1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3 * Linux NET3: IP/IP protocol decoder.
4 *
5 * Authors:
6 * Sam Lantinga (slouken@cs.ucdavis.edu) 02/01/95
7 *
8 * Fixes:
9 * Alan Cox : Merged and made usable non modular (its so tiny its silly as
10 * a module taking up 2 pages).
11 * Alan Cox : Fixed bug with 1.3.18 and IPIP not working (now needs to set skb->h.iph)
12 * to keep ip_forward happy.
13 * Alan Cox : More fixes for 1.3.21, and firewall fix. Maybe this will work soon 8).
14 * Kai Schulte : Fixed #defines for IP_FIREWALL->FIREWALL
15 * David Woodhouse : Perform some basic ICMP handling.
16 * IPIP Routing without decapsulation.
17 * Carlos Picoto : GRE over IP support
18 * Alexey Kuznetsov: Reworked. Really, now it is truncated version of ipv4/ip_gre.c.
19 * I do not want to merge them together.
20 */
21
22 /* tunnel.c: an IP tunnel driver
23
24 The purpose of this driver is to provide an IP tunnel through
25 which you can tunnel network traffic transparently across subnets.
26
27 This was written by looking at Nick Holloway's dummy driver
28 Thanks for the great code!
29
30 -Sam Lantinga (slouken@cs.ucdavis.edu) 02/01/95
31
32 Minor tweaks:
33 Cleaned up the code a little and added some pre-1.3.0 tweaks.
34 dev->hard_header/hard_header_len changed to use no headers.
35 Comments/bracketing tweaked.
36 Made the tunnels use dev->name not tunnel: when error reporting.
37 Added tx_dropped stat
38
39 -Alan Cox (alan@lxorguk.ukuu.org.uk) 21 March 95
40
41 Reworked:
42 Changed to tunnel to destination gateway in addition to the
43 tunnel's pointopoint address
44 Almost completely rewritten
45 Note: There is currently no firewall or ICMP handling done.
46
47 -Sam Lantinga (slouken@cs.ucdavis.edu) 02/13/96
48
49 */
50
51 /* Things I wish I had known when writing the tunnel driver:
52
53 When the tunnel_xmit() function is called, the skb contains the
54 packet to be sent (plus a great deal of extra info), and dev
55 contains the tunnel device that _we_ are.
56
57 When we are passed a packet, we are expected to fill in the
58 source address with our source IP address.
59
60 What is the proper way to allocate, copy and free a buffer?
61 After you allocate it, it is a "0 length" chunk of memory
62 starting at zero. If you want to add headers to the buffer
63 later, you'll have to call "skb_reserve(skb, amount)" with
64 the amount of memory you want reserved. Then, you call
65 "skb_put(skb, amount)" with the amount of space you want in
66 the buffer. skb_put() returns a pointer to the top (#0) of
67 that buffer. skb->len is set to the amount of space you have
68 "allocated" with skb_put(). You can then write up to skb->len
69 bytes to that buffer. If you need more, you can call skb_put()
70 again with the additional amount of space you need. You can
71 find out how much more space you can allocate by calling
72 "skb_tailroom(skb)".
73 Now, to add header space, call "skb_push(skb, header_len)".
74 This creates space at the beginning of the buffer and returns
75 a pointer to this new space. If later you need to strip a
76 header from a buffer, call "skb_pull(skb, header_len)".
77 skb_headroom() will return how much space is left at the top
78 of the buffer (before the main data). Remember, this headroom
79 space must be reserved before the skb_put() function is called.
