Now available: The Design and Implementation of the FreeBSD Operating System (Second Edition)
[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]
FreeBSD/Linux Kernel Cross Reference
sys/net/if_gre.c
Version:
- FREEBSD - FREEBSD-13-STABLE - FREEBSD-13-0 - FREEBSD-12-STABLE - FREEBSD-12-0 - FREEBSD-11-STABLE - FREEBSD-11-0 - FREEBSD-10-STABLE - FREEBSD-10-0 - FREEBSD-9-STABLE - FREEBSD-9-0 - FREEBSD-8-STABLE - FREEBSD-8-0 - FREEBSD-7-STABLE - FREEBSD-7-0 - FREEBSD-6-STABLE - FREEBSD-6-0 - FREEBSD-5-STABLE - FREEBSD-5-0 - FREEBSD-4-STABLE - FREEBSD-3-STABLE - FREEBSD22 - l41 - OPENBSD - linux-2.6 - MK84 - PLAN9 - xnu-8792
SearchContext: - none - 3 - 10
SearchContext: - none - 3 - 10
1 /* $NetBSD: if_gre.c,v 1.49 2003/12/11 00:22:29 itojun Exp $ */ 2 /* $FreeBSD: releng/7.4/sys/net/if_gre.c 215368 2010-11-16 04:40:03Z sobomax $ */ 3 4 /*- 5 * Copyright (c) 1998 The NetBSD Foundation, Inc. 6 * All rights reserved. 7 * 8 * This code is derived from software contributed to The NetBSD Foundation 9 * by Heiko W.Rupp <hwr@pilhuhn.de> 10 * 11 * IPv6-over-GRE contributed by Gert Doering <gert@greenie.muc.de> 12 * 13 * Redistribution and use in source and binary forms, with or without 14 * modification, are permitted provided that the following conditions 15 * are met: 16 * 1. Redistributions of source code must retain the above copyright 17 * notice, this list of conditions and the following disclaimer. 18 * 2. Redistributions in binary form must reproduce the above copyright 19 * notice, this list of conditions and the following disclaimer in the 20 * documentation and/or other materials provided with the distribution. 21 * 3. All advertising materials mentioning features or use of this software 22 * must display the following acknowledgement: 23 * This product includes software developed by the NetBSD 24 * Foundation, Inc. and its contributors. 25 * 4. Neither the name of The NetBSD Foundation nor the names of its 26 * contributors may be used to endorse or promote products derived 27 * from this software without specific prior written permission. 28 * 29 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 30 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 31 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 32 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 33 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 34 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 35 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 36 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 37 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 38 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 39 * POSSIBILITY OF SUCH DAMAGE. 40 */ 41 42 /* 43 * Encapsulate L3 protocols into IP 44 * See RFC 2784 (successor of RFC 1701 and 1702) for more details. 45 * If_gre is compatible with Cisco GRE tunnels, so you can 46 * have a NetBSD box as the other end of a tunnel interface of a Cisco 47 * router. See gre(4) for more details. 