1
2
3
4
5
6
7
8
9
10
11
12
13
14#include <linux/module.h>
15#include <linux/capability.h>
16#include <linux/errno.h>
17#include <linux/types.h>
18#include <linux/sockios.h>
19#include <linux/icmp.h>
20#include <linux/if.h>
21#include <linux/in.h>
22#include <linux/ip.h>
23#include <linux/net.h>
24#include <linux/in6.h>
25#include <linux/netdevice.h>
26#include <linux/if_arp.h>
27#include <linux/icmpv6.h>
28#include <linux/init.h>
29#include <linux/route.h>
30#include <linux/rtnetlink.h>
31#include <linux/netfilter_ipv6.h>
32#include <linux/slab.h>
33#include <linux/hash.h>
34
35#include <linux/uaccess.h>
36#include <linux/atomic.h>
37
38#include <net/icmp.h>
39#include <net/ip.h>
40#include <net/ip_tunnels.h>
41#include <net/ipv6.h>
42#include <net/ip6_route.h>
43#include <net/addrconf.h>
44#include <net/ip6_tunnel.h>
45#include <net/xfrm.h>
46#include <net/net_namespace.h>
47#include <net/netns/generic.h>
48#include <linux/etherdevice.h>
49
50#define IP6_VTI_HASH_SIZE_SHIFT 5
51#define IP6_VTI_HASH_SIZE (1 << IP6_VTI_HASH_SIZE_SHIFT)
52
53static u32 HASH(const struct in6_addr *addr1, const struct in6_addr *addr2)
54{
55 u32 hash = ipv6_addr_hash(addr1) ^ ipv6_addr_hash(addr2);
56
57 return hash_32(hash, IP6_VTI_HASH_SIZE_SHIFT);
58}
59
60static int vti6_dev_init(struct net_device *dev);
61static void vti6_dev_setup(struct net_device *dev);
62static struct rtnl_link_ops vti6_link_ops __read_mostly;
63
64static unsigned int vti6_net_id __read_mostly;
65struct vti6_net {
66
67 struct net_device *fb_tnl_dev;
68
69 struct ip6_tnl __rcu *tnls_r_l[IP6_VTI_HASH_SIZE];
70 struct ip6_tnl __rcu *tnls_wc[1];
71 struct ip6_tnl __rcu **tnls[2];
72};
73
74#define for_each_vti6_tunnel_rcu(start) \
75 for (t = rcu_dereference(start); t; t = rcu_dereference(t->next))
76
77
78
79
80
81
82
83
84
85
86
87
88static struct ip6_tnl *
89vti6_tnl_lookup(struct net *net, const struct in6_addr *remote,
90 const struct in6_addr *local)
91{
92 unsigned int hash = HASH(remote, local);
93 struct ip6_tnl *t;
94 struct vti6_net *ip6n = net_generic(net, vti6_net_id);
95 struct in6_addr any;
96
97 for_each_vti6_tunnel_rcu(ip6n->tnls_r_l[hash]) {
98 if (ipv6_addr_equal(local, &t->parms.laddr) &&
99 ipv6_addr_equal(remote, &t->parms.raddr) &&
100 (t->dev->flags & IFF_UP))
101 return t;
102 }
103
104 memset(&any, 0, sizeof(any));
105 hash = HASH(&any, local);
106 for_each_vti6_tunnel_rcu(ip6n->tnls_r_l[hash]) {
107 if (ipv6_addr_equal(local, &t->parms.laddr) &&
108 (t->dev->flags & IFF_UP))
109 return t;
110 }
111
112 hash = HASH(remote, &any);
113 for_each_vti6_tunnel_rcu(ip6n->tnls_r_l[hash]) {
114 if (ipv6_addr_equal(remote, &t->parms.raddr) &&
115 (t->dev->flags & IFF_UP))
116 return t;
117 }
118
119 t = rcu_dereference(ip6n->tnls_wc[0]);
120 if (t && (t->dev->flags & IFF_UP))
121 return t;
122
123 return NULL;
124}
125
126
127
128
129
130
131
132
133
134
135
136static struct ip6_tnl __rcu **
137vti6_tnl_bucket(struct vti6_net *ip6n, const struct __ip6_tnl_parm *p)
138{
139 const struct in6_addr *remote = &p->raddr;
140 const struct in6_addr *local = &p->laddr;
141 unsigned int h = 0;
142 int prio = 0;
143
144 if (!ipv6_addr_any(remote) || !ipv6_addr_any(local)) {
145 prio = 1;
146 h = HASH(remote, local);
147 }
148 return &ip6n->tnls[prio][h];
149}
150
151static void
152vti6_tnl_link(struct vti6_net *ip6n, struct ip6_tnl *t)
153{
154 struct ip6_tnl __rcu **tp = vti6_tnl_bucket(ip6n, &t->parms);
155
156 rcu_assign_pointer(t->next , rtnl_dereference(*tp));
157 rcu_assign_pointer(*tp, t);
158}
159
160static void
161vti6_tnl_unlink(struct vti6_net *ip6n, struct ip6_tnl *t)
162{
163 struct ip6_tnl __rcu **tp;
164 struct ip6_tnl *iter;
165
166 for (tp = vti6_tnl_bucket(ip6n, &t->parms);
167 (iter = rtnl_dereference(*tp)) != NULL;
