1 /* 2 * Linux NET3: GRE over IP protocol decoder. 3 * 4 * Authors: Alexey Kuznetsov (kuznet@ms2.inr.ac.ru) 5 * 6 * This program is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU General Public License 8 * as published by the Free Software Foundation; either version 9 * 2 of the License, or (at your option) any later version. 10 * 11 */ 12 13 #include <linux/capability.h> 14 #include <linux/module.h> 15 #include <linux/types.h> 16 #include <linux/kernel.h> 17 #include <asm/uaccess.h> 18 #include <linux/skbuff.h> 19 #include <linux/netdevice.h> 20 #include <linux/in.h> 21 #include <linux/tcp.h> 22 #include <linux/udp.h> 23 #include <linux/if_arp.h> 24 #include <linux/mroute.h> 25 #include <linux/init.h> 26 #include <linux/in6.h> 27 #include <linux/inetdevice.h> 28 #include <linux/igmp.h> 29 #include <linux/netfilter_ipv4.h> 30 #include <linux/if_ether.h> 31 32 #include <net/sock.h> 33 #include <net/ip.h> 34 #include <net/icmp.h> 35 #include <net/protocol.h> 36 #include <net/ipip.h> 37 #include <net/arp.h> 38 #include <net/checksum.h> 39 #include <net/dsfield.h> 40 #include <net/inet_ecn.h> 41 #include <net/xfrm.h> 42 43 #ifdef CONFIG_IPV6 44 #include <net/ipv6.h> 45 #include <net/ip6_fib.h> 46 #include <net/ip6_route.h> 47 #endif 48 49 /* 50 Problems & solutions 51 -------------------- 52 53 1. The most important issue is detecting local dead loops. 54 They would cause complete host lockup in transmit, which 55 would be "resolved" by stack overflow or, if queueing is enabled, 56 with infinite looping in net_bh. 57 58 We cannot track such dead loops during route installation, 59 it is infeasible task. The most general solutions would be 60 to keep skb->encapsulation counter (sort of local ttl), 61 and silently drop packet when it expires. It is the best 62 solution, but it supposes maintaing new variable in ALL 63 skb, even if no tunneling is used. 64 65 Current solution: t->recursion lock breaks dead loops. It looks 66 like dev->tbusy flag, but I preferred new variable, because 67 the semantics is different. One day, when hard_start_xmit 68 will be multithreaded we will have to use skb->encapsulation. 69 70 71 72 2. Networking dead loops would not kill routers, but would really 73 kill network. IP hop limit plays role of "t->recursion" in this case, 74 if we copy it from packet being encapsulated to upper header. 75 It is very good solution, but it introduces two problems: 76 77 - Routing protocols, using packets with ttl=1 (OSPF, RIP2), 78 do not work over tunnels. 79 - traceroute does not work. I planned to relay ICMP from tunnel, 80 so that this problem would be solved and traceroute output 81 would even more informative. This idea appeared to be wrong: 82 only Linux complies to rfc1812 now (yes, guys, Linux is the only 83 true router now :-)), all routers (at least, in neighbourhood of mine) 84 return only 8 bytes of payload. It is the end. 85 86 Hence, if we want that OSPF worked or traceroute said something reasonable, 87 we should search for another solution. 88 89 One of them is to parse packet trying to detect inner encapsulation 90 made by our node. It is difficult or even impossible, especially, 91 taking into account fragmentation. TO be short, tt is not solution at all. 92 93 Current solution: The solution was UNEXPECTEDLY SIMPLE. 94 We force DF flag on tunnels with preconfigured hop limit, 95 that is ALL. :-) Well, it does not remove the problem completely, 96 but exponential growth of network traffic is changed to linear 97 (branches, that exceed pmtu are pruned) and tunnel mtu 98 fastly degrades to value <68, where looping stops. 99 Yes, it is not good if there exists a router in the loop, 100 which does not force DF, even when encapsulating packets have DF set. 101 But it is not our problem! Nobody could accuse us, we made 102 all that we could make. Even if it is your gated who injected 103 fatal route to network, even if it were you who configured 104 fatal static route: you are innocent. :-) 105 106 107 108 3. Really, ipv4/ipip.c, ipv4/ip_gre.c and ipv6/sit.c contain 109 practically identical code. It would be good to glue them 110 together, but it is not very evident, how to make them modular. 111 sit is integral part of IPv6, ipip and gre are naturally modular. 112 We could extract common parts (hash table, ioctl etc) 113 to a separate module (ip_tunnel.c). 114 115 Alexey Kuznetsov. 