]> bbs.cooldavid.org Git - net-next-2.6.git/blame - net/ipv4/ip_gre.c
git://bbs.cooldavid.org / net-next-2.6.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
[AF_KEY]: Fix oops by converting to proc_net_*().
[net-next-2.6.git] / net / ipv4 / ip_gre.c
CommitLineData
1da177e4 1/*
e905a9ed 2 * Linux NET3: GRE over IP protocol decoder.
1da177e4
LT		 3 *
4 * Authors: Alexey Kuznetsov (kuznet@ms2.inr.ac.ru)
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version
9 * 2 of the License, or (at your option) any later version.
10 *
11 */
12
4fc268d2 13#include <linux/capability.h>
1da177e4
LT		 14#include <linux/module.h>
15#include <linux/types.h>
1da177e4
LT		 16#include <linux/kernel.h>
17#include <asm/uaccess.h>
18#include <linux/skbuff.h>
19#include <linux/netdevice.h>
20#include <linux/in.h>
21#include <linux/tcp.h>
22#include <linux/udp.h>
23#include <linux/if_arp.h>
24#include <linux/mroute.h>
25#include <linux/init.h>
26#include <linux/in6.h>
27#include <linux/inetdevice.h>
28#include <linux/igmp.h>
29#include <linux/netfilter_ipv4.h>
46f25dff 30#include <linux/if_ether.h>
1da177e4
LT		 31
32#include <net/sock.h>
33#include <net/ip.h>
34#include <net/icmp.h>
35#include <net/protocol.h>
36#include <net/ipip.h>
37#include <net/arp.h>
38#include <net/checksum.h>
39#include <net/dsfield.h>
40#include <net/inet_ecn.h>
41#include <net/xfrm.h>
42
43#ifdef CONFIG_IPV6
44#include <net/ipv6.h>
45#include <net/ip6_fib.h>
46#include <net/ip6_route.h>
47#endif
48
49/*
50 Problems & solutions
51 --------------------
52
53 1. The most important issue is detecting local dead loops.
54 They would cause complete host lockup in transmit, which
55 would be "resolved" by stack overflow or, if queueing is enabled,
56 with infinite looping in net_bh.
57
58 We cannot track such dead loops during route installation,
59 it is infeasible task. The most general solutions would be
60 to keep skb->encapsulation counter (sort of local ttl),
61 and silently drop packet when it expires. It is the best
62 solution, but it supposes maintaing new variable in ALL
63 skb, even if no tunneling is used.
64
e905a9ed 65 Current solution: t->recursion lock breaks dead loops. It looks
1da177e4
LT		 66 like dev->tbusy flag, but I preferred new variable, because
67 the semantics is different. One day, when hard_start_xmit
68 will be multithreaded we will have to use skb->encapsulation.
69
70
71
72 2. Networking dead loops would not kill routers, but would really
73 kill network. IP hop limit plays role of "t->recursion" in this case,
74 if we copy it from packet being encapsulated to upper header.
75 It is very good solution, but it introduces two problems:
76
77 - Routing protocols, using packets with ttl=1 (OSPF, RIP2),
78 do not work over tunnels.
79 - traceroute does not work. I planned to relay ICMP from tunnel,
80 so that this problem would be solved and traceroute output
81 would even more informative. This idea appeared to be wrong:
82 only Linux complies to rfc1812 now (yes, guys, Linux is the only
83 true router now :-)), all routers (at least, in neighbourhood of mine)
84 return only 8 bytes of payload. It is the end.
85
86 Hence, if we want that OSPF worked or traceroute said something reasonable,
87 we should search for another solution.
88
89 One of them is to parse packet trying to detect inner encapsulation
90 made by our node. It is difficult or even impossible, especially,
91 taking into account fragmentation. TO be short, tt is not solution at all.
92
93 Current solution: The solution was UNEXPECTEDLY SIMPLE.
94 We force DF flag on tunnels with preconfigured hop limit,
95 that is ALL. :-) Well, it does not remove the problem completely,
96 but exponential growth of network traffic is changed to linear
97 (branches, that exceed pmtu are pruned) and tunnel mtu
98 fastly degrades to value <68, where looping stops.
99 Yes, it is not good if there exists a router in the loop,
100 which does not force DF, even when encapsulating packets have DF set.
101 But it is not our problem! Nobody could accuse us, we made
102 all that we could make. Even if it is your gated who injected
103 fatal route to network, even if it were you who configured
104 fatal static route: you are innocent. :-)
105
106
107
108 3. Really, ipv4/ipip.c, ipv4/ip_gre.c and ipv6/sit.c contain
109 practically identical code. It would be good to glue them
110 together, but it is not very evident, how to make them modular.
111 sit is integral part of IPv6, ipip and gre are naturally modular.
112 We could extract common parts (hash table, ioctl etc)
113 to a separate module (ip_tunnel.c).
114
115 Alexey Kuznetsov.
116 */
117
118static int ipgre_tunnel_init(struct net_device *dev);
119static void ipgre_tunnel_setup(struct net_device *dev);
120
121/* Fallback tunnel: no source, no destination, no key, no options */
122
123static int ipgre_fb_tunnel_init(struct net_device *dev);
124
125static struct net_device *ipgre_fb_tunnel_dev;
126
127/* Tunnel hash table */
128
129/*
130 4 hash tables:
131
132 3: (remote,local)
133 2: (remote,*)
134 1: (*,local)
135 0: (*,*)
136
137 We require exact key match i.e. if a key is present in packet
138 it will match only tunnel with the same key; if it is not present,
139 it will match only keyless tunnel.
140
141 All keysless packets, if not matched configured keyless tunnels
142 will match fallback tunnel.
