2 * Linux INET6 implementation
6 * Pedro Roque <roque@di.fc.ul.pt>
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public License
10 * as published by the Free Software Foundation; either version
11 * 2 of the License, or (at your option) any later version.
16 * YOSHIFUJI Hideaki @USAGI
17 * reworked default router selection.
18 * - respect outgoing interface
19 * - select from (probably) reachable routers (i.e.
20 * routers in REACHABLE, STALE, DELAY or PROBE states).
21 * - always select the same router if it is (probably)
22 * reachable. otherwise, round-robin the list.
24 * Fixed routing subtrees.
27 #define pr_fmt(fmt) "IPv6: " fmt
29 #include <linux/capability.h>
30 #include <linux/errno.h>
31 #include <linux/export.h>
32 #include <linux/types.h>
33 #include <linux/times.h>
34 #include <linux/socket.h>
35 #include <linux/sockios.h>
36 #include <linux/net.h>
37 #include <linux/route.h>
38 #include <linux/netdevice.h>
39 #include <linux/in6.h>
40 #include <linux/mroute6.h>
41 #include <linux/init.h>
42 #include <linux/if_arp.h>
43 #include <linux/proc_fs.h>
44 #include <linux/seq_file.h>
45 #include <linux/nsproxy.h>
46 #include <linux/slab.h>
47 #include <net/net_namespace.h>
50 #include <net/ip6_fib.h>
51 #include <net/ip6_route.h>
52 #include <net/ndisc.h>
53 #include <net/addrconf.h>
55 #include <linux/rtnetlink.h>
57 #include <net/dst_metadata.h>
59 #include <net/netevent.h>
60 #include <net/netlink.h>
61 #include <net/nexthop.h>
62 #include <net/lwtunnel.h>
63 #include <net/ip_tunnels.h>
64 #include <net/l3mdev.h>
65 #include <trace/events/fib6.h>
67 #include <linux/uaccess.h>
70 #include <linux/sysctl.h>
74 RT6_NUD_FAIL_HARD
= -3,
75 RT6_NUD_FAIL_PROBE
= -2,
76 RT6_NUD_FAIL_DO_RR
= -1,
80 static void ip6_rt_copy_init(struct rt6_info
*rt
, struct rt6_info
*ort
);
81 static struct dst_entry
*ip6_dst_check(struct dst_entry
*dst
, u32 cookie
);
82 static unsigned int ip6_default_advmss(const struct dst_entry
*dst
);
83 static unsigned int ip6_mtu(const struct dst_entry
*dst
);
84 static struct dst_entry
*ip6_negative_advice(struct dst_entry
*);
85 static void ip6_dst_destroy(struct dst_entry
*);
86 static void ip6_dst_ifdown(struct dst_entry
*,
87 struct net_device
*dev
, int how
);
88 static int ip6_dst_gc(struct dst_ops
*ops
);
90 static int ip6_pkt_discard(struct sk_buff
*skb
);
91 static int ip6_pkt_discard_out(struct net
*net
, struct sock
*sk
, struct sk_buff
*skb
);
92 static int ip6_pkt_prohibit(struct sk_buff
*skb
);
93 static int ip6_pkt_prohibit_out(struct net
*net
, struct sock
*sk
, struct sk_buff
*skb
);
94 static void ip6_link_failure(struct sk_buff
*skb
);
95 static void ip6_rt_update_pmtu(struct dst_entry
*dst
, struct sock
*sk
,
96 struct sk_buff
*skb
, u32 mtu
);
97 static void rt6_do_redirect(struct dst_entry
*dst
, struct sock
*sk
,
99 static void rt6_dst_from_metrics_check(struct rt6_info
*rt
);
100 static int rt6_score_route(struct rt6_info
*rt
, int oif
, int strict
);
101 static size_t rt6_nlmsg_size(struct rt6_info
*rt
);
102 static int rt6_fill_node(struct net
*net
,
103 struct sk_buff
*skb
, struct rt6_info
*rt
,
104 struct in6_addr
*dst
, struct in6_addr
*src
,
105 int iif
, int type
, u32 portid
, u32 seq
,
108 #ifdef CONFIG_IPV6_ROUTE_INFO
109 static struct rt6_info
*rt6_add_route_info(struct net
*net
,
110 const struct in6_addr
*prefix
, int prefixlen
,
111 const struct in6_addr
*gwaddr
,
112 struct net_device
*dev
,
114 static struct rt6_info
*rt6_get_route_info(struct net
*net
,
115 const struct in6_addr
*prefix
, int prefixlen
,
116 const struct in6_addr
*gwaddr
,
117 struct net_device
*dev
);
120 struct uncached_list
{
122 struct list_head head
;
125 static DEFINE_PER_CPU_ALIGNED(struct uncached_list
, rt6_uncached_list
);
127 static void rt6_uncached_list_add(struct rt6_info
*rt
)
129 struct uncached_list
*ul
= raw_cpu_ptr(&rt6_uncached_list
);
131 rt
->rt6i_uncached_list
= ul
;
133 spin_lock_bh(&ul
->lock
);
134 list_add_tail(&rt
->rt6i_uncached
, &ul
->head
);
135 spin_unlock_bh(&ul
->lock
);
138 static void rt6_uncached_list_del(struct rt6_info
*rt
)
140 if (!list_empty(&rt
->rt6i_uncached
)) {
141 struct uncached_list
*ul
= rt
->rt6i_uncached_list
;
143 spin_lock_bh(&ul
->lock
);
144 list_del(&rt
->rt6i_uncached
);
145 spin_unlock_bh(&ul
->lock
);
149 static void rt6_uncached_list_flush_dev(struct net
*net
, struct net_device
*dev
)
151 struct net_device
*loopback_dev
= net
->loopback_dev
;
154 if (dev
== loopback_dev
)
157 for_each_possible_cpu(cpu
) {
158 struct uncached_list
*ul
= per_cpu_ptr(&rt6_uncached_list
, cpu
);
161 spin_lock_bh(&ul
->lock
);
162 list_for_each_entry(rt
, &ul
->head
, rt6i_uncached
) {
163 struct inet6_dev
*rt_idev
= rt
->rt6i_idev
;
164 struct net_device
*rt_dev
= rt
->dst
.dev
;
166 if (rt_idev
->dev
== dev
) {
167 rt
->rt6i_idev
= in6_dev_get(loopback_dev
);
168 in6_dev_put(rt_idev
);
172 rt
->dst
.dev
= loopback_dev
;
173 dev_hold(rt
->dst
.dev
);
177 spin_unlock_bh(&ul
->lock
);
181 static u32
*rt6_pcpu_cow_metrics(struct rt6_info
*rt
)
183 return dst_metrics_write_ptr(rt
->dst
.from
);
186 static u32
*ipv6_cow_metrics(struct dst_entry
*dst
, unsigned long old
)
188 struct rt6_info
*rt
= (struct rt6_info
*)dst
;
190 if (rt
->rt6i_flags
& RTF_PCPU
)
191 return rt6_pcpu_cow_metrics(rt
);
192 else if (rt
->rt6i_flags
& RTF_CACHE
)
195 return dst_cow_metrics_generic(dst
, old
);
198 static inline const void *choose_neigh_daddr(struct rt6_info
*rt
,
202 struct in6_addr
*p
= &rt
->rt6i_gateway
;
204 if (!ipv6_addr_any(p
))
205 return (const void *) p
;
207 return &ipv6_hdr(skb
)->daddr
;
211 static struct neighbour
*ip6_neigh_lookup(const struct dst_entry
*dst
,
215 struct rt6_info
*rt
= (struct rt6_info
*) dst
;
218 daddr
= choose_neigh_daddr(rt
, skb
, daddr
);
219 n
= __ipv6_neigh_lookup(dst
->dev
, daddr
);
222 return neigh_create(&nd_tbl
, daddr
, dst
->dev
);
225 static void ip6_confirm_neigh(const struct dst_entry
*dst
, const void *daddr
)
227 struct net_device
*dev
= dst
->dev
;
228 struct rt6_info
*rt
= (struct rt6_info
*)dst
;
230 daddr
= choose_neigh_daddr(rt
, NULL
, daddr
);
233 if (dev
->flags
& (IFF_NOARP
| IFF_LOOPBACK
))
235 if (ipv6_addr_is_multicast((const struct in6_addr
*)daddr
))
237 __ipv6_confirm_neigh(dev
, daddr
);
240 static struct dst_ops ip6_dst_ops_template
= {
244 .check
= ip6_dst_check
,
245 .default_advmss
= ip6_default_advmss
,
247 .cow_metrics
= ipv6_cow_metrics
,
248 .destroy
= ip6_dst_destroy
,
249 .ifdown
= ip6_dst_ifdown
,
250 .negative_advice
= ip6_negative_advice
,
251 .link_failure
= ip6_link_failure
,
252 .update_pmtu
= ip6_rt_update_pmtu
,
253 .redirect
= rt6_do_redirect
,
254 .local_out
= __ip6_local_out
,
255 .neigh_lookup
= ip6_neigh_lookup
,
256 .confirm_neigh
= ip6_confirm_neigh
,
259 static unsigned int ip6_blackhole_mtu(const struct dst_entry
*dst
)
261 unsigned int mtu
= dst_metric_raw(dst
, RTAX_MTU
);
263 return mtu
? : dst
->dev
->mtu
;
266 static void ip6_rt_blackhole_update_pmtu(struct dst_entry
*dst
, struct sock
*sk
,
267 struct sk_buff
*skb
, u32 mtu
)
271 static void ip6_rt_blackhole_redirect(struct dst_entry
*dst
, struct sock
*sk
,
276 static struct dst_ops ip6_dst_blackhole_ops
= {
278 .destroy
= ip6_dst_destroy
,
279 .check
= ip6_dst_check
,
280 .mtu
= ip6_blackhole_mtu
,
281 .default_advmss
= ip6_default_advmss
,
282 .update_pmtu
= ip6_rt_blackhole_update_pmtu
,
283 .redirect
= ip6_rt_blackhole_redirect
,
284 .cow_metrics
= dst_cow_metrics_generic
,
285 .neigh_lookup
= ip6_neigh_lookup
,
288 static const u32 ip6_template_metrics
[RTAX_MAX
] = {
289 [RTAX_HOPLIMIT
- 1] = 0,
292 static const struct rt6_info ip6_null_entry_template
= {
294 .__refcnt
= ATOMIC_INIT(1),
296 .obsolete
= DST_OBSOLETE_FORCE_CHK
,
297 .error
= -ENETUNREACH
,
298 .input
= ip6_pkt_discard
,
299 .output
= ip6_pkt_discard_out
,
301 .rt6i_flags
= (RTF_REJECT
| RTF_NONEXTHOP
),
302 .rt6i_protocol
= RTPROT_KERNEL
,
303 .rt6i_metric
= ~(u32
) 0,
304 .rt6i_ref
= ATOMIC_INIT(1),
307 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
309 static const struct rt6_info ip6_prohibit_entry_template
= {
311 .__refcnt
= ATOMIC_INIT(1),
313 .obsolete
= DST_OBSOLETE_FORCE_CHK
,
315 .input
= ip6_pkt_prohibit
,
316 .output
= ip6_pkt_prohibit_out
,
318 .rt6i_flags
= (RTF_REJECT
| RTF_NONEXTHOP
),
319 .rt6i_protocol
= RTPROT_KERNEL
,
320 .rt6i_metric
= ~(u32
) 0,
321 .rt6i_ref
= ATOMIC_INIT(1),
324 static const struct rt6_info ip6_blk_hole_entry_template
= {
326 .__refcnt
= ATOMIC_INIT(1),
328 .obsolete
= DST_OBSOLETE_FORCE_CHK
,
330 .input
= dst_discard
,
331 .output
= dst_discard_out
,
333 .rt6i_flags
= (RTF_REJECT
| RTF_NONEXTHOP
),
334 .rt6i_protocol
= RTPROT_KERNEL
,
335 .rt6i_metric
= ~(u32
) 0,
336 .rt6i_ref
= ATOMIC_INIT(1),
341 static void rt6_info_init(struct rt6_info
*rt
)
343 struct dst_entry
*dst
= &rt
->dst
;
345 memset(dst
+ 1, 0, sizeof(*rt
) - sizeof(*dst
));
346 INIT_LIST_HEAD(&rt
->rt6i_siblings
);
347 INIT_LIST_HEAD(&rt
->rt6i_uncached
);
350 /* allocate dst with ip6_dst_ops */
351 static struct rt6_info
*__ip6_dst_alloc(struct net
*net
,
352 struct net_device
*dev
,
355 struct rt6_info
*rt
= dst_alloc(&net
->ipv6
.ip6_dst_ops
, dev
,
356 1, DST_OBSOLETE_FORCE_CHK
, flags
);
364 struct rt6_info
*ip6_dst_alloc(struct net
*net
,
365 struct net_device
*dev
,
368 struct rt6_info
*rt
= __ip6_dst_alloc(net
, dev
, flags
);
371 rt
->rt6i_pcpu
= alloc_percpu_gfp(struct rt6_info
*, GFP_ATOMIC
);
375 for_each_possible_cpu(cpu
) {
378 p
= per_cpu_ptr(rt
->rt6i_pcpu
, cpu
);
379 /* no one shares rt */
383 dst_release_immediate(&rt
->dst
);
390 EXPORT_SYMBOL(ip6_dst_alloc
);
392 static void ip6_dst_destroy(struct dst_entry
*dst
)
394 struct rt6_info
*rt
= (struct rt6_info
*)dst
;
395 struct dst_entry
*from
= dst
->from
;
396 struct inet6_dev
*idev
;
398 dst_destroy_metrics_generic(dst
);
399 free_percpu(rt
->rt6i_pcpu
);
400 rt6_uncached_list_del(rt
);
402 idev
= rt
->rt6i_idev
;
404 rt
->rt6i_idev
= NULL
;
412 static void ip6_dst_ifdown(struct dst_entry
*dst
, struct net_device
*dev
,
415 struct rt6_info
*rt
= (struct rt6_info
*)dst
;
416 struct inet6_dev
*idev
= rt
->rt6i_idev
;
417 struct net_device
*loopback_dev
=
418 dev_net(dev
)->loopback_dev
;
420 if (idev
&& idev
->dev
!= loopback_dev
) {
421 struct inet6_dev
*loopback_idev
= in6_dev_get(loopback_dev
);
423 rt
->rt6i_idev
= loopback_idev
;
429 static bool __rt6_check_expired(const struct rt6_info
*rt
)
431 if (rt
->rt6i_flags
& RTF_EXPIRES
)
432 return time_after(jiffies
, rt
->dst
.expires
);
437 static bool rt6_check_expired(const struct rt6_info
*rt
)
439 if (rt
->rt6i_flags
& RTF_EXPIRES
) {
440 if (time_after(jiffies
, rt
->dst
.expires
))
442 } else if (rt
->dst
.from
) {
443 return rt
->dst
.obsolete
!= DST_OBSOLETE_FORCE_CHK
||
444 rt6_check_expired((struct rt6_info
*)rt
->dst
.from
);
449 static struct rt6_info
*rt6_multipath_select(struct rt6_info
*match
,
450 struct flowi6
*fl6
, int oif
,
453 struct rt6_info
*sibling
, *next_sibling
;
456 /* We might have already computed the hash for ICMPv6 errors. In such
457 * case it will always be non-zero. Otherwise now is the time to do it.
460 fl6
->mp_hash
= rt6_multipath_hash(fl6
, NULL
);
462 route_choosen
= fl6
->mp_hash
% (match
->rt6i_nsiblings
+ 1);
463 /* Don't change the route, if route_choosen == 0
464 * (siblings does not include ourself)
467 list_for_each_entry_safe(sibling
, next_sibling
,
468 &match
->rt6i_siblings
, rt6i_siblings
) {
470 if (route_choosen
== 0) {
471 if (rt6_score_route(sibling
, oif
, strict
) < 0)
481 * Route lookup. Any table->tb6_lock is implied.
484 static inline struct rt6_info
*rt6_device_match(struct net
*net
,
486 const struct in6_addr
*saddr
,
490 struct rt6_info
*local
= NULL
;
491 struct rt6_info
*sprt
;
493 if (!oif
&& ipv6_addr_any(saddr
))
496 for (sprt
= rt
; sprt
; sprt
= sprt
->dst
.rt6_next
) {
497 struct net_device
*dev
= sprt
->dst
.dev
;
500 if (dev
->ifindex
== oif
)
502 if (dev
->flags
& IFF_LOOPBACK
) {
503 if (!sprt
->rt6i_idev
||
504 sprt
->rt6i_idev
->dev
->ifindex
!= oif
) {
505 if (flags
& RT6_LOOKUP_F_IFACE
)
508 local
->rt6i_idev
->dev
->ifindex
== oif
)
514 if (ipv6_chk_addr(net
, saddr
, dev
,
515 flags
& RT6_LOOKUP_F_IFACE
))
524 if (flags
& RT6_LOOKUP_F_IFACE
)
525 return net
->ipv6
.ip6_null_entry
;
531 #ifdef CONFIG_IPV6_ROUTER_PREF
532 struct __rt6_probe_work
{
533 struct work_struct work
;
534 struct in6_addr target
;
535 struct net_device
*dev
;
538 static void rt6_probe_deferred(struct work_struct
*w
)
540 struct in6_addr mcaddr
;
541 struct __rt6_probe_work
*work
=
542 container_of(w
, struct __rt6_probe_work
, work
);
544 addrconf_addr_solict_mult(&work
->target
, &mcaddr
);
545 ndisc_send_ns(work
->dev
, &work
->target
, &mcaddr
, NULL
, 0);
550 static void rt6_probe(struct rt6_info
*rt
)
552 struct __rt6_probe_work
*work
;
553 struct neighbour
*neigh
;
555 * Okay, this does not seem to be appropriate
556 * for now, however, we need to check if it
557 * is really so; aka Router Reachability Probing.
559 * Router Reachability Probe MUST be rate-limited
560 * to no more than one per minute.