116 */ 117 118 static int ipgre_tunnel_init(struct net_device *dev); 119 static void ipgre_tunnel_setup(struct net_device *dev); 120 121 /* Fallback tunnel: no source, no destination, no key, no options */ 122 123 static int ipgre_fb_tunnel_init(struct net_device *dev); 124 125 static struct net_device *ipgre_fb_tunnel_dev; 126 127 /* Tunnel hash table */ 128 129 /* 130 4 hash tables: 131 132 3: (remote,local) 133 2: (remote,*) 134 1: (*,local) 135 0: (*,*) 136 137 We require exact key match i.e. if a key is present in packet 138 it will match only tunnel with the same key; if it is not present, 139 it will match only keyless tunnel. 140 141 All keysless packets, if not matched configured keyless tunnels 142 will match fallback tunnel. 143 */ 144 145 #define HASH_SIZE 16 146 #define HASH(addr) (((__force u32)addr^((__force u32)addr>>4))&0xF) 147 148 static struct ip_tunnel *tunnels[4][HASH_SIZE]; 149 150 #define tunnels_r_l (tunnels[3]) 151 #define tunnels_r (tunnels[2]) 152 #define tunnels_l (tunnels[1]) 153 #define tunnels_wc (tunnels[0]) 154 155 static DEFINE_RWLOCK(ipgre_lock); 156 157 /* Given src, dst and key, find appropriate for input tunnel. */ 158 159 static struct ip_tunnel * ipgre_tunnel_lookup(__be32 remote, __be32 local, __be32 key) 160 { 161 unsigned h0 = HASH(remote); 162 unsigned h1 = HASH(key); 163 struct ip_tunnel *t; 164 165 for (t = tunnels_r_l[h0^h1]; t; t = t->next) { 166 if (local == t->parms.iph.saddr && remote == t->parms.iph.daddr) { 167 if (t->parms.i_key == key && (t->dev->flags&IFF_UP)) 168 return t; 169 } 170 } 171 for (t = tunnels_r[h0^h1]; t; t = t->next) { 172 if (remote == t->parms.iph.daddr) { 173 if (t->parms.i_key == key && (t->dev->flags&IFF_UP)) 174 return t; 175 } 176 } 177 for (t = tunnels_l[h1]; t; t = t->next) { 178 if (local == t->parms.iph.saddr || 179 (local == t->parms.iph.daddr && MULTICAST(local))) { 180 if (t->parms.i_key == key && (t->dev->flags&IFF_UP)) 181 return t; 182 } 183 } 184 for (t = tunnels_wc[h1]; t; t = t->next) { 185 if (t->parms.i_key == key && (t->dev->flags&IFF_UP)) 186 return t; 187 } 188 189 if (ipgre_fb_tunnel_dev->flags&IFF_UP) 190 return netdev_priv(ipgre_fb_tunnel_dev); 191 return NULL; 192 } 193 194 static struct ip_tunnel **__ipgre_bucket(struct ip_tunnel_parm *parms) 195 { 196 __be32 remote = parms->iph.daddr; 197 __be32 local = parms->iph.saddr; 198 __be32 key = parms->i_key; 199 unsigned h = HASH(key); 200 int prio = 0; 201 202 if (local) 203 prio |= 1; 204 if (remote && !MULTICAST(remote)) { 205 prio |= 2; 206 h ^= HASH(remote); 207 } 208 209 return &tunnels[prio][h]; 210 } 211 212 static inline struct ip_tunnel **ipgre_bucket(struct ip_tunnel *t) 213 { 214 return __ipgre_bucket(&t->parms); 215 } 216 217 static void ipgre_tunnel_link(struct ip_tunnel *t) 218 { 219 struct ip_tunnel **tp = ipgre_bucket(t); 220 221 t->next = *tp; 222 write_lock_bh(&ipgre_lock); 223 *tp = t; 224 write_unlock_bh(&ipgre_lock); 225 } 226 227 static void ipgre_tunnel_unlink(struct ip_tunnel *t) 228 { 229 struct ip_tunnel **tp; 230 231 for (tp = ipgre_bucket(t); *tp; tp = &(*tp)->next) { 232 if (t == *tp) { 233 write_lock_bh(&ipgre_lock); 234 *tp = t->next; 235 write_unlock_bh(&ipgre_lock); 236 break; 237 } 238 } 239 } 240 241 static struct ip_tunnel * ipgre_tunnel_locate(struct ip_tunnel_parm *parms, int create) 242 { 243 __be32 remote = parms->iph.daddr; 244 __be32 local = parms->iph.saddr; 245 __be32 key = parms->i_key; 246 struct ip_tunnel *t, **tp, *nt; 247 struct net_device *dev; 248 char name[IFNAMSIZ]; 249 250 for (tp = __ipgre_bucket(parms); (t = *tp) != NULL; tp = &t->next) { 251 if (local == t->parms.iph.saddr && remote == t->parms.iph.daddr) { 252 if (key == t->parms.i_key) 253 return t; 254 } 255 } 256 if (!create) 257 return NULL; 258 259 if (parms->name[0]) 260 strlcpy(name, parms->name, IFNAMSIZ); 261 else { 262 int i; 263 for (i=1; i<100; i++) { 264 sprintf(name, "gre%d", i); 265 if (__dev_get_by_name(name) == NULL) 266 break; 267 } 268 if (i==100) 269 goto failed; 270 } 271 272 dev = alloc_netdev(sizeof(*t), name, ipgre_tunnel_setup); 273 if (!dev) 274 return NULL; 275 276 dev->init = ipgre_tunnel_init; 277 nt = netdev_priv(dev); 278 nt->parms = *parms; 279 280 if (register_netdevice(dev) < 0) { 281 free_netdev(dev); 282 goto failed; 283 } 284 285 dev_hold(dev); 286 ipgre_tunnel_link(nt); 287 return nt; 288 289 failed: 290 return NULL; 291 } 292 293 static void ipgre_tunnel_uninit(struct net_device *dev) 294 { 295 ipgre_tunnel_unlink(netdev_priv(dev)); 296 dev_put(dev); 297 } 298 299 300 static void ipgre_err(struct sk_buff *skb, u32 info) 301 { 302 #ifndef I_WISH_WORLD_WERE_PERFECT 303 304 /* It is not :-( All the routers (except for Linux) return only 305 8 bytes of packet payload. It means, that precise relaying of 306 ICMP in the real Internet is absolutely infeasible. 