2 * Linux NET3: GRE over IP protocol decoder.
4 * Authors: Alexey Kuznetsov (kuznet@ms2.inr.ac.ru)
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version
9 * 2 of the License, or (at your option) any later version.
13 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
15 #include <linux/capability.h>
16 #include <linux/module.h>
17 #include <linux/types.h>
18 #include <linux/kernel.h>
19 #include <linux/slab.h>
20 #include <asm/uaccess.h>
21 #include <linux/skbuff.h>
22 #include <linux/netdevice.h>
24 #include <linux/tcp.h>
25 #include <linux/udp.h>
26 #include <linux/if_arp.h>
27 #include <linux/mroute.h>
28 #include <linux/init.h>
29 #include <linux/in6.h>
30 #include <linux/inetdevice.h>
31 #include <linux/igmp.h>
32 #include <linux/netfilter_ipv4.h>
33 #include <linux/etherdevice.h>
34 #include <linux/if_ether.h>
39 #include <net/protocol.h>
40 #include <net/ip_tunnels.h>
42 #include <net/checksum.h>
43 #include <net/dsfield.h>
44 #include <net/inet_ecn.h>
46 #include <net/net_namespace.h>
47 #include <net/netns/generic.h>
48 #include <net/rtnetlink.h>
51 #if IS_ENABLED(CONFIG_IPV6)
53 #include <net/ip6_fib.h>
54 #include <net/ip6_route.h>
61 1. The most important issue is detecting local dead loops.
62 They would cause complete host lockup in transmit, which
63 would be "resolved" by stack overflow or, if queueing is enabled,
64 with infinite looping in net_bh.
66 We cannot track such dead loops during route installation,
67 it is infeasible task. The most general solutions would be
68 to keep skb->encapsulation counter (sort of local ttl),
69 and silently drop packet when it expires. It is a good
70 solution, but it supposes maintaining new variable in ALL
71 skb, even if no tunneling is used.
73 Current solution: xmit_recursion breaks dead loops. This is a percpu
74 counter, since when we enter the first ndo_xmit(), cpu migration is
75 forbidden. We force an exit if this counter reaches RECURSION_LIMIT
77 2. Networking dead loops would not kill routers, but would really
78 kill network. IP hop limit plays role of "t->recursion" in this case,
79 if we copy it from packet being encapsulated to upper header.
80 It is very good solution, but it introduces two problems:
82 - Routing protocols, using packets with ttl=1 (OSPF, RIP2),
83 do not work over tunnels.
84 - traceroute does not work. I planned to relay ICMP from tunnel,
85 so that this problem would be solved and traceroute output
86 would even more informative. This idea appeared to be wrong:
87 only Linux complies to rfc1812 now (yes, guys, Linux is the only
88 true router now :-)), all routers (at least, in neighbourhood of mine)
89 return only 8 bytes of payload. It is the end.
91 Hence, if we want that OSPF worked or traceroute said something reasonable,
92 we should search for another solution.
94 One of them is to parse packet trying to detect inner encapsulation
95 made by our node. It is difficult or even impossible, especially,
96 taking into account fragmentation. TO be short, ttl is not solution at all.
98 Current solution: The solution was UNEXPECTEDLY SIMPLE.
99 We force DF flag on tunnels with preconfigured hop limit,
100 that is ALL. :-) Well, it does not remove the problem completely,
101 but exponential growth of network traffic is changed to linear
102 (branches, that exceed pmtu are pruned) and tunnel mtu
103 rapidly degrades to value <68, where looping stops.
104 Yes, it is not good if there exists a router in the loop,
105 which does not force DF, even when encapsulating packets have DF set.
