2 * Copyright (c) 2013 Nicira, Inc.
4 * This program is free software; you can redistribute it and/or
5 * modify it under the terms of version 2 of the GNU General Public
6 * License as published by the Free Software Foundation.
8 * This program is distributed in the hope that it will be useful, but
9 * WITHOUT ANY WARRANTY; without even the implied warranty of
10 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
11 * General Public License for more details.
13 * You should have received a copy of the GNU General Public License
14 * along with this program; if not, write to the Free Software
15 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
19 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
21 #include <linux/capability.h>
22 #include <linux/module.h>
23 #include <linux/types.h>
24 #include <linux/kernel.h>
25 #include <linux/slab.h>
26 #include <linux/uaccess.h>
27 #include <linux/skbuff.h>
28 #include <linux/netdevice.h>
30 #include <linux/tcp.h>
31 #include <linux/udp.h>
32 #include <linux/if_arp.h>
33 #include <linux/mroute.h>
34 #include <linux/init.h>
35 #include <linux/in6.h>
36 #include <linux/inetdevice.h>
37 #include <linux/igmp.h>
38 #include <linux/netfilter_ipv4.h>
39 #include <linux/etherdevice.h>
40 #include <linux/if_ether.h>
41 #include <linux/if_vlan.h>
42 #include <linux/rculist.h>
43 #include <linux/err.h>
48 #include <net/protocol.h>
49 #include <net/ip_tunnels.h>
51 #include <net/checksum.h>
52 #include <net/dsfield.h>
53 #include <net/inet_ecn.h>
55 #include <net/net_namespace.h>
56 #include <net/netns/generic.h>
57 #include <net/rtnetlink.h>
60 #if IS_ENABLED(CONFIG_NET_FOU)
64 #if IS_ENABLED(CONFIG_IPV6)
66 #include <net/ip6_fib.h>
67 #include <net/ip6_route.h>
70 static unsigned int ip_tunnel_hash(__be32 key
, __be32 remote
)
72 return hash_32((__force u32
)key
^ (__force u32
)remote
,
76 static void __tunnel_dst_set(struct ip_tunnel_dst
*idst
,
77 struct dst_entry
*dst
, __be32 saddr
)
79 struct dst_entry
*old_dst
;
82 old_dst
= xchg((__force
struct dst_entry
**)&idst
->dst
, dst
);
87 static noinline
void tunnel_dst_set(struct ip_tunnel
*t
,
88 struct dst_entry
*dst
, __be32 saddr
)
90 __tunnel_dst_set(raw_cpu_ptr(t
->dst_cache
), dst
, saddr
);
93 static void tunnel_dst_reset(struct ip_tunnel
*t
)
95 tunnel_dst_set(t
, NULL
, 0);
98 void ip_tunnel_dst_reset_all(struct ip_tunnel
*t
)
102 for_each_possible_cpu(i
)
103 __tunnel_dst_set(per_cpu_ptr(t
->dst_cache
, i
), NULL
, 0);
105 EXPORT_SYMBOL(ip_tunnel_dst_reset_all
);
107 static struct rtable
*tunnel_rtable_get(struct ip_tunnel
*t
,
108 u32 cookie
, __be32
*saddr
)
110 struct ip_tunnel_dst
*idst
;
111 struct dst_entry
*dst
;
114 idst
= raw_cpu_ptr(t
->dst_cache
);
115 dst
= rcu_dereference(idst
->dst
);
116 if (dst
&& !atomic_inc_not_zero(&dst
->__refcnt
))
119 if (!dst
->obsolete
|| dst
->ops
->check(dst
, cookie
)) {
120 *saddr
= idst
->saddr
;
128 return (struct rtable
*)dst
;
131 static bool ip_tunnel_key_match(const struct ip_tunnel_parm
*p
,
132 __be16 flags
, __be32 key
)
134 if (p
->i_flags
& TUNNEL_KEY
) {
135 if (flags
& TUNNEL_KEY
)
136 return key
== p
->i_key
;
138 /* key expected, none present */
141 return !(flags
& TUNNEL_KEY
);
144 /* Fallback tunnel: no source, no destination, no key, no options
147 We require exact key match i.e. if a key is present in packet
148 it will match only tunnel with the same key; if it is not present,
149 it will match only keyless tunnel.
151 All keysless packets, if not matched configured keyless tunnels
152 will match fallback tunnel.
