1 /*- 2 * SPDX-License-Identifier: BSD-3-Clause 3 * 4 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 5 * Copyright (c) 2018 Andrey V. Elsukov <ae@FreeBSD.org> 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the project nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 * 32 * $KAME: if_gif.c,v 1.87 2001/10/19 08:50:27 itojun Exp $ 33 */ 34 35 #include <sys/cdefs.h> 36 __FBSDID("$FreeBSD$"); 37 38 #include "opt_inet.h" 39 #include "opt_inet6.h" 40 41 #include <sys/param.h> 42 #include <sys/systm.h> 43 #include <sys/kernel.h> 44 #include <sys/lock.h> 45 #include <sys/malloc.h> 46 #include <sys/mbuf.h> 47 #include <sys/module.h> 48 #include <sys/rmlock.h> 49 #include <sys/socket.h> 50 #include <sys/sockio.h> 51 #include <sys/sx.h> 52 #include <sys/errno.h> 53 #include <sys/time.h> 54 #include <sys/sysctl.h> 55 #include <sys/syslog.h> 56 #include <sys/priv.h> 57 #include <sys/proc.h> 58 #include <sys/conf.h> 59 #include <machine/cpu.h> 60 61 #include <net/if.h> 62 #include <net/if_var.h> 63 #include <net/if_clone.h> 64 #include <net/if_types.h> 65 #include <net/netisr.h> 66 #include <net/route.h> 67 #include <net/bpf.h> 68 #include <net/vnet.h> 69 70 #include <netinet/in.h> 71 #include <netinet/in_systm.h> 72 #include <netinet/ip.h> 73 #include <netinet/ip_ecn.h> 74 #ifdef INET 75 #include <netinet/in_var.h> 76 #include <netinet/ip_var.h> 77 #endif /* INET */ 78 79 #ifdef INET6 80 #ifndef INET 81 #include <netinet/in.h> 82 #endif 83 #include <netinet6/in6_var.h> 84 #include <netinet/ip6.h> 85 #include <netinet6/ip6_ecn.h> 86 #include <netinet6/ip6_var.h> 87 #endif /* INET6 */ 88 89 #include <netinet/ip_encap.h> 90 #include <net/ethernet.h> 91 #include <net/if_bridgevar.h> 92 #include <net/if_gif.h> 93 94 #include <security/mac/mac_framework.h> 95 96 static const char gifname[] = "gif"; 97 98 MALLOC_DEFINE(M_GIF, "gif", "Generic Tunnel Interface"); 99 static struct sx gif_ioctl_sx; 100 SX_SYSINIT(gif_ioctl_sx, &gif_ioctl_sx, "gif_ioctl"); 101 102 void (*ng_gif_input_p)(struct ifnet *ifp, struct mbuf **mp, int af); 103 void (*ng_gif_input_orphan_p)(struct ifnet *ifp, struct mbuf *m, int af); 104 void (*ng_gif_attach_p)(struct ifnet *ifp); 105 void (*ng_gif_detach_p)(struct ifnet *ifp); 106 107 static void gif_delete_tunnel(struct gif_softc *); 108 static int gif_ioctl(struct ifnet *, u_long, caddr_t); 109 static int gif_transmit(struct ifnet *, struct mbuf *); 110 static void gif_qflush(struct ifnet *); 111 static int gif_clone_create(struct if_clone *, int, caddr_t); 112 static void gif_clone_destroy(struct ifnet *); 113 static VNET_DEFINE(struct if_clone *, gif_cloner); 114 #define V_gif_cloner VNET(gif_cloner) 115 116 SYSCTL_DECL(_net_link); 117 static SYSCTL_NODE(_net_link, IFT_GIF, gif, CTLFLAG_RW, 0, 118 "Generic Tunnel Interface"); 119 #ifndef MAX_GIF_NEST 120 /* 121 * This macro controls the default upper limitation on nesting of gif tunnels. 