1 /*
2 * Linux NET3: IP/IP protocol decoder.
3 *
4 * Authors:
5 * Sam Lantinga (slouken@cs.ucdavis.edu) 02/01/95
6 *
7 * Fixes:
8 * Alan Cox : Merged and made usable non modular (its so tiny its silly as
9 * a module taking up 2 pages).
10 * Alan Cox : Fixed bug with 1.3.18 and IPIP not working (now needs to set skb->h.iph)
11 * to keep ip_forward happy.
12 * Alan Cox : More fixes for 1.3.21, and firewall fix. Maybe this will work soon 8).
13 * Kai Schulte : Fixed #defines for IP_FIREWALL->FIREWALL
14 * David Woodhouse : Perform some basic ICMP handling.
15 * IPIP Routing without decapsulation.
16 * Carlos Picoto : GRE over IP support
17 * Alexey Kuznetsov: Reworked. Really, now it is truncated version of ipv4/ip_gre.c.
18 * I do not want to merge them together.
19 *
20 * This program is free software; you can redistribute it and/or
21 * modify it under the terms of the GNU General Public License
22 * as published by the Free Software Foundation; either version
23 * 2 of the License, or (at your option) any later version.
24 *
25 */
26
27 /* tunnel.c: an IP tunnel driver
28
29 The purpose of this driver is to provide an IP tunnel through
30 which you can tunnel network traffic transparently across subnets.
31
32 This was written by looking at Nick Holloway's dummy driver
33 Thanks for the great code!
34
35 -Sam Lantinga (slouken@cs.ucdavis.edu) 02/01/95
36
37 Minor tweaks:
38 Cleaned up the code a little and added some pre-1.3.0 tweaks.
39 dev->hard_header/hard_header_len changed to use no headers.
40 Comments/bracketing tweaked.
41 Made the tunnels use dev->name not tunnel: when error reporting.
42 Added tx_dropped stat
43
44 -Alan Cox (alan@lxorguk.ukuu.org.uk) 21 March 95
45
46 Reworked:
47 Changed to tunnel to destination gateway in addition to the
48 tunnel's pointopoint address
49 Almost completely rewritten
50 Note: There is currently no firewall or ICMP handling done.
51
52 -Sam Lantinga (slouken@cs.ucdavis.edu) 02/13/96
53
54 */
55
56 /* Things I wish I had known when writing the tunnel driver:
57
58 When the tunnel_xmit() function is called, the skb contains the
59 packet to be sent (plus a great deal of extra info), and dev
60 contains the tunnel device that _we_ are.
61
62 When we are passed a packet, we are expected to fill in the
63 source address with our source IP address.
64
65 What is the proper way to allocate, copy and free a buffer?
66 After you allocate it, it is a "0 length" chunk of memory
67 starting at zero. If you want to add headers to the buffer
68 later, you'll have to call "skb_reserve(skb, amount)" with
69 the amount of memory you want reserved. Then, you call
70 "skb_put(skb, amount)" with the amount of space you want in
71 the buffer. skb_put() returns a pointer to the top (#0) of
72 that buffer. skb->len is set to the amount of space you have
73 "allocated" with skb_put(). You can then write up to skb->len
74 bytes to that buffer. If you need more, you can call skb_put()
75 again with the additional amount of space you need. You can
76 find out how much more space you can allocate by calling
77 "skb_tailroom(skb)".
78 Now, to add header space, call "skb_push(skb, header_len)".
79 This creates space at the beginning of the buffer and returns
80 a pointer to this new space. If later you need to strip a
81 header from a buffer, call "skb_pull(skb, header_len)".
82 skb_headroom() will return how much space is left at the top
83 of the buffer (before the main data). Remember, this headroom
84 space must be reserved before the skb_put() function is called.