153 Given src, dst and key, find appropriate for input tunnel.
155 struct ip_tunnel
*ip_tunnel_lookup(struct ip_tunnel_net
*itn
,
156 int link
, __be16 flags
,
157 __be32 remote
, __be32 local
,
161 struct ip_tunnel
*t
, *cand
= NULL
;
162 struct hlist_head
*head
;
164 hash
= ip_tunnel_hash(key
, remote
);
165 head
= &itn
->tunnels
[hash
];
167 hlist_for_each_entry_rcu(t
, head
, hash_node
) {
168 if (local
!= t
->parms
.iph
.saddr
||
169 remote
!= t
->parms
.iph
.daddr
||
170 !(t
->dev
->flags
& IFF_UP
))
173 if (!ip_tunnel_key_match(&t
->parms
, flags
, key
))
176 if (t
->parms
.link
== link
)
182 hlist_for_each_entry_rcu(t
, head
, hash_node
) {
183 if (remote
!= t
->parms
.iph
.daddr
||
184 t
->parms
.iph
.saddr
!= 0 ||
185 !(t
->dev
->flags
& IFF_UP
))
188 if (!ip_tunnel_key_match(&t
->parms
, flags
, key
))
191 if (t
->parms
.link
== link
)
197 hash
= ip_tunnel_hash(key
, 0);
198 head
= &itn
->tunnels
[hash
];
200 hlist_for_each_entry_rcu(t
, head
, hash_node
) {
201 if ((local
!= t
->parms
.iph
.saddr
|| t
->parms
.iph
.daddr
!= 0) &&
202 (local
!= t
->parms
.iph
.daddr
|| !ipv4_is_multicast(local
)))
205 if (!(t
->dev
->flags
& IFF_UP
))
208 if (!ip_tunnel_key_match(&t
->parms
, flags
, key
))
211 if (t
->parms
.link
== link
)
217 if (flags
& TUNNEL_NO_KEY
)
218 goto skip_key_lookup
;
220 hlist_for_each_entry_rcu(t
, head
, hash_node
) {
221 if (t
->parms
.i_key
!= key
||
222 t
->parms
.iph
.saddr
!= 0 ||
223 t
->parms
.iph
.daddr
!= 0 ||
224 !(t
->dev
->flags
& IFF_UP
))
227 if (t
->parms
.link
== link
)
237 if (itn
->fb_tunnel_dev
&& itn
->fb_tunnel_dev
->flags
& IFF_UP
)
238 return netdev_priv(itn
->fb_tunnel_dev
);
243 EXPORT_SYMBOL_GPL(ip_tunnel_lookup
);
245 static struct hlist_head
*ip_bucket(struct ip_tunnel_net
*itn
,
246 struct ip_tunnel_parm
*parms
)
250 __be32 i_key
= parms
->i_key
;
252 if (parms
->iph
.daddr
&& !ipv4_is_multicast(parms
->iph
.daddr
))
253 remote
= parms
->iph
.daddr
;
257 if (!(parms
->i_flags
& TUNNEL_KEY
) && (parms
->i_flags
& VTI_ISVTI
))
260 h
= ip_tunnel_hash(i_key
, remote
);
261 return &itn
->tunnels
[h
];
264 static void ip_tunnel_add(struct ip_tunnel_net
*itn
, struct ip_tunnel
*t
)
266 struct hlist_head
*head
= ip_bucket(itn
, &t
->parms
);
268 hlist_add_head_rcu(&t
->hash_node
, head
);
271 static void ip_tunnel_del(struct ip_tunnel
*t
)
273 hlist_del_init_rcu(&t
->hash_node
);
276 static struct ip_tunnel
*ip_tunnel_find(struct ip_tunnel_net
*itn
,
277 struct ip_tunnel_parm
*parms
,
280 __be32 remote
= parms
->iph
.daddr
;
281 __be32 local
= parms
->iph
.saddr
;
282 __be32 key
= parms
->i_key
;
283 __be16 flags
= parms
->i_flags
;
284 int link
= parms
->link
;
285 struct ip_tunnel
*t
= NULL
;
286 struct hlist_head
*head
= ip_bucket(itn
, parms
);
288 hlist_for_each_entry_rcu(t
, head
, hash_node
) {
289 if (local
== t
->parms
.iph
.saddr
&&
290 remote
== t
->parms
.iph
.daddr
&&
291 link
== t
->parms
.link
&&
292 type
== t
->dev
