1 /* 2 * net/sched/act_api.c Packet action API. 3 * 4 * This program is free software; you can redistribute it and/or 5 * modify it under the terms of the GNU General Public License 6 * as published by the Free Software Foundation; either version 7 * 2 of the License, or (at your option) any later version. 8 * 9 * Author: Jamal Hadi Salim 10 * 11 * 12 */ 13 14 #include <linux/types.h> 15 #include <linux/kernel.h> 16 #include <linux/string.h> 17 #include <linux/errno.h> 18 #include <linux/slab.h> 19 #include <linux/skbuff.h> 20 #include <linux/init.h> 21 #include <linux/kmod.h> 22 #include <linux/err.h> 23 #include <linux/module.h> 24 #include <net/net_namespace.h> 25 #include <net/sock.h> 26 #include <net/sch_generic.h> 27 #include <net/pkt_cls.h> 28 #include <net/act_api.h> 29 #include <net/netlink.h> 30 31 static int tcf_action_goto_chain_init(struct tc_action *a, struct tcf_proto *tp) 32 { 33 u32 chain_index = a->tcfa_action & TC_ACT_EXT_VAL_MASK; 34 35 if (!tp) 36 return -EINVAL; 37 a->goto_chain = tcf_chain_get(tp->chain->block, chain_index, true); 38 if (!a->goto_chain) 39 return -ENOMEM; 40 return 0; 41 } 42 43 static void tcf_action_goto_chain_fini(struct tc_action *a) 44 { 45 tcf_chain_put(a->goto_chain); 46 } 47 48 static void tcf_action_goto_chain_exec(const struct tc_action *a, 49 struct tcf_result *res) 50 { 51 const struct tcf_chain *chain = a->goto_chain; 52 53 res->goto_tp = rcu_dereference_bh(chain->filter_chain); 54 } 55 56 static void free_tcf(struct rcu_head *head) 57 { 58 struct tc_action *p = container_of(head, struct tc_action, tcfa_rcu); 59 60 free_percpu(p->cpu_bstats); 61 free_percpu(p->cpu_qstats); 62 63 if (p->act_cookie) { 64 kfree(p->act_cookie->data); 65 kfree(p->act_cookie); 66 } 67 if (p->goto_chain) 68 tcf_action_goto_chain_fini(p); 69 70 kfree(p); 71 } 72 73 static void tcf_hash_destroy(struct tcf_hashinfo *hinfo, struct tc_action *p) 74 { 75 spin_lock_bh(&hinfo->lock); 76 hlist_del(&p->tcfa_head); 77 spin_unlock_bh(&hinfo->lock); 78 gen_kill_estimator(&p->tcfa_rate_est); 79 /* 80 * gen_estimator est_timer() might access p->tcfa_lock 81 * or bstats, wait a RCU grace period before freeing p 82 */ 83 call_rcu(&p->tcfa_rcu, free_tcf); 84 } 85 86 int __tcf_hash_release(struct tc_action *p, bool bind, bool strict) 87 { 88 int ret = 0; 89 90 if (p) { 91 if (bind) 92 p->tcfa_bindcnt--; 93 else if (strict && p->tcfa_bindcnt > 0) 94 return -EPERM; 95 96 p->tcfa_refcnt--; 97 if (p->tcfa_bindcnt <= 0 && p->tcfa_refcnt <= 0) { 98 if (p->ops->cleanup) 99 p->ops->cleanup(p, bind); 100 tcf_hash_destroy(p->hinfo, p); 101 ret = ACT_P_DELETED; 102 } 103 } 104 105 return ret; 106 } 107 EXPORT_SYMBOL(__tcf_hash_release); 108 109 static int tcf_dump_walker(struct tcf_hashinfo *hinfo, struct sk_buff *skb, 110 struct netlink_callback *cb) 111 { 112 int err = 0, index = -1, i = 0, s_i = 0, n_i = 0; 113 struct nlattr *nest; 114 115 spin_lock_bh(&hinfo->lock); 116 117 s_i = cb->args[0]; 118 119 for (i = 0; i < (hinfo->hmask + 1); i++) { 120 struct hlist_head *head; 121 struct tc_action *p; 122 123 head = &hinfo->htab[tcf_hash(i, hinfo->hmask)]; 124 125 hlist_for_each_entry_rcu(p, head, tcfa_head) { 126 index++; 127 if (index < s_i) 128 continue; 129 130 nest = nla_nest_start(skb, n_i); 131 if (nest == NULL) 132 goto nla_put_failure; 133 err = tcf_action_dump_1(skb, p, 0, 0); 134 if (err < 0) { 135 index--; 136 nlmsg_trim(skb, nest); 137 goto done; 138 } 139 nla_nest_end(skb, nest); 140 n_i++; 141 if (n_i >= TCA_ACT_MAX_PRIO) 142 goto done; 143 } 144 } 145 done: 146 spin_unlock_bh(&hinfo->lock); 147 if (n_i) 148 cb->args[0] += n_i; 149 return n_i; 150 151 nla_put_failure: 152 nla_nest_cancel(skb, nest); 153 goto done; 154 } 155 156 static int tcf_del_walker(struct tcf_hashinfo *hinfo, struct