search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
inet: frag: enforce memory limits earlier
[linux/fpc-iii.git] / drivers / net / geneve.c
blob92ad43e53c722e3a6cef8feb17cc9a6d078e21b1
1 /*
2 * GENEVE: Generic Network Virtualization Encapsulation
3 *
4 * Copyright (c) 2015 Red Hat, Inc.
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as
8 * published by the Free Software Foundation.
9 */
10
11 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
12
13 #include <linux/kernel.h>
14 #include <linux/module.h>
15 #include <linux/etherdevice.h>
16 #include <linux/hash.h>
17 #include <net/dst_metadata.h>
18 #include <net/gro_cells.h>
19 #include <net/rtnetlink.h>
20 #include <net/geneve.h>
21 #include <net/protocol.h>
22
23 #define GENEVE_NETDEV_VER "0.6"
24
25 #define GENEVE_UDP_PORT 6081
26
27 #define GENEVE_N_VID (1u << 24)
28 #define GENEVE_VID_MASK (GENEVE_N_VID - 1)
29
30 #define VNI_HASH_BITS 10
31 #define VNI_HASH_SIZE (1<<VNI_HASH_BITS)
32
33 static bool log_ecn_error = true;
34 module_param(log_ecn_error, bool, 0644);
35 MODULE_PARM_DESC(log_ecn_error, "Log packets received with corrupted ECN");
36
37 #define GENEVE_VER 0
38 #define GENEVE_BASE_HLEN (sizeof(struct udphdr) + sizeof(struct genevehdr))
39
40 /* per-network namespace private data for this module */
41 struct geneve_net {
42 struct list_head geneve_list;
43 struct list_head sock_list;
44 };
45
46 static int geneve_net_id;
47
48 union geneve_addr {
49 struct sockaddr_in sin;
50 struct sockaddr_in6 sin6;
51 struct sockaddr sa;
52 };
53
54 static union geneve_addr geneve_remote_unspec = { .sa.sa_family = AF_UNSPEC, };
55
56 /* Pseudo network device */
57 struct geneve_dev {
58 struct hlist_node hlist; /* vni hash table */
59 struct net *net; /* netns for packet i/o */
60 struct net_device *dev; /* netdev for geneve tunnel */
61 struct geneve_sock __rcu *sock4; /* IPv4 socket used for geneve tunnel */
62 #if IS_ENABLED(CONFIG_IPV6)
63 struct geneve_sock __rcu *sock6; /* IPv6 socket used for geneve tunnel */
64 #endif
65 u8 vni[3]; /* virtual network ID for tunnel */
66 u8 ttl; /* TTL override */
67 u8 tos; /* TOS override */
68 union geneve_addr remote; /* IP address for link partner */
69 struct list_head next; /* geneve's per namespace list */
70 __be32 label; /* IPv6 flowlabel override */
71 __be16 dst_port;
72 bool collect_md;
73 struct gro_cells gro_cells;
74 u32 flags;
75 struct dst_cache dst_cache;
76 };
77
78 /* Geneve device flags */
79 #define GENEVE_F_UDP_ZERO_CSUM_TX BIT(0)
80 #define GENEVE_F_UDP_ZERO_CSUM6_TX BIT(1)
81 #define GENEVE_F_UDP_ZERO_CSUM6_RX BIT(2)
82
83 struct geneve_sock {
84 bool collect_md;
85 struct list_head list;
86 struct socket *sock;
87 struct rcu_head rcu;
88 int refcnt;
89 struct hlist_head vni_list[VNI_HASH_SIZE];
90 u32 flags;
91 };
92
93 static inline __u32 geneve_net_vni_hash(u8 vni[3])
94 {
95 __u32 vnid;
96
97 vnid = (vni[0] << 16) | (vni[1] << 8) | vni[2];
98 return hash_32(vnid, VNI_HASH_BITS);
99 }
100
101 static __be64 vni_to_tunnel_id(const __u8 *vni)
102 {
103 #ifdef __BIG_ENDIAN
104 return (vni[0] << 16) | (vni[1] << 8) | vni[2];
105 #else
106 return (__force __be64)(((__force u64)vni[0] << 40) |
107 ((__force u64)vni[1] << 48) |
108 ((__force u64)vni[2] << 56));
109 #endif
110 }
111
112 static sa_family_t geneve_get_sk_family(struct geneve_sock *gs)
113 {
114 return gs->sock->sk->sk_family;
115 }
116
117 static struct geneve_dev *geneve_lookup(struct geneve_sock *gs,
118 __be32 addr, u8 vni[])
119 {
120 struct hlist_head *vni_list_head;
121 struct geneve_dev *geneve;
122 __u32 hash;
123
124 /* Find the device for this VNI */
125 hash = geneve_net_vni_hash(vni);
126 vni_list_head = &gs->vni_list[hash];
127 hlist_for_each_entry_rcu(geneve, vni_list_head, hlist) {
128 if (!memcmp(vni, geneve->vni, sizeof(geneve->vni)) &&
129 addr == geneve->remote.sin.sin_addr.s_addr)
130 return geneve;
131 }
132 return NULL;
133 }
134
135 #if IS_ENABLED(CONFIG_IPV6)
136 static struct geneve_dev *geneve6_lookup(struct geneve_sock *gs,
137 struct in6_addr addr6, u8 vni[])
138 {
139 struct hlist_head *vni_list_head;
140 struct geneve_dev *geneve;
141 __u32 hash;
142
143 /* Find the device for this VNI */
144 hash = geneve_net_vni_hash(vni);
145 vni_list_head = &gs->vni_list[hash];
146 hlist_for_each_entry_rcu(geneve, vni_list_head, hlist) {
147 if (!memcmp(vni, geneve->vni, sizeof(geneve->vni)) &&
148 ipv6_addr_equal(&addr6, &geneve->remote.sin6.sin6_addr))
149 return geneve;
150 }
151 return NULL;
152 }
153 #endif
154
155 static inline struct genevehdr *geneve_hdr(const struct sk_buff *skb)
156 {
157 return (struct genevehdr *)(udp_hdr(skb) + 1);
158 }
159
160 static struct geneve_dev *geneve_lookup_skb(struct geneve_sock *gs,
161 struct sk_buff *skb)
162 {
163 u8 *vni;
164 __be32 addr;
165 static u8 zero_vni[3];
166 #if IS_ENABLED(CONFIG_IPV6)
167 static struct in6_addr zero_addr6;
168 #endif
169
170 if (geneve_get_sk_family(gs) == AF_INET) {
171 struct iphdr *iph;
172
173 iph = ip_hdr(skb); /* outer IP header... */
174
175 if (gs->collect_md) {
176 vni = zero_vni;
177 addr = 0;
178 } else {
179 vni = geneve_hdr(skb)->vni;
180 addr = iph->saddr;
181 }
182
183 return geneve_lookup(gs, addr, vni);
184 #if IS_ENABLED(CONFIG_IPV6)
185 } else if (geneve_get_sk_family(gs) == AF_INET6) {
186 struct ipv6hdr *ip6h;
187 struct in6_addr addr6;
188
189 ip6h = ipv6_hdr(skb); /* outer IPv6 header... */
190
191 if (gs->collect_md) {
192 vni = zero_vni;
193 addr6 = zero_addr6;
194 } else {
195 vni = geneve_hdr(skb)->vni;
196 addr6 = ip6h->saddr;
197 }
198
199 return geneve6_lookup(gs, addr6, vni);
200 #endif
201 }
202 return NULL;
203 }
204
205 /* geneve receive/decap routine */
206 static void geneve_rx(struct geneve_dev *geneve, struct geneve_sock *gs,
207 struct sk_buff *skb)
208 {
209 struct genevehdr *gnvh = geneve_hdr(skb);
210 struct metadata_dst *tun_dst = NULL;
211 struct pcpu_sw_netstats *stats;
212 unsigned int len;
213 int err = 0;
214 void *oiph;
215
216 if (ip_tunnel_collect_metadata() || gs->collect_md) {
217 __be16 flags;
218
219 flags = TUNNEL_KEY | TUNNEL_GENEVE_OPT |
220 (gnvh->oam ? TUNNEL_OAM : 0) |
221 (gnvh->critical ? TUNNEL_CRIT_OPT : 0);
222
223 tun_dst = udp_tun_rx_dst(skb, geneve_get_sk_family(gs), flags,
224 vni_to_tunnel_id(gnvh->vni),
225 gnvh->opt_len * 4);
226 if (!tun_dst) {
227 geneve->dev->stats.rx_dropped++;
228 goto drop;
229 }
230 /* Update tunnel dst according to Geneve options. */
231 ip_tunnel_info_opts_set(&tun_dst->u.tun_info,
232 gnvh->options, gnvh->opt_len * 4);
233 } else {
234 /* Drop packets w/ critical options,
235 * since we don't support any...