->type
&&
293 ip_tunnel_key_match(&t
->parms
, flags
, key
))
299 static struct net_device
*__ip_tunnel_create(struct net
*net
,
300 const struct rtnl_link_ops
*ops
,
301 struct ip_tunnel_parm
*parms
)
304 struct ip_tunnel
*tunnel
;
305 struct net_device
*dev
;
309 strlcpy(name
, parms
->name
, IFNAMSIZ
);
311 if (strlen(ops
->kind
) > (IFNAMSIZ
- 3)) {
315 strlcpy(name
, ops
->kind
, IFNAMSIZ
);
316 strncat(name
, "%d", 2);
320 dev
= alloc_netdev(ops
->priv_size
, name
, NET_NAME_UNKNOWN
, ops
->setup
);
325 dev_net_set(dev
, net
);
327 dev
->rtnl_link_ops
= ops
;
329 tunnel
= netdev_priv(dev
);
330 tunnel
->parms
= *parms
;
333 err
= register_netdevice(dev
);
345 static inline void init_tunnel_flow(struct flowi4
*fl4
,
347 __be32 daddr
, __be32 saddr
,
348 __be32 key
, __u8 tos
, int oif
)
350 memset(fl4
, 0, sizeof(*fl4
));
351 fl4
->flowi4_oif
= oif
;
354 fl4
->flowi4_tos
= tos
;
355 fl4
->flowi4_proto
= proto
;
356 fl4
->fl4_gre_key
= key
;
359 static int ip_tunnel_bind_dev(struct net_device
*dev
)
361 struct net_device
*tdev
= NULL
;
362 struct ip_tunnel
*tunnel
= netdev_priv(dev
);
363 const struct iphdr
*iph
;
364 int hlen
= LL_MAX_HEADER
;
365 int mtu
= ETH_DATA_LEN
;
366 int t_hlen
= tunnel
->hlen
+ sizeof(struct iphdr
);
368 iph
= &tunnel
->parms
.iph
;
370 /* Guess output device to choose reasonable mtu and needed_headroom */
375 init_tunnel_flow(&fl4
, iph
->protocol
, iph
->daddr
,
376 iph
->saddr
, tunnel
->parms
.o_key
,
377 RT_TOS(iph
->tos
), tunnel
->parms
.link
);
378 rt
= ip_route_output_key(tunnel
->net
, &fl4
);
382 tunnel_dst_set(tunnel
, &rt
->dst
, fl4
.saddr
);
385 if (dev
->type
!= ARPHRD_ETHER
)
386 dev
->flags
|= IFF_POINTOPOINT
;
389 if (!tdev
&& tunnel
->parms
.link
)
390 tdev
= __dev_get_by_index(tunnel
->net
, tunnel
->parms
.link
);
393 hlen
= tdev
->hard_header_len
+ tdev
->needed_headroom
;
396 dev
->iflink
= tunnel
->parms
.link
;
398 dev
->needed_headroom
= t_hlen
+ hlen
;
399 mtu
-= (dev
->hard_header_len
+ t_hlen
);
407 static struct ip_tunnel
*ip_tunnel_create(struct net
*net
,
408 struct ip_tunnel_net
*itn
,
409 struct ip_tunnel_parm
*parms
)
411 struct ip_tunnel
*nt
;
412 struct net_device
*dev
;
414 BUG_ON(!itn
->fb_tunnel_dev
);
415 dev
= __ip_tunnel_create(net
, itn
->fb_tunnel_dev
->rtnl_link_ops
, parms
);
417 return ERR_CAST(dev
);
419 dev
->mtu
= ip_tunnel_bind_dev(dev
);
421 nt
= netdev_priv(dev
);
422 ip_tunnel_add(itn
, nt
);
426 int ip_tunnel_rcv(struct ip_tunnel
*tunnel
, struct sk_buff
*skb
,
427 const struct tnl_ptk_info
*tpi
, bool log_ecn_error
)
429 struct pcpu_sw_netstats
*tstats
;
430 const struct iphdr
*iph
= ip_hdr(skb
);
433 #ifdef CONFIG_NET_IPGRE_BROADCAST
434 if (ipv4_is_multicast(iph
->daddr
)) {
435 tunnel
->dev
->stats
.multicast
++;
436 skb
->pkt_type
= PACKET_BROADCAST
;
440 if ((!(tpi
->flags
&TUNNEL_CSUM
) && (tunnel
->parms
.i_flags
&TUNNEL_CSUM
)) ||
441 ((tpi
->flags
&TUNNEL_CSUM
) && !(tunnel
->parms
