162306a36Sopenharmony_ci// SPDX-License-Identifier: GPL-2.0-or-later 262306a36Sopenharmony_ci/* Copyright (c) 2014 Mahesh Bandewar <maheshb@google.com> 362306a36Sopenharmony_ci */ 462306a36Sopenharmony_ci 562306a36Sopenharmony_ci#include "ipvlan.h" 662306a36Sopenharmony_ci 762306a36Sopenharmony_cistatic unsigned int ipvlan_netid __read_mostly; 862306a36Sopenharmony_ci 962306a36Sopenharmony_cistruct ipvlan_netns { 1062306a36Sopenharmony_ci unsigned int ipvl_nf_hook_refcnt; 1162306a36Sopenharmony_ci}; 1262306a36Sopenharmony_ci 1362306a36Sopenharmony_cistatic struct ipvl_addr *ipvlan_skb_to_addr(struct sk_buff *skb, 1462306a36Sopenharmony_ci struct net_device *dev) 1562306a36Sopenharmony_ci{ 1662306a36Sopenharmony_ci struct ipvl_addr *addr = NULL; 1762306a36Sopenharmony_ci struct ipvl_port *port; 1862306a36Sopenharmony_ci int addr_type; 1962306a36Sopenharmony_ci void *lyr3h; 2062306a36Sopenharmony_ci 2162306a36Sopenharmony_ci if (!dev || !netif_is_ipvlan_port(dev)) 2262306a36Sopenharmony_ci goto out; 2362306a36Sopenharmony_ci 2462306a36Sopenharmony_ci port = ipvlan_port_get_rcu(dev); 2562306a36Sopenharmony_ci if (!port || port->mode != IPVLAN_MODE_L3S) 2662306a36Sopenharmony_ci goto out; 2762306a36Sopenharmony_ci 2862306a36Sopenharmony_ci lyr3h = ipvlan_get_L3_hdr(port, skb, &addr_type); 2962306a36Sopenharmony_ci if (!lyr3h) 3062306a36Sopenharmony_ci goto out; 3162306a36Sopenharmony_ci 3262306a36Sopenharmony_ci addr = ipvlan_addr_lookup(port, lyr3h, addr_type, true); 3362306a36Sopenharmony_ciout: 3462306a36Sopenharmony_ci return addr; 3562306a36Sopenharmony_ci} 3662306a36Sopenharmony_ci 3762306a36Sopenharmony_cistatic struct sk_buff *ipvlan_l3_rcv(struct net_device *dev, 3862306a36Sopenharmony_ci struct sk_buff *skb, u16 proto) 3962306a36Sopenharmony_ci{ 4062306a36Sopenharmony_ci struct ipvl_addr *addr; 4162306a36Sopenharmony_ci struct net_device *sdev; 4262306a36Sopenharmony_ci 4362306a36Sopenharmony_ci addr = ipvlan_skb_to_addr(skb, dev); 4462306a36Sopenharmony_ci if (!addr) 4562306a36Sopenharmony_ci goto out; 4662306a36Sopenharmony_ci 4762306a36Sopenharmony_ci sdev = addr->master->dev; 4862306a36Sopenharmony_ci switch (proto) { 4962306a36Sopenharmony_ci case AF_INET: 5062306a36Sopenharmony_ci { 5162306a36Sopenharmony_ci struct iphdr *ip4h = ip_hdr(skb); 5262306a36Sopenharmony_ci int err; 5362306a36Sopenharmony_ci 5462306a36Sopenharmony_ci err = ip_route_input_noref(skb, ip4h->daddr, ip4h->saddr, 5562306a36Sopenharmony_ci ip4h->tos, sdev); 5662306a36Sopenharmony_ci if (unlikely(err)) 5762306a36Sopenharmony_ci goto out; 5862306a36Sopenharmony_ci break; 