IPIP: Use ip-tunneling code. · tjh.dev/kernel@fd58156

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

IPIP: Use ip-tunneling code.

Reuse common ip-tunneling code which is re-factored from GRE
module.

Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

authored by

Pravin B Shelar and committed by

David S. Miller 13 years ago fd58156e c5441932

+57 -690

2 changed files

expand all

net

ipv4

Kconfig

ipip.c

net/ipv4/Kconfig

··· 166 166 config NET_IPIP 167 167 tristate "IP: tunneling" 168 168 select INET_TUNNEL 169 + select NET_IP_TUNNEL 169 170 ---help--- 170 171 Tunneling means encapsulating data of one protocol type within 171 172 another protocol and sending it over a channel that understands the

+56 -690

net/ipv4/ipip.c

··· 117 117 #include <net/net_namespace.h> 118 118 #include <net/netns/generic.h> 119 119 120 - #define HASH_SIZE 16 121 - #define HASH(addr) (((__force u32)addr^((__force u32)addr>>4))&0xF) 122 - 123 120 static bool log_ecn_error = true; 124 121 module_param(log_ecn_error, bool, 0644); 125 122 MODULE_PARM_DESC(log_ecn_error, "Log packets received with corrupted ECN"); 126 123 127 124 static int ipip_net_id __read_mostly; 128 - struct ipip_net { 129 - struct ip_tunnel __rcu *tunnels_r_l[HASH_SIZE]; 130 - struct ip_tunnel __rcu *tunnels_r[HASH_SIZE]; 131 - struct ip_tunnel __rcu *tunnels_l[HASH_SIZE]; 132 - struct ip_tunnel __rcu *tunnels_wc[1]; 133 - struct ip_tunnel __rcu **tunnels[4]; 134 - 135 - struct net_device *fb_tunnel_dev; 136 - }; 137 125 138 126 static int ipip_tunnel_init(struct net_device *dev); 139 - static void ipip_tunnel_setup(struct net_device *dev); 140 - static void ipip_dev_free(struct net_device *dev); 141 127 static struct rtnl_link_ops ipip_link_ops __read_mostly; 142 - 143 - static struct rtnl_link_stats64 *ipip_get_stats64(struct net_device *dev, 144 - struct rtnl_link_stats64 *tot) 145 - { 146 - int i; 147 - 148 - for_each_possible_cpu(i) { 149 - const struct pcpu_tstats *tstats = per_cpu_ptr(dev->tstats, i); 150 - u64 rx_packets, rx_bytes, tx_packets, tx_bytes; 151 - unsigned int start; 152 - 153 - do { 154 - start = u64_stats_fetch_begin_bh(&tstats->syncp); 155 - rx_packets = tstats->rx_packets; 156 - tx_packets = tstats->tx_packets; 157 - rx_bytes = tstats->rx_bytes; 158 - tx_bytes = tstats->tx_bytes; 159 - } while (u64_stats_fetch_retry_bh(&tstats->syncp, start)); 160 - 161 - tot->rx_packets += rx_packets; 162 - tot->tx_packets += tx_packets; 163 - tot->rx_bytes += rx_bytes; 164 - tot->tx_bytes += tx_bytes; 165 - } 166 - 167 - tot->tx_fifo_errors = dev->stats.tx_fifo_errors; 168 - tot->tx_carrier_errors = dev->stats.tx_carrier_errors; 169 - tot->tx_dropped = dev->stats.tx_dropped; 170 - tot->tx_aborted_errors = dev->stats.tx_aborted_errors; 171 - tot->tx_errors = dev->stats.tx_errors; 172 - tot->collisions = dev->stats.collisions; 173 - 174 - return tot; 175 - } 176 - 177 - static struct ip_tunnel *ipip_tunnel_lookup(struct net *net, 178 - __be32 remote, __be32 local) 179 - { 180 - unsigned int h0 = HASH(remote); 181 - unsigned int h1 = HASH(local); 182 - struct ip_tunnel *t; 183 - struct ipip_net *ipn = net_generic(net, ipip_net_id); 184 - 185 - for_each_ip_tunnel_rcu(t, ipn->tunnels_r_l[h0 ^ h1]) 186 - if (local == t->parms.iph.saddr && 187 - remote == t->parms.iph.daddr && (t->dev->flags&IFF_UP)) 188 - return