85 */
86
87 /*
88 This version of net/ipv4/ipip.c is cloned of net/ipv4/ip_gre.c
89
90 For comments look at net/ipv4/ip_gre.c --ANK
91 */
92
93
94 #include <linux/capability.h>
95 #include <linux/module.h>
96 #include <linux/types.h>
97 #include <linux/kernel.h>
98 #include <linux/slab.h>
99 #include <asm/uaccess.h>
100 #include <linux/skbuff.h>
101 #include <linux/netdevice.h>
102 #include <linux/in.h>
103 #include <linux/tcp.h>
104 #include <linux/udp.h>
105 #include <linux/if_arp.h>
106 #include <linux/init.h>
107 #include <linux/netfilter_ipv4.h>
108 #include <linux/if_ether.h>
109
110 #include <net/sock.h>
111 #include <net/ip.h>
112 #include <net/icmp.h>
113 #include <net/ip_tunnels.h>
114 #include <net/inet_ecn.h>
115 #include <net/xfrm.h>
116 #include <net/net_namespace.h>
117 #include <net/netns/generic.h>
118 #include <net/dst_metadata.h>
119
120 static bool log_ecn_error = true;
121 module_param(log_ecn_error, bool, 0644);
122 MODULE_PARM_DESC(log_ecn_error, "Log packets received with corrupted ECN");
123
124 static int ipip_net_id __read_mostly;
125
126 static int ipip_tunnel_init(struct net_device *dev);
127 static struct rtnl_link_ops ipip_link_ops __read_mostly;
128
ipip_err(struct sk_buff * skb,u32 info)129 static int ipip_err(struct sk_buff *skb, u32 info)
130 {
131 /* All the routers (except for Linux) return only
132 * 8 bytes of packet payload. It means, that precise relaying of
133 * ICMP in the real Internet is absolutely infeasible.
134 */
135 struct net *net = dev_net(skb->dev);
136 struct ip_tunnel_net *itn = net_generic(net, ipip_net_id);
137 const struct iphdr *iph = (const struct iphdr *)skb->data;
138 const int type = icmp_hdr(skb)->type;
139 const int code = icmp_hdr(skb)->code;
140 struct ip_tunnel *t;
141 int err = 0;
142
143 switch (type) {
144 case ICMP_DEST_UNREACH:
145 switch (code) {
146 case ICMP_SR_FAILED:
147 /* Impossible event. */
148 goto out;
149 default:
150 /* All others are translated to HOST_UNREACH.
151 * rfc2003 contains "deep thoughts" about NET_UNREACH,
152 * I believe they are just ether pollution. --ANK
153 */
154 break;
155 }
156 break;
157
158 case ICMP_TIME_EXCEEDED:
159 if (code != ICMP_EXC_TTL)
160 goto out;
161 break;
162
163 case ICMP_REDIRECT:
164 break;
165
166 default:
167 goto out;
168 }
169
170 t = ip_tunnel_lookup(itn, skb->dev->ifindex, TUNNEL_NO_KEY,
171 iph->daddr, iph->saddr, 0);
172 if (!t) {
173 err = -ENOENT;
174 goto out;
175 }
176
177 if (type == ICMP_DEST_UNREACH && code == ICMP_FRAG_NEEDED) {
178 ipv4_update_pmtu(skb, net, info, t->parms.link, 0,
179 iph->protocol, 0);
180 goto out;
181 }
182
183 if (type == ICMP_REDIRECT) {
184 ipv4_redirect(skb, net, t->parms.link, 0, iph->protocol, 0);
185 goto out;
186 }
187
188 if (t->parms.iph.daddr == 0) {
189 err = -ENOENT;
190 goto out;
191 }
192
193 if (t->parms.iph.ttl == 0 && type == ICMP_TIME_EXCEEDED)
194 goto out;
195
196 if (time_before(jiffies, t->err_time + IPTUNNEL_ERR_TIMEO))
197 t->err_count++;
198 else
