6 files changed, 168 insertions, 116 deletions
diff --git a/net/ipv6/Kconfig b/net/ipv6/Kconfig
index e6f83b6a2b76..f8a107ab5592 100644
--- a/net/ipv6/Kconfig
+++ b/net/ipv6/Kconfig
@@ -88,7 +88,7 @@ config INET6_IPCOMP
        tristate "IPv6: IPComp transformation"
        depends on IPV6
        select XFRM
-        select INET6_TUNNEL
+        select INET6_XFRM_TUNNEL
        select CRYPTO
        select CRYPTO_DEFLATE
        ---help---
@@ -97,19 +97,18 @@ config INET6_IPCOMP
          If unsure, say Y.
+config INET6_XFRM_TUNNEL
+        tristate
+        select INET6_TUNNEL
+        default n
 config INET6_TUNNEL
-        tristate "IPv6: tunnel transformation"
+        tristate
-        depends on IPV6
+        default n
-        select XFRM
-        ---help---
-          Support for generic IPv6-in-IPv6 tunnel transformation, which is
-          required by the IPv6-in-IPv6 tunneling module as well as tunnel mode
-          IPComp.
-          
-          If unsure, say Y.
 config IPV6_TUNNEL
        tristate "IPv6: IPv6-in-IPv6 tunnel"
+        select INET6_TUNNEL
        depends on IPV6
        ---help---
          Support for IPv6-in-IPv6 tunnels described in RFC 2473.
diff --git a/net/ipv6/Makefile b/net/ipv6/Makefile
index 41877abd22e6..a760b0988fbb 100644
--- a/net/ipv6/Makefile
+++ b/net/ipv6/Makefile
@@ -18,7 +18,8 @@ ipv6-objs += $(ipv6-y)
 obj-$(CONFIG_INET6_AH) += ah6.o
 obj-$(CONFIG_INET6_ESP) += esp6.o
 obj-$(CONFIG_INET6_IPCOMP) += ipcomp6.o
-obj-$(CONFIG_INET6_TUNNEL) += xfrm6_tunnel.o 
+obj-$(CONFIG_INET6_XFRM_TUNNEL) += xfrm6_tunnel.o
+obj-$(CONFIG_INET6_TUNNEL) += tunnel6.o
 obj-$(CONFIG_NETFILTER) += netfilter/
 obj-$(CONFIG_IPV6_TUNNEL) += ip6_tunnel.o
diff --git a/net/ipv6/ip6_tunnel.c b/net/ipv6/ip6_tunnel.c
index 48597538db3f..ff9040c92556 100644
--- a/net/ipv6/ip6_tunnel.c
+++ b/net/ipv6/ip6_tunnel.c
@@ -44,7 +44,6 @@
 #include <net/ip.h>
 #include <net/ipv6.h>
-#include <net/protocol.h>
 #include <net/ip6_route.h>
 #include <net/addrconf.h>
 #include <net/ip6_tunnel.h>
@@ -391,7 +390,7 @@ parse_tlv_tnl_enc_lim(struct sk_buff *skb, __u8 * raw)
 *   to the specifications in RFC 2473.
 **/
-static void 
+static int
 ip6ip6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
           int type, int code, int offset, __u32 info)
 {
@@ -402,6 +401,7 @@ ip6ip6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
        int rel_code = ICMPV6_ADDR_UNREACH;
        __u32 rel_info = 0;
        __u16 len;
+        int err = -ENOENT;
        /* If the packet doesn't contain the original IPv6 header we are 
           in trouble since we might need the source address for further 
@@ -411,6 +411,8 @@ ip6ip6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
        if ((t = ip6ip6_tnl_lookup(&ipv6h->daddr, &ipv6h->saddr)) == NULL)
                goto out;
+        err = 0;
        switch (type) {
                __u32 teli;
                struct ipv6_tlv_tnl_enc_lim *tel;
@@ -492,6 +494,7 @@ ip6ip6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
        }
 out:
        read_unlock(&ip6ip6_lock);
+        return err;
 }
 static inline void ip6ip6_ecn_decapsulate(struct ipv6hdr *outer_iph,
@@ -511,9 +514,8 @@ static inline void ip6ip6_ecn_decapsulate(struct ipv6hdr *outer_iph,
 **/
 static int 
-ip6ip6_rcv(struct sk_buff **pskb)
+ip6ip6_rcv(struct sk_buff *skb)
 {
-        struct sk_buff *skb = *pskb;
        struct ipv6hdr *ipv6h;
        struct ip6_tnl *t;
@@ -1112,39 +1114,12 @@ ip6ip6_fb_tnl_dev_init(struct net_device *dev)
        return 0;
 }
-#ifdef CONFIG_INET6_TUNNEL
 static struct xfrm6_tunnel ip6ip6_handler = {
        .handler        = ip6ip6_rcv,
        .err_handler    = ip6ip6_err,
+        .priority       =       1,
 };
-static inline int ip6ip6_register(void)
-{
-        return xfrm6_tunnel_register(&ip6ip6_handler);
-}
-static inline int ip6ip6_unregister(void)
-{
-        return xfrm6_tunnel_deregister(&ip6ip6_handler);
-}
-#else
-static struct inet6_protocol xfrm6_tunnel_protocol = {
-        .handler        = ip6ip6_rcv,
-        .err_handler    = ip6ip6_err,
-        .flags          = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL,
-};
-static inline int ip6ip6_register(void)
-{
-        return inet6_add_protocol(&xfrm6_tunnel_protocol, IPPROTO_IPV6);