t; 189 - 190 - for_each_ip_tunnel_rcu(t, ipn->tunnels_r[h0]) 191 - if (remote == t->parms.iph.daddr && (t->dev->flags&IFF_UP)) 192 - return t; 193 - 194 - for_each_ip_tunnel_rcu(t, ipn->tunnels_l[h1]) 195 - if (local == t->parms.iph.saddr && (t->dev->flags&IFF_UP)) 196 - return t; 197 - 198 - t = rcu_dereference(ipn->tunnels_wc[0]); 199 - if (t && (t->dev->flags&IFF_UP)) 200 - return t; 201 - return NULL; 202 - } 203 - 204 - static struct ip_tunnel __rcu **__ipip_bucket(struct ipip_net *ipn, 205 - struct ip_tunnel_parm *parms) 206 - { 207 - __be32 remote = parms->iph.daddr; 208 - __be32 local = parms->iph.saddr; 209 - unsigned int h = 0; 210 - int prio = 0; 211 - 212 - if (remote) { 213 - prio |= 2; 214 - h ^= HASH(remote); 215 - } 216 - if (local) { 217 - prio |= 1; 218 - h ^= HASH(local); 219 - } 220 - return &ipn->tunnels[prio][h]; 221 - } 222 - 223 - static inline struct ip_tunnel __rcu **ipip_bucket(struct ipip_net *ipn, 224 - struct ip_tunnel *t) 225 - { 226 - return __ipip_bucket(ipn, &t->parms); 227 - } 228 - 229 - static void ipip_tunnel_unlink(struct ipip_net *ipn, struct ip_tunnel *t) 230 - { 231 - struct ip_tunnel __rcu **tp; 232 - struct ip_tunnel *iter; 233 - 234 - for (tp = ipip_bucket(ipn, t); 235 - (iter = rtnl_dereference(*tp)) != NULL; 236 - tp = &iter->next) { 237 - if (t == iter) { 238 - rcu_assign_pointer(*tp, t->next); 239 - break; 240 - } 241 - } 242 - } 243 - 244 - static void ipip_tunnel_link(struct ipip_net *ipn, struct ip_tunnel *t) 245 - { 246 - struct ip_tunnel __rcu **tp = ipip_bucket(ipn, t); 247 - 248 - rcu_assign_pointer(t->next, rtnl_dereference(*tp)); 249 - rcu_assign_pointer(*tp, t); 250 - } 251 - 252 - static int ipip_tunnel_create(struct net_device *dev) 253 - { 254 - struct ip_tunnel *t = netdev_priv(dev); 255 - struct net *net = dev_net(dev); 256 - struct ipip_net *ipn = net_generic(net, ipip_net_id); 257 - int err; 258 - 259 - err = ipip_tunnel_init(dev); 260 - if (err < 0) 261 - goto out; 262 - 263 - err = register_netdevice(dev); 264 - if (err < 0) 265 - goto out; 266 - 267 - strcpy(t->parms.name, dev->name); 268 - dev->rtnl_link_ops = &ipip_link_ops; 269 - 270 - dev_hold(dev); 271 - ipip_tunnel_link(ipn, t); 272 - return 0; 273 - 274 - out: 275 - return err; 276 - } 277 - 278 - static struct ip_tunnel *ipip_tunnel_locate(struct net *net, 279 - struct ip_tunnel_parm *parms, int create) 280 - { 281 - __be32 remote = parms->iph.daddr; 282 - __be32 local = parms->iph.saddr; 283 - struct ip_tunnel *t, *nt; 284 - struct ip_tunnel __rcu **tp; 285 - struct net_device *dev; 286 - char name[IFNAMSIZ]; 287 - struct ipip_net *ipn = net_generic(net, ipip_net_id); 288 - 289 - for (tp = __ipip_bucket(ipn, parms); 290 - (t = rtnl_dereference(*tp)) != NULL; 291 - tp = &t->next) { 292 - if (local == t->parms.iph.saddr && remote == t->parms.iph.daddr) 293 - return t; 294 - } 295 - if (!create) 296 - return NULL; 297 - 298 - if (parms->name[0]) 299 - strlcpy(name, parms->name, IFNAMSIZ); 300 - else 301 - strcpy(name, "tunl%d"); 302 - 303 - dev = alloc_netdev(sizeof(*t), name, ipip_tunnel_setup); 304 - if (dev == NULL) 305 - return NULL; 306 - 307 - dev_net_set(dev, net); 308 - 309 - nt = netdev_priv(dev); 310 - nt->parms = *parms; 311 - 312 - if (ipip_tunnel_create(dev) < 0) 313 - goto failed_free; 314 - 315 - return nt; 316 - 317 - failed_free: 318 - ipip_dev_free(dev); 319 - return NULL; 320 - } 321 - 322 - /* called with RTNL */ 323 - static void ipip_tunnel_uninit(struct net_device *dev) 324 - { 325 - struct net *net = dev_net(dev); 326 - struct ipip_net *ipn = net_generic(net, ipip_net_id); 327 - 328 - if (dev == ipn->fb_tunnel_dev) 329 - RCU_INIT_POINTER(ipn->tunnels_wc[0], NULL); 330 - else 331 - ipip_tunnel_unlink(ipn, netdev_priv(dev)); 332 - dev_put(dev); 333 - } 334 128 335 129 static int ipip_err(struct sk_buff *skb, u32 info) 336 130 { ··· 133 339 8 bytes of packet payload. It means, that precise relaying of 134 340 ICMP in the real Internet is absolutely infeasible. 135 341 */ 342 + struct net *net = dev_net(skb->dev); 343 + struct ip_tunnel_net *itn = net_generic(net, ipip_net_id); 136 344 const struct iphdr *iph = (const struct iphdr *)skb->data; 137 - const int type = icmp_hdr(skb)->type; 138 - const int code = icmp_hdr(skb)->code; 139 345 struct ip_tunnel *t; 140 346 int err; 141 - 142 - switch (type) { 143 - default: 144 - case ICMP_PARAMETERPROB: 145 - return 0; 146 - 147 - case ICMP_DEST_UNREACH: 148 - switch (code) { 149 - case ICMP_SR_FAILED: 150 - case ICMP_PORT_UNREACH: 151 - /* Impossible event. */ 152 - return 0; 153 - default: 154 - /* All others are translated to HOST_UNREACH. 155 - rfc2003 contains "deep thoughts" about NET_UNREACH, 156 - I believe they are just ether pollution. --ANK 157 - */ 158 - break; 159 - } 160 - break; 161 - case ICMP_TIME_EXCEEDED: 162 - if (code != ICMP_EXC_TTL) 163 - return 0; 164 - break; 165 - case ICMP_REDIRECT: 166 - break; 167 - } 347 + const int type = icmp_hdr(skb)->type; 348 + const int code = icmp_hdr(skb)->code; 168 349 169 350 err = -ENOENT; 170 - t = ipip_tunnel_lookup(dev_net(skb->dev), iph->daddr, iph->saddr); 351 + t = ip_tunnel_lookup(itn, skb->dev->ifindex, TUNNEL_NO_KEY, 352 + iph->daddr, iph->saddr, 0); 171 353 if (t == NULL) 172 354 goto out; 173 355 ··· 173 403 else 174 404 t->err_count = 1; 175 405 t->err_time = jiffies; 176 - out: 177 406 407 + out: 178 408 return err; 179 409 } 180 410 411 + static const struct tnl_ptk_info tpi = { 412 + /* no tunnel info required for ipip. */ 413 + .proto = htons(ETH_P_IP), 414 + }; 415 + 181 416 static int ipip_rcv(struct sk_buff *skb) 182 417 { 418 + struct net *net = dev_net(skb->dev); 419 + struct ip_tunnel_net *itn = net_generic(net, ipip_net_id); 183 420 struct ip_tunnel *tunnel; 184 421 const struct iphdr *iph = ip_hdr(skb); 185 - int err; 186 422 187 - tunnel = ipip_tunnel_lookup(dev_net(skb->dev), iph->saddr, iph->daddr); 188 - if (tunnel != NULL) { 189 - struct pcpu_tstats *tstats; 190 - 423 + tunnel = ip_tunnel_lookup(itn, skb->dev->ifindex, TUNNEL_NO_KEY, 424 + iph->saddr, iph->daddr, 0); 425 + if (tunnel) { 191 426 if (!xfrm4_policy_check(NULL, XFRM_POLICY_IN, skb)) 192 427 goto drop; 193 - 194 - secpath_reset(skb); 195 - 196 - skb->mac_header = skb->network_header; 197 - skb_reset_network_header(skb); 198 - skb->protocol = htons(ETH_P_IP); 199 - skb->pkt_type = PACKET_HOST; 200 - 201 - __skb_tunnel_rx(skb, tunnel->dev); 202 - 203 - err = IP_ECN_decapsulate(iph, skb); 204 - if (unlikely(err)) { 205 - if (log_ecn_error) 206 - net_info_ratelimited("non-ECT from %pI4 with TOS=%#x\n", 207 - &iph->saddr, iph->tos); 208 - if (err > 1) { 209 - ++tunnel->dev->stats.rx_frame_errors; 210 - ++tunnel->dev->stats.rx_errors; 