1 // SPDX-License-Identifier: GPL-2.0
3 * XFRM virtual interface
5 * Copyright (C) 2018 secunet Security Networks AG
8 * Steffen Klassert <steffen.klassert@secunet.com>
11 #include <linux/module.h>
12 #include <linux/capability.h>
13 #include <linux/errno.h>
14 #include <linux/types.h>
15 #include <linux/sockios.h>
16 #include <linux/icmp.h>
20 #include <linux/net.h>
21 #include <linux/in6.h>
22 #include <linux/netdevice.h>
23 #include <linux/if_link.h>
24 #include <linux/if_arp.h>
25 #include <linux/icmpv6.h>
26 #include <linux/init.h>
27 #include <linux/route.h>
28 #include <linux/rtnetlink.h>
29 #include <linux/netfilter_ipv6.h>
30 #include <linux/slab.h>
31 #include <linux/hash.h>
33 #include <linux/uaccess.h>
34 #include <linux/atomic.h>
39 #include <net/ip6_route.h>
40 #include <net/addrconf.h>
42 #include <net/net_namespace.h>
43 #include <net/netns/generic.h>
44 #include <linux/etherdevice.h>
46 static int xfrmi_dev_init(struct net_device
*dev
);
47 static void xfrmi_dev_setup(struct net_device
*dev
);
48 static struct rtnl_link_ops xfrmi_link_ops __read_mostly
;
49 static unsigned int xfrmi_net_id __read_mostly
;
52 /* lists for storing interfaces in use */
53 struct xfrm_if __rcu
*xfrmi
[1];
56 #define for_each_xfrmi_rcu(start, xi) \
57 for (xi = rcu_dereference(start); xi; xi = rcu_dereference(xi->next))
59 static struct xfrm_if
*xfrmi_lookup(struct net
*net
, struct xfrm_state
*x
)
61 struct xfrmi_net
*xfrmn
= net_generic(net
, xfrmi_net_id
);
64 for_each_xfrmi_rcu(xfrmn
->xfrmi
[0], xi
) {
65 if (x
->if_id
== xi
->p
.if_id
&&
66 (xi
->dev
->flags
& IFF_UP
))
73 static struct xfrm_if
*xfrmi_decode_session(struct sk_buff
*skb
,
74 unsigned short family
)
76 struct xfrmi_net
*xfrmn
;
80 if (!secpath_exists(skb
) || !skb
->dev
)
85 ifindex
= inet6_sdif(skb
);
88 ifindex
= inet_sdif(skb
);
92 ifindex
= skb
->dev
->ifindex
;
94 xfrmn
= net_generic(xs_net(xfrm_input_state(skb
)), xfrmi_net_id
);
96 for_each_xfrmi_rcu(xfrmn
->xfrmi
[0], xi
) {
97 if (ifindex
== xi
->dev
->ifindex
&&
98 (xi
->dev
->flags
& IFF_UP
))
105 static void xfrmi_link(struct xfrmi_net
*xfrmn
, struct xfrm_if
*xi
)
107 struct xfrm_if __rcu
**xip
= &xfrmn
->xfrmi
[0];
109 rcu_assign_pointer(xi
->next
, rtnl_dereference(*xip
));
110 rcu_assign_pointer(*xip
, xi
);
113 static void xfrmi_unlink(struct xfrmi_net
*xfrmn
, struct xfrm_if
*xi
)
115 struct xfrm_if __rcu
**xip
;
116 struct xfrm_if
*iter
;
118 for (xip
= &xfrmn
->xfrmi
[0];
119 (iter
= rtnl_dereference(*xip
)) != NULL
;
122 rcu_assign_pointer(*xip
, xi
->next
);
128 static void xfrmi_dev_free(struct net_device
*dev
)
130 struct xfrm_if
*xi
= netdev_priv(dev
);
132 gro_cells_destroy(&xi
->gro_cells
);
133 free_percpu(dev
->tstats
);
136 static int xfrmi_create(struct net_device
*dev
)
138 struct xfrm_if
*xi
= netdev_priv(dev
);
139 struct net
*net
= dev_net(dev
);
140 struct xfrmi_net
*xfrmn
= net_generic(net
, xfrmi_net_id
);
143 dev
->rtnl_link_ops
