1
2
3
4
5
6
7
8
9
10
11
12
13
14#include <linux/module.h>
15#include <linux/capability.h>
16#include <linux/errno.h>
17#include <linux/types.h>
18#include <linux/sockios.h>
19#include <linux/icmp.h>
20#include <linux/if.h>
21#include <linux/in.h>
22#include <linux/ip.h>
23#include <linux/net.h>
24#include <linux/in6.h>
25#include <linux/netdevice.h>
26#include <linux/if_arp.h>
27#include <linux/icmpv6.h>
28#include <linux/init.h>
29#include <linux/route.h>
30#include <linux/rtnetlink.h>
31#include <linux/netfilter_ipv6.h>
32#include <linux/slab.h>
33#include <linux/hash.h>
34
35#include <linux/uaccess.h>
36#include <linux/atomic.h>
37
38#include <net/icmp.h>
39#include <net/ip.h>
40#include <net/ip_tunnels.h>
41#include <net/ipv6.h>
42#include <net/ip6_route.h>
43#include <net/addrconf.h>
44#include <net/ip6_tunnel.h>
45#include <net/xfrm.h>
46#include <net/net_namespace.h>
47#include <net/netns/generic.h>
48#include <linux/etherdevice.h>
49
50#define IP6_VTI_HASH_SIZE_SHIFT 5
51#define IP6_VTI_HASH_SIZE (1 << IP6_VTI_HASH_SIZE_SHIFT)
52
53static u32 HASH(const struct in6_addr *addr1, const struct in6_addr *addr2)
54{
55 u32 hash = ipv6_addr_hash(addr1) ^ ipv6_addr_hash(addr2);
56
57 return hash_32(hash, IP6_VTI_HASH_SIZE_SHIFT);
58}
59
60static int vti6_dev_init(struct net_device *dev);
61static void vti6_dev_setup(struct net_device *dev);
62static struct rtnl_link_ops vti6_link_ops __read_mostly;
63
64static unsigned int vti6_net_id __read_mostly;
65struct vti6_net {
66
67 struct net_device *fb_tnl_dev;
68
69 struct ip6_tnl __rcu *tnls_r_l[IP6_VTI_HASH_SIZE];
70 struct ip6_tnl __rcu *tnls_wc[1];
71 struct ip6_tnl __rcu **tnls[2];
72};
73
74#define for_each_vti6_tunnel_rcu(start) \
75 for (t = rcu_dereference(start); t; t = rcu_dereference(t->next))
76
77
78
79
80
81
82
83
84
85
86
87
88static struct ip6_tnl *
89vti6_tnl_lookup(struct net *net, const struct in6_addr *remote,
90 const struct in6_addr *local)
91{
92 unsigned int hash = HASH(remote, local);
93 struct ip6_tnl *t;
94 struct vti6_net *ip6n = net_generic(net, vti6_net_id);
95 struct in6_addr any;
96
97 for_each_vti6_tunnel_rcu(ip6n->tnls_r_l[hash]) {
98 if (ipv6_addr_equal(local, &t->parms.laddr) &&
99 ipv6_addr_equal(remote, &t->parms.raddr) &&
100 (t->dev->flags & IFF_UP))
101 return t;
102 }
103
104 memset(&any, 0, sizeof(any));
105 hash = HASH(&any, local);
106 for_each_vti6_tunnel_rcu(ip6n->tnls_r_l[hash]) {
107 if (ipv6_addr_equal(local, &t->parms.laddr) &&
108 (t->dev->flags & IFF_UP))
109 return t;
110 }
111
112 hash = HASH(remote, &any);
113 for_each_vti6_tunnel_rcu(ip6n->tnls_r_l[hash]) {
114 if (ipv6_addr_equal(remote, &t->parms.raddr) &&
115 (t->dev->flags & IFF_UP))
116 return t;
117 }
118
119 t = rcu_dereference(ip6n->tnls_wc[0]);
120 if (t && (t->dev->flags & IFF_UP))
121 return t;
122
123 return NULL;
124}
125
126
127
128
129
130
131
132
133
134
135
136static struct ip6_tnl __rcu **
137vti6_tnl_bucket(struct vti6_net *ip6n, const struct __ip6_tnl_parm *p)
138{
139 const struct in6_addr *remote = &p->raddr;
140 const struct in6_addr *local = &p->laddr;
141 unsigned int h = 0;
142 int prio = 0;
143
144 if (!ipv6_addr_any(remote) || !ipv6_addr_any(local)) {
145 prio = 1;
146 h = HASH(remote, local);
147 }
148 return &ip6n->tnls[prio][h];
149}
150
151static void
152vti6_tnl_link(struct vti6_net *ip6n, struct ip6_tnl *t)
153{
154 struct ip6_tnl __rcu **tp = vti6_tnl_bucket(ip6n, &t->parms);
155
156 rcu_assign_pointer(t->next , rtnl_dereference(*tp));
157 rcu_assign_pointer(*tp, t);
158}
159
160static void
161vti6_tnl_unlink(struct vti6_net *ip6n, struct ip6_tnl *t)