48 * Also supported: IP in IP encaps (proto 55) as of RFC 2004 49 */ 50 51 #include "opt_atalk.h" 52 #include "opt_inet.h" 53 #include "opt_inet6.h" 54 55 #include <sys/param.h> 56 #include <sys/kernel.h> 57 #include <sys/malloc.h> 58 #include <sys/module.h> 59 #include <sys/mbuf.h> 60 #include <sys/priv.h> 61 #include <sys/proc.h> 62 #include <sys/protosw.h> 63 #include <sys/socket.h> 64 #include <sys/sockio.h> 65 #include <sys/sysctl.h> 66 #include <sys/systm.h> 67 68 #include <net/ethernet.h> 69 #include <net/if.h> 70 #include <net/if_clone.h> 71 #include <net/if_types.h> 72 #include <net/route.h> 73 74 #ifdef INET 75 #include <netinet/in.h> 76 #include <netinet/in_systm.h> 77 #include <netinet/in_var.h> 78 #include <netinet/ip.h> 79 #include <netinet/ip_gre.h> 80 #include <netinet/ip_var.h> 81 #include <netinet/ip_encap.h> 82 #else 83 #error "Huh? if_gre without inet?" 84 #endif 85 86 #include <net/bpf.h> 87 88 #include <net/if_gre.h> 89 90 /* 91 * It is not easy to calculate the right value for a GRE MTU. 92 * We leave this task to the admin and use the same default that 93 * other vendors use. 94 */ 95 #define GREMTU 1476 96 97 #define GRENAME "gre" 98 99 /* 100 * gre_mtx protects all global variables in if_gre.c. 101 * XXX: gre_softc data not protected yet. 102 */ 103 struct mtx gre_mtx; 104 static MALLOC_DEFINE(M_GRE, GRENAME, "Generic Routing Encapsulation"); 105 106 struct gre_softc_head gre_softc_list; 107 108 static int gre_clone_create(struct if_clone *, int, caddr_t); 109 static void gre_clone_destroy(struct ifnet *); 110 static int gre_ioctl(struct ifnet *, u_long, caddr_t); 111 static int gre_output(struct ifnet *, struct mbuf *, struct sockaddr *, 112 struct rtentry *rt); 113 114 IFC_SIMPLE_DECLARE(gre, 0); 115 116 static int gre_compute_route(struct gre_softc *sc); 117 118 static void greattach(void); 119 120 #ifdef INET 121 extern struct domain inetdomain; 122 static const struct protosw in_gre_protosw = { 123 .pr_type = SOCK_RAW, 124 .pr_domain = &inetdomain, 125 .pr_protocol = IPPROTO_GRE, 126 .pr_flags = PR_ATOMIC|PR_ADDR, 127 .pr_input = gre_input, 128 .pr_output = (pr_output_t *)rip_output, 129 .pr_ctlinput = rip_ctlinput, 130 .pr_ctloutput = rip_ctloutput, 131 .pr_usrreqs = &rip_usrreqs 132 }; 133 static const struct protosw in_mobile_protosw = { 134 .pr_type = SOCK_RAW, 135 .pr_domain = &inetdomain, 136 .pr_protocol = IPPROTO_MOBILE, 137 .pr_flags = PR_ATOMIC|PR_ADDR, 138 .pr_input = gre_mobile_input, 139 .pr_output = (pr_output_t *)rip_output, 140 .pr_ctlinput = rip_ctlinput, 141 .pr_ctloutput = rip_ctloutput, 142 .pr_usrreqs = &rip_usrreqs 143 }; 144 #endif 145 146 SYSCTL_DECL(_net_link); 147 SYSCTL_NODE(_net_link, IFT_TUNNEL, gre, CTLFLAG_RW, 0, 148 "Generic Routing Encapsulation"); 149 #ifndef MAX_GRE_NEST 150 /* 151 * This macro controls the default upper limitation on nesting of gre tunnels. 152 * Since, setting a large value to this macro with a careless configuration 153 * may introduce system crash, we don't allow any nestings by default. 