| ip_gre.c (330f28f691e9b349e34adcaf82b273cf061bb491) | ip_gre.c (81adee47dfb608df3ad0b91d230fb3cef75f0060) |
|---|---|
| 1/* 2 * Linux NET3: GRE over IP protocol decoder. 3 * 4 * Authors: Alexey Kuznetsov (kuznet@ms2.inr.ac.ru) 5 * 6 * This program is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU General Public License 8 * as published by the Free Software Foundation; either version --- 142 unchanged lines hidden (view full) --- 151 */ 152 153#define HASH(addr) (((__force u32)addr^((__force u32)addr>>4))&0xF) 154 155#define tunnels_r_l tunnels[3] 156#define tunnels_r tunnels[2] 157#define tunnels_l tunnels[1] 158#define tunnels_wc tunnels[0] | 1/* 2 * Linux NET3: GRE over IP protocol decoder. 3 * 4 * Authors: Alexey Kuznetsov (kuznet@ms2.inr.ac.ru) 5 * 6 * This program is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU General Public License 8 * as published by the Free Software Foundation; either version --- 142 unchanged lines hidden (view full) --- 151 */ 152 153#define HASH(addr) (((__force u32)addr^((__force u32)addr>>4))&0xF) 154 155#define tunnels_r_l tunnels[3] 156#define tunnels_r tunnels[2] 157#define tunnels_l tunnels[1] 158#define tunnels_wc tunnels[0] |
| 159/* 160 * Locking : hash tables are protected by RCU and a spinlock 161 */ 162static DEFINE_SPINLOCK(ipgre_lock); |
|
| 159 | 163 |
| 160static DEFINE_RWLOCK(ipgre_lock); | 164#define for_each_ip_tunnel_rcu(start) \ 165 for (t = rcu_dereference(start); t; t = rcu_dereference(t->next)) |
| 161 162/* Given src, dst and key, find appropriate for input tunnel. */ 163 164static struct ip_tunnel * ipgre_tunnel_lookup(struct net_device *dev, 165 __be32 remote, __be32 local, 166 __be32 key, __be16 gre_proto) 167{ 168 struct net *net = dev_net(dev); 169 int link = dev->ifindex; 170 unsigned h0 = HASH(remote); 171 unsigned h1 = HASH(key); 172 struct ip_tunnel *t, *cand = NULL; 173 struct ipgre_net *ign = net_generic(net, ipgre_net_id); 174 int dev_type = (gre_proto == htons(ETH_P_TEB)) ? 175 ARPHRD_ETHER : ARPHRD_IPGRE; 176 int score, cand_score = 4; 177 | 166 167/* Given src, dst and key, find appropriate for input tunnel. */ 168 169static struct ip_tunnel * ipgre_tunnel_lookup(struct net_device *dev, 170 __be32 remote, __be32 local, 171 __be32 key, __be16 gre_proto) 172{ 173 struct net *net = dev_net(dev); 174 int link = dev->ifindex; 175 unsigned h0 = HASH(remote); 176 unsigned h1 = HASH(key); 177 struct ip_tunnel *t, *cand = NULL; 178 struct ipgre_net *ign = net_generic(net, ipgre_net_id); 179 int dev_type = (gre_proto == htons(ETH_P_TEB)) ? 180 ARPHRD_ETHER : ARPHRD_IPGRE; 181 int score, cand_score = 4; 182 |
| 178 for (t = ign->tunnels_r_l[h0^h1]; t; t = t->next) { | 183 for_each_ip_tunnel_rcu(ign->tunnels_r_l[h0 ^ h1]) { |
