2 * Copyright (c) 2010 Nicira Networks.
3 * Distributed under the terms of the GNU GPL version 2.
5 * Significant portions of this file may be copied from parts of the Linux
6 * kernel, by Linus Torvalds and others.
9 #include <linux/if_arp.h>
10 #include <linux/if_ether.h>
12 #include <linux/if_vlan.h>
14 #include <linux/in_route.h>
15 #include <linux/jhash.h>
16 #include <linux/kernel.h>
17 #include <linux/version.h>
19 #include <net/dsfield.h>
22 #include <net/inet_ecn.h>
24 #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
27 #include <net/route.h>
35 #include "vport-generic.h"
37 /* Protected by RCU. */
38 static struct tbl *port_table;
41 * These are just used as an optimization: they don't require any kind of
42 * synchronization because we could have just as easily read the value before
43 * the port change happened.
45 static unsigned int key_local_remote_ports;
46 static unsigned int key_remote_ports;
47 static unsigned int local_remote_ports;
48 static unsigned int remote_ports;
50 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,36)
51 #define rt_dst(rt) (rt->dst)
53 #define rt_dst(rt) (rt->u.dst)
56 static inline struct vport *tnl_vport_to_vport(const struct tnl_vport *tnl_vport)
58 return vport_from_priv(tnl_vport);
61 static inline struct tnl_vport *tnl_vport_table_cast(const struct tbl_node *node)
63 return container_of(node, struct tnl_vport, tbl_node);
67 static void free_config(struct rcu_head *rcu)
69 struct tnl_mutable_config *c = container_of(rcu, struct tnl_mutable_config, rcu);
73 static void assign_config_rcu(struct vport *vport,
74 struct tnl_mutable_config *new_config)
76 struct tnl_vport *tnl_vport = tnl_vport_priv(vport);
77 struct tnl_mutable_config *old_config;
79 old_config = rcu_dereference(tnl_vport->mutable);
80 rcu_assign_pointer(tnl_vport->mutable, new_config);
81 call_rcu(&old_config->rcu, free_config);
84 static unsigned int *find_port_pool(const struct tnl_mutable_config *mutable)
86 if (mutable->port_config.flags & TNL_F_IN_KEY_MATCH) {
87 if (mutable->port_config.saddr)
88 return &local_remote_ports;
92 if (mutable->port_config.saddr)
93 return &key_local_remote_ports;
95 return &key_remote_ports;
100 LOOKUP_TUNNEL_TYPE = 0,
106 struct port_lookup_key {
107 u32 vals[4]; /* Contains enum lookup_key keys. */
108 const struct tnl_mutable_config *mutable;
112 * Modifies 'target' to store the rcu_dereferenced pointer that was used to do
115 static int port_cmp(const struct tbl_node *node, void *target)
117 const struct tnl_vport *tnl_vport = tnl_vport_table_cast(node);
118 struct port_lookup_key *lookup = target;
120 lookup->mutable = rcu_dereference(tnl_vport->mutable);
122 return (lookup->mutable->tunnel_type == lookup->vals[LOOKUP_TUNNEL_TYPE]) &&
123 lookup->mutable->port_config.daddr == lookup->vals[LOOKUP_DADDR] &&
124 lookup->mutable->port_config.in_key == lookup->vals[LOOKUP_KEY] &&
125 lookup->mutable->port_config.saddr == lookup->vals[LOOKUP_SADDR];
128 static u32 port_hash(struct port_lookup_key *lookup)
