1 /* 2 * net/sched/em_meta.c Metadata ematch 3 * 4 * This program is free software; you can redistribute it and/or 5 * modify it under the terms of the GNU General Public License 6 * as published by the Free Software Foundation; either version 7 * 2 of the License, or (at your option) any later version. 8 * 9 * Authors: Thomas Graf <tgraf@suug.ch> 10 * 11 * ========================================================================== 12 * 13 * The metadata ematch compares two meta objects where each object 14 * represents either a meta value stored in the kernel or a static 15 * value provided by userspace. The objects are not provided by 16 * userspace itself but rather a definition providing the information 17 * to build them. Every object is of a certain type which must be 18 * equal to the object it is being compared to. 19 * 20 * The definition of a objects conists of the type (meta type), a 21 * identifier (meta id) and additional type specific information. 22 * The meta id is either TCF_META_TYPE_VALUE for values provided by 23 * userspace or a index to the meta operations table consisting of 24 * function pointers to type specific meta data collectors returning 25 * the value of the requested meta value. 26 * 27 * lvalue rvalue 28 * +-----------+ +-----------+ 29 * | type: INT | | type: INT | 30 * def | id: INDEV | | id: VALUE | 31 * | data: | | data: 3 | 32 * +-----------+ +-----------+ 33 * | | 34 * ---> meta_ops[INT][INDEV](...) | 35 * | | 36 * ----------- | 37 * V V 38 * +-----------+ +-----------+ 39 * | type: INT | | type: INT | 40 * obj | id: INDEV | | id: VALUE | 41 * | data: 2 |<--data got filled out | data: 3 | 42 * +-----------+ +-----------+ 43 * | | 44 * --------------> 2 equals 3 <-------------- 45 * 46 * This is a simplified schema, the complexity varies depending 47 * on the meta type. Obviously, the length of the data must also 48 * be provided for non-numeric types. 49 * 50 * Additionaly, type dependant modifiers such as shift operators 51 * or mask may be applied to extend the functionaliy. As of now, 52 * the variable length type supports shifting the byte string to 53 * the right, eating up any number of octets and thus supporting 54 * wildcard interface name comparisons such as "ppp%" matching 55 * ppp0..9. 56 * 57 * NOTE: Certain meta values depend on other subsystems and are 58 * only available if that subsytem is enabled in the kernel. 59 */ 60 61 #include <linux/config.h> 62 #include <linux/module.h> 63 #include <linux/types.h> 64 #include <linux/kernel.h> 65 #include <linux/sched.h> 66 #include <linux/string.h> 67 #include <linux/skbuff.h> 68 #include <linux/random.h> 69 #include <linux/tc_ematch/tc_em_meta.h> 70 #include <net/dst.h> 71 #include <net/route.h> 72 #include <net/pkt_cls.h> 73 74 struct meta_obj 75 { 76 unsigned long value; 77 unsigned int len; 78 }; 79 80 struct meta_value 81 { 82 struct tcf_meta_val hdr; 83 unsigned long val; 84 unsigned int len; 85 }; 86 87 struct meta_match 88 { 89 struct meta_value lvalue; 90 struct meta_value rvalue; 91 }; 92 93 static inline int meta_id(struct meta_value *v) 94 { 95 return TCF_META_ID(v->hdr.kind); 96 } 97 98 static inline int meta_type(struct meta_value *v) 99 { 100 return TCF_META_TYPE(v->hdr.kind); 101 } 102 103 #define META_COLLECTOR(FUNC) static void meta_##FUNC(struct sk_buff *skb, \ 104 struct tcf_pkt_info *info, struct meta_value *v, \ 105 struct meta_obj *dst, int *err) 106 107 /************************************************************************** 108 * System status & misc 109 **************************************************************************/ 110 111 META_COLLECTOR(int_random) 112 { 