1 // SPDX-License-Identifier: GPL-2.0-or-later
3 * Linux INET6 implementation
7 * Pedro Roque <roque@di.fc.ul.pt>
12 * YOSHIFUJI Hideaki @USAGI
13 * reworked default router selection.
14 * - respect outgoing interface
15 * - select from (probably) reachable routers (i.e.
16 * routers in REACHABLE, STALE, DELAY or PROBE states).
17 * - always select the same router if it is (probably)
18 * reachable. otherwise, round-robin the list.
20 * Fixed routing subtrees.
23 #define pr_fmt(fmt) "IPv6: " fmt
25 #include <linux/capability.h>
26 #include <linux/errno.h>
27 #include <linux/export.h>
28 #include <linux/types.h>
29 #include <linux/times.h>
30 #include <linux/socket.h>
31 #include <linux/sockios.h>
32 #include <linux/net.h>
33 #include <linux/route.h>
34 #include <linux/netdevice.h>
35 #include <linux/in6.h>
36 #include <linux/mroute6.h>
37 #include <linux/init.h>
38 #include <linux/if_arp.h>
39 #include <linux/proc_fs.h>
40 #include <linux/seq_file.h>
41 #include <linux/nsproxy.h>
42 #include <linux/slab.h>
43 #include <linux/jhash.h>
44 #include <net/net_namespace.h>
47 #include <net/ip6_fib.h>
48 #include <net/ip6_route.h>
49 #include <net/ndisc.h>
50 #include <net/addrconf.h>
52 #include <linux/rtnetlink.h>
54 #include <net/dst_metadata.h>
56 #include <net/netevent.h>
57 #include <net/netlink.h>
59 #include <net/lwtunnel.h>
60 #include <net/ip_tunnels.h>
61 #include <net/l3mdev.h>
63 #include <linux/uaccess.h>
66 #include <linux/sysctl.h>
69 static int ip6_rt_type_to_error(u8 fib6_type);
71 #define CREATE_TRACE_POINTS
72 #include <trace/events/fib6.h>
73 EXPORT_TRACEPOINT_SYMBOL_GPL(fib6_table_lookup);
74 #undef CREATE_TRACE_POINTS
77 RT6_NUD_FAIL_HARD = -3,
78 RT6_NUD_FAIL_PROBE = -2,
79 RT6_NUD_FAIL_DO_RR = -1,
83 static struct dst_entry *ip6_dst_check(struct dst_entry *dst, u32 cookie);
84 static unsigned int ip6_default_advmss(const struct dst_entry *dst);
85 static unsigned int ip6_mtu(const struct dst_entry *dst);
86 static struct dst_entry *ip6_negative_advice(struct dst_entry *);
87 static void ip6_dst_destroy(struct dst_entry *);
88 static void ip6_dst_ifdown(struct dst_entry *,
89 struct net_device *dev, int how);
90 static int ip6_dst_gc(struct dst_ops *ops);
92 static int ip6_pkt_discard(struct sk_buff *skb);
93 static int ip6_pkt_discard_out(struct net *net, struct sock *sk, struct sk_buff *skb);
94 static int ip6_pkt_prohibit(struct sk_buff *skb);
95 static int ip6_pkt_prohibit_out(struct net *net, struct sock *sk, struct sk_buff *skb);
96 static void ip6_link_failure(struct sk_buff *skb);
97 static void ip6_rt_update_pmtu(struct dst_entry *dst, struct sock *sk,
98 struct sk_buff *skb, u32 mtu);
99 static void rt6_do_redirect(struct dst_entry *dst, struct sock *sk,
100 struct sk_buff *skb);
101 static int rt6_score_route(const struct fib6_nh *nh, u32 fib6_flags, int oif,
103 static size_t rt6_nlmsg_size(struct fib6_info *rt);
104 static int rt6_fill_node(struct net *net, struct sk_buff *skb,
105 struct fib6_info *rt, struct dst_entry *dst,
106 struct in6_addr *dest, struct in6_addr *src,
107 int iif, int type, u32 portid, u32 seq,
109 static struct rt6_info *rt6_find_cached_rt(const struct fib6_result *res,
110 const struct in6_addr *daddr,
111 const struct in6_addr *saddr);
113 #ifdef CONFIG_IPV6_ROUTE_INFO
114 static struct fib6_info *rt6_add_route_info(struct net *net,
115 const struct in6_addr *prefix, int prefixlen,
116 const struct in6_addr *gwaddr,
117 struct net_device *dev,
119 static struct fib6_info *rt6_get_route_info(struct net *net,
120 const struct in6_addr *prefix, int prefixlen,
121 const struct in6_addr *gwaddr,
122 struct net_device *dev);
125 struct uncached_list {
127 struct list_head head;
130 static DEFINE_PER_CPU_ALIGNED(struct uncached_list, rt6_uncached_list);
132 void rt6_uncached_list_add(struct rt6_info *rt)
134 struct uncached_list *ul = raw_cpu_ptr(&rt6_uncached_list);
136 rt->rt6i_uncached_list = ul;
138 spin_lock_bh(&ul->lock);
139 list_add_tail(&rt->rt6i_uncached, &ul->head);
140 spin_unlock_bh(&ul->lock);
143 void rt6_uncached_list_del(struct rt6_info *rt)
145 if (!list_empty(&rt->rt6i_uncached)) {
146 struct uncached_list *ul = rt->rt6i_uncached_list;
147 struct net *net = dev_net(rt->dst.dev);
149 spin_lock_bh(&ul->lock);
150 list_del(&rt->rt6i_uncached);
151 atomic_dec(&net->ipv6.rt6_stats->fib_rt_uncache);
152 spin_unlock_bh(&ul->lock);
156 static void rt6_uncached_list_flush_dev(struct net *net, struct net_device *dev)
158 struct net_device *loopback_dev = net->loopback_dev;
161 if (dev == loopback_dev)
164 for_each_possible_cpu(cpu) {
165 struct uncached_list *ul = per_cpu_ptr(&rt6_uncached_list, cpu);
168 spin_lock_bh(&ul->lock);
169 list_for_each_entry(rt, &ul->head, rt6i_uncached) {
170 struct inet6_dev *rt_idev = rt->rt6i_idev;
171 struct net_device *rt_dev = rt->dst.dev;
173 if (rt_idev->dev == dev) {
174 rt->rt6i_idev = in6_dev_get(loopback_dev);
175 in6_dev_put(rt_idev);
179 rt->dst.dev = loopback_dev;
180 dev_hold(rt->dst.dev);
184 spin_unlock_bh(&ul->lock);
188 static inline const void *choose_neigh_daddr(const struct in6_addr *p,
192 if (!ipv6_addr_any(p))
193 return (const void *) p;
195 return &ipv6_hdr(skb)->daddr;
199 struct neighbour *ip6_neigh_lookup(const struct in6_addr *gw,
200 struct net_device *dev,
206 daddr = choose_neigh_daddr(gw, skb, daddr);
207 n = __ipv6_neigh_lookup(dev, daddr);
211 n = neigh_create(&nd_tbl, daddr, dev);
212 return IS_ERR(n) ? NULL : n;
215 static struct neighbour *ip6_dst_neigh_lookup(const struct dst_entry *dst,
219 const struct rt6_info *rt = container_of(dst, struct rt6_info, dst);
221 return ip6_neigh_lookup(&rt->rt6i_gateway, dst->dev, skb, daddr);
224 static void ip6_confirm_neigh(const struct dst_entry *dst, const void *daddr)
226 struct net_device *dev = dst->dev;
227 struct rt6_info *rt = (struct rt6_info *)dst;
229 daddr = choose_neigh_daddr(&rt->rt6i_gateway, NULL, daddr);
232 if (dev->flags & (IFF_NOARP | IFF_LOOPBACK))
234 if (ipv6_addr_is_multicast((const struct in6_addr *)daddr))
236 __ipv6_confirm_neigh(dev, daddr);
239 static struct dst_ops ip6_dst_ops_template = {
243 .check = ip6_dst_check,
244 .default_advmss = ip6_default_advmss,
246 .cow_metrics = dst_cow_metrics_generic,
247 .destroy = ip6_dst_destroy,
248 .ifdown = ip6_dst_ifdown,
249 .negative_advice = ip6_negative_advice,
250 .link_failure = ip6_link_failure,
251 .update_pmtu = ip6_rt_update_pmtu,
252 .redirect = rt6_do_redirect,
253 .local_out = __ip6_local_out,
254 .neigh_lookup = ip6_dst_neigh_lookup,
255 .confirm_neigh = ip6_confirm_neigh,
258 static unsigned int ip6_blackhole_mtu(const struct dst_entry *dst)
260 unsigned int mtu = dst_metric_raw(dst, RTAX_MTU);
262 return mtu ? : dst->dev->mtu;
265 static void ip6_rt_blackhole_update_pmtu(struct dst_entry *dst, struct sock *sk,
266 struct sk_buff *skb, u32 mtu)
270 static void ip6_rt_blackhole_redirect(struct dst_entry *dst, struct sock *sk,
275 static struct dst_ops ip6_dst_blackhole_ops = {
277 .destroy = ip6_dst_destroy,
278 .check = ip6_dst_check,
279 .mtu = ip6_blackhole_mtu,
280 .default_advmss = ip6_default_advmss,
281 .update_pmtu = ip6_rt_blackhole_update_pmtu,
282 .redirect = ip6_rt_blackhole_redirect,
283 .cow_metrics = dst_cow_metrics_generic,
284 .neigh_lookup = ip6_dst_neigh_lookup,
287 static const u32 ip6_template_metrics[RTAX_MAX] = {
288 [RTAX_HOPLIMIT - 1] = 0,
291 static const struct fib6_info fib6_null_entry_template = {
292 .fib6_flags = (RTF_REJECT | RTF_NONEXTHOP),
293 .fib6_protocol = RTPROT_KERNEL,
294 .fib6_metric = ~(u32)0,
295 .fib6_ref = REFCOUNT_INIT(1),
296 .fib6_type = RTN_UNREACHABLE,
297 .fib6_metrics = (struct dst_metrics *)&dst_default_metrics,
300 static const struct rt6_info ip6_null_entry_template = {
302 .__refcnt = ATOMIC_INIT(1),
304 .obsolete = DST_OBSOLETE_FORCE_CHK,
305 .error = -ENETUNREACH,
306 .input = ip6_pkt_discard,
307 .output = ip6_pkt_discard_out,
309 .rt6i_flags = (RTF_REJECT | RTF_NONEXTHOP),
312 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
314 static const struct rt6_info ip6_prohibit_entry_template = {
316 .__refcnt = ATOMIC_INIT(1),
318 .obsolete = DST_OBSOLETE_FORCE_CHK,
320 .input = ip6_pkt_prohibit,
321 .output = ip6_pkt_prohibit_out,
323 .rt6i_flags = (RTF_REJECT | RTF_NONEXTHOP),
326 static const struct rt6_info ip6_blk_hole_entry_template = {
328 .__refcnt = ATOMIC_INIT(1),
330 .obsolete = DST_OBSOLETE_FORCE_CHK,
332 .input = dst_discard,
333 .output = dst_discard_out,
335 .rt6i_flags = (RTF_REJECT | RTF_NONEXTHOP),
340 static void rt6_info_init(struct rt6_info *rt)
342 struct dst_entry *dst = &rt->dst;
344 memset(dst + 1, 0, sizeof(*rt) - sizeof(*dst));
345 INIT_LIST_HEAD(&rt->rt6i_uncached);
348 /* allocate dst with ip6_dst_ops */
349 struct rt6_info *ip6_dst_alloc(struct net *net, struct net_device *dev,
352 struct rt6_info *rt = dst_alloc(&net->ipv6.ip6_dst_ops, dev,
353 1, DST_OBSOLETE_FORCE_CHK, flags);
357 atomic_inc(&net->ipv6.rt6_stats->fib_rt_alloc);
362 EXPORT_SYMBOL(ip6_dst_alloc);
364 static void ip6_dst_destroy(struct dst_entry *dst)
366 struct rt6_info *rt = (struct rt6_info *)dst;
367 struct fib6_info *from;
368 struct inet6_dev *idev;
370 ip_dst_metrics_put(dst);
371 rt6_uncached_list_del(rt);
373 idev = rt->rt6i_idev;
375 rt->rt6i_idev = NULL;
379 from = xchg((__force struct fib6_info **)&rt->from, NULL);
380 fib6_info_release(from);
383 static void ip6_dst_ifdown(struct dst_entry *dst, struct net_device *dev,
386 struct rt6_info *rt = (struct rt6_info *)dst;
387 struct inet6_dev *idev = rt->rt6i_idev;
388 struct net_device *loopback_dev =
389 dev_net(dev)->loopback_dev;
391 if (idev && idev->dev != loopback_dev) {
392 struct inet6_dev *loopback_idev = in6_dev_get(loopback_dev);
394 rt->rt6i_idev = loopback_idev;
400 static bool __rt6_check_expired(const struct rt6_info *rt)
402 if (rt->rt6i_flags & RTF_EXPIRES)
403 return time_after(jiffies, rt->dst.expires);
408 static bool rt6_check_expired(const struct rt6_info *rt)
410 struct fib6_info *from;
412 from = rcu_dereference(rt->from);
414 if (rt->rt6i_flags & RTF_EXPIRES) {
415 if (time_after(jiffies, rt->dst.expires))
418 return rt->dst.obsolete != DST_OBSOLETE_FORCE_CHK ||
419 fib6_check_expired(from);
424 void fib6_select_path(const struct net *net, struct fib6_result *res,
425 struct flowi6 *fl6, int oif, bool have_oif_match,
426 const struct sk_buff *skb, int strict)
428 struct fib6_info *sibling, *next_sibling;
429 struct fib6_info *match = res->f6i;
431 if (!match->fib6_nsiblings || have_oif_match)
434 /* We might have already computed the hash for ICMPv6 errors. In such
435 * case it will always be non-zero. Otherwise now is the time to do it.
438 fl6->mp_hash = rt6_multipath_hash(net, fl6, skb, NULL);
440 if (fl6->mp_hash <= atomic_read(&match->fib6_nh.fib_nh_upper_bound))
443 list_for_each_entry_safe(sibling, next_sibling, &match->fib6_siblings,
445 const struct fib6_nh *nh = &sibling->fib6_nh;
448 nh_upper_bound = atomic_read(&nh->fib_nh_upper_bound);
449 if (fl6->mp_hash > nh_upper_bound)
451 if (rt6_score_route(nh, sibling->fib6_flags, oif, strict) < 0)
459 res->nh = &match->fib6_nh;
463 * Route lookup. rcu_read_lock() should be held.
466 static bool __rt6_device_match(struct net *net, const struct fib6_nh *nh,
467 const struct in6_addr *saddr, int oif, int flags)
469 const struct net_device *dev;
471 if (nh->fib_nh_flags & RTNH_F_DEAD)
474 dev = nh->fib_nh_dev;
476 if (dev->ifindex == oif)
479 if (ipv6_chk_addr(net, saddr, dev,
480 flags & RT6_LOOKUP_F_IFACE))
487 static void rt6_device_match(struct net *net, struct fib6_result *res,
488 const struct in6_addr *saddr, int oif, int flags)
490 struct fib6_info *f6i = res->f6i;
491 struct fib6_info *spf6i;
494 if (!oif && ipv6_addr_any(saddr)) {
496 if (!(nh->fib_nh_flags & RTNH_F_DEAD))
500 for (spf6i = f6i; spf6i; spf6i = rcu_dereference(spf6i->fib6_next)) {
501 nh = &spf6i->fib6_nh;
502 if (__rt6_device_match(net, nh, saddr, oif, flags)) {
508 if (oif && flags & RT6_LOOKUP_F_IFACE) {
509 res->f6i = net->ipv6.fib6_null_entry;
510 nh = &res->f6i->fib6_nh;
515 if (nh->fib_nh_flags & RTNH_F_DEAD) {
516 res->f6i = net->ipv6.fib6_null_entry;
517 nh = &res->f6i->fib6_nh;
521 res->fib6_type = res->f6i->fib6_type;
522 res->fib6_flags = res->f6i->fib6_flags;
525 #ifdef CONFIG_IPV6_ROUTER_PREF
526 struct __rt6_probe_work {
527 struct work_struct work;
528 struct in6_addr target;
529 struct net_device *dev;
532 static void rt6_probe_deferred(struct work_struct *w)
534 struct in6_addr mcaddr;
535 struct __rt6_probe_work *work =
536 container_of(w, struct __rt6_probe_work, work);
538 addrconf_addr_solict_mult(&work->target, &mcaddr);
539 ndisc_send_ns(work->dev, &work->target, &mcaddr, NULL, 0);
544 static void rt6_probe(struct fib6_nh *fib6_nh)
546 struct __rt6_probe_work *work = NULL;
547 const struct in6_addr *nh_gw;
548 struct neighbour *neigh;
549 struct net_device *dev;
550 struct inet6_dev *idev;
553 * Okay, this does not seem to be appropriate
554 * for now, however, we need to check if it
555 * is really so; aka Router Reachability Probing.
557 * Router Reachability Probe MUST be rate-limited
558 * to no more than one per minute.
560 if (fib6_nh->fib_nh_gw_family)
563 nh_gw = &fib6_nh->fib_nh_gw6;
564 dev = fib6_nh->fib_nh_dev;
566 idev = __in6_dev_get(dev);
567 neigh = __ipv6_neigh_lookup_noref(dev, nh_gw);
569 if (neigh->nud_state & NUD_VALID)
572 write_lock(&neigh->lock);
573 if (!(neigh->nud_state & NUD_VALID) &&
575 neigh->updated + idev->cnf.rtr_probe_interval)) {
576 work = kmalloc(sizeof(*work), GFP_ATOMIC);
578 __neigh_set_probe_once(neigh);
580 write_unlock(&neigh->lock);
581 } else if (time_after(jiffies, fib6_nh->last_probe +
582 idev->cnf.rtr_probe_interval)) {
583 work = kmalloc(sizeof(*work), GFP_ATOMIC);
587 fib6_nh->last_probe = jiffies;
588 INIT_WORK(&work->work, rt6_probe_deferred);
589 work->target = *nh_gw;
592 schedule_work(&work->work);
596 rcu_read_unlock_bh();
599 static inline void rt6_probe(struct fib6_nh *fib6_nh)
605 * Default Router Selection (RFC 2461 6.3.6)
607 static enum rt6_nud_state rt6_check_neigh(const struct fib6_nh *fib6_nh)
609 enum rt6_nud_state ret = RT6_NUD_FAIL_HARD;
610 struct neighbour *neigh;
613 neigh = __ipv6_neigh_lookup_noref(fib6_nh->fib_nh_dev,
614 &fib6_nh->fib_nh_gw6);
616 read_lock(&neigh->lock);
617 if (neigh->nud_state & NUD_VALID)
618 ret = RT6_NUD_SUCCEED;
619 #ifdef CONFIG_IPV6_ROUTER_PREF
620 else if (!(neigh->nud_state & NUD_FAILED))
621 ret = RT6_NUD_SUCCEED;
623 ret = RT6_NUD_FAIL_PROBE;
625 read_unlock(&neigh->lock);
627 ret = IS_ENABLED(CONFIG_IPV6_ROUTER_PREF) ?
628 RT6_NUD_SUCCEED : RT6_NUD_FAIL_DO_RR;
630 rcu_read_unlock_bh();
635 static int rt6_score_route(const struct fib6_nh *nh, u32 fib6_flags, int oif,
640 if (!oif || nh->fib_nh_dev->ifindex == oif)
643 if (!m && (strict & RT6_LOOKUP_F_IFACE))
644 return RT6_NUD_FAIL_HARD;
645 #ifdef CONFIG_IPV6_ROUTER_PREF
646 m |= IPV6_DECODE_PREF(IPV6_EXTRACT_PREF(fib6_flags)) << 2;
648 if ((strict & RT6_LOOKUP_F_REACHABLE) &&
649 !(fib6_flags & RTF_NONEXTHOP) && nh->fib_nh_gw_family) {
650 int n = rt6_check_neigh(nh);
657 static bool find_match(struct fib6_nh *nh, u32 fib6_flags,
658 int oif, int strict, int *mpri, bool *do_rr)
660 bool match_do_rr = false;
664 if (nh->fib_nh_flags & RTNH_F_DEAD)
667 if (ip6_ignore_linkdown(nh->fib_nh_dev) &&
668 nh->fib_nh_flags & RTNH_F_LINKDOWN &&
669 !(strict & RT6_LOOKUP_F_IGNORE_LINKSTATE))
672 m = rt6_score_route(nh, fib6_flags, oif, strict);
673 if (m == RT6_NUD_FAIL_DO_RR) {
675 m = 0; /* lowest valid score */
676 } else if (m == RT6_NUD_FAIL_HARD) {
680 if (strict & RT6_LOOKUP_F_REACHABLE)
683 /* note that m can be RT6_NUD_FAIL_PROBE at this point */
685 *do_rr = match_do_rr;
693 static void __find_rr_leaf(struct fib6_info *f6i_start,
694 struct fib6_info *nomatch, u32 metric,
695 struct fib6_result *res, struct fib6_info **cont,
696 int oif, int strict, bool *do_rr, int *mpri)
698 struct fib6_info *f6i;
700 for (f6i = f6i_start;
701 f6i && f6i != nomatch;
702 f6i = rcu_dereference(f6i->fib6_next)) {
705 if (cont && f6i->fib6_metric != metric) {
710 if (fib6_check_expired(f6i))
714 if (find_match(nh, f6i->fib6_flags, oif, strict, mpri, do_rr)) {
717 res->fib6_flags = f6i->fib6_flags;
718 res->fib6_type = f6i->fib6_type;
723 static void find_rr_leaf(struct fib6_node *fn, struct fib6_info *leaf,
724 struct fib6_info *rr_head, int oif, int strict,
725 bool *do_rr, struct fib6_result *res)
727 u32 metric = rr_head->fib6_metric;
728 struct fib6_info *cont = NULL;
731 __find_rr_leaf(rr_head, NULL, metric, res, &cont,
732 oif, strict, do_rr, &mpri);
734 __find_rr_leaf(leaf, rr_head, metric, res, &cont,
735 oif, strict, do_rr, &mpri);
737 if (res->f6i || !cont)
740 __find_rr_leaf(cont, NULL, metric, res, NULL,
741 oif, strict, do_rr, &mpri);
744 static void rt6_select(struct net *net, struct fib6_node *fn, int oif,
745 struct fib6_result *res, int strict)
747 struct fib6_info *leaf = rcu_dereference(fn->leaf);
748 struct fib6_info *rt0;
752 /* make sure this function or its helpers sets f6i */
755 if (!leaf || leaf == net->ipv6.fib6_null_entry)
758 rt0 = rcu_dereference(fn->rr_ptr);
762 /* Double check to make sure fn is not an intermediate node
763 * and fn->leaf does not points to its child's leaf
764 * (This might happen if all routes under fn are deleted from
765 * the tree and fib6_repair_tree() is called on the node.)
