1
2
3
4
5
6
7
8
9
10
11
12
13
14#include <linux/module.h>
15#include <linux/capability.h>
16#include <linux/errno.h>
17#include <linux/types.h>
18#include <linux/sockios.h>
19#include <linux/icmp.h>
20#include <linux/if.h>
21#include <linux/in.h>
22#include <linux/ip.h>
23#include <linux/net.h>
24#include <linux/in6.h>
25#include <linux/netdevice.h>
26#include <linux/if_arp.h>
27#include <linux/icmpv6.h>
28#include <linux/init.h>
29#include <linux/route.h>
30#include <linux/rtnetlink.h>
31#include <linux/netfilter_ipv6.h>
32#include <linux/slab.h>
33#include <linux/hash.h>
34
35#include <linux/uaccess.h>
36#include <linux/atomic.h>
37
38#include <net/icmp.h>
39#include <net/ip.h>
40#include <net/ip_tunnels.h>
41#include <net/ipv6.h>
42#include <net/ip6_route.h>
43#include <net/addrconf.h>
44#include <net/ip6_tunnel.h>
45#include <net/xfrm.h>
46#include <net/net_namespace.h>
47#include <net/netns/generic.h>
48#include <linux/etherdevice.h>
49
50#define IP6_VTI_HASH_SIZE_SHIFT 5
51#define IP6_VTI_HASH_SIZE (1 << IP6_VTI_HASH_SIZE_SHIFT)
52
53static u32 HASH(const struct in6_addr *addr1, const struct in6_addr *addr2)
54{
55 u32 hash = ipv6_addr_hash(addr1) ^ ipv6_addr_hash(addr2);
56
57 return hash_32(hash, IP6_VTI_HASH_SIZE_SHIFT);
58}
59
60static int vti6_dev_init(struct net_device *dev);
61static void vti6_dev_setup(struct net_device *dev);
62static struct rtnl_link_ops vti6_link_ops __read_mostly;
63
64static unsigned int vti6_net_id __read_mostly;
65struct vti6_net {
66
67 struct net_device *fb_tnl_dev;
68
69 struct ip6_tnl __rcu *tnls_r_l[IP6_VTI_HASH_SIZE];
70 struct ip6_tnl __rcu *tnls_wc[1];
71 struct ip6_tnl __rcu **tnls[2];
72};
73
74#define for_each_vti6_tunnel_rcu(start) \
75 for (t = rcu_dereference(start); t; t = rcu_dereference(t->next))
76
77
78
79
80
81
82
83
84
85
86
87
88static struct ip6_tnl *
89vti6_tnl_lookup(struct net *net, const struct in6_addr *remote,
90 const struct in6_addr *local)
91{
92 unsigned int hash = HASH(remote, local);
93 struct ip6_tnl *t;
94 struct vti6_net *ip6n = net_generic(net, vti6_net_id);
95 struct in6_addr any;
96
97 for_each_vti6_tunnel_rcu(ip6n->tnls_r_l[hash]) {
98 if (ipv6_addr_equal(local, &t->parms.laddr) &&
99 ipv6_addr_equal(remote, &t->parms.raddr) &&
100 (t->dev->flags & IFF_UP))
101 return t;
102 }
103
104 memset(&any, 0, sizeof(any));
105 hash = HASH(&any, local);
106 for_each_vti6_tunnel_rcu(ip6n->tnls_r_l[hash]) {
107 if (ipv6_addr_equal(local, &t->parms.laddr) &&
108 (t->dev->flags & IFF_UP))
109 return t;
110 }
111
112 hash = HASH(remote, &any);
113 for_each_vti6_tunnel_rcu(ip6n->tnls_r_l[hash]) {
114 if (ipv6_addr_equal(remote, &t->parms.raddr) &&
115 (t->dev->flags & IFF_UP))
116 return t;
117 }
118
119 t = rcu_dereference(ip6n->tnls_wc[0]);
120 if (t && (t->dev->flags & IFF_UP))
121 return t;
122
123 return NULL;
124}
125
126
127
128
129
130
131
132
133
134
135
136
137static struct ip6_tnl __rcu **
138vti6_tnl_bucket(struct vti6_net *ip6n, const struct __ip6_tnl_parm *p)
139{
140 const struct in6_addr *remote = &p->raddr;
141 const struct in6_addr *local = &p->laddr;
142 unsigned int h = 0;
143 int prio = 0;
144
145 if (!ipv6_addr_any(remote) || !ipv6_addr_any(local)) {
146 prio = 1;
147 h = HASH(remote, local);
148 }
149 return &ip6n->tnls[prio][h];
150}
151
152static void
153vti6_tnl_link(struct vti6_net *ip6n, struct ip6_tnl *t)
154{
155 struct ip6_tnl __rcu **tp = vti6_tnl_bucket(ip6n, &t->parms);
156
157 rcu_assign_pointer(t->next , rtnl_dereference(*tp));
158 rcu_assign_pointer(*tp, t);
159}
160
161static void
162vti6_tnl_unlink(struct vti6_net *ip6n, struct ip6_tnl *t)
163{
164 struct ip6_tnl __rcu **tp;
165 struct ip6_tnl *iter;
166
167 for (tp = vti6_tnl_bucket(ip6n, &t->parms);
168 (iter = rtnl_dereference(*tp)) != NULL;
169 tp = &iter->next) {
170 if (t == iter) {
171 rcu_assign_pointer(*tp, t->next);
172 break;
173 }
174 }
175}
176
177static void vti6_dev_free(struct net_device *dev)
178{
