2 * Linux INET6 implementation
6 * Pedro Roque <roque@di.fc.ul.pt>
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public License
10 * as published by the Free Software Foundation; either version
11 * 2 of the License, or (at your option) any later version.
16 * YOSHIFUJI Hideaki @USAGI
17 * reworked default router selection.
18 * - respect outgoing interface
19 * - select from (probably) reachable routers (i.e.
20 * routers in REACHABLE, STALE, DELAY or PROBE states).
21 * - always select the same router if it is (probably)
22 * reachable. otherwise, round-robin the list.
24 * Fixed routing subtrees.
27 #define pr_fmt(fmt) "IPv6: " fmt
29 #include <linux/capability.h>
30 #include <linux/errno.h>
31 #include <linux/export.h>
32 #include <linux/types.h>
33 #include <linux/times.h>
34 #include <linux/socket.h>
35 #include <linux/sockios.h>
36 #include <linux/net.h>
37 #include <linux/route.h>
38 #include <linux/netdevice.h>
39 #include <linux/in6.h>
40 #include <linux/mroute6.h>
41 #include <linux/init.h>
42 #include <linux/if_arp.h>
43 #include <linux/proc_fs.h>
44 #include <linux/seq_file.h>
45 #include <linux/nsproxy.h>
46 #include <linux/slab.h>
47 #include <net/net_namespace.h>
50 #include <net/ip6_fib.h>
51 #include <net/ip6_route.h>
52 #include <net/ndisc.h>
53 #include <net/addrconf.h>
55 #include <linux/rtnetlink.h>
57 #include <net/dst_metadata.h>
59 #include <net/netevent.h>
60 #include <net/netlink.h>
61 #include <net/nexthop.h>
62 #include <net/lwtunnel.h>
63 #include <net/ip_tunnels.h>
64 #include <net/l3mdev.h>
65 #include <trace/events/fib6.h>
67 #include <linux/uaccess.h>
70 #include <linux/sysctl.h>
74 RT6_NUD_FAIL_HARD = -3,
75 RT6_NUD_FAIL_PROBE = -2,
76 RT6_NUD_FAIL_DO_RR = -1,
80 static void ip6_rt_copy_init(struct rt6_info *rt, struct rt6_info *ort);
81 static struct dst_entry *ip6_dst_check(struct dst_entry *dst, u32 cookie);
82 static unsigned int ip6_default_advmss(const struct dst_entry *dst);
83 static unsigned int ip6_mtu(const struct dst_entry *dst);
84 static struct dst_entry *ip6_negative_advice(struct dst_entry *);
85 static void ip6_dst_destroy(struct dst_entry *);
86 static void ip6_dst_ifdown(struct dst_entry *,
87 struct net_device *dev, int how);
88 static int ip6_dst_gc(struct dst_ops *ops);
90 static int ip6_pkt_discard(struct sk_buff *skb);
91 static int ip6_pkt_discard_out(struct net *net, struct sock *sk, struct sk_buff *skb);
92 static int ip6_pkt_prohibit(struct sk_buff *skb);
93 static int ip6_pkt_prohibit_out(struct net *net, struct sock *sk, struct sk_buff *skb);
94 static void ip6_link_failure(struct sk_buff *skb);
95 static void ip6_rt_update_pmtu(struct dst_entry *dst, struct sock *sk,
96 struct sk_buff *skb, u32 mtu);
97 static void rt6_do_redirect(struct dst_entry *dst, struct sock *sk,
99 static void rt6_dst_from_metrics_check(struct rt6_info *rt);
100 static int rt6_score_route(struct rt6_info *rt, int oif, int strict);
101 static size_t rt6_nlmsg_size(struct rt6_info *rt);
102 static int rt6_fill_node(struct net *net,
103 struct sk_buff *skb, struct rt6_info *rt,
104 struct in6_addr *dst, struct in6_addr *src,
105 int iif, int type, u32 portid, u32 seq,
108 #ifdef CONFIG_IPV6_ROUTE_INFO
109 static struct rt6_info *rt6_add_route_info(struct net *net,
110 const struct in6_addr *prefix, int prefixlen,
111 const struct in6_addr *gwaddr,
112 struct net_device *dev,
114 static struct rt6_info *rt6_get_route_info(struct net *net,
115 const struct in6_addr *prefix, int prefixlen,
116 const struct in6_addr *gwaddr,
117 struct net_device *dev);
120 struct uncached_list {
122 struct list_head head;
125 static DEFINE_PER_CPU_ALIGNED(struct uncached_list, rt6_uncached_list);
127 static void rt6_uncached_list_add(struct rt6_info *rt)
129 struct uncached_list *ul = raw_cpu_ptr(&rt6_uncached_list);
131 rt->dst.flags |= DST_NOCACHE;
132 rt->rt6i_uncached_list = ul;
134 spin_lock_bh(&ul->lock);
135 list_add_tail(&rt->rt6i_uncached, &ul->head);
136 spin_unlock_bh(&ul->lock);
139 static void rt6_uncached_list_del(struct rt6_info *rt)
141 if (!list_empty(&rt->rt6i_uncached)) {
142 struct uncached_list *ul = rt->rt6i_uncached_list;
144 spin_lock_bh(&ul->lock);
145 list_del(&rt->rt6i_uncached);
146 spin_unlock_bh(&ul->lock);
150 static void rt6_uncached_list_flush_dev(struct net *net, struct net_device *dev)
152 struct net_device *loopback_dev = net->loopback_dev;
155 if (dev == loopback_dev)
158 for_each_possible_cpu(cpu) {
159 struct uncached_list *ul = per_cpu_ptr(&rt6_uncached_list, cpu);
162 spin_lock_bh(&ul->lock);
163 list_for_each_entry(rt, &ul->head, rt6i_uncached) {
164 struct inet6_dev *rt_idev = rt->rt6i_idev;
165 struct net_device *rt_dev = rt->dst.dev;
167 if (rt_idev->dev == dev) {
168 rt->rt6i_idev = in6_dev_get(loopback_dev);
169 in6_dev_put(rt_idev);
173 rt->dst.dev = loopback_dev;
174 dev_hold(rt->dst.dev);
178 spin_unlock_bh(&ul->lock);
182 static u32 *rt6_pcpu_cow_metrics(struct rt6_info *rt)
184 return dst_metrics_write_ptr(rt->dst.from);
187 static u32 *ipv6_cow_metrics(struct dst_entry *dst, unsigned long old)
189 struct rt6_info *rt = (struct rt6_info *)dst;
191 if (rt->rt6i_flags & RTF_PCPU)
192 return rt6_pcpu_cow_metrics(rt);
193 else if (rt->rt6i_flags & RTF_CACHE)
196 return dst_cow_metrics_generic(dst, old);
199 static inline const void *choose_neigh_daddr(struct rt6_info *rt,
203 struct in6_addr *p = &rt->rt6i_gateway;
205 if (!ipv6_addr_any(p))
206 return (const void *) p;
208 return &ipv6_hdr(skb)->daddr;
212 static struct neighbour *ip6_neigh_lookup(const struct dst_entry *dst,
216 struct rt6_info *rt = (struct rt6_info *) dst;
219 daddr = choose_neigh_daddr(rt, skb, daddr);
220 n = __ipv6_neigh_lookup(dst->dev, daddr);
223 return neigh_create(&nd_tbl, daddr, dst->dev);
226 static void ip6_confirm_neigh(const struct dst_entry *dst, const void *daddr)
228 struct net_device *dev = dst->dev;
229 struct rt6_info *rt = (struct rt6_info *)dst;
231 daddr = choose_neigh_daddr(rt, NULL, daddr);
234 if (dev->flags & (IFF_NOARP | IFF_LOOPBACK))
236 if (ipv6_addr_is_multicast((const struct in6_addr *)daddr))
238 __ipv6_confirm_neigh(dev, daddr);
241 static struct dst_ops ip6_dst_ops_template = {
245 .check = ip6_dst_check,
246 .default_advmss = ip6_default_advmss,
248 .cow_metrics = ipv6_cow_metrics,
249 .destroy = ip6_dst_destroy,
250 .ifdown = ip6_dst_ifdown,
251 .negative_advice = ip6_negative_advice,
252 .link_failure = ip6_link_failure,
253 .update_pmtu = ip6_rt_update_pmtu,
254 .redirect = rt6_do_redirect,
255 .local_out = __ip6_local_out,
256 .neigh_lookup = ip6_neigh_lookup,
257 .confirm_neigh = ip6_confirm_neigh,
260 static unsigned int ip6_blackhole_mtu(const struct dst_entry *dst)
262 unsigned int mtu = dst_metric_raw(dst, RTAX_MTU);
264 return mtu ? : dst->dev->mtu;
267 static void ip6_rt_blackhole_update_pmtu(struct dst_entry *dst, struct sock *sk,
268 struct sk_buff *skb, u32 mtu)
272 static void ip6_rt_blackhole_redirect(struct dst_entry *dst, struct sock *sk,
277 static struct dst_ops ip6_dst_blackhole_ops = {
279 .destroy = ip6_dst_destroy,
280 .check = ip6_dst_check,
281 .mtu = ip6_blackhole_mtu,
282 .default_advmss = ip6_default_advmss,
283 .update_pmtu = ip6_rt_blackhole_update_pmtu,
284 .redirect = ip6_rt_blackhole_redirect,
285 .cow_metrics = dst_cow_metrics_generic,
286 .neigh_lookup = ip6_neigh_lookup,
289 static const u32 ip6_template_metrics[RTAX_MAX] = {
290 [RTAX_HOPLIMIT - 1] = 0,
293 static const struct rt6_info ip6_null_entry_template = {
295 .__refcnt = ATOMIC_INIT(1),
297 .obsolete = DST_OBSOLETE_FORCE_CHK,
298 .error = -ENETUNREACH,
299 .input = ip6_pkt_discard,
300 .output = ip6_pkt_discard_out,
302 .rt6i_flags = (RTF_REJECT | RTF_NONEXTHOP),
303 .rt6i_protocol = RTPROT_KERNEL,
304 .rt6i_metric = ~(u32) 0,
305 .rt6i_ref = ATOMIC_INIT(1),
308 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
310 static const struct rt6_info ip6_prohibit_entry_template = {
312 .__refcnt = ATOMIC_INIT(1),
314 .obsolete = DST_OBSOLETE_FORCE_CHK,
316 .input = ip6_pkt_prohibit,
317 .output = ip6_pkt_prohibit_out,
319 .rt6i_flags = (RTF_REJECT | RTF_NONEXTHOP),
320 .rt6i_protocol = RTPROT_KERNEL,
321 .rt6i_metric = ~(u32) 0,
322 .rt6i_ref = ATOMIC_INIT(1),
325 static const struct rt6_info ip6_blk_hole_entry_template = {
327 .__refcnt = ATOMIC_INIT(1),
329 .obsolete = DST_OBSOLETE_FORCE_CHK,
331 .input = dst_discard,
332 .output = dst_discard_out,
334 .rt6i_flags = (RTF_REJECT | RTF_NONEXTHOP),
335 .rt6i_protocol = RTPROT_KERNEL,
336 .rt6i_metric = ~(u32) 0,
337 .rt6i_ref = ATOMIC_INIT(1),
342 static void rt6_info_init(struct rt6_info *rt)
344 struct dst_entry *dst = &rt->dst;
346 memset(dst + 1, 0, sizeof(*rt) - sizeof(*dst));
347 INIT_LIST_HEAD(&rt->rt6i_siblings);
348 INIT_LIST_HEAD(&rt->rt6i_uncached);
351 /* allocate dst with ip6_dst_ops */
352 static struct rt6_info *__ip6_dst_alloc(struct net *net,
353 struct net_device *dev,
356 struct rt6_info *rt = dst_alloc(&net->ipv6.ip6_dst_ops, dev,
357 0, DST_OBSOLETE_FORCE_CHK, flags);
365 struct rt6_info *ip6_dst_alloc(struct net *net,
366 struct net_device *dev,
369 struct rt6_info *rt = __ip6_dst_alloc(net, dev, flags);
372 rt->rt6i_pcpu = alloc_percpu_gfp(struct rt6_info *, GFP_ATOMIC);
376 for_each_possible_cpu(cpu) {
379 p = per_cpu_ptr(rt->rt6i_pcpu, cpu);
380 /* no one shares rt */
384 dst_destroy((struct dst_entry *)rt);
391 EXPORT_SYMBOL(ip6_dst_alloc);
393 static void ip6_dst_destroy(struct dst_entry *dst)
395 struct rt6_info *rt = (struct rt6_info *)dst;
396 struct dst_entry *from = dst->from;
397 struct inet6_dev *idev;
399 dst_destroy_metrics_generic(dst);
400 free_percpu(rt->rt6i_pcpu);
401 rt6_uncached_list_del(rt);
403 idev = rt->rt6i_idev;
405 rt->rt6i_idev = NULL;
413 static void ip6_dst_ifdown(struct dst_entry *dst, struct net_device *dev,
416 struct rt6_info *rt = (struct rt6_info *)dst;
417 struct inet6_dev *idev = rt->rt6i_idev;
418 struct net_device *loopback_dev =
419 dev_net(dev)->loopback_dev;
421 if (dev != loopback_dev) {
422 if (idev && idev->dev == dev) {
423 struct inet6_dev *loopback_idev =
424 in6_dev_get(loopback_dev);
426 rt->rt6i_idev = loopback_idev;
433 static bool __rt6_check_expired(const struct rt6_info *rt)
435 if (rt->rt6i_flags & RTF_EXPIRES)
436 return time_after(jiffies, rt->dst.expires);
441 static bool rt6_check_expired(const struct rt6_info *rt)
443 if (rt->rt6i_flags & RTF_EXPIRES) {
444 if (time_after(jiffies, rt->dst.expires))
446 } else if (rt->dst.from) {
447 return rt6_check_expired((struct rt6_info *) rt->dst.from);
452 /* Multipath route selection:
453 * Hash based function using packet header and flowlabel.
454 * Adapted from fib_info_hashfn()
456 static int rt6_info_hash_nhsfn(unsigned int candidate_count,
457 const struct flowi6 *fl6)
459 return get_hash_from_flowi6(fl6) % candidate_count;
462 static struct rt6_info *rt6_multipath_select(struct rt6_info *match,
463 struct flowi6 *fl6, int oif,
466 struct rt6_info *sibling, *next_sibling;
469 route_choosen = rt6_info_hash_nhsfn(match->rt6i_nsiblings + 1, fl6);
470 /* Don't change the route, if route_choosen == 0
471 * (siblings does not include ourself)
474 list_for_each_entry_safe(sibling, next_sibling,
475 &match->rt6i_siblings, rt6i_siblings) {
477 if (route_choosen == 0) {
478 if (rt6_score_route(sibling, oif, strict) < 0)
488 * Route lookup. Any table->tb6_lock is implied.
491 static inline struct rt6_info *rt6_device_match(struct net *net,
493 const struct in6_addr *saddr,
497 struct rt6_info *local = NULL;
498 struct rt6_info *sprt;
500 if (!oif && ipv6_addr_any(saddr))
503 for (sprt = rt; sprt; sprt = sprt->dst.rt6_next) {
504 struct net_device *dev = sprt->dst.dev;
507 if (dev->ifindex == oif)
509 if (dev->flags & IFF_LOOPBACK) {
510 if (!sprt->rt6i_idev ||
511 sprt->rt6i_idev->dev->ifindex != oif) {
512 if (flags & RT6_LOOKUP_F_IFACE)
515 local->rt6i_idev->dev->ifindex == oif)
521 if (ipv6_chk_addr(net, saddr, dev,
522 flags & RT6_LOOKUP_F_IFACE))
531 if (flags & RT6_LOOKUP_F_IFACE)
532 return net->ipv6.ip6_null_entry;
538 #ifdef CONFIG_IPV6_ROUTER_PREF
539 struct __rt6_probe_work {
540 struct work_struct work;
541 struct in6_addr target;
542 struct net_device *dev;
545 static void rt6_probe_deferred(struct work_struct *w)
547 struct in6_addr mcaddr;
548 struct __rt6_probe_work *work =
549 container_of(w, struct __rt6_probe_work, work);
551 addrconf_addr_solict_mult(&work->target, &mcaddr);
552 ndisc_send_ns(work->dev, &work->target, &mcaddr, NULL, 0);
557 static void rt6_probe(struct rt6_info *rt)
559 struct __rt6_probe_work *work;
560 struct neighbour *neigh;
562 * Okay, this does not seem to be appropriate
563 * for now, however, we need to check if it
564 * is really so; aka Router Reachability Probing.