767 key_plen = rt0->fib6_dst.plen;
768 #ifdef CONFIG_IPV6_SUBTREES
769 if (rt0->fib6_src.plen)
770 key_plen = rt0->fib6_src.plen;
772 if (fn->fn_bit != key_plen)
775 find_rr_leaf(fn, leaf, rt0, oif, strict, &do_rr, res);
777 struct fib6_info *next = rcu_dereference(rt0->fib6_next);
779 /* no entries matched; do round-robin */
780 if (!next || next->fib6_metric != rt0->fib6_metric)
784 spin_lock_bh(&leaf->fib6_table->tb6_lock);
785 /* make sure next is not being deleted from the tree */
787 rcu_assign_pointer(fn->rr_ptr, next);
788 spin_unlock_bh(&leaf->fib6_table->tb6_lock);
794 res->f6i = net->ipv6.fib6_null_entry;
795 res->nh = &res->f6i->fib6_nh;
796 res->fib6_flags = res->f6i->fib6_flags;
797 res->fib6_type = res->f6i->fib6_type;
801 static bool rt6_is_gw_or_nonexthop(const struct fib6_result *res)
803 return (res->f6i->fib6_flags & RTF_NONEXTHOP) ||
804 res->nh->fib_nh_gw_family;
807 #ifdef CONFIG_IPV6_ROUTE_INFO
808 int rt6_route_rcv(struct net_device *dev, u8 *opt, int len,
809 const struct in6_addr *gwaddr)
811 struct net *net = dev_net(dev);
812 struct route_info *rinfo = (struct route_info *) opt;
813 struct in6_addr prefix_buf, *prefix;
815 unsigned long lifetime;
816 struct fib6_info *rt;
818 if (len < sizeof(struct route_info)) {
822 /* Sanity check for prefix_len and length */
823 if (rinfo->length > 3) {
825 } else if (rinfo->prefix_len > 128) {
827 } else if (rinfo->prefix_len > 64) {
828 if (rinfo->length < 2) {
831 } else if (rinfo->prefix_len > 0) {
832 if (rinfo->length < 1) {
837 pref = rinfo->route_pref;
838 if (pref == ICMPV6_ROUTER_PREF_INVALID)
841 lifetime = addrconf_timeout_fixup(ntohl(rinfo->lifetime), HZ);
843 if (rinfo->length == 3)
844 prefix = (struct in6_addr *)rinfo->prefix;
846 /* this function is safe */
847 ipv6_addr_prefix(&prefix_buf,
848 (struct in6_addr *)rinfo->prefix,
850 prefix = &prefix_buf;
853 if (rinfo->prefix_len == 0)
854 rt = rt6_get_dflt_router(net, gwaddr, dev);
856 rt = rt6_get_route_info(net, prefix, rinfo->prefix_len,
859 if (rt && !lifetime) {
865 rt = rt6_add_route_info(net, prefix, rinfo->prefix_len, gwaddr,
868 rt->fib6_flags = RTF_ROUTEINFO |
869 (rt->fib6_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
872 if (!addrconf_finite_timeout(lifetime))
873 fib6_clean_expires(rt);
875 fib6_set_expires(rt, jiffies + HZ * lifetime);
877 fib6_info_release(rt);
884 * Misc support functions
887 /* called with rcu_lock held */
888 static struct net_device *ip6_rt_get_dev_rcu(const struct fib6_result *res)
890 struct net_device *dev = res->nh->fib_nh_dev;
892 if (res->fib6_flags & (RTF_LOCAL | RTF_ANYCAST)) {
893 /* for copies of local routes, dst->dev needs to be the
894 * device if it is a master device, the master device if
895 * device is enslaved, and the loopback as the default
897 if (netif_is_l3_slave(dev) &&
898 !rt6_need_strict(&res->f6i->fib6_dst.addr))
899 dev = l3mdev_master_dev_rcu(dev);
900 else if (!netif_is_l3_master(dev))
901 dev = dev_net(dev)->loopback_dev;
902 /* last case is netif_is_l3_master(dev) is true in which
903 * case we want dev returned to be dev
910 static const int fib6_prop[RTN_MAX + 1] = {
917 [RTN_BLACKHOLE] = -EINVAL,
918 [RTN_UNREACHABLE] = -EHOSTUNREACH,
919 [RTN_PROHIBIT] = -EACCES,
920 [RTN_THROW] = -EAGAIN,
922 [RTN_XRESOLVE] = -EINVAL,
925 static int ip6_rt_type_to_error(u8 fib6_type)
927 return fib6_prop[fib6_type];
930 static unsigned short fib6_info_dst_flags(struct fib6_info *rt)
932 unsigned short flags = 0;
935 flags |= DST_NOCOUNT;
936 if (rt->dst_nopolicy)
937 flags |= DST_NOPOLICY;
944 static void ip6_rt_init_dst_reject(struct rt6_info *rt, u8 fib6_type)
946 rt->dst.error = ip6_rt_type_to_error(fib6_type);
950 rt->dst.output = dst_discard_out;
951 rt->dst.input = dst_discard;
954 rt->dst.output = ip6_pkt_prohibit_out;
955 rt->dst.input = ip6_pkt_prohibit;
958 case RTN_UNREACHABLE:
960 rt->dst.output = ip6_pkt_discard_out;
961 rt->dst.input = ip6_pkt_discard;
966 static void ip6_rt_init_dst(struct rt6_info *rt, const struct fib6_result *res)
968 struct fib6_info *f6i = res->f6i;
970 if (res->fib6_flags & RTF_REJECT) {
971 ip6_rt_init_dst_reject(rt, res->fib6_type);
976 rt->dst.output = ip6_output;
978 if (res->fib6_type == RTN_LOCAL || res->fib6_type == RTN_ANYCAST) {
979 rt->dst.input = ip6_input;
980 } else if (ipv6_addr_type(&f6i->fib6_dst.addr) & IPV6_ADDR_MULTICAST) {
981 rt->dst.input = ip6_mc_input;
983 rt->dst.input = ip6_forward;
986 if (res->nh->fib_nh_lws) {
987 rt->dst.lwtstate = lwtstate_get(res->nh->fib_nh_lws);
988 lwtunnel_set_redirect(&rt->dst);
991 rt->dst.lastuse = jiffies;
994 /* Caller must already hold reference to @from */
995 static void rt6_set_from(struct rt6_info *rt, struct fib6_info *from)
997 rt->rt6i_flags &= ~RTF_EXPIRES;
998 rcu_assign_pointer(rt->from, from);
999 ip_dst_init_metrics(&rt->dst, from->fib6_metrics);
1002 /* Caller must already hold reference to f6i in result */
1003 static void ip6_rt_copy_init(struct rt6_info *rt, const struct fib6_result *res)
1005 const struct fib6_nh *nh = res->nh;
1006 const struct net_device *dev = nh->fib_nh_dev;
1007 struct fib6_info *f6i = res->f6i;
1009 ip6_rt_init_dst(rt, res);
1011 rt->rt6i_dst = f6i->fib6_dst;
1012 rt->rt6i_idev = dev ? in6_dev_get(dev) : NULL;
1013 rt->rt6i_flags = res->fib6_flags;
1014 if (nh->fib_nh_gw_family) {
1015 rt->rt6i_gateway = nh->fib_nh_gw6;
1016 rt->rt6i_flags |= RTF_GATEWAY;
1018 rt6_set_from(rt, f6i);
1019 #ifdef CONFIG_IPV6_SUBTREES
1020 rt->rt6i_src = f6i->fib6_src;
1024 static struct fib6_node* fib6_backtrack(struct fib6_node *fn,
1025 struct in6_addr *saddr)
1027 struct fib6_node *pn, *sn;
1029 if (fn->fn_flags & RTN_TL_ROOT)
1031 pn = rcu_dereference(fn->parent);
1032 sn = FIB6_SUBTREE(pn);
1034 fn = fib6_node_lookup(sn, NULL, saddr);
1037 if (fn->fn_flags & RTN_RTINFO)
1042 static bool ip6_hold_safe(struct net *net, struct rt6_info **prt)
1044 struct rt6_info *rt = *prt;
1046 if (dst_hold_safe(&rt->dst))
1049 rt = net->ipv6.ip6_null_entry;
1058 /* called with rcu_lock held */
1059 static struct rt6_info *ip6_create_rt_rcu(const struct fib6_result *res)
1061 struct net_device *dev = res->nh->fib_nh_dev;
1062 struct fib6_info *f6i = res->f6i;
1063 unsigned short flags;
1064 struct rt6_info *nrt;
1066 if (!fib6_info_hold_safe(f6i))
1069 flags = fib6_info_dst_flags(f6i);
1070 nrt = ip6_dst_alloc(dev_net(dev), dev, flags);
1072 fib6_info_release(f6i);
1076 ip6_rt_copy_init(nrt, res);
1080 nrt = dev_net(dev)->ipv6.ip6_null_entry;
1081 dst_hold(&nrt->dst);
1085 static struct rt6_info *ip6_pol_route_lookup(struct net *net,
1086 struct fib6_table *table,
1088 const struct sk_buff *skb,
1091 struct fib6_result res = {};
1092 struct fib6_node *fn;
1093 struct rt6_info *rt;
1095 if (fl6->flowi6_flags & FLOWI_FLAG_SKIP_NH_OIF)
1096 flags &= ~RT6_LOOKUP_F_IFACE;
1099 fn = fib6_node_lookup(&table->tb6_root, &fl6->daddr, &fl6->saddr);
1101 res.f6i = rcu_dereference(fn->leaf);
1103 res.f6i = net->ipv6.fib6_null_entry;
1105 rt6_device_match(net, &res, &fl6->saddr, fl6->flowi6_oif,
1108 if (res.f6i == net->ipv6.fib6_null_entry) {
1109 fn = fib6_backtrack(fn, &fl6->saddr);
1113 rt = net->ipv6.ip6_null_entry;
1118 fib6_select_path(net, &res, fl6, fl6->flowi6_oif,
1119 fl6->flowi6_oif != 0, skb, flags);
1121 /* Search through exception table */
1122 rt = rt6_find_cached_rt(&res, &fl6->daddr, &fl6->saddr);
1124 if (ip6_hold_safe(net, &rt))
1125 dst_use_noref(&rt->dst, jiffies);
1127 rt = ip6_create_rt_rcu(&res);
1131 trace_fib6_table_lookup(net, &res, table, fl6);
1138 struct dst_entry *ip6_route_lookup(struct net *net, struct flowi6 *fl6,
1139 const struct sk_buff *skb, int flags)
1141 return fib6_rule_lookup(net, fl6, skb, flags, ip6_pol_route_lookup);
1143 EXPORT_SYMBOL_GPL(ip6_route_lookup);
1145 struct rt6_info *rt6_lookup(struct net *net, const struct in6_addr *daddr,
1146 const struct in6_addr *saddr, int oif,
1147 const struct sk_buff *skb, int strict)
1149 struct flowi6 fl6 = {
1153 struct dst_entry *dst;
1154 int flags = strict ? RT6_LOOKUP_F_IFACE : 0;
1157 memcpy(&fl6.saddr, saddr, sizeof(*saddr));
1158 flags |= RT6_LOOKUP_F_HAS_SADDR;
1161 dst = fib6_rule_lookup(net, &fl6, skb, flags, ip6_pol_route_lookup);
1162 if (dst->error == 0)
1163 return (struct rt6_info *) dst;
1169 EXPORT_SYMBOL(rt6_lookup);
1171 /* ip6_ins_rt is called with FREE table->tb6_lock.
1172 * It takes new route entry, the addition fails by any reason the
1173 * route is released.
1174 * Caller must hold dst before calling it.
1177 static int __ip6_ins_rt(struct fib6_info *rt, struct nl_info *info,
1178 struct netlink_ext_ack *extack)
1181 struct fib6_table *table;
1183 table = rt->fib6_table;
1184 spin_lock_bh(&table->tb6_lock);
1185 err = fib6_add(&table->tb6_root, rt, info, extack);
1186 spin_unlock_bh(&table->tb6_lock);
1191 int ip6_ins_rt(struct net *net, struct fib6_info *rt)
1193 struct nl_info info = { .nl_net = net, };
1195 return __ip6_ins_rt(rt, &info, NULL);
1198 static struct rt6_info *ip6_rt_cache_alloc(const struct fib6_result *res,
1199 const struct in6_addr *daddr,
1200 const struct in6_addr *saddr)
1202 struct fib6_info *f6i = res->f6i;
1203 struct net_device *dev;
1204 struct rt6_info *rt;
1210 if (!fib6_info_hold_safe(f6i))
1213 dev = ip6_rt_get_dev_rcu(res);
1214 rt = ip6_dst_alloc(dev_net(dev), dev, 0);
1216 fib6_info_release(f6i);
1220 ip6_rt_copy_init(rt, res);
1221 rt->rt6i_flags |= RTF_CACHE;
1222 rt->dst.flags |= DST_HOST;
1223 rt->rt6i_dst.addr = *daddr;
1224 rt->rt6i_dst.plen = 128;
1226 if (!rt6_is_gw_or_nonexthop(res)) {
1227 if (f6i->fib6_dst.plen != 128 &&
1228 ipv6_addr_equal(&f6i->fib6_dst.addr, daddr))
1229 rt->rt6i_flags |= RTF_ANYCAST;
1230 #ifdef CONFIG_IPV6_SUBTREES
1231 if (rt->rt6i_src.plen && saddr) {
1232 rt->rt6i_src.addr = *saddr;
1233 rt->rt6i_src.plen = 128;
1241 static struct rt6_info *ip6_rt_pcpu_alloc(const struct fib6_result *res)
1243 struct fib6_info *f6i = res->f6i;
1244 unsigned short flags = fib6_info_dst_flags(f6i);
1245 struct net_device *dev;
1246 struct rt6_info *pcpu_rt;
1248 if (!fib6_info_hold_safe(f6i))
1252 dev = ip6_rt_get_dev_rcu(res);
1253 pcpu_rt = ip6_dst_alloc(dev_net(dev), dev, flags);
1256 fib6_info_release(f6i);
1259 ip6_rt_copy_init(pcpu_rt, res);
1260 pcpu_rt->rt6i_flags |= RTF_PCPU;
1264 /* It should be called with rcu_read_lock() acquired */
1265 static struct rt6_info *rt6_get_pcpu_route(const struct fib6_result *res)
1267 struct rt6_info *pcpu_rt, **p;
1269 p = this_cpu_ptr(res->f6i->rt6i_pcpu);
1273 ip6_hold_safe(NULL, &pcpu_rt);
1278 static struct rt6_info *rt6_make_pcpu_route(struct net *net,
1279 const struct fib6_result *res)
1281 struct rt6_info *pcpu_rt, *prev, **p;
1283 pcpu_rt = ip6_rt_pcpu_alloc(res);
1285 dst_hold(&net->ipv6.ip6_null_entry->dst);
1286 return net->ipv6.ip6_null_entry;
1289 dst_hold(&pcpu_rt->dst);
1290 p = this_cpu_ptr(res->f6i->rt6i_pcpu);
1291 prev = cmpxchg(p, NULL, pcpu_rt);
1294 if (res->f6i->fib6_destroying) {
1295 struct fib6_info *from;
1297 from = xchg((__force struct fib6_info **)&pcpu_rt->from, NULL);
1298 fib6_info_release(from);
1304 /* exception hash table implementation
1306 static DEFINE_SPINLOCK(rt6_exception_lock);
1308 /* Remove rt6_ex from hash table and free the memory
1309 * Caller must hold rt6_exception_lock
1311 static void rt6_remove_exception(struct rt6_exception_bucket *bucket,
1312 struct rt6_exception *rt6_ex)
1314 struct fib6_info *from;
1317 if (!bucket || !rt6_ex)
1320 net = dev_net(rt6_ex->rt6i->dst.dev);
1321 net->ipv6.rt6_stats->fib_rt_cache--;
1323 /* purge completely the exception to allow releasing the held resources:
1324 * some [sk] cache may keep the dst around for unlimited time
1326 from = xchg((__force struct fib6_info **)&rt6_ex->rt6i->from, NULL);
1327 fib6_info_release(from);
1328 dst_dev_put(&rt6_ex->rt6i->dst);
1330 hlist_del_rcu(&rt6_ex->hlist);
1331 dst_release(&rt6_ex->rt6i->dst);
1332 kfree_rcu(rt6_ex, rcu);
1333 WARN_ON_ONCE(!bucket->depth);
1337 /* Remove oldest rt6_ex in bucket and free the memory
1338 * Caller must hold rt6_exception_lock
1340 static void rt6_exception_remove_oldest(struct rt6_exception_bucket *bucket)
1342 struct rt6_exception *rt6_ex, *oldest = NULL;
1347 hlist_for_each_entry(rt6_ex, &bucket->chain, hlist) {
1348 if (!oldest || time_before(rt6_ex->stamp, oldest->stamp))
1351 rt6_remove_exception(bucket, oldest);
1354 static u32 rt6_exception_hash(const struct in6_addr *dst,
1355 const struct in6_addr *src)
1357 static u32 seed __read_mostly;
1360 net_get_random_once(&seed, sizeof(seed));
1361 val = jhash(dst, sizeof(*dst), seed);
1363 #ifdef CONFIG_IPV6_SUBTREES
1365 val = jhash(src, sizeof(*src), val);
1367 return hash_32(val, FIB6_EXCEPTION_BUCKET_SIZE_SHIFT);
1370 /* Helper function to find the cached rt in the hash table
1371 * and update bucket pointer to point to the bucket for this
1372 * (daddr, saddr) pair
1373 * Caller must hold rt6_exception_lock
1375 static struct rt6_exception *
1376 __rt6_find_exception_spinlock(struct rt6_exception_bucket **bucket,
1377 const struct in6_addr *daddr,
1378 const struct in6_addr *saddr)
1380 struct rt6_exception *rt6_ex;
1383 if (!(*bucket) || !daddr)
1386 hval = rt6_exception_hash(daddr, saddr);
1389 hlist_for_each_entry(rt6_ex, &(*bucket)->chain, hlist) {
1390 struct rt6_info *rt6 = rt6_ex->rt6i;
1391 bool matched = ipv6_addr_equal(daddr, &rt6->rt6i_dst.addr);
1393 #ifdef CONFIG_IPV6_SUBTREES
1394 if (matched && saddr)
1395 matched = ipv6_addr_equal(saddr, &rt6->rt6i_src.addr);
1403 /* Helper function to find the cached rt in the hash table
1404 * and update bucket pointer to point to the bucket for this
1405 * (daddr, saddr) pair
1406 * Caller must hold rcu_read_lock()
1408 static struct rt6_exception *
1409 __rt6_find_exception_rcu(struct rt6_exception_bucket **bucket,
1410 const struct in6_addr *daddr,
1411 const struct in6_addr *saddr)
1413 struct rt6_exception *rt6_ex;
1416 WARN_ON_ONCE(!rcu_read_lock_held());
1418 if (!(*bucket) || !daddr)
1421 hval = rt6_exception_hash(daddr, saddr);
1424 hlist_for_each_entry_rcu(rt6_ex, &(*bucket)->chain, hlist) {
1425 struct rt6_info *rt6 = rt6_ex->rt6i;
1426 bool matched = ipv6_addr_equal(daddr, &rt6->rt6i_dst.addr);
1428 #ifdef CONFIG_IPV6_SUBTREES
1429 if (matched && saddr)
1430 matched = ipv6_addr_equal(saddr, &rt6->rt6i_src.addr);
1438 static unsigned int fib6_mtu(const struct fib6_result *res)
1440 const struct fib6_nh *nh = res->nh;
1443 if (res->f6i->fib6_pmtu) {
1444 mtu = res->f6i->fib6_pmtu;
1446 struct net_device *dev = nh->fib_nh_dev;
1447 struct inet6_dev *idev;
1450 idev = __in6_dev_get(dev);
1451 mtu = idev->cnf.mtu6;
1455 mtu = min_t(unsigned int, mtu, IP6_MAX_MTU);
1457 return mtu - lwtunnel_headroom(nh->fib_nh_lws, mtu);
1460 static int rt6_insert_exception(struct rt6_info *nrt,
1461 const struct fib6_result *res)
1463 struct net *net = dev_net(nrt->dst.dev);
1464 struct rt6_exception_bucket *bucket;
1465 struct in6_addr *src_key = NULL;
1466 struct rt6_exception *rt6_ex;
1467 struct fib6_info *f6i = res->f6i;
1470 spin_lock_bh(&rt6_exception_lock);
1472 if (f6i->exception_bucket_flushed) {
1477 bucket = rcu_dereference_protected(f6i->rt6i_exception_bucket,
1478 lockdep_is_held(&rt6_exception_lock));
1480 bucket = kcalloc(FIB6_EXCEPTION_BUCKET_SIZE, sizeof(*bucket),
1486 rcu_assign_pointer(f6i->rt6i_exception_bucket, bucket);
1489 #ifdef CONFIG_IPV6_SUBTREES
1490 /* fib6_src.plen != 0 indicates f6i is in subtree
1491 * and exception table is indexed by a hash of
1492 * both fib6_dst and fib6_src.
