2 * Linux NET3: GRE over IP protocol decoder.
4 * Authors: Alexey Kuznetsov (kuznet@ms2.inr.ac.ru)
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version
9 * 2 of the License, or (at your option) any later version.
13 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
15 #include <linux/capability.h>
16 #include <linux/module.h>
17 #include <linux/types.h>
18 #include <linux/kernel.h>
19 #include <linux/slab.h>
20 #include <asm/uaccess.h>
21 #include <linux/skbuff.h>
22 #include <linux/netdevice.h>
24 #include <linux/tcp.h>
25 #include <linux/udp.h>
26 #include <linux/if_arp.h>
27 #include <linux/mroute.h>
28 #include <linux/init.h>
29 #include <linux/in6.h>
30 #include <linux/inetdevice.h>
31 #include <linux/igmp.h>
32 #include <linux/netfilter_ipv4.h>
33 #include <linux/etherdevice.h>
34 #include <linux/if_ether.h>
39 #include <net/protocol.h>
42 #include <net/checksum.h>
43 #include <net/dsfield.h>
44 #include <net/inet_ecn.h>
46 #include <net/net_namespace.h>
47 #include <net/netns/generic.h>
48 #include <net/rtnetlink.h>
51 #if IS_ENABLED(CONFIG_IPV6)
53 #include <net/ip6_fib.h>
54 #include <net/ip6_route.h>
61 1. The most important issue is detecting local dead loops.
62 They would cause complete host lockup in transmit, which
63 would be "resolved" by stack overflow or, if queueing is enabled,
64 with infinite looping in net_bh.
66 We cannot track such dead loops during route installation,
67 it is infeasible task. The most general solutions would be
68 to keep skb->encapsulation counter (sort of local ttl),
69 and silently drop packet when it expires. It is a good
70 solution, but it supposes maintaining new variable in ALL
71 skb, even if no tunneling is used.
73 Current solution: xmit_recursion breaks dead loops. This is a percpu
74 counter, since when we enter the first ndo_xmit(), cpu migration is
75 forbidden. We force an exit if this counter reaches RECURSION_LIMIT
77 2. Networking dead loops would not kill routers, but would really
78 kill network. IP hop limit plays role of "t->recursion" in this case,
79 if we copy it from packet being encapsulated to upper header.
80 It is very good solution, but it introduces two problems:
82 - Routing protocols, using packets with ttl=1 (OSPF, RIP2),
83 do not work over tunnels.
84 - traceroute does not work. I planned to relay ICMP from tunnel,
85 so that this problem would be solved and traceroute output
86 would even more informative. This idea appeared to be wrong:
87 only Linux complies to rfc1812 now (yes, guys, Linux is the only
88 true router now :-)), all routers (at least, in neighbourhood of mine)
89 return only 8 bytes of payload. It is the end.
91 Hence, if we want that OSPF worked or traceroute said something reasonable,
92 we should search for another solution.
94 One of them is to parse packet trying to detect inner encapsulation
95 made by our node. It is difficult or even impossible, especially,
96 taking into account fragmentation. TO be short, ttl is not solution at all.
98 Current solution: The solution was UNEXPECTEDLY SIMPLE.
99 We force DF flag on tunnels with preconfigured hop limit,
100 that is ALL. :-) Well, it does not remove the problem completely,
101 but exponential growth of network traffic is changed to linear
102 (branches, that exceed pmtu are pruned) and tunnel mtu
103 rapidly degrades to value <68, where looping stops.
104 Yes, it is not good if there exists a router in the loop,
105 which does not force DF, even when encapsulating packets have DF set.
106 But it is not our problem! Nobody could accuse us, we made
107 all that we could make. Even if it is your gated who injected
108 fatal route to network, even if it were you who configured
109 fatal static route: you are innocent. :-)
113 3. Really, ipv4/ipip.c, ipv4/ip_gre.c and ipv6/sit.c contain
114 practically identical code. It would be good to glue them
115 together, but it is not very evident, how to make them modular.
116 sit is integral part of IPv6, ipip and gre are naturally modular.
117 We could extract common parts (hash table, ioctl etc)
118 to a separate module (ip_tunnel.c).
123 static struct rtnl_link_ops ipgre_link_ops __read_mostly;
124 static int ipgre_tunnel_init(struct net_device *dev);
125 static void ipgre_tunnel_setup(struct net_device *dev);
126 static int ipgre_tunnel_bind_dev(struct net_device *dev);
128 /* Fallback tunnel: no source, no destination, no key, no options */
132 static int ipgre_net_id __read_mostly;
134 struct ip_tunnel __rcu *tunnels[4][HASH_SIZE];
136 struct net_device *fb_tunnel_dev;
139 /* Tunnel hash table */
149 We require exact key match i.e. if a key is present in packet
150 it will match only tunnel with the same key; if it is not present,
151 it will match only keyless tunnel.
153 All keysless packets, if not matched configured keyless tunnels
154 will match fallback tunnel.
157 #define HASH(addr) (((__force u32)addr^((__force u32)addr>>4))&0xF)
159 #define tunnels_r_l tunnels[3]
160 #define tunnels_r tunnels[2]
161 #define tunnels_l tunnels[1]
162 #define tunnels_wc tunnels[0]
164 * Locking : hash tables are protected by RCU and RTNL
167 #define for_each_ip_tunnel_rcu(start) \
168 for (t = rcu_dereference(start); t; t = rcu_dereference(t->next))
170 /* often modified stats are per cpu, other are shared (netdev->stats) */
172 unsigned long rx_packets;
173 unsigned long rx_bytes;
174 unsigned long tx_packets;
175 unsigned long tx_bytes;
176 } __attribute__((aligned(4*sizeof(unsigned long))));
178 static struct net_device_stats *ipgre_get_stats(struct net_device *dev)
180 struct pcpu_tstats sum = { 0 };
183 for_each_possible_cpu(i) {
184 const struct pcpu_tstats *tstats = per_cpu_ptr(dev->tstats, i);
186 sum.rx_packets += tstats->rx_packets;
187 sum.rx_bytes += tstats->rx_bytes;
188 sum.tx_packets += tstats->tx_packets;
189 sum.tx_bytes += tstats->tx_bytes;
191 dev->stats.rx_packets = sum.rx_packets;
192 dev->stats.rx_bytes = sum.rx_bytes;
193 dev->stats.tx_packets = sum.tx_packets;
194 dev->stats.tx_bytes = sum.tx_bytes;
198 /* Given src, dst and key, find appropriate for input tunnel. */
200 static struct ip_tunnel * ipgre_tunnel_lookup(struct net_device *dev,
201 __be32 remote, __be32 local,
202 __be32 key, __be16 gre_proto)
204 struct net *net = dev_net(dev);
205 int link = dev->ifindex;
206 unsigned int h0 = HASH(remote);
207 unsigned int h1 = HASH(key);
208 struct ip_tunnel *t, *cand = NULL;
209 struct ipgre_net *ign = net_generic(net, ipgre_net_id);
210 int dev_type = (gre_proto == htons(ETH_P_TEB)) ?
