1 /*- 2 * SPDX-License-Identifier: BSD-3-Clause 3 * 4 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 5 * Copyright (c) 2018 Andrey V. Elsukov <ae@FreeBSD.org> 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the project nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 * 32 * $KAME: if_gif.c,v 1.87 2001/10/19 08:50:27 itojun Exp $ 33 */ 34 35 #include <sys/cdefs.h> 36 __FBSDID("$FreeBSD$"); 37 38 #include "opt_inet.h" 39 #include "opt_inet6.h" 40 41 #include <sys/param.h> 42 #include <sys/systm.h> 43 #include <sys/kernel.h> 44 #include <sys/lock.h> 45 #include <sys/malloc.h> 46 #include <sys/mbuf.h> 47 #include <sys/module.h> 48 #include <sys/rmlock.h> 49 #include <sys/socket.h> 50 #include <sys/sockio.h> 51 #include <sys/sx.h> 52 #include <sys/errno.h> 53 #include <sys/time.h> 54 #include <sys/sysctl.h> 55 #include <sys/syslog.h> 56 #include <sys/priv.h> 57 #include <sys/proc.h> 58 #include <sys/conf.h> 59 #include <machine/cpu.h> 60 61 #include <net/if.h> 62 #include <net/if_var.h> 63 #include <net/if_clone.h> 64 #include <net/if_types.h> 65 #include <net/netisr.h> 66 #include <net/route.h> 67 #include <net/bpf.h> 68 #include <net/vnet.h> 69 70 #include <netinet/in.h> 71 #include <netinet/in_systm.h> 72 #include <netinet/ip.h> 73 #include <netinet/ip_ecn.h> 74 #ifdef INET 75 #include <netinet/in_var.h> 76 #include <netinet/ip_var.h> 77 #endif /* INET */ 78 79 #ifdef INET6 80 #ifndef INET 81 #include <netinet/in.h> 82 #endif 83 #include <netinet6/in6_var.h> 84 #include <netinet/ip6.h> 85 #include <netinet6/ip6_ecn.h> 86 #include <netinet6/ip6_var.h> 87 #endif /* INET6 */ 88 89 #include <netinet/ip_encap.h> 90 #include <net/ethernet.h> 91 #include <net/if_bridgevar.h> 92 #include <net/if_gif.h> 93 94 #include <security/mac/mac_framework.h> 95 96 static const char gifname[] = "gif"; 97 98 MALLOC_DEFINE(M_GIF, "gif", "Generic Tunnel Interface"); 99 static struct sx gif_ioctl_sx; 100 SX_SYSINIT(gif_ioctl_sx, &gif_ioctl_sx, "gif_ioctl"); 101 102 void (*ng_gif_input_p)(struct ifnet *ifp, struct mbuf **mp, int af); 103 void (*ng_gif_input_orphan_p)(struct ifnet *ifp, struct mbuf *m, int af); 104 void (*ng_gif_attach_p)(struct ifnet *ifp); 105 void (*ng_gif_detach_p)(struct ifnet *ifp); 106 107 static void gif_delete_tunnel(struct gif_softc *); 108 static int gif_ioctl(struct ifnet *, u_long, caddr_t); 109 static int gif_transmit(struct ifnet *, struct mbuf *); 110 static void gif_qflush(struct ifnet *); 111 static int gif_clone_create(struct if_clone *, int, caddr_t); 112 static void gif_clone_destroy(struct ifnet *); 113 VNET_DEFINE_STATIC(struct if_clone *, gif_cloner); 114 #define V_gif_cloner VNET(gif_cloner) 115 116 SYSCTL_DECL(_net_link); 117 static SYSCTL_NODE(_net_link, IFT_GIF, gif, CTLFLAG_RW | CTLFLAG_MPSAFE, 0, 118 "Generic Tunnel Interface"); 119 #ifndef MAX_GIF_NEST 120 /* 121 * This macro controls the default upper limitation on nesting of gif tunnels. 