80 */
81
82 /*
83 This version of net/ipv4/ipip.c is cloned of net/ipv4/ip_gre.c
84
85 For comments look at net/ipv4/ip_gre.c --ANK
86 */
87
88
89 #include <linux/capability.h>
90 #include <linux/module.h>
91 #include <linux/types.h>
92 #include <linux/kernel.h>
93 #include <linux/slab.h>
94 #include <linux/uaccess.h>
95 #include <linux/skbuff.h>
96 #include <linux/netdevice.h>
97 #include <linux/in.h>
98 #include <linux/tcp.h>
99 #include <linux/udp.h>
100 #include <linux/if_arp.h>
101 #include <linux/init.h>
102 #include <linux/netfilter_ipv4.h>
103 #include <linux/if_ether.h>
104
105 #include <net/sock.h>
106 #include <net/ip.h>
107 #include <net/icmp.h>
108 #include <net/ip_tunnels.h>
109 #include <net/inet_ecn.h>
110 #include <net/xfrm.h>
111 #include <net/net_namespace.h>
112 #include <net/netns/generic.h>
113 #include <net/dst_metadata.h>
114
115 static bool log_ecn_error = true;
116 module_param(log_ecn_error, bool, 0644);
117 MODULE_PARM_DESC(log_ecn_error, "Log packets received with corrupted ECN");
118
119 static unsigned int ipip_net_id __read_mostly;
120
121 static int ipip_tunnel_init(struct net_device *dev);
122 static struct rtnl_link_ops ipip_link_ops __read_mostly;
123
124 static int ipip_err(struct sk_buff *skb, u32 info)
125 {
126 /* All the routers (except for Linux) return only
127 * 8 bytes of packet payload. It means, that precise relaying of
128 * ICMP in the real Internet is absolutely infeasible.
129 */
130 struct net *net = dev_net(skb->dev);
131 struct ip_tunnel_net *itn = net_generic(net, ipip_net_id);
132 const struct iphdr *iph = (const struct iphdr *)skb->data;
133 IP_TUNNEL_DECLARE_FLAGS(flags) = { };
134 const int type = icmp_hdr(skb)->type;
135 const int code = icmp_hdr(skb)->code;
136 struct ip_tunnel *t;
137 int err = 0;
138
139 __set_bit(IP_TUNNEL_NO_KEY_BIT, flags);
140
141 t = ip_tunnel_lookup(itn, skb->dev->ifindex, flags, iph->daddr,
142 iph->saddr, 0);
143 if (!t) {
144 err = -ENOENT;
145 goto out;
146 }
147
148 switch (type) {
149 case ICMP_DEST_UNREACH:
150 switch (code) {
151 case ICMP_SR_FAILED:
152 /* Impossible event. */
153 goto out;
154 default:
155 /* All others are translated to HOST_UNREACH.
156 * rfc2003 contains "deep thoughts" about NET_UNREACH,
157 * I believe they are just ether pollution. --ANK
158 */
159 break;
160 }
161 break;
162
163 case ICMP_TIME_EXCEEDED:
164 if (code != ICMP_EXC_TTL)
165 goto out;
166 break;
167
168 case ICMP_REDIRECT:
169 break;
170
171 default:
172 goto out;
173 }
174
175 if (type == ICMP_DEST_UNREACH && code == ICMP_FRAG_NEEDED) {
