1 /* 2 * Linux INET6 implementation 3 * FIB front-end. 4 * 5 * Authors: 6 * Pedro Roque <roque@di.fc.ul.pt> 7 * 8 * This program is free software; you can redistribute it and/or 9 * modify it under the terms of the GNU General Public License 10 * as published by the Free Software Foundation; either version 11 * 2 of the License, or (at your option) any later version. 12 */ 13 14 /* Changes: 15 * 16 * YOSHIFUJI Hideaki @USAGI 17 * reworked default router selection. 18 * - respect outgoing interface 19 * - select from (probably) reachable routers (i.e. 20 * routers in REACHABLE, STALE, DELAY or PROBE states). 21 * - always select the same router if it is (probably) 22 * reachable. otherwise, round-robin the list. 23 * Ville Nuorvala 24 * Fixed routing subtrees. 25 */ 26 27 #define pr_fmt(fmt) "IPv6: " fmt 28 29 #include <linux/capability.h> 30 #include <linux/errno.h> 31 #include <linux/export.h> 32 #include <linux/types.h> 33 #include <linux/times.h> 34 #include <linux/socket.h> 35 #include <linux/sockios.h> 36 #include <linux/net.h> 37 #include <linux/route.h> 38 #include <linux/netdevice.h> 39 #include <linux/in6.h> 40 #include <linux/mroute6.h> 41 #include <linux/init.h> 42 #include <linux/if_arp.h> 43 #include <linux/proc_fs.h> 44 #include <linux/seq_file.h> 45 #include <linux/nsproxy.h> 46 #include <linux/slab.h> 47 #include <linux/jhash.h> 48 #include <net/net_namespace.h> 49 #include <net/snmp.h> 50 #include <net/ipv6.h> 51 #include <net/ip6_fib.h> 52 #include <net/ip6_route.h> 53 #include <net/ndisc.h> 54 #include <net/addrconf.h> 55 #include <net/tcp.h> 56 #include <linux/rtnetlink.h> 57 #include <net/dst.h> 58 #include <net/dst_metadata.h> 59 #include <net/xfrm.h> 60 #include <net/netevent.h> 61 #include <net/netlink.h> 62 #include <net/nexthop.h> 63 #include <net/lwtunnel.h> 64 #include <net/ip_tunnels.h> 65 #include <net/l3mdev.h> 66 #include <net/ip.h> 67 #include <linux/uaccess.h> 68 69 #ifdef CONFIG_SYSCTL 70 #include <linux/sysctl.h> 71 #endif 72 73 static int ip6_rt_type_to_error(u8 fib6_type); 74 75 #define CREATE_TRACE_POINTS 76 #include <trace/events/fib6.h> 77 EXPORT_TRACEPOINT_SYMBOL_GPL(fib6_table_lookup); 78 #undef CREATE_TRACE_POINTS 79 80 enum rt6_nud_state { 81 RT6_NUD_FAIL_HARD = -3, 82 RT6_NUD_FAIL_PROBE = -2, 83 RT6_NUD_FAIL_DO_RR = -1, 84 RT6_NUD_SUCCEED = 1 85 }; 86 87 static struct dst_entry *ip6_dst_check(struct dst_entry *dst, u32 cookie); 88 static unsigned int ip6_default_advmss(const struct dst_entry *dst); 89 static unsigned int ip6_mtu(const struct dst_entry *dst); 90 static struct dst_entry *ip6_negative_advice(struct dst_entry *); 91 static void ip6_dst_destroy(struct dst_entry *); 92 static void ip6_dst_ifdown(struct dst_entry *, 93 struct net_device *dev, int how); 94 static int ip6_dst_gc(struct dst_ops *ops); 95 96 static int ip6_pkt_discard(struct sk_buff *skb); 97 static int ip6_pkt_discard_out(struct net *net, struct sock *sk, struct sk_buff *skb); 98 static int ip6_pkt_prohibit(struct sk_buff *skb); 99 static int ip6_pkt_prohibit_out(struct net *net, struct sock *sk, struct sk_buff *skb); 100 static void ip6_link_failure(struct sk_buff *skb); 101 static void ip6_rt_update_pmtu(struct dst_entry *dst, struct sock *sk, 102 struct sk_buff *skb, u32 mtu); 103 static void rt6_do_redirect(struct dst_entry *dst, struct sock *sk, 104 struct sk_buff *skb); 105 static int rt6_score_route(struct fib6_info *rt, int oif, int strict); 106 static size_t rt6_nlmsg_size(struct fib6_info *rt); 107 static int rt6_fill_node(struct net *net, struct sk_buff *skb, 108 struct fib6_info *rt, struct dst_entry *dst, 109 struct in6_addr *dest, struct in6_addr *src, 110 int iif, int type, u32 portid, u32 seq, 111 unsigned int flags); 112 static struct rt6_info *rt6_find_cached_rt(struct fib6_info *rt, 113 struct in6_addr *daddr, 114 struct in6_addr *saddr); 115 116 #ifdef CONFIG_IPV6_ROUTE_INFO 117 static struct fib6_info *rt6_add_route_info(struct net *net, 118 const struct in6_addr *prefix, int prefixlen, 119 const struct in6_addr *gwaddr, 120 struct net_device *dev, 121 unsigned int pref); 122 static struct fib6_info *rt6_get_route_info(struct net *net, 123 const struct in6_addr *prefix, int prefixlen, 124 const struct in6_addr *gwaddr, 125 struct net_device *dev); 126 #endif 127 128 struct uncached_list { 129 spinlock_t lock; 130 struct list_head head; 131 }; 132 133 static DEFINE_PER_CPU_ALIGNED(struct uncached_list, rt6_uncached_list); 134 135 void rt6_uncached_list_add(struct rt6_info *rt) 136 { 137 struct uncached_list *ul = raw_cpu_ptr(&rt6_uncached_list); 138 139 rt->rt6i_uncached_list = ul; 140 141 spin_lock_bh(&ul->lock); 142 list_add_tail(&rt->rt6i_uncached, &ul->head); 143 spin_unlock_bh(&ul->lock); 144 } 145 146 void rt6_uncached_list_del(struct rt6_info *rt) 147 { 148 if (!list_empty(&rt->rt6i_uncached)) { 149 struct uncached_list *ul = rt->rt6i_uncached_list; 150 struct net *net = dev_net(rt->dst.dev); 151 152 spin_lock_bh(&ul->lock); 153 list_del(&rt->rt6i_uncached); 154 atomic_dec(&net->ipv6.rt6_stats->fib_rt_uncache); 155 spin_unlock_bh(&ul->lock); 156 } 157 } 158 159 static void rt6_uncached_list_flush_dev(struct net *net, struct net_device *dev) 160 { 161 struct net_device *loopback_dev = net->loopback_dev; 162 int cpu; 163 164 if (dev == loopback_dev) 165 return; 166 167 for_each_possible_cpu(cpu) { 168 struct uncached_list *ul = per_cpu_ptr(&rt6_uncached_list, cpu); 169 struct rt6_info *rt; 170 171 spin_lock_bh(&ul->lock); 172 list_for_each_entry(rt, &ul->head, rt6i_uncached) { 173 struct inet6_dev *rt_idev = rt->rt6i_idev; 174 struct net_device *rt_dev = rt->dst.dev; 175 176 if (rt_idev->dev == dev) { 177 rt->rt6i_idev = in6_dev_get(loopback_dev); 178 in6_dev_put(rt_idev); 179 } 180 181 if (rt_dev == dev) { 182 rt->dst.dev = loopback_dev; 183 dev_hold(rt->dst.dev); 184 dev_put(rt_dev); 185 } 186 } 187 spin_unlock_bh(&ul->lock); 188 } 189 } 190 191 static inline const void *choose_neigh_daddr(const struct in6_addr *p, 192 struct sk_buff *skb, 193 const void *daddr) 194 { 195 if (!ipv6_addr_any(p)) 196 return (const void *) p; 197 else if (skb) 198 return &ipv6_hdr(skb)->daddr; 199 return daddr; 200 } 201 202 struct neighbour *ip6_neigh_lookup(const struct in6_addr *gw, 203 struct net_device *dev, 204 struct sk_buff *skb, 205 const void *daddr) 206 { 207 struct neighbour *n; 208 209 daddr = choose_neigh_daddr(gw, skb, daddr); 210 n = __ipv6_neigh_lookup(dev, daddr); 211 if (n) 212 return n; 213 214 n = neigh_create(&nd_tbl, daddr, dev); 215 return IS_ERR(n) ? NULL : n; 216 } 217 218 static struct neighbour *ip6_dst_neigh_lookup(const struct dst_entry *dst, 219 struct sk_buff *skb, 220 const void *daddr) 221 { 222 const struct rt6_info *rt = container_of(dst, struct rt6_info, dst); 223 224 return ip6_neigh_lookup(&rt->rt6i_gateway, dst->dev, skb, daddr); 225 } 226 227 static void ip6_confirm_neigh(const struct dst_entry *dst, const void *daddr) 228 { 229 struct net_device *dev = dst->dev; 230 struct rt6_info *rt = (struct rt6_info *)dst; 231 232 daddr = choose_neigh_daddr(&rt->rt6i_gateway, NULL, daddr); 233 if (!daddr) 234 return; 235 if (dev->flags & (IFF_NOARP | IFF_LOOPBACK)) 236 return; 237 if (ipv6_addr_is_multicast((const struct in6_addr *)daddr)) 238 return; 239 __ipv6_confirm_neigh(dev, daddr); 240 } 241 242 static struct dst_ops ip6_dst_ops_template = { 243 .family = AF_INET6, 244 .gc = ip6_dst_gc, 245 .gc_thresh = 1024, 246 .check = ip6_dst_check, 247 .default_advmss = ip6_default_advmss, 248 .mtu = ip6_mtu, 249 .cow_metrics = dst_cow_metrics_generic, 250 .destroy = ip6_dst_destroy, 251 .ifdown = ip6_dst_ifdown, 252 .negative_advice = ip6_negative_advice, 253 .link_failure = ip6_link_failure, 254 .update_pmtu = ip6_rt_update_pmtu, 255 .redirect = rt6_do_redirect, 256 .local_out = __ip6_local_out, 257 .neigh_lookup = ip6_dst_neigh_lookup, 258 .confirm_neigh = ip6_confirm_neigh, 259 }; 260 261 static unsigned int ip6_blackhole_mtu(const struct dst_entry *dst) 262 { 263 unsigned int mtu = dst_metric_raw(dst, RTAX_MTU); 264 265 return mtu ? : dst->dev->mtu; 266 } 267 268 static void ip6_rt_blackhole_update_pmtu(struct dst_entry *dst, struct sock *sk, 269 struct sk_buff *skb, u32 mtu) 270 { 271 } 272 273 static void ip6_rt_blackhole_redirect(struct dst_entry *dst, struct sock *sk, 274 struct sk_buff *skb) 275 { 276 } 277 278 static struct dst_ops ip6_dst_blackhole_ops = { 279 .family = AF_INET6, 280 .destroy = ip6_dst_destroy, 281 .check = ip6_dst_check, 282 .mtu = ip6_blackhole_mtu, 283 .default_advmss = ip6_default_advmss, 284 .update_pmtu = ip6_rt_blackhole_update_pmtu, 285 .redirect = ip6_rt_blackhole_redirect, 286 .cow_metrics = dst_cow_metrics_generic, 287 .neigh_lookup = ip6_dst_neigh_lookup, 288 }; 289 290 static const u32 ip6_template_metrics[RTAX_MAX] = { 291 [RTAX_HOPLIMIT - 1] = 0, 292 }; 293 294 static const struct fib6_info fib6_null_entry_template = { 295 .fib6_flags = (RTF_REJECT | RTF_NONEXTHOP), 296 .fib6_protocol = RTPROT_KERNEL, 297 .fib6_metric = ~(u32)0, 298 .fib6_ref = ATOMIC_INIT(1), 299 .fib6_type = RTN_UNREACHABLE, 300 .fib6_metrics = (struct dst_metrics *)&dst_default_metrics, 301 }; 302 303 static const struct rt6_info ip6_null_entry_template = { 304 .dst = { 305 .__refcnt = ATOMIC_INIT(1), 306 .__use = 1, 307 .obsolete = DST_OBSOLETE_FORCE_CHK, 308 .error = -ENETUNREACH, 309 .input = ip6_pkt_discard, 310 .output = ip6_pkt_discard_out, 311 }, 312 .rt6i_flags = (RTF_REJECT | RTF_NONEXTHOP), 313 }; 314 315 #ifdef CONFIG_IPV6_MULTIPLE_TABLES 316 317 static const struct rt6_info ip6_prohibit_entry_template = { 318 .dst = { 319 .__refcnt = ATOMIC_INIT(1), 320 .__use = 1, 321 .obsolete = DST_OBSOLETE_FORCE_CHK, 322 .error = -EACCES, 323 .input = ip6_pkt_prohibit, 324 .output = ip6_pkt_prohibit_out, 325 }, 326 .rt6i_flags = (RTF_REJECT | RTF_NONEXTHOP), 327 }; 328 329 static const struct rt6_info ip6_blk_hole_entry_template = { 330 .dst = { 331 .__refcnt = ATOMIC_INIT(1), 332 .__use = 1, 333 .obsolete = DST_OBSOLETE_FORCE_CHK, 334 .error = -EINVAL, 335 .input = dst_discard, 336 .output = dst_discard_out, 337 }, 338 .rt6i_flags = (RTF_REJECT | RTF_NONEXTHOP), 339 }; 340 341 #endif 342 343 static void rt6_info_init(struct rt6_info *rt) 344 { 345 struct dst_entry *dst = &rt->dst; 346 347 memset(dst + 1, 0, sizeof(*rt) - sizeof(*dst)); 348 INIT_LIST_HEAD(&rt->rt6i_uncached); 349 } 350 351 /* allocate dst with ip6_dst_ops */ 352 struct rt6_info *ip6_dst_alloc(struct net *net, struct net_device *dev, 353 int flags) 354 { 355 struct rt6_info *rt = dst_alloc(&net->ipv6.ip6_dst_ops, dev, 356 1, DST_OBSOLETE_FORCE_CHK, flags); 357 358 if (rt) { 359 rt6_info_init(rt); 360 atomic_inc(&net->ipv6.rt6_stats->fib_rt_alloc); 361 } 362 363 return rt; 364 } 365 EXPORT_SYMBOL(ip6_dst_alloc); 366 367 static void ip6_dst_destroy(struct dst_entry *dst) 368 { 369 struct rt6_info *rt = (struct rt6_info *)dst; 370 struct fib6_info *from; 371 struct inet6_dev *idev; 372 373 ip_dst_metrics_put(dst); 374 rt6_uncached_list_del(rt); 375 376 idev = rt->rt6i_idev; 377 if (idev) { 378 rt->rt6i_idev = NULL; 379 in6_dev_put(idev); 380 } 381 382 rcu_read_lock(); 383 from = rcu_dereference(rt->from); 384 rcu_assign_pointer(rt->from, NULL); 385 fib6_info_release(from); 386 rcu_read_unlock(); 387 } 388 389 static void ip6_dst_ifdown(struct dst_entry *dst, struct net_device *dev, 390 int how) 391 { 392 struct rt6_info *rt = (struct rt6_info *)dst; 393 struct inet6_dev *idev = rt->rt6i_idev; 394 struct net_device *loopback_dev = 395 dev_net(dev)->loopback_dev; 396 397 if (idev && idev->dev != loopback_dev) { 398 struct inet6_dev *loopback_idev = in6_dev_get(loopback_dev); 399 if (loopback_idev) { 400 rt->rt6i_idev = loopback_idev; 401 in6_dev_put(idev); 402 } 403 } 404 } 405 406 static bool __rt6_check_expired(const struct rt6_info *rt) 407 { 408 if (rt->rt6i_flags & RTF_EXPIRES) 409 return time_after(jiffies, rt->dst.expires); 410 else 411 return false; 412 } 413 414 static bool rt6_check_expired(const struct rt6_info *rt) 415 { 416 struct fib6_info *from; 417 418 from = rcu_dereference(rt->from); 419 420 if (rt->rt6i_flags & RTF_EXPIRES) { 421 if (time_after(jiffies, rt->dst.expires)) 422 return true; 423 } else if (from) { 424 return rt->dst.obsolete != DST_OBSOLETE_FORCE_CHK || 425 fib6_check_expired(from); 426 } 427 return false; 428 } 429 430 struct fib6_info *fib6_multipath_select(const struct net *net, 431 struct fib6_info *match, 432 struct flowi6 *fl6, int oif, 433 const struct sk_buff *skb, 434 int strict) 435 { 436 struct fib6_info *sibling, *next_sibling; 437 438 /* We might have already computed the hash for ICMPv6 errors. In such 439 * case it will always be non-zero. Otherwise now is the time to do it. 440 */ 441 if (!fl6->mp_hash) 442 fl6->mp_hash = rt6_multipath_hash(net, fl6, skb, NULL); 443 444 if (fl6->mp_hash <= atomic_read(&match->fib6_nh.nh_upper_bound)) 445 return match; 446 447 list_for_each_entry_safe(sibling, next_sibling, &match->fib6_siblings, 448 fib6_siblings) { 449 int nh_upper_bound; 450 451 nh_upper_bound = atomic_read(&sibling->fib6_nh.nh_upper_bound); 452 if (fl6->mp_hash > nh_upper_bound) 453 continue; 454 if (rt6_score_route(sibling, oif, strict) < 0) 455 break; 456 match = sibling; 457 break; 458 } 459 460 return match; 461 } 462 463 /* 464 * Route lookup. rcu_read_lock() should be held. 465 */ 466 467 static inline struct fib6_info *rt6_device_match(struct net *net, 468 struct fib6_info *rt, 469 const struct in6_addr *saddr, 470 int oif, 471 int flags) 472 { 473 struct fib6_info *sprt; 474 475 if (!oif && ipv6_addr_any(saddr) && 476 !(rt->fib6_nh.nh_flags & RTNH_F_DEAD)) 477 return rt; 478 479 for (sprt = rt; sprt; sprt = rcu_dereference(sprt->fib6_next)) { 480 const struct net_device *dev = sprt->fib6_nh.nh_dev; 481 482 if (sprt->fib6_nh.nh_flags & RTNH_F_DEAD) 483 continue; 484 485 if (oif) { 486 if (dev->ifindex == oif) 487 return sprt; 488 } else { 489 if (ipv6_chk_addr(net, saddr, dev, 490 flags & RT6_LOOKUP_F_IFACE)) 491 return sprt; 492 } 493 } 494 495 if (oif && flags & RT6_LOOKUP_F_IFACE) 496 return net->ipv6.fib6_null_entry; 497 498 return rt->fib6_nh.nh_flags & RTNH_F_DEAD ? net->ipv6.fib6_null_entry : rt; 499 } 500 501 #ifdef CONFIG_IPV6_ROUTER_PREF 502 struct __rt6_probe_work { 503 struct work_struct work; 504 struct in6_addr target; 505 struct net_device *dev; 506 }; 507 508 static void rt6_probe_deferred(struct work_struct *w) 509 { 510 struct in6_addr mcaddr; 511 struct __rt6_probe_work *work = 512 container_of(w, struct __rt6_probe_work, work); 513 514 addrconf_addr_solict_mult(&work->target, &mcaddr); 515 ndisc_send_ns(work->dev, &work->target, &mcaddr, NULL, 0); 516 dev_put(work->dev); 517 kfree(work); 518 } 519 520 static void rt6_probe(struct fib6_info *rt) 521 { 522 struct __rt6_probe_work *work = NULL; 523 const struct in6_addr *nh_gw; 524 struct neighbour *neigh; 525 struct net_device *dev; 526 struct inet6_dev *idev; 527 528 /* 529 * Okay, this does not seem to be appropriate 530 * for now, however, we need to check if it 531 * is really so; aka Router Reachability Probing. 532 * 533 * Router Reachability Probe MUST be rate-limited 534 * to no more than one per minute. 535 */ 536 if (!rt || !(rt->fib6_flags & RTF_GATEWAY)) 537 return; 538 539 nh_gw = &rt->fib6_nh.nh_gw; 540 dev = rt->fib6_nh.nh_dev; 541 rcu_read_lock_bh(); 542 idev = __in6_dev_get(dev); 543 neigh = __ipv6_neigh_lookup_noref(dev, nh_gw); 544 if (neigh) { 545 if (neigh->nud_state & NUD_VALID) 546 goto out; 547 548 write_lock(&neigh->lock); 549 if (!(neigh->nud_state & NUD_VALID) && 550 time_after(jiffies, 551 neigh->updated + idev->cnf.rtr_probe_interval)) { 552 work = kmalloc(sizeof(*work), GFP_ATOMIC); 553 if (work) 554 __neigh_set_probe_once(neigh); 555 } 556 write_unlock(&neigh->lock); 557 } else if (time_after(jiffies, rt->last_probe + 558 idev->cnf.rtr_probe_interval)) { 559 work = kmalloc(sizeof(*work), GFP_ATOMIC); 560 } 561 562 if (work) { 563 rt->last_probe = jiffies; 564 INIT_WORK(&work->work, rt6_probe_deferred); 565 work->target = *nh_gw; 566 dev_hold(dev); 567 work->dev = dev; 568 schedule_work(&work->work); 569 } 570 571 out: 572 rcu_read_unlock_bh(); 573 } 574 #else 575 static inline void rt6_probe(struct fib6_info *rt) 576 { 577 } 578 #endif 579 580 /* 581 * Default Router Selection (RFC 2461 6.3.6) 582 */ 583 static inline int rt6_check_dev(struct fib6_info *rt, int oif) 584 { 585 const struct net_device *dev = rt->fib6_nh.nh_dev; 586 587 if (!oif || dev->ifindex == oif) 588 return 2; 589 return 0; 590 } 591 592 static inline enum rt6_nud_state rt6_check_neigh(struct fib6_info *rt) 593 { 594 enum rt6_nud_state ret = RT6_NUD_FAIL_HARD; 595 struct neighbour *neigh; 596 597 if (rt->fib6_flags & RTF_NONEXTHOP || 598 !(rt->fib6_flags & RTF_GATEWAY)) 599 return RT6_NUD_SUCCEED; 600 601 rcu_read_lock_bh(); 602 neigh = __ipv6_neigh_lookup_noref(rt->fib6_nh.nh_dev, 603 &rt->fib6_nh.nh_gw); 604 if (neigh) { 605 read_lock(&neigh->lock); 606 if (neigh->nud_state & NUD_VALID) 607 ret = RT6_NUD_SUCCEED; 608 #ifdef CONFIG_IPV6_ROUTER_PREF 609 else if (!(neigh->nud_state & NUD_FAILED)) 610 ret = RT6_NUD_SUCCEED; 611 else 612 ret = RT6_NUD_FAIL_PROBE; 613 #endif 614 read_unlock(&neigh->lock); 615 } else { 616 ret = IS_ENABLED(CONFIG_IPV6_ROUTER_PREF) ? 617 RT6_NUD_SUCCEED : RT6_NUD_FAIL_DO_RR; 618 } 619 rcu_read_unlock_bh(); 620 621 return ret; 622 } 623 624 static int rt6_score_route(struct fib6_info *rt, int oif, int strict) 625 { 626 int m; 627 628 m = rt6_check_dev(rt, oif); 629 if (!m && (strict & RT6_LOOKUP_F_IFACE)) 630 return RT6_NUD_FAIL_HARD; 631 #ifdef CONFIG_IPV6_ROUTER_PREF 632 m |= IPV6_DECODE_PREF(IPV6_EXTRACT_PREF(rt->fib6_flags)) << 2; 633 #endif 634 if (strict & RT6_LOOKUP_F_REACHABLE) { 635 int n = rt6_check_neigh(rt); 636 if (n < 0) 637 return n; 638 } 639 return m; 640 } 641 642 /* called with rc_read_lock held */ 643 static inline bool fib6_ignore_linkdown(const struct fib6_info *f6i) 644 { 645 const struct net_device *dev = fib6_info_nh_dev(f6i); 646 bool rc = false; 647 648 if (dev) { 649 const struct inet6_dev *idev = __in6_dev_get(dev); 650 651 rc = !!idev->cnf.ignore_routes_with_linkdown; 652 } 653 654 return rc; 655 } 656 657 static struct fib6_info *find_match(struct fib6_info *rt, int oif, int strict, 658 int *mpri, struct fib6_info *match, 659 bool *do_rr) 660 { 661 int m; 662 bool match_do_rr = false; 663 664 if (rt->fib6_nh.nh_flags & RTNH_F_DEAD) 665 goto out; 666 667 if (fib6_ignore_linkdown(rt) && 668 rt->fib6_nh.nh_flags & RTNH_F_LINKDOWN && 669 !