143 */
144
145#define HASH_SIZE 16
d5a0a1e3 146#define HASH(addr) (((__force u32)addr^((__force u32)addr>>4))&0xF)
1da177e4
LT		 147
148static struct ip_tunnel *tunnels[4][HASH_SIZE];
149
150#define tunnels_r_l (tunnels[3])
151#define tunnels_r (tunnels[2])
152#define tunnels_l (tunnels[1])
153#define tunnels_wc (tunnels[0])
154
155static DEFINE_RWLOCK(ipgre_lock);
156
157/* Given src, dst and key, find appropriate for input tunnel. */
158
d5a0a1e3 159static struct ip_tunnel * ipgre_tunnel_lookup(__be32 remote, __be32 local, __be32 key)
1da177e4
LT		 160{
161 unsigned h0 = HASH(remote);
162 unsigned h1 = HASH(key);
163 struct ip_tunnel *t;
164
165 for (t = tunnels_r_l[h0^h1]; t; t = t->next) {
166 if (local == t->parms.iph.saddr && remote == t->parms.iph.daddr) {
167 if (t->parms.i_key == key && (t->dev->flags&IFF_UP))
168 return t;
169 }
170 }
171 for (t = tunnels_r[h0^h1]; t; t = t->next) {
172 if (remote == t->parms.iph.daddr) {
173 if (t->parms.i_key == key && (t->dev->flags&IFF_UP))
174 return t;
175 }
176 }
177 for (t = tunnels_l[h1]; t; t = t->next) {
178 if (local == t->parms.iph.saddr ||
f97c1e0c
JP		 179 (local == t->parms.iph.daddr &&
180 ipv4_is_multicast(local))) {
1da177e4
LT		 181 if (t->parms.i_key == key && (t->dev->flags&IFF_UP))
182 return t;
183 }
184 }
185 for (t = tunnels_wc[h1]; t; t = t->next) {
186 if (t->parms.i_key == key && (t->dev->flags&IFF_UP))
187 return t;
188 }
189
190 if (ipgre_fb_tunnel_dev->flags&IFF_UP)
2941a486 191 return netdev_priv(ipgre_fb_tunnel_dev);
1da177e4
LT		 192 return NULL;
193}
194
5056a1ef 195static struct ip_tunnel **__ipgre_bucket(struct ip_tunnel_parm *parms)
1da177e4 196{
5056a1ef
YH		 197 __be32 remote = parms->iph.daddr;
198 __be32 local = parms->iph.saddr;
199 __be32 key = parms->i_key;
1da177e4
LT		 200 unsigned h = HASH(key);
201 int prio = 0;
202
203 if (local)
204 prio |= 1;
f97c1e0c 205 if (remote && !ipv4_is_multicast(remote)) {
1da177e4
LT		 206 prio |= 2;
207 h ^= HASH(remote);
208 }
209
210 return &tunnels[prio][h];
211}
212
5056a1ef
YH		 213static inline struct ip_tunnel **ipgre_bucket(struct ip_tunnel *t)
214{
215 return __ipgre_bucket(&t->parms);
216}
217
1da177e4
LT		 218static void ipgre_tunnel_link(struct ip_tunnel *t)
219{
220 struct ip_tunnel **tp = ipgre_bucket(t);
221
222 t->next = *tp;
223 write_lock_bh(&ipgre_lock);
224 *tp = t;
225 write_unlock_bh(&ipgre_lock);
226}
227
228static void ipgre_tunnel_unlink(struct ip_tunnel *t)
229{
230 struct ip_tunnel **tp;
231
232 for (tp = ipgre_bucket(t); *tp; tp = &(*tp)->next) {
233 if (t == *tp) {
234 write_lock_bh(&ipgre_lock);
235 *tp = t->next;
236 write_unlock_bh(&ipgre_lock);
237 break;
238 }
239 }
240}
241
242static struct ip_tunnel * ipgre_tunnel_locate(struct ip_tunnel_parm *parms, int create)
243{
d5a0a1e3
AV		 244 __be32 remote = parms->iph.daddr;
245 __be32 local = parms->iph.saddr;
246 __be32 key = parms->i_key;
1da177e4
LT		 247 struct ip_tunnel *t, **tp, *nt;
248 struct net_device *dev;
1da177e4
LT		 249 char name[IFNAMSIZ];
250
5056a1ef 251 for (tp = __ipgre_bucket(parms); (t = *tp) != NULL; tp = &t->next) {
1da177e4
LT		 252 if (local == t->parms.iph.saddr && remote == t->parms.iph.daddr) {
253 if (key == t->parms.i_key)
254 return t;
255 }
256 }
257 if (!create)
258 return NULL;
259
260 if (parms->name[0])
261 strlcpy(name, parms->name, IFNAMSIZ);
34cc7ba6
PE		 262 else
263 sprintf(name, "gre%%d");
1da177e4
LT		 264
265 dev = alloc_netdev(sizeof(*t), name, ipgre_tunnel_setup);
266 if (!dev)
267 return NULL;
268
269 dev->init = ipgre_tunnel_init;
2941a486 270 nt = netdev_priv(dev);
1da177e4
LT		 271 nt->parms = *parms;
272
273 if (register_netdevice(dev) < 0) {
274 free_netdev(dev);
275 goto failed;
276 }
277
1da177e4
LT		 278 dev_hold(dev);
279 ipgre_tunnel_link(nt);
1da177e4
LT		 280 return nt;
281
282failed:
283 return NULL;
284}
285
286static void ipgre_tunnel_uninit(struct net_device *dev)
287{
2941a486 288 ipgre_tunnel_unlink(netdev_priv(dev));
1da177e4
LT		 289 dev_put(dev);
290}
291
292
293static void ipgre_err(struct sk_buff *skb, u32 info)
294{
295#ifndef I_WISH_WORLD_WERE_PERFECT
296
297/* It is not :-( All the routers (except for Linux) return only
298 8 bytes of packet payload. It means, that precise relaying of
299 ICMP in the real Internet is absolutely infeasible.
300
301 Moreover, Cisco "wise men" put GRE key to the third word
302 in GRE header. It makes impossible maintaining even soft state for keyed
303 GRE tunnels with enabled checksum. Tell them "thank you".
304
305 Well, I wonder, rfc1812 was written by Cisco employee,
306 what the hell these idiots break standrads established
307 by themself???
308 */
309
310 struct iphdr *iph = (struct iphdr*)skb->data;
d5a0a1e3 311 __be16 *p = (__be16*)(skb->data+(iph->ihl<<2));
1da177e4 312 int grehlen = (iph->ihl<<2) + 4;
88c7664f
ACM		 313 const int type = icmp_hdr(skb)->type;
314 const int code = icmp_hdr(skb)->code;
1da177e4 315 struct ip_tunnel *t;
d5a0a1e3 316 __be16 flags;
1da177e4
LT		 317
318 flags = p[0];
319 if (flags&(GRE_CSUM|GRE_KEY|GRE_SEQ|GRE_ROUTING|GRE_VERSION)) {
320 if (flags&(GRE_VERSION|GRE_ROUTING))
321 return;
322 if (flags&GRE_KEY) {
323 grehlen += 4;
324 if (flags&GRE_CSUM)
325 grehlen += 4;
326 }
327 }
328
329 /* If only 8 bytes returned, keyed message will be dropped here */
330 if (skb_headlen(skb) < grehlen)
331 return;
332
333 switch (type) {
334 default:
335 case ICMP_PARAMETERPROB:
336 return;
337
338 case ICMP_DEST_UNREACH:
339 switch (code) {
340 case ICMP_SR_FAILED:
341 case ICMP_PORT_UNREACH:
342 /* Impossible event. */
343 return;
344 case ICMP_FRAG_NEEDED:
345 /* Soft state for pmtu is maintained by IP core. */
346 return;
347 default:
348 /* All others are translated to HOST_UNREACH.
