1
// SPDX-License-Identifier: GPL-2.0-or-later
2
/*
3
 *	Linux NET3:	IP/IP protocol decoder.
4
 *
5
 *	Authors:
6
 *		Sam Lantinga ([email protected])  02/01/95
7
 *
8
 *	Fixes:
9
 *		Alan Cox	:	Merged and made usable non modular (its so tiny its silly as
10
 *					a module taking up 2 pages).
11
 *		Alan Cox	: 	Fixed bug with 1.3.18 and IPIP not working (now needs to set skb->h.iph)
12
 *					to keep ip_forward happy.
13
 *		Alan Cox	:	More fixes for 1.3.21, and firewall fix. Maybe this will work soon 8).
14
 *		Kai Schulte	:	Fixed #defines for IP_FIREWALL->FIREWALL
15
 *              David Woodhouse :       Perform some basic ICMP handling.
16
 *                                      IPIP Routing without decapsulation.
17
 *              Carlos Picoto   :       GRE over IP support
18
 *		Alexey Kuznetsov:	Reworked. Really, now it is truncated version of ipv4/ip_gre.c.
19
 *					I do not want to merge them together.
20
 */
21

22
/* tunnel.c: an IP tunnel driver
23

24
	The purpose of this driver is to provide an IP tunnel through
25
	which you can tunnel network traffic transparently across subnets.
26

27
	This was written by looking at Nick Holloway's dummy driver
28
	Thanks for the great code!
29

30
		-Sam Lantinga	([email protected])  02/01/95
31

32
	Minor tweaks:
33
		Cleaned up the code a little and added some pre-1.3.0 tweaks.
34
		dev->hard_header/hard_header_len changed to use no headers.
35
		Comments/bracketing tweaked.
36
		Made the tunnels use dev->name not tunnel: when error reporting.
37
		Added tx_dropped stat
38

39
		-Alan Cox	([email protected]) 21 March 95
40

41
	Reworked:
42
		Changed to tunnel to destination gateway in addition to the
43
			tunnel's pointopoint address
44
		Almost completely rewritten
45
		Note:  There is currently no firewall or ICMP handling done.
46

47
		-Sam Lantinga	([email protected]) 02/13/96
48

49
*/
50

51
/* Things I wish I had known when writing the tunnel driver:
52

53
	When the tunnel_xmit() function is called, the skb contains the
54
	packet to be sent (plus a great deal of extra info), and dev
55
	contains the tunnel device that _we_ are.
56

57
	When we are passed a packet, we are expected to fill in the
58
	source address with our source IP address.
59

60
	What is the proper way to allocate, copy and free a buffer?
61
	After you allocate it, it is a "0 length" chunk of memory
62
	starting at zero.  If you want to add headers to the buffer
63
	later, you'll have to call "skb_reserve(skb, amount)" with
64
	the amount of memory you want reserved.  Then, you call
65
	"skb_put(skb, amount)" with the amount of space you want in
66
	the buffer.  skb_put() returns a pointer to the top (#0) of
67
	that buffer.  skb->len is set to the amount of space you have
68
	"allocated" with skb_put().  You can then write up to skb->len
69
	bytes to that buffer.  If you need more, you can call skb_put()
70
	again with the additional amount of space you need.  You can
71
	find out how much more space you can allocate by calling
72
	"skb_tailroom(skb)".
73
	Now, to add header space, call "skb_push(skb, header_len)".
74
	This creates space at the beginning of the buffer and returns
75
	a pointer to this new space.  If later you need to strip a
76
	header from a buffer, call "skb_pull(skb, header_len)".
77
	skb_headroom() will return how much space is left at the top
78
	of the buffer (before the main data).  Remember, this headroom
79
	space must be reserved before the skb_put() function is called.
80
	*/
81

82
/*
83
   This version of net/ipv4/ipip.c is cloned of net/ipv4/ip_gre.c
84

85
   For comments look at net/ipv4/ip_gre.c --ANK
86
 */
87

88

89
#include <linux/capability.h>
90
#include <linux/module.h>
91
#include <linux/types.h>
92
#include <linux/kernel.h>
93
#include <linux/slab.h>
94
#include <linux/uaccess.h>
95
#include <linux/skbuff.h>
96
#include <linux/netdevice.h>
97
#include <linux/in.h>
98
#include <linux/tcp.h>
99
#include <linux/udp.h>
100
#include <linux/if_arp.h>
101
#include <linux/init.h>
102
#include <linux/netfilter_ipv4.h>
103
#include <linux/if_ether.h>
104