sk_buff *skb, 157 const struct tc_action_ops *ops) 158 { 159 struct nlattr *nest; 160 int i = 0, n_i = 0; 161 int ret = -EINVAL; 162 163 nest = nla_nest_start(skb, 0); 164 if (nest == NULL) 165 goto nla_put_failure; 166 if (nla_put_string(skb, TCA_KIND, ops->kind)) 167 goto nla_put_failure; 168 for (i = 0; i < (hinfo->hmask + 1); i++) { 169 struct hlist_head *head; 170 struct hlist_node *n; 171 struct tc_action *p; 172 173 head = &hinfo->htab[tcf_hash(i, hinfo->hmask)]; 174 hlist_for_each_entry_safe(p, n, head, tcfa_head) { 175 ret = __tcf_hash_release(p, false, true); 176 if (ret == ACT_P_DELETED) { 177 module_put(p->ops->owner); 178 n_i++; 179 } else if (ret < 0) 180 goto nla_put_failure; 181 } 182 } 183 if (nla_put_u32(skb, TCA_FCNT, n_i)) 184 goto nla_put_failure; 185 nla_nest_end(skb, nest); 186 187 return n_i; 188 nla_put_failure: 189 nla_nest_cancel(skb, nest); 190 return ret; 191 } 192 193 int tcf_generic_walker(struct tc_action_net *tn, struct sk_buff *skb, 194 struct netlink_callback *cb, int type, 195 const struct tc_action_ops *ops) 196 { 197 struct tcf_hashinfo *hinfo = tn->hinfo; 198 199 if (type == RTM_DELACTION) { 200 return tcf_del_walker(hinfo, skb, ops); 201 } else if (type == RTM_GETACTION) { 202 return tcf_dump_walker(hinfo, skb, cb); 203 } else { 204 WARN(1, "tcf_generic_walker: unknown action %d\n", type); 205 return -EINVAL; 206 } 207 } 208 EXPORT_SYMBOL(tcf_generic_walker); 209 210 static struct tc_action *tcf_hash_lookup(u32 index, struct tcf_hashinfo *hinfo) 211 { 212 struct tc_action *p = NULL; 213 struct hlist_head *head; 214 215 spin_lock_bh(&hinfo->lock); 216 head = &hinfo->htab[tcf_hash(index, hinfo->hmask)]; 217 hlist_for_each_entry_rcu(p, head, tcfa_head) 218 if (p->tcfa_index == index) 219 break; 220 spin_unlock_bh(&hinfo->lock); 221 222 return p; 223 } 224 225 u32 tcf_hash_new_index(struct tc_action_net *tn) 226 { 227 struct tcf_hashinfo *hinfo = tn->hinfo; 228 u32 val = hinfo->index; 229 230 do { 231 if (++val == 0) 232 val = 1; 233 } while (tcf_hash_lookup(val, hinfo)); 234 235 hinfo->index = val; 236 return val; 237 } 238 EXPORT_SYMBOL(tcf_hash_new_index); 239 240 int tcf_hash_search(struct tc_action_net *tn, struct tc_action **a, u32 index) 241 { 242 struct tcf_hashinfo *hinfo = tn->hinfo; 243 struct tc_action *p = tcf_hash_lookup(index, hinfo); 244 245 if (p) { 246 *a = p; 247 return 1; 248 } 249 return 0; 250 } 251 EXPORT_SYMBOL(tcf_hash_search); 252 253 bool tcf_hash_check(struct tc_action_net *tn, u32 index, struct tc_action **a, 254 int bind) 255 { 256 struct tcf_hashinfo *hinfo = tn->hinfo; 257 struct tc_action *p = NULL; 258 259 if (index && (p = tcf_hash_lookup(index, hinfo)) != NULL) { 260 if (bind) 261 p->tcfa_bindcnt++; 262 p->tcfa_refcnt++; 263 *a = p; 264 return true; 265 } 266 return false; 267 } 268 EXPORT_SYMBOL(tcf_hash_check); 269 270 void tcf_hash_cleanup(struct tc_action *a, struct nlattr *est) 271 { 272 if (est) 273 gen_kill_estimator(&a->tcfa_rate_est); 274 call_rcu(&a->tcfa_rcu, free_tcf); 275 } 276 EXPORT_SYMBOL(tcf_hash_cleanup); 277 278 int tcf_hash_create(struct tc_action_net *tn, u32 index, struct nlattr *est, 279 struct tc_action **a, const struct tc_action_ops *ops, 280 int bind, bool cpustats) 281 { 282 struct tc_action *p = kzalloc(ops->size, GFP_KERNEL); 283 struct tcf_hashinfo *hinfo = tn->hinfo; 284 int err = -ENOMEM; 285 286 if (unlikely(!p)) 287 return -ENOMEM; 288 p->tcfa_refcnt = 1; 289 if (bind) 290 p->tcfa_bindcnt = 1; 291 292 if (cpustats) { 293 p->cpu_bstats = netdev_alloc_pcpu_stats(struct gnet_stats_basic_cpu); 294 if (!p->cpu_bstats) { 295 err1: 296 kfree(p); 297 return err; 298 } 299 p->cpu_qstats = alloc_percpu(struct gnet_stats_queue); 300 if (!p->cpu_qstats) { 301 err2: 302 free_percpu(p->cpu_bstats); 303 goto err1; 304 } 305 } 306 spin_lock_init(&p->tcfa_lock); 307 INIT_HLIST_NODE(&p->tcfa_head); 308 p->tcfa_index = index ? index : tcf_hash_new_index(tn); 309 p->tcfa_tm.install = jiffies; 310 p->tcfa_tm.lastuse = jiffies; 311 p->tcfa_tm.firstuse = 0; 312 if (est) { 313 err = gen_new_estimator(&p->tcfa_bstats, p->cpu_bstats, 314 &p->tcfa_rate_est, 315 &p->tcfa_lock, NULL, est); 316 if (err) { 317 free_percpu(p->cpu_qstats); 318 goto err2; 319 } 320 } 321 322 p->hinfo = hinfo; 323 p->ops = ops; 324 INIT_LIST_HEAD(&p->list); 325 *a = p; 326 return 0; 327 } 328 EXPORT_SYMBOL(tcf_hash_create); 329 330 void tcf_hash_insert(struct tc_action_net *tn, struct tc_action *a) 331 { 332 struct tcf_hashinfo *hinfo = tn->hinfo; 333 unsigned int h = tcf_hash(a->tcfa_index, hinfo->hmask); 334 335 spin_lock_bh(&hinfo->lock); 336 hlist_add_head(&a->tcfa_head, &hinfo->htab[h]); 337 spin_unlock_bh(&hinfo->lock); 338 } 339 EXPORT_SYMBOL(tcf_hash_insert); 340 341 void tcf_hashinfo_destroy(const struct tc_action_ops *ops, 342 struct tcf_hashinfo *hinfo) 343 { 344 int i; 345 346 for (i = 0; i < hinfo->hmask + 1; i++) { 347 struct tc_action *p; 348 struct hlist_node *n; 349 350 hlist_for_each_entry_safe(p, n, &hinfo->htab[i], tcfa_head) { 351 int ret; 352 353 ret = __tcf_hash_release(p, false, true); 354 if (ret == ACT_P_DELETED) 355 module_put(ops->owner); 356 else if (ret < 0) 357 return; 358 } 359 } 360 kfree(hinfo->htab); 361 } 362 EXPORT_SYMBOL(tcf_hashinfo_destroy); 363 364 static LIST_HEAD(act_base); 365 static DEFINE_RWLOCK(act_mod_lock); 366 367 int tcf_register_action(struct tc_action_ops *act, 368 struct pernet_operations *ops) 369 { 370 struct tc_action_ops *a; 371 int ret; 372 373 if (!act->act || !act->dump || !act->init || !act->walk || !act->lookup) 374 return -EINVAL; 375 376 /* We have to register pernet ops before making the action ops visible, 377 * otherwise tcf_action_init_1() could get a partially initialized 378 * netns. 379 */ 380 ret = register_pernet_subsys(ops); 381 if (ret) 382 return ret; 383 384 write_lock(&act_mod_lock); 385 list_for_each_entry(a, &act_base, head) { 386 if (act->type == a->type || (strcmp(act->kind, a->kind) == 0)) { 387 write_unlock(&act_mod_lock); 388 unregister_pernet_subsys(ops); 389 return -EEXIST; 390 } 391 } 392 list_add_tail(&act->head, &act_base); 393 write_unlock(&act_mod_lock); 394 395 return 0; 396 } 397 EXPORT_SYMBOL(tcf_register_action); 398 399 int tcf_unregister_action(struct tc_action_ops *act, 400 struct pernet_operations *ops) 401 { 402 struct tc_action_ops *a; 403 int err = -ENOENT; 404 405 write_lock(&act_mod_lock); 406 list_for_each_entry(a, &act_base, head) { 407 if (a == act) { 408 list_del(&act->head); 409 err = 0; 410 break; 411 } 412 } 413 write_unlock(&act_mod_lock); 414 if (!err) 415 unregister_pernet_subsys(ops); 416 return err; 417 } 418 EXPORT_SYMBOL(tcf_unregister_action); 419 420 /* lookup by name */ 421 static struct tc_action_ops *tc_lookup_action_n(char *kind) 422 { 423 struct tc_action_ops *a, *res = NULL; 424 425 if (kind) { 426 read_lock(&act_mod_lock); 427 list_for_each_entry(a, &act_base, head) { 428 if (strcmp(kind, a->kind) == 0) { 429 if (try_module_get(a->owner)) 430 res = a; 431 break; 432 } 433 } 434 read_unlock(&act_mod_lock); 435 } 436 return res; 437 } 438 439 /* lookup by nlattr */ 440 static struct tc_action_ops *tc_lookup_action(struct nlattr *kind) 441 { 442 struct tc_action_ops *a, *res = NULL; 443 444 if (kind) { 445 read_lock(&act_mod_lock); 446 list_for_each_entry(a, &act_base, head) { 447 if (nla_strcmp(kind, a->kind) == 0) { 448 if (try_module_get(a->owner)) 449 res = a; 450 break; 451 } 452 } 453 read_unlock(&act_mod_lock); 454 } 455 return res; 456 } 457 458 /*TCA_ACT_MAX_PRIO is 32, there count upto 32 */ 459 #define TCA_ACT_MAX_PRIO_MASK 