search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
fs/adfs: move append_filetype_suffix() into adfs_object_fixup()
[linux-2.6/linux-2.6-arm.git] / net / ipv4 / fou.c
blob12ce6c526d72bd15a16a9415ed992c25039d415a
1 #include <linux/module.h>
2 #include <linux/errno.h>
3 #include <linux/socket.h>
4 #include <linux/skbuff.h>
5 #include <linux/ip.h>
6 #include <linux/icmp.h>
7 #include <linux/udp.h>
8 #include <linux/types.h>
9 #include <linux/kernel.h>
10 #include <net/genetlink.h>
11 #include <net/gue.h>
12 #include <net/fou.h>
13 #include <net/ip.h>
14 #include <net/protocol.h>
15 #include <net/udp.h>
16 #include <net/udp_tunnel.h>
17 #include <net/xfrm.h>
18 #include <uapi/linux/fou.h>
19 #include <uapi/linux/genetlink.h>
20
21 struct fou {
22 struct socket *sock;
23 u8 protocol;
24 u8 flags;
25 __be16 port;
26 u8 family;
27 u16 type;
28 struct list_head list;
29 struct rcu_head rcu;
30 };
31
32 #define FOU_F_REMCSUM_NOPARTIAL BIT(0)
33
34 struct fou_cfg {
35 u16 type;
36 u8 protocol;
37 u8 flags;
38 struct udp_port_cfg udp_config;
39 };
40
41 static unsigned int fou_net_id;
42
43 struct fou_net {
44 struct list_head fou_list;
45 struct mutex fou_lock;
46 };
47
48 static inline struct fou *fou_from_sock(struct sock *sk)
49 {
50 return sk->sk_user_data;
51 }
52
53 static int fou_recv_pull(struct sk_buff *skb, struct fou *fou, size_t len)
54 {
55 /* Remove 'len' bytes from the packet (UDP header and
56 * FOU header if present).
57 */
58 if (fou->family == AF_INET)
59 ip_hdr(skb)->tot_len = htons(ntohs(ip_hdr(skb)->tot_len) - len);
60 else
61 ipv6_hdr(skb)->payload_len =
62 htons(ntohs(ipv6_hdr(skb)->payload_len) - len);
63
64 __skb_pull(skb, len);
65 skb_postpull_rcsum(skb, udp_hdr(skb), len);
66 skb_reset_transport_header(skb);
67 return iptunnel_pull_offloads(skb);
68 }
69
70 static int fou_udp_recv(struct sock *sk, struct sk_buff *skb)
71 {
72 struct fou *fou = fou_from_sock(sk);
73
74 if (!fou)
75 return 1;
76
77 if (fou_recv_pull(skb, fou, sizeof(struct udphdr)))
78 goto drop;
79
80 return -fou->protocol;
81
82 drop:
83 kfree_skb(skb);
84 return 0;
85 }
86
87 static struct guehdr *gue_remcsum(struct sk_buff *skb, struct guehdr *guehdr,
88 void *data, size_t hdrlen, u8 ipproto,
89 bool nopartial)
90 {
91 __be16 *pd = data;
92 size_t start = ntohs(pd[0]);
93 size_t offset = ntohs(pd[1]);
94 size_t plen = sizeof(struct udphdr) + hdrlen +
95 max_t(size_t, offset + sizeof(u16), start);
96
97 if (skb->remcsum_offload)
98 return guehdr;
99
100 if (!pskb_may_pull(skb, plen))
101 return NULL;
102 guehdr = (struct guehdr *)&udp_hdr(skb)[1];
103
104 skb_remcsum_process(skb, (void *)guehdr + hdrlen,
105 start, offset, nopartial);
106
107 return guehdr;
108 }
109
110 static int gue_control_message(struct sk_buff *skb, struct guehdr *guehdr)
111 {
112 /* No support yet */
113 kfree_skb(skb);
114 return 0;
115 }
116
117 static int gue_udp_recv(struct sock *sk, struct sk_buff *skb)
118 {
119 struct fou *fou = fou_from_sock(sk);
120 size_t len, optlen, hdrlen;
121 struct guehdr *guehdr;
122 void *data;
123 u16 doffset = 0;
124 u8 proto_ctype;
125
126 if (!fou)
127 return 1;
128
129 len = sizeof(struct udphdr) + sizeof(struct guehdr);
130 if (!pskb_may_pull(skb, len))
131 goto drop;
132
133 guehdr = (struct guehdr *)&udp_hdr(skb)[1];
134
135 switch (guehdr->version) {
136 case 0: /* Full GUE header present */
137 break;
138
139 case 1: {
140 /* Direct encasulation of IPv4 or IPv6 */
141
142 int prot;
143
144 switch (((struct iphdr *)guehdr)->version) {
145 case 4:
146 prot = IPPROTO_IPIP;
147 break;
148 case 6:
149 prot = IPPROTO_IPV6;
150 break;
151 default:
152 goto drop;
153 }
154
155 if (fou_recv_pull(skb, fou, sizeof(struct udphdr)))
156 goto drop;
157
158 return -prot;
159 }
160
161 default: /* Undefined version */
162 goto drop;
163 }
164
165 optlen = guehdr->hlen << 2;
166 len += optlen;
167
168 if (!pskb_may_pull(skb, len))
169 goto drop;
170
171 /* guehdr may change after pull */
172 guehdr = (struct guehdr *)&udp_hdr(skb)[1];
173
174 hdrlen = sizeof(struct guehdr) + optlen;
175
176 if (guehdr->version != 0 || validate_gue_flags(guehdr, optlen))
177 goto drop;
178
179 hdrlen = sizeof(struct guehdr) + optlen;
180
181 if (fou->family == AF_INET)
182 ip_hdr(skb)->tot_len = htons(ntohs(ip_hdr(skb)->tot_len) - len);
183 else
184 ipv6_hdr(skb)->payload_len =
185 htons(ntohs(ipv6_hdr(skb)->payload_len) - len);
186
187 /* Pull csum through the guehdr now . This can be used if
188 * there is a remote checksum offload.
