This source file includes following definitions.
- vti_input
- vti_input_proto
- vti_rcv
- vti_rcv_proto
- vti_rcv_tunnel
- vti_rcv_cb
- vti_state_check
- vti_xmit
- vti_tunnel_xmit
- vti4_err
- vti_tunnel_ioctl
- vti_tunnel_setup
- vti_tunnel_init
- vti_fb_tunnel_init
- vti_init_net
- vti_exit_batch_net
- vti_tunnel_validate
- vti_netlink_parms
- vti_newlink
- vti_changelink
- vti_get_size
- vti_fill_info
- vti_init
- vti_fini
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 #include <linux/capability.h>
18 #include <linux/module.h>
19 #include <linux/types.h>
20 #include <linux/kernel.h>
21 #include <linux/uaccess.h>
22 #include <linux/skbuff.h>
23 #include <linux/netdevice.h>
24 #include <linux/in.h>
25 #include <linux/tcp.h>
26 #include <linux/udp.h>
27 #include <linux/if_arp.h>
28 #include <linux/init.h>
29 #include <linux/netfilter_ipv4.h>
30 #include <linux/if_ether.h>
31 #include <linux/icmpv6.h>
32
33 #include <net/sock.h>
34 #include <net/ip.h>
35 #include <net/icmp.h>
36 #include <net/ip_tunnels.h>
37 #include <net/inet_ecn.h>
38 #include <net/xfrm.h>
39 #include <net/net_namespace.h>
40 #include <net/netns/generic.h>
41
42 static struct rtnl_link_ops vti_link_ops __read_mostly;
43
44 static unsigned int vti_net_id __read_mostly;
45 static int vti_tunnel_init(struct net_device *dev);
46
47 static int vti_input(struct sk_buff *skb, int nexthdr, __be32 spi,
48 int encap_type, bool update_skb_dev)
49 {
50 struct ip_tunnel *tunnel;
51 const struct iphdr *iph = ip_hdr(skb);
52 struct net *net = dev_net(skb->dev);
53 struct ip_tunnel_net *itn = net_generic(net, vti_net_id);
54
55 tunnel = ip_tunnel_lookup(itn, skb->dev->ifindex, TUNNEL_NO_KEY,
56 iph->saddr, iph->daddr, 0);
57 if (tunnel) {
58 if (!xfrm4_policy_check(NULL, XFRM_POLICY_IN, skb))
59 goto drop;
60
61 XFRM_TUNNEL_SKB_CB(skb)->tunnel.ip4 = tunnel;
62
63 if (update_skb_dev)
64 skb->dev = tunnel->dev;
65
66 return xfrm_input(skb, nexthdr, spi, encap_type);
67 }
68
69 return -EINVAL;
70 drop:
71 kfree_skb(skb);
72 return 0;
73 }
74
75 static int vti_input_proto(struct sk_buff *skb, int nexthdr, __be32 spi,
76 int encap_type)
77 {
78 return vti_input(skb, nexthdr, spi, encap_type, false);
79 }
80
81 static int vti_rcv(struct sk_buff *skb, __be32 spi, bool update_skb_dev)
82 {
83 XFRM_SPI_SKB_CB(skb)->family = AF_INET;
84 XFRM_SPI_SKB_CB(skb)->daddroff = offsetof(struct iphdr, daddr);
85
86 return vti_input(skb, ip_hdr(skb)->protocol, spi, 0, update_skb_dev);
87 }
88
89 static int vti_rcv_proto(struct sk_buff *skb)
90 {
91 return vti_rcv(skb, 0, false);
92 }
93
94 static int vti_rcv_tunnel(struct sk_buff *skb)
95 {
96 struct ip_tunnel_net *itn = net_generic(dev_net(skb->dev), vti_net_id);
97 const struct iphdr *iph = ip_hdr(skb);
98 struct ip_tunnel *tunnel;
99
100 tunnel = ip_tunnel_lookup(itn, skb->dev->ifindex, TUNNEL_NO_KEY,
101 iph->saddr, iph->daddr, 0);
102 if (tunnel) {
103 struct tnl_ptk_info tpi = {
104 .proto = htons(ETH_P_IP),
105 };
106
107 if (!xfrm4_policy_check(NULL, XFRM_POLICY_IN, skb))
108 goto drop;
109 if (iptunnel_pull_header(skb, 0, tpi.proto, false))
110 goto drop;
