Linux Kernel  3.7.1
 All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
fib_frontend.c
Go to the documentation of this file.
1 /*
2  * INET An implementation of the TCP/IP protocol suite for the LINUX
3  * operating system. INET is implemented using the BSD Socket
4  * interface as the means of communication with the user level.
5  *
6  * IPv4 Forwarding Information Base: FIB frontend.
7  *
8  * Authors: Alexey Kuznetsov, <[email protected]>
9  *
10  * This program is free software; you can redistribute it and/or
11  * modify it under the terms of the GNU General Public License
12  * as published by the Free Software Foundation; either version
13  * 2 of the License, or (at your option) any later version.
14  */
15 
16 #include <linux/module.h>
17 #include <asm/uaccess.h>
18 #include <linux/bitops.h>
19 #include <linux/capability.h>
20 #include <linux/types.h>
21 #include <linux/kernel.h>
22 #include <linux/mm.h>
23 #include <linux/string.h>
24 #include <linux/socket.h>
25 #include <linux/sockios.h>
26 #include <linux/errno.h>
27 #include <linux/in.h>
28 #include <linux/inet.h>
29 #include <linux/inetdevice.h>
30 #include <linux/netdevice.h>
31 #include <linux/if_addr.h>
32 #include <linux/if_arp.h>
33 #include <linux/skbuff.h>
34 #include <linux/cache.h>
35 #include <linux/init.h>
36 #include <linux/list.h>
37 #include <linux/slab.h>
38 
39 #include <net/ip.h>
40 #include <net/protocol.h>
41 #include <net/route.h>
42 #include <net/tcp.h>
43 #include <net/sock.h>
44 #include <net/arp.h>
45 #include <net/ip_fib.h>
46 #include <net/rtnetlink.h>
47 #include <net/xfrm.h>
48 
49 #ifndef CONFIG_IP_MULTIPLE_TABLES
50 
51 static int __net_init fib4_rules_init(struct net *net)
52 {
53  struct fib_table *local_table, *main_table;
54 
55  local_table = fib_trie_table(RT_TABLE_LOCAL);
56  if (local_table == NULL)
57  return -ENOMEM;
58 
59  main_table = fib_trie_table(RT_TABLE_MAIN);
60  if (main_table == NULL)
61  goto fail;
62 
63  hlist_add_head_rcu(&local_table->tb_hlist,
64  &net->ipv4.fib_table_hash[TABLE_LOCAL_INDEX]);
65  hlist_add_head_rcu(&main_table->tb_hlist,
66  &net->ipv4.fib_table_hash[TABLE_MAIN_INDEX]);
67  return 0;
68 
69 fail:
70  kfree(local_table);
71  return -ENOMEM;
72 }
73 #else
74 
75 struct fib_table *fib_new_table(struct net *net, u32 id)
76 {
77  struct fib_table *tb;
78  unsigned int h;
79 
80  if (id == 0)
81  id = RT_TABLE_MAIN;
82  tb = fib_get_table(net, id);
83  if (tb)
84  return tb;
85 
86  tb = fib_trie_table(id);
87  if (!tb)
88  return NULL;
89 
90  switch (id) {
91  case RT_TABLE_LOCAL:
92  net->ipv4.fib_local = tb;
93  break;
94 
95  case RT_TABLE_MAIN:
96  net->ipv4.fib_main = tb;
97  break;
98 
99  case RT_TABLE_DEFAULT:
100  net->ipv4.fib_default = tb;
101  break;
102 
103  default:
104  break;
105  }
106 
107  h = id & (FIB_TABLE_HASHSZ - 1);
108  hlist_add_head_rcu(&tb->tb_hlist, &net->ipv4.fib_table_hash[h]);
109  return tb;
110 }
111 
112 struct fib_table *fib_get_table(struct net *net, u32 id)
113 {
114  struct fib_table *tb;
115  struct hlist_node *node;
116  struct hlist_head *head;
117  unsigned int h;
118 
119  if (id == 0)
120  id = RT_TABLE_MAIN;
121  h = id & (FIB_TABLE_HASHSZ - 1);
122 
123  rcu_read_lock();
124  head = &net->ipv4.fib_table_hash[h];
125  hlist_for_each_entry_rcu(tb, node, head, tb_hlist) {
126  if (tb->tb_id == id) {
127  rcu_read_unlock();
128  return tb;
129  }
130  }
131  rcu_read_unlock();
132  return NULL;
133 }
134 #endif /* CONFIG_IP_MULTIPLE_TABLES */
135 
136 static void fib_flush(struct net *net)
137 {
138  int flushed = 0;
139  struct fib_table *tb;
140  struct hlist_node *node;
141  struct hlist_head *head;
142  unsigned int h;
143 
144  for (h = 0; h < FIB_TABLE_HASHSZ; h++) {
145  head = &net->ipv4.fib_table_hash[h];
146  hlist_for_each_entry(tb, node, head, tb_hlist)
147  flushed += fib_table_flush(tb);
148  }
149 
150  if (flushed)
151  rt_cache_flush(net);
152 }
153 
154 /*
155  * Find address type as if only "dev" was present in the system. If
156  * on_dev is NULL then all interfaces are taken into consideration.
