1 /* 2 * net/sched/act_api.c Packet action API. 3 * 4 * This program is free software; you can redistribute it and/or 5 * modify it under the terms of the GNU General Public License 6 * as published by the Free Software Foundation; either version 7 * 2 of the License, or (at your option) any later version. 8 * 9 * Author: Jamal Hadi Salim 10 * 11 * 12 */ 13 14 #include <linux/types.h> 15 #include <linux/kernel.h> 16 #include <linux/string.h> 17 #include <linux/errno.h> 18 #include <linux/slab.h> 19 #include <linux/skbuff.h> 20 #include <linux/init.h> 21 #include <linux/kmod.h> 22 #include <linux/err.h> 23 #include <linux/module.h> 24 #include <net/net_namespace.h> 25 #include <net/sock.h> 26 #include <net/sch_generic.h> 27 #include <net/act_api.h> 28 #include <net/netlink.h> 29 30 static void free_tcf(struct rcu_head *head) 31 { 32 struct tc_action *p = container_of(head, struct tc_action, tcfa_rcu); 33 34 free_percpu(p->cpu_bstats); 35 free_percpu(p->cpu_qstats); 36 kfree(p); 37 } 38 39 static void tcf_hash_destroy(struct tcf_hashinfo *hinfo, struct tc_action *p) 40 { 41 spin_lock_bh(&hinfo->lock); 42 hlist_del(&p->tcfa_head); 43 spin_unlock_bh(&hinfo->lock); 44 gen_kill_estimator(&p->tcfa_rate_est); 45 /* 46 * gen_estimator est_timer() might access p->tcfa_lock 47 * or bstats, wait a RCU grace period before freeing p 48 */ 49 call_rcu(&p->tcfa_rcu, free_tcf); 50 } 51 52 int __tcf_hash_release(struct tc_action *p, bool bind, bool strict) 53 { 54 int ret = 0; 55 56 if (p) { 57 if (bind) 58 p->tcfa_bindcnt--; 59 else if (strict && p->tcfa_bindcnt > 0) 60 return -EPERM; 61 62 p->tcfa_refcnt--; 63 if (p->tcfa_bindcnt <= 0 && p->tcfa_refcnt <= 0) { 64 if (p->ops->cleanup) 65 p->ops->cleanup(p, bind); 66 tcf_hash_destroy(p->hinfo, p); 67 ret = ACT_P_DELETED; 68 } 69 } 70 71 return ret; 72 } 73 EXPORT_SYMBOL(__tcf_hash_release); 74 75 static int tcf_dump_walker(struct tcf_hashinfo *hinfo, struct sk_buff *skb, 76 struct netlink_callback *cb) 77 { 78 int err = 0, index = -1, i = 0, s_i = 0, n_i = 0; 79 struct nlattr *nest; 80 81 spin_lock_bh(&hinfo->lock); 82 83 s_i = cb->args[0]; 84 85 for (i = 0; i < (hinfo->hmask + 1); i++) { 86 struct hlist_head *head; 87 struct tc_action *p; 88 89 head = &hinfo->htab[tcf_hash(i, hinfo->hmask)]; 90 91 hlist_for_each_entry_rcu(p, head, tcfa_head) { 92 index++; 93 if (index < s_i) 94 continue; 95 96 nest = nla_nest_start(skb, n_i); 97 if (nest == NULL) 98 goto nla_put_failure; 99 err = tcf_action_dump_1(skb, p, 0, 0); 100 if (err < 0) { 101 index--; 102 nlmsg_trim(skb, nest); 103 goto done; 104 } 105 nla_nest_end(skb, nest); 106 n_i++; 107 if (n_i >= TCA_ACT_MAX_PRIO) 108 goto done; 109 } 110 } 111 done: 112 spin_unlock_bh(&hinfo->lock); 113 if (n_i) 114 cb->args[0] += n_i; 115 return n_i; 116 117 nla_put_failure: 118 nla_nest_cancel(skb, nest); 119 goto done; 120 } 121 122 static int tcf_del_walker(struct tcf_hashinfo *hinfo, struct sk_buff *skb, 123 const struct tc_action_ops *ops) 124 { 125 struct nlattr *nest; 126 int i = 0, n_i = 0; 127 int ret = -EINVAL; 128 129 nest = nla_nest_start(skb, 0); 130 if (nest == NULL) 131 goto nla_put_failure; 132 if (nla_put_string(skb, TCA_KIND, ops->kind)) 133 goto nla_put_failure; 134 for (i = 0; i < (hinfo->hmask + 1); i++) { 135 struct hlist_head *head; 136 struct hlist_node *n; 137 struct tc_action *p; 138 139 head = &hinfo->htab[tcf_hash(i, hinfo->hmask)]; 140 