2005-04-16 22:20:36 +00:00
|
|
|
/*
|
|
|
|
|
* IPv6 over IPv4 tunnel device - Simple Internet Transition (SIT)
|
|
|
|
|
* Linux INET6 implementation
|
|
|
|
|
*
|
|
|
|
|
* Authors:
|
2007-02-09 14:24:49 +00:00
|
|
|
* Pedro Roque <roque@di.fc.ul.pt>
|
2005-04-16 22:20:36 +00:00
|
|
|
* Alexey Kuznetsov <kuznet@ms2.inr.ac.ru>
|
|
|
|
|
*
|
|
|
|
|
* This program is free software; you can redistribute it and/or
|
|
|
|
|
* modify it under the terms of the GNU General Public License
|
|
|
|
|
* as published by the Free Software Foundation; either version
|
|
|
|
|
* 2 of the License, or (at your option) any later version.
|
|
|
|
|
*
|
|
|
|
|
* Changes:
|
|
|
|
|
* Roger Venning <r.venning@telstra.com>: 6to4 support
|
|
|
|
|
* Nate Thompson <nate@thebog.net>: 6to4 support
|
2008-03-11 22:35:59 +00:00
|
|
|
* Fred Templin <fred.l.templin@boeing.com>: isatap support
|
2005-04-16 22:20:36 +00:00
|
|
|
*/
|
|
|
|
|
|
2012-05-15 14:11:53 +00:00
|
|
|
#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
|
|
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
#include <linux/module.h>
|
2006-01-11 20:17:47 +00:00
|
|
|
#include <linux/capability.h>
|
2005-04-16 22:20:36 +00:00
|
|
|
#include <linux/errno.h>
|
|
|
|
|
#include <linux/types.h>
|
|
|
|
|
#include <linux/socket.h>
|
|
|
|
|
#include <linux/sockios.h>
|
|
|
|
|
#include <linux/net.h>
|
|
|
|
|
#include <linux/in6.h>
|
|
|
|
|
#include <linux/netdevice.h>
|
|
|
|
|
#include <linux/if_arp.h>
|
|
|
|
|
#include <linux/icmp.h>
|
include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h
percpu.h is included by sched.h and module.h and thus ends up being
included when building most .c files. percpu.h includes slab.h which
in turn includes gfp.h making everything defined by the two files
universally available and complicating inclusion dependencies.
percpu.h -> slab.h dependency is about to be removed. Prepare for
this change by updating users of gfp and slab facilities include those
headers directly instead of assuming availability. As this conversion
needs to touch large number of source files, the following script is
used as the basis of conversion.
http://userweb.kernel.org/~tj/misc/slabh-sweep.py
The script does the followings.
* Scan files for gfp and slab usages and update includes such that
only the necessary includes are there. ie. if only gfp is used,
gfp.h, if slab is used, slab.h.
* When the script inserts a new include, it looks at the include
blocks and try to put the new include such that its order conforms
to its surrounding. It's put in the include block which contains
core kernel includes, in the same order that the rest are ordered -
alphabetical, Christmas tree, rev-Xmas-tree or at the end if there
doesn't seem to be any matching order.
* If the script can't find a place to put a new include (mostly
because the file doesn't have fitting include block), it prints out
an error message indicating which .h file needs to be added to the
file.
The conversion was done in the following steps.
1. The initial automatic conversion of all .c files updated slightly
over 4000 files, deleting around 700 includes and adding ~480 gfp.h
and ~3000 slab.h inclusions. The script emitted errors for ~400
files.
2. Each error was manually checked. Some didn't need the inclusion,
some needed manual addition while adding it to implementation .h or
embedding .c file was more appropriate for others. This step added
inclusions to around 150 files.
3. The script was run again and the output was compared to the edits
from #2 to make sure no file was left behind.
4. Several build tests were done and a couple of problems were fixed.
e.g. lib/decompress_*.c used malloc/free() wrappers around slab
APIs requiring slab.h to be added manually.
5. The script was run on all .h files but without automatically
editing them as sprinkling gfp.h and slab.h inclusions around .h
files could easily lead to inclusion dependency hell. Most gfp.h
inclusion directives were ignored as stuff from gfp.h was usually
wildly available and often used in preprocessor macros. Each
slab.h inclusion directive was examined and added manually as
necessary.
6. percpu.h was updated not to include slab.h.
7. Build test were done on the following configurations and failures
were fixed. CONFIG_GCOV_KERNEL was turned off for all tests (as my
distributed build env didn't work with gcov compiles) and a few
more options had to be turned off depending on archs to make things
build (like ipr on powerpc/64 which failed due to missing writeq).
* x86 and x86_64 UP and SMP allmodconfig and a custom test config.
* powerpc and powerpc64 SMP allmodconfig
* sparc and sparc64 SMP allmodconfig
* ia64 SMP allmodconfig
* s390 SMP allmodconfig
* alpha SMP allmodconfig
* um on x86_64 SMP allmodconfig
8. percpu.h modifications were reverted so that it could be applied as
a separate patch and serve as bisection point.
Given the fact that I had only a couple of failures from tests on step
6, I'm fairly confident about the coverage of this conversion patch.
If there is a breakage, it's likely to be something in one of the arch
headers which should be easily discoverable easily on most builds of
the specific arch.
Signed-off-by: Tejun Heo <tj@kernel.org>
Guess-its-ok-by: Christoph Lameter <cl@linux-foundation.org>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Lee Schermerhorn <Lee.Schermerhorn@hp.com>
2010-03-24 08:04:11 +00:00
|
|
|
#include <linux/slab.h>
|
2005-04-16 22:20:36 +00:00
|
|
|
#include <asm/uaccess.h>
|
|
|
|
|
#include <linux/init.h>
|
|
|
|
|
#include <linux/netfilter_ipv4.h>
|
2006-01-06 00:35:42 +00:00
|
|
|
#include <linux/if_ether.h>
|
2005-04-16 22:20:36 +00:00
|
|
|
|
|
|
|
|
#include <net/sock.h>
|
|
|
|
|
#include <net/snmp.h>
|
|
|
|
|
|
|
|
|
|
#include <net/ipv6.h>
|
|
|
|
|
#include <net/protocol.h>
|
|
|
|
|
#include <net/transp_v6.h>
|
|
|
|
|
#include <net/ip6_fib.h>
|
|
|
|
|
#include <net/ip6_route.h>
|
|
|
|
|
#include <net/ndisc.h>
|
|
|
|
|
#include <net/addrconf.h>
|
|
|
|
|
#include <net/ip.h>
|
|
|
|
|
#include <net/udp.h>
|
|
|
|
|
#include <net/icmp.h>
|
2013-03-25 14:49:35 +00:00
|
|
|
#include <net/ip_tunnels.h>
|
2005-04-16 22:20:36 +00:00
|
|
|
#include <net/inet_ecn.h>
|
|
|
|
|
#include <net/xfrm.h>
|
|
|
|
|
#include <net/dsfield.h>
|
2008-04-16 08:15:17 +00:00
|
|
|
#include <net/net_namespace.h>
|
|
|
|
|
#include <net/netns/generic.h>
|
2005-04-16 22:20:36 +00:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
This version of net/ipv6/sit.c is cloned of net/ipv4/ip_gre.c
|
|
|
|
|
|
|
|
|
|
For comments look at net/ipv4/ip_gre.c --ANK
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
#define HASH_SIZE 16
|
2006-11-15 04:56:00 +00:00
|
|
|
#define HASH(addr) (((__force u32)addr^((__force u32)addr>>4))&0xF)
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2012-11-27 03:07:11 +00:00
|
|
|
static bool log_ecn_error = true;
|
|
|
|
|
module_param(log_ecn_error, bool, 0644);
|
|
|
|
|
MODULE_PARM_DESC(log_ecn_error, "Log packets received with corrupted ECN");
|
|
|
|
|
|
2010-09-27 00:38:18 +00:00
|
|
|
static int ipip6_tunnel_init(struct net_device *dev);
|
2005-04-16 22:20:36 +00:00
|
|
|
static void ipip6_tunnel_setup(struct net_device *dev);
|
2010-09-27 00:38:18 +00:00
|
|
|
static void ipip6_dev_free(struct net_device *dev);
|
2013-01-29 08:24:25 +00:00
|
|
|
static bool check_6rd(struct ip_tunnel *tunnel, const struct in6_addr *v6dst,
|
|
|
|
|
__be32 *v4dst);
|
2012-11-09 06:10:00 +00:00
|
|
|
static struct rtnl_link_ops sit_link_ops __read_mostly;
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2009-11-17 10:42:49 +00:00
|
|
|
static int sit_net_id __read_mostly;
|
2008-04-16 08:15:17 +00:00
|
|
|
struct sit_net {
|
2010-09-15 11:35:10 +00:00
|
|
|
struct ip_tunnel __rcu *tunnels_r_l[HASH_SIZE];
|
|
|
|
|
struct ip_tunnel __rcu *tunnels_r[HASH_SIZE];
|
|
|
|
|
struct ip_tunnel __rcu *tunnels_l[HASH_SIZE];
|
|
|
|
|
struct ip_tunnel __rcu *tunnels_wc[1];
|
|
|
|
|
struct ip_tunnel __rcu **tunnels[4];
|
2008-04-16 08:16:38 +00:00
|
|
|
|
2008-04-16 08:16:18 +00:00
|
|
|
struct net_device *fb_tunnel_dev;
|
2008-04-16 08:15:17 +00:00
|
|
|
};
|
|
|
|
|
|
2009-10-23 17:52:14 +00:00
|
|
|
/*
|
|
|
|
|
* Must be invoked with rcu_read_lock
|
|
|
|
|
*/
|
2012-04-01 07:49:01 +00:00
|
|
|
static struct ip_tunnel *ipip6_tunnel_lookup(struct net *net,
|
2009-05-19 12:56:49 +00:00
|
|
|
struct net_device *dev, __be32 remote, __be32 local)
|
2005-04-16 22:20:36 +00:00
|
|
|
{
|
2010-09-15 11:35:10 +00:00
|
|
|
unsigned int h0 = HASH(remote);
|
|
|
|
|
unsigned int h1 = HASH(local);
|
2005-04-16 22:20:36 +00:00
|
|
|
struct ip_tunnel *t;
|
2008-04-16 08:16:38 +00:00
|
|
|
struct sit_net *sitn = net_generic(net, sit_net_id);
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2012-11-11 21:52:34 +00:00
|
|
|
for_each_ip_tunnel_rcu(t, sitn->tunnels_r_l[h0 ^ h1]) {
|
2005-04-16 22:20:36 +00:00
|
|
|
if (local == t->parms.iph.saddr &&
|
2009-05-19 12:56:49 +00:00
|
|
|
remote == t->parms.iph.daddr &&
|
2014-08-14 12:27:20 +00:00
|
|
|
(!dev || !t->parms.link || dev->ifindex == t->parms.link) &&
|
2009-05-19 12:56:49 +00:00
|
|
|
(t->dev->flags & IFF_UP))
|
2005-04-16 22:20:36 +00:00
|
|
|
return t;
|
|
|
|
|
}
|
2012-11-11 21:52:34 +00:00
|
|
|
for_each_ip_tunnel_rcu(t, sitn->tunnels_r[h0]) {
|
2009-05-19 12:56:49 +00:00
|
|
|
if (remote == t->parms.iph.daddr &&
|
2014-08-14 12:27:20 +00:00
|
|
|
(!dev || !t->parms.link || dev->ifindex == t->parms.link) &&
|
2009-05-19 12:56:49 +00:00
|
|
|
(t->dev->flags & IFF_UP))
|
2005-04-16 22:20:36 +00:00
|
|
|
return t;
|
|
|
|
|
}
|
2012-11-11 21:52:34 +00:00
|
|
|
for_each_ip_tunnel_rcu(t, sitn->tunnels_l[h1]) {
|
2009-05-19 12:56:49 +00:00
|
|
|
if (local == t->parms.iph.saddr &&
|
2014-08-14 12:27:20 +00:00
|
|
|
(!dev || !t->parms.link || dev->ifindex == t->parms.link) &&
|
2009-05-19 12:56:49 +00:00
|
|
|
(t->dev->flags & IFF_UP))
|
2005-04-16 22:20:36 +00:00
|
|
|
return t;
|
|
|
|
|
}
|
2009-10-23 17:52:14 +00:00
|
|
|
t = rcu_dereference(sitn->tunnels_wc[0]);
|
2009-05-19 12:56:49 +00:00
|
|
|
if ((t != NULL) && (t->dev->flags & IFF_UP))
|
2005-04-16 22:20:36 +00:00
|
|
|
return t;
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
2010-09-15 11:35:10 +00:00
|
|
|
static struct ip_tunnel __rcu **__ipip6_bucket(struct sit_net *sitn,
|
2008-04-16 08:15:39 +00:00
|
|
|
struct ip_tunnel_parm *parms)
|
2005-04-16 22:20:36 +00:00
|
|
|
{
|
2007-04-24 11:44:47 +00:00
|
|
|
__be32 remote = parms->iph.daddr;
|
|
|
|
|
__be32 local = parms->iph.saddr;
|
2010-09-15 11:35:10 +00:00
|
|
|
unsigned int h = 0;
|
2005-04-16 22:20:36 +00:00
|
|
|
int prio = 0;
|
|
|
|
|
|
|
|
|
|
if (remote) {
|
|
|
|
|
prio |= 2;
|
|
|
|
|
h ^= HASH(remote);
|
|
|
|
|
}
|
|
|
|
|
if (local) {
|
|
|
|
|
prio |= 1;
|
|
|
|
|
h ^= HASH(local);
|
|
|
|
|
}
|
2008-04-16 08:16:38 +00:00
|
|
|
return &sitn->tunnels[prio][h];
|
2005-04-16 22:20:36 +00:00
|
|
|
}
|
|
|
|
|
|
2010-09-15 11:35:10 +00:00
|
|
|
static inline struct ip_tunnel __rcu **ipip6_bucket(struct sit_net *sitn,
|
2008-04-16 08:15:39 +00:00
|
|
|
struct ip_tunnel *t)
|
2007-04-24 11:44:47 +00:00
|
|
|
{
|
2008-04-16 08:15:39 +00:00
|
|
|
return __ipip6_bucket(sitn, &t->parms);
|
2007-04-24 11:44:47 +00:00
|
|
|
}
|
|
|
|
|
|
2008-04-16 08:15:39 +00:00
|
|
|
static void ipip6_tunnel_unlink(struct sit_net *sitn, struct ip_tunnel *t)
|
2005-04-16 22:20:36 +00:00
|
|
|
{
|
2010-09-15 11:35:10 +00:00
|
|
|
struct ip_tunnel __rcu **tp;
|
|
|
|
|
struct ip_tunnel *iter;
|
|
