LXR linux/net/ipv4/ipip.c

   1/*
   2 *      Linux NET3:     IP/IP protocol decoder.
   3 *
   4 *      Authors:
   5 *              Sam Lantinga (slouken@cs.ucdavis.edu)  02/01/95
   6 *
   7 *      Fixes:
   8 *              Alan Cox        :       Merged and made usable non modular (its so tiny its silly as
   9 *                                      a module taking up 2 pages).
  10 *              Alan Cox        :       Fixed bug with 1.3.18 and IPIP not working (now needs to set skb->h.iph)
  11 *                                      to keep ip_forward happy.
  12 *              Alan Cox        :       More fixes for 1.3.21, and firewall fix. Maybe this will work soon 8).
  13 *              Kai Schulte     :       Fixed #defines for IP_FIREWALL->FIREWALL
  14 *              David Woodhouse :       Perform some basic ICMP handling.
  15 *                                      IPIP Routing without decapsulation.
  16 *              Carlos Picoto   :       GRE over IP support
  17 *              Alexey Kuznetsov:       Reworked. Really, now it is truncated version of ipv4/ip_gre.c.
  18 *                                      I do not want to merge them together.
  19 *
  20 *      This program is free software; you can redistribute it and/or
  21 *      modify it under the terms of the GNU General Public License
  22 *      as published by the Free Software Foundation; either version
  23 *      2 of the License, or (at your option) any later version.
  24 *
  25 */
  26
  27/* tunnel.c: an IP tunnel driver
  28
  29        The purpose of this driver is to provide an IP tunnel through
  30        which you can tunnel network traffic transparently across subnets.
  31
  32        This was written by looking at Nick Holloway's dummy driver
  33        Thanks for the great code!
  34
  35                -Sam Lantinga   (slouken@cs.ucdavis.edu)  02/01/95
  36
  37        Minor tweaks:
  38                Cleaned up the code a little and added some pre-1.3.0 tweaks.
  39                dev->hard_header/hard_header_len changed to use no headers.
  40                Comments/bracketing tweaked.
  41                Made the tunnels use dev->name not tunnel: when error reporting.
  42                Added tx_dropped stat
  43
  44                -Alan Cox       (alan@lxorguk.ukuu.org.uk) 21 March 95
  45
  46        Reworked:
  47                Changed to tunnel to destination gateway in addition to the
  48                        tunnel's pointopoint address
  49                Almost completely rewritten
  50                Note:  There is currently no firewall or ICMP handling done.
  51
  52                -Sam Lantinga   (slouken@cs.ucdavis.edu) 02/13/96
  53
  54*/
  55
  56/* Things I wish I had known when writing the tunnel driver:
  57
  58        When the tunnel_xmit() function is called, the skb contains the
  59        packet to be sent (plus a great deal of extra info), and dev
  60        contains the tunnel device that _we_ are.
  61
  62        When we are passed a packet, we are expected to fill in the
  63        source address with our source IP address.
  64
  65        What is the proper way to allocate, copy and free a buffer?
  66        After you allocate it, it is a "0 length" chunk of memory
  67        starting at zero.  If you want to add headers to the buffer
  68        later, you'll have to call "skb_reserve(skb, amount)" with
  69        the amount of memory you want reserved.  Then, you call
  70        "skb_put(skb, amount)" with the amount of space you want in
  71        the buffer.  skb_put() returns a pointer to the top (#0) of
  72        that buffer.  skb->len is set to the amount of space you have
  73        "allocated" with skb_put().  You can then write up to skb->len
  74        bytes to that buffer.  If you need more, you can call skb_put()
  75        again with the additional amount of space you need.  You can
  76        find out how much more space you can allocate by calling
  77        "skb_tailroom(skb)".
  78        Now, to add header space, call "skb_push(skb, header_len)".
  79        This creates space at the beginning of the buffer and returns
  80        a pointer to this new space.  If later you need to strip a
  81        header from a buffer, call "skb_pull(skb, header_len)".
  82        skb_headroom() will return how much space is left at the top
  83        of the buffer (before the main data).  Remember, this headroom
  84        space must be reserved before the skb_put() function is called.
