xref: /linux/drivers/net/ipvlan/ipvlan_l3s.c (revision 52990390f91c1c39ca742fc8f390b29891d95127)
1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /* Copyright (c) 2014 Mahesh Bandewar <maheshb@google.com>
3  */
4 
5 #include "ipvlan.h"
6 
7 static unsigned int ipvlan_netid __read_mostly;
8 
9 struct ipvlan_netns {
10 	unsigned int ipvl_nf_hook_refcnt;
11 };
12 
13 static struct ipvl_addr *ipvlan_skb_to_addr(struct sk_buff *skb,
14 					    struct net_device *dev)
15 {
16 	struct ipvl_addr *addr = NULL;
17 	struct ipvl_port *port;
18 	int addr_type;
19 	void *lyr3h;
20 
21 	if (!dev || !netif_is_ipvlan_port(dev))
22 		goto out;
23 
24 	port = ipvlan_port_get_rcu(dev);
25 	if (!port || port->mode != IPVLAN_MODE_L3S)
26 		goto out;
27 
28 	lyr3h = ipvlan_get_L3_hdr(port, skb, &addr_type);
29 	if (!lyr3h)
30 		goto out;
31 
32 	addr = ipvlan_addr_lookup(port, lyr3h, addr_type, true);
33 out:
34 	return addr;
35 }
36 
37 static struct sk_buff *ipvlan_l3_rcv(struct net_device *dev,
38 				     struct sk_buff *skb, u16 proto)
39 {
40 	struct ipvl_addr *addr;
41 	struct net_device *sdev;
42 
43 	addr = ipvlan_skb_to_addr(skb, dev);
44 	if (!addr)
45 		goto out;
46 
47 	sdev = addr->master->dev;
48 	switch (proto) {
49 	case AF_INET:
50 	{
51 		struct iphdr *ip4h = ip_hdr(skb);
52 		int err;
53 
54 		err = ip_route_input_noref(skb, ip4h->daddr, ip4h->saddr,
55 					   ip4h->tos, sdev);
56 		if (unlikely(err))
57 			goto out;
58 		break;
59 	}
60 #if IS_ENABLED(CONFIG_IPV6)
61 	case AF_INET6:
62 	{
63 		struct dst_entry *dst;
64 		struct ipv6hdr *ip6h = ipv6_hdr(skb);
65 		int flags = RT6_LOOKUP_F_HAS_SADDR;
66 		struct flowi6 fl6 = {
67 			.flowi6_iif   = sdev->ifindex,
68 			.daddr        = ip6h->daddr,
69 			.saddr        = ip6h->saddr,
70 			.flowlabel    = ip6_flowinfo(ip6h),
71 			.flowi6_mark  = skb->mark,
72 			.flowi6_proto = ip6h->nexthdr,
73 		};
74 
75 		skb_dst_drop(skb);
76 		dst = ip6_route_input_lookup(dev_net(sdev), sdev, &fl6,
77 					     skb, flags);
78 		skb_dst_set(skb, dst);
79 		break;
80 	}
81 #endif
82 	default:
83 		break;
84 	}
85 out:
86 	return skb;
87 }
88 
89 static const struct l3mdev_ops ipvl_l3mdev_ops = {
90 	.l3mdev_l3_rcv = ipvlan_l3_rcv,
91 };
92 
93 static unsigned int ipvlan_nf_input(void *priv, struct sk_buff *skb,
94 				    const struct nf_hook_state *state)
95 {
96 	struct ipvl_addr *addr;
97 	unsigned int len;
98 
99 	addr = ipvlan_skb_to_addr(skb, skb->dev);
100 	if (!addr)
101 		goto out;
102 
103 	skb->dev = addr->master->dev;
104 	skb->skb_iif = skb->dev->ifindex;
105 	len = skb->len + ETH_HLEN;
106 	ipvlan_count_rx(addr->master, len, true, false);
107 out:
108 	return NF_ACCEPT;
109 }
110 
111 static const struct nf_hook_ops ipvl_nfops[] = {
112 	{