.i_flags
&TUNNEL_CSUM
))) {
442 tunnel
->dev
->stats
.rx_crc_errors
++;
443 tunnel
->dev
->stats
.rx_errors
++;
447 if (tunnel
->parms
.i_flags
&TUNNEL_SEQ
) {
448 if (!(tpi
->flags
&TUNNEL_SEQ
) ||
449 (tunnel
->i_seqno
&& (s32
)(ntohl(tpi
->seq
) - tunnel
->i_seqno
) < 0)) {
450 tunnel
->dev
->stats
.rx_fifo_errors
++;
451 tunnel
->dev
->stats
.rx_errors
++;
454 tunnel
->i_seqno
= ntohl(tpi
->seq
) + 1;
457 skb_reset_network_header(skb
);
459 err
= IP_ECN_decapsulate(iph
, skb
);
462 net_info_ratelimited("non-ECT from %pI4 with TOS=%#x\n",
463 &iph
->saddr
, iph
->tos
);
465 ++tunnel
->dev
->stats
.rx_frame_errors
;
466 ++tunnel
->dev
->stats
.rx_errors
;
471 tstats
= this_cpu_ptr(tunnel
->dev
->tstats
);
472 u64_stats_update_begin(&tstats
->syncp
);
473 tstats
->rx_packets
++;
474 tstats
->rx_bytes
+= skb
->len
;
475 u64_stats_update_end(&tstats
->syncp
);
477 skb_scrub_packet(skb
, !net_eq(tunnel
->net
, dev_net(tunnel
->dev
)));
479 if (tunnel
->dev
->type
== ARPHRD_ETHER
) {
480 skb
->protocol
= eth_type_trans(skb
, tunnel
->dev
);
481 skb_postpull_rcsum(skb
, eth_hdr(skb
), ETH_HLEN
);
483 skb
->dev
= tunnel
->dev
;
486 gro_cells_receive(&tunnel
->gro_cells
, skb
);
493 EXPORT_SYMBOL_GPL(ip_tunnel_rcv
);
495 static int ip_encap_hlen(struct ip_tunnel_encap
*e
)
498 case TUNNEL_ENCAP_NONE
:
500 #if IS_ENABLED(CONFIG_NET_FOU)
501 case TUNNEL_ENCAP_FOU
:
502 return fou_encap_hlen(e
);
503 case TUNNEL_ENCAP_GUE
:
504 return gue_encap_hlen(e
);
511 int ip_tunnel_encap_setup(struct ip_tunnel
*t
,
512 struct ip_tunnel_encap
*ipencap
)
516 memset(&t
->encap
, 0, sizeof(t
->encap
));
518 hlen
= ip_encap_hlen(ipencap
);
522 t
->encap
.type
= ipencap
->type
;
523 t
->encap
.sport
= ipencap
->sport
;
524 t
->encap
.dport
= ipencap
->dport
;
525 t
->encap
.flags
= ipencap
->flags
;
527 t
->encap_hlen
= hlen
;
528 t
->hlen
= t
->encap_hlen
+ t
->tun_hlen
;
532 EXPORT_SYMBOL_GPL(ip_tunnel_encap_setup
);
534 int ip_tunnel_encap(struct sk_buff
*skb
, struct ip_tunnel
*t
,
535 u8
*protocol
, struct flowi4
*fl4
)
537 switch (t
->encap
.type
) {
538 case TUNNEL_ENCAP_NONE
:
540 #if IS_ENABLED(CONFIG_NET_FOU)
541 case TUNNEL_ENCAP_FOU
:
542 return fou_build_header(skb
, &t
->encap
, protocol
, fl4
);
543 case TUNNEL_ENCAP_GUE
:
544 return gue_build_header(skb
, &t
->encap
, protocol
, fl4
);
550 EXPORT_SYMBOL(ip_tunnel_encap
);
552 static int tnl_update_pmtu(struct net_device
*dev
, struct sk_buff
*skb
,
553 struct rtable
*rt
, __be16 df
)
555 struct ip_tunnel
*tunnel
= netdev_priv(dev
);
556 int pkt_size
= skb
->len
- tunnel
->hlen
- dev
->hard_header_len
;
560 mtu
= dst_mtu(&rt
->dst
) - dev
->hard_header_len
561 - sizeof(struct iphdr
) - tunnel
->hlen
;
563 mtu
= skb_dst(skb
) ? dst_mtu(skb_dst(skb
)) : dev
->mtu
;
566 skb_dst(skb
)->ops
->update_pmtu(skb_dst(skb
), NULL
, skb
, mtu
);
568 if (skb
->protocol
== htons(ETH_P_IP
)) {
569 if (!skb_is_gso(skb
) &&
570 (df
& htons(IP_DF
)) && mtu
