1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * net/sched/act_api.c Packet action API. 4 * 5 * Author: Jamal Hadi Salim 6 */ 7 8 #include <linux/types.h> 9 #include <linux/kernel.h> 10 #include <linux/string.h> 11 #include <linux/errno.h> 12 #include <linux/slab.h> 13 #include <linux/skbuff.h> 14 #include <linux/init.h> 15 #include <linux/kmod.h> 16 #include <linux/err.h> 17 #include <linux/module.h> 18 #include <net/net_namespace.h> 19 #include <net/sock.h> 20 #include <net/sch_generic.h> 21 #include <net/pkt_cls.h> 22 #include <net/act_api.h> 23 #include <net/netlink.h> 24 25 static void tcf_action_goto_chain_exec(const struct tc_action *a, 26 struct tcf_result *res) 27 { 28 const struct tcf_chain *chain = rcu_dereference_bh(a->goto_chain); 29 30 res->goto_tp = rcu_dereference_bh(chain->filter_chain); 31 } 32 33 static void tcf_free_cookie_rcu(struct rcu_head *p) 34 { 35 struct tc_cookie *cookie = container_of(p, struct tc_cookie, rcu); 36 37 kfree(cookie->data); 38 kfree(cookie); 39 } 40 41 static void tcf_set_action_cookie(struct tc_cookie __rcu **old_cookie, 42 struct tc_cookie *new_cookie) 43 { 44 struct tc_cookie *old; 45 46 old = xchg((__force struct tc_cookie **)old_cookie, new_cookie); 47 if (old) 48 call_rcu(&old->rcu, tcf_free_cookie_rcu); 49 } 50 51 int tcf_action_check_ctrlact(int action, struct tcf_proto *tp, 52 struct tcf_chain **newchain, 53 struct netlink_ext_ack *extack) 54 { 55 int opcode = TC_ACT_EXT_OPCODE(action), ret = -EINVAL; 56 u32 chain_index; 57 58 if (!opcode) 59 ret = action > TC_ACT_VALUE_MAX ? -EINVAL : 0; 60 else if (opcode <= TC_ACT_EXT_OPCODE_MAX || action == TC_ACT_UNSPEC) 61 ret = 0; 62 if (ret) { 63 NL_SET_ERR_MSG(extack, "invalid control action"); 64 goto end; 65 } 66 67 if (TC_ACT_EXT_CMP(action, TC_ACT_GOTO_CHAIN)) { 68 chain_index = action & TC_ACT_EXT_VAL_MASK; 69 if (!tp || !newchain) { 70 ret = -EINVAL; 71 NL_SET_ERR_MSG(extack, 72 "can't goto NULL proto/chain"); 73 goto end; 74 } 75 *newchain = tcf_chain_get_by_act(tp->chain->block, chain_index); 76 if (!*newchain) { 77 ret = -ENOMEM; 78 NL_SET_ERR_MSG(extack, 79 "can't allocate goto_chain"); 80 } 81 } 82 end: 83 return ret; 84 } 85 EXPORT_SYMBOL(tcf_action_check_ctrlact); 86 87 struct tcf_chain *tcf_action_set_ctrlact(struct tc_action *a, int action, 88 struct tcf_chain *goto_chain) 89 { 90 a->tcfa_action = action; 91 goto_chain = rcu_replace_pointer(a->goto_chain, goto_chain, 1); 92 return goto_chain; 93 } 94 EXPORT_SYMBOL(tcf_action_set_ctrlact); 95 96 /* XXX: For standalone actions, we don't need a RCU grace period either, because 97 * actions are always connected to filters and filters are already destroyed in 98 * RCU callbacks, so after a RCU grace period actions are already disconnected 99 * from filters. Readers later can not find us. 100 */ 101 static void free_tcf(struct tc_action *p) 102 { 103 struct tcf_chain *chain = rcu_dereference_protected(p->goto_chain, 1); 104 105 free_percpu(p->cpu_bstats); 106 free_percpu(p->cpu_bstats_hw); 107 free_percpu(p->cpu_qstats); 108 109 tcf_set_action_cookie(&p->act_cookie, NULL); 110 if (chain) 111 tcf_chain_put_by_act(chain); 112 113 kfree(p); 114 } 115 116 static void tcf_action_cleanup(struct tc_action *p) 117 { 118 if (p->ops->cleanup) 119 p->ops->cleanup(p); 120 121 gen_kill_estimator(&p->tcfa_rate_est); 122 free_tcf(p); 123 } 124 125 static int __tcf_action_put(struct tc_action *p, bool bind) 126 { 127 struct tcf_idrinfo *idrinfo = p->idrinfo; 128 129 if (refcount_dec_and_mutex_lock(&p->tcfa_refcnt, &idrinfo->lock)) { 130 if (bind) 131 atomic_dec(&p->tcfa_bindcnt); 132 idr_remove(&idrinfo->action_idr, p->tcfa_index); 133 mutex_unlock(&idrinfo->lock); 134 135 tcf_action_cleanup(p); 136 return 1; 137 } 138 139 if (bind) 140 atomic_dec(&p->tcfa_bindcnt); 141 142 return 0; 143 } 144 145 int __tcf_idr_release(struct tc_action *p, bool bind, bool strict) 146 { 147 int ret = 0; 148 149 /* Release with strict==1 and bind==0 is only called through act API 150 * interface (classifiers always bind). Only case when action with 151 * positive reference count and zero bind count can exist is when it was 152 * also created with act API (unbinding last classifier will destroy the 153 * action if it was created by classifier). So only case when bind count 154 * can be changed after initial check is when unbound action is 155 * destroyed by act API while classifier binds to action with same id 156 * concurrently. This result either creation of new action(same behavior 157 * as before), or reusing existing action if concurrent process 158 * increments reference count before action is deleted. Both scenarios 159 * are acceptable. 