2 * Linux NET3: IP/IP protocol decoder modified to support
3 * virtual tunnel interface
6 * Saurabh Mohan (saurabh.mohan@vyatta.com) 05/07/2012
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public License
10 * as published by the Free Software Foundation; either version
11 * 2 of the License, or (at your option) any later version.
16 This version of net/ipv4/ip_vti.c is cloned of net/ipv4/ipip.c
18 For comments look at net/ipv4/ip_gre.c --ANK
22 #include <linux/capability.h>
23 #include <linux/module.h>
24 #include <linux/types.h>
25 #include <linux/kernel.h>
26 #include <linux/uaccess.h>
27 #include <linux/skbuff.h>
28 #include <linux/netdevice.h>
30 #include <linux/tcp.h>
31 #include <linux/udp.h>
32 #include <linux/if_arp.h>
33 #include <linux/mroute.h>
34 #include <linux/init.h>
35 #include <linux/netfilter_ipv4.h>
36 #include <linux/if_ether.h>
41 #include <net/ip_tunnels.h>
42 #include <net/inet_ecn.h>
44 #include <net/net_namespace.h>
45 #include <net/netns/generic.h>
47 static struct rtnl_link_ops vti_link_ops __read_mostly
;
49 static int vti_net_id __read_mostly
;
50 static int vti_tunnel_init(struct net_device
*dev
);
52 /* We dont digest the packet therefore let the packet pass */
53 static int vti_rcv(struct sk_buff
*skb
)
55 struct ip_tunnel
*tunnel
;
56 const struct iphdr
*iph
= ip_hdr(skb
);
57 struct net
*net
= dev_net(skb
->dev
);
58 struct ip_tunnel_net
*itn
= net_generic(net
, vti_net_id
);
60 tunnel
= ip_tunnel_lookup(itn
, skb
->dev
->ifindex
, TUNNEL_NO_KEY
,
61 iph
->saddr
, iph
->daddr
, 0);
63 struct pcpu_sw_netstats
*tstats
;
64 u32 oldmark
= skb
->mark
;
68 /* temporarily mark the skb with the tunnel o_key, to
69 * only match policies with this mark.
71 skb
->mark
= be32_to_cpu(tunnel
->parms
.o_key
);
72 ret
= xfrm4_policy_check(NULL
, XFRM_POLICY_IN
, skb
);
77 tstats
= this_cpu_ptr(tunnel
->dev
->tstats
);
78 u64_stats_update_begin(&tstats
->syncp
);
80 tstats
->rx_bytes
+= skb
->len
;
81 u64_stats_update_end(&tstats
->syncp
);
84 skb
->dev
= tunnel
->dev
;
91 /* This function assumes it is being called from dev_queue_xmit()
92 * and that skb is filled properly by that function.
95 static netdev_tx_t
vti_tunnel_xmit(struct sk_buff
*skb
, struct net_device
*dev
)
97 struct ip_tunnel
*tunnel
= netdev_priv(dev
);
98 struct iphdr
*tiph
= &tunnel
->parms
.iph
;
100 struct rtable
*rt
; /* Route to the other host */
101 struct net_device
*tdev
; /* Device to other host */
102 struct iphdr
*old_iph
= ip_hdr(skb
);
103 __be32 dst
= tiph
->daddr
;
107 if (skb
->protocol
!= htons(ETH_P_IP
))
112 memset(&fl4
, 0, sizeof(fl4
));
113 flowi4_init_output(&fl4
, tunnel
->parms
.link
,
114 be32_to_cpu(tunnel
->parms
.o_key
), RT_TOS(tos
),
117 dst
, tiph
->saddr
, 0, 0);
118 rt
= ip_route_output_key(dev_net(dev
), &fl4
);
120 dev
->stats
.tx_carrier_errors
++;
123 /* if there is no transform then this tunnel is not functional.
124 * Or if the xfrm is not mode tunnel.