= &xfrmi_link_ops
;
144 err
= register_netdevice(dev
);
149 xfrmi_link(xfrmn
, xi
);
157 static struct xfrm_if
*xfrmi_locate(struct net
*net
, struct xfrm_if_parms
*p
)
159 struct xfrm_if __rcu
**xip
;
161 struct xfrmi_net
*xfrmn
= net_generic(net
, xfrmi_net_id
);
163 for (xip
= &xfrmn
->xfrmi
[0];
164 (xi
= rtnl_dereference(*xip
)) != NULL
;
166 if (xi
->p
.if_id
== p
->if_id
)
172 static void xfrmi_dev_uninit(struct net_device
*dev
)
174 struct xfrm_if
*xi
= netdev_priv(dev
);
175 struct xfrmi_net
*xfrmn
= net_generic(xi
->net
, xfrmi_net_id
);
177 xfrmi_unlink(xfrmn
, xi
);
181 static void xfrmi_scrub_packet(struct sk_buff
*skb
, bool xnet
)
184 skb
->pkt_type
= PACKET_HOST
;
200 static int xfrmi_rcv_cb(struct sk_buff
*skb
, int err
)
202 const struct xfrm_mode
*inner_mode
;
203 struct pcpu_sw_netstats
*tstats
;
204 struct net_device
*dev
;
205 struct xfrm_state
*x
;
209 if (err
&& !secpath_exists(skb
))
212 x
= xfrm_input_state(skb
);
214 xi
= xfrmi_lookup(xs_net(x
), x
);
222 dev
->stats
.rx_errors
++;
223 dev
->stats
.rx_dropped
++;
228 xnet
= !net_eq(xi
->net
, dev_net(skb
->dev
));
231 inner_mode
= &x
->inner_mode
;
233 if (x
->sel
.family
== AF_UNSPEC
) {
234 inner_mode
= xfrm_ip2inner_mode(x
, XFRM_MODE_SKB_CB(skb
)->protocol
);
235 if (inner_mode
== NULL
) {
236 XFRM_INC_STATS(dev_net(skb
->dev
),
237 LINUX_MIB_XFRMINSTATEMODEERROR
);
242 if (!xfrm_policy_check(NULL
, XFRM_POLICY_IN
, skb
,
247 xfrmi_scrub_packet(skb
, xnet
);
249 tstats
= this_cpu_ptr(dev
->tstats
);
251 u64_stats_update_begin(&tstats
->syncp
);
252 tstats
->rx_packets
++;
253 tstats
->rx_bytes
+= skb
->len
;
254 u64_stats_update_end(&tstats
->syncp
);
260 xfrmi_xmit2(struct sk_buff
*skb
, struct net_device
*dev
, struct flowi
*fl
)
262 struct xfrm_if
*xi
= netdev_priv(dev
);
263 struct net_device_stats
*stats
= &xi
->dev
->stats
;
264 struct dst_entry
*dst
= skb_dst(skb
);
265 unsigned int length
= skb
->len
;
266 struct net_device
*tdev
;
267 struct xfrm_state
*x
;
272 goto tx_err_link_failure
;
275 dst
= xfrm_lookup_with_ifid(xi
->net
, dst
, fl
, NULL
, 0, xi
->p
.if_id
);
279 goto tx_err_link_failure
;
284 goto tx_err_link_failure
;
286 if (x
->if_id
!= xi
->p
.if_id
)
287 goto tx_err_link_failure
;
293 net_warn_ratelimited("%s: Local routing loop detected!\n",
295 goto tx_err_dst_release
;
299 if (!skb
->ignore_df
&& skb
->len
> mtu
) {
300 skb_dst_update_pmtu(skb
, mtu
);
302 if (skb
->protocol
== htons(ETH_P_IPV6
)) {
303 if (mtu
< IPV6_MIN_MTU
)
306 icmpv6_send(skb
, ICMPV6_PKT_TOOBIG
, 0, mtu
);
308 icmp_send(skb
, ICMP_DEST_UNREACH
, ICMP_FRAG_NEEDED
,
316 xfrmi_scrub_packet(skb
, !net_eq(xi
->net
, dev_net(dev
)));
317 skb_dst_set(skb
, dst
);
320 err
= dst_output(xi
->net
, skb
->sk
, skb
);
321 if (net_xmit_eval(err
) == 0) {
322 struct pcpu_sw_netstats
*tstats
= this_cpu_ptr(dev
->tstats
);
324 u64_stats_update_begin(&tstats
->syncp
);
325 tstats
->tx_bytes
+= length
;
326 tstats
