16c8702c6SDavid Lebrun /* 26c8702c6SDavid Lebrun * SR-IPv6 implementation 36c8702c6SDavid Lebrun * 46c8702c6SDavid Lebrun * Author: 56c8702c6SDavid Lebrun * David Lebrun <david.lebrun@uclouvain.be> 66c8702c6SDavid Lebrun * 76c8702c6SDavid Lebrun * 86c8702c6SDavid Lebrun * This program is free software; you can redistribute it and/or 96c8702c6SDavid Lebrun * modify it under the terms of the GNU General Public License 106c8702c6SDavid Lebrun * as published by the Free Software Foundation; either version 116c8702c6SDavid Lebrun * 2 of the License, or (at your option) any later version. 126c8702c6SDavid Lebrun */ 136c8702c6SDavid Lebrun 146c8702c6SDavid Lebrun #include <linux/types.h> 156c8702c6SDavid Lebrun #include <linux/skbuff.h> 166c8702c6SDavid Lebrun #include <linux/net.h> 176c8702c6SDavid Lebrun #include <linux/module.h> 186c8702c6SDavid Lebrun #include <net/ip.h> 196c8702c6SDavid Lebrun #include <net/lwtunnel.h> 206c8702c6SDavid Lebrun #include <net/netevent.h> 216c8702c6SDavid Lebrun #include <net/netns/generic.h> 226c8702c6SDavid Lebrun #include <net/ip6_fib.h> 236c8702c6SDavid Lebrun #include <net/route.h> 246c8702c6SDavid Lebrun #include <net/seg6.h> 256c8702c6SDavid Lebrun #include <linux/seg6.h> 266c8702c6SDavid Lebrun #include <linux/seg6_iptunnel.h> 276c8702c6SDavid Lebrun #include <net/addrconf.h> 286c8702c6SDavid Lebrun #include <net/ip6_route.h> 296c8702c6SDavid Lebrun #include <net/dst_cache.h> 309baee834SDavid Lebrun #ifdef CONFIG_IPV6_SEG6_HMAC 319baee834SDavid Lebrun #include <net/seg6_hmac.h> 329baee834SDavid Lebrun #endif 336c8702c6SDavid Lebrun 346c8702c6SDavid Lebrun struct seg6_lwt { 356c8702c6SDavid Lebrun struct dst_cache cache; 366c8702c6SDavid Lebrun struct seg6_iptunnel_encap tuninfo[0]; 376c8702c6SDavid Lebrun }; 386c8702c6SDavid Lebrun 396c8702c6SDavid Lebrun static inline struct seg6_lwt *seg6_lwt_lwtunnel(struct lwtunnel_state *lwt) 406c8702c6SDavid Lebrun { 416c8702c6SDavid Lebrun return (struct seg6_lwt *)lwt->data; 426c8702c6SDavid Lebrun } 436c8702c6SDavid Lebrun 446c8702c6SDavid Lebrun static inline struct seg6_iptunnel_encap * 456c8702c6SDavid Lebrun seg6_encap_lwtunnel(struct lwtunnel_state *lwt) 466c8702c6SDavid Lebrun { 476c8702c6SDavid Lebrun return seg6_lwt_lwtunnel(lwt)->tuninfo; 486c8702c6SDavid Lebrun } 496c8702c6SDavid Lebrun 506c8702c6SDavid Lebrun static const struct nla_policy seg6_iptunnel_policy[SEG6_IPTUNNEL_MAX + 1] = { 516c8702c6SDavid Lebrun [SEG6_IPTUNNEL_SRH] = { .type = NLA_BINARY }, 526c8702c6SDavid Lebrun }; 536c8702c6SDavid Lebrun 54bb4005baSWei Yongjun static int nla_put_srh(struct sk_buff *skb, int attrtype, 556c8702c6SDavid Lebrun struct seg6_iptunnel_encap *tuninfo) 566c8702c6SDavid Lebrun { 576c8702c6SDavid Lebrun struct