2 * Copyright (c) 2013 Nicira, Inc.
4 * This program is free software; you can redistribute it and/or
5 * modify it under the terms of version 2 of the GNU General Public
6 * License as published by the Free Software Foundation.
8 * This program is distributed in the hope that it will be useful, but
9 * WITHOUT ANY WARRANTY; without even the implied warranty of
10 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
11 * General Public License for more details.
13 * You should have received a copy of the GNU General Public License
14 * along with this program; if not, write to the Free Software
15 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
19 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
21 #include <linux/capability.h>
22 #include <linux/module.h>
23 #include <linux/types.h>
24 #include <linux/kernel.h>
25 #include <linux/slab.h>
26 #include <linux/uaccess.h>
27 #include <linux/skbuff.h>
28 #include <linux/netdevice.h>
30 #include <linux/tcp.h>
31 #include <linux/udp.h>
32 #include <linux/if_arp.h>
33 #include <linux/mroute.h>
34 #include <linux/init.h>
35 #include <linux/in6.h>
36 #include <linux/inetdevice.h>
37 #include <linux/igmp.h>
38 #include <linux/netfilter_ipv4.h>
39 #include <linux/etherdevice.h>
40 #include <linux/if_ether.h>
41 #include <linux/if_vlan.h>
42 #include <linux/rculist.h>
43 #include <linux/err.h>
48 #include <net/protocol.h>
49 #include <net/ip_tunnels.h>
51 #include <net/checksum.h>
52 #include <net/dsfield.h>
53 #include <net/inet_ecn.h>
55 #include <net/net_namespace.h>
56 #include <net/netns/generic.h>
57 #include <net/rtnetlink.h>
60 #if IS_ENABLED(CONFIG_IPV6)
62 #include <net/ip6_fib.h>
63 #include <net/ip6_route.h>
66 static unsigned int ip_tunnel_hash(__be32 key, __be32 remote)
68 return hash_32((__force u32)key ^ (__force u32)remote,
72 static bool ip_tunnel_key_match(const struct ip_tunnel_parm *p,
73 __be16 flags, __be32 key)
75 if (p->i_flags & TUNNEL_KEY) {
76 if (flags & TUNNEL_KEY)
77 return key == p->i_key;
79 /* key expected, none present */
82 return !(flags & TUNNEL_KEY);
85 /* Fallback tunnel: no source, no destination, no key, no options
88 We require exact key match i.e. if a key is present in packet
89 it will match only tunnel with the same key; if it is not present,
90 it will match only keyless tunnel.
92 All keysless packets, if not matched configured keyless tunnels
93 will match fallback tunnel.
94 Given src, dst and key, find appropriate for input tunnel.
96 struct ip_tunnel *ip_tunnel_lookup(struct ip_tunnel_net *itn,
97 int link, __be16 flags,
98 __be32 remote, __be32 local,
102 struct ip_tunnel *t, *cand = NULL;
103 struct hlist_head *head;
105 hash = ip_tunnel_hash(key, remote);
106 head = &itn->tunnels[hash];
108 hlist_for_each_entry_rcu(t, head, hash_node) {
109 if (local != t->parms.iph.saddr ||
110 remote != t->parms.iph.daddr ||
111 !(t->dev->flags & IFF_UP))
114 if (!ip_tunnel_key_match(&t->parms, flags, key))
117 if (t->parms.link == link)
