1/* 2 * IPv6 over IPv4 tunnel device - Simple Internet Transition (SIT) 3 * Linux INET6 implementation 4 * 5 * Authors: 6 * Pedro Roque <roque@di.fc.ul.pt> 7 * Alexey Kuznetsov <kuznet@ms2.inr.ac.ru> 8 * 9 * $Id: sit.c,v 1.1.1.1 2008/10/15 03:27:34 james26_jang Exp $ 10 * 11 * This program is free software; you can redistribute it and/or 12 * modify it under the terms of the GNU General Public License 13 * as published by the Free Software Foundation; either version 14 * 2 of the License, or (at your option) any later version. 15 * 16 * Changes: 17 * Roger Venning <r.venning@telstra.com>: 6to4 support 18 * Nate Thompson <nate@thebog.net>: 6to4 support 19 */ 20 21#define __NO_VERSION__ 22#include <linux/config.h> 23#include <linux/module.h> 24#include <linux/errno.h> 25#include <linux/types.h> 26#include <linux/socket.h> 27#include <linux/sockios.h> 28#include <linux/sched.h> 29#include <linux/net.h> 30#include <linux/in6.h> 31#include <linux/netdevice.h> 32#include <linux/if_arp.h> 33#include <linux/icmp.h> 34#include <asm/uaccess.h> 35#include <linux/init.h> 36#include <linux/netfilter_ipv4.h> 37 38#include <net/sock.h> 39#include <net/snmp.h> 40 41#include <net/ipv6.h> 42#include <net/protocol.h> 43#include <net/transp_v6.h> 44#include <net/ip6_fib.h> 45#include <net/ip6_route.h> 46#include <net/ndisc.h> 47#include <net/addrconf.h> 48#include <net/ip.h> 49#include <net/udp.h> 50#include <net/icmp.h> 51#include <net/ipip.h> 52#include <net/inet_ecn.h> 53 54/* 55 This version of net/ipv6/sit.c is cloned of net/ipv4/ip_gre.c 56 57 For comments look at net/ipv4/ip_gre.c --ANK 58 */ 59 60#define HASH_SIZE 16 61#define HASH(addr) ((addr^(addr>>4))&0xF) 62 63static int ipip6_fb_tunnel_init(struct net_device *dev); 64static int ipip6_tunnel_init(struct net_device *dev); 65 66static struct net_device ipip6_fb_tunnel_dev = { 67 name: "sit0", 68 init: ipip6_fb_tunnel_init, 69}; 70 71static struct ip_tunnel ipip6_fb_tunnel = { 72 NULL, &ipip6_fb_tunnel_dev, {0, }, 0, 0, 0, 0, 0, 0, 0, {"sit0", } 73}; 74 75static struct ip_tunnel *tunnels_r_l[HASH_SIZE]; 76static struct ip_tunnel *tunnels_r[HASH_SIZE]; 77static struct ip_tunnel *tunnels_l[HASH_SIZE]; 78static struct ip_tunnel *tunnels_wc[1]; 79static struct ip_tunnel **tunnels[4] = { tunnels_wc, tunnels_l, tunnels_r, tunnels_r_l }; 80 81static rwlock_t ipip6_lock = RW_LOCK_UNLOCKED; 82 83static struct ip_tunnel * ipip6_tunnel_lookup(u32 remote, u32 local) 84{ 85 unsigned h0 = HASH(remote); 86 unsigned h1 = HASH(local); 87 struct ip_tunnel *t; 88 89 for (t = tunnels_r_l[h0^h1]; t; t = t->next) { 90 if (local == t->parms.iph.saddr && 91 remote == t->parms.iph.daddr && (t->dev->flags&IFF_UP)) 92 return t; 93 } 94 for (t = tunnels_r[h0]; t; t = t->next) { 95 if (remote == t->parms.iph.daddr && (t->dev->flags&IFF_UP)) 96 return t; 97 } 98 for (t = tunnels_l[h1]; t; t = t->next) { 99 if (local == t->parms.iph.saddr && (t->dev->flags&IFF_UP)) 100 return t; 101 } 102 if ((t = tunnels_wc[0]) != NULL && (t->dev->flags&IFF_UP)) 103 return t; 104 return NULL; 105} 106 107static struct ip_tunnel ** ipip6_bucket(struct ip_tunnel *t) 108{ 109 u32 remote = t->parms.iph.daddr; 110 u32 local = t->parms.iph.saddr; 111 unsigned h = 0; 112 int prio = 0; 113 114 if (remote) { 115 prio |= 2; 116 h ^= HASH(remote); 117 } 118 if (local) { 119 prio |= 1; 120 h ^= HASH(local); 121 } 122 return &tunnels[prio][h]; 123} 124 125static void ipip6_tunnel_unlink(struct ip_tunnel *t) 126{ 127 struct ip_tunnel **tp; 128 129 for (tp = ipip6_bucket(t); *tp; tp = &(*tp)->next) { 130 if (t == *tp) { 131 write_lock_bh(&ipip6_lock); 132 *tp = t->next; 133 write_unlock_bh(&ipip6_lock); 134 break; 135 } 136 } 137} 138 139static void ipip6_tunnel_link(struct ip_tunnel *t) 140{ 141 struct ip_tunnel **tp = ipip6_bucket(t); 142 143 write_lock_bh(&ipip6_lock); 144 t->next = *tp; 145 write_unlock_bh(&ipip6_lock); 146 *tp = t; 147} 148 149struct ip_tunnel * ipip6_tunnel_locate(struct ip_tunnel_parm *parms, int create) 150{ 151 u32 remote = parms->iph.daddr; 152 u32 local = parms->iph.saddr; 153 struct ip_tunnel *t, **tp, *nt; 154 struct net_device *dev; 155 unsigned h = 0; 156 int prio = 0; 157 158 if (remote) { 159 prio |= 2; 160 h ^= HASH(remote); 161 } 162 if (local) { 163 prio |= 1; 164 h ^= HASH(local); 165 } 166 for (tp = &tunnels[prio][h]; (t = *tp) != NULL; tp = &t->next) { 167 if (local == t->parms.iph.saddr && remote == t->parms.iph.daddr) 168 return t; 169 } 170 if (!create) 171 return NULL; 172 173 MOD_INC_USE_COUNT; 174 dev = kmalloc(sizeof(*dev) + sizeof(*t), GFP_KERNEL); 175 if (dev == NULL) { 176 MOD_DEC_USE_COUNT; 177 return NULL; 178 } 179 memset(dev, 0, sizeof(*dev) + sizeof(*t)); 180 dev->priv = (void*)(dev+1); 181 nt = (struct ip_tunnel*)dev->priv; 182 nt->dev = dev; 183 dev->init = ipip6_tunnel_init; 184 dev->features |= NETIF_F_DYNALLOC; 185 memcpy(&nt->parms, parms, sizeof(*parms)); 186 nt->parms.name[IFNAMSIZ-1] = '\0'; 187 strcpy(dev->name, nt->parms.name); 188 if (dev->name[0] == 0) { 189 int i; 190 for (i=1; i<100; i++) { 191 sprintf(dev->name, "sit%d", i); 192 if (__dev_get_by_name(dev->name) == NULL) 193 break; 194 } 195 if (i==100) 196 goto failed; 197 memcpy(nt->parms.name, dev->name, IFNAMSIZ); 198 } 199 if (register_netdevice(dev) < 0) 200 goto failed; 201 202 dev_hold(dev); 203 ipip6_tunnel_link(nt); 204 /* Do not decrement MOD_USE_COUNT here. */ 205 return nt; 206 207failed: 208 kfree(dev); 209 MOD_DEC_USE_COUNT; 210 return NULL; 