1
// SPDX-License-Identifier: GPL-2.0-or-later
2
/*
3
 *	Linux NET3:	IP/IP protocol decoder.
4
 *
5
 *	Authors:
6
 *		Sam Lantinga ([email protected])  02/01/95
7
 *
8
 *	Fixes:
9
 *		Alan Cox	:	Merged and made usable non modular (its so tiny its silly as
10
 *					a module taking up 2 pages).
11
 *		Alan Cox	: 	Fixed bug with 1.3.18 and IPIP not working (now needs to set skb->h.iph)
12
 *					to keep ip_forward happy.
13
 *		Alan Cox	:	More fixes for 1.3.21, and firewall fix. Maybe this will work soon 8).
14
 *		Kai Schulte	:	Fixed #defines for IP_FIREWALL->FIREWALL
15
 *              David Woodhouse :       Perform some basic ICMP handling.
16
 *                                      IPIP Routing without decapsulation.
17
 *              Carlos Picoto   :       GRE over IP support
18
 *		Alexey Kuznetsov:	Reworked. Really, now it is truncated version of ipv4/ip_gre.c.
19
 *					I do not want to merge them together.
20
 */
21

22
/* tunnel.c: an IP tunnel driver
23

24
	The purpose of this driver is to provide an IP tunnel through
25
	which you can tunnel network traffic transparently across subnets.
26

27
	This was written by looking at Nick Holloway's dummy driver
28
	Thanks for the great code!
29

30
		-Sam Lantinga	([email protected])  02/01/95
31

32
	Minor tweaks:
33
		Cleaned up the code a little and added some pre-1.3.0 tweaks.
34
		dev->hard_header/hard_header_len changed to use no headers.
35
		Comments/bracketing tweaked.
36
		Made the tunnels use dev->name not tunnel: when error reporting.
37
		Added tx_dropped stat
38

39
		-Alan Cox	([email protected]) 21 March 95
40

41
	Reworked:
42
		Changed to tunnel to destination gateway in addition to the
43
			tunnel's pointopoint address
44
		Almost completely rewritten
45
		Note:  There is currently no firewall or ICMP handling done.
46

47
		-Sam Lantinga	([email protected]) 02/13/96
48

49
*/
50

51
/* Things I wish I had known when writing the tunnel driver:
52

53
	When the tunnel_xmit() function is called, the skb contains the
54
	packet to be sent (plus a great deal of extra info), and dev
55
	contains the tunnel device that _we_ are.
56

57
	When we are passed a packet, we are expected to fill in the
58
	source address with our source IP address.
59

60
	What is the proper way to allocate, copy and free a buffer?
61
	After you allocate it, it is a "0 length" chunk of memory
62
	starting at zero.  If you want to add headers to the buffer
63
	later, you'll have to call "skb_reserve(skb, amount)" with
64
	the amount of memory you want reserved.  Then, you call
65
	"skb_put(skb, amount)" with the amount of space you want in
66
	the buffer.  skb_put() returns a pointer to the top (#0) of
67
	that buffer.  skb->len is set to the amount of space you have
68
	"allocated" with skb_put().  You can then write up to skb->len
69
	bytes to that buffer.  If you need more, you can call skb_put()
70
	again with the additional amount of space you need.  You can
71
	find out how much more space you can allocate by calling
72
	"skb_tailroom(skb)".
73
	Now, to add header space, call "skb_push(skb, header_len)".
74
	This creates space at the beginning of the buffer and returns
75
	a pointer to this new space.  If later you need to strip a
76
	header from a buffer, call "skb_pull(skb, header_len)".
77
	skb_headroom() will return how much space is left at the top
78
	of the buffer (before the main data).  Remember, this headroom
79
	space must be reserved before the skb_put() function is called.
80
	*/
81

