1 // SPDX-License-Identifier: GPL-2.0+ 2 /* 3 * IPv6 IOAM Lightweight Tunnel implementation 4 * 5 * Author: 6 * Justin Iurman <justin.iurman@uliege.be> 7 */ 8 9 #include <linux/kernel.h> 10 #include <linux/skbuff.h> 11 #include <linux/net.h> 12 #include <linux/in6.h> 13 #include <linux/ioam6.h> 14 #include <linux/ioam6_iptunnel.h> 15 #include <net/dst.h> 16 #include <net/sock.h> 17 #include <net/lwtunnel.h> 18 #include <net/ioam6.h> 19 #include <net/netlink.h> 20 #include <net/ipv6.h> 21 #include <net/dst_cache.h> 22 #include <net/ip6_route.h> 23 #include <net/addrconf.h> 24 25 struct ioam6_lwt_encap { 26 struct ipv6_hopopt_hdr eh; 27 u8 pad[2]; /* 2-octet padding for 4n-alignment */ 28 struct ioam6_hdr ioamh; 29 struct ioam6_trace_hdr traceh; 30 } __packed; 31 32 struct ioam6_lwt_freq { 33 u32 k; 34 u32 n; 35 }; 36 37 struct ioam6_lwt { 38 struct dst_entry null_dst; 39 struct dst_cache cache; 40 struct ioam6_lwt_freq freq; 41 atomic_t pkt_cnt; 42 u8 mode; 43 bool has_tunsrc; 44 struct in6_addr tunsrc; 45 struct in6_addr tundst; 46 struct ioam6_lwt_encap tuninfo; 47 }; 48 49 static const struct netlink_range_validation freq_range = { 50 .min = IOAM6_IPTUNNEL_FREQ_MIN, 51 .max = IOAM6_IPTUNNEL_FREQ_MAX, 52 }; 53 54 static struct ioam6_lwt *ioam6_lwt_state(struct lwtunnel_state *lwt) 55 { 56 return (struct ioam6_lwt *)lwt->data; 57 } 58 59 static struct ioam6_lwt_encap *ioam6_lwt_info(struct lwtunnel_state *lwt) 60 { 61 return &ioam6_lwt_state(lwt)->tuninfo; 62 } 63 64 static struct ioam6_trace_hdr *ioam6_lwt_trace(struct lwtunnel_state *lwt) 65 { 66 return &(ioam6_lwt_state(lwt)->tuninfo.traceh); 67 } 68 69 static const struct nla_policy ioam6_iptunnel_policy[IOAM6_IPTUNNEL_MAX + 1] = { 70 [IOAM6_IPTUNNEL_FREQ_K] = NLA_POLICY_FULL_RANGE(NLA_U32, &freq_range), 71 [IOAM6_IPTUNNEL_FREQ_N] = NLA_POLICY_FULL_RANGE(NLA_U32, &freq_range), 72 [IOAM6_IPTUNNEL_MODE] = NLA_POLICY_RANGE(NLA_U8, 73 IOAM6_IPTUNNEL_MODE_MIN, 74 IOAM6_IPTUNNEL_MODE_MAX), 75 [IOAM6_IPTUNNEL_SRC] = NLA_POLICY_EXACT_LEN(sizeof(struct in6_addr)), 76 [IOAM6_IPTUNNEL_DST] = NLA_POLICY_EXACT_LEN(sizeof(struct in6_addr)), 77 [IOAM6_IPTUNNEL_TRACE] = NLA_POLICY_EXACT_LEN( 78 sizeof(struct ioam6_trace_hdr)), 79 }; 80 81 static bool ioam6_validate_trace_hdr(struct ioam6_trace_hdr *trace) 82 { 83 u32 fields; 84 85 if (!trace->type_be32 || !trace->remlen || 86 trace->remlen > IOAM6_TRACE_DATA_SIZE_MAX / 4 || 87 trace->type.bit12 | trace->type.bit13 | trace->type.bit14 | 88 trace->type.bit15 | trace->type.bit16 | trace->type.bit17 | 89 trace->type.bit18 | trace->type.bit19 | trace->type.bit20 | 90 trace->type.bit21 | trace->type.bit23) 91 return false; 92 93 fields = be32_to_cpu(trace->type_be32); 94 trace->nodelen = ioam6_trace_compute_nodelen(fields); 95 96 return true; 97 } 98 99 static int ioam6_build_state(struct net *net, struct nlattr *nla, 100 unsigned int family, const void *cfg, 101 struct lwtunnel_state **ts, 102 struct netlink_ext_ack *extack) 103 { 104 struct nlattr *tb[IOAM6_IPTUNNEL_MAX + 1]; 105 struct ioam6_lwt_encap *tuninfo; 106 struct ioam6_trace_hdr *trace; 107 struct lwtunnel_state *lwt; 108 struct ioam6_lwt *ilwt; 109 int len_aligned, err; 110 u32 freq_k, freq_n; 111 u8 mode; 112 113 if (family != AF_INET6) 114 return -EINVAL; 115 116 err = nla_parse_nested(tb, IOAM6_IPTUNNEL_MAX, nla, 117 ioam6_iptunnel_policy, extack); 118 if (err < 0) 119 return err; 120 121 if ((!tb[IOAM6_IPTUNNEL_FREQ_K] && tb[IOAM6_IPTUNNEL_FREQ_N]) || 122 (tb[IOAM6_IPTUNNEL_FREQ_K] && !tb[IOAM6_IPTUNNEL_FREQ_N])) { 123 NL_SET_ERR_MSG(extack, "freq: missing parameter"); 124 return -EINVAL; 125 } else if (!tb[IOAM6_IPTUNNEL_FREQ_K] && !tb[IOAM6_IPTUNNEL_FREQ_N]) { 126 freq_k = IOAM6_IPTUNNEL_FREQ_MIN; 127 freq_n = IOAM6_IPTUNNEL_FREQ_MIN; 128 } else { 129 freq_k = nla_get_u32(tb[IOAM6_IPTUNNEL_FREQ_K]); 130 freq_n = nla_get_u32(tb[IOAM6_IPTUNNEL_FREQ_N]); 131 132 if (freq_k > freq_n) { 133 NL_SET_ERR_MSG(extack, "freq: k > n is forbidden"); 134 return -EINVAL; 135 } 136 } 137 138 mode = nla_get_u8_default(tb[IOAM6_IPTUNNEL_MODE], 139 IOAM6_IPTUNNEL_MODE_INLINE); 140 141 if (tb[IOAM6_IPTUNNEL_SRC] && mode == IOAM6_IPTUNNEL_MODE_INLINE) { 142 NL_SET_ERR_MSG(extack, "no tunnel src expected with this mode"); 143 return -EINVAL; 144 } 145 146 if (!tb[IOAM6_IPTUNNEL_DST] && mode != IOAM6_IPTUNNEL_MODE_INLINE) { 147 NL_SET_ERR_MSG(extack, "this mode needs a tunnel destination"); 148 return -EINVAL; 149 } 150 151 if (!tb[IOAM6_IPTUNNEL_TRACE]) { 152 NL_SET_ERR_MSG(extack, "missing trace"); 153 return -EINVAL; 154 } 155 156 trace = nla_data(tb[IOAM6_IPTUNNEL_TRACE]); 157 if (!ioam6_validate_trace_hdr(trace)) { 158 NL_SET_ERR_MSG_ATTR(extack, tb[IOAM6_IPTUNNEL_TRACE], 159 "invalid trace validation"); 160 return -EINVAL; 161 } 162 163 len_aligned = ALIGN(trace->remlen * 4, 8); 164 lwt = lwtunnel_state_alloc(sizeof(*ilwt) + len_aligned); 165 if (!lwt) 166 return -ENOMEM; 167 168 ilwt = ioam6_lwt_state(lwt); 169 err = dst_cache_init(&ilwt->cache, GFP_ATOMIC); 170 if (err) 171 goto free_lwt; 172 173 /* This "fake" dst_entry will be stored in a dst_cache, which will call 174 * dst_hold() and dst_release() on it. We must ensure that dst_destroy() 175 * will never be called. For that, its initial refcount is 1 and +1 when 176 * it is stored in the cache. Then, +1/-1 each time we read the cache 177 * and release it. Long story short, we're fine. 178 */ 179 