2006-08-04 03:39:02 -07:00
/*
* net / ipv6 / fib6_rules . c IPv6 Routing Policy Rules
*
* Copyright ( C ) 2003 - 2006 Helsinki University of Technology
* Copyright ( C ) 2003 - 2006 USAGI / WIDE Project
*
* This program is free software ; you can redistribute it and / or
* modify it under the terms of the GNU General Public License as
* published by the Free Software Foundation , version 2.
*
* Authors
* Thomas Graf < tgraf @ suug . ch >
* Ville Nuorvala < vnuorval @ tcs . hut . fi >
*/
# include <linux/netdevice.h>
# include <net/fib_rules.h>
# include <net/ipv6.h>
2007-04-06 11:45:39 -07:00
# include <net/addrconf.h>
2006-08-04 03:39:02 -07:00
# include <net/ip6_route.h>
# include <net/netlink.h>
struct fib6_rule
{
struct fib_rule common ;
struct rt6key src ;
struct rt6key dst ;
u8 tclass ;
} ;
static struct fib_rules_ops fib6_rules_ops ;
static struct fib6_rule main_rule = {
. common = {
. refcnt = ATOMIC_INIT ( 2 ) ,
. pref = 0x7FFE ,
. action = FR_ACT_TO_TBL ,
. table = RT6_TABLE_MAIN ,
} ,
} ;
static struct fib6_rule local_rule = {
. common = {
. refcnt = ATOMIC_INIT ( 2 ) ,
. pref = 0 ,
. action = FR_ACT_TO_TBL ,
. table = RT6_TABLE_LOCAL ,
. flags = FIB_RULE_PERMANENT ,
} ,
} ;
struct dst_entry * fib6_rule_lookup ( struct flowi * fl , int flags ,
pol_lookup_t lookup )
{
struct fib_lookup_arg arg = {
. lookup_ptr = lookup ,
} ;
fib_rules_lookup ( & fib6_rules_ops , fl , flags , & arg ) ;
if ( arg . rule )
fib_rule_put ( arg . rule ) ;
2006-08-08 16:44:17 -07:00
if ( arg . result )
2006-10-19 13:50:09 +09:00
return arg . result ;
2006-08-08 16:44:17 -07:00
dst_hold ( & ip6_null_entry . u . dst ) ;
return & ip6_null_entry . u . dst ;
2006-08-04 03:39:02 -07:00
}
2006-08-07 21:50:48 -07:00
static int fib6_rule_action ( struct fib_rule * rule , struct flowi * flp ,
int flags , struct fib_lookup_arg * arg )
2006-08-04 03:39:02 -07:00
{
struct rt6_info * rt = NULL ;
struct fib6_table * table ;
pol_lookup_t lookup = arg - > lookup_ptr ;
switch ( rule - > action ) {
case FR_ACT_TO_TBL :
break ;
case FR_ACT_UNREACHABLE :
rt = & ip6_null_entry ;
goto discard_pkt ;
default :
case FR_ACT_BLACKHOLE :
rt = & ip6_blk_hole_entry ;
goto discard_pkt ;
case FR_ACT_PROHIBIT :
rt = & ip6_prohibit_entry ;
goto discard_pkt ;
}
table = fib6_get_table ( rule - > table ) ;
if ( table )
rt = lookup ( table , flp , flags ) ;
2007-04-06 11:45:39 -07:00
if ( rt ! = & ip6_null_entry ) {
struct fib6_rule * r = ( struct fib6_rule * ) rule ;
/*
* If we need to find a source address for this traffic ,
* we check the result if it meets requirement of the rule .
