1 /* 2 * Linux NET3: GRE over IP protocol decoder. 3 * 4 * Authors: Alexey Kuznetsov (kuznet@ms2.inr.ac.ru) 5 * 6 * This program is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU General Public License 8 * as published by the Free Software Foundation; either version 9 * 2 of the License, or (at your option) any later version. 10 * 11 */ 12 13 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 14 15 #include <linux/capability.h> 16 #include <linux/module.h> 17 #include <linux/types.h> 18 #include <linux/kernel.h> 19 #include <linux/slab.h> 20 #include <asm/uaccess.h> 21 #include <linux/skbuff.h> 22 #include <linux/netdevice.h> 23 #include <linux/in.h> 24 #include <linux/tcp.h> 25 #include <linux/udp.h> 26 #include <linux/if_arp.h> 27 #include <linux/if_vlan.h> 28 #include <linux/init.h> 29 #include <linux/in6.h> 30 #include <linux/inetdevice.h> 31 #include <linux/igmp.h> 32 #include <linux/netfilter_ipv4.h> 33 #include <linux/etherdevice.h> 34 #include <linux/if_ether.h> 35 36 #include <net/sock.h> 37 #include <net/ip.h> 38 #include <net/icmp.h> 39 #include <net/protocol.h> 40 #include <net/ip_tunnels.h> 41 #include <net/arp.h> 42 #include <net/checksum.h> 43 #include <net/dsfield.h> 44 #include <net/inet_ecn.h> 45 #include <net/xfrm.h> 46 #include <net/net_namespace.h> 47 #include <net/netns/generic.h> 48 #include <net/rtnetlink.h> 49 #include <net/gre.h> 50 #include <net/dst_metadata.h> 51 52 #if IS_ENABLED(CONFIG_IPV6) 53 #include <net/ipv6.h> 54 #include <net/ip6_fib.h> 55 #include <net/ip6_route.h> 56 #endif 57 58 /* 59 Problems & solutions 60 -------------------- 61 62 1. The most important issue is detecting local dead loops. 63 They would cause complete host lockup in transmit, which 64 would be "resolved" by stack overflow or, if queueing is enabled, 65 with infinite looping in net_bh. 66 67 We cannot track such dead loops during route installation, 68 it is infeasible task. The most general solutions would be 69 to keep skb->encapsulation counter (sort of local ttl), 70 and silently drop packet when it expires. It is a good 71 solution, but it supposes maintaining new variable in ALL 72 skb, even if no tunneling is used. 73 74 Current solution: xmit_recursion breaks dead loops. This is a percpu 75 counter, since when we enter the first ndo_xmit(), cpu migration is 76 forbidden. We force an exit if this counter reaches RECURSION_LIMIT 77 78 2. Networking dead loops would not kill routers, but would really 79 kill network. IP hop limit plays role of "t->recursion" in this case, 80 if we copy it from packet being encapsulated to upper header. 81 It is very good solution, but it introduces two problems: 82 83 - Routing protocols, using packets with ttl=1 (OSPF, RIP2), 84 do not work over tunnels. 85 - traceroute does not work. I planned to relay ICMP from tunnel, 86 so that this problem would be solved and traceroute output 87 would even more informative. This idea appeared to be wrong: 88 only Linux complies to rfc1812 now (yes, guys, Linux is the only 89 true router now :-)), all routers (at least, in neighbourhood of mine) 90 return only 8 bytes of payload. It is the end. 91 92 Hence, if we want that OSPF worked or traceroute said something reasonable, 93 we should search for another solution. 94 95 One of them is to parse packet trying to detect inner encapsulation 96 made by our node. It is difficult or even impossible, especially, 97 taking into account fragmentation. TO be short, ttl is not solution at all. 98 99 Current solution: The solution was UNEXPECTEDLY SIMPLE. 100 We force DF flag on tunnels with preconfigured hop limit, 101 that is ALL. :-) Well, it does not remove the problem completely, 102 but exponential growth of network traffic is changed to linear 103 (branches, that exceed pmtu are pruned) and tunnel mtu 104 rapidly degrades to value <68, where looping stops. 105 Yes, it is not good if there exists a router in the loop, 106 which does not force DF, even when encapsulating packets have DF set. 107 But it is not our problem! Nobody could accuse us, we made 108 all that we could make. Even if it is your gated who injected 109 fatal route to network, even if it were you who configured 110 fatal static route: you are innocent. :-) 111 112 Alexey Kuznetsov. 