1 /* 2 * Linux NET3: GRE over IP protocol decoder. 3 * 4 * Authors: Alexey Kuznetsov (kuznet@ms2.inr.ac.ru) 5 * 6 * This program is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU General Public License 8 * as published by the Free Software Foundation; either version 9 * 2 of the License, or (at your option) any later version. 10 * 11 */ 12 13 #include <linux/capability.h> 14 #include <linux/module.h> 15 #include <linux/types.h> 16 #include <linux/kernel.h> 17 #include <asm/uaccess.h> 18 #include <linux/skbuff.h> 19 #include <linux/netdevice.h> 20 #include <linux/in.h> 21 #include <linux/tcp.h> 22 #include <linux/udp.h> 23 #include <linux/if_arp.h> 24 #include <linux/mroute.h> 25 #include <linux/init.h> 26 #include <linux/in6.h> 27 #include <linux/inetdevice.h> 28 #include <linux/igmp.h> 29 #include <linux/netfilter_ipv4.h> 30 #include <linux/if_ether.h> 31 32 #include <net/sock.h> 33 #include <net/ip.h> 34 #include <net/icmp.h> 35 #include <net/protocol.h> 36 #include <net/ipip.h> 37 #include <net/arp.h> 38 #include <net/checksum.h> 39 #include <net/dsfield.h> 40 #include <net/inet_ecn.h> 41 #include <net/xfrm.h> 42 43 #ifdef CONFIG_IPV6 44 #include <net/ipv6.h> 45 #include <net/ip6_fib.h> 46 #include <net/ip6_route.h> 47 #endif 48 49 /* 50 Problems & solutions 51 -------------------- 52 53 1. The most important issue is detecting local dead loops. 54 They would cause complete host lockup in transmit, which 55 would be "resolved" by stack overflow or, if queueing is enabled, 56 with infinite looping in net_bh. 57 58 We cannot track such dead loops during route installation, 59 it is infeasible task. The most general solutions would be 60 to keep skb->encapsulation counter (sort of local ttl), 61 and silently drop packet when it expires. It is the best 62 solution, but it supposes maintaing new variable in ALL 63 skb, even if no tunneling is used. 64 65 Current solution: t->recursion lock breaks dead loops. It looks 66 like dev->tbusy flag, but I preferred new variable, because 67 the semantics is different. One day, when hard_start_xmit 68 will be multithreaded we will have to use skb->encapsulation. 69 70 71 72 2. Networking dead loops would not kill routers, but would really 73 kill network. IP hop limit plays role of "t->recursion" in this case, 74 if we copy it from packet being encapsulated to upper header. 75 It is very good solution, but it introduces two problems: 76 77 - Routing protocols, using packets with ttl=1 (OSPF, RIP2), 78 do not work over tunnels. 79 - traceroute does not work. I planned to relay ICMP from tunnel, 80 so that this problem would be solved and traceroute output 81 would even more informative. This idea appeared to be wrong: 82 only Linux complies to rfc1812 now (yes, guys, Linux is the only 83 true router now :-)), all routers (at least, in neighbourhood of mine) 84 return only 8 bytes of payload. It is the end. 85 86 Hence, if we want that OSPF worked or traceroute said something reasonable, 87 we should search for another solution. 88 89 One of them is to parse packet trying to detect inner encapsulation 90 made by our node. It is difficult or even impossible, especially, 91 taking into account fragmentation. TO be short, tt is not solution at all. 92 93 Current solution: The solution was UNEXPECTEDLY SIMPLE. 94 We force DF flag on tunnels with preconfigured hop limit, 95 that is ALL. :-) Well, it does not remove the problem completely, 96 but exponential growth of network traffic is changed to linear 97 (branches, that exceed pmtu are pruned) and tunnel mtu 98 fastly degrades to value <68, where looping stops. 99 Yes, it is not good if there exists a router in the loop, 100 which does not force DF, even when encapsulating packets have DF set. 101 But it is not our problem! Nobody could accuse us, we made 102 all that we could make. Even if it is your gated who injected 103 fatal route to network, even if it were you who configured 104 fatal static route: you are innocent. :-) 105 106 107 108 3. Really, ipv4/ipip.c, ipv4/ip_gre.c and ipv6/sit.c contain 109 practically identical code. It would be good to glue them 110 together, but it is not very evident, how to make them modular. 111 sit is integral part of IPv6, ipip and gre are naturally modular. 112 We could extract common parts (hash table, ioctl etc) 113 to a separate module (ip_tunnel.c). 114 115 Alexey Kuznetsov. 