179 free_percpu(dev->tstats);
180}
181
182static int vti6_tnl_create2(struct net_device *dev)
183{
184 struct ip6_tnl *t = netdev_priv(dev);
185 struct net *net = dev_net(dev);
186 struct vti6_net *ip6n = net_generic(net, vti6_net_id);
187 int err;
188
189 dev->rtnl_link_ops = &vti6_link_ops;
190 err = register_netdevice(dev);
191 if (err < 0)
192 goto out;
193
194 strcpy(t->parms.name, dev->name);
195
196 vti6_tnl_link(ip6n, t);
197
198 return 0;
199
200out:
201 return err;
202}
203
204static struct ip6_tnl *vti6_tnl_create(struct net *net, struct __ip6_tnl_parm *p)
205{
206 struct net_device *dev;
207 struct ip6_tnl *t;
208 char name[IFNAMSIZ];
209 int err;
210
211 if (p->name[0]) {
212 if (!dev_valid_name(p->name))
213 goto failed;
214 strlcpy(name, p->name, IFNAMSIZ);
215 } else {
216 sprintf(name, "ip6_vti%%d");
217 }
218
219 dev = alloc_netdev(sizeof(*t), name, NET_NAME_UNKNOWN, vti6_dev_setup);
220 if (!dev)
221 goto failed;
222
223 dev_net_set(dev, net);
224
225 t = netdev_priv(dev);
226 t->parms = *p;
227 t->net = dev_net(dev);
228
229 err = vti6_tnl_create2(dev);
230 if (err < 0)
231 goto failed_free;
232
233 return t;
234
235failed_free:
236 free_netdev(dev);
237failed:
238 return NULL;
239}
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255static struct ip6_tnl *vti6_locate(struct net *net, struct __ip6_tnl_parm *p,
256 int create)
257{
258 const struct in6_addr *remote = &p->raddr;
259 const struct in6_addr *local = &p->laddr;
260 struct ip6_tnl __rcu **tp;
261 struct ip6_tnl *t;
262 struct vti6_net *ip6n = net_generic(net, vti6_net_id);
263
264 for (tp = vti6_tnl_bucket(ip6n, p);
265 (t = rtnl_dereference(*tp)) != NULL;
266 tp = &t->next) {
267 if (ipv6_addr_equal(local, &t->parms.laddr) &&
268 ipv6_addr_equal(remote, &t->parms.raddr)) {
269 if (create)
270 return NULL;
271
272 return t;
273 }
274 }
275 if (!create)
276 return NULL;
277 return vti6_tnl_create(net, p);
278}
279
280
281
282
283
284
285
286
287static void vti6_dev_uninit(struct net_device *dev)
288{
289 struct ip6_tnl *t = netdev_priv(dev);
290 struct vti6_net *ip6n = net_generic(t->net, vti6_net_id);
291
292 if (dev == ip6n->fb_tnl_dev)
293 RCU_INIT_POINTER(ip6n->tnls_wc[0], NULL);
294 else
295 vti6_tnl_unlink(ip6n, t);
296 dev_put(dev);
297}
298
299static int vti6_input_proto(struct sk_buff *skb, int nexthdr, __be32 spi,
300 int encap_type)
301{
302 struct ip6_tnl *t;
303 const struct ipv6hdr *ipv6h = ipv6_hdr(skb);
304
305 rcu_read_lock();
306 t = vti6_tnl_lookup(dev_net(skb->dev), &ipv6h->saddr, &ipv6h->daddr);
307 if (t) {
308 if (t->parms.proto != IPPROTO_IPV6 && t->parms.proto != 0) {
309 rcu_read_unlock();
310 goto discard;
311 }
312
313 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) {
314 rcu_read_unlock();
315 goto discard;
316 }
317
318 ipv6h = ipv6_hdr(skb);
319 if (!ip6_tnl_rcv_ctl(t, &ipv6h->daddr, &ipv6h->saddr)) {
320 t->dev->stats.rx_dropped++;
321 rcu_read_unlock();
322 goto discard;
323 }
324
325 rcu_read_unlock();
326
327 XFRM_TUNNEL_SKB_CB(skb)->tunnel.ip6 = t;
328 XFRM_SPI_SKB_CB(skb)->family = AF_INET6;
329 XFRM_SPI_SKB_CB(skb)->daddroff = offsetof(struct ipv6hdr, daddr);
330 return xfrm_input(skb, nexthdr, spi, encap_type);
331 }
332 rcu_read_unlock();
333 return -EINVAL;
334discard:
335 kfree_skb(skb);
336 return 0;
337}
338
339static int vti6_rcv(struct sk_buff *skb)
340{
341 int nexthdr = skb_network_header(skb)[IP6CB(skb)->nhoff];
342
343 return vti6_input_proto(skb, nexthdr, 0, 0);
344}
345
346static int vti6_rcv_cb(struct sk_buff *skb, int err)
347{
348 unsigned short family;
349 struct net_device *dev;
350 struct xfrm_state *x;
351 const struct xfrm_mode *inner_mode;
352 struct ip6_tnl *t = XFRM_TUNNEL_SKB_CB(skb)->tunnel.ip6;
353 u32 orig_mark = skb->mark;
354 int ret;
355
356 if (!t)
357 return 1;
358
359 dev = t->dev;
360
361 if (err) {
362 dev->stats.rx_errors++;
363 dev->stats.rx_dropped++;
364
365 return 0;
366 }
367
368 x = xfrm_input_state(skb);