105
#include <net/sock.h>
106
#include <net/ip.h>
107
#include <net/icmp.h>
108
#include <net/ip_tunnels.h>
109
#include <net/inet_ecn.h>
110
#include <net/xfrm.h>
111
#include <net/net_namespace.h>
112
#include <net/netns/generic.h>
113
#include <net/dst_metadata.h>
114

115
static bool log_ecn_error = true;
116
module_param(log_ecn_error, bool, 0644);
117
MODULE_PARM_DESC(log_ecn_error, "Log packets received with corrupted ECN");
118

119
static unsigned int ipip_net_id __read_mostly;
120

121
static int ipip_tunnel_init(struct net_device *dev);
122
static struct rtnl_link_ops ipip_link_ops __read_mostly;
123

124
static int ipip_err(struct sk_buff *skb, u32 info)
125
{
126
	/* All the routers (except for Linux) return only
127
	 * 8 bytes of packet payload. It means, that precise relaying of
128
	 * ICMP in the real Internet is absolutely infeasible.
129
	 */
130
	struct net *net = dev_net(skb->dev);
131
	struct ip_tunnel_net *itn = net_generic(net, ipip_net_id);
132
	const struct iphdr *iph = (const struct iphdr *)skb->data;
133
	IP_TUNNEL_DECLARE_FLAGS(flags) = { };
134
	const int type = icmp_hdr(skb)->type;
135
	const int code = icmp_hdr(skb)->code;
136
	struct ip_tunnel *t;
137
	int err = 0;
138

139
	__set_bit(IP_TUNNEL_NO_KEY_BIT, flags);
140

141
	t = ip_tunnel_lookup(itn, skb->dev->ifindex, flags, iph->daddr,
142
			     iph->saddr, 0);
143
	if (!t) {
144
		err = -ENOENT;
145
		goto out;
146
	}
147

148
	switch (type) {
149
	case ICMP_DEST_UNREACH:
150
		switch (code) {
151
		case ICMP_SR_FAILED:
152
			/* Impossible event. */
153
			goto out;
154
		default:
155
			/* All others are translated to HOST_UNREACH.
156
			 * rfc2003 contains "deep thoughts" about NET_UNREACH,
157
			 * I believe they are just ether pollution. --ANK
158
			 */
159
			break;
160
		}
161
		break;
162

163
	case ICMP_TIME_EXCEEDED:
164
		if (code != ICMP_EXC_TTL)
165
			goto out;
166
		break;
167

168
	case ICMP_REDIRECT:
169
		break;
170

171
	default:
172
		goto out;
173
	}
174

175
	if (type == ICMP_DEST_UNREACH && code == ICMP_FRAG_NEEDED) {
176
		ipv4_update_pmtu(skb, net, info, t->parms.link, iph->protocol);
177
		goto out;
178
	}
179

180
	if (type == ICMP_REDIRECT) {
181
		ipv4_redirect(skb, net, t->parms.link, iph->protocol);
182
		goto out;
183
	}
184

185
	if (t->parms.iph.daddr == 0) {
186
		err = -ENOENT;
187
		goto out;
188
	}
189

190
	if (t->parms.iph.ttl == 0 && type == ICMP_TIME_EXCEEDED)
191
		goto out;
192

193
	if (time_before(jiffies, t->err_time + IPTUNNEL_ERR_TIMEO))
194
		t->err_count++;
195
	else
196
		t->err_count = 1;
197
	t->err_time = jiffies;
198

199
out:
200
	return err;
201
}
202

203
static const struct tnl_ptk_info ipip_tpi = {
204
	/* no tunnel info required for ipip. */
205
	.proto = htons(ETH_P_IP),
206
};
207

208
#if IS_ENABLED(CONFIG_MPLS)
209
static const struct tnl_ptk_info mplsip_tpi = {
210
	/* no tunnel info required for mplsip. */
211
	.proto = htons(ETH_P_MPLS_UC),
212
};
213
#endif
214

