1 /* ip_gre driver port to Linux 2.6.18 and greater */
3 #include <linux/version.h>
4 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22)
5 #define HAVE_NETDEV_STATS
7 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,24)
8 #define HAVE_NETDEV_HEADER_OPS
10 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,26)
11 #define HAVE_NETDEV_NEEDED_HEADROOM
15 * Linux NET3: GRE over IP protocol decoder.
17 * Authors: Alexey Kuznetsov (kuznet@ms2.inr.ac.ru)
19 * This program is free software; you can redistribute it and/or
20 * modify it under the terms of the GNU General Public License
21 * as published by the Free Software Foundation; either version
22 * 2 of the License, or (at your option) any later version.
26 #include <linux/capability.h>
27 #include <linux/ethtool.h>
28 #include <linux/module.h>
29 #include <linux/types.h>
30 #include <linux/kernel.h>
31 #include <asm/uaccess.h>
32 #include <linux/skbuff.h>
33 #include <linux/netdevice.h>
35 #include <linux/tcp.h>
36 #include <linux/udp.h>
37 #include <linux/if_arp.h>
38 #include <linux/mroute.h>
39 #include <linux/init.h>
40 #include <linux/in6.h>
41 #include <linux/inetdevice.h>
42 #include <linux/igmp.h>
43 #include <linux/netfilter_ipv4.h>
44 #include <linux/etherdevice.h>
45 #include <linux/if_ether.h>
50 #include <net/protocol.h>
53 #include <net/checksum.h>
54 #include <net/dsfield.h>
55 #include <net/inet_ecn.h>
57 #include <net/net_namespace.h>
58 #include <net/netns/generic.h>
62 #include <net/ip6_fib.h>
63 #include <net/ip6_route.h>
67 #include "openvswitch/gre.h"
69 #ifndef GRE_IOCTL_ONLY
70 #include <net/rtnetlink.h>
77 1. The most important issue is detecting local dead loops.
78 They would cause complete host lockup in transmit, which
79 would be "resolved" by stack overflow or, if queueing is enabled,
80 with infinite looping in net_bh.
82 We cannot track such dead loops during route installation,
83 it is infeasible task. The most general solutions would be
84 to keep skb->encapsulation counter (sort of local ttl),
85 and silently drop packet when it expires. It is the best
86 solution, but it supposes maintaing new variable in ALL
87 skb, even if no tunneling is used.
89 Current solution: HARD_TX_LOCK lock breaks dead loops.
93 2. Networking dead loops would not kill routers, but would really
94 kill network. IP hop limit plays role of "t->recursion" in this case,
95 if we copy it from packet being encapsulated to upper header.
96 It is very good solution, but it introduces two problems:
98 - Routing protocols, using packets with ttl=1 (OSPF, RIP2),
99 do not work over tunnels.
100 - traceroute does not work. I planned to relay ICMP from tunnel,
101 so that this problem would be solved and traceroute output
102 would even more informative. This idea appeared to be wrong:
103 only Linux complies to rfc1812 now (yes, guys, Linux is the only
104 true router now :-)), all routers (at least, in neighbourhood of mine)
105 return only 8 bytes of payload. It is the end.
107 Hence, if we want that OSPF worked or traceroute said something reasonable,
108 we should search for another solution.
110 One of them is to parse packet trying to detect inner encapsulation
111 made by our node. It is difficult or even impossible, especially,
112 taking into account fragmentation. TO be short, tt is not solution at all.
114 Current solution: The solution was UNEXPECTEDLY SIMPLE.
115 We force DF flag on tunnels with preconfigured hop limit,
116 that is ALL. :-) Well, it does not remove the problem completely,
117 but exponential growth of network traffic is changed to linear
118 (branches, that exceed pmtu are pruned) and tunnel mtu
119 fastly degrades to value <68, where looping stops.
120 Yes, it is not good if there exists a router in the loop,
121 which does not force DF, even when encapsulating packets have DF set.
122 But it is not our problem! Nobody could accuse us, we made
123 all that we could make. Even if it is your gated who injected
124 fatal route to network, even if it were you who configured
125 fatal static route: you are innocent. :-)
129 3. Really, ipv4/ipip.c, ipv4/ip_gre.c and ipv6/sit.c contain
130 practically identical code. It would be good to glue them
131 together, but it is not very evident, how to make them modular.
132 sit is integral part of IPv6, ipip and gre are naturally modular.
133 We could extract common parts (hash table, ioctl etc)
134 to a separate module (ip_tunnel.c).
139 #ifndef GRE_IOCTL_ONLY
140 static struct rtnl_link_ops ipgre_link_ops __read_mostly;
141 static struct rtnl_link_ops ipgre_tap_ops __read_mostly;
143 static int ipgre_tunnel_init(struct net_device *dev);
144 static void ipgre_tunnel_setup(struct net_device *dev);
145 static void ipgre_tap_setup(struct net_device *dev);
146 static int ipgre_tunnel_bind_dev(struct net_device *dev);
150 static int ipgre_net_id;
152 struct ip_tunnel *tunnels[4][HASH_SIZE];
154 struct net_device *fb_tunnel_dev;
157 /* Tunnel hash table */
167 We require exact key match i.e. if a key is present in packet
168 it will match only tunnel with the same key; if it is not present,
169 it will match only keyless tunnel.
171 All keysless packets, if not matched configured keyless tunnels
172 will match fallback tunnel.
175 #define HASH(addr) (((__force u32)addr^((__force u32)addr>>4))&0xF)
177 #define tunnels_r_l tunnels[3]
178 #define tunnels_r tunnels[2]
179 #define tunnels_l tunnels[1]
180 #define tunnels_wc tunnels[0]
182 * Locking : hash tables are protected by RCU and a spinlock
184 static DEFINE_SPINLOCK(ipgre_lock);
186 #define for_each_ip_tunnel_rcu(start) \
187 for (t = rcu_dereference(start); t; t = rcu_dereference(t->next))
189 /* Given src, dst and key, find appropriate for input tunnel. */
191 static struct ip_tunnel * ipgre_tunnel_lookup(struct net_device *dev,
192 __be32 remote, __be32 local,
193 __be32 key, __be16 gre_proto)
195 struct net *net = dev_net(dev);
196 int link = dev->ifindex;
197 unsigned h0 = HASH(remote);
198 unsigned h1 = HASH(key);
199 struct ip_tunnel *t, *cand = NULL;
200 struct ipgre_net *ign = net_generic(net, ipgre_net_id);
201 int dev_type = (gre_proto == htons(ETH_P_TEB)) ?
