fib_frontend.c revision 6ab3d5624e172c553004ecc862bfeac16d9d68b7 
1/*
2 * INET		An implementation of the TCP/IP protocol suite for the LINUX
3 *		operating system.  INET is implemented using the  BSD Socket
4 *		interface as the means of communication with the user level.
5 *
6 *		IPv4 Forwarding Information Base: FIB frontend.
7 *
8 * Version:	$Id: fib_frontend.c,v 1.26 2001/10/31 21:55:54 davem Exp $
9 *
10 * Authors:	Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru>
11 *
12 *		This program is free software; you can redistribute it and/or
13 *		modify it under the terms of the GNU General Public License
14 *		as published by the Free Software Foundation; either version
15 *		2 of the License, or (at your option) any later version.
16 */
17
18#include <linux/module.h>
19#include <asm/uaccess.h>
20#include <asm/system.h>
21#include <linux/bitops.h>
22#include <linux/capability.h>
23#include <linux/types.h>
24#include <linux/kernel.h>
25#include <linux/sched.h>
26#include <linux/mm.h>
27#include <linux/string.h>
28#include <linux/socket.h>
29#include <linux/sockios.h>
30#include <linux/errno.h>
31#include <linux/in.h>
32#include <linux/inet.h>
33#include <linux/inetdevice.h>
34#include <linux/netdevice.h>
35#include <linux/if_arp.h>
36#include <linux/skbuff.h>
37#include <linux/netlink.h>
38#include <linux/init.h>
39
40#include <net/ip.h>
41#include <net/protocol.h>
42#include <net/route.h>
43#include <net/tcp.h>
44#include <net/sock.h>
45#include <net/icmp.h>
46#include <net/arp.h>
47#include <net/ip_fib.h>
48
49#define FFprint(a...) printk(KERN_DEBUG a)
50
51#ifndef CONFIG_IP_MULTIPLE_TABLES
52
53#define RT_TABLE_MIN RT_TABLE_MAIN
54
55struct fib_table *ip_fib_local_table;
56struct fib_table *ip_fib_main_table;
57
58#else
59
60#define RT_TABLE_MIN 1
61
62struct fib_table *fib_tables[RT_TABLE_MAX+1];
63
64struct fib_table *__fib_new_table(int id)
65{
66	struct fib_table *tb;
67
68	tb = fib_hash_init(id);
69	if (!tb)
70		return NULL;
71	fib_tables[id] = tb;
72	return tb;
73}
74
75
76#endif /* CONFIG_IP_MULTIPLE_TABLES */
77
78
79static void fib_flush(void)
80{
81	int flushed = 0;
82#ifdef CONFIG_IP_MULTIPLE_TABLES
83	struct fib_table *tb;
84	int id;
85
86	for (id = RT_TABLE_MAX; id>0; id--) {
87		if ((tb = fib_get_table(id))==NULL)
88			continue;
89		flushed += tb->tb_flush(tb);
90	}
91#else /* CONFIG_IP_MULTIPLE_TABLES */
92	flushed += ip_fib_main_table->tb_flush(ip_fib_main_table);
93	flushed += ip_fib_local_table->tb_flush(ip_fib_local_table);
94#endif /* CONFIG_IP_MULTIPLE_TABLES */
95
96	if (flushed)
97		rt_cache_flush(-1);
98}
99
100/*
101 *	Find the first device with a given source address.
