~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/net/sched/act_api.c

Version: ~ [ linux-5.5 ] ~ [ linux-5.4.15 ] ~ [ linux-5.3.18 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.98 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.167 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.211 ] ~ [ linux-4.8.17 ] ~ [ linux-4.7.10 ] ~ [ linux-4.6.7 ] ~ [ linux-4.5.7 ] ~ [ linux-4.4.211 ] ~ [ linux-4.3.6 ] ~ [ linux-4.2.8 ] ~ [ linux-4.1.52 ] ~ [ linux-4.0.9 ] ~ [ linux-3.19.8 ] ~ [ linux-3.18.140 ] ~ [ linux-3.17.8 ] ~ [ linux-3.16.81 ] ~ [ linux-3.15.10 ] ~ [ linux-3.14.79 ] ~ [ linux-3.13.11 ] ~ [ linux-3.12.74 ] ~ [ linux-3.11.10 ] ~ [ linux-3.10.108 ] ~ [ linux-3.9.11 ] ~ [ linux-3.8.13 ] ~ [ linux-3.7.10 ] ~ [ linux-3.6.11 ] ~ [ linux-3.5.7 ] ~ [ linux-3.4.113 ] ~ [ linux-3.3.8 ] ~ [ linux-3.2.102 ] ~ [ linux-3.1.10 ] ~ [ linux-3.0.101 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.5 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

  1 /*
  2  * net/sched/act_api.c  Packet action API.
  3  *
  4  *              This program is free software; you can redistribute it and/or
  5  *              modify it under the terms of the GNU General Public License
  6  *              as published by the Free Software Foundation; either version
  7  *              2 of the License, or (at your option) any later version.
  8  *
  9  * Author:      Jamal Hadi Salim
 10  *
 11  *
 12  */
 13 
 14 #include <linux/types.h>
 15 #include <linux/kernel.h>
 16 #include <linux/string.h>
 17 #include <linux/errno.h>
 18 #include <linux/slab.h>
 19 #include <linux/skbuff.h>
 20 #include <linux/init.h>
 21 #include <linux/kmod.h>
 22 #include <linux/err.h>
 23 #include <linux/module.h>
 24 #include <linux/rhashtable.h>
 25 #include <linux/list.h>
 26 #include <net/net_namespace.h>
 27 #include <net/sock.h>
 28 #include <net/sch_generic.h>
 29 #include <net/pkt_cls.h>
 30 #include <net/act_api.h>
 31 #include <net/netlink.h>
 32 
 33 static int tcf_action_goto_chain_init(struct tc_action *a, struct tcf_proto *tp)
 34 {
 35         u32 chain_index = a->tcfa_action & TC_ACT_EXT_VAL_MASK;
 36 
 37         if (!tp)
 38                 return -EINVAL;
 39         a->goto_chain = tcf_chain_get_by_act(tp->chain->block, chain_index);
 40         if (!a->goto_chain)
 41                 return -ENOMEM;
 42         return 0;
 43 }
 44 
 45 static void tcf_action_goto_chain_fini(struct tc_action *a)
 46 {
 47         tcf_chain_put_by_act(a->goto_chain);
 48 }
 49 
 50 static void tcf_action_goto_chain_exec(const struct tc_action *a,
 51                                        struct tcf_result *res)
 52 {
 53         const struct tcf_chain *chain = a->goto_chain;
 54 
 55         res->goto_tp = rcu_dereference_bh(chain->filter_chain);
 56 }
 57 
 58 static void tcf_free_cookie_rcu(struct rcu_head *p)
 59 {
 60         struct tc_cookie *cookie = container_of(p, struct tc_cookie, rcu);
 61 
 62         kfree(cookie->data);
 63         kfree(cookie);
 64 }
 65 
 66 static void tcf_set_action_cookie(struct tc_cookie __rcu **old_cookie,
 67                                   struct tc_cookie *new_cookie)
 68 {
 69         struct tc_cookie *old;
 70 
 71         old = xchg((__force struct tc_cookie **)old_cookie, new_cookie);
 72         if (old)
 73                 call_rcu(&old->rcu, tcf_free_cookie_rcu);
 74 }
 75 
 76 /* XXX: For standalone actions, we don't need a RCU grace period either, because
 77  * actions are always connected to filters and filters are already destroyed in
 78  * RCU callbacks, so after a RCU grace period actions are already disconnected
 79  * from filters. Readers later can not find us.