122 * Since, setting a large value to this macro with a careless configuration 123 * may introduce system crash, we don't allow any nestings by default. 124 * If you need to configure nested gif tunnels, you can define this macro 125 * in your kernel configuration file. However, if you do so, please be 126 * careful to configure the tunnels so that it won't make a loop. 127 */ 128 #define MAX_GIF_NEST 1 129 #endif 130 VNET_DEFINE_STATIC(int, max_gif_nesting) = MAX_GIF_NEST; 131 #define V_max_gif_nesting VNET(max_gif_nesting) 132 SYSCTL_INT(_net_link_gif, OID_AUTO, max_nesting, CTLFLAG_VNET | CTLFLAG_RW, 133 &VNET_NAME(max_gif_nesting), 0, "Max nested tunnels"); 134 135 static int 136 gif_clone_create(struct if_clone *ifc, int unit, caddr_t params) 137 { 138 struct gif_softc *sc; 139 140 sc = malloc(sizeof(struct gif_softc), M_GIF, M_WAITOK | M_ZERO); 141 sc->gif_fibnum = curthread->td_proc->p_fibnum; 142 GIF2IFP(sc) = if_alloc(IFT_GIF); 143 GIF2IFP(sc)->if_softc = sc; 144 if_initname(GIF2IFP(sc), gifname, unit); 145 146 GIF2IFP(sc)->if_addrlen = 0; 147 GIF2IFP(sc)->if_mtu = GIF_MTU; 148 GIF2IFP(sc)->if_flags = IFF_POINTOPOINT | IFF_MULTICAST; 149 GIF2IFP(sc)->if_ioctl = gif_ioctl; 150 GIF2IFP(sc)->if_transmit = gif_transmit; 151 GIF2IFP(sc)->if_qflush = gif_qflush; 152 GIF2IFP(sc)->if_output = gif_output; 153 GIF2IFP(sc)->if_capabilities |= IFCAP_LINKSTATE; 154 GIF2IFP(sc)->if_capenable |= IFCAP_LINKSTATE; 155 if_attach(GIF2IFP(sc)); 156 bpfattach(GIF2IFP(sc), DLT_NULL, sizeof(u_int32_t)); 157 if (ng_gif_attach_p != NULL) 158 (*ng_gif_attach_p)(GIF2IFP(sc)); 159 160 return (0); 161 } 162 163 static void 164 gif_clone_destroy(struct ifnet *ifp) 165 { 166 struct gif_softc *sc; 167 168 sx_xlock(&gif_ioctl_sx); 169 sc = ifp->if_softc; 170 gif_delete_tunnel(sc); 171 if (ng_gif_detach_p != NULL) 172 (*ng_gif_detach_p)(ifp); 173 bpfdetach(ifp); 174 if_detach(ifp); 175 ifp->if_softc = NULL; 176 sx_xunlock(&gif_ioctl_sx); 177 178 GIF_WAIT(); 179 if_free(ifp); 180 free(sc, M_GIF); 181 } 182 183 static void 184 vnet_gif_init(const void *unused __unused) 185 { 186 187 V_gif_cloner = if_clone_simple(gifname, gif_clone_create, 188 gif_clone_destroy, 0); 189 #ifdef INET 190 in_gif_init(); 191 #endif 192 #ifdef INET6 193 in6_gif_init(); 194 #endif 195 } 196 VNET_SYSINIT(vnet_gif_init, SI_SUB_PROTO_IFATTACHDOMAIN, SI_ORDER_ANY, 197 vnet_gif_init, NULL); 198 199 static void 200 vnet_gif_uninit(const void *unused __unused) 201 { 202 203 if_clone_detach(V_gif_cloner); 204 #ifdef INET 205 in_gif_uninit(); 206 #endif 207 #ifdef INET6 208 in6_gif_uninit(); 209 #endif 210 } 211 VNET_SYSUNINIT(vnet_gif_uninit, SI_SUB_PROTO_IFATTACHDOMAIN, SI_ORDER_ANY, 212 vnet_gif_uninit, NULL); 213 214 static int 215 