Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6
[linux-2.6] / drivers / net / tun.c
1 /*
2  *  TUN - Universal TUN/TAP device driver.
3  *  Copyright (C) 1999-2002 Maxim Krasnyansky <maxk@qualcomm.com>
4  *
5  *  This program is free software; you can redistribute it and/or modify
6  *  it under the terms of the GNU General Public License as published by
7  *  the Free Software Foundation; either version 2 of the License, or
8  *  (at your option) any later version.
9  *
10  *  This program is distributed in the hope that it will be useful,
11  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
12  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13  *  GNU General Public License for more details.
14  *
15  *  $Id: tun.c,v 1.15 2002/03/01 02:44:24 maxk Exp $
16  */
17
18 /*
19  *  Changes:
20  *
21  *  Mike Kershaw <dragorn@kismetwireless.net> 2005/08/14
22  *    Add TUNSETLINK ioctl to set the link encapsulation
23  *
24  *  Mark Smith <markzzzsmith@yahoo.com.au>
25  *    Use random_ether_addr() for tap MAC address.
26  *
27  *  Harald Roelle <harald.roelle@ifi.lmu.de>  2004/04/20
28  *    Fixes in packet dropping, queue length setting and queue wakeup.
29  *    Increased default tx queue length.
30  *    Added ethtool API.
31  *    Minor cleanups
32  *
33  *  Daniel Podlejski <underley@underley.eu.org>
34  *    Modifications for 2.3.99-pre5 kernel.
35  */
36
37 #define DRV_NAME        "tun"
38 #define DRV_VERSION     "1.6"
39 #define DRV_DESCRIPTION "Universal TUN/TAP device driver"
40 #define DRV_COPYRIGHT   "(C) 1999-2004 Max Krasnyansky <maxk@qualcomm.com>"
41
42 #include <linux/module.h>
43 #include <linux/errno.h>
44 #include <linux/kernel.h>
45 #include <linux/major.h>
46 #include <linux/slab.h>
47 #include <linux/smp_lock.h>
48 #include <linux/poll.h>
49 #include <linux/fcntl.h>
50 #include <linux/init.h>
51 #include <linux/skbuff.h>
52 #include <linux/netdevice.h>
53 #include <linux/etherdevice.h>
54 #include <linux/miscdevice.h>
55 #include <linux/ethtool.h>
56 #include <linux/rtnetlink.h>
57 #include <linux/if.h>
58 #include <linux/if_arp.h>
59 #include <linux/if_ether.h>
60 #include <linux/if_tun.h>
61 #include <linux/crc32.h>
62 #include <linux/nsproxy.h>
63 #include <linux/virtio_net.h>
64 #include <net/net_namespace.h>
65 #include <net/netns/generic.h>
66 #include <net/rtnetlink.h>
67
68 #include <asm/system.h>
69 #include <asm/uaccess.h>
70
71 /* Uncomment to enable debugging */
72 /* #define TUN_DEBUG 1 */
73
74 #ifdef TUN_DEBUG
75 static int debug;
76
77 #define DBG  if(tun->debug)printk
78 #define DBG1 if(debug==2)printk
79 #else
80 #define DBG( a... )
81 #define DBG1( a... )
82 #endif
83
84 #define FLT_EXACT_COUNT 8
85 struct tap_filter {
86         unsigned int    count;    /* Number of addrs. Zero means disabled */
87         u32             mask[2];  /* Mask of the hashed addrs */
88         unsigned char   addr[FLT_EXACT_COUNT][ETH_ALEN];
89 };
90
91 struct tun_file {
92         atomic_t count;
93         struct tun_struct *tun;
94         struct net *net;
95         wait_queue_head_t       read_wait;
96 };
97
98 struct tun_struct {
99         struct tun_file         *tfile;
100         unsigned int            flags;
101         uid_t                   owner;
102         gid_t                   group;
103
104         struct sk_buff_head     readq;
105
106         struct net_device       *dev;
107         struct fasync_struct    *fasync;
108
109         struct tap_filter       txflt;
110
111 #ifdef TUN_DEBUG
112         int debug;
113 #endif
114 };
115
116 static int tun_attach(struct tun_struct *tun, struct file *file)
117 {
118         struct tun_file *tfile = file->private_data;
119         const struct cred *cred = current_cred();
120         int err;
121
122         ASSERT_RTNL();
123
124         /* Check permissions */
125         if (((tun->owner != -1 && cred->euid != tun->owner) ||
126              (tun->group != -1 && !in_egroup_p(tun->group))) &&
127                 !capable(CAP_NET_ADMIN))
128                 return -EPERM;
129
130         netif_tx_lock_bh(tun->dev);
131
132         err = -EINVAL;
133         if (tfile->tun)
134                 goto out;
135
136         err = -EBUSY;
137         if (tun->tfile)
138                 goto out;
139
140         err = 0;
141         tfile->tun = tun;
142         tun->tfile = tfile;
143         dev_hold(tun->dev);
144         atomic_inc(&tfile->count);
145
146 out:
147         netif_tx_unlock_bh(tun->dev);
148         return err;
149 }
150
151 static void __tun_detach(struct tun_struct *tun)
152 {
153         struct tun_file *tfile = tun->tfile;
154
155         /* Detach from net device */
156         netif_tx_lock_bh(tun->dev);
157         tfile->tun = NULL;
158         tun->tfile = NULL;
159         netif_tx_unlock_bh(tun->dev);
160
161         /* Drop read queue */
162         skb_queue_purge(&tun->readq);
163
164         /* Drop the extra count on the net device */
165         dev_put(tun->dev);
166 }
167
168 static void tun_detach(struct tun_struct *tun)
169 {
170         rtnl_lock();
171         __tun_detach(tun);
172         rtnl_unlock();
173 }
174
175 static struct tun_struct *__tun_get(struct tun_file *tfile)
176 {
177         struct tun_struct *tun = NULL;
178
179         if (atomic_inc_not_zero(&tfile->count))
180                 tun = tfile->tun;
181
182         return tun;
183 }
184
185 static struct tun_struct *tun_get(struct file *file)
186 {
187         return __tun_get(file->private_data);
188 }
189
190 static void tun_put(struct tun_struct *tun)
191 {
192         struct tun_file *tfile = tun->tfile;