113 get_random_bytes(&dst->value, sizeof(dst->value)); 114 } 115 116 static inline unsigned long fixed_loadavg(int load) 117 { 118 int rnd_load = load + (FIXED_1/200); 119 int rnd_frac = ((rnd_load & (FIXED_1-1)) * 100) >> FSHIFT; 120 121 return ((rnd_load >> FSHIFT) * 100) + rnd_frac; 122 } 123 124 META_COLLECTOR(int_loadavg_0) 125 { 126 dst->value = fixed_loadavg(avenrun[0]); 127 } 128 129 META_COLLECTOR(int_loadavg_1) 130 { 131 dst->value = fixed_loadavg(avenrun[1]); 132 } 133 134 META_COLLECTOR(int_loadavg_2) 135 { 136 dst->value = fixed_loadavg(avenrun[2]); 137 } 138 139 /************************************************************************** 140 * Device names & indices 141 **************************************************************************/ 142 143 static inline int int_dev(struct net_device *dev, struct meta_obj *dst) 144 { 145 if (unlikely(dev == NULL)) 146 return -1; 147 148 dst->value = dev->ifindex; 149 return 0; 150 } 151 152 static inline int var_dev(struct net_device *dev, struct meta_obj *dst) 153 { 154 if (unlikely(dev == NULL)) 155 return -1; 156 157 dst->value = (unsigned long) dev->name; 158 dst->len = strlen(dev->name); 159 return 0; 160 } 161 162 META_COLLECTOR(int_dev) 163 { 164 *err = int_dev(skb->dev, dst); 165 } 166 167 META_COLLECTOR(var_dev) 168 { 169 *err = var_dev(skb->dev, dst); 170 } 171 172 META_COLLECTOR(int_indev) 173 { 174 *err = int_dev(skb->input_dev, dst); 175 } 176 177 META_COLLECTOR(var_indev) 178 { 179 *err = var_dev(skb->input_dev, dst); 180 } 181 182 META_COLLECTOR(int_realdev) 183 { 184 *err = int_dev(skb->real_dev, dst); 185 } 186 187 META_COLLECTOR(var_realdev) 188 { 189 *err = var_dev(skb->real_dev, dst); 190 } 191 192 /************************************************************************** 193 * skb attributes 194 **************************************************************************/ 195 196 META_COLLECTOR(int_priority) 197 { 198 dst->value = skb->priority; 199 } 200 201 META_COLLECTOR(int_protocol) 202 { 203 /* Let userspace take care of the byte ordering */ 204 dst->value = skb->protocol; 205 } 206 207 META_COLLECTOR(int_security) 208 { 209 dst->value = skb->security; 210 } 211 212 META_COLLECTOR(int_pkttype) 213 { 214 dst->value = skb->pkt_type; 215 } 216 217 META_COLLECTOR(int_pktlen) 218 { 219 dst->value = skb->len; 220 } 221 222 META_COLLECTOR(int_datalen) 223 { 224 dst->value = skb->data_len; 225 } 226 227 META_COLLECTOR(int_maclen) 228 { 229 dst->value = skb->mac_len; 230 } 231 232 /************************************************************************** 233 * Netfilter 234 **************************************************************************/ 235 236 #ifdef CONFIG_NETFILTER 237 META_COLLECTOR(int_nfmark) 238 { 239 dst->value = skb->nfmark; 240 } 241 #endif 242 243 /************************************************************************** 244 * Traffic Control 245 **************************************************************************/ 246 247 META_COLLECTOR(int_tcindex) 248 { 249 dst->value = skb->tc_index; 250 } 251 252 #ifdef CONFIG_NET_CLS_ACT 253 META_COLLECTOR(int_tcverd) 254 { 255 dst->value = skb->tc_verd; 256 } 257 258 META_COLLECTOR(int_tcclassid) 259 { 260 dst->value = skb->tc_classid; 261 } 262 #endif 263 264 /************************************************************************** 265 * Routing 266 **************************************************************************/ 267 268 #ifdef CONFIG_NET_CLS_ROUTE 269 META_COLLECTOR(int_rtclassid) 270 { 271 if (unlikely(skb->dst == NULL)) 272 *err = -1; 273 else 274 dst->value = skb->dst->tclassid; 275 } 276 #endif 277 278 META_COLLECTOR(int_rtiif) 