189 */
190 skb_postpull_rcsum(skb, udp_hdr(skb), len);
191
192 data = &guehdr[1];
193
194 if (guehdr->flags & GUE_FLAG_PRIV) {
195 __be32 flags = *(__be32 *)(data + doffset);
196
197 doffset += GUE_LEN_PRIV;
198
199 if (flags & GUE_PFLAG_REMCSUM) {
200 guehdr = gue_remcsum(skb, guehdr, data + doffset,
201 hdrlen, guehdr->proto_ctype,
202 !!(fou->flags &
203 FOU_F_REMCSUM_NOPARTIAL));
204 if (!guehdr)
205 goto drop;
206
207 data = &guehdr[1];
208
209 doffset += GUE_PLEN_REMCSUM;
210 }
211 }
212
213 if (unlikely(guehdr->control))
214 return gue_control_message(skb, guehdr);
215
216 proto_ctype = guehdr->proto_ctype;
217 __skb_pull(skb, sizeof(struct udphdr) + hdrlen);
218 skb_reset_transport_header(skb);
219
220 if (iptunnel_pull_offloads(skb))
221 goto drop;
222
223 return -proto_ctype;
224
225 drop:
226 kfree_skb(skb);
227 return 0;
228 }
229
230 static struct sk_buff *fou_gro_receive(struct sock *sk,
231 struct list_head *head,
232 struct sk_buff *skb)
233 {
234 u8 proto = fou_from_sock(sk)->protocol;
235 const struct net_offload **offloads;
236 const struct net_offload *ops;
237 struct sk_buff *pp = NULL;
238
239 /* We can clear the encap_mark for FOU as we are essentially doing
240 * one of two possible things. We are either adding an L4 tunnel
241 * header to the outer L3 tunnel header, or we are are simply
242 * treating the GRE tunnel header as though it is a UDP protocol
243 * specific header such as VXLAN or GENEVE.
244 */
245 NAPI_GRO_CB(skb)->encap_mark = 0;
246
247 /* Flag this frame as already having an outer encap header */
248 NAPI_GRO_CB(skb)->is_fou = 1;
249
250 rcu_read_lock();
251 offloads = NAPI_GRO_CB(skb)->is_ipv6 ? inet6_offloads : inet_offloads;
252 ops = rcu_dereference(offloads[proto]);
253 if (!ops || !ops->callbacks.gro_receive)
254 goto out_unlock;
255
256 pp = call_gro_receive(ops->callbacks.gro_receive, head, skb);
257
258 out_unlock:
259 rcu_read_unlock();
260
261 return pp;
262 }
263
264 static int fou_gro_complete(struct sock *sk, struct sk_buff *skb,
265 int nhoff)
266 {
267 const struct net_offload *ops;
268 u8 proto = fou_from_sock(sk)->protocol;
269 int err = -ENOSYS;
270 const struct net_offload **offloads;
271
272 rcu_read_lock();
273 offloads = NAPI_GRO_CB(skb)->is_ipv6 ? inet6_offloads : inet_offloads;
274 ops = rcu_dereference(offloads[proto]);
275 if (WARN_ON(!ops || !ops->callbacks.gro_complete))
276 goto out_unlock;
277
278 err = ops->callbacks.gro_complete(skb, nhoff);
279
280 skb_set_inner_mac_header(skb, nhoff);
281
282 out_unlock:
283 rcu_read_unlock();
284
285 return err;
286 }
287
288 static struct guehdr *gue_gro_remcsum(struct sk_buff *skb, unsigned int off,
289 struct guehdr *guehdr, void *data,
290 size_t hdrlen, struct gro_remcsum *grc,
291 bool nopartial)
292 {
293 __be16 *pd = data;
294 size_t start = ntohs(pd[0]);
295 size_t offset = ntohs(pd[1]);
296
297 if (skb->remcsum_offload)
298 return guehdr;
299
300 if (!NAPI_GRO_CB(skb)->csum_valid)
301 return NULL;
302
303 guehdr = skb_gro_remcsum_process(skb, (void *)guehdr, off, hdrlen,
304 start, offset, grc, nopartial);
305