0x1FF 460 int tcf_action_exec(struct sk_buff *skb, struct tc_action **actions, 461 int nr_actions, struct tcf_result *res) 462 { 463 int ret = -1, i; 464 u32 jmp_prgcnt = 0; 465 u32 jmp_ttl = TCA_ACT_MAX_PRIO; /*matches actions per filter */ 466 467 if (skb_skip_tc_classify(skb)) 468 return TC_ACT_OK; 469 470 restart_act_graph: 471 for (i = 0; i < nr_actions; i++) { 472 const struct tc_action *a = actions[i]; 473 474 if (jmp_prgcnt > 0) { 475 jmp_prgcnt -= 1; 476 continue; 477 } 478 repeat: 479 ret = a->ops->act(skb, a, res); 480 if (ret == TC_ACT_REPEAT) 481 goto repeat; /* we need a ttl - JHS */ 482 483 if (TC_ACT_EXT_CMP(ret, TC_ACT_JUMP)) { 484 jmp_prgcnt = ret & TCA_ACT_MAX_PRIO_MASK; 485 if (!jmp_prgcnt || (jmp_prgcnt > nr_actions)) { 486 /* faulty opcode, stop pipeline */ 487 return TC_ACT_OK; 488 } else { 489 jmp_ttl -= 1; 490 if (jmp_ttl > 0) 491 goto restart_act_graph; 492 else /* faulty graph, stop pipeline */ 493 return TC_ACT_OK; 494 } 495 } else if (TC_ACT_EXT_CMP(ret, TC_ACT_GOTO_CHAIN)) { 496 tcf_action_goto_chain_exec(a, res); 497 } 498 499 if (ret != TC_ACT_PIPE) 500 break; 501 } 502 503 return ret; 504 } 505 EXPORT_SYMBOL(tcf_action_exec); 506 507 int tcf_action_destroy(struct list_head *actions, int bind) 508 { 509 struct tc_action *a, *tmp; 510 int ret = 0; 511 512 list_for_each_entry_safe(a, tmp, actions, list) { 513 ret = __tcf_hash_release(a, bind, true); 514 if (ret == ACT_P_DELETED) 515 module_put(a->ops->owner); 516 else if (ret < 0) 517 return ret; 518 } 519 return ret; 520 } 521 522 int 523 tcf_action_dump_old(struct sk_buff *skb, struct tc_action *a, int bind, int ref) 524 { 525 return a->ops->dump(skb, a, bind, ref); 526 } 527 528 int 529 tcf_action_dump_1(struct sk_buff *skb, struct tc_action *a, int bind, int ref) 530 { 531 int err = -EINVAL; 532 unsigned char *b = skb_tail_pointer(skb); 533 struct nlattr *nest; 534 535 if (nla_put_string(skb, TCA_KIND, a->ops->kind)) 536 goto nla_put_failure; 537 if (tcf_action_copy_stats(skb, a, 0)) 538 goto nla_put_failure; 539 if (a->act_cookie) { 540 if (nla_put(skb, TCA_ACT_COOKIE, a->act_cookie->len, 541 a->act_cookie->data)) 542 goto nla_put_failure; 543 } 544 545 nest = nla_nest_start(skb, TCA_OPTIONS); 546 if (nest == NULL) 547 goto nla_put_failure; 548 err = tcf_action_dump_old(skb, a, bind, ref); 549 if (err > 0) { 550 nla_nest_end(skb, nest); 551 return err; 552 } 553 554 nla_put_failure: 555 nlmsg_trim(skb, b); 556 return -1; 557 } 558 EXPORT_SYMBOL(tcf_action_dump_1); 559 560 int tcf_action_dump(struct sk_buff *skb, struct list_head *actions, 561 int bind, int ref) 562 { 563 struct tc_action *a; 564 int err = -EINVAL; 565 struct nlattr *nest; 566 567 list_for_each_entry(a, actions, list) { 568 nest = nla_nest_start(skb, a->order); 569 if (nest == NULL) 570 goto nla_put_failure; 571 err = tcf_action_dump_1(skb, a, bind, ref); 572 if (err < 0) 573 goto errout; 574 nla_nest_end(skb, nest); 575 } 576 577 return 0; 578 579 nla_put_failure: 580 err = -EINVAL; 581 errout: 582 nla_nest_cancel(skb, nest); 583 return err; 584 } 585 586 static struct tc_cookie *nla_memdup_cookie(struct nlattr **tb) 587 { 588 struct tc_cookie *c = kzalloc(sizeof(*c), GFP_KERNEL); 589 if (!c) 590 return NULL; 591 592 c->data = nla_memdup(tb[TCA_ACT_COOKIE], GFP_KERNEL); 593 if (!c->data) { 594 kfree(c); 595 return NULL; 596 } 597 c->len = nla_len(tb[TCA_ACT_COOKIE]); 598 599 return c; 600 } 601 602 struct tc_action *tcf_action_init_1(struct net *net, struct tcf_proto *tp, 603 struct nlattr *nla, struct nlattr *est, 604 char *name, int ovr, int bind) 605 { 606 struct tc_action *a; 607 struct tc_action_ops *a_o; 608 struct tc_cookie *cookie = NULL; 609 char act_name[IFNAMSIZ]; 610 struct nlattr *tb[TCA_ACT_MAX + 1]; 611 struct nlattr *kind; 612 int