116 */ 117 118 static int ipgre_tunnel_init(struct net_device *dev); 119 static void ipgre_tunnel_setup(struct net_device *dev); 120 121 /* Fallback tunnel: no source, no destination, no key, no options */ 122 123 static int ipgre_fb_tunnel_init(struct net_device *dev); 124 125 static struct net_device *ipgre_fb_tunnel_dev; 126 127 /* Tunnel hash table */ 128 129 /* 130 4 hash tables: 131 132 3: (remote,local) 133 2: (remote,*) 134 1: (*,local) 135 0: (*,*) 136 137 We require exact key match i.e. if a key is present in packet 138 it will match only tunnel with the same key; if it is not present, 139 it will match only keyless tunnel. 140 141 All keysless packets, if not matched configured keyless tunnels 142 will match fallback tunnel. 143 */ 144 145 #define HASH_SIZE 16 146 #define HASH(addr) (((__force u32)addr^((__force u32)addr>>4))&0xF) 147 148 static struct ip_tunnel *tunnels[4][HASH_SIZE]; 149 150 #define tunnels_r_l (tunnels[3]) 151 #define tunnels_r (tunnels[2]) 152 #define tunnels_l (tunnels[1]) 153 #define tunnels_wc (tunnels[0]) 154 155 static DEFINE_RWLOCK(ipgre_lock); 156 157 /* Given src, dst and key, find appropriate for input tunnel. */ 158 159 static struct ip_tunnel * ipgre_tunnel_lookup(__be32 remote, __be32 local, __be32 key) 160 { 161 unsigned h0 = HASH(remote); 162 unsigned h1 = HASH(key); 163 struct ip_tunnel *t; 164 165 for (t = tunnels_r_l[h0^h1]; t; t = t->next) { 166 if (local == t->parms.iph.saddr && remote == t->parms.iph.daddr) { 167 if (t->parms.i_key == key && (t->dev->flags&IFF_UP)) 168 return t; 169 } 170 } 171 for (t = tunnels_r[h0^h1]; t; t = t->next) { 172 if (remote == t->parms.iph.daddr) { 173 if (t->parms.i_key == key && (t->dev->flags&IFF_UP)) 174 return t; 175 } 176 } 177 for (t = tunnels_l[h1]; t; t = t->next) { 178 if (local == t->parms.iph.saddr || 179 (local == t->parms.iph.daddr && MULTICAST(local))) { 180 if (t->parms.i_key == key && (t->dev->flags&IFF_UP)) 181 return t; 182 } 183 } 184 for (t = tunnels_wc[h1]; t; t = t->next) { 185 if (t->parms.i_key == key && (t->dev->flags&IFF_UP)) 186 return t; 187 } 188 189 if (ipgre_fb_tunnel_dev->flags&IFF_UP) 190 return netdev_priv(ipgre_fb_tunnel_dev); 191 return NULL; 192 } 193 194 static struct ip_tunnel **ipgre_bucket(struct ip_tunnel *t) 195 { 196 __be32 remote = t->parms.iph.daddr; 197 __be32 local = t->parms.iph.saddr; 198 __be32 key = t->parms.i_key; 199 unsigned h = HASH(key); 200 int prio = 0; 201 202 if (local) 203 prio |= 1; 204 if (remote && !MULTICAST(remote)) { 205 prio |= 2; 206 h ^= HASH(remote); 207 } 208 209 return &tunnels[prio][h]; 210 } 211 212 static void ipgre_tunnel_link(struct ip_tunnel *t) 213 { 214 struct ip_tunnel **tp = ipgre_bucket(t); 215 216 t->next = *tp; 217 write_lock_bh(&ipgre_lock); 218 *tp = t; 219 write_unlock_bh(&ipgre_lock); 220 } 221 222 static void ipgre_tunnel_unlink(struct ip_tunnel *t) 223 { 224 struct ip_tunnel **tp; 225 226 for (tp = ipgre_bucket(t); *tp; tp = &(*tp)->next) { 227 if (t == *tp) { 228 write_lock_bh(&ipgre_lock); 229 *tp = t->next; 230 write_unlock_bh(&ipgre_lock); 231 break; 232 } 233 } 234 } 235 236 static struct ip_tunnel * ipgre_tunnel_locate(struct ip_tunnel_parm *parms, int create) 237 { 238 __be32 remote = parms->iph.daddr; 239 __be32 local = parms->iph.saddr; 240 __be32 key = parms->i_key; 241 struct ip_tunnel *t, **tp, *nt; 242 struct net_device *dev; 243 unsigned h = HASH(key); 244 int prio = 0; 245 char name[IFNAMSIZ]; 246 247 if (local) 248 prio |= 1; 249 if (remote && !MULTICAST(remote)) { 250 prio |= 2; 251 h ^= HASH(remote); 252 } 253 for (tp = &tunnels[prio][h]; (t = *tp) != NULL; tp = &t->next) { 254 if (local == t->parms.iph.saddr && remote == t->parms.iph.daddr) { 255 if (key == t->parms.i_key) 256 return t; 257 } 258 } 259 if (!create) 260 return NULL; 261 262 if (parms->name[0]) 263 strlcpy(name, parms->name, IFNAMSIZ); 264 else { 265 int i; 266 for (i=1; i<100; i++) { 267 sprintf(name, "gre%d", i); 268 if (__dev_get_by_name(name) == NULL) 269 break; 270 } 271 if (i==100) 272 goto failed; 273 } 274 275 dev = alloc_netdev(sizeof(*t), name, ipgre_tunnel_setup); 276 if (!dev) 277 return NULL; 278 279 dev->init = ipgre_tunnel_init; 280 nt = netdev_priv(dev); 281 nt->parms = *parms; 282 283 if (register_netdevice(dev) < 0) { 284 free_netdev(dev); 285 goto failed; 286 } 287 288 dev_hold(dev); 289 ipgre_tunnel_link(nt); 290 return nt; 291 292 failed: 293 return NULL; 294 } 295 296 static void ipgre_tunnel_uninit(struct net_device *dev) 297 { 298 ipgre_tunnel_unlink(netdev_priv(dev)); 299 dev_put(dev); 300 } 301 302 303 static void ipgre_err(struct sk_buff *skb, u32 info) 304 { 305 #ifndef I_WISH_WORLD_WERE_PERFECT 306 307 /* It is not :-( All the routers (except for Linux) return only 308 8 bytes of packet payload. It means, that precise relaying of 309 ICMP in the real Internet is absolutely infeasible. 