369
370 inner_mode = &x->inner_mode;
371
372 if (x->sel.family == AF_UNSPEC) {
373 inner_mode = xfrm_ip2inner_mode(x, XFRM_MODE_SKB_CB(skb)->protocol);
374 if (inner_mode == NULL) {
375 XFRM_INC_STATS(dev_net(skb->dev),
376 LINUX_MIB_XFRMINSTATEMODEERROR);
377 return -EINVAL;
378 }
379 }
380
381 family = inner_mode->family;
382
383 skb->mark = be32_to_cpu(t->parms.i_key);
384 ret = xfrm_policy_check(NULL, XFRM_POLICY_IN, skb, family);
385 skb->mark = orig_mark;
386
387 if (!ret)
388 return -EPERM;
389
390 skb_scrub_packet(skb, !net_eq(t->net, dev_net(skb->dev)));
391 skb->dev = dev;
392 dev_sw_netstats_rx_add(dev, skb->len);
393
394 return 0;
395}
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410static inline bool
411vti6_addr_conflict(const struct ip6_tnl *t, const struct ipv6hdr *hdr)
412{
413 return ipv6_addr_equal(&t->parms.raddr, &hdr->saddr);
414}
415
416static bool vti6_state_check(const struct xfrm_state *x,
417 const struct in6_addr *dst,
418 const struct in6_addr *src)
419{
420 xfrm_address_t *daddr = (xfrm_address_t *)dst;
421 xfrm_address_t *saddr = (xfrm_address_t *)src;
422
423
424
425
426 if (!x || x->props.mode != XFRM_MODE_TUNNEL ||
427 x->props.family != AF_INET6)
428 return false;
429
430 if (ipv6_addr_any(dst))
431 return xfrm_addr_equal(saddr, &x->props.saddr, AF_INET6);
432
433 if (!xfrm_state_addr_check(x, daddr, saddr, AF_INET6))
434 return false;
435
436 return true;
437}
438
439
440
441
442
443
444
445static int
446vti6_xmit(struct sk_buff *skb, struct net_device *dev, struct flowi *fl)
447{
448 struct ip6_tnl *t = netdev_priv(dev);
449 struct net_device_stats *stats = &t->dev->stats;
450 struct dst_entry *dst = skb_dst(skb);
451 struct net_device *tdev;
452 struct xfrm_state *x;
453 int pkt_len = skb->len;
454 int err = -1;
455 int mtu;
456
457 if (!dst) {
458 switch (skb->protocol) {
459 case htons(ETH_P_IP): {
460 struct rtable *rt;
461
462 fl->u.ip4.flowi4_oif = dev->ifindex;
463 fl->u.ip4.flowi4_flags |= FLOWI_FLAG_ANYSRC;
464 rt = __ip_route_output_key(dev_net(dev), &fl->u.ip4);
465 if (IS_ERR(rt))
466 goto tx_err_link_failure;
467 dst = &rt->dst;
468 skb_dst_set(skb, dst);
469 break;
470 }
471 case htons(ETH_P_IPV6):
472 fl->u.ip6.flowi6_oif = dev->ifindex;
473 fl->u.ip6.flowi6_flags |= FLOWI_FLAG_ANYSRC;
474 dst = ip6_route_output(dev_net(dev), NULL, &fl->u.ip6);
475 if (dst->error) {
476 dst_release(dst);
477 dst = NULL;
478 goto tx_err_link_failure;
479 }
480 skb_dst_set(skb, dst);
481 break;
482 default:
483 goto tx_err_link_failure;
484 }
485 }
486
487 dst_hold(dst);
488 dst = xfrm_lookup_route(t->net, dst, fl, NULL, 0);
489 if (IS_ERR(dst)) {
490 err = PTR_ERR(dst);
491 dst = NULL;
492 goto tx_err_link_failure;
493 }
494
495 if (dst->flags & DST_XFRM_QUEUE)
496 goto xmit;
497
498 x = dst->xfrm;
499 if (!vti6_state_check(x, &t->parms.raddr, &t->parms.laddr))
500 goto tx_err_link_failure;
501
502 if (!ip6_tnl_xmit_ctl(t, (const struct in6_addr *)&x->props.saddr,
503 (const struct in6_addr *)&x->id.daddr))
504 goto tx_err_link_failure;
505
506 tdev = dst->dev;
507
508 if (tdev == dev) {
509 stats->collisions++;
510 net_warn_ratelimited("%s: Local routing loop detected!\n",
511 t->parms.name);
512 goto tx_err_dst_release;
513 }
514
515 mtu = dst_mtu(dst);
516 if (skb->len > mtu) {
517 skb_dst_update_pmtu_no_confirm(skb, mtu);
518
519 if (skb->protocol == htons(ETH_P_IPV6)) {
520 if (mtu < IPV6_MIN_MTU)
521 mtu = IPV6_MIN_MTU;
522
523 icmpv6_ndo_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu);
524 } else {
525 if (!(ip_hdr(skb)->frag_off & htons(IP_DF)))
526 goto xmit;
527 icmp_ndo_send(skb, ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED,
528 htonl(mtu));
529 }
530
531 err = -EMSGSIZE;
532 goto tx_err_dst_release;
533 }
534
535xmit:
536 skb_scrub_packet(skb, !net_eq(t->net, dev_net(dev)));
537 skb_dst_set(skb, dst);
538 skb->dev = skb_dst(skb)->dev;
539
540 err = dst_output(t->net, skb->sk, skb);
