1 /* 2 * Linux NET3: GRE over IP protocol decoder. 3 * 4 * Authors: Alexey Kuznetsov (kuznet@ms2.inr.ac.ru) 5 * 6 * This program is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU General Public License 8 * as published by the Free Software Foundation; either version 9 * 2 of the License, or (at your option) any later version. 10 * 11 */ 12 13 #include <linux/config.h> 14 #include <linux/module.h> 15 #include <linux/types.h> 16 #include <linux/sched.h> 17 #include <linux/kernel.h> 18 #include <asm/uaccess.h> 19 #include <linux/skbuff.h> 20 #include <linux/netdevice.h> 21 #include <linux/in.h> 22 #include <linux/tcp.h> 23 #include <linux/udp.h> 24 #include <linux/if_arp.h> 25 #include <linux/mroute.h> 26 #include <linux/init.h> 27 #include <linux/in6.h> 28 #include <linux/inetdevice.h> 29 #include <linux/igmp.h> 30 #include <linux/netfilter_ipv4.h> 31 32 #include <net/sock.h> 33 #include <net/ip.h> 34 #include <net/icmp.h> 35 #include <net/protocol.h> 36 #include <net/ipip.h> 37 #include <net/arp.h> 38 #include <net/checksum.h> 39 #include <net/dsfield.h> 40 #include <net/inet_ecn.h> 41 #include <net/xfrm.h> 42 43 #ifdef CONFIG_IPV6 44 #include <net/ipv6.h> 45 #include <net/ip6_fib.h> 46 #include <net/ip6_route.h> 47 #endif 48 49 /* 50 Problems & solutions 51 -------------------- 52 53 1. The most important issue is detecting local dead loops. 54 They would cause complete host lockup in transmit, which 55 would be "resolved" by stack overflow or, if queueing is enabled, 56 with infinite looping in net_bh. 57 58 We cannot track such dead loops during route installation, 59 it is infeasible task. The most general solutions would be 60 to keep skb->encapsulation counter (sort of local ttl), 61 and silently drop packet when it expires. It is the best 62 solution, but it supposes maintaing new variable in ALL 63 skb, even if no tunneling is used. 64 65 Current solution: t->recursion lock breaks dead loops. It looks 66 like dev->tbusy flag, but I preferred new variable, because 67 the semantics is different. One day, when hard_start_xmit 68 will be multithreaded we will have to use skb->encapsulation. 69 70 71 72 2. Networking dead loops would not kill routers, but would really 73 kill network. IP hop limit plays role of "t->recursion" in this case, 74 if we copy it from packet being encapsulated to upper header. 75 It is very good solution, but it introduces two problems: 76 77 - Routing protocols, using packets with ttl=1 (OSPF, RIP2), 78 do not work over tunnels. 79 - traceroute does not work. I planned to relay ICMP from tunnel, 80 so that this problem would be solved and traceroute output 81 would even more informative. This idea appeared to be wrong: 82 only Linux complies to rfc1812 now (yes, guys, Linux is the only 83 true router now :-)), all routers (at least, in neighbourhood of mine) 84 return only 8 bytes of payload. It is the end. 85 86 Hence, if we want that OSPF worked or traceroute said something reasonable, 87 we should search for another solution. 88 89 One of them is to parse packet trying to detect inner encapsulation 90 made by our node. It is difficult or even impossible, especially, 91 taking into account fragmentation. TO be short, tt is not solution at all. 92 93 Current solution: The solution was UNEXPECTEDLY SIMPLE. 94 We force DF flag on tunnels with preconfigured hop limit, 95 that is ALL. :-) Well, it does not remove the problem completely, 96 but exponential growth of network traffic is changed to linear 97 (branches, that exceed pmtu are pruned) and tunnel mtu 98 fastly degrades to value <68, where looping stops. 99 Yes, it is not good if there exists a router in the loop, 100 which does not force DF, even when encapsulating packets have DF set. 101 But it is not our problem! Nobody could accuse us, we made 102 all that we could make. Even if it is your gated who injected 103 fatal route to network, even if it were you who configured 104 fatal static route: you are innocent. :-) 105 106 107 108 3. Really, ipv4/ipip.c, ipv4/ip_gre.c and ipv6/sit.c contain 109 practically identical code. It would be good to glue them 110 together, but it is not very evident, how to make them modular. 111 sit is integral part of IPv6, ipip and gre are naturally modular. 112 We could extract common parts (hash table, ioctl etc) 113 to a separate module (ip_tunnel.c). 114 115 Alexey Kuznetsov. 