157  */
158 static inline unsigned int __inet_dev_addr_type(struct net *net,
159  const struct net_device *dev,
160  __be32 addr)
161 {
162  struct flowi4 fl4 = { .daddr = addr };
163  struct fib_result res;
164  unsigned int ret = RTN_BROADCAST;
165  struct fib_table *local_table;
166 
167  if (ipv4_is_zeronet(addr) || ipv4_is_lbcast(addr))
168  return RTN_BROADCAST;
169  if (ipv4_is_multicast(addr))
170  return RTN_MULTICAST;
171 
172  local_table = fib_get_table(net, RT_TABLE_LOCAL);
173  if (local_table) {
174  ret = RTN_UNICAST;
175  rcu_read_lock();
176  if (!fib_table_lookup(local_table, &fl4, &res, FIB_LOOKUP_NOREF)) {
177  if (!dev || dev == res.fi->fib_dev)
178  ret = res.type;
179  }
180  rcu_read_unlock();
181  }
182  return ret;
183 }
184 
185 unsigned int inet_addr_type(struct net *net, __be32 addr)
186 {
187  return __inet_dev_addr_type(net, NULL, addr);
188 }
189 EXPORT_SYMBOL(inet_addr_type);
190 
191 unsigned int inet_dev_addr_type(struct net *net, const struct net_device *dev,
192  __be32 addr)
193 {
194  return __inet_dev_addr_type(net, dev, addr);
195 }
196 EXPORT_SYMBOL(inet_dev_addr_type);
197 
198 __be32 fib_compute_spec_dst(struct sk_buff *skb)
199 {
200  struct net_device *dev = skb->dev;
201  struct in_device *in_dev;
202  struct fib_result res;
203  struct rtable *rt;
204  struct flowi4 fl4;
205  struct net *net;
206  int scope;
207 
208  rt = skb_rtable(skb);
209  if ((rt->rt_flags & (RTCF_BROADCAST | RTCF_MULTICAST | RTCF_LOCAL)) ==
210  RTCF_LOCAL)
211  return ip_hdr(skb)->daddr;
212 
213  in_dev = __in_dev_get_rcu(dev);
214  BUG_ON(!in_dev);
215 
216  net = dev_net(dev);
217 
218  scope = RT_SCOPE_UNIVERSE;
219  if (!ipv4_is_zeronet(ip_hdr(skb)->saddr)) {
220  fl4.flowi4_oif = 0;
221  fl4.flowi4_iif = LOOPBACK_IFINDEX;
222  fl4.daddr = ip_hdr(skb)->saddr;
223  fl4.saddr = 0;
224  fl4.flowi4_tos = RT_TOS(ip_hdr(skb)->tos);
225  fl4.flowi4_scope = scope;
226  fl4.flowi4_mark = IN_DEV_SRC_VMARK(in_dev) ? skb->mark : 0;
227  if (!fib_lookup(net, &fl4, &res))
228  return FIB_RES_PREFSRC(net, res);
229  } else {
230  scope = RT_SCOPE_LINK;
231  }
232 
233  return inet_select_addr(dev, ip_hdr(skb)->saddr, scope);
234 }
235 
236 /* Given (packet source, input interface) and optional (dst, oif, tos):
237  * - (main) check, that source is valid i.e. not broadcast or our local
238  * address.
239  * - figure out what "logical" interface this packet arrived
240  * and calculate "specific destination" address.
241  * - check, that packet arrived from expected physical interface.
242  * called with rcu_read_lock()
243  */
244 static int __fib_validate_source(struct sk_buff *skb, __be32 src, __be32 dst,
245  u8 tos, int oif, struct net_device *dev,
246  int rpf, struct in_device *idev, u32 *itag)
247 {
248  int ret, no_addr, accept_local;
249  struct fib_result res;
250  struct flowi4 fl4;
251  struct net *net;
252  bool dev_match;
253 
254  fl4.flowi4_oif = 0;
255  fl4.flowi4_iif = oif;
256  fl4.daddr = src;
257  fl4.saddr = dst;
258  fl4.flowi4_tos = tos;
259  fl4.flowi4_scope = RT_SCOPE_UNIVERSE;
260 
261  no_addr = idev->ifa_list == NULL;
262 
263  accept_local = IN_DEV_ACCEPT_LOCAL(idev);
264  fl4.flowi4_mark = IN_DEV_SRC_VMARK(idev) ? skb->mark : 0;
265 
266  net = dev_net(dev);
267  if (fib_lookup(net, &fl4, &res))
268  goto last_resort;
269  if (res.type != RTN_UNICAST) {
270  if (res.type != RTN_LOCAL || !accept_local)
271  goto e_inval;
272  }
273  fib_combine_itag(itag, &res);
274  dev_match = false;
275 
276 #ifdef CONFIG_IP_ROUTE_MULTIPATH
277  for (ret = 0; ret < res.fi->fib_nhs; ret++) {
278  struct fib_nh *nh = &res.fi->fib_nh[ret];
279 
280  if (nh->nh_dev == dev) {
281  dev_match = true;
282  break;
283  }
284  }
285 #else
286  if (FIB_RES_DEV(res) == dev)
287  dev_match = true;
288 #endif
289  if (dev_match) {
290  ret = FIB_RES_NH(res).nh_scope >= RT_SCOPE_HOST;
291  return ret;
292  }
293  if (no_addr)
294  goto last_resort;
295  if (rpf == 1)
296  goto e_rpf;
297  fl4.flowi4_oif = dev->ifindex;
298 
299  ret = 0;
300  if (fib_lookup(net, &fl4, &res) == 0) {
301  if (res.type == RTN_UNICAST)
302  ret = FIB_RES_NH(res).nh_scope >= RT_SCOPE_HOST;
303  }
304  return ret;
305 
306 last_resort:
307  if (rpf)
308  goto e_rpf;
309  *itag = 0;
310  return 0;
311 
312 e_inval:
313  return -EINVAL;
314 e_rpf:
315  return -EXDEV;
