1 /* 2 * net/sched/act_api.c Packet action API. 3 * 4 * This program is free software; you can redistribute it and/or 5 * modify it under the terms of the GNU General Public License 6 * as published by the Free Software Foundation; either version 7 * 2 of the License, or (at your option) any later version. 8 * 9 * Author: Jamal Hadi Salim 10 * 11 * 12 */ 13 14 #include <linux/types.h> 15 #include <linux/kernel.h> 16 #include <linux/string.h> 17 #include <linux/errno.h> 18 #include <linux/slab.h> 19 #include <linux/skbuff.h> 20 #include <linux/init.h> 21 #include <linux/kmod.h> 22 #include <linux/err.h> 23 #include <linux/module.h> 24 #include <net/net_namespace.h> 25 #include <net/sock.h> 26 #include <net/sch_generic.h> 27 #include <net/act_api.h> 28 #include <net/netlink.h> 29 30 void tcf_hash_destroy(struct tcf_common *p, struct tcf_hashinfo *hinfo) 31 { 32 unsigned int h = tcf_hash(p->tcfc_index, hinfo->hmask); 33 struct tcf_common **p1p; 34 35 for (p1p = &hinfo->htab[h]; *p1p; p1p = &(*p1p)->tcfc_next) { 36 if (*p1p == p) { 37 write_lock_bh(hinfo->lock); 38 *p1p = p->tcfc_next; 39 write_unlock_bh(hinfo->lock); 40 gen_kill_estimator(&p->tcfc_bstats, 41 &p->tcfc_rate_est); 42 /* 43 * gen_estimator est_timer() might access p->tcfc_lock 44 * or bstats, wait a RCU grace period before freeing p 45 */ 46 kfree_rcu(p, tcfc_rcu); 47 return; 48 } 49 } 50 WARN_ON(1); 51 } 52 EXPORT_SYMBOL(tcf_hash_destroy); 53 54 int tcf_hash_release(struct tcf_common *p, int bind, 55 struct tcf_hashinfo *hinfo) 56 { 57 int ret = 0; 58 59 if (p) { 60 if (bind) 61 p->tcfc_bindcnt--; 62 63 p->tcfc_refcnt--; 64 if (p->tcfc_bindcnt <= 0 && p->tcfc_refcnt <= 0) { 65 tcf_hash_destroy(p, hinfo); 66 ret = 1; 67 } 68 } 69 return ret; 70 } 71 EXPORT_SYMBOL(tcf_hash_release); 72 73 static int tcf_dump_walker(struct sk_buff *skb, struct netlink_callback *cb, 74 struct tc_action *a, struct tcf_hashinfo *hinfo) 75 { 76 struct tcf_common *p; 77 int err = 0, index = -1, i = 0, s_i = 0, n_i = 0; 78 struct nlattr *nest; 79 80 read_lock_bh(hinfo->lock); 81 82 s_i = cb->args[0]; 83 84 for (i = 0; i < (hinfo->hmask + 1); i++) { 85 p = hinfo->htab[tcf_hash(i, hinfo->hmask)]; 86 87 for (; p; p = p->tcfc_next) { 88 index++; 89 if (index < s_i) 90 continue; 91 a->priv = p; 92 a->order = n_i; 93 94 nest = nla_nest_start(skb, a->order); 95 if (nest == NULL) 96 goto nla_put_failure; 97 err = tcf_action_dump_1(skb, a, 0, 0); 98 if (err < 0) { 99 index--; 100 nlmsg_trim(skb, nest); 101 goto done; 102 } 103 nla_nest_end(skb, nest); 104 n_i++; 105 if (n_i >= TCA_ACT_MAX_PRIO) 106 goto done; 107 } 108 } 109 done: 110 read_unlock_bh(hinfo->lock); 111 if (n_i) 112 cb->args[0] += n_i; 113 return n_i; 114 115 nla_put_failure: 116 nla_nest_cancel(skb, nest); 117 goto done; 118 } 119 120 static int tcf_del_walker(struct sk_buff *skb, struct tc_action *a, 121 struct tcf_hashinfo *hinfo) 122 { 123 struct tcf_common *p, *s_p; 124 struct nlattr *nest; 125 int i = 0, n_i = 0; 126 127 nest = nla_nest_start(skb, a->order); 128 if (nest == NULL) 129 goto nla_put_failure; 130 if (nla_put_string(skb, TCA_KIND, a->ops->kind)) 131 goto nla_put_failure; 132 for (i = 0; i < (hinfo->hmask + 1); i++) { 133 p = hinfo->htab[tcf_hash(i, hinfo->hmask)]; 134 135 while (p != NULL) { 136 s_p = p->tcfc_next; 137 if (ACT_P_DELETED == tcf_hash_release(p, 0, hinfo)) 138 module_put(a->ops->owner); 139 n_i++; 140 p = s_p; 141 } 142 } 143 if (nla_put_u32(skb, TCA_FCNT, n_i)) 144 goto nla_put_failure; 145 nla_nest_end(skb, nest); 146 147 return n_i; 148 nla_put_failure: 149 nla_nest_cancel(skb, nest); 150 return -EINVAL; 151 } 152 153 int tcf_generic_walker(struct sk_buff *skb, struct netlink_callback *cb, 154 int type, struct tc_action *a) 155 { 156 struct tcf_hashinfo *hinfo = a->ops->hinfo; 157 158 if (type == RTM_DELACTION) { 159 return tcf_del_walker(skb, a, hinfo); 160 } else if (type == RTM_GETACTION) { 161 return tcf_dump_walker(skb, cb, a, hinfo); 162 } else { 163 WARN(1, "tcf_generic_walker: unknown action %d\n", type); 164 return -EINVAL; 165 } 166 } 167 EXPORT_SYMBOL(tcf_generic_walker); 168 169 struct tcf_common *tcf_hash_lookup(u32 index, struct tcf_hashinfo *hinfo) 170 { 171 struct tcf_common *p; 172 173 read_lock_bh(hinfo->lock); 174 for (p = hinfo->htab[tcf_hash(index, hinfo->hmask)]; p; 175 p = p->tcfc_next) { 176 if (p->tcfc_index == index) 177 break; 178 } 179 read_unlock_bh(hinfo->lock); 180 181 return p; 182 } 183 EXPORT_SYMBOL(tcf_hash_lookup); 184 185 u32 tcf_hash_new_index(u32 *idx_gen, struct tcf_hashinfo *hinfo) 186 { 187 u32 val = *idx_gen; 188 189 do { 190 if (++val == 0) 191 val = 1; 192 } while (tcf_hash_lookup(val, hinfo)); 193 194 return (*idx_gen = val); 195 } 196 EXPORT_SYMBOL(tcf_hash_new_index); 197 198 int tcf_hash_search(struct tc_action *a, u32 index) 199 { 200 struct tcf_hashinfo *hinfo = a->ops->hinfo; 201 struct tcf_common *p = tcf_hash_lookup(index, hinfo); 202 203 if (p) { 204 a->priv = p; 205 return 1; 206 } 207 return 0; 208 } 209 EXPORT_SYMBOL(tcf_hash_search); 210 211 struct tcf_common *tcf_hash_check(u32 index, struct tc_action *a, int bind, 212 struct tcf_hashinfo *hinfo) 213 { 214 struct tcf_common *p = NULL; 215 if (index && (p = tcf_hash_lookup(index, hinfo)) != NULL) { 216 if (bind) 217 p->tcfc_bindcnt++; 218 p->tcfc_refcnt++; 219 a->priv = p; 220 } 221 return p; 222 } 223 EXPORT_SYMBOL(tcf_hash_check); 224 225 struct tcf_common *tcf_hash_create(u32 index, struct nlattr *est, 226 struct tc_action *a, int size, int bind, 227 u32 *idx_gen, struct tcf_hashinfo *hinfo) 228 { 229 struct tcf_common *p = kzalloc(size, GFP_KERNEL); 230 231 if (unlikely(!p)) 232 return ERR_PTR(-ENOMEM); 233 p->tcfc_refcnt = 1; 234 if (bind) 235 p->tcfc_bindcnt = 1; 236 237 spin_lock_init(&p->tcfc_lock); 238 p->tcfc_index = index ? index : tcf_hash_new_index(idx_gen, hinfo); 239 p->tcfc_tm.install = jiffies; 240 p->tcfc_tm.lastuse = jiffies; 241 if (est) { 242 int err = gen_new_estimator(&p->tcfc_bstats, &p->tcfc_rate_est, 243 &p->tcfc_lock, est); 244 if (err) { 245 kfree(p); 246 return ERR_PTR(err); 247 } 248 } 249 250 a->priv = (void *) p; 251 return p; 252 } 253 EXPORT_SYMBOL(tcf_hash_create); 254 255 void tcf_hash_insert(struct tcf_common *p, struct tcf_hashinfo *hinfo) 256 { 257 unsigned int h = tcf_hash(p->tcfc_index, hinfo->hmask); 258 259 write_lock_bh(hinfo->lock); 260 p->tcfc_next = hinfo->htab[h]; 261 hinfo->htab[h] = p; 262 write_unlock_bh(hinfo->lock); 263 } 264 EXPORT_SYMBOL(tcf_hash_insert); 265 266 static struct tc_action_ops *act_base = NULL; 267 static DEFINE_RWLOCK(act_mod_lock); 268 269 int tcf_register_action(struct tc_action_ops *act) 270 { 271 struct tc_action_ops *a, **ap; 272 273 /* Must supply act, dump, cleanup and init */ 274 if (!act->act || !act->dump || !act->cleanup || !act->init) 275 return -EINVAL; 276 277 /* Supply defaults */ 278 if (!act->lookup) 