hlist_for_each_entry_safe(p, n, head, tcfa_head) { 141 ret = __tcf_hash_release(p, false, true); 142 if (ret == ACT_P_DELETED) { 143 module_put(p->ops->owner); 144 n_i++; 145 } else if (ret < 0) 146 goto nla_put_failure; 147 } 148 } 149 if (nla_put_u32(skb, TCA_FCNT, n_i)) 150 goto nla_put_failure; 151 nla_nest_end(skb, nest); 152 153 return n_i; 154 nla_put_failure: 155 nla_nest_cancel(skb, nest); 156 return ret; 157 } 158 159 int tcf_generic_walker(struct tc_action_net *tn, struct sk_buff *skb, 160 struct netlink_callback *cb, int type, 161 const struct tc_action_ops *ops) 162 { 163 struct tcf_hashinfo *hinfo = tn->hinfo; 164 165 if (type == RTM_DELACTION) { 166 return tcf_del_walker(hinfo, skb, ops); 167 } else if (type == RTM_GETACTION) { 168 return tcf_dump_walker(hinfo, skb, cb); 169 } else { 170 WARN(1, "tcf_generic_walker: unknown action %d\n", type); 171 return -EINVAL; 172 } 173 } 174 EXPORT_SYMBOL(tcf_generic_walker); 175 176 static struct tc_action *tcf_hash_lookup(u32 index, struct tcf_hashinfo *hinfo) 177 { 178 struct tc_action *p = NULL; 179 struct hlist_head *head; 180 181 spin_lock_bh(&hinfo->lock); 182 head = &hinfo->htab[tcf_hash(index, hinfo->hmask)]; 183 hlist_for_each_entry_rcu(p, head, tcfa_head) 184 if (p->tcfa_index == index) 185 break; 186 spin_unlock_bh(&hinfo->lock); 187 188 return p; 189 } 190 191 u32 tcf_hash_new_index(struct tc_action_net *tn) 192 { 193 struct tcf_hashinfo *hinfo = tn->hinfo; 194 u32 val = hinfo->index; 195 196 do { 197 if (++val == 0) 198 val = 1; 199 } while (tcf_hash_lookup(val, hinfo)); 200 201 hinfo->index = val; 202 return val; 203 } 204 EXPORT_SYMBOL(tcf_hash_new_index); 205 206 int tcf_hash_search(struct tc_action_net *tn, struct tc_action **a, u32 index) 207 { 208 struct tcf_hashinfo *hinfo = tn->hinfo; 209 struct tc_action *p = tcf_hash_lookup(index, hinfo); 210 211 if (p) { 212 *a = p; 213 return 1; 214 } 215 return 0; 216 } 217 EXPORT_SYMBOL(tcf_hash_search); 218 219 bool tcf_hash_check(struct tc_action_net *tn, u32 index, struct tc_action **a, 220 int bind) 221 { 222 struct tcf_hashinfo *hinfo = tn->hinfo; 223 struct tc_action *p = NULL; 224 225 if (index && (p = tcf_hash_lookup(index, hinfo)) != NULL) { 226 if (bind) 227 p->tcfa_bindcnt++; 228 p->tcfa_refcnt++; 229 *a = p; 230 return true; 231 } 232 return false; 233 } 234 EXPORT_SYMBOL(tcf_hash_check); 235 236 void tcf_hash_cleanup(struct tc_action *a, struct nlattr *est) 237 { 238 if (est) 239 gen_kill_estimator(&a->tcfa_rate_est); 240 call_rcu(&a->tcfa_rcu, free_tcf); 241 } 242 EXPORT_SYMBOL(tcf_hash_cleanup); 243 244 int tcf_hash_create(struct tc_action_net *tn, u32 index, struct nlattr *est, 245 struct tc_action **a, const struct tc_action_ops *ops, 246 int bind, bool cpustats) 247 { 248 struct tc_action *p = kzalloc(ops->size, GFP_KERNEL); 249 struct tcf_hashinfo *hinfo = tn->hinfo; 250 int err = -ENOMEM; 251 252 if (unlikely(!p)) 253 return -ENOMEM; 254 p->tcfa_refcnt = 1; 255 if (bind) 256 p->tcfa_bindcnt = 1; 257 258 if (cpustats) { 259 p->cpu_bstats = netdev_alloc_pcpu_stats(struct gnet_stats_basic_cpu); 260 if (!p->cpu_bstats) { 261 err1: 262 kfree(p); 263 return err; 264 } 265 p->cpu_qstats = alloc_percpu(struct gnet_stats_queue); 266 if (!p->cpu_qstats) { 267 err2: 268 free_percpu(p->cpu_bstats); 269 goto err1; 270 } 271 } 272 spin_lock_init(&p->tcfa_lock); 273 INIT_HLIST_NODE(&p->tcfa_head); 274 p->tcfa_index = index ? index : tcf_hash_new_index(tn); 275 p->tcfa_tm.install = jiffies; 276 p->tcfa_tm.lastuse = jiffies; 277 p->tcfa_tm.firstuse = 0; 278 if (est) { 279 err = gen_new_estimator(&p->tcfa_bstats, p->cpu_bstats, 280 &p->tcfa_rate_est, 281 &p->tcfa_lock, NULL, est); 282 if (err) { 283 free_percpu(p->cpu_qstats); 284 goto err2; 285 } 286 } 287 288 p->hinfo = hinfo; 289 p->ops = ops; 290 INIT_LIST_HEAD(&p->list); 291 *a = p; 292 return 0; 293 } 294 EXPORT_SYMBOL(tcf_hash_create); 295 296 void tcf_hash_insert(struct tc_action_net *tn, struct tc_action *a) 297 { 298 struct tcf_hashinfo *hinfo = tn->hinfo; 299 unsigned int h = tcf_hash(a->tcfa_index, hinfo->hmask); 300 301 spin_lock_bh(&hinfo->lock); 302 hlist_add_head(&a->tcfa_head, &hinfo->htab[h]); 303 spin_unlock_bh(&hinfo->lock); 304 } 305 EXPORT_SYMBOL(tcf_hash_insert); 306 307 void tcf_hashinfo_destroy(const struct tc_action_ops *ops, 308 struct tcf_hashinfo *hinfo) 309 { 310 int i; 311 312 for (i = 0; i < hinfo->hmask + 1; i++) { 313 struct tc_action *p; 314 struct hlist_node *n; 315 316 hlist_for_each_entry_safe(p, n, &hinfo->htab[i], tcfa_head) { 317 int ret; 318 319 ret = __tcf_hash_release(p, false, true); 320 if (ret == ACT_P_DELETED) 321 module_put(ops->owner); 322 else if (ret < 0) 323 return; 324 } 325 } 326 kfree(hinfo->htab); 327 } 328 EXPORT_SYMBOL(tcf_hashinfo_destroy); 329 330 static LIST_HEAD(act_base); 331 static DEFINE_RWLOCK(act_mod_lock); 332 333 int tcf_register_action(struct tc_action_ops *act, 334 struct pernet_operations *ops) 335 { 336 struct tc_action_ops *a; 337 int ret; 338 339 if (!act->act || !act->dump || !act->init || !act->walk || !act->lookup) 340 return -EINVAL; 341 342 /* We have to register pernet ops before making the action ops visible, 343 * otherwise tcf_action_init_1() could get a partially initialized 344 * netns. 345 */ 346 ret = register_pernet_subsys(ops); 347 if (ret) 348 return ret; 349 350 write_lock(&act_mod_lock); 351 list_for_each_entry(a, &act_base, head) { 352 if (act->type == a->type || (strcmp(act->kind, a->kind) == 0)) { 353 write_unlock(&act_mod_lock); 354 unregister_pernet_subsys(ops); 355 return -EEXIST; 356 } 357 } 358 list_add_tail(&act->head, &act_base); 359 write_unlock(&act_mod_lock); 360 361 return 0; 362 } 363 EXPORT_SYMBOL(tcf_register_action); 364 365 int tcf_unregister_action(struct tc_action_ops *act, 366 struct pernet_operations *ops) 367 { 368 struct tc_action_ops *a; 369 int err = -ENOENT; 370 371 write_lock(&act_mod_lock); 372 list_for_each_entry(a, &act_base, head) { 373 if (a == act) { 374 list_del(&act->head); 375 err = 0; 376 break; 377 } 378 } 379 write_unlock(&act_mod_lock); 380 if (!err) 381 unregister_pernet_subsys(ops); 382 return err; 383 } 384 EXPORT_SYMBOL(tcf_unregister_action); 385 386 /* lookup by name */ 387 static struct tc_action_ops *tc_lookup_action_n(char *kind) 388 { 389 struct tc_action_ops *a, *res = NULL; 390 391 if (kind) { 392 read_lock(&act_mod_lock); 393 list_for_each_entry(a, &act_base, head) { 394 if (strcmp(kind, a->kind) == 0) { 395 if (try_module_get(a->owner)) 396 res = a; 397 break; 398 } 399 } 400 read_unlock(&act_mod_lock); 401 } 402 return res; 403 } 404 405 /* lookup by nlattr */ 406 static struct tc_action_ops *tc_lookup_action(struct nlattr *kind) 407 { 408 struct tc_action_ops *a, *res = NULL; 409 410 if (kind) { 411 read_lock(&act_mod_lock); 412 list_for_each_entry(a, &act_base, head) { 