1 /* ip_gre driver port to Linux 2.6.18 and greater */
3 #include <linux/version.h>
4 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22)
5 #define HAVE_NETDEV_STATS
7 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,24)
8 #define HAVE_NETDEV_HEADER_OPS
10 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,26)
11 #define HAVE_NETDEV_NEEDED_HEADROOM
15 * Linux NET3: GRE over IP protocol decoder.
17 * Authors: Alexey Kuznetsov (kuznet@ms2.inr.ac.ru)
19 * This program is free software; you can redistribute it and/or
20 * modify it under the terms of the GNU General Public License
21 * as published by the Free Software Foundation; either version
22 * 2 of the License, or (at your option) any later version.
26 #include <linux/capability.h>
27 #include <linux/ethtool.h>
28 #include <linux/module.h>
29 #include <linux/types.h>
30 #include <linux/kernel.h>
31 #include <asm/uaccess.h>
32 #include <linux/skbuff.h>
33 #include <linux/netdevice.h>
35 #include <linux/tcp.h>
36 #include <linux/udp.h>
37 #include <linux/if_arp.h>
38 #include <linux/mroute.h>
39 #include <linux/init.h>
40 #include <linux/in6.h>
41 #include <linux/inetdevice.h>
42 #include <linux/igmp.h>
43 #include <linux/netfilter_ipv4.h>
44 #include <linux/etherdevice.h>
45 #include <linux/if_ether.h>
50 #include <net/protocol.h>
53 #include <net/checksum.h>
54 #include <net/dsfield.h>
55 #include <net/inet_ecn.h>
57 #include <net/net_namespace.h>
58 #include <net/netns/generic.h>
62 #include <net/ip6_fib.h>
63 #include <net/ip6_route.h>
67 #include "openvswitch/gre.h"
69 #ifndef GRE_IOCTL_ONLY
70 #include <net/rtnetlink.h>
77 1. The most important issue is detecting local dead loops.
78 They would cause complete host lockup in transmit, which
79 would be "resolved" by stack overflow or, if queueing is enabled,
80 with infinite looping in net_bh.
82 We cannot track such dead loops during route installation,
83 it is infeasible task. The most general solutions would be
84 to keep skb->encapsulation counter (sort of local ttl),
85 and silently drop packet when it expires. It is the best
86 solution, but it supposes maintaing new variable in ALL
87 skb, even if no tunneling is used.
89 Current solution: HARD_TX_LOCK lock breaks dead loops.
93 2. Networking dead loops would not kill routers, but would really
94 kill network. IP hop limit plays role of "t->recursion" in this case,
95 if we copy it from packet being encapsulated to upper header.
96 It is very good solution, but it introduces two problems:
98 - Routing protocols, using packets with ttl=1 (OSPF, RIP2),
99 do not work over tunnels.
100 - traceroute does not work. I planned to relay ICMP from tunnel,
101 so that this problem would be solved and traceroute output
102 would even more informative. This idea appeared to be wrong:
103 only Linux complies to rfc1812 now (yes, guys, Linux is the only
104 true router now :-)), all routers (at least, in neighbourhood of mine)
105 return only 8 bytes of payload. It is the end.
107 Hence, if we want that OSPF worked or traceroute said something reasonable,
108 we should search for another solution.
110 One of them is to parse packet trying to detect inner encapsulation
111 made by our node. It is difficult or even impossible, especially,
112 taking into account fragmentation. TO be short, tt is not solution at all.
114 Current solution: The solution was UNEXPECTEDLY SIMPLE.
115 We force DF flag on tunnels with preconfigured hop limit,
116 that is ALL. :-) Well, it does not remove the problem completely,
117 but exponential growth of network traffic is changed to linear
118 (branches, that exceed pmtu are pruned) and tunnel mtu
119 fastly degrades to value <68, where looping stops.
120 Yes, it is not good if there exists a router in the loop,
121 which does not force DF, even when encapsulating packets have DF set.
122 But it is not our problem! Nobody could accuse us, we made
123 all that we could make. Even if it is your gated who injected
124 fatal route to network, even if it were you who configured
125 fatal static route: you are innocent. :-)
129 3. Really, ipv4/ipip.c, ipv4/ip_gre.c and ipv6/sit.c contain
130 practically identical code. It would be good to glue them
131 together, but it is not very evident, how to make them modular.
132 sit is integral part of IPv6, ipip and gre are naturally modular.
133 We could extract common parts (hash table, ioctl etc)
134 to a separate module (ip_tunnel.c).
139 #ifndef GRE_IOCTL_ONLY
140 static struct rtnl_link_ops ipgre_link_ops __read_mostly;
141 static struct rtnl_link_ops ipgre_tap_ops __read_mostly;
143 static int ipgre_tunnel_init(struct net_device *dev);
144 static void ipgre_tunnel_setup(struct net_device *dev);
145 static void ipgre_tap_setup(struct net_device *dev);
146 static int ipgre_tunnel_bind_dev(struct net_device *dev);
150 static int ipgre_net_id;
152 struct ip_tunnel *tunnels[4][HASH_SIZE];
154 struct net_device *fb_tunnel_dev;
157 /* Tunnel hash table */
167 We require exact key match i.e. if a key is present in packet
168 it will match only tunnel with the same key; if it is not present,
169 it will match only keyless tunnel.
171 All keysless packets, if not matched configured keyless tunnels
172 will match fallback tunnel.
175 #define HASH(addr) (((__force u32)addr^((__force u32)addr>>4))&0xF)
177 #define tunnels_r_l tunnels[3]
178 #define tunnels_r tunnels[2]
179 #define tunnels_l tunnels[1]
180 #define tunnels_wc tunnels[0]
182 static DEFINE_RWLOCK(ipgre_lock);
184 /* Given src, dst and key, find appropriate for input tunnel. */
186 static struct ip_tunnel * ipgre_tunnel_lookup(struct net_device *dev,
187 __be32 remote, __be32 local,
188 __be32 key, __be16 gre_proto)
190 struct net *net = dev_net(dev);
191 int link = dev->ifindex;
192 unsigned h0 = HASH(remote);
193 unsigned h1 = HASH(key);
194 struct ip_tunnel *t, *cand = NULL;
195 struct ipgre_net *ign = net_generic(net, ipgre_net_id);
196 int dev_type = (gre_proto == htons(ETH_P_TEB)) ?
