From 6f643e4946016399f0b217c2226284e3892b6267 Mon Sep 17 00:00:00 2001 From: Jesse Gross Date: Thu, 8 Apr 2010 10:22:35 -0400 Subject: [PATCH] tunneling: Remove old GRE implementation. The new GRE implementation provides a complete drop in replacement for the old Linux based implementation. Therefore, remove the old implementation and rename "grenew" to "gre". --- acinclude.m4 | 11 - datapath/linux-2.6/Makefile.main.in | 1 - datapath/linux-2.6/Modules.mk | 29 +- datapath/linux-2.6/compat-2.6/dev-ip_gre.c | 63 - .../linux-2.6/compat-2.6/include/net/ipip.h | 85 - .../compat-2.6/include/net/net_namespace.h | 29 - .../compat-2.6/include/net/netns/generic.h | 19 - datapath/linux-2.6/compat-2.6/ip_gre.c | 2356 ----------------- .../compat-2.6/net_namespace-ip_gre.c | 117 - debian/openvswitch-switch.init | 3 - include/openvswitch/gre.h | 37 - lib/netdev-gre.c | 10 +- lib/netdev-linux.c | 539 +--- lib/netdev-provider.h | 1 - lib/netdev.c | 1 - xenserver/etc_init.d_openvswitch | 6 - xenserver/openvswitch-xen.spec | 3 - 17 files changed, 15 insertions(+), 3295 deletions(-) delete mode 100644 datapath/linux-2.6/compat-2.6/dev-ip_gre.c delete mode 100644 datapath/linux-2.6/compat-2.6/include/net/ipip.h delete mode 100644 datapath/linux-2.6/compat-2.6/include/net/net_namespace.h delete mode 100644 datapath/linux-2.6/compat-2.6/include/net/netns/generic.h delete mode 100644 datapath/linux-2.6/compat-2.6/ip_gre.c delete mode 100644 datapath/linux-2.6/compat-2.6/net_namespace-ip_gre.c diff --git a/acinclude.m4 b/acinclude.m4 index 81e99488..23097b2e 100644 --- a/acinclude.m4 +++ b/acinclude.m4 @@ -123,16 +123,6 @@ AC_DEFUN([OVS_CHECK_VETH], [ fi ]) -AC_DEFUN([OVS_CHECK_GRE], [ - AC_MSG_CHECKING([whether to build gre module]) - if test "$sublevel" -ge 18; then - AC_MSG_RESULT([yes]) - AC_SUBST([BUILD_GRE], 1) - else - AC_MSG_RESULT([no]) - fi -]) - AC_DEFUN([OVS_CHECK_LOG2_H], [ AC_MSG_CHECKING([for $KSRC26/include/linux/log2.h]) if test -e $KSRC26/include/linux/log2.h; then @@ -181,7 +171,6 @@ AC_DEFUN([OVS_CHECK_LINUX26_COMPAT], [ [OVS_DEFINE([HAVE_PROTO_DATA_VALID])]) OVS_CHECK_LOG2_H OVS_CHECK_VETH - OVS_CHECK_GRE if cmp -s datapath/linux-2.6/kcompat.h.new \ datapath/linux-2.6/kcompat.h >/dev/null 2>&1; then rm datapath/linux-2.6/kcompat.h.new diff --git a/datapath/linux-2.6/Makefile.main.in b/datapath/linux-2.6/Makefile.main.in index cb2a0429..4b875502 100644 --- a/datapath/linux-2.6/Makefile.main.in +++ b/datapath/linux-2.6/Makefile.main.in @@ -5,7 +5,6 @@ export top_srcdir = @abs_top_srcdir@ export KSRC = @KBUILD26@ export VERSION = @VERSION@ export BUILD_VETH = @BUILD_VETH@ -export BUILD_GRE = @BUILD_GRE@ include $(srcdir)/../Modules.mk include $(srcdir)/Modules.mk diff --git a/datapath/linux-2.6/Modules.mk b/datapath/linux-2.6/Modules.mk index 4bd8f217..1e22a088 100644 --- a/datapath/linux-2.6/Modules.mk +++ b/datapath/linux-2.6/Modules.mk @@ -12,9 +12,11 @@ openvswitch_headers += \ linux-2.6/compat-2.6/include/linux/dmi.h \ linux-2.6/compat-2.6/include/linux/err.h \ linux-2.6/compat-2.6/include/linux/icmp.h \ + linux-2.6/compat-2.6/include/linux/if.h \ linux-2.6/compat-2.6/include/linux/if_arp.h \ linux-2.6/compat-2.6/include/linux/if_ether.h \ linux-2.6/compat-2.6/include/linux/in.h \ + linux-2.6/compat-2.6/include/linux/inetdevice.h \ linux-2.6/compat-2.6/include/linux/ip.h \ linux-2.6/compat-2.6/include/linux/ipv6.h \ linux-2.6/compat-2.6/include/linux/jiffies.h \ @@ -56,30 +58,3 @@ dist_modules += veth build_modules += $(if $(BUILD_VETH),veth) veth_sources = linux-2.6/compat-2.6/veth.c veth_headers = - -dist_modules += ip_gre -build_modules += $(if $(BUILD_GRE),ip_gre) -ip_gre_sources = \ - linux-2.6/compat-2.6/addrconf_core-openvswitch.c \ - linux-2.6/compat-2.6/dev-ip_gre.c \ - linux-2.6/compat-2.6/ip_gre.c \ - linux-2.6/compat-2.6/ip_output-openvswitch.c \ - linux-2.6/compat-2.6/net_namespace-ip_gre.c -ip_gre_headers = \ - linux-2.6/compat-2.6/compat26.h \ - linux-2.6/compat-2.6/include/linux/if.h \ - linux-2.6/compat-2.6/include/linux/in.h \ - linux-2.6/compat-2.6/include/linux/inetdevice.h \ - linux-2.6/compat-2.6/include/linux/if_ether.h \ - linux-2.6/compat-2.6/include/linux/ip.h \ - linux-2.6/compat-2.6/include/linux/ipv6.h \ - linux-2.6/compat-2.6/include/linux/netdevice.h \ - linux-2.6/compat-2.6/include/linux/skbuff.h \ - linux-2.6/compat-2.6/include/linux/tcp.h \ - linux-2.6/compat-2.6/include/linux/types.h \ - linux-2.6/compat-2.6/include/net/dst.h \ - linux-2.6/compat-2.6/include/net/ip.h \ - linux-2.6/compat-2.6/include/net/ipip.h \ - linux-2.6/compat-2.6/include/net/netns/generic.h \ - linux-2.6/compat-2.6/include/net/net_namespace.h \ - linux-2.6/compat-2.6/include/net/route.h diff --git a/datapath/linux-2.6/compat-2.6/dev-ip_gre.c b/datapath/linux-2.6/compat-2.6/dev-ip_gre.c deleted file mode 100644 index 04d830e7..00000000 --- a/datapath/linux-2.6/compat-2.6/dev-ip_gre.c +++ /dev/null @@ -1,63 +0,0 @@ -#include -#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,33) - -#include -#include - -struct netdev_list { - struct list_head unreg_list; - struct net_device *dev; -}; - -/** - * unregister_netdevice_queue - remove device from the kernel - * @dev: device - * @head: list - - * This function shuts down a device interface and removes it - * from the kernel tables. - * If head not NULL, device is queued to be unregistered later. - * - * Callers must hold the rtnl semaphore. You may want - * unregister_netdev() instead of this. - */ - -void unregister_netdevice_queue(struct net_device *dev, struct list_head *head) -{ - ASSERT_RTNL(); - - if (head) { - struct netdev_list *list_item = kmalloc(sizeof *list_item, - GFP_KERNEL); - /* If we can't queue it, probably better to try to destroy it - * now. Either could potentially be bad but this is probably - * less likely to cause problems. */ - if (!list_item) { - unregister_netdevice(dev); - return; - } - - list_item->dev = dev; - list_add_tail(&list_item->unreg_list, head); - } else - unregister_netdevice(dev); -} - -/** - * unregister_netdevice_many - unregister many devices - * @head: list of devices - * - */ -void unregister_netdevice_many(struct list_head *head) -{ - if (!list_empty(head)) { - struct netdev_list *list_item, *next; - - list_for_each_entry_safe(list_item, next, head, unreg_list) { - unregister_netdevice(list_item->dev); - kfree(list_item); - } - } -} - -#endif /* kernel < 2.6.33 */ diff --git a/datapath/linux-2.6/compat-2.6/include/net/ipip.h b/datapath/linux-2.6/compat-2.6/include/net/ipip.h deleted file mode 100644 index 7fa0b282..00000000 --- a/datapath/linux-2.6/compat-2.6/include/net/ipip.h +++ /dev/null @@ -1,85 +0,0 @@ -#ifndef __NET_IPIP_WRAPPER_H -#define __NET_IPIP_WRAPPER_H 1 - -#include - -#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,31) -#define HAVE_NETDEV_QUEUE_STATS -#endif - -#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,32) - -#include -#include - -/* Keep error state on tunnel for 30 sec */ -#define IPTUNNEL_ERR_TIMEO (30*HZ) - -struct ip_tunnel -{ - struct ip_tunnel *next; - struct net_device *dev; -#ifndef HAVE_NETDEV_STATS - struct net_device_stats stat; -#endif - - int err_count; /* Number of arrived ICMP errors */ - unsigned long err_time; /* Time when the last ICMP error arrived */ - - /* These four fields used only by GRE */ - __u32 i_seqno; /* The last seen seqno */ - __u32 o_seqno; /* The last output seqno */ - int hlen; /* Precalculated GRE header length */ - int mlink; - - struct ip_tunnel_parm parms; - - struct ip_tunnel_prl_entry *prl; /* potential router list */ - unsigned int prl_count; /* # of entries in PRL */ -}; - -/* ISATAP: default interval between RS in secondy */ -#define IPTUNNEL_RS_DEFAULT_DELAY (900) - -struct ip_tunnel_prl_entry -{ - struct ip_tunnel_prl_entry *next; - __be32 addr; - u16 flags; - unsigned long rs_delay; - struct timer_list rs_timer; - struct ip_tunnel *tunnel; - spinlock_t lock; -}; - -#ifdef HAVE_NETDEV_QUEUE_STATS -#define UPDATE_TX_STATS() \ - txq->tx_bytes += pkt_len; \ - txq->tx_packets++; -#else -#define UPDATE_TX_STATS() \ - stats->tx_bytes += pkt_len; \ - stats->tx_packets++; -#endif - -#define IPTUNNEL_XMIT() do { \ - int err; \ - int pkt_len = skb->len - skb_transport_offset(skb); \ - \ - skb->ip_summed = CHECKSUM_NONE; \ - ip_select_ident(iph, &rt->u.dst, NULL); \ - \ - err = ip_local_out(skb); \ - if (likely(net_xmit_eval(err) == 0)) { \ - UPDATE_TX_STATS(); \ - } else { \ - stats->tx_errors++; \ - stats->tx_aborted_errors++; \ - } \ -} while (0) - -#else -#include_next -#endif /* kernel < 2.6.32 */ - -#endif /* net/ipip.h wrapper */ diff --git a/datapath/linux-2.6/compat-2.6/include/net/net_namespace.h b/datapath/linux-2.6/compat-2.6/include/net/net_namespace.h deleted file mode 100644 index 92a4e021..00000000 --- a/datapath/linux-2.6/compat-2.6/include/net/net_namespace.h +++ /dev/null @@ -1,29 +0,0 @@ -#ifndef __NET_NAMESPACE_WRAPPER_H -#define __NET_NAMESPACE_WRAPPER_H 1 - -#include -#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,24) -#include_next -#endif - -#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,33) -struct net; - -struct extended_pernet_operations { - struct list_head list; - int (*init)(struct net *net); - void (*exit)(struct net *net); - int *id; - size_t size; -}; -#define pernet_operations extended_pernet_operations - -#define register_pernet_device rpl_register_pernet_device -int rpl_register_pernet_device(struct extended_pernet_operations *ops); - -#define unregister_pernet_device rpl_unregister_pernet_device -void rpl_unregister_pernet_device(struct extended_pernet_operations *ops); - -#endif /* linux kernel < 2.6.33 */ - -#endif diff --git a/datapath/linux-2.6/compat-2.6/include/net/netns/generic.h b/datapath/linux-2.6/compat-2.6/include/net/netns/generic.h deleted file mode 100644 index 7aedf31f..00000000 --- a/datapath/linux-2.6/compat-2.6/include/net/netns/generic.h +++ /dev/null @@ -1,19 +0,0 @@ -#ifndef __NET_NETNS_GENERIC_WRAPPER_H -#define __NET_NETNS_GENERIC_WRAPPER_H 1 - -#include -#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,26) -#include_next -#endif - -#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,33) - -#define net_assign_generic rpl_net_assign_generic -int rpl_net_assign_generic(struct net *net, int id, void *data); - -#define net_generic rpl_net_generic -void *rpl_net_generic(struct net *net, int id); - -#endif /* linux kernel < 2.6.33 */ - -#endif diff --git a/datapath/linux-2.6/compat-2.6/ip_gre.c b/datapath/linux-2.6/compat-2.6/ip_gre.c deleted file mode 100644 index da54b44b..00000000 --- a/datapath/linux-2.6/compat-2.6/ip_gre.c +++ /dev/null @@ -1,2356 +0,0 @@ -/* ip_gre driver port to Linux 2.6.18 and greater plus enhancements */ - -#include -#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22) -#define HAVE_NETDEV_STATS -#endif -#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,24) -#define HAVE_NETDEV_HEADER_OPS -#endif -#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,26) -#define HAVE_NETDEV_NEEDED_HEADROOM -#endif - -/* - * Linux NET3: GRE over IP protocol decoder. - * - * Authors: Alexey Kuznetsov (kuznet@ms2.inr.ac.ru) - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License - * as published by the Free Software Foundation; either version - * 2 of the License, or (at your option) any later version. - * - */ - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#ifdef CONFIG_IPV6 -#include -#include -#endif - -#include "compat.h" -#include "openvswitch/gre.h" - -#ifndef GRE_IOCTL_ONLY -#include -#endif - -/* - Problems & solutions - -------------------- - - 1. The most important