net/ipv4/xfrm4_tunnel.c - pub/scm/linux/kernel/git/joro/linux - Git at Google

 /* xfrm4_tunnel.c: Generic IP tunnel transformer.
  *
  * Copyright (C) 2003 David S. Miller (davem@redhat.com)
  */

 #include <linux/skbuff.h>
 #include <net/xfrm.h>
 #include <net/ip.h>
 #include <net/icmp.h>
 #include <net/inet_ecn.h>

 int xfrm4_tunnel_check_size(struct sk_buff *skb)
 {
 	int mtu, ret = 0;
 	struct dst_entry *dst;
 	struct iphdr *iph = skb->nh.iph;

 	if (IPCB(skb)->flags & IPSKB_XFRM_TUNNEL_SIZE)
 		goto out;

 	IPCB(skb)->flags |= IPSKB_XFRM_TUNNEL_SIZE;

 	if (!(iph->frag_off & htons(IP_DF)))
 		goto out;

 	dst = skb->dst;
 	mtu = dst_pmtu(dst) - dst->header_len - dst->trailer_len;
 	if (skb->len > mtu) {
 		icmp_send(skb, ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED, htonl(mtu));
 		ret = -EMSGSIZE;
 	}
 out:
 	return ret;
 }

 static int ipip_output(struct sk_buff *skb)
 {
 	struct dst_entry *dst = skb->dst;
 	struct xfrm_state *x = dst->xfrm;
 	struct iphdr *iph, *top_iph;
 	int tos, err;

 	if ((err = xfrm4_tunnel_check_size(skb)) != 0)
 		goto error_nolock;

 	iph = skb->nh.iph;

 	spin_lock_bh(&x->lock);

 	tos = iph->tos;

 	top_iph = (struct iphdr *) skb_push(skb, x->props.header_len);
 	top_iph->ihl = 5;
 	top_iph->version = 4;
 	top_iph->tos = INET_ECN_encapsulate(tos, iph->tos);
 	top_iph->tot_len = htons(skb->len);
 	top_iph->frag_off = iph->frag_off & ~htons(IP_MF|IP_OFFSET);
 	if (!(iph->frag_off & htons(IP_DF)))
 		__ip_select_ident(top_iph, dst, 0);
 	top_iph->ttl = iph->ttl;
 	top_iph->protocol = IPPROTO_IPIP;
 	top_iph->check = 0;
 	top_iph->saddr = x->props.saddr.a4;
 	top_iph->daddr = x->id.daddr.a4;
 	memset(&(IPCB(skb)->opt), 0, sizeof(struct ip_options));
 	ip_send_check(top_iph);

 	skb->nh.raw = skb->data;
 	x->curlft.bytes += skb->len;
 	x->curlft.packets++;

 	spin_unlock_bh(&x->lock);

 	if ((skb->dst = dst_pop(dst)) == NULL) {
 		kfree_skb(skb);
 		err = -EHOSTUNREACH;
 		goto error_nolock;
 	}
 	return NET_XMIT_BYPASS;

 error_nolock:
 	kfree_skb(skb);
 	return err;
 }

 static int ipip_xfrm_rcv(struct xfrm_state *x, struct xfrm_decap_state *decap, struct sk_buff *skb)
 {
 	return 0;
 }

 static struct xfrm_tunnel *ipip_handler;
 static DECLARE_MUTEX(xfrm4_tunnel_sem);

 int xfrm4_tunnel_register(struct xfrm_tunnel *handler)
 {
 	int ret;

 	down(&xfrm4_tunnel_sem);
 	ret = 0;
 	if (ipip_handler != NULL)
 		ret = -EINVAL;
 	if (!ret)
 		ipip_handler = handler;
 	up(&xfrm4_tunnel_sem);

 	return ret;
 }

 int xfrm4_tunnel_deregister(struct xfrm_tunnel *handler)
 {
 	int ret;

 	down(&xfrm4_tunnel_sem);
 	ret = 0;
 	if (ipip_handler != handler)
 		ret = -EINVAL;
 	if (!ret)
 		ipip_handler = NULL;
 	up(&xfrm4_tunnel_sem);

 	synchronize_net();

 	return ret;
 }

 static int ipip_rcv(struct sk_buff *skb)
 {
 	struct xfrm_tunnel *handler = ipip_handler;