279 act->lookup = tcf_hash_search; 280 if (!act->walk) 281 act->walk = tcf_generic_walker; 282 283 write_lock(&act_mod_lock); 284 for (ap = &act_base; (a = *ap) != NULL; ap = &a->next) { 285 if (act->type == a->type || (strcmp(act->kind, a->kind) == 0)) { 286 write_unlock(&act_mod_lock); 287 return -EEXIST; 288 } 289 } 290 act->next = NULL; 291 *ap = act; 292 write_unlock(&act_mod_lock); 293 return 0; 294 } 295 EXPORT_SYMBOL(tcf_register_action); 296 297 int tcf_unregister_action(struct tc_action_ops *act) 298 { 299 struct tc_action_ops *a, **ap; 300 int err = -ENOENT; 301 302 write_lock(&act_mod_lock); 303 for (ap = &act_base; (a = *ap) != NULL; ap = &a->next) 304 if (a == act) 305 break; 306 if (a) { 307 *ap = a->next; 308 a->next = NULL; 309 err = 0; 310 } 311 write_unlock(&act_mod_lock); 312 return err; 313 } 314 EXPORT_SYMBOL(tcf_unregister_action); 315 316 /* lookup by name */ 317 static struct tc_action_ops *tc_lookup_action_n(char *kind) 318 { 319 struct tc_action_ops *a = NULL; 320 321 if (kind) { 322 read_lock(&act_mod_lock); 323 for (a = act_base; a; a = a->next) { 324 if (strcmp(kind, a->kind) == 0) { 325 if (!try_module_get(a->owner)) { 326 read_unlock(&act_mod_lock); 327 return NULL; 328 } 329 break; 330 } 331 } 332 read_unlock(&act_mod_lock); 333 } 334 return a; 335 } 336 337 /* lookup by nlattr */ 338 static struct tc_action_ops *tc_lookup_action(struct nlattr *kind) 339 { 340 struct tc_action_ops *a = NULL; 341 342 if (kind) { 343 read_lock(&act_mod_lock); 344 for (a = act_base; a; a = a->next) { 345 if (nla_strcmp(kind, a->kind) == 0) { 346 if (!try_module_get(a->owner)) { 347 read_unlock(&act_mod_lock); 348 return NULL; 349 } 350 break; 351 } 352 } 353 read_unlock(&act_mod_lock); 354 } 355 return a; 356 } 357 358 #if 0 359 /* lookup by id */ 360 static struct tc_action_ops *tc_lookup_action_id(u32 type) 361 { 362 struct tc_action_ops *a = NULL; 363 364 if (type) { 365 read_lock(&act_mod_lock); 366 for (a = act_base; a; a = a->next) { 367 if (a->type == type) { 368 if (!try_module_get(a->owner)) { 369 read_unlock(&act_mod_lock); 370 return NULL; 371 } 372 break; 373 } 374 } 375 read_unlock(&act_mod_lock); 376 } 377 return a; 378 } 379 #endif 380 381 int tcf_action_exec(struct sk_buff *skb, const struct tc_action *act, 382 struct tcf_result *res) 383 { 384 const struct tc_action *a; 385 int ret = -1; 386 387 if (skb->tc_verd & TC_NCLS) { 388 skb->tc_verd = CLR_TC_NCLS(skb->tc_verd); 389 ret = TC_ACT_OK; 390 goto exec_done; 391 } 392 while ((a = act) != NULL) { 393 repeat: 394 if (a->ops) { 395 ret = a->ops->act(skb, a, res); 396 if (TC_MUNGED & skb->tc_verd) { 397 /* copied already, allow trampling */ 398 skb->tc_verd = SET_TC_OK2MUNGE(skb->tc_verd); 399 skb->tc_verd = CLR_TC_MUNGED(skb->tc_verd); 400 } 401 if (ret == TC_ACT_REPEAT) 402 goto repeat; /* we need a ttl - JHS */ 403 if (ret != TC_ACT_PIPE) 404 goto exec_done; 405 } 406 act = a->next; 407 } 408 exec_done: 409 return ret; 410 } 411 EXPORT_SYMBOL(tcf_action_exec); 412 413 void tcf_action_destroy(struct tc_action *act, int bind) 414 { 415 struct tc_action *a; 416 417 for (a = act; a; a = act) { 418 if (a->ops) { 419 if (a->ops->cleanup(a, bind) == ACT_P_DELETED) 420 module_put(a->ops->owner); 421 act = act->next; 422 kfree(a); 423 } else { 424 /*FIXME: Remove later - catch insertion bugs*/ 425 WARN(1, "tcf_action_destroy: BUG? destroying NULL ops\n"); 426 act = act->next; 427 kfree(a); 