1 // SPDX-License-Identifier: GPL-2.0-or-later
3 * Linux NET3: GRE over IP protocol decoder.
5 * Authors: Alexey Kuznetsov (kuznet@ms2.inr.ac.ru)
8 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
10 #include <linux/capability.h>
11 #include <linux/module.h>
12 #include <linux/types.h>
13 #include <linux/kernel.h>
14 #include <linux/slab.h>
15 #include <linux/uaccess.h>
16 #include <linux/skbuff.h>
17 #include <linux/netdevice.h>
19 #include <linux/tcp.h>
20 #include <linux/udp.h>
21 #include <linux/if_arp.h>
22 #include <linux/if_vlan.h>
23 #include <linux/init.h>
24 #include <linux/in6.h>
25 #include <linux/inetdevice.h>
26 #include <linux/igmp.h>
27 #include <linux/netfilter_ipv4.h>
28 #include <linux/etherdevice.h>
29 #include <linux/if_ether.h>
34 #include <net/protocol.h>
35 #include <net/ip_tunnels.h>
37 #include <net/checksum.h>
38 #include <net/dsfield.h>
39 #include <net/inet_ecn.h>
41 #include <net/net_namespace.h>
42 #include <net/netns/generic.h>
43 #include <net/rtnetlink.h>
45 #include <net/dst_metadata.h>
46 #include <net/erspan.h>
52 1. The most important issue is detecting local dead loops.
53 They would cause complete host lockup in transmit, which
54 would be "resolved" by stack overflow or, if queueing is enabled,
55 with infinite looping in net_bh.
57 We cannot track such dead loops during route installation,
58 it is infeasible task. The most general solutions would be
59 to keep skb->encapsulation counter (sort of local ttl),
60 and silently drop packet when it expires. It is a good
61 solution, but it supposes maintaining new variable in ALL
62 skb, even if no tunneling is used.
64 Current solution: xmit_recursion breaks dead loops. This is a percpu
65 counter, since when we enter the first ndo_xmit(), cpu migration is
66 forbidden. We force an exit if this counter reaches RECURSION_LIMIT
68 2. Networking dead loops would not kill routers, but would really
69 kill network. IP hop limit plays role of "t->recursion" in this case,
70 if we copy it from packet being encapsulated to upper header.
71 It is very good solution, but it introduces two problems:
73 - Routing protocols, using packets with ttl=1 (OSPF, RIP2),
74 do not work over tunnels.
75 - traceroute does not work. I planned to relay ICMP from tunnel,
76 so that this problem would be solved and traceroute output
77 would even more informative. This idea appeared to be wrong:
78 only Linux complies to rfc1812 now (yes, guys, Linux is the only
79 true router now :-)), all routers (at least, in neighbourhood of mine)
80 return only 8 bytes of payload. It is the end.
82 Hence, if we want that OSPF worked or traceroute said something reasonable,
83 we should search for another solution.
85 One of them is to parse packet trying to detect inner encapsulation
86 made by our node. It is difficult or even impossible, especially,
87 taking into account fragmentation. TO be short, ttl is not solution at all.
89 Current solution: The solution was UNEXPECTEDLY SIMPLE.
90 We force DF flag on tunnels with preconfigured hop limit,
91 that is ALL. :-) Well, it does not remove the problem completely,
92 but exponential growth of network traffic is changed to linear
93 (branches, that exceed pmtu are pruned) and tunnel mtu
94 rapidly degrades to value <68, where looping stops.
95 Yes, it is not good if there exists a router in the loop,
96 which does not force DF, even when encapsulating packets have DF set.
97 But it is not our problem! Nobody could accuse us, we made
98 all that we could make. Even if it is your gated who injected
99 fatal route to network, even if it were you who configured
100 fatal static route: you are innocent. :-)
105 static bool log_ecn_error = true;
106 module_param(log_ecn_error, bool, 0644);
107 MODULE_PARM_DESC(log_ecn_error, "Log packets received with corrupted ECN");
109 static struct rtnl_link_ops ipgre_link_ops __read_mostly;
110 static const struct header_ops ipgre_header_ops;
112 static int ipgre_tunnel_init(struct net_device *dev);
113 static void erspan_build_header(struct sk_buff *skb,
115 bool truncate, bool is_ipv4);
117 static unsigned int ipgre_net_id __read_mostly;
118 static unsigned int gre_tap_net_id __read_mostly;
119 static unsigned int erspan_net_id __read_mostly;
121 static int ipgre_err(struct sk_buff *skb, u32 info,
122 const struct tnl_ptk_info *tpi)
125 /* All the routers (except for Linux) return only
126 8 bytes of packet payload. It means, that precise relaying of
127 ICMP in the real Internet is absolutely infeasible.
129 Moreover, Cisco "wise men" put GRE key to the third word
130 in GRE header. It makes impossible maintaining even soft
131 state for keyed GRE tunnels with enabled checksum. Tell
134 Well, I wonder, rfc1812 was written by Cisco employee,
135 what the hell these idiots break standards established
138 struct net *net = dev_net(skb->dev);
139 struct ip_tunnel_net *itn;
140 const struct iphdr *iph;
141 const int type = icmp_hdr(skb)->type;
142 const int code = icmp_hdr(skb)->code;
143 unsigned int data_len = 0;
146 if (tpi->proto == htons(ETH_P_TEB))
147 itn = net_generic(net, gre_tap_net_id);
148 else if (tpi->proto == htons(ETH_P_ERSPAN) ||
149 tpi->proto == htons(ETH_P_ERSPAN2))
150 itn = net_generic(net, erspan_net_id);
152 itn = net_generic(net, ipgre_net_id);
154 iph = (const struct iphdr *)(icmp_hdr(skb) + 1);
155 t = ip_tunnel_lookup(itn, skb->dev->ifindex, tpi->flags,
156 iph->daddr, iph->saddr, tpi->key);
163 case ICMP_PARAMETERPROB:
166 case ICMP_DEST_UNREACH:
169 case ICMP_PORT_UNREACH:
170 /* Impossible event. */
173 /* All others are translated to HOST_UNREACH.
174 rfc2003 contains "deep thoughts" about NET_UNREACH,
175 I believe they are just ether pollution. --ANK
181 case ICMP_TIME_EXCEEDED:
182 if (code != ICMP_EXC_TTL)
184 data_len = icmp_hdr(skb)->un.reserved[1] * 4; /* RFC 4884 4.1 */
191 #if IS_ENABLED(CONFIG_IPV6)
192 if (tpi->proto == htons(ETH_P_IPV6) &&
193 !ip6_err_gen_icmpv6_unreach(skb, iph->ihl * 4 + tpi->hdr_len,
198 if (t->parms.iph.daddr == 0 ||
199 ipv4_is_multicast(t->parms.iph.daddr))
202 if (t->parms.iph.ttl == 0 && type == ICMP_TIME_EXCEEDED)
205 if (time_before(jiffies, t->err_time + IPTUNNEL_ERR_TIMEO))
209 t->err_time = jiffies;
214 static void gre_err(struct sk_buff *skb, u32 info)
216 /* All the routers (except for Linux) return only
217 * 8 bytes of packet payload. It means, that precise relaying of
218 * ICMP in the real Internet is absolutely infeasible.
220 * Moreover, Cisco "wise men" put GRE key to the third word
221 * in GRE header. It makes impossible maintaining even soft
223 * GRE tunnels with enabled checksum. Tell them "thank you".
