Commit | Line | Data |
---|---|---|
2874c5fd | 1 | // SPDX-License-Identifier: GPL-2.0-or-later |
1da177e4 | 2 | /* |
c4d3efaf | 3 | * IPv6 tunneling device |
1da177e4 LT |
4 | * Linux INET6 implementation |
5 | * | |
6 | * Authors: | |
1ab1457c | 7 | * Ville Nuorvala <vnuorval@tcs.hut.fi> |
c4d3efaf | 8 | * Yasuyuki Kozakai <kozakai@linux-ipv6.org> |
1da177e4 | 9 | * |
1da177e4 | 10 | * Based on: |
c4d3efaf | 11 | * linux/net/ipv6/sit.c and linux/net/ipv4/ipip.c |
1da177e4 LT |
12 | * |
13 | * RFC 2473 | |
1da177e4 LT |
14 | */ |
15 | ||
f3213831 JP |
16 | #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt |
17 | ||
1da177e4 | 18 | #include <linux/module.h> |
4fc268d2 | 19 | #include <linux/capability.h> |
1da177e4 LT |
20 | #include <linux/errno.h> |
21 | #include <linux/types.h> | |
22 | #include <linux/sockios.h> | |
c4d3efaf | 23 | #include <linux/icmp.h> |
1da177e4 LT |
24 | #include <linux/if.h> |
25 | #include <linux/in.h> | |
26 | #include <linux/ip.h> | |
1da177e4 LT |
27 | #include <linux/net.h> |
28 | #include <linux/in6.h> | |
29 | #include <linux/netdevice.h> | |
30 | #include <linux/if_arp.h> | |
31 | #include <linux/icmpv6.h> | |
32 | #include <linux/init.h> | |
33 | #include <linux/route.h> | |
34 | #include <linux/rtnetlink.h> | |
35 | #include <linux/netfilter_ipv6.h> | |
5a0e3ad6 | 36 | #include <linux/slab.h> |
ddbe5032 | 37 | #include <linux/hash.h> |
e837735e | 38 | #include <linux/etherdevice.h> |
1da177e4 | 39 | |
7c0f6ba6 | 40 | #include <linux/uaccess.h> |
60063497 | 41 | #include <linux/atomic.h> |
1da177e4 | 42 | |
c4d3efaf | 43 | #include <net/icmp.h> |
1da177e4 | 44 | #include <net/ip.h> |
c5441932 | 45 | #include <net/ip_tunnels.h> |
1da177e4 | 46 | #include <net/ipv6.h> |
1da177e4 LT |
47 | #include <net/ip6_route.h> |
48 | #include <net/addrconf.h> | |
49 | #include <net/ip6_tunnel.h> | |
50 | #include <net/xfrm.h> | |
51 | #include <net/dsfield.h> | |
52 | #include <net/inet_ecn.h> | |
13eeb8e9 PE |
53 | #include <net/net_namespace.h> |
54 | #include <net/netns/generic.h> | |
8d79266b | 55 | #include <net/dst_metadata.h> |
1da177e4 LT |
56 | |
57 | MODULE_AUTHOR("Ville Nuorvala"); | |
c4d3efaf | 58 | MODULE_DESCRIPTION("IPv6 tunneling device"); |
1da177e4 | 59 | MODULE_LICENSE("GPL"); |
f98f89a0 | 60 | MODULE_ALIAS_RTNL_LINK("ip6tnl"); |
6dfbd87a | 61 | MODULE_ALIAS_NETDEV("ip6tnl0"); |
1da177e4 | 62 | |
e87a8f24 JK |
63 | #define IP6_TUNNEL_HASH_SIZE_SHIFT 5 |
64 | #define IP6_TUNNEL_HASH_SIZE (1 << IP6_TUNNEL_HASH_SIZE_SHIFT) | |
1da177e4 | 65 | |
f4e0b4c5 ND |
66 | static bool log_ecn_error = true; |
67 | module_param(log_ecn_error, bool, 0644); | |
68 | MODULE_PARM_DESC(log_ecn_error, "Log packets received with corrupted ECN"); | |
69 | ||
ddbe5032 ED |
70 | static u32 HASH(const struct in6_addr *addr1, const struct in6_addr *addr2) |
71 | { | |
72 | u32 hash = ipv6_addr_hash(addr1) ^ ipv6_addr_hash(addr2); | |
73 | ||
e87a8f24 | 74 | return hash_32(hash, IP6_TUNNEL_HASH_SIZE_SHIFT); |
ddbe5032 | 75 | } |
1da177e4 | 76 | |
8560f226 | 77 | static int ip6_tnl_dev_init(struct net_device *dev); |
3144581c | 78 | static void ip6_tnl_dev_setup(struct net_device *dev); |
c075b130 | 79 | static struct rtnl_link_ops ip6_link_ops __read_mostly; |
1da177e4 | 80 | |
c7d03a00 | 81 | static unsigned int ip6_tnl_net_id __read_mostly; |
13eeb8e9 | 82 | struct ip6_tnl_net { |
15820e12 PE |
83 | /* the IPv6 tunnel fallback device */ |
84 | struct net_device *fb_tnl_dev; | |
3e6c9fb5 | 85 | /* lists for storing tunnels in use */ |
e87a8f24 | 86 | struct ip6_tnl __rcu *tnls_r_l[IP6_TUNNEL_HASH_SIZE]; |
94767632 ED |
87 | struct ip6_tnl __rcu *tnls_wc[1]; |
88 | struct ip6_tnl __rcu **tnls[2]; | |
8d79266b | 89 | struct ip6_tnl __rcu *collect_md_tun; |
13eeb8e9 PE |
90 | }; |
91 | ||
f200e98d VF |
92 | static inline int ip6_tnl_mpls_supported(void) |
93 | { | |
94 | return IS_ENABLED(CONFIG_MPLS); | |
95 | } | |
96 | ||
b51cd7c8 AL |
97 | #define for_each_ip6_tunnel_rcu(start) \ |
98 | for (t = rcu_dereference(start); t; t = rcu_dereference(t->next)) | |
99 | ||
1da177e4 | 100 | /** |
3144581c | 101 | * ip6_tnl_lookup - fetch tunnel matching the end-point addresses |
b51cd7c8 | 102 | * @net: network namespace |
5fdcce21 | 103 | * @link: ifindex of underlying interface |
1ab1457c YH |
104 | * @remote: the address of the tunnel exit-point |
105 | * @local: the address of the tunnel entry-point | |
1da177e4 | 106 | * |
1ab1457c | 107 | * Return: |
1da177e4 | 108 | * tunnel matching given end-points if found, |
1ab1457c | 109 | * else fallback tunnel if its device is up, |
1da177e4 LT |
110 | * else %NULL |
111 | **/ | |
112 | ||
113 | static struct ip6_tnl * | |
5fdcce21 WD |
114 | ip6_tnl_lookup(struct net *net, int link, |
115 | const struct in6_addr *remote, const struct in6_addr *local) | |
1da177e4 | 116 | { |
ddbe5032 | 117 | unsigned int hash = HASH(remote, local); |
5fdcce21 | 118 | struct ip6_tnl *t, *cand = NULL; |
3e6c9fb5 | 119 | struct ip6_tnl_net *ip6n = net_generic(net, ip6_tnl_net_id); |
ea3dc960 | 120 | struct in6_addr any; |
1da177e4 | 121 | |
ddbe5032 | 122 | for_each_ip6_tunnel_rcu(ip6n->tnls_r_l[hash]) { |
5fdcce21 WD |
123 | if (!ipv6_addr_equal(local, &t->parms.laddr) || |
124 | !ipv6_addr_equal(remote, &t->parms.raddr) || | |
125 | !(t->dev->flags & IFF_UP)) | |
126 | continue; | |
127 | ||
128 | if (link == t->parms.link) | |
1da177e4 | 129 | return t; |
5fdcce21 WD |
130 | else |
131 | cand = t; | |
1da177e4 | 132 | } |
ea3dc960 SK |
133 | |
134 | memset(&any, 0, sizeof(any)); | |
135 | hash = HASH(&any, local); | |
136 | for_each_ip6_tunnel_rcu(ip6n->tnls_r_l[hash]) { | |
5fdcce21 WD |
137 | if (!ipv6_addr_equal(local, &t->parms.laddr) || |
138 | !ipv6_addr_any(&t->parms.raddr) || | |
139 | !(t->dev->flags & IFF_UP)) | |
140 | continue; | |
141 | ||
142 | if (link == t->parms.link) | |
ea3dc960 | 143 | return t; |
5fdcce21 WD |
144 | else if (!cand) |
145 | cand = t; | |
ea3dc960 SK |
146 | } |
147 | ||
148 | hash = HASH(remote, &any); | |
149 | for_each_ip6_tunnel_rcu(ip6n->tnls_r_l[hash]) { | |
5fdcce21 WD |
150 | if (!ipv6_addr_equal(remote, &t->parms.raddr) || |
151 | !ipv6_addr_any(&t->parms.laddr) || | |
152 | !(t->dev->flags & IFF_UP)) | |
153 | continue; | |
154 | ||
155 | if (link == t->parms.link) | |
ea3dc960 | 156 | return t; |
5fdcce21 WD |
157 | else if (!cand) |
158 | cand = t; | |
ea3dc960 SK |
159 | } |
160 | ||
5fdcce21 WD |
161 | if (cand) |
162 | return cand; | |
163 | ||
8d79266b | 164 | t = rcu_dereference(ip6n->collect_md_tun); |
6c1cb439 | 165 | if (t && t->dev->flags & IFF_UP) |
8d79266b AS |
166 | return t; |
167 | ||
2922bc8a ED |
168 | t = rcu_dereference(ip6n->tnls_wc[0]); |
169 | if (t && (t->dev->flags & IFF_UP)) | |
1da177e4 LT |
170 | return t; |
171 | ||
172 | return NULL; | |
173 | } | |
174 | ||
175 | /** | |
3144581c | 176 | * ip6_tnl_bucket - get head of list matching given tunnel parameters |
2c4de211 | 177 | * @ip6n: the private data for ip6_vti in the netns |
1ab1457c | 178 | * @p: parameters containing tunnel end-points |
1da177e4 LT |
179 | * |
180 | * Description: | |
3144581c | 181 | * ip6_tnl_bucket() returns the head of the list matching the |
1da177e4 LT |
182 | * &struct in6_addr entries laddr and raddr in @p. |
183 | * | |
1ab1457c | 184 | * Return: head of IPv6 tunnel list |
1da177e4 LT |
185 | **/ |
186 | ||
94767632 | 187 | static struct ip6_tnl __rcu ** |
c12b395a | 188 | ip6_tnl_bucket(struct ip6_tnl_net *ip6n, const struct __ip6_tnl_parm *p) |
1da177e4 | 189 | { |
b71d1d42 ED |
190 | const struct in6_addr *remote = &p->raddr; |
191 | const struct in6_addr *local = &p->laddr; | |
95c96174 | 192 | unsigned int h = 0; |
1da177e4 LT |
193 | int prio = 0; |
194 | ||
195 | if (!ipv6_addr_any(remote) || !ipv6_addr_any(local)) { | |
196 | prio = 1; | |
ddbe5032 | 197 | h = HASH(remote, local); |
1da177e4 | 198 | } |
3e6c9fb5 | 199 | return &ip6n->tnls[prio][h]; |
1da177e4 LT |
200 | } |
201 | ||
202 | /** | |
3144581c | 203 | * ip6_tnl_link - add tunnel to hash table |
2c4de211 | 204 | * @ip6n: the private data for ip6_vti in the netns |
1da177e4 LT |
205 | * @t: tunnel to be added |
206 | **/ | |
207 | ||
208 | static void | |
2dd02c89 | 209 | ip6_tnl_link(struct ip6_tnl_net *ip6n, struct ip6_tnl *t) |
1da177e4 | 210 | { |
94767632 | 211 | struct ip6_tnl __rcu **tp = ip6_tnl_bucket(ip6n, &t->parms); |
1da177e4 | 212 | |
8d79266b AS |
213 | if (t->parms.collect_md) |
214 | rcu_assign_pointer(ip6n->collect_md_tun, t); | |
cf778b00 ED |
215 | rcu_assign_pointer(t->next , rtnl_dereference(*tp)); |
216 | rcu_assign_pointer(*tp, t); | |
1da177e4 LT |
217 | } |
218 | ||
219 | /** | |
3144581c | 220 | * ip6_tnl_unlink - remove tunnel from hash table |
2c4de211 | 221 | * @ip6n: the private data for ip6_vti in the netns |
1da177e4 LT |
222 | * @t: tunnel to be removed |
223 | **/ | |
224 | ||
225 | static void | |
2dd02c89 | 226 | ip6_tnl_unlink(struct ip6_tnl_net *ip6n, struct ip6_tnl *t) |
1da177e4 | 227 | { |
94767632 ED |
228 | struct ip6_tnl __rcu **tp; |
229 | struct ip6_tnl *iter; | |
230 | ||
8d79266b AS |
231 | if (t->parms.collect_md) |
232 | rcu_assign_pointer(ip6n->collect_md_tun, NULL); | |
233 | ||
94767632 ED |
234 | for (tp = ip6_tnl_bucket(ip6n, &t->parms); |
235 | (iter = rtnl_dereference(*tp)) != NULL; | |
236 | tp = &iter->next) { | |
237 | if (t == iter) { | |
cf778b00 | 238 | rcu_assign_pointer(*tp, t->next); |
1da177e4 LT |
239 | break; |
240 | } | |
241 | } | |
242 | } | |
243 | ||
8560f226 ED |
244 | static void ip6_dev_free(struct net_device *dev) |
245 | { | |
cdf3464e MKL |
246 | struct ip6_tnl *t = netdev_priv(dev); |
247 | ||
0d3c703a | 248 | gro_cells_destroy(&t->gro_cells); |
607f725f | 249 | dst_cache_destroy(&t->dst_cache); |
8560f226 | 250 | free_percpu(dev->tstats); |
8560f226 ED |
251 | } |
252 | ||
0b112457 ND |
253 | static int ip6_tnl_create2(struct net_device *dev) |
254 | { | |
255 | struct ip6_tnl *t = netdev_priv(dev); | |
256 | struct net *net = dev_net(dev); | |
257 | struct ip6_tnl_net *ip6n = net_generic(net, ip6_tnl_net_id); | |
258 | int err; | |
259 | ||
b6ee376c | 260 | dev->rtnl_link_ops = &ip6_link_ops; |
0b112457 ND |
261 | err = register_netdevice(dev); |
262 | if (err < 0) | |
263 | goto out; | |
264 | ||
265 | strcpy(t->parms.name, dev->name); | |
0b112457 | 266 | |
0b112457 ND |
267 | ip6_tnl_link(ip6n, t); |
268 | return 0; | |
269 | ||
270 | out: | |
271 | return err; | |
272 | } | |
273 | ||
1da177e4 | 274 | /** |
2c53040f | 275 | * ip6_tnl_create - create a new tunnel |
b51cd7c8 | 276 | * @net: network namespace |
1da177e4 | 277 | * @p: tunnel parameters |
1da177e4 LT |
278 | * |
279 | * Description: | |
280 | * Create tunnel matching given parameters. | |
1ab1457c YH |
281 | * |
282 | * Return: | |
37355565 | 283 | * created tunnel or error pointer |
1da177e4 LT |
284 | **/ |
285 | ||
c12b395a | 286 | static struct ip6_tnl *ip6_tnl_create(struct net *net, struct __ip6_tnl_parm *p) |
1da177e4 LT |
287 | { |
288 | struct net_device *dev; | |
289 | struct ip6_tnl *t; | |
290 | char name[IFNAMSIZ]; | |
db7a65e3 | 291 | int err = -E2BIG; |
1da177e4 | 292 | |
db7a65e3 ED |
293 | if (p->name[0]) { |
294 | if (!dev_valid_name(p->name)) | |
295 | goto failed; | |
7574cc58 | 296 | strscpy(name, p->name, IFNAMSIZ); |
db7a65e3 | 297 | } else { |
34cc7ba6 | 298 | sprintf(name, "ip6tnl%%d"); |
db7a65e3 ED |
299 | } |
300 | err = -ENOMEM; | |
c835a677 TG |
301 | dev = alloc_netdev(sizeof(*t), name, NET_NAME_UNKNOWN, |
