1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
22
23#include <linux/module.h>
24#include <linux/capability.h>
25#include <linux/errno.h>
26#include <linux/types.h>
27#include <linux/sockios.h>
28#include <linux/icmp.h>
29#include <linux/if.h>
30#include <linux/in.h>
31#include <linux/ip.h>
32#include <linux/if_tunnel.h>
33#include <linux/net.h>
34#include <linux/in6.h>
35#include <linux/netdevice.h>
36#include <linux/if_arp.h>
37#include <linux/icmpv6.h>
38#include <linux/init.h>
39#include <linux/route.h>
40#include <linux/rtnetlink.h>
41#include <linux/netfilter_ipv6.h>
42#include <linux/slab.h>
43#include <linux/hash.h>
44
45#include <asm/uaccess.h>
46#include <linux/atomic.h>
47
48#include <net/icmp.h>
49#include <net/ip.h>
50#include <net/ipv6.h>
51#include <net/ip6_route.h>
52#include <net/addrconf.h>
53#include <net/ip6_tunnel.h>
54#include <net/xfrm.h>
55#include <net/dsfield.h>
56#include <net/inet_ecn.h>
57#include <net/net_namespace.h>
58#include <net/netns/generic.h>
59
60MODULE_AUTHOR("Ville Nuorvala");
61MODULE_DESCRIPTION("IPv6 tunneling device");
62MODULE_LICENSE("GPL");
63MODULE_ALIAS_NETDEV("ip6tnl0");
64
65#ifdef IP6_TNL_DEBUG
66#define IP6_TNL_TRACE(x...) pr_debug("%s:" x "\n", __func__)
67#else
68#define IP6_TNL_TRACE(x...) do {;} while(0)
69#endif
70
71#define IPV6_TCLASS_MASK (IPV6_FLOWINFO_MASK & ~IPV6_FLOWLABEL_MASK)
72#define IPV6_TCLASS_SHIFT 20
73
74#define HASH_SIZE_SHIFT 5
75#define HASH_SIZE (1 << HASH_SIZE_SHIFT)
76
77static u32 HASH(const struct in6_addr *addr1, const struct in6_addr *addr2)
78{
79 u32 hash = ipv6_addr_hash(addr1) ^ ipv6_addr_hash(addr2);
80
81 return hash_32(hash, HASH_SIZE_SHIFT);
82}
83
84static int ip6_tnl_dev_init(struct net_device *dev);
85static void ip6_tnl_dev_setup(struct net_device *dev);
86
87static int ip6_tnl_net_id __read_mostly;
88struct ip6_tnl_net {
89
90 struct net_device *fb_tnl_dev;
91
92 struct ip6_tnl __rcu *tnls_r_l[HASH_SIZE];
93 struct ip6_tnl __rcu *tnls_wc[1];
94 struct ip6_tnl __rcu **tnls[2];
95};
96
97
98struct pcpu_tstats {
99 unsigned long rx_packets;
100 unsigned long rx_bytes;
101 unsigned long tx_packets;
102 unsigned long tx_bytes;
103} __attribute__((aligned(4*sizeof(unsigned long))));
104
105static struct net_device_stats *ip6_get_stats(struct net_device *dev)
106{
107 struct pcpu_tstats sum = { 0 };
108 int i;
109
110 for_each_possible_cpu(i) {
111 const struct pcpu_tstats *tstats = per_cpu_ptr(dev->tstats, i);
112
113 sum.rx_packets += tstats->rx_packets;
114 sum.rx_bytes += tstats->rx_bytes;
115 sum.tx_packets += tstats->tx_packets;
116 sum.tx_bytes += tstats->tx_bytes;
117 }
118 dev->stats.rx_packets = sum.rx_packets;
119 dev->stats.rx_bytes = sum.rx_bytes;
120 dev->stats.tx_packets = sum.tx_packets;
121 dev->stats.tx_bytes = sum.tx_bytes;
122 return &dev->stats;
123}
124
125
126
127
128
129struct dst_entry *ip6_tnl_dst_check(struct ip6_tnl *t)
130{
131 struct dst_entry *dst = t->dst_cache;
132
133 if (dst && dst->obsolete &&
134 dst->ops->check(dst, t->dst_cookie) == NULL) {
135 t->dst_cache = NULL;
136 dst_release(dst);
137 return NULL;
138 }
139
140 return dst;
141}
142EXPORT_SYMBOL_GPL(ip6_tnl_dst_check);
143
144void ip6_tnl_dst_reset(struct ip6_tnl *t)
145{
146 dst_release(t->dst_cache);
147 t->dst_cache = NULL;
148}
149EXPORT_SYMBOL_GPL(ip6_tnl_dst_reset);
150
151void ip6_tnl_dst_store(struct ip6_tnl *t, struct dst_entry *dst)
152{
153 struct rt6_info *rt = (struct rt6_info *) dst;
154 t->dst_cookie = rt->rt6i_node ? rt->rt6i_node->fn_sernum : 0;
155 dst_release(t->dst_cache);
156 t->dst_cache = dst;
157}
158EXPORT_SYMBOL_GPL(ip6_tnl_dst_store);
159
160
161
162
163
164
165
166
167
168
169
170
171#define for_each_ip6_tunnel_rcu(start) \
172 for (t = rcu_dereference(start); t; t = rcu_dereference(t->next))
173
174static struct ip6_tnl *
175ip6_tnl_lookup(struct net *net, const struct in6_addr *remote, const struct in6_addr *local)
176{
177 unsigned int hash = HASH(remote, local);
178 struct ip6_tnl *t;
179 struct ip6_tnl_net *ip6n = net_generic(net, ip6_tnl_net_id);
180
181 for_each_ip6_tunnel_rcu(ip6n->tnls_r_l[hash]) {
182 if (ipv6_addr_equal(local, &t->parms.laddr) &&
183 ipv6_addr_equal(remote, &t->parms.raddr) &&
184 (t->dev->flags & IFF_UP))
185 return t;
186 }
187 t = rcu_dereference(ip6n->tnls_wc[0]);
188 if (t && (t->dev->flags & IFF_UP))
189 return t;
190
191 return NULL;
192}
193
194
195
196
197
198
199
200
201
202
203
204
205static struct ip6_tnl __rcu **
206ip6_tnl_bucket(struct ip6_tnl_net *ip6n, const struct __ip6_tnl_parm *p)
207{
208 const struct in6_addr *remote = &p->raddr;
209 const struct in6_addr *local = &p->laddr;
210 unsigned int h = 0;
211 int prio = 0;
212