(strict & RT6_LOOKUP_F_IGNORE_LINKSTATE)) 670 goto out; 671 672 if (fib6_check_expired(rt)) 673 goto out; 674 675 m = rt6_score_route(rt, oif, strict); 676 if (m == RT6_NUD_FAIL_DO_RR) { 677 match_do_rr = true; 678 m = 0; /* lowest valid score */ 679 } else if (m == RT6_NUD_FAIL_HARD) { 680 goto out; 681 } 682 683 if (strict & RT6_LOOKUP_F_REACHABLE) 684 rt6_probe(rt); 685 686 /* note that m can be RT6_NUD_FAIL_PROBE at this point */ 687 if (m > *mpri) { 688 *do_rr = match_do_rr; 689 *mpri = m; 690 match = rt; 691 } 692 out: 693 return match; 694 } 695 696 static struct fib6_info *find_rr_leaf(struct fib6_node *fn, 697 struct fib6_info *leaf, 698 struct fib6_info *rr_head, 699 u32 metric, int oif, int strict, 700 bool *do_rr) 701 { 702 struct fib6_info *rt, *match, *cont; 703 int mpri = -1; 704 705 match = NULL; 706 cont = NULL; 707 for (rt = rr_head; rt; rt = rcu_dereference(rt->fib6_next)) { 708 if (rt->fib6_metric != metric) { 709 cont = rt; 710 break; 711 } 712 713 match = find_match(rt, oif, strict, &mpri, match, do_rr); 714 } 715 716 for (rt = leaf; rt && rt != rr_head; 717 rt = rcu_dereference(rt->fib6_next)) { 718 if (rt->fib6_metric != metric) { 719 cont = rt; 720 break; 721 } 722 723 match = find_match(rt, oif, strict, &mpri, match, do_rr); 724 } 725 726 if (match || !cont) 727 return match; 728 729 for (rt = cont; rt; rt = rcu_dereference(rt->fib6_next)) 730 match = find_match(rt, oif, strict, &mpri, match, do_rr); 731 732 return match; 733 } 734 735 static struct fib6_info *rt6_select(struct net *net, struct fib6_node *fn, 736 int oif, int strict) 737 { 738 struct fib6_info *leaf = rcu_dereference(fn->leaf); 739 struct fib6_info *match, *rt0; 740 bool do_rr = false; 741 int key_plen; 742 743 if (!leaf || leaf == net->ipv6.fib6_null_entry) 744 return net->ipv6.fib6_null_entry; 745 746 rt0 = rcu_dereference(fn->rr_ptr); 747 if (!rt0) 748 rt0 = leaf; 749 750 /* Double check to make sure fn is not an intermediate node 751 * and fn->leaf does not points to its child's leaf 752 * (This might happen if all routes under fn are deleted from 753 * the tree and fib6_repair_tree() is called on the node.) 754 */ 755 key_plen = rt0->fib6_dst.plen; 756 #ifdef CONFIG_IPV6_SUBTREES 757 if (rt0->fib6_src.plen) 758 key_plen = rt0->fib6_src.plen; 759 #endif 760 if (fn->fn_bit != key_plen) 761 return net->ipv6.fib6_null_entry; 762 763 match = find_rr_leaf(fn, leaf, rt0, rt0->fib6_metric, oif, strict, 764 &do_rr); 765 766 if (do_rr) { 767 struct fib6_info *next = rcu_dereference(rt0->fib6_next); 768 769 /* no entries matched; do round-robin */ 770 if (!next || next->fib6_metric != rt0->fib6_metric) 771 next = leaf; 772 773 if (next != rt0) { 774 spin_lock_bh(&leaf->fib6_table->tb6_lock); 775 /* make sure next is not being deleted from the tree */ 776 if (next->fib6_node) 777 rcu_assign_pointer(fn->rr_ptr, next); 778 spin_unlock_bh(&leaf->fib6_table->tb6_lock); 779 } 780 } 781 782 return match ? match : net->ipv6.fib6_null_entry; 783 } 784 785 static bool rt6_is_gw_or_nonexthop(const struct fib6_info *rt) 786 { 787 return (rt->fib6_flags & (RTF_NONEXTHOP | RTF_GATEWAY)); 788 } 789 790 #ifdef CONFIG_IPV6_ROUTE_INFO 791 int rt6_route_rcv(struct net_device *dev, u8 *opt, int len, 792 const struct in6_addr *gwaddr) 793 { 794 struct net *net = dev_net(dev); 795 struct route_info *rinfo = (struct route_info *) opt; 796 struct in6_addr prefix_buf, *prefix; 797 unsigned int pref; 798 unsigned long lifetime; 799 struct fib6_info *rt; 800 801 if (len < sizeof(struct route_info)) { 802 return -EINVAL; 803 } 804 805 /* Sanity check for prefix_len and length */ 806 if (rinfo->length > 3) { 807 return -EINVAL; 808 } else if (rinfo->prefix_len > 128) { 809 return -EINVAL; 810 } else if (rinfo->prefix_len > 64) { 811 if (rinfo->length < 2) { 812 return -EINVAL; 813 } 814 } else if (rinfo->prefix_len > 0) { 815 if (rinfo->length < 1) { 816 return -EINVAL; 817 } 818 } 819 820 pref = rinfo->route_pref; 821 if (pref == ICMPV6_ROUTER_PREF_INVALID) 822 return -EINVAL; 823 824 lifetime = addrconf_timeout_fixup(ntohl(rinfo->lifetime), HZ); 825 826 if (rinfo->length == 3) 827 prefix = (struct in6_addr *)rinfo->prefix; 828 else { 829 /* this function is safe */ 830 ipv6_addr_prefix(&prefix_buf, 831 (struct in6_addr *)rinfo->prefix, 832 rinfo->prefix_len); 833 prefix = &prefix_buf; 834 } 835 836 if (rinfo->prefix_len == 0) 837 rt = rt6_get_dflt_router(net, gwaddr, dev); 838 else 839 rt = rt6_get_route_info(net, prefix, rinfo->prefix_len, 840 gwaddr, dev); 841 842 if (rt && !lifetime) { 843 ip6_del_rt(net, rt); 844 rt = NULL; 845 } 846 847 if (!rt && lifetime) 848 rt = rt6_add_route_info(net, prefix, rinfo->prefix_len, gwaddr, 849 dev, pref); 850 else if (rt) 851 rt->fib6_flags = RTF_ROUTEINFO | 852 (rt->fib6_flags & ~RTF_PREF_MASK) | RTF_PREF(pref); 853 854 if (rt) { 855 if (!addrconf_finite_timeout(lifetime)) 856 fib6_clean_expires(rt); 857 else 858 fib6_set_expires(rt, jiffies + HZ * lifetime); 859 860 fib6_info_release(rt); 861 } 862 return 0; 863 } 864 #endif 865 866 /* 867 * Misc support functions 868 */ 869 870 /* called with rcu_lock held */ 871 static struct net_device *ip6_rt_get_dev_rcu(struct fib6_info *rt) 872 { 873 struct net_device *dev = rt->fib6_nh.nh_dev; 874 875 if (rt->fib6_flags & (RTF_LOCAL | RTF_ANYCAST)) { 876 /* for copies of local routes, dst->dev needs to be the 877 * device if it is a master device, the master device if 878 * device is enslaved, and the loopback as the default 879 */ 880 if (netif_is_l3_slave(dev) && 881 !rt6_need_strict(&rt->fib6_dst.addr)) 882 dev = l3mdev_master_dev_rcu(dev); 883 else if (!netif_is_l3_master(dev)) 884 dev = dev_net(dev)->loopback_dev; 885 /* last case is netif_is_l3_master(dev) is true in which 886 * case we want dev returned to be dev 887 */ 888 } 889 890 return dev; 891 } 892 893 static const int fib6_prop[RTN_MAX + 1] = { 894 [RTN_UNSPEC] = 0, 895 [RTN_UNICAST] = 0, 896 [RTN_LOCAL] = 0, 897 [RTN_BROADCAST] = 0, 898 [RTN_ANYCAST] = 0, 899 [RTN_MULTICAST] = 0, 900 [RTN_BLACKHOLE] = -EINVAL, 901 [RTN_UNREACHABLE] = -EHOSTUNREACH, 902 [RTN_PROHIBIT] = -EACCES, 903 [RTN_THROW] = -EAGAIN, 904 [RTN_NAT] = -EINVAL, 905 [RTN_XRESOLVE] = -EINVAL, 906 }; 907 908 static int ip6_rt_type_to_error(u8 fib6_type) 909 { 910 return fib6_prop[fib6_type]; 911 } 912 913 static unsigned short fib6_info_dst_flags(struct fib6_info *rt) 914 { 915 unsigned short flags = 0; 916 917 if (rt->dst_nocount) 918 flags |= DST_NOCOUNT; 919 if (rt->dst_nopolicy) 920 flags |= DST_NOPOLICY; 921 if (rt->dst_host) 922 flags |= DST_HOST; 923 924 return flags; 925 } 926 927 static void ip6_rt_init_dst_reject(struct rt6_info *rt, struct fib6_info *ort) 928 { 929 rt->dst.error = ip6_rt_type_to_error(ort->fib6_type); 930 931 switch (ort->fib6_type) { 932 case RTN_BLACKHOLE: 933 rt->dst.output = dst_discard_out; 934 rt->dst.input = dst_discard; 935 break; 936 case RTN_PROHIBIT: 937 rt->dst.output = ip6_pkt_prohibit_out; 938 rt->dst.input = ip6_pkt_prohibit; 939 break; 940 case RTN_THROW: 941 case RTN_UNREACHABLE: 942 default: 943 rt->dst.output = ip6_pkt_discard_out; 944 rt->dst.input = ip6_pkt_discard; 945 break; 946 } 947 } 948 949 static void ip6_rt_init_dst(struct rt6_info *rt, struct fib6_info *ort) 950 { 951 if (ort->fib6_flags & RTF_REJECT) { 952 ip6_rt_init_dst_reject(rt, ort); 953 return; 954 } 955 956 rt->dst.error = 0; 957 rt->dst.output = ip6_output; 958 959 if (ort->fib6_type == RTN_LOCAL || ort->fib6_type == RTN_ANYCAST) { 960 rt->dst.input = ip6_input; 961 } else if (ipv6_addr_type(&ort->fib6_dst.addr) & IPV6_ADDR_MULTICAST) { 962 rt->dst.input = ip6_mc_input; 963 } else { 964 rt->dst.input = ip6_forward; 965 } 966 967 if (ort->fib6_nh.nh_lwtstate) { 968 rt->dst.lwtstate = lwtstate_get(ort->fib6_nh.nh_lwtstate); 969 lwtunnel_set_redirect(&rt->dst); 970 } 971 972 rt->dst.lastuse = jiffies; 973 } 974 975 /* Caller must already hold reference to @from */ 976 static void rt6_set_from(struct rt6_info *rt, struct fib6_info *from) 977 { 978 rt->rt6i_flags &= ~RTF_EXPIRES; 979 rcu_assign_pointer(rt->from, from); 980 ip_dst_init_metrics(&rt->dst, from->fib6_metrics); 981 } 982 983 /* Caller must already hold reference to @ort */ 984 static void ip6_rt_copy_init(struct rt6_info *rt, struct fib6_info *ort) 985 { 986 struct net_device *dev = fib6_info_nh_dev(ort); 987 988 ip6_rt_init_dst(rt, ort); 989 990 rt->rt6i_dst = ort->fib6_dst; 991 rt->rt6i_idev = dev ? in6_dev_get(dev) : NULL; 992 rt->rt6i_gateway = ort->fib6_nh.nh_gw; 993 rt->rt6i_flags = ort->fib6_flags; 994 rt6_set_from(rt, ort); 995 #ifdef CONFIG_IPV6_SUBTREES 996 rt->rt6i_src = ort->fib6_src; 997 #endif 998 } 999 1000 static struct fib6_node* fib6_backtrack(struct fib6_node *fn, 1001 struct in6_addr *saddr) 1002 { 1003 struct fib6_node *pn, *sn; 1004 while (1) { 1005 if (fn->fn_flags & RTN_TL_ROOT) 1006 return NULL; 1007 pn = rcu_dereference(fn->parent); 1008 sn = FIB6_SUBTREE(pn); 1009 if (sn && sn != fn) 1010 fn = fib6_node_lookup(sn, NULL, saddr); 1011 else 1012 fn = pn; 1013 if (fn->fn_flags & RTN_RTINFO) 1014 return fn; 1015 } 1016 } 1017 1018 static bool ip6_hold_safe(struct net *net, struct rt6_info **prt, 1019 bool null_fallback) 1020 { 1021 struct rt6_info *rt = *prt; 1022 1023 if (dst_hold_safe(&rt->dst)) 1024 return true; 1025 if (null_fallback) { 1026 rt = net->ipv6.ip6_null_entry; 1027 dst_hold(&rt->dst); 1028 } else { 1029 rt = NULL; 1030 } 1031 *prt = rt; 1032 return false; 1033 } 1034 1035 /* called with rcu_lock held */ 1036 static struct rt6_info *ip6_create_rt_rcu(struct fib6_info *rt) 1037 { 1038 unsigned short flags = fib6_info_dst_flags(rt); 1039 struct net_device *dev = rt->fib6_nh.nh_dev; 1040 struct rt6_info *nrt; 1041 1042 if (!fib6_info_hold_safe(rt)) 1043 return NULL; 1044 1045 nrt = ip6_dst_alloc(dev_net(dev), dev, flags); 1046 if (nrt) 1047 ip6_rt_copy_init(nrt, rt); 1048 else 1049 fib6_info_release(rt); 1050 1051 return nrt; 1052 } 1053 1054 static struct rt6_info *ip6_pol_route_lookup(struct net *net, 1055 struct fib6_table *table, 1056 struct flowi6 *fl6, 1057 const struct sk_buff *skb, 1058 int flags) 1059 { 1060 struct fib6_info *f6i; 1061 struct fib6_node *fn; 1062 struct rt6_info *rt; 1063 1064 if (fl6->flowi6_flags & FLOWI_FLAG_SKIP_NH_OIF) 1065 flags &= ~RT6_LOOKUP_F_IFACE; 1066 1067 rcu_read_lock(); 1068 fn = fib6_node_lookup(&table->tb6_root, &fl6->daddr, &fl6->saddr); 1069 restart: 1070 f6i = rcu_dereference(fn->leaf); 1071 if (!f6i) { 1072 f6i = net->ipv6.fib6_null_entry; 1073 } else { 1074 f6i = rt6_device_match(net, f6i, &fl6->saddr, 1075 fl6->flowi6_oif, flags); 1076 if (f6i->fib6_nsiblings && fl6->flowi6_oif == 0) 1077 f6i = fib6_multipath_select(net, f6i, fl6, 1078 fl6->flowi6_oif, skb, 1079 flags); 1080 } 1081 if (f6i == net->ipv6.fib6_null_entry) { 1082 fn = fib6_backtrack(fn, &fl6->saddr); 1083 if (fn) 1084 goto restart; 1085 } 1086 1087 trace_fib6_table_lookup(net, f6i, table, fl6); 1088 1089 /* Search through exception table */ 1090 rt = rt6_find_cached_rt(f6i, &fl6->daddr, &fl6->saddr); 1091 if (rt) { 1092 if (ip6_hold_safe(net, &rt, true)) 1093 dst_use_noref(&rt->dst, jiffies); 1094 } else if (f6i == net->ipv6.fib6_null_entry) { 1095 rt = net->ipv6.ip6_null_entry; 1096 dst_hold(&rt->dst); 1097 } else { 1098 rt = ip6_create_rt_rcu(f6i); 1099 if (!rt) { 1100 rt = net->ipv6.ip6_null_entry; 1101 dst_hold(&rt->dst); 1102 } 1103 } 1104 1105 rcu_read_unlock(); 1106 1107 return rt; 1108 } 1109 1110 struct dst_entry *ip6_route_lookup(struct net *net, struct flowi6 *fl6, 1111 const struct sk_buff *skb, int flags) 1112 { 1113 return fib6_rule_lookup(net, fl6, skb, flags, ip6_pol_route_lookup); 1114 } 1115 EXPORT_SYMBOL_GPL(ip6_route_lookup); 1116 1117 struct rt6_info *rt6_lookup(struct net *net, const struct in6_addr *daddr, 1118 const struct in6_addr *saddr, int oif, 1119 const struct sk_buff *skb, int strict) 1120 { 1121 struct flowi6 fl6 = { 1122 .flowi6_oif = oif, 1123 .daddr = *daddr, 1124 }; 1125 struct dst_entry *dst; 1126 int flags = strict ? RT6_LOOKUP_F_IFACE : 0; 1127 1128 if (saddr) { 1129 memcpy(&fl6.saddr, saddr, sizeof(*saddr)); 1130 flags |= RT6_LOOKUP_F_HAS_SADDR; 1131 } 1132 1133 dst = fib6_rule_lookup(net, &fl6, skb, flags, ip6_pol_route_lookup); 1134 if (dst->error == 0) 1135 return (struct rt6_info *) dst; 1136 1137 dst_release(dst); 1138 1139 return NULL; 1140 } 1141 EXPORT_SYMBOL(rt6_lookup); 1142 1143 /* ip6_ins_rt is called with FREE table->tb6_lock. 1144 * It takes new route entry, the addition fails by any reason the 1145 * route is released. 1146 * Caller must hold dst before calling it. 1147 */ 1148 1149 static int __ip6_ins_rt(struct fib6_info *rt, struct nl_info *info, 1150 struct netlink_ext_ack *extack) 1151 { 1152 int err; 1153 struct fib6_table *table; 1154 1155 table = rt->fib6_table; 1156 spin_lock_bh(&table->tb6_lock); 1157 err = fib6_add(&table->tb6_root, rt, info, extack); 1158 spin_unlock_bh(&table->tb6_lock); 1159 1160 return err; 1161 } 1162 1163 int ip6_ins_rt(struct net *net, struct fib6_info *rt) 1164 { 1165 struct nl_info info = { .nl_net = net, }; 1166 1167 return __ip6_ins_rt(rt, &info, NULL); 1168 } 1169 1170 static struct rt6_info *ip6_rt_cache_alloc(struct fib6_info *ort, 1171 const struct in6_addr *daddr, 1172 const struct in6_addr *saddr) 1173 { 1174 struct net_device *dev; 1175 struct rt6_info *rt; 1176 1177 /* 1178 * Clone the route. 1179 */ 1180 1181 if (!fib6_info_hold_safe(ort)) 1182 return NULL; 1183 1184 dev = ip6_rt_get_dev_rcu(ort); 1185 rt = ip6_dst_alloc(dev_net(dev), dev, 0); 1186 if (!rt) { 1187 fib6_info_release(ort); 1188 return NULL; 1189 } 1190 1191 ip6_rt_copy_init(rt, ort); 1192 rt->rt6i_flags |= RTF_CACHE; 1193 rt->dst.flags |= DST_HOST; 1194 rt->rt6i_dst.addr = *daddr; 1195 rt->rt6i_dst.plen = 128; 1196 1197 if (!rt6_is_gw_or_nonexthop(ort)) { 1198 if (ort->fib6_dst.plen != 128 && 1199 ipv6_addr_equal(&ort->fib6_dst.addr, daddr)) 1200 rt->rt6i_flags |= RTF_ANYCAST; 1201 #ifdef CONFIG_IPV6_SUBTREES 1202 if (rt->rt6i_src.plen && saddr) { 1203 rt->rt6i_src.addr = *saddr; 1204 rt->rt6i_src.plen = 128; 1205 } 1206 #endif 1207 } 1208 1209 return rt; 1210 } 1211 1212 static struct rt6_info *ip6_rt_pcpu_alloc(struct fib6_info *rt) 1213 { 1214 unsigned short flags = fib6_info_dst_flags(rt); 1215 struct net_device *dev; 1216 struct rt6_info *pcpu_rt; 1217 1218 if (!fib6_info_hold_safe(rt)) 1219 return NULL; 1220 1221 rcu_read_lock(); 1222 dev = ip6_rt_get_dev_rcu(rt); 1223 pcpu_rt = ip6_dst_alloc(dev_net(dev), dev, flags); 1224 rcu_read_unlock(); 1225 if (!pcpu_rt) { 1226 fib6_info_release(rt); 1227 return NULL; 1228 } 1229 ip6_rt_copy_init(pcpu_rt, rt); 1230 pcpu_rt->rt6i_flags |= RTF_PCPU; 1231 return pcpu_rt; 1232 } 1233 1234 /* It should be called with rcu_read_lock() acquired */ 1235 static struct rt6_info *rt6_get_pcpu_route(struct fib6_info *rt) 1236 { 1237 struct rt6_info *pcpu_rt, **p; 1238 1239 p = this_cpu_ptr(rt->rt6i_pcpu); 1240 pcpu_rt = *p; 1241 1242 if (pcpu_rt) 1243 ip6_hold_safe(NULL, &pcpu_rt, false); 1244 1245 return pcpu_rt; 1246 } 1247 1248 static struct rt6_info *rt6_make_pcpu_route(struct net *net, 1249 struct fib6_info *rt) 1250 { 1251 struct rt6_info *pcpu_rt, *prev, **p; 1252 1253 pcpu_rt = ip6_rt_pcpu_alloc(rt); 1254 if (!pcpu_rt) { 1255 dst_hold(&net->ipv6.ip6_null_entry->dst); 1256 return net->ipv6.ip6_null_entry; 1257 } 1258 1259 dst_hold(&pcpu_rt->dst); 1260 p = this_cpu_ptr(rt->rt6i_pcpu); 1261 prev = cmpxchg(p, NULL, pcpu_rt); 1262 BUG_ON(prev); 1263 1264 return pcpu_rt; 1265 } 1266 1267 /* exception hash table implementation 1268 */ 1269 static DEFINE_SPINLOCK(rt6_exception_lock); 1270 1271 /* Remove rt6_ex from hash table and free the memory 1272 * Caller must hold rt6_exception_lock 1273 */ 1274 static void rt6_remove_exception(struct rt6_exception_bucket *bucket, 1275 struct rt6_exception *rt6_ex) 1276 { 1277 struct net *net; 1278 1279 if (!bucket || !rt6_ex) 1280 return; 1281 1282 net = dev_net(rt6_ex->rt6i->dst.dev); 1283 hlist_del_rcu(&rt6_ex->hlist); 1284 dst_release(&rt6_ex->rt6i->dst); 1285 kfree_rcu(rt6_ex, rcu); 1286 WARN_ON_ONCE(!bucket->depth); 1287 bucket->depth--; 1288 net->ipv6.rt6_stats->fib_rt_cache--; 1289 } 1290 1291 /* Remove oldest rt6_ex in bucket and free the memory 1292 * Caller must hold rt6_exception_lock 1293 */ 1294 static void rt6_exception_remove_oldest(struct rt6_exception_bucket *bucket) 1295 { 1296 struct rt6_exception *rt6_ex, *oldest = NULL; 1297 1298 if (!bucket) 1299 return; 1300 1301 hlist_for_each_entry(rt6_ex, &bucket->chain, hlist) { 1302 if (!oldest || time_before(rt6_ex->stamp, oldest->stamp)) 1303 oldest = rt6_ex; 1304 } 1305 rt6_remove_exception(bucket, oldest); 1306 } 1307 1308 static u32 rt6_exception_hash(const struct in6_addr *dst, 1309 const struct in6_addr *src) 1310 { 1311 static u32 seed __read_mostly; 1312 u32 val; 1313 1314 net_get_random_once(&seed, sizeof(seed)); 1315 val = jhash(dst, sizeof(*dst), seed); 1316 1317 #ifdef CONFIG_IPV6_SUBTREES 1318 if (src) 1319 val = jhash(src, sizeof(*src), val); 1320 #endif 1321 return hash_32(val, FIB6_EXCEPTION_BUCKET_SIZE_SHIFT); 1322 } 1323 1324 /* Helper function to find the cached rt in the hash table 1325 * and update bucket pointer to point to the bucket for this 1326 * (daddr, saddr) pair 1327 * Caller must hold rt6_exception_lock 1328 */ 1329 static struct rt6_exception * 1330 __rt6_find_exception_spinlock(struct rt6_exception_bucket **bucket, 1331 const struct in6_addr *daddr, 1332 const struct in6_addr *saddr) 1333 { 1334 struct rt6_exception *rt6_ex; 1335 u32 hval; 1336 1337 if (!(*bucket) || !daddr) 1338 return NULL; 1339 1340 hval = rt6_exception_hash(daddr, saddr); 1341 *bucket += hval; 1342 1343 hlist_for_each_entry(rt6_ex, &(*bucket)->chain, hlist) { 1344 struct rt6_info *rt6 = rt6_ex->rt6i; 1345 bool matched = ipv6_addr_equal(daddr, &rt6->rt6i_dst.addr); 1346 1347 #ifdef CONFIG_IPV6_SUBTREES 1348 if (matched && saddr) 1349 matched = ipv6_addr_equal(saddr, &rt6->rt6i_src.addr); 1350 #endif 1351 if (matched) 1352 return rt6_ex; 1353 } 1354 return NULL; 1355 } 1356 1357 /* Helper function to find the cached rt in the hash table 1358 * and update bucket pointer to point to the bucket for this 1359 * (daddr, saddr) pair 1360 * Caller must hold rcu_read_lock() 1361 */ 1362 static struct rt6_exception * 1363 __rt6_find_exception_rcu(struct rt6_exception_bucket **bucket, 1364 const struct in6_addr *daddr, 1365 const struct in6_addr *saddr) 1366 { 1367 struct rt6_exception *rt6_ex; 1368 u32 hval; 1369 1370 WARN_ON_ONCE(!rcu_read_lock_held()); 1371 1372 if (!(*bucket) || !daddr) 1373 return NULL; 1374 1375 hval = rt6_exception_hash(daddr, saddr); 1376 *bucket += hval; 1377 1378 hlist_for_each_entry_rcu(rt6_ex, &(*bucket)->chain, hlist) { 1379 struct rt6_info *rt6 = rt6_ex->rt6i; 1380 bool matched = ipv6_addr_equal(daddr, &rt6->rt6i_dst.addr); 1381 1382 #ifdef CONFIG_IPV6_SUBTREES 1383 if (matched && saddr) 1384 matched = ipv6_addr_equal(saddr, &rt6->rt6i_src.addr); 1385 #endif 1386 if (matched) 1387 return rt6_ex; 1388 } 1389 return NULL; 1390 } 1391 1392 static unsigned int fib6_mtu(const struct fib6_info *rt) 1393 { 1394 unsigned int mtu; 1395 1396 if (rt->fib6_pmtu) { 1397 mtu = rt->fib6_pmtu; 1398 } else { 1399 struct net_device *dev = fib6_info_nh_dev(rt); 1400 struct inet6_dev *idev; 1401 1402 rcu_read_lock(); 1403 idev = __in6_dev_get(dev); 1404 mtu = idev->cnf.mtu6; 1405 rcu_read_unlock(); 1406 } 1407 1408 mtu = min_t(unsigned int, mtu, IP6_MAX_MTU); 1409 1410 return mtu - lwtunnel_headroom(rt->fib6_nh.nh_lwtstate, mtu); 1411 } 1412 1413 static int rt6_insert_exception(struct rt6_info *nrt, 1414 struct fib6_info *ort) 1415 { 1416 struct net *net = dev_net(nrt->dst.dev); 1417 struct rt6_exception_bucket *bucket; 1418 struct in6_addr *src_key = NULL; 1419 struct rt6_exception *rt6_ex; 1420 int err = 0; 1421 1422 spin_lock_bh(&rt6_exception_lock); 1423 1424 if (ort->exception_bucket_flushed) { 1425 err = -EINVAL; 1426 goto out; 1427 } 1428 1429 bucket = rcu_dereference_protected(ort->rt6i_exception_bucket, 1430 lockdep_is_held(&rt6_exception_lock)); 1431 if (!bucket) { 1432 bucket = kcalloc(FIB6_EXCEPTION_BUCKET_SIZE, sizeof(*bucket), 1433 GFP_ATOMIC); 1434 if (!bucket) { 1435 err = -ENOMEM; 1436 goto out; 1437 } 1438 rcu_assign_pointer(ort->rt6i_exception_bucket, bucket); 1439 } 1440 1441 #ifdef CONFIG_IPV6_SUBTREES 1442 /* rt6i_src.plen != 0 indicates ort is in subtree 1443 * and exception table is indexed by a hash of 1444 * both rt6i_dst and rt6i_src. 1445 * Otherwise, the exception table is indexed by 1446 * a hash of only rt6i_dst. 1447 */ 1448 if (ort->fib6_src.plen) 1449 src_key = &nrt->rt6i_src.addr; 1450 #endif 1451 /* rt6_mtu_change() might lower mtu on ort. 1452 * Only insert this exception route if its mtu 1453 * is less than ort's mtu value. 