1/*
2 * Linux NET3: IP/IP protocol decoder.
3 *
4 * Authors:
5 * Sam Lantinga (slouken@cs.ucdavis.edu) 02/01/95
6 *
7 * Fixes:
8 * Alan Cox : Merged and made usable non modular (its so tiny its silly as
9 * a module taking up 2 pages).
10 * Alan Cox : Fixed bug with 1.3.18 and IPIP not working (now needs to set skb->h.iph)
11 * to keep ip_forward happy.
12 * Alan Cox : More fixes for 1.3.21, and firewall fix. Maybe this will work soon 8).
13 * Kai Schulte : Fixed #defines for IP_FIREWALL->FIREWALL
14 * David Woodhouse : Perform some basic ICMP handling.
15 * IPIP Routing without decapsulation.
16 * Carlos Picoto : GRE over IP support
17 * Alexey Kuznetsov: Reworked. Really, now it is truncated version of ipv4/ip_gre.c.
18 * I do not want to merge them together.
19 *
20 * This program is free software; you can redistribute it and/or
21 * modify it under the terms of the GNU General Public License
22 * as published by the Free Software Foundation; either version
23 * 2 of the License, or (at your option) any later version.
24 *
25 */
26
27/* tunnel.c: an IP tunnel driver
28
29 The purpose of this driver is to provide an IP tunnel through
30 which you can tunnel network traffic transparently across subnets.
31
32 This was written by looking at Nick Holloway's dummy driver
33 Thanks for the great code!
34
35 -Sam Lantinga (slouken@cs.ucdavis.edu) 02/01/95
36
37 Minor tweaks:
38 Cleaned up the code a little and added some pre-1.3.0 tweaks.
39 dev->hard_header/hard_header_len changed to use no headers.
40 Comments/bracketing tweaked.
41 Made the tunnels use dev->name not tunnel: when error reporting.
42 Added tx_dropped stat
43
44 -Alan Cox (alan@lxorguk.ukuu.org.uk) 21 March 95
45
46 Reworked:
47 Changed to tunnel to destination gateway in addition to the
48 tunnel's pointopoint address
49 Almost completely rewritten
50 Note: There is currently no firewall or ICMP handling done.
51
52 -Sam Lantinga (slouken@cs.ucdavis.edu) 02/13/96
53
54*/
55
56/* Things I wish I had known when writing the tunnel driver:
57
58 When the tunnel_xmit() function is called, the skb contains the
59 packet to be sent (plus a great deal of extra info), and dev
60 contains the tunnel device that _we_ are.
61
62 When we are passed a packet, we are expected to fill in the
63 source address with our source IP address.
64
65 What is the proper way to allocate, copy and free a buffer?
66 After you allocate it, it is a "0 length" chunk of memory
67 starting at zero. If you want to add headers to the buffer
68 later, you'll have to call "skb_reserve(skb, amount)" with
69 the amount of memory you want reserved. Then, you call
70 "skb_put(skb, amount)" with the amount of space you want in
71 the buffer. skb_put() returns a pointer to the top (#0) of
72 that buffer. skb->len is set to the amount of space you have
73 "allocated" with skb_put(). You can then write up to skb->len
74 bytes to that buffer. If you need more, you can call skb_put()
75 again with the additional amount of space you need. You can
76 find out how much more space you can allocate by calling
77 "skb_tailroom(skb)".
78 Now, to add header space, call "skb_push(skb, header_len)".
79 This creates space at the beginning of the buffer and returns
80 a pointer to this new space. If later you need to strip a
81 header from a buffer, call "skb_pull(skb, header_len)".
82 skb_headroom() will return how much space is left at the top
83 of the buffer (before the main data). Remember, this headroom
84 space must be reserved before the skb_put() function is called.