123 hlist_for_each_entry_rcu(t, head, hash_node) {
124 if (remote != t->parms.iph.daddr ||
125 t->parms.iph.saddr != 0 ||
126 !(t->dev->flags & IFF_UP))
129 if (!ip_tunnel_key_match(&t->parms, flags, key))
132 if (t->parms.link == link)
138 hash = ip_tunnel_hash(key, 0);
139 head = &itn->tunnels[hash];
141 hlist_for_each_entry_rcu(t, head, hash_node) {
142 if ((local != t->parms.iph.saddr || t->parms.iph.daddr != 0) &&
143 (local != t->parms.iph.daddr || !ipv4_is_multicast(local)))
146 if (!(t->dev->flags & IFF_UP))
149 if (!ip_tunnel_key_match(&t->parms, flags, key))
152 if (t->parms.link == link)
158 hlist_for_each_entry_rcu(t, head, hash_node) {
159 if ((!(flags & TUNNEL_NO_KEY) && t->parms.i_key != key) ||
160 t->parms.iph.saddr != 0 ||
161 t->parms.iph.daddr != 0 ||
162 !(t->dev->flags & IFF_UP))
165 if (t->parms.link == link)
174 t = rcu_dereference(itn->collect_md_tun);
178 if (itn->fb_tunnel_dev && itn->fb_tunnel_dev->flags & IFF_UP)
179 return netdev_priv(itn->fb_tunnel_dev);
183 EXPORT_SYMBOL_GPL(ip_tunnel_lookup);
185 static struct hlist_head *ip_bucket(struct ip_tunnel_net *itn,
186 struct ip_tunnel_parm *parms)
190 __be32 i_key = parms->i_key;
192 if (parms->iph.daddr && !ipv4_is_multicast(parms->iph.daddr))
193 remote = parms->iph.daddr;
197 if (!(parms->i_flags & TUNNEL_KEY) && (parms->i_flags & VTI_ISVTI))
200 h = ip_tunnel_hash(i_key, remote);
201 return &itn->tunnels[h];
204 static void ip_tunnel_add(struct ip_tunnel_net *itn, struct ip_tunnel *t)
206 struct hlist_head *head = ip_bucket(itn, &t->parms);
209 rcu_assign_pointer(itn->collect_md_tun, t);
210 hlist_add_head_rcu(&t->hash_node, head);
213 static void ip_tunnel_del(struct ip_tunnel_net *itn, struct ip_tunnel *t)
216 rcu_assign_pointer(itn->collect_md_tun, NULL);
217 hlist_del_init_rcu(&t->hash_node);
220 static struct ip_tunnel *ip_tunnel_find(struct ip_tunnel_net *itn,
221 struct ip_tunnel_parm *parms,
224 __be32 remote = parms->iph.daddr;
225 __be32 local = parms->iph.saddr;
226 __be32 key = parms->i_key;
227 __be16 flags = parms->i_flags;
228 int link = parms->link;
229 struct ip_tunnel *t = NULL;
230 struct hlist_head *head = ip_bucket(itn, parms);
232 hlist_for_each_entry_rcu(t, head, hash_node) {
233 if (local == t->parms.iph.saddr &&
234 remote == t->parms.iph.daddr &&
235 link == t->parms.link &&
236 type == t->dev->type &&
237 ip_tunnel_key_match(&t->parms, flags, key))
243 static struct net_device *__ip_tunnel_create(struct net *net,
244 const struct rtnl_link_ops *ops,
245 struct ip_tunnel_parm *parms)
248 struct ip_tunnel *tunnel;
249 struct net_device *dev;
253 if (parms->name[0]) {
254 if (!dev_valid_name(parms->name))
256 strlcpy(name, parms->name, IFNAMSIZ);
258 if (strlen(ops->kind) > (IFNAMSIZ - 3))
260 strcpy(name, ops->kind);
265 dev = alloc_netdev(ops->priv_size, name, NET_NAME_UNKNOWN, ops->setup);
270 dev_net_set(dev, net);
272 dev->rtnl_link_ops = ops;
274 tunnel = netdev_priv(dev);
275 tunnel->parms = *parms;
278 err = register_netdevice(dev);
