1 /* 2 * net/sched/act_api.c Packet action API. 3 * 4 * This program is free software; you can redistribute it and/or 5 * modify it under the terms of the GNU General Public License 6 * as published by the Free Software Foundation; either version 7 * 2 of the License, or (at your option) any later version. 8 * 9 * Author: Jamal Hadi Salim 10 * 11 * 12 */ 13 14 #include <linux/types.h> 15 #include <linux/kernel.h> 16 #include <linux/string.h> 17 #include <linux/errno.h> 18 #include <linux/slab.h> 19 #include <linux/skbuff.h> 20 #include <linux/init.h> 21 #include <linux/kmod.h> 22 #include <linux/err.h> 23 #include <linux/module.h> 24 #include <net/net_namespace.h> 25 #include <net/sock.h> 26 #include <net/sch_generic.h> 27 #include <net/act_api.h> 28 #include <net/netlink.h> 29 30 static void free_tcf(struct rcu_head *head) 31 { 32 struct tc_action *p = container_of(head, struct tc_action, tcfa_rcu); 33 34 free_percpu(p->cpu_bstats); 35 free_percpu(p->cpu_qstats); 36 kfree(p); 37 } 38 39 static void tcf_hash_destroy(struct tcf_hashinfo *hinfo, struct tc_action *p) 40 { 41 spin_lock_bh(&hinfo->lock); 42 hlist_del(&p->tcfa_head); 43 spin_unlock_bh(&hinfo->lock); 44 gen_kill_estimator(&p->tcfa_bstats, 45 &p->tcfa_rate_est); 46 /* 47 * gen_estimator est_timer() might access p->tcfa_lock 48 * or bstats, wait a RCU grace period before freeing p 49 */ 50 call_rcu(&p->tcfa_rcu, free_tcf); 51 } 52 53 int __tcf_hash_release(struct tc_action *p, bool bind, bool strict) 54 { 55 int ret = 0; 56 57 if (p) { 58 if (bind) 59 p->tcfa_bindcnt--; 60 else if (strict && p->tcfa_bindcnt > 0) 61 return -EPERM; 62 63 p->tcfa_refcnt--; 64 if (p->tcfa_bindcnt <= 0 && p->tcfa_refcnt <= 0) { 65 if (p->ops->cleanup) 66 p->ops->cleanup(p, bind); 67 list_del(&p->list); 68 tcf_hash_destroy(p->hinfo, p); 69 ret = ACT_P_DELETED; 70 } 71 } 72 73 return ret; 74 } 75 EXPORT_SYMBOL(__tcf_hash_release); 76 77 static int tcf_dump_walker(struct tcf_hashinfo *hinfo, struct sk_buff *skb, 78 struct netlink_callback *cb) 79 { 80 int err = 0, index = -1, i = 0, s_i = 0, n_i = 0; 81 struct nlattr *nest; 82 83 spin_lock_bh(&hinfo->lock); 84 85 s_i = cb->args[0]; 86 87 for (i = 0; i < (hinfo->hmask + 1); i++) { 88 struct hlist_head *head; 89 struct tc_action *p; 90 91 head = &hinfo->htab[tcf_hash(i, hinfo->hmask)]; 92 93 hlist_for_each_entry_rcu(p, head, tcfa_head) { 94 index++; 95 if (index < s_i) 96 continue; 97 98 nest = nla_nest_start(skb, n_i); 99 if (nest == NULL) 100 goto nla_put_failure; 101 err = tcf_action_dump_1(skb, p, 0, 0); 102 if (err < 0) { 103 index--; 104 nlmsg_trim(skb, nest); 105 goto done; 106 } 107 nla_nest_end(skb, nest); 108 n_i++; 109 if (n_i >= TCA_ACT_MAX_PRIO) 110 goto done; 111 } 112 } 113 done: 114 spin_unlock_bh(&hinfo->lock); 115 if (n_i) 116 cb->args[0] += n_i; 117 return n_i; 118 119 nla_put_failure: 120 nla_nest_cancel(skb, nest); 121 goto done; 122 } 123 124 static int tcf_del_walker(struct tcf_hashinfo *hinfo, struct sk_buff *skb, 125 const struct tc_action_ops *ops) 126 { 127 struct nlattr *nest; 128 int i = 0, n_i = 0; 129 int ret = -EINVAL; 130 131 nest = nla_nest_start(skb, 0); 132 if (nest == NULL) 133 goto nla_put_failure; 134 if (nla_put_string(skb, TCA_KIND, ops->kind)) 135 goto nla_put_failure; 136 for (i = 0; i < (hinfo->hmask + 1); i++) { 137 struct hlist_head *head; 138 struct hlist_node *n; 139 struct tc_action *p; 140 141 head = &hinfo->htab[tcf_hash(i, hinfo->hmask)]; 142 hlist_for_each_entry_safe(p, n, head, tcfa_head) { 143 ret = __tcf_hash_release(p, false, true); 144 if (ret == ACT_P_DELETED) { 145 module_put(p->ops->owner); 146 n_i++; 147 } else if (ret < 0) 148 goto nla_put_failure; 149 } 150 } 151 if (nla_put_u32(skb, TCA_FCNT, n_i)) 152 goto nla_put_failure; 153 nla_nest_end(skb, nest); 154 155 return n_i; 156 nla_put_failure: 157 nla_nest_cancel(skb, nest); 158 return ret; 159 } 160 161 int tcf_generic_walker(struct tc_action_net *tn, struct sk_buff *skb, 162 struct netlink_callback *cb, int type, 163 const struct tc_action_ops *ops) 164 { 165 struct tcf_hashinfo *hinfo = tn->hinfo; 166 167 if (type == RTM_DELACTION) { 168 return tcf_del_walker(hinfo, skb, ops); 169 } else if (type == RTM_GETACTION) { 170 return tcf_dump_walker(hinfo, skb, cb); 171 } else { 172 WARN(1, "tcf_generic_walker: unknown action %d\n", type); 173 return -EINVAL; 174 } 175 } 176 EXPORT_SYMBOL(tcf_generic_walker); 177 178 static struct tc_action *tcf_hash_lookup(u32 index, struct tcf_hashinfo *hinfo) 179 { 180 struct tc_action *p = NULL; 181 struct hlist_head *head; 182 183 spin_lock_bh(&hinfo->lock); 184 head = &hinfo->htab[tcf_hash(index, hinfo->hmask)]; 185 hlist_for_each_entry_rcu(p, head, tcfa_head) 186 if (p->tcfa_index == index) 187 break; 188 spin_unlock_bh(&hinfo->lock); 189 190 return p; 191 } 192 193 u32 tcf_hash_new_index(struct tc_action_net *tn) 194 { 195 struct tcf_hashinfo *hinfo = tn->hinfo; 196 u32 val = hinfo->index; 197 198 do { 199 if (++val == 0) 200 val = 1; 201 } while (tcf_hash_lookup(val, hinfo)); 202 203 hinfo->index = val; 204 return val; 205 } 206 EXPORT_SYMBOL(tcf_hash_new_index); 207 208 int tcf_hash_search(struct tc_action_net *tn, struct tc_action **a, u32 index) 209 { 210 struct tcf_hashinfo *hinfo = tn->hinfo; 211 struct tc_action *p = tcf_hash_lookup(index, hinfo); 212 213 if (p) { 214 *a = p; 215 return 1; 216 } 217 return 0; 218 } 219 EXPORT_SYMBOL(tcf_hash_search); 220 221 bool tcf_hash_check(struct tc_action_net *tn, u32 index, struct tc_action **a, 222 int bind) 223 { 224 struct tcf_hashinfo *hinfo = tn->hinfo; 225 struct tc_action *p = NULL; 226 227 if (index && (p = tcf_hash_lookup(index, hinfo)) != NULL) { 228 if (bind) 229 p->tcfa_bindcnt++; 230 p->tcfa_refcnt++; 231 *a = p; 232 return true; 233 } 234 return false; 235 } 236 EXPORT_SYMBOL(tcf_hash_check); 237 238 void tcf_hash_cleanup(struct tc_action *a, struct nlattr *est) 239 { 240 if (est) 241 gen_kill_estimator(&a->tcfa_bstats, 242 &a->tcfa_rate_est); 243 call_rcu(&a->tcfa_rcu, free_tcf); 244 } 245 EXPORT_SYMBOL(tcf_hash_cleanup); 246 247 int tcf_hash_create(struct tc_action_net *tn, u32 index, struct nlattr *est, 248 struct tc_action **a, const struct tc_action_ops *ops, 249 int bind, bool cpustats) 250 { 251 struct tc_action *p = kzalloc(ops->size, GFP_KERNEL); 252 struct tcf_hashinfo *hinfo = tn->hinfo; 253 int err = -ENOMEM; 254 255 if (unlikely(!p)) 256 return -ENOMEM; 257 p->tcfa_refcnt = 1; 258 if (bind) 259 p->tcfa_bindcnt = 1; 260 261 if (cpustats) { 262 p->cpu_bstats = netdev_alloc_pcpu_stats(struct gnet_stats_basic_cpu); 263 if (!p->cpu_bstats) { 264 err1: 265 kfree(p); 266 return err; 267 } 268 p->cpu_qstats = alloc_percpu(struct gnet_stats_queue); 269 if (!p->cpu_qstats) { 270 err2: 271 free_percpu(p->cpu_bstats); 272 goto