113 */ 114 115 static bool log_ecn_error = true; 116 module_param(log_ecn_error, bool, 0644); 117 MODULE_PARM_DESC(log_ecn_error, "Log packets received with corrupted ECN"); 118 119 static struct rtnl_link_ops ipgre_link_ops __read_mostly; 120 static int ipgre_tunnel_init(struct net_device *dev); 121 122 static int ipgre_net_id __read_mostly; 123 static int gre_tap_net_id __read_mostly; 124 125 static int ip_gre_calc_hlen(__be16 o_flags) 126 { 127 int addend = 4; 128 129 if (o_flags & TUNNEL_CSUM) 130 addend += 4; 131 if (o_flags & TUNNEL_KEY) 132 addend += 4; 133 if (o_flags & TUNNEL_SEQ) 134 addend += 4; 135 return addend; 136 } 137 138 static __be16 gre_flags_to_tnl_flags(__be16 flags) 139 { 140 __be16 tflags = 0; 141 142 if (flags & GRE_CSUM) 143 tflags |= TUNNEL_CSUM; 144 if (flags & GRE_ROUTING) 145 tflags |= TUNNEL_ROUTING; 146 if (flags & GRE_KEY) 147 tflags |= TUNNEL_KEY; 148 if (flags & GRE_SEQ) 149 tflags |= TUNNEL_SEQ; 150 if (flags & GRE_STRICT) 151 tflags |= TUNNEL_STRICT; 152 if (flags & GRE_REC) 153 tflags |= TUNNEL_REC; 154 if (flags & GRE_VERSION) 155 tflags |= TUNNEL_VERSION; 156 157 return tflags; 158 } 159 160 static __be16 tnl_flags_to_gre_flags(__be16 tflags) 161 { 162 __be16 flags = 0; 163 164 if (tflags & TUNNEL_CSUM) 165 flags |= GRE_CSUM; 166 if (tflags & TUNNEL_ROUTING) 167 flags |= GRE_ROUTING; 168 if (tflags & TUNNEL_KEY) 169 flags |= GRE_KEY; 170 if (tflags & TUNNEL_SEQ) 171 flags |= GRE_SEQ; 172 if (tflags & TUNNEL_STRICT) 173 flags |= GRE_STRICT; 174 if (tflags & TUNNEL_REC) 175 flags |= GRE_REC; 176 if (tflags & TUNNEL_VERSION) 177 flags |= GRE_VERSION; 178 179 return flags; 180 } 181 182 static int parse_gre_header(struct sk_buff *skb, struct tnl_ptk_info *tpi, 183 bool *csum_err) 184 { 185 const struct gre_base_hdr *greh; 186 __be32 *options; 187 int hdr_len; 188 189 if (unlikely(!pskb_may_pull(skb, sizeof(struct gre_base_hdr)))) 190 return -EINVAL; 191 192 greh = (struct gre_base_hdr *)skb_transport_header(skb); 193 if (unlikely(greh->flags & (GRE_VERSION | GRE_ROUTING))) 194 return -EINVAL; 195 196 tpi->flags = gre_flags_to_tnl_flags(greh->flags); 197 hdr_len = ip_gre_calc_hlen(tpi->flags); 198 199 if (!pskb_may_pull(skb, hdr_len)) 200 return -EINVAL; 201 202 greh = (struct gre_base_hdr *)skb_transport_header(skb); 203 tpi->proto = greh->protocol; 204 205 options = (__be32 *)(greh + 1); 206 if (greh->flags & GRE_CSUM) { 207 if (skb_checksum_simple_validate(skb)) { 208 *csum_err = true; 209 return -EINVAL; 210 } 211 212 skb_checksum_try_convert(skb, IPPROTO_GRE, 0, 213 null_compute_pseudo); 214 options++; 215 } 216 217 if (greh->flags & GRE_KEY) { 218 tpi->key = *options; 219 options++; 220 } else { 221 tpi->key = 0; 222 } 223 if (unlikely(greh->flags & GRE_SEQ)) { 224 tpi->seq = *options; 225 options++; 226 } else { 227 tpi->seq = 0; 228 } 229 /* WCCP version 1 and 2 protocol decoding. 230 * - Change protocol to IP 231 * - When dealing with WCCPv2, Skip extra 4 bytes in GRE header 232 */ 233 if (greh->flags == 0 && tpi->proto == htons(ETH_P_WCCP)) { 234 tpi->proto = htons(ETH_P_IP); 235 if ((*(u8 *)options & 0xF0) != 0x40) { 236 hdr_len += 4; 237 if (!pskb_may_pull(skb, hdr_len)) 238 return -EINVAL; 239 } 240 } 241 return iptunnel_pull_header(skb, hdr_len, tpi->proto, false); 242 } 243 244 static void ipgre_err(struct sk_buff *skb, u32 info, 245 const struct tnl_ptk_info *tpi) 246 { 247 248 /* All the routers (except for Linux) return only 249 8 bytes of packet payload. It means, that precise relaying of 250 ICMP in the real Internet is absolutely infeasible. 251 252 Moreover, Cisco "wise men" put GRE key to the third word 253 in GRE header. It makes impossible maintaining even soft 254 state for keyed GRE tunnels with enabled checksum. Tell 255 them "thank you". 256 257 Well, I wonder, rfc1812 was written by Cisco employee, 258 what the hell these idiots break standards established 259 by themselves??? 260 */ 261 struct net *net = dev_net(skb->dev); 262 struct ip_tunnel_net *itn; 263 const struct iphdr *iph; 264 const int type = icmp_hdr(skb)->type; 265 const int code = icmp_hdr(skb)->code; 266 struct ip_tunnel *t; 267 268 switch (type) { 269 default: 270 case ICMP_PARAMETERPROB: 271 return; 272 273 case ICMP_DEST_UNREACH: 274 switch (code) { 275 case ICMP_SR_FAILED: 276 case ICMP_PORT_UNREACH: 277 /* Impossible event. */ 278 return; 279 default: 280 /* All others are translated to HOST_UNREACH. 281 rfc2003 contains "deep thoughts" about NET_UNREACH, 282 I believe they are just ether pollution. --ANK 283 */ 284 break; 285 } 286 break; 287 288 case ICMP_TIME_EXCEEDED: 289 if (code != ICMP_EXC_TTL) 290 return; 291 break; 292 293 case ICMP_REDIRECT: 294 break; 295 } 296 297 if (tpi->proto == htons(ETH_P_TEB)) 298 itn = net_generic(net, gre_tap_net_id); 299 else 300 itn = net_generic(net, ipgre_net_id); 301 302 iph = (const struct iphdr *)(icmp_hdr(skb) + 1); 303 t = ip_tunnel_lookup(itn, skb->dev->ifindex, tpi->flags, 304 iph->daddr, iph->saddr, tpi->key); 305 306 if (!t) 307 return; 308 309 if (t->parms.iph.daddr == 0 || 310 ipv4_is_multicast(t->parms.iph.daddr)) 311 return; 312 313 if (t->parms.iph.ttl == 0 && type == ICMP_TIME_EXCEEDED) 314 return; 315 316 if (time_before(jiffies, t->err_time + IPTUNNEL_ERR_TIMEO)) 317 t->err_count++; 318 else 319 t->err_count = 1; 320 t->err_time = jiffies; 321 } 322 323 static void gre_err(struct sk_buff *skb, u32 info) 324 { 325 /* All the routers (except for Linux) return only 326 * 8 bytes of packet payload. It means, that precise relaying of 327 * ICMP in the real Internet is absolutely infeasible. 