1/*
2 * Linux NET3: IP/IP protocol decoder modified to support
3 * virtual tunnel interface
4 *
5 * Authors:
6 * Saurabh Mohan (saurabh.mohan@vyatta.com) 05/07/2012
7 *
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public License
10 * as published by the Free Software Foundation; either version
11 * 2 of the License, or (at your option) any later version.
12 *
13 */
14
15/*
16 This version of net/ipv4/ip_vti.c is cloned of net/ipv4/ipip.c
17
18 For comments look at net/ipv4/ip_gre.c --ANK
19 */
20
21
22#include <linux/capability.h>
23#include <linux/module.h>
24#include <linux/types.h>
25#include <linux/kernel.h>
26#include <linux/uaccess.h>
27#include <linux/skbuff.h>
28#include <linux/netdevice.h>
29#include <linux/in.h>
30#include <linux/tcp.h>
31#include <linux/udp.h>
32#include <linux/if_arp.h>
33#include <linux/init.h>
34#include <linux/netfilter_ipv4.h>
35#include <linux/if_ether.h>
36#include <linux/icmpv6.h>
37
38#include <net/sock.h>
39#include <net/ip.h>
40#include <net/icmp.h>
41#include <net/ip_tunnels.h>
42#include <net/inet_ecn.h>
43#include <net/xfrm.h>
44#include <net/net_namespace.h>
45#include <net/netns/generic.h>
46
47static struct rtnl_link_ops vti_link_ops __read_mostly;
48
49static unsigned int vti_net_id __read_mostly;
50static int vti_tunnel_init(struct net_device *dev);
51
52static int vti_input(struct sk_buff *skb, int nexthdr, __be32 spi,
53 int encap_type)
54{
55 struct ip_tunnel *tunnel;
56 const struct iphdr *iph = ip_hdr(skb);
57 struct net *net = dev_net(skb->dev);
58 struct ip_tunnel_net *itn = net_generic(net, vti_net_id);
59
60 tunnel = ip_tunnel_lookup(itn, skb->dev->ifindex, TUNNEL_NO_KEY,
61 iph->saddr, iph->daddr, 0);
62 if (tunnel) {
63 if (!xfrm4_policy_check(NULL, XFRM_POLICY_IN, skb))
64 goto drop;
65
66 XFRM_TUNNEL_SKB_CB(skb)->tunnel.ip4 = tunnel;
67
68 return xfrm_input(skb, nexthdr, spi, encap_type);
69 }
70
71 return -EINVAL;
72drop:
73 kfree_skb(skb);
74 return 0;
75}
76
77static int vti_input_ipip(struct sk_buff *skb, int nexthdr, __be32 spi,
78 int encap_type)
79{
80 struct ip_tunnel *tunnel;
81 const struct iphdr *iph = ip_hdr(skb);
82 struct net *net = dev_net(skb->dev);
83 struct ip_tunnel_net *itn = net_generic(net, vti_net_id);
84
85 tunnel = ip_tunnel_lookup(itn, skb->dev->ifindex, TUNNEL_NO_KEY,
86 iph->saddr, iph->daddr, 0);
87 if (tunnel) {
88 if (!xfrm4_policy_check(NULL, XFRM_POLICY_IN, skb))
89 goto drop;
90
91 XFRM_TUNNEL_SKB_CB(skb)->tunnel.ip4 = tunnel;
92
93 skb->dev = tunnel->dev;
94
95 return xfrm_input(skb, nexthdr, spi, encap_type);
96 }
97
98 return -EINVAL;
99drop:
100 kfree_skb(skb);
101 return 0;
102}
103
104static int vti_rcv(struct sk_buff *skb)
105{
106 XFRM_SPI_SKB_CB(skb)->family = AF_INET;
107 XFRM_SPI_SKB_CB(skb)->daddroff = offsetof(struct iphdr, daddr);
108
109 return vti_input(skb, ip_hdr(skb)->protocol, 0, 0);
110}
111
112static int vti_rcv_ipip(struct sk_buff *skb)
113{
114 XFRM_SPI_SKB_CB(skb)->family = AF_INET;
115 XFRM_SPI_SKB_CB(skb)->daddroff = offsetof(struct iphdr, daddr);
116
117 return vti_input_ipip(skb, ip_hdr(skb)->protocol, ip_hdr(skb)->saddr, 0);
118}
119
120static int vti_rcv_cb(struct sk_buff *skb, int err)
121{
122 unsigned short family;
123 struct net_device *dev;
124 struct pcpu_sw_netstats *tstats;
125 struct xfrm_state *x;
126 struct xfrm_mode *inner_mode;
127 struct ip_tunnel *tunnel = XFRM_TUNNEL_SKB_CB(skb)->tunnel.ip4;
128 u32 orig_mark = skb->mark;
129 int ret;
130
131 if (!tunnel)