-}
-static inline int ip6ip6_unregister(void)
-{
-        return inet6_del_protocol(&xfrm6_tunnel_protocol, IPPROTO_IPV6);
-}
-#endif
 /**
 * ip6_tunnel_init - register protocol and reserve needed resources
 *
@@ -1155,7 +1130,7 @@ static int __init ip6_tunnel_init(void)
 {
        int  err;
-        if (ip6ip6_register() < 0) {
+        if (xfrm6_tunnel_register(&ip6ip6_handler)) {
                printk(KERN_ERR "ip6ip6 init: can't register tunnel\n");
                return -EAGAIN;
        }
@@ -1174,7 +1149,7 @@ static int __init ip6_tunnel_init(void)
        }
        return 0;
 fail:
-        ip6ip6_unregister();
+        xfrm6_tunnel_deregister(&ip6ip6_handler);
        return err;
 }
@@ -1184,7 +1159,7 @@ fail:
 static void __exit ip6_tunnel_cleanup(void)
 {
-        if (ip6ip6_unregister() < 0)
+        if (xfrm6_tunnel_deregister(&ip6ip6_handler))
                printk(KERN_INFO "ip6ip6 close: can't deregister tunnel\n");
        unregister_netdev(ip6ip6_fb_tnl_dev);
diff --git a/net/ipv6/tunnel6.c b/net/ipv6/tunnel6.c
new file mode 100644
index 000000000000..5659b52284bd
--- /dev/null
+++ b/net/ipv6/tunnel6.c
@@ -0,0 +1,131 @@
+/*
+ * Copyright (C)2003,2004 USAGI/WIDE Project
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ *
+ * Authors      Mitsuru KANDA  <mk@linux-ipv6.org>
+ *              YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
+ */
+#include <linux/init.h>
+#include <linux/module.h>
+#include <linux/mutex.h>
+#include <linux/netdevice.h>
+#include <linux/skbuff.h>
+#include <net/protocol.h>
+#include <net/xfrm.h>
+static struct xfrm6_tunnel *tunnel6_handlers;
+static DEFINE_MUTEX(tunnel6_mutex);
+int xfrm6_tunnel_register(struct xfrm6_tunnel *handler)
+{
+        struct xfrm6_tunnel **pprev;
+        int ret = -EEXIST;
+        int priority = handler->priority;
+        mutex_lock(&tunnel6_mutex);
+        for (pprev = &tunnel6_handlers; *pprev; pprev = &(*pprev)->next) {
+                if ((*pprev)->priority > priority)
+                        break;
+                if ((*pprev)->priority == priority)
+                        goto err;
+        }
+        handler->next = *pprev;
+        *pprev = handler;
+        ret = 0;
+err:
+        mutex_unlock(&tunnel6_mutex);
+        return ret;
+}
+EXPORT_SYMBOL(xfrm6_tunnel_register);
+int xfrm6_tunnel_deregister(struct xfrm6_tunnel *handler)
+{
+        struct xfrm6_tunnel **pprev;
+        int ret = -ENOENT;
+        mutex_lock(&tunnel6_mutex);
+        for (pprev = &tunnel6_handlers; *pprev; pprev = &(*pprev)->next) {
+                if (*pprev == handler) {
+                        *pprev = handler->next;
+                        ret = 0;
+                        break;
+                }
+        }
+        mutex_unlock(&tunnel6_mutex);
+        synchronize_net();
+        return ret;
+}
+EXPORT_SYMBOL(xfrm6_tunnel_deregister);
+static int tunnel6_rcv(struct sk_buff **pskb)
+{
+        struct sk_buff *skb = *pskb;
+        struct xfrm6_tunnel *handler;
+        for (handler = tunnel6_handlers; handler; handler = handler->next)
+                if (!handler->handler(skb))
+                        return 0;
+        kfree_skb(skb);
+        return 0;
+}
+static void tunnel6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
+                        int type, int code, int offset, __u32 info)
+{
+        struct xfrm6_tunnel *handler;
+        for (handler = tunnel6_handlers; handler; handler = handler->next)
+                if (!handler->err_handler(skb, opt, type, code, offset, info))
+                        break;
+}
+static struct inet6_protocol tunnel6_protocol = {
+        .handler        = tunnel6_rcv,
+        .err_handler    = tunnel6_err,
+        .flags          = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL,
+};
+static int __init tunnel6_init(void)
+{
+        if (inet6_add_protocol(&tunnel6_protocol, IPPROTO_IPV6)) {
+                printk(KERN_ERR "tunnel6 init(): can't add protocol\n");
+                return -EAGAIN;
+        }
+        return 0;
+}
+static void __exit tunnel6_fini(void)
+{
+        if (inet6_del_protocol(&tunnel6_protocol, IPPROTO_IPV6))
+                printk(KERN_ERR "tunnel6 close: can't remove protocol\n");
+}
+module_init(tunnel6_init);
