git://git.onelab.eu / linux-2.6.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
patch-2_6_7-vs1_9_1_12
[linux-2.6.git] / net / ipv4 / xfrm4_tunnel.c
1 /* xfrm4_tunnel.c: Generic IP tunnel transformer.
2  *
3  * Copyright (C) 2003 David S. Miller (davem@redhat.com)
4  */
5
6 #include <linux/skbuff.h>
7 #include <net/xfrm.h>
8 #include <net/ip.h>
9 #include <net/icmp.h>
10 #include <net/inet_ecn.h>
11
12 int xfrm4_tunnel_check_size(struct sk_buff *skb)
13 {
14         int mtu, ret = 0;
15         struct dst_entry *dst;
16         struct iphdr *iph = skb->nh.iph;
17
18         if (IPCB(skb)->flags & IPSKB_XFRM_TUNNEL_SIZE)
19                 goto out;
20
21         IPCB(skb)->flags |= IPSKB_XFRM_TUNNEL_SIZE;
22         
23         if (!(iph->frag_off & htons(IP_DF)))
24                 goto out;
25
26         dst = skb->dst;
27         mtu = dst_pmtu(dst) - dst->header_len - dst->trailer_len;
28         if (skb->len > mtu) {
29                 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED, htonl(mtu));
30                 ret = -EMSGSIZE;
31         }
32 out:
33         return ret;
34 }
35
36 static int ipip_output(struct sk_buff **pskb)
37 {
38         struct sk_buff *skb = *pskb;
39         struct dst_entry *dst = skb->dst;
40         struct xfrm_state *x = dst->xfrm;
41         struct iphdr *iph, *top_iph;
42         int tos, err;
43
44         if ((err = xfrm4_tunnel_check_size(skb)) != 0)
45                 goto error_nolock;
46                 
47         iph = skb->nh.iph;
48
49         spin_lock_bh(&x->lock);
50
51         tos = iph->tos;
52
53         top_iph = (struct iphdr *) skb_push(skb, x->props.header_len);
54         top_iph->ihl = 5;
55         top_iph->version = 4;
56         top_iph->tos = INET_ECN_encapsulate(tos, iph->tos);
57         top_iph->tot_len = htons(skb->len);
58         top_iph->frag_off = iph->frag_off & ~htons(IP_MF|IP_OFFSET);
59         if (!(iph->frag_off & htons(IP_DF)))
60                 __ip_select_ident(top_iph, dst, 0);
61         top_iph->ttl = iph->ttl;
62         top_iph->protocol = IPPROTO_IPIP;
63         top_iph->check = 0;
64         top_iph->saddr = x->props.saddr.a4;
65         top_iph->daddr = x->id.daddr.a4;
66         memset(&(IPCB(skb)->opt), 0, sizeof(struct ip_options));
67         ip_send_check(top_iph);
68
69         skb->nh.raw = skb->data;
70         x->curlft.bytes += skb->len;
71         x->curlft.packets++;
72
73         spin_unlock_bh(&x->lock);
74
75         if ((skb->dst = dst_pop(dst)) == NULL) {
76                 kfree_skb(skb);
77                 err = -EHOSTUNREACH;
78                 goto error_nolock;
79         }
80         return NET_XMIT_BYPASS;
81
82 error_nolock:
83         kfree_skb(skb);
84         return err;
85 }
86
87 static int ipip_xfrm_rcv(struct xfrm_state *x, struct xfrm_decap_state *decap, struct sk_buff *skb)
88 {
89         return 0;
90 }
91
92 static struct xfrm_tunnel *ipip_handler;
93 static DECLARE_MUTEX(xfrm4_tunnel_sem);
94
95 int xfrm4_tunnel_register(struct xfrm_tunnel *handler)
96 {
97         int ret;
98
99         down(&xfrm4_tunnel_sem);
100         ret = 0;
101         if (ipip_handler != NULL)
102                 ret = -EINVAL;
103         if (!ret)
104                 ipip_handler = handler;
105         up(&xfrm4_tunnel_sem);
106
107         return ret;
108 }
109
110 int xfrm4_tunnel_deregister(struct xfrm_tunnel *handler)
111 {
112         int ret;
113
114         down(&xfrm4_tunnel_sem);
115         ret = 0;
116         if (ipip_handler != handler)
117                 ret = -EINVAL;
118         if (!ret)
119                 ipip_handler = NULL;
120         up(&xfrm4_tunnel_sem);
121
122         synchronize_net();
123
124         return ret;
125 }
126
127 static int ipip_rcv(struct sk_buff *skb)
128 {
129         struct xfrm_tunnel *handler = ipip_handler;
130
131         /* Tunnel devices take precedence.  */
132         if (handler && handler->handler(skb) == 0)
133                 return 0;
134
135         return xfrm4_rcv_encap(skb, 0);
136 }
137
138 static void ipip_err(struct sk_buff *skb, u32 info)
139 {
140         struct xfrm_tunnel *handler = ipip_handler;
141         u32 arg = info;
142
143         if (handler)
144                 handler->err_handler(skb, &arg);
145 }
146
147 static int ipip_init_state(struct xfrm_state *x, void *args)
148 {
149         if (!x->props.mode)
150                 return -EINVAL;
151         x->props.header_len = sizeof(struct iphdr);
152
153         return 0;
154 }
155
156 static void ipip_destroy(struct xfrm_state *x)
157 {
158 }
159
160 static struct xfrm_type ipip_type = {
161         .description    = "IPIP",
162         .owner          = THIS_MODULE,
163         .proto          = IPPROTO_IPIP,
164         .init_state     = ipip_init_state,
165         .destructor     = ipip_destroy,
166         .input          = ipip_xfrm_rcv,
167         .output         = ipip_output
168 };
169
170 static struct inet_protocol ipip_protocol = {
171         .handler        =       ipip_rcv,
172         .err_handler    =       ipip_err,
173         .no_policy      =       1,
174 };
175
176 static int __init ipip_init(void)
177 {
178         if (xfrm_register_type(&ipip_type, AF_INET) < 0) {
179                 printk(KERN_INFO "ipip init: can't add xfrm type\n");
180                 return -EAGAIN;
181         }
182         if (inet_add_protocol(&ipip_protocol, IPPROTO_IPIP) < 0) {
183                 printk(KERN_INFO "ipip init: can't add protocol\n");
184                 xfrm_unregister_type(&ipip_type, AF_INET);
185                 return -EAGAIN;
186         }
187         return 0;
188 }
189
190 static void __exit ipip_fini(void)
191 {
192         if (inet_del_protocol(&ipip_protocol, IPPROTO_IPIP) < 0)
193                 printk(KERN_INFO "ipip close: can't remove protocol\n");
194         if (xfrm_unregister_type(&ipip_type, AF_INET) < 0)
195                 printk(KERN_INFO "ipip close: can't remove xfrm type\n");
196 }
197
198 module_init(ipip_init);
199 module_exit(ipip_fini);
200 MODULE_LICENSE("GPL");
linux-2.6