176 ipv4_update_pmtu(skb, net, info, t->parms.link, iph->protocol);
177 goto out;
178 }
179
180 if (type == ICMP_REDIRECT) {
181 ipv4_redirect(skb, net, t->parms.link, iph->protocol);
182 goto out;
183 }
184
185 if (t->parms.iph.daddr == 0) {
186 err = -ENOENT;
187 goto out;
188 }
189
190 if (t->parms.iph.ttl == 0 && type == ICMP_TIME_EXCEEDED)
191 goto out;
192
193 if (time_before(jiffies, t->err_time + IPTUNNEL_ERR_TIMEO))
194 t->err_count++;
195 else
196 t->err_count = 1;
197 t->err_time = jiffies;
198
199 out:
200 return err;
201 }
202
203 static const struct tnl_ptk_info ipip_tpi = {
204 /* no tunnel info required for ipip. */
205 .proto = htons(ETH_P_IP),
206 };
207
208 #if IS_ENABLED(CONFIG_MPLS)
209 static const struct tnl_ptk_info mplsip_tpi = {
210 /* no tunnel info required for mplsip. */
211 .proto = htons(ETH_P_MPLS_UC),
212 };
213 #endif
214
215 static int ipip_tunnel_rcv(struct sk_buff *skb, u8 ipproto)
216 {
217 struct net *net = dev_net(skb->dev);
218 struct ip_tunnel_net *itn = net_generic(net, ipip_net_id);
219 IP_TUNNEL_DECLARE_FLAGS(flags) = { };
220 struct metadata_dst *tun_dst = NULL;
221 struct ip_tunnel *tunnel;
222 const struct iphdr *iph;
223
224 __set_bit(IP_TUNNEL_NO_KEY_BIT, flags);
225
226 iph = ip_hdr(skb);
227 tunnel = ip_tunnel_lookup(itn, skb->dev->ifindex, flags, iph->saddr,
228 iph->daddr, 0);
229 if (tunnel) {
230 const struct tnl_ptk_info *tpi;
231
232 if (tunnel->parms.iph.protocol != ipproto &&
233 tunnel->parms.iph.protocol != 0)
234 goto drop;
235
236 if (!xfrm4_policy_check(NULL, XFRM_POLICY_IN, skb))
237 goto drop;
238 #if IS_ENABLED(CONFIG_MPLS)
239 if (ipproto == IPPROTO_MPLS)
240 tpi = &mplsip_tpi;
241 else
242 #endif
243 tpi = &ipip_tpi;
244 if (iptunnel_pull_header(skb, 0, tpi->proto, false))
245 goto drop;
246 if (tunnel->collect_md) {
247 ip_tunnel_flags_zero(flags);
248
249 tun_dst = ip_tun_rx_dst(skb, flags, 0, 0);
250 if (!tun_dst)
251 return 0;
252 ip_tunnel_md_udp_encap(skb, &tun_dst->u.tun_info);
253 }
254 skb_reset_mac_header(skb);
255
256 return ip_tunnel_rcv(tunnel, skb, tpi, tun_dst, log_ecn_error);
257 }
258
259 return -1;
260
261 drop:
262 kfree_skb(skb);
263 return 0;
264 }
265
266 static int ipip_rcv(struct sk_buff *skb)
267 {
268 return ipip_tunnel_rcv(skb, IPPROTO_IPIP);
269 }
270
271 #if IS_ENABLED(CONFIG_MPLS)
272 static int mplsip_rcv(struct sk_buff *skb)
273 {
274 return ipip_tunnel_rcv(skb, IPPROTO_MPLS);
275 }
276 #endif
277
278 /*
279 * This function assumes it is being called from dev_queue_xmit()
280 * and that skb is filled properly by that function.