541 if (net_xmit_eval(err) == 0)
542 err = pkt_len;
543 iptunnel_xmit_stats(dev, err);
544
545 return 0;
546tx_err_link_failure:
547 stats->tx_carrier_errors++;
548 dst_link_failure(skb);
549tx_err_dst_release:
550 dst_release(dst);
551 return err;
552}
553
554static netdev_tx_t
555vti6_tnl_xmit(struct sk_buff *skb, struct net_device *dev)
556{
557 struct ip6_tnl *t = netdev_priv(dev);
558 struct net_device_stats *stats = &t->dev->stats;
559 struct flowi fl;
560 int ret;
561
562 if (!pskb_inet_may_pull(skb))
563 goto tx_err;
564
565 memset(&fl, 0, sizeof(fl));
566
567 switch (skb->protocol) {
568 case htons(ETH_P_IPV6):
569 if ((t->parms.proto != IPPROTO_IPV6 && t->parms.proto != 0) ||
570 vti6_addr_conflict(t, ipv6_hdr(skb)))
571 goto tx_err;
572
573 xfrm_decode_session(skb, &fl, AF_INET6);
574 memset(IP6CB(skb), 0, sizeof(*IP6CB(skb)));
575 break;
576 case htons(ETH_P_IP):
577 xfrm_decode_session(skb, &fl, AF_INET);
578 memset(IPCB(skb), 0, sizeof(*IPCB(skb)));
579 break;
580 default:
581 goto tx_err;
582 }
583
584
585 fl.flowi_mark = be32_to_cpu(t->parms.o_key);
586
587 ret = vti6_xmit(skb, dev, &fl);
588 if (ret < 0)
589 goto tx_err;
590
591 return NETDEV_TX_OK;
592
593tx_err:
594 stats->tx_errors++;
595 stats->tx_dropped++;
596 kfree_skb(skb);
597 return NETDEV_TX_OK;
598}
599
600static int vti6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
601 u8 type, u8 code, int offset, __be32 info)
602{
603 __be32 spi;
604 __u32 mark;
605 struct xfrm_state *x;
606 struct ip6_tnl *t;
607 struct ip_esp_hdr *esph;
608 struct ip_auth_hdr *ah;
609 struct ip_comp_hdr *ipch;
610 struct net *net = dev_net(skb->dev);
611 const struct ipv6hdr *iph = (const struct ipv6hdr *)skb->data;
612 int protocol = iph->nexthdr;
613
614 t = vti6_tnl_lookup(dev_net(skb->dev), &iph->daddr, &iph->saddr);
615 if (!t)
616 return -1;
617
618 mark = be32_to_cpu(t->parms.o_key);
619
620 switch (protocol) {
621 case IPPROTO_ESP:
622 esph = (struct ip_esp_hdr *)(skb->data + offset);
623 spi = esph->spi;
624 break;
625 case IPPROTO_AH:
626 ah = (struct ip_auth_hdr *)(skb->data + offset);
627 spi = ah->spi;
628 break;
629 case IPPROTO_COMP:
630 ipch = (struct ip_comp_hdr *)(skb->data + offset);
631 spi = htonl(ntohs(ipch->cpi));
632 break;
633 default:
634 return 0;
635 }
636
637 if (type != ICMPV6_PKT_TOOBIG &&
638 type != NDISC_REDIRECT)
639 return 0;
640
641 x = xfrm_state_lookup(net, mark, (const xfrm_address_t *)&iph->daddr,
642 spi, protocol, AF_INET6);
643 if (!x)
644 return 0;
645
646 if (type == NDISC_REDIRECT)
647 ip6_redirect(skb, net, skb->dev->ifindex, 0,
648 sock_net_uid(net, NULL));
649 else
650 ip6_update_pmtu(skb, net, info, 0, 0, sock_net_uid(net, NULL));
651 xfrm_state_put(x);
652
653 return 0;
654}
655
656static void vti6_link_config(struct ip6_tnl *t, bool keep_mtu)
657{
658 struct net_device *dev = t->dev;
659 struct __ip6_tnl_parm *p = &t->parms;
660 struct net_device *tdev = NULL;
661 int mtu;
662
663 memcpy(dev->dev_addr, &p->laddr, sizeof(struct in6_addr));
664 memcpy(dev->broadcast, &p->raddr, sizeof(struct in6_addr));
665
666 p->flags &= ~(IP6_TNL_F_CAP_XMIT | IP6_TNL_F_CAP_RCV |
667 IP6_TNL_F_CAP_PER_PACKET);
668 p->flags |= ip6_tnl_get_cap(t, &p->laddr, &p->raddr);
669
670 if (p->flags & IP6_TNL_F_CAP_XMIT && p->flags & IP6_TNL_F_CAP_RCV)
671 dev->flags |= IFF_POINTOPOINT;
672 else
673 dev->flags &= ~IFF_POINTOPOINT;
674
675 if (keep_mtu && dev->mtu) {
676 dev->mtu = clamp(dev->mtu, dev->min_mtu, dev->max_mtu);
677 return;
678 }
679
680 if (p->flags & IP6_TNL_F_CAP_XMIT) {
681 int strict = (ipv6_addr_type(&p->raddr) &
682 (IPV6_ADDR_MULTICAST | IPV6_ADDR_LINKLOCAL));
683 struct rt6_info *rt = rt6_lookup(t->net,
684 &p->raddr, &p->laddr,
685 p->link, NULL, strict);
686
687 if (rt)
688 tdev = rt->dst.dev;
689 ip6_rt_put(rt);
690 }
691
692 if (!tdev && p->link)
693 tdev = __dev_get_by_index(t->net, p->link);
694
695 if (tdev)
696 mtu = tdev->mtu - sizeof(struct ipv6hdr);
697 else