211 ARPHRD_ETHER : ARPHRD_IPGRE;
212 int score, cand_score = 4;
214 for_each_ip_tunnel_rcu(ign->tunnels_r_l[h0 ^ h1]) {
215 if (local != t->parms.iph.saddr ||
216 remote != t->parms.iph.daddr ||
217 key != t->parms.i_key ||
218 !(t->dev->flags & IFF_UP))
221 if (t->dev->type != ARPHRD_IPGRE &&
222 t->dev->type != dev_type)
226 if (t->parms.link != link)
228 if (t->dev->type != dev_type)
233 if (score < cand_score) {
239 for_each_ip_tunnel_rcu(ign->tunnels_r[h0 ^ h1]) {
240 if (remote != t->parms.iph.daddr ||
241 key != t->parms.i_key ||
242 !(t->dev->flags & IFF_UP))
245 if (t->dev->type != ARPHRD_IPGRE &&
246 t->dev->type != dev_type)
250 if (t->parms.link != link)
252 if (t->dev->type != dev_type)
257 if (score < cand_score) {
263 for_each_ip_tunnel_rcu(ign->tunnels_l[h1]) {
264 if ((local != t->parms.iph.saddr &&
265 (local != t->parms.iph.daddr ||
266 !ipv4_is_multicast(local))) ||
267 key != t->parms.i_key ||
268 !(t->dev->flags & IFF_UP))
271 if (t->dev->type != ARPHRD_IPGRE &&
272 t->dev->type != dev_type)
276 if (t->parms.link != link)
278 if (t->dev->type != dev_type)
283 if (score < cand_score) {
289 for_each_ip_tunnel_rcu(ign->tunnels_wc[h1]) {
290 if (t->parms.i_key != key ||
291 !(t->dev->flags & IFF_UP))
294 if (t->dev->type != ARPHRD_IPGRE &&
295 t->dev->type != dev_type)
299 if (t->parms.link != link)
301 if (t->dev->type != dev_type)
306 if (score < cand_score) {
315 dev = ign->fb_tunnel_dev;
316 if (dev->flags & IFF_UP)
317 return netdev_priv(dev);
322 static struct ip_tunnel __rcu **__ipgre_bucket(struct ipgre_net *ign,
323 struct ip_tunnel_parm *parms)
325 __be32 remote = parms->iph.daddr;
326 __be32 local = parms->iph.saddr;
327 __be32 key = parms->i_key;
328 unsigned int h = HASH(key);
333 if (remote && !ipv4_is_multicast(remote)) {
338 return &ign->tunnels[prio][h];
341 static inline struct ip_tunnel __rcu **ipgre_bucket(struct ipgre_net *ign,
344 return __ipgre_bucket(ign, &t->parms);
347 static void ipgre_tunnel_link(struct ipgre_net *ign, struct ip_tunnel *t)
349 struct ip_tunnel __rcu **tp = ipgre_bucket(ign, t);
351 rcu_assign_pointer(t->next, rtnl_dereference(*tp));
352 rcu_assign_pointer(*tp, t);
355 static void ipgre_tunnel_unlink(struct ipgre_net *ign, struct ip_tunnel *t)
357 struct ip_tunnel __rcu **tp;
358 struct ip_tunnel *iter;
360 for (tp = ipgre_bucket(ign, t);
361 (iter = rtnl_dereference(*tp)) != NULL;
364 rcu_assign_pointer(*tp, t->next);
370 static struct ip_tunnel *ipgre_tunnel_find(struct net *net,
371 struct ip_tunnel_parm *parms,
374 __be32 remote = parms->iph.daddr;
375 __be32 local = parms->iph.saddr;
376 __be32 key = parms->i_key;
377 int link = parms->link;
379 struct ip_tunnel __rcu **tp;
380 struct ipgre_net *ign = net_generic(net, ipgre_net_id);
382 for (tp = __ipgre_bucket(ign, parms);
383 (t = rtnl_dereference(*tp)) != NULL;
385 if (local == t->parms.iph.saddr &&
386 remote == t->parms.iph.daddr &&
387 key == t->parms.i_key &&
388 link == t->parms.link &&
389 type == t->dev->type)
395 static struct ip_tunnel *ipgre_tunnel_locate(struct net *net,
396 struct ip_tunnel_parm *parms, int create)
398 struct ip_tunnel *t, *nt;
399 struct net_device *dev;
401 struct ipgre_net *ign = net_generic(net, ipgre_net_id);
403 t = ipgre_tunnel_find(net, parms, ARPHRD_IPGRE);
408 strlcpy(name, parms->name, IFNAMSIZ);
410 strcpy(name, "gre%d");
412 dev = alloc_netdev(sizeof(*t), name, ipgre_tunnel_setup);
416 dev_net_set(dev, net);
418 nt = netdev_priv(dev);
420 dev->rtnl_link_ops = &ipgre_link_ops;
422 dev->mtu = ipgre_tunnel_bind_dev(dev);
424 if (register_netdevice(dev) < 0)
427 /* Can use a lockless transmit, unless we generate output sequences */
428 if (!(nt->parms.o_flags & GRE_SEQ))
429 dev->features |= NETIF_F_LLTX;
432 ipgre_tunnel_link(ign, nt);
440 static void ipgre_tunnel_uninit(struct net_device *dev)
442 struct net *net = dev_net(dev);
443 struct ipgre_net *ign = net_generic(net, ipgre_net_id);
445 ipgre_tunnel_unlink(ign, netdev_priv(dev));
450 static void ipgre_err(struct sk_buff *skb, u32 info)