< pkt_size
) {
571 memset(IPCB(skb
), 0, sizeof(*IPCB(skb
)));
572 icmp_send(skb
, ICMP_DEST_UNREACH
, ICMP_FRAG_NEEDED
, htonl(mtu
));
576 #if IS_ENABLED(CONFIG_IPV6)
577 else if (skb
->protocol
== htons(ETH_P_IPV6
)) {
578 struct rt6_info
*rt6
= (struct rt6_info
*)skb_dst(skb
);
580 if (rt6
&& mtu
< dst_mtu(skb_dst(skb
)) &&
581 mtu
>= IPV6_MIN_MTU
) {
582 if ((tunnel
->parms
.iph
.daddr
&&
583 !ipv4_is_multicast(tunnel
->parms
.iph
.daddr
)) ||
584 rt6
->rt6i_dst
.plen
== 128) {
585 rt6
->rt6i_flags
|= RTF_MODIFIED
;
586 dst_metric_set(skb_dst(skb
), RTAX_MTU
, mtu
);
590 if (!skb_is_gso(skb
) && mtu
>= IPV6_MIN_MTU
&&
592 icmpv6_send(skb
, ICMPV6_PKT_TOOBIG
, 0, mtu
);
600 void ip_tunnel_xmit(struct sk_buff
*skb
, struct net_device
*dev
,
601 const struct iphdr
*tnl_params
, u8 protocol
)
603 struct ip_tunnel
*tunnel
= netdev_priv(dev
);
604 const struct iphdr
*inner_iph
;
608 struct rtable
*rt
; /* Route to the other host */
609 unsigned int max_headroom
; /* The extra header space needed */
614 inner_iph
= (const struct iphdr
*)skb_inner_network_header(skb
);
615 connected
= (tunnel
->parms
.iph
.daddr
!= 0);
617 dst
= tnl_params
->daddr
;
621 if (skb_dst(skb
) == NULL
) {
622 dev
->stats
.tx_fifo_errors
++;
626 if (skb
->protocol
== htons(ETH_P_IP
)) {
627 rt
= skb_rtable(skb
);
628 dst
= rt_nexthop(rt
, inner_iph
->daddr
);
630 #if IS_ENABLED(CONFIG_IPV6)
631 else if (skb
->protocol
== htons(ETH_P_IPV6
)) {
632 const struct in6_addr
*addr6
;
633 struct neighbour
*neigh
;
634 bool do_tx_error_icmp
;
637 neigh
= dst_neigh_lookup(skb_dst(skb
),
638 &ipv6_hdr(skb
)->daddr
);
642 addr6
= (const struct in6_addr
*)&neigh
->primary_key
;
643 addr_type
= ipv6_addr_type(addr6
);
645 if (addr_type
== IPV6_ADDR_ANY
) {
646 addr6
= &ipv6_hdr(skb
)->daddr
;
647 addr_type
= ipv6_addr_type(addr6
);
650 if ((addr_type
& IPV6_ADDR_COMPATv4
) == 0)
651 do_tx_error_icmp
= true;
653 do_tx_error_icmp
= false;
654 dst
= addr6
->s6_addr32
[3];
656 neigh_release(neigh
);
657 if (do_tx_error_icmp
)
667 tos
= tnl_params
->tos
;
670 if (skb
->protocol
== htons(ETH_P_IP
)) {
671 tos
= inner_iph
->tos
;
673 } else if (skb
->protocol
== htons(ETH_P_IPV6
)) {
674 tos
= ipv6_get_dsfield((const struct ipv6hdr
*)inner_iph
);
679 init_tunnel_flow(&fl4
, protocol
, dst
, tnl_params
->saddr
,
680 tunnel
->parms
.o_key
, RT_TOS(tos
), tunnel
->parms
.link
);
682 if (ip_tunnel_encap(skb
, tunnel
, &protocol
, &fl4
) < 0)
685 rt
= connected
? tunnel_rtable_get(tunnel
, 0, &fl4
.saddr
) : NULL
;
688 rt
= ip_route_output_key(tunnel
->net
, &fl4
);
691 dev
->stats
.tx_carrier_errors
++;
695 tunnel_dst_set(tunnel
, &rt
->dst
, fl4
.saddr
);
698 if (rt
->dst
.dev
== dev
) {
700 dev
->stats
.collisions
++;
704 if (tnl_update_pmtu(dev
, skb
, rt
, tnl_params
->frag_off
)) {
709 if (tunnel
->err_count
> 0) {
710 if (time_before(jiffies
,
711 tunnel
->err_time
+ IPTUNNEL_ERR_TIMEO
)) {
714 memset(IPCB(skb
), 0, sizeof(*IPCB(skb