162{
163 struct ip6_tnl __rcu **tp;
164 struct ip6_tnl *iter;
165
166 for (tp = vti6_tnl_bucket(ip6n, &t->parms);
167 (iter = rtnl_dereference(*tp)) != NULL;
168 tp = &iter->next) {
169 if (t == iter) {
170 rcu_assign_pointer(*tp, t->next);
171 break;
172 }
173 }
174}
175
176static void vti6_dev_free(struct net_device *dev)
177{
178 free_percpu(dev->tstats);
179}
180
181static int vti6_tnl_create2(struct net_device *dev)
182{
183 struct ip6_tnl *t = netdev_priv(dev);
184 struct net *net = dev_net(dev);
185 struct vti6_net *ip6n = net_generic(net, vti6_net_id);
186 int err;
187
188 dev->rtnl_link_ops = &vti6_link_ops;
189 err = register_netdevice(dev);
190 if (err < 0)
191 goto out;
192
193 strcpy(t->parms.name, dev->name);
194
195 dev_hold(dev);
196 vti6_tnl_link(ip6n, t);
197
198 return 0;
199
200out:
201 return err;
202}
203
204static struct ip6_tnl *vti6_tnl_create(struct net *net, struct __ip6_tnl_parm *p)
205{
206 struct net_device *dev;
207 struct ip6_tnl *t;
208 char name[IFNAMSIZ];
209 int err;
210
211 if (p->name[0]) {
212 if (!dev_valid_name(p->name))
213 goto failed;
214 strlcpy(name, p->name, IFNAMSIZ);
215 } else {
216 sprintf(name, "ip6_vti%%d");
217 }
218
219 dev = alloc_netdev(sizeof(*t), name, NET_NAME_UNKNOWN, vti6_dev_setup);
220 if (!dev)
221 goto failed;
222
223 dev_net_set(dev, net);
224
225 t = netdev_priv(dev);
226 t->parms = *p;
227 t->net = dev_net(dev);
228
229 err = vti6_tnl_create2(dev);
230 if (err < 0)
231 goto failed_free;
232
233 return t;
234
235failed_free:
236 free_netdev(dev);
237failed:
238 return NULL;
239}
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255static struct ip6_tnl *vti6_locate(struct net *net, struct __ip6_tnl_parm *p,
256 int create)
257{
258 const struct in6_addr *remote = &p->raddr;
259 const struct in6_addr *local = &p->laddr;
260 struct ip6_tnl __rcu **tp;
261 struct ip6_tnl *t;
262 struct vti6_net *ip6n = net_generic(net, vti6_net_id);
263
264 for (tp = vti6_tnl_bucket(ip6n, p);
265 (t = rtnl_dereference(*tp)) != NULL;
266 tp = &t->next) {
267 if (ipv6_addr_equal(local, &t->parms.laddr) &&
268 ipv6_addr_equal(remote, &t->parms.raddr)) {
269 if (create)
270 return NULL;
271
272 return t;
273 }
274 }
275 if (!create)
276 return NULL;
277 return vti6_tnl_create(net, p);
278}
279
280
281
282
283
284
285
286
287static void vti6_dev_uninit(struct net_device *dev)
288{
289 struct ip6_tnl *t = netdev_priv(dev);
290 struct vti6_net *ip6n = net_generic(t->net, vti6_net_id);
291
292 if (dev == ip6n->fb_tnl_dev)
293 RCU_INIT_POINTER(ip6n->tnls_wc[0], NULL);
294 else
295 vti6_tnl_unlink(ip6n, t);
296 dev_put(dev);
297}
298
299static int vti6_rcv(struct sk_buff *skb)
300{
301 struct ip6_tnl *t;
302 const struct ipv6hdr *ipv6h = ipv6_hdr(skb);
303
304 rcu_read_lock();
305 t = vti6_tnl_lookup(dev_net(skb->dev), &ipv6h->saddr, &ipv6h->daddr);
306 if (t) {
307 if (t->parms.proto != IPPROTO_IPV6 && t->parms.proto != 0) {
308 rcu_read_unlock();
309 goto discard;
310 }
311
312 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) {
313 rcu_read_unlock();
314 return 0;
315 }
316
317 ipv6h = ipv6_hdr(skb);
318 if (!ip6_tnl_rcv_ctl(t, &ipv6h->daddr, &ipv6h->saddr)) {
319 t->dev->stats.rx_dropped++;
320 rcu_read_unlock();
321 goto discard;
322 }
323
324 rcu_read_unlock();
325
326 return xfrm6_rcv_tnl(skb, t);
327 }
328 rcu_read_unlock();
329 return -EINVAL;
330discard:
331 kfree_skb(skb);
332 return 0;
333}
334
335static int vti6_rcv_cb(struct sk_buff *skb, int err)
336{
337 unsigned short family;
338 struct net_device *dev;
339 struct pcpu_sw_netstats *tstats;
340 struct xfrm_state *x;