306 skb->remcsum_offload = 1;
307
308 return guehdr;
309 }
310
311 static struct sk_buff *gue_gro_receive(struct sock *sk,
312 struct list_head *head,
313 struct sk_buff *skb)
314 {
315 const struct net_offload **offloads;
316 const struct net_offload *ops;
317 struct sk_buff *pp = NULL;
318 struct sk_buff *p;
319 struct guehdr *guehdr;
320 size_t len, optlen, hdrlen, off;
321 void *data;
322 u16 doffset = 0;
323 int flush = 1;
324 struct fou *fou = fou_from_sock(sk);
325 struct gro_remcsum grc;
326 u8 proto;
327
328 skb_gro_remcsum_init(&grc);
329
330 off = skb_gro_offset(skb);
331 len = off + sizeof(*guehdr);
332
333 guehdr = skb_gro_header_fast(skb, off);
334 if (skb_gro_header_hard(skb, len)) {
335 guehdr = skb_gro_header_slow(skb, len, off);
336 if (unlikely(!guehdr))
337 goto out;
338 }
339
340 switch (guehdr->version) {
341 case 0:
342 break;
343 case 1:
344 switch (((struct iphdr *)guehdr)->version) {
345 case 4:
346 proto = IPPROTO_IPIP;
347 break;
348 case 6:
349 proto = IPPROTO_IPV6;
350 break;
351 default:
352 goto out;
353 }
354 goto next_proto;
355 default:
356 goto out;
357 }
358
359 optlen = guehdr->hlen << 2;
360 len += optlen;
361
362 if (skb_gro_header_hard(skb, len)) {
363 guehdr = skb_gro_header_slow(skb, len, off);
364 if (unlikely(!guehdr))
365 goto out;
366 }
367
368 if (unlikely(guehdr->control) || guehdr->version != 0 ||
369 validate_gue_flags(guehdr, optlen))
370 goto out;
371
372 hdrlen = sizeof(*guehdr) + optlen;
373
374 /* Adjust NAPI_GRO_CB(skb)->csum to account for guehdr,
375 * this is needed if there is a remote checkcsum offload.
376 */
377 skb_gro_postpull_rcsum(skb, guehdr, hdrlen);
378
379 data = &guehdr[1];
380
381 if (guehdr->flags & GUE_FLAG_PRIV) {
382 __be32 flags = *(__be32 *)(data + doffset);
383
384 doffset += GUE_LEN_PRIV;
385
386 if (flags & GUE_PFLAG_REMCSUM) {
387 guehdr = gue_gro_remcsum(skb, off, guehdr,
388 data + doffset, hdrlen, &grc,
389 !!(fou->flags &
390 FOU_F_REMCSUM_NOPARTIAL));
391
392 if (!guehdr)
393 goto out;
394
395 data = &guehdr[1];
396
397 doffset += GUE_PLEN_REMCSUM;
398 }
399 }
400
401 skb_gro_pull(skb, hdrlen);
402
403 list_for_each_entry(p, head, list) {
404 const struct guehdr *guehdr2;
405
406 if (!NAPI_GRO_CB(p)->same_flow)
407 continue;
408
409 guehdr2 = (struct guehdr *)(p->data + off);
410
411 /* Compare base GUE header to be equal (covers
412 * hlen, version, proto_ctype, and flags.
413 */
414 if (guehdr->word != guehdr2->word) {
415 NAPI_GRO_CB(p)->same_flow = 0;
416 continue;
417 }
418
419 /* Compare optional fields are the same. */
420 if (guehdr->hlen && memcmp(&guehdr[1], &guehdr2[1],
421 guehdr->hlen << 2)) {
422 NAPI_GRO_CB(p)->same_flow = 0;
423 continue;
424 }
425 }
426
427 proto = guehdr->proto_ctype;
428
429 next_proto:
430
431 /* We can clear the encap_mark for GUE as we are essentially doing
432 * one of two possible things. We are either adding an L4 tunnel
433 * header to the outer L3 tunnel header, or we are are simply
434 * treating the GRE tunnel header as though it is a UDP protocol
435 * specific header such as VXLAN or GENEVE.