328 * 329 * Moreover, Cisco "wise men" put GRE key to the third word 330 * in GRE header. It makes impossible maintaining even soft 331 * state for keyed 332 * GRE tunnels with enabled checksum. Tell them "thank you". 333 * 334 * Well, I wonder, rfc1812 was written by Cisco employee, 335 * what the hell these idiots break standards established 336 * by themselves??? 337 */ 338 339 const int type = icmp_hdr(skb)->type; 340 const int code = icmp_hdr(skb)->code; 341 struct tnl_ptk_info tpi; 342 bool csum_err = false; 343 344 if (parse_gre_header(skb, &tpi, &csum_err)) { 345 if (!csum_err) /* ignore csum errors. */ 346 return; 347 } 348 349 if (type == ICMP_DEST_UNREACH && code == ICMP_FRAG_NEEDED) { 350 ipv4_update_pmtu(skb, dev_net(skb->dev), info, 351 skb->dev->ifindex, 0, IPPROTO_GRE, 0); 352 return; 353 } 354 if (type == ICMP_REDIRECT) { 355 ipv4_redirect(skb, dev_net(skb->dev), skb->dev->ifindex, 0, 356 IPPROTO_GRE, 0); 357 return; 358 } 359 360 ipgre_err(skb, info, &tpi); 361 } 362 363 static __be64 key_to_tunnel_id(__be32 key) 364 { 365 #ifdef __BIG_ENDIAN 366 return (__force __be64)((__force u32)key); 367 #else 368 return (__force __be64)((__force u64)key << 32); 369 #endif 370 } 371 372 /* Returns the least-significant 32 bits of a __be64. */ 373 static __be32 tunnel_id_to_key(__be64 x) 374 { 375 #ifdef __BIG_ENDIAN 376 return (__force __be32)x; 377 #else 378 return (__force __be32)((__force u64)x >> 32); 379 #endif 380 } 381 382 static int ipgre_rcv(struct sk_buff *skb, const struct tnl_ptk_info *tpi) 383 { 384 struct net *net = dev_net(skb->dev); 385 struct metadata_dst *tun_dst = NULL; 386 struct ip_tunnel_net *itn; 387 const struct iphdr *iph; 388 struct ip_tunnel *tunnel; 389 390 if (tpi->proto == htons(ETH_P_TEB)) 391 itn = net_generic(net, gre_tap_net_id); 392 else 393 itn = net_generic(net, ipgre_net_id); 394 395 iph = ip_hdr(skb); 396 tunnel = ip_tunnel_lookup(itn, skb->dev->ifindex, tpi->flags, 397 iph->saddr, iph->daddr, tpi->key); 398 399 if (tunnel) { 400 skb_pop_mac_header(skb); 401 if (tunnel->collect_md) { 402 __be16 flags; 403 __be64 tun_id; 404 405 flags = tpi->flags & (TUNNEL_CSUM | TUNNEL_KEY); 406 tun_id = key_to_tunnel_id(tpi->key); 407 tun_dst = ip_tun_rx_dst(skb, flags, tun_id, 0); 408 if (!tun_dst) 409 return PACKET_REJECT; 410 } 411 412 ip_tunnel_rcv(tunnel, skb, tpi, tun_dst, log_ecn_error); 413 return PACKET_RCVD; 414 } 415 return PACKET_REJECT; 416 } 417 418 static int gre_rcv(struct sk_buff *skb) 419 { 420 struct tnl_ptk_info tpi; 421 bool csum_err = false; 422 423 #ifdef CONFIG_NET_IPGRE_BROADCAST 424 if (ipv4_is_multicast(ip_hdr(skb)->daddr)) { 425 /* Looped back packet, drop it! */ 426 if (rt_is_output_route(skb_rtable(skb))) 427 goto drop; 428 } 429 #endif 430 431 if (parse_gre_header(skb, &tpi, &csum_err) < 0) 432 goto drop; 433 434 if (ipgre_rcv(skb, &tpi) == PACKET_RCVD) 435 return 0; 436 437 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_PORT_UNREACH, 0); 438 drop: 439 kfree_skb(skb); 440 return 0; 441 } 442 443 static __sum16 gre_checksum(struct sk_buff *skb) 444 { 445 __wsum csum; 446 447 if (skb->ip_summed == CHECKSUM_PARTIAL) 448 csum = lco_csum(skb); 449 else 450 csum = skb_checksum(skb, 0, skb->len, 0); 451 return csum_fold(csum); 452 } 453 454 static void build_header(struct sk_buff *skb, int hdr_len, __be16 flags, 455 __be16 proto, __be32 key, __be32 seq) 456 { 457 struct gre_base_hdr *greh; 458 459 skb_push(skb, hdr_len); 460 461 skb_reset_transport_header(skb); 462 greh = (struct gre_base_hdr *)skb->data; 463 greh->flags = tnl_flags_to_gre_flags(flags); 464 greh->protocol = proto; 465 466 if (flags & (TUNNEL_KEY | TUNNEL_CSUM | TUNNEL_SEQ)) { 467 __be32 *ptr = (__be32 *)(((u8 *)greh) + hdr_len - 4); 468 469 if (flags & TUNNEL_SEQ) { 470 *ptr = seq; 471 ptr--; 472 } 473 if (flags & TUNNEL_KEY) { 474 *ptr = key; 475 ptr--; 476 } 477 if (flags & TUNNEL_CSUM && 478 !