199 t->err_count = 1;
200 t->err_time = jiffies;
201
202 out:
203 return err;
204 }
205
206 static const struct tnl_ptk_info ipip_tpi = {
207 /* no tunnel info required for ipip. */
208 .proto = htons(ETH_P_IP),
209 };
210
211 #if IS_ENABLED(CONFIG_MPLS)
212 static const struct tnl_ptk_info mplsip_tpi = {
213 /* no tunnel info required for mplsip. */
214 .proto = htons(ETH_P_MPLS_UC),
215 };
216 #endif
217
ipip_tunnel_rcv(struct sk_buff * skb,u8 ipproto)218 static int ipip_tunnel_rcv(struct sk_buff *skb, u8 ipproto)
219 {
220 struct net *net = dev_net(skb->dev);
221 struct ip_tunnel_net *itn = net_generic(net, ipip_net_id);
222 struct metadata_dst *tun_dst = NULL;
223 struct ip_tunnel *tunnel;
224 const struct iphdr *iph;
225
226 iph = ip_hdr(skb);
227 tunnel = ip_tunnel_lookup(itn, skb->dev->ifindex, TUNNEL_NO_KEY,
228 iph->saddr, iph->daddr, 0);
229 if (tunnel) {
230 const struct tnl_ptk_info *tpi;
231
232 if (tunnel->parms.iph.protocol != ipproto &&
233 tunnel->parms.iph.protocol != 0)
234 goto drop;
235
236 if (!xfrm4_policy_check(NULL, XFRM_POLICY_IN, skb))
237 goto drop;
238 #if IS_ENABLED(CONFIG_MPLS)
239 if (ipproto == IPPROTO_MPLS)
240 tpi = &mplsip_tpi;
241 else
242 #endif
243 tpi = &ipip_tpi;
244 if (iptunnel_pull_header(skb, 0, tpi->proto, false))
245 goto drop;
246 if (tunnel->collect_md) {
247 tun_dst = ip_tun_rx_dst(skb, 0, 0, 0);
248 if (!tun_dst)
249 return 0;
250 }
251 return ip_tunnel_rcv(tunnel, skb, tpi, tun_dst, log_ecn_error);
252 }
253
254 return -1;
255
256 drop:
257 kfree_skb(skb);
258 return 0;
259 }
260
ipip_rcv(struct sk_buff * skb)261 static int ipip_rcv(struct sk_buff *skb)
262 {
263 return ipip_tunnel_rcv(skb, IPPROTO_IPIP);
264 }
265
266 #if IS_ENABLED(CONFIG_MPLS)
mplsip_rcv(struct sk_buff * skb)267 static int mplsip_rcv(struct sk_buff *skb)
268 {
269 return ipip_tunnel_rcv(skb, IPPROTO_MPLS);
270 }
271 #endif
272
273 /*
274 * This function assumes it is being called from dev_queue_xmit()
275 * and that skb is filled properly by that function.
276 */
ipip_tunnel_xmit(struct sk_buff * skb,struct net_device * dev)277 static netdev_tx_t ipip_tunnel_xmit(struct sk_buff *skb,
278 struct net_device *dev)
279 {
280 struct ip_tunnel *tunnel = netdev_priv(dev);
281 const struct iphdr *tiph = &tunnel->parms.iph;
282 u8 ipproto;
283
284 switch (skb->protocol) {
285 case htons(ETH_P_IP):
286 ipproto = IPPROTO_IPIP;
287 break;
288 #if IS_ENABLED(CONFIG_MPLS)
289 case htons(ETH_P_MPLS_UC):
290 ipproto = IPPROTO_MPLS;
291 break;
292 #endif
293 default:
294 goto tx_error;
295 }
296
297 if (tiph->protocol != ipproto && tiph->protocol != 0)
298 goto tx_error;
299
300 if (iptunnel_handle_offloads(skb, SKB_GSO_IPXIP4))
301 goto tx_error;
302
303 skb_set_inner_ipproto(skb, ipproto);
304
305 if (tunnel->collect_md)
306 ip_md_tunnel_xmit(skb, dev, ipproto);
307 else
308 ip_tunnel_xmit(skb, dev, tiph, ipproto);
309 return NETDEV_TX_OK;
310
311 tx_error:
312 kfree_skb(skb);
313
314 dev->stats.tx_errors++;
315 return NETDEV_TX_OK;
316 }
317