|
|
|
|
|
|
|
|
for (tp = ipip6_bucket(sitn, t);
|
|
|
|
|
(iter = rtnl_dereference(*tp)) != NULL;
|
|
|
|
|
tp = &iter->next) {
|
|
|
|
|
if (t == iter) {
|
2012-01-12 04:41:32 +00:00
|
|
|
rcu_assign_pointer(*tp, t->next);
|
2005-04-16 22:20:36 +00:00
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2008-04-16 08:15:39 +00:00
|
|
|
static void ipip6_tunnel_link(struct sit_net *sitn, struct ip_tunnel *t)
|
2005-04-16 22:20:36 +00:00
|
|
|
{
|
2010-09-15 11:35:10 +00:00
|
|
|
struct ip_tunnel __rcu **tp = ipip6_bucket(sitn, t);
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2012-01-12 04:41:32 +00:00
|
|
|
rcu_assign_pointer(t->next, rtnl_dereference(*tp));
|
|
|
|
|
rcu_assign_pointer(*tp, t);
|
2005-04-16 22:20:36 +00:00
|
|
|
}
|
|
|
|
|
|
2009-10-11 03:31:34 +00:00
|
|
|
static void ipip6_tunnel_clone_6rd(struct net_device *dev, struct sit_net *sitn)
|
2009-09-22 23:43:14 +00:00
|
|
|
{
|
|
|
|
|
#ifdef CONFIG_IPV6_SIT_6RD
|
2009-10-11 03:31:34 +00:00
|
|
|
struct ip_tunnel *t = netdev_priv(dev);
|
|
|
|
|
|
2009-09-22 23:43:14 +00:00
|
|
|
if (t->dev == sitn->fb_tunnel_dev) {
|
|
|
|
|
ipv6_addr_set(&t->ip6rd.prefix, htonl(0x20020000), 0, 0, 0);
|
|
|
|
|
t->ip6rd.relay_prefix = 0;
|
|
|
|
|
t->ip6rd.prefixlen = 16;
|
|
|
|
|
t->ip6rd.relay_prefixlen = 0;
|
|
|
|
|
} else {
|
|
|
|
|
struct ip_tunnel *t0 = netdev_priv(sitn->fb_tunnel_dev);
|
|
|
|
|
memcpy(&t->ip6rd, &t0->ip6rd, sizeof(t->ip6rd));
|
|
|
|
|
}
|
|
|
|
|
#endif
|
|
|
|
|
}
|
|
|
|
|
|
2012-11-14 05:14:07 +00:00
|
|
|
static int ipip6_tunnel_create(struct net_device *dev)
|
|
|
|
|
{
|
|
|
|
|
struct ip_tunnel *t = netdev_priv(dev);
|
|
|
|
|
struct net *net = dev_net(dev);
|
|
|
|
|
struct sit_net *sitn = net_generic(net, sit_net_id);
|
|
|
|
|
int err;
|
|
|
|
|
|
|
|
|
|
err = ipip6_tunnel_init(dev);
|
|
|
|
|
if (err < 0)
|
|
|
|
|
goto out;
|
|
|
|
|
ipip6_tunnel_clone_6rd(dev, sitn);
|
|
|
|
|
|
2012-11-15 04:06:41 +00:00
|
|
|
if ((__force u16)t->parms.i_flags & SIT_ISATAP)
|
2012-11-14 05:14:07 +00:00
|
|
|
dev->priv_flags |= IFF_ISATAP;
|
|
|
|
|
|
|
|
|
|
err = register_netdevice(dev);
|
|
|
|
|
if (err < 0)
|
|
|
|
|
goto out;
|
|
|
|
|
|
|
|
|
|
strcpy(t->parms.name, dev->name);
|
|
|
|
|
dev->rtnl_link_ops = &sit_link_ops;
|
|
|
|
|
|
|
|
|
|
dev_hold(dev);
|
|
|
|
|
|
|
|
|
|
ipip6_tunnel_link(sitn, t);
|
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
|
|
out:
|
|
|
|
|
return err;
|
|
|
|
|
}
|
|
|
|
|
|
2010-09-15 11:35:10 +00:00
|
|
|
static struct ip_tunnel *ipip6_tunnel_locate(struct net *net,
|
2008-04-16 08:15:39 +00:00
|
|
|
struct ip_tunnel_parm *parms, int create)
|
2005-04-16 22:20:36 +00:00
|
|
|
{
|
2006-11-15 04:56:00 +00:00
|
|
|
__be32 remote = parms->iph.daddr;
|
|
|
|
|
__be32 local = parms->iph.saddr;
|
2010-09-15 11:35:10 +00:00
|
|
|
struct ip_tunnel *t, *nt;
|
|
|
|
|
struct ip_tunnel __rcu **tp;
|
2005-04-16 22:20:36 +00:00
|
|
|
struct net_device *dev;
|
|
|
|
|
char name[IFNAMSIZ];
|
2008-04-16 08:15:39 +00:00
|
|
|
struct sit_net *sitn = net_generic(net, sit_net_id);
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2010-09-15 11:35:10 +00:00
|
|
|
for (tp = __ipip6_bucket(sitn, parms);
|
|
|
|
|
(t = rtnl_dereference(*tp)) != NULL;
|
|
|
|
|
tp = &t->next) {
|
2009-05-19 12:56:48 +00:00
|
|
|
if (local == t->parms.iph.saddr &&
|
2009-05-19 12:56:49 +00:00
|
|
|
remote == t->parms.iph.daddr &&
|
|
|
|
|
parms->link == t->parms.link) {
|
2009-05-19 12:56:48 +00:00
|
|
|
if (create)
|
|
|
|
|
return NULL;
|
|
|
|
|
else
|
|
|
|
|
return t;
|
|
|
|
|
}
|
2005-04-16 22:20:36 +00:00
|
|
|
}
|
|
|
|
|
if (!create)
|
|
|
|
|
goto failed;
|
|
|
|
|
|
2018-04-05 13:39:28 +00:00
|
|
|
if (parms->name[0]) {
|
|
|
|
|
if (!dev_valid_name(parms->name))
|
|
|
|
|
goto failed;
|
2005-04-16 22:20:36 +00:00
|
|
|
strlcpy(name, parms->name, IFNAMSIZ);
|
2018-04-05 13:39:28 +00:00
|
|
|
} else {
|
2010-09-27 00:38:18 +00:00
|
|
|
strcpy(name, "sit%d");
|
2018-04-05 13:39:28 +00:00
|
|
|
}
|
2005-04-16 22:20:36 +00:00
|
|
|
dev = alloc_netdev(sizeof(*t), name, ipip6_tunnel_setup);
|
|
|
|
|
if (dev == NULL)
|
|
|
|
|
return NULL;
|
|
|
|
|
|
2008-04-16 08:17:18 +00:00
|
|
|
dev_net_set(dev, net);
|
|
|
|
|
|
2006-01-09 06:05:26 +00:00
|
|
|
nt = netdev_priv(dev);
|
2008-11-21 04:33:56 +00:00
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
nt->parms = *parms;
|
2012-11-14 05:14:07 +00:00
|
|
|
if (ipip6_tunnel_create(dev) < 0)
|
[INET]: Don't create tunnels with '%' in name.
Four tunnel drivers (ip_gre, ipip, ip6_tunnel and sit) can receive a
pre-defined name for a device from the userspace. Since these drivers
call the register_netdevice() (rtnl_lock, is held), which does _not_
generate the device's name, this name may contain a '%' character.
Not sure how bad is this to have a device with a '%' in its name, but
all the other places either use the register_netdev(), which call the
dev_alloc_name(), or explicitly call the dev_alloc_name() before
registering, i.e. do not allow for such names.
This had to be prior to the commit 34cc7b, but I forgot to number the
patches and this one got lost, sorry.
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2008-02-27 07:51:04 +00:00
|
|
|
goto failed_free;
|
2005-04-16 22:20:36 +00:00
|
|
|
|
|
|
|
|
return nt;
|
|
|
|
|
|
[INET]: Don't create tunnels with '%' in name.
Four tunnel drivers (ip_gre, ipip, ip6_tunnel and sit) can receive a
pre-defined name for a device from the userspace. Since these drivers
call the register_netdevice() (rtnl_lock, is held), which does _not_
generate the device's name, this name may contain a '%' character.
Not sure how bad is this to have a device with a '%' in its name, but
all the other places either use the register_netdev(), which call the
dev_alloc_name(), or explicitly call the dev_alloc_name() before
registering, i.e. do not allow for such names.
This had to be prior to the commit 34cc7b, but I forgot to number the
patches and this one got lost, sorry.
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2008-02-27 07:51:04 +00:00
|
|
|
failed_free:
|
2010-09-27 00:38:18 +00:00
|
|
|
ipip6_dev_free(dev);
|
2005-04-16 22:20:36 +00:00
|
|
|
failed:
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
2009-10-23 17:51:26 +00:00
|
|
|
#define for_each_prl_rcu(start) \
|
|
|
|
|
for (prl = rcu_dereference(start); \
|
|
|
|
|
prl; \
|
|
|
|
|
prl = rcu_dereference(prl->next))
|
|
|
|
|
|
2008-03-11 22:35:59 +00:00
|
|
|
static struct ip_tunnel_prl_entry *
|
2008-03-22 08:42:57 +00:00
|
|
|
__ipip6_tunnel_locate_prl(struct ip_tunnel *t, __be32 addr)
|
2008-03-11 22:35:59 +00:00
|
|
|
{
|
2009-10-23 17:51:26 +00:00
|
|
|
struct ip_tunnel_prl_entry *prl;
|
2008-03-11 22:35:59 +00:00
|
|
|
|
2009-10-23 17:51:26 +00:00
|
|
|
for_each_prl_rcu(t->prl)
|
|
|
|
|
if (prl->addr == addr)
|
2008-03-11 22:35:59 +00:00
|
|
|
break;
|
2009-10-23 17:51:26 +00:00
|
|
|
return prl;
|
2008-03-11 22:35:59 +00:00
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
2008-06-16 23:48:20 +00:00
|
|
|
static int ipip6_tunnel_get_prl(struct ip_tunnel *t,
|
|
|
|
|
struct ip_tunnel_prl __user *a)
|
2008-03-24 09:28:39 +00:00
|
|
|
{
|
2008-06-16 23:48:20 +00:00
|
|
|
struct ip_tunnel_prl kprl, *kp;
|
2008-03-24 09:28:39 +00:00
|
|
|
struct ip_tunnel_prl_entry *prl;
|
|
|
|
|
unsigned int cmax, c = 0, ca, len;
|
|
|
|
|
int ret = 0;
|
|
|
|
|
|
2008-06-16 23:48:20 +00:00
|
|
|
if (copy_from_user(&kprl, a, sizeof(kprl)))
|
|
|
|
|
return -EFAULT;
|
|
|
|
|
cmax = kprl.datalen / sizeof(kprl);
|
|
|
|
|
if (cmax > 1 && kprl.addr != htonl(INADDR_ANY))
|
2008-03-24 09:28:39 +00:00
|
|
|
cmax = 1;
|
|
|
|
|
|
|
|
|
|
/* For simple GET or for root users,
|
|
|
|
|
* we try harder to allocate.
|
|
|
|
|
*/
|
|
|
|
|
kp = (cmax <= 1 || capable(CAP_NET_ADMIN)) ?
|
|
|
|
|
kcalloc(cmax, sizeof(*kp), GFP_KERNEL) :
|
|
|
|
|
NULL;
|
|
|
|
|
|
2009-10-23 17:51:26 +00:00
|
|
|
rcu_read_lock();
|
2008-03-24 09:28:39 +00:00
|
|
|
|
|
|
|
|
ca = t->prl_count < cmax ? t->prl_count : cmax;
|
|
|
|
|
|
|
|
|
|
if (!kp) {
|
|
|
|
|
/* We don't try hard to allocate much memory for
|
|
|
|
|
* non-root users.
|
|
|
|
|
* For root users, retry allocating enough memory for
|
|
|
|
|
* the answer.
|
|
|
|
|
*/
|
|
|
|
|
kp = kcalloc(ca, sizeof(*kp), GFP_ATOMIC);
|
|
|
|
|
if (!kp) {
|
|
|
|
|
ret = -ENOMEM;
|
|
|
|
|
goto out;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
c = 0;
|
2009-10-23 17:51:26 +00:00
|
|
|
for_each_prl_rcu(t->prl) {
|
2009-09-29 11:27:05 +00:00
|
|
|
if (c >= cmax)
|
2008-03-24 09:28:39 +00:00
|
|
|
break;
|
2008-06-16 23:48:20 +00:00
|
|
|
if (kprl.addr != htonl(INADDR_ANY) && prl->addr != kprl.addr)
|
2008-03-24 09:28:39 +00:00
|
|
|
continue;
|
|
|
|
|
kp[c].addr = prl->addr;
|
|
|
|
|
kp[c].flags = prl->flags;
|
|
|
|
|
c++;
|
2008-06-16 23:48:20 +00:00
|
|
|
if (kprl.addr != htonl(INADDR_ANY))
|
2008-03-24 09:28:39 +00:00
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
out:
|
2009-10-23 17:51:26 +00:00
|
|
|
rcu_read_unlock();
|
2008-03-24 09:28:39 +00:00
|
|
|
|
|
|
|
|
len = sizeof(*kp) * c;
|
2008-06-16 23:48:20 +00:00
|
|
|
ret = 0;
|
|
|
|
|
if ((len && copy_to_user(a + 1, kp, len)) || put_user(len, &a->datalen))
|
|
|
|
|
ret = -EFAULT;
|
2008-03-24 09:28:39 +00:00
|
|
|
|
|
|
|
|
kfree(kp);
|
|
|
|
|
|
2008-06-16 23:48:20 +00:00
|
|
|
return ret;
|
2008-03-24 09:28:39 +00:00
|
|
|
}
|
|
|
|
|
|
2008-03-11 22:35:59 +00:00
|
|
|
static int
|
|
|
|
|
ipip6_tunnel_add_prl(struct ip_tunnel *t, struct ip_tunnel_prl *a, int chg)
|
|
|
|
|
{
|
|
|
|
|
struct ip_tunnel_prl_entry *p;
|
2008-03-22 08:42:57 +00:00
|
|
|
int err = 0;
|
|
|
|
|
|
2008-03-22 08:50:59 +00:00
|
|
|
if (a->addr == htonl(INADDR_ANY))
|
|
|
|
|
return -EINVAL;
|
|
|
|
|
|
2010-06-01 07:26:58 +00:00
|
|
|
ASSERT_RTNL();
|
2008-03-11 22:35:59 +00:00
|
|
|
|
2010-09-15 11:35:10 +00:00
|
|
|
for (p = rtnl_dereference(t->prl); p; p = rtnl_dereference(p->next)) {
|
2008-03-24 09:28:39 +00:00
|
|
|
if (p->addr == a->addr) {
|
2009-10-23 17:51:26 +00:00
|
|
|
if (chg) {
|
|
|
|
|
p->flags = a->flags;
|
|
|
|
|
goto out;
|
|
|
|
|
}
|
2008-03-22 08:42:57 +00:00
|
|
|
err = -EEXIST;
|
|
|
|
|
goto out;
|
2008-03-11 22:35:59 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2008-03-22 08:42:57 +00:00
|
|
|
if (chg) {
|
|
|
|
|
err = -ENXIO;
|
|
|
|
|
goto out;
|
|
|
|
|
}
|
2008-03-11 22:35:59 +00:00
|
|
|
|
|
|
|
|
p = kzalloc(sizeof(struct ip_tunnel_prl_entry), GFP_KERNEL);
|
2008-03-22 08:42:57 +00:00
|
|
|
if (!p) {
|
|
|
|
|
err = -ENOBUFS;
|
|
|
|
|
goto out;
|
|
|
|
|
}
|
2008-03-11 22:35:59 +00:00
|
|
|
|
|
|
|
|
p->next = t->prl;
|
2008-03-24 09:28:39 +00:00
|
|
|
p->addr = a->addr;
|
|
|
|
|
p->flags = a->flags;
|
2009-10-23 17:51:26 +00:00
|
|
|
t->prl_count++;
|
2012-01-12 04:41:32 +00:00
|
|
|
rcu_assign_pointer(t->prl, p);
|
2008-03-22 08:42:57 +00:00
|
|
|
out:
|
|
|
|
|
return err;
|
2008-03-11 22:35:59 +00:00
|
|
|
}
|
|
|
|
|
|
2009-10-23 17:51:26 +00:00
|
|
|
static void prl_list_destroy_rcu(struct rcu_head *head)
|
|
|
|
|
{
|
|
|
|
|
struct ip_tunnel_prl_entry *p, *n;
|
|
|
|
|
|
|
|
|
|
p = container_of(head, struct ip_tunnel_prl_entry, rcu_head);
|
|
|
|
|
do {
|
2011-01-20 07:16:24 +00:00
|
|
|
n = rcu_dereference_protected(p->next, 1);
|
2009-10-23 17:51:26 +00:00
|
|
|
kfree(p);
|
|
|
|
|
p = n;
|
|
|
|
|
} while (p);
|
|
|
|
|
}
|
|
|
|
|
|
2008-03-11 22:35:59 +00:00
|
|
|
static int
|
|
|
|
|
ipip6_tunnel_del_prl(struct ip_tunnel *t, struct ip_tunnel_prl *a)
|
|
|
|
|
{
|
2011-01-20 07:16:24 +00:00
|
|
|
struct ip_tunnel_prl_entry *x;
