12874c5fdSThomas Gleixner // SPDX-License-Identifier: GPL-2.0-or-later
26c8702c6SDavid Lebrun /*
36c8702c6SDavid Lebrun * SR-IPv6 implementation
46c8702c6SDavid Lebrun *
56c8702c6SDavid Lebrun * Author:
66c8702c6SDavid Lebrun * David Lebrun <david.lebrun@uclouvain.be>
76c8702c6SDavid Lebrun */
86c8702c6SDavid Lebrun
96c8702c6SDavid Lebrun #include <linux/types.h>
106c8702c6SDavid Lebrun #include <linux/skbuff.h>
116c8702c6SDavid Lebrun #include <linux/net.h>
126c8702c6SDavid Lebrun #include <linux/module.h>
136c8702c6SDavid Lebrun #include <net/ip.h>
145807b22cSDavid Lebrun #include <net/ip_tunnels.h>
156c8702c6SDavid Lebrun #include <net/lwtunnel.h>
166c8702c6SDavid Lebrun #include <net/netevent.h>
176c8702c6SDavid Lebrun #include <net/netns/generic.h>
186c8702c6SDavid Lebrun #include <net/ip6_fib.h>
196c8702c6SDavid Lebrun #include <net/route.h>
206c8702c6SDavid Lebrun #include <net/seg6.h>
216c8702c6SDavid Lebrun #include <linux/seg6.h>
226c8702c6SDavid Lebrun #include <linux/seg6_iptunnel.h>
236c8702c6SDavid Lebrun #include <net/addrconf.h>
246c8702c6SDavid Lebrun #include <net/ip6_route.h>
256c8702c6SDavid Lebrun #include <net/dst_cache.h>
269baee834SDavid Lebrun #ifdef CONFIG_IPV6_SEG6_HMAC
279baee834SDavid Lebrun #include <net/seg6_hmac.h>
289baee834SDavid Lebrun #endif
297a3f5b0dSRyoga Saito #include <linux/netfilter.h>
306c8702c6SDavid Lebrun
seg6_lwt_headroom(struct seg6_iptunnel_encap * tuninfo)3188fab21cSIoana-Ruxandra Stăncioi static size_t seg6_lwt_headroom(struct seg6_iptunnel_encap *tuninfo)
3288fab21cSIoana-Ruxandra Stăncioi {
3388fab21cSIoana-Ruxandra Stăncioi int head = 0;
3488fab21cSIoana-Ruxandra Stăncioi
3588fab21cSIoana-Ruxandra Stăncioi switch (tuninfo->mode) {
3688fab21cSIoana-Ruxandra Stăncioi case SEG6_IPTUN_MODE_INLINE:
3788fab21cSIoana-Ruxandra Stăncioi break;
3888fab21cSIoana-Ruxandra Stăncioi case SEG6_IPTUN_MODE_ENCAP:
39b07c8cdbSAndrea Mayer case SEG6_IPTUN_MODE_ENCAP_RED:
4088fab21cSIoana-Ruxandra Stăncioi head = sizeof(struct ipv6hdr);
4188fab21cSIoana-Ruxandra Stăncioi break;
4288fab21cSIoana-Ruxandra Stăncioi case SEG6_IPTUN_MODE_L2ENCAP:
4313f0296bSAndrea Mayer case SEG6_IPTUN_MODE_L2ENCAP_RED:
4488fab21cSIoana-Ruxandra Stăncioi return 0;
4588fab21cSIoana-Ruxandra Stăncioi }
4688fab21cSIoana-Ruxandra Stăncioi
4788fab21cSIoana-Ruxandra Stăncioi return ((tuninfo->srh->hdrlen + 1) << 3) + head;
4888fab21cSIoana-Ruxandra Stăncioi }
4988fab21cSIoana-Ruxandra Stăncioi
506c8702c6SDavid Lebrun struct seg6_lwt {
516c8702c6SDavid Lebrun struct dst_cache cache;
52b0c9a2d9SGustavo A. R. Silva struct seg6_iptunnel_encap tuninfo[];
536c8702c6SDavid Lebrun };
546c8702c6SDavid Lebrun
seg6_lwt_lwtunnel(struct lwtunnel_state * lwt)556c8702c6SDavid Lebrun static inline struct seg6_lwt *seg6_lwt_lwtunnel(struct lwtunnel_state *lwt)
566c8702c6SDavid Lebrun {
576c8702c6SDavid Lebrun return (struct seg6_lwt *)lwt->data;
586c8702c6SDavid Lebrun }
596c8702c6SDavid Lebrun
606c8702c6SDavid Lebrun static inline struct seg6_iptunnel_encap *
seg6_encap_lwtunnel(struct lwtunnel_state * lwt)616c8702c6SDavid Lebrun seg6_encap_lwtunnel(struct lwtunnel_state *lwt)
626c8702c6SDavid Lebrun {
636c8702c6SDavid Lebrun return seg6_lwt_lwtunnel(lwt)->tuninfo;
646c8702c6SDavid Lebrun }
656c8702c6SDavid Lebrun
666c8702c6SDavid Lebrun static const struct nla_policy seg6_iptunnel_policy[SEG6_IPTUNNEL_MAX + 1] = {
676c8702c6SDavid Lebrun [SEG6_IPTUNNEL_SRH] = { .type = NLA_BINARY },
686c8702c6SDavid Lebrun };
696c8702c6SDavid Lebrun
nla_put_srh(struct sk_buff * skb,int attrtype,struct seg6_iptunnel_encap * tuninfo)70bb4005baSWei Yongjun static int nla_put_srh(struct sk_buff *skb, int attrtype,
716c8702c6SDavid Lebrun struct seg6_iptunnel_encap *tuninfo)
726c8702c6SDavid Lebrun {
736c8702c6SDavid Lebrun struct seg6_iptunnel_encap *data;
746c8702c6SDavid Lebrun struct nlattr *nla;
756c8702c6SDavid Lebrun int len;
766c8702c6SDavid Lebrun
776c8702c6SDavid Lebrun len = SEG6_IPTUN_ENCAP_SIZE(tuninfo);
786c8702c6SDavid Lebrun
796c8702c6SDavid Lebrun nla = nla_reserve(skb, attrtype, len);
806c8702c6SDavid Lebrun if (!nla)
816c8702c6SDavid Lebrun return -EMSGSIZE;
826c8702c6SDavid Lebrun
836c8702c6SDavid Lebrun data = nla_data(nla);
846c8702c6SDavid Lebrun memcpy(data, tuninfo, len);
856c8702c6SDavid Lebrun
866c8702c6SDavid Lebrun return 0;
876c8702c6SDavid Lebrun }
886c8702c6SDavid Lebrun
set_tun_src(struct net * net,struct net_device * dev,struct in6_addr * daddr,struct in6_addr * saddr)896c8702c6SDavid Lebrun static void set_tun_src(struct net *net, struct net_device *dev,