302 | ip6_tnl_dev_setup); | |
63159f29 | 303 | if (!dev) |
567131a7 | 304 | goto failed; |
1da177e4 | 305 | |
554eb277 PE |
306 | dev_net_set(dev, net); |
307 | ||
2941a486 | 308 | t = netdev_priv(dev); |
1da177e4 | 309 | t->parms = *p; |
0bd87628 | 310 | t->net = dev_net(dev); |
0b112457 | 311 | err = ip6_tnl_create2(dev); |
8560f226 ED |
312 | if (err < 0) |
313 | goto failed_free; | |
1da177e4 | 314 | |
567131a7 | 315 | return t; |
b37d428b PE |
316 | |
317 | failed_free: | |
cf124db5 | 318 | free_netdev(dev); |
567131a7 | 319 | failed: |
37355565 | 320 | return ERR_PTR(err); |
1da177e4 LT |
321 | } |
322 | ||
323 | /** | |
3144581c | 324 | * ip6_tnl_locate - find or create tunnel matching given parameters |
b51cd7c8 | 325 | * @net: network namespace |
1ab1457c | 326 | * @p: tunnel parameters |
1da177e4 LT |
327 | * @create: != 0 if allowed to create new tunnel if no match found |
328 | * | |
329 | * Description: | |
3144581c | 330 | * ip6_tnl_locate() first tries to locate an existing tunnel |
1da177e4 LT |
331 | * based on @parms. If this is unsuccessful, but @create is set a new |
332 | * tunnel device is created and registered for use. | |
333 | * | |
334 | * Return: | |
37355565 | 335 | * matching tunnel or error pointer |
1da177e4 LT |
336 | **/ |
337 | ||
2dd02c89 | 338 | static struct ip6_tnl *ip6_tnl_locate(struct net *net, |
c12b395a | 339 | struct __ip6_tnl_parm *p, int create) |
1da177e4 | 340 | { |
b71d1d42 ED |
341 | const struct in6_addr *remote = &p->raddr; |
342 | const struct in6_addr *local = &p->laddr; | |
94767632 | 343 | struct ip6_tnl __rcu **tp; |
1da177e4 | 344 | struct ip6_tnl *t; |
2dd02c89 | 345 | struct ip6_tnl_net *ip6n = net_generic(net, ip6_tnl_net_id); |
1da177e4 | 346 | |
94767632 ED |
347 | for (tp = ip6_tnl_bucket(ip6n, p); |
348 | (t = rtnl_dereference(*tp)) != NULL; | |
349 | tp = &t->next) { | |
1da177e4 | 350 | if (ipv6_addr_equal(local, &t->parms.laddr) && |
5fdcce21 WD |
351 | ipv6_addr_equal(remote, &t->parms.raddr) && |
352 | p->link == t->parms.link) { | |
2b0bb01b | 353 | if (create) |
37355565 | 354 | return ERR_PTR(-EEXIST); |
2b0bb01b | 355 | |
567131a7 | 356 | return t; |
2b0bb01b | 357 | } |
1da177e4 LT |
358 | } |
359 | if (!create) | |
37355565 | 360 | return ERR_PTR(-ENODEV); |
2dd02c89 | 361 | return ip6_tnl_create(net, p); |
1da177e4 LT |
362 | } |
363 | ||
364 | /** | |
3144581c | 365 | * ip6_tnl_dev_uninit - tunnel device uninitializer |
1da177e4 | 366 | * @dev: the device to be destroyed |
1ab1457c | 367 | * |
1da177e4 | 368 | * Description: |
3144581c | 369 | * ip6_tnl_dev_uninit() removes tunnel from its list |
1da177e4 LT |
370 | **/ |
371 | ||
372 | static void | |
3144581c | 373 | ip6_tnl_dev_uninit(struct net_device *dev) |
1da177e4 | 374 | { |
2941a486 | 375 | struct ip6_tnl *t = netdev_priv(dev); |
0bd87628 | 376 | struct net *net = t->net; |
2dd02c89 | 377 | struct ip6_tnl_net *ip6n = net_generic(net, ip6_tnl_net_id); |
1da177e4 | 378 | |
94767632 | 379 | if (dev == ip6n->fb_tnl_dev) |
a9b3cd7f | 380 | RCU_INIT_POINTER(ip6n->tnls_wc[0], NULL); |
94767632 | 381 | else |
2dd02c89 | 382 | ip6_tnl_unlink(ip6n, t); |
607f725f | 383 | dst_cache_reset(&t->dst_cache); |
d62607c3 | 384 | netdev_put(dev, &t->dev_tracker); |
1da177e4 LT |
385 | } |
386 | ||
387 | /** | |
f7b88985 | 388 | * ip6_tnl_parse_tlv_enc_lim - handle encapsulation limit option |
1da177e4 | 389 | * @skb: received socket buffer |
2c4de211 | 390 | * @raw: the ICMPv6 error message data |
1da177e4 | 391 | * |
1ab1457c YH |
392 | * Return: |
393 | * 0 if none was found, | |
1da177e4 LT |
394 | * else index to encapsulation limit |
395 | **/ | |
396 | ||
c12b395a | 397 | __u16 ip6_tnl_parse_tlv_enc_lim(struct sk_buff *skb, __u8 *raw) |
1da177e4 | 398 | { |
fbfa743a ED |
399 | const struct ipv6hdr *ipv6h = (const struct ipv6hdr *)raw; |
400 | unsigned int nhoff = raw - skb->data; | |
401 | unsigned int off = nhoff + sizeof(*ipv6h); | |
d375b98e | 402 | u8 nexthdr = ipv6h->nexthdr; |
1da177e4 LT |
403 | |
404 | while (ipv6_ext_hdr(nexthdr) && nexthdr != NEXTHDR_NONE) { | |
1da177e4 | 405 | struct ipv6_opt_hdr *hdr; |
fbfa743a ED |
406 | u16 optlen; |
407 | ||
408 | if (!pskb_may_pull(skb, off + sizeof(*hdr))) | |
1da177e4 LT |
409 | break; |
410 | ||
fbfa743a | 411 | hdr = (struct ipv6_opt_hdr *)(skb->data + off); |
1da177e4 | 412 | if (nexthdr == NEXTHDR_FRAGMENT) { |
1da177e4 LT |
413 | optlen = 8; |
414 | } else if (nexthdr == NEXTHDR_AUTH) { | |
416e8126 | 415 | optlen = ipv6_authlen(hdr); |
1da177e4 LT |
416 | } else { |
417 | optlen = ipv6_optlen(hdr); | |
418 | } | |
fbfa743a | 419 | |
d375b98e ED |
420 | if (!pskb_may_pull(skb, off + optlen)) |
421 | break; | |
422 | ||
423 | hdr = (struct ipv6_opt_hdr *)(skb->data + off); | |
424 | if (nexthdr == NEXTHDR_FRAGMENT) { | |
425 | struct frag_hdr *frag_hdr = (struct frag_hdr *)hdr; | |
426 | ||
427 | if (frag_hdr->frag_off) | |
fbfa743a | 428 | break; |
d375b98e ED |
429 | } |
430 | if (nexthdr == NEXTHDR_DEST) { | |
431 | u16 i = 2; | |
fbfa743a | 432 | |
1da177e4 LT |
433 | while (1) { |
434 | struct ipv6_tlv_tnl_enc_lim *tel; | |
435 | ||
436 | /* No more room for encapsulation limit */ | |
fbfa743a | 437 | if (i + sizeof(*tel) > optlen) |
1da177e4 LT |
438 | break; |
439 | ||
63117f09 | 440 | tel = (struct ipv6_tlv_tnl_enc_lim *)(skb->data + off + i); |
1da177e4 LT |
441 | /* return index of option if found and valid */ |
442 | if (tel->type == IPV6_TLV_TNL_ENCAP_LIMIT && | |
443 | tel->length == 1) | |
fbfa743a | 444 | return i + off - nhoff; |
1da177e4 LT |
445 | /* else jump to next option */ |
446 | if (tel->type) | |
447 | i += tel->length + 2; | |
448 | else | |
449 | i++; | |
450 | } | |
451 | } | |
d375b98e | 452 | nexthdr = hdr->nexthdr; |
1da177e4 LT |
453 | off += optlen; |
454 | } | |
455 | return 0; | |
456 | } | |
c12b395a | 457 | EXPORT_SYMBOL(ip6_tnl_parse_tlv_enc_lim); |
1da177e4 | 458 | |
2c4de211 XL |
459 | /* ip6_tnl_err() should handle errors in the tunnel according to the |
460 | * specifications in RFC 2473. | |
461 | */ | |
d2acc347 | 462 | static int |
502b0935 | 463 | ip6_tnl_err(struct sk_buff *skb, __u8 ipproto, struct inet6_skb_parm *opt, |
d5fdd6ba | 464 | u8 *type, u8 *code, int *msg, __u32 *info, int offset) |
1da177e4 | 465 | { |
383c1f88 XL |
466 | const struct ipv6hdr *ipv6h = (const struct ipv6hdr *)skb->data; |
467 | struct net *net = dev_net(skb->dev); | |
d5fdd6ba BH |
468 | u8 rel_type = ICMPV6_DEST_UNREACH; |
469 | u8 rel_code = ICMPV6_ADDR_UNREACH; | |
1da177e4 | 470 | __u32 rel_info = 0; |
383c1f88 | 471 | struct ip6_tnl *t; |
d2acc347 | 472 | int err = -ENOENT; |
383c1f88 XL |
473 | int rel_msg = 0; |
474 | u8 tproto; | |
475 | __u16 len; | |
1da177e4 | 476 | |
1ab1457c YH |
477 | /* If the packet doesn't contain the original IPv6 header we are |
478 | in trouble since we might need the source address for further | |
1da177e4 LT |
479 | processing of the error. */ |
480 | ||
2922bc8a | 481 | rcu_read_lock(); |
5fdcce21 | 482 | t = ip6_tnl_lookup(dev_net(skb->dev), skb->dev->ifindex, &ipv6h->daddr, &ipv6h->saddr); |
63159f29 | 483 | if (!t) |
1da177e4 LT |
484 | goto out; |
485 | ||
6aa7de05 | 486 | tproto = READ_ONCE(t->parms.proto); |
acf722f7 | 487 | if (tproto != ipproto && tproto != 0) |
502b0935 YK |
488 | goto out; |
489 | ||
d2acc347 HX |
490 | err = 0; |
491 | ||
e490d1d8 | 492 | switch (*type) { |
1da177e4 | 493 | case ICMPV6_DEST_UNREACH: |
17a10c92 MB |
494 | net_dbg_ratelimited("%s: Path to destination invalid or inactive!\n", |
495 | t->parms.name); | |
1da177e4 LT |
496 | rel_msg = 1; |
497 | break; | |
498 | case ICMPV6_TIME_EXCEED: | |
e490d1d8 | 499 | if ((*code) == ICMPV6_EXC_HOPLIMIT) { |
17a10c92 MB |
500 | net_dbg_ratelimited("%s: Too small hop limit or routing loop in tunnel!\n", |
501 | t->parms.name); | |
1da177e4 LT |
502 | rel_msg = 1; |
503 | } | |
504 | break; | |
46d30cb1 KC |
505 | case ICMPV6_PARAMPROB: { |
506 | struct ipv6_tlv_tnl_enc_lim *tel; | |
507 | __u32 teli; | |
508 | ||
107a5fe6 | 509 | teli = 0; |
e490d1d8 | 510 | if ((*code) == ICMPV6_HDR_FIELD) |
c12b395a | 511 | teli = ip6_tnl_parse_tlv_enc_lim(skb, skb->data); |
1da177e4 | 512 | |
704eae1f | 513 | if (teli && teli == *info - 2) { |
1da177e4 LT |
514 | tel = (struct ipv6_tlv_tnl_enc_lim *) &skb->data[teli]; |
515 | if (tel->encap_limit == 0) { | |
17a10c92 MB |
516 | net_dbg_ratelimited("%s: Too small encapsulation limit or routing loop in tunnel!\n", |
517 | t->parms.name); | |
1da177e4 LT |
518 | rel_msg = 1; |
519 | } | |
e87cc472 | 520 | } else { |
17a10c92 MB |
521 | net_dbg_ratelimited("%s: Recipient unable to parse tunneled packet!\n", |
522 | t->parms.name); | |
1da177e4 LT |
523 | } |
524 | break; | |
46d30cb1 KC |
525 | } |
526 | case ICMPV6_PKT_TOOBIG: { | |
527 | __u32 mtu; | |
528 | ||
b00f5432 XL |
529 | ip6_update_pmtu(skb, net, htonl(*info), 0, 0, |
530 | sock_net_uid(net, NULL)); | |
704eae1f | 531 | mtu = *info - offset; |
1da177e4 LT |
532 | if (mtu < IPV6_MIN_MTU) |
533 | mtu = IPV6_MIN_MTU; | |
e5d08d71 IM |
534 | len = sizeof(*ipv6h) + ntohs(ipv6h->payload_len); |
535 | if (len > mtu) { | |
1da177e4 LT |
536 | rel_type = ICMPV6_PKT_TOOBIG; |
537 | rel_code = 0; | |
538 | rel_info = mtu; | |
539 | rel_msg = 1; | |
540 | } | |
541 | break; | |
46d30cb1 | 542 | } |
383c1f88 XL |
543 | case NDISC_REDIRECT: |
544 | ip6_redirect(skb, net, skb->dev->ifindex, 0, | |
545 | sock_net_uid(net, NULL)); | |
546 | break; | |
1da177e4 | 547 | } |
e490d1d8 YK |
548 | |
549 | *type = rel_type; | |
550 | *code = rel_code; | |
551 | *info = rel_info; | |
552 | *msg = rel_msg; | |
553 | ||
554 | out: | |
2922bc8a | 555 | rcu_read_unlock(); |
e490d1d8 YK |
556 | return err; |
557 | } | |
558 | ||
c4d3efaf YK |
559 | static int |
560 | ip4ip6_err(struct sk_buff *skb, struct inet6_skb_parm *opt, | |
d5fdd6ba | 561 | u8 type, u8 code, int offset, __be32 info) |
c4d3efaf | 562 | { |
704eae1f | 563 | __u32 rel_info = ntohl(info); |
b71d1d42 | 564 | const struct iphdr *eiph; |
77552cfa XL |
565 | struct sk_buff *skb2; |
566 | int err, rel_msg = 0; | |
567 | u8 rel_type = type; | |
568 | u8 rel_code = code; | |
c4d3efaf | 569 | struct rtable *rt; |
31e4543d | 570 | struct flowi4 fl4; |
c4d3efaf | 571 | |
502b0935 YK |
572 | err = ip6_tnl_err(skb, IPPROTO_IPIP, opt, &rel_type, &rel_code, |
573 | &rel_msg, &rel_info, offset); | |
c4d3efaf YK |
574 | if (err < 0) |
575 | return err; | |
576 | ||
577 | if (rel_msg == 0) | |
578 | return 0; | |
579 | ||
580 | switch (rel_type) { | |
581 | case ICMPV6_DEST_UNREACH: | |
582 | if (rel_code != ICMPV6_ADDR_UNREACH) | |
583 | return 0; | |
584 | rel_type = ICMP_DEST_UNREACH; | |
585 | rel_code = ICMP_HOST_UNREACH; | |
586 | break; | |
587 | case ICMPV6_PKT_TOOBIG: | |
588 | if (rel_code != 0) | |
589 | return 0; | |
590 | rel_type = ICMP_DEST_UNREACH; | |
591 | rel_code = ICMP_FRAG_NEEDED; | |
592 | break; | |
593 | default: | |
594 | return 0; | |
595 | } | |
596 | ||
597 | if (!pskb_may_pull(skb, offset + sizeof(struct iphdr))) | |
598 | return 0; | |
599 | ||
600 | skb2 = skb_clone(skb, GFP_ATOMIC); | |
601 | if (!skb2) | |
602 | return 0; | |
603 | ||
adf30907 ED |
604 | skb_dst_drop(skb2); |
605 | ||
c4d3efaf | 606 | skb_pull(skb2, offset); |
c1d2bbe1 | 607 | skb_reset_network_header(skb2); |
eddc9ec5 | 608 | eiph = ip_hdr(skb2); |
c4d3efaf YK |
609 | |
610 | /* Try to guess incoming interface */ | |
77552cfa XL |
611 | rt = ip_route_output_ports(dev_net(skb->dev), &fl4, NULL, eiph->saddr, |