225 * Well, I wonder, rfc1812 was written by Cisco employee,
226 * what the hell these idiots break standards established
230 const struct iphdr *iph = (struct iphdr *)skb->data;
231 const int type = icmp_hdr(skb)->type;
232 const int code = icmp_hdr(skb)->code;
233 struct tnl_ptk_info tpi;
235 if (gre_parse_header(skb, &tpi, NULL, htons(ETH_P_IP),
239 if (type == ICMP_DEST_UNREACH && code == ICMP_FRAG_NEEDED) {
240 ipv4_update_pmtu(skb, dev_net(skb->dev), info,
241 skb->dev->ifindex, IPPROTO_GRE);
244 if (type == ICMP_REDIRECT) {
245 ipv4_redirect(skb, dev_net(skb->dev), skb->dev->ifindex,
250 ipgre_err(skb, info, &tpi);
253 static bool is_erspan_type1(int gre_hdr_len)
255 /* Both ERSPAN type I (version 0) and type II (version 1) use
256 * protocol 0x88BE, but the type I has only 4-byte GRE header,
257 * while type II has 8-byte.
259 return gre_hdr_len == 4;
262 static int erspan_rcv(struct sk_buff *skb, struct tnl_ptk_info *tpi,
265 struct net *net = dev_net(skb->dev);
266 struct metadata_dst *tun_dst = NULL;
267 struct erspan_base_hdr *ershdr;
268 struct ip_tunnel_net *itn;
269 struct ip_tunnel *tunnel;
270 const struct iphdr *iph;
271 struct erspan_md2 *md2;
275 itn = net_generic(net, erspan_net_id);
277 if (is_erspan_type1(gre_hdr_len)) {
279 tunnel = ip_tunnel_lookup(itn, skb->dev->ifindex,
280 tpi->flags | TUNNEL_NO_KEY,
281 iph->saddr, iph->daddr, 0);
283 ershdr = (struct erspan_base_hdr *)(skb->data + gre_hdr_len);
285 tunnel = ip_tunnel_lookup(itn, skb->dev->ifindex,
286 tpi->flags | TUNNEL_KEY,
287 iph->saddr, iph->daddr, tpi->key);
291 if (is_erspan_type1(gre_hdr_len))
294 len = gre_hdr_len + erspan_hdr_len(ver);
296 if (unlikely(!pskb_may_pull(skb, len)))
297 return PACKET_REJECT;
299 if (__iptunnel_pull_header(skb,
305 if (tunnel->collect_md) {
306 struct erspan_metadata *pkt_md, *md;
307 struct ip_tunnel_info *info;
312 tpi->flags |= TUNNEL_KEY;
314 tun_id = key32_to_tunnel_id(tpi->key);
316 tun_dst = ip_tun_rx_dst(skb, flags,
317 tun_id, sizeof(*md));
319 return PACKET_REJECT;
321 /* skb can be uncloned in __iptunnel_pull_header, so
322 * old pkt_md is no longer valid and we need to reset
325 gh = skb_network_header(skb) +
326 skb_network_header_len(skb);
327 pkt_md = (struct erspan_metadata *)(gh + gre_hdr_len +
329 md = ip_tunnel_info_opts(&tun_dst->u.tun_info);
332 memcpy(md2, pkt_md, ver == 1 ? ERSPAN_V1_MDSIZE :
335 info = &tun_dst->u.tun_info;
336 info->key.tun_flags |= TUNNEL_ERSPAN_OPT;
337 info->options_len = sizeof(*md);
340 skb_reset_mac_header(skb);
341 ip_tunnel_rcv(tunnel, skb, tpi, tun_dst, log_ecn_error);
344 return PACKET_REJECT;
351 static int __ipgre_rcv(struct sk_buff *skb, const struct tnl_ptk_info *tpi,
352 struct ip_tunnel_net *itn, int hdr_len, bool raw_proto)
354 struct metadata_dst *tun_dst = NULL;
355 const struct iphdr *iph;
356 struct ip_tunnel *tunnel;
359 tunnel = ip_tunnel_lookup(itn, skb->dev->ifindex, tpi->flags,
360 iph->saddr, iph->daddr, tpi->key);
363 const struct iphdr *tnl_params;
365 if (__iptunnel_pull_header(skb, hdr_len, tpi->proto,
366 raw_proto, false) < 0)
369 /* Special case for ipgre_header_parse(), which expects the
370 * mac_header to point to the outer IP header.
372 if (tunnel->dev->header_ops == &ipgre_header_ops)
373 skb_pop_mac_header(skb);
375 skb_reset_mac_header(skb);
377 tnl_params = &tunnel->parms.iph;
378 if (tunnel->collect_md || tnl_params->daddr == 0) {
382 flags = tpi->flags & (TUNNEL_CSUM | TUNNEL_KEY);
383 tun_id = key32_to_tunnel_id(tpi->key);
384 tun_dst = ip_tun_rx_dst(skb, flags, tun_id, 0);
386 return PACKET_REJECT;
389 ip_tunnel_rcv(tunnel, skb, tpi, tun_dst, log_ecn_error);
399 static int ipgre_rcv(struct sk_buff *skb, const struct tnl_ptk_info *tpi,
402 struct net *net = dev_net(skb->dev);
403 struct ip_tunnel_net *itn;
406 if (tpi->proto == htons(ETH_P_TEB))
407 itn = net_generic(net, gre_tap_net_id);
409 itn = net_generic(net, ipgre_net_id);
411 res = __ipgre_rcv(skb, tpi, itn, hdr_len, false);
412 if (res == PACKET_NEXT && tpi->proto == htons(ETH_P_TEB)) {
413 /* ipgre tunnels in collect metadata mode should receive
414 * also ETH_P_TEB traffic.
