search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
ipfw3: 'or' supports more filters
[dragonfly.git] / sys / net / gif / if_gif.c
blobf9d0a10a99bad21bd24631ced9b4e3ed5b43921f
1 /*
2 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 3. Neither the name of the project nor the names of its contributors
14 * may be used to endorse or promote products derived from this software
15 * without specific prior written permission.
16 *
17 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27 * SUCH DAMAGE.
28 *
29 * $FreeBSD: src/sys/net/if_gif.c,v 1.4.2.15 2002/11/08 16:57:13 ume Exp $
30 * $DragonFly: src/sys/net/gif/if_gif.c,v 1.21 2008/05/14 11:59:23 sephe Exp $
31 * $KAME: if_gif.c,v 1.87 2001/10/19 08:50:27 itojun Exp $
32 */
33
34 #include "opt_inet.h"
35 #include "opt_inet6.h"
36
37 #include <sys/param.h>
38 #include <sys/systm.h>
39 #include <sys/kernel.h>
40 #include <sys/bus.h>
41 #include <sys/malloc.h>
42 #include <sys/mbuf.h>
43 #include <sys/socket.h>
44 #include <sys/sockio.h>
45 #include <sys/errno.h>
46 #include <sys/time.h>
47 #include <sys/sysctl.h>
48 #include <sys/syslog.h>
49 #include <sys/protosw.h>
50 #include <sys/conf.h>
51 #include <sys/thread2.h>
52
53 #include <machine/cpu.h>
54
55 #include <net/if.h>
56 #include <net/if_types.h>
57 #include <net/ifq_var.h>
58 #include <net/netisr.h>
59 #include <net/route.h>
60 #include <net/bpf.h>
61 #include <net/if_clone.h>
62
63 #include <netinet/in.h>
64 #include <netinet/in_systm.h>
65 #include <netinet/ip.h>
66 #ifdef INET
67 #include <netinet/in_var.h>
68 #include <netinet/in_gif.h>
69 #include <netinet/ip_var.h>
70 #endif /* INET */
71
72 #ifdef INET6
73 #ifndef INET
74 #include <netinet/in.h>
75 #endif
76 #include <netinet6/in6_var.h>
77 #include <netinet/ip6.h>
78 #include <netinet6/ip6_var.h>
79 #include <netinet6/in6_gif.h>
80 #include <netinet6/ip6protosw.h>
81 #endif /* INET6 */
82
83 #include <netinet/ip_encap.h>
84 #include "if_gif.h"
85
86 #include <net/net_osdep.h>
87
88 #define GIFNAME "gif"
89
90 static MALLOC_DEFINE(M_GIF, "gif", "Generic Tunnel Interface");
91 LIST_HEAD(, gif_softc) gif_softc_list;
92
93 int gif_clone_create (struct if_clone *, int, caddr_t);
94 int gif_clone_destroy (struct ifnet *);
95
96 struct if_clone gif_cloner = IF_CLONE_INITIALIZER("gif", gif_clone_create,
97 gif_clone_destroy, 0, IF_MAXUNIT);
98
99 static int gifmodevent (module_t, int, void *);
100 static void gif_clear_cache(struct gif_softc *sc);
101
102 SYSCTL_DECL(_net_link);
103 SYSCTL_NODE(_net_link, IFT_GIF, gif, CTLFLAG_RW, 0,
104 "Generic Tunnel Interface");
105 #ifndef MAX_GIF_NEST
106 /*
107 * This macro controls the default upper limitation on nesting of gif tunnels.
108 * Since, setting a large value to this macro with a careless configuration
109 * may introduce system crash, we don't allow any nestings by default.
110 * If you need to configure nested gif tunnels, you can define this macro
111 * in your kernel configuration file. However, if you do so, please be
112 * careful to configure the tunnels so that it won't make a loop.