906c8702c6SDavid Lebrun struct in6_addr *daddr, struct in6_addr *saddr)
916c8702c6SDavid Lebrun {
926c8702c6SDavid Lebrun struct seg6_pernet_data *sdata = seg6_pernet(net);
936c8702c6SDavid Lebrun struct in6_addr *tun_src;
946c8702c6SDavid Lebrun
956c8702c6SDavid Lebrun rcu_read_lock();
966c8702c6SDavid Lebrun
976c8702c6SDavid Lebrun tun_src = rcu_dereference(sdata->tun_src);
986c8702c6SDavid Lebrun
996c8702c6SDavid Lebrun if (!ipv6_addr_any(tun_src)) {
1006c8702c6SDavid Lebrun memcpy(saddr, tun_src, sizeof(struct in6_addr));
1016c8702c6SDavid Lebrun } else {
1026c8702c6SDavid Lebrun ipv6_dev_get_saddr(net, dev, daddr, IPV6_PREFER_SRC_PUBLIC,
1036c8702c6SDavid Lebrun saddr);
1046c8702c6SDavid Lebrun }
1056c8702c6SDavid Lebrun
1066c8702c6SDavid Lebrun rcu_read_unlock();
1076c8702c6SDavid Lebrun }
1086c8702c6SDavid Lebrun
109b5facfdbSAhmed Abdelsalam /* Compute flowlabel for outer IPv6 header */
seg6_make_flowlabel(struct net * net,struct sk_buff * skb,struct ipv6hdr * inner_hdr)110b5facfdbSAhmed Abdelsalam static __be32 seg6_make_flowlabel(struct net *net, struct sk_buff *skb,
111b5facfdbSAhmed Abdelsalam struct ipv6hdr *inner_hdr)
112b5facfdbSAhmed Abdelsalam {
113b5facfdbSAhmed Abdelsalam int do_flowlabel = net->ipv6.sysctl.seg6_flowlabel;
114b5facfdbSAhmed Abdelsalam __be32 flowlabel = 0;
115b5facfdbSAhmed Abdelsalam u32 hash;
116b5facfdbSAhmed Abdelsalam
117b5facfdbSAhmed Abdelsalam if (do_flowlabel > 0) {
118b5facfdbSAhmed Abdelsalam hash = skb_get_hash(skb);
1193ee593adSColin Ian King hash = rol32(hash, 16);
120b5facfdbSAhmed Abdelsalam flowlabel = (__force __be32)hash & IPV6_FLOWLABEL_MASK;
121b5facfdbSAhmed Abdelsalam } else if (!do_flowlabel && skb->protocol == htons(ETH_P_IPV6)) {
122b5facfdbSAhmed Abdelsalam flowlabel = ip6_flowlabel(inner_hdr);
123b5facfdbSAhmed Abdelsalam }
124b5facfdbSAhmed Abdelsalam return flowlabel;
125b5facfdbSAhmed Abdelsalam }
126b5facfdbSAhmed Abdelsalam
1276c8702c6SDavid Lebrun /* encapsulate an IPv6 packet within an outer IPv6 header with a given SRH */
seg6_do_srh_encap(struct sk_buff * skb,struct ipv6_sr_hdr * osrh,int proto)12832d99d0bSDavid Lebrun int seg6_do_srh_encap(struct sk_buff *skb, struct ipv6_sr_hdr *osrh, int proto)
1296c8702c6SDavid Lebrun {
1308936ef76SDavid Lebrun struct dst_entry *dst = skb_dst(skb);
1318936ef76SDavid Lebrun struct net *net = dev_net(dst->dev);
1326c8702c6SDavid Lebrun struct ipv6hdr *hdr, *inner_hdr;
1336c8702c6SDavid Lebrun struct ipv6_sr_hdr *isrh;
1346c8702c6SDavid Lebrun int hdrlen, tot_len, err;
135b5facfdbSAhmed Abdelsalam __be32 flowlabel;
1366c8702c6SDavid Lebrun
1376c8702c6SDavid Lebrun hdrlen = (osrh->hdrlen + 1) << 3;
1386c8702c6SDavid Lebrun tot_len = hdrlen + sizeof(*hdr);
1396c8702c6SDavid Lebrun
140bbb40a0bSMathieu Xhonneux err = skb_cow_head(skb, tot_len + skb->mac_len);
1416c8702c6SDavid Lebrun if (unlikely(err))
1426c8702c6SDavid Lebrun return err;
1436c8702c6SDavid Lebrun
1446c8702c6SDavid Lebrun inner_hdr = ipv6_hdr(skb);
1456df93462SAhmed Abdelsalam flowlabel = seg6_make_flowlabel(net, skb, inner_hdr);
1466c8702c6SDavid Lebrun
1476c8702c6SDavid Lebrun skb_push(skb, tot_len);
1486c8702c6SDavid Lebrun skb_reset_network_header(skb);
1496c8702c6SDavid Lebrun skb_mac_header_rebuild(skb);
1506c8702c6SDavid Lebrun hdr = ipv6_hdr(skb);
1516c8702c6SDavid Lebrun
1526c8702c6SDavid Lebrun /* inherit tc, flowlabel and hlim
1536c8702c6SDavid Lebrun * hlim will be decremented in ip6_forward() afterwards and
1546c8702c6SDavid Lebrun * decapsulation will overwrite inner hlim with outer hlim
1556c8702c6SDavid Lebrun */
15632d99d0bSDavid Lebrun
15732d99d0bSDavid Lebrun if (skb->protocol == htons(ETH_P_IPV6)) {
1586c8702c6SDavid Lebrun ip6_flow_hdr(hdr, ip6_tclass(ip6_flowinfo(inner_hdr)),
159b5facfdbSAhmed Abdelsalam flowlabel);
1606c8702c6SDavid Lebrun hdr->hop_limit = inner_hdr->hop_limit;
16132d99d0bSDavid Lebrun } else {
162b5facfdbSAhmed Abdelsalam ip6_flow_hdr(hdr, 0, flowlabel);
16332d99d0bSDavid Lebrun hdr->hop_limit = ip6_dst_hoplimit(skb_dst(skb));
164ef489749SYohei Kanemaru
165ef489749SYohei Kanemaru memset(IP6CB(skb), 0, sizeof(*IP6CB(skb)));
166ae68d933SAndrea Mayer
167ae68d933SAndrea Mayer /* the control block has been erased, so we have to set the
168ae68d933SAndrea Mayer * iif once again.
169ae68d933SAndrea Mayer * We read the receiving interface index directly from the
170ae68d933SAndrea Mayer * skb->skb_iif as it is done in the IPv4 receiving path (i.e.:
171ae68d933SAndrea Mayer * ip_rcv_core(...)).