341 const struct xfrm_mode *inner_mode;
342 struct ip6_tnl *t = XFRM_TUNNEL_SKB_CB(skb)->tunnel.ip6;
343 u32 orig_mark = skb->mark;
344 int ret;
345
346 if (!t)
347 return 1;
348
349 dev = t->dev;
350
351 if (err) {
352 dev->stats.rx_errors++;
353 dev->stats.rx_dropped++;
354
355 return 0;
356 }
357
358 x = xfrm_input_state(skb);
359
360 inner_mode = &x->inner_mode;
361
362 if (x->sel.family == AF_UNSPEC) {
363 inner_mode = xfrm_ip2inner_mode(x, XFRM_MODE_SKB_CB(skb)->protocol);
364 if (inner_mode == NULL) {
365 XFRM_INC_STATS(dev_net(skb->dev),
366 LINUX_MIB_XFRMINSTATEMODEERROR);
367 return -EINVAL;
368 }
369 }
370
371 family = inner_mode->family;
372
373 skb->mark = be32_to_cpu(t->parms.i_key);
374 ret = xfrm_policy_check(NULL, XFRM_POLICY_IN, skb, family);
375 skb->mark = orig_mark;
376
377 if (!ret)
378 return -EPERM;
379
380 skb_scrub_packet(skb, !net_eq(t->net, dev_net(skb->dev)));
381 skb->dev = dev;
382
383 tstats = this_cpu_ptr(dev->tstats);
384 u64_stats_update_begin(&tstats->syncp);
385 tstats->rx_packets++;
386 tstats->rx_bytes += skb->len;
387 u64_stats_update_end(&tstats->syncp);
388
389 return 0;
390}
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405static inline bool
406vti6_addr_conflict(const struct ip6_tnl *t, const struct ipv6hdr *hdr)
407{
408 return ipv6_addr_equal(&t->parms.raddr, &hdr->saddr);
409}
410
411static bool vti6_state_check(const struct xfrm_state *x,
412 const struct in6_addr *dst,
413 const struct in6_addr *src)
414{
415 xfrm_address_t *daddr = (xfrm_address_t *)dst;
416 xfrm_address_t *saddr = (xfrm_address_t *)src;
417
418
419
420
421 if (!x || x->props.mode != XFRM_MODE_TUNNEL ||
422 x->props.family != AF_INET6)
423 return false;
424
425 if (ipv6_addr_any(dst))
426 return xfrm_addr_equal(saddr, &x->props.saddr, AF_INET6);
427
428 if (!xfrm_state_addr_check(x, daddr, saddr, AF_INET6))
429 return false;
430
431 return true;
432}
433
434
435
436
437
438
439
440static int
441vti6_xmit(struct sk_buff *skb, struct net_device *dev, struct flowi *fl)
442{
443 struct ip6_tnl *t = netdev_priv(dev);
444 struct net_device_stats *stats = &t->dev->stats;
445 struct dst_entry *dst = skb_dst(skb);
446 struct net_device *tdev;
447 struct xfrm_state *x;
448 int pkt_len = skb->len;
449 int err = -1;
450 int mtu;
451
452 if (!dst)
453 goto tx_err_link_failure;
454
455 dst_hold(dst);
456 dst = xfrm_lookup(t->net, dst, fl, NULL, 0);
457 if (IS_ERR(dst)) {
458 err = PTR_ERR(dst);
459 dst = NULL;
460 goto tx_err_link_failure;
461 }
462
463 x = dst->xfrm;
464 if (!vti6_state_check(x, &t->parms.raddr, &t->parms.laddr))
465 goto tx_err_link_failure;
466
467 if (!ip6_tnl_xmit_ctl(t, (const struct in6_addr *)&x->props.saddr,
468 (const struct in6_addr *)&x->id.daddr))
469 goto tx_err_link_failure;
470
471 tdev = dst->dev;
472
473 if (tdev == dev) {
474 stats->collisions++;
475 net_warn_ratelimited("%s: Local routing loop detected!\n",
476 t->parms.name);
477 goto tx_err_dst_release;
478 }
479
480 mtu = dst_mtu(dst);
481 if (skb->len > mtu) {
482 skb_dst_update_pmtu(skb, mtu);
483
484 if (skb->protocol == htons(ETH_P_IPV6)) {
485 if (mtu < IPV6_MIN_MTU)
486 mtu = IPV6_MIN_MTU;
487
488 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu);
489 } else {
490 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED,
491 htonl(mtu));
492 }
493
494 err = -EMSGSIZE;
495 goto tx_err_dst_release;
496 }
497
498 skb_scrub_packet(skb, !net_eq(t->net, dev_net(dev)));
499 skb_dst_set(skb, dst);
500 skb->dev = skb_dst(skb)->dev;
501
502 err = dst_output(t->net, skb->sk, skb);
503 if (net_xmit_eval(err) == 0)
504 err = pkt_len;