130 return jhash2(lookup->vals, ARRAY_SIZE(lookup->vals), 0);
133 static int add_port(struct vport *vport)
135 struct tnl_vport *tnl_vport = tnl_vport_priv(vport);
136 struct port_lookup_key lookup;
140 struct tbl *new_table;
142 new_table = tbl_create(0);
146 rcu_assign_pointer(port_table, new_table);
148 } else if (tbl_count(port_table) > tbl_n_buckets(port_table)) {
149 struct tbl *old_table = port_table;
150 struct tbl *new_table;
152 new_table = tbl_expand(old_table);
153 if (IS_ERR(new_table))
154 return PTR_ERR(new_table);
156 rcu_assign_pointer(port_table, new_table);
157 tbl_deferred_destroy(old_table, NULL);
160 lookup.vals[LOOKUP_SADDR] = tnl_vport->mutable->port_config.saddr;
161 lookup.vals[LOOKUP_DADDR] = tnl_vport->mutable->port_config.daddr;
162 lookup.vals[LOOKUP_KEY] = tnl_vport->mutable->port_config.in_key;
163 lookup.vals[LOOKUP_TUNNEL_TYPE] = tnl_vport->mutable->tunnel_type;
165 err = tbl_insert(port_table, &tnl_vport->tbl_node, port_hash(&lookup));
169 (*find_port_pool(tnl_vport->mutable))++;
174 static int del_port(struct vport *vport)
176 struct tnl_vport *tnl_vport = tnl_vport_priv(vport);
179 err = tbl_remove(port_table, &tnl_vport->tbl_node);
183 (*find_port_pool(tnl_vport->mutable))--;
188 struct vport *tnl_find_port(__be32 saddr, __be32 daddr, __be32 key,
190 const struct tnl_mutable_config **mutable)
192 struct port_lookup_key lookup;
193 struct tbl *table = rcu_dereference(port_table);
194 struct tbl_node *tbl_node;
199 lookup.vals[LOOKUP_SADDR] = saddr;
200 lookup.vals[LOOKUP_DADDR] = daddr;
202 if (tunnel_type & TNL_T_KEY_EXACT) {
203 lookup.vals[LOOKUP_KEY] = key;
204 lookup.vals[LOOKUP_TUNNEL_TYPE] = tunnel_type & ~TNL_T_KEY_MATCH;
206 if (key_local_remote_ports) {
207 tbl_node = tbl_lookup(table, &lookup, port_hash(&lookup), port_cmp);
212 if (key_remote_ports) {
213 lookup.vals[LOOKUP_SADDR] = 0;
215 tbl_node = tbl_lookup(table, &lookup, port_hash(&lookup), port_cmp);
219 lookup.vals[LOOKUP_SADDR] = saddr;
223 if (tunnel_type & TNL_T_KEY_MATCH) {
224 lookup.vals[LOOKUP_KEY] = 0;
225 lookup.vals[LOOKUP_TUNNEL_TYPE] = tunnel_type & ~TNL_T_KEY_EXACT;
227 if (local_remote_ports) {
228 tbl_node = tbl_lookup(table, &lookup, port_hash(&lookup), port_cmp);
234 lookup.vals[LOOKUP_SADDR] = 0;
236 tbl_node = tbl_lookup(table, &lookup, port_hash(&lookup), port_cmp);
245 *mutable = lookup.mutable;
246 return tnl_vport_to_vport(tnl_vport_table_cast(tbl_node));
249 static bool check_ipv4_address(__be32 addr)
251 if (ipv4_is_multicast(addr) || ipv4_is_lbcast(addr)
252 || ipv4_is_loopback(addr) || ipv4_is_zeronet(addr))
258 static bool ipv4_should_icmp(struct sk_buff *skb)
260 struct iphdr *old_iph = ip_hdr(skb);
262 /* Don't respond to L2 broadcast. */
263 if (is_multicast_ether_addr(eth_hdr(skb)->h_dest))
266 /* Don't respond to L3 broadcast or invalid addresses. */
267 if (!check_ipv4_address(old_iph->daddr) ||
268 !check_ipv4_address(old_iph->saddr))
271 /* Only respond to the first fragment. */
272 if (old_iph->frag_off & htons(IP_OFFSET))
