~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/net/ipv6/route.c

Version: ~ [ linux-5.8-rc5 ] ~ [ linux-5.7.8 ] ~ [ linux-5.6.19 ] ~ [ linux-5.5.19 ] ~ [ linux-5.4.51 ] ~ [ linux-5.3.18 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.132 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.188 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.230 ] ~ [ linux-4.8.17 ] ~ [ linux-4.7.10 ] ~ [ linux-4.6.7 ] ~ [ linux-4.5.7 ] ~ [ linux-4.4.230 ] ~ [ linux-4.3.6 ] ~ [ linux-4.2.8 ] ~ [ linux-4.1.52 ] ~ [ linux-4.0.9 ] ~ [ linux-3.19.8 ] ~ [ linux-3.18.140 ] ~ [ linux-3.17.8 ] ~ [ linux-3.16.85 ] ~ [ linux-3.15.10 ] ~ [ linux-3.14.79 ] ~ [ linux-3.13.11 ] ~ [ linux-3.12.74 ] ~ [ linux-3.11.10 ] ~ [ linux-3.10.108 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.5 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

  1 /*
  2  *      Linux INET6 implementation
  3  *      FIB front-end.
  4  *
  5  *      Authors:
  6  *      Pedro Roque             <roque@di.fc.ul.pt>
  7  *
  8  *      This program is free software; you can redistribute it and/or
  9  *      modify it under the terms of the GNU General Public License
 10  *      as published by the Free Software Foundation; either version
 11  *      2 of the License, or (at your option) any later version.
 12  */
 13 
 14 /*      Changes:
 15  *
 16  *      YOSHIFUJI Hideaki @USAGI
 17  *              reworked default router selection.
 18  *              - respect outgoing interface
 19  *              - select from (probably) reachable routers (i.e.
 20  *              routers in REACHABLE, STALE, DELAY or PROBE states).
 21  *              - always select the same router if it is (probably)
 22  *              reachable.  otherwise, round-robin the list.
 23  *      Ville Nuorvala
 24  *              Fixed routing subtrees.
 25  */
 26 
 27 #define pr_fmt(fmt) "IPv6: " fmt
 28 
 29 #include <linux/capability.h>
 30 #include <linux/errno.h>
 31 #include <linux/export.h>
 32 #include <linux/types.h>
 33 #include <linux/times.h>
 34 #include <linux/socket.h>
 35 #include <linux/sockios.h>
 36 #include <linux/net.h>
 37 #include <linux/route.h>
 38 #include <linux/netdevice.h>
 39 #include <linux/in6.h>
 40 #include <linux/mroute6.h>
 41 #include <linux/init.h>
 42 #include <linux/if_arp.h>
 43 #include <linux/proc_fs.h>
 44 #include <linux/seq_file.h>
 45 #include <linux/nsproxy.h>
 46 #include <linux/slab.h>
 47 #include <net/net_namespace.h>
 48 #include <net/snmp.h>
 49 #include <net/ipv6.h>
 50 #include <net/ip6_fib.h>
 51 #include <net/ip6_route.h>
 52 #include <net/ndisc.h>
 53 #include <net/addrconf.h>
 54 #include <net/tcp.h>
 55 #include <linux/rtnetlink.h>
 56 #include <net/dst.h>
 57 #include <net/xfrm.h>
 58 #include <net/netevent.h>
 59 #include <net/netlink.h>
 60 #include <net/nexthop.h>
 61 
 62 #include <asm/uaccess.h>
 63 
 64 #ifdef CONFIG_SYSCTL
 65 #include <linux/sysctl.h>
 66 #endif
 67 
 68 enum rt6_nud_state {
 69         RT6_NUD_FAIL_HARD = -2,
 70         RT6_NUD_FAIL_SOFT = -1,
 71         RT6_NUD_SUCCEED = 1
 72 };
 73 
 74 static struct rt6_info *ip6_rt_copy(struct rt6_info *ort,
 75                                     const struct in6_addr *dest);
 76 static struct dst_entry *ip6_dst_check(struct dst_entry *dst, u32 cookie);
 77 static unsigned int      ip6_default_advmss(const struct dst_entry *dst);
 78 static unsigned int      ip6_mtu(const struct dst_entry *dst);
 79 static struct dst_entry *ip6_negative_advice(struct dst_entry *);
 80 static void             ip6_dst_destroy(struct dst_entry *);
 81 static void             ip6_dst_ifdown(struct dst_entry *,
 82                                        struct net_device *dev, int how);
 83 static int               ip6_dst_gc(struct dst_ops *ops);
 84 
 85 static int              ip6_pkt_discard(struct sk_buff *skb);
 86 static int              ip6_pkt_discard_out(struct sk_buff *skb);
 87 static int              ip6_pkt_prohibit(struct sk_buff *skb);
 88 static int              ip6_pkt_prohibit_out(struct sk_buff *skb);
 89 static void             ip6_link_failure(struct sk_buff *skb);
 90 static void             ip6_rt_update_pmtu(struct dst_entry *dst, struct sock *sk,
 91                                            struct sk_buff *skb, u32 mtu);
 92 static void             rt6_do_redirect(struct dst_entry *dst, struct sock *sk,
 93                                         struct sk_buff *skb);
 94 static int rt6_score_route(struct rt6_info *rt, int oif, int strict);
 95 
 96 #ifdef CONFIG_IPV6_ROUTE_INFO
 97 static struct rt6_info *rt6_add_route_info(struct net *net,
 98                                            const struct in6_addr *prefix, int prefixlen,
 99                                            const struct in6_addr *gwaddr, int ifindex,
100                                            unsigned int pref);
101 static struct rt6_info *rt6_get_route_info(struct net *net,
102                                            const struct in6_addr *prefix, int prefixlen,
103                                            const struct in6_addr *gwaddr, int ifindex);
104 #endif
105 
106 static u32 *ipv6_cow_metrics(struct dst_entry *dst, unsigned long old)
107 {
108         struct rt6_info *rt = (struct rt6_info *) dst;
109         struct inet_peer *peer;
110         u32 *p = NULL;
111 
112         if (!(rt->dst.flags & DST_HOST))
113                 return dst_cow_metrics_generic(dst, old);
114 
115         peer = rt6_get_peer_create(rt);
116         if (peer) {
117                 u32 *old_p = __DST_METRICS_PTR(old);
118                 unsigned long prev, new;
119 
120                 p = peer->metrics;
121                 if (inet_metrics_new(peer))
122                         memcpy(p, old_p, sizeof(u32) * RTAX_MAX);
123 
124                 new = (unsigned long) p;
125                 prev = cmpxchg(&dst->_metrics, old, new);
126 
127                 if (prev != old) {
128                         p = __DST_METRICS_PTR(prev);
129                         if (prev & DST_METRICS_READ_ONLY)
130                                 p = NULL;
131                 }
132         }
133         return p;
134 }
135 
136 static inline const void *choose_neigh_daddr(struct rt6_info *rt,
137                                              struct sk_buff *skb,
138                                              const void *daddr)
139 {
140         struct in6_addr *p = &rt->rt6i_gateway;
141 
142         if (!ipv6_addr_any(p))
143                 return (const void *) p;
144         else if (skb)
145                 return &ipv6_hdr(skb)->daddr;
146         return daddr;
147 }
148 
149 static struct neighbour *ip6_neigh_lookup(const struct dst_entry *dst,
150                                           struct sk_buff *skb,
151                                           const void *daddr)
152 {
153         struct rt6_info *rt = (struct rt6_info *) dst;
154         struct neighbour *n;
155 
156         daddr = choose_neigh_daddr(rt, skb, daddr);
157         n = __ipv6_neigh_lookup(dst->dev, daddr);
158         if (n)
159                 return n;
160         return neigh_create(&nd_tbl, daddr, dst->dev);
161 }
162 
163 static struct dst_ops ip6_dst_ops_template = {
164         .family                 =       AF_INET6,
165         .protocol               =       cpu_to_be16(ETH_P_IPV6),
166         .gc                     =       ip6_dst_gc,
167         .gc_thresh              =       1024,
168         .check                  =       ip6_dst_check,
169         .default_advmss         =       ip6_default_advmss,
170         .mtu                    =       ip6_mtu,
171         .cow_metrics            =       ipv6_cow_metrics,
172         .destroy                =       ip6_dst_destroy,
173         .ifdown                 =       ip6_dst_ifdown,
174         .negative_advice        =       ip6_negative_advice,
175         .link_failure           =       ip6_link_failure,
176         .update_pmtu            =       ip6_rt_update_pmtu,
177         .redirect               =       rt6_do_redirect,
178         .local_out              =       __ip6_local_out,
179         .neigh_lookup           =       ip6_neigh_lookup,
180 };
181 
182 static unsigned int ip6_blackhole_mtu(const struct dst_entry *dst)
183 {
184         unsigned int mtu = dst_metric_raw(dst, RTAX_MTU);
185 
186         return mtu ? : dst->dev->mtu;
187 }
188 
189 static void ip6_rt_blackhole_update_pmtu(struct dst_entry *dst, struct sock *sk,
190                                          struct sk_buff *skb, u32 mtu)
191 {
192 }
193 
194 static void ip6_rt_blackhole_redirect(struct dst_entry *dst, struct sock *sk,
195                                       struct sk_buff *skb)
196 {
197 }
198 
199 static u32 *ip6_rt_blackhole_cow_metrics(struct dst_entry *dst,
200                                          unsigned long old)
201 {
202         return NULL;
203 }
204 
205 static struct dst_ops ip6_dst_blackhole_ops = {
206         .family                 =       AF_INET6,
207         .protocol               =       cpu_to_be16(ETH_P_IPV6),
208         .destroy                =       ip6_dst_destroy,
209         .check                  =       ip6_dst_check,
210         .mtu                    =       ip6_blackhole_mtu,
211         .default_advmss         =       ip6_default_advmss,
212         .update_pmtu            =       ip6_rt_blackhole_update_pmtu,
213         .redirect               =       ip6_rt_blackhole_redirect,
214         .cow_metrics            =       ip6_rt_blackhole_cow_metrics,
215         .neigh_lookup           =       ip6_neigh_lookup,
216 };
217 
218 static const u32 ip6_template_metrics[RTAX_MAX] = {
219         [RTAX_HOPLIMIT - 1] = 0,
220 };
221 
222 static const struct rt6_info ip6_null_entry_template = {
223         .dst = {
224                 .__refcnt       = ATOMIC_INIT(1),
225                 .__use          = 1,
226                 .obsolete       = DST_OBSOLETE_FORCE_CHK,
227                 .error          = -ENETUNREACH,
228                 .input          = ip6_pkt_discard,
229                 .output         = ip6_pkt_discard_out,
230         },
231         .rt6i_flags     = (RTF_REJECT | RTF_NONEXTHOP),
232         .rt6i_protocol  = RTPROT_KERNEL,
233         .rt6i_metric    = ~(u32) 0,
234         .rt6i_ref       = ATOMIC_INIT(1),
235 };
236 
237 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
238 
239 static const struct rt6_info ip6_prohibit_entry_template = {
240         .dst = {
241                 .__refcnt       = ATOMIC_INIT(1),
242                 .__use          = 1,
243                 .obsolete       = DST_OBSOLETE_FORCE_CHK,
244                 .error          = -EACCES,
245                 .input          = ip6_pkt_prohibit,
246                 .output         = ip6_pkt_prohibit_out,
247         },
248         .rt6i_flags     = (RTF_REJECT | RTF_NONEXTHOP),
249         .rt6i_protocol  = RTPROT_KERNEL,
250         .rt6i_metric    = ~(u32) 0,
251         .rt6i_ref       = ATOMIC_INIT(1),
252 };
253 
254 static const struct rt6_info ip6_blk_hole_entry_template = {
255         .dst = {
256                 .__refcnt       = ATOMIC_INIT(1),
257                 .__use          = 1,
258                 .obsolete       = DST_OBSOLETE_FORCE_CHK,
259                 .error          = -EINVAL,
260                 .input          = dst_discard,
261                 .output         = dst_discard,
262         },
263         .rt6i_flags     = (RTF_REJECT | RTF_NONEXTHOP),
264         .rt6i_protocol  = RTPROT_KERNEL,
265         .rt6i_metric    = ~(u32) 0,
266         .rt6i_ref       = ATOMIC_INIT(1),
267 };
268 
269 #endif
270 
271 /* allocate dst with ip6_dst_ops */
272 static inline struct rt6_info *ip6_dst_alloc(struct net *net,
273                                              struct net_device *dev,
274                                              int flags,
275                                              struct fib6_table *table)
276 {
277         struct rt6_info *rt = dst_alloc(&net->ipv6.ip6_dst_ops, dev,
278                                         0, DST_OBSOLETE_FORCE_CHK, flags);
279 
280         if (rt) {
281                 struct dst_entry *dst = &rt->dst;
282 
283                 memset(dst + 1, 0, sizeof(*rt) - sizeof(*dst));
284                 rt6_init_peer(rt, table ? &table->tb6_peers : net->ipv6.peers);
285                 rt->rt6i_genid = rt_genid_ipv6(net);
286                 INIT_LIST_HEAD(&rt->rt6i_siblings);
287         }
288         return rt;
289 }
290 
291 static void ip6_dst_destroy(struct dst_entry *dst)
292 {
293         struct rt6_info *rt = (struct rt6_info *)dst;
294         struct inet6_dev *idev = rt->rt6i_idev;
295         struct dst_entry *from = dst->from;
296 
297         if (!(rt->dst.flags & DST_HOST))
298                 dst_destroy_metrics_generic(dst);
299 
300         if (idev) {
301                 rt->rt6i_idev = NULL;
302                 in6_dev_put(idev);
303         }
304 
305         dst->from = NULL;
306         dst_release(from);
307 
308         if (rt6_has_peer(rt)) {
309                 struct inet_peer *peer = rt6_peer_ptr(rt);
310                 inet_putpeer(peer);
311         }
312 }
313 
314 void rt6_bind_peer(struct rt6_info *rt, int create)
315 {
316         struct inet_peer_base *base;
317         struct inet_peer *peer;
318 
319         base = inetpeer_base_ptr(rt->_rt6i_peer);
320         if (!base)
321                 return;
322 
323         peer = inet_getpeer_v6(base, &rt->rt6i_dst.addr, create);
324         if (peer) {
325                 if (!rt6_set_peer(rt, peer))
326                         inet_putpeer(peer);
327         }
328 }
329 
330 static void ip6_dst_ifdown(struct dst_entry *dst, struct net_device *dev,
331                            int how)
332 {
333         struct rt6_info *rt = (struct rt6_info *)dst;
334         struct inet6_dev *idev = rt->rt6i_idev;
335         struct net_device *loopback_dev =
336                 dev_net(dev)->loopback_dev;
337 
338         if (dev != loopback_dev) {
339                 if (idev && idev->dev == dev) {
340                         struct inet6_dev *loopback_idev =
341                                 in6_dev_get(loopback_dev);
342                         if (loopback_idev) {
343                                 rt->rt6i_idev = loopback_idev;
344                                 in6_dev_put(idev);
345                         }
346                 }
347         }
348 }
349 
350 static bool rt6_check_expired(const struct rt6_info *rt)
351 {
352         if (rt->rt6i_flags & RTF_EXPIRES) {
353                 if (time_after(jiffies, rt->dst.expires))
354                         return true;
355         } else if (rt->dst.from) {
356                 return rt6_check_expired((struct rt6_info *) rt->dst.from);
357         }
358         return false;
359 }
360 
361 static bool rt6_need_strict(const struct in6_addr *daddr)
362 {
363         return ipv6_addr_type(daddr) &
364                 (IPV6_ADDR_MULTICAST | IPV6_ADDR_LINKLOCAL | IPV6_ADDR_LOOPBACK);
365 }
366 
367 /* Multipath route selection:
368  *   Hash based function using packet header and flowlabel.