  85        */
  86
  87/*
  88   This version of net/ipv4/ipip.c is cloned of net/ipv4/ip_gre.c
  89
  90   For comments look at net/ipv4/ip_gre.c --ANK
  91 */
  92
  93
  94#include <linux/capability.h>
  95#include <linux/module.h>
  96#include <linux/types.h>
  97#include <linux/kernel.h>
  98#include <asm/uaccess.h>
  99#include <linux/skbuff.h>
 100#include <linux/netdevice.h>
 101#include <linux/in.h>
 102#include <linux/tcp.h>
 103#include <linux/udp.h>
 104#include <linux/if_arp.h>
 105#include <linux/mroute.h>
 106#include <linux/init.h>
 107#include <linux/netfilter_ipv4.h>
 108#include <linux/if_ether.h>
 109
 110#include <net/sock.h>
 111#include <net/ip.h>
 112#include <net/icmp.h>
 113#include <net/ipip.h>
 114#include <net/inet_ecn.h>
 115#include <net/xfrm.h>
 116#include <net/net_namespace.h>
 117#include <net/netns/generic.h>
 118
 119#define HASH_SIZE  16
 120#define HASH(addr) (((__force u32)addr^((__force u32)addr>>4))&0xF)
 121
 122static int ipip_net_id;
 123struct ipip_net {
 124        struct ip_tunnel *tunnels_r_l[HASH_SIZE];
 125        struct ip_tunnel *tunnels_r[HASH_SIZE];
 126        struct ip_tunnel *tunnels_l[HASH_SIZE];
 127        struct ip_tunnel *tunnels_wc[1];
 128        struct ip_tunnel **tunnels[4];
 129
 130        struct net_device *fb_tunnel_dev;
 131};
 132
 133static void ipip_fb_tunnel_init(struct net_device *dev);
 134static void ipip_tunnel_init(struct net_device *dev);
 135static void ipip_tunnel_setup(struct net_device *dev);
 136
 137static DEFINE_RWLOCK(ipip_lock);
 138
 139static struct ip_tunnel * ipip_tunnel_lookup(struct net *net,
 140                __be32 remote, __be32 local)
 141{
 142        unsigned h0 = HASH(remote);
 143        unsigned h1 = HASH(local);
 144        struct ip_tunnel *t;
 145        struct ipip_net *ipn = net_generic(net, ipip_net_id);
 146
 147        for (t = ipn->tunnels_r_l[h0^h1]; t; t = t->next) {
 148                if (local == t->parms.iph.saddr &&
 149                    remote == t->parms.iph.daddr && (t->dev->flags&IFF_UP))
 150                        return t;
 151        }
 152        for (t = ipn->tunnels_r[h0]; t; t = t->next) {
 153                if (remote == t->parms.iph.daddr && (t->dev->flags&IFF_UP))
 154                        return t;
 155        }
 156        for (t = ipn->tunnels_l[h1]; t; t = t->next) {
 157                if (local == t->parms.iph.saddr && (t->dev->flags&IFF_UP))
 158                        return t;
 159        }
 160        if ((t = ipn->tunnels_wc[0]) != NULL && (t->dev->flags&IFF_UP))
 161                return t;
 162        return NULL;
 163}
 164
 165static struct ip_tunnel **__ipip_bucket(struct ipip_net *ipn,
 166                struct ip_tunnel_parm *parms)
 167{
 168        __be32 remote = parms->iph.daddr;
 169        __be32 local = parms->iph.saddr;
 170        unsigned h = 0;
 171        int prio = 0;
 172
 173        if (remote) {
 174                prio |= 2;
 175                h ^= HASH(remote);
 176        }
 177        if (local) {
 178                prio |= 1;
 179                h ^= HASH(local);
 180        }
 181        return &ipn->tunnels[prio][h];
 182}
 183
 184static inline struct ip_tunnel **ipip_bucket(struct ipip_net *ipn,
 185                struct ip_tunnel *t)
 186{
 187        return __ipip_bucket(ipn, &t->parms);
 188}
 189
 190static void ipip_tunnel_unlink(struct ipip_net *ipn, struct ip_tunnel *t)
 191{
 192        struct ip_tunnel **tp;
 193
 194        for (tp = ipip_bucket(ipn, t); *tp; tp = &(*tp)->next) {
 195                if (t == *tp) {
 196                        write_lock_bh(&ipip_lock);