453 /* All the routers (except for Linux) return only
454 8 bytes of packet payload. It means, that precise relaying of
455 ICMP in the real Internet is absolutely infeasible.
457 Moreover, Cisco "wise men" put GRE key to the third word
458 in GRE header. It makes impossible maintaining even soft state for keyed
459 GRE tunnels with enabled checksum. Tell them "thank you".
461 Well, I wonder, rfc1812 was written by Cisco employee,
462 what the hell these idiots break standards established
466 const struct iphdr *iph = (const struct iphdr *)skb->data;
467 __be16 *p = (__be16*)(skb->data+(iph->ihl<<2));
468 int grehlen = (iph->ihl<<2) + 4;
469 const int type = icmp_hdr(skb)->type;
470 const int code = icmp_hdr(skb)->code;
475 if (flags&(GRE_CSUM|GRE_KEY|GRE_SEQ|GRE_ROUTING|GRE_VERSION)) {
476 if (flags&(GRE_VERSION|GRE_ROUTING))
485 /* If only 8 bytes returned, keyed message will be dropped here */
486 if (skb_headlen(skb) < grehlen)
491 case ICMP_PARAMETERPROB:
494 case ICMP_DEST_UNREACH:
497 case ICMP_PORT_UNREACH:
498 /* Impossible event. */
500 case ICMP_FRAG_NEEDED:
501 /* Soft state for pmtu is maintained by IP core. */
504 /* All others are translated to HOST_UNREACH.
505 rfc2003 contains "deep thoughts" about NET_UNREACH,
506 I believe they are just ether pollution. --ANK
511 case ICMP_TIME_EXCEEDED:
512 if (code != ICMP_EXC_TTL)
518 t = ipgre_tunnel_lookup(skb->dev, iph->daddr, iph->saddr,
520 *(((__be32 *)p) + (grehlen / 4) - 1) : 0,
522 if (t == NULL || t->parms.iph.daddr == 0 ||
523 ipv4_is_multicast(t->parms.iph.daddr))
526 if (t->parms.iph.ttl == 0 && type == ICMP_TIME_EXCEEDED)
529 if (time_before(jiffies, t->err_time + IPTUNNEL_ERR_TIMEO))
533 t->err_time = jiffies;
538 static inline void ipgre_ecn_decapsulate(const struct iphdr *iph, struct sk_buff *skb)
540 if (INET_ECN_is_ce(iph->tos)) {
541 if (skb->protocol == htons(ETH_P_IP)) {
542 IP_ECN_set_ce(ip_hdr(skb));
543 } else if (skb->protocol == htons(ETH_P_IPV6)) {
544 IP6_ECN_set_ce(ipv6_hdr(skb));
550 ipgre_ecn_encapsulate(u8 tos, const struct iphdr *old_iph, struct sk_buff *skb)
553 if (skb->protocol == htons(ETH_P_IP))
554 inner = old_iph->tos;
555 else if (skb->protocol == htons(ETH_P_IPV6))
556 inner = ipv6_get_dsfield((const struct ipv6hdr *)old_iph);
557 return INET_ECN_encapsulate(tos, inner);
560 static int ipgre_rcv(struct sk_buff *skb)
562 const struct iphdr *iph;
568 struct ip_tunnel *tunnel;
572 if (!pskb_may_pull(skb, 16))
579 if (flags&(GRE_CSUM|GRE_KEY|GRE_ROUTING|GRE_SEQ|GRE_VERSION)) {
580 /* - Version must be 0.
581 - We do not support routing headers.
583 if (flags&(GRE_VERSION|GRE_ROUTING))
586 if (flags&GRE_CSUM) {
587 switch (skb->ip_summed) {
588 case CHECKSUM_COMPLETE:
589 csum = csum_fold(skb->csum);
595 csum = __skb_checksum_complete(skb);
596 skb->ip_summed = CHECKSUM_COMPLETE;
601 key = *(__be32*)(h + offset);
605 seqno = ntohl(*(__be32*)(h + offset));
610 gre_proto = *(__be16 *)(h + 2);
613 if ((tunnel = ipgre_tunnel_lookup(skb->dev,
614 iph->saddr, iph->daddr, key,
616 struct pcpu_tstats *tstats;
620 skb->protocol = gre_proto;
621 /* WCCP version 1 and 2 protocol decoding.
622 * - Change protocol to IP
623 * - When dealing with WCCPv2, Skip extra 4 bytes in GRE header
625 if (flags == 0 && gre_proto == htons(ETH_P_WCCP)) {
626 skb->protocol = htons(ETH_P_IP);
627 if ((*(h + offset) & 0xF0) != 0x40)
631 skb->mac_header = skb->network_header;
632 __pskb_pull(skb, offset);
633 skb_postpull_rcsum(skb, skb_transport_header(skb), offset);
634 skb->pkt_type = PACKET_HOST;
635 #ifdef CONFIG_NET_IPGRE_BROADCAST
636 if (ipv4_is_multicast(iph->daddr)) {
637 /* Looped back packet, drop it! */
638 if (rt_is_output_route(skb_rtable(skb)))
640 tunnel->dev->stats.multicast++;
641 skb->pkt_type = PACKET_BROADCAST;
645 if (((flags&GRE_CSUM) && csum) ||
646 (!(flags&GRE_CSUM) && tunnel->parms.i_flags&GRE_CSUM)) {
647 tunnel->dev->stats.rx_crc_errors++;
648 tunnel->dev->stats.rx_errors++;
651 if (tunnel->parms.i_flags&GRE_SEQ) {
652 if (!(flags&GRE_SEQ) ||
653 (tunnel->i_seqno && (s32)(seqno - tunnel->i_seqno) < 0)) {
654 tunnel->dev->stats.rx_fifo_errors++;
655 tunnel->dev->stats.rx_errors++;
658 tunnel->i_seqno = seqno + 1;
661 /* Warning: All skb pointers will be invalidated! */
662 if (tunnel->dev->type == ARPHRD_ETHER) {
663 if (!pskb_may_pull(skb, ETH_HLEN)) {
664 tunnel->dev->stats.rx_length_errors++;
665 tunnel->dev->stats.rx_errors++;
670 skb->protocol = eth_type_trans(skb, tunnel->dev);
671 skb_postpull_rcsum(skb, eth_hdr(skb), ETH_HLEN);
674 tstats = this_cpu_ptr(tunnel->dev->tstats);
675 tstats->rx_packets++;