111 return ip_tunnel_rcv(tunnel, skb, &tpi, NULL, false);
112 }
113
114 return -EINVAL;
115 drop:
116 kfree_skb(skb);
117 return 0;
118 }
119
120 static int vti_rcv_cb(struct sk_buff *skb, int err)
121 {
122 unsigned short family;
123 struct net_device *dev;
124 struct pcpu_sw_netstats *tstats;
125 struct xfrm_state *x;
126 const struct xfrm_mode *inner_mode;
127 struct ip_tunnel *tunnel = XFRM_TUNNEL_SKB_CB(skb)->tunnel.ip4;
128 u32 orig_mark = skb->mark;
129 int ret;
130
131 if (!tunnel)
132 return 1;
133
134 dev = tunnel->dev;
135
136 if (err) {
137 dev->stats.rx_errors++;
138 dev->stats.rx_dropped++;
139
140 return 0;
141 }
142
143 x = xfrm_input_state(skb);
144
145 inner_mode = &x->inner_mode;
146
147 if (x->sel.family == AF_UNSPEC) {
148 inner_mode = xfrm_ip2inner_mode(x, XFRM_MODE_SKB_CB(skb)->protocol);
149 if (inner_mode == NULL) {
150 XFRM_INC_STATS(dev_net(skb->dev),
151 LINUX_MIB_XFRMINSTATEMODEERROR);
152 return -EINVAL;
153 }
154 }
155
156 family = inner_mode->family;
157
158 skb->mark = be32_to_cpu(tunnel->parms.i_key);
159 ret = xfrm_policy_check(NULL, XFRM_POLICY_IN, skb, family);
160 skb->mark = orig_mark;
161
162 if (!ret)
163 return -EPERM;
164
165 skb_scrub_packet(skb, !net_eq(tunnel->net, dev_net(skb->dev)));
166 skb->dev = dev;
167
168 tstats = this_cpu_ptr(dev->tstats);
169
170 u64_stats_update_begin(&tstats->syncp);
171 tstats->rx_packets++;
172 tstats->rx_bytes += skb->len;
173 u64_stats_update_end(&tstats->syncp);
174
175 return 0;
176 }
177
178 static bool vti_state_check(const struct xfrm_state *x, __be32 dst, __be32 src)
179 {
180 xfrm_address_t *daddr = (xfrm_address_t *)&dst;
181 xfrm_address_t *saddr = (xfrm_address_t *)&src;
182
183
184
185
186 if (!x || x->props.mode != XFRM_MODE_TUNNEL ||
187 x->props.family != AF_INET)
188 return false;
189
190 if (!dst)
191 return xfrm_addr_equal(saddr, &x->props.saddr, AF_INET);
192
193 if (!xfrm_state_addr_check(x, daddr, saddr, AF_INET))
194 return false;
195
196 return true;
197 }
198
199 static netdev_tx_t vti_xmit(struct sk_buff *skb, struct net_device *dev,
200 struct flowi *fl)
201 {
202 struct ip_tunnel *tunnel = netdev_priv(dev);
203 struct ip_tunnel_parm *parms = &tunnel->parms;
204 struct dst_entry *dst = skb_dst(skb);
205 struct net_device *tdev;
206 int pkt_len = skb->len;
207 int err;
208 int mtu;
209
210 if (!dst) {
211 switch (skb->protocol) {
212 case htons(ETH_P_IP): {
213 struct rtable *rt;
214
215 fl->u.ip4.flowi4_oif = dev->ifindex;
216 fl->u.ip4.flowi4_flags |= FLOWI_FLAG_ANYSRC;
217 rt = __ip_route_output_key(dev_net(dev), &fl->u.ip4);
218 if (IS_ERR(rt)) {
219 dev->stats.tx_carrier_errors++;
220 goto tx_error_icmp;
221 }
222 dst = &rt->dst;
223 skb_dst_set(skb, dst);
224 break;
225 }
226 #if IS_ENABLED(CONFIG_IPV6)
227 case htons(ETH_P_IPV6):
228 fl->u.ip6.flowi6_oif = dev->ifindex;
229 fl->u.ip6.flowi6_flags |= FLOWI_FLAG_ANYSRC;
230 dst = ip6_route_output(dev_net(dev), NULL, &fl->u.ip6);
231 if (dst->error) {
232 dst_release(dst);
233 dst = NULL;
234 dev->stats.tx_carrier_errors++;
235 goto tx_error_icmp;
236 }
237 skb_dst_set(skb, dst);
238 break;
239 #endif
240 default:
241 dev->stats.tx_carrier_errors++;
