2 * Linux INET6 implementation
6 * Pedro Roque <roque@di.fc.ul.pt>
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public License
10 * as published by the Free Software Foundation; either version
11 * 2 of the License, or (at your option) any later version.
16 * YOSHIFUJI Hideaki @USAGI
17 * reworked default router selection.
18 * - respect outgoing interface
19 * - select from (probably) reachable routers (i.e.
20 * routers in REACHABLE, STALE, DELAY or PROBE states).
21 * - always select the same router if it is (probably)
22 * reachable. otherwise, round-robin the list.
24 * Fixed routing subtrees.
27 #define pr_fmt(fmt) "IPv6: " fmt
29 #include <linux/capability.h>
30 #include <linux/errno.h>
31 #include <linux/export.h>
32 #include <linux/types.h>
33 #include <linux/times.h>
34 #include <linux/socket.h>
35 #include <linux/sockios.h>
36 #include <linux/net.h>
37 #include <linux/route.h>
38 #include <linux/netdevice.h>
39 #include <linux/in6.h>
40 #include <linux/mroute6.h>
41 #include <linux/init.h>
42 #include <linux/if_arp.h>
43 #include <linux/proc_fs.h>
44 #include <linux/seq_file.h>
45 #include <linux/nsproxy.h>
46 #include <linux/slab.h>
47 #include <net/net_namespace.h>
50 #include <net/ip6_fib.h>
51 #include <net/ip6_route.h>
52 #include <net/ndisc.h>
53 #include <net/addrconf.h>
55 #include <linux/rtnetlink.h>
57 #include <net/dst_metadata.h>
59 #include <net/netevent.h>
60 #include <net/netlink.h>
61 #include <net/nexthop.h>
62 #include <net/lwtunnel.h>
63 #include <net/ip_tunnels.h>
65 #include <asm/uaccess.h>
68 #include <linux/sysctl.h>
72 RT6_NUD_FAIL_HARD = -3,
73 RT6_NUD_FAIL_PROBE = -2,
74 RT6_NUD_FAIL_DO_RR = -1,
78 static void ip6_rt_copy_init(struct rt6_info *rt, struct rt6_info *ort);
79 static struct dst_entry *ip6_dst_check(struct dst_entry *dst, u32 cookie);
80 static unsigned int ip6_default_advmss(const struct dst_entry *dst);
81 static unsigned int ip6_mtu(const struct dst_entry *dst);
82 static struct dst_entry *ip6_negative_advice(struct dst_entry *);
83 static void ip6_dst_destroy(struct dst_entry *);
84 static void ip6_dst_ifdown(struct dst_entry *,
85 struct net_device *dev, int how);
86 static int ip6_dst_gc(struct dst_ops *ops);
88 static int ip6_pkt_discard(struct sk_buff *skb);
89 static int ip6_pkt_discard_out(struct sock *sk, struct sk_buff *skb);
90 static int ip6_pkt_prohibit(struct sk_buff *skb);
91 static int ip6_pkt_prohibit_out(struct sock *sk, struct sk_buff *skb);
92 static void ip6_link_failure(struct sk_buff *skb);
93 static void ip6_rt_update_pmtu(struct dst_entry *dst, struct sock *sk,
94 struct sk_buff *skb, u32 mtu);
95 static void rt6_do_redirect(struct dst_entry *dst, struct sock *sk,
97 static void rt6_dst_from_metrics_check(struct rt6_info *rt);
98 static int rt6_score_route(struct rt6_info *rt, int oif, int strict);
100 #ifdef CONFIG_IPV6_ROUTE_INFO
101 static struct rt6_info *rt6_add_route_info(struct net *net,
102 const struct in6_addr *prefix, int prefixlen,
103 const struct in6_addr *gwaddr, int ifindex,
105 static struct rt6_info *rt6_get_route_info(struct net *net,
106 const struct in6_addr *prefix, int prefixlen,
107 const struct in6_addr *gwaddr, int ifindex);
110 struct uncached_list {
112 struct list_head head;
115 static DEFINE_PER_CPU_ALIGNED(struct uncached_list, rt6_uncached_list);
117 static void rt6_uncached_list_add(struct rt6_info *rt)
119 struct uncached_list *ul = raw_cpu_ptr(&rt6_uncached_list);
121 rt->dst.flags |= DST_NOCACHE;
122 rt->rt6i_uncached_list = ul;
124 spin_lock_bh(&ul->lock);
125 list_add_tail(&rt->rt6i_uncached, &ul->head);
126 spin_unlock_bh(&ul->lock);
129 static void rt6_uncached_list_del(struct rt6_info *rt)
131 if (!list_empty(&rt->rt6i_uncached)) {
132 struct uncached_list *ul = rt->rt6i_uncached_list;
134 spin_lock_bh(&ul->lock);
135 list_del(&rt->rt6i_uncached);
136 spin_unlock_bh(&ul->lock);
140 static void rt6_uncached_list_flush_dev(struct net *net, struct net_device *dev)
142 struct net_device *loopback_dev = net->loopback_dev;
145 for_each_possible_cpu(cpu) {
146 struct uncached_list *ul = per_cpu_ptr(&rt6_uncached_list, cpu);
149 spin_lock_bh(&ul->lock);
150 list_for_each_entry(rt, &ul->head, rt6i_uncached) {
151 struct inet6_dev *rt_idev = rt->rt6i_idev;
152 struct net_device *rt_dev = rt->dst.dev;
154 if (rt_idev && (rt_idev->dev == dev || !dev) &&
155 rt_idev->dev != loopback_dev) {
156 rt->rt6i_idev = in6_dev_get(loopback_dev);
157 in6_dev_put(rt_idev);
160 if (rt_dev && (rt_dev == dev || !dev) &&
161 rt_dev != loopback_dev) {
162 rt->dst.dev = loopback_dev;
163 dev_hold(rt->dst.dev);
167 spin_unlock_bh(&ul->lock);
171 static u32 *rt6_pcpu_cow_metrics(struct rt6_info *rt)
173 return dst_metrics_write_ptr(rt->dst.from);
176 static u32 *ipv6_cow_metrics(struct dst_entry *dst, unsigned long old)
178 struct rt6_info *rt = (struct rt6_info *)dst;
180 if (rt->rt6i_flags & RTF_PCPU)
181 return rt6_pcpu_cow_metrics(rt);
182 else if (rt->rt6i_flags & RTF_CACHE)
185 return dst_cow_metrics_generic(dst, old);
188 static inline const void *choose_neigh_daddr(struct rt6_info *rt,
192 struct in6_addr *p = &rt->rt6i_gateway;
194 if (!ipv6_addr_any(p))
195 return (const void *) p;
197 return &ipv6_hdr(skb)->daddr;
201 static struct neighbour *ip6_neigh_lookup(const struct dst_entry *dst,
205 struct rt6_info *rt = (struct rt6_info *) dst;
208 daddr = choose_neigh_daddr(rt, skb, daddr);
209 n = __ipv6_neigh_lookup(dst->dev, daddr);
212 return neigh_create(&nd_tbl, daddr, dst->dev);
215 static struct dst_ops ip6_dst_ops_template = {
219 .check = ip6_dst_check,
220 .default_advmss = ip6_default_advmss,
222 .cow_metrics = ipv6_cow_metrics,
223 .destroy = ip6_dst_destroy,
224 .ifdown = ip6_dst_ifdown,
225 .negative_advice = ip6_negative_advice,
226 .link_failure = ip6_link_failure,
227 .update_pmtu = ip6_rt_update_pmtu,
228 .redirect = rt6_do_redirect,
229 .local_out = __ip6_local_out,
230 .neigh_lookup = ip6_neigh_lookup,
233 static unsigned int ip6_blackhole_mtu(const struct dst_entry *dst)
235 unsigned int mtu = dst_metric_raw(dst, RTAX_MTU);
237 return mtu ? : dst->dev->mtu;
240 static void ip6_rt_blackhole_update_pmtu(struct dst_entry *dst, struct sock *sk,
241 struct sk_buff *skb, u32 mtu)
245 static void ip6_rt_blackhole_redirect(struct dst_entry *dst, struct sock *sk,
250 static u32 *ip6_rt_blackhole_cow_metrics(struct dst_entry *dst,
256 static struct dst_ops ip6_dst_blackhole_ops = {
258 .destroy = ip6_dst_destroy,
259 .check = ip6_dst_check,
260 .mtu = ip6_blackhole_mtu,
261 .default_advmss = ip6_default_advmss,
262 .update_pmtu = ip6_rt_blackhole_update_pmtu,
263 .redirect = ip6_rt_blackhole_redirect,
264 .cow_metrics = ip6_rt_blackhole_cow_metrics,
265 .neigh_lookup = ip6_neigh_lookup,
268 static const u32 ip6_template_metrics[RTAX_MAX] = {
269 [RTAX_HOPLIMIT - 1] = 0,
272 static const struct rt6_info ip6_null_entry_template = {
274 .__refcnt = ATOMIC_INIT(1),
276 .obsolete = DST_OBSOLETE_FORCE_CHK,
277 .error = -ENETUNREACH,
278 .input = ip6_pkt_discard,
279 .output = ip6_pkt_discard_out,
281 .rt6i_flags = (RTF_REJECT | RTF_NONEXTHOP),
282 .rt6i_protocol = RTPROT_KERNEL,
283 .rt6i_metric = ~(u32) 0,
284 .rt6i_ref = ATOMIC_INIT(1),
287 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
289 static const struct rt6_info ip6_prohibit_entry_template = {
291 .__refcnt = ATOMIC_INIT(1),
293 .obsolete = DST_OBSOLETE_FORCE_CHK,
295 .input = ip6_pkt_prohibit,
296 .output = ip6_pkt_prohibit_out,
298 .rt6i_flags = (RTF_REJECT | RTF_NONEXTHOP),
299 .rt6i_protocol = RTPROT_KERNEL,
300 .rt6i_metric = ~(u32) 0,
301 .rt6i_ref = ATOMIC_INIT(1),
304 static const struct rt6_info ip6_blk_hole_entry_template = {
306 .__refcnt = ATOMIC_INIT(1),
308 .obsolete = DST_OBSOLETE_FORCE_CHK,
310 .input = dst_discard,
311 .output = dst_discard_sk,
313 .rt6i_flags = (RTF_REJECT | RTF_NONEXTHOP),
314 .rt6i_protocol = RTPROT_KERNEL,
315 .rt6i_metric = ~(u32) 0,
316 .rt6i_ref = ATOMIC_INIT(1),
321 /* allocate dst with ip6_dst_ops */
322 static struct rt6_info *__ip6_dst_alloc(struct net *net,
323 struct net_device *dev,
325 struct fib6_table *table)
327 struct rt6_info *rt = dst_alloc(&net->ipv6.ip6_dst_ops, dev,
328 0, DST_OBSOLETE_FORCE_CHK, flags);
331 struct dst_entry *dst = &rt->dst;
333 memset(dst + 1, 0, sizeof(*rt) - sizeof(*dst));
334 INIT_LIST_HEAD(&rt->rt6i_siblings);
335 INIT_LIST_HEAD(&rt->rt6i_uncached);
340 static struct rt6_info *ip6_dst_alloc(struct net *net,
341 struct net_device *dev,
343 struct fib6_table *table)
345 struct rt6_info *rt = __ip6_dst_alloc(net, dev, flags, table);
348 rt->rt6i_pcpu = alloc_percpu_gfp(struct rt6_info *, GFP_ATOMIC);
352 for_each_possible_cpu(cpu) {
355 p = per_cpu_ptr(rt->rt6i_pcpu, cpu);
356 /* no one shares rt */
360 dst_destroy((struct dst_entry *)rt);
368 static void ip6_dst_destroy(struct dst_entry *dst)
370 struct rt6_info *rt = (struct rt6_info *)dst;
371 struct dst_entry *from = dst->from;
372 struct inet6_dev *idev;
374 dst_destroy_metrics_generic(dst);
375 free_percpu(rt->rt6i_pcpu);
376 rt6_uncached_list_del(rt);
378 idev = rt->rt6i_idev;
380 rt->rt6i_idev = NULL;
388 static void ip6_dst_ifdown(struct dst_entry *dst, struct net_device *dev,
391 struct rt6_info *rt = (struct rt6_info *)dst;
392 struct inet6_dev *idev = rt->rt6i_idev;
393 struct net_device *loopback_dev =
394 dev_net(dev)->loopback_dev;
396 if (dev != loopback_dev) {
397 if (idev && idev->dev == dev) {
398 struct inet6_dev *loopback_idev =
399 in6_dev_get(loopback_dev);
401 rt->rt6i_idev = loopback_idev;
408 static bool rt6_check_expired(const struct rt6_info *rt)
410 if (rt->rt6i_flags & RTF_EXPIRES) {
411 if (time_after(jiffies, rt->dst.expires))
413 } else if (rt->dst.from) {
414 return rt6_check_expired((struct rt6_info *) rt->dst.from);
419 /* Multipath route selection:
420 * Hash based function using packet header and flowlabel.
421 * Adapted from fib_info_hashfn()
423 static int rt6_info_hash_nhsfn(unsigned int candidate_count,
424 const struct flowi6 *fl6)
426 unsigned int val = fl6->flowi6_proto;
428 val ^= ipv6_addr_hash(&fl6->daddr);
429 val ^= ipv6_addr_hash(&fl6->saddr);
431 /* Work only if this not encapsulated */
432 switch (fl6->flowi6_proto) {
436 val ^= (__force u16)fl6->fl6_sport;
437 val ^= (__force u16)fl6->fl6_dport;
441 val ^= (__force u16)fl6->fl6_icmp_type;
442 val ^= (__force u16)fl6->fl6_icmp_code;
445 /* RFC6438 recommands to use flowlabel */
446 val ^= (__force u32)fl6->flowlabel;
448 /* Perhaps, we need to tune, this function? */
449 val = val ^ (val >> 7) ^ (val >> 12);
450 return val % candidate_count;
453 static struct rt6_info *rt6_multipath_select(struct rt6_info *match,
454 struct flowi6 *fl6, int oif,
457 struct rt6_info *sibling, *next_sibling;
460 route_choosen = rt6_info_hash_nhsfn(match->rt6i_nsiblings + 1, fl6);
461 /* Don't change the route, if route_choosen == 0
462 * (siblings does not include ourself)
465 list_for_each_entry_safe(sibling, next_sibling,
466 &match->rt6i_siblings, rt6i_siblings) {
468 if (route_choosen == 0) {
469 if (rt6_score_route(sibling, oif, strict) < 0)
479 * Route lookup. Any table->tb6_lock is implied.