ipip_tunnel_ioctl_verify_protocol(u8 ipproto)318 static bool ipip_tunnel_ioctl_verify_protocol(u8 ipproto)
319 {
320 switch (ipproto) {
321 case 0:
322 case IPPROTO_IPIP:
323 #if IS_ENABLED(CONFIG_MPLS)
324 case IPPROTO_MPLS:
325 #endif
326 return true;
327 }
328
329 return false;
330 }
331
332 static int
ipip_tunnel_ioctl(struct net_device * dev,struct ifreq * ifr,int cmd)333 ipip_tunnel_ioctl(struct net_device *dev, struct ifreq *ifr, int cmd)
334 {
335 int err = 0;
336 struct ip_tunnel_parm p;
337
338 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p)))
339 return -EFAULT;
340
341 if (cmd == SIOCADDTUNNEL || cmd == SIOCCHGTUNNEL) {
342 if (p.iph.version != 4 ||
343 !ipip_tunnel_ioctl_verify_protocol(p.iph.protocol) ||
344 p.iph.ihl != 5 || (p.iph.frag_off&htons(~IP_DF)))
345 return -EINVAL;
346 }
347
348 p.i_key = p.o_key = 0;
349 p.i_flags = p.o_flags = 0;
350 err = ip_tunnel_ioctl(dev, &p, cmd);
351 if (err)
352 return err;
353
354 if (copy_to_user(ifr->ifr_ifru.ifru_data, &p, sizeof(p)))
355 return -EFAULT;
356
357 return 0;
358 }
359
360 static const struct net_device_ops ipip_netdev_ops = {
361 .ndo_init = ipip_tunnel_init,
362 .ndo_uninit = ip_tunnel_uninit,
363 .ndo_start_xmit = ipip_tunnel_xmit,
364 .ndo_do_ioctl = ipip_tunnel_ioctl,
365 .ndo_change_mtu = ip_tunnel_change_mtu,
366 .ndo_get_stats64 = ip_tunnel_get_stats64,
367 .ndo_get_iflink = ip_tunnel_get_iflink,
368 };
369
370 #define IPIP_FEATURES (NETIF_F_SG | \
371 NETIF_F_FRAGLIST | \
372 NETIF_F_HIGHDMA | \
373 NETIF_F_GSO_SOFTWARE | \
374 NETIF_F_HW_CSUM)
375
ipip_tunnel_setup(struct net_device * dev)376 static void ipip_tunnel_setup(struct net_device *dev)
377 {
378 dev->netdev_ops = &ipip_netdev_ops;
379
380 dev->type = ARPHRD_TUNNEL;
381 dev->flags = IFF_NOARP;
382 dev->addr_len = 4;
383 dev->features |= NETIF_F_LLTX;
384 netif_keep_dst(dev);
385
386 dev->features |= IPIP_FEATURES;
387 dev->hw_features |= IPIP_FEATURES;
388 ip_tunnel_setup(dev, ipip_net_id);
389 }
390
ipip_tunnel_init(struct net_device * dev)391 static int ipip_tunnel_init(struct net_device *dev)
392 {
393 struct ip_tunnel *tunnel = netdev_priv(dev);
394
395 memcpy(dev->dev_addr, &tunnel->parms.iph.saddr, 4);
396 memcpy(dev->broadcast, &tunnel->parms.iph.daddr, 4);
397
398 tunnel->tun_hlen = 0;
399 tunnel->hlen = tunnel->tun_hlen + tunnel->encap_hlen;
400 return ip_tunnel_init(dev);
401 }
402
ipip_tunnel_validate(struct nlattr * tb[],struct nlattr * data[])403 static int ipip_tunnel_validate(struct nlattr *tb[], struct nlattr *data[])
404 {
405 u8 proto;
406
407 if (!data || !data[IFLA_IPTUN_PROTO])
408 return 0;
409
410 proto = nla_get_u8(data[IFLA_IPTUN_PROTO]);
411 if (proto != IPPROTO_IPIP && proto != IPPROTO_MPLS && proto != 0)
412 return -EINVAL;
413
414 return 0;
415 }
416
ipip_netlink_parms(struct nlattr * data[],struct ip_tunnel_parm * parms,bool * collect_md)417 static void ipip_netlink_parms(struct nlattr *data[],
418 struct ip_tunnel_parm *parms, bool *collect_md)
419 {