gifmodevent(module_t mod, int type, void *data) 216 { 217 218 switch (type) { 219 case MOD_LOAD: 220 case MOD_UNLOAD: 221 break; 222 default: 223 return (EOPNOTSUPP); 224 } 225 return (0); 226 } 227 228 static moduledata_t gif_mod = { 229 "if_gif", 230 gifmodevent, 231 0 232 }; 233 234 DECLARE_MODULE(if_gif, gif_mod, SI_SUB_PSEUDO, SI_ORDER_ANY); 235 MODULE_VERSION(if_gif, 1); 236 237 struct gif_list * 238 gif_hashinit(void) 239 { 240 struct gif_list *hash; 241 int i; 242 243 hash = malloc(sizeof(struct gif_list) * GIF_HASH_SIZE, 244 M_GIF, M_WAITOK); 245 for (i = 0; i < GIF_HASH_SIZE; i++) 246 CK_LIST_INIT(&hash[i]); 247 248 return (hash); 249 } 250 251 void 252 gif_hashdestroy(struct gif_list *hash) 253 { 254 255 free(hash, M_GIF); 256 } 257 258 #define MTAG_GIF 1080679712 259 static int 260 gif_transmit(struct ifnet *ifp, struct mbuf *m) 261 { 262 struct gif_softc *sc; 263 struct etherip_header *eth; 264 #ifdef INET 265 struct ip *ip; 266 #endif 267 #ifdef INET6 268 struct ip6_hdr *ip6; 269 uint32_t t; 270 #endif 271 uint32_t af; 272 uint8_t proto, ecn; 273 int error; 274 275 NET_EPOCH_ASSERT(); 276 #ifdef MAC 277 error = mac_ifnet_check_transmit(ifp, m); 278 if (error) { 279 m_freem(m); 280 goto err; 281 } 282 #endif 283 error = ENETDOWN; 284 sc = ifp->if_softc; 285 if ((ifp->if_flags & IFF_MONITOR) != 0 || 286 (ifp->if_flags & IFF_UP) == 0 || 287 (ifp->if_drv_flags & IFF_DRV_RUNNING) == 0 || 288 sc->gif_family == 0 || 289 (error = if_tunnel_check_nesting(ifp, m, MTAG_GIF, 290 V_max_gif_nesting)) != 0) { 291 m_freem(m); 292 goto err; 293 } 294 /* Now pull back the af that we stashed in the csum_data. */ 295 if (ifp->if_bridge) 296 af = AF_LINK; 297 else 298 af = m->m_pkthdr.csum_data; 299 m->m_flags &= ~(M_BCAST|M_MCAST); 300 M_SETFIB(m, sc->gif_fibnum); 301 BPF_MTAP2(ifp, &af, sizeof(af), m); 302 if_inc_counter(ifp, IFCOUNTER_OPACKETS, 1); 303 if_inc_counter(ifp, IFCOUNTER_OBYTES, m->m_pkthdr.len); 304 /* inner AF-specific encapsulation */ 305 ecn = 0; 306 switch (af) { 307 #ifdef INET 308 case AF_INET: 309 proto = IPPROTO_IPV4; 310 if (m->m_len < sizeof(struct ip)) 311 m = m_pullup(m, sizeof(struct ip)); 312 if (m == NULL) { 313 error = ENOBUFS; 314 goto err; 315 } 316 ip = mtod(m, struct ip *); 317 ip_ecn_ingress((ifp->if_flags & IFF_LINK1) ? ECN_ALLOWED: 318 ECN_NOCARE, &ecn, &ip->ip_tos); 319 break; 320 #endif 321 #ifdef INET6 322 case AF_INET6: 323 proto = IPPROTO_IPV6; 324 if (m->m_len < sizeof(struct ip6_hdr)) 325 m = m_pullup(m, sizeof(struct ip6_hdr)); 326 if (m == NULL) { 327 error = ENOBUFS; 328 goto err; 329 } 330 t = 0; 331 ip6 = mtod(m, struct ip6_hdr *); 332 ip6_ecn_ingress((ifp->if_flags & IFF_LINK1) ? ECN_ALLOWED: 333 ECN_NOCARE, &t, &ip6->ip6_flow); 334 ecn = (ntohl(t) >> 20) & 0xff; 335 break; 336 #endif 337 case AF_LINK: 338 proto = IPPROTO_ETHERIP; 339 