281 */
282 static netdev_tx_t ipip_tunnel_xmit(struct sk_buff *skb,
283 struct net_device *dev)
284 {
285 struct ip_tunnel *tunnel = netdev_priv(dev);
286 const struct iphdr *tiph = &tunnel->parms.iph;
287 u8 ipproto;
288
289 if (!pskb_inet_may_pull(skb))
290 goto tx_error;
291
292 switch (skb->protocol) {
293 case htons(ETH_P_IP):
294 ipproto = IPPROTO_IPIP;
295 break;
296 #if IS_ENABLED(CONFIG_MPLS)
297 case htons(ETH_P_MPLS_UC):
298 ipproto = IPPROTO_MPLS;
299 break;
300 #endif
301 default:
302 goto tx_error;
303 }
304
305 if (tiph->protocol != ipproto && tiph->protocol != 0)
306 goto tx_error;
307
308 if (iptunnel_handle_offloads(skb, SKB_GSO_IPXIP4))
309 goto tx_error;
310
311 skb_set_inner_ipproto(skb, ipproto);
312
313 if (tunnel->collect_md)
314 ip_md_tunnel_xmit(skb, dev, ipproto, 0);
315 else
316 ip_tunnel_xmit(skb, dev, tiph, ipproto);
317 return NETDEV_TX_OK;
318
319 tx_error:
320 kfree_skb(skb);
321
322 DEV_STATS_INC(dev, tx_errors);
323 return NETDEV_TX_OK;
324 }
325
326 static bool ipip_tunnel_ioctl_verify_protocol(u8 ipproto)
327 {
328 switch (ipproto) {
329 case 0:
330 case IPPROTO_IPIP:
331 #if IS_ENABLED(CONFIG_MPLS)
332 case IPPROTO_MPLS:
333 #endif
334 return true;
335 }
336
337 return false;
338 }
339
340 static int
341 ipip_tunnel_ctl(struct net_device *dev, struct ip_tunnel_parm_kern *p, int cmd)
342 {
343 if (cmd == SIOCADDTUNNEL || cmd == SIOCCHGTUNNEL) {
344 if (p->iph.version != 4 ||
345 !ipip_tunnel_ioctl_verify_protocol(p->iph.protocol) ||
346 p->iph.ihl != 5 || (p->iph.frag_off & htons(~IP_DF)))
347 return -EINVAL;
348 }
349
350 p->i_key = p->o_key = 0;
351 ip_tunnel_flags_zero(p->i_flags);
352 ip_tunnel_flags_zero(p->o_flags);
353 return ip_tunnel_ctl(dev, p, cmd);
354 }
355
356 static const struct net_device_ops ipip_netdev_ops = {
357 .ndo_init = ipip_tunnel_init,
358 .ndo_uninit = ip_tunnel_uninit,
359 .ndo_start_xmit = ipip_tunnel_xmit,
360 .ndo_siocdevprivate = ip_tunnel_siocdevprivate,
361 .ndo_change_mtu = ip_tunnel_change_mtu,
362 .ndo_get_stats64 = dev_get_tstats64,
363 .ndo_get_iflink = ip_tunnel_get_iflink,
364 .ndo_tunnel_ctl = ipip_tunnel_ctl,
365 };
366
367 #define IPIP_FEATURES (NETIF_F_SG | \
368 NETIF_F_FRAGLIST | \
369 NETIF_F_HIGHDMA | \
370 NETIF_F_GSO_SOFTWARE | \
371 NETIF_F_HW_CSUM)
372
373 static void ipip_tunnel_setup(struct net_device *dev)
374 {
375 dev->netdev_ops = &ipip_netdev_ops;
376 dev->header_ops = &ip_tunnel_header_ops;
377
378 dev->type = ARPHRD_TUNNEL;
379 dev->flags = IFF_NOARP;
380 dev->addr_len = 4;
381 dev->features |= NETIF_F_LLTX;
382 netif_keep_dst(dev);
383
384 dev->features |= IPIP_FEATURES;
385 dev->hw_features |= IPIP_FEATURES;
386 ip_tunnel_setup(dev, ipip_net_id);
387 }
388
389 static int ipip_tunnel_init(struct net_device *dev)
390 {