193
194         if (atomic_dec_and_test(&tfile->count))
195                 tun_detach(tfile->tun);
196 }
197
198 /* TAP filterting */
199 static void addr_hash_set(u32 *mask, const u8 *addr)
200 {
201         int n = ether_crc(ETH_ALEN, addr) >> 26;
202         mask[n >> 5] |= (1 << (n & 31));
203 }
204
205 static unsigned int addr_hash_test(const u32 *mask, const u8 *addr)
206 {
207         int n = ether_crc(ETH_ALEN, addr) >> 26;
208         return mask[n >> 5] & (1 << (n & 31));
209 }
210
211 static int update_filter(struct tap_filter *filter, void __user *arg)
212 {
213         struct { u8 u[ETH_ALEN]; } *addr;
214         struct tun_filter uf;
215         int err, alen, n, nexact;
216
217         if (copy_from_user(&uf, arg, sizeof(uf)))
218                 return -EFAULT;
219
220         if (!uf.count) {
221                 /* Disabled */
222                 filter->count = 0;
223                 return 0;
224         }
225
226         alen = ETH_ALEN * uf.count;
227         addr = kmalloc(alen, GFP_KERNEL);
228         if (!addr)
229                 return -ENOMEM;
230
231         if (copy_from_user(addr, arg + sizeof(uf), alen)) {
232                 err = -EFAULT;
233                 goto done;
234         }
235
236         /* The filter is updated without holding any locks. Which is
237          * perfectly safe. We disable it first and in the worst
238          * case we'll accept a few undesired packets. */
239         filter->count = 0;
240         wmb();
241
242         /* Use first set of addresses as an exact filter */
243         for (n = 0; n < uf.count && n < FLT_EXACT_COUNT; n++)
244                 memcpy(filter->addr[n], addr[n].u, ETH_ALEN);
245
246         nexact = n;
247
248         /* The rest is hashed */
249         memset(filter->mask, 0, sizeof(filter->mask));
250         for (; n < uf.count; n++)
251                 addr_hash_set(filter->mask, addr[n].u);
252
253         /* For ALLMULTI just set the mask to all ones.
254          * This overrides the mask populated above. */
255         if ((uf.flags & TUN_FLT_ALLMULTI))
256                 memset(filter->mask, ~0, sizeof(filter->mask));
257
258         /* Now enable the filter */
259         wmb();
260         filter->count = nexact;
261
262         /* Return the number of exact filters */
263         err = nexact;
264
265 done:
266         kfree(addr);
267         return err;
268 }
269
270 /* Returns: 0 - drop, !=0 - accept */
271 static int run_filter(struct tap_filter *filter, const struct sk_buff *skb)
272 {
273         /* Cannot use eth_hdr(skb) here because skb_mac_hdr() is incorrect
274          * at this point. */
275         struct ethhdr *eh = (struct ethhdr *) skb->data;
276         int i;
277
278         /* Exact match */
279         for (i = 0; i < filter->count; i++)
280                 if (!compare_ether_addr(eh->h_dest, filter->addr[i]))
281                         return 1;
282
283         /* Inexact match (multicast only) */
284         if (is_multicast_ether_addr(eh->h_dest))
285                 return addr_hash_test(filter->mask, eh->h_dest);
286
287         return 0;
288 }
289
290 /*
291  * Checks whether the packet is accepted or not.
292  * Returns: 0 - drop, !=0 - accept
293  */
294 static int check_filter(struct tap_filter *filter, const struct sk_buff *skb)
295 {
296         if (!filter->count)
297                 return 1;
298
299         return run_filter(filter, skb);
300 }
301
302 /* Network device part of the driver */
303
304 static const struct ethtool_ops tun_ethtool_ops;
305
306 /* Net device detach from fd. */
307 static void tun_net_uninit(struct net_device *dev)
308 {
309         struct tun_struct *tun = netdev_priv(dev);
310         struct tun_file *tfile = tun->tfile;
311
312         /* Inform the methods they need to stop using the dev.
313          */
314         if (tfile) {
315                 wake_up_all(&tfile->read_wait);
316                 if (atomic_dec_and_test(&tfile->count))
317                         __tun_detach(tun);
318         }
319 }
320
321 /* Net device open. */
322 static int tun_net_open(struct net_device *dev)
323 {
324         netif_start_queue(dev);
325         return 0;
326 }
327
328 /* Net device close. */
329 static int tun_net_close(struct net_device *dev)
330 {
331         netif_stop_queue(dev);
332         return 0;
333 }
334
335 /* Net device start xmit */
336 static int tun_net_xmit(struct sk_buff *skb, struct net_device *dev)
337 {
338         struct tun_struct *tun = netdev_priv(dev);
339
340         DBG(KERN_INFO "%s: tun_net_xmit %d\n", tun->dev->name, skb->len);
341
342         /* Drop packet if interface is not attached */
343         if (!tun->tfile)
344                 goto drop;
345
346         /* Drop if the filter does not like it.
347          * This is a noop if the filter is disabled.
348          * Filter can be enabled only for the TAP devices. */
349         if (!check_filter(&tun->txflt, skb))
350                 goto drop;
351
352         if (skb_queue_len(&tun->readq) >= dev->tx_queue_len) {
353                 if (!(tun->flags & TUN_ONE_QUEUE)) {
354                         /* Normal queueing mode. */
355                         /* Packet scheduler handles dropping of further packets. */
356                         netif_stop_queue(dev);
357
358                         /* We won't see all dropped packets individually, so overrun
359                          * error is more appropriate. */
360                         dev->stats.tx_fifo_errors++;
361                 } else {
362                         /* Single queue mode.