562 if (!rt
|| !(rt
->rt6i_flags
& RTF_GATEWAY
))
565 neigh
= __ipv6_neigh_lookup_noref(rt
->dst
.dev
, &rt
->rt6i_gateway
);
567 if (neigh
->nud_state
& NUD_VALID
)
571 write_lock(&neigh
->lock
);
572 if (!(neigh
->nud_state
& NUD_VALID
) &&
575 rt
->rt6i_idev
->cnf
.rtr_probe_interval
)) {
576 work
= kmalloc(sizeof(*work
), GFP_ATOMIC
);
578 __neigh_set_probe_once(neigh
);
580 write_unlock(&neigh
->lock
);
582 work
= kmalloc(sizeof(*work
), GFP_ATOMIC
);
586 INIT_WORK(&work
->work
, rt6_probe_deferred
);
587 work
->target
= rt
->rt6i_gateway
;
588 dev_hold(rt
->dst
.dev
);
589 work
->dev
= rt
->dst
.dev
;
590 schedule_work(&work
->work
);
594 rcu_read_unlock_bh();
597 static inline void rt6_probe(struct rt6_info
*rt
)
603 * Default Router Selection (RFC 2461 6.3.6)
605 static inline int rt6_check_dev(struct rt6_info
*rt
, int oif
)
607 struct net_device
*dev
= rt
->dst
.dev
;
608 if (!oif
|| dev
->ifindex
== oif
)
610 if ((dev
->flags
& IFF_LOOPBACK
) &&
611 rt
->rt6i_idev
&& rt
->rt6i_idev
->dev
->ifindex
== oif
)
616 static inline enum rt6_nud_state
rt6_check_neigh(struct rt6_info
*rt
)
618 struct neighbour
*neigh
;
619 enum rt6_nud_state ret
= RT6_NUD_FAIL_HARD
;
621 if (rt
->rt6i_flags
& RTF_NONEXTHOP
||
622 !(rt
->rt6i_flags
& RTF_GATEWAY
))
623 return RT6_NUD_SUCCEED
;
626 neigh
= __ipv6_neigh_lookup_noref(rt
->dst
.dev
, &rt
->rt6i_gateway
);
628 read_lock(&neigh
->lock
);
629 if (neigh
->nud_state
& NUD_VALID
)
630 ret
= RT6_NUD_SUCCEED
;
631 #ifdef CONFIG_IPV6_ROUTER_PREF
632 else if (!(neigh
->nud_state
& NUD_FAILED
))
633 ret
= RT6_NUD_SUCCEED
;
635 ret
= RT6_NUD_FAIL_PROBE
;
637 read_unlock(&neigh
->lock
);
639 ret
= IS_ENABLED(CONFIG_IPV6_ROUTER_PREF
) ?
640 RT6_NUD_SUCCEED
: RT6_NUD_FAIL_DO_RR
;
642 rcu_read_unlock_bh();
647 static int rt6_score_route(struct rt6_info
*rt
, int oif
,
652 m
= rt6_check_dev(rt
, oif
);
653 if (!m
&& (strict
& RT6_LOOKUP_F_IFACE
))
654 return RT6_NUD_FAIL_HARD
;
655 #ifdef CONFIG_IPV6_ROUTER_PREF
656 m
|= IPV6_DECODE_PREF(IPV6_EXTRACT_PREF(rt
->rt6i_flags
)) << 2;
658 if (strict
& RT6_LOOKUP_F_REACHABLE
) {
659 int n
= rt6_check_neigh(rt
);
666 static struct rt6_info
*find_match(struct rt6_info
*rt
, int oif
, int strict
,
667 int *mpri
, struct rt6_info
*match
,
671 bool match_do_rr
= false;
672 struct inet6_dev
*idev
= rt
->rt6i_idev
;
673 struct net_device
*dev
= rt
->dst
.dev
;
675 if (dev
&& !netif_carrier_ok(dev
) &&
676 idev
->cnf
.ignore_routes_with_linkdown
&&
677 !(strict
& RT6_LOOKUP_F_IGNORE_LINKSTATE
))
680 if (rt6_check_expired(rt
))
683 m
= rt6_score_route(rt
, oif
, strict
);
684 if (m
== RT6_NUD_FAIL_DO_RR
) {
686 m
= 0; /* lowest valid score */
687 } else if (m
== RT6_NUD_FAIL_HARD
) {
691 if (strict
& RT6_LOOKUP_F_REACHABLE
)
694 /* note that m can be RT6_NUD_FAIL_PROBE at this point */
696 *do_rr
= match_do_rr
;
704 static struct rt6_info
*find_rr_leaf(struct fib6_node
*fn
,
705 struct rt6_info
*rr_head
,
706 u32 metric
, int oif
, int strict
,
709 struct rt6_info
*rt
, *match
, *cont
;
714 for (rt
= rr_head
; rt
; rt
= rt
->dst
.rt6_next
) {
715 if (rt
->rt6i_metric
!= metric
) {
720 match
= find_match(rt
, oif
, strict
, &mpri
, match
, do_rr
);
723 for (rt
= fn
->leaf
; rt
&& rt
!= rr_head
; rt
= rt
->dst
.rt6_next
) {
724 if (rt
->rt6i_metric
!= metric
) {
729 match
= find_match(rt
, oif
, strict
, &mpri
, match
, do_rr
);
735 for (rt
= cont
; rt
; rt
= rt
->dst
.rt6_next
)
736 match
= find_match(rt
, oif
, strict
, &mpri
, match
, do_rr
);
741 static struct rt6_info
*rt6_select(struct fib6_node
*fn
, int oif
, int strict
)
743 struct rt6_info
*match
, *rt0
;
749 fn
->rr_ptr
= rt0
= fn
->leaf
;
751 match
= find_rr_leaf(fn
, rt0
, rt0
->rt6i_metric
, oif
, strict
,
755 struct rt6_info
*next
= rt0
->dst
.rt6_next
;
757 /* no entries matched; do round-robin */
758 if (!next
|| next
->rt6i_metric
!= rt0
->rt6i_metric
)
765 net
= dev_net(rt0
->dst
.dev
);
766 return match
? match
: net
->ipv6
.ip6_null_entry
;
769 static bool rt6_is_gw_or_nonexthop(const struct rt6_info
*rt
)
771 return (rt
->rt6i_flags
& (RTF_NONEXTHOP
| RTF_GATEWAY
));
774 #ifdef CONFIG_IPV6_ROUTE_INFO
775 int rt6_route_rcv(struct net_device
*dev
, u8
*opt
, int len
,
776 const struct in6_addr
*gwaddr
)
778 struct net
*net
= dev_net(dev
);
779 struct route_info
*rinfo
= (struct route_info
*) opt
;
780 struct in6_addr prefix_buf
, *prefix
;
782 unsigned long lifetime
;
785 if (len
< sizeof(struct route_info
)) {
789 /* Sanity check for prefix_len and length */
790 if (rinfo
->length
> 3) {
792 } else if (rinfo
->prefix_len
> 128) {
794 } else if (rinfo
->prefix_len
> 64) {
795 if (rinfo
->length
< 2) {
798 } else if (rinfo
->prefix_len
> 0) {
799 if (rinfo
->length
< 1) {
804 pref
= rinfo
->route_pref
;
805 if (pref
== ICMPV6_ROUTER_PREF_INVALID
)
808 lifetime
= addrconf_timeout_fixup(ntohl(rinfo
->lifetime
), HZ
);
810 if (rinfo
->length
== 3)
811 prefix
= (struct in6_addr
*)rinfo
->prefix
;
813 /* this function is safe */
814 ipv6_addr_prefix(&prefix_buf
,
815 (struct in6_addr
*)rinfo
->prefix
,
817 prefix
= &prefix_buf
;
820 if (rinfo
->prefix_len
== 0)
821 rt
= rt6_get_dflt_router(gwaddr
, dev
);
823 rt
= rt6_get_route_info(net
, prefix
, rinfo
->prefix_len
,
826 if (rt
&& !lifetime
) {
832 rt
= rt6_add_route_info(net
, prefix
, rinfo
->prefix_len
, gwaddr
,
835 rt
->rt6i_flags
= RTF_ROUTEINFO
|
836 (rt
->rt6i_flags
& ~RTF_PREF_MASK
) | RTF_PREF(pref
);
839 if (!addrconf_finite_timeout(lifetime
))
840 rt6_clean_expires(rt
);
842 rt6_set_expires(rt
, jiffies
+ HZ
* lifetime
);
850 static struct fib6_node
* fib6_backtrack(struct fib6_node
*fn
,
851 struct in6_addr
*saddr
)
853 struct fib6_node
*pn
;
855 if (fn
->fn_flags
& RTN_TL_ROOT
)
858 if (FIB6_SUBTREE(pn
) && FIB6_SUBTREE(pn
) != fn
)
859 fn
= fib6_lookup(FIB6_SUBTREE(pn
), NULL
, saddr
);
862 if (fn
->fn_flags
& RTN_RTINFO
)
867 static struct rt6_info
*ip6_pol_route_lookup(struct net
*net
,
868 struct fib6_table
*table
,
869 struct flowi6
*fl6
, int flags
)
871 struct fib6_node
*fn
;
874 if (fl6
->flowi6_flags
& FLOWI_FLAG_SKIP_NH_OIF
)
875 flags
&= ~RT6_LOOKUP_F_IFACE
;
877 read_lock_bh(&table
->tb6_lock
);
878 fn
= fib6_lookup(&table
->tb6_root
, &fl6
->daddr
, &fl6
->saddr
);
881 rt
= rt6_device_match(net
, rt
, &fl6
->saddr
, fl6
->flowi6_oif
, flags
);
882 if (rt
->rt6i_nsiblings
&& fl6
->flowi6_oif
== 0)
883 rt
= rt6_multipath_select(rt
, fl6
, fl6
->flowi6_oif
, flags
);
884 if (rt
== net
->ipv6
.ip6_null_entry
) {
885 fn
= fib6_backtrack(fn
, &fl6
->saddr
);
889 dst_use(&rt
->dst
, jiffies
);
890 read_unlock_bh(&table
->tb6_lock
);
892 trace_fib6_table_lookup(net
, rt
, table
->tb6_id
, fl6
);
898 struct dst_entry
*ip6_route_lookup(struct net
*net
, struct flowi6
*fl6
,
901 return fib6_rule_lookup(net
, fl6
, flags
, ip6_pol_route_lookup
);
903 EXPORT_SYMBOL_GPL(ip6_route_lookup
);
905 struct rt6_info
*rt6_lookup(struct net
*net
, const struct in6_addr
*daddr
,
906 const struct in6_addr
*saddr
, int oif
, int strict
)
908 struct flowi6 fl6
= {
912 struct dst_entry
*dst
;
913 int flags
= strict
? RT6_LOOKUP_F_IFACE
: 0;
916 memcpy(&fl6
.saddr
, saddr
, sizeof(*saddr
));
917 flags
|= RT6_LOOKUP_F_HAS_SADDR
;
920 dst
= fib6_rule_lookup(net
, &fl6
, flags
, ip6_pol_route_lookup
);
922 return (struct rt6_info
*) dst
;
928 EXPORT_SYMBOL(rt6_lookup
);
930 /* ip6_ins_rt is called with FREE table->tb6_lock.
931 * It takes new route entry, the addition fails by any reason the
933 * Caller must hold dst before calling it.
936 static int __ip6_ins_rt(struct rt6_info
*rt
, struct nl_info
*info
,
937 struct mx6_config
*mxc
,
938 struct netlink_ext_ack
*extack
)
941 struct fib6_table
*table
;
943 table
= rt
->rt6i_table
;
944 write_lock_bh(&table
->tb6_lock
);
945 err
= fib6_add(&table
->tb6_root
, rt
, info
, mxc
, extack
);
946 write_unlock_bh(&table
->tb6_lock
);
951 int ip6_ins_rt(struct rt6_info
*rt
)
953 struct nl_info info
= { .nl_net
= dev_net(rt
->dst
.dev
), };
954 struct mx6_config mxc
= { .mx
= NULL
, };
956 /* Hold dst to account for the reference from the fib6 tree */
958 return __ip6_ins_rt(rt
, &info
, &mxc
, NULL
);
961 /* called with rcu_lock held */
962 static struct net_device
*ip6_rt_get_dev_rcu(struct rt6_info
*rt
)
964 struct net_device
*dev
= rt
->dst
.dev
;
966 if (rt
->rt6i_flags
& (RTF_LOCAL
| RTF_ANYCAST
)) {
967 /* for copies of local routes, dst->dev needs to be the
968 * device if it is a master device, the master device if
969 * device is enslaved, and the loopback as the default
971 if (netif_is_l3_slave(dev
) &&
972 !rt6_need_strict(&rt
->rt6i_dst
.addr
))
973 dev
= l3mdev_master_dev_rcu(dev
);
974 else if (!netif_is_l3_master(dev
))
975 dev
= dev_net(dev
)->loopback_dev
;
976 /* last case is netif_is_l3_master(dev) is true in which
977 * case we want dev returned to be dev
984 static struct rt6_info
*ip6_rt_cache_alloc(struct rt6_info
*ort
,
985 const struct in6_addr
*daddr
,
986 const struct in6_addr
*saddr
)
988 struct net_device
*dev
;
995 if (ort
->rt6i_flags
& (RTF_CACHE
| RTF_PCPU
))
996 ort
= (struct rt6_info
*)ort
->dst
.from
;
999 dev
= ip6_rt_get_dev_rcu(ort
);
1000 rt
= __ip6_dst_alloc(dev_net(dev
), dev
, 0);
1005 ip6_rt_copy_init(rt
, ort
);
1006 rt
->rt6i_flags
|= RTF_CACHE
;
1007 rt
->rt6i_metric
= 0;
1008 rt
->dst
.flags
|= DST_HOST
;
1009 rt
->rt6i_dst
.addr
= *daddr
;
1010 rt
->rt6i_dst
.plen
= 128;
1012 if (!rt6_is_gw_or_nonexthop(ort
)) {
1013 if (ort
->rt6i_dst
.plen
!= 128 &&
1014 ipv6_addr_equal(&ort
->rt6i_dst
.addr
, daddr
))
1015 rt
->rt6i_flags
|= RTF_ANYCAST
;
1016 #ifdef CONFIG_IPV6_SUBTREES
1017 if (rt
->rt6i_src
.plen
&& saddr
) {
1018 rt
->rt6i_src
.addr
= *saddr
;
1019 rt
->rt6i_src
.plen
= 128;
1027 static struct rt6_info
*ip6_rt_pcpu_alloc(struct rt6_info
*rt
)
1029 struct net_device
*dev
;
1030 struct rt6_info
*pcpu_rt
;
1033 dev
= ip6_rt_get_dev_rcu(rt
);
1034 pcpu_rt
= __ip6_dst_alloc(dev_net(dev
), dev
, rt
->dst
.flags
);
1038 ip6_rt_copy_init(pcpu_rt
, rt
);
1039 pcpu_rt
->rt6i_protocol
= rt
->rt6i_protocol
;
1040 pcpu_rt
->rt6i_flags
|= RTF_PCPU
;
1044 /* It should be called with read_lock_bh(&tb6_lock) acquired */
1045 static struct rt6_info
*rt6_get_pcpu_route(struct rt6_info
*rt
)
1047 struct rt6_info
*pcpu_rt
, **p
;
1049 p
= this_cpu_ptr(rt
->rt6i_pcpu
);
1053 dst_hold(&pcpu_rt
->dst
);
1054 rt6_dst_from_metrics_check(pcpu_rt
);
1059 static struct rt6_info
*rt6_make_pcpu_route(struct rt6_info
*rt
)
1061 struct fib6_table
*table
= rt
->rt6i_table
;
1062 struct rt6_info
*pcpu_rt
, *prev
, **p
;
1064 pcpu_rt
= ip6_rt_pcpu_alloc(rt
);
1066 struct net
*net
= dev_net(rt
->dst
.dev
);
1068 dst_hold(&net
->ipv6
.ip6_null_entry
->dst
);
1069 return net
->ipv6
.ip6_null_entry
;
1072 read_lock_bh(&table
->tb6_lock
);
1073 if (rt
->rt6i_pcpu
) {
1074 p
= this_cpu_ptr(rt
->rt6i_pcpu
);
1075 prev
= cmpxchg(p
, NULL
, pcpu_rt
);
1077 /* If someone did it before us, return prev instead */
1078 dst_release_immediate(&pcpu_rt
->dst
);
1082 /* rt has been removed from the fib6 tree
1083 * before we have a chance to acquire the read_lock.
1084 * In this case, don't brother to create a pcpu rt
1085 * since rt is going away anyway. The next
1086 * dst_check() will trigger a re-lookup.
1088 dst_release_immediate(&pcpu_rt
->dst
);
1091 dst_hold(&pcpu_rt
->dst
);
1092 rt6_dst_from_metrics_check(pcpu_rt
);
1093 read_unlock_bh(&table
->tb6_lock
);
1097 struct rt6_info
*ip6_pol_route(struct net
*net
, struct fib6_table
*table
,
1098 int oif
, struct flowi6
*fl6
, int flags
)
1100 struct fib6_node
*fn
, *saved_fn
;
1101 struct rt6_info
*rt
;
1104 strict
|= flags
& RT6_LOOKUP_F_IFACE
;
1105 strict
|= flags
& RT6_LOOKUP_F_IGNORE_LINKSTATE
;
1106 if (net
->ipv6
.devconf_all
->forwarding
== 0)
1107 strict
|= RT6_LOOKUP_F_REACHABLE
;
1109 read_lock_bh(&table
->tb6_lock
);
1111 fn
= fib6_lookup(&table
->tb6_root
, &fl6
->daddr
, &fl6
->saddr
);
1114 if (fl6
->flowi6_flags
& FLOWI_FLAG_SKIP_NH_OIF
)
1118 rt
= rt6_select(fn
, oif
, strict
);
1119 if (rt
->rt6i_nsiblings
)
1120 rt
= rt6_multipath_select(rt
, fl6
, oif
, strict
);
1121 if (rt
== net
->ipv6
.ip6_null_entry
) {
1122 fn
= fib6_backtrack(fn
, &fl6
->saddr
);
1124 goto redo_rt6_select
;
1125 else if (strict
& RT6_LOOKUP_F_REACHABLE
) {
1126 /* also consider unreachable route */
1127 strict
&= ~RT6_LOOKUP_F_REACHABLE
;
1129 goto redo_rt6_select
;
1134 if (rt
== net
->ipv6
.ip6_null_entry
|| (rt
->rt6i_flags
& RTF_CACHE
)) {
1135 dst_use(&rt
->dst
, jiffies
);
1136 read_unlock_bh(&table
->tb6_lock
);
1138 rt6_dst_from_metrics_check(rt
);
1140 trace_fib6_table_lookup(net
, rt
, table
->tb6_id
, fl6
);
1142 } else if (unlikely((fl6
->flowi6_flags
& FLOWI_FLAG_KNOWN_NH
) &&
1143 !(rt
->rt6i_flags
& RTF_GATEWAY
))) {
1144 /* Create a RTF_CACHE clone which will not be
1145 * owned by the fib6 tree. It is for the special case where
1146 * the daddr in the skb during the neighbor look-up is different
1147 * from the fl6->daddr used to look-up route here.
