~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/include/net/pkt_cls.h

Version: ~ [ linux-5.6-rc1 ] ~ [ linux-5.5.2 ] ~ [ linux-5.4.17 ] ~ [ linux-5.3.18 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.102 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.170 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.213 ] ~ [ linux-4.8.17 ] ~ [ linux-4.7.10 ] ~ [ linux-4.6.7 ] ~ [ linux-4.5.7 ] ~ [ linux-4.4.213 ] ~ [ linux-4.3.6 ] ~ [ linux-4.2.8 ] ~ [ linux-4.1.52 ] ~ [ linux-4.0.9 ] ~ [ linux-3.19.8 ] ~ [ linux-3.18.140 ] ~ [ linux-3.17.8 ] ~ [ linux-3.16.81 ] ~ [ linux-3.15.10 ] ~ [ linux-3.14.79 ] ~ [ linux-3.13.11 ] ~ [ linux-3.12.74 ] ~ [ linux-3.11.10 ] ~ [ linux-3.10.108 ] ~ [ linux-3.9.11 ] ~ [ linux-3.8.13 ] ~ [ linux-3.7.10 ] ~ [ linux-3.6.11 ] ~ [ linux-3.5.7 ] ~ [ linux-3.4.113 ] ~ [ linux-3.3.8 ] ~ [ linux-3.2.102 ] ~ [ linux-3.1.10 ] ~ [ linux-3.0.101 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.5 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