1454 */ 1455 if (dst_metric_raw(&nrt->dst, RTAX_MTU) >= fib6_mtu(ort)) { 1456 err = -EINVAL; 1457 goto out; 1458 } 1459 1460 rt6_ex = __rt6_find_exception_spinlock(&bucket, &nrt->rt6i_dst.addr, 1461 src_key); 1462 if (rt6_ex) 1463 rt6_remove_exception(bucket, rt6_ex); 1464 1465 rt6_ex = kzalloc(sizeof(*rt6_ex), GFP_ATOMIC); 1466 if (!rt6_ex) { 1467 err = -ENOMEM; 1468 goto out; 1469 } 1470 rt6_ex->rt6i = nrt; 1471 rt6_ex->stamp = jiffies; 1472 hlist_add_head_rcu(&rt6_ex->hlist, &bucket->chain); 1473 bucket->depth++; 1474 net->ipv6.rt6_stats->fib_rt_cache++; 1475 1476 if (bucket->depth > FIB6_MAX_DEPTH) 1477 rt6_exception_remove_oldest(bucket); 1478 1479 out: 1480 spin_unlock_bh(&rt6_exception_lock); 1481 1482 /* Update fn->fn_sernum to invalidate all cached dst */ 1483 if (!err) { 1484 spin_lock_bh(&ort->fib6_table->tb6_lock); 1485 fib6_update_sernum(net, ort); 1486 spin_unlock_bh(&ort->fib6_table->tb6_lock); 1487 fib6_force_start_gc(net); 1488 } 1489 1490 return err; 1491 } 1492 1493 void rt6_flush_exceptions(struct fib6_info *rt) 1494 { 1495 struct rt6_exception_bucket *bucket; 1496 struct rt6_exception *rt6_ex; 1497 struct hlist_node *tmp; 1498 int i; 1499 1500 spin_lock_bh(&rt6_exception_lock); 1501 /* Prevent rt6_insert_exception() to recreate the bucket list */ 1502 rt->exception_bucket_flushed = 1; 1503 1504 bucket = rcu_dereference_protected(rt->rt6i_exception_bucket, 1505 lockdep_is_held(&rt6_exception_lock)); 1506 if (!bucket) 1507 goto out; 1508 1509 for (i = 0; i < FIB6_EXCEPTION_BUCKET_SIZE; i++) { 1510 hlist_for_each_entry_safe(rt6_ex, tmp, &bucket->chain, hlist) 1511 rt6_remove_exception(bucket, rt6_ex); 1512 WARN_ON_ONCE(bucket->depth); 1513 bucket++; 1514 } 1515 1516 out: 1517 spin_unlock_bh(&rt6_exception_lock); 1518 } 1519 1520 /* Find cached rt in the hash table inside passed in rt 1521 * Caller has to hold rcu_read_lock() 1522 */ 1523 static struct rt6_info *rt6_find_cached_rt(struct fib6_info *rt, 1524 struct in6_addr *daddr, 1525 struct in6_addr *saddr) 1526 { 1527 struct rt6_exception_bucket *bucket; 1528 struct in6_addr *src_key = NULL; 1529 struct rt6_exception *rt6_ex; 1530 struct rt6_info *res = NULL; 1531 1532 bucket = rcu_dereference(rt->rt6i_exception_bucket); 1533 1534 #ifdef CONFIG_IPV6_SUBTREES 1535 /* rt6i_src.plen != 0 indicates rt is in subtree 1536 * and exception table is indexed by a hash of 1537 * both rt6i_dst and rt6i_src. 1538 * Otherwise, the exception table is indexed by 1539 * a hash of only rt6i_dst. 1540 */ 1541 if (rt->fib6_src.plen) 1542 src_key = saddr; 1543 #endif 1544 rt6_ex = __rt6_find_exception_rcu(&bucket, daddr, src_key); 1545 1546 if (rt6_ex && !rt6_check_expired(rt6_ex->rt6i)) 1547 res = rt6_ex->rt6i; 1548 1549 return res; 1550 } 1551 1552 /* Remove the passed in cached rt from the hash table that contains it */ 1553 static int rt6_remove_exception_rt(struct rt6_info *rt) 1554 { 1555 struct rt6_exception_bucket *bucket; 1556 struct in6_addr *src_key = NULL; 1557 struct rt6_exception *rt6_ex; 1558 struct fib6_info *from; 1559 int err; 1560 1561 from = rcu_dereference(rt->from); 1562 if (!from || 1563 !(rt->rt6i_flags & RTF_CACHE)) 1564 return -EINVAL; 1565 1566 if (!rcu_access_pointer(from->rt6i_exception_bucket)) 1567 return -ENOENT; 1568 1569 spin_lock_bh(&rt6_exception_lock); 1570 bucket = rcu_dereference_protected(from->rt6i_exception_bucket, 1571 lockdep_is_held(&rt6_exception_lock)); 1572 #ifdef CONFIG_IPV6_SUBTREES 1573 /* rt6i_src.plen != 0 indicates 'from' is in subtree 1574 * and exception table is indexed by a hash of 1575 * both rt6i_dst and rt6i_src. 1576 * Otherwise, the exception table is indexed by 1577 * a hash of only rt6i_dst. 1578 */ 1579 if (from->fib6_src.plen) 1580 src_key = &rt->rt6i_src.addr; 1581 #endif 1582 rt6_ex = __rt6_find_exception_spinlock(&bucket, 1583 &rt->rt6i_dst.addr, 1584 src_key); 1585 if (rt6_ex) { 1586 rt6_remove_exception(bucket, rt6_ex); 1587 err = 0; 1588 } else { 1589 err = -ENOENT; 1590 } 1591 1592 spin_unlock_bh(&rt6_exception_lock); 1593 return err; 1594 } 1595 1596 /* Find rt6_ex which contains the passed in rt cache and 1597 * refresh its stamp 1598 */ 1599 static void rt6_update_exception_stamp_rt(struct rt6_info *rt) 1600 { 1601 struct rt6_exception_bucket *bucket; 1602 struct fib6_info *from = rt->from; 1603 struct in6_addr *src_key = NULL; 1604 struct rt6_exception *rt6_ex; 1605 1606 if (!from || 1607 !(rt->rt6i_flags & RTF_CACHE)) 1608 return; 1609 1610 rcu_read_lock(); 1611 bucket = rcu_dereference(from->rt6i_exception_bucket); 1612 1613 #ifdef CONFIG_IPV6_SUBTREES 1614 /* rt6i_src.plen != 0 indicates 'from' is in subtree 1615 * and exception table is indexed by a hash of 1616 * both rt6i_dst and rt6i_src. 1617 * Otherwise, the exception table is indexed by 1618 * a hash of only rt6i_dst. 1619 */ 1620 if (from->fib6_src.plen) 1621 src_key = &rt->rt6i_src.addr; 1622 #endif 1623 rt6_ex = __rt6_find_exception_rcu(&bucket, 1624 &rt->rt6i_dst.addr, 1625 src_key); 1626 if (rt6_ex) 1627 rt6_ex->stamp = jiffies; 1628 1629 rcu_read_unlock(); 1630 } 1631 1632 static bool rt6_mtu_change_route_allowed(struct inet6_dev *idev, 1633 struct rt6_info *rt, int mtu) 1634 { 1635 /* If the new MTU is lower than the route PMTU, this new MTU will be the 1636 * lowest MTU in the path: always allow updating the route PMTU to 1637 * reflect PMTU decreases. 1638 * 1639 * If the new MTU is higher, and the route PMTU is equal to the local 1640 * MTU, this means the old MTU is the lowest in the path, so allow 1641 * updating it: if other nodes now have lower MTUs, PMTU discovery will 1642 * handle this. 1643 */ 1644 1645 if (dst_mtu(&rt->dst) >= mtu) 1646 return true; 1647 1648 if (dst_mtu(&rt->dst) == idev->cnf.mtu6) 1649 return true; 1650 1651 return false; 1652 } 1653 1654 static void rt6_exceptions_update_pmtu(struct inet6_dev *idev, 1655 struct fib6_info *rt, int mtu) 1656 { 1657 struct rt6_exception_bucket *bucket; 1658 struct rt6_exception *rt6_ex; 1659 int i; 1660 1661 bucket = rcu_dereference_protected(rt->rt6i_exception_bucket, 1662 lockdep_is_held(&rt6_exception_lock)); 1663 1664 if (!bucket) 1665 return; 1666 1667 for (i = 0; i < FIB6_EXCEPTION_BUCKET_SIZE; i++) { 1668 hlist_for_each_entry(rt6_ex, &bucket->chain, hlist) { 1669 struct rt6_info *entry = rt6_ex->rt6i; 1670 1671 /* For RTF_CACHE with rt6i_pmtu == 0 (i.e. a redirected 1672 * route), the metrics of its rt->from have already 1673 * been updated. 1674 */ 1675 if (dst_metric_raw(&entry->dst, RTAX_MTU) && 1676 rt6_mtu_change_route_allowed(idev, entry, mtu)) 1677 dst_metric_set(&entry->dst, RTAX_MTU, mtu); 1678 } 1679 bucket++; 1680 } 1681 } 1682 1683 #define RTF_CACHE_GATEWAY (RTF_GATEWAY | RTF_CACHE) 1684 1685 static void rt6_exceptions_clean_tohost(struct fib6_info *rt, 1686 struct in6_addr *gateway) 1687 { 1688 struct rt6_exception_bucket *bucket; 1689 struct rt6_exception *rt6_ex; 1690 struct hlist_node *tmp; 1691 int i; 1692 1693 if (!rcu_access_pointer(rt->rt6i_exception_bucket)) 1694 return; 1695 1696 spin_lock_bh(&rt6_exception_lock); 1697 bucket = rcu_dereference_protected(rt->rt6i_exception_bucket, 1698 lockdep_is_held(&rt6_exception_lock)); 1699 1700 if (bucket) { 1701 for (i = 0; i < FIB6_EXCEPTION_BUCKET_SIZE; i++) { 1702 hlist_for_each_entry_safe(rt6_ex, tmp, 1703 &bucket->chain, hlist) { 1704 struct rt6_info *entry = rt6_ex->rt6i; 1705 1706 if ((entry->rt6i_flags & RTF_CACHE_GATEWAY) == 1707 RTF_CACHE_GATEWAY && 1708 ipv6_addr_equal(gateway, 1709 &entry->rt6i_gateway)) { 1710 rt6_remove_exception(bucket, rt6_ex); 1711 } 1712 } 1713 bucket++; 1714 } 1715 } 1716 1717 spin_unlock_bh(&rt6_exception_lock); 1718 } 1719 1720 static void rt6_age_examine_exception(struct rt6_exception_bucket *bucket, 1721 struct rt6_exception *rt6_ex, 1722 struct fib6_gc_args *gc_args, 1723 unsigned long now) 1724 { 1725 struct rt6_info *rt = rt6_ex->rt6i; 1726 1727 /* we are pruning and obsoleting aged-out and non gateway exceptions 1728 * even if others have still references to them, so that on next 1729 * dst_check() such references can be dropped. 1730 * EXPIRES exceptions - e.g. pmtu-generated ones are pruned when 1731 * expired, independently from their aging, as per RFC 8201 section 4 1732 */ 1733 if (!(rt->rt6i_flags & RTF_EXPIRES)) { 1734 if (time_after_eq(now, rt->dst.lastuse + gc_args->timeout)) { 1735 RT6_TRACE("aging clone %p\n", rt); 1736 rt6_remove_exception(bucket, rt6_ex); 1737 return; 1738 } 1739 } else if (time_after(jiffies, rt->dst.expires)) { 1740 RT6_TRACE("purging expired route %p\n", rt); 1741 rt6_remove_exception(bucket, rt6_ex); 1742 return; 1743 } 1744 1745 if (rt->rt6i_flags & RTF_GATEWAY) { 1746 struct neighbour *neigh; 1747 __u8 neigh_flags = 0; 1748 1749 neigh = __ipv6_neigh_lookup_noref(rt->dst.dev, &rt->rt6i_gateway); 1750 if (neigh) 1751 neigh_flags = neigh->flags; 1752 1753 if (!(neigh_flags & NTF_ROUTER)) { 1754 RT6_TRACE("purging route %p via non-router but gateway\n", 1755 rt); 1756 rt6_remove_exception(bucket, rt6_ex); 1757 return; 1758 } 1759 } 1760 1761 gc_args->more++; 1762 } 1763 1764 void rt6_age_exceptions(struct fib6_info *rt, 1765 struct fib6_gc_args *gc_args, 1766 unsigned long now) 1767 { 1768 struct rt6_exception_bucket *bucket; 1769 struct rt6_exception *rt6_ex; 1770 struct hlist_node *tmp; 1771 int i; 1772 1773 if (!rcu_access_pointer(rt->rt6i_exception_bucket)) 1774 return; 1775 1776 rcu_read_lock_bh(); 1777 spin_lock(&rt6_exception_lock); 1778 bucket = rcu_dereference_protected(rt->rt6i_exception_bucket, 1779 lockdep_is_held(&rt6_exception_lock)); 1780 1781 if (bucket) { 1782 for (i = 0; i < FIB6_EXCEPTION_BUCKET_SIZE; i++) { 1783 hlist_for_each_entry_safe(rt6_ex, tmp, 1784 &bucket->chain, hlist) { 1785 rt6_age_examine_exception(bucket, rt6_ex, 1786 gc_args, now); 1787 } 1788 bucket++; 1789 } 1790 } 1791 spin_unlock(&rt6_exception_lock); 1792 rcu_read_unlock_bh(); 1793 } 1794 1795 /* must be called with rcu lock held */ 1796 struct fib6_info *fib6_table_lookup(struct net *net, struct fib6_table *table, 1797 int oif, struct flowi6 *fl6, int strict) 1798 { 1799 struct fib6_node *fn, *saved_fn; 1800 struct fib6_info *f6i; 1801 1802 fn = fib6_node_lookup(&table->tb6_root, &fl6->daddr, &fl6->saddr); 1803 saved_fn = fn; 1804 1805 if (fl6->flowi6_flags & FLOWI_FLAG_SKIP_NH_OIF) 1806 oif = 0; 1807 1808 redo_rt6_select: 1809 f6i = rt6_select(net, fn, oif, strict); 1810 if (f6i == net->ipv6.fib6_null_entry) { 1811 fn = fib6_backtrack(fn, &fl6->saddr); 1812 if (fn) 1813 goto redo_rt6_select; 1814 else if (strict & RT6_LOOKUP_F_REACHABLE) { 1815 /* also consider unreachable route */ 1816 strict &= ~RT6_LOOKUP_F_REACHABLE; 1817 fn = saved_fn; 1818 goto redo_rt6_select; 1819 } 1820 } 1821 1822 trace_fib6_table_lookup(net, f6i, table, fl6); 1823 1824 return f6i; 1825 } 1826 1827 struct rt6_info *ip6_pol_route(struct net *net, struct fib6_table *table, 1828 int oif, struct flowi6 *fl6, 1829 const struct sk_buff *skb, int flags) 1830 { 1831 struct fib6_info *f6i; 1832 struct rt6_info *rt; 1833 int strict = 0; 1834 1835 strict |= flags & RT6_LOOKUP_F_IFACE; 1836 strict |= flags & RT6_LOOKUP_F_IGNORE_LINKSTATE; 1837 if (net->ipv6.devconf_all->forwarding == 0) 1838 strict |= RT6_LOOKUP_F_REACHABLE; 1839 1840 rcu_read_lock(); 1841 1842 f6i = fib6_table_lookup(net, table, oif, fl6, strict); 1843 if (f6i->fib6_nsiblings) 1844 f6i = fib6_multipath_select(net, f6i, fl6, oif, skb, strict); 1845 1846 if (f6i == net->ipv6.fib6_null_entry) { 1847 rt = net->ipv6.ip6_null_entry; 1848 rcu_read_unlock(); 1849 dst_hold(&rt->dst); 1850 return rt; 1851 } 1852 1853 /*Search through exception table */ 1854 rt = rt6_find_cached_rt(f6i, &fl6->daddr, &fl6->saddr); 1855 if (rt) { 1856 if (ip6_hold_safe(net, &rt, true)) 1857 dst_use_noref(&rt->dst, jiffies); 1858 1859 rcu_read_unlock(); 1860 return rt; 1861 } else if (unlikely((fl6->flowi6_flags & FLOWI_FLAG_KNOWN_NH) && 1862 !(f6i->fib6_flags & RTF_GATEWAY))) { 1863 /* Create a RTF_CACHE clone which will not be 1864 * owned by the fib6 tree. It is for the special case where 1865 * the daddr in the skb during the neighbor look-up is different 1866 * from the fl6->daddr used to look-up route here. 1867 */ 1868 struct rt6_info *uncached_rt; 1869 1870 uncached_rt = ip6_rt_cache_alloc(f6i, &fl6->daddr, NULL); 1871 1872 rcu_read_unlock(); 1873 1874 if (uncached_rt) { 1875 /* Uncached_rt's refcnt is taken during ip6_rt_cache_alloc() 1876 * No need for another dst_hold() 1877 */ 1878 rt6_uncached_list_add(uncached_rt); 1879 atomic_inc(&net->ipv6.rt6_stats->fib_rt_uncache); 1880 } else { 1881 uncached_rt = net->ipv6.ip6_null_entry; 1882 dst_hold(&uncached_rt->dst); 1883 } 1884 1885 return uncached_rt; 1886 } else { 1887 /* Get a percpu copy */ 1888 1889 struct rt6_info *pcpu_rt; 1890 1891 local_bh_disable(); 1892 pcpu_rt = rt6_get_pcpu_route(f6i); 1893 1894 if (!pcpu_rt) 1895 pcpu_rt = rt6_make_pcpu_route(net, f6i); 1896 1897 local_bh_enable(); 1898 rcu_read_unlock(); 1899 1900 return pcpu_rt; 1901 } 1902 } 1903 EXPORT_SYMBOL_GPL(ip6_pol_route); 1904 1905 static struct rt6_info *ip6_pol_route_input(struct net *net, 1906 struct fib6_table *table, 1907 struct flowi6 *fl6, 1908 const struct sk_buff *skb, 1909 int flags) 1910 { 1911 return ip6_pol_route(net, table, fl6->flowi6_iif, fl6, skb, flags); 1912 } 1913 1914 struct dst_entry *ip6_route_input_lookup(struct net *net, 1915 struct net_device *dev, 1916 struct flowi6 *fl6, 1917 const struct sk_buff *skb, 1918 int flags) 1919 { 1920 if (rt6_need_strict(&fl6->daddr) && dev->type != ARPHRD_PIMREG) 1921 flags |= RT6_LOOKUP_F_IFACE; 1922 1923 return fib6_rule_lookup(net, fl6, skb, flags, ip6_pol_route_input); 1924 } 1925 EXPORT_SYMBOL_GPL(ip6_route_input_lookup); 1926 1927 static void ip6_multipath_l3_keys(const struct sk_buff *skb, 1928 struct flow_keys *keys, 1929 struct flow_keys *flkeys) 1930 { 1931 const struct ipv6hdr *outer_iph = ipv6_hdr(skb); 1932 const struct ipv6hdr *key_iph = outer_iph; 1933 struct flow_keys *_flkeys = flkeys; 1934 const struct ipv6hdr *inner_iph; 1935 const struct icmp6hdr *icmph; 1936 struct ipv6hdr _inner_iph; 1937 struct icmp6hdr _icmph; 1938 1939 if (likely(outer_iph->nexthdr != IPPROTO_ICMPV6)) 1940 goto out; 1941 1942 icmph = skb_header_pointer(skb, skb_transport_offset(skb), 1943 sizeof(_icmph), &_icmph); 1944 if (!icmph) 1945 goto out; 1946 1947 if (icmph->icmp6_type != ICMPV6_DEST_UNREACH && 1948 icmph->icmp6_type != ICMPV6_PKT_TOOBIG && 1949 icmph->icmp6_type != ICMPV6_TIME_EXCEED && 1950 icmph->icmp6_type != ICMPV6_PARAMPROB) 1951 goto out; 1952 1953 inner_iph = skb_header_pointer(skb, 1954 skb_transport_offset(skb) + sizeof(*icmph), 1955 sizeof(_inner_iph), &_inner_iph); 1956 if (!inner_iph) 1957 goto out; 1958 1959 key_iph = inner_iph; 1960 _flkeys = NULL; 1961 out: 1962 if (_flkeys) { 1963 keys->addrs.v6addrs.src = _flkeys->addrs.v6addrs.src; 1964 keys->addrs.v6addrs.dst = _flkeys->addrs.v6addrs.dst; 1965 keys->tags.flow_label = _flkeys->tags.flow_label; 1966 keys->basic.ip_proto = _flkeys->basic.ip_proto; 1967 } else { 1968 keys->addrs.v6addrs.src = key_iph->saddr; 1969 keys->addrs.v6addrs.dst = key_iph->daddr; 1970 keys->tags.flow_label = ip6_flowlabel(key_iph); 1971 keys->basic.ip_proto = key_iph->nexthdr; 1972 } 1973 } 1974 1975 /* if skb is set it will be used and fl6 can be NULL */ 1976 u32 rt6_multipath_hash(const struct net *net, const struct flowi6 *fl6, 1977 const struct sk_buff *skb, struct flow_keys *flkeys) 1978 { 1979 struct flow_keys hash_keys; 1980 u32 mhash; 1981 1982 switch (ip6_multipath_hash_policy(net)) { 1983 case 0: 1984 memset(&hash_keys, 0, sizeof(hash_keys)); 1985 hash_keys.control.addr_type = FLOW_DISSECTOR_KEY_IPV6_ADDRS; 1986 if (skb) { 1987 ip6_multipath_l3_keys(skb, &hash_keys, flkeys); 1988 } else { 1989 hash_keys.addrs.v6addrs.src = fl6->saddr; 1990 hash_keys.addrs.v6addrs.dst = fl6->daddr; 1991 hash_keys.tags.flow_label = (__force u32)flowi6_get_flowlabel(fl6); 1992 hash_keys.basic.ip_proto = fl6->flowi6_proto; 1993 } 1994 break; 1995 case 1: 1996 if (skb) { 1997 unsigned int flag = FLOW_DISSECTOR_F_STOP_AT_ENCAP; 1998 struct flow_keys keys; 1999 2000 /* short-circuit if we already have L4 hash present */ 2001 if (skb->l4_hash) 2002 return skb_get_hash_raw(skb) >> 1; 2003 2004 memset(&hash_keys, 0, sizeof(hash_keys)); 2005 2006 if (!flkeys) { 2007 skb_flow_dissect_flow_keys(skb, &keys, flag); 2008 flkeys = &keys; 2009 } 2010 hash_keys.control.addr_type = FLOW_DISSECTOR_KEY_IPV6_ADDRS; 2011 hash_keys.addrs.v6addrs.src = flkeys->addrs.v6addrs.src; 2012 hash_keys.addrs.v6addrs.dst = flkeys->addrs.v6addrs.dst; 2013 hash_keys.ports.src = flkeys->ports.src; 2014 hash_keys.ports.dst = flkeys->ports.dst; 2015 hash_keys.basic.ip_proto = flkeys->basic.ip_proto; 2016 } else { 2017 memset(&hash_keys, 0, sizeof(hash_keys)); 2018 hash_keys.control.addr_type = FLOW_DISSECTOR_KEY_IPV6_ADDRS; 2019 hash_keys.addrs.v6addrs.src = fl6->saddr; 2020 hash_keys.addrs.v6addrs.dst = fl6->daddr; 2021 hash_keys.ports.src = fl6->fl6_sport; 2022 hash_keys.ports.dst = fl6->fl6_dport; 2023 hash_keys.basic.ip_proto = fl6->flowi6_proto; 2024 } 2025 break; 2026 } 2027 mhash = flow_hash_from_keys(&hash_keys); 2028 2029 return mhash >> 1; 2030 } 2031 2032 void ip6_route_input(struct sk_buff *skb) 2033 { 2034 const struct ipv6hdr *iph = ipv6_hdr(skb); 2035 struct net *net = dev_net(skb->dev); 2036 int flags = RT6_LOOKUP_F_HAS_SADDR; 2037 struct ip_tunnel_info *tun_info; 2038 struct flowi6 fl6 = { 2039 .flowi6_iif = skb->dev->ifindex, 2040 .daddr = iph->daddr, 2041 .saddr = iph->saddr, 2042 .flowlabel = ip6_flowinfo(iph), 2043 .flowi6_mark = skb->mark, 2044 .flowi6_proto = iph->nexthdr, 2045 }; 2046 struct flow_keys *flkeys = NULL, _flkeys; 2047 2048 tun_info = skb_tunnel_info(skb); 2049 if (tun_info && !