#include <net/icmp.h>
#include <net/ip.h>
+#include <net/route.h>
#include <net/udp.h>
+#include <net/xfrm.h>
#include "datapath.h"
-#include "tunnel.h"
#include "vport.h"
-
/*
* LISP encapsulation header:
*
#define LISP_HLEN (sizeof(struct udphdr) + sizeof(struct lisphdr))
-static inline int lisp_hdr_len(const struct ovs_key_ipv4_tunnel *tun_key)
-{
- return LISP_HLEN;
-}
-
/**
* struct lisp_port - Keeps track of open UDP ports
- * @list: list element.
- * @vport: vport for the tunnel.
- * @socket: The socket created for this port number.
+ * @dst_port: lisp UDP port no.
+ * @list: list element in @lisp_ports.
+ * @lisp_rcv_socket: The socket created for this port number.
+ * @name: vport name.
*/
struct lisp_port {
+ __be16 dst_port;
struct list_head list;
- struct vport *vport;
struct socket *lisp_rcv_socket;
- struct rcu_head rcu;
+ char name[IFNAMSIZ];
};
static LIST_HEAD(lisp_ports);
+static inline struct lisp_port *lisp_vport(const struct vport *vport)
+{
+ return vport_priv(vport);
+}
+
static struct lisp_port *lisp_find_port(struct net *net, __be16 port)
{
struct lisp_port *lisp_port;
list_for_each_entry_rcu(lisp_port, &lisp_ports, list) {
- struct tnl_vport *tnl_vport = tnl_vport_priv(lisp_port->vport);
-
- if (tnl_vport->dst_port == port &&
+ if (lisp_port->dst_port == port &&
net_eq(sock_net(lisp_port->lisp_rcv_socket->sk), net))
return lisp_port;
}
return (struct lisphdr *)(udp_hdr(skb) + 1);
}
-static int lisp_tnl_send(struct vport *vport, struct sk_buff *skb)
-{
- int tnl_len;
- int network_offset = skb_network_offset(skb);
-
- /* We only encapsulate IPv4 and IPv6 packets */
- switch (skb->protocol) {
- case htons(ETH_P_IP):
- case htons(ETH_P_IPV6):
- /* Pop off "inner" Ethernet header */
- skb_pull(skb, network_offset);
- tnl_len = ovs_tnl_send(vport, skb);
- return tnl_len > 0 ? tnl_len + network_offset : tnl_len;
- default:
- kfree_skb(skb);
- return 0;
- }
-}
-
/* Convert 64 bit tunnel ID to 24 bit Instance ID. */
static void tunnel_id_to_instance_id(__be64 tun_id, __u8 *iid)
{
#endif
}
+/* Compute source UDP port for outgoing packet.
+ * Currently we use the flow hash.
+ */
+static u16 ovs_tnl_get_src_port(struct sk_buff *skb)
+{
+ int low;
+ int high;
+ unsigned int range;
+ struct sw_flow_key *pkt_key = OVS_CB(skb)->pkt_key;
+ u32 hash = jhash2((const u32 *)pkt_key,
+ sizeof(*pkt_key) / sizeof(u32), 0);
+
+ inet_get_local_port_range(&low, &high);
+ range = (high - low) + 1;
+ return (((u64) hash * range) >> 32) + low;
+}
+
static void lisp_build_header(const struct vport *vport,
struct sk_buff *skb,
int tunnel_hlen)
{
- struct tnl_vport *tnl_vport = tnl_vport_priv(vport);
+ struct lisp_port *lisp_port = lisp_vport(vport);
struct udphdr *udph = udp_hdr(skb);
struct lisphdr *lisph = (struct lisphdr *)(udph + 1);
const struct ovs_key_ipv4_tunnel *tun_key = OVS_CB(skb)->tun_key;
- udph->dest = tnl_vport->dst_port;
+ udph->dest = lisp_port->dst_port;
udph->source = htons(ovs_tnl_get_src_port(skb));
udph->check = 0;
udph->len = htons(skb->len - skb_transport_offset(skb));
lisph->u2.word2.locator_status_bits = 1;
}
+/**
+ * ovs_tnl_rcv - ingress point for generic tunnel code
+ *
+ * @vport: port this packet was received on
+ * @skb: received packet
+ * @tos: ToS from encapsulating IP packet, used to copy ECN bits
+ *
+ * Must be called with rcu_read_lock.