197 ARPHRD_ETHER : ARPHRD_IPGRE;
198 int score, cand_score = 4;
200 for (t = ign->tunnels_r_l[h0^h1]; t; t = t->next) {
201 if (local != t->parms.iph.saddr ||
202 remote != t->parms.iph.daddr ||
203 key != t->parms.i_key ||
204 !(t->dev->flags & IFF_UP))
207 if (t->dev->type != ARPHRD_IPGRE &&
208 t->dev->type != dev_type)
212 if (t->parms.link != link)
214 if (t->dev->type != dev_type)
219 if (score < cand_score) {
225 for (t = ign->tunnels_r[h0^h1]; t; t = t->next) {
226 if (remote != t->parms.iph.daddr ||
227 key != t->parms.i_key ||
228 !(t->dev->flags & IFF_UP))
231 if (t->dev->type != ARPHRD_IPGRE &&
232 t->dev->type != dev_type)
236 if (t->parms.link != link)
238 if (t->dev->type != dev_type)
243 if (score < cand_score) {
249 for (t = ign->tunnels_l[h1]; t; t = t->next) {
250 if ((local != t->parms.iph.saddr &&
251 (local != t->parms.iph.daddr ||
252 !ipv4_is_multicast(local))) ||
253 key != t->parms.i_key ||
254 !(t->dev->flags & IFF_UP))
257 if (t->dev->type != ARPHRD_IPGRE &&
258 t->dev->type != dev_type)
262 if (t->parms.link != link)
264 if (t->dev->type != dev_type)
269 if (score < cand_score) {
275 for (t = ign->tunnels_wc[h1]; t; t = t->next) {
276 if (t->parms.i_key != key ||
277 !(t->dev->flags & IFF_UP))
280 if (t->dev->type != ARPHRD_IPGRE &&
281 t->dev->type != dev_type)
285 if (t->parms.link != link)
287 if (t->dev->type != dev_type)
292 if (score < cand_score) {
301 if (ign->fb_tunnel_dev->flags & IFF_UP)
302 return netdev_priv(ign->fb_tunnel_dev);
307 static struct ip_tunnel **__ipgre_bucket(struct ipgre_net *ign,
308 struct ip_tunnel_parm *parms)
310 __be32 remote = parms->iph.daddr;
311 __be32 local = parms->iph.saddr;
312 __be32 key = parms->i_key;
313 unsigned h = HASH(key);
318 if (remote && !ipv4_is_multicast(remote)) {
323 return &ign->tunnels[prio][h];
326 static inline struct ip_tunnel **ipgre_bucket(struct ipgre_net *ign,
329 return __ipgre_bucket(ign, &t->parms);
332 static void ipgre_tunnel_link(struct ipgre_net *ign, struct ip_tunnel *t)
334 struct ip_tunnel **tp = ipgre_bucket(ign, t);
337 write_lock_bh(&ipgre_lock);
339 write_unlock_bh(&ipgre_lock);
342 static void ipgre_tunnel_unlink(struct ipgre_net *ign, struct ip_tunnel *t)
344 struct ip_tunnel **tp;
346 for (tp = ipgre_bucket(ign, t); *tp; tp = &(*tp)->next) {
348 write_lock_bh(&ipgre_lock);
350 write_unlock_bh(&ipgre_lock);
356 static struct ip_tunnel *ipgre_tunnel_find(struct net *net,
357 struct ip_tunnel_parm *parms,
360 __be32 remote = parms->iph.daddr;
361 __be32 local = parms->iph.saddr;
362 __be32 key = parms->i_key;
363 int link = parms->link;
364 struct ip_tunnel *t, **tp;
365 struct ipgre_net *ign = net_generic(net, ipgre_net_id);
367 for (tp = __ipgre_bucket(ign, parms); (t = *tp) != NULL; tp = &t->next)
368 if (local == t->parms.iph.saddr &&
369 remote == t->parms.iph.daddr &&
370 key == t->parms.i_key &&
371 link == t->parms.link &&
372 type == t->dev->type)
378 static struct ip_tunnel * ipgre_tunnel_locate(struct net *net,
379 struct ip_tunnel_parm *parms, int gretap, int create)
381 struct ip_tunnel *t, *nt;
382 struct net_device *dev;
384 struct ipgre_net *ign = net_generic(net, ipgre_net_id);
386 t = ipgre_tunnel_find(net, parms, gretap ? ARPHRD_ETHER : ARPHRD_IPGRE);
391 strlcpy(name, parms->name, IFNAMSIZ);
393 sprintf(name, "gre%%d");
395 dev = alloc_netdev(sizeof(*t), name, gretap ? ipgre_tap_setup
396 : ipgre_tunnel_setup);
400 dev_net_set(dev, net);
402 if (strchr(name, '%')) {
403 if (dev_alloc_name(dev, name) < 0)
408 random_ether_addr(dev->dev_addr);
410 #ifndef GRE_IOCTL_ONLY
411 dev->rtnl_link_ops = gretap ? &ipgre_tap_ops : &ipgre_link_ops;
413 nt = netdev_priv(dev);
416 dev->mtu = ipgre_tunnel_bind_dev(dev);
418 if (register_netdevice(dev) < 0)
422 ipgre_tunnel_link(ign, nt);
430 static void ipgre_tunnel_uninit(struct net_device *dev)
432 struct net *net = dev_net(dev);
433 struct ipgre_net *ign = net_generic(net, ipgre_net_id);
435 ipgre_tunnel_unlink(ign, netdev_priv(dev));
440 static void ipgre_err(struct sk_buff *skb, u32 info)
443 /* All the routers (except for Linux) return only
444 8 bytes of packet payload. It means, that precise relaying of
445 ICMP in the real Internet is absolutely infeasible.
447 Moreover, Cisco "wise men" put GRE key to the third word
448 in GRE header. It makes impossible maintaining even soft state for keyed
449 GRE tunnels with enabled checksum. Tell them "thank you".
451 Well, I wonder, rfc1812 was written by Cisco employee,
452 what the hell these idiots break standrads established
456 struct iphdr *iph = (struct iphdr *)skb->data;
457 __be16 *p = (__be16*)(skb->data+(iph->ihl<<2));
458 int grehlen = (iph->ihl<<2) + 4;
459 const int type = icmp_hdr(skb)->type;
460 const int code = icmp_hdr(skb)->code;
465 if (flags&(GRE_CSUM|GRE_KEY|GRE_SEQ|GRE_ROUTING|GRE_VERSION)) {
466 if (flags&(GRE_VERSION|GRE_ROUTING))
475 /* If only 8 bytes returned, keyed message will be dropped here */
476 if (skb_headlen(skb) < grehlen)
481 case ICMP_PARAMETERPROB:
484 case ICMP_DEST_UNREACH:
487 case ICMP_PORT_UNREACH:
488 /* Impossible event. */
490 case ICMP_FRAG_NEEDED:
491 /* Soft state for pmtu is maintained by IP core. */
494 /* All others are translated to HOST_UNREACH.