 	/* Tunnel devices take precedence.  */
 	if (handler && handler->handler(skb) == 0)
 		return 0;

 	return xfrm4_rcv_encap(skb, 0);
 }

 static void ipip_err(struct sk_buff *skb, u32 info)
 {
 	struct xfrm_tunnel *handler = ipip_handler;
 	u32 arg = info;

 	if (handler)
 		handler->err_handler(skb, &arg);
 }

 static int ipip_init_state(struct xfrm_state *x, void *args)
 {
 	if (!x->props.mode)
 		return -EINVAL;
 	x->props.header_len = sizeof(struct iphdr);

 	return 0;
 }

 static void ipip_destroy(struct xfrm_state *x)
 {
 }

 static struct xfrm_type ipip_type = {
 	.description	= "IPIP",
 	.owner		= THIS_MODULE,
 	.proto	     	= IPPROTO_IPIP,
 	.init_state	= ipip_init_state,
 	.destructor	= ipip_destroy,
 	.input		= ipip_xfrm_rcv,
 	.output		= ipip_output
 };

 static struct inet_protocol ipip_protocol = {
 	.handler	=	ipip_rcv,
 	.err_handler	=	ipip_err,
 	.no_policy	=	1,
 };

 static int __init ipip_init(void)
 {
 	if (xfrm_register_type(&ipip_type, AF_INET) < 0) {
 		printk(KERN_INFO "ipip init: can't add xfrm type\n");
 		return -EAGAIN;
 	}
 	if (inet_add_protocol(&ipip_protocol, IPPROTO_IPIP) < 0) {
 		printk(KERN_INFO "ipip init: can't add protocol\n");
 		xfrm_unregister_type(&ipip_type, AF_INET);
 		return -EAGAIN;
 	}
 	return 0;
 }

 static void __exit ipip_fini(void)
 {
 	if (inet_del_protocol(&ipip_protocol, IPPROTO_IPIP) < 0)
 		printk(KERN_INFO "ipip close: can't remove protocol\n");
 	if (xfrm_unregister_type(&ipip_type, AF_INET) < 0)
 		printk(KERN_INFO "ipip close: can't remove xfrm type\n");
 }

 module_init(ipip_init);
 module_exit(ipip_fini);
 MODULE_LICENSE("GPL");
	/* xfrm4_tunnel.c: Generic IP tunnel transformer.
	*
	* Copyright (C) 2003 David S. Miller (davem@redhat.com)
	*/

	#include <linux/skbuff.h>
	#include <net/xfrm.h>
	#include <net/ip.h>
	#include <net/icmp.h>
	#include <net/inet_ecn.h>

	int xfrm4_tunnel_check_size(struct sk_buff *skb)
	{
	int mtu, ret = 0;
	struct dst_entry *dst;
	struct iphdr *iph = skb->nh.iph;

	if (IPCB(skb)->flags & IPSKB_XFRM_TUNNEL_SIZE)
	goto out;

	IPCB(skb)->flags \|= IPSKB_XFRM_TUNNEL_SIZE;

	if (!(iph->frag_off & htons(IP_DF)))
	goto out;

	dst = skb->dst;
	mtu = dst_pmtu(dst) - dst->header_len - dst->trailer_len;
	if (skb->len > mtu) {
	icmp_send(skb, ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED, htonl(mtu));
	ret = -EMSGSIZE;
	}
	out:
	return ret;
	}

	static int ipip_output(struct sk_buff *skb)
	{
	struct dst_entry *dst = skb->dst;
	struct xfrm_state *x = dst->xfrm;
	struct iphdr iph, top_iph;
	int tos, err;

	if ((err = xfrm4_tunnel_check_size(skb)) != 0)
	goto error_nolock;

	iph = skb->nh.iph;

	spin_lock_bh(&x->lock);

	tos = iph->tos;