dst_init(&ilwt->null_dst, NULL, NULL, DST_OBSOLETE_NONE, DST_NOCOUNT); 180 181 atomic_set(&ilwt->pkt_cnt, 0); 182 ilwt->freq.k = freq_k; 183 ilwt->freq.n = freq_n; 184 185 ilwt->mode = mode; 186 187 if (!tb[IOAM6_IPTUNNEL_SRC]) { 188 ilwt->has_tunsrc = false; 189 } else { 190 ilwt->has_tunsrc = true; 191 ilwt->tunsrc = nla_get_in6_addr(tb[IOAM6_IPTUNNEL_SRC]); 192 193 if (ipv6_addr_any(&ilwt->tunsrc)) { 194 NL_SET_ERR_MSG_ATTR(extack, tb[IOAM6_IPTUNNEL_SRC], 195 "invalid tunnel source address"); 196 err = -EINVAL; 197 goto free_cache; 198 } 199 } 200 201 if (tb[IOAM6_IPTUNNEL_DST]) { 202 ilwt->tundst = nla_get_in6_addr(tb[IOAM6_IPTUNNEL_DST]); 203 204 if (ipv6_addr_any(&ilwt->tundst)) { 205 NL_SET_ERR_MSG_ATTR(extack, tb[IOAM6_IPTUNNEL_DST], 206 "invalid tunnel dest address"); 207 err = -EINVAL; 208 goto free_cache; 209 } 210 } 211 212 tuninfo = ioam6_lwt_info(lwt); 213 tuninfo->eh.hdrlen = ((sizeof(*tuninfo) + len_aligned) >> 3) - 1; 214 tuninfo->pad[0] = IPV6_TLV_PADN; 215 tuninfo->ioamh.type = IOAM6_TYPE_PREALLOC; 216 tuninfo->ioamh.opt_type = IPV6_TLV_IOAM; 217 tuninfo->ioamh.opt_len = sizeof(tuninfo->ioamh) - 2 + sizeof(*trace) 218 + trace->remlen * 4; 219 220 memcpy(&tuninfo->traceh, trace, sizeof(*trace)); 221 222 if (len_aligned - trace->remlen * 4) { 223 tuninfo->traceh.data[trace->remlen * 4] = IPV6_TLV_PADN; 224 tuninfo->traceh.data[trace->remlen * 4 + 1] = 2; 225 } 226 227 lwt->type = LWTUNNEL_ENCAP_IOAM6; 228 lwt->flags |= LWTUNNEL_STATE_OUTPUT_REDIRECT; 229 230 *ts = lwt; 231 232 return 0; 233 free_cache: 234 dst_cache_destroy(&ilwt->cache); 235 free_lwt: 236 kfree(lwt); 237 return err; 238 } 239 240 static int ioam6_do_fill(struct net *net, struct sk_buff *skb) 241 { 242 struct ioam6_trace_hdr *trace; 243 struct ioam6_namespace *ns; 244 245 trace = (struct ioam6_trace_hdr *)(skb_transport_header(skb) 246 + sizeof(struct ipv6_hopopt_hdr) + 2 247 + sizeof(struct ioam6_hdr)); 248 249 ns = ioam6_namespace(net, trace->namespace_id); 250 if (ns) 251 ioam6_fill_trace_data(skb, ns, trace, false); 252 253 return 0; 254 } 255 256 static int ioam6_do_inline(struct net *net, struct sk_buff *skb, 257 struct ioam6_lwt_encap *tuninfo, 258 struct dst_entry *cache_dst) 259 { 260 struct ipv6hdr *oldhdr, *hdr; 261 int hdrlen, err; 262 263 hdrlen = (tuninfo->eh.hdrlen + 1) << 3; 264 265 err = skb_cow_head(skb, hdrlen + dst_dev_overhead(cache_dst, skb)); 266 if (unlikely(err)) 267 return err; 268 269 oldhdr = ipv6_hdr(skb); 270 skb_pull(skb, sizeof(*oldhdr)); 271 skb_postpull_rcsum(skb, skb_network_header(skb), sizeof(*oldhdr)); 272 273 skb_push(skb, sizeof(*oldhdr) + hdrlen); 274 skb_reset_network_header(skb); 275 skb_mac_header_rebuild(skb); 276 277 hdr = ipv6_hdr(skb); 278 memmove(hdr, oldhdr, sizeof(*oldhdr)); 