349 rfc2003 contains "deep thoughts" about NET_UNREACH,
350 I believe they are just ether pollution. --ANK
351 */
352 break;
353 }
354 break;
355 case ICMP_TIME_EXCEEDED:
356 if (code != ICMP_EXC_TTL)
357 return;
358 break;
359 }
360
361 read_lock(&ipgre_lock);
d5a0a1e3 362 t = ipgre_tunnel_lookup(iph->daddr, iph->saddr, (flags&GRE_KEY) ? *(((__be32*)p) + (grehlen>>2) - 1) : 0);
f97c1e0c
JP		 363 if (t == NULL || t->parms.iph.daddr == 0 ||
364 ipv4_is_multicast(t->parms.iph.daddr))
1da177e4
LT		 365 goto out;
366
367 if (t->parms.iph.ttl == 0 && type == ICMP_TIME_EXCEEDED)
368 goto out;
369
370 if (jiffies - t->err_time < IPTUNNEL_ERR_TIMEO)
371 t->err_count++;
372 else
373 t->err_count = 1;
374 t->err_time = jiffies;
375out:
376 read_unlock(&ipgre_lock);
377 return;
378#else
379 struct iphdr *iph = (struct iphdr*)dp;
380 struct iphdr *eiph;
d5a0a1e3 381 __be16 *p = (__be16*)(dp+(iph->ihl<<2));
88c7664f
ACM		 382 const int type = icmp_hdr(skb)->type;
383 const int code = icmp_hdr(skb)->code;
1da177e4
LT		 384 int rel_type = 0;
385 int rel_code = 0;
c55e2f49
AV		 386 __be32 rel_info = 0;
387 __u32 n = 0;
d5a0a1e3 388 __be16 flags;
1da177e4
LT		 389 int grehlen = (iph->ihl<<2) + 4;
390 struct sk_buff *skb2;
391 struct flowi fl;
392 struct rtable *rt;
393
394 if (p[1] != htons(ETH_P_IP))
395 return;
396
397 flags = p[0];
398 if (flags&(GRE_CSUM|GRE_KEY|GRE_SEQ|GRE_ROUTING|GRE_VERSION)) {
399 if (flags&(GRE_VERSION|GRE_ROUTING))
400 return;
401 if (flags&GRE_CSUM)
402 grehlen += 4;
403 if (flags&GRE_KEY)
404 grehlen += 4;
405 if (flags&GRE_SEQ)
406 grehlen += 4;
407 }
408 if (len < grehlen + sizeof(struct iphdr))
409 return;
410 eiph = (struct iphdr*)(dp + grehlen);
411
412 switch (type) {
413 default:
414 return;
415 case ICMP_PARAMETERPROB:
88c7664f 416 n = ntohl(icmp_hdr(skb)->un.gateway) >> 24;
c55e2f49 417 if (n < (iph->ihl<<2))
1da177e4
LT		 418 return;
419
420 /* So... This guy found something strange INSIDE encapsulated
421 packet. Well, he is fool, but what can we do ?
422 */
423 rel_type = ICMP_PARAMETERPROB;
c55e2f49
AV		 424 n -= grehlen;
425 rel_info = htonl(n << 24);
1da177e4
LT		 426 break;
427
428 case ICMP_DEST_UNREACH:
429 switch (code) {
430 case ICMP_SR_FAILED:
431 case ICMP_PORT_UNREACH:
432 /* Impossible event. */
433 return;
434 case ICMP_FRAG_NEEDED:
435 /* And it is the only really necessary thing :-) */
88c7664f 436 n = ntohs(icmp_hdr(skb)->un.frag.mtu);
c55e2f49 437 if (n < grehlen+68)
1da177e4 438 return;
c55e2f49 439 n -= grehlen;
1da177e4 440 /* BSD 4.2 MORE DOES NOT EXIST IN NATURE. */
c55e2f49 441 if (n > ntohs(eiph->tot_len))
1da177e4 442 return;
c55e2f49 443 rel_info = htonl(n);
1da177e4
LT		 444 break;
445 default:
446 /* All others are translated to HOST_UNREACH.
447 rfc2003 contains "deep thoughts" about NET_UNREACH,
448 I believe, it is just ether pollution. --ANK
449 */
450 rel_type = ICMP_DEST_UNREACH;
451 rel_code = ICMP_HOST_UNREACH;
452 break;
453 }
454 break;
455 case ICMP_TIME_EXCEEDED:
456 if (code != ICMP_EXC_TTL)
457 return;
458 break;
459 }
460
461 /* Prepare fake skb to feed it to icmp_send */
462 skb2 = skb_clone(skb, GFP_ATOMIC);
463 if (skb2 == NULL)
464 return;
465 dst_release(skb2->dst);
466 skb2->dst = NULL;
467 skb_pull(skb2, skb->data - (u8*)eiph);
c1d2bbe1 468 skb_reset_network_header(skb2);
1da177e4
LT		 469
470 /* Try to guess incoming interface */
471 memset(&fl, 0, sizeof(fl));
472 fl.fl4_dst = eiph->saddr;
473 fl.fl4_tos = RT_TOS(eiph->tos);
474 fl.proto = IPPROTO_GRE;
f206351a 475 if (ip_route_output_key(&init_net, &rt, &fl)) {
1da177e4
LT		 476 kfree_skb(skb2);
477 return;
478 }
479 skb2->dev = rt->u.dst.dev;
480
481 /* route "incoming" packet */
482 if (rt->rt_flags&RTCF_LOCAL) {
483 ip_rt_put(rt);
484 rt = NULL;
485 fl.fl4_dst = eiph->daddr;
486 fl.fl4_src = eiph->saddr;
487 fl.fl4_tos = eiph->tos;
f206351a 488 if (ip_route_output_key(&init_net, &rt, &fl) ||
1da177e4
LT		 489 rt->u.dst.dev->type != ARPHRD_IPGRE) {
490 ip_rt_put(rt);
491 kfree_skb(skb2);
492 return;
493 }
494 } else {
495 ip_rt_put(rt);
496 if (ip_route_input(skb2, eiph->daddr, eiph->saddr, eiph->tos, skb2->dev) ||
497 skb2->dst->dev->type != ARPHRD_IPGRE) {
498 kfree_skb(skb2);
499 return;
500 }
501 }
502
503 /* change mtu on this route */
504 if (type == ICMP_DEST_UNREACH && code == ICMP_FRAG_NEEDED) {
c55e2f49 505 if (n > dst_mtu(skb2->dst)) {
1da177e4
LT		 506 kfree_skb(skb2);
507 return;
508 }
c55e2f49 509 skb2->dst->ops->update_pmtu(skb2->dst, n);
1da177e4 510 } else if (type == ICMP_TIME_EXCEEDED) {