316 }
317 
318 /* Ignore rp_filter for packets protected by IPsec. */
319 int fib_validate_source(struct sk_buff *skb, __be32 src, __be32 dst,
320  u8 tos, int oif, struct net_device *dev,
321  struct in_device *idev, u32 *itag)
322 {
323  int r = secpath_exists(skb) ? 0 : IN_DEV_RPFILTER(idev);
324 
325  if (!r && !fib_num_tclassid_users(dev_net(dev)) &&
326  (dev->ifindex != oif || !IN_DEV_TX_REDIRECTS(idev))) {
327  *itag = 0;
328  return 0;
329  }
330  return __fib_validate_source(skb, src, dst, tos, oif, dev, r, idev, itag);
331 }
332 
333 static inline __be32 sk_extract_addr(struct sockaddr *addr)
334 {
335  return ((struct sockaddr_in *) addr)->sin_addr.s_addr;
336 }
337 
338 static int put_rtax(struct nlattr *mx, int len, int type, u32 value)
339 {
340  struct nlattr *nla;
341 
342  nla = (struct nlattr *) ((char *) mx + len);
343  nla->nla_type = type;
344  nla->nla_len = nla_attr_size(4);
345  *(u32 *) nla_data(nla) = value;
346 
347  return len + nla_total_size(4);
348 }
349 
350 static int rtentry_to_fib_config(struct net *net, int cmd, struct rtentry *rt,
351  struct fib_config *cfg)
352 {
353  __be32 addr;
354  int plen;
355 
356  memset(cfg, 0, sizeof(*cfg));
357  cfg->fc_nlinfo.nl_net = net;
358 
359  if (rt->rt_dst.sa_family != AF_INET)
360  return -EAFNOSUPPORT;
361 
362  /*
363  * Check mask for validity:
364  * a) it must be contiguous.
365  * b) destination must have all host bits clear.
366  * c) if application forgot to set correct family (AF_INET),
367  * reject request unless it is absolutely clear i.e.
368  * both family and mask are zero.
369  */
370  plen = 32;
371  addr = sk_extract_addr(&rt->rt_dst);
372  if (!(rt->rt_flags & RTF_HOST)) {
373  __be32 mask = sk_extract_addr(&rt->rt_genmask);
374 
375  if (rt->rt_genmask.sa_family != AF_INET) {
376  if (mask || rt->rt_genmask.sa_family)
377  return -EAFNOSUPPORT;
378  }
379 
380  if (bad_mask(mask, addr))
381  return -EINVAL;
382 
383  plen = inet_mask_len(mask);
384  }
385 
386  cfg->fc_dst_len = plen;
387  cfg->fc_dst = addr;
388 
389  if (cmd != SIOCDELRT) {
390  cfg->fc_nlflags = NLM_F_CREATE;
391  cfg->fc_protocol = RTPROT_BOOT;
392  }
393 
394  if (rt->rt_metric)
395  cfg->fc_priority = rt->rt_metric - 1;
396 
397  if (rt->rt_flags & RTF_REJECT) {
398  cfg->fc_scope = RT_SCOPE_HOST;
399  cfg->fc_type = RTN_UNREACHABLE;
400  return 0;
401  }
402 
403  cfg->fc_scope = RT_SCOPE_NOWHERE;
404  cfg->fc_type = RTN_UNICAST;
405 
406  if (rt->rt_dev) {
407  char *colon;
408  struct net_device *dev;
409  char devname[IFNAMSIZ];
410 
411  if (copy_from_user(devname, rt->rt_dev, IFNAMSIZ-1))
412  return -EFAULT;
413 
414  devname[IFNAMSIZ-1] = 0;
415  colon = strchr(devname, ':');
416  if (colon)
417  *colon = 0;
418  dev = __dev_get_by_name(net, devname);
419  if (!dev)
420  return -ENODEV;
421  cfg->fc_oif = dev->ifindex;
422  if (colon) {
423  struct in_ifaddr *ifa;
424  struct in_device *in_dev = __in_dev_get_rtnl(dev);
425  if (!in_dev)
426  return -ENODEV;
427  *colon = ':';
428  for (ifa = in_dev->ifa_list; ifa; ifa = ifa->ifa_next)
429  if (strcmp(ifa->ifa_label, devname) == 0)
430  break;
431  if (ifa == NULL)
432  return -ENODEV;
433  cfg->fc_prefsrc = ifa->ifa_local;
434  }
435  }
436 
437  addr = sk_extract_addr(&rt->rt_gateway);
438  if (rt->rt_gateway.sa_family == AF_INET && addr) {
439  cfg->fc_gw = addr;
440  if (rt->rt_flags & RTF_GATEWAY &&
441  inet_addr_type(net, addr) == RTN_UNICAST)
442  cfg->fc_scope = RT_SCOPE_UNIVERSE;
443  }
444 
445  if (cmd == SIOCDELRT)
446  return 0;
447 
448  if (rt->rt_flags & RTF_GATEWAY && !cfg->fc_gw)
449  return -EINVAL;
450 
451  if (cfg->fc_scope == RT_SCOPE_NOWHERE)
452  cfg->fc_scope = RT_SCOPE_LINK;
453 
454  if (rt->rt_flags & (RTF_MTU | RTF_WINDOW | RTF_IRTT)) {
455  struct nlattr *mx;
456  int len = 0;
457 
458  mx = kzalloc(3 * nla_total_size(4), GFP_KERNEL);
459  if (mx == NULL)
460  return -ENOMEM;
461 
462  if (rt->rt_flags & RTF_MTU)
463  len = put_rtax(mx, len, RTAX_ADVMSS, rt->rt_mtu - 40);
464 
465  if (rt->rt_flags & RTF_WINDOW)
466  len = put_rtax(mx, len, RTAX_WINDOW, rt->rt_window);
467 
468  if (rt->rt_flags & RTF_IRTT)
469  len = put_rtax(mx, len, RTAX_RTT, rt->rt_irtt << 3);
470 
471  cfg->fc_mx = mx;
472  cfg->fc_mx_len = len;
473  }
474 
475  return 0;
476 }
477 
478 /*
479  * Handle IP routing ioctl calls.