seg6_iptunnel_encap *data; 586c8702c6SDavid Lebrun struct nlattr *nla; 596c8702c6SDavid Lebrun int len; 606c8702c6SDavid Lebrun 616c8702c6SDavid Lebrun len = SEG6_IPTUN_ENCAP_SIZE(tuninfo); 626c8702c6SDavid Lebrun 636c8702c6SDavid Lebrun nla = nla_reserve(skb, attrtype, len); 646c8702c6SDavid Lebrun if (!nla) 656c8702c6SDavid Lebrun return -EMSGSIZE; 666c8702c6SDavid Lebrun 676c8702c6SDavid Lebrun data = nla_data(nla); 686c8702c6SDavid Lebrun memcpy(data, tuninfo, len); 696c8702c6SDavid Lebrun 706c8702c6SDavid Lebrun return 0; 716c8702c6SDavid Lebrun } 726c8702c6SDavid Lebrun 736c8702c6SDavid Lebrun static void set_tun_src(struct net *net, struct net_device *dev, 746c8702c6SDavid Lebrun struct in6_addr *daddr, struct in6_addr *saddr) 756c8702c6SDavid Lebrun { 766c8702c6SDavid Lebrun struct seg6_pernet_data *sdata = seg6_pernet(net); 776c8702c6SDavid Lebrun struct in6_addr *tun_src; 786c8702c6SDavid Lebrun 796c8702c6SDavid Lebrun rcu_read_lock(); 806c8702c6SDavid Lebrun 816c8702c6SDavid Lebrun tun_src = rcu_dereference(sdata->tun_src); 826c8702c6SDavid Lebrun 836c8702c6SDavid Lebrun if (!ipv6_addr_any(tun_src)) { 846c8702c6SDavid Lebrun memcpy(saddr, tun_src, sizeof(struct in6_addr)); 856c8702c6SDavid Lebrun } else { 866c8702c6SDavid Lebrun ipv6_dev_get_saddr(net, dev, daddr, IPV6_PREFER_SRC_PUBLIC, 876c8702c6SDavid Lebrun saddr); 886c8702c6SDavid Lebrun } 896c8702c6SDavid Lebrun 906c8702c6SDavid Lebrun rcu_read_unlock(); 916c8702c6SDavid Lebrun } 926c8702c6SDavid Lebrun 936c8702c6SDavid Lebrun /* encapsulate an IPv6 packet within an outer IPv6 header with a given SRH */ 9432d99d0bSDavid Lebrun int seg6_do_srh_encap(struct sk_buff *skb, struct ipv6_sr_hdr *osrh, int proto) 956c8702c6SDavid Lebrun { 966c8702c6SDavid Lebrun struct net *net = dev_net(skb_dst(skb)->dev); 976c8702c6SDavid Lebrun struct ipv6hdr *hdr, *inner_hdr; 986c8702c6SDavid Lebrun struct ipv6_sr_hdr *isrh; 996c8702c6SDavid Lebrun int hdrlen, tot_len, err; 1006c8702c6SDavid Lebrun 1016c8702c6SDavid Lebrun hdrlen = (osrh->hdrlen + 1) << 3; 1026c8702c6SDavid Lebrun tot_len = hdrlen + sizeof(*hdr); 1036c8702c6SDavid Lebrun 10419d5a26fSDavid Lebrun err = skb_cow_head(skb, tot_len); 1056c8702c6SDavid Lebrun if (unlikely(err)) 1066c8702c6SDavid Lebrun return err; 1076c8702c6SDavid Lebrun 1086c8702c6SDavid Lebrun inner_hdr = ipv6_hdr(skb); 1096c8702c6SDavid Lebrun 1106c8702c6SDavid Lebrun skb_push(skb, tot_len); 1116c8702c6SDavid Lebrun skb_reset_network_header(skb); 1126c8702c6SDavid Lebrun skb_mac_header_rebuild(skb); 1136c8702c6SDavid Lebrun hdr = ipv6_hdr(skb); 1146c8702c6SDavid Lebrun 1156c8702c6SDavid Lebrun /* inherit tc, flowlabel and hlim 1166c8702c6SDavid Lebrun * hlim will be decremented in ip6_forward() afterwards