net/l2tp: add support for L2TP over IPv6 UDP
Now that encap_rcv() works on IPv6 UDP sockets, wire L2TP up to IPv6. Support has been tested with and without hardware offloading. This version fixes the L2TP over localhost issue with incorrect checksums being reported. Signed-off-by: Benjamin LaHaise <bcrl@kvack.org> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
parent
d7f3f62167
commit
d2cf336167
4 changed files with 156 additions and 13 deletions
|
@ -19,10 +19,11 @@
|
||||||
|
|
||||||
#ifdef __KERNEL__
|
#ifdef __KERNEL__
|
||||||
#include <linux/in.h>
|
#include <linux/in.h>
|
||||||
|
#include <linux/in6.h>
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
/* Structure used to connect() the socket to a particular tunnel UDP
|
/* Structure used to connect() the socket to a particular tunnel UDP
|
||||||
* socket.
|
* socket over IPv4.
|
||||||
*/
|
*/
|
||||||
struct pppol2tp_addr {
|
struct pppol2tp_addr {
|
||||||
__kernel_pid_t pid; /* pid that owns the fd.
|
__kernel_pid_t pid; /* pid that owns the fd.
|
||||||
|
@ -35,6 +36,20 @@ struct pppol2tp_addr {
|
||||||
__u16 d_tunnel, d_session; /* For sending outgoing packets */
|
__u16 d_tunnel, d_session; /* For sending outgoing packets */
|
||||||
};
|
};
|
||||||
|
|
||||||
|
/* Structure used to connect() the socket to a particular tunnel UDP
|
||||||
|
* socket over IPv6.
|
||||||
|
*/
|
||||||
|
struct pppol2tpin6_addr {
|
||||||
|
__kernel_pid_t pid; /* pid that owns the fd.
|
||||||
|
* 0 => current */
|
||||||
|
int fd; /* FD of UDP socket to use */
|
||||||
|
|
||||||
|
__u16 s_tunnel, s_session; /* For matching incoming packets */
|
||||||
|
__u16 d_tunnel, d_session; /* For sending outgoing packets */
|
||||||
|
|
||||||
|
struct sockaddr_in6 addr; /* IP address and port to send to */
|
||||||
|
};
|
||||||
|
|
||||||
/* The L2TPv3 protocol changes tunnel and session ids from 16 to 32
|
/* The L2TPv3 protocol changes tunnel and session ids from 16 to 32
|
||||||
* bits. So we need a different sockaddr structure.
|
* bits. So we need a different sockaddr structure.
|
||||||
*/
|
*/
|
||||||
|
@ -49,6 +64,17 @@ struct pppol2tpv3_addr {
|
||||||
__u32 d_tunnel, d_session; /* For sending outgoing packets */
|
__u32 d_tunnel, d_session; /* For sending outgoing packets */
|
||||||
};
|
};
|
||||||
|
|
||||||
|
struct pppol2tpv3in6_addr {
|
||||||
|
__kernel_pid_t pid; /* pid that owns the fd.
|
||||||
|
* 0 => current */
|
||||||
|
int fd; /* FD of UDP or IP socket to use */
|
||||||
|
|
||||||
|
__u32 s_tunnel, s_session; /* For matching incoming packets */
|
||||||
|
__u32 d_tunnel, d_session; /* For sending outgoing packets */
|
||||||
|
|
||||||
|
struct sockaddr_in6 addr; /* IP address and port to send to */
|
||||||
|
};
|
||||||
|
|
||||||
/* Socket options:
|
/* Socket options:
|
||||||
* DEBUG - bitmask of debug message categories
|
* DEBUG - bitmask of debug message categories
|
||||||
* SENDSEQ - 0 => don't send packets with sequence numbers
|
* SENDSEQ - 0 => don't send packets with sequence numbers
|
||||||
|
|
|
@ -83,6 +83,12 @@ struct sockaddr_pppol2tp {
|
||||||
struct pppol2tp_addr pppol2tp;
|
struct pppol2tp_addr pppol2tp;
|
||||||
} __attribute__((packed));
|
} __attribute__((packed));
|
||||||
|
|
||||||
|
struct sockaddr_pppol2tpin6 {
|
||||||
|
__kernel_sa_family_t sa_family; /* address family, AF_PPPOX */
|
||||||
|
unsigned int sa_protocol; /* protocol identifier */
|
||||||
|
struct pppol2tpin6_addr pppol2tp;
|
||||||
|
} __attribute__((packed));
|
||||||
|
|
||||||
/* The L2TPv3 protocol changes tunnel and session ids from 16 to 32
|
/* The L2TPv3 protocol changes tunnel and session ids from 16 to 32
|
||||||
* bits. So we need a different sockaddr structure.
|
* bits. So we need a different sockaddr structure.