676 tstats->rx_bytes += skb->len;
678 __skb_tunnel_rx(skb, tunnel->dev);
680 skb_reset_network_header(skb);
681 ipgre_ecn_decapsulate(iph, skb);
688 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_PORT_UNREACH, 0);
697 static netdev_tx_t ipgre_tunnel_xmit(struct sk_buff *skb, struct net_device *dev)
699 struct ip_tunnel *tunnel = netdev_priv(dev);
700 struct pcpu_tstats *tstats;
701 const struct iphdr *old_iph = ip_hdr(skb);
702 const struct iphdr *tiph;
706 struct rtable *rt; /* Route to the other host */
707 struct net_device *tdev; /* Device to other host */
708 struct iphdr *iph; /* Our new IP header */
709 unsigned int max_headroom; /* The extra header space needed */
714 if (dev->type == ARPHRD_ETHER)
715 IPCB(skb)->flags = 0;
717 if (dev->header_ops && dev->type == ARPHRD_IPGRE) {
719 tiph = (const struct iphdr *)skb->data;
721 gre_hlen = tunnel->hlen;
722 tiph = &tunnel->parms.iph;
725 if ((dst = tiph->daddr) == 0) {
728 if (skb_dst(skb) == NULL) {
729 dev->stats.tx_fifo_errors++;
733 if (skb->protocol == htons(ETH_P_IP)) {
734 rt = skb_rtable(skb);
735 dst = rt->rt_gateway;
737 #if IS_ENABLED(CONFIG_IPV6)
738 else if (skb->protocol == htons(ETH_P_IPV6)) {
739 const struct in6_addr *addr6;
740 struct neighbour *neigh;
741 bool do_tx_error_icmp;
744 neigh = dst_neigh_lookup(skb_dst(skb), &ipv6_hdr(skb)->daddr);
748 addr6 = (const struct in6_addr *)&neigh->primary_key;
749 addr_type = ipv6_addr_type(addr6);
751 if (addr_type == IPV6_ADDR_ANY) {
752 addr6 = &ipv6_hdr(skb)->daddr;
753 addr_type = ipv6_addr_type(addr6);
756 if ((addr_type & IPV6_ADDR_COMPATv4) == 0)
757 do_tx_error_icmp = true;
759 do_tx_error_icmp = false;
760 dst = addr6->s6_addr32[3];
762 neigh_release(neigh);
763 if (do_tx_error_icmp)
774 if (skb->protocol == htons(ETH_P_IP))
776 else if (skb->protocol == htons(ETH_P_IPV6))
777 tos = ipv6_get_dsfield((const struct ipv6hdr *)old_iph);
780 rt = ip_route_output_gre(dev_net(dev), &fl4, dst, tiph->saddr,
781 tunnel->parms.o_key, RT_TOS(tos),
784 dev->stats.tx_carrier_errors++;
791 dev->stats.collisions++;
797 mtu = dst_mtu(&rt->dst) - dev->hard_header_len - tunnel->hlen;
799 mtu = skb_dst(skb) ? dst_mtu(skb_dst(skb)) : dev->mtu;
802 skb_dst(skb)->ops->update_pmtu(skb_dst(skb), mtu);
804 if (skb->protocol == htons(ETH_P_IP)) {
805 df |= (old_iph->frag_off&htons(IP_DF));
807 if ((old_iph->frag_off&htons(IP_DF)) &&
808 mtu < ntohs(old_iph->tot_len)) {
809 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED, htonl(mtu));
814 #if IS_ENABLED(CONFIG_IPV6)
815 else if (skb->protocol == htons(ETH_P_IPV6)) {
816 struct rt6_info *rt6 = (struct rt6_info *)skb_dst(skb);
818 if (rt6 && mtu < dst_mtu(skb_dst(skb)) && mtu >= IPV6_MIN_MTU) {
819 if ((tunnel->parms.iph.daddr &&
820 !ipv4_is_multicast(tunnel->parms.iph.daddr)) ||
821 rt6->rt6i_dst.plen == 128) {
822 rt6->rt6i_flags |= RTF_MODIFIED;
823 dst_metric_set(skb_dst(skb), RTAX_MTU, mtu);
827 if (mtu >= IPV6_MIN_MTU && mtu < skb->len - tunnel->hlen + gre_hlen) {
828 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu);
835 if (tunnel->err_count > 0) {
836 if (time_before(jiffies,
837 tunnel->err_time + IPTUNNEL_ERR_TIMEO)) {
840 dst_link_failure(skb);
842 tunnel->err_count = 0;
845 max_headroom = LL_RESERVED_SPACE(tdev) + gre_hlen + rt->dst.header_len;
847 if (skb_headroom(skb) < max_headroom || skb_shared(skb)||
848 (skb_cloned(skb) && !skb_clone_writable(skb, 0))) {
849 struct sk_buff *new_skb = skb_realloc_headroom(skb, max_headroom);
850 if (max_headroom > dev->needed_headroom)
851 dev->needed_headroom = max_headroom;
854 dev->stats.tx_dropped++;
859 skb_set_owner_w(new_skb, skb->sk);
862 old_iph = ip_hdr(skb);
865 skb_reset_transport_header(skb);
866 skb_push(skb, gre_hlen);
867 skb_reset_network_header(skb);
868 memset(&(IPCB(skb)->opt), 0, sizeof(IPCB(skb)->opt));
869 IPCB(skb)->flags &= ~(IPSKB_XFRM_TUNNEL_SIZE | IPSKB_XFRM_TRANSFORMED |
872 skb_dst_set(skb, &rt->dst);
875 * Push down and install the IPIP header.
880 iph->ihl = sizeof(struct iphdr) >> 2;
882 iph->protocol = IPPROTO_GRE;
883 iph->tos = ipgre_ecn_encapsulate(tos, old_iph, skb);
884 iph->daddr = fl4.daddr;
885 iph->saddr = fl4.saddr;
887 if ((iph->ttl = tiph->ttl) == 0) {
888 if (skb->protocol == htons(ETH_P_IP))
889 iph->ttl = old_iph->ttl;
890 #if IS_ENABLED(CONFIG_IPV6)
891 else if (skb->protocol == htons(ETH_P_IPV6))
892 iph->ttl = ((const struct ipv6hdr *)old_iph)->hop_limit;
895 iph->ttl = ip4_dst_hoplimit(&rt->dst);
898 ((__be16 *)(iph + 1))[0] = tunnel->parms.o_flags;
899 ((__be16 *)(iph + 1))[1] = (dev->type == ARPHRD_ETHER) ?