160 */ 161 if (p) { 162 if (!bind && strict && atomic_read(&p->tcfa_bindcnt) > 0) 163 return -EPERM; 164 165 if (__tcf_action_put(p, bind)) 166 ret = ACT_P_DELETED; 167 } 168 169 return ret; 170 } 171 EXPORT_SYMBOL(__tcf_idr_release); 172 173 static size_t tcf_action_shared_attrs_size(const struct tc_action *act) 174 { 175 struct tc_cookie *act_cookie; 176 u32 cookie_len = 0; 177 178 rcu_read_lock(); 179 act_cookie = rcu_dereference(act->act_cookie); 180 181 if (act_cookie) 182 cookie_len = nla_total_size(act_cookie->len); 183 rcu_read_unlock(); 184 185 return nla_total_size(0) /* action number nested */ 186 + nla_total_size(IFNAMSIZ) /* TCA_ACT_KIND */ 187 + cookie_len /* TCA_ACT_COOKIE */ 188 + nla_total_size(0) /* TCA_ACT_STATS nested */ 189 + nla_total_size(sizeof(struct nla_bitfield32)) /* TCA_ACT_FLAGS */ 190 /* TCA_STATS_BASIC */ 191 + nla_total_size_64bit(sizeof(struct gnet_stats_basic)) 192 /* TCA_STATS_PKT64 */ 193 + nla_total_size_64bit(sizeof(u64)) 194 /* TCA_STATS_QUEUE */ 195 + nla_total_size_64bit(sizeof(struct gnet_stats_queue)) 196 + nla_total_size(0) /* TCA_OPTIONS nested */ 197 + nla_total_size(sizeof(struct tcf_t)); /* TCA_GACT_TM */ 198 } 199 200 static size_t tcf_action_full_attrs_size(size_t sz) 201 { 202 return NLMSG_HDRLEN /* struct nlmsghdr */ 203 + sizeof(struct tcamsg) 204 + nla_total_size(0) /* TCA_ACT_TAB nested */ 205 + sz; 206 } 207 208 static size_t tcf_action_fill_size(const struct tc_action *act) 209 { 210 size_t sz = tcf_action_shared_attrs_size(act); 211 212 if (act->ops->get_fill_size) 213 return act->ops->get_fill_size(act) + sz; 214 return sz; 215 } 216 217 static int tcf_dump_walker(struct tcf_idrinfo *idrinfo, struct sk_buff *skb, 218 struct netlink_callback *cb) 219 { 220 int err = 0, index = -1, s_i = 0, n_i = 0; 221 u32 act_flags = cb->args[2]; 222 unsigned long jiffy_since = cb->args[3]; 223 struct nlattr *nest; 224 struct idr *idr = &idrinfo->action_idr; 225 struct tc_action *p; 226 unsigned long id = 1; 227 unsigned long tmp; 228 229 mutex_lock(&idrinfo->lock); 230 231 s_i = cb->args[0]; 232 233 idr_for_each_entry_ul(idr, p, tmp, id) { 234 index++; 235 if (index < s_i) 236 continue; 237 238 if (jiffy_since && 239 time_after(jiffy_since, 240 (unsigned long)p->tcfa_tm.lastuse)) 241 continue; 242 243 nest = nla_nest_start_noflag(skb, n_i); 244 if (!nest) { 245 index--; 246 goto nla_put_failure; 247 } 248 err = tcf_action_dump_1(skb, p, 0, 0); 249 if (err < 0) { 250 index--; 251 nlmsg_trim(skb, nest); 252 goto done; 253 } 254 nla_nest_end(skb, nest); 255 n_i++; 256 if (!(act_flags & TCA_FLAG_LARGE_DUMP_ON) && 257 n_i >= TCA_ACT_MAX_PRIO) 258 goto done; 259 } 260 done: 261 if (index >= 0) 262 cb->args[0] = index + 1; 263 264 mutex_unlock(&idrinfo->lock); 265 if (n_i) { 266 if (act_flags & TCA_FLAG_LARGE_DUMP_ON) 267 cb->args[1] = n_i; 268 } 269 return n_i; 270 271 nla_put_failure: 272 nla_nest_cancel(skb, nest); 273 goto done; 274 } 275 276 static int tcf_idr_release_unsafe(struct tc_action *p) 277 { 278 if (atomic_read(&p->tcfa_bindcnt) > 0) 279 return -EPERM; 280 281 if (refcount_dec_and_test(&p->tcfa_refcnt)) { 282 idr_remove(&p->idrinfo->action_idr, p->tcfa_index); 283 tcf_action_cleanup(p); 284 return ACT_P_DELETED; 285 } 286 287 return 0; 288 } 289 290 static int tcf_del_walker(struct tcf_idrinfo *idrinfo, struct sk_buff *skb, 291 const struct tc_action_ops *ops) 292 { 293 struct nlattr *nest; 294 int n_i = 0; 295 int ret = -EINVAL; 296 struct idr *idr = &idrinfo->action_idr; 297 struct tc_action *p; 298 unsigned long id = 1; 299 unsigned long tmp; 300 301 nest = nla_nest_start_noflag(skb, 0); 302 if (nest == NULL) 303 goto nla_put_failure; 304 if (nla_put_string(skb, TCA_KIND, ops->kind)) 305 goto nla_put_failure; 306 307 mutex_lock(&idrinfo->lock); 308 idr_for_each_entry_ul(idr, p, tmp, id) { 309 ret = tcf_idr_release_unsafe(p); 310 if (ret == ACT_P_DELETED) { 311 module_put(ops->owner); 312 n_i++; 313 } else if (ret < 0) { 314 mutex_unlock(&idrinfo->lock); 315 goto nla_put_failure; 316 } 317 } 318 mutex_unlock(&idrinfo->lock); 319 320 if (nla_put_u32(skb, TCA_FCNT, n_i)) 321 goto nla_put_failure; 322 nla_nest_end(skb, nest); 323 324 return n_i; 325 nla_put_failure: 326 nla_nest_cancel(skb, nest); 327 return ret; 328 } 329 330 int tcf_generic_walker(struct tc_action_net *tn, struct sk_buff *skb, 331 struct netlink_callback *cb, int type, 332 const struct tc_action_ops *ops, 333 struct netlink_ext_ack *extack) 334 { 335 struct tcf_idrinfo *idrinfo = tn->idrinfo; 336 337 if (type == RTM_DELACTION) { 338 return tcf_del_walker(idrinfo, skb, ops); 339 } else if (type == RTM_GETACTION) { 340 return tcf_dump_walker(idrinfo, skb, cb); 341 } else { 342 WARN(1, "tcf_generic_walker: unknown command %d\n", type); 343 NL_SET_ERR_MSG(extack, "tcf_generic_walker: unknown command"); 344 return -EINVAL; 345 } 346 } 347 EXPORT_SYMBOL(tcf_generic_walker); 348 349 int tcf_idr_search(struct tc_action_net *tn, struct tc_action **a, u32 index) 350 { 351 struct tcf_idrinfo *idrinfo = tn->idrinfo; 352 struct tc_action *p; 353 354 mutex_lock(&idrinfo->lock); 355 p = idr_find(&idrinfo->action_idr, index); 356 if (IS_ERR(p)) 357 p = NULL; 358 else if (p) 359 refcount_inc(&p->tcfa_refcnt); 360 mutex_unlock(&idrinfo->lock); 361 362 if (p) { 363 *a = p; 364 return true; 365 } 366 return false; 367 } 368 EXPORT_SYMBOL(tcf_idr_search); 369 370 static int tcf_idr_delete_index(struct tcf_idrinfo *idrinfo, u32 index) 371 { 372 struct tc_action *p; 373 int ret = 0; 374 375 mutex_lock(&idrinfo->lock); 376 p = idr_find(&idrinfo->action_idr, index); 377 if (!p) { 378 mutex_unlock(&idrinfo->lock); 379 return -ENOENT; 380 } 381 382 if (!atomic_read(&p->tcfa_bindcnt)) { 383 if (refcount_dec_and_test(&p->tcfa_refcnt)) { 384 struct module *owner = p->ops->owner; 385 386 WARN_ON(p != idr_remove(&idrinfo->action_idr, 387 p->tcfa_index)); 388 mutex_unlock(&idrinfo->lock); 389 390 tcf_action_cleanup(p); 391 module_put(owner); 392 return 0; 393 } 394 ret = 0; 395 } else { 396 ret = -EPERM; 397 } 398 399 mutex_unlock(&idrinfo->lock); 400 return ret; 401 } 402 403 int tcf_idr_create(struct tc_action_net *tn, u32 index, struct nlattr *est, 404 struct