82
/*
83
   This version of net/ipv4/ipip.c is cloned of net/ipv4/ip_gre.c
84

85
   For comments look at net/ipv4/ip_gre.c --ANK
86
 */
87

88

89
#include <linux/capability.h>
90
#include <linux/module.h>
91
#include <linux/types.h>
92
#include <linux/kernel.h>
93
#include <linux/slab.h>
94
#include <linux/uaccess.h>
95
#include <linux/skbuff.h>
96
#include <linux/netdevice.h>
97
#include <linux/in.h>
98
#include <linux/tcp.h>
99
#include <linux/udp.h>
100
#include <linux/if_arp.h>
101
#include <linux/init.h>
102
#include <linux/netfilter_ipv4.h>
103
#include <linux/if_ether.h>
104

105
#include <net/sock.h>
106
#include <net/ip.h>
107
#include <net/icmp.h>
108
#include <net/ip_tunnels.h>
109
#include <net/inet_ecn.h>
110
#include <net/xfrm.h>
111
#include <net/net_namespace.h>
112
#include <net/netns/generic.h>
113
#include <net/dst_metadata.h>
114

115
static bool log_ecn_error = true;
116
module_param(log_ecn_error, bool, 0644);
117
MODULE_PARM_DESC(log_ecn_error, "Log packets received with corrupted ECN");
118

119
static unsigned int ipip_net_id __read_mostly;
120

121
static int ipip_tunnel_init(struct net_device *dev);
122
static struct rtnl_link_ops ipip_link_ops __read_mostly;
123

124
static int ipip_err(struct sk_buff *skb, u32 info)
125
{
126
	/* All the routers (except for Linux) return only
127
	 * 8 bytes of packet payload. It means, that precise relaying of
128
	 * ICMP in the real Internet is absolutely infeasible.
129
	 */
130
	struct net *net = dev_net(skb->dev);
131
	struct ip_tunnel_net *itn = net_generic(net, ipip_net_id);
132
	const struct iphdr *iph = (const struct iphdr *)skb->data;
133
	IP_TUNNEL_DECLARE_FLAGS(flags) = { };
134
	const int type = icmp_hdr(skb)->type;
135
	const int code = icmp_hdr(skb)->code;
136
	struct ip_tunnel *t;
137
	int err = 0;
138

139
	__set_bit(IP_TUNNEL_NO_KEY_BIT, flags);
140

141
	t = ip_tunnel_lookup(itn, skb->dev->ifindex, flags, iph->daddr,
142
			     iph->saddr, 0);
143
	if (!t) {
144
		err = -ENOENT;
145
		goto out;
146
	}
147

148
	switch (type) {
149
	case ICMP_DEST_UNREACH:
150
		switch (code) {
151
		case ICMP_SR_FAILED:
152
			/* Impossible event. */
153
			goto out;
154
		default:
155
			/* All others are translated to HOST_UNREACH.
156
			 * rfc2003 contains "deep thoughts" about NET_UNREACH,
157
			 * I believe they are just ether pollution. --ANK
158
			 */
159
			break;
160
		}
161
		break;
162

163
	case ICMP_TIME_EXCEEDED:
164
		if (code != ICMP_EXC_TTL)
165
			goto out;
166
		break;
167

168
	case ICMP_REDIRECT:
169
		break;
170

171
	default:
172
		goto out;
173
	}
174

175
	if (type == ICMP_DEST_UNREACH && code == ICMP_FRAG_NEEDED) {
176
		ipv4_update_pmtu(skb, net, info, t->parms.link, iph->protocol);
177
		goto out;
178
	}
179

180
	if (type == ICMP_REDIRECT) {
181
		ipv4_redirect(skb, net, t->parms.link, iph->protocol);
182
		goto out;
183
	}
184

185
	if (t->parms.iph.daddr == 0) {
186
		err = -ENOENT;
187
		goto out;
188
	}
189

190
	if (t->parms.iph.ttl == 0 && type == ICMP_TIME_EXCEEDED)
191
		goto out;
192

193
	if (time_before(jiffies, t->err_time + IPTUNNEL_ERR_TIMEO))
194
		t->err_count++;
195
	else
196
		t->err_count = 1;
197
	t->err_time = jiffies;
198

199
out:
200
	return err;
201
}
202

203
static const struct tnl_ptk_info ipip_tpi = {
204
	/* no tunnel info required for ipip. */
205
	.proto = htons(ETH_P_IP),
206
};
207