369  * Adapted from fib_info_hashfn()
370  */
371 static int rt6_info_hash_nhsfn(unsigned int candidate_count,
372                                const struct flowi6 *fl6)
373 {
374         unsigned int val = fl6->flowi6_proto;
375 
376         val ^= ipv6_addr_hash(&fl6->daddr);
377         val ^= ipv6_addr_hash(&fl6->saddr);
378 
379         /* Work only if this not encapsulated */
380         switch (fl6->flowi6_proto) {
381         case IPPROTO_UDP:
382         case IPPROTO_TCP:
383         case IPPROTO_SCTP:
384                 val ^= (__force u16)fl6->fl6_sport;
385                 val ^= (__force u16)fl6->fl6_dport;
386                 break;
387 
388         case IPPROTO_ICMPV6:
389                 val ^= (__force u16)fl6->fl6_icmp_type;
390                 val ^= (__force u16)fl6->fl6_icmp_code;
391                 break;
392         }
393         /* RFC6438 recommands to use flowlabel */
394         val ^= (__force u32)fl6->flowlabel;
395 
396         /* Perhaps, we need to tune, this function? */
397         val = val ^ (val >> 7) ^ (val >> 12);
398         return val % candidate_count;
399 }
400 
401 static struct rt6_info *rt6_multipath_select(struct rt6_info *match,
402                                              struct flowi6 *fl6, int oif,
403                                              int strict)
404 {
405         struct rt6_info *sibling, *next_sibling;
406         int route_choosen;
407 
408         route_choosen = rt6_info_hash_nhsfn(match->rt6i_nsiblings + 1, fl6);
409         /* Don't change the route, if route_choosen == 0
410          * (siblings does not include ourself)
411          */
412         if (route_choosen)
413                 list_for_each_entry_safe(sibling, next_sibling,
414                                 &match->rt6i_siblings, rt6i_siblings) {
415                         route_choosen--;
416                         if (route_choosen == 0) {
417                                 if (rt6_score_route(sibling, oif, strict) < 0)
418                                         break;
419                                 match = sibling;
420                                 break;
421                         }
422                 }
423         return match;
424 }
425 
426 /*
427  *      Route lookup. Any table->tb6_lock is implied.
428  */
429 
430 static inline struct rt6_info *rt6_device_match(struct net *net,
431                                                     struct rt6_info *rt,
432                                                     const struct in6_addr *saddr,
433                                                     int oif,
434                                                     int flags)
435 {
436         struct rt6_info *local = NULL;
437         struct rt6_info *sprt;
438 
439         if (!oif && ipv6_addr_any(saddr))
440                 goto out;
441 
442         for (sprt = rt; sprt; sprt = sprt->dst.rt6_next) {
443                 struct net_device *dev = sprt->dst.dev;
444 
445                 if (oif) {
446                         if (dev->ifindex == oif)
447                                 return sprt;
448                         if (dev->flags & IFF_LOOPBACK) {
449                                 if (!sprt->rt6i_idev ||
450                                     sprt->rt6i_idev->dev->ifindex != oif) {
451                                         if (flags & RT6_LOOKUP_F_IFACE && oif)
452                                                 continue;
453                                         if (local && (!oif ||
454                                                       local->rt6i_idev->dev->ifindex == oif))
455                                                 continue;
456                                 }
457                                 local = sprt;
458                         }
459                 } else {
460                         if (ipv6_chk_addr(net, saddr, dev,
461                                           flags & RT6_LOOKUP_F_IFACE))
462                                 return sprt;
463                 }
464         }
465 
466         if (oif) {
467                 if (local)
468                         return local;
469 
470                 if (flags & RT6_LOOKUP_F_IFACE)
471                         return net->ipv6.ip6_null_entry;
472         }
473 out:
474         return rt;
475 }
476 
477 #ifdef CONFIG_IPV6_ROUTER_PREF
478 struct __rt6_probe_work {
479         struct work_struct work;
480         struct in6_addr target;
481         struct net_device *dev;
482 };
483 
484 static void rt6_probe_deferred(struct work_struct *w)
485 {
486         struct in6_addr mcaddr;
487         struct __rt6_probe_work *work =
488                 container_of(w, struct __rt6_probe_work, work);
489 
490         addrconf_addr_solict_mult(&work->target, &mcaddr);
491         ndisc_send_ns(work->dev, NULL, &work->target, &mcaddr, NULL);
492         dev_put(work->dev);
493         kfree(w);
494 }
495 
496 static void rt6_probe(struct rt6_info *rt)
497 {
498         struct neighbour *neigh;
499         /*
500          * Okay, this does not seem to be appropriate
501          * for now, however, we need to check if it
502          * is really so; aka Router Reachability Probing.
503          *
504          * Router Reachability Probe MUST be rate-limited
505          * to no more than one per minute.
506          */
507         if (!rt || !(rt->rt6i_flags & RTF_GATEWAY))
508                 return;
509         rcu_read_lock_bh();
510         neigh = __ipv6_neigh_lookup_noref(rt->dst.dev, &rt->rt6i_gateway);
511         if (neigh) {
512                 write_lock(&neigh->lock);
513                 if (neigh->nud_state & NUD_VALID)
514                         goto out;
515         }
516 
517         if (!neigh ||
518             time_after(jiffies, neigh->updated + rt->rt6i_idev->cnf.rtr_probe_interval)) {
519                 struct __rt6_probe_work *work;
520 
521                 work = kmalloc(sizeof(*work), GFP_ATOMIC);
522 
523                 if (neigh && work)
524                         neigh->updated = jiffies;
525 
526                 if (neigh)
527                         write_unlock(&neigh->lock);
528 
529                 if (work) {
530                         INIT_WORK(&work->work, rt6_probe_deferred);
531                         work->target = rt->rt6i_gateway;
532                         dev_hold(rt->dst.dev);
533                         work->dev = rt->dst.dev;
534                         schedule_work(&work->work);
535                 }
536         } else {
537 out:
538                 write_unlock(&neigh->lock);
539         }
540         rcu_read_unlock_bh();
541 }
542 #else
543 static inline void rt6_probe(struct rt6_info *rt)
544 {
545 }
546 #endif
547 
548 /*
549  * Default Router Selection (RFC 2461 6.3.6)
550  */
551 static inline int rt6_check_dev(struct rt6_info *rt, int oif)
552 {
553         struct net_device *dev = rt->dst.dev;
554         if (!oif || dev->ifindex == oif)
555                 return 2;
556         if ((dev->flags & IFF_LOOPBACK) &&
557             rt->rt6i_idev && rt->rt6i_idev->dev->ifindex == oif)
558                 return 1;
559         return 0;
560 }
561 
562 static inline enum rt6_nud_state rt6_check_neigh(struct rt6_info *rt)
563 {
564         struct neighbour *neigh;
565         enum rt6_nud_state ret = RT6_NUD_FAIL_HARD;
566 
567         if (rt->rt6i_flags & RTF_NONEXTHOP ||
568             !(rt->rt6i_flags & RTF_GATEWAY))
569                 return RT6_NUD_SUCCEED;
570 
571         rcu_read_lock_bh();
572         neigh = __ipv6_neigh_lookup_noref(rt->dst.dev, &rt->rt6i_gateway);
573         if (neigh) {
574                 read_lock(&neigh->lock);
575                 if (neigh->nud_state & NUD_VALID)
576                         ret = RT6_NUD_SUCCEED;
577 #ifdef CONFIG_IPV6_ROUTER_PREF
578                 else if (!(neigh->nud_state & NUD_FAILED))
579                         ret = RT6_NUD_SUCCEED;
580 #endif
581                 read_unlock(&neigh->lock);
582         } else {
583                 ret = IS_ENABLED(CONFIG_IPV6_ROUTER_PREF) ?
584                       RT6_NUD_SUCCEED : RT6_NUD_FAIL_SOFT;
585         }
586         rcu_read_unlock_bh();
587 
588         return ret;
589 }
590 
591 static int rt6_score_route(struct rt6_info *rt, int oif,
592                            int strict)
593 {
594         int m;
595 
596         m = rt6_check_dev(rt, oif);
597         if (!m && (strict & RT6_LOOKUP_F_IFACE))
598                 return RT6_NUD_FAIL_HARD;
599 #ifdef CONFIG_IPV6_ROUTER_PREF
600         m |= IPV6_DECODE_PREF(IPV6_EXTRACT_PREF(rt->rt6i_flags)) << 2;
601 #endif
602         if (strict & RT6_LOOKUP_F_REACHABLE) {
603                 int n = rt6_check_neigh(rt);
604                 if (n < 0)
605                         return n;
606         }
607         return m;
608 }
609 
610 static struct rt6_info *find_match(struct rt6_info *rt, int oif, int strict,
611                                    int *mpri, struct rt6_info *match,
612                                    bool *do_rr)
613 {
614         int m;
615         bool match_do_rr = false;
616 
617         if (rt6_check_expired(rt))
618                 goto out;
619 
620         m = rt6_score_route(rt, oif, strict);
621         if (m == RT6_NUD_FAIL_SOFT && !IS_ENABLED(CONFIG_IPV6_ROUTER_PREF)) {
622                 match_do_rr = true;
623                 m = 0; /* lowest valid score */
624         } else if (m < 0) {
625                 goto out;
626         }
627 
628         if (strict & RT6_LOOKUP_F_REACHABLE)
629                 rt6_probe(rt);
630 
631         if (m > *mpri) {
632                 *do_rr = match_do_rr;
633                 *mpri = m;
634                 match = rt;
635         }
636 out:
637         return match;
638 }
639 
640 static struct rt6_info *find_rr_leaf(struct fib6_node *fn,
641                                      struct rt6_info *rr_head,
642                                      u32 metric, int oif, int strict,
643                                      bool *do_rr)
644 {
645         struct rt6_info *rt, *match;
646         int mpri = -1;
647 
648         match = NULL;
649         for (rt = rr_head; rt && rt->rt6i_metric == metric;
650              rt = rt->dst.rt6_next)
651                 match = find_match(rt, oif, strict, &mpri, match, do_rr);
652         for (rt = fn->leaf; rt && rt != rr_head && rt->rt6i_metric == metric;
653              rt = rt->dst.rt6_next)
654                 match = find_match(rt, oif, strict, &mpri, match, do_rr);
655 
656         return match;
657 }
658 
659 static struct rt6_info *rt6_select(struct fib6_node *fn, int oif, int strict)
660 {
661         struct rt6_info *match, *rt0;
662         struct net *net;
663         bool do_rr = false;
664 
665         rt0 = fn->rr_ptr;
666         if (!rt0)
667                 fn->rr_ptr = rt0 = fn->leaf;
668 
669         match = find_rr_leaf(fn, rt0, rt0->rt6i_metric, oif, strict,
670                              &do_rr);
671 
672         if (do_rr) {
673                 struct rt6_info *next = rt0->dst.rt6_next;
674 
675                 /* no entries matched; do round-robin */
676                 if (!next || next->rt6i_metric != rt0->rt6i_metric)
677                         next = fn->leaf;
678 
679                 if (next != rt0)
680                         fn->rr_ptr = next;
681         }
682 
683         net = dev_net(rt0->dst.dev);
684         return match ? match : net->ipv6.ip6_null_entry;
685 }
686 
687 #ifdef CONFIG_IPV6_ROUTE_INFO
688 int rt6_route_rcv(struct net_device *dev, u8 *opt, int len,
689                   const struct in6_addr *gwaddr)
690 {
691         struct net *net = dev_net(dev);
692         struct route_info *rinfo = (struct route_info *) opt;
693         struct in6_addr prefix_buf, *prefix;
694         unsigned int pref;
695         unsigned long lifetime;
696         struct rt6_info *rt;
697 
698         if (len < sizeof(struct route_info)) {
699                 return -EINVAL;
700         }
701 
702         /* Sanity check for prefix_len and length */
703         if (rinfo->length > 3) {
704                 return -EINVAL;
705         } else if (rinfo->prefix_len > 128) {
706                 return -EINVAL;
707         } else if (rinfo->prefix_len > 64) {
708                 if (rinfo->length < 2) {
709                         return -EINVAL;
710                 }
711         } else if (rinfo->prefix_len > 0) {
712                 if (rinfo->length < 1) {
713                         return -EINVAL;
714                 }
715         }
716 
717         pref = rinfo->route_pref;
718         if (pref == ICMPV6_ROUTER_PREF_INVALID)
719                 return -EINVAL;
720 
721         lifetime = addrconf_timeout_fixup(ntohl(rinfo->lifetime), HZ);
722 
723         if (rinfo->length == 3)
724                 prefix = (struct in6_addr *)rinfo->prefix;
725         else {
726                 /* this function is safe */
727                 ipv6_addr_prefix(&prefix_buf,
728                                  (struct in6_addr *)rinfo->prefix,
729                                  rinfo->prefix_len);
730                 prefix = &prefix_buf;
731         }
732 
733         if (rinfo->prefix_len == 0)
734                 rt = rt6_get_dflt_router(gwaddr, dev);
735         else
736                 rt = rt6_get_route_info(net, prefix, rinfo->prefix_len,
737                                         gwaddr, dev->ifindex);
738 
739         if (rt && !lifetime) {
740                 ip6_del_rt(rt);
741                 rt = NULL;
742         }
743 
744         if (!rt && lifetime)
745                 rt = rt6_add_route_info(net, prefix, rinfo->prefix_len, gwaddr, dev->ifindex,
746                                         pref);
747         else if (rt)
748                 rt->rt6i_flags = RTF_ROUTEINFO |
749                                  (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
750 
751         if (rt) {
752                 if (!addrconf_finite_timeout(lifetime))
753                         rt6_clean_expires(rt);
754                 else
755                         rt6_set_expires(rt, jiffies + HZ * lifetime);
756 
757                 ip6_rt_put(rt);
758         }
759         return 0;
760 }
761 #endif
762 
763 #define BACKTRACK(__net, saddr)                 \
764 do { \
765         if (rt == __net->ipv6.ip6_null_entry) { \
766                 struct fib6_node *pn; \
767                 while (1) { \
768                         if (fn->fn_flags & RTN_TL_ROOT) \
769                                 goto out; \
770                         pn = fn->parent; \
771                         if (FIB6_SUBTREE(pn) && FIB6_SUBTREE(pn) != fn) \
772                                 fn = fib6_lookup(FIB6_SUBTREE(pn), NULL, saddr); \
773                         else \
774                                 fn = pn; \
775                         if (fn->fn_flags & RTN_RTINFO) \
776                                 goto restart; \
777                 } \
778         } \
779 } while (0)
780 
781 static struct rt6_info *ip6_pol_route_lookup(struct net *net,
782                                              struct fib6_table *table,
783                                              struct flowi6 *fl6, int flags)
784 {
785         struct fib6_node *fn;
786         struct rt6_info *rt;
787 
788         read_lock_bh(&table->tb6_lock);
789         fn = fib6_lookup(&table->tb6_root, &fl6->daddr, &fl6->saddr);
790 restart:
791         rt = fn->leaf;
792         rt = rt6_device_match(net, rt, &fl6->saddr, fl6->flowi6_oif, flags);
793         if (rt->rt6i_nsiblings && fl6->flowi6_oif == 0)
794                 rt = rt6_multipath_select(rt, fl6, fl6->flowi6_oif, flags);
795         BACKTRACK(net, &fl6->saddr);
796 out:
797         dst_use(&rt->dst, jiffies);
798         read_unlock_bh(&table->tb6_lock);
799         return rt;
800 
801 }
802 
803 struct dst_entry * ip6_route_lookup(struct net *net, struct flowi6 *fl6,
804                                     int flags)
805 {
806         return fib6_rule_lookup(net, fl6, flags, ip6_pol_route_lookup);
807 }
808 EXPORT_SYMBOL_GPL(ip6_route_lookup);
809 
810 struct rt6_info *rt6_lookup(struct net *net, const struct in6_addr *daddr,
811                             const struct in6_addr *saddr, int oif, int strict)
812 {
813         struct flowi6 fl6 = {
814                 .flowi6_oif = oif,
815                 .daddr = *daddr,
816         };
817         struct dst_entry *dst;
818         int flags = strict ? RT6_LOOKUP_F_IFACE : 0;
819 
820         if (saddr) {
821                 memcpy(&fl6.saddr, saddr, sizeof(*saddr));
822                 flags |= RT6_LOOKUP_F_HAS_SADDR;
823         }
824 
825         dst = fib6_rule_lookup(net, &fl6, flags, ip6_pol_route_lookup);
826         if (dst->error == 0)
827                 return (struct rt6_info *) dst;
828 
829         dst_release(dst);
830 
831         return NULL;
832 }
833 
834 EXPORT_SYMBOL(rt6_lookup);
835 
836 /* ip6_ins_rt is called with FREE table->tb6_lock.
837    It takes new route entry, the addition fails by any reason the
838    route is freed. In any case, if caller does not hold it, it may
839    be destroyed.
840  */
841 
842 static int __ip6_ins_rt(struct rt6_info *rt, struct nl_info *info)
843 {
844         int err;
845         struct fib6_table *table;
846 
847         table = rt->rt6i_table;
848         write_lock_bh(&table->tb6_lock);
849         err = fib6_add(&table->tb6_root, rt, info);
850         write_unlock_bh(&table->tb6_lock);
851 
852         return err;
853 }
854 
855 int ip6_ins_rt(struct rt6_info *rt)
856 {
857         struct nl_info info = {
858                 .nl_net = dev_net(rt->dst.dev),
859         };
860         return __ip6_ins_rt(rt, &info);
861 }
862 
863 static struct rt6_info *rt6_alloc_cow(struct rt6_info *ort,
864                                       const struct in6_addr *daddr,
865                                       const struct in6_addr *saddr)
866 {
867         struct rt6_info *rt;
868 
869         /*
870          *      Clone the route.
