ipvlan_main.c (28244B)
1// SPDX-License-Identifier: GPL-2.0-or-later 2/* Copyright (c) 2014 Mahesh Bandewar <maheshb@google.com> 3 */ 4 5#include <linux/ethtool.h> 6 7#include "ipvlan.h" 8 9static int ipvlan_set_port_mode(struct ipvl_port *port, u16 nval, 10 struct netlink_ext_ack *extack) 11{ 12 struct ipvl_dev *ipvlan; 13 unsigned int flags; 14 int err; 15 16 ASSERT_RTNL(); 17 if (port->mode != nval) { 18 list_for_each_entry(ipvlan, &port->ipvlans, pnode) { 19 flags = ipvlan->dev->flags; 20 if (nval == IPVLAN_MODE_L3 || nval == IPVLAN_MODE_L3S) { 21 err = dev_change_flags(ipvlan->dev, 22 flags | IFF_NOARP, 23 extack); 24 } else { 25 err = dev_change_flags(ipvlan->dev, 26 flags & ~IFF_NOARP, 27 extack); 28 } 29 if (unlikely(err)) 30 goto fail; 31 } 32 if (nval == IPVLAN_MODE_L3S) { 33 /* New mode is L3S */ 34 err = ipvlan_l3s_register(port); 35 if (err) 36 goto fail; 37 } else if (port->mode == IPVLAN_MODE_L3S) { 38 /* Old mode was L3S */ 39 ipvlan_l3s_unregister(port); 40 } 41 port->mode = nval; 42 } 43 return 0; 44 45fail: 46 /* Undo the flags changes that have been done so far. */ 47 list_for_each_entry_continue_reverse(ipvlan, &port->ipvlans, pnode) { 48 flags = ipvlan->dev->flags; 49 if (port->mode == IPVLAN_MODE_L3 || 50 port->mode == IPVLAN_MODE_L3S) 51 dev_change_flags(ipvlan->dev, flags | IFF_NOARP, 52 NULL); 53 else 54 dev_change_flags(ipvlan->dev, flags & ~IFF_NOARP, 55 NULL); 56 } 57 58 return err; 59} 60 61static int ipvlan_port_create(struct net_device *dev) 62{ 63 struct ipvl_port *port; 64 int err, idx; 65 66 port = kzalloc(sizeof(struct ipvl_port), GFP_KERNEL); 67 if (!port) 68 return -ENOMEM; 69 70 write_pnet(&port->pnet, dev_net(dev)); 71 port->dev = dev; 72 port->mode = IPVLAN_MODE_L3; 73 INIT_LIST_HEAD(&port->ipvlans); 74 for (idx = 0; idx < IPVLAN_HASH_SIZE; idx++) 75 INIT_HLIST_HEAD(&port->hlhead[idx]); 76 77 skb_queue_head_init(&port->backlog); 78 INIT_WORK(&port->wq, ipvlan_process_multicast); 79 ida_init(&port->ida); 80 port->dev_id_start = 1; 81 82 err = netdev_rx_handler_register(dev, ipvlan_handle_frame, port); 83 if (err) 84 goto err; 85 86 return 0; 87 88err: 89 kfree(port); 90 return err; 91} 92 93static void ipvlan_port_destroy(struct net_device *dev) 94{ 95 struct ipvl_port *port = ipvlan_port_get_rtnl(dev); 96 struct sk_buff *skb; 97 98 if (port->mode == IPVLAN_MODE_L3S) 99 ipvlan_l3s_unregister(port); 100 netdev_rx_handler_unregister(dev); 101 cancel_work_sync(&port->wq); 102 while ((skb = __skb_dequeue(&port->backlog)) != NULL) { 103 dev_put(skb->dev); 104 kfree_skb(skb); 105 } 106 ida_destroy(&port->ida); 107 kfree(port); 108} 109 110#define IPVLAN_ALWAYS_ON_OFLOADS \ 111 (NETIF_F_SG | NETIF_F_HW_CSUM | \ 112 NETIF_F_GSO_ROBUST | NETIF_F_GSO_SOFTWARE | NETIF_F_GSO_ENCAP_ALL) 113 114#define IPVLAN_ALWAYS_ON \ 115 (IPVLAN_ALWAYS_ON_OFLOADS | NETIF_F_LLTX | NETIF_F_VLAN_CHALLENGED) 116 117#define IPVLAN_FEATURES \ 118 (NETIF_F_SG | NETIF_F_HW_CSUM | NETIF_F_HIGHDMA | NETIF_F_FRAGLIST | \ 119 NETIF_F_GSO | NETIF_F_ALL_TSO | NETIF_F_GSO_ROBUST | \ 120 NETIF_F_GRO | NETIF_F_RXCSUM | \ 121 NETIF_F_HW_VLAN_CTAG_FILTER | NETIF_F_HW_VLAN_STAG_FILTER) 122 123 /* NETIF_F_GSO_ENCAP_ALL NETIF_F_GSO_SOFTWARE Newly added */ 124 125#define IPVLAN_STATE_MASK \ 126 ((1<<__LINK_STATE_NOCARRIER) | (1<<__LINK_STATE_DORMANT)) 127 128static int ipvlan_init(struct net_device *dev) 129{ 130 struct ipvl_dev *ipvlan = netdev_priv(dev); 131 struct net_device *phy_dev = ipvlan->phy_dev; 132 struct ipvl_port *port; 133 int err; 134 135 dev->state = (dev->state & ~IPVLAN_STATE_MASK) | 136 (phy_dev->state & IPVLAN_STATE_MASK); 137 dev->features = phy_dev->features & IPVLAN_FEATURES; 138 dev->features |= IPVLAN_ALWAYS_ON; 139 dev->vlan_features = phy_dev->vlan_features & IPVLAN_FEATURES; 140 dev->vlan_features |= IPVLAN_ALWAYS_ON_OFLOADS; 141 dev->hw_enc_features |= dev->features; 142 netif_inherit_tso_max(dev, phy_dev); 143 dev->hard_header_len = phy_dev->hard_header_len; 144 145 netdev_lockdep_set_classes(dev); 146 147 ipvlan->pcpu_stats = netdev_alloc_pcpu_stats(struct ipvl_pcpu_stats); 148 if (!ipvlan->pcpu_stats) 149 return -ENOMEM; 150 151 if (!netif_is_ipvlan_port(phy_dev)) { 152 err = ipvlan_port_create(phy_dev); 153 if (err < 0) { 154 free_percpu(ipvlan->pcpu_stats); 155 return err; 156 } 157 } 158 port = ipvlan_port_get_rtnl(phy_dev); 159 port->count += 1; 160 return 0; 161} 162 163static void ipvlan_uninit(struct net_device *dev) 164{ 165 struct ipvl_dev *ipvlan = netdev_priv(dev); 166 struct net_device *phy_dev = ipvlan->phy_dev; 167 struct ipvl_port *port; 168 169 free_percpu(ipvlan->pcpu_stats); 170 171 port = ipvlan_port_get_rtnl(phy_dev); 172 port->count -= 1; 173 if (!port->count) 174 ipvlan_port_destroy(port->dev); 175} 176 177static int ipvlan_open(struct net_device *dev) 178{ 179 struct ipvl_dev *ipvlan = netdev_priv(dev); 180 struct ipvl_addr *addr; 181 182 if (ipvlan->port->mode == IPVLAN_MODE_L3 || 183 ipvlan->port->mode == IPVLAN_MODE_L3S) 184 dev->flags |= IFF_NOARP; 185 else 186 dev->flags &= ~IFF_NOARP; 187 188 rcu_read_lock(); 189 list_for_each_entry_rcu(addr, &ipvlan->addrs, anode) 190 ipvlan_ht_addr_add(ipvlan, addr); 191 rcu_read_unlock(); 192 193 return 0; 194} 195 196static int ipvlan_stop(struct net_device *dev) 197{ 198 struct ipvl_dev *ipvlan = netdev_priv(dev); 199 struct net_device *phy_dev = ipvlan->phy_dev; 200 struct ipvl_addr *addr; 201 202 dev_uc_unsync(phy_dev, dev); 203 dev_mc_unsync(phy_dev, dev); 204 205 rcu_read_lock(); 206 list_for_each_entry_rcu(addr, &ipvlan->addrs, anode) 207 ipvlan_ht_addr_del(addr); 208 rcu_read_unlock(); 209 210 return 0; 211} 212 213static netdev_tx_t ipvlan_start_xmit(struct sk_buff *skb, 214 struct net_device *dev) 215{ 216 const struct ipvl_dev *ipvlan = netdev_priv(dev); 217 int skblen = skb->len; 218 int ret; 219 220 ret = ipvlan_queue_xmit(skb, dev); 221 if (likely(ret == NET_XMIT_SUCCESS || ret == NET_XMIT_CN)) { 222 struct ipvl_pcpu_stats *pcptr; 223 224 pcptr = this_cpu_ptr(ipvlan->pcpu_stats); 225 226 u64_stats_update_begin(&pcptr->syncp); 227 pcptr->tx_pkts++; 228 pcptr->tx_bytes += skblen; 229 u64_stats_update_end(&pcptr->syncp); 230 } else { 231 this_cpu_inc(ipvlan->pcpu_stats->tx_drps); 232 } 233 return ret; 234} 235 236static netdev_features_t ipvlan_fix_features(struct net_device *dev, 237 netdev_features_t features) 238{ 239 struct ipvl_dev *ipvlan = netdev_priv(dev); 240 241 features |= NETIF_F_ALL_FOR_ALL; 242 features &= (ipvlan->sfeatures | ~IPVLAN_FEATURES); 243 features = netdev_increment_features(ipvlan->phy_dev->features, 244 features, features); 245 features |= IPVLAN_ALWAYS_ON; 246 features &= (IPVLAN_FEATURES | IPVLAN_ALWAYS_ON); 247 248 return features; 249} 250 251static void ipvlan_change_rx_flags(struct net_device *dev, int change) 252{ 253 struct ipvl_dev *ipvlan = netdev_priv(dev); 254 struct net_device *phy_dev = ipvlan->phy_dev; 255 256 if (change & IFF_ALLMULTI) 257 dev_set_allmulti(phy_dev, dev->flags & IFF_ALLMULTI? 1 : -1); 258} 259 260static void ipvlan_set_multicast_mac_filter(struct net_device *dev) 261{ 262 struct ipvl_dev *ipvlan = netdev_priv(dev); 263 264 if (dev->flags & (IFF_PROMISC | IFF_ALLMULTI)) { 265 bitmap_fill(ipvlan->mac_filters, IPVLAN_MAC_FILTER_SIZE); 266 } else { 267 struct netdev_hw_addr *ha; 268 DECLARE_BITMAP(mc_filters, IPVLAN_MAC_FILTER_SIZE); 269 270 bitmap_zero(mc_filters, IPVLAN_MAC_FILTER_SIZE); 271 netdev_for_each_mc_addr(ha, dev) 272 __set_bit(ipvlan_mac_hash(ha->addr), mc_filters); 273 274 /* Turn-on broadcast bit irrespective of address family, 275 * since broadcast is deferred to a work-queue, hence no 276 * impact on fast-path processing. 