Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 20da848f authored by David S. Miller's avatar David S. Miller
Browse files

Merge branch 'iptunnel-policy-based-routing' 



Craig Gallek says:

====================
ip_tunnel: Allow policy-based routing through tunnels

iproute2 changes to follow.  Example usage:
  ip link add gre-test type gre local 10.0.0.1 remote 10.0.0.2 fwmark 0x4
  ip -detail link show gre-test
  ...
  ip link set gre-test type gre fwmark 0
====================

Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parents 8e6c1812 9830ad4c

include/net/ip6_tunnel.h

+2 −0
Original line number Diff line number Diff line
@@ -33,6 +33,8 @@ struct __ip6_tnl_parm { 
	__be16			o_flags;

	__be32			i_key;

	__be32			o_key;



	__u32			fwmark;

};



/* IPv6 tunnel */

include/net/ip_tunnels.h

+3 −2
Original line number Diff line number Diff line
@@ -132,6 +132,7 @@ struct ip_tunnel { 
	unsigned int		prl_count;	/* # of entries in PRL */

	unsigned int		ip_tnl_net_id;

	struct gro_cells	gro_cells;

	__u32			fwmark;

	bool			collect_md;

	bool			ignore_df;

};
@@ -273,9 +274,9 @@ int ip_tunnel_rcv(struct ip_tunnel *tunnel, struct sk_buff *skb, 
		  const struct tnl_ptk_info *tpi, struct metadata_dst *tun_dst,

		  bool log_ecn_error);

int ip_tunnel_changelink(struct net_device *dev, struct nlattr *tb[],

			 struct ip_tunnel_parm *p);

			 struct ip_tunnel_parm *p, __u32 fwmark);

int ip_tunnel_newlink(struct net_device *dev, struct nlattr *tb[],

		      struct ip_tunnel_parm *p);

		      struct ip_tunnel_parm *p, __u32 fwmark);

void ip_tunnel_setup(struct net_device *dev, unsigned int net_id);



struct ip_tunnel_encap_ops {

include/uapi/linux/if_tunnel.h

+3 −0
Original line number Diff line number Diff line
@@ -75,6 +75,7 @@ enum { 
	IFLA_IPTUN_ENCAP_SPORT,

	IFLA_IPTUN_ENCAP_DPORT,

	IFLA_IPTUN_COLLECT_METADATA,

	IFLA_IPTUN_FWMARK,

	__IFLA_IPTUN_MAX,

};

#define IFLA_IPTUN_MAX	(__IFLA_IPTUN_MAX - 1)
@@ -132,6 +133,7 @@ enum { 
	IFLA_GRE_ENCAP_DPORT,

	IFLA_GRE_COLLECT_METADATA,

	IFLA_GRE_IGNORE_DF,

	IFLA_GRE_FWMARK,

	__IFLA_GRE_MAX,

};
@@ -147,6 +149,7 @@ enum { 
	IFLA_VTI_OKEY,

	IFLA_VTI_LOCAL,

	IFLA_VTI_REMOTE,

	IFLA_VTI_FWMARK,

	__IFLA_VTI_MAX,

};

net/ipv4/ip_gre.c

+17 −7
Original line number Diff line number Diff line
@@ -829,7 +829,8 @@ static int ipgre_tap_validate(struct nlattr *tb[], struct nlattr *data[]) 
static int ipgre_netlink_parms(struct net_device *dev,

				struct nlattr *data[],

				struct nlattr *tb[],

				struct ip_tunnel_parm *parms)

				struct ip_tunnel_parm *parms,

				__u32 *fwmark)

{

	struct ip_tunnel *t = netdev_priv(dev);
@@ -886,6 +887,9 @@ static int ipgre_netlink_parms(struct net_device *dev, 
		t->ignore_df = !!nla_get_u8(data[IFLA_GRE_IGNORE_DF]);

	}



	if (data[IFLA_GRE_FWMARK])

		*fwmark = nla_get_u32(data[IFLA_GRE_FWMARK]);



	return 0;

}
@@ -957,6 +961,7 @@ static int ipgre_newlink(struct net *src_net, struct net_device *dev, 
{

	struct ip_tunnel_parm p;

	struct ip_tunnel_encap ipencap;

	__u32 fwmark = 0;

	int err;



	if (ipgre_netlink_encap_parms(data, &ipencap)) {
@@ -967,31 +972,32 @@ static int ipgre_newlink(struct net *src_net, struct net_device *dev, 
			return err;