154 * If you need to configure nested gre tunnels, you can define this macro 155 * in your kernel configuration file. However, if you do so, please be 156 * careful to configure the tunnels so that it won't make a loop. 157 */ 158 #define MAX_GRE_NEST 1 159 #endif 160 static int max_gre_nesting = MAX_GRE_NEST; 161 SYSCTL_INT(_net_link_gre, OID_AUTO, max_nesting, CTLFLAG_RW, 162 &max_gre_nesting, 0, "Max nested tunnels"); 163 164 /* ARGSUSED */ 165 static void 166 greattach(void) 167 { 168 169 mtx_init(&gre_mtx, "gre_mtx", NULL, MTX_DEF); 170 LIST_INIT(&gre_softc_list); 171 if_clone_attach(&gre_cloner); 172 } 173 174 static int 175 gre_clone_create(ifc, unit, params) 176 struct if_clone *ifc; 177 int unit; 178 caddr_t params; 179 { 180 struct gre_softc *sc; 181 182 sc = malloc(sizeof(struct gre_softc), M_GRE, M_WAITOK | M_ZERO); 183 184 GRE2IFP(sc) = if_alloc(IFT_TUNNEL); 185 if (GRE2IFP(sc) == NULL) { 186 free(sc, M_GRE); 187 return (ENOSPC); 188 } 189 190 GRE2IFP(sc)->if_softc = sc; 191 if_initname(GRE2IFP(sc), ifc->ifc_name, unit); 192 193 GRE2IFP(sc)->if_snd.ifq_maxlen = ifqmaxlen; 194 GRE2IFP(sc)->if_addrlen = 0; 195 GRE2IFP(sc)->if_hdrlen = 24; /* IP + GRE */ 196 GRE2IFP(sc)->if_mtu = GREMTU; 197 GRE2IFP(sc)->if_flags = IFF_POINTOPOINT|IFF_MULTICAST; 198 GRE2IFP(sc)->if_output = gre_output; 199 GRE2IFP(sc)->if_ioctl = gre_ioctl; 200 sc->g_dst.s_addr = sc->g_src.s_addr = INADDR_ANY; 201 sc->g_proto = IPPROTO_GRE; 202 GRE2IFP(sc)->if_flags |= IFF_LINK0; 203 sc->encap = NULL; 204 sc->called = 0; 205 sc->gre_fibnum = curthread->td_proc->p_fibnum; 206 sc->wccp_ver = WCCP_V1; 207 sc->key = 0; 208 if_attach(GRE2IFP(sc)); 209 bpfattach(GRE2IFP(sc), DLT_NULL, sizeof(u_int32_t)); 210 mtx_lock(&gre_mtx); 211 LIST_INSERT_HEAD(&gre_softc_list, sc, sc_list); 212 mtx_unlock(&gre_mtx); 213 return (0); 214 } 215 216 static void 217 gre_clone_destroy(ifp) 218 struct ifnet *ifp; 219 { 220 struct gre_softc *sc = ifp->if_softc; 221 222 mtx_lock(&gre_mtx); 223 LIST_REMOVE(sc, sc_list); 224 mtx_unlock(&gre_mtx); 225 226 #ifdef INET 227 if (sc->encap != NULL) 228 encap_detach(sc->encap); 229 #endif 230 bpfdetach(ifp); 231 if_detach(ifp); 232 if_free(ifp); 233 free(sc, M_GRE); 234 } 235 236 /* 237 * The output routine. Takes a packet and encapsulates it in the protocol 238 * given by sc->g_proto. See also RFC 1701 and RFC 2004 239 */ 240 static int 241 gre_output(struct ifnet *ifp, struct mbuf *m, struct sockaddr *dst, 242 struct rtentry *rt) 243 { 244 int error = 0; 245 struct gre_softc *sc = ifp->if_softc; 246 struct greip *gh; 247 struct ip *ip; 248 u_short gre_ip_id = 0; 249 uint8_t gre_ip_tos = 0; 250 u_int16_t etype = 0; 251 struct mobile_h mob_h; 252 u_int32_t af; 253 int extra = 0; 254 255 /* 256 * gre may cause infinite recursion calls when misconfigured. 257 * We'll prevent this by introducing upper limit. 258 */ 259 if (++(sc->called) > max_gre_nesting) { 260 printf("%s: gre_output: recursively called too many " 261 "times(%d)\n", if_name(GRE2IFP(sc)), sc->called); 262 m_freem(m); 263 error = EIO; /* is there better errno? */ 264 goto end; 265 } 266 267 if (!((ifp->if_flags & IFF_UP) && 268 (ifp->if_drv_flags & IFF_DRV_RUNNING)) || 269 sc->g_src.s_addr == INADDR_ANY || sc->g_dst.s_addr == INADDR_ANY) { 270 m_freem(m); 271 error = ENETDOWN; 272 goto end; 273 } 274 275 gh = NULL; 276 ip = NULL; 277 278 /* BPF writes need to be handled specially. */ 279 if (dst->sa_family == AF_UNSPEC) { 280 bcopy(dst->sa_data, &af, sizeof(af)); 281 dst->sa_family = af; 282 } 283 284 if (bpf_peers_present(ifp->if_bpf)) { 285 af = dst->sa_family; 286 bpf_mtap2(ifp->if_bpf, &af, sizeof(af), m); 287 } 288 289 m->m_flags &= ~(M_BCAST|M_MCAST); 290 291 if (sc->g_proto == IPPROTO_MOBILE) { 292 if (dst->sa_family == AF_INET) { 293 struct mbuf *m0; 294 int msiz; 295 296 ip = mtod(m, struct ip *); 297 298 /* 299 * RFC2004 specifies that fragmented diagrams shouldn't 300 * be encapsulated. 