277 */ 278 __set_bit(ipvlan_mac_hash(dev->broadcast), mc_filters); 279 280 bitmap_copy(ipvlan->mac_filters, mc_filters, 281 IPVLAN_MAC_FILTER_SIZE); 282 } 283 dev_uc_sync(ipvlan->phy_dev, dev); 284 dev_mc_sync(ipvlan->phy_dev, dev); 285} 286 287static void ipvlan_get_stats64(struct net_device *dev, 288 struct rtnl_link_stats64 *s) 289{ 290 struct ipvl_dev *ipvlan = netdev_priv(dev); 291 292 if (ipvlan->pcpu_stats) { 293 struct ipvl_pcpu_stats *pcptr; 294 u64 rx_pkts, rx_bytes, rx_mcast, tx_pkts, tx_bytes; 295 u32 rx_errs = 0, tx_drps = 0; 296 u32 strt; 297 int idx; 298 299 for_each_possible_cpu(idx) { 300 pcptr = per_cpu_ptr(ipvlan->pcpu_stats, idx); 301 do { 302 strt= u64_stats_fetch_begin_irq(&pcptr->syncp); 303 rx_pkts = pcptr->rx_pkts; 304 rx_bytes = pcptr->rx_bytes; 305 rx_mcast = pcptr->rx_mcast; 306 tx_pkts = pcptr->tx_pkts; 307 tx_bytes = pcptr->tx_bytes; 308 } while (u64_stats_fetch_retry_irq(&pcptr->syncp, 309 strt)); 310 311 s->rx_packets += rx_pkts; 312 s->rx_bytes += rx_bytes; 313 s->multicast += rx_mcast; 314 s->tx_packets += tx_pkts; 315 s->tx_bytes += tx_bytes; 316 317 /* u32 values are updated without syncp protection. */ 318 rx_errs += pcptr->rx_errs; 319 tx_drps += pcptr->tx_drps; 320 } 321 s->rx_errors = rx_errs; 322 s->rx_dropped = rx_errs; 323 s->tx_dropped = tx_drps; 324 } 325} 326 327static int ipvlan_vlan_rx_add_vid(struct net_device *dev, __be16 proto, u16 vid) 328{ 329 struct ipvl_dev *ipvlan = netdev_priv(dev); 330 struct net_device *phy_dev = ipvlan->phy_dev; 331 332 return vlan_vid_add(phy_dev, proto, vid); 333} 334 335static int ipvlan_vlan_rx_kill_vid(struct net_device *dev, __be16 proto, 336 u16 vid) 337{ 338 struct ipvl_dev *ipvlan = netdev_priv(dev); 339 struct net_device *phy_dev = ipvlan->phy_dev; 340 341 vlan_vid_del(phy_dev, proto, vid); 342 return 0; 343} 344 345static int ipvlan_get_iflink(const struct net_device *dev) 346{ 347 struct ipvl_dev *ipvlan = netdev_priv(dev); 348 349 return ipvlan->phy_dev->ifindex; 350} 351 352static const struct net_device_ops ipvlan_netdev_ops = { 353 .ndo_init = ipvlan_init, 354 .ndo_uninit = ipvlan_uninit, 355 .ndo_open = ipvlan_open, 356 .ndo_stop = ipvlan_stop, 357 .ndo_start_xmit = ipvlan_start_xmit, 358 .ndo_fix_features = ipvlan_fix_features, 359 .ndo_change_rx_flags = ipvlan_change_rx_flags, 360 .ndo_set_rx_mode = ipvlan_set_multicast_mac_filter, 361 .ndo_get_stats64 = ipvlan_get_stats64, 362 .ndo_vlan_rx_add_vid = ipvlan_vlan_rx_add_vid, 363 .ndo_vlan_rx_kill_vid = ipvlan_vlan_rx_kill_vid, 364 .ndo_get_iflink = ipvlan_get_iflink, 365}; 366 367static int ipvlan_hard_header(struct sk_buff *skb, struct net_device *dev, 368 unsigned short type, const void *daddr, 369 const void *saddr, unsigned len) 370{ 371 const struct ipvl_dev *ipvlan = netdev_priv(dev); 372 struct net_device *phy_dev = ipvlan->phy_dev; 373 374 /* TODO Probably use a different field than dev_addr so that the 375 * mac-address on the virtual device is portable and can be carried 376 * while the packets use the mac-addr on the physical device. 377 */ 378 return dev_hard_header(skb, phy_dev, type, daddr, 379 saddr ? : phy_dev->dev_addr, len); 380} 381 382static const struct header_ops ipvlan_header_ops = { 383 .create = ipvlan_hard_header, 384 .parse = eth_header_parse, 385 .cache = eth_header_cache, 386 .cache_update = eth_header_cache_update, 387}; 388 389static void ipvlan_adjust_mtu(struct ipvl_dev *ipvlan, struct net_device *dev) 390{ 391 ipvlan->dev->mtu = dev->mtu; 392} 393 394static bool netif_is_ipvlan(const struct net_device *dev) 395{ 396 /* both ipvlan and ipvtap devices use the same netdev_ops */ 397 return dev->netdev_ops == &ipvlan_netdev_ops; 398} 399 400static int ipvlan_ethtool_get_link_ksettings(struct net_device *dev, 401 struct ethtool_link_ksettings *cmd) 402{ 403 const struct ipvl_dev *ipvlan = netdev_priv(dev); 404 405 return __ethtool_get_link_ksettings(ipvlan->phy_dev, cmd); 