1 /* 2 * Linux NET3: GRE over IP protocol decoder. 3 * 4 * Authors: Alexey Kuznetsov (kuznet@ms2.inr.ac.ru) 5 * 6 * This program is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU General Public License 8 * as published by the Free Software Foundation; either version 9 * 2 of the License, or (at your option) any later version. 10 * 11 */ 12 13 #include <linux/capability.h> 14 #include <linux/module.h> 15 #include <linux/types.h> 16 #include <linux/sched.h> 17 #include <linux/kernel.h> 18 #include <asm/uaccess.h> 19 #include <linux/skbuff.h> 20 #include <linux/netdevice.h> 21 #include <linux/in.h> 22 #include <linux/tcp.h> 23 #include <linux/udp.h> 24 #include <linux/if_arp.h> 25 #include <linux/mroute.h> 26 #include <linux/init.h> 27 #include <linux/in6.h> 28 #include <linux/inetdevice.h> 29 #include <linux/igmp.h> 30 #include <linux/netfilter_ipv4.h> 31 #include <linux/if_ether.h> 32 33 #include <net/sock.h> 34 #include <net/ip.h> 35 #include <net/icmp.h> 36 #include <net/protocol.h> 37 #include <net/ipip.h> 38 #include <net/arp.h> 39 #include <net/checksum.h> 40 #include <net/dsfield.h> 41 #include <net/inet_ecn.h> 42 #include <net/xfrm.h> 43 44 #ifdef CONFIG_IPV6 45 #include <net/ipv6.h> 46 #include <net/ip6_fib.h> 47 #include <net/ip6_route.h> 48 #endif 49 50 /* 51 Problems & solutions 52 -------------------- 53 54 1. The most important issue is detecting local dead loops. 55 They would cause complete host lockup in transmit, which 56 would be "resolved" by stack overflow or, if queueing is enabled, 57 with infinite looping in net_bh. 58 59 We cannot track such dead loops during route installation, 60 it is infeasible task. The most general solutions would be 61 to keep skb->encapsulation counter (sort of local ttl), 62 and silently drop packet when it expires. It is the best 63 solution, but it supposes maintaing new variable in ALL 64 skb, even if no tunneling is used. 65 66 Current solution: t->recursion lock breaks dead loops. It looks 67 like dev->tbusy flag, but I preferred new variable, because 68 the semantics is different. One day, when hard_start_xmit 69 will be multithreaded we will have to use skb->encapsulation. 70 71 72 73 2. Networking dead loops would not kill routers, but would really 74 kill network. IP hop limit plays role of "t->recursion" in this case, 75 if we copy it from packet being encapsulated to upper header. 76 It is very good solution, but it introduces two problems: 77 78 - Routing protocols, using packets with ttl=1 (OSPF, RIP2), 79 do not work over tunnels. 80 - traceroute does not work. I planned to relay ICMP from tunnel, 81 so that this problem would be solved and traceroute output 82 would even more informative. This idea appeared to be wrong: 83 only Linux complies to rfc1812 now (yes, guys, Linux is the only 84 true router now :-)), all routers (at least, in neighbourhood of mine) 85 return only 8 bytes of payload. It is the end. 86 87 Hence, if we want that OSPF worked or traceroute said something reasonable, 88 we should search for another solution. 89 90 One of them is to parse packet trying to detect inner encapsulation 91 made by our node. It is difficult or even impossible, especially, 92 taking into account fragmentation. TO be short, tt is not solution at all. 93 94 Current solution: The solution was UNEXPECTEDLY SIMPLE. 95 We force DF flag on tunnels with preconfigured hop limit, 96 that is ALL. :-) Well, it does not remove the problem completely, 97 but exponential growth of network traffic is changed to linear 98 (branches, that exceed pmtu are pruned) and tunnel mtu 99 fastly degrades to value <68, where looping stops. 100 Yes, it is not good if there exists a router in the loop, 101 which does not force DF, even when encapsulating packets have DF set. 102 But it is not our problem! Nobody could accuse us, we made 103 all that we could make. Even if it is your gated who injected 104 fatal route to network, even if it were you who configured 105 fatal static route: you are innocent. :-) 106 107 108 109 3. Really, ipv4/ipip.c, ipv4/ip_gre.c and ipv6/sit.c contain 110 practically identical code. It would be good to glue them 111 together, but it is not very evident, how to make them modular. 112 sit is integral part of IPv6, ipip and gre are naturally modular. 113 We could extract common parts (hash table, ioctl etc) 114 to a separate module (ip_tunnel.c). 