1 /* 2 * Linux NET3: GRE over IP protocol decoder. 3 * 4 * Authors: Alexey Kuznetsov (kuznet@ms2.inr.ac.ru) 5 * 6 * This program is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU General Public License 8 * as published by the Free Software Foundation; either version 9 * 2 of the License, or (at your option) any later version. 10 * 11 */ 12 13 #include <linux/config.h> 14 #include <linux/module.h> 15 #include <linux/types.h> 16 #include <linux/sched.h> 17 #include <linux/kernel.h> 18 #include <asm/uaccess.h> 19 #include <linux/skbuff.h> 20 #include <linux/netdevice.h> 21 #include <linux/in.h> 22 #include <linux/tcp.h> 23 #include <linux/udp.h> 24 #include <linux/if_arp.h> 25 #include <linux/mroute.h> 26 #include <linux/init.h> 27 #include <linux/in6.h> 28 #include <linux/inetdevice.h> 29 #include <linux/igmp.h> 30 #include <linux/netfilter_ipv4.h> 31 32 #include <net/sock.h> 33 #include <net/ip.h> 34 #include <net/icmp.h> 35 #include <net/protocol.h> 36 #include <net/ipip.h> 37 #include <net/arp.h> 38 #include <net/checksum.h> 39 #include <net/dsfield.h> 40 #include <net/inet_ecn.h> 41 #include <net/xfrm.h> 42 43 #ifdef CONFIG_IPV6 44 #include <net/ipv6.h> 45 #include <net/ip6_fib.h> 46 #include <net/ip6_route.h> 47 #endif 48 49 /* 50 Problems & solutions 51 -------------------- 52 53 1. The most important issue is detecting local dead loops. 54 They would cause complete host lockup in transmit, which 55 would be "resolved" by stack overflow or, if queueing is enabled, 56 with infinite looping in net_bh. 57 58 We cannot track such dead loops during route installation, 59 it is infeasible task. The most general solutions would be 60 to keep skb->encapsulation counter (sort of local ttl), 61 and silently drop packet when it expires. It is the best 62 solution, but it supposes maintaing new variable in ALL 63 skb, even if no tunneling is used. 64 65 Current solution: t->recursion lock breaks dead loops. It looks 66 like dev->tbusy flag, but I preferred new variable, because 67 the semantics is different. One day, when hard_start_xmit 68 will be multithreaded we will have to use skb->encapsulation. 69 70 71 72 2. Networking dead loops would not kill routers, but would really 73 kill network. IP hop limit plays role of "t->recursion" in this case, 74 if we copy it from packet being encapsulated to upper header. 75 It is very good solution, but it introduces two problems: 76 77 - Routing protocols, using packets with ttl=1 (OSPF, RIP2), 78 do not work over tunnels. 79 - traceroute does not work. I planned to relay ICMP from tunnel, 80 so that this problem would be solved and traceroute output 81 would even more informative. This idea appeared to be wrong: 82 only Linux complies to rfc1812 now (yes, guys, Linux is the only 83 true router now :-)), all routers (at least, in neighbourhood of mine) 84 return only 8 bytes of payload. It is the end. 85 86 Hence, if we want that OSPF worked or traceroute said something reasonable, 87 we should search for another solution. 88 89 One of them is to parse packet trying to detect inner encapsulation 90 made by our node. It is difficult or even impossible, especially, 91 taking into account fragmentation. TO be short, tt is not solution at all. 92 93 Current solution: The solution was UNEXPECTEDLY SIMPLE. 94 We force DF flag on tunnels with preconfigured hop limit, 95 that is ALL. :-) Well, it does not remove the problem completely, 96 but exponential growth of network traffic is changed to linear 97 (branches, that exceed pmtu are pruned) and tunnel mtu 98 fastly degrades to value <68, where looping stops. 99 Yes, it is not good if there exists a router in the loop, 100 which does not force DF, even when encapsulating packets have DF set. 101 But it is not our problem! Nobody could accuse us, we made 102 all that we could make. Even if it is your gated who injected 103 fatal route to network, even if it were you who configured 104 fatal static route: you are innocent. :-) 105 106 107 108 3. Really, ipv4/ipip.c, ipv4/ip_gre.c and ipv6/sit.c contain 109 practically identical code. It would be good to glue them 110 together, but it is not very evident, how to make them modular. 111 sit is integral part of IPv6, ipip and gre are naturally modular. 112 We could extract common parts (hash table, ioctl etc) 113 to a separate module (ip_tunnel.c). 114 115 Alexey Kuznetsov. 