(skb_shinfo(skb)->gso_type & 479 (SKB_GSO_GRE | SKB_GSO_GRE_CSUM))) { 480 *ptr = 0; 481 *(__sum16 *)ptr = gre_checksum(skb); 482 } 483 } 484 } 485 486 static void __gre_xmit(struct sk_buff *skb, struct net_device *dev, 487 const struct iphdr *tnl_params, 488 __be16 proto) 489 { 490 struct ip_tunnel *tunnel = netdev_priv(dev); 491 492 if (tunnel->parms.o_flags & TUNNEL_SEQ) 493 tunnel->o_seqno++; 494 495 /* Push GRE header. */ 496 build_header(skb, tunnel->tun_hlen, tunnel->parms.o_flags, 497 proto, tunnel->parms.o_key, htonl(tunnel->o_seqno)); 498 499 skb_set_inner_protocol(skb, proto); 500 ip_tunnel_xmit(skb, dev, tnl_params, tnl_params->protocol); 501 } 502 503 static struct sk_buff *gre_handle_offloads(struct sk_buff *skb, 504 bool csum) 505 { 506 return iptunnel_handle_offloads(skb, csum ? SKB_GSO_GRE_CSUM : SKB_GSO_GRE); 507 } 508 509 static struct rtable *gre_get_rt(struct sk_buff *skb, 510 struct net_device *dev, 511 struct flowi4 *fl, 512 const struct ip_tunnel_key *key) 513 { 514 struct net *net = dev_net(dev); 515 516 memset(fl, 0, sizeof(*fl)); 517 fl->daddr = key->u.ipv4.dst; 518 fl->saddr = key->u.ipv4.src; 519 fl->flowi4_tos = RT_TOS(key->tos); 520 fl->flowi4_mark = skb->mark; 521 fl->flowi4_proto = IPPROTO_GRE; 522 523 return ip_route_output_key(net, fl); 524 } 525 526 static void gre_fb_xmit(struct sk_buff *skb, struct net_device *dev) 527 { 528 struct ip_tunnel_info *tun_info; 529 const struct ip_tunnel_key *key; 530 struct flowi4 fl; 531 struct rtable *rt; 532 int min_headroom; 533 int tunnel_hlen; 534 __be16 df, flags; 535 int err; 536 537 tun_info = skb_tunnel_info(skb); 538 if (unlikely(!tun_info || !(tun_info->mode & IP_TUNNEL_INFO_TX) || 539 ip_tunnel_info_af(tun_info) != AF_INET)) 540 goto err_free_skb; 541 542 key = &tun_info->key; 543 rt = !skb->mark ? dst_cache_get_ip4(&tun_info->dst_cache, &fl.saddr) : 544 NULL; 545 if (!rt) { 546 rt = gre_get_rt(skb, dev, &fl, key); 547 if (IS_ERR(rt)) 548 goto err_free_skb; 549 if (!skb->mark) 550 dst_cache_set_ip4(&tun_info->dst_cache, &rt->dst, 551 fl.saddr); 552 } 553 554 tunnel_hlen = ip_gre_calc_hlen(key->tun_flags); 555 556 min_headroom = LL_RESERVED_SPACE(rt->dst.dev) + rt->dst.header_len 557 + tunnel_hlen + sizeof(struct iphdr); 558 if (skb_headroom(skb) < min_headroom || skb_header_cloned(skb)) { 559 int head_delta = SKB_DATA_ALIGN(min_headroom - 560 skb_headroom(skb) + 561 16); 562 err = pskb_expand_head(skb, max_t(int, head_delta, 0), 563 0, GFP_ATOMIC); 564 if (unlikely(err)) 565 goto err_free_rt; 566 } 567 568 /* Push Tunnel header. */ 569 skb = gre_handle_offloads(skb, !!(tun_info->key.tun_flags & TUNNEL_CSUM)); 570 if (IS_ERR(skb)) { 571 skb = NULL; 572 goto err_free_rt; 573 } 574 575 flags = tun_info->key.tun_flags & (TUNNEL_CSUM | TUNNEL_KEY); 576 build_header(skb, tunnel_hlen, flags, htons(ETH_P_TEB), 577 tunnel_id_to_key(tun_info->key.tun_id), 0); 578 579 df = key->tun_flags & TUNNEL_DONT_FRAGMENT ? htons(IP_DF) : 0; 580 581 iptunnel_xmit(skb->sk, rt, skb, fl.saddr, key->u.ipv4.dst, IPPROTO_GRE, 582 key->tos, key->ttl, df, false); 583 return; 584 585 err_free_rt: 586 ip_rt_put(rt); 587 err_free_skb: 588 kfree_skb(skb); 589 dev->stats.tx_dropped++; 590 } 591 592 static int gre_fill_metadata_dst(struct net_device *dev, struct sk_buff *skb) 593 { 594 struct ip_tunnel_info *info = skb_tunnel_info(skb); 595 struct rtable *rt; 596 struct flowi4 fl4; 597 598 if (ip_tunnel_info_af(info) != AF_INET) 599 return -EINVAL; 600 601 rt = gre_get_rt(skb, dev, &fl4, &info->key); 602 if (IS_ERR(rt)) 603 return PTR_ERR(rt); 604 605 ip_rt_put(rt); 606 info->key.u.ipv4.src = fl4.saddr; 607 return 0; 608 } 609 610 static netdev_tx_t ipgre_xmit(struct sk_buff *skb, 611 struct net_device *dev) 612 { 613 struct ip_tunnel *tunnel = netdev_priv(dev); 614 const struct iphdr *tnl_params; 615 616 if (tunnel->collect_md) { 617 gre_fb_xmit(skb, dev); 618 return NETDEV_TX_OK; 619 } 620 621 if (dev->header_ops) { 622 /* Need space for new headers */ 623 if (skb_cow_head(skb, dev->needed_headroom - 624 (tunnel->hlen + sizeof(struct iphdr)))) 625 goto free_skb; 626 627 tnl_params = (const struct iphdr *)skb->data; 628 629 /* Pull skb since ip_tunnel_xmit() needs skb->data pointing 630 * to gre header. 631 */ 632 skb_pull(skb, tunnel->hlen + sizeof(struct iphdr)); 633 skb_reset_mac_header(skb); 634 } else { 635 if (skb_cow_head(skb, dev->needed_headroom)) 636 goto free_skb; 637 638 tnl_params = &tunnel->parms.iph; 639 } 640 641 skb = gre_handle_offloads(skb, !!(tunnel->parms.o_flags&TUNNEL_CSUM)); 642 if (IS_ERR(skb)) 643 goto out; 644 645 __gre_xmit(skb, dev, tnl_params, skb->protocol); 646 return NETDEV_TX_OK; 647 648 free_skb: 649 kfree_skb(skb); 650 out: 651 dev->stats.tx_dropped++; 652 return NETDEV_TX_OK; 653 } 654 655 static netdev_tx_t gre_tap_xmit(struct sk_buff *skb, 656 struct net_device *dev) 657 { 658 struct ip_tunnel *tunnel = netdev_priv(dev); 659 660 if (tunnel->collect_md) { 661 gre_fb_xmit(skb, dev); 662 return NETDEV_TX_OK; 663 } 664 665 skb = gre_handle_offloads(skb, !!