202 ARPHRD_ETHER : ARPHRD_IPGRE;
203 int score, cand_score = 4;
205 for_each_ip_tunnel_rcu(ign->tunnels_r_l[h0 ^ h1]) {
206 if (local != t->parms.iph.saddr ||
207 remote != t->parms.iph.daddr ||
208 key != t->parms.i_key ||
209 !(t->dev->flags & IFF_UP))
212 if (t->dev->type != ARPHRD_IPGRE &&
213 t->dev->type != dev_type)
217 if (t->parms.link != link)
219 if (t->dev->type != dev_type)
224 if (score < cand_score) {
230 for_each_ip_tunnel_rcu(ign->tunnels_r[h0 ^ h1]) {
231 if (remote != t->parms.iph.daddr ||
232 key != t->parms.i_key ||
233 !(t->dev->flags & IFF_UP))
236 if (t->dev->type != ARPHRD_IPGRE &&
237 t->dev->type != dev_type)
241 if (t->parms.link != link)
243 if (t->dev->type != dev_type)
248 if (score < cand_score) {
254 for_each_ip_tunnel_rcu(ign->tunnels_l[h1]) {
255 if ((local != t->parms.iph.saddr &&
256 (local != t->parms.iph.daddr ||
257 !ipv4_is_multicast(local))) ||
258 key != t->parms.i_key ||
259 !(t->dev->flags & IFF_UP))
262 if (t->dev->type != ARPHRD_IPGRE &&
263 t->dev->type != dev_type)
267 if (t->parms.link != link)
269 if (t->dev->type != dev_type)
274 if (score < cand_score) {
280 for_each_ip_tunnel_rcu(ign->tunnels_wc[h1]) {
281 if (t->parms.i_key != key ||
282 !(t->dev->flags & IFF_UP))
285 if (t->dev->type != ARPHRD_IPGRE &&
286 t->dev->type != dev_type)
290 if (t->parms.link != link)
292 if (t->dev->type != dev_type)
297 if (score < cand_score) {
306 dev = ign->fb_tunnel_dev;
307 if (dev->flags & IFF_UP)
308 return netdev_priv(dev);
313 static struct ip_tunnel **__ipgre_bucket(struct ipgre_net *ign,
314 struct ip_tunnel_parm *parms)
316 __be32 remote = parms->iph.daddr;
317 __be32 local = parms->iph.saddr;
318 __be32 key = parms->i_key;
319 unsigned h = HASH(key);
324 if (remote && !ipv4_is_multicast(remote)) {
329 return &ign->tunnels[prio][h];
332 static inline struct ip_tunnel **ipgre_bucket(struct ipgre_net *ign,
335 return __ipgre_bucket(ign, &t->parms);
338 static void ipgre_tunnel_link(struct ipgre_net *ign, struct ip_tunnel *t)
340 struct ip_tunnel **tp = ipgre_bucket(ign, t);
342 spin_lock_bh(&ipgre_lock);
344 rcu_assign_pointer(*tp, t);
345 spin_unlock_bh(&ipgre_lock);
348 static void ipgre_tunnel_unlink(struct ipgre_net *ign, struct ip_tunnel *t)
350 struct ip_tunnel **tp;
352 for (tp = ipgre_bucket(ign, t); *tp; tp = &(*tp)->next) {
354 spin_lock_bh(&ipgre_lock);
356 spin_unlock_bh(&ipgre_lock);
362 static struct ip_tunnel *ipgre_tunnel_find(struct net *net,
363 struct ip_tunnel_parm *parms,
366 __be32 remote = parms->iph.daddr;
367 __be32 local = parms->iph.saddr;
368 __be32 key = parms->i_key;
369 int link = parms->link;
370 struct ip_tunnel *t, **tp;
371 struct ipgre_net *ign = net_generic(net, ipgre_net_id);
373 for (tp = __ipgre_bucket(ign, parms); (t = *tp) != NULL; tp = &t->next)
374 if (local == t->parms.iph.saddr &&
375 remote == t->parms.iph.daddr &&
376 key == t->parms.i_key &&
377 link == t->parms.link &&
378 type == t->dev->type)
384 static struct ip_tunnel * ipgre_tunnel_locate(struct net *net,
385 struct ip_tunnel_parm *parms, int gretap, int create)
387 struct ip_tunnel *t, *nt;
388 struct net_device *dev;
390 struct ipgre_net *ign = net_generic(net, ipgre_net_id);
392 t = ipgre_tunnel_find(net, parms, gretap ? ARPHRD_ETHER : ARPHRD_IPGRE);
397 strlcpy(name, parms->name, IFNAMSIZ);
399 sprintf(name, "gre%%d");
401 dev = alloc_netdev(sizeof(*t), name, gretap ? ipgre_tap_setup
402 : ipgre_tunnel_setup);
406 dev_net_set(dev, net);
408 if (strchr(name, '%')) {
409 if (dev_alloc_name(dev, name) < 0)
414 random_ether_addr(dev->dev_addr);
416 #ifndef GRE_IOCTL_ONLY
417 dev->rtnl_link_ops = gretap ? &ipgre_tap_ops : &ipgre_link_ops;
419 nt = netdev_priv(dev);
422 dev->mtu = ipgre_tunnel_bind_dev(dev);
424 if (register_netdevice(dev) < 0)
428 ipgre_tunnel_link(ign, nt);
436 static void ipgre_tunnel_uninit(struct net_device *dev)
438 struct net *net = dev_net(dev);
439 struct ipgre_net *ign = net_generic(net, ipgre_net_id);
441 ipgre_tunnel_unlink(ign, netdev_priv(dev));
446 static void ipgre_err(struct sk_buff *skb, u32 info)
449 /* All the routers (except for Linux) return only
450 8 bytes of packet payload. It means, that precise relaying of
451 ICMP in the real Internet is absolutely infeasible.
453 Moreover, Cisco "wise men" put GRE key to the third word
454 in GRE header. It makes impossible maintaining even soft state for keyed
455 GRE tunnels with enabled checksum. Tell them "thank you".
457 Well, I wonder, rfc1812 was written by Cisco employee,
458 what the hell these idiots break standrads established
462 struct iphdr *iph = (struct iphdr *)skb->data;
463 __be16 *p = (__be16*)(skb->data+(iph->ihl<<2));
464 int grehlen = (iph->ihl<<2) + 4;
465 const int type = icmp_hdr(skb)->type;
466 const int code = icmp_hdr(skb)->code;
471 if (flags&(GRE_CSUM|GRE_KEY|GRE_SEQ|GRE_ROUTING|GRE_VERSION)) {
472 if (flags&(GRE_VERSION|GRE_ROUTING))
481 /* If only 8 bytes returned, keyed message will be dropped here */
482 if (skb_headlen(skb) < grehlen)
487 case ICMP_PARAMETERPROB:
490 case ICMP_DEST_UNREACH:
493 case ICMP_PORT_UNREACH:
494 /* Impossible event. */
496 case ICMP_FRAG_NEEDED:
497 /* Soft state for pmtu is maintained by IP core. */
500 /* All others are translated to HOST_UNREACH.
