1c398230bSWarner Losh /*- 2fe267a55SPedro F. Giffuni * SPDX-License-Identifier: BSD-2-Clause-FreeBSD 3fe267a55SPedro F. Giffuni * 48e96e13eSMaxim Sobolev * Copyright (c) 1998 The NetBSD Foundation, Inc. 5a5185adeSAndrey V. Elsukov * Copyright (c) 2014, 2018 Andrey V. Elsukov <ae@FreeBSD.org> 68e96e13eSMaxim Sobolev * All rights reserved. 78e96e13eSMaxim Sobolev * 88e96e13eSMaxim Sobolev * This code is derived from software contributed to The NetBSD Foundation 98e96e13eSMaxim Sobolev * by Heiko W.Rupp <hwr@pilhuhn.de> 108e96e13eSMaxim Sobolev * 119e669156SBjoern A. Zeeb * IPv6-over-GRE contributed by Gert Doering <gert@greenie.muc.de> 129e669156SBjoern A. Zeeb * 138e96e13eSMaxim Sobolev * Redistribution and use in source and binary forms, with or without 148e96e13eSMaxim Sobolev * modification, are permitted provided that the following conditions 158e96e13eSMaxim Sobolev * are met: 168e96e13eSMaxim Sobolev * 1. Redistributions of source code must retain the above copyright 178e96e13eSMaxim Sobolev * notice, this list of conditions and the following disclaimer. 188e96e13eSMaxim Sobolev * 2. Redistributions in binary form must reproduce the above copyright 198e96e13eSMaxim Sobolev * notice, this list of conditions and the following disclaimer in the 208e96e13eSMaxim Sobolev * documentation and/or other materials provided with the distribution. 218e96e13eSMaxim Sobolev * 228e96e13eSMaxim Sobolev * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 238e96e13eSMaxim Sobolev * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 248e96e13eSMaxim Sobolev * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 258e96e13eSMaxim Sobolev * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 268e96e13eSMaxim Sobolev * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 278e96e13eSMaxim Sobolev * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 288e96e13eSMaxim Sobolev * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 298e96e13eSMaxim Sobolev * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 308e96e13eSMaxim Sobolev * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 318e96e13eSMaxim Sobolev * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 328e96e13eSMaxim Sobolev * POSSIBILITY OF SUCH DAMAGE. 33f325335cSAndrey V. Elsukov * 34f325335cSAndrey V. Elsukov * $NetBSD: if_gre.c,v 1.49 2003/12/11 00:22:29 itojun Exp $ 358e96e13eSMaxim Sobolev */ 368e96e13eSMaxim Sobolev 37f325335cSAndrey V. Elsukov #include <sys/cdefs.h> 38f325335cSAndrey V. Elsukov __FBSDID("$FreeBSD$"); 398e96e13eSMaxim Sobolev 408e96e13eSMaxim Sobolev #include "opt_inet.h" 41f16770aeSBruce M Simpson #include "opt_inet6.h" 428e96e13eSMaxim Sobolev 438e96e13eSMaxim Sobolev #include <sys/param.h> 448e96e13eSMaxim Sobolev #include <sys/kernel.h> 45f325335cSAndrey V. Elsukov #include <sys/lock.h> 468e96e13eSMaxim Sobolev #include <sys/malloc.h> 475dba30f1SPoul-Henning Kamp #include <sys/module.h> 488e96e13eSMaxim Sobolev #include <sys/mbuf.h> 49acd3428bSRobert Watson #include <sys/priv.h> 508b07e49aSJulian Elischer #include <sys/proc.h> 518e96e13eSMaxim Sobolev #include <sys/socket.h> 528e96e13eSMaxim Sobolev #include <sys/sockio.h> 53f325335cSAndrey V. Elsukov #include <sys/sx.h> 548e96e13eSMaxim Sobolev #include <sys/sysctl.h> 55f325335cSAndrey V. Elsukov #include <sys/syslog.h> 561b861caaSBruce Evans #include <sys/systm.h> 578e96e13eSMaxim Sobolev 588e96e13eSMaxim Sobolev #include <net/ethernet.h> 598e96e13eSMaxim Sobolev #include <net/if.h> 6076039bc8SGleb Smirnoff #include <net/if_var.h> 61f889d2efSBrooks Davis #include <net/if_clone.h> 628e96e13eSMaxim Sobolev #include <net/if_types.h> 63f325335cSAndrey V. Elsukov #include <net/netisr.h> 64530c0060SRobert Watson #include <net/vnet.h> 65eccfe69aSAndrey V. Elsukov #include <net/route.h> 668e96e13eSMaxim Sobolev 678e96e13eSMaxim Sobolev #include <netinet/in.h> 68f325335cSAndrey V. Elsukov #ifdef INET 698e96e13eSMaxim Sobolev #include <netinet/in_var.h> 708e96e13eSMaxim Sobolev #include <netinet/ip.h> 718e96e13eSMaxim Sobolev #include <netinet/ip_var.h> 728e96e13eSMaxim Sobolev #endif 738e96e13eSMaxim Sobolev 74f325335cSAndrey V. Elsukov #ifdef INET6 75f325335cSAndrey V. Elsukov #include <netinet/ip6.h> 76f325335cSAndrey