168 tp = &iter->next) {
169 if (t == iter) {
170 rcu_assign_pointer(*tp, t->next);
171 break;
172 }
173 }
174}
175
176static void vti6_dev_free(struct net_device *dev)
177{
178 free_percpu(dev->tstats);
179}
180
181static int vti6_tnl_create2(struct net_device *dev)
182{
183 struct ip6_tnl *t = netdev_priv(dev);
184 struct net *net = dev_net(dev);
185 struct vti6_net *ip6n = net_generic(net, vti6_net_id);
186 int err;
187
188 dev->rtnl_link_ops = &vti6_link_ops;
189 err = register_netdevice(dev);
190 if (err < 0)
191 goto out;
192
193 strcpy(t->parms.name, dev->name);
194
195 dev_hold(dev);
196 vti6_tnl_link(ip6n, t);
197
198 return 0;
199
200out:
201 return err;
202}
203
204static struct ip6_tnl *vti6_tnl_create(struct net *net, struct __ip6_tnl_parm *p)
205{
206 struct net_device *dev;
207 struct ip6_tnl *t;
208 char name[IFNAMSIZ];
209 int err;
210
211 if (p->name[0]) {
212 if (!dev_valid_name(p->name))
213 goto failed;
214 strlcpy(name, p->name, IFNAMSIZ);
215 } else {
216 sprintf(name, "ip6_vti%%d");
217 }
218
219 dev = alloc_netdev(sizeof(*t), name, NET_NAME_UNKNOWN, vti6_dev_setup);
220 if (!dev)
221 goto failed;
222
223 dev_net_set(dev, net);
224
225 t = netdev_priv(dev);
226 t->parms = *p;
227 t->net = dev_net(dev);
228
229 err = vti6_tnl_create2(dev);
230 if (err < 0)
231 goto failed_free;
232
233 return t;
234
235failed_free:
236 free_netdev(dev);
237failed:
238 return NULL;
239}
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255static struct ip6_tnl *vti6_locate(struct net *net, struct __ip6_tnl_parm *p,
256 int create)
257{
258 const struct in6_addr *remote = &p->raddr;
259 const struct in6_addr *local = &p->laddr;
260 struct ip6_tnl __rcu **tp;
261 struct ip6_tnl *t;
262 struct vti6_net *ip6n = net_generic(net, vti6_net_id);
263
264 for (tp = vti6_tnl_bucket(ip6n, p);
265 (t = rtnl_dereference(*tp)) != NULL;
266 tp = &t->next) {
267 if (ipv6_addr_equal(local, &t->parms.laddr) &&
268 ipv6_addr_equal(remote, &t->parms.raddr)) {
269 if (create)
270 return NULL;
271
272 return t;
273 }
274 }
275 if (!create)
276 return NULL;
277 return vti6_tnl_create(net, p);
278}
279
280
281
282
283
284
285
286
287static void vti6_dev_uninit(struct net_device *dev)
288{
289 struct ip6_tnl *t = netdev_priv(dev);
290 struct vti6_net *ip6n = net_generic(t->net, vti6_net_id);
291
292 if (dev == ip6n->fb_tnl_dev)
293 RCU_INIT_POINTER(ip6n->tnls_wc[0], NULL);
294 else
295 vti6_tnl_unlink(ip6n, t);
296 dev_put(dev);
297}
298
299static int vti6_input_proto(struct sk_buff *skb, int nexthdr, __be32 spi,
300 int encap_type)
301{
302 struct ip6_tnl *t;
303 const struct ipv6hdr *ipv6h = ipv6_hdr(skb);
304
305 rcu_read_lock();
306 t = vti6_tnl_lookup(dev_net(skb->dev), &ipv6h->saddr, &ipv6h->daddr);
307 if (t) {
308 if (t->parms.proto != IPPROTO_IPV6 && t->parms.proto != 0) {
309 rcu_read_unlock();
310 goto discard;
311 }
312
313 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) {
314 rcu_read_unlock();
315 goto discard;
316 }
317
318 ipv6h = ipv6_hdr(skb);
319 if (!ip6_tnl_rcv_ctl(t, &ipv6h->daddr, &ipv6h->saddr)) {
320 t->dev->stats.rx_dropped++;
321 rcu_read_unlock();
322 goto discard;
323 }
324
325 rcu_read_unlock();
326
327 XFRM_TUNNEL_SKB_CB(skb)->tunnel.ip6 = t;
328 XFRM_SPI_SKB_CB(skb)->family = AF_INET6;
329 XFRM_SPI_SKB_CB(skb)->daddroff = offsetof(struct ipv6hdr, daddr);
330 return xfrm_input(skb, nexthdr, spi, encap_type);
331 }
332 rcu_read_unlock();
333 return -EINVAL;
334discard:
335 kfree_skb(skb);
336 return 0;
337}
338
339static int vti6_rcv(struct sk_buff *skb)
340{
341 int nexthdr = skb_network_header(skb)[IP6CB(skb)->nhoff];
342
343 return vti6_input_proto(skb, nexthdr, 0, 0);
344}
345
346static int vti6_rcv_cb(struct sk_buff *skb, int err)
347{
348 unsigned short family;