|
|
|
|
|
struct ip_tunnel_prl_entry __rcu **p;
|
2008-03-22 08:42:57 +00:00
|
|
|
int err = 0;
|
|
|
|
|
|
2010-06-01 07:26:58 +00:00
|
|
|
ASSERT_RTNL();
|
2008-03-11 22:35:59 +00:00
|
|
|
|
2008-03-22 08:50:59 +00:00
|
|
|
if (a && a->addr != htonl(INADDR_ANY)) {
|
2011-01-20 07:16:24 +00:00
|
|
|
for (p = &t->prl;
|
|
|
|
|
(x = rtnl_dereference(*p)) != NULL;
|
|
|
|
|
p = &x->next) {
|
|
|
|
|
if (x->addr == a->addr) {
|
2008-03-11 22:35:59 +00:00
|
|
|
*p = x->next;
|
2011-05-02 07:56:57 +00:00
|
|
|
kfree_rcu(x, rcu_head);
|
2008-03-24 09:28:39 +00:00
|
|
|
t->prl_count--;
|
2008-03-22 08:42:57 +00:00
|
|
|
goto out;
|
2008-03-11 22:35:59 +00:00
|
|
|
}
|
|
|
|
|
}
|
2008-03-22 08:42:57 +00:00
|
|
|
err = -ENXIO;
|
2008-03-11 22:35:59 +00:00
|
|
|
} else {
|
2011-01-20 07:16:24 +00:00
|
|
|
x = rtnl_dereference(t->prl);
|
|
|
|
|
if (x) {
|
2009-10-23 17:51:26 +00:00
|
|
|
t->prl_count = 0;
|
|
|
|
|
call_rcu(&x->rcu_head, prl_list_destroy_rcu);
|
|
|
|
|
t->prl = NULL;
|
2008-03-11 22:35:59 +00:00
|
|
|
}
|
|
|
|
|
}
|
2008-03-22 08:42:57 +00:00
|
|
|
out:
|
2009-05-19 12:56:50 +00:00
|
|
|
return err;
|
2008-03-11 22:35:59 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int
|
2011-04-22 04:53:02 +00:00
|
|
|
isatap_chksrc(struct sk_buff *skb, const struct iphdr *iph, struct ip_tunnel *t)
|
2008-03-11 22:35:59 +00:00
|
|
|
{
|
2008-03-22 08:42:57 +00:00
|
|
|
struct ip_tunnel_prl_entry *p;
|
2008-03-11 22:35:59 +00:00
|
|
|
int ok = 1;
|
|
|
|
|
|
2009-10-23 17:51:26 +00:00
|
|
|
rcu_read_lock();
|
2008-03-22 08:42:57 +00:00
|
|
|
p = __ipip6_tunnel_locate_prl(t, iph->saddr);
|
2008-03-11 22:35:59 +00:00
|
|
|
if (p) {
|
2008-03-24 09:28:39 +00:00
|
|
|
if (p->flags & PRL_DEFAULT)
|
2008-03-11 22:35:59 +00:00
|
|
|
skb->ndisc_nodetype = NDISC_NODETYPE_DEFAULT;
|
|
|
|
|
else
|
|
|
|
|
skb->ndisc_nodetype = NDISC_NODETYPE_NODEFAULT;
|
|
|
|
|
} else {
|
2011-04-22 04:53:02 +00:00
|
|
|
const struct in6_addr *addr6 = &ipv6_hdr(skb)->saddr;
|
|
|
|
|
|
2008-03-11 22:35:59 +00:00
|
|
|
if (ipv6_addr_is_isatap(addr6) &&
|
|
|
|
|
(addr6->s6_addr32[3] == iph->saddr) &&
|
2008-03-16 02:54:23 +00:00
|
|
|
ipv6_chk_prefix(addr6, t->dev))
|
2008-03-11 22:35:59 +00:00
|
|
|
skb->ndisc_nodetype = NDISC_NODETYPE_HOST;
|
|
|
|
|
else
|
|
|
|
|
ok = 0;
|
|
|
|
|
}
|
2009-10-23 17:51:26 +00:00
|
|
|
rcu_read_unlock();
|
2008-03-11 22:35:59 +00:00
|
|
|
return ok;
|
|
|
|
|
}
|
|
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
static void ipip6_tunnel_uninit(struct net_device *dev)
|
|
|
|
|
{
|
2008-04-16 08:15:39 +00:00
|
|
|
struct net *net = dev_net(dev);
|
|
|
|
|
struct sit_net *sitn = net_generic(net, sit_net_id);
|
|
|
|
|
|
2008-04-16 08:16:18 +00:00
|
|
|
if (dev == sitn->fb_tunnel_dev) {
|
2011-08-01 16:19:00 +00:00
|
|
|
RCU_INIT_POINTER(sitn->tunnels_wc[0], NULL);
|
2005-04-16 22:20:36 +00:00
|
|
|
} else {
|
2008-04-16 08:15:39 +00:00
|
|
|
ipip6_tunnel_unlink(sitn, netdev_priv(dev));
|
2008-04-10 06:41:27 +00:00
|
|
|
ipip6_tunnel_del_prl(netdev_priv(dev), NULL);
|
2005-04-16 22:20:36 +00:00
|
|
|
}
|
2010-09-15 11:35:10 +00:00
|
|
|
dev_put(dev);
|
2005-04-16 22:20:36 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2007-02-13 20:55:25 +00:00
|
|
|
static int ipip6_err(struct sk_buff *skb, u32 info)
|
2005-04-16 22:20:36 +00:00
|
|
|
{
|
|
|
|
|
|
2008-05-22 00:47:54 +00:00
|
|
|
/* All the routers (except for Linux) return only
|
2005-04-16 22:20:36 +00:00
|
|
|
8 bytes of packet payload. It means, that precise relaying of
|
|
|
|
|
ICMP in the real Internet is absolutely infeasible.
|
|
|
|
|
*/
|
2011-04-22 04:53:02 +00:00
|
|
|
const struct iphdr *iph = (const struct iphdr *)skb->data;
|
2007-03-13 17:43:18 +00:00
|
|
|
const int type = icmp_hdr(skb)->type;
|
|
|
|
|
const int code = icmp_hdr(skb)->code;
|
2005-04-16 22:20:36 +00:00
|
|
|
struct ip_tunnel *t;
|
2007-02-13 20:55:25 +00:00
|
|
|
int err;
|
2005-04-16 22:20:36 +00:00
|
|
|
|
|
|
|
|
switch (type) {
|
|
|
|
|
default:
|
|
|
|
|
case ICMP_PARAMETERPROB:
|
2007-02-13 20:55:25 +00:00
|
|
|
return 0;
|
2005-04-16 22:20:36 +00:00
|
|
|
|
|
|
|
|
case ICMP_DEST_UNREACH:
|
|
|
|
|
switch (code) {
|
|
|
|
|
case ICMP_SR_FAILED:
|
|
|
|
|
case ICMP_PORT_UNREACH:
|
|
|
|
|
/* Impossible event. */
|
2007-02-13 20:55:25 +00:00
|
|
|
return 0;
|
2005-04-16 22:20:36 +00:00
|
|
|
default:
|
|
|
|
|
/* All others are translated to HOST_UNREACH.
|
|
|
|
|
rfc2003 contains "deep thoughts" about NET_UNREACH,
|
|
|
|
|
I believe they are just ether pollution. --ANK
|
|
|
|
|
*/
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
case ICMP_TIME_EXCEEDED:
|
|
|
|
|
if (code != ICMP_EXC_TTL)
|
2007-02-13 20:55:25 +00:00
|
|
|
return 0;
|
2005-04-16 22:20:36 +00:00
|
|
|
break;
|
2012-07-12 07:25:15 +00:00
|
|
|
case ICMP_REDIRECT:
|
|
|
|
|
break;
|
2005-04-16 22:20:36 +00:00
|
|
|
}
|
|
|
|
|
|
2007-02-13 20:55:25 +00:00
|
|
|
err = -ENOENT;
|
|
|
|
|
|
2009-05-19 12:56:49 +00:00
|
|
|
t = ipip6_tunnel_lookup(dev_net(skb->dev),
|
|
|
|
|
skb->dev,
|
|
|
|
|
iph->daddr,
|
|
|
|
|
iph->saddr);
|
2012-06-15 05:21:46 +00:00
|
|
|
if (t == NULL)
|
|
|
|
|
goto out;
|
|
|
|
|
|
|
|
|
|
if (type == ICMP_DEST_UNREACH && code == ICMP_FRAG_NEEDED) {
|
|
|
|
|
ipv4_update_pmtu(skb, dev_net(skb->dev), info,
|
2016-06-16 08:06:19 +00:00
|
|
|
t->parms.link, 0, iph->protocol, 0);
|
2012-06-15 05:21:46 +00:00
|
|
|
err = 0;
|
|
|
|
|
goto out;
|
|
|
|
|
}
|
2012-07-12 07:25:15 +00:00
|
|
|
if (type == ICMP_REDIRECT) {
|
2014-06-06 19:19:21 +00:00
|
|
|
ipv4_redirect(skb, dev_net(skb->dev), t->parms.link, 0,
|
2016-06-16 08:06:19 +00:00
|
|
|
iph->protocol, 0);
|
2012-07-12 07:25:15 +00:00
|
|
|
err = 0;
|
|
|
|
|
goto out;
|
|
|
|
|
}
|
2012-06-15 05:21:46 +00:00
|
|
|
|
|
|
|
|
if (t->parms.iph.daddr == 0)
|
2005-04-16 22:20:36 +00:00
|
|
|
goto out;
|
2007-02-13 20:55:25 +00:00
|
|
|
|
|
|
|
|
err = 0;
|
2005-04-16 22:20:36 +00:00
|
|
|
if (t->parms.iph.ttl == 0 && type == ICMP_TIME_EXCEEDED)
|
|
|
|
|
goto out;
|
|
|
|
|
|
2009-02-25 07:37:19 +00:00
|
|
|
if (time_before(jiffies, t->err_time + IPTUNNEL_ERR_TIMEO))
|
2005-04-16 22:20:36 +00:00
|
|
|
t->err_count++;
|
|
|
|
|
else
|
|
|
|
|
t->err_count = 1;
|
|
|
|
|
t->err_time = jiffies;
|
|
|
|
|
out:
|
2007-02-13 20:55:25 +00:00
|
|
|
return err;
|
2005-04-16 22:20:36 +00:00
|
|
|
}
|
|
|
|
|
|
2013-01-29 08:24:25 +00:00
|
|
|
static inline bool is_spoofed_6rd(struct ip_tunnel *tunnel, const __be32 v4addr,
|
|
|
|
|
const struct in6_addr *v6addr)
|
|
|
|
|
{
|
|
|
|
|
__be32 v4embed = 0;
|
|
|
|
|
if (check_6rd(tunnel, v6addr, &v4embed) && v4addr != v4embed)
|
|
|
|
|
return true;
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
2013-09-23 20:04:19 +00:00
|
|
|
/* Checks if an address matches an address on the tunnel interface.
|
|
|
|
|
* Used to detect the NAT of proto 41 packets and let them pass spoofing test.
|
|
|
|
|
* Long story:
|
|
|
|
|
* This function is called after we considered the packet as spoofed
|
|
|
|
|
* in is_spoofed_6rd.
|
|
|
|
|
* We may have a router that is doing NAT for proto 41 packets
|
|
|
|
|
* for an internal station. Destination a.a.a.a/PREFIX:bbbb:bbbb
|
|
|
|
|
* will be translated to n.n.n.n/PREFIX:bbbb:bbbb. And is_spoofed_6rd
|
|
|
|
|
* function will return true, dropping the packet.
|
|
|
|
|
* But, we can still check if is spoofed against the IP
|
|
|
|
|
* addresses associated with the interface.
|
|
|
|
|
*/
|
|
|
|
|
static bool only_dnatted(const struct ip_tunnel *tunnel,
|
|
|
|
|
const struct in6_addr *v6dst)
|
|
|
|
|
{
|
|
|
|
|
int prefix_len;
|
|
|
|
|
|
|
|
|
|
#ifdef CONFIG_IPV6_SIT_6RD
|
|
|
|
|
prefix_len = tunnel->ip6rd.prefixlen + 32
|
|
|
|
|
- tunnel->ip6rd.relay_prefixlen;
|
|
|
|
|
#else
|
|
|
|
|
prefix_len = 48;
|
|
|
|
|
#endif
|
|
|
|
|
return ipv6_chk_custom_prefix(v6dst, prefix_len, tunnel->dev);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Returns true if a packet is spoofed */
|
|
|
|
|
static bool packet_is_spoofed(struct sk_buff *skb,
|
|
|
|
|
const struct iphdr *iph,
|
|
|
|
|
struct ip_tunnel *tunnel)
|
|
|
|
|
{
|
|
|
|
|
const struct ipv6hdr *ipv6h;
|
|
|
|
|
|
|
|
|
|
if (tunnel->dev->priv_flags & IFF_ISATAP) {
|
|
|
|
|
if (!isatap_chksrc(skb, iph, tunnel))
|
|
|
|
|
return true;
|
|
|
|
|
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (tunnel->dev->flags & IFF_POINTOPOINT)
|
|
|
|
|
return false;
|
|
|
|
|
|
|
|
|
|
ipv6h = ipv6_hdr(skb);
|
|
|
|
|
|
|
|
|
|
if (unlikely(is_spoofed_6rd(tunnel, iph->saddr, &ipv6h->saddr))) {
|
|
|
|
|
net_warn_ratelimited("Src spoofed %pI4/%pI6c -> %pI4/%pI6c\n",
|
|
|
|
|
&iph->saddr, &ipv6h->saddr,
|
|
|
|
|
&iph->daddr, &ipv6h->daddr);
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (likely(!is_spoofed_6rd(tunnel, iph->daddr, &ipv6h->daddr)))
|
|
|
|
|
return false;
|
|
|
|
|
|
|
|
|
|
if (only_dnatted(tunnel, &ipv6h->daddr))
|
|
|
|
|
return false;
|
|
|
|
|
|
|
|
|
|
net_warn_ratelimited("Dst spoofed %pI4/%pI6c -> %pI4/%pI6c\n",
|
|
|
|
|
&iph->saddr, &ipv6h->saddr,
|
|
|
|
|
&iph->daddr, &ipv6h->daddr);
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
static int ipip6_rcv(struct sk_buff *skb)
|
|
|
|
|
{
|
2013-01-18 09:18:17 +00:00
|
|
|
const struct iphdr *iph = ip_hdr(skb);
|
2005-04-16 22:20:36 +00:00
|
|
|
struct ip_tunnel *tunnel;
|
2012-11-27 03:07:11 +00:00
|
|
|
int err;
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2009-05-19 12:56:49 +00:00
|
|
|
tunnel = ipip6_tunnel_lookup(dev_net(skb->dev), skb->dev,
|
|
|
|
|
iph->saddr, iph->daddr);
|
|
|
|
|
if (tunnel != NULL) {
|
2010-09-27 00:38:18 +00:00
|
|
|
struct pcpu_tstats *tstats;
|
|
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
secpath_reset(skb);
|
2007-04-11 04:21:55 +00:00
|
|
|
skb->mac_header = skb->network_header;
|
2007-04-11 03:45:18 +00:00
|
|
|
skb_reset_network_header(skb);
|
2006-01-07 07:04:01 +00:00
|
|
|
IPCB(skb)->flags = 0;
|
2005-04-16 22:20:36 +00:00
|
|
|
skb->protocol = htons(ETH_P_IPV6);
|
|
|
|
|
skb->pkt_type = PACKET_HOST;
|
2007-11-29 11:11:40 +00:00
|
|
|
|
2013-09-23 20:04:19 +00:00
|
|
|
if (packet_is_spoofed(skb, iph, tunnel)) {
|
|
|
|
|
tunnel->dev->stats.rx_errors++;
|
|
|
|
|
goto out;
|
2012-11-27 03:07:11 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
__skb_tunnel_rx(skb, tunnel->dev);
|
|
|
|
|
|
|
|
|
|
err = IP_ECN_decapsulate(iph, skb);
|
|
|
|
|
if (unlikely(err)) {
|
|
|
|
|
if (log_ecn_error)
|
|
|
|
|
net_info_ratelimited("non-ECT from %pI4 with TOS=%#x\n",
|
|
|
|
|
&iph->saddr, iph->tos);
|
|
|
|
|
if (err > 1) {
|
|
|
|
|
++tunnel->dev->stats.rx_frame_errors;
|
|
|
|
|
++tunnel->dev->stats.rx_errors;
|
|
|
|
|
goto out;
|
|
|
|
|
}
|
2007-11-29 11:11:40 +00:00
|
|
|
}
|
2010-05-18 05:36:55 +00:00
|
|
|
|
2010-09-27 00:38:18 +00:00
|
|
|
tstats = this_cpu_ptr(tunnel->dev->tstats);
|
|
|
|
|
tstats->rx_packets++;
|
|
|
|
|
tstats->rx_bytes += skb->len;
|
|
|
|
|
|
2010-09-30 21:06:55 +00:00
|
|
|
netif_rx(skb);
|
2010-09-20 00:12:11 +00:00
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2010-11-29 19:32:34 +00:00
|
|
|
/* no tunnel matched, let upstream know, ipsec may handle it */
|
|
|
|
|
return 1;
|
2005-04-16 22:20:36 +00:00
|
|
|
out:
|
2008-05-09 06:40:26 +00:00
|
|
|
kfree_skb(skb);
|
2005-04-16 22:20:36 +00:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2009-09-22 23:43:14 +00:00
|
|
|
/*
|
2013-01-29 08:24:25 +00:00
|
|
|
* If the IPv6 address comes from 6rd / 6to4 (RFC 3056) addr space this function
|
|
|
|
|
* stores the embedded IPv4 address in v4dst and returns true.