482 static inline struct rt6_info *rt6_device_match(struct net *net,
484 const struct in6_addr *saddr,
488 struct rt6_info *local = NULL;
489 struct rt6_info *sprt;
491 if (!oif && ipv6_addr_any(saddr))
494 for (sprt = rt; sprt; sprt = sprt->dst.rt6_next) {
495 struct net_device *dev = sprt->dst.dev;
498 if (dev->ifindex == oif)
500 if (dev->flags & IFF_LOOPBACK) {
501 if (!sprt->rt6i_idev ||
502 sprt->rt6i_idev->dev->ifindex != oif) {
503 if (flags & RT6_LOOKUP_F_IFACE && oif)
505 if (local && (!oif ||
506 local->rt6i_idev->dev->ifindex == oif))
512 if (ipv6_chk_addr(net, saddr, dev,
513 flags & RT6_LOOKUP_F_IFACE))
522 if (flags & RT6_LOOKUP_F_IFACE)
523 return net->ipv6.ip6_null_entry;
529 #ifdef CONFIG_IPV6_ROUTER_PREF
530 struct __rt6_probe_work {
531 struct work_struct work;
532 struct in6_addr target;
533 struct net_device *dev;
536 static void rt6_probe_deferred(struct work_struct *w)
538 struct in6_addr mcaddr;
539 struct __rt6_probe_work *work =
540 container_of(w, struct __rt6_probe_work, work);
542 addrconf_addr_solict_mult(&work->target, &mcaddr);
543 ndisc_send_ns(work->dev, NULL, &work->target, &mcaddr, NULL, NULL);
548 static void rt6_probe(struct rt6_info *rt)
550 struct __rt6_probe_work *work;
551 struct neighbour *neigh;
553 * Okay, this does not seem to be appropriate
554 * for now, however, we need to check if it
555 * is really so; aka Router Reachability Probing.
557 * Router Reachability Probe MUST be rate-limited
558 * to no more than one per minute.
560 if (!rt || !(rt->rt6i_flags & RTF_GATEWAY))
563 neigh = __ipv6_neigh_lookup_noref(rt->dst.dev, &rt->rt6i_gateway);
565 if (neigh->nud_state & NUD_VALID)
569 write_lock(&neigh->lock);
570 if (!(neigh->nud_state & NUD_VALID) &&
573 rt->rt6i_idev->cnf.rtr_probe_interval)) {
574 work = kmalloc(sizeof(*work), GFP_ATOMIC);
576 __neigh_set_probe_once(neigh);
578 write_unlock(&neigh->lock);
580 work = kmalloc(sizeof(*work), GFP_ATOMIC);
584 INIT_WORK(&work->work, rt6_probe_deferred);
585 work->target = rt->rt6i_gateway;
586 dev_hold(rt->dst.dev);
587 work->dev = rt->dst.dev;
588 schedule_work(&work->work);
592 rcu_read_unlock_bh();
595 static inline void rt6_probe(struct rt6_info *rt)
601 * Default Router Selection (RFC 2461 6.3.6)
603 static inline int rt6_check_dev(struct rt6_info *rt, int oif)
605 struct net_device *dev = rt->dst.dev;
606 if (!oif || dev->ifindex == oif)
608 if ((dev->flags & IFF_LOOPBACK) &&
609 rt->rt6i_idev && rt->rt6i_idev->dev->ifindex == oif)
614 static inline enum rt6_nud_state rt6_check_neigh(struct rt6_info *rt)
616 struct neighbour *neigh;
617 enum rt6_nud_state ret = RT6_NUD_FAIL_HARD;
619 if (rt->rt6i_flags & RTF_NONEXTHOP ||
620 !(rt->rt6i_flags & RTF_GATEWAY))
621 return RT6_NUD_SUCCEED;
624 neigh = __ipv6_neigh_lookup_noref(rt->dst.dev, &rt->rt6i_gateway);
626 read_lock(&neigh->lock);
627 if (neigh->nud_state & NUD_VALID)
628 ret = RT6_NUD_SUCCEED;
629 #ifdef CONFIG_IPV6_ROUTER_PREF
630 else if (!(neigh->nud_state & NUD_FAILED))
631 ret = RT6_NUD_SUCCEED;
633 ret = RT6_NUD_FAIL_PROBE;
635 read_unlock(&neigh->lock);
637 ret = IS_ENABLED(CONFIG_IPV6_ROUTER_PREF) ?
638 RT6_NUD_SUCCEED : RT6_NUD_FAIL_DO_RR;
640 rcu_read_unlock_bh();
645 static int rt6_score_route(struct rt6_info *rt, int oif,
650 m = rt6_check_dev(rt, oif);
651 if (!m && (strict & RT6_LOOKUP_F_IFACE))
652 return RT6_NUD_FAIL_HARD;
653 #ifdef CONFIG_IPV6_ROUTER_PREF
654 m |= IPV6_DECODE_PREF(IPV6_EXTRACT_PREF(rt->rt6i_flags)) << 2;
656 if (strict & RT6_LOOKUP_F_REACHABLE) {
657 int n = rt6_check_neigh(rt);
664 static struct rt6_info *find_match(struct rt6_info *rt, int oif, int strict,
665 int *mpri, struct rt6_info *match,
669 bool match_do_rr = false;
670 struct inet6_dev *idev = rt->rt6i_idev;
671 struct net_device *dev = rt->dst.dev;
673 if (dev && !netif_carrier_ok(dev) &&
674 idev->cnf.ignore_routes_with_linkdown)
677 if (rt6_check_expired(rt))
680 m = rt6_score_route(rt, oif, strict);
681 if (m == RT6_NUD_FAIL_DO_RR) {
683 m = 0; /* lowest valid score */
684 } else if (m == RT6_NUD_FAIL_HARD) {
688 if (strict & RT6_LOOKUP_F_REACHABLE)
691 /* note that m can be RT6_NUD_FAIL_PROBE at this point */
693 *do_rr = match_do_rr;
701 static struct rt6_info *find_rr_leaf(struct fib6_node *fn,
702 struct rt6_info *rr_head,
703 u32 metric, int oif, int strict,
706 struct rt6_info *rt, *match, *cont;
711 for (rt = rr_head; rt; rt = rt->dst.rt6_next) {
712 if (rt->rt6i_metric != metric) {
717 match = find_match(rt, oif, strict, &mpri, match, do_rr);
720 for (rt = fn->leaf; rt && rt != rr_head; rt = rt->dst.rt6_next) {
721 if (rt->rt6i_metric != metric) {
726 match = find_match(rt, oif, strict, &mpri, match, do_rr);
732 for (rt = cont; rt; rt = rt->dst.rt6_next)
733 match = find_match(rt, oif, strict, &mpri, match, do_rr);
738 static struct rt6_info *rt6_select(struct fib6_node *fn, int oif, int strict)
740 struct rt6_info *match, *rt0;
746 fn->rr_ptr = rt0 = fn->leaf;
748 match = find_rr_leaf(fn, rt0, rt0->rt6i_metric, oif, strict,
752 struct rt6_info *next = rt0->dst.rt6_next;
754 /* no entries matched; do round-robin */
755 if (!next || next->rt6i_metric != rt0->rt6i_metric)
762 net = dev_net(rt0->dst.dev);
763 return match ? match : net->ipv6.ip6_null_entry;
766 static bool rt6_is_gw_or_nonexthop(const struct rt6_info *rt)
768 return (rt->rt6i_flags & (RTF_NONEXTHOP | RTF_GATEWAY));
771 #ifdef CONFIG_IPV6_ROUTE_INFO
772 int rt6_route_rcv(struct net_device *dev, u8 *opt, int len,
773 const struct in6_addr *gwaddr)
775 struct net *net = dev_net(dev);
776 struct route_info *rinfo = (struct route_info *) opt;
777 struct in6_addr prefix_buf, *prefix;
779 unsigned long lifetime;
782 if (len < sizeof(struct route_info)) {
786 /* Sanity check for prefix_len and length */
787 if (rinfo->length > 3) {
789 } else if (rinfo->prefix_len > 128) {
791 } else if (rinfo->prefix_len > 64) {
792 if (rinfo->length < 2) {
795 } else if (rinfo->prefix_len > 0) {
796 if (rinfo->length < 1) {
801 pref = rinfo->route_pref;
802 if (pref == ICMPV6_ROUTER_PREF_INVALID)
805 lifetime = addrconf_timeout_fixup(ntohl(rinfo->lifetime), HZ);
807 if (rinfo->length == 3)
808 prefix = (struct in6_addr *)rinfo->prefix;
810 /* this function is safe */
811 ipv6_addr_prefix(&prefix_buf,
812 (struct in6_addr *)rinfo->prefix,
814 prefix = &prefix_buf;
817 if (rinfo->prefix_len == 0)
818 rt = rt6_get_dflt_router(gwaddr, dev);
820 rt = rt6_get_route_info(net, prefix, rinfo->prefix_len,
821 gwaddr, dev->ifindex);
823 if (rt && !lifetime) {
829 rt = rt6_add_route_info(net, prefix, rinfo->prefix_len, gwaddr, dev->ifindex,
832 rt->rt6i_flags = RTF_ROUTEINFO |
833 (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
836 if (!addrconf_finite_timeout(lifetime))
837 rt6_clean_expires(rt);
839 rt6_set_expires(rt, jiffies + HZ * lifetime);
847 static struct fib6_node* fib6_backtrack(struct fib6_node *fn,
848 struct in6_addr *saddr)
850 struct fib6_node *pn;
852 if (fn->fn_flags & RTN_TL_ROOT)
855 if (FIB6_SUBTREE(pn) && FIB6_SUBTREE(pn) != fn)
856 fn = fib6_lookup(FIB6_SUBTREE(pn), NULL, saddr);
859 if (fn->fn_flags & RTN_RTINFO)
864 static struct rt6_info *ip6_pol_route_lookup(struct net *net,
865 struct fib6_table *table,
866 struct flowi6 *fl6, int flags)
868 struct fib6_node *fn;
871 read_lock_bh(&table->tb6_lock);
872 fn = fib6_lookup(&table->tb6_root, &fl6->daddr, &fl6->saddr);
875 rt = rt6_device_match(net, rt, &fl6->saddr, fl6->flowi6_oif, flags);
876 if (rt->rt6i_nsiblings && fl6->flowi6_oif == 0)
877 rt = rt6_multipath_select(rt, fl6, fl6->flowi6_oif, flags);
878 if (rt == net->ipv6.ip6_null_entry) {
879 fn = fib6_backtrack(fn, &fl6->saddr);
883 dst_use(&rt->dst, jiffies);
884 read_unlock_bh(&table->tb6_lock);
889 struct dst_entry *ip6_route_lookup(struct net *net, struct flowi6 *fl6,
892 return fib6_rule_lookup(net, fl6, flags, ip6_pol_route_lookup);
894 EXPORT_SYMBOL_GPL(ip6_route_lookup);
896 struct rt6_info *rt6_lookup(struct net *net, const struct in6_addr *daddr,
897 const struct in6_addr *saddr, int oif, int strict)
899 struct flowi6 fl6 = {
903 struct dst_entry *dst;
904 int flags = strict ? RT6_LOOKUP_F_IFACE : 0;
907 memcpy(&fl6.saddr, saddr, sizeof(*saddr));
908 flags |= RT6_LOOKUP_F_HAS_SADDR;
911 dst = fib6_rule_lookup(net, &fl6, flags, ip6_pol_route_lookup);
913 return (struct rt6_info *) dst;
919 EXPORT_SYMBOL(rt6_lookup);
921 /* ip6_ins_rt is called with FREE table->tb6_lock.