85 */
86
87/*
88 This version of net/ipv4/ipip.c is cloned of net/ipv4/ip_gre.c
89
90 For comments look at net/ipv4/ip_gre.c --ANK
91 */
92
93
94#include <linux/capability.h>
95#include <linux/module.h>
96#include <linux/types.h>
97#include <linux/kernel.h>
98#include <linux/slab.h>
99#include <linux/uaccess.h>
100#include <linux/skbuff.h>
101#include <linux/netdevice.h>
102#include <linux/in.h>
103#include <linux/tcp.h>
104#include <linux/udp.h>
105#include <linux/if_arp.h>
106#include <linux/init.h>
107#include <linux/netfilter_ipv4.h>
108#include <linux/if_ether.h>
109
110#include <net/sock.h>
111#include <net/ip.h>
112#include <net/icmp.h>
113#include <net/ip_tunnels.h>
114#include <net/inet_ecn.h>
115#include <net/xfrm.h>
116#include <net/net_namespace.h>
117#include <net/netns/generic.h>
118#include <net/dst_metadata.h>
119
120static bool log_ecn_error = true;
121module_param(log_ecn_error, bool, 0644);
122MODULE_PARM_DESC(log_ecn_error, "Log packets received with corrupted ECN");
123
124static unsigned int ipip_net_id __read_mostly;
125
126static int ipip_tunnel_init(struct net_device *dev);
127static struct rtnl_link_ops ipip_link_ops __read_mostly;
128
129static int ipip_err(struct sk_buff *skb, u32 info)
130{
131 /* All the routers (except for Linux) return only
132 * 8 bytes of packet payload. It means, that precise relaying of
133 * ICMP in the real Internet is absolutely infeasible.
134 */
135 struct net *net = dev_net(skb->dev);
136 struct ip_tunnel_net *itn = net_generic(net, ipip_net_id);
137 const struct iphdr *iph = (const struct iphdr *)skb->data;
138 const int type = icmp_hdr(skb)->type;
139 const int code = icmp_hdr(skb)->code;
140 struct ip_tunnel *t;
141 int err = 0;
142
143 t = ip_tunnel_lookup(itn, skb->dev->ifindex, TUNNEL_NO_KEY,
144 iph->daddr, iph->saddr, 0);
145 if (!t) {
146 err = -ENOENT;
147 goto out;
148 }
149
150 switch (type) {
151 case ICMP_DEST_UNREACH:
152 switch (code) {
153 case ICMP_SR_FAILED:
154 /* Impossible event. */
155 goto out;
156 default:
157 /* All others are translated to HOST_UNREACH.
158 * rfc2003 contains "deep thoughts" about NET_UNREACH,
159 * I believe they are just ether pollution. --ANK
160 */
161 break;
162 }
163 break;
164
165 case ICMP_TIME_EXCEEDED:
166 if (code != ICMP_EXC_TTL)
167 goto out;
168 break;
169
170 case ICMP_REDIRECT:
171 break;
172
173 default:
174 goto out;
175 }
176
177 if (type == ICMP_DEST_UNREACH && code == ICMP_FRAG_NEEDED) {
178 ipv4_update_pmtu(skb, net, info, t->parms.link, iph->protocol);
179 goto out;
180 }
181
182 if (type == ICMP_REDIRECT) {
183 ipv4_redirect(skb, net, t->parms.link, iph->protocol);
184 goto out;
185 }
186
187 if (t->parms.iph.daddr == 0) {
188 err = -ENOENT;
189 goto out;
190 }
191
192 if (t->parms.iph.ttl == 0 && type == ICMP_TIME_EXCEEDED)
193 goto out;
194
195 if (time_before(jiffies, t->err_time + IPTUNNEL_ERR_TIMEO))
