1 /* 2 * net/sched/act_api.c Packet action API. 3 * 4 * This program is free software; you can redistribute it and/or 5 * modify it under the terms of the GNU General Public License 6 * as published by the Free Software Foundation; either version 7 * 2 of the License, or (at your option) any later version. 8 * 9 * Author: Jamal Hadi Salim 10 * 11 * 12 */ 13 14 #include <linux/types.h> 15 #include <linux/kernel.h> 16 #include <linux/string.h> 17 #include <linux/errno.h> 18 #include <linux/slab.h> 19 #include <linux/skbuff.h> 20 #include <linux/init.h> 21 #include <linux/kmod.h> 22 #include <linux/err.h> 23 #include <linux/module.h> 24 #include <net/net_namespace.h> 25 #include <net/sock.h> 26 #include <net/sch_generic.h> 27 #include <net/act_api.h> 28 #include <net/netlink.h> 29 30 static void free_tcf(struct rcu_head *head) 31 { 32 struct tc_action *p = container_of(head, struct tc_action, tcfa_rcu); 33 34 free_percpu(p->cpu_bstats); 35 free_percpu(p->cpu_qstats); 36 kfree(p); 37 } 38 39 static void tcf_hash_destroy(struct tcf_hashinfo *hinfo, struct tc_action *p) 40 { 41 spin_lock_bh(&hinfo->lock); 42 hlist_del(&p->tcfa_head); 43 spin_unlock_bh(&hinfo->lock); 44 gen_kill_estimator(&p->tcfa_bstats, 45 &p->tcfa_rate_est); 46 /* 47 * gen_estimator est_timer() might access p->tcfa_lock 48 * or bstats, wait a RCU grace period before freeing p 49 */ 50 call_rcu(&p->tcfa_rcu, free_tcf); 51 } 52 53 int __tcf_hash_release(struct tc_action *p, bool bind, bool strict) 54 { 55 int ret = 0; 56 57 if (p) { 58 if (bind) 59 p->tcfa_bindcnt--; 60 else if (strict && p->tcfa_bindcnt > 0) 61 return -EPERM; 62 63 p->tcfa_refcnt--; 64 if (p->tcfa_bindcnt <= 0 && p->tcfa_refcnt <= 0) { 65 if (p->ops->cleanup) 66 p->ops->cleanup(p, bind); 67 tcf_hash_destroy(p->hinfo, p); 68 ret = ACT_P_DELETED; 69 } 70 } 71 72 return ret; 73 } 74 EXPORT_SYMBOL(__tcf_hash_release); 75 76 static int tcf_dump_walker(struct tcf_hashinfo *hinfo, struct sk_buff *skb, 77 struct netlink_callback *cb) 78 { 79 int err = 0, index = -1, i = 0, s_i = 0, n_i = 0; 80 struct nlattr *nest; 81 82 spin_lock_bh(&hinfo->lock); 83 84 s_i = cb->args[0]; 85 86 for (i = 0; i < (hinfo->hmask + 1); i++) { 87 struct hlist_head *head; 88 struct tc_action *p; 89 90 head = &hinfo->htab[tcf_hash(i, hinfo->hmask)]; 91 92 hlist_for_each_entry_rcu(p, head, tcfa_head) { 93 index++; 94 if (index < s_i) 95 continue; 96 97 nest = nla_nest_start(skb, n_i); 98 if (nest == NULL) 99 goto nla_put_failure; 100 err = tcf_action_dump_1(skb, p, 0, 0); 101 if (err < 0) { 102 index--; 103 nlmsg_trim(skb, nest); 104 goto done; 105 } 106 nla_nest_end(skb, nest); 107 n_i++; 108 if (n_i >= TCA_ACT_MAX_PRIO) 109 goto done; 110 } 111 } 112 done: 113 spin_unlock_bh(&hinfo->lock); 114 if (n_i) 115 cb->args[0] += n_i; 116 return n_i; 117 118 nla_put_failure: 119 nla_nest_cancel(skb, nest); 120 goto done; 121 } 122 123 static int tcf_del_walker(struct tcf_hashinfo *hinfo, struct sk_buff *skb, 124 const struct tc_action_ops *ops) 125 { 126 struct nlattr *nest; 127 int i = 0, n_i = 0; 128 int ret = -EINVAL; 129 130 nest = nla_nest_start(skb, 0); 131 if (nest == NULL) 132 goto nla_put_failure; 133 if (nla_put_string(skb, TCA_KIND, ops->kind)) 134 goto nla_put_failure; 135 for (i = 0; i < (hinfo->hmask + 1); i++) { 136 struct hlist_head *head; 137 struct hlist_node *n; 138 struct tc_action *p; 139 140 head = &hinfo->htab[tcf_hash(i, hinfo->hmask)]; 