1 /*- 2 * SPDX-License-Identifier: BSD-3-Clause 3 * 4 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 5 * Copyright (c) 2018 Andrey V. Elsukov <ae@FreeBSD.org> 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the project nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 * 32 * $KAME: if_gif.c,v 1.87 2001/10/19 08:50:27 itojun Exp $ 33 */ 34 35 #include <sys/cdefs.h> 36 __FBSDID("$FreeBSD$"); 37 38 #include "opt_inet.h" 39 #include "opt_inet6.h" 40 41 #include <sys/param.h> 42 #include <sys/systm.h> 43 #include <sys/kernel.h> 44 #include <sys/lock.h> 45 #include <sys/malloc.h> 46 #include <sys/mbuf.h> 47 #include <sys/module.h> 48 #include <sys/rmlock.h> 49 #include <sys/socket.h> 50 #include <sys/sockio.h> 51 #include <sys/sx.h> 52 #include <sys/errno.h> 53 #include <sys/time.h> 54 #include <sys/sysctl.h> 55 #include <sys/syslog.h> 56 #include <sys/priv.h> 57 #include <sys/proc.h> 58 #include <sys/conf.h> 59 #include <machine/cpu.h> 60 61 #include <net/if.h> 62 #include <net/if_var.h> 63 #include <net/if_clone.h> 64 #include <net/if_types.h> 65 #include <net/netisr.h> 66 #include <net/route.h> 67 #include <net/bpf.h> 68 #include <net/vnet.h> 69 70 #include <netinet/in.h> 71 #include <netinet/in_systm.h> 72 #include <netinet/ip.h> 73 #include <netinet/ip_ecn.h> 74 #ifdef INET 75 #include <netinet/in_var.h> 76 #include <netinet/ip_var.h> 77 #endif /* INET */ 78 79 #ifdef INET6 80 #ifndef INET 81 #include <netinet/in.h> 82 #endif 83 #include <netinet6/in6_var.h> 84 #include <netinet/ip6.h> 85 #include <netinet6/ip6_ecn.h> 86 #include <netinet6/ip6_var.h> 87 #endif /* INET6 */ 88 89 #include <netinet/ip_encap.h> 90 #include <net/ethernet.h> 91 #include <net/if_bridgevar.h> 92 #include <net/if_gif.h> 93 94 #include <security/mac/mac_framework.h> 95 96 static const char gifname[] = "gif"; 97 98 MALLOC_DEFINE(M_GIF, "gif", "Generic Tunnel Interface"); 99 static struct sx gif_ioctl_sx; 100 SX_SYSINIT(gif_ioctl_sx, &gif_ioctl_sx, "gif_ioctl"); 101 102 void (*ng_gif_input_p)(struct ifnet *ifp, struct mbuf **mp, int af); 103 void (*ng_gif_input_orphan_p)(struct ifnet *ifp, struct mbuf *m, int af); 104 void (*ng_gif_attach_p)(struct ifnet *ifp); 105 void (*ng_gif_detach_p)(struct ifnet *ifp); 106 107 static int gif_check_nesting(struct ifnet *, struct mbuf *); 108 static void gif_delete_tunnel(struct gif_softc *); 109 static int gif_ioctl(struct ifnet *, u_long, caddr_t); 110 static int gif_transmit(struct ifnet *, struct mbuf *); 111 static void gif_qflush(struct ifnet *); 112 static int gif_clone_create(struct if_clone *, int, caddr_t); 113 static void gif_clone_destroy(struct ifnet *); 114 static VNET_DEFINE(struct if_clone *, gif_cloner); 115 #define V_gif_cloner VNET(gif_cloner) 116 117 SYSCTL_DECL(_net_link); 118 static SYSCTL_NODE(_net_link, IFT_GIF, gif, CTLFLAG_RW, 0, 119 "Generic Tunnel Interface"); 120 #ifndef MAX_GIF_NEST 121 /* 122 * This macro controls the default upper limitation on nesting of gif tunnels. 