1150 struct rt6_info
*uncached_rt
;
1152 dst_use(&rt
->dst
, jiffies
);
1153 read_unlock_bh(&table
->tb6_lock
);
1155 uncached_rt
= ip6_rt_cache_alloc(rt
, &fl6
->daddr
, NULL
);
1156 dst_release(&rt
->dst
);
1159 /* Uncached_rt's refcnt is taken during ip6_rt_cache_alloc()
1160 * No need for another dst_hold()
1162 rt6_uncached_list_add(uncached_rt
);
1164 uncached_rt
= net
->ipv6
.ip6_null_entry
;
1165 dst_hold(&uncached_rt
->dst
);
1168 trace_fib6_table_lookup(net
, uncached_rt
, table
->tb6_id
, fl6
);
1172 /* Get a percpu copy */
1174 struct rt6_info
*pcpu_rt
;
1176 rt
->dst
.lastuse
= jiffies
;
1178 pcpu_rt
= rt6_get_pcpu_route(rt
);
1181 read_unlock_bh(&table
->tb6_lock
);
1183 /* We have to do the read_unlock first
1184 * because rt6_make_pcpu_route() may trigger
1185 * ip6_dst_gc() which will take the write_lock.
1188 read_unlock_bh(&table
->tb6_lock
);
1189 pcpu_rt
= rt6_make_pcpu_route(rt
);
1190 dst_release(&rt
->dst
);
1193 trace_fib6_table_lookup(net
, pcpu_rt
, table
->tb6_id
, fl6
);
1198 EXPORT_SYMBOL_GPL(ip6_pol_route
);
1200 static struct rt6_info
*ip6_pol_route_input(struct net
*net
, struct fib6_table
*table
,
1201 struct flowi6
*fl6
, int flags
)
1203 return ip6_pol_route(net
, table
, fl6
->flowi6_iif
, fl6
, flags
);
1206 struct dst_entry
*ip6_route_input_lookup(struct net
*net
,
1207 struct net_device
*dev
,
1208 struct flowi6
*fl6
, int flags
)
1210 if (rt6_need_strict(&fl6
->daddr
) && dev
->type
!= ARPHRD_PIMREG
)
1211 flags
|= RT6_LOOKUP_F_IFACE
;
1213 return fib6_rule_lookup(net
, fl6
, flags
, ip6_pol_route_input
);
1215 EXPORT_SYMBOL_GPL(ip6_route_input_lookup
);
1217 static void ip6_multipath_l3_keys(const struct sk_buff
*skb
,
1218 struct flow_keys
*keys
)
1220 const struct ipv6hdr
*outer_iph
= ipv6_hdr(skb
);
1221 const struct ipv6hdr
*key_iph
= outer_iph
;
1222 const struct ipv6hdr
*inner_iph
;
1223 const struct icmp6hdr
*icmph
;
1224 struct ipv6hdr _inner_iph
;
1226 if (likely(outer_iph
->nexthdr
!= IPPROTO_ICMPV6
))
1229 icmph
= icmp6_hdr(skb
);
1230 if (icmph
->icmp6_type
!= ICMPV6_DEST_UNREACH
&&
1231 icmph
->icmp6_type
!= ICMPV6_PKT_TOOBIG
&&
1232 icmph
->icmp6_type
!= ICMPV6_TIME_EXCEED
&&
1233 icmph
->icmp6_type
!= ICMPV6_PARAMPROB
)
1236 inner_iph
= skb_header_pointer(skb
,
1237 skb_transport_offset(skb
) + sizeof(*icmph
),
1238 sizeof(_inner_iph
), &_inner_iph
);
1242 key_iph
= inner_iph
;
1244 memset(keys
, 0, sizeof(*keys
));
1245 keys
->control
.addr_type
= FLOW_DISSECTOR_KEY_IPV6_ADDRS
;
1246 keys
->addrs
.v6addrs
.src
= key_iph
->saddr
;
1247 keys
->addrs
.v6addrs
.dst
= key_iph
->daddr
;
1248 keys
->tags
.flow_label
= ip6_flowinfo(key_iph
);
1249 keys
->basic
.ip_proto
= key_iph
->nexthdr
;
1252 /* if skb is set it will be used and fl6 can be NULL */
1253 u32
rt6_multipath_hash(const struct flowi6
*fl6
, const struct sk_buff
*skb
)
1255 struct flow_keys hash_keys
;
1258 ip6_multipath_l3_keys(skb
, &hash_keys
);
1259 return flow_hash_from_keys(&hash_keys
);
1262 return get_hash_from_flowi6(fl6
);
1265 void ip6_route_input(struct sk_buff
*skb
)
1267 const struct ipv6hdr
*iph
= ipv6_hdr(skb
);
1268 struct net
*net
= dev_net(skb
->dev
);
1269 int flags
= RT6_LOOKUP_F_HAS_SADDR
;
1270 struct ip_tunnel_info
*tun_info
;
1271 struct flowi6 fl6
= {
1272 .flowi6_iif
= skb
->dev
->ifindex
,
1273 .daddr
= iph
->daddr
,
1274 .saddr
= iph
->saddr
,
1275 .flowlabel
= ip6_flowinfo(iph
),
1276 .flowi6_mark
= skb
->mark
,
1277 .flowi6_proto
= iph
->nexthdr
,
1280 tun_info
= skb_tunnel_info(skb
);
1281 if (tun_info
&& !(tun_info
->mode
& IP_TUNNEL_INFO_TX
))
1282 fl6
.flowi6_tun_key
.tun_id
= tun_info
->key
.tun_id
;
1283 if (unlikely(fl6
.flowi6_proto
== IPPROTO_ICMPV6
))
1284 fl6
.mp_hash
= rt6_multipath_hash(&fl6
, skb
);
1286 skb_dst_set(skb
, ip6_route_input_lookup(net
, skb
->dev
, &fl6
, flags
));
1289 static struct rt6_info
*ip6_pol_route_output(struct net
*net
, struct fib6_table
*table
,
1290 struct flowi6
*fl6
, int flags
)
1292 return ip6_pol_route(net
, table
, fl6
->flowi6_oif
, fl6
, flags
);
1295 struct dst_entry
*ip6_route_output_flags(struct net
*net
, const struct sock
*sk
,
1296 struct flowi6
*fl6
, int flags
)
1300 if (rt6_need_strict(&fl6
->daddr
)) {
1301 struct dst_entry
*dst
;
1303 dst
= l3mdev_link_scope_lookup(net
, fl6
);
1308 fl6
->flowi6_iif
= LOOPBACK_IFINDEX
;
1310 any_src
= ipv6_addr_any(&fl6
->saddr
);
1311 if ((sk
&& sk
->sk_bound_dev_if
) || rt6_need_strict(&fl6
->daddr
) ||
1312 (fl6
->flowi6_oif
&& any_src
))
1313 flags
|= RT6_LOOKUP_F_IFACE
;
1316 flags
|= RT6_LOOKUP_F_HAS_SADDR
;
1318 flags
|= rt6_srcprefs2flags(inet6_sk(sk
)->srcprefs
);
1320 return fib6_rule_lookup(net
, fl6
, flags
, ip6_pol_route_output
);
1322 EXPORT_SYMBOL_GPL(ip6_route_output_flags
);
1324 struct dst_entry
*ip6_blackhole_route(struct net
*net
, struct dst_entry
*dst_orig
)
1326 struct rt6_info
*rt
, *ort
= (struct rt6_info
*) dst_orig
;
1327 struct net_device
*loopback_dev
= net
->loopback_dev
;
1328 struct dst_entry
*new = NULL
;
1330 rt
= dst_alloc(&ip6_dst_blackhole_ops
, loopback_dev
, 1,
1331 DST_OBSOLETE_DEAD
, 0);
1337 new->input
= dst_discard
;
1338 new->output
= dst_discard_out
;
1340 dst_copy_metrics(new, &ort
->dst
);
1342 rt
->rt6i_idev
= in6_dev_get(loopback_dev
);
1343 rt
->rt6i_gateway
= ort
->rt6i_gateway
;
1344 rt
->rt6i_flags
= ort
->rt6i_flags
& ~RTF_PCPU
;
1345 rt
->rt6i_metric
= 0;
1347 memcpy(&rt
->rt6i_dst
, &ort
->rt6i_dst
, sizeof(struct rt6key
));
1348 #ifdef CONFIG_IPV6_SUBTREES
1349 memcpy(&rt
->rt6i_src
, &ort
->rt6i_src
, sizeof(struct rt6key
));
1353 dst_release(dst_orig
);
1354 return new ? new : ERR_PTR(-ENOMEM
);
1358 * Destination cache support functions
1361 static void rt6_dst_from_metrics_check(struct rt6_info
*rt
)
1364 dst_metrics_ptr(&rt
->dst
) != dst_metrics_ptr(rt
->dst
.from
))
1365 dst_init_metrics(&rt
->dst
, dst_metrics_ptr(rt
->dst
.from
), true);
1368 static struct dst_entry
*rt6_check(struct rt6_info
*rt
, u32 cookie
)
1372 if (!rt6_get_cookie_safe(rt
, &rt_cookie
) || rt_cookie
!= cookie
)
1375 if (rt6_check_expired(rt
))
1381 static struct dst_entry
*rt6_dst_from_check(struct rt6_info
*rt
, u32 cookie
)
1383 if (!__rt6_check_expired(rt
) &&
1384 rt
->dst
.obsolete
== DST_OBSOLETE_FORCE_CHK
&&
1385 rt6_check((struct rt6_info
*)(rt
->dst
.from
), cookie
))
1391 static struct dst_entry
*ip6_dst_check(struct dst_entry
*dst
, u32 cookie
)
1393 struct rt6_info
*rt
;
1395 rt
= (struct rt6_info
*) dst
;
1397 /* All IPV6 dsts are created with ->obsolete set to the value
1398 * DST_OBSOLETE_FORCE_CHK which forces validation calls down
1399 * into this function always.
1402 rt6_dst_from_metrics_check(rt
);
1404 if (rt
->rt6i_flags
& RTF_PCPU
||
1405 (unlikely(!list_empty(&rt
->rt6i_uncached
)) && rt
->dst
.from
))
1406 return rt6_dst_from_check(rt
, cookie
);
1408 return rt6_check(rt
, cookie
);
1411 static struct dst_entry
*ip6_negative_advice(struct dst_entry
*dst
)
1413 struct rt6_info
*rt
= (struct rt6_info
*) dst
;
1416 if (rt
->rt6i_flags
& RTF_CACHE
) {
1417 if (rt6_check_expired(rt
)) {
1429 static void ip6_link_failure(struct sk_buff
*skb
)
1431 struct rt6_info
*rt
;
1433 icmpv6_send(skb
, ICMPV6_DEST_UNREACH
, ICMPV6_ADDR_UNREACH
, 0);
1435 rt
= (struct rt6_info
*) skb_dst(skb
);
1437 if (rt
->rt6i_flags
& RTF_CACHE
) {
1438 if (dst_hold_safe(&rt
->dst
))
1441 struct fib6_node
*fn
;
1444 fn
= rcu_dereference(rt
->rt6i_node
);
1445 if (fn
&& (rt
->rt6i_flags
& RTF_DEFAULT
))
1452 static void rt6_do_update_pmtu(struct rt6_info
*rt
, u32 mtu
)
1454 struct net
*net
= dev_net(rt
->dst
.dev
);
1456 rt
->rt6i_flags
|= RTF_MODIFIED
;
1457 rt
->rt6i_pmtu
= mtu
;
1458 rt6_update_expires(rt
, net
->ipv6
.sysctl
.ip6_rt_mtu_expires
);
1461 static bool rt6_cache_allowed_for_pmtu(const struct rt6_info
*rt
)
1463 return !(rt
->rt6i_flags
& RTF_CACHE
) &&
1464 (rt
->rt6i_flags
& RTF_PCPU
||
1465 rcu_access_pointer(rt
->rt6i_node
));
1468 static void __ip6_rt_update_pmtu(struct dst_entry
*dst
, const struct sock
*sk
,
1469 const struct ipv6hdr
*iph
, u32 mtu
)
1471 const struct in6_addr
*daddr
, *saddr
;
1472 struct rt6_info
*rt6
= (struct rt6_info
*)dst
;
1474 if (rt6
->rt6i_flags
& RTF_LOCAL
)
1477 if (dst_metric_locked(dst
, RTAX_MTU
))
1481 daddr
= &iph
->daddr
;
1482 saddr
= &iph
->saddr
;
1484 daddr
= &sk
->sk_v6_daddr
;
1485 saddr
= &inet6_sk(sk
)->saddr
;
1490 dst_confirm_neigh(dst
, daddr
);
1491 mtu
= max_t(u32
, mtu
, IPV6_MIN_MTU
);
1492 if (mtu
>= dst_mtu(dst
))
1495 if (!rt6_cache_allowed_for_pmtu(rt6
)) {
1496 rt6_do_update_pmtu(rt6
, mtu
);
1498 struct rt6_info
*nrt6
;
1500 nrt6
= ip6_rt_cache_alloc(rt6
, daddr
, saddr
);
1502 rt6_do_update_pmtu(nrt6
, mtu
);
1504 /* ip6_ins_rt(nrt6) will bump the
1505 * rt6->rt6i_node->fn_sernum
1506 * which will fail the next rt6_check() and
1507 * invalidate the sk->sk_dst_cache.
1510 /* Release the reference taken in
1511 * ip6_rt_cache_alloc()
1513 dst_release(&nrt6
->dst
);
1518 static void ip6_rt_update_pmtu(struct dst_entry
*dst
, struct sock
*sk
,
1519 struct sk_buff
*skb
, u32 mtu
)
1521 __ip6_rt_update_pmtu(dst
, sk
, skb
? ipv6_hdr(skb
) : NULL
, mtu
);
1524 void ip6_update_pmtu(struct sk_buff
*skb
, struct net
*net
, __be32 mtu
,
1525 int oif
, u32 mark
, kuid_t uid
)
1527 const struct ipv6hdr
*iph
= (struct ipv6hdr
*) skb
->data
;
1528 struct dst_entry
*dst
;
1531 memset(&fl6
, 0, sizeof(fl6
));
1532 fl6
.flowi6_oif
= oif
;
1533 fl6
.flowi6_mark
= mark
? mark
: IP6_REPLY_MARK(net
, skb
->mark
);
1534 fl6
.daddr
= iph
->daddr
;
1535 fl6
.saddr
= iph
->saddr
;
1536 fl6
.flowlabel
= ip6_flowinfo(iph
);
1537 fl6
.flowi6_uid
= uid
;
1539 dst
= ip6_route_output(net
, NULL
, &fl6
);
1541 __ip6_rt_update_pmtu(dst
, NULL
, iph
, ntohl(mtu
));
1544 EXPORT_SYMBOL_GPL(ip6_update_pmtu
);
1546 void ip6_sk_update_pmtu(struct sk_buff
*skb
, struct sock
*sk
, __be32 mtu
)
1548 struct dst_entry
*dst
;
1550 ip6_update_pmtu(skb
, sock_net(sk
), mtu
,
1551 sk
->sk_bound_dev_if
, sk
->sk_mark
, sk
->sk_uid
);
1553 dst
= __sk_dst_get(sk
);
1554 if (!dst
|| !dst
->obsolete
||
1555 dst
->ops
->check(dst
, inet6_sk(sk
)->dst_cookie
))
1559 if (!sock_owned_by_user(sk
) && !ipv6_addr_v4mapped(&sk
->sk_v6_daddr
))
1560 ip6_datagram_dst_update(sk
, false);
1563 EXPORT_SYMBOL_GPL(ip6_sk_update_pmtu
);
1565 /* Handle redirects */
1566 struct ip6rd_flowi
{
1568 struct in6_addr gateway
;
1571 static struct rt6_info
*__ip6_route_redirect(struct net
*net
,
1572 struct fib6_table
*table
,
1576 struct ip6rd_flowi
*rdfl
= (struct ip6rd_flowi
*)fl6
;
1577 struct rt6_info
*rt
;
1578 struct fib6_node
*fn
;
1580 /* Get the "current" route for this destination and
1581 * check if the redirect has come from appropriate router.
1583 * RFC 4861 specifies that redirects should only be
1584 * accepted if they come from the nexthop to the target.
1585 * Due to the way the routes are chosen, this notion
1586 * is a bit fuzzy and one might need to check all possible
1590 read_lock_bh(&table
->tb6_lock
);
1591 fn
= fib6_lookup(&table
->tb6_root
, &fl6
->daddr
, &fl6
->saddr
);
1593 for (rt
= fn
->leaf
; rt
; rt
= rt
->dst
.rt6_next
) {
1594 if (rt6_check_expired(rt
))
1598 if (!(rt
->rt6i_flags
& RTF_GATEWAY
))
1600 if (fl6
->flowi6_oif
!= rt
->dst
.dev
->ifindex
)
1602 if (!ipv6_addr_equal(&rdfl
->gateway
, &rt
->rt6i_gateway
))
1608 rt
= net
->ipv6
.ip6_null_entry
;
1609 else if (rt
->dst
.error
) {
1610 rt
= net
->ipv6
.ip6_null_entry
;
1614 if (rt
== net
->ipv6
.ip6_null_entry
) {
1615 fn
= fib6_backtrack(fn
, &fl6
->saddr
);
1623 read_unlock_bh(&table
->tb6_lock
);
1625 trace_fib6_table_lookup(net
, rt
, table
->tb6_id
, fl6
);
1629 static struct dst_entry
*ip6_route_redirect(struct net
*net
,
1630 const struct flowi6
*fl6
,
1631 const struct in6_addr
*gateway
)
1633 int flags
= RT6_LOOKUP_F_HAS_SADDR
;
1634 struct ip6rd_flowi rdfl
;
1637 rdfl
.gateway
= *gateway
;
1639 return fib6_rule_lookup(net
, &rdfl
.fl6
,
1640 flags
, __ip6_route_redirect
);
1643 void ip6_redirect(struct sk_buff
*skb
, struct net
*net
, int oif
, u32 mark
,
1646 const struct ipv6hdr
*iph
= (struct ipv6hdr
*) skb
->data
;
1647 struct dst_entry
*dst
;
1650 memset(&fl6
, 0, sizeof(fl6
));
1651 fl6
.flowi6_iif
= LOOPBACK_IFINDEX
;
1652 fl6
.flowi6_oif
= oif
;
1653 fl6
.flowi6_mark
= mark
;
1654 fl6
.daddr
= iph
->daddr
;
1655 fl6
.saddr
= iph
->saddr
;
1656 fl6
.flowlabel
= ip6_flowinfo(iph
);
1657 fl6
.flowi6_uid
= uid
;
1659 dst
= ip6_route_redirect(net
, &fl6
, &ipv6_hdr(skb
)->saddr
);
1660 rt6_do_redirect(dst
, NULL
, skb
);
1663 EXPORT_SYMBOL_GPL(ip6_redirect
);
1665 void ip6_redirect_no_header(struct sk_buff
*skb
, struct net
*net
, int oif
,
1668 const struct ipv6hdr
*iph
= ipv6_hdr(skb
);
1669 const struct rd_msg
*msg
= (struct rd_msg
*)icmp6_hdr(skb
);
1670 struct dst_entry
*dst
;
1673 memset(&fl6
, 0, sizeof(fl6
));
1674 fl6
.flowi6_iif
= LOOPBACK_IFINDEX
;
1675 fl6
.flowi6_oif
= oif
;
1676 fl6
.flowi6_mark
= mark
;
1677 fl6
.daddr
= msg
->dest
;
1678 fl6
.saddr
= iph
->daddr
;
1679 fl6
.flowi6_uid
= sock_net_uid(net
, NULL
);
1681 dst
= ip6_route_redirect(net
, &fl6
, &iph
->saddr
);
1682 rt6_do_redirect(dst
, NULL
, skb
);
1686 void ip6_sk_redirect(struct sk_buff
*skb
, struct sock
*sk
)
1688 ip6_redirect(skb
, sock_net(sk
), sk
->sk_bound_dev_if
, sk
->sk_mark
,
1691 EXPORT_SYMBOL_GPL(ip6_sk_redirect
);
1693 static unsigned int ip6_default_advmss(const struct dst_entry
*dst
)
1695 struct net_device
*dev
= dst
->dev
;
1696 unsigned int mtu
= dst_mtu(dst
);
1697 struct net
*net
= dev_net(dev
);
1699 mtu
-= sizeof(struct ipv6hdr
) + sizeof(struct tcphdr
);
1701 if (mtu
< net
->ipv6
.sysctl
.ip6_rt_min_advmss
)
1702 mtu
= net
->ipv6
.sysctl
.ip6_rt_min_advmss
;
1705 * Maximal non-jumbo IPv6 payload is IPV6_MAXPLEN and
1706 * corresponding MSS is IPV6_MAXPLEN - tcp_header_size.