612 | 0, 0, 0, IPPROTO_IPIP, RT_TOS(eiph->tos), 0); | |
b23dd4fe | 613 | if (IS_ERR(rt)) |
c4d3efaf YK |
614 | goto out; |
615 | ||
d8d1f30b | 616 | skb2->dev = rt->dst.dev; |
77552cfa | 617 | ip_rt_put(rt); |
c4d3efaf YK |
618 | |
619 | /* route "incoming" packet */ | |
620 | if (rt->rt_flags & RTCF_LOCAL) { | |
31e4543d | 621 | rt = ip_route_output_ports(dev_net(skb->dev), &fl4, NULL, |
77552cfa XL |
622 | eiph->daddr, eiph->saddr, 0, 0, |
623 | IPPROTO_IPIP, RT_TOS(eiph->tos), 0); | |
b2e54b09 | 624 | if (IS_ERR(rt) || rt->dst.dev->type != ARPHRD_TUNNEL6) { |
b23dd4fe DM |
625 | if (!IS_ERR(rt)) |
626 | ip_rt_put(rt); | |
c4d3efaf YK |
627 | goto out; |
628 | } | |
b23dd4fe | 629 | skb_dst_set(skb2, &rt->dst); |
c4d3efaf | 630 | } else { |
c4d3efaf YK |
631 | if (ip_route_input(skb2, eiph->daddr, eiph->saddr, eiph->tos, |
632 | skb2->dev) || | |
b2e54b09 | 633 | skb_dst(skb2)->dev->type != ARPHRD_TUNNEL6) |
c4d3efaf YK |
634 | goto out; |
635 | } | |
636 | ||
637 | /* change mtu on this route */ | |
638 | if (rel_type == ICMP_DEST_UNREACH && rel_code == ICMP_FRAG_NEEDED) { | |
adf30907 | 639 | if (rel_info > dst_mtu(skb_dst(skb2))) |
c4d3efaf YK |
640 | goto out; |
641 | ||
7a1592bc | 642 | skb_dst_update_pmtu_no_confirm(skb2, rel_info); |
c4d3efaf YK |
643 | } |
644 | ||
704eae1f | 645 | icmp_send(skb2, rel_type, rel_code, htonl(rel_info)); |
c4d3efaf YK |
646 | |
647 | out: | |
648 | kfree_skb(skb2); | |
649 | return 0; | |
650 | } | |
651 | ||
e490d1d8 YK |
652 | static int |
653 | ip6ip6_err(struct sk_buff *skb, struct inet6_skb_parm *opt, | |
d5fdd6ba | 654 | u8 type, u8 code, int offset, __be32 info) |
e490d1d8 | 655 | { |
77552cfa XL |
656 | __u32 rel_info = ntohl(info); |
657 | int err, rel_msg = 0; | |
d5fdd6ba BH |
658 | u8 rel_type = type; |
659 | u8 rel_code = code; | |
e490d1d8 | 660 | |
502b0935 YK |
661 | err = ip6_tnl_err(skb, IPPROTO_IPV6, opt, &rel_type, &rel_code, |
662 | &rel_msg, &rel_info, offset); | |
e490d1d8 YK |
663 | if (err < 0) |
664 | return err; | |
665 | ||
666 | if (rel_msg && pskb_may_pull(skb, offset + sizeof(struct ipv6hdr))) { | |
1da177e4 LT |
667 | struct rt6_info *rt; |
668 | struct sk_buff *skb2 = skb_clone(skb, GFP_ATOMIC); | |
305d4b3c | 669 | |
1da177e4 | 670 | if (!skb2) |
e490d1d8 | 671 | return 0; |
1da177e4 | 672 | |
adf30907 | 673 | skb_dst_drop(skb2); |
1da177e4 | 674 | skb_pull(skb2, offset); |
c1d2bbe1 | 675 | skb_reset_network_header(skb2); |
1da177e4 LT |
676 | |
677 | /* Try to guess incoming interface */ | |
2f7f54b7 | 678 | rt = rt6_lookup(dev_net(skb->dev), &ipv6_hdr(skb2)->saddr, |
b75cc8f9 | 679 | NULL, 0, skb2, 0); |
1da177e4 | 680 | |
d1918542 DM |
681 | if (rt && rt->dst.dev) |
682 | skb2->dev = rt->dst.dev; | |
1da177e4 | 683 | |
3ffe533c | 684 | icmpv6_send(skb2, rel_type, rel_code, rel_info); |
1da177e4 | 685 | |
94e187c0 | 686 | ip6_rt_put(rt); |
1da177e4 LT |
687 | |
688 | kfree_skb(skb2); | |
689 | } | |
e490d1d8 YK |
690 | |
691 | return 0; | |
1da177e4 LT |
692 | } |
693 | ||
f200e98d VF |
694 | static int |
695 | mplsip6_err(struct sk_buff *skb, struct inet6_skb_parm *opt, | |
696 | u8 type, u8 code, int offset, __be32 info) | |
697 | { | |
698 | __u32 rel_info = ntohl(info); | |
699 | int err, rel_msg = 0; | |
700 | u8 rel_type = type; | |
701 | u8 rel_code = code; | |
702 | ||
703 | err = ip6_tnl_err(skb, IPPROTO_MPLS, opt, &rel_type, &rel_code, | |
704 | &rel_msg, &rel_info, offset); | |
705 | return err; | |
706 | } | |
707 | ||
f4e0b4c5 ND |
708 | static int ip4ip6_dscp_ecn_decapsulate(const struct ip6_tnl *t, |
709 | const struct ipv6hdr *ipv6h, | |
710 | struct sk_buff *skb) | |
c4d3efaf YK |
711 | { |
712 | __u8 dsfield = ipv6_get_dsfield(ipv6h) & ~INET_ECN_MASK; | |
713 | ||
714 | if (t->parms.flags & IP6_TNL_F_RCV_DSCP_COPY) | |
eddc9ec5 | 715 | ipv4_change_dsfield(ip_hdr(skb), INET_ECN_MASK, dsfield); |
c4d3efaf | 716 | |
f4e0b4c5 | 717 | return IP6_ECN_decapsulate(ipv6h, skb); |
c4d3efaf YK |
718 | } |
719 | ||
f4e0b4c5 ND |
720 | static int ip6ip6_dscp_ecn_decapsulate(const struct ip6_tnl *t, |
721 | const struct ipv6hdr *ipv6h, | |
722 | struct sk_buff *skb) | |
1da177e4 | 723 | { |
8359925b | 724 | if (t->parms.flags & IP6_TNL_F_RCV_DSCP_COPY) |
29bb43b4 | 725 | ipv6_copy_dscp(ipv6_get_dsfield(ipv6h), ipv6_hdr(skb)); |
1da177e4 | 726 | |
f4e0b4c5 | 727 | return IP6_ECN_decapsulate(ipv6h, skb); |
1da177e4 | 728 | } |
8359925b | 729 | |
f200e98d VF |
730 | static inline int mplsip6_dscp_ecn_decapsulate(const struct ip6_tnl *t, |
731 | const struct ipv6hdr *ipv6h, | |
732 | struct sk_buff *skb) | |
733 | { | |
734 | /* ECN is not supported in AF_MPLS */ | |
735 | return 0; | |
736 | } | |
737 | ||
c12b395a | 738 | __u32 ip6_tnl_get_cap(struct ip6_tnl *t, |
d0087b29 VN |
739 | const struct in6_addr *laddr, |
740 | const struct in6_addr *raddr) | |
741 | { | |
c12b395a | 742 | struct __ip6_tnl_parm *p = &t->parms; |
d0087b29 VN |
743 | int ltype = ipv6_addr_type(laddr); |
744 | int rtype = ipv6_addr_type(raddr); | |
745 | __u32 flags = 0; | |
746 | ||
747 | if (ltype == IPV6_ADDR_ANY || rtype == IPV6_ADDR_ANY) { | |
748 | flags = IP6_TNL_F_CAP_PER_PACKET; | |
749 | } else if (ltype & (IPV6_ADDR_UNICAST|IPV6_ADDR_MULTICAST) && | |
750 | rtype & (IPV6_ADDR_UNICAST|IPV6_ADDR_MULTICAST) && | |
751 | !((ltype|rtype) & IPV6_ADDR_LOOPBACK) && | |
752 | (!((ltype|rtype) & IPV6_ADDR_LINKLOCAL) || p->link)) { | |
753 | if (ltype&IPV6_ADDR_UNICAST) | |
754 | flags |= IP6_TNL_F_CAP_XMIT; | |
755 | if (rtype&IPV6_ADDR_UNICAST) | |
756 | flags |= IP6_TNL_F_CAP_RCV; | |
757 | } | |
758 | return flags; | |
759 | } | |
c12b395a | 760 | EXPORT_SYMBOL(ip6_tnl_get_cap); |
d0087b29 | 761 | |
f1a28eab | 762 | /* called with rcu_read_lock() */ |
c12b395a | 763 | int ip6_tnl_rcv_ctl(struct ip6_tnl *t, |
d0087b29 VN |
764 | const struct in6_addr *laddr, |
765 | const struct in6_addr *raddr) | |
09c6bbf0 | 766 | { |
c12b395a | 767 | struct __ip6_tnl_parm *p = &t->parms; |
09c6bbf0 | 768 | int ret = 0; |
0bd87628 | 769 | struct net *net = t->net; |
09c6bbf0 | 770 | |
d0087b29 VN |
771 | if ((p->flags & IP6_TNL_F_CAP_RCV) || |
772 | ((p->flags & IP6_TNL_F_CAP_PER_PACKET) && | |
773 | (ip6_tnl_get_cap(t, laddr, raddr) & IP6_TNL_F_CAP_RCV))) { | |
1ab1457c | 774 | struct net_device *ldev = NULL; |
09c6bbf0 VN |
775 | |
776 | if (p->link) | |
f1a28eab | 777 | ldev = dev_get_by_index_rcu(net, p->link); |
09c6bbf0 | 778 | |
d0087b29 | 779 | if ((ipv6_addr_is_multicast(laddr) || |
232378e8 DA |
780 | likely(ipv6_chk_addr_and_flags(net, laddr, ldev, false, |
781 | 0, IFA_F_TENTATIVE))) && | |
908d140a | 782 | ((p->flags & IP6_TNL_F_ALLOW_LOCAL_REMOTE) || |
232378e8 DA |
783 | likely(!ipv6_chk_addr_and_flags(net, raddr, ldev, true, |
784 | 0, IFA_F_TENTATIVE)))) | |
09c6bbf0 | 785 | ret = 1; |
09c6bbf0 VN |
786 | } |
787 | return ret; | |
788 | } | |
c12b395a | 789 | EXPORT_SYMBOL_GPL(ip6_tnl_rcv_ctl); |
1da177e4 | 790 | |
0d3c703a TH |
791 | static int __ip6_tnl_rcv(struct ip6_tnl *tunnel, struct sk_buff *skb, |
792 | const struct tnl_ptk_info *tpi, | |
793 | struct metadata_dst *tun_dst, | |
794 | int (*dscp_ecn_decapsulate)(const struct ip6_tnl *t, | |
795 | const struct ipv6hdr *ipv6h, | |
796 | struct sk_buff *skb), | |
797 | bool log_ecn_err) | |
1da177e4 | 798 | { |
8d975c15 ED |
799 | const struct ipv6hdr *ipv6h; |
800 | int nh, err; | |
1da177e4 | 801 | |
0d3c703a TH |
802 | if ((!(tpi->flags & TUNNEL_CSUM) && |
803 | (tunnel->parms.i_flags & TUNNEL_CSUM)) || | |
804 | ((tpi->flags & TUNNEL_CSUM) && | |
805 | !(tunnel->parms.i_flags & TUNNEL_CSUM))) { | |
2fad1ba3 ED |
806 | DEV_STATS_INC(tunnel->dev, rx_crc_errors); |
807 | DEV_STATS_INC(tunnel->dev, rx_errors); | |
0d3c703a TH |
808 | goto drop; |
809 | } | |
8560f226 | 810 | |
0d3c703a TH |
811 | if (tunnel->parms.i_flags & TUNNEL_SEQ) { |
812 | if (!(tpi->flags & TUNNEL_SEQ) || | |
813 | (tunnel->i_seqno && | |
814 | (s32)(ntohl(tpi->seq) - tunnel->i_seqno) < 0)) { | |
2fad1ba3 ED |
815 | DEV_STATS_INC(tunnel->dev, rx_fifo_errors); |
816 | DEV_STATS_INC(tunnel->dev, rx_errors); | |
0d3c703a | 817 | goto drop; |
502b0935 | 818 | } |
0d3c703a TH |
819 | tunnel->i_seqno = ntohl(tpi->seq) + 1; |
820 | } | |
502b0935 | 821 | |
0d3c703a | 822 | skb->protocol = tpi->proto; |
1da177e4 | 823 | |
0d3c703a TH |
824 | /* Warning: All skb pointers will be invalidated! */ |
825 | if (tunnel->dev->type == ARPHRD_ETHER) { | |
826 | if (!pskb_may_pull(skb, ETH_HLEN)) { | |
2fad1ba3 ED |
827 | DEV_STATS_INC(tunnel->dev, rx_length_errors); |
828 | DEV_STATS_INC(tunnel->dev, rx_errors); | |
0d3c703a | 829 | goto drop; |
1da177e4 | 830 | } |
0d3c703a | 831 | |
0d3c703a TH |
832 | skb->protocol = eth_type_trans(skb, tunnel->dev); |
833 | skb_postpull_rcsum(skb, eth_hdr(skb), ETH_HLEN); | |
834 | } else { | |
835 | skb->dev = tunnel->dev; | |
da5a2e49 | 836 | skb_reset_mac_header(skb); |
0d3c703a TH |
837 | } |
838 | ||
8d975c15 ED |
839 | /* Save offset of outer header relative to skb->head, |
840 | * because we are going to reset the network header to the inner header | |
841 | * and might change skb->head. | |
842 | */ | |
843 | nh = skb_network_header(skb) - skb->head; | |
844 | ||
0d3c703a | 845 | skb_reset_network_header(skb); |
8d975c15 ED |
846 | |
847 | if (!pskb_inet_may_pull(skb)) { | |
848 | DEV_STATS_INC(tunnel->dev, rx_length_errors); | |
849 | DEV_STATS_INC(tunnel->dev, rx_errors); | |
850 | goto drop; | |
851 | } | |
852 | ||
853 | /* Get the outer header. */ | |
854 | ipv6h = (struct ipv6hdr *)(skb->head + nh); | |
855 | ||
0d3c703a TH |
856 | memset(skb->cb, 0, sizeof(struct inet6_skb_parm)); |
857 | ||
858 | __skb_tunnel_rx(skb, tunnel->dev, tunnel->net); | |
859 | ||
860 | err = dscp_ecn_decapsulate(tunnel, ipv6h, skb); | |
861 | if (unlikely(err)) { | |
862 | if (log_ecn_err) | |
863 | net_info_ratelimited("non-ECT from %pI6 with DS=%#x\n", | |
864 | &ipv6h->saddr, | |
865 | ipv6_get_dsfield(ipv6h)); | |
866 | if (err > 1) { | |
2fad1ba3 ED |
867 | DEV_STATS_INC(tunnel->dev, rx_frame_errors); |
868 | DEV_STATS_INC(tunnel->dev, rx_errors); | |
0d3c703a | 869 | goto drop; |
f4e0b4c5 | 870 | } |
0d3c703a | 871 | } |
f4e0b4c5 | 872 | |
afd2051b | 873 | dev_sw_netstats_rx_add(tunnel->dev, skb->len); |
8560f226 | 874 | |
0d3c703a | 875 | skb_scrub_packet(skb, !net_eq(tunnel->net, dev_net(tunnel->dev))); |
8990f468 | 876 | |
8d79266b AS |
877 | if (tun_dst) |
878 | skb_dst_set(skb, (struct dst_entry *)tun_dst); | |
879 | ||
0d3c703a TH |
880 | gro_cells_receive(&tunnel->gro_cells, skb); |
881 | return 0; | |
882 | ||
883 | drop: | |
f1925ca5 HY |
884 | if (tun_dst) |
885 | dst_release((struct dst_entry *)tun_dst); | |
0d3c703a TH |
886 | kfree_skb(skb); |
887 | return 0; | |
888 | } | |
889 | ||
890 | int ip6_tnl_rcv(struct ip6_tnl *t, struct sk_buff *skb, | |
891 | const struct tnl_ptk_info *tpi, | |
892 | struct metadata_dst *tun_dst, | |
893 | bool log_ecn_err) | |
894 | { | |
272502fc MT |
895 | int (*dscp_ecn_decapsulate)(const struct ip6_tnl *t, |
896 | const struct ipv6hdr *ipv6h, | |
897 | struct sk_buff *skb); | |
898 | ||
899 | dscp_ecn_decapsulate = ip6ip6_dscp_ecn_decapsulate; | |
900 | if (tpi->proto == htons(ETH_P_IP)) | |
901 | dscp_ecn_decapsulate = ip4ip6_dscp_ecn_decapsulate; | |
902 | ||
903 | return __ip6_tnl_rcv(t, skb, tpi, tun_dst, dscp_ecn_decapsulate, | |
0d3c703a TH |
904 | log_ecn_err); |
905 | } | |
906 | EXPORT_SYMBOL(ip6_tnl_rcv); | |
907 | ||
