1 /* $NetBSD: ip_gre.c,v 1.29 2003/09/05 23:02:43 itojun Exp $ */ 2 /* $FreeBSD$ */ 3 4 /* 5 * Copyright (c) 1998 The NetBSD Foundation, Inc. 6 * All rights reserved. 7 * 8 * This code is derived from software contributed to The NetBSD Foundation 9 * by Heiko W.Rupp <hwr@pilhuhn.de> 10 * 11 * Redistribution and use in source and binary forms, with or without 12 * modification, are permitted provided that the following conditions 13 * are met: 14 * 1. Redistributions of source code must retain the above copyright 15 * notice, this list of conditions and the following disclaimer. 16 * 2. Redistributions in binary form must reproduce the above copyright 17 * notice, this list of conditions and the following disclaimer in the 18 * documentation and/or other materials provided with the distribution. 19 * 3. All advertising materials mentioning features or use of this software 20 * must display the following acknowledgement: 21 * This product includes software developed by the NetBSD 22 * Foundation, Inc. and its contributors. 23 * 4. Neither the name of The NetBSD Foundation nor the names of its 24 * contributors may be used to endorse or promote products derived 25 * from this software without specific prior written permission. 26 * 27 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 28 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 29 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 30 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 31 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 32 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 33 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 34 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 35 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 36 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 37 * POSSIBILITY OF SUCH DAMAGE. 38 */ 39 40 /* 41 * deencapsulate tunneled packets and send them on 42 * output half is in net/if_gre.[ch] 43 * This currently handles IPPROTO_GRE, IPPROTO_MOBILE 44 */ 45 46 #include "opt_inet.h" 47 #include "opt_atalk.h" 48 49 #include <sys/param.h> 50 #include <sys/systm.h> 51 #include <sys/mbuf.h> 52 #include <sys/socket.h> 53 #include <sys/socketvar.h> 54 #include <sys/protosw.h> 55 #include <sys/errno.h> 56 #include <sys/time.h> 57 #include <sys/kernel.h> 58 #include <sys/syslog.h> 59 #include <net/bpf.h> 60 #include <net/ethernet.h> 61 #include <net/if.h> 62 #include <net/netisr.h> 63 #include <net/route.h> 64 #include <net/raw_cb.h> 65 66 #ifdef INET 67 #include <netinet/in.h> 68 #include <netinet/in_var.h> 69 #include <netinet/in_systm.h> 70 #include <netinet/ip.h> 71 #include <netinet/ip_var.h> 72 #include <netinet/ip_gre.h> 73 #include <machine/in_cksum.h> 74 #else 75 #error ip_gre input without IP? 76 #endif 77 78 #ifdef NETATALK 79 #include <netatalk/at.h> 80 #include <netatalk/at_var.h> 81 #include <netatalk/at_extern.h> 82 #endif 83 84 /* Needs IP headers. */ 85 #include <net/if_gre.h> 86 87 #include <machine/stdarg.h> 88 89 #if 1 90 void gre_inet_ntoa(struct in_addr in); /* XXX */ 91 #endif 92 93 static struct gre_softc *gre_lookup(struct mbuf *, u_int8_t); 94 95 static int gre_input2(struct mbuf *, int, u_char); 96 97 /* 98 * De-encapsulate a packet and feed it back through ip input (this 99 * routine is called whenever IP gets a packet with proto type 100 * IPPROTO_GRE and a local destination address). 