428 } 429 } 430 } 431 432 int 433 tcf_action_dump_old(struct sk_buff *skb, struct tc_action *a, int bind, int ref) 434 { 435 int err = -EINVAL; 436 437 if (a->ops == NULL) 438 return err; 439 return a->ops->dump(skb, a, bind, ref); 440 } 441 442 int 443 tcf_action_dump_1(struct sk_buff *skb, struct tc_action *a, int bind, int ref) 444 { 445 int err = -EINVAL; 446 unsigned char *b = skb_tail_pointer(skb); 447 struct nlattr *nest; 448 449 if (a->ops == NULL) 450 return err; 451 452 if (nla_put_string(skb, TCA_KIND, a->ops->kind)) 453 goto nla_put_failure; 454 if (tcf_action_copy_stats(skb, a, 0)) 455 goto nla_put_failure; 456 nest = nla_nest_start(skb, TCA_OPTIONS); 457 if (nest == NULL) 458 goto nla_put_failure; 459 err = tcf_action_dump_old(skb, a, bind, ref); 460 if (err > 0) { 461 nla_nest_end(skb, nest); 462 return err; 463 } 464 465 nla_put_failure: 466 nlmsg_trim(skb, b); 467 return -1; 468 } 469 EXPORT_SYMBOL(tcf_action_dump_1); 470 471 int 472 tcf_action_dump(struct sk_buff *skb, struct tc_action *act, int bind, int ref) 473 { 474 struct tc_action *a; 475 int err = -EINVAL; 476 struct nlattr *nest; 477 478 while ((a = act) != NULL) { 479 act = a->next; 480 nest = nla_nest_start(skb, a->order); 481 if (nest == NULL) 482 goto nla_put_failure; 483 err = tcf_action_dump_1(skb, a, bind, ref); 484 if (err < 0) 485 goto errout; 486 nla_nest_end(skb, nest); 487 } 488 489 return 0; 490 491 nla_put_failure: 492 err = -EINVAL; 493 errout: 494 nla_nest_cancel(skb, nest); 495 return err; 496 } 497 498 struct tc_action *tcf_action_init_1(struct net *net, struct nlattr *nla, 499 struct nlattr *est, char *name, int ovr, 500 int bind) 501 { 502 struct tc_action *a; 503 struct tc_action_ops *a_o; 504 char act_name[IFNAMSIZ]; 505 struct nlattr *tb[TCA_ACT_MAX + 1]; 506 struct nlattr *kind; 507 int err; 508 509 if (name == NULL) { 510 err = nla_parse_nested(tb, TCA_ACT_MAX, nla, NULL); 511 if (err < 0) 512 goto err_out; 513 err = -EINVAL; 514 kind = tb[TCA_ACT_KIND]; 515 if (kind == NULL) 516 goto err_out; 517 if (nla_strlcpy(act_name, kind, IFNAMSIZ) >= IFNAMSIZ) 518 goto err_out; 519 } else { 520 err = -EINVAL; 521 if (strlcpy(act_name, name, IFNAMSIZ) >= IFNAMSIZ) 522 goto err_out; 523 } 524 525 a_o = tc_lookup_action_n(act_name); 526 if (a_o == NULL) { 527 #ifdef CONFIG_MODULES 528 rtnl_unlock(); 529 request_module("act_%s", act_name); 530 rtnl_lock(); 531 532 a_o = tc_lookup_action_n(act_name); 533 534 /* We dropped the RTNL semaphore in order to 535 * perform the module load. So, even if we 536 * succeeded in loading the module we have to 537 * tell the caller to replay the request. We 538 * indicate this using -EAGAIN. 539 */ 540 if (a_o != NULL) { 541 err = -EAGAIN; 542 goto err_mod; 543 } 544 #endif 545 err = -ENOENT; 546 goto err_out; 547 } 548 549 err = -ENOMEM; 550 a = kzalloc(sizeof(*a), GFP_KERNEL); 551 if (a == NULL) 552 goto err_mod; 553 554 /* backward compatibility for policer */ 555 if (name == NULL) 556 err = a_o->init(net, tb[TCA_ACT_OPTIONS], est, a, ovr, bind); 557 else 558 err = a_o->init(net, nla, est, a, ovr, bind); 559 if (err < 0) 560 goto err_free; 561 562 /* module count goes up only when brand new policy is created 563 * if it exists and is only bound to in a_o->init() then 564 * ACT_P_CREATED is not returned (a zero is). 