static int sit_net_id;
struct sit_net {
-};
-
-static struct net_device *ipip6_fb_tunnel_dev;
+ struct ip_tunnel *tunnels_r_l[HASH_SIZE];
+ struct ip_tunnel *tunnels_r[HASH_SIZE];
+ struct ip_tunnel *tunnels_l[HASH_SIZE];
+ struct ip_tunnel *tunnels_wc[1];
+ struct ip_tunnel **tunnels[4];
-static struct ip_tunnel *tunnels_r_l[HASH_SIZE];
-static struct ip_tunnel *tunnels_r[HASH_SIZE];
-static struct ip_tunnel *tunnels_l[HASH_SIZE];
-static struct ip_tunnel *tunnels_wc[1];
-static struct ip_tunnel **tunnels[4] = { tunnels_wc, tunnels_l, tunnels_r, tunnels_r_l };
+ struct net_device *fb_tunnel_dev;
+};
static DEFINE_RWLOCK(ipip6_lock);
unsigned h0 = HASH(remote);
unsigned h1 = HASH(local);
struct ip_tunnel *t;
+ struct sit_net *sitn = net_generic(net, sit_net_id);
- for (t = tunnels_r_l[h0^h1]; t; t = t->next) {
+ for (t = sitn->tunnels_r_l[h0^h1]; t; t = t->next) {
if (local == t->parms.iph.saddr &&
remote == t->parms.iph.daddr && (t->dev->flags&IFF_UP))
return t;
}
- for (t = tunnels_r[h0]; t; t = t->next) {
+ for (t = sitn->tunnels_r[h0]; t; t = t->next) {
if (remote == t->parms.iph.daddr && (t->dev->flags&IFF_UP))
return t;
}
- for (t = tunnels_l[h1]; t; t = t->next) {
+ for (t = sitn->tunnels_l[h1]; t; t = t->next) {
if (local == t->parms.iph.saddr && (t->dev->flags&IFF_UP))
return t;
}
- if ((t = tunnels_wc[0]) != NULL && (t->dev->flags&IFF_UP))
+ if ((t = sitn->tunnels_wc[0]) != NULL && (t->dev->flags&IFF_UP))
return t;
return NULL;
}
prio |= 1;
h ^= HASH(local);
}
- return &tunnels[prio][h];
+ return &sitn->tunnels[prio][h];
}
static inline struct ip_tunnel **ipip6_bucket(struct sit_net *sitn,
if (dev == NULL)
return NULL;
+ dev_net_set(dev, net);
+
if (strchr(name, '%')) {
if (dev_alloc_name(dev, name) < 0)
goto failed_free;
}
-static int ipip6_tunnel_get_prl(struct ip_tunnel *t, struct ip_tunnel_prl *a)
+static int ipip6_tunnel_get_prl(struct ip_tunnel *t,
+ struct ip_tunnel_prl __user *a)
{
- struct ip_tunnel_prl *kp;
+ struct ip_tunnel_prl kprl, *kp;
struct ip_tunnel_prl_entry *prl;
unsigned int cmax, c = 0, ca, len;
int ret = 0;
- cmax = a->datalen / sizeof(*a);
- if (cmax > 1 && a->addr != htonl(INADDR_ANY))
+ if (copy_from_user(&kprl, a, sizeof(kprl)))
+ return -EFAULT;
+ cmax = kprl.datalen / sizeof(kprl);
+ if (cmax > 1 && kprl.addr != htonl(INADDR_ANY))
cmax = 1;
/* For simple GET or for root users,
for (prl = t->prl; prl; prl = prl->next) {
if (c > cmax)
break;
- if (a->addr != htonl(INADDR_ANY) && prl->addr != a->addr)
+ if (kprl.addr != htonl(INADDR_ANY) && prl->addr != kprl.addr)
continue;
kp[c].addr = prl->addr;
kp[c].flags = prl->flags;
c++;
- if (a->addr != htonl(INADDR_ANY))
+ if (kprl.addr != htonl(INADDR_ANY))
break;
}
out:
read_unlock(&ipip6_lock);
len = sizeof(*kp) * c;
- ret = len ? copy_to_user(a->data, kp, len) : 0;
+ ret = 0;
+ if ((len && copy_to_user(a + 1, kp, len)) || put_user(len, &a->datalen))
+ ret = -EFAULT;
kfree(kp);
- if (ret)
- return -EFAULT;
- a->datalen = len;
- return 0;
+ return ret;
}
static int
struct net *net = dev_net(dev);
struct sit_net *sitn = net_generic(net, sit_net_id);
- if (dev == ipip6_fb_tunnel_dev) {
+ if (dev == sitn->fb_tunnel_dev) {
write_lock_bh(&ipip6_lock);
- tunnels_wc[0] = NULL;
+ sitn->tunnels_wc[0] = NULL;
write_unlock_bh(&ipip6_lock);
dev_put(dev);
} else {
static int ipip6_err(struct sk_buff *skb, u32 info)
{
-#ifndef I_WISH_WORLD_WERE_PERFECT
-/* It is not :-( All the routers (except for Linux) return only
+/* All the routers (except for Linux) return only
8 bytes of packet payload. It means, that precise relaying of
ICMP in the real Internet is absolutely infeasible.