566 * Router Reachability Probe MUST be rate-limited
567 * to no more than one per minute.
569 if (!rt || !(rt->rt6i_flags & RTF_GATEWAY))
572 neigh = __ipv6_neigh_lookup_noref(rt->dst.dev, &rt->rt6i_gateway);
574 if (neigh->nud_state & NUD_VALID)
578 write_lock(&neigh->lock);
579 if (!(neigh->nud_state & NUD_VALID) &&
582 rt->rt6i_idev->cnf.rtr_probe_interval)) {
583 work = kmalloc(sizeof(*work), GFP_ATOMIC);
585 __neigh_set_probe_once(neigh);
587 write_unlock(&neigh->lock);
589 work = kmalloc(sizeof(*work), GFP_ATOMIC);
593 INIT_WORK(&work->work, rt6_probe_deferred);
594 work->target = rt->rt6i_gateway;
595 dev_hold(rt->dst.dev);
596 work->dev = rt->dst.dev;
597 schedule_work(&work->work);
601 rcu_read_unlock_bh();
604 static inline void rt6_probe(struct rt6_info *rt)
610 * Default Router Selection (RFC 2461 6.3.6)
612 static inline int rt6_check_dev(struct rt6_info *rt, int oif)
614 struct net_device *dev = rt->dst.dev;
615 if (!oif || dev->ifindex == oif)
617 if ((dev->flags & IFF_LOOPBACK) &&
618 rt->rt6i_idev && rt->rt6i_idev->dev->ifindex == oif)
623 static inline enum rt6_nud_state rt6_check_neigh(struct rt6_info *rt)
625 struct neighbour *neigh;
626 enum rt6_nud_state ret = RT6_NUD_FAIL_HARD;
628 if (rt->rt6i_flags & RTF_NONEXTHOP ||
629 !(rt->rt6i_flags & RTF_GATEWAY))
630 return RT6_NUD_SUCCEED;
633 neigh = __ipv6_neigh_lookup_noref(rt->dst.dev, &rt->rt6i_gateway);
635 read_lock(&neigh->lock);
636 if (neigh->nud_state & NUD_VALID)
637 ret = RT6_NUD_SUCCEED;
638 #ifdef CONFIG_IPV6_ROUTER_PREF
639 else if (!(neigh->nud_state & NUD_FAILED))
640 ret = RT6_NUD_SUCCEED;
642 ret = RT6_NUD_FAIL_PROBE;
644 read_unlock(&neigh->lock);
646 ret = IS_ENABLED(CONFIG_IPV6_ROUTER_PREF) ?
647 RT6_NUD_SUCCEED : RT6_NUD_FAIL_DO_RR;
649 rcu_read_unlock_bh();
654 static int rt6_score_route(struct rt6_info *rt, int oif,
659 m = rt6_check_dev(rt, oif);
660 if (!m && (strict & RT6_LOOKUP_F_IFACE))
661 return RT6_NUD_FAIL_HARD;
662 #ifdef CONFIG_IPV6_ROUTER_PREF
663 m |= IPV6_DECODE_PREF(IPV6_EXTRACT_PREF(rt->rt6i_flags)) << 2;
665 if (strict & RT6_LOOKUP_F_REACHABLE) {
666 int n = rt6_check_neigh(rt);
673 static struct rt6_info *find_match(struct rt6_info *rt, int oif, int strict,
674 int *mpri, struct rt6_info *match,
678 bool match_do_rr = false;
679 struct inet6_dev *idev = rt->rt6i_idev;
680 struct net_device *dev = rt->dst.dev;
682 if (dev && !netif_carrier_ok(dev) &&
683 idev->cnf.ignore_routes_with_linkdown &&
684 !(strict & RT6_LOOKUP_F_IGNORE_LINKSTATE))
687 if (rt6_check_expired(rt))
690 m = rt6_score_route(rt, oif, strict);
691 if (m == RT6_NUD_FAIL_DO_RR) {
693 m = 0; /* lowest valid score */
694 } else if (m == RT6_NUD_FAIL_HARD) {
698 if (strict & RT6_LOOKUP_F_REACHABLE)
701 /* note that m can be RT6_NUD_FAIL_PROBE at this point */
703 *do_rr = match_do_rr;
711 static struct rt6_info *find_rr_leaf(struct fib6_node *fn,
712 struct rt6_info *rr_head,
713 u32 metric, int oif, int strict,
716 struct rt6_info *rt, *match, *cont;
721 for (rt = rr_head; rt; rt = rt->dst.rt6_next) {
722 if (rt->rt6i_metric != metric) {
727 match = find_match(rt, oif, strict, &mpri, match, do_rr);
730 for (rt = fn->leaf; rt && rt != rr_head; rt = rt->dst.rt6_next) {
731 if (rt->rt6i_metric != metric) {
736 match = find_match(rt, oif, strict, &mpri, match, do_rr);
742 for (rt = cont; rt; rt = rt->dst.rt6_next)
743 match = find_match(rt, oif, strict, &mpri, match, do_rr);
748 static struct rt6_info *rt6_select(struct fib6_node *fn, int oif, int strict)
750 struct rt6_info *match, *rt0;
756 fn->rr_ptr = rt0 = fn->leaf;
758 match = find_rr_leaf(fn, rt0, rt0->rt6i_metric, oif, strict,
762 struct rt6_info *next = rt0->dst.rt6_next;
764 /* no entries matched; do round-robin */
765 if (!next || next->rt6i_metric != rt0->rt6i_metric)
772 net = dev_net(rt0->dst.dev);
773 return match ? match : net->ipv6.ip6_null_entry;
776 static bool rt6_is_gw_or_nonexthop(const struct rt6_info *rt)
778 return (rt->rt6i_flags & (RTF_NONEXTHOP | RTF_GATEWAY));
781 #ifdef CONFIG_IPV6_ROUTE_INFO
782 int rt6_route_rcv(struct net_device *dev, u8 *opt, int len,
783 const struct in6_addr *gwaddr)
785 struct net *net = dev_net(dev);
786 struct route_info *rinfo = (struct route_info *) opt;
787 struct in6_addr prefix_buf, *prefix;
789 unsigned long lifetime;
792 if (len < sizeof(struct route_info)) {
796 /* Sanity check for prefix_len and length */
797 if (rinfo->length > 3) {
799 } else if (rinfo->prefix_len > 128) {
801 } else if (rinfo->prefix_len > 64) {
802 if (rinfo->length < 2) {
805 } else if (rinfo->prefix_len > 0) {
806 if (rinfo->length < 1) {
811 pref = rinfo->route_pref;
812 if (pref == ICMPV6_ROUTER_PREF_INVALID)
815 lifetime = addrconf_timeout_fixup(ntohl(rinfo->lifetime), HZ);
817 if (rinfo->length == 3)
818 prefix = (struct in6_addr *)rinfo->prefix;
820 /* this function is safe */
821 ipv6_addr_prefix(&prefix_buf,
822 (struct in6_addr *)rinfo->prefix,
824 prefix = &prefix_buf;
827 if (rinfo->prefix_len == 0)
828 rt = rt6_get_dflt_router(gwaddr, dev);
830 rt = rt6_get_route_info(net, prefix, rinfo->prefix_len,
833 if (rt && !lifetime) {
839 rt = rt6_add_route_info(net, prefix, rinfo->prefix_len, gwaddr,
842 rt->rt6i_flags = RTF_ROUTEINFO |
843 (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
846 if (!addrconf_finite_timeout(lifetime))
847 rt6_clean_expires(rt);
849 rt6_set_expires(rt, jiffies + HZ * lifetime);
857 static struct fib6_node* fib6_backtrack(struct fib6_node *fn,
858 struct in6_addr *saddr)
860 struct fib6_node *pn;
862 if (fn->fn_flags & RTN_TL_ROOT)
865 if (FIB6_SUBTREE(pn) && FIB6_SUBTREE(pn) != fn)
866 fn = fib6_lookup(FIB6_SUBTREE(pn), NULL, saddr);
869 if (fn->fn_flags & RTN_RTINFO)
874 static struct rt6_info *ip6_pol_route_lookup(struct net *net,
875 struct fib6_table *table,
876 struct flowi6 *fl6, int flags)
878 struct fib6_node *fn;
881 read_lock_bh(&table->tb6_lock);
882 fn = fib6_lookup(&table->tb6_root, &fl6->daddr, &fl6->saddr);
885 rt = rt6_device_match(net, rt, &fl6->saddr, fl6->flowi6_oif, flags);
886 if (rt->rt6i_nsiblings && fl6->flowi6_oif == 0)
887 rt = rt6_multipath_select(rt, fl6, fl6->flowi6_oif, flags);
888 if (rt == net->ipv6.ip6_null_entry) {
889 fn = fib6_backtrack(fn, &fl6->saddr);
893 dst_use(&rt->dst, jiffies);
894 read_unlock_bh(&table->tb6_lock);
896 trace_fib6_table_lookup(net, rt, table->tb6_id, fl6);
902 struct dst_entry *ip6_route_lookup(struct net *net, struct flowi6 *fl6,
905 return fib6_rule_lookup(net, fl6, flags, ip6_pol_route_lookup);
907 EXPORT_SYMBOL_GPL(ip6_route_lookup);
909 struct rt6_info *rt6_lookup(struct net *net, const struct in6_addr *daddr,
910 const struct in6_addr *saddr, int oif, int strict)
912 struct flowi6 fl6 = {
916 struct dst_entry *dst;
917 int flags = strict ? RT6_LOOKUP_F_IFACE : 0;
920 memcpy(&fl6.saddr, saddr, sizeof(*saddr));
921 flags |= RT6_LOOKUP_F_HAS_SADDR;
924 dst = fib6_rule_lookup(net, &fl6, flags, ip6_pol_route_lookup);
926 return (struct rt6_info *) dst;
932 EXPORT_SYMBOL(rt6_lookup);
934 /* ip6_ins_rt is called with FREE table->tb6_lock.
935 It takes new route entry, the addition fails by any reason the
936 route is freed. In any case, if caller does not hold it, it may
940 static int __ip6_ins_rt(struct rt6_info *rt, struct nl_info *info,
941 struct mx6_config *mxc,
942 struct netlink_ext_ack *extack)
945 struct fib6_table *table;
947 table = rt->rt6i_table;
948 write_lock_bh(&table->tb6_lock);
949 err = fib6_add(&table->tb6_root, rt, info, mxc, extack);
950 write_unlock_bh(&table->tb6_lock);
955 int ip6_ins_rt(struct rt6_info *rt)
957 struct nl_info info = { .nl_net = dev_net(rt->dst.dev), };
958 struct mx6_config mxc = { .mx = NULL, };
960 return __ip6_ins_rt(rt, &info, &mxc, NULL);
963 static struct rt6_info *ip6_rt_cache_alloc(struct rt6_info *ort,
964 const struct in6_addr *daddr,
965 const struct in6_addr *saddr)
973 if (ort->rt6i_flags & (RTF_CACHE | RTF_PCPU))
974 ort = (struct rt6_info *)ort->dst.from;
976 rt = __ip6_dst_alloc(dev_net(ort->dst.dev), ort->dst.dev, 0);
981 ip6_rt_copy_init(rt, ort);
982 rt->rt6i_flags |= RTF_CACHE;
984 rt->dst.flags |= DST_HOST;
985 rt->rt6i_dst.addr = *daddr;
986 rt->rt6i_dst.plen = 128;
988 if (!rt6_is_gw_or_nonexthop(ort)) {
989 if (ort->rt6i_dst.plen != 128 &&
990 ipv6_addr_equal(&ort->rt6i_dst.addr, daddr))
991 rt->rt6i_flags |= RTF_ANYCAST;
992 #ifdef CONFIG_IPV6_SUBTREES
993 if (rt->rt6i_src.plen && saddr) {
994 rt->rt6i_src.addr = *saddr;
995 rt->rt6i_src.plen = 128;
1003 static struct rt6_info *ip6_rt_pcpu_alloc(struct rt6_info *rt)
1005 struct rt6_info *pcpu_rt;
1007 pcpu_rt = __ip6_dst_alloc(dev_net(rt->dst.dev),
1008 rt->dst.dev, rt->dst.flags);
1012 ip6_rt_copy_init(pcpu_rt, rt);
1013 pcpu_rt->rt6i_protocol = rt->rt6i_protocol;
1014 pcpu_rt->rt6i_flags |= RTF_PCPU;
1018 /* It should be called with read_lock_bh(&tb6_lock) acquired */
1019 static struct rt6_info *rt6_get_pcpu_route(struct rt6_info *rt)
1021 struct rt6_info *pcpu_rt, **p;
1023 p = this_cpu_ptr(rt->rt6i_pcpu);
1027 dst_hold(&pcpu_rt->dst);
1028 rt6_dst_from_metrics_check(pcpu_rt);
1033 static struct rt6_info *rt6_make_pcpu_route(struct rt6_info *rt)
1035 struct fib6_table *table = rt->rt6i_table;
1036 struct rt6_info *pcpu_rt, *prev, **p;
1038 pcpu_rt = ip6_rt_pcpu_alloc(rt);
1040 struct net *net = dev_net(rt->dst.dev);
1042 dst_hold(&net->ipv6.ip6_null_entry->dst);
1043 return net->ipv6.ip6_null_entry;
1046 read_lock_bh(&table->tb6_lock);
1047 if (rt->rt6i_pcpu) {
1048 p = this_cpu_ptr(rt->rt6i_pcpu);
1049 prev = cmpxchg(p, NULL, pcpu_rt);
1051 /* If someone did it before us, return prev instead */
1052 dst_destroy(&pcpu_rt->dst);
1056 /* rt has been removed from the fib6 tree
1057 * before we have a chance to acquire the read_lock.
1058 * In this case, don't brother to create a pcpu rt
1059 * since rt is going away anyway. The next
1060 * dst_check() will trigger a re-lookup.
1062 dst_destroy(&pcpu_rt->dst);
1065 dst_hold(&pcpu_rt->dst);
1066 rt6_dst_from_metrics_check(pcpu_rt);
1067 read_unlock_bh(&table->tb6_lock);
1071 struct rt6_info *ip6_pol_route(struct net *net, struct fib6_table *table,
1072 int oif, struct flowi6 *fl6, int flags)
1074 struct fib6_node *fn, *saved_fn;
1075 struct rt6_info *rt;
1078 strict |= flags & RT6_LOOKUP_F_IFACE;
1079 strict |= flags & RT6_LOOKUP_F_IGNORE_LINKSTATE;
1080 if (net->ipv6.devconf_all->forwarding == 0)
1081 strict |= RT6_LOOKUP_F_REACHABLE;
1083 read_lock_bh(&table->tb6_lock);
1085 fn = fib6_lookup(&table->tb6_root, &fl6->daddr, &fl6->saddr);
1088 if (fl6->flowi6_flags & FLOWI_FLAG_SKIP_NH_OIF)
1092 rt = rt6_select(fn, oif, strict);
1093 if (rt->rt6i_nsiblings)
1094 rt = rt6_multipath_select(rt, fl6, oif, strict);
1095 if (rt == net->ipv6.ip6_null_entry) {
1096 fn = fib6_backtrack(fn, &fl6->saddr);
1098 goto redo_rt6_select;
1099 else if (strict & RT6_LOOKUP_F_REACHABLE) {
1100 /* also consider unreachable route */
1101 strict &= ~RT6_LOOKUP_F_REACHABLE;
1103 goto redo_rt6_select;
1108 if (rt == net->ipv6.ip6_null_entry || (rt->rt6i_flags & RTF_CACHE)) {
1109 dst_use(&rt->dst, jiffies);
1110 read_unlock_bh(&table->tb6_lock);
1112 rt6_dst_from_metrics_check(rt);
1114 trace_fib6_table_lookup(net, rt, table->tb6_id, fl6);
1116 } else if (unlikely((fl6->flowi6_flags & FLOWI_FLAG_KNOWN_NH) &&
1117 !(rt->rt6i_flags & RTF_GATEWAY))) {
1118 /* Create a RTF_CACHE clone which will not be
1119 * owned by the fib6 tree. It is for the special case where
1120 * the daddr in the skb during the neighbor look-up is different
1121 * from the fl6->daddr used to look-up route here.
