xref: /freebsd/sys/netinet/ip_gre.c (revision 47dd1d1b619cc035b82b49a91a25544309ff95ae)
1 /*-
2  * SPDX-License-Identifier: BSD-2-Clause-NetBSD
3  *
4  * Copyright (c) 1998 The NetBSD Foundation, Inc.
5  * Copyright (c) 2014 Andrey V. Elsukov <ae@FreeBSD.org>
6  * All rights reserved.
7  *
8  * This code is derived from software contributed to The NetBSD Foundation
9  * by Heiko W.Rupp <hwr@pilhuhn.de>
10  *
11  * IPv6-over-GRE contributed by Gert Doering <gert@greenie.muc.de>
12  *
13  * Redistribution and use in source and binary forms, with or without
14  * modification, are permitted provided that the following conditions
15  * are met:
16  * 1. Redistributions of source code must retain the above copyright
17  *    notice, this list of conditions and the following disclaimer.
18  * 2. Redistributions in binary form must reproduce the above copyright
19  *    notice, this list of conditions and the following disclaimer in the
20  *    documentation and/or other materials provided with the distribution.
21  *
22  * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
23  * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
24  * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
25  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
26  * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
27  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
28  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
29  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
30  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
31  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
32  * POSSIBILITY OF SUCH DAMAGE.
33  *
34  * $NetBSD: ip_gre.c,v 1.29 2003/09/05 23:02:43 itojun Exp $
35  */
36 
37 #include <sys/cdefs.h>
38 __FBSDID("$FreeBSD$");
39 
40 #include "opt_inet.h"
41 #include "opt_inet6.h"
42 
43 #include <sys/param.h>
44 #include <sys/systm.h>
45 #include <sys/mbuf.h>
46 #include <sys/socket.h>
47 #include <sys/socketvar.h>
48 #include <sys/protosw.h>
49 #include <sys/errno.h>
50 #include <sys/time.h>
51 #include <sys/kernel.h>
52 #include <sys/lock.h>
53 #include <sys/rmlock.h>
54 #include <sys/sysctl.h>
55 #include <net/ethernet.h>
56 #include <net/if.h>
57 #include <net/if_var.h>
58 #include <net/vnet.h>
59 
60 #include <netinet/in.h>
61 #include <netinet/in_var.h>
62 #include <netinet/ip.h>
63 #include <netinet/ip_encap.h>
64 #include <netinet/ip_var.h>
65 
66 #ifdef INET6
67 #include <netinet/ip6.h>
68 #endif
69 
70 #include <net/if_gre.h>
71 
72 extern struct domain inetdomain;
73 static const struct protosw in_gre_protosw = {
74 	.pr_type =		SOCK_RAW,
75 	.pr_domain =		&inetdomain,
76 	.pr_protocol =		IPPROTO_GRE,
77 	.pr_flags =		PR_ATOMIC|PR_ADDR,
78 	.pr_input =		gre_input,
79 	.pr_output =		rip_output,
80 	.pr_ctlinput =		rip_ctlinput,
81 	.pr_ctloutput =		rip_ctloutput,
82 	.pr_usrreqs =		&rip_usrreqs
83 };
84 
85 #define	GRE_TTL			30
86 VNET_DEFINE(int, ip_gre_ttl) = GRE_TTL;
87 #define	V_ip_gre_ttl		VNET(ip_gre_ttl)
88 SYSCTL_INT(_net_inet_ip, OID_AUTO, grettl, CTLFLAG_VNET | CTLFLAG_RW,
89 	&VNET_NAME(ip_gre_ttl), 0, "");
90 
91 static int
92 in_gre_encapcheck(const struct mbuf *m, int off, int proto, void *arg)
93 {
94 	GRE_RLOCK_TRACKER;
95 	struct gre_softc *sc;
96 	struct ip *ip;
97 
98 	sc = (struct gre_softc *)arg;
99 	if ((GRE2IFP(sc)->if_flags & IFF_UP) == 0)
100 		return (0);
101 
102 	M_ASSERTPKTHDR(m);
103 	/*
104 	 * We expect that payload contains at least IPv4
105 	 * or IPv6 packet.
106 	 */
107 	if (m->m_pkthdr.len < sizeof(struct greip) + sizeof(struct ip))
108 		return (0);
109 
110 	GRE_RLOCK(sc);
111 	if (sc->gre_family == 0)
112 		goto bad;
113 
114 	KASSERT(sc->gre_family == AF_INET,
115 	    ("wrong gre_family: %d", sc->gre_family));
116 
117 	ip = mtod(m, struct ip *);
118 	if (sc->gre_oip.ip_src.s_addr != ip->ip_dst.s_addr ||
119 	    sc->gre_oip.ip_dst.s_addr != ip->ip_src.s_addr)
120 		goto bad;
121 
122 	GRE_RUNLOCK(sc);
123 	return (32 * 2);
124 bad:
125 	GRE_RUNLOCK(sc);
126 	return (0);
127 }
128 
129 int
130 in_gre_output(struct mbuf *m, int af, int hlen)
131 {
132 	struct greip *gi;
133 
134 	gi = mtod(m, struct greip *);
135 	switch (af) {
136 	case AF_INET:
137 		/*
138 		 * gre_transmit() has used M_PREPEND() that doesn't guarantee
139 		 * m_data is contiguous more than hlen bytes. Use m_copydata()
140 		 * here to avoid m_pullup().
141 		 */
142 		m_copydata(m, hlen + offsetof(struct ip, ip_tos),
143 		    sizeof(u_char), &gi->gi_ip.ip_tos);
144 		m_copydata(m, hlen + offsetof(struct ip, ip_id),
145 		    sizeof(u_short), (caddr_t)&gi->gi_ip.ip_id);
146 		break;
147 #ifdef INET6
148 	case AF_INET6:
149 		gi->gi_ip.ip_tos = 0; /* XXX */
150 		ip_fillid(&gi->gi_ip);
151 		break;
152 #endif
153 	}
154 	gi->gi_ip.ip_ttl = V_ip_gre_ttl;
155 	gi->gi_ip.ip_len = htons(m->m_pkthdr.len);
156 	return (ip_output(m, NULL, NULL, IP_FORWARDING, NULL, NULL));
157 }
158 
159 int
160 in_gre_attach(struct gre_softc *sc)
161 {
162 
163 	KASSERT(sc->gre_ecookie == NULL, ("gre_ecookie isn't NULL"));
164 	sc->gre_ecookie = encap_attach_func(AF_INET, IPPROTO_GRE,
165 	    in_gre_encapcheck, &in_gre_protosw, sc);
166 	if (sc->gre_ecookie == NULL)
167 		return (EEXIST);
168 	return (0);
169 }
170