505 iptunnel_xmit_stats(dev, err);
506
507 return 0;
508tx_err_link_failure:
509 stats->tx_carrier_errors++;
510 dst_link_failure(skb);
511tx_err_dst_release:
512 dst_release(dst);
513 return err;
514}
515
516static netdev_tx_t
517vti6_tnl_xmit(struct sk_buff *skb, struct net_device *dev)
518{
519 struct ip6_tnl *t = netdev_priv(dev);
520 struct net_device_stats *stats = &t->dev->stats;
521 struct flowi fl;
522 int ret;
523
524 if (!pskb_inet_may_pull(skb))
525 goto tx_err;
526
527 memset(&fl, 0, sizeof(fl));
528
529 switch (skb->protocol) {
530 case htons(ETH_P_IPV6):
531 if ((t->parms.proto != IPPROTO_IPV6 && t->parms.proto != 0) ||
532 vti6_addr_conflict(t, ipv6_hdr(skb)))
533 goto tx_err;
534
535 xfrm_decode_session(skb, &fl, AF_INET6);
536 memset(IP6CB(skb), 0, sizeof(*IP6CB(skb)));
537 break;
538 case htons(ETH_P_IP):
539 xfrm_decode_session(skb, &fl, AF_INET);
540 memset(IPCB(skb), 0, sizeof(*IPCB(skb)));
541 break;
542 default:
543 goto tx_err;
544 }
545
546
547 fl.flowi_mark = be32_to_cpu(t->parms.o_key);
548
549 ret = vti6_xmit(skb, dev, &fl);
550 if (ret < 0)
551 goto tx_err;
552
553 return NETDEV_TX_OK;
554
555tx_err:
556 stats->tx_errors++;
557 stats->tx_dropped++;
558 kfree_skb(skb);
559 return NETDEV_TX_OK;
560}
561
562static int vti6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
563 u8 type, u8 code, int offset, __be32 info)
564{
565 __be32 spi;
566 __u32 mark;
567 struct xfrm_state *x;
568 struct ip6_tnl *t;
569 struct ip_esp_hdr *esph;
570 struct ip_auth_hdr *ah;
571 struct ip_comp_hdr *ipch;
572 struct net *net = dev_net(skb->dev);
573 const struct ipv6hdr *iph = (const struct ipv6hdr *)skb->data;
574 int protocol = iph->nexthdr;
575
576 t = vti6_tnl_lookup(dev_net(skb->dev), &iph->daddr, &iph->saddr);
577 if (!t)
578 return -1;
579
580 mark = be32_to_cpu(t->parms.o_key);
581
582 switch (protocol) {
583 case IPPROTO_ESP:
584 esph = (struct ip_esp_hdr *)(skb->data + offset);
585 spi = esph->spi;
586 break;
587 case IPPROTO_AH:
588 ah = (struct ip_auth_hdr *)(skb->data + offset);
589 spi = ah->spi;
590 break;
591 case IPPROTO_COMP:
592 ipch = (struct ip_comp_hdr *)(skb->data + offset);
593 spi = htonl(ntohs(ipch->cpi));
594 break;
595 default:
596 return 0;
597 }
598
599 if (type != ICMPV6_PKT_TOOBIG &&
600 type != NDISC_REDIRECT)
601 return 0;
602
603 x = xfrm_state_lookup(net, mark, (const xfrm_address_t *)&iph->daddr,
604 spi, protocol, AF_INET6);
605 if (!x)
606 return 0;
607
608 if (type == NDISC_REDIRECT)
609 ip6_redirect(skb, net, skb->dev->ifindex, 0,
610 sock_net_uid(net, NULL));
611 else
612 ip6_update_pmtu(skb, net, info, 0, 0, sock_net_uid(net, NULL));
613 xfrm_state_put(x);
614
615 return 0;
616}
617
618static void vti6_link_config(struct ip6_tnl *t, bool keep_mtu)
619{
620 struct net_device *dev = t->dev;
621 struct __ip6_tnl_parm *p = &t->parms;
622 struct net_device *tdev = NULL;
623 int mtu;
624
625 memcpy(dev->dev_addr, &p->laddr, sizeof(struct in6_addr));
626 memcpy(dev->broadcast, &p->raddr, sizeof(struct in6_addr));
627
628 p->flags &= ~(IP6_TNL_F_CAP_XMIT | IP6_TNL_F_CAP_RCV |
629 IP6_TNL_F_CAP_PER_PACKET);
630 p->flags |= ip6_tnl_get_cap(t, &p->laddr, &p->raddr);
631
632 if (p->flags & IP6_TNL_F_CAP_XMIT && p->flags & IP6_TNL_F_CAP_RCV)
633 dev->flags |= IFF_POINTOPOINT;
634 else
635 dev->flags &= ~IFF_POINTOPOINT;
636
637 if (keep_mtu && dev->mtu) {
638 dev->mtu = clamp(dev->mtu, dev->min_mtu, dev->max_mtu);
639 return;
640 }
641
642 if (p->flags & IP6_TNL_F_CAP_XMIT) {
643 int strict = (ipv6_addr_type(&p->raddr) &
644 (IPV6_ADDR_MULTICAST | IPV6_ADDR_LINKLOCAL));