196 t->err_count++;
197 else
198 t->err_count = 1;
199 t->err_time = jiffies;
200
201out:
202 return err;
203}
204
205static const struct tnl_ptk_info ipip_tpi = {
206 /* no tunnel info required for ipip. */
207 .proto = htons(ETH_P_IP),
208};
209
210#if IS_ENABLED(CONFIG_MPLS)
211static const struct tnl_ptk_info mplsip_tpi = {
212 /* no tunnel info required for mplsip. */
213 .proto = htons(ETH_P_MPLS_UC),
214};
215#endif
216
217static int ipip_tunnel_rcv(struct sk_buff *skb, u8 ipproto)
218{
219 struct net *net = dev_net(skb->dev);
220 struct ip_tunnel_net *itn = net_generic(net, ipip_net_id);
221 struct metadata_dst *tun_dst = NULL;
222 struct ip_tunnel *tunnel;
223 const struct iphdr *iph;
224
225 iph = ip_hdr(skb);
226 tunnel = ip_tunnel_lookup(itn, skb->dev->ifindex, TUNNEL_NO_KEY,
227 iph->saddr, iph->daddr, 0);
228 if (tunnel) {
229 const struct tnl_ptk_info *tpi;
230
231 if (tunnel->parms.iph.protocol != ipproto &&
232 tunnel->parms.iph.protocol != 0)
233 goto drop;
234
235 if (!xfrm4_policy_check(NULL, XFRM_POLICY_IN, skb))
236 goto drop;
237#if IS_ENABLED(CONFIG_MPLS)
238 if (ipproto == IPPROTO_MPLS)
239 tpi = &mplsip_tpi;
240 else
241#endif
242 tpi = &ipip_tpi;
243 if (iptunnel_pull_header(skb, 0, tpi->proto, false))
244 goto drop;
245 if (tunnel->collect_md) {
246 tun_dst = ip_tun_rx_dst(skb, 0, 0, 0);
247 if (!tun_dst)
248 return 0;
249 }
250 return ip_tunnel_rcv(tunnel, skb, tpi, tun_dst, log_ecn_error);
251 }
252
253 return -1;
254
255drop:
256 kfree_skb(skb);
257 return 0;
258}
259
260static int ipip_rcv(struct sk_buff *skb)
261{
262 return ipip_tunnel_rcv(skb, IPPROTO_IPIP);
263}
264
265#if IS_ENABLED(CONFIG_MPLS)
266static int mplsip_rcv(struct sk_buff *skb)
267{
268 return ipip_tunnel_rcv(skb, IPPROTO_MPLS);
269}
270#endif
271
272/*
273 * This function assumes it is being called from dev_queue_xmit()
274 * and that skb is filled properly by that function.
275 */
276static netdev_tx_t ipip_tunnel_xmit(struct sk_buff *skb,
277 struct net_device *dev)
278{
279 struct ip_tunnel *tunnel = netdev_priv(dev);
280 const struct iphdr *tiph = &tunnel->parms.iph;
281 u8 ipproto;
282
283 switch (skb->protocol) {
284 case htons(ETH_P_IP):
285 ipproto = IPPROTO_IPIP;
286 break;
287#if IS_ENABLED(CONFIG_MPLS)
288 case htons(ETH_P_MPLS_UC):
289 ipproto = IPPROTO_MPLS;
290 break;
291#endif
292 default:
293 goto tx_error;
294 }
295
296 if (tiph->protocol != ipproto && tiph->protocol != 0)
297 goto tx_error;
298
299 if (iptunnel_handle_offloads(skb, SKB_GSO_IPXIP4))
300 goto tx_error;
301
302 skb_set_inner_ipproto(skb, ipproto);
303
304 if (tunnel->collect_md)
305 ip_md_tunnel_xmit(skb, dev, ipproto, 0);
306 else
307 ip_tunnel_xmit(skb, dev, tiph, ipproto);
308 return NETDEV_TX_OK;
309
310tx_error:
311 kfree_skb(skb);
312
313 dev->stats.tx_errors++;
314 return NETDEV_TX_OK;
315}
316
317static bool ipip_tunnel_ioctl_verify_protocol(u8 ipproto)