406} 407 408static void ipvlan_ethtool_get_drvinfo(struct net_device *dev, 409 struct ethtool_drvinfo *drvinfo) 410{ 411 strlcpy(drvinfo->driver, IPVLAN_DRV, sizeof(drvinfo->driver)); 412 strlcpy(drvinfo->version, IPV_DRV_VER, sizeof(drvinfo->version)); 413} 414 415static u32 ipvlan_ethtool_get_msglevel(struct net_device *dev) 416{ 417 const struct ipvl_dev *ipvlan = netdev_priv(dev); 418 419 return ipvlan->msg_enable; 420} 421 422static void ipvlan_ethtool_set_msglevel(struct net_device *dev, u32 value) 423{ 424 struct ipvl_dev *ipvlan = netdev_priv(dev); 425 426 ipvlan->msg_enable = value; 427} 428 429static const struct ethtool_ops ipvlan_ethtool_ops = { 430 .get_link = ethtool_op_get_link, 431 .get_link_ksettings = ipvlan_ethtool_get_link_ksettings, 432 .get_drvinfo = ipvlan_ethtool_get_drvinfo, 433 .get_msglevel = ipvlan_ethtool_get_msglevel, 434 .set_msglevel = ipvlan_ethtool_set_msglevel, 435}; 436 437static int ipvlan_nl_changelink(struct net_device *dev, 438 struct nlattr *tb[], struct nlattr *data[], 439 struct netlink_ext_ack *extack) 440{ 441 struct ipvl_dev *ipvlan = netdev_priv(dev); 442 struct ipvl_port *port = ipvlan_port_get_rtnl(ipvlan->phy_dev); 443 int err = 0; 444 445 if (!data) 446 return 0; 447 if (!ns_capable(dev_net(ipvlan->phy_dev)->user_ns, CAP_NET_ADMIN)) 448 return -EPERM; 449 450 if (data[IFLA_IPVLAN_MODE]) { 451 u16 nmode = nla_get_u16(data[IFLA_IPVLAN_MODE]); 452 453 err = ipvlan_set_port_mode(port, nmode, extack); 454 } 455 456 if (!err && data[IFLA_IPVLAN_FLAGS]) { 457 u16 flags = nla_get_u16(data[IFLA_IPVLAN_FLAGS]); 458 459 if (flags & IPVLAN_F_PRIVATE) 460 ipvlan_mark_private(port); 461 else 462 ipvlan_clear_private(port); 463 464 if (flags & IPVLAN_F_VEPA) 465 ipvlan_mark_vepa(port); 466 else 467 ipvlan_clear_vepa(port); 468 } 469 470 return err; 471} 472 473static size_t ipvlan_nl_getsize(const struct net_device *dev) 474{ 475 return (0 476 + nla_total_size(2) /* IFLA_IPVLAN_MODE */ 477 + nla_total_size(2) /* IFLA_IPVLAN_FLAGS */ 478 ); 479} 480 481static int ipvlan_nl_validate(struct nlattr *tb[], struct nlattr *data[], 482 struct netlink_ext_ack *extack) 483{ 484 if (!data) 485 return 0; 486 487 if (data[IFLA_IPVLAN_MODE]) { 488 u16 mode = nla_get_u16(data[IFLA_IPVLAN_MODE]); 489 490 if (mode >= IPVLAN_MODE_MAX) 491 return -EINVAL; 492 } 493 if (data[IFLA_IPVLAN_FLAGS]) { 494 u16 flags = nla_get_u16(data[IFLA_IPVLAN_FLAGS]); 495 496 /* Only two bits are used at this moment. */ 497 if (flags & ~(IPVLAN_F_PRIVATE | IPVLAN_F_VEPA)) 498 return -EINVAL; 499 /* Also both flags can't be active at the same time. */ 500 if ((flags & (IPVLAN_F_PRIVATE | IPVLAN_F_VEPA)) == 501 (IPVLAN_F_PRIVATE | IPVLAN_F_VEPA)) 502 return -EINVAL; 503 } 504 505 return 0; 506} 507 508static int ipvlan_nl_fillinfo(struct sk_buff *skb, 509 const struct net_device *dev) 510{ 511 struct ipvl_dev *ipvlan = netdev_priv(dev); 512 struct ipvl_port *port = ipvlan_port_get_rtnl(ipvlan->phy_dev); 513 int ret = -EINVAL; 514 515 if (!port) 516 goto err; 517 518 ret = -EMSGSIZE; 519 if (nla_put_u16(skb, IFLA_IPVLAN_MODE, port->mode)) 520 goto err; 521 if (nla_put_u16(skb, IFLA_IPVLAN_FLAGS, port->flags)) 522 goto err; 523 524 return 0; 525 526err: 527 return ret; 528} 529 530int ipvlan_link_new(struct net *src_net, struct net_device *dev, 531 struct nlattr *tb[], struct nlattr *data[], 532 struct netlink_ext_ack *extack) 533{ 534 struct ipvl_dev *ipvlan = netdev_priv(dev); 535 struct ipvl_port *port; 536 struct net_device *phy_dev; 537 int err; 538 u16 mode = IPVLAN_MODE_L3; 539 540 if (!tb[IFLA_LINK]) 541 return -EINVAL; 542 543 phy_dev = __dev_get_by_index(src_net, nla_get_u32(tb[IFLA_LINK])); 544 if (!phy_dev) 545 return -ENODEV; 546 547 if (netif_is_ipvlan(phy_dev)) { 548 struct ipvl_dev *tmp = netdev_priv(phy_dev); 549 550 phy_dev = tmp->phy_dev; 551 if (!ns_capable(dev_net(phy_dev)->user_ns, CAP_NET_ADMIN)) 552 return -EPERM; 553 } else if (!netif_is_ipvlan_port(phy_dev)) { 554 /* Exit early if the underlying link is invalid or busy */ 555 if (phy_dev->type != ARPHRD_ETHER || 556 phy_dev->flags & IFF_LOOPBACK) { 557 netdev_err(phy_dev, 558 "Master is either lo or non-ether device\n"); 559 return -EINVAL; 560 } 561 562 if (netdev_is_rx_handler_busy(phy_dev)) { 563 netdev_err(phy_dev, "Device is already in use.