113 */
114 #define MAX_GIF_NEST 1
115 #endif
116 static int max_gif_nesting = MAX_GIF_NEST;
117 SYSCTL_INT(_net_link_gif, OID_AUTO, max_nesting, CTLFLAG_RW,
118 &max_gif_nesting, 0, "Max nested tunnels");
119
120 /*
121 * By default, we disallow creation of multiple tunnels between the same
122 * pair of addresses. Some applications require this functionality so
123 * we allow control over this check here.
124 */
125 #ifdef XBONEHACK
126 static int parallel_tunnels = 1;
127 #else
128 static int parallel_tunnels = 0;
129 #endif
130 SYSCTL_INT(_net_link_gif, OID_AUTO, parallel_tunnels, CTLFLAG_RW,
131 &parallel_tunnels, 0, "Allow parallel tunnels?");
132
133 int
134 gif_clone_create(struct if_clone *ifc, int unit, caddr_t params)
135 {
136 struct gif_softc *sc;
137
138 sc = kmalloc (sizeof(struct gif_softc), M_GIF, M_WAITOK | M_ZERO);
139
140 sc->gif_if.if_softc = sc;
141 if_initname(&(sc->gif_if), GIFNAME, unit);
142
143 gifattach0(sc);
144
145 LIST_INSERT_HEAD(&gif_softc_list, sc, gif_list);
146 return (0);
147 }
148
149 void
150 gifattach0(struct gif_softc *sc)
151 {
152
153 sc->encap_cookie4 = sc->encap_cookie6 = NULL;
154
155 sc->gif_if.if_addrlen = 0;
156 sc->gif_if.if_mtu = GIF_MTU;
157 sc->gif_if.if_flags = IFF_POINTOPOINT | IFF_MULTICAST;
158 #if 0
159 /* turn off ingress filter */
160 sc->gif_if.if_flags |= IFF_LINK2;
161 #endif
162 sc->gif_if.if_ioctl = gif_ioctl;
163 sc->gif_if.if_output = gif_output;
164 sc->gif_if.if_type = IFT_GIF;
165 ifq_set_maxlen(&sc->gif_if.if_snd, IFQ_MAXLEN);
166 if_attach(&sc->gif_if, NULL);
167 bpfattach(&sc->gif_if, DLT_NULL, sizeof(u_int));
168 }
169
170 int
171 gif_clone_destroy(struct ifnet *ifp)
172 {
173 struct gif_softc *sc = ifp->if_softc;
174 int err;
175
176 gif_delete_tunnel(&sc->gif_if);
177 LIST_REMOVE(sc, gif_list);
178 #ifdef INET6
179 if (sc->encap_cookie6 != NULL) {
180 err = encap_detach(sc->encap_cookie6);
181 KASSERT(err == 0, ("Unexpected error detaching encap_cookie6"));
182 }
183 #endif
184 #ifdef INET
185 if (sc->encap_cookie4 != NULL) {
186 err = encap_detach(sc->encap_cookie4);
187 KASSERT(err == 0, ("Unexpected error detaching encap_cookie4"));
188 }
189 #endif
190 gif_clear_cache(sc);
191
192 bpfdetach(ifp);
193 if_detach(ifp);
194
195 kfree(sc, M_GIF);
196
197 return 0;
198 }
199
200 static void
201 gif_clear_cache(struct gif_softc *sc)
202 {
203 struct rtentry *rt;
204 int origcpu;
205 int n;
206
207 for (n = 0; n < ncpus; ++n) {
208 rt = sc->gif_ro[n].ro_rt;
209 /*
210 * Routes need to be cleaned up in their CPU so migrate
211 * to it and return to the original CPU after completion.