318{
319 switch (ipproto) {
320 case 0:
321 case IPPROTO_IPIP:
322#if IS_ENABLED(CONFIG_MPLS)
323 case IPPROTO_MPLS:
324#endif
325 return true;
326 }
327
328 return false;
329}
330
331static int
332ipip_tunnel_ioctl(struct net_device *dev, struct ifreq *ifr, int cmd)
333{
334 int err = 0;
335 struct ip_tunnel_parm p;
336
337 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p)))
338 return -EFAULT;
339
340 if (cmd == SIOCADDTUNNEL || cmd == SIOCCHGTUNNEL) {
341 if (p.iph.version != 4 ||
342 !ipip_tunnel_ioctl_verify_protocol(p.iph.protocol) ||
343 p.iph.ihl != 5 || (p.iph.frag_off&htons(~IP_DF)))
344 return -EINVAL;
345 }
346
347 p.i_key = p.o_key = 0;
348 p.i_flags = p.o_flags = 0;
349 err = ip_tunnel_ioctl(dev, &p, cmd);
350 if (err)
351 return err;
352
353 if (copy_to_user(ifr->ifr_ifru.ifru_data, &p, sizeof(p)))
354 return -EFAULT;
355
356 return 0;
357}
358
359static const struct net_device_ops ipip_netdev_ops = {
360 .ndo_init = ipip_tunnel_init,
361 .ndo_uninit = ip_tunnel_uninit,
362 .ndo_start_xmit = ipip_tunnel_xmit,
363 .ndo_do_ioctl = ipip_tunnel_ioctl,
364 .ndo_change_mtu = ip_tunnel_change_mtu,
365 .ndo_get_stats64 = ip_tunnel_get_stats64,
366 .ndo_get_iflink = ip_tunnel_get_iflink,
367};
368
369#define IPIP_FEATURES (NETIF_F_SG | \
370 NETIF_F_FRAGLIST | \
371 NETIF_F_HIGHDMA | \
372 NETIF_F_GSO_SOFTWARE | \
373 NETIF_F_HW_CSUM)
374
375static void ipip_tunnel_setup(struct net_device *dev)
376{
377 dev->netdev_ops = &ipip_netdev_ops;
378
379 dev->type = ARPHRD_TUNNEL;
380 dev->flags = IFF_NOARP;
381 dev->addr_len = 4;
382 dev->features |= NETIF_F_LLTX;
383 netif_keep_dst(dev);
384
385 dev->features |= IPIP_FEATURES;
386 dev->hw_features |= IPIP_FEATURES;
387 ip_tunnel_setup(dev, ipip_net_id);
388}
389
390static int ipip_tunnel_init(struct net_device *dev)
391{
392 struct ip_tunnel *tunnel = netdev_priv(dev);
393
394 memcpy(dev->dev_addr, &tunnel->parms.iph.saddr, 4);
395 memcpy(dev->broadcast, &tunnel->parms.iph.daddr, 4);
396
397 tunnel->tun_hlen = 0;
398 tunnel->hlen = tunnel->tun_hlen + tunnel->encap_hlen;
399 return ip_tunnel_init(dev);
400}
401
402static int ipip_tunnel_validate(struct nlattr *tb[], struct nlattr *data[],
403 struct netlink_ext_ack *extack)
404{
405 u8 proto;
406
407 if (!data || !data[IFLA_IPTUN_PROTO])
408 return 0;
409
410 proto = nla_get_u8(data[IFLA_IPTUN_PROTO]);
411 if (proto != IPPROTO_IPIP && proto != IPPROTO_MPLS && proto != 0)
412 return -EINVAL;
413
414 return 0;
415}
416
417static void ipip_netlink_parms(struct nlattr *data[],
418 struct ip_tunnel_parm *parms, bool *collect_md,
419 __u32 *fwmark)
420{
421 memset(parms, 0, sizeof(*parms));
422
423 parms->iph.version = 4;
424 parms->iph.protocol = IPPROTO_IPIP;
425 parms->iph.ihl = 5;
426 *collect_md = false;
427
428 if (!data)
429 return;
430
431 if (data[IFLA_IPTUN_LINK])