 80  */
 81 static void free_tcf(struct tc_action *p)
 82 {
 83         free_percpu(p->cpu_bstats);
 84         free_percpu(p->cpu_bstats_hw);
 85         free_percpu(p->cpu_qstats);
 86 
 87         tcf_set_action_cookie(&p->act_cookie, NULL);
 88         if (p->goto_chain)
 89                 tcf_action_goto_chain_fini(p);
 90 
 91         kfree(p);
 92 }
 93 
 94 static void tcf_action_cleanup(struct tc_action *p)
 95 {
 96         if (p->ops->cleanup)
 97                 p->ops->cleanup(p);
 98 
 99         gen_kill_estimator(&p->tcfa_rate_est);
100         free_tcf(p);
101 }
102 
103 static int __tcf_action_put(struct tc_action *p, bool bind)
104 {
105         struct tcf_idrinfo *idrinfo = p->idrinfo;
106 
107         if (refcount_dec_and_mutex_lock(&p->tcfa_refcnt, &idrinfo->lock)) {
108                 if (bind)
109                         atomic_dec(&p->tcfa_bindcnt);
110                 idr_remove(&idrinfo->action_idr, p->tcfa_index);
111                 mutex_unlock(&idrinfo->lock);
112 
113                 tcf_action_cleanup(p);
114                 return 1;
115         }
116 
117         if (bind)
118                 atomic_dec(&p->tcfa_bindcnt);
119 
120         return 0;
121 }
122 
123 int __tcf_idr_release(struct tc_action *p, bool bind, bool strict)
124 {
125         int ret = 0;
126 
127         /* Release with strict==1 and bind==0 is only called through act API
128          * interface (classifiers always bind). Only case when action with
129          * positive reference count and zero bind count can exist is when it was
130          * also created with act API (unbinding last classifier will destroy the
131          * action if it was created by classifier). So only case when bind count
132          * can be changed after initial check is when unbound action is
133          * destroyed by act API while classifier binds to action with same id
134          * concurrently. This result either creation of new action(same behavior
135          * as before), or reusing existing action if concurrent process
136          * increments reference count before action is deleted. Both scenarios
137          * are acceptable.
138          */
139         if (p) {
140                 if (!bind && strict && atomic_read(&p->tcfa_bindcnt) > 0)
141                         return -EPERM;
142 
143                 if (__tcf_action_put(p, bind))
144                         ret = ACT_P_DELETED;
145         }
146 
147         return ret;
148 }
149 EXPORT_SYMBOL(__tcf_idr_release);
150 
151 static size_t tcf_action_shared_attrs_size(const struct tc_action *act)
152 {
153         struct tc_cookie *act_cookie;
154         u32 cookie_len = 0;
155 
156         rcu_read_lock();
157         act_cookie = rcu_dereference(act->act_cookie);
158 
159         if (act_cookie)
160                 cookie_len = nla_total_size(act_cookie->len);
161         rcu_read_unlock();
162 
163         return  nla_total_size(0) /* action number nested */
164                 + nla_total_size(IFNAMSIZ) /* TCA_ACT_KIND */
165                 + cookie_len /* TCA_ACT_COOKIE */
166                 + nla_total_size(0) /* TCA_ACT_STATS nested */
167                 /* TCA_STATS_BASIC */
168                 + nla_total_size_64bit(sizeof(struct gnet_stats_basic))
169                 /* TCA_STATS_QUEUE */
170                 + nla_total_size_64bit(sizeof(struct gnet_stats_queue))
171                 + nla_total_size(0) /* TCA_OPTIONS nested */
172                 + nla_total_size(sizeof(struct tcf_t)); /* TCA_GACT_TM */
173 }
174 
175 static size_t tcf_action_full_attrs_size(size_t sz)
176 {
177         return NLMSG_HDRLEN                     /* struct nlmsghdr */
178                 + sizeof(struct tcamsg)
179                 + nla_total_size(0)             /* TCA_ACT_TAB nested */
180                 + sz;
181 }
182 
183 static size_t tcf_action_fill_size(const struct tc_action *act)
184 {
185         size_t sz = tcf_action_shared_attrs_size(act);
186 
187         if (act->ops->get_fill_size)
188                 return act->ops->get_fill_size(act) + sz;
189         return sz;
190 }
191 
192 static int tcf_dump_walker(struct tcf_idrinfo *idrinfo, struct sk_buff *skb,
193                            struct netlink_callback *cb)
194 {
195         int err = 0, index = -1, s_i = 0, n_i = 0;
196         u32 act_flags = cb->args[2];
197         unsigned long jiffy_since = cb->args[3];
198         struct nlattr *nest;
199         struct idr *idr = &idrinfo->action_idr;