1493 * Otherwise, the exception table is indexed by
1494 * a hash of only fib6_dst.
1496 if (f6i->fib6_src.plen)
1497 src_key = &nrt->rt6i_src.addr;
1499 /* rt6_mtu_change() might lower mtu on f6i.
1500 * Only insert this exception route if its mtu
1501 * is less than f6i's mtu value.
1503 if (dst_metric_raw(&nrt->dst, RTAX_MTU) >= fib6_mtu(res)) {
1508 rt6_ex = __rt6_find_exception_spinlock(&bucket, &nrt->rt6i_dst.addr,
1511 rt6_remove_exception(bucket, rt6_ex);
1513 rt6_ex = kzalloc(sizeof(*rt6_ex), GFP_ATOMIC);
1519 rt6_ex->stamp = jiffies;
1520 hlist_add_head_rcu(&rt6_ex->hlist, &bucket->chain);
1522 net->ipv6.rt6_stats->fib_rt_cache++;
1524 if (bucket->depth > FIB6_MAX_DEPTH)
1525 rt6_exception_remove_oldest(bucket);
1528 spin_unlock_bh(&rt6_exception_lock);
1530 /* Update fn->fn_sernum to invalidate all cached dst */
1532 spin_lock_bh(&f6i->fib6_table->tb6_lock);
1533 fib6_update_sernum(net, f6i);
1534 spin_unlock_bh(&f6i->fib6_table->tb6_lock);
1535 fib6_force_start_gc(net);
1541 void rt6_flush_exceptions(struct fib6_info *rt)
1543 struct rt6_exception_bucket *bucket;
1544 struct rt6_exception *rt6_ex;
1545 struct hlist_node *tmp;
1548 spin_lock_bh(&rt6_exception_lock);
1549 /* Prevent rt6_insert_exception() to recreate the bucket list */
1550 rt->exception_bucket_flushed = 1;
1552 bucket = rcu_dereference_protected(rt->rt6i_exception_bucket,
1553 lockdep_is_held(&rt6_exception_lock));
1557 for (i = 0; i < FIB6_EXCEPTION_BUCKET_SIZE; i++) {
1558 hlist_for_each_entry_safe(rt6_ex, tmp, &bucket->chain, hlist)
1559 rt6_remove_exception(bucket, rt6_ex);
1560 WARN_ON_ONCE(bucket->depth);
1565 spin_unlock_bh(&rt6_exception_lock);
1568 /* Find cached rt in the hash table inside passed in rt
1569 * Caller has to hold rcu_read_lock()
1571 static struct rt6_info *rt6_find_cached_rt(const struct fib6_result *res,
1572 const struct in6_addr *daddr,
1573 const struct in6_addr *saddr)
1575 const struct in6_addr *src_key = NULL;
1576 struct rt6_exception_bucket *bucket;
1577 struct rt6_exception *rt6_ex;
1578 struct rt6_info *ret = NULL;
1580 #ifdef CONFIG_IPV6_SUBTREES
1581 /* fib6i_src.plen != 0 indicates f6i is in subtree
1582 * and exception table is indexed by a hash of
1583 * both fib6_dst and fib6_src.
1584 * However, the src addr used to create the hash
1585 * might not be exactly the passed in saddr which
1586 * is a /128 addr from the flow.
1587 * So we need to use f6i->fib6_src to redo lookup
1588 * if the passed in saddr does not find anything.
1589 * (See the logic in ip6_rt_cache_alloc() on how
1590 * rt->rt6i_src is updated.)
1592 if (res->f6i->fib6_src.plen)
1596 bucket = rcu_dereference(res->f6i->rt6i_exception_bucket);
1597 rt6_ex = __rt6_find_exception_rcu(&bucket, daddr, src_key);
1599 if (rt6_ex && !rt6_check_expired(rt6_ex->rt6i))
1602 #ifdef CONFIG_IPV6_SUBTREES
1603 /* Use fib6_src as src_key and redo lookup */
1604 if (!ret && src_key && src_key != &res->f6i->fib6_src.addr) {
1605 src_key = &res->f6i->fib6_src.addr;
1613 /* Remove the passed in cached rt from the hash table that contains it */
1614 static int rt6_remove_exception_rt(struct rt6_info *rt)
1616 struct rt6_exception_bucket *bucket;
1617 struct in6_addr *src_key = NULL;
1618 struct rt6_exception *rt6_ex;
1619 struct fib6_info *from;
1622 from = rcu_dereference(rt->from);
1624 !(rt->rt6i_flags & RTF_CACHE))
1627 if (!rcu_access_pointer(from->rt6i_exception_bucket))
1630 spin_lock_bh(&rt6_exception_lock);
1631 bucket = rcu_dereference_protected(from->rt6i_exception_bucket,
1632 lockdep_is_held(&rt6_exception_lock));
1633 #ifdef CONFIG_IPV6_SUBTREES
1634 /* rt6i_src.plen != 0 indicates 'from' is in subtree
1635 * and exception table is indexed by a hash of
1636 * both rt6i_dst and rt6i_src.
1637 * Otherwise, the exception table is indexed by
1638 * a hash of only rt6i_dst.
1640 if (from->fib6_src.plen)
1641 src_key = &rt->rt6i_src.addr;
1643 rt6_ex = __rt6_find_exception_spinlock(&bucket,
1647 rt6_remove_exception(bucket, rt6_ex);
1653 spin_unlock_bh(&rt6_exception_lock);
1657 /* Find rt6_ex which contains the passed in rt cache and
1660 static void rt6_update_exception_stamp_rt(struct rt6_info *rt)
1662 struct rt6_exception_bucket *bucket;
1663 struct in6_addr *src_key = NULL;
1664 struct rt6_exception *rt6_ex;
1665 struct fib6_info *from;
1668 from = rcu_dereference(rt->from);
1669 if (!from || !(rt->rt6i_flags & RTF_CACHE))
1672 bucket = rcu_dereference(from->rt6i_exception_bucket);
1674 #ifdef CONFIG_IPV6_SUBTREES
1675 /* rt6i_src.plen != 0 indicates 'from' is in subtree
1676 * and exception table is indexed by a hash of
1677 * both rt6i_dst and rt6i_src.
1678 * Otherwise, the exception table is indexed by
1679 * a hash of only rt6i_dst.
1681 if (from->fib6_src.plen)
1682 src_key = &rt->rt6i_src.addr;
1684 rt6_ex = __rt6_find_exception_rcu(&bucket,
1688 rt6_ex->stamp = jiffies;
1694 static bool rt6_mtu_change_route_allowed(struct inet6_dev *idev,
1695 struct rt6_info *rt, int mtu)
1697 /* If the new MTU is lower than the route PMTU, this new MTU will be the
1698 * lowest MTU in the path: always allow updating the route PMTU to
1699 * reflect PMTU decreases.
1701 * If the new MTU is higher, and the route PMTU is equal to the local
1702 * MTU, this means the old MTU is the lowest in the path, so allow
1703 * updating it: if other nodes now have lower MTUs, PMTU discovery will
1707 if (dst_mtu(&rt->dst) >= mtu)
1710 if (dst_mtu(&rt->dst) == idev->cnf.mtu6)
1716 static void rt6_exceptions_update_pmtu(struct inet6_dev *idev,
1717 struct fib6_info *rt, int mtu)
1719 struct rt6_exception_bucket *bucket;
1720 struct rt6_exception *rt6_ex;
1723 bucket = rcu_dereference_protected(rt->rt6i_exception_bucket,
1724 lockdep_is_held(&rt6_exception_lock));
1729 for (i = 0; i < FIB6_EXCEPTION_BUCKET_SIZE; i++) {
1730 hlist_for_each_entry(rt6_ex, &bucket->chain, hlist) {
1731 struct rt6_info *entry = rt6_ex->rt6i;
1733 /* For RTF_CACHE with rt6i_pmtu == 0 (i.e. a redirected
1734 * route), the metrics of its rt->from have already
1737 if (dst_metric_raw(&entry->dst, RTAX_MTU) &&
1738 rt6_mtu_change_route_allowed(idev, entry, mtu))
1739 dst_metric_set(&entry->dst, RTAX_MTU, mtu);
1745 #define RTF_CACHE_GATEWAY (RTF_GATEWAY | RTF_CACHE)
1747 static void rt6_exceptions_clean_tohost(struct fib6_info *rt,
1748 struct in6_addr *gateway)
1750 struct rt6_exception_bucket *bucket;
1751 struct rt6_exception *rt6_ex;
1752 struct hlist_node *tmp;
1755 if (!rcu_access_pointer(rt->rt6i_exception_bucket))
1758 spin_lock_bh(&rt6_exception_lock);
1759 bucket = rcu_dereference_protected(rt->rt6i_exception_bucket,
1760 lockdep_is_held(&rt6_exception_lock));
1763 for (i = 0; i < FIB6_EXCEPTION_BUCKET_SIZE; i++) {
1764 hlist_for_each_entry_safe(rt6_ex, tmp,
1765 &bucket->chain, hlist) {
1766 struct rt6_info *entry = rt6_ex->rt6i;
1768 if ((entry->rt6i_flags & RTF_CACHE_GATEWAY) ==
1769 RTF_CACHE_GATEWAY &&
1770 ipv6_addr_equal(gateway,
1771 &entry->rt6i_gateway)) {
1772 rt6_remove_exception(bucket, rt6_ex);
1779 spin_unlock_bh(&rt6_exception_lock);
1782 static void rt6_age_examine_exception(struct rt6_exception_bucket *bucket,
1783 struct rt6_exception *rt6_ex,
1784 struct fib6_gc_args *gc_args,
1787 struct rt6_info *rt = rt6_ex->rt6i;
1789 /* we are pruning and obsoleting aged-out and non gateway exceptions
1790 * even if others have still references to them, so that on next
1791 * dst_check() such references can be dropped.
1792 * EXPIRES exceptions - e.g. pmtu-generated ones are pruned when
1793 * expired, independently from their aging, as per RFC 8201 section 4
1795 if (!(rt->rt6i_flags & RTF_EXPIRES)) {
1796 if (time_after_eq(now, rt->dst.lastuse + gc_args->timeout)) {
1797 RT6_TRACE("aging clone %p\n", rt);
1798 rt6_remove_exception(bucket, rt6_ex);
1801 } else if (time_after(jiffies, rt->dst.expires)) {
1802 RT6_TRACE("purging expired route %p\n", rt);
1803 rt6_remove_exception(bucket, rt6_ex);
1807 if (rt->rt6i_flags & RTF_GATEWAY) {
1808 struct neighbour *neigh;
1809 __u8 neigh_flags = 0;
1811 neigh = __ipv6_neigh_lookup_noref(rt->dst.dev, &rt->rt6i_gateway);
1813 neigh_flags = neigh->flags;
1815 if (!(neigh_flags & NTF_ROUTER)) {
1816 RT6_TRACE("purging route %p via non-router but gateway\n",
1818 rt6_remove_exception(bucket, rt6_ex);
1826 void rt6_age_exceptions(struct fib6_info *rt,
1827 struct fib6_gc_args *gc_args,
1830 struct rt6_exception_bucket *bucket;
1831 struct rt6_exception *rt6_ex;
1832 struct hlist_node *tmp;
1835 if (!rcu_access_pointer(rt->rt6i_exception_bucket))
1839 spin_lock(&rt6_exception_lock);
1840 bucket = rcu_dereference_protected(rt->rt6i_exception_bucket,
1841 lockdep_is_held(&rt6_exception_lock));
1844 for (i = 0; i < FIB6_EXCEPTION_BUCKET_SIZE; i++) {
1845 hlist_for_each_entry_safe(rt6_ex, tmp,
1846 &bucket->chain, hlist) {
1847 rt6_age_examine_exception(bucket, rt6_ex,
1853 spin_unlock(&rt6_exception_lock);
1854 rcu_read_unlock_bh();
1857 /* must be called with rcu lock held */
1858 int fib6_table_lookup(struct net *net, struct fib6_table *table, int oif,
1859 struct flowi6 *fl6, struct fib6_result *res, int strict)
1861 struct fib6_node *fn, *saved_fn;
1863 fn = fib6_node_lookup(&table->tb6_root, &fl6->daddr, &fl6->saddr);
1866 if (fl6->flowi6_flags & FLOWI_FLAG_SKIP_NH_OIF)
1870 rt6_select(net, fn, oif, res, strict);
1871 if (res->f6i == net->ipv6.fib6_null_entry) {
1872 fn = fib6_backtrack(fn, &fl6->saddr);
1874 goto redo_rt6_select;
1875 else if (strict & RT6_LOOKUP_F_REACHABLE) {
1876 /* also consider unreachable route */
1877 strict &= ~RT6_LOOKUP_F_REACHABLE;
1879 goto redo_rt6_select;
1883 trace_fib6_table_lookup(net, res, table, fl6);
1888 struct rt6_info *ip6_pol_route(struct net *net, struct fib6_table *table,
1889 int oif, struct flowi6 *fl6,
1890 const struct sk_buff *skb, int flags)
1892 struct fib6_result res = {};
1893 struct rt6_info *rt;
1896 strict |= flags & RT6_LOOKUP_F_IFACE;
1897 strict |= flags & RT6_LOOKUP_F_IGNORE_LINKSTATE;
1898 if (net->ipv6.devconf_all->forwarding == 0)
1899 strict |= RT6_LOOKUP_F_REACHABLE;
1903 fib6_table_lookup(net, table, oif, fl6, &res, strict);
1904 if (res.f6i == net->ipv6.fib6_null_entry) {
1905 rt = net->ipv6.ip6_null_entry;
1911 fib6_select_path(net, &res, fl6, oif, false, skb, strict);
1913 /*Search through exception table */
1914 rt = rt6_find_cached_rt(&res, &fl6->daddr, &fl6->saddr);
1916 if (ip6_hold_safe(net, &rt))
1917 dst_use_noref(&rt->dst, jiffies);
1921 } else if (unlikely((fl6->flowi6_flags & FLOWI_FLAG_KNOWN_NH) &&
1922 !res.nh->fib_nh_gw_family)) {
1923 /* Create a RTF_CACHE clone which will not be
1924 * owned by the fib6 tree. It is for the special case where
1925 * the daddr in the skb during the neighbor look-up is different
1926 * from the fl6->daddr used to look-up route here.
1928 struct rt6_info *uncached_rt;
1930 uncached_rt = ip6_rt_cache_alloc(&res, &fl6->daddr, NULL);
1935 /* Uncached_rt's refcnt is taken during ip6_rt_cache_alloc()
1936 * No need for another dst_hold()
1938 rt6_uncached_list_add(uncached_rt);
1939 atomic_inc(&net->ipv6.rt6_stats->fib_rt_uncache);
1941 uncached_rt = net->ipv6.ip6_null_entry;
1942 dst_hold(&uncached_rt->dst);
1947 /* Get a percpu copy */
1949 struct rt6_info *pcpu_rt;
1952 pcpu_rt = rt6_get_pcpu_route(&res);
1955 pcpu_rt = rt6_make_pcpu_route(net, &res);
1963 EXPORT_SYMBOL_GPL(ip6_pol_route);
1965 static struct rt6_info *ip6_pol_route_input(struct net *net,
1966 struct fib6_table *table,
1968 const struct sk_buff *skb,
1971 return ip6_pol_route(net, table, fl6->flowi6_iif, fl6, skb, flags);
1974 struct dst_entry *ip6_route_input_lookup(struct net *net,
1975 struct net_device *dev,
1977 const struct sk_buff *skb,
1980 if (rt6_need_strict(&fl6->daddr) && dev->type != ARPHRD_PIMREG)
1981 flags |= RT6_LOOKUP_F_IFACE;
1983 return fib6_rule_lookup(net, fl6, skb, flags, ip6_pol_route_input);
1985 EXPORT_SYMBOL_GPL(ip6_route_input_lookup);
1987 static void ip6_multipath_l3_keys(const struct sk_buff *skb,
1988 struct flow_keys *keys,
1989 struct flow_keys *flkeys)
1991 const struct ipv6hdr *outer_iph = ipv6_hdr(skb);
1992 const struct ipv6hdr *key_iph = outer_iph;
1993 struct flow_keys *_flkeys = flkeys;
1994 const struct ipv6hdr *inner_iph;
1995 const struct icmp6hdr *icmph;
1996 struct ipv6hdr _inner_iph;
1997 struct icmp6hdr _icmph;
1999 if (likely(outer_iph->nexthdr != IPPROTO_ICMPV6))
2002 icmph = skb_header_pointer(skb, skb_transport_offset(skb),
2003 sizeof(_icmph), &_icmph);
2007 if (icmph->icmp6_type != ICMPV6_DEST_UNREACH &&
2008 icmph->icmp6_type != ICMPV6_PKT_TOOBIG &&
2009 icmph->icmp6_type != ICMPV6_TIME_EXCEED &&
2010 icmph->icmp6_type != ICMPV6_PARAMPROB)
2013 inner_iph = skb_header_pointer(skb,
2014 skb_transport_offset(skb) + sizeof(*icmph),
2015 sizeof(_inner_iph), &_inner_iph);
2019 key_iph = inner_iph;
2023 keys->addrs.v6addrs.src = _flkeys->addrs.v6addrs.src;
2024 keys->addrs.v6addrs.dst = _flkeys->addrs.v6addrs.dst;
2025 keys->tags.flow_label = _flkeys->tags.flow_label;
2026 keys->basic.ip_proto = _flkeys->basic.ip_proto;
2028 keys->addrs.v6addrs.src = key_iph->saddr;
2029 keys->addrs.v6addrs.dst = key_iph->daddr;
2030 keys->tags.flow_label = ip6_flowlabel(key_iph);
2031 keys->basic.ip_proto = key_iph->nexthdr;
2035 /* if skb is set it will be used and fl6 can be NULL */
2036 u32 rt6_multipath_hash(const struct net *net, const struct flowi6 *fl6,
2037 const struct sk_buff *skb, struct flow_keys *flkeys)
2039 struct flow_keys hash_keys;
2042 switch (ip6_multipath_hash_policy(net)) {
2044 memset(&hash_keys, 0, sizeof(hash_keys));
2045 hash_keys.control.addr_type = FLOW_DISSECTOR_KEY_IPV6_ADDRS;
2047 ip6_multipath_l3_keys(skb, &hash_keys, flkeys);
2049 hash_keys.addrs.v6addrs.src = fl6->saddr;
2050 hash_keys.addrs.v6addrs.dst = fl6->daddr;
2051 hash_keys.tags.flow_label = (__force u32)flowi6_get_flowlabel(fl6);
2052 hash_keys.basic.ip_proto = fl6->flowi6_proto;
2057 unsigned int flag = FLOW_DISSECTOR_F_STOP_AT_ENCAP;
2058 struct flow_keys keys;
2060 /* short-circuit if we already have L4 hash present */
2062 return skb_get_hash_raw(skb) >> 1;
2064 memset(&hash_keys, 0, sizeof(hash_keys));
2067 skb_flow_dissect_flow_keys(skb, &keys, flag);
2070 hash_keys.control.addr_type = FLOW_DISSECTOR_KEY_IPV6_ADDRS;
2071 hash_keys.addrs.v6addrs.src = flkeys->addrs.v6addrs.src;
2072 hash_keys.addrs.v6addrs.dst = flkeys->addrs.v6addrs.dst;
2073 hash_keys.ports.src = flkeys->ports.src;
2074 hash_keys.ports.dst = flkeys->ports.dst;
2075 hash_keys.basic.ip_proto = flkeys->basic.ip_proto;
2077 memset(&hash_keys, 0, sizeof(hash_keys));
2078 hash_keys.control.addr_type = FLOW_DISSECTOR_KEY_IPV6_ADDRS;
2079 hash_keys.addrs.v6addrs.src = fl6->saddr;
2080 hash_keys.addrs.v6addrs.dst = fl6->daddr;
2081 hash_keys.ports.src = fl6->fl6_sport;
2082 hash_keys.ports.dst = fl6->fl6_dport;
2083 hash_keys.basic.ip_proto = fl6->flowi6_proto;
2087 mhash = flow_hash_from_keys(&hash_keys);
2092 void ip6_route_input(struct sk_buff *skb)
2094 const struct ipv6hdr *iph = ipv6_hdr(skb);
2095 struct net *net = dev_net(skb->dev);
2096 int flags = RT6_LOOKUP_F_HAS_SADDR;
2097 struct ip_tunnel_info *tun_info;
2098 struct flowi6 fl6 = {
2099 .flowi6_iif = skb->dev->ifindex,
2100 .daddr = iph->daddr,
2101 .saddr = iph->saddr,
2102 .flowlabel = ip6_flowinfo(iph),
2103 .flowi6_mark = skb->mark,
2104 .flowi6_proto = iph->nexthdr,
2106 struct flow_keys *flkeys = NULL, _flkeys;
2108 tun_info = skb_tunnel_info(skb);
2109 if (tun_info && !(tun_info->mode & IP_TUNNEL_INFO_TX))
2110 fl6.flowi6_tun_key.tun_id = tun_info->key.tun_id;
2112 if (fib6_rules_early_flow_dissect(net, skb, &fl6, &_flkeys))
2115 if (unlikely(fl6.flowi6_proto == IPPROTO_ICMPV6))
2116 fl6.mp_hash = rt6_multipath_hash(net, &fl6, skb, flkeys);
2119 ip6_route_input_lookup(net, skb->dev, &fl6, skb, flags));
2122 static struct rt6_info *ip6_pol_route_output(struct net *net,
2123 struct fib6_table *table,
2125 const struct sk_buff *skb,
2128 return ip6_pol_route(net, table, fl6->flowi6_oif, fl6, skb, flags);
2131 struct dst_entry *ip6_route_output_flags(struct net *net, const struct sock *sk,
2132 struct flowi6 *fl6, int flags)
2136 if (ipv6_addr_type(&fl6->daddr) &
2137 (IPV6_ADDR_MULTICAST | IPV6_ADDR_LINKLOCAL)) {
2138 struct dst_entry *dst;
2140 dst = l3mdev_link_scope_lookup(net, fl6);
2145 fl6->flowi6_iif = LOOPBACK_IFINDEX;
2147 any_src = ipv6_addr_any(&fl6->saddr);
2148 if ((sk && sk->sk_bound_dev_if) || rt6_need_strict(&fl6->daddr) ||
2149 (fl6->flowi6_oif && any_src))
2150 flags |= RT6_LOOKUP_F_IFACE;
2153 flags |= RT6_LOOKUP_F_HAS_SADDR;
2155 flags |= rt6_srcprefs2flags(inet6_sk(sk)->srcprefs);
2157 return fib6_rule_lookup(net, fl6, NULL, flags, ip6_pol_route_output);
2159 EXPORT_SYMBOL_GPL(ip6_route_output_flags);
2161 struct dst_entry *ip6_blackhole_route(struct net *net, struct dst_entry *dst_orig)
2163 struct rt6_info *rt, *ort = (struct rt6_info *) dst_orig;
2164 struct net_device *loopback_dev = net->loopback_dev;
2165 struct dst_entry *new = NULL;
2167 rt = dst_alloc(&ip6_dst_blackhole_ops, loopback_dev, 1,
2168 DST_OBSOLETE_DEAD, 0);
2171 atomic_inc(&net->ipv6.rt6_stats->fib_rt_alloc);
2175 new->input = dst_discard;
2176 new->output = dst_discard_out;
2178 dst_copy_metrics(new, &ort->dst);
2180 rt->rt6i_idev = in6_dev_get(loopback_dev);
2181 rt->rt6i_gateway = ort->rt6i_gateway;
2182 rt->rt6i_flags = ort->rt6i_flags & ~RTF_PCPU;
2184 memcpy(&rt->rt6i_dst, &ort->rt6i_dst, sizeof(struct rt6key));
2185 #ifdef CONFIG_IPV6_SUBTREES
2186 memcpy(&rt->rt6i_src, &ort->rt6i_src, sizeof(struct rt6key));
2190 dst_release(dst_orig);
2191 return new ? new : ERR_PTR(-ENOMEM);
2195 * Destination cache support functions
2198 static bool fib6_check(struct fib6_info *f6i, u32 cookie)
2202 if (!fib6_get_cookie_safe(f6i, &rt_cookie) || rt_cookie != cookie)
2205 if (fib6_check_expired(f6i))
2211 static struct dst_entry *rt6_check(struct rt6_info *rt,
2212 struct fib6_info *from,
2217 if ((from && !fib6_get_cookie_safe(from, &rt_cookie)) ||
2218 rt_cookie != cookie)
2221 if (rt6_check_expired(rt))
2227 static struct dst_entry *rt6_dst_from_check(struct rt6_info *rt,
2228 struct fib6_info *from,
2231 if (!__rt6_check_expired(rt) &&
2232 rt->dst.obsolete == DST_OBSOLETE_FORCE_CHK &&
2233 fib6_check(from, cookie))
2239 static struct dst_entry *ip6_dst_check(struct dst_entry *dst, u32 cookie)
2241 struct dst_entry *dst_ret;
2242 struct fib6_info *from;
2243 struct rt6_info *rt;
2245 rt = container_of(dst, struct rt6_info, dst);
2249 /* All IPV6 dsts are created with ->obsolete set to the value
2250 * DST_OBSOLETE_FORCE_CHK which forces validation calls down
2251 * into this function always.
