tunnel4: add cb_handler to struct xfrm_tunnel

This patch is to register a callback function tunnel4_rcv_cb with
is_ipip set in a xfrm_input_afinfo object for tunnel4 and tunnel64.

It will be called by xfrm_rcv_cb() from xfrm_input() when family
is AF_INET and proto is IPPROTO_IPIP or IPPROTO_IPV6.

v1->v2:
  - Fix a sparse warning caused by the missing "__rcu", as Jakub
    noticed.
  - Handle the err returned by xfrm_input_register_afinfo() in
    tunnel4_init/fini(), as Sabrina noticed.
v2->v3:
  - Add "#if IS_ENABLED(CONFIG_INET_XFRM_TUNNEL)" to fix the build error
    when xfrm is disabled, reported by kbuild test robot.

Signed-off-by: Xin Long <lucien.xin@gmail.com>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>

diff --git a/include/net/xfrm.h b/include/net/xfrm.h
index 4666bc9..c1ec629 100644 (file)
--- a/include/net/xfrm.h
+++ b/include/net/xfrm.h
@@ -1416,6 +1416,7 @@ struct xfrm6_protocol {
 /* XFRM tunnel handlers.  */
 struct xfrm_tunnel {
        int (*handler)(struct sk_buff *skb);
+       int (*cb_handler)(struct sk_buff *skb, int err);
        int (*err_handler)(struct sk_buff *skb, u32 info);
 
        struct xfrm_tunnel __rcu *next;

diff --git a/net/ipv4/tunnel4.c b/net/ipv4/tunnel4.c
index c4b2ccb..e44aaf4 100644 (file)
--- a/net/ipv4/tunnel4.c
+++ b/net/ipv4/tunnel4.c
@@ -110,6 +110,33 @@ drop:
        return 0;
 }
 
+#if IS_ENABLED(CONFIG_INET_XFRM_TUNNEL)
+static int tunnel4_rcv_cb(struct sk_buff *skb, u8 proto, int err)
+{
+       struct xfrm_tunnel __rcu *head;
+       struct xfrm_tunnel *handler;
+       int ret;
+
+       head = (proto == IPPROTO_IPIP) ? tunnel4_handlers : tunnel64_handlers;
+
+       for_each_tunnel_rcu(head, handler) {
+               if (handler->cb_handler) {
+                       ret = handler->cb_handler(skb, err);
+                       if (ret <= 0)
+                               return ret;
+               }
+       }
+
+       return 0;
+}
+
+static const struct xfrm_input_afinfo tunnel4_input_afinfo = {
+       .family         =       AF_INET,
+       .is_ipip        =       true,
+       .callback       =       tunnel4_rcv_cb,
+};
+#endif
+
 #if IS_ENABLED(CONFIG_IPV6)
 static int tunnel64_rcv(struct sk_buff *skb)
 {
@@ -231,6 +258,18 @@ static int __init tunnel4_init(void)
                goto err;
        }
 #endif
+#if IS_ENABLED(CONFIG_INET_XFRM_TUNNEL)
+       if (xfrm_input_register_afinfo(&tunnel4_input_afinfo)) {
+               inet_del_protocol(&tunnel4_protocol, IPPROTO_IPIP);
+#if IS_ENABLED(CONFIG_IPV6)
+               inet_del_protocol(&tunnel64_protocol, IPPROTO_IPV6);
+#endif
+#if IS_ENABLED(CONFIG_MPLS)
+               inet_del_protocol(&tunnelmpls4_protocol, IPPROTO_MPLS);
+#endif
+               goto err;
+       }
+#endif
        return 0;
 
 err:
@@ -240,6 +279,10 @@ err:
 
 static void __exit tunnel4_fini(void)
 {
+#if IS_ENABLED(CONFIG_INET_XFRM_TUNNEL)
+       if (xfrm_input_unregister_afinfo(&tunnel4_input_afinfo))
+               pr_err("tunnel4 close: can't remove input afinfo\n");
+#endif
 #if IS_ENABLED(CONFIG_MPLS)
        if (inet_del_protocol(&tunnelmpls4_protocol, IPPROTO_MPLS))
                pr_err("tunnelmpls4 close: can't remove protocol\n");