236 */
237 if (gnvh->critical) {
238 geneve->dev->stats.rx_frame_errors++;
239 geneve->dev->stats.rx_errors++;
240 goto drop;
241 }
242 }
243
244 skb_reset_mac_header(skb);
245 skb->protocol = eth_type_trans(skb, geneve->dev);
246 skb_postpull_rcsum(skb, eth_hdr(skb), ETH_HLEN);
247
248 if (tun_dst)
249 skb_dst_set(skb, &tun_dst->dst);
250
251 /* Ignore packet loops (and multicast echo) */
252 if (ether_addr_equal(eth_hdr(skb)->h_source, geneve->dev->dev_addr)) {
253 geneve->dev->stats.rx_errors++;
254 goto drop;
255 }
256
257 oiph = skb_network_header(skb);
258 skb_reset_network_header(skb);
259
260 if (geneve_get_sk_family(gs) == AF_INET)
261 err = IP_ECN_decapsulate(oiph, skb);
262 #if IS_ENABLED(CONFIG_IPV6)
263 else
264 err = IP6_ECN_decapsulate(oiph, skb);
265 #endif
266
267 if (unlikely(err)) {
268 if (log_ecn_error) {
269 if (geneve_get_sk_family(gs) == AF_INET)
270 net_info_ratelimited("non-ECT from %pI4 "
271 "with TOS=%#x\n",
272 &((struct iphdr *)oiph)->saddr,
273 ((struct iphdr *)oiph)->tos);
274 #if IS_ENABLED(CONFIG_IPV6)
275 else
276 net_info_ratelimited("non-ECT from %pI6\n",
277 &((struct ipv6hdr *)oiph)->saddr);
278 #endif
279 }
280 if (err > 1) {
281 ++geneve->dev->stats.rx_frame_errors;
282 ++geneve->dev->stats.rx_errors;
283 goto drop;
284 }
285 }
286
287 len = skb->len;
288 err = gro_cells_receive(&geneve->gro_cells, skb);
289 if (likely(err == NET_RX_SUCCESS)) {
290 stats = this_cpu_ptr(geneve->dev->tstats);
291 u64_stats_update_begin(&stats->syncp);
292 stats->rx_packets++;
293 stats->rx_bytes += len;
294 u64_stats_update_end(&stats->syncp);
295 }
296 return;
297 drop:
298 /* Consume bad packet */
299 kfree_skb(skb);
300 }
301
302 /* Setup stats when device is created */
303 static int geneve_init(struct net_device *dev)
304 {
305 struct geneve_dev *geneve = netdev_priv(dev);
306 int err;
307
308 dev->tstats = netdev_alloc_pcpu_stats(struct pcpu_sw_netstats);
309 if (!dev->tstats)
310 return -ENOMEM;
311
312 err = gro_cells_init(&geneve->gro_cells, dev);
313 if (err) {
314 free_percpu(dev->tstats);
315 return err;
316 }
317
318 err = dst_cache_init(&geneve->dst_cache, GFP_KERNEL);
319 if (err) {
320 free_percpu(dev->tstats);
321 gro_cells_destroy(&geneve->gro_cells);
322 return err;
323 }
324
325 return 0;
326 }
327
328 static void geneve_uninit(struct net_device *dev)
329 {
330 struct geneve_dev *geneve = netdev_priv(dev);
331
332 dst_cache_destroy(&geneve->dst_cache);
333 gro_cells_destroy(&geneve->gro_cells);
334 free_percpu(dev->tstats);
335 }
336
337 /* Callback from net/ipv4/udp.c to receive packets */
338 static int geneve_udp_encap_recv(struct sock *sk, struct sk_buff *skb)
339 {
340 struct genevehdr *geneveh;
341 struct geneve_dev *geneve;
342 struct geneve_sock *gs;
343 int opts_len;
344
345 /* Need UDP and Geneve header to be present */
346 if (unlikely(!pskb_may_pull(skb, GENEVE_BASE_HLEN)))
347 goto drop;
348
349 /* Return packets with reserved bits set */
350 geneveh = geneve_hdr(skb);
351 if (unlikely(geneveh->ver != GENEVE_VER))
352 goto drop;
353
354 if (unlikely(geneveh->proto_type != htons(ETH_P_TEB)))
355 goto drop;
356
357 gs = rcu_dereference_sk_user_data(sk);
358 if (!gs)
359 goto drop;
360
361 geneve = geneve_lookup_skb(gs, skb);
362 if (!geneve)
363 goto drop;
364
365 opts_len = geneveh->opt_len * 4;
366 if (iptunnel_pull_header(skb, GENEVE_BASE_HLEN + opts_len,
367 htons(ETH_P_TEB),
368 !net_eq(geneve->net, dev_net(geneve->dev)))) {
369 geneve->dev->stats.rx_dropped++;
370 goto drop;
371 }
372
373 geneve_rx(geneve, gs, skb);
374 return 0;
375
376 drop:
377 /* Consume bad packet */
378 kfree_skb(skb);
379 return 0;
380 }
381
382 static struct socket *geneve_create_sock(struct net *net, bool ipv6,
383 __be16 port, u32 flags)
384 {
385 struct socket *sock;
386 struct udp_port_cfg udp_conf;
387 int err;
388
389 memset(&udp_conf, 0, sizeof(udp_conf));
390
391 if (ipv6) {
392 udp_conf.family = AF_INET6;
393 udp_conf.ipv6_v6only = 1;
394 udp_conf.use_udp6_rx_checksums =
395 !(flags & GENEVE_F_UDP_ZERO_CSUM6_RX);
396 } else {
397 udp_conf.family = AF_INET;
398 udp_conf.local_ip.s_addr = htonl(INADDR_ANY);
399 }
400
401 udp_conf.local_udp_port = port;
402
403 /* Open UDP socket */
404 err = udp_sock_create(net, &udp_conf, &sock);
405 if (err < 0)
406 return ERR_PTR(err);
407
408 return sock;
409 }
410
411 static int geneve_hlen(struct genevehdr *gh)
412 {
413 return sizeof(*gh) + gh->opt_len * 4;
414 }
415
416 static struct sk_buff **geneve_gro_receive(struct sock *sk,
417 struct sk_buff **head,
418 struct sk_buff *skb)
419 {
420 struct sk_buff *p, **pp = NULL;
421 struct genevehdr *gh, *gh2;
422 unsigned int hlen, gh_len, off_gnv;
423 const struct packet_offload *ptype;
424 __be16 type;
425 int flush = 1;
426
427 off_gnv = skb_gro_offset(skb);
428 hlen = off_gnv + sizeof(*gh);
429 gh = skb_gro_header_fast(skb, off_gnv);
430 if (skb_gro_header_hard(skb, hlen)) {
431 gh = skb_gro_header_slow(skb, hlen, off_gnv);
432 if (unlikely(!gh))
433 goto out;
434 }
435
436 if (gh->ver != GENEVE_VER || gh->oam)
437 goto out;
438 gh_len = geneve_hlen(gh);
439
440 hlen = off_gnv + gh_len;
441 if (skb_gro_header_hard(skb, hlen)) {
442 gh = skb_gro_header_slow(skb, hlen, off_gnv);
443 if (unlikely(!gh))
444 goto out;
445 }
446
447 for (p = *head; p; p = p->next) {
448 if (!NAPI_GRO_CB(p)->same_flow)
449 continue;
450
451 gh2 = (struct genevehdr *)(p->data + off_gnv);
452 if (gh->opt_len != gh2->opt_len ||
453 memcmp(gh, gh2, gh_len)) {
454 NAPI_GRO_CB(p)->same_flow = 0;
455 continue;
456 }
457 }
458
459 type = gh->proto_type;
460
461 rcu_read_lock();