err1; 273 } 274 } 275 spin_lock_init(&p->tcfa_lock); 276 INIT_HLIST_NODE(&p->tcfa_head); 277 p->tcfa_index = index ? index : tcf_hash_new_index(tn); 278 p->tcfa_tm.install = jiffies; 279 p->tcfa_tm.lastuse = jiffies; 280 p->tcfa_tm.firstuse = 0; 281 if (est) { 282 err = gen_new_estimator(&p->tcfa_bstats, p->cpu_bstats, 283 &p->tcfa_rate_est, 284 &p->tcfa_lock, NULL, est); 285 if (err) { 286 free_percpu(p->cpu_qstats); 287 goto err2; 288 } 289 } 290 291 p->hinfo = hinfo; 292 p->ops = ops; 293 INIT_LIST_HEAD(&p->list); 294 *a = p; 295 return 0; 296 } 297 EXPORT_SYMBOL(tcf_hash_create); 298 299 void tcf_hash_insert(struct tc_action_net *tn, struct tc_action *a) 300 { 301 struct tcf_hashinfo *hinfo = tn->hinfo; 302 unsigned int h = tcf_hash(a->tcfa_index, hinfo->hmask); 303 304 spin_lock_bh(&hinfo->lock); 305 hlist_add_head(&a->tcfa_head, &hinfo->htab[h]); 306 spin_unlock_bh(&hinfo->lock); 307 } 308 EXPORT_SYMBOL(tcf_hash_insert); 309 310 void tcf_hashinfo_destroy(const struct tc_action_ops *ops, 311 struct tcf_hashinfo *hinfo) 312 { 313 int i; 314 315 for (i = 0; i < hinfo->hmask + 1; i++) { 316 struct tc_action *p; 317 struct hlist_node *n; 318 319 hlist_for_each_entry_safe(p, n, &hinfo->htab[i], tcfa_head) { 320 int ret; 321 322 ret = __tcf_hash_release(p, false, true); 323 if (ret == ACT_P_DELETED) 324 module_put(ops->owner); 325 else if (ret < 0) 326 return; 327 } 328 } 329 kfree(hinfo->htab); 330 } 331 EXPORT_SYMBOL(tcf_hashinfo_destroy); 332 333 static LIST_HEAD(act_base); 334 static DEFINE_RWLOCK(act_mod_lock); 335 336 int tcf_register_action(struct tc_action_ops *act, 337 struct pernet_operations *ops) 338 { 339 struct tc_action_ops *a; 340 int ret; 341 342 if (!act->act || !act->dump || !act->init || !act->walk || !act->lookup) 343 return -EINVAL; 344 345 write_lock(&act_mod_lock); 346 list_for_each_entry(a, &act_base, head) { 347 if (act->type == a->type || (strcmp(act->kind, a->kind) == 0)) { 348 write_unlock(&act_mod_lock); 349 return -EEXIST; 350 } 351 } 352 list_add_tail(&act->head, &act_base); 353 write_unlock(&act_mod_lock); 354 355 ret = register_pernet_subsys(ops); 356 if (ret) { 357 tcf_unregister_action(act, ops); 358 return ret; 359 } 360 361 return 0; 362 } 363 EXPORT_SYMBOL(tcf_register_action); 364 365 int tcf_unregister_action(struct tc_action_ops *act, 366 struct pernet_operations *ops) 367 { 368 struct tc_action_ops *a; 369 int err = -ENOENT; 370 371 unregister_pernet_subsys(ops); 372 373 write_lock(&act_mod_lock); 374 list_for_each_entry(a, &act_base, head) { 375 if (a == act) { 376 list_del(&act->head); 377 err = 0; 378 break; 379 } 380 } 381 write_unlock(&act_mod_lock); 382 return err; 383 } 384 EXPORT_SYMBOL(tcf_unregister_action); 385 386 /* lookup by name */ 387 static struct tc_action_ops *tc_lookup_action_n(char *kind) 388 { 389 struct tc_action_ops *a, *res = NULL; 390 391 if (kind) { 392 read_lock(&act_mod_lock); 393 list_for_each_entry(a, &act_base, head) { 394 if (strcmp(kind, a->kind) == 0) { 395 if (try_module_get(a->owner)) 396 res = a; 397 break; 398 } 399 } 400 read_unlock(&act_mod_lock); 401 } 402 return res; 403 } 404 405 /* lookup by nlattr */ 406 static struct tc_action_ops *tc_lookup_action(struct nlattr *kind) 407 { 408 struct tc_action_ops *a, *res = NULL; 409 410 if (kind) { 411 read_lock(&act_mod_lock); 412 list_for_each_entry(a, &act_base, head) { 413 if (nla_strcmp(kind, a->kind) == 0) { 414 if (try_module_get(a->owner)) 415 res = a; 416 break; 417 } 418 } 419 read_unlock(&act_mod_lock); 420 } 421 return res; 422 } 423 424 int tcf_action_exec(struct sk_buff *skb, const struct list_head *actions, 425 struct tcf_result *res) 426 { 427 const struct tc_action *a; 428 int ret = -1; 429 430 if (skb->tc_verd & TC_NCLS) { 431 skb->tc_verd = CLR_TC_NCLS(skb->tc_verd); 432 ret = TC_ACT_OK; 433 goto exec_done; 434 } 435 list_for_each_entry(a, actions, list) { 436 repeat: 437 ret = a->ops->act(skb, a, res); 438 if (ret == TC_ACT_REPEAT) 439 goto repeat; /* we need a ttl - JHS */ 440 if (ret != TC_ACT_PIPE) 441 goto exec_done; 442 } 443 exec_done: 444 return ret; 445 } 446 EXPORT_SYMBOL(tcf_action_exec); 447 448 int tcf_action_destroy(struct list_head *actions, int bind) 449 { 450 struct tc_action *a, *tmp; 451 int ret = 0; 452 453 list_for_each_entry_safe(a, tmp, actions, list) { 454 ret = __tcf_hash_release(a, bind, true); 455 if (ret == ACT_P_DELETED) 456 module_put(a->ops->owner); 457 else if (ret < 0) 458 return ret; 459 } 460 return ret; 461 } 462 463 int 464 tcf_action_dump_old(struct sk_buff *skb, struct tc_action *a, int bind, int ref) 465 { 466 return a->ops->dump(skb, a, bind, ref); 467 } 468 469 int 470 tcf_action_dump_1(struct sk_buff *skb, struct tc_action *a, int bind, int ref) 471 { 472 int err = -EINVAL; 473 unsigned char *b = skb_tail_pointer(skb); 474 struct nlattr *nest; 475 476 if (nla_put_string(skb, TCA_KIND, a->ops->kind)) 477 goto nla_put_failure; 478 if (tcf_action_copy_stats(skb, a, 0)) 479 goto nla_put_failure; 480 nest = nla_nest_start(skb, TCA_OPTIONS); 481 if (nest == NULL) 482 goto nla_put_failure; 483 err = tcf_action_dump_old(skb, a, bind, ref); 484 if (err > 0) { 485 nla_nest_end(skb, nest); 486 return err; 487 } 488 489 nla_put_failure: 490 nlmsg_trim(skb, b); 491 return -1; 492 } 493 EXPORT_SYMBOL(tcf_action_dump_1); 494 495 int tcf_action_dump(struct sk_buff *skb, struct list_head *actions, 496 int bind, int ref) 497 { 498 struct tc_action *a; 499 int err = -EINVAL; 500 struct nlattr *nest; 501 502 list_for_each_entry(a, actions, list) { 503 nest = nla_nest_start(skb, a->order); 504 if (nest == NULL) 505 goto nla_put_failure; 506 err = tcf_action_dump_1(skb, a, bind, ref); 507 if (err < 0) 508 goto errout; 509 nla_nest_end(skb, nest); 510 } 511 512 return 0; 513 514 nla_put_failure: 515 err = -EINVAL; 516 errout: 517 nla_nest_cancel(skb, nest); 518 return err; 519 } 520 521 struct tc_action *tcf_action_init_1(struct net *net, struct nlattr *nla, 522 struct nlattr *est, char *name, int ovr, 523 int bind) 524 { 525 struct tc_action *a; 526 struct tc_action_ops *a_o; 527 char act_name[IFNAMSIZ]; 528 struct nlattr *tb[TCA_ACT_MAX + 1]; 529 struct nlattr *kind; 530 int err; 531 532 if (name == NULL) { 533 err = nla_parse_nested(tb, TCA_ACT_MAX, nla, NULL); 534 if (err < 0) 535 goto err_out; 536 err = -EINVAL; 537 kind = tb[TCA_ACT_KIND]; 538 if (kind == NULL) 539 goto err_out; 540 if (nla_strlcpy(act_name, kind, IFNAMSIZ) >= IFNAMSIZ) 541 goto err_out; 542 } else { 543 err = -EINVAL; 544 if (strlcpy(act_name, name, IFNAMSIZ) >= IFNAMSIZ) 545 goto err_out; 546 } 547 548 a_o = tc_lookup_action_n(act_name); 549 if (a_o == NULL) { 550 #ifdef CONFIG_MODULES 551 rtnl_unlock(); 552 request_module("act_%s", act_name); 553 rtnl_lock(); 554 555 a_o = tc_lookup_action_n(act_name); 556 557 /* We dropped the RTNL semaphore in order to 558 * perform the module load. So, even if we 559 * succeeded in loading the module we have to 560 * tell the caller to replay the request. We 561 * indicate this using -EAGAIN. 