391 struct ip_tunnel *tunnel = netdev_priv(dev);
392
393 __dev_addr_set(dev, &tunnel->parms.iph.saddr, 4);
394 memcpy(dev->broadcast, &tunnel->parms.iph.daddr, 4);
395
396 tunnel->tun_hlen = 0;
397 tunnel->hlen = tunnel->tun_hlen + tunnel->encap_hlen;
398 return ip_tunnel_init(dev);
399 }
400
401 static int ipip_tunnel_validate(struct nlattr *tb[], struct nlattr *data[],
402 struct netlink_ext_ack *extack)
403 {
404 u8 proto;
405
406 if (!data || !data[IFLA_IPTUN_PROTO])
407 return 0;
408
409 proto = nla_get_u8(data[IFLA_IPTUN_PROTO]);
410 if (proto != IPPROTO_IPIP && proto != IPPROTO_MPLS && proto != 0)
411 return -EINVAL;
412
413 return 0;
414 }
415
416 static void ipip_netlink_parms(struct nlattr *data[],
417 struct ip_tunnel_parm_kern *parms,
418 bool *collect_md, __u32 *fwmark)
419 {
420 memset(parms, 0, sizeof(*parms));
421
422 parms->iph.version = 4;
423 parms->iph.protocol = IPPROTO_IPIP;
424 parms->iph.ihl = 5;
425 *collect_md = false;
426
427 if (!data)
428 return;
429
430 ip_tunnel_netlink_parms(data, parms);
431
432 if (data[IFLA_IPTUN_COLLECT_METADATA])
433 *collect_md = true;
434
435 if (data[IFLA_IPTUN_FWMARK])
436 *fwmark = nla_get_u32(data[IFLA_IPTUN_FWMARK]);
437 }
438
439 static int ipip_newlink(struct net *src_net, struct net_device *dev,
440 struct nlattr *tb[], struct nlattr *data[],
441 struct netlink_ext_ack *extack)
442 {
443 struct ip_tunnel *t = netdev_priv(dev);
444 struct ip_tunnel_encap ipencap;
445 struct ip_tunnel_parm_kern p;
446 __u32 fwmark = 0;
447
448 if (ip_tunnel_netlink_encap_parms(data, &ipencap)) {
449 int err = ip_tunnel_encap_setup(t, &ipencap);
450
451 if (err < 0)
452 return err;
453 }
454
455 ipip_netlink_parms(data, &p, &t->collect_md, &fwmark);
456 return ip_tunnel_newlink(dev, tb, &p, fwmark);
457 }
458
459 static int ipip_changelink(struct net_device *dev, struct nlattr *tb[],
460 struct nlattr *data[],
461 struct netlink_ext_ack *extack)
462 {
463 struct ip_tunnel *t = netdev_priv(dev);
464 struct ip_tunnel_encap ipencap;
465 struct ip_tunnel_parm_kern p;
466 bool collect_md;
467 __u32 fwmark = t->fwmark;
468
469 if (ip_tunnel_netlink_encap_parms(data, &ipencap)) {
470 int err = ip_tunnel_encap_setup(t, &ipencap);
471
472 if (err < 0)
473 return err;
474 }
475
476 ipip_netlink_parms(data, &p, &collect_md, &fwmark);
477 if (collect_md)
478 return -EINVAL;
479
480 if (((dev->flags & IFF_POINTOPOINT) && !p.iph.daddr) ||
481 (!(dev->flags & IFF_POINTOPOINT) && p.iph.daddr))
482 return -EINVAL;
483
484 return ip_tunnel_changelink(dev, tb, &p, fwmark);
485 }
486
487 static size_t ipip_get_size(const struct net_device *dev)
488 {
489 return
490 /* IFLA_IPTUN_LINK */
491 nla_total_size(4) +
492 /* IFLA_IPTUN_LOCAL */
493 nla_total_size(4) +
494 /* IFLA_IPTUN_REMOTE */
495 nla_total_size(4) +
496 /* IFLA_IPTUN_TTL */