+module_exit(tunnel6_fini);
+MODULE_LICENSE("GPL");
diff --git a/net/ipv6/xfrm6_input.c b/net/ipv6/xfrm6_input.c
index 1ca2da68ef69..cccf8b76f046 100644
--- a/net/ipv6/xfrm6_input.c
+++ b/net/ipv6/xfrm6_input.c
@@ -28,9 +28,8 @@ static inline void ipip6_ecn_decapsulate(struct sk_buff *skb)
                IP6_ECN_set_ce(inner_iph);
 }
-int xfrm6_rcv_spi(struct sk_buff **pskb, u32 spi)
+int xfrm6_rcv_spi(struct sk_buff *skb, u32 spi)
 {
-        struct sk_buff *skb = *pskb;
        int err;
        u32 seq;
        struct sec_decap_state xfrm_vec[XFRM_MAX_DEPTH];
@@ -159,5 +158,5 @@ EXPORT_SYMBOL(xfrm6_rcv_spi);
 int xfrm6_rcv(struct sk_buff **pskb)
 {
-        return xfrm6_rcv_spi(pskb, 0);
+        return xfrm6_rcv_spi(*pskb, 0);
 }
diff --git a/net/ipv6/xfrm6_tunnel.c b/net/ipv6/xfrm6_tunnel.c
index 08f9abbdf1d7..a8f6776c518d 100644
--- a/net/ipv6/xfrm6_tunnel.c
+++ b/net/ipv6/xfrm6_tunnel.c
@@ -28,7 +28,6 @@
 #include <net/ip.h>
 #include <net/xfrm.h>
 #include <net/ipv6.h>
-#include <net/protocol.h>
 #include <linux/ipv6.h>
 #include <linux/icmpv6.h>
 #include <linux/mutex.h>
@@ -357,71 +356,18 @@ static int xfrm6_tunnel_input(struct xfrm_state *x, struct xfrm_decap_state *dec
        return 0;
 }
-static struct xfrm6_tunnel *xfrm6_tunnel_handler;
+static int xfrm6_tunnel_rcv(struct sk_buff *skb)
-static DEFINE_MUTEX(xfrm6_tunnel_mutex);
-int xfrm6_tunnel_register(struct xfrm6_tunnel *handler)
 {
-        int ret;
-        mutex_lock(&xfrm6_tunnel_mutex);
-        ret = 0;
-        if (xfrm6_tunnel_handler != NULL)
-                ret = -EINVAL;
-        if (!ret)
-                xfrm6_tunnel_handler = handler;
-        mutex_unlock(&xfrm6_tunnel_mutex);
-        return ret;
-}
-EXPORT_SYMBOL(xfrm6_tunnel_register);
-int xfrm6_tunnel_deregister(struct xfrm6_tunnel *handler)
-{
-        int ret;
-        mutex_lock(&xfrm6_tunnel_mutex);
-        ret = 0;
-        if (xfrm6_tunnel_handler != handler)
-                ret = -EINVAL;
-        if (!ret)
-                xfrm6_tunnel_handler = NULL;
-        mutex_unlock(&xfrm6_tunnel_mutex);
-        synchronize_net();
-        return ret;
-}
-EXPORT_SYMBOL(xfrm6_tunnel_deregister);
-static int xfrm6_tunnel_rcv(struct sk_buff **pskb)
-{
-        struct sk_buff *skb = *pskb;
-        struct xfrm6_tunnel *handler = xfrm6_tunnel_handler;
        struct ipv6hdr *iph = skb->nh.ipv6h;
        u32 spi;
-        /* device-like_ip6ip6_handler() */
-        if (handler && handler->handler(pskb) == 0)
-                return 0;
        spi = xfrm6_tunnel_spi_lookup((xfrm_address_t *)&iph->saddr);
-        return xfrm6_rcv_spi(pskb, spi);
+        return xfrm6_rcv_spi(skb, spi);
 }
-static void xfrm6_tunnel_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
+static int xfrm6_tunnel_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
-                             int type, int code, int offset, __u32 info)
+                            int type, int code, int offset, __u32 info)
 {
-        struct xfrm6_tunnel *handler = xfrm6_tunnel_handler;
-        /* call here first for device-like ip6ip6 err handling */
-        if (handler) {
-                handler->err_handler(skb, opt, type, code, offset, info);
-                return;
-        }
        /* xfrm6_tunnel native err handling */
        switch (type) {
        case ICMPV6_DEST_UNREACH: 
@@ -462,7 +408,8 @@ static void xfrm6_tunnel_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
        default:
                break;
        }
-        return;
+        return 0;
 }
 static int xfrm6_tunnel_init_state(struct xfrm_state *x)
@@ -493,10 +440,10 @@ static struct xfrm_type xfrm6_tunnel_type = {
        .output         = xfrm6_tunnel_output,
 };
-static struct inet6_protocol xfrm6_tunnel_protocol = {
+static struct xfrm6_tunnel xfrm6_tunnel_handler = {
        .handler        = xfrm6_tunnel_rcv,
-        .err_handler    = xfrm6_tunnel_err, 
+        .err_handler    = xfrm6_tunnel_err,
-        .flags          = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL,
+        .priority       = 2,
 };
 static int __init xfrm6_tunnel_init(void)
@@ -508,16 +455,16 @@ static int __init xfrm6_tunnel_init(void)
                           "xfrm6_tunnel init: can't add xfrm type\n");
                return -EAGAIN;