501 rfc2003 contains "deep thoughts" about NET_UNREACH,
502 I believe they are just ether pollution. --ANK
507 case ICMP_TIME_EXCEEDED:
508 if (code != ICMP_EXC_TTL)
514 t = ipgre_tunnel_lookup(skb->dev, iph->daddr, iph->saddr,
516 *(((__be32 *)p) + (grehlen / 4) - 1) : 0,
518 if (t == NULL || t->parms.iph.daddr == 0 ||
519 ipv4_is_multicast(t->parms.iph.daddr))
522 if (t->parms.iph.ttl == 0 && type == ICMP_TIME_EXCEEDED)
525 if (time_before(jiffies, t->err_time + IPTUNNEL_ERR_TIMEO))
529 t->err_time = jiffies;
535 static inline void ipgre_ecn_decapsulate(struct iphdr *iph, struct sk_buff *skb)
537 if (INET_ECN_is_ce(iph->tos)) {
538 if (skb->protocol == htons(ETH_P_IP)) {
539 IP_ECN_set_ce(ip_hdr(skb));
540 } else if (skb->protocol == htons(ETH_P_IPV6)) {
541 IP6_ECN_set_ce(ipv6_hdr(skb));
547 ipgre_ecn_encapsulate(u8 tos, struct iphdr *old_iph, struct sk_buff *skb)
550 if (skb->protocol == htons(ETH_P_IP))
551 inner = old_iph->tos;
552 else if (skb->protocol == htons(ETH_P_IPV6))
553 inner = ipv6_get_dsfield((struct ipv6hdr *)old_iph);
554 return INET_ECN_encapsulate(tos, inner);
557 static int ipgre_rcv(struct sk_buff *skb)
565 struct ip_tunnel *tunnel;
570 if (!pskb_may_pull(skb, 16))
577 if (flags&(GRE_CSUM|GRE_KEY|GRE_ROUTING|GRE_SEQ|GRE_VERSION)) {
578 /* - Version must be 0.
579 - We do not support routing headers.
581 if (flags&(GRE_VERSION|GRE_ROUTING))
584 if (flags&GRE_CSUM) {
585 switch (skb->ip_summed) {
586 case CHECKSUM_COMPLETE:
587 csum = csum_fold(skb->csum);
593 csum = __skb_checksum_complete(skb);
594 skb->ip_summed = CHECKSUM_COMPLETE;
599 key = *(__be32*)(h + offset);
603 seqno = ntohl(*(__be32*)(h + offset));
608 gre_proto = *(__be16 *)(h + 2);
611 if ((tunnel = ipgre_tunnel_lookup(skb->dev,
612 iph->saddr, iph->daddr, key,
614 struct net_device_stats *stats;
615 #ifdef HAVE_NETDEV_STATS
616 stats = &tunnel->dev->stats;
618 stats = &tunnel->stat;
623 skb->protocol = gre_proto;
624 /* WCCP version 1 and 2 protocol decoding.
625 * - Change protocol to IP
626 * - When dealing with WCCPv2, Skip extra 4 bytes in GRE header
628 if (flags == 0 && gre_proto == htons(ETH_P_WCCP)) {
629 skb->protocol = htons(ETH_P_IP);
630 if ((*(h + offset) & 0xF0) != 0x40)
634 skb->mac_header = skb->network_header;
635 __pskb_pull(skb, offset);
636 skb_postpull_rcsum(skb, skb_transport_header(skb), offset);
637 skb->pkt_type = PACKET_HOST;
638 #ifdef CONFIG_NET_IPGRE_BROADCAST
639 if (ipv4_is_multicast(iph->daddr)) {
640 /* Looped back packet, drop it! */
641 if (skb_rtable(skb)->fl.iif == 0)
644 skb->pkt_type = PACKET_BROADCAST;
648 if (((flags&GRE_CSUM) && csum) ||
649 (!(flags&GRE_CSUM) && tunnel->parms.i_flags&GRE_CSUM)) {
650 stats->rx_crc_errors++;
654 if (tunnel->parms.i_flags&GRE_SEQ) {
655 if (!(flags&GRE_SEQ) ||
656 (tunnel->i_seqno && (s32)(seqno - tunnel->i_seqno) < 0)) {
657 stats->rx_fifo_errors++;
661 tunnel->i_seqno = seqno + 1;
666 /* Warning: All skb pointers will be invalidated! */
667 if (tunnel->dev->type == ARPHRD_ETHER) {
668 if (!pskb_may_pull(skb, ETH_HLEN)) {
669 stats->rx_length_errors++;
675 skb->protocol = eth_type_trans(skb, tunnel->dev);
676 skb_postpull_rcsum(skb, eth_hdr(skb), ETH_HLEN);
680 stats->rx_bytes += len;
681 skb->dev = tunnel->dev;
685 skb_reset_network_header(skb);
686 ipgre_ecn_decapsulate(iph, skb);
692 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_PORT_UNREACH, 0);
701 static netdev_tx_t ipgre_tunnel_xmit(struct sk_buff *skb, struct net_device *dev)
703 struct ip_tunnel *tunnel = netdev_priv(dev);
704 struct net_device_stats *stats;
705 #ifdef HAVE_NETDEV_QUEUE_STATS
706 struct netdev_queue *txq = netdev_get_tx_queue(dev, 0);
708 struct iphdr *old_iph = ip_hdr(skb);
712 struct rtable *rt; /* Route to the other host */
713 struct net_device *tdev; /* Device to other host */
714 struct iphdr *iph; /* Our new IP header */
715 unsigned int max_headroom; /* The extra header space needed */
720 #ifdef HAVE_NETDEV_STATS
723 stats = &tunnel->stat;
726 if (dev->type == ARPHRD_ETHER)
727 IPCB(skb)->flags = 0;
729 #ifdef HAVE_NETDEV_HEADER_OPS
730 if (dev->header_ops && dev->type == ARPHRD_IPGRE) {
732 if (dev->hard_header && dev->type == ARPHRD_IPGRE) {
735 tiph = (struct iphdr *)skb->data;
737 gre_hlen = tunnel->hlen;
738 tiph = &tunnel->parms.iph;
741 if ((dst = tiph->daddr) == 0) {
744 if (skb_dst(skb) == NULL) {
745 stats->tx_fifo_errors++;
749 if (skb->protocol == htons(ETH_P_IP)) {
750 rt = skb_rtable(skb);
751 if ((dst = rt->rt_gateway) == 0)
755 else if (skb->protocol == htons(ETH_P_IPV6)) {
756 struct in6_addr *addr6;
758 struct neighbour *neigh = skb_dst(skb)->neighbour;
763 addr6 = (struct in6_addr *)&neigh->primary_key;
764 addr_type = ipv6_addr_type(addr6);
