1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
22
23#include <linux/module.h>
24#include <linux/capability.h>
25#include <linux/errno.h>
26#include <linux/types.h>
27#include <linux/sockios.h>
28#include <linux/icmp.h>
29#include <linux/if.h>
30#include <linux/in.h>
31#include <linux/ip.h>
32#include <linux/if_tunnel.h>
33#include <linux/net.h>
34#include <linux/in6.h>
35#include <linux/netdevice.h>
36#include <linux/if_arp.h>
37#include <linux/icmpv6.h>
38#include <linux/init.h>
39#include <linux/route.h>
40#include <linux/rtnetlink.h>
41#include <linux/netfilter_ipv6.h>
42#include <linux/slab.h>
43#include <linux/hash.h>
44
45#include <asm/uaccess.h>
46#include <linux/atomic.h>
47
48#include <net/icmp.h>
49#include <net/ip.h>
50#include <net/ip_tunnels.h>
51#include <net/ipv6.h>
52#include <net/ip6_route.h>
53#include <net/addrconf.h>
54#include <net/ip6_tunnel.h>
55#include <net/xfrm.h>
56#include <net/dsfield.h>
57#include <net/inet_ecn.h>
58#include <net/net_namespace.h>
59#include <net/netns/generic.h>
60
61MODULE_AUTHOR("Ville Nuorvala");
62MODULE_DESCRIPTION("IPv6 tunneling device");
63MODULE_LICENSE("GPL");
64MODULE_ALIAS_NETDEV("ip6tnl0");
65
66#ifdef IP6_TNL_DEBUG
67#define IP6_TNL_TRACE(x...) pr_debug("%s:" x "\n", __func__)
68#else
69#define IP6_TNL_TRACE(x...) do {;} while(0)
70#endif
71
72#define IPV6_TCLASS_MASK (IPV6_FLOWINFO_MASK & ~IPV6_FLOWLABEL_MASK)
73#define IPV6_TCLASS_SHIFT 20
74
75#define HASH_SIZE_SHIFT 5
76#define HASH_SIZE (1 << HASH_SIZE_SHIFT)
77
78static bool log_ecn_error = true;
79module_param(log_ecn_error, bool, 0644);
80MODULE_PARM_DESC(log_ecn_error, "Log packets received with corrupted ECN");
81
82static u32 HASH(const struct in6_addr *addr1, const struct in6_addr *addr2)
83{
84 u32 hash = ipv6_addr_hash(addr1) ^ ipv6_addr_hash(addr2);
85
86 return hash_32(hash, HASH_SIZE_SHIFT);
87}
88
89static int ip6_tnl_dev_init(struct net_device *dev);
90static void ip6_tnl_dev_setup(struct net_device *dev);
91static struct rtnl_link_ops ip6_link_ops __read_mostly;
92
93static int ip6_tnl_net_id __read_mostly;
94struct ip6_tnl_net {
95
96 struct net_device *fb_tnl_dev;
97
98 struct ip6_tnl __rcu *tnls_r_l[HASH_SIZE];
99 struct ip6_tnl __rcu *tnls_wc[1];
100 struct ip6_tnl __rcu **tnls[2];
101};
102
103static struct net_device_stats *ip6_get_stats(struct net_device *dev)
104{
105 struct pcpu_tstats sum = { 0 };
106 int i;
107
108 for_each_possible_cpu(i) {
109 const struct pcpu_tstats *tstats = per_cpu_ptr(dev->tstats, i);
110
111 sum.rx_packets += tstats->rx_packets;
112 sum.rx_bytes += tstats->rx_bytes;
113 sum.tx_packets += tstats->tx_packets;
114 sum.tx_bytes += tstats->tx_bytes;
115 }
116 dev->stats.rx_packets = sum.rx_packets;
117 dev->stats.rx_bytes = sum.rx_bytes;
118 dev->stats.tx_packets = sum.tx_packets;
119 dev->stats.tx_bytes = sum.tx_bytes;
120 return &dev->stats;
121}
122
123
124
125
126
127struct dst_entry *ip6_tnl_dst_check(struct ip6_tnl *t)
128{
129 struct dst_entry *dst = t->dst_cache;
130
131 if (dst && dst->obsolete &&
132 dst->ops->check(dst, t->dst_cookie) == NULL) {
133 t->dst_cache = NULL;
134 dst_release(dst);
135 return NULL;
136 }
137
138 return dst;
139}
140EXPORT_SYMBOL_GPL(ip6_tnl_dst_check);
141
142void ip6_tnl_dst_reset(struct ip6_tnl *t)
143{
144 dst_release(t->dst_cache);
145 t->dst_cache = NULL;
146}
147EXPORT_SYMBOL_GPL(ip6_tnl_dst_reset);
148
149void ip6_tnl_dst_store(struct ip6_tnl *t, struct dst_entry *dst)
150{
151 struct rt6_info *rt = (struct rt6_info *) dst;
152 t->dst_cookie = rt->rt6i_node ? rt->rt6i_node->fn_sernum : 0;
153 dst_release(t->dst_cache);
154 t->dst_cache = dst;
155}
156EXPORT_SYMBOL_GPL(ip6_tnl_dst_store);
157
158
159
160
161
162
163
164
165
166
167
168
169#define for_each_ip6_tunnel_rcu(start) \
170 for (t = rcu_dereference(start); t; t = rcu_dereference(t->next))
171
172static struct ip6_tnl *
173ip6_tnl_lookup(struct net *net, const struct in6_addr *remote, const struct in6_addr *local)
174{
175 unsigned int hash = HASH(remote, local);
176 struct ip6_tnl *t;
177 struct ip6_tnl_net *ip6n = net_generic(net, ip6_tnl_net_id);
178
179 for_each_ip6_tunnel_rcu(ip6n->tnls_r_l[hash]) {
180 if (ipv6_addr_equal(local, &t->parms.laddr) &&
181 ipv6_addr_equal(remote, &t->parms.raddr) &&
182 (t->dev->flags & IFF_UP))
183 return t;
184 }
185 t = rcu_dereference(ip6n->tnls_wc[0]);
186 if (t && (t->dev->flags & IFF_UP))
187 return t;
188
189 return NULL;
190}
191
192
193
194
195
196
197
198
199
200
201
202
203static struct ip6_tnl __rcu **
204ip6_tnl_bucket(struct ip6_tnl_net *ip6n, const struct __ip6_tnl_parm *p)
205{
206 const struct in6_addr *remote = &p->raddr;
207 const struct in6_addr *local = &p->laddr;
208 unsigned int h = 0;
209 int prio = 0;
210
211 if (!ipv6_addr_any(remote) || !ipv6_addr_any(local)) {
212 prio = 1;
213 h = HASH(remote, local);
214 }
215 return &ip6n->tnls[prio][h];
216}
217
218
219
220
221
222
223static void
224ip6_tnl_link(struct ip6_tnl_net *ip6n, struct ip6_tnl *t)
225{
226 struct ip6_tnl __rcu **tp = ip6_tnl_bucket(ip6n, &t->parms);
227
228 rcu_assign_pointer(t->next , rtnl_dereference(*tp));
229 rcu_assign_pointer(*tp, t);
230}
231
232
233
234
235
236
237static void
238ip6_tnl_unlink(struct ip6_tnl_net *ip6n, struct ip6_tnl *t)
239{
240 struct ip6_tnl __rcu **tp;
241 struct ip6_tnl *iter;
242
243 for (tp = ip6_tnl_bucket(ip6n, &t->parms);
