1 /* 2 * net/sched/act_api.c Packet action API. 3 * 4 * This program is free software; you can redistribute it and/or 5 * modify it under the terms of the GNU General Public License 6 * as published by the Free Software Foundation; either version 7 * 2 of the License, or (at your option) any later version. 8 * 9 * Author: Jamal Hadi Salim 10 * 11 * 12 */ 13 14 #include <linux/types.h> 15 #include <linux/kernel.h> 16 #include <linux/string.h> 17 #include <linux/errno.h> 18 #include <linux/slab.h> 19 #include <linux/skbuff.h> 20 #include <linux/init.h> 21 #include <linux/kmod.h> 22 #include <linux/err.h> 23 #include <linux/module.h> 24 #include <net/net_namespace.h> 25 #include <net/sock.h> 26 #include <net/sch_generic.h> 27 #include <net/act_api.h> 28 #include <net/netlink.h> 29 30 static void free_tcf(struct rcu_head *head) 31 { 32 struct tc_action *p = container_of(head, struct tc_action, tcfa_rcu); 33 34 free_percpu(p->cpu_bstats); 35 free_percpu(p->cpu_qstats); 36 kfree(p); 37 } 38 39 static void tcf_hash_destroy(struct tcf_hashinfo *hinfo, struct tc_action *p) 40 { 41 spin_lock_bh(&hinfo->lock); 42 hlist_del(&p->tcfa_head); 43 spin_unlock_bh(&hinfo->lock); 44 gen_kill_estimator(&p->tcfa_bstats, 45 &p->tcfa_rate_est); 46 /* 47 * gen_estimator est_timer() might access p->tcfa_lock 48 * or bstats, wait a RCU grace period before freeing p 49 */ 50 call_rcu(&p->tcfa_rcu, free_tcf); 51 } 52 53 int __tcf_hash_release(struct tc_action *p, bool bind, bool strict) 54 { 55 int ret = 0; 56 57 if (p) { 58 if (bind) 59 p->tcfa_bindcnt--; 60 else if (strict && p->tcfa_bindcnt > 0) 61 return -EPERM; 62 63 p->tcfa_refcnt--; 64 if (p->tcfa_bindcnt <= 0 && p->tcfa_refcnt <= 0) { 65 if (p->ops->cleanup) 66 p->ops->cleanup(p, bind); 67 tcf_hash_destroy(p->hinfo, p); 68 ret = ACT_P_DELETED; 69 } 70 } 71 72 return ret; 73 } 74 EXPORT_SYMBOL(__tcf_hash_release); 75 76 static int tcf_dump_walker(struct tcf_hashinfo *hinfo, struct sk_buff *skb, 77 struct netlink_callback *cb) 78 { 79 int err = 0, index = -1, i = 0, s_i = 0, n_i = 0; 80 struct nlattr *nest; 81 82 spin_lock_bh(&hinfo->lock); 83 84 s_i = cb->args[0]; 85 86 for (i = 0; i < (hinfo->hmask + 1); i++) { 87 struct hlist_head *head; 88 struct tc_action *p; 89 90 head = &hinfo->htab[tcf_hash(i, hinfo->hmask)]; 91 92 hlist_for_each_entry_rcu(p, head, tcfa_head) { 93 index++; 94 if (index < s_i) 95 continue; 96 97 nest = nla_nest_start(skb, n_i); 98 if (nest == NULL) 99 goto nla_put_failure; 100 err = tcf_action_dump_1(skb, p, 0, 0); 101 if (err < 0) { 102 index--; 103 nlmsg_trim(skb, nest); 104 goto done; 105 } 106 nla_nest_end(skb, nest); 107 n_i++; 108 if (n_i >= TCA_ACT_MAX_PRIO) 109 goto done; 110 } 111 } 112 done: 113 spin_unlock_bh(&hinfo->lock); 114 if (n_i) 115 cb->args[0] += n_i; 116 return n_i; 117 118 nla_put_failure: 119 nla_nest_cancel(skb, nest); 120 goto done; 121 } 122 123 static int tcf_del_walker(struct tcf_hashinfo *hinfo, struct sk_buff *skb, 124 const struct tc_action_ops *ops) 125 { 126 struct nlattr *nest; 127 int i = 0, n_i = 0; 128 int ret = -EINVAL; 129 130 nest = nla_nest_start(skb, 0); 131 if (nest == NULL) 132 goto nla_put_failure; 133 if (nla_put_string(skb, TCA_KIND, ops->kind)) 134 goto nla_put_failure; 135 for (i = 0; i < (hinfo->hmask + 1); i++) { 136 struct hlist_head *head; 137 struct hlist_node *n; 138 