416 itn = net_generic(net, ipgre_net_id);
417 res = __ipgre_rcv(skb, tpi, itn, hdr_len, true);
422 static int gre_rcv(struct sk_buff *skb)
424 struct tnl_ptk_info tpi;
425 bool csum_err = false;
428 #ifdef CONFIG_NET_IPGRE_BROADCAST
429 if (ipv4_is_multicast(ip_hdr(skb)->daddr)) {
430 /* Looped back packet, drop it! */
431 if (rt_is_output_route(skb_rtable(skb)))
436 hdr_len = gre_parse_header(skb, &tpi, &csum_err, htons(ETH_P_IP), 0);
440 if (unlikely(tpi.proto == htons(ETH_P_ERSPAN) ||
441 tpi.proto == htons(ETH_P_ERSPAN2))) {
442 if (erspan_rcv(skb, &tpi, hdr_len) == PACKET_RCVD)
447 if (ipgre_rcv(skb, &tpi, hdr_len) == PACKET_RCVD)
451 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_PORT_UNREACH, 0);
457 static void __gre_xmit(struct sk_buff *skb, struct net_device *dev,
458 const struct iphdr *tnl_params,
461 struct ip_tunnel *tunnel = netdev_priv(dev);
463 if (tunnel->parms.o_flags & TUNNEL_SEQ)
466 /* Push GRE header. */
467 gre_build_header(skb, tunnel->tun_hlen,
468 tunnel->parms.o_flags, proto, tunnel->parms.o_key,
469 htonl(tunnel->o_seqno));
471 ip_tunnel_xmit(skb, dev, tnl_params, tnl_params->protocol);
474 static int gre_handle_offloads(struct sk_buff *skb, bool csum)
476 return iptunnel_handle_offloads(skb, csum ? SKB_GSO_GRE_CSUM : SKB_GSO_GRE);
479 static void gre_fb_xmit(struct sk_buff *skb, struct net_device *dev,
482 struct ip_tunnel *tunnel = netdev_priv(dev);
483 struct ip_tunnel_info *tun_info;
484 const struct ip_tunnel_key *key;
488 tun_info = skb_tunnel_info(skb);
489 if (unlikely(!tun_info || !(tun_info->mode & IP_TUNNEL_INFO_TX) ||
490 ip_tunnel_info_af(tun_info) != AF_INET))
493 key = &tun_info->key;
494 tunnel_hlen = gre_calc_hlen(key->tun_flags);
496 if (skb_cow_head(skb, dev->needed_headroom))
499 /* Push Tunnel header. */
500 if (gre_handle_offloads(skb, !!(tun_info->key.tun_flags & TUNNEL_CSUM)))
503 flags = tun_info->key.tun_flags &
504 (TUNNEL_CSUM | TUNNEL_KEY | TUNNEL_SEQ);
505 gre_build_header(skb, tunnel_hlen, flags, proto,
506 tunnel_id_to_key32(tun_info->key.tun_id),
507 (flags & TUNNEL_SEQ) ? htonl(tunnel->o_seqno++) : 0);
509 ip_md_tunnel_xmit(skb, dev, IPPROTO_GRE, tunnel_hlen);
515 dev->stats.tx_dropped++;
518 static void erspan_fb_xmit(struct sk_buff *skb, struct net_device *dev)
520 struct ip_tunnel *tunnel = netdev_priv(dev);
521 struct ip_tunnel_info *tun_info;
522 const struct ip_tunnel_key *key;
523 struct erspan_metadata *md;
524 bool truncate = false;
531 tun_info = skb_tunnel_info(skb);
532 if (unlikely(!tun_info || !(tun_info->mode & IP_TUNNEL_INFO_TX) ||
533 ip_tunnel_info_af(tun_info) != AF_INET))
536 key = &tun_info->key;
537 if (!(tun_info->key.tun_flags & TUNNEL_ERSPAN_OPT))
539 if (tun_info->options_len < sizeof(*md))
541 md = ip_tunnel_info_opts(tun_info);
543 /* ERSPAN has fixed 8 byte GRE header */
544 version = md->version;
545 tunnel_hlen = 8 + erspan_hdr_len(version);
547 if (skb_cow_head(skb, dev->needed_headroom))
550 if (gre_handle_offloads(skb, false))
553 if (skb->len > dev->mtu + dev->hard_header_len) {
554 pskb_trim(skb, dev->mtu + dev->hard_header_len);
558 nhoff = skb_network_header(skb) - skb_mac_header(skb);
559 if (skb->protocol == htons(ETH_P_IP) &&
560 (ntohs(ip_hdr(skb)->tot_len) > skb->len - nhoff))
563 thoff = skb_transport_header(skb) - skb_mac_header(skb);
564 if (skb->protocol == htons(ETH_P_IPV6) &&
565 (ntohs(ipv6_hdr(skb)->payload_len) > skb->len - thoff))
569 erspan_build_header(skb, ntohl(tunnel_id_to_key32(key->tun_id)),
570 ntohl(md->u.index), truncate, true);
571 proto = htons(ETH_P_ERSPAN);
572 } else if (version == 2) {
573 erspan_build_header_v2(skb,
574 ntohl(tunnel_id_to_key32(key->tun_id)),
576 get_hwid(&md->u.md2),
578 proto = htons(ETH_P_ERSPAN2);
583 gre_build_header(skb, 8, TUNNEL_SEQ,
584 proto, 0, htonl(tunnel->o_seqno++));
586 ip_md_tunnel_xmit(skb, dev, IPPROTO_GRE, tunnel_hlen);
592 dev->stats.tx_dropped++;
595 static int gre_fill_metadata_dst(struct net_device *dev, struct sk_buff *skb)
597 struct ip_tunnel_info *info = skb_tunnel_info(skb);
598 const struct ip_tunnel_key *key;
602 if (ip_tunnel_info_af(info) != AF_INET)
606 ip_tunnel_init_flow(&fl4, IPPROTO_GRE, key->u.ipv4.dst, key->u.ipv4.src,
607 tunnel_id_to_key32(key->tun_id), key->tos, 0,
608 skb->mark, skb_get_hash(skb));
609 rt = ip_route_output_key(dev_net(dev), &fl4);
614 info->key.u.ipv4.src = fl4.saddr;
618 static netdev_tx_t ipgre_xmit(struct sk_buff *skb,
619 struct net_device *dev)
621 struct ip_tunnel *tunnel = netdev_priv(dev);
622 const struct iphdr *tnl_params;
624 if (!pskb_inet_may_pull(skb))
627 if (tunnel->collect_md) {
628 gre_fb_xmit(skb, dev, skb->protocol);
632 if (dev->header_ops) {
633 const int pull_len = tunnel->hlen + sizeof(struct iphdr);
635 if (skb_cow_head(skb, 0))
638 tnl_params = (const struct iphdr *)skb->data;
640 if (pull_len > skb_transport_offset(skb))
643 /* Pull skb since ip_tunnel_xmit() needs skb->data pointing
646 skb_pull(skb, pull_len);
647 skb_reset_mac_header(skb);
649 if (skb_cow_head(skb, dev->needed_headroom))
652 tnl_params = &tunnel->parms.iph;
655 if (gre_handle_offloads(skb, !!(tunnel->parms.o_flags & TUNNEL_CSUM)))