213 if (!ipv6_addr_any(remote) || !ipv6_addr_any(local)) {
214 prio = 1;
215 h = HASH(remote, local);
216 }
217 return &ip6n->tnls[prio][h];
218}
219
220
221
222
223
224
225static void
226ip6_tnl_link(struct ip6_tnl_net *ip6n, struct ip6_tnl *t)
227{
228 struct ip6_tnl __rcu **tp = ip6_tnl_bucket(ip6n, &t->parms);
229
230 rcu_assign_pointer(t->next , rtnl_dereference(*tp));
231 rcu_assign_pointer(*tp, t);
232}
233
234
235
236
237
238
239static void
240ip6_tnl_unlink(struct ip6_tnl_net *ip6n, struct ip6_tnl *t)
241{
242 struct ip6_tnl __rcu **tp;
243 struct ip6_tnl *iter;
244
245 for (tp = ip6_tnl_bucket(ip6n, &t->parms);
246 (iter = rtnl_dereference(*tp)) != NULL;
247 tp = &iter->next) {
248 if (t == iter) {
249 rcu_assign_pointer(*tp, t->next);
250 break;
251 }
252 }
253}
254
255static void ip6_dev_free(struct net_device *dev)
256{
257 free_percpu(dev->tstats);
258 free_netdev(dev);
259}
260
261
262
263
264
265
266
267
268
269
270
271
272
273static struct ip6_tnl *ip6_tnl_create(struct net *net, struct __ip6_tnl_parm *p)
274{
275 struct net_device *dev;
276 struct ip6_tnl *t;
277 char name[IFNAMSIZ];
278 int err;
279 struct ip6_tnl_net *ip6n = net_generic(net, ip6_tnl_net_id);
280
281 if (p->name[0])
282 strlcpy(name, p->name, IFNAMSIZ);
283 else
284 sprintf(name, "ip6tnl%%d");
285
286 dev = alloc_netdev(sizeof (*t), name, ip6_tnl_dev_setup);
287 if (dev == NULL)
288 goto failed;
289
290 dev_net_set(dev, net);
291
292 t = netdev_priv(dev);
293 t->parms = *p;
294 err = ip6_tnl_dev_init(dev);
295 if (err < 0)
296 goto failed_free;
297
298 if ((err = register_netdevice(dev)) < 0)
299 goto failed_free;
300
301 strcpy(t->parms.name, dev->name);
302
303 dev_hold(dev);
304 ip6_tnl_link(ip6n, t);
305 return t;
306
307failed_free:
308 ip6_dev_free(dev);
309failed:
310 return NULL;
311}
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327static struct ip6_tnl *ip6_tnl_locate(struct net *net,
328 struct __ip6_tnl_parm *p, int create)
329{
330 const struct in6_addr *remote = &p->raddr;
331 const struct in6_addr *local = &p->laddr;
332 struct ip6_tnl __rcu **tp;
333 struct ip6_tnl *t;
334 struct ip6_tnl_net *ip6n = net_generic(net, ip6_tnl_net_id);
335
336 for (tp = ip6_tnl_bucket(ip6n, p);
337 (t = rtnl_dereference(*tp)) != NULL;
338 tp = &t->next) {
339 if (ipv6_addr_equal(local, &t->parms.laddr) &&
340 ipv6_addr_equal(remote, &t->parms.raddr))
341 return t;
342 }
343 if (!create)
344 return NULL;
345 return ip6_tnl_create(net, p);
346}
347
348
349
350
351
352
353
354
355
356static void
357ip6_tnl_dev_uninit(struct net_device *dev)
358{
359 struct ip6_tnl *t = netdev_priv(dev);
360 struct net *net = dev_net(dev);
361 struct ip6_tnl_net *ip6n = net_generic(net, ip6_tnl_net_id);
362
363 if (dev == ip6n->fb_tnl_dev)
364 RCU_INIT_POINTER(ip6n->tnls_wc[0], NULL);
365 else
366 ip6_tnl_unlink(ip6n, t);
367 ip6_tnl_dst_reset(t);
368 dev_put(dev);
369}
370
371
372
373
374
375
376
377
378
379
380__u16 ip6_tnl_parse_tlv_enc_lim(struct sk_buff *skb, __u8 *raw)
381{
382 const struct ipv6hdr *ipv6h = (const struct ipv6hdr *) raw;
383 __u8 nexthdr = ipv6h->nexthdr;
384 __u16 off = sizeof (*ipv6h);
385
386 while (ipv6_ext_hdr(nexthdr) && nexthdr != NEXTHDR_NONE) {
387 __u16 optlen = 0;
388 struct ipv6_opt_hdr *hdr;
389 if (raw + off + sizeof (*hdr) > skb->data &&
390 !pskb_may_pull(skb, raw - skb->data + off + sizeof (*hdr)))
391 break;
392
393 hdr = (struct ipv6_opt_hdr *) (raw + off);
394 if (nexthdr == NEXTHDR_FRAGMENT) {
395 struct frag_hdr *frag_hdr = (struct frag_hdr *) hdr;
396 if (frag_hdr->frag_off)
397 break;
398 optlen = 8;
399 } else if (nexthdr == NEXTHDR_AUTH) {
400 optlen = (hdr->hdrlen + 2) << 2;
401 } else {
402 optlen = ipv6_optlen(hdr);
403 }
404 if (nexthdr == NEXTHDR_DEST) {
405 __u16 i = off + 2;
406 while (1) {
407 struct ipv6_tlv_tnl_enc_lim *tel;
408
409
410 if (i + sizeof (*tel) > off + optlen)
411 break;
412
413 tel = (struct ipv6_tlv_tnl_enc_lim *) &raw[i];
414
415 if (tel->type == IPV6_TLV_TNL_ENCAP_LIMIT &&
416 tel->length == 1)
417 return i;
418
419 if (tel->type)
420 i += tel->length + 2;
421 else
422 i++;
423 }
424 }
425 nexthdr = hdr->nexthdr;
426 off += optlen;
427 }
428 return 0;
429}
430EXPORT_SYMBOL(ip6_tnl_parse_tlv_enc_lim);
431
432
433
434
435
436
437
438
439
440static int
441ip6_tnl_err(struct sk_buff *skb, __u8 ipproto, struct inet6_skb_parm *opt,
442 u8 *type, u8 *code, int *msg, __u32 *info, int offset)
443{
444 const struct ipv6hdr *ipv6h = (const struct ipv6hdr *) skb->data;
445 struct ip6_tnl *t;
446 int rel_msg = 0;
447 u8 rel_type = ICMPV6_DEST_UNREACH;
448 u8 rel_code = ICMPV6_ADDR_UNREACH;
449 __u32 rel_info = 0;
450 __u16 len;
451 int err = -ENOENT;
452
453
454
455
456
457 rcu_read_lock();