        }
-        if (inet6_add_protocol(&xfrm6_tunnel_protocol, IPPROTO_IPV6) < 0) {
+        if (xfrm6_tunnel_register(&xfrm6_tunnel_handler)) {
                X6TPRINTK1(KERN_ERR
-                           "xfrm6_tunnel init(): can't add protocol\n");
+                           "xfrm6_tunnel init(): can't add handler\n");
                xfrm_unregister_type(&xfrm6_tunnel_type, AF_INET6);
                return -EAGAIN;
        }
        if (xfrm6_tunnel_spi_init() < 0) {
                X6TPRINTK1(KERN_ERR
                           "xfrm6_tunnel init: failed to initialize spi\n");
-                inet6_del_protocol(&xfrm6_tunnel_protocol, IPPROTO_IPV6);
+                xfrm6_tunnel_deregister(&xfrm6_tunnel_handler);
                xfrm_unregister_type(&xfrm6_tunnel_type, AF_INET6);
                return -EAGAIN;
        }
@@ -529,9 +476,9 @@ static void __exit xfrm6_tunnel_fini(void)
        X6TPRINTK3(KERN_DEBUG "%s()\n", __FUNCTION__);
        xfrm6_tunnel_spi_fini();
-        if (inet6_del_protocol(&xfrm6_tunnel_protocol, IPPROTO_IPV6) < 0)
+        if (xfrm6_tunnel_deregister(&xfrm6_tunnel_handler))
                X6TPRINTK1(KERN_ERR 
-                           "xfrm6_tunnel close: can't remove protocol\n");
+                           "xfrm6_tunnel close: can't remove handler\n");
        if (xfrm_unregister_type(&xfrm6_tunnel_type, AF_INET6) < 0)
                X6TPRINTK1(KERN_ERR
                           "xfrm6_tunnel close: can't remove xfrm type\n");

diff --git a/net/ipv6/Kconfig b/net/ipv6/Kconfig index e6f83b6a2b76..f8a107ab5592 100644 --- a/net/ipv6/Kconfig +++ b/net/ipv6/Kconfig
@@ -88,7 +88,7 @@ config INET6_IPCOMP
88	tristate "IPv6: IPComp transformation"	88	tristate "IPv6: IPComp transformation"
89	depends on IPV6	89	depends on IPV6
90	select XFRM	90	select XFRM
91	select INET6_TUNNEL	91	select INET6_XFRM_TUNNEL
92	select CRYPTO	92	select CRYPTO
93	select CRYPTO_DEFLATE	93	select CRYPTO_DEFLATE
94	---help---	94	---help---
@@ -97,19 +97,18 @@ config INET6_IPCOMP
97		97
98	If unsure, say Y.	98	If unsure, say Y.
99		99
		100	config INET6_XFRM_TUNNEL
		101	tristate
		102	select INET6_TUNNEL
		103	default n
		104
100	config INET6_TUNNEL	105	config INET6_TUNNEL
101	tristate "IPv6: tunnel transformation"	106	tristate
102	depends on IPV6	107	default n
103	select XFRM
104	---help---
105	Support for generic IPv6-in-IPv6 tunnel transformation, which is
106	required by the IPv6-in-IPv6 tunneling module as well as tunnel mode
107	IPComp.
108
109	If unsure, say Y.
110		108
111	config IPV6_TUNNEL	109	config IPV6_TUNNEL
112	tristate "IPv6: IPv6-in-IPv6 tunnel"	110	tristate "IPv6: IPv6-in-IPv6 tunnel"
		111	select INET6_TUNNEL
113	depends on IPV6	112	depends on IPV6
114	---help---	113	---help---
115	Support for IPv6-in-IPv6 tunnels described in RFC 2473.	114	Support for IPv6-in-IPv6 tunnels described in RFC 2473.


diff --git a/net/ipv6/Makefile b/net/ipv6/Makefile index 41877abd22e6..a760b0988fbb 100644 --- a/net/ipv6/Makefile +++ b/net/ipv6/Makefile
@@ -18,7 +18,8 @@ ipv6-objs += $(ipv6-y)
18	obj-$(CONFIG_INET6_AH) += ah6.o	18	obj-$(CONFIG_INET6_AH) += ah6.o
19	obj-$(CONFIG_INET6_ESP) += esp6.o	19	obj-$(CONFIG_INET6_ESP) += esp6.o
20	obj-$(CONFIG_INET6_IPCOMP) += ipcomp6.o	20	obj-$(CONFIG_INET6_IPCOMP) += ipcomp6.o
21	obj-$(CONFIG_INET6_TUNNEL) += xfrm6_tunnel.o	21	obj-$(CONFIG_INET6_XFRM_TUNNEL) += xfrm6_tunnel.o
		22	obj-$(CONFIG_INET6_TUNNEL) += tunnel6.o
22	obj-$(CONFIG_NETFILTER) += netfilter/	23	obj-$(CONFIG_NETFILTER) += netfilter/
23		24
24	obj-$(CONFIG_IPV6_TUNNEL) += ip6_tunnel.o	25	obj-$(CONFIG_IPV6_TUNNEL) += ip6_tunnel.o


diff --git a/net/ipv6/ip6_tunnel.c b/net/ipv6/ip6_tunnel.c index 48597538db3f..ff9040c92556 100644 --- a/net/ipv6/ip6_tunnel.c +++ b/net/ipv6/ip6_tunnel.c
@@ -44,7 +44,6 @@
44		44
45	#include <net/ip.h>	45	#include <net/ip.h>
46	#include <net/ipv6.h>	46	#include <net/ipv6.h>
47	#include <net/protocol.h>
48	#include <net/ip6_route.h>	47	#include <net/ip6_route.h>
49	#include <net/addrconf.h>	48	#include <net/addrconf.h>
50	#include <net/ip6_tunnel.h>	49	#include <net/ip6_tunnel.h>
@@ -391,7 +390,7 @@ parse_tlv_tnl_enc_lim(struct sk_buff skb, __u8 raw)
391	* to the specifications in RFC 2473.	390	* to the specifications in RFC 2473.