1124 struct rt6_info *uncached_rt;
1126 dst_use(&rt->dst, jiffies);
1127 read_unlock_bh(&table->tb6_lock);
1129 uncached_rt = ip6_rt_cache_alloc(rt, &fl6->daddr, NULL);
1130 dst_release(&rt->dst);
1133 rt6_uncached_list_add(uncached_rt);
1135 uncached_rt = net->ipv6.ip6_null_entry;
1137 dst_hold(&uncached_rt->dst);
1139 trace_fib6_table_lookup(net, uncached_rt, table->tb6_id, fl6);
1143 /* Get a percpu copy */
1145 struct rt6_info *pcpu_rt;
1147 rt->dst.lastuse = jiffies;
1149 pcpu_rt = rt6_get_pcpu_route(rt);
1152 read_unlock_bh(&table->tb6_lock);
1154 /* We have to do the read_unlock first
1155 * because rt6_make_pcpu_route() may trigger
1156 * ip6_dst_gc() which will take the write_lock.
1159 read_unlock_bh(&table->tb6_lock);
1160 pcpu_rt = rt6_make_pcpu_route(rt);
1161 dst_release(&rt->dst);
1164 trace_fib6_table_lookup(net, pcpu_rt, table->tb6_id, fl6);
1169 EXPORT_SYMBOL_GPL(ip6_pol_route);
1171 static struct rt6_info *ip6_pol_route_input(struct net *net, struct fib6_table *table,
1172 struct flowi6 *fl6, int flags)
1174 return ip6_pol_route(net, table, fl6->flowi6_iif, fl6, flags);
1177 struct dst_entry *ip6_route_input_lookup(struct net *net,
1178 struct net_device *dev,
1179 struct flowi6 *fl6, int flags)
1181 if (rt6_need_strict(&fl6->daddr) && dev->type != ARPHRD_PIMREG)
1182 flags |= RT6_LOOKUP_F_IFACE;
1184 return fib6_rule_lookup(net, fl6, flags, ip6_pol_route_input);
1186 EXPORT_SYMBOL_GPL(ip6_route_input_lookup);
1188 void ip6_route_input(struct sk_buff *skb)
1190 const struct ipv6hdr *iph = ipv6_hdr(skb);
1191 struct net *net = dev_net(skb->dev);
1192 int flags = RT6_LOOKUP_F_HAS_SADDR;
1193 struct ip_tunnel_info *tun_info;
1194 struct flowi6 fl6 = {
1195 .flowi6_iif = skb->dev->ifindex,
1196 .daddr = iph->daddr,
1197 .saddr = iph->saddr,
1198 .flowlabel = ip6_flowinfo(iph),
1199 .flowi6_mark = skb->mark,
1200 .flowi6_proto = iph->nexthdr,
1203 tun_info = skb_tunnel_info(skb);
1204 if (tun_info && !(tun_info->mode & IP_TUNNEL_INFO_TX))
1205 fl6.flowi6_tun_key.tun_id = tun_info->key.tun_id;
1207 skb_dst_set(skb, ip6_route_input_lookup(net, skb->dev, &fl6, flags));
1210 static struct rt6_info *ip6_pol_route_output(struct net *net, struct fib6_table *table,
1211 struct flowi6 *fl6, int flags)
1213 return ip6_pol_route(net, table, fl6->flowi6_oif, fl6, flags);
1216 struct dst_entry *ip6_route_output_flags(struct net *net, const struct sock *sk,
1217 struct flowi6 *fl6, int flags)
1221 if (rt6_need_strict(&fl6->daddr)) {
1222 struct dst_entry *dst;
1224 dst = l3mdev_link_scope_lookup(net, fl6);
1229 fl6->flowi6_iif = LOOPBACK_IFINDEX;
1231 any_src = ipv6_addr_any(&fl6->saddr);
1232 if ((sk && sk->sk_bound_dev_if) || rt6_need_strict(&fl6->daddr) ||
1233 (fl6->flowi6_oif && any_src))
1234 flags |= RT6_LOOKUP_F_IFACE;
1237 flags |= RT6_LOOKUP_F_HAS_SADDR;
1239 flags |= rt6_srcprefs2flags(inet6_sk(sk)->srcprefs);
1241 return fib6_rule_lookup(net, fl6, flags, ip6_pol_route_output);
1243 EXPORT_SYMBOL_GPL(ip6_route_output_flags);
1245 struct dst_entry *ip6_blackhole_route(struct net *net, struct dst_entry *dst_orig)
1247 struct rt6_info *rt, *ort = (struct rt6_info *) dst_orig;
1248 struct dst_entry *new = NULL;
1250 rt = dst_alloc(&ip6_dst_blackhole_ops, ort->dst.dev, 1, DST_OBSOLETE_NONE, 0);
1256 new->input = dst_discard;
1257 new->output = dst_discard_out;
1259 dst_copy_metrics(new, &ort->dst);
1260 rt->rt6i_idev = ort->rt6i_idev;
1262 in6_dev_hold(rt->rt6i_idev);
1264 rt->rt6i_gateway = ort->rt6i_gateway;
1265 rt->rt6i_flags = ort->rt6i_flags & ~RTF_PCPU;
1266 rt->rt6i_metric = 0;
1268 memcpy(&rt->rt6i_dst, &ort->rt6i_dst, sizeof(struct rt6key));
1269 #ifdef CONFIG_IPV6_SUBTREES
1270 memcpy(&rt->rt6i_src, &ort->rt6i_src, sizeof(struct rt6key));
1276 dst_release(dst_orig);
1277 return new ? new : ERR_PTR(-ENOMEM);
1281 * Destination cache support functions
1284 static void rt6_dst_from_metrics_check(struct rt6_info *rt)
1287 dst_metrics_ptr(&rt->dst) != dst_metrics_ptr(rt->dst.from))
1288 dst_init_metrics(&rt->dst, dst_metrics_ptr(rt->dst.from), true);
1291 static struct dst_entry *rt6_check(struct rt6_info *rt, u32 cookie)
1293 if (!rt->rt6i_node || (rt->rt6i_node->fn_sernum != cookie))
1296 if (rt6_check_expired(rt))
1302 static struct dst_entry *rt6_dst_from_check(struct rt6_info *rt, u32 cookie)
1304 if (!__rt6_check_expired(rt) &&
1305 rt->dst.obsolete == DST_OBSOLETE_FORCE_CHK &&
1306 rt6_check((struct rt6_info *)(rt->dst.from), cookie))
1312 static struct dst_entry *ip6_dst_check(struct dst_entry *dst, u32 cookie)
1314 struct rt6_info *rt;
1316 rt = (struct rt6_info *) dst;
1318 /* All IPV6 dsts are created with ->obsolete set to the value
1319 * DST_OBSOLETE_FORCE_CHK which forces validation calls down
1320 * into this function always.
1323 rt6_dst_from_metrics_check(rt);
1325 if (rt->rt6i_flags & RTF_PCPU ||
1326 (unlikely(dst->flags & DST_NOCACHE) && rt->dst.from))
1327 return rt6_dst_from_check(rt, cookie);
1329 return rt6_check(rt, cookie);
1332 static struct dst_entry *ip6_negative_advice(struct dst_entry *dst)
1334 struct rt6_info *rt = (struct rt6_info *) dst;
1337 if (rt->rt6i_flags & RTF_CACHE) {
1338 if (rt6_check_expired(rt)) {
1350 static void ip6_link_failure(struct sk_buff *skb)
1352 struct rt6_info *rt;
1354 icmpv6_send(skb, ICMPV6_DEST_UNREACH, ICMPV6_ADDR_UNREACH, 0);
1356 rt = (struct rt6_info *) skb_dst(skb);
1358 if (rt->rt6i_flags & RTF_CACHE) {
1361 } else if (rt->rt6i_node && (rt->rt6i_flags & RTF_DEFAULT)) {
1362 rt->rt6i_node->fn_sernum = -1;
1367 static void rt6_do_update_pmtu(struct rt6_info *rt, u32 mtu)
1369 struct net *net = dev_net(rt->dst.dev);
1371 rt->rt6i_flags |= RTF_MODIFIED;
1372 rt->rt6i_pmtu = mtu;
1373 rt6_update_expires(rt, net->ipv6.sysctl.ip6_rt_mtu_expires);
1376 static bool rt6_cache_allowed_for_pmtu(const struct rt6_info *rt)
1378 return !(rt->rt6i_flags & RTF_CACHE) &&
1379 (rt->rt6i_flags & RTF_PCPU || rt->rt6i_node);
1382 static void __ip6_rt_update_pmtu(struct dst_entry *dst, const struct sock *sk,
1383 const struct ipv6hdr *iph, u32 mtu)
1385 const struct in6_addr *daddr, *saddr;
1386 struct rt6_info *rt6 = (struct rt6_info *)dst;
1388 if (rt6->rt6i_flags & RTF_LOCAL)
1391 if (dst_metric_locked(dst, RTAX_MTU))
1395 daddr = &iph->daddr;
1396 saddr = &iph->saddr;
1398 daddr = &sk->sk_v6_daddr;
1399 saddr = &inet6_sk(sk)->saddr;
1404 dst_confirm_neigh(dst, daddr);
1405 mtu = max_t(u32, mtu, IPV6_MIN_MTU);
1406 if (mtu >= dst_mtu(dst))
1409 if (!rt6_cache_allowed_for_pmtu(rt6)) {
1410 rt6_do_update_pmtu(rt6, mtu);
1412 struct rt6_info *nrt6;
1414 nrt6 = ip6_rt_cache_alloc(rt6, daddr, saddr);
1416 rt6_do_update_pmtu(nrt6, mtu);
1418 /* ip6_ins_rt(nrt6) will bump the
1419 * rt6->rt6i_node->fn_sernum
1420 * which will fail the next rt6_check() and
1421 * invalidate the sk->sk_dst_cache.
1428 static void ip6_rt_update_pmtu(struct dst_entry *dst, struct sock *sk,
1429 struct sk_buff *skb, u32 mtu)
1431 __ip6_rt_update_pmtu(dst, sk, skb ? ipv6_hdr(skb) : NULL, mtu);
1434 void ip6_update_pmtu(struct sk_buff *skb, struct net *net, __be32 mtu,
1435 int oif, u32 mark, kuid_t uid)
1437 const struct ipv6hdr *iph = (struct ipv6hdr *) skb->data;
1438 struct dst_entry *dst;
1441 memset(&fl6, 0, sizeof(fl6));
1442 fl6.flowi6_oif = oif;
1443 fl6.flowi6_mark = mark ? mark : IP6_REPLY_MARK(net, skb->mark);
1444 fl6.daddr = iph->daddr;
1445 fl6.saddr = iph->saddr;
1446 fl6.flowlabel = ip6_flowinfo(iph);
1447 fl6.flowi6_uid = uid;
1449 dst = ip6_route_output(net, NULL, &fl6);
1451 __ip6_rt_update_pmtu(dst, NULL, iph, ntohl(mtu));
1454 EXPORT_SYMBOL_GPL(ip6_update_pmtu);
1456 void ip6_sk_update_pmtu(struct sk_buff *skb, struct sock *sk, __be32 mtu)
1458 struct dst_entry *dst;
1460 ip6_update_pmtu(skb, sock_net(sk), mtu,
1461 sk->sk_bound_dev_if, sk->sk_mark, sk->sk_uid);
1463 dst = __sk_dst_get(sk);
1464 if (!dst || !dst->obsolete ||
1465 dst->ops->check(dst, inet6_sk(sk)->dst_cookie))
1469 if (!sock_owned_by_user(sk) && !ipv6_addr_v4mapped(&sk->sk_v6_daddr))
1470 ip6_datagram_dst_update(sk, false);
1473 EXPORT_SYMBOL_GPL(ip6_sk_update_pmtu);
1475 /* Handle redirects */
1476 struct ip6rd_flowi {
1478 struct in6_addr gateway;
1481 static struct rt6_info *__ip6_route_redirect(struct net *net,
1482 struct fib6_table *table,
1486 struct ip6rd_flowi *rdfl = (struct ip6rd_flowi *)fl6;
1487 struct rt6_info *rt;
1488 struct fib6_node *fn;
1490 /* Get the "current" route for this destination and
1491 * check if the redirect has come from appropriate router.
1493 * RFC 4861 specifies that redirects should only be
1494 * accepted if they come from the nexthop to the target.
1495 * Due to the way the routes are chosen, this notion
1496 * is a bit fuzzy and one might need to check all possible
1500 read_lock_bh(&table->tb6_lock);
1501 fn = fib6_lookup(&table->tb6_root, &fl6->daddr, &fl6->saddr);
1503 for (rt = fn->leaf; rt; rt = rt->dst.rt6_next) {
1504 if (rt6_check_expired(rt))
1508 if (!(rt->rt6i_flags & RTF_GATEWAY))
1510 if (fl6->flowi6_oif != rt->dst.dev->ifindex)
1512 if (!ipv6_addr_equal(&rdfl->gateway, &rt->rt6i_gateway))
1518 rt = net->ipv6.ip6_null_entry;
1519 else if (rt->dst.error) {
1520 rt = net->ipv6.ip6_null_entry;
1524 if (rt == net->ipv6.ip6_null_entry) {
1525 fn = fib6_backtrack(fn, &fl6->saddr);
1533 read_unlock_bh(&table->tb6_lock);
1535 trace_fib6_table_lookup(net, rt, table->tb6_id, fl6);
1539 static struct dst_entry *ip6_route_redirect(struct net *net,
1540 const struct flowi6 *fl6,
1541 const struct in6_addr *gateway)
1543 int flags = RT6_LOOKUP_F_HAS_SADDR;
1544 struct ip6rd_flowi rdfl;
1547 rdfl.gateway = *gateway;
1549 return fib6_rule_lookup(net, &rdfl.fl6,
1550 flags, __ip6_route_redirect);
1553 void ip6_redirect(struct sk_buff *skb, struct net *net, int oif, u32 mark,
1556 const struct ipv6hdr *iph = (struct ipv6hdr *) skb->data;
1557 struct dst_entry *dst;
1560 memset(&fl6, 0, sizeof(fl6));
1561 fl6.flowi6_iif = LOOPBACK_IFINDEX;
1562 fl6.flowi6_oif = oif;
1563 fl6.flowi6_mark = mark;
1564 fl6.daddr = iph->daddr;
1565 fl6.saddr = iph->saddr;
1566 fl6.flowlabel = ip6_flowinfo(iph);
1567 fl6.flowi6_uid = uid;
1569 dst = ip6_route_redirect(net, &fl6, &ipv6_hdr(skb)->saddr);
1570 rt6_do_redirect(dst, NULL, skb);
1573 EXPORT_SYMBOL_GPL(ip6_redirect);
1575 void ip6_redirect_no_header(struct sk_buff *skb, struct net *net, int oif,
1578 const struct ipv6hdr *iph = ipv6_hdr(skb);
1579 const struct rd_msg *msg = (struct rd_msg *)icmp6_hdr(skb);
1580 struct dst_entry *dst;
1583 memset(&fl6, 0, sizeof(fl6));
1584 fl6.flowi6_iif = LOOPBACK_IFINDEX;
1585 fl6.flowi6_oif = oif;
1586 fl6.flowi6_mark = mark;
1587 fl6.daddr = msg->dest;
1588 fl6.saddr = iph->daddr;
1589 fl6.flowi6_uid = sock_net_uid(net, NULL);
1591 dst = ip6_route_redirect(net, &fl6, &iph->saddr);
1592 rt6_do_redirect(dst, NULL, skb);
1596 void ip6_sk_redirect(struct sk_buff *skb, struct sock *sk)
1598 ip6_redirect(skb, sock_net(sk), sk->sk_bound_dev_if, sk->sk_mark,
1601 EXPORT_SYMBOL_GPL(ip6_sk_redirect);
1603 static unsigned int ip6_default_advmss(const struct dst_entry *dst)
1605 struct net_device *dev = dst->dev;
1606 unsigned int mtu = dst_mtu(dst);
1607 struct net *net = dev_net(dev);
1609 mtu -= sizeof(struct ipv6hdr) + sizeof(struct tcphdr);
1611 if (mtu < net->ipv6.sysctl.ip6_rt_min_advmss)
1612 mtu = net->ipv6.sysctl.ip6_rt_min_advmss;
1615 * Maximal non-jumbo IPv6 payload is IPV6_MAXPLEN and
1616 * corresponding MSS is IPV6_MAXPLEN - tcp_header_size.