tc_action **a, const struct tc_action_ops *ops, 405 int bind, bool cpustats, u32 flags) 406 { 407 struct tc_action *p = kzalloc(ops->size, GFP_KERNEL); 408 struct tcf_idrinfo *idrinfo = tn->idrinfo; 409 int err = -ENOMEM; 410 411 if (unlikely(!p)) 412 return -ENOMEM; 413 refcount_set(&p->tcfa_refcnt, 1); 414 if (bind) 415 atomic_set(&p->tcfa_bindcnt, 1); 416 417 if (cpustats) { 418 p->cpu_bstats = netdev_alloc_pcpu_stats(struct gnet_stats_basic_cpu); 419 if (!p->cpu_bstats) 420 goto err1; 421 p->cpu_bstats_hw = netdev_alloc_pcpu_stats(struct gnet_stats_basic_cpu); 422 if (!p->cpu_bstats_hw) 423 goto err2; 424 p->cpu_qstats = alloc_percpu(struct gnet_stats_queue); 425 if (!p->cpu_qstats) 426 goto err3; 427 } 428 spin_lock_init(&p->tcfa_lock); 429 p->tcfa_index = index; 430 p->tcfa_tm.install = jiffies; 431 p->tcfa_tm.lastuse = jiffies; 432 p->tcfa_tm.firstuse = 0; 433 p->tcfa_flags = flags; 434 if (est) { 435 err = gen_new_estimator(&p->tcfa_bstats, p->cpu_bstats, 436 &p->tcfa_rate_est, 437 &p->tcfa_lock, NULL, est); 438 if (err) 439 goto err4; 440 } 441 442 p->idrinfo = idrinfo; 443 p->ops = ops; 444 *a = p; 445 return 0; 446 err4: 447 free_percpu(p->cpu_qstats); 448 err3: 449 free_percpu(p->cpu_bstats_hw); 450 err2: 451 free_percpu(p->cpu_bstats); 452 err1: 453 kfree(p); 454 return err; 455 } 456 EXPORT_SYMBOL(tcf_idr_create); 457 458 int tcf_idr_create_from_flags(struct tc_action_net *tn, u32 index, 459 struct nlattr *est, struct tc_action **a, 460 const struct tc_action_ops *ops, int bind, 461 u32 flags) 462 { 463 /* Set cpustats according to actions flags. */ 464 return tcf_idr_create(tn, index, est, a, ops, bind, 465 !(flags & TCA_ACT_FLAGS_NO_PERCPU_STATS), flags); 466 } 467 EXPORT_SYMBOL(tcf_idr_create_from_flags); 468 469 void tcf_idr_insert(struct tc_action_net *tn, struct tc_action *a) 470 { 471 struct tcf_idrinfo *idrinfo = tn->idrinfo; 472 473 mutex_lock(&idrinfo->lock); 474 /* Replace ERR_PTR(-EBUSY) allocated by tcf_idr_check_alloc */ 475 WARN_ON(!IS_ERR(idr_replace(&idrinfo->action_idr, a, a->tcfa_index))); 476 mutex_unlock(&idrinfo->lock); 477 } 478 EXPORT_SYMBOL(tcf_idr_insert); 479 480 /* Cleanup idr index that was allocated but not initialized. */ 481 482 void tcf_idr_cleanup(struct tc_action_net *tn, u32 index) 483 { 484 struct tcf_idrinfo *idrinfo = tn->idrinfo; 485 486 mutex_lock(&idrinfo->lock); 487 /* Remove ERR_PTR(-EBUSY) allocated by tcf_idr_check_alloc */ 488 WARN_ON(!IS_ERR(idr_remove(&idrinfo->action_idr, index))); 489 mutex_unlock(&idrinfo->lock); 490 } 491 EXPORT_SYMBOL(tcf_idr_cleanup); 492 493 /* Check if action with specified index exists. If actions is found, increments 494 * its reference and bind counters, and return 1. Otherwise insert temporary 495 * error pointer (to prevent concurrent users from inserting actions with same 496 * index) and return 0. 497 */ 498 499 int tcf_idr_check_alloc(struct tc_action_net *tn, u32 *index, 500 struct tc_action **a, int bind) 501 { 502 struct tcf_idrinfo *idrinfo = tn->idrinfo; 503 struct tc_action *p; 504 int ret; 505 506 again: 507 mutex_lock(&idrinfo->lock); 508 if (*index) { 509 p = idr_find(&idrinfo->action_idr, *index); 510 if (IS_ERR(p)) { 511 /* This means that another process allocated 512 * index but did not assign the pointer yet. 513 */ 514 mutex_unlock(&idrinfo->lock); 515 goto again; 516 } 517 518 if (p) { 519 refcount_inc(&p->tcfa_refcnt); 520 if (bind) 521 atomic_inc(&p->tcfa_bindcnt); 522 *a = p; 523 ret = 1; 524 } else { 525 *a = NULL; 526 ret = idr_alloc_u32(&idrinfo->action_idr, NULL, index, 527 *index, GFP_KERNEL); 528 if (!ret) 529 idr_replace(&idrinfo->action_idr, 530 ERR_PTR(-EBUSY), *index); 531 } 532 } else { 533 *index = 1; 534 *a = NULL; 535 ret = idr_alloc_u32(&idrinfo->action_idr, NULL, index, 536 UINT_MAX, GFP_KERNEL); 537 if (!ret) 538 idr_replace(&idrinfo->action_idr, ERR_PTR(-EBUSY), 539 *index); 540 } 541 mutex_unlock(&idrinfo->lock); 542 return ret; 543 } 544 EXPORT_SYMBOL(tcf_idr_check_alloc); 545 546 void tcf_idrinfo_destroy(const struct tc_action_ops *ops, 547 struct tcf_idrinfo *idrinfo) 548 { 549 struct idr *idr = &idrinfo->action_idr; 550 struct tc_action *p; 551 int ret; 552 unsigned long id = 1; 553 unsigned long tmp; 554 555 idr_for_each_entry_ul(idr, p, tmp, id) { 556 ret = __tcf_idr_release(p, false, true); 557 if (ret == ACT_P_DELETED) 558 module_put(ops->owner); 559 else if (ret < 0) 560 return; 561 } 562 idr_destroy(&idrinfo->action_idr); 563 } 564 EXPORT_SYMBOL(tcf_idrinfo_destroy); 565 566 static LIST_HEAD(act_base); 567 static DEFINE_RWLOCK(act_mod_lock); 568 569 int tcf_register_action(struct tc_action_ops *act, 570 struct pernet_operations *ops) 571 { 572 struct tc_action_ops *a; 573 int ret; 574 575 if (!act->act || !act->dump || !act->init || !act->walk || !act->lookup) 576 return -EINVAL; 577 578 /* We have to register pernet ops before making the action ops visible, 579 * otherwise tcf_action_init_1() could get a partially initialized 580 * netns. 