698 mtu = ETH_DATA_LEN - LL_MAX_HEADER - sizeof(struct ipv6hdr);
699
700 dev->mtu = max_t(int, mtu, IPV4_MIN_MTU);
701}
702
703
704
705
706
707
708
709
710
711
712static int
713vti6_tnl_change(struct ip6_tnl *t, const struct __ip6_tnl_parm *p,
714 bool keep_mtu)
715{
716 t->parms.laddr = p->laddr;
717 t->parms.raddr = p->raddr;
718 t->parms.link = p->link;
719 t->parms.i_key = p->i_key;
720 t->parms.o_key = p->o_key;
721 t->parms.proto = p->proto;
722 t->parms.fwmark = p->fwmark;
723 dst_cache_reset(&t->dst_cache);
724 vti6_link_config(t, keep_mtu);
725 return 0;
726}
727
728static int vti6_update(struct ip6_tnl *t, struct __ip6_tnl_parm *p,
729 bool keep_mtu)
730{
731 struct net *net = dev_net(t->dev);
732 struct vti6_net *ip6n = net_generic(net, vti6_net_id);
733 int err;
734
735 vti6_tnl_unlink(ip6n, t);
736 synchronize_net();
737 err = vti6_tnl_change(t, p, keep_mtu);
738 vti6_tnl_link(ip6n, t);
739 netdev_state_change(t->dev);
740 return err;
741}
742
743static void
744vti6_parm_from_user(struct __ip6_tnl_parm *p, const struct ip6_tnl_parm2 *u)
745{
746 p->laddr = u->laddr;
747 p->raddr = u->raddr;
748 p->link = u->link;
749 p->i_key = u->i_key;
750 p->o_key = u->o_key;
751 p->proto = u->proto;
752
753 memcpy(p->name, u->name, sizeof(u->name));
754}
755
756static void
757vti6_parm_to_user(struct ip6_tnl_parm2 *u, const struct __ip6_tnl_parm *p)
758{
759 u->laddr = p->laddr;
760 u->raddr = p->raddr;
761 u->link = p->link;
762 u->i_key = p->i_key;
763 u->o_key = p->o_key;
764 if (u->i_key)
765 u->i_flags |= GRE_KEY;
766 if (u->o_key)
767 u->o_flags |= GRE_KEY;
768 u->proto = p->proto;
769
770 memcpy(u->name, p->name, sizeof(u->name));
771}
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800static int
801vti6_ioctl(struct net_device *dev, struct ifreq *ifr, int cmd)
802{
803 int err = 0;
804 struct ip6_tnl_parm2 p;
805 struct __ip6_tnl_parm p1;
806 struct ip6_tnl *t = NULL;
807 struct net *net = dev_net(dev);
808 struct vti6_net *ip6n = net_generic(net, vti6_net_id);
809
810 switch (cmd) {
811 case SIOCGETTUNNEL:
812 if (dev == ip6n->fb_tnl_dev) {
813 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p))) {
814 err = -EFAULT;
815 break;
816 }
817 vti6_parm_from_user(&p1, &p);
818 t = vti6_locate(net, &p1, 0);
819 } else {
820 memset(&p, 0, sizeof(p));
821 }
822 if (!t)
823 t = netdev_priv(dev);
824 vti6_parm_to_user(&p, &t->parms);
825 if (copy_to_user(ifr->ifr_ifru.ifru_data, &p, sizeof(p)))
826 err = -EFAULT;
827 break;
828 case SIOCADDTUNNEL:
829 case SIOCCHGTUNNEL:
830 err = -EPERM;
831 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
832 break;
833 err = -EFAULT;
834 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p)))
835 break;
836 err = -EINVAL;
837 if (p.proto != IPPROTO_IPV6 && p.proto != 0)
838 break;
839 vti6_parm_from_user(&p1, &p);
840 t = vti6_locate(net, &p1, cmd == SIOCADDTUNNEL);
841 if (dev != ip6n->fb_tnl_dev && cmd == SIOCCHGTUNNEL) {
842 if (t) {
843 if (t->dev != dev) {
844 err = -EEXIST;
845 break;
846 }
847 } else
848 t = netdev_priv(dev);
849
850 err = vti6_update(t, &p1, false);
851 }
852 if (t) {
853 err = 0;
854 vti6_parm_to_user(&p, &t->parms);
855 if (copy_to_user(ifr->ifr_ifru.ifru_data, &p, sizeof(p)))
856 err = -EFAULT;
857
858 } else
859 err = (cmd == SIOCADDTUNNEL ? -ENOBUFS : -ENOENT);
860 break;
861 case SIOCDELTUNNEL:
862 err = -EPERM;
863 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
864 break;
865
866 if (dev == ip6n->fb_tnl_dev) {
867 err = -EFAULT;
868 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p)))
869 break;
870 err = -ENOENT;
871 vti6_parm_from_user(&p1, &p);
872 t = vti6_locate(net, &p1, 0);
873 if (!t)
874 break;
875 err = -EPERM;
876 if (t->dev == ip6n->fb_tnl_dev)
877 break;
878 dev = t->dev;
879 }
880 err = 0;
881 unregister_netdevice(dev);
882 break;
883 default:
884 err = -EINVAL;
885 }
886 return err;
887}
888
889static const struct net_device_ops vti6_netdev_ops = {
890 .ndo_init = vti6_dev_init,