116 */ 117 118 static int ipgre_tunnel_init(struct net_device *dev); 119 static void ipgre_tunnel_setup(struct net_device *dev); 120 121 /* Fallback tunnel: no source, no destination, no key, no options */ 122 123 static int ipgre_fb_tunnel_init(struct net_device *dev); 124 125 static struct net_device *ipgre_fb_tunnel_dev; 126 127 /* Tunnel hash table */ 128 129 /* 130 4 hash tables: 131 132 3: (remote,local) 133 2: (remote,*) 134 1: (*,local) 135 0: (*,*) 136 137 We require exact key match i.e. if a key is present in packet 138 it will match only tunnel with the same key; if it is not present, 139 it will match only keyless tunnel. 140 141 All keysless packets, if not matched configured keyless tunnels 142 will match fallback tunnel. 143 */ 144 145 #define HASH_SIZE 16 146 #define HASH(addr) ((addr^(addr>>4))&0xF) 147 148 static struct ip_tunnel *tunnels[4][HASH_SIZE]; 149 150 #define tunnels_r_l (tunnels[3]) 151 #define tunnels_r (tunnels[2]) 152 #define tunnels_l (tunnels[1]) 153 #define tunnels_wc (tunnels[0]) 154 155 static DEFINE_RWLOCK(ipgre_lock); 156 157 /* Given src, dst and key, find appropriate for input tunnel. */ 158 159 static struct ip_tunnel * ipgre_tunnel_lookup(u32 remote, u32 local, u32 key) 160 { 161 unsigned h0 = HASH(remote); 162 unsigned h1 = HASH(key); 163 struct ip_tunnel *t; 164 165 for (t = tunnels_r_l[h0^h1]; t; t = t->next) { 166 if (local == t->parms.iph.saddr && remote == t->parms.iph.daddr) { 167 if (t->parms.i_key == key && (t->dev->flags&IFF_UP)) 168 return t; 169 } 170 } 171 for (t = tunnels_r[h0^h1]; t; t = t->next) { 172 if (remote == t->parms.iph.daddr) { 173 if (t->parms.i_key == key && (t->dev->flags&IFF_UP)) 174 return t; 175 } 176 } 177 for (t = tunnels_l[h1]; t; t = t->next) { 178 if (local == t->parms.iph.saddr || 179 (local == t->parms.iph.daddr && MULTICAST(local))) { 180 if (t->parms.i_key == key && (t->dev->flags&IFF_UP)) 181 return t; 182 } 183 } 184 for (t = tunnels_wc[h1]; t; t = t->next) { 185 if (t->parms.i_key == key && (t->dev->flags&IFF_UP)) 186 return t; 187 } 188 189 if (ipgre_fb_tunnel_dev->flags&IFF_UP) 190 return ipgre_fb_tunnel_dev->priv; 191 return NULL; 192 } 193 194 static struct ip_tunnel **ipgre_bucket(struct ip_tunnel *t) 195 { 196 u32 remote = t->parms.iph.daddr; 197 u32 local = t->parms.iph.saddr; 198 u32 key = t->parms.i_key; 199 unsigned h = HASH(key); 200 int prio = 0; 201 202 if (local) 203 prio |= 1; 204 if (remote && !MULTICAST(remote)) { 205 prio |= 2; 206 h ^= HASH(remote); 207 } 208 209 return &tunnels[prio][h]; 210 } 211 212 static void ipgre_tunnel_link(struct ip_tunnel *t) 213 { 214 struct ip_tunnel **tp = ipgre_bucket(t); 215 216 t->next = *tp; 217 write_lock_bh(&ipgre_lock); 218 *tp = t; 219 write_unlock_bh(&ipgre_lock); 220 } 221 222 static void ipgre_tunnel_unlink(struct ip_tunnel *t) 223 { 224 struct ip_tunnel **tp; 225 226 for (tp = ipgre_bucket(t); *tp; tp = &(*tp)->next) { 227 if (t == *tp) { 228 write_lock_bh(&ipgre_lock); 229 *tp = t->next; 230 write_unlock_bh(&ipgre_lock); 231 break; 232 } 233 } 234 } 235 236 static struct ip_tunnel * ipgre_tunnel_locate(struct ip_tunnel_parm *parms, int create) 237 { 238 u32 remote = parms->iph.daddr; 239 u32 local = parms->iph.saddr; 240 u32 key = parms->i_key; 241 struct ip_tunnel *t, **tp, *nt; 242 struct net_device *dev; 243 unsigned h = HASH(key); 244 int prio = 0; 245 char name[IFNAMSIZ]; 246 247 if (local) 248 prio |= 1; 249 if (remote && !MULTICAST(remote)) { 250 prio |= 2; 251 h ^= HASH(remote); 252 } 253 for (tp = &tunnels[prio][h]; (t = *tp) != NULL; tp = &t->next) { 254 if (local == t->parms.iph.saddr && remote == t->parms.iph.daddr) { 255 if (key == t->parms.i_key) 256 return t; 257 } 258 } 259 if (!create) 260 return NULL; 261 262 if (parms->name[0]) 263 strlcpy(name, parms->name, IFNAMSIZ); 264 else { 265 int i; 266 for (i=1; i<100; i++) { 267 sprintf(name, "gre%d", i); 268 if (__dev_get_by_name(name) == NULL) 269 break; 270 } 271 if (i==100) 272 goto failed; 273 } 274 275 dev = alloc_netdev(sizeof(*t), name, ipgre_tunnel_setup); 276 if (!dev) 277 return NULL; 278 279 dev->init = ipgre_tunnel_init; 280 nt = dev->priv; 281 nt->parms = *parms; 282 283 if (register_netdevice(dev) < 0) { 284 free_netdev(dev); 285 goto failed; 286 } 287 288 nt = dev->priv; 289 nt->parms = *parms; 290 291 dev_hold(dev); 292 ipgre_tunnel_link(nt); 293 return nt; 294 295 failed: 296 return NULL; 297 } 298 299 static void ipgre_tunnel_uninit(struct net_device *dev) 300 { 301 ipgre_tunnel_unlink((struct ip_tunnel*)dev->priv); 302 dev_put(dev); 303 } 304 305 306 static void ipgre_err(struct sk_buff *skb, u32 info) 307 { 308 #ifndef I_WISH_WORLD_WERE_PERFECT 309 310 /* It is not :-( All the routers (except for Linux) return only 311 8 bytes of packet payload. It means, that precise relaying of 312 ICMP in the real Internet is absolutely infeasible. 