215
static int ipip_tunnel_rcv(struct sk_buff *skb, u8 ipproto)
216
{
217
	struct net *net = dev_net(skb->dev);
218
	struct ip_tunnel_net *itn = net_generic(net, ipip_net_id);
219
	IP_TUNNEL_DECLARE_FLAGS(flags) = { };
220
	struct metadata_dst *tun_dst = NULL;
221
	struct ip_tunnel *tunnel;
222
	const struct iphdr *iph;
223

224
	__set_bit(IP_TUNNEL_NO_KEY_BIT, flags);
225

226
	iph = ip_hdr(skb);
227
	tunnel = ip_tunnel_lookup(itn, skb->dev->ifindex, flags, iph->saddr,
228
				  iph->daddr, 0);
229
	if (tunnel) {
230
		const struct tnl_ptk_info *tpi;
231

232
		if (tunnel->parms.iph.protocol != ipproto &&
233
		    tunnel->parms.iph.protocol != 0)
234
			goto drop;
235

236
		if (!xfrm4_policy_check(NULL, XFRM_POLICY_IN, skb))
237
			goto drop;
238
#if IS_ENABLED(CONFIG_MPLS)
239
		if (ipproto == IPPROTO_MPLS)
240
			tpi = &mplsip_tpi;
241
		else
242
#endif
243
			tpi = &ipip_tpi;
244
		if (iptunnel_pull_header(skb, 0, tpi->proto, false))
245
			goto drop;
246
		if (tunnel->collect_md) {
247
			ip_tunnel_flags_zero(flags);
248

249
			tun_dst = ip_tun_rx_dst(skb, flags, 0, 0);
250
			if (!tun_dst)
251
				return 0;
252
			ip_tunnel_md_udp_encap(skb, &tun_dst->u.tun_info);
253
		}
254
		skb_reset_mac_header(skb);
255

256
		return ip_tunnel_rcv(tunnel, skb, tpi, tun_dst, log_ecn_error);
257
	}
258

259
	return -1;
260

261
drop:
262
	kfree_skb(skb);
263
	return 0;
264
}
265

266
static int ipip_rcv(struct sk_buff *skb)
267
{
268
	return ipip_tunnel_rcv(skb, IPPROTO_IPIP);
269
}
270

271
#if IS_ENABLED(CONFIG_MPLS)
272
static int mplsip_rcv(struct sk_buff *skb)
273
{
274
	return ipip_tunnel_rcv(skb, IPPROTO_MPLS);
275
}
276
#endif
277

278
/*
279
 *	This function assumes it is being called from dev_queue_xmit()
280
 *	and that skb is filled properly by that function.
281
 */
282
static netdev_tx_t ipip_tunnel_xmit(struct sk_buff *skb,
283
				    struct net_device *dev)
284
{
285
	struct ip_tunnel *tunnel = netdev_priv(dev);
286
	const struct iphdr  *tiph = &tunnel->parms.iph;
287
	u8 ipproto;
288

289
	if (!pskb_inet_may_pull(skb))
290
		goto tx_error;
291

292
	switch (skb->protocol) {
293
	case htons(ETH_P_IP):
294
		ipproto = IPPROTO_IPIP;
295
		break;
296
#if IS_ENABLED(CONFIG_MPLS)
297
	case htons(ETH_P_MPLS_UC):
298
		ipproto = IPPROTO_MPLS;
299
		break;
300
#endif
301
	default:
302
		goto tx_error;
303
	}
304

305
	if (tiph->protocol != ipproto && tiph->protocol != 0)
306
		goto tx_error;
307

308
	if (iptunnel_handle_offloads(skb, SKB_GSO_IPXIP4))
309
		goto tx_error;
310

311
	skb_set_inner_ipproto(skb, ipproto);
312

313
	if (tunnel->collect_md)
314
		ip_md_tunnel_xmit(skb, dev, ipproto, 0);
315
	else
316
		ip_tunnel_xmit(skb, dev, tiph, ipproto);
317
	return NETDEV_TX_OK;
318

