Gitiles
Code Review Sign In
review.evervolv.com / android_kernel_htc_msm8960 / 403dfb58c3134a339e415fba9f6d45b51c6ee357 / . / net / ipv6 / fib6_rules.c
blob: 53b3998a486ced67d9eae000cff6c9a1269ecf66 [file] [log] [blame]
Thomas Graf101367c2006-08-04 03:39:02 -0700[diff] [blame]1/*
2 * net/ipv6/fib6_rules.c IPv6 Routing Policy Rules
3 *
4 * Copyright (C)2003-2006 Helsinki University of Technology
5 * Copyright (C)2003-2006 USAGI/WIDE Project
6 *
7 * This program is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU General Public License as
9 * published by the Free Software Foundation, version 2.
10 *
11 * Authors
12 * Thomas Graf <tgraf@suug.ch>
13 * Ville Nuorvala <vnuorval@tcs.hut.fi>
14 */
15
Thomas Graf101367c2006-08-04 03:39:02 -0700[diff] [blame]16#include <linux/netdevice.h>
17
18#include <net/fib_rules.h>
19#include <net/ipv6.h>
YOSHIFUJI Hideaki29f6af72007-04-06 11:45:39 -0700[diff] [blame]20#include <net/addrconf.h>
Thomas Graf101367c2006-08-04 03:39:02 -0700[diff] [blame]21#include <net/ip6_route.h>
22#include <net/netlink.h>
23
24struct fib6_rule
25{
26 struct fib_rule common;
27 struct rt6key src;
28 struct rt6key dst;
29 u8 tclass;
30};
31
32static struct fib_rules_ops fib6_rules_ops;
33
34static struct fib6_rule main_rule = {
35 .common = {
36 .refcnt = ATOMIC_INIT(2),
37 .pref = 0x7FFE,
38 .action = FR_ACT_TO_TBL,
39 .table = RT6_TABLE_MAIN,
40 },
41};
42
43static struct fib6_rule local_rule = {
44 .common = {
45 .refcnt = ATOMIC_INIT(2),
46 .pref = 0,
47 .action = FR_ACT_TO_TBL,
48 .table = RT6_TABLE_LOCAL,
49 .flags = FIB_RULE_PERMANENT,
50 },
51};
52
53static LIST_HEAD(fib6_rules);
54
55struct dst_entry *fib6_rule_lookup(struct flowi *fl, int flags,
56 pol_lookup_t lookup)
57{
58 struct fib_lookup_arg arg = {
59 .lookup_ptr = lookup,
60 };
61
62 fib_rules_lookup(&fib6_rules_ops, fl, flags, &arg);
63 if (arg.rule)
64 fib_rule_put(arg.rule);
65
Ville Nuorvalab1429552006-08-08 16:44:17 -0700[diff] [blame]66 if (arg.result)
YOSHIFUJI Hideaki40aa7b92006-10-19 13:50:09 +0900[diff] [blame]67 return arg.result;
Ville Nuorvalab1429552006-08-08 16:44:17 -0700[diff] [blame]68
69 dst_hold(&ip6_null_entry.u.dst);
70 return &ip6_null_entry.u.dst;
Thomas Graf101367c2006-08-04 03:39:02 -0700[diff] [blame]71}
72
Adrian Bunk8ce11e62006-08-07 21:50:48 -0700[diff] [blame]73static int fib6_rule_action(struct fib_rule *rule, struct flowi *flp,
74 int flags, struct fib_lookup_arg *arg)
Thomas Graf101367c2006-08-04 03:39:02 -0700[diff] [blame]75{
76 struct rt6_info *rt = NULL;
77 struct fib6_table *table;
78 pol_lookup_t lookup = arg->lookup_ptr;
79
80 switch (rule->action) {
81 case FR_ACT_TO_TBL:
82 break;
83 case FR_ACT_UNREACHABLE:
84 rt = &ip6_null_entry;
85 goto discard_pkt;
86 default:
87 case FR_ACT_BLACKHOLE:
88 rt = &ip6_blk_hole_entry;
89 goto discard_pkt;
90 case FR_ACT_PROHIBIT:
91 rt = &ip6_prohibit_entry;
92 goto discard_pkt;
93 }
94
95 table = fib6_get_table(rule->table);
96 if (table)
97 rt = lookup(table, flp, flags);
98
YOSHIFUJI Hideaki29f6af72007-04-06 11:45:39 -0700[diff] [blame]99 if (rt != &ip6_null_entry) {
100 struct fib6_rule *r = (struct fib6_rule *)rule;
101
102 /*
103 * If we need to find a source address for this traffic,
104 * we check the result if it meets requirement of the rule.