495 rfc2003 contains "deep thoughts" about NET_UNREACH,
496 I believe they are just ether pollution. --ANK
501 case ICMP_TIME_EXCEEDED:
502 if (code != ICMP_EXC_TTL)
507 read_lock(&ipgre_lock);
508 t = ipgre_tunnel_lookup(skb->dev, iph->daddr, iph->saddr,
510 *(((__be32 *)p) + (grehlen / 4) - 1) : 0,
512 if (t == NULL || t->parms.iph.daddr == 0 ||
513 ipv4_is_multicast(t->parms.iph.daddr))
516 if (t->parms.iph.ttl == 0 && type == ICMP_TIME_EXCEEDED)
519 if (time_before(jiffies, t->err_time + IPTUNNEL_ERR_TIMEO))
523 t->err_time = jiffies;
525 read_unlock(&ipgre_lock);
529 static inline void ipgre_ecn_decapsulate(struct iphdr *iph, struct sk_buff *skb)
531 if (INET_ECN_is_ce(iph->tos)) {
532 if (skb->protocol == htons(ETH_P_IP)) {
533 IP_ECN_set_ce(ip_hdr(skb));
534 } else if (skb->protocol == htons(ETH_P_IPV6)) {
535 IP6_ECN_set_ce(ipv6_hdr(skb));
541 ipgre_ecn_encapsulate(u8 tos, struct iphdr *old_iph, struct sk_buff *skb)
544 if (skb->protocol == htons(ETH_P_IP))
545 inner = old_iph->tos;
546 else if (skb->protocol == htons(ETH_P_IPV6))
547 inner = ipv6_get_dsfield((struct ipv6hdr *)old_iph);
548 return INET_ECN_encapsulate(tos, inner);
551 static int ipgre_rcv(struct sk_buff *skb)
559 struct ip_tunnel *tunnel;
564 if (!pskb_may_pull(skb, 16))
571 if (flags&(GRE_CSUM|GRE_KEY|GRE_ROUTING|GRE_SEQ|GRE_VERSION)) {
572 /* - Version must be 0.
573 - We do not support routing headers.
575 if (flags&(GRE_VERSION|GRE_ROUTING))
578 if (flags&GRE_CSUM) {
579 switch (skb->ip_summed) {
580 case CHECKSUM_COMPLETE:
581 csum = csum_fold(skb->csum);
587 csum = __skb_checksum_complete(skb);
588 skb->ip_summed = CHECKSUM_COMPLETE;
593 key = *(__be32*)(h + offset);
597 seqno = ntohl(*(__be32*)(h + offset));
602 gre_proto = *(__be16 *)(h + 2);
604 read_lock(&ipgre_lock);
605 if ((tunnel = ipgre_tunnel_lookup(skb->dev,
606 iph->saddr, iph->daddr, key,
608 struct net_device_stats *stats;
609 #ifdef HAVE_NETDEV_STATS
610 stats = &tunnel->dev->stats;
612 stats = &tunnel->stat;
617 skb->protocol = gre_proto;
618 /* WCCP version 1 and 2 protocol decoding.
619 * - Change protocol to IP
620 * - When dealing with WCCPv2, Skip extra 4 bytes in GRE header
622 if (flags == 0 && gre_proto == htons(ETH_P_WCCP)) {
623 skb->protocol = htons(ETH_P_IP);
624 if ((*(h + offset) & 0xF0) != 0x40)
628 skb->mac_header = skb->network_header;
629 __pskb_pull(skb, offset);
630 skb_postpull_rcsum(skb, skb_transport_header(skb), offset);
631 skb->pkt_type = PACKET_HOST;
632 #ifdef CONFIG_NET_IPGRE_BROADCAST
633 if (ipv4_is_multicast(iph->daddr)) {
634 /* Looped back packet, drop it! */
635 if (skb_rtable(skb)->fl.iif == 0)
638 skb->pkt_type = PACKET_BROADCAST;
642 if (((flags&GRE_CSUM) && csum) ||
643 (!(flags&GRE_CSUM) && tunnel->parms.i_flags&GRE_CSUM)) {
644 stats->rx_crc_errors++;
648 if (tunnel->parms.i_flags&GRE_SEQ) {
649 if (!(flags&GRE_SEQ) ||
650 (tunnel->i_seqno && (s32)(seqno - tunnel->i_seqno) < 0)) {
651 stats->rx_fifo_errors++;
655 tunnel->i_seqno = seqno + 1;
660 /* Warning: All skb pointers will be invalidated! */
661 if (tunnel->dev->type == ARPHRD_ETHER) {
662 if (!pskb_may_pull(skb, ETH_HLEN)) {
663 stats->rx_length_errors++;
669 skb->protocol = eth_type_trans(skb, tunnel->dev);
670 skb_postpull_rcsum(skb, eth_hdr(skb), ETH_HLEN);
674 stats->rx_bytes += len;
675 skb->dev = tunnel->dev;
679 skb_reset_network_header(skb);
680 ipgre_ecn_decapsulate(iph, skb);
683 /* XXX: Temporary workaround to avoid a panic when doing
684 * bridging due to multiple meanings of CHECKSUM_HW. */
685 if (skb->ip_summed == CHECKSUM_HW)
686 skb->ip_summed = CHECKSUM_NONE;
690 read_unlock(&ipgre_lock);
693 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_PORT_UNREACH, 0);
696 read_unlock(&ipgre_lock);
702 static netdev_tx_t ipgre_tunnel_xmit(struct sk_buff *skb, struct net_device *dev)
704 struct ip_tunnel *tunnel = netdev_priv(dev);
705 struct net_device_stats *stats;
706 struct iphdr *old_iph = ip_hdr(skb);
710 struct rtable *rt; /* Route to the other host */
711 struct net_device *tdev; /* Device to other host */
712 struct iphdr *iph; /* Our new IP header */
713 unsigned int max_headroom; /* The extra header space needed */
718 #ifdef HAVE_NETDEV_STATS
719 stats = &tunnel->dev->stats;
721 stats = &tunnel->stat;
724 if (dev->type == ARPHRD_ETHER)
725 IPCB(skb)->flags = 0;
727 #ifdef HAVE_NETDEV_HEADER_OPS
728 if (dev->header_ops && dev->type == ARPHRD_IPGRE) {
730 if (dev->hard_header && dev->type == ARPHRD_IPGRE) {
733 tiph = (struct iphdr *)skb->data;
735 gre_hlen = tunnel->hlen;
736 tiph = &tunnel->parms.iph;
739 if ((dst = tiph->daddr) == 0) {
742 if (skb_dst(skb) == NULL) {
743 stats->tx_fifo_errors++;
747 if (skb->protocol == htons(ETH_P_IP)) {
748 rt = skb_rtable(skb);
749 if ((dst = rt->rt_gateway) == 0)