123 * Since, setting a large value to this macro with a careless configuration 124 * may introduce system crash, we don't allow any nestings by default. 125 * If you need to configure nested gif tunnels, you can define this macro 126 * in your kernel configuration file. However, if you do so, please be 127 * careful to configure the tunnels so that it won't make a loop. 128 */ 129 #define MAX_GIF_NEST 1 130 #endif 131 static VNET_DEFINE(int, max_gif_nesting) = MAX_GIF_NEST; 132 #define V_max_gif_nesting VNET(max_gif_nesting) 133 SYSCTL_INT(_net_link_gif, OID_AUTO, max_nesting, CTLFLAG_VNET | CTLFLAG_RW, 134 &VNET_NAME(max_gif_nesting), 0, "Max nested tunnels"); 135 136 static int 137 gif_clone_create(struct if_clone *ifc, int unit, caddr_t params) 138 { 139 struct gif_softc *sc; 140 141 sc = malloc(sizeof(struct gif_softc), M_GIF, M_WAITOK | M_ZERO); 142 sc->gif_fibnum = curthread->td_proc->p_fibnum; 143 GIF2IFP(sc) = if_alloc(IFT_GIF); 144 GIF2IFP(sc)->if_softc = sc; 145 if_initname(GIF2IFP(sc), gifname, unit); 146 147 GIF2IFP(sc)->if_addrlen = 0; 148 GIF2IFP(sc)->if_mtu = GIF_MTU; 149 GIF2IFP(sc)->if_flags = IFF_POINTOPOINT | IFF_MULTICAST; 150 GIF2IFP(sc)->if_ioctl = gif_ioctl; 151 GIF2IFP(sc)->if_transmit = gif_transmit; 152 GIF2IFP(sc)->if_qflush = gif_qflush; 153 GIF2IFP(sc)->if_output = gif_output; 154 GIF2IFP(sc)->if_capabilities |= IFCAP_LINKSTATE; 155 GIF2IFP(sc)->if_capenable |= IFCAP_LINKSTATE; 156 if_attach(GIF2IFP(sc)); 157 bpfattach(GIF2IFP(sc), DLT_NULL, sizeof(u_int32_t)); 158 if (ng_gif_attach_p != NULL) 159 (*ng_gif_attach_p)(GIF2IFP(sc)); 160 161 return (0); 162 } 163 164 static void 165 gif_clone_destroy(struct ifnet *ifp) 166 { 167 struct gif_softc *sc; 168 169 sx_xlock(&gif_ioctl_sx); 170 sc = ifp->if_softc; 171 gif_delete_tunnel(sc); 172 if (ng_gif_detach_p != NULL) 173 (*ng_gif_detach_p)(ifp); 174 bpfdetach(ifp); 175 if_detach(ifp); 176 ifp->if_softc = NULL; 177 sx_xunlock(&gif_ioctl_sx); 178 179 GIF_WAIT(); 180 if_free(ifp); 181 free(sc, M_GIF); 182 } 183 184 static void 185 vnet_gif_init(const void *unused __unused) 186 { 187 188 V_gif_cloner = if_clone_simple(gifname, gif_clone_create, 189 gif_clone_destroy, 0); 190 #ifdef INET 191 in_gif_init(); 192 #endif 193 #ifdef INET6 194 in6_gif_init(); 195 #endif 196 } 197 VNET_SYSINIT(vnet_gif_init, SI_SUB_PROTO_IFATTACHDOMAIN, SI_ORDER_ANY, 198 vnet_gif_init, NULL); 199 200 static void 201 vnet_gif_uninit(const void *unused __unused) 202 { 203 204 if_clone_detach(V_gif_cloner); 205 #ifdef INET 206 in_gif_uninit(); 207 #endif 208 #ifdef INET6 209 in6_gif_uninit(); 210 #endif 211 } 212 VNET_SYSUNINIT(vnet_gif_uninit, SI_SUB_PROTO_IFATTACHDOMAIN, SI_ORDER_ANY, 213 vnet_gif_uninit, NULL); 214 215 static int 216 gifmodevent(module_t mod, int type, void *data) 217 { 218 219 switch (type) { 220 case MOD_LOAD: 221 case MOD_UNLOAD: 222 break; 223 default: 224 return (EOPNOTSUPP); 225 } 226 return (0); 227 } 228 229 static moduledata_t gif_mod = { 230 "if_gif", 231 gifmodevent, 