struct tc_action *p; 139 140 head = &hinfo->htab[tcf_hash(i, hinfo->hmask)]; 141 hlist_for_each_entry_safe(p, n, head, tcfa_head) { 142 ret = __tcf_hash_release(p, false, true); 143 if (ret == ACT_P_DELETED) { 144 module_put(p->ops->owner); 145 n_i++; 146 } else if (ret < 0) 147 goto nla_put_failure; 148 } 149 } 150 if (nla_put_u32(skb, TCA_FCNT, n_i)) 151 goto nla_put_failure; 152 nla_nest_end(skb, nest); 153 154 return n_i; 155 nla_put_failure: 156 nla_nest_cancel(skb, nest); 157 return ret; 158 } 159 160 int tcf_generic_walker(struct tc_action_net *tn, struct sk_buff *skb, 161 struct netlink_callback *cb, int type, 162 const struct tc_action_ops *ops) 163 { 164 struct tcf_hashinfo *hinfo = tn->hinfo; 165 166 if (type == RTM_DELACTION) { 167 return tcf_del_walker(hinfo, skb, ops); 168 } else if (type == RTM_GETACTION) { 169 return tcf_dump_walker(hinfo, skb, cb); 170 } else { 171 WARN(1, "tcf_generic_walker: unknown action %d\n", type); 172 return -EINVAL; 173 } 174 } 175 EXPORT_SYMBOL(tcf_generic_walker); 176 177 static struct tc_action *tcf_hash_lookup(u32 index, struct tcf_hashinfo *hinfo) 178 { 179 struct tc_action *p = NULL; 180 struct hlist_head *head; 181 182 spin_lock_bh(&hinfo->lock); 183 head = &hinfo->htab[tcf_hash(index, hinfo->hmask)]; 184 hlist_for_each_entry_rcu(p, head, tcfa_head) 185 if (p->tcfa_index == index) 186 break; 187 spin_unlock_bh(&hinfo->lock); 188 189 return p; 190 } 191 192 u32 tcf_hash_new_index(struct tc_action_net *tn) 193 { 194 struct tcf_hashinfo *hinfo = tn->hinfo; 195 u32 val = hinfo->index; 196 197 do { 198 if (++val == 0) 199 val = 1; 200 } while (tcf_hash_lookup(val, hinfo)); 201 202 hinfo->index = val; 203 return val; 204 } 205 EXPORT_SYMBOL(tcf_hash_new_index); 206 207 int tcf_hash_search(struct tc_action_net *tn, struct tc_action **a, u32 index) 208 { 209 struct tcf_hashinfo *hinfo = tn->hinfo; 210 struct tc_action *p = tcf_hash_lookup(index, hinfo); 211 212 if (p) { 213 *a = p; 214 return 1; 215 } 216 return 0; 217 } 218 EXPORT_SYMBOL(tcf_hash_search); 219 220 bool tcf_hash_check(struct tc_action_net *tn, u32 index, struct tc_action **a, 221 int bind) 222 { 223 struct tcf_hashinfo *hinfo = tn->hinfo; 224 struct tc_action *p = NULL; 225 226 if (index && (p = tcf_hash_lookup(index, hinfo)) != NULL) { 227 if (bind) 228 p->tcfa_bindcnt++; 229 p->tcfa_refcnt++; 230 *a = p; 231 return true; 232 } 233 return false; 234 } 235 EXPORT_SYMBOL(tcf_hash_check); 236 237 void tcf_hash_cleanup(struct tc_action *a, struct nlattr *est) 238 { 239 if (est) 240 gen_kill_estimator(&a->tcfa_bstats, 241 &a->tcfa_rate_est); 242 call_rcu(&a->tcfa_rcu, free_tcf); 243 } 244 EXPORT_SYMBOL(tcf_hash_cleanup); 245 246 int tcf_hash_create(struct tc_action_net *tn, u32 index, struct nlattr *est, 247 struct tc_action **a, const struct tc_action_ops *ops, 248 int bind, bool cpustats) 249 { 250 struct tc_action *p = kzalloc(ops->size, GFP_KERNEL); 251 struct tcf_hashinfo *hinfo = tn->hinfo; 252 int err = -ENOMEM; 253 254 if (unlikely(!p)) 255 return -ENOMEM; 256 p->tcfa_refcnt = 1; 257 if (bind) 258 p->tcfa_bindcnt = 1; 259 260 if (cpustats) { 261 p->cpu_bstats = netdev_alloc_pcpu_stats(struct gnet_stats_basic_cpu); 262 if (!p->cpu_bstats) { 263 err1: 264 kfree(p); 265 return err; 266 } 267 p->cpu_qstats = alloc_percpu(struct gnet_stats_queue); 268 if (!p->cpu_qstats) { 269 err2: 270 free_percpu(p->cpu_bstats); 271 goto err1; 272 } 273 } 274 spin_lock_init(&p->tcfa_lock); 275 INIT_HLIST_NODE(&p->tcfa_head); 276 p->tcfa_index = index ? index : tcf_hash_new_index(tn); 277 p->tcfa_tm.install = jiffies; 278 p->tcfa_tm.lastuse = jiffies; 279 p->tcfa_tm.firstuse = 0; 280 if (est) { 281 err = gen_new_estimator(&p->tcfa_bstats, p->cpu_bstats, 282 &p->tcfa_rate_est, 283 &p->tcfa_lock, NULL, est); 284 if (err) { 285 free_percpu(p->cpu_qstats); 286 goto err2; 287 } 288 } 289 290 p->hinfo = hinfo; 291 p->ops = ops; 292 INIT_LIST_HEAD(&p->list); 293 *a = p; 294 return 0; 295 } 296 EXPORT_SYMBOL(tcf_hash_create); 297 298 void tcf_hash_insert(struct tc_action_net *tn, struct tc_action *a) 299 { 300 struct tcf_hashinfo *hinfo = tn->hinfo; 301 unsigned int h = tcf_hash(a->tcfa_index, hinfo->hmask); 302 303 spin_lock_bh(&hinfo->lock); 304 hlist_add_head(&a->tcfa_head, &hinfo->htab[h]); 305 spin_unlock_bh(&hinfo->lock); 306 } 307 EXPORT_SYMBOL(tcf_hash_insert); 308 309 void tcf_hashinfo_destroy(const struct tc_action_ops *ops, 310 struct tcf_hashinfo *hinfo) 311 { 312 int i; 313 314 for (i = 0; i < hinfo->hmask + 1; i++) { 315 struct tc_action *p; 316 struct hlist_node *n; 317 318 hlist_for_each_entry_safe(p, n, &hinfo->htab[i], tcfa_head) { 319 int ret; 320 321 ret = __tcf_hash_release(p, false, true); 322 if (ret == ACT_P_DELETED) 323 module_put(ops->owner); 324 else if (ret < 0) 325 return; 326 } 327 } 328 kfree(hinfo->htab); 329 } 330 EXPORT_SYMBOL(tcf_hashinfo_destroy); 331 332 static LIST_HEAD(act_base); 333 static DEFINE_RWLOCK(act_mod_lock); 334 335 int tcf_register_action(struct tc_action_ops *act, 336 struct pernet_operations *ops) 337 { 338 struct tc_action_ops *a; 339 int ret; 340 341 if (!act->act || !act->dump || !act->init || !act->walk || !act->lookup) 342 return -EINVAL; 343 344 write_lock(&act_mod_lock); 345 list_for_each_entry(a, &act_base, head) { 346 if (act->type == a->type || (strcmp(act->kind, a->kind) == 0)) { 347 write_unlock(&act_mod_lock); 348 return -EEXIST; 349 } 350 } 351 list_add_tail(&act->head, &act_base); 352 write_unlock(&act_mod_lock); 353 354 ret = register_pernet_subsys(ops); 355 if (ret) { 356 tcf_unregister_action(act, ops); 357 return ret; 358 } 359 360 return 0; 361 } 362 EXPORT_SYMBOL(tcf_register_action); 363 364 int tcf_unregister_action(struct tc_action_ops *act, 365 struct pernet_operations *ops) 366 { 367 struct tc_action_ops *a; 368 int err = -ENOENT; 369 370 unregister_pernet_subsys(ops); 371 372 write_lock(&act_mod_lock); 373 list_for_each_entry(a, &act_base, head) { 374 if (a == act) { 375 list_del(&act->head); 376 err = 0; 377 break; 378 } 379 } 380 write_unlock(&act_mod_lock); 381 return err; 382 } 383 EXPORT_SYMBOL(tcf_unregister_action); 384 385 /* lookup by name */ 386 static struct tc_action_ops *tc_lookup_action_n(char *kind) 387 { 388 struct tc_action_ops *a, *res = NULL; 389 390 if (kind) { 391 read_lock(&act_mod_lock); 392 list_for_each_entry(a, &act_base, head) { 393 if (strcmp(kind, a->kind) == 0) { 394 if (try_module_get(a->owner)) 395 res = a; 396 break; 397 } 398 } 399 read_unlock(&act_mod_lock); 400 } 401 return res; 402 } 403 404 /* lookup by nlattr */ 405 static struct tc_action_ops *tc_lookup_action(struct nlattr *kind) 406 { 407 struct tc_action_ops *a, *res = NULL; 408 409 