497 nla_total_size(1) +
498 /* IFLA_IPTUN_TOS */
499 nla_total_size(1) +
500 /* IFLA_IPTUN_PROTO */
501 nla_total_size(1) +
502 /* IFLA_IPTUN_PMTUDISC */
503 nla_total_size(1) +
504 /* IFLA_IPTUN_ENCAP_TYPE */
505 nla_total_size(2) +
506 /* IFLA_IPTUN_ENCAP_FLAGS */
507 nla_total_size(2) +
508 /* IFLA_IPTUN_ENCAP_SPORT */
509 nla_total_size(2) +
510 /* IFLA_IPTUN_ENCAP_DPORT */
511 nla_total_size(2) +
512 /* IFLA_IPTUN_COLLECT_METADATA */
513 nla_total_size(0) +
514 /* IFLA_IPTUN_FWMARK */
515 nla_total_size(4) +
516 0;
517 }
518
519 static int ipip_fill_info(struct sk_buff *skb, const struct net_device *dev)
520 {
521 struct ip_tunnel *tunnel = netdev_priv(dev);
522 struct ip_tunnel_parm_kern *parm = &tunnel->parms;
523
524 if (nla_put_u32(skb, IFLA_IPTUN_LINK, parm->link) ||
525 nla_put_in_addr(skb, IFLA_IPTUN_LOCAL, parm->iph.saddr) ||
526 nla_put_in_addr(skb, IFLA_IPTUN_REMOTE, parm->iph.daddr) ||
527 nla_put_u8(skb, IFLA_IPTUN_TTL, parm->iph.ttl) ||
528 nla_put_u8(skb, IFLA_IPTUN_TOS, parm->iph.tos) ||
529 nla_put_u8(skb, IFLA_IPTUN_PROTO, parm->iph.protocol) ||
530 nla_put_u8(skb, IFLA_IPTUN_PMTUDISC,
531 !!(parm->iph.frag_off & htons(IP_DF))) ||
532 nla_put_u32(skb, IFLA_IPTUN_FWMARK, tunnel->fwmark))
533 goto nla_put_failure;
534
535 if (nla_put_u16(skb, IFLA_IPTUN_ENCAP_TYPE,
536 tunnel->encap.type) ||
537 nla_put_be16(skb, IFLA_IPTUN_ENCAP_SPORT,
538 tunnel->encap.sport) ||
539 nla_put_be16(skb, IFLA_IPTUN_ENCAP_DPORT,
540 tunnel->encap.dport) ||
541 nla_put_u16(skb, IFLA_IPTUN_ENCAP_FLAGS,
542 tunnel->encap.flags))
543 goto nla_put_failure;
544
545 if (tunnel->collect_md)
546 if (nla_put_flag(skb, IFLA_IPTUN_COLLECT_METADATA))
547 goto nla_put_failure;
548 return 0;
549
550 nla_put_failure:
551 return -EMSGSIZE;
552 }
553
554 static const struct nla_policy ipip_policy[IFLA_IPTUN_MAX + 1] = {
555 [IFLA_IPTUN_LINK] = { .type = NLA_U32 },
556 [IFLA_IPTUN_LOCAL] = { .type = NLA_U32 },
557 [IFLA_IPTUN_REMOTE] = { .type = NLA_U32 },
558 [IFLA_IPTUN_TTL] = { .type = NLA_U8 },
559 [IFLA_IPTUN_TOS] = { .type = NLA_U8 },
560 [IFLA_IPTUN_PROTO] = { .type = NLA_U8 },
561 [IFLA_IPTUN_PMTUDISC] = { .type = NLA_U8 },
562 [IFLA_IPTUN_ENCAP_TYPE] = { .type = NLA_U16 },
563 [IFLA_IPTUN_ENCAP_FLAGS] = { .type = NLA_U16 },
564 [IFLA_IPTUN_ENCAP_SPORT] = { .type = NLA_U16 },
565 [IFLA_IPTUN_ENCAP_DPORT] = { .type = NLA_U16 },
566 [IFLA_IPTUN_COLLECT_METADATA] = { .type = NLA_FLAG },
567 [IFLA_IPTUN_FWMARK] = { .type = NLA_U32 },
568 };
569
570 static struct rtnl_link_ops ipip_link_ops __read_mostly = {
571 .kind = "ipip",
572 .maxtype = IFLA_IPTUN_MAX,
573 .policy = ipip_policy,
574 .priv_size = sizeof(struct ip_tunnel),
575 .setup = ipip_tunnel_setup,
576 .validate = ipip_tunnel_validate,
577 .newlink = ipip_newlink,