122 * Since, setting a large value to this macro with a careless configuration 123 * may introduce system crash, we don't allow any nestings by default. 124 * If you need to configure nested gif tunnels, you can define this macro 125 * in your kernel configuration file. However, if you do so, please be 126 * careful to configure the tunnels so that it won't make a loop. 127 */ 128 #define MAX_GIF_NEST 1 129 #endif 130 static VNET_DEFINE(int, max_gif_nesting) = MAX_GIF_NEST; 131 #define V_max_gif_nesting VNET(max_gif_nesting) 132 SYSCTL_INT(_net_link_gif, OID_AUTO, max_nesting, CTLFLAG_VNET | CTLFLAG_RW, 133 &VNET_NAME(max_gif_nesting), 0, "Max nested tunnels"); 134 135 static int 136 gif_clone_create(struct if_clone *ifc, int unit, caddr_t params) 137 { 138 struct gif_softc *sc; 139 140 sc = malloc(sizeof(struct gif_softc), M_GIF, M_WAITOK | M_ZERO); 141 sc->gif_fibnum = curthread->td_proc->p_fibnum; 142 GIF2IFP(sc) = if_alloc(IFT_GIF); 143 GIF2IFP(sc)->if_softc = sc; 144 if_initname(GIF2IFP(sc), gifname, unit); 145 146 GIF2IFP(sc)->if_addrlen = 0; 147 GIF2IFP(sc)->if_mtu = GIF_MTU; 148 GIF2IFP(sc)->if_flags = IFF_POINTOPOINT | IFF_MULTICAST; 149 GIF2IFP(sc)->if_ioctl = gif_ioctl; 150 GIF2IFP(sc)->if_transmit = gif_transmit; 151 GIF2IFP(sc)->if_qflush = gif_qflush; 152 GIF2IFP(sc)->if_output = gif_output; 153 GIF2IFP(sc)->if_capabilities |= IFCAP_LINKSTATE; 154 GIF2IFP(sc)->if_capenable |= IFCAP_LINKSTATE; 155 if_attach(GIF2IFP(sc)); 156 bpfattach(GIF2IFP(sc), DLT_NULL, sizeof(u_int32_t)); 157 if (ng_gif_attach_p != NULL) 158 (*ng_gif_attach_p)(GIF2IFP(sc)); 159 160 return (0); 161 } 162 163 static void 164 gif_clone_destroy(struct ifnet *ifp) 165 { 166 struct gif_softc *sc; 167 168 sx_xlock(&gif_ioctl_sx); 169 sc = ifp->if_softc; 170 gif_delete_tunnel(sc); 171 if (ng_gif_detach_p != NULL) 172 (*ng_gif_detach_p)(ifp); 173 bpfdetach(ifp); 174 if_detach(ifp); 175 ifp->if_softc = NULL; 176 sx_xunlock(&gif_ioctl_sx); 177 178 GIF_WAIT(); 179 if_free(ifp); 180 free(sc, M_GIF); 181 } 182 183 static void 184 vnet_gif_init(const void *unused __unused) 185 { 186 187 V_gif_cloner = if_clone_simple(gifname, gif_clone_create, 188 gif_clone_destroy, 0); 189 #ifdef INET 190 in_gif_init(); 191 #endif 192 #ifdef INET6 193 in6_gif_init(); 194 #endif 195 } 196 VNET_SYSINIT(vnet_gif_init, SI_SUB_PROTO_IFATTACHDOMAIN, SI_ORDER_ANY, 197 vnet_gif_init, NULL); 198 199 static void 200 vnet_gif_uninit(const void *unused __unused) 201 { 202 203 if_clone_detach(V_gif_cloner); 204 #ifdef INET 205 in_gif_uninit(); 206 #endif 207 #ifdef INET6 208 in6_gif_uninit(); 209 #endif 210 } 211 VNET_SYSUNINIT(vnet_gif_uninit, SI_SUB_PROTO_IFATTACHDOMAIN, SI_ORDER_ANY, 212 vnet_gif_uninit, NULL); 213 214 static int 