172ae68d933SAndrea Mayer */
173ae68d933SAndrea Mayer IP6CB(skb)->iif = skb->skb_iif;
17432d99d0bSDavid Lebrun }
17532d99d0bSDavid Lebrun
1766c8702c6SDavid Lebrun hdr->nexthdr = NEXTHDR_ROUTING;
1776c8702c6SDavid Lebrun
1786c8702c6SDavid Lebrun isrh = (void *)hdr + sizeof(*hdr);
1796c8702c6SDavid Lebrun memcpy(isrh, osrh, hdrlen);
1806c8702c6SDavid Lebrun
18132d99d0bSDavid Lebrun isrh->nexthdr = proto;
1826c8702c6SDavid Lebrun
1836c8702c6SDavid Lebrun hdr->daddr = isrh->segments[isrh->first_segment];
184a957fa19SAhmed Abdelsalam set_tun_src(net, dst->dev, &hdr->daddr, &hdr->saddr);
1856c8702c6SDavid Lebrun
1869baee834SDavid Lebrun #ifdef CONFIG_IPV6_SEG6_HMAC
1879baee834SDavid Lebrun if (sr_has_hmac(isrh)) {
1889baee834SDavid Lebrun err = seg6_push_hmac(net, &hdr->saddr, isrh);
1899baee834SDavid Lebrun if (unlikely(err))
1909baee834SDavid Lebrun return err;
1919baee834SDavid Lebrun }
1929baee834SDavid Lebrun #endif
1939baee834SDavid Lebrun
194df8386d1SAndrea Mayer hdr->payload_len = htons(skb->len - sizeof(struct ipv6hdr));
195df8386d1SAndrea Mayer
1966c8702c6SDavid Lebrun skb_postpush_rcsum(skb, hdr, tot_len);
1976c8702c6SDavid Lebrun
1986c8702c6SDavid Lebrun return 0;
1996c8702c6SDavid Lebrun }
200b04c80d3SDavid Lebrun EXPORT_SYMBOL_GPL(seg6_do_srh_encap);
2016c8702c6SDavid Lebrun
202b07c8cdbSAndrea Mayer /* encapsulate an IPv6 packet within an outer IPv6 header with reduced SRH */
seg6_do_srh_encap_red(struct sk_buff * skb,struct ipv6_sr_hdr * osrh,int proto)203b07c8cdbSAndrea Mayer static int seg6_do_srh_encap_red(struct sk_buff *skb,
204b07c8cdbSAndrea Mayer struct ipv6_sr_hdr *osrh, int proto)
205b07c8cdbSAndrea Mayer {
206b07c8cdbSAndrea Mayer __u8 first_seg = osrh->first_segment;
207b07c8cdbSAndrea Mayer struct dst_entry *dst = skb_dst(skb);
208b07c8cdbSAndrea Mayer struct net *net = dev_net(dst->dev);
209b07c8cdbSAndrea Mayer struct ipv6hdr *hdr, *inner_hdr;
210b07c8cdbSAndrea Mayer int hdrlen = ipv6_optlen(osrh);
211b07c8cdbSAndrea Mayer int red_tlv_offset, tlv_offset;
212b07c8cdbSAndrea Mayer struct ipv6_sr_hdr *isrh;
213b07c8cdbSAndrea Mayer bool skip_srh = false;
214b07c8cdbSAndrea Mayer __be32 flowlabel;
215b07c8cdbSAndrea Mayer int tot_len, err;
216b07c8cdbSAndrea Mayer int red_hdrlen;
217b07c8cdbSAndrea Mayer int tlvs_len;
218b07c8cdbSAndrea Mayer
219b07c8cdbSAndrea Mayer if (first_seg > 0) {
220b07c8cdbSAndrea Mayer red_hdrlen = hdrlen - sizeof(struct in6_addr);
221b07c8cdbSAndrea Mayer } else {
222b07c8cdbSAndrea Mayer /* NOTE: if tag/flags and/or other TLVs are introduced in the
223b07c8cdbSAndrea Mayer * seg6_iptunnel infrastructure, they should be considered when
224b07c8cdbSAndrea Mayer * deciding to skip the SRH.
225b07c8cdbSAndrea Mayer */
226b07c8cdbSAndrea Mayer skip_srh = !sr_has_hmac(osrh);
227b07c8cdbSAndrea Mayer
228b07c8cdbSAndrea Mayer red_hdrlen = skip_srh ? 0 : hdrlen;
229b07c8cdbSAndrea Mayer }
230b07c8cdbSAndrea Mayer
231b07c8cdbSAndrea Mayer tot_len = red_hdrlen + sizeof(struct ipv6hdr);
232b07c8cdbSAndrea Mayer
233b07c8cdbSAndrea Mayer err = skb_cow_head(skb, tot_len + skb->mac_len);
234b07c8cdbSAndrea Mayer if (unlikely(err))
235b07c8cdbSAndrea Mayer return err;
236b07c8cdbSAndrea Mayer
237b07c8cdbSAndrea Mayer inner_hdr = ipv6_hdr(skb);
238b07c8cdbSAndrea Mayer flowlabel = seg6_make_flowlabel(net, skb, inner_hdr);
239b07c8cdbSAndrea Mayer
240b07c8cdbSAndrea Mayer skb_push(skb, tot_len);
241b07c8cdbSAndrea Mayer skb_reset_network_header(skb);
242b07c8cdbSAndrea Mayer skb_mac_header_rebuild(skb);
243b07c8cdbSAndrea Mayer hdr = ipv6_hdr(skb);
244b07c8cdbSAndrea Mayer
245b07c8cdbSAndrea Mayer /* based on seg6_do_srh_encap() */
246b07c8cdbSAndrea Mayer if (skb->protocol == htons(ETH_P_IPV6)) {
247b07c8cdbSAndrea Mayer ip6_flow_hdr(hdr, ip6_tclass(ip6_flowinfo(inner_hdr)),
248b07c8cdbSAndrea Mayer flowlabel);
249b07c8cdbSAndrea Mayer hdr->hop_limit = inner_hdr->hop_limit;
250b07c8cdbSAndrea Mayer } else {
251b07c8cdbSAndrea Mayer ip6_flow_hdr(hdr, 0, flowlabel);
252b07c8cdbSAndrea Mayer hdr->hop_limit = ip6_dst_hoplimit(skb_dst(skb));
253b07c8cdbSAndrea Mayer
254b07c8cdbSAndrea Mayer memset(IP6CB(skb), 0, sizeof(*IP6CB(skb)));
255b07c8cdbSAndrea Mayer IP6CB(skb)->iif = skb->skb_iif;
256b07c8cdbSAndrea Mayer }
257b07c8cdbSAndrea Mayer
258b07c8cdbSAndrea Mayer /* no matter if we have to skip the SRH or not, the first segment
259b07c8cdbSAndrea Mayer * always comes in the pushed IPv6 header.
260b07c8cdbSAndrea Mayer */
261b07c8cdbSAndrea Mayer hdr->daddr = osrh->segments[first_seg];
262b07c8cdbSAndrea Mayer
263b07c8cdbSAndrea Mayer if (skip_srh) {
264b07c8cdbSAndrea Mayer hdr->nexthdr = proto;
265b07c8cdbSAndrea Mayer
266b07c8cdbSAndrea Mayer set_tun_src(net, dst->dev, &hdr->daddr, &hdr->saddr);
267b07c8cdbSAndrea Mayer goto out;
268b07c8cdbSAndrea Mayer }
269b07c8cdbSAndrea Mayer
270b07c8cdbSAndrea Mayer /* we cannot skip the SRH, slow path */
271b07c8cdbSAndrea Mayer
272b07c8cdbSAndrea Mayer hdr->nexthdr = NEXTHDR_ROUTING;
273b07c8cdbSAndrea Mayer isrh = (void *)hdr + sizeof(struct ipv6hdr);
274b07c8cdbSAndrea Mayer
275b07c8cdbSAndrea Mayer if (unlikely(!first_seg)) {
276b07c8cdbSAndrea Mayer /* this is a very rare case; we have only one SID but
277b07c8cdbSAndrea Mayer * we cannot skip the SRH since we are carrying some
278b07c8cdbSAndrea Mayer * other info.