900 htons(ETH_P_TEB) : skb->protocol;
902 if (tunnel->parms.o_flags&(GRE_KEY|GRE_CSUM|GRE_SEQ)) {
903 __be32 *ptr = (__be32*)(((u8*)iph) + tunnel->hlen - 4);
905 if (tunnel->parms.o_flags&GRE_SEQ) {
907 *ptr = htonl(tunnel->o_seqno);
910 if (tunnel->parms.o_flags&GRE_KEY) {
911 *ptr = tunnel->parms.o_key;
914 if (tunnel->parms.o_flags&GRE_CSUM) {
916 *(__sum16*)ptr = ip_compute_csum((void*)(iph+1), skb->len - sizeof(struct iphdr));
921 tstats = this_cpu_ptr(dev->tstats);
922 __IPTUNNEL_XMIT(tstats, &dev->stats);
925 #if IS_ENABLED(CONFIG_IPV6)
927 dst_link_failure(skb);
930 dev->stats.tx_errors++;
935 static int ipgre_tunnel_bind_dev(struct net_device *dev)
937 struct net_device *tdev = NULL;
938 struct ip_tunnel *tunnel;
939 const struct iphdr *iph;
940 int hlen = LL_MAX_HEADER;
941 int mtu = ETH_DATA_LEN;
942 int addend = sizeof(struct iphdr) + 4;
944 tunnel = netdev_priv(dev);
945 iph = &tunnel->parms.iph;
947 /* Guess output device to choose reasonable mtu and needed_headroom */
953 rt = ip_route_output_gre(dev_net(dev), &fl4,
954 iph->daddr, iph->saddr,
963 if (dev->type != ARPHRD_ETHER)
964 dev->flags |= IFF_POINTOPOINT;
967 if (!tdev && tunnel->parms.link)
968 tdev = __dev_get_by_index(dev_net(dev), tunnel->parms.link);
971 hlen = tdev->hard_header_len + tdev->needed_headroom;
974 dev->iflink = tunnel->parms.link;
976 /* Precalculate GRE options length */
977 if (tunnel->parms.o_flags&(GRE_CSUM|GRE_KEY|GRE_SEQ)) {
978 if (tunnel->parms.o_flags&GRE_CSUM)
980 if (tunnel->parms.o_flags&GRE_KEY)
982 if (tunnel->parms.o_flags&GRE_SEQ)
985 dev->needed_headroom = addend + hlen;
986 mtu -= dev->hard_header_len + addend;
991 tunnel->hlen = addend;
997 ipgre_tunnel_ioctl (struct net_device *dev, struct ifreq *ifr, int cmd)
1000 struct ip_tunnel_parm p;
1001 struct ip_tunnel *t;
1002 struct net *net = dev_net(dev);
1003 struct ipgre_net *ign = net_generic(net, ipgre_net_id);
1008 if (dev == ign->fb_tunnel_dev) {
1009 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p))) {
1013 t = ipgre_tunnel_locate(net, &p, 0);
1016 t = netdev_priv(dev);
1017 memcpy(&p, &t->parms, sizeof(p));
1018 if (copy_to_user(ifr->ifr_ifru.ifru_data, &p, sizeof(p)))
1025 if (!capable(CAP_NET_ADMIN))
1029 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p)))
1033 if (p.iph.version != 4 || p.iph.protocol != IPPROTO_GRE ||
1034 p.iph.ihl != 5 || (p.iph.frag_off&htons(~IP_DF)) ||
1035 ((p.i_flags|p.o_flags)&(GRE_VERSION|GRE_ROUTING)))
1038 p.iph.frag_off |= htons(IP_DF);
1040 if (!(p.i_flags&GRE_KEY))
1042 if (!(p.o_flags&GRE_KEY))
1045 t = ipgre_tunnel_locate(net, &p, cmd == SIOCADDTUNNEL);
1047 if (dev != ign->fb_tunnel_dev && cmd == SIOCCHGTUNNEL) {
1049 if (t->dev != dev) {
1054 unsigned int nflags = 0;
1056 t = netdev_priv(dev);
1058 if (ipv4_is_multicast(p.iph.daddr))
1059 nflags = IFF_BROADCAST;
1060 else if (p.iph.daddr)
1061 nflags = IFF_POINTOPOINT;
1063 if ((dev->flags^nflags)&(IFF_POINTOPOINT|IFF_BROADCAST)) {
1067 ipgre_tunnel_unlink(ign, t);
1069 t->parms.iph.saddr = p.iph.saddr;
1070 t->parms.iph.daddr = p.iph.daddr;
1071 t->parms.i_key = p.i_key;
1072 t->parms.o_key = p.o_key;
1073 memcpy(dev->dev_addr, &p.iph.saddr, 4);
1074 memcpy(dev->broadcast, &p.iph.daddr, 4);
1075 ipgre_tunnel_link(ign, t);
1076 netdev_state_change(dev);
1082 if (cmd == SIOCCHGTUNNEL) {
1083 t->parms.iph.ttl = p.iph.ttl;
1084 t->parms.iph.tos = p.iph.tos;
1085 t->parms.iph.frag_off = p.iph.frag_off;
1086 if (t->parms.link != p.link) {
1087 t->parms.link = p.link;
1088 dev->mtu = ipgre_tunnel_bind_dev(dev);
1089 netdev_state_change(dev);
1092 if (copy_to_user(ifr->ifr_ifru.ifru_data, &t->parms, sizeof(p)))
1095 err = (cmd == SIOCADDTUNNEL ? -ENOBUFS : -ENOENT);
1100 if (!capable(CAP_NET_ADMIN))
1103 if (dev == ign->fb_tunnel_dev) {
1105 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p)))
1108 if ((t = ipgre_tunnel_locate(net, &p, 0)) == NULL)
1111 if (t == netdev_priv(ign->fb_tunnel_dev))
1115 unregister_netdevice(dev);
1127 static int ipgre_tunnel_change_mtu(struct net_device *dev, int new_mtu)
1129 struct ip_tunnel *tunnel = netdev_priv(dev);
1131 new_mtu > 0xFFF8 - dev->hard_header_len - tunnel->hlen)
1137 /* Nice toy. Unfortunately, useless in real life :-)
1138 It allows to construct virtual multiprotocol broadcast "LAN"
1139 over the Internet, provided multicast routing is tuned.
1142 I have no idea was this bicycle invented before me,
1143 so that I had to set ARPHRD_IPGRE to a random value.
1144 I have an impression, that Cisco could make something similar,
1145 but this feature is apparently missing in IOS<=11.2(8).