275 /* Don't respond to ICMP error messages. */
276 if (old_iph->protocol == IPPROTO_ICMP) {
277 u8 icmp_type, *icmp_typep;
279 icmp_typep = skb_header_pointer(skb, (u8 *)old_iph +
280 (old_iph->ihl << 2) +
281 offsetof(struct icmphdr, type) -
282 skb->data, sizeof(icmp_type),
288 if (*icmp_typep > NR_ICMP_TYPES
289 || (*icmp_typep <= ICMP_PARAMETERPROB
290 && *icmp_typep != ICMP_ECHOREPLY
291 && *icmp_typep != ICMP_ECHO))
298 static void ipv4_build_icmp(struct sk_buff *skb, struct sk_buff *nskb,
299 unsigned int mtu, unsigned int payload_length)
301 struct iphdr *iph, *old_iph = ip_hdr(skb);
302 struct icmphdr *icmph;
305 iph = (struct iphdr *)skb_put(nskb, sizeof(struct iphdr));
306 icmph = (struct icmphdr *)skb_put(nskb, sizeof(struct icmphdr));
307 payload = skb_put(nskb, payload_length);
311 iph->ihl = sizeof(struct iphdr) >> 2;
312 iph->tos = (old_iph->tos & IPTOS_TOS_MASK) |
313 IPTOS_PREC_INTERNETCONTROL;
314 iph->tot_len = htons(sizeof(struct iphdr)
315 + sizeof(struct icmphdr)
317 get_random_bytes(&iph->id, sizeof(iph->id));
320 iph->protocol = IPPROTO_ICMP;
321 iph->daddr = old_iph->saddr;
322 iph->saddr = old_iph->daddr;
327 icmph->type = ICMP_DEST_UNREACH;
328 icmph->code = ICMP_FRAG_NEEDED;
329 icmph->un.gateway = htonl(mtu);
332 nskb->csum = csum_partial((u8 *)icmph, sizeof(struct icmphdr), 0);
333 nskb->csum = skb_copy_and_csum_bits(skb, (u8 *)old_iph - skb->data,
334 payload, payload_length,
336 icmph->checksum = csum_fold(nskb->csum);
339 #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
340 static bool ipv6_should_icmp(struct sk_buff *skb)
342 struct ipv6hdr *old_ipv6h = ipv6_hdr(skb);
344 int payload_off = (u8 *)(old_ipv6h + 1) - skb->data;
345 u8 nexthdr = ipv6_hdr(skb)->nexthdr;
347 /* Check source address is valid. */
348 addr_type = ipv6_addr_type(&old_ipv6h->saddr);
349 if (addr_type & IPV6_ADDR_MULTICAST || addr_type == IPV6_ADDR_ANY)
352 /* Don't reply to unspecified addresses. */
353 if (ipv6_addr_type(&old_ipv6h->daddr) == IPV6_ADDR_ANY)
356 /* Don't respond to ICMP error messages. */
357 payload_off = ipv6_skip_exthdr(skb, payload_off, &nexthdr);
361 if (nexthdr == NEXTHDR_ICMP) {
362 u8 icmp_type, *icmp_typep;
364 icmp_typep = skb_header_pointer(skb, payload_off +
365 offsetof(struct icmp6hdr,
367 sizeof(icmp_type), &icmp_type);
369 if (!icmp_typep || !(*icmp_typep & ICMPV6_INFOMSG_MASK))
376 static void ipv6_build_icmp(struct sk_buff *skb, struct sk_buff *nskb,
377 unsigned int mtu, unsigned int payload_length)
379 struct ipv6hdr *ipv6h, *old_ipv6h = ipv6_hdr(skb);
380 struct icmp6hdr *icmp6h;
383 ipv6h = (struct ipv6hdr *)skb_put(nskb, sizeof(struct ipv6hdr));
384 icmp6h = (struct icmp6hdr *)skb_put(nskb, sizeof(struct icmp6hdr));
385 payload = skb_put(nskb, payload_length);
390 memset(&ipv6h->flow_lbl, 0, sizeof(ipv6h->flow_lbl));
391 ipv6h->payload_len = htons(sizeof(struct icmp6hdr)
393 ipv6h->nexthdr = NEXTHDR_ICMP;
394 ipv6h->hop_limit = IPV6_DEFAULT_HOPLIMIT;
395 ipv6_addr_copy(&ipv6h->daddr, &old_ipv6h->saddr);