313 314 Moreover, Cisco "wise men" put GRE key to the third word 315 in GRE header. It makes impossible maintaining even soft state for keyed 316 GRE tunnels with enabled checksum. Tell them "thank you". 317 318 Well, I wonder, rfc1812 was written by Cisco employee, 319 what the hell these idiots break standrads established 320 by themself??? 321 */ 322 323 struct iphdr *iph = (struct iphdr*)skb->data; 324 u16 *p = (u16*)(skb->data+(iph->ihl<<2)); 325 int grehlen = (iph->ihl<<2) + 4; 326 int type = skb->h.icmph->type; 327 int code = skb->h.icmph->code; 328 struct ip_tunnel *t; 329 u16 flags; 330 331 flags = p[0]; 332 if (flags&(GRE_CSUM|GRE_KEY|GRE_SEQ|GRE_ROUTING|GRE_VERSION)) { 333 if (flags&(GRE_VERSION|GRE_ROUTING)) 334 return; 335 if (flags&GRE_KEY) { 336 grehlen += 4; 337 if (flags&GRE_CSUM) 338 grehlen += 4; 339 } 340 } 341 342 /* If only 8 bytes returned, keyed message will be dropped here */ 343 if (skb_headlen(skb) < grehlen) 344 return; 345 346 switch (type) { 347 default: 348 case ICMP_PARAMETERPROB: 349 return; 350 351 case ICMP_DEST_UNREACH: 352 switch (code) { 353 case ICMP_SR_FAILED: 354 case ICMP_PORT_UNREACH: 355 /* Impossible event. */ 356 return; 357 case ICMP_FRAG_NEEDED: 358 /* Soft state for pmtu is maintained by IP core. */ 359 return; 360 default: 361 /* All others are translated to HOST_UNREACH. 362 rfc2003 contains "deep thoughts" about NET_UNREACH, 363 I believe they are just ether pollution. --ANK 364 */ 365 break; 366 } 367 break; 368 case ICMP_TIME_EXCEEDED: 369 if (code != ICMP_EXC_TTL) 370 return; 371 break; 372 } 373 374 read_lock(&ipgre_lock); 375 t = ipgre_tunnel_lookup(iph->daddr, iph->saddr, (flags&GRE_KEY) ? *(((u32*)p) + (grehlen>>2) - 1) : 0); 376 if (t == NULL || t->parms.iph.daddr == 0 || MULTICAST(t->parms.iph.daddr)) 377 goto out; 378 379 if (t->parms.iph.ttl == 0 && type == ICMP_TIME_EXCEEDED) 380 goto out; 381 382 if (jiffies - t->err_time < IPTUNNEL_ERR_TIMEO) 383 t->err_count++; 384 else 385 t->err_count = 1; 386 t->err_time = jiffies; 387 out: 388 read_unlock(&ipgre_lock); 389 return; 390 #else 391 struct iphdr *iph = (struct iphdr*)dp; 392 struct iphdr *eiph; 393 u16 *p = (u16*)(dp+(iph->ihl<<2)); 394 int type = skb->h.icmph->type; 395 int code = skb->h.icmph->code; 396 int rel_type = 0; 397 int rel_code = 0; 398 int rel_info = 0; 399 u16 flags; 400 int grehlen = (iph->ihl<<2) + 4; 401 struct sk_buff *skb2; 402 struct flowi fl; 403 struct rtable *rt; 404 405 if (p[1] != htons(ETH_P_IP)) 406 return; 407 408 flags = p[0]; 409 if (flags&(GRE_CSUM|GRE_KEY|GRE_SEQ|GRE_ROUTING|GRE_VERSION)) { 410 if (flags&(GRE_VERSION|GRE_ROUTING)) 411 return; 412 if (flags&GRE_CSUM) 413 grehlen += 4; 414 if (flags&GRE_KEY) 415 grehlen += 4; 416 if (flags&GRE_SEQ) 417 grehlen += 4; 418 } 419 if (len < grehlen + sizeof(struct iphdr)) 420 return; 421 eiph = (struct iphdr*)(dp + grehlen); 422 423 switch (type) { 424 default: 425 return; 426 case ICMP_PARAMETERPROB: 427 if (skb->h.icmph->un.gateway < (iph->ihl<<2)) 428 return; 429 430 /* So... This guy found something strange INSIDE encapsulated 431 packet. Well, he is fool, but what can we do ? 432 */ 433 rel_type = ICMP_PARAMETERPROB; 434 rel_info = skb->h.icmph->un.gateway - grehlen; 435 break; 436 437 case ICMP_DEST_UNREACH: 438 switch (code) { 439 case ICMP_SR_FAILED: 440 case ICMP_PORT_UNREACH: 441 /* Impossible event. */ 442 return; 443 case ICMP_FRAG_NEEDED: 444 /* And it is the only really necessary thing :-) */ 445 rel_info = ntohs(skb->h.icmph->un.frag.mtu); 446 if (rel_info < grehlen+68) 447 return; 448 rel_info -= grehlen; 449 /* BSD 4.2 MORE DOES NOT EXIST IN NATURE. */ 450 if (rel_info > ntohs(eiph->tot_len)) 451 return; 452 break; 453 default: 454 /* All others are translated to HOST_UNREACH. 