922 It takes new route entry, the addition fails by any reason the
923 route is freed. In any case, if caller does not hold it, it may
927 static int __ip6_ins_rt(struct rt6_info *rt, struct nl_info *info,
928 struct mx6_config *mxc)
931 struct fib6_table *table;
933 table = rt->rt6i_table;
934 write_lock_bh(&table->tb6_lock);
935 err = fib6_add(&table->tb6_root, rt, info, mxc);
936 write_unlock_bh(&table->tb6_lock);
941 int ip6_ins_rt(struct rt6_info *rt)
943 struct nl_info info = { .nl_net = dev_net(rt->dst.dev), };
944 struct mx6_config mxc = { .mx = NULL, };
946 return __ip6_ins_rt(rt, &info, &mxc);
949 static struct rt6_info *ip6_rt_cache_alloc(struct rt6_info *ort,
950 const struct in6_addr *daddr,
951 const struct in6_addr *saddr)
959 if (ort->rt6i_flags & (RTF_CACHE | RTF_PCPU))
960 ort = (struct rt6_info *)ort->dst.from;
962 rt = __ip6_dst_alloc(dev_net(ort->dst.dev), ort->dst.dev,
968 ip6_rt_copy_init(rt, ort);
969 rt->rt6i_flags |= RTF_CACHE;
971 rt->dst.flags |= DST_HOST;
972 rt->rt6i_dst.addr = *daddr;
973 rt->rt6i_dst.plen = 128;
975 if (!rt6_is_gw_or_nonexthop(ort)) {
976 if (ort->rt6i_dst.plen != 128 &&
977 ipv6_addr_equal(&ort->rt6i_dst.addr, daddr))
978 rt->rt6i_flags |= RTF_ANYCAST;
979 #ifdef CONFIG_IPV6_SUBTREES
980 if (rt->rt6i_src.plen && saddr) {
981 rt->rt6i_src.addr = *saddr;
982 rt->rt6i_src.plen = 128;
990 static struct rt6_info *ip6_rt_pcpu_alloc(struct rt6_info *rt)
992 struct rt6_info *pcpu_rt;
994 pcpu_rt = __ip6_dst_alloc(dev_net(rt->dst.dev),
995 rt->dst.dev, rt->dst.flags,
1000 ip6_rt_copy_init(pcpu_rt, rt);
1001 pcpu_rt->rt6i_protocol = rt->rt6i_protocol;
1002 pcpu_rt->rt6i_flags |= RTF_PCPU;
1006 /* It should be called with read_lock_bh(&tb6_lock) acquired */
1007 static struct rt6_info *rt6_get_pcpu_route(struct rt6_info *rt)
1009 struct rt6_info *pcpu_rt, *prev, **p;
1011 p = this_cpu_ptr(rt->rt6i_pcpu);
1017 pcpu_rt = ip6_rt_pcpu_alloc(rt);
1019 struct net *net = dev_net(rt->dst.dev);
1021 pcpu_rt = net->ipv6.ip6_null_entry;
1025 prev = cmpxchg(p, NULL, pcpu_rt);
1027 /* If someone did it before us, return prev instead */
1028 dst_destroy(&pcpu_rt->dst);
1033 dst_hold(&pcpu_rt->dst);
1034 rt6_dst_from_metrics_check(pcpu_rt);
1038 static struct rt6_info *ip6_pol_route(struct net *net, struct fib6_table *table, int oif,
1039 struct flowi6 *fl6, int flags)
1041 struct fib6_node *fn, *saved_fn;
1042 struct rt6_info *rt;
1045 strict |= flags & RT6_LOOKUP_F_IFACE;
1046 if (net->ipv6.devconf_all->forwarding == 0)
1047 strict |= RT6_LOOKUP_F_REACHABLE;
1049 read_lock_bh(&table->tb6_lock);
1051 fn = fib6_lookup(&table->tb6_root, &fl6->daddr, &fl6->saddr);
1055 rt = rt6_select(fn, oif, strict);
1056 if (rt->rt6i_nsiblings)
1057 rt = rt6_multipath_select(rt, fl6, oif, strict);
1058 if (rt == net->ipv6.ip6_null_entry) {
1059 fn = fib6_backtrack(fn, &fl6->saddr);
1061 goto redo_rt6_select;
1062 else if (strict & RT6_LOOKUP_F_REACHABLE) {
1063 /* also consider unreachable route */
1064 strict &= ~RT6_LOOKUP_F_REACHABLE;
1066 goto redo_rt6_select;
1071 if (rt == net->ipv6.ip6_null_entry || (rt->rt6i_flags & RTF_CACHE)) {
1072 dst_use(&rt->dst, jiffies);
1073 read_unlock_bh(&table->tb6_lock);
1075 rt6_dst_from_metrics_check(rt);
1077 } else if (unlikely((fl6->flowi6_flags & FLOWI_FLAG_KNOWN_NH) &&
1078 !(rt->rt6i_flags & RTF_GATEWAY))) {
1079 /* Create a RTF_CACHE clone which will not be
1080 * owned by the fib6 tree. It is for the special case where
1081 * the daddr in the skb during the neighbor look-up is different
1082 * from the fl6->daddr used to look-up route here.
1085 struct rt6_info *uncached_rt;
1087 dst_use(&rt->dst, jiffies);
1088 read_unlock_bh(&table->tb6_lock);
1090 uncached_rt = ip6_rt_cache_alloc(rt, &fl6->daddr, NULL);
1091 dst_release(&rt->dst);
1094 rt6_uncached_list_add(uncached_rt);
1096 uncached_rt = net->ipv6.ip6_null_entry;
1098 dst_hold(&uncached_rt->dst);
1102 /* Get a percpu copy */
1104 struct rt6_info *pcpu_rt;
1106 rt->dst.lastuse = jiffies;
1108 pcpu_rt = rt6_get_pcpu_route(rt);
1109 read_unlock_bh(&table->tb6_lock);
1115 static struct rt6_info *ip6_pol_route_input(struct net *net, struct fib6_table *table,
1116 struct flowi6 *fl6, int flags)
1118 return ip6_pol_route(net, table, fl6->flowi6_iif, fl6, flags);
1121 static struct dst_entry *ip6_route_input_lookup(struct net *net,
1122 struct net_device *dev,
1123 struct flowi6 *fl6, int flags)
1125 if (rt6_need_strict(&fl6->daddr) && dev->type != ARPHRD_PIMREG)
1126 flags |= RT6_LOOKUP_F_IFACE;
1128 return fib6_rule_lookup(net, fl6, flags, ip6_pol_route_input);
1131 void ip6_route_input(struct sk_buff *skb)
1133 const struct ipv6hdr *iph = ipv6_hdr(skb);
1134 struct net *net = dev_net(skb->dev);
1135 int flags = RT6_LOOKUP_F_HAS_SADDR;
1136 struct ip_tunnel_info *tun_info;
1137 struct flowi6 fl6 = {
1138 .flowi6_iif = skb->dev->ifindex,
1139 .daddr = iph->daddr,
1140 .saddr = iph->saddr,
1141 .flowlabel = ip6_flowinfo(iph),
1142 .flowi6_mark = skb->mark,
1143 .flowi6_proto = iph->nexthdr,
1146 tun_info = skb_tunnel_info(skb);
1147 if (tun_info && tun_info->mode == IP_TUNNEL_INFO_RX)
1148 fl6.flowi6_tun_key.tun_id = tun_info->key.tun_id;
1150 skb_dst_set(skb, ip6_route_input_lookup(net, skb->dev, &fl6, flags));
1153 static struct rt6_info *ip6_pol_route_output(struct net *net, struct fib6_table *table,
1154 struct flowi6 *fl6, int flags)
1156 return ip6_pol_route(net, table, fl6->flowi6_oif, fl6, flags);
1159 struct dst_entry *ip6_route_output(struct net *net, const struct sock *sk,
1164 fl6->flowi6_iif = LOOPBACK_IFINDEX;
1166 if ((sk && sk->sk_bound_dev_if) || rt6_need_strict(&fl6->daddr))
1167 flags |= RT6_LOOKUP_F_IFACE;
1169 if (!ipv6_addr_any(&fl6->saddr))
1170 flags |= RT6_LOOKUP_F_HAS_SADDR;
1172 flags |= rt6_srcprefs2flags(inet6_sk(sk)->srcprefs);
1174 return fib6_rule_lookup(net, fl6, flags, ip6_pol_route_output);
1176 EXPORT_SYMBOL(ip6_route_output);
1178 struct dst_entry *ip6_blackhole_route(struct net *net, struct dst_entry *dst_orig)
1180 struct rt6_info *rt, *ort = (struct rt6_info *) dst_orig;
1181 struct dst_entry *new = NULL;
1183 rt = dst_alloc(&ip6_dst_blackhole_ops, ort->dst.dev, 1, DST_OBSOLETE_NONE, 0);
1187 memset(new + 1, 0, sizeof(*rt) - sizeof(*new));
1190 new->input = dst_discard;
1191 new->output = dst_discard_sk;
1193 if (dst_metrics_read_only(&ort->dst))
1194 new->_metrics = ort->dst._metrics;
1196 dst_copy_metrics(new, &ort->dst);
1197 rt->rt6i_idev = ort->rt6i_idev;
1199 in6_dev_hold(rt->rt6i_idev);
1201 rt->rt6i_gateway = ort->rt6i_gateway;
1202 rt->rt6i_flags = ort->rt6i_flags;
1203 rt->rt6i_metric = 0;
1205 memcpy(&rt->rt6i_dst, &ort->rt6i_dst, sizeof(struct rt6key));
1206 #ifdef CONFIG_IPV6_SUBTREES
1207 memcpy(&rt->rt6i_src, &ort->rt6i_src, sizeof(struct rt6key));
1213 dst_release(dst_orig);
1214 return new ? new : ERR_PTR(-ENOMEM);
1218 * Destination cache support functions
1221 static void rt6_dst_from_metrics_check(struct rt6_info *rt)
1224 dst_metrics_ptr(&rt->dst) != dst_metrics_ptr(rt->dst.from))
1225 dst_init_metrics(&rt->dst, dst_metrics_ptr(rt->dst.from), true);
1228 static struct dst_entry *rt6_check(struct rt6_info *rt, u32 cookie)
1230 if (!rt->rt6i_node || (rt->rt6i_node->fn_sernum != cookie))
1233 if (rt6_check_expired(rt))
1239 static struct dst_entry *rt6_dst_from_check(struct rt6_info *rt, u32 cookie)
1241 if (rt->dst.obsolete == DST_OBSOLETE_FORCE_CHK &&
1242 rt6_check((struct rt6_info *)(rt->dst.from), cookie))
1248 static struct dst_entry *ip6_dst_check(struct dst_entry *dst, u32 cookie)
1250 struct rt6_info *rt;
1252 rt = (struct rt6_info *) dst;
1254 /* All IPV6 dsts are created with ->obsolete set to the value
1255 * DST_OBSOLETE_FORCE_CHK which forces validation calls down
1256 * into this function always.
1259 rt6_dst_from_metrics_check(rt);
1261 if ((rt->rt6i_flags & RTF_PCPU) || unlikely(dst->flags & DST_NOCACHE))
1262 return rt6_dst_from_check(rt, cookie);
1264 return rt6_check(rt, cookie);
1267 static struct dst_entry *ip6_negative_advice(struct dst_entry *dst)
1269 struct rt6_info *rt = (struct rt6_info *) dst;
1272 if (rt->rt6i_flags & RTF_CACHE) {
1273 if (rt6_check_expired(rt)) {
1285 static void ip6_link_failure(struct sk_buff *skb)
1287 struct rt6_info *rt;
1289 icmpv6_send(skb, ICMPV6_DEST_UNREACH, ICMPV6_ADDR_UNREACH, 0);
1291 rt = (struct rt6_info *) skb_dst(skb);
1293 if (rt->rt6i_flags & RTF_CACHE) {
1297 } else if (rt->rt6i_node && (rt->rt6i_flags & RTF_DEFAULT)) {
1298 rt->rt6i_node->fn_sernum = -1;
1303 static void rt6_do_update_pmtu(struct rt6_info *rt, u32 mtu)
1305 struct net *net = dev_net(rt->dst.dev);
1307 rt->rt6i_flags |= RTF_MODIFIED;
1308 rt->rt6i_pmtu = mtu;
1309 rt6_update_expires(rt, net->ipv6.sysctl.ip6_rt_mtu_expires);
1312 static void __ip6_rt_update_pmtu(struct dst_entry *dst, const struct sock *sk,
1313 const struct ipv6hdr *iph, u32 mtu)
1315 struct rt6_info *rt6 = (struct rt6_info *)dst;
1317 if (rt6->rt6i_flags & RTF_LOCAL)
1321 mtu = max_t(u32, mtu, IPV6_MIN_MTU);
1322 if (mtu >= dst_mtu(dst))
1325 if (rt6->rt6i_flags & RTF_CACHE) {
1326 rt6_do_update_pmtu(rt6, mtu);
1328 const struct in6_addr *daddr, *saddr;
1329 struct rt6_info *nrt6;
1332 daddr = &iph->daddr;
1333 saddr = &iph->saddr;
1335 daddr = &sk->sk_v6_daddr;
1336 saddr = &inet6_sk(sk)->saddr;
1340 nrt6 = ip6_rt_cache_alloc(rt6, daddr, saddr);
1342 rt6_do_update_pmtu(nrt6, mtu);
1344 /* ip6_ins_rt(nrt6) will bump the
1345 * rt6->rt6i_node->fn_sernum
1346 * which will fail the next rt6_check() and
1347 * invalidate the sk->sk_dst_cache.
1354 static void ip6_rt_update_pmtu(struct dst_entry *dst, struct sock *sk,
1355 struct sk_buff *skb, u32 mtu)
1357 __ip6_rt_update_pmtu(dst, sk, skb ? ipv6_hdr(skb) : NULL, mtu);
1360 void ip6_update_pmtu(struct sk_buff *skb, struct net *net, __be32 mtu,
1363 const struct ipv6hdr *iph = (struct ipv6hdr *) skb->data;
1364 struct dst_entry *dst;
1367 memset(&fl6, 0, sizeof(fl6));
1368 fl6.flowi6_oif = oif;
1369 fl6.flowi6_mark = mark ? mark : IP6_REPLY_MARK(net, skb->mark);
1370 fl6.daddr = iph->daddr;
1371 fl6.saddr = iph->saddr;
1372 fl6.flowlabel = ip6_flowinfo(iph);
1374 dst = ip6_route_output(net, NULL, &fl6);
1376 __ip6_rt_update_pmtu(dst, NULL, iph, ntohl(mtu));
1379 EXPORT_SYMBOL_GPL(ip6_update_pmtu);
1381 void ip6_sk_update_pmtu(struct sk_buff *skb, struct sock *sk, __be32 mtu)
1383 ip6_update_pmtu(skb, sock_net(sk), mtu,
1384 sk->sk_bound_dev_if, sk->sk_mark);
1386 EXPORT_SYMBOL_GPL(ip6_sk_update_pmtu);
1388 /* Handle redirects */
1389 struct ip6rd_flowi {
1391 struct in6_addr gateway;
1394 static struct rt6_info *__ip6_route_redirect(struct net *net,
1395 struct fib6_table *table,
1399 struct ip6rd_flowi *rdfl = (struct ip6rd_flowi *)fl6;
1400 struct rt6_info *rt;
1401 struct fib6_node *fn;
1403 /* Get the "current" route for this destination and
1404 * check if the redirect has come from approriate router.
1406 * RFC 4861 specifies that redirects should only be
1407 * accepted if they come from the nexthop to the target.