279 tuninfo->eh.nexthdr = hdr->nexthdr; 280 281 skb_set_transport_header(skb, sizeof(*hdr)); 282 skb_postpush_rcsum(skb, hdr, sizeof(*hdr) + hdrlen); 283 284 memcpy(skb_transport_header(skb), (u8 *)tuninfo, hdrlen); 285 286 hdr->nexthdr = NEXTHDR_HOP; 287 hdr->payload_len = cpu_to_be16(skb->len - sizeof(*hdr)); 288 289 return ioam6_do_fill(net, skb); 290 } 291 292 static int ioam6_do_encap(struct net *net, struct sk_buff *skb, 293 struct ioam6_lwt_encap *tuninfo, 294 bool has_tunsrc, 295 struct in6_addr *tunsrc, 296 struct in6_addr *tundst, 297 struct dst_entry *cache_dst) 298 { 299 struct dst_entry *dst = skb_dst(skb); 300 struct ipv6hdr *hdr, *inner_hdr; 301 int hdrlen, len, err; 302 303 hdrlen = (tuninfo->eh.hdrlen + 1) << 3; 304 len = sizeof(*hdr) + hdrlen; 305 306 err = skb_cow_head(skb, len + dst_dev_overhead(cache_dst, skb)); 307 if (unlikely(err)) 308 return err; 309 310 inner_hdr = ipv6_hdr(skb); 311 312 skb_push(skb, len); 313 skb_reset_network_header(skb); 314 skb_mac_header_rebuild(skb); 315 skb_set_transport_header(skb, sizeof(*hdr)); 316 317 tuninfo->eh.nexthdr = NEXTHDR_IPV6; 318 memcpy(skb_transport_header(skb), (u8 *)tuninfo, hdrlen); 319 320 hdr = ipv6_hdr(skb); 321 memcpy(hdr, inner_hdr, sizeof(*hdr)); 322 323 hdr->nexthdr = NEXTHDR_HOP; 324 hdr->payload_len = cpu_to_be16(skb->len - sizeof(*hdr)); 325 hdr->daddr = *tundst; 326 327 if (has_tunsrc) 328 memcpy(&hdr->saddr, tunsrc, sizeof(*tunsrc)); 329 else 330 ipv6_dev_get_saddr(net, dst_dev(dst), &hdr->daddr, 331 IPV6_PREFER_SRC_PUBLIC, &hdr->saddr); 332 333 skb_postpush_rcsum(skb, hdr, len); 334 335 return ioam6_do_fill(net, skb); 336 } 337 338 static int ioam6_output(struct net *net, struct sock *sk, struct sk_buff *skb) 339 { 340 struct dst_entry *orig_dst = skb_dst(skb); 341 struct dst_entry *dst = NULL; 342 struct ioam6_lwt *ilwt; 343 int err = -EINVAL; 344 u32 pkt_cnt; 345 346 if (skb->protocol != htons(ETH_P_IPV6)) 347 goto drop; 348 349 ilwt = ioam6_lwt_state(orig_dst->lwtstate); 350 351 /* Check for insertion frequency (i.e., "k over n" insertions) */ 352 pkt_cnt = atomic_fetch_inc(&ilwt->pkt_cnt); 353 if (pkt_cnt % ilwt->freq.n >= ilwt->freq.k) 354 goto out; 355 356 local_bh_disable(); 357 dst = dst_cache_get(&ilwt->cache); 358 local_bh_enable(); 359 360 /* This is how we notify that the destination does not change after 361 * transformation and that we need to use orig_dst instead of the cache 362 */ 363 if (dst == &ilwt->null_dst) { 364 dst_release(dst); 365 366 dst = orig_dst; 367 /* keep refcount balance: dst_release() is called at the end */ 368 dst_hold(dst); 369 } 370 371 switch (ilwt->mode) { 372 case IOAM6_IPTUNNEL_MODE_INLINE: 373 do_inline: 374 /* Direct