396 ipv6_addr_copy(&ipv6h->saddr, &old_ipv6h->daddr);
399 icmp6h->icmp6_type = ICMPV6_PKT_TOOBIG;
400 icmp6h->icmp6_code = 0;
401 icmp6h->icmp6_cksum = 0;
402 icmp6h->icmp6_mtu = htonl(mtu);
404 nskb->csum = csum_partial((u8 *)icmp6h, sizeof(struct icmp6hdr), 0);
405 nskb->csum = skb_copy_and_csum_bits(skb, (u8 *)old_ipv6h - skb->data,
406 payload, payload_length,
408 icmp6h->icmp6_cksum = csum_ipv6_magic(&ipv6h->saddr, &ipv6h->daddr,
409 sizeof(struct icmp6hdr)
411 ipv6h->nexthdr, nskb->csum);
415 bool tnl_frag_needed(struct vport *vport, const struct tnl_mutable_config *mutable,
416 struct sk_buff *skb, unsigned int mtu, __be32 flow_key)
418 unsigned int eth_hdr_len = ETH_HLEN;
419 unsigned int total_length = 0, header_length = 0, payload_length;
420 struct ethhdr *eh, *old_eh = eth_hdr(skb);
421 struct sk_buff *nskb;
424 if (skb->protocol == htons(ETH_P_IP)) {
425 if (mtu < IP_MIN_MTU)
428 if (!ipv4_should_icmp(skb))
431 #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
432 else if (skb->protocol == htons(ETH_P_IPV6)) {
433 if (mtu < IPV6_MIN_MTU)
437 * In theory we should do PMTUD on IPv6 multicast messages but
438 * we don't have an address to send from so just fragment.
440 if (ipv6_addr_type(&ipv6_hdr(skb)->daddr) & IPV6_ADDR_MULTICAST)
443 if (!ipv6_should_icmp(skb))
451 if (old_eh->h_proto == htons(ETH_P_8021Q))
452 eth_hdr_len = VLAN_ETH_HLEN;
454 payload_length = skb->len - eth_hdr_len;
455 if (skb->protocol == htons(ETH_P_IP)) {
456 header_length = sizeof(struct iphdr) + sizeof(struct icmphdr);
457 total_length = min_t(unsigned int, header_length +
458 payload_length, 576);
460 #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
462 header_length = sizeof(struct ipv6hdr) +
463 sizeof(struct icmp6hdr);
464 total_length = min_t(unsigned int, header_length +
465 payload_length, IPV6_MIN_MTU);
469 total_length = min(total_length, mutable->mtu);
470 payload_length = total_length - header_length;
472 nskb = dev_alloc_skb(NET_IP_ALIGN + eth_hdr_len + header_length +
477 skb_reserve(nskb, NET_IP_ALIGN);
479 /* Ethernet / VLAN */
480 eh = (struct ethhdr *)skb_put(nskb, eth_hdr_len);
481 memcpy(eh->h_dest, old_eh->h_source, ETH_ALEN);
482 memcpy(eh->h_source, mutable->eth_addr, ETH_ALEN);
483 nskb->protocol = eh->h_proto = old_eh->h_proto;
484 if (old_eh->h_proto == htons(ETH_P_8021Q)) {
485 struct vlan_ethhdr *vh = (struct vlan_ethhdr *)eh;
487 vh->h_vlan_TCI = vlan_eth_hdr(skb)->h_vlan_TCI;
488 vh->h_vlan_encapsulated_proto = skb->protocol;
490 skb_reset_mac_header(nskb);
493 if (skb->protocol == htons(ETH_P_IP))
494 ipv4_build_icmp(skb, nskb, mtu, payload_length);
495 #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
497 ipv6_build_icmp(skb, nskb, mtu, payload_length);
501 * Assume that flow based keys are symmetric with respect to input
502 * and output and use the key that we were going to put on the
503 * outgoing packet for the fake received packet. If the keys are
504 * not symmetric then PMTUD needs to be disabled since we won't have
505 * any way of synthesizing packets.