562 */ 563 if (a_o != NULL) { 564 err = -EAGAIN; 565 goto err_mod; 566 } 567 #endif 568 err = -ENOENT; 569 goto err_out; 570 } 571 572 /* backward compatibility for policer */ 573 if (name == NULL) 574 err = a_o->init(net, tb[TCA_ACT_OPTIONS], est, &a, ovr, bind); 575 else 576 err = a_o->init(net, nla, est, &a, ovr, bind); 577 if (err < 0) 578 goto err_mod; 579 580 /* module count goes up only when brand new policy is created 581 * if it exists and is only bound to in a_o->init() then 582 * ACT_P_CREATED is not returned (a zero is). 583 */ 584 if (err != ACT_P_CREATED) 585 module_put(a_o->owner); 586 587 return a; 588 589 err_mod: 590 module_put(a_o->owner); 591 err_out: 592 return ERR_PTR(err); 593 } 594 595 int tcf_action_init(struct net *net, struct nlattr *nla, 596 struct nlattr *est, char *name, int ovr, 597 int bind, struct list_head *actions) 598 { 599 struct nlattr *tb[TCA_ACT_MAX_PRIO + 1]; 600 struct tc_action *act; 601 int err; 602 int i; 603 604 err = nla_parse_nested(tb, TCA_ACT_MAX_PRIO, nla, NULL); 605 if (err < 0) 606 return err; 607 608 for (i = 1; i <= TCA_ACT_MAX_PRIO && tb[i]; i++) { 609 act = tcf_action_init_1(net, tb[i], est, name, ovr, bind); 610 if (IS_ERR(act)) { 611 err = PTR_ERR(act); 612 goto err; 613 } 614 act->order = i; 615 list_add_tail(&act->list, actions); 616 } 617 return 0; 618 619 err: 620 tcf_action_destroy(actions, bind); 621 return err; 622 } 623 624 int tcf_action_copy_stats(struct sk_buff *skb, struct tc_action *p, 625 int compat_mode) 626 { 627 int err = 0; 628 struct gnet_dump d; 629 630 if (p == NULL) 631 goto errout; 632 633 /* compat_mode being true specifies a call that is supposed 634 * to add additional backward compatibility statistic TLVs. 635 */ 636 if (compat_mode) { 637 if (p->type == TCA_OLD_COMPAT) 638 err = gnet_stats_start_copy_compat(skb, 0, 639 TCA_STATS, 640 TCA_XSTATS, 641 &p->tcfa_lock, &d, 642 TCA_PAD); 643 else 644 return 0; 645 } else 646 err = gnet_stats_start_copy(skb, TCA_ACT_STATS, 647 &p->tcfa_lock, &d, TCA_ACT_PAD); 648 649 if (err < 0) 650 goto errout; 651 652 if (gnet_stats_copy_basic(NULL, &d, p->cpu_bstats, &p->tcfa_bstats) < 0 || 653 gnet_stats_copy_rate_est(&d, &p->tcfa_bstats, 654 &p->tcfa_rate_est) < 0 || 655 gnet_stats_copy_queue(&d, p->cpu_qstats, 656 &p->tcfa_qstats, 657 p->tcfa_qstats.qlen) < 0) 658 goto errout; 659 660 if (gnet_stats_finish_copy(&d) < 0) 661 goto errout; 662 663 return 0; 664 665 errout: 666 return -1; 667 } 668 669 static int tca_get_fill(struct sk_buff *skb, struct list_head *actions, 670 u32 portid, u32 seq, u16 flags, int event, int bind, 671 int ref) 672 { 673 struct tcamsg *t; 674 struct nlmsghdr *nlh; 675 unsigned char *b = skb_tail_pointer(skb); 676 struct nlattr *nest; 677 678 nlh = nlmsg_put(skb, portid, seq, event, sizeof(*t), flags); 679 if (!nlh) 680 goto out_nlmsg_trim; 681 t = nlmsg_data(nlh); 682 t->tca_family = AF_UNSPEC; 683 t->tca__pad1 = 0; 684 t->tca__pad2 = 0; 685 686 nest = nla_nest_start(skb, TCA_ACT_TAB); 687 if (nest == NULL) 688 goto out_nlmsg_trim; 689 690 if (tcf_action_dump(skb, actions, bind, ref) < 0) 691 goto out_nlmsg_trim; 692 693 