1408 * Due to the way the routes are chosen, this notion
1409 * is a bit fuzzy and one might need to check all possible
1413 read_lock_bh(&table->tb6_lock);
1414 fn = fib6_lookup(&table->tb6_root, &fl6->daddr, &fl6->saddr);
1416 for (rt = fn->leaf; rt; rt = rt->dst.rt6_next) {
1417 if (rt6_check_expired(rt))
1421 if (!(rt->rt6i_flags & RTF_GATEWAY))
1423 if (fl6->flowi6_oif != rt->dst.dev->ifindex)
1425 if (!ipv6_addr_equal(&rdfl->gateway, &rt->rt6i_gateway))
1431 rt = net->ipv6.ip6_null_entry;
1432 else if (rt->dst.error) {
1433 rt = net->ipv6.ip6_null_entry;
1437 if (rt == net->ipv6.ip6_null_entry) {
1438 fn = fib6_backtrack(fn, &fl6->saddr);
1446 read_unlock_bh(&table->tb6_lock);
1451 static struct dst_entry *ip6_route_redirect(struct net *net,
1452 const struct flowi6 *fl6,
1453 const struct in6_addr *gateway)
1455 int flags = RT6_LOOKUP_F_HAS_SADDR;
1456 struct ip6rd_flowi rdfl;
1459 rdfl.gateway = *gateway;
1461 return fib6_rule_lookup(net, &rdfl.fl6,
1462 flags, __ip6_route_redirect);
1465 void ip6_redirect(struct sk_buff *skb, struct net *net, int oif, u32 mark)
1467 const struct ipv6hdr *iph = (struct ipv6hdr *) skb->data;
1468 struct dst_entry *dst;
1471 memset(&fl6, 0, sizeof(fl6));
1472 fl6.flowi6_iif = LOOPBACK_IFINDEX;
1473 fl6.flowi6_oif = oif;
1474 fl6.flowi6_mark = mark;
1475 fl6.daddr = iph->daddr;
1476 fl6.saddr = iph->saddr;
1477 fl6.flowlabel = ip6_flowinfo(iph);
1479 dst = ip6_route_redirect(net, &fl6, &ipv6_hdr(skb)->saddr);
1480 rt6_do_redirect(dst, NULL, skb);
1483 EXPORT_SYMBOL_GPL(ip6_redirect);
1485 void ip6_redirect_no_header(struct sk_buff *skb, struct net *net, int oif,
1488 const struct ipv6hdr *iph = ipv6_hdr(skb);
1489 const struct rd_msg *msg = (struct rd_msg *)icmp6_hdr(skb);
1490 struct dst_entry *dst;
1493 memset(&fl6, 0, sizeof(fl6));
1494 fl6.flowi6_iif = LOOPBACK_IFINDEX;
1495 fl6.flowi6_oif = oif;
1496 fl6.flowi6_mark = mark;
1497 fl6.daddr = msg->dest;
1498 fl6.saddr = iph->daddr;
1500 dst = ip6_route_redirect(net, &fl6, &iph->saddr);
1501 rt6_do_redirect(dst, NULL, skb);
1505 void ip6_sk_redirect(struct sk_buff *skb, struct sock *sk)
1507 ip6_redirect(skb, sock_net(sk), sk->sk_bound_dev_if, sk->sk_mark);
1509 EXPORT_SYMBOL_GPL(ip6_sk_redirect);
1511 static unsigned int ip6_default_advmss(const struct dst_entry *dst)
1513 struct net_device *dev = dst->dev;
1514 unsigned int mtu = dst_mtu(dst);
1515 struct net *net = dev_net(dev);
1517 mtu -= sizeof(struct ipv6hdr) + sizeof(struct tcphdr);
1519 if (mtu < net->ipv6.sysctl.ip6_rt_min_advmss)
1520 mtu = net->ipv6.sysctl.ip6_rt_min_advmss;
1523 * Maximal non-jumbo IPv6 payload is IPV6_MAXPLEN and
1524 * corresponding MSS is IPV6_MAXPLEN - tcp_header_size.
1525 * IPV6_MAXPLEN is also valid and means: "any MSS,
1526 * rely only on pmtu discovery"
1528 if (mtu > IPV6_MAXPLEN - sizeof(struct tcphdr))
1533 static unsigned int ip6_mtu(const struct dst_entry *dst)
1535 const struct rt6_info *rt = (const struct rt6_info *)dst;
1536 unsigned int mtu = rt->rt6i_pmtu;
1537 struct inet6_dev *idev;
1542 mtu = dst_metric_raw(dst, RTAX_MTU);
1549 idev = __in6_dev_get(dst->dev);
1551 mtu = idev->cnf.mtu6;
1555 return min_t(unsigned int, mtu, IP6_MAX_MTU);
1558 static struct dst_entry *icmp6_dst_gc_list;
1559 static DEFINE_SPINLOCK(icmp6_dst_lock);
1561 struct dst_entry *icmp6_dst_alloc(struct net_device *dev,
1564 struct dst_entry *dst;
1565 struct rt6_info *rt;
1566 struct inet6_dev *idev = in6_dev_get(dev);
1567 struct net *net = dev_net(dev);
1569 if (unlikely(!idev))
1570 return ERR_PTR(-ENODEV);
1572 rt = ip6_dst_alloc(net, dev, 0, NULL);
1573 if (unlikely(!rt)) {
1575 dst = ERR_PTR(-ENOMEM);
1579 rt->dst.flags |= DST_HOST;
1580 rt->dst.output = ip6_output;
1581 atomic_set(&rt->dst.__refcnt, 1);
1582 rt->rt6i_gateway = fl6->daddr;
1583 rt->rt6i_dst.addr = fl6->daddr;
1584 rt->rt6i_dst.plen = 128;
1585 rt->rt6i_idev = idev;
1586 dst_metric_set(&rt->dst, RTAX_HOPLIMIT, 0);
1588 spin_lock_bh(&icmp6_dst_lock);
1589 rt->dst.next = icmp6_dst_gc_list;
1590 icmp6_dst_gc_list = &rt->dst;
1591 spin_unlock_bh(&icmp6_dst_lock);
1593 fib6_force_start_gc(net);
1595 dst = xfrm_lookup(net, &rt->dst, flowi6_to_flowi(fl6), NULL, 0);
1601 int icmp6_dst_gc(void)
1603 struct dst_entry *dst, **pprev;
1606 spin_lock_bh(&icmp6_dst_lock);
1607 pprev = &icmp6_dst_gc_list;
1609 while ((dst = *pprev) != NULL) {
1610 if (!atomic_read(&dst->__refcnt)) {
1619 spin_unlock_bh(&icmp6_dst_lock);
1624 static void icmp6_clean_all(int (*func)(struct rt6_info *rt, void *arg),
1627 struct dst_entry *dst, **pprev;
1629 spin_lock_bh(&icmp6_dst_lock);
1630 pprev = &icmp6_dst_gc_list;
1631 while ((dst = *pprev) != NULL) {
1632 struct rt6_info *rt = (struct rt6_info *) dst;
1633 if (func(rt, arg)) {
1640 spin_unlock_bh(&icmp6_dst_lock);
1643 static int ip6_dst_gc(struct dst_ops *ops)
1645 struct net *net = container_of(ops, struct net, ipv6.ip6_dst_ops);
1646 int rt_min_interval = net->ipv6.sysctl.ip6_rt_gc_min_interval;
1647 int rt_max_size = net->ipv6.sysctl.ip6_rt_max_size;
1648 int rt_elasticity = net->ipv6.sysctl.ip6_rt_gc_elasticity;
1649 int rt_gc_timeout = net->ipv6.sysctl.ip6_rt_gc_timeout;
1650 unsigned long rt_last_gc = net->ipv6.ip6_rt_last_gc;
1653 entries = dst_entries_get_fast(ops);
1654 if (time_after(rt_last_gc + rt_min_interval, jiffies) &&
1655 entries <= rt_max_size)
1658 net->ipv6.ip6_rt_gc_expire++;
1659 fib6_run_gc(net->ipv6.ip6_rt_gc_expire, net, true);
1660 entries = dst_entries_get_slow(ops);
1661 if (entries < ops->gc_thresh)
1662 net->ipv6.ip6_rt_gc_expire = rt_gc_timeout>>1;
1664 net->ipv6.ip6_rt_gc_expire -= net->ipv6.ip6_rt_gc_expire>>rt_elasticity;
1665 return entries > rt_max_size;
1668 static int ip6_convert_metrics(struct mx6_config *mxc,
1669 const struct fib6_config *cfg)
1678 mp = kzalloc(sizeof(u32) * RTAX_MAX, GFP_KERNEL);
1682 nla_for_each_attr(nla, cfg->fc_mx, cfg->fc_mx_len, remaining) {
1683 int type = nla_type(nla);
1688 if (unlikely(type > RTAX_MAX))
1690 if (type == RTAX_CC_ALGO) {
1691 char tmp[TCP_CA_NAME_MAX];
1693 nla_strlcpy(tmp, nla, sizeof(tmp));
1694 val = tcp_ca_get_key_by_name(tmp);
1695 if (val == TCP_CA_UNSPEC)
1698 val = nla_get_u32(nla);
1702 __set_bit(type - 1, mxc->mx_valid);
1714 int ip6_route_add(struct fib6_config *cfg)
1717 struct net *net = cfg->fc_nlinfo.nl_net;
1718 struct rt6_info *rt = NULL;
1719 struct net_device *dev = NULL;
1720 struct inet6_dev *idev = NULL;
1721 struct fib6_table *table;
1722 struct mx6_config mxc = { .mx = NULL, };
1725 if (cfg->fc_dst_len > 128 || cfg->fc_src_len > 128)
1727 #ifndef CONFIG_IPV6_SUBTREES
1728 if (cfg->fc_src_len)
1731 if (cfg->fc_ifindex) {
1733 dev = dev_get_by_index(net, cfg->fc_ifindex);
1736 idev = in6_dev_get(dev);
1741 if (cfg->fc_metric == 0)
1742 cfg->fc_metric = IP6_RT_PRIO_USER;
1745 if (cfg->fc_nlinfo.nlh &&
1746 !(cfg->fc_nlinfo.nlh->nlmsg_flags & NLM_F_CREATE)) {
1747 table = fib6_get_table(net, cfg->fc_table);
1749 pr_warn("NLM_F_CREATE should be specified when creating new route\n");
1750 table = fib6_new_table(net, cfg->fc_table);
1753 table = fib6_new_table(net, cfg->fc_table);
1759 rt = ip6_dst_alloc(net, NULL, (cfg->fc_flags & RTF_ADDRCONF) ? 0 : DST_NOCOUNT, table);
1766 if (cfg->fc_flags & RTF_EXPIRES)
1767 rt6_set_expires(rt, jiffies +
1768 clock_t_to_jiffies(cfg->fc_expires));
1770 rt6_clean_expires(rt);
1772 if (cfg->fc_protocol == RTPROT_UNSPEC)
1773 cfg->fc_protocol = RTPROT_BOOT;
1774 rt->rt6i_protocol = cfg->fc_protocol;
1776 addr_type = ipv6_addr_type(&cfg->fc_dst);
1778 if (addr_type & IPV6_ADDR_MULTICAST)
1779 rt->dst.input = ip6_mc_input;
1780 else if (cfg->fc_flags & RTF_LOCAL)
1781 rt->dst.input = ip6_input;
1783 rt->dst.input = ip6_forward;
1785 rt->dst.output = ip6_output;
1787 if (cfg->fc_encap) {
1788 struct lwtunnel_state *lwtstate;
1790 err = lwtunnel_build_state(dev, cfg->fc_encap_type,
1791 cfg->fc_encap, &lwtstate);
1794 rt->dst.lwtstate = lwtstate_get(lwtstate);
1795 if (lwtunnel_output_redirect(rt->dst.lwtstate)) {
1796 rt->dst.lwtstate->orig_output = rt->dst.output;
1797 rt->dst.output = lwtunnel_output;
1799 if (lwtunnel_input_redirect(rt->dst.lwtstate)) {
1800 rt->dst.lwtstate->orig_input = rt->dst.input;
1801 rt->dst.input = lwtunnel_input;
1805 ipv6_addr_prefix(&rt->rt6i_dst.addr, &cfg->fc_dst, cfg->fc_dst_len);
1806 rt->rt6i_dst.plen = cfg->fc_dst_len;
1807 if (rt->rt6i_dst.plen == 128)
1808 rt->dst.flags |= DST_HOST;
1810 #ifdef CONFIG_IPV6_SUBTREES
1811 ipv6_addr_prefix(&rt->rt6i_src.addr, &cfg->fc_src, cfg->fc_src_len);
1812 rt->rt6i_src.plen = cfg->fc_src_len;
1815 rt->rt6i_metric = cfg->fc_metric;
1817 /* We cannot add true routes via loopback here,
1818 they would result in kernel looping; promote them to reject routes
1820 if ((cfg->fc_flags & RTF_REJECT) ||
1821 (dev && (dev->flags & IFF_LOOPBACK) &&
1822 !(addr_type & IPV6_ADDR_LOOPBACK) &&
1823 !(cfg->fc_flags & RTF_LOCAL))) {
1824 /* hold loopback dev/idev if we haven't done so. */
1825 if (dev != net->loopback_dev) {
1830 dev = net->loopback_dev;
1832 idev = in6_dev_get(dev);
1838 rt->rt6i_flags = RTF_REJECT|RTF_NONEXTHOP;
1839 switch (cfg->fc_type) {
1841 rt->dst.error = -EINVAL;
1842 rt->dst.output = dst_discard_sk;
1843 rt->dst.input = dst_discard;
1846 rt->dst.error = -EACCES;
1847 rt->dst.output = ip6_pkt_prohibit_out;
1848 rt->dst.input = ip6_pkt_prohibit;
1852 rt->dst.error = (cfg->fc_type == RTN_THROW) ? -EAGAIN
1854 rt->dst.output = ip6_pkt_discard_out;
1855 rt->dst.input = ip6_pkt_discard;
1861 if (cfg->fc_flags & RTF_GATEWAY) {
1862 const struct in6_addr *gw_addr;
1865 gw_addr = &cfg->fc_gateway;
1866 gwa_type = ipv6_addr_type(gw_addr);
1868 /* if gw_addr is local we will fail to detect this in case
1869 * address is still TENTATIVE (DAD in progress). rt6_lookup()
1870 * will return already-added prefix route via interface that
1871 * prefix route was assigned to, which might be non-loopback.
1874 if (ipv6_chk_addr_and_flags(net, gw_addr,
1875 gwa_type & IPV6_ADDR_LINKLOCAL ?