290 static inline void init_tunnel_flow(struct flowi4 *fl4,
292 __be32 daddr, __be32 saddr,
293 __be32 key, __u8 tos, int oif)
295 memset(fl4, 0, sizeof(*fl4));
296 fl4->flowi4_oif = oif;
299 fl4->flowi4_tos = tos;
300 fl4->flowi4_proto = proto;
301 fl4->fl4_gre_key = key;
304 static int ip_tunnel_bind_dev(struct net_device *dev)
306 struct net_device *tdev = NULL;
307 struct ip_tunnel *tunnel = netdev_priv(dev);
308 const struct iphdr *iph;
309 int hlen = LL_MAX_HEADER;
310 int mtu = ETH_DATA_LEN;
311 int t_hlen = tunnel->hlen + sizeof(struct iphdr);
313 iph = &tunnel->parms.iph;
315 /* Guess output device to choose reasonable mtu and needed_headroom */
320 init_tunnel_flow(&fl4, iph->protocol, iph->daddr,
321 iph->saddr, tunnel->parms.o_key,
322 RT_TOS(iph->tos), tunnel->parms.link);
323 rt = ip_route_output_key(tunnel->net, &fl4);
329 if (dev->type != ARPHRD_ETHER)
330 dev->flags |= IFF_POINTOPOINT;
332 dst_cache_reset(&tunnel->dst_cache);
335 if (!tdev && tunnel->parms.link)
336 tdev = __dev_get_by_index(tunnel->net, tunnel->parms.link);
339 hlen = tdev->hard_header_len + tdev->needed_headroom;
343 dev->needed_headroom = t_hlen + hlen;
344 mtu -= (dev->hard_header_len + t_hlen);
346 if (mtu < IPV4_MIN_MTU)
352 static struct ip_tunnel *ip_tunnel_create(struct net *net,
353 struct ip_tunnel_net *itn,
354 struct ip_tunnel_parm *parms)
356 struct ip_tunnel *nt;
357 struct net_device *dev;
359 BUG_ON(!itn->fb_tunnel_dev);
360 dev = __ip_tunnel_create(net, itn->fb_tunnel_dev->rtnl_link_ops, parms);
362 return ERR_CAST(dev);
364 dev->mtu = ip_tunnel_bind_dev(dev);
366 nt = netdev_priv(dev);
367 ip_tunnel_add(itn, nt);
371 int ip_tunnel_rcv(struct ip_tunnel *tunnel, struct sk_buff *skb,
372 const struct tnl_ptk_info *tpi, struct metadata_dst *tun_dst,
375 struct pcpu_sw_netstats *tstats;
376 const struct iphdr *iph = ip_hdr(skb);
379 #ifdef CONFIG_NET_IPGRE_BROADCAST
380 if (ipv4_is_multicast(iph->daddr)) {
381 tunnel->dev->stats.multicast++;
382 skb->pkt_type = PACKET_BROADCAST;
386 if ((!(tpi->flags&TUNNEL_CSUM) && (tunnel->parms.i_flags&TUNNEL_CSUM)) ||
387 ((tpi->flags&TUNNEL_CSUM) && !(tunnel->parms.i_flags&TUNNEL_CSUM))) {
388 tunnel->dev->stats.rx_crc_errors++;
389 tunnel->dev->stats.rx_errors++;
393 if (tunnel->parms.i_flags&TUNNEL_SEQ) {
394 if (!(tpi->flags&TUNNEL_SEQ) ||
395 (tunnel->i_seqno && (s32)(ntohl(tpi->seq) - tunnel->i_seqno) < 0)) {
396 tunnel->dev->stats.rx_fifo_errors++;
397 tunnel->dev->stats.rx_errors++;
400 tunnel->i_seqno = ntohl(tpi->seq) + 1;
403 skb_reset_network_header(skb);
405 err = IP_ECN_decapsulate(iph, skb);
408 net_info_ratelimited("non-ECT from %pI4 with TOS=%#x\n",
409 &iph->saddr, iph->tos);
411 ++tunnel->dev->stats.rx_frame_errors;
412 ++tunnel->dev->stats.rx_errors;
417 tstats = this_cpu_ptr(tunnel->dev->tstats);
418 u64_stats_update_begin(&tstats->syncp);
419 tstats->rx_packets++;
420 tstats->rx_bytes += skb->len;
421 u64_stats_update_end(&tstats->syncp);
423 skb_scrub_packet(skb, !net_eq(tunnel->net, dev_net(tunnel->dev)));