753 else if (skb->protocol == htons(ETH_P_IPV6)) {
754 struct in6_addr *addr6;
756 struct neighbour *neigh = skb_dst(skb)->neighbour;
761 addr6 = (struct in6_addr *)&neigh->primary_key;
762 addr_type = ipv6_addr_type(addr6);
764 if (addr_type == IPV6_ADDR_ANY) {
765 addr6 = &ipv6_hdr(skb)->daddr;
766 addr_type = ipv6_addr_type(addr6);
769 if ((addr_type & IPV6_ADDR_COMPATv4) == 0)
772 dst = addr6->s6_addr32[3];
782 if (skb->protocol == htons(ETH_P_IP))
787 struct flowi fl = { .oif = tunnel->parms.link,
790 .saddr = tiph->saddr,
791 .tos = RT_TOS(tos) } },
792 .proto = IPPROTO_GRE };
793 if (ip_route_output_key(dev_net(dev), &rt, &fl)) {
794 stats->tx_carrier_errors++;
798 tdev = rt->u.dst.dev;
808 #ifdef HAVE_NETDEV_NEEDED_HEADROOM
809 mtu = dst_mtu(&rt->u.dst) - dev->hard_header_len - tunnel->hlen;
811 mtu = dst_mtu(&rt->u.dst) - tunnel->hlen;
814 mtu = skb_dst(skb) ? dst_mtu(skb_dst(skb)) : dev->mtu;
817 skb_dst(skb)->ops->update_pmtu(skb_dst(skb), mtu);
819 /* XXX: Temporarily allow fragmentation since DF doesn't
820 * do the right thing with bridging. */
822 if (skb->protocol == htons(ETH_P_IP)) {
823 df |= (old_iph->frag_off&htons(IP_DF));
825 if ((old_iph->frag_off&htons(IP_DF)) &&
826 mtu < ntohs(old_iph->tot_len)) {
827 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED, htonl(mtu));
833 else if (skb->protocol == htons(ETH_P_IPV6)) {
834 struct rt6_info *rt6 = (struct rt6_info *)skb_dst(skb);
836 if (rt6 && mtu < dst_mtu(skb_dst(skb)) && mtu >= IPV6_MIN_MTU) {
837 if ((tunnel->parms.iph.daddr &&
838 !ipv4_is_multicast(tunnel->parms.iph.daddr)) ||
839 rt6->rt6i_dst.plen == 128) {
840 rt6->rt6i_flags |= RTF_MODIFIED;
841 skb_dst(skb)->metrics[RTAX_MTU-1] = mtu;
845 if (mtu >= IPV6_MIN_MTU && mtu < skb->len - tunnel->hlen + gre_hlen) {
846 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu, dev);
853 if (tunnel->err_count > 0) {
854 if (time_before(jiffies,
855 tunnel->err_time + IPTUNNEL_ERR_TIMEO)) {
858 dst_link_failure(skb);
860 tunnel->err_count = 0;
863 max_headroom = LL_RESERVED_SPACE(tdev) + gre_hlen;
865 if (skb_headroom(skb) < max_headroom || skb_shared(skb)||
866 (skb_cloned(skb) && !skb_clone_writable(skb, 0))) {
867 struct sk_buff *new_skb = skb_realloc_headroom(skb, max_headroom);
875 skb_set_owner_w(new_skb, skb->sk);
878 old_iph = ip_hdr(skb);
881 skb_reset_transport_header(skb);
882 skb_push(skb, gre_hlen);
883 skb_reset_network_header(skb);
884 memset(&(IPCB(skb)->opt), 0, sizeof(IPCB(skb)->opt));
885 IPCB(skb)->flags &= ~(IPSKB_XFRM_TUNNEL_SIZE | IPSKB_XFRM_TRANSFORMED |
888 skb_dst_set(skb, &rt->u.dst);
891 * Push down and install the IPIP header.
896 iph->ihl = sizeof(struct iphdr) >> 2;
898 iph->protocol = IPPROTO_GRE;
899 iph->tos = ipgre_ecn_encapsulate(tos, old_iph, skb);
900 iph->daddr = rt->rt_dst;
901 iph->saddr = rt->rt_src;
903 if ((iph->ttl = tiph->ttl) == 0) {
904 if (skb->protocol == htons(ETH_P_IP))
905 iph->ttl = old_iph->ttl;
907 else if (skb->protocol == htons(ETH_P_IPV6))
908 iph->ttl = ((struct ipv6hdr *)old_iph)->hop_limit;
911 iph->ttl = dst_metric(&rt->u.dst, RTAX_HOPLIMIT);
914 ((__be16 *)(iph + 1))[0] = tunnel->parms.o_flags;
915 ((__be16 *)(iph + 1))[1] = (dev->type == ARPHRD_ETHER) ?
916 htons(ETH_P_TEB) : skb->protocol;
918 if (tunnel->parms.o_flags&(GRE_KEY|GRE_CSUM|GRE_SEQ)) {
919 __be32 *ptr = (__be32*)(((u8*)iph) + tunnel->hlen - 4);
921 if (tunnel->parms.o_flags&GRE_SEQ) {
923 *ptr = htonl(tunnel->o_seqno);
926 if (tunnel->parms.o_flags&GRE_KEY) {
927 *ptr = tunnel->parms.o_key;
930 if (tunnel->parms.o_flags&GRE_CSUM) {
932 *(__sum16*)ptr = ip_compute_csum((void*)(iph+1), skb->len - sizeof(struct iphdr));
942 dst_link_failure(skb);
950 static int ipgre_tunnel_bind_dev(struct net_device *dev)
952 struct net_device *tdev = NULL;
953 struct ip_tunnel *tunnel;
955 int hlen = LL_MAX_HEADER;
956 int mtu = ETH_DATA_LEN;
957 int addend = sizeof(struct iphdr) + 4;
959 tunnel = netdev_priv(dev);
960 iph = &tunnel->parms.iph;
962 /* Guess output device to choose reasonable mtu and needed_headroom */
965 struct flowi fl = { .oif = tunnel->parms.link,
967 { .daddr = iph->daddr,
969 .tos = RT_TOS(iph->tos) } },
970 .proto = IPPROTO_GRE };
972 if (!ip_route_output_key(dev_net(dev), &rt, &fl)) {
973 tdev = rt->u.dst.dev;
977 if (dev->type != ARPHRD_ETHER)
978 dev->flags |= IFF_POINTOPOINT;
981 if (!tdev && tunnel->parms.link)
982 tdev = __dev_get_by_index(dev_net(dev), tunnel->parms.link);
985 #ifdef HAVE_NETDEV_NEEDED_HEADROOM
986 hlen = tdev->hard_header_len + tdev->needed_headroom;
988 hlen = tdev->hard_header_len;
992 dev->iflink = tunnel->parms.link;
994 /* Precalculate GRE options length */
995 if (tunnel->parms.o_flags&(GRE_CSUM|GRE_KEY|GRE_SEQ)) {
996 if (tunnel->parms.o_flags&GRE_CSUM)
998 if (tunnel->parms.o_flags&GRE_KEY)
1000 if (tunnel->parms.o_flags&GRE_SEQ)