| 179 if (local != t->parms.iph.saddr || 180 remote != t->parms.iph.daddr || 181 key != t->parms.i_key || 182 !(t->dev->flags & IFF_UP)) 183 continue; 184 185 if (t->dev->type != ARPHRD_IPGRE && 186 t->dev->type != dev_type) --- 8 unchanged lines hidden (view full) --- 195 return t; 196 197 if (score < cand_score) { 198 cand = t; 199 cand_score = score; 200 } 201 } 202 | 184 if (local != t->parms.iph.saddr || 185 remote != t->parms.iph.daddr || 186 key != t->parms.i_key || 187 !(t->dev->flags & IFF_UP)) 188 continue; 189 190 if (t->dev->type != ARPHRD_IPGRE && 191 t->dev->type != dev_type) --- 8 unchanged lines hidden (view full) --- 200 return t; 201 202 if (score < cand_score) { 203 cand = t; 204 cand_score = score; 205 } 206 } 207 |
| 203 for (t = ign->tunnels_r[h0^h1]; t; t = t->next) { | 208 for_each_ip_tunnel_rcu(ign->tunnels_r[h0 ^ h1]) { |
| 204 if (remote != t->parms.iph.daddr || 205 key != t->parms.i_key || 206 !(t->dev->flags & IFF_UP)) 207 continue; 208 209 if (t->dev->type != ARPHRD_IPGRE && 210 t->dev->type != dev_type) 211 continue; --- 7 unchanged lines hidden (view full) --- 219 return t; 220 221 if (score < cand_score) { 222 cand = t; 223 cand_score = score; 224 } 225 } 226 | 209 if (remote != t->parms.iph.daddr || 210 key != t->parms.i_key || 211 !(t->dev->flags & IFF_UP)) 212 continue; 213 214 if (t->dev->type != ARPHRD_IPGRE && 215 t->dev->type != dev_type) 216 continue; --- 7 unchanged lines hidden (view full) --- 224 return t; 225 226 if (score < cand_score) { 227 cand = t; 228 cand_score = score; 229 } 230 } 231 |
| 227 for (t = ign->tunnels_l[h1]; t; t = t->next) { | 232 for_each_ip_tunnel_rcu(ign->tunnels_l[h1]) { |
| 228 if ((local != t->parms.iph.saddr && 229 (local != t->parms.iph.daddr || 230 !ipv4_is_multicast(local))) || 231 key != t->parms.i_key || 232 !(t->dev->flags & IFF_UP)) 233 continue; 234 235 if (t->dev->type != ARPHRD_IPGRE && --- 9 unchanged lines hidden (view full) --- 245 return t; 246 247 if (score < cand_score) { 248 cand = t; 249 cand_score = score; 250 } 251 } 252 | 233 if ((local != t->parms.iph.saddr && 234 (local != t->parms.iph.daddr || 235 !ipv4_is_multicast(local))) || 236 key != t->parms.i_key || 237 !(t->dev->flags & IFF_UP)) 238 continue; 239 240 if (t->dev->type != ARPHRD_IPGRE && --- 9 unchanged lines hidden (view full) --- 250 return t; 251 252 if (score < cand_score) { 253 cand = t; 254 cand_score = score; 255 } 256 } 257 |
| 253 for (t = ign->tunnels_wc[h1]; t; t = t->next) { | 258 for_each_ip_tunnel_rcu(ign->tunnels_wc[h1]) { |
| 254 if (t->parms.i_key != key || 255 !(t->dev->flags & IFF_UP)) 256 continue; 257 258 if (t->dev->type != ARPHRD_IPGRE && 259 t->dev->type != dev_type) 260 continue; 261 --- 9 unchanged lines hidden (view full) --- 271 cand = t; 272 cand_score = score; 273 } 274 } 275 276 if (cand != NULL) 277 return cand; 278 | 259 if (t->parms.i_key != key || 260 !(t->dev->flags & IFF_UP)) 261 continue; 262 263 if (t->dev->type != ARPHRD_IPGRE && 264 t->dev->type != dev_type) 265 continue; 266 --- 9 unchanged lines hidden (view full) --- 276 cand = t; 277 cand_score = score; 278 } 279 } 280 281 if (cand != NULL) 282 return cand; 283 |