363                          * Driver handles dropping of all packets itself. */
364                         goto drop;
365                 }
366         }
367
368         /* Enqueue packet */
369         skb_queue_tail(&tun->readq, skb);
370         dev->trans_start = jiffies;
371
372         /* Notify and wake up reader process */
373         if (tun->flags & TUN_FASYNC)
374                 kill_fasync(&tun->fasync, SIGIO, POLL_IN);
375         wake_up_interruptible(&tun->tfile->read_wait);
376         return 0;
377
378 drop:
379         dev->stats.tx_dropped++;
380         kfree_skb(skb);
381         return 0;
382 }
383
384 static void tun_net_mclist(struct net_device *dev)
385 {
386         /*
387          * This callback is supposed to deal with mc filter in
388          * _rx_ path and has nothing to do with the _tx_ path.
389          * In rx path we always accept everything userspace gives us.
390          */
391         return;
392 }
393
394 #define MIN_MTU 68
395 #define MAX_MTU 65535
396
397 static int
398 tun_net_change_mtu(struct net_device *dev, int new_mtu)
399 {
400         if (new_mtu < MIN_MTU || new_mtu + dev->hard_header_len > MAX_MTU)
401                 return -EINVAL;
402         dev->mtu = new_mtu;
403         return 0;
404 }
405
406 static const struct net_device_ops tun_netdev_ops = {
407         .ndo_uninit             = tun_net_uninit,
408         .ndo_open               = tun_net_open,
409         .ndo_stop               = tun_net_close,
410         .ndo_start_xmit         = tun_net_xmit,
411         .ndo_change_mtu         = tun_net_change_mtu,
412 };
413
414 static const struct net_device_ops tap_netdev_ops = {
415         .ndo_uninit             = tun_net_uninit,
416         .ndo_open               = tun_net_open,
417         .ndo_stop               = tun_net_close,
418         .ndo_start_xmit         = tun_net_xmit,
419         .ndo_change_mtu         = tun_net_change_mtu,
420         .ndo_set_multicast_list = tun_net_mclist,
421         .ndo_set_mac_address    = eth_mac_addr,
422         .ndo_validate_addr      = eth_validate_addr,
423 };
424
425 /* Initialize net device. */
426 static void tun_net_init(struct net_device *dev)
427 {
428         struct tun_struct *tun = netdev_priv(dev);
429
430         switch (tun->flags & TUN_TYPE_MASK) {
431         case TUN_TUN_DEV:
432                 dev->netdev_ops = &tun_netdev_ops;
433
434                 /* Point-to-Point TUN Device */
435                 dev->hard_header_len = 0;
436                 dev->addr_len = 0;
437                 dev->mtu = 1500;
438
439                 /* Zero header length */
440                 dev->type = ARPHRD_NONE;
441                 dev->flags = IFF_POINTOPOINT | IFF_NOARP | IFF_MULTICAST;
442                 dev->tx_queue_len = TUN_READQ_SIZE;  /* We prefer our own queue length */
443                 break;
444
445         case TUN_TAP_DEV:
446                 dev->netdev_ops = &tap_netdev_ops;
447                 /* Ethernet TAP Device */
448                 ether_setup(dev);
449
450                 random_ether_addr(dev->dev_addr);
451
452                 dev->tx_queue_len = TUN_READQ_SIZE;  /* We prefer our own queue length */
453                 break;
454         }
455 }
456
457 /* Character device part */
458
459 /* Poll */
460 static unsigned int tun_chr_poll(struct file *file, poll_table * wait)
461 {
462         struct tun_file *tfile = file->private_data;
463         struct tun_struct *tun = __tun_get(tfile);
464         unsigned int mask = POLLOUT | POLLWRNORM;
465
466         if (!tun)
467                 return POLLERR;
468
469         DBG(KERN_INFO "%s: tun_chr_poll\n", tun->dev->name);
470
471         poll_wait(file, &tfile->read_wait, wait);
472
473         if (!skb_queue_empty(&tun->readq))
474                 mask |= POLLIN | POLLRDNORM;
475
476         if (tun->dev->reg_state != NETREG_REGISTERED)
477                 mask = POLLERR;
478
479         tun_put(tun);
480         return mask;
481 }
482
483 /* prepad is the amount to reserve at front.  len is length after that.
484  * linear is a hint as to how much to copy (usually headers). */
485 static struct sk_buff *tun_alloc_skb(size_t prepad, size_t len, size_t linear,
486                                      gfp_t gfp)
487 {
488         struct sk_buff *skb;
489         unsigned int i;
490
491         skb = alloc_skb(prepad + len, gfp|__GFP_NOWARN);
492         if (skb) {
493                 skb_reserve(skb, prepad);
494                 skb_put(skb, len);
495                 return skb;
496         }
497
498         /* Under a page?  Don't bother with paged skb. */
499         if (prepad + len < PAGE_SIZE)
500                 return NULL;
501
502         /* Start with a normal skb, and add pages. */
503         skb = alloc_skb(prepad + linear, gfp);
504         if (!skb)
505                 return NULL;
506
507         skb_reserve(skb, prepad);
508         skb_put(skb, linear);
509
510         len -= linear;
511
512         for (i = 0; i < MAX_SKB_FRAGS; i++) {
513                 skb_frag_t *f = &skb_shinfo(skb)->frags[i];
514
515                 f->page = alloc_page(gfp|__GFP_ZERO);
516                 if (!f->page)
517                         break;
518
519                 f->page_offset = 0;
520                 f->size = PAGE_SIZE;
521
522                 skb->data_len += PAGE_SIZE;
523                 skb->len += PAGE_SIZE;
524                 skb->truesize += PAGE_SIZE;
525                 skb_shinfo(skb)->nr_frags++;
526
527                 if (len < PAGE_SIZE) {
528                         len = 0;
529                         break;
530                 }
531                 len -= PAGE_SIZE;
532         }
533
534         /* Too large, or alloc fail? */
535         if (unlikely(len)) {
536                 kfree_skb(skb);
537                 skb = NULL;
538         }
539
540         return skb;
541 }
542
543 /* Get packet from user space buffer */
544 static __inline__ ssize_t tun_get_user(struct tun_struct *tun, struct iovec *iv, size_t count)
545 {
546         struct tun_pi pi = { 0, cpu_to_be16(ETH_P_IP) };
547         struct sk_buff *skb;
548         size_t len = count, align = 0;
549         struct virtio_net_hdr gso = { 0 };
550
551         if (!(tun->flags & TUN_NO_PI)) {
552                 if ((len -= sizeof(pi)) > count)
553                         return -EINVAL;
554
555                 if(memcpy_fromiovec((void *)&pi, iv, sizeof(pi)))
556                         return -EFAULT;
557         }
558
559         if (tun->flags & TUN_VNET_HDR) {
560                 if ((len -= sizeof(gso)) > count)
561                         return -EINVAL;
562