211 - goto drop; 212 - } 213 - } 214 - 215 - tstats = this_cpu_ptr(tunnel->dev->tstats); 216 - u64_stats_update_begin(&tstats->syncp); 217 - tstats->rx_packets++; 218 - tstats->rx_bytes += skb->len; 219 - u64_stats_update_end(&tstats->syncp); 220 - 221 - netif_rx(skb); 222 - return 0; 428 + return ip_tunnel_rcv(tunnel, skb, &tpi, log_ecn_error); 223 429 } 224 430 225 431 return -1; ··· 209 463 * This function assumes it is being called from dev_queue_xmit() 210 464 * and that skb is filled properly by that function. 211 465 */ 212 - 213 466 static netdev_tx_t ipip_tunnel_xmit(struct sk_buff *skb, struct net_device *dev) 214 467 { 215 468 struct ip_tunnel *tunnel = netdev_priv(dev); 216 469 const struct iphdr *tiph = &tunnel->parms.iph; 217 - u8 tos = tunnel->parms.iph.tos; 218 - __be16 df = tiph->frag_off; 219 - struct rtable *rt; /* Route to the other host */ 220 - struct net_device *tdev; /* Device to other host */ 221 - const struct iphdr *old_iph; 222 - struct iphdr *iph; /* Our new IP header */ 223 - unsigned int max_headroom; /* The extra header space needed */ 224 - __be32 dst = tiph->daddr; 225 - struct flowi4 fl4; 226 - int mtu; 227 470 228 - if (skb->protocol != htons(ETH_P_IP)) 471 + if (unlikely(skb->protocol != htons(ETH_P_IP))) 229 472 goto tx_error; 230 - old_iph = ip_hdr(skb); 231 473 232 - if (tos & 1) 233 - tos = old_iph->tos; 234 - 235 - if (!dst) { 236 - /* NBMA tunnel */ 237 - if ((rt = skb_rtable(skb)) == NULL) { 238 - dev->stats.tx_fifo_errors++; 239 - goto tx_error; 240 - } 241 - dst = rt_nexthop(rt, old_iph->daddr); 242 - } 243 - 244 - rt = ip_route_output_ports(dev_net(dev), &fl4, NULL, 245 - dst, tiph->saddr, 246 - 0, 0, 247 - IPPROTO_IPIP, RT_TOS(tos), 248 - tunnel->parms.link); 249 - if (IS_ERR(rt)) { 250 - dev->stats.tx_carrier_errors++; 251 - goto tx_error_icmp; 252 - } 253 - tdev = rt->dst.dev; 254 - 255 - if (tdev == dev) { 256 - ip_rt_put(rt); 257 - dev->stats.collisions++; 258 - goto tx_error; 259 - } 260 - 261 - df |= old_iph->frag_off & htons(IP_DF); 262 - 263 - if (df) { 264 - mtu = dst_mtu(&rt->dst) - sizeof(struct iphdr); 265 - 266 - if (mtu < 68) { 267 - dev->stats.collisions++; 268 - ip_rt_put(rt); 269 - goto tx_error; 270 - } 271 - 272 - if (skb_dst(skb)) 273 - skb_dst(skb)->ops->update_pmtu(skb_dst(skb), NULL, skb, mtu); 274 - 275 - if ((old_iph->frag_off & htons(IP_DF)) && 276 - mtu < ntohs(old_iph->tot_len)) { 277 - icmp_send(skb, ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED, 278 - htonl(mtu)); 279 - ip_rt_put(rt); 280 - goto tx_error; 281 - } 282 - } 283 - 284 - if (tunnel->err_count > 0) { 285 - if (time_before(jiffies, 286 - tunnel->err_time + IPTUNNEL_ERR_TIMEO)) { 287 - tunnel->err_count--; 288 - dst_link_failure(skb); 289 - } else 290 - tunnel->err_count = 0; 291 - } 292 - 293 - /* 294 - * Okay, now see if we can stuff it in the buffer as-is. 295 - */ 296 - max_headroom = (LL_RESERVED_SPACE(tdev)+sizeof(struct iphdr)); 297 - 298 - if (skb_headroom(skb) < max_headroom || skb_shared(skb) || 299 - (skb_cloned(skb) && !skb_clone_writable(skb, 0))) { 300 - struct sk_buff *new_skb = skb_realloc_headroom(skb, max_headroom); 301 - if (!new_skb) { 302 - ip_rt_put(rt); 303 - dev->stats.tx_dropped++; 304 - dev_kfree_skb(skb); 305 - return NETDEV_TX_OK; 306 - } 307 - if (skb->sk) 308 - skb_set_owner_w(new_skb, skb->sk); 