1707 * IPV6_MAXPLEN is also valid and means: "any MSS,
1708 * rely only on pmtu discovery"
1710 if (mtu
> IPV6_MAXPLEN
- sizeof(struct tcphdr
))
1715 static unsigned int ip6_mtu(const struct dst_entry
*dst
)
1717 const struct rt6_info
*rt
= (const struct rt6_info
*)dst
;
1718 unsigned int mtu
= rt
->rt6i_pmtu
;
1719 struct inet6_dev
*idev
;
1724 mtu
= dst_metric_raw(dst
, RTAX_MTU
);
1731 idev
= __in6_dev_get(dst
->dev
);
1733 mtu
= idev
->cnf
.mtu6
;
1737 mtu
= min_t(unsigned int, mtu
, IP6_MAX_MTU
);
1739 return mtu
- lwtunnel_headroom(dst
->lwtstate
, mtu
);
1742 struct dst_entry
*icmp6_dst_alloc(struct net_device
*dev
,
1745 struct dst_entry
*dst
;
1746 struct rt6_info
*rt
;
1747 struct inet6_dev
*idev
= in6_dev_get(dev
);
1748 struct net
*net
= dev_net(dev
);
1750 if (unlikely(!idev
))
1751 return ERR_PTR(-ENODEV
);
1753 rt
= ip6_dst_alloc(net
, dev
, 0);
1754 if (unlikely(!rt
)) {
1756 dst
= ERR_PTR(-ENOMEM
);
1760 rt
->dst
.flags
|= DST_HOST
;
1761 rt
->dst
.input
= ip6_input
;
1762 rt
->dst
.output
= ip6_output
;
1763 rt
->rt6i_gateway
= fl6
->daddr
;
1764 rt
->rt6i_dst
.addr
= fl6
->daddr
;
1765 rt
->rt6i_dst
.plen
= 128;
1766 rt
->rt6i_idev
= idev
;
1767 dst_metric_set(&rt
->dst
, RTAX_HOPLIMIT
, 0);
1769 /* Add this dst into uncached_list so that rt6_ifdown() can
1770 * do proper release of the net_device
1772 rt6_uncached_list_add(rt
);
1774 dst
= xfrm_lookup(net
, &rt
->dst
, flowi6_to_flowi(fl6
), NULL
, 0);
1780 static int ip6_dst_gc(struct dst_ops
*ops
)
1782 struct net
*net
= container_of(ops
, struct net
, ipv6
.ip6_dst_ops
);
1783 int rt_min_interval
= net
->ipv6
.sysctl
.ip6_rt_gc_min_interval
;
1784 int rt_max_size
= net
->ipv6
.sysctl
.ip6_rt_max_size
;
1785 int rt_elasticity
= net
->ipv6
.sysctl
.ip6_rt_gc_elasticity
;
1786 int rt_gc_timeout
= net
->ipv6
.sysctl
.ip6_rt_gc_timeout
;
1787 unsigned long rt_last_gc
= net
->ipv6
.ip6_rt_last_gc
;
1790 entries
= dst_entries_get_fast(ops
);
1791 if (time_after(rt_last_gc
+ rt_min_interval
, jiffies
) &&
1792 entries
<= rt_max_size
)
1795 net
->ipv6
.ip6_rt_gc_expire
++;
1796 fib6_run_gc(net
->ipv6
.ip6_rt_gc_expire
, net
, true);
1797 entries
= dst_entries_get_slow(ops
);
1798 if (entries
< ops
->gc_thresh
)
1799 net
->ipv6
.ip6_rt_gc_expire
= rt_gc_timeout
>>1;
1801 net
->ipv6
.ip6_rt_gc_expire
-= net
->ipv6
.ip6_rt_gc_expire
>>rt_elasticity
;
1802 return entries
> rt_max_size
;
1805 static int ip6_convert_metrics(struct mx6_config
*mxc
,
1806 const struct fib6_config
*cfg
)
1808 bool ecn_ca
= false;
1816 mp
= kzalloc(sizeof(u32
) * RTAX_MAX
, GFP_KERNEL
);
1820 nla_for_each_attr(nla
, cfg
->fc_mx
, cfg
->fc_mx_len
, remaining
) {
1821 int type
= nla_type(nla
);
1826 if (unlikely(type
> RTAX_MAX
))
1829 if (type
== RTAX_CC_ALGO
) {
1830 char tmp
[TCP_CA_NAME_MAX
];
1832 nla_strlcpy(tmp
, nla
, sizeof(tmp
));
1833 val
= tcp_ca_get_key_by_name(tmp
, &ecn_ca
);
1834 if (val
== TCP_CA_UNSPEC
)
1837 val
= nla_get_u32(nla
);
1839 if (type
== RTAX_HOPLIMIT
&& val
> 255)
1841 if (type
== RTAX_FEATURES
&& (val
& ~RTAX_FEATURE_MASK
))
1845 __set_bit(type
- 1, mxc
->mx_valid
);
1849 __set_bit(RTAX_FEATURES
- 1, mxc
->mx_valid
);
1850 mp
[RTAX_FEATURES
- 1] |= DST_FEATURE_ECN_CA
;
1860 static struct rt6_info
*ip6_nh_lookup_table(struct net
*net
,
1861 struct fib6_config
*cfg
,
1862 const struct in6_addr
*gw_addr
)
1864 struct flowi6 fl6
= {
1865 .flowi6_oif
= cfg
->fc_ifindex
,
1867 .saddr
= cfg
->fc_prefsrc
,
1869 struct fib6_table
*table
;
1870 struct rt6_info
*rt
;
1871 int flags
= RT6_LOOKUP_F_IFACE
| RT6_LOOKUP_F_IGNORE_LINKSTATE
;
1873 table
= fib6_get_table(net
, cfg
->fc_table
);
1877 if (!ipv6_addr_any(&cfg
->fc_prefsrc
))
1878 flags
|= RT6_LOOKUP_F_HAS_SADDR
;
1880 rt
= ip6_pol_route(net
, table
, cfg
->fc_ifindex
, &fl6
, flags
);
1882 /* if table lookup failed, fall back to full lookup */
1883 if (rt
== net
->ipv6
.ip6_null_entry
) {
1891 static struct rt6_info
*ip6_route_info_create(struct fib6_config
*cfg
,
1892 struct netlink_ext_ack
*extack
)
1894 struct net
*net
= cfg
->fc_nlinfo
.nl_net
;
1895 struct rt6_info
*rt
= NULL
;
1896 struct net_device
*dev
= NULL
;
1897 struct inet6_dev
*idev
= NULL
;
1898 struct fib6_table
*table
;
1902 /* RTF_PCPU is an internal flag; can not be set by userspace */
1903 if (cfg
->fc_flags
& RTF_PCPU
) {
1904 NL_SET_ERR_MSG(extack
, "Userspace can not set RTF_PCPU");
1908 if (cfg
->fc_dst_len
> 128) {
1909 NL_SET_ERR_MSG(extack
, "Invalid prefix length");
1912 if (cfg
->fc_src_len
> 128) {
1913 NL_SET_ERR_MSG(extack
, "Invalid source address length");
1916 #ifndef CONFIG_IPV6_SUBTREES
1917 if (cfg
->fc_src_len
) {
1918 NL_SET_ERR_MSG(extack
,
1919 "Specifying source address requires IPV6_SUBTREES to be enabled");
1923 if (cfg
->fc_ifindex
) {
1925 dev
= dev_get_by_index(net
, cfg
->fc_ifindex
);
1928 idev
= in6_dev_get(dev
);
1933 if (cfg
->fc_metric
== 0)
1934 cfg
->fc_metric
= IP6_RT_PRIO_USER
;
1937 if (cfg
->fc_nlinfo
.nlh
&&
1938 !(cfg
->fc_nlinfo
.nlh
->nlmsg_flags
& NLM_F_CREATE
)) {
1939 table
= fib6_get_table(net
, cfg
->fc_table
);
1941 pr_warn("NLM_F_CREATE should be specified when creating new route\n");
1942 table
= fib6_new_table(net
, cfg
->fc_table
);
1945 table
= fib6_new_table(net
, cfg
->fc_table
);
1951 rt
= ip6_dst_alloc(net
, NULL
,
1952 (cfg
->fc_flags
& RTF_ADDRCONF
) ? 0 : DST_NOCOUNT
);
1959 if (cfg
->fc_flags
& RTF_EXPIRES
)
1960 rt6_set_expires(rt
, jiffies
+
1961 clock_t_to_jiffies(cfg
->fc_expires
));
1963 rt6_clean_expires(rt
);
1965 if (cfg
->fc_protocol
== RTPROT_UNSPEC
)
1966 cfg
->fc_protocol
= RTPROT_BOOT
;
1967 rt
->rt6i_protocol
= cfg
->fc_protocol
;
1969 addr_type
= ipv6_addr_type(&cfg
->fc_dst
);
1971 if (addr_type
& IPV6_ADDR_MULTICAST
)
1972 rt
->dst
.input
= ip6_mc_input
;
1973 else if (cfg
->fc_flags
& RTF_LOCAL
)
1974 rt
->dst
.input
= ip6_input
;
1976 rt
->dst
.input
= ip6_forward
;
1978 rt
->dst
.output
= ip6_output
;
1980 if (cfg
->fc_encap
) {
1981 struct lwtunnel_state
*lwtstate
;
1983 err
= lwtunnel_build_state(cfg
->fc_encap_type
,
1984 cfg
->fc_encap
, AF_INET6
, cfg
,
1988 rt
->dst
.lwtstate
= lwtstate_get(lwtstate
);
1989 if (lwtunnel_output_redirect(rt
->dst
.lwtstate
)) {
1990 rt
->dst
.lwtstate
->orig_output
= rt
->dst
.output
;
1991 rt
->dst
.output
= lwtunnel_output
;
1993 if (lwtunnel_input_redirect(rt
->dst
.lwtstate
)) {
1994 rt
->dst
.lwtstate
->orig_input
= rt
->dst
.input
;
1995 rt
->dst
.input
= lwtunnel_input
;
1999 ipv6_addr_prefix(&rt
->rt6i_dst
.addr
, &cfg
->fc_dst
, cfg
->fc_dst_len
);
2000 rt
->rt6i_dst
.plen
= cfg
->fc_dst_len
;
2001 if (rt
->rt6i_dst
.plen
== 128)
2002 rt
->dst
.flags
|= DST_HOST
;
2004 #ifdef CONFIG_IPV6_SUBTREES
2005 ipv6_addr_prefix(&rt
->rt6i_src
.addr
, &cfg
->fc_src
, cfg
->fc_src_len
);
2006 rt
->rt6i_src
.plen
= cfg
->fc_src_len
;
2009 rt
->rt6i_metric
= cfg
->fc_metric
;
2011 /* We cannot add true routes via loopback here,
2012 they would result in kernel looping; promote them to reject routes
2014 if ((cfg
->fc_flags
& RTF_REJECT
) ||
2015 (dev
&& (dev
->flags
& IFF_LOOPBACK
) &&
2016 !(addr_type
& IPV6_ADDR_LOOPBACK
) &&
2017 !(cfg
->fc_flags
& RTF_LOCAL
))) {
2018 /* hold loopback dev/idev if we haven't done so. */
2019 if (dev
!= net
->loopback_dev
) {
2024 dev
= net
->loopback_dev
;
2026 idev
= in6_dev_get(dev
);
2032 rt
->rt6i_flags
= RTF_REJECT
|RTF_NONEXTHOP
;
2033 switch (cfg
->fc_type
) {
2035 rt
->dst
.error
= -EINVAL
;
2036 rt
->dst
.output
= dst_discard_out
;
2037 rt
->dst
.input
= dst_discard
;
2040 rt
->dst
.error
= -EACCES
;
2041 rt
->dst
.output
= ip6_pkt_prohibit_out
;
2042 rt
->dst
.input
= ip6_pkt_prohibit
;
2045 case RTN_UNREACHABLE
:
2047 rt
->dst
.error
= (cfg
->fc_type
== RTN_THROW
) ? -EAGAIN
2048 : (cfg
->fc_type
== RTN_UNREACHABLE
)
2049 ? -EHOSTUNREACH
: -ENETUNREACH
;
2050 rt
->dst
.output
= ip6_pkt_discard_out
;
2051 rt
->dst
.input
= ip6_pkt_discard
;
2057 if (cfg
->fc_flags
& RTF_GATEWAY
) {
2058 const struct in6_addr
*gw_addr
;
2061 gw_addr
= &cfg
->fc_gateway
;
2062 gwa_type
= ipv6_addr_type(gw_addr
);
2064 /* if gw_addr is local we will fail to detect this in case
2065 * address is still TENTATIVE (DAD in progress). rt6_lookup()
2066 * will return already-added prefix route via interface that
2067 * prefix route was assigned to, which might be non-loopback.
2070 if (ipv6_chk_addr_and_flags(net
, gw_addr
,
2071 gwa_type
& IPV6_ADDR_LINKLOCAL
?
2072 dev
: NULL
, 0, 0)) {
2073 NL_SET_ERR_MSG(extack
, "Invalid gateway address");
2076 rt
->rt6i_gateway
= *gw_addr
;
2078 if (gwa_type
!= (IPV6_ADDR_LINKLOCAL
|IPV6_ADDR_UNICAST
)) {
2079 struct rt6_info
*grt
= NULL
;
2081 /* IPv6 strictly inhibits using not link-local
2082 addresses as nexthop address.