349 struct net_device *dev;
350 struct pcpu_sw_netstats *tstats;
351 struct xfrm_state *x;
352 const struct xfrm_mode *inner_mode;
353 struct ip6_tnl *t = XFRM_TUNNEL_SKB_CB(skb)->tunnel.ip6;
354 u32 orig_mark = skb->mark;
355 int ret;
356
357 if (!t)
358 return 1;
359
360 dev = t->dev;
361
362 if (err) {
363 dev->stats.rx_errors++;
364 dev->stats.rx_dropped++;
365
366 return 0;
367 }
368
369 x = xfrm_input_state(skb);
370
371 inner_mode = &x->inner_mode;
372
373 if (x->sel.family == AF_UNSPEC) {
374 inner_mode = xfrm_ip2inner_mode(x, XFRM_MODE_SKB_CB(skb)->protocol);
375 if (inner_mode == NULL) {
376 XFRM_INC_STATS(dev_net(skb->dev),
377 LINUX_MIB_XFRMINSTATEMODEERROR);
378 return -EINVAL;
379 }
380 }
381
382 family = inner_mode->family;
383
384 skb->mark = be32_to_cpu(t->parms.i_key);
385 ret = xfrm_policy_check(NULL, XFRM_POLICY_IN, skb, family);
386 skb->mark = orig_mark;
387
388 if (!ret)
389 return -EPERM;
390
391 skb_scrub_packet(skb, !net_eq(t->net, dev_net(skb->dev)));
392 skb->dev = dev;
393
394 tstats = this_cpu_ptr(dev->tstats);
395 u64_stats_update_begin(&tstats->syncp);
396 tstats->rx_packets++;
397 tstats->rx_bytes += skb->len;
398 u64_stats_update_end(&tstats->syncp);
399
400 return 0;
401}
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416static inline bool
417vti6_addr_conflict(const struct ip6_tnl *t, const struct ipv6hdr *hdr)
418{
419 return ipv6_addr_equal(&t->parms.raddr, &hdr->saddr);
420}
421
422static bool vti6_state_check(const struct xfrm_state *x,
423 const struct in6_addr *dst,
424 const struct in6_addr *src)
425{
426 xfrm_address_t *daddr = (xfrm_address_t *)dst;
427 xfrm_address_t *saddr = (xfrm_address_t *)src;
428
429
430
431
432 if (!x || x->props.mode != XFRM_MODE_TUNNEL ||
433 x->props.family != AF_INET6)
434 return false;
435
436 if (ipv6_addr_any(dst))
437 return xfrm_addr_equal(saddr, &x->props.saddr, AF_INET6);
438
439 if (!xfrm_state_addr_check(x, daddr, saddr, AF_INET6))
440 return false;
441
442 return true;
443}
444
445
446
447
448
449
450
451static int
452vti6_xmit(struct sk_buff *skb, struct net_device *dev, struct flowi *fl)
453{
454 struct ip6_tnl *t = netdev_priv(dev);
455 struct net_device_stats *stats = &t->dev->stats;
456 struct dst_entry *dst = skb_dst(skb);
457 struct net_device *tdev;
458 struct xfrm_state *x;
459 int pkt_len = skb->len;
460 int err = -1;
461 int mtu;
462
463 if (!dst) {
464 switch (skb->protocol) {
465 case htons(ETH_P_IP): {
466 struct rtable *rt;
467
468 fl->u.ip4.flowi4_oif = dev->ifindex;
469 fl->u.ip4.flowi4_flags |= FLOWI_FLAG_ANYSRC;
470 rt = __ip_route_output_key(dev_net(dev), &fl->u.ip4);
471 if (IS_ERR(rt))
472 goto tx_err_link_failure;
473 dst = &rt->dst;
474 skb_dst_set(skb, dst);
475 break;
476 }
477 case htons(ETH_P_IPV6):
478 fl->u.ip6.flowi6_oif = dev->ifindex;
479 fl->u.ip6.flowi6_flags |= FLOWI_FLAG_ANYSRC;
480 dst = ip6_route_output(dev_net(dev), NULL, &fl->u.ip6);
481 if (dst->error) {
482 dst_release(dst);
483 dst = NULL;
484 goto tx_err_link_failure;
485 }
486 skb_dst_set(skb, dst);
487 break;
488 default:
489 goto tx_err_link_failure;
490 }
491 }
492
493 dst_hold(dst);
494 dst = xfrm_lookup(t->net, dst, fl, NULL, 0);
495 if (IS_ERR(dst)) {
496 err = PTR_ERR(dst);
497 dst = NULL;
498 goto tx_err_link_failure;
499 }
500
501 x = dst->xfrm;
502 if (!vti6_state_check(x, &t->parms.raddr, &t->parms.laddr))
503 goto tx_err_link_failure;
504
505 if (!ip6_tnl_xmit_ctl(t, (const struct in6_addr *)&x->props.saddr,
506 (const struct in6_addr *)&x->id.daddr))
507 goto tx_err_link_failure;
508
509 tdev = dst->dev;
510
511 if (tdev == dev) {
512 stats->collisions++;
513 net_warn_ratelimited("%s: Local routing loop detected!\n",
514 t->parms.name);
515 goto tx_err_dst_release;
516 }
517
518 mtu = dst_mtu(dst);