5962306a36Sopenharmony_ci } 6062306a36Sopenharmony_ci#if IS_ENABLED(CONFIG_IPV6) 6162306a36Sopenharmony_ci case AF_INET6: 6262306a36Sopenharmony_ci { 6362306a36Sopenharmony_ci struct dst_entry *dst; 6462306a36Sopenharmony_ci struct ipv6hdr *ip6h = ipv6_hdr(skb); 6562306a36Sopenharmony_ci int flags = RT6_LOOKUP_F_HAS_SADDR; 6662306a36Sopenharmony_ci struct flowi6 fl6 = { 6762306a36Sopenharmony_ci .flowi6_iif = sdev->ifindex, 6862306a36Sopenharmony_ci .daddr = ip6h->daddr, 6962306a36Sopenharmony_ci .saddr = ip6h->saddr, 7062306a36Sopenharmony_ci .flowlabel = ip6_flowinfo(ip6h), 7162306a36Sopenharmony_ci .flowi6_mark = skb->mark, 7262306a36Sopenharmony_ci .flowi6_proto = ip6h->nexthdr, 7362306a36Sopenharmony_ci }; 7462306a36Sopenharmony_ci 7562306a36Sopenharmony_ci skb_dst_drop(skb); 7662306a36Sopenharmony_ci dst = ip6_route_input_lookup(dev_net(sdev), sdev, &fl6, 7762306a36Sopenharmony_ci skb, flags); 7862306a36Sopenharmony_ci skb_dst_set(skb, dst); 7962306a36Sopenharmony_ci break; 8062306a36Sopenharmony_ci } 8162306a36Sopenharmony_ci#endif 8262306a36Sopenharmony_ci default: 8362306a36Sopenharmony_ci break; 8462306a36Sopenharmony_ci } 8562306a36Sopenharmony_ciout: 8662306a36Sopenharmony_ci return skb; 8762306a36Sopenharmony_ci} 8862306a36Sopenharmony_ci 8962306a36Sopenharmony_cistatic const struct l3mdev_ops ipvl_l3mdev_ops = { 9062306a36Sopenharmony_ci .l3mdev_l3_rcv = ipvlan_l3_rcv, 9162306a36Sopenharmony_ci}; 9262306a36Sopenharmony_ci 9362306a36Sopenharmony_cistatic unsigned int ipvlan_nf_input(void *priv, struct sk_buff *skb, 9462306a36Sopenharmony_ci const struct nf_hook_state *state) 9562306a36Sopenharmony_ci{ 9662306a36Sopenharmony_ci struct ipvl_addr *addr; 9762306a36Sopenharmony_ci unsigned int len; 9862306a36Sopenharmony_ci 9962306a36Sopenharmony_ci addr = ipvlan_skb_to_addr(skb, skb->dev); 10062306a36Sopenharmony_ci if (!addr) 10162306a36Sopenharmony_ci goto out; 10262306a36Sopenharmony_ci 10362306a36Sopenharmony_ci skb->dev = addr->master->dev; 10462306a36Sopenharmony_ci skb->skb_iif = skb->dev->ifindex; 10562306a36Sopenharmony_ci#if IS_ENABLED(CONFIG_IPV6) 10662306a36Sopenharmony_ci if (addr->atype == IPVL_IPV6) 10762306a36Sopenharmony_ci IP6CB(skb)->iif = skb->dev->ifindex; 10862306a36Sopenharmony_ci#endif 10962306a36Sopenharmony_ci len = skb->len + ETH_HLEN; 11062306a36Sopenharmony_ci ipvlan_count_rx(addr->master, len, true, false); 11162306a36Sopenharmony_ciout: 11262306a36Sopenharmony_ci return NF_ACCEPT; 11362306a36Sopenharmony_ci} 11462306a36Sopenharmony_ci 11562306a36Sopenharmony_cistatic const struct nf_hook_ops ipvl_nfops[] = { 