2083 Otherwise, router will not able to send redirects.
2084 It is very good, but in some (rare!) circumstances
2085 (SIT, PtP, NBMA NOARP links) it is handy to allow
2086 some exceptions. --ANK
2087 We allow IPv4-mapped nexthops to support RFC4798-type
2090 if (!(gwa_type
& (IPV6_ADDR_UNICAST
|
2091 IPV6_ADDR_MAPPED
))) {
2092 NL_SET_ERR_MSG(extack
,
2093 "Invalid gateway address");
2097 if (cfg
->fc_table
) {
2098 grt
= ip6_nh_lookup_table(net
, cfg
, gw_addr
);
2101 if (grt
->rt6i_flags
& RTF_GATEWAY
||
2102 (dev
&& dev
!= grt
->dst
.dev
)) {
2110 grt
= rt6_lookup(net
, gw_addr
, NULL
,
2111 cfg
->fc_ifindex
, 1);
2113 err
= -EHOSTUNREACH
;
2117 if (dev
!= grt
->dst
.dev
) {
2123 idev
= grt
->rt6i_idev
;
2125 in6_dev_hold(grt
->rt6i_idev
);
2127 if (!(grt
->rt6i_flags
& RTF_GATEWAY
))
2136 NL_SET_ERR_MSG(extack
, "Egress device not specified");
2138 } else if (dev
->flags
& IFF_LOOPBACK
) {
2139 NL_SET_ERR_MSG(extack
,
2140 "Egress device can not be loopback device for this route");
2149 if (!ipv6_addr_any(&cfg
->fc_prefsrc
)) {
2150 if (!ipv6_chk_addr(net
, &cfg
->fc_prefsrc
, dev
, 0)) {
2151 NL_SET_ERR_MSG(extack
, "Invalid source address");
2155 rt
->rt6i_prefsrc
.addr
= cfg
->fc_prefsrc
;
2156 rt
->rt6i_prefsrc
.plen
= 128;
2158 rt
->rt6i_prefsrc
.plen
= 0;
2160 rt
->rt6i_flags
= cfg
->fc_flags
;
2164 rt
->rt6i_idev
= idev
;
2165 rt
->rt6i_table
= table
;
2167 cfg
->fc_nlinfo
.nl_net
= dev_net(dev
);
2176 dst_release_immediate(&rt
->dst
);
2178 return ERR_PTR(err
);
2181 int ip6_route_add(struct fib6_config
*cfg
,
2182 struct netlink_ext_ack
*extack
)
2184 struct mx6_config mxc
= { .mx
= NULL
, };
2185 struct rt6_info
*rt
;
2188 rt
= ip6_route_info_create(cfg
, extack
);
2195 err
= ip6_convert_metrics(&mxc
, cfg
);
2199 err
= __ip6_ins_rt(rt
, &cfg
->fc_nlinfo
, &mxc
, extack
);
2206 dst_release_immediate(&rt
->dst
);
2211 static int __ip6_del_rt(struct rt6_info
*rt
, struct nl_info
*info
)
2214 struct fib6_table
*table
;
2215 struct net
*net
= dev_net(rt
->dst
.dev
);
2217 if (rt
== net
->ipv6
.ip6_null_entry
) {
2222 table
= rt
->rt6i_table
;
2223 write_lock_bh(&table
->tb6_lock
);
2224 err
= fib6_del(rt
, info
);
2225 write_unlock_bh(&table
->tb6_lock
);
2232 int ip6_del_rt(struct rt6_info
*rt
)
2234 struct nl_info info
= {
2235 .nl_net
= dev_net(rt
->dst
.dev
),
2237 return __ip6_del_rt(rt
, &info
);
2240 static int __ip6_del_rt_siblings(struct rt6_info
*rt
, struct fib6_config
*cfg
)
2242 struct nl_info
*info
= &cfg
->fc_nlinfo
;
2243 struct net
*net
= info
->nl_net
;
2244 struct sk_buff
*skb
= NULL
;
2245 struct fib6_table
*table
;
2248 if (rt
== net
->ipv6
.ip6_null_entry
)
2250 table
= rt
->rt6i_table
;
2251 write_lock_bh(&table
->tb6_lock
);
2253 if (rt
->rt6i_nsiblings
&& cfg
->fc_delete_all_nh
) {
2254 struct rt6_info
*sibling
, *next_sibling
;
2256 /* prefer to send a single notification with all hops */
2257 skb
= nlmsg_new(rt6_nlmsg_size(rt
), gfp_any());
2259 u32 seq
= info
->nlh
? info
->nlh
->nlmsg_seq
: 0;
2261 if (rt6_fill_node(net
, skb
, rt
,
2262 NULL
, NULL
, 0, RTM_DELROUTE
,
2263 info
->portid
, seq
, 0) < 0) {
2267 info
->skip_notify
= 1;
2270 list_for_each_entry_safe(sibling
, next_sibling
,
2273 err
= fib6_del(sibling
, info
);
2279 err
= fib6_del(rt
, info
);
2281 write_unlock_bh(&table
->tb6_lock
);
2286 rtnl_notify(skb
, net
, info
->portid
, RTNLGRP_IPV6_ROUTE
,
2287 info
->nlh
, gfp_any());
2292 static int ip6_route_del(struct fib6_config
*cfg
,
2293 struct netlink_ext_ack
*extack
)
2295 struct fib6_table
*table
;
2296 struct fib6_node
*fn
;
2297 struct rt6_info
*rt
;
2300 table
= fib6_get_table(cfg
->fc_nlinfo
.nl_net
, cfg
->fc_table
);
2302 NL_SET_ERR_MSG(extack
, "FIB table does not exist");
2306 read_lock_bh(&table
->tb6_lock
);
2308 fn
= fib6_locate(&table
->tb6_root
,
2309 &cfg
->fc_dst
, cfg
->fc_dst_len
,
2310 &cfg
->fc_src
, cfg
->fc_src_len
);
2313 for (rt
= fn
->leaf
; rt
; rt
= rt
->dst
.rt6_next
) {
2314 if ((rt
->rt6i_flags
& RTF_CACHE
) &&
2315 !(cfg
->fc_flags
& RTF_CACHE
))
2317 if (cfg
->fc_ifindex
&&
2319 rt
->dst
.dev
->ifindex
!= cfg
->fc_ifindex
))
2321 if (cfg
->fc_flags
& RTF_GATEWAY
&&
2322 !ipv6_addr_equal(&cfg
->fc_gateway
, &rt
->rt6i_gateway
))
2324 if (cfg
->fc_metric
&& cfg
->fc_metric
!= rt
->rt6i_metric
)
2326 if (cfg
->fc_protocol
&& cfg
->fc_protocol
!= rt
->rt6i_protocol
)
2329 read_unlock_bh(&table
->tb6_lock
);
2331 /* if gateway was specified only delete the one hop */
2332 if (cfg
->fc_flags
& RTF_GATEWAY
)
2333 return __ip6_del_rt(rt
, &cfg
->fc_nlinfo
);
2335 return __ip6_del_rt_siblings(rt
, cfg
);
2338 read_unlock_bh(&table
->tb6_lock
);
2343 static void rt6_do_redirect(struct dst_entry
*dst
, struct sock
*sk
, struct sk_buff
*skb
)
2345 struct netevent_redirect netevent
;
2346 struct rt6_info
*rt
, *nrt
= NULL
;
2347 struct ndisc_options ndopts
;
2348 struct inet6_dev
*in6_dev
;
2349 struct neighbour
*neigh
;
2351 int optlen
, on_link
;
2354 optlen
= skb_tail_pointer(skb
) - skb_transport_header(skb
);
2355 optlen
-= sizeof(*msg
);
2358 net_dbg_ratelimited("rt6_do_redirect: packet too short\n");
2362 msg
= (struct rd_msg
*)icmp6_hdr(skb
);
2364 if (ipv6_addr_is_multicast(&msg
->dest
)) {
2365 net_dbg_ratelimited("rt6_do_redirect: destination address is multicast\n");
2370 if (ipv6_addr_equal(&msg
->dest
, &msg
->target
)) {
2372 } else if (ipv6_addr_type(&msg
->target
) !=
2373 (IPV6_ADDR_UNICAST
|IPV6_ADDR_LINKLOCAL
)) {
2374 net_dbg_ratelimited("rt6_do_redirect: target address is not link-local unicast\n");
2378 in6_dev
= __in6_dev_get(skb
->dev
);
2381 if (in6_dev
->cnf
.forwarding
|| !in6_dev
->cnf
.accept_redirects
)
2385 * The IP source address of the Redirect MUST be the same as the current
2386 * first-hop router for the specified ICMP Destination Address.
2389 if (!ndisc_parse_options(skb
->dev
, msg
->opt
, optlen
, &ndopts
)) {
2390 net_dbg_ratelimited("rt6_redirect: invalid ND options\n");
2395 if (ndopts
.nd_opts_tgt_lladdr
) {
2396 lladdr
= ndisc_opt_addr_data(ndopts
.nd_opts_tgt_lladdr
,
2399 net_dbg_ratelimited("rt6_redirect: invalid link-layer address length\n");
2404 rt
= (struct rt6_info
*) dst
;
2405 if (rt
->rt6i_flags
& RTF_REJECT
) {
2406 net_dbg_ratelimited("rt6_redirect: source isn't a valid nexthop for redirect target\n");
2410 /* Redirect received -> path was valid.
2411 * Look, redirects are sent only in response to data packets,
2412 * so that this nexthop apparently is reachable. --ANK
2414 dst_confirm_neigh(&rt
->dst
, &ipv6_hdr(skb
)->saddr
);
2416 neigh
= __neigh_lookup(&nd_tbl
, &msg
->target
, skb
->dev
, 1);
2421 * We have finally decided to accept it.
2424 ndisc_update(skb
->dev
, neigh
, lladdr
, NUD_STALE
,
2425 NEIGH_UPDATE_F_WEAK_OVERRIDE
|
2426 NEIGH_UPDATE_F_OVERRIDE
|
2427 (on_link
? 0 : (NEIGH_UPDATE_F_OVERRIDE_ISROUTER
|
2428 NEIGH_UPDATE_F_ISROUTER
)),
2429 NDISC_REDIRECT
, &ndopts
);
2431 nrt
= ip6_rt_cache_alloc(rt
, &msg
->dest
, NULL
);
2435 nrt
->rt6i_flags
= RTF_GATEWAY
|RTF_UP
|RTF_DYNAMIC
|RTF_CACHE
;
2437 nrt
->rt6i_flags
&= ~RTF_GATEWAY
;
2439 nrt
->rt6i_protocol
= RTPROT_REDIRECT
;
2440 nrt
->rt6i_gateway
= *(struct in6_addr
*)neigh
->primary_key
;
2442 if (ip6_ins_rt(nrt
))
2445 netevent
.old
= &rt
->dst
;
2446 netevent
.new = &nrt
->dst
;
2447 netevent
.daddr
= &msg
->dest
;
2448 netevent
.neigh
= neigh
;
2449 call_netevent_notifiers(NETEVENT_REDIRECT
, &netevent
);
2451 if (rt
->rt6i_flags
& RTF_CACHE
) {
2452 rt
= (struct rt6_info
*) dst_clone(&rt
->dst
);
2457 /* Release the reference taken in
2458 * ip6_rt_cache_alloc()
2460 dst_release(&nrt
->dst
);
2463 neigh_release(neigh
);
2467 * Misc support functions
2470 static void rt6_set_from(struct rt6_info
*rt
, struct rt6_info
*from
)
2472 BUG_ON(from
->dst
.from
);
2474 rt
->rt6i_flags
&= ~RTF_EXPIRES
;
2475 dst_hold(&from
->dst
);
2476 rt
->dst
.from
= &from
->dst
;
2477 dst_init_metrics(&rt
->dst
, dst_metrics_ptr(&from
->dst
), true);
2480 static void ip6_rt_copy_init(struct rt6_info
*rt
, struct rt6_info
*ort
)
2482 rt
->dst
.input
= ort
->dst
.input
;
2483 rt
->dst
.output
= ort
->dst
.output
;
2484 rt
->rt6i_dst
= ort
->rt6i_dst
;
2485 rt
->dst
.error
= ort
->dst
.error
;
2486 rt
->rt6i_idev
= ort
->rt6i_idev
;
2488 in6_dev_hold(rt
->rt6i_idev
);
2489 rt
->dst
.lastuse
= jiffies
;
2490 rt
->rt6i_gateway
= ort
->rt6i_gateway
;
2491 rt
->rt6i_flags
= ort
->rt6i_flags
;
2492 rt6_set_from(rt
, ort
);
2493 rt
->rt6i_metric
= ort
->rt6i_metric
;
2494 #ifdef CONFIG_IPV6_SUBTREES
2495 rt
->rt6i_src
= ort
->rt6i_src
;
2497 rt
->rt6i_prefsrc
= ort
->rt6i_prefsrc
;
2498 rt
->rt6i_table
= ort
->rt6i_table
;
2499 rt
->dst
.lwtstate
= lwtstate_get(ort
->dst
.lwtstate
);
2502 #ifdef CONFIG_IPV6_ROUTE_INFO
2503 static struct rt6_info
*rt6_get_route_info(struct net
*net
,
2504 const struct in6_addr
*prefix
, int prefixlen
,
2505 const struct in6_addr
*gwaddr
,
2506 struct net_device
*dev
)
2508 u32 tb_id
= l3mdev_fib_table(dev
) ? : addrconf_rt_table(dev
, RT6_TABLE_INFO
);
2509 struct fib6_node
*fn
;
2510 struct rt6_info
*rt
= NULL
;
2511 struct fib6_table
*table
;
2513 table
= fib6_get_table(net
, tb_id
);
2517 read_lock_bh(&table
->tb6_lock
);
2518 fn
= fib6_locate(&table
->tb6_root
, prefix
, prefixlen
, NULL
, 0);
2522 for (rt
= fn
->leaf
; rt
; rt
= rt
->dst
.rt6_next
) {
2523 if (rt
->dst
.dev
->ifindex
!= dev
->ifindex
)
2525 if ((rt
->rt6i_flags
& (RTF_ROUTEINFO
|RTF_GATEWAY
)) != (RTF_ROUTEINFO
|RTF_GATEWAY
))
2527 if (!ipv6_addr_equal(&rt
->rt6i_gateway
, gwaddr
))
2533 read_unlock_bh(&table
->tb6_lock
);
2537 static struct rt6_info
*rt6_add_route_info(struct net
*net
,
2538 const struct in6_addr
*prefix
, int prefixlen
,
2539 const struct in6_addr
*gwaddr
,
2540 struct net_device
*dev
,
2543 struct fib6_config cfg
= {
2544 .fc_metric
= IP6_RT_PRIO_USER
,
2545 .fc_ifindex
= dev
->ifindex
,
2546 .fc_dst_len
= prefixlen
,
2547 .fc_flags
= RTF_GATEWAY
| RTF_ADDRCONF
| RTF_ROUTEINFO
|
2548 RTF_UP
| RTF_PREF(pref
),
2549 .fc_protocol
= RTPROT_RA
,
2550 .fc_nlinfo
.portid
= 0,
2551 .fc_nlinfo
.nlh
= NULL
,
2552 .fc_nlinfo
.nl_net
= net
,
2555 cfg
.fc_table
= l3mdev_fib_table(dev
) ? : addrconf_rt_table(dev
, RT6_TABLE_INFO
),
2556 cfg
.fc_dst
= *prefix
;
2557 cfg
.fc_gateway
= *gwaddr
;
2559 /* We should treat it as a default route if prefix length is 0. */
2561 cfg
.fc_flags
|= RTF_DEFAULT
;
2563 ip6_route_add(&cfg
, NULL
);
2565 return rt6_get_route_info(net
, prefix
, prefixlen
, gwaddr
, dev
);
2569 struct rt6_info
*rt6_get_dflt_router(const struct in6_addr
*addr
, struct net_device
*dev
)
2571 u32 tb_id
= l3mdev_fib_table(dev
) ? : addrconf_rt_table(dev
, RT6_TABLE_MAIN
);
2572 struct rt6_info
*rt
;
2573 struct fib6_table
*table
;
2575 table
= fib6_get_table(dev_net(dev
), tb_id
);
2579 read_lock_bh(&table
->tb6_lock
);
2580 for (rt
= table
->tb6_root
.leaf
; rt
; rt
= rt
->dst
.rt6_next
) {
2581 if (dev
== rt
->dst
.dev
&&
2582 ((rt
->rt6i_flags
& (RTF_ADDRCONF
| RTF_DEFAULT
)) == (RTF_ADDRCONF
| RTF_DEFAULT
)) &&
2583 ipv6_addr_equal(&rt
->rt6i_gateway
, addr
))
2588 read_unlock_bh(&table
->tb6_lock
);
2592 struct rt6_info
*rt6_add_dflt_router(const struct in6_addr
*gwaddr
,
2593 struct net_device
*dev
,
2596 struct fib6_config cfg
= {
2597 .fc_table
= l3mdev_fib_table(dev
) ? : addrconf_rt_table(dev
, RT6_TABLE_DFLT
),
2598 .fc_metric
= IP6_RT_PRIO_USER
,
2599 .fc_ifindex
= dev
->ifindex
,
2600 .fc_flags
= RTF_GATEWAY
| RTF_ADDRCONF
| RTF_DEFAULT
|
2601 RTF_UP
| RTF_EXPIRES
| RTF_PREF(pref
),
2602 .fc_protocol
= RTPROT_RA
,
2603 .fc_nlinfo
.portid
= 0,
2604 .fc_nlinfo
.nlh
= NULL
,
2605 .fc_nlinfo
.nl_net
= dev_net(dev
),
2608 cfg
.fc_gateway
= *gwaddr
;
2610 if (!ip6_route_add(&cfg
, NULL
)) {
2611 struct fib6_table
*table
;
2613 table
= fib6_get_table(dev_net(dev
), cfg
.fc_table
);
2615 table
->flags
|= RT6_TABLE_HAS_DFLT_ROUTER
;
2618 return rt6_get_dflt_router(gwaddr
, dev
);
2621 int rt6_addrconf_purge(struct rt6_info
*rt
, void *arg
) {
2622 if (rt
->rt6i_flags
& (RTF_DEFAULT
| RTF_ADDRCONF
) &&
2623 (!rt
->rt6i_idev
|| rt
->rt6i_idev
->cnf
.accept_ra
!= 2))
2628 void rt6_purge_dflt_routers(struct net
*net
)
2630 fib6_clean_all(net
, rt6_addrconf_purge
, NULL
);
2633 static void rtmsg_to_fib6_config(struct net
*net
,
2634 struct in6_rtmsg
*rtmsg
,
2635 struct fib6_config
*cfg
)
2637 memset(cfg
, 0, sizeof(*cfg
));
2639 cfg
->fc_table
= l3mdev_fib_table_by_index(net
, rtmsg
->rtmsg_ifindex
) ?
2641 cfg
->fc_ifindex
= rtmsg
->rtmsg_ifindex
;
2642 cfg
->fc_metric
= rtmsg
->rtmsg_metric
;
2643 cfg
->fc_expires
= rtmsg
->rtmsg_info
;
2644 cfg
->fc_dst_len
= rtmsg
->rtmsg_dst_len
;
2645 cfg
->fc_src_len
= rtmsg
->rtmsg_src_len
;
2646 cfg
->fc_flags
= rtmsg
->rtmsg_flags
;
2648 cfg
->fc_nlinfo
.nl_net
= net
;
2650 cfg
->fc_dst
= rtmsg
->rtmsg_dst
;
2651 cfg
->fc_src
= rtmsg
->rtmsg_src
;
2652 cfg
->fc_gateway
= rtmsg
->rtmsg_gateway
;
2655 int ipv6_route_ioctl(struct net
*net
, unsigned int cmd
, void __user
*arg
)
2657 struct fib6_config cfg
;
2658 struct in6_rtmsg rtmsg
;
2662 case SIOCADDRT
: /* Add a route */
2663 case SIOCDELRT
: /* Delete a route */
2664 if (!ns_capable(net
->user_ns
, CAP_NET_ADMIN
))
2666 err
= copy_from_user(&rtmsg
, arg
,
2667 sizeof(struct in6_rtmsg
));
2671 rtmsg_to_fib6_config(net
, &rtmsg
, &cfg
);
2676 err
= ip6_route_add(&cfg
, NULL
);
2679 err
= ip6_route_del(&cfg
, NULL
);
2693 * Drop the packet on the floor
2696 static int ip6_pkt_drop(struct sk_buff
*skb
, u8 code
, int ipstats_mib_noroutes
)
2699 struct dst_entry
*dst
= skb_dst(skb
);
2700 switch (ipstats_mib_noroutes
) {
2701 case IPSTATS_MIB_INNOROUTES
:
2702 type
= ipv6_addr_type(&ipv6_hdr(skb
)->daddr
);
2703 if (type
== IPV6_ADDR_ANY
) {
2704 IP6_INC_STATS(dev_net(dst
->dev
), ip6_dst_idev(dst
),
2705 IPSTATS_MIB_INADDRERRORS
);
2709 case IPSTATS_MIB_OUTNOROUTES
:
2710 IP6_INC_STATS(dev_net(dst
->dev
), ip6_dst_idev(dst
),
2711 ipstats_mib_noroutes
);
2714 icmpv6_send(skb
, ICMPV6_DEST_UNREACH
, code
, 0);
2719 static int ip6_pkt_discard(struct sk_buff
*skb
)
2721 return ip6_pkt_drop(skb
, ICMPV6_NOROUTE
, IPSTATS_MIB_INNOROUTES
);
2724 static int ip6_pkt_discard_out(struct net
*net
, struct sock
*sk
, struct sk_buff
*skb
)
2726 skb
->dev
= skb_dst(skb
)->dev
;
2727 return ip6_pkt_drop(skb
, ICMPV6_NOROUTE
, IPSTATS_MIB_OUTNOROUTES
);
2730 static int ip6_pkt_prohibit(struct sk_buff
*skb
)
2732 return ip6_pkt_drop(skb
, ICMPV6_ADM_PROHIBITED
, IPSTATS_MIB_INNOROUTES
);
2735 static int ip6_pkt_prohibit_out(struct net
*net
, struct sock
*sk
, struct sk_buff
*skb
)
2737 skb
->dev
= skb_dst(skb
)->dev
;
2738 return ip6_pkt_drop(skb
, ICMPV6_ADM_PROHIBITED
, IPSTATS_MIB_OUTNOROUTES
);
2742 * Allocate a dst for local (unicast / anycast) address.