462 ptype = gro_find_receive_by_type(type);
463 if (!ptype)
464 goto out_unlock;
465
466 skb_gro_pull(skb, gh_len);
467 skb_gro_postpull_rcsum(skb, gh, gh_len);
468 pp = call_gro_receive(ptype->callbacks.gro_receive, head, skb);
469 flush = 0;
470
471 out_unlock:
472 rcu_read_unlock();
473 out:
474 NAPI_GRO_CB(skb)->flush |= flush;
475
476 return pp;
477 }
478
479 static int geneve_gro_complete(struct sock *sk, struct sk_buff *skb,
480 int nhoff)
481 {
482 struct genevehdr *gh;
483 struct packet_offload *ptype;
484 __be16 type;
485 int gh_len;
486 int err = -ENOSYS;
487
488 gh = (struct genevehdr *)(skb->data + nhoff);
489 gh_len = geneve_hlen(gh);
490 type = gh->proto_type;
491
492 rcu_read_lock();
493 ptype = gro_find_complete_by_type(type);
494 if (ptype)
495 err = ptype->callbacks.gro_complete(skb, nhoff + gh_len);
496
497 rcu_read_unlock();
498
499 skb_set_inner_mac_header(skb, nhoff + gh_len);
500
501 return err;
502 }
503
504 /* Create new listen socket if needed */
505 static struct geneve_sock *geneve_socket_create(struct net *net, __be16 port,
506 bool ipv6, u32 flags)
507 {
508 struct geneve_net *gn = net_generic(net, geneve_net_id);
509 struct geneve_sock *gs;
510 struct socket *sock;
511 struct udp_tunnel_sock_cfg tunnel_cfg;
512 int h;
513
514 gs = kzalloc(sizeof(*gs), GFP_KERNEL);
515 if (!gs)
516 return ERR_PTR(-ENOMEM);
517
518 sock = geneve_create_sock(net, ipv6, port, flags);
519 if (IS_ERR(sock)) {
520 kfree(gs);
521 return ERR_CAST(sock);
522 }
523
524 gs->sock = sock;
525 gs->refcnt = 1;
526 for (h = 0; h < VNI_HASH_SIZE; ++h)
527 INIT_HLIST_HEAD(&gs->vni_list[h]);
528
529 /* Initialize the geneve udp offloads structure */
530 udp_tunnel_notify_add_rx_port(gs->sock, UDP_TUNNEL_TYPE_GENEVE);
531
532 /* Mark socket as an encapsulation socket */
533 memset(&tunnel_cfg, 0, sizeof(tunnel_cfg));
534 tunnel_cfg.sk_user_data = gs;
535 tunnel_cfg.encap_type = 1;
536 tunnel_cfg.gro_receive = geneve_gro_receive;
537 tunnel_cfg.gro_complete = geneve_gro_complete;
538 tunnel_cfg.encap_rcv = geneve_udp_encap_recv;
539 tunnel_cfg.encap_destroy = NULL;
540 setup_udp_tunnel_sock(net, sock, &tunnel_cfg);
541 list_add(&gs->list, &gn->sock_list);
542 return gs;
543 }
544
545 static void __geneve_sock_release(struct geneve_sock *gs)
546 {
547 if (!gs || --gs->refcnt)
548 return;
549
550 list_del(&gs->list);
551 udp_tunnel_notify_del_rx_port(gs->sock, UDP_TUNNEL_TYPE_GENEVE);
552 udp_tunnel_sock_release(gs->sock);
553 kfree_rcu(gs, rcu);
554 }
555
556 static void geneve_sock_release(struct geneve_dev *geneve)
557 {
558 struct geneve_sock *gs4 = rtnl_dereference(geneve->sock4);
559 #if IS_ENABLED(CONFIG_IPV6)
560 struct geneve_sock *gs6 = rtnl_dereference(geneve->sock6);
561
562 rcu_assign_pointer(geneve->sock6, NULL);
563 #endif
564
565 rcu_assign_pointer(geneve->sock4, NULL);
566 synchronize_net();
567
568 __geneve_sock_release(gs4);
569 #if IS_ENABLED(CONFIG_IPV6)
570 __geneve_sock_release(gs6);
571 #endif
572 }
573
574 static struct geneve_sock *geneve_find_sock(struct geneve_net *gn,
575 sa_family_t family,
576 __be16 dst_port)
577 {
578 struct geneve_sock *gs;
579
580 list_for_each_entry(gs, &gn->sock_list, list) {
581 if (inet_sk(gs->sock->sk)->inet_sport == dst_port &&
582 geneve_get_sk_family(gs) == family) {
583 return gs;
584 }
585 }
586 return NULL;
587 }
588
589 static int geneve_sock_add(struct geneve_dev *geneve, bool ipv6)
590 {
591 struct net *net = geneve->net;
592 struct geneve_net *gn = net_generic(net, geneve_net_id);
593 struct geneve_sock *gs;
594 __u32 hash;
595
596 gs = geneve_find_sock(gn, ipv6 ? AF_INET6 : AF_INET, geneve->dst_port);
597 if (gs) {
598 gs->refcnt++;
599 goto out;
600 }
601
602 gs = geneve_socket_create(net, geneve->dst_port, ipv6, geneve->flags);
603 if (IS_ERR(gs))
604 return PTR_ERR(gs);
605
606 out:
607 gs->collect_md = geneve->collect_md;
608 gs->flags = geneve->flags;
609 #if IS_ENABLED(CONFIG_IPV6)
610 if (ipv6)
611 rcu_assign_pointer(geneve->sock6, gs);
612 else
613 #endif
614 rcu_assign_pointer(geneve->sock4, gs);
615
616 hash = geneve_net_vni_hash(geneve->vni);
617 hlist_add_head_rcu(&geneve->hlist, &gs->vni_list[hash]);
618 return 0;
619 }
620
621 static int geneve_open(struct net_device *dev)
622 {
623 struct geneve_dev *geneve = netdev_priv(dev);
624 bool ipv6 = geneve->remote.sa.sa_family == AF_INET6;
625 bool metadata = geneve->collect_md;
626 int ret = 0;
627
628 #if IS_ENABLED(CONFIG_IPV6)
629 if (ipv6 || metadata)
630 ret = geneve_sock_add(geneve, true);
631 #endif
632 if (!ret && (!ipv6 || metadata))
633 ret = geneve_sock_add(geneve, false);
634 if (ret < 0)
635 geneve_sock_release(geneve);
636
637 return ret;
638 }
639
640 static int geneve_stop(struct net_device *dev)
641 {
642 struct geneve_dev *geneve = netdev_priv(dev);
643
644 if (!hlist_unhashed(&geneve->hlist))
645 hlist_del_rcu(&geneve->hlist);
646 geneve_sock_release(geneve);
647 return 0;
648 }
649
650 static void geneve_build_header(struct genevehdr *geneveh,
651 __be16 tun_flags, u8 vni[3],
652 u8 options_len, u8 *options)
653 {
654 geneveh->ver = GENEVE_VER;
655 geneveh->opt_len = options_len / 4;
656 geneveh->oam = !!(tun_flags & TUNNEL_OAM);
657 geneveh->critical = !!(tun_flags & TUNNEL_CRIT_OPT);
658 geneveh->rsvd1 = 0;
659 memcpy(geneveh->vni, vni, 3);
660 geneveh->proto_type = htons(ETH_P_TEB);
661 geneveh->rsvd2 = 0;
662
663 memcpy(geneveh->options, options, options_len);
664 }
665
666 static int geneve_build_skb(struct rtable *rt, struct sk_buff *skb,
667 __be16 tun_flags, u8 vni[3], u8 opt_len, u8 *opt,
668 u32 flags, bool xnet)
669 {
670 struct genevehdr *gnvh;