908 | static const struct tnl_ptk_info tpi_v6 = { | |
909 | /* no tunnel info required for ipxip6. */ | |
910 | .proto = htons(ETH_P_IPV6), | |
911 | }; | |
912 | ||
913 | static const struct tnl_ptk_info tpi_v4 = { | |
914 | /* no tunnel info required for ipxip6. */ | |
915 | .proto = htons(ETH_P_IP), | |
916 | }; | |
917 | ||
f200e98d VF |
918 | static const struct tnl_ptk_info tpi_mpls = { |
919 | /* no tunnel info required for mplsip6. */ | |
920 | .proto = htons(ETH_P_MPLS_UC), | |
921 | }; | |
922 | ||
0d3c703a TH |
923 | static int ipxip6_rcv(struct sk_buff *skb, u8 ipproto, |
924 | const struct tnl_ptk_info *tpi, | |
925 | int (*dscp_ecn_decapsulate)(const struct ip6_tnl *t, | |
926 | const struct ipv6hdr *ipv6h, | |
927 | struct sk_buff *skb)) | |
928 | { | |
929 | struct ip6_tnl *t; | |
930 | const struct ipv6hdr *ipv6h = ipv6_hdr(skb); | |
8d79266b | 931 | struct metadata_dst *tun_dst = NULL; |
0d3c703a TH |
932 | int ret = -1; |
933 | ||
934 | rcu_read_lock(); | |
5fdcce21 | 935 | t = ip6_tnl_lookup(dev_net(skb->dev), skb->dev->ifindex, &ipv6h->saddr, &ipv6h->daddr); |
0d3c703a TH |
936 | |
937 | if (t) { | |
6aa7de05 | 938 | u8 tproto = READ_ONCE(t->parms.proto); |
0d3c703a TH |
939 | |
940 | if (tproto != ipproto && tproto != 0) | |
941 | goto drop; | |
942 | if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) | |
943 | goto drop; | |
cbb49697 | 944 | ipv6h = ipv6_hdr(skb); |
0d3c703a TH |
945 | if (!ip6_tnl_rcv_ctl(t, &ipv6h->daddr, &ipv6h->saddr)) |
946 | goto drop; | |
947 | if (iptunnel_pull_header(skb, 0, tpi->proto, false)) | |
948 | goto drop; | |
8d79266b AS |
949 | if (t->parms.collect_md) { |
950 | tun_dst = ipv6_tun_rx_dst(skb, 0, 0, 0); | |
951 | if (!tun_dst) | |
74c4b656 | 952 | goto drop; |
8d79266b AS |
953 | } |
954 | ret = __ip6_tnl_rcv(t, skb, tpi, tun_dst, dscp_ecn_decapsulate, | |
0d3c703a | 955 | log_ecn_error); |
1da177e4 | 956 | } |
0d3c703a | 957 | |
2922bc8a | 958 | rcu_read_unlock(); |
50fba2aa | 959 | |
0d3c703a TH |
960 | return ret; |
961 | ||
962 | drop: | |
963 | rcu_read_unlock(); | |
50fba2aa HX |
964 | kfree_skb(skb); |
965 | return 0; | |
1da177e4 LT |
966 | } |
967 | ||
c4d3efaf YK |
968 | static int ip4ip6_rcv(struct sk_buff *skb) |
969 | { | |
ca4aa976 | 970 | return ipxip6_rcv(skb, IPPROTO_IPIP, &tpi_v4, |
0d3c703a | 971 | ip4ip6_dscp_ecn_decapsulate); |
c4d3efaf YK |
972 | } |
973 | ||
8359925b YK |
974 | static int ip6ip6_rcv(struct sk_buff *skb) |
975 | { | |
0d3c703a TH |
976 | return ipxip6_rcv(skb, IPPROTO_IPV6, &tpi_v6, |
977 | ip6ip6_dscp_ecn_decapsulate); | |
8359925b YK |
978 | } |
979 | ||
f200e98d VF |
980 | static int mplsip6_rcv(struct sk_buff *skb) |
981 | { | |
982 | return ipxip6_rcv(skb, IPPROTO_MPLS, &tpi_mpls, | |
983 | mplsip6_dscp_ecn_decapsulate); | |
984 | } | |
985 | ||
6fb32dde VN |
986 | struct ipv6_tel_txoption { |
987 | struct ipv6_txoptions ops; | |
988 | __u8 dst_opt[8]; | |
989 | }; | |
1da177e4 | 990 | |
6fb32dde VN |
991 | static void init_tel_txopt(struct ipv6_tel_txoption *opt, __u8 encap_limit) |
992 | { | |
993 | memset(opt, 0, sizeof(struct ipv6_tel_txoption)); | |
1da177e4 | 994 | |
6fb32dde VN |
995 | opt->dst_opt[2] = IPV6_TLV_TNL_ENCAP_LIMIT; |
996 | opt->dst_opt[3] = 1; | |
997 | opt->dst_opt[4] = encap_limit; | |
998 | opt->dst_opt[5] = IPV6_TLV_PADN; | |
999 | opt->dst_opt[6] = 1; | |
1da177e4 | 1000 | |
89a23c8b | 1001 | opt->ops.dst1opt = (struct ipv6_opt_hdr *) opt->dst_opt; |
6fb32dde | 1002 | opt->ops.opt_nflen = 8; |
1da177e4 LT |
1003 | } |
1004 | ||
1005 | /** | |
3144581c | 1006 | * ip6_tnl_addr_conflict - compare packet addresses to tunnel's own |
1da177e4 | 1007 | * @t: the outgoing tunnel device |
1ab1457c | 1008 | * @hdr: IPv6 header from the incoming packet |
1da177e4 LT |
1009 | * |
1010 | * Description: | |
1ab1457c | 1011 | * Avoid trivial tunneling loop by checking that tunnel exit-point |
1da177e4 LT |
1012 | * doesn't match source of incoming packet. |
1013 | * | |
1ab1457c | 1014 | * Return: |
1da177e4 LT |
1015 | * 1 if conflict, |
1016 | * 0 else | |
1017 | **/ | |
1018 | ||
92113bfd | 1019 | static inline bool |
b71d1d42 | 1020 | ip6_tnl_addr_conflict(const struct ip6_tnl *t, const struct ipv6hdr *hdr) |
1da177e4 LT |
1021 | { |
1022 | return ipv6_addr_equal(&t->parms.raddr, &hdr->saddr); | |
1023 | } | |
1024 | ||
d5005140 SK |
1025 | int ip6_tnl_xmit_ctl(struct ip6_tnl *t, |
1026 | const struct in6_addr *laddr, | |
1027 | const struct in6_addr *raddr) | |
09c6bbf0 | 1028 | { |
c12b395a | 1029 | struct __ip6_tnl_parm *p = &t->parms; |
09c6bbf0 | 1030 | int ret = 0; |
0bd87628 | 1031 | struct net *net = t->net; |
09c6bbf0 | 1032 | |
6712abc1 WT |
1033 | if (t->parms.collect_md) |
1034 | return 1; | |
1035 | ||
d5005140 SK |
1036 | if ((p->flags & IP6_TNL_F_CAP_XMIT) || |
1037 | ((p->flags & IP6_TNL_F_CAP_PER_PACKET) && | |
1038 | (ip6_tnl_get_cap(t, laddr, raddr) & IP6_TNL_F_CAP_XMIT))) { | |
09c6bbf0 VN |
1039 | struct net_device *ldev = NULL; |
1040 | ||
f1a28eab | 1041 | rcu_read_lock(); |
09c6bbf0 | 1042 | if (p->link) |
f1a28eab | 1043 | ldev = dev_get_by_index_rcu(net, p->link); |
09c6bbf0 | 1044 | |
232378e8 DA |
1045 | if (unlikely(!ipv6_chk_addr_and_flags(net, laddr, ldev, false, |
1046 | 0, IFA_F_TENTATIVE))) | |
6cee105e IS |
1047 | pr_warn_ratelimited("%s xmit: Local address not yet configured!\n", |
1048 | p->name); | |
908d140a SL |
1049 | else if (!(p->flags & IP6_TNL_F_ALLOW_LOCAL_REMOTE) && |
1050 | !ipv6_addr_is_multicast(raddr) && | |
232378e8 DA |
1051 | unlikely(ipv6_chk_addr_and_flags(net, raddr, ldev, |
1052 | true, 0, IFA_F_TENTATIVE))) | |
6cee105e IS |
1053 | pr_warn_ratelimited("%s xmit: Routing loop! Remote address found on this node!\n", |
1054 | p->name); | |
09c6bbf0 VN |
1055 | else |
1056 | ret = 1; | |
f1a28eab | 1057 | rcu_read_unlock(); |
09c6bbf0 VN |
1058 | } |
1059 | return ret; | |
1060 | } | |
c12b395a | 1061 | EXPORT_SYMBOL_GPL(ip6_tnl_xmit_ctl); |
1062 | ||
1da177e4 | 1063 | /** |
8eb30be0 | 1064 | * ip6_tnl_xmit - encapsulate packet and send |
1da177e4 | 1065 | * @skb: the outgoing socket buffer |
1ab1457c | 1066 | * @dev: the outgoing tunnel device |
61ec2aec | 1067 | * @dsfield: dscp code for outer header |
8eb30be0 | 1068 | * @fl6: flow of tunneled packet |
61ec2aec YK |
1069 | * @encap_limit: encapsulation limit |
1070 | * @pmtu: Path MTU is stored if packet is too big | |
8eb30be0 | 1071 | * @proto: next header value |
1da177e4 LT |
1072 | * |
1073 | * Description: | |
1074 | * Build new header and do some sanity checks on the packet before sending | |
1075 | * it. | |
1076 | * | |
1ab1457c | 1077 | * Return: |
c4d3efaf | 1078 | * 0 on success |
61ec2aec YK |
1079 | * -1 fail |
1080 | * %-EMSGSIZE message too big. return mtu in this case. | |
1da177e4 LT |
1081 | **/ |
1082 | ||
8eb30be0 TH |
1083 | int ip6_tnl_xmit(struct sk_buff *skb, struct net_device *dev, __u8 dsfield, |
1084 | struct flowi6 *fl6, int encap_limit, __u32 *pmtu, | |
1085 | __u8 proto) | |
1da177e4 | 1086 | { |
2941a486 | 1087 | struct ip6_tnl *t = netdev_priv(dev); |
0bd87628 | 1088 | struct net *net = t->net; |
199ab00f | 1089 | struct ipv6hdr *ipv6h; |
6fb32dde | 1090 | struct ipv6_tel_txoption opt; |
d24f22f3 | 1091 | struct dst_entry *dst = NULL, *ndst = NULL; |
1da177e4 LT |
1092 | struct net_device *tdev; |
1093 | int mtu; | |
d41bb33b | 1094 | unsigned int eth_hlen = t->dev->type == ARPHRD_ETHER ? ETH_HLEN : 0; |
058214a4 TH |
1095 | unsigned int psh_hlen = sizeof(struct ipv6hdr) + t->encap_hlen; |
1096 | unsigned int max_headroom = psh_hlen; | |
b09ab9c9 | 1097 | __be16 payload_protocol; |
b5c2d495 | 1098 | bool use_cache = false; |
8d79266b | 1099 | u8 hop_limit; |
61ec2aec | 1100 | int err = -1; |
1da177e4 | 1101 | |
b09ab9c9 MM |
1102 | payload_protocol = skb_protocol(skb, true); |
1103 | ||
8d79266b AS |
1104 | if (t->parms.collect_md) { |
1105 | hop_limit = skb_tunnel_info(skb)->key.ttl; | |
1106 | goto route_lookup; | |
1107 | } else { | |
1108 | hop_limit = t->parms.hop_limit; | |
1109 | } | |
1110 | ||
ea3dc960 SK |
1111 | /* NBMA tunnel */ |
1112 | if (ipv6_addr_any(&t->parms.raddr)) { | |
b09ab9c9 | 1113 | if (payload_protocol == htons(ETH_P_IPV6)) { |
199ab00f WC |
1114 | struct in6_addr *addr6; |
1115 | struct neighbour *neigh; | |
1116 | int addr_type; | |
ea3dc960 | 1117 | |
199ab00f WC |
1118 | if (!skb_dst(skb)) |
1119 | goto tx_err_link_failure; | |
ea3dc960 | 1120 | |
199ab00f WC |
1121 | neigh = dst_neigh_lookup(skb_dst(skb), |
1122 | &ipv6_hdr(skb)->daddr); | |
1123 | if (!neigh) | |
1124 | goto tx_err_link_failure; | |
ea3dc960 | 1125 | |
199ab00f WC |
1126 | addr6 = (struct in6_addr *)&neigh->primary_key; |
1127 | addr_type = ipv6_addr_type(addr6); | |
ea3dc960 | 1128 | |
199ab00f WC |
1129 | if (addr_type == IPV6_ADDR_ANY) |
1130 | addr6 = &ipv6_hdr(skb)->daddr; | |
ea3dc960 | 1131 | |
199ab00f WC |
1132 | memcpy(&fl6->daddr, addr6, sizeof(fl6->daddr)); |
1133 | neigh_release(neigh); | |
b09ab9c9 | 1134 | } else if (payload_protocol == htons(ETH_P_IP)) { |
3a5f238f ED |
1135 | const struct rtable *rt = skb_rtable(skb); |
1136 | ||
1137 | if (!rt) | |
1138 | goto tx_err_link_failure; | |
c1f55c5e QD |
1139 | |
1140 | if (rt->rt_gw_family == AF_INET6) | |
1141 | memcpy(&fl6->daddr, &rt->rt_gw6, sizeof(fl6->daddr)); | |
199ab00f | 1142 | } |
23263ec8 EC |
1143 | } else if (t->parms.proto != 0 && !(t->parms.flags & |
1144 | (IP6_TNL_F_USE_ORIG_TCLASS | | |
1145 | IP6_TNL_F_USE_ORIG_FWMARK))) { | |
1146 | /* enable the cache only if neither the outer protocol nor the | |
1147 | * routing decision depends on the current inner header value | |
b5c2d495 PA |
1148 | */ |
1149 | use_cache = true; | |
1150 | } | |
1151 | ||
1152 | if (use_cache) | |
607f725f | 1153 | dst = dst_cache_get(&t->dst_cache); |
d5005140 SK |
1154 | |
1155 | if (!ip6_tnl_xmit_ctl(t, &fl6->saddr, &fl6->daddr)) | |
1156 | goto tx_err_link_failure; | |
1157 | ||
89b02126 | 1158 | if (!dst) { |
8d79266b | 1159 | route_lookup: |
5f733ee6 LM |
1160 | /* add dsfield to flowlabel for route lookup */ |
1161 | fl6->flowlabel = ip6_make_flowinfo(dsfield, fl6->flowlabel); | |
1162 | ||
cdf3464e | 1163 | dst = ip6_route_output(net, NULL, fl6); |
1da177e4 | 1164 | |
cdf3464e | 1165 | if (dst->error) |
a57ebc90 | 1166 | goto tx_err_link_failure; |
cdf3464e MKL |
1167 | dst = xfrm_lookup(net, dst, flowi6_to_flowi(fl6), NULL, 0); |
1168 | if (IS_ERR(dst)) { | |
1169 | err = PTR_ERR(dst); | |
1170 | dst = NULL; | |
452edd59 DM |
1171 | goto tx_err_link_failure; |
1172 | } | |
3789caba | 1173 | if (t->parms.collect_md && ipv6_addr_any(&fl6->saddr) && |
8d79266b AS |
1174 | ipv6_dev_get_saddr(net, ip6_dst_idev(dst)->dev, |
1175 | &fl6->daddr, 0, &fl6->saddr)) | |
1176 | goto tx_err_link_failure; | |
cdf3464e | 1177 | ndst = dst; |
a57ebc90 | 1178 | } |
1da177e4 LT |
1179 | |
1180 | tdev = dst->dev; | |
1181 | ||
1182 | if (tdev == dev) { | |
2fad1ba3 | 1183 | DEV_STATS_INC(dev, collisions); |
e87cc472 JP |
1184 | net_warn_ratelimited("%s: Local routing loop detected!\n", |
1185 | t->parms.name); | |
1da177e4 LT |
1186 | goto tx_err_dst_release; |
1187 | } | |
d41bb33b | 1188 | mtu = dst_mtu(dst) - eth_hlen - psh_hlen - t->tun_hlen; |
6fb32dde | 1189 | if (encap_limit >= 0) { |
1da177e4 LT |
1190 | max_headroom += 8; |
1191 | mtu -= 8; | |
1192 | } | |
82a40777 XL |
1193 | mtu = max(mtu, skb->protocol == htons(ETH_P_IPV6) ? |
1194 | IPV6_MIN_MTU : IPV4_MIN_MTU); | |
c9fefa08 | 1195 | |
7a1592bc | 1196 | skb_dst_update_pmtu_no_confirm(skb, mtu); |