242 goto tx_error_icmp;
243 }
244 }
245
246 dst_hold(dst);
247 dst = xfrm_lookup(tunnel->net, dst, fl, NULL, 0);
248 if (IS_ERR(dst)) {
249 dev->stats.tx_carrier_errors++;
250 goto tx_error_icmp;
251 }
252
253 if (!vti_state_check(dst->xfrm, parms->iph.daddr, parms->iph.saddr)) {
254 dev->stats.tx_carrier_errors++;
255 dst_release(dst);
256 goto tx_error_icmp;
257 }
258
259 tdev = dst->dev;
260
261 if (tdev == dev) {
262 dst_release(dst);
263 dev->stats.collisions++;
264 goto tx_error;
265 }
266
267 mtu = dst_mtu(dst);
268 if (skb->len > mtu) {
269 skb_dst_update_pmtu_no_confirm(skb, mtu);
270 if (skb->protocol == htons(ETH_P_IP)) {
271 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED,
272 htonl(mtu));
273 } else {
274 if (mtu < IPV6_MIN_MTU)
275 mtu = IPV6_MIN_MTU;
276
277 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu);
278 }
279
280 dst_release(dst);
281 goto tx_error;
282 }
283
284 skb_scrub_packet(skb, !net_eq(tunnel->net, dev_net(dev)));
285 skb_dst_set(skb, dst);
286 skb->dev = skb_dst(skb)->dev;
287
288 err = dst_output(tunnel->net, skb->sk, skb);
289 if (net_xmit_eval(err) == 0)
290 err = pkt_len;
291 iptunnel_xmit_stats(dev, err);
292 return NETDEV_TX_OK;
293
294 tx_error_icmp:
295 dst_link_failure(skb);
296 tx_error:
297 dev->stats.tx_errors++;
298 kfree_skb(skb);
299 return NETDEV_TX_OK;
300 }
301
302
303
304
305 static netdev_tx_t vti_tunnel_xmit(struct sk_buff *skb, struct net_device *dev)
306 {
307 struct ip_tunnel *tunnel = netdev_priv(dev);
308 struct flowi fl;
309
310 if (!pskb_inet_may_pull(skb))
311 goto tx_err;
312
313 memset(&fl, 0, sizeof(fl));
314
315 switch (skb->protocol) {
316 case htons(ETH_P_IP):
317 xfrm_decode_session(skb, &fl, AF_INET);
318 memset(IPCB(skb), 0, sizeof(*IPCB(skb)));
319 break;
320 case htons(ETH_P_IPV6):
321 xfrm_decode_session(skb, &fl, AF_INET6);
322 memset(IP6CB(skb), 0, sizeof(*IP6CB(skb)));
323 break;
324 default:
325 goto tx_err;
326 }
327
328
329 fl.flowi_mark = be32_to_cpu(tunnel->parms.o_key);
330
331 return vti_xmit(skb, dev, &fl);
332
333 tx_err:
334 dev->stats.tx_errors++;
335 kfree_skb(skb);
336 return NETDEV_TX_OK;
337 }
338
339 static int vti4_err(struct sk_buff *skb, u32 info)
340 {
341 __be32 spi;
342 __u32 mark;
343 struct xfrm_state *x;
344 struct ip_tunnel *tunnel;
345 struct ip_esp_hdr *esph;
346 struct ip_auth_hdr *ah ;
347 struct ip_comp_hdr *ipch;
348 struct net *net = dev_net(skb->dev);
349 const struct iphdr *iph = (const struct iphdr *)skb->data;
350 int protocol = iph->protocol;
351 struct ip_tunnel_net *itn = net_generic(net, vti_net_id);
352
353 tunnel = ip_tunnel_lookup(itn, skb->dev->ifindex, TUNNEL_NO_KEY,
354 iph->daddr, iph->saddr, 0);
355 if (!tunnel)
356 return -1;
357
358 mark = be32_to_cpu(tunnel->parms.o_key);
359
360 switch (protocol) {
361 case IPPROTO_ESP:
362 esph = (struct ip_esp_hdr *)(skb->data+(iph->ihl<<2));
363 spi = esph->spi;
364 break;
365 case IPPROTO_AH:
366 ah = (struct ip_auth_hdr *)(skb->data+(iph->ihl<<2));
367 spi = ah->spi;
368 break;
369 case IPPROTO_COMP:
370 ipch = (struct ip_comp_hdr *)(skb->data+(iph->ihl<<2));
371 spi = htonl(ntohs(ipch->cpi));