658 __gre_xmit(skb, dev, tnl_params, skb->protocol);
663 dev->stats.tx_dropped++;
667 static netdev_tx_t erspan_xmit(struct sk_buff *skb,
668 struct net_device *dev)
670 struct ip_tunnel *tunnel = netdev_priv(dev);
671 bool truncate = false;
674 if (!pskb_inet_may_pull(skb))
677 if (tunnel->collect_md) {
678 erspan_fb_xmit(skb, dev);
682 if (gre_handle_offloads(skb, false))
685 if (skb_cow_head(skb, dev->needed_headroom))
688 if (skb->len > dev->mtu + dev->hard_header_len) {
689 pskb_trim(skb, dev->mtu + dev->hard_header_len);
693 /* Push ERSPAN header */
694 if (tunnel->erspan_ver == 0) {
695 proto = htons(ETH_P_ERSPAN);
696 tunnel->parms.o_flags &= ~TUNNEL_SEQ;
697 } else if (tunnel->erspan_ver == 1) {
698 erspan_build_header(skb, ntohl(tunnel->parms.o_key),
701 proto = htons(ETH_P_ERSPAN);
702 } else if (tunnel->erspan_ver == 2) {
703 erspan_build_header_v2(skb, ntohl(tunnel->parms.o_key),
704 tunnel->dir, tunnel->hwid,
706 proto = htons(ETH_P_ERSPAN2);
711 tunnel->parms.o_flags &= ~TUNNEL_KEY;
712 __gre_xmit(skb, dev, &tunnel->parms.iph, proto);
717 dev->stats.tx_dropped++;
721 static netdev_tx_t gre_tap_xmit(struct sk_buff *skb,
722 struct net_device *dev)
724 struct ip_tunnel *tunnel = netdev_priv(dev);
726 if (!pskb_inet_may_pull(skb))
729 if (tunnel->collect_md) {
730 gre_fb_xmit(skb, dev, htons(ETH_P_TEB));
734 if (gre_handle_offloads(skb, !!(tunnel->parms.o_flags & TUNNEL_CSUM)))
737 if (skb_cow_head(skb, dev->needed_headroom))
740 __gre_xmit(skb, dev, &tunnel->parms.iph, htons(ETH_P_TEB));
745 dev->stats.tx_dropped++;
749 static void ipgre_link_update(struct net_device *dev, bool set_mtu)
751 struct ip_tunnel *tunnel = netdev_priv(dev);
754 len = tunnel->tun_hlen;
755 tunnel->tun_hlen = gre_calc_hlen(tunnel->parms.o_flags);
756 len = tunnel->tun_hlen - len;
757 tunnel->hlen = tunnel->hlen + len;
760 dev->hard_header_len += len;
762 dev->needed_headroom += len;
765 dev->mtu = max_t(int, dev->mtu - len, 68);
767 if (!(tunnel->parms.o_flags & TUNNEL_SEQ)) {
768 if (!(tunnel->parms.o_flags & TUNNEL_CSUM) ||
769 tunnel->encap.type == TUNNEL_ENCAP_NONE) {
770 dev->features |= NETIF_F_GSO_SOFTWARE;
771 dev->hw_features |= NETIF_F_GSO_SOFTWARE;
773 dev->features &= ~NETIF_F_GSO_SOFTWARE;
774 dev->hw_features &= ~NETIF_F_GSO_SOFTWARE;
776 dev->features |= NETIF_F_LLTX;
778 dev->hw_features &= ~NETIF_F_GSO_SOFTWARE;
779 dev->features &= ~(NETIF_F_LLTX | NETIF_F_GSO_SOFTWARE);
783 static int ipgre_tunnel_ctl(struct net_device *dev, struct ip_tunnel_parm *p,
788 if (cmd == SIOCADDTUNNEL || cmd == SIOCCHGTUNNEL) {
789 if (p->iph.version != 4 || p->iph.protocol != IPPROTO_GRE ||
790 p->iph.ihl != 5 || (p->iph.frag_off & htons(~IP_DF)) ||
791 ((p->i_flags | p->o_flags) & (GRE_VERSION | GRE_ROUTING)))
795 p->i_flags = gre_flags_to_tnl_flags(p->i_flags);
796 p->o_flags = gre_flags_to_tnl_flags(p->o_flags);
798 err = ip_tunnel_ctl(dev, p, cmd);
802 if (cmd == SIOCCHGTUNNEL) {
803 struct ip_tunnel *t = netdev_priv(dev);
805 t->parms.i_flags = p->i_flags;
806 t->parms.o_flags = p->o_flags;
808 if (strcmp(dev->rtnl_link_ops->kind, "erspan"))
809 ipgre_link_update(dev, true);
812 p->i_flags = gre_tnl_flags_to_gre_flags(p->i_flags);
813 p->o_flags = gre_tnl_flags_to_gre_flags(p->o_flags);
817 /* Nice toy. Unfortunately, useless in real life :-)
818 It allows to construct virtual multiprotocol broadcast "LAN"
819 over the Internet, provided multicast routing is tuned.
822 I have no idea was this bicycle invented before me,
823 so that I had to set ARPHRD_IPGRE to a random value.
824 I have an impression, that Cisco could make something similar,
825 but this feature is apparently missing in IOS<=11.2(8).
827 I set up 10.66.66/24 and fec0:6666:6666::0/96 as virtual networks
828 with broadcast 224.66.66.66. If you have access to mbone, play with me :-)
830 ping -t 255 224.66.66.66
832 If nobody answers, mbone does not work.
834 ip tunnel add Universe mode gre remote 224.66.66.66 local <Your_real_addr> ttl 255
835 ip addr add 10.66.66.<somewhat>/24 dev Universe
837 ifconfig Universe add fe80::<Your_real_addr>/10
838 ifconfig Universe add fec0:6666:6666::<Your_real_addr>/96
841 ftp fec0:6666:6666::193.233.7.65
844 static int ipgre_header(struct sk_buff *skb, struct net_device *dev,
846 const void *daddr, const void *saddr, unsigned int len)
848 struct ip_tunnel *t = netdev_priv(dev);
850 struct gre_base_hdr *greh;
852 iph = skb_push(skb, t->hlen + sizeof(*iph));
853 greh = (struct gre_base_hdr *)(iph+1);
854 greh->flags = gre_tnl_flags_to_gre_flags(t->parms.o_flags);
855 greh->protocol = htons(type);
857 memcpy(iph, &t->parms.iph, sizeof(struct iphdr));
859 /* Set the source hardware address. */
861 memcpy(&iph->saddr, saddr, 4);
863 memcpy(&iph->daddr, daddr, 4);
865 return t->hlen + sizeof(*iph);
867 return -(t->hlen + sizeof(*iph));
870 static int ipgre_header_parse(const struct sk_buff *skb, unsigned char *haddr)
872 const struct iphdr *iph = (const struct iphdr *) skb_mac_header(skb);
873 memcpy(haddr, &iph->saddr, 4);
877 static const struct header_ops ipgre_header_ops = {
878 .create = ipgre_header,
879 .parse = ipgre_header_parse,
882 #ifdef CONFIG_NET_IPGRE_BROADCAST