113 		.hook     = ipvlan_nf_input,
114 		.pf       = NFPROTO_IPV4,
115 		.hooknum  = NF_INET_LOCAL_IN,
116 		.priority = INT_MAX,
117 	},
118 #if IS_ENABLED(CONFIG_IPV6)
119 	{
120 		.hook     = ipvlan_nf_input,
121 		.pf       = NFPROTO_IPV6,
122 		.hooknum  = NF_INET_LOCAL_IN,
123 		.priority = INT_MAX,
124 	},
125 #endif
126 };
127 
128 static int ipvlan_register_nf_hook(struct net *net)
129 {
130 	struct ipvlan_netns *vnet = net_generic(net, ipvlan_netid);
131 	int err = 0;
132 
133 	if (!vnet->ipvl_nf_hook_refcnt) {
134 		err = nf_register_net_hooks(net, ipvl_nfops,
135 					    ARRAY_SIZE(ipvl_nfops));
136 		if (!err)
137 			vnet->ipvl_nf_hook_refcnt = 1;
138 	} else {
139 		vnet->ipvl_nf_hook_refcnt++;
140 	}
141 
142 	return err;
143 }
144 
145 static void ipvlan_unregister_nf_hook(struct net *net)
146 {
147 	struct ipvlan_netns *vnet = net_generic(net, ipvlan_netid);
148 
149 	if (WARN_ON(!vnet->ipvl_nf_hook_refcnt))
150 		return;
151 
152 	vnet->ipvl_nf_hook_refcnt--;
153 	if (!vnet->ipvl_nf_hook_refcnt)
154 		nf_unregister_net_hooks(net, ipvl_nfops,
155 					ARRAY_SIZE(ipvl_nfops));
156 }
157 
158 void ipvlan_migrate_l3s_hook(struct net *oldnet, struct net *newnet)
159 {
160 	struct ipvlan_netns *old_vnet;
161 
162 	ASSERT_RTNL();
163 
164 	old_vnet = net_generic(oldnet, ipvlan_netid);
165 	if (!old_vnet->ipvl_nf_hook_refcnt)
166 		return;
167 
168 	ipvlan_register_nf_hook(newnet);
169 	ipvlan_unregister_nf_hook(oldnet);
170 }
171 
172 static void ipvlan_ns_exit(struct net *net)
173 {
174 	struct ipvlan_netns *vnet = net_generic(net, ipvlan_netid);
175 
176 	if (WARN_ON_ONCE(vnet->ipvl_nf_hook_refcnt)) {
177 		vnet->ipvl_nf_hook_refcnt = 0;
178 		nf_unregister_net_hooks(net, ipvl_nfops,
179 					ARRAY_SIZE(ipvl_nfops));
180 	}
181 }
182 
183 static struct pernet_operations ipvlan_net_ops = {
184 	.id   = &ipvlan_netid,
185 	.size = sizeof(struct ipvlan_netns),
186 	.exit = ipvlan_ns_exit,
187 };
188 
189 int ipvlan_l3s_init(void)
190 {
191 	return register_pernet_subsys(&ipvlan_net_ops);
192 }
193 
194 void ipvlan_l3s_cleanup(void)
195 {
196 	unregister_pernet_subsys(&ipvlan_net_ops);
197 }
198 
199 int ipvlan_l3s_register(struct ipvl_port *port)
200 {
201 	struct net_device *dev = port->dev;
202 	int ret;
203 
204 	ASSERT_RTNL();
205 
206 	ret = ipvlan_register_nf_hook(read_pnet(&port->pnet));
207 	if (!ret) {
208 		dev->l3mdev_ops = &ipvl_l3mdev_ops;
209 		dev->priv_flags |= IFF_L3MDEV_RX_HANDLER;
210 	}
211 
212 	return ret;
213 }
214 
215 void ipvlan_l3s_unregister(struct ipvl_port *port)
216 {
217 	struct net_device *dev = port->dev;
218 
219 	ASSERT_RTNL();
220 
221 	dev->priv_flags &= ~IFF_L3MDEV_RX_HANDLER;
222 	ipvlan_unregister_nf_hook(read_pnet(&port->pnet));
223 	dev->l3mdev_ops = NULL;
224 }
225