2 /* $KAME: if_gif.c,v 1.87 2001/10/19 08:50:27 itojun Exp $ */
5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 3. Neither the name of the project nor the names of its contributors
17 * may be used to endorse or promote products derived from this software
18 * without specific prior written permission.
20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 #include "opt_inet6.h"
37 #include <sys/param.h>
38 #include <sys/systm.h>
39 #include <sys/kernel.h>
41 #include <sys/malloc.h>
43 #include <sys/module.h>
44 #include <sys/socket.h>
45 #include <sys/sockio.h>
46 #include <sys/errno.h>
48 #include <sys/sysctl.h>
49 #include <sys/syslog.h>
50 #include <sys/protosw.h>
52 #include <machine/cpu.h>
55 #include <net/if_clone.h>
56 #include <net/if_types.h>
57 #include <net/netisr.h>
58 #include <net/route.h>
61 #include <netinet/in.h>
62 #include <netinet/in_systm.h>
63 #include <netinet/ip.h>
65 #include <netinet/in_var.h>
66 #include <netinet/in_gif.h>
67 #include <netinet/ip_var.h>
72 #include <netinet/in.h>
74 #include <netinet6/in6_var.h>
75 #include <netinet/ip6.h>
76 #include <netinet6/ip6_var.h>
77 #include <netinet6/scope6_var.h>
78 #include <netinet6/in6_gif.h>
79 #include <netinet6/ip6protosw.h>
82 #include <netinet/ip_encap.h>
83 #include <net/ethernet.h>
84 #include <net/if_bridgevar.h>
85 #include <net/if_gif.h>
87 #include <net/net_osdep.h>
92 * gif_mtx protects the global gif_softc_list.
94 static struct mtx gif_mtx;
95 static MALLOC_DEFINE(M_GIF, "gif", "Generic Tunnel Interface");
96 static LIST_HEAD(, gif_softc) gif_softc_list;
98 void (*ng_gif_input_p)(struct ifnet *ifp, struct mbuf **mp, int af);
99 void (*ng_gif_input_orphan_p)(struct ifnet *ifp, struct mbuf *m, int af);
100 void (*ng_gif_attach_p)(struct ifnet *ifp);
101 void (*ng_gif_detach_p)(struct ifnet *ifp);
103 static void gif_start(struct ifnet *);
104 static int gif_clone_create(struct if_clone *, int, caddr_t);
105 static void gif_clone_destroy(struct ifnet *);
107 IFC_SIMPLE_DECLARE(gif, 0);
109 static int gifmodevent(module_t, int, void *);
111 SYSCTL_DECL(_net_link);
112 SYSCTL_NODE(_net_link, IFT_GIF, gif, CTLFLAG_RW, 0,
113 "Generic Tunnel Interface");
116 * This macro controls the default upper limitation on nesting of gif tunnels.
117 * Since, setting a large value to this macro with a careless configuration
118 * may introduce system crash, we don't allow any nestings by default.
119 * If you need to configure nested gif tunnels, you can define this macro
120 * in your kernel configuration file. However, if you do so, please be
121 * careful to configure the tunnels so that it won't make a loop.
123 #define MAX_GIF_NEST 1
125 static int max_gif_nesting = MAX_GIF_NEST;
126 SYSCTL_INT(_net_link_gif, OID_AUTO, max_nesting, CTLFLAG_RW,
127 &max_gif_nesting, 0, "Max nested tunnels");
130 * By default, we disallow creation of multiple tunnels between the same
131 * pair of addresses. Some applications require this functionality so
132 * we allow control over this check here.