392	**/	391	**/
393		392
394	static void	393	static int
395	ip6ip6_err(struct sk_buff skb, struct inet6_skb_parm opt,	394	ip6ip6_err(struct sk_buff skb, struct inet6_skb_parm opt,
396	int type, int code, int offset, __u32 info)	395	int type, int code, int offset, __u32 info)
397	{	396	{
@@ -402,6 +401,7 @@ ip6ip6_err(struct sk_buff skb, struct inet6_skb_parm opt,
402	int rel_code = ICMPV6_ADDR_UNREACH;	401	int rel_code = ICMPV6_ADDR_UNREACH;
403	__u32 rel_info = 0;	402	__u32 rel_info = 0;
404	__u16 len;	403	__u16 len;
		404	int err = -ENOENT;
405		405
406	/* If the packet doesn't contain the original IPv6 header we are	406	/* If the packet doesn't contain the original IPv6 header we are
407	in trouble since we might need the source address for further	407	in trouble since we might need the source address for further
@@ -411,6 +411,8 @@ ip6ip6_err(struct sk_buff skb, struct inet6_skb_parm opt,
411	if ((t = ip6ip6_tnl_lookup(&ipv6h->daddr, &ipv6h->saddr)) == NULL)	411	if ((t = ip6ip6_tnl_lookup(&ipv6h->daddr, &ipv6h->saddr)) == NULL)
412	goto out;	412	goto out;
413		413
		414	err = 0;
		415
414	switch (type) {	416	switch (type) {
415	__u32 teli;	417	__u32 teli;
416	struct ipv6_tlv_tnl_enc_lim *tel;	418	struct ipv6_tlv_tnl_enc_lim *tel;
@@ -492,6 +494,7 @@ ip6ip6_err(struct sk_buff skb, struct inet6_skb_parm opt,
492	}	494	}
493	out:	495	out:
494	read_unlock(&ip6ip6_lock);	496	read_unlock(&ip6ip6_lock);
		497	return err;
495	}	498	}
496		499
497	static inline void ip6ip6_ecn_decapsulate(struct ipv6hdr *outer_iph,	500	static inline void ip6ip6_ecn_decapsulate(struct ipv6hdr *outer_iph,
@@ -511,9 +514,8 @@ static inline void ip6ip6_ecn_decapsulate(struct ipv6hdr *outer_iph,
511	**/	514	**/
512		515
513	static int	516	static int
514	ip6ip6_rcv(struct sk_buff **pskb)	517	ip6ip6_rcv(struct sk_buff *skb)
515	{	518	{
516	struct sk_buff skb = pskb;
517	struct ipv6hdr *ipv6h;	519	struct ipv6hdr *ipv6h;
518	struct ip6_tnl *t;	520	struct ip6_tnl *t;
519		521
@@ -1112,39 +1114,12 @@ ip6ip6_fb_tnl_dev_init(struct net_device *dev)
1112	return 0;	1114	return 0;
1113	}	1115	}
1114		1116
1115	#ifdef CONFIG_INET6_TUNNEL
1116	static struct xfrm6_tunnel ip6ip6_handler = {	1117	static struct xfrm6_tunnel ip6ip6_handler = {
1117	.handler = ip6ip6_rcv,	1118	.handler = ip6ip6_rcv,
1118	.err_handler = ip6ip6_err,	1119	.err_handler = ip6ip6_err,
		1120	.priority = 1,
1119	};	1121	};
1120		1122
1121	static inline int ip6ip6_register(void)
1122	{
1123	return xfrm6_tunnel_register(&ip6ip6_handler);
1124	}
1125
1126	static inline int ip6ip6_unregister(void)
1127	{
1128	return xfrm6_tunnel_deregister(&ip6ip6_handler);
1129	}
1130	#else
1131	static struct inet6_protocol xfrm6_tunnel_protocol = {
1132	.handler = ip6ip6_rcv,
1133	.err_handler = ip6ip6_err,
1134	.flags = INET6_PROTO_NOPOLICY\|INET6_PROTO_FINAL,
1135	};
1136
1137	static inline int ip6ip6_register(void)
1138	{
1139	return inet6_add_protocol(&xfrm6_tunnel_protocol, IPPROTO_IPV6);
1140	}
1141
1142	static inline int ip6ip6_unregister(void)
1143	{
1144	return inet6_del_protocol(&xfrm6_tunnel_protocol, IPPROTO_IPV6);
1145	}
1146	#endif
1147
1148	/**	1123	/**
1149	* ip6_tunnel_init - register protocol and reserve needed resources	1124	* ip6_tunnel_init - register protocol and reserve needed resources
1150	*	1125	*
@@ -1155,7 +1130,7 @@ static int __init ip6_tunnel_init(void)
1155	{	1130	{
1156	int err;	1131	int err;
1157		1132
1158	if (ip6ip6_register() < 0) {	1133	if (xfrm6_tunnel_register(&ip6ip6_handler)) {
1159	printk(KERN_ERR "ip6ip6 init: can't register tunnel\n");	1134	printk(KERN_ERR "ip6ip6 init: can't register tunnel\n");
1160	return -EAGAIN;	1135	return -EAGAIN;
1161	}	1136	}
@@ -1174,7 +1149,7 @@ static int __init ip6_tunnel_init(void)