d41bb33b | 1197 | if (skb->len - t->tun_hlen - eth_hlen > mtu && !skb_is_gso(skb)) { |
61ec2aec YK |
1198 | *pmtu = mtu; |
1199 | err = -EMSGSIZE; | |
1da177e4 LT |
1200 | goto tx_err_dst_release; |
1201 | } | |
1202 | ||
8eb30be0 TH |
1203 | if (t->err_count > 0) { |
1204 | if (time_before(jiffies, | |
1205 | t->err_time + IP6TUNNEL_ERR_TIMEO)) { | |
1206 | t->err_count--; | |
1207 | ||
1208 | dst_link_failure(skb); | |
1209 | } else { | |
1210 | t->err_count = 0; | |
1211 | } | |
1212 | } | |
1213 | ||
963a88b3 | 1214 | skb_scrub_packet(skb, !net_eq(t->net, dev_net(dev))); |
0bd87628 | 1215 | |
1da177e4 LT |
1216 | /* |
1217 | * Okay, now see if we can stuff it in the buffer as-is. | |
1218 | */ | |
1219 | max_headroom += LL_RESERVED_SPACE(tdev); | |
1ab1457c | 1220 | |
cfbba49d PM |
1221 | if (skb_headroom(skb) < max_headroom || skb_shared(skb) || |
1222 | (skb_cloned(skb) && !skb_clone_writable(skb, 0))) { | |
1da177e4 | 1223 | struct sk_buff *new_skb; |
1ab1457c | 1224 | |
e5d08d71 IM |
1225 | new_skb = skb_realloc_headroom(skb, max_headroom); |
1226 | if (!new_skb) | |
1da177e4 LT |
1227 | goto tx_err_dst_release; |
1228 | ||
1229 | if (skb->sk) | |
1230 | skb_set_owner_w(new_skb, skb->sk); | |
9ff26449 | 1231 | consume_skb(skb); |
1da177e4 LT |
1232 | skb = new_skb; |
1233 | } | |
cdf3464e | 1234 | |
8d79266b AS |
1235 | if (t->parms.collect_md) { |
1236 | if (t->encap.type != TUNNEL_ENCAP_NONE) | |
1237 | goto tx_err_dst_release; | |
1238 | } else { | |
b5c2d495 | 1239 | if (use_cache && ndst) |
8d79266b AS |
1240 | dst_cache_set_ip6(&t->dst_cache, ndst, &fl6->saddr); |
1241 | } | |
cdf3464e MKL |
1242 | skb_dst_set(skb, dst); |
1243 | ||
36feaac3 | 1244 | if (hop_limit == 0) { |
b09ab9c9 | 1245 | if (payload_protocol == htons(ETH_P_IP)) |
36feaac3 | 1246 | hop_limit = ip_hdr(skb)->ttl; |
b09ab9c9 | 1247 | else if (payload_protocol == htons(ETH_P_IPV6)) |
36feaac3 HL |
1248 | hop_limit = ipv6_hdr(skb)->hop_limit; |
1249 | else | |
1250 | hop_limit = ip6_dst_hoplimit(dst); | |
1251 | } | |
3d483058 | 1252 | |
058214a4 TH |
1253 | /* Calculate max headroom for all the headers and adjust |
1254 | * needed_headroom if necessary. | |
1255 | */ | |
8eb30be0 | 1256 | max_headroom = LL_RESERVED_SPACE(dst->dev) + sizeof(struct ipv6hdr) |
058214a4 | 1257 | + dst->header_len + t->hlen; |
4b397c06 ED |
1258 | if (max_headroom > READ_ONCE(dev->needed_headroom)) |
1259 | WRITE_ONCE(dev->needed_headroom, max_headroom); | |
8eb30be0 | 1260 | |
058214a4 TH |
1261 | err = ip6_tnl_encap(skb, t, &proto, fl6); |
1262 | if (err) | |
1263 | return err; | |
1264 | ||
d4d576f5 SB |
1265 | if (encap_limit >= 0) { |
1266 | init_tel_txopt(&opt, encap_limit); | |
1267 | ipv6_push_frag_opts(skb, &opt.ops, &proto); | |
1268 | } | |
1269 | ||
e2d1bca7 ACM |
1270 | skb_push(skb, sizeof(struct ipv6hdr)); |
1271 | skb_reset_network_header(skb); | |
0660e03f | 1272 | ipv6h = ipv6_hdr(skb); |
0e9a7095 | 1273 | ip6_flow_hdr(ipv6h, dsfield, |
42240901 | 1274 | ip6_make_flowlabel(net, skb, fl6->flowlabel, true, fl6)); |
8d79266b | 1275 | ipv6h->hop_limit = hop_limit; |
1da177e4 | 1276 | ipv6h->nexthdr = proto; |
4e3fd7a0 AD |
1277 | ipv6h->saddr = fl6->saddr; |
1278 | ipv6h->daddr = fl6->daddr; | |
79b16aad | 1279 | ip6tunnel_xmit(NULL, skb, dev); |
1da177e4 LT |
1280 | return 0; |
1281 | tx_err_link_failure: | |
2fad1ba3 | 1282 | DEV_STATS_INC(dev, tx_carrier_errors); |
1da177e4 LT |
1283 | dst_link_failure(skb); |
1284 | tx_err_dst_release: | |
cdf3464e | 1285 | dst_release(dst); |
61ec2aec YK |
1286 | return err; |
1287 | } | |
8eb30be0 | 1288 | EXPORT_SYMBOL(ip6_tnl_xmit); |
61ec2aec | 1289 | |
c4d3efaf | 1290 | static inline int |
e7bb18e6 VF |
1291 | ipxip6_tnl_xmit(struct sk_buff *skb, struct net_device *dev, |
1292 | u8 protocol) | |
c4d3efaf YK |
1293 | { |
1294 | struct ip6_tnl *t = netdev_priv(dev); | |
e7bb18e6 | 1295 | struct ipv6hdr *ipv6h; |
76c0ddd8 | 1296 | const struct iphdr *iph; |
c4d3efaf | 1297 | int encap_limit = -1; |
e7bb18e6 | 1298 | __u16 offset; |
4c9483b2 | 1299 | struct flowi6 fl6; |
e7bb18e6 | 1300 | __u8 dsfield, orig_dsfield; |
c4d3efaf | 1301 | __u32 mtu; |
acf722f7 | 1302 | u8 tproto; |
c4d3efaf YK |
1303 | int err; |
1304 | ||
6aa7de05 | 1305 | tproto = READ_ONCE(t->parms.proto); |
e7bb18e6 | 1306 | if (tproto != protocol && tproto != 0) |
c4d3efaf YK |
1307 | return -1; |
1308 | ||
8d79266b AS |
1309 | if (t->parms.collect_md) { |
1310 | struct ip_tunnel_info *tun_info; | |
1311 | const struct ip_tunnel_key *key; | |
c4d3efaf | 1312 | |
8d79266b AS |
1313 | tun_info = skb_tunnel_info(skb); |
1314 | if (unlikely(!tun_info || !(tun_info->mode & IP_TUNNEL_INFO_TX) || | |
1315 | ip_tunnel_info_af(tun_info) != AF_INET6)) | |
1316 | return -1; | |
1317 | key = &tun_info->key; | |
1318 | memset(&fl6, 0, sizeof(fl6)); | |
e7bb18e6 | 1319 | fl6.flowi6_proto = protocol; |
3789caba | 1320 | fl6.saddr = key->u.ipv6.src; |
8d79266b AS |
1321 | fl6.daddr = key->u.ipv6.dst; |
1322 | fl6.flowlabel = key->label; | |
46f8cd9d | 1323 | dsfield = key->tos; |
e7bb18e6 VF |
1324 | switch (protocol) { |
1325 | case IPPROTO_IPIP: | |
1326 | iph = ip_hdr(skb); | |
1327 | orig_dsfield = ipv4_get_dsfield(iph); | |
1328 | break; | |
1329 | case IPPROTO_IPV6: | |
1330 | ipv6h = ipv6_hdr(skb); | |
1331 | orig_dsfield = ipv6_get_dsfield(ipv6h); | |
1332 | break; | |
1333 | default: | |
1334 | orig_dsfield = dsfield; | |
1335 | break; | |
1336 | } | |
8d79266b AS |
1337 | } else { |
1338 | if (!(t->parms.flags & IP6_TNL_F_IGN_ENCAP_LIMIT)) | |
1339 | encap_limit = t->parms.encap_limit; | |
e7bb18e6 VF |
1340 | if (protocol == IPPROTO_IPV6) { |
1341 | offset = ip6_tnl_parse_tlv_enc_lim(skb, | |
1342 | skb_network_header(skb)); | |
1343 | /* ip6_tnl_parse_tlv_enc_lim() might have | |
1344 | * reallocated skb->head | |
1345 | */ | |
1346 | if (offset > 0) { | |
1347 | struct ipv6_tlv_tnl_enc_lim *tel; | |
c4d3efaf | 1348 | |
e7bb18e6 VF |
1349 | tel = (void *)&skb_network_header(skb)[offset]; |
1350 | if (tel->encap_limit == 0) { | |
4372339e JD |
1351 | icmpv6_ndo_send(skb, ICMPV6_PARAMPROB, |
1352 | ICMPV6_HDR_FIELD, offset + 2); | |
e7bb18e6 VF |
1353 | return -1; |
1354 | } | |
1355 | encap_limit = tel->encap_limit - 1; | |
8d79266b | 1356 | } |
61ec2aec | 1357 | } |
61ec2aec | 1358 | |
8d79266b | 1359 | memcpy(&fl6, &t->fl.u.ip6, sizeof(fl6)); |
e7bb18e6 | 1360 | fl6.flowi6_proto = protocol; |
61ec2aec | 1361 | |
8d79266b AS |
1362 | if (t->parms.flags & IP6_TNL_F_USE_ORIG_FWMARK) |
1363 | fl6.flowi6_mark = skb->mark; | |
0a473b82 CG |
1364 | else |
1365 | fl6.flowi6_mark = t->parms.fwmark; | |
e7bb18e6 VF |
1366 | switch (protocol) { |
1367 | case IPPROTO_IPIP: | |
1368 | iph = ip_hdr(skb); | |
1369 | orig_dsfield = ipv4_get_dsfield(iph); | |
1370 | if (t->parms.flags & IP6_TNL_F_USE_ORIG_TCLASS) | |
1371 | dsfield = orig_dsfield; | |
1372 | else | |
1373 | dsfield = ip6_tclass(t->parms.flowinfo); | |
1374 | break; | |
1375 | case IPPROTO_IPV6: | |
1376 | ipv6h = ipv6_hdr(skb); | |
1377 | orig_dsfield = ipv6_get_dsfield(ipv6h); | |
1378 | if (t->parms.flags & IP6_TNL_F_USE_ORIG_TCLASS) | |
1379 | dsfield = orig_dsfield; | |
1380 | else | |
1381 | dsfield = ip6_tclass(t->parms.flowinfo); | |
1382 | if (t->parms.flags & IP6_TNL_F_USE_ORIG_FLOWLABEL) | |
1383 | fl6.flowlabel |= ip6_flowlabel(ipv6h); | |
1384 | break; | |
1385 | default: | |
6c11fbf9 | 1386 | orig_dsfield = dsfield = ip6_tclass(t->parms.flowinfo); |
e7bb18e6 VF |
1387 | break; |
1388 | } | |
8d79266b | 1389 | } |
61ec2aec | 1390 | |
e2d118a1 | 1391 | fl6.flowi6_uid = sock_net_uid(dev_net(dev), NULL); |
e7bb18e6 | 1392 | dsfield = INET_ECN_encapsulate(dsfield, orig_dsfield); |
e2d118a1 | 1393 | |
815d22e5 TH |
1394 | if (iptunnel_handle_offloads(skb, SKB_GSO_IPXIP6)) |
1395 | return -1; | |
1396 | ||
a6e3f298 JK |
1397 | skb_set_inner_ipproto(skb, protocol); |
1398 | ||
8eb30be0 | 1399 | err = ip6_tnl_xmit(skb, dev, dsfield, &fl6, encap_limit, &mtu, |
e7bb18e6 | 1400 | protocol); |
61ec2aec | 1401 | if (err != 0) { |
e7bb18e6 | 1402 | /* XXX: send ICMP error even if DF is not set. */ |
61ec2aec | 1403 | if (err == -EMSGSIZE) |
e7bb18e6 VF |
1404 | switch (protocol) { |
1405 | case IPPROTO_IPIP: | |
4372339e JD |
1406 | icmp_ndo_send(skb, ICMP_DEST_UNREACH, |
1407 | ICMP_FRAG_NEEDED, htonl(mtu)); | |
e7bb18e6 VF |
1408 | break; |
1409 | case IPPROTO_IPV6: | |
4372339e | 1410 | icmpv6_ndo_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu); |
e7bb18e6 VF |
1411 | break; |
1412 | default: | |
1413 | break; | |
1414 | } | |
61ec2aec YK |
1415 | return -1; |
1416 | } | |
1417 | ||
1418 | return 0; | |
1419 | } | |
1420 | ||
6fef4c0c | 1421 | static netdev_tx_t |
8eb30be0 | 1422 | ip6_tnl_start_xmit(struct sk_buff *skb, struct net_device *dev) |
61ec2aec YK |
1423 | { |
1424 | struct ip6_tnl *t = netdev_priv(dev); | |
e7bb18e6 | 1425 | u8 ipproto; |
61ec2aec YK |
1426 | int ret; |
1427 | ||
cb9f1b78 WB |
1428 | if (!pskb_inet_may_pull(skb)) |
1429 | goto tx_err; | |
1430 | ||
61ec2aec | 1431 | switch (skb->protocol) { |
60678040 | 1432 | case htons(ETH_P_IP): |
e7bb18e6 | 1433 | ipproto = IPPROTO_IPIP; |
c4d3efaf | 1434 | break; |
60678040 | 1435 | case htons(ETH_P_IPV6): |
e7bb18e6 VF |
1436 | if (ip6_tnl_addr_conflict(t, ipv6_hdr(skb))) |
1437 | goto tx_err; | |
1438 | ipproto = IPPROTO_IPV6; | |
61ec2aec | 1439 | break; |
6c11fbf9 VF |
1440 | case htons(ETH_P_MPLS_UC): |
1441 | ipproto = IPPROTO_MPLS; | |
1442 | break; | |
61ec2aec YK |
1443 | default: |
1444 | goto tx_err; | |
1445 | } | |
1446 | ||
e7bb18e6 | 1447 | ret = ipxip6_tnl_xmit(skb, dev, ipproto); |
61ec2aec YK |
1448 | if (ret < 0) |
1449 | goto tx_err; | |
1450 | ||
6ed10654 | 1451 | return NETDEV_TX_OK; |
61ec2aec | 1452 | |
1da177e4 | 1453 | tx_err: |
2fad1ba3 ED |
1454 | DEV_STATS_INC(dev, tx_errors); |
1455 | DEV_STATS_INC(dev, tx_dropped); | |
1da177e4 | 1456 | kfree_skb(skb); |
6ed10654 | 1457 | return NETDEV_TX_OK; |
1da177e4 LT |
1458 | } |
1459 | ||
3144581c | 1460 | static void ip6_tnl_link_config(struct ip6_tnl *t) |
1da177e4 LT |
1461 | { |
1462 | struct net_device *dev = t->dev; | |
5fdcce21 | 1463 | struct net_device *tdev = NULL; |
c12b395a | 1464 | struct __ip6_tnl_parm *p = &t->parms; |
4c9483b2 | 1465 | struct flowi6 *fl6 = &t->fl.u.ip6; |
058214a4 | 1466 | int t_hlen; |
d89d7ff0 | 1467 | int mtu; |
1da177e4 | 1468 | |
5a1b7e1a | 1469 | __dev_addr_set(dev, &p->laddr, sizeof(struct in6_addr)); |
3a6d54c5 | 1470 | memcpy(dev->broadcast, &p->raddr, sizeof(struct in6_addr)); |
1da177e4 LT |
1471 | |
1472 | /* Set up flowi template */ | |
4e3fd7a0 AD |
1473 | fl6->saddr = p->laddr; |
1474 | fl6->daddr = p->raddr; | |
4c9483b2 DM |
1475 | fl6->flowi6_oif = p->link; |
1476 | fl6->flowlabel = 0; | |
1da177e4 LT |
1477 | |
1478 | if (!(p->flags&IP6_TNL_F_USE_ORIG_TCLASS)) | |
4c9483b2 | 1479 | fl6->flowlabel |= IPV6_TCLASS_MASK & p->flowinfo; |
1da177e4 | 1480 | if (!(p->flags&IP6_TNL_F_USE_ORIG_FLOWLABEL)) |
4c9483b2 | 1481 | fl6->flowlabel |= IPV6_FLOWLABEL_MASK & p->flowinfo; |
1da177e4 | 1482 | |
d0087b29 VN |
1483 | p->flags &= ~(IP6_TNL_F_CAP_XMIT|IP6_TNL_F_CAP_RCV|IP6_TNL_F_CAP_PER_PACKET); |
1484 | p->flags |= ip6_tnl_get_cap(t, &p->laddr, &p->raddr); | |
1da177e4 LT |
1485 | |
1486 | if (p->flags&IP6_TNL_F_CAP_XMIT && p->flags&IP6_TNL_F_CAP_RCV) | |
1487 | dev->flags |= IFF_POINTOPOINT; | |
1488 | else | |
1489 | dev->flags &= ~IFF_POINTOPOINT; | |
1490 | ||
058214a4 TH |
1491 | t->tun_hlen = 0; |