307 308 Moreover, Cisco "wise men" put GRE key to the third word 309 in GRE header. It makes impossible maintaining even soft state for keyed 310 GRE tunnels with enabled checksum. Tell them "thank you". 311 312 Well, I wonder, rfc1812 was written by Cisco employee, 313 what the hell these idiots break standrads established 314 by themself??? 315 */ 316 317 struct iphdr *iph = (struct iphdr*)skb->data; 318 __be16 *p = (__be16*)(skb->data+(iph->ihl<<2)); 319 int grehlen = (iph->ihl<<2) + 4; 320 const int type = icmp_hdr(skb)->type; 321 const int code = icmp_hdr(skb)->code; 322 struct ip_tunnel *t; 323 __be16 flags; 324 325 flags = p[0]; 326 if (flags&(GRE_CSUM|GRE_KEY|GRE_SEQ|GRE_ROUTING|GRE_VERSION)) { 327 if (flags&(GRE_VERSION|GRE_ROUTING)) 328 return; 329 if (flags&GRE_KEY) { 330 grehlen += 4; 331 if (flags&GRE_CSUM) 332 grehlen += 4; 333 } 334 } 335 336 /* If only 8 bytes returned, keyed message will be dropped here */ 337 if (skb_headlen(skb) < grehlen) 338 return; 339 340 switch (type) { 341 default: 342 case ICMP_PARAMETERPROB: 343 return; 344 345 case ICMP_DEST_UNREACH: 346 switch (code) { 347 case ICMP_SR_FAILED: 348 case ICMP_PORT_UNREACH: 349 /* Impossible event. */ 350 return; 351 case ICMP_FRAG_NEEDED: 352 /* Soft state for pmtu is maintained by IP core. */ 353 return; 354 default: 355 /* All others are translated to HOST_UNREACH. 356 rfc2003 contains "deep thoughts" about NET_UNREACH, 357 I believe they are just ether pollution. --ANK 358 */ 359 break; 360 } 361 break; 362 case ICMP_TIME_EXCEEDED: 363 if (code != ICMP_EXC_TTL) 364 return; 365 break; 366 } 367 368 read_lock(&ipgre_lock); 369 t = ipgre_tunnel_lookup(iph->daddr, iph->saddr, (flags&GRE_KEY) ? *(((__be32*)p) + (grehlen>>2) - 1) : 0); 370 if (t == NULL || t->parms.iph.daddr == 0 || MULTICAST(t->parms.iph.daddr)) 371 goto out; 372 373 if (t->parms.iph.ttl == 0 && type == ICMP_TIME_EXCEEDED) 374 goto out; 375 376 if (jiffies - t->err_time < IPTUNNEL_ERR_TIMEO) 377 t->err_count++; 378 else 379 t->err_count = 1; 380 t->err_time = jiffies; 381 out: 382 read_unlock(&ipgre_lock); 383 return; 384 #else 385 struct iphdr *iph = (struct iphdr*)dp; 386 struct iphdr *eiph; 387 __be16 *p = (__be16*)(dp+(iph->ihl<<2)); 388 const int type = icmp_hdr(skb)->type; 389 const int code = icmp_hdr(skb)->code; 390 int rel_type = 0; 391 int rel_code = 0; 392 __be32 rel_info = 0; 393 __u32 n = 0; 394 __be16 flags; 395 int grehlen = (iph->ihl<<2) + 4; 396 struct sk_buff *skb2; 397 struct flowi fl; 398 struct rtable *rt; 399 400 if (p[1] != htons(ETH_P_IP)) 401 return; 402 403 flags = p[0]; 404 if (flags&(GRE_CSUM|GRE_KEY|GRE_SEQ|GRE_ROUTING|GRE_VERSION)) { 405 if (flags&(GRE_VERSION|GRE_ROUTING)) 406 return; 407 if (flags&GRE_CSUM) 408 grehlen += 4; 409 if (flags&GRE_KEY) 410 grehlen += 4; 411 if (flags&GRE_SEQ) 412 grehlen += 4; 413 } 414 if (len < grehlen + sizeof(struct iphdr)) 415 return; 416 eiph = (struct iphdr*)(dp + grehlen); 417 418 switch (type) { 419 default: 420 return; 421 case ICMP_PARAMETERPROB: 422 n = ntohl(icmp_hdr(skb)->un.gateway) >> 24; 423 if (n < (iph->ihl<<2)) 424 return; 425 426 /* So... This guy found something strange INSIDE encapsulated 427 packet. Well, he is fool, but what can we do ? 428 */ 429 rel_type = ICMP_PARAMETERPROB; 430 n -= grehlen; 431 rel_info = htonl(n << 24); 432 break; 433 434 case ICMP_DEST_UNREACH: 435 switch (code) { 436 case ICMP_SR_FAILED: 437 case ICMP_PORT_UNREACH: 438 /* Impossible event. */ 439 return; 440 case ICMP_FRAG_NEEDED: 441 /* And it is the only really necessary thing :-) */ 442 n = ntohs(icmp_hdr(skb)->un.frag.mtu); 443 if (n < grehlen+68) 444 return; 445 n -= grehlen; 446 /* BSD 4.2 MORE DOES NOT EXIST IN NATURE. */ 447 if (n > ntohs(eiph->tot_len)) 448 return; 449 rel_info = htonl(n); 450 break; 451 default: 452 /* All others are translated to HOST_UNREACH. 