432 parms->link = nla_get_u32(data[IFLA_IPTUN_LINK]);
433
434 if (data[IFLA_IPTUN_LOCAL])
435 parms->iph.saddr = nla_get_in_addr(data[IFLA_IPTUN_LOCAL]);
436
437 if (data[IFLA_IPTUN_REMOTE])
438 parms->iph.daddr = nla_get_in_addr(data[IFLA_IPTUN_REMOTE]);
439
440 if (data[IFLA_IPTUN_TTL]) {
441 parms->iph.ttl = nla_get_u8(data[IFLA_IPTUN_TTL]);
442 if (parms->iph.ttl)
443 parms->iph.frag_off = htons(IP_DF);
444 }
445
446 if (data[IFLA_IPTUN_TOS])
447 parms->iph.tos = nla_get_u8(data[IFLA_IPTUN_TOS]);
448
449 if (data[IFLA_IPTUN_PROTO])
450 parms->iph.protocol = nla_get_u8(data[IFLA_IPTUN_PROTO]);
451
452 if (!data[IFLA_IPTUN_PMTUDISC] || nla_get_u8(data[IFLA_IPTUN_PMTUDISC]))
453 parms->iph.frag_off = htons(IP_DF);
454
455 if (data[IFLA_IPTUN_COLLECT_METADATA])
456 *collect_md = true;
457
458 if (data[IFLA_IPTUN_FWMARK])
459 *fwmark = nla_get_u32(data[IFLA_IPTUN_FWMARK]);
460}
461
462/* This function returns true when ENCAP attributes are present in the nl msg */
463static bool ipip_netlink_encap_parms(struct nlattr *data[],
464 struct ip_tunnel_encap *ipencap)
465{
466 bool ret = false;
467
468 memset(ipencap, 0, sizeof(*ipencap));
469
470 if (!data)
471 return ret;
472
473 if (data[IFLA_IPTUN_ENCAP_TYPE]) {
474 ret = true;
475 ipencap->type = nla_get_u16(data[IFLA_IPTUN_ENCAP_TYPE]);
476 }
477
478 if (data[IFLA_IPTUN_ENCAP_FLAGS]) {
479 ret = true;
480 ipencap->flags = nla_get_u16(data[IFLA_IPTUN_ENCAP_FLAGS]);
481 }
482
483 if (data[IFLA_IPTUN_ENCAP_SPORT]) {
484 ret = true;
485 ipencap->sport = nla_get_be16(data[IFLA_IPTUN_ENCAP_SPORT]);
486 }
487
488 if (data[IFLA_IPTUN_ENCAP_DPORT]) {
489 ret = true;
490 ipencap->dport = nla_get_be16(data[IFLA_IPTUN_ENCAP_DPORT]);
491 }
492
493 return ret;
494}
495
496static int ipip_newlink(struct net *src_net, struct net_device *dev,
497 struct nlattr *tb[], struct nlattr *data[],
498 struct netlink_ext_ack *extack)
499{
500 struct ip_tunnel *t = netdev_priv(dev);
501 struct ip_tunnel_parm p;
502 struct ip_tunnel_encap ipencap;
503 __u32 fwmark = 0;
504
505 if (ipip_netlink_encap_parms(data, &ipencap)) {
506 int err = ip_tunnel_encap_setup(t, &ipencap);
507
508 if (err < 0)
509 return err;
510 }
511
512 ipip_netlink_parms(data, &p, &t->collect_md, &fwmark);
513 return ip_tunnel_newlink(dev, tb, &p, fwmark);
514}
515
516static int ipip_changelink(struct net_device *dev, struct nlattr *tb[],
517 struct nlattr *data[],
518 struct netlink_ext_ack *extack)
519{
520 struct ip_tunnel *t = netdev_priv(dev);
521 struct ip_tunnel_parm p;
522 struct ip_tunnel_encap ipencap;
523 bool collect_md;
524 __u32 fwmark = t->fwmark;
525
526 if (ipip_netlink_encap_parms(data, &ipencap)) {
527 int err = ip_tunnel_encap_setup(t, &ipencap);
528
529 if (err < 0)
530 return err;
531 }
532
533 ipip_netlink_parms(data, &p, &collect_md, &fwmark);
534 if (collect_md)
535 return -EINVAL;
536
537 if (((dev->flags & IFF_POINTOPOINT) && !p.iph.daddr) ||