215 gifmodevent(module_t mod, int type, void *data) 216 { 217 218 switch (type) { 219 case MOD_LOAD: 220 case MOD_UNLOAD: 221 break; 222 default: 223 return (EOPNOTSUPP); 224 } 225 return (0); 226 } 227 228 static moduledata_t gif_mod = { 229 "if_gif", 230 gifmodevent, 231 0 232 }; 233 234 DECLARE_MODULE(if_gif, gif_mod, SI_SUB_PSEUDO, SI_ORDER_ANY); 235 MODULE_VERSION(if_gif, 1); 236 237 struct gif_list * 238 gif_hashinit(void) 239 { 240 struct gif_list *hash; 241 int i; 242 243 hash = malloc(sizeof(struct gif_list) * GIF_HASH_SIZE, 244 M_GIF, M_WAITOK); 245 for (i = 0; i < GIF_HASH_SIZE; i++) 246 CK_LIST_INIT(&hash[i]); 247 248 return (hash); 249 } 250 251 void 252 gif_hashdestroy(struct gif_list *hash) 253 { 254 255 free(hash, M_GIF); 256 } 257 258 #define MTAG_GIF 1080679712 259 static int 260 gif_transmit(struct ifnet *ifp, struct mbuf *m) 261 { 262 struct gif_softc *sc; 263 struct etherip_header *eth; 264 #ifdef INET 265 struct ip *ip; 266 #endif 267 #ifdef INET6 268 struct ip6_hdr *ip6; 269 uint32_t t; 270 #endif 271 uint32_t af; 272 uint8_t proto, ecn; 273 int error; 274 275 #ifdef MAC 276 error = mac_ifnet_check_transmit(ifp, m); 277 if (error) { 278 m_freem(m); 279 goto err; 280 } 281 #endif 282 error = ENETDOWN; 283 GIF_RLOCK(); 284 sc = ifp->if_softc; 285 if ((ifp->if_flags & IFF_MONITOR) != 0 || 286 (ifp->if_flags & IFF_UP) == 0 || 287 sc->gif_family == 0 || 288 (error = if_tunnel_check_nesting(ifp, m, MTAG_GIF, 289 V_max_gif_nesting)) != 0) { 290 m_freem(m); 291 goto err; 292 } 293 /* Now pull back the af that we stashed in the csum_data. */ 294 if (ifp->if_bridge) 295 af = AF_LINK; 296 else 297 af = m->m_pkthdr.csum_data; 298 m->m_flags &= ~(M_BCAST|M_MCAST); 299 M_SETFIB(m, sc->gif_fibnum); 300 BPF_MTAP2(ifp, &af, sizeof(af), m); 301 if_inc_counter(ifp, IFCOUNTER_OPACKETS, 1); 302 if_inc_counter(ifp, IFCOUNTER_OBYTES, m->m_pkthdr.len); 303 /* inner AF-specific encapsulation */ 304 ecn = 0; 305 switch (af) { 306 #ifdef INET 307 case AF_INET: 308 proto = IPPROTO_IPV4; 309 if (m->m_len < sizeof(struct ip)) 310 m = m_pullup(m, sizeof(struct ip)); 311 if (m == NULL) { 312 error = ENOBUFS; 313 goto err; 314 } 315 ip = mtod(m, struct ip *); 316 ip_ecn_ingress((ifp->if_flags & IFF_LINK1) ? ECN_ALLOWED: 317 ECN_NOCARE, &ecn, &ip->ip_tos); 318 break; 319 #endif 320 #ifdef INET6 321 case AF_INET6: 322 proto = IPPROTO_IPV6; 323 if (m->m_len < sizeof(struct ip6_hdr)) 324 m = m_pullup(m, sizeof(struct ip6_hdr)); 325 if (m == NULL) { 326 error = ENOBUFS; 327 goto err; 328 } 329 t = 0; 330 ip6 = mtod(m, struct ip6_hdr *); 331 ip6_ecn_ingress((ifp->if_flags & IFF_LINK1) ? ECN_ALLOWED: 332 ECN_NOCARE, &t, &ip6->ip6_flow); 333 ecn = (ntohl(t) >> 20) & 0xff; 334 break; 335 #endif 336 case AF_LINK: 337 proto = IPPROTO_ETHERIP; 338 M_PREPEND(m, sizeof(struct