458 if ((t = ip6_tnl_lookup(dev_net(skb->dev), &ipv6h->daddr,
459 &ipv6h->saddr)) == NULL)
460 goto out;
461
462 if (t->parms.proto != ipproto && t->parms.proto != 0)
463 goto out;
464
465 err = 0;
466
467 switch (*type) {
468 __u32 teli;
469 struct ipv6_tlv_tnl_enc_lim *tel;
470 __u32 mtu;
471 case ICMPV6_DEST_UNREACH:
472 net_warn_ratelimited("%s: Path to destination invalid or inactive!\n",
473 t->parms.name);
474 rel_msg = 1;
475 break;
476 case ICMPV6_TIME_EXCEED:
477 if ((*code) == ICMPV6_EXC_HOPLIMIT) {
478 net_warn_ratelimited("%s: Too small hop limit or routing loop in tunnel!\n",
479 t->parms.name);
480 rel_msg = 1;
481 }
482 break;
483 case ICMPV6_PARAMPROB:
484 teli = 0;
485 if ((*code) == ICMPV6_HDR_FIELD)
486 teli = ip6_tnl_parse_tlv_enc_lim(skb, skb->data);
487
488 if (teli && teli == *info - 2) {
489 tel = (struct ipv6_tlv_tnl_enc_lim *) &skb->data[teli];
490 if (tel->encap_limit == 0) {
491 net_warn_ratelimited("%s: Too small encapsulation limit or routing loop in tunnel!\n",
492 t->parms.name);
493 rel_msg = 1;
494 }
495 } else {
496 net_warn_ratelimited("%s: Recipient unable to parse tunneled packet!\n",
497 t->parms.name);
498 }
499 break;
500 case ICMPV6_PKT_TOOBIG:
501 mtu = *info - offset;
502 if (mtu < IPV6_MIN_MTU)
503 mtu = IPV6_MIN_MTU;
504 t->dev->mtu = mtu;
505
506 if ((len = sizeof (*ipv6h) + ntohs(ipv6h->payload_len)) > mtu) {
507 rel_type = ICMPV6_PKT_TOOBIG;
508 rel_code = 0;
509 rel_info = mtu;
510 rel_msg = 1;
511 }
512 break;
513 }
514
515 *type = rel_type;
516 *code = rel_code;
517 *info = rel_info;
518 *msg = rel_msg;
519
520out:
521 rcu_read_unlock();
522 return err;
523}
524
525static int
526ip4ip6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
527 u8 type, u8 code, int offset, __be32 info)
528{
529 int rel_msg = 0;
530 u8 rel_type = type;
531 u8 rel_code = code;
532 __u32 rel_info = ntohl(info);
533 int err;
534 struct sk_buff *skb2;
535 const struct iphdr *eiph;
536 struct rtable *rt;
537 struct flowi4 fl4;
538
539 err = ip6_tnl_err(skb, IPPROTO_IPIP, opt, &rel_type, &rel_code,
540 &rel_msg, &rel_info, offset);
541 if (err < 0)
542 return err;
543
544 if (rel_msg == 0)
545 return 0;
546
547 switch (rel_type) {
548 case ICMPV6_DEST_UNREACH:
549 if (rel_code != ICMPV6_ADDR_UNREACH)
550 return 0;
551 rel_type = ICMP_DEST_UNREACH;
552 rel_code = ICMP_HOST_UNREACH;
553 break;
554 case ICMPV6_PKT_TOOBIG:
555 if (rel_code != 0)
556 return 0;
557 rel_type = ICMP_DEST_UNREACH;
558 rel_code = ICMP_FRAG_NEEDED;
559 break;
560 case NDISC_REDIRECT:
561 rel_type = ICMP_REDIRECT;
562 rel_code = ICMP_REDIR_HOST;
563 default:
564 return 0;
565 }
566
567 if (!pskb_may_pull(skb, offset + sizeof(struct iphdr)))
568 return 0;
569
570 skb2 = skb_clone(skb, GFP_ATOMIC);
571 if (!skb2)
572 return 0;
573
574 skb_dst_drop(skb2);
575
576 skb_pull(skb2, offset);
577 skb_reset_network_header(skb2);
578 eiph = ip_hdr(skb2);
579
580
581 rt = ip_route_output_ports(dev_net(skb->dev), &fl4, NULL,
582 eiph->saddr, 0,
583 0, 0,
584 IPPROTO_IPIP, RT_TOS(eiph->tos), 0);
585 if (IS_ERR(rt))
586 goto out;
587
588 skb2->dev = rt->dst.dev;
589
590
591 if (rt->rt_flags & RTCF_LOCAL) {
592 ip_rt_put(rt);
593 rt = NULL;
594 rt = ip_route_output_ports(dev_net(skb->dev), &fl4, NULL,
595 eiph->daddr, eiph->saddr,
596 0, 0,
597 IPPROTO_IPIP,
598 RT_TOS(eiph->tos), 0);
599 if (IS_ERR(rt) ||
600 rt->dst.dev->type != ARPHRD_TUNNEL) {
601 if (!IS_ERR(rt))
602 ip_rt_put(rt);
603 goto out;
604 }
605 skb_dst_set(skb2, &rt->dst);
606 } else {
607 ip_rt_put(rt);
608 if (ip_route_input(skb2, eiph->daddr, eiph->saddr, eiph->tos,
609 skb2->dev) ||
610 skb_dst(skb2)->dev->type != ARPHRD_TUNNEL)
611 goto out;
612 }
613
614
615 if (rel_type == ICMP_DEST_UNREACH && rel_code == ICMP_FRAG_NEEDED) {
616 if (rel_info > dst_mtu(skb_dst(skb2)))
617 goto out;
618
619 skb_dst(skb2)->ops->update_pmtu(skb_dst(skb2), NULL, skb2, rel_info);
620 }
621 if (rel_type == ICMP_REDIRECT)
622 skb_dst(skb2)->ops->redirect(skb_dst(skb2), NULL, skb2);
623
624 icmp_send(skb2, rel_type, rel_code, htonl(rel_info));
625
626out:
627 kfree_skb(skb2);
628 return 0;
629}
630
631static int
632ip6ip6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
633 u8 type, u8 code, int offset, __be32 info)
634{
635 int rel_msg = 0;
636 u8 rel_type = type;
637 u8 rel_code = code;
638 __u32 rel_info = ntohl(info);
639 int err;
640
641 err = ip6_tnl_err(skb, IPPROTO_IPV6, opt, &rel_type, &rel_code,
642 &rel_msg, &rel_info, offset);
643 if (err < 0)
644 return err;
645
646 if (rel_msg && pskb_may_pull(skb, offset + sizeof(struct ipv6hdr))) {
647 struct rt6_info *rt;
648 struct sk_buff *skb2 = skb_clone(skb, GFP_ATOMIC);
649
650 if (!skb2)
651 return 0;
652
653 skb_dst_drop(skb2);