141 hlist_for_each_entry_safe(p, n, head, tcfa_head) { 142 ret = __tcf_hash_release(p, false, true); 143 if (ret == ACT_P_DELETED) { 144 module_put(p->ops->owner); 145 n_i++; 146 } else if (ret < 0) 147 goto nla_put_failure; 148 } 149 } 150 if (nla_put_u32(skb, TCA_FCNT, n_i)) 151 goto nla_put_failure; 152 nla_nest_end(skb, nest); 153 154 return n_i; 155 nla_put_failure: 156 nla_nest_cancel(skb, nest); 157 return ret; 158 } 159 160 int tcf_generic_walker(struct tc_action_net *tn, struct sk_buff *skb, 161 struct netlink_callback *cb, int type, 162 const struct tc_action_ops *ops) 163 { 164 struct tcf_hashinfo *hinfo = tn->hinfo; 165 166 if (type == RTM_DELACTION) { 167 return tcf_del_walker(hinfo, skb, ops); 168 } else if (type == RTM_GETACTION) { 169 return tcf_dump_walker(hinfo, skb, cb); 170 } else { 171 WARN(1, "tcf_generic_walker: unknown action %d\n", type); 172 return -EINVAL; 173 } 174 } 175 EXPORT_SYMBOL(tcf_generic_walker); 176 177 static struct tc_action *tcf_hash_lookup(u32 index, struct tcf_hashinfo *hinfo) 178 { 179 struct tc_action *p = NULL; 180 struct hlist_head *head; 181 182 spin_lock_bh(&hinfo->lock); 183 head = &hinfo->htab[tcf_hash(index, hinfo->hmask)]; 184 hlist_for_each_entry_rcu(p, head, tcfa_head) 185 if (p->tcfa_index == index) 186 break; 187 spin_unlock_bh(&hinfo->lock); 188 189 return p; 190 } 191 192 u32 tcf_hash_new_index(struct tc_action_net *tn) 193 { 194 struct tcf_hashinfo *hinfo = tn->hinfo; 195 u32 val = hinfo->index; 196 197 do { 198 if (++val == 0) 199 val = 1; 200 } while (tcf_hash_lookup(val, hinfo)); 201 202 hinfo->index = val; 203 return val; 204 } 205 EXPORT_SYMBOL(tcf_hash_new_index); 206 207 int tcf_hash_search(struct tc_action_net *tn, struct tc_action **a, u32 index) 208 { 209 struct tcf_hashinfo *hinfo = tn->hinfo; 210 struct tc_action *p = tcf_hash_lookup(index, hinfo); 211 212 if (p) { 213 *a = p; 214 return 1; 215 } 216 return 0; 217 } 218 EXPORT_SYMBOL(tcf_hash_search); 219 220 bool tcf_hash_check(struct tc_action_net *tn, u32 index, struct tc_action **a, 221 int bind) 222 { 223 struct tcf_hashinfo *hinfo = tn->hinfo; 224 struct tc_action *p = NULL; 225 226 if (index && (p = tcf_hash_lookup(index, hinfo)) != NULL) { 227 if (bind) 228 p->tcfa_bindcnt++; 229 p->tcfa_refcnt++; 230 *a = p; 231 return true; 232 } 233 return false; 234 } 235 EXPORT_SYMBOL(tcf_hash_check); 236 237 void tcf_hash_cleanup(struct tc_action *a, struct nlattr *est) 238 { 239 if (est) 240 gen_kill_estimator(&a->tcfa_bstats, 241 &a->tcfa_rate_est); 242 call_rcu(&a->tcfa_rcu, free_tcf); 243 } 244 EXPORT_SYMBOL(tcf_hash_cleanup); 245 246 int tcf_hash_create(struct tc_action_net *tn, u32 index, struct nlattr *est, 247 struct tc_action **a, const struct tc_action_ops *ops, 248 int bind, bool cpustats) 249 { 250 struct tc_action *p = kzalloc(ops->size, GFP_KERNEL); 251 struct tcf_hashinfo *hinfo = tn->hinfo; 252 int err = -ENOMEM; 253 254 if (unlikely(!p)) 255 return -ENOMEM; 256 p->tcfa_refcnt = 1; 257 if (bind) 258 p->tcfa_bindcnt = 1; 259 260 if (cpustats) { 261 p->cpu_bstats = netdev_alloc_pcpu_stats(struct gnet_stats_basic_cpu); 262 if (!p->cpu_bstats) { 263 err1: 264 kfree(p); 265 return err; 266 } 267 p->cpu_qstats = alloc_percpu(struct gnet_stats_queue); 268 if (!p->cpu_qstats) { 269 err2: 270 free_percpu(p->cpu_bstats); 271 goto err1; 272 } 273 } 274 spin_lock_init(&p->tcfa_lock); 275 INIT_HLIST_NODE(&p->tcfa_head); 276 