212 */
213 origcpu = mycpuid;
214 if (rt && rt->rt_cpuid != mycpuid)
215 lwkt_migratecpu(rt->rt_cpuid);
216 else
217 origcpu = -1;
218
219 if (sc->gif_ro[n].ro_rt) {
220 RTFREE(sc->gif_ro[n].ro_rt);
221 sc->gif_ro[n].ro_rt = NULL;
222 }
223 #ifdef INET6
224 if (sc->gif_ro6[n].ro_rt) {
225 RTFREE(sc->gif_ro6[n].ro_rt);
226 sc->gif_ro6[n].ro_rt = NULL;
227 }
228 #endif
229 if (origcpu >= 0)
230 lwkt_migratecpu(origcpu);
231 }
232 }
233
234 static int
235 gifmodevent(module_t mod, int type, void *data)
236 {
237
238 switch (type) {
239 case MOD_LOAD:
240 LIST_INIT(&gif_softc_list);
241 if_clone_attach(&gif_cloner);
242
243 #ifdef INET6
244 ip6_gif_hlim = GIF_HLIM;
245 #endif
246
247 break;
248 case MOD_UNLOAD:
249 if_clone_detach(&gif_cloner);
250
251 while (!LIST_EMPTY(&gif_softc_list))
252 gif_clone_destroy(&LIST_FIRST(&gif_softc_list)->gif_if);
253
254 #ifdef INET6
255 ip6_gif_hlim = 0;
256 #endif
257 break;
258 }
259 return 0;
260 }
261
262 static moduledata_t gif_mod = {
263 "if_gif",
264 gifmodevent,
265 0
266 };
267
268 DECLARE_MODULE(if_gif, gif_mod, SI_SUB_PSEUDO, SI_ORDER_ANY);
269
270 int
271 gif_encapcheck(const struct mbuf *m, int off, int proto, void *arg)
272 {
273 struct ip ip;
274 struct gif_softc *sc;
275
276 sc = (struct gif_softc *)arg;
277 if (sc == NULL)
278 return 0;
279
280 if ((sc->gif_if.if_flags & IFF_UP) == 0)
281 return 0;
282
283 /* no physical address */
284 if (!sc->gif_psrc || !sc->gif_pdst)
285 return 0;
286
287 switch (proto) {
288 #ifdef INET
289 case IPPROTO_IPV4:
290 break;
291 #endif
292 #ifdef INET6
293 case IPPROTO_IPV6:
294 break;
295 #endif
296 default:
297 return 0;
298 }
299
300 /* Bail on short packets */
301 if (m->m_pkthdr.len < sizeof(ip))
302 return 0;
303
304 m_copydata(m, 0, sizeof(ip), (caddr_t)&ip);
305
306 switch (ip.ip_v) {
307 #ifdef INET
308 case 4:
309 if (sc->gif_psrc->sa_family != AF_INET ||
310 sc->gif_pdst->sa_family != AF_INET)
311 return 0;
312 return gif_encapcheck4(m, off, proto, arg);
313 #endif
314 #ifdef INET6
315 case 6:
316 if (m->m_pkthdr.len < sizeof(struct ip6_hdr))
317 return 0;
318 if (sc->gif_psrc->sa_family != AF_INET6 ||
319 sc->gif_pdst->sa_family != AF_INET6)
320 return 0;
321 return gif_encapcheck6(m, off, proto, arg);
322 #endif
323 default:
324 return 0;
325 }
326 }
327
328 /*
329 * Parameters:
330 * rt: added in net2
331 */
332 static int
333 gif_output_serialized(struct ifnet *ifp, struct mbuf *m, struct sockaddr *dst,
334 struct rtentry *rt)
335 {
336 struct gif_softc *sc = (struct gif_softc*)ifp;
337 int error = 0;
338 static int called = 0; /* XXX: MUTEX */
339
340 /*
341 * gif may cause infinite recursion calls when misconfigured.
342 * We'll prevent this by introducing upper limit.
343 * XXX: this mechanism may introduce another problem about
344 * mutual exclusion of the variable CALLED, especially if we
345 * use kernel thread.
346 */
347 if (++called > max_gif_nesting) {
348 log(LOG_NOTICE,
349 "gif_output: recursively called too many times(%d)\n",
350 called);
351 m_freem(m);
352 error = EIO; /* is there better errno? */
353 goto end;
354 }
355
356 m->m_flags &= ~(M_BCAST|M_MCAST);
357 if (!(ifp->if_flags & IFF_UP) ||
358 sc->gif_psrc == NULL || sc->gif_pdst == NULL) {
359 m_freem(m);
360 error = ENETDOWN;
361 goto end;
362 }
363
364 if (ifp->if_bpf) {
365 bpf_gettoken();
366 if (ifp->if_bpf) {
367 /*
368 * We need to prepend the address family as
369 * a four byte field.