(tun_info->mode & IP_TUNNEL_INFO_TX)) 2050 fl6.flowi6_tun_key.tun_id = tun_info->key.tun_id; 2051 2052 if (fib6_rules_early_flow_dissect(net, skb, &fl6, &_flkeys)) 2053 flkeys = &_flkeys; 2054 2055 if (unlikely(fl6.flowi6_proto == IPPROTO_ICMPV6)) 2056 fl6.mp_hash = rt6_multipath_hash(net, &fl6, skb, flkeys); 2057 skb_dst_drop(skb); 2058 skb_dst_set(skb, 2059 ip6_route_input_lookup(net, skb->dev, &fl6, skb, flags)); 2060 } 2061 2062 static struct rt6_info *ip6_pol_route_output(struct net *net, 2063 struct fib6_table *table, 2064 struct flowi6 *fl6, 2065 const struct sk_buff *skb, 2066 int flags) 2067 { 2068 return ip6_pol_route(net, table, fl6->flowi6_oif, fl6, skb, flags); 2069 } 2070 2071 struct dst_entry *ip6_route_output_flags(struct net *net, const struct sock *sk, 2072 struct flowi6 *fl6, int flags) 2073 { 2074 bool any_src; 2075 2076 if (ipv6_addr_type(&fl6->daddr) & 2077 (IPV6_ADDR_MULTICAST | IPV6_ADDR_LINKLOCAL)) { 2078 struct dst_entry *dst; 2079 2080 dst = l3mdev_link_scope_lookup(net, fl6); 2081 if (dst) 2082 return dst; 2083 } 2084 2085 fl6->flowi6_iif = LOOPBACK_IFINDEX; 2086 2087 any_src = ipv6_addr_any(&fl6->saddr); 2088 if ((sk && sk->sk_bound_dev_if) || rt6_need_strict(&fl6->daddr) || 2089 (fl6->flowi6_oif && any_src)) 2090 flags |= RT6_LOOKUP_F_IFACE; 2091 2092 if (!any_src) 2093 flags |= RT6_LOOKUP_F_HAS_SADDR; 2094 else if (sk) 2095 flags |= rt6_srcprefs2flags(inet6_sk(sk)->srcprefs); 2096 2097 return fib6_rule_lookup(net, fl6, NULL, flags, ip6_pol_route_output); 2098 } 2099 EXPORT_SYMBOL_GPL(ip6_route_output_flags); 2100 2101 struct dst_entry *ip6_blackhole_route(struct net *net, struct dst_entry *dst_orig) 2102 { 2103 struct rt6_info *rt, *ort = (struct rt6_info *) dst_orig; 2104 struct net_device *loopback_dev = net->loopback_dev; 2105 struct dst_entry *new = NULL; 2106 2107 rt = dst_alloc(&ip6_dst_blackhole_ops, loopback_dev, 1, 2108 DST_OBSOLETE_DEAD, 0); 2109 if (rt) { 2110 rt6_info_init(rt); 2111 atomic_inc(&net->ipv6.rt6_stats->fib_rt_alloc); 2112 2113 new = &rt->dst; 2114 new->__use = 1; 2115 new->input = dst_discard; 2116 new->output = dst_discard_out; 2117 2118 dst_copy_metrics(new, &ort->dst); 2119 2120 rt->rt6i_idev = in6_dev_get(loopback_dev); 2121 rt->rt6i_gateway = ort->rt6i_gateway; 2122 rt->rt6i_flags = ort->rt6i_flags & ~RTF_PCPU; 2123 2124 memcpy(&rt->rt6i_dst, &ort->rt6i_dst, sizeof(struct rt6key)); 2125 #ifdef CONFIG_IPV6_SUBTREES 2126 memcpy(&rt->rt6i_src, &ort->rt6i_src, sizeof(struct rt6key)); 2127 #endif 2128 } 2129 2130 dst_release(dst_orig); 2131 return new ? new : ERR_PTR(-ENOMEM); 2132 } 2133 2134 /* 2135 * Destination cache support functions 2136 */ 2137 2138 static bool fib6_check(struct fib6_info *f6i, u32 cookie) 2139 { 2140 u32 rt_cookie = 0; 2141 2142 if (!fib6_get_cookie_safe(f6i, &rt_cookie) || rt_cookie != cookie) 2143 return false; 2144 2145 if (fib6_check_expired(f6i)) 2146 return false; 2147 2148 return true; 2149 } 2150 2151 static struct dst_entry *rt6_check(struct rt6_info *rt, 2152 struct fib6_info *from, 2153 u32 cookie) 2154 { 2155 u32 rt_cookie = 0; 2156 2157 if ((from && !fib6_get_cookie_safe(from, &rt_cookie)) || 2158 rt_cookie != cookie) 2159 return NULL; 2160 2161 if (rt6_check_expired(rt)) 2162 return NULL; 2163 2164 return &rt->dst; 2165 } 2166 2167 static struct dst_entry *rt6_dst_from_check(struct rt6_info *rt, 2168 struct fib6_info *from, 2169 u32 cookie) 2170 { 2171 if (!__rt6_check_expired(rt) && 2172 rt->dst.obsolete == DST_OBSOLETE_FORCE_CHK && 2173 fib6_check(from, cookie)) 2174 return &rt->dst; 2175 else 2176 return NULL; 2177 } 2178 2179 static struct dst_entry *ip6_dst_check(struct dst_entry *dst, u32 cookie) 2180 { 2181 struct dst_entry *dst_ret; 2182 struct fib6_info *from; 2183 struct rt6_info *rt; 2184 2185 rt = container_of(dst, struct rt6_info, dst); 2186 2187 rcu_read_lock(); 2188 2189 /* All IPV6 dsts are created with ->obsolete set to the value 2190 * DST_OBSOLETE_FORCE_CHK which forces validation calls down 2191 * into this function always. 2192 */ 2193 2194 from = rcu_dereference(rt->from); 2195 2196 if (from && (rt->rt6i_flags & RTF_PCPU || 2197 unlikely(!list_empty(&rt->rt6i_uncached)))) 2198 dst_ret = rt6_dst_from_check(rt, from, cookie); 2199 else 2200 dst_ret = rt6_check(rt, from, cookie); 2201 2202 rcu_read_unlock(); 2203 2204 return dst_ret; 2205 } 2206 2207 static struct dst_entry *ip6_negative_advice(struct dst_entry *dst) 2208 { 2209 struct rt6_info *rt = (struct rt6_info *) dst; 2210 2211 if (rt) { 2212 if (rt->rt6i_flags & RTF_CACHE) { 2213 rcu_read_lock(); 2214 if (rt6_check_expired(rt)) { 2215 rt6_remove_exception_rt(rt); 2216 dst = NULL; 2217 } 2218 rcu_read_unlock(); 2219 } else { 2220 dst_release(dst); 2221 dst = NULL; 2222 } 2223 } 2224 return dst; 2225 } 2226 2227 static void ip6_link_failure(struct sk_buff *skb) 2228 { 2229 struct rt6_info *rt; 2230 2231 icmpv6_send(skb, ICMPV6_DEST_UNREACH, ICMPV6_ADDR_UNREACH, 0); 2232 2233 rt = (struct rt6_info *) skb_dst(skb); 2234 if (rt) { 2235 rcu_read_lock(); 2236 if (rt->rt6i_flags & RTF_CACHE) { 2237 rt6_remove_exception_rt(rt); 2238 } else { 2239 struct fib6_info *from; 2240 struct fib6_node *fn; 2241 2242 from = rcu_dereference(rt->from); 2243 if (from) { 2244 fn = rcu_dereference(from->fib6_node); 2245 if (fn && (rt->rt6i_flags & RTF_DEFAULT)) 2246 fn->fn_sernum = -1; 2247 } 2248 } 2249 rcu_read_unlock(); 2250 } 2251 } 2252 2253 static void rt6_update_expires(struct rt6_info *rt0, int timeout) 2254 { 2255 if (!(rt0->rt6i_flags & RTF_EXPIRES)) { 2256 struct fib6_info *from; 2257 2258 rcu_read_lock(); 2259 from = rcu_dereference(rt0->from); 2260 if (from) 2261 rt0->dst.expires = from->expires; 2262 rcu_read_unlock(); 2263 } 2264 2265 dst_set_expires(&rt0->dst, timeout); 2266 rt0->rt6i_flags |= RTF_EXPIRES; 2267 } 2268 2269 static void rt6_do_update_pmtu(struct rt6_info *rt, u32 mtu) 2270 { 2271 struct net *net = dev_net(rt->dst.dev); 2272 2273 dst_metric_set(&rt->dst, RTAX_MTU, mtu); 2274 rt->rt6i_flags |= RTF_MODIFIED; 2275 rt6_update_expires(rt, net->ipv6.sysctl.ip6_rt_mtu_expires); 2276 } 2277 2278 static bool rt6_cache_allowed_for_pmtu(const struct rt6_info *rt) 2279 { 2280 return !(rt->rt6i_flags & RTF_CACHE) && 2281 (rt->rt6i_flags & RTF_PCPU || rcu_access_pointer(rt->from)); 2282 } 2283 2284 static void __ip6_rt_update_pmtu(struct dst_entry *dst, const struct sock *sk, 2285 const struct ipv6hdr *iph, u32 mtu) 2286 { 2287 const struct in6_addr *daddr, *saddr; 2288 struct rt6_info *rt6 = (struct rt6_info *)dst; 2289 2290 if (dst_metric_locked(dst, RTAX_MTU)) 2291 return; 2292 2293 if (iph) { 2294 daddr = &iph->daddr; 2295 saddr = &iph->saddr; 2296 } else if (sk) { 2297 daddr = &sk->sk_v6_daddr; 2298 saddr = &inet6_sk(sk)->saddr; 2299 } else { 2300 daddr = NULL; 2301 saddr = NULL; 2302 } 2303 dst_confirm_neigh(dst, daddr); 2304 mtu = max_t(u32, mtu, IPV6_MIN_MTU); 2305 if (mtu >= dst_mtu(dst)) 2306 return; 2307 2308 if (!rt6_cache_allowed_for_pmtu(rt6)) { 2309 rt6_do_update_pmtu(rt6, mtu); 2310 /* update rt6_ex->stamp for cache */ 2311 if (rt6->rt6i_flags & RTF_CACHE) 2312 rt6_update_exception_stamp_rt(rt6); 2313 } else if (daddr) { 2314 struct fib6_info *from; 2315 struct rt6_info *nrt6; 2316 2317 rcu_read_lock(); 2318 from = rcu_dereference(rt6->from); 2319 nrt6 = ip6_rt_cache_alloc(from, daddr, saddr); 2320 if (nrt6) { 2321 rt6_do_update_pmtu(nrt6, mtu); 2322 if (rt6_insert_exception(nrt6, from)) 2323 dst_release_immediate(&nrt6->dst); 2324 } 2325 rcu_read_unlock(); 2326 } 2327 } 2328 2329 static void ip6_rt_update_pmtu(struct dst_entry *dst, struct sock *sk, 2330 struct sk_buff *skb, u32 mtu) 2331 { 2332 __ip6_rt_update_pmtu(dst, sk, skb ? ipv6_hdr(skb) : NULL, mtu); 2333 } 2334 2335 void ip6_update_pmtu(struct sk_buff *skb, struct net *net, __be32 mtu, 2336 int oif, u32 mark, kuid_t uid) 2337 { 2338 const struct ipv6hdr *iph = (struct ipv6hdr *) skb->data; 2339 struct dst_entry *dst; 2340 struct flowi6 fl6 = { 2341 .flowi6_oif = oif, 2342 .flowi6_mark = mark ? mark : IP6_REPLY_MARK(net, skb->mark), 2343 .daddr = iph->daddr, 2344 .saddr = iph->saddr, 2345 .flowlabel = ip6_flowinfo(iph), 2346 .flowi6_uid = uid, 2347 }; 2348 2349 dst = ip6_route_output(net, NULL, &fl6); 2350 if (!dst->error) 2351 __ip6_rt_update_pmtu(dst, NULL, iph, ntohl(mtu)); 2352 dst_release(dst); 2353 } 2354 EXPORT_SYMBOL_GPL(ip6_update_pmtu); 2355 2356 void ip6_sk_update_pmtu(struct sk_buff *skb, struct sock *sk, __be32 mtu) 2357 { 2358 int oif = sk->sk_bound_dev_if; 2359 struct dst_entry *dst; 2360 2361 if (!oif && skb->dev) 2362 oif = l3mdev_master_ifindex(skb->dev); 2363 2364 ip6_update_pmtu(skb, sock_net(sk), mtu, oif, sk->sk_mark, sk->sk_uid); 2365 2366 dst = __sk_dst_get(sk); 2367 if (!dst || !dst->obsolete || 2368 dst->ops->check(dst, inet6_sk(sk)->dst_cookie)) 2369 return; 2370 2371 bh_lock_sock(sk); 2372 if (!sock_owned_by_user(sk) && !ipv6_addr_v4mapped(&sk->sk_v6_daddr)) 2373 ip6_datagram_dst_update(sk, false); 2374 bh_unlock_sock(sk); 2375 } 2376 EXPORT_SYMBOL_GPL(ip6_sk_update_pmtu); 2377 2378 void ip6_sk_dst_store_flow(struct sock *sk, struct dst_entry *dst, 2379 const struct flowi6 *fl6) 2380 { 2381 #ifdef CONFIG_IPV6_SUBTREES 2382 struct ipv6_pinfo *np = inet6_sk(sk); 2383 #endif 2384 2385 ip6_dst_store(sk, dst, 2386 ipv6_addr_equal(&fl6->daddr, &sk->sk_v6_daddr) ? 2387 &sk->sk_v6_daddr : NULL, 2388 #ifdef CONFIG_IPV6_SUBTREES 2389 ipv6_addr_equal(&fl6->saddr, &np->saddr) ? 2390 &np->saddr : 2391 #endif 2392 NULL); 2393 } 2394 2395 /* Handle redirects */ 2396 struct ip6rd_flowi { 2397 struct flowi6 fl6; 2398 struct in6_addr gateway; 2399 }; 2400 2401 static struct rt6_info *__ip6_route_redirect(struct net *net, 2402 struct fib6_table *table, 2403 struct flowi6 *fl6, 2404 const struct sk_buff *skb, 2405 int flags) 2406 { 2407 struct ip6rd_flowi *rdfl = (struct ip6rd_flowi *)fl6; 2408 struct rt6_info *ret = NULL, *rt_cache; 2409 struct fib6_info *rt; 2410 struct fib6_node *fn; 2411 2412 /* Get the "current" route for this destination and 2413 * check if the redirect has come from appropriate router. 2414 * 2415 * RFC 4861 specifies that redirects should only be 2416 * accepted if they come from the nexthop to the target. 2417 * Due to the way the routes are chosen, this notion 2418 * is a bit fuzzy and one might need to check all possible 2419 * routes. 2420 */ 2421 2422 rcu_read_lock(); 2423 fn = fib6_node_lookup(&table->tb6_root, &fl6->daddr, &fl6->saddr); 2424 restart: 2425 for_each_fib6_node_rt_rcu(fn) { 2426 if (rt->fib6_nh.nh_flags & RTNH_F_DEAD) 2427 continue; 2428 if (fib6_check_expired(rt)) 2429 continue; 2430 if (rt->fib6_flags & RTF_REJECT) 2431 break; 2432 if (!(rt->fib6_flags & RTF_GATEWAY)) 2433 continue; 2434 if (fl6->flowi6_oif != rt->fib6_nh.nh_dev->ifindex) 2435 continue; 2436 /* rt_cache's gateway might be different from its 'parent' 2437 * in the case of an ip redirect. 2438 * So we keep searching in the exception table if the gateway 2439 * is different. 2440 */ 2441 if (!ipv6_addr_equal(&rdfl->gateway, &rt->fib6_nh.nh_gw)) { 2442 rt_cache = rt6_find_cached_rt(rt, 2443 &fl6->daddr, 2444 &fl6->saddr); 2445 if (rt_cache && 2446 ipv6_addr_equal(&rdfl->gateway, 2447 &rt_cache->rt6i_gateway)) { 2448 ret = rt_cache; 2449 break; 2450 } 2451 continue; 2452 } 2453 break; 2454 } 2455 2456 if (!rt) 2457 rt = net->ipv6.fib6_null_entry; 2458 else if (rt->fib6_flags & RTF_REJECT) { 2459 ret = net->ipv6.ip6_null_entry; 2460 goto out; 2461 } 2462 2463 if (rt == net->ipv6.fib6_null_entry) { 2464 fn = fib6_backtrack(fn, &fl6->saddr); 2465 if (fn) 2466 goto restart; 2467 } 2468 2469 out: 2470 if (ret) 2471 ip6_hold_safe(net, &ret, true); 2472 else 2473 ret = ip6_create_rt_rcu(rt); 2474 2475 rcu_read_unlock(); 2476 2477 trace_fib6_table_lookup(net, rt, table, fl6); 2478 return ret; 2479 }; 2480 2481 static struct dst_entry *ip6_route_redirect(struct net *net, 2482 const struct flowi6 *fl6, 2483 const struct sk_buff *skb, 2484 const struct in6_addr *gateway) 2485 { 2486 int flags = RT6_LOOKUP_F_HAS_SADDR; 2487 struct ip6rd_flowi rdfl; 2488 2489 rdfl.fl6 = *fl6; 2490 rdfl.gateway = *gateway; 2491 2492 return fib6_rule_lookup(net, &rdfl.fl6, skb, 2493 flags, __ip6_route_redirect); 2494 } 2495 2496 void ip6_redirect(struct sk_buff *skb, struct net *net, int oif, u32 mark, 2497 kuid_t uid) 2498 { 2499 const struct ipv6hdr *iph = (struct ipv6hdr *) skb->data; 2500 struct dst_entry *dst; 2501 struct flowi6 fl6 = { 2502 .flowi6_iif = LOOPBACK_IFINDEX, 2503 .flowi6_oif = oif, 2504 .flowi6_mark = mark, 2505 .daddr = iph->daddr, 2506 .saddr = iph->saddr, 2507 .flowlabel = ip6_flowinfo(iph), 2508 .flowi6_uid = uid, 2509 }; 2510 2511 dst = ip6_route_redirect(net, &fl6, skb, &ipv6_hdr(skb)->saddr); 2512 rt6_do_redirect(dst, NULL, skb); 2513 dst_release(dst); 2514 } 2515 EXPORT_SYMBOL_GPL(ip6_redirect); 2516 2517 void ip6_redirect_no_header(struct sk_buff *skb, struct net *net, int oif) 2518 { 2519 const struct ipv6hdr *iph = ipv6_hdr(skb); 2520 const struct rd_msg *msg = (struct rd_msg *)icmp6_hdr(skb); 2521 struct dst_entry *dst; 2522 struct flowi6 fl6 = { 2523 .flowi6_iif = LOOPBACK_IFINDEX, 2524 .flowi6_oif = oif, 2525 .daddr = msg->dest, 2526 .saddr = iph->daddr, 2527 .flowi6_uid = sock_net_uid(net, NULL), 2528 }; 2529 2530 dst = ip6_route_redirect(net, &fl6, skb, &iph->saddr); 2531 rt6_do_redirect(dst, NULL, skb); 2532 dst_release(dst); 2533 } 2534 2535 void ip6_sk_redirect(struct sk_buff *skb, struct sock *sk) 2536 { 2537 ip6_redirect(skb, sock_net(sk), sk->sk_bound_dev_if, sk->sk_mark, 2538 sk->sk_uid); 2539 } 2540 EXPORT_SYMBOL_GPL(ip6_sk_redirect); 2541 2542 static unsigned int ip6_default_advmss(const struct dst_entry *dst) 2543 { 2544 struct net_device *dev = dst->dev; 2545 unsigned int mtu = dst_mtu(dst); 2546 struct net *net = dev_net(dev); 2547 2548 mtu -= sizeof(struct ipv6hdr) + sizeof(struct tcphdr); 2549 2550 if (mtu < net->ipv6.sysctl.ip6_rt_min_advmss) 2551 mtu = net->ipv6.sysctl.ip6_rt_min_advmss; 2552 2553 /* 2554 * Maximal non-jumbo IPv6 payload is IPV6_MAXPLEN and 2555 * corresponding MSS is IPV6_MAXPLEN - tcp_header_size. 2556 * IPV6_MAXPLEN is also valid and means: "any MSS, 2557 * rely only on pmtu discovery" 2558 */ 2559 if (mtu > IPV6_MAXPLEN - sizeof(struct tcphdr)) 2560 mtu = IPV6_MAXPLEN; 2561 return mtu; 2562 } 2563 2564 static unsigned int ip6_mtu(const struct dst_entry *dst) 2565 { 2566 struct inet6_dev *idev; 2567 unsigned int mtu; 2568 2569 mtu = dst_metric_raw(dst, RTAX_MTU); 2570 if (mtu) 2571 goto out; 2572 2573 mtu = IPV6_MIN_MTU; 2574 2575 rcu_read_lock(); 2576 idev = __in6_dev_get(dst->dev); 2577 if (idev) 2578 mtu = idev->cnf.mtu6; 2579 rcu_read_unlock(); 2580 2581 out: 2582 mtu = min_t(unsigned int, mtu, IP6_MAX_MTU); 2583 2584 return mtu - lwtunnel_headroom(dst->lwtstate, mtu); 2585 } 2586 2587 /* MTU selection: 2588 * 1. mtu on route is locked - use it 2589 * 2. mtu from nexthop exception 2590 * 3. mtu from egress device 2591 * 2592 * based on ip6_dst_mtu_forward and exception logic of 2593 * rt6_find_cached_rt; called with rcu_read_lock 2594 */ 2595 u32 ip6_mtu_from_fib6(struct fib6_info *f6i, struct in6_addr *daddr, 2596 struct in6_addr *saddr) 2597 { 2598 struct rt6_exception_bucket *bucket; 2599 struct rt6_exception *rt6_ex; 2600 struct in6_addr *src_key; 2601 struct inet6_dev *idev; 2602 u32 mtu = 0; 2603 2604 if (unlikely(fib6_metric_locked(f6i, RTAX_MTU))) { 2605 mtu = f6i->fib6_pmtu; 2606 if (mtu) 2607 goto out; 2608 } 2609 2610 src_key = NULL; 2611 #ifdef CONFIG_IPV6_SUBTREES 2612 if (f6i->fib6_src.plen) 2613 src_key = saddr; 2614 #endif 2615 2616 bucket = rcu_dereference(f6i->rt6i_exception_bucket); 2617 rt6_ex = __rt6_find_exception_rcu(&bucket, daddr, src_key); 2618 if (rt6_ex && !rt6_check_expired(rt6_ex->rt6i)) 2619 mtu = dst_metric_raw(&rt6_ex->rt6i->dst, RTAX_MTU); 2620 2621 if (likely(!mtu)) { 2622 struct net_device *dev = fib6_info_nh_dev(f6i); 2623 2624 mtu = IPV6_MIN_MTU; 2625 idev = __in6_dev_get(dev); 2626 if (idev && idev->cnf.mtu6 > mtu) 2627 mtu = idev->cnf.mtu6; 2628 } 2629 2630 mtu = min_t(unsigned int, mtu, IP6_MAX_MTU); 2631 out: 2632 return mtu - lwtunnel_headroom(fib6_info_nh_lwt(f6i), mtu); 2633 } 2634 2635 struct dst_entry *icmp6_dst_alloc(struct net_device *dev, 2636 struct flowi6 *fl6) 2637 { 2638 struct dst_entry *dst; 2639 struct rt6_info *rt; 2640 struct inet6_dev *idev = in6_dev_get(dev); 2641 struct net *net = dev_net(dev); 2642 2643 if (unlikely(!idev)) 2644 return ERR_PTR(-ENODEV); 2645 2646 rt = ip6_dst_alloc(net, dev, 0); 2647 if (unlikely(!rt)) { 2648 in6_dev_put(idev); 2649 dst = ERR_PTR(-ENOMEM); 2650 goto out; 2651 } 2652 2653 rt->dst.flags |= DST_HOST; 2654 rt->dst.input = ip6_input; 2655 rt->dst.output = ip6_output; 2656 rt->rt6i_gateway = fl6->daddr; 2657 rt->rt6i_dst.addr = fl6->daddr; 2658 rt->rt6i_dst.plen = 128; 2659 rt->rt6i_idev = idev; 2660 dst_metric_set(&rt->dst, RTAX_HOPLIMIT, 0); 2661 2662 /* Add this dst into uncached_list so that rt6_disable_ip() can 2663 * do proper release of the net_device 2664 */ 2665 rt6_uncached_list_add(rt); 2666 atomic_inc(&net->ipv6.rt6_stats->fib_rt_uncache); 2667 2668 dst = xfrm_lookup(net, &rt->dst, flowi6_to_flowi(fl6), NULL, 0); 2669 2670 out: 2671 return dst; 2672 } 2673 2674 static int ip6_dst_gc(struct dst_ops *ops) 2675 { 2676 struct net *net = container_of(ops, struct net, ipv6.ip6_dst_ops); 2677 int rt_min_interval = net->ipv6.sysctl.ip6_rt_gc_min_interval; 2678 int rt_max_size = net->ipv6.sysctl.ip6_rt_max_size; 2679 int rt_elasticity = net->ipv6.sysctl.ip6_rt_gc_elasticity; 2680 int rt_gc_timeout = net->ipv6.sysctl.ip6_rt_gc_timeout; 2681 unsigned long rt_last_gc = net->ipv6.ip6_rt_last_gc; 2682 int entries; 2683 2684 entries = dst_entries_get_fast(ops); 2685 if (time_after(rt_last_gc + rt_min_interval, jiffies) && 2686 entries <= rt_max_size) 2687 goto out; 2688 2689 net->ipv6.ip6_rt_gc_expire++; 2690 fib6_run_gc(net->ipv6.ip6_rt_gc_expire, net, true); 2691 entries = dst_entries_get_slow(ops); 2692 if (entries < ops->gc_thresh) 2693 net->ipv6.ip6_rt_gc_expire = rt_gc_timeout>>1; 2694 out: 2695 net->ipv6.ip6_rt_gc_expire -= net->ipv6.ip6_rt_gc_expire>>rt_elasticity; 2696 return entries > rt_max_size; 2697 } 2698 2699 static struct rt6_info *ip6_nh_lookup_table(struct net *net, 2700 struct fib6_config *cfg, 2701 const struct in6_addr *gw_addr, 2702 u32 tbid, int flags) 2703 { 2704 struct flowi6 fl6 = { 2705 .flowi6_oif = cfg->fc_ifindex, 2706 .daddr = *gw_addr, 2707 .saddr = cfg->fc_prefsrc, 2708 }; 2709 struct fib6_table *table; 2710 struct rt6_info *rt; 2711 2712 table = fib6_get_table(net, tbid); 2713 if (!table) 2714 return NULL; 2715 2716 if (!ipv6_addr_any(&cfg->fc_prefsrc)) 2717 flags |= RT6_LOOKUP_F_HAS_SADDR; 2718 2719 flags |= RT6_LOOKUP_F_IGNORE_LINKSTATE; 2720 rt = ip6_pol_route(net, table, cfg->fc_ifindex, &fl6, NULL, flags); 2721 2722 /* if table lookup failed, fall back to full lookup */ 2723 if (rt == net->ipv6.ip6_null_entry) { 2724 ip6_rt_put(rt); 2725 rt = NULL; 2726 } 2727 2728 return rt; 2729 } 2730 2731 static int ip6_route_check_nh_onlink(struct net *net, 2732 struct fib6_config *cfg, 2733 const struct net_device *dev, 2734 struct netlink_ext_ack *extack) 2735 { 2736 u32 tbid = l3mdev_fib_table(dev) ? : RT_TABLE_MAIN; 2737 const struct in6_addr *gw_addr = &cfg->fc_gateway; 2738 u32 flags = RTF_LOCAL | RTF_ANYCAST | RTF_REJECT; 2739 struct rt6_info *grt; 2740 int err; 2741 2742 err = 0; 2743 grt = ip6_nh_lookup_table(net, cfg, gw_addr, tbid, 0); 2744 if (grt) { 2745 if (!grt->dst.error && 2746 /* ignore match if it is the default route */ 2747 grt->from && !ipv6_addr_any(&grt->from->fib6_dst.addr) && 2748 (grt->rt6i_flags & flags || dev != grt->dst.dev)) { 2749 NL_SET_ERR_MSG(extack, 2750 "Nexthop has invalid gateway or device mismatch"); 2751 err = -EINVAL; 2752 } 2753 2754 ip6_rt_put(grt); 2755 } 2756 2757 return err; 2758 } 2759 2760 static int ip6_route_check_nh(struct net *net, 2761 struct fib6_config *cfg, 2762 struct net_device **_dev, 2763 struct inet6_dev **idev) 2764 { 2765 const struct in6_addr *gw_addr = &cfg->fc_gateway; 2766 struct net_device *dev = _dev ? *_dev : NULL; 2767 struct rt6_info *grt = NULL; 2768 int err = -EHOSTUNREACH; 2769 2770 if (cfg->fc_table) { 2771 int flags = RT6_LOOKUP_F_IFACE; 2772 2773 grt = ip6_nh_lookup_table(net, cfg, gw_addr, 2774 cfg->fc_table, flags); 2775 if (grt) { 2776 if (grt->rt6i_flags & RTF_GATEWAY || 2777 (dev && dev != grt->dst.dev)) { 2778 ip6_rt_put(grt); 2779 grt = NULL; 2780 } 2781 } 2782 } 2783 2784 if (!grt) 2785 grt = rt6_lookup(net, gw_addr, NULL, cfg->fc_ifindex, NULL, 1); 2786 2787 if (!grt) 2788 goto out; 2789 2790 if (dev) { 2791 if (dev != grt->dst.dev) { 2792 ip6_rt_put(grt); 2793 goto out; 2794 } 2795 } else { 2796 *_dev = dev = grt->dst.dev; 2797 *idev = grt->rt6i_idev; 2798 dev_hold(dev); 2799 in6_dev_hold(grt->rt6i_idev); 2800 } 2801 2802 if (!