105 */
106 if ((rule->flags & FIB_RULE_FIND_SADDR) &&
107 r->src.plen && !(flags & RT6_LOOKUP_F_HAS_SADDR)) {
108 struct in6_addr saddr;
109 if (ipv6_get_saddr(&rt->u.dst, &flp->fl6_dst,
110 &saddr))
111 goto again;
112 if (!ipv6_prefix_equal(&saddr, &r->src.addr,
113 r->src.plen))
114 goto again;
115 ipv6_addr_copy(&flp->fl6_src, &saddr);
116 }
Thomas Graf101367c2006-08-04 03:39:02 -0700[diff] [blame]117 goto out;
YOSHIFUJI Hideaki29f6af72007-04-06 11:45:39 -0700[diff] [blame]118 }
119again:
Thomas Graf101367c2006-08-04 03:39:02 -0700[diff] [blame]120 dst_release(&rt->u.dst);
Patrick McHardy3226f6882006-08-06 22:24:08 -0700[diff] [blame]121 rt = NULL;
122 goto out;
123
Thomas Graf101367c2006-08-04 03:39:02 -0700[diff] [blame]124discard_pkt:
125 dst_hold(&rt->u.dst);
126out:
127 arg->result = rt;
128 return rt == NULL ? -EAGAIN : 0;
129}
130
131
132static int fib6_rule_match(struct fib_rule *rule, struct flowi *fl, int flags)
133{
134 struct fib6_rule *r = (struct fib6_rule *) rule;
135
Thomas Grafadaa70b2006-10-13 15:01:03 -0700[diff] [blame]136 if (r->dst.plen &&
137 !ipv6_prefix_equal(&fl->fl6_dst, &r->dst.addr, r->dst.plen))
Thomas Graf101367c2006-08-04 03:39:02 -0700[diff] [blame]138 return 0;
139
YOSHIFUJI Hideaki29f6af72007-04-06 11:45:39 -0700[diff] [blame]140 /*
141 * If FIB_RULE_FIND_SADDR is set and we do not have a
142 * source address for the traffic, we defer check for
143 * source address.
144 */
Thomas Grafadaa70b2006-10-13 15:01:03 -0700[diff] [blame]145 if (r->src.plen) {
YOSHIFUJI Hideaki29f6af72007-04-06 11:45:39 -0700[diff] [blame]146 if (flags & RT6_LOOKUP_F_HAS_SADDR) {
147 if (!ipv6_prefix_equal(&fl->fl6_src, &r->src.addr,
148 r->src.plen))
149 return 0;
150 } else if (!(r->common.flags & FIB_RULE_FIND_SADDR))
Thomas Grafadaa70b2006-10-13 15:01:03 -0700[diff] [blame]151 return 0;
152 }
Thomas Graf101367c2006-08-04 03:39:02 -0700[diff] [blame]153
YOSHIFUJI Hideaki2cc67cc2006-08-21 19:18:57 +0900[diff] [blame]154 if (r->tclass && r->tclass != ((ntohl(fl->fl6_flowlabel) >> 20) & 0xff))
155 return 0;
156
Thomas Graf101367c2006-08-04 03:39:02 -0700[diff] [blame]157 return 1;
158}
159
Patrick McHardyef7c79e2007-06-05 12:38:30 -0700[diff] [blame]160static const struct nla_policy fib6_rule_policy[FRA_MAX+1] = {
Thomas Graf1f6c9552006-11-09 15:22:48 -0800[diff] [blame]161 FRA_GENERIC_POLICY,
Thomas Graf101367c2006-08-04 03:39:02 -0700[diff] [blame]162};
163
164static int fib6_rule_configure(struct fib_rule *rule, struct sk_buff *skb,
165 struct nlmsghdr *nlh, struct fib_rule_hdr *frh,
166 struct nlattr **tb)
167{
168 int err = -EINVAL;
169 struct fib6_rule *rule6 = (struct fib6_rule *) rule;
170
Thomas Graf101367c2006-08-04 03:39:02 -0700[diff] [blame]171 if (rule->action == FR_ACT_TO_TBL) {
172 if (rule->table == RT6_TABLE_UNSPEC)
173 goto errout;
174
175 if (fib6_new_table(rule->table) == NULL) {
176 err = -ENOBUFS;
177 goto errout;
178 }
179 }
180
Thomas Grafe1701c62007-03-24 12:46:02 -0700[diff] [blame]181 if (frh->src_len)
Thomas Graf101367c2006-08-04 03:39:02 -0700[diff] [blame]182 nla_memcpy(&rule6->src.addr, tb[FRA_SRC],
183 sizeof(struct in6_addr));
184
Thomas Grafe1701c62007-03-24 12:46:02 -0700[diff] [blame]185 if (frh->dst_len)
Thomas Graf101367c2006-08-04 03:39:02 -0700[diff] [blame]186 nla_memcpy(&rule6->dst.addr, tb[FRA_DST],