211} 212 213static void ipip6_tunnel_destructor(struct net_device *dev) 214{ 215 if (dev != &ipip6_fb_tunnel_dev) { 216 MOD_DEC_USE_COUNT; 217 } 218} 219 220static void ipip6_tunnel_uninit(struct net_device *dev) 221{ 222 if (dev == &ipip6_fb_tunnel_dev) { 223 write_lock_bh(&ipip6_lock); 224 tunnels_wc[0] = NULL; 225 write_unlock_bh(&ipip6_lock); 226 dev_put(dev); 227 } else { 228 ipip6_tunnel_unlink((struct ip_tunnel*)dev->priv); 229 dev_put(dev); 230 } 231} 232 233 234void ipip6_err(struct sk_buff *skb, u32 info) 235{ 236#ifndef I_WISH_WORLD_WERE_PERFECT 237 238/* It is not :-( All the routers (except for Linux) return only 239 8 bytes of packet payload. It means, that precise relaying of 240 ICMP in the real Internet is absolutely infeasible. 241 */ 242 struct iphdr *iph = (struct iphdr*)skb->data; 243 int type = skb->h.icmph->type; 244 int code = skb->h.icmph->code; 245 struct ip_tunnel *t; 246 247 switch (type) { 248 default: 249 case ICMP_PARAMETERPROB: 250 return; 251 252 case ICMP_DEST_UNREACH: 253 switch (code) { 254 case ICMP_SR_FAILED: 255 case ICMP_PORT_UNREACH: 256 /* Impossible event. */ 257 return; 258 case ICMP_FRAG_NEEDED: 259 /* Soft state for pmtu is maintained by IP core. */ 260 return; 261 default: 262 /* All others are translated to HOST_UNREACH. 263 rfc2003 contains "deep thoughts" about NET_UNREACH, 264 I believe they are just ether pollution. --ANK 265 */ 266 break; 267 } 268 break; 269 case ICMP_TIME_EXCEEDED: 270 if (code != ICMP_EXC_TTL) 271 return; 272 break; 273 } 274 275 read_lock(&ipip6_lock); 276 t = ipip6_tunnel_lookup(iph->daddr, iph->saddr); 277 if (t == NULL || t->parms.iph.daddr == 0) 278 goto out; 279 if (t->parms.iph.ttl == 0 && type == ICMP_TIME_EXCEEDED) 280 goto out; 281 282 if (jiffies - t->err_time < IPTUNNEL_ERR_TIMEO) 283 t->err_count++; 284 else 285 t->err_count = 1; 286 t->err_time = jiffies; 287out: 288 read_unlock(&ipip6_lock); 289 return; 290#else 291 struct iphdr *iph = (struct iphdr*)dp; 292 int hlen = iph->ihl<<2; 293 struct ipv6hdr *iph6; 294 int type = skb->h.icmph->type; 295 int code = skb->h.icmph->code; 296 int rel_type = 0; 297 int rel_code = 0; 298 int rel_info = 0; 299 struct sk_buff *skb2; 300 struct rt6_info *rt6i; 301 302 if (len < hlen + sizeof(struct ipv6hdr)) 303 return; 304 iph6 = (struct ipv6hdr*)(dp + hlen); 305 306 switch (type) { 307 default: 308 return; 309 case ICMP_PARAMETERPROB: 310 if (skb->h.icmph->un.gateway < hlen) 311 return; 312 313 /* So... This guy found something strange INSIDE encapsulated 314 packet. Well, he is fool, but what can we do ? 