106 But it is not our problem! Nobody could accuse us, we made
107 all that we could make. Even if it is your gated who injected
108 fatal route to network, even if it were you who configured
109 fatal static route: you are innocent. :-)
114 static bool log_ecn_error = true;
115 module_param(log_ecn_error, bool, 0644);
116 MODULE_PARM_DESC(log_ecn_error, "Log packets received with corrupted ECN");
118 static struct rtnl_link_ops ipgre_link_ops __read_mostly;
119 static int ipgre_tunnel_init(struct net_device *dev);
121 static int ipgre_net_id __read_mostly;
122 static int gre_tap_net_id __read_mostly;
124 static __sum16 check_checksum(struct sk_buff *skb)
128 switch (skb->ip_summed) {
129 case CHECKSUM_COMPLETE:
130 csum = csum_fold(skb->csum);
138 csum = __skb_checksum_complete(skb);
139 skb->ip_summed = CHECKSUM_COMPLETE;
146 static int ip_gre_calc_hlen(__be16 o_flags)
150 if (o_flags&TUNNEL_CSUM)
152 if (o_flags&TUNNEL_KEY)
154 if (o_flags&TUNNEL_SEQ)
159 static int parse_gre_header(struct sk_buff *skb, struct tnl_ptk_info *tpi,
160 bool *csum_err, int *hdr_len)
162 struct iphdr *iph = ip_hdr(skb);
163 struct gre_base_hdr *greh;
166 if (unlikely(!pskb_may_pull(skb, sizeof(struct gre_base_hdr))))
169 greh = (struct gre_base_hdr *)((u8 *)iph + (iph->ihl << 2));
170 if (unlikely(greh->flags & (GRE_VERSION | GRE_ROUTING)))
173 tpi->flags = gre_flags_to_tnl_flags(greh->flags);
174 *hdr_len = ip_gre_calc_hlen(tpi->flags);
176 if (!pskb_may_pull(skb, *hdr_len))
179 tpi->proto = greh->protocol;
181 options = (__be32 *)(greh + 1);
182 if (greh->flags & GRE_CSUM) {
183 if (check_checksum(skb)) {
190 if (greh->flags & GRE_KEY) {
196 if (unlikely(greh->flags & GRE_SEQ)) {
202 /* WCCP version 1 and 2 protocol decoding.
203 * - Change protocol to IP
204 * - When dealing with WCCPv2, Skip extra 4 bytes in GRE header
206 if (greh->flags == 0 && tpi->proto == htons(ETH_P_WCCP)) {
207 tpi->proto = htons(ETH_P_IP);
208 if ((*(u8 *)options & 0xF0) != 0x40) {
210 if (!pskb_may_pull(skb, *hdr_len))
218 static void ipgre_err(struct sk_buff *skb, u32 info)
221 /* All the routers (except for Linux) return only
222 8 bytes of packet payload. It means, that precise relaying of
223 ICMP in the real Internet is absolutely infeasible.
225 Moreover, Cisco "wise men" put GRE key to the third word
226 in GRE header. It makes impossible maintaining even soft
227 state for keyed GRE tunnels with enabled checksum. Tell
230 Well, I wonder, rfc1812 was written by Cisco employee,
231 what the hell these idiots break standards established
234 struct net *net = dev_net(skb->dev);
235 struct ip_tunnel_net *itn;
236 const struct iphdr *iph = (const struct iphdr *)skb->data;
237 const int type = icmp_hdr(skb)->type;
238 const int code = icmp_hdr(skb)->code;
240 struct tnl_ptk_info tpi;
242 bool csum_err = false;
244 if (parse_gre_header(skb, &tpi, &csum_err, &hdr_len)) {
245 if (!csum_err) /* ignore csum errors. */
251 case ICMP_PARAMETERPROB:
254 case ICMP_DEST_UNREACH:
257 case ICMP_PORT_UNREACH:
258 /* Impossible event. */
261 /* All others are translated to HOST_UNREACH.