(grt->rt6i_flags & RTF_GATEWAY)) 2803 err = 0; 2804 2805 ip6_rt_put(grt); 2806 2807 out: 2808 return err; 2809 } 2810 2811 static int ip6_validate_gw(struct net *net, struct fib6_config *cfg, 2812 struct net_device **_dev, struct inet6_dev **idev, 2813 struct netlink_ext_ack *extack) 2814 { 2815 const struct in6_addr *gw_addr = &cfg->fc_gateway; 2816 int gwa_type = ipv6_addr_type(gw_addr); 2817 bool skip_dev = gwa_type & IPV6_ADDR_LINKLOCAL ? false : true; 2818 const struct net_device *dev = *_dev; 2819 bool need_addr_check = !dev; 2820 int err = -EINVAL; 2821 2822 /* if gw_addr is local we will fail to detect this in case 2823 * address is still TENTATIVE (DAD in progress). rt6_lookup() 2824 * will return already-added prefix route via interface that 2825 * prefix route was assigned to, which might be non-loopback. 2826 */ 2827 if (dev && 2828 ipv6_chk_addr_and_flags(net, gw_addr, dev, skip_dev, 0, 0)) { 2829 NL_SET_ERR_MSG(extack, "Gateway can not be a local address"); 2830 goto out; 2831 } 2832 2833 if (gwa_type != (IPV6_ADDR_LINKLOCAL | IPV6_ADDR_UNICAST)) { 2834 /* IPv6 strictly inhibits using not link-local 2835 * addresses as nexthop address. 2836 * Otherwise, router will not able to send redirects. 2837 * It is very good, but in some (rare!) circumstances 2838 * (SIT, PtP, NBMA NOARP links) it is handy to allow 2839 * some exceptions. --ANK 2840 * We allow IPv4-mapped nexthops to support RFC4798-type 2841 * addressing 2842 */ 2843 if (!(gwa_type & (IPV6_ADDR_UNICAST | IPV6_ADDR_MAPPED))) { 2844 NL_SET_ERR_MSG(extack, "Invalid gateway address"); 2845 goto out; 2846 } 2847 2848 if (cfg->fc_flags & RTNH_F_ONLINK) 2849 err = ip6_route_check_nh_onlink(net, cfg, dev, extack); 2850 else 2851 err = ip6_route_check_nh(net, cfg, _dev, idev); 2852 2853 if (err) 2854 goto out; 2855 } 2856 2857 /* reload in case device was changed */ 2858 dev = *_dev; 2859 2860 err = -EINVAL; 2861 if (!dev) { 2862 NL_SET_ERR_MSG(extack, "Egress device not specified"); 2863 goto out; 2864 } else if (dev->flags & IFF_LOOPBACK) { 2865 NL_SET_ERR_MSG(extack, 2866 "Egress device can not be loopback device for this route"); 2867 goto out; 2868 } 2869 2870 /* if we did not check gw_addr above, do so now that the 2871 * egress device has been resolved. 2872 */ 2873 if (need_addr_check && 2874 ipv6_chk_addr_and_flags(net, gw_addr, dev, skip_dev, 0, 0)) { 2875 NL_SET_ERR_MSG(extack, "Gateway can not be a local address"); 2876 goto out; 2877 } 2878 2879 err = 0; 2880 out: 2881 return err; 2882 } 2883 2884 static struct fib6_info *ip6_route_info_create(struct fib6_config *cfg, 2885 gfp_t gfp_flags, 2886 struct netlink_ext_ack *extack) 2887 { 2888 struct net *net = cfg->fc_nlinfo.nl_net; 2889 struct fib6_info *rt = NULL; 2890 struct net_device *dev = NULL; 2891 struct inet6_dev *idev = NULL; 2892 struct fib6_table *table; 2893 int addr_type; 2894 int err = -EINVAL; 2895 2896 /* RTF_PCPU is an internal flag; can not be set by userspace */ 2897 if (cfg->fc_flags & RTF_PCPU) { 2898 NL_SET_ERR_MSG(extack, "Userspace can not set RTF_PCPU"); 2899 goto out; 2900 } 2901 2902 /* RTF_CACHE is an internal flag; can not be set by userspace */ 2903 if (cfg->fc_flags & RTF_CACHE) { 2904 NL_SET_ERR_MSG(extack, "Userspace can not set RTF_CACHE"); 2905 goto out; 2906 } 2907 2908 if (cfg->fc_type > RTN_MAX) { 2909 NL_SET_ERR_MSG(extack, "Invalid route type"); 2910 goto out; 2911 } 2912 2913 if (cfg->fc_dst_len > 128) { 2914 NL_SET_ERR_MSG(extack, "Invalid prefix length"); 2915 goto out; 2916 } 2917 if (cfg->fc_src_len > 128) { 2918 NL_SET_ERR_MSG(extack, "Invalid source address length"); 2919 goto out; 2920 } 2921 #ifndef CONFIG_IPV6_SUBTREES 2922 if (cfg->fc_src_len) { 2923 NL_SET_ERR_MSG(extack, 2924 "Specifying source address requires IPV6_SUBTREES to be enabled"); 2925 goto out; 2926 } 2927 #endif 2928 if (cfg->fc_ifindex) { 2929 err = -ENODEV; 2930 dev = dev_get_by_index(net, cfg->fc_ifindex); 2931 if (!dev) 2932 goto out; 2933 idev = in6_dev_get(dev); 2934 if (!idev) 2935 goto out; 2936 } 2937 2938 if (cfg->fc_metric == 0) 2939 cfg->fc_metric = IP6_RT_PRIO_USER; 2940 2941 if (cfg->fc_flags & RTNH_F_ONLINK) { 2942 if (!dev) { 2943 NL_SET_ERR_MSG(extack, 2944 "Nexthop device required for onlink"); 2945 err = -ENODEV; 2946 goto out; 2947 } 2948 2949 if (!(dev->flags & IFF_UP)) { 2950 NL_SET_ERR_MSG(extack, "Nexthop device is not up"); 2951 err = -ENETDOWN; 2952 goto out; 2953 } 2954 } 2955 2956 err = -ENOBUFS; 2957 if (cfg->fc_nlinfo.nlh && 2958 !(cfg->fc_nlinfo.nlh->nlmsg_flags & NLM_F_CREATE)) { 2959 table = fib6_get_table(net, cfg->fc_table); 2960 if (!table) { 2961 pr_warn("NLM_F_CREATE should be specified when creating new route\n"); 2962 table = fib6_new_table(net, cfg->fc_table); 2963 } 2964 } else { 2965 table = fib6_new_table(net, cfg->fc_table); 2966 } 2967 2968 if (!table) 2969 goto out; 2970 2971 err = -ENOMEM; 2972 rt = fib6_info_alloc(gfp_flags); 2973 if (!rt) 2974 goto out; 2975 2976 rt->fib6_metrics = ip_fib_metrics_init(net, cfg->fc_mx, cfg->fc_mx_len, 2977 extack); 2978 if (IS_ERR(rt->fib6_metrics)) { 2979 err = PTR_ERR(rt->fib6_metrics); 2980 /* Do not leave garbage there. */ 2981 rt->fib6_metrics = (struct dst_metrics *)&dst_default_metrics; 2982 goto out; 2983 } 2984 2985 if (cfg->fc_flags & RTF_ADDRCONF) 2986 rt->dst_nocount = true; 2987 2988 if (cfg->fc_flags & RTF_EXPIRES) 2989 fib6_set_expires(rt, jiffies + 2990 clock_t_to_jiffies(cfg->fc_expires)); 2991 else 2992 fib6_clean_expires(rt); 2993 2994 if (cfg->fc_protocol == RTPROT_UNSPEC) 2995 cfg->fc_protocol = RTPROT_BOOT; 2996 rt->fib6_protocol = cfg->fc_protocol; 2997 2998 addr_type = ipv6_addr_type(&cfg->fc_dst); 2999 3000 if (cfg->fc_encap) { 3001 struct lwtunnel_state *lwtstate; 3002 3003 err = lwtunnel_build_state(cfg->fc_encap_type, 3004 cfg->fc_encap, AF_INET6, cfg, 3005 &lwtstate, extack); 3006 if (err) 3007 goto out; 3008 rt->fib6_nh.nh_lwtstate = lwtstate_get(lwtstate); 3009 } 3010 3011 ipv6_addr_prefix(&rt->fib6_dst.addr, &cfg->fc_dst, cfg->fc_dst_len); 3012 rt->fib6_dst.plen = cfg->fc_dst_len; 3013 if (rt->fib6_dst.plen == 128) 3014 rt->dst_host = true; 3015 3016 #ifdef CONFIG_IPV6_SUBTREES 3017 ipv6_addr_prefix(&rt->fib6_src.addr, &cfg->fc_src, cfg->fc_src_len); 3018 rt->fib6_src.plen = cfg->fc_src_len; 3019 #endif 3020 3021 rt->fib6_metric = cfg->fc_metric; 3022 rt->fib6_nh.nh_weight = 1; 3023 3024 rt->fib6_type = cfg->fc_type; 3025 3026 /* We cannot add true routes via loopback here, 3027 they would result in kernel looping; promote them to reject routes 3028 */ 3029 if ((cfg->fc_flags & RTF_REJECT) || 3030 (dev && (dev->flags & IFF_LOOPBACK) && 3031 !(addr_type & IPV6_ADDR_LOOPBACK) && 3032 !(cfg->fc_flags & RTF_LOCAL))) { 3033 /* hold loopback dev/idev if we haven't done so. */ 3034 if (dev != net->loopback_dev) { 3035 if (dev) { 3036 dev_put(dev); 3037 in6_dev_put(idev); 3038 } 3039 dev = net->loopback_dev; 3040 dev_hold(dev); 3041 idev = in6_dev_get(dev); 3042 if (!idev) { 3043 err = -ENODEV; 3044 goto out; 3045 } 3046 } 3047 rt->fib6_flags = RTF_REJECT|RTF_NONEXTHOP; 3048 goto install_route; 3049 } 3050 3051 if (cfg->fc_flags & RTF_GATEWAY) { 3052 err = ip6_validate_gw(net, cfg, &dev, &idev, extack); 3053 if (err) 3054 goto out; 3055 3056 rt->fib6_nh.nh_gw = cfg->fc_gateway; 3057 } 3058 3059 err = -ENODEV; 3060 if (!dev) 3061 goto out; 3062 3063 if (idev->cnf.disable_ipv6) { 3064 NL_SET_ERR_MSG(extack, "IPv6 is disabled on nexthop device"); 3065 err = -EACCES; 3066 goto out; 3067 } 3068 3069 if (!(dev->flags & IFF_UP)) { 3070 NL_SET_ERR_MSG(extack, "Nexthop device is not up"); 3071 err = -ENETDOWN; 3072 goto out; 3073 } 3074 3075 if (!ipv6_addr_any(&cfg->fc_prefsrc)) { 3076 if (!ipv6_chk_addr(net, &cfg->fc_prefsrc, dev, 0)) { 3077 NL_SET_ERR_MSG(extack, "Invalid source address"); 3078 err = -EINVAL; 3079 goto out; 3080 } 3081 rt->fib6_prefsrc.addr = cfg->fc_prefsrc; 3082 rt->fib6_prefsrc.plen = 128; 3083 } else 3084 rt->fib6_prefsrc.plen = 0; 3085 3086 rt->fib6_flags = cfg->fc_flags; 3087 3088 install_route: 3089 if (!(rt->fib6_flags & (RTF_LOCAL | RTF_ANYCAST)) && 3090 !netif_carrier_ok(dev)) 3091 rt->fib6_nh.nh_flags |= RTNH_F_LINKDOWN; 3092 rt->fib6_nh.nh_flags |= (cfg->fc_flags & RTNH_F_ONLINK); 3093 rt->fib6_nh.nh_dev = dev; 3094 rt->fib6_table = table; 3095 3096 if (idev) 3097 in6_dev_put(idev); 3098 3099 return rt; 3100 out: 3101 if (dev) 3102 dev_put(dev); 3103 if (idev) 3104 in6_dev_put(idev); 3105 3106 fib6_info_release(rt); 3107 return ERR_PTR(err); 3108 } 3109 3110 int ip6_route_add(struct fib6_config *cfg, gfp_t gfp_flags, 3111 struct netlink_ext_ack *extack) 3112 { 3113 struct fib6_info *rt; 3114 int err; 3115 3116 rt = ip6_route_info_create(cfg, gfp_flags, extack); 3117 if (IS_ERR(rt)) 3118 return PTR_ERR(rt); 3119 3120 err = __ip6_ins_rt(rt, &cfg->fc_nlinfo, extack); 3121 fib6_info_release(rt); 3122 3123 return err; 3124 } 3125 3126 static int __ip6_del_rt(struct fib6_info *rt, struct nl_info *info) 3127 { 3128 struct net *net = info->nl_net; 3129 struct fib6_table *table; 3130 int err; 3131 3132 if (rt == net->ipv6.fib6_null_entry) { 3133 err = -ENOENT; 3134 goto out; 3135 } 3136 3137 table = rt->fib6_table; 3138 spin_lock_bh(&table->tb6_lock); 3139 err = fib6_del(rt, info); 3140 spin_unlock_bh(&table->tb6_lock); 3141 3142 out: 3143 fib6_info_release(rt); 3144 return err; 3145 } 3146 3147 int ip6_del_rt(struct net *net, struct fib6_info *rt) 3148 { 3149 struct nl_info info = { .nl_net = net }; 3150 3151 return __ip6_del_rt(rt, &info); 3152 } 3153 3154 static int __ip6_del_rt_siblings(struct fib6_info *rt, struct fib6_config *cfg) 3155 { 3156 struct nl_info *info = &cfg->fc_nlinfo; 3157 struct net *net = info->nl_net; 3158 struct sk_buff *skb = NULL; 3159 struct fib6_table *table; 3160 int err = -ENOENT; 3161 3162 if (rt == net->ipv6.fib6_null_entry) 3163 goto out_put; 3164 table = rt->fib6_table; 3165 spin_lock_bh(&table->tb6_lock); 3166 3167 if (rt->fib6_nsiblings && cfg->fc_delete_all_nh) { 3168 struct fib6_info *sibling, *next_sibling; 3169 3170 /* prefer to send a single notification with all hops */ 3171 skb = nlmsg_new(rt6_nlmsg_size(rt), gfp_any()); 3172 if (skb) { 3173 u32 seq = info->nlh ? info->nlh->nlmsg_seq : 0; 3174 3175 if (rt6_fill_node(net, skb, rt, NULL, 3176 NULL, NULL, 0, RTM_DELROUTE, 3177 info->portid, seq, 0) < 0) { 3178 kfree_skb(skb); 3179 skb = NULL; 3180 } else 3181 info->skip_notify = 1; 3182 } 3183 3184 list_for_each_entry_safe(sibling, next_sibling, 3185 &rt->fib6_siblings, 3186 fib6_siblings) { 3187 err = fib6_del(sibling, info); 3188 if (err) 3189 goto out_unlock; 3190 } 3191 } 3192 3193 err = fib6_del(rt, info); 3194 out_unlock: 3195 spin_unlock_bh(&table->tb6_lock); 3196 out_put: 3197 fib6_info_release(rt); 3198 3199 if (skb) { 3200 rtnl_notify(skb, net, info->portid, RTNLGRP_IPV6_ROUTE, 3201 info->nlh, gfp_any()); 3202 } 3203 return err; 3204 } 3205 3206 static int ip6_del_cached_rt(struct rt6_info *rt, struct fib6_config *cfg) 3207 { 3208 int rc = -ESRCH; 3209 3210 if (cfg->fc_ifindex && rt->dst.dev->ifindex != cfg->fc_ifindex) 3211 goto out; 3212 3213 if (cfg->fc_flags & RTF_GATEWAY && 3214 !ipv6_addr_equal(&cfg->fc_gateway, &rt->rt6i_gateway)) 3215 goto out; 3216 3217 rc = rt6_remove_exception_rt(rt); 3218 out: 3219 return rc; 3220 } 3221 3222 static int ip6_route_del(struct fib6_config *cfg, 3223 struct netlink_ext_ack *extack) 3224 { 3225 struct rt6_info *rt_cache; 3226 struct fib6_table *table; 3227 struct fib6_info *rt; 3228 struct fib6_node *fn; 3229 int err = -ESRCH; 3230 3231 table = fib6_get_table(cfg->fc_nlinfo.nl_net, cfg->fc_table); 3232 if (!table) { 3233 NL_SET_ERR_MSG(extack, "FIB table does not exist"); 3234 return err; 3235 } 3236 3237 rcu_read_lock(); 3238 3239 fn = fib6_locate(&table->tb6_root, 3240 &cfg->fc_dst, cfg->fc_dst_len, 3241 &cfg->fc_src, cfg->fc_src_len, 3242 !(cfg->fc_flags & RTF_CACHE)); 3243 3244 if (fn) { 3245 for_each_fib6_node_rt_rcu(fn) { 3246 if (cfg->fc_flags & RTF_CACHE) { 3247 int rc; 3248 3249 rt_cache = rt6_find_cached_rt(rt, &cfg->fc_dst, 3250 &cfg->fc_src); 3251 if (rt_cache) { 3252 rc = ip6_del_cached_rt(rt_cache, cfg); 3253 if (rc != -ESRCH) { 3254 rcu_read_unlock(); 3255 return rc; 3256 } 3257 } 3258 continue; 3259 } 3260 if (cfg->fc_ifindex && 3261 (!rt->fib6_nh.nh_dev || 3262 rt->fib6_nh.nh_dev->ifindex != cfg->fc_ifindex)) 3263 continue; 3264 if (cfg->fc_flags & RTF_GATEWAY && 3265 !ipv6_addr_equal(&cfg->fc_gateway, &rt->fib6_nh.nh_gw)) 3266 continue; 3267 if (cfg->fc_metric && cfg->fc_metric != rt->fib6_metric) 3268 continue; 3269 if (cfg->fc_protocol && cfg->fc_protocol != rt->fib6_protocol) 3270 continue; 3271 if (!fib6_info_hold_safe(rt)) 3272 continue; 3273 rcu_read_unlock(); 3274 3275 /* if gateway was specified only delete the one hop */ 3276 if (cfg->fc_flags & RTF_GATEWAY) 3277 return __ip6_del_rt(rt, &cfg->fc_nlinfo); 3278 3279 return __ip6_del_rt_siblings(rt, cfg); 3280 } 3281 } 3282 rcu_read_unlock(); 3283 3284 return err; 3285 } 3286 3287 static void rt6_do_redirect(struct dst_entry *dst, struct sock *sk, struct sk_buff *skb) 3288 { 3289 struct netevent_redirect netevent; 3290 struct rt6_info *rt, *nrt = NULL; 3291 struct ndisc_options ndopts; 3292 struct inet6_dev *in6_dev; 3293 struct neighbour *neigh; 3294 struct fib6_info *from; 3295 struct rd_msg *msg; 3296 int optlen, on_link; 3297 u8 *lladdr; 3298 3299 optlen = skb_tail_pointer(skb) - skb_transport_header(skb); 3300 optlen -= sizeof(*msg); 3301 3302 if (optlen < 0) { 3303 net_dbg_ratelimited("rt6_do_redirect: packet too short\n"); 3304 return; 3305 } 3306 3307 msg = (struct rd_msg *)icmp6_hdr(skb); 3308 3309 if (ipv6_addr_is_multicast(&msg->dest)) { 3310 net_dbg_ratelimited("rt6_do_redirect: destination address is multicast\n"); 3311 return; 3312 } 3313 3314 on_link = 0; 3315 if (ipv6_addr_equal(&msg->dest, &msg->target)) { 3316 on_link = 1; 3317 } else if (ipv6_addr_type(&msg->target) != 3318 (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) { 3319 net_dbg_ratelimited("rt6_do_redirect: target address is not link-local unicast\n"); 3320 return; 3321 } 3322 3323 in6_dev = __in6_dev_get(skb->dev); 3324 if (!in6_dev) 3325 return; 3326 if (in6_dev->cnf.forwarding || !in6_dev->cnf.accept_redirects) 3327 return; 3328 3329 /* RFC2461 8.1: 3330 * The IP source address of the Redirect MUST be the same as the current 3331 * first-hop router for the specified ICMP Destination Address. 3332 */ 3333 3334 if (!ndisc_parse_options(skb->dev, msg->opt, optlen, &ndopts)) { 3335 net_dbg_ratelimited("rt6_redirect: invalid ND options\n"); 3336 return; 3337 } 3338 3339 lladdr = NULL; 3340 if (ndopts.nd_opts_tgt_lladdr) { 3341 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, 3342 skb->dev); 3343 if (!lladdr) { 3344 net_dbg_ratelimited("rt6_redirect: invalid link-layer address length\n"); 3345 return; 3346 } 3347 } 3348 3349 rt = (struct rt6_info *) dst; 3350 if (rt->rt6i_flags & RTF_REJECT) { 3351 net_dbg_ratelimited("rt6_redirect: source isn't a valid nexthop for redirect target\n"); 3352 return; 3353 } 3354 3355 /* Redirect received -> path was valid. 3356 * Look, redirects are sent only in response to data packets, 3357 * so that this nexthop apparently is reachable. --ANK 3358 */ 3359 dst_confirm_neigh(&rt->dst, &ipv6_hdr(skb)->saddr); 3360 3361 neigh = __neigh_lookup(&nd_tbl, &msg->target, skb->dev, 1); 3362 if (!neigh) 3363 return; 3364 3365 /* 3366 * We have finally decided to accept it. 3367 */ 3368 3369 ndisc_update(skb->dev, neigh, lladdr, NUD_STALE, 3370 NEIGH_UPDATE_F_WEAK_OVERRIDE| 3371 NEIGH_UPDATE_F_OVERRIDE| 3372 (on_link ? 0 : (NEIGH_UPDATE_F_OVERRIDE_ISROUTER| 3373 NEIGH_UPDATE_F_ISROUTER)), 3374 NDISC_REDIRECT, &ndopts); 3375 3376 rcu_read_lock(); 3377 from = rcu_dereference(rt->from); 3378 /* This fib6_info_hold() is safe here because we hold reference to rt 3379 * and rt already holds reference to fib6_info. 3380 */ 3381 fib6_info_hold(from); 3382 rcu_read_unlock(); 3383 3384 nrt = ip6_rt_cache_alloc(from, &msg->dest, NULL); 3385 if (!nrt) 3386 goto out; 3387 3388 nrt->rt6i_flags = RTF_GATEWAY|RTF_UP|RTF_DYNAMIC|RTF_CACHE; 3389 if (on_link) 3390 nrt->rt6i_flags &= ~RTF_GATEWAY; 3391 3392 nrt->rt6i_gateway = *(struct in6_addr *)neigh->primary_key; 3393 3394 /* No need to remove rt from the exception table if rt is 3395 * a cached route because rt6_insert_exception() will 3396 * takes care of it 3397 */ 3398 if (rt6_insert_exception(nrt, from)) { 3399 dst_release_immediate(&nrt->dst); 3400 goto out; 3401 } 3402 3403 netevent.old = &rt->dst; 3404 netevent.new = &nrt->dst; 3405 netevent.daddr = &msg->dest; 3406 netevent.neigh = neigh; 3407 call_netevent_notifiers(NETEVENT_REDIRECT, &netevent); 3408 3409 out: 3410 fib6_info_release(from); 3411 neigh_release(neigh); 3412 } 3413 3414 #ifdef CONFIG_IPV6_ROUTE_INFO 3415 static struct fib6_info *rt6_get_route_info(struct net *net, 3416 const struct in6_addr *prefix, int prefixlen, 3417 const struct in6_addr *gwaddr, 3418 struct net_device *dev) 3419 { 3420 u32 tb_id = l3mdev_fib_table(dev) ? : RT6_TABLE_INFO; 3421 int ifindex = dev->ifindex; 3422 struct fib6_node *fn; 3423 struct fib6_info *rt = NULL; 3424 struct fib6_table *table; 3425 3426 table = fib6_get_table(net, tb_id); 3427 if (!table) 3428 return NULL; 3429 3430 rcu_read_lock(); 3431 fn = fib6_locate(&table->tb6_root, prefix, prefixlen, NULL, 0, true); 3432 if (!fn) 3433 goto out; 3434 3435 for_each_fib6_node_rt_rcu(fn) { 3436 if (rt->fib6_nh.nh_dev->ifindex != ifindex) 3437 continue; 3438 if ((rt->fib6_flags & (RTF_ROUTEINFO|RTF_GATEWAY)) != (RTF_ROUTEINFO|RTF_GATEWAY)) 3439 continue; 3440 if (!ipv6_addr_equal(&rt->fib6_nh.nh_gw, gwaddr)) 3441 continue; 3442 if (!fib6_info_hold_safe(rt)) 3443 continue; 3444 break; 3445 } 3446 out: 3447 rcu_read_unlock(); 3448 return rt; 3449 } 3450 3451 static struct fib6_info *rt6_add_route_info(struct net *net, 3452 const struct in6_addr *prefix, int prefixlen, 3453 const struct in6_addr *gwaddr, 3454 struct net_device *dev, 3455 unsigned int pref) 3456 { 3457 struct fib6_config cfg = { 3458 .fc_metric = IP6_RT_PRIO_USER, 3459 .fc_ifindex = dev->ifindex, 3460 .fc_dst_len = prefixlen, 3461 .fc_flags = RTF_GATEWAY | RTF_ADDRCONF | RTF_ROUTEINFO | 3462 RTF_UP | RTF_PREF(pref), 3463 .fc_protocol = RTPROT_RA, 3464 .fc_type = RTN_UNICAST, 3465 .fc_nlinfo.portid = 0, 3466 .fc_nlinfo.nlh = NULL, 3467 .fc_nlinfo.nl_net = net, 3468 }; 3469 3470 cfg.fc_table = l3mdev_fib_table(dev) ? : RT6_TABLE_INFO, 3471 cfg.fc_dst = *prefix; 3472 cfg.fc_gateway = *gwaddr; 3473 3474 /* We should treat it as a default route if prefix length is 0. */ 3475 if (!prefixlen) 3476 cfg.fc_flags |= RTF_DEFAULT; 3477 3478 