->tx_packets
++;
327 u64_stats_update_end(&tstats
->syncp
);
330 stats
->tx_aborted_errors
++;
335 stats
->tx_carrier_errors
++;
336 dst_link_failure(skb
);
342 static netdev_tx_t
xfrmi_xmit(struct sk_buff
*skb
, struct net_device
*dev
)
344 struct xfrm_if
*xi
= netdev_priv(dev
);
345 struct net_device_stats
*stats
= &xi
->dev
->stats
;
349 memset(&fl
, 0, sizeof(fl
));
351 switch (skb
->protocol
) {
352 case htons(ETH_P_IPV6
):
353 xfrm_decode_session(skb
, &fl
, AF_INET6
);
354 memset(IP6CB(skb
), 0, sizeof(*IP6CB(skb
)));
356 case htons(ETH_P_IP
):
357 xfrm_decode_session(skb
, &fl
, AF_INET
);
358 memset(IPCB(skb
), 0, sizeof(*IPCB(skb
)));
364 fl
.flowi_oif
= xi
->p
.link
;
366 ret
= xfrmi_xmit2(skb
, dev
, &fl
);
379 static int xfrmi4_err(struct sk_buff
*skb
, u32 info
)
381 const struct iphdr
*iph
= (const struct iphdr
*)skb
->data
;
382 struct net
*net
= dev_net(skb
->dev
);
383 int protocol
= iph
->protocol
;
384 struct ip_comp_hdr
*ipch
;
385 struct ip_esp_hdr
*esph
;
386 struct ip_auth_hdr
*ah
;
387 struct xfrm_state
*x
;
393 esph
= (struct ip_esp_hdr
*)(skb
->data
+(iph
->ihl
<<2));
397 ah
= (struct ip_auth_hdr
*)(skb
->data
+(iph
->ihl
<<2));
401 ipch
= (struct ip_comp_hdr
*)(skb
->data
+(iph
->ihl
<<2));
402 spi
= htonl(ntohs(ipch
->cpi
));
408 switch (icmp_hdr(skb
)->type
) {
409 case ICMP_DEST_UNREACH
:
410 if (icmp_hdr(skb
)->code
!= ICMP_FRAG_NEEDED
)
418 x
= xfrm_state_lookup(net
, skb
->mark
, (const xfrm_address_t
*)&iph
->daddr
,
419 spi
, protocol
, AF_INET
);
423 xi
= xfrmi_lookup(net
, x
);
429 if (icmp_hdr(skb
)->type
== ICMP_DEST_UNREACH
)
430 ipv4_update_pmtu(skb
, net
, info
, 0, protocol
);
432 ipv4_redirect(skb
, net
, 0, protocol
);
438 static int xfrmi6_err(struct sk_buff
*skb
, struct inet6_skb_parm
*opt
,
439 u8 type
, u8 code
, int offset
, __be32 info
)
441 const struct ipv6hdr
*iph
= (const struct ipv6hdr
*)skb
->data
;
442 struct net
*net
= dev_net(skb
->dev
);
443 int protocol
= iph
->nexthdr
;
444 struct ip_comp_hdr
*ipch
;
445 struct ip_esp_hdr
*esph
;
446 struct ip_auth_hdr
*ah
;
447 struct xfrm_state
*x
;
453 esph
= (struct ip_esp_hdr
*)(skb
->data
+ offset
);
457 ah
= (struct ip_auth_hdr
*)(skb
->data
+ offset
);
461 ipch
= (struct ip_comp_hdr
*)(skb
->data
+ offset
);
462 spi
= htonl(ntohs(ipch
->cpi
));
468 if (type
!= ICMPV6_PKT_TOOBIG
&&
469 type
!= NDISC_REDIRECT
)
472 x
= xfrm_state_lookup(net
, skb
->mark
, (const xfrm_address_t
*)&iph
->daddr
,
473 spi
, protocol
, AF_INET6
);
477 xi
= xfrmi_lookup(net
, x
);
483 if (type
== NDISC_REDIRECT
)
484 ip6_redirect(skb
, net
, skb
->dev
->ifindex
, 0,
485 sock_net_uid(net
, NULL
));
487 ip6_update_pmtu(skb
, net
, info
, 0, 0, sock_net_uid(net
, NULL
));
493 static int xfrmi_change(struct xfrm_if
*xi
, const struct xfrm_if_parms
*p
)
495 if (xi
->p
.link
!= p
->link
)
498 xi
->p
.if_id
= p
->if_id
;
503 static int xfrmi_update(struct xfrm_if
*xi
, struct xfrm_if_parms
*p
)
505 struct net