480  * These are used to manipulate the routing tables
481  */
482 int ip_rt_ioctl(struct net *net, unsigned int cmd, void __user *arg)
483 {
484  struct fib_config cfg;
485  struct rtentry rt;
486  int err;
487 
488  switch (cmd) {
489  case SIOCADDRT: /* Add a route */
490  case SIOCDELRT: /* Delete a route */
491  if (!capable(CAP_NET_ADMIN))
492  return -EPERM;
493 
494  if (copy_from_user(&rt, arg, sizeof(rt)))
495  return -EFAULT;
496 
497  rtnl_lock();
498  err = rtentry_to_fib_config(net, cmd, &rt, &cfg);
499  if (err == 0) {
500  struct fib_table *tb;
501 
502  if (cmd == SIOCDELRT) {
503  tb = fib_get_table(net, cfg.fc_table);
504  if (tb)
505  err = fib_table_delete(tb, &cfg);
506  else
507  err = -ESRCH;
508  } else {
509  tb = fib_new_table(net, cfg.fc_table);
510  if (tb)
511  err = fib_table_insert(tb, &cfg);
512  else
513  err = -ENOBUFS;
514  }
515 
516  /* allocated by rtentry_to_fib_config() */
517  kfree(cfg.fc_mx);
518  }
519  rtnl_unlock();
520  return err;
521  }
522  return -EINVAL;
523 }
524 
525 const struct nla_policy rtm_ipv4_policy[RTA_MAX + 1] = {
526  [RTA_DST] = { .type = NLA_U32 },
527  [RTA_SRC] = { .type = NLA_U32 },
528  [RTA_IIF] = { .type = NLA_U32 },
529  [RTA_OIF] = { .type = NLA_U32 },
530  [RTA_GATEWAY] = { .type = NLA_U32 },
531  [RTA_PRIORITY] = { .type = NLA_U32 },
532  [RTA_PREFSRC] = { .type = NLA_U32 },
533  [RTA_METRICS] = { .type = NLA_NESTED },
534  [RTA_MULTIPATH] = { .len = sizeof(struct rtnexthop) },
535  [RTA_FLOW] = { .type = NLA_U32 },
536 };
537 
538 static int rtm_to_fib_config(struct net *net, struct sk_buff *skb,
539  struct nlmsghdr *nlh, struct fib_config *cfg)
540 {
541  struct nlattr *attr;
542  int err, remaining;
543  struct rtmsg *rtm;
544 
545  err = nlmsg_validate(nlh, sizeof(*rtm), RTA_MAX, rtm_ipv4_policy);
546  if (err < 0)
547  goto errout;
548 
549  memset(cfg, 0, sizeof(*cfg));
550 
551  rtm = nlmsg_data(nlh);
552  cfg->fc_dst_len = rtm->rtm_dst_len;
553  cfg->fc_tos = rtm->rtm_tos;
554  cfg->fc_table = rtm->rtm_table;
555  cfg->fc_protocol = rtm->rtm_protocol;
556  cfg->fc_scope = rtm->rtm_scope;
557  cfg->fc_type = rtm->rtm_type;
558  cfg->fc_flags = rtm->rtm_flags;
559  cfg->fc_nlflags = nlh->nlmsg_flags;
560 
561  cfg->fc_nlinfo.portid = NETLINK_CB(skb).portid;
562  cfg->fc_nlinfo.nlh = nlh;
563  cfg->fc_nlinfo.nl_net = net;
564 
565  if (cfg->fc_type > RTN_MAX) {
566  err = -EINVAL;
567  goto errout;
568  }
569 
570  nlmsg_for_each_attr(attr, nlh, sizeof(struct rtmsg), remaining) {
571  switch (nla_type(attr)) {
572  case RTA_DST:
573  cfg->fc_dst = nla_get_be32(attr);
574  break;
575  case RTA_OIF:
576  cfg->fc_oif = nla_get_u32(attr);
577  break;
578  case RTA_GATEWAY:
579  cfg->fc_gw = nla_get_be32(attr);
580  break;
581  case RTA_PRIORITY:
582  cfg->fc_priority = nla_get_u32(attr);
583  break;
584  case RTA_PREFSRC:
585  cfg->fc_prefsrc = nla_get_be32(attr);
586  break;
587  case RTA_METRICS:
588  cfg->fc_mx = nla_data(attr);
589  cfg->fc_mx_len = nla_len(attr);
590  break;
591  case RTA_MULTIPATH:
592  cfg->fc_mp = nla_data(attr);
593  cfg->fc_mp_len = nla_len(attr);
594  break;
595  case RTA_FLOW:
596  cfg->fc_flow = nla_get_u32(attr);
597  break;
598  case RTA_TABLE:
599  cfg->fc_table = nla_get_u32(attr);
600  break;
601  }
602  }
603 
604  return 0;
605 errout:
606  return err;
607 }
608 
609 static int inet_rtm_delroute(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg)
610 {
611  struct net *net = sock_net(skb->sk);
612  struct fib_config cfg;
613  struct fib_table *tb;
614  int err;
615 
616  err = rtm_to_fib_config(net, skb, nlh, &cfg);
617  if (err < 0)
618  goto errout;
619 
620  tb = fib_get_table(net, cfg.fc_table);
621  if (tb == NULL) {
622  err = -ESRCH;
623  goto errout;
624  }
625 
626  err = fib_table_delete(tb, &cfg);
627 errout:
628  return err;
629 }
630 
631 static int inet_rtm_newroute(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg)
632 {
633  struct net *net = sock_net(skb->sk);