244 (iter = rtnl_dereference(*tp)) != NULL;
245 tp = &iter->next) {
246 if (t == iter) {
247 rcu_assign_pointer(*tp, t->next);
248 break;
249 }
250 }
251}
252
253static void ip6_dev_free(struct net_device *dev)
254{
255 free_percpu(dev->tstats);
256 free_netdev(dev);
257}
258
259static int ip6_tnl_create2(struct net_device *dev)
260{
261 struct ip6_tnl *t = netdev_priv(dev);
262 struct net *net = dev_net(dev);
263 struct ip6_tnl_net *ip6n = net_generic(net, ip6_tnl_net_id);
264 int err;
265
266 t = netdev_priv(dev);
267 err = ip6_tnl_dev_init(dev);
268 if (err < 0)
269 goto out;
270
271 err = register_netdevice(dev);
272 if (err < 0)
273 goto out;
274
275 strcpy(t->parms.name, dev->name);
276 dev->rtnl_link_ops = &ip6_link_ops;
277
278 dev_hold(dev);
279 ip6_tnl_link(ip6n, t);
280 return 0;
281
282out:
283 return err;
284}
285
286
287
288
289
290
291
292
293
294
295
296
297
298static struct ip6_tnl *ip6_tnl_create(struct net *net, struct __ip6_tnl_parm *p)
299{
300 struct net_device *dev;
301 struct ip6_tnl *t;
302 char name[IFNAMSIZ];
303 int err;
304
305 if (p->name[0])
306 strlcpy(name, p->name, IFNAMSIZ);
307 else
308 sprintf(name, "ip6tnl%%d");
309
310 dev = alloc_netdev(sizeof (*t), name, ip6_tnl_dev_setup);
311 if (dev == NULL)
312 goto failed;
313
314 dev_net_set(dev, net);
315
316 t = netdev_priv(dev);
317 t->parms = *p;
318 err = ip6_tnl_create2(dev);
319 if (err < 0)
320 goto failed_free;
321
322 return t;
323
324failed_free:
325 ip6_dev_free(dev);
326failed:
327 return NULL;
328}
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344static struct ip6_tnl *ip6_tnl_locate(struct net *net,
345 struct __ip6_tnl_parm *p, int create)
346{
347 const struct in6_addr *remote = &p->raddr;
348 const struct in6_addr *local = &p->laddr;
349 struct ip6_tnl __rcu **tp;
350 struct ip6_tnl *t;
351 struct ip6_tnl_net *ip6n = net_generic(net, ip6_tnl_net_id);
352
353 for (tp = ip6_tnl_bucket(ip6n, p);
354 (t = rtnl_dereference(*tp)) != NULL;
355 tp = &t->next) {
356 if (ipv6_addr_equal(local, &t->parms.laddr) &&
357 ipv6_addr_equal(remote, &t->parms.raddr))
358 return t;
359 }
360 if (!create)
361 return NULL;
362 return ip6_tnl_create(net, p);
363}
364
365
366
367
368
369
370
371
372
373static void
374ip6_tnl_dev_uninit(struct net_device *dev)
375{
376 struct ip6_tnl *t = netdev_priv(dev);
377 struct net *net = dev_net(dev);
378 struct ip6_tnl_net *ip6n = net_generic(net, ip6_tnl_net_id);
379
380 if (dev == ip6n->fb_tnl_dev)
381 RCU_INIT_POINTER(ip6n->tnls_wc[0], NULL);
382 else
383 ip6_tnl_unlink(ip6n, t);
384 ip6_tnl_dst_reset(t);
385 dev_put(dev);
386}
387
388
389
390
391
392
393
394
395
396
397__u16 ip6_tnl_parse_tlv_enc_lim(struct sk_buff *skb, __u8 *raw)
398{
399 const struct ipv6hdr *ipv6h = (const struct ipv6hdr *) raw;
400 __u8 nexthdr = ipv6h->nexthdr;
401 __u16 off = sizeof (*ipv6h);
402
403 while (ipv6_ext_hdr(nexthdr) && nexthdr != NEXTHDR_NONE) {
404 __u16 optlen = 0;
405 struct ipv6_opt_hdr *hdr;
406 if (raw + off + sizeof (*hdr) > skb->data &&
407 !pskb_may_pull(skb, raw - skb->data + off + sizeof (*hdr)))
408 break;
409
410 hdr = (struct ipv6_opt_hdr *) (raw + off);
411 if (nexthdr == NEXTHDR_FRAGMENT) {
412 struct frag_hdr *frag_hdr = (struct frag_hdr *) hdr;
413 if (frag_hdr->frag_off)
414 break;
415 optlen = 8;
416 } else if (nexthdr == NEXTHDR_AUTH) {
417 optlen = (hdr->hdrlen + 2) << 2;
418 } else {
419 optlen = ipv6_optlen(hdr);
420 }
421 if (nexthdr == NEXTHDR_DEST) {
422 __u16 i = off + 2;
423 while (1) {
424 struct ipv6_tlv_tnl_enc_lim *tel;
425
426
427 if (i + sizeof (*tel) > off + optlen)
428 break;
429
430 tel = (struct ipv6_tlv_tnl_enc_lim *) &raw[i];
431
432 if (tel->type == IPV6_TLV_TNL_ENCAP_LIMIT &&
433 tel->length == 1)
434 return i;
435
436 if (tel->type)
437 i += tel->length + 2;
438 else
439 i++;
440 }
441 }
442 nexthdr = hdr->nexthdr;
443 off += optlen;
444 }
445 return 0;
446}
447EXPORT_SYMBOL(ip6_tnl_parse_tlv_enc_lim);
448
449
450
451
452
453
454
455
456
457static int
458ip6_tnl_err(struct sk_buff *skb, __u8 ipproto, struct inet6_skb_parm *opt,
459 u8 *type, u8 *code, int *msg, __u32 *info, int offset)
460{
461 const struct ipv6hdr *ipv6h = (const struct ipv6hdr *) skb->data;
462 struct ip6_tnl *t;
463 int rel_msg = 0;
464 u8 rel_type = ICMPV6_DEST_UNREACH;
465 u8 rel_code = ICMPV6_ADDR_UNREACH;
466 __u32 rel_info = 0;
467 __u16 len;
468 int err = -ENOENT;
469
470
471
472
473
474 rcu_read_lock();
475 if ((t = ip6_tnl_lookup(dev_net(skb->dev), &ipv6h->daddr,
476 &ipv6h->saddr)) == NULL)
477 goto out;
478
479 if (t->parms.proto != ipproto && t->parms.proto != 0)
480 goto out;
481
482 err = 0;
483
484 switch (*type) {
485 __u32 teli;
486 struct ipv6_tlv_tnl_enc_lim *tel;
487 __u32 mtu;
488 case ICMPV6_DEST_UNREACH:
489 net_warn_ratelimited("%s: Path to destination invalid or inactive!\n",
490 t->parms.name);
491 rel_msg = 1;
492 break;
493 case ICMPV6_TIME_EXCEED:
494 if ((*code) == ICMPV6_EXC_HOPLIMIT) {
495 net_warn_ratelimited("%s: Too small hop limit or routing loop in tunnel!\n",
496 t->parms.name);
497 rel_msg = 1;
498 }
499 break;
500 case ICMPV6_PARAMPROB:
501 teli = 0;
502 if ((*code) == ICMPV6_HDR_FIELD)
503 teli = ip6_tnl_parse_tlv_enc_lim(skb, skb->data);
504
505 if (teli && teli == *info - 2) {
506 tel = (struct ipv6_tlv_tnl_enc_lim *) &skb->data[teli];
507 if (tel->encap_limit == 0) {