301 */ 302 if (ip->ip_off & (IP_MF | IP_OFFMASK)) { 303 _IF_DROP(&ifp->if_snd); 304 m_freem(m); 305 error = EINVAL; /* is there better errno? */ 306 goto end; 307 } 308 memset(&mob_h, 0, MOB_H_SIZ_L); 309 mob_h.proto = (ip->ip_p) << 8; 310 mob_h.odst = ip->ip_dst.s_addr; 311 ip->ip_dst.s_addr = sc->g_dst.s_addr; 312 313 /* 314 * If the packet comes from our host, we only change 315 * the destination address in the IP header. 316 * Else we also need to save and change the source 317 */ 318 if (in_hosteq(ip->ip_src, sc->g_src)) { 319 msiz = MOB_H_SIZ_S; 320 } else { 321 mob_h.proto |= MOB_H_SBIT; 322 mob_h.osrc = ip->ip_src.s_addr; 323 ip->ip_src.s_addr = sc->g_src.s_addr; 324 msiz = MOB_H_SIZ_L; 325 } 326 mob_h.proto = htons(mob_h.proto); 327 mob_h.hcrc = gre_in_cksum((u_int16_t *)&mob_h, msiz); 328 329 if ((m->m_data - msiz) < m->m_pktdat) { 330 /* need new mbuf */ 331 MGETHDR(m0, M_DONTWAIT, MT_DATA); 332 if (m0 == NULL) { 333 _IF_DROP(&ifp->if_snd); 334 m_freem(m); 335 error = ENOBUFS; 336 goto end; 337 } 338 m0->m_next = m; 339 m->m_data += sizeof(struct ip); 340 m->m_len -= sizeof(struct ip); 341 m0->m_pkthdr.len = m->m_pkthdr.len + msiz; 342 m0->m_len = msiz + sizeof(struct ip); 343 m0->m_data += max_linkhdr; 344 memcpy(mtod(m0, caddr_t), (caddr_t)ip, 345 sizeof(struct ip)); 346 m = m0; 347 } else { /* we have some space left in the old one */ 348 m->m_data -= msiz; 349 m->m_len += msiz; 350 m->m_pkthdr.len += msiz; 351 bcopy(ip, mtod(m, caddr_t), 352 sizeof(struct ip)); 353 } 354 ip = mtod(m, struct ip *); 355 memcpy((caddr_t)(ip + 1), &mob_h, (unsigned)msiz); 356 ip->ip_len = ntohs(ip->ip_len) + msiz; 357 } else { /* AF_INET */ 358 _IF_DROP(&ifp->if_snd); 359 m_freem(m); 360 error = EINVAL; 361 goto end; 362 } 363 } else if (sc->g_proto == IPPROTO_GRE) { 364 switch (dst->sa_family) { 365 case AF_INET: 366 ip = mtod(m, struct ip *); 367 gre_ip_tos = ip->ip_tos; 368 gre_ip_id = ip->ip_id; 369 if (sc->wccp_ver == WCCP_V2) { 370 extra = sizeof(uint32_t); 371 etype = WCCP_PROTOCOL_TYPE; 372 } else { 373 etype = ETHERTYPE_IP; 374 } 375 break; 376 #ifdef INET6 377 case AF_INET6: 378 gre_ip_id = ip_newid(); 379 etype = ETHERTYPE_IPV6; 380 break; 381 #endif 382 #ifdef NETATALK 383 case AF_APPLETALK: 384 etype = ETHERTYPE_ATALK; 385 break; 386 #endif 387 default: 388 _IF_DROP(&ifp->if_snd); 389 m_freem(m); 390 error = EAFNOSUPPORT; 391 goto end; 392 } 393 394 /* Reserve space for GRE header + optional GRE key */ 395 int hdrlen = sizeof(struct greip) + extra; 396 if (sc->key) 397 hdrlen += sizeof(uint32_t); 398 M_PREPEND(m, hdrlen, M_DONTWAIT); 399 } else { 400 _IF_DROP(&ifp->if_snd); 401 m_freem(m); 402 error = EINVAL; 403 goto end; 404 } 405 406 if (m == NULL) { /* mbuf allocation failed */ 407 _IF_DROP(&ifp->if_snd); 408 error = ENOBUFS; 409 goto end; 410 } 411 412 M_SETFIB(m, sc->gre_fibnum); /* The envelope may use a different