1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * Linux NET3: IP/IP protocol decoder. 4 * 5 * Authors: 6 * Sam Lantinga (slouken@cs.ucdavis.edu) 02/01/95 7 * 8 * Fixes: 9 * Alan Cox : Merged and made usable non modular (its so tiny its silly as 10 * a module taking up 2 pages). 11 * Alan Cox : Fixed bug with 1.3.18 and IPIP not working (now needs to set skb->h.iph) 12 * to keep ip_forward happy. 13 * Alan Cox : More fixes for 1.3.21, and firewall fix. Maybe this will work soon 8). 14 * Kai Schulte : Fixed #defines for IP_FIREWALL->FIREWALL 15 * David Woodhouse : Perform some basic ICMP handling. 16 * IPIP Routing without decapsulation. 17 * Carlos Picoto : GRE over IP support 18 * Alexey Kuznetsov: Reworked. Really, now it is truncated version of ipv4/ip_gre.c. 19 * I do not want to merge them together. 20 */ 21 22 /* tunnel.c: an IP tunnel driver 23 24 The purpose of this driver is to provide an IP tunnel through 25 which you can tunnel network traffic transparently across subnets. 26 27 This was written by looking at Nick Holloway's dummy driver 28 Thanks for the great code! 29 30 -Sam Lantinga (slouken@cs.ucdavis.edu) 02/01/95 31 32 Minor tweaks: 33 Cleaned up the code a little and added some pre-1.3.0 tweaks. 34 dev->hard_header/hard_header_len changed to use no headers. 35 Comments/bracketing tweaked. 36 Made the tunnels use dev->name not tunnel: when error reporting. 37 Added tx_dropped stat 38 39 -Alan Cox (alan@lxorguk.ukuu.org.uk) 21 March 95 40 41 Reworked: 42 Changed to tunnel to destination gateway in addition to the 43 tunnel's pointopoint address 44 Almost completely rewritten 45 Note: There is currently no firewall or ICMP handling done. 46 47 -Sam Lantinga (slouken@cs.ucdavis.edu) 02/13/96 48 49 */ 50 51 /* Things I wish I had known when writing the tunnel driver: 52 53 When the tunnel_xmit() function is called, the skb contains the 54 packet to be sent (plus a great deal of extra info), and dev 55 contains the tunnel device that _we_ are. 56 57 When we are passed a packet, we are expected to fill in the 58 source address with our source IP address. 59 60 What is the proper way to allocate, copy and free a buffer? 61 After you allocate it, it is a "0 length" chunk of memory 62 starting at zero. If you want to add headers to the buffer 63 later, you'll have to call "skb_reserve(skb, amount)" with 64 the amount of memory you want reserved. Then, you call 65 "skb_put(skb, amount)" with the amount of space you want in 66 the buffer. skb_put() returns a pointer to the top (#0) of 67 that buffer. skb->len is set to the amount of space you have 68 "allocated" with skb_put(). You can then write up to skb->len 69 bytes to that buffer. If you need more, you can call skb_put() 70 again with the additional amount of space you need. You can 71 find out how much more space you can allocate by calling 72 "skb_tailroom(skb)". 73 Now, to add header space, call "skb_push(skb, header_len)". 