1617 * IPV6_MAXPLEN is also valid and means: "any MSS,
1618 * rely only on pmtu discovery"
1620 if (mtu > IPV6_MAXPLEN - sizeof(struct tcphdr))
1625 static unsigned int ip6_mtu(const struct dst_entry *dst)
1627 const struct rt6_info *rt = (const struct rt6_info *)dst;
1628 unsigned int mtu = rt->rt6i_pmtu;
1629 struct inet6_dev *idev;
1634 mtu = dst_metric_raw(dst, RTAX_MTU);
1641 idev = __in6_dev_get(dst->dev);
1643 mtu = idev->cnf.mtu6;
1647 mtu = min_t(unsigned int, mtu, IP6_MAX_MTU);
1649 return mtu - lwtunnel_headroom(dst->lwtstate, mtu);
1652 static struct dst_entry *icmp6_dst_gc_list;
1653 static DEFINE_SPINLOCK(icmp6_dst_lock);
1655 struct dst_entry *icmp6_dst_alloc(struct net_device *dev,
1658 struct dst_entry *dst;
1659 struct rt6_info *rt;
1660 struct inet6_dev *idev = in6_dev_get(dev);
1661 struct net *net = dev_net(dev);
1663 if (unlikely(!idev))
1664 return ERR_PTR(-ENODEV);
1666 rt = ip6_dst_alloc(net, dev, 0);
1667 if (unlikely(!rt)) {
1669 dst = ERR_PTR(-ENOMEM);
1673 rt->dst.flags |= DST_HOST;
1674 rt->dst.output = ip6_output;
1675 atomic_set(&rt->dst.__refcnt, 1);
1676 rt->rt6i_gateway = fl6->daddr;
1677 rt->rt6i_dst.addr = fl6->daddr;
1678 rt->rt6i_dst.plen = 128;
1679 rt->rt6i_idev = idev;
1680 dst_metric_set(&rt->dst, RTAX_HOPLIMIT, 0);
1682 spin_lock_bh(&icmp6_dst_lock);
1683 rt->dst.next = icmp6_dst_gc_list;
1684 icmp6_dst_gc_list = &rt->dst;
1685 spin_unlock_bh(&icmp6_dst_lock);
1687 fib6_force_start_gc(net);
1689 dst = xfrm_lookup(net, &rt->dst, flowi6_to_flowi(fl6), NULL, 0);
1695 int icmp6_dst_gc(void)
1697 struct dst_entry *dst, **pprev;
1700 spin_lock_bh(&icmp6_dst_lock);
1701 pprev = &icmp6_dst_gc_list;
1703 while ((dst = *pprev) != NULL) {
1704 if (!atomic_read(&dst->__refcnt)) {
1713 spin_unlock_bh(&icmp6_dst_lock);
1718 static void icmp6_clean_all(int (*func)(struct rt6_info *rt, void *arg),
1721 struct dst_entry *dst, **pprev;
1723 spin_lock_bh(&icmp6_dst_lock);
1724 pprev = &icmp6_dst_gc_list;
1725 while ((dst = *pprev) != NULL) {
1726 struct rt6_info *rt = (struct rt6_info *) dst;
1727 if (func(rt, arg)) {
1734 spin_unlock_bh(&icmp6_dst_lock);
1737 static int ip6_dst_gc(struct dst_ops *ops)
1739 struct net *net = container_of(ops, struct net, ipv6.ip6_dst_ops);
1740 int rt_min_interval = net->ipv6.sysctl.ip6_rt_gc_min_interval;
1741 int rt_max_size = net->ipv6.sysctl.ip6_rt_max_size;
1742 int rt_elasticity = net->ipv6.sysctl.ip6_rt_gc_elasticity;
1743 int rt_gc_timeout = net->ipv6.sysctl.ip6_rt_gc_timeout;
1744 unsigned long rt_last_gc = net->ipv6.ip6_rt_last_gc;
1747 entries = dst_entries_get_fast(ops);
1748 if (time_after(rt_last_gc + rt_min_interval, jiffies) &&
1749 entries <= rt_max_size)
1752 net->ipv6.ip6_rt_gc_expire++;
1753 fib6_run_gc(net->ipv6.ip6_rt_gc_expire, net, true);
1754 entries = dst_entries_get_slow(ops);
1755 if (entries < ops->gc_thresh)
1756 net->ipv6.ip6_rt_gc_expire = rt_gc_timeout>>1;
1758 net->ipv6.ip6_rt_gc_expire -= net->ipv6.ip6_rt_gc_expire>>rt_elasticity;
1759 return entries > rt_max_size;
1762 static int ip6_convert_metrics(struct mx6_config *mxc,
1763 const struct fib6_config *cfg)
1765 bool ecn_ca = false;
1773 mp = kzalloc(sizeof(u32) * RTAX_MAX, GFP_KERNEL);
1777 nla_for_each_attr(nla, cfg->fc_mx, cfg->fc_mx_len, remaining) {
1778 int type = nla_type(nla);
1783 if (unlikely(type > RTAX_MAX))
1786 if (type == RTAX_CC_ALGO) {
1787 char tmp[TCP_CA_NAME_MAX];
1789 nla_strlcpy(tmp, nla, sizeof(tmp));
1790 val = tcp_ca_get_key_by_name(tmp, &ecn_ca);
1791 if (val == TCP_CA_UNSPEC)
1794 val = nla_get_u32(nla);
1796 if (type == RTAX_HOPLIMIT && val > 255)
1798 if (type == RTAX_FEATURES && (val & ~RTAX_FEATURE_MASK))
1802 __set_bit(type - 1, mxc->mx_valid);
1806 __set_bit(RTAX_FEATURES - 1, mxc->mx_valid);
1807 mp[RTAX_FEATURES - 1] |= DST_FEATURE_ECN_CA;
1817 static struct rt6_info *ip6_nh_lookup_table(struct net *net,
1818 struct fib6_config *cfg,
1819 const struct in6_addr *gw_addr)
1821 struct flowi6 fl6 = {
1822 .flowi6_oif = cfg->fc_ifindex,
1824 .saddr = cfg->fc_prefsrc,
1826 struct fib6_table *table;
1827 struct rt6_info *rt;
1828 int flags = RT6_LOOKUP_F_IFACE | RT6_LOOKUP_F_IGNORE_LINKSTATE;
1830 table = fib6_get_table(net, cfg->fc_table);
1834 if (!ipv6_addr_any(&cfg->fc_prefsrc))
1835 flags |= RT6_LOOKUP_F_HAS_SADDR;
1837 rt = ip6_pol_route(net, table, cfg->fc_ifindex, &fl6, flags);
1839 /* if table lookup failed, fall back to full lookup */
1840 if (rt == net->ipv6.ip6_null_entry) {
1848 static struct rt6_info *ip6_route_info_create(struct fib6_config *cfg,
1849 struct netlink_ext_ack *extack)
1851 struct net *net = cfg->fc_nlinfo.nl_net;
1852 struct rt6_info *rt = NULL;
1853 struct net_device *dev = NULL;
1854 struct inet6_dev *idev = NULL;
1855 struct fib6_table *table;
1859 /* RTF_PCPU is an internal flag; can not be set by userspace */
1860 if (cfg->fc_flags & RTF_PCPU) {
1861 NL_SET_ERR_MSG(extack, "Userspace can not set RTF_PCPU");
1865 if (cfg->fc_dst_len > 128) {
1866 NL_SET_ERR_MSG(extack, "Invalid prefix length");
1869 if (cfg->fc_src_len > 128) {
1870 NL_SET_ERR_MSG(extack, "Invalid source address length");
1873 #ifndef CONFIG_IPV6_SUBTREES
1874 if (cfg->fc_src_len) {
1875 NL_SET_ERR_MSG(extack,
1876 "Specifying source address requires IPV6_SUBTREES to be enabled");
1880 if (cfg->fc_ifindex) {
1882 dev = dev_get_by_index(net, cfg->fc_ifindex);
1885 idev = in6_dev_get(dev);
1890 if (cfg->fc_metric == 0)
1891 cfg->fc_metric = IP6_RT_PRIO_USER;
1894 if (cfg->fc_nlinfo.nlh &&
1895 !(cfg->fc_nlinfo.nlh->nlmsg_flags & NLM_F_CREATE)) {
1896 table = fib6_get_table(net, cfg->fc_table);
1898 pr_warn("NLM_F_CREATE should be specified when creating new route\n");
1899 table = fib6_new_table(net, cfg->fc_table);
1902 table = fib6_new_table(net, cfg->fc_table);
1908 rt = ip6_dst_alloc(net, NULL,
1909 (cfg->fc_flags & RTF_ADDRCONF) ? 0 : DST_NOCOUNT);
1916 if (cfg->fc_flags & RTF_EXPIRES)
1917 rt6_set_expires(rt, jiffies +
1918 clock_t_to_jiffies(cfg->fc_expires));
1920 rt6_clean_expires(rt);
1922 if (cfg->fc_protocol == RTPROT_UNSPEC)
1923 cfg->fc_protocol = RTPROT_BOOT;
1924 rt->rt6i_protocol = cfg->fc_protocol;
1926 addr_type = ipv6_addr_type(&cfg->fc_dst);
1928 if (addr_type & IPV6_ADDR_MULTICAST)
1929 rt->dst.input = ip6_mc_input;
1930 else if (cfg->fc_flags & RTF_LOCAL)
1931 rt->dst.input = ip6_input;
1933 rt->dst.input = ip6_forward;
1935 rt->dst.output = ip6_output;
1937 if (cfg->fc_encap) {
1938 struct lwtunnel_state *lwtstate;
1940 err = lwtunnel_build_state(cfg->fc_encap_type,
1941 cfg->fc_encap, AF_INET6, cfg,
1945 rt->dst.lwtstate = lwtstate_get(lwtstate);
1946 if (lwtunnel_output_redirect(rt->dst.lwtstate)) {
1947 rt->dst.lwtstate->orig_output = rt->dst.output;
1948 rt->dst.output = lwtunnel_output;
1950 if (lwtunnel_input_redirect(rt->dst.lwtstate)) {
1951 rt->dst.lwtstate->orig_input = rt->dst.input;
1952 rt->dst.input = lwtunnel_input;
1956 ipv6_addr_prefix(&rt->rt6i_dst.addr, &cfg->fc_dst, cfg->fc_dst_len);
1957 rt->rt6i_dst.plen = cfg->fc_dst_len;
1958 if (rt->rt6i_dst.plen == 128)
1959 rt->dst.flags |= DST_HOST;
1961 #ifdef CONFIG_IPV6_SUBTREES
1962 ipv6_addr_prefix(&rt->rt6i_src.addr, &cfg->fc_src, cfg->fc_src_len);
1963 rt->rt6i_src.plen = cfg->fc_src_len;
1966 rt->rt6i_metric = cfg->fc_metric;
1968 /* We cannot add true routes via loopback here,
1969 they would result in kernel looping; promote them to reject routes
1971 if ((cfg->fc_flags & RTF_REJECT) ||
1972 (dev && (dev->flags & IFF_LOOPBACK) &&
1973 !(addr_type & IPV6_ADDR_LOOPBACK) &&
1974 !(cfg->fc_flags & RTF_LOCAL))) {
1975 /* hold loopback dev/idev if we haven't done so. */
1976 if (dev != net->loopback_dev) {
1981 dev = net->loopback_dev;
1983 idev = in6_dev_get(dev);
1989 rt->rt6i_flags = RTF_REJECT|RTF_NONEXTHOP;
1990 switch (cfg->fc_type) {
1992 rt->dst.error = -EINVAL;
1993 rt->dst.output = dst_discard_out;
1994 rt->dst.input = dst_discard;
1997 rt->dst.error = -EACCES;
1998 rt->dst.output = ip6_pkt_prohibit_out;
1999 rt->dst.input = ip6_pkt_prohibit;
2002 case RTN_UNREACHABLE:
2004 rt->dst.error = (cfg->fc_type == RTN_THROW) ? -EAGAIN
2005 : (cfg->fc_type == RTN_UNREACHABLE)
2006 ? -EHOSTUNREACH : -ENETUNREACH;
2007 rt->dst.output = ip6_pkt_discard_out;
2008 rt->dst.input = ip6_pkt_discard;
2014 if (cfg->fc_flags & RTF_GATEWAY) {
2015 const struct in6_addr *gw_addr;
2018 gw_addr = &cfg->fc_gateway;
2019 gwa_type = ipv6_addr_type(gw_addr);
2021 /* if gw_addr is local we will fail to detect this in case
2022 * address is still TENTATIVE (DAD in progress). rt6_lookup()
2023 * will return already-added prefix route via interface that
2024 * prefix route was assigned to, which might be non-loopback.
2027 if (ipv6_chk_addr_and_flags(net, gw_addr,
2028 gwa_type & IPV6_ADDR_LINKLOCAL ?
2029 dev : NULL, 0, 0)) {
2030 NL_SET_ERR_MSG(extack, "Invalid gateway address");
2033 rt->rt6i_gateway = *gw_addr;
2035 if (gwa_type != (IPV6_ADDR_LINKLOCAL|IPV6_ADDR_UNICAST)) {
2036 struct rt6_info *grt = NULL;
2038 /* IPv6 strictly inhibits using not link-local
2039 addresses as nexthop address.
2040 Otherwise, router will not able to send redirects.
2041 It is very good, but in some (rare!) circumstances
2042 (SIT, PtP, NBMA NOARP links) it is handy to allow
2043 some exceptions. --ANK
2044 We allow IPv4-mapped nexthops to support RFC4798-type
2047 if (!(gwa_type & (IPV6_ADDR_UNICAST |
2048 IPV6_ADDR_MAPPED))) {
2049 NL_SET_ERR_MSG(extack,
2050 "Invalid gateway address");
2054 if (cfg->fc_table) {
2055 grt = ip6_nh_lookup_table(net, cfg, gw_addr);
2058 if (grt->rt6i_flags & RTF_GATEWAY ||
2059 (dev && dev != grt->dst.dev)) {
2067 grt = rt6_lookup(net, gw_addr, NULL,
2068 cfg->fc_ifindex, 1);
2070 err = -EHOSTUNREACH;
2074 if (dev != grt->dst.dev) {
2080 idev = grt->rt6i_idev;
2082 in6_dev_hold(grt->rt6i_idev);
2084 if (!(grt->rt6i_flags & RTF_GATEWAY))
2093 NL_SET_ERR_MSG(extack, "Egress device not specified");
2095 } else if (dev->flags & IFF_LOOPBACK) {
2096 NL_SET_ERR_MSG(extack,
2097 "Egress device can not be loopback device for this route");
2106 if (!ipv6_addr_any(&cfg->fc_prefsrc)) {
2107 if (!ipv6_chk_addr(net, &cfg->fc_prefsrc, dev, 0)) {
2108 NL_SET_ERR_MSG(extack, "Invalid source address");
2112 rt->rt6i_prefsrc.addr = cfg->fc_prefsrc;
2113 rt->rt6i_prefsrc.plen = 128;
2115 rt->rt6i_prefsrc.plen = 0;
2117 rt->rt6i_flags = cfg->fc_flags;
2121 rt->rt6i_idev = idev;
2122 rt->rt6i_table = table;
2124 cfg->fc_nlinfo.nl_net = dev_net(dev);
2135 return ERR_PTR(err);
2138 int ip6_route_add(struct fib6_config *cfg,
2139 struct netlink_ext_ack *extack)
2141 struct mx6_config mxc = { .mx = NULL, };
2142 struct rt6_info *rt;
2145 rt = ip6_route_info_create(cfg, extack);
2152 err = ip6_convert_metrics(&mxc, cfg);
2156 err = __ip6_ins_rt(rt, &cfg->fc_nlinfo, &mxc, extack);
2168 static int __ip6_del_rt(struct rt6_info *rt, struct nl_info *info)
2171 struct fib6_table *table;
2172 struct net *net = dev_net(rt->dst.dev);
2174 if (rt == net->ipv6.ip6_null_entry ||
2175 rt->dst.flags & DST_NOCACHE) {
2180 table = rt->rt6i_table;
2181 write_lock_bh(&table->tb6_lock);
2182 err = fib6_del(rt, info);
2183 write_unlock_bh(&table->tb6_lock);
2190 int ip6_del_rt(struct rt6_info *rt)
2192 struct nl_info info = {
2193 .nl_net = dev_net(rt->dst.dev),
2195 return __ip6_del_rt(rt, &info);
2198 static int __ip6_del_rt_siblings(struct rt6_info *rt, struct fib6_config *cfg)
2200 struct nl_info *info = &cfg->fc_nlinfo;
2201 struct net *net = info->nl_net;
2202 struct sk_buff *skb = NULL;
2203 struct fib6_table *table;
2206 if (rt == net->ipv6.ip6_null_entry)
2208 table = rt->rt6i_table;
2209 write_lock_bh(&table->tb6_lock);
2211 if (rt->rt6i_nsiblings && cfg->fc_delete_all_nh) {
2212 struct rt6_info *sibling, *next_sibling;
2214 /* prefer to send a single notification with all hops */
2215 skb = nlmsg_new(rt6_nlmsg_size(rt), gfp_any());
2217 u32 seq = info->nlh ? info->nlh->nlmsg_seq : 0;
2219 if (rt6_fill_node(net, skb, rt,
2220 NULL, NULL, 0, RTM_DELROUTE,
2221 info->portid, seq, 0) < 0) {
2225 info->skip_notify = 1;
2228 list_for_each_entry_safe(sibling, next_sibling,
2231 err = fib6_del(sibling, info);
2237 err = fib6_del(rt, info);
2239 write_unlock_bh(&table->tb6_lock);
2244 rtnl_notify(skb, net, info->portid, RTNLGRP_IPV6_ROUTE,
2245 info->nlh, gfp_any());
2250 static int ip6_route_del(struct fib6_config *cfg,
2251 struct netlink_ext_ack *extack)
2253 struct fib6_table *table;
2254 struct fib6_node *fn;
2255 struct rt6_info *rt;
2258 table = fib6_get_table(cfg->fc_nlinfo.nl_net, cfg->fc_table);
2260 NL_SET_ERR_MSG(extack, "FIB table does not exist");
2264 read_lock_bh(&table->tb6_lock);
2266 fn = fib6_locate(&table->tb6_root,
2267 &cfg->fc_dst, cfg->fc_dst_len,
2268 &cfg->fc_src, cfg->fc_src_len);
2271 for (rt = fn->leaf; rt; rt = rt->dst.rt6_next) {
2272 if ((rt->rt6i_flags & RTF_CACHE) &&
2273 !(cfg->fc_flags & RTF_CACHE))
2275 if (cfg->fc_ifindex &&
2277 rt->dst.dev->ifindex != cfg->fc_ifindex))
2279 if (cfg->fc_flags & RTF_GATEWAY &&
2280 !ipv6_addr_equal(&cfg->fc_gateway, &rt->rt6i_gateway))
2282 if (cfg->fc_metric && cfg->fc_metric != rt->rt6i_metric)
2284 if (cfg->fc_protocol && cfg->fc_protocol != rt->rt6i_protocol)
2287 read_unlock_bh(&table->tb6_lock);
2289 /* if gateway was specified only delete the one hop */
2290 if (cfg->fc_flags & RTF_GATEWAY)
2291 return __ip6_del_rt(rt, &cfg->fc_nlinfo);
2293 return __ip6_del_rt_siblings(rt, cfg);
2296 read_unlock_bh(&table->tb6_lock);
2301 static void rt6_do_redirect(struct dst_entry *dst, struct sock *sk, struct sk_buff *skb)
2303 struct netevent_redirect netevent;
2304 struct rt6_info *rt, *nrt = NULL;
2305 struct ndisc_options ndopts;
2306 struct inet6_dev *in6_dev;
2307 struct neighbour *neigh;
2309 int optlen, on_link;
2312 optlen = skb_tail_pointer(skb) - skb_transport_header(skb);
2313 optlen -= sizeof(*msg);
2316 net_dbg_ratelimited("rt6_do_redirect: packet too short\n");
2320 msg = (struct rd_msg *)icmp6_hdr(skb);
2322 if (ipv6_addr_is_multicast(&msg->dest)) {
2323 net_dbg_ratelimited("rt6_do_redirect: destination address is multicast\n");
2328 if (ipv6_addr_equal(&msg->dest, &msg->target)) {
2330 } else if (ipv6_addr_type(&msg->target) !=
2331 (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
2332 net_dbg_ratelimited("rt6_do_redirect: target address is not link-local unicast\n");
2336 in6_dev = __in6_dev_get(skb->dev);
2339 if (in6_dev->cnf.forwarding || !in6_dev->cnf.accept_redirects)
2343 * The IP source address of the Redirect MUST be the same as the current
2344 * first-hop router for the specified ICMP Destination Address.