(tunnel->parms.o_flags&TUNNEL_CSUM)); 666 if (IS_ERR(skb)) 667 goto out; 668 669 if (skb_cow_head(skb, dev->needed_headroom)) 670 goto free_skb; 671 672 __gre_xmit(skb, dev, &tunnel->parms.iph, htons(ETH_P_TEB)); 673 return NETDEV_TX_OK; 674 675 free_skb: 676 kfree_skb(skb); 677 out: 678 dev->stats.tx_dropped++; 679 return NETDEV_TX_OK; 680 } 681 682 static int ipgre_tunnel_ioctl(struct net_device *dev, 683 struct ifreq *ifr, int cmd) 684 { 685 int err; 686 struct ip_tunnel_parm p; 687 688 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p))) 689 return -EFAULT; 690 if (cmd == SIOCADDTUNNEL || cmd == SIOCCHGTUNNEL) { 691 if (p.iph.version != 4 || p.iph.protocol != IPPROTO_GRE || 692 p.iph.ihl != 5 || (p.iph.frag_off&htons(~IP_DF)) || 693 ((p.i_flags|p.o_flags)&(GRE_VERSION|GRE_ROUTING))) 694 return -EINVAL; 695 } 696 p.i_flags = gre_flags_to_tnl_flags(p.i_flags); 697 p.o_flags = gre_flags_to_tnl_flags(p.o_flags); 698 699 err = ip_tunnel_ioctl(dev, &p, cmd); 700 if (err) 701 return err; 702 703 p.i_flags = tnl_flags_to_gre_flags(p.i_flags); 704 p.o_flags = tnl_flags_to_gre_flags(p.o_flags); 705 706 if (copy_to_user(ifr->ifr_ifru.ifru_data, &p, sizeof(p))) 707 return -EFAULT; 708 return 0; 709 } 710 711 /* Nice toy. Unfortunately, useless in real life :-) 712 It allows to construct virtual multiprotocol broadcast "LAN" 713 over the Internet, provided multicast routing is tuned. 714 715 716 I have no idea was this bicycle invented before me, 717 so that I had to set ARPHRD_IPGRE to a random value. 718 I have an impression, that Cisco could make something similar, 719 but this feature is apparently missing in IOS<=11.2(8). 720 721 I set up 10.66.66/24 and fec0:6666:6666::0/96 as virtual networks 722 with broadcast 224.66.66.66. If you have access to mbone, play with me :-) 723 724 ping -t 255 224.66.66.66 725 726 If nobody answers, mbone does not work. 727 728 ip tunnel add Universe mode gre remote 224.66.66.66 local <Your_real_addr> ttl 255 729 ip addr add 10.66.66.<somewhat>/24 dev Universe 730 ifconfig Universe up 731 ifconfig Universe add fe80::<Your_real_addr>/10 732 ifconfig Universe add fec0:6666:6666::<Your_real_addr>/96 733 ftp 10.66.66.66 734 ... 735 ftp fec0:6666:6666::193.233.7.65 736 ... 737 */ 738 static int ipgre_header(struct sk_buff *skb, struct net_device *dev, 739 unsigned short type, 740 const void *daddr, const void *saddr, unsigned int len) 741 { 742 struct ip_tunnel *t = netdev_priv(dev); 743 struct iphdr *iph; 744 struct gre_base_hdr *greh; 745 746 iph = (struct iphdr *)skb_push(skb, t->hlen + sizeof(*iph)); 747 greh = (struct gre_base_hdr *)(iph+1); 748 greh->flags = tnl_flags_to_gre_flags(t->parms.o_flags); 749 greh->protocol = htons(type); 750 751 memcpy(iph, &t->parms.iph, sizeof(struct iphdr)); 752 753 /* Set the source hardware address. */ 754 if (saddr) 755 memcpy(&iph->saddr, saddr, 4); 756 if (daddr) 757 memcpy(&iph->daddr, daddr, 4); 758 if (iph->daddr) 759 return t->hlen + sizeof(*iph); 760 761 return -(t->hlen + sizeof(*iph)); 762 } 763 764 static int ipgre_header_parse(const struct sk_buff *skb, unsigned char *haddr) 765 { 766 const struct iphdr *iph = (const struct iphdr *) skb_mac_header(skb); 767 memcpy(haddr, &iph->saddr, 4); 768 return 4; 769 } 770 771 static const struct header_ops ipgre_header_ops = { 772 .create = ipgre_header, 773 .parse = ipgre_header_parse, 774 }; 775 776 #ifdef CONFIG_NET_IPGRE_BROADCAST 777 static int ipgre_open(struct net_device *dev) 778 { 779 struct ip_tunnel *t = netdev_priv(dev); 780 781 if (ipv4_is_multicast(t->parms.iph.daddr)) { 782 struct flowi4 fl4; 783 struct rtable *rt; 784 785 rt = ip_route_output_gre(t->net, &fl4, 786 t->parms.iph.daddr, 787 t->parms.iph.saddr, 788 t->parms.o_key, 789 RT_TOS(t->parms.iph.tos), 790 t->parms.link); 791 if (IS_ERR(rt)) 792 return -EADDRNOTAVAIL; 793 dev = rt->dst.dev; 794 ip_rt_put(rt); 795 if (!__in_dev_get_rtnl(dev)) 796 return -EADDRNOTAVAIL; 797 t->mlink = dev->ifindex; 798 ip_mc_inc_group(__in_dev_get_rtnl(dev), t->parms.iph.daddr); 799 } 800 return 0; 801 } 802 803 static int ipgre_close(struct net_device *dev) 804 { 805 struct ip_tunnel *t = netdev_priv(dev); 806 807 if (ipv4_is_multicast(t->parms.iph.daddr) && t->mlink) { 808 struct in_device *in_dev; 809 in_dev = inetdev_by_index(t->net, t->mlink); 810 if (in_dev) 811 ip_mc_dec_group(in_dev, t->parms.iph.daddr); 812 } 813 return 0; 814 } 815 #endif 816 817 static const struct net_device_ops ipgre_netdev_ops = { 818 .ndo_init = ipgre_tunnel_init, 819 .ndo_uninit = ip_tunnel_uninit, 820 #ifdef CONFIG_NET_IPGRE_BROADCAST 821 .ndo_open = ipgre_open, 822 .ndo_stop = ipgre_close, 823 #endif 824 .ndo_start_xmit = ipgre_xmit, 825 .ndo_do_ioctl = ipgre_tunnel_ioctl, 826 .ndo_change_mtu = ip_tunnel_change_mtu, 827 .ndo_get_stats64 = ip_tunnel_get_stats64, 828 .ndo_get_iflink = ip_tunnel_get_iflink, 829 }; 830 831 #define GRE_FEATURES (NETIF_F_SG | \ 832 NETIF_F_FRAGLIST | \ 833 NETIF_F_HIGHDMA | \ 834 NETIF_F_HW_CSUM) 835 836 static void ipgre_tunnel_setup(struct net_device *dev) 837 { 838 dev->netdev_ops = &ipgre_netdev_ops; 839 dev->type = ARPHRD_IPGRE; 840 ip_tunnel_setup(dev, ipgre_net_id); 841 } 842 843 static void __gre_tunnel_init(struct net_device *dev) 844 { 845 struct ip_tunnel *tunnel; 846 int t_hlen; 847 848 tunnel = netdev_priv(dev); 849 tunnel->tun_hlen = ip_gre_calc_hlen(tunnel->parms.o_flags); 850 tunnel->parms.iph.protocol = IPPROTO_GRE; 851 852 tunnel->hlen = tunnel->tun_hlen + tunnel->encap_hlen; 853 854 t_hlen = tunnel->hlen + sizeof(struct iphdr); 855 856 dev->needed_headroom = LL_MAX_HEADER + t_hlen + 4; 857 dev->mtu = ETH_DATA_LEN - t_hlen - 4; 858 859 dev->features |= GRE_FEATURES; 860 dev->hw_features |= GRE_FEATURES; 861 862 if (!