453 rfc2003 contains "deep thoughts" about NET_UNREACH, 454 I believe, it is just ether pollution. --ANK 455 */ 456 rel_type = ICMP_DEST_UNREACH; 457 rel_code = ICMP_HOST_UNREACH; 458 break; 459 } 460 break; 461 case ICMP_TIME_EXCEEDED: 462 if (code != ICMP_EXC_TTL) 463 return; 464 break; 465 } 466 467 /* Prepare fake skb to feed it to icmp_send */ 468 skb2 = skb_clone(skb, GFP_ATOMIC); 469 if (skb2 == NULL) 470 return; 471 dst_release(skb2->dst); 472 skb2->dst = NULL; 473 skb_pull(skb2, skb->data - (u8*)eiph); 474 skb_reset_network_header(skb2); 475 476 /* Try to guess incoming interface */ 477 memset(&fl, 0, sizeof(fl)); 478 fl.fl4_dst = eiph->saddr; 479 fl.fl4_tos = RT_TOS(eiph->tos); 480 fl.proto = IPPROTO_GRE; 481 if (ip_route_output_key(&rt, &fl)) { 482 kfree_skb(skb2); 483 return; 484 } 485 skb2->dev = rt->u.dst.dev; 486 487 /* route "incoming" packet */ 488 if (rt->rt_flags&RTCF_LOCAL) { 489 ip_rt_put(rt); 490 rt = NULL; 491 fl.fl4_dst = eiph->daddr; 492 fl.fl4_src = eiph->saddr; 493 fl.fl4_tos = eiph->tos; 494 if (ip_route_output_key(&rt, &fl) || 495 rt->u.dst.dev->type != ARPHRD_IPGRE) { 496 ip_rt_put(rt); 497 kfree_skb(skb2); 498 return; 499 } 500 } else { 501 ip_rt_put(rt); 502 if (ip_route_input(skb2, eiph->daddr, eiph->saddr, eiph->tos, skb2->dev) || 503 skb2->dst->dev->type != ARPHRD_IPGRE) { 504 kfree_skb(skb2); 505 return; 506 } 507 } 508 509 /* change mtu on this route */ 510 if (type == ICMP_DEST_UNREACH && code == ICMP_FRAG_NEEDED) { 511 if (n > dst_mtu(skb2->dst)) { 512 kfree_skb(skb2); 513 return; 514 } 515 skb2->dst->ops->update_pmtu(skb2->dst, n); 516 } else if (type == ICMP_TIME_EXCEEDED) { 517 struct ip_tunnel *t = netdev_priv(skb2->dev); 518 if (t->parms.iph.ttl) { 519 rel_type = ICMP_DEST_UNREACH; 520 rel_code = ICMP_HOST_UNREACH; 521 } 522 } 523 524 icmp_send(skb2, rel_type, rel_code, rel_info); 525 kfree_skb(skb2); 526 #endif 527 } 528 529 static inline void ipgre_ecn_decapsulate(struct iphdr *iph, struct sk_buff *skb) 530 { 531 if (INET_ECN_is_ce(iph->tos)) { 532 if (skb->protocol == htons(ETH_P_IP)) { 533 IP_ECN_set_ce(ip_hdr(skb)); 534 } else if (skb->protocol == htons(ETH_P_IPV6)) { 535 IP6_ECN_set_ce(ipv6_hdr(skb)); 536 } 537 } 538 } 539 540 static inline u8 541 ipgre_ecn_encapsulate(u8 tos, struct iphdr *old_iph, struct sk_buff *skb) 542 { 543 u8 inner = 0; 544 if (skb->protocol == htons(ETH_P_IP)) 545 inner = old_iph->tos; 546 else if (skb->protocol == htons(ETH_P_IPV6)) 547 inner = ipv6_get_dsfield((struct ipv6hdr *)old_iph); 548 return INET_ECN_encapsulate(tos, inner); 549 } 550 551 static int ipgre_rcv(struct sk_buff *skb) 552 { 553 struct iphdr *iph; 554 u8 *h; 555 __be16 flags; 556 __sum16 csum = 0; 557 __be32 key = 0; 558 u32 seqno = 0; 559 struct ip_tunnel *tunnel; 560 int offset = 4; 561 562 if (!pskb_may_pull(skb, 16)) 563 goto drop_nolock; 564 565 iph = ip_hdr(skb); 566 h = skb->data; 567 flags = *(__be16*)h; 568 569 if (flags&(GRE_CSUM|GRE_KEY|GRE_ROUTING|GRE_SEQ|GRE_VERSION)) { 570 /* - Version must be 0. 571 - We do not support routing headers. 572 */ 573 if (flags&(GRE_VERSION|GRE_ROUTING)) 574 goto drop_nolock; 575 576 if (flags&GRE_CSUM) { 577 switch (skb->ip_summed) { 578 case CHECKSUM_COMPLETE: 579 csum = csum_fold(skb->csum); 580 if (!csum) 581 break; 582 /* fall through */ 583 case CHECKSUM_NONE: 584 skb->csum = 0; 585 csum = __skb_checksum_complete(skb); 586 skb->ip_summed = CHECKSUM_COMPLETE; 587 } 588 offset += 4; 589 } 590 if (flags&GRE_KEY) { 591 key = *(__be32*)(h + offset); 592 offset += 4; 593 } 594 if (flags&GRE_SEQ) { 595 seqno = ntohl(*(__be32*)(h + offset)); 596 offset += 4; 597 } 598 } 599 600 read_lock(&ipgre_lock); 601 if ((tunnel = ipgre_tunnel_lookup(iph->saddr, iph->daddr, key)) != NULL) { 602 secpath_reset(skb); 603 604 skb->protocol = *(__be16*)(h + 2); 605 /* WCCP version 1 and 2 protocol decoding. 606 * - Change protocol to IP 607 * - When dealing with WCCPv2, Skip extra 4 bytes in GRE header 608 */ 609 if (flags == 0 && 610 skb->protocol == htons(ETH_P_WCCP)) { 611 skb->protocol = htons(ETH_P_IP); 612 if ((*(h + offset) & 0xF0) != 0x40) 613 offset += 4; 614 } 615 616 skb_reset_mac_header(skb); 617 __pskb_pull(skb, offset); 618 skb_reset_network_header(skb); 619 skb_postpull_rcsum(skb, skb_transport_header(skb), offset); 620 skb->pkt_type = PACKET_HOST; 621 #ifdef CONFIG_NET_IPGRE_BROADCAST 622 if (MULTICAST(iph->daddr)) { 623 /* Looped back packet, drop it! */ 624 if (((struct rtable*)skb->dst)->fl.iif == 0) 625 goto drop; 626 tunnel->stat.multicast++; 627 skb->pkt_type = PACKET_BROADCAST; 628 } 629 #endif 630 631 if (((flags&GRE_CSUM) && csum) || 632 (!