)));
715 dst_link_failure(skb
);
717 tunnel
->err_count
= 0;
720 tos
= ip_tunnel_ecn_encap(tos
, inner_iph
, skb
);
721 ttl
= tnl_params
->ttl
;
723 if (skb
->protocol
== htons(ETH_P_IP
))
724 ttl
= inner_iph
->ttl
;
725 #if IS_ENABLED(CONFIG_IPV6)
726 else if (skb
->protocol
== htons(ETH_P_IPV6
))
727 ttl
= ((const struct ipv6hdr
*)inner_iph
)->hop_limit
;
730 ttl
= ip4_dst_hoplimit(&rt
->dst
);
733 df
= tnl_params
->frag_off
;
734 if (skb
->protocol
== htons(ETH_P_IP
))
735 df
|= (inner_iph
->frag_off
&htons(IP_DF
));
737 max_headroom
= LL_RESERVED_SPACE(rt
->dst
.dev
) + sizeof(struct iphdr
)
738 + rt
->dst
.header_len
+ ip_encap_hlen(&tunnel
->encap
);
739 if (max_headroom
> dev
->needed_headroom
)
740 dev
->needed_headroom
= max_headroom
;
742 if (skb_cow_head(skb
, dev
->needed_headroom
)) {
744 dev
->stats
.tx_dropped
++;
749 err
= iptunnel_xmit(skb
->sk
, rt
, skb
, fl4
.saddr
, fl4
.daddr
, protocol
,
750 tos
, ttl
, df
, !net_eq(tunnel
->net
, dev_net(dev
)));
751 iptunnel_xmit_stats(err
, &dev
->stats
, dev
->tstats
);
755 #if IS_ENABLED(CONFIG_IPV6)
757 dst_link_failure(skb
);
760 dev
->stats
.tx_errors
++;
763 EXPORT_SYMBOL_GPL(ip_tunnel_xmit
);
765 static void ip_tunnel_update(struct ip_tunnel_net
*itn
,
767 struct net_device
*dev
,
768 struct ip_tunnel_parm
*p
,
772 t
->parms
.iph
.saddr
= p
->iph
.saddr
;
773 t
->parms
.iph
.daddr
= p
->iph
.daddr
;
774 t
->parms
.i_key
= p
->i_key
;
775 t
->parms
.o_key
= p
->o_key
;
776 if (dev
->type
!= ARPHRD_ETHER
) {
777 memcpy(dev
->dev_addr
, &p
->iph
.saddr
, 4);
778 memcpy(dev
->broadcast
, &p
->iph
.daddr
, 4);
780 ip_tunnel_add(itn
, t
);
782 t
->parms
.iph
.ttl
= p
->iph
.ttl
;
783 t
->parms
.iph
.tos
= p
->iph
.tos
;
784 t
->parms
.iph
.frag_off
= p
->iph
.frag_off
;
786 if (t
->parms
.link
!= p
->link
) {
789 t
->parms
.link
= p
->link
;
790 mtu
= ip_tunnel_bind_dev(dev
);
794 ip_tunnel_dst_reset_all(t
);
795 netdev_state_change(dev
);
798 int ip_tunnel_ioctl(struct net_device
*dev
, struct ip_tunnel_parm
*p
, int cmd
)
801 struct ip_tunnel
*t
= netdev_priv(dev
);
802 struct net
*net
= t
->net
;
803 struct ip_tunnel_net
*itn
= net_generic(net
, t
->ip_tnl_net_id
);
805 BUG_ON(!itn
->fb_tunnel_dev
);
808 if (dev
== itn
->fb_tunnel_dev
) {
809 t
= ip_tunnel_find(itn
, p
, itn
->fb_tunnel_dev
->type
);
811 t
= netdev_priv(dev
);
813 memcpy(p
, &t
->parms
, sizeof(*p
));
819 if (!ns_capable(net
->user_ns
, CAP_NET_ADMIN
))
822 p
->iph
.frag_off
|= htons(IP_DF
);
823 if (!(p
->i_flags
& VTI_ISVTI
)) {
824 if (!(p
->i_flags
& TUNNEL_KEY
))
826 if (!(p
->o_flags
& TUNNEL_KEY
))
830 t
= ip_tunnel_find(itn
, p
, itn
->fb_tunnel_dev
->type
);
832 if (cmd
== SIOCADDTUNNEL
) {
834 t
= ip_tunnel_create(net
, itn
, p
);
835 err
= PTR_ERR_OR_ZERO(t
);
842 if (dev
!= itn
->fb_tunnel_dev
&& cmd
== SIOCCHGTUNNEL
) {
849 unsigned int nflags
= 0;
851 if (ipv4_is_multicast(p
->iph
.daddr
))
852 nflags
= IFF_BROADCAST
;