1492 | t->hlen = t->encap_hlen + t->tun_hlen; | |
1493 | t_hlen = t->hlen + sizeof(struct ipv6hdr); | |
1494 | ||
1da177e4 | 1495 | if (p->flags & IP6_TNL_F_CAP_XMIT) { |
305d4b3c VN |
1496 | int strict = (ipv6_addr_type(&p->raddr) & |
1497 | (IPV6_ADDR_MULTICAST|IPV6_ADDR_LINKLOCAL)); | |
1498 | ||
0bd87628 | 1499 | struct rt6_info *rt = rt6_lookup(t->net, |
2f7f54b7 | 1500 | &p->raddr, &p->laddr, |
b75cc8f9 | 1501 | p->link, NULL, strict); |
5fdcce21 WD |
1502 | if (rt) { |
1503 | tdev = rt->dst.dev; | |
1504 | ip6_rt_put(rt); | |
1505 | } | |
1da177e4 | 1506 | |
5fdcce21 WD |
1507 | if (!tdev && p->link) |
1508 | tdev = __dev_get_by_index(t->net, p->link); | |
1da177e4 | 1509 | |
5fdcce21 WD |
1510 | if (tdev) { |
1511 | dev->hard_header_len = tdev->hard_header_len + t_hlen; | |
1512 | mtu = min_t(unsigned int, tdev->mtu, IP6_MAX_MTU); | |
1da177e4 | 1513 | |
d89d7ff0 | 1514 | mtu = mtu - t_hlen; |
381601e5 | 1515 | if (!(t->parms.flags & IP6_TNL_F_IGN_ENCAP_LIMIT)) |
d89d7ff0 | 1516 | mtu -= 8; |
1da177e4 | 1517 | |
d89d7ff0 ED |
1518 | if (mtu < IPV6_MIN_MTU) |
1519 | mtu = IPV6_MIN_MTU; | |
1520 | WRITE_ONCE(dev->mtu, mtu); | |
1da177e4 | 1521 | } |
1da177e4 LT |
1522 | } |
1523 | } | |
1524 | ||
1525 | /** | |
3144581c | 1526 | * ip6_tnl_change - update the tunnel parameters |
1da177e4 LT |
1527 | * @t: tunnel to be changed |
1528 | * @p: tunnel configuration parameters | |
1da177e4 LT |
1529 | * |
1530 | * Description: | |
3144581c | 1531 | * ip6_tnl_change() updates the tunnel parameters |
1da177e4 LT |
1532 | **/ |
1533 | ||
77788567 | 1534 | static void |
c12b395a | 1535 | ip6_tnl_change(struct ip6_tnl *t, const struct __ip6_tnl_parm *p) |
1da177e4 | 1536 | { |
4e3fd7a0 AD |
1537 | t->parms.laddr = p->laddr; |
1538 | t->parms.raddr = p->raddr; | |
1da177e4 LT |
1539 | t->parms.flags = p->flags; |
1540 | t->parms.hop_limit = p->hop_limit; | |
1541 | t->parms.encap_limit = p->encap_limit; | |
1542 | t->parms.flowinfo = p->flowinfo; | |
8181b8c1 | 1543 | t->parms.link = p->link; |
502b0935 | 1544 | t->parms.proto = p->proto; |
0a473b82 | 1545 | t->parms.fwmark = p->fwmark; |
607f725f | 1546 | dst_cache_reset(&t->dst_cache); |
3144581c | 1547 | ip6_tnl_link_config(t); |
1da177e4 LT |
1548 | } |
1549 | ||
77788567 | 1550 | static void ip6_tnl_update(struct ip6_tnl *t, struct __ip6_tnl_parm *p) |
0b112457 | 1551 | { |
0bd87628 | 1552 | struct net *net = t->net; |
0b112457 | 1553 | struct ip6_tnl_net *ip6n = net_generic(net, ip6_tnl_net_id); |
0b112457 ND |
1554 | |
1555 | ip6_tnl_unlink(ip6n, t); | |
1556 | synchronize_net(); | |
77788567 | 1557 | ip6_tnl_change(t, p); |
0b112457 ND |
1558 | ip6_tnl_link(ip6n, t); |
1559 | netdev_state_change(t->dev); | |
0b112457 ND |
1560 | } |
1561 | ||
77788567 | 1562 | static void ip6_tnl0_update(struct ip6_tnl *t, struct __ip6_tnl_parm *p) |
acf722f7 AA |
1563 | { |
1564 | /* for default tnl0 device allow to change only the proto */ | |
1565 | t->parms.proto = p->proto; | |
1566 | netdev_state_change(t->dev); | |
acf722f7 AA |
1567 | } |
1568 | ||
c12b395a | 1569 | static void |
1570 | ip6_tnl_parm_from_user(struct __ip6_tnl_parm *p, const struct ip6_tnl_parm *u) | |
1571 | { | |
1572 | p->laddr = u->laddr; | |
1573 | p->raddr = u->raddr; | |
1574 | p->flags = u->flags; | |
1575 | p->hop_limit = u->hop_limit; | |
1576 | p->encap_limit = u->encap_limit; | |
1577 | p->flowinfo = u->flowinfo; | |
1578 | p->link = u->link; | |
1579 | p->proto = u->proto; | |
1580 | memcpy(p->name, u->name, sizeof(u->name)); | |
1581 | } | |
1582 | ||
1583 | static void | |
1584 | ip6_tnl_parm_to_user(struct ip6_tnl_parm *u, const struct __ip6_tnl_parm *p) | |
1585 | { | |
1586 | u->laddr = p->laddr; | |
1587 | u->raddr = p->raddr; | |
1588 | u->flags = p->flags; | |
1589 | u->hop_limit = p->hop_limit; | |
1590 | u->encap_limit = p->encap_limit; | |
1591 | u->flowinfo = p->flowinfo; | |
1592 | u->link = p->link; | |
1593 | u->proto = p->proto; | |
1594 | memcpy(u->name, p->name, sizeof(u->name)); | |
1595 | } | |
1596 | ||
1da177e4 | 1597 | /** |
3e7a1c7c | 1598 | * ip6_tnl_siocdevprivate - configure ipv6 tunnels from userspace |
1da177e4 | 1599 | * @dev: virtual device associated with tunnel |
3e7a1c7c AB |
1600 | * @ifr: unused |
1601 | * @data: parameters passed from userspace | |
1da177e4 LT |
1602 | * @cmd: command to be performed |
1603 | * | |
1604 | * Description: | |
3144581c | 1605 | * ip6_tnl_ioctl() is used for managing IPv6 tunnels |
1ab1457c | 1606 | * from userspace. |
1da177e4 LT |
1607 | * |
1608 | * The possible commands are the following: | |
1609 | * %SIOCGETTUNNEL: get tunnel parameters for device | |
1610 | * %SIOCADDTUNNEL: add tunnel matching given tunnel parameters | |
1611 | * %SIOCCHGTUNNEL: change tunnel parameters to those given | |
1612 | * %SIOCDELTUNNEL: delete tunnel | |
1613 | * | |
1ab1457c | 1614 | * The fallback device "ip6tnl0", created during module |
1da177e4 LT |
1615 | * initialization, can be used for creating other tunnel devices. |
1616 | * | |
1617 | * Return: | |
1618 | * 0 on success, | |
1619 | * %-EFAULT if unable to copy data to or from userspace, | |
1620 | * %-EPERM if current process hasn't %CAP_NET_ADMIN set | |
1621 | * %-EINVAL if passed tunnel parameters are invalid, | |
1622 | * %-EEXIST if changing a tunnel's parameters would cause a conflict | |
1623 | * %-ENODEV if attempting to change or delete a nonexisting device | |
1624 | **/ | |
1625 | ||
1626 | static int | |
3e7a1c7c AB |
1627 | ip6_tnl_siocdevprivate(struct net_device *dev, struct ifreq *ifr, |
1628 | void __user *data, int cmd) | |
1da177e4 LT |
1629 | { |
1630 | int err = 0; | |
1da177e4 | 1631 | struct ip6_tnl_parm p; |
c12b395a | 1632 | struct __ip6_tnl_parm p1; |
74462f0d ND |
1633 | struct ip6_tnl *t = netdev_priv(dev); |
1634 | struct net *net = t->net; | |
2dd02c89 | 1635 | struct ip6_tnl_net *ip6n = net_generic(net, ip6_tnl_net_id); |
1da177e4 | 1636 | |
0d3c703a TH |
1637 | memset(&p1, 0, sizeof(p1)); |
1638 | ||
1da177e4 LT |
1639 | switch (cmd) { |
1640 | case SIOCGETTUNNEL: | |
15820e12 | 1641 | if (dev == ip6n->fb_tnl_dev) { |
3e7a1c7c | 1642 | if (copy_from_user(&p, data, sizeof(p))) { |
1da177e4 LT |
1643 | err = -EFAULT; |
1644 | break; | |
1645 | } | |
c12b395a | 1646 | ip6_tnl_parm_from_user(&p1, &p); |
1647 | t = ip6_tnl_locate(net, &p1, 0); | |
37355565 | 1648 | if (IS_ERR(t)) |
74462f0d | 1649 | t = netdev_priv(dev); |
5ef5d6c5 DC |
1650 | } else { |
1651 | memset(&p, 0, sizeof(p)); | |
567131a7 | 1652 | } |
c12b395a | 1653 | ip6_tnl_parm_to_user(&p, &t->parms); |
3e7a1c7c | 1654 | if (copy_to_user(data, &p, sizeof(p))) |
1da177e4 | 1655 | err = -EFAULT; |
1da177e4 LT |
1656 | break; |
1657 | case SIOCADDTUNNEL: | |
1658 | case SIOCCHGTUNNEL: | |
1659 | err = -EPERM; | |
af31f412 | 1660 | if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) |
1da177e4 | 1661 | break; |
567131a7 | 1662 | err = -EFAULT; |
3e7a1c7c | 1663 | if (copy_from_user(&p, data, sizeof(p))) |
1da177e4 | 1664 | break; |
567131a7 | 1665 | err = -EINVAL; |
502b0935 YK |
1666 | if (p.proto != IPPROTO_IPV6 && p.proto != IPPROTO_IPIP && |
1667 | p.proto != 0) | |
1da177e4 | 1668 | break; |
c12b395a | 1669 | ip6_tnl_parm_from_user(&p1, &p); |
1670 | t = ip6_tnl_locate(net, &p1, cmd == SIOCADDTUNNEL); | |
acf722f7 | 1671 | if (cmd == SIOCCHGTUNNEL) { |
37355565 | 1672 | if (!IS_ERR(t)) { |
567131a7 VN |
1673 | if (t->dev != dev) { |
1674 | err = -EEXIST; | |
1675 | break; | |
1676 | } | |
1677 | } else | |
1678 | t = netdev_priv(dev); | |
acf722f7 | 1679 | if (dev == ip6n->fb_tnl_dev) |
77788567 | 1680 | ip6_tnl0_update(t, &p1); |
acf722f7 | 1681 | else |
77788567 | 1682 | ip6_tnl_update(t, &p1); |
1da177e4 | 1683 | } |
37355565 | 1684 | if (!IS_ERR(t)) { |
1da177e4 | 1685 | err = 0; |
c12b395a | 1686 | ip6_tnl_parm_to_user(&p, &t->parms); |
3e7a1c7c | 1687 | if (copy_to_user(data, &p, sizeof(p))) |
567131a7 VN |
1688 | err = -EFAULT; |
1689 | ||
37355565 ND |
1690 | } else { |
1691 | err = PTR_ERR(t); | |
1692 | } | |
1da177e4 LT |
1693 | break; |
1694 | case SIOCDELTUNNEL: | |
1695 | err = -EPERM; | |
af31f412 | 1696 | if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) |
1da177e4 LT |
1697 | break; |
1698 | ||
15820e12 | 1699 | if (dev == ip6n->fb_tnl_dev) { |
567131a7 | 1700 | err = -EFAULT; |
3e7a1c7c | 1701 | if (copy_from_user(&p, data, sizeof(p))) |
1da177e4 | 1702 | break; |
567131a7 | 1703 | err = -ENOENT; |
c12b395a | 1704 | ip6_tnl_parm_from_user(&p1, &p); |
1705 | t = ip6_tnl_locate(net, &p1, 0); | |
37355565 | 1706 | if (IS_ERR(t)) |
1da177e4 | 1707 | break; |
567131a7 | 1708 | err = -EPERM; |
15820e12 | 1709 | if (t->dev == ip6n->fb_tnl_dev) |
1da177e4 | 1710 | break; |
567131a7 | 1711 | dev = t->dev; |
1da177e4 | 1712 | } |
22f8cde5 SH |
1713 | err = 0; |
1714 | unregister_netdevice(dev); | |
1da177e4 LT |
1715 | break; |
1716 | default: | |
1717 | err = -EINVAL; | |
1718 | } | |
1719 | return err; | |
1720 | } | |
1721 | ||
1da177e4 | 1722 | /** |
3144581c | 1723 | * ip6_tnl_change_mtu - change mtu manually for tunnel device |
1da177e4 LT |
1724 | * @dev: virtual device associated with tunnel |
1725 | * @new_mtu: the new mtu | |
1726 | * | |
1727 | * Return: | |
1728 | * 0 on success, | |
1729 | * %-EINVAL if mtu too small | |
1730 | **/ | |
1731 | ||
79ecb90e | 1732 | int ip6_tnl_change_mtu(struct net_device *dev, int new_mtu) |
1da177e4 | 1733 | { |
582442d6 OG |
1734 | struct ip6_tnl *tnl = netdev_priv(dev); |
1735 | ||
2fa771be XL |
1736 | if (tnl->parms.proto == IPPROTO_IPV6) { |
1737 | if (new_mtu < IPV6_MIN_MTU) | |
582442d6 OG |
1738 | return -EINVAL; |
1739 | } else { | |
2fa771be | 1740 | if (new_mtu < ETH_MIN_MTU) |
582442d6 | 1741 | return -EINVAL; |
1da177e4 | 1742 | } |
f7ff1fde ND |
1743 | if (tnl->parms.proto == IPPROTO_IPV6 || tnl->parms.proto == 0) { |
1744 | if (new_mtu > IP6_MAX_MTU - dev->hard_header_len) | |
1745 | return -EINVAL; | |
1746 | } else { | |
1747 | if (new_mtu > IP_MAX_MTU - dev->hard_header_len) | |
1748 | return -EINVAL; | |
1749 | } | |
1da177e4 LT |
1750 | dev->mtu = new_mtu; |
1751 | return 0; | |
1752 | } | |
79ecb90e | 1753 | EXPORT_SYMBOL(ip6_tnl_change_mtu); |
1da177e4 | 1754 | |
ecf2c06a ND |
1755 | int ip6_tnl_get_iflink(const struct net_device *dev) |
1756 | { | |
1757 | struct ip6_tnl *t = netdev_priv(dev); | |
1758 | ||
e353ea9c | 1759 | return READ_ONCE(t->parms.link); |
ecf2c06a ND |
1760 | } |
1761 | EXPORT_SYMBOL(ip6_tnl_get_iflink); | |
1326c3d5 | 1762 | |
058214a4 TH |
1763 | int ip6_tnl_encap_add_ops(const struct ip6_tnl_encap_ops *ops, |
1764 | unsigned int num) | |
1765 | { | |
1766 | if (num >= MAX_IPTUN_ENCAP_OPS) | |
1767 | return -ERANGE; | |
1768 | ||
1769 | return !cmpxchg((const struct ip6_tnl_encap_ops **) | |
1770 | &ip6tun_encaps[num], | |
1771 | NULL, ops) ? 0 : -1; | |
1772 | } | |
1773 | EXPORT_SYMBOL(ip6_tnl_encap_add_ops); | |
1774 | ||
1775 | int ip6_tnl_encap_del_ops(const struct ip6_tnl_encap_ops *ops, | |
1776 | unsigned int num) | |
1777 | { | |
1778 | int ret; | |
1779 | ||
1780 | if (num >= MAX_IPTUN_ENCAP_OPS) | |
1781 | return -ERANGE; | |
1782 | ||
1783 | ret = (cmpxchg((const struct ip6_tnl_encap_ops **) | |
1784 | &ip6tun_encaps[num], | |
1785 | ops, NULL) == ops) ? 0 : -1; | |
1786 | ||
1787 | synchronize_net(); | |
1788 | ||
1789 | return ret; | |
1790 | } | |
1791 | EXPORT_SYMBOL(ip6_tnl_encap_del_ops); | |
1792 | ||
1793 | int ip6_tnl_encap_setup(struct ip6_tnl *t, | |