654 skb_pull(skb2, offset);
655 skb_reset_network_header(skb2);
656
657
658 rt = rt6_lookup(dev_net(skb->dev), &ipv6_hdr(skb2)->saddr,
659 NULL, 0, 0);
660
661 if (rt && rt->dst.dev)
662 skb2->dev = rt->dst.dev;
663
664 icmpv6_send(skb2, rel_type, rel_code, rel_info);
665
666 if (rt)
667 dst_release(&rt->dst);
668
669 kfree_skb(skb2);
670 }
671
672 return 0;
673}
674
675static void ip4ip6_dscp_ecn_decapsulate(const struct ip6_tnl *t,
676 const struct ipv6hdr *ipv6h,
677 struct sk_buff *skb)
678{
679 __u8 dsfield = ipv6_get_dsfield(ipv6h) & ~INET_ECN_MASK;
680
681 if (t->parms.flags & IP6_TNL_F_RCV_DSCP_COPY)
682 ipv4_change_dsfield(ip_hdr(skb), INET_ECN_MASK, dsfield);
683
684 if (INET_ECN_is_ce(dsfield))
685 IP_ECN_set_ce(ip_hdr(skb));
686}
687
688static void ip6ip6_dscp_ecn_decapsulate(const struct ip6_tnl *t,
689 const struct ipv6hdr *ipv6h,
690 struct sk_buff *skb)
691{
692 if (t->parms.flags & IP6_TNL_F_RCV_DSCP_COPY)
693 ipv6_copy_dscp(ipv6_get_dsfield(ipv6h), ipv6_hdr(skb));
694
695 if (INET_ECN_is_ce(ipv6_get_dsfield(ipv6h)))
696 IP6_ECN_set_ce(ipv6_hdr(skb));
697}
698
699__u32 ip6_tnl_get_cap(struct ip6_tnl *t,
700 const struct in6_addr *laddr,
701 const struct in6_addr *raddr)
702{
703 struct __ip6_tnl_parm *p = &t->parms;
704 int ltype = ipv6_addr_type(laddr);
705 int rtype = ipv6_addr_type(raddr);
706 __u32 flags = 0;
707
708 if (ltype == IPV6_ADDR_ANY || rtype == IPV6_ADDR_ANY) {
709 flags = IP6_TNL_F_CAP_PER_PACKET;
710 } else if (ltype & (IPV6_ADDR_UNICAST|IPV6_ADDR_MULTICAST) &&
711 rtype & (IPV6_ADDR_UNICAST|IPV6_ADDR_MULTICAST) &&
712 !((ltype|rtype) & IPV6_ADDR_LOOPBACK) &&
713 (!((ltype|rtype) & IPV6_ADDR_LINKLOCAL) || p->link)) {
714 if (ltype&IPV6_ADDR_UNICAST)
715 flags |= IP6_TNL_F_CAP_XMIT;
716 if (rtype&IPV6_ADDR_UNICAST)
717 flags |= IP6_TNL_F_CAP_RCV;
718 }
719 return flags;
720}
721EXPORT_SYMBOL(ip6_tnl_get_cap);
722
723
724int ip6_tnl_rcv_ctl(struct ip6_tnl *t,
725 const struct in6_addr *laddr,
726 const struct in6_addr *raddr)
727{
728 struct __ip6_tnl_parm *p = &t->parms;
729 int ret = 0;
730 struct net *net = dev_net(t->dev);
731
732 if ((p->flags & IP6_TNL_F_CAP_RCV) ||
733 ((p->flags & IP6_TNL_F_CAP_PER_PACKET) &&
734 (ip6_tnl_get_cap(t, laddr, raddr) & IP6_TNL_F_CAP_RCV))) {
735 struct net_device *ldev = NULL;
736
737 if (p->link)
738 ldev = dev_get_by_index_rcu(net, p->link);
739
740 if ((ipv6_addr_is_multicast(laddr) ||
741 likely(ipv6_chk_addr(net, laddr, ldev, 0))) &&
742 likely(!ipv6_chk_addr(net, raddr, NULL, 0)))
743 ret = 1;
744 }
745 return ret;
746}
747EXPORT_SYMBOL_GPL(ip6_tnl_rcv_ctl);
748
749
750
751
752
753
754
755
756
757
758static int ip6_tnl_rcv(struct sk_buff *skb, __u16 protocol,
759 __u8 ipproto,
760 void (*dscp_ecn_decapsulate)(const struct ip6_tnl *t,
761 const struct ipv6hdr *ipv6h,
762 struct sk_buff *skb))
763{
764 struct ip6_tnl *t;
765 const struct ipv6hdr *ipv6h = ipv6_hdr(skb);
766
767 rcu_read_lock();
768
769 if ((t = ip6_tnl_lookup(dev_net(skb->dev), &ipv6h->saddr,
770 &ipv6h->daddr)) != NULL) {
771 struct pcpu_tstats *tstats;
772
773 if (t->parms.proto != ipproto && t->parms.proto != 0) {
774 rcu_read_unlock();
775 goto discard;
776 }
777
778 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) {
779 rcu_read_unlock();
780 goto discard;
781 }
782
783 if (!ip6_tnl_rcv_ctl(t, &ipv6h->daddr, &ipv6h->saddr)) {
784 t->dev->stats.rx_dropped++;
785 rcu_read_unlock();
786 goto discard;
787 }
788 secpath_reset(skb);
789 skb->mac_header = skb->network_header;
790 skb_reset_network_header(skb);
791 skb->protocol = htons(protocol);
792 skb->pkt_type = PACKET_HOST;
793 memset(skb->cb, 0, sizeof(struct inet6_skb_parm));
794
795 tstats = this_cpu_ptr(t->dev->tstats);
796 tstats->rx_packets++;
797 tstats->rx_bytes += skb->len;
798
799 __skb_tunnel_rx(skb, t->dev);
800
801 dscp_ecn_decapsulate(t, ipv6h, skb);
802
803 netif_rx(skb);
804
805 rcu_read_unlock();
806 return 0;
807 }
808 rcu_read_unlock();
809 return 1;
810
811discard:
812 kfree_skb(skb);
813 return 0;
814}
815
816static int ip4ip6_rcv(struct sk_buff *skb)
817{
818 return ip6_tnl_rcv(skb, ETH_P_IP, IPPROTO_IPIP,
819 ip4ip6_dscp_ecn_decapsulate);
820}
821
822static int ip6ip6_rcv(struct sk_buff *skb)
823{
824 return ip6_tnl_rcv(skb, ETH_P_IPV6, IPPROTO_IPV6,
825 ip6ip6_dscp_ecn_decapsulate);
826}
827
828struct ipv6_tel_txoption {
829 struct ipv6_txoptions ops;
830 __u8 dst_opt[8];
831};
832
833static void init_tel_txopt(struct ipv6_tel_txoption *opt, __u8 encap_limit)
834{
835 memset(opt, 0, sizeof(struct ipv6_tel_txoption));
836
837 opt->dst_opt[2] = IPV6_TLV_TNL_ENCAP_LIMIT;
838 opt->dst_opt[3] = 1;
839 opt->dst_opt[4] = encap_limit;
840 opt->dst_opt[5] = IPV6_TLV_PADN;
841 opt->dst_opt[6] = 1;
842