  1 #ifndef __NET_PKT_CLS_H
  2 #define __NET_PKT_CLS_H
  3 
  4 #include <linux/pkt_cls.h>
  5 #include <net/sch_generic.h>
  6 #include <net/act_api.h>
  7 
  8 /* Basic packet classifier frontend definitions. */
  9 
 10 struct tcf_walker {
 11         int     stop;
 12         int     skip;
 13         int     count;
 14         int     (*fn)(struct tcf_proto *, unsigned long node, struct tcf_walker *);
 15 };
 16 
 17 int register_tcf_proto_ops(struct tcf_proto_ops *ops);
 18 int unregister_tcf_proto_ops(struct tcf_proto_ops *ops);
 19 
 20 static inline unsigned long
 21 __cls_set_class(unsigned long *clp, unsigned long cl)
 22 {
 23         unsigned long old_cl;
 24  
 25         old_cl = *clp;
 26         *clp = cl;
 27         return old_cl;
 28 }
 29 
 30 static inline unsigned long
 31 cls_set_class(struct tcf_proto *tp, unsigned long *clp, 
 32         unsigned long cl)
 33 {
 34         unsigned long old_cl;
 35         
 36         tcf_tree_lock(tp);
 37         old_cl = __cls_set_class(clp, cl);
 38         tcf_tree_unlock(tp);
 39  
 40         return old_cl;
 41 }
 42 
 43 static inline void
 44 tcf_bind_filter(struct tcf_proto *tp, struct tcf_result *r, unsigned long base)
 45 {
 46         unsigned long cl;
 47 
 48         cl = tp->q->ops->cl_ops->bind_tcf(tp->q, base, r->classid);
 49         cl = cls_set_class(tp, &r->class, cl);
 50         if (cl)
 51                 tp->q->ops->cl_ops->unbind_tcf(tp->q, cl);
 52 }
 53 
 54 static inline void
 55 tcf_unbind_filter(struct tcf_proto *tp, struct tcf_result *r)
 56 {
 57         unsigned long cl;
 58 
 59         if ((cl = __cls_set_class(&r->class, 0)) != 0)
 60                 tp->q->ops->cl_ops->unbind_tcf(tp->q, cl);
 61 }
 62 
 63 struct tcf_exts {
 64 #ifdef CONFIG_NET_CLS_ACT
 65         struct tc_action *action;
 66 #endif
 67 };
 68 
 69 /* Map to export classifier specific extension TLV types to the
 70  * generic extensions API. Unsupported extensions must be set to 0.
 71  */
 72 struct tcf_ext_map {
 73         int action;
 74         int police;
 75 };
 76 
 77 /**
 78  * tcf_exts_is_predicative - check if a predicative extension is present
 79  * @exts: tc filter extensions handle
 80  *
 81  * Returns 1 if a predicative extension is present, i.e. an extension which
 82  * might cause further actions and thus overrule the regular tcf_result.
 83  */
 84 static inline int
 85 tcf_exts_is_predicative(struct tcf_exts *exts)
 86 {
 87 #ifdef CONFIG_NET_CLS_ACT
 88         return !!exts->action;
 89 #else
 90         return 0;
 91 #endif
 92 }
 93 
 94 /**
 95  * tcf_exts_is_available - check if at least one extension is present
 96  * @exts: tc filter extensions handle
 97  *
 98  * Returns 1 if at least one extension is present.
 99  */
100 static inline int
101 tcf_exts_is_available(struct tcf_exts *exts)
102 {
103         /* All non-predicative extensions must be added here. */
104         return tcf_exts_is_predicative(exts);
105 }
106 
107 /**
108  * tcf_exts_exec - execute tc filter extensions
109  * @skb: socket buffer
110  * @exts: tc filter extensions handle
111  * @res: desired result
112  *
113  * Executes all configured extensions. Returns 0 on a normal execution,
114  * a negative number if the filter must be considered unmatched or
115  * a positive action code (TC_ACT_*) which must be returned to the
116  * underlying layer.
117  */
118 static inline int
119 tcf_exts_exec(struct sk_buff *skb, struct tcf_exts *exts,
120                struct tcf_result *res)
121 {
122 #ifdef CONFIG_NET_CLS_ACT
123         if (exts->action)
124                 return tcf_action_exec(skb, exts->action, res);
125 #endif
126         return 0;
127 }
128 
129 int tcf_exts_validate(struct net *net, struct tcf_proto *tp,
130                       struct nlattr **tb, struct nlattr *rate_tlv,
131                       struct tcf_exts *exts,
132                       const struct tcf_ext_map *map);
133 void tcf_exts_destroy(struct tcf_proto *tp, struct tcf_exts *exts);
134 void tcf_exts_change(struct tcf_proto *tp, struct tcf_exts *dst,
135                      struct tcf_exts *src);
136 int tcf_exts_dump(struct sk_buff *skb, struct tcf_exts *exts,
137                   const struct tcf_ext_map *map);
138 int tcf_exts_dump_stats(struct sk_buff *skb, struct tcf_exts *exts,
139                         const struct tcf_ext_map *map);
140 
141 /**
142  * struct tcf_pkt_info - packet information
143  */
144 struct tcf_pkt_info {
145         unsigned char *         ptr;
146         int                     nexthdr;
147 };
148 
149 #ifdef CONFIG_NET_EMATCH
150 
151 struct tcf_ematch_ops;
152 
153 /**
154  * struct tcf_ematch - extended match (ematch)
155  * 
156  * @matchid: identifier to allow userspace to reidentify a match
157  * @flags: flags specifying attributes and the relation to other matches
158  * @ops: the operations lookup table of the corresponding ematch module
159  * @datalen: length of the ematch specific configuration data
160  * @data: ematch specific data
161  */
162 struct tcf_ematch {
163         struct tcf_ematch_ops * ops;
164         unsigned long           data;
165         unsigned int            datalen;
166         u16                     matchid;
167         u16                     flags;
168 };
169 
170 static inline int tcf_em_is_container(struct tcf_ematch *em)
171 {
172         return !em->ops;
173 }
174 
175 static inline int tcf_em_is_simple(struct tcf_ematch *em)
176 {
177         return em->flags & TCF_EM_SIMPLE;
178 }
179 
180 static inline int tcf_em_is_inverted(struct tcf_ematch *em)
181 {
182         return em->flags & TCF_EM_INVERT;
183 }
184 
185 static inline int tcf_em_last_match(struct tcf_ematch *em)
186 {
187         return (em->flags & TCF_EM_REL_MASK) == TCF_EM_REL_END;
188 }
189 
190 static inline int tcf_em_early_end(struct tcf_ematch *em, int result)
191 {
192         if (tcf_em_last_match(em))
193                 return 1;
194 
195         if (result == 0 && em->flags & TCF_EM_REL_AND)
196                 return 1;
197 
198         if (result != 0 && em->flags & TCF_EM_REL_OR)
199                 return 1;
200 
201         return 0;