2941a486 511 struct ip_tunnel *t = netdev_priv(skb2->dev);
1da177e4
LT		 512 if (t->parms.iph.ttl) {
513 rel_type = ICMP_DEST_UNREACH;
514 rel_code = ICMP_HOST_UNREACH;
515 }
516 }
517
518 icmp_send(skb2, rel_type, rel_code, rel_info);
519 kfree_skb(skb2);
520#endif
521}
522
523static inline void ipgre_ecn_decapsulate(struct iphdr *iph, struct sk_buff *skb)
524{
525 if (INET_ECN_is_ce(iph->tos)) {
526 if (skb->protocol == htons(ETH_P_IP)) {
eddc9ec5 527 IP_ECN_set_ce(ip_hdr(skb));
1da177e4 528 } else if (skb->protocol == htons(ETH_P_IPV6)) {
0660e03f 529 IP6_ECN_set_ce(ipv6_hdr(skb));
1da177e4
LT		 530 }
531 }
532}
533
534static inline u8
535ipgre_ecn_encapsulate(u8 tos, struct iphdr *old_iph, struct sk_buff *skb)
536{
537 u8 inner = 0;
538 if (skb->protocol == htons(ETH_P_IP))
539 inner = old_iph->tos;
540 else if (skb->protocol == htons(ETH_P_IPV6))
541 inner = ipv6_get_dsfield((struct ipv6hdr *)old_iph);
542 return INET_ECN_encapsulate(tos, inner);
543}
544
545static int ipgre_rcv(struct sk_buff *skb)
546{
547 struct iphdr *iph;
548 u8 *h;
d5a0a1e3 549 __be16 flags;
d3bc23e7 550 __sum16 csum = 0;
d5a0a1e3 551 __be32 key = 0;
1da177e4
LT		 552 u32 seqno = 0;
553 struct ip_tunnel *tunnel;
554 int offset = 4;
555
556 if (!pskb_may_pull(skb, 16))
557 goto drop_nolock;
558
eddc9ec5 559 iph = ip_hdr(skb);
1da177e4 560 h = skb->data;
d5a0a1e3 561 flags = *(__be16*)h;
1da177e4
LT		 562
563 if (flags&(GRE_CSUM|GRE_KEY|GRE_ROUTING|GRE_SEQ|GRE_VERSION)) {
564 /* - Version must be 0.
565 - We do not support routing headers.
566 */
567 if (flags&(GRE_VERSION|GRE_ROUTING))
568 goto drop_nolock;
569
570 if (flags&GRE_CSUM) {
fb286bb2 571 switch (skb->ip_summed) {
84fa7933 572 case CHECKSUM_COMPLETE:
d3bc23e7 573 csum = csum_fold(skb->csum);
fb286bb2
HX		 574 if (!csum)
575 break;
576 /* fall through */
577 case CHECKSUM_NONE:
578 skb->csum = 0;
579 csum = __skb_checksum_complete(skb);
84fa7933 580 skb->ip_summed = CHECKSUM_COMPLETE;
1da177e4
LT		 581 }
582 offset += 4;
583 }
584 if (flags&GRE_KEY) {
d5a0a1e3 585 key = *(__be32*)(h + offset);
1da177e4
LT		 586 offset += 4;
587 }
588 if (flags&GRE_SEQ) {
d5a0a1e3 589 seqno = ntohl(*(__be32*)(h + offset));
1da177e4
LT		 590 offset += 4;
591 }
592 }
593
594 read_lock(&ipgre_lock);
595 if ((tunnel = ipgre_tunnel_lookup(iph->saddr, iph->daddr, key)) != NULL) {
596 secpath_reset(skb);
597
d5a0a1e3 598 skb->protocol = *(__be16*)(h + 2);
1da177e4
LT		 599 /* WCCP version 1 and 2 protocol decoding.
600 * - Change protocol to IP
601 * - When dealing with WCCPv2, Skip extra 4 bytes in GRE header
602 */
603 if (flags == 0 &&
496c98df
YH		 604 skb->protocol == htons(ETH_P_WCCP)) {
605 skb->protocol = htons(ETH_P_IP);
e905a9ed 606 if ((*(h + offset) & 0xF0) != 0x40)
1da177e4
LT		 607 offset += 4;
608 }
609
1d069167 610 skb->mac_header = skb->network_header;
4209fb60
ACM		 611 __pskb_pull(skb, offset);
612 skb_reset_network_header(skb);
9c70220b 613 skb_postpull_rcsum(skb, skb_transport_header(skb), offset);
1da177e4
LT		 614 skb->pkt_type = PACKET_HOST;
615#ifdef CONFIG_NET_IPGRE_BROADCAST
f97c1e0c 616 if (ipv4_is_multicast(iph->daddr)) {
1da177e4
LT		 617 /* Looped back packet, drop it! */
618 if (((struct rtable*)skb->dst)->fl.iif == 0)
619 goto drop;
620 tunnel->stat.multicast++;
621 skb->pkt_type = PACKET_BROADCAST;
622 }
623#endif
624
625 if (((flags&GRE_CSUM) && csum) ||
626 (!(flags&GRE_CSUM) && tunnel->parms.i_flags&GRE_CSUM)) {
627 tunnel->stat.rx_crc_errors++;
628 tunnel->stat.rx_errors++;
629 goto drop;
630 }
631 if (tunnel->parms.i_flags&GRE_SEQ) {
632 if (!(flags&GRE_SEQ) ||
633 (tunnel->i_seqno && (s32)(seqno - tunnel->i_seqno) < 0)) {
634 tunnel->stat.rx_fifo_errors++;
635 tunnel->stat.rx_errors++;
636 goto drop;
637 }
638 tunnel->i_seqno = seqno + 1;
639 }
640 tunnel->stat.rx_packets++;
641 tunnel->stat.rx_bytes += skb->len;
642 skb->dev = tunnel->dev;
643 dst_release(skb->dst);
644 skb->dst = NULL;
645 nf_reset(skb);
646 ipgre_ecn_decapsulate(iph, skb);
647 netif_rx(skb);
648 read_unlock(&ipgre_lock);
649 return(0);
650 }
45af08be 651 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_PORT_UNREACH, 0);
1da177e4
LT		 652
653drop:
654 read_unlock(&ipgre_lock);
655drop_nolock:
656 kfree_skb(skb);
657 return(0);
658}
659
660static int ipgre_tunnel_xmit(struct sk_buff *skb, struct net_device *dev)
661{
2941a486 662 struct ip_tunnel *tunnel = netdev_priv(dev);
1da177e4 663 struct net_device_stats *stats = &tunnel->stat;
eddc9ec5 664 struct iphdr *old_iph = ip_hdr(skb);
1da177e4
LT		 665 struct iphdr *tiph;
666 u8 tos;