883 static int ipgre_open(struct net_device *dev)
885 struct ip_tunnel *t = netdev_priv(dev);
887 if (ipv4_is_multicast(t->parms.iph.daddr)) {
891 rt = ip_route_output_gre(t->net, &fl4,
895 RT_TOS(t->parms.iph.tos),
898 return -EADDRNOTAVAIL;
901 if (!__in_dev_get_rtnl(dev))
902 return -EADDRNOTAVAIL;
903 t->mlink = dev->ifindex;
904 ip_mc_inc_group(__in_dev_get_rtnl(dev), t->parms.iph.daddr);
909 static int ipgre_close(struct net_device *dev)
911 struct ip_tunnel *t = netdev_priv(dev);
913 if (ipv4_is_multicast(t->parms.iph.daddr) && t->mlink) {
914 struct in_device *in_dev;
915 in_dev = inetdev_by_index(t->net, t->mlink);
917 ip_mc_dec_group(in_dev, t->parms.iph.daddr);
923 static const struct net_device_ops ipgre_netdev_ops = {
924 .ndo_init = ipgre_tunnel_init,
925 .ndo_uninit = ip_tunnel_uninit,
926 #ifdef CONFIG_NET_IPGRE_BROADCAST
927 .ndo_open = ipgre_open,
928 .ndo_stop = ipgre_close,
930 .ndo_start_xmit = ipgre_xmit,
931 .ndo_siocdevprivate = ip_tunnel_siocdevprivate,
932 .ndo_change_mtu = ip_tunnel_change_mtu,
933 .ndo_get_stats64 = dev_get_tstats64,
934 .ndo_get_iflink = ip_tunnel_get_iflink,
935 .ndo_tunnel_ctl = ipgre_tunnel_ctl,
938 #define GRE_FEATURES (NETIF_F_SG | \
943 static void ipgre_tunnel_setup(struct net_device *dev)
945 dev->netdev_ops = &ipgre_netdev_ops;
946 dev->type = ARPHRD_IPGRE;
947 ip_tunnel_setup(dev, ipgre_net_id);
950 static void __gre_tunnel_init(struct net_device *dev)
952 struct ip_tunnel *tunnel;
954 tunnel = netdev_priv(dev);
955 tunnel->tun_hlen = gre_calc_hlen(tunnel->parms.o_flags);
956 tunnel->parms.iph.protocol = IPPROTO_GRE;
958 tunnel->hlen = tunnel->tun_hlen + tunnel->encap_hlen;
959 dev->needed_headroom = tunnel->hlen + sizeof(tunnel->parms.iph);
961 dev->features |= GRE_FEATURES;
962 dev->hw_features |= GRE_FEATURES;
964 if (!(tunnel->parms.o_flags & TUNNEL_SEQ)) {
965 /* TCP offload with GRE SEQ is not supported, nor
966 * can we support 2 levels of outer headers requiring
969 if (!(tunnel->parms.o_flags & TUNNEL_CSUM) ||
970 (tunnel->encap.type == TUNNEL_ENCAP_NONE)) {
971 dev->features |= NETIF_F_GSO_SOFTWARE;
972 dev->hw_features |= NETIF_F_GSO_SOFTWARE;
975 /* Can use a lockless transmit, unless we generate
978 dev->features |= NETIF_F_LLTX;
982 static int ipgre_tunnel_init(struct net_device *dev)
984 struct ip_tunnel *tunnel = netdev_priv(dev);
985 struct iphdr *iph = &tunnel->parms.iph;
987 __gre_tunnel_init(dev);
989 memcpy(dev->dev_addr, &iph->saddr, 4);
990 memcpy(dev->broadcast, &iph->daddr, 4);
992 dev->flags = IFF_NOARP;
996 if (iph->daddr && !tunnel->collect_md) {
997 #ifdef CONFIG_NET_IPGRE_BROADCAST
998 if (ipv4_is_multicast(iph->daddr)) {
1001 dev->flags = IFF_BROADCAST;
1002 dev->header_ops = &ipgre_header_ops;
1003 dev->hard_header_len = tunnel->hlen + sizeof(*iph);
1004 dev->needed_headroom = 0;
1007 } else if (!tunnel->collect_md) {
1008 dev->header_ops = &ipgre_header_ops;
1009 dev->hard_header_len = tunnel->hlen + sizeof(*iph);
1010 dev->needed_headroom = 0;
1013 return ip_tunnel_init(dev);
1016 static const struct gre_protocol ipgre_protocol = {
1018 .err_handler = gre_err,
1021 static int __net_init ipgre_init_net(struct net *net)
1023 return ip_tunnel_init_net(net, ipgre_net_id, &ipgre_link_ops, NULL);
1026 static void __net_exit ipgre_exit_batch_net(struct list_head *list_net)
1028 ip_tunnel_delete_nets(list_net, ipgre_net_id, &ipgre_link_ops);
1031 static struct pernet_operations ipgre_net_ops = {
1032 .init = ipgre_init_net,
1033 .exit_batch = ipgre_exit_batch_net,
1034 .id = &ipgre_net_id,
1035 .size = sizeof(struct ip_tunnel_net),
1038 static int ipgre_tunnel_validate(struct nlattr *tb[], struct nlattr *data[],
1039 struct netlink_ext_ack *extack)
1047 if (data[IFLA_GRE_IFLAGS])
1048 flags |= nla_get_be16(data[IFLA_GRE_IFLAGS]);
1049 if (data[IFLA_GRE_OFLAGS])
1050 flags |= nla_get_be16(data[IFLA_GRE_OFLAGS]);
1051 if (flags & (GRE_VERSION|GRE_ROUTING))
1054 if (data[IFLA_GRE_COLLECT_METADATA] &&
1055 data[IFLA_GRE_ENCAP_TYPE] &&
1056 nla_get_u16(data[IFLA_GRE_ENCAP_TYPE]) != TUNNEL_ENCAP_NONE)
1062 static int ipgre_tap_validate(struct nlattr *tb[], struct nlattr *data[],
1063 struct netlink_ext_ack *extack)
1067 if (tb[IFLA_ADDRESS]) {
1068 if (nla_len(tb[IFLA_ADDRESS]) != ETH_ALEN)
1070 if (!is_valid_ether_addr(nla_data(tb[IFLA_ADDRESS])))
1071 return -EADDRNOTAVAIL;
1077 if (data[IFLA_GRE_REMOTE]) {
1078 memcpy(&daddr, nla_data(data[IFLA_GRE_REMOTE]), 4);
1084 return ipgre_tunnel_validate(tb, data, extack);
1087 static int erspan_validate(struct nlattr *tb[], struct nlattr *data[],
1088 struct netlink_ext_ack *extack)
1096 ret = ipgre_tap_validate(tb, data, extack);
1100 if (data[IFLA_GRE_ERSPAN_VER] &&
1101 nla_get_u8(data[IFLA_GRE_ERSPAN_VER]) == 0)
1104 /* ERSPAN type II/III should only have GRE sequence and key flag */
1105 if (data[IFLA_GRE_OFLAGS])
1106 flags |= nla_get_be16(data[IFLA_GRE_OFLAGS]);
1107 if (data[IFLA_GRE_IFLAGS])
1108 flags |= nla_get_be16(data[IFLA_GRE_IFLAGS]);
1109 if (!data[IFLA_GRE_COLLECT_METADATA] &&
1110 flags != (GRE_SEQ | GRE_KEY))
1113 /* ERSPAN Session ID only has 10-bit. Since we reuse
1114 * 32-bit key field as ID, check it's range.