871          */
872 
873         rt = ip6_rt_copy(ort, daddr);
874 
875         if (rt) {
876                 if (!(rt->rt6i_flags & RTF_GATEWAY)) {
877                         if (ort->rt6i_dst.plen != 128 &&
878                             ipv6_addr_equal(&ort->rt6i_dst.addr, daddr))
879                                 rt->rt6i_flags |= RTF_ANYCAST;
880                 }
881 
882                 rt->rt6i_flags |= RTF_CACHE;
883 
884 #ifdef CONFIG_IPV6_SUBTREES
885                 if (rt->rt6i_src.plen && saddr) {
886                         rt->rt6i_src.addr = *saddr;
887                         rt->rt6i_src.plen = 128;
888                 }
889 #endif
890         }
891 
892         return rt;
893 }
894 
895 static struct rt6_info *rt6_alloc_clone(struct rt6_info *ort,
896                                         const struct in6_addr *daddr)
897 {
898         struct rt6_info *rt = ip6_rt_copy(ort, daddr);
899 
900         if (rt)
901                 rt->rt6i_flags |= RTF_CACHE;
902         return rt;
903 }
904 
905 static struct rt6_info *ip6_pol_route(struct net *net, struct fib6_table *table, int oif,
906                                       struct flowi6 *fl6, int flags)
907 {
908         struct fib6_node *fn;
909         struct rt6_info *rt, *nrt;
910         int strict = 0;
911         int attempts = 3;
912         int err;
913         int reachable = net->ipv6.devconf_all->forwarding ? 0 : RT6_LOOKUP_F_REACHABLE;
914 
915         strict |= flags & RT6_LOOKUP_F_IFACE;
916 
917 relookup:
918         read_lock_bh(&table->tb6_lock);
919 
920 restart_2:
921         fn = fib6_lookup(&table->tb6_root, &fl6->daddr, &fl6->saddr);
922 
923 restart:
924         rt = rt6_select(fn, oif, strict | reachable);
925         if (rt->rt6i_nsiblings)
926                 rt = rt6_multipath_select(rt, fl6, oif, strict | reachable);
927         BACKTRACK(net, &fl6->saddr);
928         if (rt == net->ipv6.ip6_null_entry ||
929             rt->rt6i_flags & RTF_CACHE)
930                 goto out;
931 
932         dst_hold(&rt->dst);
933         read_unlock_bh(&table->tb6_lock);
934 
935         if (!(rt->rt6i_flags & (RTF_NONEXTHOP | RTF_GATEWAY)))
936                 nrt = rt6_alloc_cow(rt, &fl6->daddr, &fl6->saddr);
937         else if (!(rt->dst.flags & DST_HOST))
938                 nrt = rt6_alloc_clone(rt, &fl6->daddr);
939         else
940                 goto out2;
941 
942         ip6_rt_put(rt);
943         rt = nrt ? : net->ipv6.ip6_null_entry;
944 
945         dst_hold(&rt->dst);
946         if (nrt) {
947                 err = ip6_ins_rt(nrt);
948                 if (!err)
949                         goto out2;
950         }
951 
952         if (--attempts <= 0)
953                 goto out2;
954 
955         /*
956          * Race condition! In the gap, when table->tb6_lock was
957          * released someone could insert this route.  Relookup.
958          */
959         ip6_rt_put(rt);
960         goto relookup;
961 
962 out:
963         if (reachable) {
964                 reachable = 0;
965                 goto restart_2;
966         }
967         dst_hold(&rt->dst);
968         read_unlock_bh(&table->tb6_lock);
969 out2:
970         rt->dst.lastuse = jiffies;
971         rt->dst.__use++;
972 
973         return rt;
974 }
975 
976 static struct rt6_info *ip6_pol_route_input(struct net *net, struct fib6_table *table,
977                                             struct flowi6 *fl6, int flags)
978 {
979         return ip6_pol_route(net, table, fl6->flowi6_iif, fl6, flags);
980 }
981 
982 static struct dst_entry *ip6_route_input_lookup(struct net *net,
983                                                 struct net_device *dev,
984                                                 struct flowi6 *fl6, int flags)
985 {
986         if (rt6_need_strict(&fl6->daddr) && dev->type != ARPHRD_PIMREG)
987                 flags |= RT6_LOOKUP_F_IFACE;
988 
989         return fib6_rule_lookup(net, fl6, flags, ip6_pol_route_input);
990 }
991 
992 void ip6_route_input(struct sk_buff *skb)
993 {
994         const struct ipv6hdr *iph = ipv6_hdr(skb);
995         struct net *net = dev_net(skb->dev);
996         int flags = RT6_LOOKUP_F_HAS_SADDR;
997         struct flowi6 fl6 = {
998                 .flowi6_iif = skb->dev->ifindex,
999                 .daddr = iph->daddr,
1000                 .saddr = iph->saddr,
1001                 .flowlabel = ip6_flowinfo(iph),
1002                 .flowi6_mark = skb->mark,
1003                 .flowi6_proto = iph->nexthdr,
1004         };
1005 
1006         skb_dst_set(skb, ip6_route_input_lookup(net, skb->dev, &fl6, flags));
1007 }
1008 
1009 static struct rt6_info *ip6_pol_route_output(struct net *net, struct fib6_table *table,
1010                                              struct flowi6 *fl6, int flags)
1011 {
1012         return ip6_pol_route(net, table, fl6->flowi6_oif, fl6, flags);
1013 }
1014 
1015 struct dst_entry * ip6_route_output(struct net *net, const struct sock *sk,
1016                                     struct flowi6 *fl6)
1017 {
1018         int flags = 0;
1019 
1020         fl6->flowi6_iif = LOOPBACK_IFINDEX;
1021 
1022         if ((sk && sk->sk_bound_dev_if) || rt6_need_strict(&fl6->daddr))
1023                 flags |= RT6_LOOKUP_F_IFACE;
1024 
1025         if (!ipv6_addr_any(&fl6->saddr))
1026                 flags |= RT6_LOOKUP_F_HAS_SADDR;
1027         else if (sk)
1028                 flags |= rt6_srcprefs2flags(inet6_sk(sk)->srcprefs);
1029 
1030         return fib6_rule_lookup(net, fl6, flags, ip6_pol_route_output);
1031 }
1032 
1033 EXPORT_SYMBOL(ip6_route_output);
1034 
1035 struct dst_entry *ip6_blackhole_route(struct net *net, struct dst_entry *dst_orig)
1036 {
1037         struct rt6_info *rt, *ort = (struct rt6_info *) dst_orig;
1038         struct dst_entry *new = NULL;
1039 
1040         rt = dst_alloc(&ip6_dst_blackhole_ops, ort->dst.dev, 1, DST_OBSOLETE_NONE, 0);
1041         if (rt) {
1042                 new = &rt->dst;
1043 
1044                 memset(new + 1, 0, sizeof(*rt) - sizeof(*new));
1045                 rt6_init_peer(rt, net->ipv6.peers);
1046 
1047                 new->__use = 1;
1048                 new->input = dst_discard;
1049                 new->output = dst_discard;
1050 
1051                 if (dst_metrics_read_only(&ort->dst))
1052                         new->_metrics = ort->dst._metrics;
1053                 else
1054                         dst_copy_metrics(new, &ort->dst);
1055                 rt->rt6i_idev = ort->rt6i_idev;
1056                 if (rt->rt6i_idev)
1057                         in6_dev_hold(rt->rt6i_idev);
1058 
1059                 rt->rt6i_gateway = ort->rt6i_gateway;
1060                 rt->rt6i_flags = ort->rt6i_flags;
1061                 rt->rt6i_metric = 0;
1062 
1063                 memcpy(&rt->rt6i_dst, &ort->rt6i_dst, sizeof(struct rt6key));
1064 #ifdef CONFIG_IPV6_SUBTREES
1065                 memcpy(&rt->rt6i_src, &ort->rt6i_src, sizeof(struct rt6key));
1066 #endif
1067 
1068                 dst_free(new);
1069         }
1070 
1071         dst_release(dst_orig);
1072         return new ? new : ERR_PTR(-ENOMEM);
1073 }
1074 
1075 /*
1076  *      Destination cache support functions
1077  */
1078 
1079 static struct dst_entry *ip6_dst_check(struct dst_entry *dst, u32 cookie)
1080 {
1081         struct rt6_info *rt;
1082 
1083         rt = (struct rt6_info *) dst;
1084 
1085         /* All IPV6 dsts are created with ->obsolete set to the value
1086          * DST_OBSOLETE_FORCE_CHK which forces validation calls down
1087          * into this function always.
1088          */
1089         if (rt->rt6i_genid != rt_genid_ipv6(dev_net(rt->dst.dev)))
1090                 return NULL;
1091 
1092         if (!rt->rt6i_node || (rt->rt6i_node->fn_sernum != cookie))
1093                 return NULL;
1094 
1095         if (rt6_check_expired(rt))
1096                 return NULL;
1097 
1098         return dst;
1099 }
1100 
1101 static struct dst_entry *ip6_negative_advice(struct dst_entry *dst)
1102 {
1103         struct rt6_info *rt = (struct rt6_info *) dst;
1104 
1105         if (rt) {
1106                 if (rt->rt6i_flags & RTF_CACHE) {
1107                         if (rt6_check_expired(rt)) {
1108                                 ip6_del_rt(rt);
1109                                 dst = NULL;
1110                         }
1111                 } else {
1112                         dst_release(dst);
1113                         dst = NULL;
1114                 }
1115         }
1116         return dst;
1117 }
1118 
1119 static void ip6_link_failure(struct sk_buff *skb)
1120 {
1121         struct rt6_info *rt;
1122 
1123         icmpv6_send(skb, ICMPV6_DEST_UNREACH, ICMPV6_ADDR_UNREACH, 0);
1124 
1125         rt = (struct rt6_info *) skb_dst(skb);
1126         if (rt) {
1127                 if (rt->rt6i_flags & RTF_CACHE) {
1128                         dst_hold(&rt->dst);
1129                         if (ip6_del_rt(rt))
1130                                 dst_free(&rt->dst);
1131                 } else if (rt->rt6i_node && (rt->rt6i_flags & RTF_DEFAULT)) {
1132                         rt->rt6i_node->fn_sernum = -1;
1133                 }
1134         }
1135 }
1136 
1137 static void ip6_rt_update_pmtu(struct dst_entry *dst, struct sock *sk,
1138                                struct sk_buff *skb, u32 mtu)
1139 {
1140         struct rt6_info *rt6 = (struct rt6_info*)dst;
1141 
1142         dst_confirm(dst);
1143         if (mtu < dst_mtu(dst) && rt6->rt6i_dst.plen == 128) {
1144                 struct net *net = dev_net(dst->dev);
1145 
1146                 rt6->rt6i_flags |= RTF_MODIFIED;
1147                 if (mtu < IPV6_MIN_MTU)
1148                         mtu = IPV6_MIN_MTU;
1149 
1150                 dst_metric_set(dst, RTAX_MTU, mtu);
1151                 rt6_update_expires(rt6, net->ipv6.sysctl.ip6_rt_mtu_expires);
1152         }
1153 }
1154 
1155 void ip6_update_pmtu(struct sk_buff *skb, struct net *net, __be32 mtu,
1156                      int oif, u32 mark)
1157 {
1158         const struct ipv6hdr *iph = (struct ipv6hdr *) skb->data;
1159         struct dst_entry *dst;
1160         struct flowi6 fl6;
1161 
1162         memset(&fl6, 0, sizeof(fl6));
1163         fl6.flowi6_oif = oif;
1164         fl6.flowi6_mark = mark;
1165         fl6.flowi6_flags = 0;
1166         fl6.daddr = iph->daddr;
1167         fl6.saddr = iph->saddr;
1168         fl6.flowlabel = ip6_flowinfo(iph);
1169 
1170         dst = ip6_route_output(net, NULL, &fl6);
1171         if (!dst->error)
1172                 ip6_rt_update_pmtu(dst, NULL, skb, ntohl(mtu));
1173         dst_release(dst);
1174 }
1175 EXPORT_SYMBOL_GPL(ip6_update_pmtu);
1176 
1177 void ip6_sk_update_pmtu(struct sk_buff *skb, struct sock *sk, __be32 mtu)
1178 {
1179         ip6_update_pmtu(skb, sock_net(sk), mtu,
1180                         sk->sk_bound_dev_if, sk->sk_mark);
1181 }
1182 EXPORT_SYMBOL_GPL(ip6_sk_update_pmtu);
1183 
1184 /* Handle redirects */
1185 struct ip6rd_flowi {
1186         struct flowi6 fl6;
1187         struct in6_addr gateway;
1188 };
1189 
1190 static struct rt6_info *__ip6_route_redirect(struct net *net,
1191                                              struct fib6_table *table,
1192                                              struct flowi6 *fl6,
1193                                              int flags)
1194 {
1195         struct ip6rd_flowi *rdfl = (struct ip6rd_flowi *)fl6;
1196         struct rt6_info *rt;
1197         struct fib6_node *fn;
1198 
1199         /* Get the "current" route for this destination and
1200          * check if the redirect has come from approriate router.
1201          *
1202          * RFC 4861 specifies that redirects should only be
1203          * accepted if they come from the nexthop to the target.
1204          * Due to the way the routes are chosen, this notion
1205          * is a bit fuzzy and one might need to check all possible
1206          * routes.
1207          */
1208 
1209         read_lock_bh(&table->tb6_lock);
1210         fn = fib6_lookup(&table->tb6_root, &fl6->daddr, &fl6->saddr);
1211 restart:
1212         for (rt = fn->leaf; rt; rt = rt->dst.rt6_next) {
1213                 if (rt6_check_expired(rt))
1214                         continue;
1215                 if (rt->dst.error)
1216                         break;
1217                 if (!(rt->rt6i_flags & RTF_GATEWAY))
1218                         continue;
1219                 if (fl6->flowi6_oif != rt->dst.dev->ifindex)
1220                         continue;
1221                 if (!ipv6_addr_equal(&rdfl->gateway, &rt->rt6i_gateway))
1222                         continue;
1223                 break;
1224         }
1225 
1226         if (!rt)
1227                 rt = net->ipv6.ip6_null_entry;
1228         else if (rt->dst.error) {
1229                 rt = net->ipv6.ip6_null_entry;
1230                 goto out;
1231         }
1232         BACKTRACK(net, &fl6->saddr);
1233 out:
1234         dst_hold(&rt->dst);
1235 
1236         read_unlock_bh(&table->tb6_lock);
1237 
1238         return rt;
1239 };
1240 
1241 static struct dst_entry *ip6_route_redirect(struct net *net,
1242                                         const struct flowi6 *fl6,
1243                                         const struct in6_addr *gateway)
1244 {
1245         int flags = RT6_LOOKUP_F_HAS_SADDR;
1246         struct ip6rd_flowi rdfl;
1247 
1248         rdfl.fl6 = *fl6;
1249         rdfl.gateway = *gateway;
1250 
1251         return fib6_rule_lookup(net, &rdfl.fl6,
1252                                 flags, __ip6_route_redirect);
1253 }
1254 
1255 void ip6_redirect(struct sk_buff *skb, struct net *net, int oif, u32 mark)
1256 {
1257         const struct ipv6hdr *iph = (struct ipv6hdr *) skb->data;
1258         struct dst_entry *dst;
1259         struct flowi6 fl6;
1260 
1261         memset(&fl6, 0, sizeof(fl6));
1262         fl6.flowi6_oif = oif;
1263         fl6.flowi6_mark = mark;
1264         fl6.flowi6_flags = 0;
1265         fl6.daddr = iph->daddr;
1266         fl6.saddr = iph->saddr;
1267         fl6.flowlabel = ip6_flowinfo(iph);
1268 
1269         dst = ip6_route_redirect(net, &fl6, &ipv6_hdr(skb)->saddr);
1270         rt6_do_redirect(dst, NULL, skb);
1271         dst_release(dst);
1272 }
1273 EXPORT_SYMBOL_GPL(ip6_redirect);
1274 
1275 void ip6_redirect_no_header(struct sk_buff *skb, struct net *net, int oif,
1276                             u32 mark)
1277 {
1278         const struct ipv6hdr *iph = ipv6_hdr(skb);
1279         const struct rd_msg *msg = (struct rd_msg *)icmp6_hdr(skb);
1280         struct dst_entry *dst;
1281         struct flowi6 fl6;
1282 
1283         memset(&fl6, 0, sizeof(fl6));
1284         fl6.flowi6_oif = oif;
1285         fl6.flowi6_mark = mark;
1286         fl6.flowi6_flags = 0;
1287         fl6.daddr = msg->dest;
1288         fl6.saddr = iph->daddr;
1289 
1290         dst = ip6_route_redirect(net, &fl6, &iph->saddr);
1291         rt6_do_redirect(dst, NULL, skb);
1292         dst_release(dst);
1293 }
1294 
1295 void ip6_sk_redirect(struct sk_buff *skb, struct sock *sk)
1296 {
1297         ip6_redirect(skb, sock_net(sk), sk->sk_bound_dev_if, sk->sk_mark);
1298 }
1299 EXPORT_SYMBOL_GPL(ip6_sk_redirect);
1300 
1301 static unsigned int ip6_default_advmss(const struct dst_entry *dst)
1302 {
1303         struct net_device *dev = dst->dev;
1304         unsigned int mtu = dst_mtu(dst);
1305         struct net *net = dev_net(dev);
1306 
1307         mtu -= sizeof(struct ipv6hdr) + sizeof(struct tcphdr);
1308 
1309         if (mtu < net->ipv6.sysctl.ip6_rt_min_advmss)
1310                 mtu = net->ipv6.sysctl.ip6_rt_min_advmss;
1311 
1312         /*
1313          * Maximal non-jumbo IPv6 payload is IPV6_MAXPLEN and
1314          * corresponding MSS is IPV6_MAXPLEN - tcp_header_size.