insertion - if there is no Hop-by-Hop yet */ 375 if (ipv6_hdr(skb)->nexthdr == NEXTHDR_HOP) 376 goto out; 377 378 err = ioam6_do_inline(net, skb, &ilwt->tuninfo, dst); 379 if (unlikely(err)) 380 goto drop; 381 382 break; 383 case IOAM6_IPTUNNEL_MODE_ENCAP: 384 do_encap: 385 /* Encapsulation (ip6ip6) */ 386 err = ioam6_do_encap(net, skb, &ilwt->tuninfo, 387 ilwt->has_tunsrc, &ilwt->tunsrc, 388 &ilwt->tundst, dst); 389 if (unlikely(err)) 390 goto drop; 391 392 break; 393 case IOAM6_IPTUNNEL_MODE_AUTO: 394 /* Automatic (RFC8200 compliant): 395 * - local packets -> INLINE mode 396 * - in-transit packets -> ENCAP mode 397 */ 398 if (!skb->dev) 399 goto do_inline; 400 401 goto do_encap; 402 default: 403 goto drop; 404 } 405 406 if (unlikely(!dst)) { 407 struct ipv6hdr *hdr = ipv6_hdr(skb); 408 struct flowi6 fl6; 409 410 memset(&fl6, 0, sizeof(fl6)); 411 fl6.daddr = hdr->daddr; 412 fl6.saddr = hdr->saddr; 413 fl6.flowlabel = ip6_flowinfo(hdr); 414 fl6.flowi6_mark = skb->mark; 415 fl6.flowi6_proto = hdr->nexthdr; 416 417 dst = ip6_route_output(net, NULL, &fl6); 418 if (dst->error) { 419 err = dst->error; 420 goto drop; 421 } 422 423 /* If the destination is the same after transformation (which is 424 * a valid use case for IOAM), then we don't want to add it to 425 * the cache in order to avoid a reference loop. Instead, we add 426 * our fake dst_entry to the cache as a way to detect this case. 427 * Otherwise, we add the resolved destination to the cache. 428 */ 429 local_bh_disable(); 430 if (orig_dst->lwtstate == dst->lwtstate) 431 dst_cache_set_ip6(&ilwt->cache, 432 &ilwt->null_dst, &fl6.saddr); 433 else 434 dst_cache_set_ip6(&ilwt->cache, dst, &fl6.saddr); 435 local_bh_enable(); 436 437 err = skb_cow_head(skb, LL_RESERVED_SPACE(dst_dev(dst))); 438 if (unlikely(err)) 439 goto drop; 440 } 441 442 /* avoid lwtunnel_output() reentry loop when destination is the same 443 * after transformation (e.g., with the inline mode) 444 */ 445 if (orig_dst->lwtstate != dst->lwtstate) { 446 skb_dst_drop(skb); 447 skb_dst_set(skb, dst); 448 return dst_output(net, sk, skb); 449 } 450 out: 451 dst_release(dst); 452 return orig_dst->lwtstate->orig_output(net, sk, skb); 453 drop: 454 dst_release(dst); 455 kfree_skb(skb); 456 return err; 457 } 458 459 static void ioam6_destroy_state(struct lwtunnel_state *lwt) 460 { 461 /* Since the refcount of per-cpu dst_entry caches will never be 0 (see 462 * why above) when our "fake" dst_entry is used, it is not necessary to 463 * remove them before calling dst_cache_destroy() 464 */ 465 dst_cache_destroy(&ioam6_lwt_state(lwt)->cache); 466 } 467 468 static int ioam6_fill_encap_info(struct sk_buff *skb, 469 struct lwtunnel_state *lwtstate) 470 { 471 struct