262 rfc2003 contains "deep thoughts" about NET_UNREACH,
263 I believe they are just ether pollution. --ANK
268 case ICMP_TIME_EXCEEDED:
269 if (code != ICMP_EXC_TTL)
277 if (tpi.proto == htons(ETH_P_TEB))
278 itn = net_generic(net, gre_tap_net_id);
280 itn = net_generic(net, ipgre_net_id);
282 t = ip_tunnel_lookup(itn, skb->dev->ifindex, tpi.flags,
283 iph->daddr, iph->saddr, tpi.key);
288 if (type == ICMP_DEST_UNREACH && code == ICMP_FRAG_NEEDED) {
289 ipv4_update_pmtu(skb, dev_net(skb->dev), info,
290 t->parms.link, 0, IPPROTO_GRE, 0);
293 if (type == ICMP_REDIRECT) {
294 ipv4_redirect(skb, dev_net(skb->dev), t->parms.link, 0,
298 if (t->parms.iph.daddr == 0 ||
299 ipv4_is_multicast(t->parms.iph.daddr))
302 if (t->parms.iph.ttl == 0 && type == ICMP_TIME_EXCEEDED)
305 if (time_before(jiffies, t->err_time + IPTUNNEL_ERR_TIMEO))
309 t->err_time = jiffies;
312 static int ipgre_rcv(struct sk_buff *skb)
314 struct net *net = dev_net(skb->dev);
315 struct ip_tunnel_net *itn;
316 const struct iphdr *iph;
317 struct ip_tunnel *tunnel;
318 struct tnl_ptk_info tpi;
320 bool csum_err = false;
322 if (parse_gre_header(skb, &tpi, &csum_err, &hdr_len) < 0)
325 if (tpi.proto == htons(ETH_P_TEB))
326 itn = net_generic(net, gre_tap_net_id);
328 itn = net_generic(net, ipgre_net_id);
331 tunnel = ip_tunnel_lookup(itn, skb->dev->ifindex, tpi.flags,
332 iph->saddr, iph->daddr, tpi.key);
335 ip_tunnel_rcv(tunnel, skb, &tpi, log_ecn_error);
338 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_PORT_UNREACH, 0);
344 static struct sk_buff *handle_offloads(struct ip_tunnel *tunnel, struct sk_buff *skb)
348 if (skb_is_gso(skb)) {
349 err = skb_unclone(skb, GFP_ATOMIC);
352 skb_shinfo(skb)->gso_type |= SKB_GSO_GRE;
354 } else if (skb->ip_summed == CHECKSUM_PARTIAL &&
355 tunnel->parms.o_flags&TUNNEL_CSUM) {
356 err = skb_checksum_help(skb);
359 } else if (skb->ip_summed != CHECKSUM_PARTIAL)
360 skb->ip_summed = CHECKSUM_NONE;
369 static struct sk_buff *gre_build_header(struct sk_buff *skb,
370 const struct tnl_ptk_info *tpi,
373 struct gre_base_hdr *greh;
375 skb_push(skb, hdr_len);
377 greh = (struct gre_base_hdr *)skb->data;
378 greh->flags = tnl_flags_to_gre_flags(tpi->flags);
379 greh->protocol = tpi->proto;
381 if (tpi->flags&(TUNNEL_KEY|TUNNEL_CSUM|TUNNEL_SEQ)) {
382 __be32 *ptr = (__be32 *)(((u8 *)greh) + hdr_len - 4);
384 if (tpi->flags&TUNNEL_SEQ) {
388 if (tpi->flags&TUNNEL_KEY) {
392 if (tpi->flags&TUNNEL_CSUM &&
393 !(skb_shinfo(skb)->gso_type & SKB_GSO_GRE)) {
395 *(__sum16 *)ptr = csum_fold(skb_checksum(skb, 0,
403 static void __gre_xmit(struct sk_buff *skb, struct net_device *dev,
404 const struct iphdr *tnl_params,
407 struct ip_tunnel *tunnel = netdev_priv(dev);
