1 /*- 2 * SPDX-License-Identifier: BSD-2-Clause-FreeBSD 3 * 4 * Copyright (c) 1998 The NetBSD Foundation, Inc. 5 * Copyright (c) 2014, 2018 Andrey V. Elsukov <ae@FreeBSD.org> 6 * All rights reserved. 7 * 8 * This code is derived from software contributed to The NetBSD Foundation 9 * by Heiko W.Rupp <hwr@pilhuhn.de> 10 * 11 * IPv6-over-GRE contributed by Gert Doering <gert@greenie.muc.de> 12 * 13 * Redistribution and use in source and binary forms, with or without 14 * modification, are permitted provided that the following conditions 15 * are met: 16 * 1. Redistributions of source code must retain the above copyright 17 * notice, this list of conditions and the following disclaimer. 18 * 2. Redistributions in binary form must reproduce the above copyright 19 * notice, this list of conditions and the following disclaimer in the 20 * documentation and/or other materials provided with the distribution. 21 * 22 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 23 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 24 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 25 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 26 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 27 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 28 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 29 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 30 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 31 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 32 * POSSIBILITY OF SUCH DAMAGE. 33 * 34 * $NetBSD: if_gre.c,v 1.49 2003/12/11 00:22:29 itojun Exp $ 35 */ 36 37 #include <sys/cdefs.h> 38 __FBSDID("$FreeBSD$"); 39 40 #include "opt_inet.h" 41 #include "opt_inet6.h" 42 #include "opt_rss.h" 43 44 #include <sys/param.h> 45 #include <sys/kernel.h> 46 #include <sys/lock.h> 47 #include <sys/malloc.h> 48 #include <sys/module.h> 49 #include <sys/mbuf.h> 50 #include <sys/priv.h> 51 #include <sys/proc.h> 52 #include <sys/socket.h> 53 #include <sys/socketvar.h> 54 #include <sys/sockio.h> 55 #include <sys/sx.h> 56 #include <sys/sysctl.h> 57 #include <sys/syslog.h> 58 #include <sys/systm.h> 59 60 #include <net/ethernet.h> 61 #include <net/if.h> 62 #include <net/if_var.h> 63 #include <net/if_clone.h> 64 #include <net/if_types.h> 65 #include <net/netisr.h> 66 #include <net/vnet.h> 67 #include <net/route.h> 68 69 #include <netinet/in.h> 70 #include <netinet/in_pcb.h> 71 #ifdef INET 72 #include <netinet/in_var.h> 73 #include <netinet/ip.h> 74 #include <netinet/ip_var.h> 75 #ifdef RSS 76 #include <netinet/in_rss.h> 77 #endif 78 #endif 79 80 #ifdef INET6 81 #include <netinet/ip6.h> 82 #include <netinet6/in6_var.h> 83 #include <netinet6/ip6_var.h> 84 #ifdef RSS 85 #include <netinet6/in6_rss.h> 86 #endif 87 #endif 88 89 #include <netinet/ip_encap.h> 90 #include <netinet/udp.h> 91 #include <net/bpf.h> 92 #include <net/if_gre.h> 93 94 #include <machine/in_cksum.h> 95 #include <security/mac/mac_framework.h> 96 97 #define