208
#if IS_ENABLED(CONFIG_MPLS)
209
static const struct tnl_ptk_info mplsip_tpi = {
210
	/* no tunnel info required for mplsip. */
211
	.proto = htons(ETH_P_MPLS_UC),
212
};
213
#endif
214

215
static int ipip_tunnel_rcv(struct sk_buff *skb, u8 ipproto)
216
{
217
	struct net *net = dev_net(skb->dev);
218
	struct ip_tunnel_net *itn = net_generic(net, ipip_net_id);
219
	IP_TUNNEL_DECLARE_FLAGS(flags) = { };
220
	struct metadata_dst *tun_dst = NULL;
221
	struct ip_tunnel *tunnel;
222
	const struct iphdr *iph;
223

224
	__set_bit(IP_TUNNEL_NO_KEY_BIT, flags);
225

226
	iph = ip_hdr(skb);
227
	tunnel = ip_tunnel_lookup(itn, skb->dev->ifindex, flags, iph->saddr,
228
				  iph->daddr, 0);
229
	if (tunnel) {
230
		const struct tnl_ptk_info *tpi;
231

232
		if (tunnel->parms.iph.protocol != ipproto &&
233
		    tunnel->parms.iph.protocol != 0)
234
			goto drop;
235

236
		if (!xfrm4_policy_check(NULL, XFRM_POLICY_IN, skb))
237
			goto drop;
238
#if IS_ENABLED(CONFIG_MPLS)
239
		if (ipproto == IPPROTO_MPLS)
240
			tpi = &mplsip_tpi;
241
		else
242
#endif
243
			tpi = &ipip_tpi;
244
		if (iptunnel_pull_header(skb, 0, tpi->proto, false))
245
			goto drop;
246
		if (tunnel->collect_md) {
247
			ip_tunnel_flags_zero(flags);
248

249
			tun_dst = ip_tun_rx_dst(skb, flags, 0, 0);
250
			if (!tun_dst)
251
				return 0;
252
			ip_tunnel_md_udp_encap(skb, &tun_dst->u.tun_info);
253
		}
254
		skb_reset_mac_header(skb);
255

256
		return ip_tunnel_rcv(tunnel, skb, tpi, tun_dst, log_ecn_error);
257
	}
258

259
	return -1;
260

261
drop:
262
	kfree_skb(skb);
263
	return 0;
264
}
265

266
static int ipip_rcv(struct sk_buff *skb)
267
{
268
	return ipip_tunnel_rcv(skb, IPPROTO_IPIP);
269
}
270

271
#if IS_ENABLED(CONFIG_MPLS)
272
static int mplsip_rcv(struct sk_buff *skb)
273
{
274
	return ipip_tunnel_rcv(skb, IPPROTO_MPLS);
275
}
276
#endif
277

278
/*
279
 *	This function assumes it is being called from dev_queue_xmit()
280
 *	and that skb is filled properly by that function.
281
 */
282
static netdev_tx_t ipip_tunnel_xmit(struct sk_buff *skb,
283
				    struct net_device *dev)
284
{
285
	struct ip_tunnel *tunnel = netdev_priv(dev);
286
	const struct iphdr  *tiph = &tunnel->parms.iph;
287
	u8 ipproto;
288

289
	if (!pskb_inet_may_pull(skb))
290
		goto tx_error;
291

292
	switch (skb->protocol) {
293
	case htons(ETH_P_IP):
294
		ipproto = IPPROTO_IPIP;
295
		break;
296
#if IS_ENABLED(CONFIG_MPLS)
297
	case htons(ETH_P_MPLS_UC):
298
		ipproto = IPPROTO_MPLS;
299
		break;
300
#endif
301
	default:
302
		goto tx_error;
303
	}
304

305
	if (tiph->protocol != ipproto && tiph->protocol != 0)
306
		goto tx_error;
307