nla_nest_end(skb, nest); 694 695 nlh->nlmsg_len = skb_tail_pointer(skb) - b; 696 return skb->len; 697 698 out_nlmsg_trim: 699 nlmsg_trim(skb, b); 700 return -1; 701 } 702 703 static int 704 act_get_notify(struct net *net, u32 portid, struct nlmsghdr *n, 705 struct list_head *actions, int event) 706 { 707 struct sk_buff *skb; 708 709 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL); 710 if (!skb) 711 return -ENOBUFS; 712 if (tca_get_fill(skb, actions, portid, n->nlmsg_seq, 0, event, 713 0, 0) <= 0) { 714 kfree_skb(skb); 715 return -EINVAL; 716 } 717 718 return rtnl_unicast(skb, net, portid); 719 } 720 721 static struct tc_action *tcf_action_get_1(struct net *net, struct nlattr *nla, 722 struct nlmsghdr *n, u32 portid) 723 { 724 struct nlattr *tb[TCA_ACT_MAX + 1]; 725 const struct tc_action_ops *ops; 726 struct tc_action *a; 727 int index; 728 int err; 729 730 err = nla_parse_nested(tb, TCA_ACT_MAX, nla, NULL); 731 if (err < 0) 732 goto err_out; 733 734 err = -EINVAL; 735 if (tb[TCA_ACT_INDEX] == NULL || 736 nla_len(tb[TCA_ACT_INDEX]) < sizeof(index)) 737 goto err_out; 738 index = nla_get_u32(tb[TCA_ACT_INDEX]); 739 740 err = -EINVAL; 741 ops = tc_lookup_action(tb[TCA_ACT_KIND]); 742 if (!ops) /* could happen in batch of actions */ 743 goto err_out; 744 err = -ENOENT; 745 if (ops->lookup(net, &a, index) == 0) 746 goto err_mod; 747 748 module_put(ops->owner); 749 return a; 750 751 err_mod: 752 module_put(ops->owner); 753 err_out: 754 return ERR_PTR(err); 755 } 756 757 static void cleanup_a(struct list_head *actions) 758 { 759 struct tc_action *a, *tmp; 760 761 list_for_each_entry_safe(a, tmp, actions, list) { 762 list_del(&a->list); 763 kfree(a); 764 } 765 } 766 767 static int tca_action_flush(struct net *net, struct nlattr *nla, 768 struct nlmsghdr *n, u32 portid) 769 { 770 struct sk_buff *skb; 771 unsigned char *b; 772 struct nlmsghdr *nlh; 773 struct tcamsg *t; 774 struct netlink_callback dcb; 775 struct nlattr *nest; 776 struct nlattr *tb[TCA_ACT_MAX + 1]; 777 const struct tc_action_ops *ops; 778 struct nlattr *kind; 779 int err = -ENOMEM; 780 781 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL); 782 if (!skb) { 783 pr_debug("tca_action_flush: failed skb alloc\n"); 784 return err; 785 } 786 787 b = skb_tail_pointer(skb); 788 789 err = nla_parse_nested(tb, TCA_ACT_MAX, nla, NULL); 790 if (err < 0) 791 goto err_out; 792 793 err = -EINVAL; 794 kind = tb[TCA_ACT_KIND]; 795 ops = tc_lookup_action(kind); 796 if (!ops) /*some idjot trying to flush unknown action */ 797 goto err_out; 798 799 nlh = nlmsg_put(skb, portid, n->nlmsg_seq, RTM_DELACTION, 800 sizeof(*t), 0); 801 if (!nlh) 802 goto out_module_put; 803 t = nlmsg_data(nlh); 804 t->tca_family = AF_UNSPEC; 805 t->tca__pad1 = 0; 806 t->tca__pad2 = 0; 807 808 nest = nla_nest_start(skb, TCA_ACT_TAB); 809 if (nest == NULL) 810 goto out_module_put; 811 812 err = ops->walk(net, skb, &dcb, RTM_DELACTION, ops); 813 if (err < 0) 814 goto out_module_put; 815 if (err == 0) 816 goto noflush_out; 817 818 nla_nest_end(skb, nest); 819 820 nlh->nlmsg_len = skb_tail_pointer(skb) - b; 821 nlh->nlmsg_flags |= NLM_F_ROOT; 822 module_put(ops->owner); 823 err = rtnetlink_send(skb, net, portid, RTNLGRP_TC, 824 n->nlmsg_flags & NLM_F_ECHO); 825 if (err > 0) 826 return 0; 827 828 return err; 829 830 out_module_put: 831 module_put(ops->owner); 832 err_out: 833 noflush_out: 834 