436 */
437 NAPI_GRO_CB(skb)->encap_mark = 0;
438
439 /* Flag this frame as already having an outer encap header */
440 NAPI_GRO_CB(skb)->is_fou = 1;
441
442 rcu_read_lock();
443 offloads = NAPI_GRO_CB(skb)->is_ipv6 ? inet6_offloads : inet_offloads;
444 ops = rcu_dereference(offloads[proto]);
445 if (WARN_ON_ONCE(!ops || !ops->callbacks.gro_receive))
446 goto out_unlock;
447
448 pp = call_gro_receive(ops->callbacks.gro_receive, head, skb);
449 flush = 0;
450
451 out_unlock:
452 rcu_read_unlock();
453 out:
454 skb_gro_flush_final_remcsum(skb, pp, flush, &grc);
455
456 return pp;
457 }
458
459 static int gue_gro_complete(struct sock *sk, struct sk_buff *skb, int nhoff)
460 {
461 const struct net_offload **offloads;
462 struct guehdr *guehdr = (struct guehdr *)(skb->data + nhoff);
463 const struct net_offload *ops;
464 unsigned int guehlen = 0;
465 u8 proto;
466 int err = -ENOENT;
467
468 switch (guehdr->version) {
469 case 0:
470 proto = guehdr->proto_ctype;
471 guehlen = sizeof(*guehdr) + (guehdr->hlen << 2);
472 break;
473 case 1:
474 switch (((struct iphdr *)guehdr)->version) {
475 case 4:
476 proto = IPPROTO_IPIP;
477 break;
478 case 6:
479 proto = IPPROTO_IPV6;
480 break;
481 default:
482 return err;
483 }
484 break;
485 default:
486 return err;
487 }
488
489 rcu_read_lock();
490 offloads = NAPI_GRO_CB(skb)->is_ipv6 ? inet6_offloads : inet_offloads;
491 ops = rcu_dereference(offloads[proto]);
492 if (WARN_ON(!ops || !ops->callbacks.gro_complete))
493 goto out_unlock;
494
495 err = ops->callbacks.gro_complete(skb, nhoff + guehlen);
496
497 skb_set_inner_mac_header(skb, nhoff + guehlen);
498
499 out_unlock:
500 rcu_read_unlock();
501 return err;
502 }
503
504 static int fou_add_to_port_list(struct net *net, struct fou *fou)
505 {
506 struct fou_net *fn = net_generic(net, fou_net_id);
507 struct fou *fout;
508
509 mutex_lock(&fn->fou_lock);
510 list_for_each_entry(fout, &fn->fou_list, list) {
511 if (fou->port == fout->port &&
512 fou->family == fout->family) {
513 mutex_unlock(&fn->fou_lock);
514 return -EALREADY;
515 }
516 }
517
518 list_add(&fou->list, &fn->fou_list);
519 mutex_unlock(&fn->fou_lock);
520
521 return 0;
522 }
523
524 static void fou_release(struct fou *fou)
525 {
526 struct socket *sock = fou->sock;
527
528 list_del(&fou->list);
529 udp_tunnel_sock_release(sock);
530
531 kfree_rcu(fou, rcu);
532 }
533
534 static int fou_create(struct net *net, struct fou_cfg *cfg,
535 struct socket **sockp)
536 {
537 struct socket *sock = NULL;
538 struct fou *fou = NULL;
539 struct sock *sk;
540 struct udp_tunnel_sock_cfg tunnel_cfg;
541 int err;
542
543 /* Open UDP socket */
544 err = udp_sock_create(net, &cfg->udp_config, &sock);
545 if (err < 0)
546 goto error;
547
548 /* Allocate FOU port structure */
549 fou = kzalloc(sizeof(*fou), GFP_KERNEL);
550 if (!fou) {
551 err = -ENOMEM;
552 goto error;
553 }
554
555 sk = sock->sk;
556
557 fou->port = cfg->udp_config.local_udp_port;
558 fou->family = cfg->udp_config.family;
559 fou->flags = cfg->flags;
560 fou->type = cfg->type;
561 fou->sock = sock;
562
563 memset(&tunnel_cfg, 0, sizeof(tunnel_cfg));
564 tunnel_cfg.encap_type = 1;
565 tunnel_cfg.sk_user_data = fou;
566 tunnel_cfg.encap_destroy = NULL;
567
568 /* Initial for fou type */
569 switch (cfg->type) {
570 case FOU_ENCAP_DIRECT:
571 tunnel_cfg.encap_rcv = fou_udp_recv;
572 tunnel_cfg.gro_receive = fou_gro_receive;
573 tunnel_cfg.gro_complete = fou_gro_complete;
574 fou->protocol = cfg->protocol;
575 break;
576 case FOU_ENCAP_GUE:
577 tunnel_cfg.encap_rcv = gue_udp_recv;
578 tunnel_cfg.gro_receive = gue_gro_receive;
579 tunnel_cfg.gro_complete = gue_gro_complete;
580 break;
581 default:
582 err = -EINVAL;
583 goto error;
584 }
585
586 setup_udp_tunnel_sock(net, sock, &tunnel_cfg);
587
588 sk->sk_allocation = GFP_ATOMIC;
589
590 err = fou_add_to_port_list(net, fou);
591 if (err)
592 goto error;
593
594 if (sockp)