132 return 1;
133
134 dev = tunnel->dev;
135
136 if (err) {
137 dev->stats.rx_errors++;
138 dev->stats.rx_dropped++;
139
140 return 0;
141 }
142
143 x = xfrm_input_state(skb);
144
145 inner_mode = x->inner_mode;
146
147 if (x->sel.family == AF_UNSPEC) {
148 inner_mode = xfrm_ip2inner_mode(x, XFRM_MODE_SKB_CB(skb)->protocol);
149 if (inner_mode == NULL) {
150 XFRM_INC_STATS(dev_net(skb->dev),
151 LINUX_MIB_XFRMINSTATEMODEERROR);
152 return -EINVAL;
153 }
154 }
155
156 family = inner_mode->afinfo->family;
157
158 skb->mark = be32_to_cpu(tunnel->parms.i_key);
159 ret = xfrm_policy_check(NULL, XFRM_POLICY_IN, skb, family);
160 skb->mark = orig_mark;
161
162 if (!ret)
163 return -EPERM;
164
165 skb_scrub_packet(skb, !net_eq(tunnel->net, dev_net(skb->dev)));
166 skb->dev = dev;
167
168 tstats = this_cpu_ptr(dev->tstats);
169
170 u64_stats_update_begin(&tstats->syncp);
171 tstats->rx_packets++;
172 tstats->rx_bytes += skb->len;
173 u64_stats_update_end(&tstats->syncp);
174
175 return 0;
176}
177
178static bool vti_state_check(const struct xfrm_state *x, __be32 dst, __be32 src)
179{
180 xfrm_address_t *daddr = (xfrm_address_t *)&dst;
181 xfrm_address_t *saddr = (xfrm_address_t *)&src;
182
183 /* if there is no transform then this tunnel is not functional.
184 * Or if the xfrm is not mode tunnel.
185 */
186 if (!x || x->props.mode != XFRM_MODE_TUNNEL ||
187 x->props.family != AF_INET)
188 return false;
189
190 if (!dst)
191 return xfrm_addr_equal(saddr, &x->props.saddr, AF_INET);
192
193 if (!xfrm_state_addr_check(x, daddr, saddr, AF_INET))
194 return false;
195
196 return true;
197}
198
199static netdev_tx_t vti_xmit(struct sk_buff *skb, struct net_device *dev,
200 struct flowi *fl)
201{
202 struct ip_tunnel *tunnel = netdev_priv(dev);
203 struct ip_tunnel_parm *parms = &tunnel->parms;
204 struct dst_entry *dst = skb_dst(skb);
205 struct net_device *tdev; /* Device to other host */
206 int pkt_len = skb->len;
207 int err;
208 int mtu;
209
210 if (!dst) {
211 dev->stats.tx_carrier_errors++;
212 goto tx_error_icmp;
213 }
214
215 dst_hold(dst);
216 dst = xfrm_lookup(tunnel->net, dst, fl, NULL, 0);
217 if (IS_ERR(dst)) {
218 dev->stats.tx_carrier_errors++;
219 goto tx_error_icmp;
220 }
221
222 if (!vti_state_check(dst->xfrm, parms->iph.daddr, parms->iph.saddr)) {
223 dev->stats.tx_carrier_errors++;
224 dst_release(dst);
225 goto tx_error_icmp;
226 }
227
228 tdev = dst->dev;
229
230 if (tdev == dev) {
231 dst_release(dst);
232 dev->stats.collisions++;
233 goto tx_error;
234 }
235
236 mtu = dst_mtu(dst);
237 if (skb->len > mtu) {
238 skb_dst_update_pmtu(skb, mtu);
239 if (skb->protocol == htons(ETH_P_IP)) {
240 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED,
241 htonl(mtu));
242 } else {
243 if (mtu < IPV6_MIN_MTU)
244 mtu = IPV6_MIN_MTU;
245
246 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu);
247 }
248
249 dst_release(dst);
250 goto tx_error;
251 }
252
253 skb_scrub_packet(skb, !net_eq(tunnel->net, dev_net(dev)));
254 skb_dst_set(skb, dst);
255 skb->dev = skb_dst(skb)->dev;
256
257 err = dst_output(tunnel->net, skb->sk, skb);
258 if (net_xmit_eval(err) == 0)
259 err = pkt_len;
260 iptunnel_xmit_stats(dev, err);
261 return NETDEV_TX_OK;
262
263tx_error_icmp:
264 dst_link_failure(skb);
265tx_error:
266 dev->stats.tx_errors++;
267 kfree_skb(skb);
268 return NETDEV_TX_OK;
269}
270
271/* This function assumes it is being called from dev_queue_xmit()
272 * and that skb is filled properly by that function.