519 if (skb->len > mtu) {
520 skb_dst_update_pmtu_no_confirm(skb, mtu);
521
522 if (skb->protocol == htons(ETH_P_IPV6)) {
523 if (mtu < IPV6_MIN_MTU)
524 mtu = IPV6_MIN_MTU;
525
526 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu);
527 } else {
528 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED,
529 htonl(mtu));
530 }
531
532 err = -EMSGSIZE;
533 goto tx_err_dst_release;
534 }
535
536 skb_scrub_packet(skb, !net_eq(t->net, dev_net(dev)));
537 skb_dst_set(skb, dst);
538 skb->dev = skb_dst(skb)->dev;
539
540 err = dst_output(t->net, skb->sk, skb);
541 if (net_xmit_eval(err) == 0)
542 err = pkt_len;
543 iptunnel_xmit_stats(dev, err);
544
545 return 0;
546tx_err_link_failure:
547 stats->tx_carrier_errors++;
548 dst_link_failure(skb);
549tx_err_dst_release:
550 dst_release(dst);
551 return err;
552}
553
554static netdev_tx_t
555vti6_tnl_xmit(struct sk_buff *skb, struct net_device *dev)
556{
557 struct ip6_tnl *t = netdev_priv(dev);
558 struct net_device_stats *stats = &t->dev->stats;
559 struct flowi fl;
560 int ret;
561
562 if (!pskb_inet_may_pull(skb))
563 goto tx_err;
564
565 memset(&fl, 0, sizeof(fl));
566
567 switch (skb->protocol) {
568 case htons(ETH_P_IPV6):
569 if ((t->parms.proto != IPPROTO_IPV6 && t->parms.proto != 0) ||
570 vti6_addr_conflict(t, ipv6_hdr(skb)))
571 goto tx_err;
572
573 xfrm_decode_session(skb, &fl, AF_INET6);
574 memset(IP6CB(skb), 0, sizeof(*IP6CB(skb)));
575 break;
576 case htons(ETH_P_IP):
577 xfrm_decode_session(skb, &fl, AF_INET);
578 memset(IPCB(skb), 0, sizeof(*IPCB(skb)));
579 break;
580 default:
581 goto tx_err;
582 }
583
584
585 fl.flowi_mark = be32_to_cpu(t->parms.o_key);
586
587 ret = vti6_xmit(skb, dev, &fl);
588 if (ret < 0)
589 goto tx_err;
590
591 return NETDEV_TX_OK;
592
593tx_err:
594 stats->tx_errors++;
595 stats->tx_dropped++;
596 kfree_skb(skb);
597 return NETDEV_TX_OK;
598}
599
600static int vti6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
601 u8 type, u8 code, int offset, __be32 info)
602{
603 __be32 spi;
604 __u32 mark;
605 struct xfrm_state *x;
606 struct ip6_tnl *t;
607 struct ip_esp_hdr *esph;
608 struct ip_auth_hdr *ah;
609 struct ip_comp_hdr *ipch;
610 struct net *net = dev_net(skb->dev);
611 const struct ipv6hdr *iph = (const struct ipv6hdr *)skb->data;
612 int protocol = iph->nexthdr;
613
614 t = vti6_tnl_lookup(dev_net(skb->dev), &iph->daddr, &iph->saddr);
615 if (!t)
616 return -1;
617
618 mark = be32_to_cpu(t->parms.o_key);
619
620 switch (protocol) {
621 case IPPROTO_ESP:
622 esph = (struct ip_esp_hdr *)(skb->data + offset);
623 spi = esph->spi;
624 break;
625 case IPPROTO_AH:
626 ah = (struct ip_auth_hdr *)(skb->data + offset);
627 spi = ah->spi;
628 break;
629 case IPPROTO_COMP:
630 ipch = (struct ip_comp_hdr *)(skb->data + offset);
631 spi = htonl(ntohs(ipch->cpi));
632 break;
633 default:
634 return 0;
635 }
636
637 if (type != ICMPV6_PKT_TOOBIG &&
638 type != NDISC_REDIRECT)
639 return 0;
640
641 x = xfrm_state_lookup(net, mark, (const xfrm_address_t *)&iph->daddr,
642 spi, protocol, AF_INET6);
643 if (!x)
644 return 0;
645
646 if (type == NDISC_REDIRECT)
647 ip6_redirect(skb, net, skb->dev->ifindex, 0,
648 sock_net_uid(net, NULL));
649 else
650 ip6_update_pmtu(skb, net, info, 0, 0, sock_net_uid(net, NULL));
651 xfrm_state_put(x);
652
653 return 0;
654}
655
656static void vti6_link_config(struct ip6_tnl *t, bool keep_mtu)
657{
658 struct net_device *dev = t->dev;
659 struct __ip6_tnl_parm *p = &t->parms;
660 struct net_device *tdev = NULL;
661 int mtu;
662
663 memcpy(dev->dev_addr, &p->laddr, sizeof(struct in6_addr));
664 memcpy(dev->broadcast, &p->raddr, sizeof(struct in6_addr));
665
666 p->flags &= ~(IP6_TNL_F_CAP_XMIT | IP6_TNL_F_CAP_RCV |
667 IP6_TNL_F_CAP_PER_PACKET);
668 p->flags |= ip6_tnl_get_cap(t, &p->laddr, &p->raddr);