74 This creates space at the beginning of the buffer and returns 75 a pointer to this new space. If later you need to strip a 76 header from a buffer, call "skb_pull(skb, header_len)". 77 skb_headroom() will return how much space is left at the top 78 of the buffer (before the main data). Remember, this headroom 79 space must be reserved before the skb_put() function is called. 80 */ 81 82 /* 83 This version of net/ipv4/ipip.c is cloned of net/ipv4/ip_gre.c 84 85 For comments look at net/ipv4/ip_gre.c --ANK 86 */ 87 88 89 #include <linux/capability.h> 90 #include <linux/module.h> 91 #include <linux/types.h> 92 #include <linux/kernel.h> 93 #include <linux/slab.h> 94 #include <linux/uaccess.h> 95 #include <linux/skbuff.h> 96 #include <linux/netdevice.h> 97 #include <linux/in.h> 98 #include <linux/tcp.h> 99 #include <linux/udp.h> 100 #include <linux/if_arp.h> 101 #include <linux/init.h> 102 #include <linux/netfilter_ipv4.h> 103 #include <linux/if_ether.h> 104 105 #include <net/sock.h> 106 #include <net/ip.h> 107 #include <net/icmp.h> 108 #include <net/ip_tunnels.h> 109 #include <net/inet_ecn.h> 110 #include <net/xfrm.h> 111 #include <net/net_namespace.h> 112 #include <net/netns/generic.h> 113 #include <net/dst_metadata.h> 114 115 static bool log_ecn_error = true; 116 module_param(log_ecn_error, bool, 0644); 117 MODULE_PARM_DESC(log_ecn_error, "Log packets received with corrupted ECN"); 118 119 static unsigned int ipip_net_id __read_mostly; 120 121 static int ipip_tunnel_init(struct net_device *dev); 122 static struct rtnl_link_ops ipip_link_ops __read_mostly; 123 124 static int ipip_err(struct sk_buff *skb, u32 info) 125 { 126 /* All the routers (except for Linux) return only 127 * 8 bytes of packet payload. It means, that precise relaying of 128 * ICMP in the real Internet is absolutely infeasible. 129 */ 130 struct net *net = dev_net(skb->dev); 131 struct ip_tunnel_net *itn = net_generic(net, ipip_net_id); 132 const struct iphdr *iph = (const struct iphdr *)skb->data; 133 const int type = icmp_hdr(skb)->type; 134 const int code = icmp_hdr(skb)->code; 135 struct ip_tunnel *t; 136 int err = 0; 137 138 t = ip_tunnel_lookup(itn, skb->dev->ifindex, TUNNEL_NO_KEY, 139 iph->daddr, iph->saddr, 0); 140 if (!t) { 141 err = -ENOENT; 142 goto out; 143 } 144 145 switch (type) { 146 case ICMP_DEST_UNREACH: 147 switch (code) { 148 case ICMP_SR_FAILED: 149 /* Impossible event. */ 150 goto out; 151 default: 152 /* All others are translated to HOST_UNREACH. 153 * rfc2003 contains "deep thoughts" about NET_UNREACH, 154 * I believe they are just ether pollution. --ANK 155 */ 156 break; 157 } 158 break; 159 160 case ICMP_TIME_EXCEEDED: 161 if (code != ICMP_EXC_TTL) 162 goto out; 163 break; 164 165 case ICMP_REDIRECT: 166 break; 167 168 default: 169 goto out; 170 } 171 172 if (type == ICMP_DEST_UNREACH && code == ICMP_FRAG_NEEDED) { 173 ipv4_update_pmtu(skb, net, info, t->parms.link, iph->protocol); 174 goto out; 175 } 176 177 if (type == ICMP_REDIRECT) { 178 ipv4_redirect(skb, net, t->parms.link, iph->protocol); 179 goto out; 180 } 181 182 if (t->parms.iph.daddr == 0) { 183 err = -ENOENT; 184 goto out; 185 } 186 187 if (t->parms.iph.ttl == 0 && type == ICMP_TIME_EXCEEDED) 188 goto out; 189 190 if (time_before(jiffies, t->err_time + IPTUNNEL_ERR_TIMEO)) 191 t->err_count++; 192 else 193 t->err_count = 1; 194 t->err_time = jiffies; 195 196 out: 197 return err; 198 } 199 200 static const struct tnl_ptk_info ipip_tpi = { 201 /* no tunnel info required for ipip. */ 202 .proto = htons(ETH_P_IP), 203 }; 204 205 #if IS_ENABLED(CONFIG_MPLS) 206 static const struct tnl_ptk_info mplsip_tpi = { 207 /* no tunnel info required for mplsip. */ 208 .proto = htons(ETH_P_MPLS_UC), 209 }; 210 #endif 211 212 static int ipip_tunnel_rcv(struct sk_buff *skb, u8 ipproto) 213 { 214 struct net *net = dev_net(skb->dev); 215 struct ip_tunnel_net *itn = net_generic(net, ipip_net_id); 216 struct metadata_dst *tun_dst = NULL; 217 struct ip_tunnel *tunnel; 218 const struct iphdr *iph; 219 220 iph = ip_hdr(skb); 221 tunnel = ip_tunnel_lookup(itn, skb->dev->ifindex, TUNNEL_NO_KEY, 222 iph->saddr, iph->daddr, 0); 223 if (tunnel) { 224 const struct tnl_ptk_info *tpi; 225 226 if (tunnel->parms.iph.protocol != ipproto && 227 tunnel->parms.iph.protocol != 0) 228 goto drop; 229 230 if (!xfrm4_policy_check(NULL, XFRM_POLICY_IN, skb)) 231 goto drop; 232 #if IS_ENABLED(CONFIG_MPLS) 233 if (ipproto == IPPROTO_MPLS) 234 tpi = &mplsip_tpi; 235 else 236 #endif 237 tpi = &ipip_tpi; 238 if (iptunnel_pull_header(skb, 0, tpi->proto, false)) 239 goto drop; 240 if (tunnel->collect_md) { 241 tun_dst = ip_tun_rx_dst(skb, 0, 0, 0); 242 if (!tun_dst) 243 return 0; 244 } 245 return ip_tunnel_rcv(tunnel, skb, tpi, tun_dst, log_ecn_error); 246 } 247 248 return -1; 249 250 drop: 251 kfree_skb(skb); 252 return 0; 253 } 254 255 static int ipip_rcv(struct sk_buff *skb) 256 { 257 return ipip_tunnel_rcv(skb, IPPROTO_IPIP); 258 } 259 260 #if IS_ENABLED(CONFIG_MPLS) 261 static int mplsip_rcv(struct sk_buff *skb) 262 { 263 return ipip_tunnel_rcv(skb, IPPROTO_MPLS); 264 } 265 #endif 266 267 /* 268 * This function assumes it is being called from dev_queue_xmit() 269 * and that skb is filled properly by that function. 270 */ 271 static netdev_tx_t ipip_tunnel_xmit(struct sk_buff *skb, 272 struct net_device *dev) 273 { 274 struct ip_tunnel *tunnel = netdev_priv(dev); 275 const struct iphdr *tiph = &tunnel->parms.iph; 276 u8 ipproto; 277 278 switch (skb->protocol) { 279 case htons(ETH_P_IP): 280 ipproto = IPPROTO_IPIP; 281 break; 282 #if IS_ENABLED(CONFIG_MPLS) 283 case htons(ETH_P_MPLS_UC): 284 ipproto = IPPROTO_MPLS; 285 break; 286 #endif 287 default: 288 goto tx_error; 289 } 290 291 if (tiph->protocol != ipproto && tiph->protocol != 0) 292 goto tx_error; 293 294 if (iptunnel_handle_offloads(skb, SKB_GSO_IPXIP4)) 295 goto tx_error; 296 297 skb_set_inner_ipproto(skb, ipproto); 298 299 if (tunnel->collect_md) 300 