372 break;
373 default:
374 return 0;
375 }
376
377 switch (icmp_hdr(skb)->type) {
378 case ICMP_DEST_UNREACH:
379 if (icmp_hdr(skb)->code != ICMP_FRAG_NEEDED)
380 return 0;
381 case ICMP_REDIRECT:
382 break;
383 default:
384 return 0;
385 }
386
387 x = xfrm_state_lookup(net, mark, (const xfrm_address_t *)&iph->daddr,
388 spi, protocol, AF_INET);
389 if (!x)
390 return 0;
391
392 if (icmp_hdr(skb)->type == ICMP_DEST_UNREACH)
393 ipv4_update_pmtu(skb, net, info, 0, protocol);
394 else
395 ipv4_redirect(skb, net, 0, protocol);
396 xfrm_state_put(x);
397
398 return 0;
399 }
400
401 static int
402 vti_tunnel_ioctl(struct net_device *dev, struct ifreq *ifr, int cmd)
403 {
404 int err = 0;
405 struct ip_tunnel_parm p;
406
407 if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p)))
408 return -EFAULT;
409
410 if (cmd == SIOCADDTUNNEL || cmd == SIOCCHGTUNNEL) {
411 if (p.iph.version != 4 || p.iph.protocol != IPPROTO_IPIP ||
412 p.iph.ihl != 5)
413 return -EINVAL;
414 }
415
416 if (!(p.i_flags & GRE_KEY))
417 p.i_key = 0;
418 if (!(p.o_flags & GRE_KEY))
419 p.o_key = 0;
420
421 p.i_flags = VTI_ISVTI;
422
423 err = ip_tunnel_ioctl(dev, &p, cmd);
424 if (err)
425 return err;
426
427 if (cmd != SIOCDELTUNNEL) {
428 p.i_flags |= GRE_KEY;
429 p.o_flags |= GRE_KEY;
430 }
431
432 if (copy_to_user(ifr->ifr_ifru.ifru_data, &p, sizeof(p)))
433 return -EFAULT;
434 return 0;
435 }
436
437 static const struct net_device_ops vti_netdev_ops = {
438 .ndo_init = vti_tunnel_init,
439 .ndo_uninit = ip_tunnel_uninit,
440 .ndo_start_xmit = vti_tunnel_xmit,
441 .ndo_do_ioctl = vti_tunnel_ioctl,
442 .ndo_change_mtu = ip_tunnel_change_mtu,
443 .ndo_get_stats64 = ip_tunnel_get_stats64,
444 .ndo_get_iflink = ip_tunnel_get_iflink,
445 };
446
447 static void vti_tunnel_setup(struct net_device *dev)
448 {
449 dev->netdev_ops = &vti_netdev_ops;
450 dev->type = ARPHRD_TUNNEL;
451 ip_tunnel_setup(dev, vti_net_id);
452 }
453
454 static int vti_tunnel_init(struct net_device *dev)
455 {
456 struct ip_tunnel *tunnel = netdev_priv(dev);
457 struct iphdr *iph = &tunnel->parms.iph;
458
459 memcpy(dev->dev_addr, &iph->saddr, 4);
460 memcpy(dev->broadcast, &iph->daddr, 4);
461
462 dev->flags = IFF_NOARP;
463 dev->addr_len = 4;
464 dev->features |= NETIF_F_LLTX;
465 netif_keep_dst(dev);
466
467 return ip_tunnel_init(dev);
468 }
469
470 static void __net_init vti_fb_tunnel_init(struct net_device *dev)
471 {
472 struct ip_tunnel *tunnel = netdev_priv(dev);
473 struct iphdr *iph = &tunnel->parms.iph;
474
475 iph->version = 4;
476 iph->protocol = IPPROTO_IPIP;
477 iph->ihl = 5;
478 }
479
480 static struct xfrm4_protocol vti_esp4_protocol __read_mostly = {
481 .handler = vti_rcv_proto,
482 .input_handler = vti_input_proto,
483 .cb_handler = vti_rcv_cb,
484 .err_handler = vti4_err,
485 .priority = 100,
486 };
487
488 static struct xfrm4_protocol vti_ah4_protocol __read_mostly = {
489 .handler = vti_rcv_proto,
490 .input_handler = vti_input_proto,
491 .cb_handler = vti_rcv_cb,
492 .err_handler = vti4_err,
493 .priority = 100,
494 };
495
496 static struct xfrm4_protocol vti_ipcomp4_protocol __read_mostly = {
497 .handler = vti_rcv_proto,