102 */
103
104struct net_device * ip_dev_find(u32 addr)
105{
106	struct flowi fl = { .nl_u = { .ip4_u = { .daddr = addr } } };
107	struct fib_result res;
108	struct net_device *dev = NULL;
109
110#ifdef CONFIG_IP_MULTIPLE_TABLES
111	res.r = NULL;
112#endif
113
114	if (!ip_fib_local_table ||
115	    ip_fib_local_table->tb_lookup(ip_fib_local_table, &fl, &res))
116		return NULL;
117	if (res.type != RTN_LOCAL)
118		goto out;
119	dev = FIB_RES_DEV(res);
120
121	if (dev)
122		dev_hold(dev);
123out:
124	fib_res_put(&res);
125	return dev;
126}
127
128unsigned inet_addr_type(u32 addr)
129{
130	struct flowi		fl = { .nl_u = { .ip4_u = { .daddr = addr } } };
131	struct fib_result	res;
132	unsigned ret = RTN_BROADCAST;
133
134	if (ZERONET(addr) || BADCLASS(addr))
135		return RTN_BROADCAST;
136	if (MULTICAST(addr))
137		return RTN_MULTICAST;
138
139#ifdef CONFIG_IP_MULTIPLE_TABLES
140	res.r = NULL;
141#endif
142
143	if (ip_fib_local_table) {
144		ret = RTN_UNICAST;
145		if (!ip_fib_local_table->tb_lookup(ip_fib_local_table,
146						   &fl, &res)) {
147			ret = res.type;
148			fib_res_put(&res);
149		}
150	}
151	return ret;
152}
153
154/* Given (packet source, input interface) and optional (dst, oif, tos):
155   - (main) check, that source is valid i.e. not broadcast or our local
156     address.
157   - figure out what "logical" interface this packet arrived
158     and calculate "specific destination" address.
159   - check, that packet arrived from expected physical interface.
160 */
161
162int fib_validate_source(u32 src, u32 dst, u8 tos, int oif,
163			struct net_device *dev, u32 *spec_dst, u32 *itag)
164{
165	struct in_device *in_dev;
166	struct flowi fl = { .nl_u = { .ip4_u =
167				      { .daddr = src,
168					.saddr = dst,
169					.tos = tos } },
170			    .iif = oif };
171	struct fib_result res;
172	int no_addr, rpf;
173	int ret;
174
175	no_addr = rpf = 0;
176	rcu_read_lock();
177	in_dev = __in_dev_get_rcu(dev);
178	if (in_dev) {
179		no_addr = in_dev->ifa_list == NULL;
180		rpf = IN_DEV_RPFILTER(in_dev);
181	}
182	rcu_read_unlock();
183
184	if (in_dev == NULL)
185		goto e_inval;
186
187	if (fib_lookup(&fl, &res))
188		goto last_resort;
189	if (res.type != RTN_UNICAST)
190		goto e_inval_res;
191	*spec_dst = FIB_RES_PREFSRC(res);
192	fib_combine_itag(itag, &res);
193#ifdef CONFIG_IP_ROUTE_MULTIPATH
194	if (FIB_RES_DEV(res) == dev || res.fi->fib_nhs > 1)
195#else
196	if (FIB_RES_DEV(res) == dev)
197#endif
198	{
199		ret = FIB_RES_NH(res).nh_scope >= RT_SCOPE_HOST;
200		fib_res_put(&res);
201		return ret;
202	}
203	fib_res_put(&res);
204	if (no_addr)
205		goto last_resort;
206	if (rpf)
207		goto e_inval;
208	fl.oif = dev->ifindex;
209
210	ret = 0;
211	if (fib_lookup(&fl, &res) == 0) {
212		if (res.type == RTN_UNICAST) {
213			*spec_dst = FIB_RES_PREFSRC(res);
214			ret = FIB_RES_NH(res).nh_scope >= RT_SCOPE_HOST;
215		}
216		fib_res_put(&res);
217	}
218	return ret;
219
220last_resort:
221	if (rpf)
222		goto e_inval;
223	*spec_dst = inet_select_addr(dev, 0, RT_SCOPE_UNIVERSE);
224	*itag = 0;
225	return 0;
226
227e_inval_res:
228	fib_res_put(&res);
229e_inval:
230	return -EINVAL;
231}
232
233#ifndef CONFIG_IP_NOSIOCRT
234
235/*
236 *	Handle IP routing ioctl calls. These are used to manipulate the routing tables
237 */
238