FIB */ 413 414 gh = mtod(m, struct greip *); 415 if (sc->g_proto == IPPROTO_GRE) { 416 uint32_t *options = gh->gi_options; 417 418 memset((void *)gh, 0, sizeof(struct greip) + extra); 419 gh->gi_ptype = htons(etype); 420 gh->gi_flags = 0; 421 422 /* Add key option */ 423 if (sc->key) 424 { 425 gh->gi_flags |= htons(GRE_KP); 426 *(options++) = htonl(sc->key); 427 } 428 } 429 430 gh->gi_pr = sc->g_proto; 431 if (sc->g_proto != IPPROTO_MOBILE) { 432 gh->gi_src = sc->g_src; 433 gh->gi_dst = sc->g_dst; 434 ((struct ip*)gh)->ip_v = IPPROTO_IPV4; 435 ((struct ip*)gh)->ip_hl = (sizeof(struct ip)) >> 2; 436 ((struct ip*)gh)->ip_ttl = GRE_TTL; 437 ((struct ip*)gh)->ip_tos = gre_ip_tos; 438 ((struct ip*)gh)->ip_id = gre_ip_id; 439 gh->gi_len = m->m_pkthdr.len; 440 } 441 442 ifp->if_opackets++; 443 ifp->if_obytes += m->m_pkthdr.len; 444 /* 445 * Send it off and with IP_FORWARD flag to prevent it from 446 * overwriting the ip_id again. ip_id is already set to the 447 * ip_id of the encapsulated packet. 448 */ 449 error = ip_output(m, NULL, &sc->route, IP_FORWARDING, 450 (struct ip_moptions *)NULL, (struct inpcb *)NULL); 451 end: 452 sc->called = 0; 453 if (error) 454 ifp->if_oerrors++; 455 return (error); 456 } 457 458 static int 459 gre_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 460 { 461 struct ifreq *ifr = (struct ifreq *)data; 462 struct if_laddrreq *lifr = (struct if_laddrreq *)data; 463 struct in_aliasreq *aifr = (struct in_aliasreq *)data; 464 struct gre_softc *sc = ifp->if_softc; 465 int s; 466 struct sockaddr_in si; 467 struct sockaddr *sa = NULL; 468 int error, adj; 469 struct sockaddr_in sp, sm, dp, dm; 470 uint32_t key; 471 472 error = 0; 473 adj = 0; 474 475 s = splnet(); 476 switch (cmd) { 477 case SIOCSIFADDR: 478 ifp->if_flags |= IFF_UP; 479 break; 480 case SIOCSIFDSTADDR: 481 break; 482 case SIOCSIFFLAGS: 483 /* 484 * XXXRW: Isn't this priv_check() redundant to the ifnet 485 * layer check? 486 */ 487 if ((error = priv_check(curthread, PRIV_NET_SETIFFLAGS)) != 0) 488 break; 489 if ((ifr->ifr_flags & IFF_LINK0) != 0) 490 sc->g_proto = IPPROTO_GRE; 491 else 492 sc->g_proto = IPPROTO_MOBILE; 493 if ((ifr->ifr_flags & IFF_LINK2) != 0) 494 sc->wccp_ver = WCCP_V2; 495 else 496 sc->wccp_ver = WCCP_V1; 497 goto recompute; 498 case SIOCSIFMTU: 499 /* 500 * XXXRW: Isn't this priv_check() redundant to the ifnet 501 * layer check? 502 */ 503 if ((error = priv_check(curthread, PRIV_NET_SETIFMTU)) != 0) 504 break; 505 if (ifr->ifr_mtu < 576) { 506 error = EINVAL; 507 break; 508 } 509 ifp->if_mtu = ifr->ifr_mtu; 510 break; 511 case SIOCGIFMTU: 512 ifr->ifr_mtu = GRE2IFP(sc)->if_mtu; 513 break; 514 case SIOCADDMULTI: 515 /* 516 * XXXRW: Isn't this priv_checkr() redundant to the ifnet 517 * layer check? 518 */ 519 if ((error = priv_check(curthread, PRIV_NET_ADDMULTI)) != 0) 520 break; 521 if (ifr == 0) { 522 error = EAFNOSUPPORT; 523 break; 524 } 525 switch (ifr->ifr_addr.sa_family) { 526 #ifdef INET 527 case AF_INET: 528 break; 529 #endif 530 #ifdef INET6 531 case AF_INET6: 532 break; 533 #endif 534 default: 535 error = EAFNOSUPPORT; 536 break; 537 } 538 break; 539 case SIOCDELMULTI: 540 /* 541 * XXXRW: Isn't this priv_check() redundant to the ifnet 542 * layer check? 