508 net_warn_ratelimited("%s: Too small encapsulation limit or routing loop in tunnel!\n",
509 t->parms.name);
510 rel_msg = 1;
511 }
512 } else {
513 net_warn_ratelimited("%s: Recipient unable to parse tunneled packet!\n",
514 t->parms.name);
515 }
516 break;
517 case ICMPV6_PKT_TOOBIG:
518 mtu = *info - offset;
519 if (mtu < IPV6_MIN_MTU)
520 mtu = IPV6_MIN_MTU;
521 t->dev->mtu = mtu;
522
523 if ((len = sizeof (*ipv6h) + ntohs(ipv6h->payload_len)) > mtu) {
524 rel_type = ICMPV6_PKT_TOOBIG;
525 rel_code = 0;
526 rel_info = mtu;
527 rel_msg = 1;
528 }
529 break;
530 }
531
532 *type = rel_type;
533 *code = rel_code;
534 *info = rel_info;
535 *msg = rel_msg;
536
537out:
538 rcu_read_unlock();
539 return err;
540}
541
542static int
543ip4ip6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
544 u8 type, u8 code, int offset, __be32 info)
545{
546 int rel_msg = 0;
547 u8 rel_type = type;
548 u8 rel_code = code;
549 __u32 rel_info = ntohl(info);
550 int err;
551 struct sk_buff *skb2;
552 const struct iphdr *eiph;
553 struct rtable *rt;
554 struct flowi4 fl4;
555
556 err = ip6_tnl_err(skb, IPPROTO_IPIP, opt, &rel_type, &rel_code,
557 &rel_msg, &rel_info, offset);
558 if (err < 0)
559 return err;
560
561 if (rel_msg == 0)
562 return 0;
563
564 switch (rel_type) {
565 case ICMPV6_DEST_UNREACH:
566 if (rel_code != ICMPV6_ADDR_UNREACH)
567 return 0;
568 rel_type = ICMP_DEST_UNREACH;
569 rel_code = ICMP_HOST_UNREACH;
570 break;
571 case ICMPV6_PKT_TOOBIG:
572 if (rel_code != 0)
573 return 0;
574 rel_type = ICMP_DEST_UNREACH;
575 rel_code = ICMP_FRAG_NEEDED;
576 break;
577 case NDISC_REDIRECT:
578 rel_type = ICMP_REDIRECT;
579 rel_code = ICMP_REDIR_HOST;
580 default:
581 return 0;
582 }
583
584 if (!pskb_may_pull(skb, offset + sizeof(struct iphdr)))
585 return 0;
586
587 skb2 = skb_clone(skb, GFP_ATOMIC);
588 if (!skb2)
589 return 0;
590
591 skb_dst_drop(skb2);
592
593 skb_pull(skb2, offset);
594 skb_reset_network_header(skb2);
595 eiph = ip_hdr(skb2);
596
597
598 rt = ip_route_output_ports(dev_net(skb->dev), &fl4, NULL,
599 eiph->saddr, 0,
600 0, 0,
601 IPPROTO_IPIP, RT_TOS(eiph->tos), 0);
602 if (IS_ERR(rt))
603 goto out;
604
605 skb2->dev = rt->dst.dev;
606
607
608 if (rt->rt_flags & RTCF_LOCAL) {
609 ip_rt_put(rt);
610 rt = NULL;
611 rt = ip_route_output_ports(dev_net(skb->dev), &fl4, NULL,
612 eiph->daddr, eiph->saddr,
613 0, 0,
614 IPPROTO_IPIP,
615 RT_TOS(eiph->tos), 0);
616 if (IS_ERR(rt) ||
617 rt->dst.dev->type != ARPHRD_TUNNEL) {
618 if (!IS_ERR(rt))
619 ip_rt_put(rt);
620 goto out;
621 }
622 skb_dst_set(skb2, &rt->dst);
623 } else {
624 ip_rt_put(rt);
625 if (ip_route_input(skb2, eiph->daddr, eiph->saddr, eiph->tos,
626 skb2->dev) ||
627 skb_dst(skb2)->dev->type != ARPHRD_TUNNEL)
628 goto out;
629 }
630
631
632 if (rel_type == ICMP_DEST_UNREACH && rel_code == ICMP_FRAG_NEEDED) {
633 if (rel_info > dst_mtu(skb_dst(skb2)))
634 goto out;
635
636 skb_dst(skb2)->ops->update_pmtu(skb_dst(skb2), NULL, skb2, rel_info);
637 }
638 if (rel_type == ICMP_REDIRECT)
639 skb_dst(skb2)->ops->redirect(skb_dst(skb2), NULL, skb2);
640
641 icmp_send(skb2, rel_type, rel_code, htonl(rel_info));
642
643out:
644 kfree_skb(skb2);
645 return 0;
646}
647
648static int
649ip6ip6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
650 u8 type, u8 code, int offset, __be32 info)
651{
652 int rel_msg = 0;
653 u8 rel_type = type;
654 u8 rel_code = code;
655 __u32 rel_info = ntohl(info);
656 int err;
657
658 err = ip6_tnl_err(skb, IPPROTO_IPV6, opt, &rel_type, &rel_code,
659 &rel_msg, &rel_info, offset);
660 if (err < 0)
661 return err;
662
663 if (rel_msg && pskb_may_pull(skb, offset + sizeof(struct ipv6hdr))) {
664 struct rt6_info *rt;
665 struct sk_buff *skb2 = skb_clone(skb, GFP_ATOMIC);
666
667 if (!skb2)
668 return 0;
669
670 skb_dst_drop(skb2);
671 skb_pull(skb2, offset);
672 skb_reset_network_header(skb2);
673
674
675 rt = rt6_lookup(dev_net(skb->dev), &ipv6_hdr(skb2)->saddr,
676 NULL, 0, 0);
677
678 if (rt && rt->dst.dev)
679 skb2->dev = rt->dst.dev;
680
681 icmpv6_send(skb2, rel_type, rel_code, rel_info);
682
683 ip6_rt_put(rt);
684
685 kfree_skb(skb2);
686 }
687
688 return 0;
689}
690
691static int ip4ip6_dscp_ecn_decapsulate(const struct ip6_tnl *t,
692 const struct ipv6hdr *ipv6h,
693 struct sk_buff *skb)
694{
695 __u8 dsfield = ipv6_get_dsfield(ipv6h) & ~INET_ECN_MASK;
696
697 if (t->parms.flags & IP6_TNL_F_RCV_DSCP_COPY)
698 ipv4_change_dsfield(ip_hdr(skb), INET_ECN_MASK, dsfield);
699
700 return IP6_ECN_decapsulate(ipv6h, skb);
701}
702
703static int ip6ip6_dscp_ecn_decapsulate(const struct ip6_tnl *t,
704 const struct ipv6hdr *ipv6h,
705 struct sk_buff *skb)
706{
707 if (t->parms.flags & IP6_TNL_F_RCV_DSCP_COPY)
708 ipv6_copy_dscp(ipv6_get_dsfield(ipv6h), ipv6_hdr(skb));
709
710 return IP6_ECN_decapsulate(ipv6h, skb);
711}
712
713__u32 ip6_tnl_get_cap(struct ip6_tnl *t,
714 const struct in6_addr *laddr,
715 const struct in6_addr *raddr)
716{
717 struct __ip6_tnl_parm *p = &t->parms;
718 int ltype = ipv6_addr_type(laddr);
719 int rtype = ipv6_addr_type(raddr);
720 __u32 flags = 0;
721
722 if (ltype == IPV6_ADDR_ANY || rtype == IPV6_ADDR_ANY) {
723 flags = IP6_TNL_F_CAP_PER_PACKET;
724 } else if (ltype & (IPV6_ADDR_UNICAST|IPV6_ADDR_MULTICAST) &&
725 rtype & (IPV6_ADDR_UNICAST|IPV6_ADDR_MULTICAST) &&
726 !((ltype|rtype) & IPV6_ADDR_LOOPBACK) &&
727 (!((ltype|rtype) & IPV6_ADDR_LINKLOCAL) || p->link)) {
728 if (ltype&IPV6_ADDR_UNICAST)