563                 if (memcpy_fromiovec((void *)&gso, iv, sizeof(gso)))
564                         return -EFAULT;
565
566                 if (gso.hdr_len > len)
567                         return -EINVAL;
568         }
569
570         if ((tun->flags & TUN_TYPE_MASK) == TUN_TAP_DEV) {
571                 align = NET_IP_ALIGN;
572                 if (unlikely(len < ETH_HLEN))
573                         return -EINVAL;
574         }
575
576         if (!(skb = tun_alloc_skb(align, len, gso.hdr_len, GFP_KERNEL))) {
577                 tun->dev->stats.rx_dropped++;
578                 return -ENOMEM;
579         }
580
581         if (skb_copy_datagram_from_iovec(skb, 0, iv, len)) {
582                 tun->dev->stats.rx_dropped++;
583                 kfree_skb(skb);
584                 return -EFAULT;
585         }
586
587         if (gso.flags & VIRTIO_NET_HDR_F_NEEDS_CSUM) {
588                 if (!skb_partial_csum_set(skb, gso.csum_start,
589                                           gso.csum_offset)) {
590                         tun->dev->stats.rx_frame_errors++;
591                         kfree_skb(skb);
592                         return -EINVAL;
593                 }
594         } else if (tun->flags & TUN_NOCHECKSUM)
595                 skb->ip_summed = CHECKSUM_UNNECESSARY;
596
597         switch (tun->flags & TUN_TYPE_MASK) {
598         case TUN_TUN_DEV:
599                 if (tun->flags & TUN_NO_PI) {
600                         switch (skb->data[0] & 0xf0) {
601                         case 0x40:
602                                 pi.proto = htons(ETH_P_IP);
603                                 break;
604                         case 0x60:
605                                 pi.proto = htons(ETH_P_IPV6);
606                                 break;
607                         default:
608                                 tun->dev->stats.rx_dropped++;
609                                 kfree_skb(skb);
610                                 return -EINVAL;
611                         }
612                 }
613
614                 skb_reset_mac_header(skb);
615                 skb->protocol = pi.proto;
616                 skb->dev = tun->dev;
617                 break;
618         case TUN_TAP_DEV:
619                 skb->protocol = eth_type_trans(skb, tun->dev);
620                 break;
621         };
622
623         if (gso.gso_type != VIRTIO_NET_HDR_GSO_NONE) {
624                 pr_debug("GSO!\n");
625                 switch (gso.gso_type & ~VIRTIO_NET_HDR_GSO_ECN) {
626                 case VIRTIO_NET_HDR_GSO_TCPV4:
627                         skb_shinfo(skb)->gso_type = SKB_GSO_TCPV4;
628                         break;
629                 case VIRTIO_NET_HDR_GSO_TCPV6:
630                         skb_shinfo(skb)->gso_type = SKB_GSO_TCPV6;
631                         break;
632                 default:
633                         tun->dev->stats.rx_frame_errors++;
634                         kfree_skb(skb);
635                         return -EINVAL;
636                 }
637
638                 if (gso.gso_type & VIRTIO_NET_HDR_GSO_ECN)
639                         skb_shinfo(skb)->gso_type |= SKB_GSO_TCP_ECN;
640
641                 skb_shinfo(skb)->gso_size = gso.gso_size;
642                 if (skb_shinfo(skb)->gso_size == 0) {
643                         tun->dev->stats.rx_frame_errors++;
644                         kfree_skb(skb);
645                         return -EINVAL;
646                 }
647
648                 /* Header must be checked, and gso_segs computed. */
649                 skb_shinfo(skb)->gso_type |= SKB_GSO_DODGY;
650                 skb_shinfo(skb)->gso_segs = 0;
651         }
652
653         netif_rx_ni(skb);
654
655         tun->dev->stats.rx_packets++;
656         tun->dev->stats.rx_bytes += len;
657
658         return count;
659 }
660
661 static ssize_t tun_chr_aio_write(struct kiocb *iocb, const struct iovec *iv,
662                               unsigned long count, loff_t pos)
663 {
664         struct tun_struct *tun = tun_get(iocb->ki_filp);
665         ssize_t result;
666
667         if (!tun)
668                 return -EBADFD;
669
670         DBG(KERN_INFO "%s: tun_chr_write %ld\n", tun->dev->name, count);
671
672         result = tun_get_user(tun, (struct iovec *) iv, iov_length(iv, count));
673
674         tun_put(tun);
675         return result;
676 }
677
678 /* Put packet to the user space buffer */
679 static __inline__ ssize_t tun_put_user(struct tun_struct *tun,
680                                        struct sk_buff *skb,
681                                        struct iovec *iv, int len)
682 {
683         struct tun_pi pi = { 0, skb->protocol };
684         ssize_t total = 0;
685
686         if (!(tun->flags & TUN_NO_PI)) {
687                 if ((len -= sizeof(pi)) < 0)
688                         return -EINVAL;
689
690                 if (len < skb->len) {
691                         /* Packet will be striped */
692                         pi.flags |= TUN_PKT_STRIP;
693                 }
694
695                 if (memcpy_toiovec(iv, (void *) &pi, sizeof(pi)))
696                         return -EFAULT;
697                 total += sizeof(pi);
698         }
699
700         if (tun->flags & TUN_VNET_HDR) {
701                 struct virtio_net_hdr gso = { 0 }; /* no info leak */
702                 if ((len -= sizeof(gso)) < 0)
703                         return -EINVAL;
704
705                 if (skb_is_gso(skb)) {
706                         struct skb_shared_info *sinfo = skb_shinfo(skb);
707
708                         /* This is a hint as to how much should be linear. */
709                         gso.hdr_len = skb_headlen(skb);
710                         gso.gso_size = sinfo->gso_size;
711                         if (sinfo->gso_type & SKB_GSO_TCPV4)
712                                 gso.gso_type = VIRTIO_NET_HDR_GSO_TCPV4;
713                         else if (sinfo->gso_type & SKB_GSO_TCPV6)
714                                 gso.gso_type = VIRTIO_NET_HDR_GSO_TCPV6;
715                         else
716                                 BUG();
717                         if (sinfo->gso_type & SKB_GSO_TCP_ECN)
718                                 gso.gso_type |= VIRTIO_NET_HDR_GSO_ECN;
719                 } else
720                         gso.gso_type = VIRTIO_NET_HDR_GSO_NONE;
721
722                 if (skb->ip_summed == CHECKSUM_PARTIAL) {
723                         gso.flags = VIRTIO_NET_HDR_F_NEEDS_CSUM;
724                         gso.csum_start = skb->csum_start - skb_headroom(skb);
725                         gso.csum_offset = skb->csum_offset;
