blob: 26c85c23ca4fb0bc4e8a07651a9a52a84622d3d5 [file] [log] [blame]
Linus Torvalds1da177e2005-04-16 15:20:36 -07001/*
YOSHIFUJI Hideakie905a9e2007-02-09 23:24:47 +09002 * Linux NET3: IP/IP protocol decoder.
Linus Torvalds1da177e2005-04-16 15:20:36 -07003 *
4 * Version: $Id: ipip.c,v 1.50 2001/10/02 02:22:36 davem Exp $
5 *
6 * Authors:
7 * Sam Lantinga (slouken@cs.ucdavis.edu) 02/01/95
8 *
9 * Fixes:
10 * Alan Cox : Merged and made usable non modular (its so tiny its silly as
11 * a module taking up 2 pages).
12 * Alan Cox : Fixed bug with 1.3.18 and IPIP not working (now needs to set skb->h.iph)
13 * to keep ip_forward happy.
14 * Alan Cox : More fixes for 1.3.21, and firewall fix. Maybe this will work soon 8).
15 * Kai Schulte : Fixed #defines for IP_FIREWALL->FIREWALL
16 * David Woodhouse : Perform some basic ICMP handling.
17 * IPIP Routing without decapsulation.
18 * Carlos Picoto : GRE over IP support
19 * Alexey Kuznetsov: Reworked. Really, now it is truncated version of ipv4/ip_gre.c.
20 * I do not want to merge them together.
21 *
22 * This program is free software; you can redistribute it and/or
23 * modify it under the terms of the GNU General Public License
24 * as published by the Free Software Foundation; either version
25 * 2 of the License, or (at your option) any later version.
26 *
27 */
28
29/* tunnel.c: an IP tunnel driver
30
31 The purpose of this driver is to provide an IP tunnel through
32 which you can tunnel network traffic transparently across subnets.
33
34 This was written by looking at Nick Holloway's dummy driver
35 Thanks for the great code!
36
37 -Sam Lantinga (slouken@cs.ucdavis.edu) 02/01/95
YOSHIFUJI Hideakie905a9e2007-02-09 23:24:47 +090038
Linus Torvalds1da177e2005-04-16 15:20:36 -070039 Minor tweaks:
40 Cleaned up the code a little and added some pre-1.3.0 tweaks.
41 dev->hard_header/hard_header_len changed to use no headers.
42 Comments/bracketing tweaked.
43 Made the tunnels use dev->name not tunnel: when error reporting.
44 Added tx_dropped stat
YOSHIFUJI Hideakie905a9e2007-02-09 23:24:47 +090045
Linus Torvalds1da177e2005-04-16 15:20:36 -070046 -Alan Cox (Alan.Cox@linux.org) 21 March 95
47
48 Reworked:
49 Changed to tunnel to destination gateway in addition to the
50 tunnel's pointopoint address
51 Almost completely rewritten
52 Note: There is currently no firewall or ICMP handling done.
53
54 -Sam Lantinga (slouken@cs.ucdavis.edu) 02/13/96
YOSHIFUJI Hideakie905a9e2007-02-09 23:24:47 +090055
Linus Torvalds1da177e2005-04-16 15:20:36 -070056*/
57
58/* Things I wish I had known when writing the tunnel driver:
59
60 When the tunnel_xmit() function is called, the skb contains the
61 packet to be sent (plus a great deal of extra info), and dev
62 contains the tunnel device that _we_ are.
63
64 When we are passed a packet, we are expected to fill in the
65 source address with our source IP address.
66
67 What is the proper way to allocate, copy and free a buffer?
68 After you allocate it, it is a "0 length" chunk of memory
69 starting at zero. If you want to add headers to the buffer
70 later, you'll have to call "skb_reserve(skb, amount)" with
71 the amount of memory you want reserved. Then, you call
72 "skb_put(skb, amount)" with the amount of space you want in
73 the buffer. skb_put() returns a pointer to the top (#0) of
74 that buffer. skb->len is set to the amount of space you have
75 "allocated" with skb_put(). You can then write up to skb->len
76 bytes to that buffer. If you need more, you can call skb_put()
77 again with the additional amount of space you need. You can
YOSHIFUJI Hideakie905a9e2007-02-09 23:24:47 +090078 find out how much more space you can allocate by calling
Linus Torvalds1da177e2005-04-16 15:20:36 -070079 "skb_tailroom(skb)".
80 Now, to add header space, call "skb_push(skb, header_len)".
81 This creates space at the beginning of the buffer and returns
82 a pointer to this new space. If later you need to strip a
83 header from a buffer, call "skb_pull(skb, header_len)".
84 skb_headroom() will return how much space is left at the top
85 of the buffer (before the main data). Remember, this headroom
86 space must be reserved before the skb_put() function is called.