\n"); 564 return -EBUSY; 565 } 566 } 567 568 ipvlan->phy_dev = phy_dev; 569 ipvlan->dev = dev; 570 ipvlan->sfeatures = IPVLAN_FEATURES; 571 if (!tb[IFLA_MTU]) 572 ipvlan_adjust_mtu(ipvlan, phy_dev); 573 INIT_LIST_HEAD(&ipvlan->addrs); 574 spin_lock_init(&ipvlan->addrs_lock); 575 576 /* TODO Probably put random address here to be presented to the 577 * world but keep using the physical-dev address for the outgoing 578 * packets. 579 */ 580 eth_hw_addr_set(dev, phy_dev->dev_addr); 581 582 dev->priv_flags |= IFF_NO_RX_HANDLER; 583 584 err = register_netdevice(dev); 585 if (err < 0) 586 return err; 587 588 /* ipvlan_init() would have created the port, if required */ 589 port = ipvlan_port_get_rtnl(phy_dev); 590 ipvlan->port = port; 591 592 /* If the port-id base is at the MAX value, then wrap it around and 593 * begin from 0x1 again. This may be due to a busy system where lots 594 * of slaves are getting created and deleted. 595 */ 596 if (port->dev_id_start == 0xFFFE) 597 port->dev_id_start = 0x1; 598 599 /* Since L2 address is shared among all IPvlan slaves including 600 * master, use unique 16 bit dev-ids to diffentiate among them. 601 * Assign IDs between 0x1 and 0xFFFE (used by the master) to each 602 * slave link [see addrconf_ifid_eui48()]. 603 */ 604 err = ida_simple_get(&port->ida, port->dev_id_start, 0xFFFE, 605 GFP_KERNEL); 606 if (err < 0) 607 err = ida_simple_get(&port->ida, 0x1, port->dev_id_start, 608 GFP_KERNEL); 609 if (err < 0) 610 goto unregister_netdev; 611 dev->dev_id = err; 612 613 /* Increment id-base to the next slot for the future assignment */ 614 port->dev_id_start = err + 1; 615 616 err = netdev_upper_dev_link(phy_dev, dev, extack); 617 if (err) 618 goto remove_ida; 619 620 /* Flags are per port and latest update overrides. User has 621 * to be consistent in setting it just like the mode attribute. 622 */ 623 if (data && data[IFLA_IPVLAN_FLAGS]) 624 port->flags = nla_get_u16(data[IFLA_IPVLAN_FLAGS]); 625 626 if (data && data[IFLA_IPVLAN_MODE]) 627 mode = nla_get_u16(data[IFLA_IPVLAN_MODE]); 628 629 err = ipvlan_set_port_mode(port, mode, extack); 630 if (err) 631 goto unlink_netdev; 632 633 list_add_tail_rcu(&ipvlan->pnode, &port->ipvlans); 634 netif_stacked_transfer_operstate(phy_dev, dev); 635 return 0; 636 637unlink_netdev: 638 netdev_upper_dev_unlink(phy_dev, dev); 639remove_ida: 640 ida_simple_remove(&port->ida, dev->dev_id); 641unregister_netdev: 642 unregister_netdevice(dev); 643 return err; 644} 645EXPORT_SYMBOL_GPL(ipvlan_link_new); 646 647void ipvlan_link_delete(struct net_device *dev, struct list_head *head) 648{ 649 struct ipvl_dev *ipvlan = netdev_priv(dev); 650 struct ipvl_addr *addr, *next; 651 652 spin_lock_bh(&ipvlan->addrs_lock); 653 list_for_each_entry_safe(addr, next, &ipvlan->addrs, anode) { 654 ipvlan_ht_addr_del(addr); 655 list_del_rcu(&addr->anode); 656 kfree_rcu(addr, rcu); 657 } 658 spin_unlock_bh(&ipvlan->addrs_lock); 659 660 ida_simple_remove(&ipvlan->port->ida, dev->dev_id); 661 list_del_rcu(&ipvlan->pnode); 662 unregister_netdevice_queue(dev, head); 663 netdev_upper_dev_unlink(ipvlan->phy_dev, dev); 664} 665EXPORT_SYMBOL_GPL(ipvlan_link_delete); 666 667void ipvlan_link_setup(struct net_device *dev) 668{ 669 ether_setup(dev); 670 671 dev->max_mtu = ETH_MAX_MTU; 672 dev->priv_flags &= ~(IFF_XMIT_DST_RELEASE | IFF_TX_SKB_SHARING); 673 dev->priv_flags |= IFF_UNICAST_FLT | IFF_NO_QUEUE; 