p->tcfa_index = index ? index : tcf_hash_new_index(tn); 277 p->tcfa_tm.install = jiffies; 278 p->tcfa_tm.lastuse = jiffies; 279 p->tcfa_tm.firstuse = 0; 280 if (est) { 281 err = gen_new_estimator(&p->tcfa_bstats, p->cpu_bstats, 282 &p->tcfa_rate_est, 283 &p->tcfa_lock, NULL, est); 284 if (err) { 285 free_percpu(p->cpu_qstats); 286 goto err2; 287 } 288 } 289 290 p->hinfo = hinfo; 291 p->ops = ops; 292 INIT_LIST_HEAD(&p->list); 293 *a = p; 294 return 0; 295 } 296 EXPORT_SYMBOL(tcf_hash_create); 297 298 void tcf_hash_insert(struct tc_action_net *tn, struct tc_action *a) 299 { 300 struct tcf_hashinfo *hinfo = tn->hinfo; 301 unsigned int h = tcf_hash(a->tcfa_index, hinfo->hmask); 302 303 spin_lock_bh(&hinfo->lock); 304 hlist_add_head(&a->tcfa_head, &hinfo->htab[h]); 305 spin_unlock_bh(&hinfo->lock); 306 } 307 EXPORT_SYMBOL(tcf_hash_insert); 308 309 void tcf_hashinfo_destroy(const struct tc_action_ops *ops, 310 struct tcf_hashinfo *hinfo) 311 { 312 int i; 313 314 for (i = 0; i < hinfo->hmask + 1; i++) { 315 struct tc_action *p; 316 struct hlist_node *n; 317 318 hlist_for_each_entry_safe(p, n, &hinfo->htab[i], tcfa_head) { 319 int ret; 320 321 ret = __tcf_hash_release(p, false, true); 322 if (ret == ACT_P_DELETED) 323 module_put(ops->owner); 324 else if (ret < 0) 325 return; 326 } 327 } 328 kfree(hinfo->htab); 329 } 330 EXPORT_SYMBOL(tcf_hashinfo_destroy); 331 332 static LIST_HEAD(act_base); 333 static DEFINE_RWLOCK(act_mod_lock); 334 335 int tcf_register_action(struct tc_action_ops *act, 336 struct pernet_operations *ops) 337 { 338 struct tc_action_ops *a; 339 int ret; 340 341 if (!act->act || !act->dump || !act->init || !act->walk || !act->lookup) 342 return -EINVAL; 343 344 /* We have to register pernet ops before making the action ops visible, 345 * otherwise tcf_action_init_1() could get a partially initialized 346 * netns. 347 */ 348 ret = register_pernet_subsys(ops); 349 if (ret) 350 return ret; 351 352 write_lock(&act_mod_lock); 353 list_for_each_entry(a, &act_base, head) { 354 if (act->type == a->type || (strcmp(act->kind, a->kind) == 0)) { 355 write_unlock(&act_mod_lock); 356 unregister_pernet_subsys(ops); 357 return -EEXIST; 358 } 359 } 360 list_add_tail(&act->head, &act_base); 361 write_unlock(&act_mod_lock); 362 363 return 0; 364 } 365 EXPORT_SYMBOL(tcf_register_action); 366 367 int tcf_unregister_action(struct tc_action_ops *act, 368 struct pernet_operations *ops) 369 { 370 struct tc_action_ops *a; 371 int err = -ENOENT; 372 373 write_lock(&act_mod_lock); 374 list_for_each_entry(a, &act_base, head) { 375 if (a == act) { 376 list_del(&act->head); 377 err = 0; 378 break; 379 } 380 } 381 write_unlock(&act_mod_lock); 382 if (!err) 383 unregister_pernet_subsys(ops); 384 return err; 385 } 386 EXPORT_SYMBOL(tcf_unregister_action); 387 388 /* lookup by name */ 389 static struct tc_action_ops *tc_lookup_action_n(char *kind) 390 { 391 struct tc_action_ops *a, *res = NULL; 392 393 if (kind) { 394 read_lock(&act_mod_lock); 395 list_for_each_entry(a, &act_base, head) { 396 if (strcmp(kind, a->kind) == 0) { 397 if (try_module_get(a->owner)) 398 res = a; 399 break; 400 } 401 } 402 read_unlock(&act_mod_lock); 403 } 404 return res; 405 } 406 407 /* lookup by nlattr */ 408 static struct tc_action_ops *tc_lookup_action(struct nlattr *kind) 409 { 410 struct tc_action_ops *a, *res = NULL; 411 412 if (kind) { 413 read_lock(&act_mod_lock); 414 list_for_each_entry(a, &act_base, head) { 