273 */
274static netdev_tx_t vti_tunnel_xmit(struct sk_buff *skb, struct net_device *dev)
275{
276 struct ip_tunnel *tunnel = netdev_priv(dev);
277 struct flowi fl;
278
279 if (!pskb_inet_may_pull(skb))
280 goto tx_err;
281
282 memset(&fl, 0, sizeof(fl));
283
284 switch (skb->protocol) {
285 case htons(ETH_P_IP):
286 xfrm_decode_session(skb, &fl, AF_INET);
287 memset(IPCB(skb), 0, sizeof(*IPCB(skb)));
288 break;
289 case htons(ETH_P_IPV6):
290 xfrm_decode_session(skb, &fl, AF_INET6);
291 memset(IP6CB(skb), 0, sizeof(*IP6CB(skb)));
292 break;
293 default:
294 goto tx_err;
295 }
296
297 /* override mark with tunnel output key */
298 fl.flowi_mark = be32_to_cpu(tunnel->parms.o_key);
299
300 return vti_xmit(skb, dev, &fl);
301
302tx_err:
303 dev->stats.tx_errors++;
304 kfree_skb(skb);
305 return NETDEV_TX_OK;
306}
307
308static int vti4_err(struct sk_buff *skb, u32 info)
309{
310 __be32 spi;
311 __u32 mark;
312 struct xfrm_state *x;
313 struct ip_tunnel *tunnel;
314 struct ip_esp_hdr *esph;
315 struct ip_auth_hdr *ah ;
316 struct ip_comp_hdr *ipch;
317 struct net *net = dev_net(skb->dev);
318 const struct iphdr *iph = (const struct iphdr *)skb->data;
319 int protocol = iph->protocol;
320 struct ip_tunnel_net *itn = net_generic(net, vti_net_id);
321
322 tunnel = ip_tunnel_lookup(itn, skb->dev->ifindex, TUNNEL_NO_KEY,
323 iph->daddr, iph->saddr, 0);
324 if (!tunnel)
325 return -1;
326
327 mark = be32_to_cpu(tunnel->parms.o_key);
328
329 switch (protocol) {
330 case IPPROTO_ESP:
331 esph = (struct ip_esp_hdr *)(skb->data+(iph->ihl<<2));
332 spi = esph->spi;
333 break;
334 case IPPROTO_AH:
335 ah = (struct ip_auth_hdr *)(skb->data+(iph->ihl<<2));
336 spi = ah->spi;
337 break;
338 case IPPROTO_COMP:
339 ipch = (struct ip_comp_hdr *)(skb->data+(iph->ihl<<2));
340 spi = htonl(ntohs(ipch->cpi));
341 break;
342 default:
343 return 0;
344 }
345
346 switch (icmp_hdr(skb)->type) {
347 case ICMP_DEST_UNREACH:
348 if (icmp_hdr(skb)->code != ICMP_FRAG_NEEDED)
349 return 0;
350 case ICMP_REDIRECT:
351 break;
352 default:
353 return 0;
354 }
355
356 x = xfrm_state_lookup(net, mark, (const xfrm_address_t *)&iph->daddr,
357 spi, protocol, AF_INET);
358 if (!x)
359 return 0;
360
361 if (icmp_hdr(skb)->type == ICMP_DEST_UNREACH)
362 ipv4_update_pmtu(skb, net, info, 0, protocol);
363 else
364 ipv4_redirect(skb, net, 0, protocol);
365 xfrm_state_put(x);
366
367 return 0;
368}
369
370static int
371vti_tunnel_ioctl(struct net_device *dev, struct ifreq *ifr, int cmd)
372{
373 int err = 0;
374 struct ip_tunnel_parm p;
375
376 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p)))
377 return -EFAULT;
378
379 if (cmd == SIOCADDTUNNEL || cmd == SIOCCHGTUNNEL) {
380 if (p.iph.version != 4 || p.iph.protocol != IPPROTO_IPIP ||
381 p.iph.ihl != 5)
382 return -EINVAL;
383 }
384
385 if (!(p.i_flags & GRE_KEY))