2347 if (!ndisc_parse_options(skb->dev, msg->opt, optlen, &ndopts)) {
2348 net_dbg_ratelimited("rt6_redirect: invalid ND options\n");
2353 if (ndopts.nd_opts_tgt_lladdr) {
2354 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr,
2357 net_dbg_ratelimited("rt6_redirect: invalid link-layer address length\n");
2362 rt = (struct rt6_info *) dst;
2363 if (rt->rt6i_flags & RTF_REJECT) {
2364 net_dbg_ratelimited("rt6_redirect: source isn't a valid nexthop for redirect target\n");
2368 /* Redirect received -> path was valid.
2369 * Look, redirects are sent only in response to data packets,
2370 * so that this nexthop apparently is reachable. --ANK
2372 dst_confirm_neigh(&rt->dst, &ipv6_hdr(skb)->saddr);
2374 neigh = __neigh_lookup(&nd_tbl, &msg->target, skb->dev, 1);
2379 * We have finally decided to accept it.
2382 ndisc_update(skb->dev, neigh, lladdr, NUD_STALE,
2383 NEIGH_UPDATE_F_WEAK_OVERRIDE|
2384 NEIGH_UPDATE_F_OVERRIDE|
2385 (on_link ? 0 : (NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
2386 NEIGH_UPDATE_F_ISROUTER)),
2387 NDISC_REDIRECT, &ndopts);
2389 nrt = ip6_rt_cache_alloc(rt, &msg->dest, NULL);
2393 nrt->rt6i_flags = RTF_GATEWAY|RTF_UP|RTF_DYNAMIC|RTF_CACHE;
2395 nrt->rt6i_flags &= ~RTF_GATEWAY;
2397 nrt->rt6i_gateway = *(struct in6_addr *)neigh->primary_key;
2399 if (ip6_ins_rt(nrt))
2402 netevent.old = &rt->dst;
2403 netevent.new = &nrt->dst;
2404 netevent.daddr = &msg->dest;
2405 netevent.neigh = neigh;
2406 call_netevent_notifiers(NETEVENT_REDIRECT, &netevent);
2408 if (rt->rt6i_flags & RTF_CACHE) {
2409 rt = (struct rt6_info *) dst_clone(&rt->dst);
2414 neigh_release(neigh);
2418 * Misc support functions
2421 static void rt6_set_from(struct rt6_info *rt, struct rt6_info *from)
2423 BUG_ON(from->dst.from);
2425 rt->rt6i_flags &= ~RTF_EXPIRES;
2426 dst_hold(&from->dst);
2427 rt->dst.from = &from->dst;
2428 dst_init_metrics(&rt->dst, dst_metrics_ptr(&from->dst), true);
2431 static void ip6_rt_copy_init(struct rt6_info *rt, struct rt6_info *ort)
2433 rt->dst.input = ort->dst.input;
2434 rt->dst.output = ort->dst.output;
2435 rt->rt6i_dst = ort->rt6i_dst;
2436 rt->dst.error = ort->dst.error;
2437 rt->rt6i_idev = ort->rt6i_idev;
2439 in6_dev_hold(rt->rt6i_idev);
2440 rt->dst.lastuse = jiffies;
2441 rt->rt6i_gateway = ort->rt6i_gateway;
2442 rt->rt6i_flags = ort->rt6i_flags;
2443 rt6_set_from(rt, ort);
2444 rt->rt6i_metric = ort->rt6i_metric;
2445 #ifdef CONFIG_IPV6_SUBTREES
2446 rt->rt6i_src = ort->rt6i_src;
2448 rt->rt6i_prefsrc = ort->rt6i_prefsrc;
2449 rt->rt6i_table = ort->rt6i_table;
2450 rt->dst.lwtstate = lwtstate_get(ort->dst.lwtstate);
2453 #ifdef CONFIG_IPV6_ROUTE_INFO
2454 static struct rt6_info *rt6_get_route_info(struct net *net,
2455 const struct in6_addr *prefix, int prefixlen,
2456 const struct in6_addr *gwaddr,
2457 struct net_device *dev)
2459 u32 tb_id = l3mdev_fib_table(dev) ? : RT6_TABLE_INFO;
2460 int ifindex = dev->ifindex;
2461 struct fib6_node *fn;
2462 struct rt6_info *rt = NULL;
2463 struct fib6_table *table;
2465 table = fib6_get_table(net, tb_id);
2469 read_lock_bh(&table->tb6_lock);
2470 fn = fib6_locate(&table->tb6_root, prefix, prefixlen, NULL, 0);
2474 for (rt = fn->leaf; rt; rt = rt->dst.rt6_next) {
2475 if (rt->dst.dev->ifindex != ifindex)
2477 if ((rt->rt6i_flags & (RTF_ROUTEINFO|RTF_GATEWAY)) != (RTF_ROUTEINFO|RTF_GATEWAY))
2479 if (!ipv6_addr_equal(&rt->rt6i_gateway, gwaddr))
2485 read_unlock_bh(&table->tb6_lock);
2489 static struct rt6_info *rt6_add_route_info(struct net *net,
2490 const struct in6_addr *prefix, int prefixlen,
2491 const struct in6_addr *gwaddr,
2492 struct net_device *dev,
2495 struct fib6_config cfg = {
2496 .fc_metric = IP6_RT_PRIO_USER,
2497 .fc_ifindex = dev->ifindex,
2498 .fc_dst_len = prefixlen,
2499 .fc_flags = RTF_GATEWAY | RTF_ADDRCONF | RTF_ROUTEINFO |
2500 RTF_UP | RTF_PREF(pref),
2501 .fc_nlinfo.portid = 0,
2502 .fc_nlinfo.nlh = NULL,
2503 .fc_nlinfo.nl_net = net,
2506 cfg.fc_table = l3mdev_fib_table(dev) ? : RT6_TABLE_INFO,
2507 cfg.fc_dst = *prefix;
2508 cfg.fc_gateway = *gwaddr;
2510 /* We should treat it as a default route if prefix length is 0. */
2512 cfg.fc_flags |= RTF_DEFAULT;
2514 ip6_route_add(&cfg, NULL);
2516 return rt6_get_route_info(net, prefix, prefixlen, gwaddr, dev);
2520 struct rt6_info *rt6_get_dflt_router(const struct in6_addr *addr, struct net_device *dev)
2522 u32 tb_id = l3mdev_fib_table(dev) ? : RT6_TABLE_DFLT;
2523 struct rt6_info *rt;
2524 struct fib6_table *table;
2526 table = fib6_get_table(dev_net(dev), tb_id);
2530 read_lock_bh(&table->tb6_lock);
2531 for (rt = table->tb6_root.leaf; rt; rt = rt->dst.rt6_next) {
2532 if (dev == rt->dst.dev &&
2533 ((rt->rt6i_flags & (RTF_ADDRCONF | RTF_DEFAULT)) == (RTF_ADDRCONF | RTF_DEFAULT)) &&
2534 ipv6_addr_equal(&rt->rt6i_gateway, addr))
2539 read_unlock_bh(&table->tb6_lock);
2543 struct rt6_info *rt6_add_dflt_router(const struct in6_addr *gwaddr,
2544 struct net_device *dev,
2547 struct fib6_config cfg = {
2548 .fc_table = l3mdev_fib_table(dev) ? : RT6_TABLE_DFLT,
2549 .fc_metric = IP6_RT_PRIO_USER,
2550 .fc_ifindex = dev->ifindex,
2551 .fc_flags = RTF_GATEWAY | RTF_ADDRCONF | RTF_DEFAULT |
2552 RTF_UP | RTF_EXPIRES | RTF_PREF(pref),
2553 .fc_nlinfo.portid = 0,
2554 .fc_nlinfo.nlh = NULL,
2555 .fc_nlinfo.nl_net = dev_net(dev),
2558 cfg.fc_gateway = *gwaddr;
2560 if (!ip6_route_add(&cfg, NULL)) {
2561 struct fib6_table *table;
2563 table = fib6_get_table(dev_net(dev), cfg.fc_table);
2565 table->flags |= RT6_TABLE_HAS_DFLT_ROUTER;
2568 return rt6_get_dflt_router(gwaddr, dev);
2571 static void __rt6_purge_dflt_routers(struct fib6_table *table)
2573 struct rt6_info *rt;
2576 read_lock_bh(&table->tb6_lock);
2577 for (rt = table->tb6_root.leaf; rt; rt = rt->dst.rt6_next) {
2578 if (rt->rt6i_flags & (RTF_DEFAULT | RTF_ADDRCONF) &&
2579 (!rt->rt6i_idev || rt->rt6i_idev->cnf.accept_ra != 2)) {
2581 read_unlock_bh(&table->tb6_lock);
2586 read_unlock_bh(&table->tb6_lock);
2588 table->flags &= ~RT6_TABLE_HAS_DFLT_ROUTER;
2591 void rt6_purge_dflt_routers(struct net *net)
2593 struct fib6_table *table;
2594 struct hlist_head *head;
2599 for (h = 0; h < FIB6_TABLE_HASHSZ; h++) {
2600 head = &net->ipv6.fib_table_hash[h];
2601 hlist_for_each_entry_rcu(table, head, tb6_hlist) {
2602 if (table->flags & RT6_TABLE_HAS_DFLT_ROUTER)
2603 __rt6_purge_dflt_routers(table);
2610 static void rtmsg_to_fib6_config(struct net *net,
2611 struct in6_rtmsg *rtmsg,
2612 struct fib6_config *cfg)
2614 memset(cfg, 0, sizeof(*cfg));
2616 cfg->fc_table = l3mdev_fib_table_by_index(net, rtmsg->rtmsg_ifindex) ?
2618 cfg->fc_ifindex = rtmsg->rtmsg_ifindex;
2619 cfg->fc_metric = rtmsg->rtmsg_metric;
2620 cfg->fc_expires = rtmsg->rtmsg_info;
2621 cfg->fc_dst_len = rtmsg->rtmsg_dst_len;
2622 cfg->fc_src_len = rtmsg->rtmsg_src_len;
2623 cfg->fc_flags = rtmsg->rtmsg_flags;
2625 cfg->fc_nlinfo.nl_net = net;
2627 cfg->fc_dst = rtmsg->rtmsg_dst;
2628 cfg->fc_src = rtmsg->rtmsg_src;
2629 cfg->fc_gateway = rtmsg->rtmsg_gateway;
2632 int ipv6_route_ioctl(struct net *net, unsigned int cmd, void __user *arg)
2634 struct fib6_config cfg;
2635 struct in6_rtmsg rtmsg;
2639 case SIOCADDRT: /* Add a route */
2640 case SIOCDELRT: /* Delete a route */
2641 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
2643 err = copy_from_user(&rtmsg, arg,
2644 sizeof(struct in6_rtmsg));
2648 rtmsg_to_fib6_config(net, &rtmsg, &cfg);
2653 err = ip6_route_add(&cfg, NULL);
2656 err = ip6_route_del(&cfg, NULL);
2670 * Drop the packet on the floor
2673 static int ip6_pkt_drop(struct sk_buff *skb, u8 code, int ipstats_mib_noroutes)
2676 struct dst_entry *dst = skb_dst(skb);
2677 switch (ipstats_mib_noroutes) {
2678 case IPSTATS_MIB_INNOROUTES:
2679 type = ipv6_addr_type(&ipv6_hdr(skb)->daddr);
2680 if (type == IPV6_ADDR_ANY) {
2681 IP6_INC_STATS(dev_net(dst->dev), ip6_dst_idev(dst),
2682 IPSTATS_MIB_INADDRERRORS);
2686 case IPSTATS_MIB_OUTNOROUTES:
2687 IP6_INC_STATS(dev_net(dst->dev), ip6_dst_idev(dst),
2688 ipstats_mib_noroutes);
2691 icmpv6_send(skb, ICMPV6_DEST_UNREACH, code, 0);
2696 static int ip6_pkt_discard(struct sk_buff *skb)
2698 return ip6_pkt_drop(skb, ICMPV6_NOROUTE, IPSTATS_MIB_INNOROUTES);
2701 static int ip6_pkt_discard_out(struct net *net, struct sock *sk, struct sk_buff *skb)
2703 skb->dev = skb_dst(skb)->dev;
2704 return ip6_pkt_drop(skb, ICMPV6_NOROUTE, IPSTATS_MIB_OUTNOROUTES);
2707 static int ip6_pkt_prohibit(struct sk_buff *skb)
2709 return ip6_pkt_drop(skb, ICMPV6_ADM_PROHIBITED, IPSTATS_MIB_INNOROUTES);
2712 static int ip6_pkt_prohibit_out(struct net *net, struct sock *sk, struct sk_buff *skb)
2714 skb->dev = skb_dst(skb)->dev;
2715 return ip6_pkt_drop(skb, ICMPV6_ADM_PROHIBITED, IPSTATS_MIB_OUTNOROUTES);
2719 * Allocate a dst for local (unicast / anycast) address.
