1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * Linux NET3: IP/IP protocol decoder. 4 * 5 * Authors: 6 * Sam Lantinga (slouken@cs.ucdavis.edu) 02/01/95 7 * 8 * Fixes: 9 * Alan Cox : Merged and made usable non modular (its so tiny its silly as 10 * a module taking up 2 pages). 11 * Alan Cox : Fixed bug with 1.3.18 and IPIP not working (now needs to set skb->h.iph) 12 * to keep ip_forward happy. 13 * Alan Cox : More fixes for 1.3.21, and firewall fix. Maybe this will work soon 8). 14 * Kai Schulte : Fixed #defines for IP_FIREWALL->FIREWALL 15 * David Woodhouse : Perform some basic ICMP handling. 16 * IPIP Routing without decapsulation. 17 * Carlos Picoto : GRE over IP support 18 * Alexey Kuznetsov: Reworked. Really, now it is truncated version of ipv4/ip_gre.c. 19 * I do not want to merge them together. 20 */ 21 22 /* tunnel.c: an IP tunnel driver 23 24 The purpose of this driver is to provide an IP tunnel through 25 which you can tunnel network traffic transparently across subnets. 26 27 This was written by looking at Nick Holloway's dummy driver 28 Thanks for the great code! 29 30 -Sam Lantinga (slouken@cs.ucdavis.edu) 02/01/95 31 32 Minor tweaks: 33 Cleaned up the code a little and added some pre-1.3.0 tweaks. 34 dev->hard_header/hard_header_len changed to use no headers. 35 Comments/bracketing tweaked. 36 Made the tunnels use dev->name not tunnel: when error reporting. 37 Added tx_dropped stat 38 39 -Alan Cox (alan@lxorguk.ukuu.org.uk) 21 March 95 40 41 Reworked: 42 Changed to tunnel to destination gateway in addition to the 43 tunnel's pointopoint address 44 Almost completely rewritten 45 Note: There is currently no firewall or ICMP handling done. 46 47 -Sam Lantinga (slouken@cs.ucdavis.edu) 02/13/96 48 49 */ 50 51 /* Things I wish I had known when writing the tunnel driver: 52 53 When the tunnel_xmit() function is called, the skb contains the 54 packet to be sent (plus a great deal of extra info), and dev 55 contains the tunnel device that _we_ are. 56 57 When we are passed a packet, we are expected to fill in the 58 source address with our source IP address. 59 60 What is the proper way to allocate, copy and free a buffer? 61 After you allocate it, it is a "0 length" chunk of memory 62 starting at zero. If you want to add headers to the buffer 63 later, you'll have to call "skb_reserve(skb, amount)" with 64 the amount of memory you want reserved. Then, you call 65 "skb_put(skb, amount)" with the amount of space you want in 66 the buffer. skb_put() returns a pointer to the top (#0) of 67 that buffer. skb->len is set to the amount of space you have 68 "allocated" with skb_put(). You can then write up to skb->len 69 bytes to that buffer. If you need more, you can call skb_put() 70 again with the additional amount of space you need. You can 71 find out how much more space you can allocate by calling 72 "skb_tailroom(skb)". 73 Now, to add header space, call "skb_push(skb, header_len)". 