386 p.i_key = 0;
387 if (!(p.o_flags & GRE_KEY))
388 p.o_key = 0;
389
390 p.i_flags = VTI_ISVTI;
391
392 err = ip_tunnel_ioctl(dev, &p, cmd);
393 if (err)
394 return err;
395
396 if (cmd != SIOCDELTUNNEL) {
397 p.i_flags |= GRE_KEY;
398 p.o_flags |= GRE_KEY;
399 }
400
401 if (copy_to_user(ifr->ifr_ifru.ifru_data, &p, sizeof(p)))
402 return -EFAULT;
403 return 0;
404}
405
406static const struct net_device_ops vti_netdev_ops = {
407 .ndo_init = vti_tunnel_init,
408 .ndo_uninit = ip_tunnel_uninit,
409 .ndo_start_xmit = vti_tunnel_xmit,
410 .ndo_do_ioctl = vti_tunnel_ioctl,
411 .ndo_change_mtu = ip_tunnel_change_mtu,
412 .ndo_get_stats64 = ip_tunnel_get_stats64,
413 .ndo_get_iflink = ip_tunnel_get_iflink,
414};
415
416static void vti_tunnel_setup(struct net_device *dev)
417{
418 dev->netdev_ops = &vti_netdev_ops;
419 dev->type = ARPHRD_TUNNEL;
420 ip_tunnel_setup(dev, vti_net_id);
421}
422
423static int vti_tunnel_init(struct net_device *dev)
424{
425 struct ip_tunnel *tunnel = netdev_priv(dev);
426 struct iphdr *iph = &tunnel->parms.iph;
427
428 memcpy(dev->dev_addr, &iph->saddr, 4);
429 memcpy(dev->broadcast, &iph->daddr, 4);
430
431 dev->flags = IFF_NOARP;
432 dev->addr_len = 4;
433 dev->features |= NETIF_F_LLTX;
434 netif_keep_dst(dev);
435
436 return ip_tunnel_init(dev);
437}
438
439static void __net_init vti_fb_tunnel_init(struct net_device *dev)
440{
441 struct ip_tunnel *tunnel = netdev_priv(dev);
442 struct iphdr *iph = &tunnel->parms.iph;
443
444 iph->version = 4;
445 iph->protocol = IPPROTO_IPIP;
446 iph->ihl = 5;
447}
448
449static struct xfrm4_protocol vti_esp4_protocol __read_mostly = {
450 .handler = vti_rcv,
451 .input_handler = vti_input,
452 .cb_handler = vti_rcv_cb,
453 .err_handler = vti4_err,
454 .priority = 100,
455};
456
457static struct xfrm4_protocol vti_ah4_protocol __read_mostly = {
458 .handler = vti_rcv,
459 .input_handler = vti_input,
460 .cb_handler = vti_rcv_cb,
461 .err_handler = vti4_err,
462 .priority = 100,
463};
464
465static struct xfrm4_protocol vti_ipcomp4_protocol __read_mostly = {
466 .handler = vti_rcv,
467 .input_handler = vti_input,
468 .cb_handler = vti_rcv_cb,
469 .err_handler = vti4_err,
470 .priority = 100,
471};
472
473static struct xfrm_tunnel ipip_handler __read_mostly = {
474 .handler = vti_rcv_ipip,
475 .err_handler = vti4_err,
476 .priority = 0,
477};
478
479static int __net_init vti_init_net(struct net *net)
480{
481 int err;
482 struct ip_tunnel_net *itn;
483
484 err = ip_tunnel_init_net(net, vti_net_id, &vti_link_ops, "ip_vti0");
485 if (err)
486 return err;
487 itn = net_generic(net, vti_net_id);
488 if (itn->fb_tunnel_dev)
489 vti_fb_tunnel_init(itn->fb_tunnel_dev);
490 return 0;
491}
492
493static void __net_exit vti_exit_batch_net(struct list_head *list_net)
494{