2722 struct rt6_info *addrconf_dst_alloc(struct inet6_dev *idev,
2723 const struct in6_addr *addr,
2727 struct net *net = dev_net(idev->dev);
2728 struct net_device *dev = net->loopback_dev;
2729 struct rt6_info *rt;
2731 /* use L3 Master device as loopback for host routes if device
2732 * is enslaved and address is not link local or multicast
2734 if (!rt6_need_strict(addr))
2735 dev = l3mdev_master_dev_rcu(idev->dev) ? : dev;
2737 rt = ip6_dst_alloc(net, dev, DST_NOCOUNT);
2739 return ERR_PTR(-ENOMEM);
2743 rt->dst.flags |= DST_HOST;
2744 rt->dst.input = ip6_input;
2745 rt->dst.output = ip6_output;
2746 rt->rt6i_idev = idev;
2748 rt->rt6i_protocol = RTPROT_KERNEL;
2749 rt->rt6i_flags = RTF_UP | RTF_NONEXTHOP;
2751 rt->rt6i_flags |= RTF_ANYCAST;
2753 rt->rt6i_flags |= RTF_LOCAL;
2755 rt->rt6i_gateway = *addr;
2756 rt->rt6i_dst.addr = *addr;
2757 rt->rt6i_dst.plen = 128;
2758 tb_id = l3mdev_fib_table(idev->dev) ? : RT6_TABLE_LOCAL;
2759 rt->rt6i_table = fib6_get_table(net, tb_id);
2760 rt->dst.flags |= DST_NOCACHE;
2762 atomic_set(&rt->dst.__refcnt, 1);
2767 /* remove deleted ip from prefsrc entries */
2768 struct arg_dev_net_ip {
2769 struct net_device *dev;
2771 struct in6_addr *addr;
2774 static int fib6_remove_prefsrc(struct rt6_info *rt, void *arg)
2776 struct net_device *dev = ((struct arg_dev_net_ip *)arg)->dev;
2777 struct net *net = ((struct arg_dev_net_ip *)arg)->net;
2778 struct in6_addr *addr = ((struct arg_dev_net_ip *)arg)->addr;
2780 if (((void *)rt->dst.dev == dev || !dev) &&
2781 rt != net->ipv6.ip6_null_entry &&
2782 ipv6_addr_equal(addr, &rt->rt6i_prefsrc.addr)) {
2783 /* remove prefsrc entry */
2784 rt->rt6i_prefsrc.plen = 0;
2789 void rt6_remove_prefsrc(struct inet6_ifaddr *ifp)
2791 struct net *net = dev_net(ifp->idev->dev);
2792 struct arg_dev_net_ip adni = {
2793 .dev = ifp->idev->dev,
2797 fib6_clean_all(net, fib6_remove_prefsrc, &adni);
2800 #define RTF_RA_ROUTER (RTF_ADDRCONF | RTF_DEFAULT | RTF_GATEWAY)
2801 #define RTF_CACHE_GATEWAY (RTF_GATEWAY | RTF_CACHE)
2803 /* Remove routers and update dst entries when gateway turn into host. */
2804 static int fib6_clean_tohost(struct rt6_info *rt, void *arg)
2806 struct in6_addr *gateway = (struct in6_addr *)arg;
2808 if ((((rt->rt6i_flags & RTF_RA_ROUTER) == RTF_RA_ROUTER) ||
2809 ((rt->rt6i_flags & RTF_CACHE_GATEWAY) == RTF_CACHE_GATEWAY)) &&
2810 ipv6_addr_equal(gateway, &rt->rt6i_gateway)) {
2816 void rt6_clean_tohost(struct net *net, struct in6_addr *gateway)
2818 fib6_clean_all(net, fib6_clean_tohost, gateway);
2821 struct arg_dev_net {
2822 struct net_device *dev;
2826 /* called with write lock held for table with rt */
2827 static int fib6_ifdown(struct rt6_info *rt, void *arg)
2829 const struct arg_dev_net *adn = arg;
2830 const struct net_device *dev = adn->dev;
2832 if ((rt->dst.dev == dev || !dev) &&
2833 rt != adn->net->ipv6.ip6_null_entry &&
2834 (rt->rt6i_nsiblings == 0 ||
2835 (dev && netdev_unregistering(dev)) ||
2836 !rt->rt6i_idev->cnf.ignore_routes_with_linkdown))
2842 void rt6_ifdown(struct net *net, struct net_device *dev)
2844 struct arg_dev_net adn = {
2849 fib6_clean_all(net, fib6_ifdown, &adn);
2850 icmp6_clean_all(fib6_ifdown, &adn);
2852 rt6_uncached_list_flush_dev(net, dev);
2855 struct rt6_mtu_change_arg {
2856 struct net_device *dev;
2860 static int rt6_mtu_change_route(struct rt6_info *rt, void *p_arg)
2862 struct rt6_mtu_change_arg *arg = (struct rt6_mtu_change_arg *) p_arg;
2863 struct inet6_dev *idev;
2865 /* In IPv6 pmtu discovery is not optional,
2866 so that RTAX_MTU lock cannot disable it.
2867 We still use this lock to block changes
2868 caused by addrconf/ndisc.
2871 idev = __in6_dev_get(arg->dev);
2875 /* For administrative MTU increase, there is no way to discover
2876 IPv6 PMTU increase, so PMTU increase should be updated here.
2877 Since RFC 1981 doesn't include administrative MTU increase
2878 update PMTU increase is a MUST. (i.e. jumbo frame)
2881 If new MTU is less than route PMTU, this new MTU will be the
2882 lowest MTU in the path, update the route PMTU to reflect PMTU
2883 decreases; if new MTU is greater than route PMTU, and the
2884 old MTU is the lowest MTU in the path, update the route PMTU
2885 to reflect the increase. In this case if the other nodes' MTU
2886 also have the lowest MTU, TOO BIG MESSAGE will be lead to
2889 if (rt->dst.dev == arg->dev &&
2890 dst_metric_raw(&rt->dst, RTAX_MTU) &&
2891 !dst_metric_locked(&rt->dst, RTAX_MTU)) {
2892 if (rt->rt6i_flags & RTF_CACHE) {
2893 /* For RTF_CACHE with rt6i_pmtu == 0
2894 * (i.e. a redirected route),
2895 * the metrics of its rt->dst.from has already
2898 if (rt->rt6i_pmtu && rt->rt6i_pmtu > arg->mtu)
2899 rt->rt6i_pmtu = arg->mtu;
2900 } else if (dst_mtu(&rt->dst) >= arg->mtu ||
2901 (dst_mtu(&rt->dst) < arg->mtu &&
2902 dst_mtu(&rt->dst) == idev->cnf.mtu6)) {
2903 dst_metric_set(&rt->dst, RTAX_MTU, arg->mtu);
2909 void rt6_mtu_change(struct net_device *dev, unsigned int mtu)
2911 struct rt6_mtu_change_arg arg = {
2916 fib6_clean_all(dev_net(dev), rt6_mtu_change_route, &arg);
2919 static const struct nla_policy rtm_ipv6_policy[RTA_MAX+1] = {
2920 [RTA_GATEWAY] = { .len = sizeof(struct in6_addr) },
2921 [RTA_OIF] = { .type = NLA_U32 },
2922 [RTA_IIF] = { .type = NLA_U32 },
2923 [RTA_PRIORITY] = { .type = NLA_U32 },
2924 [RTA_METRICS] = { .type = NLA_NESTED },
2925 [RTA_MULTIPATH] = { .len = sizeof(struct rtnexthop) },
2926 [RTA_PREF] = { .type = NLA_U8 },
2927 [RTA_ENCAP_TYPE] = { .type = NLA_U16 },
2928 [RTA_ENCAP] = { .type = NLA_NESTED },
2929 [RTA_EXPIRES] = { .type = NLA_U32 },
2930 [RTA_UID] = { .type = NLA_U32 },
2931 [RTA_MARK] = { .type = NLA_U32 },
2934 static int rtm_to_fib6_config(struct sk_buff *skb, struct nlmsghdr *nlh,
2935 struct fib6_config *cfg,
2936 struct netlink_ext_ack *extack)
2939 struct nlattr *tb[RTA_MAX+1];
2943 err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_ipv6_policy,
2949 rtm = nlmsg_data(nlh);
2950 memset(cfg, 0, sizeof(*cfg));
2952 cfg->fc_table = rtm->rtm_table;
2953 cfg->fc_dst_len = rtm->rtm_dst_len;
2954 cfg->fc_src_len = rtm->rtm_src_len;
2955 cfg->fc_flags = RTF_UP;
2956 cfg->fc_protocol = rtm->rtm_protocol;
2957 cfg->fc_type = rtm->rtm_type;
2959 if (rtm->rtm_type == RTN_UNREACHABLE ||
2960 rtm->rtm_type == RTN_BLACKHOLE ||
2961 rtm->rtm_type == RTN_PROHIBIT ||
2962 rtm->rtm_type == RTN_THROW)
2963 cfg->fc_flags |= RTF_REJECT;
2965 if (rtm->rtm_type == RTN_LOCAL)
2966 cfg->fc_flags |= RTF_LOCAL;
2968 if (rtm->rtm_flags & RTM_F_CLONED)
2969 cfg->fc_flags |= RTF_CACHE;
2971 cfg->fc_nlinfo.portid = NETLINK_CB(skb).portid;
2972 cfg->fc_nlinfo.nlh = nlh;
2973 cfg->fc_nlinfo.nl_net = sock_net(skb->sk);
2975 if (tb[RTA_GATEWAY]) {
2976 cfg->fc_gateway = nla_get_in6_addr(tb[RTA_GATEWAY]);
2977 cfg->fc_flags |= RTF_GATEWAY;
2981 int plen = (rtm->rtm_dst_len + 7) >> 3;
2983 if (nla_len(tb[RTA_DST]) < plen)
2986 nla_memcpy(&cfg->fc_dst, tb[RTA_DST], plen);
2990 int plen = (rtm->rtm_src_len + 7) >> 3;
2992 if (nla_len(tb[RTA_SRC]) < plen)
2995 nla_memcpy(&cfg->fc_src, tb[RTA_SRC], plen);
2998 if (tb[RTA_PREFSRC])
2999 cfg->fc_prefsrc = nla_get_in6_addr(tb[RTA_PREFSRC]);
3002 cfg->fc_ifindex = nla_get_u32(tb[RTA_OIF]);
3004 if (tb[RTA_PRIORITY])
3005 cfg->fc_metric = nla_get_u32(tb[RTA_PRIORITY]);
3007 if (tb[RTA_METRICS]) {
3008 cfg->fc_mx = nla_data(tb[RTA_METRICS]);
3009 cfg->fc_mx_len = nla_len(tb[RTA_METRICS]);
3013 cfg->fc_table = nla_get_u32(tb[RTA_TABLE]);
3015 if (tb[RTA_MULTIPATH]) {
3016 cfg->fc_mp = nla_data(tb[RTA_MULTIPATH]);
3017 cfg->fc_mp_len = nla_len(tb[RTA_MULTIPATH]);
3019 err = lwtunnel_valid_encap_type_attr(cfg->fc_mp,
3020 cfg->fc_mp_len, extack);
3026 pref = nla_get_u8(tb[RTA_PREF]);
3027 if (pref != ICMPV6_ROUTER_PREF_LOW &&
3028 pref != ICMPV6_ROUTER_PREF_HIGH)
3029 pref = ICMPV6_ROUTER_PREF_MEDIUM;
3030 cfg->fc_flags |= RTF_PREF(pref);
3034 cfg->fc_encap = tb[RTA_ENCAP];
3036 if (tb[RTA_ENCAP_TYPE]) {
3037 cfg->fc_encap_type = nla_get_u16(tb[RTA_ENCAP_TYPE]);
3039 err = lwtunnel_valid_encap_type(cfg->fc_encap_type, extack);
3044 if (tb[RTA_EXPIRES]) {
3045 unsigned long timeout = addrconf_timeout_fixup(nla_get_u32(tb[RTA_EXPIRES]), HZ);
3047 if (addrconf_finite_timeout(timeout)) {
3048 cfg->fc_expires = jiffies_to_clock_t(timeout * HZ);
3049 cfg->fc_flags |= RTF_EXPIRES;
3059 struct rt6_info *rt6_info;
3060 struct fib6_config r_cfg;
3061 struct mx6_config mxc;
3062 struct list_head next;
3065 static void ip6_print_replace_route_err(struct list_head *rt6_nh_list)
3069 list_for_each_entry(nh, rt6_nh_list, next) {
3070 pr_warn("IPV6: multipath route replace failed (check consistency of installed routes): %pI6c nexthop %pI6c ifi %d\n",
3071 &nh->r_cfg.fc_dst, &nh->r_cfg.fc_gateway,
3072 nh->r_cfg.fc_ifindex);
3076 static int ip6_route_info_append(struct list_head *rt6_nh_list,
3077 struct rt6_info *rt, struct fib6_config *r_cfg)
3080 struct rt6_info *rtnh;
3083 list_for_each_entry(nh, rt6_nh_list, next) {
3084 /* check if rt6_info already exists */
3085 rtnh = nh->rt6_info;
3087 if (rtnh->dst.dev == rt->dst.dev &&
3088 rtnh->rt6i_idev == rt->rt6i_idev &&
3089 ipv6_addr_equal(&rtnh->rt6i_gateway,
3094 nh = kzalloc(sizeof(*nh), GFP_KERNEL);
3098 err = ip6_convert_metrics(&nh->mxc, r_cfg);
3103 memcpy(&nh->r_cfg, r_cfg, sizeof(*r_cfg));
3104 list_add_tail(&nh->next, rt6_nh_list);
3109 static void ip6_route_mpath_notify(struct rt6_info *rt,
3110 struct rt6_info *rt_last,
3111 struct nl_info *info,
3114 /* if this is an APPEND route, then rt points to the first route
3115 * inserted and rt_last points to last route inserted. Userspace
3116 * wants a consistent dump of the route which starts at the first
3117 * nexthop. Since sibling routes are always added at the end of
3118 * the list, find the first sibling of the last route appended
3120 if ((nlflags & NLM_F_APPEND) && rt_last && rt_last->rt6i_nsiblings) {
3121 rt = list_first_entry(&rt_last->rt6i_siblings,
3127 inet6_rt_notify(RTM_NEWROUTE, rt, info, nlflags);
3130 static int ip6_route_multipath_add(struct fib6_config *cfg,
3131 struct netlink_ext_ack *extack)
3133 struct rt6_info *rt_notif = NULL, *rt_last = NULL;
3134 struct nl_info *info = &cfg->fc_nlinfo;
3135 struct fib6_config r_cfg;
3136 struct rtnexthop *rtnh;
3137 struct rt6_info *rt;
3138 struct rt6_nh *err_nh;
3139 struct rt6_nh *nh, *nh_safe;
3145 int replace = (cfg->fc_nlinfo.nlh &&
3146 (cfg->fc_nlinfo.nlh->nlmsg_flags & NLM_F_REPLACE));
3147 LIST_HEAD(rt6_nh_list);
3149 nlflags = replace ? NLM_F_REPLACE : NLM_F_CREATE;
3150 if (info->nlh && info->nlh->nlmsg_flags & NLM_F_APPEND)
3151 nlflags |= NLM_F_APPEND;
3153 remaining = cfg->fc_mp_len;
3154 rtnh = (struct rtnexthop *)cfg->fc_mp;
3156 /* Parse a Multipath Entry and build a list (rt6_nh_list) of
3157 * rt6_info structs per nexthop
3159 while (rtnh_ok(rtnh, remaining)) {
3160 memcpy(&r_cfg, cfg, sizeof(*cfg));
3161 if (rtnh->rtnh_ifindex)
3162 r_cfg.fc_ifindex = rtnh->rtnh_ifindex;
3164 attrlen = rtnh_attrlen(rtnh);
3166 struct nlattr *nla, *attrs = rtnh_attrs(rtnh);
3168 nla = nla_find(attrs, attrlen, RTA_GATEWAY);
3170 r_cfg.fc_gateway = nla_get_in6_addr(nla);
3171 r_cfg.fc_flags |= RTF_GATEWAY;
3173 r_cfg.fc_encap = nla_find(attrs, attrlen, RTA_ENCAP);
3174 nla = nla_find(attrs, attrlen, RTA_ENCAP_TYPE);
3176 r_cfg.fc_encap_type = nla_get_u16(nla);
3179 rt = ip6_route_info_create(&r_cfg, extack);
3186 err = ip6_route_info_append(&rt6_nh_list, rt, &r_cfg);
3192 rtnh = rtnh_next(rtnh, &remaining);
3195 /* for add and replace send one notification with all nexthops.