116 */ 117 118 static int ipgre_tunnel_init(struct net_device *dev); 119 static void ipgre_tunnel_setup(struct net_device *dev); 120 121 /* Fallback tunnel: no source, no destination, no key, no options */ 122 123 static int ipgre_fb_tunnel_init(struct net_device *dev); 124 125 static struct net_device *ipgre_fb_tunnel_dev; 126 127 /* Tunnel hash table */ 128 129 /* 130 4 hash tables: 131 132 3: (remote,local) 133 2: (remote,*) 134 1: (*,local) 135 0: (*,*) 136 137 We require exact key match i.e. if a key is present in packet 138 it will match only tunnel with the same key; if it is not present, 139 it will match only keyless tunnel. 140 141 All keysless packets, if not matched configured keyless tunnels 142 will match fallback tunnel. 143 */ 144 145 #define HASH_SIZE 16 146 #define HASH(addr) ((addr^(addr>>4))&0xF) 147 148 static struct ip_tunnel *tunnels[4][HASH_SIZE]; 149 150 #define tunnels_r_l (tunnels[3]) 151 #define tunnels_r (tunnels[2]) 152 #define tunnels_l (tunnels[1]) 153 #define tunnels_wc (tunnels[0]) 154 155 static DEFINE_RWLOCK(ipgre_lock); 156 157 /* Given src, dst and key, find appropriate for input tunnel. */ 158 159 static struct ip_tunnel * ipgre_tunnel_lookup(u32 remote, u32 local, u32 key) 160 { 161 unsigned h0 = HASH(remote); 162 unsigned h1 = HASH(key); 163 struct ip_tunnel *t; 164 165 for (t = tunnels_r_l[h0^h1]; t; t = t->next) { 166 if (local == t->parms.iph.saddr && remote == t->parms.iph.daddr) { 167 if (t->parms.i_key == key && (t->dev->flags&IFF_UP)) 168 return t; 169 } 170 } 171 for (t = tunnels_r[h0^h1]; t; t = t->next) { 172 if (remote == t->parms.iph.daddr) { 173 if (t->parms.i_key == key && (t->dev->flags&IFF_UP)) 174 return t; 175 } 176 } 177 for (t = tunnels_l[h1]; t; t = t->next) { 178 if (local == t->parms.iph.saddr || 179 (local == t->parms.iph.daddr && MULTICAST(local))) { 180 if (t->parms.i_key == key && (t->dev->flags&IFF_UP)) 181 return t; 182 } 183 } 184 for (t = tunnels_wc[h1]; t; t = t->next) { 185 if (t->parms.i_key == key && (t->dev->flags&IFF_UP)) 186 return t; 187 } 188 189 if (ipgre_fb_tunnel_dev->flags&IFF_UP) 190 return ipgre_fb_tunnel_dev->priv; 191 return NULL; 192 } 193 194 static struct ip_tunnel **ipgre_bucket(struct ip_tunnel *t) 195 { 196 u32 remote = t->parms.iph.daddr; 197 u32 local = t->parms.iph.saddr; 198 u32 key = t->parms.i_key; 199 unsigned h = HASH(key); 200 int prio = 0; 201 202 if (local) 203 prio |= 1; 204 if (remote && !MULTICAST(remote)) { 205 prio |= 2; 206 h ^= HASH(remote); 207 } 208 209 return &tunnels[prio][h]; 210 } 211 212 static void ipgre_tunnel_link(struct ip_tunnel *t) 213 { 214 struct ip_tunnel **tp = ipgre_bucket(t); 215 216 t->next = *tp; 217 write_lock_bh(&ipgre_lock); 218 *tp = t; 219 write_unlock_bh(&ipgre_lock); 220 } 221 222 static void ipgre_tunnel_unlink(struct ip_tunnel *t) 223 { 224 struct ip_tunnel **tp; 225 226 for (tp = ipgre_bucket(t); *tp; tp = &(*tp)->next) { 227 if (t == *tp) { 228 write_lock_bh(&ipgre_lock); 229 *tp = t->next; 230 write_unlock_bh(&ipgre_lock); 231 break; 232 } 233 } 234 } 235 236 static struct ip_tunnel * ipgre_tunnel_locate(struct ip_tunnel_parm *parms, int create) 237 { 238 u32 remote = parms->iph.daddr; 239 u32 local = parms->iph.saddr; 240 u32 key = parms->i_key; 241 struct ip_tunnel *t, **tp, *nt; 242 struct net_device *dev; 243 unsigned h = HASH(key); 244 int prio = 0; 245 char name[IFNAMSIZ]; 246 247 if (local) 248 prio |= 1; 249 if (remote && !MULTICAST(remote)) { 250 prio |= 2; 251 h ^= HASH(remote); 252 } 253 for (tp = &tunnels[prio][h]; (t = *tp) != NULL; tp = &t->next) { 254 if (local == t->parms.iph.saddr && remote == t->parms.iph.daddr) { 255 if (key == t->parms.i_key) 256 return t; 257 } 258 } 259 if (!create) 260 return NULL; 261 262 if (parms->name[0]) 263 strlcpy(name, parms->name, IFNAMSIZ); 264 else { 265 int i; 266 for (i=1; i<100; i++) { 267 sprintf(name, "gre%d", i); 268 if (__dev_get_by_name(name) == NULL) 269 break; 270 } 271 if (i==100) 272 goto failed; 273 } 274 275 dev = alloc_netdev(sizeof(*t), name, ipgre_tunnel_setup); 276 if (!dev) 277 return NULL; 278 279 dev->init = ipgre_tunnel_init; 280 nt = dev->priv; 281 nt->parms = *parms; 282 283 if (register_netdevice(dev) < 0) { 284 free_netdev(dev); 285 goto failed; 286 } 287 288 nt = dev->priv; 289 nt->parms = *parms; 290 291 dev_hold(dev); 292 ipgre_tunnel_link(nt); 293 return nt; 294 295 failed: 296 return NULL; 297 } 298 299 static void ipgre_tunnel_uninit(struct net_device *dev) 300 { 301 ipgre_tunnel_unlink((struct ip_tunnel*)dev->priv); 302 dev_put(dev); 303 } 304 305 306 static void ipgre_err(struct sk_buff *skb, u32 info) 307 { 308 #ifndef I_WISH_WORLD_WERE_PERFECT 309 310 /* It is not :-( All the routers (except for Linux) return only 311 8 bytes of packet payload. It means, that precise relaying of 312 ICMP in the real Internet is absolutely infeasible. 