853 else if (p
->iph
.daddr
)
854 nflags
= IFF_POINTOPOINT
;
856 if ((dev
->flags
^nflags
)&(IFF_POINTOPOINT
|IFF_BROADCAST
)) {
861 t
= netdev_priv(dev
);
867 ip_tunnel_update(itn
, t
, dev
, p
, true);
875 if (!ns_capable(net
->user_ns
, CAP_NET_ADMIN
))
878 if (dev
== itn
->fb_tunnel_dev
) {
880 t
= ip_tunnel_find(itn
, p
, itn
->fb_tunnel_dev
->type
);
884 if (t
== netdev_priv(itn
->fb_tunnel_dev
))
888 unregister_netdevice(dev
);
899 EXPORT_SYMBOL_GPL(ip_tunnel_ioctl
);
901 int ip_tunnel_change_mtu(struct net_device
*dev
, int new_mtu
)
903 struct ip_tunnel
*tunnel
= netdev_priv(dev
);
904 int t_hlen
= tunnel
->hlen
+ sizeof(struct iphdr
);
907 new_mtu
> 0xFFF8 - dev
->hard_header_len
- t_hlen
)
912 EXPORT_SYMBOL_GPL(ip_tunnel_change_mtu
);
914 static void ip_tunnel_dev_free(struct net_device
*dev
)
916 struct ip_tunnel
*tunnel
= netdev_priv(dev
);
918 gro_cells_destroy(&tunnel
->gro_cells
);
919 free_percpu(tunnel
->dst_cache
);
920 free_percpu(dev
->tstats
);
924 void ip_tunnel_dellink(struct net_device
*dev
, struct list_head
*head
)
926 struct ip_tunnel
*tunnel
= netdev_priv(dev
);
927 struct ip_tunnel_net
*itn
;
929 itn
= net_generic(tunnel
->net
, tunnel
->ip_tnl_net_id
);
931 if (itn
->fb_tunnel_dev
!= dev
) {
932 ip_tunnel_del(netdev_priv(dev
));
933 unregister_netdevice_queue(dev
, head
);
936 EXPORT_SYMBOL_GPL(ip_tunnel_dellink
);
938 int ip_tunnel_init_net(struct net
*net
, int ip_tnl_net_id
,
939 struct rtnl_link_ops
*ops
, char *devname
)
941 struct ip_tunnel_net
*itn
= net_generic(net
, ip_tnl_net_id
);
942 struct ip_tunnel_parm parms
;
945 for (i
= 0; i
< IP_TNL_HASH_SIZE
; i
++)
946 INIT_HLIST_HEAD(&itn
->tunnels
[i
]);
949 itn
->fb_tunnel_dev
= NULL
;
953 memset(&parms
, 0, sizeof(parms
));
955 strlcpy(parms
.name
, devname
, IFNAMSIZ
);
958 itn
->fb_tunnel_dev
= __ip_tunnel_create(net
, ops
, &parms
);
959 /* FB netdevice is special: we have one, and only one per netns.
960 * Allowing to move it to another netns is clearly unsafe.
962 if (!IS_ERR(itn
->fb_tunnel_dev
)) {
963 itn
->fb_tunnel_dev
->features
|= NETIF_F_NETNS_LOCAL
;
964 itn
->fb_tunnel_dev
->mtu
= ip_tunnel_bind_dev(itn
->fb_tunnel_dev
);
965 ip_tunnel_add(itn
, netdev_priv(itn
->fb_tunnel_dev
));
969 return PTR_ERR_OR_ZERO(itn
->fb_tunnel_dev
);
971 EXPORT_SYMBOL_GPL(ip_tunnel_init_net
);
973 static void ip_tunnel_destroy(struct ip_tunnel_net
*itn
, struct list_head
*head
,
974 struct rtnl_link_ops
*ops
)
976 struct net
*net
= dev_net(itn
->fb_tunnel_dev
);
977 struct net_device
*dev
, *aux
;
980 for_each_netdev_safe(net
, dev
, aux
)
981 if (dev
->rtnl_link_ops
== ops
)
982 unregister_netdevice_queue(dev
, head
);
984 for (h
= 0; h
< IP_TNL_HASH_SIZE
; h
++) {
986 struct hlist_node
*n
;
987 struct hlist_head
*thead
= &itn
->tunnels
[h
];
989 hlist_for_each_entry_safe(t
, n
, thead
, hash_node
)
990 /* If dev is in the same netns, it has already
991 * been added to the list by the previous loop.