115 116 Alexey Kuznetsov. 117 */ 118 119 static int ipgre_tunnel_init(struct net_device *dev); 120 static void ipgre_tunnel_setup(struct net_device *dev); 121 122 /* Fallback tunnel: no source, no destination, no key, no options */ 123 124 static int ipgre_fb_tunnel_init(struct net_device *dev); 125 126 static struct net_device *ipgre_fb_tunnel_dev; 127 128 /* Tunnel hash table */ 129 130 /* 131 4 hash tables: 132 133 3: (remote,local) 134 2: (remote,*) 135 1: (*,local) 136 0: (*,*) 137 138 We require exact key match i.e. if a key is present in packet 139 it will match only tunnel with the same key; if it is not present, 140 it will match only keyless tunnel. 141 142 All keysless packets, if not matched configured keyless tunnels 143 will match fallback tunnel. 144 */ 145 146 #define HASH_SIZE 16 147 #define HASH(addr) ((addr^(addr>>4))&0xF) 148 149 static struct ip_tunnel *tunnels[4][HASH_SIZE]; 150 151 #define tunnels_r_l (tunnels[3]) 152 #define tunnels_r (tunnels[2]) 153 #define tunnels_l (tunnels[1]) 154 #define tunnels_wc (tunnels[0]) 155 156 static DEFINE_RWLOCK(ipgre_lock); 157 158 /* Given src, dst and key, find appropriate for input tunnel. */ 159 160 static struct ip_tunnel * ipgre_tunnel_lookup(u32 remote, u32 local, u32 key) 161 { 162 unsigned h0 = HASH(remote); 163 unsigned h1 = HASH(key); 164 struct ip_tunnel *t; 165 166 for (t = tunnels_r_l[h0^h1]; t; t = t->next) { 167 if (local == t->parms.iph.saddr && remote == t->parms.iph.daddr) { 168 if (t->parms.i_key == key && (t->dev->flags&IFF_UP)) 169 return t; 170 } 171 } 172 for (t = tunnels_r[h0^h1]; t; t = t->next) { 173 if (remote == t->parms.iph.daddr) { 174 if (t->parms.i_key == key && (t->dev->flags&IFF_UP)) 175 return t; 176 } 177 } 178 for (t = tunnels_l[h1]; t; t = t->next) { 179 if (local == t->parms.iph.saddr || 180 (local == t->parms.iph.daddr && MULTICAST(local))) { 181 if (t->parms.i_key == key && (t->dev->flags&IFF_UP)) 182 return t; 183 } 184 } 185 for (t = tunnels_wc[h1]; t; t = t->next) { 186 if (t->parms.i_key == key && (t->dev->flags&IFF_UP)) 187 return t; 188 } 189 190 if (ipgre_fb_tunnel_dev->flags&IFF_UP) 191 return netdev_priv(ipgre_fb_tunnel_dev); 192 return NULL; 193 } 194 195 static struct ip_tunnel **ipgre_bucket(struct ip_tunnel *t) 196 { 197 u32 remote = t->parms.iph.daddr; 198 u32 local = t->parms.iph.saddr; 199 u32 key = t->parms.i_key; 200 unsigned h = HASH(key); 201 int prio = 0; 202 203 if (local) 204 prio |= 1; 205 if (remote && !MULTICAST(remote)) { 206 prio |= 2; 207 h ^= HASH(remote); 208 } 209 210 return &tunnels[prio][h]; 211 } 212 213 static void ipgre_tunnel_link(struct ip_tunnel *t) 214 { 215 struct ip_tunnel **tp = ipgre_bucket(t); 216 217 t->next = *tp; 218 write_lock_bh(&ipgre_lock); 219 *tp = t; 220 write_unlock_bh(&ipgre_lock); 221 } 222 223 static void ipgre_tunnel_unlink(struct ip_tunnel *t) 224 { 225 struct ip_tunnel **tp; 226 227 for (tp = ipgre_bucket(t); *tp; tp = &(*tp)->next) { 228 if (t == *tp) { 229 write_lock_bh(&ipgre_lock); 230 *tp = t->next; 231 write_unlock_bh(&ipgre_lock); 232 break; 233 } 234 } 235 } 236 237 static struct ip_tunnel * ipgre_tunnel_locate(struct ip_tunnel_parm *parms, int create) 238 { 239 u32 remote = parms->iph.daddr; 240 u32 local = parms->iph.saddr; 241 u32 key = parms->i_key; 242 struct ip_tunnel *t, **tp, *nt; 243 struct net_device *dev; 244 unsigned h = HASH(key); 245 int prio = 0; 246 char name[IFNAMSIZ]; 247 248 if (local) 249 prio |= 1; 250 if (remote && !MULTICAST(remote)) { 251 prio |= 2; 252 h ^= HASH(remote); 253 } 254 for (tp = &tunnels[prio][h]; (t = *tp) != NULL; tp = &t->next) { 255 if (local == t->parms.iph.saddr && remote == t->parms.iph.daddr) { 256 if (key == t->parms.i_key) 257 return t; 258 } 259 } 260 if (!create) 261 return NULL; 262 263 if (parms->name[0]) 264 strlcpy(name, parms->name, IFNAMSIZ); 265 else { 266 int i; 267 for (i=1; i<100; i++) { 268 sprintf(name, "gre%d", i); 269 if (__dev_get_by_name(name) == NULL) 270 break; 271 } 272 if (i==100) 273 goto failed; 274 } 275 276 dev = alloc_netdev(sizeof(*t), name, ipgre_tunnel_setup); 277 if (!dev) 278 return NULL; 279 280 dev->init = ipgre_tunnel_init; 281 nt = netdev_priv(dev); 282 nt->parms = *parms; 283 284 if (register_netdevice(dev) < 0) { 285 free_netdev(dev); 286 goto failed; 287 } 288 289 dev_hold(dev); 290 ipgre_tunnel_link(nt); 291 return nt; 292 293 failed: 294 return NULL; 295 } 296 297 static void ipgre_tunnel_uninit(struct net_device *dev) 298 { 299 ipgre_tunnel_unlink(netdev_priv(dev)); 300 dev_put(dev); 301 } 302 303 304 static void ipgre_err(struct sk_buff *skb, u32 info) 305 { 306 #ifndef I_WISH_WORLD_WERE_PERFECT 307 308 /* It is not :-( All the routers (except for Linux) return only 309 8 bytes of packet payload. It means, that precise relaying of 310 ICMP in the real Internet is absolutely infeasible. 