| 279 if (ign->fb_tunnel_dev->flags & IFF_UP) 280 return netdev_priv(ign->fb_tunnel_dev); | 284 dev = ign->fb_tunnel_dev; 285 if (dev->flags & IFF_UP) 286 return netdev_priv(dev); |
| 281 282 return NULL; 283} 284 285static struct ip_tunnel **__ipgre_bucket(struct ipgre_net *ign, 286 struct ip_tunnel_parm *parms) 287{ 288 __be32 remote = parms->iph.daddr; --- 17 unchanged lines hidden (view full) --- 306{ 307 return __ipgre_bucket(ign, &t->parms); 308} 309 310static void ipgre_tunnel_link(struct ipgre_net *ign, struct ip_tunnel *t) 311{ 312 struct ip_tunnel **tp = ipgre_bucket(ign, t); 313 | 287 288 return NULL; 289} 290 291static struct ip_tunnel **__ipgre_bucket(struct ipgre_net *ign, 292 struct ip_tunnel_parm *parms) 293{ 294 __be32 remote = parms->iph.daddr; --- 17 unchanged lines hidden (view full) --- 312{ 313 return __ipgre_bucket(ign, &t->parms); 314} 315 316static void ipgre_tunnel_link(struct ipgre_net *ign, struct ip_tunnel *t) 317{ 318 struct ip_tunnel **tp = ipgre_bucket(ign, t); 319 |
| 320 spin_lock_bh(&ipgre_lock); |
|
| 314 t->next = *tp; | 321 t->next = *tp; |
| 315 write_lock_bh(&ipgre_lock); 316 *tp = t; 317 write_unlock_bh(&ipgre_lock); | 322 rcu_assign_pointer(*tp, t); 323 spin_unlock_bh(&ipgre_lock); |
| 318} 319 320static void ipgre_tunnel_unlink(struct ipgre_net *ign, struct ip_tunnel *t) 321{ 322 struct ip_tunnel **tp; 323 324 for (tp = ipgre_bucket(ign, t); *tp; tp = &(*tp)->next) { 325 if (t == *tp) { | 324} 325 326static void ipgre_tunnel_unlink(struct ipgre_net *ign, struct ip_tunnel *t) 327{ 328 struct ip_tunnel **tp; 329 330 for (tp = ipgre_bucket(ign, t); *tp; tp = &(*tp)->next) { 331 if (t == *tp) { |
| 326 write_lock_bh(&ipgre_lock); | 332 spin_lock_bh(&ipgre_lock); |
| 327 *tp = t->next; | 333 *tp = t->next; |
| 328 write_unlock_bh(&ipgre_lock); | 334 spin_unlock_bh(&ipgre_lock); |
| 329 break; 330 } 331 } 332} 333 334static struct ip_tunnel *ipgre_tunnel_find(struct net *net, 335 struct ip_tunnel_parm *parms, 336 int type) --- 134 unchanged lines hidden (view full) --- 471 } 472 break; 473 case ICMP_TIME_EXCEEDED: 474 if (code != ICMP_EXC_TTL) 475 return; 476 break; 477 } 478 | 335 break; 336 } 337 } 338} 339 340static struct ip_tunnel *ipgre_tunnel_find(struct net *net, 341 struct ip_tunnel_parm *parms, 342 int type) --- 134 unchanged lines hidden (view full) --- 477 } 478 break; 479 case ICMP_TIME_EXCEEDED: 480 if (code != ICMP_EXC_TTL) 481 return; 482 break; 483 } 484 |
| 479 read_lock(&ipgre_lock); | 485 rcu_read_lock(); |