issue is detecting local dead loops. - They would cause complete host lockup in transmit, which - would be "resolved" by stack overflow or, if queueing is enabled, - with infinite looping in net_bh. - - We cannot track such dead loops during route installation, - it is infeasible task. The most general solutions would be - to keep skb->encapsulation counter (sort of local ttl), - and silently drop packet when it expires. It is the best - solution, but it supposes maintaing new variable in ALL - skb, even if no tunneling is used. - - Current solution: HARD_TX_LOCK lock breaks dead loops. - - - - 2. Networking dead loops would not kill routers, but would really - kill network. IP hop limit plays role of "t->recursion" in this case, - if we copy it from packet being encapsulated to upper header. - It is very good solution, but it introduces two problems: - - - Routing protocols, using packets with ttl=1 (OSPF, RIP2), - do not work over tunnels. - - traceroute does not work. I planned to relay ICMP from tunnel, - so that this problem would be solved and traceroute output - would even more informative. This idea appeared to be wrong: - only Linux complies to rfc1812 now (yes, guys, Linux is the only - true router now :-)), all routers (at least, in neighbourhood of mine) - return only 8 bytes of payload. It is the end. - - Hence, if we want that OSPF worked or traceroute said something reasonable, - we should search for another solution. - - One of them is to parse packet trying to detect inner encapsulation - made by our node. It is difficult or even impossible, especially, - taking into account fragmentation. TO be short, tt is not solution at all. - - Current solution: The solution was UNEXPECTEDLY SIMPLE. - We force DF flag on tunnels with preconfigured hop limit, - that is ALL. :-) Well, it does not remove the problem completely, - but exponential growth of network traffic is changed to linear - (branches, that exceed pmtu are pruned) and tunnel mtu - fastly degrades to value <68, where looping stops. - Yes, it is not good if there exists a router in the loop, - which does not force DF, even when encapsulating packets have DF set. - But it is not our problem! Nobody could accuse us, we made - all that we could make. Even if it is your gated who injected - fatal route to network, even if it were you who configured - fatal static route: you are innocent. :-) - - XXX: Forcing the DF flag on was done only when setting up tunnels via the - ioctl interface and not Netlink. Since it prevents some operations - and isn't very transparent I removed it. It seems nobody really - cared about it anyways. - Moral: don't create loops. - - 3. Really, ipv4/ipip.c, ipv4/ip_gre.c and ipv6/sit.c contain - practically identical code. It would be good to glue them - together, but it is not very evident, how to make them modular. - sit is integral part of IPv6, ipip and gre are naturally modular. - We could extract common parts (hash table, ioctl etc) - to a separate module (ip_tunnel.c). - - Alexey Kuznetsov. - */ - -#ifndef GRE_IOCTL_ONLY -static struct rtnl_link_ops ipgre_link_ops __read_mostly; -static struct rtnl_link_ops ipgre_tap_ops __read_mostly; -#endif -static int ipgre_tunnel_init(struct net_device *dev); -static void ipgre_tunnel_setup(struct net_device *dev); -static void ipgre_tap_setup(struct net_device *dev); -static int ipgre_tunnel_bind_dev(struct net_device *dev); -static bool send_frag_needed(struct sk_buff *skb, struct net_device *dev, - unsigned int mtu); - -#define HASH_SIZE 16 - -/* The absolute minimum fragment size. Note that there are many other - * definitions of the minimum MTU. */ -#define IP_MIN_MTU 68 - -static inline __be16 *gre_flags(void *header_start) -{ - return header_start; -} - -static inline __be16 *gre_protocol(void *header_start) -{ - return header_start + 2; -} - -static int ipgre_net_id __read_mostly; -struct ipgre_net { - struct ip_tunnel *tunnels[4][HASH_SIZE]; - - struct net_device *fb_tunnel_dev; -}; - -/* Tunnel hash table */ - -/* - 4 hash tables: - - 3: (remote,local) - 2: (remote,*) - 1: (*,local) - 0: (*,*) - - We require exact key match i.e. if a key is present in packet - it will match only tunnel with the same key; if it is not present, - it will match only keyless tunnel. - - All keysless packets, if not matched configured keyless tunnels - will match fallback tunnel. - */ - -#define HASH(addr) (((__force u32)addr^((__force u32)addr>>4))&0xF) - -#define tunnels_r_l tunnels[3] -#define tunnels_r tunnels[2] -#define tunnels_l tunnels[1] -#define tunnels_wc tunnels[0] -/* - * Locking : hash tables are protected by RCU and a spinlock - */ -static DEFINE_SPINLOCK(ipgre_lock); - -#define for_each_ip_tunnel_rcu(start) \ - for (t = rcu_dereference(start); t; t = rcu_dereference(t->next)) - -/* Given src, dst and key, find appropriate for input tunnel. */ - -static struct ip_tunnel * ipgre_tunnel_lookup(struct net_device *dev, - __be32 remote, __be32 local, - __be32 key, __be16 gre_proto) -{ - struct net *net = dev_net(dev); - int link = dev->ifindex; - unsigned h0 = HASH(remote); - unsigned h1 = HASH(key); - struct ip_tunnel *t, *cand = NULL; - struct ipgre_net *ign = net_generic(net, ipgre_net_id); - int dev_type = (gre_proto == htons(ETH_P_TEB)) ? - ARPHRD_ETHER : ARPHRD_IPGRE; - int score, cand_score = 4; - - for_each_ip_tunnel_rcu(ign->tunnels_r_l[h0 ^ h1]) { - if (local != t->parms.iph.saddr || - remote != t->parms.iph.daddr || - key != t->parms.i_key || - !(t->dev->flags & IFF_UP)) - continue; - - if (t->dev->type != ARPHRD_IPGRE && - t->dev->type != dev_type) - continue; - - score = 0; - if (t->parms.link != link) - score |= 1; - if (t->dev->type != dev_type) - score |= 2; - if (score == 0) - return t; - - if (score < cand_score) { - cand = t; - cand_score = score; - } - } - - for_each_ip_tunnel_rcu(ign->tunnels_r[h0 ^ h1]) { - if (remote != t->parms.iph.daddr || - key != t->parms.i_key || - !(t->dev->flags & IFF_UP)) - continue; - - if (t->dev->type != ARPHRD_IPGRE && - t->dev->type != dev_type) - continue; - - score = 0; - if (t->parms.link != link) - score |= 1; - if (t->dev->type != dev_type) - score |= 2; - if (score == 0) - return t; - - if (score < cand_score) { - cand = t; - cand_score = score; - } - } - - for_each_ip_tunnel_rcu(ign->tunnels_l[h1]) { - if ((local != t->parms.iph.saddr && - (local != t->parms.iph.daddr || - !ipv4_is_multicast(local))) || - key != t->parms.i_key || - !(t->dev->flags & IFF_UP)) - continue; - - if (t->dev->type != ARPHRD_IPGRE && - t->dev->type != dev_type) - continue; - - score = 0; - if (t->parms.link != link) - score |= 1; - if (t->dev->type != dev_type) - score |= 2; - if (score == 0) - return t; - - if (score < cand_score) { - cand = t; - cand_score = score; - } - } - - for_each_ip_tunnel_rcu(ign->tunnels_wc[h1]) { - if (t->parms.i_key != key || - !(t->dev->flags & IFF_UP)) - continue; - - if (t->dev->type != ARPHRD_IPGRE && - t->dev->type != dev_type) - continue; - - score = 0; - if (t->parms.link != link) - score |= 1; - if (t->dev->type != dev_type) - score |= 2; - if (score == 0) - return t; - - if (score < cand_score) { - cand = t; - cand_score = score; - } - } - - if (cand != NULL) - return cand; - - dev = ign->fb_tunnel_dev; - if (dev->flags & IFF_UP) - return netdev_priv(dev); - - return NULL; -} - -static struct ip_tunnel **__ipgre_bucket(struct ipgre_net *ign, - struct ip_tunnel_parm *parms) -{ - __be32 remote = parms->iph.daddr; - __be32 local = parms->iph.saddr; - __be32 key = parms->i_key; - unsigned h = HASH(key); - int prio = 0; - - if (local) - prio |= 1; - if (remote && !ipv4_is_multicast(remote)) { - prio |= 2; - h ^= HASH(remote); - } - - return &ign->tunnels[prio][h]; -} - -static inline struct ip_tunnel **ipgre_bucket(struct ipgre_net *ign, - struct ip_tunnel *t) -{ - return __ipgre_bucket(ign, &t->parms); -} - -static void ipgre_tunnel_link(struct ipgre_net *ign, struct ip_tunnel *t) -{ - struct ip_tunnel **tp = ipgre_bucket(ign, t); - - spin_lock_bh(&ipgre_lock); - t->next = *tp; - rcu_assign_pointer(*tp, t); - spin_unlock_bh(&ipgre_lock); -} - -static void ipgre_tunnel_unlink(struct ipgre_net *ign, struct ip_tunnel *t) -{ - struct ip_tunnel **tp; - - for (tp = ipgre_bucket(ign, t); *tp; tp = &(*tp)->next) { - if (t == *tp) { - spin_lock_bh(&ipgre_lock); - *tp = t->next; - spin_unlock_bh(&ipgre_lock); - break; - } - } -} - -static struct ip_tunnel *ipgre_tunnel_find(struct net *net, - struct ip_tunnel_parm *parms, - int type) -{ - __be32 remote = parms->iph.daddr; - __be32 local = parms->iph.saddr; - __be32 key = parms->i_key; - int link = parms->link; - struct ip_tunnel *t, **tp; - struct ipgre_net *ign = net_generic(net, ipgre_net_id); - - for (tp = __ipgre_bucket(ign, parms); (t = *tp) != NULL; tp = &t->next) - if (local == t->parms.iph.saddr && - remote == t->parms.iph.daddr && - key == t->parms.i_key && - link == t->parms.link && - type == t->dev->type) - break; - - return t; -} - -static struct ip_tunnel * ipgre_tunnel_locate(struct net *net, - struct ip_tunnel_parm *parms, int gretap, int create) -{ - struct ip_tunnel *t, *nt; - struct net_device *dev; - char name[IFNAMSIZ]; - struct ipgre_net *ign = net_generic(net, ipgre_net_id); - - t = ipgre_tunnel_find(net, parms, gretap ? ARPHRD_ETHER : ARPHRD_IPGRE); - if (t || !create) - return t; - - if (parms->name[0]) - strlcpy(name, parms->name, IFNAMSIZ); - else - sprintf(name, "gre%%d"); - - dev = alloc_netdev(sizeof(*t), name, gretap ? ipgre_tap_setup - : ipgre_tunnel_setup); - if (!dev) - return NULL; - - dev_net_set(dev, net); - - if (strchr(name, '%')) { - if (dev_alloc_name(dev, name) < 0) - goto failed_free; - } - - if (gretap) - random_ether_addr(dev->dev_addr); - -#ifndef GRE_IOCTL_ONLY - dev->rtnl_link_ops = gretap ? &ipgre_tap_ops : &ipgre_link_ops; -#endif - nt = netdev_priv(dev); - nt->parms = *parms; - - dev->mtu = ipgre_tunnel_bind_dev(dev); - - if (register_netdevice(dev) < 0) - goto failed_free; - - dev_hold(dev); - ipgre_tunnel_link(ign, nt); - return nt; - -failed_free: - free_netdev(dev); - return NULL; -} - -static void ipgre_tunnel_uninit(struct net_device *dev) -{ - struct net *net = dev_net(dev); - struct ipgre_net *ign = net_generic(net, ipgre_net_id); - - ipgre_tunnel_unlink(ign, netdev_priv(dev)); - dev_put(dev); -} - -static unsigned int tunnel_hard_header_len(struct net_device *dev) -{ -#ifdef HAVE_NETDEV_NEEDED_HEADROOM - return dev->hard_header_len; -#else - return (dev->type == ARPHRD_ETHER) ? ETH_HLEN : 0; -#endif -} - -static void icmp_err_frag(struct sk_buff *skb, struct ip_tunnel *t, - __be16 encap_proto) -{ - int mtu = ntohs(icmp_hdr(skb)->un.frag.mtu); - int header_len = t->hlen + tunnel_hard_header_len(t->dev); - unsigned int orig_mac_header = skb_mac_header(skb) - skb->data; - unsigned int orig_nw_header = skb_network_header(skb) - skb->data; - - /* Add the size of the IP header since this is the smallest - * packet size the we might do something with and we might as - * well fail early if we don't have it. Plus it allows us to - * safely look at the VLAN header if there is one. The final - * size is checked before use. */ - if (!pskb_may_pull(skb, header_len + sizeof(struct iphdr))) - return; - - if (t->dev->type == ARPHRD_ETHER) { - skb_set_mac_header(skb, t->hlen); - encap_proto = eth_hdr(skb)->h_proto; - - if (encap_proto == htons(ETH_P_8021Q)) { - header_len += VLAN_HLEN; - encap_proto = - vlan_eth_hdr(skb)->h_vlan_encapsulated_proto; - } - } - - skb_set_network_header(skb, header_len); - skb->protocol = encap_proto; - mtu -= header_len; - - if (skb->protocol == htons(ETH_P_IP)) { - if (mtu < IP_MIN_MTU) { - if (ntohs(ip_hdr(skb)->tot_len) >= IP_MIN_MTU) - mtu = IP_MIN_MTU; - else - goto out; - } - - header_len += sizeof(struct iphdr); - } else if (skb->protocol == htons(ETH_P_IPV6)) { - if (mtu < IPV6_MIN_MTU) { - unsigned int packet_length; - - if (!pskb_may_pull(skb, header_len + - sizeof(struct ipv6hdr))) - goto out; - - packet_length = sizeof(struct ipv6hdr) + - ntohs(ipv6_hdr(skb)->payload_len); - - if (packet_length >= IPV6_MIN_MTU - || ntohs(ipv6_hdr(skb)->payload_len) == 0) - mtu = IPV6_MIN_MTU; - else - goto out; - } - - header_len += sizeof(struct ipv6hdr); - } else - goto out; - - if (pskb_may_pull(skb, header_len)) { - __pskb_pull(skb, t->hlen); - send_frag_needed(skb, t->dev, mtu); - skb_push(skb, t->hlen); - } - -out: - skb_set_mac_header(skb, orig_mac_header); - skb_set_network_header(skb, orig_nw_header); - skb->protocol = htons(ETH_P_IP); -} - -static void ipgre_err(struct sk_buff *skb, u32 info) -{ - -/* All the routers (except for Linux) return only - 8 bytes of packet payload. It means, that precise relaying of - ICMP in the real Internet is absolutely infeasible. - - Moreover, Cisco "wise men" put GRE key to the third word - in GRE header. It makes impossible maintaining even soft state for keyed - GRE tunnels with enabled checksum. Tell them "thank you". - - Well, I wonder, rfc1812 was written by Cisco employee, - what the hell these idiots break standrads established - by themself??? - */ - - struct iphdr *iph = (struct iphdr *)skb->data; - __be16 *p; - int grehlen = (iph->ihl << 2) + 4; - const int type = icmp_hdr(skb)->type; - const int code = icmp_hdr(skb)->code; - struct ip_tunnel *t; - __be16 flags; - __be16 gre_proto; - - WARN_ON_ONCE(skb_shared(skb)); - - if (!pskb_may_pull(skb, grehlen)) - return; - - iph = (struct iphdr *)skb->data; - p = (__be16 *)(skb->data + (iph->ihl << 2)); - flags = *gre_flags(p); - gre_proto = *gre_protocol(p); - - if (flags&(GRE_CSUM|GRE_KEY|GRE_SEQ|GRE_ROUTING|GRE_VERSION)) { - if (flags&(GRE_VERSION|GRE_ROUTING)) - return; - if (flags&GRE_KEY) { - grehlen += 4; - if (flags&GRE_CSUM) - grehlen += 4; - } - } - - /* If only 8 bytes returned, keyed message will be dropped here */ - if (!pskb_may_pull(skb, grehlen)) - return; - - iph = (struct iphdr *)skb->data; - - switch (type) { - default: - case ICMP_PARAMETERPROB: - return; - - case ICMP_DEST_UNREACH: - switch (code) { - case ICMP_SR_FAILED: - /* Impossible event. */ - case ICMP_PORT_UNREACH: - return; - case ICMP_FRAG_NEEDED: - /* Soft state for pmtu is maintained by IP core but we - * also want to relay the message back. */ - break; - default: - /* All others are translated to HOST_UNREACH. - rfc2003 contains "deep thoughts" about NET_UNREACH, - I believe they are just ether pollution. --ANK - */ - break; - } - break; - case ICMP_TIME_EXCEEDED: - if (code != ICMP_EXC_TTL) - return; - break; - } - - rcu_read_lock(); - t = ipgre_tunnel_lookup(skb->dev, iph->daddr, iph->saddr, - flags & GRE_KEY ? - *(((__be32 *)skb->data) + (grehlen / 4) - 1) - : 0, gre_proto); - - if (t == NULL || t->parms.iph.daddr == 0 || - ipv4_is_multicast(t->parms.iph.daddr)) - goto out; - - if (t->parms.iph.ttl == 0 && type == ICMP_TIME_EXCEEDED) - goto out; - - if (code == ICMP_FRAG_NEEDED) { - /* Invalidates pointers. */ - icmp_err_frag(skb, t, gre_proto); - goto out; - } - - if (time_before(jiffies, t->err_time + IPTUNNEL_ERR_TIMEO)) - t->err_count++; - else - t->err_count = 1; - t->err_time = jiffies; -out: - rcu_read_unlock(); - return; -} - -static inline void ipgre_ecn_decapsulate(struct iphdr *iph, struct sk_buff *skb) -{ - if (INET_ECN_is_ce(iph->tos)) { - __be16 protocol = skb->protocol; - unsigned int nw_header = skb_network_header(skb) - skb->data; - - if (skb->dev->type == ARPHRD_ETHER - && skb->protocol == htons(ETH_P_8021Q)) { - if (unlikely(!pskb_may_pull(skb, VLAN_ETH_HLEN))) - return; - - protocol = vlan_eth_hdr(skb)->h_vlan_encapsulated_proto; - nw_header += VLAN_HLEN; - } - - if (protocol == htons(ETH_P_IP)) { - if (unlikely(!pskb_may_pull(skb, nw_header - + sizeof(struct iphdr)))) - return; - - IP_ECN_set_ce((struct iphdr *)(nw_header + skb->data)); - } else if (protocol == htons(ETH_P_IPV6)) { - if (unlikely(!pskb_may_pull(skb, nw_header - + sizeof(struct ipv6hdr)))) - return; - - IP6_ECN_set_ce((struct ipv6hdr *)(nw_header - + skb->data)); - } - } -} - -static inline u8 -ipgre_ecn_encapsulate(u8 tos, struct iphdr *old_iph, struct sk_buff *skb) -{ - u8 inner = 0; - if (skb->protocol == htons(ETH_P_IP)) - inner = old_iph->tos; - else if (skb->protocol == htons(ETH_P_IPV6)) - inner = ipv6_get_dsfield((struct ipv6hdr *)old_iph); - return INET_ECN_encapsulate(tos, inner); -} - -static int ipgre_rcv(struct sk_buff *skb) -{ - struct iphdr *iph; - u8 *h; - __be16 flags; - __sum16 csum = 0; - __be32 key = 0; - u32 seqno = 0; - struct ip_tunnel *tunnel; - int offset = 4; - __be16 gre_proto; - unsigned int len; - - if (!pskb_may_pull(skb, 16)) - goto drop_nolock; - - iph = ip_hdr(skb); - h = skb->data; - flags = *gre_flags(h); - - if (flags&(GRE_CSUM|GRE_KEY|GRE_ROUTING|GRE_SEQ|GRE_VERSION)) { - /* - Version must be 0. - - We do not support routing headers. - */ - if (flags&(GRE_VERSION|GRE_ROUTING)) - goto drop_nolock; - - if (flags&GRE_CSUM) { - switch (skb->ip_summed) { - case CHECKSUM_COMPLETE: - csum = csum_fold(skb->csum); - if (!csum) - break; - /* fall through */ - case CHECKSUM_NONE: - skb->csum = 0; - csum = __skb_checksum_complete(skb); - skb->ip_summed = CHECKSUM_COMPLETE; - } - offset += 4; - } - if (flags&GRE_KEY) { - key = *(__be32*)(h + offset); - offset += 4; - } - if (flags&GRE_SEQ) { - seqno = ntohl(*(__be32*)(h + offset)); - offset += 4; - } - } - - gre_proto = *gre_protocol(h); - - rcu_read_lock(); - if ((tunnel = ipgre_tunnel_lookup(skb->dev, - iph->saddr, iph->daddr, key, - gre_proto))) { - struct net_device_stats *stats; -#ifdef HAVE_NETDEV_STATS - stats = &tunnel->dev->stats; -#else - stats = &tunnel->stat; -#endif - - secpath_reset(skb); - - skb->protocol = gre_proto; - /* WCCP version 1 and 2 protocol decoding. - * - Change protocol to IP - * - When dealing with WCCPv2, Skip extra 4 bytes in GRE header - */ - if (flags == 0 && gre_proto == htons(ETH_P_WCCP)) { - skb->protocol = htons(ETH_P_IP); - if ((*(h + offset) & 0xF0) != 0x40) - offset += 4; - } - - skb->mac_header = skb->network_header; - __pskb_pull(skb, offset); - skb_postpull_rcsum(skb, skb_transport_header(skb), offset); - skb->pkt_type = PACKET_HOST; -#ifdef CONFIG_NET_IPGRE_BROADCAST - if (ipv4_is_multicast(iph->daddr)) { - /* Looped back packet, drop it! */ - if (skb_rtable(skb)->fl.iif == 0) - goto drop; - stats->multicast++; - skb->pkt_type = PACKET_BROADCAST; - } -#endif - - if (((flags&GRE_CSUM) && csum) || - (!(flags&GRE_CSUM) && tunnel->parms.i_flags&GRE_CSUM)) { - stats->rx_crc_errors++; - stats->rx_errors++; - goto drop; - } - if (tunnel->parms.i_flags&GRE_SEQ) { - if (!(flags&GRE_SEQ) || - (tunnel->i_seqno && (s32)(seqno - tunnel->i_seqno) < 0)) { - stats->rx_fifo_errors++; - stats->rx_errors++; - goto drop; - } - tunnel->i_seqno = seqno + 1; - } - - len = skb->len; - - /* Warning: All skb pointers will be invalidated! */ - if (tunnel->dev->type == ARPHRD_ETHER) { - if (!pskb_may_pull(skb, ETH_HLEN)) { - stats->rx_length_errors++; - stats->rx_errors++; - goto drop; - } - - iph = ip_hdr(skb); - skb->protocol = eth_type_trans(skb, tunnel->dev); - skb_postpull_rcsum(skb, eth_hdr(skb), ETH_HLEN); - } - - stats->rx_packets++; - stats->rx_bytes += len; - skb->dev = tunnel->dev; - skb_dst_drop(skb); - nf_reset(skb); - - skb_reset_network_header(skb); - - /* Invalidates pointers. */ - ipgre_ecn_decapsulate(iph, skb); - - netif_rx(skb); - rcu_read_unlock(); - return(0); - } - icmp_send(skb, ICMP_DEST_UNREACH, ICMP_PORT_UNREACH, 0); - -drop: - rcu_read_unlock(); -drop_nolock: - kfree_skb(skb); - return(0); -} - -static bool check_ipv4_address(__be32 addr) -{ - if (ipv4_is_multicast(addr) || ipv4_is_lbcast(addr) - || ipv4_is_loopback(addr) || ipv4_is_zeronet(addr)) - return false; - - return true; -} - -static bool ipv4_should_icmp(struct sk_buff *skb) -{ - struct iphdr *old_iph = ip_hdr(skb); - - /* Don't respond to L2 broadcast. */ - if (is_multicast_ether_addr(eth_hdr(skb)->h_dest)) - return false; - - /* Don't respond to L3 broadcast or invalid addresses. */ - if (!check_ipv4_address(old_iph->daddr) || - !check_ipv4_address(old_iph->saddr)) - return false; - - /* Only respond to the first fragment. */ - if (old_iph->frag_off & htons(IP_OFFSET)) - return false; - - /* Don't respond to ICMP error messages. */ - if (old_iph->protocol == IPPROTO_ICMP) { - u8 icmp_type, *icmp_typep; - - icmp_typep = skb_header_pointer(skb, (u8 *)old_iph + - (old_iph->ihl << 2) + - offsetof(struct icmphdr, type) - - skb->data, sizeof(icmp_type), - &icmp_type); - - if (!icmp_typep) - return false; - - if (*icmp_typep > NR_ICMP_TYPES - || (*icmp_typep <= ICMP_PARAMETERPROB - && *icmp_typep != ICMP_ECHOREPLY - && *icmp_typep != ICMP_ECHO)) - return false; - } - - return true; -} - -static void ipv4_build_icmp(struct sk_buff *skb, struct sk_buff *nskb, - unsigned int mtu, unsigned int payload_length) -{ - struct iphdr *iph, *old_iph = ip_hdr(skb); - struct icmphdr *icmph; - u8 *payload; - - iph = (struct iphdr *)skb_put(nskb, sizeof(struct iphdr)); - icmph = (struct icmphdr *)skb_put(nskb, sizeof(struct icmphdr)); - payload = skb_put(nskb, payload_length); - - /* IP */ - iph->version = 4; - iph->ihl = sizeof(struct iphdr) >> 2; - iph->tos = (old_iph->tos & IPTOS_TOS_MASK) | - IPTOS_PREC_INTERNETCONTROL; - iph->tot_len = htons(sizeof(struct iphdr) - + sizeof(struct icmphdr) - + payload_length); - get_random_bytes(&iph->id, sizeof iph->id); - iph->frag_off = 0; - iph->ttl = IPDEFTTL; - iph->protocol = IPPROTO_ICMP; - iph->daddr = old_iph->saddr; - iph->saddr = old_iph->daddr; - - ip_send_check(iph); - - /* ICMP */ - icmph->type = ICMP_DEST_UNREACH; - icmph->code = ICMP_FRAG_NEEDED; - icmph->un.gateway = htonl(mtu); - icmph->checksum = 0; - - nskb->csum = csum_partial((u8 *)icmph, sizeof *icmph, 0); - nskb->csum = skb_copy_and_csum_bits(skb, (u8 *)old_iph - skb->data, - payload, payload_length, - nskb->csum); - icmph->checksum = csum_fold(nskb->csum); -} - -static bool ipv6_should_icmp(struct sk_buff *skb) -{ - struct ipv6hdr *old_ipv6h = ipv6_hdr(skb); - int addr_type; - int payload_off = (u8 *)(old_ipv6h + 1) - skb->data; - u8 nexthdr = ipv6_hdr(skb)->nexthdr; - - /* Check source address is valid. */ - addr_type = ipv6_addr_type(&old_ipv6h->saddr); - if (addr_type & IPV6_ADDR_MULTICAST || addr_type == IPV6_ADDR_ANY) - return false; - - /* Don't reply to unspecified addresses. */ - if (ipv6_addr_type(&old_ipv6h->daddr) == IPV6_ADDR_ANY) - return false; - - /* Don't respond to ICMP error messages. */ - payload_off = ipv6_skip_exthdr(skb, payload_off, &nexthdr); - if (payload_off < 0) - return false; - - if (nexthdr == NEXTHDR_ICMP) { - u8 icmp_type, *icmp_typep; - - icmp_typep = skb_header_pointer(skb, payload_off + - offsetof(struct icmp6hdr, - icmp6_type), - sizeof(icmp_type), &icmp_type); - - if (!icmp_typep || !