1147 I set up 10.66.66/24 and fec0:6666:6666::0/96 as virtual networks
1148 with broadcast 224.66.66.66. If you have access to mbone, play with me :-)
1150 ping -t 255 224.66.66.66
1152 If nobody answers, mbone does not work.
1154 ip tunnel add Universe mode gre remote 224.66.66.66 local <Your_real_addr> ttl 255
1155 ip addr add 10.66.66.<somewhat>/24 dev Universe
1156 ifconfig Universe up
1157 ifconfig Universe add fe80::<Your_real_addr>/10
1158 ifconfig Universe add fec0:6666:6666::<Your_real_addr>/96
1161 ftp fec0:6666:6666::193.233.7.65
1166 static int ipgre_header(struct sk_buff *skb, struct net_device *dev,
1167 unsigned short type,
1168 const void *daddr, const void *saddr, unsigned int len)
1170 struct ip_tunnel *t = netdev_priv(dev);
1171 struct iphdr *iph = (struct iphdr *)skb_push(skb, t->hlen);
1172 __be16 *p = (__be16*)(iph+1);
1174 memcpy(iph, &t->parms.iph, sizeof(struct iphdr));
1175 p[0] = t->parms.o_flags;
1179 * Set the source hardware address.
1183 memcpy(&iph->saddr, saddr, 4);
1185 memcpy(&iph->daddr, daddr, 4);
1192 static int ipgre_header_parse(const struct sk_buff *skb, unsigned char *haddr)
1194 const struct iphdr *iph = (const struct iphdr *) skb_mac_header(skb);
1195 memcpy(haddr, &iph->saddr, 4);
1199 static const struct header_ops ipgre_header_ops = {
1200 .create = ipgre_header,
1201 .parse = ipgre_header_parse,
1204 #ifdef CONFIG_NET_IPGRE_BROADCAST
1205 static int ipgre_open(struct net_device *dev)
1207 struct ip_tunnel *t = netdev_priv(dev);
1209 if (ipv4_is_multicast(t->parms.iph.daddr)) {
1213 rt = ip_route_output_gre(dev_net(dev), &fl4,
1217 RT_TOS(t->parms.iph.tos),
1220 return -EADDRNOTAVAIL;
1223 if (__in_dev_get_rtnl(dev) == NULL)
1224 return -EADDRNOTAVAIL;
1225 t->mlink = dev->ifindex;
1226 ip_mc_inc_group(__in_dev_get_rtnl(dev), t->parms.iph.daddr);
1231 static int ipgre_close(struct net_device *dev)
1233 struct ip_tunnel *t = netdev_priv(dev);
1235 if (ipv4_is_multicast(t->parms.iph.daddr) && t->mlink) {
1236 struct in_device *in_dev;
1237 in_dev = inetdev_by_index(dev_net(dev), t->mlink);
1239 ip_mc_dec_group(in_dev, t->parms.iph.daddr);
1246 static const struct net_device_ops ipgre_netdev_ops = {
1247 .ndo_init = ipgre_tunnel_init,
1248 .ndo_uninit = ipgre_tunnel_uninit,
1249 #ifdef CONFIG_NET_IPGRE_BROADCAST
1250 .ndo_open = ipgre_open,
1251 .ndo_stop = ipgre_close,
1253 .ndo_start_xmit = ipgre_tunnel_xmit,
1254 .ndo_do_ioctl = ipgre_tunnel_ioctl,
1255 .ndo_change_mtu = ipgre_tunnel_change_mtu,
1256 .ndo_get_stats = ipgre_get_stats,
1259 static void ipgre_dev_free(struct net_device *dev)
1261 free_percpu(dev->tstats);
1265 static void ipgre_tunnel_setup(struct net_device *dev)
1267 dev->netdev_ops = &ipgre_netdev_ops;
1268 dev->destructor = ipgre_dev_free;
1270 dev->type = ARPHRD_IPGRE;
1271 dev->needed_headroom = LL_MAX_HEADER + sizeof(struct iphdr) + 4;
1272 dev->mtu = ETH_DATA_LEN - sizeof(struct iphdr) - 4;
1273 dev->flags = IFF_NOARP;
1276 dev->features |= NETIF_F_NETNS_LOCAL;
1277 dev->priv_flags &= ~IFF_XMIT_DST_RELEASE;
1280 static int ipgre_tunnel_init(struct net_device *dev)
1282 struct ip_tunnel *tunnel;
1285 tunnel = netdev_priv(dev);
1286 iph = &tunnel->parms.iph;
1289 strcpy(tunnel->parms.name, dev->name);
1291 memcpy(dev->dev_addr, &tunnel->parms.iph.saddr, 4);
1292 memcpy(dev->broadcast, &tunnel->parms.iph.daddr, 4);
1295 #ifdef CONFIG_NET_IPGRE_BROADCAST
1296 if (ipv4_is_multicast(iph->daddr)) {
1299 dev->flags = IFF_BROADCAST;
1300 dev->header_ops = &ipgre_header_ops;
1304 dev->header_ops = &ipgre_header_ops;
1306 dev->tstats = alloc_percpu(struct pcpu_tstats);
1313 static void ipgre_fb_tunnel_init(struct net_device *dev)
1315 struct ip_tunnel *tunnel = netdev_priv(dev);
1316 struct iphdr *iph = &tunnel->parms.iph;
1319 strcpy(tunnel->parms.name, dev->name);
1322 iph->protocol = IPPROTO_GRE;
1324 tunnel->hlen = sizeof(struct iphdr) + 4;
1330 static const struct gre_protocol ipgre_protocol = {
1331 .handler = ipgre_rcv,
1332 .err_handler = ipgre_err,
1335 static void ipgre_destroy_tunnels(struct ipgre_net *ign, struct list_head *head)
1339 for (prio = 0; prio < 4; prio++) {
1341 for (h = 0; h < HASH_SIZE; h++) {
1342 struct ip_tunnel *t;
1344 t = rtnl_dereference(ign->tunnels[prio][h]);
1347 unregister_netdevice_queue(t->dev, head);
1348 t = rtnl_dereference(t->next);
1354 static int __net_init ipgre_init_net(struct net *net)