420 memset(parms, 0, sizeof(*parms));
421
422 parms->iph.version = 4;
423 parms->iph.protocol = IPPROTO_IPIP;
424 parms->iph.ihl = 5;
425 *collect_md = false;
426
427 if (!data)
428 return;
429
430 if (data[IFLA_IPTUN_LINK])
431 parms->link = nla_get_u32(data[IFLA_IPTUN_LINK]);
432
433 if (data[IFLA_IPTUN_LOCAL])
434 parms->iph.saddr = nla_get_in_addr(data[IFLA_IPTUN_LOCAL]);
435
436 if (data[IFLA_IPTUN_REMOTE])
437 parms->iph.daddr = nla_get_in_addr(data[IFLA_IPTUN_REMOTE]);
438
439 if (data[IFLA_IPTUN_TTL]) {
440 parms->iph.ttl = nla_get_u8(data[IFLA_IPTUN_TTL]);
441 if (parms->iph.ttl)
442 parms->iph.frag_off = htons(IP_DF);
443 }
444
445 if (data[IFLA_IPTUN_TOS])
446 parms->iph.tos = nla_get_u8(data[IFLA_IPTUN_TOS]);
447
448 if (data[IFLA_IPTUN_PROTO])
449 parms->iph.protocol = nla_get_u8(data[IFLA_IPTUN_PROTO]);
450
451 if (!data[IFLA_IPTUN_PMTUDISC] || nla_get_u8(data[IFLA_IPTUN_PMTUDISC]))
452 parms->iph.frag_off = htons(IP_DF);
453
454 if (data[IFLA_IPTUN_COLLECT_METADATA])
455 *collect_md = true;
456 }
457
458 /* This function returns true when ENCAP attributes are present in the nl msg */
ipip_netlink_encap_parms(struct nlattr * data[],struct ip_tunnel_encap * ipencap)459 static bool ipip_netlink_encap_parms(struct nlattr *data[],
460 struct ip_tunnel_encap *ipencap)
461 {
462 bool ret = false;
463
464 memset(ipencap, 0, sizeof(*ipencap));
465
466 if (!data)
467 return ret;
468
469 if (data[IFLA_IPTUN_ENCAP_TYPE]) {
470 ret = true;
471 ipencap->type = nla_get_u16(data[IFLA_IPTUN_ENCAP_TYPE]);
472 }
473
474 if (data[IFLA_IPTUN_ENCAP_FLAGS]) {
475 ret = true;
476 ipencap->flags = nla_get_u16(data[IFLA_IPTUN_ENCAP_FLAGS]);
477 }
478
479 if (data[IFLA_IPTUN_ENCAP_SPORT]) {
480 ret = true;
481 ipencap->sport = nla_get_be16(data[IFLA_IPTUN_ENCAP_SPORT]);
482 }
483
484 if (data[IFLA_IPTUN_ENCAP_DPORT]) {
485 ret = true;
486 ipencap->dport = nla_get_be16(data[IFLA_IPTUN_ENCAP_DPORT]);
487 }
488
489 return ret;
490 }
491
ipip_newlink(struct net * src_net,struct net_device * dev,struct nlattr * tb[],struct nlattr * data[])492 static int ipip_newlink(struct net *src_net, struct net_device *dev,
493 struct nlattr *tb[], struct nlattr *data[])
494 {
495 struct ip_tunnel *t = netdev_priv(dev);
496 struct ip_tunnel_parm p;
497 struct ip_tunnel_encap ipencap;
498
499 if (ipip_netlink_encap_parms(data, &ipencap)) {
500 int err = ip_tunnel_encap_setup(t, &ipencap);
501
502 if (err < 0)
503 return err;
504 }
505
506 ipip_netlink_parms(data, &p, &t->collect_md);
507 return ip_tunnel_newlink(dev, tb, &p);
508 }
509
ipip_changelink(struct net_device * dev,struct nlattr * tb[],struct nlattr * data[])510 static int ipip_changelink(struct net_device *dev, struct nlattr *tb[],
511 struct nlattr *data[])
512 {
513 struct ip_tunnel_parm p;
514 struct ip_tunnel_encap ipencap;
515 bool collect_md;
516
517 if (ipip_netlink_encap_parms(data, &ipencap)) {
518 struct ip_tunnel *t = netdev_priv(dev);
519 int err = ip_tunnel_encap_setup(t, &ipencap);
520
521 if (err < 0)
522 return err;