V. Elsukov #include <netinet6/in6_var.h> 77f325335cSAndrey V. Elsukov #include <netinet6/ip6_var.h> 78f325335cSAndrey V. Elsukov #endif 798e96e13eSMaxim Sobolev 80f325335cSAndrey V. Elsukov #include <netinet/ip_encap.h> 81f325335cSAndrey V. Elsukov #include <net/bpf.h> 828e96e13eSMaxim Sobolev #include <net/if_gre.h> 838e96e13eSMaxim Sobolev 84f325335cSAndrey V. Elsukov #include <machine/in_cksum.h> 85f325335cSAndrey V. Elsukov #include <security/mac/mac_framework.h> 868e96e13eSMaxim Sobolev 87c00bf730SAndrey V. Elsukov #define GREMTU 1476 88f325335cSAndrey V. Elsukov 89a5185adeSAndrey V. Elsukov static const char grename[] = "gre"; 90a5185adeSAndrey V. Elsukov MALLOC_DEFINE(M_GRE, grename, "Generic Routing Encapsulation"); 91a5185adeSAndrey V. Elsukov 92f325335cSAndrey V. Elsukov static struct sx gre_ioctl_sx; 93f325335cSAndrey V. Elsukov SX_SYSINIT(gre_ioctl_sx, &gre_ioctl_sx, "gre_ioctl"); 948e96e13eSMaxim Sobolev 956b7330e2SSam Leffler static int gre_clone_create(struct if_clone *, int, caddr_t); 969ee35470SAlfred Perlstein static void gre_clone_destroy(struct ifnet *); 975f901c92SAndrew Turner VNET_DEFINE_STATIC(struct if_clone *, gre_cloner); 9889c58b73SHiroki Sato #define V_gre_cloner VNET(gre_cloner) 9942a58907SGleb Smirnoff 100f325335cSAndrey V. Elsukov static void gre_qflush(struct ifnet *); 101f325335cSAndrey V. Elsukov static int gre_transmit(struct ifnet *, struct mbuf *); 102c23d234cSMaxim Sobolev static int gre_ioctl(struct ifnet *, u_long, caddr_t); 10347e8d432SGleb Smirnoff static int gre_output(struct ifnet *, struct mbuf *, 10447e8d432SGleb Smirnoff const struct sockaddr *, struct route *); 105a5185adeSAndrey V. Elsukov static void gre_delete_tunnel(struct gre_softc *); 1068e96e13eSMaxim Sobolev 1078e96e13eSMaxim Sobolev SYSCTL_DECL(_net_link); 1086472ac3dSEd Schouten static SYSCTL_NODE(_net_link, IFT_TUNNEL, gre, CTLFLAG_RW, 0, 1098e96e13eSMaxim Sobolev "Generic Routing Encapsulation"); 1108e96e13eSMaxim Sobolev #ifndef MAX_GRE_NEST 1118e96e13eSMaxim Sobolev /* 1128e96e13eSMaxim Sobolev * This macro controls the default upper limitation on nesting of gre tunnels. 1138e96e13eSMaxim Sobolev * Since, setting a large value to this macro with a careless configuration 1148e96e13eSMaxim Sobolev * may introduce system crash, we don't allow any nestings by default. 1158e96e13eSMaxim Sobolev * If you need to configure nested gre tunnels, you can define this macro 1168e96e13eSMaxim Sobolev * in your kernel configuration file. However, if you do so, please be 1178e96e13eSMaxim Sobolev * careful to configure the tunnels so that it won't make a loop. 1188e96e13eSMaxim Sobolev */ 1198e96e13eSMaxim Sobolev #define MAX_GRE_NEST 1 1208e96e13eSMaxim Sobolev #endif 121f325335cSAndrey V. Elsukov 1225f901c92SAndrew Turner VNET_DEFINE_STATIC(int, max_gre_nesting) = MAX_GRE_NEST; 12389c58b73SHiroki Sato #define V_max_gre_nesting VNET(max_gre_nesting) 12489c58b73SHiroki Sato SYSCTL_INT(_net_link_gre, OID_AUTO, max_nesting, CTLFLAG_RW | CTLFLAG_VNET, 12589c58b73SHiroki Sato &VNET_NAME(max_gre_nesting), 0, "Max nested tunnels"); 1268e96e13eSMaxim Sobolev 127c23d234cSMaxim Sobolev static void 12889c58b73SHiroki Sato vnet_gre_init(const void *unused __unused) 1298e96e13eSMaxim Sobolev { 130a5185adeSAndrey V. Elsukov 13189c58b73SHiroki Sato V_gre_cloner = if_clone_simple(grename, gre_clone_create, 13242a58907SGleb Smirnoff gre_clone_destroy, 0); 133a5185adeSAndrey V. Elsukov #ifdef INET 134a5185adeSAndrey V. Elsukov in_gre_init(); 135a5185adeSAndrey V. Elsukov #endif 136a5185adeSAndrey V. Elsukov #ifdef INET6 137a5185adeSAndrey V. Elsukov in6_gre_init(); 138a5185adeSAndrey V. Elsukov #endif 1398e96e13eSMaxim Sobolev } 14089c58b73SHiroki Sato VNET_SYSINIT(vnet_gre_init, SI_SUB_PROTO_IFATTACHDOMAIN, SI_ORDER_ANY, 14189c58b73SHiroki Sato vnet_gre_init, NULL); 14289c58b73SHiroki Sato 14389c58b73SHiroki Sato static void 14489c58b73SHiroki Sato vnet_gre_uninit(const void *unused __unused) 14589c58b73SHiroki Sato { 14689c58b73SHiroki Sato 14789c58b73SHiroki Sato if_clone_detach(V_gre_cloner); 148a5185adeSAndrey V. Elsukov #ifdef INET 149a5185adeSAndrey V. Elsukov in_gre_uninit(); 150a5185adeSAndrey V. Elsukov #endif 151a5185adeSAndrey V. Elsukov #ifdef