495 ip_tunnel_delete_nets(list_net, vti_net_id, &vti_link_ops);
496}
497
498static struct pernet_operations vti_net_ops = {
499 .init = vti_init_net,
500 .exit_batch = vti_exit_batch_net,
501 .id = &vti_net_id,
502 .size = sizeof(struct ip_tunnel_net),
503};
504
505static int vti_tunnel_validate(struct nlattr *tb[], struct nlattr *data[],
506 struct netlink_ext_ack *extack)
507{
508 return 0;
509}
510
511static void vti_netlink_parms(struct nlattr *data[],
512 struct ip_tunnel_parm *parms,
513 __u32 *fwmark)
514{
515 memset(parms, 0, sizeof(*parms));
516
517 parms->iph.protocol = IPPROTO_IPIP;
518
519 if (!data)
520 return;
521
522 parms->i_flags = VTI_ISVTI;
523
524 if (data[IFLA_VTI_LINK])
525 parms->link = nla_get_u32(data[IFLA_VTI_LINK]);
526
527 if (data[IFLA_VTI_IKEY])
528 parms->i_key = nla_get_be32(data[IFLA_VTI_IKEY]);
529
530 if (data[IFLA_VTI_OKEY])
531 parms->o_key = nla_get_be32(data[IFLA_VTI_OKEY]);
532
533 if (data[IFLA_VTI_LOCAL])
534 parms->iph.saddr = nla_get_in_addr(data[IFLA_VTI_LOCAL]);
535
536 if (data[IFLA_VTI_REMOTE])
537 parms->iph.daddr = nla_get_in_addr(data[IFLA_VTI_REMOTE]);
538
539 if (data[IFLA_VTI_FWMARK])
540 *fwmark = nla_get_u32(data[IFLA_VTI_FWMARK]);
541}
542
543static int vti_newlink(struct net *src_net, struct net_device *dev,
544 struct nlattr *tb[], struct nlattr *data[],
545 struct netlink_ext_ack *extack)
546{
547 struct ip_tunnel_parm parms;
548 __u32 fwmark = 0;
549
550 vti_netlink_parms(data, &parms, &fwmark);
551 return ip_tunnel_newlink(dev, tb, &parms, fwmark);
552}
553
554static int vti_changelink(struct net_device *dev, struct nlattr *tb[],
555 struct nlattr *data[],
556 struct netlink_ext_ack *extack)
557{
558 struct ip_tunnel *t = netdev_priv(dev);
559 __u32 fwmark = t->fwmark;
560 struct ip_tunnel_parm p;
561
562 vti_netlink_parms(data, &p, &fwmark);
563 return ip_tunnel_changelink(dev, tb, &p, fwmark);
564}
565
566static size_t vti_get_size(const struct net_device *dev)
567{
568 return
569 /* IFLA_VTI_LINK */
570 nla_total_size(4) +
571 /* IFLA_VTI_IKEY */
572 nla_total_size(4) +
573 /* IFLA_VTI_OKEY */
574 nla_total_size(4) +
575 /* IFLA_VTI_LOCAL */
576 nla_total_size(4) +
577 /* IFLA_VTI_REMOTE */
578 nla_total_size(4) +
579 /* IFLA_VTI_FWMARK */
580 nla_total_size(4) +
581 0;
582}
583
584static int vti_fill_info(struct sk_buff *skb, const struct net_device *dev)
585{
586 struct ip_tunnel *t = netdev_priv(dev);
587 struct ip_tunnel_parm *p = &t->parms;
588
589 if (nla_put_u32(skb, IFLA_VTI_LINK, p->link) ||
590 nla_put_be32(skb, IFLA_VTI_IKEY, p->i_key) ||
591 nla_put_be32(skb, IFLA_VTI_OKEY, p->o_key) ||
592 nla_put_in_addr(skb, IFLA_VTI_LOCAL, p->iph.saddr) ||
593 nla_put_in_addr(skb, IFLA_VTI_REMOTE, p->iph.daddr) ||
594 nla_put_u32(skb, IFLA_VTI_FWMARK, t->fwmark))
595 return -EMSGSIZE;
596
597 return 0;
598}
599