	}



	err = ipgre_netlink_parms(dev, data, tb, &p);

	err = ipgre_netlink_parms(dev, data, tb, &p, &fwmark);

	if (err < 0)

		return err;

	return ip_tunnel_newlink(dev, tb, &p);

	return ip_tunnel_newlink(dev, tb, &p, fwmark);

}



static int ipgre_changelink(struct net_device *dev, struct nlattr *tb[],

			    struct nlattr *data[])

{

	struct ip_tunnel *t = netdev_priv(dev);

	struct ip_tunnel_parm p;

	struct ip_tunnel_encap ipencap;

	__u32 fwmark = t->fwmark;

	int err;



	if (ipgre_netlink_encap_parms(data, &ipencap)) {

		struct ip_tunnel *t = netdev_priv(dev);

		err = ip_tunnel_encap_setup(t, &ipencap);



		if (err < 0)

			return err;

	}



	err = ipgre_netlink_parms(dev, data, tb, &p);

	err = ipgre_netlink_parms(dev, data, tb, &p, &fwmark);

	if (err < 0)

		return err;

	return ip_tunnel_changelink(dev, tb, &p);

	return ip_tunnel_changelink(dev, tb, &p, fwmark);

}



static size_t ipgre_get_size(const struct net_device *dev)
@@ -1029,6 +1035,8 @@ static size_t ipgre_get_size(const struct net_device *dev) 
		nla_total_size(0) +

		/* IFLA_GRE_IGNORE_DF */

		nla_total_size(1) +

		/* IFLA_GRE_FWMARK */

		nla_total_size(4) +

		0;

}
@@ -1049,7 +1057,8 @@ static int ipgre_fill_info(struct sk_buff *skb, const struct net_device *dev) 
	    nla_put_u8(skb, IFLA_GRE_TTL, p->iph.ttl) ||

	    nla_put_u8(skb, IFLA_GRE_TOS, p->iph.tos) ||

	    nla_put_u8(skb, IFLA_GRE_PMTUDISC,

		       !!(p->iph.frag_off & htons(IP_DF))))

		       !!(p->iph.frag_off & htons(IP_DF))) ||

	    nla_put_u32(skb, IFLA_GRE_FWMARK, t->fwmark))

		goto nla_put_failure;



	if (nla_put_u16(skb, IFLA_GRE_ENCAP_TYPE,
@@ -1093,6 +1102,7 @@ static const struct nla_policy ipgre_policy[IFLA_GRE_MAX + 1] = { 
	[IFLA_GRE_ENCAP_DPORT]	= { .type = NLA_U16 },

	[IFLA_GRE_COLLECT_METADATA]	= { .type = NLA_FLAG },

	[IFLA_GRE_IGNORE_DF]	= { .type = NLA_U8 },

	[IFLA_GRE_FWMARK]	= { .type = NLA_U32 },

};



static struct rtnl_link_ops ipgre_link_ops __read_mostly = {

net/ipv4/ip_tunnel.c

+17 −10
Original line number Diff line number Diff line
@@ -293,7 +293,8 @@ static struct net_device *__ip_tunnel_create(struct net *net, 
static inline void init_tunnel_flow(struct flowi4 *fl4,

				    int proto,

				    __be32 daddr, __be32 saddr,

				    __be32 key, __u8 tos, int oif)

				    __be32 key, __u8 tos, int oif,

				    __u32 mark)

{

	memset(fl4, 0, sizeof(*fl4));

	fl4->flowi4_oif = oif;
@@ -302,6 +303,7 @@ static inline void init_tunnel_flow(struct flowi4 *fl4, 
	fl4->flowi4_tos = tos;

	fl4->flowi4_proto = proto;

	fl4->fl4_gre_key = key;

	fl4->flowi4_mark = mark;

}



static int ip_tunnel_bind_dev(struct net_device *dev)
@@ -322,7 +324,8 @@ static int ip_tunnel_bind_dev(struct net_device *dev) 


		init_tunnel_flow(&fl4, iph->protocol, iph->daddr,

				 iph->saddr, tunnel->parms.o_key,

				 RT_TOS(iph->tos), tunnel->parms.link);