413 if (nla_strcmp(kind, a->kind) == 0) { 414 if (try_module_get(a->owner)) 415 res = a; 416 break; 417 } 418 } 419 read_unlock(&act_mod_lock); 420 } 421 return res; 422 } 423 424 int tcf_action_exec(struct sk_buff *skb, struct tc_action **actions, 425 int nr_actions, struct tcf_result *res) 426 { 427 int ret = -1, i; 428 429 if (skb->tc_verd & TC_NCLS) { 430 skb->tc_verd = CLR_TC_NCLS(skb->tc_verd); 431 ret = TC_ACT_OK; 432 goto exec_done; 433 } 434 for (i = 0; i < nr_actions; i++) { 435 const struct tc_action *a = actions[i]; 436 437 repeat: 438 ret = a->ops->act(skb, a, res); 439 if (ret == TC_ACT_REPEAT) 440 goto repeat; /* we need a ttl - JHS */ 441 if (ret != TC_ACT_PIPE) 442 goto exec_done; 443 } 444 exec_done: 445 return ret; 446 } 447 EXPORT_SYMBOL(tcf_action_exec); 448 449 int tcf_action_destroy(struct list_head *actions, int bind) 450 { 451 struct tc_action *a, *tmp; 452 int ret = 0; 453 454 list_for_each_entry_safe(a, tmp, actions, list) { 455 ret = __tcf_hash_release(a, bind, true); 456 if (ret == ACT_P_DELETED) 457 module_put(a->ops->owner); 458 else if (ret < 0) 459 return ret; 460 } 461 return ret; 462 } 463 464 int 465 tcf_action_dump_old(struct sk_buff *skb, struct tc_action *a, int bind, int ref) 466 { 467 return a->ops->dump(skb, a, bind, ref); 468 } 469 470 int 471 tcf_action_dump_1(struct sk_buff *skb, struct tc_action *a, int bind, int ref) 472 { 473 int err = -EINVAL; 474 unsigned char *b = skb_tail_pointer(skb); 475 struct nlattr *nest; 476 477 if (nla_put_string(skb, TCA_KIND, a->ops->kind)) 478 goto nla_put_failure; 479 if (tcf_action_copy_stats(skb, a, 0)) 480 goto nla_put_failure; 481 nest = nla_nest_start(skb, TCA_OPTIONS); 482 if (nest == NULL) 483 goto nla_put_failure; 484 err = tcf_action_dump_old(skb, a, bind, ref); 485 if (err > 0) { 486 nla_nest_end(skb, nest); 487 return err; 488 } 489 490 nla_put_failure: 491 nlmsg_trim(skb, b); 492 return -1; 493 } 494 EXPORT_SYMBOL(tcf_action_dump_1); 495 496 int tcf_action_dump(struct sk_buff *skb, struct list_head *actions, 497 int bind, int ref) 498 { 499 struct tc_action *a; 500 int err = -EINVAL; 501 struct nlattr *nest; 502 503 list_for_each_entry(a, actions, list) { 504 nest = nla_nest_start(skb, a->order); 505 if (nest == NULL) 506 goto nla_put_failure; 507 err = tcf_action_dump_1(skb, a, bind, ref); 508 if (err < 0) 509 goto errout; 510 nla_nest_end(skb, nest); 511 } 512 513 return 0; 514 515 nla_put_failure: 516 err = -EINVAL; 517 errout: 518 nla_nest_cancel(skb, nest); 519 return err; 520 } 521 522 struct tc_action *tcf_action_init_1(struct net *net, struct nlattr *nla, 523 struct nlattr *est, char *name, int ovr, 524 int bind) 525 { 526 struct tc_action *a; 527 struct tc_action_ops *a_o; 528 char act_name[IFNAMSIZ]; 529 struct nlattr *tb[TCA_ACT_MAX + 1]; 530 struct nlattr *kind; 531 int err; 532 533 if (name == NULL) { 534 err = nla_parse_nested(tb, TCA_ACT_MAX, nla, NULL); 535 if (err < 0) 536 goto err_out; 537 err = -EINVAL; 538 kind = tb[TCA_ACT_KIND]; 539 if (kind == NULL) 540 goto err_out; 541 if (nla_strlcpy(act_name, kind, IFNAMSIZ) >= IFNAMSIZ) 542 goto err_out; 543 } else { 544 err = -EINVAL; 545 if (strlcpy(act_name, name, IFNAMSIZ) >= IFNAMSIZ) 546 goto err_out; 547 } 548 549 a_o = tc_lookup_action_n(act_name); 550 if (a_o == NULL) { 551 #ifdef CONFIG_MODULES 552 rtnl_unlock(); 553 request_module("act_%s", act_name); 554 rtnl_lock(); 555 556 a_o = tc_lookup_action_n(act_name); 557 558 /* We dropped the RTNL semaphore in order to 559 * perform the module load. So, even if we 560 * succeeded in loading the module we have to 561 * tell the caller to replay the request. We 562 * indicate this using -EAGAIN. 