370 */
371 uint32_t af = dst->sa_family;
372
373 bpf_ptap(ifp->if_bpf, m, &af, sizeof(af));
374 }
375 bpf_reltoken();
376 }
377 IFNET_STAT_INC(ifp, opackets, 1);
378 IFNET_STAT_INC(ifp, obytes, m->m_pkthdr.len);
379
380 /* inner AF-specific encapsulation */
381
382 /* XXX should we check if our outer source is legal? */
383
384 /* dispatch to output logic based on outer AF */
385 switch (sc->gif_psrc->sa_family) {
386 #ifdef INET
387 case AF_INET:
388 error = in_gif_output(ifp, dst->sa_family, m);
389 break;
390 #endif
391 #ifdef INET6
392 case AF_INET6:
393 error = in6_gif_output(ifp, dst->sa_family, m);
394 break;
395 #endif
396 default:
397 m_freem(m);
398 error = ENETDOWN;
399 goto end;
400 }
401
402 end:
403 called = 0; /* reset recursion counter */
404 if (error)
405 IFNET_STAT_INC(ifp, oerrors, 1);
406 return error;
407 }
408
409 int
410 gif_output(struct ifnet *ifp, struct mbuf *m, struct sockaddr *dst,
411 struct rtentry *rt)
412 {
413 struct ifaltq_subque *ifsq = ifq_get_subq_default(&ifp->if_snd);
414 int error;
415
416 ifsq_serialize_hw(ifsq);
417 error = gif_output_serialized(ifp, m, dst, rt);
418 ifsq_deserialize_hw(ifsq);
419 return error;
420 }
421
422 void
423 gif_input(struct mbuf *m, int af, struct ifnet *ifp)
424 {
425 int isr;
426
427 if (ifp == NULL) {
428 /* just in case */
429 m_freem(m);
430 return;
431 }
432
433 m->m_pkthdr.rcvif = ifp;
434
435 if (ifp->if_bpf) {
436 bpf_gettoken();
437 if (ifp->if_bpf) {
438 /*
439 * We need to prepend the address family as
440 * a four byte field.
441 */
442 uint32_t af1 = af;
443
444 bpf_ptap(ifp->if_bpf, m, &af1, sizeof(af1));
445 }
446 bpf_reltoken();
447 }
448
449 /*
450 * Put the packet to the network layer input queue according to the
451 * specified address family.
452 * Note: older versions of gif_input directly called network layer
453 * input functions, e.g. ip6_input, here. We changed the policy to
454 * prevent too many recursive calls of such input functions, which
455 * might cause kernel panic. But the change may introduce another
456 * problem; if the input queue is full, packets are discarded.
457 * The kernel stack overflow really happened, and we believed
458 * queue-full rarely occurs, so we changed the policy.