200         struct tc_action *p;
201         unsigned long id = 1;
202 
203         mutex_lock(&idrinfo->lock);
204 
205         s_i = cb->args[0];
206 
207         idr_for_each_entry_ul(idr, p, id) {
208                 index++;
209                 if (index < s_i)
210                         continue;
211 
212                 if (jiffy_since &&
213                     time_after(jiffy_since,
214                                (unsigned long)p->tcfa_tm.lastuse))
215                         continue;
216 
217                 nest = nla_nest_start(skb, n_i);
218                 if (!nest) {
219                         index--;
220                         goto nla_put_failure;
221                 }
222                 err = tcf_action_dump_1(skb, p, 0, 0);
223                 if (err < 0) {
224                         index--;
225                         nlmsg_trim(skb, nest);
226                         goto done;
227                 }
228                 nla_nest_end(skb, nest);
229                 n_i++;
230                 if (!(act_flags & TCA_FLAG_LARGE_DUMP_ON) &&
231                     n_i >= TCA_ACT_MAX_PRIO)
232                         goto done;
233         }
234 done:
235         if (index >= 0)
236                 cb->args[0] = index + 1;
237 
238         mutex_unlock(&idrinfo->lock);
239         if (n_i) {
240                 if (act_flags & TCA_FLAG_LARGE_DUMP_ON)
241                         cb->args[1] = n_i;
242         }
243         return n_i;
244 
245 nla_put_failure:
246         nla_nest_cancel(skb, nest);
247         goto done;
248 }
249 
250 static int tcf_idr_release_unsafe(struct tc_action *p)
251 {
252         if (atomic_read(&p->tcfa_bindcnt) > 0)
253                 return -EPERM;
254 
255         if (refcount_dec_and_test(&p->tcfa_refcnt)) {
256                 idr_remove(&p->idrinfo->action_idr, p->tcfa_index);
257                 tcf_action_cleanup(p);
258                 return ACT_P_DELETED;
259         }
260 
261         return 0;
262 }
263 
264 static int tcf_del_walker(struct tcf_idrinfo *idrinfo, struct sk_buff *skb,
265                           const struct tc_action_ops *ops)
266 {
267         struct nlattr *nest;
268         int n_i = 0;
269         int ret = -EINVAL;
270         struct idr *idr = &idrinfo->action_idr;
271         struct tc_action *p;
272         unsigned long id = 1;
273 
274         nest = nla_nest_start(skb, 0);
275         if (nest == NULL)
276                 goto nla_put_failure;
277         if (nla_put_string(skb, TCA_KIND, ops->kind))
278                 goto nla_put_failure;
279 
280         mutex_lock(&idrinfo->lock);
281         idr_for_each_entry_ul(idr, p, id) {
282                 ret = tcf_idr_release_unsafe(p);
283                 if (ret == ACT_P_DELETED) {
284                         module_put(ops->owner);
285                         n_i++;
286                 } else if (ret < 0) {
287                         mutex_unlock(&idrinfo->lock);
288                         goto nla_put_failure;
289                 }
290         }
291         mutex_unlock(&idrinfo->lock);
292 
293         if (nla_put_u32(skb, TCA_FCNT, n_i))
294                 goto nla_put_failure;
295         nla_nest_end(skb, nest);
296 
297         return n_i;
298 nla_put_failure:
299         nla_nest_cancel(skb, nest);
300         return ret;
301 }
302 
303 int tcf_generic_walker(struct tc_action_net *tn, struct sk_buff *skb,
304                        struct netlink_callback *cb, int type,
305                        const struct tc_action_ops *ops,
306                        struct netlink_ext_ack *extack)
307 {
308         struct tcf_idrinfo *idrinfo = tn->idrinfo;
309 
310         if (type == RTM_DELACTION) {
311                 return tcf_del_walker(idrinfo, skb, ops);
312         } else if (type == RTM_GETACTION) {
313                 return tcf_dump_walker(idrinfo, skb, cb);
314         } else {
315                 WARN(1, "tcf_generic_walker: unknown command %d\n", type);
316                 NL_SET_ERR_MSG(extack, "tcf_generic_walker: unknown command");
317                 return -EINVAL;
318         }
319 }
320 EXPORT_SYMBOL(tcf_generic_walker);
321 
322 int tcf_idr_search(struct tc_action_net *tn, struct tc_action **a, u32 index)
323 {
324         struct tcf_idrinfo *idrinfo = tn->idrinfo;
325         struct tc_action *p;
326 
327         mutex_lock(&idrinfo->lock);
328         p = idr_find(&idrinfo->action_idr, index);
329         if (IS_ERR(p))
330                 p = NULL;
331         else if (p)
