__FR_ACT_MAX,
};
---- a/include/uapi/linux/icmpv6.h
-+++ b/include/uapi/linux/icmpv6.h
-@@ -115,6 +115,7 @@ struct icmp6hdr {
- #define ICMPV6_NOT_NEIGHBOUR 2
- #define ICMPV6_ADDR_UNREACH 3
- #define ICMPV6_PORT_UNREACH 4
-+#define ICMPV6_FAILED_POLICY 5
-
- /*
- * Codes for Time Exceeded
--- a/include/uapi/linux/rtnetlink.h
+++ b/include/uapi/linux/rtnetlink.h
@@ -203,6 +203,7 @@ enum {
static void rt_fibinfo_free(struct rtable __rcu **rtp)
--- a/net/ipv4/fib_trie.c
+++ b/net/ipv4/fib_trie.c
-@@ -2334,6 +2334,7 @@ static const char *const rtn_type_names[
+@@ -2331,6 +2331,7 @@ static const char *const rtn_type_names[
[RTN_THROW] = "THROW",
[RTN_NAT] = "NAT",
[RTN_XRESOLVE] = "XRESOLVE",
return -EINVAL;
--- a/net/ipv6/route.c
+++ b/net/ipv6/route.c
-@@ -245,6 +245,24 @@ static const struct rt6_info ip6_prohibi
+@@ -251,6 +251,24 @@ static const struct rt6_info ip6_prohibi
.rt6i_ref = ATOMIC_INIT(1),
};
static const struct rt6_info ip6_blk_hole_entry_template = {
.dst = {
.__refcnt = ATOMIC_INIT(1),
-@@ -1459,6 +1477,9 @@ int ip6_route_add(struct fib6_config *cf
+@@ -1505,6 +1523,9 @@ int ip6_route_add(struct fib6_config *cf
case RTN_THROW:
rt->dst.error = -EAGAIN;
break;
default:
rt->dst.error = -ENETUNREACH;
break;
-@@ -2035,6 +2056,17 @@ static int ip6_pkt_prohibit_out(struct s
+@@ -2084,6 +2105,17 @@ static int ip6_pkt_prohibit_out(struct s
return ip6_pkt_drop(skb, ICMPV6_ADM_PROHIBITED, IPSTATS_MIB_OUTNOROUTES);
}
+static int ip6_pkt_failed_policy(struct sk_buff *skb)
+{
-+ return ip6_pkt_drop(skb, ICMPV6_FAILED_POLICY, IPSTATS_MIB_INNOROUTES);
++ return ip6_pkt_drop(skb, ICMPV6_POLICY_FAIL, IPSTATS_MIB_INNOROUTES);
+}
+
+static int ip6_pkt_failed_policy_out(struct sk_buff *skb)
+{
+ skb->dev = skb_dst(skb)->dev;
-+ return ip6_pkt_drop(skb, ICMPV6_FAILED_POLICY, IPSTATS_MIB_OUTNOROUTES);
++ return ip6_pkt_drop(skb, ICMPV6_POLICY_FAIL, IPSTATS_MIB_OUTNOROUTES);
+}
+
#endif
/*
-@@ -2240,7 +2272,8 @@ static int rtm_to_fib6_config(struct sk_
+@@ -2290,7 +2322,8 @@ static int rtm_to_fib6_config(struct sk_
if (rtm->rtm_type == RTN_UNREACHABLE ||
rtm->rtm_type == RTN_BLACKHOLE ||
rtm->rtm_type == RTN_PROHIBIT ||
cfg->fc_flags |= RTF_REJECT;
if (rtm->rtm_type == RTN_LOCAL)
-@@ -2442,6 +2475,9 @@ static int rt6_fill_node(struct net *net
+@@ -2492,6 +2525,9 @@ static int rt6_fill_node(struct net *net
case -EACCES:
rtm->rtm_type = RTN_PROHIBIT;
break;
case -EAGAIN:
rtm->rtm_type = RTN_THROW;
break;
-@@ -2692,6 +2728,8 @@ static int ip6_route_dev_notify(struct n
+@@ -2742,6 +2778,8 @@ static int ip6_route_dev_notify(struct n
#ifdef CONFIG_IPV6_MULTIPLE_TABLES
net->ipv6.ip6_prohibit_entry->dst.dev = dev;
net->ipv6.ip6_prohibit_entry->rt6i_idev = in6_dev_get(dev);
net->ipv6.ip6_blk_hole_entry->dst.dev = dev;
net->ipv6.ip6_blk_hole_entry->rt6i_idev = in6_dev_get(dev);
#endif
-@@ -2952,6 +2990,17 @@ static int __net_init ip6_route_net_init
+@@ -3002,6 +3040,17 @@ static int __net_init ip6_route_net_init
net->ipv6.ip6_blk_hole_entry->dst.ops = &net->ipv6.ip6_dst_ops;
dst_init_metrics(&net->ipv6.ip6_blk_hole_entry->dst,
ip6_template_metrics, true);
#endif
net->ipv6.sysctl.flush_delay = 0;
-@@ -2970,6 +3019,8 @@ out:
+@@ -3020,6 +3069,8 @@ out:
return ret;
#ifdef CONFIG_IPV6_MULTIPLE_TABLES
out_ip6_prohibit_entry:
kfree(net->ipv6.ip6_prohibit_entry);
out_ip6_null_entry:
-@@ -2987,6 +3038,7 @@ static void __net_exit ip6_route_net_exi
+@@ -3037,6 +3088,7 @@ static void __net_exit ip6_route_net_exi
#ifdef CONFIG_IPV6_MULTIPLE_TABLES
kfree(net->ipv6.ip6_prohibit_entry);
kfree(net->ipv6.ip6_blk_hole_entry);
#endif
dst_entries_destroy(&net->ipv6.ip6_dst_ops);
}
-@@ -3083,6 +3135,9 @@ int __init ip6_route_init(void)
+@@ -3133,6 +3185,9 @@ int __init ip6_route_init(void)
init_net.ipv6.ip6_prohibit_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev);
init_net.ipv6.ip6_blk_hole_entry->dst.dev = init_net.loopback_dev;
init_net.ipv6.ip6_blk_hole_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev);