1 /*- 2 * SPDX-License-Identifier: BSD-2-Clause-NetBSD 3 * 4 * Copyright (c) 1998 The NetBSD Foundation, Inc. 5 * Copyright (c) 2014 Andrey V. Elsukov <ae@FreeBSD.org> 6 * All rights reserved. 7 * 8 * This code is derived from software contributed to The NetBSD Foundation 9 * by Heiko W.Rupp <hwr@pilhuhn.de> 10 * 11 * IPv6-over-GRE contributed by Gert Doering <gert@greenie.muc.de> 12 * 13 * Redistribution and use in source and binary forms, with or without 14 * modification, are permitted provided that the following conditions 15 * are met: 16 * 1. Redistributions of source code must retain the above copyright 17 * notice, this list of conditions and the following disclaimer. 18 * 2. Redistributions in binary form must reproduce the above copyright 19 * notice, this list of conditions and the following disclaimer in the 20 * documentation and/or other materials provided with the distribution. 21 * 22 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 23 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 24 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 25 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 26 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 27 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 28 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 29 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 30 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 31 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 32 * POSSIBILITY OF SUCH DAMAGE. 33 * 34 * $NetBSD: ip_gre.c,v 1.29 2003/09/05 23:02:43 itojun Exp $ 35 */ 36 37 #include <sys/cdefs.h> 38 __FBSDID("$FreeBSD$"); 39 40 #include "opt_inet.h" 41 #include "opt_inet6.h" 42 43 #include <sys/param.h> 44 #include <sys/systm.h> 45 #include <sys/mbuf.h> 46 #include <sys/socket.h> 47 #include <sys/socketvar.h> 48 #include <sys/errno.h> 49 #include <sys/time.h> 50 #include <sys/kernel.h> 51 #include <sys/lock.h> 52 #include <sys/rmlock.h> 53 #include <sys/sysctl.h> 54 #include <net/ethernet.h> 55 #include <net/if.h> 56 #include <net/if_var.h> 57 #include <net/vnet.h> 58 59 #include <netinet/in.h> 60 #include <netinet/in_var.h> 61 #include <netinet/ip.h> 62 #include <netinet/ip_encap.h> 63 #include <netinet/ip_var.h> 64 65 #ifdef INET6 66 #include <netinet/ip6.h> 67 #endif 68 69 #include <net/if_gre.h> 70 71 #define GRE_TTL 30 72 VNET_DEFINE(int, ip_gre_ttl) = GRE_TTL; 73 #define V_ip_gre_ttl VNET(ip_gre_ttl) 74 SYSCTL_INT(_net_inet_ip, OID_AUTO, grettl, CTLFLAG_VNET | CTLFLAG_RW, 75 &VNET_NAME(ip_gre_ttl), 0, "Default TTL value for encapsulated packets"); 76 77 static int 78 in_gre_encapcheck(const struct mbuf *m, int off, int proto, void *arg) 79 { 80 GRE_RLOCK_TRACKER; 81 struct gre_softc *sc; 82 struct ip *ip; 83 84 sc = (struct gre_softc *)arg; 85 if ((GRE2IFP(sc)->if_flags & IFF_UP) == 0) 86 return (0); 87 88 M_ASSERTPKTHDR(m); 89 90 GRE_RLOCK(sc); 91 if (sc->gre_family == 0) 92 goto bad; 93 94 KASSERT(sc->gre_family == AF_INET, 95 ("wrong gre_family: %d", sc->gre_family)); 96 97 ip = mtod(m, struct ip *); 98 if (sc->gre_oip.ip_src.s_addr != ip->ip_dst.s_addr || 99 sc->gre_oip.ip_dst.s_addr != ip->ip_src.s_addr) 100 goto bad; 101 102 GRE_RUNLOCK(sc); 103 return (32 * 3); /* src + dst + gre_hdr */ 104 bad: 105 GRE_RUNLOCK(sc); 106 return (0); 107 } 108 109 int 110 in_gre_output(struct mbuf *m, int af, int hlen) 111 { 112 struct greip *gi; 113 114 gi = mtod(m, struct greip *); 115 switch (af) { 116 case AF_INET: 117 /* 118 * gre_transmit() has used M_PREPEND() that doesn't guarantee 119 * m_data is contiguous more than hlen bytes. Use m_copydata() 120 * here to avoid m_pullup(). 121 */ 122 m_copydata(m, hlen + offsetof(struct ip, ip_tos), 123 sizeof(u_char), &gi->gi_ip.ip_tos); 124 m_copydata(m, hlen + offsetof(struct ip, ip_id), 125 sizeof(u_short), (caddr_t)&gi->gi_ip.ip_id); 126 break; 127 #ifdef INET6 128 case AF_INET6: 129 gi->gi_ip.ip_tos = 0; /* XXX */ 130 ip_fillid(&gi->gi_ip); 131 break; 132 #endif 133 } 134 gi->gi_ip.ip_ttl = V_ip_gre_ttl; 135 gi->gi_ip.ip_len = htons(m->m_pkthdr.len); 136 return (ip_output(m, NULL, NULL, IP_FORWARDING, NULL, NULL)); 137 } 138 139 static const struct encap_config ipv4_encap_cfg = { 140 .proto = IPPROTO_GRE, 141 .min_length = sizeof(struct greip) + sizeof(struct ip), 142 .exact_match = (sizeof(in_addr_t) << 4) + 32, 143 .check = in_gre_encapcheck, 144 .input = gre_input 145 }; 146 147 int 148 in_gre_attach(struct gre_softc *sc) 149 { 150 151 KASSERT(sc->gre_ecookie == NULL, ("gre_ecookie isn't NULL")); 152 sc->gre_ecookie = ip_encap_attach(&ipv4_encap_cfg, sc, M_WAITOK); 153 return (0); 154 } 155