xfrm4_tunnel.c 2.7 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118
  1. /* xfrm4_tunnel.c: Generic IP tunnel transformer.
  2. *
  3. * Copyright (C) 2003 David S. Miller (davem@redhat.com)
  4. */
  5. #define pr_fmt(fmt) "IPsec: " fmt
  6. #include <linux/skbuff.h>
  7. #include <linux/module.h>
  8. #include <linux/mutex.h>
  9. #include <net/xfrm.h>
  10. #include <net/ip.h>
  11. #include <net/protocol.h>
  12. static int ipip_output(struct xfrm_state *x, struct sk_buff *skb)
  13. {
  14. skb_push(skb, -skb_network_offset(skb));
  15. return 0;
  16. }
  17. static int ipip_xfrm_rcv(struct xfrm_state *x, struct sk_buff *skb)
  18. {
  19. return ip_hdr(skb)->protocol;
  20. }
  21. static int ipip_init_state(struct xfrm_state *x)
  22. {
  23. if (x->props.mode != XFRM_MODE_TUNNEL)
  24. return -EINVAL;
  25. if (x->encap)
  26. return -EINVAL;
  27. x->props.header_len = sizeof(struct iphdr);
  28. return 0;
  29. }
  30. static void ipip_destroy(struct xfrm_state *x)
  31. {
  32. }
  33. static const struct xfrm_type ipip_type = {
  34. .description = "IPIP",
  35. .owner = THIS_MODULE,
  36. .proto = IPPROTO_IPIP,
  37. .init_state = ipip_init_state,
  38. .destructor = ipip_destroy,
  39. .input = ipip_xfrm_rcv,
  40. .output = ipip_output
  41. };
  42. static int xfrm_tunnel_rcv(struct sk_buff *skb)
  43. {
  44. return xfrm4_rcv_spi(skb, IPPROTO_IPIP, ip_hdr(skb)->saddr);
  45. }
  46. static int xfrm_tunnel_err(struct sk_buff *skb, u32 info)
  47. {
  48. return -ENOENT;
  49. }
  50. static struct xfrm_tunnel xfrm_tunnel_handler __read_mostly = {
  51. .handler = xfrm_tunnel_rcv,
  52. .err_handler = xfrm_tunnel_err,
  53. .priority = 3,
  54. };
  55. #if IS_ENABLED(CONFIG_IPV6)
  56. static struct xfrm_tunnel xfrm64_tunnel_handler __read_mostly = {
  57. .handler = xfrm_tunnel_rcv,
  58. .err_handler = xfrm_tunnel_err,
  59. .priority = 2,
  60. };
  61. #endif
  62. static int __init ipip_init(void)
  63. {
  64. if (xfrm_register_type(&ipip_type, AF_INET) < 0) {
  65. pr_info("%s: can't add xfrm type\n", __func__);
  66. return -EAGAIN;
  67. }
  68. if (xfrm4_tunnel_register(&xfrm_tunnel_handler, AF_INET)) {
  69. pr_info("%s: can't add xfrm handler for AF_INET\n", __func__);
  70. xfrm_unregister_type(&ipip_type, AF_INET);
  71. return -EAGAIN;
  72. }
  73. #if IS_ENABLED(CONFIG_IPV6)
  74. if (xfrm4_tunnel_register(&xfrm64_tunnel_handler, AF_INET6)) {
  75. pr_info("%s: can't add xfrm handler for AF_INET6\n", __func__);
  76. xfrm4_tunnel_deregister(&xfrm_tunnel_handler, AF_INET);
  77. xfrm_unregister_type(&ipip_type, AF_INET);
  78. return -EAGAIN;
  79. }
  80. #endif
  81. return 0;
  82. }
  83. static void __exit ipip_fini(void)
  84. {
  85. #if IS_ENABLED(CONFIG_IPV6)
  86. if (xfrm4_tunnel_deregister(&xfrm64_tunnel_handler, AF_INET6))
  87. pr_info("%s: can't remove xfrm handler for AF_INET6\n",
  88. __func__);
  89. #endif
  90. if (xfrm4_tunnel_deregister(&xfrm_tunnel_handler, AF_INET))
  91. pr_info("%s: can't remove xfrm handler for AF_INET\n",
  92. __func__);
  93. if (xfrm_unregister_type(&ipip_type, AF_INET) < 0)
  94. pr_info("%s: can't remove xfrm type\n", __func__);
  95. }
  96. module_init(ipip_init);
  97. module_exit(ipip_fini);
  98. MODULE_LICENSE("GPL");
  99. MODULE_ALIAS_XFRM_TYPE(AF_INET, XFRM_PROTO_IPIP);