726                 } /* else everything is zero */
727
728                 if (unlikely(memcpy_toiovec(iv, (void *)&gso, sizeof(gso))))
729                         return -EFAULT;
730                 total += sizeof(gso);
731         }
732
733         len = min_t(int, skb->len, len);
734
735         skb_copy_datagram_iovec(skb, 0, iv, len);
736         total += len;
737
738         tun->dev->stats.tx_packets++;
739         tun->dev->stats.tx_bytes += len;
740
741         return total;
742 }
743
744 static ssize_t tun_chr_aio_read(struct kiocb *iocb, const struct iovec *iv,
745                             unsigned long count, loff_t pos)
746 {
747         struct file *file = iocb->ki_filp;
748         struct tun_file *tfile = file->private_data;
749         struct tun_struct *tun = __tun_get(tfile);
750         DECLARE_WAITQUEUE(wait, current);
751         struct sk_buff *skb;
752         ssize_t len, ret = 0;
753
754         if (!tun)
755                 return -EBADFD;
756
757         DBG(KERN_INFO "%s: tun_chr_read\n", tun->dev->name);
758
759         len = iov_length(iv, count);
760         if (len < 0) {
761                 ret = -EINVAL;
762                 goto out;
763         }
764
765         add_wait_queue(&tfile->read_wait, &wait);
766         while (len) {
767                 current->state = TASK_INTERRUPTIBLE;
768
769                 /* Read frames from the queue */
770                 if (!(skb=skb_dequeue(&tun->readq))) {
771                         if (file->f_flags & O_NONBLOCK) {
772                                 ret = -EAGAIN;
773                                 break;
774                         }
775                         if (signal_pending(current)) {
776                                 ret = -ERESTARTSYS;
777                                 break;
778                         }
779                         if (tun->dev->reg_state != NETREG_REGISTERED) {
780                                 ret = -EIO;
781                                 break;
782                         }
783
784                         /* Nothing to read, let's sleep */
785                         schedule();
786                         continue;
787                 }
788                 netif_wake_queue(tun->dev);
789
790                 ret = tun_put_user(tun, skb, (struct iovec *) iv, len);
791                 kfree_skb(skb);
792                 break;
793         }
794
795         current->state = TASK_RUNNING;
796         remove_wait_queue(&tfile->read_wait, &wait);
797
798 out:
799         tun_put(tun);
800         return ret;
801 }
802
803 static void tun_setup(struct net_device *dev)
804 {
805         struct tun_struct *tun = netdev_priv(dev);
806
807         skb_queue_head_init(&tun->readq);
808
809         tun->owner = -1;
810         tun->group = -1;
811
812         dev->ethtool_ops = &tun_ethtool_ops;
813         dev->destructor = free_netdev;
814 }
815
816 /* Trivial set of netlink ops to allow deleting tun or tap
817  * device with netlink.
818  */
819 static int tun_validate(struct nlattr *tb[], struct nlattr *data[])
820 {
821         return -EINVAL;
822 }
823
824 static struct rtnl_link_ops tun_link_ops __read_mostly = {
825         .kind           = DRV_NAME,
826         .priv_size      = sizeof(struct tun_struct),
827         .setup          = tun_setup,
828         .validate       = tun_validate,
829 };
830
831
832 static int tun_set_iff(struct net *net, struct file *file, struct ifreq *ifr)
833 {
834         struct tun_struct *tun;
835         struct net_device *dev;
836         int err;
837
838         dev = __dev_get_by_name(net, ifr->ifr_name);
839         if (dev) {
840                 if ((ifr->ifr_flags & IFF_TUN) && dev->netdev_ops == &tun_netdev_ops)
841                         tun = netdev_priv(dev);
842                 else if ((ifr->ifr_flags & IFF_TAP) && dev->netdev_ops == &tap_netdev_ops)
843                         tun = netdev_priv(dev);
844                 else
845                         return -EINVAL;
846
847                 err = tun_attach(tun, file);
848                 if (err < 0)
849                         return err;
850         }
851         else {
852                 char *name;
853                 unsigned long flags = 0;
854
855                 err = -EINVAL;
856
857                 if (!capable(CAP_NET_ADMIN))
858                         return -EPERM;
859
860                 /* Set dev type */
861                 if (ifr->ifr_flags & IFF_TUN) {
862                         /* TUN device */
863                         flags |= TUN_TUN_DEV;
864                         name = "tun%d";
865                 } else if (ifr->ifr_flags & IFF_TAP) {
866                         /* TAP device */
867                         flags |= TUN_TAP_DEV;
868                         name = "tap%d";
869                 } else
870                         goto failed;
871
872                 if (*ifr->ifr_name)
873                         name = ifr->ifr_name;
874
875                 dev = alloc_netdev(sizeof(struct tun_struct), name,
876                                    tun_setup);
877                 if (!dev)
878                         return -ENOMEM;
879
880                 dev_net_set(dev, net);
881                 dev->rtnl_link_ops = &tun_link_ops;
882
883                 tun = netdev_priv(dev);
884                 tun->dev = dev;
885                 tun->flags = flags;
886                 tun->txflt.count = 0;
887
888                 tun_net_init(dev);
889
890                 if (strchr(dev->name, '%')) {
891                         err = dev_alloc_name(dev, dev->name);
892                         if (err < 0)
893                                 goto err_free_dev;
894                 }
895
896                 err = register_netdevice(tun->dev);
897                 if (err < 0)
898                         goto err_free_dev;
899
900                 err = tun_attach(tun, file);
901                 if (err < 0)
902                         goto err_free_dev;
903         }
904
905         DBG(KERN_INFO "%s: tun_set_iff\n", tun->dev->name);
906
907         if (ifr->ifr_flags & IFF_NO_PI)
908                 tun->flags |= TUN_NO_PI;
909         else
910                 tun->flags &= ~TUN_NO_PI;
911
912         if (ifr->ifr_flags & IFF_ONE_QUEUE)
913                 tun->flags |= TUN_ONE_QUEUE;
914         else
915                 tun->flags &= ~TUN_ONE_QUEUE;
916
917         if (ifr->ifr_flags & IFF_VNET_HDR)
918                 tun->flags |= TUN_VNET_HDR;
919         else
920                 tun->flags &= ~TUN_VNET_HDR;
921
922         /* Make sure persistent devices do not get stuck in
923          * xoff state.