523 }
524
525 ipip_netlink_parms(data, &p, &collect_md);
526 if (collect_md)
527 return -EINVAL;
528
529 if (((dev->flags & IFF_POINTOPOINT) && !p.iph.daddr) ||
530 (!(dev->flags & IFF_POINTOPOINT) && p.iph.daddr))
531 return -EINVAL;
532
533 return ip_tunnel_changelink(dev, tb, &p);
534 }
535
ipip_get_size(const struct net_device * dev)536 static size_t ipip_get_size(const struct net_device *dev)
537 {
538 return
539 /* IFLA_IPTUN_LINK */
540 nla_total_size(4) +
541 /* IFLA_IPTUN_LOCAL */
542 nla_total_size(4) +
543 /* IFLA_IPTUN_REMOTE */
544 nla_total_size(4) +
545 /* IFLA_IPTUN_TTL */
546 nla_total_size(1) +
547 /* IFLA_IPTUN_TOS */
548 nla_total_size(1) +
549 /* IFLA_IPTUN_PROTO */
550 nla_total_size(1) +
551 /* IFLA_IPTUN_PMTUDISC */
552 nla_total_size(1) +
553 /* IFLA_IPTUN_ENCAP_TYPE */
554 nla_total_size(2) +
555 /* IFLA_IPTUN_ENCAP_FLAGS */
556 nla_total_size(2) +
557 /* IFLA_IPTUN_ENCAP_SPORT */
558 nla_total_size(2) +
559 /* IFLA_IPTUN_ENCAP_DPORT */
560 nla_total_size(2) +
561 /* IFLA_IPTUN_COLLECT_METADATA */
562 nla_total_size(0) +
563 0;
564 }
565
ipip_fill_info(struct sk_buff * skb,const struct net_device * dev)566 static int ipip_fill_info(struct sk_buff *skb, const struct net_device *dev)
567 {
568 struct ip_tunnel *tunnel = netdev_priv(dev);
569 struct ip_tunnel_parm *parm = &tunnel->parms;
570
571 if (nla_put_u32(skb, IFLA_IPTUN_LINK, parm->link) ||
572 nla_put_in_addr(skb, IFLA_IPTUN_LOCAL, parm->iph.saddr) ||
573 nla_put_in_addr(skb, IFLA_IPTUN_REMOTE, parm->iph.daddr) ||
574 nla_put_u8(skb, IFLA_IPTUN_TTL, parm->iph.ttl) ||
575 nla_put_u8(skb, IFLA_IPTUN_TOS, parm->iph.tos) ||
576 nla_put_u8(skb, IFLA_IPTUN_PROTO, parm->iph.protocol) ||
577 nla_put_u8(skb, IFLA_IPTUN_PMTUDISC,
578 !!(parm->iph.frag_off & htons(IP_DF))))
579 goto nla_put_failure;
580
581 if (nla_put_u16(skb, IFLA_IPTUN_ENCAP_TYPE,
582 tunnel->encap.type) ||
583 nla_put_be16(skb, IFLA_IPTUN_ENCAP_SPORT,
584 tunnel->encap.sport) ||
585 nla_put_be16(skb, IFLA_IPTUN_ENCAP_DPORT,
586 tunnel->encap.dport) ||
587 nla_put_u16(skb, IFLA_IPTUN_ENCAP_FLAGS,
588 tunnel->encap.flags))
589 goto nla_put_failure;
590
591 if (tunnel->collect_md)
592 if (nla_put_flag(skb, IFLA_IPTUN_COLLECT_METADATA))
593 goto nla_put_failure;
594 return 0;
595
596 nla_put_failure:
597 return -EMSGSIZE;
598 }
599
600 static const struct nla_policy ipip_policy[IFLA_IPTUN_MAX + 1] = {
601 [IFLA_IPTUN_LINK] = { .type = NLA_U32 },
602 [IFLA_IPTUN_LOCAL] = { .type = NLA_U32 },
603 [IFLA_IPTUN_REMOTE] = { .type = NLA_U32 },
604 [IFLA_IPTUN_TTL] = { .type = NLA_U8 },
605 [IFLA_IPTUN_TOS] = { .type = NLA_U8 },
606 [IFLA_IPTUN_PROTO] = { .type = NLA_U8 },
607 [IFLA_IPTUN_PMTUDISC] = { .type = NLA_U8 },
608 [IFLA_IPTUN_ENCAP_TYPE] = { .type = NLA_U16 },
609 [IFLA_IPTUN_ENCAP_FLAGS] = { .type = NLA_U16 },
610 [IFLA_IPTUN_ENCAP_SPORT] = { .type = NLA_U16 },
611 [IFLA_IPTUN_ENCAP_DPORT] = { .type = NLA_U16 },
612 [IFLA_IPTUN_COLLECT_METADATA] = { .type = NLA_FLAG },
613 };
614