581 */ 582 ret = register_pernet_subsys(ops); 583 if (ret) 584 return ret; 585 586 write_lock(&act_mod_lock); 587 list_for_each_entry(a, &act_base, head) { 588 if (act->id == a->id || (strcmp(act->kind, a->kind) == 0)) { 589 write_unlock(&act_mod_lock); 590 unregister_pernet_subsys(ops); 591 return -EEXIST; 592 } 593 } 594 list_add_tail(&act->head, &act_base); 595 write_unlock(&act_mod_lock); 596 597 return 0; 598 } 599 EXPORT_SYMBOL(tcf_register_action); 600 601 int tcf_unregister_action(struct tc_action_ops *act, 602 struct pernet_operations *ops) 603 { 604 struct tc_action_ops *a; 605 int err = -ENOENT; 606 607 write_lock(&act_mod_lock); 608 list_for_each_entry(a, &act_base, head) { 609 if (a == act) { 610 list_del(&act->head); 611 err = 0; 612 break; 613 } 614 } 615 write_unlock(&act_mod_lock); 616 if (!err) 617 unregister_pernet_subsys(ops); 618 return err; 619 } 620 EXPORT_SYMBOL(tcf_unregister_action); 621 622 /* lookup by name */ 623 static struct tc_action_ops *tc_lookup_action_n(char *kind) 624 { 625 struct tc_action_ops *a, *res = NULL; 626 627 if (kind) { 628 read_lock(&act_mod_lock); 629 list_for_each_entry(a, &act_base, head) { 630 if (strcmp(kind, a->kind) == 0) { 631 if (try_module_get(a->owner)) 632 res = a; 633 break; 634 } 635 } 636 read_unlock(&act_mod_lock); 637 } 638 return res; 639 } 640 641 /* lookup by nlattr */ 642 static struct tc_action_ops *tc_lookup_action(struct nlattr *kind) 643 { 644 struct tc_action_ops *a, *res = NULL; 645 646 if (kind) { 647 read_lock(&act_mod_lock); 648 list_for_each_entry(a, &act_base, head) { 649 if (nla_strcmp(kind, a->kind) == 0) { 650 if (try_module_get(a->owner)) 651 res = a; 652 break; 653 } 654 } 655 read_unlock(&act_mod_lock); 656 } 657 return res; 658 } 659 660 /*TCA_ACT_MAX_PRIO is 32, there count upto 32 */ 661 #define TCA_ACT_MAX_PRIO_MASK 0x1FF 662 int tcf_action_exec(struct sk_buff *skb, struct tc_action **actions, 663 int nr_actions, struct tcf_result *res) 664 { 665 u32 jmp_prgcnt = 0; 666 u32 jmp_ttl = TCA_ACT_MAX_PRIO; /*matches actions per filter */ 667 int i; 668 int ret = TC_ACT_OK; 669 670 if (skb_skip_tc_classify(skb)) 671 return TC_ACT_OK; 672 673 restart_act_graph: 674 for (i = 0; i < nr_actions; i++) { 675 const struct tc_action *a = actions[i]; 676 677 if (jmp_prgcnt > 0) { 678 jmp_prgcnt -= 1; 679 continue; 680 } 681 repeat: 682 ret = a->ops->act(skb, a, res); 683 if (ret == TC_ACT_REPEAT) 684 goto repeat; /* we need a ttl - JHS */ 685 686 if (TC_ACT_EXT_CMP(ret, TC_ACT_JUMP)) { 687 jmp_prgcnt = ret & TCA_ACT_MAX_PRIO_MASK; 688 if (!jmp_prgcnt || (jmp_prgcnt > nr_actions)) { 689 /* faulty opcode, stop pipeline */ 690 return TC_ACT_OK; 691 } else { 692 jmp_ttl -= 1; 693 if (jmp_ttl > 0) 694 goto restart_act_graph; 695 else /* faulty graph, stop pipeline */ 696 return TC_ACT_OK; 697 } 698 } else if (TC_ACT_EXT_CMP(ret, TC_ACT_GOTO_CHAIN)) { 699 if (unlikely(!rcu_access_pointer(a->goto_chain))) { 700 net_warn_ratelimited("can't go to NULL chain!\n"); 701 return TC_ACT_SHOT; 702 } 703 tcf_action_goto_chain_exec(a, res); 704 } 705 706 if (ret != TC_ACT_PIPE) 707 break; 708 } 709 710 return ret; 711 } 712 EXPORT_SYMBOL(tcf_action_exec); 713 714 int tcf_action_destroy(struct tc_action *actions[], int bind) 715 { 716 const struct tc_action_ops *ops; 717 struct tc_action *a; 718 int ret = 0, i; 719 720 for (i = 0; i < TCA_ACT_MAX_PRIO && actions[i]; i++) { 721 a = actions[i]; 722 actions[i] = NULL; 723 ops = a->ops; 724 ret = __tcf_idr_release(a, bind, true); 725 if (ret == ACT_P_DELETED) 726 module_put(ops->owner); 727 else if (ret < 0) 728 return ret; 729 } 730 return ret; 731 } 732 733 static int tcf_action_destroy_1(struct tc_action *a, int bind) 734 { 735 struct tc_action *actions[] = { a, NULL }; 736 737 return tcf_action_destroy(actions, bind); 738 } 739 740 static int tcf_action_put(struct tc_action *p) 741 { 742 return __tcf_action_put(p, false); 743 } 744 745 /* Put all actions in this array, skip those NULL's. */ 746 static void tcf_action_put_many(struct tc_action *actions[]) 747 { 748 int i; 749 750 for (i = 0; i < TCA_ACT_MAX_PRIO; i++) { 751 struct tc_action *a = actions[i]; 752 const struct tc_action_ops *ops; 753 754 if (!a) 755 continue; 756 ops = a->ops; 757 if (tcf_action_put(a)) 758 module_put(ops->owner); 759 } 760 } 761 762 int 763 tcf_action_dump_old(struct sk_buff *skb, struct tc_action *a, int bind, int ref) 764 { 765 return a->ops->dump(skb, a, bind, ref); 766 } 767 768 int 769 tcf_action_dump_1(struct sk_buff *skb, struct tc_action *a, int bind, int ref) 770 { 771 int err = -EINVAL; 772 unsigned char *b = skb_tail_pointer(skb); 773 struct nlattr *nest; 774 struct tc_cookie *cookie; 775 776 if (nla_put_string(skb, TCA_KIND, a->ops->kind)) 777 goto nla_put_failure; 778 if (tcf_action_copy_stats(skb, a, 0)) 779 goto nla_put_failure; 780 781 rcu_read_lock(); 782 cookie = rcu_dereference(a->act_cookie); 783 if (cookie) { 784 if (nla_put(skb, TCA_ACT_COOKIE, cookie->len, cookie->data)) { 785 rcu_read_unlock(); 786 goto nla_put_failure; 787 } 788 } 789 rcu_read_unlock(); 790 791 if (a->tcfa_flags) { 792 struct nla_bitfield32 flags = { a->tcfa_flags, 793 a->tcfa_flags, }; 794 795 if (nla_put(skb, TCA_ACT_FLAGS, sizeof(flags), &flags)) 796 goto nla_put_failure; 797 } 798 799 nest = nla_nest_start_noflag(skb, TCA_OPTIONS); 800 if (nest == NULL) 801 goto nla_put_failure; 802 err = tcf_action_dump_old(skb, a, bind, ref); 803 if (err > 0) { 804 nla_nest_end(skb, nest); 805 return err; 806 } 807 808 nla_put_failure: 809 nlmsg_trim(skb, b); 810 return -1; 811 } 812 EXPORT_SYMBOL(tcf_action_dump_1); 813 814 int tcf_action_dump(struct sk_buff *skb, struct tc_action *actions[], 815 int bind, int ref) 816 { 817 struct tc_action *a; 818 int err = -EINVAL, i; 819 struct nlattr *nest; 820 821 for (i = 0; i < TCA_ACT_MAX_PRIO && actions[i]; i++) { 822 a = actions[i]; 823 nest = nla_nest_start_noflag(skb, i + 1); 824 if (nest == NULL) 825 goto nla_put_failure; 826 err = tcf_action_dump_1(skb, a, bind, ref); 827 if (err < 0) 828 goto errout; 829 nla_nest_end(skb, nest); 830 } 831 832 return 0; 833 834 nla_put_failure: 835 err = -EINVAL; 836 errout: 837 nla_nest_cancel(skb, nest); 838 return err; 839 } 840 841 static struct tc_cookie *nla_memdup_cookie(struct nlattr **tb) 842 { 843 struct tc_cookie *c = kzalloc(sizeof(*c), GFP_KERNEL); 844 if (!c) 845 return NULL; 846 847 c->data = nla_memdup(tb[TCA_ACT_COOKIE], GFP_KERNEL); 848 if (!c->data) { 849 kfree(c); 850 return NULL; 851 } 852 c->len = nla_len(tb[TCA_ACT_COOKIE]); 853 854 return c; 855 } 856 857 static const u32 tca_act_flags_allowed = TCA_ACT_FLAGS_NO_PERCPU_STATS; 858 static const struct nla_policy tcf_action_policy[TCA_ACT_MAX + 1] = { 859 [TCA_ACT_KIND] = { .type = NLA_STRING }, 860 [TCA_ACT_INDEX] = { .type = NLA_U32 }, 861 [TCA_ACT_COOKIE] = { .type = NLA_BINARY, 862 .len = TC_COOKIE_MAX_SIZE }, 863 [TCA_ACT_OPTIONS] = { .type = NLA_NESTED }, 864 [TCA_ACT_FLAGS] = { .type = NLA_BITFIELD32, 865 .validation_data = &tca_act_flags_allowed }, 866 }; 867 868 struct tc_action *tcf_action_init_1(struct net *net, struct tcf_proto *tp, 869 struct nlattr *nla, struct nlattr *est, 870 char *name, int ovr, int bind, 871 bool rtnl_held, 872 struct netlink_ext_ack *extack) 873 { 874 struct nla_bitfield32 flags = { 0, 0 }; 875 struct tc_action *a; 876 struct tc_action_ops *a_o; 877 struct tc_cookie *cookie = NULL; 878 char act_name[IFNAMSIZ]; 879 struct nlattr *tb[TCA_ACT_MAX + 1]; 880 struct nlattr *kind; 881 int err; 882 883 if (name == NULL) { 884 err = nla_parse_nested_deprecated(tb, TCA_ACT_MAX, nla, 885 tcf_action_policy, extack); 886 if (err < 0) 887 goto err_out; 888 err = -EINVAL; 889 kind = tb[TCA_ACT_KIND]; 890 if (!kind) { 891 NL_SET_ERR_MSG(extack, "TC action kind must be specified"); 892 goto err_out; 893 } 894 if (nla_strlcpy(act_name, kind, IFNAMSIZ) >= IFNAMSIZ) { 895 NL_SET_ERR_MSG(extack, "TC action name too long"); 896 goto err_out; 897 } 898 if (tb[TCA_ACT_COOKIE]) { 899 cookie = nla_memdup_cookie(tb); 900 if (!cookie) { 901 NL_SET_ERR_MSG(extack, "No memory to generate TC cookie"); 902 err = -ENOMEM; 903 goto err_out; 904 } 905 } 906 if (tb[TCA_ACT_FLAGS]) 907 flags = nla_get_bitfield32(tb[TCA_ACT_FLAGS]); 908 } else { 909 if (strlcpy(act_name, name, IFNAMSIZ) >= IFNAMSIZ) { 910 NL_SET_ERR_MSG(extack, "TC action name too long"); 911 err = -EINVAL; 912 goto err_out; 913 } 914 } 915 916 a_o = tc_lookup_action_n(act_name); 917 if (a_o == NULL) { 918 #ifdef CONFIG_MODULES 919 if (rtnl_held) 920 rtnl_unlock(); 921 request_module("act_%s", act_name); 922 if (rtnl_held) 923 rtnl_lock(); 924 925 a_o = tc_lookup_action_n(act_name); 926 927 /* We dropped the RTNL semaphore in order to 928 * perform the module load. So, even if we 929 * succeeded in loading the module we have to 930 * tell the caller to replay the request. We 931 * indicate this using -EAGAIN. 932 */ 933 if (a_o != NULL) { 934 err = -EAGAIN; 935 goto err_mod; 936 } 937 #endif 938 NL_SET_ERR_MSG(extack, "Failed to load TC action module"); 939 err = -ENOENT; 940 goto err_out; 941 } 942 943 /* backward compatibility for policer */ 944 if (name == NULL) 945 err = a_o->init(net, tb[TCA_ACT_OPTIONS], est, &a, ovr, bind, 946 rtnl_held, tp, flags.value, extack); 947 else 948 err = a_o->init(net, nla, est, &a, ovr, bind, rtnl_held, 949 tp, flags.value, extack); 950 if (err < 0) 951 goto err_mod; 952 953 if (!name && tb[TCA_ACT_COOKIE]) 954 tcf_set_action_cookie(&a->act_cookie, cookie); 955 956 /* module count goes up only when brand new policy is created 957 * if it exists and is only bound to in a_o->init() then 958 * ACT_P_CREATED is not returned (a zero is). 959 */ 960 if (err != ACT_P_CREATED) 961 module_put(a_o->owner); 962 963 if (TC_ACT_EXT_CMP(a->tcfa_action, TC_ACT_GOTO_CHAIN) && 964 !rcu_access_pointer(a->goto_chain)) { 965 tcf_action_destroy_1(a, bind); 966 NL_SET_ERR_MSG(extack, "can't use goto chain with NULL chain"); 967 return ERR_PTR(-EINVAL); 968 } 969 970 return a; 971 972 err_mod: 973 module_put(a_o->owner); 974 err_out: 975 if (cookie) { 976 kfree(cookie->data); 977 kfree(cookie); 978 } 979 return ERR_PTR(err); 980 } 981 982 /* Returns numbers of initialized actions or negative error. */ 983 984 int tcf_action_init(struct net *net, struct tcf_proto *tp, struct nlattr *nla, 985 struct nlattr *est, char *name, int ovr, int bind, 986 struct tc_action *actions[], size_t *attr_size, 987 bool rtnl_held, struct netlink_ext_ack *extack) 988 { 989 struct nlattr *tb[TCA_ACT_MAX_PRIO + 1]; 990 struct tc_action *act; 991 size_t sz = 0; 992 int err; 993 int i; 994 995 err = nla_parse_nested_deprecated(tb, TCA_ACT_MAX_PRIO, nla, NULL, 996 extack); 997 if (err < 0) 998 return err; 999 1000 for (i = 1; i <= TCA_ACT_MAX_PRIO && tb[i]; i++) { 1001 act = tcf_action_init_1(net, tp, tb[i], est, name, ovr, bind, 1002 rtnl_held, extack); 1003 if (IS_ERR(act)) { 1004 err = PTR_ERR(act); 1005 goto err; 1006 } 1007 sz += tcf_action_fill_size(act); 1008 /* Start from index 0 */ 1009 actions[i - 1] = act; 1010 } 1011 1012 *attr_size = tcf_action_full_attrs_size(sz); 1013 return i - 1; 1014 1015 err: 1016 tcf_action_destroy(actions, bind); 1017 return err; 1018 } 1019 1020 void tcf_action_update_stats(struct tc_action *a, u64 bytes, u32 packets, 1021 bool