 197                        *tp = t->next;
 198                        write_unlock_bh(&ipip_lock);
 199                        break;
 200                }
 201        }
 202}
 203
 204static void ipip_tunnel_link(struct ipip_net *ipn, struct ip_tunnel *t)
 205{
 206        struct ip_tunnel **tp = ipip_bucket(ipn, t);
 207
 208        t->next = *tp;
 209        write_lock_bh(&ipip_lock);
 210        *tp = t;
 211        write_unlock_bh(&ipip_lock);
 212}
 213
 214static struct ip_tunnel * ipip_tunnel_locate(struct net *net,
 215                struct ip_tunnel_parm *parms, int create)
 216{
 217        __be32 remote = parms->iph.daddr;
 218        __be32 local = parms->iph.saddr;
 219        struct ip_tunnel *t, **tp, *nt;
 220        struct net_device *dev;
 221        char name[IFNAMSIZ];
 222        struct ipip_net *ipn = net_generic(net, ipip_net_id);
 223
 224        for (tp = __ipip_bucket(ipn, parms); (t = *tp) != NULL; tp = &t->next) {
 225                if (local == t->parms.iph.saddr && remote == t->parms.iph.daddr)
 226                        return t;
 227        }
 228        if (!create)
 229                return NULL;
 230
 231        if (parms->name[0])
 232                strlcpy(name, parms->name, IFNAMSIZ);
 233        else
 234                sprintf(name, "tunl%%d");
 235
 236        dev = alloc_netdev(sizeof(*t), name, ipip_tunnel_setup);
 237        if (dev == NULL)
 238                return NULL;
 239
 240        dev_net_set(dev, net);
 241
 242        if (strchr(name, '%')) {
 243                if (dev_alloc_name(dev, name) < 0)
 244                        goto failed_free;
 245        }
 246
 247        nt = netdev_priv(dev);
 248        nt->parms = *parms;
 249
 250        ipip_tunnel_init(dev);
 251
 252        if (register_netdevice(dev) < 0)
 253                goto failed_free;
 254
 255        dev_hold(dev);
 256        ipip_tunnel_link(ipn, nt);
 257        return nt;
 258
 259failed_free:
 260        free_netdev(dev);
 261        return NULL;
 262}
 263
 264static void ipip_tunnel_uninit(struct net_device *dev)
 265{
 266        struct net *net = dev_net(dev);
 267        struct ipip_net *ipn = net_generic(net, ipip_net_id);
 268
 269        if (dev == ipn->fb_tunnel_dev) {
 270                write_lock_bh(&ipip_lock);
 271                ipn->tunnels_wc[0] = NULL;
 272                write_unlock_bh(&ipip_lock);
 273        } else
 274                ipip_tunnel_unlink(ipn, netdev_priv(dev));
 275        dev_put(dev);
 276}
 277
 278static int ipip_err(struct sk_buff *skb, u32 info)
 279{
 280
 281/* All the routers (except for Linux) return only
 282   8 bytes of packet payload. It means, that precise relaying of
 283   ICMP in the real Internet is absolutely infeasible.
 284 */
 285        struct iphdr *iph = (struct iphdr *)skb->data;
 286        const int type = icmp_hdr(skb)->type;
 287        const int code = icmp_hdr(skb)->code;
 288        struct ip_tunnel *t;
 289        int err;
 290
 291        switch (type) {
 292        default:
 293        case ICMP_PARAMETERPROB:
 294                return 0;
 295
 296        case ICMP_DEST_UNREACH:
 297                switch (code) {
 298                case ICMP_SR_FAILED:
 299                case ICMP_PORT_UNREACH:
 300                        /* Impossible event. */
 301                        return 0;
 302                case ICMP_FRAG_NEEDED:
 303                        /* Soft state for pmtu is maintained by IP core. */
 304                        return 0;
 305                default:
 306                        /* All others are translated to HOST_UNREACH.