843 opt->ops.dst0opt = (struct ipv6_opt_hdr *) opt->dst_opt;
844 opt->ops.opt_nflen = 8;
845}
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861static inline bool
862ip6_tnl_addr_conflict(const struct ip6_tnl *t, const struct ipv6hdr *hdr)
863{
864 return ipv6_addr_equal(&t->parms.raddr, &hdr->saddr);
865}
866
867int ip6_tnl_xmit_ctl(struct ip6_tnl *t)
868{
869 struct __ip6_tnl_parm *p = &t->parms;
870 int ret = 0;
871 struct net *net = dev_net(t->dev);
872
873 if (p->flags & IP6_TNL_F_CAP_XMIT) {
874 struct net_device *ldev = NULL;
875
876 rcu_read_lock();
877 if (p->link)
878 ldev = dev_get_by_index_rcu(net, p->link);
879
880 if (unlikely(!ipv6_chk_addr(net, &p->laddr, ldev, 0)))
881 pr_warn("%s xmit: Local address not yet configured!\n",
882 p->name);
883 else if (!ipv6_addr_is_multicast(&p->raddr) &&
884 unlikely(ipv6_chk_addr(net, &p->raddr, NULL, 0)))
885 pr_warn("%s xmit: Routing loop! Remote address found on this node!\n",
886 p->name);
887 else
888 ret = 1;
889 rcu_read_unlock();
890 }
891 return ret;
892}
893EXPORT_SYMBOL_GPL(ip6_tnl_xmit_ctl);
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914static int ip6_tnl_xmit2(struct sk_buff *skb,
915 struct net_device *dev,
916 __u8 dsfield,
917 struct flowi6 *fl6,
918 int encap_limit,
919 __u32 *pmtu)
920{
921 struct net *net = dev_net(dev);
922 struct ip6_tnl *t = netdev_priv(dev);
923 struct net_device_stats *stats = &t->dev->stats;
924 struct ipv6hdr *ipv6h = ipv6_hdr(skb);
925 struct ipv6_tel_txoption opt;
926 struct dst_entry *dst = NULL, *ndst = NULL;
927 struct net_device *tdev;
928 int mtu;
929 unsigned int max_headroom = sizeof(struct ipv6hdr);
930 u8 proto;
931 int err = -1;
932 int pkt_len;
933
934 if (!fl6->flowi6_mark)
935 dst = ip6_tnl_dst_check(t);
936 if (!dst) {
937 ndst = ip6_route_output(net, NULL, fl6);
938
939 if (ndst->error)
940 goto tx_err_link_failure;
941 ndst = xfrm_lookup(net, ndst, flowi6_to_flowi(fl6), NULL, 0);
942 if (IS_ERR(ndst)) {
943 err = PTR_ERR(ndst);
944 ndst = NULL;
945 goto tx_err_link_failure;
946 }
947 dst = ndst;
948 }
949
950 tdev = dst->dev;
951
952 if (tdev == dev) {
953 stats->collisions++;
954 net_warn_ratelimited("%s: Local routing loop detected!\n",
955 t->parms.name);
956 goto tx_err_dst_release;
957 }
958 mtu = dst_mtu(dst) - sizeof (*ipv6h);
959 if (encap_limit >= 0) {
960 max_headroom += 8;
961 mtu -= 8;
962 }
963 if (mtu < IPV6_MIN_MTU)
964 mtu = IPV6_MIN_MTU;
965 if (skb_dst(skb))
966 skb_dst(skb)->ops->update_pmtu(skb_dst(skb), NULL, skb, mtu);
967 if (skb->len > mtu) {
968 *pmtu = mtu;
969 err = -EMSGSIZE;
970 goto tx_err_dst_release;
971 }
972
973
974
975
976 max_headroom += LL_RESERVED_SPACE(tdev);
977
978 if (skb_headroom(skb) < max_headroom || skb_shared(skb) ||
979 (skb_cloned(skb) && !skb_clone_writable(skb, 0))) {
980 struct sk_buff *new_skb;
981
982 if (!(new_skb = skb_realloc_headroom(skb, max_headroom)))
983 goto tx_err_dst_release;
984
985 if (skb->sk)
986 skb_set_owner_w(new_skb, skb->sk);
987 consume_skb(skb);
988 skb = new_skb;
989 }
990 skb_dst_drop(skb);
991 if (fl6->flowi6_mark) {
992 skb_dst_set(skb, dst);
993 ndst = NULL;
994 } else {
995 skb_dst_set_noref(skb, dst);
996 }
997 skb->transport_header = skb->network_header;
998
999 proto = fl6->flowi6_proto;
1000 if (encap_limit >= 0) {
1001 init_tel_txopt(&opt, encap_limit);
1002 ipv6_push_nfrag_opts(skb, &opt.ops, &proto, NULL);
1003 }
1004 skb_push(skb, sizeof(struct ipv6hdr));
1005 skb_reset_network_header(skb);
1006 ipv6h = ipv6_hdr(skb);
1007 *(__be32*)ipv6h = fl6->flowlabel | htonl(0x60000000);
1008 dsfield = INET_ECN_encapsulate(0, dsfield);
1009 ipv6_change_dsfield(ipv6h, ~INET_ECN_MASK, dsfield);
1010 ipv6h->hop_limit = t->parms.hop_limit;
1011 ipv6h->nexthdr = proto;
1012 ipv6h->saddr = fl6->saddr;
1013 ipv6h->daddr = fl6->daddr;
1014 nf_reset(skb);
1015 pkt_len = skb->len;
1016 err = ip6_local_out(skb);
1017
1018 if (net_xmit_eval(err) == 0) {
1019 struct pcpu_tstats *tstats = this_cpu_ptr(t->dev->tstats);
1020
1021 tstats->tx_bytes += pkt_len;
1022 tstats->tx_packets++;
1023 } else {
1024 stats->tx_errors++;
1025 stats->tx_aborted_errors++;
1026 }
1027 if (ndst)
1028 ip6_tnl_dst_store(t, ndst);
1029 return 0;
1030tx_err_link_failure:
1031 stats->tx_carrier_errors++;
1032 dst_link_failure(skb);
1033tx_err_dst_release:
1034 dst_release(ndst);
1035 return err;
1036}
1037
1038static inline int
1039ip4ip6_tnl_xmit(struct sk_buff *skb, struct net_device *dev)
1040{
1041 struct ip6_tnl *t = netdev_priv(dev);
1042 const struct iphdr *iph = ip_hdr(skb);
1043 int encap_limit = -1;
1044 struct flowi6 fl6;
1045 __u8 dsfield;
1046 __u32 mtu;
1047 int err;
1048
1049 if ((t->parms.proto != IPPROTO_IPIP && t->parms.proto != 0) ||