101 * This really is simple 102 */ 103 void 104 #if __STDC__ 105 gre_input(struct mbuf *m, ...) 106 #else 107 gre_input(m, va_alist) 108 struct mbuf *m; 109 va_dcl 110 #endif 111 { 112 int off, ret, proto; 113 va_list ap; 114 115 va_start(ap, m); 116 off = va_arg(ap, int); 117 va_end(ap); 118 proto = (mtod(m, struct ip *))->ip_p; 119 120 ret = gre_input2(m, off, proto); 121 /* 122 * ret == 0 : packet not processed, meaning that 123 * no matching tunnel that is up is found. 124 * we inject it to raw ip socket to see if anyone picks it up. 125 */ 126 if (ret == 0) 127 rip_input(m, off); 128 } 129 130 /* 131 * decapsulate. 132 * Does the real work and is called from gre_input() (above) 133 * returns 0 if packet is not yet processed 134 * and 1 if it needs no further processing 135 * proto is the protocol number of the "calling" foo_input() 136 * routine. 137 */ 138 static int 139 gre_input2(struct mbuf *m ,int hlen, u_char proto) 140 { 141 struct greip *gip; 142 int isr; 143 struct gre_softc *sc; 144 u_int16_t flags; 145 146 if ((sc = gre_lookup(m, proto)) == NULL) { 147 /* No matching tunnel or tunnel is down. */ 148 return (0); 149 } 150 151 if (m->m_len < sizeof(*gip)) { 152 m = m_pullup(m, sizeof(*gip)); 153 if (m == NULL) 154 return (ENOBUFS); 155 } 156 gip = mtod(m, struct greip *); 157 158 sc->sc_if.if_ipackets++; 159 sc->sc_if.if_ibytes += m->m_pkthdr.len; 160 161 switch (proto) { 162 case IPPROTO_GRE: 163 hlen += sizeof(struct gre_h); 164 165 /* process GRE flags as packet can be of variable len */ 166 flags = ntohs(gip->gi_flags); 167 168 /* Checksum & Offset are present */ 169 if ((flags & GRE_CP) | (flags & GRE_RP)) 170 hlen += 4; 171 /* We don't support routing fields (variable length) */ 172 if (flags & GRE_RP) 173 return (0); 174 if (flags & GRE_KP) 175 hlen += 4; 176 if (flags & GRE_SP) 177 hlen += 4; 178 179 switch (ntohs(gip->gi_ptype)) { /* ethertypes */ 180 case WCCP_PROTOCOL_TYPE: 181 if (sc->wccp_ver == WCCP_V2) 182 hlen += 4; 183 /* FALLTHROUGH */ 184 case ETHERTYPE_IP: /* shouldn't need a schednetisr(), */ 185 isr = NETISR_IP;/* as we are in ip_input */ 186 break; 187 #ifdef NETATALK 188 case ETHERTYPE_ATALK: 189 isr = NETISR_ATALK1; 190 break; 191 #endif 192 case ETHERTYPE_IPV6: 193 /* FALLTHROUGH */ 194 default: /* others not yet supported */ 195 return (0); 196 } 197 break; 198 default: 199 /* others not yet supported */ 200 return (0); 201 } 202 203 if (hlen > m->m_pkthdr.len) { 204 m_freem(m); 205 return (EINVAL); 206 } 207 /* Unlike NetBSD, in FreeBSD m_adj() adjusts m->m_pkthdr.len as well */ 208 m_adj(m, hlen); 209 210 if (sc->sc_if.if_bpf) { 211 u_int32_t af = AF_INET; 212 bpf_mtap2(sc->sc_if.if_bpf, &af, sizeof(af), m); 213 } 214 215 m->m_pkthdr.rcvif = &sc->sc_if; 216 217 netisr_dispatch(isr, m); 218 219 return (1); /* packet is done, no further processing needed */ 220 } 221 222 /* 223 * input routine for IPPRPOTO_MOBILE 224 * This is a little bit diffrent from the other modes, as the 225 * encapsulating header was not prepended, but instead inserted 226 * between IP header and payload 227 */ 228 229 void 230 #if __STDC__ 231 gre_mobile_input(struct mbuf *m, ...) 