766 if (addr_type == IPV6_ADDR_ANY) {
767 addr6 = &ipv6_hdr(skb)->daddr;
768 addr_type = ipv6_addr_type(addr6);
771 if ((addr_type & IPV6_ADDR_COMPATv4) == 0)
774 dst = addr6->s6_addr32[3];
784 if (skb->protocol == htons(ETH_P_IP))
789 struct flowi fl = { .oif = tunnel->parms.link,
792 .saddr = tiph->saddr,
793 .tos = RT_TOS(tos) } },
794 .proto = IPPROTO_GRE };
795 if (ip_route_output_key(dev_net(dev), &rt, &fl)) {
796 stats->tx_carrier_errors++;
800 tdev = rt->u.dst.dev;
810 #ifdef HAVE_NETDEV_NEEDED_HEADROOM
811 mtu = dst_mtu(&rt->u.dst) - dev->hard_header_len - tunnel->hlen;
813 mtu = dst_mtu(&rt->u.dst) - tunnel->hlen;
816 mtu = skb_dst(skb) ? dst_mtu(skb_dst(skb)) : dev->mtu;
819 skb_dst(skb)->ops->update_pmtu(skb_dst(skb), mtu);
821 /* XXX: Temporarily allow fragmentation since DF doesn't
822 * do the right thing with bridging. */
824 if (skb->protocol == htons(ETH_P_IP)) {
825 df |= (old_iph->frag_off&htons(IP_DF));
827 if ((old_iph->frag_off&htons(IP_DF)) &&
828 mtu < ntohs(old_iph->tot_len)) {
829 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED, htonl(mtu));
835 else if (skb->protocol == htons(ETH_P_IPV6)) {
836 struct rt6_info *rt6 = (struct rt6_info *)skb_dst(skb);
838 if (rt6 && mtu < dst_mtu(skb_dst(skb)) && mtu >= IPV6_MIN_MTU) {
839 if ((tunnel->parms.iph.daddr &&
840 !ipv4_is_multicast(tunnel->parms.iph.daddr)) ||
841 rt6->rt6i_dst.plen == 128) {
842 rt6->rt6i_flags |= RTF_MODIFIED;
843 skb_dst(skb)->metrics[RTAX_MTU-1] = mtu;
847 if (mtu >= IPV6_MIN_MTU && mtu < skb->len - tunnel->hlen + gre_hlen) {
848 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu, dev);
855 if (tunnel->err_count > 0) {
856 if (time_before(jiffies,
857 tunnel->err_time + IPTUNNEL_ERR_TIMEO)) {
860 dst_link_failure(skb);
862 tunnel->err_count = 0;
865 max_headroom = LL_RESERVED_SPACE(tdev) + gre_hlen;
867 if (skb_headroom(skb) < max_headroom || skb_shared(skb)||
868 (skb_cloned(skb) && !skb_clone_writable(skb, 0))) {
869 struct sk_buff *new_skb = skb_realloc_headroom(skb, max_headroom);
872 #ifdef HAVE_NETDEV_QUEUE_STATS
881 skb_set_owner_w(new_skb, skb->sk);
884 old_iph = ip_hdr(skb);
887 skb_reset_transport_header(skb);
888 skb_push(skb, gre_hlen);
889 skb_reset_network_header(skb);
890 memset(&(IPCB(skb)->opt), 0, sizeof(IPCB(skb)->opt));
891 IPCB(skb)->flags &= ~(IPSKB_XFRM_TUNNEL_SIZE | IPSKB_XFRM_TRANSFORMED |
894 skb_dst_set(skb, &rt->u.dst);
897 * Push down and install the IPIP header.
902 iph->ihl = sizeof(struct iphdr) >> 2;
904 iph->protocol = IPPROTO_GRE;
905 iph->tos = ipgre_ecn_encapsulate(tos, old_iph, skb);
906 iph->daddr = rt->rt_dst;
907 iph->saddr = rt->rt_src;
909 if ((iph->ttl = tiph->ttl) == 0) {
910 if (skb->protocol == htons(ETH_P_IP))
911 iph->ttl = old_iph->ttl;
913 else if (skb->protocol == htons(ETH_P_IPV6))
914 iph->ttl = ((struct ipv6hdr *)old_iph)->hop_limit;
917 iph->ttl = dst_metric(&rt->u.dst, RTAX_HOPLIMIT);
920 ((__be16 *)(iph + 1))[0] = tunnel->parms.o_flags;
921 ((__be16 *)(iph + 1))[1] = (dev->type == ARPHRD_ETHER) ?
922 htons(ETH_P_TEB) : skb->protocol;
924 if (tunnel->parms.o_flags&(GRE_KEY|GRE_CSUM|GRE_SEQ)) {
925 __be32 *ptr = (__be32*)(((u8*)iph) + tunnel->hlen - 4);
927 if (tunnel->parms.o_flags&GRE_SEQ) {
929 *ptr = htonl(tunnel->o_seqno);
932 if (tunnel->parms.o_flags&GRE_KEY) {
933 *ptr = tunnel->parms.o_key;
936 if (tunnel->parms.o_flags&GRE_CSUM) {
938 *(__sum16*)ptr = ip_compute_csum((void*)(iph+1), skb->len - sizeof(struct iphdr));
948 dst_link_failure(skb);
956 static int ipgre_tunnel_bind_dev(struct net_device *dev)
958 struct net_device *tdev = NULL;
959 struct ip_tunnel *tunnel;
961 int hlen = LL_MAX_HEADER;
962 int mtu = ETH_DATA_LEN;
963 int addend = sizeof(struct iphdr) + 4;
965 tunnel = netdev_priv(dev);
966 iph = &tunnel->parms.iph;
968 /* Guess output device to choose reasonable mtu and needed_headroom */
971 struct flowi fl = { .oif = tunnel->parms.link,
973 { .daddr = iph->daddr,
975 .tos = RT_TOS(iph->tos) } },
976 .proto = IPPROTO_GRE };
978 if (!ip_route_output_key(dev_net(dev), &rt, &fl)) {
979 tdev = rt->u.dst.dev;
983 if (dev->type != ARPHRD_ETHER)
984 dev->flags |= IFF_POINTOPOINT;
987 if (!tdev && tunnel->parms.link)
988 tdev = __dev_get_by_index(dev_net(dev), tunnel->parms.link);
991 #ifdef HAVE_NETDEV_NEEDED_HEADROOM
992 hlen = tdev->hard_header_len + tdev->needed_headroom;
994 hlen = tdev->hard_header_len;
998 dev->iflink = tunnel->parms.link;
1000 /* Precalculate GRE options length */
1001 if (tunnel->parms.o_flags&(GRE_CSUM|GRE_KEY|GRE_SEQ)) {
1002 if (tunnel->parms.o_flags&GRE_CSUM)
1004 if (tunnel->parms.o_flags&GRE_KEY)
1006 if (tunnel->parms.o_flags&GRE_SEQ)
1009 #ifdef HAVE_NETDEV_NEEDED_HEADROOM
1010 dev->needed_headroom = hlen + addend;