1116 if (data[IFLA_GRE_IKEY] &&
1117 (ntohl(nla_get_be32(data[IFLA_GRE_IKEY])) & ~ID_MASK))
1120 if (data[IFLA_GRE_OKEY] &&
1121 (ntohl(nla_get_be32(data[IFLA_GRE_OKEY])) & ~ID_MASK))
1127 static int ipgre_netlink_parms(struct net_device *dev,
1128 struct nlattr *data[],
1129 struct nlattr *tb[],
1130 struct ip_tunnel_parm *parms,
1133 struct ip_tunnel *t = netdev_priv(dev);
1135 memset(parms, 0, sizeof(*parms));
1137 parms->iph.protocol = IPPROTO_GRE;
1142 if (data[IFLA_GRE_LINK])
1143 parms->link = nla_get_u32(data[IFLA_GRE_LINK]);
1145 if (data[IFLA_GRE_IFLAGS])
1146 parms->i_flags = gre_flags_to_tnl_flags(nla_get_be16(data[IFLA_GRE_IFLAGS]));
1148 if (data[IFLA_GRE_OFLAGS])
1149 parms->o_flags = gre_flags_to_tnl_flags(nla_get_be16(data[IFLA_GRE_OFLAGS]));
1151 if (data[IFLA_GRE_IKEY])
1152 parms->i_key = nla_get_be32(data[IFLA_GRE_IKEY]);
1154 if (data[IFLA_GRE_OKEY])
1155 parms->o_key = nla_get_be32(data[IFLA_GRE_OKEY]);
1157 if (data[IFLA_GRE_LOCAL])
1158 parms->iph.saddr = nla_get_in_addr(data[IFLA_GRE_LOCAL]);
1160 if (data[IFLA_GRE_REMOTE])
1161 parms->iph.daddr = nla_get_in_addr(data[IFLA_GRE_REMOTE]);
1163 if (data[IFLA_GRE_TTL])
1164 parms->iph.ttl = nla_get_u8(data[IFLA_GRE_TTL]);
1166 if (data[IFLA_GRE_TOS])
1167 parms->iph.tos = nla_get_u8(data[IFLA_GRE_TOS]);
1169 if (!data[IFLA_GRE_PMTUDISC] || nla_get_u8(data[IFLA_GRE_PMTUDISC])) {
1172 parms->iph.frag_off = htons(IP_DF);
1175 if (data[IFLA_GRE_COLLECT_METADATA]) {
1176 t->collect_md = true;
1177 if (dev->type == ARPHRD_IPGRE)
1178 dev->type = ARPHRD_NONE;
1181 if (data[IFLA_GRE_IGNORE_DF]) {
1182 if (nla_get_u8(data[IFLA_GRE_IGNORE_DF])
1183 && (parms->iph.frag_off & htons(IP_DF)))
1185 t->ignore_df = !!nla_get_u8(data[IFLA_GRE_IGNORE_DF]);
1188 if (data[IFLA_GRE_FWMARK])
1189 *fwmark = nla_get_u32(data[IFLA_GRE_FWMARK]);
1194 static int erspan_netlink_parms(struct net_device *dev,
1195 struct nlattr *data[],
1196 struct nlattr *tb[],
1197 struct ip_tunnel_parm *parms,
1200 struct ip_tunnel *t = netdev_priv(dev);
1203 err = ipgre_netlink_parms(dev, data, tb, parms, fwmark);
1209 if (data[IFLA_GRE_ERSPAN_VER]) {
1210 t->erspan_ver = nla_get_u8(data[IFLA_GRE_ERSPAN_VER]);
1212 if (t->erspan_ver > 2)
1216 if (t->erspan_ver == 1) {
1217 if (data[IFLA_GRE_ERSPAN_INDEX]) {
1218 t->index = nla_get_u32(data[IFLA_GRE_ERSPAN_INDEX]);
1219 if (t->index & ~INDEX_MASK)
1222 } else if (t->erspan_ver == 2) {
1223 if (data[IFLA_GRE_ERSPAN_DIR]) {
1224 t->dir = nla_get_u8(data[IFLA_GRE_ERSPAN_DIR]);
1225 if (t->dir & ~(DIR_MASK >> DIR_OFFSET))
1228 if (data[IFLA_GRE_ERSPAN_HWID]) {
1229 t->hwid = nla_get_u16(data[IFLA_GRE_ERSPAN_HWID]);
1230 if (t->hwid & ~(HWID_MASK >> HWID_OFFSET))
1238 /* This function returns true when ENCAP attributes are present in the nl msg */
1239 static bool ipgre_netlink_encap_parms(struct nlattr *data[],
1240 struct ip_tunnel_encap *ipencap)
1244 memset(ipencap, 0, sizeof(*ipencap));
1249 if (data[IFLA_GRE_ENCAP_TYPE]) {
1251 ipencap->type = nla_get_u16(data[IFLA_GRE_ENCAP_TYPE]);
1254 if (data[IFLA_GRE_ENCAP_FLAGS]) {
1256 ipencap->flags = nla_get_u16(data[IFLA_GRE_ENCAP_FLAGS]);
1259 if (data[IFLA_GRE_ENCAP_SPORT]) {
1261 ipencap->sport = nla_get_be16(data[IFLA_GRE_ENCAP_SPORT]);
1264 if (data[IFLA_GRE_ENCAP_DPORT]) {
1266 ipencap->dport = nla_get_be16(data[IFLA_GRE_ENCAP_DPORT]);
1272 static int gre_tap_init(struct net_device *dev)
1274 __gre_tunnel_init(dev);
1275 dev->priv_flags |= IFF_LIVE_ADDR_CHANGE;
1276 netif_keep_dst(dev);
1278 return ip_tunnel_init(dev);
1281 static const struct net_device_ops gre_tap_netdev_ops = {
1282 .ndo_init = gre_tap_init,
1283 .ndo_uninit = ip_tunnel_uninit,
1284 .ndo_start_xmit = gre_tap_xmit,
1285 .ndo_set_mac_address = eth_mac_addr,
1286 .ndo_validate_addr = eth_validate_addr,
1287 .ndo_change_mtu = ip_tunnel_change_mtu,
1288 .ndo_get_stats64 = dev_get_tstats64,
1289 .ndo_get_iflink = ip_tunnel_get_iflink,
1290 .ndo_fill_metadata_dst = gre_fill_metadata_dst,
1293 static int erspan_tunnel_init(struct net_device *dev)
1295 struct ip_tunnel *tunnel = netdev_priv(dev);
1297 if (tunnel->erspan_ver == 0)
1298 tunnel->tun_hlen = 4; /* 4-byte GRE hdr. */
1300 tunnel->tun_hlen = 8; /* 8-byte GRE hdr. */
1302 tunnel->parms.iph.protocol = IPPROTO_GRE;
1303 tunnel->hlen = tunnel->tun_hlen + tunnel->encap_hlen +
1304 erspan_hdr_len(tunnel->erspan_ver);
1306 dev->features |= GRE_FEATURES;
1307 dev->hw_features |= GRE_FEATURES;
1308 dev->priv_flags |= IFF_LIVE_ADDR_CHANGE;
1309 netif_keep_dst(dev);
1311 return ip_tunnel_init(dev);
1314 static const struct net_device_ops erspan_netdev_ops = {
1315 .ndo_init = erspan_tunnel_init,
1316 .ndo_uninit = ip_tunnel_uninit,
1317 .ndo_start_xmit = erspan_xmit,
1318 .ndo_set_mac_address = eth_mac_addr,
1319 .ndo_validate_addr = eth_validate_addr,
1320 .ndo_change_mtu = ip_tunnel_change_mtu,
1321 .ndo_get_stats64 = dev_get_tstats64,
1322 .ndo_get_iflink = ip_tunnel_get_iflink,
1323 .ndo_fill_metadata_dst = gre_fill_metadata_dst,
1326 static void ipgre_tap_setup(struct net_device *dev)
1330 dev->netdev_ops = &gre_tap_netdev_ops;
1331 dev->priv_flags &= ~IFF_TX_SKB_SHARING;
1332 dev->priv_flags |= IFF_LIVE_ADDR_CHANGE;
1333 ip_tunnel_setup(dev, gre_tap_net_id);
1337 ipgre_newlink_encap_setup(struct net_device *dev, struct nlattr *data[])
1339 struct ip_tunnel_encap ipencap;