(tunnel->parms.o_flags & TUNNEL_SEQ)) { 863 /* TCP offload with GRE SEQ is not supported. */ 864 dev->features |= NETIF_F_GSO_SOFTWARE; 865 dev->hw_features |= NETIF_F_GSO_SOFTWARE; 866 /* Can use a lockless transmit, unless we generate 867 * output sequences 868 */ 869 dev->features |= NETIF_F_LLTX; 870 } 871 } 872 873 static int ipgre_tunnel_init(struct net_device *dev) 874 { 875 struct ip_tunnel *tunnel = netdev_priv(dev); 876 struct iphdr *iph = &tunnel->parms.iph; 877 878 __gre_tunnel_init(dev); 879 880 memcpy(dev->dev_addr, &iph->saddr, 4); 881 memcpy(dev->broadcast, &iph->daddr, 4); 882 883 dev->flags = IFF_NOARP; 884 netif_keep_dst(dev); 885 dev->addr_len = 4; 886 887 if (iph->daddr) { 888 #ifdef CONFIG_NET_IPGRE_BROADCAST 889 if (ipv4_is_multicast(iph->daddr)) { 890 if (!iph->saddr) 891 return -EINVAL; 892 dev->flags = IFF_BROADCAST; 893 dev->header_ops = &ipgre_header_ops; 894 } 895 #endif 896 } else 897 dev->header_ops = &ipgre_header_ops; 898 899 return ip_tunnel_init(dev); 900 } 901 902 static const struct gre_protocol ipgre_protocol = { 903 .handler = gre_rcv, 904 .err_handler = gre_err, 905 }; 906 907 static int __net_init ipgre_init_net(struct net *net) 908 { 909 return ip_tunnel_init_net(net, ipgre_net_id, &ipgre_link_ops, NULL); 910 } 911 912 static void __net_exit ipgre_exit_net(struct net *net) 913 { 914 struct ip_tunnel_net *itn = net_generic(net, ipgre_net_id); 915 ip_tunnel_delete_net(itn, &ipgre_link_ops); 916 } 917 918 static struct pernet_operations ipgre_net_ops = { 919 .init = ipgre_init_net, 920 .exit = ipgre_exit_net, 921 .id = &ipgre_net_id, 922 .size = sizeof(struct ip_tunnel_net), 923 }; 924 925 static int ipgre_tunnel_validate(struct nlattr *tb[], struct nlattr *data[]) 926 { 927 __be16 flags; 928 929 if (!data) 930 return 0; 931 932 flags = 0; 933 if (data[IFLA_GRE_IFLAGS]) 934 flags |= nla_get_be16(data[IFLA_GRE_IFLAGS]); 935 if (data[IFLA_GRE_OFLAGS]) 936 flags |= nla_get_be16(data[IFLA_GRE_OFLAGS]); 937 if (flags & (GRE_VERSION|GRE_ROUTING)) 938 return -EINVAL; 939 940 return 0; 941 } 942 943 static int ipgre_tap_validate(struct nlattr *tb[], struct nlattr *data[]) 944 { 945 __be32 daddr; 946 947 if (tb[IFLA_ADDRESS]) { 948 if (nla_len(tb[IFLA_ADDRESS]) != ETH_ALEN) 949 return -EINVAL; 950 if (!is_valid_ether_addr(nla_data(tb[IFLA_ADDRESS]))) 951 return -EADDRNOTAVAIL; 952 } 953 954 if (!data) 955 goto out; 956 957 if (data[IFLA_GRE_REMOTE]) { 958 memcpy(&daddr, nla_data(data[IFLA_GRE_REMOTE]), 4); 959 if (!daddr) 960 return -EINVAL; 961 } 962 963 out: 964 return ipgre_tunnel_validate(tb, data); 965 } 966 967 static void ipgre_netlink_parms(struct net_device *dev, 968 struct nlattr *data[], 969 struct nlattr *tb[], 970 struct ip_tunnel_parm *parms) 971 { 972 memset(parms, 0, sizeof(*parms)); 973 974 parms->iph.protocol = IPPROTO_GRE; 975 976 if (!data) 977 return; 978 979 if (data[IFLA_GRE_LINK]) 980 parms->link = nla_get_u32(data[IFLA_GRE_LINK]); 981 982 if (data[IFLA_GRE_IFLAGS]) 983 parms->i_flags = gre_flags_to_tnl_flags(nla_get_be16(data[IFLA_GRE_IFLAGS])); 984 985 if (data[IFLA_GRE_OFLAGS]) 986 parms->o_flags = gre_flags_to_tnl_flags(nla_get_be16(data[IFLA_GRE_OFLAGS])); 987 988 if (data[IFLA_GRE_IKEY]) 989 parms->i_key = nla_get_be32(data[IFLA_GRE_IKEY]); 990 991 if (data[IFLA_GRE_OKEY]) 992 parms->o_key = nla_get_be32(data[IFLA_GRE_OKEY]); 993 994 if (data[IFLA_GRE_LOCAL]) 995 parms->iph.saddr = nla_get_in_addr(data[IFLA_GRE_LOCAL]); 996 997 if (data[IFLA_GRE_REMOTE]) 998 parms->iph.daddr = nla_get_in_addr(data[IFLA_GRE_REMOTE]); 999 1000 if (data[IFLA_GRE_TTL]) 1001 parms->iph.ttl = nla_get_u8(data[IFLA_GRE_TTL]); 1002 1003 if (data[IFLA_GRE_TOS]) 1004 parms->iph.tos = nla_get_u8(data[IFLA_GRE_TOS]); 1005 1006 if (!data[IFLA_GRE_PMTUDISC] || nla_get_u8(data[IFLA_GRE_PMTUDISC])) 1007 parms->iph.frag_off = htons(IP_DF); 1008 1009 if (data[IFLA_GRE_COLLECT_METADATA]) { 1010 struct ip_tunnel *t = netdev_priv(dev); 1011 1012 t->collect_md = true; 1013 } 1014 } 1015 1016 /* This function returns true when ENCAP attributes are present in the nl msg */ 1017 static bool ipgre_netlink_encap_parms(struct nlattr *data[], 1018 struct ip_tunnel_encap *ipencap) 1019 { 1020 bool ret = false; 1021 1022 memset(ipencap, 0, sizeof(*ipencap)); 1023 1024 if (!data) 