GREMTU 1476 98 99 static const char grename[] = "gre"; 100 MALLOC_DEFINE(M_GRE, grename, "Generic Routing Encapsulation"); 101 102 static struct sx gre_ioctl_sx; 103 SX_SYSINIT(gre_ioctl_sx, &gre_ioctl_sx, "gre_ioctl"); 104 105 static int gre_clone_create(struct if_clone *, int, caddr_t); 106 static void gre_clone_destroy(struct ifnet *); 107 VNET_DEFINE_STATIC(struct if_clone *, gre_cloner); 108 #define V_gre_cloner VNET(gre_cloner) 109 110 static void gre_qflush(struct ifnet *); 111 static int gre_transmit(struct ifnet *, struct mbuf *); 112 static int gre_ioctl(struct ifnet *, u_long, caddr_t); 113 static int gre_output(struct ifnet *, struct mbuf *, 114 const struct sockaddr *, struct route *); 115 static void gre_delete_tunnel(struct gre_softc *); 116 117 SYSCTL_DECL(_net_link); 118 static SYSCTL_NODE(_net_link, IFT_TUNNEL, gre, CTLFLAG_RW, 0, 119 "Generic Routing Encapsulation"); 120 #ifndef MAX_GRE_NEST 121 /* 122 * This macro controls the default upper limitation on nesting of gre tunnels. 123 * Since, setting a large value to this macro with a careless configuration 124 * may introduce system crash, we don't allow any nestings by default. 125 * If you need to configure nested gre tunnels, you can define this macro 126 * in your kernel configuration file. However, if you do so, please be 127 * careful to configure the tunnels so that it won't make a loop. 128 */ 129 #define MAX_GRE_NEST 1 130 #endif 131 132 VNET_DEFINE_STATIC(int, max_gre_nesting) = MAX_GRE_NEST; 133 #define V_max_gre_nesting VNET(max_gre_nesting) 134 SYSCTL_INT(_net_link_gre, OID_AUTO, max_nesting, CTLFLAG_RW | CTLFLAG_VNET, 135 &VNET_NAME(max_gre_nesting), 0, "Max nested tunnels"); 136 137 static void 138 vnet_gre_init(const void *unused __unused) 139 { 140 141 V_gre_cloner = if_clone_simple(grename, gre_clone_create, 142 gre_clone_destroy, 0); 143 #ifdef INET 144 in_gre_init(); 145 #endif 146 #ifdef INET6 147 in6_gre_init(); 148 #endif 149 } 150 VNET_SYSINIT(vnet_gre_init, SI_SUB_PROTO_IFATTACHDOMAIN, SI_ORDER_ANY, 151 vnet_gre_init, NULL); 152 153 static void 154 vnet_gre_uninit(const void *unused __unused) 155 { 156 157 if_clone_detach(V_gre_cloner); 158 #ifdef INET 159 in_gre_uninit(); 160 #endif 161 #ifdef INET6 162 in6_gre_uninit(); 163 #endif 164 /* XXX: epoch_call drain */ 165 } 166 VNET_SYSUNINIT(vnet_gre_uninit, SI_SUB_PROTO_IFATTACHDOMAIN, SI_ORDER_ANY, 167 vnet_gre_uninit, NULL); 168 169 static int 170 gre_clone_create(struct if_clone *ifc, int unit, caddr_t params) 171 { 172 struct gre_softc *sc; 173 174 sc = malloc(sizeof(struct gre_softc), M_GRE, M_WAITOK | M_ZERO); 175 sc->gre_fibnum = curthread->td_proc->p_fibnum; 176 GRE2IFP(sc) = if_alloc(IFT_TUNNEL); 177 GRE2IFP(sc)->if_softc = sc; 178 if_initname(GRE2IFP(sc), grename, unit); 179 180 GRE2IFP(sc)->if_mtu = GREMTU; 181 GRE2IFP(sc)->if_flags = IFF_POINTOPOINT|IFF_MULTICAST; 182 GRE2IFP(sc)->if_output = gre_output; 183 GRE2IFP(sc)->if_ioctl = gre_ioctl; 184 