1b57dc7c1SPaul Blakey /* SPDX-License-Identifier: GPL-2.0 */ 2b57dc7c1SPaul Blakey #ifndef __NET_TC_CT_H 3b57dc7c1SPaul Blakey #define __NET_TC_CT_H 4b57dc7c1SPaul Blakey 5b57dc7c1SPaul Blakey #include <net/act_api.h> 6b57dc7c1SPaul Blakey #include <uapi/linux/tc_act/tc_ct.h> 7b57dc7c1SPaul Blakey 8b57dc7c1SPaul Blakey #if IS_ENABLED(CONFIG_NF_CONNTRACK) 9b57dc7c1SPaul Blakey #include <net/netfilter/nf_nat.h> 10b57dc7c1SPaul Blakey #include <net/netfilter/nf_conntrack_labels.h> 11b57dc7c1SPaul Blakey 12b57dc7c1SPaul Blakey struct tcf_ct_params { 13a21b06e7SXin Long struct nf_conntrack_helper *helper; 14b57dc7c1SPaul Blakey struct nf_conn *tmpl; 15b57dc7c1SPaul Blakey u16 zone; 16b57dc7c1SPaul Blakey 17b57dc7c1SPaul Blakey u32 mark; 18b57dc7c1SPaul Blakey u32 mark_mask; 19b57dc7c1SPaul Blakey 20b57dc7c1SPaul Blakey u32 labels[NF_CT_LABELS_MAX_SIZE / sizeof(u32)]; 21b57dc7c1SPaul Blakey u32 labels_mask[NF_CT_LABELS_MAX_SIZE / sizeof(u32)]; 22b57dc7c1SPaul Blakey 23b57dc7c1SPaul Blakey struct nf_nat_range2 range; 24b57dc7c1SPaul Blakey bool ipv4_range; 25b57dc7c1SPaul Blakey 26b57dc7c1SPaul Blakey u16 ct_action; 27b57dc7c1SPaul Blakey 28b57dc7c1SPaul Blakey struct rcu_head rcu; 29c34b961aSPaul Blakey 30c34b961aSPaul Blakey struct tcf_ct_flow_table *ct_ft; 31edd5861eSPaul Blakey struct nf_flowtable *nf_ft; 32b57dc7c1SPaul Blakey }; 33b57dc7c1SPaul Blakey 34b57dc7c1SPaul Blakey struct tcf_ct { 35b57dc7c1SPaul Blakey struct tc_action common; 36b57dc7c1SPaul Blakey struct tcf_ct_params __rcu *params; 37b57dc7c1SPaul Blakey }; 38b57dc7c1SPaul Blakey 39b57dc7c1SPaul Blakey #define to_ct(a) ((struct tcf_ct *)a) 40107f2d50SVlad Buslov #define to_ct_params(a) \ 41107f2d50SVlad Buslov ((struct tcf_ct_params *) \ 42107f2d50SVlad Buslov rcu_dereference_protected(to_ct(a)->params, \ 43107f2d50SVlad Buslov lockdep_is_held(&a->tcfa_lock))) 44b57dc7c1SPaul Blakey tcf_ct_zone(const struct tc_action * a)45b57dc7c1SPaul Blakeystatic inline uint16_t tcf_ct_zone(const struct tc_action *a) 46b57dc7c1SPaul Blakey { 47b57dc7c1SPaul Blakey return to_ct_params(a)->zone; 48b57dc7c1SPaul Blakey } 49b57dc7c1SPaul Blakey tcf_ct_action(const struct tc_action * a)50b57dc7c1SPaul Blakeystatic inline int tcf_ct_action(const struct tc_action *a) 51b57dc7c1SPaul Blakey { 52b57dc7c1SPaul Blakey return to_ct_params(a)->ct_action; 53b57dc7c1SPaul Blakey } 54b57dc7c1SPaul Blakey tcf_ct_ft(const struct tc_action * a)55edd5861eSPaul Blakeystatic inline struct nf_flowtable *tcf_ct_ft(const struct tc_action *a) 56edd5861eSPaul Blakey { 57edd5861eSPaul Blakey return to_ct_params(a)->nf_ft; 