309 - dev_kfree_skb(skb); 310 - skb = new_skb; 311 - old_iph = ip_hdr(skb); 312 - } 313 - 314 - if (!skb->encapsulation) { 474 + if (likely(!skb->encapsulation)) { 315 475 skb_reset_inner_headers(skb); 316 476 skb->encapsulation = 1; 317 477 } 318 - if (skb->ip_summed != CHECKSUM_PARTIAL) 319 - skb->ip_summed = CHECKSUM_NONE; 320 478 321 - skb->transport_header = skb->network_header; 322 - skb_push(skb, sizeof(struct iphdr)); 323 - skb_reset_network_header(skb); 324 - memset(&(IPCB(skb)->opt), 0, sizeof(IPCB(skb)->opt)); 325 - IPCB(skb)->flags &= ~(IPSKB_XFRM_TUNNEL_SIZE | IPSKB_XFRM_TRANSFORMED | 326 - IPSKB_REROUTED); 327 - skb_dst_drop(skb); 328 - skb_dst_set(skb, &rt->dst); 329 - 330 - /* 331 - * Push down and install the IPIP header. 332 - */ 333 - 334 - iph = ip_hdr(skb); 335 - iph->version = 4; 336 - iph->ihl = sizeof(struct iphdr)>>2; 337 - iph->frag_off = df; 338 - iph->protocol = IPPROTO_IPIP; 339 - iph->tos = INET_ECN_encapsulate(tos, old_iph->tos); 340 - iph->daddr = fl4.daddr; 341 - iph->saddr = fl4.saddr; 342 - tunnel_ip_select_ident(skb, old_iph, &rt->dst); 343 - 344 - if ((iph->ttl = tiph->ttl) == 0) 345 - iph->ttl = old_iph->ttl; 346 - 347 - iptunnel_xmit(skb, dev); 348 - 479 + ip_tunnel_xmit(skb, dev, tiph); 349 480 return NETDEV_TX_OK; 350 481 351 - tx_error_icmp: 352 - dst_link_failure(skb); 353 482 tx_error: 354 483 dev->stats.tx_errors++; 355 484 dev_kfree_skb(skb); 356 485 return NETDEV_TX_OK; 357 486 } 358 487 359 - static void ipip_tunnel_bind_dev(struct net_device *dev) 360 - { 361 - struct net_device *tdev = NULL; 362 - struct ip_tunnel *tunnel; 363 - const struct iphdr *iph; 364 - 365 - tunnel = netdev_priv(dev); 366 - iph = &tunnel->parms.iph; 367 - 368 - if (iph->daddr) { 369 - struct rtable *rt; 370 - struct flowi4 fl4; 371 - 372 - rt = ip_route_output_ports(dev_net(dev), &fl4, NULL, 373 - iph->daddr, iph->saddr, 374 - 0, 0, 375 - IPPROTO_IPIP, 376 - RT_TOS(iph->tos), 377 - tunnel->parms.link); 378 - if (!IS_ERR(rt)) { 379 - tdev = rt->dst.dev; 380 - ip_rt_put(rt); 381 - } 382 - dev->flags |= IFF_POINTOPOINT; 383 - } 384 - 385 - if (!tdev && tunnel->parms.link) 386 - tdev = __dev_get_by_index(dev_net(dev), tunnel->parms.link); 387 - 388 - if (tdev) { 389 - dev->hard_header_len = tdev->hard_header_len + sizeof(struct iphdr); 390 - dev->mtu = tdev->mtu - sizeof(struct iphdr); 391 - } 392 - dev->iflink = tunnel->parms.link; 393 - } 394 - 395 - static void ipip_tunnel_update(struct ip_tunnel *t, struct ip_tunnel_parm *p) 396 - { 397 - struct net *net = dev_net(t->dev); 398 - struct ipip_net *ipn = net_generic(net, ipip_net_id); 399 - 400 - ipip_tunnel_unlink(ipn, t); 401 - synchronize_net(); 402 - t->parms.iph.saddr = p->iph.saddr; 403 - t->parms.iph.daddr = p->iph.daddr; 404 - memcpy(t->dev->dev_addr, &p->iph.saddr, 4); 405 - memcpy(t->dev->broadcast, &p->iph.daddr, 4); 406 - ipip_tunnel_link(ipn, t); 407 - t->parms.iph.ttl = p->iph.ttl; 408 - t->parms.iph.tos = p->iph.tos; 409 - t->parms.iph.frag_off = p->iph.frag_off; 410 - if (t->parms.link != p->link) { 411 - t->parms.link = p->link; 412 - ipip_tunnel_bind_dev(t->dev); 413 - } 414 - netdev_state_change(t->dev); 415 - } 416 - 417 488 static int 418 - ipip_tunnel_ioctl (struct net_device *dev, struct ifreq *ifr, int cmd) 489 + ipip_tunnel_ioctl(struct net_device *dev, struct ifreq *ifr, int cmd) 419 