+ *
+ * Packets received by this function are in the following state:
+ * - skb->data points to the inner Ethernet header.
+ * - The inner Ethernet header is in the linear data area.
+ * - skb->csum does not include the inner Ethernet header.
+ * - The layer pointers are undefined.
+ */
+static void ovs_tnl_rcv(struct vport *vport, struct sk_buff *skb,
+ struct ovs_key_ipv4_tunnel *tun_key)
+{
+ struct ethhdr *eh;
+
+ skb_reset_mac_header(skb);
+ eh = eth_hdr(skb);
+
+ if (likely(ntohs(eh->h_proto) >= ETH_P_802_3_MIN))
+ skb->protocol = eh->h_proto;
+ else
+ skb->protocol = htons(ETH_P_802_2);
+
+ skb_dst_drop(skb);
+ nf_reset(skb);
+ skb_clear_rxhash(skb);
+ secpath_reset(skb);
+ vlan_set_tci(skb, 0);
+
+ if (unlikely(compute_ip_summed(skb, false))) {
+ kfree_skb(skb);
+ return;
+ }
+
+ ovs_vport_receive(vport, skb, tun_key);
+}
+
/* Called with rcu_read_lock and BH disabled. */
static int lisp_rcv(struct sock *sk, struct sk_buff *skb)
{
/* Save outer tunnel values */
iph = ip_hdr(skb);
- tnl_tun_key_init(&tun_key, iph, key, OVS_TNL_F_KEY);
- OVS_CB(skb)->tun_key = &tun_key;
+ ovs_flow_tun_key_init(&tun_key, iph, key, TUNNEL_KEY);
/* Drop non-IP inner packets */
inner_iph = (struct iphdr *)(lisph + 1);
ethh->h_source[0] = 0x02;
ethh->h_proto = protocol;
- ovs_tnl_rcv(lisp_port->vport, skb);
+ ovs_skb_postpush_rcsum(skb, skb->data, ETH_HLEN);
+
+ ovs_tnl_rcv(vport_from_priv(lisp_port), skb, &tun_key);
goto out;
error:
#define UDP_ENCAP_LISP 1
static int lisp_socket_init(struct lisp_port *lisp_port, struct net *net)
{
- int err;
struct sockaddr_in sin;
- struct tnl_vport *tnl_vport = tnl_vport_priv(lisp_port->vport);
+ int err;
err = sock_create_kern(AF_INET, SOCK_DGRAM, 0,
&lisp_port->lisp_rcv_socket);
sin.sin_family = AF_INET;
sin.sin_addr.s_addr = htonl(INADDR_ANY);
- sin.sin_port = tnl_vport->dst_port;
+ sin.sin_port = lisp_port->dst_port;
err = kernel_bind(lisp_port->lisp_rcv_socket, (struct sockaddr *)&sin,
sizeof(struct sockaddr_in));
return err;
}
-
-static void free_port_rcu(struct rcu_head *rcu)
+static int lisp_get_options(const struct vport *vport, struct sk_buff *skb)
{
- struct lisp_port *lisp_port = container_of(rcu,
- struct lisp_port, rcu);
+ struct lisp_port *lisp_port = lisp_vport(vport);
- kfree(lisp_port);
+ if (nla_put_u16(skb, OVS_TUNNEL_ATTR_DST_PORT, ntohs(lisp_port->dst_port)))
+ return -EMSGSIZE;
+ return 0;
}
-static void lisp_tunnel_release(struct lisp_port *lisp_port)
+static void lisp_tnl_destroy(struct vport *vport)
{
- if (!lisp_port)
- return;
+ struct lisp_port *lisp_port = lisp_vport(vport);
+