err; 613 614 if (name == NULL) { 615 err = nla_parse_nested(tb, TCA_ACT_MAX, nla, NULL, NULL); 616 if (err < 0) 617 goto err_out; 618 err = -EINVAL; 619 kind = tb[TCA_ACT_KIND]; 620 if (kind == NULL) 621 goto err_out; 622 if (nla_strlcpy(act_name, kind, IFNAMSIZ) >= IFNAMSIZ) 623 goto err_out; 624 if (tb[TCA_ACT_COOKIE]) { 625 int cklen = nla_len(tb[TCA_ACT_COOKIE]); 626 627 if (cklen > TC_COOKIE_MAX_SIZE) 628 goto err_out; 629 630 cookie = nla_memdup_cookie(tb); 631 if (!cookie) { 632 err = -ENOMEM; 633 goto err_out; 634 } 635 } 636 } else { 637 err = -EINVAL; 638 if (strlcpy(act_name, name, IFNAMSIZ) >= IFNAMSIZ) 639 goto err_out; 640 } 641 642 a_o = tc_lookup_action_n(act_name); 643 if (a_o == NULL) { 644 #ifdef CONFIG_MODULES 645 rtnl_unlock(); 646 request_module("act_%s", act_name); 647 rtnl_lock(); 648 649 a_o = tc_lookup_action_n(act_name); 650 651 /* We dropped the RTNL semaphore in order to 652 * perform the module load. So, even if we 653 * succeeded in loading the module we have to 654 * tell the caller to replay the request. We 655 * indicate this using -EAGAIN. 656 */ 657 if (a_o != NULL) { 658 err = -EAGAIN; 659 goto err_mod; 660 } 661 #endif 662 err = -ENOENT; 663 goto err_out; 664 } 665 666 /* backward compatibility for policer */ 667 if (name == NULL) 668 err = a_o->init(net, tb[TCA_ACT_OPTIONS], est, &a, ovr, bind); 669 else 670 err = a_o->init(net, nla, est, &a, ovr, bind); 671 if (err < 0) 672 goto err_mod; 673 674 if (name == NULL && tb[TCA_ACT_COOKIE]) { 675 if (a->act_cookie) { 676 kfree(a->act_cookie->data); 677 kfree(a->act_cookie); 678 } 679 a->act_cookie = cookie; 680 } 681 682 /* module count goes up only when brand new policy is created 683 * if it exists and is only bound to in a_o->init() then 684 * ACT_P_CREATED is not returned (a zero is). 685 */ 686 if (err != ACT_P_CREATED) 687 module_put(a_o->owner); 688 689 if (TC_ACT_EXT_CMP(a->tcfa_action, TC_ACT_GOTO_CHAIN)) { 690 err = tcf_action_goto_chain_init(a, tp); 691 if (err) { 692 LIST_HEAD(actions); 693 694 list_add_tail(&a->list, &actions); 695 tcf_action_destroy(&actions, bind); 696 return ERR_PTR(err); 697 } 698 } 699 700 return a; 701 702 err_mod: 703 module_put(a_o->owner); 704 err_out: 705 if (cookie) { 706 kfree(cookie->data); 707 kfree(cookie); 708 } 709 return ERR_PTR(err); 710 } 711 712 static void cleanup_a(struct list_head *actions, int ovr) 713 { 714 struct tc_action *a; 715 716 if (!ovr) 717 return; 718 719 list_for_each_entry(a, actions, list) 720 a->tcfa_refcnt--; 721 } 722 723 int tcf_action_init(struct net *net, struct tcf_proto *tp, struct nlattr *nla, 724 struct nlattr *est, char *name, int ovr, int bind, 725 struct list_head *actions) 726 { 727 struct nlattr *tb[TCA_ACT_MAX_PRIO + 1]; 728 struct tc_action *act; 729 int err; 730 int i; 731 732 err = nla_parse_nested(tb, TCA_ACT_MAX_PRIO, nla, NULL, NULL); 733 if (err < 0) 734 return err; 735 736 for (i = 1; i <= TCA_ACT_MAX_PRIO && tb[i]; i++) { 737 act = tcf_action_init_1(net, tp, tb[i], est, name, ovr, bind); 738 if (IS_ERR(act)) { 739 err = PTR_ERR(act); 740 goto err; 741 } 742 act->order = i; 743 if (ovr) 744 act->tcfa_refcnt++; 745 list_add_tail(&act->list, actions); 746 } 747 748 /* Remove the temp refcnt which was necessary to protect against 749 * destroying an existing action which was being replaced 750 */ 751 cleanup_a(actions, ovr); 752 return 0; 753 754 err: 755 tcf_action_destroy(actions, bind); 756 return err; 757 } 758 759 int tcf_action_copy_stats(struct sk_buff *skb, struct tc_action *p, 760 int compat_mode) 761 { 762 int err = 0; 763 struct gnet_dump d; 764 765 if (p == NULL) 766 goto errout; 767 768 /* compat_mode being true specifies a call that is supposed 769 * to add additional backward compatibility statistic TLVs. 770 */ 771 