311 312 Moreover, Cisco "wise men" put GRE key to the third word 313 in GRE header. It makes impossible maintaining even soft state for keyed 314 GRE tunnels with enabled checksum. Tell them "thank you". 315 316 Well, I wonder, rfc1812 was written by Cisco employee, 317 what the hell these idiots break standrads established 318 by themself??? 319 */ 320 321 struct iphdr *iph = (struct iphdr*)skb->data; 322 u16 *p = (u16*)(skb->data+(iph->ihl<<2)); 323 int grehlen = (iph->ihl<<2) + 4; 324 int type = skb->h.icmph->type; 325 int code = skb->h.icmph->code; 326 struct ip_tunnel *t; 327 u16 flags; 328 329 flags = p[0]; 330 if (flags&(GRE_CSUM|GRE_KEY|GRE_SEQ|GRE_ROUTING|GRE_VERSION)) { 331 if (flags&(GRE_VERSION|GRE_ROUTING)) 332 return; 333 if (flags&GRE_KEY) { 334 grehlen += 4; 335 if (flags&GRE_CSUM) 336 grehlen += 4; 337 } 338 } 339 340 /* If only 8 bytes returned, keyed message will be dropped here */ 341 if (skb_headlen(skb) < grehlen) 342 return; 343 344 switch (type) { 345 default: 346 case ICMP_PARAMETERPROB: 347 return; 348 349 case ICMP_DEST_UNREACH: 350 switch (code) { 351 case ICMP_SR_FAILED: 352 case ICMP_PORT_UNREACH: 353 /* Impossible event. */ 354 return; 355 case ICMP_FRAG_NEEDED: 356 /* Soft state for pmtu is maintained by IP core. */ 357 return; 358 default: 359 /* All others are translated to HOST_UNREACH. 360 rfc2003 contains "deep thoughts" about NET_UNREACH, 361 I believe they are just ether pollution. --ANK 362 */ 363 break; 364 } 365 break; 366 case ICMP_TIME_EXCEEDED: 367 if (code != ICMP_EXC_TTL) 368 return; 369 break; 370 } 371 372 read_lock(&ipgre_lock); 373 t = ipgre_tunnel_lookup(iph->daddr, iph->saddr, (flags&GRE_KEY) ? *(((u32*)p) + (grehlen>>2) - 1) : 0); 374 if (t == NULL || t->parms.iph.daddr == 0 || MULTICAST(t->parms.iph.daddr)) 375 goto out; 376 377 if (t->parms.iph.ttl == 0 && type == ICMP_TIME_EXCEEDED) 378 goto out; 379 380 if (jiffies - t->err_time < IPTUNNEL_ERR_TIMEO) 381 t->err_count++; 382 else 383 t->err_count = 1; 384 t->err_time = jiffies; 385 out: 386 read_unlock(&ipgre_lock); 387 return; 388 #else 389 struct iphdr *iph = (struct iphdr*)dp; 390 struct iphdr *eiph; 391 u16 *p = (u16*)(dp+(iph->ihl<<2)); 392 int type = skb->h.icmph->type; 393 int code = skb->h.icmph->code; 394 int rel_type = 0; 395 int rel_code = 0; 396 int rel_info = 0; 397 u16 flags; 398 int grehlen = (iph->ihl<<2) + 4; 399 struct sk_buff *skb2; 400 struct flowi fl; 401 struct rtable *rt; 402 403 if (p[1] != htons(ETH_P_IP)) 404 return; 405 406 flags = p[0]; 407 if (flags&(GRE_CSUM|GRE_KEY|GRE_SEQ|GRE_ROUTING|GRE_VERSION)) { 408 if (flags&(GRE_VERSION|GRE_ROUTING)) 409 return; 410 if (flags&GRE_CSUM) 411 grehlen += 4; 412 if (flags&GRE_KEY) 413 grehlen += 4; 414 if (flags&GRE_SEQ) 415 grehlen += 4; 416 } 417 if (len < grehlen + sizeof(struct iphdr)) 418 return; 419 eiph = (struct iphdr*)(dp + grehlen); 420 421 switch (type) { 422 default: 423 return; 424 case ICMP_PARAMETERPROB: 425 if (skb->h.icmph->un.gateway < (iph->ihl<<2)) 426 return; 427 428 /* So... This guy found something strange INSIDE encapsulated 429 packet. Well, he is fool, but what can we do ? 430 */ 431 rel_type = ICMP_PARAMETERPROB; 432 rel_info = skb->h.icmph->un.gateway - grehlen; 433 break; 434 435 case ICMP_DEST_UNREACH: 436 switch (code) { 437 case ICMP_SR_FAILED: 438 case ICMP_PORT_UNREACH: 439 /* Impossible event. */ 440 return; 441 case ICMP_FRAG_NEEDED: 442 /* And it is the only really necessary thing :-) */ 443 rel_info = ntohs(skb->h.icmph->un.frag.mtu); 444 if (rel_info < grehlen+68) 445 return; 446 rel_info -= grehlen; 447 /* BSD 4.2 MORE DOES NOT EXIST IN NATURE. */ 448 if (rel_info > ntohs(eiph->tot_len)) 449 return; 450 break; 451 default: 452 /* All others are translated to HOST_UNREACH. 