538 (!(dev->flags & IFF_POINTOPOINT) && p.iph.daddr))
539 return -EINVAL;
540
541 return ip_tunnel_changelink(dev, tb, &p, fwmark);
542}
543
544static size_t ipip_get_size(const struct net_device *dev)
545{
546 return
547 /* IFLA_IPTUN_LINK */
548 nla_total_size(4) +
549 /* IFLA_IPTUN_LOCAL */
550 nla_total_size(4) +
551 /* IFLA_IPTUN_REMOTE */
552 nla_total_size(4) +
553 /* IFLA_IPTUN_TTL */
554 nla_total_size(1) +
555 /* IFLA_IPTUN_TOS */
556 nla_total_size(1) +
557 /* IFLA_IPTUN_PROTO */
558 nla_total_size(1) +
559 /* IFLA_IPTUN_PMTUDISC */
560 nla_total_size(1) +
561 /* IFLA_IPTUN_ENCAP_TYPE */
562 nla_total_size(2) +
563 /* IFLA_IPTUN_ENCAP_FLAGS */
564 nla_total_size(2) +
565 /* IFLA_IPTUN_ENCAP_SPORT */
566 nla_total_size(2) +
567 /* IFLA_IPTUN_ENCAP_DPORT */
568 nla_total_size(2) +
569 /* IFLA_IPTUN_COLLECT_METADATA */
570 nla_total_size(0) +
571 /* IFLA_IPTUN_FWMARK */
572 nla_total_size(4) +
573 0;
574}
575
576static int ipip_fill_info(struct sk_buff *skb, const struct net_device *dev)
577{
578 struct ip_tunnel *tunnel = netdev_priv(dev);
579 struct ip_tunnel_parm *parm = &tunnel->parms;
580
581 if (nla_put_u32(skb, IFLA_IPTUN_LINK, parm->link) ||
582 nla_put_in_addr(skb, IFLA_IPTUN_LOCAL, parm->iph.saddr) ||
583 nla_put_in_addr(skb, IFLA_IPTUN_REMOTE, parm->iph.daddr) ||
584 nla_put_u8(skb, IFLA_IPTUN_TTL, parm->iph.ttl) ||
585 nla_put_u8(skb, IFLA_IPTUN_TOS, parm->iph.tos) ||
586 nla_put_u8(skb, IFLA_IPTUN_PROTO, parm->iph.protocol) ||
587 nla_put_u8(skb, IFLA_IPTUN_PMTUDISC,
588 !!(parm->iph.frag_off & htons(IP_DF))) ||
589 nla_put_u32(skb, IFLA_IPTUN_FWMARK, tunnel->fwmark))
590 goto nla_put_failure;
591
592 if (nla_put_u16(skb, IFLA_IPTUN_ENCAP_TYPE,
593 tunnel->encap.type) ||
594 nla_put_be16(skb, IFLA_IPTUN_ENCAP_SPORT,
595 tunnel->encap.sport) ||
596 nla_put_be16(skb, IFLA_IPTUN_ENCAP_DPORT,
597 tunnel->encap.dport) ||
598 nla_put_u16(skb, IFLA_IPTUN_ENCAP_FLAGS,
599 tunnel->encap.flags))
600 goto nla_put_failure;
601
602 if (tunnel->collect_md)
603 if (nla_put_flag(skb, IFLA_IPTUN_COLLECT_METADATA))
604 goto nla_put_failure;
605 return 0;
606
607nla_put_failure:
608 return -EMSGSIZE;
609}
610
611static const struct nla_policy ipip_policy[IFLA_IPTUN_MAX + 1] = {
612 [IFLA_IPTUN_LINK] = { .type = NLA_U32 },
613 [IFLA_IPTUN_LOCAL] = { .type = NLA_U32 },
614 [IFLA_IPTUN_REMOTE] = { .type = NLA_U32 },
615 [IFLA_IPTUN_TTL] = { .type = NLA_U8 },
616 [IFLA_IPTUN_TOS] = { .type = NLA_U8 },
617 [IFLA_IPTUN_PROTO] = { .type = NLA_U8 },
618 [IFLA_IPTUN_PMTUDISC] = { .type = NLA_U8 },
619 [IFLA_IPTUN_ENCAP_TYPE] = { .type = NLA_U16 },
620 [IFLA_IPTUN_ENCAP_FLAGS] = { .type = NLA_U16 },
621 [IFLA_IPTUN_ENCAP_SPORT] = { .type = NLA_U16 },
622 [IFLA_IPTUN_ENCAP_DPORT] = { .type = NLA_U16 },
623 [IFLA_IPTUN_COLLECT_METADATA] = { .type = NLA_FLAG },
624 [IFLA_IPTUN_FWMARK] = { .type = NLA_U32 },
625};