87 */
88
89/*
90 This version of net/ipv4/ipip.c is cloned of net/ipv4/ip_gre.c
91
92 For comments look at net/ipv4/ip_gre.c --ANK
93 */
94
YOSHIFUJI Hideakie905a9e2007-02-09 23:24:47 +090095
Randy Dunlap4fc268d2006-01-11 12:17:47 -080096#include <linux/capability.h>
Linus Torvalds1da177e2005-04-16 15:20:36 -070097#include <linux/module.h>
98#include <linux/types.h>
Linus Torvalds1da177e2005-04-16 15:20:36 -070099#include <linux/kernel.h>
100#include <asm/uaccess.h>
101#include <linux/skbuff.h>
102#include <linux/netdevice.h>
103#include <linux/in.h>
104#include <linux/tcp.h>
105#include <linux/udp.h>
106#include <linux/if_arp.h>
107#include <linux/mroute.h>
108#include <linux/init.h>
109#include <linux/netfilter_ipv4.h>
Kris Katterjohn46f25df2006-01-05 16:35:42 -0800110#include <linux/if_ether.h>
Linus Torvalds1da177e2005-04-16 15:20:36 -0700111
112#include <net/sock.h>
113#include <net/ip.h>
114#include <net/icmp.h>
Linus Torvalds1da177e2005-04-16 15:20:36 -0700115#include <net/ipip.h>
116#include <net/inet_ecn.h>
117#include <net/xfrm.h>
Pavel Emelyanov10dc4c72008-04-16 01:03:13 -0700118#include <net/net_namespace.h>
119#include <net/netns/generic.h>
Linus Torvalds1da177e2005-04-16 15:20:36 -0700120
121#define HASH_SIZE 16
Al Virod5a0a1e2006-11-08 00:23:14 -0800122#define HASH(addr) (((__force u32)addr^((__force u32)addr>>4))&0xF)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700123
Pavel Emelyanov10dc4c72008-04-16 01:03:13 -0700124static int ipip_net_id;
125struct ipip_net {
Pavel Emelyanov44d3c292008-04-16 01:05:32 -0700126 struct ip_tunnel *tunnels_r_l[HASH_SIZE];
127 struct ip_tunnel *tunnels_r[HASH_SIZE];
128 struct ip_tunnel *tunnels_l[HASH_SIZE];
129 struct ip_tunnel *tunnels_wc[1];
130 struct ip_tunnel **tunnels[4];
131
Pavel Emelyanovb9855c52008-04-16 01:04:13 -0700132 struct net_device *fb_tunnel_dev;
Pavel Emelyanov10dc4c72008-04-16 01:03:13 -0700133};
134
Linus Torvalds1da177e2005-04-16 15:20:36 -0700135static int ipip_fb_tunnel_init(struct net_device *dev);
136static int ipip_tunnel_init(struct net_device *dev);
137static void ipip_tunnel_setup(struct net_device *dev);
138
Linus Torvalds1da177e2005-04-16 15:20:36 -0700139static DEFINE_RWLOCK(ipip_lock);
140
Pavel Emelyanovb9fae5c2008-04-16 01:04:35 -0700141static struct ip_tunnel * ipip_tunnel_lookup(struct net *net,
142 __be32 remote, __be32 local)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700143{
144 unsigned h0 = HASH(remote);
145 unsigned h1 = HASH(local);
146 struct ip_tunnel *t;
Pavel Emelyanov44d3c292008-04-16 01:05:32 -0700147 struct ipip_net *ipn = net_generic(net, ipip_net_id);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700148
Pavel Emelyanov44d3c292008-04-16 01:05:32 -0700149 for (t = ipn->tunnels_r_l[h0^h1]; t; t = t->next) {
Linus Torvalds1da177e2005-04-16 15:20:36 -0700150 if (local == t->parms.iph.saddr &&
151 remote == t->parms.iph.daddr && (t->dev->flags&IFF_UP))
152 return t;
153 }
Pavel Emelyanov44d3c292008-04-16 01:05:32 -0700154 for (t = ipn->tunnels_r[h0]; t; t = t->next) {
Linus Torvalds1da177e2005-04-16 15:20:36 -0700155 if (remote == t->parms.iph.daddr && (t->dev->flags&IFF_UP))
156 return t;
157 }
Pavel Emelyanov44d3c292008-04-16 01:05:32 -0700158 for (t = ipn->tunnels_l[h1]; t; t = t->next) {
Linus Torvalds1da177e2005-04-16 15:20:36 -0700159 if (local == t->parms.iph.saddr && (t->dev->flags&IFF_UP))
160 return t;
161 }
Pavel Emelyanov44d3c292008-04-16 01:05:32 -0700162 if ((t = ipn->tunnels_wc[0]) != NULL && (t->dev->flags&IFF_UP))
Linus Torvalds1da177e2005-04-16 15:20:36 -0700163 return t;
164 return NULL;
165}
166
Pavel Emelyanovb9fae5c2008-04-16 01:04:35 -0700167static struct ip_tunnel **__ipip_bucket(struct ipip_net *ipn,
168 struct ip_tunnel_parm *parms)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700169{
YOSHIFUJI Hideaki87d1a162007-04-24 20:44:47 +0900170 __be32 remote = parms->iph.daddr;
171 __be32 local = parms->iph.saddr;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700172 unsigned h = 0;
173 int prio = 0;
174
175 if (remote) {
176 prio |= 2;
177 h ^= HASH(remote);
178 }
179 if (local) {
180 prio |= 1;
181 h ^= HASH(local);
182 }
Pavel Emelyanov44d3c292008-04-16 01:05:32 -0700183 return &ipn->tunnels[prio][h];
Linus Torvalds1da177e2005-04-16 15:20:36 -0700184}
185
Pavel Emelyanovb9fae5c2008-04-16 01:04:35 -0700186static inline struct ip_tunnel **ipip_bucket(struct ipip_net *ipn,
187 struct ip_tunnel *t)
YOSHIFUJI Hideaki87d1a162007-04-24 20:44:47 +0900188{
Pavel Emelyanovb9fae5c2008-04-16 01:04:35 -0700189 return __ipip_bucket(ipn, &t->parms);
YOSHIFUJI Hideaki87d1a162007-04-24 20:44:47 +0900190}
Linus Torvalds1da177e2005-04-16 15:20:36 -0700191
Pavel Emelyanovb9fae5c2008-04-16 01:04:35 -0700192static void ipip_tunnel_unlink(struct ipip_net *ipn, struct ip_tunnel *t)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700193{
194 struct ip_tunnel **tp;
195
Pavel Emelyanovb9fae5c2008-04-16 01:04:35 -0700196 for (tp = ipip_bucket(ipn, t); *tp; tp = &(*tp)->next) {
Linus Torvalds1da177e2005-04-16 15:20:36 -0700197 if (t == *tp) {
198 write_lock_bh(&ipip_lock);
199 *tp = t->next;
200 write_unlock_bh(&ipip_lock);
201 break;
202 }
203 }
204}
205
Pavel Emelyanovb9fae5c2008-04-16 01:04:35 -0700206static void ipip_tunnel_link(struct ipip_net *ipn, struct ip_tunnel *t)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700207{
Pavel Emelyanovb9fae5c2008-04-16 01:04:35 -0700208 struct ip_tunnel **tp = ipip_bucket(ipn, t);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700209
210 t->next = *tp;
211 write_lock_bh(&ipip_lock);
212 *tp = t;
213 write_unlock_bh(&ipip_lock);
214}
215
Pavel Emelyanovb9fae5c2008-04-16 01:04:35 -0700216static struct ip_tunnel * ipip_tunnel_locate(struct net *net,
217 struct ip_tunnel_parm *parms, int create)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700218{
Al Virod5a0a1e2006-11-08 00:23:14 -0800219 __be32 remote = parms->iph.daddr;
220 __be32 local = parms->iph.saddr;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700221 struct ip_tunnel *t, **tp, *nt;
222 struct net_device *dev;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700223 char name[IFNAMSIZ];