459 */
460 switch (af) {
461 #ifdef INET
462 case AF_INET:
463 isr = NETISR_IP;
464 break;
465 #endif
466 #ifdef INET6
467 case AF_INET6:
468 isr = NETISR_IPV6;
469 break;
470 #endif
471 default:
472 m_freem(m);
473 return;
474 }
475
476 IFNET_STAT_INC(ifp, ipackets, 1);
477 IFNET_STAT_INC(ifp, ibytes, m->m_pkthdr.len);
478 m->m_flags &= ~M_HASH;
479 netisr_queue(isr, m);
480
481 return;
482 }
483
484 /* XXX how should we handle IPv6 scope on SIOC[GS]IFPHYADDR? */
485 int
486 gif_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data, struct ucred *cr)
487 {
488 struct gif_softc *sc = (struct gif_softc*)ifp;
489 struct ifreq *ifr = (struct ifreq*)data;
490 int error = 0, size;
491 struct sockaddr *dst, *src;
492 #ifdef SIOCSIFMTU /* xxx */
493 u_long mtu;
494 #endif
495
496 switch (cmd) {
497 case SIOCSIFADDR:
498 ifp->if_flags |= IFF_UP;
499 break;
500
501 case SIOCSIFDSTADDR:
502 break;
503
504 case SIOCADDMULTI:
505 case SIOCDELMULTI:
506 break;
507
508 #ifdef SIOCSIFMTU /* xxx */
509 case SIOCGIFMTU:
510 break;
511
512 case SIOCSIFMTU:
513 mtu = ifr->ifr_mtu;
514 if (mtu < GIF_MTU_MIN || mtu > GIF_MTU_MAX)
515 return (EINVAL);
516 ifp->if_mtu = mtu;
517 break;
518 #endif /* SIOCSIFMTU */
519
520 #ifdef INET
521 case SIOCSIFPHYADDR:
522 #endif
523 #ifdef INET6
524 case SIOCSIFPHYADDR_IN6:
525 #endif /* INET6 */
526 case SIOCSLIFPHYADDR:
527 switch (cmd) {
528 #ifdef INET
529 case SIOCSIFPHYADDR:
530 src = (struct sockaddr *)
531 &(((struct in_aliasreq *)data)->ifra_addr);
532 dst = (struct sockaddr *)
533 &(((struct in_aliasreq *)data)->ifra_dstaddr);
534 break;
535 #endif
536 #ifdef INET6
537 case SIOCSIFPHYADDR_IN6:
538 src = (struct sockaddr *)
539 &(((struct in6_aliasreq *)data)->ifra_addr);
540 dst = (struct sockaddr *)
541 &(((struct in6_aliasreq *)data)->ifra_dstaddr);
542 break;
543 #endif
544 case SIOCSLIFPHYADDR:
545 src = (struct sockaddr *)
546 &(((struct if_laddrreq *)data)->addr);
547 dst = (struct sockaddr *)
548 &(((struct if_laddrreq *)data)->dstaddr);
549 break;
550 default:
551 return EINVAL;
552 }
553
554 /* sa_family must be equal */
555 if (src->sa_family != dst->sa_family)
556 return EINVAL;
557
558 /* validate sa_len */
559 switch (src->sa_family) {
560 #ifdef INET
561 case AF_INET:
562 if (src->sa_len != sizeof(struct sockaddr_in))
563 return EINVAL;
564 break;
565 #endif
566 #ifdef INET6
567 case AF_INET6:
568 if (src->sa_len != sizeof(struct sockaddr_in6))
569 return EINVAL;
570 break;
571 #endif
572 default:
573 return EAFNOSUPPORT;
574 }
575 switch (dst->sa_family) {
576 #ifdef INET
577 case AF_INET:
578 if (dst->sa_len != sizeof(struct sockaddr_in))
579 return EINVAL;
580 break;
581 #endif
582 #ifdef INET6
583 case AF_INET6:
584 if (dst->sa_len != sizeof(struct sockaddr_in6))
585 return EINVAL;
586 break;
587 #endif
588 default:
589 return EAFNOSUPPORT;
590 }
591
592 /* check sa_family looks sane for the cmd */
593 switch (cmd) {
594 case SIOCSIFPHYADDR:
595 if (src->sa_family == AF_INET)
596 break;
597 return EAFNOSUPPORT;
598 #ifdef INET6
599 case SIOCSIFPHYADDR_IN6:
600 if (src->sa_family == AF_INET6)
601 break;
602 return EAFNOSUPPORT;
603 #endif /* INET6 */
604 case SIOCSLIFPHYADDR:
605 /* checks done in the above */