if (kind) { 410 read_lock(&act_mod_lock); 411 list_for_each_entry(a, &act_base, head) { 412 if (nla_strcmp(kind, a->kind) == 0) { 413 if (try_module_get(a->owner)) 414 res = a; 415 break; 416 } 417 } 418 read_unlock(&act_mod_lock); 419 } 420 return res; 421 } 422 423 int tcf_action_exec(struct sk_buff *skb, struct tc_action **actions, 424 int nr_actions, struct tcf_result *res) 425 { 426 int ret = -1, i; 427 428 if (skb->tc_verd & TC_NCLS) { 429 skb->tc_verd = CLR_TC_NCLS(skb->tc_verd); 430 ret = TC_ACT_OK; 431 goto exec_done; 432 } 433 for (i = 0; i < nr_actions; i++) { 434 const struct tc_action *a = actions[i]; 435 436 repeat: 437 ret = a->ops->act(skb, a, res); 438 if (ret == TC_ACT_REPEAT) 439 goto repeat; /* we need a ttl - JHS */ 440 if (ret != TC_ACT_PIPE) 441 goto exec_done; 442 } 443 exec_done: 444 return ret; 445 } 446 EXPORT_SYMBOL(tcf_action_exec); 447 448 int tcf_action_destroy(struct list_head *actions, int bind) 449 { 450 struct tc_action *a, *tmp; 451 int ret = 0; 452 453 list_for_each_entry_safe(a, tmp, actions, list) { 454 ret = __tcf_hash_release(a, bind, true); 455 if (ret == ACT_P_DELETED) 456 module_put(a->ops->owner); 457 else if (ret < 0) 458 return ret; 459 } 460 return ret; 461 } 462 463 int 464 tcf_action_dump_old(struct sk_buff *skb, struct tc_action *a, int bind, int ref) 465 { 466 return a->ops->dump(skb, a, bind, ref); 467 } 468 469 int 470 tcf_action_dump_1(struct sk_buff *skb, struct tc_action *a, int bind, int ref) 471 { 472 int err = -EINVAL; 473 unsigned char *b = skb_tail_pointer(skb); 474 struct nlattr *nest; 475 476 if (nla_put_string(skb, TCA_KIND, a->ops->kind)) 477 goto nla_put_failure; 478 if (tcf_action_copy_stats(skb, a, 0)) 479 goto nla_put_failure; 480 nest = nla_nest_start(skb, TCA_OPTIONS); 481 if (nest == NULL) 482 goto nla_put_failure; 483 err = tcf_action_dump_old(skb, a, bind, ref); 484 if (err > 0) { 485 nla_nest_end(skb, nest); 486 return err; 487 } 488 489 nla_put_failure: 490 nlmsg_trim(skb, b); 491 return -1; 492 } 493 EXPORT_SYMBOL(tcf_action_dump_1); 494 495 int tcf_action_dump(struct sk_buff *skb, struct list_head *actions, 496 int bind, int ref) 497 { 498 struct tc_action *a; 499 int err = -EINVAL; 500 struct nlattr *nest; 501 502 list_for_each_entry(a, actions, list) { 503 nest = nla_nest_start(skb, a->order); 504 if (nest == NULL) 505 goto nla_put_failure; 506 err = tcf_action_dump_1(skb, a, bind, ref); 507 if (err < 0) 508 goto errout; 509 nla_nest_end(skb, nest); 510 } 511 512 return 0; 513 514 nla_put_failure: 515 err = -EINVAL; 516 errout: 517 nla_nest_cancel(skb, nest); 518 return err; 519 } 520 521 struct tc_action *tcf_action_init_1(struct net *net, struct nlattr *nla, 522 struct nlattr *est, char *name, int ovr, 523 int bind) 524 { 525 struct tc_action *a; 526 struct tc_action_ops *a_o; 527 char act_name[IFNAMSIZ]; 528 struct nlattr *tb[TCA_ACT_MAX + 1]; 529 struct nlattr *kind; 530 int err; 531 532 if (name == NULL) { 533 err = nla_parse_nested(tb, TCA_ACT_MAX, nla, NULL); 534 if (err < 0) 535 goto err_out; 536 err = -EINVAL; 537 kind = tb[TCA_ACT_KIND]; 538 if (kind == NULL) 539 goto err_out; 540 if (nla_strlcpy(act_name, kind, IFNAMSIZ) >= IFNAMSIZ) 541 goto err_out; 542 } else { 543 err = -EINVAL; 544 if (strlcpy(act_name, name, IFNAMSIZ) >= IFNAMSIZ) 545 goto err_out; 546 } 547 548 a_o = tc_lookup_action_n(act_name); 549 if (a_o == NULL) { 550 #ifdef CONFIG_MODULES 551 rtnl_unlock(); 552 request_module("act_%s", act_name); 553 rtnl_lock(); 554 555 a_o = tc_lookup_action_n(act_name); 556 557 /* We dropped the RTNL semaphore in order to 558 * perform the module load. So, even if we 559 * succeeded in loading the module we have to 560 * tell the caller to replay the request. We 561 * indicate this using -EAGAIN. 