578 .changelink = ipip_changelink,
579 .dellink = ip_tunnel_dellink,
580 .get_size = ipip_get_size,
581 .fill_info = ipip_fill_info,
582 .get_link_net = ip_tunnel_get_link_net,
583 };
584
585 static struct xfrm_tunnel ipip_handler __read_mostly = {
586 .handler = ipip_rcv,
587 .err_handler = ipip_err,
588 .priority = 1,
589 };
590
591 #if IS_ENABLED(CONFIG_MPLS)
592 static struct xfrm_tunnel mplsip_handler __read_mostly = {
593 .handler = mplsip_rcv,
594 .err_handler = ipip_err,
595 .priority = 1,
596 };
597 #endif
598
599 static int __net_init ipip_init_net(struct net *net)
600 {
601 return ip_tunnel_init_net(net, ipip_net_id, &ipip_link_ops, "tunl0");
602 }
603
604 static void __net_exit ipip_exit_batch_rtnl(struct list_head *list_net,
605 struct list_head *dev_to_kill)
606 {
607 ip_tunnel_delete_nets(list_net, ipip_net_id, &ipip_link_ops,
608 dev_to_kill);
609 }
610
611 static struct pernet_operations ipip_net_ops = {
612 .init = ipip_init_net,
613 .exit_batch_rtnl = ipip_exit_batch_rtnl,
614 .id = &ipip_net_id,
615 .size = sizeof(struct ip_tunnel_net),
616 };
617
618 static int __init ipip_init(void)
619 {
620 int err;
621
622 pr_info("ipip: IPv4 and MPLS over IPv4 tunneling driver\n");
623
624 err = register_pernet_device(&ipip_net_ops);
625 if (err < 0)
626 return err;
627 err = xfrm4_tunnel_register(&ipip_handler, AF_INET);
628 if (err < 0) {
629 pr_info("%s: can't register tunnel\n", __func__);
630 goto xfrm_tunnel_ipip_failed;
631 }
632 #if IS_ENABLED(CONFIG_MPLS)
633 err = xfrm4_tunnel_register(&mplsip_handler, AF_MPLS);
634 if (err < 0) {
635 pr_info("%s: can't register tunnel\n", __func__);
636 goto xfrm_tunnel_mplsip_failed;
637 }
638 #endif
639 err = rtnl_link_register(&ipip_link_ops);
640 if (err < 0)
641 goto rtnl_link_failed;
642
643 out:
644 return err;
645
646 rtnl_link_failed:
647 #if IS_ENABLED(CONFIG_MPLS)
648 xfrm4_tunnel_deregister(&mplsip_handler, AF_MPLS);
649 xfrm_tunnel_mplsip_failed:
650
651 #endif
652 xfrm4_tunnel_deregister(&ipip_handler, AF_INET);
653 xfrm_tunnel_ipip_failed:
654 unregister_pernet_device(&ipip_net_ops);
655 goto out;
656 }
657
658 static void __exit ipip_fini(void)
659 {
660 rtnl_link_unregister(&ipip_link_ops);
661 if (xfrm4_tunnel_deregister(&ipip_handler, AF_INET))
662 pr_info("%s: can't deregister tunnel\n", __func__);
663 #if IS_ENABLED(CONFIG_MPLS)
664 if (xfrm4_tunnel_deregister(&mplsip_handler, AF_MPLS))
665 pr_info("%s: can't deregister tunnel\n", __func__);
666 #endif
667 unregister_pernet_device(&ipip_net_ops);
668 }
669
670 module_init(ipip_init);
671 module_exit(ipip_fini);
672 MODULE_DESCRIPTION("IP/IP protocol decoder library");
673 MODULE_LICENSE("GPL");
674 MODULE_ALIAS_RTNL_LINK("ipip");
675 MODULE_ALIAS_NETDEV("tunl0");
676
Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.