| /* SPDX-License-Identifier: GPL-2.0 */ |
| #ifndef __NET_UDP_TUNNEL_H |
| #define __NET_UDP_TUNNEL_H |
| |
| #include <net/ip_tunnels.h> |
| #include <net/udp.h> |
| |
| #if IS_ENABLED(CONFIG_IPV6) |
| #include <net/ipv6.h> |
| #include <net/ipv6_stubs.h> |
| #endif |
| |
| struct udp_port_cfg { |
| u8 family; |
| |
| /* Used only for kernel-created sockets */ |
| union { |
| struct in_addr local_ip; |
| #if IS_ENABLED(CONFIG_IPV6) |
| struct in6_addr local_ip6; |
| #endif |
| }; |
| |
| union { |
| struct in_addr peer_ip; |
| #if IS_ENABLED(CONFIG_IPV6) |
| struct in6_addr peer_ip6; |
| #endif |
| }; |
| |
| __be16 local_udp_port; |
| __be16 peer_udp_port; |
| int bind_ifindex; |
| unsigned int use_udp_checksums:1, |
| use_udp6_tx_checksums:1, |
| use_udp6_rx_checksums:1, |
| ipv6_v6only:1; |
| }; |
| |
| int udp_sock_create4(struct net *net, struct udp_port_cfg *cfg, |
| struct socket **sockp); |
| |
| #if IS_ENABLED(CONFIG_IPV6) |
| int udp_sock_create6(struct net *net, struct udp_port_cfg *cfg, |
| struct socket **sockp); |
| #else |
| static inline int udp_sock_create6(struct net *net, struct udp_port_cfg *cfg, |
| struct socket **sockp) |
| { |
| return 0; |
| } |
| #endif |
| |
| static inline int udp_sock_create(struct net *net, |
| struct udp_port_cfg *cfg, |
| struct socket **sockp) |
| { |
| if (cfg->family == AF_INET) |
| return udp_sock_create4(net, cfg, sockp); |
| |
| if (cfg->family == AF_INET6) |
| return udp_sock_create6(net, cfg, sockp); |
| |
| return -EPFNOSUPPORT; |
| } |
| |
| typedef int (*udp_tunnel_encap_rcv_t)(struct sock *sk, struct sk_buff *skb); |
| typedef int (*udp_tunnel_encap_err_lookup_t)(struct sock *sk, |
| struct sk_buff *skb); |
| typedef void (*udp_tunnel_encap_err_rcv_t)(struct sock *sk, |
| struct sk_buff *skb, int err, |
| __be16 port, u32 info, u8 *payload); |
| typedef void (*udp_tunnel_encap_destroy_t)(struct sock *sk); |
| typedef struct sk_buff *(*udp_tunnel_gro_receive_t)(struct sock *sk, |
| struct list_head *head, |
| struct sk_buff *skb); |
| typedef int (*udp_tunnel_gro_complete_t)(struct sock *sk, struct sk_buff *skb, |
| int nhoff); |
| |
| struct udp_tunnel_sock_cfg { |
| void *sk_user_data; /* user data used by encap_rcv call back */ |
| /* Used for setting up udp_sock fields, see udp.h for details */ |
| __u8 encap_type; |
| udp_tunnel_encap_rcv_t encap_rcv; |
| udp_tunnel_encap_err_lookup_t encap_err_lookup; |
| udp_tunnel_encap_err_rcv_t encap_err_rcv; |
| udp_tunnel_encap_destroy_t encap_destroy; |
| udp_tunnel_gro_receive_t gro_receive; |
| udp_tunnel_gro_complete_t gro_complete; |
| }; |
| |
| /* Setup the given (UDP) sock to receive UDP encapsulated packets */ |
| void setup_udp_tunnel_sock(struct net *net, struct socket *sock, |
| struct udp_tunnel_sock_cfg *sock_cfg); |
| |
| /* -- List of parsable UDP tunnel types -- |
| * |
| * Adding to this list will result in serious debate. The main issue is |
| * that this list is essentially a list of workarounds for either poorly |
| * designed tunnels, or poorly designed device offloads. |
| * |
| * The parsing supported via these types should really be used for Rx |
| * traffic only as the network stack will have already inserted offsets for |
| * the location of the headers in the skb. In addition any ports that are |