drop, bool hw) 1022 { 1023 if (a->cpu_bstats) { 1024 _bstats_cpu_update(this_cpu_ptr(a->cpu_bstats), bytes, packets); 1025 1026 if (drop) 1027 this_cpu_ptr(a->cpu_qstats)->drops += packets; 1028 1029 if (hw) 1030 _bstats_cpu_update(this_cpu_ptr(a->cpu_bstats_hw), 1031 bytes, packets); 1032 return; 1033 } 1034 1035 _bstats_update(&a->tcfa_bstats, bytes, packets); 1036 if (drop) 1037 a->tcfa_qstats.drops += packets; 1038 if (hw) 1039 _bstats_update(&a->tcfa_bstats_hw, bytes, packets); 1040 } 1041 EXPORT_SYMBOL(tcf_action_update_stats); 1042 1043 int tcf_action_copy_stats(struct sk_buff *skb, struct tc_action *p, 1044 int compat_mode) 1045 { 1046 int err = 0; 1047 struct gnet_dump d; 1048 1049 if (p == NULL) 1050 goto errout; 1051 1052 /* compat_mode being true specifies a call that is supposed 1053 * to add additional backward compatibility statistic TLVs. 1054 */ 1055 if (compat_mode) { 1056 if (p->type == TCA_OLD_COMPAT) 1057 err = gnet_stats_start_copy_compat(skb, 0, 1058 TCA_STATS, 1059 TCA_XSTATS, 1060 &p->tcfa_lock, &d, 1061 TCA_PAD); 1062 else 1063 return 0; 1064 } else 1065 err = gnet_stats_start_copy(skb, TCA_ACT_STATS, 1066 &p->tcfa_lock, &d, TCA_ACT_PAD); 1067 1068 if (err < 0) 1069 goto errout; 1070 1071 if (gnet_stats_copy_basic(NULL, &d, p->cpu_bstats, &p->tcfa_bstats) < 0 || 1072 gnet_stats_copy_basic_hw(NULL, &d, p->cpu_bstats_hw, 1073 &p->tcfa_bstats_hw) < 0 || 1074 gnet_stats_copy_rate_est(&d, &p->tcfa_rate_est) < 0 || 1075 gnet_stats_copy_queue(&d, p->cpu_qstats, 1076 &p->tcfa_qstats, 1077 p->tcfa_qstats.qlen) < 0) 1078 goto errout; 1079 1080 if (gnet_stats_finish_copy(&d) < 0) 1081 goto errout; 1082 1083 return 0; 1084 1085 errout: 1086 return -1; 1087 } 1088 1089 static int tca_get_fill(struct sk_buff *skb, struct tc_action *actions[], 1090 u32 portid, u32 seq, u16 flags, int event, int bind, 1091 int ref) 1092 { 1093 struct tcamsg *t; 1094 struct nlmsghdr *nlh; 1095 unsigned char *b = skb_tail_pointer(skb); 1096 struct nlattr *nest; 1097 1098 nlh = nlmsg_put(skb, portid, seq, event, sizeof(*t), flags); 1099 if (!nlh) 1100 goto out_nlmsg_trim; 1101 t = nlmsg_data(nlh); 1102 t->tca_family = AF_UNSPEC; 1103 t->tca__pad1 = 0; 1104 t->tca__pad2 = 0; 1105 1106 nest = nla_nest_start_noflag(skb, TCA_ACT_TAB); 1107 if (!nest) 1108 goto out_nlmsg_trim; 1109 1110 if (tcf_action_dump(skb, actions, bind, ref) < 0) 1111 goto out_nlmsg_trim; 1112 1113 nla_nest_end(skb, nest); 1114 1115 nlh->nlmsg_len = skb_tail_pointer(skb) - b; 1116 return skb->len; 1117 1118 out_nlmsg_trim: 1119 nlmsg_trim(skb, b); 1120 return -1; 1121 } 1122 1123 static int 1124 tcf_get_notify(struct net *net, u32 portid, struct nlmsghdr *n, 1125 struct tc_action *actions[], int event, 1126 struct netlink_ext_ack *extack) 1127 { 1128 struct sk_buff *skb; 1129 1130 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL); 1131 if (!skb) 1132 return -ENOBUFS; 1133 if (tca_get_fill(skb, actions, portid, n->nlmsg_seq, 0, event, 1134 0, 1) <= 0) { 1135 NL_SET_ERR_MSG(extack, "Failed to fill netlink attributes while adding TC action"); 1136 kfree_skb(skb); 1137 return -EINVAL; 1138 } 1139 1140 return rtnl_unicast(skb, net, portid); 1141 } 1142 1143 static struct tc_action *tcf_action_get_1(struct net *net, struct nlattr *nla, 1144 struct nlmsghdr *n, u32 portid, 1145 struct netlink_ext_ack *extack) 1146 { 1147 struct nlattr *tb[TCA_ACT_MAX + 1]; 1148 const struct tc_action_ops *ops; 1149 struct tc_action *a; 1150 int index; 1151 int err; 1152 1153 err = nla_parse_nested_deprecated(tb, TCA_ACT_MAX, nla, 1154 tcf_action_policy, extack); 1155 if (err < 0) 1156 goto err_out; 1157 1158 err = -EINVAL; 1159 if (tb[TCA_ACT_INDEX] == NULL || 1160 nla_len(tb[TCA_ACT_INDEX]) < sizeof(index)) { 1161 NL_SET_ERR_MSG(extack, "Invalid TC action index value"); 1162 goto err_out; 1163 } 1164 index = nla_get_u32(tb[TCA_ACT_INDEX]); 1165 1166 err = -EINVAL; 1167 ops = tc_lookup_action(tb[TCA_ACT_KIND]); 1168 if (!ops) { /* could happen in batch of actions */ 1169 NL_SET_ERR_MSG(extack, "Specified TC action kind not found"); 1170 goto err_out; 1171 } 1172 err = -ENOENT; 1173 if (ops->lookup(net, &a, index) == 0) { 1174 NL_SET_ERR_MSG(extack, "TC action with specified index not found"); 1175 goto err_mod; 1176 } 1177 1178 module_put(ops->owner); 1179 return a; 1180 1181 err_mod: 1182 module_put(ops->owner); 1183 err_out: 1184 return ERR_PTR(err); 1185 } 1186 1187 static int tca_action_flush(struct net *net, struct nlattr *nla, 1188 struct nlmsghdr *n, u32 portid, 1189 struct netlink_ext_ack *extack) 1190 { 1191 struct sk_buff *skb; 1192 unsigned char *b; 1193 struct nlmsghdr *nlh; 1194 struct tcamsg *t; 1195 struct netlink_callback dcb; 1196 struct nlattr *nest; 1197 struct nlattr *tb[TCA_ACT_MAX + 1]; 1198 const struct tc_action_ops *ops; 1199 struct nlattr *kind; 1200 int err = -ENOMEM; 1201 1202 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL); 1203 if (!skb) 1204 return err; 1205 1206 b = skb_tail_pointer(skb); 1207 1208 err = nla_parse_nested_deprecated(tb, TCA_ACT_MAX, nla, 1209 tcf_action_policy, extack); 1210 if (err < 0) 1211 goto err_out; 1212 1213 err = -EINVAL; 1214 kind = tb[TCA_ACT_KIND]; 1215 ops = tc_lookup_action(kind); 1216 if (!ops) { /*some idjot trying to flush unknown action */ 1217 NL_SET_ERR_MSG(extack, "Cannot flush unknown TC action"); 1218 goto err_out; 1219 } 1220 1221 nlh = nlmsg_put(skb, portid, n->nlmsg_seq, RTM_DELACTION, 