453 rfc2003 contains "deep thoughts" about NET_UNREACH, 454 I believe, it is just ether pollution. --ANK 455 */ 456 rel_type = ICMP_DEST_UNREACH; 457 rel_code = ICMP_HOST_UNREACH; 458 break; 459 } 460 break; 461 case ICMP_TIME_EXCEEDED: 462 if (code != ICMP_EXC_TTL) 463 return; 464 break; 465 } 466 467 /* Prepare fake skb to feed it to icmp_send */ 468 skb2 = skb_clone(skb, GFP_ATOMIC); 469 if (skb2 == NULL) 470 return; 471 dst_release(skb2->dst); 472 skb2->dst = NULL; 473 skb_pull(skb2, skb->data - (u8*)eiph); 474 skb2->nh.raw = skb2->data; 475 476 /* Try to guess incoming interface */ 477 memset(&fl, 0, sizeof(fl)); 478 fl.fl4_dst = eiph->saddr; 479 fl.fl4_tos = RT_TOS(eiph->tos); 480 fl.proto = IPPROTO_GRE; 481 if (ip_route_output_key(&rt, &fl)) { 482 kfree_skb(skb2); 483 return; 484 } 485 skb2->dev = rt->u.dst.dev; 486 487 /* route "incoming" packet */ 488 if (rt->rt_flags&RTCF_LOCAL) { 489 ip_rt_put(rt); 490 rt = NULL; 491 fl.fl4_dst = eiph->daddr; 492 fl.fl4_src = eiph->saddr; 493 fl.fl4_tos = eiph->tos; 494 if (ip_route_output_key(&rt, &fl) || 495 rt->u.dst.dev->type != ARPHRD_IPGRE) { 496 ip_rt_put(rt); 497 kfree_skb(skb2); 498 return; 499 } 500 } else { 501 ip_rt_put(rt); 502 if (ip_route_input(skb2, eiph->daddr, eiph->saddr, eiph->tos, skb2->dev) || 503 skb2->dst->dev->type != ARPHRD_IPGRE) { 504 kfree_skb(skb2); 505 return; 506 } 507 } 508 509 /* change mtu on this route */ 510 if (type == ICMP_DEST_UNREACH && code == ICMP_FRAG_NEEDED) { 511 if (rel_info > dst_mtu(skb2->dst)) { 512 kfree_skb(skb2); 513 return; 514 } 515 skb2->dst->ops->update_pmtu(skb2->dst, rel_info); 516 rel_info = htonl(rel_info); 517 } else if (type == ICMP_TIME_EXCEEDED) { 518 struct ip_tunnel *t = netdev_priv(skb2->dev); 519 if (t->parms.iph.ttl) { 520 rel_type = ICMP_DEST_UNREACH; 521 rel_code = ICMP_HOST_UNREACH; 522 } 523 } 524 525 icmp_send(skb2, rel_type, rel_code, rel_info); 526 kfree_skb(skb2); 527 #endif 528 } 529 530 static inline void ipgre_ecn_decapsulate(struct iphdr *iph, struct sk_buff *skb) 531 { 532 if (INET_ECN_is_ce(iph->tos)) { 533 if (skb->protocol == htons(ETH_P_IP)) { 534 IP_ECN_set_ce(skb->nh.iph); 535 } else if (skb->protocol == htons(ETH_P_IPV6)) { 536 IP6_ECN_set_ce(skb->nh.ipv6h); 537 } 538 } 539 } 540 541 static inline u8 542 ipgre_ecn_encapsulate(u8 tos, struct iphdr *old_iph, struct sk_buff *skb) 543 { 544 u8 inner = 0; 545 if (skb->protocol == htons(ETH_P_IP)) 546 inner = old_iph->tos; 547 else if (skb->protocol == htons(ETH_P_IPV6)) 548 inner = ipv6_get_dsfield((struct ipv6hdr *)old_iph); 549 return INET_ECN_encapsulate(tos, inner); 550 } 551 552 static int ipgre_rcv(struct sk_buff *skb) 553 { 554 struct iphdr *iph; 555 u8 *h; 556 u16 flags; 557 u16 csum = 0; 558 u32 key = 0; 559 u32 seqno = 0; 560 struct ip_tunnel *tunnel; 561 int offset = 4; 562 563 if (!pskb_may_pull(skb, 16)) 564 goto drop_nolock; 565 566 iph = skb->nh.iph; 567 h = skb->data; 568 flags = *(u16*)h; 569 570 if (flags&(GRE_CSUM|GRE_KEY|GRE_ROUTING|GRE_SEQ|GRE_VERSION)) { 571 /* - Version must be 0. 572 - We do not support routing headers. 573 */ 574 if (flags&(GRE_VERSION|GRE_ROUTING)) 575 goto drop_nolock; 576 577 if (flags&GRE_CSUM) { 578 switch (skb->ip_summed) { 579 case CHECKSUM_HW: 580 csum = (u16)csum_fold(skb->csum); 581 if (!csum) 582 break; 583 /* fall through */ 584 case CHECKSUM_NONE: 585 skb->csum = 0; 586 csum = __skb_checksum_complete(skb); 587 skb->ip_summed = CHECKSUM_HW; 588 } 589 offset += 4; 590 } 591 if (flags&GRE_KEY) { 592 key = *(u32*)(h + offset); 593 offset += 4; 594 } 595 if (flags&GRE_SEQ) { 596 seqno = ntohl(*(u32*)(h + offset)); 597 offset += 4; 598 } 599 } 600 601 read_lock(&ipgre_lock); 602 if ((tunnel = ipgre_tunnel_lookup(iph->saddr, iph->daddr, key)) != NULL) { 603 secpath_reset(skb); 604 605 skb->protocol = *(u16*)(h + 2); 606 /* WCCP version 1 and 2 protocol decoding. 607 * - Change protocol to IP 608 * - When dealing with WCCPv2, Skip extra 4 bytes in GRE header 609 */ 610 if (flags == 0 && 611 skb->protocol == __constant_htons(ETH_P_WCCP)) { 612 skb->protocol = __constant_htons(ETH_P_IP); 613 if ((*(h + offset) & 0xF0) != 0x40) 614 offset += 4; 615 } 616 617 skb->mac.raw = skb->nh.raw; 618 skb->nh.raw = __pskb_pull(skb, offset); 619 skb_postpull_rcsum(skb, skb->h.raw, offset); 620 memset(&(IPCB(skb)->opt), 0, sizeof(struct ip_options)); 621 skb->pkt_type = PACKET_HOST; 622 #ifdef CONFIG_NET_IPGRE_BROADCAST 623 if (MULTICAST(iph->daddr)) { 624 /* Looped back packet, drop it! */ 625 if (((struct rtable*)skb->dst)->fl.iif == 0) 626 goto drop; 627 tunnel->stat.multicast++; 628 skb->pkt_type = PACKET_BROADCAST; 629 } 630 #endif 631 632 if (((flags&GRE_CSUM) && csum) || 633 (!