and 1176c8702c6SDavid Lebrun * decapsulation will overwrite inner hlim with outer hlim 1186c8702c6SDavid Lebrun */ 11932d99d0bSDavid Lebrun 12032d99d0bSDavid Lebrun if (skb->protocol == htons(ETH_P_IPV6)) { 1216c8702c6SDavid Lebrun ip6_flow_hdr(hdr, ip6_tclass(ip6_flowinfo(inner_hdr)), 1226c8702c6SDavid Lebrun ip6_flowlabel(inner_hdr)); 1236c8702c6SDavid Lebrun hdr->hop_limit = inner_hdr->hop_limit; 12432d99d0bSDavid Lebrun } else { 12532d99d0bSDavid Lebrun ip6_flow_hdr(hdr, 0, 0); 12632d99d0bSDavid Lebrun hdr->hop_limit = ip6_dst_hoplimit(skb_dst(skb)); 12732d99d0bSDavid Lebrun } 12832d99d0bSDavid Lebrun 1296c8702c6SDavid Lebrun hdr->nexthdr = NEXTHDR_ROUTING; 1306c8702c6SDavid Lebrun 1316c8702c6SDavid Lebrun isrh = (void *)hdr + sizeof(*hdr); 1326c8702c6SDavid Lebrun memcpy(isrh, osrh, hdrlen); 1336c8702c6SDavid Lebrun 13432d99d0bSDavid Lebrun isrh->nexthdr = proto; 1356c8702c6SDavid Lebrun 1366c8702c6SDavid Lebrun hdr->daddr = isrh->segments[isrh->first_segment]; 1376c8702c6SDavid Lebrun set_tun_src(net, skb->dev, &hdr->daddr, &hdr->saddr); 1386c8702c6SDavid Lebrun 1399baee834SDavid Lebrun #ifdef CONFIG_IPV6_SEG6_HMAC 1409baee834SDavid Lebrun if (sr_has_hmac(isrh)) { 1419baee834SDavid Lebrun err = seg6_push_hmac(net, &hdr->saddr, isrh); 1429baee834SDavid Lebrun if (unlikely(err)) 1439baee834SDavid Lebrun return err; 1449baee834SDavid Lebrun } 1459baee834SDavid Lebrun #endif 1469baee834SDavid Lebrun 1476c8702c6SDavid Lebrun skb_postpush_rcsum(skb, hdr, tot_len); 1486c8702c6SDavid Lebrun 1496c8702c6SDavid Lebrun return 0; 1506c8702c6SDavid Lebrun } 151b04c80d3SDavid Lebrun EXPORT_SYMBOL_GPL(seg6_do_srh_encap); 1526c8702c6SDavid Lebrun 1536c8702c6SDavid Lebrun /* insert an SRH within an IPv6 packet, just after the IPv6 header */ 154b04c80d3SDavid Lebrun int seg6_do_srh_inline(struct sk_buff *skb, struct ipv6_sr_hdr *osrh) 1556c8702c6SDavid Lebrun { 1566c8702c6SDavid Lebrun struct ipv6hdr *hdr, *oldhdr; 1576c8702c6SDavid Lebrun struct ipv6_sr_hdr *isrh; 1586c8702c6SDavid Lebrun int hdrlen, err; 1596c8702c6SDavid Lebrun 1606c8702c6SDavid Lebrun hdrlen = (osrh->hdrlen + 1) << 3; 1616c8702c6SDavid Lebrun 16219d5a26fSDavid Lebrun err = skb_cow_head(skb, hdrlen); 1636c8702c6SDavid Lebrun if (unlikely(err)) 1646c8702c6SDavid Lebrun return err; 1656c8702c6SDavid Lebrun 1666c8702c6SDavid Lebrun oldhdr = ipv6_hdr(skb); 1676c8702c6SDavid Lebrun 1686c8702c6SDavid Lebrun skb_pull(skb, sizeof(struct ipv6hdr)); 1696c8702c6SDavid Lebrun skb_postpull_rcsum(skb, skb_network_header(skb), 1706c8702c6SDavid Lebrun sizeof(struct ipv6hdr)); 1716c8702c6SDavid Lebrun 1726c8702c6SDavid Lebrun skb_push(skb, sizeof(struct ipv6hdr) + hdrlen); 1736c8702c6SDavid Lebrun skb_reset_network_header(skb); 1746c8702c6SDavid