Pavel Emelyanovb9fae5c2008-04-16 01:04:35 -0700224 struct ipip_net *ipn = net_generic(net, ipip_net_id);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700225
Pavel Emelyanovb9fae5c2008-04-16 01:04:35 -0700226 for (tp = __ipip_bucket(ipn, parms); (t = *tp) != NULL; tp = &t->next) {
Linus Torvalds1da177e2005-04-16 15:20:36 -0700227 if (local == t->parms.iph.saddr && remote == t->parms.iph.daddr)
228 return t;
229 }
230 if (!create)
231 return NULL;
232
233 if (parms->name[0])
234 strlcpy(name, parms->name, IFNAMSIZ);
Pavel Emelyanov34cc7ba2008-02-23 20:19:20 -0800235 else
236 sprintf(name, "tunl%%d");
Linus Torvalds1da177e2005-04-16 15:20:36 -0700237
238 dev = alloc_netdev(sizeof(*t), name, ipip_tunnel_setup);
239 if (dev == NULL)
240 return NULL;
241
Pavel Emelyanov0a826402008-04-16 01:06:18 -0700242 dev_net_set(dev, net);
243
Pavel Emelyanovb37d4282008-02-26 23:51:04 -0800244 if (strchr(name, '%')) {
245 if (dev_alloc_name(dev, name) < 0)
246 goto failed_free;
247 }
248
Patrick McHardy2941a482006-01-08 22:05:26 -0800249 nt = netdev_priv(dev);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700250 dev->init = ipip_tunnel_init;
251 nt->parms = *parms;
252
Pavel Emelyanovb37d4282008-02-26 23:51:04 -0800253 if (register_netdevice(dev) < 0)
254 goto failed_free;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700255
256 dev_hold(dev);
Pavel Emelyanovb9fae5c2008-04-16 01:04:35 -0700257 ipip_tunnel_link(ipn, nt);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700258 return nt;
259
Pavel Emelyanovb37d4282008-02-26 23:51:04 -0800260failed_free:
261 free_netdev(dev);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700262 return NULL;
263}
264
265static void ipip_tunnel_uninit(struct net_device *dev)
266{
Pavel Emelyanovb9855c52008-04-16 01:04:13 -0700267 struct net *net = dev_net(dev);
268 struct ipip_net *ipn = net_generic(net, ipip_net_id);
269
270 if (dev == ipn->fb_tunnel_dev) {
Linus Torvalds1da177e2005-04-16 15:20:36 -0700271 write_lock_bh(&ipip_lock);
Pavel Emelyanov44d3c292008-04-16 01:05:32 -0700272 ipn->tunnels_wc[0] = NULL;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700273 write_unlock_bh(&ipip_lock);
274 } else
Pavel Emelyanovb9fae5c2008-04-16 01:04:35 -0700275 ipip_tunnel_unlink(ipn, netdev_priv(dev));
Linus Torvalds1da177e2005-04-16 15:20:36 -0700276 dev_put(dev);
277}
278
Herbert Xud2acc342006-03-28 01:12:13 -0800279static int ipip_err(struct sk_buff *skb, u32 info)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700280{
281#ifndef I_WISH_WORLD_WERE_PERFECT
282
283/* It is not :-( All the routers (except for Linux) return only
284 8 bytes of packet payload. It means, that precise relaying of
285 ICMP in the real Internet is absolutely infeasible.
286 */
287 struct iphdr *iph = (struct iphdr*)skb->data;
Arnaldo Carvalho de Melo88c76642007-03-13 14:43:18 -0300288 const int type = icmp_hdr(skb)->type;
289 const int code = icmp_hdr(skb)->code;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700290 struct ip_tunnel *t;
Herbert Xud2acc342006-03-28 01:12:13 -0800291 int err;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700292
293 switch (type) {
294 default:
295 case ICMP_PARAMETERPROB:
Herbert Xud2acc342006-03-28 01:12:13 -0800296 return 0;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700297
298 case ICMP_DEST_UNREACH:
299 switch (code) {
300 case ICMP_SR_FAILED:
301 case ICMP_PORT_UNREACH:
302 /* Impossible event. */
Herbert Xud2acc342006-03-28 01:12:13 -0800303 return 0;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700304 case ICMP_FRAG_NEEDED:
305 /* Soft state for pmtu is maintained by IP core. */
Herbert Xud2acc342006-03-28 01:12:13 -0800306 return 0;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700307 default:
308 /* All others are translated to HOST_UNREACH.
309 rfc2003 contains "deep thoughts" about NET_UNREACH,
310 I believe they are just ether pollution. --ANK
311 */
312 break;
313 }
314 break;
315 case ICMP_TIME_EXCEEDED:
316 if (code != ICMP_EXC_TTL)
Herbert Xud2acc342006-03-28 01:12:13 -0800317 return 0;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700318 break;
319 }
320
Herbert Xud2acc342006-03-28 01:12:13 -0800321 err = -ENOENT;
322
Linus Torvalds1da177e2005-04-16 15:20:36 -0700323 read_lock(&ipip_lock);
Pavel Emelyanovcec3ffa2008-04-16 01:05:03 -0700324 t = ipip_tunnel_lookup(dev_net(skb->dev), iph->daddr, iph->saddr);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700325 if (t == NULL || t->parms.iph.daddr == 0)
326 goto out;
Herbert Xud2acc342006-03-28 01:12:13 -0800327
328 err = 0;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700329 if (t->parms.iph.ttl == 0 && type == ICMP_TIME_EXCEEDED)
330 goto out;
331
332 if (jiffies - t->err_time < IPTUNNEL_ERR_TIMEO)
333 t->err_count++;
334 else
335 t->err_count = 1;
336 t->err_time = jiffies;
337out:
338 read_unlock(&ipip_lock);
Herbert Xud2acc342006-03-28 01:12:13 -0800339 return err;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700340#else
341 struct iphdr *iph = (struct iphdr*)dp;
342 int hlen = iph->ihl<<2;
343 struct iphdr *eiph;
Arnaldo Carvalho de Melo88c76642007-03-13 14:43:18 -0300344 const int type = icmp_hdr(skb)->type;
345 const int code = icmp_hdr(skb)->code;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700346 int rel_type = 0;
347 int rel_code = 0;
Al Viroc55e2f42006-09-19 13:23:19 -0700348 __be32 rel_info = 0;
349 __u32 n = 0;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700350 struct sk_buff *skb2;
351 struct flowi fl;
352 struct rtable *rt;
353
354 if (len < hlen + sizeof(struct iphdr))
Herbert Xud2acc342006-03-28 01:12:13 -0800355 return 0;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700356 eiph = (struct iphdr*)(dp + hlen);
357
358 switch (type) {
359 default:
Herbert Xud2acc342006-03-28 01:12:13 -0800360 return 0;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700361 case ICMP_PARAMETERPROB:
Arnaldo Carvalho de Melo88c76642007-03-13 14:43:18 -0300362 n = ntohl(icmp_hdr(skb)->un.gateway) >> 24;
Al Viroc55e2f42006-09-19 13:23:19 -0700363 if (n < hlen)
Herbert Xud2acc342006-03-28 01:12:13 -0800364 return 0;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700365
366 /* So... This guy found something strange INSIDE encapsulated
367 packet. Well, he is fool, but what can we do ?