1174	}	1149	}
1175	return 0;	1150	return 0;
1176	fail:	1151	fail:
1177	ip6ip6_unregister();	1152	xfrm6_tunnel_deregister(&ip6ip6_handler);
1178	return err;	1153	return err;
1179	}	1154	}
1180		1155
@@ -1184,7 +1159,7 @@ fail:
1184		1159
1185	static void __exit ip6_tunnel_cleanup(void)	1160	static void __exit ip6_tunnel_cleanup(void)
1186	{	1161	{
1187	if (ip6ip6_unregister() < 0)	1162	if (xfrm6_tunnel_deregister(&ip6ip6_handler))
1188	printk(KERN_INFO "ip6ip6 close: can't deregister tunnel\n");	1163	printk(KERN_INFO "ip6ip6 close: can't deregister tunnel\n");
1189		1164
1190	unregister_netdev(ip6ip6_fb_tnl_dev);	1165	unregister_netdev(ip6ip6_fb_tnl_dev);


diff --git a/net/ipv6/tunnel6.c b/net/ipv6/tunnel6.c new file mode 100644 index 000000000000..5659b52284bd --- /dev/null +++ b/net/ipv6/tunnel6.c
@@ -0,0 +1,131 @@
		1	/*
		2	* Copyright (C)2003,2004 USAGI/WIDE Project
		3	*
		4	* This program is free software; you can redistribute it and/or modify
		5	* it under the terms of the GNU General Public License as published by
		6	* the Free Software Foundation; either version 2 of the License, or
		7	* (at your option) any later version.
		8	*
		9	* This program is distributed in the hope that it will be useful,
		10	* but WITHOUT ANY WARRANTY; without even the implied warranty of
		11	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
		12	* GNU General Public License for more details.
		13	*
		14	* You should have received a copy of the GNU General Public License
		15	* along with this program; if not, write to the Free Software
		16	* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
		17	*
		18	* Authors Mitsuru KANDA <mk@linux-ipv6.org>
		19	* YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
		20	*/
		21
		22	#include <linux/init.h>
		23	#include <linux/module.h>
		24	#include <linux/mutex.h>
		25	#include <linux/netdevice.h>
		26	#include <linux/skbuff.h>
		27	#include <net/protocol.h>
		28	#include <net/xfrm.h>
		29
		30	static struct xfrm6_tunnel *tunnel6_handlers;
		31	static DEFINE_MUTEX(tunnel6_mutex);
		32
		33	int xfrm6_tunnel_register(struct xfrm6_tunnel *handler)
		34	{
		35	struct xfrm6_tunnel **pprev;
		36	int ret = -EEXIST;
		37	int priority = handler->priority;
		38
		39	mutex_lock(&tunnel6_mutex);
		40
		41	for (pprev = &tunnel6_handlers; pprev; pprev = &(pprev)->next) {
		42	if ((*pprev)->priority > priority)
		43	break;
		44	if ((*pprev)->priority == priority)
		45	goto err;
		46	}
		47
		48	handler->next = *pprev;
		49	*pprev = handler;
		50
		51	ret = 0;
		52
		53	err:
		54	mutex_unlock(&tunnel6_mutex);
		55
		56	return ret;
		57	}
		58
		59	EXPORT_SYMBOL(xfrm6_tunnel_register);
		60
		61	int xfrm6_tunnel_deregister(struct xfrm6_tunnel *handler)
		62	{
		63	struct xfrm6_tunnel **pprev;
		64	int ret = -ENOENT;
		65
		66	mutex_lock(&tunnel6_mutex);
		67
		68	for (pprev = &tunnel6_handlers; pprev; pprev = &(pprev)->next) {
		69	if (*pprev == handler) {
		70	*pprev = handler->next;
		71	ret = 0;
		72	break;
		73	}
		74	}
		75
		76	mutex_unlock(&tunnel6_mutex);
		77
		78	synchronize_net();
		79
		80	return ret;
		81	}
		82
		83	EXPORT_SYMBOL(xfrm6_tunnel_deregister);
		84
		85	static int tunnel6_rcv(struct sk_buff **pskb)
		86	{
		87	struct sk_buff skb = pskb;
		88	struct xfrm6_tunnel *handler;
		89
		90	for (handler = tunnel6_handlers; handler; handler = handler->next)
		91	if (!handler->handler(skb))
		92	return 0;
		93
		94	kfree_skb(skb);
		95	return 0;
		96	}
		97
		98	static void tunnel6_err(struct sk_buff skb, struct inet6_skb_parm opt,
		99	int type, int code, int offset, __u32 info)
		100	{
		101	struct xfrm6_tunnel *handler;
		102
		103	for (handler = tunnel6_handlers; handler; handler = handler->next)
