*
*/
+#include <linux/config.h>
#include <linux/module.h>
#include <linux/capability.h>
#include <linux/errno.h>
#include <net/ip.h>
#include <net/ipv6.h>
+#include <net/protocol.h>
#include <net/ip6_route.h>
#include <net/addrconf.h>
#include <net/ip6_tunnel.h>
* to the specifications in RFC 2473.
**/
-static int
+static void
ip6ip6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
int type, int code, int offset, __u32 info)
{
int rel_code = ICMPV6_ADDR_UNREACH;
__u32 rel_info = 0;
__u16 len;
- int err = -ENOENT;
/* If the packet doesn't contain the original IPv6 header we are
in trouble since we might need the source address for further
if ((t = ip6ip6_tnl_lookup(&ipv6h->daddr, &ipv6h->saddr)) == NULL)
goto out;
- err = 0;
-
switch (type) {
__u32 teli;
struct ipv6_tlv_tnl_enc_lim *tel;
}
out:
read_unlock(&ip6ip6_lock);
- return err;
}
static inline void ip6ip6_ecn_decapsulate(struct ipv6hdr *outer_iph,
**/
static int
-ip6ip6_rcv(struct sk_buff *skb)
+ip6ip6_rcv(struct sk_buff **pskb)
{
+ struct sk_buff *skb = *pskb;
struct ipv6hdr *ipv6h;
struct ip6_tnl *t;
+ if (!pskb_may_pull(skb, sizeof (*ipv6h)))
+ goto discard;
+
ipv6h = skb->nh.ipv6h;
read_lock(&ip6ip6_lock);
if ((t = ip6ip6_tnl_lookup(&ipv6h->saddr, &ipv6h->daddr)) != NULL) {
if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) {
read_unlock(&ip6ip6_lock);
- goto discard;
+ kfree_skb(skb);
+ return 0;
}
if (!(t->parms.flags & IP6_TNL_F_CAP_RCV)) {
return 0;
}
read_unlock(&ip6ip6_lock);
- return 1;
-
+ icmpv6_send(skb, ICMPV6_DEST_UNREACH, ICMPV6_ADDR_UNREACH, 0, skb->dev);
discard:
- kfree_skb(skb);
- return 0;
+ return 1;
}
static inline struct ipv6_txoptions *create_tel(__u8 encap_limit)
int opt_len = sizeof(*opt) + 8;
- if (!(opt = kzalloc(opt_len, GFP_ATOMIC))) {
+ if (!(opt = kmalloc(opt_len, GFP_ATOMIC))) {
return NULL;
}
+ memset(opt, 0, opt_len);
opt->tot_len = opt_len;
opt->dst0opt = (struct ipv6_opt_hdr *) (opt + 1);
opt->opt_nflen = 8;
return 0;
}
+#ifdef CONFIG_INET6_TUNNEL
static struct xfrm6_tunnel ip6ip6_handler = {
.handler = ip6ip6_rcv,
.err_handler = ip6ip6_err,
- .priority = 1,
};
+static inline int ip6ip6_register(void)
+{
+ return xfrm6_tunnel_register(&ip6ip6_handler);
+}
+
+static inline int ip6ip6_unregister(void)
+{
+ return xfrm6_tunnel_deregister(&ip6ip6_handler);
+}
+#else
+static struct inet6_protocol xfrm6_tunnel_protocol = {
+ .handler = ip6ip6_rcv,
+ .err_handler = ip6ip6_err,
+ .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL,
+};
+
+static inline int ip6ip6_register(void)
+{
+ return inet6_add_protocol(&xfrm6_tunnel_protocol, IPPROTO_IPV6);
+}
+
+static inline int ip6ip6_unregister(void)
+{
+ return inet6_del_protocol(&xfrm6_tunnel_protocol, IPPROTO_IPV6);
+}
+#endif
+
/**
* ip6_tunnel_init - register protocol and reserve needed resources
*
{
int err;
- if (xfrm6_tunnel_register(&ip6ip6_handler)) {
+ if (ip6ip6_register() < 0) {
printk(KERN_ERR "ip6ip6 init: can't register tunnel\n");
return -EAGAIN;
}
}
return 0;
fail:
- xfrm6_tunnel_deregister(&ip6ip6_handler);
+ ip6ip6_unregister();
return err;
}
static void __exit ip6_tunnel_cleanup(void)
{
- if (xfrm6_tunnel_deregister(&ip6ip6_handler))
+ if (ip6ip6_unregister() < 0)
printk(KERN_INFO "ip6ip6 close: can't deregister tunnel\n");
unregister_netdev(ip6ip6_fb_tnl_dev);