595 *sockp = sock;
596
597 return 0;
598
599 error:
600 kfree(fou);
601 if (sock)
602 udp_tunnel_sock_release(sock);
603
604 return err;
605 }
606
607 static int fou_destroy(struct net *net, struct fou_cfg *cfg)
608 {
609 struct fou_net *fn = net_generic(net, fou_net_id);
610 __be16 port = cfg->udp_config.local_udp_port;
611 u8 family = cfg->udp_config.family;
612 int err = -EINVAL;
613 struct fou *fou;
614
615 mutex_lock(&fn->fou_lock);
616 list_for_each_entry(fou, &fn->fou_list, list) {
617 if (fou->port == port && fou->family == family) {
618 fou_release(fou);
619 err = 0;
620 break;
621 }
622 }
623 mutex_unlock(&fn->fou_lock);
624
625 return err;
626 }
627
628 static struct genl_family fou_nl_family;
629
630 static const struct nla_policy fou_nl_policy[FOU_ATTR_MAX + 1] = {
631 [FOU_ATTR_PORT] = { .type = NLA_U16, },
632 [FOU_ATTR_AF] = { .type = NLA_U8, },
633 [FOU_ATTR_IPPROTO] = { .type = NLA_U8, },
634 [FOU_ATTR_TYPE] = { .type = NLA_U8, },
635 [FOU_ATTR_REMCSUM_NOPARTIAL] = { .type = NLA_FLAG, },
636 };
637
638 static int parse_nl_config(struct genl_info *info,
639 struct fou_cfg *cfg)
640 {
641 memset(cfg, 0, sizeof(*cfg));
642
643 cfg->udp_config.family = AF_INET;
644
645 if (info->attrs[FOU_ATTR_AF]) {
646 u8 family = nla_get_u8(info->attrs[FOU_ATTR_AF]);
647
648 switch (family) {
649 case AF_INET:
650 break;
651 case AF_INET6:
652 cfg->udp_config.ipv6_v6only = 1;
653 break;
654 default:
655 return -EAFNOSUPPORT;
656 }
657
658 cfg->udp_config.family = family;
659 }
660
661 if (info->attrs[FOU_ATTR_PORT]) {
662 __be16 port = nla_get_be16(info->attrs[FOU_ATTR_PORT]);
663
664 cfg->udp_config.local_udp_port = port;
665 }
666
667 if (info->attrs[FOU_ATTR_IPPROTO])
668 cfg->protocol = nla_get_u8(info->attrs[FOU_ATTR_IPPROTO]);
669
670 if (info->attrs[FOU_ATTR_TYPE])
671 cfg->type = nla_get_u8(info->attrs[FOU_ATTR_TYPE]);
672
673 if (info->attrs[FOU_ATTR_REMCSUM_NOPARTIAL])
674 cfg->flags |= FOU_F_REMCSUM_NOPARTIAL;
675
676 return 0;
677 }
678
679 static int fou_nl_cmd_add_port(struct sk_buff *skb, struct genl_info *info)
680 {
681 struct net *net = genl_info_net(info);
682 struct fou_cfg cfg;
683 int err;
684
685 err = parse_nl_config(info, &cfg);
686 if (err)
687 return err;
688
689 return fou_create(net, &cfg, NULL);
690 }
691
692 static int fou_nl_cmd_rm_port(struct sk_buff *skb, struct genl_info *info)
693 {
694 struct net *net = genl_info_net(info);
695 struct fou_cfg cfg;
696 int err;
697
698 err = parse_nl_config(info, &cfg);
699 if (err)
700 return err;
701
702 return fou_destroy(net, &cfg);
703 }
704
705 static int fou_fill_info(struct fou *fou, struct sk_buff *msg)
706 {
707 if (nla_put_u8(msg, FOU_ATTR_AF, fou->sock->sk->sk_family) ||
708 nla_put_be16(msg, FOU_ATTR_PORT, fou->port) ||
709 nla_put_u8(msg, FOU_ATTR_IPPROTO, fou->protocol) ||
710 nla_put_u8(msg, FOU_ATTR_TYPE, fou->type))
711 return -1;
712
713 if (fou->flags & FOU_F_REMCSUM_NOPARTIAL)
714 if (nla_put_flag(msg, FOU_ATTR_REMCSUM_NOPARTIAL))
715 return -1;
716 return 0;
717 }
718
719 static int fou_dump_info(struct fou *fou, u32 portid, u32 seq,
720 u32 flags, struct sk_buff *skb, u8 cmd)
721 {
722 void *hdr;
723
724 hdr = genlmsg_put(skb, portid, seq, &fou_nl_family, flags, cmd);
725 if (!hdr)
726 return -ENOMEM;
727
728 if (fou_fill_info(fou, skb) < 0)
729 goto nla_put_failure;
730
731 genlmsg_end(skb, hdr);
732 return 0;
733
734 nla_put_failure:
735 genlmsg_cancel(skb, hdr);
736 return -EMSGSIZE;
737 }
738
739 static int fou_nl_cmd_get_port(struct sk_buff *skb, struct genl_info *info)
740 {
741 struct net *net = genl_info_net(info);
742 struct fou_net *fn = net_generic(net, fou_net_id);
743 struct sk_buff *msg;
744 struct fou_cfg cfg;
745 struct fou *fout;
746 __be16 port;
747 u8 family;
748 int ret;
749
750 ret = parse_nl_config(info, &cfg);
751 if (ret)
752 return ret;
753 port = cfg.udp_config.local_udp_port;
754 if (port == 0)
755 return -EINVAL;