425 if (tunnel->dev->type == ARPHRD_ETHER) {
426 skb->protocol = eth_type_trans(skb, tunnel->dev);
427 skb_postpull_rcsum(skb, eth_hdr(skb), ETH_HLEN);
429 skb->dev = tunnel->dev;
433 skb_dst_set(skb, (struct dst_entry *)tun_dst);
435 gro_cells_receive(&tunnel->gro_cells, skb);
442 EXPORT_SYMBOL_GPL(ip_tunnel_rcv);
444 static int ip_encap_hlen(struct ip_tunnel_encap *e)
446 const struct ip_tunnel_encap_ops *ops;
449 if (e->type == TUNNEL_ENCAP_NONE)
452 if (e->type >= MAX_IPTUN_ENCAP_OPS)
456 ops = rcu_dereference(iptun_encaps[e->type]);
457 if (likely(ops && ops->encap_hlen))
458 hlen = ops->encap_hlen(e);
464 const struct ip_tunnel_encap_ops __rcu *
465 iptun_encaps[MAX_IPTUN_ENCAP_OPS] __read_mostly;
467 int ip_tunnel_encap_add_ops(const struct ip_tunnel_encap_ops *ops,
470 if (num >= MAX_IPTUN_ENCAP_OPS)
473 return !cmpxchg((const struct ip_tunnel_encap_ops **)
477 EXPORT_SYMBOL(ip_tunnel_encap_add_ops);
479 int ip_tunnel_encap_del_ops(const struct ip_tunnel_encap_ops *ops,
484 if (num >= MAX_IPTUN_ENCAP_OPS)
487 ret = (cmpxchg((const struct ip_tunnel_encap_ops **)
489 ops, NULL) == ops) ? 0 : -1;
495 EXPORT_SYMBOL(ip_tunnel_encap_del_ops);
497 int ip_tunnel_encap_setup(struct ip_tunnel *t,
498 struct ip_tunnel_encap *ipencap)
502 memset(&t->encap, 0, sizeof(t->encap));
504 hlen = ip_encap_hlen(ipencap);
508 t->encap.type = ipencap->type;
509 t->encap.sport = ipencap->sport;
510 t->encap.dport = ipencap->dport;
511 t->encap.flags = ipencap->flags;
513 t->encap_hlen = hlen;
514 t->hlen = t->encap_hlen + t->tun_hlen;
518 EXPORT_SYMBOL_GPL(ip_tunnel_encap_setup);
520 int ip_tunnel_encap(struct sk_buff *skb, struct ip_tunnel *t,
521 u8 *protocol, struct flowi4 *fl4)
523 const struct ip_tunnel_encap_ops *ops;
526 if (t->encap.type == TUNNEL_ENCAP_NONE)
529 if (t->encap.type >= MAX_IPTUN_ENCAP_OPS)
533 ops = rcu_dereference(iptun_encaps[t->encap.type]);
534 if (likely(ops && ops->build_header))
535 ret = ops->build_header(skb, &t->encap, protocol, fl4);
540 EXPORT_SYMBOL(ip_tunnel_encap);
542 static int tnl_update_pmtu(struct net_device *dev, struct sk_buff *skb,
543 struct rtable *rt, __be16 df,
544 const struct iphdr *inner_iph)
546 struct ip_tunnel *tunnel = netdev_priv(dev);
547 int pkt_size = skb->len - tunnel->hlen - dev->hard_header_len;
551 mtu = dst_mtu(&rt->dst) - dev->hard_header_len
552 - sizeof(struct iphdr) - tunnel->hlen;
554 mtu = skb_dst(skb) ? dst_mtu(skb_dst(skb)) : dev->mtu;
557 skb_dst(skb)->ops->update_pmtu(skb_dst(skb), NULL, skb, mtu);
559 if (skb->protocol == htons(ETH_P_IP)) {
560 if (!skb_is_gso(skb) &&
561 (inner_iph->frag_off & htons(IP_DF)) &&
563 memset(IPCB(skb), 0, sizeof(*IPCB(skb)));
564 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED, htonl(mtu));
568 #if IS_ENABLED(CONFIG_IPV6)
569 else if (skb->protocol == htons(ETH_P_IPV6)) {
570 struct rt6_info *rt6 = (struct rt6_info *)skb_dst(skb);
572 if (rt6 && mtu < dst_mtu(skb_dst(skb)) &&
573 mtu >= IPV6_MIN_MTU) {
574 if ((tunnel->parms.iph.daddr &&