924          */
925         if (netif_running(tun->dev))
926                 netif_wake_queue(tun->dev);
927
928         strcpy(ifr->ifr_name, tun->dev->name);
929         return 0;
930
931  err_free_dev:
932         free_netdev(dev);
933  failed:
934         return err;
935 }
936
937 static int tun_get_iff(struct net *net, struct file *file, struct ifreq *ifr)
938 {
939         struct tun_struct *tun = tun_get(file);
940
941         if (!tun)
942                 return -EBADFD;
943
944         DBG(KERN_INFO "%s: tun_get_iff\n", tun->dev->name);
945
946         strcpy(ifr->ifr_name, tun->dev->name);
947
948         ifr->ifr_flags = 0;
949
950         if (ifr->ifr_flags & TUN_TUN_DEV)
951                 ifr->ifr_flags |= IFF_TUN;
952         else
953                 ifr->ifr_flags |= IFF_TAP;
954
955         if (tun->flags & TUN_NO_PI)
956                 ifr->ifr_flags |= IFF_NO_PI;
957
958         if (tun->flags & TUN_ONE_QUEUE)
959                 ifr->ifr_flags |= IFF_ONE_QUEUE;
960
961         if (tun->flags & TUN_VNET_HDR)
962                 ifr->ifr_flags |= IFF_VNET_HDR;
963
964         tun_put(tun);
965         return 0;
966 }
967
968 /* This is like a cut-down ethtool ops, except done via tun fd so no
969  * privs required. */
970 static int set_offload(struct net_device *dev, unsigned long arg)
971 {
972         unsigned int old_features, features;
973
974         old_features = dev->features;
975         /* Unset features, set them as we chew on the arg. */
976         features = (old_features & ~(NETIF_F_HW_CSUM|NETIF_F_SG|NETIF_F_FRAGLIST
977                                     |NETIF_F_TSO_ECN|NETIF_F_TSO|NETIF_F_TSO6));
978
979         if (arg & TUN_F_CSUM) {
980                 features |= NETIF_F_HW_CSUM|NETIF_F_SG|NETIF_F_FRAGLIST;
981                 arg &= ~TUN_F_CSUM;
982
983                 if (arg & (TUN_F_TSO4|TUN_F_TSO6)) {
984                         if (arg & TUN_F_TSO_ECN) {
985                                 features |= NETIF_F_TSO_ECN;
986                                 arg &= ~TUN_F_TSO_ECN;
987                         }
988                         if (arg & TUN_F_TSO4)
989                                 features |= NETIF_F_TSO;
990                         if (arg & TUN_F_TSO6)
991                                 features |= NETIF_F_TSO6;
992                         arg &= ~(TUN_F_TSO4|TUN_F_TSO6);
993                 }
994         }
995
996         /* This gives the user a way to test for new features in future by
997          * trying to set them. */
998         if (arg)
999                 return -EINVAL;
1000
1001         dev->features = features;
1002         if (old_features != dev->features)
1003                 netdev_features_change(dev);
1004
1005         return 0;
1006 }
1007
1008 static int tun_chr_ioctl(struct inode *inode, struct file *file,
1009                          unsigned int cmd, unsigned long arg)
1010 {
1011         struct tun_file *tfile = file->private_data;
1012         struct tun_struct *tun;
1013         void __user* argp = (void __user*)arg;
1014         struct ifreq ifr;
1015         int ret;
1016
1017         if (cmd == TUNSETIFF || _IOC_TYPE(cmd) == 0x89)
1018                 if (copy_from_user(&ifr, argp, sizeof ifr))
1019                         return -EFAULT;
1020
1021         if (cmd == TUNGETFEATURES) {
1022                 /* Currently this just means: "what IFF flags are valid?".