507 if ((mutable->port_config.flags & (TNL_F_IN_KEY_MATCH | TNL_F_OUT_KEY_ACTION)) ==
508 (TNL_F_IN_KEY_MATCH | TNL_F_OUT_KEY_ACTION))
509 OVS_CB(nskb)->tun_id = flow_key;
511 compute_ip_summed(nskb, false);
512 vport_receive(vport, nskb);
517 static struct sk_buff *check_headroom(struct sk_buff *skb, int headroom)
519 if (skb_headroom(skb) < headroom || skb_header_cloned(skb)) {
520 struct sk_buff *nskb = skb_realloc_headroom(skb, headroom + 16);
521 if (unlikely(!nskb)) {
523 return ERR_PTR(-ENOMEM);
526 set_skb_csum_bits(skb, nskb);
529 skb_set_owner_w(nskb, skb->sk);
538 static inline u8 ecn_encapsulate(u8 tos, struct sk_buff *skb)
542 if (skb->protocol == htons(ETH_P_IP))
543 inner = ((struct iphdr *)skb_network_header(skb))->tos;
544 #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
545 else if (skb->protocol == htons(ETH_P_IPV6))
546 inner = ipv6_get_dsfield((struct ipv6hdr *)skb_network_header(skb));
551 return INET_ECN_encapsulate(tos, inner);
554 static inline void ecn_decapsulate(struct sk_buff *skb)
556 u8 tos = ip_hdr(skb)->tos;
558 if (INET_ECN_is_ce(tos)) {
559 __be16 protocol = skb->protocol;
560 unsigned int nw_header = skb_network_header(skb) - skb->data;
562 if (skb->protocol == htons(ETH_P_8021Q)) {
563 if (unlikely(!pskb_may_pull(skb, VLAN_ETH_HLEN)))
566 protocol = vlan_eth_hdr(skb)->h_vlan_encapsulated_proto;
567 nw_header += VLAN_HLEN;
570 if (protocol == htons(ETH_P_IP)) {
571 if (unlikely(!pskb_may_pull(skb, nw_header
572 + sizeof(struct iphdr))))
575 IP_ECN_set_ce((struct iphdr *)(nw_header + skb->data));
577 #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
578 else if (protocol == htons(ETH_P_IPV6)) {
579 if (unlikely(!pskb_may_pull(skb, nw_header
580 + sizeof(struct ipv6hdr))))
583 IP6_ECN_set_ce((struct ipv6hdr *)(nw_header
590 static struct sk_buff *handle_gso(struct sk_buff *skb)
592 if (skb_is_gso(skb)) {
593 struct sk_buff *nskb = skb_gso_segment(skb, 0);
602 static int handle_csum_offload(struct sk_buff *skb)
604 if (skb->ip_summed == CHECKSUM_PARTIAL)
605 return skb_checksum_help(skb);
607 skb->ip_summed = CHECKSUM_NONE;
612 /* Called with rcu_read_lock. */
613 void tnl_rcv(struct vport *vport, struct sk_buff *skb)
615 skb->pkt_type = PACKET_HOST;
616 skb->protocol = eth_type_trans(skb, skb->dev);
621 skb_reset_network_header(skb);
623 ecn_decapsulate(skb);
625 skb_push(skb, ETH_HLEN);
626 compute_ip_summed(skb, false);
628 vport_receive(vport, skb);
631 static int build_packet(struct vport *vport, const struct tnl_mutable_config *mutable,
632 struct iphdr *iph, struct rtable *rt, int max_headroom,
633 int mtu, struct sk_buff *skb)
635 struct tnl_vport *tnl_vport = tnl_vport_priv(vport);
637 struct iphdr *new_iph;
638 int orig_len = skb->len;
639 __be16 frag_off = iph->frag_off;
641 skb = check_headroom(skb, max_headroom);
642 if (unlikely(IS_ERR(skb)))
645 err = handle_csum_offload(skb);
649 if (skb->protocol == htons(ETH_P_IP)) {
650 struct iphdr *old_iph = ip_hdr(skb);
652 if ((old_iph->frag_off & htons(IP_DF)) &&
653 mtu < ntohs(old_iph->tot_len)) {
654 if (tnl_frag_needed(vport, mutable, skb, mtu, OVS_CB(skb)->tun_id))
659 #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
660 else if (skb->protocol == htons(ETH_P_IPV6)) {
661 unsigned int packet_length = skb->len - ETH_HLEN
662 - (eth_hdr(skb)->h_proto == htons(ETH_P_8021Q) ? VLAN_HLEN : 0);
664 /* IPv6 requires PMTUD if the packet is above the minimum MTU. */
665 if (packet_length > IPV6_MIN_MTU)
666 frag_off = htons(IP_DF);
668 if (mtu < packet_length) {
669 if (tnl_frag_needed(vport, mutable, skb, mtu, OVS_CB(skb)->tun_id))
675 new_iph = (struct iphdr *)skb_push(skb, mutable->tunnel_hlen);
676 skb_reset_network_header(skb);
677 skb_set_transport_header(skb, sizeof(struct iphdr));
679 memcpy(new_iph, iph, sizeof(struct iphdr));
680 new_iph->frag_off = frag_off;
681 ip_select_ident(new_iph, &rt_dst(rt), NULL);
683 memset(&IPCB(skb)->opt, 0, sizeof(IPCB(skb)->opt));
684 IPCB(skb)->flags = 0;
686 skb = tnl_vport->tnl_ops->build_header(skb, vport, mutable, &rt_dst(rt));
691 struct sk_buff *next = skb->next;
692 int frag_len = skb->len - mutable->tunnel_hlen;
696 err = ip_local_out(skb);
697 if (unlikely(net_xmit_eval(err) != 0)) {
698 orig_len -= frag_len;
714 * There's no point in continuing to send fragments once one has been
715 * dropped so just free the rest. This may help improve the congestion
716 * that caused the first packet to be dropped.