kfree_skb(skb); 835 return err; 836 } 837 838 static int 839 tcf_del_notify(struct net *net, struct nlmsghdr *n, struct list_head *actions, 840 u32 portid) 841 { 842 int ret; 843 struct sk_buff *skb; 844 845 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL); 846 if (!skb) 847 return -ENOBUFS; 848 849 if (tca_get_fill(skb, actions, portid, n->nlmsg_seq, 0, RTM_DELACTION, 850 0, 1) <= 0) { 851 kfree_skb(skb); 852 return -EINVAL; 853 } 854 855 /* now do the delete */ 856 ret = tcf_action_destroy(actions, 0); 857 if (ret < 0) { 858 kfree_skb(skb); 859 return ret; 860 } 861 862 ret = rtnetlink_send(skb, net, portid, RTNLGRP_TC, 863 n->nlmsg_flags & NLM_F_ECHO); 864 if (ret > 0) 865 return 0; 866 return ret; 867 } 868 869 static int 870 tca_action_gd(struct net *net, struct nlattr *nla, struct nlmsghdr *n, 871 u32 portid, int event) 872 { 873 int i, ret; 874 struct nlattr *tb[TCA_ACT_MAX_PRIO + 1]; 875 struct tc_action *act; 876 LIST_HEAD(actions); 877 878 ret = nla_parse_nested(tb, TCA_ACT_MAX_PRIO, nla, NULL); 879 if (ret < 0) 880 return ret; 881 882 if (event == RTM_DELACTION && n->nlmsg_flags & NLM_F_ROOT) { 883 if (tb[1] != NULL) 884 return tca_action_flush(net, tb[1], n, portid); 885 else 886 return -EINVAL; 887 } 888 889 for (i = 1; i <= TCA_ACT_MAX_PRIO && tb[i]; i++) { 890 act = tcf_action_get_1(net, tb[i], n, portid); 891 if (IS_ERR(act)) { 892 ret = PTR_ERR(act); 893 goto err; 894 } 895 act->order = i; 896 list_add_tail(&act->list, &actions); 897 } 898 899 if (event == RTM_GETACTION) 900 ret = act_get_notify(net, portid, n, &actions, event); 901 else { /* delete */ 902 ret = tcf_del_notify(net, n, &actions, portid); 903 if (ret) 904 goto err; 905 return ret; 906 } 907 err: 908 cleanup_a(&actions); 909 return ret; 910 } 911 912 static int 913 tcf_add_notify(struct net *net, struct nlmsghdr *n, struct list_head *actions, 914 u32 portid) 915 { 916 struct sk_buff *skb; 917 int err = 0; 918 919 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL); 920 if (!skb) 921 return -ENOBUFS; 922 923 if (tca_get_fill(skb, actions, portid, n->nlmsg_seq, n->nlmsg_flags, 924 RTM_NEWACTION, 0, 0) <= 0) { 925 kfree_skb(skb); 926 return -EINVAL; 927 } 928 929 err = rtnetlink_send(skb, net, portid, RTNLGRP_TC, 930 n->nlmsg_flags & NLM_F_ECHO); 931 if (err > 0) 932 err = 0; 933 return err; 934 } 935 936 static int 937 tcf_action_add(struct net *net, struct nlattr *nla, struct nlmsghdr *n, 938 u32 portid, int ovr) 939 { 940 int ret = 0; 941 LIST_HEAD(actions); 942 943 ret = tcf_action_init(net, nla, NULL, NULL, ovr, 0, &actions); 944 if (ret) 945 goto done; 946 947 /* dump then free all the actions after update; inserted policy 948 * stays intact 949 */ 950 ret = tcf_add_notify(net, n, &actions, portid); 951 cleanup_a(&actions); 952 done: 953 return ret; 954 } 955 956 static int tc_ctl_action(struct sk_buff *skb, struct nlmsghdr *n) 957 { 958 struct net *net = sock_net(skb->sk); 959 struct nlattr *tca[TCA_ACT_MAX + 1]; 960 u32 portid = skb ? NETLINK_CB(skb).portid : 0; 961 int ret = 0, ovr = 0; 962 963 if ((n->nlmsg_type != RTM_GETACTION) && 964 !netlink_capable(skb, CAP_NET_ADMIN)) 965 return -EPERM; 966 967 ret = nlmsg_parse(n, sizeof(struct tcamsg), tca, TCA_ACT_MAX, NULL); 968 if (ret < 0) 969 return ret; 970 971 if (tca[TCA_ACT_TAB] == NULL) { 972 pr_notice("tc_ctl_action: received NO action attribs\n"); 973 return -EINVAL; 