135 static int parallel_tunnels = 1;
137 static int parallel_tunnels = 0;
139 SYSCTL_INT(_net_link_gif, OID_AUTO, parallel_tunnels, CTLFLAG_RW,
140 ¶llel_tunnels, 0, "Allow parallel tunnels?");
143 gif_clone_create(ifc, unit, params)
144 struct if_clone *ifc;
148 struct gif_softc *sc;
150 sc = malloc(sizeof(struct gif_softc), M_GIF, M_WAITOK | M_ZERO);
151 GIF2IFP(sc) = if_alloc(IFT_GIF);
152 if (GIF2IFP(sc) == NULL) {
159 GIF2IFP(sc)->if_softc = sc;
160 if_initname(GIF2IFP(sc), ifc->ifc_name, unit);
162 sc->encap_cookie4 = sc->encap_cookie6 = NULL;
164 GIF2IFP(sc)->if_addrlen = 0;
165 GIF2IFP(sc)->if_mtu = GIF_MTU;
166 GIF2IFP(sc)->if_flags = IFF_POINTOPOINT | IFF_MULTICAST;
168 /* turn off ingress filter */
169 GIF2IFP(sc)->if_flags |= IFF_LINK2;
171 GIF2IFP(sc)->if_ioctl = gif_ioctl;
172 GIF2IFP(sc)->if_start = gif_start;
173 GIF2IFP(sc)->if_output = gif_output;
174 GIF2IFP(sc)->if_snd.ifq_maxlen = IFQ_MAXLEN;
175 if_attach(GIF2IFP(sc));
176 bpfattach(GIF2IFP(sc), DLT_NULL, sizeof(u_int32_t));
177 if (ng_gif_attach_p != NULL)
178 (*ng_gif_attach_p)(GIF2IFP(sc));
181 LIST_INSERT_HEAD(&gif_softc_list, sc, gif_list);
182 mtx_unlock(&gif_mtx);
188 gif_clone_destroy(ifp)
192 struct gif_softc *sc = ifp->if_softc;
195 LIST_REMOVE(sc, gif_list);
196 mtx_unlock(&gif_mtx);
198 gif_delete_tunnel(ifp);
200 if (sc->encap_cookie6 != NULL) {
201 err = encap_detach(sc->encap_cookie6);
202 KASSERT(err == 0, ("Unexpected error detaching encap_cookie6"));
206 if (sc->encap_cookie4 != NULL) {
207 err = encap_detach(sc->encap_cookie4);
208 KASSERT(err == 0, ("Unexpected error detaching encap_cookie4"));
212 if (ng_gif_detach_p != NULL)
213 (*ng_gif_detach_p)(ifp);
218 GIF_LOCK_DESTROY(sc);
224 gifmodevent(mod, type, data)
232 mtx_init(&gif_mtx, "gif_mtx", NULL, MTX_DEF);
233 LIST_INIT(&gif_softc_list);
234 if_clone_attach(&gif_cloner);
237 ip6_gif_hlim = GIF_HLIM;
242 if_clone_detach(&gif_cloner);
243 mtx_destroy(&gif_mtx);
254 static moduledata_t gif_mod = {
260 DECLARE_MODULE(if_gif, gif_mod, SI_SUB_PSEUDO, SI_ORDER_ANY);
261 MODULE_VERSION(if_gif, 1);
264 gif_encapcheck(m, off, proto, arg)
265 const struct mbuf *m;
271 struct gif_softc *sc;
273 sc = (struct gif_softc *)arg;
277 if ((GIF2IFP(sc)->if_flags & IFF_UP) == 0)
280 /* no physical address */
281 if (!sc->gif_psrc || !sc->gif_pdst)
293 case IPPROTO_ETHERIP:
300 /* Bail on short packets */
301 if (m->m_pkthdr.len < sizeof(ip))
304 m_copydata(m, 0, sizeof(ip), (caddr_t)&ip);
309 if (sc->gif_psrc->sa_family != AF_INET ||
310 sc->gif_pdst->sa_family != AF_INET)
312 return gif_encapcheck4(m, off, proto, arg);
316 if (m->m_pkthdr.len < sizeof(struct ip6_hdr))
318 if (sc->gif_psrc->sa_family != AF_INET6 ||
319 sc->gif_pdst->sa_family != AF_INET6)
321 return gif_encapcheck6(m, off, proto, arg);
329 gif_start(struct ifnet *ifp)
331 struct gif_softc *sc;
336 ifp->if_drv_flags |= IFF_DRV_OACTIVE;
338 IFQ_DEQUEUE(&ifp->if_snd, m);
342 gif_output(ifp, m, sc->gif_pdst, NULL);
345 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE;
351 gif_output(ifp, m, dst, rt)
354 struct sockaddr *dst;
355 struct rtentry *rt; /* added in net2 */
357 struct gif_softc *sc = ifp->if_softc;
364 error = mac_check_ifnet_transmit(ifp, m);
372 * gif may cause infinite recursion calls when misconfigured.