239int ip_rt_ioctl(unsigned int cmd, void __user *arg)
240{
241	int err;
242	struct kern_rta rta;
243	struct rtentry  r;
244	struct {
245		struct nlmsghdr nlh;
246		struct rtmsg	rtm;
247	} req;
248
249	switch (cmd) {
250	case SIOCADDRT:		/* Add a route */
251	case SIOCDELRT:		/* Delete a route */
252		if (!capable(CAP_NET_ADMIN))
253			return -EPERM;
254		if (copy_from_user(&r, arg, sizeof(struct rtentry)))
255			return -EFAULT;
256		rtnl_lock();
257		err = fib_convert_rtentry(cmd, &req.nlh, &req.rtm, &rta, &r);
258		if (err == 0) {
259			if (cmd == SIOCDELRT) {
260				struct fib_table *tb = fib_get_table(req.rtm.rtm_table);
261				err = -ESRCH;
262				if (tb)
263					err = tb->tb_delete(tb, &req.rtm, &rta, &req.nlh, NULL);
264			} else {
265				struct fib_table *tb = fib_new_table(req.rtm.rtm_table);
266				err = -ENOBUFS;
267				if (tb)
268					err = tb->tb_insert(tb, &req.rtm, &rta, &req.nlh, NULL);
269			}
270			kfree(rta.rta_mx);
271		}
272		rtnl_unlock();
273		return err;
274	}
275	return -EINVAL;
276}
277
278#else
279
280int ip_rt_ioctl(unsigned int cmd, void *arg)
281{
282	return -EINVAL;
283}
284
285#endif
286
287static int inet_check_attr(struct rtmsg *r, struct rtattr **rta)
288{
289	int i;
290
291	for (i=1; i<=RTA_MAX; i++, rta++) {
292		struct rtattr *attr = *rta;
293		if (attr) {
294			if (RTA_PAYLOAD(attr) < 4)
295				return -EINVAL;
296			if (i != RTA_MULTIPATH && i != RTA_METRICS)
297				*rta = (struct rtattr*)RTA_DATA(attr);
298		}
299	}
300	return 0;
301}
302
303int inet_rtm_delroute(struct sk_buff *skb, struct nlmsghdr* nlh, void *arg)
304{
305	struct fib_table * tb;
306	struct rtattr **rta = arg;
307	struct rtmsg *r = NLMSG_DATA(nlh);
308
309	if (inet_check_attr(r, rta))
310		return -EINVAL;
311
312	tb = fib_get_table(r->rtm_table);
313	if (tb)
314		return tb->tb_delete(tb, r, (struct kern_rta*)rta, nlh, &NETLINK_CB(skb));
315	return -ESRCH;
316}
317
318int inet_rtm_newroute(struct sk_buff *skb, struct nlmsghdr* nlh, void *arg)
319{
320	struct fib_table * tb;
321	struct rtattr **rta = arg;
322	struct rtmsg *r = NLMSG_DATA(nlh);
323
324	if (inet_check_attr(r, rta))
325		return -EINVAL;
326
327	tb = fib_new_table(r->rtm_table);
328	if (tb)
329		return tb->tb_insert(tb, r, (struct kern_rta*)rta, nlh, &NETLINK_CB(skb));
330	return -ENOBUFS;
331}
332
333int inet_dump_fib(struct sk_buff *skb, struct netlink_callback *cb)
334{
335	int t;
336	int s_t;
337	struct fib_table *tb;
338
339	if (NLMSG_PAYLOAD(cb->nlh, 0) >= sizeof(struct rtmsg) &&
340	    ((struct rtmsg*)NLMSG_DATA(cb->nlh))->rtm_flags&RTM_F_CLONED)
341		return ip_rt_dump(skb, cb);
342
343	s_t = cb->args[0];
344	if (s_t == 0)
345		s_t = cb->args[0] = RT_TABLE_MIN;
346
347	for (t=s_t; t<=RT_TABLE_MAX; t++) {
348		if (t < s_t) continue;
349		if (t > s_t)
350			memset(&cb->args[1], 0, sizeof(cb->args)-sizeof(cb->args[0]));
351		if ((tb = fib_get_table(t))==NULL)
352			continue;
353		if (tb->tb_dump(tb, skb, cb) < 0)
354			break;
355	}
356
357	cb->args[0] = t;
358
359	return skb->len;
360}
361
362/* Prepare and feed intra-kernel routing request.
363   Really, it should be netlink message, but :-( netlink
364   can be not configured, so that we feed it directly
365   to fib engine. It is legal, because all events occur
366   only when netlink is already locked.