M_PREPEND(m, sizeof(struct etherip_header), M_NOWAIT); 340 if (m == NULL) { 341 error = ENOBUFS; 342 goto err; 343 } 344 eth = mtod(m, struct etherip_header *); 345 eth->eip_resvh = 0; 346 eth->eip_ver = ETHERIP_VERSION; 347 eth->eip_resvl = 0; 348 break; 349 default: 350 error = EAFNOSUPPORT; 351 m_freem(m); 352 goto err; 353 } 354 /* XXX should we check if our outer source is legal? */ 355 /* dispatch to output logic based on outer AF */ 356 switch (sc->gif_family) { 357 #ifdef INET 358 case AF_INET: 359 error = in_gif_output(ifp, m, proto, ecn); 360 break; 361 #endif 362 #ifdef INET6 363 case AF_INET6: 364 error = in6_gif_output(ifp, m, proto, ecn); 365 break; 366 #endif 367 default: 368 m_freem(m); 369 } 370 err: 371 if (error) 372 if_inc_counter(ifp, IFCOUNTER_OERRORS, 1); 373 return (error); 374 } 375 376 static void 377 gif_qflush(struct ifnet *ifp __unused) 378 { 379 380 } 381 382 383 int 384 gif_output(struct ifnet *ifp, struct mbuf *m, const struct sockaddr *dst, 385 struct route *ro) 386 { 387 uint32_t af; 388 389 if (dst->sa_family == AF_UNSPEC) 390 bcopy(dst->sa_data, &af, sizeof(af)); 391 else 392 af = dst->sa_family; 393 /* 394 * Now save the af in the inbound pkt csum data, this is a cheat since 395 * we are using the inbound csum_data field to carry the af over to 396 * the gif_transmit() routine, avoiding using yet another mtag. 397 */ 398 m->m_pkthdr.csum_data = af; 399 return (ifp->if_transmit(ifp, m)); 400 } 401 402 void 403 gif_input(struct mbuf *m, struct ifnet *ifp, int proto, uint8_t ecn) 404 { 405 struct etherip_header *eip; 406 #ifdef INET 407 struct ip *ip; 408 #endif 409 #ifdef INET6 410 struct ip6_hdr *ip6; 411 uint32_t t; 412 #endif 413 struct ether_header *eh; 414 struct ifnet *oldifp; 415 int isr, n, af; 416 417 NET_EPOCH_ASSERT(); 418 419 if (ifp == NULL) { 420 /* just in case */ 421 m_freem(m); 422 return; 423 } 424 m->m_pkthdr.rcvif = ifp; 425 m_clrprotoflags(m); 426 switch (proto) { 427 #ifdef INET 428 case IPPROTO_IPV4: 429 af = AF_INET; 430 if (m->m_len < sizeof(struct ip)) 431 m = m_pullup(m, sizeof(struct ip)); 432 if (m == NULL) 433 goto drop; 434 ip = mtod(m, struct ip *); 435 if (ip_ecn_egress((ifp->if_flags & IFF_LINK1) ? ECN_ALLOWED: 436 ECN_NOCARE, &ecn, &ip->ip_tos) == 0) { 437 m_freem(m); 438 goto drop; 439 } 440 break; 441 #endif 442 #ifdef INET6 443 case IPPROTO_IPV6: 444 af = AF_INET6; 445 if (m->m_len < sizeof(struct ip6_hdr)) 446 m = m_pullup(m, sizeof(struct ip6_hdr)); 447 if (m == NULL) 448 goto drop; 449 t = htonl((uint32_t)ecn << 20); 450 ip6 = mtod(m, struct ip6_hdr *); 451 if (ip6_ecn_egress((ifp->if_flags & IFF_LINK1) ? ECN_ALLOWED: 452 ECN_NOCARE, &t, &ip6->ip6_flow) == 0) { 453 m_freem(m); 454 goto drop; 455 } 456 break; 457 #endif 458 case IPPROTO_ETHERIP: 459 af = AF_LINK; 460 break; 461 default: 462 m_freem(m); 463 