2745 struct rt6_info
*addrconf_dst_alloc(struct inet6_dev
*idev
,
2746 const struct in6_addr
*addr
,
2750 struct net
*net
= dev_net(idev
->dev
);
2751 struct net_device
*dev
= idev
->dev
;
2752 struct rt6_info
*rt
;
2754 rt
= ip6_dst_alloc(net
, dev
, DST_NOCOUNT
);
2756 return ERR_PTR(-ENOMEM
);
2760 rt
->dst
.flags
|= DST_HOST
;
2761 rt
->dst
.input
= ip6_input
;
2762 rt
->dst
.output
= ip6_output
;
2763 rt
->rt6i_idev
= idev
;
2765 rt
->rt6i_protocol
= RTPROT_KERNEL
;
2766 rt
->rt6i_flags
= RTF_UP
| RTF_NONEXTHOP
;
2768 rt
->rt6i_flags
|= RTF_ANYCAST
;
2770 rt
->rt6i_flags
|= RTF_LOCAL
;
2772 rt
->rt6i_gateway
= *addr
;
2773 rt
->rt6i_dst
.addr
= *addr
;
2774 rt
->rt6i_dst
.plen
= 128;
2775 tb_id
= l3mdev_fib_table(idev
->dev
) ? : RT6_TABLE_LOCAL
;
2776 rt
->rt6i_table
= fib6_get_table(net
, tb_id
);
2781 /* remove deleted ip from prefsrc entries */
2782 struct arg_dev_net_ip
{
2783 struct net_device
*dev
;
2785 struct in6_addr
*addr
;
2788 static int fib6_remove_prefsrc(struct rt6_info
*rt
, void *arg
)
2790 struct net_device
*dev
= ((struct arg_dev_net_ip
*)arg
)->dev
;
2791 struct net
*net
= ((struct arg_dev_net_ip
*)arg
)->net
;
2792 struct in6_addr
*addr
= ((struct arg_dev_net_ip
*)arg
)->addr
;
2794 if (((void *)rt
->dst
.dev
== dev
|| !dev
) &&
2795 rt
!= net
->ipv6
.ip6_null_entry
&&
2796 ipv6_addr_equal(addr
, &rt
->rt6i_prefsrc
.addr
)) {
2797 /* remove prefsrc entry */
2798 rt
->rt6i_prefsrc
.plen
= 0;
2803 void rt6_remove_prefsrc(struct inet6_ifaddr
*ifp
)
2805 struct net
*net
= dev_net(ifp
->idev
->dev
);
2806 struct arg_dev_net_ip adni
= {
2807 .dev
= ifp
->idev
->dev
,
2811 fib6_clean_all(net
, fib6_remove_prefsrc
, &adni
);
2814 #define RTF_RA_ROUTER (RTF_ADDRCONF | RTF_DEFAULT | RTF_GATEWAY)
2815 #define RTF_CACHE_GATEWAY (RTF_GATEWAY | RTF_CACHE)
2817 /* Remove routers and update dst entries when gateway turn into host. */
2818 static int fib6_clean_tohost(struct rt6_info
*rt
, void *arg
)
2820 struct in6_addr
*gateway
= (struct in6_addr
*)arg
;
2822 if ((((rt
->rt6i_flags
& RTF_RA_ROUTER
) == RTF_RA_ROUTER
) ||
2823 ((rt
->rt6i_flags
& RTF_CACHE_GATEWAY
) == RTF_CACHE_GATEWAY
)) &&
2824 ipv6_addr_equal(gateway
, &rt
->rt6i_gateway
)) {
2830 void rt6_clean_tohost(struct net
*net
, struct in6_addr
*gateway
)
2832 fib6_clean_all(net
, fib6_clean_tohost
, gateway
);
2835 struct arg_dev_net
{
2836 struct net_device
*dev
;
2840 /* called with write lock held for table with rt */
2841 static int fib6_ifdown(struct rt6_info
*rt
, void *arg
)
2843 const struct arg_dev_net
*adn
= arg
;
2844 const struct net_device
*dev
= adn
->dev
;
2846 if ((rt
->dst
.dev
== dev
|| !dev
) &&
2847 rt
!= adn
->net
->ipv6
.ip6_null_entry
&&
2848 (rt
->rt6i_nsiblings
== 0 ||
2849 (dev
&& netdev_unregistering(dev
)) ||
2850 !rt
->rt6i_idev
->cnf
.ignore_routes_with_linkdown
))
2856 void rt6_ifdown(struct net
*net
, struct net_device
*dev
)
2858 struct arg_dev_net adn
= {
2863 fib6_clean_all(net
, fib6_ifdown
, &adn
);
2865 rt6_uncached_list_flush_dev(net
, dev
);
2868 struct rt6_mtu_change_arg
{
2869 struct net_device
*dev
;
2873 static int rt6_mtu_change_route(struct rt6_info
*rt
, void *p_arg
)
2875 struct rt6_mtu_change_arg
*arg
= (struct rt6_mtu_change_arg
*) p_arg
;
2876 struct inet6_dev
*idev
;
2878 /* In IPv6 pmtu discovery is not optional,
2879 so that RTAX_MTU lock cannot disable it.
2880 We still use this lock to block changes
2881 caused by addrconf/ndisc.
2884 idev
= __in6_dev_get(arg
->dev
);
2888 /* For administrative MTU increase, there is no way to discover
2889 IPv6 PMTU increase, so PMTU increase should be updated here.
2890 Since RFC 1981 doesn't include administrative MTU increase
2891 update PMTU increase is a MUST. (i.e. jumbo frame)
2894 If new MTU is less than route PMTU, this new MTU will be the
2895 lowest MTU in the path, update the route PMTU to reflect PMTU
2896 decreases; if new MTU is greater than route PMTU, and the
2897 old MTU is the lowest MTU in the path, update the route PMTU
2898 to reflect the increase. In this case if the other nodes' MTU
2899 also have the lowest MTU, TOO BIG MESSAGE will be lead to
2902 if (rt
->dst
.dev
== arg
->dev
&&
2903 dst_metric_raw(&rt
->dst
, RTAX_MTU
) &&
2904 !dst_metric_locked(&rt
->dst
, RTAX_MTU
)) {
2905 if (rt
->rt6i_flags
& RTF_CACHE
) {
2906 /* For RTF_CACHE with rt6i_pmtu == 0
2907 * (i.e. a redirected route),
2908 * the metrics of its rt->dst.from has already
2911 if (rt
->rt6i_pmtu
&& rt
->rt6i_pmtu
> arg
->mtu
)
2912 rt
->rt6i_pmtu
= arg
->mtu
;
2913 } else if (dst_mtu(&rt
->dst
) >= arg
->mtu
||
2914 (dst_mtu(&rt
->dst
) < arg
->mtu
&&
2915 dst_mtu(&rt
->dst
) == idev
->cnf
.mtu6
)) {
2916 dst_metric_set(&rt
->dst
, RTAX_MTU
, arg
->mtu
);
2922 void rt6_mtu_change(struct net_device
*dev
, unsigned int mtu
)
2924 struct rt6_mtu_change_arg arg
= {
2929 fib6_clean_all(dev_net(dev
), rt6_mtu_change_route
, &arg
);
2932 static const struct nla_policy rtm_ipv6_policy
[RTA_MAX
+1] = {
2933 [RTA_GATEWAY
] = { .len
= sizeof(struct in6_addr
) },
2934 [RTA_PREFSRC
] = { .len
= sizeof(struct in6_addr
) },
2935 [RTA_OIF
] = { .type
= NLA_U32
},
2936 [RTA_IIF
] = { .type
= NLA_U32
},
2937 [RTA_PRIORITY
] = { .type
= NLA_U32
},
2938 [RTA_METRICS
] = { .type
= NLA_NESTED
},
2939 [RTA_MULTIPATH
] = { .len
= sizeof(struct rtnexthop
) },
2940 [RTA_PREF
] = { .type
= NLA_U8
},
2941 [RTA_ENCAP_TYPE
] = { .type
= NLA_U16
},
2942 [RTA_ENCAP
] = { .type
= NLA_NESTED
},
2943 [RTA_EXPIRES
] = { .type
= NLA_U32
},
2944 [RTA_UID
] = { .type
= NLA_U32
},
2945 [RTA_MARK
] = { .type
= NLA_U32
},
2946 [RTA_TABLE
] = { .type
= NLA_U32
},
2949 static int rtm_to_fib6_config(struct sk_buff
*skb
, struct nlmsghdr
*nlh
,
2950 struct fib6_config
*cfg
,
2951 struct netlink_ext_ack
*extack
)
2954 struct nlattr
*tb
[RTA_MAX
+1];
2958 err
= nlmsg_parse(nlh
, sizeof(*rtm
), tb
, RTA_MAX
, rtm_ipv6_policy
,
2964 rtm
= nlmsg_data(nlh
);
2965 memset(cfg
, 0, sizeof(*cfg
));
2967 cfg
->fc_table
= rtm
->rtm_table
;
2968 cfg
->fc_dst_len
= rtm
->rtm_dst_len
;
2969 cfg
->fc_src_len
= rtm
->rtm_src_len
;
2970 cfg
->fc_flags
= RTF_UP
;
2971 cfg
->fc_protocol
= rtm
->rtm_protocol
;
2972 cfg
->fc_type
= rtm
->rtm_type
;
2974 if (rtm
->rtm_type
== RTN_UNREACHABLE
||
2975 rtm
->rtm_type
== RTN_BLACKHOLE
||
2976 rtm
->rtm_type
== RTN_PROHIBIT
||
2977 rtm
->rtm_type
== RTN_THROW
)
2978 cfg
->fc_flags
|= RTF_REJECT
;
2980 if (rtm
->rtm_type
== RTN_LOCAL
)
2981 cfg
->fc_flags
|= RTF_LOCAL
;
2983 if (rtm
->rtm_flags
& RTM_F_CLONED
)
2984 cfg
->fc_flags
|= RTF_CACHE
;
2986 cfg
->fc_nlinfo
.portid
= NETLINK_CB(skb
).portid
;
2987 cfg
->fc_nlinfo
.nlh
= nlh
;
2988 cfg
->fc_nlinfo
.nl_net
= sock_net(skb
->sk
);
2990 if (tb
[RTA_GATEWAY
]) {
2991 cfg
->fc_gateway
= nla_get_in6_addr(tb
[RTA_GATEWAY
]);
2992 cfg
->fc_flags
|= RTF_GATEWAY
;
2996 int plen
= (rtm
->rtm_dst_len
+ 7) >> 3;
2998 if (nla_len(tb
[RTA_DST
]) < plen
)
3001 nla_memcpy(&cfg
->fc_dst
, tb
[RTA_DST
], plen
);
3005 int plen
= (rtm
->rtm_src_len
+ 7) >> 3;
3007 if (nla_len(tb
[RTA_SRC
]) < plen
)
3010 nla_memcpy(&cfg
->fc_src
, tb
[RTA_SRC
], plen
);
3013 if (tb
[RTA_PREFSRC
])
3014 cfg
->fc_prefsrc
= nla_get_in6_addr(tb
[RTA_PREFSRC
]);
3017 cfg
->fc_ifindex
= nla_get_u32(tb
[RTA_OIF
]);
3019 if (tb
[RTA_PRIORITY
])
3020 cfg
->fc_metric
= nla_get_u32(tb
[RTA_PRIORITY
]);
3022 if (tb
[RTA_METRICS
]) {
3023 cfg
->fc_mx
= nla_data(tb
[RTA_METRICS
]);
3024 cfg
->fc_mx_len
= nla_len(tb
[RTA_METRICS
]);
3028 cfg
->fc_table
= nla_get_u32(tb
[RTA_TABLE
]);
3030 if (tb
[RTA_MULTIPATH
]) {
3031 cfg
->fc_mp
= nla_data(tb
[RTA_MULTIPATH
]);
3032 cfg
->fc_mp_len
= nla_len(tb
[RTA_MULTIPATH
]);
3034 err
= lwtunnel_valid_encap_type_attr(cfg
->fc_mp
,
3035 cfg
->fc_mp_len
, extack
);
3041 pref
= nla_get_u8(tb
[RTA_PREF
]);
3042 if (pref
!= ICMPV6_ROUTER_PREF_LOW
&&
3043 pref
!= ICMPV6_ROUTER_PREF_HIGH
)
3044 pref
= ICMPV6_ROUTER_PREF_MEDIUM
;
3045 cfg
->fc_flags
|= RTF_PREF(pref
);
3049 cfg
->fc_encap
= tb
[RTA_ENCAP
];
3051 if (tb
[RTA_ENCAP_TYPE
]) {
3052 cfg
->fc_encap_type
= nla_get_u16(tb
[RTA_ENCAP_TYPE
]);
3054 err
= lwtunnel_valid_encap_type(cfg
->fc_encap_type
, extack
);
3059 if (tb
[RTA_EXPIRES
]) {
3060 unsigned long timeout
= addrconf_timeout_fixup(nla_get_u32(tb
[RTA_EXPIRES
]), HZ
);
3062 if (addrconf_finite_timeout(timeout
)) {
3063 cfg
->fc_expires
= jiffies_to_clock_t(timeout
* HZ
);
3064 cfg
->fc_flags
|= RTF_EXPIRES
;
3074 struct rt6_info
*rt6_info
;
3075 struct fib6_config r_cfg
;
3076 struct mx6_config mxc
;
3077 struct list_head next
;
3080 static void ip6_print_replace_route_err(struct list_head
*rt6_nh_list
)
3084 list_for_each_entry(nh
, rt6_nh_list
, next
) {
3085 pr_warn("IPV6: multipath route replace failed (check consistency of installed routes): %pI6c nexthop %pI6c ifi %d\n",
3086 &nh
->r_cfg
.fc_dst
, &nh
->r_cfg
.fc_gateway
,
3087 nh
->r_cfg
.fc_ifindex
);
3091 static int ip6_route_info_append(struct list_head
*rt6_nh_list
,
3092 struct rt6_info
*rt
, struct fib6_config
*r_cfg
)
3097 list_for_each_entry(nh
, rt6_nh_list
, next
) {
3098 /* check if rt6_info already exists */
3099 if (rt6_duplicate_nexthop(nh
->rt6_info
, rt
))
3103 nh
= kzalloc(sizeof(*nh
), GFP_KERNEL
);
3107 err
= ip6_convert_metrics(&nh
->mxc
, r_cfg
);
3112 memcpy(&nh
->r_cfg
, r_cfg
, sizeof(*r_cfg
));
3113 list_add_tail(&nh
->next
, rt6_nh_list
);
3118 static void ip6_route_mpath_notify(struct rt6_info
*rt
,
3119 struct rt6_info
*rt_last
,
3120 struct nl_info
*info
,
3123 /* if this is an APPEND route, then rt points to the first route
3124 * inserted and rt_last points to last route inserted. Userspace
3125 * wants a consistent dump of the route which starts at the first
3126 * nexthop. Since sibling routes are always added at the end of
3127 * the list, find the first sibling of the last route appended
3129 if ((nlflags
& NLM_F_APPEND
) && rt_last
&& rt_last
->rt6i_nsiblings
) {
3130 rt
= list_first_entry(&rt_last
->rt6i_siblings
,
3136 inet6_rt_notify(RTM_NEWROUTE
, rt
, info
, nlflags
);
3139 static int ip6_route_multipath_add(struct fib6_config
*cfg
,
3140 struct netlink_ext_ack
*extack
)
3142 struct rt6_info
*rt_notif
= NULL
, *rt_last
= NULL
;
3143 struct nl_info
*info
= &cfg
->fc_nlinfo
;
3144 struct fib6_config r_cfg
;
3145 struct rtnexthop
*rtnh
;
3146 struct rt6_info
*rt
;
3147 struct rt6_nh
*err_nh
;
3148 struct rt6_nh
*nh
, *nh_safe
;
3154 int replace
= (cfg
->fc_nlinfo
.nlh
&&
3155 (cfg
->fc_nlinfo
.nlh
->nlmsg_flags
& NLM_F_REPLACE
));
3156 LIST_HEAD(rt6_nh_list
);
3158 nlflags
= replace
? NLM_F_REPLACE
: NLM_F_CREATE
;
3159 if (info
->nlh
&& info
->nlh
->nlmsg_flags
& NLM_F_APPEND
)
3160 nlflags
|= NLM_F_APPEND
;
3162 remaining
= cfg
->fc_mp_len
;
3163 rtnh
= (struct rtnexthop
*)cfg
->fc_mp
;
3165 /* Parse a Multipath Entry and build a list (rt6_nh_list) of
3166 * rt6_info structs per nexthop
3168 while (rtnh_ok(rtnh
, remaining
)) {
3169 memcpy(&r_cfg
, cfg
, sizeof(*cfg
));
3170 if (rtnh
->rtnh_ifindex
)
3171 r_cfg
.fc_ifindex
= rtnh
->rtnh_ifindex
;
3173 attrlen
= rtnh_attrlen(rtnh
);
3175 struct nlattr
*nla
, *attrs
= rtnh_attrs(rtnh
);
3177 nla
= nla_find(attrs
, attrlen
, RTA_GATEWAY
);
3179 r_cfg
.fc_gateway
= nla_get_in6_addr(nla
);
3180 r_cfg
.fc_flags
|= RTF_GATEWAY
;
3182 r_cfg
.fc_encap
= nla_find(attrs
, attrlen
, RTA_ENCAP
);
3183 nla
= nla_find(attrs
, attrlen
, RTA_ENCAP_TYPE
);
3185 r_cfg
.fc_encap_type
= nla_get_u16(nla
);
3188 rt
= ip6_route_info_create(&r_cfg
, extack
);
3195 err
= ip6_route_info_append(&rt6_nh_list
, rt
, &r_cfg
);
3197 dst_release_immediate(&rt
->dst
);
3201 rtnh
= rtnh_next(rtnh
, &remaining
);
3204 /* for add and replace send one notification with all nexthops.