279b07c8cdbSAndrea Mayer */
280b07c8cdbSAndrea Mayer memcpy(isrh, osrh, hdrlen);
281b07c8cdbSAndrea Mayer goto srcaddr;
282b07c8cdbSAndrea Mayer }
283b07c8cdbSAndrea Mayer
284b07c8cdbSAndrea Mayer tlv_offset = sizeof(*osrh) + (first_seg + 1) * sizeof(struct in6_addr);
285b07c8cdbSAndrea Mayer red_tlv_offset = tlv_offset - sizeof(struct in6_addr);
286b07c8cdbSAndrea Mayer
287b07c8cdbSAndrea Mayer memcpy(isrh, osrh, red_tlv_offset);
288b07c8cdbSAndrea Mayer
289b07c8cdbSAndrea Mayer tlvs_len = hdrlen - tlv_offset;
290b07c8cdbSAndrea Mayer if (unlikely(tlvs_len > 0)) {
291b07c8cdbSAndrea Mayer const void *s = (const void *)osrh + tlv_offset;
292b07c8cdbSAndrea Mayer void *d = (void *)isrh + red_tlv_offset;
293b07c8cdbSAndrea Mayer
294b07c8cdbSAndrea Mayer memcpy(d, s, tlvs_len);
295b07c8cdbSAndrea Mayer }
296b07c8cdbSAndrea Mayer
297b07c8cdbSAndrea Mayer --isrh->first_segment;
298b07c8cdbSAndrea Mayer isrh->hdrlen -= 2;
299b07c8cdbSAndrea Mayer
300b07c8cdbSAndrea Mayer srcaddr:
301b07c8cdbSAndrea Mayer isrh->nexthdr = proto;
302b07c8cdbSAndrea Mayer set_tun_src(net, dst->dev, &hdr->daddr, &hdr->saddr);
303b07c8cdbSAndrea Mayer
304b07c8cdbSAndrea Mayer #ifdef CONFIG_IPV6_SEG6_HMAC
305b07c8cdbSAndrea Mayer if (unlikely(!skip_srh && sr_has_hmac(isrh))) {
306b07c8cdbSAndrea Mayer err = seg6_push_hmac(net, &hdr->saddr, isrh);
307b07c8cdbSAndrea Mayer if (unlikely(err))
308b07c8cdbSAndrea Mayer return err;
309b07c8cdbSAndrea Mayer }
310b07c8cdbSAndrea Mayer #endif
311b07c8cdbSAndrea Mayer
312b07c8cdbSAndrea Mayer out:
313b07c8cdbSAndrea Mayer hdr->payload_len = htons(skb->len - sizeof(struct ipv6hdr));
314b07c8cdbSAndrea Mayer
315b07c8cdbSAndrea Mayer skb_postpush_rcsum(skb, hdr, tot_len);
316b07c8cdbSAndrea Mayer
317b07c8cdbSAndrea Mayer return 0;
318b07c8cdbSAndrea Mayer }
319b07c8cdbSAndrea Mayer
3206c8702c6SDavid Lebrun /* insert an SRH within an IPv6 packet, just after the IPv6 header */
seg6_do_srh_inline(struct sk_buff * skb,struct ipv6_sr_hdr * osrh)321b04c80d3SDavid Lebrun int seg6_do_srh_inline(struct sk_buff *skb, struct ipv6_sr_hdr *osrh)
3226c8702c6SDavid Lebrun {
3236c8702c6SDavid Lebrun struct ipv6hdr *hdr, *oldhdr;
3246c8702c6SDavid Lebrun struct ipv6_sr_hdr *isrh;
3256c8702c6SDavid Lebrun int hdrlen, err;
3266c8702c6SDavid Lebrun
3276c8702c6SDavid Lebrun hdrlen = (osrh->hdrlen + 1) << 3;
3286c8702c6SDavid Lebrun
329bbb40a0bSMathieu Xhonneux err = skb_cow_head(skb, hdrlen + skb->mac_len);
3306c8702c6SDavid Lebrun if (unlikely(err))
3316c8702c6SDavid Lebrun return err;
3326c8702c6SDavid Lebrun
3336c8702c6SDavid Lebrun oldhdr = ipv6_hdr(skb);
3346c8702c6SDavid Lebrun
3356c8702c6SDavid Lebrun skb_pull(skb, sizeof(struct ipv6hdr));
3366c8702c6SDavid Lebrun skb_postpull_rcsum(skb, skb_network_header(skb),
3376c8702c6SDavid Lebrun sizeof(struct ipv6hdr));
3386c8702c6SDavid Lebrun
3396c8702c6SDavid Lebrun skb_push(skb, sizeof(struct ipv6hdr) + hdrlen);
3406c8702c6SDavid Lebrun skb_reset_network_header(skb);
3416c8702c6SDavid Lebrun skb_mac_header_rebuild(skb);
3426c8702c6SDavid Lebrun
3436c8702c6SDavid Lebrun hdr = ipv6_hdr(skb);
3446c8702c6SDavid Lebrun
3456c8702c6SDavid Lebrun memmove(hdr, oldhdr, sizeof(*hdr));
3466c8702c6SDavid Lebrun
3476c8702c6SDavid Lebrun isrh = (void *)hdr + sizeof(*hdr);
3486c8702c6SDavid Lebrun memcpy(isrh, osrh, hdrlen);
3496c8702c6SDavid Lebrun
3506c8702c6SDavid Lebrun isrh->nexthdr = hdr->nexthdr;
3516c8702c6SDavid Lebrun hdr->nexthdr = NEXTHDR_ROUTING;
3526c8702c6SDavid Lebrun
3536c8702c6SDavid Lebrun isrh->segments[0] = hdr->daddr;
3546c8702c6SDavid Lebrun hdr->daddr = isrh->segments[isrh->first_segment];
3556c8702c6SDavid Lebrun
3569baee834SDavid Lebrun #ifdef CONFIG_IPV6_SEG6_HMAC
3579baee834SDavid Lebrun if (sr_has_hmac(isrh)) {
3589baee834SDavid Lebrun struct net *net = dev_net(skb_dst(skb)->dev);
3599baee834SDavid Lebrun
3609baee834SDavid Lebrun err = seg6_push_hmac(net, &hdr->saddr, isrh);
3619baee834SDavid Lebrun if (unlikely(err))
3629baee834SDavid Lebrun return err;
3639baee834SDavid Lebrun }
3649baee834SDavid Lebrun #endif
3659baee834SDavid Lebrun
366df8386d1SAndrea Mayer hdr->payload_len = htons(skb->len - sizeof(struct ipv6hdr));
367df8386d1SAndrea Mayer
3686c8702c6SDavid Lebrun skb_postpush_rcsum(skb, hdr, sizeof(struct ipv6hdr) + hdrlen);
3696c8702c6SDavid Lebrun
3706c8702c6SDavid Lebrun return 0;
3716c8702c6SDavid Lebrun }
372b04c80d3SDavid Lebrun EXPORT_SYMBOL_GPL(seg6_do_srh_inline);
3736c8702c6SDavid Lebrun
seg6_do_srh(struct sk_buff * skb)3746c8702c6SDavid Lebrun static int seg6_do_srh(struct sk_buff *skb)