58edd5861eSPaul Blakey } 59edd5861eSPaul Blakey tcf_ct_helper(const struct tc_action * a)60*0a7c9d1fSXin Longstatic inline struct nf_conntrack_helper *tcf_ct_helper(const struct tc_action *a) 61*0a7c9d1fSXin Long { 62*0a7c9d1fSXin Long return to_ct_params(a)->helper; 63*0a7c9d1fSXin Long } 64*0a7c9d1fSXin Long 65b57dc7c1SPaul Blakey #else tcf_ct_zone(const struct tc_action * a)66b57dc7c1SPaul Blakeystatic inline uint16_t tcf_ct_zone(const struct tc_action *a) { return 0; } tcf_ct_action(const struct tc_action * a)67b57dc7c1SPaul Blakeystatic inline int tcf_ct_action(const struct tc_action *a) { return 0; } tcf_ct_ft(const struct tc_action * a)68edd5861eSPaul Blakeystatic inline struct nf_flowtable *tcf_ct_ft(const struct tc_action *a) 69edd5861eSPaul Blakey { 70edd5861eSPaul Blakey return NULL; 71edd5861eSPaul Blakey } tcf_ct_helper(const struct tc_action * a)72*0a7c9d1fSXin Longstatic inline struct nf_conntrack_helper *tcf_ct_helper(const struct tc_action *a) 73*0a7c9d1fSXin Long { 74*0a7c9d1fSXin Long return NULL; 75*0a7c9d1fSXin Long } 76b57dc7c1SPaul Blakey #endif /* CONFIG_NF_CONNTRACK */ 77b57dc7c1SPaul Blakey 7830b0cf90SPaul Blakey #if IS_ENABLED(CONFIG_NET_ACT_CT) 79762f926dSAlaa Hleihel static inline void tcf_ct_flow_table_restore_skb(struct sk_buff * skb,unsigned long cookie)80762f926dSAlaa Hleiheltcf_ct_flow_table_restore_skb(struct sk_buff *skb, unsigned long cookie) 81762f926dSAlaa Hleihel { 82762f926dSAlaa Hleihel enum ip_conntrack_info ctinfo = cookie & NFCT_INFOMASK; 83762f926dSAlaa Hleihel struct nf_conn *ct; 84762f926dSAlaa Hleihel 85762f926dSAlaa Hleihel ct = (struct nf_conn *)(cookie & NFCT_PTRMASK); 86762f926dSAlaa Hleihel nf_conntrack_get(&ct->ct_general); 87762f926dSAlaa Hleihel nf_ct_set(skb, ct, ctinfo); 88762f926dSAlaa Hleihel } 8930b0cf90SPaul Blakey #else 9030b0cf90SPaul Blakey static inline void tcf_ct_flow_table_restore_skb(struct sk_buff * skb,unsigned long cookie)9130b0cf90SPaul Blakeytcf_ct_flow_table_restore_skb(struct sk_buff *skb, unsigned long cookie) { } 9230b0cf90SPaul Blakey #endif 9330b0cf90SPaul Blakey is_tcf_ct(const struct tc_action * a)94b57dc7c1SPaul Blakeystatic inline bool is_tcf_ct(const struct tc_action *a) 95b57dc7c1SPaul Blakey { 96b57dc7c1SPaul Blakey #if defined(CONFIG_NET_CLS_ACT) && IS_ENABLED(CONFIG_NF_CONNTRACK) 97b57dc7c1SPaul Blakey if (a->ops && a->ops->id == TCA_ID_CT) 98b57dc7c1SPaul Blakey return true; 99b57dc7c1SPaul Blakey #endif 100b57dc7c1SPaul Blakey return false; 101b57dc7c1SPaul Blakey } 102b57dc7c1SPaul Blakey 103b57dc7c1SPaul Blakey #endif /* __NET_TC_CT_H */ 104