313 314 Moreover, Cisco "wise men" put GRE key to the third word 315 in GRE header. It makes impossible maintaining even soft state for keyed 316 GRE tunnels with enabled checksum. Tell them "thank you". 317 318 Well, I wonder, rfc1812 was written by Cisco employee, 319 what the hell these idiots break standrads established 320 by themself??? 321 */ 322 323 struct iphdr *iph = (struct iphdr*)skb->data; 324 u16 *p = (u16*)(skb->data+(iph->ihl<<2)); 325 int grehlen = (iph->ihl<<2) + 4; 326 int type = skb->h.icmph->type; 327 int code = skb->h.icmph->code; 328 struct ip_tunnel *t; 329 u16 flags; 330 331 flags = p[0]; 332 if (flags&(GRE_CSUM|GRE_KEY|GRE_SEQ|GRE_ROUTING|GRE_VERSION)) { 333 if (flags&(GRE_VERSION|GRE_ROUTING)) 334 return; 335 if (flags&GRE_KEY) { 336 grehlen += 4; 337 if (flags&GRE_CSUM) 338 grehlen += 4; 339 } 340 } 341 342 /* If only 8 bytes returned, keyed message will be dropped here */ 343 if (skb_headlen(skb) < grehlen) 344 return; 345 346 switch (type) { 347 default: 348 case ICMP_PARAMETERPROB: 349 return; 350 351 case ICMP_DEST_UNREACH: 352 switch (code) { 353 case ICMP_SR_FAILED: 354 case ICMP_PORT_UNREACH: 355 /* Impossible event. */ 356 return; 357 case ICMP_FRAG_NEEDED: 358 /* Soft state for pmtu is maintained by IP core. */ 359 return; 360 default: 361 /* All others are translated to HOST_UNREACH. 362 rfc2003 contains "deep thoughts" about NET_UNREACH, 363 I believe they are just ether pollution. --ANK 364 */ 365 break; 366 } 367 break; 368 case ICMP_TIME_EXCEEDED: 369 if (code != ICMP_EXC_TTL) 370 return; 371 break; 372 } 373 374 read_lock(&ipgre_lock); 375 t = ipgre_tunnel_lookup(iph->daddr, iph->saddr, (flags&GRE_KEY) ? *(((u32*)p) + (grehlen>>2) - 1) : 0); 376 if (t == NULL || t->parms.iph.daddr == 0 || MULTICAST(t->parms.iph.daddr)) 377 goto out; 378 379 if (t->parms.iph.ttl == 0 && type == ICMP_TIME_EXCEEDED) 380 goto out; 381 382 if (jiffies - t->err_time < IPTUNNEL_ERR_TIMEO) 383 t->err_count++; 384 else 385 t->err_count = 1; 386 t->err_time = jiffies; 387 out: 388 read_unlock(&ipgre_lock); 389 return; 390 #else 391 struct iphdr *iph = (struct iphdr*)dp; 392 struct iphdr *eiph; 393 u16 *p = (u16*)(dp+(iph->ihl<<2)); 394 int type = skb->h.icmph->type; 395 int code = skb->h.icmph->code; 396 int rel_type = 0; 397 int rel_code = 0; 398 int rel_info = 0; 399 u16 flags; 400 int grehlen = (iph->ihl<<2) + 4; 401 struct sk_buff *skb2; 402 struct flowi fl; 403 struct rtable *rt; 404 405 if (p[1] != htons(ETH_P_IP)) 406 return; 407 408 flags = p[0]; 409 if (flags&(GRE_CSUM|GRE_KEY|GRE_SEQ|GRE_ROUTING|GRE_VERSION)) { 410 if (flags&(GRE_VERSION|GRE_ROUTING)) 411 return; 412 if (flags&GRE_CSUM) 413 grehlen += 4; 414 if (flags&GRE_KEY) 415 grehlen += 4; 416 if (flags&GRE_SEQ) 417 grehlen += 4; 418 } 419 if (len < grehlen + sizeof(struct iphdr)) 420 return; 421 eiph = (struct iphdr*)(dp + grehlen); 422 423 switch (type) { 424 default: 425 return; 426 case ICMP_PARAMETERPROB: 427 if (skb->h.icmph->un.gateway < (iph->ihl<<2)) 428 return; 429 430 /* So... This guy found something strange INSIDE encapsulated 431 packet. Well, he is fool, but what can we do ? 432 */ 433 rel_type = ICMP_PARAMETERPROB; 434 rel_info = skb->h.icmph->un.gateway - grehlen; 435 break; 436 437 case ICMP_DEST_UNREACH: 438 switch (code) { 439 case ICMP_SR_FAILED: 440 case ICMP_PORT_UNREACH: 441 /* Impossible event. */ 442 return; 443 case ICMP_FRAG_NEEDED: 444 /* And it is the only really necessary thing :-) */ 445 rel_info = ntohs(skb->h.icmph->un.frag.mtu); 446 if (rel_info < grehlen+68) 447 return; 448 rel_info -= grehlen; 449 /* BSD 4.2 MORE DOES NOT EXIST IN NATURE. */ 450 if (rel_info > ntohs(eiph->tot_len)) 451 return; 452 break; 453 default: 454 /* All others are translated to HOST_UNREACH. 