575 !ipv4_is_multicast(tunnel->parms.iph.daddr)) ||
576 rt6->rt6i_dst.plen == 128) {
577 rt6->rt6i_flags |= RTF_MODIFIED;
578 dst_metric_set(skb_dst(skb), RTAX_MTU, mtu);
582 if (!skb_is_gso(skb) && mtu >= IPV6_MIN_MTU &&
584 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu);
592 void ip_tunnel_xmit(struct sk_buff *skb, struct net_device *dev,
593 const struct iphdr *tnl_params, u8 protocol)
595 struct ip_tunnel *tunnel = netdev_priv(dev);
596 unsigned int inner_nhdr_len = 0;
597 const struct iphdr *inner_iph;
601 struct rtable *rt; /* Route to the other host */
602 unsigned int max_headroom; /* The extra header space needed */
607 /* ensure we can access the inner net header, for several users below */
608 if (skb->protocol == htons(ETH_P_IP))
609 inner_nhdr_len = sizeof(struct iphdr);
610 else if (skb->protocol == htons(ETH_P_IPV6))
611 inner_nhdr_len = sizeof(struct ipv6hdr);
612 if (unlikely(!pskb_may_pull(skb, inner_nhdr_len)))
615 inner_iph = (const struct iphdr *)skb_inner_network_header(skb);
616 connected = (tunnel->parms.iph.daddr != 0);
618 memset(&(IPCB(skb)->opt), 0, sizeof(IPCB(skb)->opt));
620 dst = tnl_params->daddr;
625 dev->stats.tx_fifo_errors++;
629 if (skb->protocol == htons(ETH_P_IP)) {
630 rt = skb_rtable(skb);
631 dst = rt_nexthop(rt, inner_iph->daddr);
633 #if IS_ENABLED(CONFIG_IPV6)
634 else if (skb->protocol == htons(ETH_P_IPV6)) {
635 const struct in6_addr *addr6;
636 struct neighbour *neigh;
637 bool do_tx_error_icmp;
640 neigh = dst_neigh_lookup(skb_dst(skb),
641 &ipv6_hdr(skb)->daddr);
645 addr6 = (const struct in6_addr *)&neigh->primary_key;
646 addr_type = ipv6_addr_type(addr6);
648 if (addr_type == IPV6_ADDR_ANY) {
649 addr6 = &ipv6_hdr(skb)->daddr;
650 addr_type = ipv6_addr_type(addr6);
653 if ((addr_type & IPV6_ADDR_COMPATv4) == 0)
654 do_tx_error_icmp = true;
656 do_tx_error_icmp = false;
657 dst = addr6->s6_addr32[3];
659 neigh_release(neigh);
660 if (do_tx_error_icmp)
670 tos = tnl_params->tos;
673 if (skb->protocol == htons(ETH_P_IP)) {
674 tos = inner_iph->tos;
676 } else if (skb->protocol == htons(ETH_P_IPV6)) {
677 tos = ipv6_get_dsfield((const struct ipv6hdr *)inner_iph);
682 init_tunnel_flow(&fl4, protocol, dst, tnl_params->saddr,
683 tunnel->parms.o_key, RT_TOS(tos), tunnel->parms.link);
685 if (ip_tunnel_encap(skb, tunnel, &protocol, &fl4) < 0)
688 rt = connected ? dst_cache_get_ip4(&tunnel->dst_cache, &fl4.saddr) :
692 rt = ip_route_output_key(tunnel->net, &fl4);
695 dev->stats.tx_carrier_errors++;
699 dst_cache_set_ip4(&tunnel->dst_cache, &rt->dst,
703 if (rt->dst.dev == dev) {
705 dev->stats.collisions++;
709 if (tnl_update_pmtu(dev, skb, rt, tnl_params->frag_off, inner_iph)) {
714 if (tunnel->err_count > 0) {
715 if (time_before(jiffies,
716 tunnel->err_time + IPTUNNEL_ERR_TIMEO)) {
719 dst_link_failure(skb);
721 tunnel->err_count = 0;
724 tos = ip_tunnel_ecn_encap(tos, inner_iph, skb);
725 ttl = tnl_params->ttl;
727 if (skb->protocol == htons(ETH_P_IP))
728 ttl = inner_iph->ttl;