3756c8702c6SDavid Lebrun {
3766c8702c6SDavid Lebrun struct dst_entry *dst = skb_dst(skb);
3776c8702c6SDavid Lebrun struct seg6_iptunnel_encap *tinfo;
37832d99d0bSDavid Lebrun int proto, err = 0;
3796c8702c6SDavid Lebrun
3806c8702c6SDavid Lebrun tinfo = seg6_encap_lwtunnel(dst->lwtstate);
3816c8702c6SDavid Lebrun
3826c8702c6SDavid Lebrun switch (tinfo->mode) {
3836c8702c6SDavid Lebrun case SEG6_IPTUN_MODE_INLINE:
38432d99d0bSDavid Lebrun if (skb->protocol != htons(ETH_P_IPV6))
38532d99d0bSDavid Lebrun return -EINVAL;
38632d99d0bSDavid Lebrun
3876c8702c6SDavid Lebrun err = seg6_do_srh_inline(skb, tinfo->srh);
38832d99d0bSDavid Lebrun if (err)
38932d99d0bSDavid Lebrun return err;
3906c8702c6SDavid Lebrun break;
3916c8702c6SDavid Lebrun case SEG6_IPTUN_MODE_ENCAP:
392b07c8cdbSAndrea Mayer case SEG6_IPTUN_MODE_ENCAP_RED:
3935807b22cSDavid Lebrun err = iptunnel_handle_offloads(skb, SKB_GSO_IPXIP6);
3945807b22cSDavid Lebrun if (err)
3955807b22cSDavid Lebrun return err;
3965807b22cSDavid Lebrun
39732d99d0bSDavid Lebrun if (skb->protocol == htons(ETH_P_IPV6))
39832d99d0bSDavid Lebrun proto = IPPROTO_IPV6;
39932d99d0bSDavid Lebrun else if (skb->protocol == htons(ETH_P_IP))
40032d99d0bSDavid Lebrun proto = IPPROTO_IPIP;
40132d99d0bSDavid Lebrun else
40232d99d0bSDavid Lebrun return -EINVAL;
4036c8702c6SDavid Lebrun
404b07c8cdbSAndrea Mayer if (tinfo->mode == SEG6_IPTUN_MODE_ENCAP)
40532d99d0bSDavid Lebrun err = seg6_do_srh_encap(skb, tinfo->srh, proto);
406b07c8cdbSAndrea Mayer else
407b07c8cdbSAndrea Mayer err = seg6_do_srh_encap_red(skb, tinfo->srh, proto);
408b07c8cdbSAndrea Mayer
4096c8702c6SDavid Lebrun if (err)
4106c8702c6SDavid Lebrun return err;
4116c8702c6SDavid Lebrun
4125807b22cSDavid Lebrun skb_set_inner_transport_header(skb, skb_transport_offset(skb));
4135807b22cSDavid Lebrun skb_set_inner_protocol(skb, skb->protocol);
41432d99d0bSDavid Lebrun skb->protocol = htons(ETH_P_IPV6);
41532d99d0bSDavid Lebrun break;
41638ee7f2dSDavid Lebrun case SEG6_IPTUN_MODE_L2ENCAP:
41713f0296bSAndrea Mayer case SEG6_IPTUN_MODE_L2ENCAP_RED:
41838ee7f2dSDavid Lebrun if (!skb_mac_header_was_set(skb))
41938ee7f2dSDavid Lebrun return -EINVAL;
42038ee7f2dSDavid Lebrun
42138ee7f2dSDavid Lebrun if (pskb_expand_head(skb, skb->mac_len, 0, GFP_ATOMIC) < 0)
42238ee7f2dSDavid Lebrun return -ENOMEM;
42338ee7f2dSDavid Lebrun
42438ee7f2dSDavid Lebrun skb_mac_header_rebuild(skb);
42538ee7f2dSDavid Lebrun skb_push(skb, skb->mac_len);
42638ee7f2dSDavid Lebrun
42713f0296bSAndrea Mayer if (tinfo->mode == SEG6_IPTUN_MODE_L2ENCAP)
42813f0296bSAndrea Mayer err = seg6_do_srh_encap(skb, tinfo->srh,
42913f0296bSAndrea Mayer IPPROTO_ETHERNET);
43013f0296bSAndrea Mayer else
43113f0296bSAndrea Mayer err = seg6_do_srh_encap_red(skb, tinfo->srh,
43213f0296bSAndrea Mayer IPPROTO_ETHERNET);
43313f0296bSAndrea Mayer
43438ee7f2dSDavid Lebrun if (err)
43538ee7f2dSDavid Lebrun return err;
43638ee7f2dSDavid Lebrun
43738ee7f2dSDavid Lebrun skb->protocol = htons(ETH_P_IPV6);
43838ee7f2dSDavid Lebrun break;
43932d99d0bSDavid Lebrun }
44032d99d0bSDavid Lebrun
4416c8702c6SDavid Lebrun skb_set_transport_header(skb, sizeof(struct ipv6hdr));
4427a3f5b0dSRyoga Saito nf_reset_ct(skb);
4436c8702c6SDavid Lebrun
4446c8702c6SDavid Lebrun return 0;
4456c8702c6SDavid Lebrun }
4466c8702c6SDavid Lebrun
seg6_input_finish(struct net * net,struct sock * sk,struct sk_buff * skb)4477a3f5b0dSRyoga Saito static int seg6_input_finish(struct net *net, struct sock *sk,
4487a3f5b0dSRyoga Saito struct sk_buff *skb)
4497a3f5b0dSRyoga Saito {
4507a3f5b0dSRyoga Saito return dst_input(skb);
4517a3f5b0dSRyoga Saito }
4527a3f5b0dSRyoga Saito
seg6_input_core(struct net * net,struct sock * sk,struct sk_buff * skb)4537a3f5b0dSRyoga Saito static int seg6_input_core(struct net *net, struct sock *sk,
4547a3f5b0dSRyoga Saito struct sk_buff *skb)
4556c8702c6SDavid Lebrun {
456af4a2209SDavid Lebrun struct dst_entry *orig_dst = skb_dst(skb);
457af4a2209SDavid Lebrun struct dst_entry *dst = NULL;
458af4a2209SDavid Lebrun struct seg6_lwt *slwt;
4596c8702c6SDavid Lebrun int err;
4606c8702c6SDavid Lebrun
4616c8702c6SDavid Lebrun err = seg6_do_srh(skb);
462f4df8c76SAndrea Mayer if (unlikely(err))
463f4df8c76SAndrea Mayer goto drop;
4646c8702c6SDavid Lebrun
465af4a2209SDavid Lebrun slwt = seg6_lwt_lwtunnel(orig_dst->lwtstate);
466af4a2209SDavid Lebrun
467f8dd092eSEric Dumazet local_bh_disable();
468af4a2209SDavid Lebrun dst = dst_cache_get(&slwt->cache);
469af4a2209SDavid Lebrun
470af4a2209SDavid Lebrun if (!dst) {