 307                           rfc2003 contains "deep thoughts" about NET_UNREACH,
 308                           I believe they are just ether pollution. --ANK
 309                         */
 310                        break;
 311                }
 312                break;
 313        case ICMP_TIME_EXCEEDED:
 314                if (code != ICMP_EXC_TTL)
 315                        return 0;
 316                break;
 317        }
 318
 319        err = -ENOENT;
 320
 321        read_lock(&ipip_lock);
 322        t = ipip_tunnel_lookup(dev_net(skb->dev), iph->daddr, iph->saddr);
 323        if (t == NULL || t->parms.iph.daddr == 0)
 324                goto out;
 325
 326        err = 0;
 327        if (t->parms.iph.ttl == 0 && type == ICMP_TIME_EXCEEDED)
 328                goto out;
 329
 330        if (time_before(jiffies, t->err_time + IPTUNNEL_ERR_TIMEO))
 331                t->err_count++;
 332        else
 333                t->err_count = 1;
 334        t->err_time = jiffies;
 335out:
 336        read_unlock(&ipip_lock);
 337        return err;
 338}
 339
 340static inline void ipip_ecn_decapsulate(const struct iphdr *outer_iph,
 341                                        struct sk_buff *skb)
 342{
 343        struct iphdr *inner_iph = ip_hdr(skb);
 344
 345        if (INET_ECN_is_ce(outer_iph->tos))
 346                IP_ECN_set_ce(inner_iph);
 347}
 348
 349static int ipip_rcv(struct sk_buff *skb)
 350{
 351        struct ip_tunnel *tunnel;
 352        const struct iphdr *iph = ip_hdr(skb);
 353
 354        read_lock(&ipip_lock);
 355        if ((tunnel = ipip_tunnel_lookup(dev_net(skb->dev),
 356                                        iph->saddr, iph->daddr)) != NULL) {
 357                if (!xfrm4_policy_check(NULL, XFRM_POLICY_IN, skb)) {
 358                        read_unlock(&ipip_lock);
 359                        kfree_skb(skb);
 360                        return 0;
 361                }
 362
 363                secpath_reset(skb);
 364
 365                skb->mac_header = skb->network_header;
 366                skb_reset_network_header(skb);
 367                skb->protocol = htons(ETH_P_IP);
 368                skb->pkt_type = PACKET_HOST;
 369
 370                tunnel->dev->stats.rx_packets++;
 371                tunnel->dev->stats.rx_bytes += skb->len;
 372                skb->dev = tunnel->dev;
 373                skb_dst_drop(skb);
 374                nf_reset(skb);
 375                ipip_ecn_decapsulate(iph, skb);
 376                netif_rx(skb);
 377                read_unlock(&ipip_lock);
 378                return 0;
 379        }
 380        read_unlock(&ipip_lock);
 381
 382        return -1;
 383}
 384
 385/*
 386 *      This function assumes it is being called from dev_queue_xmit()
 387 *      and that skb is filled properly by that function.
 388 */
 389
 390static netdev_tx_t ipip_tunnel_xmit(struct sk_buff *skb, struct net_device *dev)
 391{
 392        struct ip_tunnel *tunnel = netdev_priv(dev);
 393        struct net_device_stats *stats = &tunnel->dev->stats;
 394        struct iphdr  *tiph = &tunnel->parms.iph;
 395        u8     tos = tunnel->parms.iph.tos;
 396        __be16 df = tiph->frag_off;
 397        struct rtable *rt;                      /* Route to the other host */
 398        struct net_device *tdev;                        /* Device to other host */
 399        struct iphdr  *old_iph = ip_hdr(skb);
 400        struct iphdr  *iph;                     /* Our new IP header */
 401        unsigned int max_headroom;              /* The extra header space needed */
 402        __be32 dst = tiph->daddr;
 403        int    mtu;
 404
 405        if (skb->protocol != htons(ETH_P_IP))
 406                goto tx_error;
 407
 408        if (tos&1)
 409                tos = old_iph->tos;