187 sizeof(struct in6_addr));
188
189 rule6->src.plen = frh->src_len;
190 rule6->dst.plen = frh->dst_len;
191 rule6->tclass = frh->tos;
192
193 err = 0;
194errout:
195 return err;
196}
197
198static int fib6_rule_compare(struct fib_rule *rule, struct fib_rule_hdr *frh,
199 struct nlattr **tb)
200{
201 struct fib6_rule *rule6 = (struct fib6_rule *) rule;
202
203 if (frh->src_len && (rule6->src.plen != frh->src_len))
204 return 0;
205
206 if (frh->dst_len && (rule6->dst.plen != frh->dst_len))
207 return 0;
208
209 if (frh->tos && (rule6->tclass != frh->tos))
210 return 0;
211
Thomas Grafe1701c62007-03-24 12:46:02 -0700[diff] [blame]212 if (frh->src_len &&
Thomas Graf101367c2006-08-04 03:39:02 -0700[diff] [blame]213 nla_memcmp(tb[FRA_SRC], &rule6->src.addr, sizeof(struct in6_addr)))
214 return 0;
215
Thomas Grafe1701c62007-03-24 12:46:02 -0700[diff] [blame]216 if (frh->dst_len &&
Thomas Graf101367c2006-08-04 03:39:02 -0700[diff] [blame]217 nla_memcmp(tb[FRA_DST], &rule6->dst.addr, sizeof(struct in6_addr)))
218 return 0;
219
220 return 1;
221}
222
223static int fib6_rule_fill(struct fib_rule *rule, struct sk_buff *skb,
224 struct nlmsghdr *nlh, struct fib_rule_hdr *frh)
225{
226 struct fib6_rule *rule6 = (struct fib6_rule *) rule;
227
228 frh->family = AF_INET6;
229 frh->dst_len = rule6->dst.plen;
230 frh->src_len = rule6->src.plen;
231 frh->tos = rule6->tclass;
232
233 if (rule6->dst.plen)
234 NLA_PUT(skb, FRA_DST, sizeof(struct in6_addr),
235 &rule6->dst.addr);
236
237 if (rule6->src.plen)
238 NLA_PUT(skb, FRA_SRC, sizeof(struct in6_addr),
239 &rule6->src.addr);
240
Thomas Graf101367c2006-08-04 03:39:02 -0700[diff] [blame]241 return 0;
242
243nla_put_failure:
244 return -ENOBUFS;
245}
246
Thomas Graf101367c2006-08-04 03:39:02 -0700[diff] [blame]247static u32 fib6_rule_default_pref(void)
248{
249 return 0x3FFF;
250}
251
Thomas Graf339bf982006-11-10 14:10:15 -0800[diff] [blame]252static size_t fib6_rule_nlmsg_payload(struct fib_rule *rule)
253{
254 return nla_total_size(16) /* dst */
255 + nla_total_size(16); /* src */
256}
257
Thomas Graf101367c2006-08-04 03:39:02 -0700[diff] [blame]258static struct fib_rules_ops fib6_rules_ops = {
259 .family = AF_INET6,
260 .rule_size = sizeof(struct fib6_rule),
Thomas Grafe1701c62007-03-24 12:46:02 -0700[diff] [blame]261 .addr_size = sizeof(struct in6_addr),
Thomas Graf101367c2006-08-04 03:39:02 -0700[diff] [blame]262 .action = fib6_rule_action,
263 .match = fib6_rule_match,
264 .configure = fib6_rule_configure,
265 .compare = fib6_rule_compare,
266 .fill = fib6_rule_fill,
267 .default_pref = fib6_rule_default_pref,
Thomas Graf339bf982006-11-10 14:10:15 -0800[diff] [blame]268 .nlmsg_payload = fib6_rule_nlmsg_payload,
Thomas Graf101367c2006-08-04 03:39:02 -0700[diff] [blame]269 .nlgroup = RTNLGRP_IPV6_RULE,
270 .policy = fib6_rule_policy,
271 .rules_list = &fib6_rules,
272 .owner = THIS_MODULE,
273};
274
275void __init fib6_rules_init(void)
276{
277 list_add_tail(&local_rule.common.list, &fib6_rules);
278 list_add_tail(&main_rule.common.list, &fib6_rules);
279
280 fib_rules_register(&fib6_rules_ops);
281}
282
283void fib6_rules_cleanup(void)
284{
Thomas Graf101367c2006-08-04 03:39:02 -0700[diff] [blame]285 fib_rules_unregister(&fib6_rules_ops);
286}