4716c8702c6SDavid Lebrun ip6_route_input(skb);
472af4a2209SDavid Lebrun dst = skb_dst(skb);
473af4a2209SDavid Lebrun if (!dst->error) {
474af4a2209SDavid Lebrun dst_cache_set_ip6(&slwt->cache, dst,
475af4a2209SDavid Lebrun &ipv6_hdr(skb)->saddr);
476af4a2209SDavid Lebrun }
477af4a2209SDavid Lebrun } else {
478fa0583c2SYuya Tajima skb_dst_drop(skb);
479af4a2209SDavid Lebrun skb_dst_set(skb, dst);
480af4a2209SDavid Lebrun }
481f8dd092eSEric Dumazet local_bh_enable();
4826c8702c6SDavid Lebrun
483af3b5158SDavid Lebrun err = skb_cow_head(skb, LL_RESERVED_SPACE(dst->dev));
484af3b5158SDavid Lebrun if (unlikely(err))
485f4df8c76SAndrea Mayer goto drop;
486af3b5158SDavid Lebrun
4877a3f5b0dSRyoga Saito if (static_branch_unlikely(&nf_hooks_lwtunnel_enabled))
4887a3f5b0dSRyoga Saito return NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT,
4897a3f5b0dSRyoga Saito dev_net(skb->dev), NULL, skb, NULL,
4907a3f5b0dSRyoga Saito skb_dst(skb)->dev, seg6_input_finish);
4917a3f5b0dSRyoga Saito
4927a3f5b0dSRyoga Saito return seg6_input_finish(dev_net(skb->dev), NULL, skb);
493f4df8c76SAndrea Mayer drop:
494f4df8c76SAndrea Mayer kfree_skb(skb);
495f4df8c76SAndrea Mayer return err;
4966c8702c6SDavid Lebrun }
4976c8702c6SDavid Lebrun
seg6_input_nf(struct sk_buff * skb)4987a3f5b0dSRyoga Saito static int seg6_input_nf(struct sk_buff *skb)
4997a3f5b0dSRyoga Saito {
5007a3f5b0dSRyoga Saito struct net_device *dev = skb_dst(skb)->dev;
5017a3f5b0dSRyoga Saito struct net *net = dev_net(skb->dev);
5027a3f5b0dSRyoga Saito
5037a3f5b0dSRyoga Saito switch (skb->protocol) {
5047a3f5b0dSRyoga Saito case htons(ETH_P_IP):
5057a3f5b0dSRyoga Saito return NF_HOOK(NFPROTO_IPV4, NF_INET_POST_ROUTING, net, NULL,
5067a3f5b0dSRyoga Saito skb, NULL, dev, seg6_input_core);
5077a3f5b0dSRyoga Saito case htons(ETH_P_IPV6):
5087a3f5b0dSRyoga Saito return NF_HOOK(NFPROTO_IPV6, NF_INET_POST_ROUTING, net, NULL,
5097a3f5b0dSRyoga Saito skb, NULL, dev, seg6_input_core);
5107a3f5b0dSRyoga Saito }
5117a3f5b0dSRyoga Saito
5127a3f5b0dSRyoga Saito return -EINVAL;
5137a3f5b0dSRyoga Saito }
5147a3f5b0dSRyoga Saito
seg6_input(struct sk_buff * skb)5157a3f5b0dSRyoga Saito static int seg6_input(struct sk_buff *skb)
5167a3f5b0dSRyoga Saito {
5177a3f5b0dSRyoga Saito if (static_branch_unlikely(&nf_hooks_lwtunnel_enabled))
5187a3f5b0dSRyoga Saito return seg6_input_nf(skb);
5197a3f5b0dSRyoga Saito
5207a3f5b0dSRyoga Saito return seg6_input_core(dev_net(skb->dev), NULL, skb);
5217a3f5b0dSRyoga Saito }
5227a3f5b0dSRyoga Saito
seg6_output_core(struct net * net,struct sock * sk,struct sk_buff * skb)5237a3f5b0dSRyoga Saito static int seg6_output_core(struct net *net, struct sock *sk,
5247a3f5b0dSRyoga Saito struct sk_buff *skb)
5256c8702c6SDavid Lebrun {
5266c8702c6SDavid Lebrun struct dst_entry *orig_dst = skb_dst(skb);
5276c8702c6SDavid Lebrun struct dst_entry *dst = NULL;
5286c8702c6SDavid Lebrun struct seg6_lwt *slwt;
529bf0df73aSColin Ian King int err;
5306c8702c6SDavid Lebrun
5316c8702c6SDavid Lebrun err = seg6_do_srh(skb);
5326c8702c6SDavid Lebrun if (unlikely(err))
5336c8702c6SDavid Lebrun goto drop;
5346c8702c6SDavid Lebrun
5356c8702c6SDavid Lebrun slwt = seg6_lwt_lwtunnel(orig_dst->lwtstate);
5366c8702c6SDavid Lebrun
537f8dd092eSEric Dumazet local_bh_disable();
5386c8702c6SDavid Lebrun dst = dst_cache_get(&slwt->cache);
539f8dd092eSEric Dumazet local_bh_enable();
5406c8702c6SDavid Lebrun
5416c8702c6SDavid Lebrun if (unlikely(!dst)) {
5426c8702c6SDavid Lebrun struct ipv6hdr *hdr = ipv6_hdr(skb);
5436c8702c6SDavid Lebrun struct flowi6 fl6;
5446c8702c6SDavid Lebrun
5451b4e5ad5SShmulik Ladkani memset(&fl6, 0, sizeof(fl6));
5466c8702c6SDavid Lebrun fl6.daddr = hdr->daddr;
5476c8702c6SDavid Lebrun fl6.saddr = hdr->saddr;
5486c8702c6SDavid Lebrun fl6.flowlabel = ip6_flowinfo(hdr);
5496c8702c6SDavid Lebrun fl6.flowi6_mark = skb->mark;
5506c8702c6SDavid Lebrun fl6.flowi6_proto = hdr->nexthdr;
5516c8702c6SDavid Lebrun
5526c8702c6SDavid Lebrun dst = ip6_route_output(net, NULL, &fl6);
5536c8702c6SDavid Lebrun if (dst->error) {
5546c8702c6SDavid Lebrun err = dst->error;
5556c8702c6SDavid Lebrun dst_release(dst);
5566c8702c6SDavid Lebrun goto drop;
5576c8702c6SDavid Lebrun }
5586c8702c6SDavid Lebrun
559f8dd092eSEric Dumazet local_bh_disable();
5606c8702c6SDavid Lebrun dst_cache_set_ip6(&slwt->cache, dst, &fl6.saddr);
561f8dd092eSEric Dumazet local_bh_enable();
5626c8702c6SDavid Lebrun }
5636c8702c6SDavid Lebrun
5646c8702c6SDavid Lebrun skb_dst_drop(skb);
5656c8702c6SDavid Lebrun skb_dst_set(skb, dst);
5666c8702c6SDavid Lebrun