562 */ 563 if (a_o != NULL) { 564 err = -EAGAIN; 565 goto err_mod; 566 } 567 #endif 568 err = -ENOENT; 569 goto err_out; 570 } 571 572 /* backward compatibility for policer */ 573 if (name == NULL) 574 err = a_o->init(net, tb[TCA_ACT_OPTIONS], est, &a, ovr, bind); 575 else 576 err = a_o->init(net, nla, est, &a, ovr, bind); 577 if (err < 0) 578 goto err_mod; 579 580 /* module count goes up only when brand new policy is created 581 * if it exists and is only bound to in a_o->init() then 582 * ACT_P_CREATED is not returned (a zero is). 583 */ 584 if (err != ACT_P_CREATED) 585 module_put(a_o->owner); 586 587 return a; 588 589 err_mod: 590 module_put(a_o->owner); 591 err_out: 592 return ERR_PTR(err); 593 } 594 595 int tcf_action_init(struct net *net, struct nlattr *nla, 596 struct nlattr *est, char *name, int ovr, 597 int bind, struct list_head *actions) 598 { 599 struct nlattr *tb[TCA_ACT_MAX_PRIO + 1]; 600 struct tc_action *act; 601 int err; 602 int i; 603 604 err = nla_parse_nested(tb, TCA_ACT_MAX_PRIO, nla, NULL); 605 if (err < 0) 606 return err; 607 608 for (i = 1; i <= TCA_ACT_MAX_PRIO && tb[i]; i++) { 609 act = tcf_action_init_1(net, tb[i], est, name, ovr, bind); 610 if (IS_ERR(act)) { 611 err = PTR_ERR(act); 612 goto err; 613 } 614 act->order = i; 615 list_add_tail(&act->list, actions); 616 } 617 return 0; 618 619 err: 620 tcf_action_destroy(actions, bind); 621 return err; 622 } 623 624 int tcf_action_copy_stats(struct sk_buff *skb, struct tc_action *p, 625 int compat_mode) 626 { 627 int err = 0; 628 struct gnet_dump d; 629 630 if (p == NULL) 631 goto errout; 632 633 /* compat_mode being true specifies a call that is supposed 634 * to add additional backward compatibility statistic TLVs. 635 */ 636 if (compat_mode) { 637 if (p->type == TCA_OLD_COMPAT) 638 err = gnet_stats_start_copy_compat(skb, 0, 639 TCA_STATS, 640 TCA_XSTATS, 641 &p->tcfa_lock, &d, 642 TCA_PAD); 643 else 644 return 0; 645 } else 646 err = gnet_stats_start_copy(skb, TCA_ACT_STATS, 647 &p->tcfa_lock, &d, TCA_ACT_PAD); 648 649 if (err < 0) 650 goto errout; 651 652 if (gnet_stats_copy_basic(NULL, &d, p->cpu_bstats, &p->tcfa_bstats) < 0 || 653 gnet_stats_copy_rate_est(&d, &p->tcfa_bstats, 654 &p->tcfa_rate_est) < 0 || 655 gnet_stats_copy_queue(&d, p->cpu_qstats, 656 &p->tcfa_qstats, 657 p->tcfa_qstats.qlen) < 0) 658 goto errout; 659 660 if (gnet_stats_finish_copy(&d) < 0) 661 goto errout; 662 663 return 0; 664 665 errout: 666 return -1; 667 } 668 669 static int tca_get_fill(struct sk_buff *skb, struct list_head *actions, 670 u32 portid, u32 seq, u16 flags, int event, int bind, 671 int ref) 672 { 673 struct tcamsg *t; 674 struct nlmsghdr *nlh; 675 unsigned char *b = skb_tail_pointer(skb); 676 struct nlattr *nest; 677 678 nlh = nlmsg_put(skb, portid, seq, event, sizeof(*t), flags); 679 if (!nlh) 680 goto out_nlmsg_trim; 681 t = nlmsg_data(nlh); 682 t->tca_family = AF_UNSPEC; 683 t->tca__pad1 = 0; 684 t->tca__pad2 = 0; 685 686 nest = nla_nest_start(skb, TCA_ACT_TAB); 687 if (nest == NULL) 688 goto out_nlmsg_trim; 689 690 if (tcf_action_dump(skb, actions, bind, ref) < 0) 691 goto out_nlmsg_trim; 692 693 nla_nest_end(skb, nest); 694 695 nlh->nlmsg_len = skb_tail_pointer(skb) - b; 696 return skb->len; 697 698 out_nlmsg_trim: 699 nlmsg_trim(skb, b); 700 return -1; 701 } 702 703 static int 704 act_get_notify(struct net *net, u32 portid, struct nlmsghdr *n, 705 struct list_head *actions, int event) 706 { 707 struct sk_buff *skb; 708 709 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL); 710 if (!skb) 711 return -ENOBUFS; 712 if (tca_get_fill(skb, actions, portid, n->nlmsg_seq, 0, event, 713 0, 0) <= 0) { 714 kfree_skb(skb); 715 return -EINVAL; 716 } 717 718 return rtnl_unicast(skb, net, portid); 719 } 720 721 static struct tc_action *tcf_action_get_1(struct net *net, struct nlattr *nla, 722 struct nlmsghdr *n, u32 portid) 723 { 724 struct nlattr *tb[TCA_ACT_MAX + 1]; 725 const struct tc_action_ops *ops; 726 struct tc_action *a; 727 int index; 728 int err; 729 730 err = nla_parse_nested(tb, TCA_ACT_MAX, nla, NULL); 731 if (err < 0) 732 goto err_out; 733 734 err = -EINVAL; 735 if (tb[TCA_ACT_INDEX] == NULL || 736 nla_len(tb[TCA_ACT_INDEX]) < sizeof(index)) 737 goto err_out; 738 index = nla_get_u32(tb[TCA_ACT_INDEX]); 739 740 err = -EINVAL; 741 ops = tc_lookup_action(tb[TCA_ACT_KIND]); 742 if (!ops) /* could happen in batch of actions */ 743 goto err_out; 744 err = -ENOENT; 745 if (ops->lookup(net, &a, index) == 0) 746 goto err_mod; 747 748 module_put(ops->owner); 749 return a; 750 751 err_mod: 752 module_put(ops->owner); 753 err_out: 754 return ERR_PTR(err); 755 } 756 757 static int tca_action_flush(struct net *net, struct nlattr *nla, 758 struct nlmsghdr *n, u32 portid) 759 { 760 struct sk_buff *skb; 761 unsigned char *b; 762 struct nlmsghdr *nlh; 763 struct tcamsg *t; 764 struct netlink_callback dcb; 765 struct nlattr *nest; 766 struct nlattr *tb[TCA_ACT_MAX + 1]; 767 const struct tc_action_ops *ops; 768 struct nlattr *kind; 769 int err = -ENOMEM; 770 771 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL); 772 if (!skb) { 773 pr_debug("tca_action_flush: failed skb alloc\n"); 774 return err; 775 } 776 777 b = skb_tail_pointer(skb); 778 779 err = nla_parse_nested(tb, TCA_ACT_MAX, nla, NULL); 780 if (err < 0) 781 goto err_out; 782 783 err = -EINVAL; 784 kind = tb[TCA_ACT_KIND]; 785 ops = tc_lookup_action(kind); 786 if (!ops) /*some idjot trying to flush unknown action */ 787 goto err_out; 788 789 nlh = nlmsg_put(skb, portid, n->nlmsg_seq, RTM_DELACTION, 790 sizeof(*t), 0); 791 if (!nlh) 792 goto out_module_put; 793 t = nlmsg_data(nlh); 794 t->tca_family = AF_UNSPEC; 795 t->tca__pad1 = 0; 796 t->tca__pad2 = 0; 797 798 nest = nla_nest_start(skb, TCA_ACT_TAB); 799 if (nest == NULL) 800 goto out_module_put; 801 802 err = ops->walk(net, skb, &dcb, RTM_DELACTION, ops); 803 if (err < 0) 804 goto out_module_put; 805 if (err == 0) 806 goto noflush_out; 807 808 nla_nest_end(skb, nest); 809 810 nlh->nlmsg_len = skb_tail_pointer(skb) - b; 811 nlh->nlmsg_flags |= NLM_F_ROOT; 812 module_put(ops->owner); 813 err = rtnetlink_send(skb, net, portid, RTNLGRP_TC, 814 n->nlmsg_flags & NLM_F_ECHO); 815 if (err > 0) 816 return 0; 817 818 return err; 819 820 out_module_put: 821 