729 #if IS_ENABLED(CONFIG_IPV6)
730 else if (skb->protocol == htons(ETH_P_IPV6))
731 ttl = ((const struct ipv6hdr *)inner_iph)->hop_limit;
734 ttl = ip4_dst_hoplimit(&rt->dst);
737 df = tnl_params->frag_off;
738 if (skb->protocol == htons(ETH_P_IP))
739 df |= (inner_iph->frag_off&htons(IP_DF));
741 max_headroom = LL_RESERVED_SPACE(rt->dst.dev) + sizeof(struct iphdr)
742 + rt->dst.header_len + ip_encap_hlen(&tunnel->encap);
743 if (max_headroom > dev->needed_headroom)
744 dev->needed_headroom = max_headroom;
746 if (skb_cow_head(skb, dev->needed_headroom)) {
748 dev->stats.tx_dropped++;
753 err = iptunnel_xmit(NULL, rt, skb, fl4.saddr, fl4.daddr, protocol,
754 tos, ttl, df, !net_eq(tunnel->net, dev_net(dev)));
755 iptunnel_xmit_stats(err, &dev->stats, dev->tstats);
759 #if IS_ENABLED(CONFIG_IPV6)
761 dst_link_failure(skb);
764 dev->stats.tx_errors++;
767 EXPORT_SYMBOL_GPL(ip_tunnel_xmit);
769 static void ip_tunnel_update(struct ip_tunnel_net *itn,
771 struct net_device *dev,
772 struct ip_tunnel_parm *p,
775 ip_tunnel_del(itn, t);
776 t->parms.iph.saddr = p->iph.saddr;
777 t->parms.iph.daddr = p->iph.daddr;
778 t->parms.i_key = p->i_key;
779 t->parms.o_key = p->o_key;
780 if (dev->type != ARPHRD_ETHER) {
781 memcpy(dev->dev_addr, &p->iph.saddr, 4);
782 memcpy(dev->broadcast, &p->iph.daddr, 4);
784 ip_tunnel_add(itn, t);
786 t->parms.iph.ttl = p->iph.ttl;
787 t->parms.iph.tos = p->iph.tos;
788 t->parms.iph.frag_off = p->iph.frag_off;
790 if (t->parms.link != p->link) {
793 t->parms.link = p->link;
794 mtu = ip_tunnel_bind_dev(dev);
798 dst_cache_reset(&t->dst_cache);
799 netdev_state_change(dev);
802 int ip_tunnel_ioctl(struct net_device *dev, struct ip_tunnel_parm *p, int cmd)
805 struct ip_tunnel *t = netdev_priv(dev);
806 struct net *net = t->net;
807 struct ip_tunnel_net *itn = net_generic(net, t->ip_tnl_net_id);
809 BUG_ON(!itn->fb_tunnel_dev);
812 if (dev == itn->fb_tunnel_dev) {
813 t = ip_tunnel_find(itn, p, itn->fb_tunnel_dev->type);
815 t = netdev_priv(dev);
817 memcpy(p, &t->parms, sizeof(*p));
823 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
826 p->iph.frag_off |= htons(IP_DF);
827 if (!(p->i_flags & VTI_ISVTI)) {
828 if (!(p->i_flags & TUNNEL_KEY))
830 if (!(p->o_flags & TUNNEL_KEY))
834 t = ip_tunnel_find(itn, p, itn->fb_tunnel_dev->type);
836 if (cmd == SIOCADDTUNNEL) {
838 t = ip_tunnel_create(net, itn, p);
839 err = PTR_ERR_OR_ZERO(t);
846 if (dev != itn->fb_tunnel_dev && cmd == SIOCCHGTUNNEL) {
853 unsigned int nflags = 0;
855 if (ipv4_is_multicast(p->iph.daddr))
856 nflags = IFF_BROADCAST;
857 else if (p->iph.daddr)
858 nflags = IFF_POINTOPOINT;
860 if ((dev->flags^nflags)&(IFF_POINTOPOINT|IFF_BROADCAST)) {
865 t = netdev_priv(dev);
871 ip_tunnel_update(itn, t, dev, p, true);
879 if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
882 if (dev == itn->fb_tunnel_dev) {
884 t = ip_tunnel_find(itn, p, itn->fb_tunnel_dev->type);
888 if (t == netdev_priv(itn->fb_tunnel_dev))
892 unregister_netdevice(dev);