567af3b5158SDavid Lebrun err = skb_cow_head(skb, LL_RESERVED_SPACE(dst->dev));
568af3b5158SDavid Lebrun if (unlikely(err))
569af3b5158SDavid Lebrun goto drop;
570af3b5158SDavid Lebrun
5717a3f5b0dSRyoga Saito if (static_branch_unlikely(&nf_hooks_lwtunnel_enabled))
5727a3f5b0dSRyoga Saito return NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT, net, sk, skb,
5737a3f5b0dSRyoga Saito NULL, skb_dst(skb)->dev, dst_output);
5747a3f5b0dSRyoga Saito
5756c8702c6SDavid Lebrun return dst_output(net, sk, skb);
5766c8702c6SDavid Lebrun drop:
5776c8702c6SDavid Lebrun kfree_skb(skb);
5786c8702c6SDavid Lebrun return err;
5796c8702c6SDavid Lebrun }
5806c8702c6SDavid Lebrun
seg6_output_nf(struct net * net,struct sock * sk,struct sk_buff * skb)5817a3f5b0dSRyoga Saito static int seg6_output_nf(struct net *net, struct sock *sk, struct sk_buff *skb)
5827a3f5b0dSRyoga Saito {
5837a3f5b0dSRyoga Saito struct net_device *dev = skb_dst(skb)->dev;
5847a3f5b0dSRyoga Saito
5857a3f5b0dSRyoga Saito switch (skb->protocol) {
5867a3f5b0dSRyoga Saito case htons(ETH_P_IP):
5877a3f5b0dSRyoga Saito return NF_HOOK(NFPROTO_IPV4, NF_INET_POST_ROUTING, net, sk, skb,
5887a3f5b0dSRyoga Saito NULL, dev, seg6_output_core);
5897a3f5b0dSRyoga Saito case htons(ETH_P_IPV6):
5907a3f5b0dSRyoga Saito return NF_HOOK(NFPROTO_IPV6, NF_INET_POST_ROUTING, net, sk, skb,
5917a3f5b0dSRyoga Saito NULL, dev, seg6_output_core);
5927a3f5b0dSRyoga Saito }
5937a3f5b0dSRyoga Saito
5947a3f5b0dSRyoga Saito return -EINVAL;
5957a3f5b0dSRyoga Saito }
5967a3f5b0dSRyoga Saito
seg6_output(struct net * net,struct sock * sk,struct sk_buff * skb)5977a3f5b0dSRyoga Saito static int seg6_output(struct net *net, struct sock *sk, struct sk_buff *skb)
5987a3f5b0dSRyoga Saito {
5997a3f5b0dSRyoga Saito if (static_branch_unlikely(&nf_hooks_lwtunnel_enabled))
6007a3f5b0dSRyoga Saito return seg6_output_nf(net, sk, skb);
6017a3f5b0dSRyoga Saito
6027a3f5b0dSRyoga Saito return seg6_output_core(net, sk, skb);
6037a3f5b0dSRyoga Saito }
6047a3f5b0dSRyoga Saito
seg6_build_state(struct net * net,struct nlattr * nla,unsigned int family,const void * cfg,struct lwtunnel_state ** ts,struct netlink_ext_ack * extack)605faee6769SAlexander Aring static int seg6_build_state(struct net *net, struct nlattr *nla,
6066c8702c6SDavid Lebrun unsigned int family, const void *cfg,
6079ae28727SDavid Ahern struct lwtunnel_state **ts,
6089ae28727SDavid Ahern struct netlink_ext_ack *extack)
6096c8702c6SDavid Lebrun {
6106c8702c6SDavid Lebrun struct nlattr *tb[SEG6_IPTUNNEL_MAX + 1];
6116c8702c6SDavid Lebrun struct seg6_iptunnel_encap *tuninfo;
6126c8702c6SDavid Lebrun struct lwtunnel_state *newts;
6136c8702c6SDavid Lebrun int tuninfo_len, min_size;
6146c8702c6SDavid Lebrun struct seg6_lwt *slwt;
6156c8702c6SDavid Lebrun int err;
6166c8702c6SDavid Lebrun
61732d99d0bSDavid Lebrun if (family != AF_INET && family != AF_INET6)
61832d99d0bSDavid Lebrun return -EINVAL;
61932d99d0bSDavid Lebrun
6208cb08174SJohannes Berg err = nla_parse_nested_deprecated(tb, SEG6_IPTUNNEL_MAX, nla,
6219ae28727SDavid Ahern seg6_iptunnel_policy, extack);
6226c8702c6SDavid Lebrun
6236c8702c6SDavid Lebrun if (err < 0)
6246c8702c6SDavid Lebrun return err;
6256c8702c6SDavid Lebrun
6266c8702c6SDavid Lebrun if (!tb[SEG6_IPTUNNEL_SRH])
6276c8702c6SDavid Lebrun return -EINVAL;
6286c8702c6SDavid Lebrun
6296c8702c6SDavid Lebrun tuninfo = nla_data(tb[SEG6_IPTUNNEL_SRH]);
6306c8702c6SDavid Lebrun tuninfo_len = nla_len(tb[SEG6_IPTUNNEL_SRH]);
6316c8702c6SDavid Lebrun
6326c8702c6SDavid Lebrun /* tuninfo must contain at least the iptunnel encap structure,
6336c8702c6SDavid Lebrun * the SRH and one segment
6346c8702c6SDavid Lebrun */
6356c8702c6SDavid Lebrun min_size = sizeof(*tuninfo) + sizeof(struct ipv6_sr_hdr) +
6366c8702c6SDavid Lebrun sizeof(struct in6_addr);
6376c8702c6SDavid Lebrun if (tuninfo_len < min_size)
6386c8702c6SDavid Lebrun return -EINVAL;
6396c8702c6SDavid Lebrun
6406c8702c6SDavid Lebrun switch (tuninfo->mode) {
6416c8702c6SDavid Lebrun case SEG6_IPTUN_MODE_INLINE:
64232d99d0bSDavid Lebrun if (family != AF_INET6)
64332d99d0bSDavid Lebrun return -EINVAL;
64432d99d0bSDavid Lebrun
6456c8702c6SDavid Lebrun break;
6466c8702c6SDavid Lebrun case SEG6_IPTUN_MODE_ENCAP:
6476c8702c6SDavid Lebrun break;
64838ee7f2dSDavid Lebrun case SEG6_IPTUN_MODE_L2ENCAP:
64938ee7f2dSDavid Lebrun break;
650b07c8cdbSAndrea Mayer case SEG6_IPTUN_MODE_ENCAP_RED:
651b07c8cdbSAndrea Mayer break;
65213f0296bSAndrea Mayer case SEG6_IPTUN_MODE_L2ENCAP_RED:
65313f0296bSAndrea Mayer break;
6546c8702c6SDavid Lebrun default:
6556c8702c6SDavid Lebrun return -EINVAL;
6566c8702c6SDavid Lebrun }
6576c8702c6SDavid Lebrun
6586c8702c6SDavid Lebrun /* verify that SRH is consistent */
659bb986a50SAhmed Abdelsalam if (!seg6_validate_srh(tuninfo->srh, tuninfo_len - sizeof(*tuninfo), false))
6606c8702c6SDavid Lebrun return -EINVAL;
6616c8702c6SDavid Lebrun
6626c8702c6SDavid Lebrun newts = lwtunnel_state_alloc(tuninfo_len + sizeof(*slwt));
6636c8702c6SDavid Lebrun if (!newts)
6646c8702c6SDavid Lebrun return -ENOMEM;
6656c8702c6SDavid Lebrun
6666c8702c6SDavid Lebrun slwt = seg6_lwt_lwtunnel(newts);
6676c8702c6SDavid Lebrun
668191f86caSDavid Lebrun err = dst_cache_init(&slwt->cache, GFP_ATOMIC);
6696c8702c6SDavid Lebrun if (err) {
6706c8702c6SDavid Lebrun kfree(newts);
6716c8702c6SDavid Lebrun return err;
6726c8702c6SDavid Lebrun }
6736c8702c6SDavid Lebrun
6746c8702c6SDavid Lebrun memcpy(&slwt->tuninfo, tuninfo, tuninfo_len);
6756c8702c6SDavid Lebrun
6766c8702c6SDavid Lebrun newts->type = LWTUNNEL_ENCAP_SEG6;
67738ee7f2dSDavid Lebrun newts->flags |= LWTUNNEL_STATE_INPUT_REDIRECT;
67838ee7f2dSDavid Lebrun
67938ee7f2dSDavid Lebrun if (tuninfo->mode != SEG6_IPTUN_MODE_L2ENCAP)
68038ee7f2dSDavid Lebrun newts->flags |= LWTUNNEL_STATE_OUTPUT_REDIRECT;
68138ee7f2dSDavid Lebrun
6826c8702c6SDavid Lebrun newts->headroom = seg6_lwt_headroom(tuninfo);
6836c8702c6SDavid Lebrun
6846c8702c6SDavid Lebrun *ts = newts;
6856c8702c6SDavid Lebrun
6866c8702c6SDavid Lebrun return 0;
6876c8702c6SDavid Lebrun }
6886c8702c6SDavid Lebrun
seg6_destroy_state(struct lwtunnel_state * lwt)6896c8702c6SDavid Lebrun static void seg6_destroy_state(struct lwtunnel_state *lwt)
6906c8702c6SDavid Lebrun {
6916c8702c6SDavid Lebrun dst_cache_destroy(&seg6_lwt_lwtunnel(lwt)->cache);
6926c8702c6SDavid Lebrun }
6936c8702c6SDavid Lebrun
seg6_fill_encap_info(struct sk_buff * skb,struct lwtunnel_state * lwtstate)6946c8702c6SDavid Lebrun static int seg6_fill_encap_info(struct sk_buff *skb,
6956c8702c6SDavid Lebrun struct lwtunnel_state *lwtstate)
6966c8702c6SDavid Lebrun {
6976c8702c6SDavid Lebrun struct seg6_iptunnel_encap *tuninfo = seg6_encap_lwtunnel(lwtstate);
6986c8702c6SDavid Lebrun
6996c8702c6SDavid Lebrun if (nla_put_srh(skb, SEG6_IPTUNNEL_SRH, tuninfo))
7006c8702c6SDavid Lebrun return -EMSGSIZE;
7016c8702c6SDavid Lebrun
7026c8702c6SDavid Lebrun return 0;
7036c8702c6SDavid Lebrun }
7046c8702c6SDavid Lebrun
seg6_encap_nlsize(struct lwtunnel_state * lwtstate)7056c8702c6SDavid Lebrun static int seg6_encap_nlsize(struct lwtunnel_state *lwtstate)
7066c8702c6SDavid Lebrun {
7076c8702c6SDavid Lebrun struct seg6_iptunnel_encap *tuninfo = seg6_encap_lwtunnel(lwtstate);
7086c8702c6SDavid Lebrun
7096c8702c6SDavid Lebrun return nla_total_size(SEG6_IPTUN_ENCAP_SIZE(tuninfo));
7106c8702c6SDavid Lebrun }
7116c8702c6SDavid Lebrun
seg6_encap_cmp(struct lwtunnel_state * a,struct lwtunnel_state * b)7126c8702c6SDavid Lebrun static int seg6_encap_cmp(struct lwtunnel_state *a, struct lwtunnel_state *b)
7136c8702c6SDavid Lebrun {
7146c8702c6SDavid Lebrun struct seg6_iptunnel_encap *a_hdr = seg6_encap_lwtunnel(a);
7156c8702c6SDavid Lebrun struct seg6_iptunnel_encap *b_hdr = seg6_encap_lwtunnel(b);
7166c8702c6SDavid Lebrun int len = SEG6_IPTUN_ENCAP_SIZE(a_hdr);
7176c8702c6SDavid Lebrun
7186c8702c6SDavid Lebrun if (len != SEG6_IPTUN_ENCAP_SIZE(b_hdr))
7196c8702c6SDavid Lebrun return 1;
7206c8702c6SDavid Lebrun
7216c8702c6SDavid Lebrun return memcmp(a_hdr, b_hdr, len);
7226c8702c6SDavid Lebrun }
7236c8702c6SDavid Lebrun
7246c8702c6SDavid Lebrun static const struct lwtunnel_encap_ops seg6_iptun_ops = {
7256c8702c6SDavid Lebrun .build_state = seg6_build_state,
7266c8702c6SDavid Lebrun .destroy_state = seg6_destroy_state,
7276c8702c6SDavid Lebrun .output = seg6_output,
7286c8702c6SDavid Lebrun .input = seg6_input,
7296c8702c6SDavid Lebrun .fill_encap = seg6_fill_encap_info,
7306c8702c6SDavid Lebrun .get_encap_size = seg6_encap_nlsize,
7316c8702c6SDavid Lebrun .cmp_encap = seg6_encap_cmp,
73288ff7334SRobert Shearman .owner = THIS_MODULE,
7336c8702c6SDavid Lebrun };
7346c8702c6SDavid Lebrun
seg6_iptunnel_init(void)7356c8702c6SDavid Lebrun int __init seg6_iptunnel_init(void)
7366c8702c6SDavid Lebrun {
7376c8702c6SDavid Lebrun return lwtunnel_encap_add_ops(&seg6_iptun_ops, LWTUNNEL_ENCAP_SEG6);
7386c8702c6SDavid Lebrun }
7396c8702c6SDavid Lebrun
seg6_iptunnel_exit(void)7406c8702c6SDavid Lebrun void seg6_iptunnel_exit(void)
7416c8702c6SDavid Lebrun {
7426c8702c6SDavid Lebrun lwtunnel_encap_del_ops(&seg6_iptun_ops, LWTUNNEL_ENCAP_SEG6);
7436c8702c6SDavid Lebrun }
744