368 */
369 rel_type = ICMP_PARAMETERPROB;
Al Viroc55e2f42006-09-19 13:23:19 -0700370 rel_info = htonl((n - hlen) << 24);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700371 break;
372
373 case ICMP_DEST_UNREACH:
374 switch (code) {
375 case ICMP_SR_FAILED:
376 case ICMP_PORT_UNREACH:
377 /* Impossible event. */
Herbert Xud2acc342006-03-28 01:12:13 -0800378 return 0;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700379 case ICMP_FRAG_NEEDED:
380 /* And it is the only really necessary thing :-) */
Arnaldo Carvalho de Melo88c76642007-03-13 14:43:18 -0300381 n = ntohs(icmp_hdr(skb)->un.frag.mtu);
Al Viroc55e2f42006-09-19 13:23:19 -0700382 if (n < hlen+68)
Herbert Xud2acc342006-03-28 01:12:13 -0800383 return 0;
Al Viroc55e2f42006-09-19 13:23:19 -0700384 n -= hlen;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700385 /* BSD 4.2 MORE DOES NOT EXIST IN NATURE. */
Al Viroc55e2f42006-09-19 13:23:19 -0700386 if (n > ntohs(eiph->tot_len))
Herbert Xud2acc342006-03-28 01:12:13 -0800387 return 0;
Al Viroc55e2f42006-09-19 13:23:19 -0700388 rel_info = htonl(n);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700389 break;
390 default:
391 /* All others are translated to HOST_UNREACH.
392 rfc2003 contains "deep thoughts" about NET_UNREACH,
393 I believe, it is just ether pollution. --ANK
394 */
395 rel_type = ICMP_DEST_UNREACH;
396 rel_code = ICMP_HOST_UNREACH;
397 break;
398 }
399 break;
400 case ICMP_TIME_EXCEEDED:
401 if (code != ICMP_EXC_TTL)
Herbert Xud2acc342006-03-28 01:12:13 -0800402 return 0;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700403 break;
404 }
405
406 /* Prepare fake skb to feed it to icmp_send */
407 skb2 = skb_clone(skb, GFP_ATOMIC);
408 if (skb2 == NULL)
Herbert Xud2acc342006-03-28 01:12:13 -0800409 return 0;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700410 dst_release(skb2->dst);
411 skb2->dst = NULL;
412 skb_pull(skb2, skb->data - (u8*)eiph);
Arnaldo Carvalho de Meloc1d2bbe2007-04-10 20:45:18 -0700413 skb_reset_network_header(skb2);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700414
415 /* Try to guess incoming interface */
416 memset(&fl, 0, sizeof(fl));
417 fl.fl4_daddr = eiph->saddr;
418 fl.fl4_tos = RT_TOS(eiph->tos);
419 fl.proto = IPPROTO_IPIP;
Pavel Emelyanovb99f0152008-04-16 01:05:57 -0700420 if (ip_route_output_key(dev_net(skb->dev), &rt, &key)) {
Linus Torvalds1da177e2005-04-16 15:20:36 -0700421 kfree_skb(skb2);
Herbert Xud2acc342006-03-28 01:12:13 -0800422 return 0;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700423 }
424 skb2->dev = rt->u.dst.dev;
425
426 /* route "incoming" packet */
427 if (rt->rt_flags&RTCF_LOCAL) {
428 ip_rt_put(rt);
429 rt = NULL;
430 fl.fl4_daddr = eiph->daddr;
431 fl.fl4_src = eiph->saddr;
432 fl.fl4_tos = eiph->tos;
Pavel Emelyanovb99f0152008-04-16 01:05:57 -0700433 if (ip_route_output_key(dev_net(skb->dev), &rt, &fl) ||
Linus Torvalds1da177e2005-04-16 15:20:36 -0700434 rt->u.dst.dev->type != ARPHRD_TUNNEL) {
435 ip_rt_put(rt);
436 kfree_skb(skb2);
Herbert Xud2acc342006-03-28 01:12:13 -0800437 return 0;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700438 }
439 } else {
440 ip_rt_put(rt);
441 if (ip_route_input(skb2, eiph->daddr, eiph->saddr, eiph->tos, skb2->dev) ||
442 skb2->dst->dev->type != ARPHRD_TUNNEL) {
443 kfree_skb(skb2);
Herbert Xud2acc342006-03-28 01:12:13 -0800444 return 0;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700445 }
446 }
447
448 /* change mtu on this route */
449 if (type == ICMP_DEST_UNREACH && code == ICMP_FRAG_NEEDED) {
Al Viroc55e2f42006-09-19 13:23:19 -0700450 if (n > dst_mtu(skb2->dst)) {
Linus Torvalds1da177e2005-04-16 15:20:36 -0700451 kfree_skb(skb2);
Herbert Xud2acc342006-03-28 01:12:13 -0800452 return 0;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700453 }
Al Viroc55e2f42006-09-19 13:23:19 -0700454 skb2->dst->ops->update_pmtu(skb2->dst, n);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700455 } else if (type == ICMP_TIME_EXCEEDED) {
Patrick McHardy2941a482006-01-08 22:05:26 -0800456 struct ip_tunnel *t = netdev_priv(skb2->dev);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700457 if (t->parms.iph.ttl) {
458 rel_type = ICMP_DEST_UNREACH;
459 rel_code = ICMP_HOST_UNREACH;
460 }
461 }
462
463 icmp_send(skb2, rel_type, rel_code, rel_info);
464 kfree_skb(skb2);
Herbert Xud2acc342006-03-28 01:12:13 -0800465 return 0;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700466#endif
467}
468
Arnaldo Carvalho de Meloeddc9ec2007-04-20 22:47:35 -0700469static inline void ipip_ecn_decapsulate(const struct iphdr *outer_iph,
470 struct sk_buff *skb)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700471{
Arnaldo Carvalho de Meloeddc9ec2007-04-20 22:47:35 -0700472 struct iphdr *inner_iph = ip_hdr(skb);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700473
474 if (INET_ECN_is_ce(outer_iph->tos))
475 IP_ECN_set_ce(inner_iph);
476}
477
478static int ipip_rcv(struct sk_buff *skb)
479{