|
||||||
*/
|
*/
|
||||||
|
@ -92,6 +98,12 @@ struct sockaddr_pppol2tpv3 {
|
||||||
struct pppol2tpv3_addr pppol2tp;
|
struct pppol2tpv3_addr pppol2tp;
|
||||||
} __attribute__((packed));
|
} __attribute__((packed));
|
||||||
|
|
||||||
|
struct sockaddr_pppol2tpv3in6 {
|
||||||
|
__kernel_sa_family_t sa_family; /* address family, AF_PPPOX */
|
||||||
|
unsigned int sa_protocol; /* protocol identifier */
|
||||||
|
struct pppol2tpv3in6_addr pppol2tp;
|
||||||
|
} __attribute__((packed));
|
||||||
|
|
||||||
/*********************************************************************
|
/*********************************************************************
|
||||||
*
|
*
|
||||||
* ioctl interface for defining forwarding of connections
|
* ioctl interface for defining forwarding of connections
|
||||||
|
|
|
@ -53,6 +53,9 @@
|
||||||
#include <net/inet_common.h>
|
#include <net/inet_common.h>
|
||||||
#include <net/xfrm.h>
|
#include <net/xfrm.h>
|
||||||
#include <net/protocol.h>
|
#include <net/protocol.h>
|
||||||
|
#include <net/inet6_connection_sock.h>
|
||||||
|
#include <net/inet_ecn.h>
|
||||||
|
#include <net/ip6_route.h>
|
||||||
|
|
||||||
#include <asm/byteorder.h>
|
#include <asm/byteorder.h>
|
||||||
#include <linux/atomic.h>
|
#include <linux/atomic.h>
|
||||||
|
@ -446,21 +449,43 @@ static inline int l2tp_verify_udp_checksum(struct sock *sk,
|
||||||
{
|
{
|
||||||
struct udphdr *uh = udp_hdr(skb);
|
struct udphdr *uh = udp_hdr(skb);
|
||||||
u16 ulen = ntohs(uh->len);
|
u16 ulen = ntohs(uh->len);
|
||||||
struct inet_sock *inet;
|
|
||||||
__wsum psum;
|
__wsum psum;
|
||||||
|
|
||||||
if (sk->sk_no_check || skb_csum_unnecessary(skb) || !uh->check)
|
if (sk->sk_no_check || skb_csum_unnecessary(skb))
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
inet = inet_sk(sk);
|
#if IS_ENABLED(CONFIG_IPV6)
|
||||||
psum = csum_tcpudp_nofold(inet->inet_saddr, inet->inet_daddr, ulen,
|
if (sk->sk_family == PF_INET6) {
|
||||||
IPPROTO_UDP, 0);
|
if (!uh->check) {
|
||||||
|
LIMIT_NETDEBUG(KERN_INFO "L2TP: IPv6: checksum is 0\n");
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
if ((skb->ip_summed == CHECKSUM_COMPLETE) &&
|
||||||
|
!csum_ipv6_magic(&ipv6_hdr(skb)->saddr,
|
||||||
|
&ipv6_hdr(skb)->daddr, ulen,
|
||||||
|
IPPROTO_UDP, skb->csum)) {
|
||||||
|
skb->ip_summed = CHECKSUM_UNNECESSARY;
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
skb->csum = ~csum_unfold(csum_ipv6_magic(&ipv6_hdr(skb)->saddr,
|
||||||
|
&ipv6_hdr(skb)->daddr,
|
||||||
|
skb->len, IPPROTO_UDP,
|
||||||
|
0));
|
||||||
|
} else
|
||||||
|
#endif
|
||||||
|
{
|
||||||
|
struct inet_sock *inet;
|
||||||
|
if (!uh->check)
|
||||||
|
return 0;
|
||||||
|
inet = inet_sk(sk);
|
||||||
|
psum = csum_tcpudp_nofold(inet->inet_saddr, inet->inet_daddr,
|
||||||
|
ulen, IPPROTO_UDP, 0);
|
||||||
|
|
||||||
if ((skb->ip_summed == CHECKSUM_COMPLETE) &&
|
if ((skb->ip_summed == CHECKSUM_COMPLETE) &&
|
||||||
!csum_fold(csum_add(psum, skb->csum)))
|
!csum_fold(csum_add(psum, skb->csum)))
|
||||||
return 0;
|
return 0;
|
||||||
|
skb->csum = psum;
|
||||||
skb->csum = psum;
|
}
|
||||||
|
|
||||||
return __skb_checksum_complete(skb);
|
return __skb_checksum_complete(skb);
|
||||||
}
|
}
|
||||||
|