891 .ndo_uninit = vti6_dev_uninit,
892 .ndo_start_xmit = vti6_tnl_xmit,
893 .ndo_do_ioctl = vti6_ioctl,
894 .ndo_get_stats64 = dev_get_tstats64,
895 .ndo_get_iflink = ip6_tnl_get_iflink,
896};
897
898
899
900
901
902
903
904
905static void vti6_dev_setup(struct net_device *dev)
906{
907 dev->netdev_ops = &vti6_netdev_ops;
908 dev->header_ops = &ip_tunnel_header_ops;
909 dev->needs_free_netdev = true;
910 dev->priv_destructor = vti6_dev_free;
911
912 dev->type = ARPHRD_TUNNEL6;
913 dev->min_mtu = IPV4_MIN_MTU;
914 dev->max_mtu = IP_MAX_MTU - sizeof(struct ipv6hdr);
915 dev->flags |= IFF_NOARP;
916 dev->addr_len = sizeof(struct in6_addr);
917 netif_keep_dst(dev);
918
919 dev->addr_assign_type = NET_ADDR_RANDOM;
920 eth_random_addr(dev->perm_addr);
921}
922
923
924
925
926
927static inline int vti6_dev_init_gen(struct net_device *dev)
928{
929 struct ip6_tnl *t = netdev_priv(dev);
930
931 t->dev = dev;
932 t->net = dev_net(dev);
933 dev->tstats = netdev_alloc_pcpu_stats(struct pcpu_sw_netstats);
934 if (!dev->tstats)
935 return -ENOMEM;
936 dev_hold(dev);
937 return 0;
938}
939
940
941
942
943
944static int vti6_dev_init(struct net_device *dev)
945{
946 struct ip6_tnl *t = netdev_priv(dev);
947 int err = vti6_dev_init_gen(dev);
948
949 if (err)
950 return err;
951 vti6_link_config(t, true);
952 return 0;
953}
954
955
956
957
958
959
960
961static int __net_init vti6_fb_tnl_dev_init(struct net_device *dev)
962{
963 struct ip6_tnl *t = netdev_priv(dev);
964 struct net *net = dev_net(dev);
965 struct vti6_net *ip6n = net_generic(net, vti6_net_id);
966
967 t->parms.proto = IPPROTO_IPV6;
968
969 rcu_assign_pointer(ip6n->tnls_wc[0], t);
970 return 0;
971}
972
973static int vti6_validate(struct nlattr *tb[], struct nlattr *data[],
974 struct netlink_ext_ack *extack)
975{
976 return 0;
977}
978
979static void vti6_netlink_parms(struct nlattr *data[],
980 struct __ip6_tnl_parm *parms)
981{
982 memset(parms, 0, sizeof(*parms));
983
984 if (!data)
985 return;
986
987 if (data[IFLA_VTI_LINK])
988 parms->link = nla_get_u32(data[IFLA_VTI_LINK]);
989
990 if (data[IFLA_VTI_LOCAL])
991 parms->laddr = nla_get_in6_addr(data[IFLA_VTI_LOCAL]);
992
993 if (data[IFLA_VTI_REMOTE])
994 parms->raddr = nla_get_in6_addr(data[IFLA_VTI_REMOTE]);
995
996 if (data[IFLA_VTI_IKEY])
997 parms->i_key = nla_get_be32(data[IFLA_VTI_IKEY]);
998
999 if (data[IFLA_VTI_OKEY])
1000 parms->o_key = nla_get_be32(data[IFLA_VTI_OKEY]);
1001
1002 if (data[IFLA_VTI_FWMARK])
1003 parms->fwmark = nla_get_u32(data[IFLA_VTI_FWMARK]);
1004}
1005
1006static int vti6_newlink(struct net *src_net, struct net_device *dev,
1007 struct nlattr *tb[], struct nlattr *data[],
1008 struct netlink_ext_ack *extack)
1009{
1010 struct net *net = dev_net(dev);
1011 struct ip6_tnl *nt;
1012
1013 nt = netdev_priv(dev);
1014 vti6_netlink_parms(data, &nt->parms);
1015
1016 nt->parms.proto = IPPROTO_IPV6;
1017
1018 if (vti6_locate(net, &nt->parms, 0))
1019 return -EEXIST;
1020
1021 return vti6_tnl_create2(dev);
1022}
1023
1024static void vti6_dellink(struct net_device *dev, struct list_head *head)
1025{
1026 struct net *net = dev_net(dev);
1027 struct vti6_net *ip6n = net_generic(net, vti6_net_id);
1028
1029 if (dev != ip6n->fb_tnl_dev)
1030 unregister_netdevice_queue(dev, head);
1031}
1032
1033static int vti6_changelink(struct net_device *dev, struct nlattr *tb[],
1034 struct nlattr *data[],
1035 struct netlink_ext_ack *extack)
1036{
1037 struct ip6_tnl *t;
1038 struct __ip6_tnl_parm p;
1039 struct net *net = dev_net(dev);
1040 struct vti6_net *ip6n = net_generic(net, vti6_net_id);
1041
1042 if (dev == ip6n->fb_tnl_dev)
1043 return -EINVAL;
1044
1045 vti6_netlink_parms(data, &p);
1046
1047 t = vti6_locate(net, &p, 0);
1048
1049 if (t) {
1050 if (t->dev != dev)
1051 return -EEXIST;
1052 } else
1053 t = netdev_priv(dev);
1054
1055 return vti6_update(t, &p, tb && tb[IFLA_MTU]);
1056}
1057
1058static size_t vti6_get_size(const struct net_device *dev)