308
	if (iptunnel_handle_offloads(skb, SKB_GSO_IPXIP4))
309
		goto tx_error;
310

311
	skb_set_inner_ipproto(skb, ipproto);
312

313
	if (tunnel->collect_md)
314
		ip_md_tunnel_xmit(skb, dev, ipproto, 0);
315
	else
316
		ip_tunnel_xmit(skb, dev, tiph, ipproto);
317
	return NETDEV_TX_OK;
318

319
tx_error:
320
	kfree_skb(skb);
321

322
	DEV_STATS_INC(dev, tx_errors);
323
	return NETDEV_TX_OK;
324
}
325

326
static bool ipip_tunnel_ioctl_verify_protocol(u8 ipproto)
327
{
328
	switch (ipproto) {
329
	case 0:
330
	case IPPROTO_IPIP:
331
#if IS_ENABLED(CONFIG_MPLS)
332
	case IPPROTO_MPLS:
333
#endif
334
		return true;
335
	}
336

337
	return false;
338
}
339

340
static int
341
ipip_tunnel_ctl(struct net_device *dev, struct ip_tunnel_parm_kern *p, int cmd)
342
{
343
	if (cmd == SIOCADDTUNNEL || cmd == SIOCCHGTUNNEL) {
344
		if (p->iph.version != 4 ||
345
		    !ipip_tunnel_ioctl_verify_protocol(p->iph.protocol) ||
346
		    p->iph.ihl != 5 || (p->iph.frag_off & htons(~IP_DF)))
347
			return -EINVAL;
348
	}
349

350
	p->i_key = p->o_key = 0;
351
	ip_tunnel_flags_zero(p->i_flags);
352
	ip_tunnel_flags_zero(p->o_flags);
353
	return ip_tunnel_ctl(dev, p, cmd);
354
}
355

356
static const struct net_device_ops ipip_netdev_ops = {
357
	.ndo_init       = ipip_tunnel_init,
358
	.ndo_uninit     = ip_tunnel_uninit,
359
	.ndo_start_xmit	= ipip_tunnel_xmit,
360
	.ndo_siocdevprivate = ip_tunnel_siocdevprivate,
361
	.ndo_change_mtu = ip_tunnel_change_mtu,
362
	.ndo_get_stats64 = dev_get_tstats64,
363
	.ndo_get_iflink = ip_tunnel_get_iflink,
364
	.ndo_tunnel_ctl	= ipip_tunnel_ctl,
365
};
366

367
#define IPIP_FEATURES (NETIF_F_SG |		\
368
		       NETIF_F_FRAGLIST |	\
369
		       NETIF_F_HIGHDMA |	\
370
		       NETIF_F_GSO_SOFTWARE |	\
371
		       NETIF_F_HW_CSUM)
372

373
static void ipip_tunnel_setup(struct net_device *dev)
374
{
375
	dev->netdev_ops		= &ipip_netdev_ops;
376
	dev->header_ops		= &ip_tunnel_header_ops;
377

378
	dev->type		= ARPHRD_TUNNEL;
379
	dev->flags		= IFF_NOARP;
380
	dev->addr_len		= 4;
381
	dev->lltx		= true;
382
	netif_keep_dst(dev);
383

384
	dev->features		|= IPIP_FEATURES;
385
	dev->hw_features	|= IPIP_FEATURES;
386
	ip_tunnel_setup(dev, ipip_net_id);
387
}
388

389
static int ipip_tunnel_init(struct net_device *dev)
390
{
391
	struct ip_tunnel *tunnel = netdev_priv(dev);
392

393
	__dev_addr_set(dev, &tunnel->parms.iph.saddr, 4);
394
	memcpy(dev->broadcast, &tunnel->parms.iph.daddr, 4);
395

396
	tunnel->tun_hlen = 0;
397
	tunnel->hlen = tunnel->tun_hlen + tunnel->encap_hlen;
398
	return ip_tunnel_init(dev);
399
}
400

401
static int ipip_tunnel_validate(struct nlattr *tb[], struct nlattr *data[],
402
				struct netlink_ext_ack *extack)
403
{
404
	u8 proto;
405

406
	if (!data || !data[IFLA_IPTUN_PROTO])
407
		return 0;
408

409
	proto = nla_get_u8(data[IFLA_IPTUN_PROTO]);
410
	if (proto != IPPROTO_IPIP && proto != IPPROTO_MPLS && proto != 0)
411
		return -EINVAL;
412