415 if (nla_strcmp(kind, a->kind) == 0) { 416 if (try_module_get(a->owner)) 417 res = a; 418 break; 419 } 420 } 421 read_unlock(&act_mod_lock); 422 } 423 return res; 424 } 425 426 int tcf_action_exec(struct sk_buff *skb, struct tc_action **actions, 427 int nr_actions, struct tcf_result *res) 428 { 429 int ret = -1, i; 430 431 if (skb->tc_verd & TC_NCLS) { 432 skb->tc_verd = CLR_TC_NCLS(skb->tc_verd); 433 ret = TC_ACT_OK; 434 goto exec_done; 435 } 436 for (i = 0; i < nr_actions; i++) { 437 const struct tc_action *a = actions[i]; 438 439 repeat: 440 ret = a->ops->act(skb, a, res); 441 if (ret == TC_ACT_REPEAT) 442 goto repeat; /* we need a ttl - JHS */ 443 if (ret != TC_ACT_PIPE) 444 goto exec_done; 445 } 446 exec_done: 447 return ret; 448 } 449 EXPORT_SYMBOL(tcf_action_exec); 450 451 int tcf_action_destroy(struct list_head *actions, int bind) 452 { 453 struct tc_action *a, *tmp; 454 int ret = 0; 455 456 list_for_each_entry_safe(a, tmp, actions, list) { 457 ret = __tcf_hash_release(a, bind, true); 458 if (ret == ACT_P_DELETED) 459 module_put(a->ops->owner); 460 else if (ret < 0) 461 return ret; 462 } 463 return ret; 464 } 465 466 int 467 tcf_action_dump_old(struct sk_buff *skb, struct tc_action *a, int bind, int ref) 468 { 469 return a->ops->dump(skb, a, bind, ref); 470 } 471 472 int 473 tcf_action_dump_1(struct sk_buff *skb, struct tc_action *a, int bind, int ref) 474 { 475 int err = -EINVAL; 476 unsigned char *b = skb_tail_pointer(skb); 477 struct nlattr *nest; 478 479 if (nla_put_string(skb, TCA_KIND, a->ops->kind)) 480 goto nla_put_failure; 481 if (tcf_action_copy_stats(skb, a, 0)) 482 goto nla_put_failure; 483 nest = nla_nest_start(skb, TCA_OPTIONS); 484 if (nest == NULL) 485 goto nla_put_failure; 486 err = tcf_action_dump_old(skb, a, bind, ref); 487 if (err > 0) { 488 nla_nest_end(skb, nest); 489 return err; 490 } 491 492 nla_put_failure: 493 nlmsg_trim(skb, b); 494 return -1; 495 } 496 EXPORT_SYMBOL(tcf_action_dump_1); 497 498 int tcf_action_dump(struct sk_buff *skb, struct list_head *actions, 499 int bind, int ref) 500 { 501 struct tc_action *a; 502 int err = -EINVAL; 503 struct nlattr *nest; 504 505 list_for_each_entry(a, actions, list) { 506 nest = nla_nest_start(skb, a->order); 507 if (nest == NULL) 508 goto nla_put_failure; 509 err = tcf_action_dump_1(skb, a, bind, ref); 510 if (err < 0) 511 goto errout; 512 nla_nest_end(skb, nest); 513 } 514 515 return 0; 516 517 nla_put_failure: 518 err = -EINVAL; 519 errout: 520 nla_nest_cancel(skb, nest); 521 return err; 522 } 523 524 struct tc_action *tcf_action_init_1(struct net *net, struct nlattr *nla, 525 struct nlattr *est, char *name, int ovr, 526 int bind) 527 { 528 struct tc_action *a; 529 struct tc_action_ops *a_o; 530 char act_name[IFNAMSIZ]; 531 struct nlattr *tb[TCA_ACT_MAX + 1]; 532 struct nlattr *kind; 533 int err; 534 535 if (name == NULL) { 536 err = nla_parse_nested(tb, TCA_ACT_MAX, nla, NULL); 537 if (err < 0) 538 goto err_out; 539 err = -EINVAL; 540 kind = tb[TCA_ACT_KIND]; 541 if (kind == NULL) 542 goto err_out; 543 if (nla_strlcpy(act_name, kind, IFNAMSIZ) >= IFNAMSIZ) 544 goto err_out; 545 } else { 546 err = -EINVAL; 547 if (strlcpy(act_name, name, IFNAMSIZ) >= IFNAMSIZ) 548 goto err_out; 549 } 550 551 a_o = tc_lookup_action_n(act_name); 552 if (a_o == NULL) { 553 #ifdef CONFIG_MODULES 554 rtnl_unlock(); 555 request_module("act_%s", act_name); 556 rtnl_lock(); 557 558 a_o = tc_lookup_action_n(act_name); 559 560 /* We dropped the RTNL semaphore in order to 561 * perform the module load. So, even if we 562 * succeeded in loading the module we have to 563 * tell the caller to replay the request. We 564 * indicate this using -EAGAIN. 