*net
= xi
->net
;
506 struct xfrmi_net
*xfrmn
= net_generic(net
, xfrmi_net_id
);
509 xfrmi_unlink(xfrmn
, xi
);
511 err
= xfrmi_change(xi
, p
);
512 xfrmi_link(xfrmn
, xi
);
513 netdev_state_change(xi
->dev
);
517 static void xfrmi_get_stats64(struct net_device
*dev
,
518 struct rtnl_link_stats64
*s
)
522 for_each_possible_cpu(cpu
) {
523 struct pcpu_sw_netstats
*stats
;
524 struct pcpu_sw_netstats tmp
;
527 stats
= per_cpu_ptr(dev
->tstats
, cpu
);
529 start
= u64_stats_fetch_begin_irq(&stats
->syncp
);
530 tmp
.rx_packets
= stats
->rx_packets
;
531 tmp
.rx_bytes
= stats
->rx_bytes
;
532 tmp
.tx_packets
= stats
->tx_packets
;
533 tmp
.tx_bytes
= stats
->tx_bytes
;
534 } while (u64_stats_fetch_retry_irq(&stats
->syncp
, start
));
536 s
->rx_packets
+= tmp
.rx_packets
;
537 s
->rx_bytes
+= tmp
.rx_bytes
;
538 s
->tx_packets
+= tmp
.tx_packets
;
539 s
->tx_bytes
+= tmp
.tx_bytes
;
542 s
->rx_dropped
= dev
->stats
.rx_dropped
;
543 s
->tx_dropped
= dev
->stats
.tx_dropped
;
546 static int xfrmi_get_iflink(const struct net_device
*dev
)
548 struct xfrm_if
*xi
= netdev_priv(dev
);
554 static const struct net_device_ops xfrmi_netdev_ops
= {
555 .ndo_init
= xfrmi_dev_init
,
556 .ndo_uninit
= xfrmi_dev_uninit
,
557 .ndo_start_xmit
= xfrmi_xmit
,
558 .ndo_get_stats64
= xfrmi_get_stats64
,
559 .ndo_get_iflink
= xfrmi_get_iflink
,
562 static void xfrmi_dev_setup(struct net_device
*dev
)
564 dev
->netdev_ops
= &xfrmi_netdev_ops
;
565 dev
->type
= ARPHRD_NONE
;
566 dev
->hard_header_len
= ETH_HLEN
;
567 dev
->min_header_len
= ETH_HLEN
;
568 dev
->mtu
= ETH_DATA_LEN
;
569 dev
->min_mtu
= ETH_MIN_MTU
;
570 dev
->max_mtu
= ETH_DATA_LEN
;
571 dev
->addr_len
= ETH_ALEN
;
572 dev
->flags
= IFF_NOARP
;
573 dev
->needs_free_netdev
= true;
574 dev
->priv_destructor
= xfrmi_dev_free
;
577 eth_broadcast_addr(dev
->broadcast
);
580 static int xfrmi_dev_init(struct net_device
*dev
)
582 struct xfrm_if
*xi
= netdev_priv(dev
);
583 struct net_device
*phydev
= __dev_get_by_index(xi
->net
, xi
->p
.link
);
586 dev
->tstats
= netdev_alloc_pcpu_stats(struct pcpu_sw_netstats
);
590 err
= gro_cells_init(&xi
->gro_cells
, dev
);
592 free_percpu(dev
->tstats
);
596 dev
->features
|= NETIF_F_LLTX
;
599 dev
->needed_headroom
= phydev
->needed_headroom
;
600 dev
->needed_tailroom
= phydev
->needed_tailroom
;
602 if (is_zero_ether_addr(dev
->dev_addr
))
603 eth_hw_addr_inherit(dev
, phydev
);
604 if (is_zero_ether_addr(dev
->broadcast
))
605 memcpy(dev
->broadcast
, phydev
->broadcast
,
608 eth_hw_addr_random(dev
);
609 eth_broadcast_addr(dev
->broadcast
);
615 static int xfrmi_validate(struct nlattr
*tb
[], struct nlattr
*data
[],
616 struct netlink_ext_ack
*extack
)
621 static void xfrmi_netlink_parms(struct nlattr
*data
[],
622 struct xfrm_if_parms
*parms
)
624 memset(parms
, 0, sizeof(*parms
));
629 if (data
[IFLA_XFRM_LINK
])
630 parms
->link
= nla_get_u32(data
[IFLA_XFRM_LINK
]);
632 if (data
[IFLA_XFRM_IF_ID