408 struct tnl_ptk_info tpi;
410 if (likely(!skb->encapsulation)) {
411 skb_reset_inner_headers(skb);
412 skb->encapsulation = 1;
415 tpi.flags = tunnel->parms.o_flags;
417 tpi.key = tunnel->parms.o_key;
418 if (tunnel->parms.o_flags & TUNNEL_SEQ)
420 tpi.seq = htonl(tunnel->o_seqno);
422 /* Push GRE header. */
423 skb = gre_build_header(skb, &tpi, tunnel->hlen);
424 if (unlikely(!skb)) {
425 dev->stats.tx_dropped++;
429 ip_tunnel_xmit(skb, dev, tnl_params);
432 static netdev_tx_t ipgre_xmit(struct sk_buff *skb,
433 struct net_device *dev)
435 struct ip_tunnel *tunnel = netdev_priv(dev);
436 const struct iphdr *tnl_params;
438 skb = handle_offloads(tunnel, skb);
442 if (dev->header_ops) {
443 /* Need space for new headers */
444 if (skb_cow_head(skb, dev->needed_headroom -
445 (tunnel->hlen + sizeof(struct iphdr))));
448 tnl_params = (const struct iphdr *)skb->data;
450 /* Pull skb since ip_tunnel_xmit() needs skb->data pointing
453 skb_pull(skb, tunnel->hlen + sizeof(struct iphdr));
455 if (skb_cow_head(skb, dev->needed_headroom))
458 tnl_params = &tunnel->parms.iph;
461 __gre_xmit(skb, dev, tnl_params, skb->protocol);
468 dev->stats.tx_dropped++;
472 static netdev_tx_t gre_tap_xmit(struct sk_buff *skb,
473 struct net_device *dev)
475 struct ip_tunnel *tunnel = netdev_priv(dev);
477 skb = handle_offloads(tunnel, skb);
481 if (skb_cow_head(skb, dev->needed_headroom))
484 __gre_xmit(skb, dev, &tunnel->parms.iph, htons(ETH_P_TEB));
491 dev->stats.tx_dropped++;
495 static int ipgre_tunnel_ioctl(struct net_device *dev,
496 struct ifreq *ifr, int cmd)
499 struct ip_tunnel_parm p;
501 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p)))
503 if (p.iph.version != 4 || p.iph.protocol != IPPROTO_GRE ||
504 p.iph.ihl != 5 || (p.iph.frag_off&htons(~IP_DF)) ||
505 ((p.i_flags|p.o_flags)&(GRE_VERSION|GRE_ROUTING))) {
508 p.i_flags = gre_flags_to_tnl_flags(p.i_flags);
509 p.o_flags = gre_flags_to_tnl_flags(p.o_flags);
511 err = ip_tunnel_ioctl(dev, &p, cmd);
515 p.i_flags = tnl_flags_to_gre_flags(p.i_flags);
516 p.o_flags = tnl_flags_to_gre_flags(p.o_flags);
518 if (copy_to_user(ifr->ifr_ifru.ifru_data, &p, sizeof(p)))
523 /* Nice toy. Unfortunately, useless in real life :-)
524 It allows to construct virtual multiprotocol broadcast "LAN"
525 over the Internet, provided multicast routing is tuned.
528 I have no idea was this bicycle invented before me,
529 so that I had to set ARPHRD_IPGRE to a random value.
530 I have an impression, that Cisco could make something similar,
531 but this feature is apparently missing in IOS<=11.2(8).
533 I set up 10.66.66/24 and fec0:6666:6666::0/96 as virtual networks
534 with broadcast 224.66.66.66. If you have access to mbone, play with me :-)