310 311 Moreover, Cisco "wise men" put GRE key to the third word 312 in GRE header. It makes impossible maintaining even soft state for keyed 313 GRE tunnels with enabled checksum. Tell them "thank you". 314 315 Well, I wonder, rfc1812 was written by Cisco employee, 316 what the hell these idiots break standrads established 317 by themself??? 318 */ 319 320 struct iphdr *iph = (struct iphdr*)skb->data; 321 __be16 *p = (__be16*)(skb->data+(iph->ihl<<2)); 322 int grehlen = (iph->ihl<<2) + 4; 323 int type = skb->h.icmph->type; 324 int code = skb->h.icmph->code; 325 struct ip_tunnel *t; 326 __be16 flags; 327 328 flags = p[0]; 329 if (flags&(GRE_CSUM|GRE_KEY|GRE_SEQ|GRE_ROUTING|GRE_VERSION)) { 330 if (flags&(GRE_VERSION|GRE_ROUTING)) 331 return; 332 if (flags&GRE_KEY) { 333 grehlen += 4; 334 if (flags&GRE_CSUM) 335 grehlen += 4; 336 } 337 } 338 339 /* If only 8 bytes returned, keyed message will be dropped here */ 340 if (skb_headlen(skb) < grehlen) 341 return; 342 343 switch (type) { 344 default: 345 case ICMP_PARAMETERPROB: 346 return; 347 348 case ICMP_DEST_UNREACH: 349 switch (code) { 350 case ICMP_SR_FAILED: 351 case ICMP_PORT_UNREACH: 352 /* Impossible event. */ 353 return; 354 case ICMP_FRAG_NEEDED: 355 /* Soft state for pmtu is maintained by IP core. */ 356 return; 357 default: 358 /* All others are translated to HOST_UNREACH. 359 rfc2003 contains "deep thoughts" about NET_UNREACH, 360 I believe they are just ether pollution. --ANK 361 */ 362 break; 363 } 364 break; 365 case ICMP_TIME_EXCEEDED: 366 if (code != ICMP_EXC_TTL) 367 return; 368 break; 369 } 370 371 read_lock(&ipgre_lock); 372 t = ipgre_tunnel_lookup(iph->daddr, iph->saddr, (flags&GRE_KEY) ? *(((__be32*)p) + (grehlen>>2) - 1) : 0); 373 if (t == NULL || t->parms.iph.daddr == 0 || MULTICAST(t->parms.iph.daddr)) 374 goto out; 375 376 if (t->parms.iph.ttl == 0 && type == ICMP_TIME_EXCEEDED) 377 goto out; 378 379 if (jiffies - t->err_time < IPTUNNEL_ERR_TIMEO) 380 t->err_count++; 381 else 382 t->err_count = 1; 383 t->err_time = jiffies; 384 out: 385 read_unlock(&ipgre_lock); 386 return; 387 #else 388 struct iphdr *iph = (struct iphdr*)dp; 389 struct iphdr *eiph; 390 __be16 *p = (__be16*)(dp+(iph->ihl<<2)); 391 int type = skb->h.icmph->type; 392 int code = skb->h.icmph->code; 393 int rel_type = 0; 394 int rel_code = 0; 395 __be32 rel_info = 0; 396 __u32 n = 0; 397 __be16 flags; 398 int grehlen = (iph->ihl<<2) + 4; 399 struct sk_buff *skb2; 400 struct flowi fl; 401 struct rtable *rt; 402 403 if (p[1] != htons(ETH_P_IP)) 404 return; 405 406 flags = p[0]; 407 if (flags&(GRE_CSUM|GRE_KEY|GRE_SEQ|GRE_ROUTING|GRE_VERSION)) { 408 if (flags&(GRE_VERSION|GRE_ROUTING)) 409 return; 410 if (flags&GRE_CSUM) 411 grehlen += 4; 412 if (flags&GRE_KEY) 413 grehlen += 4; 414 if (flags&GRE_SEQ) 415 grehlen += 4; 416 } 417 if (len < grehlen + sizeof(struct iphdr)) 418 return; 419 eiph = (struct iphdr*)(dp + grehlen); 420 421 switch (type) { 422 default: 423 return; 424 case ICMP_PARAMETERPROB: 425 n = ntohl(skb->h.icmph->un.gateway) >> 24; 426 if (n < (iph->ihl<<2)) 427 return; 428 429 /* So... This guy found something strange INSIDE encapsulated 430 packet. Well, he is fool, but what can we do ? 431 */ 432 rel_type = ICMP_PARAMETERPROB; 433 n -= grehlen; 434 rel_info = htonl(n << 24); 435 break; 436 437 case ICMP_DEST_UNREACH: 438 switch (code) { 439 case ICMP_SR_FAILED: 440 case ICMP_PORT_UNREACH: 441 /* Impossible event. */ 442 return; 443 case ICMP_FRAG_NEEDED: 444 /* And it is the only really necessary thing :-) */ 445 n = ntohs(skb->h.icmph->un.frag.mtu); 446 if (n < grehlen+68) 447 return; 448 n -= grehlen; 449 /* BSD 4.2 MORE DOES NOT EXIST IN NATURE. */ 450 if (n > ntohs(eiph->tot_len)) 451 return; 452 rel_info = htonl(n); 453 break; 454 default: 455 /* All others are translated to HOST_UNREACH. 