729 flags |= IP6_TNL_F_CAP_XMIT;
730 if (rtype&IPV6_ADDR_UNICAST)
731 flags |= IP6_TNL_F_CAP_RCV;
732 }
733 return flags;
734}
735EXPORT_SYMBOL(ip6_tnl_get_cap);
736
737
738int ip6_tnl_rcv_ctl(struct ip6_tnl *t,
739 const struct in6_addr *laddr,
740 const struct in6_addr *raddr)
741{
742 struct __ip6_tnl_parm *p = &t->parms;
743 int ret = 0;
744 struct net *net = dev_net(t->dev);
745
746 if ((p->flags & IP6_TNL_F_CAP_RCV) ||
747 ((p->flags & IP6_TNL_F_CAP_PER_PACKET) &&
748 (ip6_tnl_get_cap(t, laddr, raddr) & IP6_TNL_F_CAP_RCV))) {
749 struct net_device *ldev = NULL;
750
751 if (p->link)
752 ldev = dev_get_by_index_rcu(net, p->link);
753
754 if ((ipv6_addr_is_multicast(laddr) ||
755 likely(ipv6_chk_addr(net, laddr, ldev, 0))) &&
756 likely(!ipv6_chk_addr(net, raddr, NULL, 0)))
757 ret = 1;
758 }
759 return ret;
760}
761EXPORT_SYMBOL_GPL(ip6_tnl_rcv_ctl);
762
763
764
765
766
767
768
769
770
771
772static int ip6_tnl_rcv(struct sk_buff *skb, __u16 protocol,
773 __u8 ipproto,
774 int (*dscp_ecn_decapsulate)(const struct ip6_tnl *t,
775 const struct ipv6hdr *ipv6h,
776 struct sk_buff *skb))
777{
778 struct ip6_tnl *t;
779 const struct ipv6hdr *ipv6h = ipv6_hdr(skb);
780 int err;
781
782 rcu_read_lock();
783
784 if ((t = ip6_tnl_lookup(dev_net(skb->dev), &ipv6h->saddr,
785 &ipv6h->daddr)) != NULL) {
786 struct pcpu_tstats *tstats;
787
788 if (t->parms.proto != ipproto && t->parms.proto != 0) {
789 rcu_read_unlock();
790 goto discard;
791 }
792
793 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) {
794 rcu_read_unlock();
795 goto discard;
796 }
797
798 if (!ip6_tnl_rcv_ctl(t, &ipv6h->daddr, &ipv6h->saddr)) {
799 t->dev->stats.rx_dropped++;
800 rcu_read_unlock();
801 goto discard;
802 }
803 secpath_reset(skb);
804 skb->mac_header = skb->network_header;
805 skb_reset_network_header(skb);
806 skb->protocol = htons(protocol);
807 skb->pkt_type = PACKET_HOST;
808 memset(skb->cb, 0, sizeof(struct inet6_skb_parm));
809
810 __skb_tunnel_rx(skb, t->dev);
811
812 err = dscp_ecn_decapsulate(t, ipv6h, skb);
813 if (unlikely(err)) {
814 if (log_ecn_error)
815 net_info_ratelimited("non-ECT from %pI6 with dsfield=%#x\n",
816 &ipv6h->saddr,
817 ipv6_get_dsfield(ipv6h));
818 if (err > 1) {
819 ++t->dev->stats.rx_frame_errors;
820 ++t->dev->stats.rx_errors;
821 rcu_read_unlock();
822 goto discard;
823 }
824 }
825
826 tstats = this_cpu_ptr(t->dev->tstats);
827 tstats->rx_packets++;
828 tstats->rx_bytes += skb->len;
829
830 netif_rx(skb);
831
832 rcu_read_unlock();
833 return 0;
834 }
835 rcu_read_unlock();
836 return 1;
837
838discard:
839 kfree_skb(skb);
840 return 0;
841}
842
843static int ip4ip6_rcv(struct sk_buff *skb)
844{
845 return ip6_tnl_rcv(skb, ETH_P_IP, IPPROTO_IPIP,
846 ip4ip6_dscp_ecn_decapsulate);
847}
848
849static int ip6ip6_rcv(struct sk_buff *skb)
850{
851 return ip6_tnl_rcv(skb, ETH_P_IPV6, IPPROTO_IPV6,
852 ip6ip6_dscp_ecn_decapsulate);
853}
854
855struct ipv6_tel_txoption {
856 struct ipv6_txoptions ops;
857 __u8 dst_opt[8];
858};
859
860static void init_tel_txopt(struct ipv6_tel_txoption *opt, __u8 encap_limit)
861{
862 memset(opt, 0, sizeof(struct ipv6_tel_txoption));
863
864 opt->dst_opt[2] = IPV6_TLV_TNL_ENCAP_LIMIT;
865 opt->dst_opt[3] = 1;
866 opt->dst_opt[4] = encap_limit;
867 opt->dst_opt[5] = IPV6_TLV_PADN;
868 opt->dst_opt[6] = 1;
869
870 opt->ops.dst0opt = (struct ipv6_opt_hdr *) opt->dst_opt;
871 opt->ops.opt_nflen = 8;
872}
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888static inline bool
889ip6_tnl_addr_conflict(const struct ip6_tnl *t, const struct ipv6hdr *hdr)
890{
891 return ipv6_addr_equal(&t->parms.raddr, &hdr->saddr);
892}
893
894int ip6_tnl_xmit_ctl(struct ip6_tnl *t)
895{
896 struct __ip6_tnl_parm *p = &t->parms;
897 int ret = 0;
898 struct net *net = dev_net(t->dev);
899
900 if (p->flags & IP6_TNL_F_CAP_XMIT) {
901 struct net_device *ldev = NULL;
902
903 rcu_read_lock();
904 if (p->link)
905 ldev = dev_get_by_index_rcu(net, p->link);
906
907 if (unlikely(!ipv6_chk_addr(net, &p->laddr, ldev, 0)))
908 pr_warn("%s xmit: Local address not yet configured!\n",
909 p->name);
910 else if (!ipv6_addr_is_multicast(&p->raddr) &&
911 unlikely(ipv6_chk_addr(net, &p->raddr, NULL, 0)))
912 pr_warn("%s xmit: Routing loop! Remote address found on this node!\n",
913 p->name);
914 else
915 ret = 1;
916 rcu_read_unlock();
917 }
918 return ret;
919}
920EXPORT_SYMBOL_GPL(ip6_tnl_xmit_ctl);
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941static int ip6_tnl_xmit2(struct sk_buff *skb,
942 struct net_device *dev,
943 __u8 dsfield,
944 struct flowi6 *fl6,
945 int encap_limit,
946 __u32 *pmtu)
947{
948 struct net *net = dev_net(dev);
949 struct ip6_tnl *t = netdev_priv(dev);
950 struct net_device_stats *stats = &t->dev->stats;
951 struct ipv6hdr *ipv6h = ipv6_hdr(skb);
952 struct ipv6_tel_txoption opt;
953 struct dst_entry *dst = NULL, *ndst = NULL;
954 struct net_device *tdev;
955 int mtu;
956 unsigned int max_headroom = sizeof(struct ipv6hdr);
957 u8 proto;
958 int err = -1;
959
960 if (!fl6->flowi6_mark)
961 dst = ip6_tnl_dst_check(t);
962 if (!dst) {
963 ndst = ip6_route_output(net, NULL, fl6);
964
965 if (ndst->error)
966 goto tx_err_link_failure;
967 ndst = xfrm_lookup(net, ndst, flowi6_to_flowi(fl6), NULL, 0);
968 if (IS_ERR(ndst)) {
969 err = PTR_ERR(ndst);
970 ndst = NULL;
971 goto tx_err_link_failure;
972 }
973 dst = ndst;