| * pushed should be kept within the namespace without leaking to other |
| * devices such as VFs or other ports on the same device. |
| * |
| * It is strongly encouraged to use CHECKSUM_COMPLETE for Rx to avoid the |
| * need to use this for Rx checksum offload. It should not be necessary to |
| * call this function to perform Tx offloads on outgoing traffic. |
| */ |
| enum udp_parsable_tunnel_type { |
| UDP_TUNNEL_TYPE_VXLAN = BIT(0), /* RFC 7348 */ |
| UDP_TUNNEL_TYPE_GENEVE = BIT(1), /* draft-ietf-nvo3-geneve */ |
| UDP_TUNNEL_TYPE_VXLAN_GPE = BIT(2), /* draft-ietf-nvo3-vxlan-gpe */ |
| }; |
| |
| struct udp_tunnel_info { |
| unsigned short type; |
| sa_family_t sa_family; |
| __be16 port; |
| u8 hw_priv; |
| }; |
| |
| /* Notify network devices of offloadable types */ |
| void udp_tunnel_push_rx_port(struct net_device *dev, struct socket *sock, |
| unsigned short type); |
| void udp_tunnel_drop_rx_port(struct net_device *dev, struct socket *sock, |
| unsigned short type); |
| void udp_tunnel_notify_add_rx_port(struct socket *sock, unsigned short type); |
| void udp_tunnel_notify_del_rx_port(struct socket *sock, unsigned short type); |
| |
| static inline void udp_tunnel_get_rx_info(struct net_device *dev) |
| { |
| ASSERT_RTNL(); |
| if (!(dev->features & NETIF_F_RX_UDP_TUNNEL_PORT)) |
| return; |
| call_netdevice_notifiers(NETDEV_UDP_TUNNEL_PUSH_INFO, dev); |
| } |
| |
| static inline void udp_tunnel_drop_rx_info(struct net_device *dev) |
| { |
| ASSERT_RTNL(); |
| if (!(dev->features & NETIF_F_RX_UDP_TUNNEL_PORT)) |
| return; |
| call_netdevice_notifiers(NETDEV_UDP_TUNNEL_DROP_INFO, dev); |
| } |
| |
| /* Transmit the skb using UDP encapsulation. */ |
| void udp_tunnel_xmit_skb(struct rtable *rt, struct sock *sk, struct sk_buff *skb, |
| __be32 src, __be32 dst, __u8 tos, __u8 ttl, |
| __be16 df, __be16 src_port, __be16 dst_port, |
| bool xnet, bool nocheck); |
| |
| int udp_tunnel6_xmit_skb(struct dst_entry *dst, struct sock *sk, |
| struct sk_buff *skb, |
| struct net_device *dev, struct in6_addr *saddr, |
| struct in6_addr *daddr, |
| __u8 prio, __u8 ttl, __be32 label, |
| __be16 src_port, __be16 dst_port, bool nocheck); |
| |
| void udp_tunnel_sock_release(struct socket *sock); |
| |
| struct metadata_dst *udp_tun_rx_dst(struct sk_buff *skb, unsigned short family, |
| __be16 flags, __be64 tunnel_id, |
| int md_size); |
| |
| #ifdef CONFIG_INET |
| static inline int udp_tunnel_handle_offloads(struct sk_buff *skb, bool udp_csum) |
| { |
| int type = udp_csum ? SKB_GSO_UDP_TUNNEL_CSUM : SKB_GSO_UDP_TUNNEL; |
| |
| return iptunnel_handle_offloads(skb, type); |
| } |
| #endif |
| |
| static inline void udp_tunnel_encap_enable(struct socket *sock) |
| { |
| struct udp_sock *up = udp_sk(sock->sk); |
| |
| if (up->encap_enabled) |
| return; |
| |
| up->encap_enabled = 1; |
| #if IS_ENABLED(CONFIG_IPV6) |
| if (sock->sk->sk_family == PF_INET6) |
| ipv6_stub->udpv6_encap_enable(); |
| #endif |
| udp_encap_enable(); |
| } |
| |
| #define UDP_TUNNEL_NIC_MAX_TABLES 4 |
| |
| enum udp_tunnel_nic_info_flags { |
| /* Device callbacks may sleep */ |
| UDP_TUNNEL_NIC_INFO_MAY_SLEEP = BIT(0), |
| /* Device only supports offloads when it's open, all ports |
| * will be removed before close and re-added after open. |
| */ |
| UDP_TUNNEL_NIC_INFO_OPEN_ONLY = BIT(1), |