1222 sizeof(*t), 0); 1223 if (!nlh) { 1224 NL_SET_ERR_MSG(extack, "Failed to create TC action flush notification"); 1225 goto out_module_put; 1226 } 1227 t = nlmsg_data(nlh); 1228 t->tca_family = AF_UNSPEC; 1229 t->tca__pad1 = 0; 1230 t->tca__pad2 = 0; 1231 1232 nest = nla_nest_start_noflag(skb, TCA_ACT_TAB); 1233 if (!nest) { 1234 NL_SET_ERR_MSG(extack, "Failed to add new netlink message"); 1235 goto out_module_put; 1236 } 1237 1238 err = ops->walk(net, skb, &dcb, RTM_DELACTION, ops, extack); 1239 if (err <= 0) { 1240 nla_nest_cancel(skb, nest); 1241 goto out_module_put; 1242 } 1243 1244 nla_nest_end(skb, nest); 1245 1246 nlh->nlmsg_len = skb_tail_pointer(skb) - b; 1247 nlh->nlmsg_flags |= NLM_F_ROOT; 1248 module_put(ops->owner); 1249 err = rtnetlink_send(skb, net, portid, RTNLGRP_TC, 1250 n->nlmsg_flags & NLM_F_ECHO); 1251 if (err > 0) 1252 return 0; 1253 if (err < 0) 1254 NL_SET_ERR_MSG(extack, "Failed to send TC action flush notification"); 1255 1256 return err; 1257 1258 out_module_put: 1259 module_put(ops->owner); 1260 err_out: 1261 kfree_skb(skb); 1262 return err; 1263 } 1264 1265 static int tcf_action_delete(struct net *net, struct tc_action *actions[]) 1266 { 1267 int i; 1268 1269 for (i = 0; i < TCA_ACT_MAX_PRIO && actions[i]; i++) { 1270 struct tc_action *a = actions[i]; 1271 const struct tc_action_ops *ops = a->ops; 1272 /* Actions can be deleted concurrently so we must save their 1273 * type and id to search again after reference is released. 1274 */ 1275 struct tcf_idrinfo *idrinfo = a->idrinfo; 1276 u32 act_index = a->tcfa_index; 1277 1278 actions[i] = NULL; 1279 if (tcf_action_put(a)) { 1280 /* last reference, action was deleted concurrently */ 1281 module_put(ops->owner); 1282 } else { 1283 int ret; 1284 1285 /* now do the delete */ 1286 ret = tcf_idr_delete_index(idrinfo, act_index); 1287 if (ret < 0) 1288 return ret; 1289 } 1290 } 1291 return 0; 1292 } 1293 1294 static int 1295 tcf_del_notify(struct net *net, struct nlmsghdr *n, struct tc_action *actions[], 1296 u32 portid, size_t attr_size, struct netlink_ext_ack *extack) 1297 { 1298 int ret; 1299 struct sk_buff *skb; 1300 1301 skb = alloc_skb(attr_size <= NLMSG_GOODSIZE ? NLMSG_GOODSIZE : attr_size, 1302 GFP_KERNEL); 1303 if (!skb) 1304 return -ENOBUFS; 1305 1306 if (tca_get_fill(skb, actions, portid, n->nlmsg_seq, 0, RTM_DELACTION, 1307 0, 2) <= 0) { 1308 NL_SET_ERR_MSG(extack, "Failed to fill netlink TC action attributes"); 1309 kfree_skb(skb); 1310 return -EINVAL; 1311 } 1312 1313 /* now do the delete */ 1314 ret = tcf_action_delete(net, actions); 1315 if (ret < 0) { 1316 NL_SET_ERR_MSG(extack, "Failed to delete TC action"); 1317 kfree_skb(skb); 1318 return ret; 1319 } 1320 1321 ret = rtnetlink_send(skb, net, portid, RTNLGRP_TC, 1322 n->nlmsg_flags & NLM_F_ECHO); 1323 if (ret > 0) 1324 return 0; 1325 return ret; 1326 } 1327 1328 static int 1329 tca_action_gd(struct net *net, struct nlattr *nla, struct nlmsghdr *n, 1330 u32 portid, int event, struct netlink_ext_ack *extack) 1331 { 1332 int i, ret; 1333 struct nlattr *tb[TCA_ACT_MAX_PRIO + 1]; 1334 struct tc_action *act; 1335 size_t attr_size = 0; 1336 struct tc_action *actions[TCA_ACT_MAX_PRIO] = {}; 1337 1338 ret = nla_parse_nested_deprecated(tb, TCA_ACT_MAX_PRIO, nla, NULL, 1339 extack); 1340 if (ret < 0) 1341 return ret; 1342 1343 if (event == RTM_DELACTION && n->nlmsg_flags & NLM_F_ROOT) { 1344 if (tb[1]) 1345 return tca_action_flush(net, tb[1], n, portid, extack); 1346 1347 NL_SET_ERR_MSG(extack, "Invalid netlink attributes while flushing TC action"); 1348 return -EINVAL; 1349 } 1350 1351 for (i = 1; i <= TCA_ACT_MAX_PRIO && tb[i]; i++) { 1352 act = tcf_action_get_1(net, tb[i], n, portid, extack); 1353 if (IS_ERR(act)) { 1354 ret = PTR_ERR(act); 1355 goto err; 1356 } 1357 attr_size += tcf_action_fill_size(act); 1358 actions[i - 1] = act; 1359 } 1360 1361 attr_size = tcf_action_full_attrs_size(attr_size); 1362 1363 if (event == RTM_GETACTION) 1364 ret = tcf_get_notify(net, portid, n, actions, event, extack); 1365 else { /* delete */ 1366 ret = tcf_del_notify(net, n, actions, portid, attr_size, extack); 1367 if (ret) 1368 goto err; 1369 return 0; 1370 } 1371 err: 1372 tcf_action_put_many(actions); 1373 return ret; 1374 } 1375 1376 static int 1377 tcf_add_notify(struct net *net, struct nlmsghdr *n, struct tc_action *actions[], 1378 u32 portid, size_t attr_size, struct netlink_ext_ack *extack) 1379 { 1380 struct sk_buff *skb; 1381 int err = 0; 1382 1383 skb = alloc_skb(attr_size <= NLMSG_GOODSIZE ? NLMSG_GOODSIZE : attr_size, 1384 GFP_KERNEL); 1385 if (!skb) 1386 return -ENOBUFS; 1387 1388 if (tca_get_fill(skb, actions, portid, n->nlmsg_seq, n->nlmsg_flags, 1389 RTM_NEWACTION, 0, 0) <= 0) { 1390 NL_SET_ERR_MSG(extack, "Failed to fill netlink attributes while adding TC action"); 1391 kfree_skb(skb); 1392 return -EINVAL; 1393 } 1394 1395 err = rtnetlink_send(skb, net, portid, RTNLGRP_TC, 1396 n->nlmsg_flags & NLM_F_ECHO); 1397 if (err > 0) 1398 err = 0; 1399 return err; 1400 } 1401 1402 static int tcf_action_add(struct net *net, struct nlattr *nla, 1403 struct nlmsghdr *n, u32 portid, int ovr, 1404 struct netlink_ext_ack *extack) 1405 { 1406 size_t attr_size = 0; 1407 int loop, ret; 1408 struct tc_action *actions[TCA_ACT_MAX_PRIO] = {}; 1409 1410 for (loop = 0; loop < 10; loop++) { 1411 ret = tcf_action_init(net, NULL, nla, NULL, NULL, ovr, 0, 1412 actions, &attr_size, true, extack); 1413 