974 }
975
976 tdev = dst->dev;
977
978 if (tdev == dev) {
979 stats->collisions++;
980 net_warn_ratelimited("%s: Local routing loop detected!\n",
981 t->parms.name);
982 goto tx_err_dst_release;
983 }
984 mtu = dst_mtu(dst) - sizeof (*ipv6h);
985 if (encap_limit >= 0) {
986 max_headroom += 8;
987 mtu -= 8;
988 }
989 if (mtu < IPV6_MIN_MTU)
990 mtu = IPV6_MIN_MTU;
991 if (skb_dst(skb))
992 skb_dst(skb)->ops->update_pmtu(skb_dst(skb), NULL, skb, mtu);
993 if (skb->len > mtu) {
994 *pmtu = mtu;
995 err = -EMSGSIZE;
996 goto tx_err_dst_release;
997 }
998
999
1000
1001
1002 max_headroom += LL_RESERVED_SPACE(tdev);
1003
1004 if (skb_headroom(skb) < max_headroom || skb_shared(skb) ||
1005 (skb_cloned(skb) && !skb_clone_writable(skb, 0))) {
1006 struct sk_buff *new_skb;
1007
1008 if (!(new_skb = skb_realloc_headroom(skb, max_headroom)))
1009 goto tx_err_dst_release;
1010
1011 if (skb->sk)
1012 skb_set_owner_w(new_skb, skb->sk);
1013 consume_skb(skb);
1014 skb = new_skb;
1015 }
1016 skb_dst_drop(skb);
1017 if (fl6->flowi6_mark) {
1018 skb_dst_set(skb, dst);
1019 ndst = NULL;
1020 } else {
1021 skb_dst_set_noref(skb, dst);
1022 }
1023 skb->transport_header = skb->network_header;
1024
1025 proto = fl6->flowi6_proto;
1026 if (encap_limit >= 0) {
1027 init_tel_txopt(&opt, encap_limit);
1028 ipv6_push_nfrag_opts(skb, &opt.ops, &proto, NULL);
1029 }
1030
1031 if (likely(!skb->encapsulation)) {
1032 skb_reset_inner_headers(skb);
1033 skb->encapsulation = 1;
1034 }
1035
1036 skb_push(skb, sizeof(struct ipv6hdr));
1037 skb_reset_network_header(skb);
1038 ipv6h = ipv6_hdr(skb);
1039 ip6_flow_hdr(ipv6h, INET_ECN_encapsulate(0, dsfield), fl6->flowlabel);
1040 ipv6h->hop_limit = t->parms.hop_limit;
1041 ipv6h->nexthdr = proto;
1042 ipv6h->saddr = fl6->saddr;
1043 ipv6h->daddr = fl6->daddr;
1044 ip6tunnel_xmit(skb, dev);
1045 if (ndst)
1046 ip6_tnl_dst_store(t, ndst);
1047 return 0;
1048tx_err_link_failure:
1049 stats->tx_carrier_errors++;
1050 dst_link_failure(skb);
1051tx_err_dst_release:
1052 dst_release(ndst);
1053 return err;
1054}
1055
1056static inline int
1057ip4ip6_tnl_xmit(struct sk_buff *skb, struct net_device *dev)
1058{
1059 struct ip6_tnl *t = netdev_priv(dev);
1060 const struct iphdr *iph = ip_hdr(skb);
1061 int encap_limit = -1;
1062 struct flowi6 fl6;
1063 __u8 dsfield;
1064 __u32 mtu;
1065 int err;
1066
1067 if ((t->parms.proto != IPPROTO_IPIP && t->parms.proto != 0) ||
1068 !ip6_tnl_xmit_ctl(t))
1069 return -1;
1070
1071 if (!(t->parms.flags & IP6_TNL_F_IGN_ENCAP_LIMIT))
1072 encap_limit = t->parms.encap_limit;
1073
1074 memcpy(&fl6, &t->fl.u.ip6, sizeof (fl6));
1075 fl6.flowi6_proto = IPPROTO_IPIP;
1076
1077 dsfield = ipv4_get_dsfield(iph);
1078
1079 if (t->parms.flags & IP6_TNL_F_USE_ORIG_TCLASS)
1080 fl6.flowlabel |= htonl((__u32)iph->tos << IPV6_TCLASS_SHIFT)
1081 & IPV6_TCLASS_MASK;
1082 if (t->parms.flags & IP6_TNL_F_USE_ORIG_FWMARK)
1083 fl6.flowi6_mark = skb->mark;
1084
1085 err = ip6_tnl_xmit2(skb, dev, dsfield, &fl6, encap_limit, &mtu);
1086 if (err != 0) {
1087
1088 if (err == -EMSGSIZE)
1089 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED,
1090 htonl(mtu));
1091 return -1;
1092 }
1093
1094 return 0;
1095}
1096
1097static inline int
1098ip6ip6_tnl_xmit(struct sk_buff *skb, struct net_device *dev)
1099{
1100 struct ip6_tnl *t = netdev_priv(dev);
1101 struct ipv6hdr *ipv6h = ipv6_hdr(skb);
1102 int encap_limit = -1;
1103 __u16 offset;
1104 struct flowi6 fl6;
1105 __u8 dsfield;
1106 __u32 mtu;
1107 int err;
1108
1109 if ((t->parms.proto != IPPROTO_IPV6 && t->parms.proto != 0) ||
1110 !ip6_tnl_xmit_ctl(t) || ip6_tnl_addr_conflict(t, ipv6h))
1111 return -1;
1112
1113 offset = ip6_tnl_parse_tlv_enc_lim(skb, skb_network_header(skb));
1114 if (offset > 0) {
1115 struct ipv6_tlv_tnl_enc_lim *tel;
1116 tel = (struct ipv6_tlv_tnl_enc_lim *)&skb_network_header(skb)[offset];
1117 if (tel->encap_limit == 0) {
1118 icmpv6_send(skb, ICMPV6_PARAMPROB,
1119 ICMPV6_HDR_FIELD, offset + 2);
1120 return -1;
1121 }
1122 encap_limit = tel->encap_limit - 1;
1123 } else if (!(t->parms.flags & IP6_TNL_F_IGN_ENCAP_LIMIT))
1124 encap_limit = t->parms.encap_limit;
1125
1126 memcpy(&fl6, &t->fl.u.ip6, sizeof (fl6));
1127 fl6.flowi6_proto = IPPROTO_IPV6;
1128
1129 dsfield = ipv6_get_dsfield(ipv6h);
1130 if (t->parms.flags & IP6_TNL_F_USE_ORIG_TCLASS)
1131 fl6.flowlabel |= (*(__be32 *) ipv6h & IPV6_TCLASS_MASK);
1132 if (t->parms.flags & IP6_TNL_F_USE_ORIG_FLOWLABEL)
1133 fl6.flowlabel |= (*(__be32 *) ipv6h & IPV6_FLOWLABEL_MASK);
1134 if (t->parms.flags & IP6_TNL_F_USE_ORIG_FWMARK)
1135 fl6.flowi6_mark = skb->mark;
1136
1137 err = ip6_tnl_xmit2(skb, dev, dsfield, &fl6, encap_limit, &mtu);
1138 if (err != 0) {
1139 if (err == -EMSGSIZE)
1140 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu);
1141 return -1;
1142 }
1143
1144 return 0;
1145}
1146
1147static netdev_tx_t
1148ip6_tnl_xmit(struct sk_buff *skb, struct net_device *dev)
1149{
1150 struct ip6_tnl *t = netdev_priv(dev);
1151 struct net_device_stats *stats = &t->dev->stats;
1152 int ret;
1153
1154 switch (skb->protocol) {
1155 case htons(ETH_P_IP):
1156 ret = ip4ip6_tnl_xmit(skb, dev);
1157 break;
1158 case htons(ETH_P_IPV6):
1159 ret = ip6ip6_tnl_xmit(skb, dev);
1160 break;
1161 default:
1162 goto tx_err;
1163 }
1164
1165 if (ret < 0)
1166 goto tx_err;
1167
1168 return NETDEV_TX_OK;
1169
1170tx_err:
1171 stats->tx_errors++;