1011 mtu -= dev->hard_header_len + addend;
1013 dev->hard_header_len = hlen + addend;
1016 tunnel->hlen = addend;
1021 /* XXX: Set MTU to the maximum possible value. If we are bridged to a
1022 * device with a larger MTU then packets will be dropped. */
1029 ipgre_tunnel_ioctl (struct net_device *dev, struct ifreq *ifr, int cmd)
1032 struct ip_tunnel_parm p;
1033 struct ip_tunnel *t;
1034 struct net *net = dev_net(dev);
1035 struct ipgre_net *ign = net_generic(net, ipgre_net_id);
1036 int add_tunnel, gretap;
1041 if (dev == ign->fb_tunnel_dev) {
1042 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p))) {
1046 t = ipgre_tunnel_locate(net, &p, false, 0);
1049 t = netdev_priv(dev);
1050 memcpy(&p, &t->parms, sizeof(p));
1051 if (copy_to_user(ifr->ifr_ifru.ifru_data, &p, sizeof(p)))
1060 if (!capable(CAP_NET_ADMIN))
1064 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p)))
1068 if (p.iph.version != 4 || p.iph.protocol != IPPROTO_GRE ||
1069 p.iph.ihl != 5 || (p.iph.frag_off&htons(~IP_DF)) ||
1070 ((p.i_flags|p.o_flags)&(GRE_VERSION|GRE_ROUTING)))
1073 add_tunnel = (cmd == SIOCADDTUNNEL || cmd == SIOCADDGRETAP);
1074 gretap = (cmd == SIOCADDGRETAP || cmd == SIOCCHGGRETAP);
1077 p.iph.frag_off |= htons(IP_DF);
1079 if (!(p.i_flags&GRE_KEY))
1081 if (!(p.o_flags&GRE_KEY))
1084 t = ipgre_tunnel_locate(net, &p, gretap, add_tunnel);
1086 if (dev != ign->fb_tunnel_dev && !add_tunnel) {
1088 if (t->dev != dev) {
1093 unsigned nflags = 0;
1095 t = netdev_priv(dev);
1097 if (ipv4_is_multicast(p.iph.daddr))
1098 nflags = IFF_BROADCAST;
1099 else if (p.iph.daddr)
1100 nflags = IFF_POINTOPOINT;
1102 if ((dev->flags^nflags)&(IFF_POINTOPOINT|IFF_BROADCAST)) {
1106 ipgre_tunnel_unlink(ign, t);
1107 t->parms.iph.saddr = p.iph.saddr;
1108 t->parms.iph.daddr = p.iph.daddr;
1109 t->parms.i_key = p.i_key;
1110 t->parms.o_key = p.o_key;
1111 memcpy(dev->dev_addr, &p.iph.saddr, 4);
1112 memcpy(dev->broadcast, &p.iph.daddr, 4);
1113 ipgre_tunnel_link(ign, t);
1114 netdev_state_change(dev);
1121 t->parms.iph.ttl = p.iph.ttl;
1122 t->parms.iph.tos = p.iph.tos;
1123 t->parms.iph.frag_off = p.iph.frag_off;
1124 if (t->parms.link != p.link) {
1125 t->parms.link = p.link;
1126 dev->mtu = ipgre_tunnel_bind_dev(dev);
1127 netdev_state_change(dev);
1130 if (copy_to_user(ifr->ifr_ifru.ifru_data, &t->parms, sizeof(p)))
1133 err = (add_tunnel ? -ENOBUFS : -ENOENT);
1138 if (!capable(CAP_NET_ADMIN))
1141 if (dev == ign->fb_tunnel_dev) {
1143 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p)))
1146 if ((t = ipgre_tunnel_locate(net, &p, false, 0)) == NULL)
1149 if (t == netdev_priv(ign->fb_tunnel_dev))
1153 unregister_netdevice(dev);
1165 #ifndef HAVE_NETDEV_STATS
1166 static struct net_device_stats *ipgre_tunnel_get_stats(struct net_device *dev)
1168 return &(((struct ip_tunnel*)netdev_priv(dev))->stat);
1172 static int ipgre_tunnel_change_mtu(struct net_device *dev, int new_mtu)
1174 struct ip_tunnel *tunnel = netdev_priv(dev);
1176 #ifdef HAVE_NETDEV_NEEDED_HEADROOM
1177 new_mtu > 0xFFF8 - dev->hard_header_len - tunnel->hlen)
1179 new_mtu > 0xFFF8 - tunnel->hlen)
1186 /* Nice toy. Unfortunately, useless in real life :-)
1187 It allows to construct virtual multiprotocol broadcast "LAN"
1188 over the Internet, provided multicast routing is tuned.
1191 I have no idea was this bicycle invented before me,
1192 so that I had to set ARPHRD_IPGRE to a random value.
1193 I have an impression, that Cisco could make something similar,
1194 but this feature is apparently missing in IOS<=11.2(8).
1196 I set up 10.66.66/24 and fec0:6666:6666::0/96 as virtual networks
1197 with broadcast 224.66.66.66. If you have access to mbone, play with me :-)
1199 ping -t 255 224.66.66.66
1201 If nobody answers, mbone does not work.
1203 ip tunnel add Universe mode gre remote 224.66.66.66 local <Your_real_addr> ttl 255
1204 ip addr add 10.66.66.<somewhat>/24 dev Universe
1205 ifconfig Universe up
1206 ifconfig Universe add fe80::<Your_real_addr>/10
1207 ifconfig Universe add fec0:6666:6666::<Your_real_addr>/96
1210 ftp fec0:6666:6666::193.233.7.65
1215 #ifdef HAVE_NETDEV_HEADER_OPS
1216 static int ipgre_header(struct sk_buff *skb, struct net_device *dev,
1217 unsigned short type,
1218 const void *daddr, const void *saddr, unsigned len)
1220 static int ipgre_header(struct sk_buff *skb, struct net_device *dev, unsigned short type,
1221 void *daddr, void *saddr, unsigned len)
1224 struct ip_tunnel *t = netdev_priv(dev);
1225 struct iphdr *iph = (struct iphdr *)skb_push(skb, t->hlen);
1226 __be16 *p = (__be16*)(iph+1);
1228 memcpy(iph, &t->parms.iph, sizeof(struct iphdr));
1229 p[0] = t->parms.o_flags;
1233 * Set the source hardware address.