etherip_header), M_NOWAIT); 339 if (m == NULL) { 340 error = ENOBUFS; 341 goto err; 342 } 343 eth = mtod(m, struct etherip_header *); 344 eth->eip_resvh = 0; 345 eth->eip_ver = ETHERIP_VERSION; 346 eth->eip_resvl = 0; 347 break; 348 default: 349 error = EAFNOSUPPORT; 350 m_freem(m); 351 goto err; 352 } 353 /* XXX should we check if our outer source is legal? */ 354 /* dispatch to output logic based on outer AF */ 355 switch (sc->gif_family) { 356 #ifdef INET 357 case AF_INET: 358 error = in_gif_output(ifp, m, proto, ecn); 359 break; 360 #endif 361 #ifdef INET6 362 case AF_INET6: 363 error = in6_gif_output(ifp, m, proto, ecn); 364 break; 365 #endif 366 default: 367 m_freem(m); 368 } 369 err: 370 if (error) 371 if_inc_counter(ifp, IFCOUNTER_OERRORS, 1); 372 GIF_RUNLOCK(); 373 return (error); 374 } 375 376 static void 377 gif_qflush(struct ifnet *ifp __unused) 378 { 379 380 } 381 382 383 int 384 gif_output(struct ifnet *ifp, struct mbuf *m, const struct sockaddr *dst, 385 struct route *ro) 386 { 387 uint32_t af; 388 389 if (dst->sa_family == AF_UNSPEC) 390 bcopy(dst->sa_data, &af, sizeof(af)); 391 else 392 af = dst->sa_family; 393 /* 394 * Now save the af in the inbound pkt csum data, this is a cheat since 395 * we are using the inbound csum_data field to carry the af over to 396 * the gif_transmit() routine, avoiding using yet another mtag. 397 */ 398 m->m_pkthdr.csum_data = af; 399 return (ifp->if_transmit(ifp, m)); 400 } 401 402 void 403 gif_input(struct mbuf *m, struct ifnet *ifp, int proto, uint8_t ecn) 404 { 405 struct etherip_header *eip; 406 #ifdef INET 407 struct ip *ip; 408 #endif 409 #ifdef INET6 410 struct ip6_hdr *ip6; 411 uint32_t t; 412 #endif 413 struct ether_header *eh; 414 struct ifnet *oldifp; 415 int isr, n, af; 416 417 if (ifp == NULL) { 418 /* just in case */ 419 m_freem(m); 420 return; 421 } 422 m->m_pkthdr.rcvif = ifp; 423 m_clrprotoflags(m); 424 switch (proto) { 425 #ifdef INET 426 case IPPROTO_IPV4: 427 af = AF_INET; 428 if (m->m_len < sizeof(struct ip)) 429 m = m_pullup(m, sizeof(struct ip)); 430 if (m == NULL) 431 goto drop; 432 ip = mtod(m, struct ip *); 433 if (ip_ecn_egress((ifp->if_flags & IFF_LINK1) ? ECN_ALLOWED: 434 ECN_NOCARE, &ecn, &ip->ip_tos) == 0) { 435 m_freem(m); 436 goto drop; 437 } 438 break; 439 #endif 440 #ifdef INET6 441 case IPPROTO_IPV6: 442 af = AF_INET6; 443 if (m->m_len < sizeof(struct ip6_hdr)) 444 m = m_pullup(m, sizeof(struct ip6_hdr)); 445 if (m == NULL) 446 goto drop; 447 t = htonl((uint32_t)ecn << 20); 448 ip6 = mtod(m, struct ip6_hdr *); 449 if (ip6_ecn_egress((ifp->if_flags & IFF_LINK1) ? ECN_ALLOWED: 450 ECN_NOCARE, &t, &ip6->ip6_flow) == 0) { 451 m_freem(m); 452 goto drop; 453 } 454 break; 455 #endif 456 case IPPROTO_ETHERIP: 457 af = AF_LINK; 458 break; 459 default: 460 m_freem(m); 461 goto drop; 462 } 463 464 #ifdef MAC 