315 */ 316 rel_type = ICMPV6_PARAMPROB; 317 rel_info = skb->h.icmph->un.gateway - hlen; 318 break; 319 320 case ICMP_DEST_UNREACH: 321 switch (code) { 322 case ICMP_SR_FAILED: 323 case ICMP_PORT_UNREACH: 324 /* Impossible event. */ 325 return; 326 case ICMP_FRAG_NEEDED: 327 /* Too complicated case ... */ 328 return; 329 default: 330 /* All others are translated to HOST_UNREACH. 331 rfc2003 contains "deep thoughts" about NET_UNREACH, 332 I believe, it is just ether pollution. --ANK 333 */ 334 rel_type = ICMPV6_DEST_UNREACH; 335 rel_code = ICMPV6_ADDR_UNREACH; 336 break; 337 } 338 break; 339 case ICMP_TIME_EXCEEDED: 340 if (code != ICMP_EXC_TTL) 341 return; 342 rel_type = ICMPV6_TIME_EXCEED; 343 rel_code = ICMPV6_EXC_HOPLIMIT; 344 break; 345 } 346 347 /* Prepare fake skb to feed it to icmpv6_send */ 348 skb2 = skb_clone(skb, GFP_ATOMIC); 349 if (skb2 == NULL) 350 return; 351 dst_release(skb2->dst); 352 skb2->dst = NULL; 353 skb_pull(skb2, skb->data - (u8*)iph6); 354 skb2->nh.raw = skb2->data; 355 356 /* Try to guess incoming interface */ 357 rt6i = rt6_lookup(&iph6->saddr, NULL, NULL, 0); 358 if (rt6i && rt6i->rt6i_dev) { 359 skb2->dev = rt6i->rt6i_dev; 360 361 rt6i = rt6_lookup(&iph6->daddr, &iph6->saddr, NULL, 0); 362 363 if (rt6i && rt6i->rt6i_dev && rt6i->rt6i_dev->type == ARPHRD_SIT) { 364 struct ip_tunnel * t = (struct ip_tunnel*)rt6i->rt6i_dev->priv; 365 if (rel_type == ICMPV6_TIME_EXCEED && t->parms.iph.ttl) { 366 rel_type = ICMPV6_DEST_UNREACH; 367 rel_code = ICMPV6_ADDR_UNREACH; 368 } 369 icmpv6_send(skb2, rel_type, rel_code, rel_info, skb2->dev); 370 } 371 } 372 kfree_skb(skb2); 373 return; 374#endif 375} 376 377static inline void ipip6_ecn_decapsulate(struct iphdr *iph, struct sk_buff *skb) 378{ 379 if (INET_ECN_is_ce(iph->tos) && 380 INET_ECN_is_not_ce(ip6_get_dsfield(skb->nh.ipv6h))) 381 IP6_ECN_set_ce(skb->nh.ipv6h); 382} 383 384int ipip6_rcv(struct sk_buff *skb) 385{ 386 struct iphdr *iph; 387 struct ip_tunnel *tunnel; 388 389 if (!pskb_may_pull(skb, sizeof(struct ipv6hdr))) 390 goto out; 391 392 iph = skb->nh.iph; 393 394 read_lock(&ipip6_lock); 395 if ((tunnel = ipip6_tunnel_lookup(iph->saddr, iph->daddr)) != NULL) { 396 skb->mac.raw = skb->nh.raw; 397 skb->nh.raw = skb->data; 398 memset(&(IPCB(skb)->opt), 0, sizeof(struct ip_options)); 399 skb->protocol = htons(ETH_P_IPV6); 400 skb->pkt_type = PACKET_HOST; 401 tunnel->stat.rx_packets++; 402 tunnel->stat.rx_bytes += skb->len; 403 skb->dev = tunnel->dev; 404 dst_release(skb->dst); 405 skb->dst = NULL; 406#ifdef CONFIG_NETFILTER 407 nf_conntrack_put(skb->nfct); 408 skb->nfct = NULL; 409#ifdef CONFIG_NETFILTER_DEBUG 410 skb->nf_debug = 0; 411#endif 412#endif 413 ipip6_ecn_decapsulate(iph, skb); 414 netif_rx(skb); 415 read_unlock(&ipip6_lock); 416 return 0; 417 } 418 419 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_PROT_UNREACH, 0); 420 kfree_skb(skb); 421 