279 { 280 if (unlikely(skb->dst == NULL)) 281 *err = -1; 282 else 283 dst->value = ((struct rtable*) skb->dst)->fl.iif; 284 } 285 286 /************************************************************************** 287 * Meta value collectors assignment table 288 **************************************************************************/ 289 290 struct meta_ops 291 { 292 void (*get)(struct sk_buff *, struct tcf_pkt_info *, 293 struct meta_value *, struct meta_obj *, int *); 294 }; 295 296 /* Meta value operations table listing all meta value collectors and 297 * assigns them to a type and meta id. */ 298 static struct meta_ops __meta_ops[TCF_META_TYPE_MAX+1][TCF_META_ID_MAX+1] = { 299 [TCF_META_TYPE_VAR] = { 300 [TCF_META_ID_DEV] = { .get = meta_var_dev }, 301 [TCF_META_ID_INDEV] = { .get = meta_var_indev }, 302 [TCF_META_ID_REALDEV] = { .get = meta_var_realdev } 303 }, 304 [TCF_META_TYPE_INT] = { 305 [TCF_META_ID_RANDOM] = { .get = meta_int_random }, 306 [TCF_META_ID_LOADAVG_0] = { .get = meta_int_loadavg_0 }, 307 [TCF_META_ID_LOADAVG_1] = { .get = meta_int_loadavg_1 }, 308 [TCF_META_ID_LOADAVG_2] = { .get = meta_int_loadavg_2 }, 309 [TCF_META_ID_DEV] = { .get = meta_int_dev }, 310 [TCF_META_ID_INDEV] = { .get = meta_int_indev }, 311 [TCF_META_ID_REALDEV] = { .get = meta_int_realdev }, 312 [TCF_META_ID_PRIORITY] = { .get = meta_int_priority }, 313 [TCF_META_ID_PROTOCOL] = { .get = meta_int_protocol }, 314 [TCF_META_ID_SECURITY] = { .get = meta_int_security }, 315 [TCF_META_ID_PKTTYPE] = { .get = meta_int_pkttype }, 316 [TCF_META_ID_PKTLEN] = { .get = meta_int_pktlen }, 317 [TCF_META_ID_DATALEN] = { .get = meta_int_datalen }, 318 [TCF_META_ID_MACLEN] = { .get = meta_int_maclen }, 319 #ifdef CONFIG_NETFILTER 320 [TCF_META_ID_NFMARK] = { .get = meta_int_nfmark }, 321 #endif 322 [TCF_META_ID_TCINDEX] = { .get = meta_int_tcindex }, 323 #ifdef CONFIG_NET_CLS_ACT 324 [TCF_META_ID_TCVERDICT] = { .get = meta_int_tcverd }, 325 [TCF_META_ID_TCCLASSID] = { .get = meta_int_tcclassid }, 326 #endif 327 #ifdef CONFIG_NET_CLS_ROUTE 328 [TCF_META_ID_RTCLASSID] = { .get = meta_int_rtclassid }, 329 #endif 330 [TCF_META_ID_RTIIF] = { .get = meta_int_rtiif } 331 } 332 }; 333 334 static inline struct meta_ops * meta_ops(struct meta_value *val) 335 { 336 return &__meta_ops[meta_type(val)][meta_id(val)]; 337 } 338 339 /************************************************************************** 340 * Type specific operations for TCF_META_TYPE_VAR 341 **************************************************************************/ 342 343 static int meta_var_compare(struct meta_obj *a, struct meta_obj *b) 344 { 345 int r = a->len - b->len; 346 347 if (r == 0) 348 r = memcmp((void *) a->value, (void *) b->value, a->len); 349 350 return r; 351 } 352 353 static int meta_var_change(struct meta_value *dst, struct rtattr *rta) 354 { 355 int len = RTA_PAYLOAD(rta); 356 357 dst->val = (unsigned long) kmalloc(len, GFP_KERNEL); 358 if (dst->val == 0UL) 359 return -ENOMEM; 360 memcpy((void *) dst->val, RTA_DATA(rta), len); 361 dst->len = len; 362 return 0; 363 } 364 365 static void meta_var_destroy(struct meta_value *v) 366 { 367 if (v->val) 368 kfree((void *) v->val); 369 } 370 371 static void meta_var_apply_extras(struct meta_value *v, 372 struct meta_obj *dst) 373 { 374 int shift = v->hdr.shift; 375 376 if (shift && shift < dst->len) 377 dst->len -= shift; 378 } 379 380 static int meta_var_dump(struct sk_buff *skb, struct meta_value *v, int tlv) 381 { 382 if (v->val && v->len) 383 RTA_PUT(skb, tlv, v->len, (void *) v->val); 384 return 0; 385 386 rtattr_failure: 387 return -1; 388 } 389 390 /************************************************************************** 