74 This creates space at the beginning of the buffer and returns 75 a pointer to this new space. If later you need to strip a 76 header from a buffer, call "skb_pull(skb, header_len)". 77 skb_headroom() will return how much space is left at the top 78 of the buffer (before the main data). Remember, this headroom 79 space must be reserved before the skb_put() function is called. 80 */ 81 82 /* 83 This version of net/ipv4/ipip.c is cloned of net/ipv4/ip_gre.c 84 85 For comments look at net/ipv4/ip_gre.c --ANK 86 */ 87 88 89 #include <linux/capability.h> 90 #include <linux/module.h> 91 #include <linux/types.h> 92 #include <linux/kernel.h> 93 #include <linux/slab.h> 94 #include <linux/uaccess.h> 95 #include <linux/skbuff.h> 96 #include <linux/netdevice.h> 97 #include <linux/in.h> 98 #include <linux/tcp.h> 99 #include <linux/udp.h> 100 #include <linux/if_arp.h> 101 #include <linux/init.h> 102 #include <linux/netfilter_ipv4.h> 103 #include <linux/if_ether.h> 104 105 #include <net/sock.h> 106 #include <net/ip.h> 107 #include <net/icmp.h> 108 #include <net/ip_tunnels.h> 109 #include <net/inet_ecn.h> 110 #include <net/xfrm.h> 111 #include <net/net_namespace.h> 112 #include <net/netns/generic.h> 113 #include <net/dst_metadata.h> 114 115 static bool log_ecn_error = true; 116 module_param(log_ecn_error, bool, 0644); 117 MODULE_PARM_DESC(log_ecn_error, "Log packets received with corrupted ECN"); 118 119 static unsigned int ipip_net_id __read_mostly; 120 121 static int ipip_tunnel_init(struct net_device *dev); 122 static struct rtnl_link_ops ipip_link_ops __read_mostly; 123 124 static int ipip_err(struct sk_buff *skb, u32 info) 125 { 126 /* All the routers (except for Linux) return only 127 * 8 bytes of packet payload. It means, that precise relaying of 128 * ICMP in the real Internet is absolutely infeasible. 129 */ 130 struct net *net = dev_net(skb->dev); 131 struct ip_tunnel_net *itn = net_generic(net, ipip_net_id); 132 const struct iphdr *iph = (const struct iphdr *)skb->data; 133 IP_TUNNEL_DECLARE_FLAGS(flags) = { }; 134 const int type = icmp_hdr(skb)->type; 135 const int code = icmp_hdr(skb)->code; 136 struct ip_tunnel *t; 137 int err = 0; 138 139 __set_bit(IP_TUNNEL_NO_KEY_BIT, flags); 140 141 t = ip_tunnel_lookup(itn, skb->dev->ifindex, flags, iph->daddr, 142 iph->saddr, 0); 143 if (!t) { 144 err = -ENOENT; 145 goto out; 146 } 147 148 switch (type) { 149 case ICMP_DEST_UNREACH: 150 switch (code) { 151 case ICMP_SR_FAILED: 152 /* Impossible event. */ 153 goto out; 154 default: 155 /* All others are translated to HOST_UNREACH. 