373 * We'll prevent this by detecting loops.
375 * High nesting level may cause stack exhaustion.
376 * We'll prevent this by introducing upper limit.
379 mtag = m_tag_locate(m, MTAG_GIF, MTAG_GIF_CALLED, NULL);
380 while (mtag != NULL) {
381 if (*(struct ifnet **)(mtag + 1) == ifp) {
383 "gif_output: loop detected on %s\n",
384 (*(struct ifnet **)(mtag + 1))->if_xname);
386 error = EIO; /* is there better errno? */
389 mtag = m_tag_locate(m, MTAG_GIF, MTAG_GIF_CALLED, mtag);
392 if (gif_called > max_gif_nesting) {
394 "gif_output: recursively called too many times(%d)\n",
397 error = EIO; /* is there better errno? */
400 mtag = m_tag_alloc(MTAG_GIF, MTAG_GIF_CALLED, sizeof(struct ifnet *),
407 *(struct ifnet **)(mtag + 1) = ifp;
408 m_tag_prepend(m, mtag);
410 m->m_flags &= ~(M_BCAST|M_MCAST);
414 if (!(ifp->if_flags & IFF_UP) ||
415 sc->gif_psrc == NULL || sc->gif_pdst == NULL) {
422 /* BPF writes need to be handled specially. */
423 if (dst->sa_family == AF_UNSPEC) {
424 bcopy(dst->sa_data, &af, sizeof(af));
429 BPF_MTAP2(ifp, &af, sizeof(af), m);
431 ifp->if_obytes += m->m_pkthdr.len;
433 /* override to IPPROTO_ETHERIP for bridged traffic */
437 /* inner AF-specific encapsulation */
439 /* XXX should we check if our outer source is legal? */
441 /* dispatch to output logic based on outer AF */
442 switch (sc->gif_psrc->sa_family) {
445 error = in_gif_output(ifp, af, m);
450 error = in6_gif_output(ifp, af, m);
466 gif_input(m, af, ifp)
472 struct etherip_header *eip;
480 m->m_pkthdr.rcvif = ifp;
483 mac_create_mbuf_from_ifnet(ifp, m);
486 if (bpf_peers_present(ifp->if_bpf)) {
488 bpf_mtap2(ifp->if_bpf, &af1, sizeof(af1), m);
491 if (ng_gif_input_p != NULL) {
492 (*ng_gif_input_p)(ifp, &m, af);
498 * Put the packet to the network layer input queue according to the
499 * specified address family.
500 * Note: older versions of gif_input directly called network layer
501 * input functions, e.g. ip6_input, here. We changed the policy to
502 * prevent too many recursive calls of such input functions, which
503 * might cause kernel panic. But the change may introduce another
504 * problem; if the input queue is full, packets are discarded.
505 * The kernel stack overflow really happened, and we believed
506 * queue-full rarely occurs, so we changed the policy.