367 */
368
369static void fib_magic(int cmd, int type, u32 dst, int dst_len, struct in_ifaddr *ifa)
370{
371	struct fib_table * tb;
372	struct {
373		struct nlmsghdr	nlh;
374		struct rtmsg	rtm;
375	} req;
376	struct kern_rta rta;
377
378	memset(&req.rtm, 0, sizeof(req.rtm));
379	memset(&rta, 0, sizeof(rta));
380
381	if (type == RTN_UNICAST)
382		tb = fib_new_table(RT_TABLE_MAIN);
383	else
384		tb = fib_new_table(RT_TABLE_LOCAL);
385
386	if (tb == NULL)
387		return;
388
389	req.nlh.nlmsg_len = sizeof(req);
390	req.nlh.nlmsg_type = cmd;
391	req.nlh.nlmsg_flags = NLM_F_REQUEST|NLM_F_CREATE|NLM_F_APPEND;
392	req.nlh.nlmsg_pid = 0;
393	req.nlh.nlmsg_seq = 0;
394
395	req.rtm.rtm_dst_len = dst_len;
396	req.rtm.rtm_table = tb->tb_id;
397	req.rtm.rtm_protocol = RTPROT_KERNEL;
398	req.rtm.rtm_scope = (type != RTN_LOCAL ? RT_SCOPE_LINK : RT_SCOPE_HOST);
399	req.rtm.rtm_type = type;
400
401	rta.rta_dst = &dst;
402	rta.rta_prefsrc = &ifa->ifa_local;
403	rta.rta_oif = &ifa->ifa_dev->dev->ifindex;
404
405	if (cmd == RTM_NEWROUTE)
406		tb->tb_insert(tb, &req.rtm, &rta, &req.nlh, NULL);
407	else
408		tb->tb_delete(tb, &req.rtm, &rta, &req.nlh, NULL);
409}
410
411void fib_add_ifaddr(struct in_ifaddr *ifa)
412{
413	struct in_device *in_dev = ifa->ifa_dev;
414	struct net_device *dev = in_dev->dev;
415	struct in_ifaddr *prim = ifa;
416	u32 mask = ifa->ifa_mask;
417	u32 addr = ifa->ifa_local;
418	u32 prefix = ifa->ifa_address&mask;
419
420	if (ifa->ifa_flags&IFA_F_SECONDARY) {
421		prim = inet_ifa_byprefix(in_dev, prefix, mask);
422		if (prim == NULL) {
423			printk(KERN_DEBUG "fib_add_ifaddr: bug: prim == NULL\n");
424			return;
425		}
426	}
427
428	fib_magic(RTM_NEWROUTE, RTN_LOCAL, addr, 32, prim);
429
430	if (!(dev->flags&IFF_UP))
431		return;
432
433	/* Add broadcast address, if it is explicitly assigned. */
434	if (ifa->ifa_broadcast && ifa->ifa_broadcast != 0xFFFFFFFF)
435		fib_magic(RTM_NEWROUTE, RTN_BROADCAST, ifa->ifa_broadcast, 32, prim);
436
437	if (!ZERONET(prefix) && !(ifa->ifa_flags&IFA_F_SECONDARY) &&
438	    (prefix != addr || ifa->ifa_prefixlen < 32)) {
439		fib_magic(RTM_NEWROUTE, dev->flags&IFF_LOOPBACK ? RTN_LOCAL :
440			  RTN_UNICAST, prefix, ifa->ifa_prefixlen, prim);
441
442		/* Add network specific broadcasts, when it takes a sense */
443		if (ifa->ifa_prefixlen < 31) {
444			fib_magic(RTM_NEWROUTE, RTN_BROADCAST, prefix, 32, prim);
445			fib_magic(RTM_NEWROUTE, RTN_BROADCAST, prefix|~mask, 32, prim);
446		}
447	}
448}
449
450static void fib_del_ifaddr(struct in_ifaddr *ifa)
451{
452	struct in_device *in_dev = ifa->ifa_dev;
453	struct net_device *dev = in_dev->dev;
454	struct in_ifaddr *ifa1;
455	struct in_ifaddr *prim = ifa;
456	u32 brd = ifa->ifa_address|~ifa->ifa_mask;
457	u32 any = ifa->ifa_address&ifa->ifa_mask;
458#define LOCAL_OK	1
459#define BRD_OK		2
460#define BRD0_OK		4
461#define BRD1_OK		8
462	unsigned ok = 0;
463
464	if (!(ifa->ifa_flags&IFA_F_SECONDARY))
465		fib_magic(RTM_DELROUTE, dev->flags&IFF_LOOPBACK ? RTN_LOCAL :
466			  RTN_UNICAST, any, ifa->ifa_prefixlen, prim);
467	else {
468		prim = inet_ifa_byprefix(in_dev, any, ifa->ifa_mask);
469		if (prim == NULL) {
470			printk(KERN_DEBUG "fib_del_ifaddr: bug: prim == NULL\n");
471			return;
472		}
473	}
474
475	/* Deletion is more complicated than add.