903 EXPORT_SYMBOL_GPL(ip_tunnel_ioctl);
905 int __ip_tunnel_change_mtu(struct net_device *dev, int new_mtu, bool strict)
907 struct ip_tunnel *tunnel = netdev_priv(dev);
908 int t_hlen = tunnel->hlen + sizeof(struct iphdr);
909 int max_mtu = 0xFFF8 - dev->hard_header_len - t_hlen;
914 if (new_mtu > max_mtu) {
924 EXPORT_SYMBOL_GPL(__ip_tunnel_change_mtu);
926 int ip_tunnel_change_mtu(struct net_device *dev, int new_mtu)
928 return __ip_tunnel_change_mtu(dev, new_mtu, true);
930 EXPORT_SYMBOL_GPL(ip_tunnel_change_mtu);
932 static void ip_tunnel_dev_free(struct net_device *dev)
934 struct ip_tunnel *tunnel = netdev_priv(dev);
936 gro_cells_destroy(&tunnel->gro_cells);
937 dst_cache_destroy(&tunnel->dst_cache);
938 free_percpu(dev->tstats);
942 void ip_tunnel_dellink(struct net_device *dev, struct list_head *head)
944 struct ip_tunnel *tunnel = netdev_priv(dev);
945 struct ip_tunnel_net *itn;
947 itn = net_generic(tunnel->net, tunnel->ip_tnl_net_id);
949 if (itn->fb_tunnel_dev != dev) {
950 ip_tunnel_del(itn, netdev_priv(dev));
951 unregister_netdevice_queue(dev, head);
954 EXPORT_SYMBOL_GPL(ip_tunnel_dellink);
956 struct net *ip_tunnel_get_link_net(const struct net_device *dev)
958 struct ip_tunnel *tunnel = netdev_priv(dev);
962 EXPORT_SYMBOL(ip_tunnel_get_link_net);
964 int ip_tunnel_get_iflink(const struct net_device *dev)
966 struct ip_tunnel *tunnel = netdev_priv(dev);
968 return tunnel->parms.link;
970 EXPORT_SYMBOL(ip_tunnel_get_iflink);
972 int ip_tunnel_init_net(struct net *net, int ip_tnl_net_id,
973 struct rtnl_link_ops *ops, char *devname)
975 struct ip_tunnel_net *itn = net_generic(net, ip_tnl_net_id);
976 struct ip_tunnel_parm parms;
979 for (i = 0; i < IP_TNL_HASH_SIZE; i++)
980 INIT_HLIST_HEAD(&itn->tunnels[i]);
983 itn->fb_tunnel_dev = NULL;
987 memset(&parms, 0, sizeof(parms));
989 strlcpy(parms.name, devname, IFNAMSIZ);
992 itn->fb_tunnel_dev = __ip_tunnel_create(net, ops, &parms);
993 /* FB netdevice is special: we have one, and only one per netns.
994 * Allowing to move it to another netns is clearly unsafe.
996 if (!IS_ERR(itn->fb_tunnel_dev)) {
997 itn->fb_tunnel_dev->features |= NETIF_F_NETNS_LOCAL;
998 itn->fb_tunnel_dev->mtu = ip_tunnel_bind_dev(itn->fb_tunnel_dev);
999 ip_tunnel_add(itn, netdev_priv(itn->fb_tunnel_dev));
1003 return PTR_ERR_OR_ZERO(itn->fb_tunnel_dev);
1005 EXPORT_SYMBOL_GPL(ip_tunnel_init_net);
1007 static void ip_tunnel_destroy(struct ip_tunnel_net *itn, struct list_head *head,
1008 struct rtnl_link_ops *ops)
1010 struct net *net = dev_net(itn->fb_tunnel_dev);
1011 struct net_device *dev, *aux;
1014 for_each_netdev_safe(net, dev, aux)
1015 if (dev->rtnl_link_ops == ops)
1016 unregister_netdevice_queue(dev, head);
1018 for (h = 0; h < IP_TNL_HASH_SIZE; h++) {
1019 struct ip_tunnel *t;
1020 struct hlist_node *n;
1021 struct hlist_head *thead = &itn->tunnels[h];
1023 hlist_for_each_entry_safe(t, n, thead, hash_node)
1024 /* If dev is in the same netns, it has already
1025 * been added to the list by the previous loop.