520 n = sizeof(struct etherip_header) + sizeof(struct ether_header);
529 eip = mtod(m, struct etherip_header *);
531 (ETHERIP_VERSION & ETHERIP_VER_VERS_MASK)) {
532 /* discard unknown versions */
536 m_adj(m, sizeof(struct etherip_header));
538 m->m_flags &= ~(M_BCAST|M_MCAST);
539 m->m_pkthdr.rcvif = ifp;
542 BRIDGE_INPUT(ifp, m);
549 if (ng_gif_input_orphan_p != NULL)
550 (*ng_gif_input_orphan_p)(ifp, m, af);
557 ifp->if_ibytes += m->m_pkthdr.len;
558 netisr_dispatch(isr, m);
561 /* XXX how should we handle IPv6 scope on SIOC[GS]IFPHYADDR? */
563 gif_ioctl(ifp, cmd, data)
568 struct gif_softc *sc = ifp->if_softc;
569 struct ifreq *ifr = (struct ifreq*)data;
571 struct sockaddr *dst, *src;
572 #ifdef SIOCSIFMTU /* xxx */
578 ifp->if_flags |= IFF_UP;
588 #ifdef SIOCSIFMTU /* xxx */
594 if (mtu < GIF_MTU_MIN || mtu > GIF_MTU_MAX)
598 #endif /* SIOCSIFMTU */
604 case SIOCSIFPHYADDR_IN6:
606 case SIOCSLIFPHYADDR:
610 src = (struct sockaddr *)
611 &(((struct in_aliasreq *)data)->ifra_addr);
612 dst = (struct sockaddr *)
613 &(((struct in_aliasreq *)data)->ifra_dstaddr);
617 case SIOCSIFPHYADDR_IN6:
618 src = (struct sockaddr *)
619 &(((struct in6_aliasreq *)data)->ifra_addr);
620 dst = (struct sockaddr *)
621 &(((struct in6_aliasreq *)data)->ifra_dstaddr);
624 case SIOCSLIFPHYADDR:
625 src = (struct sockaddr *)
626 &(((struct if_laddrreq *)data)->addr);
627 dst = (struct sockaddr *)
628 &(((struct if_laddrreq *)data)->dstaddr);
634 /* sa_family must be equal */
635 if (src->sa_family != dst->sa_family)
638 /* validate sa_len */
639 switch (src->sa_family) {
642 if (src->sa_len != sizeof(struct sockaddr_in))
648 if (src->sa_len != sizeof(struct sockaddr_in6))
655 switch (dst->sa_family) {
658 if (dst->sa_len != sizeof(struct sockaddr_in))
664 if (dst->sa_len != sizeof(struct sockaddr_in6))
672 /* check sa_family looks sane for the cmd */
675 if (src->sa_family == AF_INET)
679 case SIOCSIFPHYADDR_IN6:
680 if (src->sa_family == AF_INET6)
684 case SIOCSLIFPHYADDR:
685 /* checks done in the above */
689 error = gif_set_tunnel(GIF2IFP(sc), src, dst);
692 #ifdef SIOCDIFPHYADDR
694 gif_delete_tunnel(GIF2IFP(sc));
698 case SIOCGIFPSRCADDR:
700 case SIOCGIFPSRCADDR_IN6:
702 if (sc->gif_psrc == NULL) {
703 error = EADDRNOTAVAIL;
709 case SIOCGIFPSRCADDR:
710 dst = &ifr->ifr_addr;
711 size = sizeof(ifr->ifr_addr);
715 case SIOCGIFPSRCADDR_IN6:
716 dst = (struct sockaddr *)
717 &(((struct in6_ifreq *)data)->ifr_addr);
718 size = sizeof(((struct in6_ifreq *)data)->ifr_addr);
722 error = EADDRNOTAVAIL;
725 if (src->sa_len > size)
727 bcopy((caddr_t)src, (caddr_t)dst, src->sa_len);
729 if (dst->sa_family == AF_INET6) {
730 error = sa6_recoverscope((struct sockaddr_in6 *)dst);
737 case SIOCGIFPDSTADDR:
739 case SIOCGIFPDSTADDR_IN6:
741 if (sc->gif_pdst == NULL) {
742 error = EADDRNOTAVAIL;
748 case SIOCGIFPDSTADDR:
749 dst = &ifr->ifr_addr;
750 size = sizeof(ifr->ifr_addr);
754 case SIOCGIFPDSTADDR_IN6:
755 dst = (struct sockaddr *)
756 &(((struct in6_ifreq *)data)->ifr_addr);
757 size = sizeof(((struct in6_ifreq *)data)->ifr_addr);
761 error = EADDRNOTAVAIL;
764 if (src->sa_len > size)