455 rfc2003 contains "deep thoughts" about NET_UNREACH, 456 I believe, it is just ether pollution. --ANK 457 */ 458 rel_type = ICMP_DEST_UNREACH; 459 rel_code = ICMP_HOST_UNREACH; 460 break; 461 } 462 break; 463 case ICMP_TIME_EXCEEDED: 464 if (code != ICMP_EXC_TTL) 465 return; 466 break; 467 } 468 469 /* Prepare fake skb to feed it to icmp_send */ 470 skb2 = skb_clone(skb, GFP_ATOMIC); 471 if (skb2 == NULL) 472 return; 473 dst_release(skb2->dst); 474 skb2->dst = NULL; 475 skb_pull(skb2, skb->data - (u8*)eiph); 476 skb2->nh.raw = skb2->data; 477 478 /* Try to guess incoming interface */ 479 memset(&fl, 0, sizeof(fl)); 480 fl.fl4_dst = eiph->saddr; 481 fl.fl4_tos = RT_TOS(eiph->tos); 482 fl.proto = IPPROTO_GRE; 483 if (ip_route_output_key(&rt, &fl)) { 484 kfree_skb(skb2); 485 return; 486 } 487 skb2->dev = rt->u.dst.dev; 488 489 /* route "incoming" packet */ 490 if (rt->rt_flags&RTCF_LOCAL) { 491 ip_rt_put(rt); 492 rt = NULL; 493 fl.fl4_dst = eiph->daddr; 494 fl.fl4_src = eiph->saddr; 495 fl.fl4_tos = eiph->tos; 496 if (ip_route_output_key(&rt, &fl) || 497 rt->u.dst.dev->type != ARPHRD_IPGRE) { 498 ip_rt_put(rt); 499 kfree_skb(skb2); 500 return; 501 } 502 } else { 503 ip_rt_put(rt); 504 if (ip_route_input(skb2, eiph->daddr, eiph->saddr, eiph->tos, skb2->dev) || 505 skb2->dst->dev->type != ARPHRD_IPGRE) { 506 kfree_skb(skb2); 507 return; 508 } 509 } 510 511 /* change mtu on this route */ 512 if (type == ICMP_DEST_UNREACH && code == ICMP_FRAG_NEEDED) { 513 if (rel_info > dst_mtu(skb2->dst)) { 514 kfree_skb(skb2); 515 return; 516 } 517 skb2->dst->ops->update_pmtu(skb2->dst, rel_info); 518 rel_info = htonl(rel_info); 519 } else if (type == ICMP_TIME_EXCEEDED) { 520 struct ip_tunnel *t = (struct ip_tunnel*)skb2->dev->priv; 521 if (t->parms.iph.ttl) { 522 rel_type = ICMP_DEST_UNREACH; 523 rel_code = ICMP_HOST_UNREACH; 524 } 525 } 526 527 icmp_send(skb2, rel_type, rel_code, rel_info); 528 kfree_skb(skb2); 529 #endif 530 } 531 532 static inline void ipgre_ecn_decapsulate(struct iphdr *iph, struct sk_buff *skb) 533 { 534 if (INET_ECN_is_ce(iph->tos)) { 535 if (skb->protocol == htons(ETH_P_IP)) { 536 IP_ECN_set_ce(skb->nh.iph); 537 } else if (skb->protocol == htons(ETH_P_IPV6)) { 538 IP6_ECN_set_ce(skb->nh.ipv6h); 539 } 540 } 541 } 542 543 static inline u8 544 ipgre_ecn_encapsulate(u8 tos, struct iphdr *old_iph, struct sk_buff *skb) 545 { 546 u8 inner = 0; 547 if (skb->protocol == htons(ETH_P_IP)) 548 inner = old_iph->tos; 549 else if (skb->protocol == htons(ETH_P_IPV6)) 550 inner = ipv6_get_dsfield((struct ipv6hdr *)old_iph); 551 return INET_ECN_encapsulate(tos, inner); 552 } 553 554 static int ipgre_rcv(struct sk_buff *skb) 555 { 556 struct iphdr *iph; 557 u8 *h; 558 u16 flags; 559 u16 csum = 0; 560 u32 key = 0; 561 u32 seqno = 0; 562 struct ip_tunnel *tunnel; 563 int offset = 4; 564 565 if (!pskb_may_pull(skb, 16)) 566 goto drop_nolock; 567 568 iph = skb->nh.iph; 569 h = skb->data; 570 flags = *(u16*)h; 571 572 if (flags&(GRE_CSUM|GRE_KEY|GRE_ROUTING|GRE_SEQ|GRE_VERSION)) { 573 /* - Version must be 0. 574 - We do not support routing headers. 575 */ 576 if (flags&(GRE_VERSION|GRE_ROUTING)) 577 goto drop_nolock; 578 579 if (flags&GRE_CSUM) { 580 switch (skb->ip_summed) { 581 case CHECKSUM_HW: 582 csum = (u16)csum_fold(skb->csum); 583 if (!csum) 584 break; 585 /* fall through */ 586 case CHECKSUM_NONE: 587 skb->csum = 0; 588 csum = __skb_checksum_complete(skb); 589 skb->ip_summed = CHECKSUM_HW; 590 } 591 offset += 4; 592 } 593 if (flags&GRE_KEY) { 594 key = *(u32*)(h + offset); 595 offset += 4; 596 } 597 if (flags&GRE_SEQ) { 598 seqno = ntohl(*(u32*)(h + offset)); 599 offset += 4; 600 } 601 } 602 603 read_lock(&ipgre_lock); 604 if ((tunnel = ipgre_tunnel_lookup(iph->saddr, iph->daddr, key)) != NULL) { 605 secpath_reset(skb); 606 607 skb->protocol = *(u16*)(h + 2); 608 /* WCCP version 1 and 2 protocol decoding. 609 * - Change protocol to IP 610 * - When dealing with WCCPv2, Skip extra 4 bytes in GRE header 611 */ 612 if (flags == 0 && 613 skb->protocol == __constant_htons(ETH_P_WCCP)) { 614 skb->protocol = __constant_htons(ETH_P_IP); 615 if ((*(h + offset) & 0xF0) != 0x40) 616 offset += 4; 617 } 618 619 skb->mac.raw = skb->nh.raw; 620 skb->nh.raw = __pskb_pull(skb, offset); 621 skb_postpull_rcsum(skb, skb->h.raw, offset); 622 memset(&(IPCB(skb)->opt), 0, sizeof(struct ip_options)); 623 skb->pkt_type = PACKET_HOST; 624 #ifdef CONFIG_NET_IPGRE_BROADCAST 625 if (MULTICAST(iph->daddr)) { 626 /* Looped back packet, drop it! */ 627 if (((struct rtable*)skb->dst)->fl.iif == 0) 628 goto drop; 629 tunnel->stat.multicast++; 630 skb->pkt_type = PACKET_BROADCAST; 631 } 632 #endif 633 634 if (((flags&GRE_CSUM) && csum) || 635 (!