LXR linux-bk/net/ipv4/xfrm4

   1/* xfrm4_tunnel.c: Generic IP tunnel transformer.
   2 *
   3 * Copyright (C) 2003 David S. Miller (davem@redhat.com)
   4 */
   5
   6#include <linux/skbuff.h>
   7#include <net/xfrm.h>
   8#include <net/ip.h>
   9#include <net/icmp.h>
  10#include <net/inet_ecn.h>
  11
  12int xfrm4_tunnel_check_size(struct sk_buff *skb)
  13{
  14        int mtu, ret = 0;
  15        struct dst_entry *dst;
  16        struct iphdr *iph = skb->nh.iph;
  17
  18        if (IPCB(skb)->flags & IPSKB_XFRM_TUNNEL_SIZE)
  19                goto out;
  20
  21        IPCB(skb)->flags |= IPSKB_XFRM_TUNNEL_SIZE;
  22        
  23        if (!(iph->frag_off & htons(IP_DF)))
  24                goto out;
  25
  26        dst = skb->dst;
  27        mtu = dst_pmtu(dst) - dst->header_len - dst->trailer_len;
  28        if (skb->len > mtu) {
  29                icmp_send(skb, ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED, htonl(mtu));
  30                ret = -EMSGSIZE;
  31        }
  32out:
  33        return ret;
  34}
  35
  36static int ipip_output(struct sk_buff *skb)
  37{
  38        struct dst_entry *dst = skb->dst;
  39        struct xfrm_state *x = dst->xfrm;
  40        struct iphdr *iph, *top_iph;
  41        int tos, err;
  42
  43        if ((err = xfrm4_tunnel_check_size(skb)) != 0)
  44                goto error_nolock;
  45                
  46        iph = skb->nh.iph;
  47
  48        spin_lock_bh(&x->lock);
  49
  50        tos = iph->tos;
  51
  52        top_iph = (struct iphdr *) skb_push(skb, x->props.header_len);
  53        top_iph->ihl = 5;
  54        top_iph->version = 4;
  55        top_iph->tos = INET_ECN_encapsulate(tos, iph->tos);
  56        top_iph->tot_len = htons(skb->len);
  57        top_iph->frag_off = iph->frag_off & ~htons(IP_MF|IP_OFFSET);
  58        if (!(iph->frag_off & htons(IP_DF)))
  59                __ip_select_ident(top_iph, dst, 0);
  60        top_iph->ttl = iph->ttl;
  61        top_iph->protocol = IPPROTO_IPIP;
  62        top_iph->check = 0;
  63        top_iph->saddr = x->props.saddr.a4;
  64        top_iph->daddr = x->id.daddr.a4;
  65        memset(&(IPCB(skb)->opt), 0, sizeof(struct ip_options));
  66        ip_send_check(top_iph);
  67
  68        skb->nh.raw = skb->data;
  69        x->curlft.bytes += skb->len;
  70        x->curlft.packets++;
  71
  72        spin_unlock_bh(&x->lock);
  73
  74        if ((skb->dst = dst_pop(dst)) == NULL) {
  75                kfree_skb(skb);
  76                err = -EHOSTUNREACH;
  77                goto error_nolock;
  78        }
  79        return NET_XMIT_BYPASS;
  80
  81error_nolock:
  82        kfree_skb(skb);
  83        return err;
  84}
  85
  86static int ipip_xfrm_rcv(struct xfrm_state *x, struct xfrm_decap_state *decap, struct sk_buff *skb)
  87{
  88        return 0;
  89}
  90
  91static struct xfrm_tunnel *ipip_handler;
  92static DECLARE_MUTEX(xfrm4_tunnel_sem);
  93
  94int xfrm4_tunnel_register(struct xfrm_tunnel *handler)
  95{
  96        int ret;
  97
  98        down(&xfrm4_tunnel_sem);
  99        ret = 0;
 100        if (ipip_handler != NULL)
 101                ret = -EINVAL;
 102        if (!ret)
 103                ipip_handler = handler;
 104        up(&xfrm4_tunnel_sem);
 105
 106        return ret;
 107}
 108
 109int xfrm4_tunnel_deregister(struct xfrm_tunnel *handler)
 110{
 111        int ret;
 112
 113        down(&xfrm4_tunnel_sem);
 114        ret = 0;
 115        if (ipip_handler != handler)
 116                ret = -EINVAL;
 117        if (!ret)
 118                ipip_handler = NULL;
 119        up(&xfrm4_tunnel_sem);
 120
 121        synchronize_net();
 122
 123        return ret;
 124}
 125
 126static int ipip_rcv(struct sk_buff *skb)
 127{
 128        struct xfrm_tunnel *handler = ipip_handler;
 129
 130        /* Tunnel devices take precedence.  */
 131        if (handler && handler->handler(skb) == 0)
 132                return 0;
 133
 134        return xfrm4_rcv_encap(skb, 0);
 135}
 136
 137static void ipip_err(struct sk_buff *skb, u32 info)
 138{
 139        struct xfrm_tunnel *handler = ipip_handler;
 140        u32 arg = info;
 141
 142        if (handler)
 143                handler->err_handler(skb, &arg);
 144}
 145
 146static int ipip_init_state(struct xfrm_state *x, void *args)
 147{
 148        if (!x->props.mode)
 149                return -EINVAL;
 150        x->props.header_len = sizeof(struct iphdr);
 151
 152        return 0;
 153}
 154
 155static void ipip_destroy(struct xfrm_state *x)
 156{
 157}
 158
 159static struct xfrm_type ipip_type = {
 160        .description    = "IPIP",
 161        .owner          = THIS_MODULE,
 162        .proto          = IPPROTO_IPIP,
 163        .init_state     = ipip_init_state,
 164        .destructor     = ipip_destroy,
 165        .input          = ipip_xfrm_rcv,
 166        .output         = ipip_output
 167};
 168
 169static struct inet_protocol ipip_protocol = {
 170        .handler        =       ipip_rcv,
 171        .err_handler    =       ipip_err,
 172        .no_policy      =       1,
 173};
 174
 175static int __init ipip_init(void)
 176{
 177        if (xfrm_register_type(&ipip_type, AF_INET) < 0) {
 178                printk(KERN_INFO "ipip init: can't add xfrm type\n");
 179                return -EAGAIN;
 180        }
 181        if (inet_add_protocol(&ipip_protocol, IPPROTO_IPIP) < 0) {
 182                printk(KERN_INFO "ipip init: can't add protocol\n");
 183                xfrm_unregister_type(&ipip_type, AF_INET);
 184                return -EAGAIN;
 185        }
 186        return 0;
 187}
 188
 189static void __exit ipip_fini(void)
 190{
 191        if (inet_del_protocol(&ipip_protocol, IPPROTO_IPIP) < 0)
 192                printk(KERN_INFO "ipip close: can't remove protocol\n");
 193        if (xfrm_unregister_type(&ipip_type, AF_INET) < 0)
 194                printk(KERN_INFO "ipip close: can't remove xfrm type\n");
 195}
 196
 197module_init(ipip_init);
 198module_exit(ipip_fini);
 199MODULE_LICENSE("GPL");
 200