goto drop; 464 } 465 466 #ifdef MAC 467 mac_ifnet_create_mbuf(ifp, m); 468 #endif 469 470 if (bpf_peers_present(ifp->if_bpf)) { 471 uint32_t af1 = af; 472 bpf_mtap2(ifp->if_bpf, &af1, sizeof(af1), m); 473 } 474 475 if ((ifp->if_flags & IFF_MONITOR) != 0) { 476 if_inc_counter(ifp, IFCOUNTER_IPACKETS, 1); 477 if_inc_counter(ifp, IFCOUNTER_IBYTES, m->m_pkthdr.len); 478 m_freem(m); 479 return; 480 } 481 482 if (ng_gif_input_p != NULL) { 483 (*ng_gif_input_p)(ifp, &m, af); 484 if (m == NULL) 485 goto drop; 486 } 487 488 /* 489 * Put the packet to the network layer input queue according to the 490 * specified address family. 491 * Note: older versions of gif_input directly called network layer 492 * input functions, e.g. ip6_input, here. We changed the policy to 493 * prevent too many recursive calls of such input functions, which 494 * might cause kernel panic. But the change may introduce another 495 * problem; if the input queue is full, packets are discarded. 496 * The kernel stack overflow really happened, and we believed 497 * queue-full rarely occurs, so we changed the policy. 498 */ 499 switch (af) { 500 #ifdef INET 501 case AF_INET: 502 isr = NETISR_IP; 503 break; 504 #endif 505 #ifdef INET6 506 case AF_INET6: 507 isr = NETISR_IPV6; 508 break; 509 #endif 510 case AF_LINK: 511 n = sizeof(struct etherip_header) + 512 sizeof(struct ether_header); 513 if (n > m->m_len) 514 m = m_pullup(m, n); 515 if (m == NULL) 516 goto drop; 517 eip = mtod(m, struct etherip_header *); 518 if (eip->eip_ver != ETHERIP_VERSION) { 519 /* discard unknown versions */ 520 m_freem(m); 521 goto drop; 522 } 523 m_adj(m, sizeof(struct etherip_header)); 524 525 m->m_flags &= ~(M_BCAST|M_MCAST); 526 m->m_pkthdr.rcvif = ifp; 527 528 if (ifp->if_bridge) { 529 oldifp = ifp; 530 eh = mtod(m, struct ether_header *); 531 if (ETHER_IS_MULTICAST(eh->ether_dhost)) { 532 if (ETHER_IS_BROADCAST(eh->ether_dhost)) 533 m->m_flags |= M_BCAST; 534 else 535 m->m_flags |= M_MCAST; 536 if_inc_counter(ifp, IFCOUNTER_IMCASTS, 1); 537 } 538 BRIDGE_INPUT(ifp, m); 539 540 if (m != NULL && ifp != oldifp) { 541 /* 542 * The bridge gave us back itself or one of the 543 * members for which the frame is addressed. 544 */ 545 ether_demux(ifp, m); 546 return; 547 } 548 } 549 if (m != NULL) 550 m_freem(m); 551 return; 552 553 default: 554 if (ng_gif_input_orphan_p != NULL) 555 (*ng_gif_input_orphan_p)(ifp, m, af); 556 else 557 m_freem(m); 558 return; 559 } 560 561 if_inc_counter(ifp, IFCOUNTER_IPACKETS, 1); 562 if_inc_counter(ifp, IFCOUNTER_IBYTES, m->m_pkthdr.len); 563 M_SETFIB(m, ifp->if_fib); 564 netisr_dispatch(isr, m); 565 return; 566 drop: 567 if_inc_counter(ifp, IFCOUNTER_IERRORS, 1); 568 } 569 570 static int 571 gif_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 572 { 573 struct ifreq *ifr = (struct ifreq*)data; 574 struct