Lebrun skb_mac_header_rebuild(skb); 1756c8702c6SDavid Lebrun 1766c8702c6SDavid Lebrun hdr = ipv6_hdr(skb); 1776c8702c6SDavid Lebrun 1786c8702c6SDavid Lebrun memmove(hdr, oldhdr, sizeof(*hdr)); 1796c8702c6SDavid Lebrun 1806c8702c6SDavid Lebrun isrh = (void *)hdr + sizeof(*hdr); 1816c8702c6SDavid Lebrun memcpy(isrh, osrh, hdrlen); 1826c8702c6SDavid Lebrun 1836c8702c6SDavid Lebrun isrh->nexthdr = hdr->nexthdr; 1846c8702c6SDavid Lebrun hdr->nexthdr = NEXTHDR_ROUTING; 1856c8702c6SDavid Lebrun 1866c8702c6SDavid Lebrun isrh->segments[0] = hdr->daddr; 1876c8702c6SDavid Lebrun hdr->daddr = isrh->segments[isrh->first_segment]; 1886c8702c6SDavid Lebrun 1899baee834SDavid Lebrun #ifdef CONFIG_IPV6_SEG6_HMAC 1909baee834SDavid Lebrun if (sr_has_hmac(isrh)) { 1919baee834SDavid Lebrun struct net *net = dev_net(skb_dst(skb)->dev); 1929baee834SDavid Lebrun 1939baee834SDavid Lebrun err = seg6_push_hmac(net, &hdr->saddr, isrh); 1949baee834SDavid Lebrun if (unlikely(err)) 1959baee834SDavid Lebrun return err; 1969baee834SDavid Lebrun } 1979baee834SDavid Lebrun #endif 1989baee834SDavid Lebrun 1996c8702c6SDavid Lebrun skb_postpush_rcsum(skb, hdr, sizeof(struct ipv6hdr) + hdrlen); 2006c8702c6SDavid Lebrun 2016c8702c6SDavid Lebrun return 0; 2026c8702c6SDavid Lebrun } 203b04c80d3SDavid Lebrun EXPORT_SYMBOL_GPL(seg6_do_srh_inline); 2046c8702c6SDavid Lebrun 2056c8702c6SDavid Lebrun static int seg6_do_srh(struct sk_buff *skb) 2066c8702c6SDavid Lebrun { 2076c8702c6SDavid Lebrun struct dst_entry *dst = skb_dst(skb); 2086c8702c6SDavid Lebrun struct seg6_iptunnel_encap *tinfo; 20932d99d0bSDavid Lebrun int proto, err = 0; 2106c8702c6SDavid Lebrun 2116c8702c6SDavid Lebrun tinfo = seg6_encap_lwtunnel(dst->lwtstate); 2126c8702c6SDavid Lebrun 2136c8702c6SDavid Lebrun if (likely(!skb->encapsulation)) { 2146c8702c6SDavid Lebrun skb_reset_inner_headers(skb); 2156c8702c6SDavid Lebrun skb->encapsulation = 1; 2166c8702c6SDavid Lebrun } 2176c8702c6SDavid Lebrun 2186c8702c6SDavid Lebrun switch (tinfo->mode) { 2196c8702c6SDavid Lebrun case SEG6_IPTUN_MODE_INLINE: 22032d99d0bSDavid Lebrun if (skb->protocol != htons(ETH_P_IPV6)) 22132d99d0bSDavid Lebrun return -EINVAL; 22232d99d0bSDavid Lebrun 2236c8702c6SDavid Lebrun err = seg6_do_srh_inline(skb, tinfo->srh); 22432d99d0bSDavid Lebrun if (err) 22532d99d0bSDavid Lebrun return err; 22632d99d0bSDavid Lebrun 2276c8702c6SDavid Lebrun skb_reset_inner_headers(skb); 2286c8702c6SDavid Lebrun break; 2296c8702c6SDavid Lebrun case SEG6_IPTUN_MODE_ENCAP: 23032d99d0bSDavid Lebrun if (skb->protocol == htons(ETH_P_IPV6)) 23132d99d0bSDavid Lebrun proto = IPPROTO_IPV6; 23232d99d0bSDavid Lebrun else if (skb->protocol == htons(ETH_P_IP)) 23332d99d0bSDavid Lebrun proto = IPPROTO_IPIP; 23432d99d0bSDavid