INET6 152a5185adeSAndrey V. Elsukov in6_gre_uninit(); 153a5185adeSAndrey V. Elsukov #endif 15489c58b73SHiroki Sato } 15589c58b73SHiroki Sato VNET_SYSUNINIT(vnet_gre_uninit, SI_SUB_PROTO_IFATTACHDOMAIN, SI_ORDER_ANY, 15689c58b73SHiroki Sato vnet_gre_uninit, NULL); 1578e96e13eSMaxim Sobolev 158c23d234cSMaxim Sobolev static int 15989c58b73SHiroki Sato gre_clone_create(struct if_clone *ifc, int unit, caddr_t params) 1608e96e13eSMaxim Sobolev { 1618e96e13eSMaxim Sobolev struct gre_softc *sc; 1628e96e13eSMaxim Sobolev 163b3c9a01eSBruce M Simpson sc = malloc(sizeof(struct gre_softc), M_GRE, M_WAITOK | M_ZERO); 164f325335cSAndrey V. Elsukov sc->gre_fibnum = curthread->td_proc->p_fibnum; 165066b192eSBjoern A. Zeeb GRE2IFP(sc) = if_alloc(IFT_TUNNEL); 166fc74a9f9SBrooks Davis GRE2IFP(sc)->if_softc = sc; 16742a58907SGleb Smirnoff if_initname(GRE2IFP(sc), grename, unit); 168066b192eSBjoern A. Zeeb 169c00bf730SAndrey V. Elsukov GRE2IFP(sc)->if_mtu = GREMTU; 170fc74a9f9SBrooks Davis GRE2IFP(sc)->if_flags = IFF_POINTOPOINT|IFF_MULTICAST; 171fc74a9f9SBrooks Davis GRE2IFP(sc)->if_output = gre_output; 172fc74a9f9SBrooks Davis GRE2IFP(sc)->if_ioctl = gre_ioctl; 173f325335cSAndrey V. Elsukov GRE2IFP(sc)->if_transmit = gre_transmit; 174f325335cSAndrey V. Elsukov GRE2IFP(sc)->if_qflush = gre_qflush; 175f1aaad0cSHiroki Sato GRE2IFP(sc)->if_capabilities |= IFCAP_LINKSTATE; 176f1aaad0cSHiroki Sato GRE2IFP(sc)->if_capenable |= IFCAP_LINKSTATE; 177fc74a9f9SBrooks Davis if_attach(GRE2IFP(sc)); 178fc74a9f9SBrooks Davis bpfattach(GRE2IFP(sc), DLT_NULL, sizeof(u_int32_t)); 1798e96e13eSMaxim Sobolev return (0); 1808e96e13eSMaxim Sobolev } 1818e96e13eSMaxim Sobolev 182c23d234cSMaxim Sobolev static void 18389c58b73SHiroki Sato gre_clone_destroy(struct ifnet *ifp) 1848e96e13eSMaxim Sobolev { 185f325335cSAndrey V. Elsukov struct gre_softc *sc; 1868e96e13eSMaxim Sobolev 187f325335cSAndrey V. Elsukov sx_xlock(&gre_ioctl_sx); 188f325335cSAndrey V. Elsukov sc = ifp->if_softc; 189a5185adeSAndrey V. Elsukov gre_delete_tunnel(sc); 190febd0759SAndrew Thompson bpfdetach(ifp); 191febd0759SAndrew Thompson if_detach(ifp); 192f325335cSAndrey V. Elsukov ifp->if_softc = NULL; 193f325335cSAndrey V. Elsukov sx_xunlock(&gre_ioctl_sx); 194f325335cSAndrey V. Elsukov 195a5185adeSAndrey V. Elsukov GRE_WAIT(); 196febd0759SAndrew Thompson if_free(ifp); 197febd0759SAndrew Thompson free(sc, M_GRE); 1988e96e13eSMaxim Sobolev } 1998e96e13eSMaxim Sobolev 200c23d234cSMaxim Sobolev static int 2018e96e13eSMaxim Sobolev gre_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 2028e96e13eSMaxim Sobolev { 2038e96e13eSMaxim Sobolev struct ifreq *ifr = (struct ifreq *)data; 204f325335cSAndrey V. Elsukov struct gre_softc *sc; 205f325335cSAndrey V. Elsukov uint32_t opt; 206f325335cSAndrey V. Elsukov int error; 2078e96e13eSMaxim Sobolev 2088e96e13eSMaxim Sobolev switch (cmd) { 209f325335cSAndrey V. Elsukov case SIOCSIFMTU: 210f325335cSAndrey V. Elsukov /* XXX: */ 211f325335cSAndrey V. Elsukov if (ifr->ifr_mtu < 576) 212f325335cSAndrey V. Elsukov return (EINVAL); 213c00bf730SAndrey V. Elsukov ifp->if_mtu = ifr->ifr_mtu; 214c00bf730SAndrey V. Elsukov return (0); 2158e96e13eSMaxim Sobolev case SIOCSIFADDR: 2168e96e13eSMaxim Sobolev ifp->if_flags |= IFF_UP; 2178e96e13eSMaxim Sobolev case SIOCSIFFLAGS: 2188e96e13eSMaxim Sobolev case SIOCADDMULTI: 2198e96e13eSMaxim Sobolev case SIOCDELMULTI: 220f325335cSAndrey V. Elsukov return (0); 2218e96e13eSMaxim Sobolev case GRESADDRS: 2228e96e13eSMaxim Sobolev case GRESADDRD: 2238e96e13eSMaxim Sobolev case GREGADDRS: 2248e96e13eSMaxim Sobolev case GREGADDRD: 225f325335cSAndrey V. Elsukov case GRESPROTO: 226f325335cSAndrey V. Elsukov case GREGPROTO: 227f325335cSAndrey V. Elsukov return (EOPNOTSUPP); 228f325335cSAndrey V. Elsukov } 229f325335cSAndrey V. Elsukov sx_xlock(&gre_ioctl_sx); 230f325335cSAndrey V. Elsukov sc = ifp->if_softc; 231f325335cSAndrey V. Elsukov if (sc == NULL) { 232f325335cSAndrey V. Elsukov error = ENXIO; 233f325335cSAndrey V. Elsukov goto end; 234f325335cSAndrey V. Elsukov } 235f325335cSAndrey V. Elsukov error = 0; 236f325335cSAndrey V. Elsukov switch (cmd) { 237f325335cSAndrey V. Elsukov case SIOCDIFPHYADDR: 238a5185adeSAndrey V. Elsukov if (sc->gre_family == 0) 2398e96e13eSMaxim Sobolev break; 240a5185adeSAndrey V. Elsukov gre_delete_tunnel(sc); 2418e96e13eSMaxim Sobolev break; 242f325335cSAndrey V. Elsukov #ifdef INET 243a5185adeSAndrey V. Elsukov case SIOCSIFPHYADDR: 244f325335cSAndrey V. Elsukov case SIOCGIFPSRCADDR: 245f325335cSAndrey V. Elsukov case SIOCGIFPDSTADDR: 246a5185adeSAndrey V. Elsukov error = in_gre_ioctl(sc, cmd, data); 247f325335cSAndrey V. Elsukov break; 248f325335cSAndrey V. Elsukov #endif 249f325335cSAndrey V. Elsukov #ifdef INET6 250a5185adeSAndrey V. Elsukov case SIOCSIFPHYADDR_IN6: 251f325335cSAndrey V. Elsukov case SIOCGIFPSRCADDR_IN6: 252f325335cSAndrey V. Elsukov case SIOCGIFPDSTADDR_IN6: 253a5185adeSAndrey V. Elsukov error = in6_gre_ioctl(sc, cmd, data); 254f325335cSAndrey V. Elsukov break; 255f325335cSAndrey V. Elsukov #endif 256eccfe69aSAndrey V. Elsukov case SIOCGTUNFIB: 257eccfe69aSAndrey V. Elsukov ifr->ifr_fib = sc->gre_fibnum; 258eccfe69aSAndrey V. Elsukov break; 259eccfe69aSAndrey V. Elsukov case SIOCSTUNFIB: 260eccfe69aSAndrey V. Elsukov if ((error = priv_check(curthread, PRIV_NET_GRE)) != 0) 261eccfe69aSAndrey V. Elsukov break; 262eccfe69aSAndrey V. Elsukov if (ifr->ifr_fib >= rt_numfibs) 263eccfe69aSAndrey V. Elsukov error = EINVAL; 264eccfe69aSAndrey V. Elsukov else 265eccfe69aSAndrey V. Elsukov sc->gre_fibnum = ifr->ifr_fib; 266eccfe69aSAndrey V. Elsukov break; 267f325335cSAndrey V. Elsukov case GRESKEY: 268f325335cSAndrey V. Elsukov case GRESOPTS: 269f325335cSAndrey V. Elsukov if ((error = priv_check(curthread, PRIV_NET_GRE)) != 0) 270f325335cSAndrey V. Elsukov break; 271541d96aaSBrooks Davis if ((error = copyin(ifr_data_get_ptr(ifr), &opt, 272541d96aaSBrooks Davis sizeof(opt))) != 0) 273f325335cSAndrey V. Elsukov break; 274a5185adeSAndrey V. Elsukov if (cmd == GRESKEY) { 275a5185adeSAndrey V. Elsukov if (sc->gre_key == opt) 276131c55bcSAndrew Thompson break; 277a5185adeSAndrey V. Elsukov } else if (cmd == GRESOPTS) { 278a5185adeSAndrey V. Elsukov if (opt & ~GRE_OPTMASK) { 279a5185adeSAndrey V. Elsukov error = EINVAL; 280a5185adeSAndrey V. Elsukov break; 281a5185adeSAndrey V. Elsukov } 282a5185adeSAndrey V. Elsukov if (sc->gre_options == opt) 283a5185adeSAndrey V. Elsukov break; 284a5185adeSAndrey V. Elsukov } 285a5185adeSAndrey V. Elsukov switch (sc->gre_family) { 286a5185adeSAndrey V. Elsukov #ifdef INET 287a5185adeSAndrey V. Elsukov case AF_INET: 288a5185adeSAndrey V. Elsukov in_gre_setopts(sc, cmd, opt); 289a5185adeSAndrey V. Elsukov break; 290a5185adeSAndrey V. Elsukov #endif 291a5185adeSAndrey V. Elsukov #ifdef INET6 292a5185adeSAndrey V. Elsukov case AF_INET6: 293a5185adeSAndrey V. Elsukov in6_gre_setopts(sc, cmd, opt); 294a5185adeSAndrey V. Elsukov break; 295a5185adeSAndrey V. Elsukov #endif 296a5185adeSAndrey V. Elsukov default: 297a5185adeSAndrey V. Elsukov if (cmd == GRESKEY) 298a5185adeSAndrey V. Elsukov sc->gre_key = opt; 299a5185adeSAndrey V. Elsukov else 300a5185adeSAndrey V. Elsukov sc->gre_options = opt; 301a5185adeSAndrey V. Elsukov break; 302a5185adeSAndrey V. Elsukov } 303a5185adeSAndrey V. Elsukov /* 304a5185adeSAndrey V. Elsukov * XXX: Do we need to initiate change of interface 305a5185adeSAndrey V. Elsukov * state here? 306a5185adeSAndrey V. Elsukov */ 307a5185adeSAndrey V. Elsukov break; 308a5185adeSAndrey V. Elsukov case GREGKEY: 309a5185adeSAndrey V. Elsukov error = copyout(&sc->gre_key, ifr_data_get_ptr(ifr), 310a5185adeSAndrey V. Elsukov sizeof(sc->gre_key)); 311a5185adeSAndrey V. Elsukov break; 312f325335cSAndrey V. Elsukov case GREGOPTS: 313541d96aaSBrooks Davis error = copyout(&sc->gre_options, ifr_data_get_ptr(ifr), 314f325335cSAndrey V. Elsukov sizeof(sc->gre_options)); 315f325335cSAndrey V. Elsukov break; 3168e96e13eSMaxim Sobolev default: 3178e96e13eSMaxim Sobolev error = EINVAL; 3188e96e13eSMaxim Sobolev break; 3198e96e13eSMaxim Sobolev } 320a5185adeSAndrey V. Elsukov if (error == 0 && sc->gre_family != 0) { 321a5185adeSAndrey V. Elsukov if ( 322a5185adeSAndrey V. Elsukov #ifdef INET 323a5185adeSAndrey V. Elsukov cmd == SIOCSIFPHYADDR || 324a5185adeSAndrey V. Elsukov #endif 325a5185adeSAndrey V. Elsukov #ifdef INET6 326a5185adeSAndrey V. Elsukov cmd == SIOCSIFPHYADDR_IN6 || 327a5185adeSAndrey V. Elsukov #endif 