645 struct rt6_info *rt = rt6_lookup(t->net,
646 &p->raddr, &p->laddr,
647 p->link, NULL, strict);
648
649 if (rt)
650 tdev = rt->dst.dev;
651 ip6_rt_put(rt);
652 }
653
654 if (!tdev && p->link)
655 tdev = __dev_get_by_index(t->net, p->link);
656
657 if (tdev)
658 mtu = tdev->mtu - sizeof(struct ipv6hdr);
659 else
660 mtu = ETH_DATA_LEN - LL_MAX_HEADER - sizeof(struct ipv6hdr);
661
662 dev->mtu = max_t(int, mtu, IPV4_MIN_MTU);
663}
664
665
666
667
668
669
670
671
672
673
674static int
675vti6_tnl_change(struct ip6_tnl *t, const struct __ip6_tnl_parm *p,
676 bool keep_mtu)
677{
678 t->parms.laddr = p->laddr;
679 t->parms.raddr = p->raddr;
680 t->parms.link = p->link;
681 t->parms.i_key = p->i_key;
682 t->parms.o_key = p->o_key;
683 t->parms.proto = p->proto;
684 t->parms.fwmark = p->fwmark;
685 dst_cache_reset(&t->dst_cache);
686 vti6_link_config(t, keep_mtu);
687 return 0;
688}
689
690static int vti6_update(struct ip6_tnl *t, struct __ip6_tnl_parm *p,
691 bool keep_mtu)
692{
693 struct net *net = dev_net(t->dev);
694 struct vti6_net *ip6n = net_generic(net, vti6_net_id);
695 int err;
696
697 vti6_tnl_unlink(ip6n, t);
698 synchronize_net();
699 err = vti6_tnl_change(t, p, keep_mtu);
700 vti6_tnl_link(ip6n, t);
701 netdev_state_change(t->dev);
702 return err;
703}
704
705static void
706vti6_parm_from_user(struct __ip6_tnl_parm *p, const struct ip6_tnl_parm2 *u)
707{
708 p->laddr = u->laddr;
709 p->raddr = u->raddr;
710 p->link = u->link;
711 p->i_key = u->i_key;
712 p->o_key = u->o_key;
713 p->proto = u->proto;
714
715 memcpy(p->name, u->name, sizeof(u->name));
716}
717
718static void
719vti6_parm_to_user(struct ip6_tnl_parm2 *u, const struct __ip6_tnl_parm *p)
720{
721 u->laddr = p->laddr;
722 u->raddr = p->raddr;
723 u->link = p->link;
724 u->i_key = p->i_key;
725 u->o_key = p->o_key;
726 if (u->i_key)
727 u->i_flags |= GRE_KEY;
728 if (u->o_key)
729 u->o_flags |= GRE_KEY;
730 u->proto = p->proto;
731
732 memcpy(u->name, p->name, sizeof(u->name));
733}
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762static int
763vti6_ioctl(struct net_device *dev, struct ifreq *ifr, int cmd)
764{
765 int err = 0;
766 struct ip6_tnl_parm2 p;
767 struct __ip6_tnl_parm p1;
768 struct ip6_tnl *t = NULL;
769 struct net *net = dev_net(dev);
770 struct vti6_net *ip6n = net_generic(net, vti6_net_id);
771
772 switch (cmd) {
773 case SIOCGETTUNNEL:
774 if (dev == ip6n->fb_tnl_dev) {
775 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p))) {
776 err = -EFAULT;
777 break;
778 }
779 vti6_parm_from_user(&p1, &p);
780 t = vti6_locate(net, &p1, 0);
781 } else {
782 memset(&p, 0, sizeof(p));
783 }
784 if (!t)
785 t = netdev_priv(dev);
786 vti6_parm_to_user(&p, &t->parms);
787 if (copy_to_user(ifr->ifr_ifru.ifru_data, &p, sizeof(p)))
788 err = -EFAULT;
789 break;
790 case SIOCADDTUNNEL:
791 case SIOCCHGTUNNEL:
792 err = -EPERM;
793 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
794 break;
795 err = -EFAULT;
796 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p)))
797 break;
798 err = -EINVAL;
799 if (p.proto != IPPROTO_IPV6 && p.proto != 0)
800 break;
801 vti6_parm_from_user(&p1, &p);
802 t = vti6_locate(net, &p1, cmd == SIOCADDTUNNEL);
803 if (dev != ip6n->fb_tnl_dev && cmd == SIOCCHGTUNNEL) {
804 if (t) {
805 if (t->dev != dev) {
806 err = -EEXIST;
807 break;
808 }
809 } else
810 t = netdev_priv(dev);
811
812 err = vti6_update(t, &p1, false);
813 }
814 if (t) {
815 err = 0;
816 vti6_parm_to_user(&p, &t->parms);
817 if (copy_to_user(ifr->ifr_ifru.ifru_data, &p, sizeof(p)))
818 err = -EFAULT;
819
820 } else
821 err = (cmd == SIOCADDTUNNEL ? -ENOBUFS : -ENOENT);