565 */ 566 if (a_o != NULL) { 567 err = -EAGAIN; 568 goto err_mod; 569 } 570 #endif 571 err = -ENOENT; 572 goto err_out; 573 } 574 575 /* backward compatibility for policer */ 576 if (name == NULL) 577 err = a_o->init(net, tb[TCA_ACT_OPTIONS], est, &a, ovr, bind); 578 else 579 err = a_o->init(net, nla, est, &a, ovr, bind); 580 if (err < 0) 581 goto err_mod; 582 583 /* module count goes up only when brand new policy is created 584 * if it exists and is only bound to in a_o->init() then 585 * ACT_P_CREATED is not returned (a zero is). 586 */ 587 if (err != ACT_P_CREATED) 588 module_put(a_o->owner); 589 590 return a; 591 592 err_mod: 593 module_put(a_o->owner); 594 err_out: 595 return ERR_PTR(err); 596 } 597 598 static void cleanup_a(struct list_head *actions, int ovr) 599 { 600 struct tc_action *a; 601 602 if (!ovr) 603 return; 604 605 list_for_each_entry(a, actions, list) 606 a->tcfa_refcnt--; 607 } 608 609 int tcf_action_init(struct net *net, struct nlattr *nla, struct nlattr *est, 610 char *name, int ovr, int bind, struct list_head *actions) 611 { 612 struct nlattr *tb[TCA_ACT_MAX_PRIO + 1]; 613 struct tc_action *act; 614 int err; 615 int i; 616 617 err = nla_parse_nested(tb, TCA_ACT_MAX_PRIO, nla, NULL); 618 if (err < 0) 619 return err; 620 621 for (i = 1; i <= TCA_ACT_MAX_PRIO && tb[i]; i++) { 622 act = tcf_action_init_1(net, tb[i], est, name, ovr, bind); 623 if (IS_ERR(act)) { 624 err = PTR_ERR(act); 625 goto err; 626 } 627 act->order = i; 628 if (ovr) 629 act->tcfa_refcnt++; 630 list_add_tail(&act->list, actions); 631 } 632 633 /* Remove the temp refcnt which was necessary to protect against 634 * destroying an existing action which was being replaced 635 */ 636 cleanup_a(actions, ovr); 637 return 0; 638 639 err: 640 tcf_action_destroy(actions, bind); 641 return err; 642 } 643 644 int tcf_action_copy_stats(struct sk_buff *skb, struct tc_action *p, 645 int compat_mode) 646 { 647 int err = 0; 648 struct gnet_dump d; 649 650 if (p == NULL) 651 goto errout; 652 653 /* compat_mode being true specifies a call that is supposed 654 * to add additional backward compatibility statistic TLVs. 655 */ 656 if (compat_mode) { 657 if (p->type == TCA_OLD_COMPAT) 658 err = gnet_stats_start_copy_compat(skb, 0, 659 TCA_STATS, 660 TCA_XSTATS, 661 &p->tcfa_lock, &d, 662 TCA_PAD); 663 else 664 return 0; 665 } else 666 err = gnet_stats_start_copy(skb, TCA_ACT_STATS, 667 &p->tcfa_lock, &d, TCA_ACT_PAD); 668 669 if (err < 0) 670 goto errout; 671 672 if (gnet_stats_copy_basic(NULL, &d, p->cpu_bstats, &p->tcfa_bstats) < 0 || 673 gnet_stats_copy_rate_est(&d, &p->tcfa_bstats, 674 &p->tcfa_rate_est) < 0 || 675 gnet_stats_copy_queue(&d, p->cpu_qstats, 676 &p->tcfa_qstats, 677 p->tcfa_qstats.qlen) < 0) 678 goto errout; 679 680 if (gnet_stats_finish_copy(&d) < 0) 681 goto errout; 682 683 return 0; 684 685 errout: 686 return -1; 687 } 688 689 static int tca_get_fill(struct sk_buff *skb, struct list_head *actions, 690 u32 portid, u32 seq, u16 flags, int event, int bind, 691 int ref) 692 { 693 struct tcamsg *t; 694 struct nlmsghdr *nlh; 695 unsigned char *b = skb_tail_pointer(skb); 696 struct nlattr *nest; 697 