GRE2IFP(sc)->if_transmit = gre_transmit; 185 GRE2IFP(sc)->if_qflush = gre_qflush; 186 GRE2IFP(sc)->if_capabilities |= IFCAP_LINKSTATE; 187 GRE2IFP(sc)->if_capenable |= IFCAP_LINKSTATE; 188 if_attach(GRE2IFP(sc)); 189 bpfattach(GRE2IFP(sc), DLT_NULL, sizeof(u_int32_t)); 190 return (0); 191 } 192 193 static void 194 gre_clone_destroy(struct ifnet *ifp) 195 { 196 struct gre_softc *sc; 197 198 sx_xlock(&gre_ioctl_sx); 199 sc = ifp->if_softc; 200 gre_delete_tunnel(sc); 201 bpfdetach(ifp); 202 if_detach(ifp); 203 ifp->if_softc = NULL; 204 sx_xunlock(&gre_ioctl_sx); 205 206 GRE_WAIT(); 207 if_free(ifp); 208 free(sc, M_GRE); 209 } 210 211 static int 212 gre_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 213 { 214 struct ifreq *ifr = (struct ifreq *)data; 215 struct gre_softc *sc; 216 uint32_t opt; 217 int error; 218 219 switch (cmd) { 220 case SIOCSIFMTU: 221 /* XXX: */ 222 if (ifr->ifr_mtu < 576) 223 return (EINVAL); 224 ifp->if_mtu = ifr->ifr_mtu; 225 return (0); 226 case SIOCSIFADDR: 227 ifp->if_flags |= IFF_UP; 228 case SIOCSIFFLAGS: 229 case SIOCADDMULTI: 230 case SIOCDELMULTI: 231 return (0); 232 case GRESADDRS: 233 case GRESADDRD: 234 case GREGADDRS: 235 case GREGADDRD: 236 case GRESPROTO: 237 case GREGPROTO: 238 return (EOPNOTSUPP); 239 } 240 sx_xlock(&gre_ioctl_sx); 241 sc = ifp->if_softc; 242 if (sc == NULL) { 243 error = ENXIO; 244 goto end; 245 } 246 error = 0; 247 switch (cmd) { 248 case SIOCDIFPHYADDR: 249 if (sc->gre_family == 0) 250 break; 251 gre_delete_tunnel(sc); 252 break; 253 #ifdef INET 254 case SIOCSIFPHYADDR: 255 case SIOCGIFPSRCADDR: 256 case SIOCGIFPDSTADDR: 257 error = in_gre_ioctl(sc, cmd, data); 258 break; 259 #endif 260 #ifdef INET6 261 case SIOCSIFPHYADDR_IN6: 262 case SIOCGIFPSRCADDR_IN6: 263 case SIOCGIFPDSTADDR_IN6: 264 error = in6_gre_ioctl(sc, cmd, data); 265 break; 266 #endif 267 case SIOCGTUNFIB: 268 ifr->ifr_fib = sc->gre_fibnum; 269 break; 270 case SIOCSTUNFIB: 271 if ((error = priv_check(curthread, PRIV_NET_GRE)) != 0) 272 break; 273 if (ifr->ifr_fib >= rt_numfibs) 274 error = EINVAL; 275 else 276 sc->gre_fibnum = ifr->ifr_fib; 277 break; 278 case GRESKEY: 279 case GRESOPTS: 280 case GRESPORT: 281 if ((error = priv_check(curthread, PRIV_NET_GRE)) != 0) 282 break; 283 if ((error = copyin(ifr_data_get_ptr(ifr), &opt, 284 sizeof(opt))) != 0) 285 break; 286 if (cmd == GRESKEY) { 287 if (sc->gre_key == opt) 288 break; 289 } else if (cmd == GRESOPTS) { 290 if (opt & ~GRE_OPTMASK) { 291 error = EINVAL; 292 break; 293 } 294 if (sc->gre_options == opt) 295 break; 296 } else if (cmd == GRESPORT) { 297 if (opt != 0 && (opt < V_ipport_hifirstauto || 298 opt > V_ipport_hilastauto)) { 299 error = EINVAL; 300 break; 301 } 302 if (sc->gre_port == opt) 303 break; 304 if ((sc->gre_options & GRE_UDPENCAP) == 0) { 305 /* 306 * UDP encapsulation is not enabled, thus 307 * there is no need to reattach softc. 