1879 rt->rt6i_gateway = *gw_addr;
1881 if (gwa_type != (IPV6_ADDR_LINKLOCAL|IPV6_ADDR_UNICAST)) {
1882 struct rt6_info *grt;
1884 /* IPv6 strictly inhibits using not link-local
1885 addresses as nexthop address.
1886 Otherwise, router will not able to send redirects.
1887 It is very good, but in some (rare!) circumstances
1888 (SIT, PtP, NBMA NOARP links) it is handy to allow
1889 some exceptions. --ANK
1891 if (!(gwa_type & IPV6_ADDR_UNICAST))
1894 grt = rt6_lookup(net, gw_addr, NULL, cfg->fc_ifindex, 1);
1896 err = -EHOSTUNREACH;
1900 if (dev != grt->dst.dev) {
1906 idev = grt->rt6i_idev;
1908 in6_dev_hold(grt->rt6i_idev);
1910 if (!(grt->rt6i_flags & RTF_GATEWAY))
1918 if (!dev || (dev->flags & IFF_LOOPBACK))
1926 if (!ipv6_addr_any(&cfg->fc_prefsrc)) {
1927 if (!ipv6_chk_addr(net, &cfg->fc_prefsrc, dev, 0)) {
1931 rt->rt6i_prefsrc.addr = cfg->fc_prefsrc;
1932 rt->rt6i_prefsrc.plen = 128;
1934 rt->rt6i_prefsrc.plen = 0;
1936 rt->rt6i_flags = cfg->fc_flags;
1940 rt->rt6i_idev = idev;
1941 rt->rt6i_table = table;
1943 cfg->fc_nlinfo.nl_net = dev_net(dev);
1945 err = ip6_convert_metrics(&mxc, cfg);
1949 err = __ip6_ins_rt(rt, &cfg->fc_nlinfo, &mxc);
1963 static int __ip6_del_rt(struct rt6_info *rt, struct nl_info *info)
1966 struct fib6_table *table;
1967 struct net *net = dev_net(rt->dst.dev);
1969 if (rt == net->ipv6.ip6_null_entry) {
1974 table = rt->rt6i_table;
1975 write_lock_bh(&table->tb6_lock);
1976 err = fib6_del(rt, info);
1977 write_unlock_bh(&table->tb6_lock);
1984 int ip6_del_rt(struct rt6_info *rt)
1986 struct nl_info info = {
1987 .nl_net = dev_net(rt->dst.dev),
1989 return __ip6_del_rt(rt, &info);
1992 static int ip6_route_del(struct fib6_config *cfg)
1994 struct fib6_table *table;
1995 struct fib6_node *fn;
1996 struct rt6_info *rt;
1999 table = fib6_get_table(cfg->fc_nlinfo.nl_net, cfg->fc_table);
2003 read_lock_bh(&table->tb6_lock);
2005 fn = fib6_locate(&table->tb6_root,
2006 &cfg->fc_dst, cfg->fc_dst_len,
2007 &cfg->fc_src, cfg->fc_src_len);
2010 for (rt = fn->leaf; rt; rt = rt->dst.rt6_next) {
2011 if ((rt->rt6i_flags & RTF_CACHE) &&
2012 !(cfg->fc_flags & RTF_CACHE))
2014 if (cfg->fc_ifindex &&
2016 rt->dst.dev->ifindex != cfg->fc_ifindex))
2018 if (cfg->fc_flags & RTF_GATEWAY &&
2019 !ipv6_addr_equal(&cfg->fc_gateway, &rt->rt6i_gateway))
2021 if (cfg->fc_metric && cfg->fc_metric != rt->rt6i_metric)
2024 read_unlock_bh(&table->tb6_lock);
2026 return __ip6_del_rt(rt, &cfg->fc_nlinfo);
2029 read_unlock_bh(&table->tb6_lock);
2034 static void rt6_do_redirect(struct dst_entry *dst, struct sock *sk, struct sk_buff *skb)
2036 struct net *net = dev_net(skb->dev);
2037 struct netevent_redirect netevent;
2038 struct rt6_info *rt, *nrt = NULL;
2039 struct ndisc_options ndopts;
2040 struct inet6_dev *in6_dev;
2041 struct neighbour *neigh;
2043 int optlen, on_link;
2046 optlen = skb_tail_pointer(skb) - skb_transport_header(skb);
2047 optlen -= sizeof(*msg);
2050 net_dbg_ratelimited("rt6_do_redirect: packet too short\n");
2054 msg = (struct rd_msg *)icmp6_hdr(skb);
2056 if (ipv6_addr_is_multicast(&msg->dest)) {
2057 net_dbg_ratelimited("rt6_do_redirect: destination address is multicast\n");
2062 if (ipv6_addr_equal(&msg->dest, &msg->target)) {
2064 } else if (ipv6_addr_type(&msg->target) !=
2065 (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
2066 net_dbg_ratelimited("rt6_do_redirect: target address is not link-local unicast\n");
2070 in6_dev = __in6_dev_get(skb->dev);
2073 if (in6_dev->cnf.forwarding || !in6_dev->cnf.accept_redirects)
2077 * The IP source address of the Redirect MUST be the same as the current
2078 * first-hop router for the specified ICMP Destination Address.
2081 if (!ndisc_parse_options(msg->opt, optlen, &ndopts)) {
2082 net_dbg_ratelimited("rt6_redirect: invalid ND options\n");
2087 if (ndopts.nd_opts_tgt_lladdr) {
2088 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr,
2091 net_dbg_ratelimited("rt6_redirect: invalid link-layer address length\n");
2096 rt = (struct rt6_info *) dst;
2097 if (rt == net->ipv6.ip6_null_entry) {
2098 net_dbg_ratelimited("rt6_redirect: source isn't a valid nexthop for redirect target\n");
2102 /* Redirect received -> path was valid.
2103 * Look, redirects are sent only in response to data packets,
2104 * so that this nexthop apparently is reachable. --ANK
2106 dst_confirm(&rt->dst);
2108 neigh = __neigh_lookup(&nd_tbl, &msg->target, skb->dev, 1);
2113 * We have finally decided to accept it.
2116 neigh_update(neigh, lladdr, NUD_STALE,
2117 NEIGH_UPDATE_F_WEAK_OVERRIDE|
2118 NEIGH_UPDATE_F_OVERRIDE|
2119 (on_link ? 0 : (NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
2120 NEIGH_UPDATE_F_ISROUTER))
2123 nrt = ip6_rt_cache_alloc(rt, &msg->dest, NULL);
2127 nrt->rt6i_flags = RTF_GATEWAY|RTF_UP|RTF_DYNAMIC|RTF_CACHE;
2129 nrt->rt6i_flags &= ~RTF_GATEWAY;
2131 nrt->rt6i_gateway = *(struct in6_addr *)neigh->primary_key;
2133 if (ip6_ins_rt(nrt))
2136 netevent.old = &rt->dst;
2137 netevent.new = &nrt->dst;
2138 netevent.daddr = &msg->dest;
2139 netevent.neigh = neigh;
2140 call_netevent_notifiers(NETEVENT_REDIRECT, &netevent);
2142 if (rt->rt6i_flags & RTF_CACHE) {
2143 rt = (struct rt6_info *) dst_clone(&rt->dst);
2148 neigh_release(neigh);
2152 * Misc support functions
2155 static void rt6_set_from(struct rt6_info *rt, struct rt6_info *from)
2157 BUG_ON(from->dst.from);
2159 rt->rt6i_flags &= ~RTF_EXPIRES;
2160 dst_hold(&from->dst);
2161 rt->dst.from = &from->dst;
2162 dst_init_metrics(&rt->dst, dst_metrics_ptr(&from->dst), true);
2165 static void ip6_rt_copy_init(struct rt6_info *rt, struct rt6_info *ort)
2167 rt->dst.input = ort->dst.input;
2168 rt->dst.output = ort->dst.output;
2169 rt->rt6i_dst = ort->rt6i_dst;
2170 rt->dst.error = ort->dst.error;
2171 rt->rt6i_idev = ort->rt6i_idev;
2173 in6_dev_hold(rt->rt6i_idev);
2174 rt->dst.lastuse = jiffies;
2175 rt->rt6i_gateway = ort->rt6i_gateway;
2176 rt->rt6i_flags = ort->rt6i_flags;
2177 rt6_set_from(rt, ort);
2178 rt->rt6i_metric = ort->rt6i_metric;
2179 #ifdef CONFIG_IPV6_SUBTREES
2180 rt->rt6i_src = ort->rt6i_src;
2182 rt->rt6i_prefsrc = ort->rt6i_prefsrc;
2183 rt->rt6i_table = ort->rt6i_table;
2184 rt->dst.lwtstate = lwtstate_get(ort->dst.lwtstate);
2187 #ifdef CONFIG_IPV6_ROUTE_INFO
2188 static struct rt6_info *rt6_get_route_info(struct net *net,
2189 const struct in6_addr *prefix, int prefixlen,
2190 const struct in6_addr *gwaddr, int ifindex)
2192 struct fib6_node *fn;
2193 struct rt6_info *rt = NULL;
2194 struct fib6_table *table;
2196 table = fib6_get_table(net, RT6_TABLE_INFO);
2200 read_lock_bh(&table->tb6_lock);
2201 fn = fib6_locate(&table->tb6_root, prefix, prefixlen, NULL, 0);
2205 for (rt = fn->leaf; rt; rt = rt->dst.rt6_next) {
2206 if (rt->dst.dev->ifindex != ifindex)
2208 if ((rt->rt6i_flags & (RTF_ROUTEINFO|RTF_GATEWAY)) != (RTF_ROUTEINFO|RTF_GATEWAY))
2210 if (!ipv6_addr_equal(&rt->rt6i_gateway, gwaddr))
2216 read_unlock_bh(&table->tb6_lock);
2220 static struct rt6_info *rt6_add_route_info(struct net *net,
2221 const struct in6_addr *prefix, int prefixlen,
2222 const struct in6_addr *gwaddr, int ifindex,
2225 struct fib6_config cfg = {
2226 .fc_table = RT6_TABLE_INFO,
2227 .fc_metric = IP6_RT_PRIO_USER,
2228 .fc_ifindex = ifindex,
2229 .fc_dst_len = prefixlen,
2230 .fc_flags = RTF_GATEWAY | RTF_ADDRCONF | RTF_ROUTEINFO |
2231 RTF_UP | RTF_PREF(pref),
2232 .fc_nlinfo.portid = 0,
2233 .fc_nlinfo.nlh = NULL,
2234 .fc_nlinfo.nl_net = net,
2237 cfg.fc_dst = *prefix;
2238 cfg.fc_gateway = *gwaddr;
2240 /* We should treat it as a default route if prefix length is 0. */
2242 cfg.fc_flags |= RTF_DEFAULT;
2244 ip6_route_add(&cfg);
2246 return rt6_get_route_info(net, prefix, prefixlen, gwaddr, ifindex);
2250 struct rt6_info *rt6_get_dflt_router(const struct in6_addr *addr, struct net_device *dev)
2252 struct rt6_info *rt;
2253 struct fib6_table *table;
2255 table = fib6_get_table(dev_net(dev), RT6_TABLE_DFLT);
2259 read_lock_bh(&table->tb6_lock);
2260 for (rt = table->tb6_root.leaf; rt; rt = rt->dst.rt6_next) {
2261 if (dev == rt->dst.dev &&
2262 ((rt->rt6i_flags & (RTF_ADDRCONF | RTF_DEFAULT)) == (RTF_ADDRCONF | RTF_DEFAULT)) &&
2263 ipv6_addr_equal(&rt->rt6i_gateway, addr))
2268 read_unlock_bh(&table->tb6_lock);
2272 struct rt6_info *rt6_add_dflt_router(const struct in6_addr *gwaddr,
2273 struct net_device *dev,
2276 struct fib6_config cfg = {
2277 .fc_table = RT6_TABLE_DFLT,
2278 .fc_metric = IP6_RT_PRIO_USER,
2279 .fc_ifindex = dev->ifindex,
2280 .fc_flags = RTF_GATEWAY | RTF_ADDRCONF | RTF_DEFAULT |
2281 RTF_UP | RTF_EXPIRES | RTF_PREF(pref),
2282 .fc_nlinfo.portid = 0,
2283 .fc_nlinfo.nlh = NULL,
2284 .fc_nlinfo.nl_net = dev_net(dev),
2287 cfg.fc_gateway = *gwaddr;
2289 ip6_route_add(&cfg);
2291 return rt6_get_dflt_router(gwaddr, dev);
2294 void rt6_purge_dflt_routers(struct net *net)
2296 struct rt6_info *rt;
2297 struct fib6_table *table;
2299 /* NOTE: Keep consistent with rt6_get_dflt_router */
2300 table = fib6_get_table(net, RT6_TABLE_DFLT);
2305 read_lock_bh(&table->tb6_lock);
2306 for (rt = table->tb6_root.leaf; rt; rt = rt->dst.rt6_next) {
2307 if (rt->rt6i_flags & (RTF_DEFAULT | RTF_ADDRCONF) &&
2308 (!rt->rt6i_idev || rt->rt6i_idev->cnf.accept_ra != 2)) {
2310 read_unlock_bh(&table->tb6_lock);
2315 read_unlock_bh(&table->tb6_lock);
2318 static void rtmsg_to_fib6_config(struct net *net,
2319 struct in6_rtmsg *rtmsg,
2320 struct fib6_config *cfg)
2322 memset(cfg, 0, sizeof(*cfg));
2324 cfg->fc_table = RT6_TABLE_MAIN;
2325 cfg->fc_ifindex = rtmsg->rtmsg_ifindex;
2326 cfg->fc_metric = rtmsg->rtmsg_metric;
2327 cfg->fc_expires = rtmsg->rtmsg_info;
2328 cfg->fc_dst_len = rtmsg->rtmsg_dst_len;
2329 cfg->fc_src_len = rtmsg->rtmsg_src_len;
2330 cfg->fc_flags = rtmsg->rtmsg_flags;
2332 cfg->fc_nlinfo.nl_net = net;
2334 cfg->fc_dst = rtmsg->rtmsg_dst;
2335 cfg->fc_src = rtmsg->rtmsg_src;
2336 cfg->fc_gateway = rtmsg->rtmsg_gateway;
2339 int ipv6_route_ioctl(struct net *net, unsigned int cmd, void __user *arg)
2341 struct fib6_config cfg;
2342 struct in6_rtmsg rtmsg;
2346 case SIOCADDRT: /* Add a route */
2347 case SIOCDELRT: /* Delete a route */
2348 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
2350 err = copy_from_user(&rtmsg, arg,
2351 sizeof(struct in6_rtmsg));
2355 rtmsg_to_fib6_config(net, &rtmsg, &cfg);
2360 err = ip6_route_add(&cfg);
2363 err = ip6_route_del(&cfg);
2377 * Drop the packet on the floor
2380 static int ip6_pkt_drop(struct sk_buff *skb, u8 code, int ipstats_mib_noroutes)
2383 struct dst_entry *dst = skb_dst(skb);
2384 switch (ipstats_mib_noroutes) {
2385 case IPSTATS_MIB_INNOROUTES:
2386 type = ipv6_addr_type(&ipv6_hdr(skb)->daddr);
2387 if (type == IPV6_ADDR_ANY) {
2388 IP6_INC_STATS(dev_net(dst->dev), ip6_dst_idev(dst),
2389 IPSTATS_MIB_INADDRERRORS);
2393 case IPSTATS_MIB_OUTNOROUTES:
2394 IP6_INC_STATS(dev_net(dst->dev), ip6_dst_idev(dst),
2395 ipstats_mib_noroutes);
2398 icmpv6_send(skb, ICMPV6_DEST_UNREACH, code, 0);
2403 static int ip6_pkt_discard(struct sk_buff *skb)
2405 return ip6_pkt_drop(skb, ICMPV6_NOROUTE, IPSTATS_MIB_INNOROUTES);
2408 static int ip6_pkt_discard_out(struct sock *sk, struct sk_buff *skb)
2410 skb->dev = skb_dst(skb)->dev;
2411 return ip6_pkt_drop(skb, ICMPV6_NOROUTE, IPSTATS_MIB_OUTNOROUTES);
2414 static int ip6_pkt_prohibit(struct sk_buff *skb)
2416 return ip6_pkt_drop(skb, ICMPV6_ADM_PROHIBITED, IPSTATS_MIB_INNOROUTES);
2419 static int ip6_pkt_prohibit_out(struct sock *sk, struct sk_buff *skb)
2421 skb->dev = skb_dst(skb)->dev;
2422 return ip6_pkt_drop(skb, ICMPV6_ADM_PROHIBITED, IPSTATS_MIB_OUTNOROUTES);
2426 * Allocate a dst for local (unicast / anycast) address.