156 * rfc2003 contains "deep thoughts" about NET_UNREACH, 157 * I believe they are just ether pollution. --ANK 158 */ 159 break; 160 } 161 break; 162 163 case ICMP_TIME_EXCEEDED: 164 if (code != ICMP_EXC_TTL) 165 goto out; 166 break; 167 168 case ICMP_REDIRECT: 169 break; 170 171 default: 172 goto out; 173 } 174 175 if (type == ICMP_DEST_UNREACH && code == ICMP_FRAG_NEEDED) { 176 ipv4_update_pmtu(skb, net, info, t->parms.link, iph->protocol); 177 goto out; 178 } 179 180 if (type == ICMP_REDIRECT) { 181 ipv4_redirect(skb, net, t->parms.link, iph->protocol); 182 goto out; 183 } 184 185 if (t->parms.iph.daddr == 0) { 186 err = -ENOENT; 187 goto out; 188 } 189 190 if (t->parms.iph.ttl == 0 && type == ICMP_TIME_EXCEEDED) 191 goto out; 192 193 if (time_before(jiffies, READ_ONCE(t->err_time) + IPTUNNEL_ERR_TIMEO)) 194 WRITE_ONCE(t->err_count, READ_ONCE(t->err_count) + 1); 195 else 196 WRITE_ONCE(t->err_count, 1); 197 WRITE_ONCE(t->err_time, jiffies); 198 199 out: 200 return err; 201 } 202 203 static const struct tnl_ptk_info ipip_tpi = { 204 /* no tunnel info required for ipip. */ 205 .proto = htons(ETH_P_IP), 206 }; 207 208 #if IS_ENABLED(CONFIG_MPLS) 209 static const struct tnl_ptk_info mplsip_tpi = { 210 /* no tunnel info required for mplsip. */ 211 .proto = htons(ETH_P_MPLS_UC), 212 }; 213 #endif 214 215 static int ipip_tunnel_rcv(struct sk_buff *skb, u8 ipproto) 216 { 217 struct net *net = dev_net(skb->dev); 218 struct ip_tunnel_net *itn = net_generic(net, ipip_net_id); 219 IP_TUNNEL_DECLARE_FLAGS(flags) = { }; 220 struct metadata_dst *tun_dst = NULL; 221 struct ip_tunnel *tunnel; 222 const struct iphdr *iph; 223 224 __set_bit(IP_TUNNEL_NO_KEY_BIT, flags); 225 226 iph = ip_hdr(skb); 227 tunnel = ip_tunnel_lookup(itn, skb->dev->ifindex, flags, iph->saddr, 228 iph->daddr, 0); 229 if (tunnel) { 230 const struct tnl_ptk_info *tpi; 231 232 if (tunnel->parms.iph.protocol != ipproto && 233 tunnel->parms.iph.protocol != 0) 234 goto drop; 235 236 if (!xfrm4_policy_check(NULL, XFRM_POLICY_IN, skb)) 237 goto drop; 238 #if IS_ENABLED(CONFIG_MPLS) 239 if (ipproto == IPPROTO_MPLS) 240 tpi = &mplsip_tpi; 241 else 242 #endif 243 tpi = &ipip_tpi; 244 if (iptunnel_pull_header(skb, 0, tpi->proto, false)) 245 goto drop; 246 if (tunnel->collect_md) { 247 ip_tunnel_flags_zero(flags); 248 249 tun_dst = ip_tun_rx_dst(skb, flags, 0, 0); 250 if (!tun_dst) 251 return 0; 252 ip_tunnel_md_udp_encap(skb, &tun_dst->u.tun_info); 253 } 254 skb_reset_mac_header(skb); 255 256 return ip_tunnel_rcv(tunnel, skb, tpi, tun_dst, log_ecn_error); 257 } 258 259 return -1; 260 261 drop: 262 kfree_skb(skb); 263 return 0; 264 } 265 266 static int ipip_rcv(struct sk_buff *skb) 267 { 268 return ipip_tunnel_rcv(skb, IPPROTO_IPIP); 269 } 270 271 #if IS_ENABLED(CONFIG_MPLS) 272 static int mplsip_rcv(struct sk_buff *skb) 273 { 274 return ipip_tunnel_rcv(skb, IPPROTO_MPLS); 275 } 276 #endif 277 278 /* 279 * This function assumes it is being called from dev_queue_xmit() 280 * and that skb is filled properly by that function. 