543 */ 544 if ((error = priv_check(curthread, PRIV_NET_DELIFGROUP)) != 0) 545 break; 546 if (ifr == 0) { 547 error = EAFNOSUPPORT; 548 break; 549 } 550 switch (ifr->ifr_addr.sa_family) { 551 #ifdef INET 552 case AF_INET: 553 break; 554 #endif 555 #ifdef INET6 556 case AF_INET6: 557 break; 558 #endif 559 default: 560 error = EAFNOSUPPORT; 561 break; 562 } 563 break; 564 case GRESPROTO: 565 /* 566 * XXXRW: Isn't this priv_check() redundant to the ifnet 567 * layer check? 568 */ 569 if ((error = priv_check(curthread, PRIV_NET_GRE)) != 0) 570 break; 571 sc->g_proto = ifr->ifr_flags; 572 switch (sc->g_proto) { 573 case IPPROTO_GRE: 574 ifp->if_flags |= IFF_LINK0; 575 break; 576 case IPPROTO_MOBILE: 577 ifp->if_flags &= ~IFF_LINK0; 578 break; 579 default: 580 error = EPROTONOSUPPORT; 581 break; 582 } 583 goto recompute; 584 case GREGPROTO: 585 ifr->ifr_flags = sc->g_proto; 586 break; 587 case GRESADDRS: 588 case GRESADDRD: 589 error = priv_check(curthread, PRIV_NET_GRE); 590 if (error) 591 return (error); 592 /* 593 * set tunnel endpoints, compute a less specific route 594 * to the remote end and mark if as up 595 */ 596 sa = &ifr->ifr_addr; 597 if (cmd == GRESADDRS) 598 sc->g_src = (satosin(sa))->sin_addr; 599 if (cmd == GRESADDRD) 600 sc->g_dst = (satosin(sa))->sin_addr; 601 recompute: 602 #ifdef INET 603 if (sc->encap != NULL) { 604 encap_detach(sc->encap); 605 sc->encap = NULL; 606 } 607 #endif 608 if ((sc->g_src.s_addr != INADDR_ANY) && 609 (sc->g_dst.s_addr != INADDR_ANY)) { 610 bzero(&sp, sizeof(sp)); 611 bzero(&sm, sizeof(sm)); 612 bzero(&dp, sizeof(dp)); 613 bzero(&dm, sizeof(dm)); 614 sp.sin_len = sm.sin_len = dp.sin_len = dm.sin_len = 615 sizeof(struct sockaddr_in); 616 sp.sin_family = sm.sin_family = dp.sin_family = 617 dm.sin_family = AF_INET; 618 sp.sin_addr = sc->g_src; 619 dp.sin_addr = sc->g_dst; 620 sm.sin_addr.s_addr = dm.sin_addr.s_addr = 621 INADDR_BROADCAST; 622 #ifdef INET 623 sc->encap = encap_attach(AF_INET, sc->g_proto, 624 sintosa(&sp), sintosa(&sm), sintosa(&dp), 625 sintosa(&dm), (sc->g_proto == IPPROTO_GRE) ? 626 &in_gre_protosw : &in_mobile_protosw, sc); 627 if (sc->encap == NULL) 628 printf("%s: unable to attach encap\n", 629 if_name(GRE2IFP(sc))); 630 #endif 631 if (sc->route.ro_rt != 0) /* free old route */ 632 RTFREE(sc->route.ro_rt); 633 if (gre_compute_route(sc) == 0) 634 ifp->if_drv_flags |= IFF_DRV_RUNNING; 635 else 636 ifp->if_drv_flags &= ~IFF_DRV_RUNNING; 637 } 638 break; 639 case GREGADDRS: 640 memset(&si, 0, sizeof(si)); 641 si.sin_family = AF_INET; 642 si.sin_len = sizeof(struct sockaddr_in); 643 si.sin_addr.s_addr = sc->g_src.s_addr; 644 sa = sintosa(&si); 645 ifr->ifr_addr = *sa; 646 break; 647 case GREGADDRD: 648 memset(&si, 0, sizeof(si)); 649 si.sin_family = AF_INET; 650 si.sin_len = sizeof(struct sockaddr_in); 651 si.sin_addr.s_addr = sc->g_dst.s_addr; 652 sa = sintosa(&si); 653 ifr->ifr_addr = *sa; 654 break; 655 case SIOCSIFPHYADDR: 656 /* 657 * XXXRW: Isn't this priv_check() redundant to the ifnet 658 * layer check? 