11662306a36Sopenharmony_ci { 11762306a36Sopenharmony_ci .hook = ipvlan_nf_input, 11862306a36Sopenharmony_ci .pf = NFPROTO_IPV4, 11962306a36Sopenharmony_ci .hooknum = NF_INET_LOCAL_IN, 12062306a36Sopenharmony_ci .priority = INT_MAX, 12162306a36Sopenharmony_ci }, 12262306a36Sopenharmony_ci#if IS_ENABLED(CONFIG_IPV6) 12362306a36Sopenharmony_ci { 12462306a36Sopenharmony_ci .hook = ipvlan_nf_input, 12562306a36Sopenharmony_ci .pf = NFPROTO_IPV6, 12662306a36Sopenharmony_ci .hooknum = NF_INET_LOCAL_IN, 12762306a36Sopenharmony_ci .priority = INT_MAX, 12862306a36Sopenharmony_ci }, 12962306a36Sopenharmony_ci#endif 13062306a36Sopenharmony_ci}; 13162306a36Sopenharmony_ci 13262306a36Sopenharmony_cistatic int ipvlan_register_nf_hook(struct net *net) 13362306a36Sopenharmony_ci{ 13462306a36Sopenharmony_ci struct ipvlan_netns *vnet = net_generic(net, ipvlan_netid); 13562306a36Sopenharmony_ci int err = 0; 13662306a36Sopenharmony_ci 13762306a36Sopenharmony_ci if (!vnet->ipvl_nf_hook_refcnt) { 13862306a36Sopenharmony_ci err = nf_register_net_hooks(net, ipvl_nfops, 13962306a36Sopenharmony_ci ARRAY_SIZE(ipvl_nfops)); 14062306a36Sopenharmony_ci if (!err) 14162306a36Sopenharmony_ci vnet->ipvl_nf_hook_refcnt = 1; 14262306a36Sopenharmony_ci } else { 14362306a36Sopenharmony_ci vnet->ipvl_nf_hook_refcnt++; 14462306a36Sopenharmony_ci } 14562306a36Sopenharmony_ci 14662306a36Sopenharmony_ci return err; 14762306a36Sopenharmony_ci} 14862306a36Sopenharmony_ci 14962306a36Sopenharmony_cistatic void ipvlan_unregister_nf_hook(struct net *net) 15062306a36Sopenharmony_ci{ 15162306a36Sopenharmony_ci struct ipvlan_netns *vnet = net_generic(net, ipvlan_netid); 15262306a36Sopenharmony_ci 15362306a36Sopenharmony_ci if (WARN_ON(!vnet->ipvl_nf_hook_refcnt)) 15462306a36Sopenharmony_ci return; 15562306a36Sopenharmony_ci 15662306a36Sopenharmony_ci vnet->ipvl_nf_hook_refcnt--; 15762306a36Sopenharmony_ci if (!vnet->ipvl_nf_hook_refcnt) 15862306a36Sopenharmony_ci nf_unregister_net_hooks(net, ipvl_nfops, 15962306a36Sopenharmony_ci ARRAY_SIZE(ipvl_nfops)); 16062306a36Sopenharmony_ci} 16162306a36Sopenharmony_ci 16262306a36Sopenharmony_civoid ipvlan_migrate_l3s_hook(struct net *oldnet, struct net *newnet) 16362306a36Sopenharmony_ci{ 16462306a36Sopenharmony_ci struct ipvlan_netns *old_vnet; 16562306a36Sopenharmony_ci 16662306a36Sopenharmony_ci ASSERT_RTNL(); 16762306a36Sopenharmony_ci 16862306a36Sopenharmony_ci old_vnet = net_generic(oldnet, ipvlan_netid); 16962306a36Sopenharmony_ci if (!old_vnet->ipvl_nf_hook_refcnt) 17062306a36Sopenharmony_ci return; 17162306a36Sopenharmony_ci 17262306a36Sopenharmony_ci