|
2009-09-22 23:43:14 +00:00
|
|
|
*/
|
2013-01-29 08:24:25 +00:00
|
|
|
static bool check_6rd(struct ip_tunnel *tunnel, const struct in6_addr *v6dst,
|
|
|
|
|
__be32 *v4dst)
|
2005-04-16 22:20:36 +00:00
|
|
|
{
|
2009-09-22 23:43:14 +00:00
|
|
|
#ifdef CONFIG_IPV6_SIT_6RD
|
|
|
|
|
if (ipv6_prefix_equal(v6dst, &tunnel->ip6rd.prefix,
|
|
|
|
|
tunnel->ip6rd.prefixlen)) {
|
2010-09-15 11:35:10 +00:00
|
|
|
unsigned int pbw0, pbi0;
|
2009-09-22 23:43:14 +00:00
|
|
|
int pbi1;
|
|
|
|
|
u32 d;
|
|
|
|
|
|
|
|
|
|
pbw0 = tunnel->ip6rd.prefixlen >> 5;
|
|
|
|
|
pbi0 = tunnel->ip6rd.prefixlen & 0x1f;
|
|
|
|
|
|
2009-10-11 03:44:45 +00:00
|
|
|
d = (ntohl(v6dst->s6_addr32[pbw0]) << pbi0) >>
|
2009-09-22 23:43:14 +00:00
|
|
|
tunnel->ip6rd.relay_prefixlen;
|
|
|
|
|
|
|
|
|
|
pbi1 = pbi0 - tunnel->ip6rd.relay_prefixlen;
|
|
|
|
|
if (pbi1 > 0)
|
2009-10-11 03:44:45 +00:00
|
|
|
d |= ntohl(v6dst->s6_addr32[pbw0 + 1]) >>
|
2009-09-22 23:43:14 +00:00
|
|
|
(32 - pbi1);
|
|
|
|
|
|
2013-01-29 08:24:25 +00:00
|
|
|
*v4dst = tunnel->ip6rd.relay_prefix | htonl(d);
|
|
|
|
|
return true;
|
2009-09-22 23:43:14 +00:00
|
|
|
}
|
|
|
|
|
#else
|
2005-04-16 22:20:36 +00:00
|
|
|
if (v6dst->s6_addr16[0] == htons(0x2002)) {
|
2007-02-09 14:24:49 +00:00
|
|
|
/* 6to4 v6 addr has 16 bits prefix, 32 v4addr, 16 SLA, ... */
|
2013-01-29 08:24:25 +00:00
|
|
|
memcpy(v4dst, &v6dst->s6_addr16[1], 4);
|
|
|
|
|
return true;
|
2005-04-16 22:20:36 +00:00
|
|
|
}
|
2009-09-22 23:43:14 +00:00
|
|
|
#endif
|
2013-01-29 08:24:25 +00:00
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static inline __be32 try_6rd(struct ip_tunnel *tunnel,
|
|
|
|
|
const struct in6_addr *v6dst)
|
|
|
|
|
{
|
|
|
|
|
__be32 dst = 0;
|
|
|
|
|
check_6rd(tunnel, v6dst, &dst);
|
2005-04-16 22:20:36 +00:00
|
|
|
return dst;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* This function assumes it is being called from dev_queue_xmit()
|
|
|
|
|
* and that skb is filled properly by that function.
|
|
|
|
|
*/
|
|
|
|
|
|
2009-08-31 19:50:41 +00:00
|
|
|
static netdev_tx_t ipip6_tunnel_xmit(struct sk_buff *skb,
|
|
|
|
|
struct net_device *dev)
|
2005-04-16 22:20:36 +00:00
|
|
|
{
|
2006-01-09 06:05:26 +00:00
|
|
|
struct ip_tunnel *tunnel = netdev_priv(dev);
|
2011-04-22 04:53:02 +00:00
|
|
|
const struct iphdr *tiph = &tunnel->parms.iph;
|
|
|
|
|
const struct ipv6hdr *iph6 = ipv6_hdr(skb);
|
2005-04-16 22:20:36 +00:00
|
|
|
u8 tos = tunnel->parms.iph.tos;
|
2009-11-09 08:42:01 +00:00
|
|
|
__be16 df = tiph->frag_off;
|
2005-04-16 22:20:36 +00:00
|
|
|
struct rtable *rt; /* Route to the other host */
|
2010-09-27 00:38:18 +00:00
|
|
|
struct net_device *tdev; /* Device to other host */
|
2005-04-16 22:20:36 +00:00
|
|
|
struct iphdr *iph; /* Our new IP header */
|
2007-10-24 04:07:32 +00:00
|
|
|
unsigned int max_headroom; /* The extra header space needed */
|
2006-11-15 04:56:00 +00:00
|
|
|
__be32 dst = tiph->daddr;
|
2011-05-04 03:25:42 +00:00
|
|
|
struct flowi4 fl4;
|
2005-04-16 22:20:36 +00:00
|
|
|
int mtu;
|
2011-04-22 04:53:02 +00:00
|
|
|
const struct in6_addr *addr6;
|
2005-04-16 22:20:36 +00:00
|
|
|
int addr_type;
|
|
|
|
|
|
|
|
|
|
if (skb->protocol != htons(ETH_P_IPV6))
|
|
|
|
|
goto tx_error;
|
|
|
|
|
|
2011-08-13 14:04:38 +00:00
|
|
|
if (tos == 1)
|
|
|
|
|
tos = ipv6_get_dsfield(iph6);
|
|
|
|
|
|
2007-11-29 11:11:40 +00:00
|
|
|
/* ISATAP (RFC4214) - must come before 6to4 */
|
|
|
|
|
if (dev->priv_flags & IFF_ISATAP) {
|
|
|
|
|
struct neighbour *neigh = NULL;
|
2012-01-26 20:23:21 +00:00
|
|
|
bool do_tx_error = false;
|
2007-11-29 11:11:40 +00:00
|
|
|
|
2009-06-02 05:19:30 +00:00
|
|
|
if (skb_dst(skb))
|
2012-01-26 20:23:21 +00:00
|
|
|
neigh = dst_neigh_lookup(skb_dst(skb), &iph6->daddr);
|
2007-11-29 11:11:40 +00:00
|
|
|
|
|
|
|
|
if (neigh == NULL) {
|
2013-09-23 20:04:19 +00:00
|
|
|
net_dbg_ratelimited("nexthop == NULL\n");
|
2007-11-29 11:11:40 +00:00
|
|
|
goto tx_error;
|
|
|
|
|
}
|
|
|
|
|
|
2012-04-01 07:49:01 +00:00
|
|
|
addr6 = (const struct in6_addr *)&neigh->primary_key;
|
2007-11-29 11:11:40 +00:00
|
|
|
addr_type = ipv6_addr_type(addr6);
|
|
|
|
|
|
|
|
|
|
if ((addr_type & IPV6_ADDR_UNICAST) &&
|
|
|
|
|
ipv6_addr_is_isatap(addr6))
|
|
|
|
|
dst = addr6->s6_addr32[3];
|
|
|
|
|
else
|
2012-01-26 20:23:21 +00:00
|
|
|
do_tx_error = true;
|
|
|
|
|
|
|
|
|
|
neigh_release(neigh);
|
|
|
|
|
if (do_tx_error)
|
2007-11-29 11:11:40 +00:00
|
|
|
goto tx_error;
|
|
|
|
|
}
|
|
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
if (!dst)
|
2013-01-29 08:24:25 +00:00
|
|
|
dst = try_6rd(tunnel, &iph6->daddr);
|
2005-04-16 22:20:36 +00:00
|
|
|
|
|
|
|
|
if (!dst) {
|
|
|
|
|
struct neighbour *neigh = NULL;
|
2012-01-26 20:23:21 +00:00
|
|
|
bool do_tx_error = false;
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2009-06-02 05:19:30 +00:00
|
|
|
if (skb_dst(skb))
|
2012-01-26 20:23:21 +00:00
|
|
|
neigh = dst_neigh_lookup(skb_dst(skb), &iph6->daddr);
|
2005-04-16 22:20:36 +00:00
|
|
|
|
|
|
|
|
if (neigh == NULL) {
|
2013-09-23 20:04:19 +00:00
|
|
|
net_dbg_ratelimited("nexthop == NULL\n");
|
2005-04-16 22:20:36 +00:00
|
|
|
goto tx_error;
|
|
|
|
|
}
|
|
|
|
|
|
2012-04-01 07:49:01 +00:00
|
|
|
addr6 = (const struct in6_addr *)&neigh->primary_key;
|
2005-04-16 22:20:36 +00:00
|
|
|
addr_type = ipv6_addr_type(addr6);
|
|
|
|
|
|
|
|
|
|
if (addr_type == IPV6_ADDR_ANY) {
|
2007-04-26 00:54:47 +00:00
|
|
|
addr6 = &ipv6_hdr(skb)->daddr;
|
2005-04-16 22:20:36 +00:00
|
|
|
addr_type = ipv6_addr_type(addr6);
|
|
|
|
|
}
|
|
|
|
|
|
2012-01-26 20:23:21 +00:00
|
|
|
if ((addr_type & IPV6_ADDR_COMPATv4) != 0)
|
|
|
|
|
dst = addr6->s6_addr32[3];
|
|
|
|
|
else
|
|
|
|
|
do_tx_error = true;
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2012-01-26 20:23:21 +00:00
|
|
|
neigh_release(neigh);
|
|
|
|
|
if (do_tx_error)
|
|
|
|
|
goto tx_error;
|
2005-04-16 22:20:36 +00:00
|
|
|
}
|
|
|
|
|
|
2011-05-04 03:25:42 +00:00
|
|
|
rt = ip_route_output_ports(dev_net(dev), &fl4, NULL,
|
2011-03-12 05:00:52 +00:00
|
|
|
dst, tiph->saddr,
|
|
|
|
|
0, 0,
|
|
|
|
|
IPPROTO_IPV6, RT_TOS(tos),
|
|
|
|
|
tunnel->parms.link);
|
|
|
|
|
if (IS_ERR(rt)) {
|
|
|
|
|
dev->stats.tx_carrier_errors++;
|
|
|
|
|
goto tx_error_icmp;
|
2005-04-16 22:20:36 +00:00
|
|
|
}
|
|
|
|
|
if (rt->rt_type != RTN_UNICAST) {
|
|
|
|
|
ip_rt_put(rt);
|
2010-09-27 00:38:18 +00:00
|
|
|
dev->stats.tx_carrier_errors++;
|
2005-04-16 22:20:36 +00:00
|
|
|
goto tx_error_icmp;
|
|
|
|
|
}
|
2010-06-11 06:31:35 +00:00
|
|
|
tdev = rt->dst.dev;
|
2005-04-16 22:20:36 +00:00
|
|
|
|
|
|
|
|
if (tdev == dev) {
|
|
|
|
|
ip_rt_put(rt);
|
2010-09-27 00:38:18 +00:00
|
|
|
dev->stats.collisions++;
|
2005-04-16 22:20:36 +00:00
|
|
|
goto tx_error;
|
|
|
|
|
}
|
|
|
|
|
|
2009-11-09 08:42:01 +00:00
|
|
|
if (df) {
|
2010-06-11 06:31:35 +00:00
|
|
|
mtu = dst_mtu(&rt->dst) - sizeof(struct iphdr);
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2009-11-09 08:42:01 +00:00
|
|
|
if (mtu < 68) {
|
2010-09-27 00:38:18 +00:00
|
|
|
dev->stats.collisions++;
|
2009-11-09 08:42:01 +00:00
|
|
|
ip_rt_put(rt);
|
|
|
|
|
goto tx_error;
|
|
|
|
|
}
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2009-11-09 08:42:01 +00:00
|
|
|
if (mtu < IPV6_MIN_MTU) {
|
|
|
|
|
mtu = IPV6_MIN_MTU;
|
|
|
|
|
df = 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (tunnel->parms.iph.daddr && skb_dst(skb))
|
2012-07-17 10:29:28 +00:00
|
|
|
skb_dst(skb)->ops->update_pmtu(skb_dst(skb), NULL, skb, mtu);
|
2009-11-09 08:42:01 +00:00
|
|
|
|
|
|
|
|
if (skb->len > mtu) {
|
2010-02-18 08:25:24 +00:00
|
|
|
icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu);
|
2009-11-09 08:42:01 +00:00
|
|
|
ip_rt_put(rt);
|
|
|
|
|
goto tx_error;
|
|
|
|
|
}
|
2005-04-16 22:20:36 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (tunnel->err_count > 0) {
|
2009-02-25 07:37:19 +00:00
|
|
|
if (time_before(jiffies,
|
|
|
|
|
tunnel->err_time + IPTUNNEL_ERR_TIMEO)) {
|
2005-04-16 22:20:36 +00:00
|
|
|
tunnel->err_count--;
|
|
|
|
|
dst_link_failure(skb);
|
|
|
|
|
} else
|
|
|
|
|
tunnel->err_count = 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Okay, now see if we can stuff it in the buffer as-is.