| 480 t = ipgre_tunnel_lookup(skb->dev, iph->daddr, iph->saddr, 481 flags & GRE_KEY ? 482 *(((__be32 *)p) + (grehlen / 4) - 1) : 0, 483 p[1]); 484 if (t == NULL || t->parms.iph.daddr == 0 || 485 ipv4_is_multicast(t->parms.iph.daddr)) 486 goto out; 487 488 if (t->parms.iph.ttl == 0 && type == ICMP_TIME_EXCEEDED) 489 goto out; 490 491 if (time_before(jiffies, t->err_time + IPTUNNEL_ERR_TIMEO)) 492 t->err_count++; 493 else 494 t->err_count = 1; 495 t->err_time = jiffies; 496out: | 486 t = ipgre_tunnel_lookup(skb->dev, iph->daddr, iph->saddr, 487 flags & GRE_KEY ? 488 *(((__be32 *)p) + (grehlen / 4) - 1) : 0, 489 p[1]); 490 if (t == NULL || t->parms.iph.daddr == 0 || 491 ipv4_is_multicast(t->parms.iph.daddr)) 492 goto out; 493 494 if (t->parms.iph.ttl == 0 && type == ICMP_TIME_EXCEEDED) 495 goto out; 496 497 if (time_before(jiffies, t->err_time + IPTUNNEL_ERR_TIMEO)) 498 t->err_count++; 499 else 500 t->err_count = 1; 501 t->err_time = jiffies; 502out: |
| 497 read_unlock(&ipgre_lock); | 503 rcu_read_unlock(); |
| 498 return; 499} 500 501static inline void ipgre_ecn_decapsulate(struct iphdr *iph, struct sk_buff *skb) 502{ 503 if (INET_ECN_is_ce(iph->tos)) { 504 if (skb->protocol == htons(ETH_P_IP)) { 505 IP_ECN_set_ce(ip_hdr(skb)); --- 62 unchanged lines hidden (view full) --- 568 if (flags&GRE_SEQ) { 569 seqno = ntohl(*(__be32*)(h + offset)); 570 offset += 4; 571 } 572 } 573 574 gre_proto = *(__be16 *)(h + 2); 575 | 504 return; 505} 506 507static inline void ipgre_ecn_decapsulate(struct iphdr *iph, struct sk_buff *skb) 508{ 509 if (INET_ECN_is_ce(iph->tos)) { 510 if (skb->protocol == htons(ETH_P_IP)) { 511 IP_ECN_set_ce(ip_hdr(skb)); --- 62 unchanged lines hidden (view full) --- 574 if (flags&GRE_SEQ) { 575 seqno = ntohl(*(__be32*)(h + offset)); 576 offset += 4; 577 } 578 } 579 580 gre_proto = *(__be16 *)(h + 2); 581 |
| 576 read_lock(&ipgre_lock); | 582 rcu_read_lock(); |
| 577 if ((tunnel = ipgre_tunnel_lookup(skb->dev, 578 iph->saddr, iph->daddr, key, 579 gre_proto))) { 580 struct net_device_stats *stats = &tunnel->dev->stats; 581 582 secpath_reset(skb); 583 584 skb->protocol = gre_proto; --- 57 unchanged lines hidden (view full) --- 642 skb->dev = tunnel->dev; 643 skb_dst_drop(skb); 644 nf_reset(skb); 645 646 skb_reset_network_header(skb); 647 ipgre_ecn_decapsulate(iph, skb); 648 649 netif_rx(skb); | 583 if ((tunnel = ipgre_tunnel_lookup(skb->dev, 584 iph->saddr, iph->daddr, key, 585 gre_proto))) { 586 struct net_device_stats *stats = &tunnel->dev->stats; 587 588 secpath_reset(skb); 589 590 skb->protocol = gre_proto; --- 57 unchanged lines hidden (view full) --- 648 skb->dev = tunnel->dev; 649 skb_dst_drop(skb); 650 nf_reset(skb); 651 652 skb_reset_network_header(skb); 653 ipgre_ecn_decapsulate(iph, skb); 654 655 netif_rx(skb); |
| 650 read_unlock(&ipgre_lock); | 656 rcu_read_unlock(); |
| 651 return(0); 652 } 653 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_PORT_UNREACH, 0); 654 655drop: | 657 return(0); 658 } 659 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_PORT_UNREACH, 0); 660 661drop: |