2254 from = rcu_dereference(rt->from);
2256 if (from && (rt->rt6i_flags & RTF_PCPU ||
2257 unlikely(!list_empty(&rt->rt6i_uncached))))
2258 dst_ret = rt6_dst_from_check(rt, from, cookie);
2260 dst_ret = rt6_check(rt, from, cookie);
2267 static struct dst_entry *ip6_negative_advice(struct dst_entry *dst)
2269 struct rt6_info *rt = (struct rt6_info *) dst;
2272 if (rt->rt6i_flags & RTF_CACHE) {
2274 if (rt6_check_expired(rt)) {
2275 rt6_remove_exception_rt(rt);
2287 static void ip6_link_failure(struct sk_buff *skb)
2289 struct rt6_info *rt;
2291 icmpv6_send(skb, ICMPV6_DEST_UNREACH, ICMPV6_ADDR_UNREACH, 0);
2293 rt = (struct rt6_info *) skb_dst(skb);
2296 if (rt->rt6i_flags & RTF_CACHE) {
2297 rt6_remove_exception_rt(rt);
2299 struct fib6_info *from;
2300 struct fib6_node *fn;
2302 from = rcu_dereference(rt->from);
2304 fn = rcu_dereference(from->fib6_node);
2305 if (fn && (rt->rt6i_flags & RTF_DEFAULT))
2313 static void rt6_update_expires(struct rt6_info *rt0, int timeout)
2315 if (!(rt0->rt6i_flags & RTF_EXPIRES)) {
2316 struct fib6_info *from;
2319 from = rcu_dereference(rt0->from);
2321 rt0->dst.expires = from->expires;
2325 dst_set_expires(&rt0->dst, timeout);
2326 rt0->rt6i_flags |= RTF_EXPIRES;
2329 static void rt6_do_update_pmtu(struct rt6_info *rt, u32 mtu)
2331 struct net *net = dev_net(rt->dst.dev);
2333 dst_metric_set(&rt->dst, RTAX_MTU, mtu);
2334 rt->rt6i_flags |= RTF_MODIFIED;
2335 rt6_update_expires(rt, net->ipv6.sysctl.ip6_rt_mtu_expires);
2338 static bool rt6_cache_allowed_for_pmtu(const struct rt6_info *rt)
2340 return !(rt->rt6i_flags & RTF_CACHE) &&
2341 (rt->rt6i_flags & RTF_PCPU || rcu_access_pointer(rt->from));
2344 static void __ip6_rt_update_pmtu(struct dst_entry *dst, const struct sock *sk,
2345 const struct ipv6hdr *iph, u32 mtu)
2347 const struct in6_addr *daddr, *saddr;
2348 struct rt6_info *rt6 = (struct rt6_info *)dst;
2350 if (dst_metric_locked(dst, RTAX_MTU))
2354 daddr = &iph->daddr;
2355 saddr = &iph->saddr;
2357 daddr = &sk->sk_v6_daddr;
2358 saddr = &inet6_sk(sk)->saddr;
2363 dst_confirm_neigh(dst, daddr);
2364 mtu = max_t(u32, mtu, IPV6_MIN_MTU);
2365 if (mtu >= dst_mtu(dst))
2368 if (!rt6_cache_allowed_for_pmtu(rt6)) {
2369 rt6_do_update_pmtu(rt6, mtu);
2370 /* update rt6_ex->stamp for cache */
2371 if (rt6->rt6i_flags & RTF_CACHE)
2372 rt6_update_exception_stamp_rt(rt6);
2374 struct fib6_result res = {};
2375 struct rt6_info *nrt6;
2378 res.f6i = rcu_dereference(rt6->from);
2383 res.nh = &res.f6i->fib6_nh;
2384 res.fib6_flags = res.f6i->fib6_flags;
2385 res.fib6_type = res.f6i->fib6_type;
2387 nrt6 = ip6_rt_cache_alloc(&res, daddr, saddr);
2389 rt6_do_update_pmtu(nrt6, mtu);
2390 if (rt6_insert_exception(nrt6, &res))
2391 dst_release_immediate(&nrt6->dst);
2397 static void ip6_rt_update_pmtu(struct dst_entry *dst, struct sock *sk,
2398 struct sk_buff *skb, u32 mtu)
2400 __ip6_rt_update_pmtu(dst, sk, skb ? ipv6_hdr(skb) : NULL, mtu);
2403 void ip6_update_pmtu(struct sk_buff *skb, struct net *net, __be32 mtu,
2404 int oif, u32 mark, kuid_t uid)
2406 const struct ipv6hdr *iph = (struct ipv6hdr *) skb->data;
2407 struct dst_entry *dst;
2408 struct flowi6 fl6 = {
2410 .flowi6_mark = mark ? mark : IP6_REPLY_MARK(net, skb->mark),
2411 .daddr = iph->daddr,
2412 .saddr = iph->saddr,
2413 .flowlabel = ip6_flowinfo(iph),
2417 dst = ip6_route_output(net, NULL, &fl6);
2419 __ip6_rt_update_pmtu(dst, NULL, iph, ntohl(mtu));
2422 EXPORT_SYMBOL_GPL(ip6_update_pmtu);
2424 void ip6_sk_update_pmtu(struct sk_buff *skb, struct sock *sk, __be32 mtu)
2426 int oif = sk->sk_bound_dev_if;
2427 struct dst_entry *dst;
2429 if (!oif && skb->dev)
2430 oif = l3mdev_master_ifindex(skb->dev);
2432 ip6_update_pmtu(skb, sock_net(sk), mtu, oif, sk->sk_mark, sk->sk_uid);
2434 dst = __sk_dst_get(sk);
2435 if (!dst || !dst->obsolete ||
2436 dst->ops->check(dst, inet6_sk(sk)->dst_cookie))
2440 if (!sock_owned_by_user(sk) && !ipv6_addr_v4mapped(&sk->sk_v6_daddr))
2441 ip6_datagram_dst_update(sk, false);
2444 EXPORT_SYMBOL_GPL(ip6_sk_update_pmtu);
2446 void ip6_sk_dst_store_flow(struct sock *sk, struct dst_entry *dst,
2447 const struct flowi6 *fl6)
2449 #ifdef CONFIG_IPV6_SUBTREES
2450 struct ipv6_pinfo *np = inet6_sk(sk);
2453 ip6_dst_store(sk, dst,
2454 ipv6_addr_equal(&fl6->daddr, &sk->sk_v6_daddr) ?
2455 &sk->sk_v6_daddr : NULL,
2456 #ifdef CONFIG_IPV6_SUBTREES
2457 ipv6_addr_equal(&fl6->saddr, &np->saddr) ?
2463 static bool ip6_redirect_nh_match(const struct fib6_result *res,
2465 const struct in6_addr *gw,
2466 struct rt6_info **ret)
2468 const struct fib6_nh *nh = res->nh;
2470 if (nh->fib_nh_flags & RTNH_F_DEAD || !nh->fib_nh_gw_family ||
2471 fl6->flowi6_oif != nh->fib_nh_dev->ifindex)
2474 /* rt_cache's gateway might be different from its 'parent'
2475 * in the case of an ip redirect.
2476 * So we keep searching in the exception table if the gateway
2479 if (!ipv6_addr_equal(gw, &nh->fib_nh_gw6)) {
2480 struct rt6_info *rt_cache;
2482 rt_cache = rt6_find_cached_rt(res, &fl6->daddr, &fl6->saddr);
2484 ipv6_addr_equal(gw, &rt_cache->rt6i_gateway)) {
2493 /* Handle redirects */
2494 struct ip6rd_flowi {
2496 struct in6_addr gateway;
2499 static struct rt6_info *__ip6_route_redirect(struct net *net,
2500 struct fib6_table *table,
2502 const struct sk_buff *skb,
2505 struct ip6rd_flowi *rdfl = (struct ip6rd_flowi *)fl6;
2506 struct rt6_info *ret = NULL;
2507 struct fib6_result res = {};
2508 struct fib6_info *rt;
2509 struct fib6_node *fn;
2511 /* l3mdev_update_flow overrides oif if the device is enslaved; in
2512 * this case we must match on the real ingress device, so reset it
2514 if (fl6->flowi6_flags & FLOWI_FLAG_SKIP_NH_OIF)
2515 fl6->flowi6_oif = skb->dev->ifindex;
2517 /* Get the "current" route for this destination and
2518 * check if the redirect has come from appropriate router.
2520 * RFC 4861 specifies that redirects should only be
2521 * accepted if they come from the nexthop to the target.
2522 * Due to the way the routes are chosen, this notion
2523 * is a bit fuzzy and one might need to check all possible
2528 fn = fib6_node_lookup(&table->tb6_root, &fl6->daddr, &fl6->saddr);
2530 for_each_fib6_node_rt_rcu(fn) {
2532 res.nh = &rt->fib6_nh;
2534 if (fib6_check_expired(rt))
2536 if (rt->fib6_flags & RTF_REJECT)
2538 if (ip6_redirect_nh_match(&res, fl6, &rdfl->gateway, &ret))
2543 rt = net->ipv6.fib6_null_entry;
2544 else if (rt->fib6_flags & RTF_REJECT) {
2545 ret = net->ipv6.ip6_null_entry;
2549 if (rt == net->ipv6.fib6_null_entry) {
2550 fn = fib6_backtrack(fn, &fl6->saddr);
2556 res.nh = &rt->fib6_nh;
2559 ip6_hold_safe(net, &ret);
2561 res.fib6_flags = res.f6i->fib6_flags;
2562 res.fib6_type = res.f6i->fib6_type;
2563 ret = ip6_create_rt_rcu(&res);
2568 trace_fib6_table_lookup(net, &res, table, fl6);
2572 static struct dst_entry *ip6_route_redirect(struct net *net,
2573 const struct flowi6 *fl6,
2574 const struct sk_buff *skb,
2575 const struct in6_addr *gateway)
2577 int flags = RT6_LOOKUP_F_HAS_SADDR;
2578 struct ip6rd_flowi rdfl;
2581 rdfl.gateway = *gateway;
2583 return fib6_rule_lookup(net, &rdfl.fl6, skb,
2584 flags, __ip6_route_redirect);
2587 void ip6_redirect(struct sk_buff *skb, struct net *net, int oif, u32 mark,
2590 const struct ipv6hdr *iph = (struct ipv6hdr *) skb->data;
2591 struct dst_entry *dst;
2592 struct flowi6 fl6 = {
2593 .flowi6_iif = LOOPBACK_IFINDEX,
2595 .flowi6_mark = mark,
2596 .daddr = iph->daddr,
2597 .saddr = iph->saddr,
2598 .flowlabel = ip6_flowinfo(iph),
2602 dst = ip6_route_redirect(net, &fl6, skb, &ipv6_hdr(skb)->saddr);
2603 rt6_do_redirect(dst, NULL, skb);
2606 EXPORT_SYMBOL_GPL(ip6_redirect);
2608 void ip6_redirect_no_header(struct sk_buff *skb, struct net *net, int oif)
2610 const struct ipv6hdr *iph = ipv6_hdr(skb);
2611 const struct rd_msg *msg = (struct rd_msg *)icmp6_hdr(skb);
2612 struct dst_entry *dst;
2613 struct flowi6 fl6 = {
2614 .flowi6_iif = LOOPBACK_IFINDEX,
2617 .saddr = iph->daddr,
2618 .flowi6_uid = sock_net_uid(net, NULL),
2621 dst = ip6_route_redirect(net, &fl6, skb, &iph->saddr);
2622 rt6_do_redirect(dst, NULL, skb);
2626 void ip6_sk_redirect(struct sk_buff *skb, struct sock *sk)
2628 ip6_redirect(skb, sock_net(sk), sk->sk_bound_dev_if, sk->sk_mark,
2631 EXPORT_SYMBOL_GPL(ip6_sk_redirect);
2633 static unsigned int ip6_default_advmss(const struct dst_entry *dst)
2635 struct net_device *dev = dst->dev;
2636 unsigned int mtu = dst_mtu(dst);
2637 struct net *net = dev_net(dev);
2639 mtu -= sizeof(struct ipv6hdr) + sizeof(struct tcphdr);
2641 if (mtu < net->ipv6.sysctl.ip6_rt_min_advmss)
2642 mtu = net->ipv6.sysctl.ip6_rt_min_advmss;
2645 * Maximal non-jumbo IPv6 payload is IPV6_MAXPLEN and
2646 * corresponding MSS is IPV6_MAXPLEN - tcp_header_size.
2647 * IPV6_MAXPLEN is also valid and means: "any MSS,
2648 * rely only on pmtu discovery"
2650 if (mtu > IPV6_MAXPLEN - sizeof(struct tcphdr))
2655 static unsigned int ip6_mtu(const struct dst_entry *dst)
2657 struct inet6_dev *idev;
2660 mtu = dst_metric_raw(dst, RTAX_MTU);
2667 idev = __in6_dev_get(dst->dev);
2669 mtu = idev->cnf.mtu6;
2673 mtu = min_t(unsigned int, mtu, IP6_MAX_MTU);
2675 return mtu - lwtunnel_headroom(dst->lwtstate, mtu);
2679 * 1. mtu on route is locked - use it
2680 * 2. mtu from nexthop exception
2681 * 3. mtu from egress device
2683 * based on ip6_dst_mtu_forward and exception logic of
2684 * rt6_find_cached_rt; called with rcu_read_lock
2686 u32 ip6_mtu_from_fib6(const struct fib6_result *res,
2687 const struct in6_addr *daddr,
2688 const struct in6_addr *saddr)
2690 const struct fib6_nh *nh = res->nh;
2691 struct fib6_info *f6i = res->f6i;
2692 struct inet6_dev *idev;
2693 struct rt6_info *rt;
2696 if (unlikely(fib6_metric_locked(f6i, RTAX_MTU))) {
2697 mtu = f6i->fib6_pmtu;
2702 rt = rt6_find_cached_rt(res, daddr, saddr);
2704 mtu = dst_metric_raw(&rt->dst, RTAX_MTU);
2706 struct net_device *dev = nh->fib_nh_dev;
2709 idev = __in6_dev_get(dev);
2710 if (idev && idev->cnf.mtu6 > mtu)
2711 mtu = idev->cnf.mtu6;
2714 mtu = min_t(unsigned int, mtu, IP6_MAX_MTU);
2716 return mtu - lwtunnel_headroom(nh->fib_nh_lws, mtu);
2719 struct dst_entry *icmp6_dst_alloc(struct net_device *dev,
2722 struct dst_entry *dst;
2723 struct rt6_info *rt;
2724 struct inet6_dev *idev = in6_dev_get(dev);
2725 struct net *net = dev_net(dev);
2727 if (unlikely(!idev))
2728 return ERR_PTR(-ENODEV);
2730 rt = ip6_dst_alloc(net, dev, 0);
2731 if (unlikely(!rt)) {
2733 dst = ERR_PTR(-ENOMEM);
2737 rt->dst.flags |= DST_HOST;
2738 rt->dst.input = ip6_input;
2739 rt->dst.output = ip6_output;
2740 rt->rt6i_gateway = fl6->daddr;
2741 rt->rt6i_dst.addr = fl6->daddr;
2742 rt->rt6i_dst.plen = 128;
2743 rt->rt6i_idev = idev;
2744 dst_metric_set(&rt->dst, RTAX_HOPLIMIT, 0);
2746 /* Add this dst into uncached_list so that rt6_disable_ip() can
2747 * do proper release of the net_device
2749 rt6_uncached_list_add(rt);
2750 atomic_inc(&net->ipv6.rt6_stats->fib_rt_uncache);
2752 dst = xfrm_lookup(net, &rt->dst, flowi6_to_flowi(fl6), NULL, 0);
2758 static int ip6_dst_gc(struct dst_ops *ops)
2760 struct net *net = container_of(ops, struct net, ipv6.ip6_dst_ops);
2761 int rt_min_interval = net->ipv6.sysctl.ip6_rt_gc_min_interval;
2762 int rt_max_size = net->ipv6.sysctl.ip6_rt_max_size;
2763 int rt_elasticity = net->ipv6.sysctl.ip6_rt_gc_elasticity;
2764 int rt_gc_timeout = net->ipv6.sysctl.ip6_rt_gc_timeout;
2765 unsigned long rt_last_gc = net->ipv6.ip6_rt_last_gc;
2768 entries = dst_entries_get_fast(ops);
2769 if (time_after(rt_last_gc + rt_min_interval, jiffies) &&
2770 entries <= rt_max_size)
2773 net->ipv6.ip6_rt_gc_expire++;
2774 fib6_run_gc(net->ipv6.ip6_rt_gc_expire, net, true);
2775 entries = dst_entries_get_slow(ops);
2776 if (entries < ops->gc_thresh)
2777 net->ipv6.ip6_rt_gc_expire = rt_gc_timeout>>1;
2779 net->ipv6.ip6_rt_gc_expire -= net->ipv6.ip6_rt_gc_expire>>rt_elasticity;
2780 return entries > rt_max_size;
2783 static struct rt6_info *ip6_nh_lookup_table(struct net *net,
2784 struct fib6_config *cfg,
2785 const struct in6_addr *gw_addr,
2786 u32 tbid, int flags)
2788 struct flowi6 fl6 = {
2789 .flowi6_oif = cfg->fc_ifindex,
2791 .saddr = cfg->fc_prefsrc,
2793 struct fib6_table *table;
2794 struct rt6_info *rt;
2796 table = fib6_get_table(net, tbid);
2800 if (!ipv6_addr_any(&cfg->fc_prefsrc))
2801 flags |= RT6_LOOKUP_F_HAS_SADDR;
2803 flags |= RT6_LOOKUP_F_IGNORE_LINKSTATE;
2804 rt = ip6_pol_route(net, table, cfg->fc_ifindex, &fl6, NULL, flags);
2806 /* if table lookup failed, fall back to full lookup */
2807 if (rt == net->ipv6.ip6_null_entry) {
2815 static int ip6_route_check_nh_onlink(struct net *net,
2816 struct fib6_config *cfg,
2817 const struct net_device *dev,
2818 struct netlink_ext_ack *extack)
2820 u32 tbid = l3mdev_fib_table(dev) ? : RT_TABLE_MAIN;
2821 const struct in6_addr *gw_addr = &cfg->fc_gateway;
2822 u32 flags = RTF_LOCAL | RTF_ANYCAST | RTF_REJECT;
2823 struct fib6_info *from;
2824 struct rt6_info *grt;
2828 grt = ip6_nh_lookup_table(net, cfg, gw_addr, tbid, 0);
2831 from = rcu_dereference(grt->from);
2832 if (!grt->dst.error &&
2833 /* ignore match if it is the default route */
2834 from && !ipv6_addr_any(&from->fib6_dst.addr) &&
2835 (grt->rt6i_flags & flags || dev != grt->dst.dev)) {
2836 NL_SET_ERR_MSG(extack,
2837 "Nexthop has invalid gateway or device mismatch");
2848 static int ip6_route_check_nh(struct net *net,
2849 struct fib6_config *cfg,
2850 struct net_device **_dev,
2851 struct inet6_dev **idev)
2853 const struct in6_addr *gw_addr = &cfg->fc_gateway;
2854 struct net_device *dev = _dev ? *_dev : NULL;
2855 struct rt6_info *grt = NULL;
2856 int err = -EHOSTUNREACH;
2858 if (cfg->fc_table) {
2859 int flags = RT6_LOOKUP_F_IFACE;
2861 grt = ip6_nh_lookup_table(net, cfg, gw_addr,
2862 cfg->fc_table, flags);
2864 if (grt->rt6i_flags & RTF_GATEWAY ||
2865 (dev && dev != grt->dst.dev)) {
2873 grt = rt6_lookup(net, gw_addr, NULL, cfg->fc_ifindex, NULL, 1);
2879 if (dev != grt->dst.dev) {
2884 *_dev = dev = grt->dst.dev;
2885 *idev = grt->rt6i_idev;
2887 in6_dev_hold(grt->rt6i_idev);
2890 if (!(grt->rt6i_flags & RTF_GATEWAY))
2899 static int ip6_validate_gw(struct net *net, struct fib6_config *cfg,
2900 struct net_device **_dev, struct inet6_dev **idev,
2901 struct netlink_ext_ack *extack)
2903 const struct in6_addr *gw_addr = &cfg->fc_gateway;
2904 int gwa_type = ipv6_addr_type(gw_addr);
2905 bool skip_dev = gwa_type & IPV6_ADDR_LINKLOCAL ? false : true;
2906 const struct net_device *dev = *_dev;
2907 bool need_addr_check = !dev;
2910 /* if gw_addr is local we will fail to detect this in case
2911 * address is still TENTATIVE (DAD in progress). rt6_lookup()
2912 * will return already-added prefix route via interface that
2913 * prefix route was assigned to, which might be non-loopback.