1050 !ip6_tnl_xmit_ctl(t))
1051 return -1;
1052
1053 if (!(t->parms.flags & IP6_TNL_F_IGN_ENCAP_LIMIT))
1054 encap_limit = t->parms.encap_limit;
1055
1056 memcpy(&fl6, &t->fl.u.ip6, sizeof (fl6));
1057 fl6.flowi6_proto = IPPROTO_IPIP;
1058
1059 dsfield = ipv4_get_dsfield(iph);
1060
1061 if (t->parms.flags & IP6_TNL_F_USE_ORIG_TCLASS)
1062 fl6.flowlabel |= htonl((__u32)iph->tos << IPV6_TCLASS_SHIFT)
1063 & IPV6_TCLASS_MASK;
1064 if (t->parms.flags & IP6_TNL_F_USE_ORIG_FWMARK)
1065 fl6.flowi6_mark = skb->mark;
1066
1067 err = ip6_tnl_xmit2(skb, dev, dsfield, &fl6, encap_limit, &mtu);
1068 if (err != 0) {
1069
1070 if (err == -EMSGSIZE)
1071 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED,
1072 htonl(mtu));
1073 return -1;
1074 }
1075
1076 return 0;
1077}
1078
1079static inline int
1080ip6ip6_tnl_xmit(struct sk_buff *skb, struct net_device *dev)
1081{
1082 struct ip6_tnl *t = netdev_priv(dev);
1083 struct ipv6hdr *ipv6h = ipv6_hdr(skb);
1084 int encap_limit = -1;
1085 __u16 offset;
1086 struct flowi6 fl6;
1087 __u8 dsfield;
1088 __u32 mtu;
1089 int err;
1090
1091 if ((t->parms.proto != IPPROTO_IPV6 && t->parms.proto != 0) ||
1092 !ip6_tnl_xmit_ctl(t) || ip6_tnl_addr_conflict(t, ipv6h))
1093 return -1;
1094
1095 offset = ip6_tnl_parse_tlv_enc_lim(skb, skb_network_header(skb));
1096 if (offset > 0) {
1097 struct ipv6_tlv_tnl_enc_lim *tel;
1098 tel = (struct ipv6_tlv_tnl_enc_lim *)&skb_network_header(skb)[offset];
1099 if (tel->encap_limit == 0) {
1100 icmpv6_send(skb, ICMPV6_PARAMPROB,
1101 ICMPV6_HDR_FIELD, offset + 2);
1102 return -1;
1103 }
1104 encap_limit = tel->encap_limit - 1;
1105 } else if (!(t->parms.flags & IP6_TNL_F_IGN_ENCAP_LIMIT))
1106 encap_limit = t->parms.encap_limit;
1107
1108 memcpy(&fl6, &t->fl.u.ip6, sizeof (fl6));
1109 fl6.flowi6_proto = IPPROTO_IPV6;
1110
1111 dsfield = ipv6_get_dsfield(ipv6h);
1112 if (t->parms.flags & IP6_TNL_F_USE_ORIG_TCLASS)
1113 fl6.flowlabel |= (*(__be32 *) ipv6h & IPV6_TCLASS_MASK);
1114 if (t->parms.flags & IP6_TNL_F_USE_ORIG_FLOWLABEL)
1115 fl6.flowlabel |= (*(__be32 *) ipv6h & IPV6_FLOWLABEL_MASK);
1116 if (t->parms.flags & IP6_TNL_F_USE_ORIG_FWMARK)
1117 fl6.flowi6_mark = skb->mark;
1118
1119 err = ip6_tnl_xmit2(skb, dev, dsfield, &fl6, encap_limit, &mtu);
1120 if (err != 0) {
1121 if (err == -EMSGSIZE)
1122 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu);
1123 return -1;
1124 }
1125
1126 return 0;
1127}
1128
1129static netdev_tx_t
1130ip6_tnl_xmit(struct sk_buff *skb, struct net_device *dev)
1131{
1132 struct ip6_tnl *t = netdev_priv(dev);
1133 struct net_device_stats *stats = &t->dev->stats;
1134 int ret;
1135
1136 switch (skb->protocol) {
1137 case htons(ETH_P_IP):
1138 ret = ip4ip6_tnl_xmit(skb, dev);
1139 break;
1140 case htons(ETH_P_IPV6):
1141 ret = ip6ip6_tnl_xmit(skb, dev);
1142 break;
1143 default:
1144 goto tx_err;
1145 }
1146
1147 if (ret < 0)
1148 goto tx_err;
1149
1150 return NETDEV_TX_OK;
1151
1152tx_err:
1153 stats->tx_errors++;
1154 stats->tx_dropped++;
1155 kfree_skb(skb);
1156 return NETDEV_TX_OK;
1157}
1158
1159static void ip6_tnl_link_config(struct ip6_tnl *t)
1160{
1161 struct net_device *dev = t->dev;
1162 struct __ip6_tnl_parm *p = &t->parms;
1163 struct flowi6 *fl6 = &t->fl.u.ip6;
1164
1165 memcpy(dev->dev_addr, &p->laddr, sizeof(struct in6_addr));
1166 memcpy(dev->broadcast, &p->raddr, sizeof(struct in6_addr));
1167
1168
1169 fl6->saddr = p->laddr;
1170 fl6->daddr = p->raddr;
1171 fl6->flowi6_oif = p->link;
1172 fl6->flowlabel = 0;
1173
1174 if (!(p->flags&IP6_TNL_F_USE_ORIG_TCLASS))
1175 fl6->flowlabel |= IPV6_TCLASS_MASK & p->flowinfo;
1176 if (!(p->flags&IP6_TNL_F_USE_ORIG_FLOWLABEL))
1177 fl6->flowlabel |= IPV6_FLOWLABEL_MASK & p->flowinfo;
1178
1179 p->flags &= ~(IP6_TNL_F_CAP_XMIT|IP6_TNL_F_CAP_RCV|IP6_TNL_F_CAP_PER_PACKET);
1180 p->flags |= ip6_tnl_get_cap(t, &p->laddr, &p->raddr);
1181
1182 if (p->flags&IP6_TNL_F_CAP_XMIT && p->flags&IP6_TNL_F_CAP_RCV)
1183 dev->flags |= IFF_POINTOPOINT;
1184 else
1185 dev->flags &= ~IFF_POINTOPOINT;
1186
1187 dev->iflink = p->link;
1188
1189 if (p->flags & IP6_TNL_F_CAP_XMIT) {
1190 int strict = (ipv6_addr_type(&p->raddr) &
1191 (IPV6_ADDR_MULTICAST|IPV6_ADDR_LINKLOCAL));
1192
1193 struct rt6_info *rt = rt6_lookup(dev_net(dev),
1194 &p->raddr, &p->laddr,
1195 p->link, strict);
1196
1197 if (rt == NULL)
1198 return;
1199
1200 if (rt->dst.dev) {
1201 dev->hard_header_len = rt->dst.dev->hard_header_len +
1202 sizeof (struct ipv6hdr);
1203
1204 dev->mtu = rt->dst.dev->mtu - sizeof (struct ipv6hdr);
1205 if (!(t->parms.flags & IP6_TNL_F_IGN_ENCAP_LIMIT))
1206 dev->mtu-=8;
1207
1208 if (dev->mtu < IPV6_MIN_MTU)
1209 dev->mtu = IPV6_MIN_MTU;
1210 }
1211 dst_release(&rt->dst);
1212 }
1213}