(flags&GRE_CSUM) && tunnel->parms.i_flags&GRE_CSUM)) { 634 tunnel->stat.rx_crc_errors++; 635 tunnel->stat.rx_errors++; 636 goto drop; 637 } 638 if (tunnel->parms.i_flags&GRE_SEQ) { 639 if (!(flags&GRE_SEQ) || 640 (tunnel->i_seqno && (s32)(seqno - tunnel->i_seqno) < 0)) { 641 tunnel->stat.rx_fifo_errors++; 642 tunnel->stat.rx_errors++; 643 goto drop; 644 } 645 tunnel->i_seqno = seqno + 1; 646 } 647 tunnel->stat.rx_packets++; 648 tunnel->stat.rx_bytes += skb->len; 649 skb->dev = tunnel->dev; 650 dst_release(skb->dst); 651 skb->dst = NULL; 652 nf_reset(skb); 653 ipgre_ecn_decapsulate(iph, skb); 654 netif_rx(skb); 655 read_unlock(&ipgre_lock); 656 return(0); 657 } 658 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_PORT_UNREACH, 0); 659 660 drop: 661 read_unlock(&ipgre_lock); 662 drop_nolock: 663 kfree_skb(skb); 664 return(0); 665 } 666 667 static int ipgre_tunnel_xmit(struct sk_buff *skb, struct net_device *dev) 668 { 669 struct ip_tunnel *tunnel = netdev_priv(dev); 670 struct net_device_stats *stats = &tunnel->stat; 671 struct iphdr *old_iph = skb->nh.iph; 672 struct iphdr *tiph; 673 u8 tos; 674 u16 df; 675 struct rtable *rt; /* Route to the other host */ 676 struct net_device *tdev; /* Device to other host */ 677 struct iphdr *iph; /* Our new IP header */ 678 int max_headroom; /* The extra header space needed */ 679 int gre_hlen; 680 u32 dst; 681 int mtu; 682 683 if (tunnel->recursion++) { 684 tunnel->stat.collisions++; 685 goto tx_error; 686 } 687 688 if (dev->hard_header) { 689 gre_hlen = 0; 690 tiph = (struct iphdr*)skb->data; 691 } else { 692 gre_hlen = tunnel->hlen; 693 tiph = &tunnel->parms.iph; 694 } 695 696 if ((dst = tiph->daddr) == 0) { 697 /* NBMA tunnel */ 698 699 if (skb->dst == NULL) { 700 tunnel->stat.tx_fifo_errors++; 701 goto tx_error; 702 } 703 704 if (skb->protocol == htons(ETH_P_IP)) { 705 rt = (struct rtable*)skb->dst; 706 if ((dst = rt->rt_gateway) == 0) 707 goto tx_error_icmp; 708 } 709 #ifdef CONFIG_IPV6 710 else if (skb->protocol == htons(ETH_P_IPV6)) { 711 struct in6_addr *addr6; 712 int addr_type; 713 struct neighbour *neigh = skb->dst->neighbour; 714 715 if (neigh == NULL) 716 goto tx_error; 717 718 addr6 = (struct in6_addr*)&neigh->primary_key; 719 addr_type = ipv6_addr_type(addr6); 720 721 if (addr_type == IPV6_ADDR_ANY) { 722 addr6 = &skb->nh.ipv6h->daddr; 723 addr_type = ipv6_addr_type(addr6); 724 } 725 726 if ((addr_type & IPV6_ADDR_COMPATv4) == 0) 727 goto tx_error_icmp; 728 729 dst = addr6->s6_addr32[3]; 730 } 731 #endif 732 else 733 goto tx_error; 734 } 735 736 tos = tiph->tos; 737 if (tos&1) { 738 if (skb->protocol == htons(ETH_P_IP)) 739 tos = old_iph->tos; 740 tos &= ~1; 741 } 742 743 { 744 struct flowi fl = { .oif = tunnel->parms.link, 745 .nl_u = { .ip4_u = 746 { .daddr = dst, 747 .saddr = tiph->saddr, 748 .tos = RT_TOS(tos) } }, 749 .proto = IPPROTO_GRE }; 750 if (ip_route_output_key(&rt, &fl)) { 751 tunnel->stat.tx_carrier_errors++; 752 goto tx_error; 753 } 754 } 755 tdev = rt->u.dst.dev; 756 757 if (tdev == dev) { 758 ip_rt_put(rt); 759 tunnel->stat.collisions++; 760 goto tx_error; 761 } 762 763 df = tiph->frag_off; 764 if (df) 765 mtu = dst_mtu(&rt->u.dst) - tunnel->hlen; 766 else 767 mtu = skb->dst ? dst_mtu(skb->dst) : dev->mtu; 768 769 if (skb->dst) 770 skb->dst->ops->update_pmtu(skb->dst, mtu); 771 772 if (skb->protocol == htons(ETH_P_IP)) { 773 df |= (old_iph->frag_off&htons(IP_DF)); 774 775 if ((old_iph->frag_off&htons(IP_DF)) && 776 mtu < ntohs(old_iph->tot_len)) { 777 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED, htonl(mtu)); 778 ip_rt_put(rt); 779 goto tx_error; 780 } 781 } 782 #ifdef CONFIG_IPV6 783 else if (skb->protocol == htons(ETH_P_IPV6)) { 784 struct rt6_info *rt6 = (struct rt6_info*)skb->dst; 785 786 if (rt6 && mtu < dst_mtu(skb->dst) && mtu >= IPV6_MIN_MTU) { 787 if ((tunnel->parms.iph.daddr && !MULTICAST(tunnel->parms.iph.daddr)) || 788 rt6->rt6i_dst.plen == 128) { 789 rt6->rt6i_flags |= RTF_MODIFIED; 790 skb->dst->metrics[RTAX_MTU-1] = mtu; 791 } 792 } 793 794 if (mtu >= IPV6_MIN_MTU && mtu < skb->len - tunnel->hlen + gre_hlen) { 795 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu, dev); 796 ip_rt_put(rt); 797 goto tx_error; 798 } 799 } 800 #endif 801 802 if (tunnel->err_count > 0) { 803 if (jiffies - tunnel->err_time < IPTUNNEL_ERR_TIMEO) { 804 tunnel->err_count--; 805 806 dst_link_failure(skb); 807 } else 808 tunnel->err_count = 0; 809 } 810 811 max_headroom = LL_RESERVED_SPACE(tdev) + gre_hlen; 812 813 if (skb_headroom(skb) < max_headroom || skb_cloned(skb) || skb_shared(skb)) { 814 struct sk_buff *new_skb = skb_realloc_headroom(skb, max_headroom); 815 if (!new_skb) { 816 ip_rt_put(rt); 817 stats->tx_dropped++; 818 dev_kfree_skb(skb); 819 tunnel->recursion--; 820 return 0; 821 } 822 if (skb->sk) 823 skb_set_owner_w(new_skb, skb->sk); 824 dev_kfree_skb(skb); 825 skb = new_skb; 826 old_iph = skb->nh.iph; 827 } 828 829 skb->h.raw = skb->nh.raw; 830 skb->nh.raw = skb_push(skb, gre_hlen); 831 memset(&(IPCB(skb)->opt), 0, sizeof(IPCB(skb)->opt)); 832 IPCB(skb)->flags &= ~(IPSKB_XFRM_TUNNEL_SIZE | IPSKB_XFRM_TRANSFORMED | 833 IPSKB_REROUTED); 834 dst_release(skb->dst); 835 skb->dst = &rt->u.dst; 836 837 /* 838 * Push down and install the IPIP header. 839 */ 840 841 iph = skb->nh.iph; 842 iph->version = 4; 843 iph->ihl = sizeof(struct iphdr) >> 2; 844 iph->frag_off = df; 845 iph->protocol = IPPROTO_GRE; 846 iph->tos = ipgre_ecn_encapsulate(tos, old_iph, skb); 847 iph->daddr = rt->rt_dst; 848 iph->saddr = rt->rt_src; 849 850 if ((iph->ttl = tiph->ttl) == 0) { 851 if (skb->protocol == htons(ETH_P_IP)) 852 iph->ttl = old_iph->ttl; 853 #ifdef CONFIG_IPV6 854 else if (skb->protocol == htons(ETH_P_IPV6)) 855 iph->ttl = ((struct ipv6hdr*)old_iph)->hop_limit; 856 #endif 857 else 858 iph->ttl = dst_metric(&rt->u.dst, RTAX_HOPLIMIT); 859 } 860 861 ((u16*)(iph+1))[0] = tunnel->parms.o_flags; 862 ((u16*)(iph+1))[1] = skb->protocol; 863 864 if (tunnel->parms.o_flags&(GRE_KEY|GRE_CSUM|GRE_SEQ)) { 865 u32 *ptr = (u32*)(((u8*)iph) + tunnel->hlen - 4); 866 867 if (tunnel->parms.o_flags&GRE_SEQ) { 868 ++tunnel->o_seqno; 869 *ptr = htonl(tunnel->o_seqno); 870 ptr--; 871 } 872 if (tunnel->parms.o_flags&GRE_KEY) { 873 *ptr = tunnel->parms.o_key; 874 ptr--; 875 } 876 if (tunnel->parms.o_flags&GRE_CSUM) { 877 *ptr = 0; 878 *(__u16*)ptr = ip_compute_csum((void*)(iph+1), skb->len - sizeof(struct iphdr)); 879 } 880 } 881 882 nf_reset(skb); 883 884 IPTUNNEL_XMIT(); 885 tunnel->recursion--; 886 return 0; 887 888 tx_error_icmp: 889 dst_link_failure(skb); 890 891 tx_error: 892 stats->tx_errors++; 893 dev_kfree_skb(skb); 894 tunnel->recursion--; 895 return 0; 896 } 897 898 static int 899 ipgre_tunnel_ioctl (struct net_device *dev, struct ifreq *ifr, int cmd) 900 { 901 int err = 0; 902 struct ip_tunnel_parm p; 903 struct ip_tunnel *t; 904 905 switch (cmd) { 906 case SIOCGETTUNNEL: 907 t = NULL; 908 if (dev == ipgre_fb_tunnel_dev) { 909 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p))) { 910 err = -EFAULT; 911 break; 912 } 913 t = ipgre_tunnel_locate(&p, 0); 914 } 915 if (t == NULL) 916 t = netdev_priv(dev); 917 memcpy(&p, &t->parms, sizeof(p)); 918 if (copy_to_user(ifr->ifr_ifru.ifru_data, &p, sizeof(p))) 919 err = -EFAULT; 920 break; 921 922 case SIOCADDTUNNEL: 923 case SIOCCHGTUNNEL: 924 err = -EPERM; 925 if (!capable(CAP_NET_ADMIN)) 926 goto done; 927 928 err = -EFAULT; 929 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p))) 930 goto done; 931 932 err = -EINVAL; 933 if (p.iph.version != 4 || p.iph.protocol != IPPROTO_GRE || 934 p.iph.ihl != 5 || (p.iph.frag_off&htons(~IP_DF)) || 935 ((p.i_flags|p.o_flags)&(GRE_VERSION|GRE_ROUTING))) 936 goto done; 937 if (p.iph.ttl) 938 p.iph.frag_off |= htons(IP_DF); 939 940 if (!(p.i_flags&GRE_KEY)) 941 p.i_key = 0; 942 if (!(p.o_flags&GRE_KEY)) 943 p.o_key = 0; 944 945 t = ipgre_tunnel_locate(&p, cmd == SIOCADDTUNNEL); 946 947 if (dev != ipgre_fb_tunnel_dev && cmd == SIOCCHGTUNNEL) { 948 if (t != NULL) { 949 if (t->dev != dev) { 950 err = -EEXIST; 951 break; 952 } 953 } else { 954 unsigned nflags=0; 955 956 t = netdev_priv(dev); 957 958 if (MULTICAST(p.iph.daddr)) 959 nflags = IFF_BROADCAST; 960 else if (p.iph.daddr) 961 nflags = IFF_POINTOPOINT; 962 963 if ((dev->flags^nflags)&(IFF_POINTOPOINT|IFF_BROADCAST)) { 964 err = -EINVAL; 965 break; 966 } 967 ipgre_tunnel_unlink(t); 968 t->parms.iph.saddr = p.iph.saddr; 969 t->parms.iph.daddr = p.iph.daddr; 970 t->parms.i_key = p.i_key; 971 t->parms.o_key = p.o_key; 972 memcpy(dev->dev_addr, &p.iph.saddr, 4); 973 memcpy(dev->broadcast, &p.iph.daddr, 4); 974 ipgre_tunnel_link(t); 975 netdev_state_change(dev); 976 } 977 } 978 979 if (t) { 980 err = 0; 981 