1794 | struct ip_tunnel_encap *ipencap) | |
1795 | { | |
1796 | int hlen; | |
1797 | ||
1798 | memset(&t->encap, 0, sizeof(t->encap)); | |
1799 | ||
1800 | hlen = ip6_encap_hlen(ipencap); | |
1801 | if (hlen < 0) | |
1802 | return hlen; | |
1803 | ||
1804 | t->encap.type = ipencap->type; | |
1805 | t->encap.sport = ipencap->sport; | |
1806 | t->encap.dport = ipencap->dport; | |
1807 | t->encap.flags = ipencap->flags; | |
1808 | ||
1809 | t->encap_hlen = hlen; | |
1810 | t->hlen = t->encap_hlen + t->tun_hlen; | |
1811 | ||
1812 | return 0; | |
1813 | } | |
1814 | EXPORT_SYMBOL_GPL(ip6_tnl_encap_setup); | |
1815 | ||
1326c3d5 | 1816 | static const struct net_device_ops ip6_tnl_netdev_ops = { |
6c6151da | 1817 | .ndo_init = ip6_tnl_dev_init, |
8560f226 | 1818 | .ndo_uninit = ip6_tnl_dev_uninit, |
8eb30be0 | 1819 | .ndo_start_xmit = ip6_tnl_start_xmit, |
3e7a1c7c | 1820 | .ndo_siocdevprivate = ip6_tnl_siocdevprivate, |
1326c3d5 | 1821 | .ndo_change_mtu = ip6_tnl_change_mtu, |
6b840a04 | 1822 | .ndo_get_stats64 = dev_get_tstats64, |
ecf2c06a | 1823 | .ndo_get_iflink = ip6_tnl_get_iflink, |
1326c3d5 SH |
1824 | }; |
1825 | ||
51c052d4 TH |
1826 | #define IPXIPX_FEATURES (NETIF_F_SG | \ |
1827 | NETIF_F_FRAGLIST | \ | |
1828 | NETIF_F_HIGHDMA | \ | |
1829 | NETIF_F_GSO_SOFTWARE | \ | |
1830 | NETIF_F_HW_CSUM) | |
8560f226 | 1831 | |
1da177e4 | 1832 | /** |
3144581c | 1833 | * ip6_tnl_dev_setup - setup virtual tunnel device |
1da177e4 LT |
1834 | * @dev: virtual device associated with tunnel |
1835 | * | |
1836 | * Description: | |
1837 | * Initialize function pointers and device parameters | |
1838 | **/ | |
1839 | ||
3144581c | 1840 | static void ip6_tnl_dev_setup(struct net_device *dev) |
1da177e4 | 1841 | { |
1326c3d5 | 1842 | dev->netdev_ops = &ip6_tnl_netdev_ops; |
e53ac932 | 1843 | dev->header_ops = &ip_tunnel_header_ops; |
cf124db5 DM |
1844 | dev->needs_free_netdev = true; |
1845 | dev->priv_destructor = ip6_dev_free; | |
1da177e4 LT |
1846 | |
1847 | dev->type = ARPHRD_TUNNEL6; | |
1da177e4 LT |
1848 | dev->flags |= IFF_NOARP; |
1849 | dev->addr_len = sizeof(struct in6_addr); | |
058214a4 | 1850 | dev->features |= NETIF_F_LLTX; |
02875878 | 1851 | netif_keep_dst(dev); |
51c052d4 TH |
1852 | |
1853 | dev->features |= IPXIPX_FEATURES; | |
1854 | dev->hw_features |= IPXIPX_FEATURES; | |
1855 | ||
e837735e ND |
1856 | /* This perm addr will be used as interface identifier by IPv6 */ |
1857 | dev->addr_assign_type = NET_ADDR_RANDOM; | |
1858 | eth_random_addr(dev->perm_addr); | |
1da177e4 LT |
1859 | } |
1860 | ||
1861 | ||
1862 | /** | |
3144581c | 1863 | * ip6_tnl_dev_init_gen - general initializer for all tunnel devices |
1da177e4 LT |
1864 | * @dev: virtual device associated with tunnel |
1865 | **/ | |
1866 | ||
8560f226 | 1867 | static inline int |
3144581c | 1868 | ip6_tnl_dev_init_gen(struct net_device *dev) |
1da177e4 | 1869 | { |
2941a486 | 1870 | struct ip6_tnl *t = netdev_priv(dev); |
cdf3464e | 1871 | int ret; |
058214a4 | 1872 | int t_hlen; |
8560f226 | 1873 | |
1da177e4 | 1874 | t->dev = dev; |
0bd87628 | 1875 | t->net = dev_net(dev); |
1c213bd2 | 1876 | dev->tstats = netdev_alloc_pcpu_stats(struct pcpu_sw_netstats); |
8560f226 ED |
1877 | if (!dev->tstats) |
1878 | return -ENOMEM; | |
cdf3464e | 1879 | |
607f725f | 1880 | ret = dst_cache_init(&t->dst_cache, GFP_KERNEL); |
0d3c703a TH |
1881 | if (ret) |
1882 | goto free_stats; | |
1883 | ||
1884 | ret = gro_cells_init(&t->gro_cells, dev); | |
1885 | if (ret) | |
1886 | goto destroy_dst; | |
cdf3464e | 1887 | |
79ecb90e | 1888 | t->tun_hlen = 0; |
058214a4 TH |
1889 | t->hlen = t->encap_hlen + t->tun_hlen; |
1890 | t_hlen = t->hlen + sizeof(struct ipv6hdr); | |
1891 | ||
1892 | dev->type = ARPHRD_TUNNEL6; | |
1893 | dev->hard_header_len = LL_MAX_HEADER + t_hlen; | |
1894 | dev->mtu = ETH_DATA_LEN - t_hlen; | |
1895 | if (!(t->parms.flags & IP6_TNL_F_IGN_ENCAP_LIMIT)) | |
1896 | dev->mtu -= 8; | |
b96f9afe | 1897 | dev->min_mtu = ETH_MIN_MTU; |
f7ff1fde | 1898 | dev->max_mtu = IP6_MAX_MTU - dev->hard_header_len; |
79ecb90e | 1899 | |
d62607c3 | 1900 | netdev_hold(dev, &t->dev_tracker, GFP_KERNEL); |
0bef5120 | 1901 | netdev_lockdep_set_classes(dev); |
8560f226 | 1902 | return 0; |
0d3c703a TH |
1903 | |
1904 | destroy_dst: | |
1905 | dst_cache_destroy(&t->dst_cache); | |
1906 | free_stats: | |
1907 | free_percpu(dev->tstats); | |
1908 | dev->tstats = NULL; | |
1909 | ||
1910 | return ret; | |
1da177e4 LT |
1911 | } |
1912 | ||
1913 | /** | |
3144581c | 1914 | * ip6_tnl_dev_init - initializer for all non fallback tunnel devices |
1da177e4 LT |
1915 | * @dev: virtual device associated with tunnel |
1916 | **/ | |
1917 | ||
8560f226 | 1918 | static int ip6_tnl_dev_init(struct net_device *dev) |
1da177e4 | 1919 | { |
2941a486 | 1920 | struct ip6_tnl *t = netdev_priv(dev); |
8560f226 ED |
1921 | int err = ip6_tnl_dev_init_gen(dev); |
1922 | ||
1923 | if (err) | |
1924 | return err; | |
3144581c | 1925 | ip6_tnl_link_config(t); |
5311a69a | 1926 | if (t->parms.collect_md) |
8d79266b | 1927 | netif_keep_dst(dev); |
8560f226 | 1928 | return 0; |
1da177e4 LT |
1929 | } |
1930 | ||
1931 | /** | |
3144581c | 1932 | * ip6_fb_tnl_dev_init - initializer for fallback tunnel device |
1da177e4 LT |
1933 | * @dev: fallback device |
1934 | * | |
1935 | * Return: 0 | |
1936 | **/ | |
1937 | ||
8560f226 | 1938 | static int __net_init ip6_fb_tnl_dev_init(struct net_device *dev) |
1da177e4 | 1939 | { |
2941a486 | 1940 | struct ip6_tnl *t = netdev_priv(dev); |
3e6c9fb5 PE |
1941 | struct net *net = dev_net(dev); |
1942 | struct ip6_tnl_net *ip6n = net_generic(net, ip6_tnl_net_id); | |
1943 | ||
502b0935 | 1944 | t->parms.proto = IPPROTO_IPV6; |
d0087b29 | 1945 | |
cf778b00 | 1946 | rcu_assign_pointer(ip6n->tnls_wc[0], t); |
8560f226 | 1947 | return 0; |
1da177e4 LT |
1948 | } |
1949 | ||
a8b8a889 MS |
1950 | static int ip6_tnl_validate(struct nlattr *tb[], struct nlattr *data[], |
1951 | struct netlink_ext_ack *extack) | |
0b112457 ND |
1952 | { |
1953 | u8 proto; | |
1954 | ||
c8965932 | 1955 | if (!data || !data[IFLA_IPTUN_PROTO]) |
0b112457 ND |
1956 | return 0; |
1957 | ||
1958 | proto = nla_get_u8(data[IFLA_IPTUN_PROTO]); | |
1959 | if (proto != IPPROTO_IPV6 && | |
1960 | proto != IPPROTO_IPIP && | |
1961 | proto != 0) | |
1962 | return -EINVAL; | |
1963 | ||
1964 | return 0; | |
1965 | } | |
1966 | ||
1967 | static void ip6_tnl_netlink_parms(struct nlattr *data[], | |
1968 | struct __ip6_tnl_parm *parms) | |
1969 | { | |
1970 | memset(parms, 0, sizeof(*parms)); | |
1971 | ||
1972 | if (!data) | |
1973 | return; | |
1974 | ||
1975 | if (data[IFLA_IPTUN_LINK]) | |
1976 | parms->link = nla_get_u32(data[IFLA_IPTUN_LINK]); | |
1977 | ||
1978 | if (data[IFLA_IPTUN_LOCAL]) | |
67b61f6c | 1979 | parms->laddr = nla_get_in6_addr(data[IFLA_IPTUN_LOCAL]); |
0b112457 ND |
1980 | |
1981 | if (data[IFLA_IPTUN_REMOTE]) | |
67b61f6c | 1982 | parms->raddr = nla_get_in6_addr(data[IFLA_IPTUN_REMOTE]); |
0b112457 ND |
1983 | |
1984 | if (data[IFLA_IPTUN_TTL]) | |
1985 | parms->hop_limit = nla_get_u8(data[IFLA_IPTUN_TTL]); | |
1986 | ||
1987 | if (data[IFLA_IPTUN_ENCAP_LIMIT]) | |
1988 | parms->encap_limit = nla_get_u8(data[IFLA_IPTUN_ENCAP_LIMIT]); | |
1989 | ||
1990 | if (data[IFLA_IPTUN_FLOWINFO]) | |
1ff05fb7 | 1991 | parms->flowinfo = nla_get_be32(data[IFLA_IPTUN_FLOWINFO]); |
0b112457 ND |
1992 | |
1993 | if (data[IFLA_IPTUN_FLAGS]) | |
1994 | parms->flags = nla_get_u32(data[IFLA_IPTUN_FLAGS]); | |
1995 | ||
1996 | if (data[IFLA_IPTUN_PROTO]) | |
1997 | parms->proto = nla_get_u8(data[IFLA_IPTUN_PROTO]); | |
8d79266b AS |
1998 | |
1999 | if (data[IFLA_IPTUN_COLLECT_METADATA]) | |
2000 | parms->collect_md = true; | |
0a473b82 CG |
2001 | |
2002 | if (data[IFLA_IPTUN_FWMARK]) | |
2003 | parms->fwmark = nla_get_u32(data[IFLA_IPTUN_FWMARK]); | |
0b112457 ND |
2004 | } |
2005 | ||
2006 | static int ip6_tnl_newlink(struct net *src_net, struct net_device *dev, | |
7a3f4a18 MS |
2007 | struct nlattr *tb[], struct nlattr *data[], |
2008 | struct netlink_ext_ack *extack) | |
0b112457 ND |
2009 | { |
2010 | struct net *net = dev_net(dev); | |
8d79266b | 2011 | struct ip6_tnl_net *ip6n = net_generic(net, ip6_tnl_net_id); |
b3a27b51 | 2012 | struct ip_tunnel_encap ipencap; |
a6aa8044 XL |
2013 | struct ip6_tnl *nt, *t; |
2014 | int err; | |
0b112457 ND |
2015 | |
2016 | nt = netdev_priv(dev); | |
b3a27b51 | 2017 | |
537dd2d9 | 2018 | if (ip_tunnel_netlink_encap_parms(data, &ipencap)) { |
a6aa8044 | 2019 | err = ip6_tnl_encap_setup(nt, &ipencap); |
b3a27b51 TH |
2020 | if (err < 0) |
2021 | return err; | |
2022 | } | |
2023 | ||
0b112457 ND |
2024 | ip6_tnl_netlink_parms(data, &nt->parms); |
2025 | ||
8d79266b AS |
2026 | if (nt->parms.collect_md) { |
2027 | if (rtnl_dereference(ip6n->collect_md_tun)) | |
2028 | return -EEXIST; | |
2029 | } else { | |
2030 | t = ip6_tnl_locate(net, &nt->parms, 0); | |
2031 | if (!IS_ERR(t)) | |
2032 | return -EEXIST; | |
2033 | } | |
0b112457 | 2034 | |
a6aa8044 XL |
2035 | err = ip6_tnl_create2(dev); |
2036 | if (!err && tb[IFLA_MTU]) | |
2037 | ip6_tnl_change_mtu(dev, nla_get_u32(tb[IFLA_MTU])); | |
2038 | ||
2039 | return err; | |
0b112457 ND |
2040 | } |
2041 | ||
2042 | static int ip6_tnl_changelink(struct net_device *dev, struct nlattr *tb[], | |
ad744b22 MS |
2043 | struct nlattr *data[], |
2044 | struct netlink_ext_ack *extack) | |
0b112457 | 2045 | { |
0bd87628 | 2046 | struct ip6_tnl *t = netdev_priv(dev); |
0b112457 | 2047 | struct __ip6_tnl_parm p; |
0bd87628 | 2048 | struct net *net = t->net; |
0b112457 | 2049 | struct ip6_tnl_net *ip6n = net_generic(net, ip6_tnl_net_id); |
b3a27b51 | 2050 | struct ip_tunnel_encap ipencap; |
0b112457 ND |
2051 | |
2052 | if (dev == ip6n->fb_tnl_dev) | |
2053 | return -EINVAL; | |
2054 | ||
537dd2d9 | 2055 | if (ip_tunnel_netlink_encap_parms(data, &ipencap)) { |
b3a27b51 TH |
2056 | int err = ip6_tnl_encap_setup(t, &ipencap); |
2057 | ||
2058 | if (err < 0) | |
2059 | return err; | |
2060 | } | |
0b112457 | 2061 | ip6_tnl_netlink_parms(data, &p); |
8d79266b AS |
2062 | if (p.collect_md) |
2063 | return -EINVAL; | |
0b112457 ND |
2064 | |
2065 | t = ip6_tnl_locate(net, &p, 0); | |
37355565 | 2066 | if (!IS_ERR(t)) { |
0b112457 ND |
2067 | if (t->dev != dev) |
2068 | return -EEXIST; | |
2069 | } else | |
2070 | t = netdev_priv(dev); | |
2071 | ||
77788567 HW |
2072 | ip6_tnl_update(t, &p); |
2073 | return 0; | |
0b112457 ND |
2074 | } |
2075 | ||
1e9f3d6f ND |
2076 | static void ip6_tnl_dellink(struct net_device *dev, struct list_head *head) |
2077 | { | |
2078 | struct net *net = dev_net(dev); | |
2079 | struct ip6_tnl_net *ip6n = net_generic(net, ip6_tnl_net_id); | |
2080 | ||
2081 | if (dev != ip6n->fb_tnl_dev) | |
2082 | unregister_netdevice_queue(dev, head); | |
2083 | } | |
2084 | ||
b58d731a | 2085 | static size_t ip6_tnl_get_size(const struct net_device *dev) |
c075b130 ND |
2086 | { |
2087 | return | |
2088 | /* IFLA_IPTUN_LINK */ | |
2089 | nla_total_size(4) + | |
2090 | /* IFLA_IPTUN_LOCAL */ | |
2091 | nla_total_size(sizeof(struct in6_addr)) + | |
2092 | /* IFLA_IPTUN_REMOTE */ | |
2093 | nla_total_size(sizeof(struct in6_addr)) + | |
2094 | /* IFLA_IPTUN_TTL */ | |
2095 | nla_total_size(1) + | |
2096 | /* IFLA_IPTUN_ENCAP_LIMIT */ | |
2097 | nla_total_size(1) + | |
2098 | /* IFLA_IPTUN_FLOWINFO */ | |
2099 | nla_total_size(4) + | |
2100 | /* IFLA_IPTUN_FLAGS */ | |
2101 | nla_total_size(4) + | |
cfa323b6 ND |
2102 | /* IFLA_IPTUN_PROTO */ |