671 int min_headroom;
672 int err;
673 bool udp_sum = !(flags & GENEVE_F_UDP_ZERO_CSUM_TX);
674
675 skb_scrub_packet(skb, xnet);
676
677 min_headroom = LL_RESERVED_SPACE(rt->dst.dev) + rt->dst.header_len
678 + GENEVE_BASE_HLEN + opt_len + sizeof(struct iphdr);
679 err = skb_cow_head(skb, min_headroom);
680 if (unlikely(err))
681 goto free_rt;
682
683 err = udp_tunnel_handle_offloads(skb, udp_sum);
684 if (err)
685 goto free_rt;
686
687 gnvh = (struct genevehdr *)__skb_push(skb, sizeof(*gnvh) + opt_len);
688 geneve_build_header(gnvh, tun_flags, vni, opt_len, opt);
689
690 skb_set_inner_protocol(skb, htons(ETH_P_TEB));
691 return 0;
692
693 free_rt:
694 ip_rt_put(rt);
695 return err;
696 }
697
698 #if IS_ENABLED(CONFIG_IPV6)
699 static int geneve6_build_skb(struct dst_entry *dst, struct sk_buff *skb,
700 __be16 tun_flags, u8 vni[3], u8 opt_len, u8 *opt,
701 u32 flags, bool xnet)
702 {
703 struct genevehdr *gnvh;
704 int min_headroom;
705 int err;
706 bool udp_sum = !(flags & GENEVE_F_UDP_ZERO_CSUM6_TX);
707
708 skb_scrub_packet(skb, xnet);
709
710 min_headroom = LL_RESERVED_SPACE(dst->dev) + dst->header_len
711 + GENEVE_BASE_HLEN + opt_len + sizeof(struct ipv6hdr);
712 err = skb_cow_head(skb, min_headroom);
713 if (unlikely(err))
714 goto free_dst;
715
716 err = udp_tunnel_handle_offloads(skb, udp_sum);
717 if (err)
718 goto free_dst;
719
720 gnvh = (struct genevehdr *)__skb_push(skb, sizeof(*gnvh) + opt_len);
721 geneve_build_header(gnvh, tun_flags, vni, opt_len, opt);
722
723 skb_set_inner_protocol(skb, htons(ETH_P_TEB));
724 return 0;
725
726 free_dst:
727 dst_release(dst);
728 return err;
729 }
730 #endif
731
732 static struct rtable *geneve_get_v4_rt(struct sk_buff *skb,
733 struct net_device *dev,
734 struct flowi4 *fl4,
735 struct ip_tunnel_info *info)
736 {
737 bool use_cache = ip_tunnel_dst_cache_usable(skb, info);
738 struct geneve_dev *geneve = netdev_priv(dev);
739 struct dst_cache *dst_cache;
740 struct rtable *rt = NULL;
741 __u8 tos;
742
743 if (!rcu_dereference(geneve->sock4))
744 return ERR_PTR(-EIO);
745
746 memset(fl4, 0, sizeof(*fl4));
747 fl4->flowi4_mark = skb->mark;
748 fl4->flowi4_proto = IPPROTO_UDP;
749
750 if (info) {
751 fl4->daddr = info->key.u.ipv4.dst;
752 fl4->saddr = info->key.u.ipv4.src;
753 fl4->flowi4_tos = RT_TOS(info->key.tos);
754 dst_cache = &info->dst_cache;
755 } else {
756 tos = geneve->tos;
757 if (tos == 1) {
758 const struct iphdr *iip = ip_hdr(skb);
759
760 tos = ip_tunnel_get_dsfield(iip, skb);
761 use_cache = false;
762 }
763
764 fl4->flowi4_tos = RT_TOS(tos);
765 fl4->daddr = geneve->remote.sin.sin_addr.s_addr;
766 dst_cache = &geneve->dst_cache;
767 }
768
769 if (use_cache) {
770 rt = dst_cache_get_ip4(dst_cache, &fl4->saddr);
771 if (rt)
772 return rt;
773 }
774
775 rt = ip_route_output_key(geneve->net, fl4);
776 if (IS_ERR(rt)) {
777 netdev_dbg(dev, "no route to %pI4\n", &fl4->daddr);
778 return ERR_PTR(-ENETUNREACH);
779 }
780 if (rt->dst.dev == dev) { /* is this necessary? */
781 netdev_dbg(dev, "circular route to %pI4\n", &fl4->daddr);
782 ip_rt_put(rt);
783 return ERR_PTR(-ELOOP);
784 }
785 if (use_cache)
786 dst_cache_set_ip4(dst_cache, &rt->dst, fl4->saddr);
787 return rt;
788 }
789
790 #if IS_ENABLED(CONFIG_IPV6)
791 static struct dst_entry *geneve_get_v6_dst(struct sk_buff *skb,
792 struct net_device *dev,
793 struct flowi6 *fl6,
794 struct ip_tunnel_info *info)
795 {
796 bool use_cache = ip_tunnel_dst_cache_usable(skb, info);
797 struct geneve_dev *geneve = netdev_priv(dev);
798 struct dst_entry *dst = NULL;
799 struct dst_cache *dst_cache;
800 struct geneve_sock *gs6;
801 __u8 prio;
802
803 gs6 = rcu_dereference(geneve->sock6);
804 if (!gs6)
805 return ERR_PTR(-EIO);
806
807 memset(fl6, 0, sizeof(*fl6));
808 fl6->flowi6_mark = skb->mark;
809 fl6->flowi6_proto = IPPROTO_UDP;
810
811 if (info) {
812 fl6->daddr = info->key.u.ipv6.dst;
813 fl6->saddr = info->key.u.ipv6.src;
814 fl6->flowlabel = ip6_make_flowinfo(RT_TOS(info->key.tos),
815 info->key.label);
816 dst_cache = &info->dst_cache;
817 } else {
818 prio = geneve->tos;
819 if (prio == 1) {
820 const struct iphdr *iip = ip_hdr(skb);
821
822 prio = ip_tunnel_get_dsfield(iip, skb);
823 use_cache = false;
824 }
825
826 fl6->flowlabel = ip6_make_flowinfo(RT_TOS(prio),
827 geneve->label);
828 fl6->daddr = geneve->remote.sin6.sin6_addr;
829 dst_cache = &geneve->dst_cache;
830 }
831
832 if (use_cache) {
833 dst = dst_cache_get_ip6(dst_cache, &fl6->saddr);
834 if (dst)
835 return dst;
836 }
837
838 if (ipv6_stub->ipv6_dst_lookup(geneve->net, gs6->sock->sk, &dst, fl6)) {
839 netdev_dbg(dev, "no route to %pI6\n", &fl6->daddr);
840 return ERR_PTR(-ENETUNREACH);
841 }
842 if (dst->dev == dev) { /* is this necessary? */
843 netdev_dbg(dev, "circular route to %pI6\n", &fl6->daddr);
844 dst_release(dst);
845 return ERR_PTR(-ELOOP);
846 }
847
848 if (use_cache)
849 dst_cache_set_ip6(dst_cache, dst, &fl6->saddr);
850 return dst;
851 }
852 #endif
853
854 /* Convert 64 bit tunnel ID to 24 bit VNI. */
855 static void tunnel_id_to_vni(__be64 tun_id, __u8 *vni)
856 {
857 #ifdef __BIG_ENDIAN
858 vni[0] = (__force __u8)(tun_id >> 16);
859 vni[1] = (__force __u8)(tun_id >> 8);
860 vni[2] = (__force __u8)tun_id;
861 #else
862 vni[0] = (__force __u8)((__force u64)tun_id >> 40);
863 vni[1] = (__force __u8)((__force u64)tun_id >> 48);
864 vni[2] = (__force __u8)((__force u64)tun_id >> 56);
865 #endif
866 }
867
868 static netdev_tx_t geneve_xmit_skb(struct sk_buff *skb, struct net_device *dev,
869 struct ip_tunnel_info *info)
870 {
871 struct geneve_dev *geneve = netdev_priv(dev);