Linus Torvalds1da177e2005-04-16 15:20:36 -0700480 struct ip_tunnel *tunnel;
Arnaldo Carvalho de Meloeddc9ec2007-04-20 22:47:35 -0700481 const struct iphdr *iph = ip_hdr(skb);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700482
483 read_lock(&ipip_lock);
Pavel Emelyanovcec3ffa2008-04-16 01:05:03 -0700484 if ((tunnel = ipip_tunnel_lookup(dev_net(skb->dev),
Pavel Emelyanovb9fae5c2008-04-16 01:04:35 -0700485 iph->saddr, iph->daddr)) != NULL) {
Linus Torvalds1da177e2005-04-16 15:20:36 -0700486 if (!xfrm4_policy_check(NULL, XFRM_POLICY_IN, skb)) {
487 read_unlock(&ipip_lock);
488 kfree_skb(skb);
489 return 0;
490 }
491
492 secpath_reset(skb);
493
Arnaldo Carvalho de Melob0e380b2007-04-10 21:21:55 -0700494 skb->mac_header = skb->network_header;
Arnaldo Carvalho de Meloc1d2bbe2007-04-10 20:45:18 -0700495 skb_reset_network_header(skb);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700496 skb->protocol = htons(ETH_P_IP);
497 skb->pkt_type = PACKET_HOST;
498
Pavel Emelyanov50f59ce2008-05-21 14:15:16 -0700499 tunnel->dev->stats.rx_packets++;
500 tunnel->dev->stats.rx_bytes += skb->len;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700501 skb->dev = tunnel->dev;
502 dst_release(skb->dst);
503 skb->dst = NULL;
504 nf_reset(skb);
505 ipip_ecn_decapsulate(iph, skb);
506 netif_rx(skb);
507 read_unlock(&ipip_lock);
508 return 0;
509 }
510 read_unlock(&ipip_lock);
511
Linus Torvalds1da177e2005-04-16 15:20:36 -0700512 return -1;
513}
514
515/*
516 * This function assumes it is being called from dev_queue_xmit()
517 * and that skb is filled properly by that function.
518 */
519
520static int ipip_tunnel_xmit(struct sk_buff *skb, struct net_device *dev)
521{
Patrick McHardy2941a482006-01-08 22:05:26 -0800522 struct ip_tunnel *tunnel = netdev_priv(dev);
Pavel Emelyanov50f59ce2008-05-21 14:15:16 -0700523 struct net_device_stats *stats = &tunnel->dev->stats;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700524 struct iphdr *tiph = &tunnel->parms.iph;
525 u8 tos = tunnel->parms.iph.tos;
Al Virod5a0a1e2006-11-08 00:23:14 -0800526 __be16 df = tiph->frag_off;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700527 struct rtable *rt; /* Route to the other host */
528 struct net_device *tdev; /* Device to other host */
Arnaldo Carvalho de Meloeddc9ec2007-04-20 22:47:35 -0700529 struct iphdr *old_iph = ip_hdr(skb);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700530 struct iphdr *iph; /* Our new IP header */
Chuck Leverc2636b42007-10-23 21:07:32 -0700531 unsigned int max_headroom; /* The extra header space needed */
Al Virod5a0a1e2006-11-08 00:23:14 -0800532 __be32 dst = tiph->daddr;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700533 int mtu;
534
535 if (tunnel->recursion++) {
Pavel Emelyanov50f59ce2008-05-21 14:15:16 -0700536 stats->collisions++;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700537 goto tx_error;
538 }
539
540 if (skb->protocol != htons(ETH_P_IP))
541 goto tx_error;
542
543 if (tos&1)
544 tos = old_iph->tos;
545
546 if (!dst) {
547 /* NBMA tunnel */
Eric Dumazetee6b9672008-03-05 18:30:47 -0800548 if ((rt = skb->rtable) == NULL) {
Pavel Emelyanov50f59ce2008-05-21 14:15:16 -0700549 stats->tx_fifo_errors++;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700550 goto tx_error;
551 }
552 if ((dst = rt->rt_gateway) == 0)
553 goto tx_error_icmp;
554 }
555
556 {
557 struct flowi fl = { .oif = tunnel->parms.link,
558 .nl_u = { .ip4_u =
559 { .daddr = dst,
560 .saddr = tiph->saddr,
561 .tos = RT_TOS(tos) } },
562 .proto = IPPROTO_IPIP };
Pavel Emelyanovb99f0152008-04-16 01:05:57 -0700563 if (ip_route_output_key(dev_net(dev), &rt, &fl)) {
Pavel Emelyanov50f59ce2008-05-21 14:15:16 -0700564 stats->tx_carrier_errors++;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700565 goto tx_error_icmp;
566 }
567 }
568 tdev = rt->u.dst.dev;
569
570 if (tdev == dev) {
571 ip_rt_put(rt);
Pavel Emelyanov50f59ce2008-05-21 14:15:16 -0700572 stats->collisions++;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700573 goto tx_error;
574 }
575
576 if (tiph->frag_off)
577 mtu = dst_mtu(&rt->u.dst) - sizeof(struct iphdr);
578 else
579 mtu = skb->dst ? dst_mtu(skb->dst) : dev->mtu;
580
581 if (mtu < 68) {
Pavel Emelyanov50f59ce2008-05-21 14:15:16 -0700582 stats->collisions++;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700583 ip_rt_put(rt);
584 goto tx_error;
585 }
586 if (skb->dst)
587 skb->dst->ops->update_pmtu(skb->dst, mtu);
588
589 df |= (old_iph->frag_off&htons(IP_DF));
590
591 if ((old_iph->frag_off&htons(IP_DF)) && mtu < ntohs(old_iph->tot_len)) {
592 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED, htonl(mtu));
593 ip_rt_put(rt);
594 goto tx_error;
595 }
596
597 if (tunnel->err_count > 0) {
598 if (jiffies - tunnel->err_time < IPTUNNEL_ERR_TIMEO) {
599 tunnel->err_count--;
600 dst_link_failure(skb);
601 } else
602 tunnel->err_count = 0;
603 }
604
605 /*
606 * Okay, now see if we can stuff it in the buffer as-is.