476	   We should take care of not to delete too much :-)
477
478	   Scan address list to be sure that addresses are really gone.
479	 */
480
481	for (ifa1 = in_dev->ifa_list; ifa1; ifa1 = ifa1->ifa_next) {
482		if (ifa->ifa_local == ifa1->ifa_local)
483			ok |= LOCAL_OK;
484		if (ifa->ifa_broadcast == ifa1->ifa_broadcast)
485			ok |= BRD_OK;
486		if (brd == ifa1->ifa_broadcast)
487			ok |= BRD1_OK;
488		if (any == ifa1->ifa_broadcast)
489			ok |= BRD0_OK;
490	}
491
492	if (!(ok&BRD_OK))
493		fib_magic(RTM_DELROUTE, RTN_BROADCAST, ifa->ifa_broadcast, 32, prim);
494	if (!(ok&BRD1_OK))
495		fib_magic(RTM_DELROUTE, RTN_BROADCAST, brd, 32, prim);
496	if (!(ok&BRD0_OK))
497		fib_magic(RTM_DELROUTE, RTN_BROADCAST, any, 32, prim);
498	if (!(ok&LOCAL_OK)) {
499		fib_magic(RTM_DELROUTE, RTN_LOCAL, ifa->ifa_local, 32, prim);
500
501		/* Check, that this local address finally disappeared. */
502		if (inet_addr_type(ifa->ifa_local) != RTN_LOCAL) {
503			/* And the last, but not the least thing.
504			   We must flush stray FIB entries.
505
506			   First of all, we scan fib_info list searching
507			   for stray nexthop entries, then ignite fib_flush.
508			*/
509			if (fib_sync_down(ifa->ifa_local, NULL, 0))
510				fib_flush();
511		}
512	}
513#undef LOCAL_OK
514#undef BRD_OK
515#undef BRD0_OK
516#undef BRD1_OK
517}
518
519static void nl_fib_lookup(struct fib_result_nl *frn, struct fib_table *tb )
520{
521
522	struct fib_result       res;
523	struct flowi            fl = { .nl_u = { .ip4_u = { .daddr = frn->fl_addr,
524							    .fwmark = frn->fl_fwmark,
525							    .tos = frn->fl_tos,
526							    .scope = frn->fl_scope } } };
527	if (tb) {
528		local_bh_disable();
529
530		frn->tb_id = tb->tb_id;
531		frn->err = tb->tb_lookup(tb, &fl, &res);
532
533		if (!frn->err) {
534			frn->prefixlen = res.prefixlen;
535			frn->nh_sel = res.nh_sel;
536			frn->type = res.type;
537			frn->scope = res.scope;
538		}
539		local_bh_enable();
540	}
541}
542
543static void nl_fib_input(struct sock *sk, int len)
544{
545	struct sk_buff *skb = NULL;
546        struct nlmsghdr *nlh = NULL;
547	struct fib_result_nl *frn;
548	u32 pid;
549	struct fib_table *tb;
550
551	skb = skb_dequeue(&sk->sk_receive_queue);
552	nlh = (struct nlmsghdr *)skb->data;
553	if (skb->len < NLMSG_SPACE(0) || skb->len < nlh->nlmsg_len ||
554	    nlh->nlmsg_len < NLMSG_LENGTH(sizeof(*frn))) {
555		kfree_skb(skb);
556		return;
557	}
558
559	frn = (struct fib_result_nl *) NLMSG_DATA(nlh);
560	tb = fib_get_table(frn->tb_id_in);
561
562	nl_fib_lookup(frn, tb);
563
564	pid = nlh->nlmsg_pid;           /*pid of sending process */