232 0 233 }; 234 235 DECLARE_MODULE(if_gif, gif_mod, SI_SUB_PSEUDO, SI_ORDER_ANY); 236 MODULE_VERSION(if_gif, 1); 237 238 struct gif_list * 239 gif_hashinit(void) 240 { 241 struct gif_list *hash; 242 int i; 243 244 hash = malloc(sizeof(struct gif_list) * GIF_HASH_SIZE, 245 M_GIF, M_WAITOK); 246 for (i = 0; i < GIF_HASH_SIZE; i++) 247 CK_LIST_INIT(&hash[i]); 248 249 return (hash); 250 } 251 252 void 253 gif_hashdestroy(struct gif_list *hash) 254 { 255 256 free(hash, M_GIF); 257 } 258 259 static int 260 gif_transmit(struct ifnet *ifp, struct mbuf *m) 261 { 262 struct gif_softc *sc; 263 struct etherip_header *eth; 264 #ifdef INET 265 struct ip *ip; 266 #endif 267 #ifdef INET6 268 struct ip6_hdr *ip6; 269 uint32_t t; 270 #endif 271 uint32_t af; 272 uint8_t proto, ecn; 273 int error; 274 275 #ifdef MAC 276 error = mac_ifnet_check_transmit(ifp, m); 277 if (error) { 278 m_freem(m); 279 goto err; 280 } 281 #endif 282 error = ENETDOWN; 283 GIF_RLOCK(); 284 sc = ifp->if_softc; 285 if ((ifp->if_flags & IFF_MONITOR) != 0 || 286 (ifp->if_flags & IFF_UP) == 0 || 287 sc->gif_family == 0 || 288 (error = gif_check_nesting(ifp, m)) != 0) { 289 m_freem(m); 290 goto err; 291 } 292 /* Now pull back the af that we stashed in the csum_data. */ 293 if (ifp->if_bridge) 294 af = AF_LINK; 295 else 296 af = m->m_pkthdr.csum_data; 297 m->m_flags &= ~(M_BCAST|M_MCAST); 298 M_SETFIB(m, sc->gif_fibnum); 299 BPF_MTAP2(ifp, &af, sizeof(af), m); 300 if_inc_counter(ifp, IFCOUNTER_OPACKETS, 1); 301 if_inc_counter(ifp, IFCOUNTER_OBYTES, m->m_pkthdr.len); 302 /* inner AF-specific encapsulation */ 303 ecn = 0; 304 switch (af) { 305 #ifdef INET 306 case AF_INET: 307 proto = IPPROTO_IPV4; 308 if (m->m_len < sizeof(struct ip)) 309 m = m_pullup(m, sizeof(struct ip)); 310 if (m == NULL) { 311 error = ENOBUFS; 312 goto err; 313 } 314 ip = mtod(m, struct ip *); 315 ip_ecn_ingress((ifp->if_flags & IFF_LINK1) ? ECN_ALLOWED: 316 ECN_NOCARE, &ecn, &ip->ip_tos); 317 break; 318 #endif 319 #ifdef INET6 320 case AF_INET6: 321 proto = IPPROTO_IPV6; 322 if (m->m_len < sizeof(struct ip6_hdr)) 323 m = m_pullup(m, sizeof(struct ip6_hdr)); 324 if (m == NULL) { 325 error = ENOBUFS; 326 goto err; 327 } 328 t = 0; 329 ip6 = mtod(m, struct ip6_hdr *); 330 ip6_ecn_ingress((ifp->if_flags & IFF_LINK1) ? ECN_ALLOWED: 331 ECN_NOCARE, &t, &ip6->ip6_flow); 332 ecn = (ntohl(t) >> 20) & 0xff; 333 break; 334 #endif 335 case AF_LINK: 336 proto = IPPROTO_ETHERIP; 337 M_PREPEND(m, sizeof(struct etherip_header), M_NOWAIT); 338 if (m == NULL) { 339 error = ENOBUFS; 340 goto err; 341 } 342 eth = mtod(m, struct etherip_header *); 343 eth->eip_resvh = 0; 344 eth->eip_ver = ETHERIP_VERSION; 345 eth->eip_resvl = 0; 346 break; 347 default: 348 error = EAFNOSUPPORT; 349 m_freem(m); 350 goto err; 351 } 352 /* XXX should we check if our outer source is legal? */ 353 /* dispatch to output logic based on outer AF */ 354 switch (sc->gif_family) { 355 #ifdef INET 356 case AF_INET: 357 error = in_gif_output(ifp, m, proto, ecn); 