328a5185adeSAndrey V. Elsukov 0) { 329a5185adeSAndrey V. Elsukov ifp->if_drv_flags |= IFF_DRV_RUNNING; 330a5185adeSAndrey V. Elsukov if_link_state_change(ifp, LINK_STATE_UP); 331a5185adeSAndrey V. Elsukov } 332a5185adeSAndrey V. Elsukov } 333f325335cSAndrey V. Elsukov end: 334f325335cSAndrey V. Elsukov sx_xunlock(&gre_ioctl_sx); 3358e96e13eSMaxim Sobolev return (error); 3368e96e13eSMaxim Sobolev } 3378e96e13eSMaxim Sobolev 338f325335cSAndrey V. Elsukov static void 339a5185adeSAndrey V. Elsukov gre_delete_tunnel(struct gre_softc *sc) 340f325335cSAndrey V. Elsukov { 341a5185adeSAndrey V. Elsukov 342a5185adeSAndrey V. Elsukov sx_assert(&gre_ioctl_sx, SA_XLOCKED); 343a5185adeSAndrey V. Elsukov if (sc->gre_family != 0) { 344a5185adeSAndrey V. Elsukov CK_LIST_REMOVE(sc, chain); 345a5185adeSAndrey V. Elsukov GRE_WAIT(); 346a5185adeSAndrey V. Elsukov free(sc->gre_hdr, M_GRE); 347a5185adeSAndrey V. Elsukov sc->gre_family = 0; 348a5185adeSAndrey V. Elsukov } 349a5185adeSAndrey V. Elsukov GRE2IFP(sc)->if_drv_flags &= ~IFF_DRV_RUNNING; 350a5185adeSAndrey V. Elsukov if_link_state_change(GRE2IFP(sc), LINK_STATE_DOWN); 351a5185adeSAndrey V. Elsukov } 352a5185adeSAndrey V. Elsukov 353a5185adeSAndrey V. Elsukov struct gre_list * 354a5185adeSAndrey V. Elsukov gre_hashinit(void) 355a5185adeSAndrey V. Elsukov { 356a5185adeSAndrey V. Elsukov struct gre_list *hash; 357a5185adeSAndrey V. Elsukov int i; 358a5185adeSAndrey V. Elsukov 359a5185adeSAndrey V. Elsukov hash = malloc(sizeof(struct gre_list) * GRE_HASH_SIZE, 360a5185adeSAndrey V. Elsukov M_GRE, M_WAITOK); 361a5185adeSAndrey V. Elsukov for (i = 0; i < GRE_HASH_SIZE; i++) 362a5185adeSAndrey V. Elsukov CK_LIST_INIT(&hash[i]); 363a5185adeSAndrey V. Elsukov 364a5185adeSAndrey V. Elsukov return (hash); 365a5185adeSAndrey V. Elsukov } 366a5185adeSAndrey V. Elsukov 367a5185adeSAndrey V. Elsukov void 368a5185adeSAndrey V. Elsukov gre_hashdestroy(struct gre_list *hash) 369a5185adeSAndrey V. Elsukov { 370a5185adeSAndrey V. Elsukov 371a5185adeSAndrey V. Elsukov free(hash, M_GRE); 372a5185adeSAndrey V. Elsukov } 373a5185adeSAndrey V. Elsukov 374a5185adeSAndrey V. Elsukov void 375a5185adeSAndrey V. Elsukov gre_updatehdr(struct gre_softc *sc, struct grehdr *gh) 376a5185adeSAndrey V. Elsukov { 377f325335cSAndrey V. Elsukov uint32_t *opts; 378f325335cSAndrey V. Elsukov uint16_t flags; 379f325335cSAndrey V. Elsukov 380a5185adeSAndrey V. Elsukov sx_assert(&gre_ioctl_sx, SA_XLOCKED); 381a5185adeSAndrey V. Elsukov 382f325335cSAndrey V. Elsukov flags = 0; 383f325335cSAndrey V. Elsukov opts = gh->gre_opts; 384f325335cSAndrey V. Elsukov if (sc->gre_options & GRE_ENABLE_CSUM) { 385f325335cSAndrey V. Elsukov flags |= GRE_FLAGS_CP; 386f325335cSAndrey V. Elsukov sc->gre_hlen += 2 * sizeof(uint16_t); 387f325335cSAndrey V. Elsukov *opts++ = 0; 388f325335cSAndrey V. Elsukov } 389f325335cSAndrey V. Elsukov if (sc->gre_key != 0) { 390f325335cSAndrey V. Elsukov flags |= GRE_FLAGS_KP; 391f325335cSAndrey V. Elsukov sc->gre_hlen += sizeof(uint32_t); 392f325335cSAndrey V. Elsukov *opts++ = htonl(sc->gre_key); 393f325335cSAndrey V. Elsukov } 394f325335cSAndrey V. Elsukov if (sc->gre_options & GRE_ENABLE_SEQ) { 395f325335cSAndrey V. Elsukov flags |= GRE_FLAGS_SP; 396f325335cSAndrey V. Elsukov sc->gre_hlen += sizeof(uint32_t); 397f325335cSAndrey V. Elsukov *opts++ = 0; 398f325335cSAndrey V. Elsukov } else 399f325335cSAndrey V. Elsukov sc->gre_oseq = 0; 400f325335cSAndrey V. Elsukov gh->gre_flags = htons(flags); 401f325335cSAndrey V. Elsukov } 402f325335cSAndrey V. Elsukov 403f325335cSAndrey V. Elsukov int 4046d8fdfa9SAndrey V. Elsukov gre_input(struct mbuf *m, int off, int proto, void *arg) 405f325335cSAndrey V. Elsukov { 4066d8fdfa9SAndrey V. Elsukov struct gre_softc *sc = arg; 407f325335cSAndrey V. Elsukov struct grehdr *gh; 408f325335cSAndrey V. Elsukov struct ifnet *ifp; 4092bfd3dfbSMarcelo Araujo uint32_t *opts; 4102bfd3dfbSMarcelo Araujo #ifdef notyet 4112bfd3dfbSMarcelo Araujo uint32_t key; 4122bfd3dfbSMarcelo Araujo #endif 413f325335cSAndrey V. Elsukov uint16_t flags; 414f325335cSAndrey V. Elsukov int hlen, isr, af; 415f325335cSAndrey V. Elsukov 416f325335cSAndrey V. Elsukov ifp = GRE2IFP(sc); 4176d8fdfa9SAndrey V. Elsukov hlen = off + sizeof(struct grehdr) + 4 * sizeof(uint32_t); 41850bc87bcSAndrey V. Elsukov if (m->m_pkthdr.len < hlen) 41950bc87bcSAndrey V. Elsukov goto drop; 42050bc87bcSAndrey V. Elsukov if (m->m_len < hlen) { 42150bc87bcSAndrey V. Elsukov m = m_pullup(m, hlen); 42250bc87bcSAndrey V. Elsukov if (m == NULL) 42350bc87bcSAndrey V. Elsukov goto drop; 42450bc87bcSAndrey V. Elsukov } 4256d8fdfa9SAndrey V. Elsukov gh = (struct grehdr *)mtodo(m, off); 426f325335cSAndrey V. Elsukov flags = ntohs(gh->gre_flags); 427f325335cSAndrey V. Elsukov if (flags & ~GRE_FLAGS_MASK) 428f325335cSAndrey V. Elsukov goto drop; 429f325335cSAndrey V. Elsukov opts = gh->gre_opts; 430f325335cSAndrey V. Elsukov hlen = 2 * sizeof(uint16_t); 431f325335cSAndrey V. Elsukov if (flags & GRE_FLAGS_CP) { 432f325335cSAndrey V. Elsukov /* reserved1 field must be zero */ 433f325335cSAndrey V. Elsukov if (((uint16_t *)opts)[1] != 0) 434f325335cSAndrey V. Elsukov goto drop; 4356d8fdfa9SAndrey V. Elsukov if (in_cksum_skip(m, m->m_pkthdr.len, off) != 0) 436f325335cSAndrey V. Elsukov goto drop; 437f325335cSAndrey V. Elsukov hlen += 2 * sizeof(uint16_t); 438f325335cSAndrey V. Elsukov opts++; 439f325335cSAndrey V. Elsukov } 440f325335cSAndrey V. Elsukov if (flags & GRE_FLAGS_KP) { 4412bfd3dfbSMarcelo Araujo #ifdef notyet 4422bfd3dfbSMarcelo Araujo /* 4432bfd3dfbSMarcelo Araujo * XXX: The current implementation uses the key only for outgoing 4442bfd3dfbSMarcelo Araujo * packets. But we can check the key value here, or even in the 4452bfd3dfbSMarcelo Araujo * encapcheck function. 4462bfd3dfbSMarcelo Araujo */ 447f325335cSAndrey V. Elsukov key = ntohl(*opts); 4482bfd3dfbSMarcelo Araujo #endif 449f325335cSAndrey V. Elsukov hlen += sizeof(uint32_t); 450f325335cSAndrey V. Elsukov opts++; 4512bfd3dfbSMarcelo Araujo } 4522bfd3dfbSMarcelo Araujo #ifdef notyet 453f325335cSAndrey V. Elsukov } else 454f325335cSAndrey V. Elsukov key = 0; 4552bfd3dfbSMarcelo Araujo 456f325335cSAndrey V. Elsukov if (sc->gre_key != 0 && (key != sc->gre_key || key != 0)) 457f325335cSAndrey V. Elsukov goto drop; 4582bfd3dfbSMarcelo Araujo #endif 459f325335cSAndrey V. Elsukov if (flags & GRE_FLAGS_SP) { 4602bfd3dfbSMarcelo Araujo #ifdef notyet 4612bfd3dfbSMarcelo Araujo seq = ntohl(*opts); 4622bfd3dfbSMarcelo Araujo #endif 463f325335cSAndrey V. Elsukov hlen += sizeof(uint32_t); 464f325335cSAndrey V. Elsukov } 465f325335cSAndrey V. Elsukov switch (ntohs(gh->gre_proto)) { 466f325335cSAndrey V. Elsukov case ETHERTYPE_WCCP: 467f325335cSAndrey V. Elsukov /* 468f325335cSAndrey V. Elsukov * For WCCP skip an additional 4 bytes if after GRE header 469f325335cSAndrey V. Elsukov * doesn't follow an IP header. 470f325335cSAndrey V. Elsukov */ 471f325335cSAndrey V. Elsukov if (flags == 0 && (*(uint8_t *)gh->gre_opts & 0xF0) != 0x40) 472f325335cSAndrey V. Elsukov hlen += sizeof(uint32_t); 473f325335cSAndrey V. Elsukov /* FALLTHROUGH */ 474f325335cSAndrey V. Elsukov case ETHERTYPE_IP: 475f325335cSAndrey V. Elsukov isr = NETISR_IP; 476f325335cSAndrey V. Elsukov af = AF_INET; 477f325335cSAndrey V. Elsukov break; 478f325335cSAndrey V. Elsukov case ETHERTYPE_IPV6: 479f325335cSAndrey V. Elsukov isr = NETISR_IPV6; 480f325335cSAndrey V. Elsukov af = AF_INET6; 481f325335cSAndrey V. Elsukov break; 482f325335cSAndrey V. Elsukov default: 483f325335cSAndrey V. Elsukov goto drop; 484f325335cSAndrey V. Elsukov } 4856d8fdfa9SAndrey V. Elsukov m_adj(m, off + hlen); 486f325335cSAndrey V. Elsukov m_clrprotoflags(m); 487f325335cSAndrey V. Elsukov m->m_pkthdr.rcvif = ifp; 488eccfe69aSAndrey V. Elsukov M_SETFIB(m, ifp->if_fib); 489f325335cSAndrey V. Elsukov #ifdef MAC 490f325335cSAndrey V. Elsukov mac_ifnet_create_mbuf(ifp, m); 491f325335cSAndrey V. Elsukov #endif 492f325335cSAndrey V. Elsukov BPF_MTAP2(ifp, &af, sizeof(af), m); 493f325335cSAndrey V. Elsukov if_inc_counter(ifp, IFCOUNTER_IPACKETS, 1); 494f325335cSAndrey V. Elsukov if_inc_counter(ifp, IFCOUNTER_IBYTES, m->m_pkthdr.len); 495f325335cSAndrey V. Elsukov if ((ifp->if_flags & IFF_MONITOR) != 0) 496f325335cSAndrey V. Elsukov m_freem(m); 4978e96e13eSMaxim Sobolev else 498f325335cSAndrey V. Elsukov netisr_dispatch(isr, m); 499f325335cSAndrey V. Elsukov return (IPPROTO_DONE); 500f325335cSAndrey V. Elsukov drop: 