319
tx_error:
320
	kfree_skb(skb);
321

322
	DEV_STATS_INC(dev, tx_errors);
323
	return NETDEV_TX_OK;
324
}
325

326
static bool ipip_tunnel_ioctl_verify_protocol(u8 ipproto)
327
{
328
	switch (ipproto) {
329
	case 0:
330
	case IPPROTO_IPIP:
331
#if IS_ENABLED(CONFIG_MPLS)
332
	case IPPROTO_MPLS:
333
#endif
334
		return true;
335
	}
336

337
	return false;
338
}
339

340
static int
341
ipip_tunnel_ctl(struct net_device *dev, struct ip_tunnel_parm_kern *p, int cmd)
342
{
343
	if (cmd == SIOCADDTUNNEL || cmd == SIOCCHGTUNNEL) {
344
		if (p->iph.version != 4 ||
345
		    !ipip_tunnel_ioctl_verify_protocol(p->iph.protocol) ||
346
		    p->iph.ihl != 5 || (p->iph.frag_off & htons(~IP_DF)))
347
			return -EINVAL;
348
	}
349

350
	p->i_key = p->o_key = 0;
351
	ip_tunnel_flags_zero(p->i_flags);
352
	ip_tunnel_flags_zero(p->o_flags);
353
	return ip_tunnel_ctl(dev, p, cmd);
354
}
355

356
static int ipip_fill_forward_path(struct net_device_path_ctx *ctx,
357
				  struct net_device_path *path)
358
{
359
	struct ip_tunnel *tunnel = netdev_priv(ctx->dev);
360
	const struct iphdr *tiph = &tunnel->parms.iph;
361
	struct rtable *rt;
362

363
	rt = ip_route_output(dev_net(ctx->dev), tiph->daddr, 0, 0, 0,
364
			     RT_SCOPE_UNIVERSE);
365
	if (IS_ERR(rt))
366
		return PTR_ERR(rt);
367

368
	path->type = DEV_PATH_TUN;
369
	path->tun.src_v4.s_addr = tiph->saddr;
370
	path->tun.dst_v4.s_addr = tiph->daddr;
371
	path->tun.l3_proto = IPPROTO_IPIP;
372
	path->dev = ctx->dev;
373

374
	ctx->dev = rt->dst.dev;
375
	ip_rt_put(rt);
376

377
	return 0;
378
}
379

380
static const struct net_device_ops ipip_netdev_ops = {
381
	.ndo_init       = ipip_tunnel_init,
382
	.ndo_uninit     = ip_tunnel_uninit,
383
	.ndo_start_xmit	= ipip_tunnel_xmit,
384
	.ndo_siocdevprivate = ip_tunnel_siocdevprivate,
385
	.ndo_change_mtu = ip_tunnel_change_mtu,
386
	.ndo_get_stats64 = dev_get_tstats64,
387
	.ndo_get_iflink = ip_tunnel_get_iflink,
388
	.ndo_tunnel_ctl	= ipip_tunnel_ctl,
389
	.ndo_fill_forward_path = ipip_fill_forward_path,
390
};
391

392
#define IPIP_FEATURES (NETIF_F_SG |		\
393
		       NETIF_F_FRAGLIST |	\
394
		       NETIF_F_HIGHDMA |	\
395
		       NETIF_F_GSO_SOFTWARE |	\
396
		       NETIF_F_HW_CSUM)
397

398
static void ipip_tunnel_setup(struct net_device *dev)
399
{
400
	dev->netdev_ops		= &ipip_netdev_ops;
401
	dev->header_ops		= &ip_tunnel_header_ops;
402

403
	dev->type		= ARPHRD_TUNNEL;
404
	dev->flags		= IFF_NOARP;
405
	dev->addr_len		= 4;
406
	dev->lltx		= true;
407
	netif_keep_dst(dev);
408

409
	dev->features		|= IPIP_FEATURES;
410
	dev->hw_features	|= IPIP_FEATURES;
411
	ip_tunnel_setup(dev, ipip_net_id);
412
}
413

414
static int ipip_tunnel_init(struct net_device *dev)
415
{
416
	struct ip_tunnel *tunnel = netdev_priv(dev);
417

418
	__dev_addr_set(dev, &tunnel->parms.iph.saddr, 4);
419
	memcpy(dev->broadcast, &tunnel->parms.iph.daddr, 4);
420

421
	tunnel->tun_hlen = 0;
422
	tunnel->hlen = tunnel->tun_hlen + tunnel->encap_hlen;
423
	return ip_tunnel_init(dev);
424
}
425