669
670 if (p->flags & IP6_TNL_F_CAP_XMIT && p->flags & IP6_TNL_F_CAP_RCV)
671 dev->flags |= IFF_POINTOPOINT;
672 else
673 dev->flags &= ~IFF_POINTOPOINT;
674
675 if (keep_mtu && dev->mtu) {
676 dev->mtu = clamp(dev->mtu, dev->min_mtu, dev->max_mtu);
677 return;
678 }
679
680 if (p->flags & IP6_TNL_F_CAP_XMIT) {
681 int strict = (ipv6_addr_type(&p->raddr) &
682 (IPV6_ADDR_MULTICAST | IPV6_ADDR_LINKLOCAL));
683 struct rt6_info *rt = rt6_lookup(t->net,
684 &p->raddr, &p->laddr,
685 p->link, NULL, strict);
686
687 if (rt)
688 tdev = rt->dst.dev;
689 ip6_rt_put(rt);
690 }
691
692 if (!tdev && p->link)
693 tdev = __dev_get_by_index(t->net, p->link);
694
695 if (tdev)
696 mtu = tdev->mtu - sizeof(struct ipv6hdr);
697 else
698 mtu = ETH_DATA_LEN - LL_MAX_HEADER - sizeof(struct ipv6hdr);
699
700 dev->mtu = max_t(int, mtu, IPV4_MIN_MTU);
701}
702
703
704
705
706
707
708
709
710
711
712static int
713vti6_tnl_change(struct ip6_tnl *t, const struct __ip6_tnl_parm *p,
714 bool keep_mtu)
715{
716 t->parms.laddr = p->laddr;
717 t->parms.raddr = p->raddr;
718 t->parms.link = p->link;
719 t->parms.i_key = p->i_key;
720 t->parms.o_key = p->o_key;
721 t->parms.proto = p->proto;
722 t->parms.fwmark = p->fwmark;
723 dst_cache_reset(&t->dst_cache);
724 vti6_link_config(t, keep_mtu);
725 return 0;
726}
727
728static int vti6_update(struct ip6_tnl *t, struct __ip6_tnl_parm *p,
729 bool keep_mtu)
730{
731 struct net *net = dev_net(t->dev);
732 struct vti6_net *ip6n = net_generic(net, vti6_net_id);
733 int err;
734
735 vti6_tnl_unlink(ip6n, t);
736 synchronize_net();
737 err = vti6_tnl_change(t, p, keep_mtu);
738 vti6_tnl_link(ip6n, t);
739 netdev_state_change(t->dev);
740 return err;
741}
742
743static void
744vti6_parm_from_user(struct __ip6_tnl_parm *p, const struct ip6_tnl_parm2 *u)
745{
746 p->laddr = u->laddr;
747 p->raddr = u->raddr;
748 p->link = u->link;
749 p->i_key = u->i_key;
750 p->o_key = u->o_key;
751 p->proto = u->proto;
752
753 memcpy(p->name, u->name, sizeof(u->name));
754}
755
756static void
757vti6_parm_to_user(struct ip6_tnl_parm2 *u, const struct __ip6_tnl_parm *p)
758{
759 u->laddr = p->laddr;
760 u->raddr = p->raddr;
761 u->link = p->link;
762 u->i_key = p->i_key;
763 u->o_key = p->o_key;
764 if (u->i_key)
765 u->i_flags |= GRE_KEY;
766 if (u->o_key)
767 u->o_flags |= GRE_KEY;
768 u->proto = p->proto;
769
770 memcpy(u->name, p->name, sizeof(u->name));
771}
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800static int
801vti6_ioctl(struct net_device *dev, struct ifreq *ifr, int cmd)
802{
803 int err = 0;
804 struct ip6_tnl_parm2 p;
805 struct __ip6_tnl_parm p1;
806 struct ip6_tnl *t = NULL;
807 struct net *net = dev_net(dev);
808 struct vti6_net *ip6n = net_generic(net, vti6_net_id);
809
810 switch (cmd) {
811 case SIOCGETTUNNEL:
812 if (dev == ip6n->fb_tnl_dev) {
813 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p))) {
814 err = -EFAULT;
815 break;
816 }
817 vti6_parm_from_user(&p1, &p);
818 t = vti6_locate(net, &p1, 0);
819 } else {
820 memset(&p, 0, sizeof(p));
821 }
822 if (!t)
823 t = netdev_priv(dev);
824 vti6_parm_to_user(&p, &t->parms);
825 if (copy_to_user(ifr->ifr_ifru.ifru_data, &p, sizeof(p)))
826 err = -EFAULT;
827 break;
828 case SIOCADDTUNNEL:
829 case SIOCCHGTUNNEL:
830 err = -EPERM;
831 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
832 break;
833 err = -EFAULT;
834 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p)))
835 break;
836 err = -EINVAL;
837 if (p.proto != IPPROTO_IPV6 && p.proto != 0)
838 break;
839 vti6_parm_from_user(&p1, &p);
840 t = vti6_locate(net, &p1, cmd == SIOCADDTUNNEL);
841 if (dev != ip6n->fb_tnl_dev && cmd == SIOCCHGTUNNEL) {
842 if (t) {
843 if (t->dev != dev) {
844 err = -EEXIST;
845 break;
846 }
847 } else