332                 refcount_inc(&p->tcfa_refcnt);
333         mutex_unlock(&idrinfo->lock);
334 
335         if (p) {
336                 *a = p;
337                 return true;
338         }
339         return false;
340 }
341 EXPORT_SYMBOL(tcf_idr_search);
342 
343 static int tcf_idr_delete_index(struct tcf_idrinfo *idrinfo, u32 index)
344 {
345         struct tc_action *p;
346         int ret = 0;
347 
348         mutex_lock(&idrinfo->lock);
349         p = idr_find(&idrinfo->action_idr, index);
350         if (!p) {
351                 mutex_unlock(&idrinfo->lock);
352                 return -ENOENT;
353         }
354 
355         if (!atomic_read(&p->tcfa_bindcnt)) {
356                 if (refcount_dec_and_test(&p->tcfa_refcnt)) {
357                         struct module *owner = p->ops->owner;
358 
359                         WARN_ON(p != idr_remove(&idrinfo->action_idr,
360                                                 p->tcfa_index));
361                         mutex_unlock(&idrinfo->lock);
362 
363                         tcf_action_cleanup(p);
364                         module_put(owner);
365                         return 0;
366                 }
367                 ret = 0;
368         } else {
369                 ret = -EPERM;
370         }
371 
372         mutex_unlock(&idrinfo->lock);
373         return ret;
374 }
375 
376 int tcf_idr_create(struct tc_action_net *tn, u32 index, struct nlattr *est,
377                    struct tc_action **a, const struct tc_action_ops *ops,
378                    int bind, bool cpustats)
379 {
380         struct tc_action *p = kzalloc(ops->size, GFP_KERNEL);
381         struct tcf_idrinfo *idrinfo = tn->idrinfo;
382         int err = -ENOMEM;
383 
384         if (unlikely(!p))
385                 return -ENOMEM;
386         refcount_set(&p->tcfa_refcnt, 1);
387         if (bind)
388                 atomic_set(&p->tcfa_bindcnt, 1);
389 
390         if (cpustats) {
391                 p->cpu_bstats = netdev_alloc_pcpu_stats(struct gnet_stats_basic_cpu);
392                 if (!p->cpu_bstats)
393                         goto err1;
394                 p->cpu_bstats_hw = netdev_alloc_pcpu_stats(struct gnet_stats_basic_cpu);
395                 if (!p->cpu_bstats_hw)
396                         goto err2;
397                 p->cpu_qstats = alloc_percpu(struct gnet_stats_queue);
398                 if (!p->cpu_qstats)
399                         goto err3;
400         }
401         spin_lock_init(&p->tcfa_lock);
402         p->tcfa_index = index;
403         p->tcfa_tm.install = jiffies;
404         p->tcfa_tm.lastuse = jiffies;
405         p->tcfa_tm.firstuse = 0;
406         if (est) {
407                 err = gen_new_estimator(&p->tcfa_bstats, p->cpu_bstats,
408                                         &p->tcfa_rate_est,
409                                         &p->tcfa_lock, NULL, est);
410                 if (err)
411                         goto err4;
412         }
413 
414         p->idrinfo = idrinfo;
415         p->ops = ops;
416         *a = p;
417         return 0;
418 err4:
419         free_percpu(p->cpu_qstats);
420 err3:
421         free_percpu(p->cpu_bstats_hw);
422 err2:
423         free_percpu(p->cpu_bstats);
424 err1:
425         kfree(p);
426         return err;
427 }
428 EXPORT_SYMBOL(tcf_idr_create);
429 
430 void tcf_idr_insert(struct tc_action_net *tn, struct tc_action *a)
431 {
432         struct tcf_idrinfo *idrinfo = tn->idrinfo;
433 
434         mutex_lock(&idrinfo->lock);
435         /* Replace ERR_PTR(-EBUSY) allocated by tcf_idr_check_alloc */
436         WARN_ON(!IS_ERR(idr_replace(&idrinfo->action_idr, a, a->tcfa_index)));
437         mutex_unlock(&idrinfo->lock);
438 }
439 EXPORT_SYMBOL(tcf_idr_insert);
440 
441 /* Cleanup idr index that was allocated but not initialized. */
442 
443 void tcf_idr_cleanup(struct tc_action_net *tn, u32 index)
444 {
445         struct tcf_idrinfo *idrinfo = tn->idrinfo;
446 
447         mutex_lock(&idrinfo->lock);
448         /* Remove ERR_PTR(-EBUSY) allocated by tcf_idr_check_alloc */
449         WARN_ON(!IS_ERR(idr_remove(&idrinfo->action_idr, index)));
450         mutex_unlock(&idrinfo->lock);
451 }
452 EXPORT_SYMBOL(tcf_idr_cleanup);
453 
454 /* Check if action with specified index exists. If actions is found, increments
455  * its reference and bind counters, and return 1. Otherwise insert temporary
456  * error pointer (to prevent concurrent users from inserting actions with same
457  * index) and return 0.