872 struct geneve_sock *gs4;
873 struct rtable *rt = NULL;
874 int err = -EINVAL;
875 struct flowi4 fl4;
876 __u8 tos, ttl;
877 __be16 sport;
878 __be16 df;
879 bool xnet = !net_eq(geneve->net, dev_net(geneve->dev));
880 u32 flags = geneve->flags;
881
882 gs4 = rcu_dereference(geneve->sock4);
883 if (!gs4)
884 goto tx_error;
885
886 if (geneve->collect_md) {
887 if (unlikely(!info || !(info->mode & IP_TUNNEL_INFO_TX))) {
888 netdev_dbg(dev, "no tunnel metadata\n");
889 goto tx_error;
890 }
891 if (info && ip_tunnel_info_af(info) != AF_INET)
892 goto tx_error;
893 }
894
895 rt = geneve_get_v4_rt(skb, dev, &fl4, info);
896 if (IS_ERR(rt)) {
897 err = PTR_ERR(rt);
898 goto tx_error;
899 }
900
901 sport = udp_flow_src_port(geneve->net, skb, 1, USHRT_MAX, true);
902 skb_reset_mac_header(skb);
903
904 if (info) {
905 const struct ip_tunnel_key *key = &info->key;
906 u8 *opts = NULL;
907 u8 vni[3];
908
909 tunnel_id_to_vni(key->tun_id, vni);
910 if (info->options_len)
911 opts = ip_tunnel_info_opts(info);
912
913 if (key->tun_flags & TUNNEL_CSUM)
914 flags &= ~GENEVE_F_UDP_ZERO_CSUM_TX;
915 else
916 flags |= GENEVE_F_UDP_ZERO_CSUM_TX;
917
918 err = geneve_build_skb(rt, skb, key->tun_flags, vni,
919 info->options_len, opts, flags, xnet);
920 if (unlikely(err))
921 goto tx_error;
922
923 tos = ip_tunnel_ecn_encap(key->tos, ip_hdr(skb), skb);
924 ttl = key->ttl;
925 df = key->tun_flags & TUNNEL_DONT_FRAGMENT ? htons(IP_DF) : 0;
926 } else {
927 err = geneve_build_skb(rt, skb, 0, geneve->vni,
928 0, NULL, flags, xnet);
929 if (unlikely(err))
930 goto tx_error;
931
932 tos = ip_tunnel_ecn_encap(fl4.flowi4_tos, ip_hdr(skb), skb);
933 ttl = geneve->ttl;
934 if (!ttl && IN_MULTICAST(ntohl(fl4.daddr)))
935 ttl = 1;
936 ttl = ttl ? : ip4_dst_hoplimit(&rt->dst);
937 df = 0;
938 }
939 udp_tunnel_xmit_skb(rt, gs4->sock->sk, skb, fl4.saddr, fl4.daddr,
940 tos, ttl, df, sport, geneve->dst_port,
941 !net_eq(geneve->net, dev_net(geneve->dev)),
942 !!(flags & GENEVE_F_UDP_ZERO_CSUM_TX));
943
944 return NETDEV_TX_OK;
945
946 tx_error:
947 dev_kfree_skb(skb);
948
949 if (err == -ELOOP)
950 dev->stats.collisions++;
951 else if (err == -ENETUNREACH)
952 dev->stats.tx_carrier_errors++;
953
954 dev->stats.tx_errors++;
955 return NETDEV_TX_OK;
956 }
957
958 #if IS_ENABLED(CONFIG_IPV6)
959 static netdev_tx_t geneve6_xmit_skb(struct sk_buff *skb, struct net_device *dev,
960 struct ip_tunnel_info *info)
961 {
962 struct geneve_dev *geneve = netdev_priv(dev);
963 struct dst_entry *dst = NULL;
964 struct geneve_sock *gs6;
965 int err = -EINVAL;
966 struct flowi6 fl6;
967 __u8 prio, ttl;
968 __be16 sport;
969 __be32 label;
970 bool xnet = !net_eq(geneve->net, dev_net(geneve->dev));
971 u32 flags = geneve->flags;
972
973 gs6 = rcu_dereference(geneve->sock6);
974 if (!gs6)
975 goto tx_error;
976
977 if (geneve->collect_md) {
978 if (unlikely(!info || !(info->mode & IP_TUNNEL_INFO_TX))) {
979 netdev_dbg(dev, "no tunnel metadata\n");
980 goto tx_error;
981 }
982 }
983
984 dst = geneve_get_v6_dst(skb, dev, &fl6, info);
985 if (IS_ERR(dst)) {
986 err = PTR_ERR(dst);
987 goto tx_error;
988 }
989
990 sport = udp_flow_src_port(geneve->net, skb, 1, USHRT_MAX, true);
991 skb_reset_mac_header(skb);
992
993 if (info) {
994 const struct ip_tunnel_key *key = &info->key;
995 u8 *opts = NULL;
996 u8 vni[3];
997
998 tunnel_id_to_vni(key->tun_id, vni);
999 if (info->options_len)
1000 opts = ip_tunnel_info_opts(info);
1001
1002 if (key->tun_flags & TUNNEL_CSUM)
1003 flags &= ~GENEVE_F_UDP_ZERO_CSUM6_TX;
1004 else
1005 flags |= GENEVE_F_UDP_ZERO_CSUM6_TX;
1006
1007 err = geneve6_build_skb(dst, skb, key->tun_flags, vni,
1008 info->options_len, opts,
1009 flags, xnet);
1010 if (unlikely(err))
1011 goto tx_error;
1012
1013 prio = ip_tunnel_ecn_encap(key->tos, ip_hdr(skb), skb);
1014 ttl = key->ttl;
1015 label = info->key.label;
1016 } else {
1017 err = geneve6_build_skb(dst, skb, 0, geneve->vni,
1018 0, NULL, flags, xnet);
1019 if (unlikely(err))
1020 goto tx_error;
1021
1022 prio = ip_tunnel_ecn_encap(ip6_tclass(fl6.flowlabel),
1023 ip_hdr(skb), skb);
1024 ttl = geneve->ttl;
1025 if (!ttl && ipv6_addr_is_multicast(&fl6.daddr))
1026 ttl = 1;
1027 ttl = ttl ? : ip6_dst_hoplimit(dst);
1028 label = geneve->label;
1029 }
1030
1031 udp_tunnel6_xmit_skb(dst, gs6->sock->sk, skb, dev,
1032 &fl6.saddr, &fl6.daddr, prio, ttl, label,
1033 sport, geneve->dst_port,
1034 !!(flags & GENEVE_F_UDP_ZERO_CSUM6_TX));
1035 return NETDEV_TX_OK;
1036
1037 tx_error:
1038 dev_kfree_skb(skb);
1039
1040 if (err == -ELOOP)
1041 dev->stats.collisions++;
1042 else if (err == -ENETUNREACH)
1043 dev->stats.tx_carrier_errors++;
1044
1045 dev->stats.tx_errors++;
1046 return NETDEV_TX_OK;
1047 }
1048 #endif
1049
1050 static netdev_tx_t geneve_xmit(struct sk_buff *skb, struct net_device *dev)
1051 {
1052 struct geneve_dev *geneve = netdev_priv(dev);
1053 struct ip_tunnel_info *info = NULL;
1054 int err;
1055
1056 if (geneve->collect_md)
1057 info = skb_tunnel_info(skb);
1058
1059 rcu_read_lock();
1060 #if IS_ENABLED(CONFIG_IPV6)
1061 if ((info && ip_tunnel_info_af(info) == AF_INET6) ||
1062 (!info && geneve->remote.sa.sa_family == AF_INET6))
1063 err = geneve6_xmit_skb(skb, dev, info);
1064 else
1065 #endif
1066 err = geneve_xmit_skb(skb, dev, info);
1067 rcu_read_unlock();
1068
1069 return err;
1070 }
1071
1072 static int __geneve_change_mtu(struct net_device *dev, int new_mtu, bool strict)
1073 {
1074 struct geneve_dev *geneve = netdev_priv(dev);
1075 /* The max_mtu calculation does not take account of GENEVE
1076 * options, to avoid excluding potentially valid
1077 * configurations.