565	NETLINK_CB(skb).pid = 0;         /* from kernel */
566	NETLINK_CB(skb).dst_pid = pid;
567	NETLINK_CB(skb).dst_group = 0;  /* unicast */
568	netlink_unicast(sk, skb, pid, MSG_DONTWAIT);
569}
570
571static void nl_fib_lookup_init(void)
572{
573      netlink_kernel_create(NETLINK_FIB_LOOKUP, 0, nl_fib_input, THIS_MODULE);
574}
575
576static void fib_disable_ip(struct net_device *dev, int force)
577{
578	if (fib_sync_down(0, dev, force))
579		fib_flush();
580	rt_cache_flush(0);
581	arp_ifdown(dev);
582}
583
584static int fib_inetaddr_event(struct notifier_block *this, unsigned long event, void *ptr)
585{
586	struct in_ifaddr *ifa = (struct in_ifaddr*)ptr;
587
588	switch (event) {
589	case NETDEV_UP:
590		fib_add_ifaddr(ifa);
591#ifdef CONFIG_IP_ROUTE_MULTIPATH
592		fib_sync_up(ifa->ifa_dev->dev);
593#endif
594		rt_cache_flush(-1);
595		break;
596	case NETDEV_DOWN:
597		fib_del_ifaddr(ifa);
598		if (ifa->ifa_dev->ifa_list == NULL) {
599			/* Last address was deleted from this interface.
600			   Disable IP.
601			 */
602			fib_disable_ip(ifa->ifa_dev->dev, 1);
603		} else {
604			rt_cache_flush(-1);
605		}
606		break;
607	}
608	return NOTIFY_DONE;
609}
610
611static int fib_netdev_event(struct notifier_block *this, unsigned long event, void *ptr)
612{
613	struct net_device *dev = ptr;
614	struct in_device *in_dev = __in_dev_get_rtnl(dev);
615
616	if (event == NETDEV_UNREGISTER) {
617		fib_disable_ip(dev, 2);
618		return NOTIFY_DONE;
619	}
620
621	if (!in_dev)
622		return NOTIFY_DONE;
623
624	switch (event) {
625	case NETDEV_UP:
626		for_ifa(in_dev) {
627			fib_add_ifaddr(ifa);
628		} endfor_ifa(in_dev);
629#ifdef CONFIG_IP_ROUTE_MULTIPATH
630		fib_sync_up(dev);
631#endif
632		rt_cache_flush(-1);
633		break;
634	case NETDEV_DOWN:
635		fib_disable_ip(dev, 0);
636		break;
637	case NETDEV_CHANGEMTU:
638	case NETDEV_CHANGE:
639		rt_cache_flush(0);
640		break;
641	}
642	return NOTIFY_DONE;
643}
644
645static struct notifier_block fib_inetaddr_notifier = {
646	.notifier_call =fib_inetaddr_event,
647};
648
649static struct notifier_block fib_netdev_notifier = {
650	.notifier_call =fib_netdev_event,
651};
652
653void __init ip_fib_init(void)
654{
655#ifndef CONFIG_IP_MULTIPLE_TABLES
656	ip_fib_local_table = fib_hash_init(RT_TABLE_LOCAL);
657	ip_fib_main_table  = fib_hash_init(RT_TABLE_MAIN);
658#else
659	fib_rules_init();
660#endif
661
662	register_netdevice_notifier(&fib_netdev_notifier);
663	register_inetaddr_notifier(&fib_inetaddr_notifier);
664	nl_fib_lookup_init();
665}
666
667EXPORT_SYMBOL(inet_addr_type);
668EXPORT_SYMBOL(ip_dev_find);
669