ip_md_tunnel_xmit(skb, dev, ipproto, 0); 301 else 302 ip_tunnel_xmit(skb, dev, tiph, ipproto); 303 return NETDEV_TX_OK; 304 305 tx_error: 306 kfree_skb(skb); 307 308 dev->stats.tx_errors++; 309 return NETDEV_TX_OK; 310 } 311 312 static bool ipip_tunnel_ioctl_verify_protocol(u8 ipproto) 313 { 314 switch (ipproto) { 315 case 0: 316 case IPPROTO_IPIP: 317 #if IS_ENABLED(CONFIG_MPLS) 318 case IPPROTO_MPLS: 319 #endif 320 return true; 321 } 322 323 return false; 324 } 325 326 static int 327 ipip_tunnel_ioctl(struct net_device *dev, struct ifreq *ifr, int cmd) 328 { 329 int err = 0; 330 struct ip_tunnel_parm p; 331 332 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p))) 333 return -EFAULT; 334 335 if (cmd == SIOCADDTUNNEL || cmd == SIOCCHGTUNNEL) { 336 if (p.iph.version != 4 || 337 !ipip_tunnel_ioctl_verify_protocol(p.iph.protocol) || 338 p.iph.ihl != 5 || (p.iph.frag_off&htons(~IP_DF))) 339 return -EINVAL; 340 } 341 342 p.i_key = p.o_key = 0; 343 p.i_flags = p.o_flags = 0; 344 err = ip_tunnel_ioctl(dev, &p, cmd); 345 if (err) 346 return err; 347 348 if (copy_to_user(ifr->ifr_ifru.ifru_data, &p, sizeof(p))) 349 return -EFAULT; 350 351 return 0; 352 } 353 354 static const struct net_device_ops ipip_netdev_ops = { 355 .ndo_init = ipip_tunnel_init, 356 .ndo_uninit = ip_tunnel_uninit, 357 .ndo_start_xmit = ipip_tunnel_xmit, 358 .ndo_do_ioctl = ipip_tunnel_ioctl, 359 .ndo_change_mtu = ip_tunnel_change_mtu, 360 .ndo_get_stats64 = ip_tunnel_get_stats64, 361 .ndo_get_iflink = ip_tunnel_get_iflink, 362 }; 363 364 #define IPIP_FEATURES (NETIF_F_SG | \ 365 NETIF_F_FRAGLIST | \ 366 NETIF_F_HIGHDMA | \ 367 NETIF_F_GSO_SOFTWARE | \ 368 NETIF_F_HW_CSUM) 369 370 static void ipip_tunnel_setup(struct net_device *dev) 371 { 372 dev->netdev_ops = &ipip_netdev_ops; 373 374 dev->type = ARPHRD_TUNNEL; 375 dev->flags = IFF_NOARP; 376 dev->addr_len = 4; 377 dev->features |= NETIF_F_LLTX; 378 netif_keep_dst(dev); 379 380 dev->features |= IPIP_FEATURES; 381 dev->hw_features |= IPIP_FEATURES; 382 ip_tunnel_setup(dev, ipip_net_id); 383 } 384 385 static int ipip_tunnel_init(struct net_device *dev) 386 { 387 struct ip_tunnel *tunnel = netdev_priv(dev); 388 389 memcpy(dev->dev_addr, &tunnel->parms.iph.saddr, 4); 390 memcpy(dev->broadcast, &tunnel->parms.iph.daddr, 4); 391 392 tunnel->tun_hlen = 0; 393 tunnel->hlen = tunnel->tun_hlen + tunnel->encap_hlen; 394 return ip_tunnel_init(dev); 395 } 396 397 static int ipip_tunnel_validate(struct nlattr *tb[], struct nlattr *data[], 398 struct netlink_ext_ack *extack) 399 { 400 u8 proto; 401 402 if (!data || !data[IFLA_IPTUN_PROTO]) 403 return 0; 404 405 proto = nla_get_u8(data[IFLA_IPTUN_PROTO]); 406 if (proto != IPPROTO_IPIP && proto != IPPROTO_MPLS && proto != 0) 407 return -EINVAL; 408 409 return 0; 410 } 411 412 static void ipip_netlink_parms(struct nlattr *data[], 413 struct ip_tunnel_parm *parms, bool *collect_md, 414 __u32 *fwmark) 415 { 416 memset(parms, 0, sizeof(*parms)); 417 418 