if (compat_mode) { 772 if (p->type == TCA_OLD_COMPAT) 773 err = gnet_stats_start_copy_compat(skb, 0, 774 TCA_STATS, 775 TCA_XSTATS, 776 &p->tcfa_lock, &d, 777 TCA_PAD); 778 else 779 return 0; 780 } else 781 err = gnet_stats_start_copy(skb, TCA_ACT_STATS, 782 &p->tcfa_lock, &d, TCA_ACT_PAD); 783 784 if (err < 0) 785 goto errout; 786 787 if (gnet_stats_copy_basic(NULL, &d, p->cpu_bstats, &p->tcfa_bstats) < 0 || 788 gnet_stats_copy_rate_est(&d, &p->tcfa_rate_est) < 0 || 789 gnet_stats_copy_queue(&d, p->cpu_qstats, 790 &p->tcfa_qstats, 791 p->tcfa_qstats.qlen) < 0) 792 goto errout; 793 794 if (gnet_stats_finish_copy(&d) < 0) 795 goto errout; 796 797 return 0; 798 799 errout: 800 return -1; 801 } 802 803 static int tca_get_fill(struct sk_buff *skb, struct list_head *actions, 804 u32 portid, u32 seq, u16 flags, int event, int bind, 805 int ref) 806 { 807 struct tcamsg *t; 808 struct nlmsghdr *nlh; 809 unsigned char *b = skb_tail_pointer(skb); 810 struct nlattr *nest; 811 812 nlh = nlmsg_put(skb, portid, seq, event, sizeof(*t), flags); 813 if (!nlh) 814 goto out_nlmsg_trim; 815 t = nlmsg_data(nlh); 816 t->tca_family = AF_UNSPEC; 817 t->tca__pad1 = 0; 818 t->tca__pad2 = 0; 819 820 nest = nla_nest_start(skb, TCA_ACT_TAB); 821 if (nest == NULL) 822 goto out_nlmsg_trim; 823 824 if (tcf_action_dump(skb, actions, bind, ref) < 0) 825 goto out_nlmsg_trim; 826 827 nla_nest_end(skb, nest); 828 829 nlh->nlmsg_len = skb_tail_pointer(skb) - b; 830 return skb->len; 831 832 out_nlmsg_trim: 833 nlmsg_trim(skb, b); 834 return -1; 835 } 836 837 static int 838 act_get_notify(struct net *net, u32 portid, struct nlmsghdr *n, 839 struct list_head *actions, int event) 840 { 841 struct sk_buff *skb; 842 843 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL); 844 if (!skb) 845 return -ENOBUFS; 846 if (tca_get_fill(skb, actions, portid, n->nlmsg_seq, 0, event, 847 0, 0) <= 0) { 848 kfree_skb(skb); 849 return -EINVAL; 850 } 851 852 return rtnl_unicast(skb, net, portid); 853 } 854 855 static struct tc_action *tcf_action_get_1(struct net *net, struct nlattr *nla, 856 struct nlmsghdr *n, u32 portid) 857 { 858 struct nlattr *tb[TCA_ACT_MAX + 1]; 859 const struct tc_action_ops *ops; 860 struct tc_action *a; 861 int index; 862 int err; 863 864 err = nla_parse_nested(tb, TCA_ACT_MAX, nla, NULL, NULL); 865 if (err < 0) 866 goto err_out; 867 868 err = -EINVAL; 869 if (tb[TCA_ACT_INDEX] == NULL || 870 nla_len(tb[TCA_ACT_INDEX]) < sizeof(index)) 871 goto err_out; 872 index = nla_get_u32(tb[TCA_ACT_INDEX]); 873 874 err = -EINVAL; 875 ops = tc_lookup_action(tb[TCA_ACT_KIND]); 876 if (!ops) /* could happen in batch of actions */ 877 goto err_out; 878 err = -ENOENT; 879 if (ops->lookup(net, &a, index) == 0) 880 goto err_mod; 881 882 module_put(ops->owner); 883 return a; 884 885 err_mod: 886 module_put(ops->owner); 887 err_out: 888 return ERR_PTR(err); 889 } 890 891 static int tca_action_flush(struct net *net, struct nlattr *nla, 892 struct nlmsghdr *n, u32 portid) 893 { 894 struct sk_buff *skb; 895 unsigned char *b; 896 struct nlmsghdr *nlh; 897 struct tcamsg *t; 898 struct netlink_callback dcb; 899 struct nlattr *nest; 900 struct nlattr *tb[TCA_ACT_MAX + 1]; 901 const struct tc_action_ops *ops; 902 struct nlattr *kind; 903 int err = -ENOMEM; 904 905 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL); 906 if (!skb) { 907 pr_debug("tca_action_flush: failed skb alloc\n"); 908 return err; 909 } 910 911 b = skb_tail_pointer(skb); 912 913 err = nla_parse_nested(tb, TCA_ACT_MAX, nla, NULL, NULL); 914 if (err < 0) 915 goto err_out; 916 917 err = -EINVAL; 918 kind = tb[TCA_ACT_KIND]; 919 ops = tc_lookup_action(kind); 920 if (!ops) /*some idjot trying to flush unknown action */ 921 goto err_out; 922 923 nlh = nlmsg_put(skb, portid, n->nlmsg_seq, RTM_DELACTION, 