634  struct fib_config cfg;
635  struct fib_table *tb;
636  int err;
637 
638  err = rtm_to_fib_config(net, skb, nlh, &cfg);
639  if (err < 0)
640  goto errout;
641 
642  tb = fib_new_table(net, cfg.fc_table);
643  if (tb == NULL) {
644  err = -ENOBUFS;
645  goto errout;
646  }
647 
648  err = fib_table_insert(tb, &cfg);
649 errout:
650  return err;
651 }
652 
653 static int inet_dump_fib(struct sk_buff *skb, struct netlink_callback *cb)
654 {
655  struct net *net = sock_net(skb->sk);
656  unsigned int h, s_h;
657  unsigned int e = 0, s_e;
658  struct fib_table *tb;
659  struct hlist_node *node;
660  struct hlist_head *head;
661  int dumped = 0;
662 
663  if (nlmsg_len(cb->nlh) >= sizeof(struct rtmsg) &&
664  ((struct rtmsg *) nlmsg_data(cb->nlh))->rtm_flags & RTM_F_CLONED)
665  return ip_rt_dump(skb, cb);
666 
667  s_h = cb->args[0];
668  s_e = cb->args[1];
669 
670  for (h = s_h; h < FIB_TABLE_HASHSZ; h++, s_e = 0) {
671  e = 0;
672  head = &net->ipv4.fib_table_hash[h];
673  hlist_for_each_entry(tb, node, head, tb_hlist) {
674  if (e < s_e)
675  goto next;
676  if (dumped)
677  memset(&cb->args[2], 0, sizeof(cb->args) -
678  2 * sizeof(cb->args[0]));
679  if (fib_table_dump(tb, skb, cb) < 0)
680  goto out;
681  dumped = 1;
682 next:
683  e++;
684  }
685  }
686 out:
687  cb->args[1] = e;
688  cb->args[0] = h;
689 
690  return skb->len;
691 }
692 
693 /* Prepare and feed intra-kernel routing request.
694  * Really, it should be netlink message, but :-( netlink
695  * can be not configured, so that we feed it directly
696  * to fib engine. It is legal, because all events occur
697  * only when netlink is already locked.
698  */
699 static void fib_magic(int cmd, int type, __be32 dst, int dst_len, struct in_ifaddr *ifa)
700 {
701  struct net *net = dev_net(ifa->ifa_dev->dev);
702  struct fib_table *tb;
703  struct fib_config cfg = {
704  .fc_protocol = RTPROT_KERNEL,
705  .fc_type = type,
706  .fc_dst = dst,
707  .fc_dst_len = dst_len,
708  .fc_prefsrc = ifa->ifa_local,
709  .fc_oif = ifa->ifa_dev->dev->ifindex,
710  .fc_nlflags = NLM_F_CREATE | NLM_F_APPEND,
711  .fc_nlinfo = {
712  .nl_net = net,
713  },
714  };
715 
716  if (type == RTN_UNICAST)
717  tb = fib_new_table(net, RT_TABLE_MAIN);
718  else
719  tb = fib_new_table(net, RT_TABLE_LOCAL);
720 
721  if (tb == NULL)
722  return;
723 
724  cfg.fc_table = tb->tb_id;
725 
726  if (type != RTN_LOCAL)
727  cfg.fc_scope = RT_SCOPE_LINK;
728  else
729  cfg.fc_scope = RT_SCOPE_HOST;
730 
731  if (cmd == RTM_NEWROUTE)
732  fib_table_insert(tb, &cfg);
733  else
734  fib_table_delete(tb, &cfg);
735 }
736 
737 void fib_add_ifaddr(struct in_ifaddr *ifa)
738 {
739  struct in_device *in_dev = ifa->ifa_dev;
740  struct net_device *dev = in_dev->dev;
741  struct in_ifaddr *prim = ifa;
742  __be32 mask = ifa->ifa_mask;
743  __be32 addr = ifa->ifa_local;
744  __be32 prefix = ifa->ifa_address & mask;
745 
746  if (ifa->ifa_flags & IFA_F_SECONDARY) {
747  prim = inet_ifa_byprefix(in_dev, prefix, mask);
748  if (prim == NULL) {
749  pr_warn("%s: bug: prim == NULL\n", __func__);
750  return;
751  }
752  }
753 
754  fib_magic(RTM_NEWROUTE, RTN_LOCAL, addr, 32, prim);
755 
756  if (!(dev->flags & IFF_UP))
757  return;
758 
759  /* Add broadcast address, if it is explicitly assigned. */
760  if (ifa->ifa_broadcast && ifa->ifa_broadcast != htonl(0xFFFFFFFF))
761  fib_magic(RTM_NEWROUTE, RTN_BROADCAST, ifa->ifa_broadcast, 32, prim);
762 
763  if (!ipv4_is_zeronet(prefix) && !(ifa->ifa_flags & IFA_F_SECONDARY) &&
764  (prefix != addr || ifa->ifa_prefixlen < 32)) {
765  fib_magic(RTM_NEWROUTE,
766  dev->flags & IFF_LOOPBACK ? RTN_LOCAL : RTN_UNICAST,
767  prefix, ifa->ifa_prefixlen, prim);
768 
769  /* Add network specific broadcasts, when it takes a sense */
770  if (ifa->ifa_prefixlen < 31) {
771  fib_magic(RTM_NEWROUTE, RTN_BROADCAST, prefix, 32, prim);
772  fib_magic(RTM_NEWROUTE, RTN_BROADCAST, prefix | ~mask,
773  32, prim);
774  }
775  }
776 }
777 
778 /* Delete primary or secondary address.