1356 struct ipgre_net *ign = net_generic(net, ipgre_net_id);
1359 ign->fb_tunnel_dev = alloc_netdev(sizeof(struct ip_tunnel), "gre0",
1360 ipgre_tunnel_setup);
1361 if (!ign->fb_tunnel_dev) {
1365 dev_net_set(ign->fb_tunnel_dev, net);
1367 ipgre_fb_tunnel_init(ign->fb_tunnel_dev);
1368 ign->fb_tunnel_dev->rtnl_link_ops = &ipgre_link_ops;
1370 if ((err = register_netdev(ign->fb_tunnel_dev)))
1373 rcu_assign_pointer(ign->tunnels_wc[0],
1374 netdev_priv(ign->fb_tunnel_dev));
1378 ipgre_dev_free(ign->fb_tunnel_dev);
1383 static void __net_exit ipgre_exit_net(struct net *net)
1385 struct ipgre_net *ign;
1388 ign = net_generic(net, ipgre_net_id);
1390 ipgre_destroy_tunnels(ign, &list);
1391 unregister_netdevice_many(&list);
1395 static struct pernet_operations ipgre_net_ops = {
1396 .init = ipgre_init_net,
1397 .exit = ipgre_exit_net,
1398 .id = &ipgre_net_id,
1399 .size = sizeof(struct ipgre_net),
1402 static int ipgre_tunnel_validate(struct nlattr *tb[], struct nlattr *data[])
1410 if (data[IFLA_GRE_IFLAGS])
1411 flags |= nla_get_be16(data[IFLA_GRE_IFLAGS]);
1412 if (data[IFLA_GRE_OFLAGS])
1413 flags |= nla_get_be16(data[IFLA_GRE_OFLAGS]);
1414 if (flags & (GRE_VERSION|GRE_ROUTING))
1420 static int ipgre_tap_validate(struct nlattr *tb[], struct nlattr *data[])
1424 if (tb[IFLA_ADDRESS]) {
1425 if (nla_len(tb[IFLA_ADDRESS]) != ETH_ALEN)
1427 if (!is_valid_ether_addr(nla_data(tb[IFLA_ADDRESS])))
1428 return -EADDRNOTAVAIL;
1434 if (data[IFLA_GRE_REMOTE]) {
1435 memcpy(&daddr, nla_data(data[IFLA_GRE_REMOTE]), 4);
1441 return ipgre_tunnel_validate(tb, data);
1444 static void ipgre_netlink_parms(struct nlattr *data[],
1445 struct ip_tunnel_parm *parms)
1447 memset(parms, 0, sizeof(*parms));
1449 parms->iph.protocol = IPPROTO_GRE;
1454 if (data[IFLA_GRE_LINK])
1455 parms->link = nla_get_u32(data[IFLA_GRE_LINK]);
1457 if (data[IFLA_GRE_IFLAGS])
1458 parms->i_flags = nla_get_be16(data[IFLA_GRE_IFLAGS]);
1460 if (data[IFLA_GRE_OFLAGS])
1461 parms->o_flags = nla_get_be16(data[IFLA_GRE_OFLAGS]);
1463 if (data[IFLA_GRE_IKEY])
1464 parms->i_key = nla_get_be32(data[IFLA_GRE_IKEY]);
1466 if (data[IFLA_GRE_OKEY])
1467 parms->o_key = nla_get_be32(data[IFLA_GRE_OKEY]);
1469 if (data[IFLA_GRE_LOCAL])
1470 parms->iph.saddr = nla_get_be32(data[IFLA_GRE_LOCAL]);
1472 if (data[IFLA_GRE_REMOTE])
1473 parms->iph.daddr = nla_get_be32(data[IFLA_GRE_REMOTE]);
1475 if (data[IFLA_GRE_TTL])
1476 parms->iph.ttl = nla_get_u8(data[IFLA_GRE_TTL]);
1478 if (data[IFLA_GRE_TOS])
1479 parms->iph.tos = nla_get_u8(data[IFLA_GRE_TOS]);
1481 if (!data[IFLA_GRE_PMTUDISC] || nla_get_u8(data[IFLA_GRE_PMTUDISC]))
1482 parms->iph.frag_off = htons(IP_DF);
1485 static int ipgre_tap_init(struct net_device *dev)
1487 struct ip_tunnel *tunnel;
1489 tunnel = netdev_priv(dev);
1492 strcpy(tunnel->parms.name, dev->name);
1494 ipgre_tunnel_bind_dev(dev);
1496 dev->tstats = alloc_percpu(struct pcpu_tstats);
1503 static const struct net_device_ops ipgre_tap_netdev_ops = {
1504 .ndo_init = ipgre_tap_init,
1505 .ndo_uninit = ipgre_tunnel_uninit,
1506 .ndo_start_xmit = ipgre_tunnel_xmit,
1507 .ndo_set_mac_address = eth_mac_addr,
1508 .ndo_validate_addr = eth_validate_addr,
1509 .ndo_change_mtu = ipgre_tunnel_change_mtu,
1510 .ndo_get_stats = ipgre_get_stats,
1513 static void ipgre_tap_setup(struct net_device *dev)
1518 dev->netdev_ops = &ipgre_tap_netdev_ops;
1519 dev->destructor = ipgre_dev_free;
1522 dev->features |= NETIF_F_NETNS_LOCAL;
1525 static int ipgre_newlink(struct net *src_net, struct net_device *dev, struct nlattr *tb[],
1526 struct nlattr *data[])
1528 struct ip_tunnel *nt;
1529 struct net *net = dev_net(dev);
1530 struct ipgre_net *ign = net_generic(net, ipgre_net_id);
1534 nt = netdev_priv(dev);
1535 ipgre_netlink_parms(data, &nt->parms);
1537 if (ipgre_tunnel_find(net, &nt->parms, dev->type))
1540 if (dev->type == ARPHRD_ETHER && !tb[IFLA_ADDRESS])
1541 eth_hw_addr_random(dev);
1543 mtu = ipgre_tunnel_bind_dev(dev);
1547 /* Can use a lockless transmit, unless we generate output sequences */
1548 if (!(nt->parms.o_flags & GRE_SEQ))
1549 dev->features |= NETIF_F_LLTX;
1551 err = register_netdevice(dev);
1556 ipgre_tunnel_link(ign, nt);
1562 static int ipgre_changelink(struct net_device *dev, struct nlattr *tb[],
1563 struct nlattr *data[])
1565 struct ip_tunnel *t, *nt;
1566 struct net *net = dev_net(dev);
1567 struct ipgre_net *ign = net_generic(net, ipgre_net_id);