281 */ 282 static netdev_tx_t ipip_tunnel_xmit(struct sk_buff *skb, 283 struct net_device *dev) 284 { 285 struct ip_tunnel *tunnel = netdev_priv(dev); 286 const struct iphdr *tiph = &tunnel->parms.iph; 287 u8 ipproto; 288 289 if (!pskb_inet_may_pull(skb)) 290 goto tx_error; 291 292 switch (skb->protocol) { 293 case htons(ETH_P_IP): 294 ipproto = IPPROTO_IPIP; 295 break; 296 #if IS_ENABLED(CONFIG_MPLS) 297 case htons(ETH_P_MPLS_UC): 298 ipproto = IPPROTO_MPLS; 299 break; 300 #endif 301 default: 302 goto tx_error; 303 } 304 305 if (tiph->protocol != ipproto && tiph->protocol != 0) 306 goto tx_error; 307 308 if (iptunnel_handle_offloads(skb, SKB_GSO_IPXIP4)) 309 goto tx_error; 310 311 skb_set_inner_ipproto(skb, ipproto); 312 313 if (tunnel->collect_md) 314 ip_md_tunnel_xmit(skb, dev, ipproto, 0); 315 else 316 ip_tunnel_xmit(skb, dev, tiph, ipproto); 317 return NETDEV_TX_OK; 318 319 tx_error: 320 kfree_skb(skb); 321 322 DEV_STATS_INC(dev, tx_errors); 323 return NETDEV_TX_OK; 324 } 325 326 static bool ipip_tunnel_ioctl_verify_protocol(u8 ipproto) 327 { 328 switch (ipproto) { 329 case 0: 330 case IPPROTO_IPIP: 331 #if IS_ENABLED(CONFIG_MPLS) 332 case IPPROTO_MPLS: 333 #endif 334 return true; 335 } 336 337 return false; 338 } 339 340 static int 341 ipip_tunnel_ctl(struct net_device *dev, struct ip_tunnel_parm_kern *p, int cmd) 342 { 343 if (cmd == SIOCADDTUNNEL || cmd == SIOCCHGTUNNEL) { 344 if (p->iph.version != 4 || 345 !ipip_tunnel_ioctl_verify_protocol(p->iph.protocol) || 346 p->iph.ihl != 5 || (p->iph.frag_off & htons(~IP_DF))) 347 return -EINVAL; 348 } 349 350 p->i_key = p->o_key = 0; 351 ip_tunnel_flags_zero(p->i_flags); 352 ip_tunnel_flags_zero(p->o_flags); 353 return ip_tunnel_ctl(dev, p, cmd); 354 } 355 356 static int ipip_fill_forward_path(struct net_device_path_ctx *ctx, 357 struct net_device_path *path) 358 { 359 struct ip_tunnel *tunnel = netdev_priv(ctx->dev); 360 const struct iphdr *tiph = &tunnel->parms.iph; 361 struct rtable *rt; 362 363 rt = ip_route_output(dev_net(ctx->dev), tiph->daddr, 0, 0, 0, 364 RT_SCOPE_UNIVERSE); 365 if (IS_ERR(rt)) 366 return PTR_ERR(rt); 367 368 path->type = DEV_PATH_TUN; 369 path->tun.src_v4.s_addr = tiph->saddr; 370 path->tun.dst_v4.s_addr = tiph->daddr; 371 path->tun.l3_proto = IPPROTO_IPIP; 372 path->dev = ctx->dev; 373 374 ctx->dev = rt->dst.dev; 375 ip_rt_put(rt); 376 377 return 0; 378 } 379 380 static const struct net_device_ops ipip_netdev_ops = { 381 .ndo_init = ipip_tunnel_init, 382 .ndo_uninit = ip_tunnel_uninit, 383 .ndo_start_xmit = ipip_tunnel_xmit, 384 .ndo_siocdevprivate = ip_tunnel_siocdevprivate, 385 .ndo_change_mtu = ip_tunnel_change_mtu, 386 .ndo_get_stats64 = dev_get_tstats64, 387 .ndo_get_iflink = ip_tunnel_get_iflink, 388 .ndo_tunnel_ctl = ipip_tunnel_ctl, 389 .ndo_fill_forward_path = ipip_fill_forward_path, 390 }; 391 392 #define IPIP_FEATURES (NETIF_F_SG | \ 393 NETIF_F_FRAGLIST | \ 394 NETIF_F_HIGHDMA | \ 395 NETIF_F_GSO_SOFTWARE | \ 396 NETIF_F_HW_CSUM) 397 398 static void ipip_tunnel_setup(struct net_device *dev) 399 { 400 dev->netdev_ops = &ipip_netdev_ops; 401 dev->header_ops = &ip_tunnel_header_ops; 402 