list_del_rcu(&lisp_port->list);
/* Release socket */
sk_release_kernel(lisp_port->lisp_rcv_socket->sk);
- call_rcu(&lisp_port->rcu, free_port_rcu);
+
+ ovs_vport_deferred_free(vport);
}
-static int lisp_tunnel_setup(struct net *net, struct vport *vport,
- struct nlattr *options)
+static struct vport *lisp_tnl_create(const struct vport_parms *parms)
{
- struct tnl_vport *tnl_vport = tnl_vport_priv(vport);
+ struct net *net = ovs_dp_get_net(parms->dp);
+ struct nlattr *options = parms->options;
struct lisp_port *lisp_port;
+ struct vport *vport;
struct nlattr *a;
int err;
u16 dst_port;
if (!options) {
err = -EINVAL;
- goto out;
+ goto error;
}
a = nla_find_nested(options, OVS_TUNNEL_ATTR_DST_PORT);
} else {
/* Require destination port from userspace. */
err = -EINVAL;
- goto out;
+ goto error;
}
/* Verify if we already have a socket created for this port */
- lisp_port = lisp_find_port(net, htons(dst_port));
- if (lisp_port) {
+ if (lisp_find_port(net, htons(dst_port))) {
err = -EEXIST;
- goto out;
+ goto error;
}
- /* Add a new socket for this port */
- lisp_port = kzalloc(sizeof(struct lisp_port), GFP_KERNEL);
- if (!lisp_port) {
- err = -ENOMEM;
- goto out;
- }
+ vport = ovs_vport_alloc(sizeof(struct lisp_port),
+ &ovs_lisp_vport_ops, parms);
+ if (IS_ERR(vport))
+ return vport;
- tnl_vport->dst_port = htons(dst_port);
- lisp_port->vport = vport;
- list_add_tail_rcu(&lisp_port->list, &lisp_ports);
+ lisp_port = lisp_vport(vport);
+ lisp_port->dst_port = htons(dst_port);
+ strncpy(lisp_port->name, parms->name, IFNAMSIZ);
err = lisp_socket_init(lisp_port, net);
if (err)
- goto error;
+ goto error_free;
- return 0;
+ list_add_tail_rcu(&lisp_port->list, &lisp_ports);
+ return vport;
+error_free:
+ ovs_vport_free(vport);
error:
- list_del_rcu(&lisp_port->list);
- kfree(lisp_port);
-out:
- return err;
+ return ERR_PTR(err);
}
-static int lisp_get_options(const struct vport *vport, struct sk_buff *skb)
+static bool need_linearize(const struct sk_buff *skb)
{
- const struct tnl_vport *tnl_vport = tnl_vport_priv(vport);
+ int i;
- if (nla_put_u16(skb, OVS_TUNNEL_ATTR_DST_PORT, ntohs(tnl_vport->dst_port)))
- return -EMSGSIZE;
- return 0;
-}
+ if (unlikely(skb_shinfo(skb)->frag_list))
+ return true;
-static const struct tnl_ops ovs_lisp_tnl_ops = {
- .ipproto = IPPROTO_UDP,
- .hdr_len = lisp_hdr_len,
- .build_header = lisp_build_header,
-};
+ /*
+ * Generally speaking we should linearize if there are paged frags.
+ * However, if all of the refcounts are 1 we know nobody else can
+ * change them from underneath us and we can skip the linearization.