ioam6_lwt *ilwt = ioam6_lwt_state(lwtstate); 472 int err; 473 474 err = nla_put_u32(skb, IOAM6_IPTUNNEL_FREQ_K, ilwt->freq.k); 475 if (err) 476 goto ret; 477 478 err = nla_put_u32(skb, IOAM6_IPTUNNEL_FREQ_N, ilwt->freq.n); 479 if (err) 480 goto ret; 481 482 err = nla_put_u8(skb, IOAM6_IPTUNNEL_MODE, ilwt->mode); 483 if (err) 484 goto ret; 485 486 if (ilwt->mode != IOAM6_IPTUNNEL_MODE_INLINE) { 487 if (ilwt->has_tunsrc) { 488 err = nla_put_in6_addr(skb, IOAM6_IPTUNNEL_SRC, 489 &ilwt->tunsrc); 490 if (err) 491 goto ret; 492 } 493 494 err = nla_put_in6_addr(skb, IOAM6_IPTUNNEL_DST, &ilwt->tundst); 495 if (err) 496 goto ret; 497 } 498 499 err = nla_put(skb, IOAM6_IPTUNNEL_TRACE, sizeof(ilwt->tuninfo.traceh), 500 &ilwt->tuninfo.traceh); 501 ret: 502 return err; 503 } 504 505 static int ioam6_encap_nlsize(struct lwtunnel_state *lwtstate) 506 { 507 struct ioam6_lwt *ilwt = ioam6_lwt_state(lwtstate); 508 int nlsize; 509 510 nlsize = nla_total_size(sizeof(ilwt->freq.k)) + 511 nla_total_size(sizeof(ilwt->freq.n)) + 512 nla_total_size(sizeof(ilwt->mode)) + 513 nla_total_size(sizeof(ilwt->tuninfo.traceh)); 514 515 if (ilwt->mode != IOAM6_IPTUNNEL_MODE_INLINE) { 516 if (ilwt->has_tunsrc) 517 nlsize += nla_total_size(sizeof(ilwt->tunsrc)); 518 519 nlsize += nla_total_size(sizeof(ilwt->tundst)); 520 } 521 522 return nlsize; 523 } 524 525 static int ioam6_encap_cmp(struct lwtunnel_state *a, struct lwtunnel_state *b) 526 { 527 struct ioam6_trace_hdr *trace_a = ioam6_lwt_trace(a); 528 struct ioam6_trace_hdr *trace_b = ioam6_lwt_trace(b); 529 struct ioam6_lwt *ilwt_a = ioam6_lwt_state(a); 530 struct ioam6_lwt *ilwt_b = ioam6_lwt_state(b); 531 532 return (ilwt_a->freq.k != ilwt_b->freq.k || 533 ilwt_a->freq.n != ilwt_b->freq.n || 534 ilwt_a->mode != ilwt_b->mode || 535 ilwt_a->has_tunsrc != ilwt_b->has_tunsrc || 536 (ilwt_a->mode != IOAM6_IPTUNNEL_MODE_INLINE && 537 !ipv6_addr_equal(&ilwt_a->tundst, &ilwt_b->tundst)) || 538 (ilwt_a->mode != IOAM6_IPTUNNEL_MODE_INLINE && 539 ilwt_a->has_tunsrc && 540 !ipv6_addr_equal(&ilwt_a->tunsrc, &ilwt_b->tunsrc)) || 541 trace_a->namespace_id != trace_b->namespace_id); 542 } 543 544 static const struct lwtunnel_encap_ops ioam6_iptun_ops = { 545 .build_state = ioam6_build_state, 546 .destroy_state = ioam6_destroy_state, 547 .output = ioam6_output, 548 .fill_encap = ioam6_fill_encap_info, 549 .get_encap_size = ioam6_encap_nlsize, 550 .cmp_encap = ioam6_encap_cmp, 551 .owner = THIS_MODULE, 552 }; 553 554 int __init ioam6_iptunnel_init(void) 555 { 556 return lwtunnel_encap_add_ops(&ioam6_iptun_ops, LWTUNNEL_ENCAP_IOAM6); 557 } 558 559 void ioam6_iptunnel_exit(void) 560 { 561 lwtunnel_encap_del_ops(&ioam6_iptun_ops, LWTUNNEL_ENCAP_IOAM6); 562 } 563