924 sizeof(*t), 0); 925 if (!nlh) 926 goto out_module_put; 927 t = nlmsg_data(nlh); 928 t->tca_family = AF_UNSPEC; 929 t->tca__pad1 = 0; 930 t->tca__pad2 = 0; 931 932 nest = nla_nest_start(skb, TCA_ACT_TAB); 933 if (nest == NULL) 934 goto out_module_put; 935 936 err = ops->walk(net, skb, &dcb, RTM_DELACTION, ops); 937 if (err <= 0) 938 goto out_module_put; 939 940 nla_nest_end(skb, nest); 941 942 nlh->nlmsg_len = skb_tail_pointer(skb) - b; 943 nlh->nlmsg_flags |= NLM_F_ROOT; 944 module_put(ops->owner); 945 err = rtnetlink_send(skb, net, portid, RTNLGRP_TC, 946 n->nlmsg_flags & NLM_F_ECHO); 947 if (err > 0) 948 return 0; 949 950 return err; 951 952 out_module_put: 953 module_put(ops->owner); 954 err_out: 955 kfree_skb(skb); 956 return err; 957 } 958 959 static int 960 tcf_del_notify(struct net *net, struct nlmsghdr *n, struct list_head *actions, 961 u32 portid) 962 { 963 int ret; 964 struct sk_buff *skb; 965 966 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL); 967 if (!skb) 968 return -ENOBUFS; 969 970 if (tca_get_fill(skb, actions, portid, n->nlmsg_seq, 0, RTM_DELACTION, 971 0, 1) <= 0) { 972 kfree_skb(skb); 973 return -EINVAL; 974 } 975 976 /* now do the delete */ 977 ret = tcf_action_destroy(actions, 0); 978 if (ret < 0) { 979 kfree_skb(skb); 980 return ret; 981 } 982 983 ret = rtnetlink_send(skb, net, portid, RTNLGRP_TC, 984 n->nlmsg_flags & NLM_F_ECHO); 985 if (ret > 0) 986 return 0; 987 return ret; 988 } 989 990 static int 991 tca_action_gd(struct net *net, struct nlattr *nla, struct nlmsghdr *n, 992 u32 portid, int event) 993 { 994 int i, ret; 995 struct nlattr *tb[TCA_ACT_MAX_PRIO + 1]; 996 struct tc_action *act; 997 LIST_HEAD(actions); 998 999 ret = nla_parse_nested(tb, TCA_ACT_MAX_PRIO, nla, NULL, NULL); 1000 if (ret < 0) 1001 return ret; 1002 1003 if (event == RTM_DELACTION && n->nlmsg_flags & NLM_F_ROOT) { 1004 if (tb[1] != NULL) 1005 return tca_action_flush(net, tb[1], n, portid); 1006 else 1007 return -EINVAL; 1008 } 1009 1010 for (i = 1; i <= TCA_ACT_MAX_PRIO && tb[i]; i++) { 1011 act = tcf_action_get_1(net, tb[i], n, portid); 1012 if (IS_ERR(act)) { 1013 ret = PTR_ERR(act); 1014 goto err; 1015 } 1016 act->order = i; 1017 list_add_tail(&act->list, &actions); 1018 } 1019 1020 if (event == RTM_GETACTION) 1021 ret = act_get_notify(net, portid, n, &actions, event); 1022 else { /* delete */ 1023 ret = tcf_del_notify(net, n, &actions, portid); 1024 if (ret) 1025 goto err; 1026 return ret; 1027 } 1028 err: 1029 if (event != RTM_GETACTION) 1030 tcf_action_destroy(&actions, 0); 1031 return ret; 1032 } 1033 1034 static int 1035 tcf_add_notify(struct net *net, struct nlmsghdr *n, struct list_head *actions, 1036 u32 portid) 1037 { 1038 struct sk_buff *skb; 1039 int err = 0; 1040 1041 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL); 1042 if (!skb) 1043 return -ENOBUFS; 1044 1045 if (tca_get_fill(skb, actions, portid, n->nlmsg_seq, n->nlmsg_flags, 1046 RTM_NEWACTION, 0, 0) <= 0) { 1047 kfree_skb(skb); 1048 return -EINVAL; 1049 } 1050 1051 err = rtnetlink_send(skb, net, portid, RTNLGRP_TC, 1052 n->nlmsg_flags & NLM_F_ECHO); 1053 if (err > 0) 1054 err = 0; 1055 return err; 1056 } 1057 1058 static int tcf_action_add(struct net *net, struct nlattr *nla, 1059 struct nlmsghdr *n, u32 portid, int ovr) 1060 { 1061 int ret = 0; 1062 LIST_HEAD(actions); 1063 1064 ret = tcf_action_init(net, NULL, nla, NULL, NULL, ovr, 0, &actions); 1065 if (ret) 1066 return ret; 1067 1068 return tcf_add_notify(net, n, &actions, portid); 1069 } 1070 1071 static int tc_ctl_action(struct sk_buff *skb, struct nlmsghdr *n, 1072 struct netlink_ext_ack *extack) 1073 { 1074 struct net *net = sock_net(skb->sk); 1075 struct nlattr *tca[TCA_ACT_MAX + 1]; 1076 u32 portid = skb ? NETLINK_CB(skb).portid : 0; 1077 int