Lebrun else 23532d99d0bSDavid Lebrun return -EINVAL; 2366c8702c6SDavid Lebrun 23732d99d0bSDavid Lebrun err = seg6_do_srh_encap(skb, tinfo->srh, proto); 2386c8702c6SDavid Lebrun if (err) 2396c8702c6SDavid Lebrun return err; 2406c8702c6SDavid Lebrun 24132d99d0bSDavid Lebrun skb->protocol = htons(ETH_P_IPV6); 24232d99d0bSDavid Lebrun break; 24332d99d0bSDavid Lebrun } 24432d99d0bSDavid Lebrun 2456c8702c6SDavid Lebrun ipv6_hdr(skb)->payload_len = htons(skb->len - sizeof(struct ipv6hdr)); 2466c8702c6SDavid Lebrun skb_set_transport_header(skb, sizeof(struct ipv6hdr)); 2476c8702c6SDavid Lebrun 2486c8702c6SDavid Lebrun skb_set_inner_protocol(skb, skb->protocol); 2496c8702c6SDavid Lebrun 2506c8702c6SDavid Lebrun return 0; 2516c8702c6SDavid Lebrun } 2526c8702c6SDavid Lebrun 253bb4005baSWei Yongjun static int seg6_input(struct sk_buff *skb) 2546c8702c6SDavid Lebrun { 255af4a2209SDavid Lebrun struct dst_entry *orig_dst = skb_dst(skb); 256af4a2209SDavid Lebrun struct dst_entry *dst = NULL; 257af4a2209SDavid Lebrun struct seg6_lwt *slwt; 2586c8702c6SDavid Lebrun int err; 2596c8702c6SDavid Lebrun 2606c8702c6SDavid Lebrun err = seg6_do_srh(skb); 2616c8702c6SDavid Lebrun if (unlikely(err)) { 2626c8702c6SDavid Lebrun kfree_skb(skb); 2636c8702c6SDavid Lebrun return err; 2646c8702c6SDavid Lebrun } 2656c8702c6SDavid Lebrun 266af4a2209SDavid Lebrun slwt = seg6_lwt_lwtunnel(orig_dst->lwtstate); 267af4a2209SDavid Lebrun 268af4a2209SDavid Lebrun preempt_disable(); 269af4a2209SDavid Lebrun dst = dst_cache_get(&slwt->cache); 270af4a2209SDavid Lebrun preempt_enable(); 271af4a2209SDavid Lebrun 2726c8702c6SDavid Lebrun skb_dst_drop(skb); 273af4a2209SDavid Lebrun 274af4a2209SDavid Lebrun if (!dst) { 2756c8702c6SDavid Lebrun ip6_route_input(skb); 276af4a2209SDavid Lebrun dst = skb_dst(skb); 277af4a2209SDavid Lebrun if (!dst->error) { 278af4a2209SDavid Lebrun preempt_disable(); 279af4a2209SDavid Lebrun dst_cache_set_ip6(&slwt->cache, dst, 280af4a2209SDavid Lebrun &ipv6_hdr(skb)->saddr); 281af4a2209SDavid Lebrun preempt_enable(); 282af4a2209SDavid Lebrun } 283af4a2209SDavid Lebrun } else { 284af4a2209SDavid Lebrun skb_dst_set(skb, dst); 285af4a2209SDavid Lebrun } 2866c8702c6SDavid Lebrun 287af3b5158SDavid Lebrun err = skb_cow_head(skb, LL_RESERVED_SPACE(dst->dev)); 288af3b5158SDavid Lebrun if (unlikely(err)) 289af3b5158SDavid Lebrun return err; 290af3b5158SDavid Lebrun 2916c8702c6SDavid Lebrun return dst_input(skb); 2926c8702c6SDavid Lebrun } 2936c8702c6SDavid Lebrun 294bb4005baSWei Yongjun static int seg6_output(struct net *net, struct sock *sk, struct sk_buff *skb) 2956c8702c6SDavid Lebrun { 2966c8702c6SDavid Lebrun struct dst_entry *orig_dst = skb_dst(skb); 2976c8702c6SDavid Lebrun struct dst_entry *dst = NULL; 