@ -988,7 +1013,12 @@ static int l2tp_xmit_core(struct l2tp_session *session, struct sk_buff *skb,
|
||||||
|
|
||||||
/* Queue the packet to IP for output */
|
/* Queue the packet to IP for output */
|
||||||
skb->local_df = 1;
|
skb->local_df = 1;
|
||||||
error = ip_queue_xmit(skb, fl);
|
#if IS_ENABLED(CONFIG_IPV6)
|
||||||
|
if (skb->sk->sk_family == PF_INET6)
|
||||||
|
error = inet6_csk_xmit(skb, NULL);
|
||||||
|
else
|
||||||
|
#endif
|
||||||
|
error = ip_queue_xmit(skb, fl);
|
||||||
|
|
||||||
/* Update stats */
|
/* Update stats */
|
||||||
if (error >= 0) {
|
if (error >= 0) {
|
||||||
|
@ -1021,6 +1051,31 @@ static inline void l2tp_skb_set_owner_w(struct sk_buff *skb, struct sock *sk)
|
||||||
skb->destructor = l2tp_sock_wfree;
|
skb->destructor = l2tp_sock_wfree;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#if IS_ENABLED(CONFIG_IPV6)
|
||||||
|
static void l2tp_xmit_ipv6_csum(struct sock *sk, struct sk_buff *skb,
|
||||||
|
int udp_len)
|
||||||
|
{
|
||||||
|
struct ipv6_pinfo *np = inet6_sk(sk);
|
||||||
|
struct udphdr *uh = udp_hdr(skb);
|
||||||
|
|
||||||
|
if (!skb_dst(skb) || !skb_dst(skb)->dev ||
|
||||||
|
!(skb_dst(skb)->dev->features & NETIF_F_IPV6_CSUM)) {
|
||||||
|
__wsum csum = skb_checksum(skb, 0, udp_len, 0);
|
||||||
|
skb->ip_summed = CHECKSUM_UNNECESSARY;
|
||||||
|
uh->check = csum_ipv6_magic(&np->saddr, &np->daddr, udp_len,
|
||||||
|
IPPROTO_UDP, csum);
|
||||||
|
if (uh->check == 0)
|
||||||
|
uh->check = CSUM_MANGLED_0;
|
||||||
|
} else {
|
||||||
|
skb->ip_summed = CHECKSUM_PARTIAL;
|
||||||
|
skb->csum_start = skb_transport_header(skb) - skb->head;
|
||||||
|
skb->csum_offset = offsetof(struct udphdr, check);
|
||||||
|
uh->check = ~csum_ipv6_magic(&np->saddr, &np->daddr,
|
||||||
|
udp_len, IPPROTO_UDP, 0);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
/* If caller requires the skb to have a ppp header, the header must be
|
/* If caller requires the skb to have a ppp header, the header must be
|
||||||
* inserted in the skb data before calling this function.
|
* inserted in the skb data before calling this function.
|
||||||
*/
|
*/
|
||||||
|
@ -1089,6 +1144,11 @@ int l2tp_xmit_skb(struct l2tp_session *session, struct sk_buff *skb, int hdr_len
|
||||||
uh->check = 0;
|
uh->check = 0;
|
||||||
|
|
||||||
/* Calculate UDP checksum if configured to do so */
|
/* Calculate UDP checksum if configured to do so */
|
||||||
|
#if IS_ENABLED(CONFIG_IPV6)
|
||||||
|
if (sk->sk_family == PF_INET6)
|
||||||
|
l2tp_xmit_ipv6_csum(sk, skb, udp_len);
|
||||||
|
else
|
||||||
|
#endif
|
||||||
if (sk->sk_no_check == UDP_CSUM_NOXMIT)
|
if (sk->sk_no_check == UDP_CSUM_NOXMIT)
|
||||||
skb->ip_summed = CHECKSUM_NONE;
|
skb->ip_summed = CHECKSUM_NONE;
|
||||||
else if ((skb_dst(skb) && skb_dst(skb)->dev) &&
|
else if ((skb_dst(skb) && skb_dst(skb)->dev) &&
|
||||||
|
@ -1424,6 +1484,11 @@ int l2tp_tunnel_create(struct net *net, int fd, int version, u32 tunnel_id, u32
|
||||||
/* Mark socket as an encapsulation socket. See net/ipv4/udp.c */
|
/* Mark socket as an encapsulation socket. See net/ipv4/udp.c */
|
||||||
udp_sk(sk)->encap_type = UDP_ENCAP_L2TPINUDP;
|
udp_sk(sk)->encap_type = UDP_ENCAP_L2TPINUDP;
|
||||||
udp_sk(sk)->encap_rcv = l2tp_udp_encap_recv;