1025 return ret; 1026 1027 if (data[IFLA_GRE_ENCAP_TYPE]) { 1028 ret = true; 1029 ipencap->type = nla_get_u16(data[IFLA_GRE_ENCAP_TYPE]); 1030 } 1031 1032 if (data[IFLA_GRE_ENCAP_FLAGS]) { 1033 ret = true; 1034 ipencap->flags = nla_get_u16(data[IFLA_GRE_ENCAP_FLAGS]); 1035 } 1036 1037 if (data[IFLA_GRE_ENCAP_SPORT]) { 1038 ret = true; 1039 ipencap->sport = nla_get_be16(data[IFLA_GRE_ENCAP_SPORT]); 1040 } 1041 1042 if (data[IFLA_GRE_ENCAP_DPORT]) { 1043 ret = true; 1044 ipencap->dport = nla_get_be16(data[IFLA_GRE_ENCAP_DPORT]); 1045 } 1046 1047 return ret; 1048 } 1049 1050 static int gre_tap_init(struct net_device *dev) 1051 { 1052 __gre_tunnel_init(dev); 1053 dev->priv_flags |= IFF_LIVE_ADDR_CHANGE; 1054 1055 return ip_tunnel_init(dev); 1056 } 1057 1058 static const struct net_device_ops gre_tap_netdev_ops = { 1059 .ndo_init = gre_tap_init, 1060 .ndo_uninit = ip_tunnel_uninit, 1061 .ndo_start_xmit = gre_tap_xmit, 1062 .ndo_set_mac_address = eth_mac_addr, 1063 .ndo_validate_addr = eth_validate_addr, 1064 .ndo_change_mtu = ip_tunnel_change_mtu, 1065 .ndo_get_stats64 = ip_tunnel_get_stats64, 1066 .ndo_get_iflink = ip_tunnel_get_iflink, 1067 .ndo_fill_metadata_dst = gre_fill_metadata_dst, 1068 }; 1069 1070 static void ipgre_tap_setup(struct net_device *dev) 1071 { 1072 ether_setup(dev); 1073 dev->netdev_ops = &gre_tap_netdev_ops; 1074 dev->priv_flags &= ~IFF_TX_SKB_SHARING; 1075 dev->priv_flags |= IFF_LIVE_ADDR_CHANGE; 1076 ip_tunnel_setup(dev, gre_tap_net_id); 1077 } 1078 1079 static int ipgre_newlink(struct net *src_net, struct net_device *dev, 1080 struct nlattr *tb[], struct nlattr *data[]) 1081 { 1082 struct ip_tunnel_parm p; 1083 struct ip_tunnel_encap ipencap; 1084 1085 if (ipgre_netlink_encap_parms(data, &ipencap)) { 1086 struct ip_tunnel *t = netdev_priv(dev); 1087 int err = ip_tunnel_encap_setup(t, &ipencap); 1088 1089 if (err < 0) 1090 return err; 1091 } 1092 1093 ipgre_netlink_parms(dev, data, tb, &p); 1094 return ip_tunnel_newlink(dev, tb, &p); 1095 } 1096 1097 static int ipgre_changelink(struct net_device *dev, struct nlattr *tb[], 1098 struct nlattr *data[]) 1099 { 1100 struct ip_tunnel_parm p; 1101 struct ip_tunnel_encap ipencap; 1102 1103 if (ipgre_netlink_encap_parms(data, &ipencap)) { 1104 struct ip_tunnel *t = netdev_priv(dev); 1105 int err = ip_tunnel_encap_setup(t, &ipencap); 1106 1107 if (err < 0) 1108 return err; 1109 } 1110 1111 ipgre_netlink_parms(dev, data, tb, &p); 1112 return ip_tunnel_changelink(dev, tb, &p); 1113 } 1114 1115 static size_t ipgre_get_size(const struct net_device *dev) 1116 { 1117 return 1118 /* IFLA_GRE_LINK */ 1119 nla_total_size(4) + 1120 /* IFLA_GRE_IFLAGS */ 1121 nla_total_size(2) + 1122 /* IFLA_GRE_OFLAGS */ 1123 nla_total_size(2) + 1124 /* IFLA_GRE_IKEY */ 1125 nla_total_size(4) + 1126 /* IFLA_GRE_OKEY */ 1127 nla_total_size(4) + 1128 /* IFLA_GRE_LOCAL */ 1129 nla_total_size(4) + 1130 /* IFLA_GRE_REMOTE */ 1131 nla_total_size(4) + 1132 /* IFLA_GRE_TTL */ 1133 nla_total_size(1) + 1134 /* IFLA_GRE_TOS */ 1135 nla_total_size(1) + 1136 /* IFLA_GRE_PMTUDISC */ 1137 nla_total_size(1) + 1138 /* IFLA_GRE_ENCAP_TYPE */ 1139 nla_total_size(2) + 1140 /* IFLA_GRE_ENCAP_FLAGS */ 1141 nla_total_size(2) + 1142 /* IFLA_GRE_ENCAP_SPORT */ 1143 nla_total_size(2) + 1144 /* IFLA_GRE_ENCAP_DPORT */ 1145 nla_total_size(2) + 1146 /* IFLA_GRE_COLLECT_METADATA */ 1147 nla_total_size(0) + 1148 0; 1149 } 1150 1151 static int ipgre_fill_info(struct sk_buff *skb, const struct net_device *dev) 1152 { 1153 struct ip_tunnel *t = netdev_priv(dev); 1154 struct ip_tunnel_parm *p = &t->parms; 1155 1156 if (nla_put_u32(skb, IFLA_GRE_LINK, p->link) || 1157 nla_put_be16(skb, IFLA_GRE_IFLAGS, tnl_flags_to_gre_flags(p->i_flags)) || 1158 nla_put_be16(skb, IFLA_GRE_OFLAGS, tnl_flags_to_gre_flags(p->o_flags)) || 1159 nla_put_be32(skb, IFLA_GRE_IKEY, p->i_key) || 1160 nla_put_be32(skb, IFLA_GRE_OKEY, p->o_key) || 1161 nla_put_in_addr(skb, IFLA_GRE_LOCAL, p->iph.saddr) || 1162 nla_put_in_addr(skb, IFLA_GRE_REMOTE, p->iph.daddr) || 1163 nla_put_u8(skb, IFLA_GRE_TTL, p->iph.ttl) || 1164 nla_put_u8(skb, IFLA_GRE_TOS, p->iph.tos) || 1165 nla_put_u8(skb, IFLA_GRE_PMTUDISC, 1166 !!