756
757 family = cfg.udp_config.family;
758 if (family != AF_INET && family != AF_INET6)
759 return -EINVAL;
760
761 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
762 if (!msg)
763 return -ENOMEM;
764
765 ret = -ESRCH;
766 mutex_lock(&fn->fou_lock);
767 list_for_each_entry(fout, &fn->fou_list, list) {
768 if (port == fout->port && family == fout->family) {
769 ret = fou_dump_info(fout, info->snd_portid,
770 info->snd_seq, 0, msg,
771 info->genlhdr->cmd);
772 break;
773 }
774 }
775 mutex_unlock(&fn->fou_lock);
776 if (ret < 0)
777 goto out_free;
778
779 return genlmsg_reply(msg, info);
780
781 out_free:
782 nlmsg_free(msg);
783 return ret;
784 }
785
786 static int fou_nl_dump(struct sk_buff *skb, struct netlink_callback *cb)
787 {
788 struct net *net = sock_net(skb->sk);
789 struct fou_net *fn = net_generic(net, fou_net_id);
790 struct fou *fout;
791 int idx = 0, ret;
792
793 mutex_lock(&fn->fou_lock);
794 list_for_each_entry(fout, &fn->fou_list, list) {
795 if (idx++ < cb->args[0])
796 continue;
797 ret = fou_dump_info(fout, NETLINK_CB(cb->skb).portid,
798 cb->nlh->nlmsg_seq, NLM_F_MULTI,
799 skb, FOU_CMD_GET);
800 if (ret)
801 break;
802 }
803 mutex_unlock(&fn->fou_lock);
804
805 cb->args[0] = idx;
806 return skb->len;
807 }
808
809 static const struct genl_ops fou_nl_ops[] = {
810 {
811 .cmd = FOU_CMD_ADD,
812 .doit = fou_nl_cmd_add_port,
813 .policy = fou_nl_policy,
814 .flags = GENL_ADMIN_PERM,
815 },
816 {
817 .cmd = FOU_CMD_DEL,
818 .doit = fou_nl_cmd_rm_port,
819 .policy = fou_nl_policy,
820 .flags = GENL_ADMIN_PERM,
821 },
822 {
823 .cmd = FOU_CMD_GET,
824 .doit = fou_nl_cmd_get_port,
825 .dumpit = fou_nl_dump,
826 .policy = fou_nl_policy,
827 },
828 };
829
830 static struct genl_family fou_nl_family __ro_after_init = {
831 .hdrsize = 0,
832 .name = FOU_GENL_NAME,
833 .version = FOU_GENL_VERSION,
834 .maxattr = FOU_ATTR_MAX,
835 .netnsok = true,
836 .module = THIS_MODULE,
837 .ops = fou_nl_ops,
838 .n_ops = ARRAY_SIZE(fou_nl_ops),
839 };
840
841 size_t fou_encap_hlen(struct ip_tunnel_encap *e)
842 {
843 return sizeof(struct udphdr);
844 }
845 EXPORT_SYMBOL(fou_encap_hlen);
846
847 size_t gue_encap_hlen(struct ip_tunnel_encap *e)
848 {
849 size_t len;
850 bool need_priv = false;
851
852 len = sizeof(struct udphdr) + sizeof(struct guehdr);
853
854 if (e->flags & TUNNEL_ENCAP_FLAG_REMCSUM) {
855 len += GUE_PLEN_REMCSUM;
856 need_priv = true;
857 }
858
859 len += need_priv ? GUE_LEN_PRIV : 0;
860
861 return len;
862 }
863 EXPORT_SYMBOL(gue_encap_hlen);
864
865 int __fou_build_header(struct sk_buff *skb, struct ip_tunnel_encap *e,
866 u8 *protocol, __be16 *sport, int type)
867 {
868 int err;
869
870 err = iptunnel_handle_offloads(skb, type);
871 if (err)
872 return err;
873
874 *sport = e->sport ? : udp_flow_src_port(dev_net(skb->dev),
875 skb, 0, 0, false);
876
877 return 0;
878 }
879 EXPORT_SYMBOL(__fou_build_header);
880
881 int __gue_build_header(struct sk_buff *skb, struct ip_tunnel_encap *e,
882 u8 *protocol, __be16 *sport, int type)
883 {
884 struct guehdr *guehdr;
885 size_t hdrlen, optlen = 0;
886 void *data;
887 bool need_priv = false;
888 int err;
889
890 if ((e->flags & TUNNEL_ENCAP_FLAG_REMCSUM) &&
891 skb->ip_summed == CHECKSUM_PARTIAL) {
892 optlen += GUE_PLEN_REMCSUM;
893 type |= SKB_GSO_TUNNEL_REMCSUM;
894 need_priv = true;
895 }
896
897 optlen += need_priv ? GUE_LEN_PRIV : 0;
898
899 err = iptunnel_handle_offloads(skb, type);
900 if (err)
901 return err;
902
903 /* Get source port (based on flow hash) before skb_push */
904 *sport = e->sport ? : udp_flow_src_port(dev_net(skb->dev),
905 skb, 0, 0, false);
906
907 hdrlen = sizeof(struct guehdr) + optlen;
908
909 skb_push(skb, hdrlen);
910
911 guehdr = (struct guehdr *)skb->data;
912
913 guehdr->control = 0;
914 guehdr->version = 0;
915 guehdr->hlen = optlen >> 2;
916 guehdr->flags = 0;
917 guehdr->proto_ctype = *protocol;
918
919 data = &guehdr[1];