3196 * Skip the notification in fib6_add_rt2node and send one with
3197 * the full route when done
3199 info->skip_notify = 1;
3202 list_for_each_entry(nh, &rt6_nh_list, next) {
3203 rt_last = nh->rt6_info;
3204 err = __ip6_ins_rt(nh->rt6_info, info, &nh->mxc, extack);
3205 /* save reference to first route for notification */
3206 if (!rt_notif && !err)
3207 rt_notif = nh->rt6_info;
3209 /* nh->rt6_info is used or freed at this point, reset to NULL*/
3210 nh->rt6_info = NULL;
3213 ip6_print_replace_route_err(&rt6_nh_list);
3218 /* Because each route is added like a single route we remove
3219 * these flags after the first nexthop: if there is a collision,
3220 * we have already failed to add the first nexthop:
3221 * fib6_add_rt2node() has rejected it; when replacing, old
3222 * nexthops have been replaced by first new, the rest should
3225 cfg->fc_nlinfo.nlh->nlmsg_flags &= ~(NLM_F_EXCL |
3230 /* success ... tell user about new route */
3231 ip6_route_mpath_notify(rt_notif, rt_last, info, nlflags);
3235 /* send notification for routes that were added so that
3236 * the delete notifications sent by ip6_route_del are
3240 ip6_route_mpath_notify(rt_notif, rt_last, info, nlflags);
3242 /* Delete routes that were already added */
3243 list_for_each_entry(nh, &rt6_nh_list, next) {
3246 ip6_route_del(&nh->r_cfg, extack);
3250 list_for_each_entry_safe(nh, nh_safe, &rt6_nh_list, next) {
3252 dst_free(&nh->rt6_info->dst);
3254 list_del(&nh->next);
3261 static int ip6_route_multipath_del(struct fib6_config *cfg,
3262 struct netlink_ext_ack *extack)
3264 struct fib6_config r_cfg;
3265 struct rtnexthop *rtnh;
3268 int err = 1, last_err = 0;
3270 remaining = cfg->fc_mp_len;
3271 rtnh = (struct rtnexthop *)cfg->fc_mp;
3273 /* Parse a Multipath Entry */
3274 while (rtnh_ok(rtnh, remaining)) {
3275 memcpy(&r_cfg, cfg, sizeof(*cfg));
3276 if (rtnh->rtnh_ifindex)
3277 r_cfg.fc_ifindex = rtnh->rtnh_ifindex;
3279 attrlen = rtnh_attrlen(rtnh);
3281 struct nlattr *nla, *attrs = rtnh_attrs(rtnh);
3283 nla = nla_find(attrs, attrlen, RTA_GATEWAY);
3285 nla_memcpy(&r_cfg.fc_gateway, nla, 16);
3286 r_cfg.fc_flags |= RTF_GATEWAY;
3289 err = ip6_route_del(&r_cfg, extack);
3293 rtnh = rtnh_next(rtnh, &remaining);
3299 static int inet6_rtm_delroute(struct sk_buff *skb, struct nlmsghdr *nlh,
3300 struct netlink_ext_ack *extack)
3302 struct fib6_config cfg;
3305 err = rtm_to_fib6_config(skb, nlh, &cfg, extack);
3310 return ip6_route_multipath_del(&cfg, extack);
3312 cfg.fc_delete_all_nh = 1;
3313 return ip6_route_del(&cfg, extack);
3317 static int inet6_rtm_newroute(struct sk_buff *skb, struct nlmsghdr *nlh,
3318 struct netlink_ext_ack *extack)
3320 struct fib6_config cfg;
3323 err = rtm_to_fib6_config(skb, nlh, &cfg, extack);
3328 return ip6_route_multipath_add(&cfg, extack);
3330 return ip6_route_add(&cfg, extack);
3333 static size_t rt6_nlmsg_size(struct rt6_info *rt)
3335 int nexthop_len = 0;
3337 if (rt->rt6i_nsiblings) {
3338 nexthop_len = nla_total_size(0) /* RTA_MULTIPATH */
3339 + NLA_ALIGN(sizeof(struct rtnexthop))
3340 + nla_total_size(16) /* RTA_GATEWAY */
3341 + lwtunnel_get_encap_size(rt->dst.lwtstate);
3343 nexthop_len *= rt->rt6i_nsiblings;
3346 return NLMSG_ALIGN(sizeof(struct rtmsg))
3347 + nla_total_size(16) /* RTA_SRC */
3348 + nla_total_size(16) /* RTA_DST */
3349 + nla_total_size(16) /* RTA_GATEWAY */
3350 + nla_total_size(16) /* RTA_PREFSRC */
3351 + nla_total_size(4) /* RTA_TABLE */
3352 + nla_total_size(4) /* RTA_IIF */
3353 + nla_total_size(4) /* RTA_OIF */
3354 + nla_total_size(4) /* RTA_PRIORITY */
3355 + RTAX_MAX * nla_total_size(4) /* RTA_METRICS */
3356 + nla_total_size(sizeof(struct rta_cacheinfo))
3357 + nla_total_size(TCP_CA_NAME_MAX) /* RTAX_CC_ALGO */
3358 + nla_total_size(1) /* RTA_PREF */
3359 + lwtunnel_get_encap_size(rt->dst.lwtstate)
3363 static int rt6_nexthop_info(struct sk_buff *skb, struct rt6_info *rt,
3364 unsigned int *flags, bool skip_oif)
3366 if (!netif_running(rt->dst.dev) || !netif_carrier_ok(rt->dst.dev)) {
3367 *flags |= RTNH_F_LINKDOWN;
3368 if (rt->rt6i_idev->cnf.ignore_routes_with_linkdown)
3369 *flags |= RTNH_F_DEAD;
3372 if (rt->rt6i_flags & RTF_GATEWAY) {
3373 if (nla_put_in6_addr(skb, RTA_GATEWAY, &rt->rt6i_gateway) < 0)
3374 goto nla_put_failure;
3377 /* not needed for multipath encoding b/c it has a rtnexthop struct */
3378 if (!skip_oif && rt->dst.dev &&
3379 nla_put_u32(skb, RTA_OIF, rt->dst.dev->ifindex))
3380 goto nla_put_failure;
3382 if (rt->dst.lwtstate &&
3383 lwtunnel_fill_encap(skb, rt->dst.lwtstate) < 0)
3384 goto nla_put_failure;
3392 /* add multipath next hop */
3393 static int rt6_add_nexthop(struct sk_buff *skb, struct rt6_info *rt)
3395 struct rtnexthop *rtnh;
3396 unsigned int flags = 0;
3398 rtnh = nla_reserve_nohdr(skb, sizeof(*rtnh));
3400 goto nla_put_failure;
3402 rtnh->rtnh_hops = 0;
3403 rtnh->rtnh_ifindex = rt->dst.dev ? rt->dst.dev->ifindex : 0;
3405 if (rt6_nexthop_info(skb, rt, &flags, true) < 0)
3406 goto nla_put_failure;
3408 rtnh->rtnh_flags = flags;
3410 /* length of rtnetlink header + attributes */
3411 rtnh->rtnh_len = nlmsg_get_pos(skb) - (void *)rtnh;
3419 static int rt6_fill_node(struct net *net,
3420 struct sk_buff *skb, struct rt6_info *rt,
3421 struct in6_addr *dst, struct in6_addr *src,
3422 int iif, int type, u32 portid, u32 seq,
3425 u32 metrics[RTAX_MAX];
3427 struct nlmsghdr *nlh;
3431 nlh = nlmsg_put(skb, portid, seq, type, sizeof(*rtm), flags);
3435 rtm = nlmsg_data(nlh);
3436 rtm->rtm_family = AF_INET6;
3437 rtm->rtm_dst_len = rt->rt6i_dst.plen;
3438 rtm->rtm_src_len = rt->rt6i_src.plen;
3441 table = rt->rt6i_table->tb6_id;
3443 table = RT6_TABLE_UNSPEC;
3444 rtm->rtm_table = table;
3445 if (nla_put_u32(skb, RTA_TABLE, table))
3446 goto nla_put_failure;
3447 if (rt->rt6i_flags & RTF_REJECT) {
3448 switch (rt->dst.error) {
3450 rtm->rtm_type = RTN_BLACKHOLE;
3453 rtm->rtm_type = RTN_PROHIBIT;
3456 rtm->rtm_type = RTN_THROW;
3459 rtm->rtm_type = RTN_UNREACHABLE;
3463 else if (rt->rt6i_flags & RTF_LOCAL)
3464 rtm->rtm_type = RTN_LOCAL;
3465 else if (rt->rt6i_flags & RTF_ANYCAST)
3466 rtm->rtm_type = RTN_ANYCAST;
3467 else if (rt->dst.dev && (rt->dst.dev->flags & IFF_LOOPBACK))
3468 rtm->rtm_type = RTN_LOCAL;
3470 rtm->rtm_type = RTN_UNICAST;
3472 rtm->rtm_scope = RT_SCOPE_UNIVERSE;
3473 rtm->rtm_protocol = rt->rt6i_protocol;
3474 if (rt->rt6i_flags & RTF_DYNAMIC)
3475 rtm->rtm_protocol = RTPROT_REDIRECT;
3476 else if (rt->rt6i_flags & RTF_ADDRCONF) {
3477 if (rt->rt6i_flags & (RTF_DEFAULT | RTF_ROUTEINFO))
3478 rtm->rtm_protocol = RTPROT_RA;
3480 rtm->rtm_protocol = RTPROT_KERNEL;
3483 if (rt->rt6i_flags & RTF_CACHE)
3484 rtm->rtm_flags |= RTM_F_CLONED;
3487 if (nla_put_in6_addr(skb, RTA_DST, dst))
3488 goto nla_put_failure;
3489 rtm->rtm_dst_len = 128;
3490 } else if (rtm->rtm_dst_len)
3491 if (nla_put_in6_addr(skb, RTA_DST, &rt->rt6i_dst.addr))
3492 goto nla_put_failure;
3493 #ifdef CONFIG_IPV6_SUBTREES
3495 if (nla_put_in6_addr(skb, RTA_SRC, src))
3496 goto nla_put_failure;
3497 rtm->rtm_src_len = 128;
3498 } else if (rtm->rtm_src_len &&
3499 nla_put_in6_addr(skb, RTA_SRC, &rt->rt6i_src.addr))
3500 goto nla_put_failure;
3503 #ifdef CONFIG_IPV6_MROUTE
3504 if (ipv6_addr_is_multicast(&rt->rt6i_dst.addr)) {
3505 int err = ip6mr_get_route(net, skb, rtm, portid);
3510 goto nla_put_failure;
3513 if (nla_put_u32(skb, RTA_IIF, iif))
3514 goto nla_put_failure;
3516 struct in6_addr saddr_buf;
3517 if (ip6_route_get_saddr(net, rt, dst, 0, &saddr_buf) == 0 &&
3518 nla_put_in6_addr(skb, RTA_PREFSRC, &saddr_buf))
3519 goto nla_put_failure;
3522 if (rt->rt6i_prefsrc.plen) {
3523 struct in6_addr saddr_buf;
3524 saddr_buf = rt->rt6i_prefsrc.addr;
3525 if (nla_put_in6_addr(skb, RTA_PREFSRC, &saddr_buf))
3526 goto nla_put_failure;
3529 memcpy(metrics, dst_metrics_ptr(&rt->dst), sizeof(metrics));
3531 metrics[RTAX_MTU - 1] = rt->rt6i_pmtu;
3532 if (rtnetlink_put_metrics(skb, metrics) < 0)
3533 goto nla_put_failure;
3535 if (nla_put_u32(skb, RTA_PRIORITY, rt->rt6i_metric))
3536 goto nla_put_failure;
3538 /* For multipath routes, walk the siblings list and add
3539 * each as a nexthop within RTA_MULTIPATH.