565 */ 566 if (err != ACT_P_CREATED) 567 module_put(a_o->owner); 568 a->ops = a_o; 569 570 return a; 571 572 err_free: 573 kfree(a); 574 err_mod: 575 module_put(a_o->owner); 576 err_out: 577 return ERR_PTR(err); 578 } 579 580 struct tc_action *tcf_action_init(struct net *net, struct nlattr *nla, 581 struct nlattr *est, char *name, int ovr, 582 int bind) 583 { 584 struct nlattr *tb[TCA_ACT_MAX_PRIO + 1]; 585 struct tc_action *head = NULL, *act, *act_prev = NULL; 586 int err; 587 int i; 588 589 err = nla_parse_nested(tb, TCA_ACT_MAX_PRIO, nla, NULL); 590 if (err < 0) 591 return ERR_PTR(err); 592 593 for (i = 1; i <= TCA_ACT_MAX_PRIO && tb[i]; i++) { 594 act = tcf_action_init_1(net, tb[i], est, name, ovr, bind); 595 if (IS_ERR(act)) 596 goto err; 597 act->order = i; 598 599 if (head == NULL) 600 head = act; 601 else 602 act_prev->next = act; 603 act_prev = act; 604 } 605 return head; 606 607 err: 608 if (head != NULL) 609 tcf_action_destroy(head, bind); 610 return act; 611 } 612 613 int tcf_action_copy_stats(struct sk_buff *skb, struct tc_action *a, 614 int compat_mode) 615 { 616 int err = 0; 617 struct gnet_dump d; 618 struct tcf_act_hdr *h = a->priv; 619 620 if (h == NULL) 621 goto errout; 622 623 /* compat_mode being true specifies a call that is supposed 624 * to add additional backward compatibility statistic TLVs. 625 */ 626 if (compat_mode) { 627 if (a->type == TCA_OLD_COMPAT) 628 err = gnet_stats_start_copy_compat(skb, 0, 629 TCA_STATS, TCA_XSTATS, &h->tcf_lock, &d); 630 else 631 return 0; 632 } else 633 err = gnet_stats_start_copy(skb, TCA_ACT_STATS, 634 &h->tcf_lock, &d); 635 636 if (err < 0) 637 goto errout; 638 639 if (a->ops != NULL && a->ops->get_stats != NULL) 640 if (a->ops->get_stats(skb, a) < 0) 641 goto errout; 642 643 if (gnet_stats_copy_basic(&d, &h->tcf_bstats) < 0 || 644 gnet_stats_copy_rate_est(&d, &h->tcf_bstats, 645 &h->tcf_rate_est) < 0 || 646 gnet_stats_copy_queue(&d, &h->tcf_qstats) < 0) 647 goto errout; 648 649 if (gnet_stats_finish_copy(&d) < 0) 650 goto errout; 651 652 return 0; 653 654 errout: 655 return -1; 656 } 657 658 static int 659 tca_get_fill(struct sk_buff *skb, struct tc_action *a, u32 portid, u32 seq, 660 u16 flags, int event, int bind, int ref) 661 { 662 struct tcamsg *t; 663 struct nlmsghdr *nlh; 664 unsigned char *b = skb_tail_pointer(skb); 665 struct nlattr *nest; 666 667 nlh = nlmsg_put(skb, portid, seq, event, sizeof(*t), flags); 668 if (!nlh) 669 goto out_nlmsg_trim; 670 t = nlmsg_data(nlh); 671 t->tca_family = AF_UNSPEC; 672 t->tca__pad1 = 0; 673 t->tca__pad2 = 0; 674 675 nest = nla_nest_start(skb, TCA_ACT_TAB); 676 if (nest == NULL) 677 goto out_nlmsg_trim; 678 679 if (tcf_action_dump(skb, a, bind, ref) < 0) 680 goto out_nlmsg_trim; 681 682 nla_nest_end(skb, nest); 683 684 nlh->nlmsg_len = skb_tail_pointer(skb) - b; 685 return skb->len; 686 687 out_nlmsg_trim: 688 nlmsg_trim(skb, b); 689 return -1; 690 } 691 692 static int 693 act_get_notify(struct net *net, u32 portid, struct nlmsghdr *n, 694 struct tc_action *a, int event) 695 { 696 struct sk_buff *skb; 697 698 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL); 699 if (!skb) 700 return -ENOBUFS; 701 if (tca_get_fill(skb, a, portid, n->nlmsg_seq, 0, event, 0, 0) <= 0) { 702 kfree_skb(skb); 703 return -EINVAL; 704 } 705 706 return rtnl_unicast(skb, net, portid); 707 } 708 709 static struct tc_action * 710 tcf_action_get_1(struct nlattr *nla, struct nlmsghdr *n, u32 portid) 711 { 712 struct nlattr *tb[TCA_ACT_MAX + 1]; 713 struct tc_action *a; 714 int index; 715 int err; 716 717 err = nla_parse_nested(tb, TCA_ACT_MAX, nla, NULL); 718 if (err < 0) 719 goto err_out; 720 721 err = -EINVAL; 722 if (tb[TCA_ACT_INDEX] == NULL || 723 nla_len(tb[TCA_ACT_INDEX]) < sizeof(index)) 724 goto err_out; 725 index = nla_get_u32(tb[TCA_ACT_INDEX]); 726 727 err = -ENOMEM; 728 a = kzalloc(sizeof(struct tc_action), GFP_KERNEL); 729 if (a == NULL) 730 goto err_out; 731 732 err = -EINVAL; 733 a->ops = tc_lookup_action(tb[TCA_ACT_KIND]); 734 if (a->ops == NULL) 735 goto err_free; 736 err = -ENOENT; 737 if (a->ops->lookup(a, index) == 0) 738 goto err_mod; 739 740 module_put(a->ops->owner); 741 return a; 742 743 err_mod: 744 module_put(a->ops->owner); 745 err_free: 746 kfree(a); 747 err_out: 748 return ERR_PTR(err); 749 } 750 751 static void cleanup_a(struct tc_action *act) 752 { 753 struct tc_action *a; 754 755 for (a = act; a; a = act) { 756 act = a->next; 757 kfree(a); 758 } 759 } 760 761 static struct tc_action *create_a(int i) 762 { 763 struct tc_action *act; 764 765 act = kzalloc(sizeof(*act), GFP_KERNEL); 766 if (act == NULL) { 767 pr_debug("create_a: failed to alloc!\n"); 768 return NULL; 769 } 770 act->order = i; 771 return act; 772 } 773 774 static int tca_action_flush(struct net *net, struct nlattr *nla, 775 struct nlmsghdr *n, u32 portid) 776 { 777 struct sk_buff *skb; 778 unsigned char *b; 779 struct nlmsghdr *nlh; 780 struct tcamsg *t; 781 struct netlink_callback dcb; 782 struct nlattr *nest; 783 struct nlattr *tb[TCA_ACT_MAX + 1]; 784 struct nlattr *kind; 785 struct tc_action *a = create_a(0); 786 int err = -ENOMEM; 787 788 if (a == NULL) { 789 pr_debug("tca_action_flush: couldnt create tc_action\n"); 790 return err; 791 } 792 793 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL); 794 if (!skb) { 795 pr_debug("tca_action_flush: failed skb alloc\n"); 796 kfree(a); 797 return err; 798 } 799 800 b = skb_tail_pointer(skb); 801 802 err = nla_parse_nested(tb, TCA_ACT_MAX, nla, NULL); 803 if (err < 0) 804 goto err_out; 805 806 err = -EINVAL; 807 kind = tb[TCA_ACT_KIND]; 808 a->ops = tc_lookup_action(kind); 809 if (a->ops == NULL) 810 goto err_out; 811 812 nlh = nlmsg_put(skb, portid, n->nlmsg_seq, RTM_DELACTION, sizeof(*t), 0); 813 if (!nlh) 814 goto out_module_put; 815 t = nlmsg_data(nlh); 816 t->tca_family = AF_UNSPEC; 817 t->tca__pad1 = 0; 818 t->tca__pad2 = 0; 819 820 nest = nla_nest_start(skb, TCA_ACT_TAB); 821 if (nest == NULL) 822 goto out_module_put; 823 824 err = a->ops->walk(skb, &dcb, RTM_DELACTION, a); 825 if (err < 0) 826 goto out_module_put; 827 if (err == 0) 828 goto noflush_out; 829 830 nla_nest_end(skb, nest); 831 832 nlh->nlmsg_len = skb_tail_pointer(skb) - b; 833 nlh->nlmsg_flags |= NLM_F_ROOT; 834 module_put(a->ops->owner); 835 kfree(a); 836 err = rtnetlink_send(skb, net, portid, RTNLGRP_TC, 837 n->nlmsg_flags & NLM_F_ECHO); 838 if (err > 0) 839 return 0; 840 841 return err; 842 843 out_module_put: 844 module_put(a->ops->owner); 845 err_out: 846 noflush_out: 847 kfree_skb(skb); 848 kfree(a); 849 return err; 850 } 851 852 static int 853 tca_action_gd(struct net *net, struct nlattr *nla, struct nlmsghdr *n, 854 u32 portid, int event) 855 { 856 int i, ret; 857 struct nlattr *tb[TCA_ACT_MAX_PRIO + 1]; 858 struct tc_action *head = NULL, *act, *act_prev = NULL; 859 860 ret = nla_parse_nested(tb, TCA_ACT_MAX_PRIO, nla, NULL); 861 if (ret < 0) 862 return ret; 863 864 if (event == RTM_DELACTION && n->nlmsg_flags & NLM_F_ROOT) { 865 if (tb[1] != NULL) 866 return tca_action_flush(net, tb[1], n, portid); 867 else 868 return -EINVAL; 869 } 870 871 for (i = 1; i <= TCA_ACT_MAX_PRIO && tb[i]; i++) { 872 act = tcf_action_get_1(tb[i], n, portid); 873 if (IS_ERR(act)) { 874 ret = PTR_ERR(act); 875 goto err; 876 } 877 act->order = i; 878 879 if (head == NULL) 880 head = act; 881 else 882 act_prev->next = act; 883 act_prev = act; 884 } 885 886 if (event == RTM_GETACTION) 887 ret = act_get_notify(net, portid, n, head, event); 888 else { /* delete */ 889 struct sk_buff *skb; 890 891 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL); 892 if (!skb) { 893 ret = -ENOBUFS; 894 goto err; 895 } 896 897 if (tca_get_fill(skb, head, portid, n->nlmsg_seq, 0, event, 898 0, 1) <= 0) { 899 kfree_skb(skb); 900 ret = -EINVAL; 901 goto err; 902 } 903 904 /* now do the delete */ 905 tcf_action_destroy(head, 0); 906 ret = rtnetlink_send(skb, net, portid, RTNLGRP_TC, 907 n->nlmsg_flags & NLM_F_ECHO); 908 if (ret > 0) 909 return 0; 910 return ret; 911 } 912 err: 913 cleanup_a(head); 914 return ret; 915 } 916 917 static int tcf_add_notify(struct net *net, struct tc_action *a, 918 u32 portid, u32 seq, int event, u16 flags) 919 { 920 struct tcamsg *t; 921 struct nlmsghdr *nlh; 922 struct sk_buff *skb; 923 struct nlattr *nest; 924 unsigned char *b; 925 int err = 0; 926 927 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL); 928 if (!skb) 929 return -ENOBUFS; 930 931 b = skb_tail_pointer(skb); 932 933 nlh = nlmsg_put(skb, portid, seq, event, sizeof(*t), flags); 934 if (!nlh) 935 goto out_kfree_skb; 936 t = nlmsg_data(nlh); 937 t->tca_family = AF_UNSPEC; 938 t->tca__pad1 = 0; 939 t->tca__pad2 = 0; 940 941 nest = nla_nest_start(skb, TCA_ACT_TAB); 942 if (nest == NULL) 943 goto out_kfree_skb; 944 945 if (tcf_action_dump(skb, a, 0, 0) < 0) 946 goto out_kfree_skb; 947 948 nla_nest_end(skb, nest); 949 950 nlh->nlmsg_len = skb_tail_pointer(skb) - b; 951 NETLINK_CB(skb).dst_group = RTNLGRP_TC; 952 953 err = rtnetlink_send(skb, net, portid, RTNLGRP_TC, flags & NLM_F_ECHO); 954 if (err > 0) 955 err = 0; 956 return err; 957 958 out_kfree_skb: 959 kfree_skb(skb); 960 return -1; 961 } 962 963 964 static int 965 tcf_action_add(struct net *net, struct nlattr *nla, struct nlmsghdr *n, 966 u32 portid, int ovr) 967 { 968 int ret = 0; 969 struct tc_action *act; 970 struct tc_action *a; 971 u32 seq = n->nlmsg_seq; 972 973 act = tcf_action_init(net, nla, NULL, NULL, ovr, 0); 974 if (act == NULL) 975 goto done; 976 if (IS_ERR(act)) { 977 ret = PTR_ERR(act); 978 goto done; 979 } 980 981 /* dump then free all the actions after update; inserted policy 982 * stays intact 983 */ 984 ret = tcf_add_notify(net, act, portid, seq, RTM_NEWACTION, n->nlmsg_flags); 985 for (a = act; a; a = act) { 986 act = a->next; 987 kfree(a); 988 } 989 done: 990 return ret; 991 } 992 993 static int tc_ctl_action(struct sk_buff *skb, struct nlmsghdr *n) 994 { 995 struct net *net = sock_net(skb->sk); 996 struct nlattr *tca[TCA_ACT_MAX + 1]; 997 u32 portid = skb ? NETLINK_CB(skb).portid : 0; 998 int ret = 0, ovr = 0; 999 1000 if ((n->nlmsg_type != RTM_GETACTION) && !capable(CAP_NET_ADMIN)) 1001 return -EPERM; 1002 1003 ret = nlmsg_parse(n, sizeof(struct tcamsg), tca, TCA_ACT_MAX, NULL); 1004 if (ret < 0) 1005 return ret; 1006 1007 if (tca[TCA_ACT_TAB] == NULL) { 1008 pr_notice("tc_ctl_action: received NO action attribs\n"); 1009 return -EINVAL; 1010 } 1011 1012 /* n->nlmsg_flags & NLM_F_CREATE */ 1013 switch (n->nlmsg_type) { 1014 case RTM_NEWACTION: 1015 /* we are going to assume all other flags 1016 * imply create only if it doesn't exist 1017 * Note that CREATE | EXCL implies that 1018 * but since we want avoid ambiguity (eg when flags 1019 * is zero) then just set this 1020 */ 1021 if (n->nlmsg_flags & NLM_F_REPLACE) 1022 ovr = 1; 1023 replay: 1024 ret = tcf_action_add(net, tca[TCA_ACT_TAB], n, portid, ovr); 1025 if (ret == -EAGAIN) 1026 goto replay; 1027 break; 1028 case RTM_DELACTION: 1029 ret = tca_action_gd(net, tca[TCA_ACT_TAB], n, 1030 portid, RTM_DELACTION); 1031 break; 1032 case RTM_GETACTION: 1033 ret = tca_action_gd(net, tca[TCA_ACT_TAB], n, 1034 portid, RTM_GETACTION); 1035 break; 1036 default: 1037 BUG(); 1038 } 1039 1040 return ret; 1041 } 1042 1043 static struct nlattr * 1044 find_dump_kind(const struct nlmsghdr *n) 1045 { 1046 struct nlattr *tb1, *tb2[TCA_ACT_MAX + 1]; 1047 struct nlattr *tb[TCA_ACT_MAX_PRIO + 1]; 1048 struct nlattr *nla[TCAA_MAX + 1]; 1049 struct nlattr *kind; 1050 1051 if (nlmsg_parse(n, sizeof(struct tcamsg), nla, TCAA_MAX, NULL) < 0) 1052 return NULL; 1053 tb1 = nla[TCA_ACT_TAB]; 1054 if (tb1 == NULL) 1055 return NULL; 1056 1057 if (nla_parse(tb, TCA_ACT_MAX_PRIO, nla_data(tb1), 1058 NLMSG_ALIGN(nla_len(tb1)), NULL) < 0) 1059 return NULL; 1060 1061 if (tb[1] == NULL) 1062 return NULL; 1063 if (nla_parse(tb2, TCA_ACT_MAX, nla_data(tb[1]), 1064 nla_len(tb[1]), NULL) < 0) 1065 return NULL; 1066 kind = tb2[TCA_ACT_KIND]; 1067 1068 return kind; 1069 } 1070 1071 static int 1072 tc_dump_action(struct sk_buff *skb, struct netlink_callback *cb) 1073 { 1074 struct nlmsghdr *nlh; 1075 unsigned char *b = skb_tail_pointer(skb); 1076 struct nlattr *nest; 1077 struct tc_action_ops *a_o; 1078 struct tc_action a; 1079 int ret = 0; 1080 struct tcamsg *t = (struct tcamsg *) nlmsg_data(cb->nlh); 1081 struct nlattr *kind = find_dump_kind(cb->nlh); 1082 1083 if (kind == NULL) { 1084 pr_info("tc_dump_action: action bad kind\n"); 1085 return 0; 1086 } 1087 1088 a_o = tc_lookup_action(kind); 1089 if (a_o == NULL) 1090 return 0; 1091 1092 memset(&a, 0, sizeof(struct tc_action)); 1093 a.ops = a_o; 1094 1095 nlh = nlmsg_put(skb, NETLINK_CB(cb->skb).portid, cb->nlh->nlmsg_seq, 1096 cb->nlh->nlmsg_type, sizeof(*t), 0); 1097 if (!nlh) 1098 goto out_module_put; 1099 t = nlmsg_data(nlh); 1100 t->tca_family = AF_UNSPEC; 1101 t->tca__pad1 = 0; 1102 t->tca__pad2 = 0; 1103 1104 nest = nla_nest_start(skb, TCA_ACT_TAB); 1105 if (nest == NULL) 1106 goto out_module_put; 1107 1108 ret = a_o->walk(skb, cb, RTM_GETACTION, &a); 1109 if (ret < 0) 1110 goto out_module_put; 1111 1112 if (ret > 0) { 1113 nla_nest_end(skb, nest); 1114 ret = skb->len; 1115 } else 1116 nla_nest_cancel(skb, nest); 1117 1118 nlh->nlmsg_len = skb_tail_pointer(skb) - b; 1119 if (NETLINK_CB(cb->skb).portid && ret) 1120 nlh->nlmsg_flags |= NLM_F_MULTI; 1121 module_put(a_o->owner); 1122 return skb->len; 1123 1124 out_module_put: 1125 module_put(a_o->owner); 1126 nlmsg_trim(skb, b); 1127 return skb->len; 1128 } 1129 1130 static int __init tc_action_init(void) 1131 { 1132 rtnl_register(PF_UNSPEC, RTM_NEWACTION, tc_ctl_action, NULL, NULL); 1133 rtnl_register(PF_UNSPEC, RTM_DELACTION, tc_ctl_action, NULL, NULL); 1134 rtnl_register(PF_UNSPEC, RTM_GETACTION, tc_ctl_action, tc_dump_action, 1135 NULL); 1136 1137 return 0; 1138 } 1139 1140 subsys_initcall(tc_action_init); 1141