2429 struct rt6_info *addrconf_dst_alloc(struct inet6_dev *idev,
2430 const struct in6_addr *addr,
2433 struct net *net = dev_net(idev->dev);
2434 struct rt6_info *rt = ip6_dst_alloc(net, net->loopback_dev,
2437 return ERR_PTR(-ENOMEM);
2441 rt->dst.flags |= DST_HOST;
2442 rt->dst.input = ip6_input;
2443 rt->dst.output = ip6_output;
2444 rt->rt6i_idev = idev;
2446 rt->rt6i_flags = RTF_UP | RTF_NONEXTHOP;
2448 rt->rt6i_flags |= RTF_ANYCAST;
2450 rt->rt6i_flags |= RTF_LOCAL;
2452 rt->rt6i_gateway = *addr;
2453 rt->rt6i_dst.addr = *addr;
2454 rt->rt6i_dst.plen = 128;
2455 rt->rt6i_table = fib6_get_table(net, RT6_TABLE_LOCAL);
2457 atomic_set(&rt->dst.__refcnt, 1);
2462 int ip6_route_get_saddr(struct net *net,
2463 struct rt6_info *rt,
2464 const struct in6_addr *daddr,
2466 struct in6_addr *saddr)
2468 struct inet6_dev *idev =
2469 rt ? ip6_dst_idev((struct dst_entry *)rt) : NULL;
2471 if (rt && rt->rt6i_prefsrc.plen)
2472 *saddr = rt->rt6i_prefsrc.addr;
2474 err = ipv6_dev_get_saddr(net, idev ? idev->dev : NULL,
2475 daddr, prefs, saddr);
2479 /* remove deleted ip from prefsrc entries */
2480 struct arg_dev_net_ip {
2481 struct net_device *dev;
2483 struct in6_addr *addr;
2486 static int fib6_remove_prefsrc(struct rt6_info *rt, void *arg)
2488 struct net_device *dev = ((struct arg_dev_net_ip *)arg)->dev;
2489 struct net *net = ((struct arg_dev_net_ip *)arg)->net;
2490 struct in6_addr *addr = ((struct arg_dev_net_ip *)arg)->addr;
2492 if (((void *)rt->dst.dev == dev || !dev) &&
2493 rt != net->ipv6.ip6_null_entry &&
2494 ipv6_addr_equal(addr, &rt->rt6i_prefsrc.addr)) {
2495 /* remove prefsrc entry */
2496 rt->rt6i_prefsrc.plen = 0;
2501 void rt6_remove_prefsrc(struct inet6_ifaddr *ifp)
2503 struct net *net = dev_net(ifp->idev->dev);
2504 struct arg_dev_net_ip adni = {
2505 .dev = ifp->idev->dev,
2509 fib6_clean_all(net, fib6_remove_prefsrc, &adni);
2512 #define RTF_RA_ROUTER (RTF_ADDRCONF | RTF_DEFAULT | RTF_GATEWAY)
2513 #define RTF_CACHE_GATEWAY (RTF_GATEWAY | RTF_CACHE)
2515 /* Remove routers and update dst entries when gateway turn into host. */
2516 static int fib6_clean_tohost(struct rt6_info *rt, void *arg)
2518 struct in6_addr *gateway = (struct in6_addr *)arg;
2520 if ((((rt->rt6i_flags & RTF_RA_ROUTER) == RTF_RA_ROUTER) ||
2521 ((rt->rt6i_flags & RTF_CACHE_GATEWAY) == RTF_CACHE_GATEWAY)) &&
2522 ipv6_addr_equal(gateway, &rt->rt6i_gateway)) {
2528 void rt6_clean_tohost(struct net *net, struct in6_addr *gateway)
2530 fib6_clean_all(net, fib6_clean_tohost, gateway);
2533 struct arg_dev_net {
2534 struct net_device *dev;
2538 static int fib6_ifdown(struct rt6_info *rt, void *arg)
2540 const struct arg_dev_net *adn = arg;
2541 const struct net_device *dev = adn->dev;
2543 if ((rt->dst.dev == dev || !dev) &&
2544 rt != adn->net->ipv6.ip6_null_entry)
2550 void rt6_ifdown(struct net *net, struct net_device *dev)
2552 struct arg_dev_net adn = {
2557 fib6_clean_all(net, fib6_ifdown, &adn);
2558 icmp6_clean_all(fib6_ifdown, &adn);
2559 rt6_uncached_list_flush_dev(net, dev);
2562 struct rt6_mtu_change_arg {
2563 struct net_device *dev;
2567 static int rt6_mtu_change_route(struct rt6_info *rt, void *p_arg)
2569 struct rt6_mtu_change_arg *arg = (struct rt6_mtu_change_arg *) p_arg;
2570 struct inet6_dev *idev;
2572 /* In IPv6 pmtu discovery is not optional,
2573 so that RTAX_MTU lock cannot disable it.
2574 We still use this lock to block changes
2575 caused by addrconf/ndisc.
2578 idev = __in6_dev_get(arg->dev);
2582 /* For administrative MTU increase, there is no way to discover
2583 IPv6 PMTU increase, so PMTU increase should be updated here.
2584 Since RFC 1981 doesn't include administrative MTU increase
2585 update PMTU increase is a MUST. (i.e. jumbo frame)
2588 If new MTU is less than route PMTU, this new MTU will be the
2589 lowest MTU in the path, update the route PMTU to reflect PMTU
2590 decreases; if new MTU is greater than route PMTU, and the
2591 old MTU is the lowest MTU in the path, update the route PMTU
2592 to reflect the increase. In this case if the other nodes' MTU
2593 also have the lowest MTU, TOO BIG MESSAGE will be lead to
2596 if (rt->dst.dev == arg->dev &&
2597 !dst_metric_locked(&rt->dst, RTAX_MTU)) {
2598 if (rt->rt6i_flags & RTF_CACHE) {
2599 /* For RTF_CACHE with rt6i_pmtu == 0
2600 * (i.e. a redirected route),
2601 * the metrics of its rt->dst.from has already
2604 if (rt->rt6i_pmtu && rt->rt6i_pmtu > arg->mtu)
2605 rt->rt6i_pmtu = arg->mtu;
2606 } else if (dst_mtu(&rt->dst) >= arg->mtu ||
2607 (dst_mtu(&rt->dst) < arg->mtu &&
2608 dst_mtu(&rt->dst) == idev->cnf.mtu6)) {
2609 dst_metric_set(&rt->dst, RTAX_MTU, arg->mtu);
2615 void rt6_mtu_change(struct net_device *dev, unsigned int mtu)
2617 struct rt6_mtu_change_arg arg = {
2622 fib6_clean_all(dev_net(dev), rt6_mtu_change_route, &arg);
2625 static const struct nla_policy rtm_ipv6_policy[RTA_MAX+1] = {
2626 [RTA_GATEWAY] = { .len = sizeof(struct in6_addr) },
2627 [RTA_OIF] = { .type = NLA_U32 },
2628 [RTA_IIF] = { .type = NLA_U32 },
2629 [RTA_PRIORITY] = { .type = NLA_U32 },
2630 [RTA_METRICS] = { .type = NLA_NESTED },
2631 [RTA_MULTIPATH] = { .len = sizeof(struct rtnexthop) },
2632 [RTA_PREF] = { .type = NLA_U8 },
2633 [RTA_ENCAP_TYPE] = { .type = NLA_U16 },
2634 [RTA_ENCAP] = { .type = NLA_NESTED },
2637 static int rtm_to_fib6_config(struct sk_buff *skb, struct nlmsghdr *nlh,
2638 struct fib6_config *cfg)
2641 struct nlattr *tb[RTA_MAX+1];
2645 err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_ipv6_policy);
2650 rtm = nlmsg_data(nlh);
2651 memset(cfg, 0, sizeof(*cfg));
2653 cfg->fc_table = rtm->rtm_table;
2654 cfg->fc_dst_len = rtm->rtm_dst_len;
2655 cfg->fc_src_len = rtm->rtm_src_len;
2656 cfg->fc_flags = RTF_UP;
2657 cfg->fc_protocol = rtm->rtm_protocol;
2658 cfg->fc_type = rtm->rtm_type;
2660 if (rtm->rtm_type == RTN_UNREACHABLE ||
2661 rtm->rtm_type == RTN_BLACKHOLE ||
2662 rtm->rtm_type == RTN_PROHIBIT ||
2663 rtm->rtm_type == RTN_THROW)
2664 cfg->fc_flags |= RTF_REJECT;
2666 if (rtm->rtm_type == RTN_LOCAL)
2667 cfg->fc_flags |= RTF_LOCAL;
2669 if (rtm->rtm_flags & RTM_F_CLONED)
2670 cfg->fc_flags |= RTF_CACHE;
2672 cfg->fc_nlinfo.portid = NETLINK_CB(skb).portid;
2673 cfg->fc_nlinfo.nlh = nlh;
2674 cfg->fc_nlinfo.nl_net = sock_net(skb->sk);
2676 if (tb[RTA_GATEWAY]) {
2677 cfg->fc_gateway = nla_get_in6_addr(tb[RTA_GATEWAY]);
2678 cfg->fc_flags |= RTF_GATEWAY;
2682 int plen = (rtm->rtm_dst_len + 7) >> 3;
2684 if (nla_len(tb[RTA_DST]) < plen)
2687 nla_memcpy(&cfg->fc_dst, tb[RTA_DST], plen);
2691 int plen = (rtm->rtm_src_len + 7) >> 3;
2693 if (nla_len(tb[RTA_SRC]) < plen)
2696 nla_memcpy(&cfg->fc_src, tb[RTA_SRC], plen);
2699 if (tb[RTA_PREFSRC])
2700 cfg->fc_prefsrc = nla_get_in6_addr(tb[RTA_PREFSRC]);
2703 cfg->fc_ifindex = nla_get_u32(tb[RTA_OIF]);
2705 if (tb[RTA_PRIORITY])
2706 cfg->fc_metric = nla_get_u32(tb[RTA_PRIORITY]);
2708 if (tb[RTA_METRICS]) {
2709 cfg->fc_mx = nla_data(tb[RTA_METRICS]);
2710 cfg->fc_mx_len = nla_len(tb[RTA_METRICS]);
2714 cfg->fc_table = nla_get_u32(tb[RTA_TABLE]);
2716 if (tb[RTA_MULTIPATH]) {
2717 cfg->fc_mp = nla_data(tb[RTA_MULTIPATH]);
2718 cfg->fc_mp_len = nla_len(tb[RTA_MULTIPATH]);
2722 pref = nla_get_u8(tb[RTA_PREF]);
2723 if (pref != ICMPV6_ROUTER_PREF_LOW &&
2724 pref != ICMPV6_ROUTER_PREF_HIGH)
2725 pref = ICMPV6_ROUTER_PREF_MEDIUM;
2726 cfg->fc_flags |= RTF_PREF(pref);
2730 cfg->fc_encap = tb[RTA_ENCAP];
2732 if (tb[RTA_ENCAP_TYPE])
2733 cfg->fc_encap_type = nla_get_u16(tb[RTA_ENCAP_TYPE]);
2740 static int ip6_route_multipath(struct fib6_config *cfg, int add)
2742 struct fib6_config r_cfg;
2743 struct rtnexthop *rtnh;
2746 int err = 0, last_err = 0;
2748 remaining = cfg->fc_mp_len;
2750 rtnh = (struct rtnexthop *)cfg->fc_mp;
2752 /* Parse a Multipath Entry */
2753 while (rtnh_ok(rtnh, remaining)) {
2754 memcpy(&r_cfg, cfg, sizeof(*cfg));
2755 if (rtnh->rtnh_ifindex)
2756 r_cfg.fc_ifindex = rtnh->rtnh_ifindex;
2758 attrlen = rtnh_attrlen(rtnh);
2760 struct nlattr *nla, *attrs = rtnh_attrs(rtnh);
2762 nla = nla_find(attrs, attrlen, RTA_GATEWAY);
2764 r_cfg.fc_gateway = nla_get_in6_addr(nla);
2765 r_cfg.fc_flags |= RTF_GATEWAY;
2767 r_cfg.fc_encap = nla_find(attrs, attrlen, RTA_ENCAP);
2768 nla = nla_find(attrs, attrlen, RTA_ENCAP_TYPE);
2770 r_cfg.fc_encap_type = nla_get_u16(nla);
2772 err = add ? ip6_route_add(&r_cfg) : ip6_route_del(&r_cfg);
2775 /* If we are trying to remove a route, do not stop the
2776 * loop when ip6_route_del() fails (because next hop is
2777 * already gone), we should try to remove all next hops.