])
633 parms
->if_id
= nla_get_u32(data
[IFLA_XFRM_IF_ID
]);
636 static int xfrmi_newlink(struct net
*src_net
, struct net_device
*dev
,
637 struct nlattr
*tb
[], struct nlattr
*data
[],
638 struct netlink_ext_ack
*extack
)
640 struct net
*net
= dev_net(dev
);
641 struct xfrm_if_parms p
;
645 xfrmi_netlink_parms(data
, &p
);
646 xi
= xfrmi_locate(net
, &p
);
650 xi
= netdev_priv(dev
);
655 err
= xfrmi_create(dev
);
659 static void xfrmi_dellink(struct net_device
*dev
, struct list_head
*head
)
661 unregister_netdevice_queue(dev
, head
);
664 static int xfrmi_changelink(struct net_device
*dev
, struct nlattr
*tb
[],
665 struct nlattr
*data
[],
666 struct netlink_ext_ack
*extack
)
668 struct xfrm_if
*xi
= netdev_priv(dev
);
669 struct net
*net
= xi
->net
;
670 struct xfrm_if_parms p
;
672 xfrmi_netlink_parms(data
, &p
);
673 xi
= xfrmi_locate(net
, &p
);
675 xi
= netdev_priv(dev
);
681 return xfrmi_update(xi
, &p
);
684 static size_t xfrmi_get_size(const struct net_device
*dev
)
689 /* IFLA_XFRM_IF_ID */
694 static int xfrmi_fill_info(struct sk_buff
*skb
, const struct net_device
*dev
)
696 struct xfrm_if
*xi
= netdev_priv(dev
);
697 struct xfrm_if_parms
*parm
= &xi
->p
;
699 if (nla_put_u32(skb
, IFLA_XFRM_LINK
, parm
->link
) ||
700 nla_put_u32(skb
, IFLA_XFRM_IF_ID
, parm
->if_id
))
701 goto nla_put_failure
;
708 static struct net
*xfrmi_get_link_net(const struct net_device
*dev
)
710 struct xfrm_if
*xi
= netdev_priv(dev
);
715 static const struct nla_policy xfrmi_policy
[IFLA_XFRM_MAX
+ 1] = {
716 [IFLA_XFRM_LINK
] = { .type
= NLA_U32
},
717 [IFLA_XFRM_IF_ID
] = { .type
= NLA_U32
},
720 static struct rtnl_link_ops xfrmi_link_ops __read_mostly
= {
722 .maxtype
= IFLA_XFRM_MAX
,
723 .policy
= xfrmi_policy
,
724 .priv_size
= sizeof(struct xfrm_if
),
725 .setup
= xfrmi_dev_setup
,
726 .validate
= xfrmi_validate
,
727 .newlink
= xfrmi_newlink
,
728 .dellink
= xfrmi_dellink
,
729 .changelink
= xfrmi_changelink
,
730 .get_size
= xfrmi_get_size
,
731 .fill_info
= xfrmi_fill_info
,
732 .get_link_net
= xfrmi_get_link_net
,
735 static struct pernet_operations xfrmi_net_ops
= {
737 .size
= sizeof(struct xfrmi_net
),
740 static struct xfrm6_protocol xfrmi_esp6_protocol __read_mostly
= {
741 .handler
= xfrm6_rcv
,
742 .cb_handler
= xfrmi_rcv_cb
,
743 .err_handler
= xfrmi6_err
,
747 static struct xfrm6_protocol xfrmi_ah6_protocol __read_mostly
= {
748 .handler
= xfrm6_rcv
,
749 .cb_handler
= xfrmi_rcv_cb
,
750 .err_handler
= xfrmi6_err
,
754 static struct xfrm6_protocol xfrmi_ipcomp6_protocol __read_mostly
= {
755 .handler
= xfrm6_rcv
,
756 .cb_handler
= xfrmi_rcv_cb
,
757 .err_handler
= xfrmi6_err
,
761 static struct xfrm4_protocol xfrmi_esp4_protocol __read_mostly
= {
762 .handler
= xfrm4_rcv
,
763 .input_handler
= xfrm_input
,
764 .cb_handler
= xfrmi_rcv_cb
,
765 .err_handler
= xfrmi4_err
,
769 static struct xfrm4_protocol xfrmi_ah4_protocol __read_mostly
= {
770 .handler
= xfrm4_rcv