308 */ 309 sc->gre_port = opt; 310 break; 311 } 312 } 313 switch (sc->gre_family) { 314 #ifdef INET 315 case AF_INET: 316 error = in_gre_setopts(sc, cmd, opt); 317 break; 318 #endif 319 #ifdef INET6 320 case AF_INET6: 321 error = in6_gre_setopts(sc, cmd, opt); 322 break; 323 #endif 324 default: 325 /* 326 * Tunnel is not yet configured. 327 * We can just change any parameters. 328 */ 329 if (cmd == GRESKEY) 330 sc->gre_key = opt; 331 if (cmd == GRESOPTS) 332 sc->gre_options = opt; 333 if (cmd == GRESPORT) 334 sc->gre_port = opt; 335 break; 336 } 337 /* 338 * XXX: Do we need to initiate change of interface 339 * state here? 340 */ 341 break; 342 case GREGKEY: 343 error = copyout(&sc->gre_key, ifr_data_get_ptr(ifr), 344 sizeof(sc->gre_key)); 345 break; 346 case GREGOPTS: 347 error = copyout(&sc->gre_options, ifr_data_get_ptr(ifr), 348 sizeof(sc->gre_options)); 349 break; 350 case GREGPORT: 351 error = copyout(&sc->gre_port, ifr_data_get_ptr(ifr), 352 sizeof(sc->gre_port)); 353 break; 354 default: 355 error = EINVAL; 356 break; 357 } 358 if (error == 0 && sc->gre_family != 0) { 359 if ( 360 #ifdef INET 361 cmd == SIOCSIFPHYADDR || 362 #endif 363 #ifdef INET6 364 cmd == SIOCSIFPHYADDR_IN6 || 365 #endif 366 0) { 367 if_link_state_change(ifp, LINK_STATE_UP); 368 } 369 } 370 end: 371 sx_xunlock(&gre_ioctl_sx); 372 return (error); 373 } 374 375 static void 376 gre_delete_tunnel(struct gre_softc *sc) 377 { 378 struct gre_socket *gs; 379 380 sx_assert(&gre_ioctl_sx, SA_XLOCKED); 381 if (sc->gre_family != 0) { 382 CK_LIST_REMOVE(sc, chain); 383 CK_LIST_REMOVE(sc, srchash); 384 GRE_WAIT(); 385 free(sc->gre_hdr, M_GRE); 386 sc->gre_family = 0; 387 } 388 /* 389 * If this Tunnel was the last one that could use UDP socket, 390 * we should unlink socket from hash table and close it. 391 */ 392 if ((gs = sc->gre_so) != NULL && CK_LIST_EMPTY(&gs->list)) { 393 CK_LIST_REMOVE(gs, chain); 394 soclose(gs->so); 395 epoch_call(net_epoch_preempt, &gs->epoch_ctx, gre_sofree); 396 sc->gre_so = NULL; 397 } 398 GRE2IFP(sc)->if_drv_flags &= ~IFF_DRV_RUNNING; 399 if_link_state_change(GRE2IFP(sc), LINK_STATE_DOWN); 400 } 401 402 struct gre_list * 403 gre_hashinit(void) 404 { 405 struct gre_list *hash; 406 int i; 407 408 hash = malloc(sizeof(struct gre_list) * GRE_HASH_SIZE, 409 M_GRE, M_WAITOK); 410 for (i = 0; i < GRE_HASH_SIZE; i++) 411 CK_LIST_INIT(&hash[i]); 412 413 return (hash); 414 } 415 416 void 417 gre_hashdestroy(struct gre_list *hash) 418 { 419 420 free(hash, M_GRE); 421 } 422 423 void 424 gre_sofree(epoch_context_t ctx) 425 { 426 struct gre_socket *gs; 427 428 gs = __containerof(ctx, struct gre_socket, epoch_ctx); 429 free(gs, M_GRE); 430 } 431 432 static __inline uint16_t 433 gre_cksum_add(uint16_t sum, uint16_t a) 434 { 435 uint16_t res; 436 437 res = sum + a; 438 return (res + (res < a)); 439 } 440 441 void 442 gre_update_udphdr(struct gre_softc *sc, struct udphdr *udp, uint16_t csum) 443 { 444 445 sx_assert(&gre_ioctl_sx, SA_XLOCKED); 446 MPASS(sc->gre_options & GRE_UDPENCAP); 447 448 udp->uh_dport = htons(GRE_UDPPORT); 449 udp->uh_sport = htons(sc->gre_port); 450 udp->uh_sum = csum; 451 udp->uh_ulen = 0; 452 } 453 454 void 455 gre_update_hdr(struct gre_softc *sc, struct grehdr *gh) 456 { 457 uint32_t *opts; 458 uint16_t flags; 459 460 sx_assert(&gre_ioctl_sx, SA_XLOCKED); 461 462 flags = 0; 463 opts = gh->gre_opts; 464 if (sc->gre_options & GRE_ENABLE_CSUM) { 465 flags |= GRE_FLAGS_CP; 466 sc->gre_hlen += 2 * sizeof(uint16_t); 467 *opts++ = 0; 468 } 469 if (sc->gre_key != 0) { 470 flags |= GRE_FLAGS_KP; 471 sc->gre_hlen += sizeof(uint32_t); 472 *opts++ = htonl(sc->gre_key); 473 } 474 if (sc->gre_options & GRE_ENABLE_SEQ) { 475 flags |= GRE_FLAGS_SP; 476 sc->gre_hlen += sizeof(uint32_t); 477 *opts++ = 0; 478 } else 479 sc->gre_oseq = 0; 480 gh->gre_flags = htons(flags); 481 } 482 483 int 484 gre_input(struct mbuf *m, int off, int proto, void *arg) 485 { 486 struct gre_softc *sc = arg; 487 struct grehdr *gh; 488 struct ifnet *ifp; 489 uint32_t *opts; 490 #ifdef notyet 491 uint32_t key; 492 #endif 493 uint16_t flags; 494 int hlen, isr, af; 495 496 ifp = GRE2IFP(sc); 497 hlen = off + sizeof(struct grehdr) + 4 * sizeof(uint32_t); 498 if (m->m_pkthdr.len < hlen) 499 goto drop; 500 if (m->m_len < hlen) { 501 m = m_pullup(m, hlen); 502 if (m == NULL) 503 goto drop; 504 } 505 gh = (struct grehdr *)mtodo(m, off); 506 flags = ntohs(gh->gre_flags); 507 if (flags & ~GRE_FLAGS_MASK) 508 goto drop; 509 opts = gh->gre_opts; 510 hlen = 2 * sizeof(uint16_t); 511 if (flags & GRE_FLAGS_CP) { 512 /* reserved1 field must be zero */ 513 if (((uint16_t *)opts)[1] != 0) 514 goto drop; 515 if (in_cksum_skip(m, m->m_pkthdr.len, off) != 0) 516 goto drop; 517 hlen += 2 * sizeof(uint16_t); 518 opts++; 519 } 520 if (flags & GRE_FLAGS_KP) { 521 #ifdef notyet 522 /* 523 * XXX: The current implementation uses the key only for outgoing 524 * packets. But we can check the key value here, or even in the 525 * encapcheck function. 526 */ 527 key = ntohl(*opts); 528 #endif 529 hlen += sizeof(uint32_t); 530 opts++; 531 } 532 #ifdef notyet 533 } else 534 key = 0; 535 536 if (sc->gre_key != 0 && (key != sc->gre_key || key != 0)) 537 goto drop; 538 #endif 539 if (flags & GRE_FLAGS_SP) { 540 #ifdef notyet 541 seq = ntohl(*opts); 542 #endif 543 hlen += sizeof(uint32_t); 544 } 545 switch (ntohs(gh->gre_proto)) { 546 case ETHERTYPE_WCCP: 547 /* 548 * For WCCP skip an additional 4 bytes if after GRE header 549 * doesn't follow an IP header. 550 */ 551 if (flags == 0 && (*(uint8_t *)gh->gre_opts & 0xF0) != 0x40) 552 hlen += sizeof(uint32_t); 553 /* FALLTHROUGH */ 554 case ETHERTYPE_IP: 555 isr = NETISR_IP; 556 af = AF_INET; 557 break; 558 case ETHERTYPE_IPV6: 559 isr = NETISR_IPV6; 560 af = AF_INET6; 561 break; 562 default: 563 goto drop; 564 } 565 m_adj(m, off + hlen); 566 m_clrprotoflags(m); 567 m->m_pkthdr.rcvif = ifp; 568 M_SETFIB(m, ifp->if_fib); 569 #ifdef MAC 570 mac_ifnet_create_mbuf(ifp, m); 571 #endif 572 BPF_MTAP2(ifp, &af, sizeof(af), m); 