(flags&GRE_CSUM) && tunnel->parms.i_flags&GRE_CSUM)) { 633 tunnel->stat.rx_crc_errors++; 634 tunnel->stat.rx_errors++; 635 goto drop; 636 } 637 if (tunnel->parms.i_flags&GRE_SEQ) { 638 if (!(flags&GRE_SEQ) || 639 (tunnel->i_seqno && (s32)(seqno - tunnel->i_seqno) < 0)) { 640 tunnel->stat.rx_fifo_errors++; 641 tunnel->stat.rx_errors++; 642 goto drop; 643 } 644 tunnel->i_seqno = seqno + 1; 645 } 646 tunnel->stat.rx_packets++; 647 tunnel->stat.rx_bytes += skb->len; 648 skb->dev = tunnel->dev; 649 dst_release(skb->dst); 650 skb->dst = NULL; 651 nf_reset(skb); 652 ipgre_ecn_decapsulate(iph, skb); 653 netif_rx(skb); 654 read_unlock(&ipgre_lock); 655 return(0); 656 } 657 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_PORT_UNREACH, 0); 658 659 drop: 660 read_unlock(&ipgre_lock); 661 drop_nolock: 662 kfree_skb(skb); 663 return(0); 664 } 665 666 static int ipgre_tunnel_xmit(struct sk_buff *skb, struct net_device *dev) 667 { 668 struct ip_tunnel *tunnel = netdev_priv(dev); 669 struct net_device_stats *stats = &tunnel->stat; 670 struct iphdr *old_iph = ip_hdr(skb); 671 struct iphdr *tiph; 672 u8 tos; 673 __be16 df; 674 struct rtable *rt; /* Route to the other host */ 675 struct net_device *tdev; /* Device to other host */ 676 struct iphdr *iph; /* Our new IP header */ 677 int max_headroom; /* The extra header space needed */ 678 int gre_hlen; 679 __be32 dst; 680 int mtu; 681 682 if (tunnel->recursion++) { 683 tunnel->stat.collisions++; 684 goto tx_error; 685 } 686 687 if (dev->hard_header) { 688 gre_hlen = 0; 689 tiph = (struct iphdr*)skb->data; 690 } else { 691 gre_hlen = tunnel->hlen; 692 tiph = &tunnel->parms.iph; 693 } 694 695 if ((dst = tiph->daddr) == 0) { 696 /* NBMA tunnel */ 697 698 if (skb->dst == NULL) { 699 tunnel->stat.tx_fifo_errors++; 700 goto tx_error; 701 } 702 703 if (skb->protocol == htons(ETH_P_IP)) { 704 rt = (struct rtable*)skb->dst; 705 if ((dst = rt->rt_gateway) == 0) 706 goto tx_error_icmp; 707 } 708 #ifdef CONFIG_IPV6 709 else if (skb->protocol == htons(ETH_P_IPV6)) { 710 struct in6_addr *addr6; 711 int addr_type; 712 struct neighbour *neigh = skb->dst->neighbour; 713 714 if (neigh == NULL) 715 goto tx_error; 716 717 addr6 = (struct in6_addr*)&neigh->primary_key; 718 addr_type = ipv6_addr_type(addr6); 719 720 if (addr_type == IPV6_ADDR_ANY) { 721 addr6 = &ipv6_hdr(skb)->daddr; 722 addr_type = ipv6_addr_type(addr6); 723 } 724 725 if ((addr_type & IPV6_ADDR_COMPATv4) == 0) 726 goto tx_error_icmp; 727 728 dst = addr6->s6_addr32[3]; 729 } 730 #endif 731 else 732 goto tx_error; 733 } 734 735 tos = tiph->tos; 736 if (tos&1) { 737 if (skb->protocol == htons(ETH_P_IP)) 738 tos = old_iph->tos; 739 tos &= ~1; 740 } 741 742 { 743 struct flowi fl = { .oif = tunnel->parms.link, 744 .nl_u = { .ip4_u = 745 { .daddr = dst, 746 .saddr = tiph->saddr, 747 .tos = RT_TOS(tos) } }, 748 .proto = IPPROTO_GRE }; 749 if (ip_route_output_key(&rt, &fl)) { 750 tunnel->stat.tx_carrier_errors++; 751 goto tx_error; 752 } 753 } 754 tdev = rt->u.dst.dev; 755 756 if (tdev == dev) { 757 ip_rt_put(rt); 758 tunnel->stat.collisions++; 759 goto tx_error; 760 } 761 762 df = tiph->frag_off; 763 if (df) 764 mtu = dst_mtu(&rt->u.dst) - tunnel->hlen; 765 else 766 mtu = skb->dst ? dst_mtu(skb->dst) : dev->mtu; 767 768 if (skb->dst) 769 skb->dst->ops->update_pmtu(skb->dst, mtu); 770 771 if (skb->protocol == htons(ETH_P_IP)) { 772 df |= (old_iph->frag_off&htons(IP_DF)); 773 774 if ((old_iph->frag_off&htons(IP_DF)) && 775 mtu < ntohs(old_iph->tot_len)) { 776 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED, htonl(mtu)); 777 ip_rt_put(rt); 778 goto tx_error; 779 } 780 } 781 #ifdef CONFIG_IPV6 782 else if (skb->protocol == htons(ETH_P_IPV6)) { 783 struct rt6_info *rt6 = (struct rt6_info*)skb->dst; 784 785 if (rt6 && mtu < dst_mtu(skb->dst) && mtu >= IPV6_MIN_MTU) { 786 if ((tunnel->parms.iph.daddr && !MULTICAST(tunnel->parms.iph.daddr)) || 787 rt6->rt6i_dst.plen == 128) { 788 rt6->rt6i_flags |= RTF_MODIFIED; 789 skb->dst->metrics[RTAX_MTU-1] = mtu; 790 } 791 } 792 793 if (mtu >= IPV6_MIN_MTU && mtu < skb->len - tunnel->hlen + gre_hlen) { 794 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu, dev); 795 ip_rt_put(rt); 796 goto tx_error; 797 } 798 } 799 #endif 800 801 if (tunnel->err_count > 0) { 802 if (jiffies - tunnel->err_time < IPTUNNEL_ERR_TIMEO) { 803 tunnel->err_count--; 