ipvlan_register_nf_hook(newnet); 17362306a36Sopenharmony_ci ipvlan_unregister_nf_hook(oldnet); 17462306a36Sopenharmony_ci} 17562306a36Sopenharmony_ci 17662306a36Sopenharmony_cistatic void ipvlan_ns_exit(struct net *net) 17762306a36Sopenharmony_ci{ 17862306a36Sopenharmony_ci struct ipvlan_netns *vnet = net_generic(net, ipvlan_netid); 17962306a36Sopenharmony_ci 18062306a36Sopenharmony_ci if (WARN_ON_ONCE(vnet->ipvl_nf_hook_refcnt)) { 18162306a36Sopenharmony_ci vnet->ipvl_nf_hook_refcnt = 0; 18262306a36Sopenharmony_ci nf_unregister_net_hooks(net, ipvl_nfops, 18362306a36Sopenharmony_ci ARRAY_SIZE(ipvl_nfops)); 18462306a36Sopenharmony_ci } 18562306a36Sopenharmony_ci} 18662306a36Sopenharmony_ci 18762306a36Sopenharmony_cistatic struct pernet_operations ipvlan_net_ops = { 18862306a36Sopenharmony_ci .id = &ipvlan_netid, 18962306a36Sopenharmony_ci .size = sizeof(struct ipvlan_netns), 19062306a36Sopenharmony_ci .exit = ipvlan_ns_exit, 19162306a36Sopenharmony_ci}; 19262306a36Sopenharmony_ci 19362306a36Sopenharmony_ciint ipvlan_l3s_init(void) 19462306a36Sopenharmony_ci{ 19562306a36Sopenharmony_ci return register_pernet_subsys(&ipvlan_net_ops); 19662306a36Sopenharmony_ci} 19762306a36Sopenharmony_ci 19862306a36Sopenharmony_civoid ipvlan_l3s_cleanup(void) 19962306a36Sopenharmony_ci{ 20062306a36Sopenharmony_ci unregister_pernet_subsys(&ipvlan_net_ops); 20162306a36Sopenharmony_ci} 20262306a36Sopenharmony_ci 20362306a36Sopenharmony_ciint ipvlan_l3s_register(struct ipvl_port *port) 20462306a36Sopenharmony_ci{ 20562306a36Sopenharmony_ci struct net_device *dev = port->dev; 20662306a36Sopenharmony_ci int ret; 20762306a36Sopenharmony_ci 20862306a36Sopenharmony_ci ASSERT_RTNL(); 20962306a36Sopenharmony_ci 21062306a36Sopenharmony_ci ret = ipvlan_register_nf_hook(read_pnet(&port->pnet)); 21162306a36Sopenharmony_ci if (!ret) { 21262306a36Sopenharmony_ci dev->l3mdev_ops = &ipvl_l3mdev_ops; 21362306a36Sopenharmony_ci dev->priv_flags |= IFF_L3MDEV_RX_HANDLER; 21462306a36Sopenharmony_ci } 21562306a36Sopenharmony_ci 21662306a36Sopenharmony_ci return ret; 21762306a36Sopenharmony_ci} 21862306a36Sopenharmony_ci 21962306a36Sopenharmony_civoid ipvlan_l3s_unregister(struct ipvl_port *port) 22062306a36Sopenharmony_ci{ 22162306a36Sopenharmony_ci struct net_device *dev = port->dev; 22262306a36Sopenharmony_ci 22362306a36Sopenharmony_ci ASSERT_RTNL(); 22462306a36Sopenharmony_ci 22562306a36Sopenharmony_ci dev->priv_flags &= ~IFF_L3MDEV_RX_HANDLER; 22662306a36Sopenharmony_ci ipvlan_unregister_nf_hook(read_pnet(&port->pnet)); 22762306a36Sopenharmony_ci dev->l3mdev_ops = NULL; 22862306a36Sopenharmony_ci} 229