455 rfc2003 contains "deep thoughts" about NET_UNREACH, 456 I believe, it is just ether pollution. --ANK 457 */ 458 rel_type = ICMP_DEST_UNREACH; 459 rel_code = ICMP_HOST_UNREACH; 460 break; 461 } 462 break; 463 case ICMP_TIME_EXCEEDED: 464 if (code != ICMP_EXC_TTL) 465 return; 466 break; 467 } 468 469 /* Prepare fake skb to feed it to icmp_send */ 470 skb2 = skb_clone(skb, GFP_ATOMIC); 471 if (skb2 == NULL) 472 return; 473 dst_release(skb2->dst); 474 skb2->dst = NULL; 475 skb_pull(skb2, skb->data - (u8*)eiph); 476 skb2->nh.raw = skb2->data; 477 478 /* Try to guess incoming interface */ 479 memset(&fl, 0, sizeof(fl)); 480 fl.fl4_dst = eiph->saddr; 481 fl.fl4_tos = RT_TOS(eiph->tos); 482 fl.proto = IPPROTO_GRE; 483 if (ip_route_output_key(&rt, &fl)) { 484 kfree_skb(skb2); 485 return; 486 } 487 skb2->dev = rt->u.dst.dev; 488 489 /* route "incoming" packet */ 490 if (rt->rt_flags&RTCF_LOCAL) { 491 ip_rt_put(rt); 492 rt = NULL; 493 fl.fl4_dst = eiph->daddr; 494 fl.fl4_src = eiph->saddr; 495 fl.fl4_tos = eiph->tos; 496 if (ip_route_output_key(&rt, &fl) || 497 rt->u.dst.dev->type != ARPHRD_IPGRE) { 498 ip_rt_put(rt); 499 kfree_skb(skb2); 500 return; 501 } 502 } else { 503 ip_rt_put(rt); 504 if (ip_route_input(skb2, eiph->daddr, eiph->saddr, eiph->tos, skb2->dev) || 505 skb2->dst->dev->type != ARPHRD_IPGRE) { 506 kfree_skb(skb2); 507 return; 508 } 509 } 510 511 /* change mtu on this route */ 512 if (type == ICMP_DEST_UNREACH && code == ICMP_FRAG_NEEDED) { 513 if (rel_info > dst_mtu(skb2->dst)) { 514 kfree_skb(skb2); 515 return; 516 } 517 skb2->dst->ops->update_pmtu(skb2->dst, rel_info); 518 rel_info = htonl(rel_info); 519 } else if (type == ICMP_TIME_EXCEEDED) { 520 struct ip_tunnel *t = (struct ip_tunnel*)skb2->dev->priv; 521 if (t->parms.iph.ttl) { 522 rel_type = ICMP_DEST_UNREACH; 523 rel_code = ICMP_HOST_UNREACH; 524 } 525 } 526 527 icmp_send(skb2, rel_type, rel_code, rel_info); 528 kfree_skb(skb2); 529 #endif 530 } 531 532 static inline void ipgre_ecn_decapsulate(struct iphdr *iph, struct sk_buff *skb) 533 { 534 if (INET_ECN_is_ce(iph->tos)) { 535 if (skb->protocol == htons(ETH_P_IP)) { 536 IP_ECN_set_ce(skb->nh.iph); 537 } else if (skb->protocol == htons(ETH_P_IPV6)) { 538 IP6_ECN_set_ce(skb->nh.ipv6h); 539 } 540 } 541 } 542 543 static inline u8 544 ipgre_ecn_encapsulate(u8 tos, struct iphdr *old_iph, struct sk_buff *skb) 545 { 546 u8 inner = 0; 547 if (skb->protocol == htons(ETH_P_IP)) 548 inner = old_iph->tos; 549 else if (skb->protocol == htons(ETH_P_IPV6)) 550 inner = ipv6_get_dsfield((struct ipv6hdr *)old_iph); 551 return INET_ECN_encapsulate(tos, inner); 552 } 553 554 static int ipgre_rcv(struct sk_buff *skb) 555 { 556 struct iphdr *iph; 557 u8 *h; 558 u16 flags; 559 u16 csum = 0; 560 u32 key = 0; 561 u32 seqno = 0; 562 struct ip_tunnel *tunnel; 563 int offset = 4; 564 565 if (!pskb_may_pull(skb, 16)) 566 goto drop_nolock; 567 568 iph = skb->nh.iph; 569 h = skb->data; 570 flags = *(u16*)h; 571 572 if (flags&(GRE_CSUM|GRE_KEY|GRE_ROUTING|GRE_SEQ|GRE_VERSION)) { 573 /* - Version must be 0. 574 - We do not support routing headers. 575 */ 576 if (flags&(GRE_VERSION|GRE_ROUTING)) 577 goto drop_nolock; 578 579 if (flags&GRE_CSUM) { 580 if (skb->ip_summed == CHECKSUM_HW) { 581 csum = (u16)csum_fold(skb->csum); 582 if (csum) 583 skb->ip_summed = CHECKSUM_NONE; 584 } 585 if (skb->ip_summed == CHECKSUM_NONE) { 586 skb->csum = skb_checksum(skb, 0, skb->len, 0); 587 skb->ip_summed = CHECKSUM_HW; 588 csum = (u16)csum_fold(skb->csum); 589 } 590 offset += 4; 591 } 592 if (flags&GRE_KEY) { 593 key = *(u32*)(h + offset); 594 offset += 4; 595 } 596 if (flags&GRE_SEQ) { 597 seqno = ntohl(*(u32*)(h + offset)); 598 offset += 4; 599 } 600 } 601 602 read_lock(&ipgre_lock); 603 if ((tunnel = ipgre_tunnel_lookup(iph->saddr, iph->daddr, key)) != NULL) { 604 secpath_reset(skb); 605 606 skb->protocol = *(u16*)(h + 2); 607 /* WCCP version 1 and 2 protocol decoding. 608 * - Change protocol to IP 609 * - When dealing with WCCPv2, Skip extra 4 bytes in GRE header 610 */ 611 if (flags == 0 && 612 skb->protocol == __constant_htons(ETH_P_WCCP)) { 613 skb->protocol = __constant_htons(ETH_P_IP); 614 if ((*(h + offset) & 0xF0) != 0x40) 615 offset += 4; 616 } 617 618 skb->mac.raw = skb->nh.raw; 619 skb->nh.raw = __pskb_pull(skb, offset); 620 skb_postpull_rcsum(skb, skb->mac.raw, offset); 621 memset(&(IPCB(skb)->opt), 0, sizeof(struct ip_options)); 622 skb->pkt_type = PACKET_HOST; 623 #ifdef CONFIG_NET_IPGRE_BROADCAST 624 if (MULTICAST(iph->daddr)) { 625 /* Looped back packet, drop it! */ 626 if (((struct rtable*)skb->dst)->fl.iif == 0) 627 goto drop; 628 tunnel->stat.multicast++; 629 skb->pkt_type = PACKET_BROADCAST; 630 } 631 #endif 632 633 if (((flags&GRE_CSUM) && csum) || 634 (!