(*icmp_typep & ICMPV6_INFOMSG_MASK)) - return false; - } - - return true; -} - -static void ipv6_build_icmp(struct sk_buff *skb, struct sk_buff *nskb, - unsigned int mtu, unsigned int payload_length) -{ - struct ipv6hdr *ipv6h, *old_ipv6h = ipv6_hdr(skb); - struct icmp6hdr *icmp6h; - u8 *payload; - - ipv6h = (struct ipv6hdr *)skb_put(nskb, sizeof(struct ipv6hdr)); - icmp6h = (struct icmp6hdr *)skb_put(nskb, sizeof(struct icmp6hdr)); - payload = skb_put(nskb, payload_length); - - /* IPv6 */ - ipv6h->version = 6; - ipv6h->priority = 0; - memset(&ipv6h->flow_lbl, 0, sizeof ipv6h->flow_lbl); - ipv6h->payload_len = htons(sizeof(struct icmp6hdr) - + payload_length); - ipv6h->nexthdr = NEXTHDR_ICMP; - ipv6h->hop_limit = IPV6_DEFAULT_HOPLIMIT; - ipv6_addr_copy(&ipv6h->daddr, &old_ipv6h->saddr); - ipv6_addr_copy(&ipv6h->saddr, &old_ipv6h->daddr); - - /* ICMPv6 */ - icmp6h->icmp6_type = ICMPV6_PKT_TOOBIG; - icmp6h->icmp6_code = 0; - icmp6h->icmp6_cksum = 0; - icmp6h->icmp6_mtu = htonl(mtu); - - nskb->csum = csum_partial((u8 *)icmp6h, sizeof *icmp6h, 0); - nskb->csum = skb_copy_and_csum_bits(skb, (u8 *)old_ipv6h - skb->data, - payload, payload_length, - nskb->csum); - icmp6h->icmp6_cksum = csum_ipv6_magic(&ipv6h->saddr, &ipv6h->daddr, - sizeof(struct icmp6hdr) - + payload_length, - ipv6h->nexthdr, nskb->csum); -} - -static bool send_frag_needed(struct sk_buff *skb, struct net_device *dev, - unsigned int mtu) -{ - unsigned int eth_hdr_len = ETH_HLEN; - unsigned int total_length, header_length, payload_length; - struct ethhdr *eh, *old_eh = eth_hdr(skb); - struct sk_buff *nskb; - struct net_device_stats *stats; - - /* Normal IP stack. */ - if (!dev->br_port) { - if (skb->protocol == htons(ETH_P_IP)) { - icmp_send(skb, ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED, - htonl(mtu)); - return true; - } else { -#ifdef CONFIG_IPV6 - icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu, dev); - return true; -#else - return false; -#endif - } - } - - /* Sanity check */ - if (skb->protocol == htons(ETH_P_IP)) { - if (mtu < IP_MIN_MTU) - return false; - - if (!ipv4_should_icmp(skb)) - return true; - } else { - if (mtu < IPV6_MIN_MTU) - return false; - - /* In theory we should do PMTUD on IPv6 multicast messages but - * we don't have an address to send from so just fragment. */ - if (ipv6_addr_type(&ipv6_hdr(skb)->daddr) & IPV6_ADDR_MULTICAST) - return false; - - if (!ipv6_should_icmp(skb)) - return true; - } - - /* Allocate */ - if (old_eh->h_proto == htons(ETH_P_8021Q)) - eth_hdr_len = VLAN_ETH_HLEN; - - payload_length = skb->len - eth_hdr_len; - if (skb->protocol == htons(ETH_P_IP)) { - header_length = sizeof(struct iphdr) + sizeof(struct icmphdr); - total_length = min_t(unsigned int, header_length + - payload_length, 576); - } else { - header_length = sizeof(struct ipv6hdr) + - sizeof(struct icmp6hdr); - total_length = min_t(unsigned int, header_length + - payload_length, IPV6_MIN_MTU); - } - total_length = min(total_length, dev->mtu); - payload_length = total_length - header_length; - - nskb = netdev_alloc_skb_ip_align(dev, eth_hdr_len + header_length - + payload_length); - if (!nskb) - return false; - - /* Ethernet / VLAN */ - eh = (struct ethhdr *)skb_put(nskb, eth_hdr_len); - memcpy(eh->h_dest, old_eh->h_source, ETH_ALEN); - memcpy(eh->h_source, dev->dev_addr, ETH_ALEN); - eh->h_proto = old_eh->h_proto; - if (old_eh->h_proto == htons(ETH_P_8021Q)) { - struct vlan_ethhdr *vh = (struct vlan_ethhdr *)eh; - - vh->h_vlan_TCI = vlan_eth_hdr(skb)->h_vlan_TCI; - vh->h_vlan_encapsulated_proto = skb->protocol; - } - nskb->protocol = eth_type_trans(nskb, dev); - - /* Protocol */ - if (skb->protocol == htons(ETH_P_IP)) - ipv4_build_icmp(skb, nskb, mtu, payload_length); - else - ipv6_build_icmp(skb, nskb, mtu, payload_length); - - /* Send */ -#ifdef HAVE_NETDEV_STATS - stats = &dev->stats; -#else - stats = &((struct ip_tunnel *)netdev_priv(dev))->stat; -#endif - stats->rx_packets++; - stats->rx_bytes += nskb->len; - - netif_rx(nskb); - return true; -} - -static netdev_tx_t ipgre_tunnel_xmit(struct sk_buff *skb, struct net_device *dev) -{ - struct ip_tunnel *tunnel = netdev_priv(dev); - struct net_device_stats *stats; -#ifdef HAVE_NETDEV_QUEUE_STATS - struct netdev_queue *txq = netdev_get_tx_queue(dev, 0); -#endif - struct iphdr *old_iph; - struct ipv6hdr *old_ipv6h; - struct iphdr *tiph; - u8 tos; - __be16 df; - struct rtable *rt; /* Route to the other host */ - struct net_device *tdev; /* Device to other host */ - struct iphdr *iph; /* Our new IP header */ - unsigned int max_headroom; /* The extra header space needed */ - int gre_hlen; - __be32 dst; - int mtu; - __be16 original_protocol; - bool is_vlan = false; - -#ifdef HAVE_NETDEV_STATS - stats = &dev->stats; -#else - stats = &tunnel->stat; -#endif - - WARN_ON_ONCE(skb_shared(skb)); - - /* Validate the protocol headers before we try to use them. */ - original_protocol = skb->protocol; - - if (dev->type == ARPHRD_ETHER && skb->protocol == htons(ETH_P_8021Q)) { - if (unlikely(!pskb_may_pull(skb, VLAN_ETH_HLEN))) - goto tx_error; - - skb->protocol = vlan_eth_hdr(skb)->h_vlan_encapsulated_proto; - skb_set_network_header(skb, VLAN_ETH_HLEN); - is_vlan = true; - } - - old_iph = ip_hdr(skb); - old_ipv6h = ipv6_hdr(skb); - - if (skb->protocol == htons(ETH_P_IP)) { - if (unlikely(!pskb_may_pull(skb, skb_network_header(skb) - + sizeof(struct iphdr) - skb->data))) - skb->protocol = 0; - } else if (skb->protocol == htons(ETH_P_IPV6)) { - if (unlikely(!pskb_may_pull(skb, skb_network_header(skb) - + sizeof(struct ipv6hdr) - skb->data))) - skb->protocol = 0; - } - - if (dev->type == ARPHRD_ETHER) - IPCB(skb)->flags = 0; - -#ifdef HAVE_NETDEV_HEADER_OPS - if (dev->header_ops && dev->type == ARPHRD_IPGRE) { -#else - if (dev->hard_header && dev->type == ARPHRD_IPGRE) { -#endif - gre_hlen = 0; - tiph = (struct iphdr *)skb->data; - } else { - gre_hlen = tunnel->hlen; - tiph = &tunnel->parms.iph; - } - - if ((dst = tiph->daddr) == 0) { - /* NBMA tunnel */ - - if (skb_dst(skb) == NULL) { - stats->tx_fifo_errors++; - goto tx_error; - } - - if (skb->protocol == htons(ETH_P_IP)) { - rt = skb_rtable(skb); - if ((dst = rt->rt_gateway) == 0) - goto tx_error_icmp; - } -#ifdef CONFIG_IPV6 - else if (skb->protocol == htons(ETH_P_IPV6)) { - struct in6_addr *addr6; - int addr_type; - struct neighbour *neigh = skb_dst(skb)->neighbour; - - if (neigh == NULL) - goto tx_error; - - addr6 = (struct in6_addr *)&neigh->primary_key; - addr_type = ipv6_addr_type(addr6); - - if (addr_type == IPV6_ADDR_ANY) { - addr6 = &ipv6_hdr(skb)->daddr; - addr_type = ipv6_addr_type(addr6); - } - - if ((addr_type & IPV6_ADDR_COMPATv4) == 0) - goto tx_error_icmp; - - dst = addr6->s6_addr32[3]; - } -#endif - else - goto tx_error; - } - - tos = tiph->tos; - if (tos == 1) { - tos = 0; - if (skb->protocol == htons(ETH_P_IP)) - tos = old_iph->tos; - else if (skb->protocol == htons(ETH_P_IPV6)) - tos = ipv6_get_dsfield(ipv6_hdr(skb)); - } - - { - struct flowi fl = { .oif = tunnel->parms.link, - .nl_u = { .ip4_u = - { .daddr = dst, - .saddr = tiph->saddr, - .tos = RT_TOS(tos) } }, - .proto = IPPROTO_GRE }; - if (ip_route_output_key(dev_net(dev), &rt, &fl)) { - stats->tx_carrier_errors++; - goto tx_error; - } - } - tdev = rt->u.dst.dev; - - if (tdev == dev) { - ip_rt_put(rt); - stats->collisions++; - goto tx_error; - } - - df = tiph->frag_off; - if (df) - mtu = dst_mtu(&rt->u.dst) - tunnel_hard_header_len(dev) - - (is_vlan ? VLAN_HLEN : 0) - - tunnel->hlen; - else - mtu = skb_dst(skb) ? dst_mtu(skb_dst(skb)) : dev->mtu; - - if (skb->protocol == htons(ETH_P_IP)) - mtu = max(mtu, IP_MIN_MTU); - if (skb->protocol == htons(ETH_P_IPV6)) - mtu = max(mtu, IPV6_MIN_MTU); - - if (skb_dst(skb)) - skb_dst(skb)->ops->update_pmtu(skb_dst(skb), mtu); - - if (skb->protocol == htons(ETH_P_IP)) { - df |= (old_iph->frag_off&htons(IP_DF)); - - if ((old_iph->frag_off&htons(IP_DF)) && - mtu < ntohs(old_iph->tot_len)) { - if (send_frag_needed(skb, dev, mtu)) { - ip_rt_put(rt); - goto tx_error; - } - } - } else if (skb->protocol == htons(ETH_P_IPV6)) { - unsigned int packet_length = skb->len - - tunnel_hard_header_len(dev) - - (is_vlan ? VLAN_HLEN : 0); - -#ifdef CONFIG_IPV6 - struct rt6_info *rt6 = (struct rt6_info *)skb_dst(skb); - - if (rt6 && mtu < dst_mtu(skb_dst(skb)) && mtu >= IPV6_MIN_MTU) { - if ((tunnel->parms.iph.daddr && - !ipv4_is_multicast(tunnel->parms.iph.daddr)) || - rt6->rt6i_dst.plen == 128) { - rt6->rt6i_flags |= RTF_MODIFIED; - skb_dst(skb)->metrics[RTAX_MTU-1] = mtu; - } - } -#endif - - /* IPv6 requires PMTUD if the packet is above the minimum MTU.*/ - if (packet_length > IPV6_MIN_MTU) - df = htons(IP_DF); - - if (mtu < packet_length - tunnel->hlen + gre_hlen) { - if (send_frag_needed(skb, dev, mtu)) { - ip_rt_put(rt); - goto tx_error; - } - } - } - - if (tunnel->err_count > 0) { - if (time_before(jiffies, - tunnel->err_time + IPTUNNEL_ERR_TIMEO)) { - tunnel->err_count--; - - dst_link_failure(skb); - } else - tunnel->err_count = 0; - } - - max_headroom = LL_RESERVED_SPACE(tdev) + gre_hlen; - - if (skb_headroom(skb) < max_headroom || - (skb_cloned(skb) && !skb_clone_writable(skb, 0))) { - struct sk_buff *new_skb = skb_realloc_headroom(skb, max_headroom); - if (!new_skb) { - ip_rt_put(rt); -#ifdef HAVE_NETDEV_QUEUE_STATS - txq->tx_dropped++; -#else - stats->tx_dropped++; -#endif - dev_kfree_skb(skb); - return NETDEV_TX_OK; - } - if (skb->sk) - skb_set_owner_w(new_skb, skb->sk); - dev_kfree_skb(skb); - skb = new_skb; - old_iph = ip_hdr(skb); - } - - skb_reset_transport_header(skb); - skb_push(skb, gre_hlen); - skb_reset_network_header(skb); - memset(&(IPCB(skb)->opt), 0, sizeof(IPCB(skb)->opt)); - IPCB(skb)->flags &= ~(IPSKB_XFRM_TUNNEL_SIZE | IPSKB_XFRM_TRANSFORMED | - IPSKB_REROUTED);; - - skb_dst_drop(skb); - skb_dst_set(skb, &rt->u.dst); - - /* - * Push down and install the GRE header. - */ - - iph = ip_hdr(skb); - iph->version = 4; - iph->ihl = sizeof(struct iphdr) >> 2; - iph->frag_off = df; - iph->protocol = IPPROTO_GRE; - iph->tos = ipgre_ecn_encapsulate(tos, old_iph, skb); - iph->daddr = rt->rt_dst; - iph->saddr = rt->rt_src; - - /* Allow our local IP stack to fragment the outer packet even if the - * DF bit is set. If we got this far there is nothing more that we - * can do with the inner packet. */ - skb->local_df = 1; - - if ((iph->ttl = tiph->ttl) == 0) { - if (skb->protocol == htons(ETH_P_IP)) - iph->ttl = old_iph->ttl; - else if (skb->protocol == htons(ETH_P_IPV6)) - iph->ttl = ((struct ipv6hdr *)old_iph)->hop_limit; - else - iph->ttl = dst_metric(&rt->u.dst, RTAX_HOPLIMIT); - } - - *gre_flags(iph + 1) = tunnel->parms.o_flags; - *gre_protocol(iph + 1) = (dev->type == ARPHRD_ETHER) ? - htons(ETH_P_TEB) : original_protocol; - - if (tunnel->parms.o_flags&(GRE_KEY|GRE_CSUM|GRE_SEQ)) { - __be32 *ptr = (__be32*)(((u8*)iph) + tunnel->hlen - 4); - - if (tunnel->parms.o_flags&GRE_SEQ) { - ++tunnel->o_seqno; - *ptr = htonl(tunnel->o_seqno); - ptr--; - } - if (tunnel->parms.o_flags&GRE_KEY) { - *ptr = tunnel->parms.o_key; - ptr--; - } - if (tunnel->parms.o_flags&GRE_CSUM) { - *ptr = 0; - *(__sum16*)ptr = ip_compute_csum((void*)(iph+1), skb->len - sizeof(struct iphdr)); - } - } - - nf_reset(skb); - - IPTUNNEL_XMIT(); - return NETDEV_TX_OK; - -tx_error_icmp: - dst_link_failure(skb); - -tx_error: - stats->tx_errors++; - dev_kfree_skb(skb); - return NETDEV_TX_OK; -} - -static int ipgre_tunnel_bind_dev(struct net_device *dev) -{ - struct net_device *tdev = NULL; - struct ip_tunnel *tunnel; - struct iphdr *iph; - int hlen = LL_MAX_HEADER; - int mtu = ETH_DATA_LEN; - int addend = sizeof(struct iphdr) + 4; - - tunnel = netdev_priv(dev); - iph = &tunnel->parms.iph; - - /* Guess output device to choose reasonable mtu and needed_headroom */ - - if (iph->daddr) { - struct flowi fl = { .oif = tunnel->parms.link, - .nl_u = { .ip4_u = - { .daddr = iph->daddr, - .saddr = iph->saddr, - .tos = RT_TOS(iph->tos) } }, - .proto = IPPROTO_GRE }; - struct rtable *rt; - if (!ip_route_output_key(dev_net(dev), &rt, &fl)) { - tdev = rt->u.dst.dev; - ip_rt_put(rt); - } - - if (dev->type != ARPHRD_ETHER) - dev->flags |= IFF_POINTOPOINT; - } - - if (!tdev && tunnel->parms.link) - tdev = __dev_get_by_index(dev_net(dev), tunnel->parms.link); - - if (tdev) { -#ifdef HAVE_NETDEV_NEEDED_HEADROOM - hlen = tdev->hard_header_len + tdev->needed_headroom; -#else - hlen = tdev->hard_header_len; -#endif - mtu = tdev->mtu; - } - dev->iflink = tunnel->parms.link; - - /* Precalculate GRE options length */ - if (tunnel->parms.o_flags&(GRE_CSUM|GRE_KEY|GRE_SEQ)) { - if (tunnel->parms.o_flags&GRE_CSUM) - addend += 4; - if (tunnel->parms.o_flags&GRE_KEY) - addend += 4; - if (tunnel->parms.o_flags&GRE_SEQ) - addend += 4; - } -#ifdef HAVE_NETDEV_NEEDED_HEADROOM - dev->needed_headroom = hlen + addend; -#else - dev->hard_header_len = hlen + addend; -#endif - mtu -= tunnel_hard_header_len(dev) + addend; - tunnel->hlen = addend; - - if (mtu < IP_MIN_MTU) - mtu = IP_MIN_MTU; - - /* If we could be connected to a bridge set the normal Ethernet MTU - * since all devices on the bridge are required to have the same MTU. - * Even though this isn't our optimal MTU we can handle it. */ - if (dev->type == ARPHRD_ETHER) - mtu = ETH_DATA_LEN; - - return mtu; -} - -static int -ipgre_tunnel_ioctl (struct net_device *dev, struct ifreq *ifr, int cmd) -{ - int err = 0; - struct ip_tunnel_parm p; - struct ip_tunnel *t; - struct net *net = dev_net(dev); - struct ipgre_net *ign = net_generic(net, ipgre_net_id); - int add_tunnel, gretap; - - switch (cmd) { - case SIOCGETTUNNEL: - t = NULL; - if (dev == ign->fb_tunnel_dev) { - if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p))) { - err = -EFAULT; - break; - } - t = ipgre_tunnel_locate(net, &p, false, 0); - } - if (t == NULL) - t = netdev_priv(dev); - memcpy(&p, &t->parms, sizeof(p)); - if (copy_to_user(ifr->ifr_ifru.ifru_data, &p, sizeof(p))) - err = -EFAULT; - break; - - case SIOCADDTUNNEL: - case SIOCCHGTUNNEL: - case SIOCADDGRETAP: - case SIOCCHGGRETAP: - err = -EPERM; - if (!capable(CAP_NET_ADMIN)) - goto done; - - err = -EFAULT; - if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p))) - goto done; - - err = -EINVAL; - if (p.iph.version != 4 || p.iph.protocol != IPPROTO_GRE || - p.iph.ihl != 5 || (p.iph.frag_off&htons(~IP_DF)) || - ((p.i_flags|p.o_flags)&(GRE_VERSION|GRE_ROUTING))) - goto done; - - add_tunnel = (cmd == SIOCADDTUNNEL || cmd == SIOCADDGRETAP); - gretap = (cmd == SIOCADDGRETAP || cmd == SIOCCHGGRETAP); - - if (!(p.i_flags&GRE_KEY)) - p.i_key = 0; - if (!(p.o_flags&GRE_KEY)) - p.o_key = 0; - - t = ipgre_tunnel_locate(net, &p, gretap, add_tunnel); - - if (dev != ign->fb_tunnel_dev && !add_tunnel) { - if (t != NULL) { - if (t->dev != dev) { - err = -EEXIST; - break; - } - } else { - unsigned nflags = 0; - - t = netdev_priv(dev); - - if (ipv4_is_multicast(p.iph.daddr)) - nflags = IFF_BROADCAST; - else if (p.iph.daddr) - nflags = IFF_POINTOPOINT; - - if ((dev->flags^nflags)&(IFF_POINTOPOINT|IFF_BROADCAST)) { - err = -EINVAL; - break; - } - ipgre_tunnel_unlink(ign, t); - t->parms.iph.saddr = p.iph.saddr; - t->parms.iph.daddr = p.iph.daddr; - t->parms.i_key = p.i_key; - t->parms.o_key = p.o_key; - memcpy(dev->dev_addr, &p.iph.saddr, 4); - memcpy(dev->broadcast, &p.iph.daddr, 4); - ipgre_tunnel_link(ign, t); - netdev_state_change(dev); - } - } - - if (t) { - err = 0; - if (!add_tunnel) { - t->parms.iph.ttl = p.iph.ttl; - t->parms.iph.tos = p.iph.tos; - t->parms.iph.frag_off = p.iph.frag_off; - if (t->parms.link != p.link) { - t->parms.link = p.link; - dev->mtu = ipgre_tunnel_bind_dev(dev); - netdev_state_change(dev); - } - } - if (copy_to_user(ifr->ifr_ifru.ifru_data, &t->parms, sizeof(p))) - err = -EFAULT; - } else - err = (add_tunnel ? -ENOBUFS : -ENOENT); - break; - - case SIOCDELTUNNEL: - err = -EPERM; - if (!capable(CAP_NET_ADMIN)) - goto done; - - if (dev == ign->fb_tunnel_dev) { - err = -EFAULT; - if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p))) - goto done; - err = -ENOENT; - if ((t = ipgre_tunnel_locate(net, &p, false, 0)) == NULL) - goto done; - err = -EPERM; - if (t == netdev_priv(ign->fb_tunnel_dev)) - goto done; - dev = t->dev; - } - unregister_netdevice(dev); - err = 0; - break; - - default: - err = -EINVAL; - } - -done: - return err; -} - -#ifndef HAVE_NETDEV_STATS -static struct net_device_stats *ipgre_tunnel_get_stats(struct net_device *dev) -{ - return &(((struct ip_tunnel*)netdev_priv(dev))->stat); -} -#endif - -static int ipgre_tunnel_change_mtu(struct net_device *dev, int new_mtu) -{ - struct ip_tunnel *tunnel = netdev_priv(dev); - if (new_mtu < IP_MIN_MTU || - new_mtu > 0xFFF8 - tunnel_hard_header_len(dev) - tunnel->hlen) - return -EINVAL; - dev->mtu = new_mtu; - return 0; -} - -/* Nice toy. Unfortunately, useless in real life :-) - It allows to construct virtual multiprotocol broadcast "LAN" - over the Internet, provided multicast routing is tuned. - - - I have no idea was this bicycle invented before me, - so that I had to set ARPHRD_IPGRE to a random value. - I have an impression, that Cisco could make something similar, - but this feature is apparently missing in IOS<=11.2(8). - - I set up 10.66.66/24 and fec0:6666:6666::0/96 as virtual networks - with broadcast 224.66.66.66. If you have access to mbone, play with me :-) - - ping -t 255 224.66.66.66 - - If nobody answers, mbone does not work. - - ip tunnel add Universe mode gre remote 224.66.66.66 local ttl 255 - ip addr add 10.66.66./24 dev Universe - ifconfig Universe up - ifconfig Universe add fe80::/10 - ifconfig Universe add fec0:6666:6666::/96 - ftp 10.66.66.66 - ... - ftp fec0:6666:6666::193.233.7.65 - ... - - */ - -#ifdef HAVE_NETDEV_HEADER_OPS -static int ipgre_header(struct sk_buff *skb, struct net_device *dev, - unsigned short type, - const void *daddr, const void *saddr, unsigned len) -#else -static int ipgre_header(struct sk_buff *skb, struct net_device *dev, unsigned short type, - void *daddr, void *saddr, unsigned len) -#endif -{ - struct ip_tunnel *t = netdev_priv(dev); - struct iphdr *iph = (struct iphdr *)skb_push(skb, t->hlen); - __be16 *p = (__be16*)(iph+1); - - memcpy(iph, &t->parms.iph, sizeof(struct iphdr)); - p[0] = t->parms.o_flags; - p[1] = htons(type); - - /* - * Set the source hardware address. - */ - - if (saddr) - memcpy(&iph->saddr, saddr, 4); - - if (daddr) { - memcpy(&iph->daddr, daddr, 4); - return t->hlen; - } - if (iph->daddr && !ipv4_is_multicast(iph->daddr)) - return t->hlen; - - return -t->hlen; -} - -#ifdef HAVE_NETDEV_HEADER_OPS -static int ipgre_header_parse(const struct sk_buff *skb, unsigned char *haddr) -#else -static int ipgre_header_parse(struct sk_buff *skb, unsigned char *haddr) -#endif -{ - struct iphdr *iph = (struct iphdr *) skb_mac_header(skb); - memcpy(haddr, &iph->saddr, 4); - return 4; -} - -#ifdef HAVE_NETDEV_HEADER_OPS -static const struct header_ops ipgre_header_ops = { - .create = ipgre_header, - .parse = ipgre_header_parse, -}; -#endif - -#ifdef CONFIG_NET_IPGRE_BROADCAST -static int ipgre_open(struct net_device *dev) -{ - struct ip_tunnel *t = netdev_priv(dev); - - if (ipv4_is_multicast(t->parms.iph.daddr)) { - struct flowi fl = { .oif = t->parms.link, - .nl_u = { .ip4_u = - { .daddr = t->parms.iph.daddr, - .saddr = t->parms.iph.saddr, - .tos = RT_TOS(t->parms.iph.tos) } }, - .proto = IPPROTO_GRE }; - struct rtable *rt; - if (ip_route_output_key(dev_net(dev), &rt, &fl)) - return -EADDRNOTAVAIL; - dev = rt->u.dst.dev; - ip_rt_put(rt); - if (__in_dev_get_rtnl(dev) == NULL) - return -EADDRNOTAVAIL; - t->mlink = dev->ifindex; - ip_mc_inc_group(__in_dev_get_rtnl(dev), t->parms.iph.daddr); - } - return 0; -} - -static int ipgre_close(struct net_device *dev) -{ - struct ip_tunnel *t = netdev_priv(dev); - - if (ipv4_is_multicast(t->parms.iph.daddr) && t->mlink) { - struct in_device *in_dev; - in_dev = inetdev_by_index(dev_net(dev), t->mlink); - if (in_dev) { - ip_mc_dec_group(in_dev, t->parms.iph.daddr); - in_dev_put(in_dev); - } - } - return 0; -} - -#endif - -static void ethtool_getinfo(struct net_device *dev, - struct ethtool_drvinfo *info) -{ - strcpy(info->driver, "ip_gre"); - strcpy(info->version, "Open vSwitch "VERSION BUILDNR); - strcpy(info->bus_info, dev->type == ARPHRD_ETHER ? "gretap" : "gre"); -} - -static struct ethtool_ops ethtool_ops = { - .get_drvinfo = ethtool_getinfo, -}; - -#ifdef HAVE_NET_DEVICE_OPS -static const struct net_device_ops ipgre_netdev_ops = { - .ndo_init = ipgre_tunnel_init, - .ndo_uninit = ipgre_tunnel_uninit, -#ifdef CONFIG_NET_IPGRE_BROADCAST - .ndo_open = ipgre_open, - .ndo_stop = ipgre_close, -#endif - .ndo_start_xmit = ipgre_tunnel_xmit, - .ndo_do_ioctl = ipgre_tunnel_ioctl, - .ndo_change_mtu = ipgre_tunnel_change_mtu, -}; -#endif - -static void ipgre_tunnel_setup(struct net_device *dev) -{ -#ifdef HAVE_NET_DEVICE_OPS - dev->netdev_ops = &ipgre_netdev_ops; -#else - dev->init = ipgre_tunnel_init; - dev->uninit = ipgre_tunnel_uninit; - dev->hard_start_xmit = ipgre_tunnel_xmit; -#ifndef HAVE_NETDEV_STATS - dev->get_stats = ipgre_tunnel_get_stats; -#endif - dev->do_ioctl = ipgre_tunnel_ioctl; - dev->change_mtu = ipgre_tunnel_change_mtu; -#endif /* HAVE_NET_DEVICE_OPS */ - dev->destructor = free_netdev; - - dev->type = ARPHRD_IPGRE; -#ifdef HAVE_NETDEV_NEEDED_HEADROOM - dev->needed_headroom = LL_MAX_HEADER + sizeof(struct iphdr) + 4; -#else - dev->hard_header_len = LL_MAX_HEADER + sizeof(struct iphdr) + 4; -#endif - dev->mtu = ETH_DATA_LEN - sizeof(struct iphdr) - 4; - dev->flags = IFF_NOARP; - dev->iflink = 0; - dev->addr_len = 4; - dev->features |= NETIF_F_NETNS_LOCAL; - dev->priv_flags &= ~IFF_XMIT_DST_RELEASE; - - SET_ETHTOOL_OPS(dev, ðtool_ops); -} - -static int ipgre_tunnel_init(struct net_device *dev) -{ - struct ip_tunnel *tunnel; - struct iphdr *iph; - - tunnel = netdev_priv(dev); - iph = &tunnel->parms.iph; - - tunnel->dev = dev; - strcpy(tunnel->parms.name, dev->name); - - memcpy(dev->dev_addr, &tunnel->parms.iph.saddr, 4); - memcpy(dev->broadcast, &tunnel->parms.iph.daddr, 4); - - if (iph->daddr) { -#ifdef CONFIG_NET_IPGRE_BROADCAST - if (ipv4_is_multicast(iph->daddr)) { - if (!iph->saddr) - return -EINVAL; - dev->flags = IFF_BROADCAST; -#ifdef HAVE_NETDEV_HEADER_OPS - dev->header_ops = &ipgre_header_ops; -#else - dev->hard_header = ipgre_header; - dev->hard_header_parse = ipgre_header_parse; -#endif -#ifndef HAVE_NET_DEVICE_OPS - dev->open = ipgre_open; - dev->stop = ipgre_close; -#endif - } -#endif - } else { -#ifdef HAVE_NETDEV_HEADER_OPS - dev->header_ops = &ipgre_header_ops; -#else - dev->hard_header = ipgre_header; - dev->hard_header_parse = ipgre_header_parse; -#endif - } - - return 0; -} - -#ifdef HAVE_NET_DEVICE_OPS -static void ipgre_fb_tunnel_init(struct net_device *dev) -#else -static int ipgre_fb_tunnel_init(struct net_device *dev) -#endif -{ - struct ip_tunnel *tunnel = netdev_priv(dev); - struct iphdr *iph = &tunnel->parms.iph; - struct ipgre_net *ign = net_generic(dev_net(dev), ipgre_net_id); - - tunnel->dev = dev; - strcpy(tunnel->parms.name, dev->name); - - iph->version = 4; - iph->protocol = IPPROTO_GRE; - iph->ihl = 5; - tunnel->hlen = sizeof(struct iphdr) + 4; - - dev_hold(dev); - ign->tunnels_wc[0] = tunnel; - -#ifndef HAVE_NET_DEVICE_OPS - return 0; -#endif -} - -#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,32) -static struct net_protocol ipgre_protocol = { -#else -static const struct net_protocol ipgre_protocol = { -#endif - .handler = ipgre_rcv, - .err_handler = ipgre_err, -#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,26) - .netns_ok = 1, -#endif -}; - -static void ipgre_destroy_tunnels(struct ipgre_net *ign, struct list_head *head) -{ - int prio; - - for (prio = 0; prio < 4; prio++) { - int h; - for (h = 0; h < HASH_SIZE; h++) { - struct ip_tunnel *t = ign->tunnels[prio][h]; - - while (t != NULL) { - unregister_netdevice_queue(t->dev, head); - t = t->next; - } - } - } -} - -static int ipgre_init_net(struct net *net) -{ - struct ipgre_net *ign = net_generic(net, ipgre_net_id); - int err; - - ign->fb_tunnel_dev = alloc_netdev(sizeof(struct ip_tunnel), GRE_IOCTL_DEVICE, - ipgre_tunnel_setup); - if (!ign->fb_tunnel_dev) { - err = -ENOMEM; - goto err_alloc_dev; - } - dev_net_set(ign->fb_tunnel_dev, net); - -#ifdef HAVE_NET_DEVICE_OPS - ipgre_fb_tunnel_init(ign->fb_tunnel_dev); -#else - ign->fb_tunnel_dev->init = ipgre_fb_tunnel_init; -#endif -#ifndef GRE_IOCTL_ONLY - ign->fb_tunnel_dev->rtnl_link_ops = &ipgre_link_ops; -#endif - - if ((err = register_netdev(ign->fb_tunnel_dev))) - goto err_reg_dev; - - return 0; - -err_reg_dev: - free_netdev(ign->fb_tunnel_dev); -err_alloc_dev: - return err; -} - -static void ipgre_exit_net(struct net *net) -{ - struct ipgre_net *ign; - LIST_HEAD(list); - - ign = net_generic(net, ipgre_net_id); - rtnl_lock(); - ipgre_destroy_tunnels(ign, &list); - unregister_netdevice_many(&list); - rtnl_unlock(); -} - -static struct pernet_operations ipgre_net_ops = { - .init = ipgre_init_net, - .exit = ipgre_exit_net, - .id = &ipgre_net_id, - .size = sizeof(struct ipgre_net), -}; - -static int ipgre_tap_init(struct net_device *dev) -{ - struct ip_tunnel *tunnel; - - tunnel = netdev_priv(dev); - - tunnel->dev = dev; - strcpy(tunnel->parms.name, dev->name); - - ipgre_tunnel_bind_dev(dev); - - return 0; -} - -#ifdef HAVE_NET_DEVICE_OPS -static const struct net_device_ops ipgre_tap_netdev_ops = { - .ndo_init = ipgre_tap_init, - .ndo_uninit = ipgre_tunnel_uninit, - .ndo_start_xmit = ipgre_tunnel_xmit, - .ndo_set_mac_address = eth_mac_addr, - .ndo_validate_addr = eth_validate_addr, - .ndo_do_ioctl = ipgre_tunnel_ioctl, - .ndo_change_mtu = ipgre_tunnel_change_mtu, -}; -#endif - -static void ipgre_tap_setup(struct net_device *dev) -{ - ether_setup(dev); - -#ifdef HAVE_NET_DEVICE_OPS - dev->netdev_ops = &ipgre_tap_netdev_ops; -#else - dev->init = ipgre_tap_init; - dev->uninit = ipgre_tunnel_uninit; - dev->hard_start_xmit = ipgre_tunnel_xmit; -#ifndef HAVE_NETDEV_STATS - dev->get_stats = ipgre_tunnel_get_stats; -#endif - dev->do_ioctl = ipgre_tunnel_ioctl; - dev->change_mtu = ipgre_tunnel_change_mtu; -#endif /* HAVE_NET_DEVICE_OPS */ - dev->destructor = free_netdev; - - dev->iflink = 0; - dev->features |= NETIF_F_NETNS_LOCAL; - dev->tx_queue_len = 0; - - SET_ETHTOOL_OPS(dev, ðtool_ops); -} - -#ifndef GRE_IOCTL_ONLY -static int ipgre_tunnel_validate(struct nlattr *tb[], struct nlattr *data[]) -{ - __be16 flags; - - if (!data) - return 0; - - flags = 0; - if (data[IFLA_GRE_IFLAGS]) - flags |= nla_get_be16(data[IFLA_GRE_IFLAGS]); - if (data[IFLA_GRE_OFLAGS]) - flags |= nla_get_be16(data[IFLA_GRE_OFLAGS]); - if (flags & (GRE_VERSION|GRE_ROUTING)) - return -EINVAL; - - return 0; -} - -static int ipgre_tap_validate(struct nlattr *tb[], struct nlattr *data[]) -{ - __be32 daddr; - - if (tb[IFLA_ADDRESS]) { - if (nla_len(tb[IFLA_ADDRESS]) != ETH_ALEN) - return -EINVAL; - if (!is_valid_ether_addr(nla_data(tb[IFLA_ADDRESS]))) - return -EADDRNOTAVAIL; - } - - if (!data) - goto out; - - if (data[IFLA_GRE_REMOTE]) { - memcpy(&daddr, nla_data(data[IFLA_GRE_REMOTE]), 4); - if (!daddr) - return -EINVAL; - } - -out: - return ipgre_tunnel_validate(tb, data); -} - -static void ipgre_netlink_parms(struct nlattr *data[], - struct ip_tunnel_parm *parms) -{ - memset(parms, 0, sizeof(*parms)); - - parms->iph.protocol = IPPROTO_GRE; - - if (!data) - return; - - if (data[IFLA_GRE_LINK]) - parms->link = nla_get_u32(data[IFLA_GRE_LINK]); - - if (data[IFLA_GRE_IFLAGS]) - parms->i_flags = nla_get_be16(data[IFLA_GRE_IFLAGS]); - - if (data[IFLA_GRE_OFLAGS]) - parms->o_flags = nla_get_be16(data[IFLA_GRE_OFLAGS]); - - if (data[IFLA_GRE_IKEY]) - parms->i_key = nla_get_be32(data[IFLA_GRE_IKEY]); - - if (data[IFLA_GRE_OKEY]) - parms->o_key = nla_get_be32(data[IFLA_GRE_OKEY]); - - if (data[IFLA_GRE_LOCAL]) - parms->iph.saddr = nla_get_be32(data[IFLA_GRE_LOCAL]); - - if (data[IFLA_GRE_REMOTE]) - parms->iph.daddr = nla_get_be32(data[IFLA_GRE_REMOTE]); - - if (data[IFLA_GRE_TTL]) - parms->iph.ttl = nla_get_u8(data[IFLA_GRE_TTL]); - - if (data[IFLA_GRE_TOS]) - parms->iph.tos = nla_get_u8(data[IFLA_GRE_TOS]); - - if (!data[IFLA_GRE_PMTUDISC] || nla_get_u8(data[IFLA_GRE_PMTUDISC])) - parms->iph.frag_off = htons(IP_DF); -} - -#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,33) -static int ipgre_newlink(struct net *src_net, struct net_device *dev, struct nlattr *tb[], - struct nlattr *data[]) -#else -static int ipgre_newlink(struct net_device *dev, struct nlattr *tb[], - struct nlattr *data[]) -#endif -{ - struct ip_tunnel *nt; - struct net *net = dev_net(dev); - struct ipgre_net *ign = net_generic(net, ipgre_net_id); - int mtu; - int err; - - nt = netdev_priv(dev); - ipgre_netlink_parms(data, &nt->parms); - - if (ipgre_tunnel_find(net, &nt->parms, dev->type)) - return -EEXIST; - - if (dev->type == ARPHRD_ETHER && !tb[IFLA_ADDRESS]) - random_ether_addr(dev->dev_addr); - - mtu = ipgre_tunnel_bind_dev(dev); - if (!tb[IFLA_MTU]) - dev->mtu = mtu; - - err = register_netdevice(dev); - if (err) - goto out; - - dev_hold(dev); - ipgre_tunnel_link(ign, nt); - -out: - return err; -} - -static int ipgre_changelink(struct net_device *dev, struct nlattr *tb[], - struct nlattr *data[]) -{ - struct ip_tunnel *t, *nt; - struct net *net = dev_net(dev); - struct ipgre_net *ign = net_generic(net, ipgre_net_id); - struct ip_tunnel_parm p; - int mtu; - - if (dev == ign->fb_tunnel_dev) - return -EINVAL; - - nt = netdev_priv(dev); - ipgre_netlink_parms(data, &p); - - t = ipgre_tunnel_locate(net, &p, false, 0); - - if (t) { - if (t->dev != dev) - return -EEXIST; - } else { - t = nt; - - if (dev->type != ARPHRD_ETHER) { - unsigned nflags = 0; - - if (ipv4_is_multicast(p.iph.daddr)) - nflags = IFF_BROADCAST; - else if (p.iph.daddr) - nflags = IFF_POINTOPOINT; - - if ((dev->flags ^ nflags) & - (IFF_POINTOPOINT | IFF_BROADCAST)) - return -EINVAL; - } - - ipgre_tunnel_unlink(ign, t); - t->parms.iph.saddr = p.iph.saddr; - t->parms.iph.daddr = p.iph.daddr; - t->parms.i_key = p.i_key; - if (dev->type != ARPHRD_ETHER) { - memcpy(dev->dev_addr, &p.iph.saddr, 4); - memcpy(dev->broadcast, &p.iph.daddr, 4); - } - ipgre_tunnel_link(ign, t); - netdev_state_change(dev); - } - - t->parms.o_key = p.o_key; - t->parms.iph.ttl = p.iph.ttl; - t->parms.iph.tos = p.iph.tos; - t->parms.iph.frag_off = p.iph.frag_off; - - if (t->parms.link != p.link) { - t->parms.link = p.link; - mtu = ipgre_tunnel_bind_dev(dev); - if (!tb[IFLA_MTU]) - dev->mtu = mtu; - netdev_state_change(dev); - } - - return 0; -} - -static size_t ipgre_get_size(const struct net_device *dev) -{ - return - /* IFLA_GRE_LINK */ - nla_total_size(4) + - /* IFLA_GRE_IFLAGS */ - nla_total_size(2) + - /* IFLA_GRE_OFLAGS */ - nla_total_size(2) + - /* IFLA_GRE_IKEY */ - nla_total_size(4) + - /* IFLA_GRE_OKEY */ - nla_total_size(4) + - /* IFLA_GRE_LOCAL */ - nla_total_size(4) + - /* IFLA_GRE_REMOTE */ - nla_total_size(4) + - /* IFLA_GRE_TTL */ - nla_total_size(1) + - /* IFLA_GRE_TOS */ - nla_total_size(1) + - /* IFLA_GRE_PMTUDISC */ - nla_total_size(1) + - 0; -} - -static int ipgre_fill_info(struct sk_buff *skb, const struct net_device *dev) -{ - struct ip_tunnel *t = netdev_priv(dev); - struct ip_tunnel_parm *p = &t->parms; - - NLA_PUT_U32(skb, IFLA_GRE_LINK, p->link); - NLA_PUT_BE16(skb, IFLA_GRE_IFLAGS, p->i_flags); - NLA_PUT_BE16(skb, IFLA_GRE_OFLAGS, p->o_flags); - NLA_PUT_BE32(skb, IFLA_GRE_IKEY, p->i_key); - NLA_PUT_BE32(skb, IFLA_GRE_OKEY, p->o_key); - NLA_PUT_BE32(skb, IFLA_GRE_LOCAL, p->iph.saddr); - NLA_PUT_BE32(skb, IFLA_GRE_REMOTE, p->iph.daddr); - NLA_PUT_U8(skb, IFLA_GRE_TTL, p->iph.ttl); - NLA_PUT_U8(skb, IFLA_GRE_TOS, p->iph.tos); - NLA_PUT_U8(skb, IFLA_GRE_PMTUDISC, !!(p->iph.frag_off & htons(IP_DF))); - - return 0; - -nla_put_failure: - return -EMSGSIZE; -} - -static const struct nla_policy ipgre_policy[IFLA_GRE_MAX + 1] = { - [IFLA_GRE_LINK] = { .type = NLA_U32 }, - [IFLA_GRE_IFLAGS] = { .type = NLA_U16 }, - [IFLA_GRE_OFLAGS] = { .type = NLA_U16 }, - [IFLA_GRE_IKEY] = { .type = NLA_U32 }, - [IFLA_GRE_OKEY] = { .type = NLA_U32 }, - [IFLA_GRE_LOCAL] = { .len = FIELD_SIZEOF(struct iphdr, saddr) }, - [IFLA_GRE_REMOTE] = { .len = FIELD_SIZEOF(struct iphdr, daddr) }, - [IFLA_GRE_TTL] = { .type = NLA_U8 }, - [IFLA_GRE_TOS] = { .type = NLA_U8 }, - [IFLA_GRE_PMTUDISC] = { .type = NLA_U8 }, -}; - -static struct rtnl_link_ops ipgre_link_ops __read_mostly = { - .kind = "gre", - .maxtype = IFLA_GRE_MAX, - .policy = ipgre_policy, - .priv_size = sizeof(struct ip_tunnel), - .setup = ipgre_tunnel_setup, - .validate = ipgre_tunnel_validate, - .newlink = ipgre_newlink, - .changelink = ipgre_changelink, - .get_size = ipgre_get_size, - .fill_info = ipgre_fill_info, -}; - -static struct rtnl_link_ops ipgre_tap_ops __read_mostly = { - .kind = "gretap", - .maxtype = IFLA_GRE_MAX, - .policy = ipgre_policy, - .priv_size = sizeof(struct ip_tunnel), - .setup = ipgre_tap_setup, - .validate = ipgre_tap_validate, - .newlink = ipgre_newlink, - .changelink = ipgre_changelink, - .get_size = ipgre_get_size, - .fill_info = ipgre_fill_info, -}; -#endif - -/* - * And now the modules code and kernel interface. - */ - -static int __init ipgre_init(void) -{ - int err; - - printk(KERN_INFO "Open vSwitch GRE over IPv4, built "__DATE__" " - __TIME__"\n"); - - if (inet_add_protocol(&ipgre_protocol, IPPROTO_GRE) < 0) { - printk(KERN_INFO "ipgre init: can't add protocol\n"); - return -EAGAIN; - } - - err = register_pernet_device(&ipgre_net_ops); - if (err < 0) - goto pernet_device_failed; - -#ifndef GRE_IOCTL_ONLY - err = rtnl_link_register(&ipgre_link_ops); - if (err < 0) - goto rtnl_link_failed; - - err = rtnl_link_register(&ipgre_tap_ops); - if (err < 0) - goto tap_ops_failed; -#endif - -out: - return err; - -#ifndef GRE_IOCTL_ONLY -tap_ops_failed: - rtnl_link_unregister(&ipgre_link_ops); -rtnl_link_failed: - unregister_pernet_device(&ipgre_net_ops); -#endif -pernet_device_failed: - inet_del_protocol(&ipgre_protocol, IPPROTO_GRE); - goto out; - -} - -static void __exit ipgre_fini(void) -{ -#ifndef GRE_IOCTL_ONLY - rtnl_link_unregister(&ipgre_tap_ops); - rtnl_link_unregister(&ipgre_link_ops); -#endif - unregister_pernet_device(&ipgre_net_ops); - if (inet_del_protocol(&ipgre_protocol, IPPROTO_GRE) < 0) - printk(KERN_INFO "ipgre close: can't remove protocol\n"); -} - -module_init(ipgre_init); -module_exit(ipgre_fini); -MODULE_DESCRIPTION("GRE over IPv4 tunneling driver"); -MODULE_LICENSE("GPL"); -#ifndef GRE_IOCTL_ONLY -MODULE_ALIAS_RTNL_LINK("gre"); -MODULE_ALIAS_RTNL_LINK("gretap"); -#endif - diff --git a/datapath/linux-2.6/compat-2.6/net_namespace-ip_gre.c b/datapath/linux-2.6/compat-2.6/net_namespace-ip_gre.c deleted file mode 100644 index 21a6717c..00000000 --- a/datapath/linux-2.6/compat-2.6/net_namespace-ip_gre.c +++ /dev/null @@ -1,117 +0,0 @@ -#include -#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,33) - -#include -#include -#include - -#undef pernet_operations -#undef register_pernet_device -#undef unregister_pernet_device -#undef net_assign_generic -#undef net_generic - -/* This trivial implementation assumes that there is only a single pernet - * device registered and that the caller is well behaved. It only weakly - * attempts to check that these conditions are true. */ - -static struct extended_pernet_operations *dev_ops; -#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,26) -static void *ng_data; -#else -static struct pernet_operations new_ops; -#endif - -static int device_init_net(struct net *net) -{ - int err; - if (dev_ops->id && dev_ops->size) { - void *data = kzalloc(dev_ops->size, GFP_KERNEL); - if (!data) - return -ENOMEM; - - err = rpl_net_assign_generic(net, *dev_ops->id, data); - if (err) { - kfree(data); - return err; - } - } - if (dev_ops->init) - return dev_ops->init(net); - return 0; -} - -static void device_exit_net(struct net *net) -{ - if (dev_ops->exit) - dev_ops->exit(net); - - if (dev_ops->id && dev_ops->size) { - int id = *dev_ops->id; - kfree(rpl_net_generic(net, id)); - } -} - -int rpl_register_pernet_device(struct extended_pernet_operations *ops) -{ - BUG_ON(dev_ops); - dev_ops = ops; - -#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,26) - if (dev_ops->id) - *dev_ops->id = 1; - - return device_init_net(NULL); -#else - memcpy(&new_ops, dev_ops, sizeof new_ops); - new_ops.init = device_init_net; - new_ops.exit = device_exit_net; - - if (ops->id) - return register_pernet_gen_device(dev_ops->id, &new_ops); - else - return register_pernet_device(&new_ops); -#endif -} - -void rpl_unregister_pernet_device(struct extended_pernet_operations *ops) -{ - BUG_ON(!dev_ops); - BUG_ON(dev_ops != ops); - -#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,26) - device_exit_net(NULL); -#else - if (ops->id) - unregister_pernet_gen_device(*dev_ops->id, &new_ops); - else - unregister_pernet_device(&new_ops); -#endif - - dev_ops = NULL; -} - -int rpl_net_assign_generic(struct net *net, int id, void *data) -{ -#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,26) - BUG_ON(id != 1); - - ng_data = data; - return 0; -#else - return net_assign_generic(net, id, data); -#endif -} - -void *rpl_net_generic(struct net *net, int id) -{ -#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,26) - BUG_ON(id != 1); - - return ng_data; -#else - return net_generic(net, id); -#endif -} - -#endif /* kernel < 2.6.33 */ diff --git a/debian/openvswitch-switch.init b/debian/openvswitch-switch.init index 97e9b893..ef92340f 100755 --- a/debian/openvswitch-switch.init +++ b/debian/openvswitch-switch.init @@ -191,14 +191,11 @@ unload_modules() { done fi unload_module openvswitch_mod - unload_module ip_gre_mod } case "$1" in start) load_module openvswitch_mod - unload_module ip_gre - load_module ip_gre_mod if test -n "$CORE_LIMIT"; then check_op "Setting core limit to $CORE_LIMIT" ulimit -c "$CORE_LIMIT" diff --git a/include/openvswitch/gre.h b/include/openvswitch/gre.h index 7f2465a5..3c5691b0 100644 --- a/include/openvswitch/gre.h +++ b/include/openvswitch/gre.h @@ -40,18 +40,12 @@ #ifndef OPENVSWITCH_GRE_H #define OPENVSWITCH_GRE_H 1 -#include -#include -#include - #ifdef __KERNEL__ #include #else #include #endif -/* New GRE config. */ - #define GRE_F_IN_CSUM (1 << 0) /* Require incoming packets to have checksums. */ #define GRE_F_OUT_CSUM (1 << 1) /* Checksum outgoing packets. */ #define GRE_F_IN_KEY_MATCH (1 << 2) /* Store the key in tun_id to match in flow table. */ @@ -70,35 +64,4 @@ struct gre_port_config { __u8 ttl; }; -/* Old GRE config. */ - -#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,23) -#define GRE_IOCTL_ONLY -#elif LINUX_VERSION_CODE < KERNEL_VERSION(2,6,28) -enum -{ - IFLA_GRE_UNSPEC, - IFLA_GRE_LINK, - IFLA_GRE_IFLAGS, - IFLA_GRE_OFLAGS, - IFLA_GRE_IKEY, - IFLA_GRE_OKEY, - IFLA_GRE_LOCAL, - IFLA_GRE_REMOTE, - IFLA_GRE_TTL, - IFLA_GRE_TOS, - IFLA_GRE_PMTUDISC, - __IFLA_GRE_MAX, -}; - -#define IFLA_GRE_MAX (__IFLA_GRE_MAX - 1) -#endif - -#define GRE_IOCTL_DEVICE "gre0" - -#define SIOCGETGRETAP SIOCGETTUNNEL -#define SIOCADDGRETAP (SIOCDEVPRIVATE + 10) -#define SIOCDELGRETAP SIOCDELTUNNEL -#define SIOCCHGGRETAP (SIOCDEVPRIVATE + 11) - #endif /* openvswitch/gre.h */ diff --git a/lib/netdev-gre.c b/lib/netdev-gre.c index 79287cd7..31fe5249 100644 --- a/lib/netdev-gre.c +++ b/lib/netdev-gre.c @@ -54,14 +54,14 @@ static void poll_notify(const struct netdev_gre *netdev); static struct netdev_dev_gre * netdev_dev_gre_cast(const struct netdev_dev *netdev_dev) { - netdev_dev_assert_class(netdev_dev, &netdev_grenew_class); + netdev_dev_assert_class(netdev_dev, &netdev_gre_class); return CONTAINER_OF(netdev_dev, struct netdev_dev_gre, netdev_dev); } static struct netdev_gre * netdev_gre_cast(const struct netdev *netdev) { - netdev_assert_class(netdev, &netdev_grenew_class); + netdev_assert_class(netdev, &netdev_gre_class); return CONTAINER_OF(netdev, struct netdev_gre, netdev); } @@ -200,7 +200,7 @@ netdev_gre_create(const char *name, const char *type OVS_UNUSED, } netdev_dev = xmalloc(sizeof *netdev_dev); - netdev_dev_init(&netdev_dev->netdev_dev, name, &netdev_grenew_class); + netdev_dev_init(&netdev_dev->netdev_dev, name, &netdev_gre_class); *netdev_devp = &netdev_dev->netdev_dev; return 0; @@ -427,8 +427,8 @@ poll_notify(const struct netdev_gre *netdev) } } -const struct netdev_class netdev_grenew_class = { - "grenew", +const struct netdev_class netdev_gre_class = { + "gre", netdev_gre_init, NULL, /* run */ diff --git a/lib/netdev-linux.c b/lib/netdev-linux.c index 833f6054..bcc33268 100644 --- a/lib/netdev-linux.c +++ b/lib/netdev-linux.c @@ -50,7 +50,6 @@ #include "netlink.h" #include "ofpbuf.h" #include "openflow/openflow.h" -#include "openvswitch/gre.h" #include "packets.h" #include "poll-loop.h" #include "rtnetlink.h" @@ -58,10 +57,6 @@ #include "shash.h" #include "svec.h" -#ifndef GRE_IOCTL_ONLY -#include -#endif - #define THIS_MODULE VLM_netdev_linux #include "vlog.h" @@ -123,27 +118,6 @@ struct netdev_linux { /* An AF_INET socket (used for ioctl operations). */ static int af_inet_sock = -1; -struct gre_config { - uint32_t local_ip; - uint32_t remote_ip; - uint32_t in_key; - uint32_t out_key; - uint8_t tos; - bool have_in_key; - bool have_out_key; - bool in_csum; - bool out_csum; - bool pmtud; -}; - -static struct { - union { - struct nl_sock *nl_sock; - int ioctl_fd; - }; - bool use_ioctl; -} gre_descriptors; - struct netdev_linux_notifier { struct netdev_notifier notifier; struct list node; @@ -158,8 +132,7 @@ static struct rtnetlink_notifier netdev_linux_poll_notifier; static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(5, 20); static int netdev_linux_init(void); -static int if_up(const char *name); -static int destroy_gre(const char *name); + static int netdev_linux_do_ethtool(const char *name, struct ethtool_cmd *, int cmd, const char *cmd_name); static int netdev_linux_do_ioctl(const char *name, struct ifreq *, int cmd, @@ -260,346 +233,23 @@ netdev_linux_cache_cb(const struct rtnetlink_change *change, } } -/* The arguments are marked as unused to prevent warnings on platforms where - * the Netlink interface isn't supported. */ static int -setup_gre_netlink(const char *name OVS_UNUSED, - struct gre_config *config OVS_UNUSED, bool create OVS_UNUSED) -{ -#ifdef GRE_IOCTL_ONLY - return EOPNOTSUPP; -#else - int error; - struct ofpbuf request, *reply; - unsigned int nl_flags; - struct ifinfomsg ifinfomsg; - struct nlattr *linkinfo_hdr; - struct nlattr *info_data_hdr; - uint16_t iflags = 0; - uint16_t oflags = 0; - - VLOG_DBG("%s: attempting to create gre device using netlink", name); - - if (!gre_descriptors.nl_sock) { - error = nl_sock_create(NETLINK_ROUTE, 0, 0, 0, - &gre_descriptors.nl_sock); - if (error) { - VLOG_WARN("couldn't create netlink socket: %s", strerror(error)); - goto error; - } - } - - ofpbuf_init(&request, 0); - - nl_flags = NLM_F_REQUEST; - if (create) { - nl_flags |= NLM_F_CREATE|NLM_F_EXCL; - } - - /* We over-reserve space, because we do some pointer arithmetic - * and don't want the buffer address shifting under us. */ - nl_msg_put_nlmsghdr(&request, gre_descriptors.nl_sock, 2048, RTM_NEWLINK, - nl_flags); - - memset(&ifinfomsg, 0, sizeof ifinfomsg); - ifinfomsg.ifi_family = AF_UNSPEC; - nl_msg_put(&request, &ifinfomsg, sizeof ifinfomsg); - - linkinfo_hdr = ofpbuf_tail(&request); - nl_msg_put_unspec(&request, IFLA_LINKINFO, NULL, 0); - - nl_msg_put_unspec(&request, IFLA_INFO_KIND, "gretap", 6); - - info_data_hdr = ofpbuf_tail(&request); - nl_msg_put_unspec(&request, IFLA_INFO_DATA, NULL, 0); - - /* Set flags */ - if (config->have_in_key) { - iflags |= GRE_KEY; - } - if (config->have_out_key) { - oflags |= GRE_KEY; - } - - if (config->in_csum) { - iflags |= GRE_CSUM; - } - if (config->out_csum) { - oflags |= GRE_CSUM; - } - - /* Add options */ - nl_msg_put_u32(&request, IFLA_GRE_IKEY, config->in_key); - nl_msg_put_u32(&request, IFLA_GRE_OKEY, config->out_key); - nl_msg_put_u16(&request, IFLA_GRE_IFLAGS, iflags); - nl_msg_put_u16(&request, IFLA_GRE_OFLAGS, oflags); - nl_msg_put_u32(&request, IFLA_GRE_LOCAL, config->local_ip); - nl_msg_put_u32(&request, IFLA_GRE_REMOTE, config->remote_ip); - nl_msg_put_u8(&request, IFLA_GRE_PMTUDISC, config->pmtud); - nl_msg_put_u8(&request, IFLA_GRE_TTL, IPDEFTTL); - nl_msg_put_u8(&request, IFLA_GRE_TOS, config->tos); - - info_data_hdr->nla_len = (char *)ofpbuf_tail(&request) - - (char *)info_data_hdr; - linkinfo_hdr->nla_len = (char *)ofpbuf_tail(&request) - - (char *)linkinfo_hdr; - - nl_msg_put_string(&request, IFLA_IFNAME, name); - - error = nl_sock_transact(gre_descriptors.nl_sock, &request, &reply); - ofpbuf_uninit(&request); - if (error) { - VLOG_WARN("couldn't transact netlink socket: %s", strerror(error)); - goto error; - } - ofpbuf_delete(reply); - -error: - return error; -#endif -} - -static int -setup_gre_ioctl(const char *name, struct gre_config *config, bool create) +if_up(const char *name) { - struct ip_tunnel_parm p; struct ifreq ifr; - VLOG_DBG("%s: attempting to create gre device using ioctl", name); - - memset(&p, 0, sizeof p); - - strncpy(p.name, name, IFNAMSIZ); - - p.iph.version = 4; - p.iph.ihl = 5; - p.iph.protocol = IPPROTO_GRE; - p.iph.saddr = config->local_ip; - p.iph.daddr = config->remote_ip; - p.iph.ttl = IPDEFTTL; - p.iph.tos = config->tos; - - if (config->have_in_key) { - p.i_flags |= GRE_KEY; - p.i_key = config->in_key; - } - if (config->have_out_key) { - p.o_flags |= GRE_KEY; - p.o_key = config->out_key; - } - - if (config->in_csum) { - p.i_flags |= GRE_CSUM; - } - if (config->out_csum) { - p.o_flags |= GRE_CSUM; - } - - if (config->pmtud) { - p.iph.frag_off = htons(IP_DONT_FRAGMENT); - } - - strncpy(ifr.ifr_name, create ? GRE_IOCTL_DEVICE : name, IFNAMSIZ); - ifr.ifr_ifru.ifru_data = (void *)&p; - - if (!gre_descriptors.ioctl_fd) { - gre_descriptors.ioctl_fd = socket(AF_INET, SOCK_DGRAM, 0); - if (gre_descriptors.ioctl_fd < 0) { - VLOG_WARN("couldn't create gre ioctl socket: %s", strerror(errno)); - gre_descriptors.ioctl_fd = 0; - return errno; - } - } + strncpy(ifr.ifr_name, name, sizeof ifr.ifr_name); + ifr.ifr_flags = IFF_UP; - if (ioctl(gre_descriptors.ioctl_fd, create ? SIOCADDGRETAP : SIOCCHGGRETAP, - &ifr) < 0) { - VLOG_WARN("couldn't do gre ioctl: %s", strerror(errno)); + if (ioctl(af_inet_sock, SIOCSIFFLAGS, &ifr) == -1) { + VLOG_DBG_RL(&rl, "%s: failed to bring device up: %s", + name, strerror(errno)); return errno; } return 0; } -/* The arguments are marked as unused to prevent warnings on platforms where - * the Netlink interface isn't supported. */ -static bool -check_gre_device_netlink(const char *name OVS_UNUSED) -{ -#ifdef GRE_IOCTL_ONLY - return false; -#else - static const struct nl_policy getlink_policy[] = { - [IFLA_LINKINFO] = { .type = NL_A_NESTED, .optional = false }, - }; - - static const struct nl_policy linkinfo_policy[] = { - [IFLA_INFO_KIND] = { .type = NL_A_STRING, .optional = false }, - }; - - int error; - bool ret = false; - struct