465 mac_ifnet_create_mbuf(ifp, m); 466 #endif 467 468 if (bpf_peers_present(ifp->if_bpf)) { 469 uint32_t af1 = af; 470 bpf_mtap2(ifp->if_bpf, &af1, sizeof(af1), m); 471 } 472 473 if ((ifp->if_flags & IFF_MONITOR) != 0) { 474 if_inc_counter(ifp, IFCOUNTER_IPACKETS, 1); 475 if_inc_counter(ifp, IFCOUNTER_IBYTES, m->m_pkthdr.len); 476 m_freem(m); 477 return; 478 } 479 480 if (ng_gif_input_p != NULL) { 481 (*ng_gif_input_p)(ifp, &m, af); 482 if (m == NULL) 483 goto drop; 484 } 485 486 /* 487 * Put the packet to the network layer input queue according to the 488 * specified address family. 489 * Note: older versions of gif_input directly called network layer 490 * input functions, e.g. ip6_input, here. We changed the policy to 491 * prevent too many recursive calls of such input functions, which 492 * might cause kernel panic. But the change may introduce another 493 * problem; if the input queue is full, packets are discarded. 494 * The kernel stack overflow really happened, and we believed 495 * queue-full rarely occurs, so we changed the policy. 496 */ 497 switch (af) { 498 #ifdef INET 499 case AF_INET: 500 isr = NETISR_IP; 501 break; 502 #endif 503 #ifdef INET6 504 case AF_INET6: 505 isr = NETISR_IPV6; 506 break; 507 #endif 508 case AF_LINK: 509 n = sizeof(struct etherip_header) + 510 sizeof(struct ether_header); 511 if (n > m->m_len) 512 m = m_pullup(m, n); 513 if (m == NULL) 514 goto drop; 515 eip = mtod(m, struct etherip_header *); 516 if (eip->eip_ver != ETHERIP_VERSION) { 517 /* discard unknown versions */ 518 m_freem(m); 519 goto drop; 520 } 521 m_adj(m, sizeof(struct etherip_header)); 522 523 m->m_flags &= ~(M_BCAST|M_MCAST); 524 m->m_pkthdr.rcvif = ifp; 525 526 if (ifp->if_bridge) { 527 oldifp = ifp; 528 eh = mtod(m, struct ether_header *); 529 if (ETHER_IS_MULTICAST(eh->ether_dhost)) { 530 if (ETHER_IS_BROADCAST(eh->ether_dhost)) 531 m->m_flags |= M_BCAST; 532 else 533 m->m_flags |= M_MCAST; 534 if_inc_counter(ifp, IFCOUNTER_IMCASTS, 1); 535 } 536 BRIDGE_INPUT(ifp, m); 537 538 if (m != NULL && ifp != oldifp) { 539 /* 540 * The bridge gave us back itself or one of the 541 * members for which the frame is addressed. 542 */ 543 ether_demux(ifp, m); 544 return; 545 } 546 } 547 if (m != NULL) 548 m_freem(m); 549 return; 550 551 default: 552 if (ng_gif_input_orphan_p != NULL) 553 (*ng_gif_input_orphan_p)(ifp, m, af); 554 else 555 m_freem(m); 556 return; 557 } 558 559 if_inc_counter(ifp, IFCOUNTER_IPACKETS, 1); 560 if_inc_counter(ifp, IFCOUNTER_IBYTES, m->m_pkthdr.len); 561 M_SETFIB(m, ifp->if_fib); 562 netisr_dispatch(isr, m); 563 return; 564 drop: 565 if_inc_counter(ifp, IFCOUNTER_IERRORS, 1); 566 } 567 568 static int 569 gif_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 570 { 571 struct ifreq *ifr = (struct ifreq*)data; 572 struct gif_softc *sc; 573 u_int