parms->iph.version = 4; 419 parms->iph.protocol = IPPROTO_IPIP; 420 parms->iph.ihl = 5; 421 *collect_md = false; 422 423 if (!data) 424 return; 425 426 if (data[IFLA_IPTUN_LINK]) 427 parms->link = nla_get_u32(data[IFLA_IPTUN_LINK]); 428 429 if (data[IFLA_IPTUN_LOCAL]) 430 parms->iph.saddr = nla_get_in_addr(data[IFLA_IPTUN_LOCAL]); 431 432 if (data[IFLA_IPTUN_REMOTE]) 433 parms->iph.daddr = nla_get_in_addr(data[IFLA_IPTUN_REMOTE]); 434 435 if (data[IFLA_IPTUN_TTL]) { 436 parms->iph.ttl = nla_get_u8(data[IFLA_IPTUN_TTL]); 437 if (parms->iph.ttl) 438 parms->iph.frag_off = htons(IP_DF); 439 } 440 441 if (data[IFLA_IPTUN_TOS]) 442 parms->iph.tos = nla_get_u8(data[IFLA_IPTUN_TOS]); 443 444 if (data[IFLA_IPTUN_PROTO]) 445 parms->iph.protocol = nla_get_u8(data[IFLA_IPTUN_PROTO]); 446 447 if (!data[IFLA_IPTUN_PMTUDISC] || nla_get_u8(data[IFLA_IPTUN_PMTUDISC])) 448 parms->iph.frag_off = htons(IP_DF); 449 450 if (data[IFLA_IPTUN_COLLECT_METADATA]) 451 *collect_md = true; 452 453 if (data[IFLA_IPTUN_FWMARK]) 454 *fwmark = nla_get_u32(data[IFLA_IPTUN_FWMARK]); 455 } 456 457 /* This function returns true when ENCAP attributes are present in the nl msg */ 458 static bool ipip_netlink_encap_parms(struct nlattr *data[], 459 struct ip_tunnel_encap *ipencap) 460 { 461 bool ret = false; 462 463 memset(ipencap, 0, sizeof(*ipencap)); 464 465 if (!data) 466 return ret; 467 468 if (data[IFLA_IPTUN_ENCAP_TYPE]) { 469 ret = true; 470 ipencap->type = nla_get_u16(data[IFLA_IPTUN_ENCAP_TYPE]); 471 } 472 473 if (data[IFLA_IPTUN_ENCAP_FLAGS]) { 474 ret = true; 475 ipencap->flags = nla_get_u16(data[IFLA_IPTUN_ENCAP_FLAGS]); 476 } 477 478 if (data[IFLA_IPTUN_ENCAP_SPORT]) { 479 ret = true; 480 ipencap->sport = nla_get_be16(data[IFLA_IPTUN_ENCAP_SPORT]); 481 } 482 483 if (data[IFLA_IPTUN_ENCAP_DPORT]) { 484 ret = true; 485 ipencap->dport = nla_get_be16(data[IFLA_IPTUN_ENCAP_DPORT]); 486 } 487 488 return ret; 489 } 490 491 static int ipip_newlink(struct net *src_net, struct net_device *dev, 492 struct nlattr *tb[], struct nlattr *data[], 493 struct netlink_ext_ack *extack) 494 { 495 struct ip_tunnel *t = netdev_priv(dev); 496 struct ip_tunnel_parm p; 497 struct ip_tunnel_encap ipencap; 498 __u32 fwmark = 0; 499 500 if (ipip_netlink_encap_parms(data, &ipencap)) { 501 int err = ip_tunnel_encap_setup(t, &ipencap); 502 503 if (err < 0) 504 return err; 505 } 506 507 ipip_netlink_parms(data, &p, &t->collect_md, &fwmark); 508 return ip_tunnel_newlink(dev, tb, &p, fwmark); 509 } 510 511 static int ipip_changelink(struct net_device *dev, struct nlattr *tb[], 512 struct nlattr *data[], 513 struct netlink_ext_ack *extack) 514 { 515 struct ip_tunnel *t = netdev_priv(dev); 516 struct ip_tunnel_parm p; 517 struct ip_tunnel_encap ipencap; 518 bool collect_md; 519 __u32 fwmark = t->fwmark; 520 521 if (ipip_netlink_encap_parms(data, &ipencap)) { 522 int err = ip_tunnel_encap_setup(t, &ipencap); 523 524 if (err < 0) 525 return err; 526 } 527 528 ipip_netlink_parms(data, &p, &collect_md, &fwmark); 529 if (collect_md) 530 return -EINVAL; 531 532 if (((dev->flags & IFF_POINTOPOINT) && !p.iph.daddr) || 533 (!