615 static struct rtnl_link_ops ipip_link_ops __read_mostly = {
616 .kind = "ipip",
617 .maxtype = IFLA_IPTUN_MAX,
618 .policy = ipip_policy,
619 .priv_size = sizeof(struct ip_tunnel),
620 .setup = ipip_tunnel_setup,
621 .validate = ipip_tunnel_validate,
622 .newlink = ipip_newlink,
623 .changelink = ipip_changelink,
624 .dellink = ip_tunnel_dellink,
625 .get_size = ipip_get_size,
626 .fill_info = ipip_fill_info,
627 .get_link_net = ip_tunnel_get_link_net,
628 };
629
630 static struct xfrm_tunnel ipip_handler __read_mostly = {
631 .handler = ipip_rcv,
632 .err_handler = ipip_err,
633 .priority = 1,
634 };
635
636 #if IS_ENABLED(CONFIG_MPLS)
637 static struct xfrm_tunnel mplsip_handler __read_mostly = {
638 .handler = mplsip_rcv,
639 .err_handler = ipip_err,
640 .priority = 1,
641 };
642 #endif
643
ipip_init_net(struct net * net)644 static int __net_init ipip_init_net(struct net *net)
645 {
646 return ip_tunnel_init_net(net, ipip_net_id, &ipip_link_ops, "tunl0");
647 }
648
ipip_exit_net(struct net * net)649 static void __net_exit ipip_exit_net(struct net *net)
650 {
651 struct ip_tunnel_net *itn = net_generic(net, ipip_net_id);
652 ip_tunnel_delete_net(itn, &ipip_link_ops);
653 }
654
655 static struct pernet_operations ipip_net_ops = {
656 .init = ipip_init_net,
657 .exit = ipip_exit_net,
658 .id = &ipip_net_id,
659 .size = sizeof(struct ip_tunnel_net),
660 };
661
ipip_init(void)662 static int __init ipip_init(void)
663 {
664 int err;
665
666 pr_info("ipip: IPv4 and MPLS over IPv4 tunneling driver\n");
667
668 err = register_pernet_device(&ipip_net_ops);
669 if (err < 0)
670 return err;
671 err = xfrm4_tunnel_register(&ipip_handler, AF_INET);
672 if (err < 0) {
673 pr_info("%s: can't register tunnel\n", __func__);
674 goto xfrm_tunnel_ipip_failed;
675 }
676 #if IS_ENABLED(CONFIG_MPLS)
677 err = xfrm4_tunnel_register(&mplsip_handler, AF_MPLS);
678 if (err < 0) {
679 pr_info("%s: can't register tunnel\n", __func__);
680 goto xfrm_tunnel_mplsip_failed;
681 }
682 #endif
683 err = rtnl_link_register(&ipip_link_ops);
684 if (err < 0)
685 goto rtnl_link_failed;
686
687 out:
688 return err;
689
690 rtnl_link_failed:
691 #if IS_ENABLED(CONFIG_MPLS)
692 xfrm4_tunnel_deregister(&mplsip_handler, AF_INET);
693 xfrm_tunnel_mplsip_failed:
694
695 #endif
696 xfrm4_tunnel_deregister(&ipip_handler, AF_INET);
697 xfrm_tunnel_ipip_failed:
698 unregister_pernet_device(&ipip_net_ops);
699 goto out;
700 }
701
ipip_fini(void)702 static void __exit ipip_fini(void)
703 {
704 rtnl_link_unregister(&ipip_link_ops);
705 if (xfrm4_tunnel_deregister(&ipip_handler, AF_INET))
706 pr_info("%s: can't deregister tunnel\n", __func__);
707 #if IS_ENABLED(CONFIG_MPLS)
708 if (xfrm4_tunnel_deregister(&mplsip_handler, AF_MPLS))
709 pr_info("%s: can't deregister tunnel\n", __func__);
710 #endif
711 unregister_pernet_device(&ipip_net_ops);
712 }
713
714 module_init(ipip_init);
715 module_exit(ipip_fini);
716 MODULE_LICENSE("GPL");
717 MODULE_ALIAS_RTNL_LINK("ipip");
718 MODULE_ALIAS_NETDEV("tunl0");
719