501f325335cSAndrey V. Elsukov if_inc_counter(ifp, IFCOUNTER_IERRORS, 1); 502f325335cSAndrey V. Elsukov m_freem(m); 503f325335cSAndrey V. Elsukov return (IPPROTO_DONE); 5048e96e13eSMaxim Sobolev } 5058e96e13eSMaxim Sobolev 506f325335cSAndrey V. Elsukov static int 507f325335cSAndrey V. Elsukov gre_output(struct ifnet *ifp, struct mbuf *m, const struct sockaddr *dst, 508f325335cSAndrey V. Elsukov struct route *ro) 509f325335cSAndrey V. Elsukov { 510f325335cSAndrey V. Elsukov uint32_t af; 511f325335cSAndrey V. Elsukov 512f325335cSAndrey V. Elsukov if (dst->sa_family == AF_UNSPEC) 513f325335cSAndrey V. Elsukov bcopy(dst->sa_data, &af, sizeof(af)); 514f325335cSAndrey V. Elsukov else 515f325335cSAndrey V. Elsukov af = dst->sa_family; 516a5185adeSAndrey V. Elsukov /* 517a5185adeSAndrey V. Elsukov * Now save the af in the inbound pkt csum data, this is a cheat since 518a5185adeSAndrey V. Elsukov * we are using the inbound csum_data field to carry the af over to 519a5185adeSAndrey V. Elsukov * the gre_transmit() routine, avoiding using yet another mtag. 520a5185adeSAndrey V. Elsukov */ 521a5185adeSAndrey V. Elsukov m->m_pkthdr.csum_data = af; 522f325335cSAndrey V. Elsukov return (ifp->if_transmit(ifp, m)); 523f325335cSAndrey V. Elsukov } 524f325335cSAndrey V. Elsukov 525f325335cSAndrey V. Elsukov static void 526f325335cSAndrey V. Elsukov gre_setseqn(struct grehdr *gh, uint32_t seq) 527f325335cSAndrey V. Elsukov { 528f325335cSAndrey V. Elsukov uint32_t *opts; 529f325335cSAndrey V. Elsukov uint16_t flags; 530f325335cSAndrey V. Elsukov 531f325335cSAndrey V. Elsukov opts = gh->gre_opts; 532f325335cSAndrey V. Elsukov flags = ntohs(gh->gre_flags); 533f325335cSAndrey V. Elsukov KASSERT((flags & GRE_FLAGS_SP) != 0, 534f325335cSAndrey V. Elsukov ("gre_setseqn called, but GRE_FLAGS_SP isn't set ")); 535f325335cSAndrey V. Elsukov if (flags & GRE_FLAGS_CP) 536f325335cSAndrey V. Elsukov opts++; 537f325335cSAndrey V. Elsukov if (flags & GRE_FLAGS_KP) 538f325335cSAndrey V. Elsukov opts++; 539f325335cSAndrey V. Elsukov *opts = htonl(seq); 540f325335cSAndrey V. Elsukov } 541f325335cSAndrey V. Elsukov 54298a8fdf6SAndrey V. Elsukov #define MTAG_GRE 1307983903 543f325335cSAndrey V. Elsukov static int 544f325335cSAndrey V. Elsukov gre_transmit(struct ifnet *ifp, struct mbuf *m) 545f325335cSAndrey V. Elsukov { 546f325335cSAndrey V. Elsukov struct gre_softc *sc; 547f325335cSAndrey V. Elsukov struct grehdr *gh; 548a5185adeSAndrey V. Elsukov uint32_t af; 549a5185adeSAndrey V. Elsukov int error, len; 550a5185adeSAndrey V. Elsukov uint16_t proto; 551f325335cSAndrey V. Elsukov 552a5185adeSAndrey V. Elsukov len = 0; 553*0a27163fSGleb Smirnoff GRE_RLOCK(); 554a5185adeSAndrey V. Elsukov #ifdef MAC 555a5185adeSAndrey V. Elsukov error = mac_ifnet_check_transmit(ifp, m); 556a5185adeSAndrey V. Elsukov if (error) { 557a5185adeSAndrey V. Elsukov m_freem(m); 558a5185adeSAndrey V. Elsukov goto drop; 559a5185adeSAndrey V. Elsukov } 560a5185adeSAndrey V. Elsukov #endif 561a5185adeSAndrey V. Elsukov error = ENETDOWN; 562f325335cSAndrey V. Elsukov sc = ifp->if_softc; 563a5185adeSAndrey V. Elsukov if ((ifp->if_flags & IFF_MONITOR) != 0 || 564a5185adeSAndrey V. Elsukov (ifp->if_flags & IFF_UP) == 0 || 565a5185adeSAndrey V. Elsukov sc->gre_family == 0 || 56698a8fdf6SAndrey V. Elsukov (error = if_tunnel_check_nesting(ifp, m, MTAG_GRE, 56798a8fdf6SAndrey V. Elsukov V_max_gre_nesting)) != 0) { 568f325335cSAndrey V. Elsukov m_freem(m); 569f325335cSAndrey V. Elsukov goto drop; 570f325335cSAndrey V. Elsukov } 571a5185adeSAndrey V. Elsukov af = m->m_pkthdr.csum_data; 572c6851ad0SAndrey V. Elsukov BPF_MTAP2(ifp, &af, sizeof(af), m); 573c6851ad0SAndrey V. Elsukov m->m_flags &= ~(M_BCAST|M_MCAST); 574f325335cSAndrey V. Elsukov M_SETFIB(m, sc->gre_fibnum); 575a5185adeSAndrey V. Elsukov M_PREPEND(m, sc->gre_hlen, M_NOWAIT); 576f325335cSAndrey V. Elsukov if (m == NULL) { 577f325335cSAndrey V. Elsukov error = ENOBUFS; 578f325335cSAndrey V. Elsukov goto drop; 579f325335cSAndrey V. Elsukov } 580a5185adeSAndrey V. Elsukov bcopy(sc->gre_hdr, mtod(m, void *), sc->gre_hlen); 581a5185adeSAndrey V. Elsukov /* Determine GRE proto */ 582a5185adeSAndrey V. Elsukov switch (af) { 583f325335cSAndrey V. Elsukov #ifdef INET 