674 dev->netdev_ops = &ipvlan_netdev_ops; 675 dev->needs_free_netdev = true; 676 dev->header_ops = &ipvlan_header_ops; 677 dev->ethtool_ops = &ipvlan_ethtool_ops; 678} 679EXPORT_SYMBOL_GPL(ipvlan_link_setup); 680 681static const struct nla_policy ipvlan_nl_policy[IFLA_IPVLAN_MAX + 1] = 682{ 683 [IFLA_IPVLAN_MODE] = { .type = NLA_U16 }, 684 [IFLA_IPVLAN_FLAGS] = { .type = NLA_U16 }, 685}; 686 687static struct net *ipvlan_get_link_net(const struct net_device *dev) 688{ 689 struct ipvl_dev *ipvlan = netdev_priv(dev); 690 691 return dev_net(ipvlan->phy_dev); 692} 693 694static struct rtnl_link_ops ipvlan_link_ops = { 695 .kind = "ipvlan", 696 .priv_size = sizeof(struct ipvl_dev), 697 698 .setup = ipvlan_link_setup, 699 .newlink = ipvlan_link_new, 700 .dellink = ipvlan_link_delete, 701 .get_link_net = ipvlan_get_link_net, 702}; 703 704int ipvlan_link_register(struct rtnl_link_ops *ops) 705{ 706 ops->get_size = ipvlan_nl_getsize; 707 ops->policy = ipvlan_nl_policy; 708 ops->validate = ipvlan_nl_validate; 709 ops->fill_info = ipvlan_nl_fillinfo; 710 ops->changelink = ipvlan_nl_changelink; 711 ops->maxtype = IFLA_IPVLAN_MAX; 712 return rtnl_link_register(ops); 713} 714EXPORT_SYMBOL_GPL(ipvlan_link_register); 715 716static int ipvlan_device_event(struct notifier_block *unused, 717 unsigned long event, void *ptr) 718{ 719 struct netlink_ext_ack *extack = netdev_notifier_info_to_extack(ptr); 720 struct netdev_notifier_pre_changeaddr_info *prechaddr_info; 721 struct net_device *dev = netdev_notifier_info_to_dev(ptr); 722 struct ipvl_dev *ipvlan, *next; 723 struct ipvl_port *port; 724 LIST_HEAD(lst_kill); 725 int err; 726 727 if (!netif_is_ipvlan_port(dev)) 728 return NOTIFY_DONE; 729 730 port = ipvlan_port_get_rtnl(dev); 731 732 switch (event) { 733 case NETDEV_UP: 734 case NETDEV_CHANGE: 735 list_for_each_entry(ipvlan, &port->ipvlans, pnode) 736 netif_stacked_transfer_operstate(ipvlan->phy_dev, 737 ipvlan->dev); 738 break; 739 740 case NETDEV_REGISTER: { 741 struct net *oldnet, *newnet = dev_net(dev); 742 743 oldnet = read_pnet(&port->pnet); 744 if (net_eq(newnet, oldnet)) 745 break; 746 747 write_pnet(&port->pnet, newnet); 748 749 ipvlan_migrate_l3s_hook(oldnet, newnet); 750 break; 751 } 752 case NETDEV_UNREGISTER: 753 if (dev->reg_state != NETREG_UNREGISTERING) 754 break; 755 756 list_for_each_entry_safe(ipvlan, next, &port->ipvlans, pnode) 757 ipvlan->dev->rtnl_link_ops->dellink(ipvlan->dev, 758 &lst_kill); 759 unregister_netdevice_many(&lst_kill); 760 break; 761 762 case NETDEV_FEAT_CHANGE: 763 list_for_each_entry(ipvlan, &port->ipvlans, pnode) { 764 netif_inherit_tso_max(ipvlan->dev, dev); 765 netdev_update_features(ipvlan->dev); 766 } 767 break; 768 769 case NETDEV_CHANGEMTU: 770 list_for_each_entry(ipvlan, &port->ipvlans, pnode) 771 ipvlan_adjust_mtu(ipvlan, dev); 772 break; 773 774 case NETDEV_PRE_CHANGEADDR: 775 prechaddr_info = ptr; 776 list_for_each_entry(ipvlan, &port->ipvlans, pnode) { 777 err = dev_pre_changeaddr_notify(ipvlan->dev, 778 prechaddr_info->dev_addr, 779 extack); 780 if (err) 781 return notifier_from_errno(err); 782 } 783 break; 784 785 case NETDEV_CHANGEADDR: 786 list_for_each_entry(ipvlan, &port->ipvlans, pnode) { 787 eth_hw_addr_set(ipvlan->dev, dev->dev_addr); 788 call_netdevice_notifiers(NETDEV_CHANGEADDR, ipvlan->dev); 789 } 790 break; 791 792 case NETDEV_PRE_TYPE_CHANGE: 793 /* Forbid underlying device to change its type. */ 794 return NOTIFY_BAD; 795 } 796 return NOTIFY_DONE; 797} 798 799/* the caller must held the addrs lock */ 800static int ipvlan_add_addr(struct ipvl_dev *ipvlan, void *iaddr, bool is_v6) 801{ 802 struct ipvl_addr *addr; 803 804 addr = kzalloc(sizeof(struct ipvl_addr), GFP_ATOMIC); 805 if (!addr) 806 return -ENOMEM; 807 808 addr->master = ipvlan; 809 if (!is_v6) { 810 memcpy(&addr->ip4addr, iaddr, sizeof(struct in_addr)); 811 