993 if (!net_eq(dev_net(t
->dev
), net
))
994 unregister_netdevice_queue(t
->dev
, head
);
998 void ip_tunnel_delete_net(struct ip_tunnel_net
*itn
, struct rtnl_link_ops
*ops
)
1003 ip_tunnel_destroy(itn
, &list
, ops
);
1004 unregister_netdevice_many(&list
);
1007 EXPORT_SYMBOL_GPL(ip_tunnel_delete_net
);
1009 int ip_tunnel_newlink(struct net_device
*dev
, struct nlattr
*tb
[],
1010 struct ip_tunnel_parm
*p
)
1012 struct ip_tunnel
*nt
;
1013 struct net
*net
= dev_net(dev
);
1014 struct ip_tunnel_net
*itn
;
1018 nt
= netdev_priv(dev
);
1019 itn
= net_generic(net
, nt
->ip_tnl_net_id
);
1021 if (ip_tunnel_find(itn
, p
, dev
->type
))
1026 err
= register_netdevice(dev
);
1030 if (dev
->type
== ARPHRD_ETHER
&& !tb
[IFLA_ADDRESS
])
1031 eth_hw_addr_random(dev
);
1033 mtu
= ip_tunnel_bind_dev(dev
);
1037 ip_tunnel_add(itn
, nt
);
1042 EXPORT_SYMBOL_GPL(ip_tunnel_newlink
);
1044 int ip_tunnel_changelink(struct net_device
*dev
, struct nlattr
*tb
[],
1045 struct ip_tunnel_parm
*p
)
1047 struct ip_tunnel
*t
;
1048 struct ip_tunnel
*tunnel
= netdev_priv(dev
);
1049 struct net
*net
= tunnel
->net
;
1050 struct ip_tunnel_net
*itn
= net_generic(net
, tunnel
->ip_tnl_net_id
);
1052 if (dev
== itn
->fb_tunnel_dev
)
1055 t
= ip_tunnel_find(itn
, p
, dev
->type
);
1063 if (dev
->type
!= ARPHRD_ETHER
) {
1064 unsigned int nflags
= 0;
1066 if (ipv4_is_multicast(p
->iph
.daddr
))
1067 nflags
= IFF_BROADCAST
;
1068 else if (p
->iph
.daddr
)
1069 nflags
= IFF_POINTOPOINT
;
1071 if ((dev
->flags
^ nflags
) &
1072 (IFF_POINTOPOINT
| IFF_BROADCAST
))
1077 ip_tunnel_update(itn
, t
, dev
, p
, !tb
[IFLA_MTU
]);
1080 EXPORT_SYMBOL_GPL(ip_tunnel_changelink
);
1082 int ip_tunnel_init(struct net_device
*dev
)
1084 struct ip_tunnel
*tunnel
= netdev_priv(dev
);
1085 struct iphdr
*iph
= &tunnel
->parms
.iph
;
1088 dev
->destructor
= ip_tunnel_dev_free
;
1089 dev
->tstats
= netdev_alloc_pcpu_stats(struct pcpu_sw_netstats
);
1093 tunnel
->dst_cache
= alloc_percpu(struct ip_tunnel_dst
);
1094 if (!tunnel
->dst_cache
) {
1095 free_percpu(dev
->tstats
);
1099 err
= gro_cells_init(&tunnel
->gro_cells
, dev
);
1101 free_percpu(tunnel
->dst_cache
);
1102 free_percpu(dev
->tstats
);
1107 tunnel
->net
= dev_net(dev
);
1108 strcpy(tunnel
->parms
.name
, dev
->name
);
1114 EXPORT_SYMBOL_GPL(ip_tunnel_init
);
1116 void ip_tunnel_uninit(struct net_device
*dev
)
1118 struct ip_tunnel
*tunnel
= netdev_priv(dev
);
1119 struct net
*net
= tunnel
->net
;
1120 struct ip_tunnel_net
*itn
;
1122 itn
= net_generic(net
, tunnel
->ip_tnl_net_id
);
1123 /* fb_tunnel_dev will be unregisted in net-exit call. */
1124 if (itn
->fb_tunnel_dev
!= dev
)
1125 ip_tunnel_del(netdev_priv(dev
));
1127 ip_tunnel_dst_reset_all(tunnel
);
1129 EXPORT_SYMBOL_GPL(ip_tunnel_uninit
);
1131 /* Do least required initialization, rest of init is done in tunnel_init call */
1132 void ip_tunnel_setup(struct net_device
*dev
, int net_id
)
1134 struct ip_tunnel
*tunnel
= netdev_priv(dev
);
1135 tunnel
->ip_tnl_net_id
= net_id
;
1137 EXPORT_SYMBOL_GPL(ip_tunnel_setup
);
1139 MODULE_LICENSE("GPL");
This page took 0.055742 seconds and 5 git commands to generate.