698 nlh = nlmsg_put(skb, portid, seq, event, sizeof(*t), flags); 699 if (!nlh) 700 goto out_nlmsg_trim; 701 t = nlmsg_data(nlh); 702 t->tca_family = AF_UNSPEC; 703 t->tca__pad1 = 0; 704 t->tca__pad2 = 0; 705 706 nest = nla_nest_start(skb, TCA_ACT_TAB); 707 if (nest == NULL) 708 goto out_nlmsg_trim; 709 710 if (tcf_action_dump(skb, actions, bind, ref) < 0) 711 goto out_nlmsg_trim; 712 713 nla_nest_end(skb, nest); 714 715 nlh->nlmsg_len = skb_tail_pointer(skb) - b; 716 return skb->len; 717 718 out_nlmsg_trim: 719 nlmsg_trim(skb, b); 720 return -1; 721 } 722 723 static int 724 act_get_notify(struct net *net, u32 portid, struct nlmsghdr *n, 725 struct list_head *actions, int event) 726 { 727 struct sk_buff *skb; 728 729 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL); 730 if (!skb) 731 return -ENOBUFS; 732 if (tca_get_fill(skb, actions, portid, n->nlmsg_seq, 0, event, 733 0, 0) <= 0) { 734 kfree_skb(skb); 735 return -EINVAL; 736 } 737 738 return rtnl_unicast(skb, net, portid); 739 } 740 741 static struct tc_action *tcf_action_get_1(struct net *net, struct nlattr *nla, 742 struct nlmsghdr *n, u32 portid) 743 { 744 struct nlattr *tb[TCA_ACT_MAX + 1]; 745 const struct tc_action_ops *ops; 746 struct tc_action *a; 747 int index; 748 int err; 749 750 err = nla_parse_nested(tb, TCA_ACT_MAX, nla, NULL); 751 if (err < 0) 752 goto err_out; 753 754 err = -EINVAL; 755 if (tb[TCA_ACT_INDEX] == NULL || 756 nla_len(tb[TCA_ACT_INDEX]) < sizeof(index)) 757 goto err_out; 758 index = nla_get_u32(tb[TCA_ACT_INDEX]); 759 760 err = -EINVAL; 761 ops = tc_lookup_action(tb[TCA_ACT_KIND]); 762 if (!ops) /* could happen in batch of actions */ 763 goto err_out; 764 err = -ENOENT; 765 if (ops->lookup(net, &a, index) == 0) 766 goto err_mod; 767 768 module_put(ops->owner); 769 return a; 770 771 err_mod: 772 module_put(ops->owner); 773 err_out: 774 return ERR_PTR(err); 775 } 776 777 static int tca_action_flush(struct net *net, struct nlattr *nla, 778 struct nlmsghdr *n, u32 portid) 779 { 780 struct sk_buff *skb; 781 unsigned char *b; 782 struct nlmsghdr *nlh; 783 struct tcamsg *t; 784 struct netlink_callback dcb; 785 struct nlattr *nest; 786 struct nlattr *tb[TCA_ACT_MAX + 1]; 787 const struct tc_action_ops *ops; 788 struct nlattr *kind; 789 int err = -ENOMEM; 790 791 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL); 792 if (!skb) { 793 pr_debug("tca_action_flush: failed skb alloc\n"); 794 return err; 795 } 796 797 b = skb_tail_pointer(skb); 798 799 err = nla_parse_nested(tb, TCA_ACT_MAX, nla, NULL); 800 if (err < 0) 801 goto err_out; 802 803 err = -EINVAL; 804 kind = tb[TCA_ACT_KIND]; 805 ops = tc_lookup_action(kind); 806 if (!ops) /*some idjot trying to flush unknown action */ 807 goto err_out; 808 809 nlh = nlmsg_put(skb, portid, n->nlmsg_seq, RTM_DELACTION, 810 sizeof(*t), 0); 811 if (!nlh) 812 goto out_module_put; 813 t = nlmsg_data(nlh); 814 t->tca_family = AF_UNSPEC; 815 t->tca__pad1 = 0; 816 t->tca__pad2 = 0; 817 818 nest = nla_nest_start(skb, TCA_ACT_TAB); 819 if (nest == NULL) 820 goto out_module_put; 821 822 err = ops->walk(net, skb, &dcb, RTM_DELACTION, ops); 823 if (err < 0) 824 goto out_module_put; 825 if (err == 0) 826 goto noflush_out; 827 828 nla_nest_end(skb, nest); 829 830 nlh->nlmsg_len = skb_tail_pointer(skb) - b; 831 nlh->nlmsg_flags |= NLM_F_ROOT; 832 module_put(ops->owner); 833 err = rtnetlink_send(skb, net, portid, RTNLGRP_TC, 834 n->nlmsg_flags & NLM_F_ECHO); 835 if (err > 0) 836 return 0; 837 838 return err; 839 840 out_module_put: 841 module_put(ops->owner); 842 err_out: 843 noflush_out: 844 kfree_skb(skb); 845 return err; 846 } 847 848 static int 849 tcf_del_notify(struct net *net, struct nlmsghdr *n, struct list_head *actions, 850 u32 portid) 851 { 852 int ret; 853 struct sk_buff *skb; 854 855 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL); 856 if (!skb) 857 return -ENOBUFS; 858 859 if (tca_get_fill(skb, actions, portid, n->nlmsg_seq, 0, RTM_DELACTION, 860 0, 1) <= 0) { 861 kfree_skb(skb); 862 return -EINVAL; 863 } 864 865 /* now do the delete */ 866 ret = tcf_action_destroy(actions, 0); 867 if (ret < 0) { 868 kfree_skb(skb); 869 return ret; 870 } 871 872 ret = rtnetlink_send(skb, net, portid, RTNLGRP_TC, 873 n->nlmsg_flags & NLM_F_ECHO); 874 if (ret > 0) 875 return 0; 876 return ret; 877 } 878 879 static int 880 tca_action_gd(struct net *net, struct nlattr *nla, struct nlmsghdr *n, 881 u32 portid, int event) 882 { 883 int i, ret; 884 struct nlattr *tb[TCA_ACT_MAX_PRIO + 1]; 885 struct tc_action *act; 886 LIST_HEAD(actions); 887 888 ret = nla_parse_nested(tb, TCA_ACT_MAX_PRIO, nla, NULL); 889 if (ret < 0) 890 return ret; 891 892 if (event == RTM_DELACTION && n->nlmsg_flags & NLM_F_ROOT) { 893 if (tb[1] != NULL) 894 return tca_action_flush(net, tb[1], n, portid); 895 else 896 return -EINVAL; 897 } 898 899 for (i = 1; i <= TCA_ACT_MAX_PRIO && tb[i]; i++) { 900 act = tcf_action_get_1(net, tb[i], n, portid); 901 if (IS_ERR(act)) { 902 ret = PTR_ERR(act); 903 goto err; 904 } 905 act->order = i; 906 if (event == RTM_GETACTION) 907 act->tcfa_refcnt++; 908 list_add_tail(&act->list, &actions); 909 } 910 911 if (event == RTM_GETACTION) 912 ret = act_get_notify(net, portid, n, &actions, event); 913 else { /* delete */ 914 ret = tcf_del_notify(net, n, &actions, portid); 915 if (ret) 916 goto err; 917 return ret; 918 } 919 err: 920 tcf_action_destroy(&actions, 0); 921 return ret; 922 } 923 924 static int 925 tcf_add_notify(struct net *net, struct nlmsghdr *n, struct list_head *actions, 926 u32 portid) 927 { 928 struct sk_buff *skb; 929 int err = 0; 930 931 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL); 932 if (!skb) 933 return -ENOBUFS; 934 935 if (tca_get_fill(skb, actions, portid, n->nlmsg_seq, n->nlmsg_flags, 936 RTM_NEWACTION, 0, 0) <= 0) { 937 kfree_skb(skb); 938 return -EINVAL; 939 } 940 941 err = rtnetlink_send(skb, net, portid, RTNLGRP_TC, 942 n->nlmsg_flags & NLM_F_ECHO); 943 if (err > 0) 944 err = 0; 945 return err; 946 } 947 948 static int tcf_action_add(struct net *net, struct nlattr *nla, 949 struct nlmsghdr *n, u32 portid, int ovr) 950 { 951 int ret = 0; 952 LIST_HEAD(actions); 953 954 ret = tcf_action_init(net, nla, NULL, NULL, ovr, 0, &actions); 955 if (ret) 956 return ret; 957 958 return tcf_add_notify(net, n, &actions, portid); 959 } 960 961 static int tc_ctl_action(struct sk_buff *skb, struct nlmsghdr *n) 962 { 963 struct net *net = sock_net(skb->sk); 964 struct nlattr *tca[TCA_ACT_MAX + 1]; 965 u32 portid = skb ? NETLINK_CB(skb).portid : 0; 966 int ret = 0, ovr = 0; 967 968 if ((n->nlmsg_type != RTM_GETACTION) && 969 !netlink_capable(skb, CAP_NET_ADMIN)) 970 return -EPERM; 971 972 ret = nlmsg_parse(n, sizeof(struct tcamsg), tca, TCA_ACT_MAX, NULL); 973 if (ret < 0) 974 return ret; 975 976 if (tca[TCA_ACT_TAB] == NULL) { 977 pr_notice("tc_ctl_action: received