490 { 420 491 int err = 0; 421 492 struct ip_tunnel_parm p; 422 - struct ip_tunnel *t; 423 - struct net *net = dev_net(dev); 424 - struct ipip_net *ipn = net_generic(net, ipip_net_id); 425 493 426 - switch (cmd) { 427 - case SIOCGETTUNNEL: 428 - t = NULL; 429 - if (dev == ipn->fb_tunnel_dev) { 430 - if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p))) { 431 - err = -EFAULT; 432 - break; 433 - } 434 - t = ipip_tunnel_locate(net, &p, 0); 435 - } 436 - if (t == NULL) 437 - t = netdev_priv(dev); 438 - memcpy(&p, &t->parms, sizeof(p)); 439 - if (copy_to_user(ifr->ifr_ifru.ifru_data, &p, sizeof(p))) 440 - err = -EFAULT; 441 - break; 494 + if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p))) 495 + return -EFAULT; 442 496 443 - case SIOCADDTUNNEL: 444 - case SIOCCHGTUNNEL: 445 - err = -EPERM; 446 - if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) 447 - goto done; 448 - 449 - err = -EFAULT; 450 - if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p))) 451 - goto done; 452 - 453 - err = -EINVAL; 454 - if (p.iph.version != 4 || p.iph.protocol != IPPROTO_IPIP || 455 - p.iph.ihl != 5 || (p.iph.frag_off&htons(~IP_DF))) 456 - goto done; 457 - if (p.iph.ttl) 458 - p.iph.frag_off |= htons(IP_DF); 459 - 460 - t = ipip_tunnel_locate(net, &p, cmd == SIOCADDTUNNEL); 461 - 462 - if (dev != ipn->fb_tunnel_dev && cmd == SIOCCHGTUNNEL) { 463 - if (t != NULL) { 464 - if (t->dev != dev) { 465 - err = -EEXIST; 466 - break; 467 - } 468 - } else { 469 - if (((dev->flags&IFF_POINTOPOINT) && !p.iph.daddr) || 470 - (!(dev->flags&IFF_POINTOPOINT) && p.iph.daddr)) { 471 - err = -EINVAL; 472 - break; 473 - } 474 - t = netdev_priv(dev); 475 - } 476 - 477 - ipip_tunnel_update(t, &p); 478 - } 479 - 480 - if (t) { 481 - err = 0; 482 - if (copy_to_user(ifr->ifr_ifru.ifru_data, &t->parms, sizeof(p))) 483 - err = -EFAULT; 484 - } else 485 - err = (cmd == SIOCADDTUNNEL ? -ENOBUFS : -ENOENT); 486 - break; 487 - 488 - case SIOCDELTUNNEL: 489 - err = -EPERM; 490 - if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) 491 - goto done; 492 - 493 - if (dev == ipn->fb_tunnel_dev) { 494 - err = -EFAULT; 495 - if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p))) 496 - goto done; 497 - err = -ENOENT; 498 - if ((t = ipip_tunnel_locate(net, &p, 0)) == NULL) 499 - goto done; 500 - err = -EPERM; 501 - if (t->dev == ipn->fb_tunnel_dev) 502 - goto done; 503 - dev = t->dev; 504 - } 505 - unregister_netdevice(dev); 506 - err = 0; 507 - break; 508 - 509 - default: 510 - err = -EINVAL; 511 - } 512 - 513 - done: 514 - return err; 515 - } 516 - 517 - static int ipip_tunnel_change_mtu(struct net_device *dev, int new_mtu) 518 - { 519 - if (new_mtu < 68 || new_mtu > 0xFFF8 - sizeof(struct iphdr)) 497 + if (p.iph.version != 4 || p.iph.protocol != IPPROTO_IPIP || 498 + p.iph.ihl != 5 || (p.iph.frag_off&htons(~IP_DF))) 520 499 return -EINVAL; 521 - dev->mtu = new_mtu; 500 + if (p.i_key || p.o_key || p.i_flags || p.o_flags) 501 + return -EINVAL; 502 + if (p.iph.ttl) 503 + p.iph.frag_off |= htons(IP_DF); 504 + 505 + err = ip_tunnel_ioctl(dev, &p, cmd); 506 + if (err) 507 + return err; 508 + 509 + if (copy_to_user(ifr->ifr_ifru.ifru_data, &p, sizeof(p))) 510 + return -EFAULT; 511 + 522 512 return 0; 523 513 } 524 514 525 515 static const struct net_device_ops ipip_netdev_ops = { 526 - .ndo_uninit = ipip_tunnel_uninit, 