1172 stats->tx_dropped++;
1173 kfree_skb(skb);
1174 return NETDEV_TX_OK;
1175}
1176
1177static void ip6_tnl_link_config(struct ip6_tnl *t)
1178{
1179 struct net_device *dev = t->dev;
1180 struct __ip6_tnl_parm *p = &t->parms;
1181 struct flowi6 *fl6 = &t->fl.u.ip6;
1182
1183 memcpy(dev->dev_addr, &p->laddr, sizeof(struct in6_addr));
1184 memcpy(dev->broadcast, &p->raddr, sizeof(struct in6_addr));
1185
1186
1187 fl6->saddr = p->laddr;
1188 fl6->daddr = p->raddr;
1189 fl6->flowi6_oif = p->link;
1190 fl6->flowlabel = 0;
1191
1192 if (!(p->flags&IP6_TNL_F_USE_ORIG_TCLASS))
1193 fl6->flowlabel |= IPV6_TCLASS_MASK & p->flowinfo;
1194 if (!(p->flags&IP6_TNL_F_USE_ORIG_FLOWLABEL))
1195 fl6->flowlabel |= IPV6_FLOWLABEL_MASK & p->flowinfo;
1196
1197 p->flags &= ~(IP6_TNL_F_CAP_XMIT|IP6_TNL_F_CAP_RCV|IP6_TNL_F_CAP_PER_PACKET);
1198 p->flags |= ip6_tnl_get_cap(t, &p->laddr, &p->raddr);
1199
1200 if (p->flags&IP6_TNL_F_CAP_XMIT && p->flags&IP6_TNL_F_CAP_RCV)
1201 dev->flags |= IFF_POINTOPOINT;
1202 else
1203 dev->flags &= ~IFF_POINTOPOINT;
1204
1205 dev->iflink = p->link;
1206
1207 if (p->flags & IP6_TNL_F_CAP_XMIT) {
1208 int strict = (ipv6_addr_type(&p->raddr) &
1209 (IPV6_ADDR_MULTICAST|IPV6_ADDR_LINKLOCAL));
1210
1211 struct rt6_info *rt = rt6_lookup(dev_net(dev),
1212 &p->raddr, &p->laddr,
1213 p->link, strict);
1214
1215 if (rt == NULL)
1216 return;
1217
1218 if (rt->dst.dev) {
1219 dev->hard_header_len = rt->dst.dev->hard_header_len +
1220 sizeof (struct ipv6hdr);
1221
1222 dev->mtu = rt->dst.dev->mtu - sizeof (struct ipv6hdr);
1223 if (!(t->parms.flags & IP6_TNL_F_IGN_ENCAP_LIMIT))
1224 dev->mtu-=8;
1225
1226 if (dev->mtu < IPV6_MIN_MTU)
1227 dev->mtu = IPV6_MIN_MTU;
1228 }
1229 ip6_rt_put(rt);
1230 }
1231}
1232
1233
1234
1235
1236
1237
1238
1239
1240
1241
1242static int
1243ip6_tnl_change(struct ip6_tnl *t, const struct __ip6_tnl_parm *p)
1244{
1245 t->parms.laddr = p->laddr;
1246 t->parms.raddr = p->raddr;
1247 t->parms.flags = p->flags;
1248 t->parms.hop_limit = p->hop_limit;
1249 t->parms.encap_limit = p->encap_limit;
1250 t->parms.flowinfo = p->flowinfo;
1251 t->parms.link = p->link;
1252 t->parms.proto = p->proto;
1253 ip6_tnl_dst_reset(t);
1254 ip6_tnl_link_config(t);
1255 return 0;
1256}
1257
1258static int ip6_tnl_update(struct ip6_tnl *t, struct __ip6_tnl_parm *p)
1259{
1260 struct net *net = dev_net(t->dev);
1261 struct ip6_tnl_net *ip6n = net_generic(net, ip6_tnl_net_id);
1262 int err;
1263
1264 ip6_tnl_unlink(ip6n, t);
1265 synchronize_net();
1266 err = ip6_tnl_change(t, p);
1267 ip6_tnl_link(ip6n, t);
1268 netdev_state_change(t->dev);
1269 return err;
1270}
1271
1272static void
1273ip6_tnl_parm_from_user(struct __ip6_tnl_parm *p, const struct ip6_tnl_parm *u)
1274{
1275 p->laddr = u->laddr;
1276 p->raddr = u->raddr;
1277 p->flags = u->flags;
1278 p->hop_limit = u->hop_limit;
1279 p->encap_limit = u->encap_limit;
1280 p->flowinfo = u->flowinfo;
1281 p->link = u->link;
1282 p->proto = u->proto;
1283 memcpy(p->name, u->name, sizeof(u->name));
1284}
1285
1286static void
1287ip6_tnl_parm_to_user(struct ip6_tnl_parm *u, const struct __ip6_tnl_parm *p)
1288{
1289 u->laddr = p->laddr;
1290 u->raddr = p->raddr;
1291 u->flags = p->flags;
1292 u->hop_limit = p->hop_limit;
1293 u->encap_limit = p->encap_limit;
1294 u->flowinfo = p->flowinfo;
1295 u->link = p->link;
1296 u->proto = p->proto;
1297 memcpy(u->name, p->name, sizeof(u->name));
1298}
1299
1300
1301
1302
1303
1304
1305
1306
1307
1308
1309
1310
1311
1312
1313
1314
1315
1316
1317
1318
1319
1320
1321
1322
1323
1324
1325
1326
1327
1328static int
1329ip6_tnl_ioctl(struct net_device *dev, struct ifreq *ifr, int cmd)
1330{
1331 int err = 0;
1332 struct ip6_tnl_parm p;
1333 struct __ip6_tnl_parm p1;
1334 struct ip6_tnl *t = NULL;
1335 struct net *net = dev_net(dev);
1336 struct ip6_tnl_net *ip6n = net_generic(net, ip6_tnl_net_id);
1337
1338 switch (cmd) {
1339 case SIOCGETTUNNEL:
1340 if (dev == ip6n->fb_tnl_dev) {
1341 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof (p))) {
1342 err = -EFAULT;
1343 break;
1344 }
1345 ip6_tnl_parm_from_user(&p1, &p);
1346 t = ip6_tnl_locate(net, &p1, 0);
1347 } else {
1348 memset(&p, 0, sizeof(p));
1349 }
1350 if (t == NULL)
1351 t = netdev_priv(dev);
1352 ip6_tnl_parm_to_user(&p, &t->parms);
1353 if (copy_to_user(ifr->ifr_ifru.ifru_data, &p, sizeof (p))) {
1354 err = -EFAULT;
1355 }
1356 break;
1357 case SIOCADDTUNNEL:
1358 case SIOCCHGTUNNEL:
1359 err = -EPERM;
1360 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
1361 break;
1362 err = -EFAULT;
1363 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof (p)))
1364 break;
1365 err = -EINVAL;
1366 if (p.proto != IPPROTO_IPV6 && p.proto != IPPROTO_IPIP &&
1367 p.proto != 0)
1368 break;
1369 ip6_tnl_parm_from_user(&p1, &p);
1370 t = ip6_tnl_locate(net, &p1, cmd == SIOCADDTUNNEL);
1371 if (dev != ip6n->fb_tnl_dev && cmd == SIOCCHGTUNNEL) {
1372 if (t != NULL) {
1373 if (t->dev != dev) {
1374 err = -EEXIST;
1375 break;
1376 }
1377 } else
1378 t = netdev_priv(dev);
1379
1380 err = ip6_tnl_update(t, &p1);
1381 }
1382 if (t) {
1383 err = 0;
1384 ip6_tnl_parm_to_user(&p, &t->parms);
1385 if (copy_to_user(ifr->ifr_ifru.ifru_data, &p, sizeof(p)))
1386 err = -EFAULT;
1387
1388 } else
1389 err = (cmd == SIOCADDTUNNEL ? -ENOBUFS : -ENOENT);
1390 break;
1391 case SIOCDELTUNNEL:
1392 err = -EPERM;