358 break; 359 #endif 360 #ifdef INET6 361 case AF_INET6: 362 error = in6_gif_output(ifp, m, proto, ecn); 363 break; 364 #endif 365 default: 366 m_freem(m); 367 } 368 err: 369 if (error) 370 if_inc_counter(ifp, IFCOUNTER_OERRORS, 1); 371 GIF_RUNLOCK(); 372 return (error); 373 } 374 375 static void 376 gif_qflush(struct ifnet *ifp __unused) 377 { 378 379 } 380 381 #define MTAG_GIF 1080679712 382 static int 383 gif_check_nesting(struct ifnet *ifp, struct mbuf *m) 384 { 385 struct m_tag *mtag; 386 int count; 387 388 /* 389 * gif may cause infinite recursion calls when misconfigured. 390 * We'll prevent this by detecting loops. 391 * 392 * High nesting level may cause stack exhaustion. 393 * We'll prevent this by introducing upper limit. 394 */ 395 count = 1; 396 mtag = NULL; 397 while ((mtag = m_tag_locate(m, MTAG_GIF, 0, mtag)) != NULL) { 398 if (*(struct ifnet **)(mtag + 1) == ifp) { 399 log(LOG_NOTICE, "%s: loop detected\n", if_name(ifp)); 400 return (EIO); 401 } 402 count++; 403 } 404 if (count > V_max_gif_nesting) { 405 log(LOG_NOTICE, 406 "%s: if_output recursively called too many times(%d)\n", 407 if_name(ifp), count); 408 return (EIO); 409 } 410 mtag = m_tag_alloc(MTAG_GIF, 0, sizeof(struct ifnet *), M_NOWAIT); 411 if (mtag == NULL) 412 return (ENOMEM); 413 *(struct ifnet **)(mtag + 1) = ifp; 414 m_tag_prepend(m, mtag); 415 return (0); 416 } 417 418 int 419 gif_output(struct ifnet *ifp, struct mbuf *m, const struct sockaddr *dst, 420 struct route *ro) 421 { 422 uint32_t af; 423 424 if (dst->sa_family == AF_UNSPEC) 425 bcopy(dst->sa_data, &af, sizeof(af)); 426 else 427 af = dst->sa_family; 428 /* 429 * Now save the af in the inbound pkt csum data, this is a cheat since 430 * we are using the inbound csum_data field to carry the af over to 431 * the gif_transmit() routine, avoiding using yet another mtag. 432 */ 433 m->m_pkthdr.csum_data = af; 434 return (ifp->if_transmit(ifp, m)); 435 } 436 437 void 438 gif_input(struct mbuf *m, struct ifnet *ifp, int proto, uint8_t ecn) 439 { 440 struct etherip_header *eip; 441 #ifdef INET 442 struct ip *ip; 443 #endif 444 #ifdef INET6 445 struct ip6_hdr *ip6; 446 uint32_t t; 447 #endif 448 struct ether_header *eh; 449 struct ifnet *oldifp; 450 int isr, n, af; 451 452 if (ifp == NULL) { 453 /* just in case */ 454 m_freem(m); 455 return; 456 } 457 m->m_pkthdr.rcvif = ifp; 458 m_clrprotoflags(m); 459 switch (proto) { 460 #ifdef INET 461 case IPPROTO_IPV4: 462 af = AF_INET; 463 if (m->m_len < sizeof(struct ip)) 464 m = m_pullup(m, sizeof(struct ip)); 465 if (m == NULL) 466 goto drop; 467 ip = mtod(m, struct ip *); 468 if (ip_ecn_egress((ifp->if_flags & IFF_LINK1) ? ECN_ALLOWED: 469 ECN_NOCARE, &ecn, &ip->ip_tos) == 0) { 470 m_freem(m); 471 goto drop; 472 } 473 break; 474 #endif 475 #ifdef INET6 476 case IPPROTO_IPV6: 477 af = AF_INET6; 478 if (m->m_len < sizeof(struct ip6_hdr)) 479 m = m_pullup(m, sizeof(struct ip6_hdr)); 480 if (m == NULL) 481 goto drop; 482 t = htonl((uint32_t)ecn << 