536 ping -t 255 224.66.66.66
538 If nobody answers, mbone does not work.
540 ip tunnel add Universe mode gre remote 224.66.66.66 local <Your_real_addr> ttl 255
541 ip addr add 10.66.66.<somewhat>/24 dev Universe
543 ifconfig Universe add fe80::<Your_real_addr>/10
544 ifconfig Universe add fec0:6666:6666::<Your_real_addr>/96
547 ftp fec0:6666:6666::193.233.7.65
550 static int ipgre_header(struct sk_buff *skb, struct net_device *dev,
552 const void *daddr, const void *saddr, unsigned int len)
554 struct ip_tunnel *t = netdev_priv(dev);
556 struct gre_base_hdr *greh;
558 iph = (struct iphdr *)skb_push(skb, t->hlen + sizeof(*iph));
559 greh = (struct gre_base_hdr *)(iph+1);
560 greh->flags = tnl_flags_to_gre_flags(t->parms.o_flags);
561 greh->protocol = htons(type);
563 memcpy(iph, &t->parms.iph, sizeof(struct iphdr));
565 /* Set the source hardware address. */
567 memcpy(&iph->saddr, saddr, 4);
569 memcpy(&iph->daddr, daddr, 4);
573 return -(t->hlen + sizeof(*iph));
576 static int ipgre_header_parse(const struct sk_buff *skb, unsigned char *haddr)
578 const struct iphdr *iph = (const struct iphdr *) skb_mac_header(skb);
579 memcpy(haddr, &iph->saddr, 4);
583 static const struct header_ops ipgre_header_ops = {
584 .create = ipgre_header,
585 .parse = ipgre_header_parse,
588 #ifdef CONFIG_NET_IPGRE_BROADCAST
589 static int ipgre_open(struct net_device *dev)
591 struct ip_tunnel *t = netdev_priv(dev);
593 if (ipv4_is_multicast(t->parms.iph.daddr)) {
597 rt = ip_route_output_gre(dev_net(dev), &fl4,
601 RT_TOS(t->parms.iph.tos),
604 return -EADDRNOTAVAIL;
607 if (__in_dev_get_rtnl(dev) == NULL)
608 return -EADDRNOTAVAIL;
609 t->mlink = dev->ifindex;
610 ip_mc_inc_group(__in_dev_get_rtnl(dev), t->parms.iph.daddr);
615 static int ipgre_close(struct net_device *dev)
617 struct ip_tunnel *t = netdev_priv(dev);
619 if (ipv4_is_multicast(t->parms.iph.daddr) && t->mlink) {
620 struct in_device *in_dev;
621 in_dev = inetdev_by_index(dev_net(dev), t->mlink);
623 ip_mc_dec_group(in_dev, t->parms.iph.daddr);
629 static const struct net_device_ops ipgre_netdev_ops = {
630 .ndo_init = ipgre_tunnel_init,
631 .ndo_uninit = ip_tunnel_uninit,
632 #ifdef CONFIG_NET_IPGRE_BROADCAST
633 .ndo_open = ipgre_open,
634 .ndo_stop = ipgre_close,
636 .ndo_start_xmit = ipgre_xmit,
637 .ndo_do_ioctl = ipgre_tunnel_ioctl,
638 .ndo_change_mtu = ip_tunnel_change_mtu,
639 .ndo_get_stats64 = ip_tunnel_get_stats64,
642 #define GRE_FEATURES (NETIF_F_SG | \
647 static void ipgre_tunnel_setup(struct net_device *dev)
649 dev->netdev_ops = &ipgre_netdev_ops;
650 ip_tunnel_setup(dev, ipgre_net_id);
653 static void __gre_tunnel_init(struct net_device *dev)
655 struct ip_tunnel *tunnel;
657 tunnel = netdev_priv(dev);
658 tunnel->hlen = ip_gre_calc_hlen(tunnel->parms.o_flags);
659 tunnel->parms.iph.protocol = IPPROTO_GRE;