804 805 dst_link_failure(skb); 806 } else 807 tunnel->err_count = 0; 808 } 809 810 max_headroom = LL_RESERVED_SPACE(tdev) + gre_hlen; 811 812 if (skb_headroom(skb) < max_headroom || skb_shared(skb)|| 813 (skb_cloned(skb) && !skb_clone_writable(skb, 0))) { 814 struct sk_buff *new_skb = skb_realloc_headroom(skb, max_headroom); 815 if (!new_skb) { 816 ip_rt_put(rt); 817 stats->tx_dropped++; 818 dev_kfree_skb(skb); 819 tunnel->recursion--; 820 return 0; 821 } 822 if (skb->sk) 823 skb_set_owner_w(new_skb, skb->sk); 824 dev_kfree_skb(skb); 825 skb = new_skb; 826 old_iph = ip_hdr(skb); 827 } 828 829 skb->transport_header = skb->network_header; 830 skb_push(skb, gre_hlen); 831 skb_reset_network_header(skb); 832 memset(&(IPCB(skb)->opt), 0, sizeof(IPCB(skb)->opt)); 833 IPCB(skb)->flags &= ~(IPSKB_XFRM_TUNNEL_SIZE | IPSKB_XFRM_TRANSFORMED | 834 IPSKB_REROUTED); 835 dst_release(skb->dst); 836 skb->dst = &rt->u.dst; 837 838 /* 839 * Push down and install the IPIP header. 840 */ 841 842 iph = ip_hdr(skb); 843 iph->version = 4; 844 iph->ihl = sizeof(struct iphdr) >> 2; 845 iph->frag_off = df; 846 iph->protocol = IPPROTO_GRE; 847 iph->tos = ipgre_ecn_encapsulate(tos, old_iph, skb); 848 iph->daddr = rt->rt_dst; 849 iph->saddr = rt->rt_src; 850 851 if ((iph->ttl = tiph->ttl) == 0) { 852 if (skb->protocol == htons(ETH_P_IP)) 853 iph->ttl = old_iph->ttl; 854 #ifdef CONFIG_IPV6 855 else if (skb->protocol == htons(ETH_P_IPV6)) 856 iph->ttl = ((struct ipv6hdr*)old_iph)->hop_limit; 857 #endif 858 else 859 iph->ttl = dst_metric(&rt->u.dst, RTAX_HOPLIMIT); 860 } 861 862 ((__be16*)(iph+1))[0] = tunnel->parms.o_flags; 863 ((__be16*)(iph+1))[1] = skb->protocol; 864 865 if (tunnel->parms.o_flags&(GRE_KEY|GRE_CSUM|GRE_SEQ)) { 866 __be32 *ptr = (__be32*)(((u8*)iph) + tunnel->hlen - 4); 867 868 if (tunnel->parms.o_flags&GRE_SEQ) { 869 ++tunnel->o_seqno; 870 *ptr = htonl(tunnel->o_seqno); 871 ptr--; 872 } 873 if (tunnel->parms.o_flags&GRE_KEY) { 874 *ptr = tunnel->parms.o_key; 875 ptr--; 876 } 877 if (tunnel->parms.o_flags&GRE_CSUM) { 878 *ptr = 0; 879 *(__sum16*)ptr = ip_compute_csum((void*)(iph+1), skb->len - sizeof(struct iphdr)); 880 } 881 } 882 883 nf_reset(skb); 884 885 IPTUNNEL_XMIT(); 886 tunnel->recursion--; 887 return 0; 888 889 tx_error_icmp: 890 dst_link_failure(skb); 891 892 tx_error: 893 stats->tx_errors++; 894 dev_kfree_skb(skb); 895 tunnel->recursion--; 896 return 0; 897 } 898 899 static int 900 ipgre_tunnel_ioctl (struct net_device *dev, struct ifreq *ifr, int cmd) 901 { 902 int err = 0; 903 struct ip_tunnel_parm p; 904 struct ip_tunnel *t; 905 906 switch (cmd) { 907 case SIOCGETTUNNEL: 908 t = NULL; 909 if (dev == ipgre_fb_tunnel_dev) { 910 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p))) { 911 err = -EFAULT; 912 break; 913 } 914 t = ipgre_tunnel_locate(&p, 0); 915 } 916 if (t == NULL) 917 t = netdev_priv(dev); 918 memcpy(&p, &t->parms, sizeof(p)); 919 if (copy_to_user(ifr->ifr_ifru.ifru_data, &p, sizeof(p))) 920 err = -EFAULT; 921 break; 922 923 case SIOCADDTUNNEL: 924 case SIOCCHGTUNNEL: 925 err = -EPERM; 926 if (!capable(CAP_NET_ADMIN)) 927 goto done; 928 929 err = -EFAULT; 930 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p))) 931 goto done; 932 933 err = -EINVAL; 934 if (p.iph.version != 4 || p.iph.protocol != IPPROTO_GRE || 935 p.iph.ihl != 5 || (p.iph.frag_off&htons(~IP_DF)) || 936 ((p.i_flags|p.o_flags)&(GRE_VERSION|GRE_ROUTING))) 937 goto done; 938 if (p.iph.ttl) 939 p.iph.frag_off |= htons(IP_DF); 940 941 if (!(p.i_flags&GRE_KEY)) 942 p.i_key = 0; 943 if (!(p.o_flags&GRE_KEY)) 944 p.o_key = 0; 945 946 t = ipgre_tunnel_locate(&p, cmd == SIOCADDTUNNEL); 947 948 if (dev != ipgre_fb_tunnel_dev && cmd == SIOCCHGTUNNEL) { 949 if (t != NULL) { 950 if (t->dev != dev) { 951 err = -EEXIST; 952 break; 953 } 954 } else { 955 unsigned nflags=0; 956 957 t = netdev_priv(dev); 958 959 if (MULTICAST(p.iph.daddr)) 960 nflags = IFF_BROADCAST; 961 else if (p.iph.daddr) 962 nflags = IFF_POINTOPOINT; 963 964 if ((dev->flags^nflags)&(IFF_POINTOPOINT|IFF_BROADCAST)) { 965 err = -EINVAL; 966 break; 967 } 968 ipgre_tunnel_unlink(t); 969 t->parms.iph.saddr = p.iph.saddr; 970 t->parms.iph.daddr = p.iph.daddr; 971 t->parms.i_key = p.i_key; 972 t->parms.o_key = p.o_key; 973 memcpy(dev->dev_addr, &p.iph.saddr, 4); 974 memcpy(dev->broadcast, &p.iph.daddr, 4); 975 ipgre_tunnel_link(t); 976 netdev_state_change(dev); 977 } 978 } 979 980 if (t) { 