127 rt
->dst
.xfrm
->props
.mode
!= XFRM_MODE_TUNNEL
) {
128 dev
->stats
.tx_carrier_errors
++;
136 dev
->stats
.collisions
++;
140 if (tunnel
->err_count
> 0) {
141 if (time_before(jiffies
,
142 tunnel
->err_time
+ IPTUNNEL_ERR_TIMEO
)) {
144 dst_link_failure(skb
);
146 tunnel
->err_count
= 0;
149 memset(IPCB(skb
), 0, sizeof(*IPCB(skb
)));
151 skb_dst_set(skb
, &rt
->dst
);
153 skb
->dev
= skb_dst(skb
)->dev
;
155 err
= dst_output(skb
);
156 if (net_xmit_eval(err
) == 0)
158 iptunnel_xmit_stats(err
, &dev
->stats
, dev
->tstats
);
162 dst_link_failure(skb
);
164 dev
->stats
.tx_errors
++;
170 vti_tunnel_ioctl(struct net_device
*dev
, struct ifreq
*ifr
, int cmd
)
173 struct ip_tunnel_parm p
;
175 if (copy_from_user(&p
, ifr
->ifr_ifru
.ifru_data
, sizeof(p
)))
178 if (cmd
== SIOCADDTUNNEL
|| cmd
== SIOCCHGTUNNEL
) {
179 if (p
.iph
.version
!= 4 || p
.iph
.protocol
!= IPPROTO_IPIP
||
184 err
= ip_tunnel_ioctl(dev
, &p
, cmd
);
188 if (cmd
!= SIOCDELTUNNEL
) {
189 p
.i_flags
|= GRE_KEY
| VTI_ISVTI
;
190 p
.o_flags
|= GRE_KEY
;
193 if (copy_to_user(ifr
->ifr_ifru
.ifru_data
, &p
, sizeof(p
)))
198 static const struct net_device_ops vti_netdev_ops
= {
199 .ndo_init
= vti_tunnel_init
,
200 .ndo_uninit
= ip_tunnel_uninit
,
201 .ndo_start_xmit
= vti_tunnel_xmit
,
202 .ndo_do_ioctl
= vti_tunnel_ioctl
,
203 .ndo_change_mtu
= ip_tunnel_change_mtu
,
204 .ndo_get_stats64
= ip_tunnel_get_stats64
,
207 static void vti_tunnel_setup(struct net_device
*dev
)
209 dev
->netdev_ops
= &vti_netdev_ops
;
210 ip_tunnel_setup(dev
, vti_net_id
);
213 static int vti_tunnel_init(struct net_device
*dev
)
215 struct ip_tunnel
*tunnel
= netdev_priv(dev
);
216 struct iphdr
*iph
= &tunnel
->parms
.iph
;
218 memcpy(dev
->dev_addr
, &iph
->saddr
, 4);
219 memcpy(dev
->broadcast
, &iph
->daddr
, 4);
221 dev
->type
= ARPHRD_TUNNEL
;
222 dev
->hard_header_len
= LL_MAX_HEADER
+ sizeof(struct iphdr
);
223 dev
->mtu
= ETH_DATA_LEN
;
224 dev
->flags
= IFF_NOARP
;
227 dev
->features
|= NETIF_F_NETNS_LOCAL
;
228 dev
->features
|= NETIF_F_LLTX
;
229 dev
->priv_flags
&= ~IFF_XMIT_DST_RELEASE
;
231 return ip_tunnel_init(dev
);
234 static void __net_init
vti_fb_tunnel_init(struct net_device
*dev
)
236 struct ip_tunnel
*tunnel
= netdev_priv(dev
);
237 struct iphdr
*iph
= &tunnel
->parms
.iph
;
240 iph
->protocol
= IPPROTO_IPIP
;
244 static struct xfrm_tunnel_notifier vti_handler __read_mostly
= {
249 static int __net_init
vti_init_net(struct net
*net
)
252 struct ip_tunnel_net
*itn
;
254 err
= ip_tunnel_init_net(net
, vti_net_id
, &vti_link_ops
, "ip_vti0");
257 itn
= net_generic(net
, vti_net_id
);
258 vti_fb_tunnel_init(itn
->fb_tunnel_dev
);
262 static void __net_exit
vti_exit_net(struct net
*net
)
264 struct ip_tunnel_net
*itn
= net_generic(net
, vti_net_id
);
265 ip_tunnel_delete_net(itn
, &vti_link_ops
);
268 static struct pernet_operations vti_net_ops
= {
269 .init
= vti_init_net
,
270 .exit
= vti_exit_net
,
272 .size
= sizeof(struct ip_tunnel_net
),
275 static int vti_tunnel_validate(struct nlattr
*tb
[], struct nlattr
*data
[])
280 static void vti_netlink_parms(struct nlattr
*data
[],
281 struct ip_tunnel_parm