1315          * IPV6_MAXPLEN is also valid and means: "any MSS,
1316          * rely only on pmtu discovery"
1317          */
1318         if (mtu > IPV6_MAXPLEN - sizeof(struct tcphdr))
1319                 mtu = IPV6_MAXPLEN;
1320         return mtu;
1321 }
1322 
1323 static unsigned int ip6_mtu(const struct dst_entry *dst)
1324 {
1325         struct inet6_dev *idev;
1326         unsigned int mtu = dst_metric_raw(dst, RTAX_MTU);
1327 
1328         if (mtu)
1329                 goto out;
1330 
1331         mtu = IPV6_MIN_MTU;
1332 
1333         rcu_read_lock();
1334         idev = __in6_dev_get(dst->dev);
1335         if (idev)
1336                 mtu = idev->cnf.mtu6;
1337         rcu_read_unlock();
1338 
1339 out:
1340         return min_t(unsigned int, mtu, IP6_MAX_MTU);
1341 }
1342 
1343 static struct dst_entry *icmp6_dst_gc_list;
1344 static DEFINE_SPINLOCK(icmp6_dst_lock);
1345 
1346 struct dst_entry *icmp6_dst_alloc(struct net_device *dev,
1347                                   struct flowi6 *fl6)
1348 {
1349         struct dst_entry *dst;
1350         struct rt6_info *rt;
1351         struct inet6_dev *idev = in6_dev_get(dev);
1352         struct net *net = dev_net(dev);
1353 
1354         if (unlikely(!idev))
1355                 return ERR_PTR(-ENODEV);
1356 
1357         rt = ip6_dst_alloc(net, dev, 0, NULL);
1358         if (unlikely(!rt)) {
1359                 in6_dev_put(idev);
1360                 dst = ERR_PTR(-ENOMEM);
1361                 goto out;
1362         }
1363 
1364         rt->dst.flags |= DST_HOST;
1365         rt->dst.output  = ip6_output;
1366         atomic_set(&rt->dst.__refcnt, 1);
1367         rt->rt6i_gateway  = fl6->daddr;
1368         rt->rt6i_dst.addr = fl6->daddr;
1369         rt->rt6i_dst.plen = 128;
1370         rt->rt6i_idev     = idev;
1371         dst_metric_set(&rt->dst, RTAX_HOPLIMIT, 0);
1372 
1373         spin_lock_bh(&icmp6_dst_lock);
1374         rt->dst.next = icmp6_dst_gc_list;
1375         icmp6_dst_gc_list = &rt->dst;
1376         spin_unlock_bh(&icmp6_dst_lock);
1377 
1378         fib6_force_start_gc(net);
1379 
1380         dst = xfrm_lookup(net, &rt->dst, flowi6_to_flowi(fl6), NULL, 0);
1381 
1382 out:
1383         return dst;
1384 }
1385 
1386 int icmp6_dst_gc(void)
1387 {
1388         struct dst_entry *dst, **pprev;
1389         int more = 0;
1390 
1391         spin_lock_bh(&icmp6_dst_lock);
1392         pprev = &icmp6_dst_gc_list;
1393 
1394         while ((dst = *pprev) != NULL) {
1395                 if (!atomic_read(&dst->__refcnt)) {
1396                         *pprev = dst->next;
1397                         dst_free(dst);
1398                 } else {
1399                         pprev = &dst->next;
1400                         ++more;
1401                 }
1402         }
1403 
1404         spin_unlock_bh(&icmp6_dst_lock);
1405 
1406         return more;
1407 }
1408 
1409 static void icmp6_clean_all(int (*func)(struct rt6_info *rt, void *arg),
1410                             void *arg)
1411 {
1412         struct dst_entry *dst, **pprev;
1413 
1414         spin_lock_bh(&icmp6_dst_lock);
1415         pprev = &icmp6_dst_gc_list;
1416         while ((dst = *pprev) != NULL) {
1417                 struct rt6_info *rt = (struct rt6_info *) dst;
1418                 if (func(rt, arg)) {
1419                         *pprev = dst->next;
1420                         dst_free(dst);
1421                 } else {
1422                         pprev = &dst->next;
1423                 }
1424         }
1425         spin_unlock_bh(&icmp6_dst_lock);
1426 }
1427 
1428 static int ip6_dst_gc(struct dst_ops *ops)
1429 {
1430         struct net *net = container_of(ops, struct net, ipv6.ip6_dst_ops);
1431         int rt_min_interval = net->ipv6.sysctl.ip6_rt_gc_min_interval;
1432         int rt_max_size = net->ipv6.sysctl.ip6_rt_max_size;
1433         int rt_elasticity = net->ipv6.sysctl.ip6_rt_gc_elasticity;
1434         int rt_gc_timeout = net->ipv6.sysctl.ip6_rt_gc_timeout;
1435         unsigned long rt_last_gc = net->ipv6.ip6_rt_last_gc;
1436         int entries;
1437 
1438         entries = dst_entries_get_fast(ops);
1439         if (time_after(rt_last_gc + rt_min_interval, jiffies) &&
1440             entries <= rt_max_size)
1441                 goto out;
1442 
1443         net->ipv6.ip6_rt_gc_expire++;
1444         fib6_run_gc(net->ipv6.ip6_rt_gc_expire, net, entries > rt_max_size);
1445         entries = dst_entries_get_slow(ops);
1446         if (entries < ops->gc_thresh)
1447                 net->ipv6.ip6_rt_gc_expire = rt_gc_timeout>>1;
1448 out:
1449         net->ipv6.ip6_rt_gc_expire -= net->ipv6.ip6_rt_gc_expire>>rt_elasticity;
1450         return entries > rt_max_size;
1451 }
1452 
1453 /*
1454  *
1455  */
1456 
1457 int ip6_route_add(struct fib6_config *cfg)
1458 {
1459         int err;
1460         struct net *net = cfg->fc_nlinfo.nl_net;
1461         struct rt6_info *rt = NULL;
1462         struct net_device *dev = NULL;
1463         struct inet6_dev *idev = NULL;
1464         struct fib6_table *table;
1465         int addr_type;
1466 
1467         if (cfg->fc_dst_len > 128 || cfg->fc_src_len > 128)
1468                 return -EINVAL;
1469 #ifndef CONFIG_IPV6_SUBTREES
1470         if (cfg->fc_src_len)
1471                 return -EINVAL;
1472 #endif
1473         if (cfg->fc_ifindex) {
1474                 err = -ENODEV;
1475                 dev = dev_get_by_index(net, cfg->fc_ifindex);
1476                 if (!dev)
1477                         goto out;
1478                 idev = in6_dev_get(dev);
1479                 if (!idev)
1480                         goto out;
1481         }
1482 
1483         if (cfg->fc_metric == 0)
1484                 cfg->fc_metric = IP6_RT_PRIO_USER;
1485 
1486         err = -ENOBUFS;
1487         if (cfg->fc_nlinfo.nlh &&
1488             !(cfg->fc_nlinfo.nlh->nlmsg_flags & NLM_F_CREATE)) {
1489                 table = fib6_get_table(net, cfg->fc_table);
1490                 if (!table) {
1491                         pr_warn("NLM_F_CREATE should be specified when creating new route\n");
1492                         table = fib6_new_table(net, cfg->fc_table);
1493                 }
1494         } else {
1495                 table = fib6_new_table(net, cfg->fc_table);
1496         }
1497 
1498         if (!table)
1499                 goto out;
1500 
1501         rt = ip6_dst_alloc(net, NULL, (cfg->fc_flags & RTF_ADDRCONF) ? 0 : DST_NOCOUNT, table);
1502 
1503         if (!rt) {
1504                 err = -ENOMEM;
1505                 goto out;
1506         }
1507 
1508         if (cfg->fc_flags & RTF_EXPIRES)
1509                 rt6_set_expires(rt, jiffies +
1510                                 clock_t_to_jiffies(cfg->fc_expires));
1511         else
1512                 rt6_clean_expires(rt);
1513 
1514         if (cfg->fc_protocol == RTPROT_UNSPEC)
1515                 cfg->fc_protocol = RTPROT_BOOT;
1516         rt->rt6i_protocol = cfg->fc_protocol;
1517 
1518         addr_type = ipv6_addr_type(&cfg->fc_dst);
1519 
1520         if (addr_type & IPV6_ADDR_MULTICAST)
1521                 rt->dst.input = ip6_mc_input;
1522         else if (cfg->fc_flags & RTF_LOCAL)
1523                 rt->dst.input = ip6_input;
1524         else
1525                 rt->dst.input = ip6_forward;
1526 
1527         rt->dst.output = ip6_output;
1528 
1529         ipv6_addr_prefix(&rt->rt6i_dst.addr, &cfg->fc_dst, cfg->fc_dst_len);
1530         rt->rt6i_dst.plen = cfg->fc_dst_len;
1531         if (rt->rt6i_dst.plen == 128)
1532                rt->dst.flags |= DST_HOST;
1533 
1534         if (!(rt->dst.flags & DST_HOST) && cfg->fc_mx) {
1535                 u32 *metrics = kzalloc(sizeof(u32) * RTAX_MAX, GFP_KERNEL);
1536                 if (!metrics) {
1537                         err = -ENOMEM;
1538                         goto out;
1539                 }
1540                 dst_init_metrics(&rt->dst, metrics, 0);
1541         }
1542 #ifdef CONFIG_IPV6_SUBTREES
1543         ipv6_addr_prefix(&rt->rt6i_src.addr, &cfg->fc_src, cfg->fc_src_len);
1544         rt->rt6i_src.plen = cfg->fc_src_len;
1545 #endif
1546 
1547         rt->rt6i_metric = cfg->fc_metric;
1548 
1549         /* We cannot add true routes via loopback here,
1550            they would result in kernel looping; promote them to reject routes
1551          */
1552         if ((cfg->fc_flags & RTF_REJECT) ||
1553             (dev && (dev->flags & IFF_LOOPBACK) &&
1554              !(addr_type & IPV6_ADDR_LOOPBACK) &&
1555              !(cfg->fc_flags & RTF_LOCAL))) {
1556                 /* hold loopback dev/idev if we haven't done so. */
1557                 if (dev != net->loopback_dev) {
1558                         if (dev) {
1559                                 dev_put(dev);
1560                                 in6_dev_put(idev);
1561                         }
1562                         dev = net->loopback_dev;
1563                         dev_hold(dev);
1564                         idev = in6_dev_get(dev);
1565                         if (!idev) {
1566                                 err = -ENODEV;
1567                                 goto out;
1568                         }
1569                 }
1570                 rt->rt6i_flags = RTF_REJECT|RTF_NONEXTHOP;
1571                 switch (cfg->fc_type) {
1572                 case RTN_BLACKHOLE:
1573                         rt->dst.error = -EINVAL;
1574                         rt->dst.output = dst_discard;
1575                         rt->dst.input = dst_discard;
1576                         break;
1577                 case RTN_PROHIBIT:
1578                         rt->dst.error = -EACCES;
1579                         rt->dst.output = ip6_pkt_prohibit_out;
1580                         rt->dst.input = ip6_pkt_prohibit;
1581                         break;
1582                 case RTN_THROW:
1583                 default:
1584                         rt->dst.error = (cfg->fc_type == RTN_THROW) ? -EAGAIN
1585                                         : -ENETUNREACH;
1586                         rt->dst.output = ip6_pkt_discard_out;
1587                         rt->dst.input = ip6_pkt_discard;
1588                         break;
1589                 }
1590                 goto install_route;
1591         }
1592 
1593         if (cfg->fc_flags & RTF_GATEWAY) {
1594                 const struct in6_addr *gw_addr;
1595                 int gwa_type;
1596 
1597                 gw_addr = &cfg->fc_gateway;
1598                 rt->rt6i_gateway = *gw_addr;
1599                 gwa_type = ipv6_addr_type(gw_addr);
1600 
1601                 if (gwa_type != (IPV6_ADDR_LINKLOCAL|IPV6_ADDR_UNICAST)) {
1602                         struct rt6_info *grt;
1603 
1604                         /* IPv6 strictly inhibits using not link-local
1605                            addresses as nexthop address.