779  * Optionally, on secondary address promotion consider the addresses
780  * from subnet iprim as deleted, even if they are in device list.
781  * In this case the secondary ifa can be in device list.
782  */
783 void fib_del_ifaddr(struct in_ifaddr *ifa, struct in_ifaddr *iprim)
784 {
785  struct in_device *in_dev = ifa->ifa_dev;
786  struct net_device *dev = in_dev->dev;
787  struct in_ifaddr *ifa1;
788  struct in_ifaddr *prim = ifa, *prim1 = NULL;
789  __be32 brd = ifa->ifa_address | ~ifa->ifa_mask;
790  __be32 any = ifa->ifa_address & ifa->ifa_mask;
791 #define LOCAL_OK 1
792 #define BRD_OK 2
793 #define BRD0_OK 4
794 #define BRD1_OK 8
795  unsigned int ok = 0;
796  int subnet = 0; /* Primary network */
797  int gone = 1; /* Address is missing */
798  int same_prefsrc = 0; /* Another primary with same IP */
799 
800  if (ifa->ifa_flags & IFA_F_SECONDARY) {
801  prim = inet_ifa_byprefix(in_dev, any, ifa->ifa_mask);
802  if (prim == NULL) {
803  pr_warn("%s: bug: prim == NULL\n", __func__);
804  return;
805  }
806  if (iprim && iprim != prim) {
807  pr_warn("%s: bug: iprim != prim\n", __func__);
808  return;
809  }
810  } else if (!ipv4_is_zeronet(any) &&
811  (any != ifa->ifa_local || ifa->ifa_prefixlen < 32)) {
812  fib_magic(RTM_DELROUTE,
813  dev->flags & IFF_LOOPBACK ? RTN_LOCAL : RTN_UNICAST,
814  any, ifa->ifa_prefixlen, prim);
815  subnet = 1;
816  }
817 
818  /* Deletion is more complicated than add.
819  * We should take care of not to delete too much :-)
820  *
821  * Scan address list to be sure that addresses are really gone.
822  */
823 
824  for (ifa1 = in_dev->ifa_list; ifa1; ifa1 = ifa1->ifa_next) {
825  if (ifa1 == ifa) {
826  /* promotion, keep the IP */
827  gone = 0;
828  continue;
829  }
830  /* Ignore IFAs from our subnet */
831  if (iprim && ifa1->ifa_mask == iprim->ifa_mask &&
832  inet_ifa_match(ifa1->ifa_address, iprim))
833  continue;
834 
835  /* Ignore ifa1 if it uses different primary IP (prefsrc) */
836  if (ifa1->ifa_flags & IFA_F_SECONDARY) {
837  /* Another address from our subnet? */
838  if (ifa1->ifa_mask == prim->ifa_mask &&
839  inet_ifa_match(ifa1->ifa_address, prim))
840  prim1 = prim;
841  else {
842  /* We reached the secondaries, so
843  * same_prefsrc should be determined.
844  */
845  if (!same_prefsrc)
846  continue;
847  /* Search new prim1 if ifa1 is not
848  * using the current prim1
849  */
850  if (!prim1 ||
851  ifa1->ifa_mask != prim1->ifa_mask ||
852  !inet_ifa_match(ifa1->ifa_address, prim1))
853  prim1 = inet_ifa_byprefix(in_dev,
854  ifa1->ifa_address,
855  ifa1->ifa_mask);
856  if (!prim1)
857  continue;
858  if (prim1->ifa_local != prim->ifa_local)
859  continue;
860  }
861  } else {
862  if (prim->ifa_local != ifa1->ifa_local)
863  continue;
864  prim1 = ifa1;
865  if (prim != prim1)
866  same_prefsrc = 1;
867  }
868  if (ifa->ifa_local == ifa1->ifa_local)
869  ok |= LOCAL_OK;
870  if (ifa->ifa_broadcast == ifa1->ifa_broadcast)
871  ok |= BRD_OK;
872  if (brd == ifa1->ifa_broadcast)
873  ok |= BRD1_OK;
874  if (any == ifa1->ifa_broadcast)
875  ok |= BRD0_OK;
876  /* primary has network specific broadcasts */
877  if (prim1 == ifa1 && ifa1->ifa_prefixlen < 31) {
878  __be32 brd1 = ifa1->ifa_address | ~ifa1->ifa_mask;
879  __be32 any1 = ifa1->ifa_address & ifa1->ifa_mask;
880 
881  if (!ipv4_is_zeronet(any1)) {
882  if (ifa->ifa_broadcast == brd1 ||
883  ifa->ifa_broadcast == any1)
884  ok |= BRD_OK;
885  if (brd == brd1 || brd == any1)
886  ok |= BRD1_OK;
887  if (any == brd1 || any == any1)
888  ok |= BRD0_OK;
889  }
890  }
891  }
892 
893  if (!(ok & BRD_OK))
894  fib_magic(RTM_DELROUTE, RTN_BROADCAST, ifa->ifa_broadcast, 32, prim);
895  if (subnet && ifa->ifa_prefixlen < 31) {
896  if (!(ok & BRD1_OK))
897  fib_magic(RTM_DELROUTE, RTN_BROADCAST, brd, 32, prim);
898  if (!(ok & BRD0_OK))
899  fib_magic(RTM_DELROUTE, RTN_BROADCAST, any, 32, prim);
900  }
901  if (!(ok & LOCAL_OK)) {
902  fib_magic(RTM_DELROUTE, RTN_LOCAL, ifa->ifa_local, 32, prim);
903 
904  /* Check, that this local address finally disappeared. */
905  if (gone &&
906  inet_addr_type(dev_net(dev), ifa->ifa_local) != RTN_LOCAL) {
907  /* And the last, but not the least thing.