3205 * Skip the notification in fib6_add_rt2node and send one with
3206 * the full route when done
3208 info
->skip_notify
= 1;
3211 list_for_each_entry(nh
, &rt6_nh_list
, next
) {
3212 rt_last
= nh
->rt6_info
;
3213 err
= __ip6_ins_rt(nh
->rt6_info
, info
, &nh
->mxc
, extack
);
3214 /* save reference to first route for notification */
3215 if (!rt_notif
&& !err
)
3216 rt_notif
= nh
->rt6_info
;
3218 /* nh->rt6_info is used or freed at this point, reset to NULL*/
3219 nh
->rt6_info
= NULL
;
3222 ip6_print_replace_route_err(&rt6_nh_list
);
3227 /* Because each route is added like a single route we remove
3228 * these flags after the first nexthop: if there is a collision,
3229 * we have already failed to add the first nexthop:
3230 * fib6_add_rt2node() has rejected it; when replacing, old
3231 * nexthops have been replaced by first new, the rest should
3234 cfg
->fc_nlinfo
.nlh
->nlmsg_flags
&= ~(NLM_F_EXCL
|
3239 /* success ... tell user about new route */
3240 ip6_route_mpath_notify(rt_notif
, rt_last
, info
, nlflags
);
3244 /* send notification for routes that were added so that
3245 * the delete notifications sent by ip6_route_del are
3249 ip6_route_mpath_notify(rt_notif
, rt_last
, info
, nlflags
);
3251 /* Delete routes that were already added */
3252 list_for_each_entry(nh
, &rt6_nh_list
, next
) {
3255 ip6_route_del(&nh
->r_cfg
, extack
);
3259 list_for_each_entry_safe(nh
, nh_safe
, &rt6_nh_list
, next
) {
3261 dst_release_immediate(&nh
->rt6_info
->dst
);
3263 list_del(&nh
->next
);
3270 static int ip6_route_multipath_del(struct fib6_config
*cfg
,
3271 struct netlink_ext_ack
*extack
)
3273 struct fib6_config r_cfg
;
3274 struct rtnexthop
*rtnh
;
3277 int err
= 1, last_err
= 0;
3279 remaining
= cfg
->fc_mp_len
;
3280 rtnh
= (struct rtnexthop
*)cfg
->fc_mp
;
3282 /* Parse a Multipath Entry */
3283 while (rtnh_ok(rtnh
, remaining
)) {
3284 memcpy(&r_cfg
, cfg
, sizeof(*cfg
));
3285 if (rtnh
->rtnh_ifindex
)
3286 r_cfg
.fc_ifindex
= rtnh
->rtnh_ifindex
;
3288 attrlen
= rtnh_attrlen(rtnh
);
3290 struct nlattr
*nla
, *attrs
= rtnh_attrs(rtnh
);
3292 nla
= nla_find(attrs
, attrlen
, RTA_GATEWAY
);
3294 nla_memcpy(&r_cfg
.fc_gateway
, nla
, 16);
3295 r_cfg
.fc_flags
|= RTF_GATEWAY
;
3298 err
= ip6_route_del(&r_cfg
, extack
);
3302 rtnh
= rtnh_next(rtnh
, &remaining
);
3308 static int inet6_rtm_delroute(struct sk_buff
*skb
, struct nlmsghdr
*nlh
,
3309 struct netlink_ext_ack
*extack
)
3311 struct fib6_config cfg
;
3314 err
= rtm_to_fib6_config(skb
, nlh
, &cfg
, extack
);
3319 return ip6_route_multipath_del(&cfg
, extack
);
3321 cfg
.fc_delete_all_nh
= 1;
3322 return ip6_route_del(&cfg
, extack
);
3326 static int inet6_rtm_newroute(struct sk_buff
*skb
, struct nlmsghdr
*nlh
,
3327 struct netlink_ext_ack
*extack
)
3329 struct fib6_config cfg
;
3332 err
= rtm_to_fib6_config(skb
, nlh
, &cfg
, extack
);
3337 return ip6_route_multipath_add(&cfg
, extack
);
3339 return ip6_route_add(&cfg
, extack
);
3342 static size_t rt6_nlmsg_size(struct rt6_info
*rt
)
3344 int nexthop_len
= 0;
3346 if (rt
->rt6i_nsiblings
) {
3347 nexthop_len
= nla_total_size(0) /* RTA_MULTIPATH */
3348 + NLA_ALIGN(sizeof(struct rtnexthop
))
3349 + nla_total_size(16) /* RTA_GATEWAY */
3350 + lwtunnel_get_encap_size(rt
->dst
.lwtstate
);
3352 nexthop_len
*= rt
->rt6i_nsiblings
;
3355 return NLMSG_ALIGN(sizeof(struct rtmsg
))
3356 + nla_total_size(16) /* RTA_SRC */
3357 + nla_total_size(16) /* RTA_DST */
3358 + nla_total_size(16) /* RTA_GATEWAY */
3359 + nla_total_size(16) /* RTA_PREFSRC */
3360 + nla_total_size(4) /* RTA_TABLE */
3361 + nla_total_size(4) /* RTA_IIF */
3362 + nla_total_size(4) /* RTA_OIF */
3363 + nla_total_size(4) /* RTA_PRIORITY */
3364 + RTAX_MAX
* nla_total_size(4) /* RTA_METRICS */
3365 + nla_total_size(sizeof(struct rta_cacheinfo
))
3366 + nla_total_size(TCP_CA_NAME_MAX
) /* RTAX_CC_ALGO */
3367 + nla_total_size(1) /* RTA_PREF */
3368 + lwtunnel_get_encap_size(rt
->dst
.lwtstate
)
3372 static int rt6_nexthop_info(struct sk_buff
*skb
, struct rt6_info
*rt
,
3373 unsigned int *flags
, bool skip_oif
)
3375 if (!netif_running(rt
->dst
.dev
) || !netif_carrier_ok(rt
->dst
.dev
)) {
3376 *flags
|= RTNH_F_LINKDOWN
;
3377 if (rt
->rt6i_idev
->cnf
.ignore_routes_with_linkdown
)
3378 *flags
|= RTNH_F_DEAD
;
3381 if (rt
->rt6i_flags
& RTF_GATEWAY
) {
3382 if (nla_put_in6_addr(skb
, RTA_GATEWAY
, &rt
->rt6i_gateway
) < 0)
3383 goto nla_put_failure
;
3386 if (rt
->rt6i_nh_flags
& RTNH_F_OFFLOAD
)
3387 *flags
|= RTNH_F_OFFLOAD
;
3389 /* not needed for multipath encoding b/c it has a rtnexthop struct */
3390 if (!skip_oif
&& rt
->dst
.dev
&&
3391 nla_put_u32(skb
, RTA_OIF
, rt
->dst
.dev
->ifindex
))
3392 goto nla_put_failure
;
3394 if (rt
->dst
.lwtstate
&&
3395 lwtunnel_fill_encap(skb
, rt
->dst
.lwtstate
) < 0)
3396 goto nla_put_failure
;
3404 /* add multipath next hop */
3405 static int rt6_add_nexthop(struct sk_buff
*skb
, struct rt6_info
*rt
)
3407 struct rtnexthop
*rtnh
;
3408 unsigned int flags
= 0;
3410 rtnh
= nla_reserve_nohdr(skb
, sizeof(*rtnh
));
3412 goto nla_put_failure
;
3414 rtnh
->rtnh_hops
= 0;
3415 rtnh
->rtnh_ifindex
= rt
->dst
.dev
? rt
->dst
.dev
->ifindex
: 0;
3417 if (rt6_nexthop_info(skb
, rt
, &flags
, true) < 0)
3418 goto nla_put_failure
;
3420 rtnh
->rtnh_flags
= flags
;
3422 /* length of rtnetlink header + attributes */
3423 rtnh
->rtnh_len
= nlmsg_get_pos(skb
) - (void *)rtnh
;
3431 static int rt6_fill_node(struct net
*net
,
3432 struct sk_buff
*skb
, struct rt6_info
*rt
,
3433 struct in6_addr
*dst
, struct in6_addr
*src
,
3434 int iif
, int type
, u32 portid
, u32 seq
,
3437 u32 metrics
[RTAX_MAX
];
3439 struct nlmsghdr
*nlh
;
3443 nlh
= nlmsg_put(skb
, portid
, seq
, type
, sizeof(*rtm
), flags
);
3447 rtm
= nlmsg_data(nlh
);
3448 rtm
->rtm_family
= AF_INET6
;
3449 rtm
->rtm_dst_len
= rt
->rt6i_dst
.plen
;
3450 rtm
->rtm_src_len
= rt
->rt6i_src
.plen
;
3453 table
= rt
->rt6i_table
->tb6_id
;
3455 table
= RT6_TABLE_UNSPEC
;
3456 rtm
->rtm_table
= table
;
3457 if (nla_put_u32(skb
, RTA_TABLE
, table
))
3458 goto nla_put_failure
;
3459 if (rt
->rt6i_flags
& RTF_REJECT
) {
3460 switch (rt
->dst
.error
) {
3462 rtm
->rtm_type
= RTN_BLACKHOLE
;
3465 rtm
->rtm_type
= RTN_PROHIBIT
;
3468 rtm
->rtm_type
= RTN_THROW
;
3471 rtm
->rtm_type
= RTN_UNREACHABLE
;
3475 else if (rt
->rt6i_flags
& RTF_LOCAL
)
3476 rtm
->rtm_type
= RTN_LOCAL
;
3477 else if (rt
->rt6i_flags
& RTF_ANYCAST
)
3478 rtm
->rtm_type
= RTN_ANYCAST
;
3479 else if (rt
->dst
.dev
&& (rt
->dst
.dev
->flags
& IFF_LOOPBACK
))
3480 rtm
->rtm_type
= RTN_LOCAL
;
3482 rtm
->rtm_type
= RTN_UNICAST
;
3484 rtm
->rtm_scope
= RT_SCOPE_UNIVERSE
;
3485 rtm
->rtm_protocol
= rt
->rt6i_protocol
;
3487 if (rt
->rt6i_flags
& RTF_CACHE
)
3488 rtm
->rtm_flags
|= RTM_F_CLONED
;
3491 if (nla_put_in6_addr(skb
, RTA_DST
, dst
))
3492 goto nla_put_failure
;
3493 rtm
->rtm_dst_len
= 128;
3494 } else if (rtm
->rtm_dst_len
)
3495 if (nla_put_in6_addr(skb
, RTA_DST
, &rt
->rt6i_dst
.addr
))
3496 goto nla_put_failure
;
3497 #ifdef CONFIG_IPV6_SUBTREES
3499 if (nla_put_in6_addr(skb
, RTA_SRC
, src
))
3500 goto nla_put_failure
;
3501 rtm
->rtm_src_len
= 128;
3502 } else if (rtm
->rtm_src_len
&&
3503 nla_put_in6_addr(skb
, RTA_SRC
, &rt
->rt6i_src
.addr
))
3504 goto nla_put_failure
;
3507 #ifdef CONFIG_IPV6_MROUTE
3508 if (ipv6_addr_is_multicast(&rt
->rt6i_dst
.addr
)) {
3509 int err
= ip6mr_get_route(net
, skb
, rtm
, portid
);
3514 goto nla_put_failure
;
3517 if (nla_put_u32(skb
, RTA_IIF
, iif
))
3518 goto nla_put_failure
;
3520 struct in6_addr saddr_buf
;
3521 if (ip6_route_get_saddr(net
, rt
, dst
, 0, &saddr_buf
) == 0 &&
3522 nla_put_in6_addr(skb
, RTA_PREFSRC
, &saddr_buf
))
3523 goto nla_put_failure
;
3526 if (rt
->rt6i_prefsrc
.plen
) {
3527 struct in6_addr saddr_buf
;
3528 saddr_buf
= rt
->rt6i_prefsrc
.addr
;
3529 if (nla_put_in6_addr(skb
, RTA_PREFSRC
, &saddr_buf
))
3530 goto nla_put_failure
;
3533 memcpy(metrics
, dst_metrics_ptr(&rt
->dst
), sizeof(metrics
));
3535 metrics
[RTAX_MTU
- 1] = rt
->rt6i_pmtu
;
3536 if (rtnetlink_put_metrics(skb
, metrics
) < 0)
3537 goto nla_put_failure
;
3539 if (nla_put_u32(skb
, RTA_PRIORITY
, rt
->rt6i_metric
))
3540 goto nla_put_failure
;
3542 /* For multipath routes, walk the siblings list and add
3543 * each as a nexthop within RTA_MULTIPATH.
3545 if (rt
->rt6i_nsiblings
) {
3546 struct rt6_info
*sibling
, *next_sibling
;
3549 mp
= nla_nest_start(skb
, RTA_MULTIPATH
);
3551 goto nla_put_failure
;
3553 if (rt6_add_nexthop(skb
, rt
) < 0)
3554 goto nla_put_failure
;
3556 list_for_each_entry_safe(sibling
, next_sibling
,
3557 &rt
->rt6i_siblings
, rt6i_siblings
) {
3558 if (rt6_add_nexthop(skb
, sibling
) < 0)
3559 goto nla_put_failure
;
3562 nla_nest_end(skb
, mp
);
3564 if (rt6_nexthop_info(skb
, rt
, &rtm
->rtm_flags
, false) < 0)
3565 goto nla_put_failure
;
3568 expires
= (rt
->rt6i_flags
& RTF_EXPIRES
) ? rt
->dst
.expires
- jiffies
: 0;
3570 if (rtnl_put_cacheinfo(skb
, &rt
->dst
, 0, expires
, rt
->dst
.error
) < 0)
3571 goto nla_put_failure
;
3573 if (nla_put_u8(skb
, RTA_PREF
, IPV6_EXTRACT_PREF(rt
->rt6i_flags
)))
3574 goto nla_put_failure
;
3577 nlmsg_end(skb
, nlh
);
3581 nlmsg_cancel(skb
, nlh
);
3585 int rt6_dump_route(struct rt6_info
*rt
, void *p_arg
)
3587 struct rt6_rtnl_dump_arg
*arg
= (struct rt6_rtnl_dump_arg
*) p_arg
;
3588 struct net
*net
= arg
->net
;
3590 if (rt
== net
->ipv6
.ip6_null_entry
)
3593 if (nlmsg_len(arg
->cb
->nlh
) >= sizeof(struct rtmsg
)) {
3594 struct rtmsg
*rtm
= nlmsg_data(arg
->cb
->nlh
);
3596 /* user wants prefix routes only */
3597 if (rtm
->rtm_flags
& RTM_F_PREFIX
&&
3598 !(rt
->rt6i_flags
& RTF_PREFIX_RT
)) {
3599 /* success since this is not a prefix route */
3604 return rt6_fill_node(net
,
3605 arg
->skb
, rt
, NULL
, NULL
, 0, RTM_NEWROUTE
,
3606 NETLINK_CB(arg
->cb
->skb
).portid
, arg
->cb
->nlh
->nlmsg_seq
,
3610 static int inet6_rtm_getroute(struct sk_buff
*in_skb
, struct nlmsghdr
*nlh
,
3611 struct netlink_ext_ack
*extack
)
3613 struct net
*net
= sock_net(in_skb
->sk
);
3614 struct nlattr
*tb
[RTA_MAX
+1];
3615 int err
, iif
= 0, oif
= 0;
3616 struct dst_entry
*dst
;
3617 struct rt6_info
*rt
;
3618 struct sk_buff
*skb
;
3623 err
= nlmsg_parse(nlh
, sizeof(*rtm
), tb
, RTA_MAX
, rtm_ipv6_policy
,
3629 memset(&fl6
, 0, sizeof(fl6
));
3630 rtm
= nlmsg_data(nlh
);
3631 fl6
.flowlabel
= ip6_make_flowinfo(rtm
->rtm_tos
, 0);
3632 fibmatch
= !!(rtm
->rtm_flags
& RTM_F_FIB_MATCH
);
3635 if (nla_len(tb
[RTA_SRC
]) < sizeof(struct in6_addr
))
3638 fl6
.saddr
= *(struct in6_addr
*)nla_data(tb
[RTA_SRC
]);
3642 if (nla_len(tb
[RTA_DST
]) < sizeof(struct in6_addr
))
3645 fl6
.daddr
= *(struct in6_addr
*)nla_data(tb
[RTA_DST
]);
3649 iif
= nla_get_u32(tb
[RTA_IIF
]);
3652 oif
= nla_get_u32(tb
[RTA_OIF
]);
3655 fl6
.flowi6_mark
= nla_get_u32(tb
[RTA_MARK
]);
3658 fl6
.flowi6_uid
= make_kuid(current_user_ns(),
3659 nla_get_u32(tb
[RTA_UID
]));
3661 fl6
.flowi6_uid
= iif
? INVALID_UID
: current_uid();
3664 struct net_device
*dev
;
3669 dev
= dev_get_by_index_rcu(net
, iif
);
3676 fl6
.flowi6_iif
= iif
;
3678 if (!ipv6_addr_any(&fl6
.saddr
))
3679 flags
|= RT6_LOOKUP_F_HAS_SADDR
;
3681 dst
= ip6_route_input_lookup(net
, dev
, &fl6
, flags
);
3685 fl6
.flowi6_oif
= oif
;
3687 dst
= ip6_route_output(net
, NULL
, &fl6
);
3691 rt
= container_of(dst
, struct rt6_info
, dst
);
3692 if (rt
->dst
.error
) {
3693 err
= rt
->dst
.error
;
3698 if (rt
== net
->ipv6
.ip6_null_entry
) {
3699 err
= rt
->dst
.error
;
3704 if (fibmatch
&& rt
->dst
.from
) {
3705 struct rt6_info
*ort
= container_of(rt
->dst
.from
,
3706 struct rt6_info
, dst
);
3708 dst_hold(&ort
->dst
);
3713 skb
= alloc_skb(NLMSG_GOODSIZE
, GFP_KERNEL
);
3720 skb_dst_set(skb
, &rt
->dst
);
3722 err
= rt6_fill_node(net
, skb
, rt
, NULL
, NULL
, iif
,
3723 RTM_NEWROUTE
, NETLINK_CB(in_skb
).portid
,
3726 err
= rt6_fill_node(net
, skb
, rt
, &fl6
.daddr
, &fl6
.saddr
, iif
,
3727 RTM_NEWROUTE
, NETLINK_CB(in_skb
).portid
,
3734 err
= rtnl_unicast(skb
, net
, NETLINK_CB(in_skb
).portid
);
3739 void inet6_rt_notify(int event
, struct rt6_info
*rt
, struct nl_info
*info
,
3740 unsigned int nlm_flags
)
3742 struct sk_buff
*skb
;
3743 struct net
*net
= info
->nl_net
;
3748 seq
= info
->nlh
? info
->nlh
->nlmsg_seq
: 0;
3750 skb
= nlmsg_new(rt6_nlmsg_size(rt
), gfp_any());
3754 err
= rt6_fill_node(net
, skb
, rt
, NULL
, NULL
, 0,
3755 event
, info
->portid
, seq
, nlm_flags
);
3757 /* -EMSGSIZE implies BUG in rt6_nlmsg_size() */
3758 WARN_ON(err
== -EMSGSIZE
);
3762 rtnl_notify(skb
, net
, info
->portid
, RTNLGRP_IPV6_ROUTE
,
3763 info
->nlh
, gfp_any());
3767 rtnl_set_sk_err(net
, RTNLGRP_IPV6_ROUTE
, err
);
3770 static int ip6_route_dev_notify(struct notifier_block
*this,
3771 unsigned long event
, void *ptr
)
3773 struct net_device
*dev
= netdev_notifier_info_to_dev(ptr
);
3774 struct net
*net
= dev_net(dev
);
3776 if (!(dev
->flags
& IFF_LOOPBACK
))
3779 if (event
== NETDEV_REGISTER
) {
3780 net
->ipv6
.ip6_null_entry
->dst
.dev
= dev
;
3781 net
->ipv6
.ip6_null_entry
->rt6i_idev
= in6_dev_get(dev
);
3782 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
3783 net
->ipv6
.ip6_prohibit_entry
->dst
.dev
= dev
;
3784 net
->ipv6
.ip6_prohibit_entry
->rt6i_idev
= in6_dev_get(dev
);
3785 net
->ipv6
.ip6_blk_hole_entry
->dst
.dev
= dev
;
3786 net
->ipv6
.ip6_blk_hole_entry
->rt6i_idev
= in6_dev_get(dev
);
3788 } else if (event
== NETDEV_UNREGISTER
&&
3789 dev
->reg_state
!= NETREG_UNREGISTERED
) {
3790 /* NETDEV_UNREGISTER could be fired for multiple times by
3791 * netdev_wait_allrefs(). Make sure we only call this once.