(flags&GRE_CSUM) && tunnel->parms.i_flags&GRE_CSUM)) { 635 tunnel->stat.rx_crc_errors++; 636 tunnel->stat.rx_errors++; 637 goto drop; 638 } 639 if (tunnel->parms.i_flags&GRE_SEQ) { 640 if (!(flags&GRE_SEQ) || 641 (tunnel->i_seqno && (s32)(seqno - tunnel->i_seqno) < 0)) { 642 tunnel->stat.rx_fifo_errors++; 643 tunnel->stat.rx_errors++; 644 goto drop; 645 } 646 tunnel->i_seqno = seqno + 1; 647 } 648 tunnel->stat.rx_packets++; 649 tunnel->stat.rx_bytes += skb->len; 650 skb->dev = tunnel->dev; 651 dst_release(skb->dst); 652 skb->dst = NULL; 653 nf_reset(skb); 654 ipgre_ecn_decapsulate(iph, skb); 655 netif_rx(skb); 656 read_unlock(&ipgre_lock); 657 return(0); 658 } 659 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_PROT_UNREACH, 0); 660 661 drop: 662 read_unlock(&ipgre_lock); 663 drop_nolock: 664 kfree_skb(skb); 665 return(0); 666 } 667 668 static int ipgre_tunnel_xmit(struct sk_buff *skb, struct net_device *dev) 669 { 670 struct ip_tunnel *tunnel = (struct ip_tunnel*)dev->priv; 671 struct net_device_stats *stats = &tunnel->stat; 672 struct iphdr *old_iph = skb->nh.iph; 673 struct iphdr *tiph; 674 u8 tos; 675 u16 df; 676 struct rtable *rt; /* Route to the other host */ 677 struct net_device *tdev; /* Device to other host */ 678 struct iphdr *iph; /* Our new IP header */ 679 int max_headroom; /* The extra header space needed */ 680 int gre_hlen; 681 u32 dst; 682 int mtu; 683 684 if (tunnel->recursion++) { 685 tunnel->stat.collisions++; 686 goto tx_error; 687 } 688 689 if (dev->hard_header) { 690 gre_hlen = 0; 691 tiph = (struct iphdr*)skb->data; 692 } else { 693 gre_hlen = tunnel->hlen; 694 tiph = &tunnel->parms.iph; 695 } 696 697 if ((dst = tiph->daddr) == 0) { 698 /* NBMA tunnel */ 699 700 if (skb->dst == NULL) { 701 tunnel->stat.tx_fifo_errors++; 702 goto tx_error; 703 } 704 705 if (skb->protocol == htons(ETH_P_IP)) { 706 rt = (struct rtable*)skb->dst; 707 if ((dst = rt->rt_gateway) == 0) 708 goto tx_error_icmp; 709 } 710 #ifdef CONFIG_IPV6 711 else if (skb->protocol == htons(ETH_P_IPV6)) { 712 struct in6_addr *addr6; 713 int addr_type; 714 struct neighbour *neigh = skb->dst->neighbour; 715 716 if (neigh == NULL) 717 goto tx_error; 718 719 addr6 = (struct in6_addr*)&neigh->primary_key; 720 addr_type = ipv6_addr_type(addr6); 721 722 if (addr_type == IPV6_ADDR_ANY) { 723 addr6 = &skb->nh.ipv6h->daddr; 724 addr_type = ipv6_addr_type(addr6); 725 } 726 727 if ((addr_type & IPV6_ADDR_COMPATv4) == 0) 728 goto tx_error_icmp; 729 730 dst = addr6->s6_addr32[3]; 731 } 732 #endif 733 else 734 goto tx_error; 735 } 736 737 tos = tiph->tos; 738 if (tos&1) { 739 if (skb->protocol == htons(ETH_P_IP)) 740 tos = old_iph->tos; 741 tos &= ~1; 742 } 743 744 { 745 struct flowi fl = { .oif = tunnel->parms.link, 746 .nl_u = { .ip4_u = 747 { .daddr = dst, 748 .saddr = tiph->saddr, 749 .tos = RT_TOS(tos) } }, 750 .proto = IPPROTO_GRE }; 751 if (ip_route_output_key(&rt, &fl)) { 752 tunnel->stat.tx_carrier_errors++; 753 goto tx_error; 754 } 755 } 756 tdev = rt->u.dst.dev; 757 758 if (tdev == dev) { 759 ip_rt_put(rt); 760 tunnel->stat.collisions++; 761 goto tx_error; 762 } 763 764 df = tiph->frag_off; 765 if (df) 766 mtu = dst_mtu(&rt->u.dst) - tunnel->hlen; 767 else 768 mtu = skb->dst ? dst_mtu(skb->dst) : dev->mtu; 769 770 if (skb->dst) 771 skb->dst->ops->update_pmtu(skb->dst, mtu); 772 773 if (skb->protocol == htons(ETH_P_IP)) { 774 df |= (old_iph->frag_off&htons(IP_DF)); 775 776 if ((old_iph->frag_off&htons(IP_DF)) && 777 mtu < ntohs(old_iph->tot_len)) { 778 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED, htonl(mtu)); 779 ip_rt_put(rt); 780 goto tx_error; 781 } 782 } 783 #ifdef CONFIG_IPV6 784 else if (skb->protocol == htons(ETH_P_IPV6)) { 785 struct rt6_info *rt6 = (struct rt6_info*)skb->dst; 786 787 if (rt6 && mtu < dst_mtu(skb->dst) && mtu >= IPV6_MIN_MTU) { 788 if ((tunnel->parms.iph.daddr && !MULTICAST(tunnel->parms.iph.daddr)) || 789 rt6->rt6i_dst.plen == 128) { 790 rt6->rt6i_flags |= RTF_MODIFIED; 791 skb->dst->metrics[RTAX_MTU-1] = mtu; 792 } 793 } 794 795 if (mtu >= IPV6_MIN_MTU && mtu < skb->len - tunnel->hlen + gre_hlen) { 796 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu, dev); 797 ip_rt_put(rt); 798 goto tx_error; 799 } 800 } 801 #endif 802 803 if (tunnel->err_count > 0) { 804 if (jiffies - tunnel->err_time < IPTUNNEL_ERR_TIMEO) { 805 tunnel->err_count--; 806 807 dst_link_failure(skb); 808 } else 809 tunnel->err_count = 0; 810 } 811 812 max_headroom = LL_RESERVED_SPACE(tdev) + gre_hlen; 813 814 if (skb_headroom(skb) < max_headroom || skb_cloned(skb) || skb_shared(skb)) { 815 struct sk_buff *new_skb = skb_realloc_headroom(skb, max_headroom); 816 if (!new_skb) { 817 ip_rt_put(rt); 818 stats->tx_dropped++; 819 dev_kfree_skb(skb); 820 tunnel->recursion--; 821 return 0; 822 } 823 if (skb->sk) 824 skb_set_owner_w(new_skb, skb->sk); 825 dev_kfree_skb(skb); 826 skb = new_skb; 827 old_iph = skb->nh.iph; 828 } 829 830 skb->h.raw = skb->nh.raw; 831 skb->nh.raw = skb_push(skb, gre_hlen); 832 memset(&(IPCB(skb)->opt), 0, sizeof(IPCB(skb)->opt)); 833 dst_release(skb->dst); 834 skb->dst = &rt->u.dst; 835 836 /* 837 * Push down and install the IPIP header. 838 */ 839 840 iph = skb->nh.iph; 841 iph->version = 4; 842 iph->ihl = sizeof(struct iphdr) >> 2; 843 iph->frag_off = df; 844 iph->protocol = IPPROTO_GRE; 845 iph->tos = ipgre_ecn_encapsulate(tos, old_iph, skb); 846 iph->daddr = rt->rt_dst; 847 iph->saddr = rt->rt_src; 848 849 if ((iph->ttl = tiph->ttl) == 0) { 850 if (skb->protocol == htons(ETH_P_IP)) 851 iph->ttl = old_iph->ttl; 852 #ifdef CONFIG_IPV6 853 else if (skb->protocol == htons(ETH_P_IPV6)) 854 iph->ttl = ((struct ipv6hdr*)old_iph)->hop_limit; 855 #endif 856 else 857 iph->ttl = dst_metric(&rt->u.dst, RTAX_HOPLIMIT); 858 } 859 860 ((u16*)(iph+1))[0] = tunnel->parms.o_flags; 861 ((u16*)(iph+1))[1] = skb->protocol; 862 863 if (tunnel->parms.o_flags&(GRE_KEY|GRE_CSUM|GRE_SEQ)) { 864 u32 *ptr = (u32*)(((u8*)iph) + tunnel->hlen - 4); 865 866 if (tunnel->parms.o_flags&GRE_SEQ) { 867 ++tunnel->o_seqno; 868 *ptr = htonl(tunnel->o_seqno); 869 ptr--; 870 } 871 if (tunnel->parms.o_flags&GRE_KEY) { 872 *ptr = tunnel->parms.o_key; 873 ptr--; 874 } 875 if (tunnel->parms.o_flags&GRE_CSUM) { 876 *ptr = 0; 877 *(__u16*)ptr = ip_compute_csum((void*)(iph+1), skb->len - sizeof(struct iphdr)); 878 } 879 } 880 881 nf_reset(skb); 882 883 IPTUNNEL_XMIT(); 884 tunnel->recursion--; 885 return 0; 886 887 tx_error_icmp: 888 dst_link_failure(skb); 889 890 tx_error: 891 stats->tx_errors++; 892 dev_kfree_skb(skb); 893 tunnel->recursion--; 894 return 0; 895 } 896 897 static int 898 ipgre_tunnel_ioctl (struct net_device *dev, struct ifreq *ifr, int cmd) 899 { 900 int err = 0; 901 struct ip_tunnel_parm p; 902 struct ip_tunnel *t; 903 904 switch (cmd) { 905 case SIOCGETTUNNEL: 906 t = NULL; 907 if (dev == ipgre_fb_tunnel_dev) { 908 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p))) { 909 err = -EFAULT; 910 break; 911 } 912 t = ipgre_tunnel_locate(&p, 0); 913 } 914 if (t == NULL) 915 t = (struct ip_tunnel*)dev->priv; 916 memcpy(&p, &t->parms, sizeof(p)); 917 if (copy_to_user(ifr->ifr_ifru.ifru_data, &p, sizeof(p))) 918 err = -EFAULT; 919 break; 920 921 case SIOCADDTUNNEL: 922 case SIOCCHGTUNNEL: 923 err = -EPERM; 924 if (!capable(CAP_NET_ADMIN)) 925 goto done; 926 927 err = -EFAULT; 928 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p))) 929 goto done; 930 931 err = -EINVAL; 932 if (p.iph.version != 4 || p.iph.protocol != IPPROTO_GRE || 933 p.iph.ihl != 5 || (p.iph.frag_off&htons(~IP_DF)) || 934 ((p.i_flags|p.o_flags)&(GRE_VERSION|GRE_ROUTING))) 935 goto done; 936 if (p.iph.ttl) 937 p.iph.frag_off |= htons(IP_DF); 938 939 if (!(p.i_flags&GRE_KEY)) 940 p.i_key = 0; 941 if (!(p.o_flags&GRE_KEY)) 942 p.o_key = 0; 943 944 t = ipgre_tunnel_locate(&p, cmd == SIOCADDTUNNEL); 945 946 if (dev != ipgre_fb_tunnel_dev && cmd == SIOCCHGTUNNEL) { 947 if (t != NULL) { 948 if (t->dev != dev) { 949 err = -EEXIST; 950 break; 951 } 952 } else { 953 unsigned nflags=0; 954 955 t = (struct ip_tunnel*)dev->priv; 956 957 if (MULTICAST(p.iph.daddr)) 958 nflags = IFF_BROADCAST; 959 else if (p.iph.daddr) 960 nflags = IFF_POINTOPOINT; 961 962 if ((dev->flags^nflags)&(IFF_POINTOPOINT|IFF_BROADCAST)) { 963 err = -EINVAL; 964 break; 965 } 966 ipgre_tunnel_unlink(t); 967 t->parms.iph.saddr = p.iph.saddr; 968 t->parms.iph.daddr = p.iph.daddr; 969 t->parms.i_key = p.i_key; 970 t->parms.o_key = p.o_key; 971 memcpy(dev->dev_addr, &p.iph.saddr, 4); 972 memcpy(dev->broadcast, &p.iph.daddr, 4); 973 ipgre_tunnel_link(t); 974 netdev_state_change(dev); 975 } 976 } 977 978 if (t) { 979 err = 0; 980 if (cmd == SIOCCHGTUNNEL) { 