 410
 411        if (!dst) {
 412                /* NBMA tunnel */
 413                if ((rt = skb_rtable(skb)) == NULL) {
 414                        stats->tx_fifo_errors++;
 415                        goto tx_error;
 416                }
 417                if ((dst = rt->rt_gateway) == 0)
 418                        goto tx_error_icmp;
 419        }
 420
 421        {
 422                struct flowi fl = { .oif = tunnel->parms.link,
 423                                    .nl_u = { .ip4_u =
 424                                              { .daddr = dst,
 425                                                .saddr = tiph->saddr,
 426                                                .tos = RT_TOS(tos) } },
 427                                    .proto = IPPROTO_IPIP };
 428                if (ip_route_output_key(dev_net(dev), &rt, &fl)) {
 429                        stats->tx_carrier_errors++;
 430                        goto tx_error_icmp;
 431                }
 432        }
 433        tdev = rt->u.dst.dev;
 434
 435        if (tdev == dev) {
 436                ip_rt_put(rt);
 437                stats->collisions++;
 438                goto tx_error;
 439        }
 440
 441        df |= old_iph->frag_off & htons(IP_DF);
 442
 443        if (df) {
 444                mtu = dst_mtu(&rt->u.dst) - sizeof(struct iphdr);
 445
 446                if (mtu < 68) {
 447                        stats->collisions++;
 448                        ip_rt_put(rt);
 449                        goto tx_error;
 450                }
 451
 452                if (skb_dst(skb))
 453                        skb_dst(skb)->ops->update_pmtu(skb_dst(skb), mtu);
 454
 455                if ((old_iph->frag_off & htons(IP_DF)) &&
 456                    mtu < ntohs(old_iph->tot_len)) {
 457                        icmp_send(skb, ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED,
 458                                  htonl(mtu));
 459                        ip_rt_put(rt);
 460                        goto tx_error;
 461                }
 462        }
 463
 464        if (tunnel->err_count > 0) {
 465                if (time_before(jiffies,
 466                                tunnel->err_time + IPTUNNEL_ERR_TIMEO)) {
 467                        tunnel->err_count--;
 468                        dst_link_failure(skb);
 469                } else
 470                        tunnel->err_count = 0;
 471        }
 472
 473        /*
 474         * Okay, now see if we can stuff it in the buffer as-is.
 475         */
 476        max_headroom = (LL_RESERVED_SPACE(tdev)+sizeof(struct iphdr));
 477
 478        if (skb_headroom(skb) < max_headroom || skb_shared(skb) ||
 479            (skb_cloned(skb) && !skb_clone_writable(skb, 0))) {
 480                struct sk_buff *new_skb = skb_realloc_headroom(skb, max_headroom);
 481                if (!new_skb) {
 482                        ip_rt_put(rt);
 483                        stats->tx_dropped++;
 484                        dev_kfree_skb(skb);
 485                        return NETDEV_TX_OK;
 486                }
 487                if (skb->sk)
 488                        skb_set_owner_w(new_skb, skb->sk);
 489                dev_kfree_skb(skb);
 490                skb = new_skb;
 491                old_iph = ip_hdr(skb);
 492        }
 493
 494        skb->transport_header = skb->network_header;
 495        skb_push(skb, sizeof(struct iphdr));
 496        skb_reset_network_header(skb);
 497        memset(&(IPCB(skb)->opt), 0, sizeof(IPCB(skb)->opt));
 498        IPCB(skb)->flags &= ~(IPSKB_XFRM_TUNNEL_SIZE | IPSKB_XFRM_TRANSFORMED |
 499                              IPSKB_REROUTED);
 500        skb_dst_drop(skb);
 501        skb_dst_set(skb, &rt->u.dst);
 502
 503        /*
 504         *      Push down and install the IPIP header.
