_net_exit_late(struct net
*net
)
5277 #ifdef CONFIG_PROC_FS
5278 remove_proc_entry("ipv6_route", net
->proc_net
);
5279 remove_proc_entry("rt6_stats", net
->proc_net
);
5283 static struct pernet_operations ip6_route_net_ops
= {
5284 .init
= ip6_route_net_init
,
5285 .exit
= ip6_route_net_exit
,
5288 static int __net_init
ipv6_inetpeer_init(struct net
*net
)
5290 struct inet_peer_base
*bp
= kmalloc(sizeof(*bp
), GFP_KERNEL
);
5294 inet_peer_base_init(bp
);
5295 net
->ipv6
.peers
= bp
;
5299 static void __net_exit
ipv6_inetpeer_exit(struct net
*net
)
5301 struct inet_peer_base
*bp
= net
->ipv6
.peers
;
5303 net
->ipv6
.peers
= NULL
;
5304 inetpeer_invalidate_tree(bp
);
5308 static struct pernet_operations ipv6_inetpeer_ops
= {
5309 .init
= ipv6_inetpeer_init
,
5310 .exit
= ipv6_inetpeer_exit
,
5313 static struct pernet_operations ip6_route_net_late_ops
= {
5314 .init
= ip6_route_net_init_late
,
5315 .exit
= ip6_route_net_exit_late
,
5318 static struct notifier_block ip6_route_dev_notifier
= {
5319 .notifier_call
= ip6_route_dev_notify
,
5320 .priority
= ADDRCONF_NOTIFY_PRIORITY
- 10,
5323 void __init
ip6_route_init_special_entries(void)
5325 /* Registering of the loopback is done before this portion of code,
5326 * the loopback reference in rt6_info will not be taken, do it
5327 * manually for init_net */
5328 init_net
.ipv6
.fib6_null_entry
->fib6_nh
.nh_dev
= init_net
.loopback_dev
;
5329 init_net
.ipv6
.ip6_null_entry
->dst
.dev
= init_net
.loopback_dev
;
5330 init_net
.ipv6
.ip6_null_entry
->rt6i_idev
= in6_dev_get(init_net
.loopback_dev
);
5331 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
5332 init_net
.ipv6
.ip6_prohibit_entry
->dst
.dev
= init_net
.loopback_dev
;
5333 init_net
.ipv6
.ip6_prohibit_entry
->rt6i_idev
= in6_dev_get(init_net
.loopback_dev
);
5334 init_net
.ipv6
.ip6_blk_hole_entry
->dst
.dev
= init_net
.loopback_dev
;
5335 init_net
.ipv6
.ip6_blk_hole_entry
->rt6i_idev
= in6_dev_get(init_net
.loopback_dev
);
5339 int __init
ip6_route_init(void)
5345 ip6_dst_ops_template
.kmem_cachep
=
5346 kmem_cache_create("ip6_dst_cache", sizeof(struct rt6_info
), 0,
5347 SLAB_HWCACHE_ALIGN
, NULL
);
5348 if (!ip6_dst_ops_template
.kmem_cachep
)
5351 ret
= dst_entries_init(&ip6_dst_blackhole_ops
);
5353 goto out_kmem_cache
;
5355 ret
= register_pernet_subsys(&ipv6_inetpeer_ops
);
5357 goto out_dst_entries
;
5359 ret
= register_pernet_subsys(&ip6_route_net_ops
);
5361 goto out_register_inetpeer
;
5363 ip6_dst_blackhole_ops
.kmem_cachep
= ip6_dst_ops_template
.kmem_cachep
;
5367 goto out_register_subsys
;
5373 ret
= fib6_rules_init();
5377 ret
= register_pernet_subsys(&ip6_route_net_late_ops
);
5379 goto fib6_rules_init
;
5381 ret
= rtnl_register_module(THIS_MODULE
, PF_INET6
, RTM_NEWROUTE
,
5382 inet6_rtm_newroute
, NULL
, 0);
5384 goto out_register_late_subsys
;
5386 ret
= rtnl_register_module(THIS_MODULE
, PF_INET6
, RTM_DELROUTE
,
5387 inet6_rtm_delroute
, NULL
, 0);
5389 goto out_register_late_subsys
;
5391 ret
= rtnl_register_module(THIS_MODULE
, PF_INET6
, RTM_GETROUTE
,
5392 inet6_rtm_getroute
, NULL
,
5393 RTNL_FLAG_DOIT_UNLOCKED
);
5395 goto out_register_late_subsys
;
5397 ret
= register_netdevice_notifier(&ip6_route_dev_notifier
);
5399 goto out_register_late_subsys
;
5401 for_each_possible_cpu(cpu
) {
5402 struct uncached_list
*ul
= per_cpu_ptr(&rt6_uncached_list
, cpu
);
5404 INIT_LIST_HEAD(&ul
->head
);
5405 spin_lock_init(&ul
->lock
);
5411 out_register_late_subsys
:
5412 rtnl_unregister_all(PF_INET6
);
5413 unregister_pernet_subsys(&ip6_route_net_late_ops
);
5415 fib6_rules_cleanup();
5420 out_register_subsys
:
5421 unregister_pernet_subsys(&ip6_route_net_ops
);
5422 out_register_inetpeer
:
5423 unregister_pernet_subsys(&ipv6_inetpeer_ops
);
5425 dst_entries_destroy(&ip6_dst_blackhole_ops
);
5427 kmem_cache_destroy(ip6_dst_ops_template
.kmem_cachep
);
5431 void ip6_route_cleanup(void)
5433 unregister_netdevice_notifier(&ip6_route_dev_notifier
);
5434 unregister_pernet_subsys(&ip6_route_net_late_ops
);
5435 fib6_rules_cleanup();
5438 unregister_pernet_subsys(&ipv6_inetpeer_ops
);
5439 unregister_pernet_subsys(&ip6_route_net_ops
);
5440 dst_entries_destroy(&ip6_dst_blackhole_ops
);
5441 kmem_cache_destroy(ip6_dst_ops_template
.kmem_cachep
);