d5a0a1e3 667 __be16 df;
1da177e4
LT		 668 struct rtable *rt; /* Route to the other host */
669 struct net_device *tdev; /* Device to other host */
670 struct iphdr *iph; /* Our new IP header */
c2636b4d 671 unsigned int max_headroom; /* The extra header space needed */
1da177e4 672 int gre_hlen;
d5a0a1e3 673 __be32 dst;
1da177e4
LT		 674 int mtu;
675
676 if (tunnel->recursion++) {
677 tunnel->stat.collisions++;
678 goto tx_error;
679 }
680
3b04ddde 681 if (dev->header_ops) {
1da177e4
LT		 682 gre_hlen = 0;
683 tiph = (struct iphdr*)skb->data;
684 } else {
685 gre_hlen = tunnel->hlen;
686 tiph = &tunnel->parms.iph;
687 }
688
689 if ((dst = tiph->daddr) == 0) {
690 /* NBMA tunnel */
691
692 if (skb->dst == NULL) {
693 tunnel->stat.tx_fifo_errors++;
694 goto tx_error;
695 }
696
697 if (skb->protocol == htons(ETH_P_IP)) {
698 rt = (struct rtable*)skb->dst;
699 if ((dst = rt->rt_gateway) == 0)
700 goto tx_error_icmp;
701 }
702#ifdef CONFIG_IPV6
703 else if (skb->protocol == htons(ETH_P_IPV6)) {
704 struct in6_addr *addr6;
705 int addr_type;
706 struct neighbour *neigh = skb->dst->neighbour;
707
708 if (neigh == NULL)
709 goto tx_error;
710
711 addr6 = (struct in6_addr*)&neigh->primary_key;
712 addr_type = ipv6_addr_type(addr6);
713
714 if (addr_type == IPV6_ADDR_ANY) {
0660e03f 715 addr6 = &ipv6_hdr(skb)->daddr;
1da177e4
LT		 716 addr_type = ipv6_addr_type(addr6);
717 }
718
719 if ((addr_type & IPV6_ADDR_COMPATv4) == 0)
720 goto tx_error_icmp;
721
722 dst = addr6->s6_addr32[3];
723 }
724#endif
725 else
726 goto tx_error;
727 }
728
729 tos = tiph->tos;
730 if (tos&1) {
731 if (skb->protocol == htons(ETH_P_IP))
732 tos = old_iph->tos;
733 tos &= ~1;
734 }
735
736 {
737 struct flowi fl = { .oif = tunnel->parms.link,
738 .nl_u = { .ip4_u =
739 { .daddr = dst,
740 .saddr = tiph->saddr,
741 .tos = RT_TOS(tos) } },
742 .proto = IPPROTO_GRE };
f206351a 743 if (ip_route_output_key(&init_net, &rt, &fl)) {
1da177e4
LT		 744 tunnel->stat.tx_carrier_errors++;
745 goto tx_error;
746 }
747 }
748 tdev = rt->u.dst.dev;
749
750 if (tdev == dev) {
751 ip_rt_put(rt);
752 tunnel->stat.collisions++;
753 goto tx_error;
754 }
755
756 df = tiph->frag_off;
757 if (df)
758 mtu = dst_mtu(&rt->u.dst) - tunnel->hlen;
759 else
760 mtu = skb->dst ? dst_mtu(skb->dst) : dev->mtu;
761
762 if (skb->dst)
763 skb->dst->ops->update_pmtu(skb->dst, mtu);
764
765 if (skb->protocol == htons(ETH_P_IP)) {
766 df |= (old_iph->frag_off&htons(IP_DF));
767
768 if ((old_iph->frag_off&htons(IP_DF)) &&
769 mtu < ntohs(old_iph->tot_len)) {
770 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED, htonl(mtu));
771 ip_rt_put(rt);
772 goto tx_error;
773 }
774 }
775#ifdef CONFIG_IPV6
776 else if (skb->protocol == htons(ETH_P_IPV6)) {
777 struct rt6_info *rt6 = (struct rt6_info*)skb->dst;
778
779 if (rt6 && mtu < dst_mtu(skb->dst) && mtu >= IPV6_MIN_MTU) {
f97c1e0c
JP		 780 if ((tunnel->parms.iph.daddr &&
781 !ipv4_is_multicast(tunnel->parms.iph.daddr)) ||
1da177e4
LT		 782 rt6->rt6i_dst.plen == 128) {
783 rt6->rt6i_flags |= RTF_MODIFIED;
784 skb->dst->metrics[RTAX_MTU-1] = mtu;
785 }
786 }
787
788 if (mtu >= IPV6_MIN_MTU && mtu < skb->len - tunnel->hlen + gre_hlen) {
789 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu, dev);
790 ip_rt_put(rt);
791 goto tx_error;
792 }
793 }
794#endif
795
796 if (tunnel->err_count > 0) {
797 if (jiffies - tunnel->err_time < IPTUNNEL_ERR_TIMEO) {
798 tunnel->err_count--;
799
800 dst_link_failure(skb);
801 } else
802 tunnel->err_count = 0;
803 }
804
805 max_headroom = LL_RESERVED_SPACE(tdev) + gre_hlen;
806
cfbba49d
PM		 807 if (skb_headroom(skb) < max_headroom || skb_shared(skb)||
808 (skb_cloned(skb) && !skb_clone_writable(skb, 0))) {
1da177e4
LT		 809 struct sk_buff *new_skb = skb_realloc_headroom(skb, max_headroom);
810 if (!new_skb) {
811 ip_rt_put(rt);
e905a9ed 812 stats->tx_dropped++;
1da177e4
LT		 813 dev_kfree_skb(skb);
814 tunnel->recursion--;
815 return 0;
816 }
817 if (skb->sk)
818 skb_set_owner_w(new_skb, skb->sk);
819 dev_kfree_skb(skb);
820 skb = new_skb;
eddc9ec5 821 old_iph = ip_hdr(skb);
1da177e4
LT		 822 }
823
b0e380b1 824 skb->transport_header = skb->network_header;
e2d1bca7
ACM		 825 skb_push(skb, gre_hlen);
826 skb_reset_network_header(skb);
1da177e4 827 memset(&(IPCB(skb)->opt), 0, sizeof(IPCB(skb)->opt));
48d5cad8
PM		 828 IPCB(skb)->flags &= ~(IPSKB_XFRM_TUNNEL_SIZE | IPSKB_XFRM_TRANSFORMED |
829 IPSKB_REROUTED);
1da177e4
LT		 830 dst_release(skb->dst);
831 skb->dst = &rt->u.dst;
832
833 /*
834 * Push down and install the IPIP header.