2986c8702c6SDavid Lebrun struct seg6_lwt *slwt; 2996c8702c6SDavid Lebrun int err = -EINVAL; 3006c8702c6SDavid Lebrun 3016c8702c6SDavid Lebrun err = seg6_do_srh(skb); 3026c8702c6SDavid Lebrun if (unlikely(err)) 3036c8702c6SDavid Lebrun goto drop; 3046c8702c6SDavid Lebrun 3056c8702c6SDavid Lebrun slwt = seg6_lwt_lwtunnel(orig_dst->lwtstate); 3066c8702c6SDavid Lebrun 307fa79581eSDavid Lebrun preempt_disable(); 3086c8702c6SDavid Lebrun dst = dst_cache_get(&slwt->cache); 309fa79581eSDavid Lebrun preempt_enable(); 3106c8702c6SDavid Lebrun 3116c8702c6SDavid Lebrun if (unlikely(!dst)) { 3126c8702c6SDavid Lebrun struct ipv6hdr *hdr = ipv6_hdr(skb); 3136c8702c6SDavid Lebrun struct flowi6 fl6; 3146c8702c6SDavid Lebrun 3156c8702c6SDavid Lebrun fl6.daddr = hdr->daddr; 3166c8702c6SDavid Lebrun fl6.saddr = hdr->saddr; 3176c8702c6SDavid Lebrun fl6.flowlabel = ip6_flowinfo(hdr); 3186c8702c6SDavid Lebrun fl6.flowi6_mark = skb->mark; 3196c8702c6SDavid Lebrun fl6.flowi6_proto = hdr->nexthdr; 3206c8702c6SDavid Lebrun 3216c8702c6SDavid Lebrun dst = ip6_route_output(net, NULL, &fl6); 3226c8702c6SDavid Lebrun if (dst->error) { 3236c8702c6SDavid Lebrun err = dst->error; 3246c8702c6SDavid Lebrun dst_release(dst); 3256c8702c6SDavid Lebrun goto drop; 3266c8702c6SDavid Lebrun } 3276c8702c6SDavid Lebrun 328fa79581eSDavid Lebrun preempt_disable(); 3296c8702c6SDavid Lebrun dst_cache_set_ip6(&slwt->cache, dst, &fl6.saddr); 330fa79581eSDavid Lebrun preempt_enable(); 3316c8702c6SDavid Lebrun } 3326c8702c6SDavid Lebrun 3336c8702c6SDavid Lebrun skb_dst_drop(skb); 3346c8702c6SDavid Lebrun skb_dst_set(skb, dst); 3356c8702c6SDavid Lebrun 336af3b5158SDavid Lebrun err = skb_cow_head(skb, LL_RESERVED_SPACE(dst->dev)); 337af3b5158SDavid Lebrun if (unlikely(err)) 338af3b5158SDavid Lebrun goto drop; 339af3b5158SDavid Lebrun 3406c8702c6SDavid Lebrun return dst_output(net, sk, skb); 3416c8702c6SDavid Lebrun drop: 3426c8702c6SDavid Lebrun kfree_skb(skb); 3436c8702c6SDavid Lebrun return err; 3446c8702c6SDavid Lebrun } 3456c8702c6SDavid Lebrun 34630357d7dSDavid Ahern static int seg6_build_state(struct nlattr *nla, 3476c8702c6SDavid Lebrun unsigned int family, const void *cfg, 3489ae28727SDavid Ahern struct lwtunnel_state **ts, 3499ae28727SDavid Ahern struct netlink_ext_ack *extack) 3506c8702c6SDavid Lebrun { 3516c8702c6SDavid Lebrun struct nlattr *tb[SEG6_IPTUNNEL_MAX + 1]; 3526c8702c6SDavid Lebrun struct seg6_iptunnel_encap *tuninfo; 3536c8702c6SDavid Lebrun struct lwtunnel_state *newts; 3546c8702c6SDavid Lebrun int tuninfo_len, min_size; 3556c8702c6SDavid Lebrun struct seg6_lwt *slwt; 3566c8702c6SDavid Lebrun int err; 3576c8702c6SDavid Lebrun 35832d99d0bSDavid Lebrun if (family != AF_INET && family != AF_INET6) 35932d99d0bSDavid Lebrun return -EINVAL; 36032d99d0bSDavid Lebrun 3616c8702c6SDavid Lebrun err = nla_parse_nested(tb, SEG6_IPTUNNEL_MAX, nla, 3629ae28727SDavid Ahern seg6_iptunnel_policy, extack); 3636c8702c6SDavid Lebrun 3646c8702c6SDavid Lebrun if (err < 0) 3656c8702c6SDavid Lebrun return err; 3666c8702c6SDavid Lebrun 3676c8702c6SDavid Lebrun if (!tb[SEG6_IPTUNNEL_SRH]) 3686c8702c6SDavid Lebrun return -EINVAL; 3696c8702c6SDavid Lebrun 3706c8702c6SDavid Lebrun tuninfo = nla_data(tb[SEG6_IPTUNNEL_SRH]); 3716c8702c6SDavid Lebrun tuninfo_len = nla_len(tb[SEG6_IPTUNNEL_SRH]); 3726c8702c6SDavid Lebrun 3736c8702c6SDavid Lebrun /* tuninfo must contain at least the iptunnel encap structure, 3746c8702c6SDavid Lebrun * the SRH and one segment 3756c8702c6SDavid Lebrun */ 3766c8702c6SDavid Lebrun min_size = sizeof(*tuninfo) + sizeof(struct ipv6_sr_hdr) + 3776c8702c6SDavid Lebrun sizeof(struct in6_addr); 3786c8702c6SDavid Lebrun if (tuninfo_len < min_size) 3796c8702c6SDavid Lebrun return -EINVAL; 3806c8702c6SDavid Lebrun 3816c8702c6SDavid Lebrun switch (tuninfo->mode) { 3826c8702c6SDavid Lebrun case SEG6_IPTUN_MODE_INLINE: 38332d99d0bSDavid Lebrun if (family != AF_INET6) 38432d99d0bSDavid Lebrun return -EINVAL; 38532d99d0bSDavid Lebrun 3866c8702c6SDavid Lebrun break; 3876c8702c6SDavid Lebrun case SEG6_IPTUN_MODE_ENCAP: 3886c8702c6SDavid Lebrun break; 3896c8702c6SDavid Lebrun default: 3906c8702c6SDavid Lebrun return -EINVAL; 3916c8702c6SDavid Lebrun } 3926c8702c6SDavid Lebrun 3936c8702c6SDavid Lebrun /* verify that SRH is consistent */ 3946c8702c6SDavid Lebrun if (!seg6_validate_srh(tuninfo->srh, tuninfo_len - sizeof(*tuninfo))) 3956c8702c6SDavid Lebrun return -EINVAL; 3966c8702c6SDavid Lebrun 3976c8702c6SDavid Lebrun newts = lwtunnel_state_alloc(tuninfo_len + sizeof(*slwt)); 3986c8702c6SDavid Lebrun if (!newts) 3996c8702c6SDavid Lebrun return -ENOMEM; 4006c8702c6SDavid Lebrun 4016c8702c6SDavid Lebrun slwt = seg6_lwt_lwtunnel(newts); 4026c8702c6SDavid Lebrun 4036c8702c6SDavid Lebrun err = dst_cache_init(&slwt->cache, GFP_KERNEL); 4046c8702c6SDavid Lebrun if (err) { 4056c8702c6SDavid Lebrun kfree(newts); 4066c8702c6SDavid Lebrun return err; 4076c8702c6SDavid Lebrun } 4086c8702c6SDavid Lebrun 4096c8702c6SDavid Lebrun memcpy(&slwt->tuninfo, tuninfo, tuninfo_len); 4106c8702c6SDavid Lebrun 4116c8702c6SDavid Lebrun newts->type = LWTUNNEL_ENCAP_SEG6; 4126c8702c6SDavid Lebrun newts->flags |= LWTUNNEL_STATE_OUTPUT_REDIRECT | 4136c8702c6SDavid Lebrun LWTUNNEL_STATE_INPUT_REDIRECT; 4146c8702c6SDavid Lebrun newts->headroom = seg6_lwt_headroom(tuninfo); 4156c8702c6SDavid Lebrun 4166c8702c6SDavid Lebrun *ts = newts; 4176c8702c6SDavid Lebrun 4186c8702c6SDavid Lebrun return 0; 4196c8702c6SDavid Lebrun } 4206c8702c6SDavid Lebrun 4216c8702c6SDavid