1237 memcpy(&iph->saddr, saddr, 4);
1240 memcpy(&iph->daddr, daddr, 4);
1243 if (iph->daddr && !ipv4_is_multicast(iph->daddr))
1249 #ifdef HAVE_NETDEV_HEADER_OPS
1250 static int ipgre_header_parse(const struct sk_buff *skb, unsigned char *haddr)
1252 static int ipgre_header_parse(struct sk_buff *skb, unsigned char *haddr)
1255 struct iphdr *iph = (struct iphdr *) skb_mac_header(skb);
1256 memcpy(haddr, &iph->saddr, 4);
1260 #ifdef HAVE_NETDEV_HEADER_OPS
1261 static const struct header_ops ipgre_header_ops = {
1262 .create = ipgre_header,
1263 .parse = ipgre_header_parse,
1267 #ifdef CONFIG_NET_IPGRE_BROADCAST
1268 static int ipgre_open(struct net_device *dev)
1270 struct ip_tunnel *t = netdev_priv(dev);
1272 if (ipv4_is_multicast(t->parms.iph.daddr)) {
1273 struct flowi fl = { .oif = t->parms.link,
1275 { .daddr = t->parms.iph.daddr,
1276 .saddr = t->parms.iph.saddr,
1277 .tos = RT_TOS(t->parms.iph.tos) } },
1278 .proto = IPPROTO_GRE };
1280 if (ip_route_output_key(dev_net(dev), &rt, &fl))
1281 return -EADDRNOTAVAIL;
1282 dev = rt->u.dst.dev;
1284 if (__in_dev_get_rtnl(dev) == NULL)
1285 return -EADDRNOTAVAIL;
1286 t->mlink = dev->ifindex;
1287 ip_mc_inc_group(__in_dev_get_rtnl(dev), t->parms.iph.daddr);
1292 static int ipgre_close(struct net_device *dev)
1294 struct ip_tunnel *t = netdev_priv(dev);
1296 if (ipv4_is_multicast(t->parms.iph.daddr) && t->mlink) {
1297 struct in_device *in_dev;
1298 in_dev = inetdev_by_index(dev_net(dev), t->mlink);
1300 ip_mc_dec_group(in_dev, t->parms.iph.daddr);
1309 static void ethtool_getinfo(struct net_device *dev,
1310 struct ethtool_drvinfo *info)
1312 strcpy(info->driver, "ip_gre");
1313 strcpy(info->version, "Open vSwitch "VERSION BUILDNR);
1314 strcpy(info->bus_info, dev->type == ARPHRD_ETHER ? "gretap" : "gre");
1317 static struct ethtool_ops ethtool_ops = {
1318 .get_drvinfo = ethtool_getinfo,
1321 #ifdef HAVE_NET_DEVICE_OPS
1322 static const struct net_device_ops ipgre_netdev_ops = {
1323 .ndo_init = ipgre_tunnel_init,
1324 .ndo_uninit = ipgre_tunnel_uninit,
1325 #ifdef CONFIG_NET_IPGRE_BROADCAST
1326 .ndo_open = ipgre_open,
1327 .ndo_stop = ipgre_close,
1329 .ndo_start_xmit = ipgre_tunnel_xmit,
1330 .ndo_do_ioctl = ipgre_tunnel_ioctl,
1331 .ndo_change_mtu = ipgre_tunnel_change_mtu,
1335 static void ipgre_tunnel_setup(struct net_device *dev)
1337 #ifdef HAVE_NET_DEVICE_OPS
1338 dev->netdev_ops = &ipgre_netdev_ops;
1340 dev->init = ipgre_tunnel_init;
1341 dev->uninit = ipgre_tunnel_uninit;
1342 dev->hard_start_xmit = ipgre_tunnel_xmit;
1343 #ifndef HAVE_NETDEV_STATS
1344 dev->get_stats = ipgre_tunnel_get_stats;
1346 dev->do_ioctl = ipgre_tunnel_ioctl;
1347 dev->change_mtu = ipgre_tunnel_change_mtu;
1348 #endif /* HAVE_NET_DEVICE_OPS */
1349 dev->destructor = free_netdev;
1351 dev->type = ARPHRD_IPGRE;
1352 #ifdef HAVE_NETDEV_NEEDED_HEADROOM
1353 dev->needed_headroom = LL_MAX_HEADER + sizeof(struct iphdr) + 4;
1355 dev->hard_header_len = LL_MAX_HEADER + sizeof(struct iphdr) + 4;
1357 dev->mtu = ETH_DATA_LEN - sizeof(struct iphdr) - 4;
1358 dev->flags = IFF_NOARP;
1361 dev->features |= NETIF_F_NETNS_LOCAL;
1362 dev->priv_flags &= ~IFF_XMIT_DST_RELEASE;
1364 SET_ETHTOOL_OPS(dev, ðtool_ops);
1367 static int ipgre_tunnel_init(struct net_device *dev)
1369 struct ip_tunnel *tunnel;
1372 tunnel = netdev_priv(dev);
1373 iph = &tunnel->parms.iph;
1376 strcpy(tunnel->parms.name, dev->name);
1378 memcpy(dev->dev_addr, &tunnel->parms.iph.saddr, 4);
1379 memcpy(dev->broadcast, &tunnel->parms.iph.daddr, 4);
1382 #ifdef CONFIG_NET_IPGRE_BROADCAST
1383 if (ipv4_is_multicast(iph->daddr)) {
1386 dev->flags = IFF_BROADCAST;
1387 #ifdef HAVE_NETDEV_HEADER_OPS
1388 dev->header_ops = &ipgre_header_ops;
1390 dev->hard_header = ipgre_header;
1391 dev->hard_header_parse = ipgre_header_parse;
1393 #ifndef HAVE_NET_DEVICE_OPS
1394 dev->open = ipgre_open;
1395 dev->stop = ipgre_close;
1400 #ifdef HAVE_NETDEV_HEADER_OPS
1401 dev->header_ops = &ipgre_header_ops;
1403 dev->hard_header = ipgre_header;
1404 dev->hard_header_parse = ipgre_header_parse;
1411 #ifdef HAVE_NET_DEVICE_OPS
1412 static void ipgre_fb_tunnel_init(struct net_device *dev)
1414 static int ipgre_fb_tunnel_init(struct net_device *dev)
1417 struct ip_tunnel *tunnel = netdev_priv(dev);
1418 struct iphdr *iph = &tunnel->parms.iph;
1419 struct ipgre_net *ign = net_generic(dev_net(dev), ipgre_net_id);
1422 strcpy(tunnel->parms.name, dev->name);
1425 iph->protocol = IPPROTO_GRE;
1427 tunnel->hlen = sizeof(struct iphdr) + 4;
1430 ign->tunnels_wc[0] = tunnel;
1432 #ifndef HAVE_NET_DEVICE_OPS
1437 #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,32)
1438 static struct net_protocol ipgre_protocol = {
1440 static const struct net_protocol ipgre_protocol = {
1442 .handler = ipgre_rcv,
1443 .err_handler = ipgre_err,