module_put(ops->owner); 822 err_out: 823 noflush_out: 824 kfree_skb(skb); 825 return err; 826 } 827 828 static int 829 tcf_del_notify(struct net *net, struct nlmsghdr *n, struct list_head *actions, 830 u32 portid) 831 { 832 int ret; 833 struct sk_buff *skb; 834 835 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL); 836 if (!skb) 837 return -ENOBUFS; 838 839 if (tca_get_fill(skb, actions, portid, n->nlmsg_seq, 0, RTM_DELACTION, 840 0, 1) <= 0) { 841 kfree_skb(skb); 842 return -EINVAL; 843 } 844 845 /* now do the delete */ 846 ret = tcf_action_destroy(actions, 0); 847 if (ret < 0) { 848 kfree_skb(skb); 849 return ret; 850 } 851 852 ret = rtnetlink_send(skb, net, portid, RTNLGRP_TC, 853 n->nlmsg_flags & NLM_F_ECHO); 854 if (ret > 0) 855 return 0; 856 return ret; 857 } 858 859 static int 860 tca_action_gd(struct net *net, struct nlattr *nla, struct nlmsghdr *n, 861 u32 portid, int event) 862 { 863 int i, ret; 864 struct nlattr *tb[TCA_ACT_MAX_PRIO + 1]; 865 struct tc_action *act; 866 LIST_HEAD(actions); 867 868 ret = nla_parse_nested(tb, TCA_ACT_MAX_PRIO, nla, NULL); 869 if (ret < 0) 870 return ret; 871 872 if (event == RTM_DELACTION && n->nlmsg_flags & NLM_F_ROOT) { 873 if (tb[1] != NULL) 874 return tca_action_flush(net, tb[1], n, portid); 875 else 876 return -EINVAL; 877 } 878 879 for (i = 1; i <= TCA_ACT_MAX_PRIO && tb[i]; i++) { 880 act = tcf_action_get_1(net, tb[i], n, portid); 881 if (IS_ERR(act)) { 882 ret = PTR_ERR(act); 883 goto err; 884 } 885 act->order = i; 886 list_add_tail(&act->list, &actions); 887 } 888 889 if (event == RTM_GETACTION) 890 ret = act_get_notify(net, portid, n, &actions, event); 891 else { /* delete */ 892 ret = tcf_del_notify(net, n, &actions, portid); 893 if (ret) 894 goto err; 895 return ret; 896 } 897 err: 898 tcf_action_destroy(&actions, 0); 899 return ret; 900 } 901 902 static int 903 tcf_add_notify(struct net *net, struct nlmsghdr *n, struct list_head *actions, 904 u32 portid) 905 { 906 struct sk_buff *skb; 907 int err = 0; 908 909 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL); 910 if (!skb) 911 return -ENOBUFS; 912 913 if (tca_get_fill(skb, actions, portid, n->nlmsg_seq, n->nlmsg_flags, 914 RTM_NEWACTION, 0, 0) <= 0) { 915 kfree_skb(skb); 916 return -EINVAL; 917 } 918 919 err = rtnetlink_send(skb, net, portid, RTNLGRP_TC, 920 n->nlmsg_flags & NLM_F_ECHO); 921 if (err > 0) 922 err = 0; 923 return err; 924 } 925 926 static int 927 tcf_action_add(struct net *net, struct nlattr *nla, struct nlmsghdr *n, 928 u32 portid, int ovr) 929 { 930 int ret = 0; 931 LIST_HEAD(actions); 932 933 ret = tcf_action_init(net, nla, NULL, NULL, ovr, 0, &actions); 934 if (ret) 935 return ret; 936 937 return tcf_add_notify(net, n, &actions, portid); 938 } 939 940 static int tc_ctl_action(struct sk_buff *skb, struct nlmsghdr *n) 941 { 942 struct net *net = sock_net(skb->sk); 943 struct nlattr *tca[TCA_ACT_MAX + 1]; 944 u32 portid = skb ? NETLINK_CB(skb).portid : 0; 945 int ret = 0, ovr = 0; 946 947 if ((n->nlmsg_type != RTM_GETACTION) && 948 !netlink_capable(skb, CAP_NET_ADMIN)) 949 return -EPERM; 950 951 ret = nlmsg_parse(n, sizeof(struct tcamsg), tca, TCA_ACT_MAX, NULL); 952 if (ret < 0) 953 return ret; 954 955 if (tca[TCA_ACT_TAB] == NULL) { 956 pr_notice("tc_ctl_action: received NO action attribs\n"); 957 return -EINVAL; 958 } 959 960 /* n->nlmsg_flags & NLM_F_CREATE */ 961 switch (n->nlmsg_type) { 962 case RTM_NEWACTION: 963 /* we are going to assume all other flags 964 * imply create only if it doesn't exist 965 * Note that CREATE | EXCL implies that 966 * but since we want avoid ambiguity (eg when flags 967 * is zero) then just set this 968 */ 969 if (n->nlmsg_flags & NLM_F_REPLACE) 970 ovr = 1; 971 replay: 972 ret = tcf_action_add(net, tca[TCA_ACT_TAB], n, portid, ovr); 973 if (ret == -EAGAIN) 974 goto replay; 975 break; 976 case RTM_DELACTION: 977 ret = tca_action_gd(net, tca[TCA_ACT_TAB], n, 978 portid, RTM_DELACTION); 979 break; 980 case RTM_GETACTION: 981 ret = tca_action_gd(net, tca[TCA_ACT_TAB], n, 982 portid, RTM_GETACTION); 983 break; 984 default: 985 BUG(); 986 } 987 988 return ret; 989 } 990 991 static struct nlattr * 992 find_dump_kind(const struct nlmsghdr *n) 993 { 994 struct nlattr *tb1, *tb2[TCA_ACT_MAX + 1]; 995 struct nlattr *tb[TCA_ACT_MAX_PRIO + 1]; 996 struct nlattr *nla[TCAA_MAX + 1]; 997 struct nlattr *kind; 998 999 if (nlmsg_parse(n, sizeof(struct tcamsg), nla, TCAA_MAX, NULL) < 0) 1000 return NULL; 1001 tb1 = nla[TCA_ACT_TAB]; 1002 if (tb1 == NULL) 1003 return NULL; 1004 1005 if (nla_parse(tb, TCA_ACT_MAX_PRIO, nla_data(tb1), 1006 NLMSG_ALIGN(nla_len(tb1)), NULL) < 0) 1007 return NULL; 1008 1009 if (tb[1] == NULL) 1010 return NULL; 1011 if (nla_parse(tb2, TCA_ACT_MAX, nla_data(tb[1]), 1012 nla_len(tb[1]), NULL) < 0) 1013 return NULL; 1014 kind = tb2[TCA_ACT_KIND]; 1015 1016 return kind; 1017 } 1018 1019 static int 1020 tc_dump_action(struct sk_buff *skb, struct netlink_callback *cb) 1021 { 1022 struct net *net = sock_net(skb->sk); 1023 struct nlmsghdr *nlh; 1024 unsigned char *b = skb_tail_pointer(skb); 1025 struct nlattr *nest; 1026 struct tc_action_ops *a_o; 1027 int ret = 0; 1028 struct tcamsg *t = (struct tcamsg *) nlmsg_data(cb->nlh); 1029 struct nlattr *kind = find_dump_kind(cb->nlh); 1030 1031 if (kind == NULL) { 1032 pr_info("tc_dump_action: action bad kind\n"); 1033 return 0; 1034 } 1035 1036 a_o = tc_lookup_action(kind); 1037 if (a_o == NULL) 1038 return 0; 1039 1040 nlh = nlmsg_put(skb, NETLINK_CB(cb->skb).portid, cb->nlh->nlmsg_seq, 1041 cb->nlh->nlmsg_type, sizeof(*t), 0); 1042 if (!nlh) 1043 goto out_module_put; 1044 t = nlmsg_data(nlh); 1045 t->tca_family = AF_UNSPEC; 1046 t->tca__pad1 = 0; 1047 t->tca__pad2 = 0; 1048 1049 nest = nla_nest_start(skb, TCA_ACT_TAB); 1050 if (nest == NULL) 1051 goto out_module_put; 1052 1053 ret = a_o->walk(net, skb, cb, RTM_GETACTION, a_o); 1054 if (ret < 0) 1055 goto out_module_put; 1056 1057 if (ret > 0) { 1058 nla_nest_end(skb, nest); 1059 ret = skb->len; 1060 } else 1061 nlmsg_trim(skb, b); 1062 1063 nlh->nlmsg_len = skb_tail_pointer(skb) - b; 1064 if (NETLINK_CB(cb->skb).portid && ret) 1065 nlh->nlmsg_flags |= NLM_F_MULTI; 1066 module_put(a_o->owner); 1067 return skb->len; 1068 1069 out_module_put: 1070 module_put(a_o->owner); 1071 nlmsg_trim(skb, b); 1072 return skb->len; 1073 } 1074 1075 static int __init tc_action_init(void) 1076 { 1077 rtnl_register(PF_UNSPEC, RTM_NEWACTION, tc_ctl_action, NULL, NULL); 1078 rtnl_register(PF_UNSPEC, RTM_DELACTION, tc_ctl_action, NULL, NULL); 1079 rtnl_register(PF_UNSPEC, RTM_GETACTION, tc_ctl_action, tc_dump_action, 1080 NULL); 1081 1082 return 0; 1083 } 1084 1085 subsys_initcall(tc_action_init); 1086