addr->atype = IPVL_IPV4; 812#if IS_ENABLED(CONFIG_IPV6) 813 } else { 814 memcpy(&addr->ip6addr, iaddr, sizeof(struct in6_addr)); 815 addr->atype = IPVL_IPV6; 816#endif 817 } 818 819 list_add_tail_rcu(&addr->anode, &ipvlan->addrs); 820 821 /* If the interface is not up, the address will be added to the hash 822 * list by ipvlan_open. 823 */ 824 if (netif_running(ipvlan->dev)) 825 ipvlan_ht_addr_add(ipvlan, addr); 826 827 return 0; 828} 829 830static void ipvlan_del_addr(struct ipvl_dev *ipvlan, void *iaddr, bool is_v6) 831{ 832 struct ipvl_addr *addr; 833 834 spin_lock_bh(&ipvlan->addrs_lock); 835 addr = ipvlan_find_addr(ipvlan, iaddr, is_v6); 836 if (!addr) { 837 spin_unlock_bh(&ipvlan->addrs_lock); 838 return; 839 } 840 841 ipvlan_ht_addr_del(addr); 842 list_del_rcu(&addr->anode); 843 spin_unlock_bh(&ipvlan->addrs_lock); 844 kfree_rcu(addr, rcu); 845} 846 847static bool ipvlan_is_valid_dev(const struct net_device *dev) 848{ 849 struct ipvl_dev *ipvlan = netdev_priv(dev); 850 851 if (!netif_is_ipvlan(dev)) 852 return false; 853 854 if (!ipvlan || !ipvlan->port) 855 return false; 856 857 return true; 858} 859 860#if IS_ENABLED(CONFIG_IPV6) 861static int ipvlan_add_addr6(struct ipvl_dev *ipvlan, struct in6_addr *ip6_addr) 862{ 863 int ret = -EINVAL; 864 865 spin_lock_bh(&ipvlan->addrs_lock); 866 if (ipvlan_addr_busy(ipvlan->port, ip6_addr, true)) 867 netif_err(ipvlan, ifup, ipvlan->dev, 868 "Failed to add IPv6=%pI6c addr for %s intf\n", 869 ip6_addr, ipvlan->dev->name); 870 else 871 ret = ipvlan_add_addr(ipvlan, ip6_addr, true); 872 spin_unlock_bh(&ipvlan->addrs_lock); 873 return ret; 874} 875 876static void ipvlan_del_addr6(struct ipvl_dev *ipvlan, struct in6_addr *ip6_addr) 877{ 878 return ipvlan_del_addr(ipvlan, ip6_addr, true); 879} 880 881static int ipvlan_addr6_event(struct notifier_block *unused, 882 unsigned long event, void *ptr) 883{ 884 struct inet6_ifaddr *if6 = (struct inet6_ifaddr *)ptr; 885 struct net_device *dev = (struct net_device *)if6->idev->dev; 886 struct ipvl_dev *ipvlan = netdev_priv(dev); 887 888 if (!ipvlan_is_valid_dev(dev)) 889 return NOTIFY_DONE; 890 891 switch (event) { 892 case NETDEV_UP: 893 if (ipvlan_add_addr6(ipvlan, &if6->addr)) 894 return NOTIFY_BAD; 895 break; 896 897 case NETDEV_DOWN: 898 ipvlan_del_addr6(ipvlan, &if6->addr); 899 break; 900 } 901 902 return NOTIFY_OK; 903} 904 905static int ipvlan_addr6_validator_event(struct notifier_block *unused, 906 unsigned long event, void *ptr) 907{ 908 struct in6_validator_info *i6vi = (struct in6_validator_info *)ptr; 909 struct net_device *dev = (struct net_device *)i6vi->i6vi_dev->dev; 910 struct ipvl_dev *ipvlan = netdev_priv(dev); 911 912 if (!ipvlan_is_valid_dev(dev)) 913 return NOTIFY_DONE; 914 915 switch (event) { 916 case NETDEV_UP: 917 if (ipvlan_addr_busy(ipvlan->port, &i6vi->i6vi_addr, true)) { 918 NL_SET_ERR_MSG(i6vi->extack, 919 "Address already assigned to an ipvlan device"); 920 return notifier_from_errno(-EADDRINUSE); 921 } 922 break; 923 } 924 925 return NOTIFY_OK; 926} 927#endif 928 929static int ipvlan_add_addr4(struct ipvl_dev *ipvlan, struct in_addr *ip4_addr) 930{ 931 int ret = -EINVAL; 932 933 spin_lock_bh(&ipvlan->addrs_lock); 934 if (ipvlan_addr_busy(ipvlan->port, ip4_addr, false)) 935 netif_err(ipvlan, ifup, ipvlan->dev, 936 "Failed to add IPv4=%pI4 on %s intf.