read_unlock(&ipip6_lock); 422out: 423 return 0; 424} 425 426/* Need this wrapper because NF_HOOK takes the function address */ 427static inline int do_ip_send(struct sk_buff *skb) 428{ 429 return ip_send(skb); 430} 431 432 433/* Returns the embedded IPv4 address if the IPv6 address 434 comes from 6to4 (draft-ietf-ngtrans-6to4-04) addr space */ 435 436static inline u32 try_6to4(struct in6_addr *v6dst) 437{ 438 u32 dst = 0; 439 440 if (v6dst->s6_addr16[0] == htons(0x2002)) { 441 /* 6to4 v6 addr has 16 bits prefix, 32 v4addr, 16 SLA, ... */ 442 memcpy(&dst, &v6dst->s6_addr16[1], 4); 443 } 444 return dst; 445} 446 447/* 448 * This function assumes it is being called from dev_queue_xmit() 449 * and that skb is filled properly by that function. 450 */ 451 452static int ipip6_tunnel_xmit(struct sk_buff *skb, struct net_device *dev) 453{ 454 struct ip_tunnel *tunnel = (struct ip_tunnel*)dev->priv; 455 struct net_device_stats *stats = &tunnel->stat; 456 struct iphdr *tiph = &tunnel->parms.iph; 457 struct ipv6hdr *iph6 = skb->nh.ipv6h; 458 u8 tos = tunnel->parms.iph.tos; 459 struct rtable *rt; /* Route to the other host */ 460 struct net_device *tdev; /* Device to other host */ 461 struct iphdr *iph; /* Our new IP header */ 462 int max_headroom; /* The extra header space needed */ 463 u32 dst = tiph->daddr; 464 int mtu; 465 struct in6_addr *addr6; 466 int addr_type; 467 468 if (tunnel->recursion++) { 469 tunnel->stat.collisions++; 470 goto tx_error; 471 } 472 473 if (skb->protocol != htons(ETH_P_IPV6)) 474 goto tx_error; 475 476 if (!dst) 477 dst = try_6to4(&iph6->daddr); 478 479 if (!dst) { 480 struct neighbour *neigh = NULL; 481 482 if (skb->dst) 483 neigh = skb->dst->neighbour; 484 485 if (neigh == NULL) { 486 if (net_ratelimit()) 487 printk(KERN_DEBUG "sit: nexthop == NULL\n"); 488 goto tx_error; 489 } 490 491 addr6 = (struct in6_addr*)&neigh->primary_key; 492 addr_type = ipv6_addr_type(addr6); 493 494 if (addr_type == IPV6_ADDR_ANY) { 495 addr6 = &skb->nh.ipv6h->daddr; 496 addr_type = ipv6_addr_type(addr6); 497 } 498 499 if ((addr_type & IPV6_ADDR_COMPATv4) == 0) 500 goto tx_error_icmp; 501 502 dst = addr6->s6_addr32[3]; 503 } 504 505 if (ip_route_output(&rt, dst, tiph->saddr, RT_TOS(tos), tunnel->parms.link)) { 506 tunnel->stat.tx_carrier_errors++; 507 goto tx_error_icmp; 508 } 509 if (rt->rt_type != RTN_UNICAST) { 510 tunnel->stat.tx_carrier_errors++; 511 goto tx_error_icmp; 512 } 513 tdev = rt->u.dst.dev; 514 515 if (tdev == dev) { 516 ip_rt_put(rt); 517 tunnel->stat.collisions++; 518 goto tx_error; 519 } 520 521 if (tiph->frag_off) 522 mtu = rt->u.dst.pmtu - sizeof(struct iphdr); 523 else 524 mtu = skb->dst ? skb->dst->pmtu : dev->mtu; 525 526 if (mtu < 68) { 527 tunnel->stat.collisions++; 