20); 483 ip6 = mtod(m, struct ip6_hdr *); 484 if (ip6_ecn_egress((ifp->if_flags & IFF_LINK1) ? ECN_ALLOWED: 485 ECN_NOCARE, &t, &ip6->ip6_flow) == 0) { 486 m_freem(m); 487 goto drop; 488 } 489 break; 490 #endif 491 case IPPROTO_ETHERIP: 492 af = AF_LINK; 493 break; 494 default: 495 m_freem(m); 496 goto drop; 497 } 498 499 #ifdef MAC 500 mac_ifnet_create_mbuf(ifp, m); 501 #endif 502 503 if (bpf_peers_present(ifp->if_bpf)) { 504 uint32_t af1 = af; 505 bpf_mtap2(ifp->if_bpf, &af1, sizeof(af1), m); 506 } 507 508 if ((ifp->if_flags & IFF_MONITOR) != 0) { 509 if_inc_counter(ifp, IFCOUNTER_IPACKETS, 1); 510 if_inc_counter(ifp, IFCOUNTER_IBYTES, m->m_pkthdr.len); 511 m_freem(m); 512 return; 513 } 514 515 if (ng_gif_input_p != NULL) { 516 (*ng_gif_input_p)(ifp, &m, af); 517 if (m == NULL) 518 goto drop; 519 } 520 521 /* 522 * Put the packet to the network layer input queue according to the 523 * specified address family. 524 * Note: older versions of gif_input directly called network layer 525 * input functions, e.g. ip6_input, here. We changed the policy to 526 * prevent too many recursive calls of such input functions, which 527 * might cause kernel panic. But the change may introduce another 528 * problem; if the input queue is full, packets are discarded. 529 * The kernel stack overflow really happened, and we believed 530 * queue-full rarely occurs, so we changed the policy. 531 */ 532 switch (af) { 533 #ifdef INET 534 case AF_INET: 535 isr = NETISR_IP; 536 break; 537 #endif 538 #ifdef INET6 539 case AF_INET6: 540 isr = NETISR_IPV6; 541 break; 542 #endif 543 case AF_LINK: 544 n = sizeof(struct etherip_header) + 545 sizeof(struct ether_header); 546 if (n > m->m_len) 547 m = m_pullup(m, n); 548 if (m == NULL) 549 goto drop; 550 eip = mtod(m, struct etherip_header *); 551 if (eip->eip_ver != ETHERIP_VERSION) { 552 /* discard unknown versions */ 553 m_freem(m); 554 goto drop; 555 } 556 m_adj(m, sizeof(struct etherip_header)); 557 558 m->m_flags &= ~(M_BCAST|M_MCAST); 559 m->m_pkthdr.rcvif = ifp; 560 561 if (ifp->if_bridge) { 562 oldifp = ifp; 563 eh = mtod(m, struct ether_header *); 564 if (ETHER_IS_MULTICAST(eh->ether_dhost)) { 565 if (ETHER_IS_BROADCAST(eh->ether_dhost)) 566 m->m_flags |= M_BCAST; 567 else 568 m->m_flags |= M_MCAST; 569 if_inc_counter(ifp, IFCOUNTER_IMCASTS, 1); 570 } 571 BRIDGE_INPUT(ifp, m); 572 573 if (m != NULL && ifp != oldifp) { 574 /* 575 * The bridge gave us back itself or one of the 576 * members for which the frame is addressed. 577 */ 578 ether_demux(ifp, m); 579 return; 580 } 581 } 582 if (m != NULL) 583 m_freem(m); 584 return; 585 586 default: 587 if (ng_gif_input_orphan_p != NULL) 588 (*ng_gif_input_orphan_p)(ifp, m, af); 589 else 590 m_freem(m); 591 return; 592 } 593 594 if_inc_counter(ifp, IFCOUNTER_IPACKETS, 1); 595 if_inc_counter(ifp, IFCOUNTER_IBYTES, m->m_pkthdr.len); 596 M_SETFIB(m, ifp->if_fib); 597 netisr_dispatch(isr, m); 598 return; 599 drop: 600 if_inc_counter(ifp, IFCOUNTER_IERRORS, 1); 601 } 