1606                            Otherwise, router will not able to send redirects.
1607                            It is very good, but in some (rare!) circumstances
1608                            (SIT, PtP, NBMA NOARP links) it is handy to allow
1609                            some exceptions. --ANK
1610                          */
1611                         err = -EINVAL;
1612                         if (!(gwa_type & IPV6_ADDR_UNICAST))
1613                                 goto out;
1614 
1615                         grt = rt6_lookup(net, gw_addr, NULL, cfg->fc_ifindex, 1);
1616 
1617                         err = -EHOSTUNREACH;
1618                         if (!grt)
1619                                 goto out;
1620                         if (dev) {
1621                                 if (dev != grt->dst.dev) {
1622                                         ip6_rt_put(grt);
1623                                         goto out;
1624                                 }
1625                         } else {
1626                                 dev = grt->dst.dev;
1627                                 idev = grt->rt6i_idev;
1628                                 dev_hold(dev);
1629                                 in6_dev_hold(grt->rt6i_idev);
1630                         }
1631                         if (!(grt->rt6i_flags & RTF_GATEWAY))
1632                                 err = 0;
1633                         ip6_rt_put(grt);
1634 
1635                         if (err)
1636                                 goto out;
1637                 }
1638                 err = -EINVAL;
1639                 if (!dev || (dev->flags & IFF_LOOPBACK))
1640                         goto out;
1641         }
1642 
1643         err = -ENODEV;
1644         if (!dev)
1645                 goto out;
1646 
1647         if (!ipv6_addr_any(&cfg->fc_prefsrc)) {
1648                 if (!ipv6_chk_addr(net, &cfg->fc_prefsrc, dev, 0)) {
1649                         err = -EINVAL;
1650                         goto out;
1651                 }
1652                 rt->rt6i_prefsrc.addr = cfg->fc_prefsrc;
1653                 rt->rt6i_prefsrc.plen = 128;
1654         } else
1655                 rt->rt6i_prefsrc.plen = 0;
1656 
1657         rt->rt6i_flags = cfg->fc_flags;
1658 
1659 install_route:
1660         if (cfg->fc_mx) {
1661                 struct nlattr *nla;
1662                 int remaining;
1663 
1664                 nla_for_each_attr(nla, cfg->fc_mx, cfg->fc_mx_len, remaining) {
1665                         int type = nla_type(nla);
1666 
1667                         if (type) {
1668                                 if (type > RTAX_MAX) {
1669                                         err = -EINVAL;
1670                                         goto out;
1671                                 }
1672 
1673                                 if (type == RTAX_HOPLIMIT && nla_get_u32(nla) > 255)
1674                                         dst_metric_set(&rt->dst, type, 255);
1675                                 else
1676                                         dst_metric_set(&rt->dst, type,
1677                                                 nla_get_u32(nla));
1678                         }
1679                 }
1680         }
1681 
1682         rt->dst.dev = dev;
1683         rt->rt6i_idev = idev;
1684         rt->rt6i_table = table;
1685 
1686         cfg->fc_nlinfo.nl_net = dev_net(dev);
1687 
1688         return __ip6_ins_rt(rt, &cfg->fc_nlinfo);
1689 
1690 out:
1691         if (dev)
1692                 dev_put(dev);
1693         if (idev)
1694                 in6_dev_put(idev);
1695         if (rt)
1696                 dst_free(&rt->dst);
1697         return err;
1698 }
1699 
1700 static int __ip6_del_rt(struct rt6_info *rt, struct nl_info *info)
1701 {
1702         int err;
1703         struct fib6_table *table;
1704         struct net *net = dev_net(rt->dst.dev);
1705 
1706         if (rt == net->ipv6.ip6_null_entry) {
1707                 err = -ENOENT;
1708                 goto out;
1709         }
1710 
1711         table = rt->rt6i_table;
1712         write_lock_bh(&table->tb6_lock);
1713         err = fib6_del(rt, info);
1714         write_unlock_bh(&table->tb6_lock);
1715 
1716 out:
1717         ip6_rt_put(rt);
1718         return err;
1719 }
1720 
1721 int ip6_del_rt(struct rt6_info *rt)
1722 {
1723         struct nl_info info = {
1724                 .nl_net = dev_net(rt->dst.dev),
1725         };
1726         return __ip6_del_rt(rt, &info);
1727 }
1728 
1729 static int ip6_route_del(struct fib6_config *cfg)
1730 {
1731         struct fib6_table *table;
1732         struct fib6_node *fn;
1733         struct rt6_info *rt;
1734         int err = -ESRCH;
1735 
1736         table = fib6_get_table(cfg->fc_nlinfo.nl_net, cfg->fc_table);
1737         if (!table)
1738                 return err;
1739 
1740         read_lock_bh(&table->tb6_lock);
1741 
1742         fn = fib6_locate(&table->tb6_root,
1743                          &cfg->fc_dst, cfg->fc_dst_len,
1744                          &cfg->fc_src, cfg->fc_src_len);
1745 
1746         if (fn) {
1747                 for (rt = fn->leaf; rt; rt = rt->dst.rt6_next) {
1748                         if (cfg->fc_ifindex &&
1749                             (!rt->dst.dev ||
1750                              rt->dst.dev->ifindex != cfg->fc_ifindex))
1751                                 continue;
1752                         if (cfg->fc_flags & RTF_GATEWAY &&
1753                             !ipv6_addr_equal(&cfg->fc_gateway, &rt->rt6i_gateway))
1754                                 continue;
1755                         if (cfg->fc_metric && cfg->fc_metric != rt->rt6i_metric)
1756                                 continue;
1757                         if (cfg->fc_protocol && cfg->fc_protocol != rt->rt6i_protocol)
1758                                 continue;
1759                         dst_hold(&rt->dst);
1760                         read_unlock_bh(&table->tb6_lock);
1761 
1762                         return __ip6_del_rt(rt, &cfg->fc_nlinfo);
1763                 }
1764         }
1765         read_unlock_bh(&table->tb6_lock);
1766 
1767         return err;
1768 }
1769 
1770 static void rt6_do_redirect(struct dst_entry *dst, struct sock *sk, struct sk_buff *skb)
1771 {
1772         struct net *net = dev_net(skb->dev);
1773         struct netevent_redirect netevent;
1774         struct rt6_info *rt, *nrt = NULL;
1775         struct ndisc_options ndopts;
1776         struct inet6_dev *in6_dev;
1777         struct neighbour *neigh;
1778         struct rd_msg *msg;
1779         int optlen, on_link;
1780         u8 *lladdr;
1781 
1782         optlen = skb_tail_pointer(skb) - skb_transport_header(skb);
1783         optlen -= sizeof(*msg);
1784 
1785         if (optlen < 0) {
1786                 net_dbg_ratelimited("rt6_do_redirect: packet too short\n");
1787                 return;
1788         }
1789 
1790         msg = (struct rd_msg *)icmp6_hdr(skb);
1791 
1792         if (ipv6_addr_is_multicast(&msg->dest)) {
1793                 net_dbg_ratelimited("rt6_do_redirect: destination address is multicast\n");
1794                 return;
1795         }
1796 
1797         on_link = 0;
1798         if (ipv6_addr_equal(&msg->dest, &msg->target)) {
1799                 on_link = 1;
1800         } else if (ipv6_addr_type(&msg->target) !=
1801                    (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
1802                 net_dbg_ratelimited("rt6_do_redirect: target address is not link-local unicast\n");
1803                 return;
1804         }
1805 
1806         in6_dev = __in6_dev_get(skb->dev);
1807         if (!in6_dev)
1808                 return;
1809         if (in6_dev->cnf.forwarding || !in6_dev->cnf.accept_redirects)
1810                 return;
1811 
1812         /* RFC2461 8.1:
1813          *      The IP source address of the Redirect MUST be the same as the current
1814          *      first-hop router for the specified ICMP Destination Address.
1815          */
1816 
1817         if (!ndisc_parse_options(msg->opt, optlen, &ndopts)) {
1818                 net_dbg_ratelimited("rt6_redirect: invalid ND options\n");
1819                 return;
1820         }
1821 
1822         lladdr = NULL;
1823         if (ndopts.nd_opts_tgt_lladdr) {
1824                 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr,
1825                                              skb->dev);
1826                 if (!lladdr) {
1827                         net_dbg_ratelimited("rt6_redirect: invalid link-layer address length\n");
1828                         return;
1829                 }
1830         }
1831 
1832         rt = (struct rt6_info *) dst;
1833         if (rt == net->ipv6.ip6_null_entry) {
1834                 net_dbg_ratelimited("rt6_redirect: source isn't a valid nexthop for redirect target\n");
1835                 return;
1836         }
1837 
1838         /* Redirect received -> path was valid.
1839          * Look, redirects are sent only in response to data packets,
1840          * so that this nexthop apparently is reachable. --ANK
1841          */
1842         dst_confirm(&rt->dst);
1843 
1844         neigh = __neigh_lookup(&nd_tbl, &msg->target, skb->dev, 1);
1845         if (!neigh)
1846                 return;
1847 
1848         /*
1849          *      We have finally decided to accept it.
1850          */
1851 
1852         neigh_update(neigh, lladdr, NUD_STALE,
1853                      NEIGH_UPDATE_F_WEAK_OVERRIDE|
1854                      NEIGH_UPDATE_F_OVERRIDE|
1855                      (on_link ? 0 : (NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1856                                      NEIGH_UPDATE_F_ISROUTER))
1857                      );
1858 
1859         nrt = ip6_rt_copy(rt, &msg->dest);
1860         if (!nrt)
1861                 goto out;
1862 
1863         nrt->rt6i_flags = RTF_GATEWAY|RTF_UP|RTF_DYNAMIC|RTF_CACHE;
1864         if (on_link)
1865                 nrt->rt6i_flags &= ~RTF_GATEWAY;
1866 
1867         nrt->rt6i_gateway = *(struct in6_addr *)neigh->primary_key;
1868 
1869         if (ip6_ins_rt(nrt))
1870                 goto out;
1871 
1872         netevent.old = &rt->dst;
1873         netevent.new = &nrt->dst;
1874         netevent.daddr = &msg->dest;
1875         netevent.neigh = neigh;
1876         call_netevent_notifiers(NETEVENT_REDIRECT, &netevent);
1877 
1878         if (rt->rt6i_flags & RTF_CACHE) {
1879                 rt = (struct rt6_info *) dst_clone(&rt->dst);
1880                 ip6_del_rt(rt);
1881         }
1882 
1883 out:
1884         neigh_release(neigh);
1885 }
1886 
1887 /*
1888  *      Misc support functions
1889  */
1890 
1891 static struct rt6_info *ip6_rt_copy(struct rt6_info *ort,
1892                                     const struct in6_addr *dest)
1893 {
1894         struct net *net = dev_net(ort->dst.dev);
1895         struct rt6_info *rt = ip6_dst_alloc(net, ort->dst.dev, 0,
1896                                             ort->rt6i_table);
1897 
1898         if (rt) {
1899                 rt->dst.input = ort->dst.input;
1900                 rt->dst.output = ort->dst.output;
1901                 rt->dst.flags |= DST_HOST;
1902 
1903                 rt->rt6i_dst.addr = *dest;
1904                 rt->rt6i_dst.plen = 128;
1905                 dst_copy_metrics(&rt->dst, &ort->dst);
1906                 rt->dst.error = ort->dst.error;
1907                 rt->rt6i_idev = ort->rt6i_idev;
1908                 if (rt->rt6i_idev)
1909                         in6_dev_hold(rt->rt6i_idev);
1910                 rt->dst.lastuse = jiffies;
1911 
1912                 if (ort->rt6i_flags & RTF_GATEWAY)
1913                         rt->rt6i_gateway = ort->rt6i_gateway;
1914                 else
1915                         rt->rt6i_gateway = *dest;
1916                 rt->rt6i_flags = ort->rt6i_flags;
1917                 rt6_set_from(rt, ort);
1918                 rt->rt6i_metric = 0;
1919 
1920 #ifdef CONFIG_IPV6_SUBTREES
1921                 memcpy(&rt->rt6i_src, &ort->rt6i_src, sizeof(struct rt6key));
1922 #endif
1923                 memcpy(&rt->rt6i_prefsrc, &ort->rt6i_prefsrc, sizeof(struct rt6key));
1924                 rt->rt6i_table = ort->rt6i_table;
1925         }
1926         return rt;
1927 }
1928 
1929 #ifdef CONFIG_IPV6_ROUTE_INFO
1930 static struct rt6_info *rt6_get_route_info(struct net *net,
1931                                            const struct in6_addr *prefix, int prefixlen,
1932                                            const struct in6_addr *gwaddr, int ifindex)
1933 {
1934         struct fib6_node *fn;
1935         struct rt6_info *rt = NULL;
1936         struct fib6_table *table;
1937 
1938         table = fib6_get_table(net, RT6_TABLE_INFO);
1939         if (!table)
1940                 return NULL;
1941 
1942         read_lock_bh(&table->tb6_lock);
1943         fn = fib6_locate(&table->tb6_root, prefix ,prefixlen, NULL, 0);
1944         if (!fn)
1945                 goto out;
1946 
1947         for (rt = fn->leaf; rt; rt = rt->dst.rt6_next) {
1948                 if (rt->dst.dev->ifindex != ifindex)
1949                         continue;
1950                 if ((rt->rt6i_flags & (RTF_ROUTEINFO|RTF_GATEWAY)) != (RTF_ROUTEINFO|RTF_GATEWAY))
1951                         continue;
1952                 if (!ipv6_addr_equal(&rt->rt6i_gateway, gwaddr))
1953                         continue;
1954                 dst_hold(&rt->dst);
1955                 break;
1956         }
1957 out:
1958         read_unlock_bh(&table->tb6_lock);
1959         return rt;
1960 }
1961 
1962 static struct rt6_info *rt6_add_route_info(struct net *net,
1963                                            const struct in6_addr *prefix, int prefixlen,
1964                                            const struct in6_addr *gwaddr, int ifindex,
1965                                            unsigned int pref)
1966 {
1967         struct fib6_config cfg = {
1968                 .fc_table       = RT6_TABLE_INFO,
1969                 .fc_metric      = IP6_RT_PRIO_USER,
1970                 .fc_ifindex     = ifindex,
1971                 .fc_dst_len     = prefixlen,
1972                 .fc_flags       = RTF_GATEWAY | RTF_ADDRCONF | RTF_ROUTEINFO |
1973                                   RTF_UP | RTF_PREF(pref),
1974                 .fc_nlinfo.portid = 0,
1975                 .fc_nlinfo.nlh = NULL,
1976                 .fc_nlinfo.nl_net = net,
1977         };
1978 
1979         cfg.fc_dst = *prefix;
1980         cfg.fc_gateway = *gwaddr;
1981 
1982         /* We should treat it as a default route if prefix length is 0. */
1983         if (!prefixlen)
1984                 cfg.fc_flags |= RTF_DEFAULT;
1985 
1986         ip6_route_add(&cfg);
1987 
1988         return rt6_get_route_info(net, prefix, prefixlen, gwaddr, ifindex);
1989 }
1990 #endif
1991 
1992 struct rt6_info *rt6_get_dflt_router(const struct in6_addr *addr, struct net_device *dev)
1993 {
1994         struct rt6_info *rt;
1995         struct fib6_table *table;
1996 
1997         table = fib6_get_table(dev_net(dev), RT6_TABLE_DFLT);
1998         if (!table)
1999                 return NULL;
2000 
2001         read_lock_bh(&table->tb6_lock);
2002         for (rt = table->tb6_root.leaf; rt; rt=rt->dst.rt6_next) {
2003                 if (dev == rt->dst.dev &&
2004                     ((rt->rt6i_flags & (RTF_ADDRCONF | RTF_DEFAULT)) == (RTF_ADDRCONF | RTF_DEFAULT)) &&
2005                     ipv6_addr_equal(&rt->rt6i_gateway, addr))
2006                         break;
2007         }
2008         if (rt)
2009                 dst_hold(&rt->dst);
2010         read_unlock_bh(&table->tb6_lock);
2011         return rt;
2012 }
2013 
2014 struct rt6_info *rt6_add_dflt_router(const struct in6_addr *gwaddr,
2015                                      struct net_device *dev,
2016                                      unsigned int pref)
2017 {
2018         struct fib6_config cfg = {
2019                 .fc_table       = RT6_TABLE_DFLT,
2020                 .fc_metric      = IP6_RT_PRIO_USER,
2021                 .fc_ifindex     = dev->ifindex,
2022                 .fc_flags       = RTF_GATEWAY | RTF_ADDRCONF | RTF_DEFAULT |
2023                                   RTF_UP | RTF_EXPIRES | RTF_PREF(pref),
2024                 .fc_nlinfo.portid = 0,
2025                 .fc_nlinfo.nlh = NULL,
2026                 .fc_nlinfo.nl_net = dev_net(dev),
2027         };
2028 
2029         cfg.fc_gateway = *gwaddr;
2030 
2031         ip6_route_add(&cfg);
2032 
2033         return rt6_get_dflt_router(gwaddr, dev);
2034 }
2035 
2036 void rt6_purge_dflt_routers(struct net *net)
2037 {
2038         struct rt6_info *rt;
2039         struct fib6_table *table;
2040 
2041         /* NOTE: Keep consistent with rt6_get_dflt_router */
2042         table = fib6_get_table(net, RT6_TABLE_DFLT);
2043         if (!table)
2044                 return;
2045 
2046 restart:
2047         read_lock_bh(&table->tb6_lock);
2048         for (rt = table->tb6_root.leaf; rt; rt = rt->dst.rt6_next) {
2049                 if (rt->rt6i_flags & (RTF_DEFAULT | RTF_ADDRCONF) &&
2050                     (!rt->rt6i_idev || rt->rt6i_idev->cnf.accept_ra != 2)) {
2051                         dst_hold(&rt->dst);
2052                         read_unlock_bh(&table->tb6_lock);
2053                         ip6_del_rt(rt);
2054                         goto restart;
2055                 }
2056         }
2057         read_unlock_bh(&table->tb6_lock);
2058 }
2059 
2060 static void rtmsg_to_fib6_config(struct net *net,
2061                                  struct in6_rtmsg *rtmsg,
2062                                  struct fib6_config *cfg)
2063 {
2064         memset(cfg, 0, sizeof(*cfg));
2065 
2066         cfg->fc_table = RT6_TABLE_MAIN;
2067         cfg->fc_ifindex = rtmsg->rtmsg_ifindex;
2068         cfg->fc_metric = rtmsg->rtmsg_metric;
2069         cfg->fc_expires = rtmsg->rtmsg_info;
2070         cfg->fc_dst_len = rtmsg->rtmsg_dst_len;
2071         cfg->fc_src_len = rtmsg->rtmsg_src_len;
2072         cfg->fc_flags = rtmsg->rtmsg_flags;
2073 
2074         cfg->fc_nlinfo.nl_net = net;
2075 
2076         cfg->fc_dst = rtmsg->rtmsg_dst;
2077         cfg->fc_src = rtmsg->rtmsg_src;
2078         cfg->fc_gateway = rtmsg->rtmsg_gateway;
2079 }
2080 
2081 int ipv6_route_ioctl(struct net *net, unsigned int cmd, void __user *arg)
2082 {
2083         struct fib6_config cfg;
2084         struct in6_rtmsg rtmsg;
2085         int err;
2086 
2087         switch(cmd) {
2088         case SIOCADDRT:         /* Add a route */
2089         case SIOCDELRT:         /* Delete a route */
2090                 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
2091                         return -EPERM;
2092                 err = copy_from_user(&rtmsg, arg,
2093                                      sizeof(struct in6_rtmsg));
2094                 if (err)
2095                         return -EFAULT;
2096 
2097                 rtmsg_to_fib6_config(net, &rtmsg, &cfg);
2098 
2099                 rtnl_lock();
2100                 switch (cmd) {
2101                 case SIOCADDRT:
2102                         err = ip6_route_add(&cfg);
2103                         break;
2104                 case SIOCDELRT:
2105                         err = ip6_route_del(&cfg);
2106                         break;
2107                 default:
2108                         err = -EINVAL;
2109                 }
2110                 rtnl_unlock();
2111 
2112                 return err;
2113         }
2114 
2115         return -EINVAL;
2116 }
2117 
2118 /*
2119  *      Drop the packet on the floor
2120  */
2121 
2122 static int ip6_pkt_drop(struct sk_buff *skb, u8 code, int ipstats_mib_noroutes)
2123 {
2124         int type;
2125         struct dst_entry *dst = skb_dst(skb);
2126         switch (ipstats_mib_noroutes) {
2127         case IPSTATS_MIB_INNOROUTES:
2128                 type = ipv6_addr_type(&ipv6_hdr(skb)->daddr);
2129                 if (type == IPV6_ADDR_ANY) {
2130                         IP6_INC_STATS(dev_net(dst->dev), ip6_dst_idev(dst),
2131                                       IPSTATS_MIB_INADDRERRORS);
2132                         break;
2133                 }
2134                 /* FALLTHROUGH */
2135         case IPSTATS_MIB_OUTNOROUTES:
2136                 IP6_INC_STATS(dev_net(dst->dev), ip6_dst_idev(dst),
2137                               ipstats_mib_noroutes);
2138                 break;
2139         }
2140         icmpv6_send(skb, ICMPV6_DEST_UNREACH, code, 0);
2141         kfree_skb(skb);
2142         return 0;
2143 }
2144 
2145 static int ip6_pkt_discard(struct sk_buff *skb)
2146 {
2147         return ip6_pkt_drop(skb, ICMPV6_NOROUTE, IPSTATS_MIB_INNOROUTES);
2148 }
2149 
2150 static int ip6_pkt_discard_out(struct sk_buff *skb)
2151 {
2152         skb->dev = skb_dst(skb)->dev;
2153         return ip6_pkt_drop(skb, ICMPV6_NOROUTE, IPSTATS_MIB_OUTNOROUTES);
2154 }
2155 
2156 static int ip6_pkt_prohibit(struct sk_buff *skb)
2157 {
2158         return ip6_pkt_drop(skb, ICMPV6_ADM_PROHIBITED, IPSTATS_MIB_INNOROUTES);
2159 }
2160 
2161 static int ip6_pkt_prohibit_out(struct sk_buff *skb)
2162 {
2163         skb->dev = skb_dst(skb)->dev;
2164         return ip6_pkt_drop(skb, ICMPV6_ADM_PROHIBITED, IPSTATS_MIB_OUTNOROUTES);
2165 }
2166 
2167 /*
2168  *      Allocate a dst for local (unicast / anycast) address.