848 t = netdev_priv(dev);
849
850 err = vti6_update(t, &p1, false);
851 }
852 if (t) {
853 err = 0;
854 vti6_parm_to_user(&p, &t->parms);
855 if (copy_to_user(ifr->ifr_ifru.ifru_data, &p, sizeof(p)))
856 err = -EFAULT;
857
858 } else
859 err = (cmd == SIOCADDTUNNEL ? -ENOBUFS : -ENOENT);
860 break;
861 case SIOCDELTUNNEL:
862 err = -EPERM;
863 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
864 break;
865
866 if (dev == ip6n->fb_tnl_dev) {
867 err = -EFAULT;
868 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p)))
869 break;
870 err = -ENOENT;
871 vti6_parm_from_user(&p1, &p);
872 t = vti6_locate(net, &p1, 0);
873 if (!t)
874 break;
875 err = -EPERM;
876 if (t->dev == ip6n->fb_tnl_dev)
877 break;
878 dev = t->dev;
879 }
880 err = 0;
881 unregister_netdevice(dev);
882 break;
883 default:
884 err = -EINVAL;
885 }
886 return err;
887}
888
889static const struct net_device_ops vti6_netdev_ops = {
890 .ndo_init = vti6_dev_init,
891 .ndo_uninit = vti6_dev_uninit,
892 .ndo_start_xmit = vti6_tnl_xmit,
893 .ndo_do_ioctl = vti6_ioctl,
894 .ndo_get_stats64 = ip_tunnel_get_stats64,
895 .ndo_get_iflink = ip6_tnl_get_iflink,
896};
897
898
899
900
901
902
903
904
905static void vti6_dev_setup(struct net_device *dev)
906{
907 dev->netdev_ops = &vti6_netdev_ops;
908 dev->header_ops = &ip_tunnel_header_ops;
909 dev->needs_free_netdev = true;
910 dev->priv_destructor = vti6_dev_free;
911
912 dev->type = ARPHRD_TUNNEL6;
913 dev->min_mtu = IPV4_MIN_MTU;
914 dev->max_mtu = IP_MAX_MTU - sizeof(struct ipv6hdr);
915 dev->flags |= IFF_NOARP;
916 dev->addr_len = sizeof(struct in6_addr);
917 netif_keep_dst(dev);
918
919 dev->addr_assign_type = NET_ADDR_RANDOM;
920 eth_random_addr(dev->perm_addr);
921}
922
923
924
925
926
927static inline int vti6_dev_init_gen(struct net_device *dev)
928{
929 struct ip6_tnl *t = netdev_priv(dev);
930
931 t->dev = dev;
932 t->net = dev_net(dev);
933 dev->tstats = netdev_alloc_pcpu_stats(struct pcpu_sw_netstats);
934 if (!dev->tstats)
935 return -ENOMEM;
936 return 0;
937}
938
939
940
941
942
943static int vti6_dev_init(struct net_device *dev)
944{
945 struct ip6_tnl *t = netdev_priv(dev);
946 int err = vti6_dev_init_gen(dev);
947
948 if (err)
949 return err;
950 vti6_link_config(t, true);
951 return 0;
952}
953
954
955
956
957
958
959
960static int __net_init vti6_fb_tnl_dev_init(struct net_device *dev)
961{
962 struct ip6_tnl *t = netdev_priv(dev);
963 struct net *net = dev_net(dev);
964 struct vti6_net *ip6n = net_generic(net, vti6_net_id);
965
966 t->parms.proto = IPPROTO_IPV6;
967 dev_hold(dev);
968
969 rcu_assign_pointer(ip6n->tnls_wc[0], t);
970 return 0;
971}
972
973static int vti6_validate(struct nlattr *tb[], struct nlattr *data[],
974 struct netlink_ext_ack *extack)
975{
976 return 0;
977}
978
979static void vti6_netlink_parms(struct nlattr *data[],
980 struct __ip6_tnl_parm *parms)
981{
982 memset(parms, 0, sizeof(*parms));
983
984 if (!data)
985 return;
986
987 if (data[IFLA_VTI_LINK])
988 parms->link = nla_get_u32(data[IFLA_VTI_LINK]);
989
990 if (data[IFLA_VTI_LOCAL])
991 parms->laddr = nla_get_in6_addr(data[IFLA_VTI_LOCAL]);
992
993 if (data[IFLA_VTI_REMOTE])
994 parms->raddr = nla_get_in6_addr(data[IFLA_VTI_REMOTE]);
995
996 if (data[IFLA_VTI_IKEY])
997 parms->i_key = nla_get_be32(data[IFLA_VTI_IKEY]);
998
999 if (data[IFLA_VTI_OKEY])
1000 parms->o_key = nla_get_be32(data[IFLA_VTI_OKEY]);
1001
1002 if (data[IFLA_VTI_FWMARK])
1003 parms->fwmark = nla_get_u32(data[IFLA_VTI_FWMARK]);
1004}
1005
1006static int vti6_newlink(struct net *src_net, struct net_device *dev,
1007 struct nlattr *tb[], struct nlattr *data[],
1008 struct netlink_ext_ack *extack)
1009{
1010 struct net *net = dev_net(dev);
1011 struct ip6_tnl *nt;
1012
1013 nt = netdev_priv(dev);