1023                  * This is needed because we never checked for invalid flags on
1024                  * TUNSETIFF. */
1025                 return put_user(IFF_TUN | IFF_TAP | IFF_NO_PI | IFF_ONE_QUEUE |
1026                                 IFF_VNET_HDR,
1027                                 (unsigned int __user*)argp);
1028         }
1029
1030         tun = __tun_get(tfile);
1031         if (cmd == TUNSETIFF && !tun) {
1032                 int err;
1033
1034                 ifr.ifr_name[IFNAMSIZ-1] = '\0';
1035
1036                 rtnl_lock();
1037                 err = tun_set_iff(tfile->net, file, &ifr);
1038                 rtnl_unlock();
1039
1040                 if (err)
1041                         return err;
1042
1043                 if (copy_to_user(argp, &ifr, sizeof(ifr)))
1044                         return -EFAULT;
1045                 return 0;
1046         }
1047
1048
1049         if (!tun)
1050                 return -EBADFD;
1051
1052         DBG(KERN_INFO "%s: tun_chr_ioctl cmd %d\n", tun->dev->name, cmd);
1053
1054         ret = 0;
1055         switch (cmd) {
1056         case TUNGETIFF:
1057                 ret = tun_get_iff(current->nsproxy->net_ns, file, &ifr);
1058                 if (ret)
1059                         break;
1060
1061                 if (copy_to_user(argp, &ifr, sizeof(ifr)))
1062                         ret = -EFAULT;
1063                 break;
1064
1065         case TUNSETNOCSUM:
1066                 /* Disable/Enable checksum */
1067                 if (arg)
1068                         tun->flags |= TUN_NOCHECKSUM;
1069                 else
1070                         tun->flags &= ~TUN_NOCHECKSUM;
1071
1072                 DBG(KERN_INFO "%s: checksum %s\n",
1073                     tun->dev->name, arg ? "disabled" : "enabled");
1074                 break;
1075
1076         case TUNSETPERSIST:
1077                 /* Disable/Enable persist mode */
1078                 if (arg)
1079                         tun->flags |= TUN_PERSIST;
1080                 else
1081                         tun->flags &= ~TUN_PERSIST;
1082
1083                 DBG(KERN_INFO "%s: persist %s\n",
1084                     tun->dev->name, arg ? "enabled" : "disabled");
1085                 break;
1086
1087         case TUNSETOWNER:
1088                 /* Set owner of the device */
1089                 tun->owner = (uid_t) arg;
1090
1091                 DBG(KERN_INFO "%s: owner set to %d\n", tun->dev->name, tun->owner);
1092                 break;
1093
1094         case TUNSETGROUP:
1095                 /* Set group of the device */
1096                 tun->group= (gid_t) arg;
1097
1098                 DBG(KERN_INFO "%s: group set to %d\n", tun->dev->name, tun->group);
1099                 break;
1100
1101         case TUNSETLINK:
1102                 /* Only allow setting the type when the interface is down */
1103                 rtnl_lock();
1104                 if (tun->dev->flags & IFF_UP) {
1105                         DBG(KERN_INFO "%s: Linktype set failed because interface is up\n",
1106                                 tun->dev->name);
1107                         ret = -EBUSY;
1108                 } else {
1109                         tun->dev->type = (int) arg;
1110                         DBG(KERN_INFO "%s: linktype set to %d\n", tun->dev->name, tun->dev->type);
1111                         ret = 0;
1112                 }
1113                 rtnl_unlock();
1114                 break;
1115
1116 #ifdef TUN_DEBUG
1117         case TUNSETDEBUG:
1118                 tun->debug = arg;
1119                 break;
1120 #endif
1121         case TUNSETOFFLOAD:
1122                 rtnl_lock();
1123                 ret = set_offload(tun->dev, arg);
1124                 rtnl_unlock();
1125                 break;
1126
1127         case TUNSETTXFILTER:
1128                 /* Can be set only for TAPs */
1129                 ret = -EINVAL;
1130                 if ((tun->flags & TUN_TYPE_MASK) != TUN_TAP_DEV)
1131                         break;
1132                 rtnl_lock();
1133                 ret = update_filter(&tun->txflt, (void __user *)arg);
1134                 rtnl_unlock();
1135                 break;
1136
1137         case SIOCGIFHWADDR:
1138                 /* Get hw addres */
1139                 memcpy(ifr.ifr_hwaddr.sa_data, tun->dev->dev_addr, ETH_ALEN);
1140                 ifr.ifr_hwaddr.sa_family = tun->dev->type;
1141                 if (copy_to_user(argp, &ifr, sizeof ifr))
1142                         ret = -EFAULT;
1143                 break;
1144
1145         case SIOCSIFHWADDR:
1146                 /* Set hw address */
1147                 DBG(KERN_DEBUG "%s: set hw address: %pM\n",
1148                         tun->dev->name, ifr.ifr_hwaddr.sa_data);
1149
1150                 rtnl_lock();
1151                 ret = dev_set_mac_address(tun->dev, &ifr.ifr_hwaddr);
1152                 rtnl_unlock();
1153                 break;
1154         default:
1155                 ret = -EINVAL;
1156                 break;
1157         };
1158
1159         tun_put(tun);
1160         return ret;
1161 }
1162
1163 static int tun_chr_fasync(int fd, struct file *file, int on)
1164 {
1165         struct tun_struct *tun = tun_get(file);
1166         int ret;
1167
1168         if (!tun)
1169                 return -EBADFD;
1170
1171         DBG(KERN_INFO "%s: tun_chr_fasync %d\n", tun->dev->name, on);
1172
1173         lock_kernel();
1174         if ((ret = fasync_helper(fd, file, on, &tun->fasync)) < 0)
1175                 goto out;
1176
1177         if (on) {
1178                 ret = __f_setown(file, task_pid(current), PIDTYPE_PID, 0);
1179                 if (ret)
1180                         goto out;
1181                 tun->flags |= TUN_FASYNC;
1182         } else
1183                 tun->flags &= ~TUN_FASYNC;
1184         ret = 0;
1185 out:
1186         unlock_kernel();