2169  */
2170 
2171 struct rt6_info *addrconf_dst_alloc(struct inet6_dev *idev,
2172                                     const struct in6_addr *addr,
2173                                     bool anycast)
2174 {
2175         struct net *net = dev_net(idev->dev);
2176         struct rt6_info *rt = ip6_dst_alloc(net, net->loopback_dev,
2177                                             DST_NOCOUNT, NULL);
2178         if (!rt)
2179                 return ERR_PTR(-ENOMEM);
2180 
2181         in6_dev_hold(idev);
2182 
2183         rt->dst.flags |= DST_HOST;
2184         rt->dst.input = ip6_input;
2185         rt->dst.output = ip6_output;
2186         rt->rt6i_idev = idev;
2187 
2188         rt->rt6i_flags = RTF_UP | RTF_NONEXTHOP;
2189         if (anycast)
2190                 rt->rt6i_flags |= RTF_ANYCAST;
2191         else
2192                 rt->rt6i_flags |= RTF_LOCAL;
2193 
2194         rt->rt6i_gateway  = *addr;
2195         rt->rt6i_dst.addr = *addr;
2196         rt->rt6i_dst.plen = 128;
2197         rt->rt6i_table = fib6_get_table(net, RT6_TABLE_LOCAL);
2198 
2199         atomic_set(&rt->dst.__refcnt, 1);
2200 
2201         return rt;
2202 }
2203 
2204 int ip6_route_get_saddr(struct net *net,
2205                         struct rt6_info *rt,
2206                         const struct in6_addr *daddr,
2207                         unsigned int prefs,
2208                         struct in6_addr *saddr)
2209 {
2210         struct inet6_dev *idev = ip6_dst_idev((struct dst_entry*)rt);
2211         int err = 0;
2212         if (rt->rt6i_prefsrc.plen)
2213                 *saddr = rt->rt6i_prefsrc.addr;
2214         else
2215                 err = ipv6_dev_get_saddr(net, idev ? idev->dev : NULL,
2216                                          daddr, prefs, saddr);
2217         return err;
2218 }
2219 
2220 /* remove deleted ip from prefsrc entries */
2221 struct arg_dev_net_ip {
2222         struct net_device *dev;
2223         struct net *net;
2224         struct in6_addr *addr;
2225 };
2226 
2227 static int fib6_remove_prefsrc(struct rt6_info *rt, void *arg)
2228 {
2229         struct net_device *dev = ((struct arg_dev_net_ip *)arg)->dev;
2230         struct net *net = ((struct arg_dev_net_ip *)arg)->net;
2231         struct in6_addr *addr = ((struct arg_dev_net_ip *)arg)->addr;
2232 
2233         if (((void *)rt->dst.dev == dev || !dev) &&
2234             rt != net->ipv6.ip6_null_entry &&
2235             ipv6_addr_equal(addr, &rt->rt6i_prefsrc.addr)) {
2236                 /* remove prefsrc entry */
2237                 rt->rt6i_prefsrc.plen = 0;
2238         }
2239         return 0;
2240 }
2241 
2242 void rt6_remove_prefsrc(struct inet6_ifaddr *ifp)
2243 {
2244         struct net *net = dev_net(ifp->idev->dev);
2245         struct arg_dev_net_ip adni = {
2246                 .dev = ifp->idev->dev,
2247                 .net = net,
2248                 .addr = &ifp->addr,
2249         };
2250         fib6_clean_all(net, fib6_remove_prefsrc, 0, &adni);
2251 }
2252 
2253 struct arg_dev_net {
2254         struct net_device *dev;
2255         struct net *net;
2256 };
2257 
2258 static int fib6_ifdown(struct rt6_info *rt, void *arg)
2259 {
2260         const struct arg_dev_net *adn = arg;
2261         const struct net_device *dev = adn->dev;
2262 
2263         if ((rt->dst.dev == dev || !dev) &&
2264             rt != adn->net->ipv6.ip6_null_entry)
2265                 return -1;
2266 
2267         return 0;
2268 }
2269 
2270 void rt6_ifdown(struct net *net, struct net_device *dev)
2271 {
2272         struct arg_dev_net adn = {
2273                 .dev = dev,
2274                 .net = net,
2275         };
2276 
2277         fib6_clean_all(net, fib6_ifdown, 0, &adn);
2278         icmp6_clean_all(fib6_ifdown, &adn);
2279 }
2280 
2281 struct rt6_mtu_change_arg {
2282         struct net_device *dev;
2283         unsigned int mtu;
2284 };
2285 
2286 static int rt6_mtu_change_route(struct rt6_info *rt, void *p_arg)
2287 {
2288         struct rt6_mtu_change_arg *arg = (struct rt6_mtu_change_arg *) p_arg;
2289         struct inet6_dev *idev;
2290 
2291         /* In IPv6 pmtu discovery is not optional,
2292            so that RTAX_MTU lock cannot disable it.
2293            We still use this lock to block changes
2294            caused by addrconf/ndisc.
2295         */
2296 
2297         idev = __in6_dev_get(arg->dev);
2298         if (!idev)
2299                 return 0;
2300 
2301         /* For administrative MTU increase, there is no way to discover
2302            IPv6 PMTU increase, so PMTU increase should be updated here.
2303            Since RFC 1981 doesn't include administrative MTU increase
2304            update PMTU increase is a MUST. (i.e. jumbo frame)
2305          */
2306         /*
2307            If new MTU is less than route PMTU, this new MTU will be the
2308            lowest MTU in the path, update the route PMTU to reflect PMTU
2309            decreases; if new MTU is greater than route PMTU, and the
2310            old MTU is the lowest MTU in the path, update the route PMTU
2311            to reflect the increase. In this case if the other nodes' MTU
2312            also have the lowest MTU, TOO BIG MESSAGE will be lead to
2313            PMTU discouvery.
2314          */
2315         if (rt->dst.dev == arg->dev &&
2316             !dst_metric_locked(&rt->dst, RTAX_MTU) &&
2317             (dst_mtu(&rt->dst) >= arg->mtu ||
2318              (dst_mtu(&rt->dst) < arg->mtu &&
2319               dst_mtu(&rt->dst) == idev->cnf.mtu6))) {
2320                 dst_metric_set(&rt->dst, RTAX_MTU, arg->mtu);
2321         }
2322         return 0;
2323 }
2324 
2325 void rt6_mtu_change(struct net_device *dev, unsigned int mtu)
2326 {
2327         struct rt6_mtu_change_arg arg = {
2328                 .dev = dev,
2329                 .mtu = mtu,
2330         };
2331 
2332         fib6_clean_all(dev_net(dev), rt6_mtu_change_route, 0, &arg);
2333 }
2334 
2335 static const struct nla_policy rtm_ipv6_policy[RTA_MAX+1] = {
2336         [RTA_GATEWAY]           = { .len = sizeof(struct in6_addr) },
2337         [RTA_OIF]               = { .type = NLA_U32 },
2338         [RTA_IIF]               = { .type = NLA_U32 },
2339         [RTA_PRIORITY]          = { .type = NLA_U32 },
2340         [RTA_METRICS]           = { .type = NLA_NESTED },
2341         [RTA_MULTIPATH]         = { .len = sizeof(struct rtnexthop) },
2342 };
2343 
2344 static int rtm_to_fib6_config(struct sk_buff *skb, struct nlmsghdr *nlh,
2345                               struct fib6_config *cfg)
2346 {
2347         struct rtmsg *rtm;
2348         struct nlattr *tb[RTA_MAX+1];
2349         int err;
2350 
2351         err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_ipv6_policy);
2352         if (err < 0)
2353                 goto errout;
2354 
2355         err = -EINVAL;
2356         rtm = nlmsg_data(nlh);
2357         memset(cfg, 0, sizeof(*cfg));
2358 
2359         cfg->fc_table = rtm->rtm_table;
2360         cfg->fc_dst_len = rtm->rtm_dst_len;
2361         cfg->fc_src_len = rtm->rtm_src_len;
2362         cfg->fc_flags = RTF_UP;
2363         cfg->fc_protocol = rtm->rtm_protocol;
2364         cfg->fc_type = rtm->rtm_type;
2365 
2366         if (rtm->rtm_type == RTN_UNREACHABLE ||
2367             rtm->rtm_type == RTN_BLACKHOLE ||
2368             rtm->rtm_type == RTN_PROHIBIT ||
2369             rtm->rtm_type == RTN_THROW)
2370                 cfg->fc_flags |= RTF_REJECT;
2371 
2372         if (rtm->rtm_type == RTN_LOCAL)
2373                 cfg->fc_flags |= RTF_LOCAL;
2374 
2375         cfg->fc_nlinfo.portid = NETLINK_CB(skb).portid;
2376         cfg->fc_nlinfo.nlh = nlh;
2377         cfg->fc_nlinfo.nl_net = sock_net(skb->sk);
2378 
2379         if (tb[RTA_GATEWAY]) {
2380                 nla_memcpy(&cfg->fc_gateway, tb[RTA_GATEWAY], 16);
2381                 cfg->fc_flags |= RTF_GATEWAY;
2382         }
2383 
2384         if (tb[RTA_DST]) {
2385                 int plen = (rtm->rtm_dst_len + 7) >> 3;
2386 
2387                 if (nla_len(tb[RTA_DST]) < plen)
2388                         goto errout;
2389 
2390                 nla_memcpy(&cfg->fc_dst, tb[RTA_DST], plen);
2391         }
2392 
2393         if (tb[RTA_SRC]) {
2394                 int plen = (rtm->rtm_src_len + 7) >> 3;
2395 
2396                 if (nla_len(tb[RTA_SRC]) < plen)
2397                         goto errout;
2398 
2399                 nla_memcpy(&cfg->fc_src, tb[RTA_SRC], plen);
2400         }
2401 
2402         if (tb[RTA_PREFSRC])
2403                 nla_memcpy(&cfg->fc_prefsrc, tb[RTA_PREFSRC], 16);
2404 
2405         if (tb[RTA_OIF])
2406                 cfg->fc_ifindex = nla_get_u32(tb[RTA_OIF]);
2407 
2408         if (tb[RTA_PRIORITY])
2409                 cfg->fc_metric = nla_get_u32(tb[RTA_PRIORITY]);
2410 
2411         if (tb[RTA_METRICS]) {
2412                 cfg->fc_mx = nla_data(tb[RTA_METRICS]);
2413                 cfg->fc_mx_len = nla_len(tb[RTA_METRICS]);
2414         }
2415 
2416         if (tb[RTA_TABLE])
2417                 cfg->fc_table = nla_get_u32(tb[RTA_TABLE]);
2418 
2419         if (tb[RTA_MULTIPATH]) {
2420                 cfg->fc_mp = nla_data(tb[RTA_MULTIPATH]);
2421                 cfg->fc_mp_len = nla_len(tb[RTA_MULTIPATH]);
2422         }
2423 
2424         err = 0;
2425 errout:
2426         return err;
2427 }
2428 
2429 static int ip6_route_multipath(struct fib6_config *cfg, int add)
2430 {
2431         struct fib6_config r_cfg;
2432         struct rtnexthop *rtnh;
2433         int remaining;
2434         int attrlen;
2435         int err = 0, last_err = 0;
2436 
2437 beginning:
2438         rtnh = (struct rtnexthop *)cfg->fc_mp;
2439         remaining = cfg->fc_mp_len;
2440 
2441         /* Parse a Multipath Entry */
2442         while (rtnh_ok(rtnh, remaining)) {
2443                 memcpy(&r_cfg, cfg, sizeof(*cfg));
2444                 if (rtnh->rtnh_ifindex)
2445                         r_cfg.fc_ifindex = rtnh->rtnh_ifindex;
2446 
2447                 attrlen = rtnh_attrlen(rtnh);
2448                 if (attrlen > 0) {
2449                         struct nlattr *nla, *attrs = rtnh_attrs(rtnh);
2450 
2451                         nla = nla_find(attrs, attrlen, RTA_GATEWAY);
2452                         if (nla) {
2453                                 nla_memcpy(&r_cfg.fc_gateway, nla, 16);
2454                                 r_cfg.fc_flags |= RTF_GATEWAY;
2455                         }
2456                 }
2457                 err = add ? ip6_route_add(&r_cfg) : ip6_route_del(&r_cfg);
2458                 if (err) {
2459                         last_err = err;
2460                         /* If we are trying to remove a route, do not stop the
2461                          * loop when ip6_route_del() fails (because next hop is
2462                          * already gone), we should try to remove all next hops.
2463                          */
2464                         if (add) {
2465                                 /* If add fails, we should try to delete all
2466                                  * next hops that have been already added.
2467                                  */
2468                                 add = 0;
2469                                 goto beginning;
2470                         }
2471                 }
2472                 /* Because each route is added like a single route we remove
2473                  * this flag after the first nexthop (if there is a collision,
2474                  * we have already fail to add the first nexthop:
2475                  * fib6_add_rt2node() has reject it).