options; 574 int error; 575 576 switch (cmd) { 577 case SIOCSIFADDR: 578 ifp->if_flags |= IFF_UP; 579 case SIOCADDMULTI: 580 case SIOCDELMULTI: 581 case SIOCGIFMTU: 582 case SIOCSIFFLAGS: 583 return (0); 584 case SIOCSIFMTU: 585 if (ifr->ifr_mtu < GIF_MTU_MIN || 586 ifr->ifr_mtu > GIF_MTU_MAX) 587 return (EINVAL); 588 else 589 ifp->if_mtu = ifr->ifr_mtu; 590 return (0); 591 } 592 sx_xlock(&gif_ioctl_sx); 593 sc = ifp->if_softc; 594 if (sc == NULL) { 595 error = ENXIO; 596 goto bad; 597 } 598 error = 0; 599 switch (cmd) { 600 case SIOCDIFPHYADDR: 601 if (sc->gif_family == 0) 602 break; 603 gif_delete_tunnel(sc); 604 break; 605 #ifdef INET 606 case SIOCSIFPHYADDR: 607 case SIOCGIFPSRCADDR: 608 case SIOCGIFPDSTADDR: 609 error = in_gif_ioctl(sc, cmd, data); 610 break; 611 #endif 612 #ifdef INET6 613 case SIOCSIFPHYADDR_IN6: 614 case SIOCGIFPSRCADDR_IN6: 615 case SIOCGIFPDSTADDR_IN6: 616 error = in6_gif_ioctl(sc, cmd, data); 617 break; 618 #endif 619 case SIOCGTUNFIB: 620 ifr->ifr_fib = sc->gif_fibnum; 621 break; 622 case SIOCSTUNFIB: 623 if ((error = priv_check(curthread, PRIV_NET_GIF)) != 0) 624 break; 625 if (ifr->ifr_fib >= rt_numfibs) 626 error = EINVAL; 627 else 628 sc->gif_fibnum = ifr->ifr_fib; 629 break; 630 case GIFGOPTS: 631 options = sc->gif_options; 632 error = copyout(&options, ifr_data_get_ptr(ifr), 633 sizeof(options)); 634 break; 635 case GIFSOPTS: 636 if ((error = priv_check(curthread, PRIV_NET_GIF)) != 0) 637 break; 638 error = copyin(ifr_data_get_ptr(ifr), &options, 639 sizeof(options)); 640 if (error) 641 break; 642 if (options & ~GIF_OPTMASK) { 643 error = EINVAL; 644 break; 645 } 646 if (sc->gif_options != options) { 647 switch (sc->gif_family) { 648 #ifdef INET 649 case AF_INET: 650 error = in_gif_setopts(sc, options); 651 break; 652 #endif 653 #ifdef INET6 654 case AF_INET6: 655 error = in6_gif_setopts(sc, options); 656 break; 657 #endif 658 default: 659 /* No need to invoke AF-handler */ 660 sc->gif_options = options; 661 } 662 } 663 break; 664 default: 665 error = EINVAL; 666 break; 667 } 668 if (error == 0 && sc->gif_family != 0) { 669 if ( 670 #ifdef INET 671 cmd == SIOCSIFPHYADDR || 672 #endif 673 #ifdef INET6 674 cmd == SIOCSIFPHYADDR_IN6 || 675 #endif 676 0) { 677 ifp->if_drv_flags |= IFF_DRV_RUNNING; 678 if_link_state_change(ifp, LINK_STATE_UP); 679 } 680 } 681 bad: 682 sx_xunlock(&gif_ioctl_sx); 683 return (error); 684 } 685 686 static void 687 gif_delete_tunnel(struct gif_softc *sc) 688 { 689 690 sx_assert(&gif_ioctl_sx, SA_XLOCKED); 691 if (sc->gif_family != 0) { 692 CK_LIST_REMOVE(sc, chain); 693 /* Wait until it become safe to free gif_hdr */ 694 GIF_WAIT(); 695 free(sc->gif_hdr, M_GIF); 696 } 697 sc->gif_family = 0; 698 GIF2IFP(sc)->if_drv_flags &= ~IFF_DRV_RUNNING; 699 if_link_state_change(GIF2IFP(sc), LINK_STATE_DOWN); 700 } 701 702