403 dev->type = ARPHRD_TUNNEL; 404 dev->flags = IFF_NOARP; 405 dev->addr_len = 4; 406 dev->lltx = true; 407 netif_keep_dst(dev); 408 409 dev->features |= IPIP_FEATURES; 410 dev->hw_features |= IPIP_FEATURES; 411 ip_tunnel_setup(dev, ipip_net_id); 412 } 413 414 static int ipip_tunnel_init(struct net_device *dev) 415 { 416 struct ip_tunnel *tunnel = netdev_priv(dev); 417 418 __dev_addr_set(dev, &tunnel->parms.iph.saddr, 4); 419 memcpy(dev->broadcast, &tunnel->parms.iph.daddr, 4); 420 421 tunnel->tun_hlen = 0; 422 tunnel->hlen = tunnel->tun_hlen + tunnel->encap_hlen; 423 return ip_tunnel_init(dev); 424 } 425 426 static int ipip_tunnel_validate(struct nlattr *tb[], struct nlattr *data[], 427 struct netlink_ext_ack *extack) 428 { 429 u8 proto; 430 431 if (!data || !data[IFLA_IPTUN_PROTO]) 432 return 0; 433 434 proto = nla_get_u8(data[IFLA_IPTUN_PROTO]); 435 if (proto != IPPROTO_IPIP && proto != IPPROTO_MPLS && proto != 0) 436 return -EINVAL; 437 438 return 0; 439 } 440 441 static void ipip_netlink_parms(struct nlattr *data[], 442 struct ip_tunnel_parm_kern *parms, 443 bool *collect_md, __u32 *fwmark) 444 { 445 memset(parms, 0, sizeof(*parms)); 446 447 parms->iph.version = 4; 448 parms->iph.protocol = IPPROTO_IPIP; 449 parms->iph.ihl = 5; 450 *collect_md = false; 451 452 if (!data) 453 return; 454 455 ip_tunnel_netlink_parms(data, parms); 456 457 if (data[IFLA_IPTUN_COLLECT_METADATA]) 458 *collect_md = true; 459 460 if (data[IFLA_IPTUN_FWMARK]) 461 *fwmark = nla_get_u32(data[IFLA_IPTUN_FWMARK]); 462 } 463 464 static int ipip_newlink(struct net_device *dev, 465 struct rtnl_newlink_params *params, 466 struct netlink_ext_ack *extack) 467 { 468 struct ip_tunnel *t = netdev_priv(dev); 469 struct nlattr **data = params->data; 470 struct nlattr **tb = params->tb; 471 struct ip_tunnel_encap ipencap; 472 struct ip_tunnel_parm_kern p; 473 __u32 fwmark = 0; 474 475 if (ip_tunnel_netlink_encap_parms(data, &ipencap)) { 476 int err = ip_tunnel_encap_setup(t, &ipencap); 477 478 if (err < 0) 479 return err; 480 } 481 482 ipip_netlink_parms(data, &p, &t->collect_md, &fwmark); 483 return ip_tunnel_newlink(params->link_net ? : dev_net(dev), dev, tb, &p, 484 fwmark); 485 } 486 487 static int ipip_changelink(struct net_device *dev, struct nlattr *tb[], 488 struct nlattr *data[], 489 struct netlink_ext_ack *extack) 490 { 491 struct ip_tunnel *t = netdev_priv(dev); 492 struct ip_tunnel_encap ipencap; 493 struct ip_tunnel_parm_kern p; 494 bool collect_md; 495 __u32 fwmark = t->fwmark; 496 497 if (!rtnl_dev_link_net_capable(dev, t->net)) 498 return -EPERM; 499 500 if (ip_tunnel_netlink_encap_parms(data, &ipencap)) { 501 int err = ip_tunnel_encap_setup(t, &ipencap); 502 503 if (err < 0) 504 return err; 505 } 506 507 ipip_netlink_parms(data, &p, &collect_md, &fwmark); 508 if (collect_md) 509 return -EINVAL; 510 511 if (((dev->flags & IFF_POINTOPOINT) && !p.iph.daddr) || 512 (!