|
|
|
|
|
*/
|
|
|
|
|
max_headroom = LL_RESERVED_SPACE(tdev)+sizeof(struct iphdr);
|
|
|
|
|
|
2007-07-09 22:33:40 +00:00
|
|
|
if (skb_headroom(skb) < max_headroom || skb_shared(skb) ||
|
|
|
|
|
(skb_cloned(skb) && !skb_clone_writable(skb, 0))) {
|
2005-04-16 22:20:36 +00:00
|
|
|
struct sk_buff *new_skb = skb_realloc_headroom(skb, max_headroom);
|
|
|
|
|
if (!new_skb) {
|
|
|
|
|
ip_rt_put(rt);
|
2010-09-27 00:38:18 +00:00
|
|
|
dev->stats.tx_dropped++;
|
2005-04-16 22:20:36 +00:00
|
|
|
dev_kfree_skb(skb);
|
2009-06-23 06:03:08 +00:00
|
|
|
return NETDEV_TX_OK;
|
2005-04-16 22:20:36 +00:00
|
|
|
}
|
|
|
|
|
if (skb->sk)
|
|
|
|
|
skb_set_owner_w(new_skb, skb->sk);
|
|
|
|
|
dev_kfree_skb(skb);
|
|
|
|
|
skb = new_skb;
|
2007-04-26 00:54:47 +00:00
|
|
|
iph6 = ipv6_hdr(skb);
|
2005-04-16 22:20:36 +00:00
|
|
|
}
|
|
|
|
|
|
2007-04-11 04:21:55 +00:00
|
|
|
skb->transport_header = skb->network_header;
|
2007-04-11 03:46:21 +00:00
|
|
|
skb_push(skb, sizeof(struct iphdr));
|
|
|
|
|
skb_reset_network_header(skb);
|
2005-04-16 22:20:36 +00:00
|
|
|
memset(&(IPCB(skb)->opt), 0, sizeof(IPCB(skb)->opt));
|
2006-01-07 07:04:01 +00:00
|
|
|
IPCB(skb)->flags = 0;
|
2009-06-02 05:19:30 +00:00
|
|
|
skb_dst_drop(skb);
|
2010-06-11 06:31:35 +00:00
|
|
|
skb_dst_set(skb, &rt->dst);
|
2005-04-16 22:20:36 +00:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Push down and install the IPIP header.
|
|
|
|
|
*/
|
|
|
|
|
|
2007-04-21 05:47:35 +00:00
|
|
|
iph = ip_hdr(skb);
|
2005-04-16 22:20:36 +00:00
|
|
|
iph->version = 4;
|
|
|
|
|
iph->ihl = sizeof(struct iphdr)>>2;
|
2009-11-09 08:42:01 +00:00
|
|
|
iph->frag_off = df;
|
2005-04-16 22:20:36 +00:00
|
|
|
iph->protocol = IPPROTO_IPV6;
|
|
|
|
|
iph->tos = INET_ECN_encapsulate(tos, ipv6_get_dsfield(iph6));
|
2011-05-04 19:46:24 +00:00
|
|
|
iph->daddr = fl4.daddr;
|
|
|
|
|
iph->saddr = fl4.saddr;
|
2005-04-16 22:20:36 +00:00
|
|
|
|
|
|
|
|
if ((iph->ttl = tiph->ttl) == 0)
|
|
|
|
|
iph->ttl = iph6->hop_limit;
|
|
|
|
|
|
2013-03-09 16:38:39 +00:00
|
|
|
skb->ip_summed = CHECKSUM_NONE;
|
inetpeer: get rid of ip_id_count
[ Upstream commit 73f156a6e8c1074ac6327e0abd1169e95eb66463 ]
Ideally, we would need to generate IP ID using a per destination IP
generator.
linux kernels used inet_peer cache for this purpose, but this had a huge
cost on servers disabling MTU discovery.
1) each inet_peer struct consumes 192 bytes
2) inetpeer cache uses a binary tree of inet_peer structs,
with a nominal size of ~66000 elements under load.
3) lookups in this tree are hitting a lot of cache lines, as tree depth
is about 20.
4) If server deals with many tcp flows, we have a high probability of
not finding the inet_peer, allocating a fresh one, inserting it in
the tree with same initial ip_id_count, (cf secure_ip_id())
5) We garbage collect inet_peer aggressively.
IP ID generation do not have to be 'perfect'
Goal is trying to avoid duplicates in a short period of time,
so that reassembly units have a chance to complete reassembly of
fragments belonging to one message before receiving other fragments
with a recycled ID.
We simply use an array of generators, and a Jenkin hash using the dst IP
as a key.
ipv6_select_ident() is put back into net/ipv6/ip6_output.c where it
belongs (it is only used from this file)
secure_ip_id() and secure_ipv6_id() no longer are needed.
Rename ip_select_ident_more() to ip_select_ident_segs() to avoid
unnecessary decrement/increment of the number of segments.
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2014-06-02 12:26:03 +00:00
|
|
|
ip_select_ident(skb, NULL);
|
2012-11-11 21:52:33 +00:00
|
|
|
iptunnel_xmit(skb, dev);
|
2009-06-23 06:03:08 +00:00
|
|
|
return NETDEV_TX_OK;
|
2005-04-16 22:20:36 +00:00
|
|
|
|
|
|
|
|
tx_error_icmp:
|
|
|
|
|
dst_link_failure(skb);
|
|
|
|
|
tx_error:
|
2010-09-27 00:38:18 +00:00
|
|
|
dev->stats.tx_errors++;
|
2005-04-16 22:20:36 +00:00
|
|
|
dev_kfree_skb(skb);
|
2009-06-23 06:03:08 +00:00
|
|
|
return NETDEV_TX_OK;
|
2005-04-16 22:20:36 +00:00
|
|
|
}
|
|
|
|
|
|
2007-12-13 17:47:00 +00:00
|
|
|
static void ipip6_tunnel_bind_dev(struct net_device *dev)
|
|
|
|
|
{
|
|
|
|
|
struct net_device *tdev = NULL;
|
|
|
|
|
struct ip_tunnel *tunnel;
|
2011-04-22 04:53:02 +00:00
|
|
|
const struct iphdr *iph;
|
2011-05-04 03:25:42 +00:00
|
|
|
struct flowi4 fl4;
|
2007-12-13 17:47:00 +00:00
|
|
|
|
|
|
|
|
tunnel = netdev_priv(dev);
|
|
|
|
|
iph = &tunnel->parms.iph;
|
|
|
|
|
|
|
|
|
|
if (iph->daddr) {
|
2011-05-04 03:25:42 +00:00
|
|
|
struct rtable *rt = ip_route_output_ports(dev_net(dev), &fl4, NULL,
|
2011-03-12 05:00:52 +00:00
|
|
|
iph->daddr, iph->saddr,
|
|
|
|
|
0, 0,
|
|
|
|
|
IPPROTO_IPV6,
|
|
|
|
|
RT_TOS(iph->tos),
|
|
|
|
|
tunnel->parms.link);
|
2011-03-02 22:31:35 +00:00
|
|
|
|
|
|
|
|
if (!IS_ERR(rt)) {
|
2010-06-11 06:31:35 +00:00
|
|
|
tdev = rt->dst.dev;
|
2007-12-13 17:47:00 +00:00
|
|
|
ip_rt_put(rt);
|
|
|
|
|
}
|
|
|
|
|
dev->flags |= IFF_POINTOPOINT;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!tdev && tunnel->parms.link)
|
2008-04-16 08:16:58 +00:00
|
|
|
tdev = __dev_get_by_index(dev_net(dev), tunnel->parms.link);
|
2007-12-13 17:47:00 +00:00
|
|
|
|
|
|
|
|
if (tdev) {
|
|
|
|
|
dev->hard_header_len = tdev->hard_header_len + sizeof(struct iphdr);
|
|
|
|
|
dev->mtu = tdev->mtu - sizeof(struct iphdr);
|
|
|
|
|
if (dev->mtu < IPV6_MIN_MTU)
|
|
|
|
|
dev->mtu = IPV6_MIN_MTU;
|
|
|
|
|
}
|
|
|
|
|
dev->iflink = tunnel->parms.link;
|
|
|
|
|
}
|
|
|
|
|
|
2012-11-14 05:14:07 +00:00
|
|
|
static void ipip6_tunnel_update(struct ip_tunnel *t, struct ip_tunnel_parm *p)
|
|
|
|
|
{
|
|
|
|
|
struct net *net = dev_net(t->dev);
|
|
|
|
|
struct sit_net *sitn = net_generic(net, sit_net_id);
|
|
|
|
|
|
|
|
|
|
ipip6_tunnel_unlink(sitn, t);
|
|
|
|
|
synchronize_net();
|
|
|
|
|
t->parms.iph.saddr = p->iph.saddr;
|
|
|
|
|
t->parms.iph.daddr = p->iph.daddr;
|
|
|
|
|
memcpy(t->dev->dev_addr, &p->iph.saddr, 4);
|
|
|
|
|
memcpy(t->dev->broadcast, &p->iph.daddr, 4);
|
|
|
|
|
ipip6_tunnel_link(sitn, t);
|
|
|
|
|
t->parms.iph.ttl = p->iph.ttl;
|
|
|
|
|
t->parms.iph.tos = p->iph.tos;
|
|
|
|
|
if (t->parms.link != p->link) {
|
|
|
|
|
t->parms.link = p->link;
|
|
|
|
|
ipip6_tunnel_bind_dev(t->dev);
|
|
|
|
|
}
|
|
|
|
|
netdev_state_change(t->dev);
|
|
|
|
|
}
|
|
|
|
|
|
2012-11-19 22:41:45 +00:00
|
|
|
#ifdef CONFIG_IPV6_SIT_6RD
|
|
|
|
|
static int ipip6_tunnel_update_6rd(struct ip_tunnel *t,
|
|
|
|
|
struct ip_tunnel_6rd *ip6rd)
|
|
|
|
|
{
|
|
|
|
|
struct in6_addr prefix;
|
|
|
|
|
__be32 relay_prefix;
|
|
|
|
|
|
|
|
|
|
if (ip6rd->relay_prefixlen > 32 ||
|
|
|
|
|
ip6rd->prefixlen + (32 - ip6rd->relay_prefixlen) > 64)
|
|
|
|
|
return -EINVAL;
|
|
|
|
|
|
|
|
|
|
ipv6_addr_prefix(&prefix, &ip6rd->prefix, ip6rd->prefixlen);
|
|
|
|
|
if (!ipv6_addr_equal(&prefix, &ip6rd->prefix))
|
|
|
|
|
return -EINVAL;
|
|
|
|
|
if (ip6rd->relay_prefixlen)
|
|
|
|
|
relay_prefix = ip6rd->relay_prefix &
|
|
|
|
|
htonl(0xffffffffUL <<
|
|
|
|
|
(32 - ip6rd->relay_prefixlen));
|
|
|
|
|
else
|
|
|
|
|
relay_prefix = 0;
|
|
|
|
|
if (relay_prefix != ip6rd->relay_prefix)
|
|
|
|
|
return -EINVAL;
|
|
|
|
|
|
|
|
|
|
t->ip6rd.prefix = prefix;
|
|
|
|
|
t->ip6rd.relay_prefix = relay_prefix;
|
|
|
|
|
t->ip6rd.prefixlen = ip6rd->prefixlen;
|
|
|
|
|
t->ip6rd.relay_prefixlen = ip6rd->relay_prefixlen;
|
|
|
|
|
netdev_state_change(t->dev);
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
#endif
|
|
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
static int
|
|
|
|
|
ipip6_tunnel_ioctl (struct net_device *dev, struct ifreq *ifr, int cmd)
|
|
|
|
|
{
|
|
|
|
|
int err = 0;
|
|
|
|
|
struct ip_tunnel_parm p;
|
2008-03-11 22:35:59 +00:00
|
|
|
struct ip_tunnel_prl prl;
|
2005-04-16 22:20:36 +00:00
|
|
|
struct ip_tunnel *t;
|
2008-04-16 08:15:39 +00:00
|
|
|
struct net *net = dev_net(dev);
|
|
|
|
|
struct sit_net *sitn = net_generic(net, sit_net_id);
|
2009-09-22 23:43:14 +00:00
|
|
|
#ifdef CONFIG_IPV6_SIT_6RD
|
|
|
|
|
struct ip_tunnel_6rd ip6rd;
|
|
|
|
|
#endif
|
2005-04-16 22:20:36 +00:00
|
|
|
|
|
|
|
|
switch (cmd) {
|
|
|
|
|
case SIOCGETTUNNEL:
|
2009-09-22 23:43:14 +00:00
|
|
|
#ifdef CONFIG_IPV6_SIT_6RD
|
|
|
|
|
case SIOCGET6RD:
|
|
|
|
|
#endif
|
2005-04-16 22:20:36 +00:00
|
|
|
t = NULL;
|
2008-04-16 08:16:18 +00:00
|
|
|
if (dev == sitn->fb_tunnel_dev) {
|
2005-04-16 22:20:36 +00:00
|
|
|
if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p))) {
|
|
|
|
|
err = -EFAULT;
|
|
|
|
|
break;
|
|
|
|
|
}
|
2008-04-16 08:15:39 +00:00
|
|
|
t = ipip6_tunnel_locate(net, &p, 0);
|
2005-04-16 22:20:36 +00:00
|
|
|
}
|
|
|
|
|
if (t == NULL)
|
2006-01-09 06:05:26 +00:00
|
|
|
t = netdev_priv(dev);
|
2009-09-22 23:43:14 +00:00
|
|
|
|
|
|
|
|
err = -EFAULT;
|
|
|
|
|
if (cmd == SIOCGETTUNNEL) {
|
|
|
|
|
memcpy(&p, &t->parms, sizeof(p));
|
|
|
|
|
if (copy_to_user(ifr->ifr_ifru.ifru_data, &p,
|
|
|
|
|
sizeof(p)))
|
|
|
|
|
goto done;
|
|
|
|
|
#ifdef CONFIG_IPV6_SIT_6RD
|
|
|
|
|
} else {
|
2011-11-21 03:39:03 +00:00
|
|
|
ip6rd.prefix = t->ip6rd.prefix;
|
2009-09-22 23:43:14 +00:00
|
|
|
ip6rd.relay_prefix = t->ip6rd.relay_prefix;
|
|
|
|
|
ip6rd.prefixlen = t->ip6rd.prefixlen;
|
|
|
|
|
ip6rd.relay_prefixlen = t->ip6rd.relay_prefixlen;
|
|
|
|
|
if (copy_to_user(ifr->ifr_ifru.ifru_data, &ip6rd,
|
|
|
|
|
sizeof(ip6rd)))
|
|
|
|
|
goto done;
|
|
|
|
|
#endif
|
|
|
|
|
}
|
|
|
|
|
err = 0;
|
2005-04-16 22:20:36 +00:00
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case SIOCADDTUNNEL:
|
|
|
|
|
case SIOCCHGTUNNEL:
|
|
|
|
|
err = -EPERM;
|
net: Allow userns root to control ipv6
Allow an unpriviled user who has created a user namespace, and then
created a network namespace to effectively use the new network
namespace, by reducing capable(CAP_NET_ADMIN) and
capable(CAP_NET_RAW) calls to be ns_capable(net->user_ns,
CAP_NET_ADMIN), or capable(net->user_ns, CAP_NET_RAW) calls.
Settings that merely control a single network device are allowed.
Either the network device is a logical network device where
restrictions make no difference or the network device is hardware NIC
that has been explicity moved from the initial network namespace.
In general policy and network stack state changes are allowed while
resource control is left unchanged.
Allow the SIOCSIFADDR ioctl to add ipv6 addresses.
Allow the SIOCDIFADDR ioctl to delete ipv6 addresses.
Allow the SIOCADDRT ioctl to add ipv6 routes.
Allow the SIOCDELRT ioctl to delete ipv6 routes.