3541 if (rt->rt6i_nsiblings) {
3542 struct rt6_info *sibling, *next_sibling;
3545 mp = nla_nest_start(skb, RTA_MULTIPATH);
3547 goto nla_put_failure;
3549 if (rt6_add_nexthop(skb, rt) < 0)
3550 goto nla_put_failure;
3552 list_for_each_entry_safe(sibling, next_sibling,
3553 &rt->rt6i_siblings, rt6i_siblings) {
3554 if (rt6_add_nexthop(skb, sibling) < 0)
3555 goto nla_put_failure;
3558 nla_nest_end(skb, mp);
3560 if (rt6_nexthop_info(skb, rt, &rtm->rtm_flags, false) < 0)
3561 goto nla_put_failure;
3564 expires = (rt->rt6i_flags & RTF_EXPIRES) ? rt->dst.expires - jiffies : 0;
3566 if (rtnl_put_cacheinfo(skb, &rt->dst, 0, expires, rt->dst.error) < 0)
3567 goto nla_put_failure;
3569 if (nla_put_u8(skb, RTA_PREF, IPV6_EXTRACT_PREF(rt->rt6i_flags)))
3570 goto nla_put_failure;
3573 nlmsg_end(skb, nlh);
3577 nlmsg_cancel(skb, nlh);
3581 int rt6_dump_route(struct rt6_info *rt, void *p_arg)
3583 struct rt6_rtnl_dump_arg *arg = (struct rt6_rtnl_dump_arg *) p_arg;
3584 struct net *net = arg->net;
3586 if (rt == net->ipv6.ip6_null_entry)
3589 if (nlmsg_len(arg->cb->nlh) >= sizeof(struct rtmsg)) {
3590 struct rtmsg *rtm = nlmsg_data(arg->cb->nlh);
3592 /* user wants prefix routes only */
3593 if (rtm->rtm_flags & RTM_F_PREFIX &&
3594 !(rt->rt6i_flags & RTF_PREFIX_RT)) {
3595 /* success since this is not a prefix route */
3600 return rt6_fill_node(net,
3601 arg->skb, rt, NULL, NULL, 0, RTM_NEWROUTE,
3602 NETLINK_CB(arg->cb->skb).portid, arg->cb->nlh->nlmsg_seq,
3606 static int inet6_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr *nlh,
3607 struct netlink_ext_ack *extack)
3609 struct net *net = sock_net(in_skb->sk);
3610 struct nlattr *tb[RTA_MAX+1];
3611 int err, iif = 0, oif = 0;
3612 struct dst_entry *dst;
3613 struct rt6_info *rt;
3614 struct sk_buff *skb;
3619 err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_ipv6_policy,
3625 memset(&fl6, 0, sizeof(fl6));
3626 rtm = nlmsg_data(nlh);
3627 fl6.flowlabel = ip6_make_flowinfo(rtm->rtm_tos, 0);
3628 fibmatch = !!(rtm->rtm_flags & RTM_F_FIB_MATCH);
3631 if (nla_len(tb[RTA_SRC]) < sizeof(struct in6_addr))
3634 fl6.saddr = *(struct in6_addr *)nla_data(tb[RTA_SRC]);
3638 if (nla_len(tb[RTA_DST]) < sizeof(struct in6_addr))
3641 fl6.daddr = *(struct in6_addr *)nla_data(tb[RTA_DST]);
3645 iif = nla_get_u32(tb[RTA_IIF]);
3648 oif = nla_get_u32(tb[RTA_OIF]);
3651 fl6.flowi6_mark = nla_get_u32(tb[RTA_MARK]);
3654 fl6.flowi6_uid = make_kuid(current_user_ns(),
3655 nla_get_u32(tb[RTA_UID]));
3657 fl6.flowi6_uid = iif ? INVALID_UID : current_uid();
3660 struct net_device *dev;
3663 dev = __dev_get_by_index(net, iif);
3669 fl6.flowi6_iif = iif;
3671 if (!ipv6_addr_any(&fl6.saddr))
3672 flags |= RT6_LOOKUP_F_HAS_SADDR;
3675 dst = ip6_route_input_lookup(net, dev, &fl6, flags);
3677 fl6.flowi6_oif = oif;
3680 dst = ip6_route_output(net, NULL, &fl6);
3684 dst = ip6_route_lookup(net, &fl6, 0);
3686 rt = container_of(dst, struct rt6_info, dst);
3687 if (rt->dst.error) {
3688 err = rt->dst.error;
3693 if (rt == net->ipv6.ip6_null_entry) {
3694 err = rt->dst.error;
3699 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL);
3706 skb_dst_set(skb, &rt->dst);
3708 err = rt6_fill_node(net, skb, rt, NULL, NULL, iif,
3709 RTM_NEWROUTE, NETLINK_CB(in_skb).portid,
3712 err = rt6_fill_node(net, skb, rt, &fl6.daddr, &fl6.saddr, iif,
3713 RTM_NEWROUTE, NETLINK_CB(in_skb).portid,
3720 err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).portid);
3725 void inet6_rt_notify(int event, struct rt6_info *rt, struct nl_info *info,
3726 unsigned int nlm_flags)
3728 struct sk_buff *skb;
3729 struct net *net = info->nl_net;
3734 seq = info->nlh ? info->nlh->nlmsg_seq : 0;
3736 skb = nlmsg_new(rt6_nlmsg_size(rt), gfp_any());
3740 err = rt6_fill_node(net, skb, rt, NULL, NULL, 0,
3741 event, info->portid, seq, nlm_flags);
3743 /* -EMSGSIZE implies BUG in rt6_nlmsg_size() */
3744 WARN_ON(err == -EMSGSIZE);
3748 rtnl_notify(skb, net, info->portid, RTNLGRP_IPV6_ROUTE,
3749 info->nlh, gfp_any());
3753 rtnl_set_sk_err(net, RTNLGRP_IPV6_ROUTE, err);
3756 static int ip6_route_dev_notify(struct notifier_block *this,
3757 unsigned long event, void *ptr)
3759 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
3760 struct net *net = dev_net(dev);
3762 if (!(dev->flags & IFF_LOOPBACK))
3765 if (event == NETDEV_REGISTER) {
3766 net->ipv6.ip6_null_entry->dst.dev = dev;
3767 net->ipv6.ip6_null_entry->rt6i_idev = in6_dev_get(dev);
3768 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
3769 net->ipv6.ip6_prohibit_entry->dst.dev = dev;
3770 net->ipv6.ip6_prohibit_entry->rt6i_idev = in6_dev_get(dev);
3771 net->ipv6.ip6_blk_hole_entry->dst.dev = dev;
3772 net->ipv6.ip6_blk_hole_entry->rt6i_idev = in6_dev_get(dev);
3774 } else if (event == NETDEV_UNREGISTER) {
3775 in6_dev_put(net->ipv6.ip6_null_entry->rt6i_idev);
3776 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
3777 in6_dev_put(net->ipv6.ip6_prohibit_entry->rt6i_idev);
3778 in6_dev_put(net->ipv6.ip6_blk_hole_entry->rt6i_idev);
3789 #ifdef CONFIG_PROC_FS
3791 static const struct file_operations ipv6_route_proc_fops = {
3792 .owner = THIS_MODULE,
3793 .open = ipv6_route_open,
3795 .llseek = seq_lseek,
3796 .release = seq_release_net,
3799 static int rt6_stats_seq_show(struct seq_file *seq, void *v)
3801 struct net *net = (struct net *)seq->private;
3802 seq_printf(seq, "%04x %04x %04x %04x %04x %04x %04x\n",
3803 net->ipv6.rt6_stats->fib_nodes,
3804 net->ipv6.rt6_stats->fib_route_nodes,
3805 net->ipv6.rt6_stats->fib_rt_alloc,
3806 net->ipv6.rt6_stats->fib_rt_entries,
3807 net->ipv6.rt6_stats->fib_rt_cache,
3808 dst_entries_get_slow(&net->ipv6.ip6_dst_ops),
3809 net->ipv6.rt6_stats->fib_discarded_routes);
3814 static int rt6_stats_seq_open(struct inode *inode, struct file *file)
3816 return single_open_net(inode, file, rt6_stats_seq_show);
3819 static const struct file_operations rt6_stats_seq_fops = {
3820 .owner = THIS_MODULE,
3821 .open = rt6_stats_seq_open,
3823 .llseek = seq_lseek,
3824 .release = single_release_net,
3826 #endif /* CONFIG_PROC_FS */
3828 #ifdef CONFIG_SYSCTL
3831 int ipv6_sysctl_rtcache_flush(struct ctl_table *ctl, int write,
3832 void __user *buffer, size_t *lenp, loff_t *ppos)
3839 net = (struct net *)ctl->extra1;
3840 delay = net->ipv6.sysctl.flush_delay;
3841 proc_dointvec(ctl, write, buffer, lenp, ppos);
3842 fib6_run_gc(delay <= 0 ? 0 : (unsigned long)delay, net, delay > 0);
3846 struct ctl_table ipv6_route_table_template[] = {
3848 .procname = "flush",
3849 .data = &init_net.ipv6.sysctl.flush_delay,
3850 .maxlen = sizeof(int),
3852 .proc_handler = ipv6_sysctl_rtcache_flush
3855 .procname = "gc_thresh",
3856 .data = &ip6_dst_ops_template.gc_thresh,
3857 .maxlen = sizeof(int),
3859 .proc_handler = proc_dointvec,
3862 .procname = "max_size",
3863 .data = &init_net.ipv6.sysctl.ip6_rt_max_size,
3864 .maxlen = sizeof(int),
3866 .proc_handler = proc_dointvec,
3869 .procname = "gc_min_interval",
3870 .data = &init_net.ipv6.sysctl.ip6_rt_gc_min_interval,
3871 .maxlen = sizeof(int),
3873 .proc_handler = proc_dointvec_jiffies,
3876 .procname = "gc_timeout",
3877 .data = &init_net.ipv6.sysctl.ip6_rt_gc_timeout,
3878 .maxlen = sizeof(int),
3880 .proc_handler = proc_dointvec_jiffies,
3883 .procname = "gc_interval",
3884 .data = &init_net.ipv6.sysctl.ip6_rt_gc_interval,
3885 .maxlen = sizeof(int),
3887 .proc_handler = proc_dointvec_jiffies,
3890 .procname = "gc_elasticity",
3891 .data = &init_net.ipv6.sysctl.ip6_rt_gc_elasticity,
3892 .maxlen = sizeof(int),
3894 .proc_handler = proc_dointvec,
3897 .procname = "mtu_expires",
3898 .data = &init_net.ipv6.sysctl.ip6_rt_mtu_expires,
3899 .maxlen = sizeof(int),
3901 .proc_handler = proc_dointvec_jiffies,
3904 .procname = "min_adv_mss",
3905 .data = &init_net.ipv6.sysctl.ip6_rt_min_advmss,
3906 .maxlen = sizeof(int),
3908 .proc_handler = proc_dointvec,
3911 .procname = "gc_min_interval_ms",
3912 .data = &init_net.ipv6.sysctl.ip6_rt_gc_min_interval,
3913 .maxlen = sizeof(int),
3915 .proc_handler = proc_dointvec_ms_jiffies,
3920 struct ctl_table * __net_init ipv6_route_sysctl_init(struct net *net)
3922 struct ctl_table *table;
3924 table = kmemdup(ipv6_route_table_template,
3925 sizeof(ipv6_route_table_template),
3929 table[0].data = &net->ipv6.sysctl.flush_delay;
3930 table[0].extra1 = net;
3931 table[1].data = &net->ipv6.ip6_dst_ops.gc_thresh;
3932 table[2].data = &net->ipv6.sysctl.ip6_rt_max_size;
3933 table[3].data = &net->ipv6.sysctl.ip6_rt_gc_min_interval;
3934 table[4].data = &net->ipv6.sysctl.ip6_rt_gc_timeout;
3935 table[5].data = &net->ipv6.sysctl.ip6_rt_gc_interval;
3936 table[6].data = &net->ipv6.sysctl.ip6_rt_gc_elasticity;
3937 table[7].data = &net->ipv6.sysctl.ip6_rt_mtu_expires;
3938 table[8].data = &net->ipv6.sysctl.ip6_rt_min_advmss;
3939 table[9].data = &net->ipv6.sysctl.ip6_rt_gc_min_interval;
3941 /* Don't export sysctls to unprivileged users */
3942 if (net->user_ns != &init_user_ns)
3943 table[0].procname = NULL;
3950 static int __net_init ip6_route_net_init(struct net *net)
3954 memcpy(&net->ipv6.ip6_dst_ops, &ip6_dst_ops_template,
3955 sizeof(net->ipv6.ip6_dst_ops));
3957 if (dst_entries_init(&net->ipv6.ip6_dst_ops) < 0)
3958 goto out_ip6_dst_ops;
3960 net->ipv6.ip6_null_entry = kmemdup(&ip6_null_entry_template,
3961 sizeof(*net->ipv6.ip6_null_entry),
3963 if (!net->ipv6.ip6_null_entry)
3964 goto out_ip6_dst_entries;
3965 net->ipv6.ip6_null_entry->dst.path =
3966 (struct dst_entry *)net->ipv6.ip6_null_entry;
3967 net->ipv6.ip6_null_entry->dst.ops = &net->ipv6.ip6_dst_ops;
3968 dst_init_metrics(&net->ipv6.ip6_null_entry->dst,
3969 ip6_template_metrics, true);
3971 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
3972 net->ipv6.ip6_prohibit_entry = kmemdup(&ip6_prohibit_entry_template,
3973 sizeof(*net->ipv6.ip6_prohibit_entry),
3975 if (!net->ipv6.ip6_prohibit_entry)
3976 goto out_ip6_null_entry;
3977 net->ipv6.ip6_prohibit_entry->dst.path =
3978 (struct dst_entry *)net->ipv6.ip6_prohibit_entry;
3979 net->ipv6.ip6_prohibit_entry->dst.ops = &net->ipv6.ip6_dst_ops;
3980 dst_init_metrics(&net->ipv6.ip6_prohibit_entry->dst,
3981 ip6_template_metrics, true);
3983 net->ipv6.ip6_blk_hole_entry = kmemdup(&ip6_blk_hole_entry_template,
3984 sizeof(*net->ipv6.ip6_blk_hole_entry),
3986 if (!net->ipv6.ip6_blk_hole_entry)
3987 goto out_ip6_prohibit_entry;
3988 net->ipv6.ip6_blk_hole_entry->dst.path =
3989 (struct dst_entry *)net->ipv6.ip6_blk_hole_entry;
3990 net->ipv6.ip6_blk_hole_entry->dst.ops = &net->ipv6.ip6_dst_ops;
3991 dst_init_metrics(&net->ipv6.ip6_blk_hole_entry->dst,
3992 ip6_template_metrics, true);
3995 net->ipv6.sysctl.flush_delay = 0;
3996 net->ipv6.sysctl.ip6_rt_max_size = 4096;
3997 net->ipv6.sysctl.ip6_rt_gc_min_interval = HZ / 2;
3998 net->ipv6.sysctl.ip6_rt_gc_timeout = 60*HZ;
3999 net->ipv6.sysctl.ip6_rt_gc_interval = 30*HZ;
4000 net->ipv6.sysctl.ip6_rt_gc_elasticity = 9;
4001 net->ipv6.sysctl.ip6_rt_mtu_expires = 10*60*HZ;
4002 net->ipv6.sysctl.ip6_rt_min_advmss = IPV6_MIN_MTU - 20 - 40;
4004 net->ipv6.ip6_rt_gc_expire = 30*HZ;
4010 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
4011 out_ip6_prohibit_entry:
4012 kfree(net->ipv6.ip6_prohibit_entry);
4014 kfree(net->ipv6.ip6_null_entry);
4016 out_ip6_dst_entries:
4017 dst_entries_destroy(&net->ipv6.ip6_dst_ops);
4022 static void __net_exit ip6_route_net_exit(struct net *net)
4024 kfree(net->ipv6.ip6_null_entry);
4025 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
4026 kfree(net->ipv6.ip6_prohibit_entry);
4027 kfree(net->ipv6.ip6_blk_hole_entry);
4029 dst_entries_destroy(&net->ipv6.ip6_dst_ops);
4032 static int __net_init ip6_route_net_init_late(struct net *net)
4034 #ifdef CONFIG_PROC_FS
4035 proc_create("ipv6_route", 0, net->proc_net, &ipv6_route_proc_fops);
4036 proc_create("rt6_stats", S_IRUGO, net->proc_net, &rt6_stats_seq_fops);
4041 static void __net_exit ip6_route_net_exit_late(struct net *net)
4043 #ifdef CONFIG_PROC_FS
4044 remove_proc_entry("ipv6_route", net->proc_net);
4045 remove_proc_entry("rt6_stats", net->proc_net);
4049 static struct pernet_operations ip6_route_net_ops = {
4050 .init = ip6_route_net_init,
4051 .exit = ip6_route_net_exit,
4054 static int __net_init ipv6_inetpeer_init(struct net *net)
4056 struct inet_peer_base *bp = kmalloc(sizeof(*bp), GFP_KERNEL);
4060 inet_peer_base_init(bp);
4061 net->ipv6.peers = bp;
4065 static void __net_exit ipv6_inetpeer_exit(struct net *net)
4067 struct inet_peer_base *bp = net->ipv6.peers;
4069 net->ipv6.peers = NULL;
4070 inetpeer_invalidate_tree(bp);
4074 static struct pernet_operations ipv6_inetpeer_ops = {
4075 .init = ipv6_inetpeer_init,
4076 .exit = ipv6_inetpeer_exit,
4079 static struct pernet_operations ip6_route_net_late_ops = {
4080 .init = ip6_route_net_init_late,
4081 .exit = ip6_route_net_exit_late,
4084 static struct notifier_block ip6_route_dev_notifier = {
4085 .notifier_call = ip6_route_dev_notify,
4086 .priority = ADDRCONF_NOTIFY_PRIORITY - 10,
4089 void __init ip6_route_init_special_entries(void)
4091 /* Registering of the loopback is done before this portion of code,
4092 * the loopback reference in rt6_info will not be taken, do it
4093 * manually for init_net */
4094 init_net.ipv6.ip6_null_entry->dst.dev = init_net.loopback_dev;
4095 init_net.ipv6.ip6_null_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev);
4096 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
4097 init_net.ipv6.ip6_prohibit_entry->dst.dev = init_net.loopback_dev;
4098 init_net.ipv6.ip6_prohibit_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev);
4099 init_net.ipv6.ip6_blk_hole_entry->dst.dev = init_net.loopback_dev;
4100 init_net.ipv6.ip6_blk_hole_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev);
4104 int __init ip6_route_init(void)
4110 ip6_dst_ops_template.kmem_cachep =
4111 kmem_cache_create("ip6_dst_cache", sizeof(struct rt6_info), 0,
4112 SLAB_HWCACHE_ALIGN, NULL);
4113 if (!ip6_dst_ops_template.kmem_cachep)
4116 ret = dst_entries_init(&ip6_dst_blackhole_ops);
4118 goto out_kmem_cache;
4120 ret = register_pernet_subsys(&ipv6_inetpeer_ops);
4122 goto out_dst_entries;
4124 ret = register_pernet_subsys(&ip6_route_net_ops);
4126 goto out_register_inetpeer;
4128 ip6_dst_blackhole_ops.kmem_cachep = ip6_dst_ops_template.kmem_cachep;
4132 goto out_register_subsys;
4138 ret = fib6_rules_init();
4142 ret = register_pernet_subsys(&ip6_route_net_late_ops);
4144 goto fib6_rules_init;
4147 if (__rtnl_register(PF_INET6, RTM_NEWROUTE, inet6_rtm_newroute, NULL, NULL) ||
4148 __rtnl_register(PF_INET6, RTM_DELROUTE, inet6_rtm_delroute, NULL, NULL) ||
4149 __rtnl_register(PF_INET6, RTM_GETROUTE, inet6_rtm_getroute, NULL, NULL))
4150 goto out_register_late_subsys;
4152 ret = register_netdevice_notifier(&ip6_route_dev_notifier);
4154 goto out_register_late_subsys;
4156 for_each_possible_cpu(cpu) {
4157 struct uncached_list *ul = per_cpu_ptr(&rt6_uncached_list, cpu);
4159 INIT_LIST_HEAD(&ul->head);
4160 spin_lock_init(&ul->lock);
4166 out_register_late_subsys:
4167 unregister_pernet_subsys(&ip6_route_net_late_ops);
4169 fib6_rules_cleanup();
4174 out_register_subsys:
4175 unregister_pernet_subsys(&ip6_route_net_ops);
4176 out_register_inetpeer:
4177 unregister_pernet_subsys(&ipv6_inetpeer_ops);
4179 dst_entries_destroy(&ip6_dst_blackhole_ops);
4181 kmem_cache_destroy(ip6_dst_ops_template.kmem_cachep);
4185 void ip6_route_cleanup(void)
4187 unregister_netdevice_notifier(&ip6_route_dev_notifier);
4188 unregister_pernet_subsys(&ip6_route_net_late_ops);
4189 fib6_rules_cleanup();
4192 unregister_pernet_subsys(&ipv6_inetpeer_ops);
4193 unregister_pernet_subsys(&ip6_route_net_ops);
4194 dst_entries_destroy(&ip6_dst_blackhole_ops);
4195 kmem_cache_destroy(ip6_dst_ops_template.kmem_cachep);
projects / linux-block.git / blob