3793 in6_dev_put_clear(&net
->ipv6
.ip6_null_entry
->rt6i_idev
);
3794 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
3795 in6_dev_put_clear(&net
->ipv6
.ip6_prohibit_entry
->rt6i_idev
);
3796 in6_dev_put_clear(&net
->ipv6
.ip6_blk_hole_entry
->rt6i_idev
);
3807 #ifdef CONFIG_PROC_FS
3809 static const struct file_operations ipv6_route_proc_fops
= {
3810 .owner
= THIS_MODULE
,
3811 .open
= ipv6_route_open
,
3813 .llseek
= seq_lseek
,
3814 .release
= seq_release_net
,
3817 static int rt6_stats_seq_show(struct seq_file
*seq
, void *v
)
3819 struct net
*net
= (struct net
*)seq
->private;
3820 seq_printf(seq
, "%04x %04x %04x %04x %04x %04x %04x\n",
3821 net
->ipv6
.rt6_stats
->fib_nodes
,
3822 net
->ipv6
.rt6_stats
->fib_route_nodes
,
3823 net
->ipv6
.rt6_stats
->fib_rt_alloc
,
3824 net
->ipv6
.rt6_stats
->fib_rt_entries
,
3825 net
->ipv6
.rt6_stats
->fib_rt_cache
,
3826 dst_entries_get_slow(&net
->ipv6
.ip6_dst_ops
),
3827 net
->ipv6
.rt6_stats
->fib_discarded_routes
);
3832 static int rt6_stats_seq_open(struct inode
*inode
, struct file
*file
)
3834 return single_open_net(inode
, file
, rt6_stats_seq_show
);
3837 static const struct file_operations rt6_stats_seq_fops
= {
3838 .owner
= THIS_MODULE
,
3839 .open
= rt6_stats_seq_open
,
3841 .llseek
= seq_lseek
,
3842 .release
= single_release_net
,
3844 #endif /* CONFIG_PROC_FS */
3846 #ifdef CONFIG_SYSCTL
3849 int ipv6_sysctl_rtcache_flush(struct ctl_table
*ctl
, int write
,
3850 void __user
*buffer
, size_t *lenp
, loff_t
*ppos
)
3857 net
= (struct net
*)ctl
->extra1
;
3858 delay
= net
->ipv6
.sysctl
.flush_delay
;
3859 proc_dointvec(ctl
, write
, buffer
, lenp
, ppos
);
3860 fib6_run_gc(delay
<= 0 ? 0 : (unsigned long)delay
, net
, delay
> 0);
3864 struct ctl_table ipv6_route_table_template
[] = {
3866 .procname
= "flush",
3867 .data
= &init_net
.ipv6
.sysctl
.flush_delay
,
3868 .maxlen
= sizeof(int),
3870 .proc_handler
= ipv6_sysctl_rtcache_flush
3873 .procname
= "gc_thresh",
3874 .data
= &ip6_dst_ops_template
.gc_thresh
,
3875 .maxlen
= sizeof(int),
3877 .proc_handler
= proc_dointvec
,
3880 .procname
= "max_size",
3881 .data
= &init_net
.ipv6
.sysctl
.ip6_rt_max_size
,
3882 .maxlen
= sizeof(int),
3884 .proc_handler
= proc_dointvec
,
3887 .procname
= "gc_min_interval",
3888 .data
= &init_net
.ipv6
.sysctl
.ip6_rt_gc_min_interval
,
3889 .maxlen
= sizeof(int),
3891 .proc_handler
= proc_dointvec_jiffies
,
3894 .procname
= "gc_timeout",
3895 .data
= &init_net
.ipv6
.sysctl
.ip6_rt_gc_timeout
,
3896 .maxlen
= sizeof(int),
3898 .proc_handler
= proc_dointvec_jiffies
,
3901 .procname
= "gc_interval",
3902 .data
= &init_net
.ipv6
.sysctl
.ip6_rt_gc_interval
,
3903 .maxlen
= sizeof(int),
3905 .proc_handler
= proc_dointvec_jiffies
,
3908 .procname
= "gc_elasticity",
3909 .data
= &init_net
.ipv6
.sysctl
.ip6_rt_gc_elasticity
,
3910 .maxlen
= sizeof(int),
3912 .proc_handler
= proc_dointvec
,
3915 .procname
= "mtu_expires",
3916 .data
= &init_net
.ipv6
.sysctl
.ip6_rt_mtu_expires
,
3917 .maxlen
= sizeof(int),
3919 .proc_handler
= proc_dointvec_jiffies
,
3922 .procname
= "min_adv_mss",
3923 .data
= &init_net
.ipv6
.sysctl
.ip6_rt_min_advmss
,
3924 .maxlen
= sizeof(int),
3926 .proc_handler
= proc_dointvec
,
3929 .procname
= "gc_min_interval_ms",
3930 .data
= &init_net
.ipv6
.sysctl
.ip6_rt_gc_min_interval
,
3931 .maxlen
= sizeof(int),
3933 .proc_handler
= proc_dointvec_ms_jiffies
,
3938 struct ctl_table
* __net_init
ipv6_route_sysctl_init(struct net
*net
)
3940 struct ctl_table
*table
;
3942 table
= kmemdup(ipv6_route_table_template
,
3943 sizeof(ipv6_route_table_template
),
3947 table
[0].data
= &net
->ipv6
.sysctl
.flush_delay
;
3948 table
[0].extra1
= net
;
3949 table
[1].data
= &net
->ipv6
.ip6_dst_ops
.gc_thresh
;
3950 table
[2].data
= &net
->ipv6
.sysctl
.ip6_rt_max_size
;
3951 table
[3].data
= &net
->ipv6
.sysctl
.ip6_rt_gc_min_interval
;
3952 table
[4].data
= &net
->ipv6
.sysctl
.ip6_rt_gc_timeout
;
3953 table
[5].data
= &net
->ipv6
.sysctl
.ip6_rt_gc_interval
;
3954 table
[6].data
= &net
->ipv6
.sysctl
.ip6_rt_gc_elasticity
;
3955 table
[7].data
= &net
->ipv6
.sysctl
.ip6_rt_mtu_expires
;
3956 table
[8].data
= &net
->ipv6
.sysctl
.ip6_rt_min_advmss
;
3957 table
[9].data
= &net
->ipv6
.sysctl
.ip6_rt_gc_min_interval
;
3959 /* Don't export sysctls to unprivileged users */
3960 if (net
->user_ns
!= &init_user_ns
)
3961 table
[0].procname
= NULL
;
3968 static int __net_init
ip6_route_net_init(struct net
*net
)
3972 memcpy(&net
->ipv6
.ip6_dst_ops
, &ip6_dst_ops_template
,
3973 sizeof(net
->ipv6
.ip6_dst_ops
));
3975 if (dst_entries_init(&net
->ipv6
.ip6_dst_ops
) < 0)
3976 goto out_ip6_dst_ops
;
3978 net
->ipv6
.ip6_null_entry
= kmemdup(&ip6_null_entry_template
,
3979 sizeof(*net
->ipv6
.ip6_null_entry
),
3981 if (!net
->ipv6
.ip6_null_entry
)
3982 goto out_ip6_dst_entries
;
3983 net
->ipv6
.ip6_null_entry
->dst
.path
=
3984 (struct dst_entry
*)net
->ipv6
.ip6_null_entry
;
3985 net
->ipv6
.ip6_null_entry
->dst
.ops
= &net
->ipv6
.ip6_dst_ops
;
3986 dst_init_metrics(&net
->ipv6
.ip6_null_entry
->dst
,
3987 ip6_template_metrics
, true);
3989 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
3990 net
->ipv6
.fib6_has_custom_rules
= false;
3991 net
->ipv6
.ip6_prohibit_entry
= kmemdup(&ip6_prohibit_entry_template
,
3992 sizeof(*net
->ipv6
.ip6_prohibit_entry
),
3994 if (!net
->ipv6
.ip6_prohibit_entry
)
3995 goto out_ip6_null_entry
;
3996 net
->ipv6
.ip6_prohibit_entry
->dst
.path
=
3997 (struct dst_entry
*)net
->ipv6
.ip6_prohibit_entry
;
3998 net
->ipv6
.ip6_prohibit_entry
->dst
.ops
= &net
->ipv6
.ip6_dst_ops
;
3999 dst_init_metrics(&net
->ipv6
.ip6_prohibit_entry
->dst
,
4000 ip6_template_metrics
, true);
4002 net
->ipv6
.ip6_blk_hole_entry
= kmemdup(&ip6_blk_hole_entry_template
,
4003 sizeof(*net
->ipv6
.ip6_blk_hole_entry
),
4005 if (!net
->ipv6
.ip6_blk_hole_entry
)
4006 goto out_ip6_prohibit_entry
;
4007 net
->ipv6
.ip6_blk_hole_entry
->dst
.path
=
4008 (struct dst_entry
*)net
->ipv6
.ip6_blk_hole_entry
;
4009 net
->ipv6
.ip6_blk_hole_entry
->dst
.ops
= &net
->ipv6
.ip6_dst_ops
;
4010 dst_init_metrics(&net
->ipv6
.ip6_blk_hole_entry
->dst
,
4011 ip6_template_metrics
, true);
4014 net
->ipv6
.sysctl
.flush_delay
= 0;
4015 net
->ipv6
.sysctl
.ip6_rt_max_size
= 4096;
4016 net
->ipv6
.sysctl
.ip6_rt_gc_min_interval
= HZ
/ 2;
4017 net
->ipv6
.sysctl
.ip6_rt_gc_timeout
= 60*HZ
;
4018 net
->ipv6
.sysctl
.ip6_rt_gc_interval
= 30*HZ
;
4019 net
->ipv6
.sysctl
.ip6_rt_gc_elasticity
= 9;
4020 net
->ipv6
.sysctl
.ip6_rt_mtu_expires
= 10*60*HZ
;
4021 net
->ipv6
.sysctl
.ip6_rt_min_advmss
= IPV6_MIN_MTU
- 20 - 40;
4023 net
->ipv6
.ip6_rt_gc_expire
= 30*HZ
;
4029 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
4030 out_ip6_prohibit_entry
:
4031 kfree(net
->ipv6
.ip6_prohibit_entry
);
4033 kfree(net
->ipv6
.ip6_null_entry
);
4035 out_ip6_dst_entries
:
4036 dst_entries_destroy(&net
->ipv6
.ip6_dst_ops
);
4041 static void __net_exit
ip6_route_net_exit(struct net
*net
)
4043 kfree(net
->ipv6
.ip6_null_entry
);
4044 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
4045 kfree(net
->ipv6
.ip6_prohibit_entry
);
4046 kfree(net
->ipv6
.ip6_blk_hole_entry
);
4048 dst_entries_destroy(&net
->ipv6
.ip6_dst_ops
);
4051 static int __net_init
ip6_route_net_init_late(struct net
*net
)
4053 #ifdef CONFIG_PROC_FS
4054 proc_create("ipv6_route", 0, net
->proc_net
, &ipv6_route_proc_fops
);
4055 proc_create("rt6_stats", S_IRUGO
, net
->proc_net
, &rt6_stats_seq_fops
);
4060 static void __net_exit
ip6_route_net_exit_late(struct net
*net
)
4062 #ifdef CONFIG_PROC_FS
4063 remove_proc_entry("ipv6_route", net
->proc_net
);
4064 remove_proc_entry("rt6_stats", net
->proc_net
);
4068 static struct pernet_operations ip6_route_net_ops
= {
4069 .init
= ip6_route_net_init
,
4070 .exit
= ip6_route_net_exit
,
4073 static int __net_init
ipv6_inetpeer_init(struct net
*net
)
4075 struct inet_peer_base
*bp
= kmalloc(sizeof(*bp
), GFP_KERNEL
);
4079 inet_peer_base_init(bp
);
4080 net
->ipv6
.peers
= bp
;
4084 static void __net_exit
ipv6_inetpeer_exit(struct net
*net
)
4086 struct inet_peer_base
*bp
= net
->ipv6
.peers
;
4088 net
->ipv6
.peers
= NULL
;
4089 inetpeer_invalidate_tree(bp
);
4093 static struct pernet_operations ipv6_inetpeer_ops
= {
4094 .init
= ipv6_inetpeer_init
,
4095 .exit
= ipv6_inetpeer_exit
,
4098 static struct pernet_operations ip6_route_net_late_ops
= {
4099 .init
= ip6_route_net_init_late
,
4100 .exit
= ip6_route_net_exit_late
,
4103 static struct notifier_block ip6_route_dev_notifier
= {
4104 .notifier_call
= ip6_route_dev_notify
,
4105 .priority
= ADDRCONF_NOTIFY_PRIORITY
- 10,
4108 void __init
ip6_route_init_special_entries(void)
4110 /* Registering of the loopback is done before this portion of code,
4111 * the loopback reference in rt6_info will not be taken, do it
4112 * manually for init_net */
4113 init_net
.ipv6
.ip6_null_entry
->dst
.dev
= init_net
.loopback_dev
;
4114 init_net
.ipv6
.ip6_null_entry
->rt6i_idev
= in6_dev_get(init_net
.loopback_dev
);
4115 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
4116 init_net
.ipv6
.ip6_prohibit_entry
->dst
.dev
= init_net
.loopback_dev
;
4117 init_net
.ipv6
.ip6_prohibit_entry
->rt6i_idev
= in6_dev_get(init_net
.loopback_dev
);
4118 init_net
.ipv6
.ip6_blk_hole_entry
->dst
.dev
= init_net
.loopback_dev
;
4119 init_net
.ipv6
.ip6_blk_hole_entry
->rt6i_idev
= in6_dev_get(init_net
.loopback_dev
);
4123 int __init
ip6_route_init(void)
4129 ip6_dst_ops_template
.kmem_cachep
=
4130 kmem_cache_create("ip6_dst_cache", sizeof(struct rt6_info
), 0,
4131 SLAB_HWCACHE_ALIGN
, NULL
);
4132 if (!ip6_dst_ops_template
.kmem_cachep
)
4135 ret
= dst_entries_init(&ip6_dst_blackhole_ops
);
4137 goto out_kmem_cache
;
4139 ret
= register_pernet_subsys(&ipv6_inetpeer_ops
);
4141 goto out_dst_entries
;
4143 ret
= register_pernet_subsys(&ip6_route_net_ops
);
4145 goto out_register_inetpeer
;
4147 ip6_dst_blackhole_ops
.kmem_cachep
= ip6_dst_ops_template
.kmem_cachep
;
4151 goto out_register_subsys
;
4157 ret
= fib6_rules_init();
4161 ret
= register_pernet_subsys(&ip6_route_net_late_ops
);
4163 goto fib6_rules_init
;
4166 if (__rtnl_register(PF_INET6
, RTM_NEWROUTE
, inet6_rtm_newroute
, NULL
, 0) ||
4167 __rtnl_register(PF_INET6
, RTM_DELROUTE
, inet6_rtm_delroute
, NULL
, 0) ||
4168 __rtnl_register(PF_INET6
, RTM_GETROUTE
, inet6_rtm_getroute
, NULL
,
4169 RTNL_FLAG_DOIT_UNLOCKED
))
4170 goto out_register_late_subsys
;
4172 ret
= register_netdevice_notifier(&ip6_route_dev_notifier
);
4174 goto out_register_late_subsys
;
4176 for_each_possible_cpu(cpu
) {
4177 struct uncached_list
*ul
= per_cpu_ptr(&rt6_uncached_list
, cpu
);
4179 INIT_LIST_HEAD(&ul
->head
);
4180 spin_lock_init(&ul
->lock
);
4186 out_register_late_subsys
:
4187 unregister_pernet_subsys(&ip6_route_net_late_ops
);
4189 fib6_rules_cleanup();
4194 out_register_subsys
:
4195 unregister_pernet_subsys(&ip6_route_net_ops
);
4196 out_register_inetpeer
:
4197 unregister_pernet_subsys(&ipv6_inetpeer_ops
);
4199 dst_entries_destroy(&ip6_dst_blackhole_ops
);
4201 kmem_cache_destroy(ip6_dst_ops_template
.kmem_cachep
);
4205 void ip6_route_cleanup(void)
4207 unregister_netdevice_notifier(&ip6_route_dev_notifier
);
4208 unregister_pernet_subsys(&ip6_route_net_late_ops
);
4209 fib6_rules_cleanup();
4212 unregister_pernet_subsys(&ipv6_inetpeer_ops
);
4213 unregister_pernet_subsys(&ip6_route_net_ops
);
4214 dst_entries_destroy(&ip6_dst_blackhole_ops
);
4215 kmem_cache_destroy(ip6_dst_ops_template
.kmem_cachep
);