835 */
836
eddc9ec5 837 iph = ip_hdr(skb);
1da177e4
LT		 838 iph->version = 4;
839 iph->ihl = sizeof(struct iphdr) >> 2;
840 iph->frag_off = df;
841 iph->protocol = IPPROTO_GRE;
842 iph->tos = ipgre_ecn_encapsulate(tos, old_iph, skb);
843 iph->daddr = rt->rt_dst;
844 iph->saddr = rt->rt_src;
845
846 if ((iph->ttl = tiph->ttl) == 0) {
847 if (skb->protocol == htons(ETH_P_IP))
848 iph->ttl = old_iph->ttl;
849#ifdef CONFIG_IPV6
850 else if (skb->protocol == htons(ETH_P_IPV6))
851 iph->ttl = ((struct ipv6hdr*)old_iph)->hop_limit;
852#endif
853 else
854 iph->ttl = dst_metric(&rt->u.dst, RTAX_HOPLIMIT);
855 }
856
d5a0a1e3
AV		 857 ((__be16*)(iph+1))[0] = tunnel->parms.o_flags;
858 ((__be16*)(iph+1))[1] = skb->protocol;
1da177e4
LT		 859
860 if (tunnel->parms.o_flags&(GRE_KEY|GRE_CSUM|GRE_SEQ)) {
d5a0a1e3 861 __be32 *ptr = (__be32*)(((u8*)iph) + tunnel->hlen - 4);
1da177e4
LT		 862
863 if (tunnel->parms.o_flags&GRE_SEQ) {
864 ++tunnel->o_seqno;
865 *ptr = htonl(tunnel->o_seqno);
866 ptr--;
867 }
868 if (tunnel->parms.o_flags&GRE_KEY) {
869 *ptr = tunnel->parms.o_key;
870 ptr--;
871 }
872 if (tunnel->parms.o_flags&GRE_CSUM) {
873 *ptr = 0;
5f92a738 874 *(__sum16*)ptr = ip_compute_csum((void*)(iph+1), skb->len - sizeof(struct iphdr));
1da177e4
LT		 875 }
876 }
877
878 nf_reset(skb);
879
880 IPTUNNEL_XMIT();
881 tunnel->recursion--;
882 return 0;
883
884tx_error_icmp:
885 dst_link_failure(skb);
886
887tx_error:
888 stats->tx_errors++;
889 dev_kfree_skb(skb);
890 tunnel->recursion--;
891 return 0;
892}
893
ee34c1eb
MS		 894static void ipgre_tunnel_bind_dev(struct net_device *dev)
895{
896 struct net_device *tdev = NULL;
897 struct ip_tunnel *tunnel;
898 struct iphdr *iph;
899 int hlen = LL_MAX_HEADER;
900 int mtu = ETH_DATA_LEN;
901 int addend = sizeof(struct iphdr) + 4;
902
903 tunnel = netdev_priv(dev);
904 iph = &tunnel->parms.iph;
905
906 /* Guess output device to choose reasonable mtu and hard_header_len */
907
908 if (iph->daddr) {
909 struct flowi fl = { .oif = tunnel->parms.link,
910 .nl_u = { .ip4_u =
911 { .daddr = iph->daddr,
912 .saddr = iph->saddr,
913 .tos = RT_TOS(iph->tos) } },
914 .proto = IPPROTO_GRE };
915 struct rtable *rt;
f206351a 916 if (!ip_route_output_key(&init_net, &rt, &fl)) {
ee34c1eb
MS		 917 tdev = rt->u.dst.dev;
918 ip_rt_put(rt);
919 }
920 dev->flags |= IFF_POINTOPOINT;
921 }
922
923 if (!tdev && tunnel->parms.link)
924 tdev = __dev_get_by_index(&init_net, tunnel->parms.link);
925
926 if (tdev) {
927 hlen = tdev->hard_header_len;
928 mtu = tdev->mtu;
929 }
930 dev->iflink = tunnel->parms.link;
931
932 /* Precalculate GRE options length */
933 if (tunnel->parms.o_flags&(GRE_CSUM|GRE_KEY|GRE_SEQ)) {
934 if (tunnel->parms.o_flags&GRE_CSUM)
935 addend += 4;
936 if (tunnel->parms.o_flags&GRE_KEY)
937 addend += 4;
938 if (tunnel->parms.o_flags&GRE_SEQ)
939 addend += 4;
940 }
941 dev->hard_header_len = hlen + addend;
942 dev->mtu = mtu - addend;
943 tunnel->hlen = addend;
944
945}
946
1da177e4
LT		 947static int
948ipgre_tunnel_ioctl (struct net_device *dev, struct ifreq *ifr, int cmd)
949{
950 int err = 0;
951 struct ip_tunnel_parm p;
952 struct ip_tunnel *t;
953
954 switch (cmd) {
955 case SIOCGETTUNNEL:
956 t = NULL;
957 if (dev == ipgre_fb_tunnel_dev) {
958 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p))) {
959 err = -EFAULT;
960 break;
961 }
962 t = ipgre_tunnel_locate(&p, 0);
963 }
964 if (t == NULL)
2941a486 965 t = netdev_priv(dev);
1da177e4
LT		 966 memcpy(&p, &t->parms, sizeof(p));
967 if (copy_to_user(ifr->ifr_ifru.ifru_data, &p, sizeof(p)))
968 err = -EFAULT;
969 break;
970
971 case SIOCADDTUNNEL:
972 case SIOCCHGTUNNEL:
973 err = -EPERM;
974 if (!capable(CAP_NET_ADMIN))
975 goto done;
976
977 err = -EFAULT;
978 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p)))
979 goto done;
980
981 err = -EINVAL;
982 if (p.iph.version != 4 || p.iph.protocol != IPPROTO_GRE ||
983 p.iph.ihl != 5 || (p.iph.frag_off&htons(~IP_DF)) ||
984 ((p.i_flags|p.o_flags)&(GRE_VERSION|GRE_ROUTING)))
985 goto done;
986 if (p.iph.ttl)
987 p.iph.frag_off |= htons(IP_DF);
988
989 if (!(p.i_flags&GRE_KEY))
990 p.i_key = 0;
991 if (!(p.o_flags&GRE_KEY))
992 p.o_key = 0;
993