				 RT_TOS(iph->tos), tunnel->parms.link,

				 tunnel->fwmark);

		rt = ip_route_output_key(tunnel->net, &fl4);



		if (!IS_ERR(rt)) {
@@ -578,7 +581,7 @@ void ip_md_tunnel_xmit(struct sk_buff *skb, struct net_device *dev, u8 proto) 
			tos = ipv6_get_dsfield((const struct ipv6hdr *)inner_iph);

	}

	init_tunnel_flow(&fl4, proto, key->u.ipv4.dst, key->u.ipv4.src, 0,

			 RT_TOS(tos), tunnel->parms.link);

			 RT_TOS(tos), tunnel->parms.link, tunnel->fwmark);

	if (tunnel->encap.type != TUNNEL_ENCAP_NONE)

		goto tx_error;

	rt = ip_route_output_key(tunnel->net, &fl4);
@@ -707,7 +710,8 @@ void ip_tunnel_xmit(struct sk_buff *skb, struct net_device *dev, 
	}



	init_tunnel_flow(&fl4, protocol, dst, tnl_params->saddr,

			 tunnel->parms.o_key, RT_TOS(tos), tunnel->parms.link);

			 tunnel->parms.o_key, RT_TOS(tos), tunnel->parms.link,

			 tunnel->fwmark);



	if (ip_tunnel_encap(skb, tunnel, &protocol, &fl4) < 0)

		goto tx_error;
@@ -795,7 +799,8 @@ static void ip_tunnel_update(struct ip_tunnel_net *itn, 
			     struct ip_tunnel *t,

			     struct net_device *dev,

			     struct ip_tunnel_parm *p,

			     bool set_mtu)

			     bool set_mtu,

			     __u32 fwmark)

{

	ip_tunnel_del(itn, t);

	t->parms.iph.saddr = p->iph.saddr;
@@ -812,10 +817,11 @@ static void ip_tunnel_update(struct ip_tunnel_net *itn, 
	t->parms.iph.tos = p->iph.tos;

	t->parms.iph.frag_off = p->iph.frag_off;



	if (t->parms.link != p->link) {

	if (t->parms.link != p->link || t->fwmark != fwmark) {

		int mtu;



		t->parms.link = p->link;

		t->fwmark = fwmark;

		mtu = ip_tunnel_bind_dev(dev);

		if (set_mtu)

			dev->mtu = mtu;
@@ -893,7 +899,7 @@ int ip_tunnel_ioctl(struct net_device *dev, struct ip_tunnel_parm *p, int cmd) 


		if (t) {

			err = 0;

			ip_tunnel_update(itn, t, dev, p, true);

			ip_tunnel_update(itn, t, dev, p, true, 0);

		} else {

			err = -ENOENT;

		}
@@ -1066,7 +1072,7 @@ void ip_tunnel_delete_net(struct ip_tunnel_net *itn, struct rtnl_link_ops *ops) 
EXPORT_SYMBOL_GPL(ip_tunnel_delete_net);



int ip_tunnel_newlink(struct net_device *dev, struct nlattr *tb[],

		      struct ip_tunnel_parm *p)

		      struct ip_tunnel_parm *p, __u32 fwmark)

{

	struct ip_tunnel *nt;

	struct net *net = dev_net(dev);
@@ -1087,6 +1093,7 @@ int ip_tunnel_newlink(struct net_device *dev, struct nlattr *tb[], 


	nt->net = net;

	nt->parms = *p;

	nt->fwmark = fwmark;

	err = register_netdevice(dev);

	if (err)

		goto out;
@@ -1105,7 +1112,7 @@ int ip_tunnel_newlink(struct net_device *dev, struct nlattr *tb[], 
EXPORT_SYMBOL_GPL(ip_tunnel_newlink);



int ip_tunnel_changelink(struct net_device *dev, struct nlattr *tb[],

			 struct ip_tunnel_parm *p)

			 struct ip_tunnel_parm *p, __u32 fwmark)

{

	struct ip_tunnel *t;

	struct ip_tunnel *tunnel = netdev_priv(dev);
@@ -1137,7 +1144,7 @@ int ip_tunnel_changelink(struct net_device *dev, struct nlattr *tb[], 
		}

	}



	ip_tunnel_update(itn, t, dev, p, !tb[IFLA_MTU]);

	ip_tunnel_update(itn, t, dev, p, !tb[IFLA_MTU], fwmark);

	return 0;

}

EXPORT_SYMBOL_GPL(ip_tunnel_changelink);