1003 #ifdef HAVE_NETDEV_NEEDED_HEADROOM
1004 dev->needed_headroom = hlen + addend;
1005 mtu -= dev->hard_header_len + addend;
1007 dev->hard_header_len = hlen + addend;
1010 tunnel->hlen = addend;
1015 /* XXX: Set MTU to the maximum possible value. If we are bridged to a
1016 * device with a larger MTU then packets will be dropped. */
1023 ipgre_tunnel_ioctl (struct net_device *dev, struct ifreq *ifr, int cmd)
1026 struct ip_tunnel_parm p;
1027 struct ip_tunnel *t;
1028 struct net *net = dev_net(dev);
1029 struct ipgre_net *ign = net_generic(net, ipgre_net_id);
1030 int add_tunnel, gretap;
1035 if (dev == ign->fb_tunnel_dev) {
1036 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p))) {
1040 t = ipgre_tunnel_locate(net, &p, false, 0);
1043 t = netdev_priv(dev);
1044 memcpy(&p, &t->parms, sizeof(p));
1045 if (copy_to_user(ifr->ifr_ifru.ifru_data, &p, sizeof(p)))
1054 if (!capable(CAP_NET_ADMIN))
1058 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p)))
1062 if (p.iph.version != 4 || p.iph.protocol != IPPROTO_GRE ||
1063 p.iph.ihl != 5 || (p.iph.frag_off&htons(~IP_DF)) ||
1064 ((p.i_flags|p.o_flags)&(GRE_VERSION|GRE_ROUTING)))
1067 add_tunnel = (cmd == SIOCADDTUNNEL || cmd == SIOCADDGRETAP);
1068 gretap = (cmd == SIOCADDGRETAP || cmd == SIOCCHGGRETAP);
1071 p.iph.frag_off |= htons(IP_DF);
1073 if (!(p.i_flags&GRE_KEY))
1075 if (!(p.o_flags&GRE_KEY))
1078 t = ipgre_tunnel_locate(net, &p, gretap, add_tunnel);
1080 if (dev != ign->fb_tunnel_dev && !add_tunnel) {
1082 if (t->dev != dev) {
1087 unsigned nflags = 0;
1089 t = netdev_priv(dev);
1091 if (ipv4_is_multicast(p.iph.daddr))
1092 nflags = IFF_BROADCAST;
1093 else if (p.iph.daddr)
1094 nflags = IFF_POINTOPOINT;
1096 if ((dev->flags^nflags)&(IFF_POINTOPOINT|IFF_BROADCAST)) {
1100 ipgre_tunnel_unlink(ign, t);
1101 t->parms.iph.saddr = p.iph.saddr;
1102 t->parms.iph.daddr = p.iph.daddr;
1103 t->parms.i_key = p.i_key;
1104 t->parms.o_key = p.o_key;
1105 memcpy(dev->dev_addr, &p.iph.saddr, 4);
1106 memcpy(dev->broadcast, &p.iph.daddr, 4);
1107 ipgre_tunnel_link(ign, t);
1108 netdev_state_change(dev);
1115 t->parms.iph.ttl = p.iph.ttl;
1116 t->parms.iph.tos = p.iph.tos;
1117 t->parms.iph.frag_off = p.iph.frag_off;
1118 if (t->parms.link != p.link) {
1119 t->parms.link = p.link;
1120 dev->mtu = ipgre_tunnel_bind_dev(dev);
1121 netdev_state_change(dev);
1124 if (copy_to_user(ifr->ifr_ifru.ifru_data, &t->parms, sizeof(p)))
1127 err = (add_tunnel ? -ENOBUFS : -ENOENT);
1132 if (!capable(CAP_NET_ADMIN))
1135 if (dev == ign->fb_tunnel_dev) {
1137 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p)))
1140 if ((t = ipgre_tunnel_locate(net, &p, false, 0)) == NULL)
1143 if (t == netdev_priv(ign->fb_tunnel_dev))
1147 unregister_netdevice(dev);
1159 #ifndef HAVE_NETDEV_STATS
1160 static struct net_device_stats *ipgre_tunnel_get_stats(struct net_device *dev)
1162 return &(((struct ip_tunnel*)netdev_priv(dev))->stat);
1166 static int ipgre_tunnel_change_mtu(struct net_device *dev, int new_mtu)
1168 struct ip_tunnel *tunnel = netdev_priv(dev);
1170 #ifdef HAVE_NETDEV_NEEDED_HEADROOM
1171 new_mtu > 0xFFF8 - dev->hard_header_len - tunnel->hlen)
1173 new_mtu > 0xFFF8 - tunnel->hlen)
1180 /* Nice toy. Unfortunately, useless in real life :-)
1181 It allows to construct virtual multiprotocol broadcast "LAN"
1182 over the Internet, provided multicast routing is tuned.
1185 I have no idea was this bicycle invented before me,
1186 so that I had to set ARPHRD_IPGRE to a random value.
1187 I have an impression, that Cisco could make something similar,
1188 but this feature is apparently missing in IOS<=11.2(8).
1190 I set up 10.66.66/24 and fec0:6666:6666::0/96 as virtual networks
1191 with broadcast 224.66.66.66. If you have access to mbone, play with me :-)
1193 ping -t 255 224.66.66.66
1195 If nobody answers, mbone does not work.
1197 ip tunnel add Universe mode gre remote 224.66.66.66 local <Your_real_addr> ttl 255
1198 ip addr add 10.66.66.<somewhat>/24 dev Universe
1199 ifconfig Universe up
1200 ifconfig Universe add fe80::<Your_real_addr>/10
1201 ifconfig Universe add fec0:6666:6666::<Your_real_addr>/96
1204 ftp fec0:6666:6666::193.233.7.65
1209 #ifdef HAVE_NETDEV_HEADER_OPS
1210 static int ipgre_header(struct sk_buff *skb, struct net_device *dev,
1211 unsigned short type,
1212 const void *daddr, const void *saddr, unsigned len)
1214 static int ipgre_header(struct sk_buff *skb, struct net_device *dev, unsigned short type,
1215 void *daddr, void *saddr, unsigned len)
1218 struct ip_tunnel *t = netdev_priv(dev);
1219 struct iphdr *iph = (struct iphdr *)skb_push(skb, t->hlen);
1220 __be16 *p = (__be16*)(iph+1);
1222 memcpy(iph, &t->parms.iph, sizeof(struct iphdr));
1223 p[0] = t->parms.o_flags;
1227 * Set the source hardware address.