1059{
1060 return
1061
1062 nla_total_size(4) +
1063
1064 nla_total_size(sizeof(struct in6_addr)) +
1065
1066 nla_total_size(sizeof(struct in6_addr)) +
1067
1068 nla_total_size(4) +
1069
1070 nla_total_size(4) +
1071
1072 nla_total_size(4) +
1073 0;
1074}
1075
1076static int vti6_fill_info(struct sk_buff *skb, const struct net_device *dev)
1077{
1078 struct ip6_tnl *tunnel = netdev_priv(dev);
1079 struct __ip6_tnl_parm *parm = &tunnel->parms;
1080
1081 if (nla_put_u32(skb, IFLA_VTI_LINK, parm->link) ||
1082 nla_put_in6_addr(skb, IFLA_VTI_LOCAL, &parm->laddr) ||
1083 nla_put_in6_addr(skb, IFLA_VTI_REMOTE, &parm->raddr) ||
1084 nla_put_be32(skb, IFLA_VTI_IKEY, parm->i_key) ||
1085 nla_put_be32(skb, IFLA_VTI_OKEY, parm->o_key) ||
1086 nla_put_u32(skb, IFLA_VTI_FWMARK, parm->fwmark))
1087 goto nla_put_failure;
1088 return 0;
1089
1090nla_put_failure:
1091 return -EMSGSIZE;
1092}
1093
1094static const struct nla_policy vti6_policy[IFLA_VTI_MAX + 1] = {
1095 [IFLA_VTI_LINK] = { .type = NLA_U32 },
1096 [IFLA_VTI_LOCAL] = { .len = sizeof(struct in6_addr) },
1097 [IFLA_VTI_REMOTE] = { .len = sizeof(struct in6_addr) },
1098 [IFLA_VTI_IKEY] = { .type = NLA_U32 },
1099 [IFLA_VTI_OKEY] = { .type = NLA_U32 },
1100 [IFLA_VTI_FWMARK] = { .type = NLA_U32 },
1101};
1102
1103static struct rtnl_link_ops vti6_link_ops __read_mostly = {
1104 .kind = "vti6",
1105 .maxtype = IFLA_VTI_MAX,
1106 .policy = vti6_policy,
1107 .priv_size = sizeof(struct ip6_tnl),
1108 .setup = vti6_dev_setup,
1109 .validate = vti6_validate,
1110 .newlink = vti6_newlink,
1111 .dellink = vti6_dellink,
1112 .changelink = vti6_changelink,
1113 .get_size = vti6_get_size,
1114 .fill_info = vti6_fill_info,
1115 .get_link_net = ip6_tnl_get_link_net,
1116};
1117
1118static void __net_exit vti6_destroy_tunnels(struct vti6_net *ip6n,
1119 struct list_head *list)
1120{
1121 int h;
1122 struct ip6_tnl *t;
1123
1124 for (h = 0; h < IP6_VTI_HASH_SIZE; h++) {
1125 t = rtnl_dereference(ip6n->tnls_r_l[h]);
1126 while (t) {
1127 unregister_netdevice_queue(t->dev, list);
1128 t = rtnl_dereference(t->next);
1129 }
1130 }
1131
1132 t = rtnl_dereference(ip6n->tnls_wc[0]);
1133 if (t)
1134 unregister_netdevice_queue(t->dev, list);
1135}
1136
1137static int __net_init vti6_init_net(struct net *net)
1138{
1139 struct vti6_net *ip6n = net_generic(net, vti6_net_id);
1140 struct ip6_tnl *t = NULL;
1141 int err;
1142
1143 ip6n->tnls[0] = ip6n->tnls_wc;
1144 ip6n->tnls[1] = ip6n->tnls_r_l;
1145
1146 if (!net_has_fallback_tunnels(net))
1147 return 0;
1148 err = -ENOMEM;
1149 ip6n->fb_tnl_dev = alloc_netdev(sizeof(struct ip6_tnl), "ip6_vti0",
1150 NET_NAME_UNKNOWN, vti6_dev_setup);
1151
1152 if (!ip6n->fb_tnl_dev)
1153 goto err_alloc_dev;
1154 dev_net_set(ip6n->fb_tnl_dev, net);
1155 ip6n->fb_tnl_dev->rtnl_link_ops = &vti6_link_ops;
1156
1157 err = vti6_fb_tnl_dev_init(ip6n->fb_tnl_dev);
1158 if (err < 0)
1159 goto err_register;
1160
1161 err = register_netdev(ip6n->fb_tnl_dev);
1162 if (err < 0)
1163 goto err_register;
1164
1165 t = netdev_priv(ip6n->fb_tnl_dev);
1166
1167 strcpy(t->parms.name, ip6n->fb_tnl_dev->name);
1168 return 0;
1169
1170err_register:
1171 free_netdev(ip6n->fb_tnl_dev);
1172err_alloc_dev:
1173 return err;
1174}
1175
1176static void __net_exit vti6_exit_batch_net(struct list_head *net_list)
1177{
1178 struct vti6_net *ip6n;
1179 struct net *net;
1180 LIST_HEAD(list);
1181
1182 rtnl_lock();
1183 list_for_each_entry(net, net_list, exit_list) {
1184 ip6n = net_generic(net, vti6_net_id);
1185 vti6_destroy_tunnels(ip6n, &list);
1186 }
1187 unregister_netdevice_many(&list);
1188 rtnl_unlock();
1189}
1190
1191static struct pernet_operations vti6_net_ops = {
1192 .init = vti6_init_net,
1193 .exit_batch = vti6_exit_batch_net,
1194 .id = &vti6_net_id,
1195 .size = sizeof(struct vti6_net),
1196};
1197
1198static struct xfrm6_protocol vti_esp6_protocol __read_mostly = {
1199 .handler = vti6_rcv,
1200 .input_handler = vti6_input_proto,