516 + .ndo_init = ipip_tunnel_init, 517 + .ndo_uninit = ip_tunnel_uninit, 527 518 .ndo_start_xmit = ipip_tunnel_xmit, 528 519 .ndo_do_ioctl = ipip_tunnel_ioctl, 529 - .ndo_change_mtu = ipip_tunnel_change_mtu, 530 - .ndo_get_stats64 = ipip_get_stats64, 520 + .ndo_change_mtu = ip_tunnel_change_mtu, 521 + .ndo_get_stats64 = ip_tunnel_get_stats64, 531 522 }; 532 - 533 - static void ipip_dev_free(struct net_device *dev) 534 - { 535 - free_percpu(dev->tstats); 536 - free_netdev(dev); 537 - } 538 523 539 524 #define IPIP_FEATURES (NETIF_F_SG | \ 540 525 NETIF_F_FRAGLIST | \ ··· 275 798 static void ipip_tunnel_setup(struct net_device *dev) 276 799 { 277 800 dev->netdev_ops = &ipip_netdev_ops; 278 - dev->destructor = ipip_dev_free; 279 801 280 802 dev->type = ARPHRD_TUNNEL; 281 - dev->hard_header_len = LL_MAX_HEADER + sizeof(struct iphdr); 282 - dev->mtu = ETH_DATA_LEN - sizeof(struct iphdr); 283 803 dev->flags = IFF_NOARP; 284 804 dev->iflink = 0; 285 805 dev->addr_len = 4; ··· 286 812 287 813 dev->features |= IPIP_FEATURES; 288 814 dev->hw_features |= IPIP_FEATURES; 815 + ip_tunnel_setup(dev, ipip_net_id); 289 816 } 290 817 291 818 static int ipip_tunnel_init(struct net_device *dev) 292 819 { 293 820 struct ip_tunnel *tunnel = netdev_priv(dev); 294 821 295 - tunnel->dev = dev; 296 - 297 822 memcpy(dev->dev_addr, &tunnel->parms.iph.saddr, 4); 298 823 memcpy(dev->broadcast, &tunnel->parms.iph.daddr, 4); 299 824 300 - ipip_tunnel_bind_dev(dev); 301 - 302 - dev->tstats = alloc_percpu(struct pcpu_tstats); 303 - if (!dev->tstats) 304 - return -ENOMEM; 305 - 306 - return 0; 307 - } 308 - 309 - static int __net_init ipip_fb_tunnel_init(struct net_device *dev) 310 - { 311 - struct ip_tunnel *tunnel = netdev_priv(dev); 312 - struct iphdr *iph = &tunnel->parms.iph; 313 - struct ipip_net *ipn = net_generic(dev_net(dev), ipip_net_id); 314 - 315 - tunnel->dev = dev; 316 - strcpy(tunnel->parms.name, dev->name); 317 - 318 - iph->version = 4; 319 - iph->protocol = IPPROTO_IPIP; 320 - iph->ihl = 5; 321 - 322 - dev->tstats = alloc_percpu(struct pcpu_tstats); 323 - if (!dev->tstats) 324 - return -ENOMEM; 325 - 326 - dev_hold(dev); 327 - rcu_assign_pointer(ipn->tunnels_wc[0], tunnel); 328 - return 0; 825 + tunnel->hlen = 0; 826 + tunnel->parms.iph.protocol = IPPROTO_IPIP; 827 + return ip_tunnel_init(dev); 329 828 } 330 829 331 830 static void ipip_netlink_parms(struct nlattr *data[], ··· 338 891 static int ipip_newlink(struct net *src_net, struct net_device *dev, 339 892 struct nlattr *tb[], struct nlattr *data[]) 340 893 { 341 - struct net *net = dev_net(dev); 342 - struct ip_tunnel *nt; 894 + struct ip_tunnel_parm p; 343 895 344 - nt = netdev_priv(dev); 345 - ipip_netlink_parms(data, &nt->parms); 346 - 347 - if (ipip_tunnel_locate(net, &nt->parms, 0)) 348 - return -EEXIST; 349 - 350 - return ipip_tunnel_create(dev); 896 + ipip_netlink_parms(data, &p); 897 + return ip_tunnel_newlink(dev, tb, &p); 351 898 } 352 899 353 900 static int ipip_changelink(struct net_device *dev, struct nlattr *tb[], 354 901 struct nlattr *data[]) 355 902 { 356 - struct ip_tunnel *t; 357 903 struct ip_tunnel_parm p; 358 - struct net *net = dev_net(dev); 359 - struct ipip_net *ipn = net_generic(net, ipip_net_id); 360 - 361 - if (dev == ipn->fb_tunnel_dev) 362 - return -EINVAL; 363 904 364 905 ipip_netlink_parms(data, &p); 365 906 ··· 355 920 (!