(dev->flags & IFF_POINTOPOINT) && p.iph.daddr)) 513 return -EINVAL; 514 515 return ip_tunnel_changelink(dev, tb, &p, fwmark); 516 } 517 518 static size_t ipip_get_size(const struct net_device *dev) 519 { 520 return 521 /* IFLA_IPTUN_LINK */ 522 nla_total_size(4) + 523 /* IFLA_IPTUN_LOCAL */ 524 nla_total_size(4) + 525 /* IFLA_IPTUN_REMOTE */ 526 nla_total_size(4) + 527 /* IFLA_IPTUN_TTL */ 528 nla_total_size(1) + 529 /* IFLA_IPTUN_TOS */ 530 nla_total_size(1) + 531 /* IFLA_IPTUN_PROTO */ 532 nla_total_size(1) + 533 /* IFLA_IPTUN_PMTUDISC */ 534 nla_total_size(1) + 535 /* IFLA_IPTUN_ENCAP_TYPE */ 536 nla_total_size(2) + 537 /* IFLA_IPTUN_ENCAP_FLAGS */ 538 nla_total_size(2) + 539 /* IFLA_IPTUN_ENCAP_SPORT */ 540 nla_total_size(2) + 541 /* IFLA_IPTUN_ENCAP_DPORT */ 542 nla_total_size(2) + 543 /* IFLA_IPTUN_COLLECT_METADATA */ 544 nla_total_size(0) + 545 /* IFLA_IPTUN_FWMARK */ 546 nla_total_size(4) + 547 0; 548 } 549 550 static int ipip_fill_info(struct sk_buff *skb, const struct net_device *dev) 551 { 552 struct ip_tunnel *tunnel = netdev_priv(dev); 553 struct ip_tunnel_parm_kern *parm = &tunnel->parms; 554 555 if (nla_put_u32(skb, IFLA_IPTUN_LINK, parm->link) || 556 nla_put_in_addr(skb, IFLA_IPTUN_LOCAL, parm->iph.saddr) || 557 nla_put_in_addr(skb, IFLA_IPTUN_REMOTE, parm->iph.daddr) || 558 nla_put_u8(skb, IFLA_IPTUN_TTL, parm->iph.ttl) || 559 nla_put_u8(skb, IFLA_IPTUN_TOS, parm->iph.tos) || 560 nla_put_u8(skb, IFLA_IPTUN_PROTO, parm->iph.protocol) || 561 nla_put_u8(skb, IFLA_IPTUN_PMTUDISC, 562 !!(parm->iph.frag_off & htons(IP_DF))) || 563 nla_put_u32(skb, IFLA_IPTUN_FWMARK, tunnel->fwmark)) 564 goto nla_put_failure; 565 566 if (nla_put_u16(skb, IFLA_IPTUN_ENCAP_TYPE, 567 tunnel->encap.type) || 568 nla_put_be16(skb, IFLA_IPTUN_ENCAP_SPORT, 569 tunnel->encap.sport) || 570 nla_put_be16(skb, IFLA_IPTUN_ENCAP_DPORT, 571 tunnel->encap.dport) || 572 nla_put_u16(skb, IFLA_IPTUN_ENCAP_FLAGS, 573 tunnel->encap.flags)) 574 goto nla_put_failure; 575 576 if (tunnel->collect_md) 577 if (nla_put_flag(skb, IFLA_IPTUN_COLLECT_METADATA)) 578 goto nla_put_failure; 579 return 0; 580 581 nla_put_failure: 582 return -EMSGSIZE; 583 } 584 585 static const struct nla_policy ipip_policy[IFLA_IPTUN_MAX + 1] = { 586 [IFLA_IPTUN_LINK] = { .type = NLA_U32 }, 587 [IFLA_IPTUN_LOCAL] = { .type = NLA_U32 }, 588 [IFLA_IPTUN_REMOTE] = { .type = NLA_U32 }, 589 [IFLA_IPTUN_TTL] = { .type = NLA_U8 }, 590 [IFLA_IPTUN_TOS] = { .type = NLA_U8 }, 591 [IFLA_IPTUN_PROTO] = { .type = NLA_U8 }, 592 [IFLA_IPTUN_PMTUDISC] = { .type = NLA_U8 }, 593 [IFLA_IPTUN_ENCAP_TYPE] = { .type = NLA_U16 }, 594 [IFLA_IPTUN_ENCAP_FLAGS] = { .type = NLA_U16 }, 595 [IFLA_IPTUN_ENCAP_SPORT] = { .type = NLA_U16 }, 596 [IFLA_IPTUN_ENCAP_DPORT] = { .type = NLA_U16 }, 597 [IFLA_IPTUN_COLLECT_METADATA] = { .type = NLA_FLAG }, 598 [IFLA_IPTUN_FWMARK] = { .type = NLA_U32 }, 599 }; 600 601 static struct rtnl_link_ops ipip_link_ops __read_mostly = { 602 .kind = "ipip", 603 .maxtype = IFLA_IPTUN_MAX, 604 .policy = ipip_policy, 605 .priv_size = sizeof(struct ip_tunnel), 606 .setup = ipip_tunnel_setup, 607 .validate = ipip_tunnel_validate, 608 .newlink = ipip_newlink, 609 .changelink = ipip_changelink, 610 .dellink = ip_tunnel_dellink, 611 .get_size = ipip_get_size, 612 .fill_info = ipip_fill_info, 613 .get_link_net = ip_tunnel_get_link_net, 614 }; 615 616 static struct xfrm_tunnel ipip_handler __read_mostly = { 617 .handler = ipip_rcv, 618 .err_handler = ipip_err, 619 .priority = 1, 620 }; 621 622 #if IS_ENABLED(CONFIG_MPLS) 623 static struct xfrm_tunnel mplsip_handler __read_mostly = { 624 .handler = mplsip_rcv, 625 .err_handler = ipip_err, 626 .priority = 1, 627 }; 628 #endif 629 630 static int __net_init ipip_init_net(struct net *net) 631 { 632 return ip_tunnel_init_net(net, ipip_net_id, &ipip_link_ops, "tunl0"); 633 } 634 635 static void __net_exit ipip_exit_rtnl(struct net *net, 636 struct list_head *dev_to_kill) 637 { 638 ip_tunnel_delete_net(net, ipip_net_id, &ipip_link_ops, dev_to_kill); 639 } 640 641 static struct pernet_operations ipip_net_ops = { 642 .init = ipip_init_net, 643 .exit_rtnl = ipip_exit_rtnl, 644 .id = &ipip_net_id, 645 .size = sizeof(struct ip_tunnel_net), 646 }; 647 648 static int __init ipip_init(void) 649 { 650 int err; 651 652 pr_info("ipip: IPv4 and MPLS over IPv4 tunneling driver\n"); 653 654 err = register_pernet_device(&ipip_net_ops); 655 if (err < 0) 656 return err; 657 err = xfrm4_tunnel_register(&ipip_handler, AF_INET); 658 if (err < 0) { 659 pr_info("%s: can't register tunnel\n", __func__); 660 goto xfrm_tunnel_ipip_failed; 661 } 662 #if IS_ENABLED(CONFIG_MPLS) 663 err = xfrm4_tunnel_register(&mplsip_handler, AF_MPLS); 664 if (err < 0) { 665 pr_info("%s: can't register tunnel\n", __func__); 666 goto xfrm_tunnel_mplsip_failed; 667 } 668 #endif 669 err = rtnl_link_register(&ipip_link_ops); 670 if (err < 0) 671 goto rtnl_link_failed; 672 673 out: 674 return err; 675 676 rtnl_link_failed: 677 #if IS_ENABLED(CONFIG_MPLS) 678 xfrm4_tunnel_deregister(&mplsip_handler, AF_MPLS); 679 xfrm_tunnel_mplsip_failed: 680 681 #endif 682 xfrm4_tunnel_deregister(&ipip_handler, AF_INET); 683 xfrm_tunnel_ipip_failed: 684 unregister_pernet_device(&ipip_net_ops); 685 goto out; 686 } 687 688 static void __exit ipip_fini(void) 689 { 690 rtnl_link_unregister(&ipip_link_ops); 691 if (xfrm4_tunnel_deregister(&ipip_handler, AF_INET)) 692 pr_info("%s: can't deregister tunnel\n", __func__); 693 #if IS_ENABLED(CONFIG_MPLS) 694 if (xfrm4_tunnel_deregister(&mplsip_handler, AF_MPLS)) 695 pr_info("%s: can't deregister tunnel\n", __func__); 696 #endif 697 unregister_pernet_device(&ipip_net_ops); 698 } 699 700 module_init(ipip_init); 701 module_exit(ipip_fini); 702 MODULE_DESCRIPTION("IP/IP protocol decoder library"); 703 MODULE_LICENSE("GPL"); 704 MODULE_ALIAS_RTNL_LINK("ipip"); 705 MODULE_ALIAS_NETDEV("tunl0"); 706