719 struct sk_buff *next = skb->next;
720 orig_len -= skb->len - mutable->tunnel_hlen;
727 int tnl_send(struct vport *vport, struct sk_buff *skb)
729 struct tnl_vport *tnl_vport = tnl_vport_priv(vport);
730 const struct tnl_mutable_config *mutable = rcu_dereference(tnl_vport->mutable);
732 struct iphdr *old_iph;
739 /* Validate the protocol headers before we try to use them. */
740 if (skb->protocol == htons(ETH_P_8021Q)) {
741 if (unlikely(!pskb_may_pull(skb, VLAN_ETH_HLEN)))
744 skb->protocol = vlan_eth_hdr(skb)->h_vlan_encapsulated_proto;
745 skb_set_network_header(skb, VLAN_ETH_HLEN);
748 if (skb->protocol == htons(ETH_P_IP)) {
749 if (unlikely(!pskb_may_pull(skb, skb_network_header(skb)
750 + sizeof(struct iphdr) - skb->data)))
753 #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
754 else if (skb->protocol == htons(ETH_P_IPV6)) {
755 if (unlikely(!pskb_may_pull(skb, skb_network_header(skb)
756 + sizeof(struct ipv6hdr) - skb->data)))
760 old_iph = ip_hdr(skb);
762 iph.tos = mutable->port_config.tos;
763 if (mutable->port_config.flags & TNL_F_TOS_INHERIT) {
764 if (skb->protocol == htons(ETH_P_IP))
765 iph.tos = old_iph->tos;
766 #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
767 else if (skb->protocol == htons(ETH_P_IPV6))
768 iph.tos = ipv6_get_dsfield(ipv6_hdr(skb));
771 iph.tos = ecn_encapsulate(iph.tos, skb);
774 struct flowi fl = { .nl_u = { .ip4_u =
775 { .daddr = mutable->port_config.daddr,
776 .saddr = mutable->port_config.saddr,
777 .tos = RT_TOS(iph.tos) } },
778 .proto = tnl_vport->tnl_ops->ipproto };
780 if (unlikely(ip_route_output_key(&init_net, &rt, &fl)))
784 iph.ttl = mutable->port_config.ttl;
785 if (mutable->port_config.flags & TNL_F_TTL_INHERIT) {
786 if (skb->protocol == htons(ETH_P_IP))
787 iph.ttl = old_iph->ttl;
788 #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
789 else if (skb->protocol == htons(ETH_P_IPV6))
790 iph.ttl = ipv6_hdr(skb)->hop_limit;
794 iph.ttl = dst_metric(&rt_dst(rt), RTAX_HOPLIMIT);
796 iph.frag_off = (mutable->port_config.flags & TNL_F_PMTUD) ? htons(IP_DF) : 0;
798 mtu = dst_mtu(&rt_dst(rt))
800 - mutable->tunnel_hlen
801 - (eth_hdr(skb)->h_proto == htons(ETH_P_8021Q) ? VLAN_HLEN : 0);
805 if (skb->protocol == htons(ETH_P_IP)) {
806 iph.frag_off |= old_iph->frag_off & htons(IP_DF);
807 mtu = max(mtu, IP_MIN_MTU);
809 #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
810 else if (skb->protocol == htons(ETH_P_IPV6))
811 mtu = max(mtu, IPV6_MIN_MTU);
815 iph.ihl = sizeof(struct iphdr) >> 2;
816 iph.protocol = tnl_vport->tnl_ops->ipproto;
817 iph.daddr = rt->rt_dst;
818 iph.saddr = rt->rt_src;
823 skb_dst_set(skb, &rt_dst(rt));
826 * If we are doing GSO on a pskb it is better to make sure that the
827 * headroom is correct now. We will only have to copy the portion in
828 * the linear data area and GSO will preserve headroom when it creates
829 * the segments. This is particularly beneficial on Xen where we get
830 * lots of GSO pskbs. Conversely, we delay copying if it is just to
831 * get our own writable clone because GSO may do the copy for us.