602 603 static int 604 gif_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 605 { 606 struct ifreq *ifr = (struct ifreq*)data; 607 struct gif_softc *sc; 608 u_int options; 609 int error; 610 611 switch (cmd) { 612 case SIOCSIFADDR: 613 ifp->if_flags |= IFF_UP; 614 case SIOCADDMULTI: 615 case SIOCDELMULTI: 616 case SIOCGIFMTU: 617 case SIOCSIFFLAGS: 618 return (0); 619 case SIOCSIFMTU: 620 if (ifr->ifr_mtu < GIF_MTU_MIN || 621 ifr->ifr_mtu > GIF_MTU_MAX) 622 return (EINVAL); 623 else 624 ifp->if_mtu = ifr->ifr_mtu; 625 return (0); 626 } 627 sx_xlock(&gif_ioctl_sx); 628 sc = ifp->if_softc; 629 if (sc == NULL) { 630 error = ENXIO; 631 goto bad; 632 } 633 error = 0; 634 switch (cmd) { 635 case SIOCDIFPHYADDR: 636 if (sc->gif_family == 0) 637 break; 638 gif_delete_tunnel(sc); 639 break; 640 #ifdef INET 641 case SIOCSIFPHYADDR: 642 case SIOCGIFPSRCADDR: 643 case SIOCGIFPDSTADDR: 644 error = in_gif_ioctl(sc, cmd, data); 645 break; 646 #endif 647 #ifdef INET6 648 case SIOCSIFPHYADDR_IN6: 649 case SIOCGIFPSRCADDR_IN6: 650 case SIOCGIFPDSTADDR_IN6: 651 error = in6_gif_ioctl(sc, cmd, data); 652 break; 653 #endif 654 case SIOCGTUNFIB: 655 ifr->ifr_fib = sc->gif_fibnum; 656 break; 657 case SIOCSTUNFIB: 658 if ((error = priv_check(curthread, PRIV_NET_GIF)) != 0) 659 break; 660 if (ifr->ifr_fib >= rt_numfibs) 661 error = EINVAL; 662 else 663 sc->gif_fibnum = ifr->ifr_fib; 664 break; 665 case GIFGOPTS: 666 options = sc->gif_options; 667 error = copyout(&options, ifr_data_get_ptr(ifr), 668 sizeof(options)); 669 break; 670 case GIFSOPTS: 671 if ((error = priv_check(curthread, PRIV_NET_GIF)) != 0) 672 break; 673 error = copyin(ifr_data_get_ptr(ifr), &options, 674 sizeof(options)); 675 if (error) 676 break; 677 if (options & ~GIF_OPTMASK) { 678 error = EINVAL; 679 break; 680 } 681 if (sc->gif_options != options) { 682 switch (sc->gif_family) { 683 #ifdef INET 684 case AF_INET: 685 error = in_gif_setopts(sc, options); 686 break; 687 #endif 688 #ifdef INET6 689 case AF_INET6: 690 error = in6_gif_setopts(sc, options); 691 break; 692 #endif 693 default: 694 /* No need to invoke AF-handler */ 695 sc->gif_options = options; 696 } 697 } 698 break; 699 default: 700 error = EINVAL; 701 break; 702 } 703 if (error == 0 && sc->gif_family != 0) { 704 if ( 705 #ifdef INET 706 cmd == SIOCSIFPHYADDR || 707 #endif 708 #ifdef INET6 709 cmd == SIOCSIFPHYADDR_IN6 || 710 #endif 711 0) { 712 ifp->if_drv_flags |= IFF_DRV_RUNNING; 713 if_link_state_change(ifp, LINK_STATE_UP); 714 } 715 } 716 bad: 717 sx_xunlock(&gif_ioctl_sx); 718 return (error); 719 } 720 721 static void 722 gif_delete_tunnel(struct gif_softc *sc) 723 { 724 725 sx_assert(&gif_ioctl_sx, SA_XLOCKED); 726 if (sc->gif_family != 0) { 727 CK_LIST_REMOVE(sc, chain); 728 /* Wait until it become safe to free gif_hdr */ 729 GIF_WAIT(); 730 free(sc->gif_hdr, M_GIF); 731 } 732 sc->gif_family = 0; 733 GIF2IFP(sc)->if_drv_flags &= ~IFF_DRV_RUNNING; 734 if_link_state_change(GIF2IFP(sc), LINK_STATE_DOWN); 735 } 736 737