606 break;
607 }
608
609 error = gif_set_tunnel(&sc->gif_if, src, dst);
610 break;
611
612 #ifdef SIOCDIFPHYADDR
613 case SIOCDIFPHYADDR:
614 gif_delete_tunnel(&sc->gif_if);
615 break;
616 #endif
617
618 case SIOCGIFPSRCADDR:
619 #ifdef INET6
620 case SIOCGIFPSRCADDR_IN6:
621 #endif /* INET6 */
622 if (sc->gif_psrc == NULL) {
623 error = EADDRNOTAVAIL;
624 goto bad;
625 }
626 src = sc->gif_psrc;
627 switch (cmd) {
628 #ifdef INET
629 case SIOCGIFPSRCADDR:
630 dst = &ifr->ifr_addr;
631 size = sizeof(ifr->ifr_addr);
632 break;
633 #endif /* INET */
634 #ifdef INET6
635 case SIOCGIFPSRCADDR_IN6:
636 dst = (struct sockaddr *)
637 &(((struct in6_ifreq *)data)->ifr_addr);
638 size = sizeof(((struct in6_ifreq *)data)->ifr_addr);
639 break;
640 #endif /* INET6 */
641 default:
642 error = EADDRNOTAVAIL;
643 goto bad;
644 }
645 if (src->sa_len > size)
646 return EINVAL;
647 bcopy((caddr_t)src, (caddr_t)dst, src->sa_len);
648 break;
649
650 case SIOCGIFPDSTADDR:
651 #ifdef INET6
652 case SIOCGIFPDSTADDR_IN6:
653 #endif /* INET6 */
654 if (sc->gif_pdst == NULL) {
655 error = EADDRNOTAVAIL;
656 goto bad;
657 }
658 src = sc->gif_pdst;
659 switch (cmd) {
660 #ifdef INET
661 case SIOCGIFPDSTADDR:
662 dst = &ifr->ifr_addr;
663 size = sizeof(ifr->ifr_addr);
664 break;
665 #endif /* INET */
666 #ifdef INET6
667 case SIOCGIFPDSTADDR_IN6:
668 dst = (struct sockaddr *)
669 &(((struct in6_ifreq *)data)->ifr_addr);
670 size = sizeof(((struct in6_ifreq *)data)->ifr_addr);
671 break;
672 #endif /* INET6 */
673 default:
674 error = EADDRNOTAVAIL;
675 goto bad;
676 }
677 if (src->sa_len > size)
678 return EINVAL;
679 bcopy((caddr_t)src, (caddr_t)dst, src->sa_len);
680 break;
681
682 case SIOCGLIFPHYADDR:
683 if (sc->gif_psrc == NULL || sc->gif_pdst == NULL) {
684 error = EADDRNOTAVAIL;
685 goto bad;
686 }
687
688 /* copy src */
689 src = sc->gif_psrc;
690 dst = (struct sockaddr *)
691 &(((struct if_laddrreq *)data)->addr);
692 size = sizeof(((struct if_laddrreq *)data)->addr);
693 if (src->sa_len > size)
694 return EINVAL;
695 bcopy((caddr_t)src, (caddr_t)dst, src->sa_len);
696
697 /* copy dst */
698 src = sc->gif_pdst;
699 dst = (struct sockaddr *)
700 &(((struct if_laddrreq *)data)->dstaddr);
701 size = sizeof(((struct if_laddrreq *)data)->dstaddr);
702 if (src->sa_len > size)
703 return EINVAL;
704 bcopy((caddr_t)src, (caddr_t)dst, src->sa_len);
705 break;
706
707 case SIOCSIFFLAGS:
708 /* if_ioctl() takes care of it */
709 break;
710
711 default:
712 error = EINVAL;
713 break;
714 }
715 bad:
716 return error;
717 }
718
719 int
720 gif_set_tunnel(struct ifnet *ifp, struct sockaddr *src, struct sockaddr *dst)
721 {
722 struct gif_softc *sc = (struct gif_softc *)ifp;
723 struct gif_softc *sc2;
724 struct sockaddr *osrc, *odst, *sa;
725 int error = 0;
726
727 crit_enter();
728
729 LIST_FOREACH(sc2, &gif_softc_list, gif_list) {
730 if (sc2 == sc)
731 continue;
732 if (!sc2->gif_pdst || !sc2->gif_psrc)
733 continue;
734 if (sc2->gif_pdst->sa_family != dst->sa_family ||
735 sc2->gif_pdst->sa_len != dst->sa_len ||
736 sc2->gif_psrc->sa_family != src->sa_family ||
737 sc2->gif_psrc->sa_len != src->sa_len)
738 continue;
739
740 /*
741 * Disallow parallel tunnels unless instructed
742 * otherwise.