(flags&GRE_CSUM) && tunnel->parms.i_flags&GRE_CSUM)) { 636 tunnel->stat.rx_crc_errors++; 637 tunnel->stat.rx_errors++; 638 goto drop; 639 } 640 if (tunnel->parms.i_flags&GRE_SEQ) { 641 if (!(flags&GRE_SEQ) || 642 (tunnel->i_seqno && (s32)(seqno - tunnel->i_seqno) < 0)) { 643 tunnel->stat.rx_fifo_errors++; 644 tunnel->stat.rx_errors++; 645 goto drop; 646 } 647 tunnel->i_seqno = seqno + 1; 648 } 649 tunnel->stat.rx_packets++; 650 tunnel->stat.rx_bytes += skb->len; 651 skb->dev = tunnel->dev; 652 dst_release(skb->dst); 653 skb->dst = NULL; 654 nf_reset(skb); 655 ipgre_ecn_decapsulate(iph, skb); 656 netif_rx(skb); 657 read_unlock(&ipgre_lock); 658 return(0); 659 } 660 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_PROT_UNREACH, 0); 661 662 drop: 663 read_unlock(&ipgre_lock); 664 drop_nolock: 665 kfree_skb(skb); 666 return(0); 667 } 668 669 static int ipgre_tunnel_xmit(struct sk_buff *skb, struct net_device *dev) 670 { 671 struct ip_tunnel *tunnel = (struct ip_tunnel*)dev->priv; 672 struct net_device_stats *stats = &tunnel->stat; 673 struct iphdr *old_iph = skb->nh.iph; 674 struct iphdr *tiph; 675 u8 tos; 676 u16 df; 677 struct rtable *rt; /* Route to the other host */ 678 struct net_device *tdev; /* Device to other host */ 679 struct iphdr *iph; /* Our new IP header */ 680 int max_headroom; /* The extra header space needed */ 681 int gre_hlen; 682 u32 dst; 683 int mtu; 684 685 if (tunnel->recursion++) { 686 tunnel->stat.collisions++; 687 goto tx_error; 688 } 689 690 if (dev->hard_header) { 691 gre_hlen = 0; 692 tiph = (struct iphdr*)skb->data; 693 } else { 694 gre_hlen = tunnel->hlen; 695 tiph = &tunnel->parms.iph; 696 } 697 698 if ((dst = tiph->daddr) == 0) { 699 /* NBMA tunnel */ 700 701 if (skb->dst == NULL) { 702 tunnel->stat.tx_fifo_errors++; 703 goto tx_error; 704 } 705 706 if (skb->protocol == htons(ETH_P_IP)) { 707 rt = (struct rtable*)skb->dst; 708 if ((dst = rt->rt_gateway) == 0) 709 goto tx_error_icmp; 710 } 711 #ifdef CONFIG_IPV6 712 else if (skb->protocol == htons(ETH_P_IPV6)) { 713 struct in6_addr *addr6; 714 int addr_type; 715 struct neighbour *neigh = skb->dst->neighbour; 716 717 if (neigh == NULL) 718 goto tx_error; 719 720 addr6 = (struct in6_addr*)&neigh->primary_key; 721 addr_type = ipv6_addr_type(addr6); 722 723 if (addr_type == IPV6_ADDR_ANY) { 724 addr6 = &skb->nh.ipv6h->daddr; 725 addr_type = ipv6_addr_type(addr6); 726 } 727 728 if ((addr_type & IPV6_ADDR_COMPATv4) == 0) 729 goto tx_error_icmp; 730 731 dst = addr6->s6_addr32[3]; 732 } 733 #endif 734 else 735 goto tx_error; 736 } 737 738 tos = tiph->tos; 739 if (tos&1) { 740 if (skb->protocol == htons(ETH_P_IP)) 741 tos = old_iph->tos; 742 tos &= ~1; 743 } 744 745 { 746 struct flowi fl = { .oif = tunnel->parms.link, 747 .nl_u = { .ip4_u = 748 { .daddr = dst, 749 .saddr = tiph->saddr, 750 .tos = RT_TOS(tos) } }, 751 .proto = IPPROTO_GRE }; 752 if (ip_route_output_key(&rt, &fl)) { 753 tunnel->stat.tx_carrier_errors++; 754 goto tx_error; 755 } 756 } 757 tdev = rt->u.dst.dev; 758 759 if (tdev == dev) { 760 ip_rt_put(rt); 761 tunnel->stat.collisions++; 762 goto tx_error; 763 } 764 765 df = tiph->frag_off; 766 if (df) 767 mtu = dst_mtu(&rt->u.dst) - tunnel->hlen; 768 else 769 mtu = skb->dst ? dst_mtu(skb->dst) : dev->mtu; 770 771 if (skb->dst) 772 skb->dst->ops->update_pmtu(skb->dst, mtu); 773 774 if (skb->protocol == htons(ETH_P_IP)) { 775 df |= (old_iph->frag_off&htons(IP_DF)); 776 777 if ((old_iph->frag_off&htons(IP_DF)) && 778 mtu < ntohs(old_iph->tot_len)) { 779 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED, htonl(mtu)); 780 ip_rt_put(rt); 781 goto tx_error; 782 } 783 } 784 #ifdef CONFIG_IPV6 785 else if (skb->protocol == htons(ETH_P_IPV6)) { 786 struct rt6_info *rt6 = (struct rt6_info*)skb->dst; 787 788 if (rt6 && mtu < dst_mtu(skb->dst) && mtu >= IPV6_MIN_MTU) { 789 if ((tunnel->parms.iph.daddr && !MULTICAST(tunnel->parms.iph.daddr)) || 790 rt6->rt6i_dst.plen == 128) { 791 rt6->rt6i_flags |= RTF_MODIFIED; 792 skb->dst->metrics[RTAX_MTU-1] = mtu; 793 } 794 } 795 796 if (mtu >= IPV6_MIN_MTU && mtu < skb->len - tunnel->hlen + gre_hlen) { 797 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu, dev); 798 ip_rt_put(rt); 799 goto tx_error; 800 } 801 } 802 #endif 803 804 if (tunnel->err_count > 