573 if_inc_counter(ifp, IFCOUNTER_IPACKETS, 1); 574 if_inc_counter(ifp, IFCOUNTER_IBYTES, m->m_pkthdr.len); 575 if ((ifp->if_flags & IFF_MONITOR) != 0) 576 m_freem(m); 577 else 578 netisr_dispatch(isr, m); 579 return (IPPROTO_DONE); 580 drop: 581 if_inc_counter(ifp, IFCOUNTER_IERRORS, 1); 582 m_freem(m); 583 return (IPPROTO_DONE); 584 } 585 586 static int 587 gre_output(struct ifnet *ifp, struct mbuf *m, const struct sockaddr *dst, 588 struct route *ro) 589 { 590 uint32_t af; 591 592 if (dst->sa_family == AF_UNSPEC) 593 bcopy(dst->sa_data, &af, sizeof(af)); 594 else 595 af = dst->sa_family; 596 /* 597 * Now save the af in the inbound pkt csum data, this is a cheat since 598 * we are using the inbound csum_data field to carry the af over to 599 * the gre_transmit() routine, avoiding using yet another mtag. 600 */ 601 m->m_pkthdr.csum_data = af; 602 return (ifp->if_transmit(ifp, m)); 603 } 604 605 static void 606 gre_setseqn(struct grehdr *gh, uint32_t seq) 607 { 608 uint32_t *opts; 609 uint16_t flags; 610 611 opts = gh->gre_opts; 612 flags = ntohs(gh->gre_flags); 613 KASSERT((flags & GRE_FLAGS_SP) != 0, 614 ("gre_setseqn called, but GRE_FLAGS_SP isn't set ")); 615 if (flags & GRE_FLAGS_CP) 616 opts++; 617 if (flags & GRE_FLAGS_KP) 618 opts++; 619 *opts = htonl(seq); 620 } 621 622 static uint32_t 623 gre_flowid(struct gre_softc *sc, struct mbuf *m, uint32_t af) 624 { 625 uint32_t flowid; 626 627 if ((sc->gre_options & GRE_UDPENCAP) == 0 || sc->gre_port != 0) 628 return (0); 629 #ifndef RSS 630 switch (af) { 631 #ifdef INET 632 case AF_INET: 633 flowid = mtod(m, struct ip *)->ip_src.s_addr ^ 634 mtod(m, struct ip *)->ip_dst.s_addr; 635 break; 636 #endif 637 #ifdef INET6 638 case AF_INET6: 639 flowid = mtod(m, struct ip6_hdr *)->ip6_src.s6_addr32[3] ^ 640 mtod(m, struct ip6_hdr *)->ip6_dst.s6_addr32[3]; 641 break; 642 #endif 643 default: 644 flowid = 0; 645 } 646 #else /* RSS */ 647 switch (af) { 648 #ifdef INET 649 case AF_INET: 650 flowid = rss_hash_ip4_2tuple(mtod(m, struct ip *)->ip_src, 651 mtod(m, struct ip *)->ip_dst); 652 break; 653 #endif 654 #ifdef INET6 655 case AF_INET6: 656 flowid = rss_hash_ip6_2tuple( 657 &mtod(m, struct ip6_hdr *)->ip6_src, 658 &mtod(m, struct ip6_hdr *)->ip6_dst); 659 break; 660 #endif 661 default: 662 flowid = 0; 663 } 664 #endif 665 return (flowid); 666 } 667 668 #define MTAG_GRE 1307983903 669 static int 670 gre_transmit(struct ifnet *ifp, struct mbuf *m) 671 { 672 GRE_RLOCK_TRACKER; 673 struct gre_softc *sc; 674 struct grehdr *gh; 675 struct udphdr *uh; 676 uint32_t af, flowid; 677 int error, len; 678 uint16_t proto; 679 680 len = 0; 681 GRE_RLOCK(); 682 #ifdef MAC 683 error = mac_ifnet_check_transmit(ifp, m); 684 if (error) { 685 m_freem(m); 686 goto drop; 687 } 688 #endif 689 error = ENETDOWN; 690 sc = ifp->if_softc; 691 if ((ifp->if_flags & IFF_MONITOR) != 0 || 692 (ifp->if_flags & IFF_UP) == 0 || 693 (ifp->if_drv_flags & IFF_DRV_RUNNING) == 0 || 694 sc->gre_family == 0 || 695 (error = if_tunnel_check_nesting(ifp, m, MTAG_GRE, 696 V_max_gre_nesting)) != 0) { 697 m_freem(m); 698 goto drop; 699 } 700 af = m->m_pkthdr.csum_data; 701 BPF_MTAP2(ifp, &af, sizeof(af), m); 702 m->m_flags &= ~(M_BCAST|M_MCAST); 703 flowid = gre_flowid(sc, m, af); 704 M_SETFIB(m, sc->gre_fibnum); 705 M_PREPEND(m, sc->gre_hlen, M_NOWAIT); 706 if (m == NULL) { 707 error = ENOBUFS; 708 goto drop; 709 } 710 bcopy(sc->gre_hdr, mtod(m, void *), sc->gre_hlen); 711 /* Determine GRE proto */ 712 switch (af) { 713 #ifdef INET 714 case AF_INET: 715 proto = htons(ETHERTYPE_IP); 716 break; 717 #endif 718 #ifdef INET6 719 case AF_INET6: 720 proto = htons(ETHERTYPE_IPV6); 721 break; 722 #endif 723 default: 724 m_freem(m); 725 error = ENETDOWN; 726 goto drop; 727 } 728 /* Determine offset of GRE header */ 729 switch (sc->gre_family) { 730 #ifdef INET 731 case AF_INET: 732 len = sizeof(struct ip); 733 break; 734 #endif 735 #ifdef INET6 736 case AF_INET6: 737 len = sizeof(struct ip6_hdr); 738 break; 739 #endif 740 default: 741 m_freem(m); 742 error = ENETDOWN; 743 goto drop; 744 } 745 if (sc->gre_options & GRE_UDPENCAP) { 746 uh = (struct udphdr *)mtodo(m, len); 747 uh->uh_sport |= htons(V_ipport_hifirstauto) | 748 (flowid >> 16) | (flowid & 0xFFFF); 749 uh->uh_sport = htons(ntohs(uh->uh_sport) % 750 V_ipport_hilastauto); 751 uh->uh_ulen = htons(m->m_pkthdr.len - len); 752 uh->uh_sum = gre_cksum_add(uh->uh_sum, 753 htons(m->m_pkthdr.len - len + IPPROTO_UDP)); 754 m->m_pkthdr.csum_flags = sc->gre_csumflags; 755 m->m_pkthdr.csum_data = offsetof(struct udphdr, uh_sum); 756 len += sizeof(struct udphdr); 757 } 758 gh = (struct grehdr *)mtodo(m, len); 759 gh->gre_proto = proto; 760 if (sc->gre_options & GRE_ENABLE_SEQ) 761 gre_setseqn(gh, sc->gre_oseq++); 762 if (sc->gre_options & GRE_ENABLE_CSUM) { 763 *(uint16_t *)gh->gre_opts = in_cksum_skip(m, 764 m->m_pkthdr.len, len); 765 } 766 len = m->m_pkthdr.len - len; 767 switch (sc->gre_family) { 768 #ifdef INET 769 case AF_INET: 770 error = in_gre_output(m, af, sc->gre_hlen); 771 break; 772 #endif 773 #ifdef INET6 774 case AF_INET6: 775 error = in6_gre_output(m, af, sc->gre_hlen, flowid); 776 break; 777 #endif 778 default: 779 m_freem(m); 780 error = ENETDOWN; 781 } 782 drop: 783 if (error) 784 if_inc_counter(ifp, IFCOUNTER_OERRORS, 1); 785 else { 786 if_inc_counter(ifp, IFCOUNTER_OPACKETS, 1); 787 if_inc_counter(ifp, IFCOUNTER_OBYTES, len); 788 } 789 GRE_RUNLOCK(); 790 return (error); 791 } 792 793 static void 794 gre_qflush(struct ifnet *ifp __unused) 795 { 796 797 } 798 799 static int 800 gremodevent(module_t mod, int type, void *data) 801 { 802 803 switch (type) { 804 case MOD_LOAD: 805 case MOD_UNLOAD: 806 break; 807 default: 808 return (EOPNOTSUPP); 809 } 810 return (0); 811 } 812 813 static moduledata_t gre_mod = { 814 "if_gre", 815 gremodevent, 816 0 817 }; 818 819 DECLARE_MODULE(if_gre, gre_mod, SI_SUB_PSEUDO, SI_ORDER_ANY); 820 MODULE_VERSION(if_gre, 1); 821