920
921 if (need_priv) {
922 __be32 *flags = data;
923
924 guehdr->flags |= GUE_FLAG_PRIV;
925 *flags = 0;
926 data += GUE_LEN_PRIV;
927
928 if (type & SKB_GSO_TUNNEL_REMCSUM) {
929 u16 csum_start = skb_checksum_start_offset(skb);
930 __be16 *pd = data;
931
932 if (csum_start < hdrlen)
933 return -EINVAL;
934
935 csum_start -= hdrlen;
936 pd[0] = htons(csum_start);
937 pd[1] = htons(csum_start + skb->csum_offset);
938
939 if (!skb_is_gso(skb)) {
940 skb->ip_summed = CHECKSUM_NONE;
941 skb->encapsulation = 0;
942 }
943
944 *flags |= GUE_PFLAG_REMCSUM;
945 data += GUE_PLEN_REMCSUM;
946 }
947
948 }
949
950 return 0;
951 }
952 EXPORT_SYMBOL(__gue_build_header);
953
954 #ifdef CONFIG_NET_FOU_IP_TUNNELS
955
956 static void fou_build_udp(struct sk_buff *skb, struct ip_tunnel_encap *e,
957 struct flowi4 *fl4, u8 *protocol, __be16 sport)
958 {
959 struct udphdr *uh;
960
961 skb_push(skb, sizeof(struct udphdr));
962 skb_reset_transport_header(skb);
963
964 uh = udp_hdr(skb);
965
966 uh->dest = e->dport;
967 uh->source = sport;
968 uh->len = htons(skb->len);
969 udp_set_csum(!(e->flags & TUNNEL_ENCAP_FLAG_CSUM), skb,
970 fl4->saddr, fl4->daddr, skb->len);
971
972 *protocol = IPPROTO_UDP;
973 }
974
975 static int fou_build_header(struct sk_buff *skb, struct ip_tunnel_encap *e,
976 u8 *protocol, struct flowi4 *fl4)
977 {
978 int type = e->flags & TUNNEL_ENCAP_FLAG_CSUM ? SKB_GSO_UDP_TUNNEL_CSUM :
979 SKB_GSO_UDP_TUNNEL;
980 __be16 sport;
981 int err;
982
983 err = __fou_build_header(skb, e, protocol, &sport, type);
984 if (err)
985 return err;
986
987 fou_build_udp(skb, e, fl4, protocol, sport);
988
989 return 0;
990 }
991
992 static int gue_build_header(struct sk_buff *skb, struct ip_tunnel_encap *e,
993 u8 *protocol, struct flowi4 *fl4)
994 {
995 int type = e->flags & TUNNEL_ENCAP_FLAG_CSUM ? SKB_GSO_UDP_TUNNEL_CSUM :
996 SKB_GSO_UDP_TUNNEL;
997 __be16 sport;
998 int err;
999
1000 err = __gue_build_header(skb, e, protocol, &sport, type);
1001 if (err)
1002 return err;
1003
1004 fou_build_udp(skb, e, fl4, protocol, sport);
1005
1006 return 0;
1007 }
1008
1009 static int gue_err_proto_handler(int proto, struct sk_buff *skb, u32 info)
1010 {
1011 const struct net_protocol *ipprot = rcu_dereference(inet_protos[proto]);
1012
1013 if (ipprot && ipprot->err_handler) {
1014 if (!ipprot->err_handler(skb, info))
1015 return 0;
1016 }
1017
1018 return -ENOENT;
1019 }
1020
1021 static int gue_err(struct sk_buff *skb, u32 info)
1022 {
1023 int transport_offset = skb_transport_offset(skb);
1024 struct guehdr *guehdr;
1025 size_t len, optlen;
1026 int ret;
1027
1028 len = sizeof(struct udphdr) + sizeof(struct guehdr);
1029 if (!pskb_may_pull(skb, transport_offset + len))
1030 return -EINVAL;
1031
1032 guehdr = (struct guehdr *)&udp_hdr(skb)[1];
1033
1034 switch (guehdr->version) {
1035 case 0: /* Full GUE header present */
1036 break;
1037 case 1: {
1038 /* Direct encasulation of IPv4 or IPv6 */
1039 skb_set_transport_header(skb, -(int)sizeof(struct icmphdr));
1040
1041 switch (((struct iphdr *)guehdr)->version) {
1042 case 4:
1043 ret = gue_err_proto_handler(IPPROTO_IPIP, skb, info);
1044 goto out;
1045 #if IS_ENABLED(CONFIG_IPV6)
1046 case 6:
1047 ret = gue_err_proto_handler(IPPROTO_IPV6, skb, info);
1048 goto out;
1049 #endif
1050 default:
1051 ret = -EOPNOTSUPP;
1052 goto out;
1053 }
1054 }
1055 default: /* Undefined version */
1056 return -EOPNOTSUPP;
1057 }
1058
1059 if (guehdr->control)
1060 return -ENOENT;
1061
1062 optlen = guehdr->hlen << 2;
1063
1064 if (!pskb_may_pull(skb, transport_offset + len + optlen))
1065 return -EINVAL;
1066
1067 guehdr = (struct guehdr *)&udp_hdr(skb)[1];
1068 if (validate_gue_flags(guehdr, optlen))
1069 return -EINVAL;
1070
1071 /* Handling exceptions for direct UDP encapsulation in GUE would lead to
1072 * recursion. Besides, this kind of encapsulation can't even be
1073 * configured currently. Discard this.