2916 ipv6_chk_addr_and_flags(net, gw_addr, dev, skip_dev, 0, 0)) {
2917 NL_SET_ERR_MSG(extack, "Gateway can not be a local address");
2921 if (gwa_type != (IPV6_ADDR_LINKLOCAL | IPV6_ADDR_UNICAST)) {
2922 /* IPv6 strictly inhibits using not link-local
2923 * addresses as nexthop address.
2924 * Otherwise, router will not able to send redirects.
2925 * It is very good, but in some (rare!) circumstances
2926 * (SIT, PtP, NBMA NOARP links) it is handy to allow
2927 * some exceptions. --ANK
2928 * We allow IPv4-mapped nexthops to support RFC4798-type
2931 if (!(gwa_type & (IPV6_ADDR_UNICAST | IPV6_ADDR_MAPPED))) {
2932 NL_SET_ERR_MSG(extack, "Invalid gateway address");
2936 if (cfg->fc_flags & RTNH_F_ONLINK)
2937 err = ip6_route_check_nh_onlink(net, cfg, dev, extack);
2939 err = ip6_route_check_nh(net, cfg, _dev, idev);
2945 /* reload in case device was changed */
2950 NL_SET_ERR_MSG(extack, "Egress device not specified");
2952 } else if (dev->flags & IFF_LOOPBACK) {
2953 NL_SET_ERR_MSG(extack,
2954 "Egress device can not be loopback device for this route");
2958 /* if we did not check gw_addr above, do so now that the
2959 * egress device has been resolved.
2961 if (need_addr_check &&
2962 ipv6_chk_addr_and_flags(net, gw_addr, dev, skip_dev, 0, 0)) {
2963 NL_SET_ERR_MSG(extack, "Gateway can not be a local address");
2972 static bool fib6_is_reject(u32 flags, struct net_device *dev, int addr_type)
2974 if ((flags & RTF_REJECT) ||
2975 (dev && (dev->flags & IFF_LOOPBACK) &&
2976 !(addr_type & IPV6_ADDR_LOOPBACK) &&
2977 !(flags & RTF_LOCAL)))
2983 int fib6_nh_init(struct net *net, struct fib6_nh *fib6_nh,
2984 struct fib6_config *cfg, gfp_t gfp_flags,
2985 struct netlink_ext_ack *extack)
2987 struct net_device *dev = NULL;
2988 struct inet6_dev *idev = NULL;
2992 fib6_nh->fib_nh_family = AF_INET6;
2995 if (cfg->fc_ifindex) {
2996 dev = dev_get_by_index(net, cfg->fc_ifindex);
2999 idev = in6_dev_get(dev);
3004 if (cfg->fc_flags & RTNH_F_ONLINK) {
3006 NL_SET_ERR_MSG(extack,
3007 "Nexthop device required for onlink");
3011 if (!(dev->flags & IFF_UP)) {
3012 NL_SET_ERR_MSG(extack, "Nexthop device is not up");
3017 fib6_nh->fib_nh_flags |= RTNH_F_ONLINK;
3020 fib6_nh->fib_nh_weight = 1;
3022 /* We cannot add true routes via loopback here,
3023 * they would result in kernel looping; promote them to reject routes
3025 addr_type = ipv6_addr_type(&cfg->fc_dst);
3026 if (fib6_is_reject(cfg->fc_flags, dev, addr_type)) {
3027 /* hold loopback dev/idev if we haven't done so. */
3028 if (dev != net->loopback_dev) {
3033 dev = net->loopback_dev;
3035 idev = in6_dev_get(dev);
3044 if (cfg->fc_flags & RTF_GATEWAY) {
3045 err = ip6_validate_gw(net, cfg, &dev, &idev, extack);
3049 fib6_nh->fib_nh_gw6 = cfg->fc_gateway;
3050 fib6_nh->fib_nh_gw_family = AF_INET6;
3057 if (idev->cnf.disable_ipv6) {
3058 NL_SET_ERR_MSG(extack, "IPv6 is disabled on nexthop device");
3063 if (!(dev->flags & IFF_UP) && !cfg->fc_ignore_dev_down) {
3064 NL_SET_ERR_MSG(extack, "Nexthop device is not up");
3069 if (!(cfg->fc_flags & (RTF_LOCAL | RTF_ANYCAST)) &&
3070 !netif_carrier_ok(dev))
3071 fib6_nh->fib_nh_flags |= RTNH_F_LINKDOWN;
3073 err = fib_nh_common_init(&fib6_nh->nh_common, cfg->fc_encap,
3074 cfg->fc_encap_type, cfg, gfp_flags, extack);
3078 fib6_nh->fib_nh_dev = dev;
3079 fib6_nh->fib_nh_oif = dev->ifindex;
3086 lwtstate_put(fib6_nh->fib_nh_lws);
3087 fib6_nh->fib_nh_lws = NULL;
3095 void fib6_nh_release(struct fib6_nh *fib6_nh)
3097 fib_nh_common_release(&fib6_nh->nh_common);
3100 static struct fib6_info *ip6_route_info_create(struct fib6_config *cfg,
3102 struct netlink_ext_ack *extack)
3104 struct net *net = cfg->fc_nlinfo.nl_net;
3105 struct fib6_info *rt = NULL;
3106 struct fib6_table *table;
3110 /* RTF_PCPU is an internal flag; can not be set by userspace */
3111 if (cfg->fc_flags & RTF_PCPU) {
3112 NL_SET_ERR_MSG(extack, "Userspace can not set RTF_PCPU");
3116 /* RTF_CACHE is an internal flag; can not be set by userspace */
3117 if (cfg->fc_flags & RTF_CACHE) {
3118 NL_SET_ERR_MSG(extack, "Userspace can not set RTF_CACHE");
3122 if (cfg->fc_type > RTN_MAX) {
3123 NL_SET_ERR_MSG(extack, "Invalid route type");
3127 if (cfg->fc_dst_len > 128) {
3128 NL_SET_ERR_MSG(extack, "Invalid prefix length");
3131 if (cfg->fc_src_len > 128) {
3132 NL_SET_ERR_MSG(extack, "Invalid source address length");
3135 #ifndef CONFIG_IPV6_SUBTREES
3136 if (cfg->fc_src_len) {
3137 NL_SET_ERR_MSG(extack,
3138 "Specifying source address requires IPV6_SUBTREES to be enabled");
3144 if (cfg->fc_nlinfo.nlh &&
3145 !(cfg->fc_nlinfo.nlh->nlmsg_flags & NLM_F_CREATE)) {
3146 table = fib6_get_table(net, cfg->fc_table);
3148 pr_warn("NLM_F_CREATE should be specified when creating new route\n");
3149 table = fib6_new_table(net, cfg->fc_table);
3152 table = fib6_new_table(net, cfg->fc_table);
3159 rt = fib6_info_alloc(gfp_flags);
3163 rt->fib6_metrics = ip_fib_metrics_init(net, cfg->fc_mx, cfg->fc_mx_len,
3165 if (IS_ERR(rt->fib6_metrics)) {
3166 err = PTR_ERR(rt->fib6_metrics);
3167 /* Do not leave garbage there. */
3168 rt->fib6_metrics = (struct dst_metrics *)&dst_default_metrics;
3172 if (cfg->fc_flags & RTF_ADDRCONF)
3173 rt->dst_nocount = true;
3175 if (cfg->fc_flags & RTF_EXPIRES)
3176 fib6_set_expires(rt, jiffies +
3177 clock_t_to_jiffies(cfg->fc_expires));
3179 fib6_clean_expires(rt);
3181 if (cfg->fc_protocol == RTPROT_UNSPEC)
3182 cfg->fc_protocol = RTPROT_BOOT;
3183 rt->fib6_protocol = cfg->fc_protocol;
3185 rt->fib6_table = table;
3186 rt->fib6_metric = cfg->fc_metric;
3187 rt->fib6_type = cfg->fc_type;
3188 rt->fib6_flags = cfg->fc_flags & ~RTF_GATEWAY;
3190 ipv6_addr_prefix(&rt->fib6_dst.addr, &cfg->fc_dst, cfg->fc_dst_len);
3191 rt->fib6_dst.plen = cfg->fc_dst_len;
3192 if (rt->fib6_dst.plen == 128)
3193 rt->dst_host = true;
3195 #ifdef CONFIG_IPV6_SUBTREES
3196 ipv6_addr_prefix(&rt->fib6_src.addr, &cfg->fc_src, cfg->fc_src_len);
3197 rt->fib6_src.plen = cfg->fc_src_len;
3199 err = fib6_nh_init(net, &rt->fib6_nh, cfg, gfp_flags, extack);
3203 /* We cannot add true routes via loopback here,
3204 * they would result in kernel looping; promote them to reject routes
3206 addr_type = ipv6_addr_type(&cfg->fc_dst);
3207 if (fib6_is_reject(cfg->fc_flags, rt->fib6_nh.fib_nh_dev, addr_type))
3208 rt->fib6_flags = RTF_REJECT | RTF_NONEXTHOP;
3210 if (!ipv6_addr_any(&cfg->fc_prefsrc)) {
3211 struct net_device *dev = fib6_info_nh_dev(rt);
3213 if (!ipv6_chk_addr(net, &cfg->fc_prefsrc, dev, 0)) {
3214 NL_SET_ERR_MSG(extack, "Invalid source address");
3218 rt->fib6_prefsrc.addr = cfg->fc_prefsrc;
3219 rt->fib6_prefsrc.plen = 128;
3221 rt->fib6_prefsrc.plen = 0;
3225 fib6_info_release(rt);
3226 return ERR_PTR(err);
3229 int ip6_route_add(struct fib6_config *cfg, gfp_t gfp_flags,
3230 struct netlink_ext_ack *extack)
3232 struct fib6_info *rt;
3235 rt = ip6_route_info_create(cfg, gfp_flags, extack);
3239 err = __ip6_ins_rt(rt, &cfg->fc_nlinfo, extack);
3240 fib6_info_release(rt);
3245 static int __ip6_del_rt(struct fib6_info *rt, struct nl_info *info)
3247 struct net *net = info->nl_net;
3248 struct fib6_table *table;
3251 if (rt == net->ipv6.fib6_null_entry) {
3256 table = rt->fib6_table;
3257 spin_lock_bh(&table->tb6_lock);
3258 err = fib6_del(rt, info);
3259 spin_unlock_bh(&table->tb6_lock);
3262 fib6_info_release(rt);
3266 int ip6_del_rt(struct net *net, struct fib6_info *rt)
3268 struct nl_info info = { .nl_net = net };
3270 return __ip6_del_rt(rt, &info);
3273 static int __ip6_del_rt_siblings(struct fib6_info *rt, struct fib6_config *cfg)
3275 struct nl_info *info = &cfg->fc_nlinfo;
3276 struct net *net = info->nl_net;
3277 struct sk_buff *skb = NULL;
3278 struct fib6_table *table;
3281 if (rt == net->ipv6.fib6_null_entry)
3283 table = rt->fib6_table;
3284 spin_lock_bh(&table->tb6_lock);
3286 if (rt->fib6_nsiblings && cfg->fc_delete_all_nh) {
3287 struct fib6_info *sibling, *next_sibling;
3289 /* prefer to send a single notification with all hops */
3290 skb = nlmsg_new(rt6_nlmsg_size(rt), gfp_any());
3292 u32 seq = info->nlh ? info->nlh->nlmsg_seq : 0;
3294 if (rt6_fill_node(net, skb, rt, NULL,
3295 NULL, NULL, 0, RTM_DELROUTE,
3296 info->portid, seq, 0) < 0) {
3300 info->skip_notify = 1;
3303 list_for_each_entry_safe(sibling, next_sibling,
3306 err = fib6_del(sibling, info);
3312 err = fib6_del(rt, info);
3314 spin_unlock_bh(&table->tb6_lock);
3316 fib6_info_release(rt);
3319 rtnl_notify(skb, net, info->portid, RTNLGRP_IPV6_ROUTE,
3320 info->nlh, gfp_any());
3325 static int ip6_del_cached_rt(struct rt6_info *rt, struct fib6_config *cfg)
3329 if (cfg->fc_ifindex && rt->dst.dev->ifindex != cfg->fc_ifindex)
3332 if (cfg->fc_flags & RTF_GATEWAY &&
3333 !ipv6_addr_equal(&cfg->fc_gateway, &rt->rt6i_gateway))
3336 rc = rt6_remove_exception_rt(rt);
3341 static int ip6_route_del(struct fib6_config *cfg,
3342 struct netlink_ext_ack *extack)
3344 struct rt6_info *rt_cache;
3345 struct fib6_table *table;
3346 struct fib6_info *rt;
3347 struct fib6_node *fn;
3350 table = fib6_get_table(cfg->fc_nlinfo.nl_net, cfg->fc_table);
3352 NL_SET_ERR_MSG(extack, "FIB table does not exist");
3358 fn = fib6_locate(&table->tb6_root,
3359 &cfg->fc_dst, cfg->fc_dst_len,
3360 &cfg->fc_src, cfg->fc_src_len,
3361 !(cfg->fc_flags & RTF_CACHE));
3364 for_each_fib6_node_rt_rcu(fn) {
3367 if (cfg->fc_flags & RTF_CACHE) {
3368 struct fib6_result res = {
3373 rt_cache = rt6_find_cached_rt(&res,
3377 rc = ip6_del_cached_rt(rt_cache, cfg);
3387 if (cfg->fc_ifindex &&
3389 nh->fib_nh_dev->ifindex != cfg->fc_ifindex))
3391 if (cfg->fc_flags & RTF_GATEWAY &&
3392 !ipv6_addr_equal(&cfg->fc_gateway, &nh->fib_nh_gw6))
3394 if (cfg->fc_metric && cfg->fc_metric != rt->fib6_metric)
3396 if (cfg->fc_protocol && cfg->fc_protocol != rt->fib6_protocol)
3398 if (!fib6_info_hold_safe(rt))
3402 /* if gateway was specified only delete the one hop */
3403 if (cfg->fc_flags & RTF_GATEWAY)
3404 return __ip6_del_rt(rt, &cfg->fc_nlinfo);
3406 return __ip6_del_rt_siblings(rt, cfg);
3414 static void rt6_do_redirect(struct dst_entry *dst, struct sock *sk, struct sk_buff *skb)
3416 struct netevent_redirect netevent;
3417 struct rt6_info *rt, *nrt = NULL;
3418 struct fib6_result res = {};
3419 struct ndisc_options ndopts;
3420 struct inet6_dev *in6_dev;
3421 struct neighbour *neigh;
3423 int optlen, on_link;
3426 optlen = skb_tail_pointer(skb) - skb_transport_header(skb);
3427 optlen -= sizeof(*msg);
3430 net_dbg_ratelimited("rt6_do_redirect: packet too short\n");
3434 msg = (struct rd_msg *)icmp6_hdr(skb);
3436 if (ipv6_addr_is_multicast(&msg->dest)) {
3437 net_dbg_ratelimited("rt6_do_redirect: destination address is multicast\n");
3442 if (ipv6_addr_equal(&msg->dest, &msg->target)) {
3444 } else if (ipv6_addr_type(&msg->target) !=
3445 (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
3446 net_dbg_ratelimited("rt6_do_redirect: target address is not link-local unicast\n");
3450 in6_dev = __in6_dev_get(skb->dev);
3453 if (in6_dev->cnf.forwarding || !in6_dev->cnf.accept_redirects)
3457 * The IP source address of the Redirect MUST be the same as the current
3458 * first-hop router for the specified ICMP Destination Address.
3461 if (!ndisc_parse_options(skb->dev, msg->opt, optlen, &ndopts)) {
3462 net_dbg_ratelimited("rt6_redirect: invalid ND options\n");
3467 if (ndopts.nd_opts_tgt_lladdr) {
3468 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr,
3471 net_dbg_ratelimited("rt6_redirect: invalid link-layer address length\n");
3476 rt = (struct rt6_info *) dst;
3477 if (rt->rt6i_flags & RTF_REJECT) {
3478 net_dbg_ratelimited("rt6_redirect: source isn't a valid nexthop for redirect target\n");
3482 /* Redirect received -> path was valid.
3483 * Look, redirects are sent only in response to data packets,
3484 * so that this nexthop apparently is reachable. --ANK
3486 dst_confirm_neigh(&rt->dst, &ipv6_hdr(skb)->saddr);
3488 neigh = __neigh_lookup(&nd_tbl, &msg->target, skb->dev, 1);
3493 * We have finally decided to accept it.