*/
err = -ENOENT;
read_lock(&ipip6_lock);
- t = ipip6_tunnel_lookup(&init_net, iph->daddr, iph->saddr);
+ t = ipip6_tunnel_lookup(dev_net(skb->dev), iph->daddr, iph->saddr);
if (t == NULL || t->parms.iph.daddr == 0)
goto out;
out:
read_unlock(&ipip6_lock);
return err;
-#else
- struct iphdr *iph = (struct iphdr*)dp;
- int hlen = iph->ihl<<2;
- struct ipv6hdr *iph6;
- const int type = icmp_hdr(skb)->type;
- const int code = icmp_hdr(skb)->code;
- int rel_type = 0;
- int rel_code = 0;
- int rel_info = 0;
- struct sk_buff *skb2;
- struct rt6_info *rt6i;
-
- if (len < hlen + sizeof(struct ipv6hdr))
- return;
- iph6 = (struct ipv6hdr*)(dp + hlen);
-
- switch (type) {
- default:
- return;
- case ICMP_PARAMETERPROB:
- if (icmp_hdr(skb)->un.gateway < hlen)
- return;
-
- /* So... This guy found something strange INSIDE encapsulated
- packet. Well, he is fool, but what can we do ?
- */
- rel_type = ICMPV6_PARAMPROB;
- rel_info = icmp_hdr(skb)->un.gateway - hlen;
- break;
-
- case ICMP_DEST_UNREACH:
- switch (code) {
- case ICMP_SR_FAILED:
- case ICMP_PORT_UNREACH:
- /* Impossible event. */
- return;
- case ICMP_FRAG_NEEDED:
- /* Too complicated case ... */
- return;
- default:
- /* All others are translated to HOST_UNREACH.
- rfc2003 contains "deep thoughts" about NET_UNREACH,
- I believe, it is just ether pollution. --ANK
- */
- rel_type = ICMPV6_DEST_UNREACH;
- rel_code = ICMPV6_ADDR_UNREACH;
- break;
- }
- break;
- case ICMP_TIME_EXCEEDED:
- if (code != ICMP_EXC_TTL)
- return;
- rel_type = ICMPV6_TIME_EXCEED;
- rel_code = ICMPV6_EXC_HOPLIMIT;
- break;
- }
-
- /* Prepare fake skb to feed it to icmpv6_send */
- skb2 = skb_clone(skb, GFP_ATOMIC);
- if (skb2 == NULL)
- return 0;
- dst_release(skb2->dst);
- skb2->dst = NULL;
- skb_pull(skb2, skb->data - (u8*)iph6);
- skb_reset_network_header(skb2);
-
- /* Try to guess incoming interface */
- rt6i = rt6_lookup(&init_net, &iph6->saddr, NULL, NULL, 0);
- if (rt6i && rt6i->rt6i_dev) {
- skb2->dev = rt6i->rt6i_dev;
-
- rt6i = rt6_lookup(&init_net, &iph6->daddr, &iph6->saddr, NULL, 0);
-
- if (rt6i && rt6i->rt6i_dev && rt6i->rt6i_dev->type == ARPHRD_SIT) {
- struct ip_tunnel *t = netdev_priv(rt6i->rt6i_dev);
- if (rel_type == ICMPV6_TIME_EXCEED && t->parms.iph.ttl) {
- rel_type = ICMPV6_DEST_UNREACH;
- rel_code = ICMPV6_ADDR_UNREACH;
- }
- icmpv6_send(skb2, rel_type, rel_code, rel_info, skb2->dev);
- }
- }
- kfree_skb(skb2);
- return 0;
-#endif
}
static inline void ipip6_ecn_decapsulate(struct iphdr *iph, struct sk_buff *skb)
iph = ip_hdr(skb);
read_lock(&ipip6_lock);
- if ((tunnel = ipip6_tunnel_lookup(&init_net,
+ if ((tunnel = ipip6_tunnel_lookup(dev_net(skb->dev),
iph->saddr, iph->daddr)) != NULL) {
secpath_reset(skb);
skb->mac_header = skb->network_header;