ofpbuf request, *reply; - struct ifinfomsg ifinfomsg; - struct nlattr *getlink_attrs[ARRAY_SIZE(getlink_policy)]; - struct nlattr *linkinfo_attrs[ARRAY_SIZE(linkinfo_policy)]; - struct ofpbuf linkinfo; - const char *device_kind; - - ofpbuf_init(&request, 0); - - nl_msg_put_nlmsghdr(&request, gre_descriptors.nl_sock, - NLMSG_LENGTH(sizeof ifinfomsg), RTM_GETLINK, - NLM_F_REQUEST); - - memset(&ifinfomsg, 0, sizeof ifinfomsg); - ifinfomsg.ifi_family = AF_UNSPEC; - ifinfomsg.ifi_index = do_get_ifindex(name); - nl_msg_put(&request, &ifinfomsg, sizeof ifinfomsg); - - error = nl_sock_transact(gre_descriptors.nl_sock, &request, &reply); - ofpbuf_uninit(&request); - if (error) { - VLOG_WARN("couldn't transact netlink socket: %s", strerror(error)); - return false; - } - - if (!nl_policy_parse(reply, NLMSG_HDRLEN + sizeof(struct ifinfomsg), - getlink_policy, getlink_attrs, - ARRAY_SIZE(getlink_policy))) { - VLOG_WARN("received bad rtnl message (getlink policy)"); - goto error; - } - - linkinfo.data = (void *)nl_attr_get(getlink_attrs[IFLA_LINKINFO]); - linkinfo.size = nl_attr_get_size(getlink_attrs[IFLA_LINKINFO]); - if (!nl_policy_parse(&linkinfo, 0, linkinfo_policy, - linkinfo_attrs, ARRAY_SIZE(linkinfo_policy))) { - VLOG_WARN("received bad rtnl message (linkinfo policy)"); - goto error; - } - - device_kind = nl_attr_get_string(linkinfo_attrs[IFLA_INFO_KIND]); - ret = !strcmp(device_kind, "gretap"); - -error: - ofpbuf_delete(reply); - return ret; -#endif -} - -static bool -check_gre_device_ioctl(const char *name) -{ - struct ethtool_drvinfo drvinfo; - int error; - - memset(&drvinfo, 0, sizeof drvinfo); - error = netdev_linux_do_ethtool(name, (struct ethtool_cmd *)&drvinfo, - ETHTOOL_GDRVINFO, "ETHTOOL_GDRVINFO"); - - return !error && !strcmp(drvinfo.driver, "ip_gre") - && !strcmp(drvinfo.bus_info, "gretap"); -} - -static int -setup_gre(const char *name, const struct shash *args, bool create) -{ - int error; - struct in_addr in_addr; - struct shash_node *node; - struct gre_config config; - - memset(&config, 0, sizeof config); - config.in_csum = true; - config.out_csum = true; - config.pmtud = true; - - SHASH_FOR_EACH (node, args) { - if (!strcmp(node->name, "remote_ip")) { - if (lookup_ip(node->data, &in_addr)) { - VLOG_WARN("bad 'remote_ip' for gre device %s ", name); - } else { - config.remote_ip = in_addr.s_addr; - } - } else if (!strcmp(node->name, "local_ip")) { - if (lookup_ip(node->data, &in_addr)) { - VLOG_WARN("bad 'local_ip' for gre device %s ", name); - } else { - config.local_ip = in_addr.s_addr; - } - } else if (!strcmp(node->name, "key")) { - config.have_in_key = true; - config.have_out_key = true; - config.in_key = htonl(atoi(node->data)); - config.out_key = htonl(atoi(node->data)); - } else if (!strcmp(node->name, "in_key")) { - config.have_in_key = true; - config.in_key = htonl(atoi(node->data)); - } else if (!strcmp(node->name, "out_key")) { - config.have_out_key = true; - config.out_key = htonl(atoi(node->data)); - } else if (!strcmp(node->name, "tos")) { - config.tos = atoi(node->data); - } else if (!strcmp(node->name, "csum")) { - if (!strcmp(node->data, "false")) { - config.in_csum = false; - config.out_csum = false; - } - } else if (!strcmp(node->name, "pmtud")) { - if (!strcmp(node->data, "false")) { - config.pmtud = false; - } - } else { - VLOG_WARN("unknown gre argument '%s'", node->name); - } - } - - if (!config.remote_ip) { - VLOG_WARN("gre type requires valid 'remote_ip' argument"); - error = EINVAL; - goto error; - } - - if (!gre_descriptors.use_ioctl) { - error = setup_gre_netlink(name, &config, create); - if (error == EOPNOTSUPP) { - gre_descriptors.use_ioctl = true; - } - } - if (gre_descriptors.use_ioctl) { - error = setup_gre_ioctl(name, &config, create); - } - - if (create && error == EEXIST) { - bool gre_device; - - if (gre_descriptors.use_ioctl) { - gre_device = check_gre_device_ioctl(name); - } else { - gre_device = check_gre_device_netlink(name); - } - - if (!gre_device) { - goto error; - } - - VLOG_WARN("replacing existing gre device %s", name); - error = destroy_gre(name); - if (error) { - goto error; - } - - if (gre_descriptors.use_ioctl) { - error = setup_gre_ioctl(name, &config, create); - } else { - error = setup_gre_netlink(name, &config, create); - } - } - -error: - return error; -} - /* A veth may be created using the 'command' "+,". A veth may * be destroyed by using the 'command' "-", where can be * either side of the device. @@ -784,51 +434,6 @@ error: return error; } -static int -if_up(const char *name) -{ - struct ifreq ifr; - - strncpy(ifr.ifr_name, name, sizeof ifr.ifr_name); - ifr.ifr_flags = IFF_UP; - - if (ioctl(af_inet_sock, SIOCSIFFLAGS, &ifr) == -1) { - VLOG_DBG_RL(&rl, "%s: failed to bring device up: %s", - name, strerror(errno)); - return errno; - } - - return 0; -} - -static int -netdev_linux_create_gre(const char *name, const char *type OVS_UNUSED, - const struct shash *args, struct netdev_dev **netdev_devp) -{ - struct netdev_dev_linux *netdev_dev; - int error; - - netdev_dev = xzalloc(sizeof *netdev_dev); - - error = setup_gre(name, args, true); - if (error) { - goto error; - } - - error = if_up(name); - if (error) { - goto error; - } - - netdev_dev_init(&netdev_dev->netdev_dev, name, &netdev_gre_class); - *netdev_devp = &netdev_dev->netdev_dev; - return 0; - -error: - free(netdev_dev); - return error; -} - static int netdev_linux_create_patch(const char *name, const char *type OVS_UNUSED, const struct shash *args, struct netdev_dev **netdev_devp) @@ -851,75 +456,6 @@ netdev_linux_create_patch(const char *name, const char *type OVS_UNUSED, return 0; } -static int -netdev_linux_reconfigure_gre(struct netdev_dev *netdev_dev_, - const struct shash *args) -{ - const char *name = netdev_dev_get_name(netdev_dev_); - - return setup_gre(name, args, false); -} - -/* The arguments are marked as unused to prevent warnings on platforms where - * the Netlink interface isn't supported. */ -static int -destroy_gre_netlink(const char *name OVS_UNUSED) -{ -#ifdef GRE_IOCTL_ONLY - return EOPNOTSUPP; -#else - int error; - struct ofpbuf request, *reply; - struct ifinfomsg ifinfomsg; - int ifindex; - - ofpbuf_init(&request, 0); - - nl_msg_put_nlmsghdr(&request, gre_descriptors.nl_sock, 0, RTM_DELLINK, - NLM_F_REQUEST); - - memset(&ifinfomsg, 0, sizeof ifinfomsg); - ifinfomsg.ifi_family = AF_UNSPEC; - nl_msg_put(&request, &ifinfomsg, sizeof ifinfomsg); - - ifindex = do_get_ifindex(name); - nl_msg_put_u32(&request, IFLA_LINK, ifindex); - - nl_msg_put_string(&request, IFLA_IFNAME, name); - - error = nl_sock_transact(gre_descriptors.nl_sock, &request, &reply); - ofpbuf_uninit(&request); - if (error) { - VLOG_WARN("couldn't transact netlink socket: %s", strerror(error)); - goto error; - } - ofpbuf_delete(reply); - -error: - return 0; -#endif -} - -static int -destroy_gre_ioctl(const char *name) -{ - struct ip_tunnel_parm p; - struct ifreq ifr; - - memset(&p, 0, sizeof p); - strncpy(p.name, name, IFNAMSIZ); - - strncpy(ifr.ifr_name, name, IFNAMSIZ); - ifr.ifr_ifru.ifru_data = (void *)&p; - - if (ioctl(gre_descriptors.ioctl_fd, SIOCDELGRETAP, &ifr) < 0) { - VLOG_WARN("couldn't do gre ioctl: %s\n", strerror(errno)); - return errno; - } - - return 0; -} - static void destroy_tap(struct netdev_dev_linux *netdev_dev) { @@ -930,16 +466,6 @@ destroy_tap(struct netdev_dev_linux *netdev_dev) } } -static int -destroy_gre(const char *name) -{ - if (gre_descriptors.use_ioctl) { - return destroy_gre_ioctl(name); - } else { - return destroy_gre_netlink(name); - } -} - static void destroy_patch(struct netdev_dev_linux *netdev_dev) { @@ -968,8 +494,6 @@ netdev_linux_destroy(struct netdev_dev *netdev_dev_) } } else if (!strcmp(type, "tap")) { destroy_tap(netdev_dev); - } else if (!strcmp(type, "gre")) { - destroy_gre(netdev_dev_get_name(&netdev_dev->netdev_dev)); } else if (!strcmp(type, "patch")) { destroy_patch(netdev_dev); } @@ -2211,54 +1735,6 @@ const struct netdev_class netdev_tap_class = { netdev_linux_poll_remove, }; -const struct netdev_class netdev_gre_class = { - "gre", - - netdev_linux_init, - netdev_linux_run, - netdev_linux_wait, - - netdev_linux_create_gre, - netdev_linux_destroy, - netdev_linux_reconfigure_gre, - - netdev_linux_open, - netdev_linux_close, - - NULL, /* enumerate */ - - netdev_linux_recv, - netdev_linux_recv_wait, - netdev_linux_drain, - - netdev_linux_send, - netdev_linux_send_wait, - - netdev_linux_set_etheraddr, - netdev_linux_get_etheraddr, - netdev_linux_get_mtu, - netdev_linux_get_ifindex, - netdev_linux_get_carrier, - netdev_linux_get_stats, - - netdev_linux_get_features, - netdev_linux_set_advertisements, - netdev_linux_get_vlan_vid, - netdev_linux_set_policing, - - netdev_linux_get_in4, - netdev_linux_set_in4, - netdev_linux_get_in6, - netdev_linux_add_router, - netdev_linux_get_next_hop, - netdev_linux_arp_lookup, - - netdev_linux_update_flags, - - netdev_linux_poll_add, - netdev_linux_poll_remove, -}; - const struct netdev_class netdev_patch_class = { "patch", @@ -2306,6 +1782,7 @@ const struct netdev_class netdev_patch_class = { netdev_linux_poll_add, netdev_linux_poll_remove, }; + static int get_stats_via_netlink(int ifindex, struct netdev_stats *stats) diff --git a/lib/netdev-provider.h b/lib/netdev-provider.h index 927e441a..5ec14d73 100644 --- a/lib/netdev-provider.h +++ b/lib/netdev-provider.h @@ -393,7 +393,6 @@ extern const struct netdev_class netdev_linux_class; extern const struct netdev_class netdev_tap_class; extern const struct netdev_class netdev_gre_class; extern const struct netdev_class netdev_patch_class; -extern const struct netdev_class netdev_grenew_class; #ifdef __cplusplus } diff --git a/lib/netdev.c b/lib/netdev.c index c620730d..4741e24b 100644 --- a/lib/netdev.c +++ b/lib/netdev.c @@ -46,7 +46,6 @@ static const struct netdev_class *base_netdev_classes[] = { &netdev_tap_class, &netdev_gre_class, &netdev_patch_class, - &netdev_grenew_class, }; static struct shash netdev_classes = SHASH_INITIALIZER(&netdev_classes); diff --git a/xenserver/etc_init.d_openvswitch b/xenserver/etc_init.d_openvswitch index dc5edd06..926ce523 100755 --- a/xenserver/etc_init.d_openvswitch +++ b/xenserver/etc_init.d_openvswitch @@ -129,9 +129,6 @@ function insert_modules_if_required { if [ -f "/lib/modules/`uname -r`/kernel/extra/openvswitch/veth_mod.ko" ] && ! lsmod | grep -q "veth_mod"; then action "Inserting veth module" modprobe veth_mod fi - if [ -f "/lib/modules/`uname -r`/kernel/extra/openvswitch/ip_gre_mod.ko" ] && ! lsmod | grep -q "ip_gre_mod"; then - action "Inserting ip_gre module" modprobe ip_gre_mod - fi } function remove_modules { @@ -141,9 +138,6 @@ function remove_modules { if lsmod | grep -q "openvswitch_mod"; then action "Removing openvswitch module" rmmod openvswitch_mod.ko fi - if lsmod | grep -q "ip_gre_mod"; then - action "Removing ip_gre module" rmmod ip_gre_mod.ko - fi } function start_ovsdb_server { diff --git a/xenserver/openvswitch-xen.spec b/xenserver/openvswitch-xen.spec index 5abbda5c..d70b73ae 100644 --- a/xenserver/openvswitch-xen.spec +++ b/xenserver/openvswitch-xen.spec @@ -333,9 +333,6 @@ fi /etc/profile.d/openvswitch.sh /lib/modules/%{xen_version}/kernel/extra/openvswitch/openvswitch_mod.ko /lib/modules/%{xen_version}/kernel/extra/openvswitch/brcompat_mod.ko -%if %(echo '%{xen_version}'|awk -F"." '{if ($3>=18) print 1; else print 0;}') -/lib/modules/%{xen_version}/kernel/extra/openvswitch/ip_gre_mod.ko -%endif %if %(echo '%{xen_version}'|awk -F"[.-]" '{if ($3==18) print 1; else print 0;}') /lib/modules/%{xen_version}/kernel/extra/openvswitch/veth_mod.ko %endif -- 2.30.2