994 t = ipgre_tunnel_locate(&p, cmd == SIOCADDTUNNEL);
995
996 if (dev != ipgre_fb_tunnel_dev && cmd == SIOCCHGTUNNEL) {
997 if (t != NULL) {
998 if (t->dev != dev) {
999 err = -EEXIST;
1000 break;
1001 }
1002 } else {
1003 unsigned nflags=0;
1004
2941a486 1005 t = netdev_priv(dev);
1da177e4 1006
f97c1e0c 1007 if (ipv4_is_multicast(p.iph.daddr))
1da177e4
LT		 1008 nflags = IFF_BROADCAST;
1009 else if (p.iph.daddr)
1010 nflags = IFF_POINTOPOINT;
1011
1012 if ((dev->flags^nflags)&(IFF_POINTOPOINT|IFF_BROADCAST)) {
1013 err = -EINVAL;
1014 break;
1015 }
1016 ipgre_tunnel_unlink(t);
1017 t->parms.iph.saddr = p.iph.saddr;
1018 t->parms.iph.daddr = p.iph.daddr;
1019 t->parms.i_key = p.i_key;
1020 t->parms.o_key = p.o_key;
1021 memcpy(dev->dev_addr, &p.iph.saddr, 4);
1022 memcpy(dev->broadcast, &p.iph.daddr, 4);
1023 ipgre_tunnel_link(t);
1024 netdev_state_change(dev);
1025 }
1026 }
1027
1028 if (t) {
1029 err = 0;
1030 if (cmd == SIOCCHGTUNNEL) {
1031 t->parms.iph.ttl = p.iph.ttl;
1032 t->parms.iph.tos = p.iph.tos;
1033 t->parms.iph.frag_off = p.iph.frag_off;
ee34c1eb
MS		 1034 if (t->parms.link != p.link) {
1035 t->parms.link = p.link;
1036 ipgre_tunnel_bind_dev(dev);
1037 netdev_state_change(dev);
1038 }
1da177e4
LT		 1039 }
1040 if (copy_to_user(ifr->ifr_ifru.ifru_data, &t->parms, sizeof(p)))
1041 err = -EFAULT;
1042 } else
1043 err = (cmd == SIOCADDTUNNEL ? -ENOBUFS : -ENOENT);
1044 break;
1045
1046 case SIOCDELTUNNEL:
1047 err = -EPERM;
1048 if (!capable(CAP_NET_ADMIN))
1049 goto done;
1050
1051 if (dev == ipgre_fb_tunnel_dev) {
1052 err = -EFAULT;
1053 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p)))
1054 goto done;
1055 err = -ENOENT;
1056 if ((t = ipgre_tunnel_locate(&p, 0)) == NULL)
1057 goto done;
1058 err = -EPERM;
2941a486 1059 if (t == netdev_priv(ipgre_fb_tunnel_dev))
1da177e4
LT		 1060 goto done;
1061 dev = t->dev;
1062 }
22f8cde5
SH		 1063 unregister_netdevice(dev);
1064 err = 0;
1da177e4
LT		 1065 break;
1066
1067 default:
1068 err = -EINVAL;
1069 }
1070
1071done:
1072 return err;
1073}
1074
1075static struct net_device_stats *ipgre_tunnel_get_stats(struct net_device *dev)
1076{
2941a486 1077 return &(((struct ip_tunnel*)netdev_priv(dev))->stat);
1da177e4
LT		 1078}
1079
1080static int ipgre_tunnel_change_mtu(struct net_device *dev, int new_mtu)
1081{
2941a486 1082 struct ip_tunnel *tunnel = netdev_priv(dev);
1da177e4
LT		 1083 if (new_mtu < 68 || new_mtu > 0xFFF8 - tunnel->hlen)
1084 return -EINVAL;
1085 dev->mtu = new_mtu;
1086 return 0;
1087}
1088
1da177e4
LT		 1089/* Nice toy. Unfortunately, useless in real life :-)
1090 It allows to construct virtual multiprotocol broadcast "LAN"
1091 over the Internet, provided multicast routing is tuned.
1092
1093
1094 I have no idea was this bicycle invented before me,
1095 so that I had to set ARPHRD_IPGRE to a random value.
1096 I have an impression, that Cisco could make something similar,
1097 but this feature is apparently missing in IOS<=11.2(8).
e905a9ed 1098
1da177e4
LT		 1099 I set up 10.66.66/24 and fec0:6666:6666::0/96 as virtual networks
1100 with broadcast 224.66.66.66. If you have access to mbone, play with me :-)
1101
1102 ping -t 255 224.66.66.66
1103
1104 If nobody answers, mbone does not work.
1105
1106 ip tunnel add Universe mode gre remote 224.66.66.66 local <Your_real_addr> ttl 255
1107 ip addr add 10.66.66.<somewhat>/24 dev Universe
1108 ifconfig Universe up
1109 ifconfig Universe add fe80::<Your_real_addr>/10
1110 ifconfig Universe add fec0:6666:6666::<Your_real_addr>/96
1111 ftp 10.66.66.66
1112 ...
1113 ftp fec0:6666:6666::193.233.7.65
1114 ...
1115
1116 */
1117
3b04ddde
SH		 1118static int ipgre_header(struct sk_buff *skb, struct net_device *dev,
1119 unsigned short type,
1120 const void *daddr, const void *saddr, unsigned len)
1da177e4 1121{
2941a486 1122 struct ip_tunnel *t = netdev_priv(dev);
1da177e4 1123 struct iphdr *iph = (struct iphdr *)skb_push(skb, t->hlen);
d5a0a1e3 1124 __be16 *p = (__be16*)(iph+1);
1da177e4
LT		 1125
1126 memcpy(iph, &t->parms.iph, sizeof(struct iphdr));
1127 p[0] = t->parms.o_flags;
1128 p[1] = htons(type);
1129
1130 /*
e905a9ed 1131 * Set the source hardware address.