3496 ndisc_update(skb->dev, neigh, lladdr, NUD_STALE,
3497 NEIGH_UPDATE_F_WEAK_OVERRIDE|
3498 NEIGH_UPDATE_F_OVERRIDE|
3499 (on_link ? 0 : (NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
3500 NEIGH_UPDATE_F_ISROUTER)),
3501 NDISC_REDIRECT, &ndopts);
3504 res.f6i = rcu_dereference(rt->from);
3508 res.nh = &res.f6i->fib6_nh;
3509 res.fib6_flags = res.f6i->fib6_flags;
3510 res.fib6_type = res.f6i->fib6_type;
3511 nrt = ip6_rt_cache_alloc(&res, &msg->dest, NULL);
3515 nrt->rt6i_flags = RTF_GATEWAY|RTF_UP|RTF_DYNAMIC|RTF_CACHE;
3517 nrt->rt6i_flags &= ~RTF_GATEWAY;
3519 nrt->rt6i_gateway = *(struct in6_addr *)neigh->primary_key;
3521 /* rt6_insert_exception() will take care of duplicated exceptions */
3522 if (rt6_insert_exception(nrt, &res)) {
3523 dst_release_immediate(&nrt->dst);
3527 netevent.old = &rt->dst;
3528 netevent.new = &nrt->dst;
3529 netevent.daddr = &msg->dest;
3530 netevent.neigh = neigh;
3531 call_netevent_notifiers(NETEVENT_REDIRECT, &netevent);
3535 neigh_release(neigh);
3538 #ifdef CONFIG_IPV6_ROUTE_INFO
3539 static struct fib6_info *rt6_get_route_info(struct net *net,
3540 const struct in6_addr *prefix, int prefixlen,
3541 const struct in6_addr *gwaddr,
3542 struct net_device *dev)
3544 u32 tb_id = l3mdev_fib_table(dev) ? : RT6_TABLE_INFO;
3545 int ifindex = dev->ifindex;
3546 struct fib6_node *fn;
3547 struct fib6_info *rt = NULL;
3548 struct fib6_table *table;
3550 table = fib6_get_table(net, tb_id);
3555 fn = fib6_locate(&table->tb6_root, prefix, prefixlen, NULL, 0, true);
3559 for_each_fib6_node_rt_rcu(fn) {
3560 if (rt->fib6_nh.fib_nh_dev->ifindex != ifindex)
3562 if (!(rt->fib6_flags & RTF_ROUTEINFO) ||
3563 !rt->fib6_nh.fib_nh_gw_family)
3565 if (!ipv6_addr_equal(&rt->fib6_nh.fib_nh_gw6, gwaddr))
3567 if (!fib6_info_hold_safe(rt))
3576 static struct fib6_info *rt6_add_route_info(struct net *net,
3577 const struct in6_addr *prefix, int prefixlen,
3578 const struct in6_addr *gwaddr,
3579 struct net_device *dev,
3582 struct fib6_config cfg = {
3583 .fc_metric = IP6_RT_PRIO_USER,
3584 .fc_ifindex = dev->ifindex,
3585 .fc_dst_len = prefixlen,
3586 .fc_flags = RTF_GATEWAY | RTF_ADDRCONF | RTF_ROUTEINFO |
3587 RTF_UP | RTF_PREF(pref),
3588 .fc_protocol = RTPROT_RA,
3589 .fc_type = RTN_UNICAST,
3590 .fc_nlinfo.portid = 0,
3591 .fc_nlinfo.nlh = NULL,
3592 .fc_nlinfo.nl_net = net,
3595 cfg.fc_table = l3mdev_fib_table(dev) ? : RT6_TABLE_INFO,
3596 cfg.fc_dst = *prefix;
3597 cfg.fc_gateway = *gwaddr;
3599 /* We should treat it as a default route if prefix length is 0. */
3601 cfg.fc_flags |= RTF_DEFAULT;
3603 ip6_route_add(&cfg, GFP_ATOMIC, NULL);
3605 return rt6_get_route_info(net, prefix, prefixlen, gwaddr, dev);
3609 struct fib6_info *rt6_get_dflt_router(struct net *net,
3610 const struct in6_addr *addr,
3611 struct net_device *dev)
3613 u32 tb_id = l3mdev_fib_table(dev) ? : RT6_TABLE_DFLT;
3614 struct fib6_info *rt;
3615 struct fib6_table *table;
3617 table = fib6_get_table(net, tb_id);
3622 for_each_fib6_node_rt_rcu(&table->tb6_root) {
3623 struct fib6_nh *nh = &rt->fib6_nh;
3625 if (dev == nh->fib_nh_dev &&
3626 ((rt->fib6_flags & (RTF_ADDRCONF | RTF_DEFAULT)) == (RTF_ADDRCONF | RTF_DEFAULT)) &&
3627 ipv6_addr_equal(&nh->fib_nh_gw6, addr))
3630 if (rt && !fib6_info_hold_safe(rt))
3636 struct fib6_info *rt6_add_dflt_router(struct net *net,
3637 const struct in6_addr *gwaddr,
3638 struct net_device *dev,
3641 struct fib6_config cfg = {
3642 .fc_table = l3mdev_fib_table(dev) ? : RT6_TABLE_DFLT,
3643 .fc_metric = IP6_RT_PRIO_USER,
3644 .fc_ifindex = dev->ifindex,
3645 .fc_flags = RTF_GATEWAY | RTF_ADDRCONF | RTF_DEFAULT |
3646 RTF_UP | RTF_EXPIRES | RTF_PREF(pref),
3647 .fc_protocol = RTPROT_RA,
3648 .fc_type = RTN_UNICAST,
3649 .fc_nlinfo.portid = 0,
3650 .fc_nlinfo.nlh = NULL,
3651 .fc_nlinfo.nl_net = net,
3654 cfg.fc_gateway = *gwaddr;
3656 if (!ip6_route_add(&cfg, GFP_ATOMIC, NULL)) {
3657 struct fib6_table *table;
3659 table = fib6_get_table(dev_net(dev), cfg.fc_table);
3661 table->flags |= RT6_TABLE_HAS_DFLT_ROUTER;
3664 return rt6_get_dflt_router(net, gwaddr, dev);
3667 static void __rt6_purge_dflt_routers(struct net *net,
3668 struct fib6_table *table)
3670 struct fib6_info *rt;
3674 for_each_fib6_node_rt_rcu(&table->tb6_root) {
3675 struct net_device *dev = fib6_info_nh_dev(rt);
3676 struct inet6_dev *idev = dev ? __in6_dev_get(dev) : NULL;
3678 if (rt->fib6_flags & (RTF_DEFAULT | RTF_ADDRCONF) &&
3679 (!idev || idev->cnf.accept_ra != 2) &&
3680 fib6_info_hold_safe(rt)) {
3682 ip6_del_rt(net, rt);
3688 table->flags &= ~RT6_TABLE_HAS_DFLT_ROUTER;
3691 void rt6_purge_dflt_routers(struct net *net)
3693 struct fib6_table *table;
3694 struct hlist_head *head;
3699 for (h = 0; h < FIB6_TABLE_HASHSZ; h++) {
3700 head = &net->ipv6.fib_table_hash[h];
3701 hlist_for_each_entry_rcu(table, head, tb6_hlist) {
3702 if (table->flags & RT6_TABLE_HAS_DFLT_ROUTER)
3703 __rt6_purge_dflt_routers(net, table);
3710 static void rtmsg_to_fib6_config(struct net *net,
3711 struct in6_rtmsg *rtmsg,
3712 struct fib6_config *cfg)
3714 *cfg = (struct fib6_config){
3715 .fc_table = l3mdev_fib_table_by_index(net, rtmsg->rtmsg_ifindex) ?
3717 .fc_ifindex = rtmsg->rtmsg_ifindex,
3718 .fc_metric = rtmsg->rtmsg_metric ? : IP6_RT_PRIO_USER,
3719 .fc_expires = rtmsg->rtmsg_info,
3720 .fc_dst_len = rtmsg->rtmsg_dst_len,
3721 .fc_src_len = rtmsg->rtmsg_src_len,
3722 .fc_flags = rtmsg->rtmsg_flags,
3723 .fc_type = rtmsg->rtmsg_type,
3725 .fc_nlinfo.nl_net = net,
3727 .fc_dst = rtmsg->rtmsg_dst,
3728 .fc_src = rtmsg->rtmsg_src,
3729 .fc_gateway = rtmsg->rtmsg_gateway,
3733 int ipv6_route_ioctl(struct net *net, unsigned int cmd, void __user *arg)
3735 struct fib6_config cfg;
3736 struct in6_rtmsg rtmsg;
3740 case SIOCADDRT: /* Add a route */
3741 case SIOCDELRT: /* Delete a route */
3742 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
3744 err = copy_from_user(&rtmsg, arg,
3745 sizeof(struct in6_rtmsg));
3749 rtmsg_to_fib6_config(net, &rtmsg, &cfg);
3754 err = ip6_route_add(&cfg, GFP_KERNEL, NULL);
3757 err = ip6_route_del(&cfg, NULL);
3771 * Drop the packet on the floor
3774 static int ip6_pkt_drop(struct sk_buff *skb, u8 code, int ipstats_mib_noroutes)
3776 struct dst_entry *dst = skb_dst(skb);
3777 struct net *net = dev_net(dst->dev);
3778 struct inet6_dev *idev;
3781 if (netif_is_l3_master(skb->dev) &&
3782 dst->dev == net->loopback_dev)
3783 idev = __in6_dev_get_safely(dev_get_by_index_rcu(net, IP6CB(skb)->iif));
3785 idev = ip6_dst_idev(dst);
3787 switch (ipstats_mib_noroutes) {
3788 case IPSTATS_MIB_INNOROUTES:
3789 type = ipv6_addr_type(&ipv6_hdr(skb)->daddr);
3790 if (type == IPV6_ADDR_ANY) {
3791 IP6_INC_STATS(net, idev, IPSTATS_MIB_INADDRERRORS);
3795 case IPSTATS_MIB_OUTNOROUTES:
3796 IP6_INC_STATS(net, idev, ipstats_mib_noroutes);
3800 /* Start over by dropping the dst for l3mdev case */
3801 if (netif_is_l3_master(skb->dev))
3804 icmpv6_send(skb, ICMPV6_DEST_UNREACH, code, 0);
3809 static int ip6_pkt_discard(struct sk_buff *skb)
3811 return ip6_pkt_drop(skb, ICMPV6_NOROUTE, IPSTATS_MIB_INNOROUTES);
3814 static int ip6_pkt_discard_out(struct net *net, struct sock *sk, struct sk_buff *skb)
3816 skb->dev = skb_dst(skb)->dev;
3817 return ip6_pkt_drop(skb, ICMPV6_NOROUTE, IPSTATS_MIB_OUTNOROUTES);
3820 static int ip6_pkt_prohibit(struct sk_buff *skb)
3822 return ip6_pkt_drop(skb, ICMPV6_ADM_PROHIBITED, IPSTATS_MIB_INNOROUTES);
3825 static int ip6_pkt_prohibit_out(struct net *net, struct sock *sk, struct sk_buff *skb)
3827 skb->dev = skb_dst(skb)->dev;
3828 return ip6_pkt_drop(skb, ICMPV6_ADM_PROHIBITED, IPSTATS_MIB_OUTNOROUTES);
3832 * Allocate a dst for local (unicast / anycast) address.
3835 struct fib6_info *addrconf_f6i_alloc(struct net *net,
3836 struct inet6_dev *idev,
3837 const struct in6_addr *addr,
3838 bool anycast, gfp_t gfp_flags)
3840 struct fib6_config cfg = {
3841 .fc_table = l3mdev_fib_table(idev->dev) ? : RT6_TABLE_LOCAL,
3842 .fc_ifindex = idev->dev->ifindex,
3843 .fc_flags = RTF_UP | RTF_ADDRCONF | RTF_NONEXTHOP,
3846 .fc_protocol = RTPROT_KERNEL,
3847 .fc_nlinfo.nl_net = net,
3848 .fc_ignore_dev_down = true,
3852 cfg.fc_type = RTN_ANYCAST;
3853 cfg.fc_flags |= RTF_ANYCAST;
3855 cfg.fc_type = RTN_LOCAL;
3856 cfg.fc_flags |= RTF_LOCAL;
3859 return ip6_route_info_create(&cfg, gfp_flags, NULL);
3862 /* remove deleted ip from prefsrc entries */
3863 struct arg_dev_net_ip {
3864 struct net_device *dev;
3866 struct in6_addr *addr;
3869 static int fib6_remove_prefsrc(struct fib6_info *rt, void *arg)
3871 struct net_device *dev = ((struct arg_dev_net_ip *)arg)->dev;
3872 struct net *net = ((struct arg_dev_net_ip *)arg)->net;
3873 struct in6_addr *addr = ((struct arg_dev_net_ip *)arg)->addr;
3875 if (((void *)rt->fib6_nh.fib_nh_dev == dev || !dev) &&
3876 rt != net->ipv6.fib6_null_entry &&
3877 ipv6_addr_equal(addr, &rt->fib6_prefsrc.addr)) {
3878 spin_lock_bh(&rt6_exception_lock);
3879 /* remove prefsrc entry */
3880 rt->fib6_prefsrc.plen = 0;
3881 spin_unlock_bh(&rt6_exception_lock);
3886 void rt6_remove_prefsrc(struct inet6_ifaddr *ifp)
3888 struct net *net = dev_net(ifp->idev->dev);
3889 struct arg_dev_net_ip adni = {
3890 .dev = ifp->idev->dev,
3894 fib6_clean_all(net, fib6_remove_prefsrc, &adni);
3897 #define RTF_RA_ROUTER (RTF_ADDRCONF | RTF_DEFAULT)
3899 /* Remove routers and update dst entries when gateway turn into host. */
3900 static int fib6_clean_tohost(struct fib6_info *rt, void *arg)
3902 struct in6_addr *gateway = (struct in6_addr *)arg;
3904 if (((rt->fib6_flags & RTF_RA_ROUTER) == RTF_RA_ROUTER) &&
3905 rt->fib6_nh.fib_nh_gw_family &&
3906 ipv6_addr_equal(gateway, &rt->fib6_nh.fib_nh_gw6)) {
3910 /* Further clean up cached routes in exception table.
3911 * This is needed because cached route may have a different
3912 * gateway than its 'parent' in the case of an ip redirect.
3914 rt6_exceptions_clean_tohost(rt, gateway);
3919 void rt6_clean_tohost(struct net *net, struct in6_addr *gateway)
3921 fib6_clean_all(net, fib6_clean_tohost, gateway);
3924 struct arg_netdev_event {
3925 const struct net_device *dev;
3927 unsigned char nh_flags;
3928 unsigned long event;
3932 static struct fib6_info *rt6_multipath_first_sibling(const struct fib6_info *rt)
3934 struct fib6_info *iter;
3935 struct fib6_node *fn;
3937 fn = rcu_dereference_protected(rt->fib6_node,
3938 lockdep_is_held(&rt->fib6_table->tb6_lock));
3939 iter = rcu_dereference_protected(fn->leaf,
3940 lockdep_is_held(&rt->fib6_table->tb6_lock));
3942 if (iter->fib6_metric == rt->fib6_metric &&
3943 rt6_qualify_for_ecmp(iter))
3945 iter = rcu_dereference_protected(iter->fib6_next,
3946 lockdep_is_held(&rt->fib6_table->tb6_lock));
3952 static bool rt6_is_dead(const struct fib6_info *rt)
3954 if (rt->fib6_nh.fib_nh_flags & RTNH_F_DEAD ||
3955 (rt->fib6_nh.fib_nh_flags & RTNH_F_LINKDOWN &&
3956 ip6_ignore_linkdown(rt->fib6_nh.fib_nh_dev)))
3962 static int rt6_multipath_total_weight(const struct fib6_info *rt)
3964 struct fib6_info *iter;
3967 if (!rt6_is_dead(rt))
3968 total += rt->fib6_nh.fib_nh_weight;
3970 list_for_each_entry(iter, &rt->fib6_siblings, fib6_siblings) {
3971 if (!rt6_is_dead(iter))
3972 total += iter->fib6_nh.fib_nh_weight;
3978 static void rt6_upper_bound_set(struct fib6_info *rt, int *weight, int total)
3980 int upper_bound = -1;
3982 if (!rt6_is_dead(rt)) {
3983 *weight += rt->fib6_nh.fib_nh_weight;
3984 upper_bound = DIV_ROUND_CLOSEST_ULL((u64) (*weight) << 31,
3987 atomic_set(&rt->fib6_nh.fib_nh_upper_bound, upper_bound);
3990 static void rt6_multipath_upper_bound_set(struct fib6_info *rt, int total)
3992 struct fib6_info *iter;
3995 rt6_upper_bound_set(rt, &weight, total);
3997 list_for_each_entry(iter, &rt->fib6_siblings, fib6_siblings)
3998 rt6_upper_bound_set(iter, &weight, total);
4001 void rt6_multipath_rebalance(struct fib6_info *rt)
4003 struct fib6_info *first;
4006 /* In case the entire multipath route was marked for flushing,
4007 * then there is no need to rebalance upon the removal of every
4010 if (!rt->fib6_nsiblings || rt->should_flush)
4013 /* During lookup routes are evaluated in order, so we need to
4014 * make sure upper bounds are assigned from the first sibling
4017 first = rt6_multipath_first_sibling(rt);
4018 if (WARN_ON_ONCE(!first))
4021 total = rt6_multipath_total_weight(first);
4022 rt6_multipath_upper_bound_set(first, total);
4025 static int fib6_ifup(struct fib6_info *rt, void *p_arg)
4027 const struct arg_netdev_event *arg = p_arg;
4028 struct net *net = dev_net(arg->dev);
4030 if (rt != net->ipv6.fib6_null_entry &&
4031 rt->fib6_nh.fib_nh_dev == arg->dev) {
4032 rt->fib6_nh.fib_nh_flags &= ~arg->nh_flags;
4033 fib6_update_sernum_upto_root(net, rt);
4034 rt6_multipath_rebalance(rt);
4040 void rt6_sync_up(struct net_device *dev, unsigned char nh_flags)
4042 struct arg_netdev_event arg = {
4045 .nh_flags = nh_flags,
4049 if (nh_flags & RTNH_F_DEAD && netif_carrier_ok(dev))
4050 arg.nh_flags |= RTNH_F_LINKDOWN;
4052 fib6_clean_all(dev_net(dev), fib6_ifup, &arg);
4055 static bool rt6_multipath_uses_dev(const struct fib6_info *rt,
4056 const struct net_device *dev)
4058 struct fib6_info *iter;
4060 if (rt->fib6_nh.fib_nh_dev == dev)
4062 list_for_each_entry(iter, &rt->fib6_siblings, fib6_siblings)
4063 if (iter->fib6_nh.fib_nh_dev == dev)
4069 static void rt6_multipath_flush(struct fib6_info *rt)
4071 struct fib6_info *iter;
4073 rt->should_flush = 1;
4074 list_for_each_entry(iter, &rt->fib6_siblings, fib6_siblings)
4075 iter->should_flush = 1;
4078 static unsigned int rt6_multipath_dead_count(const struct fib6_info *rt,
4079 const struct net_device *down_dev)
4081 struct fib6_info *iter;
4082 unsigned int dead = 0;
4084 if (rt->fib6_nh.fib_nh_dev == down_dev ||
4085 rt->fib6_nh.fib_nh_flags & RTNH_F_DEAD)
4087 list_for_each_entry(iter, &rt->fib6_siblings, fib6_siblings)
4088 if (iter->fib6_nh.fib_nh_dev == down_dev ||
4089 iter->fib6_nh.fib_nh_flags & RTNH_F_DEAD)
4095 static void rt6_multipath_nh_flags_set(struct fib6_info *rt,
4096 const struct net_device *dev,
4097 unsigned char nh_flags)
4099 struct fib6_info *iter;
4101 if (rt->fib6_nh.fib_nh_dev == dev)
4102 rt->fib6_nh.fib_nh_flags |= nh_flags;
4103 list_for_each_entry(iter, &rt->fib6_siblings, fib6_siblings)
4104 if (iter->fib6_nh.fib_nh_dev == dev)
4105 iter->fib6_nh.fib_nh_flags |= nh_flags;
4108 /* called with write lock held for table with rt */
4109 static int fib6_ifdown(struct fib6_info *rt, void *p_arg)
4111 const struct arg_netdev_event *arg = p_arg;
4112 const struct net_device *dev = arg->dev;
4113 struct net *net = dev_net(dev);
4115 if (rt == net->ipv6.fib6_null_entry)
4118 switch (arg->event) {
4119 case NETDEV_UNREGISTER:
4120 return rt->fib6_nh.fib_nh_dev == dev ? -1 : 0;
4122 if (rt->should_flush)
4124 if (!rt->fib6_nsiblings)
4125 return rt->fib6_nh.fib_nh_dev == dev ? -1 : 0;
4126 if (rt6_multipath_uses_dev(rt, dev)) {
4129 count = rt6_multipath_dead_count(rt, dev);
4130 if (rt->fib6_nsiblings + 1 == count) {
4131 rt6_multipath_flush(rt);
4134 rt6_multipath_nh_flags_set(rt, dev, RTNH_F_DEAD |
4136 fib6_update_sernum(net, rt);
4137 rt6_multipath_rebalance(rt);
4141 if (rt->fib6_nh.fib_nh_dev != dev ||
4142 rt->fib6_flags & (RTF_LOCAL | RTF_ANYCAST))
4144 rt->fib6_nh.fib_nh_flags |= RTNH_F_LINKDOWN;
4145 rt6_multipath_rebalance(rt);
4152 void rt6_sync_down_dev(struct net_device *dev, unsigned long event)
4154 struct arg_netdev_event arg = {
4160 struct net *net = dev_net(dev);
4162 if (net->ipv6.sysctl.skip_notify_on_dev_down)
4163 fib6_clean_all_skip_notify(net, fib6_ifdown, &arg);
4165 fib6_clean_all(net, fib6_ifdown, &arg);
4168 void rt6_disable_ip(struct net_device *dev, unsigned long event)
4170 rt6_sync_down_dev(dev, event);
4171 rt6_uncached_list_flush_dev(dev_net(dev), dev);
4172 neigh_ifdown(&nd_tbl, dev);
4175 struct rt6_mtu_change_arg {
4176 struct net_device *dev;
4180 static int rt6_mtu_change_route(struct fib6_info *rt, void *p_arg)
4182 struct rt6_mtu_change_arg *arg = (struct rt6_mtu_change_arg *) p_arg;
4183 struct inet6_dev *idev;
4185 /* In IPv6 pmtu discovery is not optional,
4186 so that RTAX_MTU lock cannot disable it.
4187 We still use this lock to block changes
4188 caused by addrconf/ndisc.