1568 struct ip_tunnel_parm p;
1571 if (dev == ign->fb_tunnel_dev)
1574 nt = netdev_priv(dev);
1575 ipgre_netlink_parms(data, &p);
1577 t = ipgre_tunnel_locate(net, &p, 0);
1585 if (dev->type != ARPHRD_ETHER) {
1586 unsigned int nflags = 0;
1588 if (ipv4_is_multicast(p.iph.daddr))
1589 nflags = IFF_BROADCAST;
1590 else if (p.iph.daddr)
1591 nflags = IFF_POINTOPOINT;
1593 if ((dev->flags ^ nflags) &
1594 (IFF_POINTOPOINT | IFF_BROADCAST))
1598 ipgre_tunnel_unlink(ign, t);
1599 t->parms.iph.saddr = p.iph.saddr;
1600 t->parms.iph.daddr = p.iph.daddr;
1601 t->parms.i_key = p.i_key;
1602 if (dev->type != ARPHRD_ETHER) {
1603 memcpy(dev->dev_addr, &p.iph.saddr, 4);
1604 memcpy(dev->broadcast, &p.iph.daddr, 4);
1606 ipgre_tunnel_link(ign, t);
1607 netdev_state_change(dev);
1610 t->parms.o_key = p.o_key;
1611 t->parms.iph.ttl = p.iph.ttl;
1612 t->parms.iph.tos = p.iph.tos;
1613 t->parms.iph.frag_off = p.iph.frag_off;
1615 if (t->parms.link != p.link) {
1616 t->parms.link = p.link;
1617 mtu = ipgre_tunnel_bind_dev(dev);
1620 netdev_state_change(dev);
1626 static size_t ipgre_get_size(const struct net_device *dev)
1631 /* IFLA_GRE_IFLAGS */
1633 /* IFLA_GRE_OFLAGS */
1639 /* IFLA_GRE_LOCAL */
1641 /* IFLA_GRE_REMOTE */
1647 /* IFLA_GRE_PMTUDISC */
1652 static int ipgre_fill_info(struct sk_buff *skb, const struct net_device *dev)
1654 struct ip_tunnel *t = netdev_priv(dev);
1655 struct ip_tunnel_parm *p = &t->parms;
1657 NLA_PUT_U32(skb, IFLA_GRE_LINK, p->link);
1658 NLA_PUT_BE16(skb, IFLA_GRE_IFLAGS, p->i_flags);
1659 NLA_PUT_BE16(skb, IFLA_GRE_OFLAGS, p->o_flags);
1660 NLA_PUT_BE32(skb, IFLA_GRE_IKEY, p->i_key);
1661 NLA_PUT_BE32(skb, IFLA_GRE_OKEY, p->o_key);
1662 NLA_PUT_BE32(skb, IFLA_GRE_LOCAL, p->iph.saddr);
1663 NLA_PUT_BE32(skb, IFLA_GRE_REMOTE, p->iph.daddr);
1664 NLA_PUT_U8(skb, IFLA_GRE_TTL, p->iph.ttl);
1665 NLA_PUT_U8(skb, IFLA_GRE_TOS, p->iph.tos);
1666 NLA_PUT_U8(skb, IFLA_GRE_PMTUDISC, !!(p->iph.frag_off & htons(IP_DF)));
1674 static const struct nla_policy ipgre_policy[IFLA_GRE_MAX + 1] = {
1675 [IFLA_GRE_LINK] = { .type = NLA_U32 },
1676 [IFLA_GRE_IFLAGS] = { .type = NLA_U16 },
1677 [IFLA_GRE_OFLAGS] = { .type = NLA_U16 },
1678 [IFLA_GRE_IKEY] = { .type = NLA_U32 },
1679 [IFLA_GRE_OKEY] = { .type = NLA_U32 },
1680 [IFLA_GRE_LOCAL] = { .len = FIELD_SIZEOF(struct iphdr, saddr) },
1681 [IFLA_GRE_REMOTE] = { .len = FIELD_SIZEOF(struct iphdr, daddr) },
1682 [IFLA_GRE_TTL] = { .type = NLA_U8 },
1683 [IFLA_GRE_TOS] = { .type = NLA_U8 },
1684 [IFLA_GRE_PMTUDISC] = { .type = NLA_U8 },
1687 static struct rtnl_link_ops ipgre_link_ops __read_mostly = {
1689 .maxtype = IFLA_GRE_MAX,
1690 .policy = ipgre_policy,
1691 .priv_size = sizeof(struct ip_tunnel),
1692 .setup = ipgre_tunnel_setup,
1693 .validate = ipgre_tunnel_validate,
1694 .newlink = ipgre_newlink,
1695 .changelink = ipgre_changelink,
1696 .get_size = ipgre_get_size,
1697 .fill_info = ipgre_fill_info,
1700 static struct rtnl_link_ops ipgre_tap_ops __read_mostly = {
1702 .maxtype = IFLA_GRE_MAX,
1703 .policy = ipgre_policy,
1704 .priv_size = sizeof(struct ip_tunnel),
1705 .setup = ipgre_tap_setup,
1706 .validate = ipgre_tap_validate,
1707 .newlink = ipgre_newlink,
1708 .changelink = ipgre_changelink,
1709 .get_size = ipgre_get_size,
1710 .fill_info = ipgre_fill_info,
1714 * And now the modules code and kernel interface.
1717 static int __init ipgre_init(void)
1721 pr_info("GRE over IPv4 tunneling driver\n");
1723 err = register_pernet_device(&ipgre_net_ops);
1727 err = gre_add_protocol(&ipgre_protocol, GREPROTO_CISCO);
1729 pr_info("%s: can't add protocol\n", __func__);
1730 goto add_proto_failed;
1733 err = rtnl_link_register(&ipgre_link_ops);
1735 goto rtnl_link_failed;
1737 err = rtnl_link_register(&ipgre_tap_ops);
1739 goto tap_ops_failed;
1745 rtnl_link_unregister(&ipgre_link_ops);
1747 gre_del_protocol(&ipgre_protocol, GREPROTO_CISCO);
1749 unregister_pernet_device(&ipgre_net_ops);
1753 static void __exit ipgre_fini(void)
1755 rtnl_link_unregister(&ipgre_tap_ops);
1756 rtnl_link_unregister(&ipgre_link_ops);
1757 if (gre_del_protocol(&ipgre_protocol, GREPROTO_CISCO) < 0)
1758 pr_info("%s: can't remove protocol\n", __func__);
1759 unregister_pernet_device(&ipgre_net_ops);
1762 module_init(ipgre_init);
1763 module_exit(ipgre_fini);
1764 MODULE_LICENSE("GPL");
1765 MODULE_ALIAS_RTNL_LINK("gre");
1766 MODULE_ALIAS_RTNL_LINK("gretap");
1767 MODULE_ALIAS_NETDEV("gre0");