Allow creation of ipv6 raw sockets.
Allow setting the IPV6_JOIN_ANYCAST socket option.
Allow setting the IPV6_FL_A_RENEW parameter of the IPV6_FLOWLABEL_MGR
socket option.
Allow setting the IPV6_TRANSPARENT socket option.
Allow setting the IPV6_HOPOPTS socket option.
Allow setting the IPV6_RTHDRDSTOPTS socket option.
Allow setting the IPV6_DSTOPTS socket option.
Allow setting the IPV6_IPSEC_POLICY socket option.
Allow setting the IPV6_XFRM_POLICY socket option.
Allow sending packets with the IPV6_2292HOPOPTS control message.
Allow sending packets with the IPV6_2292DSTOPTS control message.
Allow sending packets with the IPV6_RTHDRDSTOPTS control message.
Allow setting the multicast routing socket options on non multicast
routing sockets.
Allow the SIOCADDTUNNEL, SIOCCHGTUNNEL, and SIOCDELTUNNEL ioctls for
setting up, changing and deleting tunnels over ipv6.
Allow the SIOCADDTUNNEL, SIOCCHGTUNNEL, SIOCDELTUNNEL ioctls for
setting up, changing and deleting ipv6 over ipv4 tunnels.
Allow the SIOCADDPRL, SIOCDELPRL, SIOCCHGPRL ioctls for adding,
deleting, and changing the potential router list for ISATAP tunnels.
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-11-16 03:03:06 +00:00
|
|
|
if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
|
2005-04-16 22:20:36 +00:00
|
|
|
goto done;
|
|
|
|
|
|
|
|
|
|
err = -EFAULT;
|
|
|
|
|
if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p)))
|
|
|
|
|
goto done;
|
|
|
|
|
|
|
|
|
|
err = -EINVAL;
|
|
|
|
|
if (p.iph.version != 4 || p.iph.protocol != IPPROTO_IPV6 ||
|
|
|
|
|
p.iph.ihl != 5 || (p.iph.frag_off&htons(~IP_DF)))
|
|
|
|
|
goto done;
|
|
|
|
|
if (p.iph.ttl)
|
|
|
|
|
p.iph.frag_off |= htons(IP_DF);
|
|
|
|
|
|
2008-04-16 08:15:39 +00:00
|
|
|
t = ipip6_tunnel_locate(net, &p, cmd == SIOCADDTUNNEL);
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2008-04-16 08:16:18 +00:00
|
|
|
if (dev != sitn->fb_tunnel_dev && cmd == SIOCCHGTUNNEL) {
|
2005-04-16 22:20:36 +00:00
|
|
|
if (t != NULL) {
|
|
|
|
|
if (t->dev != dev) {
|
|
|
|
|
err = -EEXIST;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
if (((dev->flags&IFF_POINTOPOINT) && !p.iph.daddr) ||
|
|
|
|
|
(!(dev->flags&IFF_POINTOPOINT) && p.iph.daddr)) {
|
|
|
|
|
err = -EINVAL;
|
|
|
|
|
break;
|
|
|
|
|
}
|
2006-01-09 06:05:26 +00:00
|
|
|
t = netdev_priv(dev);
|
2005-04-16 22:20:36 +00:00
|
|
|
}
|
2012-11-14 05:14:04 +00:00
|
|
|
|
2012-11-14 05:14:07 +00:00
|
|
|
ipip6_tunnel_update(t, &p);
|
2005-04-16 22:20:36 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (t) {
|
|
|
|
|
err = 0;
|
|
|
|
|
if (copy_to_user(ifr->ifr_ifru.ifru_data, &t->parms, sizeof(p)))
|
|
|
|
|
err = -EFAULT;
|
|
|
|
|
} else
|
|
|
|
|
err = (cmd == SIOCADDTUNNEL ? -ENOBUFS : -ENOENT);
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case SIOCDELTUNNEL:
|
|
|
|
|
err = -EPERM;
|
net: Allow userns root to control ipv6
Allow an unpriviled user who has created a user namespace, and then
created a network namespace to effectively use the new network
namespace, by reducing capable(CAP_NET_ADMIN) and
capable(CAP_NET_RAW) calls to be ns_capable(net->user_ns,
CAP_NET_ADMIN), or capable(net->user_ns, CAP_NET_RAW) calls.
Settings that merely control a single network device are allowed.
Either the network device is a logical network device where
restrictions make no difference or the network device is hardware NIC
that has been explicity moved from the initial network namespace.
In general policy and network stack state changes are allowed while
resource control is left unchanged.
Allow the SIOCSIFADDR ioctl to add ipv6 addresses.
Allow the SIOCDIFADDR ioctl to delete ipv6 addresses.
Allow the SIOCADDRT ioctl to add ipv6 routes.
Allow the SIOCDELRT ioctl to delete ipv6 routes.
Allow creation of ipv6 raw sockets.
Allow setting the IPV6_JOIN_ANYCAST socket option.
Allow setting the IPV6_FL_A_RENEW parameter of the IPV6_FLOWLABEL_MGR
socket option.
Allow setting the IPV6_TRANSPARENT socket option.
Allow setting the IPV6_HOPOPTS socket option.
Allow setting the IPV6_RTHDRDSTOPTS socket option.
Allow setting the IPV6_DSTOPTS socket option.
Allow setting the IPV6_IPSEC_POLICY socket option.
Allow setting the IPV6_XFRM_POLICY socket option.
Allow sending packets with the IPV6_2292HOPOPTS control message.
Allow sending packets with the IPV6_2292DSTOPTS control message.
Allow sending packets with the IPV6_RTHDRDSTOPTS control message.
Allow setting the multicast routing socket options on non multicast
routing sockets.
Allow the SIOCADDTUNNEL, SIOCCHGTUNNEL, and SIOCDELTUNNEL ioctls for
setting up, changing and deleting tunnels over ipv6.
Allow the SIOCADDTUNNEL, SIOCCHGTUNNEL, SIOCDELTUNNEL ioctls for
setting up, changing and deleting ipv6 over ipv4 tunnels.
Allow the SIOCADDPRL, SIOCDELPRL, SIOCCHGPRL ioctls for adding,
deleting, and changing the potential router list for ISATAP tunnels.
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-11-16 03:03:06 +00:00
|
|
|
if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
|
2005-04-16 22:20:36 +00:00
|
|
|
goto done;
|
|
|
|
|
|
2008-04-16 08:16:18 +00:00
|
|
|
if (dev == sitn->fb_tunnel_dev) {
|
2005-04-16 22:20:36 +00:00
|
|
|
err = -EFAULT;
|
|
|
|
|
if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p)))
|
|
|
|
|
goto done;
|
|
|
|
|
err = -ENOENT;
|
2008-04-16 08:15:39 +00:00
|
|
|
if ((t = ipip6_tunnel_locate(net, &p, 0)) == NULL)
|
2005-04-16 22:20:36 +00:00
|
|
|
goto done;
|
|
|
|
|
err = -EPERM;
|
2008-04-16 08:16:18 +00:00
|
|
|
if (t == netdev_priv(sitn->fb_tunnel_dev))
|
2005-04-16 22:20:36 +00:00
|
|
|
goto done;
|
|
|
|
|
dev = t->dev;
|
|
|
|
|
}
|
2007-02-07 08:09:58 +00:00
|
|
|
unregister_netdevice(dev);
|
|
|
|
|
err = 0;
|
2005-04-16 22:20:36 +00:00
|
|
|
break;
|
|
|
|
|
|
2008-03-24 09:28:39 +00:00
|
|
|
case SIOCGETPRL:
|
2008-06-16 23:48:20 +00:00
|
|
|
err = -EINVAL;
|
|
|
|
|
if (dev == sitn->fb_tunnel_dev)
|
|
|
|
|
goto done;
|
|
|
|
|
err = -ENOENT;
|
|
|
|
|
if (!(t = netdev_priv(dev)))
|
|
|
|
|
goto done;
|
|
|
|
|
err = ipip6_tunnel_get_prl(t, ifr->ifr_ifru.ifru_data);
|
|
|
|
|
break;
|
|
|
|
|
|
2008-03-11 22:35:59 +00:00
|
|
|
case SIOCADDPRL:
|
|
|
|
|
case SIOCDELPRL:
|
|
|
|
|
case SIOCCHGPRL:
|
|
|
|
|
err = -EPERM;
|
net: Allow userns root to control ipv6
Allow an unpriviled user who has created a user namespace, and then
created a network namespace to effectively use the new network
namespace, by reducing capable(CAP_NET_ADMIN) and
capable(CAP_NET_RAW) calls to be ns_capable(net->user_ns,
CAP_NET_ADMIN), or capable(net->user_ns, CAP_NET_RAW) calls.
Settings that merely control a single network device are allowed.
Either the network device is a logical network device where
restrictions make no difference or the network device is hardware NIC
that has been explicity moved from the initial network namespace.
In general policy and network stack state changes are allowed while
resource control is left unchanged.
Allow the SIOCSIFADDR ioctl to add ipv6 addresses.
Allow the SIOCDIFADDR ioctl to delete ipv6 addresses.
Allow the SIOCADDRT ioctl to add ipv6 routes.
Allow the SIOCDELRT ioctl to delete ipv6 routes.
Allow creation of ipv6 raw sockets.
Allow setting the IPV6_JOIN_ANYCAST socket option.
Allow setting the IPV6_FL_A_RENEW parameter of the IPV6_FLOWLABEL_MGR
socket option.
Allow setting the IPV6_TRANSPARENT socket option.
Allow setting the IPV6_HOPOPTS socket option.
Allow setting the IPV6_RTHDRDSTOPTS socket option.
Allow setting the IPV6_DSTOPTS socket option.
Allow setting the IPV6_IPSEC_POLICY socket option.
Allow setting the IPV6_XFRM_POLICY socket option.
Allow sending packets with the IPV6_2292HOPOPTS control message.
Allow sending packets with the IPV6_2292DSTOPTS control message.
Allow sending packets with the IPV6_RTHDRDSTOPTS control message.
Allow setting the multicast routing socket options on non multicast
routing sockets.
Allow the SIOCADDTUNNEL, SIOCCHGTUNNEL, and SIOCDELTUNNEL ioctls for
setting up, changing and deleting tunnels over ipv6.
Allow the SIOCADDTUNNEL, SIOCCHGTUNNEL, SIOCDELTUNNEL ioctls for
setting up, changing and deleting ipv6 over ipv4 tunnels.
Allow the SIOCADDPRL, SIOCDELPRL, SIOCCHGPRL ioctls for adding,
deleting, and changing the potential router list for ISATAP tunnels.
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-11-16 03:03:06 +00:00
|
|
|
if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
|
2008-03-11 22:35:59 +00:00
|
|
|
goto done;
|
|
|
|
|
err = -EINVAL;
|
2008-04-16 08:16:18 +00:00
|
|
|
if (dev == sitn->fb_tunnel_dev)
|
2008-03-11 22:35:59 +00:00
|
|
|
goto done;
|
|
|
|
|
err = -EFAULT;
|
|
|
|
|
if (copy_from_user(&prl, ifr->ifr_ifru.ifru_data, sizeof(prl)))
|
|
|
|
|
goto done;
|
|
|
|
|
err = -ENOENT;
|
|
|
|
|
if (!(t = netdev_priv(dev)))
|
|
|
|
|
goto done;
|
|
|
|
|
|
2008-03-24 09:28:39 +00:00
|
|
|
switch (cmd) {
|
|
|
|
|
case SIOCDELPRL:
|
2008-03-11 22:35:59 +00:00
|
|
|
err = ipip6_tunnel_del_prl(t, &prl);
|
2008-03-24 09:28:39 +00:00
|
|
|
break;
|
|
|
|
|
case SIOCADDPRL:
|
|
|
|
|
case SIOCCHGPRL:
|
2008-03-11 22:35:59 +00:00
|
|
|
err = ipip6_tunnel_add_prl(t, &prl, cmd == SIOCCHGPRL);
|
2008-03-24 09:28:39 +00:00
|
|
|
break;
|
|
|
|
|
}
|
2008-06-16 23:48:20 +00:00
|
|
|
netdev_state_change(dev);
|
2008-03-11 22:35:59 +00:00
|
|
|
break;
|
|
|
|
|
|
2009-09-22 23:43:14 +00:00
|
|
|
#ifdef CONFIG_IPV6_SIT_6RD
|
|
|
|
|
case SIOCADD6RD:
|
|
|
|
|
case SIOCCHG6RD:
|
|
|
|
|
case SIOCDEL6RD:
|
|
|
|
|
err = -EPERM;
|
net: Allow userns root to control ipv6
Allow an unpriviled user who has created a user namespace, and then
created a network namespace to effectively use the new network
namespace, by reducing capable(CAP_NET_ADMIN) and
capable(CAP_NET_RAW) calls to be ns_capable(net->user_ns,
CAP_NET_ADMIN), or capable(net->user_ns, CAP_NET_RAW) calls.
Settings that merely control a single network device are allowed.
Either the network device is a logical network device where
restrictions make no difference or the network device is hardware NIC
that has been explicity moved from the initial network namespace.
In general policy and network stack state changes are allowed while
resource control is left unchanged.
Allow the SIOCSIFADDR ioctl to add ipv6 addresses.
Allow the SIOCDIFADDR ioctl to delete ipv6 addresses.
Allow the SIOCADDRT ioctl to add ipv6 routes.
Allow the SIOCDELRT ioctl to delete ipv6 routes.
Allow creation of ipv6 raw sockets.
Allow setting the IPV6_JOIN_ANYCAST socket option.
Allow setting the IPV6_FL_A_RENEW parameter of the IPV6_FLOWLABEL_MGR
socket option.
Allow setting the IPV6_TRANSPARENT socket option.
Allow setting the IPV6_HOPOPTS socket option.
Allow setting the IPV6_RTHDRDSTOPTS socket option.
Allow setting the IPV6_DSTOPTS socket option.
Allow setting the IPV6_IPSEC_POLICY socket option.
Allow setting the IPV6_XFRM_POLICY socket option.
Allow sending packets with the IPV6_2292HOPOPTS control message.
Allow sending packets with the IPV6_2292DSTOPTS control message.
Allow sending packets with the IPV6_RTHDRDSTOPTS control message.
Allow setting the multicast routing socket options on non multicast
routing sockets.
Allow the SIOCADDTUNNEL, SIOCCHGTUNNEL, and SIOCDELTUNNEL ioctls for
setting up, changing and deleting tunnels over ipv6.
Allow the SIOCADDTUNNEL, SIOCCHGTUNNEL, SIOCDELTUNNEL ioctls for
setting up, changing and deleting ipv6 over ipv4 tunnels.
Allow the SIOCADDPRL, SIOCDELPRL, SIOCCHGPRL ioctls for adding,
deleting, and changing the potential router list for ISATAP tunnels.