ip6_route_add(&cfg, GFP_ATOMIC, NULL); 3479 3480 return rt6_get_route_info(net, prefix, prefixlen, gwaddr, dev); 3481 } 3482 #endif 3483 3484 struct fib6_info *rt6_get_dflt_router(struct net *net, 3485 const struct in6_addr *addr, 3486 struct net_device *dev) 3487 { 3488 u32 tb_id = l3mdev_fib_table(dev) ? : RT6_TABLE_DFLT; 3489 struct fib6_info *rt; 3490 struct fib6_table *table; 3491 3492 table = fib6_get_table(net, tb_id); 3493 if (!table) 3494 return NULL; 3495 3496 rcu_read_lock(); 3497 for_each_fib6_node_rt_rcu(&table->tb6_root) { 3498 if (dev == rt->fib6_nh.nh_dev && 3499 ((rt->fib6_flags & (RTF_ADDRCONF | RTF_DEFAULT)) == (RTF_ADDRCONF | RTF_DEFAULT)) && 3500 ipv6_addr_equal(&rt->fib6_nh.nh_gw, addr)) 3501 break; 3502 } 3503 if (rt && !fib6_info_hold_safe(rt)) 3504 rt = NULL; 3505 rcu_read_unlock(); 3506 return rt; 3507 } 3508 3509 struct fib6_info *rt6_add_dflt_router(struct net *net, 3510 const struct in6_addr *gwaddr, 3511 struct net_device *dev, 3512 unsigned int pref) 3513 { 3514 struct fib6_config cfg = { 3515 .fc_table = l3mdev_fib_table(dev) ? : RT6_TABLE_DFLT, 3516 .fc_metric = IP6_RT_PRIO_USER, 3517 .fc_ifindex = dev->ifindex, 3518 .fc_flags = RTF_GATEWAY | RTF_ADDRCONF | RTF_DEFAULT | 3519 RTF_UP | RTF_EXPIRES | RTF_PREF(pref), 3520 .fc_protocol = RTPROT_RA, 3521 .fc_type = RTN_UNICAST, 3522 .fc_nlinfo.portid = 0, 3523 .fc_nlinfo.nlh = NULL, 3524 .fc_nlinfo.nl_net = net, 3525 }; 3526 3527 cfg.fc_gateway = *gwaddr; 3528 3529 if (!ip6_route_add(&cfg, GFP_ATOMIC, NULL)) { 3530 struct fib6_table *table; 3531 3532 table = fib6_get_table(dev_net(dev), cfg.fc_table); 3533 if (table) 3534 table->flags |= RT6_TABLE_HAS_DFLT_ROUTER; 3535 } 3536 3537 return rt6_get_dflt_router(net, gwaddr, dev); 3538 } 3539 3540 static void __rt6_purge_dflt_routers(struct net *net, 3541 struct fib6_table *table) 3542 { 3543 struct fib6_info *rt; 3544 3545 restart: 3546 rcu_read_lock(); 3547 for_each_fib6_node_rt_rcu(&table->tb6_root) { 3548 struct net_device *dev = fib6_info_nh_dev(rt); 3549 struct inet6_dev *idev = dev ? __in6_dev_get(dev) : NULL; 3550 3551 if (rt->fib6_flags & (RTF_DEFAULT | RTF_ADDRCONF) && 3552 (!idev || idev->cnf.accept_ra != 2) && 3553 fib6_info_hold_safe(rt)) { 3554 rcu_read_unlock(); 3555 ip6_del_rt(net, rt); 3556 goto restart; 3557 } 3558 } 3559 rcu_read_unlock(); 3560 3561 table->flags &= ~RT6_TABLE_HAS_DFLT_ROUTER; 3562 } 3563 3564 void rt6_purge_dflt_routers(struct net *net) 3565 { 3566 struct fib6_table *table; 3567 struct hlist_head *head; 3568 unsigned int h; 3569 3570 rcu_read_lock(); 3571 3572 for (h = 0; h < FIB6_TABLE_HASHSZ; h++) { 3573 head = &net->ipv6.fib_table_hash[h]; 3574 hlist_for_each_entry_rcu(table, head, tb6_hlist) { 3575 if (table->flags & RT6_TABLE_HAS_DFLT_ROUTER) 3576 __rt6_purge_dflt_routers(net, table); 3577 } 3578 } 3579 3580 rcu_read_unlock(); 3581 } 3582 3583 static void rtmsg_to_fib6_config(struct net *net, 3584 struct in6_rtmsg *rtmsg, 3585 struct fib6_config *cfg) 3586 { 3587 *cfg = (struct fib6_config){ 3588 .fc_table = l3mdev_fib_table_by_index(net, rtmsg->rtmsg_ifindex) ? 3589 : RT6_TABLE_MAIN, 3590 .fc_ifindex = rtmsg->rtmsg_ifindex, 3591 .fc_metric = rtmsg->rtmsg_metric, 3592 .fc_expires = rtmsg->rtmsg_info, 3593 .fc_dst_len = rtmsg->rtmsg_dst_len, 3594 .fc_src_len = rtmsg->rtmsg_src_len, 3595 .fc_flags = rtmsg->rtmsg_flags, 3596 .fc_type = rtmsg->rtmsg_type, 3597 3598 .fc_nlinfo.nl_net = net, 3599 3600 .fc_dst = rtmsg->rtmsg_dst, 3601 .fc_src = rtmsg->rtmsg_src, 3602 .fc_gateway = rtmsg->rtmsg_gateway, 3603 }; 3604 } 3605 3606 int ipv6_route_ioctl(struct net *net, unsigned int cmd, void __user *arg) 3607 { 3608 struct fib6_config cfg; 3609 struct in6_rtmsg rtmsg; 3610 int err; 3611 3612 switch (cmd) { 3613 case SIOCADDRT: /* Add a route */ 3614 case SIOCDELRT: /* Delete a route */ 3615 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) 3616 return -EPERM; 3617 err = copy_from_user(&rtmsg, arg, 3618 sizeof(struct in6_rtmsg)); 3619 if (err) 3620 return -EFAULT; 3621 3622 rtmsg_to_fib6_config(net, &rtmsg, &cfg); 3623 3624 rtnl_lock(); 3625 switch (cmd) { 3626 case SIOCADDRT: 3627 err = ip6_route_add(&cfg, GFP_KERNEL, NULL); 3628 break; 3629 case SIOCDELRT: 3630 err = ip6_route_del(&cfg, NULL); 3631 break; 3632 default: 3633 err = -EINVAL; 3634 } 3635 rtnl_unlock(); 3636 3637 return err; 3638 } 3639 3640 return -EINVAL; 3641 } 3642 3643 /* 3644 * Drop the packet on the floor 3645 */ 3646 3647 static int ip6_pkt_drop(struct sk_buff *skb, u8 code, int ipstats_mib_noroutes) 3648 { 3649 int type; 3650 struct dst_entry *dst = skb_dst(skb); 3651 switch (ipstats_mib_noroutes) { 3652 case IPSTATS_MIB_INNOROUTES: 3653 type = ipv6_addr_type(&ipv6_hdr(skb)->daddr); 3654 if (type == IPV6_ADDR_ANY) { 3655 IP6_INC_STATS(dev_net(dst->dev), 3656 __in6_dev_get_safely(skb->dev), 3657 IPSTATS_MIB_INADDRERRORS); 3658 break; 3659 } 3660 /* FALLTHROUGH */ 3661 case IPSTATS_MIB_OUTNOROUTES: 3662 IP6_INC_STATS(dev_net(dst->dev), ip6_dst_idev(dst), 3663 ipstats_mib_noroutes); 3664 break; 3665 } 3666 icmpv6_send(skb, ICMPV6_DEST_UNREACH, code, 0); 3667 kfree_skb(skb); 3668 return 0; 3669 } 3670 3671 static int ip6_pkt_discard(struct sk_buff *skb) 3672 { 3673 return ip6_pkt_drop(skb, ICMPV6_NOROUTE, IPSTATS_MIB_INNOROUTES); 3674 } 3675 3676 static int ip6_pkt_discard_out(struct net *net, struct sock *sk, struct sk_buff *skb) 3677 { 3678 skb->dev = skb_dst(skb)->dev; 3679 return ip6_pkt_drop(skb, ICMPV6_NOROUTE, IPSTATS_MIB_OUTNOROUTES); 3680 } 3681 3682 static int ip6_pkt_prohibit(struct sk_buff *skb) 3683 { 3684 return ip6_pkt_drop(skb, ICMPV6_ADM_PROHIBITED, IPSTATS_MIB_INNOROUTES); 3685 } 3686 3687 static int ip6_pkt_prohibit_out(struct net *net, struct sock *sk, struct sk_buff *skb) 3688 { 3689 skb->dev = skb_dst(skb)->dev; 3690 return ip6_pkt_drop(skb, ICMPV6_ADM_PROHIBITED, IPSTATS_MIB_OUTNOROUTES); 3691 } 3692 3693 /* 3694 * Allocate a dst for local (unicast / anycast) address. 3695 */ 3696 3697 struct fib6_info *addrconf_f6i_alloc(struct net *net, 3698 struct inet6_dev *idev, 3699 const struct in6_addr *addr, 3700 bool anycast, gfp_t gfp_flags) 3701 { 3702 u32 tb_id; 3703 struct net_device *dev = idev->dev; 3704 struct fib6_info *f6i; 3705 3706 f6i = fib6_info_alloc(gfp_flags); 3707 if (!f6i) 3708 return ERR_PTR(-ENOMEM); 3709 3710 f6i->fib6_metrics = ip_fib_metrics_init(net, NULL, 0, NULL); 3711 f6i->dst_nocount = true; 3712 f6i->dst_host = true; 3713 f6i->fib6_protocol = RTPROT_KERNEL; 3714 f6i->fib6_flags = RTF_UP | RTF_NONEXTHOP; 3715 if (anycast) { 3716 f6i->fib6_type = RTN_ANYCAST; 3717 f6i->fib6_flags |= RTF_ANYCAST; 3718 } else { 3719 f6i->fib6_type = RTN_LOCAL; 3720 f6i->fib6_flags |= RTF_LOCAL; 3721 } 3722 3723 f6i->fib6_nh.nh_gw = *addr; 3724 dev_hold(dev); 3725 f6i->fib6_nh.nh_dev = dev; 3726 f6i->fib6_dst.addr = *addr; 3727 f6i->fib6_dst.plen = 128; 3728 tb_id = l3mdev_fib_table(idev->dev) ? : RT6_TABLE_LOCAL; 3729 f6i->fib6_table = fib6_get_table(net, tb_id); 3730 3731 return f6i; 3732 } 3733 3734 /* remove deleted ip from prefsrc entries */ 3735 struct arg_dev_net_ip { 3736 struct net_device *dev; 3737 struct net *net; 3738 struct in6_addr *addr; 3739 }; 3740 3741 static int fib6_remove_prefsrc(struct fib6_info *rt, void *arg) 3742 { 3743 struct net_device *dev = ((struct arg_dev_net_ip *)arg)->dev; 3744 struct net *net = ((struct arg_dev_net_ip *)arg)->net; 3745 struct in6_addr *addr = ((struct arg_dev_net_ip *)arg)->addr; 3746 3747 if (((void *)rt->fib6_nh.nh_dev == dev || !dev) && 3748 rt != net->ipv6.fib6_null_entry && 3749 ipv6_addr_equal(addr, &rt->fib6_prefsrc.addr)) { 3750 spin_lock_bh(&rt6_exception_lock); 3751 /* remove prefsrc entry */ 3752 rt->fib6_prefsrc.plen = 0; 3753 spin_unlock_bh(&rt6_exception_lock); 3754 } 3755 return 0; 3756 } 3757 3758 void rt6_remove_prefsrc(struct inet6_ifaddr *ifp) 3759 { 3760 struct net *net = dev_net(ifp->idev->dev); 3761 struct arg_dev_net_ip adni = { 3762 .dev = ifp->idev->dev, 3763 .net = net, 3764 .addr = &ifp->addr, 3765 }; 3766 fib6_clean_all(net, fib6_remove_prefsrc, &adni); 3767 } 3768 3769 #define RTF_RA_ROUTER (RTF_ADDRCONF | RTF_DEFAULT | RTF_GATEWAY) 3770 3771 /* Remove routers and update dst entries when gateway turn into host. */ 3772 static int fib6_clean_tohost(struct fib6_info *rt, void *arg) 3773 { 3774 struct in6_addr *gateway = (struct in6_addr *)arg; 3775 3776 if (((rt->fib6_flags & RTF_RA_ROUTER) == RTF_RA_ROUTER) && 3777 ipv6_addr_equal(gateway, &rt->fib6_nh.nh_gw)) { 3778 return -1; 3779 } 3780 3781 /* Further clean up cached routes in exception table. 3782 * This is needed because cached route may have a different 3783 * gateway than its 'parent' in the case of an ip redirect. 3784 */ 3785 rt6_exceptions_clean_tohost(rt, gateway); 3786 3787 return 0; 3788 } 3789 3790 void rt6_clean_tohost(struct net *net, struct in6_addr *gateway) 3791 { 3792 fib6_clean_all(net, fib6_clean_tohost, gateway); 3793 } 3794 3795 struct arg_netdev_event { 3796 const struct net_device *dev; 3797 union { 3798 unsigned int nh_flags; 3799 unsigned long event; 3800 }; 3801 }; 3802 3803 static struct fib6_info *rt6_multipath_first_sibling(const struct fib6_info *rt) 3804 { 3805 struct fib6_info *iter; 3806 struct fib6_node *fn; 3807 3808 fn = rcu_dereference_protected(rt->fib6_node, 3809 lockdep_is_held(&rt->fib6_table->tb6_lock)); 3810 iter = rcu_dereference_protected(fn->leaf, 3811 lockdep_is_held(&rt->fib6_table->tb6_lock)); 3812 while (iter) { 3813 if (iter->fib6_metric == rt->fib6_metric && 3814 rt6_qualify_for_ecmp(iter)) 3815 return iter; 3816 iter = rcu_dereference_protected(iter->fib6_next, 3817 lockdep_is_held(&rt->fib6_table->tb6_lock)); 3818 } 3819 3820 return NULL; 3821 } 3822 3823 static bool rt6_is_dead(const struct fib6_info *rt) 3824 { 3825 if (rt->fib6_nh.nh_flags & RTNH_F_DEAD || 3826 (rt->fib6_nh.nh_flags & RTNH_F_LINKDOWN && 3827 fib6_ignore_linkdown(rt))) 3828 return true; 3829 3830 return false; 3831 } 3832 3833 static int rt6_multipath_total_weight(const struct fib6_info *rt) 3834 { 3835 struct fib6_info *iter; 3836 int total = 0; 3837 3838 if (!rt6_is_dead(rt)) 3839 total += rt->fib6_nh.nh_weight; 3840 3841 list_for_each_entry(iter, &rt->fib6_siblings, fib6_siblings) { 3842 if (!rt6_is_dead(iter)) 3843 total += iter->fib6_nh.nh_weight; 3844 } 3845 3846 return total; 3847 } 3848 3849 static void rt6_upper_bound_set(struct fib6_info *rt, int *weight, int total) 3850 { 3851 int upper_bound = -1; 3852 3853 if (!rt6_is_dead(rt)) { 3854 *weight += rt->fib6_nh.nh_weight; 3855 upper_bound = DIV_ROUND_CLOSEST_ULL((u64) (*weight) << 31, 3856 total) - 1; 3857 } 3858 atomic_set(&rt->fib6_nh.nh_upper_bound, upper_bound); 3859 } 3860 3861 static void rt6_multipath_upper_bound_set(struct fib6_info *rt, int total) 3862 { 3863 struct fib6_info *iter; 3864 int weight = 0; 3865 3866 rt6_upper_bound_set(rt, &weight, total); 3867 3868 list_for_each_entry(iter, &rt->fib6_siblings, fib6_siblings) 3869 rt6_upper_bound_set(iter, &weight, total); 3870 } 3871 3872 void rt6_multipath_rebalance(struct fib6_info *rt) 3873 { 3874 struct fib6_info *first; 3875 int total; 3876 3877 /* In case the entire multipath route was marked for flushing, 3878 * then there is no need to rebalance upon the removal of every 3879 * sibling route. 3880 */ 3881 if (!rt->fib6_nsiblings || rt->should_flush) 3882 return; 3883 3884 /* During lookup routes are evaluated in order, so we need to 3885 * make sure upper bounds are assigned from the first sibling 3886 * onwards. 3887 */ 3888 first = rt6_multipath_first_sibling(rt); 3889 if (WARN_ON_ONCE(!first)) 3890 return; 3891 3892 total = rt6_multipath_total_weight(first); 3893 rt6_multipath_upper_bound_set(first, total); 3894 } 3895 3896 static int fib6_ifup(struct fib6_info *rt, void *p_arg) 3897 { 3898 const struct arg_netdev_event *arg = p_arg; 3899 struct net *net = dev_net(arg->dev); 3900 3901 if (rt != net->ipv6.fib6_null_entry && rt->fib6_nh.nh_dev == arg->dev) { 3902 rt->fib6_nh.nh_flags &= ~arg->nh_flags; 3903 fib6_update_sernum_upto_root(net, rt); 3904 rt6_multipath_rebalance(rt); 3905 } 3906 3907 return 0; 3908 } 3909 3910 void rt6_sync_up(struct net_device *dev, unsigned int nh_flags) 3911 { 3912 struct arg_netdev_event arg = { 3913 .dev = dev, 3914 { 3915 .nh_flags = nh_flags, 3916 }, 3917 }; 3918 3919 if (nh_flags & RTNH_F_DEAD && netif_carrier_ok(dev)) 3920 arg.nh_flags |= RTNH_F_LINKDOWN; 3921 3922 fib6_clean_all(dev_net(dev), fib6_ifup, &arg); 3923 } 3924 3925 static bool rt6_multipath_uses_dev(const struct fib6_info *rt, 3926 const struct net_device *dev) 3927 { 3928 struct fib6_info *iter; 3929 3930 if (rt->fib6_nh.nh_dev == dev) 3931 return true; 3932 list_for_each_entry(iter, &rt->fib6_siblings, fib6_siblings) 3933 if (iter->fib6_nh.nh_dev == dev) 3934 return true; 3935 3936 return false; 3937 } 3938 3939 static void rt6_multipath_flush(struct fib6_info *rt) 3940 { 3941 struct fib6_info *iter; 3942 3943 rt->should_flush = 1; 3944 list_for_each_entry(iter, &rt->fib6_siblings, fib6_siblings) 3945 iter->should_flush = 1; 3946 } 3947 3948 static unsigned int rt6_multipath_dead_count(const struct fib6_info *rt, 3949 const struct net_device *down_dev) 3950 { 3951 struct fib6_info *iter; 3952 unsigned int dead = 0; 3953 3954 if (rt->fib6_nh.nh_dev == down_dev || 3955 rt->fib6_nh.nh_flags & RTNH_F_DEAD) 3956 dead++; 3957 list_for_each_entry(iter, &rt->fib6_siblings, fib6_siblings) 3958 if (iter->fib6_nh.nh_dev == down_dev || 3959 iter->fib6_nh.nh_flags & RTNH_F_DEAD) 3960 dead++; 3961 3962 return dead; 3963 } 3964 3965 static void rt6_multipath_nh_flags_set(struct fib6_info *rt, 3966 const struct net_device *dev, 3967 unsigned int nh_flags) 3968 { 3969 struct fib6_info *iter; 3970 3971 if (rt->fib6_nh.nh_dev == dev) 3972 rt->fib6_nh.nh_flags |= nh_flags; 3973 list_for_each_entry(iter, &rt->fib6_siblings, fib6_siblings) 3974 if (iter->fib6_nh.nh_dev == dev) 3975 iter->fib6_nh.nh_flags |= nh_flags; 3976 } 3977 3978 /* called with write lock held for table with rt */ 3979 static int fib6_ifdown(struct fib6_info *rt, void *p_arg) 3980 { 3981 const struct arg_netdev_event *arg = p_arg; 3982 const struct net_device *dev = arg->dev; 3983 struct net *net = dev_net(dev); 3984 3985 if (rt == net->ipv6.fib6_null_entry) 3986 return 0; 3987 3988 switch (arg->event) { 3989 case NETDEV_UNREGISTER: 3990 return rt->fib6_nh.nh_dev == dev ? -1 : 0; 3991 case NETDEV_DOWN: 3992 if (rt->should_flush) 3993 return -1; 3994 if (!rt->fib6_nsiblings) 3995 return rt->fib6_nh.nh_dev == dev ? -1 : 0; 3996 if (rt6_multipath_uses_dev(rt, dev)) { 3997 unsigned int count; 3998 3999 count = rt6_multipath_dead_count(rt, dev); 4000 if (rt->fib6_nsiblings + 1 == count) { 4001 rt6_multipath_flush(rt); 4002 return -1; 4003 } 4004 rt6_multipath_nh_flags_set(rt, dev, RTNH_F_DEAD | 4005 RTNH_F_LINKDOWN); 4006 fib6_update_sernum(net, rt); 4007 rt6_multipath_rebalance(rt); 4008 } 4009 return -2; 4010 case NETDEV_CHANGE: 4011 if (rt->fib6_nh.nh_dev != dev || 4012 rt->fib6_flags & (RTF_LOCAL | RTF_ANYCAST)) 4013 break; 4014 rt->fib6_nh.nh_flags |= RTNH_F_LINKDOWN; 4015 rt6_multipath_rebalance(rt); 4016 break; 4017 } 4018 4019 return 0; 4020 } 4021 4022 void rt6_sync_down_dev(struct net_device *dev, unsigned long event) 4023 { 4024 struct arg_netdev_event arg = { 4025 .dev = dev, 4026 { 4027 .event = event, 4028 }, 4029 }; 4030 struct net *net = dev_net(dev); 4031 4032 if (net->ipv6.sysctl.skip_notify_on_dev_down) 4033 fib6_clean_all_skip_notify(net, fib6_ifdown, &arg); 4034 else 4035 fib6_clean_all(net, fib6_ifdown, &arg); 4036 } 4037 4038 void rt6_disable_ip(struct net_device *dev, unsigned long event) 4039 { 4040 rt6_sync_down_dev(dev, event); 4041 rt6_uncached_list_flush_dev(dev_net(dev), dev); 4042 neigh_ifdown(&nd_tbl, dev); 4043 } 4044 4045 struct rt6_mtu_change_arg { 4046 struct net_device *dev; 4047 unsigned int mtu; 4048 }; 4049 4050 static int rt6_mtu_change_route(struct fib6_info *rt, void *p_arg) 4051 { 4052 struct rt6_mtu_change_arg *arg = (struct rt6_mtu_change_arg *) p_arg; 4053 struct inet6_dev *idev; 4054 4055 /* In IPv6 pmtu discovery is not optional, 4056 so that RTAX_MTU lock cannot disable it. 4057 We still use this lock to block changes 4058 caused by addrconf/ndisc. 4059 */ 4060 4061 idev = __in6_dev_get(arg->dev); 4062 if (!idev) 4063 return 0; 4064 4065 /* For administrative MTU increase, there is no way to discover 4066 IPv6 PMTU increase, so PMTU increase should be updated here. 4067 Since RFC 1981 doesn't include administrative MTU increase 4068 update PMTU increase is a MUST. (i.e. jumbo frame) 4069 */ 4070 if (rt->fib6_nh.nh_dev == arg->dev && 4071 !fib6_metric_locked(rt, RTAX_MTU)) { 4072 u32 mtu = rt->fib6_pmtu; 4073 4074 if (mtu >= arg->mtu || 4075 (mtu < arg->mtu && mtu == idev->cnf.mtu6)) 4076 fib6_metric_set(rt, RTAX_MTU, arg->mtu); 4077 4078 spin_lock_bh(&rt6_exception_lock); 4079 rt6_exceptions_update_pmtu(idev, rt, arg->mtu); 4080 spin_unlock_bh(&rt6_exception_lock); 4081 } 4082 return 0; 4083 } 4084 4085 void rt6_mtu_change(struct net_device *dev, unsigned int mtu) 4086 { 4087 struct rt6_mtu_change_arg arg = { 4088 .dev = dev, 4089 .mtu = mtu, 4090 }; 4091 4092 fib6_clean_all(dev_net(dev), rt6_mtu_change_route, &arg); 4093 } 4094 4095 static const struct nla_policy rtm_ipv6_policy[RTA_MAX+1] = { 4096 [RTA_GATEWAY] = { .len = sizeof(struct in6_addr) }, 4097 [RTA_PREFSRC] = { .len = sizeof(struct in6_addr) }, 4098 [RTA_OIF] = { .type = NLA_U32 }, 4099 [RTA_IIF] = { .type = NLA_U32 }, 4100 [RTA_PRIORITY] = { .type = NLA_U32 }, 4101 [RTA_METRICS] = { .type = NLA_NESTED }, 4102 [RTA_MULTIPATH] = { .len = sizeof(struct rtnexthop) }, 4103 [RTA_PREF] = { .type = NLA_U8 }, 4104 [RTA_ENCAP_TYPE] = { .type = NLA_U16 }, 4105 [RTA_ENCAP] = { .type = NLA_NESTED }, 4106 [RTA_EXPIRES] = { .type = NLA_U32 }, 4107 [RTA_UID] = { .type = NLA_U32 }, 4108 [RTA_MARK] = { .type = NLA_U32 }, 4109 [RTA_TABLE] = { .type = NLA_U32 }, 4110 [RTA_IP_PROTO] = { .type = NLA_U8 }, 4111 [RTA_SPORT] = { .type = NLA_U16 }, 4112 [RTA_DPORT] = { .type = NLA_U16 }, 4113 }; 4114 4115 static int rtm_to_fib6_config(struct sk_buff *skb, struct nlmsghdr *nlh, 4116 struct fib6_config *cfg, 4117 struct netlink_ext_ack *extack) 4118 { 4119 struct rtmsg *rtm; 4120 struct nlattr *tb[RTA_MAX+1]; 4121 unsigned int pref; 4122 int err; 4123 4124 err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_ipv6_policy, 4125 extack); 4126 if (err < 0) 4127 goto errout; 4128 4129 err = -EINVAL; 4130 rtm = nlmsg_data(nlh); 4131 4132 *cfg = (struct fib6_config){ 4133 .fc_table = rtm->rtm_table, 4134 .fc_dst_len = rtm->rtm_dst_len, 4135 .fc_src_len = rtm->rtm_src_len, 4136 .fc_flags = RTF_UP, 4137 .fc_protocol = rtm->rtm_protocol, 4138 .fc_type = rtm->rtm_type, 4139 4140 .fc_nlinfo.portid = NETLINK_CB(skb).portid, 4141 .fc_nlinfo.nlh = nlh, 4142 .fc_nlinfo.nl_net = sock_net(skb->sk), 4143 }; 4144 4145 if (rtm->rtm_type == RTN_UNREACHABLE || 4146 rtm->rtm_type == RTN_BLACKHOLE || 4147 rtm->rtm_type == RTN_PROHIBIT || 4148 rtm->rtm_type == RTN_THROW) 4149 cfg->fc_flags |= RTF_REJECT; 4150 4151 if (rtm->rtm_type == RTN_LOCAL) 4152 cfg->fc_flags |= RTF_LOCAL; 4153 4154 if (rtm->rtm_flags & RTM_F_CLONED) 4155 cfg->fc_flags |= RTF_CACHE; 4156 4157 cfg->fc_flags |= (rtm->rtm_flags & RTNH_F_ONLINK); 4158 4159 if (tb[RTA_GATEWAY]) { 4160 cfg->fc_gateway = nla_get_in6_addr(tb[RTA_GATEWAY]); 