626
627static struct rtnl_link_ops ipip_link_ops __read_mostly = {
628 .kind = "ipip",
629 .maxtype = IFLA_IPTUN_MAX,
630 .policy = ipip_policy,
631 .priv_size = sizeof(struct ip_tunnel),
632 .setup = ipip_tunnel_setup,
633 .validate = ipip_tunnel_validate,
634 .newlink = ipip_newlink,
635 .changelink = ipip_changelink,
636 .dellink = ip_tunnel_dellink,
637 .get_size = ipip_get_size,
638 .fill_info = ipip_fill_info,
639 .get_link_net = ip_tunnel_get_link_net,
640};
641
642static struct xfrm_tunnel ipip_handler __read_mostly = {
643 .handler = ipip_rcv,
644 .err_handler = ipip_err,
645 .priority = 1,
646};
647
648#if IS_ENABLED(CONFIG_MPLS)
649static struct xfrm_tunnel mplsip_handler __read_mostly = {
650 .handler = mplsip_rcv,
651 .err_handler = ipip_err,
652 .priority = 1,
653};
654#endif
655
656static int __net_init ipip_init_net(struct net *net)
657{
658 return ip_tunnel_init_net(net, ipip_net_id, &ipip_link_ops, "tunl0");
659}
660
661static void __net_exit ipip_exit_batch_net(struct list_head *list_net)
662{
663 ip_tunnel_delete_nets(list_net, ipip_net_id, &ipip_link_ops);
664}
665
666static struct pernet_operations ipip_net_ops = {
667 .init = ipip_init_net,
668 .exit_batch = ipip_exit_batch_net,
669 .id = &ipip_net_id,
670 .size = sizeof(struct ip_tunnel_net),
671};
672
673static int __init ipip_init(void)
674{
675 int err;
676
677 pr_info("ipip: IPv4 and MPLS over IPv4 tunneling driver\n");
678
679 err = register_pernet_device(&ipip_net_ops);
680 if (err < 0)
681 return err;
682 err = xfrm4_tunnel_register(&ipip_handler, AF_INET);
683 if (err < 0) {
684 pr_info("%s: can't register tunnel\n", __func__);
685 goto xfrm_tunnel_ipip_failed;
686 }
687#if IS_ENABLED(CONFIG_MPLS)
688 err = xfrm4_tunnel_register(&mplsip_handler, AF_MPLS);
689 if (err < 0) {
690 pr_info("%s: can't register tunnel\n", __func__);
691 goto xfrm_tunnel_mplsip_failed;
692 }
693#endif
694 err = rtnl_link_register(&ipip_link_ops);
695 if (err < 0)
696 goto rtnl_link_failed;
697
698out:
699 return err;
700
701rtnl_link_failed:
702#if IS_ENABLED(CONFIG_MPLS)
703 xfrm4_tunnel_deregister(&mplsip_handler, AF_INET);
704xfrm_tunnel_mplsip_failed:
705
706#endif
707 xfrm4_tunnel_deregister(&ipip_handler, AF_INET);
708xfrm_tunnel_ipip_failed:
709 unregister_pernet_device(&ipip_net_ops);
710 goto out;
711}
712
713static void __exit ipip_fini(void)
714{
715 rtnl_link_unregister(&ipip_link_ops);
716 if (xfrm4_tunnel_deregister(&ipip_handler, AF_INET))
717 pr_info("%s: can't deregister tunnel\n", __func__);
718#if IS_ENABLED(CONFIG_MPLS)
719 if (xfrm4_tunnel_deregister(&mplsip_handler, AF_MPLS))
720 pr_info("%s: can't deregister tunnel\n", __func__);
721#endif
722 unregister_pernet_device(&ipip_net_ops);
723}
724
725module_init(ipip_init);
726module_exit(ipip_fini);
727MODULE_LICENSE("GPL");
728MODULE_ALIAS_RTNL_LINK("ipip");
729MODULE_ALIAS_NETDEV("tunl0");
730