1393 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
1394 break;
1395
1396 if (dev == ip6n->fb_tnl_dev) {
1397 err = -EFAULT;
1398 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof (p)))
1399 break;
1400 err = -ENOENT;
1401 ip6_tnl_parm_from_user(&p1, &p);
1402 t = ip6_tnl_locate(net, &p1, 0);
1403 if (t == NULL)
1404 break;
1405 err = -EPERM;
1406 if (t->dev == ip6n->fb_tnl_dev)
1407 break;
1408 dev = t->dev;
1409 }
1410 err = 0;
1411 unregister_netdevice(dev);
1412 break;
1413 default:
1414 err = -EINVAL;
1415 }
1416 return err;
1417}
1418
1419
1420
1421
1422
1423
1424
1425
1426
1427
1428
1429static int
1430ip6_tnl_change_mtu(struct net_device *dev, int new_mtu)
1431{
1432 if (new_mtu < IPV6_MIN_MTU) {
1433 return -EINVAL;
1434 }
1435 dev->mtu = new_mtu;
1436 return 0;
1437}
1438
1439
1440static const struct net_device_ops ip6_tnl_netdev_ops = {
1441 .ndo_uninit = ip6_tnl_dev_uninit,
1442 .ndo_start_xmit = ip6_tnl_xmit,
1443 .ndo_do_ioctl = ip6_tnl_ioctl,
1444 .ndo_change_mtu = ip6_tnl_change_mtu,
1445 .ndo_get_stats = ip6_get_stats,
1446};
1447
1448
1449
1450
1451
1452
1453
1454
1455
1456
1457static void ip6_tnl_dev_setup(struct net_device *dev)
1458{
1459 struct ip6_tnl *t;
1460
1461 dev->netdev_ops = &ip6_tnl_netdev_ops;
1462 dev->destructor = ip6_dev_free;
1463
1464 dev->type = ARPHRD_TUNNEL6;
1465 dev->hard_header_len = LL_MAX_HEADER + sizeof (struct ipv6hdr);
1466 dev->mtu = ETH_DATA_LEN - sizeof (struct ipv6hdr);
1467 t = netdev_priv(dev);
1468 if (!(t->parms.flags & IP6_TNL_F_IGN_ENCAP_LIMIT))
1469 dev->mtu-=8;
1470 dev->flags |= IFF_NOARP;
1471 dev->addr_len = sizeof(struct in6_addr);
1472 dev->features |= NETIF_F_NETNS_LOCAL;
1473 dev->priv_flags &= ~IFF_XMIT_DST_RELEASE;
1474}
1475
1476
1477
1478
1479
1480
1481
1482static inline int
1483ip6_tnl_dev_init_gen(struct net_device *dev)
1484{
1485 struct ip6_tnl *t = netdev_priv(dev);
1486
1487 t->dev = dev;
1488 dev->tstats = alloc_percpu(struct pcpu_tstats);
1489 if (!dev->tstats)
1490 return -ENOMEM;
1491 return 0;
1492}
1493
1494
1495
1496
1497
1498
1499static int ip6_tnl_dev_init(struct net_device *dev)
1500{
1501 struct ip6_tnl *t = netdev_priv(dev);
1502 int err = ip6_tnl_dev_init_gen(dev);
1503
1504 if (err)
1505 return err;
1506 ip6_tnl_link_config(t);
1507 return 0;
1508}
1509
1510
1511
1512
1513
1514
1515
1516
1517static int __net_init ip6_fb_tnl_dev_init(struct net_device *dev)
1518{
1519 struct ip6_tnl *t = netdev_priv(dev);
1520 struct net *net = dev_net(dev);
1521 struct ip6_tnl_net *ip6n = net_generic(net, ip6_tnl_net_id);
1522 int err = ip6_tnl_dev_init_gen(dev);
1523
1524 if (err)
1525 return err;
1526
1527 t->parms.proto = IPPROTO_IPV6;
1528 dev_hold(dev);
1529
1530 ip6_tnl_link_config(t);
1531
1532 rcu_assign_pointer(ip6n->tnls_wc[0], t);
1533 return 0;
1534}
1535
1536static int ip6_tnl_validate(struct nlattr *tb[], struct nlattr *data[])
1537{
1538 u8 proto;
1539
1540 if (!data)
1541 return 0;
1542
1543 proto = nla_get_u8(data[IFLA_IPTUN_PROTO]);
1544 if (proto != IPPROTO_IPV6 &&
1545 proto != IPPROTO_IPIP &&
1546 proto != 0)
1547 return -EINVAL;
1548
1549 return 0;
1550}
1551
1552static void ip6_tnl_netlink_parms(struct nlattr *data[],
1553 struct __ip6_tnl_parm *parms)
1554{
1555 memset(parms, 0, sizeof(*parms));
1556
1557 if (!data)
1558 return;
1559
1560 if (data[IFLA_IPTUN_LINK])
1561 parms->link = nla_get_u32(data[IFLA_IPTUN_LINK]);
1562
1563 if (data[IFLA_IPTUN_LOCAL])
1564 nla_memcpy(&parms->laddr, data[IFLA_IPTUN_LOCAL],
1565 sizeof(struct in6_addr));
1566
1567 if (data[IFLA_IPTUN_REMOTE])
1568 nla_memcpy(&parms->raddr, data[IFLA_IPTUN_REMOTE],
1569 sizeof(struct in6_addr));
1570
1571 if (data[IFLA_IPTUN_TTL])
1572 parms->hop_limit = nla_get_u8(data[IFLA_IPTUN_TTL]);
1573
1574 if (data[IFLA_IPTUN_ENCAP_LIMIT])
1575 parms->encap_limit = nla_get_u8(data[IFLA_IPTUN_ENCAP_LIMIT]);
1576
1577 if (data[IFLA_IPTUN_FLOWINFO])
1578 parms->flowinfo = nla_get_be32(data[IFLA_IPTUN_FLOWINFO]);
1579
1580 if (data[IFLA_IPTUN_FLAGS])
1581 parms->flags = nla_get_u32(data[IFLA_IPTUN_FLAGS]);
1582
1583 if (data[IFLA_IPTUN_PROTO])
1584 parms->proto = nla_get_u8(data[IFLA_IPTUN_PROTO]);
1585}
1586
1587static int ip6_tnl_newlink(struct net *src_net, struct net_device *dev,
1588 struct nlattr *tb[], struct nlattr *data[])
1589{
1590 struct net *net = dev_net(dev);
1591 struct ip6_tnl *nt;
1592
1593 nt = netdev_priv(dev);
1594 ip6_tnl_netlink_parms(data, &nt->parms);
1595
1596 if (ip6_tnl_locate(net, &nt->parms, 0))
1597 return -EEXIST;
1598
1599 return ip6_tnl_create2(dev);
1600}
1601
1602static int ip6_tnl_changelink(struct net_device *dev, struct nlattr *tb[],
1603 struct nlattr *data[])
1604{
1605 struct ip6_tnl *t;
1606 struct __ip6_tnl_parm p;
1607 struct net *net = dev_net(dev);
1608 struct ip6_tnl_net *ip6n = net_generic(net, ip6_tnl_net_id);
1609
1610 if (dev == ip6n->fb_tnl_dev)
1611 return -EINVAL;
1612
1613 ip6_tnl_netlink_parms(data, &p);
1614
1615 t = ip6_tnl_locate(net, &p, 0);
1616
1617 if (t) {
1618 if (t->dev != dev)
1619 return -EEXIST;
1620 } else
1621 t = netdev_priv(dev);
1622
1623 return ip6_tnl_update(t, &p);
1624}
1625
1626static size_t ip6_tnl_get_size(const struct net_device *dev)
1627{
1628 return
1629
1630 nla_total_size(4) +
1631
1632 nla_total_size(sizeof(struct in6_addr)) +
1633
1634 nla_total_size(sizeof(struct in6_addr)) +
1635
1636 nla_total_size(1) +
1637
1638 nla_total_size(1) +