gif_softc *sc; 575 u_int options; 576 int error; 577 578 switch (cmd) { 579 case SIOCSIFADDR: 580 ifp->if_flags |= IFF_UP; 581 case SIOCADDMULTI: 582 case SIOCDELMULTI: 583 case SIOCGIFMTU: 584 case SIOCSIFFLAGS: 585 return (0); 586 case SIOCSIFMTU: 587 if (ifr->ifr_mtu < GIF_MTU_MIN || 588 ifr->ifr_mtu > GIF_MTU_MAX) 589 return (EINVAL); 590 else 591 ifp->if_mtu = ifr->ifr_mtu; 592 return (0); 593 } 594 sx_xlock(&gif_ioctl_sx); 595 sc = ifp->if_softc; 596 if (sc == NULL) { 597 error = ENXIO; 598 goto bad; 599 } 600 error = 0; 601 switch (cmd) { 602 case SIOCDIFPHYADDR: 603 if (sc->gif_family == 0) 604 break; 605 gif_delete_tunnel(sc); 606 break; 607 #ifdef INET 608 case SIOCSIFPHYADDR: 609 case SIOCGIFPSRCADDR: 610 case SIOCGIFPDSTADDR: 611 error = in_gif_ioctl(sc, cmd, data); 612 break; 613 #endif 614 #ifdef INET6 615 case SIOCSIFPHYADDR_IN6: 616 case SIOCGIFPSRCADDR_IN6: 617 case SIOCGIFPDSTADDR_IN6: 618 error = in6_gif_ioctl(sc, cmd, data); 619 break; 620 #endif 621 case SIOCGTUNFIB: 622 ifr->ifr_fib = sc->gif_fibnum; 623 break; 624 case SIOCSTUNFIB: 625 if ((error = priv_check(curthread, PRIV_NET_GIF)) != 0) 626 break; 627 if (ifr->ifr_fib >= rt_numfibs) 628 error = EINVAL; 629 else 630 sc->gif_fibnum = ifr->ifr_fib; 631 break; 632 case GIFGOPTS: 633 options = sc->gif_options; 634 error = copyout(&options, ifr_data_get_ptr(ifr), 635 sizeof(options)); 636 break; 637 case GIFSOPTS: 638 if ((error = priv_check(curthread, PRIV_NET_GIF)) != 0) 639 break; 640 error = copyin(ifr_data_get_ptr(ifr), &options, 641 sizeof(options)); 642 if (error) 643 break; 644 if (options & ~GIF_OPTMASK) { 645 error = EINVAL; 646 break; 647 } 648 if (sc->gif_options != options) { 649 switch (sc->gif_family) { 650 #ifdef INET 651 case AF_INET: 652 error = in_gif_setopts(sc, options); 653 break; 654 #endif 655 #ifdef INET6 656 case AF_INET6: 657 error = in6_gif_setopts(sc, options); 658 break; 659 #endif 660 default: 661 /* No need to invoke AF-handler */ 662 sc->gif_options = options; 663 } 664 } 665 break; 666 default: 667 error = EINVAL; 668 break; 669 } 670 if (error == 0 && sc->gif_family != 0) { 671 if ( 672 #ifdef INET 673 cmd == SIOCSIFPHYADDR || 674 #endif 675 #ifdef INET6 676 cmd == SIOCSIFPHYADDR_IN6 || 677 #endif 678 0) { 679 if_link_state_change(ifp, LINK_STATE_UP); 680 } 681 } 682 bad: 683 sx_xunlock(&gif_ioctl_sx); 684 return (error); 685 } 686 687 static void 688 gif_delete_tunnel(struct gif_softc *sc) 689 { 690 691 sx_assert(&gif_ioctl_sx, SA_XLOCKED); 692 if (sc->gif_family != 0) { 693 CK_LIST_REMOVE(sc, srchash); 694 CK_LIST_REMOVE(sc, chain); 695 /* Wait until it become safe to free gif_hdr */ 696 GIF_WAIT(); 697 free(sc->gif_hdr, M_GIF); 698 } 699 sc->gif_family = 0; 700 GIF2IFP(sc)->if_drv_flags &= ~IFF_DRV_RUNNING; 701 if_link_state_change(GIF2IFP(sc), LINK_STATE_DOWN); 702 } 703 704