Lebrun static void seg6_destroy_state(struct lwtunnel_state *lwt) 4226c8702c6SDavid Lebrun { 4236c8702c6SDavid Lebrun dst_cache_destroy(&seg6_lwt_lwtunnel(lwt)->cache); 4246c8702c6SDavid Lebrun } 4256c8702c6SDavid Lebrun 4266c8702c6SDavid Lebrun static int seg6_fill_encap_info(struct sk_buff *skb, 4276c8702c6SDavid Lebrun struct lwtunnel_state *lwtstate) 4286c8702c6SDavid Lebrun { 4296c8702c6SDavid Lebrun struct seg6_iptunnel_encap *tuninfo = seg6_encap_lwtunnel(lwtstate); 4306c8702c6SDavid Lebrun 4316c8702c6SDavid Lebrun if (nla_put_srh(skb, SEG6_IPTUNNEL_SRH, tuninfo)) 4326c8702c6SDavid Lebrun return -EMSGSIZE; 4336c8702c6SDavid Lebrun 4346c8702c6SDavid Lebrun return 0; 4356c8702c6SDavid Lebrun } 4366c8702c6SDavid Lebrun 4376c8702c6SDavid Lebrun static int seg6_encap_nlsize(struct lwtunnel_state *lwtstate) 4386c8702c6SDavid Lebrun { 4396c8702c6SDavid Lebrun struct seg6_iptunnel_encap *tuninfo = seg6_encap_lwtunnel(lwtstate); 4406c8702c6SDavid Lebrun 4416c8702c6SDavid Lebrun return nla_total_size(SEG6_IPTUN_ENCAP_SIZE(tuninfo)); 4426c8702c6SDavid Lebrun } 4436c8702c6SDavid Lebrun 4446c8702c6SDavid Lebrun static int seg6_encap_cmp(struct lwtunnel_state *a, struct lwtunnel_state *b) 4456c8702c6SDavid Lebrun { 4466c8702c6SDavid Lebrun struct seg6_iptunnel_encap *a_hdr = seg6_encap_lwtunnel(a); 4476c8702c6SDavid Lebrun struct seg6_iptunnel_encap *b_hdr = seg6_encap_lwtunnel(b); 4486c8702c6SDavid Lebrun int len = SEG6_IPTUN_ENCAP_SIZE(a_hdr); 4496c8702c6SDavid Lebrun 4506c8702c6SDavid Lebrun if (len != SEG6_IPTUN_ENCAP_SIZE(b_hdr)) 4516c8702c6SDavid Lebrun return 1; 4526c8702c6SDavid Lebrun 4536c8702c6SDavid Lebrun return memcmp(a_hdr, b_hdr, len); 4546c8702c6SDavid Lebrun } 4556c8702c6SDavid Lebrun 4566c8702c6SDavid Lebrun static const struct lwtunnel_encap_ops seg6_iptun_ops = { 4576c8702c6SDavid Lebrun .build_state = seg6_build_state, 4586c8702c6SDavid Lebrun .destroy_state = seg6_destroy_state, 4596c8702c6SDavid Lebrun .output = seg6_output, 4606c8702c6SDavid Lebrun .input = seg6_input, 4616c8702c6SDavid Lebrun .fill_encap = seg6_fill_encap_info, 4626c8702c6SDavid Lebrun .get_encap_size = seg6_encap_nlsize, 4636c8702c6SDavid Lebrun .cmp_encap = seg6_encap_cmp, 46488ff7334SRobert Shearman .owner = THIS_MODULE, 4656c8702c6SDavid Lebrun }; 4666c8702c6SDavid Lebrun 4676c8702c6SDavid Lebrun int __init seg6_iptunnel_init(void) 4686c8702c6SDavid Lebrun { 4696c8702c6SDavid Lebrun return lwtunnel_encap_add_ops(&seg6_iptun_ops, LWTUNNEL_ENCAP_SEG6); 4706c8702c6SDavid Lebrun } 4716c8702c6SDavid Lebrun 4726c8702c6SDavid Lebrun void seg6_iptunnel_exit(void) 4736c8702c6SDavid Lebrun { 4746c8702c6SDavid Lebrun lwtunnel_encap_del_ops(&seg6_iptun_ops, LWTUNNEL_ENCAP_SEG6); 4756c8702c6SDavid Lebrun } 476