1078 */
1079 int max_mtu = IP_MAX_MTU - GENEVE_BASE_HLEN - dev->hard_header_len;
1080
1081 if (geneve->remote.sa.sa_family == AF_INET6)
1082 max_mtu -= sizeof(struct ipv6hdr);
1083 else
1084 max_mtu -= sizeof(struct iphdr);
1085
1086 if (new_mtu < 68)
1087 return -EINVAL;
1088
1089 if (new_mtu > max_mtu) {
1090 if (strict)
1091 return -EINVAL;
1092
1093 new_mtu = max_mtu;
1094 }
1095
1096 dev->mtu = new_mtu;
1097 return 0;
1098 }
1099
1100 static int geneve_change_mtu(struct net_device *dev, int new_mtu)
1101 {
1102 return __geneve_change_mtu(dev, new_mtu, true);
1103 }
1104
1105 static int geneve_fill_metadata_dst(struct net_device *dev, struct sk_buff *skb)
1106 {
1107 struct ip_tunnel_info *info = skb_tunnel_info(skb);
1108 struct geneve_dev *geneve = netdev_priv(dev);
1109 struct rtable *rt;
1110 struct flowi4 fl4;
1111 #if IS_ENABLED(CONFIG_IPV6)
1112 struct dst_entry *dst;
1113 struct flowi6 fl6;
1114 #endif
1115
1116 if (ip_tunnel_info_af(info) == AF_INET) {
1117 rt = geneve_get_v4_rt(skb, dev, &fl4, info);
1118 if (IS_ERR(rt))
1119 return PTR_ERR(rt);
1120
1121 ip_rt_put(rt);
1122 info->key.u.ipv4.src = fl4.saddr;
1123 #if IS_ENABLED(CONFIG_IPV6)
1124 } else if (ip_tunnel_info_af(info) == AF_INET6) {
1125 dst = geneve_get_v6_dst(skb, dev, &fl6, info);
1126 if (IS_ERR(dst))
1127 return PTR_ERR(dst);
1128
1129 dst_release(dst);
1130 info->key.u.ipv6.src = fl6.saddr;
1131 #endif
1132 } else {
1133 return -EINVAL;
1134 }
1135
1136 info->key.tp_src = udp_flow_src_port(geneve->net, skb,
1137 1, USHRT_MAX, true);
1138 info->key.tp_dst = geneve->dst_port;
1139 return 0;
1140 }
1141
1142 static const struct net_device_ops geneve_netdev_ops = {
1143 .ndo_init = geneve_init,
1144 .ndo_uninit = geneve_uninit,
1145 .ndo_open = geneve_open,
1146 .ndo_stop = geneve_stop,
1147 .ndo_start_xmit = geneve_xmit,
1148 .ndo_get_stats64 = ip_tunnel_get_stats64,
1149 .ndo_change_mtu = geneve_change_mtu,
1150 .ndo_validate_addr = eth_validate_addr,
1151 .ndo_set_mac_address = eth_mac_addr,
1152 .ndo_fill_metadata_dst = geneve_fill_metadata_dst,
1153 };
1154
1155 static void geneve_get_drvinfo(struct net_device *dev,
1156 struct ethtool_drvinfo *drvinfo)
1157 {
1158 strlcpy(drvinfo->version, GENEVE_NETDEV_VER, sizeof(drvinfo->version));
1159 strlcpy(drvinfo->driver, "geneve", sizeof(drvinfo->driver));
1160 }
1161
1162 static const struct ethtool_ops geneve_ethtool_ops = {
1163 .get_drvinfo = geneve_get_drvinfo,
1164 .get_link = ethtool_op_get_link,
1165 };
1166
1167 /* Info for udev, that this is a virtual tunnel endpoint */
1168 static struct device_type geneve_type = {
1169 .name = "geneve",
1170 };
1171
1172 /* Calls the ndo_udp_tunnel_add of the caller in order to
1173 * supply the listening GENEVE udp ports. Callers are expected
1174 * to implement the ndo_udp_tunnel_add.
1175 */
1176 static void geneve_push_rx_ports(struct net_device *dev)
1177 {
1178 struct net *net = dev_net(dev);
1179 struct geneve_net *gn = net_generic(net, geneve_net_id);
1180 struct geneve_sock *gs;
1181
1182 rcu_read_lock();
1183 list_for_each_entry_rcu(gs, &gn->sock_list, list)
1184 udp_tunnel_push_rx_port(dev, gs->sock,
1185 UDP_TUNNEL_TYPE_GENEVE);
1186 rcu_read_unlock();
1187 }
1188
1189 /* Initialize the device structure. */
1190 static void geneve_setup(struct net_device *dev)
1191 {
1192 ether_setup(dev);
1193
1194 dev->netdev_ops = &geneve_netdev_ops;
1195 dev->ethtool_ops = &geneve_ethtool_ops;
1196 dev->destructor = free_netdev;
1197
1198 SET_NETDEV_DEVTYPE(dev, &geneve_type);
1199
1200 dev->features |= NETIF_F_LLTX;
1201 dev->features |= NETIF_F_SG | NETIF_F_HW_CSUM;
1202 dev->features |= NETIF_F_RXCSUM;
1203 dev->features |= NETIF_F_GSO_SOFTWARE;
1204
1205 dev->hw_features |= NETIF_F_SG | NETIF_F_HW_CSUM | NETIF_F_RXCSUM;
1206 dev->hw_features |= NETIF_F_GSO_SOFTWARE;
1207
1208 netif_keep_dst(dev);
1209 dev->priv_flags &= ~IFF_TX_SKB_SHARING;
1210 dev->priv_flags |= IFF_LIVE_ADDR_CHANGE | IFF_NO_QUEUE;
1211 eth_hw_addr_random(dev);
1212 }
1213
1214 static const struct nla_policy geneve_policy[IFLA_GENEVE_MAX + 1] = {
1215 [IFLA_GENEVE_ID] = { .type = NLA_U32 },
1216 [IFLA_GENEVE_REMOTE] = { .len = FIELD_SIZEOF(struct iphdr, daddr) },
1217 [IFLA_GENEVE_REMOTE6] = { .len = sizeof(struct in6_addr) },
1218 [IFLA_GENEVE_TTL] = { .type = NLA_U8 },
1219 [IFLA_GENEVE_TOS] = { .type = NLA_U8 },
1220 [IFLA_GENEVE_LABEL] = { .type = NLA_U32 },
1221 [IFLA_GENEVE_PORT] = { .type = NLA_U16 },
1222 [IFLA_GENEVE_COLLECT_METADATA] = { .type = NLA_FLAG },
1223 [IFLA_GENEVE_UDP_CSUM] = { .type = NLA_U8 },
1224 [IFLA_GENEVE_UDP_ZERO_CSUM6_TX] = { .type = NLA_U8 },
1225 [IFLA_GENEVE_UDP_ZERO_CSUM6_RX] = { .type = NLA_U8 },
1226 };
1227
1228 static int geneve_validate(struct nlattr *tb[], struct nlattr *data[])
1229 {
1230 if (tb[IFLA_ADDRESS]) {
1231 if (nla_len(tb[IFLA_ADDRESS]) != ETH_ALEN)
1232 return -EINVAL;
1233
1234 if (!is_valid_ether_addr(nla_data(tb[IFLA_ADDRESS])))
1235 return -EADDRNOTAVAIL;
1236 }
1237
1238 if (!data)
1239 return -EINVAL;
1240
1241 if (data[IFLA_GENEVE_ID]) {
1242 __u32 vni = nla_get_u32(data[IFLA_GENEVE_ID]);
1243
1244 if (vni >= GENEVE_VID_MASK)
1245 return -ERANGE;
1246 }
1247
1248 return 0;
1249 }
1250
1251 static struct geneve_dev *geneve_find_dev(struct geneve_net *gn,
1252 __be16 dst_port,
1253 union geneve_addr *remote,
1254 u8 vni[],
1255 bool *tun_on_same_port,
1256 bool *tun_collect_md)
1257 {
1258 struct geneve_dev *geneve, *t;
1259
1260 *tun_on_same_port = false;
1261 *tun_collect_md = false;
1262 t = NULL;
1263 list_for_each_entry(geneve, &gn->geneve_list, next) {
1264 if (geneve->dst_port == dst_port) {
1265 *tun_collect_md = geneve->collect_md;