 505         */
 506
 507        iph                     =       ip_hdr(skb);
 508        iph->version            =       4;
 509        iph->ihl                =       sizeof(struct iphdr)>>2;
 510        iph->frag_off           =       df;
 511        iph->protocol           =       IPPROTO_IPIP;
 512        iph->tos                =       INET_ECN_encapsulate(tos, old_iph->tos);
 513        iph->daddr              =       rt->rt_dst;
 514        iph->saddr              =       rt->rt_src;
 515
 516        if ((iph->ttl = tiph->ttl) == 0)
 517                iph->ttl        =       old_iph->ttl;
 518
 519        nf_reset(skb);
 520
 521        IPTUNNEL_XMIT();
 522        return NETDEV_TX_OK;
 523
 524tx_error_icmp:
 525        dst_link_failure(skb);
 526tx_error:
 527        stats->tx_errors++;
 528        dev_kfree_skb(skb);
 529        return NETDEV_TX_OK;
 530}
 531
 532static void ipip_tunnel_bind_dev(struct net_device *dev)
 533{
 534        struct net_device *tdev = NULL;
 535        struct ip_tunnel *tunnel;
 536        struct iphdr *iph;
 537
 538        tunnel = netdev_priv(dev);
 539        iph = &tunnel->parms.iph;
 540
 541        if (iph->daddr) {
 542                struct flowi fl = { .oif = tunnel->parms.link,
 543                                    .nl_u = { .ip4_u =
 544                                              { .daddr = iph->daddr,
 545                                                .saddr = iph->saddr,
 546                                                .tos = RT_TOS(iph->tos) } },
 547                                    .proto = IPPROTO_IPIP };
 548                struct rtable *rt;
 549                if (!ip_route_output_key(dev_net(dev), &rt, &fl)) {
 550                        tdev = rt->u.dst.dev;
 551                        ip_rt_put(rt);
 552                }
 553                dev->flags |= IFF_POINTOPOINT;
 554        }
 555
 556        if (!tdev && tunnel->parms.link)
 557                tdev = __dev_get_by_index(dev_net(dev), tunnel->parms.link);
 558
 559        if (tdev) {
 560                dev->hard_header_len = tdev->hard_header_len + sizeof(struct iphdr);
 561                dev->mtu = tdev->mtu - sizeof(struct iphdr);
 562        }
 563        dev->iflink = tunnel->parms.link;
 564}
 565
 566static int
 567ipip_tunnel_ioctl (struct net_device *dev, struct ifreq *ifr, int cmd)
 568{
 569        int err = 0;
 570        struct ip_tunnel_parm p;
 571        struct ip_tunnel *t;
 572        struct net *net = dev_net(dev);
 573        struct ipip_net *ipn = net_generic(net, ipip_net_id);
 574
 575        switch (cmd) {
 576        case SIOCGETTUNNEL:
 577                t = NULL;
 578                if (dev == ipn->fb_tunnel_dev) {
 579                        if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p))) {
 580                                err = -EFAULT;
 581                                break;
 582                        }
 583                        t = ipip_tunnel_locate(net, &p, 0);
 584                }
 585                if (t == NULL)
 586                        t = netdev_priv(dev);
 587                memcpy(&p, &t->parms, sizeof(p));
 588                if (copy_to_user(ifr->ifr_ifru.ifru_data, &p, sizeof(p)))
 589                        err = -EFAULT;
 590                break;
 591
 592        case SIOCADDTUNNEL:
 593        case SIOCCHGTUNNEL:
 594                err = -EPERM;
 595                if (!capable(CAP_NET_ADMIN))
 596                        goto done;
 597
 598                err = -EFAULT;
 599                if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p)))
 600                        goto done;
 601
 602                err = -EINVAL;
 603                if (p.iph.version != 4 || p.iph.protocol != IPPROTO_IPIP ||
 604                    p.iph.ihl != 5 || (p.iph.frag_off&htons(~IP_DF)))
 605                        goto done;
 606                if (p.iph.ttl)
 607                        p.iph.frag_off |= htons(IP_DF);
 608
 609                t = ipip_tunnel_locate(net, &p, cmd == SIOCADDTUNNEL);
 610
 611                if (dev != ipn->fb_tunnel_dev && cmd == SIOCCHGTUNNEL) {
 612                        if (t != NULL) {
 613                                if (t->dev != dev) {
 614                                        err = -EEXIST;