1014 vti6_netlink_parms(data, &nt->parms);
1015
1016 nt->parms.proto = IPPROTO_IPV6;
1017
1018 if (vti6_locate(net, &nt->parms, 0))
1019 return -EEXIST;
1020
1021 return vti6_tnl_create2(dev);
1022}
1023
1024static void vti6_dellink(struct net_device *dev, struct list_head *head)
1025{
1026 struct net *net = dev_net(dev);
1027 struct vti6_net *ip6n = net_generic(net, vti6_net_id);
1028
1029 if (dev != ip6n->fb_tnl_dev)
1030 unregister_netdevice_queue(dev, head);
1031}
1032
1033static int vti6_changelink(struct net_device *dev, struct nlattr *tb[],
1034 struct nlattr *data[],
1035 struct netlink_ext_ack *extack)
1036{
1037 struct ip6_tnl *t;
1038 struct __ip6_tnl_parm p;
1039 struct net *net = dev_net(dev);
1040 struct vti6_net *ip6n = net_generic(net, vti6_net_id);
1041
1042 if (dev == ip6n->fb_tnl_dev)
1043 return -EINVAL;
1044
1045 vti6_netlink_parms(data, &p);
1046
1047 t = vti6_locate(net, &p, 0);
1048
1049 if (t) {
1050 if (t->dev != dev)
1051 return -EEXIST;
1052 } else
1053 t = netdev_priv(dev);
1054
1055 return vti6_update(t, &p, tb && tb[IFLA_MTU]);
1056}
1057
1058static size_t vti6_get_size(const struct net_device *dev)
1059{
1060 return
1061
1062 nla_total_size(4) +
1063
1064 nla_total_size(sizeof(struct in6_addr)) +
1065
1066 nla_total_size(sizeof(struct in6_addr)) +
1067
1068 nla_total_size(4) +
1069
1070 nla_total_size(4) +
1071
1072 nla_total_size(4) +
1073 0;
1074}
1075
1076static int vti6_fill_info(struct sk_buff *skb, const struct net_device *dev)
1077{
1078 struct ip6_tnl *tunnel = netdev_priv(dev);
1079 struct __ip6_tnl_parm *parm = &tunnel->parms;
1080
1081 if (nla_put_u32(skb, IFLA_VTI_LINK, parm->link) ||
1082 nla_put_in6_addr(skb, IFLA_VTI_LOCAL, &parm->laddr) ||
1083 nla_put_in6_addr(skb, IFLA_VTI_REMOTE, &parm->raddr) ||
1084 nla_put_be32(skb, IFLA_VTI_IKEY, parm->i_key) ||
1085 nla_put_be32(skb, IFLA_VTI_OKEY, parm->o_key) ||
1086 nla_put_u32(skb, IFLA_VTI_FWMARK, parm->fwmark))
1087 goto nla_put_failure;
1088 return 0;
1089
1090nla_put_failure:
1091 return -EMSGSIZE;
1092}
1093
1094static const struct nla_policy vti6_policy[IFLA_VTI_MAX + 1] = {
1095 [IFLA_VTI_LINK] = { .type = NLA_U32 },
1096 [IFLA_VTI_LOCAL] = { .len = sizeof(struct in6_addr) },
1097 [IFLA_VTI_REMOTE] = { .len = sizeof(struct in6_addr) },
1098 [IFLA_VTI_IKEY] = { .type = NLA_U32 },
1099 [IFLA_VTI_OKEY] = { .type = NLA_U32 },
1100 [IFLA_VTI_FWMARK] = { .type = NLA_U32 },
1101};
1102
1103static struct rtnl_link_ops vti6_link_ops __read_mostly = {
1104 .kind = "vti6",
1105 .maxtype = IFLA_VTI_MAX,
1106 .policy = vti6_policy,
1107 .priv_size = sizeof(struct ip6_tnl),
1108 .setup = vti6_dev_setup,
1109 .validate = vti6_validate,
1110 .newlink = vti6_newlink,
1111 .dellink = vti6_dellink,
1112 .changelink = vti6_changelink,
1113 .get_size = vti6_get_size,
1114 .fill_info = vti6_fill_info,
1115 .get_link_net = ip6_tnl_get_link_net,
1116};
1117
1118static void __net_exit vti6_destroy_tunnels(struct vti6_net *ip6n,
1119 struct list_head *list)
1120{
1121 int h;
1122 struct ip6_tnl *t;
1123
1124 for (h = 0; h < IP6_VTI_HASH_SIZE; h++) {
1125 t = rtnl_dereference(ip6n->tnls_r_l[h]);
1126 while (t) {
1127 unregister_netdevice_queue(t->dev, list);
1128 t = rtnl_dereference(t->next);
1129 }
1130 }
1131
1132 t = rtnl_dereference(ip6n->tnls_wc[0]);
1133 if (t)
1134 unregister_netdevice_queue(t->dev, list);
1135}
1136
1137static int __net_init vti6_init_net(struct net *net)
1138{
1139 struct vti6_net *ip6n = net_generic(net, vti6_net_id);
1140 struct ip6_tnl *t = NULL;
1141 int err;
1142
1143 ip6n->tnls[0] = ip6n->tnls_wc;
1144 ip6n->tnls[1] = ip6n->tnls_r_l;
1145
1146 if (!net_has_fallback_tunnels(net))
1147 return 0;
1148 err = -ENOMEM;
1149 ip6n->fb_tnl_dev = alloc_netdev(sizeof(struct ip6_tnl), "ip6_vti0",