*parms
)
283 memset(parms
, 0, sizeof(*parms
));
285 parms
->iph
.protocol
= IPPROTO_IPIP
;
290 if (data
[IFLA_VTI_LINK
])
291 parms
->link
= nla_get_u32(data
[IFLA_VTI_LINK
]);
293 if (data
[IFLA_VTI_IKEY
])
294 parms
->i_key
= nla_get_be32(data
[IFLA_VTI_IKEY
]);
296 if (data
[IFLA_VTI_OKEY
])
297 parms
->o_key
= nla_get_be32(data
[IFLA_VTI_OKEY
]);
299 if (data
[IFLA_VTI_LOCAL
])
300 parms
->iph
.saddr
= nla_get_be32(data
[IFLA_VTI_LOCAL
]);
302 if (data
[IFLA_VTI_REMOTE
])
303 parms
->iph
.daddr
= nla_get_be32(data
[IFLA_VTI_REMOTE
]);
307 static int vti_newlink(struct net
*src_net
, struct net_device
*dev
,
308 struct nlattr
*tb
[], struct nlattr
*data
[])
310 struct ip_tunnel_parm parms
;
312 vti_netlink_parms(data
, &parms
);
313 return ip_tunnel_newlink(dev
, tb
, &parms
);
316 static int vti_changelink(struct net_device
*dev
, struct nlattr
*tb
[],
317 struct nlattr
*data
[])
319 struct ip_tunnel_parm p
;
321 vti_netlink_parms(data
, &p
);
322 return ip_tunnel_changelink(dev
, tb
, &p
);
325 static size_t vti_get_size(const struct net_device
*dev
)
336 /* IFLA_VTI_REMOTE */
341 static int vti_fill_info(struct sk_buff
*skb
, const struct net_device
*dev
)
343 struct ip_tunnel
*t
= netdev_priv(dev
);
344 struct ip_tunnel_parm
*p
= &t
->parms
;
346 nla_put_u32(skb
, IFLA_VTI_LINK
, p
->link
);
347 nla_put_be32(skb
, IFLA_VTI_IKEY
, p
->i_key
);
348 nla_put_be32(skb
, IFLA_VTI_OKEY
, p
->o_key
);
349 nla_put_be32(skb
, IFLA_VTI_LOCAL
, p
->iph
.saddr
);
350 nla_put_be32(skb
, IFLA_VTI_REMOTE
, p
->iph
.daddr
);
355 static const struct nla_policy vti_policy
[IFLA_VTI_MAX
+ 1] = {
356 [IFLA_VTI_LINK
] = { .type
= NLA_U32
},
357 [IFLA_VTI_IKEY
] = { .type
= NLA_U32
},
358 [IFLA_VTI_OKEY
] = { .type
= NLA_U32
},
359 [IFLA_VTI_LOCAL
] = { .len
= FIELD_SIZEOF(struct iphdr
, saddr
) },
360 [IFLA_VTI_REMOTE
] = { .len
= FIELD_SIZEOF(struct iphdr
, daddr
) },
363 static struct rtnl_link_ops vti_link_ops __read_mostly
= {
365 .maxtype
= IFLA_VTI_MAX
,
366 .policy
= vti_policy
,
367 .priv_size
= sizeof(struct ip_tunnel
),
368 .setup
= vti_tunnel_setup
,
369 .validate
= vti_tunnel_validate
,
370 .newlink
= vti_newlink
,
371 .changelink
= vti_changelink
,
372 .get_size
= vti_get_size
,
373 .fill_info
= vti_fill_info
,
376 static int __init
vti_init(void)
380 pr_info("IPv4 over IPSec tunneling driver\n");
382 err
= register_pernet_device(&vti_net_ops
);
385 err
= xfrm4_mode_tunnel_input_register(&vti_handler
);
387 unregister_pernet_device(&vti_net_ops
);
388 pr_info("vti init: can't register tunnel\n");
391 err
= rtnl_link_register(&vti_link_ops
);
393 goto rtnl_link_failed
;
398 xfrm4_mode_tunnel_input_deregister(&vti_handler
);
399 unregister_pernet_device(&vti_net_ops
);
403 static void __exit
vti_fini(void)
405 rtnl_link_unregister(&vti_link_ops
);
406 if (xfrm4_mode_tunnel_input_deregister(&vti_handler
))
407 pr_info("vti close: can't deregister tunnel\n");
409 unregister_pernet_device(&vti_net_ops
);
412 module_init(vti_init
);
413 module_exit(vti_fini
);
414 MODULE_LICENSE("GPL");
415 MODULE_ALIAS_RTNL_LINK("vti");
416 MODULE_ALIAS_NETDEV("ip_vti0");