584f325335cSAndrey V. Elsukov case AF_INET: 585a5185adeSAndrey V. Elsukov proto = htons(ETHERTYPE_IP); 586f325335cSAndrey V. Elsukov break; 587f325335cSAndrey V. Elsukov #endif 588f325335cSAndrey V. Elsukov #ifdef INET6 589f325335cSAndrey V. Elsukov case AF_INET6: 590a5185adeSAndrey V. Elsukov proto = htons(ETHERTYPE_IPV6); 591f325335cSAndrey V. Elsukov break; 592f325335cSAndrey V. Elsukov #endif 593f325335cSAndrey V. Elsukov default: 594a5185adeSAndrey V. Elsukov m_freem(m); 595f325335cSAndrey V. Elsukov error = ENETDOWN; 596f325335cSAndrey V. Elsukov goto drop; 597f325335cSAndrey V. Elsukov } 598a5185adeSAndrey V. Elsukov /* Determine offset of GRE header */ 599a5185adeSAndrey V. Elsukov switch (sc->gre_family) { 600f325335cSAndrey V. Elsukov #ifdef INET 601f325335cSAndrey V. Elsukov case AF_INET: 602a5185adeSAndrey V. Elsukov len = sizeof(struct ip); 603f325335cSAndrey V. Elsukov break; 604f325335cSAndrey V. Elsukov #endif 605f325335cSAndrey V. Elsukov #ifdef INET6 606f325335cSAndrey V. Elsukov case AF_INET6: 607a5185adeSAndrey V. Elsukov len = sizeof(struct ip6_hdr); 608f325335cSAndrey V. Elsukov break; 609f325335cSAndrey V. Elsukov #endif 610f325335cSAndrey V. Elsukov default: 611a5185adeSAndrey V. Elsukov m_freem(m); 612f325335cSAndrey V. Elsukov error = ENETDOWN; 613f325335cSAndrey V. Elsukov goto drop; 614f325335cSAndrey V. Elsukov } 615a5185adeSAndrey V. Elsukov gh = (struct grehdr *)mtodo(m, len); 616a5185adeSAndrey V. Elsukov gh->gre_proto = proto; 617a5185adeSAndrey V. Elsukov if (sc->gre_options & GRE_ENABLE_SEQ) 618a5185adeSAndrey V. Elsukov gre_setseqn(gh, sc->gre_oseq++); 619a5185adeSAndrey V. Elsukov if (sc->gre_options & GRE_ENABLE_CSUM) { 620f325335cSAndrey V. Elsukov *(uint16_t *)gh->gre_opts = in_cksum_skip(m, 621a5185adeSAndrey V. Elsukov m->m_pkthdr.len, len); 622f325335cSAndrey V. Elsukov } 623a5185adeSAndrey V. Elsukov len = m->m_pkthdr.len - len; 624a5185adeSAndrey V. Elsukov switch (sc->gre_family) { 625f325335cSAndrey V. Elsukov #ifdef INET 626f325335cSAndrey V. Elsukov case AF_INET: 627a5185adeSAndrey V. Elsukov error = in_gre_output(m, af, sc->gre_hlen); 628f325335cSAndrey V. Elsukov break; 629f325335cSAndrey V. Elsukov #endif 630f325335cSAndrey V. Elsukov #ifdef INET6 631f325335cSAndrey V. Elsukov case AF_INET6: 632a5185adeSAndrey V. Elsukov error = in6_gre_output(m, af, sc->gre_hlen); 633f325335cSAndrey V. Elsukov break; 634f325335cSAndrey V. Elsukov #endif 635f325335cSAndrey V. Elsukov default: 636f325335cSAndrey V. Elsukov m_freem(m); 637f325335cSAndrey V. Elsukov error = ENETDOWN; 63874b8d63dSPedro F. Giffuni } 639f325335cSAndrey V. Elsukov drop: 640f325335cSAndrey V. Elsukov if (error) 641f325335cSAndrey V. Elsukov if_inc_counter(ifp, IFCOUNTER_OERRORS, 1); 642f325335cSAndrey V. Elsukov else { 643f325335cSAndrey V. Elsukov if_inc_counter(ifp, IFCOUNTER_OPACKETS, 1); 644a5185adeSAndrey V. Elsukov if_inc_counter(ifp, IFCOUNTER_OBYTES, len); 645f325335cSAndrey V. Elsukov } 646a5185adeSAndrey V. Elsukov GRE_RUNLOCK(); 647f325335cSAndrey V. Elsukov return (error); 648f325335cSAndrey V. Elsukov } 649f325335cSAndrey V. Elsukov 650f325335cSAndrey V. Elsukov static void 651f325335cSAndrey V. Elsukov gre_qflush(struct ifnet *ifp __unused) 652f325335cSAndrey V. Elsukov { 653f325335cSAndrey V. Elsukov 6548e96e13eSMaxim Sobolev } 6558e96e13eSMaxim Sobolev 6568e96e13eSMaxim Sobolev static int 6578e96e13eSMaxim Sobolev gremodevent(module_t mod, int type, void *data) 6588e96e13eSMaxim Sobolev { 6598e96e13eSMaxim Sobolev 6608e96e13eSMaxim Sobolev switch (type) { 6618e96e13eSMaxim Sobolev case MOD_LOAD: 6628e96e13eSMaxim Sobolev case MOD_UNLOAD: 6638e96e13eSMaxim Sobolev break; 6643e019deaSPoul-Henning Kamp default: 66589c58b73SHiroki Sato return (EOPNOTSUPP); 6668e96e13eSMaxim Sobolev } 66789c58b73SHiroki Sato return (0); 6688e96e13eSMaxim Sobolev } 6698e96e13eSMaxim Sobolev 6708e96e13eSMaxim Sobolev static moduledata_t gre_mod = { 6718e96e13eSMaxim Sobolev "if_gre", 6728e96e13eSMaxim Sobolev gremodevent, 6739823d527SKevin Lo 0 6748e96e13eSMaxim Sobolev }; 6758e96e13eSMaxim Sobolev 6768e96e13eSMaxim Sobolev DECLARE_MODULE(if_gre, gre_mod, SI_SUB_PSEUDO, SI_ORDER_ANY); 6778e96e13eSMaxim Sobolev MODULE_VERSION(if_gre, 1); 678