232 #else 233 gre_mobile_input(m, va_alist) 234 struct mbuf *m; 235 va_dcl 236 #endif 237 { 238 struct ip *ip; 239 struct mobip_h *mip; 240 struct gre_softc *sc; 241 int hlen; 242 va_list ap; 243 int msiz; 244 245 va_start(ap, m); 246 hlen = va_arg(ap, int); 247 va_end(ap); 248 249 if ((sc = gre_lookup(m, IPPROTO_MOBILE)) == NULL) { 250 /* No matching tunnel or tunnel is down. */ 251 m_freem(m); 252 return; 253 } 254 255 if (m->m_len < sizeof(*mip)) { 256 m = m_pullup(m, sizeof(*mip)); 257 if (m == NULL) 258 return; 259 } 260 ip = mtod(m, struct ip *); 261 mip = mtod(m, struct mobip_h *); 262 263 sc->sc_if.if_ipackets++; 264 sc->sc_if.if_ibytes += m->m_pkthdr.len; 265 266 if (ntohs(mip->mh.proto) & MOB_H_SBIT) { 267 msiz = MOB_H_SIZ_L; 268 mip->mi.ip_src.s_addr = mip->mh.osrc; 269 } else 270 msiz = MOB_H_SIZ_S; 271 272 if (m->m_len < (ip->ip_hl << 2) + msiz) { 273 m = m_pullup(m, (ip->ip_hl << 2) + msiz); 274 if (m == NULL) 275 return; 276 ip = mtod(m, struct ip *); 277 mip = mtod(m, struct mobip_h *); 278 } 279 280 mip->mi.ip_dst.s_addr = mip->mh.odst; 281 mip->mi.ip_p = (ntohs(mip->mh.proto) >> 8); 282 283 if (gre_in_cksum((u_int16_t *)&mip->mh, msiz) != 0) { 284 m_freem(m); 285 return; 286 } 287 288 bcopy((caddr_t)(ip) + (ip->ip_hl << 2) + msiz, (caddr_t)(ip) + 289 (ip->ip_hl << 2), m->m_len - msiz - (ip->ip_hl << 2)); 290 m->m_len -= msiz; 291 m->m_pkthdr.len -= msiz; 292 293 /* 294 * On FreeBSD, rip_input() supplies us with ip->ip_len 295 * already converted into host byteorder and also decreases 296 * it by the lengh of IP header, however, ip_input() expects 297 * that this field is in the original format (network byteorder 298 * and full size of IP packet), so that adjust accordingly. 299 */ 300 ip->ip_len = htons(ip->ip_len + sizeof(struct ip) - msiz); 301 302 ip->ip_sum = 0; 303 ip->ip_sum = in_cksum(m, (ip->ip_hl << 2)); 304 305 if (sc->sc_if.if_bpf) { 306 u_int32_t af = AF_INET; 307 bpf_mtap2(sc->sc_if.if_bpf, &af, sizeof(af), m); 308 } 309 310 m->m_pkthdr.rcvif = &sc->sc_if; 311 312 netisr_dispatch(NETISR_IP, m); 313 } 314 315 /* 316 * Find the gre interface associated with our src/dst/proto set. 317 * 318 * XXXRW: Need some sort of drain/refcount mechanism so that the softc 319 * reference remains valid after it's returned from gre_lookup(). Right 320 * now, I'm thinking it should be reference-counted with a gre_dropref() 321 * when the caller is done with the softc. This is complicated by how 322 * to handle destroying the gre softc; probably using a gre_drain() in 323 * in_gre.c during destroy. 324 */ 325 static struct gre_softc * 326 gre_lookup(m, proto) 327 struct mbuf *m; 328 u_int8_t proto; 329 { 330 struct ip *ip = mtod(m, struct ip *); 331 struct gre_softc *sc; 332 333 mtx_lock(&gre_mtx); 334 for (sc = LIST_FIRST(&gre_softc_list); sc != NULL; 335 sc = LIST_NEXT(sc, sc_list)) { 336 if ((sc->g_dst.s_addr == ip->ip_src.s_addr) && 337 (sc->g_src.s_addr == ip->ip_dst.s_addr) && 338 (sc->g_proto == proto) && 339 ((sc->sc_if.if_flags & IFF_UP) != 0)) { 340 mtx_unlock(&gre_mtx); 341 return (sc); 342 } 343 } 344 mtx_unlock(&gre_mtx); 345 346 return (NULL); 347 } 348