833 max_headroom = LL_RESERVED_SPACE(rt_dst(rt).dev) + rt_dst(rt).header_len
834 + mutable->tunnel_hlen;
836 if (skb_headroom(skb) < max_headroom) {
837 skb = check_headroom(skb, max_headroom);
838 if (unlikely(IS_ERR(skb))) {
839 vport_record_error(vport, VPORT_E_TX_DROPPED);
844 forward_ip_summed(skb);
846 if (unlikely(vswitch_skb_checksum_setup(skb)))
849 skb = handle_gso(skb);
850 if (unlikely(IS_ERR(skb))) {
851 vport_record_error(vport, VPORT_E_TX_DROPPED);
856 * Process GSO segments. Try to do any work for the entire packet that
857 * doesn't involve actually writing to it before this point.
861 struct sk_buff *next_skb = skb->next;
864 orig_len += build_packet(vport, mutable, &iph, rt, max_headroom, mtu, skb);
869 if (unlikely(orig_len == 0))
870 vport_record_error(vport, VPORT_E_TX_DROPPED);
876 vport_record_error(vport, VPORT_E_TX_ERROR);
888 tbl_destroy(port_table, NULL);
892 static int set_config(const void __user *uconfig, const struct tnl_ops *tnl_ops,
893 const struct vport *cur_vport,
894 struct tnl_mutable_config *mutable)
896 const struct vport *old_vport;
897 const struct tnl_mutable_config *old_mutable;
899 if (copy_from_user(&mutable->port_config, uconfig, sizeof(struct tnl_port_config)))
902 mutable->tunnel_hlen = tnl_ops->hdr_len(&mutable->port_config);
903 if (mutable->tunnel_hlen < 0)
904 return mutable->tunnel_hlen;
906 mutable->tunnel_hlen += sizeof(struct iphdr);
908 if (mutable->port_config.daddr == 0)
911 mutable->tunnel_type = tnl_ops->tunnel_type;
912 if (mutable->port_config.flags & TNL_F_IN_KEY_MATCH) {
913 mutable->tunnel_type |= TNL_T_KEY_MATCH;
914 mutable->port_config.in_key = 0;
916 mutable->tunnel_type |= TNL_T_KEY_EXACT;
918 old_vport = tnl_find_port(mutable->port_config.saddr,
919 mutable->port_config.daddr,
920 mutable->port_config.in_key,
921 mutable->tunnel_type,
924 if (old_vport && old_vport != cur_vport)
927 if (mutable->port_config.flags & TNL_F_OUT_KEY_ACTION)
928 mutable->port_config.out_key = 0;
933 struct vport *tnl_create(const char *name, const void __user *config,
934 const struct vport_ops *vport_ops,
935 const struct tnl_ops *tnl_ops)
938 struct tnl_vport *tnl_vport;
942 vport = vport_alloc(sizeof(struct tnl_vport), vport_ops);
944 err = PTR_ERR(vport);
948 tnl_vport = tnl_vport_priv(vport);
950 strcpy(tnl_vport->name, name);
951 tnl_vport->tnl_ops = tnl_ops;
953 tnl_vport->mutable = kmalloc(sizeof(struct tnl_mutable_config), GFP_KERNEL);
954 if (!tnl_vport->mutable) {
956 goto error_free_vport;
959 vport_gen_rand_ether_addr(tnl_vport->mutable->eth_addr);
960 tnl_vport->mutable->mtu = ETH_DATA_LEN;
962 get_random_bytes(&initial_frag_id, sizeof(int));
963 atomic_set(&tnl_vport->frag_id, initial_frag_id);
965 err = set_config(config, tnl_ops, NULL, tnl_vport->mutable);
967 goto error_free_mutable;
969 err = add_port(vport);
971 goto error_free_mutable;
976 kfree(tnl_vport->mutable);
983 int tnl_modify(struct vport *vport, const void __user *config)
985 struct tnl_vport *tnl_vport = tnl_vport_priv(vport);
986 struct tnl_mutable_config *mutable;
988 bool update_hash = false;
990 mutable = kmemdup(tnl_vport->mutable, sizeof(struct tnl_mutable_config), GFP_KERNEL);
996 err = set_config(config, tnl_vport->tnl_ops, vport, mutable);
1001 * Only remove the port from the hash table if something that would
1002 * affect the lookup has changed.