(p->iph.frag_off & htons(IP_DF)))) 1167 goto nla_put_failure; 1168 1169 if (nla_put_u16(skb, IFLA_GRE_ENCAP_TYPE, 1170 t->encap.type) || 1171 nla_put_be16(skb, IFLA_GRE_ENCAP_SPORT, 1172 t->encap.sport) || 1173 nla_put_be16(skb, IFLA_GRE_ENCAP_DPORT, 1174 t->encap.dport) || 1175 nla_put_u16(skb, IFLA_GRE_ENCAP_FLAGS, 1176 t->encap.flags)) 1177 goto nla_put_failure; 1178 1179 if (t->collect_md) { 1180 if (nla_put_flag(skb, IFLA_GRE_COLLECT_METADATA)) 1181 goto nla_put_failure; 1182 } 1183 1184 return 0; 1185 1186 nla_put_failure: 1187 return -EMSGSIZE; 1188 } 1189 1190 static const struct nla_policy ipgre_policy[IFLA_GRE_MAX + 1] = { 1191 [IFLA_GRE_LINK] = { .type = NLA_U32 }, 1192 [IFLA_GRE_IFLAGS] = { .type = NLA_U16 }, 1193 [IFLA_GRE_OFLAGS] = { .type = NLA_U16 }, 1194 [IFLA_GRE_IKEY] = { .type = NLA_U32 }, 1195 [IFLA_GRE_OKEY] = { .type = NLA_U32 }, 1196 [IFLA_GRE_LOCAL] = { .len = FIELD_SIZEOF(struct iphdr, saddr) }, 1197 [IFLA_GRE_REMOTE] = { .len = FIELD_SIZEOF(struct iphdr, daddr) }, 1198 [IFLA_GRE_TTL] = { .type = NLA_U8 }, 1199 [IFLA_GRE_TOS] = { .type = NLA_U8 }, 1200 [IFLA_GRE_PMTUDISC] = { .type = NLA_U8 }, 1201 [IFLA_GRE_ENCAP_TYPE] = { .type = NLA_U16 }, 1202 [IFLA_GRE_ENCAP_FLAGS] = { .type = NLA_U16 }, 1203 [IFLA_GRE_ENCAP_SPORT] = { .type = NLA_U16 }, 1204 [IFLA_GRE_ENCAP_DPORT] = { .type = NLA_U16 }, 1205 [IFLA_GRE_COLLECT_METADATA] = { .type = NLA_FLAG }, 1206 }; 1207 1208 static struct rtnl_link_ops ipgre_link_ops __read_mostly = { 1209 .kind = "gre", 1210 .maxtype = IFLA_GRE_MAX, 1211 .policy = ipgre_policy, 1212 .priv_size = sizeof(struct ip_tunnel), 1213 .setup = ipgre_tunnel_setup, 1214 .validate = ipgre_tunnel_validate, 1215 .newlink = ipgre_newlink, 1216 .changelink = ipgre_changelink, 1217 .dellink = ip_tunnel_dellink, 1218 .get_size = ipgre_get_size, 1219 .fill_info = ipgre_fill_info, 1220 .get_link_net = ip_tunnel_get_link_net, 1221 }; 1222 1223 static struct rtnl_link_ops ipgre_tap_ops __read_mostly = { 1224 .kind = "gretap", 1225 .maxtype = IFLA_GRE_MAX, 1226 .policy = ipgre_policy, 1227 .priv_size = sizeof(struct ip_tunnel), 1228 .setup = ipgre_tap_setup, 1229 .validate = ipgre_tap_validate, 1230 .newlink = ipgre_newlink, 1231 .changelink = ipgre_changelink, 1232 .dellink = ip_tunnel_dellink, 1233 .get_size = ipgre_get_size, 1234 .fill_info = ipgre_fill_info, 1235 .get_link_net = ip_tunnel_get_link_net, 1236 }; 1237 1238 struct net_device *gretap_fb_dev_create(struct net *net, const char *name, 1239 u8 name_assign_type) 1240 { 1241 struct nlattr *tb[IFLA_MAX + 1]; 1242 struct net_device *dev; 1243 struct ip_tunnel *t; 1244 int err; 1245 1246 memset(&tb, 0, sizeof(tb)); 1247 1248 dev = rtnl_create_link(net, name, name_assign_type, 1249 &ipgre_tap_ops, tb); 1250 if (IS_ERR(dev)) 1251 return dev; 1252 1253 /* Configure flow based GRE device. */ 1254 t = netdev_priv(dev); 1255 t->collect_md = true; 1256 1257 err = ipgre_newlink(net, dev, tb, NULL); 1258 if (err < 0) 1259 goto out; 1260 1261 /* openvswitch users expect packet sizes to be unrestricted, 1262 * so set the largest MTU we can. 1263 */ 1264 err = __ip_tunnel_change_mtu(dev, IP_MAX_MTU, false); 1265 if (err) 1266 goto out; 1267 1268 return dev; 1269 out: 1270 free_netdev(dev); 1271 return ERR_PTR(err); 1272 } 1273 EXPORT_SYMBOL_GPL(gretap_fb_dev_create); 1274 1275 static int __net_init ipgre_tap_init_net(struct net *net) 1276 { 1277 return ip_tunnel_init_net(net, gre_tap_net_id, &ipgre_tap_ops, "gretap0"); 1278 } 1279 1280 static void __net_exit ipgre_tap_exit_net(struct net *net) 1281 { 1282 struct ip_tunnel_net *itn = net_generic(net, gre_tap_net_id); 1283 ip_tunnel_delete_net(itn, &ipgre_tap_ops); 1284 } 1285 1286 static struct pernet_operations ipgre_tap_net_ops = { 1287 .init = ipgre_tap_init_net, 1288 .exit = ipgre_tap_exit_net, 1289 .id = &gre_tap_net_id, 1290 .size = sizeof(struct ip_tunnel_net), 1291 }; 1292 1293 static int __init ipgre_init(void) 1294 { 1295 int err; 1296 1297 pr_info("GRE over IPv4 tunneling driver\n"); 1298 1299 err = register_pernet_device(&ipgre_net_ops); 1300 if (err < 0) 1301 return err; 1302 1303 err = register_pernet_device(&ipgre_tap_net_ops); 1304 if (err < 0) 1305 goto pnet_tap_faied; 1306 1307 err = gre_add_protocol(&ipgre_protocol, GREPROTO_CISCO); 1308 if (err < 0) { 1309 pr_info("%s: can't add protocol\n", __func__); 1310 goto add_proto_failed; 1311 } 1312 1313 err = rtnl_link_register(&ipgre_link_ops); 1314 if (err < 0) 1315 goto rtnl_link_failed; 1316 1317 err = rtnl_link_register(&ipgre_tap_ops); 1318 if (err < 0) 1319 goto tap_ops_failed; 1320 1321 return 0; 1322 1323 tap_ops_failed: 1324 rtnl_link_unregister(&ipgre_link_ops); 1325 rtnl_link_failed: 1326 gre_del_protocol(&ipgre_protocol, GREPROTO_CISCO); 1327 add_proto_failed: 1328 unregister_pernet_device(&ipgre_tap_net_ops); 1329 pnet_tap_faied: 1330 unregister_pernet_device(&ipgre_net_ops); 1331 return err; 1332 } 1333 1334 static void __exit ipgre_fini(void) 1335 { 1336 rtnl_link_unregister(&ipgre_tap_ops); 1337 rtnl_link_unregister(&ipgre_link_ops); 1338 gre_del_protocol(&ipgre_protocol, GREPROTO_CISCO); 1339 unregister_pernet_device(&ipgre_tap_net_ops); 1340 unregister_pernet_device(&ipgre_net_ops); 1341 } 1342 1343 module_init(ipgre_init); 1344 module_exit(ipgre_fini); 1345 MODULE_LICENSE("GPL"); 1346 MODULE_ALIAS_RTNL_LINK("gre"); 1347 MODULE_ALIAS_RTNL_LINK("gretap"); 1348 MODULE_ALIAS_NETDEV("gre0"); 1349 MODULE_ALIAS_NETDEV("gretap0"); 1350