456 rfc2003 contains "deep thoughts" about NET_UNREACH, 457 I believe, it is just ether pollution. --ANK 458 */ 459 rel_type = ICMP_DEST_UNREACH; 460 rel_code = ICMP_HOST_UNREACH; 461 break; 462 } 463 break; 464 case ICMP_TIME_EXCEEDED: 465 if (code != ICMP_EXC_TTL) 466 return; 467 break; 468 } 469 470 /* Prepare fake skb to feed it to icmp_send */ 471 skb2 = skb_clone(skb, GFP_ATOMIC); 472 if (skb2 == NULL) 473 return; 474 dst_release(skb2->dst); 475 skb2->dst = NULL; 476 skb_pull(skb2, skb->data - (u8*)eiph); 477 skb2->nh.raw = skb2->data; 478 479 /* Try to guess incoming interface */ 480 memset(&fl, 0, sizeof(fl)); 481 fl.fl4_dst = eiph->saddr; 482 fl.fl4_tos = RT_TOS(eiph->tos); 483 fl.proto = IPPROTO_GRE; 484 if (ip_route_output_key(&rt, &fl)) { 485 kfree_skb(skb2); 486 return; 487 } 488 skb2->dev = rt->u.dst.dev; 489 490 /* route "incoming" packet */ 491 if (rt->rt_flags&RTCF_LOCAL) { 492 ip_rt_put(rt); 493 rt = NULL; 494 fl.fl4_dst = eiph->daddr; 495 fl.fl4_src = eiph->saddr; 496 fl.fl4_tos = eiph->tos; 497 if (ip_route_output_key(&rt, &fl) || 498 rt->u.dst.dev->type != ARPHRD_IPGRE) { 499 ip_rt_put(rt); 500 kfree_skb(skb2); 501 return; 502 } 503 } else { 504 ip_rt_put(rt); 505 if (ip_route_input(skb2, eiph->daddr, eiph->saddr, eiph->tos, skb2->dev) || 506 skb2->dst->dev->type != ARPHRD_IPGRE) { 507 kfree_skb(skb2); 508 return; 509 } 510 } 511 512 /* change mtu on this route */ 513 if (type == ICMP_DEST_UNREACH && code == ICMP_FRAG_NEEDED) { 514 if (n > dst_mtu(skb2->dst)) { 515 kfree_skb(skb2); 516 return; 517 } 518 skb2->dst->ops->update_pmtu(skb2->dst, n); 519 } else if (type == ICMP_TIME_EXCEEDED) { 520 struct ip_tunnel *t = netdev_priv(skb2->dev); 521 if (t->parms.iph.ttl) { 522 rel_type = ICMP_DEST_UNREACH; 523 rel_code = ICMP_HOST_UNREACH; 524 } 525 } 526 527 icmp_send(skb2, rel_type, rel_code, rel_info); 528 kfree_skb(skb2); 529 #endif 530 } 531 532 static inline void ipgre_ecn_decapsulate(struct iphdr *iph, struct sk_buff *skb) 533 { 534 if (INET_ECN_is_ce(iph->tos)) { 535 if (skb->protocol == htons(ETH_P_IP)) { 536 IP_ECN_set_ce(skb->nh.iph); 537 } else if (skb->protocol == htons(ETH_P_IPV6)) { 538 IP6_ECN_set_ce(skb->nh.ipv6h); 539 } 540 } 541 } 542 543 static inline u8 544 ipgre_ecn_encapsulate(u8 tos, struct iphdr *old_iph, struct sk_buff *skb) 545 { 546 u8 inner = 0; 547 if (skb->protocol == htons(ETH_P_IP)) 548 inner = old_iph->tos; 549 else if (skb->protocol == htons(ETH_P_IPV6)) 550 inner = ipv6_get_dsfield((struct ipv6hdr *)old_iph); 551 return INET_ECN_encapsulate(tos, inner); 552 } 553 554 static int ipgre_rcv(struct sk_buff *skb) 555 { 556 struct iphdr *iph; 557 u8 *h; 558 __be16 flags; 559 __sum16 csum = 0; 560 __be32 key = 0; 561 u32 seqno = 0; 562 struct ip_tunnel *tunnel; 563 int offset = 4; 564 565 if (!pskb_may_pull(skb, 16)) 566 goto drop_nolock; 567 568 iph = skb->nh.iph; 569 h = skb->data; 570 flags = *(__be16*)h; 571 572 if (flags&(GRE_CSUM|GRE_KEY|GRE_ROUTING|GRE_SEQ|GRE_VERSION)) { 573 /* - Version must be 0. 574 - We do not support routing headers. 575 */ 576 if (flags&(GRE_VERSION|GRE_ROUTING)) 577 goto drop_nolock; 578 579 if (flags&GRE_CSUM) { 580 switch (skb->ip_summed) { 581 case CHECKSUM_COMPLETE: 582 csum = csum_fold(skb->csum); 583 if (!csum) 584 break; 585 /* fall through */ 586 case CHECKSUM_NONE: 587 skb->csum = 0; 588 csum = __skb_checksum_complete(skb); 589 skb->ip_summed = CHECKSUM_COMPLETE; 590 } 591 offset += 4; 592 } 593 if (flags&GRE_KEY) { 594 key = *(__be32*)(h + offset); 595 offset += 4; 596 } 597 if (flags&GRE_SEQ) { 598 seqno = ntohl(*(__be32*)(h + offset)); 599 offset += 4; 600 } 601 } 602 603 read_lock(&ipgre_lock); 604 if ((tunnel = ipgre_tunnel_lookup(iph->saddr, iph->daddr, key)) != NULL) { 605 secpath_reset(skb); 606 607 skb->protocol = *(__be16*)(h + 2); 608 /* WCCP version 1 and 2 protocol decoding. 609 * - Change protocol to IP 610 * - When dealing with WCCPv2, Skip extra 4 bytes in GRE header 611 */ 612 if (flags == 0 && 613 skb->protocol == htons(ETH_P_WCCP)) { 614 skb->protocol = htons(ETH_P_IP); 615 if ((*(h + offset) & 0xF0) != 0x40) 616 offset += 4; 617 } 618 619 skb->mac.raw = skb->nh.raw; 620 skb->nh.raw = __pskb_pull(skb, offset); 621 skb_postpull_rcsum(skb, skb->h.raw, offset); 622 skb->pkt_type = PACKET_HOST; 623 #ifdef CONFIG_NET_IPGRE_BROADCAST 624 if (MULTICAST(iph->daddr)) { 625 /* Looped back packet, drop it! */ 626 if (((struct rtable*)skb->dst)->fl.iif == 0) 627 goto drop; 628 tunnel->stat.multicast++; 629 skb->pkt_type = PACKET_BROADCAST; 630 } 631 #endif 632 633 if (((flags&GRE_CSUM) && csum) || 634 (!