@@ -1416,6 +1416,7 @@ struct xfrm6_protocol {
/* XFRM tunnel handlers. */
struct xfrm_tunnel {
int (*handler)(struct sk_buff *skb);
+ int (*cb_handler)(struct sk_buff *skb, int err);
int (*err_handler)(struct sk_buff *skb, u32 info);
struct xfrm_tunnel __rcu *next;
@@ -110,6 +110,31 @@ static int tunnel4_rcv(struct sk_buff *skb)
return 0;
}
+static int tunnel4_rcv_cb(struct sk_buff *skb, u8 proto, int err)
+{
+ struct xfrm_tunnel __rcu *head;
+ struct xfrm_tunnel *handler;
+ int ret;
+
+ head = (proto == IPPROTO_IPIP) ? tunnel4_handlers : tunnel64_handlers;
+
+ for_each_tunnel_rcu(head, handler) {
+ if (handler->cb_handler) {
+ ret = handler->cb_handler(skb, err);
+ if (ret <= 0)
+ return ret;
+ }
+ }
+
+ return 0;
+}
+
+static const struct xfrm_input_afinfo tunnel4_input_afinfo = {
+ .family = AF_INET,
+ .is_ipip = true,
+ .callback = tunnel4_rcv_cb,
+};
+
#if IS_ENABLED(CONFIG_IPV6)
static int tunnel64_rcv(struct sk_buff *skb)
{
@@ -214,16 +239,22 @@ static const struct net_protocol tunnelmpls4_protocol = {
static int __init tunnel4_init(void)
{
- if (inet_add_protocol(&tunnel4_protocol, IPPROTO_IPIP))
+ if (xfrm_input_register_afinfo(&tunnel4_input_afinfo))
+ goto err;
+ if (inet_add_protocol(&tunnel4_protocol, IPPROTO_IPIP)) {
+ xfrm_input_unregister_afinfo(&tunnel4_input_afinfo);
goto err;
+ }
#if IS_ENABLED(CONFIG_IPV6)
if (inet_add_protocol(&tunnel64_protocol, IPPROTO_IPV6)) {
+ xfrm_input_unregister_afinfo(&tunnel4_input_afinfo);
inet_del_protocol(&tunnel4_protocol, IPPROTO_IPIP);
goto err;
}
#endif
#if IS_ENABLED(CONFIG_MPLS)
if (inet_add_protocol(&tunnelmpls4_protocol, IPPROTO_MPLS)) {
+ xfrm_input_unregister_afinfo(&tunnel4_input_afinfo);
inet_del_protocol(&tunnel4_protocol, IPPROTO_IPIP);
#if IS_ENABLED(CONFIG_IPV6)
inet_del_protocol(&tunnel64_protocol, IPPROTO_IPV6);
@@ -250,6 +281,8 @@ static void __exit tunnel4_fini(void)
#endif
if (inet_del_protocol(&tunnel4_protocol, IPPROTO_IPIP))
pr_err("tunnel4 close: can't remove protocol\n");
+ if (xfrm_input_unregister_afinfo(&tunnel4_input_afinfo))
+ pr_err("tunnel4 close: can't remove input afinfo\n");
}
module_init(tunnel4_init);
This patch is to register a callback function tunnel4_rcv_cb with is_ipip set in a xfrm_input_afinfo object for tunnel4 and tunnel64. It will be called by xfrm_rcv_cb() from xfrm_input() when family is AF_INET and proto is IPPROTO_IPIP or IPPROTO_IPV6. v1->v2: - Fix a sparse warning caused by the missing "__rcu", as Jakub noticed. - Handle the err returned by xfrm_input_register_afinfo() in tunnel4_init/fini(), as Sabrina noticed. Signed-off-by: Xin Long <lucien.xin@gmail.com> --- include/net/xfrm.h | 1 + net/ipv4/tunnel4.c | 35 ++++++++++++++++++++++++++++++++++- 2 files changed, 35 insertions(+), 1 deletion(-)