908  * We must flush stray FIB entries.
909  *
910  * First of all, we scan fib_info list searching
911  * for stray nexthop entries, then ignite fib_flush.
912  */
913  if (fib_sync_down_addr(dev_net(dev), ifa->ifa_local))
914  fib_flush(dev_net(dev));
915  }
916  }
917 #undef LOCAL_OK
918 #undef BRD_OK
919 #undef BRD0_OK
920 #undef BRD1_OK
921 }
922 
923 static void nl_fib_lookup(struct fib_result_nl *frn, struct fib_table *tb)
924 {
925 
926  struct fib_result res;
927  struct flowi4 fl4 = {
928  .flowi4_mark = frn->fl_mark,
929  .daddr = frn->fl_addr,
930  .flowi4_tos = frn->fl_tos,
931  .flowi4_scope = frn->fl_scope,
932  };
933 
934  frn->err = -ENOENT;
935  if (tb) {
936  local_bh_disable();
937 
938  frn->tb_id = tb->tb_id;
939  rcu_read_lock();
940  frn->err = fib_table_lookup(tb, &fl4, &res, FIB_LOOKUP_NOREF);
941 
942  if (!frn->err) {
943  frn->prefixlen = res.prefixlen;
944  frn->nh_sel = res.nh_sel;
945  frn->type = res.type;
946  frn->scope = res.scope;
947  }
948  rcu_read_unlock();
949  local_bh_enable();
950  }
951 }
952 
953 static void nl_fib_input(struct sk_buff *skb)
954 {
955  struct net *net;
956  struct fib_result_nl *frn;
957  struct nlmsghdr *nlh;
958  struct fib_table *tb;
959  u32 portid;
960 
961  net = sock_net(skb->sk);
962  nlh = nlmsg_hdr(skb);
963  if (skb->len < NLMSG_SPACE(0) || skb->len < nlh->nlmsg_len ||
964  nlh->nlmsg_len < NLMSG_LENGTH(sizeof(*frn)))
965  return;
966 
967  skb = skb_clone(skb, GFP_KERNEL);
968  if (skb == NULL)
969  return;
970  nlh = nlmsg_hdr(skb);
971 
972  frn = (struct fib_result_nl *) NLMSG_DATA(nlh);
973  tb = fib_get_table(net, frn->tb_id_in);
974 
975  nl_fib_lookup(frn, tb);
976 
977  portid = NETLINK_CB(skb).portid; /* pid of sending process */
978  NETLINK_CB(skb).portid = 0; /* from kernel */
979  NETLINK_CB(skb).dst_group = 0; /* unicast */
980  netlink_unicast(net->ipv4.fibnl, skb, portid, MSG_DONTWAIT);
981 }
982 
983 static int __net_init nl_fib_lookup_init(struct net *net)
984 {
985  struct sock *sk;
986  struct netlink_kernel_cfg cfg = {
987  .input = nl_fib_input,
988  };
989 
990  sk = netlink_kernel_create(net, NETLINK_FIB_LOOKUP, &cfg);
991  if (sk == NULL)
992  return -EAFNOSUPPORT;
993  net->ipv4.fibnl = sk;
994  return 0;
995 }
996 
997 static void nl_fib_lookup_exit(struct net *net)
998 {
999  netlink_kernel_release(net->ipv4.fibnl);
1000  net->ipv4.fibnl = NULL;
1001 }
1002 
1003 static void fib_disable_ip(struct net_device *dev, int force)
1004 {
1005  if (fib_sync_down_dev(dev, force))
1006  fib_flush(dev_net(dev));
1007  rt_cache_flush(dev_net(dev));
1008  arp_ifdown(dev);
1009 }
1010 
1011 static int fib_inetaddr_event(struct notifier_block *this, unsigned long event, void *ptr)
1012 {
1013  struct in_ifaddr *ifa = (struct in_ifaddr *)ptr;
1014  struct net_device *dev = ifa->ifa_dev->dev;
1015  struct net *net = dev_net(dev);
1016 
1017  switch (event) {
1018  case NETDEV_UP:
1019  fib_add_ifaddr(ifa);
1020 #ifdef CONFIG_IP_ROUTE_MULTIPATH
1021  fib_sync_up(dev);
1022 #endif
1023  atomic_inc(&net->ipv4.dev_addr_genid);
1024  rt_cache_flush(dev_net(dev));
1025  break;
1026  case NETDEV_DOWN:
1027  fib_del_ifaddr(ifa, NULL);
1028  atomic_inc(&net->ipv4.dev_addr_genid);
1029  if (ifa->ifa_dev->ifa_list == NULL) {
1030  /* Last address was deleted from this interface.