\n", 937 ip4_addr, ipvlan->dev->name); 938 else 939 ret = ipvlan_add_addr(ipvlan, ip4_addr, false); 940 spin_unlock_bh(&ipvlan->addrs_lock); 941 return ret; 942} 943 944static void ipvlan_del_addr4(struct ipvl_dev *ipvlan, struct in_addr *ip4_addr) 945{ 946 return ipvlan_del_addr(ipvlan, ip4_addr, false); 947} 948 949static int ipvlan_addr4_event(struct notifier_block *unused, 950 unsigned long event, void *ptr) 951{ 952 struct in_ifaddr *if4 = (struct in_ifaddr *)ptr; 953 struct net_device *dev = (struct net_device *)if4->ifa_dev->dev; 954 struct ipvl_dev *ipvlan = netdev_priv(dev); 955 struct in_addr ip4_addr; 956 957 if (!ipvlan_is_valid_dev(dev)) 958 return NOTIFY_DONE; 959 960 switch (event) { 961 case NETDEV_UP: 962 ip4_addr.s_addr = if4->ifa_address; 963 if (ipvlan_add_addr4(ipvlan, &ip4_addr)) 964 return NOTIFY_BAD; 965 break; 966 967 case NETDEV_DOWN: 968 ip4_addr.s_addr = if4->ifa_address; 969 ipvlan_del_addr4(ipvlan, &ip4_addr); 970 break; 971 } 972 973 return NOTIFY_OK; 974} 975 976static int ipvlan_addr4_validator_event(struct notifier_block *unused, 977 unsigned long event, void *ptr) 978{ 979 struct in_validator_info *ivi = (struct in_validator_info *)ptr; 980 struct net_device *dev = (struct net_device *)ivi->ivi_dev->dev; 981 struct ipvl_dev *ipvlan = netdev_priv(dev); 982 983 if (!ipvlan_is_valid_dev(dev)) 984 return NOTIFY_DONE; 985 986 switch (event) { 987 case NETDEV_UP: 988 if (ipvlan_addr_busy(ipvlan->port, &ivi->ivi_addr, false)) { 989 NL_SET_ERR_MSG(ivi->extack, 990 "Address already assigned to an ipvlan device"); 991 return notifier_from_errno(-EADDRINUSE); 992 } 993 break; 994 } 995 996 return NOTIFY_OK; 997} 998 999static struct notifier_block ipvlan_addr4_notifier_block __read_mostly = { 1000 .notifier_call = ipvlan_addr4_event, 1001}; 1002 1003static struct notifier_block ipvlan_addr4_vtor_notifier_block __read_mostly = { 1004 .notifier_call = ipvlan_addr4_validator_event, 1005}; 1006 1007static struct notifier_block ipvlan_notifier_block __read_mostly = { 1008 .notifier_call = ipvlan_device_event, 1009}; 1010 1011#if IS_ENABLED(CONFIG_IPV6) 1012static struct notifier_block ipvlan_addr6_notifier_block __read_mostly = { 1013 .notifier_call = ipvlan_addr6_event, 1014}; 1015 1016static struct notifier_block ipvlan_addr6_vtor_notifier_block __read_mostly = { 1017 .notifier_call = ipvlan_addr6_validator_event, 1018}; 1019#endif 1020 1021static int __init ipvlan_init_module(void) 1022{ 1023 int err; 1024 1025 ipvlan_init_secret(); 1026 register_netdevice_notifier(&ipvlan_notifier_block); 1027#if IS_ENABLED(CONFIG_IPV6) 1028 register_inet6addr_notifier(&ipvlan_addr6_notifier_block); 1029 register_inet6addr_validator_notifier( 1030 &ipvlan_addr6_vtor_notifier_block); 1031#endif 1032 register_inetaddr_notifier(&ipvlan_addr4_notifier_block); 1033 register_inetaddr_validator_notifier(&ipvlan_addr4_vtor_notifier_block); 1034 1035 err = ipvlan_l3s_init(); 1036 if (err < 0) 1037 goto error; 1038 1039 err = ipvlan_link_register(&ipvlan_link_ops); 1040 if (err < 0) { 1041 ipvlan_l3s_cleanup(); 1042 goto error; 1043 } 1044 1045 return 0; 1046error: 1047 unregister_inetaddr_notifier(&ipvlan_addr4_notifier_block); 1048 unregister_inetaddr_validator_notifier( 1049 &ipvlan_addr4_vtor_notifier_block); 1050#if IS_ENABLED(CONFIG_IPV6) 1051 unregister_inet6addr_notifier(&ipvlan_addr6_notifier_block); 1052 unregister_inet6addr_validator_notifier( 1053 &ipvlan_addr6_vtor_notifier_block); 1054#endif 1055 unregister_netdevice_notifier(&ipvlan_notifier_block); 1056 return err; 1057} 1058 1059static void __exit ipvlan_cleanup_module(void) 1060{ 1061 rtnl_link_unregister(&ipvlan_link_ops); 1062 ipvlan_l3s_cleanup(); 1063 unregister_netdevice_notifier(&ipvlan_notifier_block); 1064 unregister_inetaddr_notifier(&ipvlan_addr4_notifier_block); 1065 unregister_inetaddr_validator_notifier( 1066 &ipvlan_addr4_vtor_notifier_block); 1067#if IS_ENABLED(CONFIG_IPV6) 1068 unregister_inet6addr_notifier(&ipvlan_addr6_notifier_block); 1069 unregister_inet6addr_validator_notifier( 1070 &ipvlan_addr6_vtor_notifier_block); 1071#endif 1072} 1073 1074module_init(ipvlan_init_module); 1075module_exit(ipvlan_cleanup_module); 1076 1077MODULE_LICENSE("GPL"); 1078MODULE_AUTHOR("Mahesh Bandewar <maheshb@google.com>"); 1079MODULE_DESCRIPTION("Driver for L3 (IPv6/IPv4) based VLANs"); 1080MODULE_ALIAS_RTNL_LINK("ipvlan");