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-11-16 03:03:06 +00:00
|
|
|
if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
|
2009-09-22 23:43:14 +00:00
|
|
|
goto done;
|
|
|
|
|
|
|
|
|
|
err = -EFAULT;
|
|
|
|
|
if (copy_from_user(&ip6rd, ifr->ifr_ifru.ifru_data,
|
|
|
|
|
sizeof(ip6rd)))
|
|
|
|
|
goto done;
|
|
|
|
|
|
|
|
|
|
t = netdev_priv(dev);
|
|
|
|
|
|
|
|
|
|
if (cmd != SIOCDEL6RD) {
|
2012-11-19 22:41:45 +00:00
|
|
|
err = ipip6_tunnel_update_6rd(t, &ip6rd);
|
|
|
|
|
if (err < 0)
|
2009-09-22 23:43:14 +00:00
|
|
|
goto done;
|
|
|
|
|
} else
|
2009-10-11 03:31:34 +00:00
|
|
|
ipip6_tunnel_clone_6rd(dev, sitn);
|
2009-09-22 23:43:14 +00:00
|
|
|
|
|
|
|
|
err = 0;
|
|
|
|
|
break;
|
|
|
|
|
#endif
|
|
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
default:
|
|
|
|
|
err = -EINVAL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
done:
|
|
|
|
|
return err;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int ipip6_tunnel_change_mtu(struct net_device *dev, int new_mtu)
|
|
|
|
|
{
|
|
|
|
|
if (new_mtu < IPV6_MIN_MTU || new_mtu > 0xFFF8 - sizeof(struct iphdr))
|
|
|
|
|
return -EINVAL;
|
|
|
|
|
dev->mtu = new_mtu;
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2008-11-21 04:33:56 +00:00
|
|
|
static const struct net_device_ops ipip6_netdev_ops = {
|
|
|
|
|
.ndo_uninit = ipip6_tunnel_uninit,
|
|
|
|
|
.ndo_start_xmit = ipip6_tunnel_xmit,
|
|
|
|
|
.ndo_do_ioctl = ipip6_tunnel_ioctl,
|
|
|
|
|
.ndo_change_mtu = ipip6_tunnel_change_mtu,
|
2013-03-25 14:50:00 +00:00
|
|
|
.ndo_get_stats64 = ip_tunnel_get_stats64,
|
2008-11-21 04:33:56 +00:00
|
|
|
};
|
|
|
|
|
|
2010-09-27 00:38:18 +00:00
|
|
|
static void ipip6_dev_free(struct net_device *dev)
|
|
|
|
|
{
|
|
|
|
|
free_percpu(dev->tstats);
|
|
|
|
|
free_netdev(dev);
|
|
|
|
|
}
|
|
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
static void ipip6_tunnel_setup(struct net_device *dev)
|
|
|
|
|
{
|
2008-11-21 04:33:56 +00:00
|
|
|
dev->netdev_ops = &ipip6_netdev_ops;
|
2010-09-27 00:38:18 +00:00
|
|
|
dev->destructor = ipip6_dev_free;
|
2005-04-16 22:20:36 +00:00
|
|
|
|
|
|
|
|
dev->type = ARPHRD_SIT;
|
|
|
|
|
dev->hard_header_len = LL_MAX_HEADER + sizeof(struct iphdr);
|
2006-01-06 00:35:42 +00:00
|
|
|
dev->mtu = ETH_DATA_LEN - sizeof(struct iphdr);
|
2005-04-16 22:20:36 +00:00
|
|
|
dev->flags = IFF_NOARP;
|
2009-07-12 03:30:52 +00:00
|
|
|
dev->priv_flags &= ~IFF_XMIT_DST_RELEASE;
|
2005-04-16 22:20:36 +00:00
|
|
|
dev->iflink = 0;
|
|
|
|
|
dev->addr_len = 4;
|
2008-04-16 08:17:18 +00:00
|
|
|
dev->features |= NETIF_F_NETNS_LOCAL;
|
2010-09-28 02:53:41 +00:00
|
|
|
dev->features |= NETIF_F_LLTX;
|
2005-04-16 22:20:36 +00:00
|
|
|
}
|
|
|
|
|
|
2010-09-27 00:38:18 +00:00
|
|
|
static int ipip6_tunnel_init(struct net_device *dev)
|
2005-04-16 22:20:36 +00:00
|
|
|
{
|
2008-11-21 04:33:56 +00:00
|
|
|
struct ip_tunnel *tunnel = netdev_priv(dev);
|
2005-04-16 22:20:36 +00:00
|
|
|
|
|
|
|
|
tunnel->dev = dev;
|
|
|
|
|
|
|
|
|
|
memcpy(dev->dev_addr, &tunnel->parms.iph.saddr, 4);
|
|
|
|
|
memcpy(dev->broadcast, &tunnel->parms.iph.daddr, 4);
|
|
|
|
|
|
2007-12-13 17:47:00 +00:00
|
|
|
ipip6_tunnel_bind_dev(dev);
|
2010-09-27 00:38:18 +00:00
|
|
|
dev->tstats = alloc_percpu(struct pcpu_tstats);
|
|
|
|
|
if (!dev->tstats)
|
|
|
|
|
return -ENOMEM;
|
|
|
|
|
|
|
|
|
|
return 0;
|
2005-04-16 22:20:36 +00:00
|
|
|
}
|
|
|
|
|
|
2010-09-28 02:17:58 +00:00
|
|
|
static int __net_init ipip6_fb_tunnel_init(struct net_device *dev)
|
2005-04-16 22:20:36 +00:00
|
|
|
{
|
2006-01-09 06:05:26 +00:00
|
|
|
struct ip_tunnel *tunnel = netdev_priv(dev);
|
2005-04-16 22:20:36 +00:00
|
|
|
struct iphdr *iph = &tunnel->parms.iph;
|
2008-04-16 08:16:38 +00:00
|
|
|
struct net *net = dev_net(dev);
|
|
|
|
|
struct sit_net *sitn = net_generic(net, sit_net_id);
|
2005-04-16 22:20:36 +00:00
|
|
|
|
|
|
|
|
tunnel->dev = dev;
|
|
|
|
|
strcpy(tunnel->parms.name, dev->name);
|
|
|
|
|
|
|
|
|
|
iph->version = 4;
|
|
|
|
|
iph->protocol = IPPROTO_IPV6;
|
|
|
|
|
iph->ihl = 5;
|
|
|
|
|
iph->ttl = 64;
|
|
|
|
|
|
2010-09-28 02:17:58 +00:00
|
|
|
dev->tstats = alloc_percpu(struct pcpu_tstats);
|
|
|
|
|
if (!dev->tstats)
|
|
|
|
|
return -ENOMEM;
|
2005-04-16 22:20:36 +00:00
|
|
|
dev_hold(dev);
|
2012-01-12 04:41:32 +00:00
|
|
|
rcu_assign_pointer(sitn->tunnels_wc[0], tunnel);
|
2010-09-28 02:17:58 +00:00
|
|
|
return 0;
|
2005-04-16 22:20:36 +00:00
|
|
|
}
|
|
|
|
|
|
2012-11-14 05:14:07 +00:00
|
|
|
static void ipip6_netlink_parms(struct nlattr *data[],
|
|
|
|
|
struct ip_tunnel_parm *parms)
|
|
|
|
|
{
|
|
|
|
|
memset(parms, 0, sizeof(*parms));
|
|
|
|
|
|
|
|
|
|
parms->iph.version = 4;
|
|
|
|
|
parms->iph.protocol = IPPROTO_IPV6;
|
|
|
|
|
parms->iph.ihl = 5;
|
|
|
|
|
parms->iph.ttl = 64;
|
|
|
|
|
|
|
|
|
|
if (!data)
|
|
|
|
|
return;
|
|
|
|
|
|
|
|
|
|
if (data[IFLA_IPTUN_LINK])
|
|
|
|
|
parms->link = nla_get_u32(data[IFLA_IPTUN_LINK]);
|
|
|
|
|
|
|
|
|
|
if (data[IFLA_IPTUN_LOCAL])
|
2012-11-15 04:06:41 +00:00
|
|
|
parms->iph.saddr = nla_get_be32(data[IFLA_IPTUN_LOCAL]);
|
2012-11-14 05:14:07 +00:00
|
|
|
|
|
|
|
|
if (data[IFLA_IPTUN_REMOTE])
|
2012-11-15 04:06:41 +00:00
|
|
|
parms->iph.daddr = nla_get_be32(data[IFLA_IPTUN_REMOTE]);
|
2012-11-14 05:14:07 +00:00
|
|
|
|
|
|
|
|
if (data[IFLA_IPTUN_TTL]) {
|
|
|
|
|
parms->iph.ttl = nla_get_u8(data[IFLA_IPTUN_TTL]);
|
|
|
|
|
if (parms->iph.ttl)
|
|
|
|
|
parms->iph.frag_off = htons(IP_DF);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (data[IFLA_IPTUN_TOS])
|
|
|
|
|
parms->iph.tos = nla_get_u8(data[IFLA_IPTUN_TOS]);
|
|
|
|
|
|
|
|
|
|
if (!data[IFLA_IPTUN_PMTUDISC] || nla_get_u8(data[IFLA_IPTUN_PMTUDISC]))
|
|
|
|
|
parms->iph.frag_off = htons(IP_DF);
|
|
|
|
|
|
|
|
|
|
if (data[IFLA_IPTUN_FLAGS])
|
2012-11-15 04:06:41 +00:00
|
|
|
parms->i_flags = nla_get_be16(data[IFLA_IPTUN_FLAGS]);
|
2012-11-14 05:14:07 +00:00
|
|
|
}
|
|
|
|
|
|
2012-11-19 22:41:45 +00:00
|
|
|
#ifdef CONFIG_IPV6_SIT_6RD
|
|
|
|
|
/* This function returns true when 6RD attributes are present in the nl msg */
|
|
|
|
|
static bool ipip6_netlink_6rd_parms(struct nlattr *data[],
|
|
|
|
|
struct ip_tunnel_6rd *ip6rd)
|
|
|
|
|
{
|
|
|
|
|
bool ret = false;
|
|
|
|
|
memset(ip6rd, 0, sizeof(*ip6rd));
|
|
|
|
|
|
|
|
|
|
if (!data)
|
|
|
|
|
return ret;
|
|
|
|
|
|
|
|
|
|
if (data[IFLA_IPTUN_6RD_PREFIX]) {
|
|
|
|
|
ret = true;
|
|
|
|
|
nla_memcpy(&ip6rd->prefix, data[IFLA_IPTUN_6RD_PREFIX],
|
|
|
|
|
sizeof(struct in6_addr));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (data[IFLA_IPTUN_6RD_RELAY_PREFIX]) {
|
|
|
|
|
ret = true;
|
|
|
|
|
ip6rd->relay_prefix =
|
|
|
|
|
nla_get_be32(data[IFLA_IPTUN_6RD_RELAY_PREFIX]);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (data[IFLA_IPTUN_6RD_PREFIXLEN]) {
|
|
|
|
|
ret = true;
|
|
|
|
|
ip6rd->prefixlen = nla_get_u16(data[IFLA_IPTUN_6RD_PREFIXLEN]);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (data[IFLA_IPTUN_6RD_RELAY_PREFIXLEN]) {
|
|
|
|
|
ret = true;
|
|
|
|
|
ip6rd->relay_prefixlen =
|
|
|
|
|
nla_get_u16(data[IFLA_IPTUN_6RD_RELAY_PREFIXLEN]);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
#endif
|
|
|
|
|
|
2012-11-14 05:14:07 +00:00
|
|
|
static int ipip6_newlink(struct net *src_net, struct net_device *dev,
|
|
|
|
|
struct nlattr *tb[], struct nlattr *data[])
|
|
|
|
|
{
|
|
|
|
|
struct net *net = dev_net(dev);
|
|
|
|
|
struct ip_tunnel *nt;
|
2012-11-19 22:41:45 +00:00
|
|
|
#ifdef CONFIG_IPV6_SIT_6RD
|
|
|
|
|
struct ip_tunnel_6rd ip6rd;
|
|
|
|
|
#endif
|
|
|
|
|
int err;
|
2012-11-14 05:14:07 +00:00
|
|
|
|
|
|
|
|
nt = netdev_priv(dev);
|
|
|
|
|
ipip6_netlink_parms(data, &nt->parms);
|
|
|
|
|
|
|
|
|
|
if (ipip6_tunnel_locate(net, &nt->parms, 0))
|
|
|
|
|
return -EEXIST;
|
|
|
|
|
|
2012-11-19 22:41:45 +00:00
|
|
|
err = ipip6_tunnel_create(dev);
|
|
|
|
|
if (err < 0)
|
|
|
|
|
return err;
|
|
|
|
|
|
|
|
|
|
#ifdef CONFIG_IPV6_SIT_6RD
|
|
|
|
|
if (ipip6_netlink_6rd_parms(data, &ip6rd))
|
|
|
|
|
err = ipip6_tunnel_update_6rd(nt, &ip6rd);
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
return err;
|
2012-11-14 05:14:07 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int ipip6_changelink(struct net_device *dev, struct nlattr *tb[],
|
|
|
|
|
struct nlattr *data[])
|
|
|
|
|
{
|
|
|
|
|
struct ip_tunnel *t;
|
|
|
|
|
struct ip_tunnel_parm p;
|
|
|
|
|
struct net *net = dev_net(dev);
|
|
|
|
|
struct sit_net *sitn = net_generic(net, sit_net_id);
|
2012-11-19 22:41:45 +00:00
|
|
|
#ifdef CONFIG_IPV6_SIT_6RD
|
|
|
|
|
struct ip_tunnel_6rd ip6rd;
|
|
|
|
|
#endif
|
2012-11-14 05:14:07 +00:00
|
|
|
|
|
|
|
|
if (dev == sitn->fb_tunnel_dev)
|
|
|
|
|
return -EINVAL;
|
|
|
|
|
|
|
|
|
|
ipip6_netlink_parms(data, &p);
|
|
|
|
|
|
|
|
|
|
if (((dev->flags & IFF_POINTOPOINT) && !p.iph.daddr) ||
|
|
|
|
|
(!(dev->flags & IFF_POINTOPOINT) && p.iph.daddr))
|
|
|
|
|
return -EINVAL;
|
|
|
|
|
|
|
|
|
|
t = ipip6_tunnel_locate(net, &p, 0);
|
|
|
|
|
|
|
|
|
|
if (t) {
|
|
|
|
|
if (t->dev != dev)
|
|
|
|
|
return -EEXIST;
|
|
|
|
|
} else
|
|
|
|
|
t = netdev_priv(dev);
|
|
|
|
|
|
|
|
|
|
ipip6_tunnel_update(t, &p);
|
2012-11-19 22:41:45 +00:00
|
|
|
|
|
|
|
|
#ifdef CONFIG_IPV6_SIT_6RD
|
|
|
|
|
if (ipip6_netlink_6rd_parms(data, &ip6rd))
|
|
|
|
|
return ipip6_tunnel_update_6rd(t, &ip6rd);
|
|
|
|
|
#endif
|
|
|
|
|
|
2012-11-14 05:14:07 +00:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2012-11-14 05:14:06 +00:00
|
|
|
static size_t ipip6_get_size(const struct net_device *dev)
|
2012-11-09 06:10:00 +00:00
|
|
|
{
|
|
|
|
|
return
|
|
|
|
|
/* IFLA_IPTUN_LINK */
|
|
|
|
|
nla_total_size(4) +
|
|
|
|
|
/* IFLA_IPTUN_LOCAL */
|
|
|
|
|
nla_total_size(4) +
|
|
|
|
|
/* IFLA_IPTUN_REMOTE */
|
|
|
|
|
nla_total_size(4) +
|
|
|
|
|
/* IFLA_IPTUN_TTL */
|
|
|
|
|
nla_total_size(1) +
|
|
|
|
|