	top_iph = (struct iphdr *) skb_push(skb, x->props.header_len);
	top_iph->ihl = 5;
	top_iph->version = 4;
	top_iph->tos = INET_ECN_encapsulate(tos, iph->tos);
	top_iph->tot_len = htons(skb->len);
	top_iph->frag_off = iph->frag_off & ~htons(IP_MF\|IP_OFFSET);
	if (!(iph->frag_off & htons(IP_DF)))
	__ip_select_ident(top_iph, dst, 0);
	top_iph->ttl = iph->ttl;
	top_iph->protocol = IPPROTO_IPIP;
	top_iph->check = 0;
	top_iph->saddr = x->props.saddr.a4;
	top_iph->daddr = x->id.daddr.a4;
	memset(&(IPCB(skb)->opt), 0, sizeof(struct ip_options));
	ip_send_check(top_iph);

	skb->nh.raw = skb->data;
	x->curlft.bytes += skb->len;
	x->curlft.packets++;

	spin_unlock_bh(&x->lock);

	if ((skb->dst = dst_pop(dst)) == NULL) {
	kfree_skb(skb);
	err = -EHOSTUNREACH;
	goto error_nolock;
	}
	return NET_XMIT_BYPASS;

	error_nolock:
	kfree_skb(skb);
	return err;
	}

	static int ipip_xfrm_rcv(struct xfrm_state x, struct xfrm_decap_state decap, struct sk_buff *skb)
	{
	return 0;
	}

	static struct xfrm_tunnel *ipip_handler;
	static DECLARE_MUTEX(xfrm4_tunnel_sem);

	int xfrm4_tunnel_register(struct xfrm_tunnel *handler)
	{
	int ret;

	down(&xfrm4_tunnel_sem);
	ret = 0;
	if (ipip_handler != NULL)
	ret = -EINVAL;
	if (!ret)
	ipip_handler = handler;
	up(&xfrm4_tunnel_sem);

	return ret;
	}

	int xfrm4_tunnel_deregister(struct xfrm_tunnel *handler)
	{
	int ret;

	down(&xfrm4_tunnel_sem);
	ret = 0;
	if (ipip_handler != handler)
	ret = -EINVAL;
	if (!ret)
	ipip_handler = NULL;
	up(&xfrm4_tunnel_sem);

	synchronize_net();

	return ret;
	}

	static int ipip_rcv(struct sk_buff *skb)
	{
	struct xfrm_tunnel *handler = ipip_handler;

	/* Tunnel devices take precedence. */
	if (handler && handler->handler(skb) == 0)
	return 0;

	return xfrm4_rcv_encap(skb, 0);
	}

	static void ipip_err(struct sk_buff *skb, u32 info)
	{
	struct xfrm_tunnel *handler = ipip_handler;
	u32 arg = info;

	if (handler)
	handler->err_handler(skb, &arg);
	}

	static int ipip_init_state(struct xfrm_state x, void args)
	{
	if (!x->props.mode)
	return -EINVAL;
	x->props.header_len = sizeof(struct iphdr);

	return 0;
	}

	static void ipip_destroy(struct xfrm_state *x)
	{
	}

	static struct xfrm_type ipip_type = {
	.description = "IPIP",
	.owner = THIS_MODULE,
	.proto = IPPROTO_IPIP,
	.init_state = ipip_init_state,
	.destructor = ipip_destroy,
	.input = ipip_xfrm_rcv,
	.output = ipip_output
	};

	static struct inet_protocol ipip_protocol = {
	.handler = ipip_rcv,
	.err_handler = ipip_err,
	.no_policy = 1,
	};

	static int __init ipip_init(void)
	{
	if (xfrm_register_type(&ipip_type, AF_INET) < 0) {
	printk(KERN_INFO "ipip init: can't add xfrm type\n");
	return -EAGAIN;
	}
	if (inet_add_protocol(&ipip_protocol, IPPROTO_IPIP) < 0) {
	printk(KERN_INFO "ipip init: can't add protocol\n");
	xfrm_unregister_type(&ipip_type, AF_INET);
	return -EAGAIN;
	}
	return 0;
	}

	static void __exit ipip_fini(void)
	{
	if (inet_del_protocol(&ipip_protocol, IPPROTO_IPIP) < 0)
	printk(KERN_INFO "ipip close: can't remove protocol\n");
	if (xfrm_unregister_type(&ipip_type, AF_INET) < 0)
	printk(KERN_INFO "ipip close: can't remove xfrm type\n");
	}

	module_init(ipip_init);
	module_exit(ipip_fini);
	MODULE_LICENSE("GPL");