1266 *tun_on_same_port = true;
1267 }
1268 if (!memcmp(vni, geneve->vni, sizeof(geneve->vni)) &&
1269 !memcmp(remote, &geneve->remote, sizeof(geneve->remote)) &&
1270 dst_port == geneve->dst_port)
1271 t = geneve;
1272 }
1273 return t;
1274 }
1275
1276 static int geneve_configure(struct net *net, struct net_device *dev,
1277 union geneve_addr *remote,
1278 __u32 vni, __u8 ttl, __u8 tos, __be32 label,
1279 __be16 dst_port, bool metadata, u32 flags)
1280 {
1281 struct geneve_net *gn = net_generic(net, geneve_net_id);
1282 struct geneve_dev *t, *geneve = netdev_priv(dev);
1283 bool tun_collect_md, tun_on_same_port;
1284 int err, encap_len;
1285
1286 if (!remote)
1287 return -EINVAL;
1288 if (metadata &&
1289 (remote->sa.sa_family != AF_UNSPEC || vni || tos || ttl || label))
1290 return -EINVAL;
1291
1292 geneve->net = net;
1293 geneve->dev = dev;
1294
1295 geneve->vni[0] = (vni & 0x00ff0000) >> 16;
1296 geneve->vni[1] = (vni & 0x0000ff00) >> 8;
1297 geneve->vni[2] = vni & 0x000000ff;
1298
1299 if ((remote->sa.sa_family == AF_INET &&
1300 IN_MULTICAST(ntohl(remote->sin.sin_addr.s_addr))) ||
1301 (remote->sa.sa_family == AF_INET6 &&
1302 ipv6_addr_is_multicast(&remote->sin6.sin6_addr)))
1303 return -EINVAL;
1304 if (label && remote->sa.sa_family != AF_INET6)
1305 return -EINVAL;
1306
1307 geneve->remote = *remote;
1308
1309 geneve->ttl = ttl;
1310 geneve->tos = tos;
1311 geneve->label = label;
1312 geneve->dst_port = dst_port;
1313 geneve->collect_md = metadata;
1314 geneve->flags = flags;
1315
1316 t = geneve_find_dev(gn, dst_port, remote, geneve->vni,
1317 &tun_on_same_port, &tun_collect_md);
1318 if (t)
1319 return -EBUSY;
1320
1321 /* make enough headroom for basic scenario */
1322 encap_len = GENEVE_BASE_HLEN + ETH_HLEN;
1323 if (remote->sa.sa_family == AF_INET)
1324 encap_len += sizeof(struct iphdr);
1325 else
1326 encap_len += sizeof(struct ipv6hdr);
1327 dev->needed_headroom = encap_len + ETH_HLEN;
1328
1329 if (metadata) {
1330 if (tun_on_same_port)
1331 return -EPERM;
1332 } else {
1333 if (tun_collect_md)
1334 return -EPERM;
1335 }
1336
1337 dst_cache_reset(&geneve->dst_cache);
1338
1339 err = register_netdevice(dev);
1340 if (err)
1341 return err;
1342
1343 list_add(&geneve->next, &gn->geneve_list);
1344 return 0;
1345 }
1346
1347 static int geneve_newlink(struct net *net, struct net_device *dev,
1348 struct nlattr *tb[], struct nlattr *data[])
1349 {
1350 __be16 dst_port = htons(GENEVE_UDP_PORT);
1351 __u8 ttl = 0, tos = 0;
1352 bool metadata = false;
1353 union geneve_addr remote = geneve_remote_unspec;
1354 __be32 label = 0;
1355 __u32 vni = 0;
1356 u32 flags = 0;
1357
1358 if (data[IFLA_GENEVE_REMOTE] && data[IFLA_GENEVE_REMOTE6])
1359 return -EINVAL;
1360
1361 if (data[IFLA_GENEVE_REMOTE]) {
1362 remote.sa.sa_family = AF_INET;
1363 remote.sin.sin_addr.s_addr =
1364 nla_get_in_addr(data[IFLA_GENEVE_REMOTE]);
1365 }
1366
1367 if (data[IFLA_GENEVE_REMOTE6]) {
1368 if (!IS_ENABLED(CONFIG_IPV6))
1369 return -EPFNOSUPPORT;
1370
1371 remote.sa.sa_family = AF_INET6;
1372 remote.sin6.sin6_addr =
1373 nla_get_in6_addr(data[IFLA_GENEVE_REMOTE6]);
1374
1375 if (ipv6_addr_type(&remote.sin6.sin6_addr) &
1376 IPV6_ADDR_LINKLOCAL) {
1377 netdev_dbg(dev, "link-local remote is unsupported\n");
1378 return -EINVAL;
1379 }
1380 }
1381
1382 if (data[IFLA_GENEVE_ID])
1383 vni = nla_get_u32(data[IFLA_GENEVE_ID]);
1384
1385 if (data[IFLA_GENEVE_TTL])
1386 ttl = nla_get_u8(data[IFLA_GENEVE_TTL]);
1387
1388 if (data[IFLA_GENEVE_TOS])
1389 tos = nla_get_u8(data[IFLA_GENEVE_TOS]);
1390
1391 if (data[IFLA_GENEVE_LABEL])
1392 label = nla_get_be32(data[IFLA_GENEVE_LABEL]) &
1393 IPV6_FLOWLABEL_MASK;
1394
1395 if (data[IFLA_GENEVE_PORT])
1396 dst_port = nla_get_be16(data[IFLA_GENEVE_PORT]);
1397
1398 if (data[IFLA_GENEVE_COLLECT_METADATA])
1399 metadata = true;
1400
1401 if (data[IFLA_GENEVE_UDP_CSUM] &&
1402 !nla_get_u8(data[IFLA_GENEVE_UDP_CSUM]))
1403 flags |= GENEVE_F_UDP_ZERO_CSUM_TX;
1404
1405 if (data[IFLA_GENEVE_UDP_ZERO_CSUM6_TX] &&
1406 nla_get_u8(data[IFLA_GENEVE_UDP_ZERO_CSUM6_TX]))
1407 flags |= GENEVE_F_UDP_ZERO_CSUM6_TX;
1408
1409 if (data[IFLA_GENEVE_UDP_ZERO_CSUM6_RX] &&
1410 nla_get_u8(data[IFLA_GENEVE_UDP_ZERO_CSUM6_RX]))
1411 flags |= GENEVE_F_UDP_ZERO_CSUM6_RX;
1412
1413 return geneve_configure(net, dev, &remote, vni, ttl, tos, label,
1414 dst_port, metadata, flags);
1415 }
1416
1417 static void geneve_dellink(struct net_device *dev, struct list_head *head)
1418 {
1419 struct geneve_dev *geneve = netdev_priv(dev);
1420
1421 list_del(&geneve->next);
1422 unregister_netdevice_queue(dev, head);
1423 }
1424
1425 static size_t geneve_get_size(const struct net_device *dev)
1426 {
1427 return nla_total_size(sizeof(__u32)) + /* IFLA_GENEVE_ID */
1428 nla_total_size(sizeof(struct in6_addr)) + /* IFLA_GENEVE_REMOTE{6} */
1429 nla_total_size(sizeof(__u8)) + /* IFLA_GENEVE_TTL */
1430 nla_total_size(sizeof(__u8)) + /* IFLA_GENEVE_TOS */
1431 nla_total_size(sizeof(__be32)) + /* IFLA_GENEVE_LABEL */
1432 nla_total_size(sizeof(__be16)) + /* IFLA_GENEVE_PORT */
1433 nla_total_size(0) + /* IFLA_GENEVE_COLLECT_METADATA */
1434 nla_total_size(sizeof(__u8)) + /* IFLA_GENEVE_UDP_CSUM */
1435 nla_total_size(sizeof(__u8)) + /* IFLA_GENEVE_UDP_ZERO_CSUM6_TX */
1436 nla_total_size(sizeof(__u8)) + /* IFLA_GENEVE_UDP_ZERO_CSUM6_RX */
1437 0;
1438 }
1439
1440 static int geneve_fill_info(struct sk_buff *skb, const struct net_device *dev)
1441 {
1442 struct geneve_dev *geneve = netdev_priv(dev);
1443 __u32 vni;
1444
1445 vni = (geneve->vni[0] << 16) | (geneve->vni[1] << 8) | geneve->vni[2];
1446 if (nla_put_u32(skb, IFLA_GENEVE_ID, vni))
1447 goto nla_put_failure;