413
	return 0;
414
}
415

416
static void ipip_netlink_parms(struct nlattr *data[],
417
			       struct ip_tunnel_parm_kern *parms,
418
			       bool *collect_md, __u32 *fwmark)
419
{
420
	memset(parms, 0, sizeof(*parms));
421

422
	parms->iph.version = 4;
423
	parms->iph.protocol = IPPROTO_IPIP;
424
	parms->iph.ihl = 5;
425
	*collect_md = false;
426

427
	if (!data)
428
		return;
429

430
	ip_tunnel_netlink_parms(data, parms);
431

432
	if (data[IFLA_IPTUN_COLLECT_METADATA])
433
		*collect_md = true;
434

435
	if (data[IFLA_IPTUN_FWMARK])
436
		*fwmark = nla_get_u32(data[IFLA_IPTUN_FWMARK]);
437
}
438

439
static int ipip_newlink(struct net_device *dev,
440
			struct rtnl_newlink_params *params,
441
			struct netlink_ext_ack *extack)
442
{
443
	struct ip_tunnel *t = netdev_priv(dev);
444
	struct nlattr **data = params->data;
445
	struct nlattr **tb = params->tb;
446
	struct ip_tunnel_encap ipencap;
447
	struct ip_tunnel_parm_kern p;
448
	__u32 fwmark = 0;
449

450
	if (ip_tunnel_netlink_encap_parms(data, &ipencap)) {
451
		int err = ip_tunnel_encap_setup(t, &ipencap);
452

453
		if (err < 0)
454
			return err;
455
	}
456

457
	ipip_netlink_parms(data, &p, &t->collect_md, &fwmark);
458
	return ip_tunnel_newlink(params->link_net ? : dev_net(dev), dev, tb, &p,
459
				 fwmark);
460
}
461

462
static int ipip_changelink(struct net_device *dev, struct nlattr *tb[],
463
			   struct nlattr *data[],
464
			   struct netlink_ext_ack *extack)
465
{
466
	struct ip_tunnel *t = netdev_priv(dev);
467
	struct ip_tunnel_encap ipencap;
468
	struct ip_tunnel_parm_kern p;
469
	bool collect_md;
470
	__u32 fwmark = t->fwmark;
471

472
	if (ip_tunnel_netlink_encap_parms(data, &ipencap)) {
473
		int err = ip_tunnel_encap_setup(t, &ipencap);
474

475
		if (err < 0)
476
			return err;
477
	}
478

479
	ipip_netlink_parms(data, &p, &collect_md, &fwmark);
480
	if (collect_md)
481
		return -EINVAL;
482

483
	if (((dev->flags & IFF_POINTOPOINT) && !p.iph.daddr) ||
484
	    (!(dev->flags & IFF_POINTOPOINT) && p.iph.daddr))
485
		return -EINVAL;
486

487
	return ip_tunnel_changelink(dev, tb, &p, fwmark);
488
}
489

490
static size_t ipip_get_size(const struct net_device *dev)
491
{
492
	return
493
		/* IFLA_IPTUN_LINK */
494
		nla_total_size(4) +
495
		/* IFLA_IPTUN_LOCAL */
496
		nla_total_size(4) +
497
		/* IFLA_IPTUN_REMOTE */
498
		nla_total_size(4) +
499
		/* IFLA_IPTUN_TTL */
500
		nla_total_size(1) +
501
		/* IFLA_IPTUN_TOS */
502
		nla_total_size(1) +
503
		/* IFLA_IPTUN_PROTO */
504
		nla_total_size(1) +
505
		/* IFLA_IPTUN_PMTUDISC */
506
		nla_total_size(1) +
507
		/* IFLA_IPTUN_ENCAP_TYPE */
508
		nla_total_size(2) +
509
		/* IFLA_IPTUN_ENCAP_FLAGS */
510
		nla_total_size(2) +
511
		/* IFLA_IPTUN_ENCAP_SPORT */
512
		nla_total_size(2) +
513
		/* IFLA_IPTUN_ENCAP_DPORT */
514
		nla_total_size(2) +
515
		/* IFLA_IPTUN_COLLECT_METADATA */
516
		nla_total_size(0) +
517
		/* IFLA_IPTUN_FWMARK */
518
		nla_total_size(4) +
519
		0;
520
}
521