661 dev->needed_headroom = LL_MAX_HEADER + sizeof(struct iphdr) + 4;
662 dev->mtu = ETH_DATA_LEN - sizeof(struct iphdr) - 4;
664 dev->features |= NETIF_F_NETNS_LOCAL | GRE_FEATURES;
665 dev->hw_features |= GRE_FEATURES;
667 if (!(tunnel->parms.o_flags & TUNNEL_SEQ)) {
668 /* TCP offload with GRE SEQ is not supported. */
669 dev->features |= NETIF_F_GSO_SOFTWARE;
670 dev->hw_features |= NETIF_F_GSO_SOFTWARE;
671 /* Can use a lockless transmit, unless we generate
674 dev->features |= NETIF_F_LLTX;
678 static int ipgre_tunnel_init(struct net_device *dev)
680 struct ip_tunnel *tunnel = netdev_priv(dev);
681 struct iphdr *iph = &tunnel->parms.iph;
683 __gre_tunnel_init(dev);
685 memcpy(dev->dev_addr, &iph->saddr, 4);
686 memcpy(dev->broadcast, &iph->daddr, 4);
688 dev->type = ARPHRD_IPGRE;
689 dev->flags = IFF_NOARP;
690 dev->priv_flags &= ~IFF_XMIT_DST_RELEASE;
694 #ifdef CONFIG_NET_IPGRE_BROADCAST
695 if (ipv4_is_multicast(iph->daddr)) {
698 dev->flags = IFF_BROADCAST;
699 dev->header_ops = &ipgre_header_ops;
703 dev->header_ops = &ipgre_header_ops;
705 return ip_tunnel_init(dev);
708 static const struct gre_protocol ipgre_protocol = {
709 .handler = ipgre_rcv,
710 .err_handler = ipgre_err,
713 static int __net_init ipgre_init_net(struct net *net)
715 return ip_tunnel_init_net(net, ipgre_net_id, &ipgre_link_ops, NULL);
718 static void __net_exit ipgre_exit_net(struct net *net)
720 struct ip_tunnel_net *itn = net_generic(net, ipgre_net_id);
721 ip_tunnel_delete_net(itn);
724 static struct pernet_operations ipgre_net_ops = {
725 .init = ipgre_init_net,
726 .exit = ipgre_exit_net,
728 .size = sizeof(struct ip_tunnel_net),
731 static int ipgre_tunnel_validate(struct nlattr *tb[], struct nlattr *data[])
739 if (data[IFLA_GRE_IFLAGS])
740 flags |= nla_get_be16(data[IFLA_GRE_IFLAGS]);
741 if (data[IFLA_GRE_OFLAGS])
742 flags |= nla_get_be16(data[IFLA_GRE_OFLAGS]);
743 if (flags & (GRE_VERSION|GRE_ROUTING))
749 static int ipgre_tap_validate(struct nlattr *tb[], struct nlattr *data[])
753 if (tb[IFLA_ADDRESS]) {
754 if (nla_len(tb[IFLA_ADDRESS]) != ETH_ALEN)
756 if (!is_valid_ether_addr(nla_data(tb[IFLA_ADDRESS])))
757 return -EADDRNOTAVAIL;
763 if (data[IFLA_GRE_REMOTE]) {
764 memcpy(&daddr, nla_data(data[IFLA_GRE_REMOTE]), 4);
770 return ipgre_tunnel_validate(tb, data);
773 static void ipgre_netlink_parms(struct nlattr *data[], struct nlattr *tb[],
774 struct ip_tunnel_parm *parms)
776 memset(parms, 0, sizeof(*parms));
778 parms->iph.protocol = IPPROTO_GRE;
783 if (data[IFLA_GRE_LINK])
784 parms->link = nla_get_u32(data[IFLA_GRE_LINK]);
786 if (data[IFLA_GRE_IFLAGS])
787 parms->i_flags = gre_flags_to_tnl_flags(nla_get_be16(data[IFLA_GRE_IFLAGS]));
789 if (data[IFLA_GRE_OFLAGS])
790 parms->o_flags = gre_flags_to_tnl_flags(nla_get_be16(data[IFLA_GRE_OFLAGS]));
792 if (data[IFLA_GRE_IKEY])
793 parms->i_key = nla_get_be32(data[IFLA_GRE_IKEY]);