4161 cfg->fc_flags |= RTF_GATEWAY; 4162 } 4163 4164 if (tb[RTA_DST]) { 4165 int plen = (rtm->rtm_dst_len + 7) >> 3; 4166 4167 if (nla_len(tb[RTA_DST]) < plen) 4168 goto errout; 4169 4170 nla_memcpy(&cfg->fc_dst, tb[RTA_DST], plen); 4171 } 4172 4173 if (tb[RTA_SRC]) { 4174 int plen = (rtm->rtm_src_len + 7) >> 3; 4175 4176 if (nla_len(tb[RTA_SRC]) < plen) 4177 goto errout; 4178 4179 nla_memcpy(&cfg->fc_src, tb[RTA_SRC], plen); 4180 } 4181 4182 if (tb[RTA_PREFSRC]) 4183 cfg->fc_prefsrc = nla_get_in6_addr(tb[RTA_PREFSRC]); 4184 4185 if (tb[RTA_OIF]) 4186 cfg->fc_ifindex = nla_get_u32(tb[RTA_OIF]); 4187 4188 if (tb[RTA_PRIORITY]) 4189 cfg->fc_metric = nla_get_u32(tb[RTA_PRIORITY]); 4190 4191 if (tb[RTA_METRICS]) { 4192 cfg->fc_mx = nla_data(tb[RTA_METRICS]); 4193 cfg->fc_mx_len = nla_len(tb[RTA_METRICS]); 4194 } 4195 4196 if (tb[RTA_TABLE]) 4197 cfg->fc_table = nla_get_u32(tb[RTA_TABLE]); 4198 4199 if (tb[RTA_MULTIPATH]) { 4200 cfg->fc_mp = nla_data(tb[RTA_MULTIPATH]); 4201 cfg->fc_mp_len = nla_len(tb[RTA_MULTIPATH]); 4202 4203 err = lwtunnel_valid_encap_type_attr(cfg->fc_mp, 4204 cfg->fc_mp_len, extack); 4205 if (err < 0) 4206 goto errout; 4207 } 4208 4209 if (tb[RTA_PREF]) { 4210 pref = nla_get_u8(tb[RTA_PREF]); 4211 if (pref != ICMPV6_ROUTER_PREF_LOW && 4212 pref != ICMPV6_ROUTER_PREF_HIGH) 4213 pref = ICMPV6_ROUTER_PREF_MEDIUM; 4214 cfg->fc_flags |= RTF_PREF(pref); 4215 } 4216 4217 if (tb[RTA_ENCAP]) 4218 cfg->fc_encap = tb[RTA_ENCAP]; 4219 4220 if (tb[RTA_ENCAP_TYPE]) { 4221 cfg->fc_encap_type = nla_get_u16(tb[RTA_ENCAP_TYPE]); 4222 4223 err = lwtunnel_valid_encap_type(cfg->fc_encap_type, extack); 4224 if (err < 0) 4225 goto errout; 4226 } 4227 4228 if (tb[RTA_EXPIRES]) { 4229 unsigned long timeout = addrconf_timeout_fixup(nla_get_u32(tb[RTA_EXPIRES]), HZ); 4230 4231 if (addrconf_finite_timeout(timeout)) { 4232 cfg->fc_expires = jiffies_to_clock_t(timeout * HZ); 4233 cfg->fc_flags |= RTF_EXPIRES; 4234 } 4235 } 4236 4237 err = 0; 4238 errout: 4239 return err; 4240 } 4241 4242 struct rt6_nh { 4243 struct fib6_info *fib6_info; 4244 struct fib6_config r_cfg; 4245 struct list_head next; 4246 }; 4247 4248 static int ip6_route_info_append(struct net *net, 4249 struct list_head *rt6_nh_list, 4250 struct fib6_info *rt, 4251 struct fib6_config *r_cfg) 4252 { 4253 struct rt6_nh *nh; 4254 int err = -EEXIST; 4255 4256 list_for_each_entry(nh, rt6_nh_list, next) { 4257 /* check if fib6_info already exists */ 4258 if (rt6_duplicate_nexthop(nh->fib6_info, rt)) 4259 return err; 4260 } 4261 4262 nh = kzalloc(sizeof(*nh), GFP_KERNEL); 4263 if (!nh) 4264 return -ENOMEM; 4265 nh->fib6_info = rt; 4266 memcpy(&nh->r_cfg, r_cfg, sizeof(*r_cfg)); 4267 list_add_tail(&nh->next, rt6_nh_list); 4268 4269 return 0; 4270 } 4271 4272 static void ip6_route_mpath_notify(struct fib6_info *rt, 4273 struct fib6_info *rt_last, 4274 struct nl_info *info, 4275 __u16 nlflags) 4276 { 4277 /* if this is an APPEND route, then rt points to the first route 4278 * inserted and rt_last points to last route inserted. Userspace 4279 * wants a consistent dump of the route which starts at the first 4280 * nexthop. Since sibling routes are always added at the end of 4281 * the list, find the first sibling of the last route appended 4282 */ 4283 if ((nlflags & NLM_F_APPEND) && rt_last && rt_last->fib6_nsiblings) { 4284 rt = list_first_entry(&rt_last->fib6_siblings, 4285 struct fib6_info, 4286 fib6_siblings); 4287 } 4288 4289 if (rt) 4290 inet6_rt_notify(RTM_NEWROUTE, rt, info, nlflags); 4291 } 4292 4293 static int ip6_route_multipath_add(struct fib6_config *cfg, 4294 struct netlink_ext_ack *extack) 4295 { 4296 struct fib6_info *rt_notif = NULL, *rt_last = NULL; 4297 struct nl_info *info = &cfg->fc_nlinfo; 4298 struct fib6_config r_cfg; 4299 struct rtnexthop *rtnh; 4300 struct fib6_info *rt; 4301 struct rt6_nh *err_nh; 4302 struct rt6_nh *nh, *nh_safe; 4303 __u16 nlflags; 4304 int remaining; 4305 int attrlen; 4306 int err = 1; 4307 int nhn = 0; 4308 int replace = (cfg->fc_nlinfo.nlh && 4309 (cfg->fc_nlinfo.nlh->nlmsg_flags & NLM_F_REPLACE)); 4310 LIST_HEAD(rt6_nh_list); 4311 4312 nlflags = replace ? NLM_F_REPLACE : NLM_F_CREATE; 4313 if (info->nlh && info->nlh->nlmsg_flags & NLM_F_APPEND) 4314 nlflags |= NLM_F_APPEND; 4315 4316 remaining = cfg->fc_mp_len; 4317 rtnh = (struct rtnexthop *)cfg->fc_mp; 4318 4319 /* Parse a Multipath Entry and build a list (rt6_nh_list) of 4320 * fib6_info structs per nexthop 4321 */ 4322 while (rtnh_ok(rtnh, remaining)) { 4323 memcpy(&r_cfg, cfg, sizeof(*cfg)); 4324 if (rtnh->rtnh_ifindex) 4325 r_cfg.fc_ifindex = rtnh->rtnh_ifindex; 4326 4327 attrlen = rtnh_attrlen(rtnh); 4328 if (attrlen > 0) { 4329 struct nlattr *nla, *attrs = rtnh_attrs(rtnh); 4330 4331 nla = nla_find(attrs, attrlen, RTA_GATEWAY); 4332 if (nla) { 4333 r_cfg.fc_gateway = nla_get_in6_addr(nla); 4334 r_cfg.fc_flags |= RTF_GATEWAY; 4335 } 4336 r_cfg.fc_encap = nla_find(attrs, attrlen, RTA_ENCAP); 4337 nla = nla_find(attrs, attrlen, RTA_ENCAP_TYPE); 4338 if (nla) 4339 r_cfg.fc_encap_type = nla_get_u16(nla); 4340 } 4341 4342 r_cfg.fc_flags |= (rtnh->rtnh_flags & RTNH_F_ONLINK); 4343 rt = ip6_route_info_create(&r_cfg, GFP_KERNEL, extack); 4344 if (IS_ERR(rt)) { 4345 err = PTR_ERR(rt); 4346 rt = NULL; 4347 goto cleanup; 4348 } 4349 if (!rt6_qualify_for_ecmp(rt)) { 4350 err = -EINVAL; 4351 NL_SET_ERR_MSG(extack, 4352 "Device only routes can not be added for IPv6 using the multipath API."); 4353 fib6_info_release(rt); 4354 goto cleanup; 4355 } 4356 4357 rt->fib6_nh.nh_weight = rtnh->rtnh_hops + 1; 4358 4359 err = ip6_route_info_append(info->nl_net, &rt6_nh_list, 4360 rt, &r_cfg); 4361 if (err) { 4362 fib6_info_release(rt); 4363 goto cleanup; 4364 } 4365 4366 rtnh = rtnh_next(rtnh, &remaining); 4367 } 4368 4369 /* for add and replace send one notification with all nexthops. 4370 * Skip the notification in fib6_add_rt2node and send one with 4371 * the full route when done 4372 */ 4373 info->skip_notify = 1; 4374 4375 err_nh = NULL; 4376 list_for_each_entry(nh, &rt6_nh_list, next) { 4377 err = __ip6_ins_rt(nh->fib6_info, info, extack); 4378 fib6_info_release(nh->fib6_info); 4379 4380 if (!err) { 4381 /* save reference to last route successfully inserted */ 4382 rt_last = nh->fib6_info; 4383 4384 /* save reference to first route for notification */ 4385 if (!rt_notif) 4386 rt_notif = nh->fib6_info; 4387 } 4388 4389 /* nh->fib6_info is used or freed at this point, reset to NULL*/ 4390 nh->fib6_info = NULL; 4391 if (err) { 4392 if (replace && nhn) 4393 NL_SET_ERR_MSG_MOD(extack, 4394 "multipath route replace failed (check consistency of installed routes)"); 4395 err_nh = nh; 4396 goto add_errout; 4397 } 4398 4399 /* Because each route is added like a single route we remove 4400 * these flags after the first nexthop: if there is a collision, 4401 * we have already failed to add the first nexthop: 4402 * fib6_add_rt2node() has rejected it; when replacing, old 4403 * nexthops have been replaced by first new, the rest should 4404 * be added to it. 4405 */ 4406 cfg->fc_nlinfo.nlh->nlmsg_flags &= ~(NLM_F_EXCL | 4407 NLM_F_REPLACE); 4408 nhn++; 4409 } 4410 4411 /* success ... tell user about new route */ 4412 ip6_route_mpath_notify(rt_notif, rt_last, info, nlflags); 4413 goto cleanup; 4414 4415 add_errout: 4416 /* send notification for routes that were added so that 4417 * the delete notifications sent by ip6_route_del are 4418 * coherent 4419 */ 4420 if (rt_notif) 4421 ip6_route_mpath_notify(rt_notif, rt_last, info, nlflags); 4422 4423 /* Delete routes that were already added */ 4424 list_for_each_entry(nh, &rt6_nh_list, next) { 4425 if (err_nh == nh) 4426 break; 4427 ip6_route_del(&nh->r_cfg, extack); 4428 } 4429 4430 cleanup: 4431 list_for_each_entry_safe(nh, nh_safe, &rt6_nh_list, next) { 4432 if (nh->fib6_info) 4433 fib6_info_release(nh->fib6_info); 4434 list_del(&nh->next); 4435 kfree(nh); 4436 } 4437 4438 return err; 4439 } 4440 4441 static int ip6_route_multipath_del(struct fib6_config *cfg, 4442 struct netlink_ext_ack *extack) 4443 { 4444 struct fib6_config r_cfg; 4445 struct rtnexthop *rtnh; 4446 int remaining; 4447 int attrlen; 4448 int err = 1, last_err = 0; 4449 4450 remaining = cfg->fc_mp_len; 4451 rtnh = (struct rtnexthop *)cfg->fc_mp; 4452 4453 /* Parse a Multipath Entry */ 4454 while (rtnh_ok(rtnh, remaining)) { 4455 memcpy(&r_cfg, cfg, sizeof(*cfg)); 4456 if (rtnh->rtnh_ifindex) 4457 r_cfg.fc_ifindex = rtnh->rtnh_ifindex; 4458 4459 attrlen = rtnh_attrlen(rtnh); 4460 if (attrlen > 0) { 4461 struct nlattr *nla, *attrs = rtnh_attrs(rtnh); 4462 4463 nla = nla_find(attrs, attrlen, RTA_GATEWAY); 4464 if (nla) { 4465 nla_memcpy(&r_cfg.fc_gateway, nla, 16); 4466 r_cfg.fc_flags |= RTF_GATEWAY; 4467 } 4468 } 4469 err = ip6_route_del(&r_cfg, extack); 4470 if (err) 4471 last_err = err; 4472 4473 rtnh = rtnh_next(rtnh, &remaining); 4474 } 4475 4476 return last_err; 4477 } 4478 4479 static int inet6_rtm_delroute(struct sk_buff *skb, struct nlmsghdr *nlh, 4480 struct netlink_ext_ack *extack) 4481 { 4482 struct fib6_config cfg; 4483 int err; 4484 4485 err = rtm_to_fib6_config(skb, nlh, &cfg, extack); 4486 if (err < 0) 4487 return err; 4488 4489 if (cfg.fc_mp) 4490 return ip6_route_multipath_del(&cfg, extack); 4491 else { 4492 cfg.fc_delete_all_nh = 1; 4493 return ip6_route_del(&cfg, extack); 4494 } 4495 } 4496 4497 static int inet6_rtm_newroute(struct sk_buff *skb, struct nlmsghdr *nlh, 4498 struct netlink_ext_ack *extack) 4499 { 4500 struct fib6_config cfg; 4501 int err; 4502 4503 err = rtm_to_fib6_config(skb, nlh, &cfg, extack); 4504 if (err < 0) 4505 return err; 4506 4507 if (cfg.fc_mp) 4508 return ip6_route_multipath_add(&cfg, extack); 4509 else 4510 return ip6_route_add(&cfg, GFP_KERNEL, extack); 4511 } 4512 4513 static size_t rt6_nlmsg_size(struct fib6_info *rt) 4514 { 4515 int nexthop_len = 0; 4516 4517 if (rt->fib6_nsiblings) { 4518 nexthop_len = nla_total_size(0) /* RTA_MULTIPATH */ 4519 + NLA_ALIGN(sizeof(struct rtnexthop)) 4520 + nla_total_size(16) /* RTA_GATEWAY */ 4521 + lwtunnel_get_encap_size(rt->fib6_nh.nh_lwtstate); 4522 4523 nexthop_len *= rt->fib6_nsiblings; 4524 } 4525 4526 return NLMSG_ALIGN(sizeof(struct rtmsg)) 4527 + nla_total_size(16) /* RTA_SRC */ 4528 + nla_total_size(16) /* RTA_DST */ 4529 + nla_total_size(16) /* RTA_GATEWAY */ 4530 + nla_total_size(16) /* RTA_PREFSRC */ 4531 + nla_total_size(4) /* RTA_TABLE */ 4532 + nla_total_size(4) /* RTA_IIF */ 4533 + nla_total_size(4) /* RTA_OIF */ 4534 + nla_total_size(4) /* RTA_PRIORITY */ 4535 + RTAX_MAX * nla_total_size(4) /* RTA_METRICS */ 4536 + nla_total_size(sizeof(struct rta_cacheinfo)) 4537 + nla_total_size(TCP_CA_NAME_MAX) /* RTAX_CC_ALGO */ 4538 + nla_total_size(1) /* RTA_PREF */ 4539 + lwtunnel_get_encap_size(rt->fib6_nh.nh_lwtstate) 4540 + nexthop_len; 4541 } 4542 4543 static int rt6_nexthop_info(struct sk_buff *skb, struct fib6_info *rt, 4544 unsigned int *flags, bool skip_oif) 4545 { 4546 if (rt->fib6_nh.nh_flags & RTNH_F_DEAD) 4547 *flags |= RTNH_F_DEAD; 4548 4549 if (rt->fib6_nh.nh_flags & RTNH_F_LINKDOWN) { 4550 *flags |= RTNH_F_LINKDOWN; 4551 4552 rcu_read_lock(); 4553 if (fib6_ignore_linkdown(rt)) 4554 *flags |= RTNH_F_DEAD; 4555 rcu_read_unlock(); 4556 } 4557 4558 if (rt->fib6_flags & RTF_GATEWAY) { 4559 if (nla_put_in6_addr(skb, RTA_GATEWAY, &rt->fib6_nh.nh_gw) < 0) 4560 goto nla_put_failure; 4561 } 4562 4563 *flags |= (rt->fib6_nh.nh_flags & RTNH_F_ONLINK); 4564 if (rt->fib6_nh.nh_flags & RTNH_F_OFFLOAD) 4565 *flags |= RTNH_F_OFFLOAD; 4566 4567 /* not needed for multipath encoding b/c it has a rtnexthop struct */ 4568 if (!skip_oif && rt->fib6_nh.nh_dev && 4569 nla_put_u32(skb, RTA_OIF, rt->fib6_nh.nh_dev->ifindex)) 4570 goto nla_put_failure; 4571 4572 if (rt->fib6_nh.nh_lwtstate && 4573 lwtunnel_fill_encap(skb, rt->fib6_nh.nh_lwtstate) < 0) 4574 goto nla_put_failure; 4575 4576 return 0; 4577 4578 nla_put_failure: 4579 return -EMSGSIZE; 4580 } 4581 4582 /* add multipath next hop */ 4583 static int rt6_add_nexthop(struct sk_buff *skb, struct fib6_info *rt) 4584 { 4585 const struct net_device *dev = rt->fib6_nh.nh_dev; 4586 struct rtnexthop *rtnh; 4587 unsigned int flags = 0; 4588 4589 rtnh = nla_reserve_nohdr(skb, sizeof(*rtnh)); 4590 if (!rtnh) 4591 goto nla_put_failure; 4592 4593 rtnh->rtnh_hops = rt->fib6_nh.nh_weight - 1; 4594 rtnh->rtnh_ifindex = dev ? dev->ifindex : 0; 4595 4596 if (rt6_nexthop_info(skb, rt, &flags, true) < 0) 4597 goto nla_put_failure; 4598 4599 rtnh->rtnh_flags = flags; 4600 4601 /* length of rtnetlink header + attributes */ 4602 rtnh->rtnh_len = nlmsg_get_pos(skb) - (void *)rtnh; 4603 4604 return 0; 4605 4606 nla_put_failure: 4607 return -EMSGSIZE; 4608 } 4609 4610 static int rt6_fill_node(struct net *net, struct sk_buff *skb, 4611 struct fib6_info *rt, struct dst_entry *dst, 4612 struct in6_addr *dest, struct in6_addr *src, 4613 int iif, int type, u32 portid, u32 seq, 4614 unsigned int flags) 4615 { 4616 struct rt6_info *rt6 = (struct rt6_info *)dst; 4617 struct rt6key *rt6_dst, *rt6_src; 4618 u32 *pmetrics, table, rt6_flags; 4619 struct nlmsghdr *nlh; 4620 struct rtmsg *rtm; 4621 long expires = 0; 4622 4623 nlh = nlmsg_put(skb, portid, seq, type, sizeof(*rtm), flags); 4624 if (!nlh) 4625 return -EMSGSIZE; 4626 4627 if (rt6) { 4628 rt6_dst = &rt6->rt6i_dst; 4629 rt6_src = &rt6->rt6i_src; 4630 rt6_flags = rt6->rt6i_flags; 4631 } else { 4632 rt6_dst = &rt->fib6_dst; 4633 rt6_src = &rt->fib6_src; 4634 rt6_flags = rt->fib6_flags; 4635 } 4636 4637 rtm = nlmsg_data(nlh); 4638 rtm->rtm_family = AF_INET6; 4639 rtm->rtm_dst_len = rt6_dst->plen; 4640 rtm->rtm_src_len = rt6_src->plen; 4641 rtm->rtm_tos = 0; 4642 if (rt->fib6_table) 4643 table = rt->fib6_table->tb6_id; 4644 else 4645 table = RT6_TABLE_UNSPEC; 4646 rtm->rtm_table = table; 4647 if (nla_put_u32(skb, RTA_TABLE, table)) 4648 goto nla_put_failure; 4649 4650 rtm->rtm_type = rt->fib6_type; 4651 rtm->rtm_flags = 0; 4652 rtm->rtm_scope = RT_SCOPE_UNIVERSE; 4653 rtm->rtm_protocol = rt->fib6_protocol; 4654 4655 if (rt6_flags & RTF_CACHE) 4656 rtm->rtm_flags |= RTM_F_CLONED; 4657 4658 if (dest) { 4659 if (nla_put_in6_addr(skb, RTA_DST, dest)) 4660 goto nla_put_failure; 4661 rtm->rtm_dst_len = 128; 4662 } else if (rtm->rtm_dst_len) 4663 if (nla_put_in6_addr(skb, RTA_DST, &rt6_dst->addr)) 4664 goto nla_put_failure; 4665 #ifdef CONFIG_IPV6_SUBTREES 4666 if (src) { 4667 if (nla_put_in6_addr(skb, RTA_SRC, src)) 4668 goto nla_put_failure; 4669 rtm->rtm_src_len = 128; 4670 } else if (rtm->rtm_src_len && 4671 nla_put_in6_addr(skb, RTA_SRC, &rt6_src->addr)) 4672 goto nla_put_failure; 4673 #endif 4674 if (iif) { 4675 #ifdef CONFIG_IPV6_MROUTE 4676 if (ipv6_addr_is_multicast(&rt6_dst->addr)) { 4677 int err = ip6mr_get_route(net, skb, rtm, portid); 4678 4679 if (err == 0) 4680 return 0; 4681 if (err < 0) 4682 goto nla_put_failure; 4683 } else 4684 #endif 4685 if (nla_put_u32(skb, RTA_IIF, iif)) 4686 goto nla_put_failure; 4687 } else if (dest) { 4688 struct in6_addr saddr_buf; 4689 if (ip6_route_get_saddr(net, rt, dest, 0, &saddr_buf) == 0 && 4690 nla_put_in6_addr(skb, RTA_PREFSRC, &saddr_buf)) 4691 goto nla_put_failure; 4692 } 4693 4694 if (rt->fib6_prefsrc.plen) { 4695 struct in6_addr saddr_buf; 4696 saddr_buf = rt->fib6_prefsrc.addr; 4697 if (nla_put_in6_addr(skb, RTA_PREFSRC, &saddr_buf)) 4698 goto nla_put_failure; 4699 } 4700 4701 pmetrics = dst ? dst_metrics_ptr(dst) : rt->fib6_metrics->metrics; 4702 if (rtnetlink_put_metrics(skb, pmetrics) < 0) 4703 goto nla_put_failure; 4704 4705 if (nla_put_u32(skb, RTA_PRIORITY, rt->fib6_metric)) 4706 goto nla_put_failure; 4707 4708 /* For multipath routes, walk the siblings list and add 4709 * each as a nexthop within RTA_MULTIPATH. 4710 */ 4711 if (rt6) { 4712 if (rt6_flags & RTF_GATEWAY && 4713 nla_put_in6_addr(skb, RTA_GATEWAY, &rt6->rt6i_gateway)) 4714 goto nla_put_failure; 4715 4716 if (dst->dev && nla_put_u32(skb, RTA_OIF, dst->dev->ifindex)) 4717 goto nla_put_failure; 4718 } else if (rt->fib6_nsiblings) { 4719 struct fib6_info *sibling, *next_sibling; 4720 struct nlattr *mp; 4721 4722 mp = nla_nest_start(skb, RTA_MULTIPATH); 4723 if (!mp) 4724 goto nla_put_failure; 4725 4726 if (rt6_add_nexthop(skb, rt) < 0) 4727 goto nla_put_failure; 4728 4729 list_for_each_entry_safe(sibling, next_sibling, 4730 &rt->fib6_siblings, fib6_siblings) { 4731 if (rt6_add_nexthop(skb, sibling) < 0) 4732 goto nla_put_failure; 4733 } 4734 4735 nla_nest_end(skb, mp); 4736 } else { 4737 if (rt6_nexthop_info(skb, rt, &rtm->rtm_flags, false) < 0) 4738 goto nla_put_failure; 4739 } 4740 4741 if (rt6_flags & RTF_EXPIRES) { 4742 expires = dst ? dst->expires : rt->expires; 4743 expires -= jiffies; 4744 } 4745 4746 if (rtnl_put_cacheinfo(skb, dst, 0, expires, dst ? dst->error : 0) < 0) 4747 goto nla_put_failure; 4748 4749 if (nla_put_u8(skb, RTA_PREF, IPV6_EXTRACT_PREF(rt6_flags))) 4750 goto nla_put_failure; 4751 4752 4753 nlmsg_end(skb, nlh); 4754 return 0; 4755 4756 nla_put_failure: 4757 nlmsg_cancel(skb, nlh); 4758 return -EMSGSIZE; 4759 } 4760 4761 static bool fib6_info_uses_dev(const struct fib6_info *f6i, 4762 const struct net_device *dev) 4763 { 4764 if (f6i->fib6_nh.nh_dev == dev) 4765 return true; 4766 4767 if (f6i->fib6_nsiblings) { 4768 struct fib6_info *sibling, *next_sibling; 4769 4770 list_for_each_entry_safe(sibling, next_sibling, 4771 &f6i->fib6_siblings, fib6_siblings) { 4772 if (sibling->fib6_nh.nh_dev == dev) 4773 return true; 4774 } 4775 } 4776 4777 return false; 4778 } 4779 4780 int rt6_dump_route(struct fib6_info *rt, void *p_arg) 4781 { 4782 struct rt6_rtnl_dump_arg *arg = (struct rt6_rtnl_dump_arg *) p_arg; 4783 struct fib_dump_filter *filter = &arg->filter; 4784 unsigned int flags = NLM_F_MULTI; 4785 struct net *net = arg->net; 4786 4787 if (rt == net->ipv6.fib6_null_entry) 4788 return 0; 4789 4790 if ((filter->flags & RTM_F_PREFIX) && 4791 !