1074 */
1075 if (guehdr->proto_ctype == IPPROTO_UDP ||
1076 guehdr->proto_ctype == IPPROTO_UDPLITE)
1077 return -EOPNOTSUPP;
1078
1079 skb_set_transport_header(skb, -(int)sizeof(struct icmphdr));
1080 ret = gue_err_proto_handler(guehdr->proto_ctype, skb, info);
1081
1082 out:
1083 skb_set_transport_header(skb, transport_offset);
1084 return ret;
1085 }
1086
1087
1088 static const struct ip_tunnel_encap_ops fou_iptun_ops = {
1089 .encap_hlen = fou_encap_hlen,
1090 .build_header = fou_build_header,
1091 .err_handler = gue_err,
1092 };
1093
1094 static const struct ip_tunnel_encap_ops gue_iptun_ops = {
1095 .encap_hlen = gue_encap_hlen,
1096 .build_header = gue_build_header,
1097 .err_handler = gue_err,
1098 };
1099
1100 static int ip_tunnel_encap_add_fou_ops(void)
1101 {
1102 int ret;
1103
1104 ret = ip_tunnel_encap_add_ops(&fou_iptun_ops, TUNNEL_ENCAP_FOU);
1105 if (ret < 0) {
1106 pr_err("can't add fou ops\n");
1107 return ret;
1108 }
1109
1110 ret = ip_tunnel_encap_add_ops(&gue_iptun_ops, TUNNEL_ENCAP_GUE);
1111 if (ret < 0) {
1112 pr_err("can't add gue ops\n");
1113 ip_tunnel_encap_del_ops(&fou_iptun_ops, TUNNEL_ENCAP_FOU);
1114 return ret;
1115 }
1116
1117 return 0;
1118 }
1119
1120 static void ip_tunnel_encap_del_fou_ops(void)
1121 {
1122 ip_tunnel_encap_del_ops(&fou_iptun_ops, TUNNEL_ENCAP_FOU);
1123 ip_tunnel_encap_del_ops(&gue_iptun_ops, TUNNEL_ENCAP_GUE);
1124 }
1125
1126 #else
1127
1128 static int ip_tunnel_encap_add_fou_ops(void)
1129 {
1130 return 0;
1131 }
1132
1133 static void ip_tunnel_encap_del_fou_ops(void)
1134 {
1135 }
1136
1137 #endif
1138
1139 static __net_init int fou_init_net(struct net *net)
1140 {
1141 struct fou_net *fn = net_generic(net, fou_net_id);
1142
1143 INIT_LIST_HEAD(&fn->fou_list);
1144 mutex_init(&fn->fou_lock);
1145 return 0;
1146 }
1147
1148 static __net_exit void fou_exit_net(struct net *net)
1149 {
1150 struct fou_net *fn = net_generic(net, fou_net_id);
1151 struct fou *fou, *next;
1152
1153 /* Close all the FOU sockets */
1154 mutex_lock(&fn->fou_lock);
1155 list_for_each_entry_safe(fou, next, &fn->fou_list, list)
1156 fou_release(fou);
1157 mutex_unlock(&fn->fou_lock);
1158 }
1159
1160 static struct pernet_operations fou_net_ops = {
1161 .init = fou_init_net,
1162 .exit = fou_exit_net,
1163 .id = &fou_net_id,
1164 .size = sizeof(struct fou_net),
1165 };
1166
1167 static int __init fou_init(void)
1168 {
1169 int ret;
1170
1171 ret = register_pernet_device(&fou_net_ops);
1172 if (ret)
1173 goto exit;
1174
1175 ret = genl_register_family(&fou_nl_family);
1176 if (ret < 0)
1177 goto unregister;
1178
1179 ret = ip_tunnel_encap_add_fou_ops();
1180 if (ret == 0)
1181 return 0;
1182
1183 genl_unregister_family(&fou_nl_family);
1184 unregister:
1185 unregister_pernet_device(&fou_net_ops);
1186 exit:
1187 return ret;
1188 }
1189
1190 static void __exit fou_fini(void)
1191 {
1192 ip_tunnel_encap_del_fou_ops();
1193 genl_unregister_family(&fou_nl_family);
1194 unregister_pernet_device(&fou_net_ops);
1195 }
1196
1197 module_init(fou_init);
1198 module_exit(fou_fini);
1199 MODULE_AUTHOR("Tom Herbert <therbert@google.com>");
1200 MODULE_LICENSE("GPL");
Mirror of linux-2.6-arm at arm.linux.org.uk