 615                                        break;
 616                                }
 617                        } else {
 618                                if (((dev->flags&IFF_POINTOPOINT) && !p.iph.daddr) ||
 619                                    (!(dev->flags&IFF_POINTOPOINT) && p.iph.daddr)) {
 620                                        err = -EINVAL;
 621                                        break;
 622                                }
 623                                t = netdev_priv(dev);
 624                                ipip_tunnel_unlink(ipn, t);
 625                                t->parms.iph.saddr = p.iph.saddr;
 626                                t->parms.iph.daddr = p.iph.daddr;
 627                                memcpy(dev->dev_addr, &p.iph.saddr, 4);
 628                                memcpy(dev->broadcast, &p.iph.daddr, 4);
 629                                ipip_tunnel_link(ipn, t);
 630                                netdev_state_change(dev);
 631                        }
 632                }
 633
 634                if (t) {
 635                        err = 0;
 636                        if (cmd == SIOCCHGTUNNEL) {
 637                                t->parms.iph.ttl = p.iph.ttl;
 638                                t->parms.iph.tos = p.iph.tos;
 639                                t->parms.iph.frag_off = p.iph.frag_off;
 640                                if (t->parms.link != p.link) {
 641                                        t->parms.link = p.link;
 642                                        ipip_tunnel_bind_dev(dev);
 643                                        netdev_state_change(dev);
 644                                }
 645                        }
 646                        if (copy_to_user(ifr->ifr_ifru.ifru_data, &t->parms, sizeof(p)))
 647                                err = -EFAULT;
 648                } else
 649                        err = (cmd == SIOCADDTUNNEL ? -ENOBUFS : -ENOENT);
 650                break;
 651
 652        case SIOCDELTUNNEL:
 653                err = -EPERM;
 654                if (!capable(CAP_NET_ADMIN))
 655                        goto done;
 656
 657                if (dev == ipn->fb_tunnel_dev) {
 658                        err = -EFAULT;
 659                        if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p)))
 660                                goto done;
 661                        err = -ENOENT;
 662                        if ((t = ipip_tunnel_locate(net, &p, 0)) == NULL)
 663                                goto done;
 664                        err = -EPERM;
 665                        if (t->dev == ipn->fb_tunnel_dev)
 666                                goto done;
 667                        dev = t->dev;
 668                }
 669                unregister_netdevice(dev);
 670                err = 0;
 671                break;
 672
 673        default:
 674                err = -EINVAL;
 675        }
 676
 677done:
 678        return err;
 679}
 680
 681static int ipip_tunnel_change_mtu(struct net_device *dev, int new_mtu)
 682{
 683        if (new_mtu < 68 || new_mtu > 0xFFF8 - sizeof(struct iphdr))
 684                return -EINVAL;
 685        dev->mtu = new_mtu;
 686        return 0;
 687}
 688
 689static const struct net_device_ops ipip_netdev_ops = {
 690        .ndo_uninit     = ipip_tunnel_uninit,
 691        .ndo_start_xmit = ipip_tunnel_xmit,
 692        .ndo_do_ioctl   = ipip_tunnel_ioctl,
 693        .ndo_change_mtu = ipip_tunnel_change_mtu,
 694
 695};
 696
 697static void ipip_tunnel_setup(struct net_device *dev)
 698{
 699        dev->netdev_ops         = &ipip_netdev_ops;
 700        dev->destructor         = free_netdev;
 701
 702        dev->type               = ARPHRD_TUNNEL;
 703        dev->hard_header_len    = LL_MAX_HEADER + sizeof(struct iphdr);
 704        dev->mtu                = ETH_DATA_LEN - sizeof(struct iphdr);
 705        dev->flags              = IFF_NOARP;
 706        dev->iflink             = 0;
 707        dev->addr_len           = 4;
 708        dev->features           |= NETIF_F_NETNS_LOCAL;
 709        dev->priv_flags         &= ~IFF_XMIT_DST_RELEASE;
 710}
 711
 712static void ipip_tunnel_init(struct net_device *dev)
 713{
 714        struct ip_tunnel *tunnel = netdev_priv(dev);