|
udp_sk(sk)->encap_rcv = l2tp_udp_encap_recv;
|
||||||
|
#if IS_ENABLED(CONFIG_IPV6)
|
||||||
|
if (sk->sk_family == PF_INET6)
|
||||||
|
udpv6_encap_enable();
|
||||||
|
else
|
||||||
|
#endif
|
||||||
udp_encap_enable();
|
udp_encap_enable();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -916,7 +916,7 @@ static int pppol2tp_getname(struct socket *sock, struct sockaddr *uaddr,
|
||||||
}
|
}
|
||||||
|
|
||||||
inet = inet_sk(tunnel->sock);
|
inet = inet_sk(tunnel->sock);
|
||||||
if (tunnel->version == 2) {
|
if ((tunnel->version == 2) && (tunnel->sock->sk_family == AF_INET)) {
|
||||||
struct sockaddr_pppol2tp sp;
|
struct sockaddr_pppol2tp sp;
|
||||||
len = sizeof(sp);
|
len = sizeof(sp);
|
||||||
memset(&sp, 0, len);
|
memset(&sp, 0, len);
|
||||||
|
@ -932,6 +932,46 @@ static int pppol2tp_getname(struct socket *sock, struct sockaddr *uaddr,
|
||||||
sp.pppol2tp.addr.sin_port = inet->inet_dport;
|
sp.pppol2tp.addr.sin_port = inet->inet_dport;
|
||||||
sp.pppol2tp.addr.sin_addr.s_addr = inet->inet_daddr;
|
sp.pppol2tp.addr.sin_addr.s_addr = inet->inet_daddr;
|
||||||
memcpy(uaddr, &sp, len);
|
memcpy(uaddr, &sp, len);
|
||||||
|
#if IS_ENABLED(CONFIG_IPV6)
|
||||||
|
} else if ((tunnel->version == 2) &&
|
||||||
|
(tunnel->sock->sk_family == AF_INET6)) {
|
||||||
|
struct ipv6_pinfo *np = inet6_sk(tunnel->sock);
|
||||||
|
struct sockaddr_pppol2tpin6 sp;
|
||||||
|
len = sizeof(sp);
|
||||||
|
memset(&sp, 0, len);
|
||||||
|
sp.sa_family = AF_PPPOX;
|
||||||
|
sp.sa_protocol = PX_PROTO_OL2TP;
|
||||||
|
sp.pppol2tp.fd = tunnel->fd;
|
||||||
|
sp.pppol2tp.pid = pls->owner;
|
||||||
|
sp.pppol2tp.s_tunnel = tunnel->tunnel_id;
|
||||||
|
sp.pppol2tp.d_tunnel = tunnel->peer_tunnel_id;
|
||||||
|
sp.pppol2tp.s_session = session->session_id;
|
||||||
|
sp.pppol2tp.d_session = session->peer_session_id;
|
||||||
|
sp.pppol2tp.addr.sin6_family = AF_INET6;
|
||||||
|
sp.pppol2tp.addr.sin6_port = inet->inet_dport;
|
||||||
|
memcpy(&sp.pppol2tp.addr.sin6_addr, &np->daddr,
|
||||||
|
sizeof(np->daddr));
|
||||||
|
memcpy(uaddr, &sp, len);
|
||||||
|
} else if ((tunnel->version == 3) &&
|
||||||
|
(tunnel->sock->sk_family == AF_INET6)) {
|
||||||
|
struct ipv6_pinfo *np = inet6_sk(tunnel->sock);
|
||||||
|
struct sockaddr_pppol2tpv3in6 sp;
|
||||||
|
len = sizeof(sp);
|
||||||
|
memset(&sp, 0, len);
|
||||||
|
sp.sa_family = AF_PPPOX;
|
||||||
|
sp.sa_protocol = PX_PROTO_OL2TP;
|
||||||
|
sp.pppol2tp.fd = tunnel->fd;
|
||||||
|
sp.pppol2tp.pid = pls->owner;
|
||||||
|
sp.pppol2tp.s_tunnel = tunnel->tunnel_id;
|
||||||
|
sp.pppol2tp.d_tunnel = tunnel->peer_tunnel_id;
|
||||||
|
sp.pppol2tp.s_session = session->session_id;
|
||||||
|
sp.pppol2tp.d_session = session->peer_session_id;
|
||||||
|
sp.pppol2tp.addr.sin6_family = AF_INET6;
|
||||||
|
sp.pppol2tp.addr.sin6_port = inet->inet_dport;
|
||||||
|
memcpy(&sp.pppol2tp.addr.sin6_addr, &np->daddr,
|
||||||
|
sizeof(np->daddr));
|
||||||
|
memcpy(uaddr, &sp, len);
|
||||||
|
#endif
|
||||||
} else if (tunnel->version == 3) {
|
} else if (tunnel->version == 3) {
|
||||||
struct sockaddr_pppol2tpv3 sp;
|
struct sockaddr_pppol2tpv3 sp;
|
||||||
len = sizeof(sp);
|
len = sizeof(sp);
|
||||||
|
|
Loading…
Reference in a new issue