+ */
+ for (i = 0; i < skb_shinfo(skb)->nr_frags; i++)
+ if (unlikely(page_count(skb_frag_page(&skb_shinfo(skb)->frags[i])) > 1))
+ return true;
-static void lisp_tnl_destroy(struct vport *vport)
+ return false;
+}
+
+static struct sk_buff *handle_offloads(struct sk_buff *skb)
{
- struct lisp_port *lisp_port;
- struct tnl_vport *tnl_vport = tnl_vport_priv(vport);
+ int err;
+
+ forward_ip_summed(skb, true);
+
+
+ if (skb_is_gso(skb)) {
+ struct sk_buff *nskb;
+ char cb[sizeof(skb->cb)];
+
+ memcpy(cb, skb->cb, sizeof(cb));
+
+ nskb = __skb_gso_segment(skb, 0, false);
+ if (IS_ERR(nskb)) {
+ err = PTR_ERR(nskb);
+ goto error;
+ }
+
+ consume_skb(skb);
+ skb = nskb;
+ while (nskb) {
+ memcpy(nskb->cb, cb, sizeof(cb));
+ nskb = nskb->next;
+ }
+ } else if (get_ip_summed(skb) == OVS_CSUM_PARTIAL) {
+ /* Pages aren't locked and could change at any time.
+ * If this happens after we compute the checksum, the
+ * checksum will be wrong. We linearize now to avoid
+ * this problem.
+ */
+ if (unlikely(need_linearize(skb))) {
+ err = __skb_linearize(skb);
+ if (unlikely(err))
+ goto error;
+ }
+
+ err = skb_checksum_help(skb);
+ if (unlikely(err))
+ goto error;
+ }
- lisp_port = lisp_find_port(ovs_dp_get_net(vport->dp),
- tnl_vport->dst_port);
+ set_ip_summed(skb, OVS_CSUM_NONE);
- lisp_tunnel_release(lisp_port);
- ovs_tnl_destroy(vport);
+ return skb;
+
+error:
+ return ERR_PTR(err);
}
-static struct vport *lisp_tnl_create(const struct vport_parms *parms)
+static int ovs_tnl_send(struct vport *vport, struct sk_buff *skb,
+ u8 ipproto, int tunnel_hlen,
+ void (*build_header)(const struct vport *,
+ struct sk_buff *,
+ int tunnel_hlen))
{
- struct vport *vport;
+ int min_headroom;
+ struct rtable *rt;
+ __be32 saddr;
+ int sent_len = 0;
int err;
+ struct sk_buff *nskb;
+
+ /* Route lookup */
+ saddr = OVS_CB(skb)->tun_key->ipv4_src;
+ rt = find_route(ovs_dp_get_net(vport->dp),
+ &saddr,
+ OVS_CB(skb)->tun_key->ipv4_dst,
+ ipproto,
+ OVS_CB(skb)->tun_key->ipv4_tos,
+ skb_get_mark(skb));
+ if (IS_ERR(rt)) {
+ err = PTR_ERR(rt);
+ goto error;
+ }
- vport = ovs_tnl_create(parms, &ovs_lisp_vport_ops, &ovs_lisp_tnl_ops);
- if (IS_ERR(vport))
- return vport;
+ tunnel_hlen += sizeof(struct iphdr);
- err = lisp_tunnel_setup(ovs_dp_get_net(parms->dp), vport,
- parms->options);
- if (err) {
- ovs_tnl_destroy(vport);
- return ERR_PTR(err);
+ min_headroom = LL_RESERVED_SPACE(rt_dst(rt).dev) + rt_dst(rt).header_len
+ + tunnel_hlen
+ + (vlan_tx_tag_present(skb) ? VLAN_HLEN : 0);
+
+ if (skb_headroom(skb) < min_headroom || skb_header_cloned(skb)) {
+ int head_delta = SKB_DATA_ALIGN(min_headroom -
+ skb_headroom(skb) +
+ 16);
+
+ err = pskb_expand_head(skb, max_t(int, head_delta, 0),
+ 0, GFP_ATOMIC);
+ if (unlikely(err))
+ goto err_free_rt;