795 if (data[IFLA_GRE_OKEY])
796 parms->o_key = nla_get_be32(data[IFLA_GRE_OKEY]);
798 if (data[IFLA_GRE_LOCAL])
799 parms->iph.saddr = nla_get_be32(data[IFLA_GRE_LOCAL]);
801 if (data[IFLA_GRE_REMOTE])
802 parms->iph.daddr = nla_get_be32(data[IFLA_GRE_REMOTE]);
804 if (data[IFLA_GRE_TTL])
805 parms->iph.ttl = nla_get_u8(data[IFLA_GRE_TTL]);
807 if (data[IFLA_GRE_TOS])
808 parms->iph.tos = nla_get_u8(data[IFLA_GRE_TOS]);
810 if (!data[IFLA_GRE_PMTUDISC] || nla_get_u8(data[IFLA_GRE_PMTUDISC]))
811 parms->iph.frag_off = htons(IP_DF);
814 static int gre_tap_init(struct net_device *dev)
816 __gre_tunnel_init(dev);
818 return ip_tunnel_init(dev);
821 static const struct net_device_ops gre_tap_netdev_ops = {
822 .ndo_init = gre_tap_init,
823 .ndo_uninit = ip_tunnel_uninit,
824 .ndo_start_xmit = gre_tap_xmit,
825 .ndo_set_mac_address = eth_mac_addr,
826 .ndo_validate_addr = eth_validate_addr,
827 .ndo_change_mtu = ip_tunnel_change_mtu,
828 .ndo_get_stats64 = ip_tunnel_get_stats64,
831 static void ipgre_tap_setup(struct net_device *dev)
834 dev->netdev_ops = &gre_tap_netdev_ops;
835 ip_tunnel_setup(dev, gre_tap_net_id);
838 static int ipgre_newlink(struct net *src_net, struct net_device *dev,
839 struct nlattr *tb[], struct nlattr *data[])
841 struct ip_tunnel_parm p;
843 ipgre_netlink_parms(data, tb, &p);
844 return ip_tunnel_newlink(dev, tb, &p);
847 static int ipgre_changelink(struct net_device *dev, struct nlattr *tb[],
848 struct nlattr *data[])
850 struct ip_tunnel_parm p;
852 ipgre_netlink_parms(data, tb, &p);
853 return ip_tunnel_changelink(dev, tb, &p);
856 static size_t ipgre_get_size(const struct net_device *dev)
861 /* IFLA_GRE_IFLAGS */
863 /* IFLA_GRE_OFLAGS */
871 /* IFLA_GRE_REMOTE */
877 /* IFLA_GRE_PMTUDISC */
882 static int ipgre_fill_info(struct sk_buff *skb, const struct net_device *dev)
884 struct ip_tunnel *t = netdev_priv(dev);
885 struct ip_tunnel_parm *p = &t->parms;
887 if (nla_put_u32(skb, IFLA_GRE_LINK, p->link) ||
888 nla_put_be16(skb, IFLA_GRE_IFLAGS, tnl_flags_to_gre_flags(p->i_flags)) ||
889 nla_put_be16(skb, IFLA_GRE_OFLAGS, tnl_flags_to_gre_flags(p->o_flags)) ||
890 nla_put_be32(skb, IFLA_GRE_IKEY, p->i_key) ||
891 nla_put_be32(skb, IFLA_GRE_OKEY, p->o_key) ||
892 nla_put_be32(skb, IFLA_GRE_LOCAL, p->iph.saddr) ||
893 nla_put_be32(skb, IFLA_GRE_REMOTE, p->iph.daddr) ||
894 nla_put_u8(skb, IFLA_GRE_TTL, p->iph.ttl) ||
895 nla_put_u8(skb, IFLA_GRE_TOS, p->iph.tos) ||
896 nla_put_u8(skb, IFLA_GRE_PMTUDISC,
897 !!(p->iph.frag_off & htons(IP_DF))))
898 goto nla_put_failure;
905 static const struct nla_policy ipgre_policy[IFLA_GRE_MAX + 1] = {
906 [IFLA_GRE_LINK] = { .type = NLA_U32 },
907 [IFLA_GRE_IFLAGS] = { .type = NLA_U16 },
908 [IFLA_GRE_OFLAGS] = { .type = NLA_U16 },
909 [IFLA_GRE_IKEY] = { .type = NLA_U32 },
910 [IFLA_GRE_OKEY] = { .type = NLA_U32 },