2476                  */
2477                 cfg->fc_nlinfo.nlh->nlmsg_flags &= ~NLM_F_EXCL;
2478                 rtnh = rtnh_next(rtnh, &remaining);
2479         }
2480 
2481         return last_err;
2482 }
2483 
2484 static int inet6_rtm_delroute(struct sk_buff *skb, struct nlmsghdr* nlh)
2485 {
2486         struct fib6_config cfg;
2487         int err;
2488 
2489         err = rtm_to_fib6_config(skb, nlh, &cfg);
2490         if (err < 0)
2491                 return err;
2492 
2493         if (cfg.fc_mp)
2494                 return ip6_route_multipath(&cfg, 0);
2495         else
2496                 return ip6_route_del(&cfg);
2497 }
2498 
2499 static int inet6_rtm_newroute(struct sk_buff *skb, struct nlmsghdr* nlh)
2500 {
2501         struct fib6_config cfg;
2502         int err;
2503 
2504         err = rtm_to_fib6_config(skb, nlh, &cfg);
2505         if (err < 0)
2506                 return err;
2507 
2508         if (cfg.fc_mp)
2509                 return ip6_route_multipath(&cfg, 1);
2510         else
2511                 return ip6_route_add(&cfg);
2512 }
2513 
2514 static inline size_t rt6_nlmsg_size(void)
2515 {
2516         return NLMSG_ALIGN(sizeof(struct rtmsg))
2517                + nla_total_size(16) /* RTA_SRC */
2518                + nla_total_size(16) /* RTA_DST */
2519                + nla_total_size(16) /* RTA_GATEWAY */
2520                + nla_total_size(16) /* RTA_PREFSRC */
2521                + nla_total_size(4) /* RTA_TABLE */
2522                + nla_total_size(4) /* RTA_IIF */
2523                + nla_total_size(4) /* RTA_OIF */
2524                + nla_total_size(4) /* RTA_PRIORITY */
2525                + RTAX_MAX * nla_total_size(4) /* RTA_METRICS */
2526                + nla_total_size(sizeof(struct rta_cacheinfo));
2527 }
2528 
2529 static int rt6_fill_node(struct net *net,
2530                          struct sk_buff *skb, struct rt6_info *rt,
2531                          struct in6_addr *dst, struct in6_addr *src,
2532                          int iif, int type, u32 portid, u32 seq,
2533                          int prefix, int nowait, unsigned int flags)
2534 {
2535         struct rtmsg *rtm;
2536         struct nlmsghdr *nlh;
2537         long expires;
2538         u32 table;
2539 
2540         if (prefix) {   /* user wants prefix routes only */
2541                 if (!(rt->rt6i_flags & RTF_PREFIX_RT)) {
2542                         /* success since this is not a prefix route */
2543                         return 1;
2544                 }
2545         }
2546 
2547         nlh = nlmsg_put(skb, portid, seq, type, sizeof(*rtm), flags);
2548         if (!nlh)
2549                 return -EMSGSIZE;
2550 
2551         rtm = nlmsg_data(nlh);
2552         rtm->rtm_family = AF_INET6;
2553         rtm->rtm_dst_len = rt->rt6i_dst.plen;
2554         rtm->rtm_src_len = rt->rt6i_src.plen;
2555         rtm->rtm_tos = 0;
2556         if (rt->rt6i_table)
2557                 table = rt->rt6i_table->tb6_id;
2558         else
2559                 table = RT6_TABLE_UNSPEC;
2560         rtm->rtm_table = table;
2561         if (nla_put_u32(skb, RTA_TABLE, table))
2562                 goto nla_put_failure;
2563         if (rt->rt6i_flags & RTF_REJECT) {
2564                 switch (rt->dst.error) {
2565                 case -EINVAL:
2566                         rtm->rtm_type = RTN_BLACKHOLE;
2567                         break;
2568                 case -EACCES:
2569                         rtm->rtm_type = RTN_PROHIBIT;
2570                         break;
2571                 case -EAGAIN:
2572                         rtm->rtm_type = RTN_THROW;
2573                         break;
2574                 default:
2575                         rtm->rtm_type = RTN_UNREACHABLE;
2576                         break;
2577                 }
2578         }
2579         else if (rt->rt6i_flags & RTF_LOCAL)
2580                 rtm->rtm_type = RTN_LOCAL;
2581         else if (rt->dst.dev && (rt->dst.dev->flags & IFF_LOOPBACK))
2582                 rtm->rtm_type = RTN_LOCAL;
2583         else
2584                 rtm->rtm_type = RTN_UNICAST;
2585         rtm->rtm_flags = 0;
2586         rtm->rtm_scope = RT_SCOPE_UNIVERSE;
2587         rtm->rtm_protocol = rt->rt6i_protocol;
2588         if (rt->rt6i_flags & RTF_DYNAMIC)
2589                 rtm->rtm_protocol = RTPROT_REDIRECT;
2590         else if (rt->rt6i_flags & RTF_ADDRCONF) {
2591                 if (rt->rt6i_flags & (RTF_DEFAULT | RTF_ROUTEINFO))
2592                         rtm->rtm_protocol = RTPROT_RA;
2593                 else
2594                         rtm->rtm_protocol = RTPROT_KERNEL;
2595         }
2596 
2597         if (rt->rt6i_flags & RTF_CACHE)
2598                 rtm->rtm_flags |= RTM_F_CLONED;
2599 
2600         if (dst) {
2601                 if (nla_put(skb, RTA_DST, 16, dst))
2602                         goto nla_put_failure;
2603                 rtm->rtm_dst_len = 128;
2604         } else if (rtm->rtm_dst_len)
2605                 if (nla_put(skb, RTA_DST, 16, &rt->rt6i_dst.addr))
2606                         goto nla_put_failure;
2607 #ifdef CONFIG_IPV6_SUBTREES
2608         if (src) {
2609                 if (nla_put(skb, RTA_SRC, 16, src))
2610                         goto nla_put_failure;
2611                 rtm->rtm_src_len = 128;
2612         } else if (rtm->rtm_src_len &&
2613                    nla_put(skb, RTA_SRC, 16, &rt->rt6i_src.addr))
2614                 goto nla_put_failure;
2615 #endif
2616         if (iif) {
2617 #ifdef CONFIG_IPV6_MROUTE
2618                 if (ipv6_addr_is_multicast(&rt->rt6i_dst.addr)) {
2619                         int err = ip6mr_get_route(net, skb, rtm, nowait,
2620                                                   portid);
2621 
2622                         if (err <= 0) {
2623                                 if (!nowait) {
2624                                         if (err == 0)
2625                                                 return 0;
2626                                         goto nla_put_failure;
2627                                 } else {
2628                                         if (err == -EMSGSIZE)
2629                                                 goto nla_put_failure;
2630                                 }
2631                         }
2632                 } else
2633 #endif
2634                         if (nla_put_u32(skb, RTA_IIF, iif))
2635                                 goto nla_put_failure;
2636         } else if (dst) {
2637                 struct in6_addr saddr_buf;
2638                 if (ip6_route_get_saddr(net, rt, dst, 0, &saddr_buf) == 0 &&
2639                     nla_put(skb, RTA_PREFSRC, 16, &saddr_buf))
2640                         goto nla_put_failure;
2641         }
2642 
2643         if (rt->rt6i_prefsrc.plen) {
2644                 struct in6_addr saddr_buf;
2645                 saddr_buf = rt->rt6i_prefsrc.addr;
2646                 if (nla_put(skb, RTA_PREFSRC, 16, &saddr_buf))
2647                         goto nla_put_failure;
2648         }
2649 
2650         if (rtnetlink_put_metrics(skb, dst_metrics_ptr(&rt->dst)) < 0)
2651                 goto nla_put_failure;
2652 
2653         if (rt->rt6i_flags & RTF_GATEWAY) {
2654                 if (nla_put(skb, RTA_GATEWAY, 16, &rt->rt6i_gateway) < 0)
2655                         goto nla_put_failure;
2656         }
2657 
2658         if (rt->dst.dev &&
2659             nla_put_u32(skb, RTA_OIF, rt->dst.dev->ifindex))
2660                 goto nla_put_failure;
2661         if (nla_put_u32(skb, RTA_PRIORITY, rt->rt6i_metric))
2662                 goto nla_put_failure;
2663 
2664         expires = (rt->rt6i_flags & RTF_EXPIRES) ? rt->dst.expires - jiffies : 0;
2665 
2666         if (rtnl_put_cacheinfo(skb, &rt->dst, 0, expires, rt->dst.error) < 0)
2667                 goto nla_put_failure;
2668 
2669         return nlmsg_end(skb, nlh);
2670 
2671 nla_put_failure:
2672         nlmsg_cancel(skb, nlh);
2673         return -EMSGSIZE;
2674 }
2675 
2676 int rt6_dump_route(struct rt6_info *rt, void *p_arg)
2677 {
2678         struct rt6_rtnl_dump_arg *arg = (struct rt6_rtnl_dump_arg *) p_arg;
2679         int prefix;
2680 
2681         if (nlmsg_len(arg->cb->nlh) >= sizeof(struct rtmsg)) {
2682                 struct rtmsg *rtm = nlmsg_data(arg->cb->nlh);
2683                 prefix = (rtm->rtm_flags & RTM_F_PREFIX) != 0;
2684         } else
2685                 prefix = 0;
2686 
2687         return rt6_fill_node(arg->net,
2688                      arg->skb, rt, NULL, NULL, 0, RTM_NEWROUTE,
2689                      NETLINK_CB(arg->cb->skb).portid, arg->cb->nlh->nlmsg_seq,
2690                      prefix, 0, NLM_F_MULTI);
2691 }
2692 
2693 static int inet6_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr* nlh)
2694 {
2695         struct net *net = sock_net(in_skb->sk);
2696         struct nlattr *tb[RTA_MAX+1];
2697         struct rt6_info *rt;
2698         struct sk_buff *skb;
2699         struct rtmsg *rtm;
2700         struct flowi6 fl6;
2701         int err, iif = 0, oif = 0;
2702 
2703         err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_ipv6_policy);
2704         if (err < 0)
2705                 goto errout;
2706 
2707         err = -EINVAL;
2708         memset(&fl6, 0, sizeof(fl6));
2709 
2710         if (tb[RTA_SRC]) {
2711                 if (nla_len(tb[RTA_SRC]) < sizeof(struct in6_addr))
2712                         goto errout;
2713 
2714                 fl6.saddr = *(struct in6_addr *)nla_data(tb[RTA_SRC]);
2715         }
2716 
2717         if (tb[RTA_DST]) {
2718                 if (nla_len(tb[RTA_DST]) < sizeof(struct in6_addr))
2719                         goto errout;
2720 
2721                 fl6.daddr = *(struct in6_addr *)nla_data(tb[RTA_DST]);
2722         }
2723 
2724         if (tb[RTA_IIF])
2725                 iif = nla_get_u32(tb[RTA_IIF]);
2726 
2727         if (tb[RTA_OIF])
2728                 oif = nla_get_u32(tb[RTA_OIF]);
2729 
2730         if (iif) {
2731                 struct net_device *dev;
2732                 int flags = 0;
2733 
2734                 dev = __dev_get_by_index(net, iif);
2735                 if (!dev) {
2736                         err = -ENODEV;
2737                         goto errout;
2738                 }
2739 
2740                 fl6.flowi6_iif = iif;
2741 
2742                 if (!ipv6_addr_any(&fl6.saddr))
2743                         flags |= RT6_LOOKUP_F_HAS_SADDR;
2744 
2745                 rt = (struct rt6_info *)ip6_route_input_lookup(net, dev, &fl6,
2746                                                                flags);
2747         } else {
2748                 fl6.flowi6_oif = oif;
2749 
2750                 rt = (struct rt6_info *)ip6_route_output(net, NULL, &fl6);
2751         }
2752 
2753         skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL);
2754         if (!skb) {
2755                 ip6_rt_put(rt);
2756                 err = -ENOBUFS;
2757                 goto errout;
2758         }
2759 
2760         /* Reserve room for dummy headers, this skb can pass
2761            through good chunk of routing engine.
2762          */
2763         skb_reset_mac_header(skb);
2764         skb_reserve(skb, MAX_HEADER + sizeof(struct ipv6hdr));
2765 
2766         skb_dst_set(skb, &rt->dst);
2767 
2768         err = rt6_fill_node(net, skb, rt, &fl6.daddr, &fl6.saddr, iif,
2769                             RTM_NEWROUTE, NETLINK_CB(in_skb).portid,
2770                             nlh->nlmsg_seq, 0, 0, 0);
2771         if (err < 0) {
2772                 kfree_skb(skb);
2773                 goto errout;
2774         }
2775 
2776         err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).portid);
2777 errout:
2778         return err;
2779 }
2780 
2781 void inet6_rt_notify(int event, struct rt6_info *rt, struct nl_info *info)
2782 {
2783         struct sk_buff *skb;
2784         struct net *net = info->nl_net;
2785         u32 seq;
2786         int err;
2787 
2788         err = -ENOBUFS;
2789         seq = info->nlh ? info->nlh->nlmsg_seq : 0;
2790 
2791         skb = nlmsg_new(rt6_nlmsg_size(), gfp_any());
2792         if (!skb)
2793                 goto errout;
2794 
2795         err = rt6_fill_node(net, skb, rt, NULL, NULL, 0,
2796                                 event, info->portid, seq, 0, 0, 0);
2797         if (err < 0) {
2798                 /* -EMSGSIZE implies BUG in rt6_nlmsg_size() */
2799                 WARN_ON(err == -EMSGSIZE);
2800                 kfree_skb(skb);
2801                 goto errout;
2802         }
2803         rtnl_notify(skb, net, info->portid, RTNLGRP_IPV6_ROUTE,
2804                     info->nlh, gfp_any());
2805         return;
2806 errout:
2807         if (err < 0)
2808                 rtnl_set_sk_err(net, RTNLGRP_IPV6_ROUTE, err);
2809 }
2810 
2811 static int ip6_route_dev_notify(struct notifier_block *this,
2812                                 unsigned long event, void *ptr)
2813 {
2814         struct net_device *dev = netdev_notifier_info_to_dev(ptr);
2815         struct net *net = dev_net(dev);
2816 
2817         if (event == NETDEV_REGISTER && (dev->flags & IFF_LOOPBACK)) {
2818                 net->ipv6.ip6_null_entry->dst.dev = dev;
2819                 net->ipv6.ip6_null_entry->rt6i_idev = in6_dev_get(dev);
2820 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
2821                 net->ipv6.ip6_prohibit_entry->dst.dev = dev;
2822                 net->ipv6.ip6_prohibit_entry->rt6i_idev = in6_dev_get(dev);
2823                 net->ipv6.ip6_blk_hole_entry->dst.dev = dev;
2824                 net->ipv6.ip6_blk_hole_entry->rt6i_idev = in6_dev_get(dev);
2825 #endif
2826         }
2827 
2828         return NOTIFY_OK;
2829 }
2830 
2831 /*
2832  *      /proc
2833  */
2834 
2835 #ifdef CONFIG_PROC_FS
2836 
2837 struct rt6_proc_arg
2838 {
2839         char *buffer;
2840         int offset;
2841         int length;
2842         int skip;
2843         int len;
2844 };
2845 
2846 static int rt6_info_route(struct rt6_info *rt, void *p_arg)
2847 {
2848         struct seq_file *m = p_arg;
2849 
2850         seq_printf(m, "%pi6 %02x ", &rt->rt6i_dst.addr, rt->rt6i_dst.plen);
2851 
2852 #ifdef CONFIG_IPV6_SUBTREES
2853         seq_printf(m, "%pi6 %02x ", &rt->rt6i_src.addr, rt->rt6i_src.plen);
2854 #else
2855         seq_puts(m, "00000000000000000000000000000000 00 ");
2856 #endif
2857         if (rt->rt6i_flags & RTF_GATEWAY) {
2858                 seq_printf(m, "%pi6", &rt->rt6i_gateway);
2859         } else {
2860                 seq_puts(m, "00000000000000000000000000000000");
2861         }
2862         seq_printf(m, " %08x %08x %08x %08x %8s\n",
2863                    rt->rt6i_metric, atomic_read(&rt->dst.__refcnt),
2864                    rt->dst.__use, rt->rt6i_flags,
2865                    rt->dst.dev ? rt->dst.dev->name : "");
2866         return 0;
2867 }
2868 
2869 static int ipv6_route_show(struct seq_file *m, void *v)
2870 {
2871         struct net *net = (struct net *)m->private;
2872         fib6_clean_all_ro(net, rt6_info_route, 0, m);
2873         return 0;
2874 }
2875 
2876 static int ipv6_route_open(struct inode *inode, struct file *file)
2877 {
2878         return single_open_net(inode, file, ipv6_route_show);
2879 }
2880 
2881 static const struct file_operations ipv6_route_proc_fops = {
2882         .owner          = THIS_MODULE,
2883         .open           = ipv6_route_open,
2884         .read           = seq_read,
2885         .llseek         = seq_lseek,
2886         .release        = single_release_net,
2887 };
2888 
2889 static int rt6_stats_seq_show(struct seq_file *seq, void *v)
2890 {
2891         struct net *net = (struct net *)seq->private;
2892         seq_printf(seq, "%04x %04x %04x %04x %04x %04x %04x\n",
2893                    net->ipv6.rt6_stats->fib_nodes,
2894                    net->ipv6.rt6_stats->fib_route_nodes,