1231 memcpy(&iph->saddr, saddr, 4);
1234 memcpy(&iph->daddr, daddr, 4);
1237 if (iph->daddr && !ipv4_is_multicast(iph->daddr))
1243 #ifdef HAVE_NETDEV_HEADER_OPS
1244 static int ipgre_header_parse(const struct sk_buff *skb, unsigned char *haddr)
1246 static int ipgre_header_parse(struct sk_buff *skb, unsigned char *haddr)
1249 struct iphdr *iph = (struct iphdr *) skb_mac_header(skb);
1250 memcpy(haddr, &iph->saddr, 4);
1254 #ifdef HAVE_NETDEV_HEADER_OPS
1255 static const struct header_ops ipgre_header_ops = {
1256 .create = ipgre_header,
1257 .parse = ipgre_header_parse,
1261 #ifdef CONFIG_NET_IPGRE_BROADCAST
1262 static int ipgre_open(struct net_device *dev)
1264 struct ip_tunnel *t = netdev_priv(dev);
1266 if (ipv4_is_multicast(t->parms.iph.daddr)) {
1267 struct flowi fl = { .oif = t->parms.link,
1269 { .daddr = t->parms.iph.daddr,
1270 .saddr = t->parms.iph.saddr,
1271 .tos = RT_TOS(t->parms.iph.tos) } },
1272 .proto = IPPROTO_GRE };
1274 if (ip_route_output_key(dev_net(dev), &rt, &fl))
1275 return -EADDRNOTAVAIL;
1276 dev = rt->u.dst.dev;
1278 if (__in_dev_get_rtnl(dev) == NULL)
1279 return -EADDRNOTAVAIL;
1280 t->mlink = dev->ifindex;
1281 ip_mc_inc_group(__in_dev_get_rtnl(dev), t->parms.iph.daddr);
1286 static int ipgre_close(struct net_device *dev)
1288 struct ip_tunnel *t = netdev_priv(dev);
1290 if (ipv4_is_multicast(t->parms.iph.daddr) && t->mlink) {
1291 struct in_device *in_dev;
1292 in_dev = inetdev_by_index(dev_net(dev), t->mlink);
1294 ip_mc_dec_group(in_dev, t->parms.iph.daddr);
1303 static void ethtool_getinfo(struct net_device *dev,
1304 struct ethtool_drvinfo *info)
1306 strcpy(info->driver, "ip_gre");
1307 strcpy(info->version, "Open vSwitch "VERSION BUILDNR);
1308 strcpy(info->bus_info, dev->type == ARPHRD_ETHER ? "gretap" : "gre");
1311 static struct ethtool_ops ethtool_ops = {
1312 .get_drvinfo = ethtool_getinfo,
1315 #ifdef HAVE_NET_DEVICE_OPS
1316 static const struct net_device_ops ipgre_netdev_ops = {
1317 .ndo_init = ipgre_tunnel_init,
1318 .ndo_uninit = ipgre_tunnel_uninit,
1319 #ifdef CONFIG_NET_IPGRE_BROADCAST
1320 .ndo_open = ipgre_open,
1321 .ndo_stop = ipgre_close,
1323 .ndo_start_xmit = ipgre_tunnel_xmit,
1324 .ndo_do_ioctl = ipgre_tunnel_ioctl,
1325 .ndo_change_mtu = ipgre_tunnel_change_mtu,
1329 static void ipgre_tunnel_setup(struct net_device *dev)
1331 #ifdef HAVE_NET_DEVICE_OPS
1332 dev->netdev_ops = &ipgre_netdev_ops;
1334 dev->init = ipgre_tunnel_init;
1335 dev->uninit = ipgre_tunnel_uninit;
1336 dev->hard_start_xmit = ipgre_tunnel_xmit;
1337 #ifndef HAVE_NETDEV_STATS
1338 dev->get_stats = ipgre_tunnel_get_stats;
1340 dev->do_ioctl = ipgre_tunnel_ioctl;
1341 dev->change_mtu = ipgre_tunnel_change_mtu;
1342 #endif /* HAVE_NET_DEVICE_OPS */
1343 dev->destructor = free_netdev;
1345 dev->type = ARPHRD_IPGRE;
1346 #ifdef HAVE_NETDEV_NEEDED_HEADROOM
1347 dev->needed_headroom = LL_MAX_HEADER + sizeof(struct iphdr) + 4;
1349 dev->hard_header_len = LL_MAX_HEADER + sizeof(struct iphdr) + 4;
1351 dev->mtu = ETH_DATA_LEN - sizeof(struct iphdr) - 4;
1352 dev->flags = IFF_NOARP;
1355 dev->features |= NETIF_F_NETNS_LOCAL;
1356 dev->priv_flags &= ~IFF_XMIT_DST_RELEASE;
1358 SET_ETHTOOL_OPS(dev, ðtool_ops);
1361 static int ipgre_tunnel_init(struct net_device *dev)
1363 struct ip_tunnel *tunnel;
1366 tunnel = netdev_priv(dev);
1367 iph = &tunnel->parms.iph;
1370 strcpy(tunnel->parms.name, dev->name);
1372 memcpy(dev->dev_addr, &tunnel->parms.iph.saddr, 4);
1373 memcpy(dev->broadcast, &tunnel->parms.iph.daddr, 4);
1376 #ifdef CONFIG_NET_IPGRE_BROADCAST
1377 if (ipv4_is_multicast(iph->daddr)) {
1380 dev->flags = IFF_BROADCAST;
1381 #ifdef HAVE_NETDEV_HEADER_OPS
1382 dev->header_ops = &ipgre_header_ops;
1384 dev->hard_header = ipgre_header;
1385 dev->hard_header_parse = ipgre_header_parse;
1387 #ifndef HAVE_NET_DEVICE_OPS
1388 dev->open = ipgre_open;
1389 dev->stop = ipgre_close;
1394 #ifdef HAVE_NETDEV_HEADER_OPS
1395 dev->header_ops = &ipgre_header_ops;
1397 dev->hard_header = ipgre_header;
1398 dev->hard_header_parse = ipgre_header_parse;
1405 #ifdef HAVE_NET_DEVICE_OPS
1406 static void ipgre_fb_tunnel_init(struct net_device *dev)
1408 static int ipgre_fb_tunnel_init(struct net_device *dev)
1411 struct ip_tunnel *tunnel = netdev_priv(dev);
1412 struct iphdr *iph = &tunnel->parms.iph;
1413 struct ipgre_net *ign = net_generic(dev_net(dev), ipgre_net_id);
1416 strcpy(tunnel->parms.name, dev->name);
1419 iph->protocol = IPPROTO_GRE;
1421 tunnel->hlen = sizeof(struct iphdr) + 4;
1424 ign->tunnels_wc[0] = tunnel;
1426 #ifndef HAVE_NET_DEVICE_OPS
1431 #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,32)
1432 static struct net_protocol ipgre_protocol = {
1434 static const struct net_protocol ipgre_protocol = {
1436 .handler = ipgre_rcv,
1437 .err_handler = ipgre_err,