607 */
608 max_headroom = (LL_RESERVED_SPACE(tdev)+sizeof(struct iphdr));
609
Patrick McHardycfbba492007-07-09 15:33:40 -0700610 if (skb_headroom(skb) < max_headroom || skb_shared(skb) ||
611 (skb_cloned(skb) && !skb_clone_writable(skb, 0))) {
Linus Torvalds1da177e2005-04-16 15:20:36 -0700612 struct sk_buff *new_skb = skb_realloc_headroom(skb, max_headroom);
613 if (!new_skb) {
614 ip_rt_put(rt);
YOSHIFUJI Hideakie905a9e2007-02-09 23:24:47 +0900615 stats->tx_dropped++;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700616 dev_kfree_skb(skb);
617 tunnel->recursion--;
618 return 0;
619 }
620 if (skb->sk)
621 skb_set_owner_w(new_skb, skb->sk);
622 dev_kfree_skb(skb);
623 skb = new_skb;
Arnaldo Carvalho de Meloeddc9ec2007-04-20 22:47:35 -0700624 old_iph = ip_hdr(skb);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700625 }
626
Arnaldo Carvalho de Melob0e380b2007-04-10 21:21:55 -0700627 skb->transport_header = skb->network_header;
Arnaldo Carvalho de Meloe2d1bca2007-04-10 20:46:21 -0700628 skb_push(skb, sizeof(struct iphdr));
629 skb_reset_network_header(skb);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700630 memset(&(IPCB(skb)->opt), 0, sizeof(IPCB(skb)->opt));
Patrick McHardy48d5cad2006-02-15 15:10:22 -0800631 IPCB(skb)->flags &= ~(IPSKB_XFRM_TUNNEL_SIZE | IPSKB_XFRM_TRANSFORMED |
632 IPSKB_REROUTED);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700633 dst_release(skb->dst);
634 skb->dst = &rt->u.dst;
635
636 /*
637 * Push down and install the IPIP header.
638 */
639
Arnaldo Carvalho de Meloeddc9ec2007-04-20 22:47:35 -0700640 iph = ip_hdr(skb);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700641 iph->version = 4;
642 iph->ihl = sizeof(struct iphdr)>>2;
643 iph->frag_off = df;
644 iph->protocol = IPPROTO_IPIP;
645 iph->tos = INET_ECN_encapsulate(tos, old_iph->tos);
646 iph->daddr = rt->rt_dst;
647 iph->saddr = rt->rt_src;
648
649 if ((iph->ttl = tiph->ttl) == 0)
650 iph->ttl = old_iph->ttl;
651
652 nf_reset(skb);
653
654 IPTUNNEL_XMIT();
655 tunnel->recursion--;
656 return 0;
657
658tx_error_icmp:
659 dst_link_failure(skb);
660tx_error:
661 stats->tx_errors++;
662 dev_kfree_skb(skb);
663 tunnel->recursion--;
664 return 0;
665}
666
Michal Schmidt55339952007-12-12 11:01:43 -0800667static void ipip_tunnel_bind_dev(struct net_device *dev)
668{
669 struct net_device *tdev = NULL;
670 struct ip_tunnel *tunnel;
671 struct iphdr *iph;
672
673 tunnel = netdev_priv(dev);
674 iph = &tunnel->parms.iph;
675
676 if (iph->daddr) {
677 struct flowi fl = { .oif = tunnel->parms.link,
678 .nl_u = { .ip4_u =
679 { .daddr = iph->daddr,
680 .saddr = iph->saddr,
681 .tos = RT_TOS(iph->tos) } },
682 .proto = IPPROTO_IPIP };
683 struct rtable *rt;
Pavel Emelyanovb99f0152008-04-16 01:05:57 -0700684 if (!ip_route_output_key(dev_net(dev), &rt, &fl)) {
Michal Schmidt55339952007-12-12 11:01:43 -0800685 tdev = rt->u.dst.dev;
686 ip_rt_put(rt);
687 }
688 dev->flags |= IFF_POINTOPOINT;
689 }
690
691 if (!tdev && tunnel->parms.link)
Pavel Emelyanovb99f0152008-04-16 01:05:57 -0700692 tdev = __dev_get_by_index(dev_net(dev), tunnel->parms.link);
Michal Schmidt55339952007-12-12 11:01:43 -0800693
694 if (tdev) {
695 dev->hard_header_len = tdev->hard_header_len + sizeof(struct iphdr);
696 dev->mtu = tdev->mtu - sizeof(struct iphdr);
697 }
698 dev->iflink = tunnel->parms.link;
699}
700
Linus Torvalds1da177e2005-04-16 15:20:36 -0700701static int
702ipip_tunnel_ioctl (struct net_device *dev, struct ifreq *ifr, int cmd)
703{
704 int err = 0;
705 struct ip_tunnel_parm p;
706 struct ip_tunnel *t;
Pavel Emelyanovb9855c52008-04-16 01:04:13 -0700707 struct net *net = dev_net(dev);
708 struct ipip_net *ipn = net_generic(net, ipip_net_id);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700709
710 switch (cmd) {
711 case SIOCGETTUNNEL:
712 t = NULL;
Pavel Emelyanovb9855c52008-04-16 01:04:13 -0700713 if (dev == ipn->fb_tunnel_dev) {
Linus Torvalds1da177e2005-04-16 15:20:36 -0700714 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p))) {
715 err = -EFAULT;
716 break;
717 }
Pavel Emelyanovb9fae5c2008-04-16 01:04:35 -0700718 t = ipip_tunnel_locate(net, &p, 0);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700719 }
720 if (t == NULL)
Patrick McHardy2941a482006-01-08 22:05:26 -0800721 t = netdev_priv(dev);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700722 memcpy(&p, &t->parms, sizeof(p));
723 if (copy_to_user(ifr->ifr_ifru.ifru_data, &p, sizeof(p)))
724 err = -EFAULT;
725 break;
726
727 case SIOCADDTUNNEL:
728 case SIOCCHGTUNNEL:
729 err = -EPERM;
730 if (!capable(CAP_NET_ADMIN))
731 goto done;
732
733 err = -EFAULT;
734 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p)))