522
static int ipip_fill_info(struct sk_buff *skb, const struct net_device *dev)
523
{
524
	struct ip_tunnel *tunnel = netdev_priv(dev);
525
	struct ip_tunnel_parm_kern *parm = &tunnel->parms;
526

527
	if (nla_put_u32(skb, IFLA_IPTUN_LINK, parm->link) ||
528
	    nla_put_in_addr(skb, IFLA_IPTUN_LOCAL, parm->iph.saddr) ||
529
	    nla_put_in_addr(skb, IFLA_IPTUN_REMOTE, parm->iph.daddr) ||
530
	    nla_put_u8(skb, IFLA_IPTUN_TTL, parm->iph.ttl) ||
531
	    nla_put_u8(skb, IFLA_IPTUN_TOS, parm->iph.tos) ||
532
	    nla_put_u8(skb, IFLA_IPTUN_PROTO, parm->iph.protocol) ||
533
	    nla_put_u8(skb, IFLA_IPTUN_PMTUDISC,
534
		       !!(parm->iph.frag_off & htons(IP_DF))) ||
535
	    nla_put_u32(skb, IFLA_IPTUN_FWMARK, tunnel->fwmark))
536
		goto nla_put_failure;
537

538
	if (nla_put_u16(skb, IFLA_IPTUN_ENCAP_TYPE,
539
			tunnel->encap.type) ||
540
	    nla_put_be16(skb, IFLA_IPTUN_ENCAP_SPORT,
541
			 tunnel->encap.sport) ||
542
	    nla_put_be16(skb, IFLA_IPTUN_ENCAP_DPORT,
543
			 tunnel->encap.dport) ||
544
	    nla_put_u16(skb, IFLA_IPTUN_ENCAP_FLAGS,
545
			tunnel->encap.flags))
546
		goto nla_put_failure;
547

548
	if (tunnel->collect_md)
549
		if (nla_put_flag(skb, IFLA_IPTUN_COLLECT_METADATA))
550
			goto nla_put_failure;
551
	return 0;
552

553
nla_put_failure:
554
	return -EMSGSIZE;
555
}
556

557
static const struct nla_policy ipip_policy[IFLA_IPTUN_MAX + 1] = {
558
	[IFLA_IPTUN_LINK]		= { .type = NLA_U32 },
559
	[IFLA_IPTUN_LOCAL]		= { .type = NLA_U32 },
560
	[IFLA_IPTUN_REMOTE]		= { .type = NLA_U32 },
561
	[IFLA_IPTUN_TTL]		= { .type = NLA_U8 },
562
	[IFLA_IPTUN_TOS]		= { .type = NLA_U8 },
563
	[IFLA_IPTUN_PROTO]		= { .type = NLA_U8 },
564
	[IFLA_IPTUN_PMTUDISC]		= { .type = NLA_U8 },
565
	[IFLA_IPTUN_ENCAP_TYPE]		= { .type = NLA_U16 },
566
	[IFLA_IPTUN_ENCAP_FLAGS]	= { .type = NLA_U16 },
567
	[IFLA_IPTUN_ENCAP_SPORT]	= { .type = NLA_U16 },
568
	[IFLA_IPTUN_ENCAP_DPORT]	= { .type = NLA_U16 },
569
	[IFLA_IPTUN_COLLECT_METADATA]	= { .type = NLA_FLAG },
570
	[IFLA_IPTUN_FWMARK]		= { .type = NLA_U32 },
571
};
572