1201 .cb_handler = vti6_rcv_cb,
1202 .err_handler = vti6_err,
1203 .priority = 100,
1204};
1205
1206static struct xfrm6_protocol vti_ah6_protocol __read_mostly = {
1207 .handler = vti6_rcv,
1208 .input_handler = vti6_input_proto,
1209 .cb_handler = vti6_rcv_cb,
1210 .err_handler = vti6_err,
1211 .priority = 100,
1212};
1213
1214static struct xfrm6_protocol vti_ipcomp6_protocol __read_mostly = {
1215 .handler = vti6_rcv,
1216 .input_handler = vti6_input_proto,
1217 .cb_handler = vti6_rcv_cb,
1218 .err_handler = vti6_err,
1219 .priority = 100,
1220};
1221
1222#if IS_REACHABLE(CONFIG_INET6_XFRM_TUNNEL)
1223static int vti6_rcv_tunnel(struct sk_buff *skb)
1224{
1225 const xfrm_address_t *saddr;
1226 __be32 spi;
1227
1228 saddr = (const xfrm_address_t *)&ipv6_hdr(skb)->saddr;
1229 spi = xfrm6_tunnel_spi_lookup(dev_net(skb->dev), saddr);
1230
1231 return vti6_input_proto(skb, IPPROTO_IPV6, spi, 0);
1232}
1233
1234static struct xfrm6_tunnel vti_ipv6_handler __read_mostly = {
1235 .handler = vti6_rcv_tunnel,
1236 .cb_handler = vti6_rcv_cb,
1237 .err_handler = vti6_err,
1238 .priority = 0,
1239};
1240
1241static struct xfrm6_tunnel vti_ip6ip_handler __read_mostly = {
1242 .handler = vti6_rcv_tunnel,
1243 .cb_handler = vti6_rcv_cb,
1244 .err_handler = vti6_err,
1245 .priority = 0,
1246};
1247#endif
1248
1249
1250
1251
1252
1253
1254static int __init vti6_tunnel_init(void)
1255{
1256 const char *msg;
1257 int err;
1258
1259 msg = "tunnel device";
1260 err = register_pernet_device(&vti6_net_ops);
1261 if (err < 0)
1262 goto pernet_dev_failed;
1263
1264 msg = "tunnel protocols";
1265 err = xfrm6_protocol_register(&vti_esp6_protocol, IPPROTO_ESP);
1266 if (err < 0)
1267 goto xfrm_proto_esp_failed;
1268 err = xfrm6_protocol_register(&vti_ah6_protocol, IPPROTO_AH);
1269 if (err < 0)
1270 goto xfrm_proto_ah_failed;
1271 err = xfrm6_protocol_register(&vti_ipcomp6_protocol, IPPROTO_COMP);
1272 if (err < 0)
1273 goto xfrm_proto_comp_failed;
1274#if IS_REACHABLE(CONFIG_INET6_XFRM_TUNNEL)
1275 msg = "ipv6 tunnel";
1276 err = xfrm6_tunnel_register(&vti_ipv6_handler, AF_INET6);
1277 if (err < 0)
1278 goto vti_tunnel_ipv6_failed;
1279 err = xfrm6_tunnel_register(&vti_ip6ip_handler, AF_INET);
1280 if (err < 0)
1281 goto vti_tunnel_ip6ip_failed;
1282#endif
1283
1284 msg = "netlink interface";
1285 err = rtnl_link_register(&vti6_link_ops);
1286 if (err < 0)
1287 goto rtnl_link_failed;
1288
1289 return 0;
1290
1291rtnl_link_failed:
1292#if IS_REACHABLE(CONFIG_INET6_XFRM_TUNNEL)
1293 err = xfrm6_tunnel_deregister(&vti_ip6ip_handler, AF_INET);
1294vti_tunnel_ip6ip_failed:
1295 err = xfrm6_tunnel_deregister(&vti_ipv6_handler, AF_INET6);
1296vti_tunnel_ipv6_failed:
1297#endif
1298 xfrm6_protocol_deregister(&vti_ipcomp6_protocol, IPPROTO_COMP);
1299xfrm_proto_comp_failed:
1300 xfrm6_protocol_deregister(&vti_ah6_protocol, IPPROTO_AH);
1301xfrm_proto_ah_failed:
1302 xfrm6_protocol_deregister(&vti_esp6_protocol, IPPROTO_ESP);
1303xfrm_proto_esp_failed:
1304 unregister_pernet_device(&vti6_net_ops);
1305pernet_dev_failed:
1306 pr_err("vti6 init: failed to register %s\n", msg);
1307 return err;
1308}
1309
1310
1311
1312
1313static void __exit vti6_tunnel_cleanup(void)
1314{
1315 rtnl_link_unregister(&vti6_link_ops);
1316#if IS_REACHABLE(CONFIG_INET6_XFRM_TUNNEL)
1317 xfrm6_tunnel_deregister(&vti_ip6ip_handler, AF_INET);
1318 xfrm6_tunnel_deregister(&vti_ipv6_handler, AF_INET6);
1319#endif
1320 xfrm6_protocol_deregister(&vti_ipcomp6_protocol, IPPROTO_COMP);
1321 xfrm6_protocol_deregister(&vti_ah6_protocol, IPPROTO_AH);
1322 xfrm6_protocol_deregister(&vti_esp6_protocol, IPPROTO_ESP);
1323 unregister_pernet_device(&vti6_net_ops);
1324}
1325
1326module_init(vti6_tunnel_init);
1327module_exit(vti6_tunnel_cleanup);
1328MODULE_LICENSE("GPL");
1329MODULE_ALIAS_RTNL_LINK("vti6");
1330MODULE_ALIAS_NETDEV("ip6_vti0");
1331MODULE_AUTHOR("Steffen Klassert");
1332MODULE_DESCRIPTION("IPv6 virtual tunnel interface");
1333