563 */ 564 if (a_o != NULL) { 565 err = -EAGAIN; 566 goto err_mod; 567 } 568 #endif 569 err = -ENOENT; 570 goto err_out; 571 } 572 573 /* backward compatibility for policer */ 574 if (name == NULL) 575 err = a_o->init(net, tb[TCA_ACT_OPTIONS], est, &a, ovr, bind); 576 else 577 err = a_o->init(net, nla, est, &a, ovr, bind); 578 if (err < 0) 579 goto err_mod; 580 581 /* module count goes up only when brand new policy is created 582 * if it exists and is only bound to in a_o->init() then 583 * ACT_P_CREATED is not returned (a zero is). 584 */ 585 if (err != ACT_P_CREATED) 586 module_put(a_o->owner); 587 588 return a; 589 590 err_mod: 591 module_put(a_o->owner); 592 err_out: 593 return ERR_PTR(err); 594 } 595 596 static void cleanup_a(struct list_head *actions, int ovr) 597 { 598 struct tc_action *a; 599 600 if (!ovr) 601 return; 602 603 list_for_each_entry(a, actions, list) 604 a->tcfa_refcnt--; 605 } 606 607 int tcf_action_init(struct net *net, struct nlattr *nla, struct nlattr *est, 608 char *name, int ovr, int bind, struct list_head *actions) 609 { 610 struct nlattr *tb[TCA_ACT_MAX_PRIO + 1]; 611 struct tc_action *act; 612 int err; 613 int i; 614 615 err = nla_parse_nested(tb, TCA_ACT_MAX_PRIO, nla, NULL); 616 if (err < 0) 617 return err; 618 619 for (i = 1; i <= TCA_ACT_MAX_PRIO && tb[i]; i++) { 620 act = tcf_action_init_1(net, tb[i], est, name, ovr, bind); 621 if (IS_ERR(act)) { 622 err = PTR_ERR(act); 623 goto err; 624 } 625 act->order = i; 626 if (ovr) 627 act->tcfa_refcnt++; 628 list_add_tail(&act->list, actions); 629 } 630 631 /* Remove the temp refcnt which was necessary to protect against 632 * destroying an existing action which was being replaced 633 */ 634 cleanup_a(actions, ovr); 635 return 0; 636 637 err: 638 tcf_action_destroy(actions, bind); 639 return err; 640 } 641 642 int tcf_action_copy_stats(struct sk_buff *skb, struct tc_action *p, 643 int compat_mode) 644 { 645 int err = 0; 646 struct gnet_dump d; 647 648 if (p == NULL) 649 goto errout; 650 651 /* compat_mode being true specifies a call that is supposed 652 * to add additional backward compatibility statistic TLVs. 653 */ 654 if (compat_mode) { 655 if (p->type == TCA_OLD_COMPAT) 656 err = gnet_stats_start_copy_compat(skb, 0, 657 TCA_STATS, 658 TCA_XSTATS, 659 &p->tcfa_lock, &d, 660 TCA_PAD); 661 else 662 return 0; 663 } else 664 err = gnet_stats_start_copy(skb, TCA_ACT_STATS, 665 &p->tcfa_lock, &d, TCA_ACT_PAD); 666 667 if (err < 0) 668 goto errout; 669 670 if (gnet_stats_copy_basic(NULL, &d, p->cpu_bstats, &p->tcfa_bstats) < 0 || 671 gnet_stats_copy_rate_est(&d, &p->tcfa_rate_est) < 0 || 672 gnet_stats_copy_queue(&d, p->cpu_qstats, 673 &p->tcfa_qstats, 674 p->tcfa_qstats.qlen) < 0) 675 goto errout; 676 677 if (gnet_stats_finish_copy(&d) < 0) 678 goto errout; 679 680 return 0; 681 682 errout: 683 return -1; 684 } 685 686 static int tca_get_fill(struct sk_buff *skb, struct list_head *actions, 687 u32 portid, u32 seq, u16 flags, int event, int bind, 688 int ref) 689 { 690 struct tcamsg *t; 691 struct nlmsghdr *nlh; 692 unsigned char *b = skb_tail_pointer(skb); 693 struct nlattr *nest; 694 695 nlh = nlmsg_put(skb, portid, seq, event, sizeof(*t), flags); 696 if (!nlh) 697 goto out_nlmsg_trim; 698 t = nlmsg_data(nlh); 699 t->tca_family = AF_UNSPEC; 700 t->tca__pad1 = 0; 701 t->tca__pad2 = 0; 702 703 nest = nla_nest_start(skb, TCA_ACT_TAB); 704 if (nest == NULL) 705 goto out_nlmsg_trim; 706 707 if (tcf_action_dump(skb, actions, bind, ref) < 0) 708 goto out_nlmsg_trim; 709 710 nla_nest_end(skb, nest); 711 712 nlh->nlmsg_len = skb_tail_pointer(skb) - b; 713 return skb->len; 714 715 out_nlmsg_trim: 716 nlmsg_trim(skb, b); 717 return -1; 718 } 719 720 static int 721 act_get_notify(struct net *net, u32 portid, struct nlmsghdr *n, 722 struct list_head *actions, int event) 723 { 724 struct sk_buff *skb; 725 726 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL); 727 if (!skb) 728 return -ENOBUFS; 729 if (tca_get_fill(skb, actions, portid, n->nlmsg_seq, 0, event, 730 0, 0) <= 0) { 731 kfree_skb(skb); 732 return -EINVAL; 733 } 734 735 return rtnl_unicast(skb, net, portid); 736 } 737 738 static struct tc_action *tcf_action_get_1(struct net *net, struct nlattr *nla, 739 struct nlmsghdr *n, u32 portid) 740 { 741 struct nlattr *tb[TCA_ACT_MAX + 1]; 742 const struct tc_action_ops *ops; 743 struct tc_action *a; 744 int index; 745 int err; 746 747 err = nla_parse_nested(tb, TCA_ACT_MAX, nla, NULL); 748 if (err < 0) 749 goto err_out; 750 751 err = -EINVAL; 752 if (tb[TCA_ACT_INDEX] == NULL || 753 nla_len(tb[TCA_ACT_INDEX]) < sizeof(index)) 754 goto err_out; 755 index = nla_get_u32(tb[TCA_ACT_INDEX]); 756 757 err = -EINVAL; 758 ops = tc_lookup_action(tb[TCA_ACT_KIND]); 759 if (!ops) /* could happen in batch of actions */ 760 goto err_out; 761 err = -ENOENT; 762 if (ops->lookup(net, &a, index) == 0) 763 goto err_mod; 764 765 module_put(ops->owner); 766 return a; 767 768 err_mod: 769 module_put(ops->owner); 770 err_out: 771 return ERR_PTR(err); 772 } 773 774 static int tca_action_flush(struct net *net, struct nlattr *nla, 775 struct nlmsghdr *n, u32 portid) 776 { 777 struct sk_buff *skb; 778 unsigned char *b; 779 struct nlmsghdr *nlh; 780 struct tcamsg *t; 781 struct netlink_callback dcb; 782 struct nlattr *nest; 783 struct nlattr *tb[TCA_ACT_MAX + 1]; 784 const struct tc_action_ops *ops; 785 struct nlattr *kind; 786 int err = -ENOMEM; 787 788 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL); 789 if (!skb) { 790 pr_debug("tca_action_flush: failed skb alloc\n"); 791 return err; 792 } 793 794 b = skb_tail_pointer(skb); 795 796 err = nla_parse_nested(tb, TCA_ACT_MAX, nla, NULL); 797 if (err < 0) 798 goto err_out; 799 800 err = -EINVAL; 801 kind = tb[TCA_ACT_KIND]; 802 ops = tc_lookup_action(kind); 803 if (!ops) /*some idjot trying to flush unknown action */ 804 goto err_out; 805 806 nlh = nlmsg_put(skb, portid, n->nlmsg_seq, RTM_DELACTION, 807 sizeof(*t), 0); 808 if (!nlh) 809 goto out_module_put; 810 t = nlmsg_data(nlh); 811 t->tca_family = AF_UNSPEC; 812 t->tca__pad1 = 0; 813 t->tca__pad2 = 0; 814 815 nest = nla_nest_start(skb, TCA_ACT_TAB); 816 if (nest == NULL) 817 goto out_module_put; 818 819 err = ops->walk(net, skb, &dcb, RTM_DELACTION, ops); 820 if (err < 0) 821 goto out_module_put; 822 if (err == 0) 823 goto noflush_out; 824 825 nla_nest_end(skb, nest); 826 827 nlh->nlmsg_len = skb_tail_pointer(skb) - b; 828 nlh->nlmsg_flags |= NLM_F_ROOT; 829 module_put(ops->owner); 830 err = rtnetlink_send(skb, net, portid, RTNLGRP_TC, 831 n->nlmsg_flags & NLM_F_ECHO); 832 if (err > 0) 833 return 0; 834 835 return err; 836 837 out_module_put: 838 module_put(ops->owner); 839 err_out: 840 noflush_out: 841 kfree_skb(skb); 842 return err; 843 } 844 845 static int 846 tcf_del_notify(struct net *net, struct nlmsghdr *n, struct list_head *actions, 847 u32 portid) 848 { 849 int ret; 850 struct sk_buff *skb; 851 852 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL); 853 if (!skb) 854 return -ENOBUFS; 855 856 if (tca_get_fill(skb, actions, portid, n->nlmsg_seq, 0, RTM_DELACTION, 857 0, 1) <= 0) { 858 kfree_skb(skb); 859 return -EINVAL; 860 } 861 862 /* now do the delete */ 863 ret = tcf_action_destroy(actions, 0); 864 if (ret < 0) { 865 kfree_skb(skb); 866 return ret; 867 } 868 869 ret = rtnetlink_send(skb, net, portid, RTNLGRP_TC, 870 n->nlmsg_flags & NLM_F_ECHO); 871 if (ret > 0) 872 return 0; 873 return ret; 874 } 875 876 static int 877 tca_action_gd(struct net *net, struct nlattr *nla, struct nlmsghdr *n, 878 u32 portid, int event) 879 { 880 int i, ret; 881 struct nlattr *tb[TCA_ACT_MAX_PRIO + 1]; 882 struct tc_action *act; 883 LIST_HEAD(actions); 884 885 ret = nla_parse_nested(tb, TCA_ACT_MAX_PRIO, nla, NULL); 886 if (ret < 0) 887 return ret; 888 889 if (event == RTM_DELACTION && n->nlmsg_flags & NLM_F_ROOT) { 890 if (tb[1] != NULL) 891 return tca_action_flush(net, tb[1], n, portid); 892 else 893 return -EINVAL; 894 } 895 896 for (i = 1; i <= TCA_ACT_MAX_PRIO && tb[i]; i++) { 897 act = tcf_action_get_1(net, tb[i], n, portid); 898 if (IS_ERR(act)) { 899 ret = PTR_ERR(act); 900 goto err; 901 } 902 act->order = i; 903 if (event == RTM_GETACTION) 904 act->tcfa_refcnt++; 905 list_add_tail(&act->list, &actions); 906 } 907 908 if (event == RTM_GETACTION) 909 ret = act_get_notify(net, portid, n, &actions, event); 910 else { /* delete */ 911 ret = tcf_del_notify(net, n, &actions, portid); 912 if (ret) 913 goto err; 914 return ret; 915 } 916 err: 917 tcf_action_destroy(&actions, 0); 918 return ret; 919 } 920 921 static int 922 tcf_add_notify(struct net *net, struct nlmsghdr *n, struct list_head *actions, 923 u32 portid) 924 { 925 struct sk_buff *skb; 926 int err = 0; 927 928 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL); 929 if (!skb) 930 return -ENOBUFS; 931 932 if (tca_get_fill(skb, actions, portid, n->nlmsg_seq, n->nlmsg_flags, 933 RTM_NEWACTION, 0, 0) <= 0) { 934 kfree_skb(skb); 935 return -EINVAL; 936 } 937 938 err = rtnetlink_send(skb, net, portid, RTNLGRP_TC, 939 n->nlmsg_flags & NLM_F_ECHO); 940 if (err > 0) 941 err = 0; 942 return err; 943 } 944 945 static int tcf_action_add(struct net *net, struct nlattr *nla, 946 struct nlmsghdr *n, u32 portid, int ovr) 947 { 948 int ret = 0; 949 LIST_HEAD(actions); 950 951 ret = tcf_action_init(net, nla, NULL, NULL, ovr, 0, &actions); 952 if (ret) 953 return ret; 954 955 return tcf_add_notify(net, n, &actions, portid); 956 } 957 958 static int tc_ctl_action(struct sk_buff *skb, struct nlmsghdr *n) 959 { 960 struct net *net = sock_net(skb->sk); 961 struct nlattr *tca[TCA_ACT_MAX + 1]; 962 u32 portid = skb ? NETLINK_CB(skb).portid : 0; 963 int ret = 0, ovr = 0; 964 965 if ((n->nlmsg_type != RTM_GETACTION) && 966 !netlink_capable(skb, CAP_NET_ADMIN)) 967 return -EPERM; 968 969 ret = nlmsg_parse(n, sizeof(struct tcamsg), tca, TCA_ACT_MAX, NULL); 970 if (ret < 0) 971 return ret; 972 973 if (tca[TCA_ACT_TAB] == NULL) { 974 pr_notice("tc_ctl_action: received NO action attribs\n"); 975 return -EINVAL; 976 } 977 978 /* n->nlmsg_flags & NLM_F_CREATE */ 979 switch (n->nlmsg_type) { 980 case RTM_NEWACTION: 981 /* we are going to assume all other flags 982 * imply create only if it doesn't exist 983 * Note that CREATE | EXCL implies that 984 * but since we want avoid ambiguity (eg when flags 985 * is zero) then just set this 986 */ 987 if (n->nlmsg_flags & NLM_F_REPLACE) 988 ovr = 1; 989 replay: 990 ret = tcf_action_add(net, tca[TCA_ACT_TAB], n, portid, ovr); 991 if (ret == -EAGAIN) 992 goto replay; 993 break; 994 case RTM_DELACTION: 995 ret = tca_action_gd(net, tca[TCA_ACT_TAB], n, 996 portid, RTM_DELACTION); 997 break; 998 case RTM_GETACTION: 999 ret = tca_action_gd(net, tca[TCA_ACT_TAB], n, 1000 portid, RTM_GETACTION); 1001 break; 1002 default: 1003 BUG(); 1004 } 1005 1006 return ret; 1007 } 1008 1009 static struct nlattr *find_dump_kind(const struct nlmsghdr *n) 1010 { 1011 struct nlattr *tb1, *tb2[TCA_ACT_MAX + 1]; 1012 struct nlattr *tb[TCA_ACT_MAX_PRIO + 1]; 1013 struct nlattr *nla[TCAA_MAX + 1]; 1014 struct nlattr *kind; 1015 1016 if (nlmsg_parse(n, sizeof(struct tcamsg), nla, TCAA_MAX, NULL) < 0) 1017 return NULL; 1018 tb1 = nla[TCA_ACT_TAB]; 1019 if (tb1 == NULL) 1020 return NULL; 1021 1022 if (nla_parse(tb, TCA_ACT_MAX_PRIO, nla_data(tb1), 1023 NLMSG_ALIGN(nla_len(tb1)), NULL) < 0) 1024 return NULL; 1025 1026 if (tb[1] == NULL) 1027 return NULL; 1028 if (nla_parse_nested(tb2, TCA_ACT_MAX, tb[1], NULL) < 0) 1029 return NULL; 1030 kind = tb2[TCA_ACT_KIND]; 1031 1032 return kind; 1033 } 1034 1035 static int tc_dump_action(struct sk_buff *skb, struct netlink_callback *cb) 1036 { 1037 struct net *net = sock_net(skb->sk); 1038 struct nlmsghdr *nlh; 1039 unsigned char *b = skb_tail_pointer(skb); 1040 struct nlattr *nest; 1041 struct tc_action_ops *a_o; 1042 int ret = 0; 1043 struct tcamsg *t = (struct tcamsg *) nlmsg_data(cb->nlh); 1044 struct nlattr *kind = find_dump_kind(cb->nlh); 1045 1046 if (kind == NULL) { 1047 pr_info("tc_dump_action: action bad kind\n"); 1048 return 0; 1049 } 1050 1051 a_o = tc_lookup_action(kind); 1052 if (a_o == NULL) 1053 return 0; 1054 1055 nlh = nlmsg_put(skb, NETLINK_CB(cb->skb).portid, cb->nlh->nlmsg_seq, 1056 cb->nlh->nlmsg_type, sizeof(*t), 0); 1057 if (!nlh) 1058 goto out_module_put; 1059 t = nlmsg_data(nlh); 1060 t->tca_family = AF_UNSPEC; 1061 t->tca__pad1 = 0; 1062 t->tca__pad2 = 0; 1063 1064 nest = nla_nest_start(skb, TCA_ACT_TAB); 1065 if (nest == NULL) 1066 goto out_module_put; 1067 1068 ret = a_o->walk(net, skb, cb, RTM_GETACTION, a_o); 1069 if (ret < 0) 1070 goto out_module_put; 1071 1072 if (ret > 0) { 1073 nla_nest_end(skb, nest); 1074 ret = skb->len; 1075 } else 1076 nlmsg_trim(skb, b); 1077 1078 nlh->nlmsg_len = skb_tail_pointer(skb) - b; 1079 if (NETLINK_CB(cb->skb).portid && ret) 1080 nlh->nlmsg_flags |= NLM_F_MULTI; 1081 module_put(a_o->owner); 1082 return skb->len; 1083 1084 out_module_put: 1085 module_put(a_o->owner); 1086 nlmsg_trim(skb, b); 1087 return skb->len; 1088 } 1089 1090 static int __init tc_action_init(void) 1091 { 1092 rtnl_register(PF_UNSPEC, RTM_NEWACTION, tc_ctl_action, NULL, NULL); 1093 rtnl_register(PF_UNSPEC, RTM_DELACTION, tc_ctl_action, NULL, NULL); 1094 rtnl_register(PF_UNSPEC, RTM_GETACTION, tc_ctl_action, tc_dump_action, 1095 NULL); 1096 1097 return 0; 1098 } 1099 1100 subsys_initcall(tc_action_init); 1101