1150 NET_NAME_UNKNOWN, vti6_dev_setup);
1151
1152 if (!ip6n->fb_tnl_dev)
1153 goto err_alloc_dev;
1154 dev_net_set(ip6n->fb_tnl_dev, net);
1155 ip6n->fb_tnl_dev->rtnl_link_ops = &vti6_link_ops;
1156
1157 err = vti6_fb_tnl_dev_init(ip6n->fb_tnl_dev);
1158 if (err < 0)
1159 goto err_register;
1160
1161 err = register_netdev(ip6n->fb_tnl_dev);
1162 if (err < 0)
1163 goto err_register;
1164
1165 t = netdev_priv(ip6n->fb_tnl_dev);
1166
1167 strcpy(t->parms.name, ip6n->fb_tnl_dev->name);
1168 return 0;
1169
1170err_register:
1171 free_netdev(ip6n->fb_tnl_dev);
1172err_alloc_dev:
1173 return err;
1174}
1175
1176static void __net_exit vti6_exit_batch_net(struct list_head *net_list)
1177{
1178 struct vti6_net *ip6n;
1179 struct net *net;
1180 LIST_HEAD(list);
1181
1182 rtnl_lock();
1183 list_for_each_entry(net, net_list, exit_list) {
1184 ip6n = net_generic(net, vti6_net_id);
1185 vti6_destroy_tunnels(ip6n, &list);
1186 }
1187 unregister_netdevice_many(&list);
1188 rtnl_unlock();
1189}
1190
1191static struct pernet_operations vti6_net_ops = {
1192 .init = vti6_init_net,
1193 .exit_batch = vti6_exit_batch_net,
1194 .id = &vti6_net_id,
1195 .size = sizeof(struct vti6_net),
1196};
1197
1198static struct xfrm6_protocol vti_esp6_protocol __read_mostly = {
1199 .handler = vti6_rcv,
1200 .input_handler = vti6_input_proto,
1201 .cb_handler = vti6_rcv_cb,
1202 .err_handler = vti6_err,
1203 .priority = 100,
1204};
1205
1206static struct xfrm6_protocol vti_ah6_protocol __read_mostly = {
1207 .handler = vti6_rcv,
1208 .input_handler = vti6_input_proto,
1209 .cb_handler = vti6_rcv_cb,
1210 .err_handler = vti6_err,
1211 .priority = 100,
1212};
1213
1214static struct xfrm6_protocol vti_ipcomp6_protocol __read_mostly = {
1215 .handler = vti6_rcv,
1216 .input_handler = vti6_input_proto,
1217 .cb_handler = vti6_rcv_cb,
1218 .err_handler = vti6_err,
1219 .priority = 100,
1220};
1221
1222
1223
1224
1225
1226
1227static int __init vti6_tunnel_init(void)
1228{
1229 const char *msg;
1230 int err;
1231
1232 msg = "tunnel device";
1233 err = register_pernet_device(&vti6_net_ops);
1234 if (err < 0)
1235 goto pernet_dev_failed;
1236
1237 msg = "tunnel protocols";
1238 err = xfrm6_protocol_register(&vti_esp6_protocol, IPPROTO_ESP);
1239 if (err < 0)
1240 goto xfrm_proto_esp_failed;
1241 err = xfrm6_protocol_register(&vti_ah6_protocol, IPPROTO_AH);
1242 if (err < 0)
1243 goto xfrm_proto_ah_failed;
1244 err = xfrm6_protocol_register(&vti_ipcomp6_protocol, IPPROTO_COMP);
1245 if (err < 0)
1246 goto xfrm_proto_comp_failed;
1247
1248 msg = "netlink interface";
1249 err = rtnl_link_register(&vti6_link_ops);
1250 if (err < 0)
1251 goto rtnl_link_failed;
1252
1253 return 0;
1254
1255rtnl_link_failed:
1256 xfrm6_protocol_deregister(&vti_ipcomp6_protocol, IPPROTO_COMP);
1257xfrm_proto_comp_failed:
1258 xfrm6_protocol_deregister(&vti_ah6_protocol, IPPROTO_AH);
1259xfrm_proto_ah_failed:
1260 xfrm6_protocol_deregister(&vti_esp6_protocol, IPPROTO_ESP);
1261xfrm_proto_esp_failed:
1262 unregister_pernet_device(&vti6_net_ops);
1263pernet_dev_failed:
1264 pr_err("vti6 init: failed to register %s\n", msg);
1265 return err;
1266}
1267
1268
1269
1270
1271static void __exit vti6_tunnel_cleanup(void)
1272{
1273 rtnl_link_unregister(&vti6_link_ops);
1274 xfrm6_protocol_deregister(&vti_ipcomp6_protocol, IPPROTO_COMP);
1275 xfrm6_protocol_deregister(&vti_ah6_protocol, IPPROTO_AH);
1276 xfrm6_protocol_deregister(&vti_esp6_protocol, IPPROTO_ESP);
1277 unregister_pernet_device(&vti6_net_ops);
1278}
1279
1280module_init(vti6_tunnel_init);
1281module_exit(vti6_tunnel_cleanup);
1282MODULE_LICENSE("GPL");
1283MODULE_ALIAS_RTNL_LINK("vti6");
1284MODULE_ALIAS_NETDEV("ip6_vti0");
1285MODULE_AUTHOR("Steffen Klassert");
1286MODULE_DESCRIPTION("IPv6 virtual tunnel interface");
1287