NO action attribs\n"); 978 return -EINVAL; 979 } 980 981 /* n->nlmsg_flags & NLM_F_CREATE */ 982 switch (n->nlmsg_type) { 983 case RTM_NEWACTION: 984 /* we are going to assume all other flags 985 * imply create only if it doesn't exist 986 * Note that CREATE | EXCL implies that 987 * but since we want avoid ambiguity (eg when flags 988 * is zero) then just set this 989 */ 990 if (n->nlmsg_flags & NLM_F_REPLACE) 991 ovr = 1; 992 replay: 993 ret = tcf_action_add(net, tca[TCA_ACT_TAB], n, portid, ovr); 994 if (ret == -EAGAIN) 995 goto replay; 996 break; 997 case RTM_DELACTION: 998 ret = tca_action_gd(net, tca[TCA_ACT_TAB], n, 999 portid, RTM_DELACTION); 1000 break; 1001 case RTM_GETACTION: 1002 ret = tca_action_gd(net, tca[TCA_ACT_TAB], n, 1003 portid, RTM_GETACTION); 1004 break; 1005 default: 1006 BUG(); 1007 } 1008 1009 return ret; 1010 } 1011 1012 static struct nlattr *find_dump_kind(const struct nlmsghdr *n) 1013 { 1014 struct nlattr *tb1, *tb2[TCA_ACT_MAX + 1]; 1015 struct nlattr *tb[TCA_ACT_MAX_PRIO + 1]; 1016 struct nlattr *nla[TCAA_MAX + 1]; 1017 struct nlattr *kind; 1018 1019 if (nlmsg_parse(n, sizeof(struct tcamsg), nla, TCAA_MAX, NULL) < 0) 1020 return NULL; 1021 tb1 = nla[TCA_ACT_TAB]; 1022 if (tb1 == NULL) 1023 return NULL; 1024 1025 if (nla_parse(tb, TCA_ACT_MAX_PRIO, nla_data(tb1), 1026 NLMSG_ALIGN(nla_len(tb1)), NULL) < 0) 1027 return NULL; 1028 1029 if (tb[1] == NULL) 1030 return NULL; 1031 if (nla_parse(tb2, TCA_ACT_MAX, nla_data(tb[1]), 1032 nla_len(tb[1]), NULL) < 0) 1033 return NULL; 1034 kind = tb2[TCA_ACT_KIND]; 1035 1036 return kind; 1037 } 1038 1039 static int tc_dump_action(struct sk_buff *skb, struct netlink_callback *cb) 1040 { 1041 struct net *net = sock_net(skb->sk); 1042 struct nlmsghdr *nlh; 1043 unsigned char *b = skb_tail_pointer(skb); 1044 struct nlattr *nest; 1045 struct tc_action_ops *a_o; 1046 int ret = 0; 1047 struct tcamsg *t = (struct tcamsg *) nlmsg_data(cb->nlh); 1048 struct nlattr *kind = find_dump_kind(cb->nlh); 1049 1050 if (kind == NULL) { 1051 pr_info("tc_dump_action: action bad kind\n"); 1052 return 0; 1053 } 1054 1055 a_o = tc_lookup_action(kind); 1056 if (a_o == NULL) 1057 return 0; 1058 1059 nlh = nlmsg_put(skb, NETLINK_CB(cb->skb).portid, cb->nlh->nlmsg_seq, 1060 cb->nlh->nlmsg_type, sizeof(*t), 0); 1061 if (!nlh) 1062 goto out_module_put; 1063 t = nlmsg_data(nlh); 1064 t->tca_family = AF_UNSPEC; 1065 t->tca__pad1 = 0; 1066 t->tca__pad2 = 0; 1067 1068 nest = nla_nest_start(skb, TCA_ACT_TAB); 1069 if (nest == NULL) 1070 goto out_module_put; 1071 1072 ret = a_o->walk(net, skb, cb, RTM_GETACTION, a_o); 1073 if (ret < 0) 1074 goto out_module_put; 1075 1076 if (ret > 0) { 1077 nla_nest_end(skb, nest); 1078 ret = skb->len; 1079 } else 1080 nlmsg_trim(skb, b); 1081 1082 nlh->nlmsg_len = skb_tail_pointer(skb) - b; 1083 if (NETLINK_CB(cb->skb).portid && ret) 1084 nlh->nlmsg_flags |= NLM_F_MULTI; 1085 module_put(a_o->owner); 1086 return skb->len; 1087 1088 out_module_put: 1089 module_put(a_o->owner); 1090 nlmsg_trim(skb, b); 1091 return skb->len; 1092 } 1093 1094 static int __init tc_action_init(void) 1095 { 1096 rtnl_register(PF_UNSPEC, RTM_NEWACTION, tc_ctl_action, NULL, NULL); 1097 rtnl_register(PF_UNSPEC, RTM_DELACTION, tc_ctl_action, NULL, NULL); 1098 rtnl_register(PF_UNSPEC, RTM_GETACTION, tc_ctl_action, tc_dump_action, 1099 NULL); 1100 1101 return 0; 1102 } 1103 1104 subsys_initcall(tc_action_init); 1105