1448
1449 if (geneve->remote.sa.sa_family == AF_INET) {
1450 if (nla_put_in_addr(skb, IFLA_GENEVE_REMOTE,
1451 geneve->remote.sin.sin_addr.s_addr))
1452 goto nla_put_failure;
1453 #if IS_ENABLED(CONFIG_IPV6)
1454 } else {
1455 if (nla_put_in6_addr(skb, IFLA_GENEVE_REMOTE6,
1456 &geneve->remote.sin6.sin6_addr))
1457 goto nla_put_failure;
1458 #endif
1459 }
1460
1461 if (nla_put_u8(skb, IFLA_GENEVE_TTL, geneve->ttl) ||
1462 nla_put_u8(skb, IFLA_GENEVE_TOS, geneve->tos) ||
1463 nla_put_be32(skb, IFLA_GENEVE_LABEL, geneve->label))
1464 goto nla_put_failure;
1465
1466 if (nla_put_be16(skb, IFLA_GENEVE_PORT, geneve->dst_port))
1467 goto nla_put_failure;
1468
1469 if (geneve->collect_md) {
1470 if (nla_put_flag(skb, IFLA_GENEVE_COLLECT_METADATA))
1471 goto nla_put_failure;
1472 }
1473
1474 if (nla_put_u8(skb, IFLA_GENEVE_UDP_CSUM,
1475 !(geneve->flags & GENEVE_F_UDP_ZERO_CSUM_TX)) ||
1476 nla_put_u8(skb, IFLA_GENEVE_UDP_ZERO_CSUM6_TX,
1477 !!(geneve->flags & GENEVE_F_UDP_ZERO_CSUM6_TX)) ||
1478 nla_put_u8(skb, IFLA_GENEVE_UDP_ZERO_CSUM6_RX,
1479 !!(geneve->flags & GENEVE_F_UDP_ZERO_CSUM6_RX)))
1480 goto nla_put_failure;
1481
1482 return 0;
1483
1484 nla_put_failure:
1485 return -EMSGSIZE;
1486 }
1487
1488 static struct rtnl_link_ops geneve_link_ops __read_mostly = {
1489 .kind = "geneve",
1490 .maxtype = IFLA_GENEVE_MAX,
1491 .policy = geneve_policy,
1492 .priv_size = sizeof(struct geneve_dev),
1493 .setup = geneve_setup,
1494 .validate = geneve_validate,
1495 .newlink = geneve_newlink,
1496 .dellink = geneve_dellink,
1497 .get_size = geneve_get_size,
1498 .fill_info = geneve_fill_info,
1499 };
1500
1501 struct net_device *geneve_dev_create_fb(struct net *net, const char *name,
1502 u8 name_assign_type, u16 dst_port)
1503 {
1504 struct nlattr *tb[IFLA_MAX + 1];
1505 struct net_device *dev;
1506 LIST_HEAD(list_kill);
1507 int err;
1508
1509 memset(tb, 0, sizeof(tb));
1510 dev = rtnl_create_link(net, name, name_assign_type,
1511 &geneve_link_ops, tb);
1512 if (IS_ERR(dev))
1513 return dev;
1514
1515 err = geneve_configure(net, dev, &geneve_remote_unspec,
1516 0, 0, 0, 0, htons(dst_port), true,
1517 GENEVE_F_UDP_ZERO_CSUM6_RX);
1518 if (err) {
1519 free_netdev(dev);
1520 return ERR_PTR(err);
1521 }
1522
1523 /* openvswitch users expect packet sizes to be unrestricted,
1524 * so set the largest MTU we can.
1525 */
1526 err = __geneve_change_mtu(dev, IP_MAX_MTU, false);
1527 if (err)
1528 goto err;
1529
1530 err = rtnl_configure_link(dev, NULL);
1531 if (err < 0)
1532 goto err;
1533
1534 return dev;
1535
1536 err:
1537 geneve_dellink(dev, &list_kill);
1538 unregister_netdevice_many(&list_kill);
1539 return ERR_PTR(err);
1540 }
1541 EXPORT_SYMBOL_GPL(geneve_dev_create_fb);
1542
1543 static int geneve_netdevice_event(struct notifier_block *unused,
1544 unsigned long event, void *ptr)
1545 {
1546 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
1547
1548 if (event == NETDEV_UDP_TUNNEL_PUSH_INFO)
1549 geneve_push_rx_ports(dev);
1550
1551 return NOTIFY_DONE;
1552 }
1553
1554 static struct notifier_block geneve_notifier_block __read_mostly = {
1555 .notifier_call = geneve_netdevice_event,
1556 };
1557
1558 static __net_init int geneve_init_net(struct net *net)
1559 {
1560 struct geneve_net *gn = net_generic(net, geneve_net_id);
1561
1562 INIT_LIST_HEAD(&gn->geneve_list);
1563 INIT_LIST_HEAD(&gn->sock_list);
1564 return 0;
1565 }
1566
1567 static void __net_exit geneve_exit_net(struct net *net)
1568 {
1569 struct geneve_net *gn = net_generic(net, geneve_net_id);
1570 struct geneve_dev *geneve, *next;
1571 struct net_device *dev, *aux;
1572 LIST_HEAD(list);
1573
1574 rtnl_lock();
1575
1576 /* gather any geneve devices that were moved into this ns */
1577 for_each_netdev_safe(net, dev, aux)
1578 if (dev->rtnl_link_ops == &geneve_link_ops)
1579 unregister_netdevice_queue(dev, &list);
1580
1581 /* now gather any other geneve devices that were created in this ns */
1582 list_for_each_entry_safe(geneve, next, &gn->geneve_list, next) {
1583 /* If geneve->dev is in the same netns, it was already added
1584 * to the list by the previous loop.
1585 */
1586 if (!net_eq(dev_net(geneve->dev), net))
1587 unregister_netdevice_queue(geneve->dev, &list);
1588 }
1589
1590 /* unregister the devices gathered above */
1591 unregister_netdevice_many(&list);
1592 rtnl_unlock();
1593 }
1594
1595 static struct pernet_operations geneve_net_ops = {
1596 .init = geneve_init_net,
1597 .exit = geneve_exit_net,
1598 .id = &geneve_net_id,
1599 .size = sizeof(struct geneve_net),
1600 };
1601
1602 static int __init geneve_init_module(void)
1603 {
1604 int rc;
1605
1606 rc = register_pernet_subsys(&geneve_net_ops);
1607 if (rc)
1608 goto out1;
1609
1610 rc = register_netdevice_notifier(&geneve_notifier_block);
1611 if (rc)
1612 goto out2;
1613
1614 rc = rtnl_link_register(&geneve_link_ops);
1615 if (rc)
1616 goto out3;
1617
1618 return 0;
1619
1620 out3:
1621 unregister_netdevice_notifier(&geneve_notifier_block);
1622 out2:
1623 unregister_pernet_subsys(&geneve_net_ops);
1624 out1:
1625 return rc;
1626 }
1627 late_initcall(geneve_init_module);
1628
1629 static void __exit geneve_cleanup_module(void)
1630 {
1631 rtnl_link_unregister(&geneve_link_ops);
1632 unregister_netdevice_notifier(&geneve_notifier_block);
1633 unregister_pernet_subsys(&geneve_net_ops);
1634 }
1635 module_exit(geneve_cleanup_module);
1636
1637 MODULE_LICENSE("GPL");
1638 MODULE_VERSION(GENEVE_NETDEV_VER);
1639 MODULE_AUTHOR("John W. Linville <linville@tuxdriver.com>");
1640 MODULE_DESCRIPTION("Interface driver for GENEVE encapsulated traffic");
1641 MODULE_ALIAS_RTNL_LINK("geneve");
Linux with added FPC-III support