981 err = 0; 982 if (cmd == SIOCCHGTUNNEL) { 983 t->parms.iph.ttl = p.iph.ttl; 984 t->parms.iph.tos = p.iph.tos; 985 t->parms.iph.frag_off = p.iph.frag_off; 986 } 987 if (copy_to_user(ifr->ifr_ifru.ifru_data, &t->parms, sizeof(p))) 988 err = -EFAULT; 989 } else 990 err = (cmd == SIOCADDTUNNEL ? -ENOBUFS : -ENOENT); 991 break; 992 993 case SIOCDELTUNNEL: 994 err = -EPERM; 995 if (!capable(CAP_NET_ADMIN)) 996 goto done; 997 998 if (dev == ipgre_fb_tunnel_dev) { 999 err = -EFAULT; 1000 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p))) 1001 goto done; 1002 err = -ENOENT; 1003 if ((t = ipgre_tunnel_locate(&p, 0)) == NULL) 1004 goto done; 1005 err = -EPERM; 1006 if (t == netdev_priv(ipgre_fb_tunnel_dev)) 1007 goto done; 1008 dev = t->dev; 1009 } 1010 unregister_netdevice(dev); 1011 err = 0; 1012 break; 1013 1014 default: 1015 err = -EINVAL; 1016 } 1017 1018 done: 1019 return err; 1020 } 1021 1022 static struct net_device_stats *ipgre_tunnel_get_stats(struct net_device *dev) 1023 { 1024 return &(((struct ip_tunnel*)netdev_priv(dev))->stat); 1025 } 1026 1027 static int ipgre_tunnel_change_mtu(struct net_device *dev, int new_mtu) 1028 { 1029 struct ip_tunnel *tunnel = netdev_priv(dev); 1030 if (new_mtu < 68 || new_mtu > 0xFFF8 - tunnel->hlen) 1031 return -EINVAL; 1032 dev->mtu = new_mtu; 1033 return 0; 1034 } 1035 1036 #ifdef CONFIG_NET_IPGRE_BROADCAST 1037 /* Nice toy. Unfortunately, useless in real life :-) 1038 It allows to construct virtual multiprotocol broadcast "LAN" 1039 over the Internet, provided multicast routing is tuned. 1040 1041 1042 I have no idea was this bicycle invented before me, 1043 so that I had to set ARPHRD_IPGRE to a random value. 1044 I have an impression, that Cisco could make something similar, 1045 but this feature is apparently missing in IOS<=11.2(8). 1046 1047 I set up 10.66.66/24 and fec0:6666:6666::0/96 as virtual networks 1048 with broadcast 224.66.66.66. If you have access to mbone, play with me :-) 1049 1050 ping -t 255 224.66.66.66 1051 1052 If nobody answers, mbone does not work. 1053 1054 ip tunnel add Universe mode gre remote 224.66.66.66 local <Your_real_addr> ttl 255 1055 ip addr add 10.66.66.<somewhat>/24 dev Universe 1056 ifconfig Universe up 1057 ifconfig Universe add fe80::<Your_real_addr>/10 1058 ifconfig Universe add fec0:6666:6666::<Your_real_addr>/96 1059 ftp 10.66.66.66 1060 ... 1061 ftp fec0:6666:6666::193.233.7.65 1062 ... 1063 1064 */ 1065 1066 static int ipgre_header(struct sk_buff *skb, struct net_device *dev, unsigned short type, 1067 void *daddr, void *saddr, unsigned len) 1068 { 1069 struct ip_tunnel *t = netdev_priv(dev); 1070 struct iphdr *iph = (struct iphdr *)skb_push(skb, t->hlen); 1071 __be16 *p = (__be16*)(iph+1); 1072 1073 memcpy(iph, &t->parms.iph, sizeof(struct iphdr)); 1074 p[0] = t->parms.o_flags; 1075 p[1] = htons(type); 1076 1077 /* 1078 * Set the source hardware address. 1079 */ 1080 1081 if (saddr) 1082 memcpy(&iph->saddr, saddr, 4); 1083 1084 if (daddr) { 1085 memcpy(&iph->daddr, daddr, 4); 1086 return t->hlen; 1087 } 1088 if (iph->daddr && !MULTICAST(iph->daddr)) 1089 return t->hlen; 1090 1091 return -t->hlen; 1092 } 1093 1094 static int ipgre_open(struct net_device *dev) 1095 { 1096 struct ip_tunnel *t = netdev_priv(dev); 1097 1098 if (MULTICAST(t->parms.iph.daddr)) { 1099 struct flowi fl = { .oif = t->parms.link, 1100 .nl_u = { .ip4_u = 1101 { .daddr = t->parms.iph.daddr, 1102 .saddr = t->parms.iph.saddr, 1103 .tos = RT_TOS(t->parms.iph.tos) } }, 1104 .proto = IPPROTO_GRE }; 1105 struct rtable *rt; 1106 if (ip_route_output_key(&rt, &fl)) 1107 return -EADDRNOTAVAIL; 1108 dev = rt->u.dst.dev; 1109 ip_rt_put(rt); 1110 if (__in_dev_get_rtnl(dev) == NULL) 1111 return -EADDRNOTAVAIL; 1112 t->mlink = dev->ifindex; 1113 ip_mc_inc_group(__in_dev_get_rtnl(dev), t->parms.iph.daddr); 1114 } 1115 return 0; 1116 } 1117 1118 static int ipgre_close(struct net_device *dev) 1119 { 1120 struct ip_tunnel *t = netdev_priv(dev); 1121 if (MULTICAST(t->parms.iph.daddr) && t->mlink) { 1122 struct in_device *in_dev = inetdev_by_index(t->mlink); 1123 if (in_dev) { 1124 ip_mc_dec_group(in_dev, t->parms.iph.daddr); 1125 in_dev_put(in_dev); 1126 } 1127 } 1128 return 0; 1129 } 1130 1131 #endif 1132 1133 static void ipgre_tunnel_setup(struct net_device *dev) 1134 { 1135 SET_MODULE_OWNER(dev); 1136 dev->uninit = ipgre_tunnel_uninit; 1137 dev->destructor = free_netdev; 1138 