if (ret != -EAGAIN) 1414 break; 1415 } 1416 1417 if (ret < 0) 1418 return ret; 1419 ret = tcf_add_notify(net, n, actions, portid, attr_size, extack); 1420 if (ovr) 1421 tcf_action_put_many(actions); 1422 1423 return ret; 1424 } 1425 1426 static u32 tcaa_root_flags_allowed = TCA_FLAG_LARGE_DUMP_ON; 1427 static const struct nla_policy tcaa_policy[TCA_ROOT_MAX + 1] = { 1428 [TCA_ROOT_FLAGS] = { .type = NLA_BITFIELD32, 1429 .validation_data = &tcaa_root_flags_allowed }, 1430 [TCA_ROOT_TIME_DELTA] = { .type = NLA_U32 }, 1431 }; 1432 1433 static int tc_ctl_action(struct sk_buff *skb, struct nlmsghdr *n, 1434 struct netlink_ext_ack *extack) 1435 { 1436 struct net *net = sock_net(skb->sk); 1437 struct nlattr *tca[TCA_ROOT_MAX + 1]; 1438 u32 portid = skb ? NETLINK_CB(skb).portid : 0; 1439 int ret = 0, ovr = 0; 1440 1441 if ((n->nlmsg_type != RTM_GETACTION) && 1442 !netlink_capable(skb, CAP_NET_ADMIN)) 1443 return -EPERM; 1444 1445 ret = nlmsg_parse_deprecated(n, sizeof(struct tcamsg), tca, 1446 TCA_ROOT_MAX, NULL, extack); 1447 if (ret < 0) 1448 return ret; 1449 1450 if (tca[TCA_ACT_TAB] == NULL) { 1451 NL_SET_ERR_MSG(extack, "Netlink action attributes missing"); 1452 return -EINVAL; 1453 } 1454 1455 /* n->nlmsg_flags & NLM_F_CREATE */ 1456 switch (n->nlmsg_type) { 1457 case RTM_NEWACTION: 1458 /* we are going to assume all other flags 1459 * imply create only if it doesn't exist 1460 * Note that CREATE | EXCL implies that 1461 * but since we want avoid ambiguity (eg when flags 1462 * is zero) then just set this 1463 */ 1464 if (n->nlmsg_flags & NLM_F_REPLACE) 1465 ovr = 1; 1466 ret = tcf_action_add(net, tca[TCA_ACT_TAB], n, portid, ovr, 1467 extack); 1468 break; 1469 case RTM_DELACTION: 1470 ret = tca_action_gd(net, tca[TCA_ACT_TAB], n, 1471 portid, RTM_DELACTION, extack); 1472 break; 1473 case RTM_GETACTION: 1474 ret = tca_action_gd(net, tca[TCA_ACT_TAB], n, 1475 portid, RTM_GETACTION, extack); 1476 break; 1477 default: 1478 BUG(); 1479 } 1480 1481 return ret; 1482 } 1483 1484 static struct nlattr *find_dump_kind(struct nlattr **nla) 1485 { 1486 struct nlattr *tb1, *tb2[TCA_ACT_MAX + 1]; 1487 struct nlattr *tb[TCA_ACT_MAX_PRIO + 1]; 1488 struct nlattr *kind; 1489 1490 tb1 = nla[TCA_ACT_TAB]; 1491 if (tb1 == NULL) 1492 return NULL; 1493 1494 if (nla_parse_deprecated(tb, TCA_ACT_MAX_PRIO, nla_data(tb1), NLMSG_ALIGN(nla_len(tb1)), NULL, NULL) < 0) 1495 return NULL; 1496 1497 if (tb[1] == NULL) 1498 return NULL; 1499 if (nla_parse_nested_deprecated(tb2, TCA_ACT_MAX, tb[1], tcf_action_policy, NULL) < 0) 1500 return NULL; 1501 kind = tb2[TCA_ACT_KIND]; 1502 1503 return kind; 1504 } 1505 1506 static int tc_dump_action(struct sk_buff *skb, struct netlink_callback *cb) 1507 { 1508 struct net *net = sock_net(skb->sk); 1509 struct nlmsghdr *nlh; 1510 unsigned char *b = skb_tail_pointer(skb); 1511 struct nlattr *nest; 1512 struct tc_action_ops *a_o; 1513 int ret = 0; 1514 struct tcamsg *t = (struct tcamsg *) nlmsg_data(cb->nlh); 1515 struct nlattr *tb[TCA_ROOT_MAX + 1]; 1516 struct nlattr *count_attr = NULL; 1517 unsigned long jiffy_since = 0; 1518 struct nlattr *kind = NULL; 1519 struct nla_bitfield32 bf; 1520 u32 msecs_since = 0; 1521 u32 act_count = 0; 1522 1523 ret = nlmsg_parse_deprecated(cb->nlh, sizeof(struct tcamsg), tb, 1524 TCA_ROOT_MAX, tcaa_policy, cb->extack); 1525 if (ret < 0) 1526 return ret; 1527 1528 kind = find_dump_kind(tb); 1529 if (kind == NULL) { 1530 pr_info("tc_dump_action: action bad kind\n"); 1531 return 0; 1532 } 1533 1534 a_o = tc_lookup_action(kind); 1535 if (a_o == NULL) 1536 return 0; 1537 1538 cb->args[2] = 0; 1539 if (tb[TCA_ROOT_FLAGS]) { 1540 bf = nla_get_bitfield32(tb[TCA_ROOT_FLAGS]); 1541 cb->args[2] = bf.value; 1542 } 1543 1544 if (tb[TCA_ROOT_TIME_DELTA]) { 1545 msecs_since = nla_get_u32(tb[TCA_ROOT_TIME_DELTA]); 1546 } 1547 1548 nlh = nlmsg_put(skb, NETLINK_CB(cb->skb).portid, cb->nlh->nlmsg_seq, 1549 cb->nlh->nlmsg_type, sizeof(*t), 0); 1550 if (!nlh) 1551 goto out_module_put; 1552 1553 if (msecs_since) 1554 jiffy_since = jiffies - msecs_to_jiffies(msecs_since); 1555 1556 t = nlmsg_data(nlh); 1557 t->tca_family = AF_UNSPEC; 1558 t->tca__pad1 = 0; 1559 t->tca__pad2 = 0; 1560 cb->args[3] = jiffy_since; 1561 count_attr = nla_reserve(skb, TCA_ROOT_COUNT, sizeof(u32)); 1562 if (!count_attr) 1563 goto out_module_put; 1564 1565 nest = nla_nest_start_noflag(skb, TCA_ACT_TAB); 1566 if (nest == NULL) 1567 goto out_module_put; 1568 1569 ret = a_o->walk(net, skb, cb, RTM_GETACTION, a_o, NULL); 1570 if (ret < 0) 1571 goto out_module_put; 1572 1573 if (ret > 0) { 1574 nla_nest_end(skb, nest); 1575 ret = skb->len; 1576 act_count = cb->args[1]; 1577 memcpy(nla_data(count_attr), &act_count, sizeof(u32)); 1578 cb->args[1] = 0; 1579 } else 1580 nlmsg_trim(skb, b); 1581 1582 nlh->nlmsg_len = skb_tail_pointer(skb) - b; 1583 if (NETLINK_CB(cb->skb).portid && ret) 1584 nlh->nlmsg_flags |= NLM_F_MULTI; 1585 module_put(a_o->owner); 1586 return skb->len; 1587 1588 out_module_put: 1589 module_put(a_o->owner); 1590 nlmsg_trim(skb, b); 1591 return skb->len; 1592 } 1593 1594 static int __init tc_action_init(void) 1595 { 1596 rtnl_register(PF_UNSPEC, RTM_NEWACTION, tc_ctl_action, NULL, 0); 1597 rtnl_register(PF_UNSPEC, RTM_DELACTION, tc_ctl_action, NULL, 0); 1598 rtnl_register(PF_UNSPEC, RTM_GETACTION, tc_ctl_action, tc_dump_action, 1599 0); 1600 1601 return 0; 1602 } 1603 1604 subsys_initcall(tc_action_init); 1605