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224static int
1225ip6_tnl_change(struct ip6_tnl *t, const struct __ip6_tnl_parm *p)
1226{
1227 t->parms.laddr = p->laddr;
1228 t->parms.raddr = p->raddr;
1229 t->parms.flags = p->flags;
1230 t->parms.hop_limit = p->hop_limit;
1231 t->parms.encap_limit = p->encap_limit;
1232 t->parms.flowinfo = p->flowinfo;
1233 t->parms.link = p->link;
1234 t->parms.proto = p->proto;
1235 ip6_tnl_dst_reset(t);
1236 ip6_tnl_link_config(t);
1237 return 0;
1238}
1239
1240static void
1241ip6_tnl_parm_from_user(struct __ip6_tnl_parm *p, const struct ip6_tnl_parm *u)
1242{
1243 p->laddr = u->laddr;
1244 p->raddr = u->raddr;
1245 p->flags = u->flags;
1246 p->hop_limit = u->hop_limit;
1247 p->encap_limit = u->encap_limit;
1248 p->flowinfo = u->flowinfo;
1249 p->link = u->link;
1250 p->proto = u->proto;
1251 memcpy(p->name, u->name, sizeof(u->name));
1252}
1253
1254static void
1255ip6_tnl_parm_to_user(struct ip6_tnl_parm *u, const struct __ip6_tnl_parm *p)
1256{
1257 u->laddr = p->laddr;
1258 u->raddr = p->raddr;
1259 u->flags = p->flags;
1260 u->hop_limit = p->hop_limit;
1261 u->encap_limit = p->encap_limit;
1262 u->flowinfo = p->flowinfo;
1263 u->link = p->link;
1264 u->proto = p->proto;
1265 memcpy(u->name, p->name, sizeof(u->name));
1266}
1267
1268
1269
1270
1271
1272
1273
1274
1275
1276
1277
1278
1279
1280
1281
1282
1283
1284
1285
1286
1287
1288
1289
1290
1291
1292
1293
1294
1295
1296static int
1297ip6_tnl_ioctl(struct net_device *dev, struct ifreq *ifr, int cmd)
1298{
1299 int err = 0;
1300 struct ip6_tnl_parm p;
1301 struct __ip6_tnl_parm p1;
1302 struct ip6_tnl *t = NULL;
1303 struct net *net = dev_net(dev);
1304 struct ip6_tnl_net *ip6n = net_generic(net, ip6_tnl_net_id);
1305
1306 switch (cmd) {
1307 case SIOCGETTUNNEL:
1308 if (dev == ip6n->fb_tnl_dev) {
1309 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof (p))) {
1310 err = -EFAULT;
1311 break;
1312 }
1313 ip6_tnl_parm_from_user(&p1, &p);
1314 t = ip6_tnl_locate(net, &p1, 0);
1315 } else {
1316 memset(&p, 0, sizeof(p));
1317 }
1318 if (t == NULL)
1319 t = netdev_priv(dev);
1320 ip6_tnl_parm_to_user(&p, &t->parms);
1321 if (copy_to_user(ifr->ifr_ifru.ifru_data, &p, sizeof (p))) {
1322 err = -EFAULT;
1323 }
1324 break;
1325 case SIOCADDTUNNEL:
1326 case SIOCCHGTUNNEL:
1327 err = -EPERM;
1328 if (!capable(CAP_NET_ADMIN))
1329 break;
1330 err = -EFAULT;
1331 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof (p)))
1332 break;
1333 err = -EINVAL;
1334 if (p.proto != IPPROTO_IPV6 && p.proto != IPPROTO_IPIP &&
1335 p.proto != 0)
1336 break;
1337 ip6_tnl_parm_from_user(&p1, &p);
1338 t = ip6_tnl_locate(net, &p1, cmd == SIOCADDTUNNEL);
1339 if (dev != ip6n->fb_tnl_dev && cmd == SIOCCHGTUNNEL) {
1340 if (t != NULL) {
1341 if (t->dev != dev) {
1342 err = -EEXIST;
1343 break;
1344 }
1345 } else
1346 t = netdev_priv(dev);
1347
1348 ip6_tnl_unlink(ip6n, t);
1349 synchronize_net();
1350 err = ip6_tnl_change(t, &p1);
1351 ip6_tnl_link(ip6n, t);
1352 netdev_state_change(dev);
1353 }
1354 if (t) {
1355 err = 0;
1356 ip6_tnl_parm_to_user(&p, &t->parms);
1357 if (copy_to_user(ifr->ifr_ifru.ifru_data, &p, sizeof(p)))
1358 err = -EFAULT;
1359
1360 } else
1361 err = (cmd == SIOCADDTUNNEL ? -ENOBUFS : -ENOENT);
1362 break;
1363 case SIOCDELTUNNEL:
1364 err = -EPERM;
1365 if (!capable(CAP_NET_ADMIN))
1366 break;
1367
1368 if (dev == ip6n->fb_tnl_dev) {
1369 err = -EFAULT;
1370 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof (p)))
1371 break;
1372 err = -ENOENT;
1373 ip6_tnl_parm_from_user(&p1, &p);
1374 t = ip6_tnl_locate(net, &p1, 0);
1375 if (t == NULL)
1376 break;
1377 err = -EPERM;
1378 if (t->dev == ip6n->fb_tnl_dev)
1379 break;
1380 dev = t->dev;
1381 }
1382 err = 0;
1383 unregister_netdevice(dev);
1384 break;
1385 default:
1386 err = -EINVAL;
1387 }
1388 return err;
1389}
1390
1391
1392
1393
1394
1395
1396
1397
1398
1399
1400
1401static int
1402ip6_tnl_change_mtu(struct net_device *dev, int new_mtu)
1403{
1404 if (new_mtu < IPV6_MIN_MTU) {
1405 return -EINVAL;
1406 }
1407 dev->mtu = new_mtu;
1408 return 0;
1409}
1410
1411
1412static const struct net_device_ops ip6_tnl_netdev_ops = {
1413 .ndo_uninit = ip6_tnl_dev_uninit,
1414 .ndo_start_xmit = ip6_tnl_xmit,
1415 .ndo_do_ioctl = ip6_tnl_ioctl,
1416 .ndo_change_mtu = ip6_tnl_change_mtu,
1417 .ndo_get_stats = ip6_get_stats,
1418};
1419
1420
1421
1422
1423
1424
1425
1426
1427
1428
1429static void ip6_tnl_dev_setup(struct net_device *dev)
1430{
1431 struct ip6_tnl *t;
1432
1433 dev->netdev_ops = &ip6_tnl_netdev_ops;
1434 dev->destructor = ip6_dev_free;
1435
1436 dev->type = ARPHRD_TUNNEL6;
1437 dev->hard_header_len = LL_MAX_HEADER + sizeof (struct ipv6hdr);