(flags&GRE_CSUM) && tunnel->parms.i_flags&GRE_CSUM)) { 635 tunnel->stat.rx_crc_errors++; 636 tunnel->stat.rx_errors++; 637 goto drop; 638 } 639 if (tunnel->parms.i_flags&GRE_SEQ) { 640 if (!(flags&GRE_SEQ) || 641 (tunnel->i_seqno && (s32)(seqno - tunnel->i_seqno) < 0)) { 642 tunnel->stat.rx_fifo_errors++; 643 tunnel->stat.rx_errors++; 644 goto drop; 645 } 646 tunnel->i_seqno = seqno + 1; 647 } 648 tunnel->stat.rx_packets++; 649 tunnel->stat.rx_bytes += skb->len; 650 skb->dev = tunnel->dev; 651 dst_release(skb->dst); 652 skb->dst = NULL; 653 nf_reset(skb); 654 ipgre_ecn_decapsulate(iph, skb); 655 netif_rx(skb); 656 read_unlock(&ipgre_lock); 657 return(0); 658 } 659 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_PORT_UNREACH, 0); 660 661 drop: 662 read_unlock(&ipgre_lock); 663 drop_nolock: 664 kfree_skb(skb); 665 return(0); 666 } 667 668 static int ipgre_tunnel_xmit(struct sk_buff *skb, struct net_device *dev) 669 { 670 struct ip_tunnel *tunnel = netdev_priv(dev); 671 struct net_device_stats *stats = &tunnel->stat; 672 struct iphdr *old_iph = skb->nh.iph; 673 struct iphdr *tiph; 674 u8 tos; 675 __be16 df; 676 struct rtable *rt; /* Route to the other host */ 677 struct net_device *tdev; /* Device to other host */ 678 struct iphdr *iph; /* Our new IP header */ 679 int max_headroom; /* The extra header space needed */ 680 int gre_hlen; 681 __be32 dst; 682 int mtu; 683 684 if (tunnel->recursion++) { 685 tunnel->stat.collisions++; 686 goto tx_error; 687 } 688 689 if (dev->hard_header) { 690 gre_hlen = 0; 691 tiph = (struct iphdr*)skb->data; 692 } else { 693 gre_hlen = tunnel->hlen; 694 tiph = &tunnel->parms.iph; 695 } 696 697 if ((dst = tiph->daddr) == 0) { 698 /* NBMA tunnel */ 699 700 if (skb->dst == NULL) { 701 tunnel->stat.tx_fifo_errors++; 702 goto tx_error; 703 } 704 705 if (skb->protocol == htons(ETH_P_IP)) { 706 rt = (struct rtable*)skb->dst; 707 if ((dst = rt->rt_gateway) == 0) 708 goto tx_error_icmp; 709 } 710 #ifdef CONFIG_IPV6 711 else if (skb->protocol == htons(ETH_P_IPV6)) { 712 struct in6_addr *addr6; 713 int addr_type; 714 struct neighbour *neigh = skb->dst->neighbour; 715 716 if (neigh == NULL) 717 goto tx_error; 718 719 addr6 = (struct in6_addr*)&neigh->primary_key; 720 addr_type = ipv6_addr_type(addr6); 721 722 if (addr_type == IPV6_ADDR_ANY) { 723 addr6 = &skb->nh.ipv6h->daddr; 724 addr_type = ipv6_addr_type(addr6); 725 } 726 727 if ((addr_type & IPV6_ADDR_COMPATv4) == 0) 728 goto tx_error_icmp; 729 730 dst = addr6->s6_addr32[3]; 731 } 732 #endif 733 else 734 goto tx_error; 735 } 736 737 tos = tiph->tos; 738 if (tos&1) { 739 if (skb->protocol == htons(ETH_P_IP)) 740 tos = old_iph->tos; 741 tos &= ~1; 742 } 743 744 { 745 struct flowi fl = { .oif = tunnel->parms.link, 746 .nl_u = { .ip4_u = 747 { .daddr = dst, 748 .saddr = tiph->saddr, 749 .tos = RT_TOS(tos) } }, 750 .proto = IPPROTO_GRE }; 751 if (ip_route_output_key(&rt, &fl)) { 752 tunnel->stat.tx_carrier_errors++; 753 goto tx_error; 754 } 755 } 756 tdev = rt->u.dst.dev; 757 758 if (tdev == dev) { 759 ip_rt_put(rt); 760 tunnel->stat.collisions++; 761 goto tx_error; 762 } 763 764 df = tiph->frag_off; 765 if (df) 766 mtu = dst_mtu(&rt->u.dst) - tunnel->hlen; 767 else 768 mtu = skb->dst ? dst_mtu(skb->dst) : dev->mtu; 769 770 if (skb->dst) 771 skb->dst->ops->update_pmtu(skb->dst, mtu); 772 773 if (skb->protocol == htons(ETH_P_IP)) { 774 df |= (old_iph->frag_off&htons(IP_DF)); 775 776 if ((old_iph->frag_off&htons(IP_DF)) && 777 mtu < ntohs(old_iph->tot_len)) { 778 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED, htonl(mtu)); 779 ip_rt_put(rt); 780 goto tx_error; 781 } 782 } 783 #ifdef CONFIG_IPV6 784 else if (skb->protocol == htons(ETH_P_IPV6)) { 785 struct rt6_info *rt6 = (struct rt6_info*)skb->dst; 786 787 if (rt6 && mtu < dst_mtu(skb->dst) && mtu >= IPV6_MIN_MTU) { 788 if ((tunnel->parms.iph.daddr && !MULTICAST(tunnel->parms.iph.daddr)) || 789 rt6->rt6i_dst.plen == 128) { 790 rt6->rt6i_flags |= RTF_MODIFIED; 791 skb->dst->metrics[RTAX_MTU-1] = mtu; 792 } 793 } 794 795 if (mtu >= IPV6_MIN_MTU && mtu < skb->len - tunnel->hlen + gre_hlen) { 796 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu, dev); 797 ip_rt_put(rt); 798 goto tx_error; 799 } 800 } 801 #endif 802 803 if (tunnel->err_count > 0) { 804 if (jiffies - tunnel->err_time < IPTUNNEL_ERR_TIMEO) { 