426
static int ipip_tunnel_validate(struct nlattr *tb[], struct nlattr *data[],
427
				struct netlink_ext_ack *extack)
428
{
429
	u8 proto;
430

431
	if (!data || !data[IFLA_IPTUN_PROTO])
432
		return 0;
433

434
	proto = nla_get_u8(data[IFLA_IPTUN_PROTO]);
435
	if (proto != IPPROTO_IPIP && proto != IPPROTO_MPLS && proto != 0)
436
		return -EINVAL;
437

438
	return 0;
439
}
440

441
static void ipip_netlink_parms(struct nlattr *data[],
442
			       struct ip_tunnel_parm_kern *parms,
443
			       bool *collect_md, __u32 *fwmark)
444
{
445
	memset(parms, 0, sizeof(*parms));
446

447
	parms->iph.version = 4;
448
	parms->iph.protocol = IPPROTO_IPIP;
449
	parms->iph.ihl = 5;
450
	*collect_md = false;
451

452
	if (!data)
453
		return;
454

455
	ip_tunnel_netlink_parms(data, parms);
456

457
	if (data[IFLA_IPTUN_COLLECT_METADATA])
458
		*collect_md = true;
459

460
	if (data[IFLA_IPTUN_FWMARK])
461
		*fwmark = nla_get_u32(data[IFLA_IPTUN_FWMARK]);
462
}
463

464
static int ipip_newlink(struct net_device *dev,
465
			struct rtnl_newlink_params *params,
466
			struct netlink_ext_ack *extack)
467
{
468
	struct ip_tunnel *t = netdev_priv(dev);
469
	struct nlattr **data = params->data;
470
	struct nlattr **tb = params->tb;
471
	struct ip_tunnel_encap ipencap;
472
	struct ip_tunnel_parm_kern p;
473
	__u32 fwmark = 0;
474

475
	if (ip_tunnel_netlink_encap_parms(data, &ipencap)) {
476
		int err = ip_tunnel_encap_setup(t, &ipencap);
477

478
		if (err < 0)
479
			return err;
480
	}
481

482
	ipip_netlink_parms(data, &p, &t->collect_md, &fwmark);
483
	return ip_tunnel_newlink(params->link_net ? : dev_net(dev), dev, tb, &p,
484
				 fwmark);
485
}
486

487
static int ipip_changelink(struct net_device *dev, struct nlattr *tb[],
488
			   struct nlattr *data[],
489
			   struct netlink_ext_ack *extack)
490
{
491
	struct ip_tunnel *t = netdev_priv(dev);
492
	struct ip_tunnel_encap ipencap;
493
	struct ip_tunnel_parm_kern p;
494
	bool collect_md;
495
	__u32 fwmark = t->fwmark;
496

497
	if (ip_tunnel_netlink_encap_parms(data, &ipencap)) {
498
		int err = ip_tunnel_encap_setup(t, &ipencap);
499

500
		if (err < 0)
501
			return err;
502
	}
503

504
	ipip_netlink_parms(data, &p, &collect_md, &fwmark);
505
	if (collect_md)
506
		return -EINVAL;
507

508
	if (((dev->flags & IFF_POINTOPOINT) && !p.iph.daddr) ||
509
	    (!(dev->flags & IFF_POINTOPOINT) && p.iph.daddr))
510
		return -EINVAL;
511

512
	return ip_tunnel_changelink(dev, tb, &p, fwmark);
513
}
514

515
static size_t ipip_get_size(const struct net_device *dev)
516
{
517
	return
518
		/* IFLA_IPTUN_LINK */
519
		nla_total_size(4) +
520
		/* IFLA_IPTUN_LOCAL */
521
		nla_total_size(4) +
522
		/* IFLA_IPTUN_REMOTE */
523
		nla_total_size(4) +
524
		/* IFLA_IPTUN_TTL */
525
		nla_total_size(1) +
526
		/* IFLA_IPTUN_TOS */
527
		nla_total_size(1) +
528
		/* IFLA_IPTUN_PROTO */
529
		nla_total_size(1) +
530
		/* IFLA_IPTUN_PMTUDISC */
531
		nla_total_size(1) +
532
		/* IFLA_IPTUN_ENCAP_TYPE */
533
		nla_total_size(2) +
534
		/* IFLA_IPTUN_ENCAP_FLAGS */
535
		nla_total_size(2) +
536
		/* IFLA_IPTUN_ENCAP_SPORT */
537
		nla_total_size(2) +
538
		/* IFLA_IPTUN_ENCAP_DPORT */
539
		nla_total_size(2) +
540
		/* IFLA_IPTUN_COLLECT_METADATA */
541
		nla_total_size(0) +
542
		/* IFLA_IPTUN_FWMARK */
543
		nla_total_size(4) +
544
		0;
545
}
546