}
icmp_send(skb, ICMP_DEST_UNREACH, ICMP_PORT_UNREACH, 0);
- kfree_skb(skb);
read_unlock(&ipip6_lock);
out:
+ kfree_skb(skb);
return 0;
}
.tos = RT_TOS(tos) } },
.oif = tunnel->parms.link,
.proto = IPPROTO_IPV6 };
- if (ip_route_output_key(&init_net, &rt, &fl)) {
+ if (ip_route_output_key(dev_net(dev), &rt, &fl)) {
tunnel->stat.tx_carrier_errors++;
goto tx_error_icmp;
}
.oif = tunnel->parms.link,
.proto = IPPROTO_IPV6 };
struct rtable *rt;
- if (!ip_route_output_key(&init_net, &rt, &fl)) {
+ if (!ip_route_output_key(dev_net(dev), &rt, &fl)) {
tdev = rt->u.dst.dev;
ip_rt_put(rt);
}
}
if (!tdev && tunnel->parms.link)
- tdev = __dev_get_by_index(&init_net, tunnel->parms.link);
+ tdev = __dev_get_by_index(dev_net(dev), tunnel->parms.link);
if (tdev) {
dev->hard_header_len = tdev->hard_header_len + sizeof(struct iphdr);
switch (cmd) {
case SIOCGETTUNNEL:
t = NULL;
- if (dev == ipip6_fb_tunnel_dev) {
+ if (dev == sitn->fb_tunnel_dev) {
if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p))) {
err = -EFAULT;
break;
t = ipip6_tunnel_locate(net, &p, cmd == SIOCADDTUNNEL);
- if (dev != ipip6_fb_tunnel_dev && cmd == SIOCCHGTUNNEL) {
+ if (dev != sitn->fb_tunnel_dev && cmd == SIOCCHGTUNNEL) {
if (t != NULL) {
if (t->dev != dev) {
err = -EEXIST;
if (!capable(CAP_NET_ADMIN))
goto done;
- if (dev == ipip6_fb_tunnel_dev) {
+ if (dev == sitn->fb_tunnel_dev) {
err = -EFAULT;
if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p)))
goto done;
if ((t = ipip6_tunnel_locate(net, &p, 0)) == NULL)
goto done;
err = -EPERM;
- if (t == netdev_priv(ipip6_fb_tunnel_dev))
+ if (t == netdev_priv(sitn->fb_tunnel_dev))
goto done;
dev = t->dev;
}
break;
case SIOCGETPRL:
+ err = -EINVAL;
+ if (dev == sitn->fb_tunnel_dev)
+ goto done;
+ err = -ENOENT;
+ if (!(t = netdev_priv(dev)))
+ goto done;
+ err = ipip6_tunnel_get_prl(t, ifr->ifr_ifru.ifru_data);
+ break;
+
case SIOCADDPRL:
case SIOCDELPRL:
case SIOCCHGPRL:
err = -EPERM;
- if (cmd != SIOCGETPRL && !capable(CAP_NET_ADMIN))
+ if (!capable(CAP_NET_ADMIN))
goto done;
err = -EINVAL;
- if (dev == ipip6_fb_tunnel_dev)
+ if (dev == sitn->fb_tunnel_dev)
goto done;
err = -EFAULT;
if (copy_from_user(&prl, ifr->ifr_ifru.ifru_data, sizeof(prl)))
goto done;
switch (cmd) {
- case SIOCGETPRL:
- err = ipip6_tunnel_get_prl(t, &prl);
- if (!err && copy_to_user(ifr->ifr_ifru.ifru_data,
- &prl, sizeof(prl)))
- err = -EFAULT;
- break;
case SIOCDELPRL:
err = ipip6_tunnel_del_prl(t, &prl);
break;
err = ipip6_tunnel_add_prl(t, &prl, cmd == SIOCCHGPRL);
break;
}
- if (cmd != SIOCGETPRL)
- netdev_state_change(dev);
+ netdev_state_change(dev);
break;
default:
dev->flags = IFF_NOARP;
dev->iflink = 0;
dev->addr_len = 4;
+ dev->features |= NETIF_F_NETNS_LOCAL;
}
static int ipip6_tunnel_init(struct net_device *dev)