2780 /* If add fails, we should try to delete all
2781 * next hops that have been already added.
2784 remaining = cfg->fc_mp_len - remaining;
2788 /* Because each route is added like a single route we remove
2789 * these flags after the first nexthop: if there is a collision,
2790 * we have already failed to add the first nexthop:
2791 * fib6_add_rt2node() has rejected it; when replacing, old
2792 * nexthops have been replaced by first new, the rest should
2795 cfg->fc_nlinfo.nlh->nlmsg_flags &= ~(NLM_F_EXCL |
2797 rtnh = rtnh_next(rtnh, &remaining);
2803 static int inet6_rtm_delroute(struct sk_buff *skb, struct nlmsghdr *nlh)
2805 struct fib6_config cfg;
2808 err = rtm_to_fib6_config(skb, nlh, &cfg);
2813 return ip6_route_multipath(&cfg, 0);
2815 return ip6_route_del(&cfg);
2818 static int inet6_rtm_newroute(struct sk_buff *skb, struct nlmsghdr *nlh)
2820 struct fib6_config cfg;
2823 err = rtm_to_fib6_config(skb, nlh, &cfg);
2828 return ip6_route_multipath(&cfg, 1);
2830 return ip6_route_add(&cfg);
2833 static inline size_t rt6_nlmsg_size(struct rt6_info *rt)
2835 return NLMSG_ALIGN(sizeof(struct rtmsg))
2836 + nla_total_size(16) /* RTA_SRC */
2837 + nla_total_size(16) /* RTA_DST */
2838 + nla_total_size(16) /* RTA_GATEWAY */
2839 + nla_total_size(16) /* RTA_PREFSRC */
2840 + nla_total_size(4) /* RTA_TABLE */
2841 + nla_total_size(4) /* RTA_IIF */
2842 + nla_total_size(4) /* RTA_OIF */
2843 + nla_total_size(4) /* RTA_PRIORITY */
2844 + RTAX_MAX * nla_total_size(4) /* RTA_METRICS */
2845 + nla_total_size(sizeof(struct rta_cacheinfo))
2846 + nla_total_size(TCP_CA_NAME_MAX) /* RTAX_CC_ALGO */
2847 + nla_total_size(1) /* RTA_PREF */
2848 + lwtunnel_get_encap_size(rt->dst.lwtstate);
2851 static int rt6_fill_node(struct net *net,
2852 struct sk_buff *skb, struct rt6_info *rt,
2853 struct in6_addr *dst, struct in6_addr *src,
2854 int iif, int type, u32 portid, u32 seq,
2855 int prefix, int nowait, unsigned int flags)
2857 u32 metrics[RTAX_MAX];
2859 struct nlmsghdr *nlh;
2863 if (prefix) { /* user wants prefix routes only */
2864 if (!(rt->rt6i_flags & RTF_PREFIX_RT)) {
2865 /* success since this is not a prefix route */
2870 nlh = nlmsg_put(skb, portid, seq, type, sizeof(*rtm), flags);
2874 rtm = nlmsg_data(nlh);
2875 rtm->rtm_family = AF_INET6;
2876 rtm->rtm_dst_len = rt->rt6i_dst.plen;
2877 rtm->rtm_src_len = rt->rt6i_src.plen;
2880 table = rt->rt6i_table->tb6_id;
2882 table = RT6_TABLE_UNSPEC;
2883 rtm->rtm_table = table;
2884 if (nla_put_u32(skb, RTA_TABLE, table))
2885 goto nla_put_failure;
2886 if (rt->rt6i_flags & RTF_REJECT) {
2887 switch (rt->dst.error) {
2889 rtm->rtm_type = RTN_BLACKHOLE;
2892 rtm->rtm_type = RTN_PROHIBIT;
2895 rtm->rtm_type = RTN_THROW;
2898 rtm->rtm_type = RTN_UNREACHABLE;
2902 else if (rt->rt6i_flags & RTF_LOCAL)
2903 rtm->rtm_type = RTN_LOCAL;
2904 else if (rt->dst.dev && (rt->dst.dev->flags & IFF_LOOPBACK))
2905 rtm->rtm_type = RTN_LOCAL;
2907 rtm->rtm_type = RTN_UNICAST;
2909 if (!netif_carrier_ok(rt->dst.dev)) {
2910 rtm->rtm_flags |= RTNH_F_LINKDOWN;
2911 if (rt->rt6i_idev->cnf.ignore_routes_with_linkdown)
2912 rtm->rtm_flags |= RTNH_F_DEAD;
2914 rtm->rtm_scope = RT_SCOPE_UNIVERSE;
2915 rtm->rtm_protocol = rt->rt6i_protocol;
2916 if (rt->rt6i_flags & RTF_DYNAMIC)
2917 rtm->rtm_protocol = RTPROT_REDIRECT;
2918 else if (rt->rt6i_flags & RTF_ADDRCONF) {
2919 if (rt->rt6i_flags & (RTF_DEFAULT | RTF_ROUTEINFO))
2920 rtm->rtm_protocol = RTPROT_RA;
2922 rtm->rtm_protocol = RTPROT_KERNEL;
2925 if (rt->rt6i_flags & RTF_CACHE)
2926 rtm->rtm_flags |= RTM_F_CLONED;
2929 if (nla_put_in6_addr(skb, RTA_DST, dst))
2930 goto nla_put_failure;
2931 rtm->rtm_dst_len = 128;
2932 } else if (rtm->rtm_dst_len)
2933 if (nla_put_in6_addr(skb, RTA_DST, &rt->rt6i_dst.addr))
2934 goto nla_put_failure;
2935 #ifdef CONFIG_IPV6_SUBTREES
2937 if (nla_put_in6_addr(skb, RTA_SRC, src))
2938 goto nla_put_failure;
2939 rtm->rtm_src_len = 128;
2940 } else if (rtm->rtm_src_len &&
2941 nla_put_in6_addr(skb, RTA_SRC, &rt->rt6i_src.addr))
2942 goto nla_put_failure;
2945 #ifdef CONFIG_IPV6_MROUTE
2946 if (ipv6_addr_is_multicast(&rt->rt6i_dst.addr)) {
2947 int err = ip6mr_get_route(net, skb, rtm, nowait);
2952 goto nla_put_failure;
2954 if (err == -EMSGSIZE)
2955 goto nla_put_failure;
2960 if (nla_put_u32(skb, RTA_IIF, iif))
2961 goto nla_put_failure;
2963 struct in6_addr saddr_buf;
2964 if (ip6_route_get_saddr(net, rt, dst, 0, &saddr_buf) == 0 &&
2965 nla_put_in6_addr(skb, RTA_PREFSRC, &saddr_buf))
2966 goto nla_put_failure;
2969 if (rt->rt6i_prefsrc.plen) {
2970 struct in6_addr saddr_buf;
2971 saddr_buf = rt->rt6i_prefsrc.addr;
2972 if (nla_put_in6_addr(skb, RTA_PREFSRC, &saddr_buf))
2973 goto nla_put_failure;
2976 memcpy(metrics, dst_metrics_ptr(&rt->dst), sizeof(metrics));
2978 metrics[RTAX_MTU - 1] = rt->rt6i_pmtu;
2979 if (rtnetlink_put_metrics(skb, metrics) < 0)
2980 goto nla_put_failure;
2982 if (rt->rt6i_flags & RTF_GATEWAY) {
2983 if (nla_put_in6_addr(skb, RTA_GATEWAY, &rt->rt6i_gateway) < 0)
2984 goto nla_put_failure;
2988 nla_put_u32(skb, RTA_OIF, rt->dst.dev->ifindex))
2989 goto nla_put_failure;
2990 if (nla_put_u32(skb, RTA_PRIORITY, rt->rt6i_metric))
2991 goto nla_put_failure;
2993 expires = (rt->rt6i_flags & RTF_EXPIRES) ? rt->dst.expires - jiffies : 0;
2995 if (rtnl_put_cacheinfo(skb, &rt->dst, 0, expires, rt->dst.error) < 0)
2996 goto nla_put_failure;
2998 if (nla_put_u8(skb, RTA_PREF, IPV6_EXTRACT_PREF(rt->rt6i_flags)))
2999 goto nla_put_failure;
3001 lwtunnel_fill_encap(skb, rt->dst.lwtstate);
3003 nlmsg_end(skb, nlh);
3007 nlmsg_cancel(skb, nlh);
3011 int rt6_dump_route(struct rt6_info *rt, void *p_arg)
3013 struct rt6_rtnl_dump_arg *arg = (struct rt6_rtnl_dump_arg *) p_arg;
3016 if (nlmsg_len(arg->cb->nlh) >= sizeof(struct rtmsg)) {
3017 struct rtmsg *rtm = nlmsg_data(arg->cb->nlh);
3018 prefix = (rtm->rtm_flags & RTM_F_PREFIX) != 0;
3022 return rt6_fill_node(arg->net,
3023 arg->skb, rt, NULL, NULL, 0, RTM_NEWROUTE,
3024 NETLINK_CB(arg->cb->skb).portid, arg->cb->nlh->nlmsg_seq,
3025 prefix, 0, NLM_F_MULTI);
3028 static int inet6_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr *nlh)
3030 struct net *net = sock_net(in_skb->sk);
3031 struct nlattr *tb[RTA_MAX+1];
3032 struct rt6_info *rt;
3033 struct sk_buff *skb;
3036 int err, iif = 0, oif = 0;
3038 err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_ipv6_policy);
3043 memset(&fl6, 0, sizeof(fl6));
3046 if (nla_len(tb[RTA_SRC]) < sizeof(struct in6_addr))
3049 fl6.saddr = *(struct in6_addr *)nla_data(tb[RTA_SRC]);
3053 if (nla_len(tb[RTA_DST]) < sizeof(struct in6_addr))
3056 fl6.daddr = *(struct in6_addr *)nla_data(tb[RTA_DST]);
3060 iif = nla_get_u32(tb[RTA_IIF]);
3063 oif = nla_get_u32(tb[RTA_OIF]);
3066 fl6.flowi6_mark = nla_get_u32(tb[RTA_MARK]);
3069 struct net_device *dev;
3072 dev = __dev_get_by_index(net, iif);
3078 fl6.flowi6_iif = iif;
3080 if (!ipv6_addr_any(&fl6.saddr))
3081 flags |= RT6_LOOKUP_F_HAS_SADDR;
3083 rt = (struct rt6_info *)ip6_route_input_lookup(net, dev, &fl6,
3086 fl6.flowi6_oif = oif;
3088 rt = (struct rt6_info *)ip6_route_output(net, NULL, &fl6);
3091 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL);
3098 /* Reserve room for dummy headers, this skb can pass
3099 through good chunk of routing engine.