| 656 read_unlock(&ipgre_lock); | 662 rcu_read_unlock(); |
| 657drop_nolock: 658 kfree_skb(skb); 659 return(0); 660} 661 662static netdev_tx_t ipgre_tunnel_xmit(struct sk_buff *skb, struct net_device *dev) 663{ 664 struct ip_tunnel *tunnel = netdev_priv(dev); | 663drop_nolock: 664 kfree_skb(skb); 665 return(0); 666} 667 668static netdev_tx_t ipgre_tunnel_xmit(struct sk_buff *skb, struct net_device *dev) 669{ 670 struct ip_tunnel *tunnel = netdev_priv(dev); |
| 665 struct net_device_stats *stats = &tunnel->dev->stats; | 671 struct net_device_stats *stats = &dev->stats; 672 struct netdev_queue *txq = netdev_get_tx_queue(dev, 0); |
| 666 struct iphdr *old_iph = ip_hdr(skb); 667 struct iphdr *tiph; 668 u8 tos; 669 __be16 df; 670 struct rtable *rt; /* Route to the other host */ 671 struct net_device *tdev; /* Device to other host */ 672 struct iphdr *iph; /* Our new IP header */ 673 unsigned int max_headroom; /* The extra header space needed */ --- 131 unchanged lines hidden (view full) --- 805 806 max_headroom = LL_RESERVED_SPACE(tdev) + gre_hlen; 807 808 if (skb_headroom(skb) < max_headroom || skb_shared(skb)|| 809 (skb_cloned(skb) && !skb_clone_writable(skb, 0))) { 810 struct sk_buff *new_skb = skb_realloc_headroom(skb, max_headroom); 811 if (!new_skb) { 812 ip_rt_put(rt); | 673 struct iphdr *old_iph = ip_hdr(skb); 674 struct iphdr *tiph; 675 u8 tos; 676 __be16 df; 677 struct rtable *rt; /* Route to the other host */ 678 struct net_device *tdev; /* Device to other host */ 679 struct iphdr *iph; /* Our new IP header */ 680 unsigned int max_headroom; /* The extra header space needed */ --- 131 unchanged lines hidden (view full) --- 812 813 max_headroom = LL_RESERVED_SPACE(tdev) + gre_hlen; 814 815 if (skb_headroom(skb) < max_headroom || skb_shared(skb)|| 816 (skb_cloned(skb) && !skb_clone_writable(skb, 0))) { 817 struct sk_buff *new_skb = skb_realloc_headroom(skb, max_headroom); 818 if (!new_skb) { 819 ip_rt_put(rt); |
| 813 stats->tx_dropped++; | 820 txq->tx_dropped++; |
| 814 dev_kfree_skb(skb); 815 return NETDEV_TX_OK; 816 } 817 if (skb->sk) 818 skb_set_owner_w(new_skb, skb->sk); 819 dev_kfree_skb(skb); 820 skb = new_skb; 821 old_iph = ip_hdr(skb); --- 456 unchanged lines hidden (view full) --- 1278 1279 1280static const struct net_protocol ipgre_protocol = { 1281 .handler = ipgre_rcv, 1282 .err_handler = ipgre_err, 1283 .netns_ok = 1, 1284}; 1285 | 821 dev_kfree_skb(skb); 822 return NETDEV_TX_OK; 823 } 824 if (skb->sk) 825 skb_set_owner_w(new_skb, skb->sk); 826 dev_kfree_skb(skb); 827 skb = new_skb; 828 old_iph = ip_hdr(skb); --- 456 unchanged lines hidden (view full) --- 1285 1286 1287static const struct net_protocol ipgre_protocol = { 1288 .handler = ipgre_rcv, 1289 .err_handler = ipgre_err, 1290 .netns_ok = 1, 1291}; 1292 |
| 1286static void ipgre_destroy_tunnels(struct ipgre_net *ign) | 1293static void ipgre_destroy_tunnels(struct ipgre_net *ign, struct list_head *head) |