| /* Device supports only IPv4 tunnels */ |
| UDP_TUNNEL_NIC_INFO_IPV4_ONLY = BIT(2), |
| /* Device has hard-coded the IANA VXLAN port (4789) as VXLAN. |
| * This port must not be counted towards n_entries of any table. |
| * Driver will not receive any callback associated with port 4789. |
| */ |
| UDP_TUNNEL_NIC_INFO_STATIC_IANA_VXLAN = BIT(3), |
| }; |
| |
| struct udp_tunnel_nic; |
| |
| #define UDP_TUNNEL_NIC_MAX_SHARING_DEVICES (U16_MAX / 2) |
| |
| struct udp_tunnel_nic_shared { |
| struct udp_tunnel_nic *udp_tunnel_nic_info; |
| |
| struct list_head devices; |
| }; |
| |
| struct udp_tunnel_nic_shared_node { |
| struct net_device *dev; |
| struct list_head list; |
| }; |
| |
| /** |
| * struct udp_tunnel_nic_info - driver UDP tunnel offload information |
| * @set_port: callback for adding a new port |
| * @unset_port: callback for removing a port |
| * @sync_table: callback for syncing the entire port table at once |
| * @shared: reference to device global state (optional) |
| * @flags: device flags from enum udp_tunnel_nic_info_flags |
| * @tables: UDP port tables this device has |
| * @tables.n_entries: number of entries in this table |
| * @tables.tunnel_types: types of tunnels this table accepts |
| * |
| * Drivers are expected to provide either @set_port and @unset_port callbacks |
| * or the @sync_table callback. Callbacks are invoked with rtnl lock held. |
| * |
| * Devices which (misguidedly) share the UDP tunnel port table across multiple |
| * netdevs should allocate an instance of struct udp_tunnel_nic_shared and |
| * point @shared at it. |
| * There must never be more than %UDP_TUNNEL_NIC_MAX_SHARING_DEVICES devices |
| * sharing a table. |
| * |
| * Known limitations: |
| * - UDP tunnel port notifications are fundamentally best-effort - |
| * it is likely the driver will both see skbs which use a UDP tunnel port, |
| * while not being a tunneled skb, and tunnel skbs from other ports - |
| * drivers should only use these ports for non-critical RX-side offloads, |
| * e.g. the checksum offload; |
| * - none of the devices care about the socket family at present, so we don't |
| * track it. Please extend this code if you care. |
| */ |
| struct udp_tunnel_nic_info { |
| /* one-by-one */ |
| int (*set_port)(struct net_device *dev, |
| unsigned int table, unsigned int entry, |
| struct udp_tunnel_info *ti); |
| int (*unset_port)(struct net_device *dev, |
| unsigned int table, unsigned int entry, |
| struct udp_tunnel_info *ti); |
| |
| /* all at once */ |
| int (*sync_table)(struct net_device *dev, unsigned int table); |
| |
| struct udp_tunnel_nic_shared *shared; |
| |
| unsigned int flags; |
| |
| struct udp_tunnel_nic_table_info { |
| unsigned int n_entries; |
| unsigned int tunnel_types; |
| } tables[UDP_TUNNEL_NIC_MAX_TABLES]; |
| }; |
| |
| /* UDP tunnel module dependencies |
| * |
| * Tunnel drivers are expected to have a hard dependency on the udp_tunnel |
| * module. NIC drivers are not, they just attach their |
| * struct udp_tunnel_nic_info to the netdev and wait for callbacks to come. |
| * Loading a tunnel driver will cause the udp_tunnel module to be loaded |
| * and only then will all the required state structures be allocated. |
| * Since we want a weak dependency from the drivers and the core to udp_tunnel |