4191 idev = __in6_dev_get(arg->dev);
4195 /* For administrative MTU increase, there is no way to discover
4196 IPv6 PMTU increase, so PMTU increase should be updated here.
4197 Since RFC 1981 doesn't include administrative MTU increase
4198 update PMTU increase is a MUST. (i.e. jumbo frame)
4200 if (rt->fib6_nh.fib_nh_dev == arg->dev &&
4201 !fib6_metric_locked(rt, RTAX_MTU)) {
4202 u32 mtu = rt->fib6_pmtu;
4204 if (mtu >= arg->mtu ||
4205 (mtu < arg->mtu && mtu == idev->cnf.mtu6))
4206 fib6_metric_set(rt, RTAX_MTU, arg->mtu);
4208 spin_lock_bh(&rt6_exception_lock);
4209 rt6_exceptions_update_pmtu(idev, rt, arg->mtu);
4210 spin_unlock_bh(&rt6_exception_lock);
4215 void rt6_mtu_change(struct net_device *dev, unsigned int mtu)
4217 struct rt6_mtu_change_arg arg = {
4222 fib6_clean_all(dev_net(dev), rt6_mtu_change_route, &arg);
4225 static const struct nla_policy rtm_ipv6_policy[RTA_MAX+1] = {
4226 [RTA_GATEWAY] = { .len = sizeof(struct in6_addr) },
4227 [RTA_PREFSRC] = { .len = sizeof(struct in6_addr) },
4228 [RTA_OIF] = { .type = NLA_U32 },
4229 [RTA_IIF] = { .type = NLA_U32 },
4230 [RTA_PRIORITY] = { .type = NLA_U32 },
4231 [RTA_METRICS] = { .type = NLA_NESTED },
4232 [RTA_MULTIPATH] = { .len = sizeof(struct rtnexthop) },
4233 [RTA_PREF] = { .type = NLA_U8 },
4234 [RTA_ENCAP_TYPE] = { .type = NLA_U16 },
4235 [RTA_ENCAP] = { .type = NLA_NESTED },
4236 [RTA_EXPIRES] = { .type = NLA_U32 },
4237 [RTA_UID] = { .type = NLA_U32 },
4238 [RTA_MARK] = { .type = NLA_U32 },
4239 [RTA_TABLE] = { .type = NLA_U32 },
4240 [RTA_IP_PROTO] = { .type = NLA_U8 },
4241 [RTA_SPORT] = { .type = NLA_U16 },
4242 [RTA_DPORT] = { .type = NLA_U16 },
4245 static int rtm_to_fib6_config(struct sk_buff *skb, struct nlmsghdr *nlh,
4246 struct fib6_config *cfg,
4247 struct netlink_ext_ack *extack)
4250 struct nlattr *tb[RTA_MAX+1];
4254 err = nlmsg_parse_deprecated(nlh, sizeof(*rtm), tb, RTA_MAX,
4255 rtm_ipv6_policy, extack);
4260 rtm = nlmsg_data(nlh);
4262 *cfg = (struct fib6_config){
4263 .fc_table = rtm->rtm_table,
4264 .fc_dst_len = rtm->rtm_dst_len,
4265 .fc_src_len = rtm->rtm_src_len,
4267 .fc_protocol = rtm->rtm_protocol,
4268 .fc_type = rtm->rtm_type,
4270 .fc_nlinfo.portid = NETLINK_CB(skb).portid,
4271 .fc_nlinfo.nlh = nlh,
4272 .fc_nlinfo.nl_net = sock_net(skb->sk),
4275 if (rtm->rtm_type == RTN_UNREACHABLE ||
4276 rtm->rtm_type == RTN_BLACKHOLE ||
4277 rtm->rtm_type == RTN_PROHIBIT ||
4278 rtm->rtm_type == RTN_THROW)
4279 cfg->fc_flags |= RTF_REJECT;
4281 if (rtm->rtm_type == RTN_LOCAL)
4282 cfg->fc_flags |= RTF_LOCAL;
4284 if (rtm->rtm_flags & RTM_F_CLONED)
4285 cfg->fc_flags |= RTF_CACHE;
4287 cfg->fc_flags |= (rtm->rtm_flags & RTNH_F_ONLINK);
4289 if (tb[RTA_GATEWAY]) {
4290 cfg->fc_gateway = nla_get_in6_addr(tb[RTA_GATEWAY]);
4291 cfg->fc_flags |= RTF_GATEWAY;
4294 NL_SET_ERR_MSG(extack, "IPv6 does not support RTA_VIA attribute");
4299 int plen = (rtm->rtm_dst_len + 7) >> 3;
4301 if (nla_len(tb[RTA_DST]) < plen)
4304 nla_memcpy(&cfg->fc_dst, tb[RTA_DST], plen);
4308 int plen = (rtm->rtm_src_len + 7) >> 3;
4310 if (nla_len(tb[RTA_SRC]) < plen)
4313 nla_memcpy(&cfg->fc_src, tb[RTA_SRC], plen);
4316 if (tb[RTA_PREFSRC])
4317 cfg->fc_prefsrc = nla_get_in6_addr(tb[RTA_PREFSRC]);
4320 cfg->fc_ifindex = nla_get_u32(tb[RTA_OIF]);
4322 if (tb[RTA_PRIORITY])
4323 cfg->fc_metric = nla_get_u32(tb[RTA_PRIORITY]);
4325 if (tb[RTA_METRICS]) {
4326 cfg->fc_mx = nla_data(tb[RTA_METRICS]);
4327 cfg->fc_mx_len = nla_len(tb[RTA_METRICS]);
4331 cfg->fc_table = nla_get_u32(tb[RTA_TABLE]);
4333 if (tb[RTA_MULTIPATH]) {
4334 cfg->fc_mp = nla_data(tb[RTA_MULTIPATH]);
4335 cfg->fc_mp_len = nla_len(tb[RTA_MULTIPATH]);
4337 err = lwtunnel_valid_encap_type_attr(cfg->fc_mp,
4338 cfg->fc_mp_len, extack);
4344 pref = nla_get_u8(tb[RTA_PREF]);
4345 if (pref != ICMPV6_ROUTER_PREF_LOW &&
4346 pref != ICMPV6_ROUTER_PREF_HIGH)
4347 pref = ICMPV6_ROUTER_PREF_MEDIUM;
4348 cfg->fc_flags |= RTF_PREF(pref);
4352 cfg->fc_encap = tb[RTA_ENCAP];
4354 if (tb[RTA_ENCAP_TYPE]) {
4355 cfg->fc_encap_type = nla_get_u16(tb[RTA_ENCAP_TYPE]);
4357 err = lwtunnel_valid_encap_type(cfg->fc_encap_type, extack);
4362 if (tb[RTA_EXPIRES]) {
4363 unsigned long timeout = addrconf_timeout_fixup(nla_get_u32(tb[RTA_EXPIRES]), HZ);
4365 if (addrconf_finite_timeout(timeout)) {
4366 cfg->fc_expires = jiffies_to_clock_t(timeout * HZ);
4367 cfg->fc_flags |= RTF_EXPIRES;
4377 struct fib6_info *fib6_info;
4378 struct fib6_config r_cfg;
4379 struct list_head next;
4382 static int ip6_route_info_append(struct net *net,
4383 struct list_head *rt6_nh_list,
4384 struct fib6_info *rt,
4385 struct fib6_config *r_cfg)
4390 list_for_each_entry(nh, rt6_nh_list, next) {
4391 /* check if fib6_info already exists */
4392 if (rt6_duplicate_nexthop(nh->fib6_info, rt))
4396 nh = kzalloc(sizeof(*nh), GFP_KERNEL);
4400 memcpy(&nh->r_cfg, r_cfg, sizeof(*r_cfg));
4401 list_add_tail(&nh->next, rt6_nh_list);
4406 static void ip6_route_mpath_notify(struct fib6_info *rt,
4407 struct fib6_info *rt_last,
4408 struct nl_info *info,
4411 /* if this is an APPEND route, then rt points to the first route
4412 * inserted and rt_last points to last route inserted. Userspace
4413 * wants a consistent dump of the route which starts at the first
4414 * nexthop. Since sibling routes are always added at the end of
4415 * the list, find the first sibling of the last route appended
4417 if ((nlflags & NLM_F_APPEND) && rt_last && rt_last->fib6_nsiblings) {
4418 rt = list_first_entry(&rt_last->fib6_siblings,
4424 inet6_rt_notify(RTM_NEWROUTE, rt, info, nlflags);
4427 static int ip6_route_multipath_add(struct fib6_config *cfg,
4428 struct netlink_ext_ack *extack)
4430 struct fib6_info *rt_notif = NULL, *rt_last = NULL;
4431 struct nl_info *info = &cfg->fc_nlinfo;
4432 struct fib6_config r_cfg;
4433 struct rtnexthop *rtnh;
4434 struct fib6_info *rt;
4435 struct rt6_nh *err_nh;
4436 struct rt6_nh *nh, *nh_safe;
4442 int replace = (cfg->fc_nlinfo.nlh &&
4443 (cfg->fc_nlinfo.nlh->nlmsg_flags & NLM_F_REPLACE));
4444 LIST_HEAD(rt6_nh_list);
4446 nlflags = replace ? NLM_F_REPLACE : NLM_F_CREATE;
4447 if (info->nlh && info->nlh->nlmsg_flags & NLM_F_APPEND)
4448 nlflags |= NLM_F_APPEND;
4450 remaining = cfg->fc_mp_len;
4451 rtnh = (struct rtnexthop *)cfg->fc_mp;
4453 /* Parse a Multipath Entry and build a list (rt6_nh_list) of
4454 * fib6_info structs per nexthop
4456 while (rtnh_ok(rtnh, remaining)) {
4457 memcpy(&r_cfg, cfg, sizeof(*cfg));
4458 if (rtnh->rtnh_ifindex)
4459 r_cfg.fc_ifindex = rtnh->rtnh_ifindex;
4461 attrlen = rtnh_attrlen(rtnh);
4463 struct nlattr *nla, *attrs = rtnh_attrs(rtnh);
4465 nla = nla_find(attrs, attrlen, RTA_GATEWAY);
4467 r_cfg.fc_gateway = nla_get_in6_addr(nla);
4468 r_cfg.fc_flags |= RTF_GATEWAY;
4470 r_cfg.fc_encap = nla_find(attrs, attrlen, RTA_ENCAP);
4471 nla = nla_find(attrs, attrlen, RTA_ENCAP_TYPE);
4473 r_cfg.fc_encap_type = nla_get_u16(nla);
4476 r_cfg.fc_flags |= (rtnh->rtnh_flags & RTNH_F_ONLINK);
4477 rt = ip6_route_info_create(&r_cfg, GFP_KERNEL, extack);
4483 if (!rt6_qualify_for_ecmp(rt)) {
4485 NL_SET_ERR_MSG(extack,
4486 "Device only routes can not be added for IPv6 using the multipath API.");
4487 fib6_info_release(rt);
4491 rt->fib6_nh.fib_nh_weight = rtnh->rtnh_hops + 1;
4493 err = ip6_route_info_append(info->nl_net, &rt6_nh_list,
4496 fib6_info_release(rt);
4500 rtnh = rtnh_next(rtnh, &remaining);
4503 /* for add and replace send one notification with all nexthops.
4504 * Skip the notification in fib6_add_rt2node and send one with
4505 * the full route when done
4507 info->skip_notify = 1;
4510 list_for_each_entry(nh, &rt6_nh_list, next) {
4511 err = __ip6_ins_rt(nh->fib6_info, info, extack);
4512 fib6_info_release(nh->fib6_info);
4515 /* save reference to last route successfully inserted */
4516 rt_last = nh->fib6_info;
4518 /* save reference to first route for notification */
4520 rt_notif = nh->fib6_info;
4523 /* nh->fib6_info is used or freed at this point, reset to NULL*/
4524 nh->fib6_info = NULL;
4527 NL_SET_ERR_MSG_MOD(extack,
4528 "multipath route replace failed (check consistency of installed routes)");
4533 /* Because each route is added like a single route we remove
4534 * these flags after the first nexthop: if there is a collision,
4535 * we have already failed to add the first nexthop:
4536 * fib6_add_rt2node() has rejected it; when replacing, old
4537 * nexthops have been replaced by first new, the rest should
4540 cfg->fc_nlinfo.nlh->nlmsg_flags &= ~(NLM_F_EXCL |
4545 /* success ... tell user about new route */
4546 ip6_route_mpath_notify(rt_notif, rt_last, info, nlflags);
4550 /* send notification for routes that were added so that
4551 * the delete notifications sent by ip6_route_del are
4555 ip6_route_mpath_notify(rt_notif, rt_last, info, nlflags);
4557 /* Delete routes that were already added */
4558 list_for_each_entry(nh, &rt6_nh_list, next) {
4561 ip6_route_del(&nh->r_cfg, extack);
4565 list_for_each_entry_safe(nh, nh_safe, &rt6_nh_list, next) {
4567 fib6_info_release(nh->fib6_info);
4568 list_del(&nh->next);
4575 static int ip6_route_multipath_del(struct fib6_config *cfg,
4576 struct netlink_ext_ack *extack)
4578 struct fib6_config r_cfg;
4579 struct rtnexthop *rtnh;
4582 int err = 1, last_err = 0;
4584 remaining = cfg->fc_mp_len;
4585 rtnh = (struct rtnexthop *)cfg->fc_mp;
4587 /* Parse a Multipath Entry */
4588 while (rtnh_ok(rtnh, remaining)) {
4589 memcpy(&r_cfg, cfg, sizeof(*cfg));
4590 if (rtnh->rtnh_ifindex)
4591 r_cfg.fc_ifindex = rtnh->rtnh_ifindex;
4593 attrlen = rtnh_attrlen(rtnh);
4595 struct nlattr *nla, *attrs = rtnh_attrs(rtnh);
4597 nla = nla_find(attrs, attrlen, RTA_GATEWAY);
4599 nla_memcpy(&r_cfg.fc_gateway, nla, 16);
4600 r_cfg.fc_flags |= RTF_GATEWAY;
4603 err = ip6_route_del(&r_cfg, extack);
4607 rtnh = rtnh_next(rtnh, &remaining);
4613 static int inet6_rtm_delroute(struct sk_buff *skb, struct nlmsghdr *nlh,
4614 struct netlink_ext_ack *extack)
4616 struct fib6_config cfg;
4619 err = rtm_to_fib6_config(skb, nlh, &cfg, extack);
4624 return ip6_route_multipath_del(&cfg, extack);
4626 cfg.fc_delete_all_nh = 1;
4627 return ip6_route_del(&cfg, extack);
4631 static int inet6_rtm_newroute(struct sk_buff *skb, struct nlmsghdr *nlh,
4632 struct netlink_ext_ack *extack)
4634 struct fib6_config cfg;
4637 err = rtm_to_fib6_config(skb, nlh, &cfg, extack);
4641 if (cfg.fc_metric == 0)
4642 cfg.fc_metric = IP6_RT_PRIO_USER;
4645 return ip6_route_multipath_add(&cfg, extack);
4647 return ip6_route_add(&cfg, GFP_KERNEL, extack);
4650 static size_t rt6_nlmsg_size(struct fib6_info *rt)
4652 int nexthop_len = 0;
4654 if (rt->fib6_nsiblings) {
4655 nexthop_len = nla_total_size(0) /* RTA_MULTIPATH */
4656 + NLA_ALIGN(sizeof(struct rtnexthop))
4657 + nla_total_size(16) /* RTA_GATEWAY */
4658 + lwtunnel_get_encap_size(rt->fib6_nh.fib_nh_lws);
4660 nexthop_len *= rt->fib6_nsiblings;
4663 return NLMSG_ALIGN(sizeof(struct rtmsg))
4664 + nla_total_size(16) /* RTA_SRC */
4665 + nla_total_size(16) /* RTA_DST */
4666 + nla_total_size(16) /* RTA_GATEWAY */
4667 + nla_total_size(16) /* RTA_PREFSRC */
4668 + nla_total_size(4) /* RTA_TABLE */
4669 + nla_total_size(4) /* RTA_IIF */
4670 + nla_total_size(4) /* RTA_OIF */
4671 + nla_total_size(4) /* RTA_PRIORITY */
4672 + RTAX_MAX * nla_total_size(4) /* RTA_METRICS */
4673 + nla_total_size(sizeof(struct rta_cacheinfo))
4674 + nla_total_size(TCP_CA_NAME_MAX) /* RTAX_CC_ALGO */
4675 + nla_total_size(1) /* RTA_PREF */
4676 + lwtunnel_get_encap_size(rt->fib6_nh.fib_nh_lws)
4680 static int rt6_fill_node(struct net *net, struct sk_buff *skb,
4681 struct fib6_info *rt, struct dst_entry *dst,
4682 struct in6_addr *dest, struct in6_addr *src,
4683 int iif, int type, u32 portid, u32 seq,
4686 struct rt6_info *rt6 = (struct rt6_info *)dst;
4687 struct rt6key *rt6_dst, *rt6_src;
4688 u32 *pmetrics, table, rt6_flags;
4689 struct nlmsghdr *nlh;
4693 nlh = nlmsg_put(skb, portid, seq, type, sizeof(*rtm), flags);
4698 rt6_dst = &rt6->rt6i_dst;
4699 rt6_src = &rt6->rt6i_src;
4700 rt6_flags = rt6->rt6i_flags;
4702 rt6_dst = &rt->fib6_dst;
4703 rt6_src = &rt->fib6_src;
4704 rt6_flags = rt->fib6_flags;
4707 rtm = nlmsg_data(nlh);
4708 rtm->rtm_family = AF_INET6;
4709 rtm->rtm_dst_len = rt6_dst->plen;
4710 rtm->rtm_src_len = rt6_src->plen;
4713 table = rt->fib6_table->tb6_id;
4715 table = RT6_TABLE_UNSPEC;
4716 rtm->rtm_table = table < 256 ? table : RT_TABLE_COMPAT;
4717 if (nla_put_u32(skb, RTA_TABLE, table))
4718 goto nla_put_failure;
4720 rtm->rtm_type = rt->fib6_type;
4722 rtm->rtm_scope = RT_SCOPE_UNIVERSE;
4723 rtm->rtm_protocol = rt->fib6_protocol;
4725 if (rt6_flags & RTF_CACHE)
4726 rtm->rtm_flags |= RTM_F_CLONED;
4729 if (nla_put_in6_addr(skb, RTA_DST, dest))
4730 goto nla_put_failure;
4731 rtm->rtm_dst_len = 128;
4732 } else if (rtm->rtm_dst_len)
4733 if (nla_put_in6_addr(skb, RTA_DST, &rt6_dst->addr))
4734 goto nla_put_failure;
4735 #ifdef CONFIG_IPV6_SUBTREES
4737 if (nla_put_in6_addr(skb, RTA_SRC, src))
4738 goto nla_put_failure;
4739 rtm->rtm_src_len = 128;
4740 } else if (rtm->rtm_src_len &&
4741 nla_put_in6_addr(skb, RTA_SRC, &rt6_src->addr))
4742 goto nla_put_failure;
4745 #ifdef CONFIG_IPV6_MROUTE
4746 if (ipv6_addr_is_multicast(&rt6_dst->addr)) {
4747 int err = ip6mr_get_route(net, skb, rtm, portid);
4752 goto nla_put_failure;
4755 if (nla_put_u32(skb, RTA_IIF, iif))
4756 goto nla_put_failure;
4758 struct in6_addr saddr_buf;
4759 if (ip6_route_get_saddr(net, rt, dest, 0, &saddr_buf) == 0 &&
4760 nla_put_in6_addr(skb, RTA_PREFSRC, &saddr_buf))
4761 goto nla_put_failure;
4764 if (rt->fib6_prefsrc.plen) {
4765 struct in6_addr saddr_buf;
4766 saddr_buf = rt->fib6_prefsrc.addr;
4767 if (nla_put_in6_addr(skb, RTA_PREFSRC, &saddr_buf))
4768 goto nla_put_failure;
4771 pmetrics = dst ? dst_metrics_ptr(dst) : rt->fib6_metrics->metrics;
4772 if (rtnetlink_put_metrics(skb, pmetrics) < 0)
4773 goto nla_put_failure;
4775 if (nla_put_u32(skb, RTA_PRIORITY, rt->fib6_metric))
4776 goto nla_put_failure;
4778 /* For multipath routes, walk the siblings list and add
4779 * each as a nexthop within RTA_MULTIPATH.