659 */ 660 if ((error = priv_check(curthread, PRIV_NET_SETIFPHYS)) != 0) 661 break; 662 if (aifr->ifra_addr.sin_family != AF_INET || 663 aifr->ifra_dstaddr.sin_family != AF_INET) { 664 error = EAFNOSUPPORT; 665 break; 666 } 667 if (aifr->ifra_addr.sin_len != sizeof(si) || 668 aifr->ifra_dstaddr.sin_len != sizeof(si)) { 669 error = EINVAL; 670 break; 671 } 672 sc->g_src = aifr->ifra_addr.sin_addr; 673 sc->g_dst = aifr->ifra_dstaddr.sin_addr; 674 goto recompute; 675 case SIOCSLIFPHYADDR: 676 /* 677 * XXXRW: Isn't this priv_check() redundant to the ifnet 678 * layer check? 679 */ 680 if ((error = priv_check(curthread, PRIV_NET_SETIFPHYS)) != 0) 681 break; 682 if (lifr->addr.ss_family != AF_INET || 683 lifr->dstaddr.ss_family != AF_INET) { 684 error = EAFNOSUPPORT; 685 break; 686 } 687 if (lifr->addr.ss_len != sizeof(si) || 688 lifr->dstaddr.ss_len != sizeof(si)) { 689 error = EINVAL; 690 break; 691 } 692 sc->g_src = (satosin(&lifr->addr))->sin_addr; 693 sc->g_dst = 694 (satosin(&lifr->dstaddr))->sin_addr; 695 goto recompute; 696 case SIOCDIFPHYADDR: 697 /* 698 * XXXRW: Isn't this priv_check() redundant to the ifnet 699 * layer check? 700 */ 701 if ((error = priv_check(curthread, PRIV_NET_SETIFPHYS)) != 0) 702 break; 703 sc->g_src.s_addr = INADDR_ANY; 704 sc->g_dst.s_addr = INADDR_ANY; 705 goto recompute; 706 case SIOCGLIFPHYADDR: 707 if (sc->g_src.s_addr == INADDR_ANY || 708 sc->g_dst.s_addr == INADDR_ANY) { 709 error = EADDRNOTAVAIL; 710 break; 711 } 712 memset(&si, 0, sizeof(si)); 713 si.sin_family = AF_INET; 714 si.sin_len = sizeof(struct sockaddr_in); 715 si.sin_addr.s_addr = sc->g_src.s_addr; 716 memcpy(&lifr->addr, &si, sizeof(si)); 717 si.sin_addr.s_addr = sc->g_dst.s_addr; 718 memcpy(&lifr->dstaddr, &si, sizeof(si)); 719 break; 720 case SIOCGIFPSRCADDR: 721 #ifdef INET6 722 case SIOCGIFPSRCADDR_IN6: 723 #endif 724 if (sc->g_src.s_addr == INADDR_ANY) { 725 error = EADDRNOTAVAIL; 726 break; 727 } 728 memset(&si, 0, sizeof(si)); 729 si.sin_family = AF_INET; 730 si.sin_len = sizeof(struct sockaddr_in); 731 si.sin_addr.s_addr = sc->g_src.s_addr; 732 bcopy(&si, &ifr->ifr_addr, sizeof(ifr->ifr_addr)); 733 break; 734 case SIOCGIFPDSTADDR: 735 #ifdef INET6 736 case SIOCGIFPDSTADDR_IN6: 737 #endif 738 if (sc->g_dst.s_addr == INADDR_ANY) { 739 error = EADDRNOTAVAIL; 740 break; 741 } 742 memset(&si, 0, sizeof(si)); 743 si.sin_family = AF_INET; 744 si.sin_len = sizeof(struct sockaddr_in); 745 si.sin_addr.s_addr = sc->g_dst.s_addr; 746 bcopy(&si, &ifr->ifr_addr, sizeof(ifr->ifr_addr)); 747 break; 748 case GRESKEY: 749 error = priv_check(curthread, PRIV_NET_GRE); 750 if (error) 751 break; 752 error = copyin(ifr->ifr_data, &key, sizeof(key)); 753 if (error) 754 break; 755 /* adjust MTU for option header */ 756 if (key == 0 && sc->key != 0) /* clear */ 757 adj += sizeof(key); 758 else if (key != 0 && sc->key == 0) /* set */ 759 adj -= sizeof(key); 760 761 if (ifp->if_mtu + adj < 576) { 762 error = EINVAL; 763 break; 764 } 765 ifp->if_mtu += adj; 766 sc->key = key; 767 break; 768 case GREGKEY: 769 error = copyout(&sc->key, ifr->ifr_data, sizeof(sc->key)); 770 break; 771 772 default: 773 error = EINVAL; 774 break; 775 } 776 777 splx(s); 778 return (error); 779 } 780 781 /* 782 * computes a route to our destination that is not the one 783 * which would be taken by ip_output(), as this one will loop back to 784 * us. If the interface is p2p as a--->b, then a routing entry exists 785 * If we now send a packet to b (e.g. ping b), this will come down here 786 * gets src=a, dst=b tacked on and would from ip_output() sent back to 787 * if_gre. 788 * Goal here is to compute a route to b that is less specific than 789 * a-->b. We know that this one exists as in normal operation we have 790 * at least a default route which matches. 