1438 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,26)
1443 static void ipgre_destroy_tunnels(struct ipgre_net *ign)
1447 for (prio = 0; prio < 4; prio++) {
1449 for (h = 0; h < HASH_SIZE; h++) {
1450 struct ip_tunnel *t;
1451 while ((t = ign->tunnels[prio][h]) != NULL)
1452 unregister_netdevice(t->dev);
1457 static int ipgre_init_net(struct net *net)
1460 struct ipgre_net *ign;
1463 ign = kzalloc(sizeof(struct ipgre_net), GFP_KERNEL);
1467 err = net_assign_generic(net, ipgre_net_id, ign);
1471 ign->fb_tunnel_dev = alloc_netdev(sizeof(struct ip_tunnel), GRE_IOCTL_DEVICE,
1472 ipgre_tunnel_setup);
1473 if (!ign->fb_tunnel_dev) {
1477 dev_net_set(ign->fb_tunnel_dev, net);
1479 #ifdef HAVE_NET_DEVICE_OPS
1480 ipgre_fb_tunnel_init(ign->fb_tunnel_dev);
1482 ign->fb_tunnel_dev->init = ipgre_fb_tunnel_init;
1484 #ifndef GRE_IOCTL_ONLY
1485 ign->fb_tunnel_dev->rtnl_link_ops = &ipgre_link_ops;
1488 if ((err = register_netdev(ign->fb_tunnel_dev)))
1494 free_netdev(ign->fb_tunnel_dev);
1503 static void ipgre_exit_net(struct net *net)
1505 struct ipgre_net *ign;
1507 ign = net_generic(net, ipgre_net_id);
1509 ipgre_destroy_tunnels(ign);
1514 static struct pernet_operations ipgre_net_ops = {
1515 .init = ipgre_init_net,
1516 .exit = ipgre_exit_net,
1519 static int ipgre_tap_init(struct net_device *dev)
1521 struct ip_tunnel *tunnel;
1523 tunnel = netdev_priv(dev);
1526 strcpy(tunnel->parms.name, dev->name);
1528 ipgre_tunnel_bind_dev(dev);
1533 #ifdef HAVE_NET_DEVICE_OPS
1534 static const struct net_device_ops ipgre_tap_netdev_ops = {
1535 .ndo_init = ipgre_tap_init,
1536 .ndo_uninit = ipgre_tunnel_uninit,
1537 .ndo_start_xmit = ipgre_tunnel_xmit,
1538 .ndo_set_mac_address = eth_mac_addr,
1539 .ndo_validate_addr = eth_validate_addr,
1540 .ndo_do_ioctl = ipgre_tunnel_ioctl,
1541 .ndo_change_mtu = ipgre_tunnel_change_mtu,
1545 static void ipgre_tap_setup(struct net_device *dev)
1549 #ifdef HAVE_NET_DEVICE_OPS
1550 dev->netdev_ops = &ipgre_tap_netdev_ops;
1552 dev->init = ipgre_tap_init;
1553 dev->uninit = ipgre_tunnel_uninit;
1554 dev->hard_start_xmit = ipgre_tunnel_xmit;
1555 #ifndef HAVE_NETDEV_STATS
1556 dev->get_stats = ipgre_tunnel_get_stats;
1558 dev->do_ioctl = ipgre_tunnel_ioctl;
1559 dev->change_mtu = ipgre_tunnel_change_mtu;
1560 #endif /* HAVE_NET_DEVICE_OPS */
1561 dev->destructor = free_netdev;
1564 dev->features |= NETIF_F_NETNS_LOCAL;
1566 SET_ETHTOOL_OPS(dev, ðtool_ops);
1569 #ifndef GRE_IOCTL_ONLY
1570 static int ipgre_tunnel_validate(struct nlattr *tb[], struct nlattr *data[])
1578 if (data[IFLA_GRE_IFLAGS])
1579 flags |= nla_get_be16(data[IFLA_GRE_IFLAGS]);
1580 if (data[IFLA_GRE_OFLAGS])
1581 flags |= nla_get_be16(data[IFLA_GRE_OFLAGS]);
1582 if (flags & (GRE_VERSION|GRE_ROUTING))
1588 static int ipgre_tap_validate(struct nlattr *tb[], struct nlattr *data[])
1592 if (tb[IFLA_ADDRESS]) {
1593 if (nla_len(tb[IFLA_ADDRESS]) != ETH_ALEN)
1595 if (!is_valid_ether_addr(nla_data(tb[IFLA_ADDRESS])))
1596 return -EADDRNOTAVAIL;
1602 if (data[IFLA_GRE_REMOTE]) {
1603 memcpy(&daddr, nla_data(data[IFLA_GRE_REMOTE]), 4);
1609 return ipgre_tunnel_validate(tb, data);
1612 static void ipgre_netlink_parms(struct nlattr *data[],
1613 struct ip_tunnel_parm *parms)
1615 memset(parms, 0, sizeof(*parms));
1617 parms->iph.protocol = IPPROTO_GRE;
1622 if (data[IFLA_GRE_LINK])
1623 parms->link = nla_get_u32(data[IFLA_GRE_LINK]);
1625 if (data[IFLA_GRE_IFLAGS])
1626 parms->i_flags = nla_get_be16(data[IFLA_GRE_IFLAGS]);
1628 if (data[IFLA_GRE_OFLAGS])
1629 parms->o_flags = nla_get_be16(data[IFLA_GRE_OFLAGS]);
1631 if (data[IFLA_GRE_IKEY])
1632 parms->i_key = nla_get_be32(data[IFLA_GRE_IKEY]);
1634 if (data[IFLA_GRE_OKEY])
1635 parms->o_key = nla_get_be32(data[IFLA_GRE_OKEY]);
1637 if (data[IFLA_GRE_LOCAL])
1638 parms->iph.saddr = nla_get_be32(data[IFLA_GRE_LOCAL]);
1640 if (data[IFLA_GRE_REMOTE])
1641 parms->iph.daddr = nla_get_be32(data[IFLA_GRE_REMOTE]);
1643 if (data[IFLA_GRE_TTL])
1644 parms->iph.ttl = nla_get_u8(data[IFLA_GRE_TTL]);
1646 if (data[IFLA_GRE_TOS])
1647 parms->iph.tos = nla_get_u8(data[IFLA_GRE_TOS]);
1649 if (!data[IFLA_GRE_PMTUDISC] || nla_get_u8(data[IFLA_GRE_PMTUDISC]))
1650 parms->iph.frag_off = htons(IP_DF);
1653 static int ipgre_newlink(struct net_device *dev, struct nlattr *tb[],
1654 struct nlattr *data[])
1656 struct ip_tunnel *nt;
1657 struct net *net = dev_net(dev);
1658 struct ipgre_net *ign = net_generic(net, ipgre_net_id);
1662 nt = netdev_priv(dev);
1663 ipgre_netlink_parms(data, &nt->parms);
1665 if (ipgre_tunnel_find(net, &nt->parms, dev->type))
1668 if (dev->type == ARPHRD_ETHER && !tb[IFLA_ADDRESS])
1669 random_ether_addr(dev->dev_addr);
1671 mtu = ipgre_tunnel_bind_dev(dev);
1675 err = register_netdevice(dev);
1680 ipgre_tunnel_link(ign, nt);
1686 static int ipgre_changelink(struct net_device *dev, struct nlattr *tb[],