822 break;
823 case SIOCDELTUNNEL:
824 err = -EPERM;
825 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
826 break;
827
828 if (dev == ip6n->fb_tnl_dev) {
829 err = -EFAULT;
830 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p)))
831 break;
832 err = -ENOENT;
833 vti6_parm_from_user(&p1, &p);
834 t = vti6_locate(net, &p1, 0);
835 if (!t)
836 break;
837 err = -EPERM;
838 if (t->dev == ip6n->fb_tnl_dev)
839 break;
840 dev = t->dev;
841 }
842 err = 0;
843 unregister_netdevice(dev);
844 break;
845 default:
846 err = -EINVAL;
847 }
848 return err;
849}
850
851static const struct net_device_ops vti6_netdev_ops = {
852 .ndo_init = vti6_dev_init,
853 .ndo_uninit = vti6_dev_uninit,
854 .ndo_start_xmit = vti6_tnl_xmit,
855 .ndo_do_ioctl = vti6_ioctl,
856 .ndo_get_stats64 = ip_tunnel_get_stats64,
857 .ndo_get_iflink = ip6_tnl_get_iflink,
858};
859
860
861
862
863
864
865
866
867static void vti6_dev_setup(struct net_device *dev)
868{
869 dev->netdev_ops = &vti6_netdev_ops;
870 dev->needs_free_netdev = true;
871 dev->priv_destructor = vti6_dev_free;
872
873 dev->type = ARPHRD_TUNNEL6;
874 dev->min_mtu = IPV4_MIN_MTU;
875 dev->max_mtu = IP_MAX_MTU - sizeof(struct ipv6hdr);
876 dev->flags |= IFF_NOARP;
877 dev->addr_len = sizeof(struct in6_addr);
878 netif_keep_dst(dev);
879
880 dev->addr_assign_type = NET_ADDR_RANDOM;
881 eth_random_addr(dev->perm_addr);
882}
883
884
885
886
887
888static inline int vti6_dev_init_gen(struct net_device *dev)
889{
890 struct ip6_tnl *t = netdev_priv(dev);
891
892 t->dev = dev;
893 t->net = dev_net(dev);
894 dev->tstats = netdev_alloc_pcpu_stats(struct pcpu_sw_netstats);
895 if (!dev->tstats)
896 return -ENOMEM;
897 return 0;
898}
899
900
901
902
903
904static int vti6_dev_init(struct net_device *dev)
905{
906 struct ip6_tnl *t = netdev_priv(dev);
907 int err = vti6_dev_init_gen(dev);
908
909 if (err)
910 return err;
911 vti6_link_config(t, true);
912 return 0;
913}
914
915
916
917
918
919
920
921static int __net_init vti6_fb_tnl_dev_init(struct net_device *dev)
922{
923 struct ip6_tnl *t = netdev_priv(dev);
924 struct net *net = dev_net(dev);
925 struct vti6_net *ip6n = net_generic(net, vti6_net_id);
926
927 t->parms.proto = IPPROTO_IPV6;
928 dev_hold(dev);
929
930 rcu_assign_pointer(ip6n->tnls_wc[0], t);
931 return 0;
932}
933
934static int vti6_validate(struct nlattr *tb[], struct nlattr *data[],
935 struct netlink_ext_ack *extack)
936{
937 return 0;
938}
939
940static void vti6_netlink_parms(struct nlattr *data[],
941 struct __ip6_tnl_parm *parms)
942{
943 memset(parms, 0, sizeof(*parms));
944
945 if (!data)
946 return;
947
948 if (data[IFLA_VTI_LINK])
949 parms->link = nla_get_u32(data[IFLA_VTI_LINK]);
950
951 if (data[IFLA_VTI_LOCAL])
952 parms->laddr = nla_get_in6_addr(data[IFLA_VTI_LOCAL]);
953
954 if (data[IFLA_VTI_REMOTE])
955 parms->raddr = nla_get_in6_addr(data[IFLA_VTI_REMOTE]);
956
957 if (data[IFLA_VTI_IKEY])
958 parms->i_key = nla_get_be32(data[IFLA_VTI_IKEY]);
959
960 if (data[IFLA_VTI_OKEY])
961 parms->o_key = nla_get_be32(data[IFLA_VTI_OKEY]);
962
963 if (data[IFLA_VTI_FWMARK])
964 parms->fwmark = nla_get_u32(data[IFLA_VTI_FWMARK]);
965}
966
967static int vti6_newlink(struct net *src_net, struct net_device *dev,
968 struct nlattr *tb[], struct nlattr *data[],
969 struct netlink_ext_ack *extack)
970{
971 struct net *net = dev_net(dev);
972 struct ip6_tnl *nt;
973
974 nt = netdev_priv(dev);
975 vti6_netlink_parms(data, &nt->parms);
976
977 nt->parms.proto = IPPROTO_IPV6;
978
979 if (vti6_locate(net, &nt->parms, 0))
980 return -EEXIST;
981
982 return vti6_tnl_create2(dev);
983}
984