805 tunnel->err_count--; 806 807 dst_link_failure(skb); 808 } else 809 tunnel->err_count = 0; 810 } 811 812 max_headroom = LL_RESERVED_SPACE(tdev) + gre_hlen; 813 814 if (skb_headroom(skb) < max_headroom || skb_cloned(skb) || skb_shared(skb)) { 815 struct sk_buff *new_skb = skb_realloc_headroom(skb, max_headroom); 816 if (!new_skb) { 817 ip_rt_put(rt); 818 stats->tx_dropped++; 819 dev_kfree_skb(skb); 820 tunnel->recursion--; 821 return 0; 822 } 823 if (skb->sk) 824 skb_set_owner_w(new_skb, skb->sk); 825 dev_kfree_skb(skb); 826 skb = new_skb; 827 old_iph = skb->nh.iph; 828 } 829 830 skb->h.raw = skb->nh.raw; 831 skb->nh.raw = skb_push(skb, gre_hlen); 832 memset(&(IPCB(skb)->opt), 0, sizeof(IPCB(skb)->opt)); 833 IPCB(skb)->flags &= ~(IPSKB_XFRM_TUNNEL_SIZE | IPSKB_XFRM_TRANSFORMED | 834 IPSKB_REROUTED); 835 dst_release(skb->dst); 836 skb->dst = &rt->u.dst; 837 838 /* 839 * Push down and install the IPIP header. 840 */ 841 842 iph = skb->nh.iph; 843 iph->version = 4; 844 iph->ihl = sizeof(struct iphdr) >> 2; 845 iph->frag_off = df; 846 iph->protocol = IPPROTO_GRE; 847 iph->tos = ipgre_ecn_encapsulate(tos, old_iph, skb); 848 iph->daddr = rt->rt_dst; 849 iph->saddr = rt->rt_src; 850 851 if ((iph->ttl = tiph->ttl) == 0) { 852 if (skb->protocol == htons(ETH_P_IP)) 853 iph->ttl = old_iph->ttl; 854 #ifdef CONFIG_IPV6 855 else if (skb->protocol == htons(ETH_P_IPV6)) 856 iph->ttl = ((struct ipv6hdr*)old_iph)->hop_limit; 857 #endif 858 else 859 iph->ttl = dst_metric(&rt->u.dst, RTAX_HOPLIMIT); 860 } 861 862 ((__be16*)(iph+1))[0] = tunnel->parms.o_flags; 863 ((__be16*)(iph+1))[1] = skb->protocol; 864 865 if (tunnel->parms.o_flags&(GRE_KEY|GRE_CSUM|GRE_SEQ)) { 866 __be32 *ptr = (__be32*)(((u8*)iph) + tunnel->hlen - 4); 867 868 if (tunnel->parms.o_flags&GRE_SEQ) { 869 ++tunnel->o_seqno; 870 *ptr = htonl(tunnel->o_seqno); 871 ptr--; 872 } 873 if (tunnel->parms.o_flags&GRE_KEY) { 874 *ptr = tunnel->parms.o_key; 875 ptr--; 876 } 877 if (tunnel->parms.o_flags&GRE_CSUM) { 878 *ptr = 0; 879 *(__sum16*)ptr = ip_compute_csum((void*)(iph+1), skb->len - sizeof(struct iphdr)); 880 } 881 } 882 883 nf_reset(skb); 884 885 IPTUNNEL_XMIT(); 886 tunnel->recursion--; 887 return 0; 888 889 tx_error_icmp: 890 dst_link_failure(skb); 891 892 tx_error: 893 stats->tx_errors++; 894 dev_kfree_skb(skb); 895 tunnel->recursion--; 896 return 0; 897 } 898 899 static int 900 ipgre_tunnel_ioctl (struct net_device *dev, struct ifreq *ifr, int cmd) 901 { 902 int err = 0; 903 struct ip_tunnel_parm p; 904 struct ip_tunnel *t; 905 906 switch (cmd) { 907 case SIOCGETTUNNEL: 908 t = NULL; 909 if (dev == ipgre_fb_tunnel_dev) { 910 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p))) { 911 err = -EFAULT; 912 break; 913 } 914 t = ipgre_tunnel_locate(&p, 0); 915 } 916 if (t == NULL) 917 t = netdev_priv(dev); 918 memcpy(&p, &t->parms, sizeof(p)); 919 if (copy_to_user(ifr->ifr_ifru.ifru_data, &p, sizeof(p))) 920 err = -EFAULT; 921 break; 922 923 case SIOCADDTUNNEL: 924 case SIOCCHGTUNNEL: 925 err = -EPERM; 926 if (!capable(CAP_NET_ADMIN)) 927 goto done; 928 929 err = -EFAULT; 930 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p))) 931 goto done; 932 933 err = -EINVAL; 934 if (p.iph.version != 4 || p.iph.protocol != IPPROTO_GRE || 935 p.iph.ihl != 5 || (p.iph.frag_off&htons(~IP_DF)) || 936 ((p.i_flags|p.o_flags)&(GRE_VERSION|GRE_ROUTING))) 937 goto done; 938 if (p.iph.ttl) 939 p.iph.frag_off |= htons(IP_DF); 940 941 if (!(p.i_flags&GRE_KEY)) 942 p.i_key = 0; 943 if (!(p.o_flags&GRE_KEY)) 944 p.o_key = 0; 945 946 t = ipgre_tunnel_locate(&p, cmd == SIOCADDTUNNEL); 947 948 if (dev != ipgre_fb_tunnel_dev && cmd == SIOCCHGTUNNEL) { 949 if (t != NULL) { 950 if (t->dev != dev) { 951 err = -EEXIST; 952 break; 953 } 954 } else { 955 unsigned nflags=0; 956 957 t = netdev_priv(dev); 958 959 if (MULTICAST(p.iph.daddr)) 960 nflags = IFF_BROADCAST; 961 else if (p.iph.daddr) 962 nflags = IFF_POINTOPOINT; 963 964 if ((dev->flags^nflags)&(IFF_POINTOPOINT|IFF_BROADCAST)) { 965 err = -EINVAL; 966 break; 967 } 968 ipgre_tunnel_unlink(t); 969 t->parms.iph.saddr = p.iph.saddr; 970 t->parms.iph.daddr = p.iph.daddr; 971 t->parms.i_key = p.i_key; 972 t->parms.o_key = p.o_key; 973 memcpy(dev->dev_addr, &p.iph.saddr, 4); 974 memcpy(dev->broadcast, &p.iph.daddr, 4); 975 ipgre_tunnel_link(t); 976 netdev_state_change(dev); 977 } 978 } 979 980 if (t) { 981 err = 0; 982 if (cmd == SIOCCHGTUNNEL) { 983 t->parms.iph.ttl = p.iph.ttl; 984 t->parms.iph.tos = p.iph.tos; 985 t->parms.iph.frag_off = p.iph.frag_off; 986 } 987 if (copy_to_user(ifr->ifr_ifru.ifru_data, &t->parms, sizeof(p))) 988 err = -EFAULT; 989 } else 990 err = (cmd == SIOCADDTUNNEL ? -ENOBUFS : -ENOENT); 991 break; 992 993 case SIOCDELTUNNEL: 994 err = -EPERM; 995 if (!capable(CAP_NET_ADMIN)) 996 goto done; 997 998 if (dev == ipgre_fb_tunnel_dev) { 999 err = -EFAULT; 1000 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p))) 1001 goto done; 1002 err = -ENOENT; 1003 if ((t = ipgre_tunnel_locate(&p, 0)) == NULL) 1004 goto done; 1005 err = -EPERM; 1006 if (t == netdev_priv(ipgre_fb_tunnel_dev)) 1007 goto done; 1008 dev = t->dev; 1009 } 1010 unregister_netdevice(dev); 1011 err = 0; 1012 break; 1013 1014 default: 1015 err = -EINVAL; 1016 } 1017 1018 done: 1019 return err; 1020 } 1021 1022 static struct net_device_stats *ipgre_tunnel_get_stats(struct net_device *dev) 1023 { 1024 return &(((struct ip_tunnel*)netdev_priv(dev))->stat); 1025 } 1026 1027 static int ipgre_tunnel_change_mtu(struct net_device *dev, int new_mtu) 1028 { 1029 struct ip_tunnel *tunnel = netdev_priv(dev); 1030 if (new_mtu < 68 || new_mtu > 0xFFF8 - tunnel->hlen) 1031 return -EINVAL; 1032 dev->mtu = new_mtu; 1033 return 0; 1034 } 1035 1036 #ifdef CONFIG_NET_IPGRE_BROADCAST 1037 /* Nice toy. Unfortunately, useless in real life :-) 1038 It allows to construct virtual multiprotocol broadcast "LAN" 1039 over the Internet, provided multicast routing is tuned. 1040 1041 1042 I have no idea was this bicycle invented before me, 1043 so that I had to set ARPHRD_IPGRE to a random value. 1044 I have an impression, that Cisco could make something similar, 1045 but this feature is apparently missing in IOS<=11.2(8). 1046 1047 I set up 10.66.66/24 and fec0:6666:6666::0/96 as virtual networks 1048 with broadcast 224.66.66.66. If you have access to mbone, play with me :-) 1049 1050 ping -t 255 224.66.66.66 1051 1052 If nobody answers, mbone does not work. 1053 1054 ip tunnel add Universe mode gre remote 224.66.66.66 local <Your_real_addr> ttl 255 1055 ip addr add 10.66.66.<somewhat>/24 dev Universe 1056 ifconfig Universe up 1057 ifconfig Universe add fe80::<Your_real_addr>/10 1058 ifconfig Universe add fec0:6666:6666::<Your_real_addr>/96 1059 ftp 10.66.66.66 1060 ... 1061 ftp fec0:6666:6666::193.233.7.65 1062 ... 1063 1064 */ 1065 1066 static int ipgre_header(struct sk_buff *skb, struct net_device *dev, unsigned short type, 1067 void *daddr, void *saddr, unsigned len) 1068 { 1069 struct ip_tunnel *t = netdev_priv(dev); 1070 struct iphdr *iph = (struct iphdr *)skb_push(skb, t->hlen); 1071 __be16 *p = (__be16*)(iph+1); 1072 1073 memcpy(iph, &t->parms.iph, sizeof(struct iphdr)); 1074 p[0] = t->parms.o_flags; 1075 p[1] = htons(type); 1076 1077 /* 1078 * Set the source hardware address. 1079 */ 1080 1081 if (saddr) 1082 memcpy(&iph->saddr, saddr, 4); 1083 1084 if (daddr) { 1085 memcpy(&iph->daddr, daddr, 4); 1086 return t->hlen; 1087 } 1088 if (iph->daddr && !MULTICAST(iph->daddr)) 1089 return t->hlen; 1090 1091 return -t->hlen; 1092 } 1093 1094 static int ipgre_open(struct net_device *dev) 1095 { 1096 struct ip_tunnel *t = netdev_priv(dev); 1097 1098 if (MULTICAST(t->parms.iph.daddr)) { 1099 struct flowi fl = { .oif = t->parms.link, 1100 .nl_u = { .ip4_u = 1101 { .daddr = t->parms.iph.daddr, 1102 .saddr = t->parms.iph.saddr, 1103 .tos = RT_TOS(t->parms.iph.tos) } }, 1104 .proto = IPPROTO_GRE }; 1105 struct rtable *rt; 1106 if (ip_route_output_key(&rt, &fl)) 1107 return -EADDRNOTAVAIL; 1108 dev = rt->u.dst.dev; 1109 ip_rt_put(rt); 1110 if (__in_dev_get_rtnl(dev) == NULL) 1111 return -EADDRNOTAVAIL; 1112 t->mlink = dev->ifindex; 1113 ip_mc_inc_group(__in_dev_get_rtnl(dev), t->parms.iph.daddr); 1114 } 1115 return 0; 1116 } 1117 1118 static int ipgre_close(struct net_device *dev) 1119 { 1120 struct ip_tunnel *t = netdev_priv(dev); 1121 if (MULTICAST(t->parms.iph.daddr) && t->mlink) { 1122 struct in_device *in_dev = inetdev_by_index(t->mlink); 1123 if (in_dev) { 1124 ip_mc_dec_group(in_dev, t->parms.iph.daddr); 1125 in_dev_put(in_dev); 1126 } 1127 } 1128 return 0; 1129 } 1130 1131 #endif 1132 1133 static void ipgre_tunnel_setup(struct net_device *dev) 1134 { 1135 SET_MODULE_OWNER(dev); 1136 dev->uninit = ipgre_tunnel_uninit; 1137 dev->destructor = free_netdev; 1138 dev->hard_start_xmit = ipgre_tunnel_xmit; 1139 dev->get_stats = ipgre_tunnel_get_stats; 1140 dev->do_ioctl = ipgre_tunnel_ioctl; 1141 dev->change_mtu = ipgre_tunnel_change_mtu; 1142 1143 dev->type = ARPHRD_IPGRE; 1144 dev->hard_header_len = LL_MAX_HEADER + sizeof(struct iphdr) + 4; 1145 dev->mtu = ETH_DATA_LEN - sizeof(struct iphdr) - 4; 1146 dev->flags = IFF_NOARP; 1147 dev->iflink = 0; 1148 dev->addr_len = 4; 1149 } 1150 1151 static int ipgre_tunnel_init(struct net_device *dev) 1152 { 1153 struct net_device *tdev = NULL; 1154 struct ip_tunnel *tunnel; 1155 struct iphdr *iph; 1156 int hlen = LL_MAX_HEADER; 1157 int mtu = ETH_DATA_LEN; 1158 int addend = sizeof(struct iphdr) + 4; 1159 1160 tunnel = netdev_priv(dev); 1161 iph = &tunnel->parms.iph; 1162 1163 tunnel->dev = dev; 1164 strcpy(tunnel->parms.name, dev->name); 1165 1166 memcpy(dev->dev_addr, &tunnel->parms.iph.saddr, 4); 1167 memcpy(dev->broadcast, &tunnel->parms.iph.daddr, 4); 1168 1169 /* Guess output device to choose reasonable mtu and hard_header_len */ 1170 1171 if (iph->daddr) { 1172 struct flowi fl = { .oif = tunnel->parms.link, 1173 .nl_u = { .ip4_u = 1174 { .daddr = iph->daddr, 1175 .saddr = iph->saddr, 1176 .tos = RT_TOS(iph->tos) } }, 1177 .proto = IPPROTO_GRE }; 1178 struct rtable *rt; 1179 if (!ip_route_output_key(&rt, &fl)) { 1180 tdev = rt->u.dst.dev; 1181 ip_rt_put(rt); 1182 } 1183 1184 dev->flags |= IFF_POINTOPOINT; 1185 1186 #ifdef CONFIG_NET_IPGRE_BROADCAST 1187 if (MULTICAST(iph->daddr)) { 1188 if (!iph->saddr) 1189 return -EINVAL; 1190 dev->flags = IFF_BROADCAST; 1191 dev->hard_header = ipgre_header; 1192 dev->open = ipgre_open; 1193 dev->stop = ipgre_close; 1194 } 1195 #endif 1196 } 1197 1198 if (!tdev && tunnel->parms.link) 1199 tdev = __dev_get_by_index(tunnel->parms.link); 1200 1201 if (tdev) { 1202 hlen = tdev->hard_header_len; 1203 mtu = tdev->mtu; 1204 } 1205 dev->iflink = tunnel->parms.link; 1206 1207 /* Precalculate GRE options length */ 1208 if (tunnel->parms.o_flags&(GRE_CSUM|GRE_KEY|GRE_SEQ)) { 1209 if (tunnel->parms.o_flags&GRE_CSUM) 1210 addend += 4; 1211 if (tunnel->parms.o_flags&GRE_KEY) 1212 addend += 4; 1213 if (tunnel->parms.o_flags&GRE_SEQ) 1214 addend += 4; 1215 } 1216 dev->hard_header_len = hlen + addend; 1217 dev->mtu = mtu - addend; 1218 tunnel->hlen = addend; 1219 return 0; 1220 } 1221 1222 static int __init ipgre_fb_tunnel_init(struct net_device *dev) 1223 { 1224 struct ip_tunnel *tunnel = netdev_priv(dev); 1225 struct iphdr *iph = &tunnel->parms.iph; 1226 1227 tunnel->dev = dev; 1228 strcpy(tunnel->parms.name, dev->name); 1229 1230 iph->version = 4; 1231 iph->protocol = IPPROTO_GRE; 1232 iph->ihl = 5; 1233 tunnel->hlen = sizeof(struct iphdr) + 4; 1234 1235 dev_hold(dev); 1236 tunnels_wc[0] = tunnel; 1237 return 0; 1238 } 1239 1240 1241 static struct net_protocol ipgre_protocol = { 1242 .handler = ipgre_rcv, 1243 .err_handler = ipgre_err, 1244 }; 1245 1246 1247 /* 1248 * And now the modules code and kernel interface. 1249 */ 1250 1251 static int __init ipgre_init(void) 1252 { 1253 int err; 1254 1255 printk(KERN_INFO "GRE over IPv4 tunneling driver\n"); 1256 1257 if (inet_add_protocol(&ipgre_protocol, IPPROTO_GRE) < 0) { 1258 printk(KERN_INFO "ipgre init: can't add protocol\n"); 1259 return -EAGAIN; 1260 } 1261 1262 ipgre_fb_tunnel_dev = alloc_netdev(sizeof(struct ip_tunnel), "gre0", 1263 ipgre_tunnel_setup); 1264 if (!ipgre_fb_tunnel_dev) { 1265 err = -ENOMEM; 1266 goto err1; 1267 } 1268 1269 ipgre_fb_tunnel_dev->init = ipgre_fb_tunnel_init; 1270 1271 if ((err = register_netdev(ipgre_fb_tunnel_dev))) 1272 goto err2; 1273 out: 1274 return err; 1275 err2: 1276 free_netdev(ipgre_fb_tunnel_dev); 1277 err1: 1278 inet_del_protocol(&ipgre_protocol, IPPROTO_GRE); 1279 goto out; 1280 } 1281 1282 static void __exit ipgre_destroy_tunnels(void) 1283 { 1284 int prio; 1285 1286 for (prio = 0; prio < 4; prio++) { 1287 int h; 1288 for (h = 0; h < HASH_SIZE; h++) { 1289 struct ip_tunnel *t; 1290 while ((t = tunnels[prio][h]) != NULL) 1291 unregister_netdevice(t->dev); 1292 } 1293 } 1294 } 1295 1296 static void __exit ipgre_fini(void) 1297 { 1298 if (inet_del_protocol(&ipgre_protocol, IPPROTO_GRE) < 0) 1299 printk(KERN_INFO "ipgre close: can't remove protocol\n"); 1300 1301 rtnl_lock(); 1302 ipgre_destroy_tunnels(); 1303 rtnl_unlock(); 1304 } 1305 1306 module_init(ipgre_init); 1307 module_exit(ipgre_fini); 1308 MODULE_LICENSE("GPL"); 1309