(dev->flags & IFF_POINTOPOINT) && p.iph.daddr)) 356 921 return -EINVAL; 357 922 358 - t = ipip_tunnel_locate(net, &p, 0); 359 - 360 - if (t) { 361 - if (t->dev != dev) 362 - return -EEXIST; 363 - } else 364 - t = netdev_priv(dev); 365 - 366 - ipip_tunnel_update(t, &p); 367 - return 0; 923 + return ip_tunnel_changelink(dev, tb, &p); 368 924 } 369 925 370 926 static size_t ipip_get_size(const struct net_device *dev) ··· 412 986 .setup = ipip_tunnel_setup, 413 987 .newlink = ipip_newlink, 414 988 .changelink = ipip_changelink, 989 + .dellink = ip_tunnel_dellink, 415 990 .get_size = ipip_get_size, 416 991 .fill_info = ipip_fill_info, 417 992 }; ··· 423 996 .priority = 1, 424 997 }; 425 998 426 - static const char banner[] __initconst = 427 - KERN_INFO "IPv4 over IPv4 tunneling driver\n"; 428 - 429 - static void ipip_destroy_tunnels(struct ipip_net *ipn, struct list_head *head) 430 - { 431 - int prio; 432 - 433 - for (prio = 1; prio < 4; prio++) { 434 - int h; 435 - for (h = 0; h < HASH_SIZE; h++) { 436 - struct ip_tunnel *t; 437 - 438 - t = rtnl_dereference(ipn->tunnels[prio][h]); 439 - while (t != NULL) { 440 - unregister_netdevice_queue(t->dev, head); 441 - t = rtnl_dereference(t->next); 442 - } 443 - } 444 - } 445 - } 446 - 447 999 static int __net_init ipip_init_net(struct net *net) 448 1000 { 449 - struct ipip_net *ipn = net_generic(net, ipip_net_id); 450 - struct ip_tunnel *t; 451 - int err; 452 - 453 - ipn->tunnels[0] = ipn->tunnels_wc; 454 - ipn->tunnels[1] = ipn->tunnels_l; 455 - ipn->tunnels[2] = ipn->tunnels_r; 456 - ipn->tunnels[3] = ipn->tunnels_r_l; 457 - 458 - ipn->fb_tunnel_dev = alloc_netdev(sizeof(struct ip_tunnel), 459 - "tunl0", 460 - ipip_tunnel_setup); 461 - if (!ipn->fb_tunnel_dev) { 462 - err = -ENOMEM; 463 - goto err_alloc_dev; 464 - } 465 - dev_net_set(ipn->fb_tunnel_dev, net); 466 - 467 - err = ipip_fb_tunnel_init(ipn->fb_tunnel_dev); 468 - if (err) 469 - goto err_reg_dev; 470 - 471 - if ((err = register_netdev(ipn->fb_tunnel_dev))) 472 - goto err_reg_dev; 473 - 474 - t = netdev_priv(ipn->fb_tunnel_dev); 475 - 476 - strcpy(t->parms.name, ipn->fb_tunnel_dev->name); 477 - return 0; 478 - 479 - err_reg_dev: 480 - ipip_dev_free(ipn->fb_tunnel_dev); 481 - err_alloc_dev: 482 - /* nothing */ 483 - return err; 1001 + return ip_tunnel_init_net(net, ipip_net_id, &ipip_link_ops, "tunl0"); 484 1002 } 485 1003 486 1004 static void __net_exit ipip_exit_net(struct net *net) 487 1005 { 488 - struct ipip_net *ipn = net_generic(net, ipip_net_id); 489 - LIST_HEAD(list); 490 - 491 - rtnl_lock(); 492 - ipip_destroy_tunnels(ipn, &list); 493 - unregister_netdevice_queue(ipn->fb_tunnel_dev, &list); 494 - unregister_netdevice_many(&list); 495 - rtnl_unlock(); 1006 + struct ip_tunnel_net *itn = net_generic(net, ipip_net_id); 1007 + ip_tunnel_delete_net(itn); 496 1008 } 497 1009 498 1010 static struct pernet_operations ipip_net_ops = { 499 1011 .init = ipip_init_net, 500 1012 .exit = ipip_exit_net, 501 1013 .id = &ipip_net_id, 502 - .size = sizeof(struct ipip_net), 1014 + .size = sizeof(struct ip_tunnel_net), 503 1015 }; 504 1016 505 1017 static int __init ipip_init(void) 506 1018 { 507 1019 int err; 508 1020 509 - printk(banner); 1021 + pr_info("ipip: IPv4 over IPv4 tunneling driver\n"); 510 1022 511 1023 err = register_pernet_device(&ipip_net_ops); 512 1024 if (err < 0)