985static void vti6_dellink(struct net_device *dev, struct list_head *head)
986{
987 struct net *net = dev_net(dev);
988 struct vti6_net *ip6n = net_generic(net, vti6_net_id);
989
990 if (dev != ip6n->fb_tnl_dev)
991 unregister_netdevice_queue(dev, head);
992}
993
994static int vti6_changelink(struct net_device *dev, struct nlattr *tb[],
995 struct nlattr *data[],
996 struct netlink_ext_ack *extack)
997{
998 struct ip6_tnl *t;
999 struct __ip6_tnl_parm p;
1000 struct net *net = dev_net(dev);
1001 struct vti6_net *ip6n = net_generic(net, vti6_net_id);
1002
1003 if (dev == ip6n->fb_tnl_dev)
1004 return -EINVAL;
1005
1006 vti6_netlink_parms(data, &p);
1007
1008 t = vti6_locate(net, &p, 0);
1009
1010 if (t) {
1011 if (t->dev != dev)
1012 return -EEXIST;
1013 } else
1014 t = netdev_priv(dev);
1015
1016 return vti6_update(t, &p, tb && tb[IFLA_MTU]);
1017}
1018
1019static size_t vti6_get_size(const struct net_device *dev)
1020{
1021 return
1022
1023 nla_total_size(4) +
1024
1025 nla_total_size(sizeof(struct in6_addr)) +
1026
1027 nla_total_size(sizeof(struct in6_addr)) +
1028
1029 nla_total_size(4) +
1030
1031 nla_total_size(4) +
1032
1033 nla_total_size(4) +
1034 0;
1035}
1036
1037static int vti6_fill_info(struct sk_buff *skb, const struct net_device *dev)
1038{
1039 struct ip6_tnl *tunnel = netdev_priv(dev);
1040 struct __ip6_tnl_parm *parm = &tunnel->parms;
1041
1042 if (nla_put_u32(skb, IFLA_VTI_LINK, parm->link) ||
1043 nla_put_in6_addr(skb, IFLA_VTI_LOCAL, &parm->laddr) ||
1044 nla_put_in6_addr(skb, IFLA_VTI_REMOTE, &parm->raddr) ||
1045 nla_put_be32(skb, IFLA_VTI_IKEY, parm->i_key) ||
1046 nla_put_be32(skb, IFLA_VTI_OKEY, parm->o_key) ||
1047 nla_put_u32(skb, IFLA_VTI_FWMARK, parm->fwmark))
1048 goto nla_put_failure;
1049 return 0;
1050
1051nla_put_failure:
1052 return -EMSGSIZE;
1053}
1054
1055static const struct nla_policy vti6_policy[IFLA_VTI_MAX + 1] = {
1056 [IFLA_VTI_LINK] = { .type = NLA_U32 },
1057 [IFLA_VTI_LOCAL] = { .len = sizeof(struct in6_addr) },
1058 [IFLA_VTI_REMOTE] = { .len = sizeof(struct in6_addr) },
1059 [IFLA_VTI_IKEY] = { .type = NLA_U32 },
1060 [IFLA_VTI_OKEY] = { .type = NLA_U32 },
1061 [IFLA_VTI_FWMARK] = { .type = NLA_U32 },
1062};
1063
1064static struct rtnl_link_ops vti6_link_ops __read_mostly = {
1065 .kind = "vti6",
1066 .maxtype = IFLA_VTI_MAX,
1067 .policy = vti6_policy,
1068 .priv_size = sizeof(struct ip6_tnl),
1069 .setup = vti6_dev_setup,
1070 .validate = vti6_validate,
1071 .newlink = vti6_newlink,
1072 .dellink = vti6_dellink,
1073 .changelink = vti6_changelink,
1074 .get_size = vti6_get_size,
1075 .fill_info = vti6_fill_info,
1076 .get_link_net = ip6_tnl_get_link_net,
1077};
1078
1079static void __net_exit vti6_destroy_tunnels(struct vti6_net *ip6n,
1080 struct list_head *list)
1081{
1082 int h;
1083 struct ip6_tnl *t;
1084
1085 for (h = 0; h < IP6_VTI_HASH_SIZE; h++) {
1086 t = rtnl_dereference(ip6n->tnls_r_l[h]);
1087 while (t) {
1088 unregister_netdevice_queue(t->dev, list);
1089 t = rtnl_dereference(t->next);
1090 }
1091 }
1092
1093 t = rtnl_dereference(ip6n->tnls_wc[0]);
1094 if (t)
1095 unregister_netdevice_queue(t->dev, list);
1096}
1097
1098static int __net_init vti6_init_net(struct net *net)
1099{
1100 struct vti6_net *ip6n = net_generic(net, vti6_net_id);
1101 struct ip6_tnl *t = NULL;
1102 int err;
1103
1104 ip6n->tnls[0] = ip6n->tnls_wc;
1105 ip6n->tnls[1] = ip6n->tnls_r_l;
1106
1107 if (!net_has_fallback_tunnels(net))
1108 return 0;
1109 err = -ENOMEM;
1110 ip6n->fb_tnl_dev = alloc_netdev(sizeof(struct ip6_tnl), "ip6_vti0",
1111 NET_NAME_UNKNOWN, vti6_dev_setup);
1112
1113 if (!ip6n->fb_tnl_dev)