600static const struct nla_policy vti_policy[IFLA_VTI_MAX + 1] = {
601 [IFLA_VTI_LINK] = { .type = NLA_U32 },
602 [IFLA_VTI_IKEY] = { .type = NLA_U32 },
603 [IFLA_VTI_OKEY] = { .type = NLA_U32 },
604 [IFLA_VTI_LOCAL] = { .len = FIELD_SIZEOF(struct iphdr, saddr) },
605 [IFLA_VTI_REMOTE] = { .len = FIELD_SIZEOF(struct iphdr, daddr) },
606 [IFLA_VTI_FWMARK] = { .type = NLA_U32 },
607};
608
609static struct rtnl_link_ops vti_link_ops __read_mostly = {
610 .kind = "vti",
611 .maxtype = IFLA_VTI_MAX,
612 .policy = vti_policy,
613 .priv_size = sizeof(struct ip_tunnel),
614 .setup = vti_tunnel_setup,
615 .validate = vti_tunnel_validate,
616 .newlink = vti_newlink,
617 .changelink = vti_changelink,
618 .dellink = ip_tunnel_dellink,
619 .get_size = vti_get_size,
620 .fill_info = vti_fill_info,
621 .get_link_net = ip_tunnel_get_link_net,
622};
623
624static int __init vti_init(void)
625{
626 const char *msg;
627 int err;
628
629 pr_info("IPv4 over IPsec tunneling driver\n");
630
631 msg = "tunnel device";
632 err = register_pernet_device(&vti_net_ops);
633 if (err < 0)
634 goto pernet_dev_failed;
635
636 msg = "tunnel protocols";
637 err = xfrm4_protocol_register(&vti_esp4_protocol, IPPROTO_ESP);
638 if (err < 0)
639 goto xfrm_proto_esp_failed;
640 err = xfrm4_protocol_register(&vti_ah4_protocol, IPPROTO_AH);
641 if (err < 0)
642 goto xfrm_proto_ah_failed;
643 err = xfrm4_protocol_register(&vti_ipcomp4_protocol, IPPROTO_COMP);
644 if (err < 0)
645 goto xfrm_proto_comp_failed;
646
647 msg = "ipip tunnel";
648 err = xfrm4_tunnel_register(&ipip_handler, AF_INET);
649 if (err < 0) {
650 pr_info("%s: cant't register tunnel\n",__func__);
651 goto xfrm_tunnel_failed;
652 }
653
654 msg = "netlink interface";
655 err = rtnl_link_register(&vti_link_ops);
656 if (err < 0)
657 goto rtnl_link_failed;
658
659 return err;
660
661rtnl_link_failed:
662 xfrm4_protocol_deregister(&vti_ipcomp4_protocol, IPPROTO_COMP);
663xfrm_tunnel_failed:
664 xfrm4_tunnel_deregister(&ipip_handler, AF_INET);
665xfrm_proto_comp_failed:
666 xfrm4_protocol_deregister(&vti_ah4_protocol, IPPROTO_AH);
667xfrm_proto_ah_failed:
668 xfrm4_protocol_deregister(&vti_esp4_protocol, IPPROTO_ESP);
669xfrm_proto_esp_failed:
670 unregister_pernet_device(&vti_net_ops);
671pernet_dev_failed:
672 pr_err("vti init: failed to register %s\n", msg);
673 return err;
674}
675
676static void __exit vti_fini(void)
677{
678 rtnl_link_unregister(&vti_link_ops);
679 xfrm4_protocol_deregister(&vti_ipcomp4_protocol, IPPROTO_COMP);
680 xfrm4_protocol_deregister(&vti_ah4_protocol, IPPROTO_AH);
681 xfrm4_protocol_deregister(&vti_esp4_protocol, IPPROTO_ESP);
682 unregister_pernet_device(&vti_net_ops);
683}
684
685module_init(vti_init);
686module_exit(vti_fini);
687MODULE_LICENSE("GPL");
688MODULE_ALIAS_RTNL_LINK("vti");
689MODULE_ALIAS_NETDEV("ip_vti0");
690