return 0;
}
-static int __init ipip6_fb_tunnel_init(struct net_device *dev)
+static int ipip6_fb_tunnel_init(struct net_device *dev)
{
struct ip_tunnel *tunnel = netdev_priv(dev);
struct iphdr *iph = &tunnel->parms.iph;
+ struct net *net = dev_net(dev);
+ struct sit_net *sitn = net_generic(net, sit_net_id);
tunnel->dev = dev;
strcpy(tunnel->parms.name, dev->name);
iph->ttl = 64;
dev_hold(dev);
- tunnels_wc[0] = tunnel;
+ sitn->tunnels_wc[0] = tunnel;
return 0;
}
.priority = 1,
};
-static void __exit sit_destroy_tunnels(void)
+static void sit_destroy_tunnels(struct sit_net *sitn)
{
int prio;
int h;
for (h = 0; h < HASH_SIZE; h++) {
struct ip_tunnel *t;
- while ((t = tunnels[prio][h]) != NULL)
+ while ((t = sitn->tunnels[prio][h]) != NULL)
unregister_netdevice(t->dev);
}
}
struct sit_net *sitn;
err = -ENOMEM;
- sitn = kmalloc(sizeof(struct sit_net), GFP_KERNEL);
+ sitn = kzalloc(sizeof(struct sit_net), GFP_KERNEL);
if (sitn == NULL)
goto err_alloc;
if (err < 0)
goto err_assign;
+ sitn->tunnels[0] = sitn->tunnels_wc;
+ sitn->tunnels[1] = sitn->tunnels_l;
+ sitn->tunnels[2] = sitn->tunnels_r;
+ sitn->tunnels[3] = sitn->tunnels_r_l;
+
+ sitn->fb_tunnel_dev = alloc_netdev(sizeof(struct ip_tunnel), "sit0",
+ ipip6_tunnel_setup);
+ if (!sitn->fb_tunnel_dev) {
+ err = -ENOMEM;
+ goto err_alloc_dev;
+ }
+
+ sitn->fb_tunnel_dev->init = ipip6_fb_tunnel_init;
+ dev_net_set(sitn->fb_tunnel_dev, net);
+
+ if ((err = register_netdev(sitn->fb_tunnel_dev)))
+ goto err_reg_dev;
+
return 0;
+err_reg_dev:
+ free_netdev(sitn->fb_tunnel_dev);
+err_alloc_dev:
+ /* nothing */
err_assign:
kfree(sitn);
err_alloc:
struct sit_net *sitn;
sitn = net_generic(net, sit_net_id);
+ rtnl_lock();
+ sit_destroy_tunnels(sitn);
+ unregister_netdevice(sitn->fb_tunnel_dev);
+ rtnl_unlock();
kfree(sitn);
}
{
xfrm4_tunnel_deregister(&sit_handler, AF_INET6);
- rtnl_lock();
- sit_destroy_tunnels();
- unregister_netdevice(ipip6_fb_tunnel_dev);
- rtnl_unlock();
-
unregister_pernet_gen_device(sit_net_id, &sit_net_ops);
}
return -EAGAIN;
}
- ipip6_fb_tunnel_dev = alloc_netdev(sizeof(struct ip_tunnel), "sit0",
- ipip6_tunnel_setup);
- if (!ipip6_fb_tunnel_dev) {
- err = -ENOMEM;
- goto err1;
- }
-
- ipip6_fb_tunnel_dev->init = ipip6_fb_tunnel_init;
-
- if ((err = register_netdev(ipip6_fb_tunnel_dev)))
- goto err2;
-
err = register_pernet_gen_device(&sit_net_id, &sit_net_ops);
if (err < 0)
- goto err3;
+ xfrm4_tunnel_deregister(&sit_handler, AF_INET6);
- out:
return err;
- err2:
- free_netdev(ipip6_fb_tunnel_dev);
- err1:
- xfrm4_tunnel_deregister(&sit_handler, AF_INET6);
- goto out;
-err3:
- unregister_netdevice(ipip6_fb_tunnel_dev);
- goto err1;
}
module_init(sit_init);
projects / linux-2.6-omap-h63xx.git / blobdiff