1114 goto err_alloc_dev;
1115 dev_net_set(ip6n->fb_tnl_dev, net);
1116 ip6n->fb_tnl_dev->rtnl_link_ops = &vti6_link_ops;
1117
1118 err = vti6_fb_tnl_dev_init(ip6n->fb_tnl_dev);
1119 if (err < 0)
1120 goto err_register;
1121
1122 err = register_netdev(ip6n->fb_tnl_dev);
1123 if (err < 0)
1124 goto err_register;
1125
1126 t = netdev_priv(ip6n->fb_tnl_dev);
1127
1128 strcpy(t->parms.name, ip6n->fb_tnl_dev->name);
1129 return 0;
1130
1131err_register:
1132 free_netdev(ip6n->fb_tnl_dev);
1133err_alloc_dev:
1134 return err;
1135}
1136
1137static void __net_exit vti6_exit_batch_net(struct list_head *net_list)
1138{
1139 struct vti6_net *ip6n;
1140 struct net *net;
1141 LIST_HEAD(list);
1142
1143 rtnl_lock();
1144 list_for_each_entry(net, net_list, exit_list) {
1145 ip6n = net_generic(net, vti6_net_id);
1146 vti6_destroy_tunnels(ip6n, &list);
1147 }
1148 unregister_netdevice_many(&list);
1149 rtnl_unlock();
1150}
1151
1152static struct pernet_operations vti6_net_ops = {
1153 .init = vti6_init_net,
1154 .exit_batch = vti6_exit_batch_net,
1155 .id = &vti6_net_id,
1156 .size = sizeof(struct vti6_net),
1157};
1158
1159static struct xfrm6_protocol vti_esp6_protocol __read_mostly = {
1160 .handler = vti6_rcv,
1161 .cb_handler = vti6_rcv_cb,
1162 .err_handler = vti6_err,
1163 .priority = 100,
1164};
1165
1166static struct xfrm6_protocol vti_ah6_protocol __read_mostly = {
1167 .handler = vti6_rcv,
1168 .cb_handler = vti6_rcv_cb,
1169 .err_handler = vti6_err,
1170 .priority = 100,
1171};
1172
1173static struct xfrm6_protocol vti_ipcomp6_protocol __read_mostly = {
1174 .handler = vti6_rcv,
1175 .cb_handler = vti6_rcv_cb,
1176 .err_handler = vti6_err,
1177 .priority = 100,
1178};
1179
1180
1181
1182
1183
1184
1185static int __init vti6_tunnel_init(void)
1186{
1187 const char *msg;
1188 int err;
1189
1190 msg = "tunnel device";
1191 err = register_pernet_device(&vti6_net_ops);
1192 if (err < 0)
1193 goto pernet_dev_failed;
1194
1195 msg = "tunnel protocols";
1196 err = xfrm6_protocol_register(&vti_esp6_protocol, IPPROTO_ESP);
1197 if (err < 0)
1198 goto xfrm_proto_esp_failed;
1199 err = xfrm6_protocol_register(&vti_ah6_protocol, IPPROTO_AH);
1200 if (err < 0)
1201 goto xfrm_proto_ah_failed;
1202 err = xfrm6_protocol_register(&vti_ipcomp6_protocol, IPPROTO_COMP);
1203 if (err < 0)
1204 goto xfrm_proto_comp_failed;
1205
1206 msg = "netlink interface";
1207 err = rtnl_link_register(&vti6_link_ops);
1208 if (err < 0)
1209 goto rtnl_link_failed;
1210
1211 return 0;
1212
1213rtnl_link_failed:
1214 xfrm6_protocol_deregister(&vti_ipcomp6_protocol, IPPROTO_COMP);
1215xfrm_proto_comp_failed:
1216 xfrm6_protocol_deregister(&vti_ah6_protocol, IPPROTO_AH);
1217xfrm_proto_ah_failed:
1218 xfrm6_protocol_deregister(&vti_esp6_protocol, IPPROTO_ESP);
1219xfrm_proto_esp_failed:
1220 unregister_pernet_device(&vti6_net_ops);
1221pernet_dev_failed:
1222 pr_err("vti6 init: failed to register %s\n", msg);
1223 return err;
1224}
1225
1226
1227
1228
1229static void __exit vti6_tunnel_cleanup(void)
1230{
1231 rtnl_link_unregister(&vti6_link_ops);
1232 xfrm6_protocol_deregister(&vti_ipcomp6_protocol, IPPROTO_COMP);
1233 xfrm6_protocol_deregister(&vti_ah6_protocol, IPPROTO_AH);
1234 xfrm6_protocol_deregister(&vti_esp6_protocol, IPPROTO_ESP);
1235 unregister_pernet_device(&vti6_net_ops);
1236}
1237
1238module_init(vti6_tunnel_init);
1239module_exit(vti6_tunnel_cleanup);
1240MODULE_LICENSE("GPL");
1241MODULE_ALIAS_RTNL_LINK("vti6");
1242MODULE_ALIAS_NETDEV("ip6_vti0");
1243MODULE_AUTHOR("Steffen Klassert");
1244MODULE_DESCRIPTION("IPv6 virtual tunnel interface");
1245