3101 skb_reset_mac_header(skb);
3102 skb_reserve(skb, MAX_HEADER + sizeof(struct ipv6hdr));
3104 skb_dst_set(skb, &rt->dst);
3106 err = rt6_fill_node(net, skb, rt, &fl6.daddr, &fl6.saddr, iif,
3107 RTM_NEWROUTE, NETLINK_CB(in_skb).portid,
3108 nlh->nlmsg_seq, 0, 0, 0);
3114 err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).portid);
3119 void inet6_rt_notify(int event, struct rt6_info *rt, struct nl_info *info)
3121 struct sk_buff *skb;
3122 struct net *net = info->nl_net;
3127 seq = info->nlh ? info->nlh->nlmsg_seq : 0;
3129 skb = nlmsg_new(rt6_nlmsg_size(rt), gfp_any());
3133 err = rt6_fill_node(net, skb, rt, NULL, NULL, 0,
3134 event, info->portid, seq, 0, 0, 0);
3136 /* -EMSGSIZE implies BUG in rt6_nlmsg_size() */
3137 WARN_ON(err == -EMSGSIZE);
3141 rtnl_notify(skb, net, info->portid, RTNLGRP_IPV6_ROUTE,
3142 info->nlh, gfp_any());
3146 rtnl_set_sk_err(net, RTNLGRP_IPV6_ROUTE, err);
3149 static int ip6_route_dev_notify(struct notifier_block *this,
3150 unsigned long event, void *ptr)
3152 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
3153 struct net *net = dev_net(dev);
3155 if (event == NETDEV_REGISTER && (dev->flags & IFF_LOOPBACK)) {
3156 net->ipv6.ip6_null_entry->dst.dev = dev;
3157 net->ipv6.ip6_null_entry->rt6i_idev = in6_dev_get(dev);
3158 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
3159 net->ipv6.ip6_prohibit_entry->dst.dev = dev;
3160 net->ipv6.ip6_prohibit_entry->rt6i_idev = in6_dev_get(dev);
3161 net->ipv6.ip6_blk_hole_entry->dst.dev = dev;
3162 net->ipv6.ip6_blk_hole_entry->rt6i_idev = in6_dev_get(dev);
3173 #ifdef CONFIG_PROC_FS
3175 static const struct file_operations ipv6_route_proc_fops = {
3176 .owner = THIS_MODULE,
3177 .open = ipv6_route_open,
3179 .llseek = seq_lseek,
3180 .release = seq_release_net,
3183 static int rt6_stats_seq_show(struct seq_file *seq, void *v)
3185 struct net *net = (struct net *)seq->private;
3186 seq_printf(seq, "%04x %04x %04x %04x %04x %04x %04x\n",
3187 net->ipv6.rt6_stats->fib_nodes,
3188 net->ipv6.rt6_stats->fib_route_nodes,
3189 net->ipv6.rt6_stats->fib_rt_alloc,
3190 net->ipv6.rt6_stats->fib_rt_entries,
3191 net->ipv6.rt6_stats->fib_rt_cache,
3192 dst_entries_get_slow(&net->ipv6.ip6_dst_ops),
3193 net->ipv6.rt6_stats->fib_discarded_routes);
3198 static int rt6_stats_seq_open(struct inode *inode, struct file *file)
3200 return single_open_net(inode, file, rt6_stats_seq_show);
3203 static const struct file_operations rt6_stats_seq_fops = {
3204 .owner = THIS_MODULE,
3205 .open = rt6_stats_seq_open,
3207 .llseek = seq_lseek,
3208 .release = single_release_net,
3210 #endif /* CONFIG_PROC_FS */
3212 #ifdef CONFIG_SYSCTL
3215 int ipv6_sysctl_rtcache_flush(struct ctl_table *ctl, int write,
3216 void __user *buffer, size_t *lenp, loff_t *ppos)
3223 net = (struct net *)ctl->extra1;
3224 delay = net->ipv6.sysctl.flush_delay;
3225 proc_dointvec(ctl, write, buffer, lenp, ppos);
3226 fib6_run_gc(delay <= 0 ? 0 : (unsigned long)delay, net, delay > 0);
3230 struct ctl_table ipv6_route_table_template[] = {
3232 .procname = "flush",
3233 .data = &init_net.ipv6.sysctl.flush_delay,
3234 .maxlen = sizeof(int),
3236 .proc_handler = ipv6_sysctl_rtcache_flush
3239 .procname = "gc_thresh",
3240 .data = &ip6_dst_ops_template.gc_thresh,
3241 .maxlen = sizeof(int),
3243 .proc_handler = proc_dointvec,
3246 .procname = "max_size",
3247 .data = &init_net.ipv6.sysctl.ip6_rt_max_size,
3248 .maxlen = sizeof(int),
3250 .proc_handler = proc_dointvec,
3253 .procname = "gc_min_interval",
3254 .data = &init_net.ipv6.sysctl.ip6_rt_gc_min_interval,
3255 .maxlen = sizeof(int),
3257 .proc_handler = proc_dointvec_jiffies,
3260 .procname = "gc_timeout",
3261 .data = &init_net.ipv6.sysctl.ip6_rt_gc_timeout,
3262 .maxlen = sizeof(int),
3264 .proc_handler = proc_dointvec_jiffies,
3267 .procname = "gc_interval",
3268 .data = &init_net.ipv6.sysctl.ip6_rt_gc_interval,
3269 .maxlen = sizeof(int),
3271 .proc_handler = proc_dointvec_jiffies,
3274 .procname = "gc_elasticity",
3275 .data = &init_net.ipv6.sysctl.ip6_rt_gc_elasticity,
3276 .maxlen = sizeof(int),
3278 .proc_handler = proc_dointvec,
3281 .procname = "mtu_expires",
3282 .data = &init_net.ipv6.sysctl.ip6_rt_mtu_expires,
3283 .maxlen = sizeof(int),
3285 .proc_handler = proc_dointvec_jiffies,
3288 .procname = "min_adv_mss",
3289 .data = &init_net.ipv6.sysctl.ip6_rt_min_advmss,
3290 .maxlen = sizeof(int),
3292 .proc_handler = proc_dointvec,
3295 .procname = "gc_min_interval_ms",
3296 .data = &init_net.ipv6.sysctl.ip6_rt_gc_min_interval,
3297 .maxlen = sizeof(int),
3299 .proc_handler = proc_dointvec_ms_jiffies,
3304 struct ctl_table * __net_init ipv6_route_sysctl_init(struct net *net)
3306 struct ctl_table *table;
3308 table = kmemdup(ipv6_route_table_template,
3309 sizeof(ipv6_route_table_template),
3313 table[0].data = &net->ipv6.sysctl.flush_delay;
3314 table[0].extra1 = net;
3315 table[1].data = &net->ipv6.ip6_dst_ops.gc_thresh;
3316 table[2].data = &net->ipv6.sysctl.ip6_rt_max_size;
3317 table[3].data = &net->ipv6.sysctl.ip6_rt_gc_min_interval;
3318 table[4].data = &net->ipv6.sysctl.ip6_rt_gc_timeout;
3319 table[5].data = &net->ipv6.sysctl.ip6_rt_gc_interval;
3320 table[6].data = &net->ipv6.sysctl.ip6_rt_gc_elasticity;
3321 table[7].data = &net->ipv6.sysctl.ip6_rt_mtu_expires;
3322 table[8].data = &net->ipv6.sysctl.ip6_rt_min_advmss;
3323 table[9].data = &net->ipv6.sysctl.ip6_rt_gc_min_interval;
3325 /* Don't export sysctls to unprivileged users */
3326 if (net->user_ns != &init_user_ns)
3327 table[0].procname = NULL;
3334 static int __net_init ip6_route_net_init(struct net *net)
3338 memcpy(&net->ipv6.ip6_dst_ops, &ip6_dst_ops_template,
3339 sizeof(net->ipv6.ip6_dst_ops));
3341 if (dst_entries_init(&net->ipv6.ip6_dst_ops) < 0)
3342 goto out_ip6_dst_ops;
3344 net->ipv6.ip6_null_entry = kmemdup(&ip6_null_entry_template,
3345 sizeof(*net->ipv6.ip6_null_entry),
3347 if (!net->ipv6.ip6_null_entry)
3348 goto out_ip6_dst_entries;
3349 net->ipv6.ip6_null_entry->dst.path =
3350 (struct dst_entry *)net->ipv6.ip6_null_entry;
3351 net->ipv6.ip6_null_entry->dst.ops = &net->ipv6.ip6_dst_ops;
3352 dst_init_metrics(&net->ipv6.ip6_null_entry->dst,
3353 ip6_template_metrics, true);
3355 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
3356 net->ipv6.ip6_prohibit_entry = kmemdup(&ip6_prohibit_entry_template,
3357 sizeof(*net->ipv6.ip6_prohibit_entry),
3359 if (!net->ipv6.ip6_prohibit_entry)
3360 goto out_ip6_null_entry;
3361 net->ipv6.ip6_prohibit_entry->dst.path =
3362 (struct dst_entry *)net->ipv6.ip6_prohibit_entry;
3363 net->ipv6.ip6_prohibit_entry->dst.ops = &net->ipv6.ip6_dst_ops;
3364 dst_init_metrics(&net->ipv6.ip6_prohibit_entry->dst,
3365 ip6_template_metrics, true);
3367 net->ipv6.ip6_blk_hole_entry = kmemdup(&ip6_blk_hole_entry_template,
3368 sizeof(*net->ipv6.ip6_blk_hole_entry),
3370 if (!net->ipv6.ip6_blk_hole_entry)
3371 goto out_ip6_prohibit_entry;
3372 net->ipv6.ip6_blk_hole_entry->dst.path =
3373 (struct dst_entry *)net->ipv6.ip6_blk_hole_entry;
3374 net->ipv6.ip6_blk_hole_entry->dst.ops = &net->ipv6.ip6_dst_ops;
3375 dst_init_metrics(&net->ipv6.ip6_blk_hole_entry->dst,
3376 ip6_template_metrics, true);
3379 net->ipv6.sysctl.flush_delay = 0;
3380 net->ipv6.sysctl.ip6_rt_max_size = 4096;
3381 net->ipv6.sysctl.ip6_rt_gc_min_interval = HZ / 2;
3382 net->ipv6.sysctl.ip6_rt_gc_timeout = 60*HZ;
3383 net->ipv6.sysctl.ip6_rt_gc_interval = 30*HZ;
3384 net->ipv6.sysctl.ip6_rt_gc_elasticity = 9;
3385 net->ipv6.sysctl.ip6_rt_mtu_expires = 10*60*HZ;
3386 net->ipv6.sysctl.ip6_rt_min_advmss = IPV6_MIN_MTU - 20 - 40;
3388 net->ipv6.ip6_rt_gc_expire = 30*HZ;
3394 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
3395 out_ip6_prohibit_entry:
3396 kfree(net->ipv6.ip6_prohibit_entry);
3398 kfree(net->ipv6.ip6_null_entry);
3400 out_ip6_dst_entries:
3401 dst_entries_destroy(&net->ipv6.ip6_dst_ops);
3406 static void __net_exit ip6_route_net_exit(struct net *net)
3408 kfree(net->ipv6.ip6_null_entry);
3409 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
3410 kfree(net->ipv6.ip6_prohibit_entry);
3411 kfree(net->ipv6.ip6_blk_hole_entry);
3413 dst_entries_destroy(&net->ipv6.ip6_dst_ops);
3416 static int __net_init ip6_route_net_init_late(struct net *net)
3418 #ifdef CONFIG_PROC_FS
3419 proc_create("ipv6_route", 0, net->proc_net, &ipv6_route_proc_fops);
3420 proc_create("rt6_stats", S_IRUGO, net->proc_net, &rt6_stats_seq_fops);
3425 static void __net_exit ip6_route_net_exit_late(struct net *net)
3427 #ifdef CONFIG_PROC_FS
3428 remove_proc_entry("ipv6_route", net->proc_net);
3429 remove_proc_entry("rt6_stats", net->proc_net);
3433 static struct pernet_operations ip6_route_net_ops = {
3434 .init = ip6_route_net_init,
3435 .exit = ip6_route_net_exit,
3438 static int __net_init ipv6_inetpeer_init(struct net *net)
3440 struct inet_peer_base *bp = kmalloc(sizeof(*bp), GFP_KERNEL);
3444 inet_peer_base_init(bp);
3445 net->ipv6.peers = bp;
3449 static void __net_exit ipv6_inetpeer_exit(struct net *net)
3451 struct inet_peer_base *bp = net->ipv6.peers;
3453 net->ipv6.peers = NULL;
3454 inetpeer_invalidate_tree(bp);
3458 static struct pernet_operations ipv6_inetpeer_ops = {
3459 .init = ipv6_inetpeer_init,
3460 .exit = ipv6_inetpeer_exit,
3463 static struct pernet_operations ip6_route_net_late_ops = {
3464 .init = ip6_route_net_init_late,
3465 .exit = ip6_route_net_exit_late,
3468 static struct notifier_block ip6_route_dev_notifier = {
3469 .notifier_call = ip6_route_dev_notify,
3473 int __init ip6_route_init(void)
3479 ip6_dst_ops_template.kmem_cachep =
3480 kmem_cache_create("ip6_dst_cache", sizeof(struct rt6_info), 0,
3481 SLAB_HWCACHE_ALIGN, NULL);
3482 if (!ip6_dst_ops_template.kmem_cachep)
3485 ret = dst_entries_init(&ip6_dst_blackhole_ops);
3487 goto out_kmem_cache;
3489 ret = register_pernet_subsys(&ipv6_inetpeer_ops);
3491 goto out_dst_entries;
3493 ret = register_pernet_subsys(&ip6_route_net_ops);
3495 goto out_register_inetpeer;
3497 ip6_dst_blackhole_ops.kmem_cachep = ip6_dst_ops_template.kmem_cachep;
3499 /* Registering of the loopback is done before this portion of code,
3500 * the loopback reference in rt6_info will not be taken, do it
3501 * manually for init_net */
3502 init_net.ipv6.ip6_null_entry->dst.dev = init_net.loopback_dev;
3503 init_net.ipv6.ip6_null_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev);
3504 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
3505 init_net.ipv6.ip6_prohibit_entry->dst.dev = init_net.loopback_dev;
3506 init_net.ipv6.ip6_prohibit_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev);
3507 init_net.ipv6.ip6_blk_hole_entry->dst.dev = init_net.loopback_dev;
3508 init_net.ipv6.ip6_blk_hole_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev);
3512 goto out_register_subsys;
3518 ret = fib6_rules_init();
3522 ret = register_pernet_subsys(&ip6_route_net_late_ops);
3524 goto fib6_rules_init;
3527 if (__rtnl_register(PF_INET6, RTM_NEWROUTE, inet6_rtm_newroute, NULL, NULL) ||
3528 __rtnl_register(PF_INET6, RTM_DELROUTE, inet6_rtm_delroute, NULL, NULL) ||
3529 __rtnl_register(PF_INET6, RTM_GETROUTE, inet6_rtm_getroute, NULL, NULL))
3530 goto out_register_late_subsys;
3532 ret = register_netdevice_notifier(&ip6_route_dev_notifier);
3534 goto out_register_late_subsys;
3536 for_each_possible_cpu(cpu) {
3537 struct uncached_list *ul = per_cpu_ptr(&rt6_uncached_list, cpu);
3539 INIT_LIST_HEAD(&ul->head);
3540 spin_lock_init(&ul->lock);
3546 out_register_late_subsys:
3547 unregister_pernet_subsys(&ip6_route_net_late_ops);
3549 fib6_rules_cleanup();
3554 out_register_subsys:
3555 unregister_pernet_subsys(&ip6_route_net_ops);
3556 out_register_inetpeer:
3557 unregister_pernet_subsys(&ipv6_inetpeer_ops);
3559 dst_entries_destroy(&ip6_dst_blackhole_ops);
3561 kmem_cache_destroy(ip6_dst_ops_template.kmem_cachep);
3565 void ip6_route_cleanup(void)
3567 unregister_netdevice_notifier(&ip6_route_dev_notifier);
3568 unregister_pernet_subsys(&ip6_route_net_late_ops);
3569 fib6_rules_cleanup();
3572 unregister_pernet_subsys(&ipv6_inetpeer_ops);
3573 unregister_pernet_subsys(&ip6_route_net_ops);
3574 dst_entries_destroy(&ip6_dst_blackhole_ops);
3575 kmem_cache_destroy(ip6_dst_ops_template.kmem_cachep);