0) { 805 if (jiffies - tunnel->err_time < IPTUNNEL_ERR_TIMEO) { 806 tunnel->err_count--; 807 808 dst_link_failure(skb); 809 } else 810 tunnel->err_count = 0; 811 } 812 813 max_headroom = LL_RESERVED_SPACE(tdev) + gre_hlen; 814 815 if (skb_headroom(skb) < max_headroom || skb_cloned(skb) || skb_shared(skb)) { 816 struct sk_buff *new_skb = skb_realloc_headroom(skb, max_headroom); 817 if (!new_skb) { 818 ip_rt_put(rt); 819 stats->tx_dropped++; 820 dev_kfree_skb(skb); 821 tunnel->recursion--; 822 return 0; 823 } 824 if (skb->sk) 825 skb_set_owner_w(new_skb, skb->sk); 826 dev_kfree_skb(skb); 827 skb = new_skb; 828 old_iph = skb->nh.iph; 829 } 830 831 skb->h.raw = skb->nh.raw; 832 skb->nh.raw = skb_push(skb, gre_hlen); 833 memset(&(IPCB(skb)->opt), 0, sizeof(IPCB(skb)->opt)); 834 dst_release(skb->dst); 835 skb->dst = &rt->u.dst; 836 837 /* 838 * Push down and install the IPIP header. 839 */ 840 841 iph = skb->nh.iph; 842 iph->version = 4; 843 iph->ihl = sizeof(struct iphdr) >> 2; 844 iph->frag_off = df; 845 iph->protocol = IPPROTO_GRE; 846 iph->tos = ipgre_ecn_encapsulate(tos, old_iph, skb); 847 iph->daddr = rt->rt_dst; 848 iph->saddr = rt->rt_src; 849 850 if ((iph->ttl = tiph->ttl) == 0) { 851 if (skb->protocol == htons(ETH_P_IP)) 852 iph->ttl = old_iph->ttl; 853 #ifdef CONFIG_IPV6 854 else if (skb->protocol == htons(ETH_P_IPV6)) 855 iph->ttl = ((struct ipv6hdr*)old_iph)->hop_limit; 856 #endif 857 else 858 iph->ttl = dst_metric(&rt->u.dst, RTAX_HOPLIMIT); 859 } 860 861 ((u16*)(iph+1))[0] = tunnel->parms.o_flags; 862 ((u16*)(iph+1))[1] = skb->protocol; 863 864 if (tunnel->parms.o_flags&(GRE_KEY|GRE_CSUM|GRE_SEQ)) { 865 u32 *ptr = (u32*)(((u8*)iph) + tunnel->hlen - 4); 866 867 if (tunnel->parms.o_flags&GRE_SEQ) { 868 ++tunnel->o_seqno; 869 *ptr = htonl(tunnel->o_seqno); 870 ptr--; 871 } 872 if (tunnel->parms.o_flags&GRE_KEY) { 873 *ptr = tunnel->parms.o_key; 874 ptr--; 875 } 876 if (tunnel->parms.o_flags&GRE_CSUM) { 877 *ptr = 0; 878 *(__u16*)ptr = ip_compute_csum((void*)(iph+1), skb->len - sizeof(struct iphdr)); 879 } 880 } 881 882 nf_reset(skb); 883 884 IPTUNNEL_XMIT(); 885 tunnel->recursion--; 886 return 0; 887 888 tx_error_icmp: 889 dst_link_failure(skb); 890 891 tx_error: 892 stats->tx_errors++; 893 dev_kfree_skb(skb); 894 tunnel->recursion--; 895 return 0; 896 } 897 898 static int 899 ipgre_tunnel_ioctl (struct net_device *dev, struct ifreq *ifr, int cmd) 900 { 901 int err = 0; 902 struct ip_tunnel_parm p; 903 struct ip_tunnel *t; 904 905 switch (cmd) { 906 case SIOCGETTUNNEL: 907 t = NULL; 908 if (dev == ipgre_fb_tunnel_dev) { 909 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p))) { 910 err = -EFAULT; 911 break; 912 } 913 t = ipgre_tunnel_locate(&p, 0); 914 } 915 if (t == NULL) 916 t = (struct ip_tunnel*)dev->priv; 917 memcpy(&p, &t->parms, sizeof(p)); 918 if (copy_to_user(ifr->ifr_ifru.ifru_data, &p, sizeof(p))) 919 err = -EFAULT; 920 break; 921 922 case SIOCADDTUNNEL: 923 case SIOCCHGTUNNEL: 924 err = -EPERM; 925 if (!capable(CAP_NET_ADMIN)) 926 goto done; 927 928 err = -EFAULT; 929 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p))) 930 goto done; 931 932 err = -EINVAL; 933 if (p.iph.version != 4 || p.iph.protocol != IPPROTO_GRE || 934 p.iph.ihl != 5 || (p.iph.frag_off&htons(~IP_DF)) || 935 ((p.i_flags|p.o_flags)&(GRE_VERSION|GRE_ROUTING))) 936 goto done; 937 if (p.iph.ttl) 938 p.iph.frag_off |= htons(IP_DF); 939 940 if (!(p.i_flags&GRE_KEY)) 941 p.i_key = 0; 942 if (!(p.o_flags&GRE_KEY)) 943 p.o_key = 0; 944 945 t = ipgre_tunnel_locate(&p, cmd == SIOCADDTUNNEL); 946 947 if (dev != ipgre_fb_tunnel_dev && cmd == SIOCCHGTUNNEL) { 948 if (t != NULL) { 949 if (t->dev != dev) { 950 err = -EEXIST; 951 break; 952 } 953 } else { 954 unsigned nflags=0; 955 956 t = (struct ip_tunnel*)dev->priv; 957 958 if (MULTICAST(p.iph.daddr)) 959 nflags = IFF_BROADCAST; 960 else if (p.iph.daddr) 961 nflags = IFF_POINTOPOINT; 962 963 if ((dev->flags^nflags)&(IFF_POINTOPOINT|IFF_BROADCAST)) { 964 err = -EINVAL; 965 break; 966 } 967 ipgre_tunnel_unlink(t); 968 t->parms.iph.saddr = p.iph.saddr; 969 t->parms.iph.daddr = p.iph.daddr; 970 t->parms.i_key = p.i_key; 971 t->parms.o_key = p.o_key; 972 memcpy(dev->dev_addr, &p.iph.saddr, 4); 973 memcpy(dev->broadcast, &p.iph.daddr, 4); 974 ipgre_tunnel_link(t); 975 netdev_state_change(dev); 976 } 977 } 978 979 if (t) { 980 err = 0; 981 if (cmd == SIOCCHGTUNNEL) { 982 t->parms.iph.ttl = p.iph.ttl; 983 t->parms.iph.tos = p.iph.tos; 984 t->parms.iph.frag_off = p.iph.frag_off; 985 } 986 if (copy_to_user(ifr->ifr_ifru.ifru_data, &t->parms, sizeof(p))) 987 err = -EFAULT; 988 } else 989 err = (cmd == SIOCADDTUNNEL ? -ENOBUFS : -ENOENT); 990 break; 991 992 case SIOCDELTUNNEL: 993 err = -EPERM; 994 if (!capable(CAP_NET_ADMIN)) 995 goto done; 996 997 if (dev == ipgre_fb_tunnel_dev) { 998 err = -EFAULT; 999 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p))) 1000 goto done; 1001 err = -ENOENT; 1002 if ((t = ipgre_tunnel_locate(&p, 0)) == NULL) 1003 goto done; 1004 err = -EPERM; 1005 if (t == ipgre_fb_tunnel_dev->priv) 1006 goto done; 1007 dev = t->dev; 1008 } 1009 err = unregister_netdevice(dev); 1010 break; 1011 1012 default: 1013 err = -EINVAL; 1014 } 1015 1016 done: 1017 return err; 1018 } 1019 1020 static struct net_device_stats *ipgre_tunnel_get_stats(struct net_device *dev) 1021 { 1022 return &(((struct ip_tunnel*)dev->priv)->stat); 1023 } 1024 1025 static int ipgre_tunnel_change_mtu(struct net_device *dev, int new_mtu) 1026 { 1027 struct ip_tunnel *tunnel = (struct ip_tunnel*)dev->priv; 1028 if (new_mtu < 68 || new_mtu > 0xFFF8 - tunnel->hlen) 1029 return -EINVAL; 1030 dev->mtu = new_mtu; 1031 return 0; 1032 } 1033 1034 #ifdef CONFIG_NET_IPGRE_BROADCAST 1035 /* Nice toy. Unfortunately, useless in real life :-) 1036 It allows to construct virtual multiprotocol broadcast "LAN" 1037 over the Internet, provided multicast routing is tuned. 1038 1039 1040 I have no idea was this bicycle invented before me, 1041 so that I had to set ARPHRD_IPGRE to a random value. 1042 I have an impression, that Cisco could make something similar, 1043 but this feature is apparently missing in IOS<=11.2(8). 1044 1045 I set up 10.66.66/24 and fec0:6666:6666::0/96 as virtual networks 1046 with broadcast 224.66.66.66. If you have access to mbone, play with me :-) 1047 1048 ping -t 255 224.66.66.66 1049 1050 If nobody answers, mbone does not work. 1051 1052 ip tunnel add Universe mode gre remote 224.66.66.66 local <Your_real_addr> ttl 255 1053 ip addr add 10.66.66.<somewhat>/24 dev Universe 1054 ifconfig Universe up 1055 ifconfig Universe add fe80::<Your_real_addr>/10 1056 ifconfig Universe add fec0:6666:6666::<Your_real_addr>/96 1057 ftp 10.66.66.66 1058 ... 1059 ftp fec0:6666:6666::193.233.7.65 1060 ... 1061 1062 */ 1063 1064 static int ipgre_header(struct sk_buff *skb, struct net_device *dev, unsigned short type, 1065 void *daddr, void *saddr, unsigned len) 1066 { 1067 struct ip_tunnel *t = (struct ip_tunnel*)dev->priv; 1068 struct iphdr *iph = (struct iphdr *)skb_push(skb, t->hlen); 1069 u16 *p = (u16*)(iph+1); 1070 1071 memcpy(iph, &t->parms.iph, sizeof(struct iphdr)); 1072 p[0] = t->parms.o_flags; 1073 p[1] = htons(type); 1074 1075 /* 1076 * Set the source hardware address. 1077 */ 1078 1079 if (saddr) 1080 memcpy(&iph->saddr, saddr, 4); 1081 1082 if (daddr) { 1083 memcpy(&iph->daddr, daddr, 4); 1084 return t->hlen; 1085 } 1086 if (iph->daddr && !MULTICAST(iph->daddr)) 1087 return t->hlen; 1088 1089 return -t->hlen; 1090 } 1091 1092 static int ipgre_open(struct net_device *dev) 1093 { 1094 struct ip_tunnel *t = (struct ip_tunnel*)dev->priv; 1095 1096 if (MULTICAST(t->parms.iph.daddr)) { 1097 struct flowi fl = { .oif = t->parms.link, 1098 .nl_u = { .ip4_u = 1099 { .daddr = t->parms.iph.daddr, 1100 .saddr = t->parms.iph.saddr, 1101 .tos = RT_TOS(t->parms.iph.tos) } }, 1102 .proto = IPPROTO_GRE }; 1103 struct rtable *rt; 1104 if (ip_route_output_key(&rt, &fl)) 1105 return -EADDRNOTAVAIL; 1106 dev = rt->u.dst.dev; 1107 ip_rt_put(rt); 1108 if (__in_dev_get_rtnl(dev) == NULL) 1109 return -EADDRNOTAVAIL; 1110 t->mlink = dev->ifindex; 1111 ip_mc_inc_group(__in_dev_get_rtnl(dev), t->parms.iph.daddr); 1112 } 1113 return 0; 1114 } 1115 1116 static int ipgre_close(struct net_device *dev) 1117 { 1118 struct ip_tunnel *t = (struct ip_tunnel*)dev->priv; 1119 if (MULTICAST(t->parms.iph.daddr) && t->mlink) { 1120 struct in_device *in_dev = inetdev_by_index(t->mlink); 1121 if (in_dev) { 1122 ip_mc_dec_group(in_dev, t->parms.iph.daddr); 1123 in_dev_put(in_dev); 1124 } 1125 } 1126 return 0; 1127 } 1128 1129 #endif 1130 1131 static void ipgre_tunnel_setup(struct net_device *dev) 1132 { 1133 SET_MODULE_OWNER(dev); 1134 dev->uninit = ipgre_tunnel_uninit; 1135 dev->destructor = free_netdev; 1136 dev->hard_start_xmit = ipgre_tunnel_xmit; 1137 dev->get_stats = ipgre_tunnel_get_stats; 1138 dev->do_ioctl = ipgre_tunnel_ioctl; 1139 dev->change_mtu = ipgre_tunnel_change_mtu; 1140 1141 dev->type = ARPHRD_IPGRE; 1142 dev->hard_header_len = LL_MAX_HEADER + sizeof(struct iphdr) + 4; 1143 dev->mtu = 1500 - sizeof(struct iphdr) - 4; 1144 dev->flags = IFF_NOARP; 1145 dev->iflink = 0; 1146 dev->addr_len = 4; 1147 } 1148 1149 static int ipgre_tunnel_init(struct net_device *dev) 1150 { 1151 struct net_device *tdev = NULL; 1152 struct ip_tunnel *tunnel; 1153 struct iphdr *iph; 1154 int hlen = LL_MAX_HEADER; 1155 int mtu = 1500; 1156 int addend = sizeof(struct iphdr) + 4; 1157 1158 tunnel = (struct ip_tunnel*)dev->priv; 1159 iph = &tunnel->parms.iph; 1160 1161 tunnel->dev = dev; 1162 strcpy(tunnel->parms.name, dev->name); 1163 1164 memcpy(dev->dev_addr, &tunnel->parms.iph.saddr, 4); 1165 memcpy(dev->broadcast, &tunnel->parms.iph.daddr, 4); 1166 1167 /* Guess output device to choose reasonable mtu and hard_header_len */ 1168 1169 if (iph->daddr) { 1170 struct flowi fl = { .oif = tunnel->parms.link, 1171 .nl_u = { .ip4_u = 1172 { .daddr = iph->daddr, 1173 .saddr = iph->saddr, 1174 .tos = RT_TOS(iph->tos) } }, 1175 .proto = IPPROTO_GRE }; 1176 struct rtable *rt; 1177 if (!ip_route_output_key(&rt, &fl)) { 1178 tdev = rt->u.dst.dev; 1179 ip_rt_put(rt); 1180 } 1181 1182 dev->flags |= IFF_POINTOPOINT; 1183 1184 #ifdef CONFIG_NET_IPGRE_BROADCAST 1185 if (MULTICAST(iph->daddr)) { 1186 if (!iph->saddr) 1187 return -EINVAL; 1188 dev->flags = IFF_BROADCAST; 1189 dev->hard_header = ipgre_header; 1190 dev->open = ipgre_open; 1191 dev->stop = ipgre_close; 1192 } 1193 #endif 1194 } 1195 1196 if (!tdev && tunnel->parms.link) 1197 tdev = __dev_get_by_index(tunnel->parms.link); 1198 1199 if (tdev) { 1200 hlen = tdev->hard_header_len; 1201 mtu = tdev->mtu; 1202 } 1203 dev->iflink = tunnel->parms.link; 1204 1205 /* Precalculate GRE options length */ 1206 if (tunnel->parms.o_flags&(GRE_CSUM|GRE_KEY|GRE_SEQ)) { 1207 if (tunnel->parms.o_flags&GRE_CSUM) 1208 addend += 4; 1209 if (tunnel->parms.o_flags&GRE_KEY) 1210 addend += 4; 1211 if (tunnel->parms.o_flags&GRE_SEQ) 1212 addend += 4; 1213 } 1214 dev->hard_header_len = hlen + addend; 1215 dev->mtu = mtu - addend; 1216 tunnel->hlen = addend; 1217 return 0; 1218 } 1219 1220 static int __init ipgre_fb_tunnel_init(struct net_device *dev) 1221 { 1222 struct ip_tunnel *tunnel = (struct ip_tunnel*)dev->priv; 1223 struct iphdr *iph = &tunnel->parms.iph; 1224 1225 tunnel->dev = dev; 1226 strcpy(tunnel->parms.name, dev->name); 1227 1228 iph->version = 4; 1229 iph->protocol = IPPROTO_GRE; 1230 iph->ihl = 5; 1231 tunnel->hlen = sizeof(struct iphdr) + 4; 1232 1233 dev_hold(dev); 1234 tunnels_wc[0] = tunnel; 1235 return 0; 1236 } 1237 1238 1239 static struct net_protocol ipgre_protocol = { 1240 .handler = ipgre_rcv, 1241 .err_handler = ipgre_err, 1242 }; 1243 1244 1245 /* 1246 * And now the modules code and kernel interface. 1247 */ 1248 1249 static int __init ipgre_init(void) 1250 { 1251 int err; 1252 1253 printk(KERN_INFO "GRE over IPv4 tunneling driver\n"); 1254 1255 if (inet_add_protocol(&ipgre_protocol, IPPROTO_GRE) < 0) { 1256 printk(KERN_INFO "ipgre init: can't add protocol\n"); 1257 return -EAGAIN; 1258 } 1259 1260 ipgre_fb_tunnel_dev = alloc_netdev(sizeof(struct ip_tunnel), "gre0", 1261 ipgre_tunnel_setup); 1262 if (!ipgre_fb_tunnel_dev) { 1263 err = -ENOMEM; 1264 goto err1; 1265 } 1266 1267 ipgre_fb_tunnel_dev->init = ipgre_fb_tunnel_init; 1268 1269 if ((err = register_netdev(ipgre_fb_tunnel_dev))) 1270 goto err2; 1271 out: 1272 return err; 1273 err2: 1274 free_netdev(ipgre_fb_tunnel_dev); 1275 err1: 1276 inet_del_protocol(&ipgre_protocol, IPPROTO_GRE); 1277 goto out; 1278 } 1279 1280 static void __exit ipgre_destroy_tunnels(void) 1281 { 1282 int prio; 1283 1284 for (prio = 0; prio < 4; prio++) { 1285 int h; 1286 for (h = 0; h < HASH_SIZE; h++) { 1287 struct ip_tunnel *t; 1288 while ((t = tunnels[prio][h]) != NULL) 1289 unregister_netdevice(t->dev); 1290 } 1291 } 1292 } 1293 1294 static void __exit ipgre_fini(void) 1295 { 1296 if (inet_del_protocol(&ipgre_protocol, IPPROTO_GRE) < 0) 1297 printk(KERN_INFO "ipgre close: can't remove protocol\n"); 1298 1299 rtnl_lock(); 1300 ipgre_destroy_tunnels(); 1301 rtnl_unlock(); 1302 } 1303 1304 module_init(ipgre_init); 1305 module_exit(ipgre_fini); 1306 MODULE_LICENSE("GPL"); 1307