1004 if (tnl_vport->mutable->port_config.saddr != mutable->port_config.saddr ||
1005 tnl_vport->mutable->port_config.daddr != mutable->port_config.daddr ||
1006 tnl_vport->mutable->port_config.in_key != mutable->port_config.in_key ||
1007 (tnl_vport->mutable->port_config.flags & TNL_F_IN_KEY_MATCH) !=
1008 (mutable->port_config.flags & TNL_F_IN_KEY_MATCH))
1013 * This update is not atomic but the lookup uses the config, which
1014 * serves as an inherent double check.
1017 err = del_port(vport);
1022 assign_config_rcu(vport, mutable);
1025 err = add_port(vport);
1038 static void free_port(struct rcu_head *rcu)
1040 struct tnl_vport *tnl_vport = container_of(rcu, struct tnl_vport, rcu);
1042 kfree(tnl_vport->mutable);
1043 vport_free(tnl_vport_to_vport(tnl_vport));
1046 int tnl_destroy(struct vport *vport)
1048 struct tnl_vport *tnl_vport = tnl_vport_priv(vport);
1049 const struct tnl_mutable_config *old_mutable;
1051 if (vport == tnl_find_port(tnl_vport->mutable->port_config.saddr,
1052 tnl_vport->mutable->port_config.daddr,
1053 tnl_vport->mutable->port_config.in_key,
1054 tnl_vport->mutable->tunnel_type,
1058 call_rcu(&tnl_vport->rcu, free_port);
1063 int tnl_set_mtu(struct vport *vport, int mtu)
1065 struct tnl_vport *tnl_vport = tnl_vport_priv(vport);
1066 struct tnl_mutable_config *mutable;
1068 mutable = kmemdup(tnl_vport->mutable, sizeof(struct tnl_mutable_config), GFP_KERNEL);
1073 assign_config_rcu(vport, mutable);
1078 int tnl_set_addr(struct vport *vport, const unsigned char *addr)
1080 struct tnl_vport *tnl_vport = tnl_vport_priv(vport);
1081 struct tnl_mutable_config *mutable;
1083 mutable = kmemdup(tnl_vport->mutable, sizeof(struct tnl_mutable_config), GFP_KERNEL);
1087 memcpy(mutable->eth_addr, addr, ETH_ALEN);
1088 assign_config_rcu(vport, mutable);
1094 const char *tnl_get_name(const struct vport *vport)
1096 const struct tnl_vport *tnl_vport = tnl_vport_priv(vport);
1097 return tnl_vport->name;
1100 const unsigned char *tnl_get_addr(const struct vport *vport)
1102 const struct tnl_vport *tnl_vport = tnl_vport_priv(vport);
1103 return rcu_dereference(tnl_vport->mutable)->eth_addr;
1106 int tnl_get_mtu(const struct vport *vport)
1108 const struct tnl_vport *tnl_vport = tnl_vport_priv(vport);
1109 return rcu_dereference(tnl_vport->mutable)->mtu;