*/
if ( ( rule - > flags & FIB_RULE_FIND_SADDR ) & &
r - > src . plen & & ! ( flags & RT6_LOOKUP_F_HAS_SADDR ) ) {
struct in6_addr saddr ;
if ( ipv6_get_saddr ( & rt - > u . dst , & flp - > fl6_dst ,
& saddr ) )
goto again ;
if ( ! ipv6_prefix_equal ( & saddr , & r - > src . addr ,
r - > src . plen ) )
goto again ;
ipv6_addr_copy ( & flp - > fl6_src , & saddr ) ;
}
2006-08-04 03:39:02 -07:00
goto out ;
2007-04-06 11:45:39 -07:00
}
again :
2006-08-04 03:39:02 -07:00
dst_release ( & rt - > u . dst ) ;
2006-08-06 22:24:08 -07:00
rt = NULL ;
goto out ;
2006-08-04 03:39:02 -07:00
discard_pkt :
dst_hold ( & rt - > u . dst ) ;
out :
arg - > result = rt ;
return rt = = NULL ? - EAGAIN : 0 ;
}
static int fib6_rule_match ( struct fib_rule * rule , struct flowi * fl , int flags )
{
struct fib6_rule * r = ( struct fib6_rule * ) rule ;
2006-10-13 15:01:03 -07:00
if ( r - > dst . plen & &
! ipv6_prefix_equal ( & fl - > fl6_dst , & r - > dst . addr , r - > dst . plen ) )
2006-08-04 03:39:02 -07:00
return 0 ;
2007-04-06 11:45:39 -07:00
/*
* If FIB_RULE_FIND_SADDR is set and we do not have a
* source address for the traffic , we defer check for
* source address .
*/
2006-10-13 15:01:03 -07:00
if ( r - > src . plen ) {
2007-04-06 11:45:39 -07:00
if ( flags & RT6_LOOKUP_F_HAS_SADDR ) {
if ( ! ipv6_prefix_equal ( & fl - > fl6_src , & r - > src . addr ,
r - > src . plen ) )
return 0 ;
} else if ( ! ( r - > common . flags & FIB_RULE_FIND_SADDR ) )
2006-10-13 15:01:03 -07:00
return 0 ;
}
2006-08-04 03:39:02 -07:00
2006-08-21 19:18:57 +09:00
if ( r - > tclass & & r - > tclass ! = ( ( ntohl ( fl - > fl6_flowlabel ) > > 20 ) & 0xff ) )
return 0 ;
2006-08-04 03:39:02 -07:00
return 1 ;
}
2007-06-05 12:38:30 -07:00
static const struct nla_policy fib6_rule_policy [ FRA_MAX + 1 ] = {
2006-11-09 15:22:48 -08:00
FRA_GENERIC_POLICY ,
2006-08-04 03:39:02 -07:00
} ;
static int fib6_rule_configure ( struct fib_rule * rule , struct sk_buff * skb ,
struct nlmsghdr * nlh , struct fib_rule_hdr * frh ,
struct nlattr * * tb )
{
int err = - EINVAL ;
struct fib6_rule * rule6 = ( struct fib6_rule * ) rule ;
if ( rule - > action = = FR_ACT_TO_TBL ) {
if ( rule - > table = = RT6_TABLE_UNSPEC )
goto errout ;
if ( fib6_new_table ( rule - > table ) = = NULL ) {
err = - ENOBUFS ;
goto errout ;
}
}
2007-03-24 12:46:02 -07:00
if ( frh - > src_len )
2006-08-04 03:39:02 -07:00
nla_memcpy ( & rule6 - > src . addr , tb [ FRA_SRC ] ,
sizeof ( struct in6_addr ) ) ;
2007-03-24 12:46:02 -07:00
if ( frh - > dst_len )
2006-08-04 03:39:02 -07:00
nla_memcpy ( & rule6 - > dst . addr , tb [ FRA_DST ] ,
sizeof ( struct in6_addr ) ) ;
rule6 - > src . plen = frh - > src_len ;
rule6 - > dst . plen = frh - > dst_len ;
rule6 - > tclass = frh - > tos ;
err = 0 ;