1444 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,26)
1449 static void ipgre_destroy_tunnels(struct ipgre_net *ign)
1453 for (prio = 0; prio < 4; prio++) {
1455 for (h = 0; h < HASH_SIZE; h++) {
1456 struct ip_tunnel *t;
1457 while ((t = ign->tunnels[prio][h]) != NULL)
1458 unregister_netdevice(t->dev);
1463 static int ipgre_init_net(struct net *net)
1466 struct ipgre_net *ign;
1469 ign = kzalloc(sizeof(struct ipgre_net), GFP_KERNEL);
1473 err = net_assign_generic(net, ipgre_net_id, ign);
1477 ign->fb_tunnel_dev = alloc_netdev(sizeof(struct ip_tunnel), GRE_IOCTL_DEVICE,
1478 ipgre_tunnel_setup);
1479 if (!ign->fb_tunnel_dev) {
1483 dev_net_set(ign->fb_tunnel_dev, net);
1485 #ifdef HAVE_NET_DEVICE_OPS
1486 ipgre_fb_tunnel_init(ign->fb_tunnel_dev);
1488 ign->fb_tunnel_dev->init = ipgre_fb_tunnel_init;
1490 #ifndef GRE_IOCTL_ONLY
1491 ign->fb_tunnel_dev->rtnl_link_ops = &ipgre_link_ops;
1494 if ((err = register_netdev(ign->fb_tunnel_dev)))
1500 free_netdev(ign->fb_tunnel_dev);
1509 static void ipgre_exit_net(struct net *net)
1511 struct ipgre_net *ign;
1513 ign = net_generic(net, ipgre_net_id);
1515 ipgre_destroy_tunnels(ign);
1520 static struct pernet_operations ipgre_net_ops = {
1521 .init = ipgre_init_net,
1522 .exit = ipgre_exit_net,
1525 static int ipgre_tap_init(struct net_device *dev)
1527 struct ip_tunnel *tunnel;
1529 tunnel = netdev_priv(dev);
1532 strcpy(tunnel->parms.name, dev->name);
1534 ipgre_tunnel_bind_dev(dev);
1539 #ifdef HAVE_NET_DEVICE_OPS
1540 static const struct net_device_ops ipgre_tap_netdev_ops = {
1541 .ndo_init = ipgre_tap_init,
1542 .ndo_uninit = ipgre_tunnel_uninit,
1543 .ndo_start_xmit = ipgre_tunnel_xmit,
1544 .ndo_set_mac_address = eth_mac_addr,
1545 .ndo_validate_addr = eth_validate_addr,
1546 .ndo_do_ioctl = ipgre_tunnel_ioctl,
1547 .ndo_change_mtu = ipgre_tunnel_change_mtu,
1551 static void ipgre_tap_setup(struct net_device *dev)
1555 #ifdef HAVE_NET_DEVICE_OPS
1556 dev->netdev_ops = &ipgre_tap_netdev_ops;
1558 dev->init = ipgre_tap_init;
1559 dev->uninit = ipgre_tunnel_uninit;
1560 dev->hard_start_xmit = ipgre_tunnel_xmit;
1561 #ifndef HAVE_NETDEV_STATS
1562 dev->get_stats = ipgre_tunnel_get_stats;
1564 dev->do_ioctl = ipgre_tunnel_ioctl;
1565 dev->change_mtu = ipgre_tunnel_change_mtu;
1566 #endif /* HAVE_NET_DEVICE_OPS */
1567 dev->destructor = free_netdev;
1570 dev->features |= NETIF_F_NETNS_LOCAL;
1572 SET_ETHTOOL_OPS(dev, ðtool_ops);
1575 #ifndef GRE_IOCTL_ONLY
1576 static int ipgre_tunnel_validate(struct nlattr *tb[], struct nlattr *data[])
1584 if (data[IFLA_GRE_IFLAGS])
1585 flags |= nla_get_be16(data[IFLA_GRE_IFLAGS]);
1586 if (data[IFLA_GRE_OFLAGS])
1587 flags |= nla_get_be16(data[IFLA_GRE_OFLAGS]);
1588 if (flags & (GRE_VERSION|GRE_ROUTING))
1594 static int ipgre_tap_validate(struct nlattr *tb[], struct nlattr *data[])
1598 if (tb[IFLA_ADDRESS]) {
1599 if (nla_len(tb[IFLA_ADDRESS]) != ETH_ALEN)
1601 if (!is_valid_ether_addr(nla_data(tb[IFLA_ADDRESS])))
1602 return -EADDRNOTAVAIL;
1608 if (data[IFLA_GRE_REMOTE]) {
1609 memcpy(&daddr, nla_data(data[IFLA_GRE_REMOTE]), 4);
1615 return ipgre_tunnel_validate(tb, data);
1618 static void ipgre_netlink_parms(struct nlattr *data[],
1619 struct ip_tunnel_parm *parms)
1621 memset(parms, 0, sizeof(*parms));
1623 parms->iph.protocol = IPPROTO_GRE;
1628 if (data[IFLA_GRE_LINK])
1629 parms->link = nla_get_u32(data[IFLA_GRE_LINK]);
1631 if (data[IFLA_GRE_IFLAGS])
1632 parms->i_flags = nla_get_be16(data[IFLA_GRE_IFLAGS]);
1634 if (data[IFLA_GRE_OFLAGS])
1635 parms->o_flags = nla_get_be16(data[IFLA_GRE_OFLAGS]);
1637 if (data[IFLA_GRE_IKEY])
1638 parms->i_key = nla_get_be32(data[IFLA_GRE_IKEY]);
1640 if (data[IFLA_GRE_OKEY])
1641 parms->o_key = nla_get_be32(data[IFLA_GRE_OKEY]);
1643 if (data[IFLA_GRE_LOCAL])
1644 parms->iph.saddr = nla_get_be32(data[IFLA_GRE_LOCAL]);
1646 if (data[IFLA_GRE_REMOTE])
1647 parms->iph.daddr = nla_get_be32(data[IFLA_GRE_REMOTE]);
1649 if (data[IFLA_GRE_TTL])
1650 parms->iph.ttl = nla_get_u8(data[IFLA_GRE_TTL]);
1652 if (data[IFLA_GRE_TOS])
1653 parms->iph.tos = nla_get_u8(data[IFLA_GRE_TOS]);
1655 if (!data[IFLA_GRE_PMTUDISC] || nla_get_u8(data[IFLA_GRE_PMTUDISC]))
1656 parms->iph.frag_off = htons(IP_DF);
1659 static int ipgre_newlink(struct net_device *dev, struct nlattr *tb[],
1660 struct nlattr *data[])
1662 struct ip_tunnel *nt;
1663 struct net *net = dev_net(dev);
1664 struct ipgre_net *ign = net_generic(net, ipgre_net_id);
1668 nt = netdev_priv(dev);
1669 ipgre_netlink_parms(data, &nt->parms);
1671 if (ipgre_tunnel_find(net, &nt->parms, dev->type))
1674 if (dev->type == ARPHRD_ETHER && !tb[IFLA_ADDRESS])
1675 random_ether_addr(dev->dev_addr);
1677 mtu = ipgre_tunnel_bind_dev(dev);
1681 err = register_netdevice(dev);
1686 ipgre_tunnel_link(ign, nt);
1692 static int ipgre_changelink(struct net_device *dev, struct nlattr *tb[],