735 goto done;
736
737 err = -EINVAL;
738 if (p.iph.version != 4 || p.iph.protocol != IPPROTO_IPIP ||
739 p.iph.ihl != 5 || (p.iph.frag_off&htons(~IP_DF)))
740 goto done;
741 if (p.iph.ttl)
742 p.iph.frag_off |= htons(IP_DF);
743
Pavel Emelyanovb9fae5c2008-04-16 01:04:35 -0700744 t = ipip_tunnel_locate(net, &p, cmd == SIOCADDTUNNEL);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700745
Pavel Emelyanovb9855c52008-04-16 01:04:13 -0700746 if (dev != ipn->fb_tunnel_dev && cmd == SIOCCHGTUNNEL) {
Linus Torvalds1da177e2005-04-16 15:20:36 -0700747 if (t != NULL) {
748 if (t->dev != dev) {
749 err = -EEXIST;
750 break;
751 }
752 } else {
753 if (((dev->flags&IFF_POINTOPOINT) && !p.iph.daddr) ||
754 (!(dev->flags&IFF_POINTOPOINT) && p.iph.daddr)) {
755 err = -EINVAL;
756 break;
757 }
Patrick McHardy2941a482006-01-08 22:05:26 -0800758 t = netdev_priv(dev);
Pavel Emelyanovb9fae5c2008-04-16 01:04:35 -0700759 ipip_tunnel_unlink(ipn, t);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700760 t->parms.iph.saddr = p.iph.saddr;
761 t->parms.iph.daddr = p.iph.daddr;
762 memcpy(dev->dev_addr, &p.iph.saddr, 4);
763 memcpy(dev->broadcast, &p.iph.daddr, 4);
Pavel Emelyanovb9fae5c2008-04-16 01:04:35 -0700764 ipip_tunnel_link(ipn, t);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700765 netdev_state_change(dev);
766 }
767 }
768
769 if (t) {
770 err = 0;
771 if (cmd == SIOCCHGTUNNEL) {
772 t->parms.iph.ttl = p.iph.ttl;
773 t->parms.iph.tos = p.iph.tos;
774 t->parms.iph.frag_off = p.iph.frag_off;
Michal Schmidt55339952007-12-12 11:01:43 -0800775 if (t->parms.link != p.link) {
776 t->parms.link = p.link;
777 ipip_tunnel_bind_dev(dev);
778 netdev_state_change(dev);
779 }
Linus Torvalds1da177e2005-04-16 15:20:36 -0700780 }
781 if (copy_to_user(ifr->ifr_ifru.ifru_data, &t->parms, sizeof(p)))
782 err = -EFAULT;
783 } else
784 err = (cmd == SIOCADDTUNNEL ? -ENOBUFS : -ENOENT);
785 break;
786
787 case SIOCDELTUNNEL:
788 err = -EPERM;
789 if (!capable(CAP_NET_ADMIN))
790 goto done;
791
Pavel Emelyanovb9855c52008-04-16 01:04:13 -0700792 if (dev == ipn->fb_tunnel_dev) {
Linus Torvalds1da177e2005-04-16 15:20:36 -0700793 err = -EFAULT;
794 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p)))
795 goto done;
796 err = -ENOENT;
Pavel Emelyanovb9fae5c2008-04-16 01:04:35 -0700797 if ((t = ipip_tunnel_locate(net, &p, 0)) == NULL)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700798 goto done;
799 err = -EPERM;
Pavel Emelyanovb9855c52008-04-16 01:04:13 -0700800 if (t->dev == ipn->fb_tunnel_dev)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700801 goto done;
802 dev = t->dev;
803 }
Stephen Hemminger22f8cde2007-02-07 00:09:58 -0800804 unregister_netdevice(dev);
805 err = 0;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700806 break;
807
808 default:
809 err = -EINVAL;
810 }
811
812done:
813 return err;
814}
815
Linus Torvalds1da177e2005-04-16 15:20:36 -0700816static int ipip_tunnel_change_mtu(struct net_device *dev, int new_mtu)
817{
818 if (new_mtu < 68 || new_mtu > 0xFFF8 - sizeof(struct iphdr))
819 return -EINVAL;
820 dev->mtu = new_mtu;
821 return 0;
822}
823
824static void ipip_tunnel_setup(struct net_device *dev)
825{
Linus Torvalds1da177e2005-04-16 15:20:36 -0700826 dev->uninit = ipip_tunnel_uninit;
827 dev->hard_start_xmit = ipip_tunnel_xmit;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700828 dev->do_ioctl = ipip_tunnel_ioctl;
829 dev->change_mtu = ipip_tunnel_change_mtu;
830 dev->destructor = free_netdev;
831
832 dev->type = ARPHRD_TUNNEL;
833 dev->hard_header_len = LL_MAX_HEADER + sizeof(struct iphdr);
Kris Katterjohn46f25df2006-01-05 16:35:42 -0800834 dev->mtu = ETH_DATA_LEN - sizeof(struct iphdr);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700835 dev->flags = IFF_NOARP;
836 dev->iflink = 0;
837 dev->addr_len = 4;
Pavel Emelyanov0a826402008-04-16 01:06:18 -0700838 dev->features |= NETIF_F_NETNS_LOCAL;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700839}
840
841static int ipip_tunnel_init(struct net_device *dev)
842{
Linus Torvalds1da177e2005-04-16 15:20:36 -0700843 struct ip_tunnel *tunnel;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700844
Patrick McHardy2941a482006-01-08 22:05:26 -0800845 tunnel = netdev_priv(dev);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700846
847 tunnel->dev = dev;
848 strcpy(tunnel->parms.name, dev->name);
849
850 memcpy(dev->dev_addr, &tunnel->parms.iph.saddr, 4);
851 memcpy(dev->broadcast, &tunnel->parms.iph.daddr, 4);
852
Michal Schmidt55339952007-12-12 11:01:43 -0800853 ipip_tunnel_bind_dev(dev);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700854
855 return 0;
856}
857