391 * Type specific operations for TCF_META_TYPE_INT 392 **************************************************************************/ 393 394 static int meta_int_compare(struct meta_obj *a, struct meta_obj *b) 395 { 396 /* Let gcc optimize it, the unlikely is not really based on 397 * some numbers but jump free code for mismatches seems 398 * more logical. */ 399 if (unlikely(a == b)) 400 return 0; 401 else if (a < b) 402 return -1; 403 else 404 return 1; 405 } 406 407 static int meta_int_change(struct meta_value *dst, struct rtattr *rta) 408 { 409 if (RTA_PAYLOAD(rta) >= sizeof(unsigned long)) { 410 dst->val = *(unsigned long *) RTA_DATA(rta); 411 dst->len = sizeof(unsigned long); 412 } else if (RTA_PAYLOAD(rta) == sizeof(u32)) { 413 dst->val = *(u32 *) RTA_DATA(rta); 414 dst->len = sizeof(u32); 415 } else 416 return -EINVAL; 417 418 return 0; 419 } 420 421 static void meta_int_apply_extras(struct meta_value *v, 422 struct meta_obj *dst) 423 { 424 if (v->hdr.shift) 425 dst->value >>= v->hdr.shift; 426 427 if (v->val) 428 dst->value &= v->val; 429 } 430 431 static int meta_int_dump(struct sk_buff *skb, struct meta_value *v, int tlv) 432 { 433 if (v->len == sizeof(unsigned long)) 434 RTA_PUT(skb, tlv, sizeof(unsigned long), &v->val); 435 else if (v->len == sizeof(u32)) { 436 u32 d = v->val; 437 RTA_PUT(skb, tlv, sizeof(d), &d); 438 } 439 440 return 0; 441 442 rtattr_failure: 443 return -1; 444 } 445 446 /************************************************************************** 447 * Type specific operations table 448 **************************************************************************/ 449 450 struct meta_type_ops 451 { 452 void (*destroy)(struct meta_value *); 453 int (*compare)(struct meta_obj *, struct meta_obj *); 454 int (*change)(struct meta_value *, struct rtattr *); 455 void (*apply_extras)(struct meta_value *, struct meta_obj *); 456 int (*dump)(struct sk_buff *, struct meta_value *, int); 457 }; 458 459 static struct meta_type_ops __meta_type_ops[TCF_META_TYPE_MAX+1] = { 460 [TCF_META_TYPE_VAR] = { 461 .destroy = meta_var_destroy, 462 .compare = meta_var_compare, 463 .change = meta_var_change, 464 .apply_extras = meta_var_apply_extras, 465 .dump = meta_var_dump 466 }, 467 [TCF_META_TYPE_INT] = { 468 .compare = meta_int_compare, 469 .change = meta_int_change, 470 .apply_extras = meta_int_apply_extras, 471 .dump = meta_int_dump 472 } 473 }; 474 475 static inline struct meta_type_ops * meta_type_ops(struct meta_value *v) 476 { 477 return &__meta_type_ops[meta_type(v)]; 478 } 479 480 /************************************************************************** 481 * Core 482 **************************************************************************/ 483 484 static inline int meta_get(struct sk_buff *skb, struct tcf_pkt_info *info, 485 struct meta_value *v, struct meta_obj *dst) 486 { 487 int err = 0; 488 489 if (meta_id(v) == TCF_META_ID_VALUE) { 490 dst->value = v->val; 491 dst->len = v->len; 492 return 0; 493 } 494 495 meta_ops(v)->get(skb, info, v, dst, &err); 496 if (err < 0) 497 return err; 498 499 if (meta_type_ops(v)->apply_extras) 500 meta_type_ops(v)->apply_extras(v, dst); 501 502 return 0; 503 } 504 505 static int em_meta_match(struct sk_buff *skb, struct tcf_ematch *m, 506 struct tcf_pkt_info *info) 507 { 508 int r; 509 struct meta_match *meta = (struct meta_match *) m->data; 510 struct meta_obj l_value, r_value; 511 512 if (meta_get(skb, info, &meta->lvalue, &l_value) < 0 || 513 meta_get(skb, info, &meta->rvalue, &r_value) < 0) 514 return 0; 515 516 r = meta_type_ops(&meta->lvalue)->compare(&l_value, &r_value); 517 518 switch (meta->lvalue.hdr.op) { 519 case TCF_EM_OPND_EQ: 520 return !r; 521 case TCF_EM_OPND_LT: 522 return r < 0; 523 case TCF_EM_OPND_GT: 524 return r > 0; 525 } 526 527 return 0; 528 } 529 530 static inline void meta_delete(struct meta_match *meta) 531 { 532 struct meta_type_ops *ops = meta_type_ops(&meta->lvalue); 533 534 if (ops && ops->destroy) { 535 ops->destroy(&meta->lvalue); 536 ops->destroy(&meta->rvalue); 537 } 538 539 kfree(meta); 540 } 541 542 static inline int meta_change_data(struct meta_value *dst, struct rtattr *rta) 543 { 544 if (rta) { 545 if (RTA_PAYLOAD(rta) == 0) 546 return -EINVAL; 547 548 return meta_type_ops(dst)->change(dst, rta); 549 } 550 551 return 0; 552 } 553 554 static inline int meta_is_supported(struct meta_value *val) 555 { 556 return (!meta_id(val) || meta_ops(val)->get); 557 } 558 559 static int em_meta_change(struct tcf_proto *tp, void *data, int len, 560 struct tcf_ematch *m) 561 { 562 int err = -EINVAL; 563 struct rtattr *tb[TCA_EM_META_MAX]; 564 struct tcf_meta_hdr *hdr; 565 struct meta_match *meta = NULL; 566 567 if (rtattr_parse(tb, TCA_EM_META_MAX, data, len) < 0) 568 goto errout; 569 570 if (tb[TCA_EM_META_HDR-1] == NULL || 571 RTA_PAYLOAD(tb[TCA_EM_META_HDR-1]) < sizeof(*hdr)) 572 goto errout; 573 hdr = RTA_DATA(tb[TCA_EM_META_HDR-1]); 574 575 if (TCF_META_TYPE(hdr->left.kind) != TCF_META_TYPE(hdr->right.kind) || 576 TCF_META_TYPE(hdr->left.kind) > TCF_META_TYPE_MAX || 577 TCF_META_ID(hdr->left.kind) > TCF_META_ID_MAX || 578 TCF_META_ID(hdr->right.kind) > TCF_META_ID_MAX) 579 goto errout; 580 581 meta = kmalloc(sizeof(*meta), GFP_KERNEL); 582 if (meta == NULL) 583 goto errout; 584 memset(meta, 0, sizeof(*meta)); 585 586 memcpy(&meta->lvalue.hdr, &hdr->left, sizeof(hdr->left)); 587 memcpy(&meta->rvalue.hdr, &hdr->right, sizeof(hdr->right)); 588 589 if (!meta_is_supported(&meta->lvalue) || 590 !meta_is_supported(&meta->rvalue)) { 591 err = -EOPNOTSUPP; 592 goto errout; 593 } 594 595 if (meta_change_data(&meta->lvalue, tb[TCA_EM_META_LVALUE-1]) < 0 || 596 meta_change_data(&meta->rvalue, tb[TCA_EM_META_RVALUE-1]) < 0) 597 goto errout; 598 599 m->datalen = sizeof(*meta); 600 m->data = (unsigned long) meta; 601 602 err = 0; 603 errout: 604 if (err && meta) 605 meta_delete(meta); 606 return err; 607 } 608 609 static void em_meta_destroy(struct tcf_proto *tp, struct tcf_ematch *m) 610 { 611 if (m) 612 meta_delete((struct meta_match *) m->data); 613 } 614 615 static int em_meta_dump(struct sk_buff *skb, struct tcf_ematch *em) 616 { 617 struct meta_match *meta = (struct meta_match *) em->data; 618 struct tcf_meta_hdr hdr; 619 struct meta_type_ops *ops; 620 621 memset(&hdr, 0, sizeof(hdr)); 622 memcpy(&hdr.left, &meta->lvalue.hdr, sizeof(hdr.left)); 623 memcpy(&hdr.right, &meta->rvalue.hdr, sizeof(hdr.right)); 624 625 RTA_PUT(skb, TCA_EM_META_HDR, sizeof(hdr), &hdr); 626 627 ops = meta_type_ops(&meta->lvalue); 628 if (ops->dump(skb, &meta->lvalue, TCA_EM_META_LVALUE) < 0 || 629 ops->dump(skb, &meta->rvalue, TCA_EM_META_RVALUE) < 0) 630 goto rtattr_failure; 631 632 return 0; 633 634 rtattr_failure: 635 return -1; 636 } 637 638 static struct tcf_ematch_ops em_meta_ops = { 639 .kind = TCF_EM_META, 640 .change = em_meta_change, 641 .match = em_meta_match, 642 .destroy = em_meta_destroy, 643 .dump = em_meta_dump, 644 .owner = THIS_MODULE, 645 .link = LIST_HEAD_INIT(em_meta_ops.link) 646 }; 647 648 static int __init init_em_meta(void) 649 { 650 return tcf_em_register(&em_meta_ops); 651 } 652 653 static void __exit exit_em_meta(void) 654 { 655 tcf_em_unregister(&em_meta_ops); 656 } 657 658 MODULE_LICENSE("GPL"); 659 660 module_init(init_em_meta); 661 module_exit(exit_em_meta); 662