1341 if (ipgre_netlink_encap_parms(data, &ipencap)) {
1342 struct ip_tunnel *t = netdev_priv(dev);
1343 int err = ip_tunnel_encap_setup(t, &ipencap);
1352 static int ipgre_newlink(struct net *src_net, struct net_device *dev,
1353 struct nlattr *tb[], struct nlattr *data[],
1354 struct netlink_ext_ack *extack)
1356 struct ip_tunnel_parm p;
1360 err = ipgre_newlink_encap_setup(dev, data);
1364 err = ipgre_netlink_parms(dev, data, tb, &p, &fwmark);
1367 return ip_tunnel_newlink(dev, tb, &p, fwmark);
1370 static int erspan_newlink(struct net *src_net, struct net_device *dev,
1371 struct nlattr *tb[], struct nlattr *data[],
1372 struct netlink_ext_ack *extack)
1374 struct ip_tunnel_parm p;
1378 err = ipgre_newlink_encap_setup(dev, data);
1382 err = erspan_netlink_parms(dev, data, tb, &p, &fwmark);
1385 return ip_tunnel_newlink(dev, tb, &p, fwmark);
1388 static int ipgre_changelink(struct net_device *dev, struct nlattr *tb[],
1389 struct nlattr *data[],
1390 struct netlink_ext_ack *extack)
1392 struct ip_tunnel *t = netdev_priv(dev);
1393 __u32 fwmark = t->fwmark;
1394 struct ip_tunnel_parm p;
1397 err = ipgre_newlink_encap_setup(dev, data);
1401 err = ipgre_netlink_parms(dev, data, tb, &p, &fwmark);
1405 err = ip_tunnel_changelink(dev, tb, &p, fwmark);
1409 t->parms.i_flags = p.i_flags;
1410 t->parms.o_flags = p.o_flags;
1412 ipgre_link_update(dev, !tb[IFLA_MTU]);
1417 static int erspan_changelink(struct net_device *dev, struct nlattr *tb[],
1418 struct nlattr *data[],
1419 struct netlink_ext_ack *extack)
1421 struct ip_tunnel *t = netdev_priv(dev);
1422 __u32 fwmark = t->fwmark;
1423 struct ip_tunnel_parm p;
1426 err = ipgre_newlink_encap_setup(dev, data);
1430 err = erspan_netlink_parms(dev, data, tb, &p, &fwmark);
1434 err = ip_tunnel_changelink(dev, tb, &p, fwmark);
1438 t->parms.i_flags = p.i_flags;
1439 t->parms.o_flags = p.o_flags;
1444 static size_t ipgre_get_size(const struct net_device *dev)
1449 /* IFLA_GRE_IFLAGS */
1451 /* IFLA_GRE_OFLAGS */
1457 /* IFLA_GRE_LOCAL */
1459 /* IFLA_GRE_REMOTE */
1465 /* IFLA_GRE_PMTUDISC */
1467 /* IFLA_GRE_ENCAP_TYPE */
1469 /* IFLA_GRE_ENCAP_FLAGS */
1471 /* IFLA_GRE_ENCAP_SPORT */
1473 /* IFLA_GRE_ENCAP_DPORT */
1475 /* IFLA_GRE_COLLECT_METADATA */
1477 /* IFLA_GRE_IGNORE_DF */
1479 /* IFLA_GRE_FWMARK */
1481 /* IFLA_GRE_ERSPAN_INDEX */
1483 /* IFLA_GRE_ERSPAN_VER */
1485 /* IFLA_GRE_ERSPAN_DIR */
1487 /* IFLA_GRE_ERSPAN_HWID */
1492 static int ipgre_fill_info(struct sk_buff *skb, const struct net_device *dev)
1494 struct ip_tunnel *t = netdev_priv(dev);
1495 struct ip_tunnel_parm *p = &t->parms;
1496 __be16 o_flags = p->o_flags;
1498 if (t->erspan_ver <= 2) {
1499 if (t->erspan_ver != 0 && !t->collect_md)
1500 o_flags |= TUNNEL_KEY;
1502 if (nla_put_u8(skb, IFLA_GRE_ERSPAN_VER, t->erspan_ver))
1503 goto nla_put_failure;
1505 if (t->erspan_ver == 1) {
1506 if (nla_put_u32(skb, IFLA_GRE_ERSPAN_INDEX, t->index))
1507 goto nla_put_failure;
1508 } else if (t->erspan_ver == 2) {
1509 if (nla_put_u8(skb, IFLA_GRE_ERSPAN_DIR, t->dir))
1510 goto nla_put_failure;
1511 if (nla_put_u16(skb, IFLA_GRE_ERSPAN_HWID, t->hwid))
1512 goto nla_put_failure;
1516 if (nla_put_u32(skb, IFLA_GRE_LINK, p->link) ||
1517 nla_put_be16(skb, IFLA_GRE_IFLAGS,
1518 gre_tnl_flags_to_gre_flags(p->i_flags)) ||
1519 nla_put_be16(skb, IFLA_GRE_OFLAGS,
1520 gre_tnl_flags_to_gre_flags(o_flags)) ||
1521 nla_put_be32(skb, IFLA_GRE_IKEY, p->i_key) ||
1522 nla_put_be32(skb, IFLA_GRE_OKEY, p->o_key) ||
1523 nla_put_in_addr(skb, IFLA_GRE_LOCAL, p->iph.saddr) ||
1524 nla_put_in_addr(skb, IFLA_GRE_REMOTE, p->iph.daddr) ||
1525 nla_put_u8(skb, IFLA_GRE_TTL, p->iph.ttl) ||
1526 nla_put_u8(skb, IFLA_GRE_TOS, p->iph.tos) ||
1527 nla_put_u8(skb, IFLA_GRE_PMTUDISC,
1528 !!(p->iph.frag_off & htons(IP_DF))) ||
1529 nla_put_u32(skb, IFLA_GRE_FWMARK, t->fwmark))
1530 goto nla_put_failure;
1532 if (nla_put_u16(skb, IFLA_GRE_ENCAP_TYPE,
1534 nla_put_be16(skb, IFLA_GRE_ENCAP_SPORT,
1536 nla_put_be16(skb, IFLA_GRE_ENCAP_DPORT,
1538 nla_put_u16(skb, IFLA_GRE_ENCAP_FLAGS,
1540 goto nla_put_failure;
1542 if (nla_put_u8(skb, IFLA_GRE_IGNORE_DF, t->ignore_df))
1543 goto nla_put_failure;
1545 if (t->collect_md) {
1546 if (nla_put_flag(skb, IFLA_GRE_COLLECT_METADATA))
1547 goto nla_put_failure;
1556 static void erspan_setup(struct net_device *dev)
1558 struct ip_tunnel *t = netdev_priv(dev);
1562 dev->netdev_ops = &erspan_netdev_ops;
1563 dev->priv_flags &= ~IFF_TX_SKB_SHARING;
1564 dev->priv_flags |= IFF_LIVE_ADDR_CHANGE;
1565 ip_tunnel_setup(dev, erspan_net_id);
1569 static const struct nla_policy ipgre_policy[IFLA_GRE_MAX + 1] = {
1570 [IFLA_GRE_LINK] = { .type = NLA_U32 },
1571 [IFLA_GRE_IFLAGS] = { .type = NLA_U16 },
1572 [IFLA_GRE_OFLAGS] = { .type = NLA_U16 },
1573 [IFLA_GRE_IKEY] = { .type = NLA_U32 },
1574 [IFLA_GRE_OKEY] = { .type = NLA_U32 },
1575 [IFLA_GRE_LOCAL] = { .len = sizeof_field(struct iphdr, saddr) },
1576 [IFLA_GRE_REMOTE] = { .len = sizeof_field(struct iphdr, daddr) },
1577 [IFLA_GRE_TTL] = { .type = NLA_U8 },
1578 [IFLA_GRE_TOS] = { .type = NLA_U8 },
1579 [IFLA_GRE_PMTUDISC] = { .type = NLA_U8 },
1580 [IFLA_GRE_ENCAP_TYPE] = { .type = NLA_U16 },
1581 [IFLA_GRE_ENCAP_FLAGS] = { .type = NLA_U16 },
1582 [IFLA_GRE_ENCAP_SPORT] = { .type = NLA_U16 },
1583 [IFLA_GRE_ENCAP_DPORT] = { .type = NLA_U16 },