743 */
744 if (!parallel_tunnels &&
745 bcmp(sc2->gif_pdst, dst, dst->sa_len) == 0 &&
746 bcmp(sc2->gif_psrc, src, src->sa_len) == 0) {
747 error = EADDRNOTAVAIL;
748 goto bad;
749 }
750
751 /* XXX both end must be valid? (I mean, not 0.0.0.0) */
752 }
753
754 /* XXX we can detach from both, but be polite just in case */
755 if (sc->gif_psrc) {
756 switch (sc->gif_psrc->sa_family) {
757 #ifdef INET
758 case AF_INET:
759 in_gif_detach(sc);
760 break;
761 #endif
762 #ifdef INET6
763 case AF_INET6:
764 in6_gif_detach(sc);
765 break;
766 #endif
767 }
768 gif_clear_cache(sc);
769 }
770
771 osrc = sc->gif_psrc;
772 sa = (struct sockaddr *)kmalloc(src->sa_len, M_IFADDR, M_WAITOK);
773 bcopy((caddr_t)src, (caddr_t)sa, src->sa_len);
774 sc->gif_psrc = sa;
775
776 odst = sc->gif_pdst;
777 sa = (struct sockaddr *)kmalloc(dst->sa_len, M_IFADDR, M_WAITOK);
778 bcopy((caddr_t)dst, (caddr_t)sa, dst->sa_len);
779 sc->gif_pdst = sa;
780
781 switch (sc->gif_psrc->sa_family) {
782 #ifdef INET
783 case AF_INET:
784 error = in_gif_attach(sc);
785 break;
786 #endif
787 #ifdef INET6
788 case AF_INET6:
789 error = in6_gif_attach(sc);
790 break;
791 #endif
792 }
793 if (error) {
794 /* rollback */
795 kfree((caddr_t)sc->gif_psrc, M_IFADDR);
796 kfree((caddr_t)sc->gif_pdst, M_IFADDR);
797 sc->gif_psrc = osrc;
798 sc->gif_pdst = odst;
799 goto bad;
800 }
801
802 if (osrc)
803 kfree((caddr_t)osrc, M_IFADDR);
804 if (odst)
805 kfree((caddr_t)odst, M_IFADDR);
806
807 if (sc->gif_psrc && sc->gif_pdst)
808 ifp->if_flags |= IFF_RUNNING;
809 else
810 ifp->if_flags &= ~IFF_RUNNING;
811 crit_exit();
812
813 return 0;
814
815 bad:
816 if (sc->gif_psrc && sc->gif_pdst)
817 ifp->if_flags |= IFF_RUNNING;
818 else
819 ifp->if_flags &= ~IFF_RUNNING;
820 crit_exit();
821
822 return error;
823 }
824
825 void
826 gif_delete_tunnel(struct ifnet *ifp)
827 {
828 struct gif_softc *sc = (struct gif_softc *)ifp;
829
830 crit_enter();
831
832 if (sc->gif_psrc) {
833 kfree((caddr_t)sc->gif_psrc, M_IFADDR);
834 sc->gif_psrc = NULL;
835 }
836 if (sc->gif_pdst) {
837 kfree((caddr_t)sc->gif_pdst, M_IFADDR);
838 sc->gif_pdst = NULL;
839 }
840 /* it is safe to detach from both */
841 #ifdef INET
842 in_gif_detach(sc);
843 #endif
844 #ifdef INET6
845 in6_gif_detach(sc);
846 #endif
847 gif_clear_cache(sc);
848
849 if (sc->gif_psrc && sc->gif_pdst)
850 ifp->if_flags |= IFF_RUNNING;
851 else
852 ifp->if_flags &= ~IFF_RUNNING;
853 crit_exit();
854 }
DragonFly BSD