,
771 .input_handler
= xfrm_input
,
772 .cb_handler
= xfrmi_rcv_cb
,
773 .err_handler
= xfrmi4_err
,
777 static struct xfrm4_protocol xfrmi_ipcomp4_protocol __read_mostly
= {
778 .handler
= xfrm4_rcv
,
779 .input_handler
= xfrm_input
,
780 .cb_handler
= xfrmi_rcv_cb
,
781 .err_handler
= xfrmi4_err
,
785 static int __init
xfrmi4_init(void)
789 err
= xfrm4_protocol_register(&xfrmi_esp4_protocol
, IPPROTO_ESP
);
791 goto xfrm_proto_esp_failed
;
792 err
= xfrm4_protocol_register(&xfrmi_ah4_protocol
, IPPROTO_AH
);
794 goto xfrm_proto_ah_failed
;
795 err
= xfrm4_protocol_register(&xfrmi_ipcomp4_protocol
, IPPROTO_COMP
);
797 goto xfrm_proto_comp_failed
;
801 xfrm_proto_comp_failed
:
802 xfrm4_protocol_deregister(&xfrmi_ah4_protocol
, IPPROTO_AH
);
803 xfrm_proto_ah_failed
:
804 xfrm4_protocol_deregister(&xfrmi_esp4_protocol
, IPPROTO_ESP
);
805 xfrm_proto_esp_failed
:
809 static void xfrmi4_fini(void)
811 xfrm4_protocol_deregister(&xfrmi_ipcomp4_protocol
, IPPROTO_COMP
);
812 xfrm4_protocol_deregister(&xfrmi_ah4_protocol
, IPPROTO_AH
);
813 xfrm4_protocol_deregister(&xfrmi_esp4_protocol
, IPPROTO_ESP
);
816 static int __init
xfrmi6_init(void)
820 err
= xfrm6_protocol_register(&xfrmi_esp6_protocol
, IPPROTO_ESP
);
822 goto xfrm_proto_esp_failed
;
823 err
= xfrm6_protocol_register(&xfrmi_ah6_protocol
, IPPROTO_AH
);
825 goto xfrm_proto_ah_failed
;
826 err
= xfrm6_protocol_register(&xfrmi_ipcomp6_protocol
, IPPROTO_COMP
);
828 goto xfrm_proto_comp_failed
;
832 xfrm_proto_comp_failed
:
833 xfrm6_protocol_deregister(&xfrmi_ah6_protocol
, IPPROTO_AH
);
834 xfrm_proto_ah_failed
:
835 xfrm6_protocol_deregister(&xfrmi_esp6_protocol
, IPPROTO_ESP
);
836 xfrm_proto_esp_failed
:
840 static void xfrmi6_fini(void)
842 xfrm6_protocol_deregister(&xfrmi_ipcomp6_protocol
, IPPROTO_COMP
);
843 xfrm6_protocol_deregister(&xfrmi_ah6_protocol
, IPPROTO_AH
);
844 xfrm6_protocol_deregister(&xfrmi_esp6_protocol
, IPPROTO_ESP
);
847 static const struct xfrm_if_cb xfrm_if_cb
= {
848 .decode_session
= xfrmi_decode_session
,
851 static int __init
xfrmi_init(void)
856 pr_info("IPsec XFRM device driver\n");
858 msg
= "tunnel device";
859 err
= register_pernet_device(&xfrmi_net_ops
);
861 goto pernet_dev_failed
;
863 msg
= "xfrm4 protocols";
868 msg
= "xfrm6 protocols";
874 msg
= "netlink interface";
875 err
= rtnl_link_register(&xfrmi_link_ops
);
877 goto rtnl_link_failed
;
879 xfrm_if_register_cb(&xfrm_if_cb
);
888 unregister_pernet_device(&xfrmi_net_ops
);
890 pr_err("xfrmi init: failed to register %s\n", msg
);
894 static void __exit
xfrmi_fini(void)
896 xfrm_if_unregister_cb();
897 rtnl_link_unregister(&xfrmi_link_ops
);
900 unregister_pernet_device(&xfrmi_net_ops
);
903 module_init(xfrmi_init
);
904 module_exit(xfrmi_fini
);
905 MODULE_LICENSE("GPL");
906 MODULE_ALIAS_RTNL_LINK("xfrm");
907 MODULE_ALIAS_NETDEV("xfrm0");
908 MODULE_AUTHOR("Steffen Klassert");
909 MODULE_DESCRIPTION("XFRM virtual interface");