547
static int ipip_fill_info(struct sk_buff *skb, const struct net_device *dev)
548
{
549
	struct ip_tunnel *tunnel = netdev_priv(dev);
550
	struct ip_tunnel_parm_kern *parm = &tunnel->parms;
551

552
	if (nla_put_u32(skb, IFLA_IPTUN_LINK, parm->link) ||
553
	    nla_put_in_addr(skb, IFLA_IPTUN_LOCAL, parm->iph.saddr) ||
554
	    nla_put_in_addr(skb, IFLA_IPTUN_REMOTE, parm->iph.daddr) ||
555
	    nla_put_u8(skb, IFLA_IPTUN_TTL, parm->iph.ttl) ||
556
	    nla_put_u8(skb, IFLA_IPTUN_TOS, parm->iph.tos) ||
557
	    nla_put_u8(skb, IFLA_IPTUN_PROTO, parm->iph.protocol) ||
558
	    nla_put_u8(skb, IFLA_IPTUN_PMTUDISC,
559
		       !!(parm->iph.frag_off & htons(IP_DF))) ||
560
	    nla_put_u32(skb, IFLA_IPTUN_FWMARK, tunnel->fwmark))
561
		goto nla_put_failure;
562

563
	if (nla_put_u16(skb, IFLA_IPTUN_ENCAP_TYPE,
564
			tunnel->encap.type) ||
565
	    nla_put_be16(skb, IFLA_IPTUN_ENCAP_SPORT,
566
			 tunnel->encap.sport) ||
567
	    nla_put_be16(skb, IFLA_IPTUN_ENCAP_DPORT,
568
			 tunnel->encap.dport) ||
569
	    nla_put_u16(skb, IFLA_IPTUN_ENCAP_FLAGS,
570
			tunnel->encap.flags))
571
		goto nla_put_failure;
572

573
	if (tunnel->collect_md)
574
		if (nla_put_flag(skb, IFLA_IPTUN_COLLECT_METADATA))
575
			goto nla_put_failure;
576
	return 0;
577

578
nla_put_failure:
579
	return -EMSGSIZE;
580
}
581

582
static const struct nla_policy ipip_policy[IFLA_IPTUN_MAX + 1] = {
583
	[IFLA_IPTUN_LINK]		= { .type = NLA_U32 },
584
	[IFLA_IPTUN_LOCAL]		= { .type = NLA_U32 },
585
	[IFLA_IPTUN_REMOTE]		= { .type = NLA_U32 },
586
	[IFLA_IPTUN_TTL]		= { .type = NLA_U8 },
587
	[IFLA_IPTUN_TOS]		= { .type = NLA_U8 },
588
	[IFLA_IPTUN_PROTO]		= { .type = NLA_U8 },
589
	[IFLA_IPTUN_PMTUDISC]		= { .type = NLA_U8 },
590
	[IFLA_IPTUN_ENCAP_TYPE]		= { .type = NLA_U16 },
591
	[IFLA_IPTUN_ENCAP_FLAGS]	= { .type = NLA_U16 },
592
	[IFLA_IPTUN_ENCAP_SPORT]	= { .type = NLA_U16 },
593
	[IFLA_IPTUN_ENCAP_DPORT]	= { .type = NLA_U16 },
594
	[IFLA_IPTUN_COLLECT_METADATA]	= { .type = NLA_FLAG },
595
	[IFLA_IPTUN_FWMARK]		= { .type = NLA_U32 },
596
};
597