(rt->fib6_flags & RTF_PREFIX_RT)) { 4792 /* success since this is not a prefix route */ 4793 return 1; 4794 } 4795 if (filter->filter_set) { 4796 if ((filter->rt_type && rt->fib6_type != filter->rt_type) || 4797 (filter->dev && !fib6_info_uses_dev(rt, filter->dev)) || 4798 (filter->protocol && rt->fib6_protocol != filter->protocol)) { 4799 return 1; 4800 } 4801 flags |= NLM_F_DUMP_FILTERED; 4802 } 4803 4804 return rt6_fill_node(net, arg->skb, rt, NULL, NULL, NULL, 0, 4805 RTM_NEWROUTE, NETLINK_CB(arg->cb->skb).portid, 4806 arg->cb->nlh->nlmsg_seq, flags); 4807 } 4808 4809 static int inet6_rtm_valid_getroute_req(struct sk_buff *skb, 4810 const struct nlmsghdr *nlh, 4811 struct nlattr **tb, 4812 struct netlink_ext_ack *extack) 4813 { 4814 struct rtmsg *rtm; 4815 int i, err; 4816 4817 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*rtm))) { 4818 NL_SET_ERR_MSG_MOD(extack, 4819 "Invalid header for get route request"); 4820 return -EINVAL; 4821 } 4822 4823 if (!netlink_strict_get_check(skb)) 4824 return nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, 4825 rtm_ipv6_policy, extack); 4826 4827 rtm = nlmsg_data(nlh); 4828 if ((rtm->rtm_src_len && rtm->rtm_src_len != 128) || 4829 (rtm->rtm_dst_len && rtm->rtm_dst_len != 128) || 4830 rtm->rtm_table || rtm->rtm_protocol || rtm->rtm_scope || 4831 rtm->rtm_type) { 4832 NL_SET_ERR_MSG_MOD(extack, "Invalid values in header for get route request"); 4833 return -EINVAL; 4834 } 4835 if (rtm->rtm_flags & ~RTM_F_FIB_MATCH) { 4836 NL_SET_ERR_MSG_MOD(extack, 4837 "Invalid flags for get route request"); 4838 return -EINVAL; 4839 } 4840 4841 err = nlmsg_parse_strict(nlh, sizeof(*rtm), tb, RTA_MAX, 4842 rtm_ipv6_policy, extack); 4843 if (err) 4844 return err; 4845 4846 if ((tb[RTA_SRC] && !rtm->rtm_src_len) || 4847 (tb[RTA_DST] && !rtm->rtm_dst_len)) { 4848 NL_SET_ERR_MSG_MOD(extack, "rtm_src_len and rtm_dst_len must be 128 for IPv6"); 4849 return -EINVAL; 4850 } 4851 4852 for (i = 0; i <= RTA_MAX; i++) { 4853 if (!tb[i]) 4854 continue; 4855 4856 switch (i) { 4857 case RTA_SRC: 4858 case RTA_DST: 4859 case RTA_IIF: 4860 case RTA_OIF: 4861 case RTA_MARK: 4862 case RTA_UID: 4863 case RTA_SPORT: 4864 case RTA_DPORT: 4865 case RTA_IP_PROTO: 4866 break; 4867 default: 4868 NL_SET_ERR_MSG_MOD(extack, "Unsupported attribute in get route request"); 4869 return -EINVAL; 4870 } 4871 } 4872 4873 return 0; 4874 } 4875 4876 static int inet6_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr *nlh, 4877 struct netlink_ext_ack *extack) 4878 { 4879 struct net *net = sock_net(in_skb->sk); 4880 struct nlattr *tb[RTA_MAX+1]; 4881 int err, iif = 0, oif = 0; 4882 struct fib6_info *from; 4883 struct dst_entry *dst; 4884 struct rt6_info *rt; 4885 struct sk_buff *skb; 4886 struct rtmsg *rtm; 4887 struct flowi6 fl6 = {}; 4888 bool fibmatch; 4889 4890 err = inet6_rtm_valid_getroute_req(in_skb, nlh, tb, extack); 4891 if (err < 0) 4892 goto errout; 4893 4894 err = -EINVAL; 4895 rtm = nlmsg_data(nlh); 4896 fl6.flowlabel = ip6_make_flowinfo(rtm->rtm_tos, 0); 4897 fibmatch = !!(rtm->rtm_flags & RTM_F_FIB_MATCH); 4898 4899 if (tb[RTA_SRC]) { 4900 if (nla_len(tb[RTA_SRC]) < sizeof(struct in6_addr)) 4901 goto errout; 4902 4903 fl6.saddr = *(struct in6_addr *)nla_data(tb[RTA_SRC]); 4904 } 4905 4906 if (tb[RTA_DST]) { 4907 if (nla_len(tb[RTA_DST]) < sizeof(struct in6_addr)) 4908 goto errout; 4909 4910 fl6.daddr = *(struct in6_addr *)nla_data(tb[RTA_DST]); 4911 } 4912 4913 if (tb[RTA_IIF]) 4914 iif = nla_get_u32(tb[RTA_IIF]); 4915 4916 if (tb[RTA_OIF]) 4917 oif = nla_get_u32(tb[RTA_OIF]); 4918 4919 if (tb[RTA_MARK]) 4920 fl6.flowi6_mark = nla_get_u32(tb[RTA_MARK]); 4921 4922 if (tb[RTA_UID]) 4923 fl6.flowi6_uid = make_kuid(current_user_ns(), 4924 nla_get_u32(tb[RTA_UID])); 4925 else 4926 fl6.flowi6_uid = iif ? INVALID_UID : current_uid(); 4927 4928 if (tb[RTA_SPORT]) 4929 fl6.fl6_sport = nla_get_be16(tb[RTA_SPORT]); 4930 4931 if (tb[RTA_DPORT]) 4932 fl6.fl6_dport = nla_get_be16(tb[RTA_DPORT]); 4933 4934 if (tb[RTA_IP_PROTO]) { 4935 err = rtm_getroute_parse_ip_proto(tb[RTA_IP_PROTO], 4936 &fl6.flowi6_proto, extack); 4937 if (err) 4938 goto errout; 4939 } 4940 4941 if (iif) { 4942 struct net_device *dev; 4943 int flags = 0; 4944 4945 rcu_read_lock(); 4946 4947 dev = dev_get_by_index_rcu(net, iif); 4948 if (!dev) { 4949 rcu_read_unlock(); 4950 err = -ENODEV; 4951 goto errout; 4952 } 4953 4954 fl6.flowi6_iif = iif; 4955 4956 if (!ipv6_addr_any(&fl6.saddr)) 4957 flags |= RT6_LOOKUP_F_HAS_SADDR; 4958 4959 dst = ip6_route_input_lookup(net, dev, &fl6, NULL, flags); 4960 4961 rcu_read_unlock(); 4962 } else { 4963 fl6.flowi6_oif = oif; 4964 4965 dst = ip6_route_output(net, NULL, &fl6); 4966 } 4967 4968 4969 rt = container_of(dst, struct rt6_info, dst); 4970 if (rt->dst.error) { 4971 err = rt->dst.error; 4972 ip6_rt_put(rt); 4973 goto errout; 4974 } 4975 4976 if (rt == net->ipv6.ip6_null_entry) { 4977 err = rt->dst.error; 4978 ip6_rt_put(rt); 4979 goto errout; 4980 } 4981 4982 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL); 4983 if (!skb) { 4984 ip6_rt_put(rt); 4985 err = -ENOBUFS; 4986 goto errout; 4987 } 4988 4989 skb_dst_set(skb, &rt->dst); 4990 4991 rcu_read_lock(); 4992 from = rcu_dereference(rt->from); 4993 4994 if (fibmatch) 4995 err = rt6_fill_node(net, skb, from, NULL, NULL, NULL, iif, 4996 RTM_NEWROUTE, NETLINK_CB(in_skb).portid, 4997 nlh->nlmsg_seq, 0); 4998 else 4999 err = rt6_fill_node(net, skb, from, dst, &fl6.daddr, 5000 &fl6.saddr, iif, RTM_NEWROUTE, 5001 NETLINK_CB(in_skb).portid, nlh->nlmsg_seq, 5002 0); 5003 rcu_read_unlock(); 5004 5005 if (err < 0) { 5006 kfree_skb(skb); 5007 goto errout; 5008 } 5009 5010 err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).portid); 5011 errout: 5012 return err; 5013 } 5014 5015 void inet6_rt_notify(int event, struct fib6_info *rt, struct nl_info *info, 5016 unsigned int nlm_flags) 5017 { 5018 struct sk_buff *skb; 5019 struct net *net = info->nl_net; 5020 u32 seq; 5021 int err; 5022 5023 err = -ENOBUFS; 5024 seq = info->nlh ? info->nlh->nlmsg_seq : 0; 5025 5026 skb = nlmsg_new(rt6_nlmsg_size(rt), gfp_any()); 5027 if (!skb) 5028 goto errout; 5029 5030 err = rt6_fill_node(net, skb, rt, NULL, NULL, NULL, 0, 5031 event, info->portid, seq, nlm_flags); 5032 if (err < 0) { 5033 /* -EMSGSIZE implies BUG in rt6_nlmsg_size() */ 5034 WARN_ON(err == -EMSGSIZE); 5035 kfree_skb(skb); 5036 goto errout; 5037 } 5038 rtnl_notify(skb, net, info->portid, RTNLGRP_IPV6_ROUTE, 5039 info->nlh, gfp_any()); 5040 return; 5041 errout: 5042 if (err < 0) 5043 rtnl_set_sk_err(net, RTNLGRP_IPV6_ROUTE, err); 5044 } 5045 5046 static int ip6_route_dev_notify(struct notifier_block *this, 5047 unsigned long event, void *ptr) 5048 { 5049 struct net_device *dev = netdev_notifier_info_to_dev(ptr); 5050 struct net *net = dev_net(dev); 5051 5052 if (!(dev->flags & IFF_LOOPBACK)) 5053 return NOTIFY_OK; 5054 5055 if (event == NETDEV_REGISTER) { 5056 net->ipv6.fib6_null_entry->fib6_nh.nh_dev = dev; 5057 net->ipv6.ip6_null_entry->dst.dev = dev; 5058 net->ipv6.ip6_null_entry->rt6i_idev = in6_dev_get(dev); 5059 #ifdef CONFIG_IPV6_MULTIPLE_TABLES 5060 net->ipv6.ip6_prohibit_entry->dst.dev = dev; 5061 net->ipv6.ip6_prohibit_entry->rt6i_idev = in6_dev_get(dev); 5062 net->ipv6.ip6_blk_hole_entry->dst.dev = dev; 5063 net->ipv6.ip6_blk_hole_entry->rt6i_idev = in6_dev_get(dev); 5064 #endif 5065 } else if (event == NETDEV_UNREGISTER && 5066 dev->reg_state != NETREG_UNREGISTERED) { 5067 /* NETDEV_UNREGISTER could be fired for multiple times by 5068 * netdev_wait_allrefs(). Make sure we only call this once. 5069 */ 5070 in6_dev_put_clear(&net->ipv6.ip6_null_entry->rt6i_idev); 5071 #ifdef CONFIG_IPV6_MULTIPLE_TABLES 5072 in6_dev_put_clear(&net->ipv6.ip6_prohibit_entry->rt6i_idev); 5073 in6_dev_put_clear(&net->ipv6.ip6_blk_hole_entry->rt6i_idev); 5074 #endif 5075 } 5076 5077 return NOTIFY_OK; 5078 } 5079 5080 /* 5081 * /proc 5082 */ 5083 5084 #ifdef CONFIG_PROC_FS 5085 static int rt6_stats_seq_show(struct seq_file *seq, void *v) 5086 { 5087 struct net *net = (struct net *)seq->private; 5088 seq_printf(seq, "%04x %04x %04x %04x %04x %04x %04x\n", 5089 net->ipv6.rt6_stats->fib_nodes, 5090 net->ipv6.rt6_stats->fib_route_nodes, 5091 atomic_read(&net->ipv6.rt6_stats->fib_rt_alloc), 5092 net->ipv6.rt6_stats->fib_rt_entries, 5093 net->ipv6.rt6_stats->fib_rt_cache, 5094 dst_entries_get_slow(&net->ipv6.ip6_dst_ops), 5095 net->ipv6.rt6_stats->fib_discarded_routes); 5096 5097 return 0; 5098 } 5099 #endif /* CONFIG_PROC_FS */ 5100 5101 #ifdef CONFIG_SYSCTL 5102 5103 static 5104 int ipv6_sysctl_rtcache_flush(struct ctl_table *ctl, int write, 5105 void __user *buffer, size_t *lenp, loff_t *ppos) 5106 { 5107 struct net *net; 5108 int delay; 5109 int ret; 5110 if (!write) 5111 return -EINVAL; 5112 5113 net = (struct net *)ctl->extra1; 5114 delay = net->ipv6.sysctl.flush_delay; 5115 ret = proc_dointvec(ctl, write, buffer, lenp, ppos); 5116 if (ret) 5117 return ret; 5118 5119 fib6_run_gc(delay <= 0 ? 0 : (unsigned long)delay, net, delay > 0); 5120 return 0; 5121 } 5122 5123 static int zero; 5124 static int one = 1; 5125 5126 static struct ctl_table ipv6_route_table_template[] = { 5127 { 5128 .procname = "flush", 5129 .data = &init_net.ipv6.sysctl.flush_delay, 5130 .maxlen = sizeof(int), 5131 .mode = 0200, 5132 .proc_handler = ipv6_sysctl_rtcache_flush 5133 }, 5134 { 5135 .procname = "gc_thresh", 5136 .data = &ip6_dst_ops_template.gc_thresh, 5137 .maxlen = sizeof(int), 5138 .mode = 0644, 5139 .proc_handler = proc_dointvec, 5140 }, 5141 { 5142 .procname = "max_size", 5143 .data = &init_net.ipv6.sysctl.ip6_rt_max_size, 5144 .maxlen = sizeof(int), 5145 .mode = 0644, 5146 .proc_handler = proc_dointvec, 5147 }, 5148 { 5149 .procname = "gc_min_interval", 5150 .data = &init_net.ipv6.sysctl.ip6_rt_gc_min_interval, 5151 .maxlen = sizeof(int), 5152 .mode = 0644, 5153 .proc_handler = proc_dointvec_jiffies, 5154 }, 5155 { 5156 .procname = "gc_timeout", 5157 .data = &init_net.ipv6.sysctl.ip6_rt_gc_timeout, 5158 .maxlen = sizeof(int), 5159 .mode = 0644, 5160 .proc_handler = proc_dointvec_jiffies, 5161 }, 5162 { 5163 .procname = "gc_interval", 5164 .data = &init_net.ipv6.sysctl.ip6_rt_gc_interval, 5165 .maxlen = sizeof(int), 5166 .mode = 0644, 5167 .proc_handler = proc_dointvec_jiffies, 5168 }, 5169 { 5170 .procname = "gc_elasticity", 5171 .data = &init_net.ipv6.sysctl.ip6_rt_gc_elasticity, 5172 .maxlen = sizeof(int), 5173 .mode = 0644, 5174 .proc_handler = proc_dointvec, 5175 }, 5176 { 5177 .procname = "mtu_expires", 5178 .data = &init_net.ipv6.sysctl.ip6_rt_mtu_expires, 5179 .maxlen = sizeof(int), 5180 .mode = 0644, 5181 .proc_handler = proc_dointvec_jiffies, 5182 }, 5183 { 5184 .procname = "min_adv_mss", 5185 .data = &init_net.ipv6.sysctl.ip6_rt_min_advmss, 5186 .maxlen = sizeof(int), 5187 .mode = 0644, 5188 .proc_handler = proc_dointvec, 5189 }, 5190 { 5191 .procname = "gc_min_interval_ms", 5192 .data = &init_net.ipv6.sysctl.ip6_rt_gc_min_interval, 5193 .maxlen = sizeof(int), 5194 .mode = 0644, 5195 .proc_handler = proc_dointvec_ms_jiffies, 5196 }, 5197 { 5198 .procname = "skip_notify_on_dev_down", 5199 .data = &init_net.ipv6.sysctl.skip_notify_on_dev_down, 5200 .maxlen = sizeof(int), 5201 .mode = 0644, 5202 .proc_handler = proc_dointvec, 5203 .extra1 = &zero, 5204 .extra2 = &one, 5205 }, 5206 { } 5207 }; 5208 5209 struct ctl_table * __net_init ipv6_route_sysctl_init(struct net *net) 5210 { 5211 struct ctl_table *table; 5212 5213 table = kmemdup(ipv6_route_table_template, 5214 sizeof(ipv6_route_table_template), 5215 GFP_KERNEL); 5216 5217 if (table) { 5218 table[0].data = &net->ipv6.sysctl.flush_delay; 5219 table[0].extra1 = net; 5220 table[1].data = &net->ipv6.ip6_dst_ops.gc_thresh; 5221 table[2].data = &net->ipv6.sysctl.ip6_rt_max_size; 5222 table[3].data = &net->ipv6.sysctl.ip6_rt_gc_min_interval; 5223 table[4].data = &net->ipv6.sysctl.ip6_rt_gc_timeout; 5224 table[5].data = &net->ipv6.sysctl.ip6_rt_gc_interval; 5225 table[6].data = &net->ipv6.sysctl.ip6_rt_gc_elasticity; 5226 table[7].data = &net->ipv6.sysctl.ip6_rt_mtu_expires; 5227 table[8].data = &net->ipv6.sysctl.ip6_rt_min_advmss; 5228 table[9].data = &net->ipv6.sysctl.ip6_rt_gc_min_interval; 5229 table[10].data = &net->ipv6.sysctl.skip_notify_on_dev_down; 5230 5231 /* Don't export sysctls to unprivileged users */ 5232 if (net->user_ns != &init_user_ns) 5233 table[0].procname = NULL; 5234 } 5235 5236 return table; 5237 } 5238 #endif 5239 5240 static int __net_init ip6_route_net_init(struct net *net) 5241 { 5242 int ret = -ENOMEM; 5243 5244 memcpy(&net->ipv6.ip6_dst_ops, &ip6_dst_ops_template, 5245 sizeof(net->ipv6.ip6_dst_ops)); 5246 5247 if (dst_entries_init(&net->ipv6.ip6_dst_ops) < 0) 5248 goto out_ip6_dst_ops; 5249 5250 net->ipv6.fib6_null_entry = kmemdup(&fib6_null_entry_template, 5251 sizeof(*net->ipv6.fib6_null_entry), 5252 GFP_KERNEL); 5253 if (!net->ipv6.fib6_null_entry) 5254 goto out_ip6_dst_entries; 5255 5256 net->ipv6.ip6_null_entry = kmemdup(&ip6_null_entry_template, 5257 sizeof(*net->ipv6.ip6_null_entry), 5258 GFP_KERNEL); 5259 if (!net->ipv6.ip6_null_entry) 5260 goto out_fib6_null_entry; 5261 net->ipv6.ip6_null_entry->dst.ops = &net->ipv6.ip6_dst_ops; 5262 dst_init_metrics(&net->ipv6.ip6_null_entry->dst, 5263 ip6_template_metrics, true); 5264 5265 #ifdef CONFIG_IPV6_MULTIPLE_TABLES 5266 net->ipv6.fib6_has_custom_rules = false; 5267 net->ipv6.ip6_prohibit_entry = kmemdup(&ip6_prohibit_entry_template, 5268 sizeof(*net->ipv6.ip6_prohibit_entry), 5269 GFP_KERNEL); 5270 if (!net->ipv6.ip6_prohibit_entry) 5271 goto out_ip6_null_entry; 5272 net->ipv6.ip6_prohibit_entry->dst.ops = &net->ipv6.ip6_dst_ops; 5273 dst_init_metrics(&net->ipv6.ip6_prohibit_entry->dst, 5274 ip6_template_metrics, true); 5275 5276 net->ipv6.ip6_blk_hole_entry = kmemdup(&ip6_blk_hole_entry_template, 5277 sizeof(*net->ipv6.ip6_blk_hole_entry), 5278 GFP_KERNEL); 5279 if (!net->ipv6.ip6_blk_hole_entry) 5280 goto out_ip6_prohibit_entry; 5281 net->ipv6.ip6_blk_hole_entry->dst.ops = &net->ipv6.ip6_dst_ops; 5282 dst_init_metrics(&net->ipv6.ip6_blk_hole_entry->dst, 5283 ip6_template_metrics, true); 5284 #endif 5285 5286 net->ipv6.sysctl.flush_delay = 0; 5287 net->ipv6.sysctl.ip6_rt_max_size = 4096; 5288 net->ipv6.sysctl.ip6_rt_gc_min_interval = HZ / 2; 5289 net->ipv6.sysctl.ip6_rt_gc_timeout = 60*HZ; 5290 net->ipv6.sysctl.ip6_rt_gc_interval = 30*HZ; 5291 net->ipv6.sysctl.ip6_rt_gc_elasticity = 9; 5292 net->ipv6.sysctl.ip6_rt_mtu_expires = 10*60*HZ; 5293 net->ipv6.sysctl.ip6_rt_min_advmss = IPV6_MIN_MTU - 20 - 40; 5294 net->ipv6.sysctl.skip_notify_on_dev_down = 0; 5295 5296 net->ipv6.ip6_rt_gc_expire = 30*HZ; 5297 5298 ret = 0; 5299 out: 5300 return ret; 5301 5302 #ifdef CONFIG_IPV6_MULTIPLE_TABLES 5303 out_ip6_prohibit_entry: 5304 kfree(net->ipv6.ip6_prohibit_entry); 5305 out_ip6_null_entry: 5306 kfree(net->ipv6.ip6_null_entry); 5307 #endif 5308 out_fib6_null_entry: 5309 kfree(net->ipv6.fib6_null_entry); 5310 out_ip6_dst_entries: 5311 dst_entries_destroy(&net->ipv6.ip6_dst_ops); 5312 out_ip6_dst_ops: 5313 goto out; 5314 } 5315 5316 static void __net_exit ip6_route_net_exit(struct net *net) 5317 { 5318 kfree(net->ipv6.fib6_null_entry); 5319 kfree(net->ipv6.ip6_null_entry); 5320 #ifdef CONFIG_IPV6_MULTIPLE_TABLES 5321 kfree(net->ipv6.ip6_prohibit_entry); 5322 kfree(net->ipv6.ip6_blk_hole_entry); 5323 #endif 5324 dst_entries_destroy(&net->ipv6.ip6_dst_ops); 5325 } 5326 5327 static int __net_init ip6_route_net_init_late(struct net *net) 5328 { 5329 #ifdef CONFIG_PROC_FS 5330 proc_create_net("ipv6_route", 0, net->proc_net, &ipv6_route_seq_ops, 5331 sizeof(struct ipv6_route_iter)); 5332 proc_create_net_single("rt6_stats", 0444, net->proc_net, 5333 rt6_stats_seq_show, NULL); 5334 #endif 5335 return 0; 5336 } 5337 5338 static void __net_exit ip6_route_net_exit_late(struct net *net) 5339 { 5340 #ifdef CONFIG_PROC_FS 5341 remove_proc_entry("ipv6_route", net->proc_net); 5342 remove_proc_entry("rt6_stats", net->proc_net); 5343 #endif 5344 } 5345 5346 static struct pernet_operations ip6_route_net_ops = { 5347 .init = ip6_route_net_init, 5348 .exit = ip6_route_net_exit, 5349 }; 5350 5351 static int __net_init ipv6_inetpeer_init(struct net *net) 5352 { 5353 struct inet_peer_base *bp = kmalloc(sizeof(*bp), GFP_KERNEL); 5354 5355 if (!bp) 5356 return -ENOMEM; 5357 inet_peer_base_init(bp); 5358 net->ipv6.peers = bp; 5359 return 0; 5360 } 5361 5362 static void __net_exit ipv6_inetpeer_exit(struct net *net) 5363 { 5364 struct inet_peer_base *bp = net->ipv6.peers; 5365 5366 net->ipv6.peers = NULL; 5367 inetpeer_invalidate_tree(bp); 5368 kfree(bp); 5369 } 5370 5371 static struct pernet_operations ipv6_inetpeer_ops = { 5372 .init = ipv6_inetpeer_init, 5373 .exit = ipv6_inetpeer_exit, 5374 }; 5375 5376 static struct pernet_operations ip6_route_net_late_ops = { 5377 .init = ip6_route_net_init_late, 5378 .exit = ip6_route_net_exit_late, 5379 }; 5380 5381 static struct notifier_block ip6_route_dev_notifier = { 5382 .notifier_call = ip6_route_dev_notify, 5383 .priority = ADDRCONF_NOTIFY_PRIORITY - 10, 5384 }; 5385 5386 void __init ip6_route_init_special_entries(void) 5387 { 5388 /* Registering of the loopback is done before this portion of code, 5389 * the loopback reference in rt6_info will not be taken, do it 5390 * manually for init_net */ 5391 init_net.ipv6.fib6_null_entry->fib6_nh.nh_dev = init_net.loopback_dev; 5392 init_net.ipv6.ip6_null_entry->dst.dev = init_net.loopback_dev; 5393 init_net.ipv6.ip6_null_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev); 5394 #ifdef CONFIG_IPV6_MULTIPLE_TABLES 5395 init_net.ipv6.ip6_prohibit_entry->dst.dev = init_net.loopback_dev; 5396 init_net.ipv6.ip6_prohibit_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev); 5397 init_net.ipv6.ip6_blk_hole_entry->dst.dev = init_net.loopback_dev; 5398 init_net.ipv6.ip6_blk_hole_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev); 5399 #endif 5400 } 5401 5402 int __init ip6_route_init(void) 5403 { 5404 int ret; 5405 int cpu; 5406 5407 ret = -ENOMEM; 5408 ip6_dst_ops_template.kmem_cachep = 5409 kmem_cache_create("ip6_dst_cache", sizeof(struct rt6_info), 0, 5410 SLAB_HWCACHE_ALIGN, NULL); 5411 if (!ip6_dst_ops_template.kmem_cachep) 5412 goto out; 5413 5414 ret = dst_entries_init(&ip6_dst_blackhole_ops); 5415 if (ret) 5416 goto out_kmem_cache; 5417 5418 ret = register_pernet_subsys(&ipv6_inetpeer_ops); 5419 if (ret) 5420 goto out_dst_entries; 5421 5422 ret = register_pernet_subsys(&ip6_route_net_ops); 5423 if (ret) 5424 goto out_register_inetpeer; 5425 5426 ip6_dst_blackhole_ops.kmem_cachep = ip6_dst_ops_template.kmem_cachep; 5427 5428 ret = fib6_init(); 5429 if (ret) 5430 goto out_register_subsys; 5431 5432 ret = xfrm6_init(); 5433 if (ret) 5434 goto out_fib6_init; 5435 5436 ret = fib6_rules_init(); 5437 if (ret) 5438 goto xfrm6_init; 5439 5440 ret = register_pernet_subsys(&ip6_route_net_late_ops); 5441 if (ret) 5442 goto fib6_rules_init; 5443 5444 ret = rtnl_register_module(THIS_MODULE, PF_INET6, RTM_NEWROUTE, 5445 inet6_rtm_newroute, NULL, 0); 5446 if (ret < 0) 5447 goto out_register_late_subsys; 5448 5449 ret = rtnl_register_module(THIS_MODULE, PF_INET6, RTM_DELROUTE, 5450 inet6_rtm_delroute, NULL, 0); 5451 if (ret < 0) 5452 goto out_register_late_subsys; 5453 5454 ret = rtnl_register_module(THIS_MODULE, PF_INET6, RTM_GETROUTE, 5455 inet6_rtm_getroute, NULL, 5456 RTNL_FLAG_DOIT_UNLOCKED); 5457 if (ret < 0) 5458 goto out_register_late_subsys; 5459 5460 ret = register_netdevice_notifier(&ip6_route_dev_notifier); 5461 if (ret) 5462 goto out_register_late_subsys; 5463 5464 for_each_possible_cpu(cpu) { 5465 struct uncached_list *ul = per_cpu_ptr(&rt6_uncached_list, cpu); 5466 5467 INIT_LIST_HEAD(&ul->head); 5468 spin_lock_init(&ul->lock); 5469 } 5470 5471 out: 5472 return ret; 5473 5474 out_register_late_subsys: 5475 rtnl_unregister_all(PF_INET6); 5476 unregister_pernet_subsys(&ip6_route_net_late_ops); 5477 fib6_rules_init: 5478 fib6_rules_cleanup(); 5479 xfrm6_init: 5480 xfrm6_fini(); 5481 out_fib6_init: 5482 fib6_gc_cleanup(); 5483 out_register_subsys: 5484 unregister_pernet_subsys(&ip6_route_net_ops); 5485 out_register_inetpeer: 5486 unregister_pernet_subsys(&ipv6_inetpeer_ops); 5487 out_dst_entries: 5488 dst_entries_destroy(&ip6_dst_blackhole_ops); 5489 out_kmem_cache: 5490 kmem_cache_destroy(ip6_dst_ops_template.kmem_cachep); 5491 goto out; 5492 } 5493 5494 void ip6_route_cleanup(void) 5495 { 5496 unregister_netdevice_notifier(&ip6_route_dev_notifier); 5497 unregister_pernet_subsys(&ip6_route_net_late_ops); 5498 fib6_rules_cleanup(); 5499 xfrm6_fini(); 5500 fib6_gc_cleanup(); 5501 unregister_pernet_subsys(&ipv6_inetpeer_ops); 5502 unregister_pernet_subsys(&ip6_route_net_ops); 5503 dst_entries_destroy(&ip6_dst_blackhole_ops); 5504 kmem_cache_destroy(ip6_dst_ops_template.kmem_cachep); 5505 } 5506