| * we call things through the following stubs. |
| */ |
| struct udp_tunnel_nic_ops { |
| void (*get_port)(struct net_device *dev, unsigned int table, |
| unsigned int idx, struct udp_tunnel_info *ti); |
| void (*set_port_priv)(struct net_device *dev, unsigned int table, |
| unsigned int idx, u8 priv); |
| void (*add_port)(struct net_device *dev, struct udp_tunnel_info *ti); |
| void (*del_port)(struct net_device *dev, struct udp_tunnel_info *ti); |
| void (*reset_ntf)(struct net_device *dev); |
| |
| size_t (*dump_size)(struct net_device *dev, unsigned int table); |
| int (*dump_write)(struct net_device *dev, unsigned int table, |
| struct sk_buff *skb); |
| }; |
| |
| #ifdef CONFIG_INET |
| extern const struct udp_tunnel_nic_ops *udp_tunnel_nic_ops; |
| #else |
| #define udp_tunnel_nic_ops ((struct udp_tunnel_nic_ops *)NULL) |
| #endif |
| |
| static inline void |
| udp_tunnel_nic_get_port(struct net_device *dev, unsigned int table, |
| unsigned int idx, struct udp_tunnel_info *ti) |
| { |
| /* This helper is used from .sync_table, we indicate empty entries |
| * by zero'ed @ti. Drivers which need to know the details of a port |
| * when it gets deleted should use the .set_port / .unset_port |
| * callbacks. |
| * Zero out here, otherwise !CONFIG_INET causes uninitilized warnings. |
| */ |
| memset(ti, 0, sizeof(*ti)); |
| |
| if (udp_tunnel_nic_ops) |
| udp_tunnel_nic_ops->get_port(dev, table, idx, ti); |
| } |
| |
| static inline void |
| udp_tunnel_nic_set_port_priv(struct net_device *dev, unsigned int table, |
| unsigned int idx, u8 priv) |
| { |
| if (udp_tunnel_nic_ops) |
| udp_tunnel_nic_ops->set_port_priv(dev, table, idx, priv); |
| } |
| |
| static inline void |
| udp_tunnel_nic_add_port(struct net_device *dev, struct udp_tunnel_info *ti) |
| { |
| if (!(dev->features & NETIF_F_RX_UDP_TUNNEL_PORT)) |
| return; |
| if (udp_tunnel_nic_ops) |
| udp_tunnel_nic_ops->add_port(dev, ti); |
| } |
| |
| static inline void |
| udp_tunnel_nic_del_port(struct net_device *dev, struct udp_tunnel_info *ti) |
| { |
| if (!(dev->features & NETIF_F_RX_UDP_TUNNEL_PORT)) |
| return; |
| if (udp_tunnel_nic_ops) |
| udp_tunnel_nic_ops->del_port(dev, ti); |
| } |
| |
| /** |
| * udp_tunnel_nic_reset_ntf() - device-originating reset notification |
| * @dev: network interface device structure |
| * |
| * Called by the driver to inform the core that the entire UDP tunnel port |
| * state has been lost, usually due to device reset. Core will assume device |
| * forgot all the ports and issue .set_port and .sync_table callbacks as |
| * necessary. |
| * |
| * This function must be called with rtnl lock held, and will issue all |
| * the callbacks before returning. |
| */ |
| static inline void udp_tunnel_nic_reset_ntf(struct net_device *dev) |
| { |
| if (udp_tunnel_nic_ops) |
| udp_tunnel_nic_ops->reset_ntf(dev); |
| } |
| |
| static inline size_t |
| udp_tunnel_nic_dump_size(struct net_device *dev, unsigned int table) |
| { |
| if (!udp_tunnel_nic_ops) |
| return 0; |
| return udp_tunnel_nic_ops->dump_size(dev, table); |
| } |
| |
| static inline int |
| udp_tunnel_nic_dump_write(struct net_device *dev, unsigned int table, |
| struct sk_buff *skb) |
| { |
| if (!udp_tunnel_nic_ops) |
| return 0; |
| return udp_tunnel_nic_ops->dump_write(dev, table, skb); |
| } |
| #endif |