1031  * Disable IP.
1032  */
1033  fib_disable_ip(dev, 1);
1034  } else {
1035  rt_cache_flush(dev_net(dev));
1036  }
1037  break;
1038  }
1039  return NOTIFY_DONE;
1040 }
1041 
1042 static int fib_netdev_event(struct notifier_block *this, unsigned long event, void *ptr)
1043 {
1044  struct net_device *dev = ptr;
1045  struct in_device *in_dev;
1046  struct net *net = dev_net(dev);
1047 
1048  if (event == NETDEV_UNREGISTER) {
1049  fib_disable_ip(dev, 2);
1050  rt_flush_dev(dev);
1051  return NOTIFY_DONE;
1052  }
1053 
1054  in_dev = __in_dev_get_rtnl(dev);
1055 
1056  switch (event) {
1057  case NETDEV_UP:
1058  for_ifa(in_dev) {
1059  fib_add_ifaddr(ifa);
1060  } endfor_ifa(in_dev);
1061 #ifdef CONFIG_IP_ROUTE_MULTIPATH
1062  fib_sync_up(dev);
1063 #endif
1064  atomic_inc(&net->ipv4.dev_addr_genid);
1065  rt_cache_flush(net);
1066  break;
1067  case NETDEV_DOWN:
1068  fib_disable_ip(dev, 0);
1069  break;
1070  case NETDEV_CHANGEMTU:
1071  case NETDEV_CHANGE:
1072  rt_cache_flush(net);
1073  break;
1074  }
1075  return NOTIFY_DONE;
1076 }
1077 
1078 static struct notifier_block fib_inetaddr_notifier = {
1079  .notifier_call = fib_inetaddr_event,
1080 };
1081 
1082 static struct notifier_block fib_netdev_notifier = {
1083  .notifier_call = fib_netdev_event,
1084 };
1085 
1086 static int __net_init ip_fib_net_init(struct net *net)
1087 {
1088  int err;
1089  size_t size = sizeof(struct hlist_head) * FIB_TABLE_HASHSZ;
1090 
1091  /* Avoid false sharing : Use at least a full cache line */
1092  size = max_t(size_t, size, L1_CACHE_BYTES);
1093 
1094  net->ipv4.fib_table_hash = kzalloc(size, GFP_KERNEL);
1095  if (net->ipv4.fib_table_hash == NULL)
1096  return -ENOMEM;
1097 
1098  err = fib4_rules_init(net);
1099  if (err < 0)
1100  goto fail;
1101  return 0;
1102 
1103 fail:
1104  kfree(net->ipv4.fib_table_hash);
1105  return err;
1106 }
1107 
1108 static void ip_fib_net_exit(struct net *net)
1109 {
1110  unsigned int i;
1111 
1112 #ifdef CONFIG_IP_MULTIPLE_TABLES
1113  fib4_rules_exit(net);
1114 #endif
1115 
1116  rtnl_lock();
1117  for (i = 0; i < FIB_TABLE_HASHSZ; i++) {
1118  struct fib_table *tb;
1119  struct hlist_head *head;
1120  struct hlist_node *node, *tmp;
1121 
1122  head = &net->ipv4.fib_table_hash[i];
1123  hlist_for_each_entry_safe(tb, node, tmp, head, tb_hlist) {
1124  hlist_del(node);
1125  fib_table_flush(tb);
1126  fib_free_table(tb);
1127  }
1128  }
1129  rtnl_unlock();
1130  kfree(net->ipv4.fib_table_hash);
1131 }
1132 
1133 static int __net_init fib_net_init(struct net *net)
1134 {
1135  int error;
1136 
1137 #ifdef CONFIG_IP_ROUTE_CLASSID
1138  net->ipv4.fib_num_tclassid_users = 0;
1139 #endif
1140  error = ip_fib_net_init(net);
1141  if (error < 0)
1142  goto out;
1143  error = nl_fib_lookup_init(net);
1144  if (error < 0)
1145  goto out_nlfl;
1146  error = fib_proc_init(net);
1147  if (error < 0)
1148  goto out_proc;
1149 out:
1150  return error;
1151 
1152 out_proc:
1153  nl_fib_lookup_exit(net);
1154 out_nlfl:
1155  ip_fib_net_exit(net);
1156  goto out;
1157 }
1158 
1159 static void __net_exit fib_net_exit(struct net *net)
1160 {
1161  fib_proc_exit(net);
1162  nl_fib_lookup_exit(net);
1163  ip_fib_net_exit(net);
1164 }
1165 
1166 static struct pernet_operations fib_net_ops = {
1167  .init = fib_net_init,
1168  .exit = fib_net_exit,
1169 };
1170 
1171 void __init ip_fib_init(void)
1172 {
1173  rtnl_register(PF_INET, RTM_NEWROUTE, inet_rtm_newroute, NULL, NULL);
1174  rtnl_register(PF_INET, RTM_DELROUTE, inet_rtm_delroute, NULL, NULL);
1175  rtnl_register(PF_INET, RTM_GETROUTE, NULL, inet_dump_fib, NULL);
1176 
1177  register_pernet_subsys(&fib_net_ops);
1178  register_netdevice_notifier(&fib_netdev_notifier);
1179  register_inetaddr_notifier(&fib_inetaddr_notifier);
1180 
1181  fib_trie_init();
1182 }
Generated on Thu Jan 10 2013 14:58:15 for Linux Kernel by   doxygen 1.8.2