(dev->flags & IFF_POINTOPOINT) && p.iph.daddr)) 534 return -EINVAL; 535 536 return ip_tunnel_changelink(dev, tb, &p, fwmark); 537 } 538 539 static size_t ipip_get_size(const struct net_device *dev) 540 { 541 return 542 /* IFLA_IPTUN_LINK */ 543 nla_total_size(4) + 544 /* IFLA_IPTUN_LOCAL */ 545 nla_total_size(4) + 546 /* IFLA_IPTUN_REMOTE */ 547 nla_total_size(4) + 548 /* IFLA_IPTUN_TTL */ 549 nla_total_size(1) + 550 /* IFLA_IPTUN_TOS */ 551 nla_total_size(1) + 552 /* IFLA_IPTUN_PROTO */ 553 nla_total_size(1) + 554 /* IFLA_IPTUN_PMTUDISC */ 555 nla_total_size(1) + 556 /* IFLA_IPTUN_ENCAP_TYPE */ 557 nla_total_size(2) + 558 /* IFLA_IPTUN_ENCAP_FLAGS */ 559 nla_total_size(2) + 560 /* IFLA_IPTUN_ENCAP_SPORT */ 561 nla_total_size(2) + 562 /* IFLA_IPTUN_ENCAP_DPORT */ 563 nla_total_size(2) + 564 /* IFLA_IPTUN_COLLECT_METADATA */ 565 nla_total_size(0) + 566 /* IFLA_IPTUN_FWMARK */ 567 nla_total_size(4) + 568 0; 569 } 570 571 static int ipip_fill_info(struct sk_buff *skb, const struct net_device *dev) 572 { 573 struct ip_tunnel *tunnel = netdev_priv(dev); 574 struct ip_tunnel_parm *parm = &tunnel->parms; 575 576 if (nla_put_u32(skb, IFLA_IPTUN_LINK, parm->link) || 577 nla_put_in_addr(skb, IFLA_IPTUN_LOCAL, parm->iph.saddr) || 578 nla_put_in_addr(skb, IFLA_IPTUN_REMOTE, parm->iph.daddr) || 579 nla_put_u8(skb, IFLA_IPTUN_TTL, parm->iph.ttl) || 580 nla_put_u8(skb, IFLA_IPTUN_TOS, parm->iph.tos) || 581 nla_put_u8(skb, IFLA_IPTUN_PROTO, parm->iph.protocol) || 582 nla_put_u8(skb, IFLA_IPTUN_PMTUDISC, 583 !!(parm->iph.frag_off & htons(IP_DF))) || 584 nla_put_u32(skb, IFLA_IPTUN_FWMARK, tunnel->fwmark)) 585 goto nla_put_failure; 586 587 if (nla_put_u16(skb, IFLA_IPTUN_ENCAP_TYPE, 588 tunnel->encap.type) || 589 nla_put_be16(skb, IFLA_IPTUN_ENCAP_SPORT, 590 tunnel->encap.sport) || 591 nla_put_be16(skb, IFLA_IPTUN_ENCAP_DPORT, 592 tunnel->encap.dport) || 593 nla_put_u16(skb, IFLA_IPTUN_ENCAP_FLAGS, 594 tunnel->encap.flags)) 595 goto nla_put_failure; 596 597 if (tunnel->collect_md) 598 if (nla_put_flag(skb, IFLA_IPTUN_COLLECT_METADATA)) 599 goto nla_put_failure; 600 return 0; 601 602 nla_put_failure: 603 return -EMSGSIZE; 604 } 605 606 static const struct nla_policy ipip_policy[IFLA_IPTUN_MAX + 1] = { 607 [IFLA_IPTUN_LINK] = { .type = NLA_U32 }, 608 [IFLA_IPTUN_LOCAL] = { .type = NLA_U32 }, 609 [IFLA_IPTUN_REMOTE] = { .type = NLA_U32 }, 610 [IFLA_IPTUN_TTL] = { .type = NLA_U8 }, 611 [IFLA_IPTUN_TOS] = { .type = NLA_U8 }, 612 [IFLA_IPTUN_PROTO] = { .type = NLA_U8 }, 613 [IFLA_IPTUN_PMTUDISC] = { .type = NLA_U8 }, 614 [IFLA_IPTUN_ENCAP_TYPE] = { .type = NLA_U16 }, 615 [IFLA_IPTUN_ENCAP_FLAGS] = { .type = NLA_U16 }, 616 [IFLA_IPTUN_ENCAP_SPORT] = { .type = NLA_U16 }, 617 [IFLA_IPTUN_ENCAP_DPORT] = { .type = NLA_U16 }, 618 [IFLA_IPTUN_COLLECT_METADATA] = { .type = NLA_FLAG }, 619 [IFLA_IPTUN_FWMARK] = { .type = NLA_U32 }, 620 }; 621 622 static struct rtnl_link_ops ipip_link_ops __read_mostly = { 623 .kind = "ipip", 624 .maxtype = IFLA_IPTUN_MAX, 625 .policy = ipip_policy, 626 .priv_size = sizeof(struct ip_tunnel), 627 .setup = ipip_tunnel_setup, 628 .validate = ipip_tunnel_validate, 629 .newlink = ipip_newlink, 630 .changelink = ipip_changelink, 631 .dellink = ip_tunnel_dellink, 632 .get_size = ipip_get_size, 633 .fill_info = ipip_fill_info, 634 .get_link_net = ip_tunnel_get_link_net, 635 }; 636 637 static struct xfrm_tunnel ipip_handler __read_mostly = { 638 .handler = ipip_rcv, 639 .err_handler = ipip_err, 640 .priority = 1, 641 }; 642 643 #if IS_ENABLED(CONFIG_MPLS) 644 static struct xfrm_tunnel mplsip_handler __read_mostly = { 645 .handler = mplsip_rcv, 646 .err_handler = ipip_err, 647 .priority = 1, 648 }; 649 #endif 650 651 static int __net_init ipip_init_net(struct net *net) 652 { 653 return ip_tunnel_init_net(net, ipip_net_id, &ipip_link_ops, "tunl0"); 654 } 655 656 static void __net_exit ipip_exit_batch_net(struct list_head *list_net) 657 { 658 ip_tunnel_delete_nets(list_net, ipip_net_id, &ipip_link_ops); 659 } 660 661 static struct pernet_operations ipip_net_ops = { 662 .init = ipip_init_net, 663 .exit_batch = ipip_exit_batch_net, 664 .id = &ipip_net_id, 665 .size = sizeof(struct ip_tunnel_net), 666 }; 667 668 static int __init ipip_init(void) 669 { 670 int err; 671 672 pr_info("ipip: IPv4 and MPLS over IPv4 tunneling driver\n"); 673 674 err = register_pernet_device(&ipip_net_ops); 675 if (err < 0) 676 return err; 677 err = xfrm4_tunnel_register(&ipip_handler, AF_INET); 678 if (err < 0) { 679 pr_info("%s: can't register tunnel\n", __func__); 680 goto xfrm_tunnel_ipip_failed; 681 } 682 #if IS_ENABLED(CONFIG_MPLS) 683 err = xfrm4_tunnel_register(&mplsip_handler, AF_MPLS); 684 if (err < 0) { 685 pr_info("%s: can't register tunnel\n", __func__); 686 goto xfrm_tunnel_mplsip_failed; 687 } 688 #endif 689 err = rtnl_link_register(&ipip_link_ops); 690 if (err < 0) 691 goto rtnl_link_failed; 692 693 out: 694 return err; 695 696 rtnl_link_failed: 697 #if IS_ENABLED(CONFIG_MPLS) 698 xfrm4_tunnel_deregister(&mplsip_handler, AF_INET); 699 xfrm_tunnel_mplsip_failed: 700 701 #endif 702 xfrm4_tunnel_deregister(&ipip_handler, AF_INET); 703 xfrm_tunnel_ipip_failed: 704 unregister_pernet_device(&ipip_net_ops); 705 goto out; 706 } 707 708 static void __exit ipip_fini(void) 709 { 710 rtnl_link_unregister(&ipip_link_ops); 711 if (xfrm4_tunnel_deregister(&ipip_handler, AF_INET)) 712 pr_info("%s: can't deregister tunnel\n", __func__); 713 #if IS_ENABLED(CONFIG_MPLS) 714 if (xfrm4_tunnel_deregister(&mplsip_handler, AF_MPLS)) 715 pr_info("%s: can't deregister tunnel\n", __func__); 716 #endif 717 unregister_pernet_device(&ipip_net_ops); 718 } 719 720 module_init(ipip_init); 721 module_exit(ipip_fini); 722 MODULE_LICENSE("GPL"); 723 MODULE_ALIAS_RTNL_LINK("ipip"); 724 MODULE_ALIAS_NETDEV("tunl0"); 725