911 [IFLA_GRE_LOCAL] = { .len = FIELD_SIZEOF(struct iphdr, saddr) },
912 [IFLA_GRE_REMOTE] = { .len = FIELD_SIZEOF(struct iphdr, daddr) },
913 [IFLA_GRE_TTL] = { .type = NLA_U8 },
914 [IFLA_GRE_TOS] = { .type = NLA_U8 },
915 [IFLA_GRE_PMTUDISC] = { .type = NLA_U8 },
918 static struct rtnl_link_ops ipgre_link_ops __read_mostly = {
920 .maxtype = IFLA_GRE_MAX,
921 .policy = ipgre_policy,
922 .priv_size = sizeof(struct ip_tunnel),
923 .setup = ipgre_tunnel_setup,
924 .validate = ipgre_tunnel_validate,
925 .newlink = ipgre_newlink,
926 .changelink = ipgre_changelink,
927 .dellink = ip_tunnel_dellink,
928 .get_size = ipgre_get_size,
929 .fill_info = ipgre_fill_info,
932 static struct rtnl_link_ops ipgre_tap_ops __read_mostly = {
934 .maxtype = IFLA_GRE_MAX,
935 .policy = ipgre_policy,
936 .priv_size = sizeof(struct ip_tunnel),
937 .setup = ipgre_tap_setup,
938 .validate = ipgre_tap_validate,
939 .newlink = ipgre_newlink,
940 .changelink = ipgre_changelink,
941 .dellink = ip_tunnel_dellink,
942 .get_size = ipgre_get_size,
943 .fill_info = ipgre_fill_info,
946 static int __net_init ipgre_tap_init_net(struct net *net)
948 return ip_tunnel_init_net(net, gre_tap_net_id, &ipgre_tap_ops, NULL);
951 static void __net_exit ipgre_tap_exit_net(struct net *net)
953 struct ip_tunnel_net *itn = net_generic(net, gre_tap_net_id);
954 ip_tunnel_delete_net(itn);
957 static struct pernet_operations ipgre_tap_net_ops = {
958 .init = ipgre_tap_init_net,
959 .exit = ipgre_tap_exit_net,
960 .id = &gre_tap_net_id,
961 .size = sizeof(struct ip_tunnel_net),
964 static int __init ipgre_init(void)
968 pr_info("GRE over IPv4 tunneling driver\n");
970 err = register_pernet_device(&ipgre_net_ops);
974 err = register_pernet_device(&ipgre_tap_net_ops);
978 err = gre_add_protocol(&ipgre_protocol, GREPROTO_CISCO);
980 pr_info("%s: can't add protocol\n", __func__);
981 goto add_proto_failed;
984 err = rtnl_link_register(&ipgre_link_ops);
986 goto rtnl_link_failed;
988 err = rtnl_link_register(&ipgre_tap_ops);
995 rtnl_link_unregister(&ipgre_link_ops);
997 gre_del_protocol(&ipgre_protocol, GREPROTO_CISCO);
999 unregister_pernet_device(&ipgre_tap_net_ops);
1001 unregister_pernet_device(&ipgre_net_ops);
1005 static void __exit ipgre_fini(void)
1007 rtnl_link_unregister(&ipgre_tap_ops);
1008 rtnl_link_unregister(&ipgre_link_ops);
1009 if (gre_del_protocol(&ipgre_protocol, GREPROTO_CISCO) < 0)
1010 pr_info("%s: can't remove protocol\n", __func__);
1011 unregister_pernet_device(&ipgre_tap_net_ops);
1012 unregister_pernet_device(&ipgre_net_ops);
1015 module_init(ipgre_init);
1016 module_exit(ipgre_fini);
1017 MODULE_LICENSE("GPL");
1018 MODULE_ALIAS_RTNL_LINK("gre");
1019 MODULE_ALIAS_RTNL_LINK("gretap");
1020 MODULE_ALIAS_NETDEV("gre0");
1021 MODULE_ALIAS_NETDEV("gretap0");
projects / platform / adaptation / renesas_rcar / renesas_kernel.git / blob