/* IFLA_IPTUN_TOS */
|
|
|
|
|
nla_total_size(1) +
|
2012-11-14 05:14:05 +00:00
|
|
|
/* IFLA_IPTUN_PMTUDISC */
|
|
|
|
|
nla_total_size(1) +
|
|
|
|
|
/* IFLA_IPTUN_FLAGS */
|
|
|
|
|
nla_total_size(2) +
|
2012-11-19 22:41:45 +00:00
|
|
|
#ifdef CONFIG_IPV6_SIT_6RD
|
|
|
|
|
/* IFLA_IPTUN_6RD_PREFIX */
|
|
|
|
|
nla_total_size(sizeof(struct in6_addr)) +
|
|
|
|
|
/* IFLA_IPTUN_6RD_RELAY_PREFIX */
|
|
|
|
|
nla_total_size(4) +
|
|
|
|
|
/* IFLA_IPTUN_6RD_PREFIXLEN */
|
|
|
|
|
nla_total_size(2) +
|
|
|
|
|
/* IFLA_IPTUN_6RD_RELAY_PREFIXLEN */
|
|
|
|
|
nla_total_size(2) +
|
|
|
|
|
#endif
|
2012-11-09 06:10:00 +00:00
|
|
|
0;
|
|
|
|
|
}
|
|
|
|
|
|
2012-11-14 05:14:06 +00:00
|
|
|
static int ipip6_fill_info(struct sk_buff *skb, const struct net_device *dev)
|
2012-11-09 06:10:00 +00:00
|
|
|
{
|
|
|
|
|
struct ip_tunnel *tunnel = netdev_priv(dev);
|
|
|
|
|
struct ip_tunnel_parm *parm = &tunnel->parms;
|
|
|
|
|
|
|
|
|
|
if (nla_put_u32(skb, IFLA_IPTUN_LINK, parm->link) ||
|
|
|
|
|
nla_put_be32(skb, IFLA_IPTUN_LOCAL, parm->iph.saddr) ||
|
|
|
|
|
nla_put_be32(skb, IFLA_IPTUN_REMOTE, parm->iph.daddr) ||
|
|
|
|
|
nla_put_u8(skb, IFLA_IPTUN_TTL, parm->iph.ttl) ||
|
2012-11-14 05:14:05 +00:00
|
|
|
nla_put_u8(skb, IFLA_IPTUN_TOS, parm->iph.tos) ||
|
|
|
|
|
nla_put_u8(skb, IFLA_IPTUN_PMTUDISC,
|
|
|
|
|
!!(parm->iph.frag_off & htons(IP_DF))) ||
|
2012-11-15 04:06:41 +00:00
|
|
|
nla_put_be16(skb, IFLA_IPTUN_FLAGS, parm->i_flags))
|
2012-11-09 06:10:00 +00:00
|
|
|
goto nla_put_failure;
|
2012-11-19 22:41:45 +00:00
|
|
|
|
|
|
|
|
#ifdef CONFIG_IPV6_SIT_6RD
|
|
|
|
|
if (nla_put(skb, IFLA_IPTUN_6RD_PREFIX, sizeof(struct in6_addr),
|
|
|
|
|
&tunnel->ip6rd.prefix) ||
|
|
|
|
|
nla_put_be32(skb, IFLA_IPTUN_6RD_RELAY_PREFIX,
|
|
|
|
|
tunnel->ip6rd.relay_prefix) ||
|
|
|
|
|
nla_put_u16(skb, IFLA_IPTUN_6RD_PREFIXLEN,
|
|
|
|
|
tunnel->ip6rd.prefixlen) ||
|
|
|
|
|
nla_put_u16(skb, IFLA_IPTUN_6RD_RELAY_PREFIXLEN,
|
|
|
|
|
tunnel->ip6rd.relay_prefixlen))
|
|
|
|
|
goto nla_put_failure;
|
|
|
|
|
#endif
|
|
|
|
|
|
2012-11-09 06:10:00 +00:00
|
|
|
return 0;
|
|
|
|
|
|
|
|
|
|
nla_put_failure:
|
|
|
|
|
return -EMSGSIZE;
|
|
|
|
|
}
|
|
|
|
|
|
2012-11-14 05:14:07 +00:00
|
|
|
static const struct nla_policy ipip6_policy[IFLA_IPTUN_MAX + 1] = {
|
|
|
|
|
[IFLA_IPTUN_LINK] = { .type = NLA_U32 },
|
|
|
|
|
[IFLA_IPTUN_LOCAL] = { .type = NLA_U32 },
|
|
|
|
|
[IFLA_IPTUN_REMOTE] = { .type = NLA_U32 },
|
|
|
|
|
[IFLA_IPTUN_TTL] = { .type = NLA_U8 },
|
|
|
|
|
[IFLA_IPTUN_TOS] = { .type = NLA_U8 },
|
|
|
|
|
[IFLA_IPTUN_PMTUDISC] = { .type = NLA_U8 },
|
|
|
|
|
[IFLA_IPTUN_FLAGS] = { .type = NLA_U16 },
|
2012-11-19 22:41:45 +00:00
|
|
|
#ifdef CONFIG_IPV6_SIT_6RD
|
|
|
|
|
[IFLA_IPTUN_6RD_PREFIX] = { .len = sizeof(struct in6_addr) },
|
|
|
|
|
[IFLA_IPTUN_6RD_RELAY_PREFIX] = { .type = NLA_U32 },
|
|
|
|
|
[IFLA_IPTUN_6RD_PREFIXLEN] = { .type = NLA_U16 },
|
|
|
|
|
[IFLA_IPTUN_6RD_RELAY_PREFIXLEN] = { .type = NLA_U16 },
|
|
|
|
|
#endif
|
2012-11-14 05:14:07 +00:00
|
|
|
};
|
|
|
|
|
|
2014-01-31 08:24:04 +00:00
|
|
|
static void ipip6_dellink(struct net_device *dev, struct list_head *head)
|
|
|
|
|
{
|
|
|
|
|
struct net *net = dev_net(dev);
|
|
|
|
|
struct sit_net *sitn = net_generic(net, sit_net_id);
|
|
|
|
|
|
|
|
|
|
if (dev != sitn->fb_tunnel_dev)
|
|
|
|
|
unregister_netdevice_queue(dev, head);
|
|
|
|
|
}
|
|
|
|
|
|
2012-11-09 06:10:00 +00:00
|
|
|
static struct rtnl_link_ops sit_link_ops __read_mostly = {
|
|
|
|
|
.kind = "sit",
|
|
|
|
|
.maxtype = IFLA_IPTUN_MAX,
|
2012-11-14 05:14:07 +00:00
|
|
|
.policy = ipip6_policy,
|
2012-11-09 06:10:00 +00:00
|
|
|
.priv_size = sizeof(struct ip_tunnel),
|
2012-11-14 05:14:07 +00:00
|
|
|
.setup = ipip6_tunnel_setup,
|
|
|
|
|
.newlink = ipip6_newlink,
|
|
|
|
|
.changelink = ipip6_changelink,
|
2012-11-14 05:14:06 +00:00
|
|
|
.get_size = ipip6_get_size,
|
|
|
|
|
.fill_info = ipip6_fill_info,
|
2014-01-31 08:24:04 +00:00
|
|
|
.dellink = ipip6_dellink,
|
2012-11-09 06:10:00 +00:00
|
|
|
};
|
|
|
|
|
|
2010-08-30 07:04:14 +00:00
|
|
|
static struct xfrm_tunnel sit_handler __read_mostly = {
|
2005-04-16 22:20:36 +00:00
|
|
|
.handler = ipip6_rcv,
|
|
|
|
|
.err_handler = ipip6_err,
|
2007-02-13 20:55:25 +00:00
|
|
|
.priority = 1,
|
2005-04-16 22:20:36 +00:00
|
|
|
};
|
|
|
|
|
|
2010-01-17 03:35:32 +00:00
|
|
|
static void __net_exit sit_destroy_tunnels(struct sit_net *sitn, struct list_head *head)
|
2005-07-31 00:46:44 +00:00
|
|
|
{
|
|
|
|
|
int prio;
|
|
|
|
|
|
|
|
|
|
for (prio = 1; prio < 4; prio++) {
|
|
|
|
|
int h;
|
|
|
|
|
for (h = 0; h < HASH_SIZE; h++) {
|
2011-01-20 07:16:24 +00:00
|
|
|
struct ip_tunnel *t;
|
2009-10-28 04:37:43 +00:00
|
|
|
|
2011-01-20 07:16:24 +00:00
|
|
|
t = rtnl_dereference(sitn->tunnels[prio][h]);
|
2009-10-28 04:37:43 +00:00
|
|
|
while (t != NULL) {
|
|
|
|
|
unregister_netdevice_queue(t->dev, head);
|
2011-01-20 07:16:24 +00:00
|
|
|
t = rtnl_dereference(t->next);
|
2009-10-28 04:37:43 +00:00
|
|
|
}
|
2005-07-31 00:46:44 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2010-01-17 03:35:32 +00:00
|
|
|
static int __net_init sit_init_net(struct net *net)
|
2008-04-16 08:15:17 +00:00
|
|
|
{
|
2009-11-29 15:46:16 +00:00
|
|
|
struct sit_net *sitn = net_generic(net, sit_net_id);
|
2011-12-08 00:46:21 +00:00
|
|
|
struct ip_tunnel *t;
|
2008-04-16 08:15:17 +00:00
|
|
|
int err;
|
|
|
|
|
|
2008-04-16 08:16:38 +00:00
|
|
|
sitn->tunnels[0] = sitn->tunnels_wc;
|
|
|
|
|
sitn->tunnels[1] = sitn->tunnels_l;
|
|
|
|
|
sitn->tunnels[2] = sitn->tunnels_r;
|
|
|
|
|
sitn->tunnels[3] = sitn->tunnels_r_l;
|
|
|
|
|
|
2008-04-16 08:16:18 +00:00
|
|
|
sitn->fb_tunnel_dev = alloc_netdev(sizeof(struct ip_tunnel), "sit0",
|
|
|
|
|
ipip6_tunnel_setup);
|
|
|
|
|
if (!sitn->fb_tunnel_dev) {
|
|
|
|
|
err = -ENOMEM;
|
|
|
|
|
goto err_alloc_dev;
|
|
|
|
|
}
|
2008-11-24 01:26:26 +00:00
|
|
|
dev_net_set(sitn->fb_tunnel_dev, net);
|
2013-10-01 16:04:59 +00:00
|
|
|
sitn->fb_tunnel_dev->rtnl_link_ops = &sit_link_ops;
|
2008-04-16 08:16:18 +00:00
|
|
|
|
2010-09-28 02:17:58 +00:00
|
|
|
err = ipip6_fb_tunnel_init(sitn->fb_tunnel_dev);
|
|
|
|
|
if (err)
|
|
|
|
|
goto err_dev_free;
|
|
|
|
|
|
2009-10-11 03:31:34 +00:00
|
|
|
ipip6_tunnel_clone_6rd(sitn->fb_tunnel_dev, sitn);
|
2008-04-16 08:16:18 +00:00
|
|
|
|
|
|
|
|
if ((err = register_netdev(sitn->fb_tunnel_dev)))
|
|
|
|
|
goto err_reg_dev;
|
|
|
|
|
|
2011-12-08 00:46:21 +00:00
|
|
|
t = netdev_priv(sitn->fb_tunnel_dev);
|
|
|
|
|
|
|
|
|
|
strcpy(t->parms.name, sitn->fb_tunnel_dev->name);
|
2008-04-16 08:15:17 +00:00
|
|
|
return 0;
|
|
|
|
|
|
2008-04-16 08:16:18 +00:00
|
|
|
err_reg_dev:
|
2008-11-21 04:33:56 +00:00
|
|
|
dev_put(sitn->fb_tunnel_dev);
|
2010-09-28 02:17:58 +00:00
|
|
|
err_dev_free:
|
|
|
|
|
ipip6_dev_free(sitn->fb_tunnel_dev);
|
2008-04-16 08:16:18 +00:00
|
|
|
err_alloc_dev:
|
2008-04-16 08:15:17 +00:00
|
|
|
return err;
|
|
|
|
|
}
|
|
|
|
|
|
2010-01-17 03:35:32 +00:00
|
|
|
static void __net_exit sit_exit_net(struct net *net)
|
2008-04-16 08:15:17 +00:00
|
|
|
{
|
2009-11-29 15:46:16 +00:00
|
|
|
struct sit_net *sitn = net_generic(net, sit_net_id);
|
2009-10-28 04:37:43 +00:00
|
|
|
LIST_HEAD(list);
|
2008-04-16 08:15:17 +00:00
|
|
|
|
2008-04-16 08:16:18 +00:00
|
|
|
rtnl_lock();
|
2009-10-28 04:37:43 +00:00
|
|
|
sit_destroy_tunnels(sitn, &list);
|
|
|
|
|
unregister_netdevice_queue(sitn->fb_tunnel_dev, &list);
|
|
|
|
|
unregister_netdevice_many(&list);
|
2008-04-16 08:16:18 +00:00
|
|
|
rtnl_unlock();
|
2008-04-16 08:15:17 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static struct pernet_operations sit_net_ops = {
|
|
|
|
|
.init = sit_init_net,
|
|
|
|
|
.exit = sit_exit_net,
|
2009-11-29 15:46:16 +00:00
|
|
|
.id = &sit_net_id,
|
|
|
|
|
.size = sizeof(struct sit_net),
|
2008-04-16 08:15:17 +00:00
|
|
|
};
|
|
|
|
|
|
2006-11-21 00:56:48 +00:00
|
|
|
static void __exit sit_cleanup(void)
|
2005-04-16 22:20:36 +00:00
|
|
|
{
|
2012-11-09 06:10:00 +00:00
|
|
|
rtnl_link_unregister(&sit_link_ops);
|
2007-02-13 20:55:25 +00:00
|
|
|
xfrm4_tunnel_deregister(&sit_handler, AF_INET6);
|
2005-07-31 00:46:44 +00:00
|
|
|
|
2009-11-29 15:46:16 +00:00
|
|
|
unregister_pernet_device(&sit_net_ops);
|
2009-10-23 17:51:26 +00:00
|
|
|
rcu_barrier(); /* Wait for completion of call_rcu()'s */
|
2005-04-16 22:20:36 +00:00
|
|
|
}
|
|
|
|
|
|
2006-11-21 00:56:48 +00:00
|
|
|
static int __init sit_init(void)
|
2005-04-16 22:20:36 +00:00
|
|
|
{
|
|
|
|
|
int err;
|
|
|
|
|
|
2012-05-15 14:11:53 +00:00
|
|
|
pr_info("IPv6 over IPv4 tunneling driver\n");
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2009-11-29 15:46:16 +00:00
|
|
|
err = register_pernet_device(&sit_net_ops);
|
2008-04-16 08:15:17 +00:00
|
|
|
if (err < 0)
|
2010-02-16 09:05:04 +00:00
|
|
|
return err;
|
|
|
|
|
err = xfrm4_tunnel_register(&sit_handler, AF_INET6);
|
|
|
|
|
if (err < 0) {
|
2012-05-15 14:11:53 +00:00
|
|
|
pr_info("%s: can't add protocol\n", __func__);
|
2012-11-09 06:10:00 +00:00
|
|
|
goto xfrm_tunnel_failed;
|
2010-02-16 09:05:04 +00:00
|
|
|
}
|
2012-11-09 06:10:00 +00:00
|
|
|
err = rtnl_link_register(&sit_link_ops);
|
|
|
|
|
if (err < 0)
|
|
|
|
|
goto rtnl_link_failed;
|
|
|
|
|
|
|
|
|
|
out:
|
2005-04-16 22:20:36 +00:00
|
|
|
return err;
|
2012-11-09 06:10:00 +00:00
|
|
|
|
|
|
|
|
rtnl_link_failed:
|
|
|
|
|
xfrm4_tunnel_deregister(&sit_handler, AF_INET6);
|
|
|
|
|
xfrm_tunnel_failed:
|
|
|
|
|
unregister_pernet_device(&sit_net_ops);
|
|
|
|
|
goto out;
|
2005-04-16 22:20:36 +00:00
|
|
|
}
|
2006-10-10 21:47:44 +00:00
|
|
|
|
|
|
|
|
module_init(sit_init);
|
|
|
|
|
module_exit(sit_cleanup);
|
2006-10-13 22:05:53 +00:00
|
|
|
MODULE_LICENSE("GPL");
|
2014-05-15 21:21:30 +00:00
|
|
|
MODULE_ALIAS_RTNL_LINK("sit");
|
2011-03-01 21:33:13 +00:00
|
|
|
MODULE_ALIAS_NETDEV("sit0");
|