598
static struct rtnl_link_ops ipip_link_ops __read_mostly = {
599
	.kind		= "ipip",
600
	.maxtype	= IFLA_IPTUN_MAX,
601
	.policy		= ipip_policy,
602
	.priv_size	= sizeof(struct ip_tunnel),
603
	.setup		= ipip_tunnel_setup,
604
	.validate	= ipip_tunnel_validate,
605
	.newlink	= ipip_newlink,
606
	.changelink	= ipip_changelink,
607
	.dellink	= ip_tunnel_dellink,
608
	.get_size	= ipip_get_size,
609
	.fill_info	= ipip_fill_info,
610
	.get_link_net	= ip_tunnel_get_link_net,
611
};
612

613
static struct xfrm_tunnel ipip_handler __read_mostly = {
614
	.handler	=	ipip_rcv,
615
	.err_handler	=	ipip_err,
616
	.priority	=	1,
617
};
618

619
#if IS_ENABLED(CONFIG_MPLS)
620
static struct xfrm_tunnel mplsip_handler __read_mostly = {
621
	.handler	=	mplsip_rcv,
622
	.err_handler	=	ipip_err,
623
	.priority	=	1,
624
};
625
#endif
626

627
static int __net_init ipip_init_net(struct net *net)
628
{
629
	return ip_tunnel_init_net(net, ipip_net_id, &ipip_link_ops, "tunl0");
630
}
631

632
static void __net_exit ipip_exit_rtnl(struct net *net,
633
				      struct list_head *dev_to_kill)
634
{
635
	ip_tunnel_delete_net(net, ipip_net_id, &ipip_link_ops, dev_to_kill);
636
}
637

638
static struct pernet_operations ipip_net_ops = {
639
	.init = ipip_init_net,
640
	.exit_rtnl = ipip_exit_rtnl,
641
	.id   = &ipip_net_id,
642
	.size = sizeof(struct ip_tunnel_net),
643
};
644

645
static int __init ipip_init(void)
646
{
647
	int err;
648

649
	pr_info("ipip: IPv4 and MPLS over IPv4 tunneling driver\n");
650

651
	err = register_pernet_device(&ipip_net_ops);
652
	if (err < 0)
653
		return err;
654
	err = xfrm4_tunnel_register(&ipip_handler, AF_INET);
655
	if (err < 0) {
656
		pr_info("%s: can't register tunnel\n", __func__);
657
		goto xfrm_tunnel_ipip_failed;
658
	}
659
#if IS_ENABLED(CONFIG_MPLS)
660
	err = xfrm4_tunnel_register(&mplsip_handler, AF_MPLS);
661
	if (err < 0) {
662
		pr_info("%s: can't register tunnel\n", __func__);
663
		goto xfrm_tunnel_mplsip_failed;
664
	}
665
#endif
666
	err = rtnl_link_register(&ipip_link_ops);
667
	if (err < 0)
668
		goto rtnl_link_failed;
669

670
out:
671
	return err;
672

673
rtnl_link_failed:
674
#if IS_ENABLED(CONFIG_MPLS)
675
	xfrm4_tunnel_deregister(&mplsip_handler, AF_MPLS);
676
xfrm_tunnel_mplsip_failed:
677

678
#endif
679
	xfrm4_tunnel_deregister(&ipip_handler, AF_INET);
680
xfrm_tunnel_ipip_failed:
681
	unregister_pernet_device(&ipip_net_ops);
682
	goto out;
683
}
684

685
static void __exit ipip_fini(void)
686
{
687
	rtnl_link_unregister(&ipip_link_ops);
688
	if (xfrm4_tunnel_deregister(&ipip_handler, AF_INET))
689
		pr_info("%s: can't deregister tunnel\n", __func__);
690
#if IS_ENABLED(CONFIG_MPLS)
691
	if (xfrm4_tunnel_deregister(&mplsip_handler, AF_MPLS))
692
		pr_info("%s: can't deregister tunnel\n", __func__);
693
#endif
694
	unregister_pernet_device(&ipip_net_ops);
695
}
696

697
module_init(ipip_init);
698
module_exit(ipip_fini);
699
MODULE_DESCRIPTION("IP/IP protocol decoder library");
700
MODULE_LICENSE("GPL");
701
MODULE_ALIAS_RTNL_LINK("ipip");
702
MODULE_ALIAS_NETDEV("tunl0");
703

704