573
static struct rtnl_link_ops ipip_link_ops __read_mostly = {
574
	.kind		= "ipip",
575
	.maxtype	= IFLA_IPTUN_MAX,
576
	.policy		= ipip_policy,
577
	.priv_size	= sizeof(struct ip_tunnel),
578
	.setup		= ipip_tunnel_setup,
579
	.validate	= ipip_tunnel_validate,
580
	.newlink	= ipip_newlink,
581
	.changelink	= ipip_changelink,
582
	.dellink	= ip_tunnel_dellink,
583
	.get_size	= ipip_get_size,
584
	.fill_info	= ipip_fill_info,
585
	.get_link_net	= ip_tunnel_get_link_net,
586
};
587

588
static struct xfrm_tunnel ipip_handler __read_mostly = {
589
	.handler	=	ipip_rcv,
590
	.err_handler	=	ipip_err,
591
	.priority	=	1,
592
};
593

594
#if IS_ENABLED(CONFIG_MPLS)
595
static struct xfrm_tunnel mplsip_handler __read_mostly = {
596
	.handler	=	mplsip_rcv,
597
	.err_handler	=	ipip_err,
598
	.priority	=	1,
599
};
600
#endif
601

602
static int __net_init ipip_init_net(struct net *net)
603
{
604
	return ip_tunnel_init_net(net, ipip_net_id, &ipip_link_ops, "tunl0");
605
}
606

607
static void __net_exit ipip_exit_rtnl(struct net *net,
608
				      struct list_head *dev_to_kill)
609
{
610
	ip_tunnel_delete_net(net, ipip_net_id, &ipip_link_ops, dev_to_kill);
611
}
612

613
static struct pernet_operations ipip_net_ops = {
614
	.init = ipip_init_net,
615
	.exit_rtnl = ipip_exit_rtnl,
616
	.id   = &ipip_net_id,
617
	.size = sizeof(struct ip_tunnel_net),
618
};
619

620
static int __init ipip_init(void)
621
{
622
	int err;
623

624
	pr_info("ipip: IPv4 and MPLS over IPv4 tunneling driver\n");
625

626
	err = register_pernet_device(&ipip_net_ops);
627
	if (err < 0)
628
		return err;
629
	err = xfrm4_tunnel_register(&ipip_handler, AF_INET);
630
	if (err < 0) {
631
		pr_info("%s: can't register tunnel\n", __func__);
632
		goto xfrm_tunnel_ipip_failed;
633
	}
634
#if IS_ENABLED(CONFIG_MPLS)
635
	err = xfrm4_tunnel_register(&mplsip_handler, AF_MPLS);
636
	if (err < 0) {
637
		pr_info("%s: can't register tunnel\n", __func__);
638
		goto xfrm_tunnel_mplsip_failed;
639
	}
640
#endif
641
	err = rtnl_link_register(&ipip_link_ops);
642
	if (err < 0)
643
		goto rtnl_link_failed;
644

645
out:
646
	return err;
647

648
rtnl_link_failed:
649
#if IS_ENABLED(CONFIG_MPLS)
650
	xfrm4_tunnel_deregister(&mplsip_handler, AF_MPLS);
651
xfrm_tunnel_mplsip_failed:
652

653
#endif
654
	xfrm4_tunnel_deregister(&ipip_handler, AF_INET);
655
xfrm_tunnel_ipip_failed:
656
	unregister_pernet_device(&ipip_net_ops);
657
	goto out;
658
}
659

660
static void __exit ipip_fini(void)
661
{
662
	rtnl_link_unregister(&ipip_link_ops);
663
	if (xfrm4_tunnel_deregister(&ipip_handler, AF_INET))
664
		pr_info("%s: can't deregister tunnel\n", __func__);
665
#if IS_ENABLED(CONFIG_MPLS)
666
	if (xfrm4_tunnel_deregister(&mplsip_handler, AF_MPLS))
667
		pr_info("%s: can't deregister tunnel\n", __func__);
668
#endif
669
	unregister_pernet_device(&ipip_net_ops);
670
}
671

672
module_init(ipip_init);
673
module_exit(ipip_fini);
674
MODULE_DESCRIPTION("IP/IP protocol decoder library");
675
MODULE_LICENSE("GPL");
676
MODULE_ALIAS_RTNL_LINK("ipip");
677
MODULE_ALIAS_NETDEV("tunl0");
678

679