1027 if (!net_eq(dev_net(t->dev), net))
1028 unregister_netdevice_queue(t->dev, head);
1032 void ip_tunnel_delete_net(struct ip_tunnel_net *itn, struct rtnl_link_ops *ops)
1037 ip_tunnel_destroy(itn, &list, ops);
1038 unregister_netdevice_many(&list);
1041 EXPORT_SYMBOL_GPL(ip_tunnel_delete_net);
1043 int ip_tunnel_newlink(struct net_device *dev, struct nlattr *tb[],
1044 struct ip_tunnel_parm *p)
1046 struct ip_tunnel *nt;
1047 struct net *net = dev_net(dev);
1048 struct ip_tunnel_net *itn;
1052 nt = netdev_priv(dev);
1053 itn = net_generic(net, nt->ip_tnl_net_id);
1055 if (nt->collect_md) {
1056 if (rtnl_dereference(itn->collect_md_tun))
1059 if (ip_tunnel_find(itn, p, dev->type))
1065 err = register_netdevice(dev);
1069 if (dev->type == ARPHRD_ETHER && !tb[IFLA_ADDRESS])
1070 eth_hw_addr_random(dev);
1072 mtu = ip_tunnel_bind_dev(dev);
1076 ip_tunnel_add(itn, nt);
1080 EXPORT_SYMBOL_GPL(ip_tunnel_newlink);
1082 int ip_tunnel_changelink(struct net_device *dev, struct nlattr *tb[],
1083 struct ip_tunnel_parm *p)
1085 struct ip_tunnel *t;
1086 struct ip_tunnel *tunnel = netdev_priv(dev);
1087 struct net *net = tunnel->net;
1088 struct ip_tunnel_net *itn = net_generic(net, tunnel->ip_tnl_net_id);
1090 if (dev == itn->fb_tunnel_dev)
1093 t = ip_tunnel_find(itn, p, dev->type);
1101 if (dev->type != ARPHRD_ETHER) {
1102 unsigned int nflags = 0;
1104 if (ipv4_is_multicast(p->iph.daddr))
1105 nflags = IFF_BROADCAST;
1106 else if (p->iph.daddr)
1107 nflags = IFF_POINTOPOINT;
1109 if ((dev->flags ^ nflags) &
1110 (IFF_POINTOPOINT | IFF_BROADCAST))
1115 ip_tunnel_update(itn, t, dev, p, !tb[IFLA_MTU]);
1118 EXPORT_SYMBOL_GPL(ip_tunnel_changelink);
1120 int ip_tunnel_init(struct net_device *dev)
1122 struct ip_tunnel *tunnel = netdev_priv(dev);
1123 struct iphdr *iph = &tunnel->parms.iph;
1126 dev->destructor = ip_tunnel_dev_free;
1127 dev->tstats = netdev_alloc_pcpu_stats(struct pcpu_sw_netstats);
1131 err = dst_cache_init(&tunnel->dst_cache, GFP_KERNEL);
1133 free_percpu(dev->tstats);
1137 err = gro_cells_init(&tunnel->gro_cells, dev);
1139 dst_cache_destroy(&tunnel->dst_cache);
1140 free_percpu(dev->tstats);
1145 tunnel->net = dev_net(dev);
1146 strcpy(tunnel->parms.name, dev->name);
1150 if (tunnel->collect_md)
1151 netif_keep_dst(dev);
1154 EXPORT_SYMBOL_GPL(ip_tunnel_init);
1156 void ip_tunnel_uninit(struct net_device *dev)
1158 struct ip_tunnel *tunnel = netdev_priv(dev);
1159 struct net *net = tunnel->net;
1160 struct ip_tunnel_net *itn;
1162 itn = net_generic(net, tunnel->ip_tnl_net_id);
1163 /* fb_tunnel_dev will be unregisted in net-exit call. */
1164 if (itn->fb_tunnel_dev != dev)
1165 ip_tunnel_del(itn, netdev_priv(dev));
1167 dst_cache_reset(&tunnel->dst_cache);
1169 EXPORT_SYMBOL_GPL(ip_tunnel_uninit);
1171 /* Do least required initialization, rest of init is done in tunnel_init call */
1172 void ip_tunnel_setup(struct net_device *dev, int net_id)
1174 struct ip_tunnel *tunnel = netdev_priv(dev);
1175 tunnel->ip_tnl_net_id = net_id;
1177 EXPORT_SYMBOL_GPL(ip_tunnel_setup);
1179 MODULE_LICENSE("GPL");