974 } 975 976 /* n->nlmsg_flags & NLM_F_CREATE */ 977 switch (n->nlmsg_type) { 978 case RTM_NEWACTION: 979 /* we are going to assume all other flags 980 * imply create only if it doesn't exist 981 * Note that CREATE | EXCL implies that 982 * but since we want avoid ambiguity (eg when flags 983 * is zero) then just set this 984 */ 985 if (n->nlmsg_flags & NLM_F_REPLACE) 986 ovr = 1; 987 replay: 988 ret = tcf_action_add(net, tca[TCA_ACT_TAB], n, portid, ovr); 989 if (ret == -EAGAIN) 990 goto replay; 991 break; 992 case RTM_DELACTION: 993 ret = tca_action_gd(net, tca[TCA_ACT_TAB], n, 994 portid, RTM_DELACTION); 995 break; 996 case RTM_GETACTION: 997 ret = tca_action_gd(net, tca[TCA_ACT_TAB], n, 998 portid, RTM_GETACTION); 999 break; 1000 default: 1001 BUG(); 1002 } 1003 1004 return ret; 1005 } 1006 1007 static struct nlattr * 1008 find_dump_kind(const struct nlmsghdr *n) 1009 { 1010 struct nlattr *tb1, *tb2[TCA_ACT_MAX + 1]; 1011 struct nlattr *tb[TCA_ACT_MAX_PRIO + 1]; 1012 struct nlattr *nla[TCAA_MAX + 1]; 1013 struct nlattr *kind; 1014 1015 if (nlmsg_parse(n, sizeof(struct tcamsg), nla, TCAA_MAX, NULL) < 0) 1016 return NULL; 1017 tb1 = nla[TCA_ACT_TAB]; 1018 if (tb1 == NULL) 1019 return NULL; 1020 1021 if (nla_parse(tb, TCA_ACT_MAX_PRIO, nla_data(tb1), 1022 NLMSG_ALIGN(nla_len(tb1)), NULL) < 0) 1023 return NULL; 1024 1025 if (tb[1] == NULL) 1026 return NULL; 1027 if (nla_parse(tb2, TCA_ACT_MAX, nla_data(tb[1]), 1028 nla_len(tb[1]), NULL) < 0) 1029 return NULL; 1030 kind = tb2[TCA_ACT_KIND]; 1031 1032 return kind; 1033 } 1034 1035 static int 1036 tc_dump_action(struct sk_buff *skb, struct netlink_callback *cb) 1037 { 1038 struct net *net = sock_net(skb->sk); 1039 struct nlmsghdr *nlh; 1040 unsigned char *b = skb_tail_pointer(skb); 1041 struct nlattr *nest; 1042 struct tc_action_ops *a_o; 1043 int ret = 0; 1044 struct tcamsg *t = (struct tcamsg *) nlmsg_data(cb->nlh); 1045 struct nlattr *kind = find_dump_kind(cb->nlh); 1046 1047 if (kind == NULL) { 1048 pr_info("tc_dump_action: action bad kind\n"); 1049 return 0; 1050 } 1051 1052 a_o = tc_lookup_action(kind); 1053 if (a_o == NULL) 1054 return 0; 1055 1056 nlh = nlmsg_put(skb, NETLINK_CB(cb->skb).portid, cb->nlh->nlmsg_seq, 1057 cb->nlh->nlmsg_type, sizeof(*t), 0); 1058 if (!nlh) 1059 goto out_module_put; 1060 t = nlmsg_data(nlh); 1061 t->tca_family = AF_UNSPEC; 1062 t->tca__pad1 = 0; 1063 t->tca__pad2 = 0; 1064 1065 nest = nla_nest_start(skb, TCA_ACT_TAB); 1066 if (nest == NULL) 1067 goto out_module_put; 1068 1069 ret = a_o->walk(net, skb, cb, RTM_GETACTION, a_o); 1070 if (ret < 0) 1071 goto out_module_put; 1072 1073 if (ret > 0) { 1074 nla_nest_end(skb, nest); 1075 ret = skb->len; 1076 } else 1077 nlmsg_trim(skb, b); 1078 1079 nlh->nlmsg_len = skb_tail_pointer(skb) - b; 1080 if (NETLINK_CB(cb->skb).portid && ret) 1081 nlh->nlmsg_flags |= NLM_F_MULTI; 1082 module_put(a_o->owner); 1083 return skb->len; 1084 1085 out_module_put: 1086 module_put(a_o->owner); 1087 nlmsg_trim(skb, b); 1088 return skb->len; 1089 } 1090 1091 static int __init tc_action_init(void) 1092 { 1093 rtnl_register(PF_UNSPEC, RTM_NEWACTION, tc_ctl_action, NULL, NULL); 1094 rtnl_register(PF_UNSPEC, RTM_DELACTION, tc_ctl_action, NULL, NULL); 1095 rtnl_register(PF_UNSPEC, RTM_GETACTION, tc_ctl_action, tc_dump_action, 1096 NULL); 1097 1098 return 0; 1099 } 1100 1101 subsys_initcall(tc_action_init); 1102