791 */ 792 static int 793 gre_compute_route(struct gre_softc *sc) 794 { 795 struct route *ro; 796 797 ro = &sc->route; 798 799 memset(ro, 0, sizeof(struct route)); 800 ((struct sockaddr_in *)&ro->ro_dst)->sin_addr = sc->g_dst; 801 ro->ro_dst.sa_family = AF_INET; 802 ro->ro_dst.sa_len = sizeof(ro->ro_dst); 803 804 /* 805 * toggle last bit, so our interface is not found, but a less 806 * specific route. I'd rather like to specify a shorter mask, 807 * but this is not possible. Should work though. XXX 808 */ 809 if ((GRE2IFP(sc)->if_flags & IFF_LINK1) == 0) { 810 ((struct sockaddr_in *)&ro->ro_dst)->sin_addr.s_addr ^= 811 htonl(0x01); 812 } 813 814 #ifdef DIAGNOSTIC 815 printf("%s: searching for a route to %s", if_name(GRE2IFP(sc)), 816 inet_ntoa(((struct sockaddr_in *)&ro->ro_dst)->sin_addr)); 817 #endif 818 819 rtalloc_fib(ro, sc->gre_fibnum); 820 821 /* 822 * check if this returned a route at all and this route is no 823 * recursion to ourself 824 */ 825 if (ro->ro_rt == NULL || ro->ro_rt->rt_ifp->if_softc == sc) { 826 #ifdef DIAGNOSTIC 827 if (ro->ro_rt == NULL) 828 printf(" - no route found!\n"); 829 else 830 printf(" - route loops back to ourself!\n"); 831 #endif 832 return EADDRNOTAVAIL; 833 } 834 835 /* 836 * now change it back - else ip_output will just drop 837 * the route and search one to this interface ... 838 */ 839 if ((GRE2IFP(sc)->if_flags & IFF_LINK1) == 0) 840 ((struct sockaddr_in *)&ro->ro_dst)->sin_addr = sc->g_dst; 841 842 #ifdef DIAGNOSTIC 843 printf(", choosing %s with gateway %s", if_name(ro->ro_rt->rt_ifp), 844 inet_ntoa(((struct sockaddr_in *)(ro->ro_rt->rt_gateway))->sin_addr)); 845 printf("\n"); 846 #endif 847 848 return 0; 849 } 850 851 /* 852 * do a checksum of a buffer - much like in_cksum, which operates on 853 * mbufs. 854 */ 855 u_int16_t 856 gre_in_cksum(u_int16_t *p, u_int len) 857 { 858 u_int32_t sum = 0; 859 int nwords = len >> 1; 860 861 while (nwords-- != 0) 862 sum += *p++; 863 864 if (len & 1) { 865 union { 866 u_short w; 867 u_char c[2]; 868 } u; 869 u.c[0] = *(u_char *)p; 870 u.c[1] = 0; 871 sum += u.w; 872 } 873 874 /* end-around-carry */ 875 sum = (sum >> 16) + (sum & 0xffff); 876 sum += (sum >> 16); 877 return (~sum); 878 } 879 880 static int 881 gremodevent(module_t mod, int type, void *data) 882 { 883 884 switch (type) { 885 case MOD_LOAD: 886 greattach(); 887 break; 888 case MOD_UNLOAD: 889 if_clone_detach(&gre_cloner); 890 mtx_destroy(&gre_mtx); 891 break; 892 default: 893 return EOPNOTSUPP; 894 } 895 return 0; 896 } 897 898 static moduledata_t gre_mod = { 899 "if_gre", 900 gremodevent, 901 0 902 }; 903 904 DECLARE_MODULE(if_gre, gre_mod, SI_SUB_PSEUDO, SI_ORDER_ANY); 905 MODULE_VERSION(if_gre, 1);
Cache object: f115d48bade697abb81988701c50144b
[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]