1693 struct nlattr *data[])
1695 struct ip_tunnel *t, *nt;
1696 struct net *net = dev_net(dev);
1697 struct ipgre_net *ign = net_generic(net, ipgre_net_id);
1698 struct ip_tunnel_parm p;
1701 if (dev == ign->fb_tunnel_dev)
1704 nt = netdev_priv(dev);
1705 ipgre_netlink_parms(data, &p);
1707 t = ipgre_tunnel_locate(net, &p, false, 0);
1715 if (dev->type != ARPHRD_ETHER) {
1716 unsigned nflags = 0;
1718 if (ipv4_is_multicast(p.iph.daddr))
1719 nflags = IFF_BROADCAST;
1720 else if (p.iph.daddr)
1721 nflags = IFF_POINTOPOINT;
1723 if ((dev->flags ^ nflags) &
1724 (IFF_POINTOPOINT | IFF_BROADCAST))
1728 ipgre_tunnel_unlink(ign, t);
1729 t->parms.iph.saddr = p.iph.saddr;
1730 t->parms.iph.daddr = p.iph.daddr;
1731 t->parms.i_key = p.i_key;
1732 if (dev->type != ARPHRD_ETHER) {
1733 memcpy(dev->dev_addr, &p.iph.saddr, 4);
1734 memcpy(dev->broadcast, &p.iph.daddr, 4);
1736 ipgre_tunnel_link(ign, t);
1737 netdev_state_change(dev);
1740 t->parms.o_key = p.o_key;
1741 t->parms.iph.ttl = p.iph.ttl;
1742 t->parms.iph.tos = p.iph.tos;
1743 t->parms.iph.frag_off = p.iph.frag_off;
1745 if (t->parms.link != p.link) {
1746 t->parms.link = p.link;
1747 mtu = ipgre_tunnel_bind_dev(dev);
1750 netdev_state_change(dev);
1756 static size_t ipgre_get_size(const struct net_device *dev)
1761 /* IFLA_GRE_IFLAGS */
1763 /* IFLA_GRE_OFLAGS */
1769 /* IFLA_GRE_LOCAL */
1771 /* IFLA_GRE_REMOTE */
1777 /* IFLA_GRE_PMTUDISC */
1782 static int ipgre_fill_info(struct sk_buff *skb, const struct net_device *dev)
1784 struct ip_tunnel *t = netdev_priv(dev);
1785 struct ip_tunnel_parm *p = &t->parms;
1787 NLA_PUT_U32(skb, IFLA_GRE_LINK, p->link);
1788 NLA_PUT_BE16(skb, IFLA_GRE_IFLAGS, p->i_flags);
1789 NLA_PUT_BE16(skb, IFLA_GRE_OFLAGS, p->o_flags);
1790 NLA_PUT_BE32(skb, IFLA_GRE_IKEY, p->i_key);
1791 NLA_PUT_BE32(skb, IFLA_GRE_OKEY, p->o_key);
1792 NLA_PUT_BE32(skb, IFLA_GRE_LOCAL, p->iph.saddr);
1793 NLA_PUT_BE32(skb, IFLA_GRE_REMOTE, p->iph.daddr);
1794 NLA_PUT_U8(skb, IFLA_GRE_TTL, p->iph.ttl);
1795 NLA_PUT_U8(skb, IFLA_GRE_TOS, p->iph.tos);
1796 NLA_PUT_U8(skb, IFLA_GRE_PMTUDISC, !!(p->iph.frag_off & htons(IP_DF)));
1804 static const struct nla_policy ipgre_policy[IFLA_GRE_MAX + 1] = {
1805 [IFLA_GRE_LINK] = { .type = NLA_U32 },
1806 [IFLA_GRE_IFLAGS] = { .type = NLA_U16 },
1807 [IFLA_GRE_OFLAGS] = { .type = NLA_U16 },
1808 [IFLA_GRE_IKEY] = { .type = NLA_U32 },
1809 [IFLA_GRE_OKEY] = { .type = NLA_U32 },
1810 [IFLA_GRE_LOCAL] = { .len = FIELD_SIZEOF(struct iphdr, saddr) },
1811 [IFLA_GRE_REMOTE] = { .len = FIELD_SIZEOF(struct iphdr, daddr) },
1812 [IFLA_GRE_TTL] = { .type = NLA_U8 },
1813 [IFLA_GRE_TOS] = { .type = NLA_U8 },
1814 [IFLA_GRE_PMTUDISC] = { .type = NLA_U8 },
1817 static struct rtnl_link_ops ipgre_link_ops __read_mostly = {
1819 .maxtype = IFLA_GRE_MAX,
1820 .policy = ipgre_policy,
1821 .priv_size = sizeof(struct ip_tunnel),
1822 .setup = ipgre_tunnel_setup,
1823 .validate = ipgre_tunnel_validate,
1824 .newlink = ipgre_newlink,
1825 .changelink = ipgre_changelink,
1826 .get_size = ipgre_get_size,
1827 .fill_info = ipgre_fill_info,
1830 static struct rtnl_link_ops ipgre_tap_ops __read_mostly = {
1832 .maxtype = IFLA_GRE_MAX,
1833 .policy = ipgre_policy,
1834 .priv_size = sizeof(struct ip_tunnel),
1835 .setup = ipgre_tap_setup,
1836 .validate = ipgre_tap_validate,
1837 .newlink = ipgre_newlink,
1838 .changelink = ipgre_changelink,
1839 .get_size = ipgre_get_size,
1840 .fill_info = ipgre_fill_info,
1845 * And now the modules code and kernel interface.
1848 static int __init ipgre_init(void)
1852 printk(KERN_INFO "GRE over IPv4 tunneling driver\n");
1854 if (inet_add_protocol(&ipgre_protocol, IPPROTO_GRE) < 0) {
1855 printk(KERN_INFO "ipgre init: can't add protocol\n");
1859 err = register_pernet_gen_device(&ipgre_net_id, &ipgre_net_ops);
1861 goto gen_device_failed;
1863 #ifndef GRE_IOCTL_ONLY
1864 err = rtnl_link_register(&ipgre_link_ops);
1866 goto rtnl_link_failed;
1868 err = rtnl_link_register(&ipgre_tap_ops);
1870 goto tap_ops_failed;
1876 #ifndef GRE_IOCTL_ONLY
1878 rtnl_link_unregister(&ipgre_link_ops);
1880 unregister_pernet_gen_device(ipgre_net_id, &ipgre_net_ops);
1883 inet_del_protocol(&ipgre_protocol, IPPROTO_GRE);
1888 static void __exit ipgre_fini(void)
1890 #ifndef GRE_IOCTL_ONLY
1891 rtnl_link_unregister(&ipgre_tap_ops);
1892 rtnl_link_unregister(&ipgre_link_ops);
1894 unregister_pernet_gen_device(ipgre_net_id, &ipgre_net_ops);
1895 if (inet_del_protocol(&ipgre_protocol, IPPROTO_GRE) < 0)
1896 printk(KERN_INFO "ipgre close: can't remove protocol\n");
1899 module_init(ipgre_init);
1900 module_exit(ipgre_fini);
1901 MODULE_DESCRIPTION("GRE over IPv4 tunneling driver");
1902 MODULE_LICENSE("GPL");
1903 #ifndef GRE_IOCTL_ONLY
1904 MODULE_ALIAS_RTNL_LINK("gre");
1905 MODULE_ALIAS_RTNL_LINK("gretap");