1187         tun_put(tun);
1188         return ret;
1189 }
1190
1191 static int tun_chr_open(struct inode *inode, struct file * file)
1192 {
1193         struct tun_file *tfile;
1194         cycle_kernel_lock();
1195         DBG1(KERN_INFO "tunX: tun_chr_open\n");
1196
1197         tfile = kmalloc(sizeof(*tfile), GFP_KERNEL);
1198         if (!tfile)
1199                 return -ENOMEM;
1200         atomic_set(&tfile->count, 0);
1201         tfile->tun = NULL;
1202         tfile->net = get_net(current->nsproxy->net_ns);
1203         init_waitqueue_head(&tfile->read_wait);
1204         file->private_data = tfile;
1205         return 0;
1206 }
1207
1208 static int tun_chr_close(struct inode *inode, struct file *file)
1209 {
1210         struct tun_file *tfile = file->private_data;
1211         struct tun_struct *tun = __tun_get(tfile);
1212
1213
1214         if (tun) {
1215                 DBG(KERN_INFO "%s: tun_chr_close\n", tun->dev->name);
1216
1217                 rtnl_lock();
1218                 __tun_detach(tun);
1219
1220                 /* If desireable, unregister the netdevice. */
1221                 if (!(tun->flags & TUN_PERSIST))
1222                         unregister_netdevice(tun->dev);
1223
1224                 rtnl_unlock();
1225         }
1226
1227         put_net(tfile->net);
1228         kfree(tfile);
1229
1230         return 0;
1231 }
1232
1233 static const struct file_operations tun_fops = {
1234         .owner  = THIS_MODULE,
1235         .llseek = no_llseek,
1236         .read  = do_sync_read,
1237         .aio_read  = tun_chr_aio_read,
1238         .write = do_sync_write,
1239         .aio_write = tun_chr_aio_write,
1240         .poll   = tun_chr_poll,
1241         .ioctl  = tun_chr_ioctl,
1242         .open   = tun_chr_open,
1243         .release = tun_chr_close,
1244         .fasync = tun_chr_fasync
1245 };
1246
1247 static struct miscdevice tun_miscdev = {
1248         .minor = TUN_MINOR,
1249         .name = "tun",
1250         .fops = &tun_fops,
1251 };
1252
1253 /* ethtool interface */
1254
1255 static int tun_get_settings(struct net_device *dev, struct ethtool_cmd *cmd)
1256 {
1257         cmd->supported          = 0;
1258         cmd->advertising        = 0;
1259         cmd->speed              = SPEED_10;
1260         cmd->duplex             = DUPLEX_FULL;
1261         cmd->port               = PORT_TP;
1262         cmd->phy_address        = 0;
1263         cmd->transceiver        = XCVR_INTERNAL;
1264         cmd->autoneg            = AUTONEG_DISABLE;
1265         cmd->maxtxpkt           = 0;
1266         cmd->maxrxpkt           = 0;
1267         return 0;
1268 }
1269
1270 static void tun_get_drvinfo(struct net_device *dev, struct ethtool_drvinfo *info)
1271 {
1272         struct tun_struct *tun = netdev_priv(dev);
1273
1274         strcpy(info->driver, DRV_NAME);
1275         strcpy(info->version, DRV_VERSION);
1276         strcpy(info->fw_version, "N/A");
1277
1278         switch (tun->flags & TUN_TYPE_MASK) {
1279         case TUN_TUN_DEV:
1280                 strcpy(info->bus_info, "tun");
1281                 break;
1282         case TUN_TAP_DEV:
1283                 strcpy(info->bus_info, "tap");
1284                 break;
1285         }
1286 }
1287
1288 static u32 tun_get_msglevel(struct net_device *dev)
1289 {
1290 #ifdef TUN_DEBUG
1291         struct tun_struct *tun = netdev_priv(dev);
1292         return tun->debug;
1293 #else
1294         return -EOPNOTSUPP;
1295 #endif
1296 }
1297
1298 static void tun_set_msglevel(struct net_device *dev, u32 value)
1299 {
1300 #ifdef TUN_DEBUG
1301         struct tun_struct *tun = netdev_priv(dev);
1302         tun->debug = value;
1303 #endif
1304 }
1305
1306 static u32 tun_get_link(struct net_device *dev)
1307 {
1308         struct tun_struct *tun = netdev_priv(dev);
1309         return !!tun->tfile;
1310 }
1311
1312 static u32 tun_get_rx_csum(struct net_device *dev)
1313 {
1314         struct tun_struct *tun = netdev_priv(dev);
1315         return (tun->flags & TUN_NOCHECKSUM) == 0;
1316 }
1317
1318 static int tun_set_rx_csum(struct net_device *dev, u32 data)
1319 {
1320         struct tun_struct *tun = netdev_priv(dev);
1321         if (data)
1322                 tun->flags &= ~TUN_NOCHECKSUM;
1323         else
1324                 tun->flags |= TUN_NOCHECKSUM;
1325         return 0;
1326 }
1327
1328 static const struct ethtool_ops tun_ethtool_ops = {
1329         .get_settings   = tun_get_settings,
1330         .get_drvinfo    = tun_get_drvinfo,
1331         .get_msglevel   = tun_get_msglevel,
1332         .set_msglevel   = tun_set_msglevel,
1333         .get_link       = tun_get_link,
1334         .get_rx_csum    = tun_get_rx_csum,
1335         .set_rx_csum    = tun_set_rx_csum
1336 };
1337
1338
1339 static int __init tun_init(void)
1340 {
1341         int ret = 0;
1342
1343         printk(KERN_INFO "tun: %s, %s\n", DRV_DESCRIPTION, DRV_VERSION);
1344         printk(KERN_INFO "tun: %s\n", DRV_COPYRIGHT);
1345
1346         ret = rtnl_link_register(&tun_link_ops);
1347         if (ret) {
1348                 printk(KERN_ERR "tun: Can't register link_ops\n");
1349                 goto err_linkops;
1350         }
1351
1352         ret = misc_register(&tun_miscdev);
1353         if (ret) {
1354                 printk(KERN_ERR "tun: Can't register misc device %d\n", TUN_MINOR);
1355                 goto err_misc;
1356         }
1357         return  0;
1358 err_misc:
1359         rtnl_link_unregister(&tun_link_ops);
1360 err_linkops:
1361         return ret;
1362 }
1363
1364 static void tun_cleanup(void)
1365 {
1366         misc_deregister(&tun_miscdev);
1367         rtnl_link_unregister(&tun_link_ops);
1368 }
1369
1370 module_init(tun_init);
1371 module_exit(tun_cleanup);
1372 MODULE_DESCRIPTION(DRV_DESCRIPTION);
1373 MODULE_AUTHOR(DRV_COPYRIGHT);
1374 MODULE_LICENSE("GPL");
1375 MODULE_ALIAS_MISCDEV(TUN_MINOR);