4782 if (rt6_flags & RTF_GATEWAY &&
4783 nla_put_in6_addr(skb, RTA_GATEWAY, &rt6->rt6i_gateway))
4784 goto nla_put_failure;
4786 if (dst->dev && nla_put_u32(skb, RTA_OIF, dst->dev->ifindex))
4787 goto nla_put_failure;
4788 } else if (rt->fib6_nsiblings) {
4789 struct fib6_info *sibling, *next_sibling;
4792 mp = nla_nest_start_noflag(skb, RTA_MULTIPATH);
4794 goto nla_put_failure;
4796 if (fib_add_nexthop(skb, &rt->fib6_nh.nh_common,
4797 rt->fib6_nh.fib_nh_weight) < 0)
4798 goto nla_put_failure;
4800 list_for_each_entry_safe(sibling, next_sibling,
4801 &rt->fib6_siblings, fib6_siblings) {
4802 if (fib_add_nexthop(skb, &sibling->fib6_nh.nh_common,
4803 sibling->fib6_nh.fib_nh_weight) < 0)
4804 goto nla_put_failure;
4807 nla_nest_end(skb, mp);
4809 unsigned char nh_flags = 0;
4811 if (fib_nexthop_info(skb, &rt->fib6_nh.nh_common,
4812 &nh_flags, false) < 0)
4813 goto nla_put_failure;
4815 rtm->rtm_flags |= nh_flags;
4818 if (rt6_flags & RTF_EXPIRES) {
4819 expires = dst ? dst->expires : rt->expires;
4823 if (rtnl_put_cacheinfo(skb, dst, 0, expires, dst ? dst->error : 0) < 0)
4824 goto nla_put_failure;
4826 if (nla_put_u8(skb, RTA_PREF, IPV6_EXTRACT_PREF(rt6_flags)))
4827 goto nla_put_failure;
4830 nlmsg_end(skb, nlh);
4834 nlmsg_cancel(skb, nlh);
4838 static bool fib6_info_uses_dev(const struct fib6_info *f6i,
4839 const struct net_device *dev)
4841 if (f6i->fib6_nh.fib_nh_dev == dev)
4844 if (f6i->fib6_nsiblings) {
4845 struct fib6_info *sibling, *next_sibling;
4847 list_for_each_entry_safe(sibling, next_sibling,
4848 &f6i->fib6_siblings, fib6_siblings) {
4849 if (sibling->fib6_nh.fib_nh_dev == dev)
4857 int rt6_dump_route(struct fib6_info *rt, void *p_arg)
4859 struct rt6_rtnl_dump_arg *arg = (struct rt6_rtnl_dump_arg *) p_arg;
4860 struct fib_dump_filter *filter = &arg->filter;
4861 unsigned int flags = NLM_F_MULTI;
4862 struct net *net = arg->net;
4864 if (rt == net->ipv6.fib6_null_entry)
4867 if ((filter->flags & RTM_F_PREFIX) &&
4868 !(rt->fib6_flags & RTF_PREFIX_RT)) {
4869 /* success since this is not a prefix route */
4872 if (filter->filter_set) {
4873 if ((filter->rt_type && rt->fib6_type != filter->rt_type) ||
4874 (filter->dev && !fib6_info_uses_dev(rt, filter->dev)) ||
4875 (filter->protocol && rt->fib6_protocol != filter->protocol)) {
4878 flags |= NLM_F_DUMP_FILTERED;
4881 return rt6_fill_node(net, arg->skb, rt, NULL, NULL, NULL, 0,
4882 RTM_NEWROUTE, NETLINK_CB(arg->cb->skb).portid,
4883 arg->cb->nlh->nlmsg_seq, flags);
4886 static int inet6_rtm_valid_getroute_req(struct sk_buff *skb,
4887 const struct nlmsghdr *nlh,
4889 struct netlink_ext_ack *extack)
4894 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*rtm))) {
4895 NL_SET_ERR_MSG_MOD(extack,
4896 "Invalid header for get route request");
4900 if (!netlink_strict_get_check(skb))
4901 return nlmsg_parse_deprecated(nlh, sizeof(*rtm), tb, RTA_MAX,
4902 rtm_ipv6_policy, extack);
4904 rtm = nlmsg_data(nlh);
4905 if ((rtm->rtm_src_len && rtm->rtm_src_len != 128) ||
4906 (rtm->rtm_dst_len && rtm->rtm_dst_len != 128) ||
4907 rtm->rtm_table || rtm->rtm_protocol || rtm->rtm_scope ||
4909 NL_SET_ERR_MSG_MOD(extack, "Invalid values in header for get route request");
4912 if (rtm->rtm_flags & ~RTM_F_FIB_MATCH) {
4913 NL_SET_ERR_MSG_MOD(extack,
4914 "Invalid flags for get route request");
4918 err = nlmsg_parse_deprecated_strict(nlh, sizeof(*rtm), tb, RTA_MAX,
4919 rtm_ipv6_policy, extack);
4923 if ((tb[RTA_SRC] && !rtm->rtm_src_len) ||
4924 (tb[RTA_DST] && !rtm->rtm_dst_len)) {
4925 NL_SET_ERR_MSG_MOD(extack, "rtm_src_len and rtm_dst_len must be 128 for IPv6");
4929 for (i = 0; i <= RTA_MAX; i++) {
4945 NL_SET_ERR_MSG_MOD(extack, "Unsupported attribute in get route request");
4953 static int inet6_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr *nlh,
4954 struct netlink_ext_ack *extack)
4956 struct net *net = sock_net(in_skb->sk);
4957 struct nlattr *tb[RTA_MAX+1];
4958 int err, iif = 0, oif = 0;
4959 struct fib6_info *from;
4960 struct dst_entry *dst;
4961 struct rt6_info *rt;
4962 struct sk_buff *skb;
4964 struct flowi6 fl6 = {};
4967 err = inet6_rtm_valid_getroute_req(in_skb, nlh, tb, extack);
4972 rtm = nlmsg_data(nlh);
4973 fl6.flowlabel = ip6_make_flowinfo(rtm->rtm_tos, 0);
4974 fibmatch = !!(rtm->rtm_flags & RTM_F_FIB_MATCH);
4977 if (nla_len(tb[RTA_SRC]) < sizeof(struct in6_addr))
4980 fl6.saddr = *(struct in6_addr *)nla_data(tb[RTA_SRC]);
4984 if (nla_len(tb[RTA_DST]) < sizeof(struct in6_addr))
4987 fl6.daddr = *(struct in6_addr *)nla_data(tb[RTA_DST]);
4991 iif = nla_get_u32(tb[RTA_IIF]);
4994 oif = nla_get_u32(tb[RTA_OIF]);
4997 fl6.flowi6_mark = nla_get_u32(tb[RTA_MARK]);
5000 fl6.flowi6_uid = make_kuid(current_user_ns(),
5001 nla_get_u32(tb[RTA_UID]));
5003 fl6.flowi6_uid = iif ? INVALID_UID : current_uid();
5006 fl6.fl6_sport = nla_get_be16(tb[RTA_SPORT]);
5009 fl6.fl6_dport = nla_get_be16(tb[RTA_DPORT]);
5011 if (tb[RTA_IP_PROTO]) {
5012 err = rtm_getroute_parse_ip_proto(tb[RTA_IP_PROTO],
5013 &fl6.flowi6_proto, AF_INET6,
5020 struct net_device *dev;
5025 dev = dev_get_by_index_rcu(net, iif);
5032 fl6.flowi6_iif = iif;
5034 if (!ipv6_addr_any(&fl6.saddr))
5035 flags |= RT6_LOOKUP_F_HAS_SADDR;
5037 dst = ip6_route_input_lookup(net, dev, &fl6, NULL, flags);
5041 fl6.flowi6_oif = oif;
5043 dst = ip6_route_output(net, NULL, &fl6);
5047 rt = container_of(dst, struct rt6_info, dst);
5048 if (rt->dst.error) {
5049 err = rt->dst.error;
5054 if (rt == net->ipv6.ip6_null_entry) {
5055 err = rt->dst.error;
5060 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL);
5067 skb_dst_set(skb, &rt->dst);
5070 from = rcu_dereference(rt->from);
5073 err = rt6_fill_node(net, skb, from, NULL, NULL, NULL,
5075 NETLINK_CB(in_skb).portid,
5078 err = rt6_fill_node(net, skb, from, dst, &fl6.daddr,
5079 &fl6.saddr, iif, RTM_NEWROUTE,
5080 NETLINK_CB(in_skb).portid,
5092 err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).portid);
5097 void inet6_rt_notify(int event, struct fib6_info *rt, struct nl_info *info,
5098 unsigned int nlm_flags)
5100 struct sk_buff *skb;
5101 struct net *net = info->nl_net;
5106 seq = info->nlh ? info->nlh->nlmsg_seq : 0;
5108 skb = nlmsg_new(rt6_nlmsg_size(rt), gfp_any());
5112 err = rt6_fill_node(net, skb, rt, NULL, NULL, NULL, 0,
5113 event, info->portid, seq, nlm_flags);
5115 /* -EMSGSIZE implies BUG in rt6_nlmsg_size() */
5116 WARN_ON(err == -EMSGSIZE);
5120 rtnl_notify(skb, net, info->portid, RTNLGRP_IPV6_ROUTE,
5121 info->nlh, gfp_any());
5125 rtnl_set_sk_err(net, RTNLGRP_IPV6_ROUTE, err);
5128 static int ip6_route_dev_notify(struct notifier_block *this,
5129 unsigned long event, void *ptr)
5131 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
5132 struct net *net = dev_net(dev);
5134 if (!(dev->flags & IFF_LOOPBACK))
5137 if (event == NETDEV_REGISTER) {
5138 net->ipv6.fib6_null_entry->fib6_nh.fib_nh_dev = dev;
5139 net->ipv6.ip6_null_entry->dst.dev = dev;
5140 net->ipv6.ip6_null_entry->rt6i_idev = in6_dev_get(dev);
5141 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
5142 net->ipv6.ip6_prohibit_entry->dst.dev = dev;
5143 net->ipv6.ip6_prohibit_entry->rt6i_idev = in6_dev_get(dev);
5144 net->ipv6.ip6_blk_hole_entry->dst.dev = dev;
5145 net->ipv6.ip6_blk_hole_entry->rt6i_idev = in6_dev_get(dev);
5147 } else if (event == NETDEV_UNREGISTER &&
5148 dev->reg_state != NETREG_UNREGISTERED) {
5149 /* NETDEV_UNREGISTER could be fired for multiple times by
5150 * netdev_wait_allrefs(). Make sure we only call this once.
5152 in6_dev_put_clear(&net->ipv6.ip6_null_entry->rt6i_idev);
5153 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
5154 in6_dev_put_clear(&net->ipv6.ip6_prohibit_entry->rt6i_idev);
5155 in6_dev_put_clear(&net->ipv6.ip6_blk_hole_entry->rt6i_idev);
5166 #ifdef CONFIG_PROC_FS
5167 static int rt6_stats_seq_show(struct seq_file *seq, void *v)
5169 struct net *net = (struct net *)seq->private;
5170 seq_printf(seq, "%04x %04x %04x %04x %04x %04x %04x\n",
5171 net->ipv6.rt6_stats->fib_nodes,
5172 net->ipv6.rt6_stats->fib_route_nodes,
5173 atomic_read(&net->ipv6.rt6_stats->fib_rt_alloc),
5174 net->ipv6.rt6_stats->fib_rt_entries,
5175 net->ipv6.rt6_stats->fib_rt_cache,
5176 dst_entries_get_slow(&net->ipv6.ip6_dst_ops),
5177 net->ipv6.rt6_stats->fib_discarded_routes);
5181 #endif /* CONFIG_PROC_FS */
5183 #ifdef CONFIG_SYSCTL
5186 int ipv6_sysctl_rtcache_flush(struct ctl_table *ctl, int write,
5187 void __user *buffer, size_t *lenp, loff_t *ppos)
5195 net = (struct net *)ctl->extra1;
5196 delay = net->ipv6.sysctl.flush_delay;
5197 ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
5201 fib6_run_gc(delay <= 0 ? 0 : (unsigned long)delay, net, delay > 0);
5208 static struct ctl_table ipv6_route_table_template[] = {
5210 .procname = "flush",
5211 .data = &init_net.ipv6.sysctl.flush_delay,
5212 .maxlen = sizeof(int),
5214 .proc_handler = ipv6_sysctl_rtcache_flush
5217 .procname = "gc_thresh",
5218 .data = &ip6_dst_ops_template.gc_thresh,
5219 .maxlen = sizeof(int),
5221 .proc_handler = proc_dointvec,
5224 .procname = "max_size",
5225 .data = &init_net.ipv6.sysctl.ip6_rt_max_size,
5226 .maxlen = sizeof(int),
5228 .proc_handler = proc_dointvec,
5231 .procname = "gc_min_interval",
5232 .data = &init_net.ipv6.sysctl.ip6_rt_gc_min_interval,
5233 .maxlen = sizeof(int),
5235 .proc_handler = proc_dointvec_jiffies,
5238 .procname = "gc_timeout",
5239 .data = &init_net.ipv6.sysctl.ip6_rt_gc_timeout,
5240 .maxlen = sizeof(int),
5242 .proc_handler = proc_dointvec_jiffies,
5245 .procname = "gc_interval",
5246 .data = &init_net.ipv6.sysctl.ip6_rt_gc_interval,
5247 .maxlen = sizeof(int),
5249 .proc_handler = proc_dointvec_jiffies,
5252 .procname = "gc_elasticity",
5253 .data = &init_net.ipv6.sysctl.ip6_rt_gc_elasticity,
5254 .maxlen = sizeof(int),
5256 .proc_handler = proc_dointvec,
5259 .procname = "mtu_expires",
5260 .data = &init_net.ipv6.sysctl.ip6_rt_mtu_expires,
5261 .maxlen = sizeof(int),
5263 .proc_handler = proc_dointvec_jiffies,
5266 .procname = "min_adv_mss",
5267 .data = &init_net.ipv6.sysctl.ip6_rt_min_advmss,
5268 .maxlen = sizeof(int),
5270 .proc_handler = proc_dointvec,
5273 .procname = "gc_min_interval_ms",
5274 .data = &init_net.ipv6.sysctl.ip6_rt_gc_min_interval,
5275 .maxlen = sizeof(int),
5277 .proc_handler = proc_dointvec_ms_jiffies,
5280 .procname = "skip_notify_on_dev_down",
5281 .data = &init_net.ipv6.sysctl.skip_notify_on_dev_down,
5282 .maxlen = sizeof(int),
5284 .proc_handler = proc_dointvec,
5291 struct ctl_table * __net_init ipv6_route_sysctl_init(struct net *net)
5293 struct ctl_table *table;
5295 table = kmemdup(ipv6_route_table_template,
5296 sizeof(ipv6_route_table_template),
5300 table[0].data = &net->ipv6.sysctl.flush_delay;
5301 table[0].extra1 = net;
5302 table[1].data = &net->ipv6.ip6_dst_ops.gc_thresh;
5303 table[2].data = &net->ipv6.sysctl.ip6_rt_max_size;
5304 table[3].data = &net->ipv6.sysctl.ip6_rt_gc_min_interval;
5305 table[4].data = &net->ipv6.sysctl.ip6_rt_gc_timeout;
5306 table[5].data = &net->ipv6.sysctl.ip6_rt_gc_interval;
5307 table[6].data = &net->ipv6.sysctl.ip6_rt_gc_elasticity;
5308 table[7].data = &net->ipv6.sysctl.ip6_rt_mtu_expires;
5309 table[8].data = &net->ipv6.sysctl.ip6_rt_min_advmss;
5310 table[9].data = &net->ipv6.sysctl.ip6_rt_gc_min_interval;
5311 table[10].data = &net->ipv6.sysctl.skip_notify_on_dev_down;
5313 /* Don't export sysctls to unprivileged users */
5314 if (net->user_ns != &init_user_ns)
5315 table[0].procname = NULL;
5322 static int __net_init ip6_route_net_init(struct net *net)
5326 memcpy(&net->ipv6.ip6_dst_ops, &ip6_dst_ops_template,
5327 sizeof(net->ipv6.ip6_dst_ops));
5329 if (dst_entries_init(&net->ipv6.ip6_dst_ops) < 0)
5330 goto out_ip6_dst_ops;
5332 net->ipv6.fib6_null_entry = kmemdup(&fib6_null_entry_template,
5333 sizeof(*net->ipv6.fib6_null_entry),
5335 if (!net->ipv6.fib6_null_entry)
5336 goto out_ip6_dst_entries;
5338 net->ipv6.ip6_null_entry = kmemdup(&ip6_null_entry_template,
5339 sizeof(*net->ipv6.ip6_null_entry),
5341 if (!net->ipv6.ip6_null_entry)
5342 goto out_fib6_null_entry;
5343 net->ipv6.ip6_null_entry->dst.ops = &net->ipv6.ip6_dst_ops;
5344 dst_init_metrics(&net->ipv6.ip6_null_entry->dst,
5345 ip6_template_metrics, true);
5347 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
5348 net->ipv6.fib6_has_custom_rules = false;
5349 net->ipv6.ip6_prohibit_entry = kmemdup(&ip6_prohibit_entry_template,
5350 sizeof(*net->ipv6.ip6_prohibit_entry),
5352 if (!net->ipv6.ip6_prohibit_entry)
5353 goto out_ip6_null_entry;
5354 net->ipv6.ip6_prohibit_entry->dst.ops = &net->ipv6.ip6_dst_ops;
5355 dst_init_metrics(&net->ipv6.ip6_prohibit_entry->dst,
5356 ip6_template_metrics, true);
5358 net->ipv6.ip6_blk_hole_entry = kmemdup(&ip6_blk_hole_entry_template,
5359 sizeof(*net->ipv6.ip6_blk_hole_entry),
5361 if (!net->ipv6.ip6_blk_hole_entry)
5362 goto out_ip6_prohibit_entry;
5363 net->ipv6.ip6_blk_hole_entry->dst.ops = &net->ipv6.ip6_dst_ops;
5364 dst_init_metrics(&net->ipv6.ip6_blk_hole_entry->dst,
5365 ip6_template_metrics, true);
5368 net->ipv6.sysctl.flush_delay = 0;
5369 net->ipv6.sysctl.ip6_rt_max_size = 4096;
5370 net->ipv6.sysctl.ip6_rt_gc_min_interval = HZ / 2;
5371 net->ipv6.sysctl.ip6_rt_gc_timeout = 60*HZ;
5372 net->ipv6.sysctl.ip6_rt_gc_interval = 30*HZ;
5373 net->ipv6.sysctl.ip6_rt_gc_elasticity = 9;
5374 net->ipv6.sysctl.ip6_rt_mtu_expires = 10*60*HZ;
5375 net->ipv6.sysctl.ip6_rt_min_advmss = IPV6_MIN_MTU - 20 - 40;
5376 net->ipv6.sysctl.skip_notify_on_dev_down = 0;
5378 net->ipv6.ip6_rt_gc_expire = 30*HZ;
5384 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
5385 out_ip6_prohibit_entry:
5386 kfree(net->ipv6.ip6_prohibit_entry);
5388 kfree(net->ipv6.ip6_null_entry);
5390 out_fib6_null_entry:
5391 kfree(net->ipv6.fib6_null_entry);
5392 out_ip6_dst_entries:
5393 dst_entries_destroy(&net->ipv6.ip6_dst_ops);
5398 static void __net_exit ip6_route_net_exit(struct net *net)
5400 kfree(net->ipv6.fib6_null_entry);
5401 kfree(net->ipv6.ip6_null_entry);
5402 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
5403 kfree(net->ipv6.ip6_prohibit_entry);
5404 kfree(net->ipv6.ip6_blk_hole_entry);
5406 dst_entries_destroy(&net->ipv6.ip6_dst_ops);
5409 static int __net_init ip6_route_net_init_late(struct net *net)
5411 #ifdef CONFIG_PROC_FS
5412 proc_create_net("ipv6_route", 0, net->proc_net, &ipv6_route_seq_ops,
5413 sizeof(struct ipv6_route_iter));
5414 proc_create_net_single("rt6_stats", 0444, net->proc_net,
5415 rt6_stats_seq_show, NULL);
5420 static void __net_exit ip6_route_net_exit_late(struct net *net)
5422 #ifdef CONFIG_PROC_FS
5423 remove_proc_entry("ipv6_route", net->proc_net);
5424 remove_proc_entry("rt6_stats", net->proc_net);
5428 static struct pernet_operations ip6_route_net_ops = {
5429 .init = ip6_route_net_init,
5430 .exit = ip6_route_net_exit,
5433 static int __net_init ipv6_inetpeer_init(struct net *net)
5435 struct inet_peer_base *bp = kmalloc(sizeof(*bp), GFP_KERNEL);
5439 inet_peer_base_init(bp);
5440 net->ipv6.peers = bp;
5444 static void __net_exit ipv6_inetpeer_exit(struct net *net)
5446 struct inet_peer_base *bp = net->ipv6.peers;
5448 net->ipv6.peers = NULL;
5449 inetpeer_invalidate_tree(bp);
5453 static struct pernet_operations ipv6_inetpeer_ops = {
5454 .init = ipv6_inetpeer_init,
5455 .exit = ipv6_inetpeer_exit,
5458 static struct pernet_operations ip6_route_net_late_ops = {
5459 .init = ip6_route_net_init_late,
5460 .exit = ip6_route_net_exit_late,
5463 static struct notifier_block ip6_route_dev_notifier = {
5464 .notifier_call = ip6_route_dev_notify,
5465 .priority = ADDRCONF_NOTIFY_PRIORITY - 10,
5468 void __init ip6_route_init_special_entries(void)
5470 /* Registering of the loopback is done before this portion of code,
5471 * the loopback reference in rt6_info will not be taken, do it
5472 * manually for init_net */
5473 init_net.ipv6.fib6_null_entry->fib6_nh.fib_nh_dev = init_net.loopback_dev;
5474 init_net.ipv6.ip6_null_entry->dst.dev = init_net.loopback_dev;
5475 init_net.ipv6.ip6_null_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev);
5476 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
5477 init_net.ipv6.ip6_prohibit_entry->dst.dev = init_net.loopback_dev;
5478 init_net.ipv6.ip6_prohibit_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev);
5479 init_net.ipv6.ip6_blk_hole_entry->dst.dev = init_net.loopback_dev;
5480 init_net.ipv6.ip6_blk_hole_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev);
5484 int __init ip6_route_init(void)
5490 ip6_dst_ops_template.kmem_cachep =
5491 kmem_cache_create("ip6_dst_cache", sizeof(struct rt6_info), 0,
5492 SLAB_HWCACHE_ALIGN, NULL);
5493 if (!ip6_dst_ops_template.kmem_cachep)
5496 ret = dst_entries_init(&ip6_dst_blackhole_ops);
5498 goto out_kmem_cache;
5500 ret = register_pernet_subsys(&ipv6_inetpeer_ops);
5502 goto out_dst_entries;
5504 ret = register_pernet_subsys(&ip6_route_net_ops);
5506 goto out_register_inetpeer;
5508 ip6_dst_blackhole_ops.kmem_cachep = ip6_dst_ops_template.kmem_cachep;
5512 goto out_register_subsys;
5518 ret = fib6_rules_init();
5522 ret = register_pernet_subsys(&ip6_route_net_late_ops);
5524 goto fib6_rules_init;
5526 ret = rtnl_register_module(THIS_MODULE, PF_INET6, RTM_NEWROUTE,
5527 inet6_rtm_newroute, NULL, 0);
5529 goto out_register_late_subsys;
5531 ret = rtnl_register_module(THIS_MODULE, PF_INET6, RTM_DELROUTE,
5532 inet6_rtm_delroute, NULL, 0);
5534 goto out_register_late_subsys;
5536 ret = rtnl_register_module(THIS_MODULE, PF_INET6, RTM_GETROUTE,
5537 inet6_rtm_getroute, NULL,
5538 RTNL_FLAG_DOIT_UNLOCKED);
5540 goto out_register_late_subsys;
5542 ret = register_netdevice_notifier(&ip6_route_dev_notifier);
5544 goto out_register_late_subsys;
5546 for_each_possible_cpu(cpu) {
5547 struct uncached_list *ul = per_cpu_ptr(&rt6_uncached_list, cpu);
5549 INIT_LIST_HEAD(&ul->head);
5550 spin_lock_init(&ul->lock);
5556 out_register_late_subsys:
5557 rtnl_unregister_all(PF_INET6);
5558 unregister_pernet_subsys(&ip6_route_net_late_ops);
5560 fib6_rules_cleanup();
5565 out_register_subsys:
5566 unregister_pernet_subsys(&ip6_route_net_ops);
5567 out_register_inetpeer:
5568 unregister_pernet_subsys(&ipv6_inetpeer_ops);
5570 dst_entries_destroy(&ip6_dst_blackhole_ops);
5572 kmem_cache_destroy(ip6_dst_ops_template.kmem_cachep);
5576 void ip6_route_cleanup(void)
5578 unregister_netdevice_notifier(&ip6_route_dev_notifier);
5579 unregister_pernet_subsys(&ip6_route_net_late_ops);
5580 fib6_rules_cleanup();
5583 unregister_pernet_subsys(&ipv6_inetpeer_ops);
5584 unregister_pernet_subsys(&ip6_route_net_ops);
5585 dst_entries_destroy(&ip6_dst_blackhole_ops);
5586 kmem_cache_destroy(ip6_dst_ops_template.kmem_cachep);
projects / linux-2.6-block.git / blob