498 .input_handler = vti_input_proto,
499 .cb_handler = vti_rcv_cb,
500 .err_handler = vti4_err,
501 .priority = 100,
502 };
503
504 static struct xfrm_tunnel ipip_handler __read_mostly = {
505 .handler = vti_rcv_tunnel,
506 .err_handler = vti4_err,
507 .priority = 0,
508 };
509
510 static int __net_init vti_init_net(struct net *net)
511 {
512 int err;
513 struct ip_tunnel_net *itn;
514
515 err = ip_tunnel_init_net(net, vti_net_id, &vti_link_ops, "ip_vti0");
516 if (err)
517 return err;
518 itn = net_generic(net, vti_net_id);
519 if (itn->fb_tunnel_dev)
520 vti_fb_tunnel_init(itn->fb_tunnel_dev);
521 return 0;
522 }
523
524 static void __net_exit vti_exit_batch_net(struct list_head *list_net)
525 {
526 ip_tunnel_delete_nets(list_net, vti_net_id, &vti_link_ops);
527 }
528
529 static struct pernet_operations vti_net_ops = {
530 .init = vti_init_net,
531 .exit_batch = vti_exit_batch_net,
532 .id = &vti_net_id,
533 .size = sizeof(struct ip_tunnel_net),
534 };
535
536 static int vti_tunnel_validate(struct nlattr *tb[], struct nlattr *data[],
537 struct netlink_ext_ack *extack)
538 {
539 return 0;
540 }
541
542 static void vti_netlink_parms(struct nlattr *data[],
543 struct ip_tunnel_parm *parms,
544 __u32 *fwmark)
545 {
546 memset(parms, 0, sizeof(*parms));
547
548 parms->iph.protocol = IPPROTO_IPIP;
549
550 if (!data)
551 return;
552
553 parms->i_flags = VTI_ISVTI;
554
555 if (data[IFLA_VTI_LINK])
556 parms->link = nla_get_u32(data[IFLA_VTI_LINK]);
557
558 if (data[IFLA_VTI_IKEY])
559 parms->i_key = nla_get_be32(data[IFLA_VTI_IKEY]);
560
561 if (data[IFLA_VTI_OKEY])
562 parms->o_key = nla_get_be32(data[IFLA_VTI_OKEY]);
563
564 if (data[IFLA_VTI_LOCAL])
565 parms->iph.saddr = nla_get_in_addr(data[IFLA_VTI_LOCAL]);
566
567 if (data[IFLA_VTI_REMOTE])
568 parms->iph.daddr = nla_get_in_addr(data[IFLA_VTI_REMOTE]);
569
570 if (data[IFLA_VTI_FWMARK])
571 *fwmark = nla_get_u32(data[IFLA_VTI_FWMARK]);
572 }
573
574 static int vti_newlink(struct net *src_net, struct net_device *dev,
575 struct nlattr *tb[], struct nlattr *data[],
576 struct netlink_ext_ack *extack)
577 {
578 struct ip_tunnel_parm parms;
579 __u32 fwmark = 0;
580
581 vti_netlink_parms(data, &parms, &fwmark);
582 return ip_tunnel_newlink(dev, tb, &parms, fwmark);
583 }
584
585 static int vti_changelink(struct net_device *dev, struct nlattr *tb[],
586 struct nlattr *data[],
587 struct netlink_ext_ack *extack)
588 {
589 struct ip_tunnel *t = netdev_priv(dev);
590 __u32 fwmark = t->fwmark;
591 struct ip_tunnel_parm p;
592
593 vti_netlink_parms(data, &p, &fwmark);
594 return ip_tunnel_changelink(dev, tb, &p, fwmark);
595 }
596
597 static size_t vti_get_size(const struct net_device *dev)
598 {
599 return
600
601 nla_total_size(4) +
602
603 nla_total_size(4) +
604
605 nla_total_size(4) +
606
607 nla_total_size(4) +
608
609 nla_total_size(4) +
610
611 nla_total_size(4) +
612 0;
613 }
614
615 static int vti_fill_info(struct sk_buff *skb, const struct net_device *dev)
616 {
617 struct ip_tunnel *t = netdev_priv(dev);
618 struct ip_tunnel_parm *p = &t->parms;
619
620 if (nla_put_u32(skb, IFLA_VTI_LINK, p->link) ||