1da177e4 1132 */
e905a9ed 1133
1da177e4
LT		 1134 if (saddr)
1135 memcpy(&iph->saddr, saddr, 4);
1136
1137 if (daddr) {
1138 memcpy(&iph->daddr, daddr, 4);
1139 return t->hlen;
1140 }
f97c1e0c 1141 if (iph->daddr && !ipv4_is_multicast(iph->daddr))
1da177e4 1142 return t->hlen;
e905a9ed 1143
1da177e4
LT		 1144 return -t->hlen;
1145}
1146
6a5f44d7
TT		 1147static int ipgre_header_parse(const struct sk_buff *skb, unsigned char *haddr)
1148{
1149 struct iphdr *iph = (struct iphdr*) skb_mac_header(skb);
1150 memcpy(haddr, &iph->saddr, 4);
1151 return 4;
1152}
1153
3b04ddde
SH		 1154static const struct header_ops ipgre_header_ops = {
1155 .create = ipgre_header,
6a5f44d7 1156 .parse = ipgre_header_parse,
3b04ddde
SH		 1157};
1158
6a5f44d7 1159#ifdef CONFIG_NET_IPGRE_BROADCAST
1da177e4
LT		 1160static int ipgre_open(struct net_device *dev)
1161{
2941a486 1162 struct ip_tunnel *t = netdev_priv(dev);
1da177e4 1163
f97c1e0c 1164 if (ipv4_is_multicast(t->parms.iph.daddr)) {
1da177e4
LT		 1165 struct flowi fl = { .oif = t->parms.link,
1166 .nl_u = { .ip4_u =
1167 { .daddr = t->parms.iph.daddr,
1168 .saddr = t->parms.iph.saddr,
1169 .tos = RT_TOS(t->parms.iph.tos) } },
1170 .proto = IPPROTO_GRE };
1171 struct rtable *rt;
f206351a 1172 if (ip_route_output_key(&init_net, &rt, &fl))
1da177e4
LT		 1173 return -EADDRNOTAVAIL;
1174 dev = rt->u.dst.dev;
1175 ip_rt_put(rt);
e5ed6399 1176 if (__in_dev_get_rtnl(dev) == NULL)
1da177e4
LT		 1177 return -EADDRNOTAVAIL;
1178 t->mlink = dev->ifindex;
e5ed6399 1179 ip_mc_inc_group(__in_dev_get_rtnl(dev), t->parms.iph.daddr);
1da177e4
LT		 1180 }
1181 return 0;
1182}
1183
1184static int ipgre_close(struct net_device *dev)
1185{
2941a486 1186 struct ip_tunnel *t = netdev_priv(dev);
f97c1e0c 1187 if (ipv4_is_multicast(t->parms.iph.daddr) && t->mlink) {
7fee0ca2
DL		 1188 struct in_device *in_dev;
1189 in_dev = inetdev_by_index(dev->nd_net, t->mlink);
1da177e4
LT		 1190 if (in_dev) {
1191 ip_mc_dec_group(in_dev, t->parms.iph.daddr);
1192 in_dev_put(in_dev);
1193 }
1194 }
1195 return 0;
1196}
1197
1198#endif
1199
1200static void ipgre_tunnel_setup(struct net_device *dev)
1201{
1da177e4
LT		 1202 dev->uninit = ipgre_tunnel_uninit;
1203 dev->destructor = free_netdev;
1204 dev->hard_start_xmit = ipgre_tunnel_xmit;
1205 dev->get_stats = ipgre_tunnel_get_stats;
1206 dev->do_ioctl = ipgre_tunnel_ioctl;
1207 dev->change_mtu = ipgre_tunnel_change_mtu;
1208
1209 dev->type = ARPHRD_IPGRE;
1210 dev->hard_header_len = LL_MAX_HEADER + sizeof(struct iphdr) + 4;
46f25dff 1211 dev->mtu = ETH_DATA_LEN - sizeof(struct iphdr) - 4;
1da177e4
LT		 1212 dev->flags = IFF_NOARP;
1213 dev->iflink = 0;
1214 dev->addr_len = 4;
1215}
1216
1217static int ipgre_tunnel_init(struct net_device *dev)
1218{
1da177e4
LT		 1219 struct ip_tunnel *tunnel;
1220 struct iphdr *iph;
1da177e4 1221
2941a486 1222 tunnel = netdev_priv(dev);
1da177e4
LT		 1223 iph = &tunnel->parms.iph;
1224
1225 tunnel->dev = dev;
1226 strcpy(tunnel->parms.name, dev->name);
1227
1228 memcpy(dev->dev_addr, &tunnel->parms.iph.saddr, 4);
1229 memcpy(dev->broadcast, &tunnel->parms.iph.daddr, 4);
1230
ee34c1eb 1231 ipgre_tunnel_bind_dev(dev);
1da177e4
LT		 1232
1233 if (iph->daddr) {
1da177e4 1234#ifdef CONFIG_NET_IPGRE_BROADCAST
f97c1e0c 1235 if (ipv4_is_multicast(iph->daddr)) {
1da177e4
LT		 1236 if (!iph->saddr)
1237 return -EINVAL;
1238 dev->flags = IFF_BROADCAST;
3b04ddde 1239 dev->header_ops = &ipgre_header_ops;
1da177e4
LT		 1240 dev->open = ipgre_open;
1241 dev->stop = ipgre_close;
1242 }
1243#endif
ee34c1eb 1244 } else
6a5f44d7 1245 dev->header_ops = &ipgre_header_ops;
1da177e4 1246
1da177e4
LT		 1247 return 0;
1248}
1249
4b30b1c6 1250static int __init ipgre_fb_tunnel_init(struct net_device *dev)
1da177e4 1251{
2941a486 1252 struct ip_tunnel *tunnel = netdev_priv(dev);
1da177e4
LT		 1253 struct iphdr *iph = &tunnel->parms.iph;
1254
1255 tunnel->dev = dev;
1256 strcpy(tunnel->parms.name, dev->name);
1257
1258 iph->version = 4;
1259 iph->protocol = IPPROTO_GRE;
1260 iph->ihl = 5;
1261 tunnel->hlen = sizeof(struct iphdr) + 4;
1262
1263 dev_hold(dev);
1264 tunnels_wc[0] = tunnel;
1265 return 0;
1266}
1267
1268
1269static struct net_protocol ipgre_protocol = {
1270 .handler = ipgre_rcv,
1271 .err_handler = ipgre_err,
1272};
1273
1274
1275/*
1276 * And now the modules code and kernel interface.
1277 */
1278
1279static int __init ipgre_init(void)
1280{
1281 int err;
1282
1283 printk(KERN_INFO "GRE over IPv4 tunneling driver\n");
1284
1285 if (inet_add_protocol(&ipgre_protocol, IPPROTO_GRE) < 0) {
1286 printk(KERN_INFO "ipgre init: can't add protocol\n");
1287 return -EAGAIN;
1288 }
1289
1290 ipgre_fb_tunnel_dev = alloc_netdev(sizeof(struct ip_tunnel), "gre0",
1291 ipgre_tunnel_setup);
1292 if (!ipgre_fb_tunnel_dev) {
1293 err = -ENOMEM;
1294 goto err1;
1295 }
1296
1297 ipgre_fb_tunnel_dev->init = ipgre_fb_tunnel_init;
1298
1299 if ((err = register_netdev(ipgre_fb_tunnel_dev)))
1300 goto err2;
1301out:
1302 return err;
1303err2:
1304 free_netdev(ipgre_fb_tunnel_dev);
1305err1:
1306 inet_del_protocol(&ipgre_protocol, IPPROTO_GRE);
1307 goto out;
1308}
1309
db44575f
AK		 1310static void __exit ipgre_destroy_tunnels(void)
1311{
1312 int prio;
1313
1314 for (prio = 0; prio < 4; prio++) {
1315 int h;
1316 for (h = 0; h < HASH_SIZE; h++) {
1317 struct ip_tunnel *t;
1318 while ((t = tunnels[prio][h]) != NULL)
1319 unregister_netdevice(t->dev);
1320 }
1321 }
1322}
1323
1324static void __exit ipgre_fini(void)
1da177e4
LT		 1325{
1326 if (inet_del_protocol(&ipgre_protocol, IPPROTO_GRE) < 0)
1327 printk(KERN_INFO "ipgre close: can't remove protocol\n");
1328
db44575f
AK		 1329 rtnl_lock();
1330 ipgre_destroy_tunnels();
1331 rtnl_unlock();
1da177e4
LT		 1332}
1333
1334module_init(ipgre_init);
1335module_exit(ipgre_fini);
1336MODULE_LICENSE("GPL");
Clone of davem's net-next-2.6 tree