1639
1640 nla_total_size(4) +
1641
1642 nla_total_size(4) +
1643
1644 nla_total_size(1) +
1645 0;
1646}
1647
1648static int ip6_tnl_fill_info(struct sk_buff *skb, const struct net_device *dev)
1649{
1650 struct ip6_tnl *tunnel = netdev_priv(dev);
1651 struct __ip6_tnl_parm *parm = &tunnel->parms;
1652
1653 if (nla_put_u32(skb, IFLA_IPTUN_LINK, parm->link) ||
1654 nla_put(skb, IFLA_IPTUN_LOCAL, sizeof(struct in6_addr),
1655 &parm->raddr) ||
1656 nla_put(skb, IFLA_IPTUN_REMOTE, sizeof(struct in6_addr),
1657 &parm->laddr) ||
1658 nla_put_u8(skb, IFLA_IPTUN_TTL, parm->hop_limit) ||
1659 nla_put_u8(skb, IFLA_IPTUN_ENCAP_LIMIT, parm->encap_limit) ||
1660 nla_put_be32(skb, IFLA_IPTUN_FLOWINFO, parm->flowinfo) ||
1661 nla_put_u32(skb, IFLA_IPTUN_FLAGS, parm->flags) ||
1662 nla_put_u8(skb, IFLA_IPTUN_PROTO, parm->proto))
1663 goto nla_put_failure;
1664 return 0;
1665
1666nla_put_failure:
1667 return -EMSGSIZE;
1668}
1669
1670static const struct nla_policy ip6_tnl_policy[IFLA_IPTUN_MAX + 1] = {
1671 [IFLA_IPTUN_LINK] = { .type = NLA_U32 },
1672 [IFLA_IPTUN_LOCAL] = { .len = sizeof(struct in6_addr) },
1673 [IFLA_IPTUN_REMOTE] = { .len = sizeof(struct in6_addr) },
1674 [IFLA_IPTUN_TTL] = { .type = NLA_U8 },
1675 [IFLA_IPTUN_ENCAP_LIMIT] = { .type = NLA_U8 },
1676 [IFLA_IPTUN_FLOWINFO] = { .type = NLA_U32 },
1677 [IFLA_IPTUN_FLAGS] = { .type = NLA_U32 },
1678 [IFLA_IPTUN_PROTO] = { .type = NLA_U8 },
1679};
1680
1681static struct rtnl_link_ops ip6_link_ops __read_mostly = {
1682 .kind = "ip6tnl",
1683 .maxtype = IFLA_IPTUN_MAX,
1684 .policy = ip6_tnl_policy,
1685 .priv_size = sizeof(struct ip6_tnl),
1686 .setup = ip6_tnl_dev_setup,
1687 .validate = ip6_tnl_validate,
1688 .newlink = ip6_tnl_newlink,
1689 .changelink = ip6_tnl_changelink,
1690 .get_size = ip6_tnl_get_size,
1691 .fill_info = ip6_tnl_fill_info,
1692};
1693
1694static struct xfrm6_tunnel ip4ip6_handler __read_mostly = {
1695 .handler = ip4ip6_rcv,
1696 .err_handler = ip4ip6_err,
1697 .priority = 1,
1698};
1699
1700static struct xfrm6_tunnel ip6ip6_handler __read_mostly = {
1701 .handler = ip6ip6_rcv,
1702 .err_handler = ip6ip6_err,
1703 .priority = 1,
1704};
1705
1706static void __net_exit ip6_tnl_destroy_tunnels(struct ip6_tnl_net *ip6n)
1707{
1708 int h;
1709 struct ip6_tnl *t;
1710 LIST_HEAD(list);
1711
1712 for (h = 0; h < HASH_SIZE; h++) {
1713 t = rtnl_dereference(ip6n->tnls_r_l[h]);
1714 while (t != NULL) {
1715 unregister_netdevice_queue(t->dev, &list);
1716 t = rtnl_dereference(t->next);
1717 }
1718 }
1719
1720 t = rtnl_dereference(ip6n->tnls_wc[0]);
1721 unregister_netdevice_queue(t->dev, &list);
1722 unregister_netdevice_many(&list);
1723}
1724
1725static int __net_init ip6_tnl_init_net(struct net *net)
1726{
1727 struct ip6_tnl_net *ip6n = net_generic(net, ip6_tnl_net_id);
1728 struct ip6_tnl *t = NULL;
1729 int err;
1730
1731 ip6n->tnls[0] = ip6n->tnls_wc;
1732 ip6n->tnls[1] = ip6n->tnls_r_l;
1733
1734 err = -ENOMEM;
1735 ip6n->fb_tnl_dev = alloc_netdev(sizeof(struct ip6_tnl), "ip6tnl0",
1736 ip6_tnl_dev_setup);
1737
1738 if (!ip6n->fb_tnl_dev)
1739 goto err_alloc_dev;
1740 dev_net_set(ip6n->fb_tnl_dev, net);
1741
1742 err = ip6_fb_tnl_dev_init(ip6n->fb_tnl_dev);
1743 if (err < 0)
1744 goto err_register;
1745
1746 err = register_netdev(ip6n->fb_tnl_dev);
1747 if (err < 0)
1748 goto err_register;
1749
1750 t = netdev_priv(ip6n->fb_tnl_dev);
1751
1752 strcpy(t->parms.name, ip6n->fb_tnl_dev->name);
1753 return 0;
1754
1755err_register:
1756 ip6_dev_free(ip6n->fb_tnl_dev);
1757err_alloc_dev:
1758 return err;
1759}
1760
1761static void __net_exit ip6_tnl_exit_net(struct net *net)
1762{
1763 struct ip6_tnl_net *ip6n = net_generic(net, ip6_tnl_net_id);
1764
1765 rtnl_lock();
1766 ip6_tnl_destroy_tunnels(ip6n);
1767 rtnl_unlock();
1768}
1769
1770static struct pernet_operations ip6_tnl_net_ops = {
1771 .init = ip6_tnl_init_net,
1772 .exit = ip6_tnl_exit_net,
1773 .id = &ip6_tnl_net_id,
1774 .size = sizeof(struct ip6_tnl_net),
1775};
1776
1777
1778
1779
1780
1781
1782
1783static int __init ip6_tunnel_init(void)
1784{
1785 int err;
1786
1787 err = register_pernet_device(&ip6_tnl_net_ops);
1788 if (err < 0)
1789 goto out_pernet;
1790
1791 err = xfrm6_tunnel_register(&ip4ip6_handler, AF_INET);
1792 if (err < 0) {
1793 pr_err("%s: can't register ip4ip6\n", __func__);
1794 goto out_ip4ip6;
1795 }
1796
1797 err = xfrm6_tunnel_register(&ip6ip6_handler, AF_INET6);
1798 if (err < 0) {
1799 pr_err("%s: can't register ip6ip6\n", __func__);
1800 goto out_ip6ip6;
1801 }
1802 err = rtnl_link_register(&ip6_link_ops);
1803 if (err < 0)
1804 goto rtnl_link_failed;
1805
1806 return 0;
1807
1808rtnl_link_failed:
1809 xfrm6_tunnel_deregister(&ip6ip6_handler, AF_INET6);
1810out_ip6ip6:
1811 xfrm6_tunnel_deregister(&ip4ip6_handler, AF_INET);
1812out_ip4ip6:
1813 unregister_pernet_device(&ip6_tnl_net_ops);
1814out_pernet:
1815 return err;
1816}
1817
1818
1819
1820
1821
1822static void __exit ip6_tunnel_cleanup(void)
1823{
1824 rtnl_link_unregister(&ip6_link_ops);
1825 if (xfrm6_tunnel_deregister(&ip4ip6_handler, AF_INET))
1826 pr_info("%s: can't deregister ip4ip6\n", __func__);
1827
1828 if (xfrm6_tunnel_deregister(&ip6ip6_handler, AF_INET6))
1829 pr_info("%s: can't deregister ip6ip6\n", __func__);
1830
1831 unregister_pernet_device(&ip6_tnl_net_ops);
1832}
1833
1834module_init(ip6_tunnel_init);
1835module_exit(ip6_tunnel_cleanup);
1836