981 t->parms.iph.ttl = p.iph.ttl; 982 t->parms.iph.tos = p.iph.tos; 983 t->parms.iph.frag_off = p.iph.frag_off; 984 } 985 if (copy_to_user(ifr->ifr_ifru.ifru_data, &t->parms, sizeof(p))) 986 err = -EFAULT; 987 } else 988 err = (cmd == SIOCADDTUNNEL ? -ENOBUFS : -ENOENT); 989 break; 990 991 case SIOCDELTUNNEL: 992 err = -EPERM; 993 if (!capable(CAP_NET_ADMIN)) 994 goto done; 995 996 if (dev == ipgre_fb_tunnel_dev) { 997 err = -EFAULT; 998 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p))) 999 goto done; 1000 err = -ENOENT; 1001 if ((t = ipgre_tunnel_locate(&p, 0)) == NULL) 1002 goto done; 1003 err = -EPERM; 1004 if (t == ipgre_fb_tunnel_dev->priv) 1005 goto done; 1006 dev = t->dev; 1007 } 1008 err = unregister_netdevice(dev); 1009 break; 1010 1011 default: 1012 err = -EINVAL; 1013 } 1014 1015 done: 1016 return err; 1017 } 1018 1019 static struct net_device_stats *ipgre_tunnel_get_stats(struct net_device *dev) 1020 { 1021 return &(((struct ip_tunnel*)dev->priv)->stat); 1022 } 1023 1024 static int ipgre_tunnel_change_mtu(struct net_device *dev, int new_mtu) 1025 { 1026 struct ip_tunnel *tunnel = (struct ip_tunnel*)dev->priv; 1027 if (new_mtu < 68 || new_mtu > 0xFFF8 - tunnel->hlen) 1028 return -EINVAL; 1029 dev->mtu = new_mtu; 1030 return 0; 1031 } 1032 1033 #ifdef CONFIG_NET_IPGRE_BROADCAST 1034 /* Nice toy. Unfortunately, useless in real life :-) 1035 It allows to construct virtual multiprotocol broadcast "LAN" 1036 over the Internet, provided multicast routing is tuned. 1037 1038 1039 I have no idea was this bicycle invented before me, 1040 so that I had to set ARPHRD_IPGRE to a random value. 1041 I have an impression, that Cisco could make something similar, 1042 but this feature is apparently missing in IOS<=11.2(8). 1043 1044 I set up 10.66.66/24 and fec0:6666:6666::0/96 as virtual networks 1045 with broadcast 224.66.66.66. If you have access to mbone, play with me :-) 1046 1047 ping -t 255 224.66.66.66 1048 1049 If nobody answers, mbone does not work. 1050 1051 ip tunnel add Universe mode gre remote 224.66.66.66 local <Your_real_addr> ttl 255 1052 ip addr add 10.66.66.<somewhat>/24 dev Universe 1053 ifconfig Universe up 1054 ifconfig Universe add fe80::<Your_real_addr>/10 1055 ifconfig Universe add fec0:6666:6666::<Your_real_addr>/96 1056 ftp 10.66.66.66 1057 ... 1058 ftp fec0:6666:6666::193.233.7.65 1059 ... 1060 1061 */ 1062 1063 static int ipgre_header(struct sk_buff *skb, struct net_device *dev, unsigned short type, 1064 void *daddr, void *saddr, unsigned len) 1065 { 1066 struct ip_tunnel *t = (struct ip_tunnel*)dev->priv; 1067 struct iphdr *iph = (struct iphdr *)skb_push(skb, t->hlen); 1068 u16 *p = (u16*)(iph+1); 1069 1070 memcpy(iph, &t->parms.iph, sizeof(struct iphdr)); 1071 p[0] = t->parms.o_flags; 1072 p[1] = htons(type); 1073 1074 /* 1075 * Set the source hardware address. 1076 */ 1077 1078 if (saddr) 1079 memcpy(&iph->saddr, saddr, 4); 1080 1081 if (daddr) { 1082 memcpy(&iph->daddr, daddr, 4); 1083 return t->hlen; 1084 } 1085 if (iph->daddr && !MULTICAST(iph->daddr)) 1086 return t->hlen; 1087 1088 return -t->hlen; 1089 } 1090 1091 static int ipgre_open(struct net_device *dev) 1092 { 1093 struct ip_tunnel *t = (struct ip_tunnel*)dev->priv; 1094 1095 if (MULTICAST(t->parms.iph.daddr)) { 1096 struct flowi fl = { .oif = t->parms.link, 1097 .nl_u = { .ip4_u = 1098 { .daddr = t->parms.iph.daddr, 1099 .saddr = t->parms.iph.saddr, 1100 .tos = RT_TOS(t->parms.iph.tos) } }, 1101 .proto = IPPROTO_GRE }; 1102 struct rtable *rt; 1103 if (ip_route_output_key(&rt, &fl)) 1104 return -EADDRNOTAVAIL; 1105 dev = rt->u.dst.dev; 1106 ip_rt_put(rt); 1107 if (__in_dev_get_rtnl(dev) == NULL) 1108 return -EADDRNOTAVAIL; 1109 t->mlink = dev->ifindex; 1110 ip_mc_inc_group(__in_dev_get_rtnl(dev), t->parms.iph.daddr); 1111 } 1112 return 0; 1113 } 1114 1115 static int ipgre_close(struct net_device *dev) 1116 { 1117 struct ip_tunnel *t = (struct ip_tunnel*)dev->priv; 1118 if (MULTICAST(t->parms.iph.daddr) && t->mlink) { 1119 struct in_device *in_dev = inetdev_by_index(t->mlink); 1120 if (in_dev) { 1121 ip_mc_dec_group(in_dev, t->parms.iph.daddr); 1122 in_dev_put(in_dev); 1123 } 1124 } 1125 return 0; 1126 } 1127 1128 #endif 1129 1130 static void ipgre_tunnel_setup(struct net_device *dev) 1131 { 1132 SET_MODULE_OWNER(dev); 1133 dev->uninit = ipgre_tunnel_uninit; 1134 dev->destructor = free_netdev; 1135 dev->hard_start_xmit = ipgre_tunnel_xmit; 1136 dev->get_stats = ipgre_tunnel_get_stats; 1137 dev->do_ioctl = ipgre_tunnel_ioctl; 1138 dev->change_mtu = ipgre_tunnel_change_mtu; 1139 1140 dev->type = ARPHRD_IPGRE; 1141 dev->hard_header_len = LL_MAX_HEADER + sizeof(struct iphdr) + 4; 1142 dev->mtu = 1500 - sizeof(struct iphdr) - 4; 1143 dev->flags = IFF_NOARP; 1144 dev->iflink = 0; 1145 dev->addr_len = 4; 1146 } 1147 1148 static int ipgre_tunnel_init(struct net_device *dev) 1149 { 1150 struct net_device *tdev = NULL; 1151 struct ip_tunnel *tunnel; 1152 struct iphdr *iph; 1153 int hlen = LL_MAX_HEADER; 1154 int mtu = 1500; 1155 int addend = sizeof(struct iphdr) + 4; 1156 1157 tunnel = (struct ip_tunnel*)dev->priv; 1158 iph = &tunnel->parms.iph; 1159 1160 tunnel->dev = dev; 1161 strcpy(tunnel->parms.name, dev->name); 1162 1163 memcpy(dev->dev_addr, &tunnel->parms.iph.saddr, 4); 1164 memcpy(dev->broadcast, &tunnel->parms.iph.daddr, 4); 1165 1166 /* Guess output device to choose reasonable mtu and hard_header_len */ 1167 1168 if (iph->daddr) { 1169 struct flowi fl = { .oif = tunnel->parms.link, 1170 .nl_u = { .ip4_u = 1171 { .daddr = iph->daddr, 1172 .saddr = iph->saddr, 1173 .tos = RT_TOS(iph->tos) } }, 1174 .proto = IPPROTO_GRE }; 1175 struct rtable *rt; 1176 if (!ip_route_output_key(&rt, &fl)) { 1177 tdev = rt->u.dst.dev; 1178 ip_rt_put(rt); 1179 } 1180 1181 dev->flags |= IFF_POINTOPOINT; 1182 1183 #ifdef CONFIG_NET_IPGRE_BROADCAST 1184 if (MULTICAST(iph->daddr)) { 1185 if (!iph->saddr) 1186 return -EINVAL; 1187 dev->flags = IFF_BROADCAST; 1188 dev->hard_header = ipgre_header; 1189 dev->open = ipgre_open; 1190 dev->stop = ipgre_close; 1191 } 1192 #endif 1193 } 1194 1195 if (!tdev && tunnel->parms.link) 1196 tdev = __dev_get_by_index(tunnel->parms.link); 1197 1198 if (tdev) { 1199 hlen = tdev->hard_header_len; 1200 mtu = tdev->mtu; 1201 } 1202 dev->iflink = tunnel->parms.link; 1203 1204 /* Precalculate GRE options length */ 1205 if (tunnel->parms.o_flags&(GRE_CSUM|GRE_KEY|GRE_SEQ)) { 1206 if (tunnel->parms.o_flags&GRE_CSUM) 1207 addend += 4; 1208 if (tunnel->parms.o_flags&GRE_KEY) 1209 addend += 4; 1210 if (tunnel->parms.o_flags&GRE_SEQ) 1211 addend += 4; 1212 } 1213 dev->hard_header_len = hlen + addend; 1214 dev->mtu = mtu - addend; 1215 tunnel->hlen = addend; 1216 return 0; 1217 } 1218 1219 int __init ipgre_fb_tunnel_init(struct net_device *dev) 1220 { 1221 struct ip_tunnel *tunnel = (struct ip_tunnel*)dev->priv; 1222 struct iphdr *iph = &tunnel->parms.iph; 1223 1224 tunnel->dev = dev; 1225 strcpy(tunnel->parms.name, dev->name); 1226 1227 iph->version = 4; 1228 iph->protocol = IPPROTO_GRE; 1229 iph->ihl = 5; 1230 tunnel->hlen = sizeof(struct iphdr) + 4; 1231 1232 dev_hold(dev); 1233 tunnels_wc[0] = tunnel; 1234 return 0; 1235 } 1236 1237 1238 static struct net_protocol ipgre_protocol = { 1239 .handler = ipgre_rcv, 1240 .err_handler = ipgre_err, 1241 }; 1242 1243 1244 /* 1245 * And now the modules code and kernel interface. 1246 */ 1247 1248 static int __init ipgre_init(void) 1249 { 1250 int err; 1251 1252 printk(KERN_INFO "GRE over IPv4 tunneling driver\n"); 1253 1254 if (inet_add_protocol(&ipgre_protocol, IPPROTO_GRE) < 0) { 1255 printk(KERN_INFO "ipgre init: can't add protocol\n"); 1256 return -EAGAIN; 1257 } 1258 1259 ipgre_fb_tunnel_dev = alloc_netdev(sizeof(struct ip_tunnel), "gre0", 1260 ipgre_tunnel_setup); 1261 if (!ipgre_fb_tunnel_dev) { 1262 err = -ENOMEM; 1263 goto err1; 1264 } 1265 1266 ipgre_fb_tunnel_dev->init = ipgre_fb_tunnel_init; 1267 1268 if ((err = register_netdev(ipgre_fb_tunnel_dev))) 1269 goto err2; 1270 out: 1271 return err; 1272 err2: 1273 free_netdev(ipgre_fb_tunnel_dev); 1274 err1: 1275 inet_del_protocol(&ipgre_protocol, IPPROTO_GRE); 1276 goto out; 1277 } 1278 1279 static void __exit ipgre_destroy_tunnels(void) 1280 { 1281 int prio; 1282 1283 for (prio = 0; prio < 4; prio++) { 1284 int h; 1285 for (h = 0; h < HASH_SIZE; h++) { 1286 struct ip_tunnel *t; 1287 while ((t = tunnels[prio][h]) != NULL) 1288 unregister_netdevice(t->dev); 1289 } 1290 } 1291 } 1292 1293 static void __exit ipgre_fini(void) 1294 { 1295 if (inet_del_protocol(&ipgre_protocol, IPPROTO_GRE) < 0) 1296 printk(KERN_INFO "ipgre close: can't remove protocol\n"); 1297 1298 rtnl_lock(); 1299 ipgre_destroy_tunnels(); 1300 rtnl_unlock(); 1301 } 1302 1303 module_init(ipgre_init); 1304 module_exit(ipgre_fini); 1305 MODULE_LICENSE("GPL"); 1306