| 1287{ 1288 int prio; 1289 1290 for (prio = 0; prio < 4; prio++) { 1291 int h; 1292 for (h = 0; h < HASH_SIZE; h++) { | 1294{ 1295 int prio; 1296 1297 for (prio = 0; prio < 4; prio++) { 1298 int h; 1299 for (h = 0; h < HASH_SIZE; h++) { |
| 1293 struct ip_tunnel *t; 1294 while ((t = ign->tunnels[prio][h]) != NULL) 1295 unregister_netdevice(t->dev); | 1300 struct ip_tunnel *t = ign->tunnels[prio][h]; 1301 1302 while (t != NULL) { 1303 unregister_netdevice_queue(t->dev, head); 1304 t = t->next; 1305 } |
| 1296 } 1297 } 1298} 1299 1300static int ipgre_init_net(struct net *net) 1301{ 1302 int err; 1303 struct ipgre_net *ign; --- 31 unchanged lines hidden (view full) --- 1335 kfree(ign); 1336err_alloc: 1337 return err; 1338} 1339 1340static void ipgre_exit_net(struct net *net) 1341{ 1342 struct ipgre_net *ign; | 1306 } 1307 } 1308} 1309 1310static int ipgre_init_net(struct net *net) 1311{ 1312 int err; 1313 struct ipgre_net *ign; --- 31 unchanged lines hidden (view full) --- 1345 kfree(ign); 1346err_alloc: 1347 return err; 1348} 1349 1350static void ipgre_exit_net(struct net *net) 1351{ 1352 struct ipgre_net *ign; |
| 1353 LIST_HEAD(list); |
|
| 1343 1344 ign = net_generic(net, ipgre_net_id); 1345 rtnl_lock(); | 1354 1355 ign = net_generic(net, ipgre_net_id); 1356 rtnl_lock(); |
| 1346 ipgre_destroy_tunnels(ign); | 1357 ipgre_destroy_tunnels(ign, &list); 1358 unregister_netdevice_many(&list); |
| 1347 rtnl_unlock(); 1348 kfree(ign); 1349} 1350 1351static struct pernet_operations ipgre_net_ops = { 1352 .init = ipgre_init_net, 1353 .exit = ipgre_exit_net, 1354}; --- 111 unchanged lines hidden (view full) --- 1466 1467 dev->netdev_ops = &ipgre_tap_netdev_ops; 1468 dev->destructor = free_netdev; 1469 1470 dev->iflink = 0; 1471 dev->features |= NETIF_F_NETNS_LOCAL; 1472} 1473 | 1359 rtnl_unlock(); 1360 kfree(ign); 1361} 1362 1363static struct pernet_operations ipgre_net_ops = { 1364 .init = ipgre_init_net, 1365 .exit = ipgre_exit_net, 1366}; --- 111 unchanged lines hidden (view full) --- 1478 1479 dev->netdev_ops = &ipgre_tap_netdev_ops; 1480 dev->destructor = free_netdev; 1481 1482 dev->iflink = 0; 1483 dev->features |= NETIF_F_NETNS_LOCAL; 1484} 1485 |
| 1474static int ipgre_newlink(struct net_device *dev, struct nlattr *tb[], | 1486static int ipgre_newlink(struct net *src_net, struct net_device *dev, struct nlattr *tb[], |
| 1475 struct nlattr *data[]) 1476{ 1477 struct ip_tunnel *nt; 1478 struct net *net = dev_net(dev); 1479 struct ipgre_net *ign = net_generic(net, ipgre_net_id); 1480 int mtu; 1481 int err; 1482 --- 228 unchanged lines hidden --- | 1487 struct nlattr *data[]) 1488{ 1489 struct ip_tunnel *nt; 1490 struct net *net = dev_net(dev); 1491 struct ipgre_net *ign = net_generic(net, ipgre_net_id); 1492 int mtu; 1493 int err; 1494 --- 228 unchanged lines hidden --- |