errout :
return err ;
}
static int fib6_rule_compare ( struct fib_rule * rule , struct fib_rule_hdr * frh ,
struct nlattr * * tb )
{
struct fib6_rule * rule6 = ( struct fib6_rule * ) rule ;
if ( frh - > src_len & & ( rule6 - > src . plen ! = frh - > src_len ) )
return 0 ;
if ( frh - > dst_len & & ( rule6 - > dst . plen ! = frh - > dst_len ) )
return 0 ;
if ( frh - > tos & & ( rule6 - > tclass ! = frh - > tos ) )
return 0 ;
2007-03-24 12:46:02 -07:00
if ( frh - > src_len & &
2006-08-04 03:39:02 -07:00
nla_memcmp ( tb [ FRA_SRC ] , & rule6 - > src . addr , sizeof ( struct in6_addr ) ) )
return 0 ;
2007-03-24 12:46:02 -07:00
if ( frh - > dst_len & &
2006-08-04 03:39:02 -07:00
nla_memcmp ( tb [ FRA_DST ] , & rule6 - > dst . addr , sizeof ( struct in6_addr ) ) )
return 0 ;
return 1 ;
}
static int fib6_rule_fill ( struct fib_rule * rule , struct sk_buff * skb ,
struct nlmsghdr * nlh , struct fib_rule_hdr * frh )
{
struct fib6_rule * rule6 = ( struct fib6_rule * ) rule ;
frh - > family = AF_INET6 ;
frh - > dst_len = rule6 - > dst . plen ;
frh - > src_len = rule6 - > src . plen ;
frh - > tos = rule6 - > tclass ;
if ( rule6 - > dst . plen )
NLA_PUT ( skb , FRA_DST , sizeof ( struct in6_addr ) ,
& rule6 - > dst . addr ) ;
if ( rule6 - > src . plen )
NLA_PUT ( skb , FRA_SRC , sizeof ( struct in6_addr ) ,
& rule6 - > src . addr ) ;
return 0 ;
nla_put_failure :
return - ENOBUFS ;
}
static u32 fib6_rule_default_pref ( void )
{
return 0x3FFF ;
}
2006-11-10 14:10:15 -08:00
static size_t fib6_rule_nlmsg_payload ( struct fib_rule * rule )
{
return nla_total_size ( 16 ) /* dst */
+ nla_total_size ( 16 ) ; /* src */
}
2006-08-04 03:39:02 -07:00
static struct fib_rules_ops fib6_rules_ops = {
. family = AF_INET6 ,
. rule_size = sizeof ( struct fib6_rule ) ,
2007-03-24 12:46:02 -07:00
. addr_size = sizeof ( struct in6_addr ) ,
2006-08-04 03:39:02 -07:00
. action = fib6_rule_action ,
. match = fib6_rule_match ,
. configure = fib6_rule_configure ,
. compare = fib6_rule_compare ,
. fill = fib6_rule_fill ,
. default_pref = fib6_rule_default_pref ,
2006-11-10 14:10:15 -08:00
. nlmsg_payload = fib6_rule_nlmsg_payload ,
2006-08-04 03:39:02 -07:00
. nlgroup = RTNLGRP_IPV6_RULE ,
. policy = fib6_rule_policy ,
2007-09-16 15:44:27 -07:00
. rules_list = LIST_HEAD_INIT ( fib6_rules_ops . rules_list ) ,
2006-08-04 03:39:02 -07:00
. owner = THIS_MODULE ,
} ;
void __init fib6_rules_init ( void )
{
2007-09-16 15:44:27 -07:00
list_add_tail ( & local_rule . common . list , & fib6_rules_ops . rules_list ) ;
list_add_tail ( & main_rule . common . list , & fib6_rules_ops . rules_list ) ;
2006-08-04 03:39:02 -07:00
fib_rules_register ( & fib6_rules_ops ) ;
}
void fib6_rules_cleanup ( void )
{
fib_rules_unregister ( & fib6_rules_ops ) ;
}