if (cmd == SIOCCHGTUNNEL) { 982 t->parms.iph.ttl = p.iph.ttl; 983 t->parms.iph.tos = p.iph.tos; 984 t->parms.iph.frag_off = p.iph.frag_off; 985 } 986 if (copy_to_user(ifr->ifr_ifru.ifru_data, &t->parms, sizeof(p))) 987 err = -EFAULT; 988 } else 989 err = (cmd == SIOCADDTUNNEL ? -ENOBUFS : -ENOENT); 990 break; 991 992 case SIOCDELTUNNEL: 993 err = -EPERM; 994 if (!capable(CAP_NET_ADMIN)) 995 goto done; 996 997 if (dev == ipgre_fb_tunnel_dev) { 998 err = -EFAULT; 999 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p))) 1000 goto done; 1001 err = -ENOENT; 1002 if ((t = ipgre_tunnel_locate(&p, 0)) == NULL) 1003 goto done; 1004 err = -EPERM; 1005 if (t == netdev_priv(ipgre_fb_tunnel_dev)) 1006 goto done; 1007 dev = t->dev; 1008 } 1009 err = unregister_netdevice(dev); 1010 break; 1011 1012 default: 1013 err = -EINVAL; 1014 } 1015 1016 done: 1017 return err; 1018 } 1019 1020 static struct net_device_stats *ipgre_tunnel_get_stats(struct net_device *dev) 1021 { 1022 return &(((struct ip_tunnel*)netdev_priv(dev))->stat); 1023 } 1024 1025 static int ipgre_tunnel_change_mtu(struct net_device *dev, int new_mtu) 1026 { 1027 struct ip_tunnel *tunnel = netdev_priv(dev); 1028 if (new_mtu < 68 || new_mtu > 0xFFF8 - tunnel->hlen) 1029 return -EINVAL; 1030 dev->mtu = new_mtu; 1031 return 0; 1032 } 1033 1034 #ifdef CONFIG_NET_IPGRE_BROADCAST 1035 /* Nice toy. Unfortunately, useless in real life :-) 1036 It allows to construct virtual multiprotocol broadcast "LAN" 1037 over the Internet, provided multicast routing is tuned. 1038 1039 1040 I have no idea was this bicycle invented before me, 1041 so that I had to set ARPHRD_IPGRE to a random value. 1042 I have an impression, that Cisco could make something similar, 1043 but this feature is apparently missing in IOS<=11.2(8). 1044 1045 I set up 10.66.66/24 and fec0:6666:6666::0/96 as virtual networks 1046 with broadcast 224.66.66.66. If you have access to mbone, play with me :-) 1047 1048 ping -t 255 224.66.66.66 1049 1050 If nobody answers, mbone does not work. 1051 1052 ip tunnel add Universe mode gre remote 224.66.66.66 local <Your_real_addr> ttl 255 1053 ip addr add 10.66.66.<somewhat>/24 dev Universe 1054 ifconfig Universe up 1055 ifconfig Universe add fe80::<Your_real_addr>/10 1056 ifconfig Universe add fec0:6666:6666::<Your_real_addr>/96 1057 ftp 10.66.66.66 1058 ... 1059 ftp fec0:6666:6666::193.233.7.65 1060 ... 1061 1062 */ 1063 1064 static int ipgre_header(struct sk_buff *skb, struct net_device *dev, unsigned short type, 1065 void *daddr, void *saddr, unsigned len) 1066 { 1067 struct ip_tunnel *t = netdev_priv(dev); 1068 struct iphdr *iph = (struct iphdr *)skb_push(skb, t->hlen); 1069 u16 *p = (u16*)(iph+1); 1070 1071 memcpy(iph, &t->parms.iph, sizeof(struct iphdr)); 1072 p[0] = t->parms.o_flags; 1073 p[1] = htons(type); 1074 1075 /* 1076 * Set the source hardware address. 1077 */ 1078 1079 if (saddr) 1080 memcpy(&iph->saddr, saddr, 4); 1081 1082 if (daddr) { 1083 memcpy(&iph->daddr, daddr, 4); 1084 return t->hlen; 1085 } 1086 if (iph->daddr && !MULTICAST(iph->daddr)) 1087 return t->hlen; 1088 1089 return -t->hlen; 1090 } 1091 1092 static int ipgre_open(struct net_device *dev) 1093 { 1094 struct ip_tunnel *t = netdev_priv(dev); 1095 1096 if (MULTICAST(t->parms.iph.daddr)) { 1097 struct flowi fl = { .oif = t->parms.link, 1098 .nl_u = { .ip4_u = 1099 { .daddr = t->parms.iph.daddr, 1100 .saddr = t->parms.iph.saddr, 1101 .tos = RT_TOS(t->parms.iph.tos) } }, 1102 .proto = IPPROTO_GRE }; 1103 struct rtable *rt; 1104 if (ip_route_output_key(&rt, &fl)) 1105 return -EADDRNOTAVAIL; 1106 dev = rt->u.dst.dev; 1107 ip_rt_put(rt); 1108 if (__in_dev_get_rtnl(dev) == NULL) 1109 return -EADDRNOTAVAIL; 1110 t->mlink = dev->ifindex; 1111 ip_mc_inc_group(__in_dev_get_rtnl(dev), t->parms.iph.daddr); 1112 } 1113 return 0; 1114 } 1115 1116 static int ipgre_close(struct net_device *dev) 1117 { 1118 struct ip_tunnel *t = netdev_priv(dev); 1119 if (MULTICAST(t->parms.iph.daddr) && t->mlink) { 1120 struct in_device *in_dev = inetdev_by_index(t->mlink); 1121 if (in_dev) { 1122 ip_mc_dec_group(in_dev, t->parms.iph.daddr); 1123 in_dev_put(in_dev); 1124 } 1125 } 1126 return 0; 1127 } 1128 1129 #endif 1130 1131 static void ipgre_tunnel_setup(struct net_device *dev) 1132 { 1133 SET_MODULE_OWNER(dev); 1134 dev->uninit = ipgre_tunnel_uninit; 1135 dev->destructor = free_netdev; 1136 dev->hard_start_xmit = ipgre_tunnel_xmit; 1137 dev->get_stats = ipgre_tunnel_get_stats; 1138 dev->do_ioctl = ipgre_tunnel_ioctl; 1139 dev->change_mtu = ipgre_tunnel_change_mtu; 1140 1141 dev->type = ARPHRD_IPGRE; 1142 dev->hard_header_len = LL_MAX_HEADER + sizeof(struct iphdr) + 4; 1143 dev->mtu = ETH_DATA_LEN - sizeof(struct iphdr) - 4; 1144 dev->flags = IFF_NOARP; 1145 dev->iflink = 0; 1146 dev->addr_len = 4; 1147 } 1148 1149 static int ipgre_tunnel_init(struct net_device *dev) 1150 { 1151 struct net_device *tdev = NULL; 1152 struct ip_tunnel *tunnel; 1153 struct iphdr *iph; 1154 int hlen = LL_MAX_HEADER; 1155 int mtu = ETH_DATA_LEN; 1156 int addend = sizeof(struct iphdr) + 4; 1157 1158 tunnel = netdev_priv(dev); 1159 iph = &tunnel->parms.iph; 1160 1161 tunnel->dev = dev; 1162 strcpy(tunnel->parms.name, dev->name); 1163 1164 memcpy(dev->dev_addr, &tunnel->parms.iph.saddr, 4); 1165 memcpy(dev->broadcast, &tunnel->parms.iph.daddr, 4); 1166 1167 /* Guess output device to choose reasonable mtu and hard_header_len */ 1168 1169 if (iph->daddr) { 1170 struct flowi fl = { .oif = tunnel->parms.link, 1171 .nl_u = { .ip4_u = 1172 { .daddr = iph->daddr, 1173 .saddr = iph->saddr, 1174 .tos = RT_TOS(iph->tos) } }, 1175 .proto = IPPROTO_GRE }; 1176 struct rtable *rt; 1177 if (!ip_route_output_key(&rt, &fl)) { 1178 tdev = rt->u.dst.dev; 1179 ip_rt_put(rt); 1180 } 1181 1182 dev->flags |= IFF_POINTOPOINT; 1183 1184 #ifdef CONFIG_NET_IPGRE_BROADCAST 1185 if (MULTICAST(iph->daddr)) { 1186 if (!iph->saddr) 1187 return -EINVAL; 1188 dev->flags = IFF_BROADCAST; 1189 dev->hard_header = ipgre_header; 1190 dev->open = ipgre_open; 1191 dev->stop = ipgre_close; 1192 } 1193 #endif 1194 } 1195 1196 if (!tdev && tunnel->parms.link) 1197 tdev = __dev_get_by_index(tunnel->parms.link); 1198 1199 if (tdev) { 1200 hlen = tdev->hard_header_len; 1201 mtu = tdev->mtu; 1202 } 1203 dev->iflink = tunnel->parms.link; 1204 1205 /* Precalculate GRE options length */ 1206 if (tunnel->parms.o_flags&(GRE_CSUM|GRE_KEY|GRE_SEQ)) { 1207 if (tunnel->parms.o_flags&GRE_CSUM) 1208 addend += 4; 1209 if (tunnel->parms.o_flags&GRE_KEY) 1210 addend += 4; 1211 if (tunnel->parms.o_flags&GRE_SEQ) 1212 addend += 4; 1213 } 1214 dev->hard_header_len = hlen + addend; 1215 dev->mtu = mtu - addend; 1216 tunnel->hlen = addend; 1217 return 0; 1218 } 1219 1220 static int __init ipgre_fb_tunnel_init(struct net_device *dev) 1221 { 1222 struct ip_tunnel *tunnel = netdev_priv(dev); 1223 struct iphdr *iph = &tunnel->parms.iph; 1224 1225 tunnel->dev = dev; 1226 strcpy(tunnel->parms.name, dev->name); 1227 1228 iph->version = 4; 1229 iph->protocol = IPPROTO_GRE; 1230 iph->ihl = 5; 1231 tunnel->hlen = sizeof(struct iphdr) + 4; 1232 1233 dev_hold(dev); 1234 tunnels_wc[0] = tunnel; 1235 return 0; 1236 } 1237 1238 1239 static struct net_protocol ipgre_protocol = { 1240 .handler = ipgre_rcv, 1241 .err_handler = ipgre_err, 1242 }; 1243 1244 1245 /* 1246 * And now the modules code and kernel interface. 1247 */ 1248 1249 static int __init ipgre_init(void) 1250 { 1251 int err; 1252 1253 printk(KERN_INFO "GRE over IPv4 tunneling driver\n"); 1254 1255 if (inet_add_protocol(&ipgre_protocol, IPPROTO_GRE) < 0) { 1256 printk(KERN_INFO "ipgre init: can't add protocol\n"); 1257 return -EAGAIN; 1258 } 1259 1260 ipgre_fb_tunnel_dev = alloc_netdev(sizeof(struct ip_tunnel), "gre0", 1261 ipgre_tunnel_setup); 1262 if (!ipgre_fb_tunnel_dev) { 1263 err = -ENOMEM; 1264 goto err1; 1265 } 1266 1267 ipgre_fb_tunnel_dev->init = ipgre_fb_tunnel_init; 1268 1269 if ((err = register_netdev(ipgre_fb_tunnel_dev))) 1270 goto err2; 1271 out: 1272 return err; 1273 err2: 1274 free_netdev(ipgre_fb_tunnel_dev); 1275 err1: 1276 inet_del_protocol(&ipgre_protocol, IPPROTO_GRE); 1277 goto out; 1278 } 1279 1280 static void __exit ipgre_destroy_tunnels(void) 1281 { 1282 int prio; 1283 1284 for (prio = 0; prio < 4; prio++) { 1285 int h; 1286 for (h = 0; h < HASH_SIZE; h++) { 1287 struct ip_tunnel *t; 1288 while ((t = tunnels[prio][h]) != NULL) 1289 unregister_netdevice(t->dev); 1290 } 1291 } 1292 } 1293 1294 static void __exit ipgre_fini(void) 1295 { 1296 if (inet_del_protocol(&ipgre_protocol, IPPROTO_GRE) < 0) 1297 printk(KERN_INFO "ipgre close: can't remove protocol\n"); 1298 1299 rtnl_lock(); 1300 ipgre_destroy_tunnels(); 1301 rtnl_unlock(); 1302 } 1303 1304 module_init(ipgre_init); 1305 module_exit(ipgre_fini); 1306 MODULE_LICENSE("GPL"); 1307