1438 dev->mtu = ETH_DATA_LEN - sizeof (struct ipv6hdr);
1439 t = netdev_priv(dev);
1440 if (!(t->parms.flags & IP6_TNL_F_IGN_ENCAP_LIMIT))
1441 dev->mtu-=8;
1442 dev->flags |= IFF_NOARP;
1443 dev->addr_len = sizeof(struct in6_addr);
1444 dev->features |= NETIF_F_NETNS_LOCAL;
1445 dev->priv_flags &= ~IFF_XMIT_DST_RELEASE;
1446}
1447
1448
1449
1450
1451
1452
1453
1454static inline int
1455ip6_tnl_dev_init_gen(struct net_device *dev)
1456{
1457 struct ip6_tnl *t = netdev_priv(dev);
1458
1459 t->dev = dev;
1460 dev->tstats = alloc_percpu(struct pcpu_tstats);
1461 if (!dev->tstats)
1462 return -ENOMEM;
1463 return 0;
1464}
1465
1466
1467
1468
1469
1470
1471static int ip6_tnl_dev_init(struct net_device *dev)
1472{
1473 struct ip6_tnl *t = netdev_priv(dev);
1474 int err = ip6_tnl_dev_init_gen(dev);
1475
1476 if (err)
1477 return err;
1478 ip6_tnl_link_config(t);
1479 return 0;
1480}
1481
1482
1483
1484
1485
1486
1487
1488
1489static int __net_init ip6_fb_tnl_dev_init(struct net_device *dev)
1490{
1491 struct ip6_tnl *t = netdev_priv(dev);
1492 struct net *net = dev_net(dev);
1493 struct ip6_tnl_net *ip6n = net_generic(net, ip6_tnl_net_id);
1494 int err = ip6_tnl_dev_init_gen(dev);
1495
1496 if (err)
1497 return err;
1498
1499 t->parms.proto = IPPROTO_IPV6;
1500 dev_hold(dev);
1501
1502 ip6_tnl_link_config(t);
1503
1504 rcu_assign_pointer(ip6n->tnls_wc[0], t);
1505 return 0;
1506}
1507
1508static struct xfrm6_tunnel ip4ip6_handler __read_mostly = {
1509 .handler = ip4ip6_rcv,
1510 .err_handler = ip4ip6_err,
1511 .priority = 1,
1512};
1513
1514static struct xfrm6_tunnel ip6ip6_handler __read_mostly = {
1515 .handler = ip6ip6_rcv,
1516 .err_handler = ip6ip6_err,
1517 .priority = 1,
1518};
1519
1520static void __net_exit ip6_tnl_destroy_tunnels(struct ip6_tnl_net *ip6n)
1521{
1522 int h;
1523 struct ip6_tnl *t;
1524 LIST_HEAD(list);
1525
1526 for (h = 0; h < HASH_SIZE; h++) {
1527 t = rtnl_dereference(ip6n->tnls_r_l[h]);
1528 while (t != NULL) {
1529 unregister_netdevice_queue(t->dev, &list);
1530 t = rtnl_dereference(t->next);
1531 }
1532 }
1533
1534 t = rtnl_dereference(ip6n->tnls_wc[0]);
1535 unregister_netdevice_queue(t->dev, &list);
1536 unregister_netdevice_many(&list);
1537}
1538
1539static int __net_init ip6_tnl_init_net(struct net *net)
1540{
1541 struct ip6_tnl_net *ip6n = net_generic(net, ip6_tnl_net_id);
1542 struct ip6_tnl *t = NULL;
1543 int err;
1544
1545 ip6n->tnls[0] = ip6n->tnls_wc;
1546 ip6n->tnls[1] = ip6n->tnls_r_l;
1547
1548 err = -ENOMEM;
1549 ip6n->fb_tnl_dev = alloc_netdev(sizeof(struct ip6_tnl), "ip6tnl0",
1550 ip6_tnl_dev_setup);
1551
1552 if (!ip6n->fb_tnl_dev)
1553 goto err_alloc_dev;
1554 dev_net_set(ip6n->fb_tnl_dev, net);
1555
1556 err = ip6_fb_tnl_dev_init(ip6n->fb_tnl_dev);
1557 if (err < 0)
1558 goto err_register;
1559
1560 err = register_netdev(ip6n->fb_tnl_dev);
1561 if (err < 0)
1562 goto err_register;
1563
1564 t = netdev_priv(ip6n->fb_tnl_dev);
1565
1566 strcpy(t->parms.name, ip6n->fb_tnl_dev->name);
1567 return 0;
1568
1569err_register:
1570 ip6_dev_free(ip6n->fb_tnl_dev);
1571err_alloc_dev:
1572 return err;
1573}
1574
1575static void __net_exit ip6_tnl_exit_net(struct net *net)
1576{
1577 struct ip6_tnl_net *ip6n = net_generic(net, ip6_tnl_net_id);
1578
1579 rtnl_lock();
1580 ip6_tnl_destroy_tunnels(ip6n);
1581 rtnl_unlock();
1582}
1583
1584static struct pernet_operations ip6_tnl_net_ops = {
1585 .init = ip6_tnl_init_net,
1586 .exit = ip6_tnl_exit_net,
1587 .id = &ip6_tnl_net_id,
1588 .size = sizeof(struct ip6_tnl_net),
1589};
1590
1591
1592
1593
1594
1595
1596
1597static int __init ip6_tunnel_init(void)
1598{
1599 int err;
1600
1601 err = register_pernet_device(&ip6_tnl_net_ops);
1602 if (err < 0)
1603 goto out_pernet;
1604
1605 err = xfrm6_tunnel_register(&ip4ip6_handler, AF_INET);
1606 if (err < 0) {
1607 pr_err("%s: can't register ip4ip6\n", __func__);
1608 goto out_ip4ip6;
1609 }
1610
1611 err = xfrm6_tunnel_register(&ip6ip6_handler, AF_INET6);
1612 if (err < 0) {
1613 pr_err("%s: can't register ip6ip6\n", __func__);
1614 goto out_ip6ip6;
1615 }
1616
1617 return 0;
1618
1619out_ip6ip6:
1620 xfrm6_tunnel_deregister(&ip4ip6_handler, AF_INET);
1621out_ip4ip6:
1622 unregister_pernet_device(&ip6_tnl_net_ops);
1623out_pernet:
1624 return err;
1625}
1626
1627
1628
1629
1630
1631static void __exit ip6_tunnel_cleanup(void)
1632{
1633 if (xfrm6_tunnel_deregister(&ip4ip6_handler, AF_INET))
1634 pr_info("%s: can't deregister ip4ip6\n", __func__);
1635
1636 if (xfrm6_tunnel_deregister(&ip6ip6_handler, AF_INET6))
1637 pr_info("%s: can't deregister ip6ip6\n", __func__);
1638
1639 unregister_pernet_device(&ip6_tnl_net_ops);
1640}
1641
1642module_init(ip6_tunnel_init);
1643module_exit(ip6_tunnel_cleanup);
1644