		104	if (!handler->err_handler(skb, opt, type, code, offset, info))
		105	break;
		106	}
		107
		108	static struct inet6_protocol tunnel6_protocol = {
		109	.handler = tunnel6_rcv,
		110	.err_handler = tunnel6_err,
		111	.flags = INET6_PROTO_NOPOLICY\|INET6_PROTO_FINAL,
		112	};
		113
		114	static int __init tunnel6_init(void)
		115	{
		116	if (inet6_add_protocol(&tunnel6_protocol, IPPROTO_IPV6)) {
		117	printk(KERN_ERR "tunnel6 init(): can't add protocol\n");
		118	return -EAGAIN;
		119	}
		120	return 0;
		121	}
		122
		123	static void __exit tunnel6_fini(void)
		124	{
		125	if (inet6_del_protocol(&tunnel6_protocol, IPPROTO_IPV6))
		126	printk(KERN_ERR "tunnel6 close: can't remove protocol\n");
		127	}
		128
		129	module_init(tunnel6_init);
		130	module_exit(tunnel6_fini);
		131	MODULE_LICENSE("GPL");


diff --git a/net/ipv6/xfrm6_input.c b/net/ipv6/xfrm6_input.c index 1ca2da68ef69..cccf8b76f046 100644 --- a/net/ipv6/xfrm6_input.c +++ b/net/ipv6/xfrm6_input.c
@@ -28,9 +28,8 @@ static inline void ipip6_ecn_decapsulate(struct sk_buff *skb)
28	IP6_ECN_set_ce(inner_iph);	28	IP6_ECN_set_ce(inner_iph);
29	}	29	}
30		30
31	int xfrm6_rcv_spi(struct sk_buff **pskb, u32 spi)	31	int xfrm6_rcv_spi(struct sk_buff *skb, u32 spi)
32	{	32	{
33	struct sk_buff skb = pskb;
34	int err;	33	int err;
35	u32 seq;	34	u32 seq;
36	struct sec_decap_state xfrm_vec[XFRM_MAX_DEPTH];	35	struct sec_decap_state xfrm_vec[XFRM_MAX_DEPTH];
@@ -159,5 +158,5 @@ EXPORT_SYMBOL(xfrm6_rcv_spi);
159		158
160	int xfrm6_rcv(struct sk_buff **pskb)	159	int xfrm6_rcv(struct sk_buff **pskb)
161	{	160	{
162	return xfrm6_rcv_spi(pskb, 0);	161	return xfrm6_rcv_spi(*pskb, 0);
163	}	162	}


diff --git a/net/ipv6/xfrm6_tunnel.c b/net/ipv6/xfrm6_tunnel.c index 08f9abbdf1d7..a8f6776c518d 100644 --- a/net/ipv6/xfrm6_tunnel.c +++ b/net/ipv6/xfrm6_tunnel.c
@@ -28,7 +28,6 @@
28	#include <net/ip.h>	28	#include <net/ip.h>
29	#include <net/xfrm.h>	29	#include <net/xfrm.h>
30	#include <net/ipv6.h>	30	#include <net/ipv6.h>
31	#include <net/protocol.h>
32	#include <linux/ipv6.h>	31	#include <linux/ipv6.h>
33	#include <linux/icmpv6.h>	32	#include <linux/icmpv6.h>
34	#include <linux/mutex.h>	33	#include <linux/mutex.h>
@@ -357,71 +356,18 @@ static int xfrm6_tunnel_input(struct xfrm_state x, struct xfrm_decap_state dec
357	return 0;	356	return 0;
358	}	357	}
359		358
360	static struct xfrm6_tunnel *xfrm6_tunnel_handler;	359	static int xfrm6_tunnel_rcv(struct sk_buff *skb)
361	static DEFINE_MUTEX(xfrm6_tunnel_mutex);
362
363	int xfrm6_tunnel_register(struct xfrm6_tunnel *handler)
364	{	360	{
365	int ret;
366
367	mutex_lock(&xfrm6_tunnel_mutex);
368	ret = 0;
369	if (xfrm6_tunnel_handler != NULL)
370	ret = -EINVAL;
371	if (!ret)
372	xfrm6_tunnel_handler = handler;
373	mutex_unlock(&xfrm6_tunnel_mutex);
374
375	return ret;
376	}
377
378	EXPORT_SYMBOL(xfrm6_tunnel_register);
379
380	int xfrm6_tunnel_deregister(struct xfrm6_tunnel *handler)
381	{
382	int ret;
383
384	mutex_lock(&xfrm6_tunnel_mutex);
385	ret = 0;
386	if (xfrm6_tunnel_handler != handler)
387	ret = -EINVAL;
388	if (!ret)
389	xfrm6_tunnel_handler = NULL;
390	mutex_unlock(&xfrm6_tunnel_mutex);
391
392	synchronize_net();
393
394	return ret;
395	}
396
397	EXPORT_SYMBOL(xfrm6_tunnel_deregister);
398
399	static int xfrm6_tunnel_rcv(struct sk_buff **pskb)
400	{
401	struct sk_buff skb = pskb;
402	struct xfrm6_tunnel *handler = xfrm6_tunnel_handler;
403	struct ipv6hdr *iph = skb->nh.ipv6h;	361	struct ipv6hdr *iph = skb->nh.ipv6h;
404	u32 spi;	362	u32 spi;
405		363
406	/* device-like_ip6ip6_handler() */
407	if (handler && handler->handler(pskb) == 0)
408	return 0;
409
410	spi = xfrm6_tunnel_spi_lookup((xfrm_address_t *)&iph->saddr);	364	spi = xfrm6_tunnel_spi_lookup((xfrm_address_t *)&iph->saddr);