621 nla_put_be32(skb, IFLA_VTI_IKEY, p->i_key) ||
622 nla_put_be32(skb, IFLA_VTI_OKEY, p->o_key) ||
623 nla_put_in_addr(skb, IFLA_VTI_LOCAL, p->iph.saddr) ||
624 nla_put_in_addr(skb, IFLA_VTI_REMOTE, p->iph.daddr) ||
625 nla_put_u32(skb, IFLA_VTI_FWMARK, t->fwmark))
626 return -EMSGSIZE;
627
628 return 0;
629 }
630
631 static const struct nla_policy vti_policy[IFLA_VTI_MAX + 1] = {
632 [IFLA_VTI_LINK] = { .type = NLA_U32 },
633 [IFLA_VTI_IKEY] = { .type = NLA_U32 },
634 [IFLA_VTI_OKEY] = { .type = NLA_U32 },
635 [IFLA_VTI_LOCAL] = { .len = FIELD_SIZEOF(struct iphdr, saddr) },
636 [IFLA_VTI_REMOTE] = { .len = FIELD_SIZEOF(struct iphdr, daddr) },
637 [IFLA_VTI_FWMARK] = { .type = NLA_U32 },
638 };
639
640 static struct rtnl_link_ops vti_link_ops __read_mostly = {
641 .kind = "vti",
642 .maxtype = IFLA_VTI_MAX,
643 .policy = vti_policy,
644 .priv_size = sizeof(struct ip_tunnel),
645 .setup = vti_tunnel_setup,
646 .validate = vti_tunnel_validate,
647 .newlink = vti_newlink,
648 .changelink = vti_changelink,
649 .dellink = ip_tunnel_dellink,
650 .get_size = vti_get_size,
651 .fill_info = vti_fill_info,
652 .get_link_net = ip_tunnel_get_link_net,
653 };
654
655 static int __init vti_init(void)
656 {
657 const char *msg;
658 int err;
659
660 pr_info("IPv4 over IPsec tunneling driver\n");
661
662 msg = "tunnel device";
663 err = register_pernet_device(&vti_net_ops);
664 if (err < 0)
665 goto pernet_dev_failed;
666
667 msg = "tunnel protocols";
668 err = xfrm4_protocol_register(&vti_esp4_protocol, IPPROTO_ESP);
669 if (err < 0)
670 goto xfrm_proto_esp_failed;
671 err = xfrm4_protocol_register(&vti_ah4_protocol, IPPROTO_AH);
672 if (err < 0)
673 goto xfrm_proto_ah_failed;
674 err = xfrm4_protocol_register(&vti_ipcomp4_protocol, IPPROTO_COMP);
675 if (err < 0)
676 goto xfrm_proto_comp_failed;
677
678 msg = "ipip tunnel";
679 err = xfrm4_tunnel_register(&ipip_handler, AF_INET);
680 if (err < 0)
681 goto xfrm_tunnel_failed;
682
683 msg = "netlink interface";
684 err = rtnl_link_register(&vti_link_ops);
685 if (err < 0)
686 goto rtnl_link_failed;
687
688 return err;
689
690 rtnl_link_failed:
691 xfrm4_tunnel_deregister(&ipip_handler, AF_INET);
692 xfrm_tunnel_failed:
693 xfrm4_protocol_deregister(&vti_ipcomp4_protocol, IPPROTO_COMP);
694 xfrm_proto_comp_failed:
695 xfrm4_protocol_deregister(&vti_ah4_protocol, IPPROTO_AH);
696 xfrm_proto_ah_failed:
697 xfrm4_protocol_deregister(&vti_esp4_protocol, IPPROTO_ESP);
698 xfrm_proto_esp_failed:
699 unregister_pernet_device(&vti_net_ops);
700 pernet_dev_failed:
701 pr_err("vti init: failed to register %s\n", msg);
702 return err;
703 }
704
705 static void __exit vti_fini(void)
706 {
707 rtnl_link_unregister(&vti_link_ops);
708 xfrm4_tunnel_deregister(&ipip_handler, AF_INET);
709 xfrm4_protocol_deregister(&vti_ipcomp4_protocol, IPPROTO_COMP);
710 xfrm4_protocol_deregister(&vti_ah4_protocol, IPPROTO_AH);
711 xfrm4_protocol_deregister(&vti_esp4_protocol, IPPROTO_ESP);
712 unregister_pernet_device(&vti_net_ops);
713 }
714
715 module_init(vti_init);
716 module_exit(vti_fini);
717 MODULE_LICENSE("GPL");
718 MODULE_ALIAS_RTNL_LINK("vti");
719 MODULE_ALIAS_NETDEV("ip_vti0");