ret = 0, ovr = 0; 1078 1079 if ((n->nlmsg_type != RTM_GETACTION) && 1080 !netlink_capable(skb, CAP_NET_ADMIN)) 1081 return -EPERM; 1082 1083 ret = nlmsg_parse(n, sizeof(struct tcamsg), tca, TCA_ACT_MAX, NULL, 1084 extack); 1085 if (ret < 0) 1086 return ret; 1087 1088 if (tca[TCA_ACT_TAB] == NULL) { 1089 pr_notice("tc_ctl_action: received NO action attribs\n"); 1090 return -EINVAL; 1091 } 1092 1093 /* n->nlmsg_flags & NLM_F_CREATE */ 1094 switch (n->nlmsg_type) { 1095 case RTM_NEWACTION: 1096 /* we are going to assume all other flags 1097 * imply create only if it doesn't exist 1098 * Note that CREATE | EXCL implies that 1099 * but since we want avoid ambiguity (eg when flags 1100 * is zero) then just set this 1101 */ 1102 if (n->nlmsg_flags & NLM_F_REPLACE) 1103 ovr = 1; 1104 replay: 1105 ret = tcf_action_add(net, tca[TCA_ACT_TAB], n, portid, ovr); 1106 if (ret == -EAGAIN) 1107 goto replay; 1108 break; 1109 case RTM_DELACTION: 1110 ret = tca_action_gd(net, tca[TCA_ACT_TAB], n, 1111 portid, RTM_DELACTION); 1112 break; 1113 case RTM_GETACTION: 1114 ret = tca_action_gd(net, tca[TCA_ACT_TAB], n, 1115 portid, RTM_GETACTION); 1116 break; 1117 default: 1118 BUG(); 1119 } 1120 1121 return ret; 1122 } 1123 1124 static struct nlattr *find_dump_kind(const struct nlmsghdr *n) 1125 { 1126 struct nlattr *tb1, *tb2[TCA_ACT_MAX + 1]; 1127 struct nlattr *tb[TCA_ACT_MAX_PRIO + 1]; 1128 struct nlattr *nla[TCAA_MAX + 1]; 1129 struct nlattr *kind; 1130 1131 if (nlmsg_parse(n, sizeof(struct tcamsg), nla, TCAA_MAX, 1132 NULL, NULL) < 0) 1133 return NULL; 1134 tb1 = nla[TCA_ACT_TAB]; 1135 if (tb1 == NULL) 1136 return NULL; 1137 1138 if (nla_parse(tb, TCA_ACT_MAX_PRIO, nla_data(tb1), 1139 NLMSG_ALIGN(nla_len(tb1)), NULL, NULL) < 0) 1140 return NULL; 1141 1142 if (tb[1] == NULL) 1143 return NULL; 1144 if (nla_parse_nested(tb2, TCA_ACT_MAX, tb[1], NULL, NULL) < 0) 1145 return NULL; 1146 kind = tb2[TCA_ACT_KIND]; 1147 1148 return kind; 1149 } 1150 1151 static int tc_dump_action(struct sk_buff *skb, struct netlink_callback *cb) 1152 { 1153 struct net *net = sock_net(skb->sk); 1154 struct nlmsghdr *nlh; 1155 unsigned char *b = skb_tail_pointer(skb); 1156 struct nlattr *nest; 1157 struct tc_action_ops *a_o; 1158 int ret = 0; 1159 struct tcamsg *t = (struct tcamsg *) nlmsg_data(cb->nlh); 1160 struct nlattr *kind = find_dump_kind(cb->nlh); 1161 1162 if (kind == NULL) { 1163 pr_info("tc_dump_action: action bad kind\n"); 1164 return 0; 1165 } 1166 1167 a_o = tc_lookup_action(kind); 1168 if (a_o == NULL) 1169 return 0; 1170 1171 nlh = nlmsg_put(skb, NETLINK_CB(cb->skb).portid, cb->nlh->nlmsg_seq, 1172 cb->nlh->nlmsg_type, sizeof(*t), 0); 1173 if (!nlh) 1174 goto out_module_put; 1175 t = nlmsg_data(nlh); 1176 t->tca_family = AF_UNSPEC; 1177 t->tca__pad1 = 0; 1178 t->tca__pad2 = 0; 1179 1180 nest = nla_nest_start(skb, TCA_ACT_TAB); 1181 if (nest == NULL) 1182 goto out_module_put; 1183 1184 ret = a_o->walk(net, skb, cb, RTM_GETACTION, a_o); 1185 if (ret < 0) 1186 goto out_module_put; 1187 1188 if (ret > 0) { 1189 nla_nest_end(skb, nest); 1190 ret = skb->len; 1191 } else 1192 nlmsg_trim(skb, b); 1193 1194 nlh->nlmsg_len = skb_tail_pointer(skb) - b; 1195 if (NETLINK_CB(cb->skb).portid && ret) 1196 nlh->nlmsg_flags |= NLM_F_MULTI; 1197 module_put(a_o->owner); 1198 return skb->len; 1199 1200 out_module_put: 1201 module_put(a_o->owner); 1202 nlmsg_trim(skb, b); 1203 return skb->len; 1204 } 1205 1206 static int __init tc_action_init(void) 1207 { 1208 rtnl_register(PF_UNSPEC, RTM_NEWACTION, tc_ctl_action, NULL, NULL); 1209 rtnl_register(PF_UNSPEC, RTM_DELACTION, tc_ctl_action, NULL, NULL); 1210 rtnl_register(PF_UNSPEC, RTM_GETACTION, tc_ctl_action, tc_dump_action, 1211 NULL); 1212 1213 return 0; 1214 } 1215 1216 subsys_initcall(tc_action_init); 1217