1687 struct nlattr *data[])
1689 struct ip_tunnel *t, *nt;
1690 struct net *net = dev_net(dev);
1691 struct ipgre_net *ign = net_generic(net, ipgre_net_id);
1692 struct ip_tunnel_parm p;
1695 if (dev == ign->fb_tunnel_dev)
1698 nt = netdev_priv(dev);
1699 ipgre_netlink_parms(data, &p);
1701 t = ipgre_tunnel_locate(net, &p, false, 0);
1709 if (dev->type != ARPHRD_ETHER) {
1710 unsigned nflags = 0;
1712 if (ipv4_is_multicast(p.iph.daddr))
1713 nflags = IFF_BROADCAST;
1714 else if (p.iph.daddr)
1715 nflags = IFF_POINTOPOINT;
1717 if ((dev->flags ^ nflags) &
1718 (IFF_POINTOPOINT | IFF_BROADCAST))
1722 ipgre_tunnel_unlink(ign, t);
1723 t->parms.iph.saddr = p.iph.saddr;
1724 t->parms.iph.daddr = p.iph.daddr;
1725 t->parms.i_key = p.i_key;
1726 if (dev->type != ARPHRD_ETHER) {
1727 memcpy(dev->dev_addr, &p.iph.saddr, 4);
1728 memcpy(dev->broadcast, &p.iph.daddr, 4);
1730 ipgre_tunnel_link(ign, t);
1731 netdev_state_change(dev);
1734 t->parms.o_key = p.o_key;
1735 t->parms.iph.ttl = p.iph.ttl;
1736 t->parms.iph.tos = p.iph.tos;
1737 t->parms.iph.frag_off = p.iph.frag_off;
1739 if (t->parms.link != p.link) {
1740 t->parms.link = p.link;
1741 mtu = ipgre_tunnel_bind_dev(dev);
1744 netdev_state_change(dev);
1750 static size_t ipgre_get_size(const struct net_device *dev)
1755 /* IFLA_GRE_IFLAGS */
1757 /* IFLA_GRE_OFLAGS */
1763 /* IFLA_GRE_LOCAL */
1765 /* IFLA_GRE_REMOTE */
1771 /* IFLA_GRE_PMTUDISC */
1776 static int ipgre_fill_info(struct sk_buff *skb, const struct net_device *dev)
1778 struct ip_tunnel *t = netdev_priv(dev);
1779 struct ip_tunnel_parm *p = &t->parms;
1781 NLA_PUT_U32(skb, IFLA_GRE_LINK, p->link);
1782 NLA_PUT_BE16(skb, IFLA_GRE_IFLAGS, p->i_flags);
1783 NLA_PUT_BE16(skb, IFLA_GRE_OFLAGS, p->o_flags);
1784 NLA_PUT_BE32(skb, IFLA_GRE_IKEY, p->i_key);
1785 NLA_PUT_BE32(skb, IFLA_GRE_OKEY, p->o_key);
1786 NLA_PUT_BE32(skb, IFLA_GRE_LOCAL, p->iph.saddr);
1787 NLA_PUT_BE32(skb, IFLA_GRE_REMOTE, p->iph.daddr);
1788 NLA_PUT_U8(skb, IFLA_GRE_TTL, p->iph.ttl);
1789 NLA_PUT_U8(skb, IFLA_GRE_TOS, p->iph.tos);
1790 NLA_PUT_U8(skb, IFLA_GRE_PMTUDISC, !!(p->iph.frag_off & htons(IP_DF)));
1798 static const struct nla_policy ipgre_policy[IFLA_GRE_MAX + 1] = {
1799 [IFLA_GRE_LINK] = { .type = NLA_U32 },
1800 [IFLA_GRE_IFLAGS] = { .type = NLA_U16 },
1801 [IFLA_GRE_OFLAGS] = { .type = NLA_U16 },
1802 [IFLA_GRE_IKEY] = { .type = NLA_U32 },
1803 [IFLA_GRE_OKEY] = { .type = NLA_U32 },
1804 [IFLA_GRE_LOCAL] = { .len = FIELD_SIZEOF(struct iphdr, saddr) },
1805 [IFLA_GRE_REMOTE] = { .len = FIELD_SIZEOF(struct iphdr, daddr) },
1806 [IFLA_GRE_TTL] = { .type = NLA_U8 },
1807 [IFLA_GRE_TOS] = { .type = NLA_U8 },
1808 [IFLA_GRE_PMTUDISC] = { .type = NLA_U8 },
1811 static struct rtnl_link_ops ipgre_link_ops __read_mostly = {
1813 .maxtype = IFLA_GRE_MAX,
1814 .policy = ipgre_policy,
1815 .priv_size = sizeof(struct ip_tunnel),
1816 .setup = ipgre_tunnel_setup,
1817 .validate = ipgre_tunnel_validate,
1818 .newlink = ipgre_newlink,
1819 .changelink = ipgre_changelink,
1820 .get_size = ipgre_get_size,
1821 .fill_info = ipgre_fill_info,
1824 static struct rtnl_link_ops ipgre_tap_ops __read_mostly = {
1826 .maxtype = IFLA_GRE_MAX,
1827 .policy = ipgre_policy,
1828 .priv_size = sizeof(struct ip_tunnel),
1829 .setup = ipgre_tap_setup,
1830 .validate = ipgre_tap_validate,
1831 .newlink = ipgre_newlink,
1832 .changelink = ipgre_changelink,
1833 .get_size = ipgre_get_size,
1834 .fill_info = ipgre_fill_info,
1839 * And now the modules code and kernel interface.
1842 static int __init ipgre_init(void)
1846 printk(KERN_INFO "GRE over IPv4 tunneling driver\n");
1848 if (inet_add_protocol(&ipgre_protocol, IPPROTO_GRE) < 0) {
1849 printk(KERN_INFO "ipgre init: can't add protocol\n");
1853 err = register_pernet_gen_device(&ipgre_net_id, &ipgre_net_ops);
1855 goto gen_device_failed;
1857 #ifndef GRE_IOCTL_ONLY
1858 err = rtnl_link_register(&ipgre_link_ops);
1860 goto rtnl_link_failed;
1862 err = rtnl_link_register(&ipgre_tap_ops);
1864 goto tap_ops_failed;
1870 #ifndef GRE_IOCTL_ONLY
1872 rtnl_link_unregister(&ipgre_link_ops);
1874 unregister_pernet_gen_device(ipgre_net_id, &ipgre_net_ops);
1877 inet_del_protocol(&ipgre_protocol, IPPROTO_GRE);
1882 static void __exit ipgre_fini(void)
1884 #ifndef GRE_IOCTL_ONLY
1885 rtnl_link_unregister(&ipgre_tap_ops);
1886 rtnl_link_unregister(&ipgre_link_ops);
1888 unregister_pernet_gen_device(ipgre_net_id, &ipgre_net_ops);
1889 if (inet_del_protocol(&ipgre_protocol, IPPROTO_GRE) < 0)
1890 printk(KERN_INFO "ipgre close: can't remove protocol\n");
1893 module_init(ipgre_init);
1894 module_exit(ipgre_fini);
1895 MODULE_DESCRIPTION("GRE over IPv4 tunneling driver");
1896 MODULE_LICENSE("GPL");
1897 #ifndef GRE_IOCTL_ONLY
1898 MODULE_ALIAS_RTNL_LINK("gre");
1899 MODULE_ALIAS_RTNL_LINK("gretap");