411	return xfrm6_rcv_spi(pskb, spi);	365	return xfrm6_rcv_spi(skb, spi);
412	}	366	}
413		367
414	static void xfrm6_tunnel_err(struct sk_buff skb, struct inet6_skb_parm opt,	368	static int xfrm6_tunnel_err(struct sk_buff skb, struct inet6_skb_parm opt,
415	int type, int code, int offset, __u32 info)	369	int type, int code, int offset, __u32 info)
416	{	370	{
417	struct xfrm6_tunnel *handler = xfrm6_tunnel_handler;
418
419	/* call here first for device-like ip6ip6 err handling */
420	if (handler) {
421	handler->err_handler(skb, opt, type, code, offset, info);
422	return;
423	}
424
425	/* xfrm6_tunnel native err handling */	371	/* xfrm6_tunnel native err handling */
426	switch (type) {	372	switch (type) {
427	case ICMPV6_DEST_UNREACH:	373	case ICMPV6_DEST_UNREACH:
@@ -462,7 +408,8 @@ static void xfrm6_tunnel_err(struct sk_buff skb, struct inet6_skb_parm opt,
462	default:	408	default:
463	break;	409	break;
464	}	410	}
465	return;	411
		412	return 0;
466	}	413	}
467		414
468	static int xfrm6_tunnel_init_state(struct xfrm_state *x)	415	static int xfrm6_tunnel_init_state(struct xfrm_state *x)
@@ -493,10 +440,10 @@ static struct xfrm_type xfrm6_tunnel_type = {
493	.output = xfrm6_tunnel_output,	440	.output = xfrm6_tunnel_output,
494	};	441	};
495		442
496	static struct inet6_protocol xfrm6_tunnel_protocol = {	443	static struct xfrm6_tunnel xfrm6_tunnel_handler = {
497	.handler = xfrm6_tunnel_rcv,	444	.handler = xfrm6_tunnel_rcv,
498	.err_handler = xfrm6_tunnel_err,	445	.err_handler = xfrm6_tunnel_err,
499	.flags = INET6_PROTO_NOPOLICY\|INET6_PROTO_FINAL,	446	.priority = 2,
500	};	447	};
501		448
502	static int __init xfrm6_tunnel_init(void)	449	static int __init xfrm6_tunnel_init(void)
@@ -508,16 +455,16 @@ static int __init xfrm6_tunnel_init(void)
508	"xfrm6_tunnel init: can't add xfrm type\n");	455	"xfrm6_tunnel init: can't add xfrm type\n");
509	return -EAGAIN;	456	return -EAGAIN;
510	}	457	}
511	if (inet6_add_protocol(&xfrm6_tunnel_protocol, IPPROTO_IPV6) < 0) {	458	if (xfrm6_tunnel_register(&xfrm6_tunnel_handler)) {
512	X6TPRINTK1(KERN_ERR	459	X6TPRINTK1(KERN_ERR
513	"xfrm6_tunnel init(): can't add protocol\n");	460	"xfrm6_tunnel init(): can't add handler\n");
514	xfrm_unregister_type(&xfrm6_tunnel_type, AF_INET6);	461	xfrm_unregister_type(&xfrm6_tunnel_type, AF_INET6);
515	return -EAGAIN;	462	return -EAGAIN;
516	}	463	}
517	if (xfrm6_tunnel_spi_init() < 0) {	464	if (xfrm6_tunnel_spi_init() < 0) {
518	X6TPRINTK1(KERN_ERR	465	X6TPRINTK1(KERN_ERR
519	"xfrm6_tunnel init: failed to initialize spi\n");	466	"xfrm6_tunnel init: failed to initialize spi\n");
520	inet6_del_protocol(&xfrm6_tunnel_protocol, IPPROTO_IPV6);	467	xfrm6_tunnel_deregister(&xfrm6_tunnel_handler);
521	xfrm_unregister_type(&xfrm6_tunnel_type, AF_INET6);	468	xfrm_unregister_type(&xfrm6_tunnel_type, AF_INET6);
522	return -EAGAIN;	469	return -EAGAIN;
523	}	470	}
@@ -529,9 +476,9 @@ static void __exit xfrm6_tunnel_fini(void)
529	X6TPRINTK3(KERN_DEBUG "%s()\n", __FUNCTION__);	476	X6TPRINTK3(KERN_DEBUG "%s()\n", __FUNCTION__);
530		477
531	xfrm6_tunnel_spi_fini();	478	xfrm6_tunnel_spi_fini();
532	if (inet6_del_protocol(&xfrm6_tunnel_protocol, IPPROTO_IPV6) < 0)	479	if (xfrm6_tunnel_deregister(&xfrm6_tunnel_handler))
533	X6TPRINTK1(KERN_ERR	480	X6TPRINTK1(KERN_ERR
534	"xfrm6_tunnel close: can't remove protocol\n");	481	"xfrm6_tunnel close: can't remove handler\n");
535	if (xfrm_unregister_type(&xfrm6_tunnel_type, AF_INET6) < 0)	482	if (xfrm_unregister_type(&xfrm6_tunnel_type, AF_INET6) < 0)
536	X6TPRINTK1(KERN_ERR	483	X6TPRINTK1(KERN_ERR
537	"xfrm6_tunnel close: can't remove xfrm type\n");	484	"xfrm6_tunnel close: can't remove xfrm type\n");