1584 [IFLA_GRE_COLLECT_METADATA] = { .type = NLA_FLAG },
1585 [IFLA_GRE_IGNORE_DF] = { .type = NLA_U8 },
1586 [IFLA_GRE_FWMARK] = { .type = NLA_U32 },
1587 [IFLA_GRE_ERSPAN_INDEX] = { .type = NLA_U32 },
1588 [IFLA_GRE_ERSPAN_VER] = { .type = NLA_U8 },
1589 [IFLA_GRE_ERSPAN_DIR] = { .type = NLA_U8 },
1590 [IFLA_GRE_ERSPAN_HWID] = { .type = NLA_U16 },
1593 static struct rtnl_link_ops ipgre_link_ops __read_mostly = {
1595 .maxtype = IFLA_GRE_MAX,
1596 .policy = ipgre_policy,
1597 .priv_size = sizeof(struct ip_tunnel),
1598 .setup = ipgre_tunnel_setup,
1599 .validate = ipgre_tunnel_validate,
1600 .newlink = ipgre_newlink,
1601 .changelink = ipgre_changelink,
1602 .dellink = ip_tunnel_dellink,
1603 .get_size = ipgre_get_size,
1604 .fill_info = ipgre_fill_info,
1605 .get_link_net = ip_tunnel_get_link_net,
1608 static struct rtnl_link_ops ipgre_tap_ops __read_mostly = {
1610 .maxtype = IFLA_GRE_MAX,
1611 .policy = ipgre_policy,
1612 .priv_size = sizeof(struct ip_tunnel),
1613 .setup = ipgre_tap_setup,
1614 .validate = ipgre_tap_validate,
1615 .newlink = ipgre_newlink,
1616 .changelink = ipgre_changelink,
1617 .dellink = ip_tunnel_dellink,
1618 .get_size = ipgre_get_size,
1619 .fill_info = ipgre_fill_info,
1620 .get_link_net = ip_tunnel_get_link_net,
1623 static struct rtnl_link_ops erspan_link_ops __read_mostly = {
1625 .maxtype = IFLA_GRE_MAX,
1626 .policy = ipgre_policy,
1627 .priv_size = sizeof(struct ip_tunnel),
1628 .setup = erspan_setup,
1629 .validate = erspan_validate,
1630 .newlink = erspan_newlink,
1631 .changelink = erspan_changelink,
1632 .dellink = ip_tunnel_dellink,
1633 .get_size = ipgre_get_size,
1634 .fill_info = ipgre_fill_info,
1635 .get_link_net = ip_tunnel_get_link_net,
1638 struct net_device *gretap_fb_dev_create(struct net *net, const char *name,
1639 u8 name_assign_type)
1641 struct nlattr *tb[IFLA_MAX + 1];
1642 struct net_device *dev;
1643 LIST_HEAD(list_kill);
1644 struct ip_tunnel *t;
1647 memset(&tb, 0, sizeof(tb));
1649 dev = rtnl_create_link(net, name, name_assign_type,
1650 &ipgre_tap_ops, tb, NULL);
1654 /* Configure flow based GRE device. */
1655 t = netdev_priv(dev);
1656 t->collect_md = true;
1658 err = ipgre_newlink(net, dev, tb, NULL, NULL);
1661 return ERR_PTR(err);
1664 /* openvswitch users expect packet sizes to be unrestricted,
1665 * so set the largest MTU we can.
1667 err = __ip_tunnel_change_mtu(dev, IP_MAX_MTU, false);
1671 err = rtnl_configure_link(dev, NULL);
1677 ip_tunnel_dellink(dev, &list_kill);
1678 unregister_netdevice_many(&list_kill);
1679 return ERR_PTR(err);
1681 EXPORT_SYMBOL_GPL(gretap_fb_dev_create);
1683 static int __net_init ipgre_tap_init_net(struct net *net)
1685 return ip_tunnel_init_net(net, gre_tap_net_id, &ipgre_tap_ops, "gretap0");
1688 static void __net_exit ipgre_tap_exit_batch_net(struct list_head *list_net)
1690 ip_tunnel_delete_nets(list_net, gre_tap_net_id, &ipgre_tap_ops);
1693 static struct pernet_operations ipgre_tap_net_ops = {
1694 .init = ipgre_tap_init_net,
1695 .exit_batch = ipgre_tap_exit_batch_net,
1696 .id = &gre_tap_net_id,
1697 .size = sizeof(struct ip_tunnel_net),
1700 static int __net_init erspan_init_net(struct net *net)
1702 return ip_tunnel_init_net(net, erspan_net_id,
1703 &erspan_link_ops, "erspan0");
1706 static void __net_exit erspan_exit_batch_net(struct list_head *net_list)
1708 ip_tunnel_delete_nets(net_list, erspan_net_id, &erspan_link_ops);
1711 static struct pernet_operations erspan_net_ops = {
1712 .init = erspan_init_net,
1713 .exit_batch = erspan_exit_batch_net,
1714 .id = &erspan_net_id,
1715 .size = sizeof(struct ip_tunnel_net),
1718 static int __init ipgre_init(void)
1722 pr_info("GRE over IPv4 tunneling driver\n");
1724 err = register_pernet_device(&ipgre_net_ops);
1728 err = register_pernet_device(&ipgre_tap_net_ops);
1730 goto pnet_tap_failed;
1732 err = register_pernet_device(&erspan_net_ops);
1734 goto pnet_erspan_failed;
1736 err = gre_add_protocol(&ipgre_protocol, GREPROTO_CISCO);
1738 pr_info("%s: can't add protocol\n", __func__);
1739 goto add_proto_failed;
1742 err = rtnl_link_register(&ipgre_link_ops);
1744 goto rtnl_link_failed;
1746 err = rtnl_link_register(&ipgre_tap_ops);
1748 goto tap_ops_failed;
1750 err = rtnl_link_register(&erspan_link_ops);
1752 goto erspan_link_failed;
1757 rtnl_link_unregister(&ipgre_tap_ops);
1759 rtnl_link_unregister(&ipgre_link_ops);
1761 gre_del_protocol(&ipgre_protocol, GREPROTO_CISCO);
1763 unregister_pernet_device(&erspan_net_ops);
1765 unregister_pernet_device(&ipgre_tap_net_ops);
1767 unregister_pernet_device(&ipgre_net_ops);
1771 static void __exit ipgre_fini(void)
1773 rtnl_link_unregister(&ipgre_tap_ops);
1774 rtnl_link_unregister(&ipgre_link_ops);
1775 rtnl_link_unregister(&erspan_link_ops);
1776 gre_del_protocol(&ipgre_protocol, GREPROTO_CISCO);
1777 unregister_pernet_device(&ipgre_tap_net_ops);
1778 unregister_pernet_device(&ipgre_net_ops);
1779 unregister_pernet_device(&erspan_net_ops);
1782 module_init(ipgre_init);
1783 module_exit(ipgre_fini);
1784 MODULE_LICENSE("GPL");
1785 MODULE_ALIAS_RTNL_LINK("gre");
1786 MODULE_ALIAS_RTNL_LINK("gretap");
1787 MODULE_ALIAS_RTNL_LINK("erspan");
1788 MODULE_ALIAS_NETDEV("gre0");
1789 MODULE_ALIAS_NETDEV("gretap0");
1790 MODULE_ALIAS_NETDEV("erspan0");
projects / linux-2.6-microblaze.git / blob