528 ip_rt_put(rt); 529 goto tx_error; 530 } 531 if (mtu < IPV6_MIN_MTU) 532 mtu = IPV6_MIN_MTU; 533 if (skb->dst && mtu < skb->dst->pmtu) { 534 struct rt6_info *rt6 = (struct rt6_info*)skb->dst; 535 if (mtu < rt6->u.dst.pmtu) { 536 if (tunnel->parms.iph.daddr || rt6->rt6i_dst.plen == 128) { 537 rt6->rt6i_flags |= RTF_MODIFIED; 538 rt6->u.dst.pmtu = mtu; 539 } 540 } 541 } 542 if (skb->len > mtu) { 543 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu, dev); 544 ip_rt_put(rt); 545 goto tx_error; 546 } 547 548 if (tunnel->err_count > 0) { 549 if (jiffies - tunnel->err_time < IPTUNNEL_ERR_TIMEO) { 550 tunnel->err_count--; 551 dst_link_failure(skb); 552 } else 553 tunnel->err_count = 0; 554 } 555 556 skb->h.raw = skb->nh.raw; 557 558 /* 559 * Okay, now see if we can stuff it in the buffer as-is. 560 */ 561 max_headroom = (((tdev->hard_header_len+15)&~15)+sizeof(struct iphdr)); 562 563 if (skb_headroom(skb) < max_headroom || skb_cloned(skb) || skb_shared(skb)) { 564 struct sk_buff *new_skb = skb_realloc_headroom(skb, max_headroom); 565 if (!new_skb) { 566 ip_rt_put(rt); 567 stats->tx_dropped++; 568 dev_kfree_skb(skb); 569 tunnel->recursion--; 570 return 0; 571 } 572 if (skb->sk) 573 skb_set_owner_w(new_skb, skb->sk); 574 dev_kfree_skb(skb); 575 skb = new_skb; 576 } 577 578 skb->nh.raw = skb_push(skb, sizeof(struct iphdr)); 579 memset(&(IPCB(skb)->opt), 0, sizeof(IPCB(skb)->opt)); 580 dst_release(skb->dst); 581 skb->dst = &rt->u.dst; 582 583 /* 584 * Push down and install the IPIP header. 585 */ 586 587 iph = skb->nh.iph; 588 iph->version = 4; 589 iph->ihl = sizeof(struct iphdr)>>2; 590 if (mtu > IPV6_MIN_MTU) 591 iph->frag_off = htons(IP_DF); 592 else 593 iph->frag_off = 0; 594 595 iph->protocol = IPPROTO_IPV6; 596 iph->tos = INET_ECN_encapsulate(tos, ip6_get_dsfield(iph6)); 597 iph->daddr = rt->rt_dst; 598 iph->saddr = rt->rt_src; 599 600 if ((iph->ttl = tiph->ttl) == 0) 601 iph->ttl = iph6->hop_limit; 602 603#ifdef CONFIG_NETFILTER 604 nf_conntrack_put(skb->nfct); 605 skb->nfct = NULL; 606#ifdef CONFIG_NETFILTER_DEBUG 607 skb->nf_debug = 0; 608#endif 609#endif 610 611 IPTUNNEL_XMIT(); 612 tunnel->recursion--; 613 return 0; 614 615tx_error_icmp: 616 dst_link_failure(skb); 617tx_error: 618 stats->tx_errors++; 619 dev_kfree_skb(skb); 620 tunnel->recursion--; 621 return 0; 622} 623 624static int 625ipip6_tunnel_ioctl (struct net_device *dev, struct ifreq *ifr, int cmd) 626{ 627 int err = 0; 628 struct ip_tunnel_parm p; 629 struct ip_tunnel *t; 630 631 MOD_INC_USE_COUNT; 632 633 switch (cmd) { 634 case SIOCGETTUNNEL: 635 t = NULL; 636 if (dev == &ipip6_fb_tunnel_dev) { 637 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p))) { 638 err = -EFAULT; 639 break; 640 } 641 t = ipip6_tunnel_locate(&p, 0); 642 } 643 if (t == NULL) 644 t = (struct ip_tunnel*)dev->priv; 645 memcpy(&p, &t->parms, sizeof(p)); 646 if (copy_to_user(ifr->ifr_ifru.ifru_data, &p, sizeof(p))) 647 err = -EFAULT; 648 break; 649 650 case SIOCADDTUNNEL: 651 case SIOCCHGTUNNEL: 652 err = -EPERM; 653 if (!capable(CAP_NET_ADMIN)) 654 goto done; 655 656 err = -EFAULT; 657 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p))) 658 goto done; 659 660 err = -EINVAL; 661 if (p.iph.version != 4 || p.iph.protocol != IPPROTO_IPV6 || 662 p.iph.ihl != 5 || (p.iph.frag_off&htons(~IP_DF))) 663 goto done; 664 if (p.iph.ttl) 665 p.iph.frag_off |= htons(IP_DF); 666 667 t = ipip6_tunnel_locate(&p, cmd == SIOCADDTUNNEL); 668 669 if (dev != &ipip6_fb_tunnel_dev && cmd == SIOCCHGTUNNEL && 670 t != &ipip6_fb_tunnel) { 671 if (t != NULL) { 672 if (t->dev != dev) { 673 err = -EEXIST; 674 break; 675 } 676 } else { 677 if (((dev->flags&IFF_POINTOPOINT) && !p.iph.daddr) || 678 (!(dev->flags&IFF_POINTOPOINT) && p.iph.daddr)) { 679 err = -EINVAL; 680 break; 681 } 682 t = (struct ip_tunnel*)dev->priv; 683 ipip6_tunnel_unlink(t); 684 t->parms.iph.saddr = p.iph.saddr; 685 t->parms.iph.daddr = p.iph.daddr; 686 memcpy(dev->dev_addr, &p.iph.saddr, 4); 687 memcpy(dev->broadcast, &p.iph.daddr, 4); 688 ipip6_tunnel_link(t); 689 netdev_state_change(dev); 690 } 691 } 692 693 if (t) { 694 err = 0; 695 if (cmd == SIOCCHGTUNNEL) { 696 t->parms.iph.ttl = p.iph.ttl; 697 t->parms.iph.tos = p.iph.tos; 698 } 699 if (copy_to_user(ifr->ifr_ifru.ifru_data, &t->parms, sizeof(p))) 700 err = -EFAULT; 701 } else 702 err = (cmd == SIOCADDTUNNEL ? -ENOBUFS : -ENOENT); 703 break; 704 705 case SIOCDELTUNNEL: 706 err = -EPERM; 707 if (!capable(CAP_NET_ADMIN)) 708 goto done; 709 710 if (dev == &ipip6_fb_tunnel_dev) { 711 err = -EFAULT; 712 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p))) 713 goto done; 714 err = -ENOENT; 715 if ((t = ipip6_tunnel_locate(&p, 0)) == NULL) 716 goto done; 717 err = -EPERM; 718 if (t == &ipip6_fb_tunnel) 719 goto done; 720 dev = t->dev; 721 } 722 err = unregister_netdevice(dev); 723 break; 724 725 default: 726 err = -EINVAL; 727 } 728 729done: 730 MOD_DEC_USE_COUNT; 731 return err; 732} 733 734static struct net_device_stats *ipip6_tunnel_get_stats(struct net_device *dev) 735{ 736 return &(((struct ip_tunnel*)dev->priv)->stat); 737} 738 739static int ipip6_tunnel_change_mtu(struct net_device *dev, int new_mtu) 740{ 741 if (new_mtu < IPV6_MIN_MTU || new_mtu > 0xFFF8 - sizeof(struct iphdr)) 742 return -EINVAL; 743 dev->mtu = new_mtu; 744 return 0; 745} 746 747static void ipip6_tunnel_init_gen(struct net_device *dev) 748{ 749 struct ip_tunnel *t = (struct ip_tunnel*)dev->priv; 750 751 dev->destructor = ipip6_tunnel_destructor; 752 dev->uninit = ipip6_tunnel_uninit; 753 dev->hard_start_xmit = ipip6_tunnel_xmit; 754 dev->get_stats = ipip6_tunnel_get_stats; 755 dev->do_ioctl = ipip6_tunnel_ioctl; 756 dev->change_mtu = ipip6_tunnel_change_mtu; 757 758 dev->type = ARPHRD_SIT; 759 dev->hard_header_len = LL_MAX_HEADER + sizeof(struct iphdr); 760 dev->mtu = 1500 - sizeof(struct iphdr); 761 dev->flags = IFF_NOARP; 762 dev->iflink = 0; 763 dev->addr_len = 4; 764 memcpy(dev->dev_addr, &t->parms.iph.saddr, 4); 765 memcpy(dev->broadcast, &t->parms.iph.daddr, 4); 766} 767 768static int ipip6_tunnel_init(struct net_device *dev) 769{ 770 struct net_device *tdev = NULL; 771 struct ip_tunnel *tunnel; 772 struct iphdr *iph; 773 774 tunnel = (struct ip_tunnel*)dev->priv; 775 iph = &tunnel->parms.iph; 776 777 ipip6_tunnel_init_gen(dev); 778 779 if (iph->daddr) { 780 struct rtable *rt; 781 if (!ip_route_output(&rt, iph->daddr, iph->saddr, RT_TOS(iph->tos), tunnel->parms.link)) { 782 tdev = rt->u.dst.dev; 783 ip_rt_put(rt); 784 } 785 dev->flags |= IFF_POINTOPOINT; 786 } 787 788 if (!tdev && tunnel->parms.link) 789 tdev = __dev_get_by_index(tunnel->parms.link); 790 791 if (tdev) { 792 dev->hard_header_len = tdev->hard_header_len + sizeof(struct iphdr); 793 dev->mtu = tdev->mtu - sizeof(struct iphdr); 794 if (dev->mtu < IPV6_MIN_MTU) 795 dev->mtu = IPV6_MIN_MTU; 796 } 797 dev->iflink = tunnel->parms.link; 798 799 return 0; 800} 801 802#ifdef MODULE 803static int ipip6_fb_tunnel_open(struct net_device *dev) 804{ 805 MOD_INC_USE_COUNT; 806 return 0; 807} 808 809static int ipip6_fb_tunnel_close(struct net_device *dev) 810{ 811 MOD_DEC_USE_COUNT; 812 return 0; 813} 814#endif 815 816int __init ipip6_fb_tunnel_init(struct net_device *dev) 817{ 818 struct iphdr *iph; 819 820 ipip6_tunnel_init_gen(dev); 821#ifdef MODULE 822 dev->open = ipip6_fb_tunnel_open; 823 dev->stop = ipip6_fb_tunnel_close; 824#endif 825 826 iph = &ipip6_fb_tunnel.parms.iph; 827 iph->version = 4; 828 iph->protocol = IPPROTO_IPV6; 829 iph->ihl = 5; 830 iph->ttl = 64; 831 832 dev_hold(dev); 833 tunnels_wc[0] = &ipip6_fb_tunnel; 834 return 0; 835} 836 837static struct inet_protocol sit_protocol = { 838 ipip6_rcv, 839 ipip6_err, 840 0, 841 IPPROTO_IPV6, 842 0, 843 NULL, 844 "IPv6" 845}; 846 847#ifdef MODULE 848void sit_cleanup(void) 849{ 850 inet_del_protocol(&sit_protocol); 851 unregister_netdev(&ipip6_fb_tunnel_dev); 852} 853#endif 854 855int __init sit_init(void) 856{ 857 printk(KERN_INFO "IPv6 over IPv4 tunneling driver\n"); 858 859 ipip6_fb_tunnel_dev.priv = (void*)&ipip6_fb_tunnel; 860 strcpy(ipip6_fb_tunnel_dev.name, ipip6_fb_tunnel.parms.name); 861 register_netdev(&ipip6_fb_tunnel_dev); 862 inet_add_protocol(&sit_protocol); 863 return 0; 864} 865