2895                    net->ipv6.rt6_stats->fib_rt_alloc,
2896                    net->ipv6.rt6_stats->fib_rt_entries,
2897                    net->ipv6.rt6_stats->fib_rt_cache,
2898                    dst_entries_get_slow(&net->ipv6.ip6_dst_ops),
2899                    net->ipv6.rt6_stats->fib_discarded_routes);
2900 
2901         return 0;
2902 }
2903 
2904 static int rt6_stats_seq_open(struct inode *inode, struct file *file)
2905 {
2906         return single_open_net(inode, file, rt6_stats_seq_show);
2907 }
2908 
2909 static const struct file_operations rt6_stats_seq_fops = {
2910         .owner   = THIS_MODULE,
2911         .open    = rt6_stats_seq_open,
2912         .read    = seq_read,
2913         .llseek  = seq_lseek,
2914         .release = single_release_net,
2915 };
2916 #endif  /* CONFIG_PROC_FS */
2917 
2918 #ifdef CONFIG_SYSCTL
2919 
2920 static
2921 int ipv6_sysctl_rtcache_flush(struct ctl_table *ctl, int write,
2922                               void __user *buffer, size_t *lenp, loff_t *ppos)
2923 {
2924         struct net *net;
2925         int delay;
2926         if (!write)
2927                 return -EINVAL;
2928 
2929         net = (struct net *)ctl->extra1;
2930         delay = net->ipv6.sysctl.flush_delay;
2931         proc_dointvec(ctl, write, buffer, lenp, ppos);
2932         fib6_run_gc(delay <= 0 ? 0 : (unsigned long)delay, net, delay > 0);
2933         return 0;
2934 }
2935 
2936 struct ctl_table ipv6_route_table_template[] = {
2937         {
2938                 .procname       =       "flush",
2939                 .data           =       &init_net.ipv6.sysctl.flush_delay,
2940                 .maxlen         =       sizeof(int),
2941                 .mode           =       0200,
2942                 .proc_handler   =       ipv6_sysctl_rtcache_flush
2943         },
2944         {
2945                 .procname       =       "gc_thresh",
2946                 .data           =       &ip6_dst_ops_template.gc_thresh,
2947                 .maxlen         =       sizeof(int),
2948                 .mode           =       0644,
2949                 .proc_handler   =       proc_dointvec,
2950         },
2951         {
2952                 .procname       =       "max_size",
2953                 .data           =       &init_net.ipv6.sysctl.ip6_rt_max_size,
2954                 .maxlen         =       sizeof(int),
2955                 .mode           =       0644,
2956                 .proc_handler   =       proc_dointvec,
2957         },
2958         {
2959                 .procname       =       "gc_min_interval",
2960                 .data           =       &init_net.ipv6.sysctl.ip6_rt_gc_min_interval,
2961                 .maxlen         =       sizeof(int),
2962                 .mode           =       0644,
2963                 .proc_handler   =       proc_dointvec_jiffies,
2964         },
2965         {
2966                 .procname       =       "gc_timeout",
2967                 .data           =       &init_net.ipv6.sysctl.ip6_rt_gc_timeout,
2968                 .maxlen         =       sizeof(int),
2969                 .mode           =       0644,
2970                 .proc_handler   =       proc_dointvec_jiffies,
2971         },
2972         {
2973                 .procname       =       "gc_interval",
2974                 .data           =       &init_net.ipv6.sysctl.ip6_rt_gc_interval,
2975                 .maxlen         =       sizeof(int),
2976                 .mode           =       0644,
2977                 .proc_handler   =       proc_dointvec_jiffies,
2978         },
2979         {
2980                 .procname       =       "gc_elasticity",
2981                 .data           =       &init_net.ipv6.sysctl.ip6_rt_gc_elasticity,
2982                 .maxlen         =       sizeof(int),
2983                 .mode           =       0644,
2984                 .proc_handler   =       proc_dointvec,
2985         },
2986         {
2987                 .procname       =       "mtu_expires",
2988                 .data           =       &init_net.ipv6.sysctl.ip6_rt_mtu_expires,
2989                 .maxlen         =       sizeof(int),
2990                 .mode           =       0644,
2991                 .proc_handler   =       proc_dointvec_jiffies,
2992         },
2993         {
2994                 .procname       =       "min_adv_mss",
2995                 .data           =       &init_net.ipv6.sysctl.ip6_rt_min_advmss,
2996                 .maxlen         =       sizeof(int),
2997                 .mode           =       0644,
2998                 .proc_handler   =       proc_dointvec,
2999         },
3000         {
3001                 .procname       =       "gc_min_interval_ms",
3002                 .data           =       &init_net.ipv6.sysctl.ip6_rt_gc_min_interval,
3003                 .maxlen         =       sizeof(int),
3004                 .mode           =       0644,
3005                 .proc_handler   =       proc_dointvec_ms_jiffies,
3006         },
3007         { }
3008 };
3009 
3010 struct ctl_table * __net_init ipv6_route_sysctl_init(struct net *net)
3011 {
3012         struct ctl_table *table;
3013 
3014         table = kmemdup(ipv6_route_table_template,
3015                         sizeof(ipv6_route_table_template),
3016                         GFP_KERNEL);
3017 
3018         if (table) {
3019                 table[0].data = &net->ipv6.sysctl.flush_delay;
3020                 table[0].extra1 = net;
3021                 table[1].data = &net->ipv6.ip6_dst_ops.gc_thresh;
3022                 table[2].data = &net->ipv6.sysctl.ip6_rt_max_size;
3023                 table[3].data = &net->ipv6.sysctl.ip6_rt_gc_min_interval;
3024                 table[4].data = &net->ipv6.sysctl.ip6_rt_gc_timeout;
3025                 table[5].data = &net->ipv6.sysctl.ip6_rt_gc_interval;
3026                 table[6].data = &net->ipv6.sysctl.ip6_rt_gc_elasticity;
3027                 table[7].data = &net->ipv6.sysctl.ip6_rt_mtu_expires;
3028                 table[8].data = &net->ipv6.sysctl.ip6_rt_min_advmss;
3029                 table[9].data = &net->ipv6.sysctl.ip6_rt_gc_min_interval;
3030 
3031                 /* Don't export sysctls to unprivileged users */
3032                 if (net->user_ns != &init_user_ns)
3033                         table[0].procname = NULL;
3034         }
3035 
3036         return table;
3037 }
3038 #endif
3039 
3040 static int __net_init ip6_route_net_init(struct net *net)
3041 {
3042         int ret = -ENOMEM;
3043 
3044         memcpy(&net->ipv6.ip6_dst_ops, &ip6_dst_ops_template,
3045                sizeof(net->ipv6.ip6_dst_ops));
3046 
3047         if (dst_entries_init(&net->ipv6.ip6_dst_ops) < 0)
3048                 goto out_ip6_dst_ops;
3049 
3050         net->ipv6.ip6_null_entry = kmemdup(&ip6_null_entry_template,
3051                                            sizeof(*net->ipv6.ip6_null_entry),
3052                                            GFP_KERNEL);
3053         if (!net->ipv6.ip6_null_entry)
3054                 goto out_ip6_dst_entries;
3055         net->ipv6.ip6_null_entry->dst.path =
3056                 (struct dst_entry *)net->ipv6.ip6_null_entry;
3057         net->ipv6.ip6_null_entry->dst.ops = &net->ipv6.ip6_dst_ops;
3058         dst_init_metrics(&net->ipv6.ip6_null_entry->dst,
3059                          ip6_template_metrics, true);
3060 
3061 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
3062         net->ipv6.ip6_prohibit_entry = kmemdup(&ip6_prohibit_entry_template,
3063                                                sizeof(*net->ipv6.ip6_prohibit_entry),
3064                                                GFP_KERNEL);
3065         if (!net->ipv6.ip6_prohibit_entry)
3066                 goto out_ip6_null_entry;
3067         net->ipv6.ip6_prohibit_entry->dst.path =
3068                 (struct dst_entry *)net->ipv6.ip6_prohibit_entry;
3069         net->ipv6.ip6_prohibit_entry->dst.ops = &net->ipv6.ip6_dst_ops;
3070         dst_init_metrics(&net->ipv6.ip6_prohibit_entry->dst,
3071                          ip6_template_metrics, true);
3072 
3073         net->ipv6.ip6_blk_hole_entry = kmemdup(&ip6_blk_hole_entry_template,
3074                                                sizeof(*net->ipv6.ip6_blk_hole_entry),
3075                                                GFP_KERNEL);
3076         if (!net->ipv6.ip6_blk_hole_entry)
3077                 goto out_ip6_prohibit_entry;
3078         net->ipv6.ip6_blk_hole_entry->dst.path =
3079                 (struct dst_entry *)net->ipv6.ip6_blk_hole_entry;
3080         net->ipv6.ip6_blk_hole_entry->dst.ops = &net->ipv6.ip6_dst_ops;
3081         dst_init_metrics(&net->ipv6.ip6_blk_hole_entry->dst,
3082                          ip6_template_metrics, true);
3083 #endif
3084 
3085         net->ipv6.sysctl.flush_delay = 0;
3086         net->ipv6.sysctl.ip6_rt_max_size = 4096;
3087         net->ipv6.sysctl.ip6_rt_gc_min_interval = HZ / 2;
3088         net->ipv6.sysctl.ip6_rt_gc_timeout = 60*HZ;
3089         net->ipv6.sysctl.ip6_rt_gc_interval = 30*HZ;
3090         net->ipv6.sysctl.ip6_rt_gc_elasticity = 9;
3091         net->ipv6.sysctl.ip6_rt_mtu_expires = 10*60*HZ;
3092         net->ipv6.sysctl.ip6_rt_min_advmss = IPV6_MIN_MTU - 20 - 40;
3093 
3094         net->ipv6.ip6_rt_gc_expire = 30*HZ;
3095 
3096         ret = 0;
3097 out:
3098         return ret;
3099 
3100 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
3101 out_ip6_prohibit_entry:
3102         kfree(net->ipv6.ip6_prohibit_entry);
3103 out_ip6_null_entry:
3104         kfree(net->ipv6.ip6_null_entry);
3105 #endif
3106 out_ip6_dst_entries:
3107         dst_entries_destroy(&net->ipv6.ip6_dst_ops);
3108 out_ip6_dst_ops:
3109         goto out;
3110 }
3111 
3112 static void __net_exit ip6_route_net_exit(struct net *net)
3113 {
3114         kfree(net->ipv6.ip6_null_entry);
3115 #ifdef CONFIG_IPV6_MULTIPLE_TABLES
3116         kfree(net->ipv6.ip6_prohibit_entry);
3117         kfree(net->ipv6.ip6_blk_hole_entry);
3118 #endif
3119         dst_entries_destroy(&net->ipv6.ip6_dst_ops);
3120 }
3121 
3122 static int __net_init ip6_route_net_init_late(struct net *net)
3123 {
3124 #ifdef CONFIG_PROC_FS
3125         proc_create("ipv6_route", 0, net->proc_net, &ipv6_route_proc_fops);
3126         proc_create("rt6_stats", S_IRUGO, net->proc_net, &rt6_stats_seq_fops);
3127 #endif
3128         return 0;
3129 }
3130 
3131 static void __net_exit ip6_route_net_exit_late(struct net *net)
3132 {
3133 #ifdef CONFIG_PROC_FS
3134         remove_proc_entry("ipv6_route", net->proc_net);
3135         remove_proc_entry("rt6_stats", net->proc_net);
3136 #endif
3137 }
3138 
3139 static struct pernet_operations ip6_route_net_ops = {
3140         .init = ip6_route_net_init,
3141         .exit = ip6_route_net_exit,
3142 };
3143 
3144 static int __net_init ipv6_inetpeer_init(struct net *net)
3145 {
3146         struct inet_peer_base *bp = kmalloc(sizeof(*bp), GFP_KERNEL);
3147 
3148         if (!bp)
3149                 return -ENOMEM;
3150         inet_peer_base_init(bp);
3151         net->ipv6.peers = bp;
3152         return 0;
3153 }
3154 
3155 static void __net_exit ipv6_inetpeer_exit(struct net *net)
3156 {
3157         struct inet_peer_base *bp = net->ipv6.peers;
3158 
3159         net->ipv6.peers = NULL;
3160         inetpeer_invalidate_tree(bp);
3161         kfree(bp);
3162 }
3163 
3164 static struct pernet_operations ipv6_inetpeer_ops = {
3165         .init   =       ipv6_inetpeer_init,
3166         .exit   =       ipv6_inetpeer_exit,
3167 };
3168 
3169 static struct pernet_operations ip6_route_net_late_ops = {
3170         .init = ip6_route_net_init_late,
3171         .exit = ip6_route_net_exit_late,
3172 };
3173 
3174 static struct notifier_block ip6_route_dev_notifier = {
3175         .notifier_call = ip6_route_dev_notify,
3176         .priority = 0,
3177 };
3178 
3179 int __init ip6_route_init(void)
3180 {
3181         int ret;
3182 
3183         ret = -ENOMEM;
3184         ip6_dst_ops_template.kmem_cachep =
3185                 kmem_cache_create("ip6_dst_cache", sizeof(struct rt6_info), 0,
3186                                   SLAB_HWCACHE_ALIGN, NULL);
3187         if (!ip6_dst_ops_template.kmem_cachep)
3188                 goto out;
3189 
3190         ret = dst_entries_init(&ip6_dst_blackhole_ops);
3191         if (ret)
3192                 goto out_kmem_cache;
3193 
3194         ret = register_pernet_subsys(&ipv6_inetpeer_ops);
3195         if (ret)
3196                 goto out_dst_entries;
3197 
3198         ret = register_pernet_subsys(&ip6_route_net_ops);
3199         if (ret)
3200                 goto out_register_inetpeer;
3201 
3202         ip6_dst_blackhole_ops.kmem_cachep = ip6_dst_ops_template.kmem_cachep;
3203 
3204         /* Registering of the loopback is done before this portion of code,
3205          * the loopback reference in rt6_info will not be taken, do it
3206          * manually for init_net */
3207         init_net.ipv6.ip6_null_entry->dst.dev = init_net.loopback_dev;
3208         init_net.ipv6.ip6_null_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev);
3209   #ifdef CONFIG_IPV6_MULTIPLE_TABLES
3210         init_net.ipv6.ip6_prohibit_entry->dst.dev = init_net.loopback_dev;
3211         init_net.ipv6.ip6_prohibit_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev);
3212         init_net.ipv6.ip6_blk_hole_entry->dst.dev = init_net.loopback_dev;
3213         init_net.ipv6.ip6_blk_hole_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev);
3214   #endif
3215         ret = fib6_init();
3216         if (ret)
3217                 goto out_register_subsys;
3218 
3219         ret = xfrm6_init();
3220         if (ret)
3221                 goto out_fib6_init;
3222 
3223         ret = fib6_rules_init();
3224         if (ret)
3225                 goto xfrm6_init;
3226 
3227         ret = register_pernet_subsys(&ip6_route_net_late_ops);
3228         if (ret)
3229                 goto fib6_rules_init;
3230 
3231         ret = -ENOBUFS;
3232         if (__rtnl_register(PF_INET6, RTM_NEWROUTE, inet6_rtm_newroute, NULL, NULL) ||
3233             __rtnl_register(PF_INET6, RTM_DELROUTE, inet6_rtm_delroute, NULL, NULL) ||
3234             __rtnl_register(PF_INET6, RTM_GETROUTE, inet6_rtm_getroute, NULL, NULL))
3235                 goto out_register_late_subsys;
3236 
3237         ret = register_netdevice_notifier(&ip6_route_dev_notifier);
3238         if (ret)
3239                 goto out_register_late_subsys;
3240 
3241 out:
3242         return ret;
3243 
3244 out_register_late_subsys:
3245         unregister_pernet_subsys(&ip6_route_net_late_ops);
3246 fib6_rules_init:
3247         fib6_rules_cleanup();
3248 xfrm6_init:
3249         xfrm6_fini();
3250 out_fib6_init:
3251         fib6_gc_cleanup();
3252 out_register_subsys:
3253         unregister_pernet_subsys(&ip6_route_net_ops);
3254 out_register_inetpeer:
3255         unregister_pernet_subsys(&ipv6_inetpeer_ops);
3256 out_dst_entries:
3257         dst_entries_destroy(&ip6_dst_blackhole_ops);
3258 out_kmem_cache:
3259         kmem_cache_destroy(ip6_dst_ops_template.kmem_cachep);
3260         goto out;
3261 }
3262 
3263 void ip6_route_cleanup(void)
3264 {
3265         unregister_netdevice_notifier(&ip6_route_dev_notifier);
3266         unregister_pernet_subsys(&ip6_route_net_late_ops);
3267         fib6_rules_cleanup();
3268         xfrm6_fini();
3269         fib6_gc_cleanup();
3270         unregister_pernet_subsys(&ipv6_inetpeer_ops);
3271         unregister_pernet_subsys(&ip6_route_net_ops);
3272         dst_entries_destroy(&ip6_dst_blackhole_ops);
3273         kmem_cache_destroy(ip6_dst_ops_template.kmem_cachep);
3274 }
3275 

~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

kernel.org | git.kernel.org | LWN.net | Project Home | Wiki (Japanese) | Wiki (English) | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

osdn.jp