202 }
203         
204 /**
205  * struct tcf_ematch_tree - ematch tree handle
206  *
207  * @hdr: ematch tree header supplied by userspace
208  * @matches: array of ematches
209  */
210 struct tcf_ematch_tree {
211         struct tcf_ematch_tree_hdr hdr;
212         struct tcf_ematch *     matches;
213         
214 };
215 
216 /**
217  * struct tcf_ematch_ops - ematch module operations
218  * 
219  * @kind: identifier (kind) of this ematch module
220  * @datalen: length of expected configuration data (optional)
221  * @change: called during validation (optional)
222  * @match: called during ematch tree evaluation, must return 1/0
223  * @destroy: called during destroyage (optional)
224  * @dump: called during dumping process (optional)
225  * @owner: owner, must be set to THIS_MODULE
226  * @link: link to previous/next ematch module (internal use)
227  */
228 struct tcf_ematch_ops {
229         int                     kind;
230         int                     datalen;
231         int                     (*change)(struct tcf_proto *, void *,
232                                           int, struct tcf_ematch *);
233         int                     (*match)(struct sk_buff *, struct tcf_ematch *,
234                                          struct tcf_pkt_info *);
235         void                    (*destroy)(struct tcf_proto *,
236                                            struct tcf_ematch *);
237         int                     (*dump)(struct sk_buff *, struct tcf_ematch *);
238         struct module           *owner;
239         struct list_head        link;
240 };
241 
242 int tcf_em_register(struct tcf_ematch_ops *);
243 void tcf_em_unregister(struct tcf_ematch_ops *);
244 int tcf_em_tree_validate(struct tcf_proto *, struct nlattr *,
245                          struct tcf_ematch_tree *);
246 void tcf_em_tree_destroy(struct tcf_proto *, struct tcf_ematch_tree *);
247 int tcf_em_tree_dump(struct sk_buff *, struct tcf_ematch_tree *, int);
248 int __tcf_em_tree_match(struct sk_buff *, struct tcf_ematch_tree *,
249                         struct tcf_pkt_info *);
250 
251 /**
252  * tcf_em_tree_change - replace ematch tree of a running classifier
253  *
254  * @tp: classifier kind handle
255  * @dst: destination ematch tree variable
256  * @src: source ematch tree (temporary tree from tcf_em_tree_validate)
257  *
258  * This functions replaces the ematch tree in @dst with the ematch
259  * tree in @src. The classifier in charge of the ematch tree may be
260  * running.
261  */
262 static inline void tcf_em_tree_change(struct tcf_proto *tp,
263                                       struct tcf_ematch_tree *dst,
264                                       struct tcf_ematch_tree *src)
265 {
266         tcf_tree_lock(tp);
267         memcpy(dst, src, sizeof(*dst));
268         tcf_tree_unlock(tp);
269 }
270 
271 /**
272  * tcf_em_tree_match - evaulate an ematch tree
273  *
274  * @skb: socket buffer of the packet in question
275  * @tree: ematch tree to be used for evaluation
276  * @info: packet information examined by classifier
277  *
278  * This function matches @skb against the ematch tree in @tree by going
279  * through all ematches respecting their logic relations returning
280  * as soon as the result is obvious.
281  *
282  * Returns 1 if the ematch tree as-one matches, no ematches are configured
283  * or ematch is not enabled in the kernel, otherwise 0 is returned.
284  */
285 static inline int tcf_em_tree_match(struct sk_buff *skb,
286                                     struct tcf_ematch_tree *tree,
287                                     struct tcf_pkt_info *info)
288 {
289         if (tree->hdr.nmatches)
290                 return __tcf_em_tree_match(skb, tree, info);
291         else
292                 return 1;
293 }
294 
295 #define MODULE_ALIAS_TCF_EMATCH(kind)   MODULE_ALIAS("ematch-kind-" __stringify(kind))
296 
297 #else /* CONFIG_NET_EMATCH */
298 
299 struct tcf_ematch_tree {
300 };
301 
302 #define tcf_em_tree_validate(tp, tb, t) ((void)(t), 0)
303 #define tcf_em_tree_destroy(tp, t) do { (void)(t); } while(0)
304 #define tcf_em_tree_dump(skb, t, tlv) (0)
305 #define tcf_em_tree_change(tp, dst, src) do { } while(0)
306 #define tcf_em_tree_match(skb, t, info) ((void)(info), 1)
307 
308 #endif /* CONFIG_NET_EMATCH */
309 
310 static inline unsigned char * tcf_get_base_ptr(struct sk_buff *skb, int layer)
311 {
312         switch (layer) {
313                 case TCF_LAYER_LINK:
314                         return skb->data;
315                 case TCF_LAYER_NETWORK:
316                         return skb_network_header(skb);
317                 case TCF_LAYER_TRANSPORT:
318                         return skb_transport_header(skb);
319         }
320 
321         return NULL;
322 }
323 
324 static inline int tcf_valid_offset(const struct sk_buff *skb,
325                                    const unsigned char *ptr, const int len)
326 {
327         return likely((ptr + len) <= skb_tail_pointer(skb) &&
328                       ptr >= skb->head &&
329                       (ptr <= (ptr + len)));
330 }
331 
332 #ifdef CONFIG_NET_CLS_IND
333 #include <net/net_namespace.h>
334 
335 static inline int
336 tcf_change_indev(struct tcf_proto *tp, char *indev, struct nlattr *indev_tlv)
337 {
338         if (nla_strlcpy(indev, indev_tlv, IFNAMSIZ) >= IFNAMSIZ)
339                 return -EINVAL;
340         return 0;
341 }
342 
343 static inline int
344 tcf_match_indev(struct sk_buff *skb, char *indev)
345 {
346         struct net_device *dev;
347 
348         if (indev[0]) {
349                 if  (!skb->skb_iif)
350                         return 0;
351                 dev = __dev_get_by_index(dev_net(skb->dev), skb->skb_iif);
352                 if (!dev || strcmp(indev, dev->name))
353                         return 0;
354         }
355 
356         return 1;
357 }
358 #endif /* CONFIG_NET_CLS_IND */
359 
360 #endif
361 

~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

kernel.org | git.kernel.org | LWN.net | Project Home | Wiki (Japanese) | Wiki (English) | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

osdn.jp