}
- return vport;
+ /* Offloading */
+ nskb = handle_offloads(skb);
+ if (IS_ERR(nskb)) {
+ err = PTR_ERR(nskb);
+ goto err_free_rt;
+ }
+ skb = nskb;
+
+ /* Reset SKB */
+ nf_reset(skb);
+ secpath_reset(skb);
+ skb_dst_drop(skb);
+ skb_clear_rxhash(skb);
+
+ while (skb) {
+ struct sk_buff *next_skb = skb->next;
+ struct iphdr *iph;
+ int frag_len;
+
+ skb->next = NULL;
+
+ if (unlikely(vlan_deaccel_tag(skb)))
+ goto next;
+
+ frag_len = skb->len;
+ skb_push(skb, tunnel_hlen);
+ skb_reset_network_header(skb);
+ skb_set_transport_header(skb, sizeof(struct iphdr));
+
+ if (next_skb)
+ skb_dst_set(skb, dst_clone(&rt_dst(rt)));
+ else
+ skb_dst_set(skb, &rt_dst(rt));
+
+ /* Push Tunnel header. */
+ build_header(vport, skb, tunnel_hlen);
+
+ /* Push IP header. */
+ iph = ip_hdr(skb);
+ iph->version = 4;
+ iph->ihl = sizeof(struct iphdr) >> 2;
+ iph->protocol = ipproto;
+ iph->daddr = OVS_CB(skb)->tun_key->ipv4_dst;
+ iph->saddr = saddr;
+ iph->tos = OVS_CB(skb)->tun_key->ipv4_tos;
+ iph->ttl = OVS_CB(skb)->tun_key->ipv4_ttl;
+ iph->frag_off = OVS_CB(skb)->tun_key->tun_flags &
+ TUNNEL_DONT_FRAGMENT ? htons(IP_DF) : 0;
+ /*
+ * Allow our local IP stack to fragment the outer packet even
+ * if the DF bit is set as a last resort. We also need to
+ * force selection of an IP ID here with __ip_select_ident(),
+ * as ip_select_ident() assumes a proper ID is not needed when
+ * when the DF bit is set.
+ */
+ skb->local_df = 1;
+ __ip_select_ident(iph, skb_dst(skb), 0);
+
+ memset(IPCB(skb), 0, sizeof(*IPCB(skb)));
+
+ err = ip_local_out(skb);
+ if (unlikely(net_xmit_eval(err)))
+ goto next;
+
+ sent_len += frag_len;
+
+next:
+ skb = next_skb;
+ }
+
+ return sent_len;
+
+err_free_rt:
+ ip_rt_put(rt);
+error:
+ return err;
+}
+
+static int lisp_tnl_send(struct vport *vport, struct sk_buff *skb)
+{
+ int tnl_len;
+ int network_offset = skb_network_offset(skb);
+
+ if (unlikely(!OVS_CB(skb)->tun_key))
+ return -EINVAL;
+
+ /* We only encapsulate IPv4 and IPv6 packets */
+ switch (skb->protocol) {
+ case htons(ETH_P_IP):
+ case htons(ETH_P_IPV6):
+ /* Pop off "inner" Ethernet header */
+ skb_pull(skb, network_offset);
+ tnl_len = ovs_tnl_send(vport, skb, IPPROTO_UDP,
+ LISP_HLEN, lisp_build_header);
+ return tnl_len > 0 ? tnl_len + network_offset : tnl_len;
+ default:
+ kfree_skb(skb);
+ return 0;
+ }
+}
+
+static const char *lisp_get_name(const struct vport *vport)
+{
+ struct lisp_port *lisp_port = lisp_vport(vport);
+ return lisp_port->name;
}
const struct vport_ops ovs_lisp_vport_ops = {
.type = OVS_VPORT_TYPE_LISP,
- .flags = VPORT_F_TUN_ID,
.create = lisp_tnl_create,
.destroy = lisp_tnl_destroy,
- .get_name = ovs_tnl_get_name,
+ .get_name = lisp_get_name,
.get_options = lisp_get_options,
.send = lisp_tnl_send,
};