 715
 716        tunnel->dev = dev;
 717        strcpy(tunnel->parms.name, dev->name);
 718
 719        memcpy(dev->dev_addr, &tunnel->parms.iph.saddr, 4);
 720        memcpy(dev->broadcast, &tunnel->parms.iph.daddr, 4);
 721
 722        ipip_tunnel_bind_dev(dev);
 723}
 724
 725static void ipip_fb_tunnel_init(struct net_device *dev)
 726{
 727        struct ip_tunnel *tunnel = netdev_priv(dev);
 728        struct iphdr *iph = &tunnel->parms.iph;
 729        struct ipip_net *ipn = net_generic(dev_net(dev), ipip_net_id);
 730
 731        tunnel->dev = dev;
 732        strcpy(tunnel->parms.name, dev->name);
 733
 734        iph->version            = 4;
 735        iph->protocol           = IPPROTO_IPIP;
 736        iph->ihl                = 5;
 737
 738        dev_hold(dev);
 739        ipn->tunnels_wc[0]      = tunnel;
 740}
 741
 742static struct xfrm_tunnel ipip_handler = {
 743        .handler        =       ipip_rcv,
 744        .err_handler    =       ipip_err,
 745        .priority       =       1,
 746};
 747
 748static const char banner[] __initconst =
 749        KERN_INFO "IPv4 over IPv4 tunneling driver\n";
 750
 751static void ipip_destroy_tunnels(struct ipip_net *ipn)
 752{
 753        int prio;
 754
 755        for (prio = 1; prio < 4; prio++) {
 756                int h;
 757                for (h = 0; h < HASH_SIZE; h++) {
 758                        struct ip_tunnel *t;
 759                        while ((t = ipn->tunnels[prio][h]) != NULL)
 760                                unregister_netdevice(t->dev);
 761                }
 762        }
 763}
 764
 765static int ipip_init_net(struct net *net)
 766{
 767        int err;
 768        struct ipip_net *ipn;
 769
 770        err = -ENOMEM;
 771        ipn = kzalloc(sizeof(struct ipip_net), GFP_KERNEL);
 772        if (ipn == NULL)
 773                goto err_alloc;
 774
 775        err = net_assign_generic(net, ipip_net_id, ipn);
 776        if (err < 0)
 777                goto err_assign;
 778
 779        ipn->tunnels[0] = ipn->tunnels_wc;
 780        ipn->tunnels[1] = ipn->tunnels_l;
 781        ipn->tunnels[2] = ipn->tunnels_r;
 782        ipn->tunnels[3] = ipn->tunnels_r_l;
 783
 784        ipn->fb_tunnel_dev = alloc_netdev(sizeof(struct ip_tunnel),
 785                                           "tunl0",
 786                                           ipip_tunnel_setup);
 787        if (!ipn->fb_tunnel_dev) {
 788                err = -ENOMEM;
 789                goto err_alloc_dev;
 790        }
 791        dev_net_set(ipn->fb_tunnel_dev, net);
 792
 793        ipip_fb_tunnel_init(ipn->fb_tunnel_dev);
 794
 795        if ((err = register_netdev(ipn->fb_tunnel_dev)))
 796                goto err_reg_dev;
 797
 798        return 0;
 799
 800err_reg_dev:
 801        free_netdev(ipn->fb_tunnel_dev);
 802err_alloc_dev:
 803        /* nothing */
 804err_assign:
 805        kfree(ipn);
 806err_alloc:
 807        return err;
 808}
 809
 810static void ipip_exit_net(struct net *net)
 811{
 812        struct ipip_net *ipn;
 813
 814        ipn = net_generic(net, ipip_net_id);
 815        rtnl_lock();
 816        ipip_destroy_tunnels(ipn);
 817        unregister_netdevice(ipn->fb_tunnel_dev);
 818        rtnl_unlock();
 819        kfree(ipn);
 820}
 821
 822static struct pernet_operations ipip_net_ops = {
 823        .init = ipip_init_net,
 824        .exit = ipip_exit_net,
 825};
 826
 827static int __init ipip_init(void)
 828{
 829        int err;
 830
 831        printk(banner);
 832
 833        if (xfrm4_tunnel_register(&ipip_handler, AF_INET)) {
 834                printk(KERN_INFO "ipip init: can't register tunnel\n");
 835                return -EAGAIN;
 836        }
 837
 838        err = register_pernet_gen_device(&ipip_net_id, &ipip_net_ops);
 839        if (err)
 840                xfrm4_tunnel_deregister(&ipip_handler, AF_INET);
 841
 842        return err;
 843}
 844
 845static void __exit ipip_fini(void)
 846{
 847        if (xfrm4_tunnel_deregister(&ipip_handler, AF_INET))
 848                printk(KERN_INFO "ipip close: can't deregister tunnel\n");
 849
 850        unregister_pernet_gen_device(ipip_net_id, &ipip_net_ops);
 851}
 852
 853module_init(ipip_init);
 854module_exit(ipip_fini);
 855MODULE_LICENSE("GPL");
 856