Pavel Emelyanovb9855c52008-04-16 01:04:13 -0700858static int ipip_fb_tunnel_init(struct net_device *dev)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700859{
Patrick McHardy2941a482006-01-08 22:05:26 -0800860 struct ip_tunnel *tunnel = netdev_priv(dev);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700861 struct iphdr *iph = &tunnel->parms.iph;
Pavel Emelyanov44d3c292008-04-16 01:05:32 -0700862 struct ipip_net *ipn = net_generic(dev_net(dev), ipip_net_id);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700863
864 tunnel->dev = dev;
865 strcpy(tunnel->parms.name, dev->name);
866
867 iph->version = 4;
868 iph->protocol = IPPROTO_IPIP;
869 iph->ihl = 5;
870
871 dev_hold(dev);
Pavel Emelyanov44d3c292008-04-16 01:05:32 -0700872 ipn->tunnels_wc[0] = tunnel;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700873 return 0;
874}
875
876static struct xfrm_tunnel ipip_handler = {
877 .handler = ipip_rcv,
878 .err_handler = ipip_err,
Herbert Xud2acc342006-03-28 01:12:13 -0800879 .priority = 1,
Linus Torvalds1da177e2005-04-16 15:20:36 -0700880};
881
882static char banner[] __initdata =
883 KERN_INFO "IPv4 over IPv4 tunneling driver\n";
884
Pavel Emelyanov44d3c292008-04-16 01:05:32 -0700885static void ipip_destroy_tunnels(struct ipip_net *ipn)
886{
887 int prio;
888
889 for (prio = 1; prio < 4; prio++) {
890 int h;
891 for (h = 0; h < HASH_SIZE; h++) {
892 struct ip_tunnel *t;
893 while ((t = ipn->tunnels[prio][h]) != NULL)
894 unregister_netdevice(t->dev);
895 }
896 }
897}
898
Pavel Emelyanov10dc4c72008-04-16 01:03:13 -0700899static int ipip_init_net(struct net *net)
900{
901 int err;
902 struct ipip_net *ipn;
903
904 err = -ENOMEM;
Pavel Emelyanov44d3c292008-04-16 01:05:32 -0700905 ipn = kzalloc(sizeof(struct ipip_net), GFP_KERNEL);
Pavel Emelyanov10dc4c72008-04-16 01:03:13 -0700906 if (ipn == NULL)
907 goto err_alloc;
908
909 err = net_assign_generic(net, ipip_net_id, ipn);
910 if (err < 0)
911 goto err_assign;
912
Pavel Emelyanov44d3c292008-04-16 01:05:32 -0700913 ipn->tunnels[0] = ipn->tunnels_wc;
914 ipn->tunnels[1] = ipn->tunnels_l;
915 ipn->tunnels[2] = ipn->tunnels_r;
916 ipn->tunnels[3] = ipn->tunnels_r_l;
917
Pavel Emelyanovb9855c52008-04-16 01:04:13 -0700918 ipn->fb_tunnel_dev = alloc_netdev(sizeof(struct ip_tunnel),
919 "tunl0",
920 ipip_tunnel_setup);
921 if (!ipn->fb_tunnel_dev) {
922 err = -ENOMEM;
923 goto err_alloc_dev;
924 }
925
926 ipn->fb_tunnel_dev->init = ipip_fb_tunnel_init;
927 dev_net_set(ipn->fb_tunnel_dev, net);
928
929 if ((err = register_netdev(ipn->fb_tunnel_dev)))
930 goto err_reg_dev;
931
Pavel Emelyanov10dc4c72008-04-16 01:03:13 -0700932 return 0;
933
Pavel Emelyanovb9855c52008-04-16 01:04:13 -0700934err_reg_dev:
935 free_netdev(ipn->fb_tunnel_dev);
936err_alloc_dev:
937 /* nothing */
Pavel Emelyanov10dc4c72008-04-16 01:03:13 -0700938err_assign:
939 kfree(ipn);
940err_alloc:
941 return err;
942}
943
944static void ipip_exit_net(struct net *net)
945{
946 struct ipip_net *ipn;
947
948 ipn = net_generic(net, ipip_net_id);
Pavel Emelyanovb9855c52008-04-16 01:04:13 -0700949 rtnl_lock();
Pavel Emelyanov44d3c292008-04-16 01:05:32 -0700950 ipip_destroy_tunnels(ipn);
Pavel Emelyanovb9855c52008-04-16 01:04:13 -0700951 unregister_netdevice(ipn->fb_tunnel_dev);
952 rtnl_unlock();
Pavel Emelyanov10dc4c72008-04-16 01:03:13 -0700953 kfree(ipn);
954}
955
956static struct pernet_operations ipip_net_ops = {
957 .init = ipip_init_net,
958 .exit = ipip_exit_net,
959};
960
Linus Torvalds1da177e2005-04-16 15:20:36 -0700961static int __init ipip_init(void)
962{
963 int err;
964
965 printk(banner);
966
Kazunori MIYAZAWAc0d56402007-02-13 12:54:47 -0800967 if (xfrm4_tunnel_register(&ipip_handler, AF_INET)) {
Linus Torvalds1da177e2005-04-16 15:20:36 -0700968 printk(KERN_INFO "ipip init: can't register tunnel\n");
969 return -EAGAIN;
970 }
971
Pavel Emelyanov10dc4c72008-04-16 01:03:13 -0700972 err = register_pernet_gen_device(&ipip_net_id, &ipip_net_ops);
973 if (err)
Pavel Emelyanovb9855c52008-04-16 01:04:13 -0700974 xfrm4_tunnel_deregister(&ipip_handler, AF_INET);
975
Linus Torvalds1da177e2005-04-16 15:20:36 -0700976 return err;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700977}
978
979static void __exit ipip_fini(void)
980{
Kazunori MIYAZAWAc0d56402007-02-13 12:54:47 -0800981 if (xfrm4_tunnel_deregister(&ipip_handler, AF_INET))
Linus Torvalds1da177e2005-04-16 15:20:36 -0700982 printk(KERN_INFO "ipip close: can't deregister tunnel\n");
983
Pavel Emelyanov10dc4c72008-04-16 01:03:13 -0700984 unregister_pernet_gen_device(ipip_net_id, &ipip_net_ops);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700985}
986
987module_init(ipip_init);
988module_exit(ipip_fini);
989MODULE_LICENSE("GPL");