dev->hard_start_xmit = ipgre_tunnel_xmit; 1139 dev->get_stats = ipgre_tunnel_get_stats; 1140 dev->do_ioctl = ipgre_tunnel_ioctl; 1141 dev->change_mtu = ipgre_tunnel_change_mtu; 1142 1143 dev->type = ARPHRD_IPGRE; 1144 dev->hard_header_len = LL_MAX_HEADER + sizeof(struct iphdr) + 4; 1145 dev->mtu = ETH_DATA_LEN - sizeof(struct iphdr) - 4; 1146 dev->flags = IFF_NOARP; 1147 dev->iflink = 0; 1148 dev->addr_len = 4; 1149 } 1150 1151 static int ipgre_tunnel_init(struct net_device *dev) 1152 { 1153 struct net_device *tdev = NULL; 1154 struct ip_tunnel *tunnel; 1155 struct iphdr *iph; 1156 int hlen = LL_MAX_HEADER; 1157 int mtu = ETH_DATA_LEN; 1158 int addend = sizeof(struct iphdr) + 4; 1159 1160 tunnel = netdev_priv(dev); 1161 iph = &tunnel->parms.iph; 1162 1163 tunnel->dev = dev; 1164 strcpy(tunnel->parms.name, dev->name); 1165 1166 memcpy(dev->dev_addr, &tunnel->parms.iph.saddr, 4); 1167 memcpy(dev->broadcast, &tunnel->parms.iph.daddr, 4); 1168 1169 /* Guess output device to choose reasonable mtu and hard_header_len */ 1170 1171 if (iph->daddr) { 1172 struct flowi fl = { .oif = tunnel->parms.link, 1173 .nl_u = { .ip4_u = 1174 { .daddr = iph->daddr, 1175 .saddr = iph->saddr, 1176 .tos = RT_TOS(iph->tos) } }, 1177 .proto = IPPROTO_GRE }; 1178 struct rtable *rt; 1179 if (!ip_route_output_key(&rt, &fl)) { 1180 tdev = rt->u.dst.dev; 1181 ip_rt_put(rt); 1182 } 1183 1184 dev->flags |= IFF_POINTOPOINT; 1185 1186 #ifdef CONFIG_NET_IPGRE_BROADCAST 1187 if (MULTICAST(iph->daddr)) { 1188 if (!iph->saddr) 1189 return -EINVAL; 1190 dev->flags = IFF_BROADCAST; 1191 dev->hard_header = ipgre_header; 1192 dev->open = ipgre_open; 1193 dev->stop = ipgre_close; 1194 } 1195 #endif 1196 } 1197 1198 if (!tdev && tunnel->parms.link) 1199 tdev = __dev_get_by_index(tunnel->parms.link); 1200 1201 if (tdev) { 1202 hlen = tdev->hard_header_len; 1203 mtu = tdev->mtu; 1204 } 1205 dev->iflink = tunnel->parms.link; 1206 1207 /* Precalculate GRE options length */ 1208 if (tunnel->parms.o_flags&(GRE_CSUM|GRE_KEY|GRE_SEQ)) { 1209 if (tunnel->parms.o_flags&GRE_CSUM) 1210 addend += 4; 1211 if (tunnel->parms.o_flags&GRE_KEY) 1212 addend += 4; 1213 if (tunnel->parms.o_flags&GRE_SEQ) 1214 addend += 4; 1215 } 1216 dev->hard_header_len = hlen + addend; 1217 dev->mtu = mtu - addend; 1218 tunnel->hlen = addend; 1219 return 0; 1220 } 1221 1222 static int __init ipgre_fb_tunnel_init(struct net_device *dev) 1223 { 1224 struct ip_tunnel *tunnel = netdev_priv(dev); 1225 struct iphdr *iph = &tunnel->parms.iph; 1226 1227 tunnel->dev = dev; 1228 strcpy(tunnel->parms.name, dev->name); 1229 1230 iph->version = 4; 1231 iph->protocol = IPPROTO_GRE; 1232 iph->ihl = 5; 1233 tunnel->hlen = sizeof(struct iphdr) + 4; 1234 1235 dev_hold(dev); 1236 tunnels_wc[0] = tunnel; 1237 return 0; 1238 } 1239 1240 1241 static struct net_protocol ipgre_protocol = { 1242 .handler = ipgre_rcv, 1243 .err_handler = ipgre_err, 1244 }; 1245 1246 1247 /* 1248 * And now the modules code and kernel interface. 1249 */ 1250 1251 static int __init ipgre_init(void) 1252 { 1253 int err; 1254 1255 printk(KERN_INFO "GRE over IPv4 tunneling driver\n"); 1256 1257 if (inet_add_protocol(&ipgre_protocol, IPPROTO_GRE) < 0) { 1258 printk(KERN_INFO "ipgre init: can't add protocol\n"); 1259 return -EAGAIN; 1260 } 1261 1262 ipgre_fb_tunnel_dev = alloc_netdev(sizeof(struct ip_tunnel), "gre0", 1263 ipgre_tunnel_setup); 1264 if (!ipgre_fb_tunnel_dev) { 1265 err = -ENOMEM; 1266 goto err1; 1267 } 1268 1269 ipgre_fb_tunnel_dev->init = ipgre_fb_tunnel_init; 1270 1271 if ((err = register_netdev(ipgre_fb_tunnel_dev))) 1272 goto err2; 1273 out: 1274 return err; 1275 err2: 1276 free_netdev(ipgre_fb_tunnel_dev); 1277 err1: 1278 inet_del_protocol(&ipgre_protocol, IPPROTO_GRE); 1279 goto out; 1280 } 1281 1282 static void __exit ipgre_destroy_tunnels(void) 1283 { 1284 int prio; 1285 1286 for (prio = 0; prio < 4; prio++) { 1287 int h; 1288 for (h = 0; h < HASH_SIZE; h++) { 1289 struct ip_tunnel *t; 1290 while ((t = tunnels[prio][h]) != NULL) 1291 unregister_netdevice(t->dev); 1292 } 1293 } 1294 } 1295 1296 static void __exit ipgre_fini(void) 1297 { 1298 if (inet_del_protocol(&ipgre_protocol, IPPROTO_GRE) < 0) 1299 printk(KERN_INFO "ipgre close: can't remove protocol\n"); 1300 1301 rtnl_lock(); 1302 ipgre_destroy_tunnels(); 1303 rtnl_unlock(); 1304 } 1305 1306 module_init(ipgre_init); 1307 module_exit(ipgre_fini); 1308 MODULE_LICENSE("GPL"); 1309