766 bcopy((caddr_t)src, (caddr_t)dst, src->sa_len);
768 if (dst->sa_family == AF_INET6) {
769 error = sa6_recoverscope((struct sockaddr_in6 *)dst);
776 case SIOCGLIFPHYADDR:
777 if (sc->gif_psrc == NULL || sc->gif_pdst == NULL) {
778 error = EADDRNOTAVAIL;
784 dst = (struct sockaddr *)
785 &(((struct if_laddrreq *)data)->addr);
786 size = sizeof(((struct if_laddrreq *)data)->addr);
787 if (src->sa_len > size)
789 bcopy((caddr_t)src, (caddr_t)dst, src->sa_len);
793 dst = (struct sockaddr *)
794 &(((struct if_laddrreq *)data)->dstaddr);
795 size = sizeof(((struct if_laddrreq *)data)->dstaddr);
796 if (src->sa_len > size)
798 bcopy((caddr_t)src, (caddr_t)dst, src->sa_len);
802 /* if_ioctl() takes care of it */
814 * XXXRW: There's a general event-ordering issue here: the code to check
815 * if a given tunnel is already present happens before we perform a
816 * potentially blocking setup of the tunnel. This code needs to be
817 * re-ordered so that the check and replacement can be atomic using
821 gif_set_tunnel(ifp, src, dst)
823 struct sockaddr *src;
824 struct sockaddr *dst;
826 struct gif_softc *sc = ifp->if_softc;
827 struct gif_softc *sc2;
828 struct sockaddr *osrc, *odst, *sa;
832 LIST_FOREACH(sc2, &gif_softc_list, gif_list) {
835 if (!sc2->gif_pdst || !sc2->gif_psrc)
837 if (sc2->gif_pdst->sa_family != dst->sa_family ||
838 sc2->gif_pdst->sa_len != dst->sa_len ||
839 sc2->gif_psrc->sa_family != src->sa_family ||
840 sc2->gif_psrc->sa_len != src->sa_len)
844 * Disallow parallel tunnels unless instructed
847 if (!parallel_tunnels &&
848 bcmp(sc2->gif_pdst, dst, dst->sa_len) == 0 &&
849 bcmp(sc2->gif_psrc, src, src->sa_len) == 0) {
850 error = EADDRNOTAVAIL;
851 mtx_unlock(&gif_mtx);
855 /* XXX both end must be valid? (I mean, not 0.0.0.0) */
857 mtx_unlock(&gif_mtx);
859 /* XXX we can detach from both, but be polite just in case */
861 switch (sc->gif_psrc->sa_family) {
864 (void)in_gif_detach(sc);
869 (void)in6_gif_detach(sc);
875 sa = (struct sockaddr *)malloc(src->sa_len, M_IFADDR, M_WAITOK);
876 bcopy((caddr_t)src, (caddr_t)sa, src->sa_len);
880 sa = (struct sockaddr *)malloc(dst->sa_len, M_IFADDR, M_WAITOK);
881 bcopy((caddr_t)dst, (caddr_t)sa, dst->sa_len);
884 switch (sc->gif_psrc->sa_family) {
887 error = in_gif_attach(sc);
893 * Check validity of the scope zone ID of the addresses, and
894 * convert it into the kernel internal form if necessary.
896 error = sa6_embedscope((struct sockaddr_in6 *)sc->gif_psrc, 0);
899 error = sa6_embedscope((struct sockaddr_in6 *)sc->gif_pdst, 0);
902 error = in6_gif_attach(sc);
908 free((caddr_t)sc->gif_psrc, M_IFADDR);
909 free((caddr_t)sc->gif_pdst, M_IFADDR);
916 free((caddr_t)osrc, M_IFADDR);
918 free((caddr_t)odst, M_IFADDR);
921 if (sc->gif_psrc && sc->gif_pdst)
922 ifp->if_drv_flags |= IFF_DRV_RUNNING;
924 ifp->if_drv_flags &= ~IFF_DRV_RUNNING;
930 gif_delete_tunnel(ifp)
933 struct gif_softc *sc = ifp->if_softc;
936 free((caddr_t)sc->gif_psrc, M_IFADDR);
940 free((caddr_t)sc->gif_pdst, M_IFADDR);
943 /* it is safe to detach from both */
945 (void)in_gif_detach(sc);
948 (void)in6_gif_detach(sc);
950 ifp->if_drv_flags &= ~IFF_DRV_RUNNING;