2103 | nla_total_size(1) + | |
b3a27b51 TH |
2104 | /* IFLA_IPTUN_ENCAP_TYPE */ |
2105 | nla_total_size(2) + | |
2106 | /* IFLA_IPTUN_ENCAP_FLAGS */ | |
2107 | nla_total_size(2) + | |
2108 | /* IFLA_IPTUN_ENCAP_SPORT */ | |
2109 | nla_total_size(2) + | |
2110 | /* IFLA_IPTUN_ENCAP_DPORT */ | |
2111 | nla_total_size(2) + | |
8d79266b AS |
2112 | /* IFLA_IPTUN_COLLECT_METADATA */ |
2113 | nla_total_size(0) + | |
0a473b82 CG |
2114 | /* IFLA_IPTUN_FWMARK */ |
2115 | nla_total_size(4) + | |
c075b130 ND |
2116 | 0; |
2117 | } | |
2118 | ||
b58d731a | 2119 | static int ip6_tnl_fill_info(struct sk_buff *skb, const struct net_device *dev) |
c075b130 ND |
2120 | { |
2121 | struct ip6_tnl *tunnel = netdev_priv(dev); | |
2122 | struct __ip6_tnl_parm *parm = &tunnel->parms; | |
2123 | ||
2124 | if (nla_put_u32(skb, IFLA_IPTUN_LINK, parm->link) || | |
930345ea JB |
2125 | nla_put_in6_addr(skb, IFLA_IPTUN_LOCAL, &parm->laddr) || |
2126 | nla_put_in6_addr(skb, IFLA_IPTUN_REMOTE, &parm->raddr) || | |
c075b130 ND |
2127 | nla_put_u8(skb, IFLA_IPTUN_TTL, parm->hop_limit) || |
2128 | nla_put_u8(skb, IFLA_IPTUN_ENCAP_LIMIT, parm->encap_limit) || | |
2129 | nla_put_be32(skb, IFLA_IPTUN_FLOWINFO, parm->flowinfo) || | |
cfa323b6 | 2130 | nla_put_u32(skb, IFLA_IPTUN_FLAGS, parm->flags) || |
0a473b82 CG |
2131 | nla_put_u8(skb, IFLA_IPTUN_PROTO, parm->proto) || |
2132 | nla_put_u32(skb, IFLA_IPTUN_FWMARK, parm->fwmark)) | |
c075b130 | 2133 | goto nla_put_failure; |
b3a27b51 | 2134 | |
8d79266b AS |
2135 | if (nla_put_u16(skb, IFLA_IPTUN_ENCAP_TYPE, tunnel->encap.type) || |
2136 | nla_put_be16(skb, IFLA_IPTUN_ENCAP_SPORT, tunnel->encap.sport) || | |
2137 | nla_put_be16(skb, IFLA_IPTUN_ENCAP_DPORT, tunnel->encap.dport) || | |
2138 | nla_put_u16(skb, IFLA_IPTUN_ENCAP_FLAGS, tunnel->encap.flags)) | |
b3a27b51 TH |
2139 | goto nla_put_failure; |
2140 | ||
8d79266b AS |
2141 | if (parm->collect_md) |
2142 | if (nla_put_flag(skb, IFLA_IPTUN_COLLECT_METADATA)) | |
2143 | goto nla_put_failure; | |
0a473b82 | 2144 | |
c075b130 ND |
2145 | return 0; |
2146 | ||
2147 | nla_put_failure: | |
2148 | return -EMSGSIZE; | |
2149 | } | |
2150 | ||
1728d4fa ND |
2151 | struct net *ip6_tnl_get_link_net(const struct net_device *dev) |
2152 | { | |
2153 | struct ip6_tnl *tunnel = netdev_priv(dev); | |
2154 | ||
2155 | return tunnel->net; | |
2156 | } | |
2157 | EXPORT_SYMBOL(ip6_tnl_get_link_net); | |
2158 | ||
0b112457 ND |
2159 | static const struct nla_policy ip6_tnl_policy[IFLA_IPTUN_MAX + 1] = { |
2160 | [IFLA_IPTUN_LINK] = { .type = NLA_U32 }, | |
2161 | [IFLA_IPTUN_LOCAL] = { .len = sizeof(struct in6_addr) }, | |
2162 | [IFLA_IPTUN_REMOTE] = { .len = sizeof(struct in6_addr) }, | |
2163 | [IFLA_IPTUN_TTL] = { .type = NLA_U8 }, | |
2164 | [IFLA_IPTUN_ENCAP_LIMIT] = { .type = NLA_U8 }, | |
2165 | [IFLA_IPTUN_FLOWINFO] = { .type = NLA_U32 }, | |
2166 | [IFLA_IPTUN_FLAGS] = { .type = NLA_U32 }, | |
2167 | [IFLA_IPTUN_PROTO] = { .type = NLA_U8 }, | |
b3a27b51 TH |
2168 | [IFLA_IPTUN_ENCAP_TYPE] = { .type = NLA_U16 }, |
2169 | [IFLA_IPTUN_ENCAP_FLAGS] = { .type = NLA_U16 }, | |
2170 | [IFLA_IPTUN_ENCAP_SPORT] = { .type = NLA_U16 }, | |
2171 | [IFLA_IPTUN_ENCAP_DPORT] = { .type = NLA_U16 }, | |
8d79266b | 2172 | [IFLA_IPTUN_COLLECT_METADATA] = { .type = NLA_FLAG }, |
0a473b82 | 2173 | [IFLA_IPTUN_FWMARK] = { .type = NLA_U32 }, |
0b112457 ND |
2174 | }; |
2175 | ||
c075b130 ND |
2176 | static struct rtnl_link_ops ip6_link_ops __read_mostly = { |
2177 | .kind = "ip6tnl", | |
2178 | .maxtype = IFLA_IPTUN_MAX, | |
0b112457 | 2179 | .policy = ip6_tnl_policy, |
c075b130 | 2180 | .priv_size = sizeof(struct ip6_tnl), |
0b112457 ND |
2181 | .setup = ip6_tnl_dev_setup, |
2182 | .validate = ip6_tnl_validate, | |
2183 | .newlink = ip6_tnl_newlink, | |
2184 | .changelink = ip6_tnl_changelink, | |
1e9f3d6f | 2185 | .dellink = ip6_tnl_dellink, |
b58d731a ND |
2186 | .get_size = ip6_tnl_get_size, |
2187 | .fill_info = ip6_tnl_fill_info, | |
1728d4fa | 2188 | .get_link_net = ip6_tnl_get_link_net, |
c075b130 ND |
2189 | }; |
2190 | ||
3ff2cfa5 | 2191 | static struct xfrm6_tunnel ip4ip6_handler __read_mostly = { |
c4d3efaf YK |
2192 | .handler = ip4ip6_rcv, |
2193 | .err_handler = ip4ip6_err, | |
2194 | .priority = 1, | |
2195 | }; | |
2196 | ||
3ff2cfa5 | 2197 | static struct xfrm6_tunnel ip6ip6_handler __read_mostly = { |
0303770d PM |
2198 | .handler = ip6ip6_rcv, |
2199 | .err_handler = ip6ip6_err, | |
d2acc347 | 2200 | .priority = 1, |
1da177e4 LT |
2201 | }; |
2202 | ||
f200e98d VF |
2203 | static struct xfrm6_tunnel mplsip6_handler __read_mostly = { |
2204 | .handler = mplsip6_rcv, | |
2205 | .err_handler = mplsip6_err, | |
2206 | .priority = 1, | |
2207 | }; | |
2208 | ||
bb401cae | 2209 | static void __net_exit ip6_tnl_destroy_tunnels(struct net *net, struct list_head *list) |
3e6c9fb5 | 2210 | { |
1e9f3d6f | 2211 | struct ip6_tnl_net *ip6n = net_generic(net, ip6_tnl_net_id); |
0bd87628 | 2212 | struct net_device *dev, *aux; |
3e6c9fb5 PE |
2213 | int h; |
2214 | struct ip6_tnl *t; | |
2215 | ||
0bd87628 ND |
2216 | for_each_netdev_safe(net, dev, aux) |
2217 | if (dev->rtnl_link_ops == &ip6_link_ops) | |
bb401cae | 2218 | unregister_netdevice_queue(dev, list); |
0bd87628 | 2219 | |
e87a8f24 | 2220 | for (h = 0; h < IP6_TUNNEL_HASH_SIZE; h++) { |
94767632 | 2221 | t = rtnl_dereference(ip6n->tnls_r_l[h]); |
53b24b8f | 2222 | while (t) { |
0bd87628 ND |
2223 | /* If dev is in the same netns, it has already |
2224 | * been added to the list by the previous loop. | |
2225 | */ | |
2226 | if (!net_eq(dev_net(t->dev), net)) | |
bb401cae | 2227 | unregister_netdevice_queue(t->dev, list); |
94767632 | 2228 | t = rtnl_dereference(t->next); |
cf4432f5 | 2229 | } |
3e6c9fb5 | 2230 | } |
941ea91e HV |
2231 | |
2232 | t = rtnl_dereference(ip6n->tnls_wc[0]); | |
2233 | while (t) { | |
2234 | /* If dev is in the same netns, it has already | |
2235 | * been added to the list by the previous loop. | |
2236 | */ | |
2237 | if (!net_eq(dev_net(t->dev), net)) | |
2238 | unregister_netdevice_queue(t->dev, list); | |
2239 | t = rtnl_dereference(t->next); | |
2240 | } | |
3e6c9fb5 PE |
2241 | } |
2242 | ||
2c8c1e72 | 2243 | static int __net_init ip6_tnl_init_net(struct net *net) |
13eeb8e9 | 2244 | { |
ac31cd3c | 2245 | struct ip6_tnl_net *ip6n = net_generic(net, ip6_tnl_net_id); |
731abb9c | 2246 | struct ip6_tnl *t = NULL; |
13eeb8e9 | 2247 | int err; |
13eeb8e9 | 2248 | |
3e6c9fb5 PE |
2249 | ip6n->tnls[0] = ip6n->tnls_wc; |
2250 | ip6n->tnls[1] = ip6n->tnls_r_l; | |
2251 | ||
79134e6c ED |
2252 | if (!net_has_fallback_tunnels(net)) |
2253 | return 0; | |
15820e12 PE |
2254 | err = -ENOMEM; |
2255 | ip6n->fb_tnl_dev = alloc_netdev(sizeof(struct ip6_tnl), "ip6tnl0", | |
c835a677 | 2256 | NET_NAME_UNKNOWN, ip6_tnl_dev_setup); |
15820e12 PE |
2257 | |
2258 | if (!ip6n->fb_tnl_dev) | |
2259 | goto err_alloc_dev; | |
be77e593 | 2260 | dev_net_set(ip6n->fb_tnl_dev, net); |
bb814094 | 2261 | ip6n->fb_tnl_dev->rtnl_link_ops = &ip6_link_ops; |
0bd87628 ND |
2262 | /* FB netdevice is special: we have one, and only one per netns. |
2263 | * Allowing to move it to another netns is clearly unsafe. | |
2264 | */ | |
2265 | ip6n->fb_tnl_dev->features |= NETIF_F_NETNS_LOCAL; | |
15820e12 | 2266 | |
8560f226 ED |
2267 | err = ip6_fb_tnl_dev_init(ip6n->fb_tnl_dev); |
2268 | if (err < 0) | |
2269 | goto err_register; | |
15820e12 PE |
2270 | |
2271 | err = register_netdev(ip6n->fb_tnl_dev); | |
2272 | if (err < 0) | |
2273 | goto err_register; | |
731abb9c JB |
2274 | |
2275 | t = netdev_priv(ip6n->fb_tnl_dev); | |
2276 | ||
2277 | strcpy(t->parms.name, ip6n->fb_tnl_dev->name); | |
13eeb8e9 PE |
2278 | return 0; |
2279 | ||
15820e12 | 2280 | err_register: |
cf124db5 | 2281 | free_netdev(ip6n->fb_tnl_dev); |
15820e12 | 2282 | err_alloc_dev: |
13eeb8e9 PE |
2283 | return err; |
2284 | } | |
2285 | ||
a1fab9af ED |
2286 | static void __net_exit ip6_tnl_exit_batch_rtnl(struct list_head *net_list, |
2287 | struct list_head *dev_to_kill) | |
13eeb8e9 | 2288 | { |
bb401cae | 2289 | struct net *net; |
bb401cae | 2290 | |
a1fab9af | 2291 | ASSERT_RTNL(); |
bb401cae | 2292 | list_for_each_entry(net, net_list, exit_list) |
a1fab9af | 2293 | ip6_tnl_destroy_tunnels(net, dev_to_kill); |
13eeb8e9 PE |
2294 | } |
2295 | ||
2296 | static struct pernet_operations ip6_tnl_net_ops = { | |
2297 | .init = ip6_tnl_init_net, | |
a1fab9af | 2298 | .exit_batch_rtnl = ip6_tnl_exit_batch_rtnl, |
ac31cd3c EB |
2299 | .id = &ip6_tnl_net_id, |
2300 | .size = sizeof(struct ip6_tnl_net), | |
13eeb8e9 PE |
2301 | }; |
2302 | ||
1da177e4 LT |
2303 | /** |
2304 | * ip6_tunnel_init - register protocol and reserve needed resources | |
2305 | * | |
2306 | * Return: 0 on success | |
2307 | **/ | |
2308 | ||
2309 | static int __init ip6_tunnel_init(void) | |
2310 | { | |
2311 | int err; | |
2312 | ||
8c22dab0 XL |
2313 | if (!ipv6_mod_enabled()) |
2314 | return -EOPNOTSUPP; | |
2315 | ||
d5aa407f AD |
2316 | err = register_pernet_device(&ip6_tnl_net_ops); |
2317 | if (err < 0) | |
2318 | goto out_pernet; | |
2319 | ||
2320 | err = xfrm6_tunnel_register(&ip4ip6_handler, AF_INET); | |
2321 | if (err < 0) { | |
f3213831 | 2322 | pr_err("%s: can't register ip4ip6\n", __func__); |
d5aa407f | 2323 | goto out_ip4ip6; |
c4d3efaf YK |
2324 | } |
2325 | ||
d5aa407f AD |
2326 | err = xfrm6_tunnel_register(&ip6ip6_handler, AF_INET6); |
2327 | if (err < 0) { | |
f3213831 | 2328 | pr_err("%s: can't register ip6ip6\n", __func__); |
d5aa407f | 2329 | goto out_ip6ip6; |
1da177e4 | 2330 | } |
f200e98d VF |
2331 | |
2332 | if (ip6_tnl_mpls_supported()) { | |
2333 | err = xfrm6_tunnel_register(&mplsip6_handler, AF_MPLS); | |
2334 | if (err < 0) { | |
2335 | pr_err("%s: can't register mplsip6\n", __func__); | |
2336 | goto out_mplsip6; | |
2337 | } | |
2338 | } | |
2339 | ||
c075b130 ND |
2340 | err = rtnl_link_register(&ip6_link_ops); |
2341 | if (err < 0) | |
2342 | goto rtnl_link_failed; | |
13eeb8e9 | 2343 | |
1da177e4 | 2344 | return 0; |
d5aa407f | 2345 | |
c075b130 | 2346 | rtnl_link_failed: |
f200e98d VF |
2347 | if (ip6_tnl_mpls_supported()) |
2348 | xfrm6_tunnel_deregister(&mplsip6_handler, AF_MPLS); | |
2349 | out_mplsip6: | |
c075b130 | 2350 | xfrm6_tunnel_deregister(&ip6ip6_handler, AF_INET6); |
d5aa407f | 2351 | out_ip6ip6: |
c4d3efaf | 2352 | xfrm6_tunnel_deregister(&ip4ip6_handler, AF_INET); |
d5aa407f AD |
2353 | out_ip4ip6: |
2354 | unregister_pernet_device(&ip6_tnl_net_ops); | |
2355 | out_pernet: | |
1da177e4 LT |
2356 | return err; |
2357 | } | |
2358 | ||
2359 | /** | |
2360 | * ip6_tunnel_cleanup - free resources and unregister protocol | |
2361 | **/ | |
2362 | ||
2363 | static void __exit ip6_tunnel_cleanup(void) | |
2364 | { | |
c075b130 | 2365 | rtnl_link_unregister(&ip6_link_ops); |
c4d3efaf | 2366 | if (xfrm6_tunnel_deregister(&ip4ip6_handler, AF_INET)) |
f3213831 | 2367 | pr_info("%s: can't deregister ip4ip6\n", __func__); |
c4d3efaf | 2368 | |
73d605d1 | 2369 | if (xfrm6_tunnel_deregister(&ip6ip6_handler, AF_INET6)) |
f3213831 | 2370 | pr_info("%s: can't deregister ip6ip6\n", __func__); |
1da177e4 | 2371 | |
f200e98d VF |
2372 | if (ip6_tnl_mpls_supported() && |
2373 | xfrm6_tunnel_deregister(&mplsip6_handler, AF_MPLS)) | |
2374 | pr_info("%s: can't deregister mplsip6\n", __func__); | |
ac31cd3c | 2375 | unregister_pernet_device(&ip6_tnl_net_ops); |
1da177e4 LT |
2376 | } |
2377 | ||
2378 | module_init(ip6_tunnel_init); | |
2379 | module_exit(ip6_tunnel_cleanup); |