458  */
459 
460 int tcf_idr_check_alloc(struct tc_action_net *tn, u32 *index,
461                         struct tc_action **a, int bind)
462 {
463         struct tcf_idrinfo *idrinfo = tn->idrinfo;
464         struct tc_action *p;
465         int ret;
466 
467 again:
468         mutex_lock(&idrinfo->lock);
469         if (*index) {
470                 p = idr_find(&idrinfo->action_idr, *index);
471                 if (IS_ERR(p)) {
472                         /* This means that another process allocated
473                          * index but did not assign the pointer yet.
474                          */
475                         mutex_unlock(&idrinfo->lock);
476                         goto again;
477                 }
478 
479                 if (p) {
480                         refcount_inc(&p->tcfa_refcnt);
481                         if (bind)
482                                 atomic_inc(&p->tcfa_bindcnt);
483                         *a = p;
484                         ret = 1;
485                 } else {
486                         *a = NULL;
487                         ret = idr_alloc_u32(&idrinfo->action_idr, NULL, index,
488                                             *index, GFP_KERNEL);
489                         if (!ret)
490                                 idr_replace(&idrinfo->action_idr,
491                                             ERR_PTR(-EBUSY), *index);
492                 }
493         } else {
494                 *index = 1;
495                 *a = NULL;
496                 ret = idr_alloc_u32(&idrinfo->action_idr, NULL, index,
497                                     UINT_MAX, GFP_KERNEL);
498                 if (!ret)
499                         idr_replace(&idrinfo->action_idr, ERR_PTR(-EBUSY),
500                                     *index);
501         }
502         mutex_unlock(&idrinfo->lock);
503         return ret;
504 }
505 EXPORT_SYMBOL(tcf_idr_check_alloc);
506 
507 void tcf_idrinfo_destroy(const struct tc_action_ops *ops,
508                          struct tcf_idrinfo *idrinfo)
509 {
510         struct idr *idr = &idrinfo->action_idr;
511         struct tc_action *p;
512         int ret;
513         unsigned long id = 1;
514 
515         idr_for_each_entry_ul(idr, p, id) {
516                 ret = __tcf_idr_release(p, false, true);
517                 if (ret == ACT_P_DELETED)
518                         module_put(ops->owner);
519                 else if (ret < 0)
520                         return;
521         }
522         idr_destroy(&idrinfo->action_idr);
523 }
524 EXPORT_SYMBOL(tcf_idrinfo_destroy);
525 
526 static LIST_HEAD(act_base);
527 static DEFINE_RWLOCK(act_mod_lock);
528 
529 int tcf_register_action(struct tc_action_ops *act,
530                         struct pernet_operations *ops)
531 {
532         struct tc_action_ops *a;
533         int ret;
534 
535         if (!act->act || !act->dump || !act->init || !act->walk || !act->lookup)
536                 return -EINVAL;
537 
538         /* We have to register pernet ops before making the action ops visible,
539          * otherwise tcf_action_init_1() could get a partially initialized
540          * netns.
541          */
542         ret = register_pernet_subsys(ops);
543         if (ret)
544                 return ret;
545 
546         write_lock(&act_mod_lock);
547         list_for_each_entry(a, &act_base, head) {
548                 if (act->type == a->type || (strcmp(act->kind, a->kind) == 0)) {
549                         write_unlock(&act_mod_lock);
550                         unregister_pernet_subsys(ops);
551                         return -EEXIST;
552                 }
553         }
554         list_add_tail(&act->head, &act_base);
555         write_unlock(&act_mod_lock);
556 
557         return 0;
558 }
559 EXPORT_SYMBOL(tcf_register_action);
560 
561 int tcf_unregister_action(struct tc_action_ops *act,
562                           struct pernet_operations *ops)
563 {
564         struct tc_action_ops *a;
565         int err = -ENOENT;
566 
567         write_lock(&act_mod_lock);
568         list_for_each_entry(a, &act_base, head) {
569                 if (a == act) {
570                         list_del(&act->head);
571                         err = 0;
572                         break;
573                 }
574         }
575         write_unlock(&act_mod_lock);
576         if (!err)
577                 unregister_pernet_subsys(ops);
578         return err;
579 }
580 EXPORT_SYMBOL(tcf_unregister_action);
581 
582 /* lookup by name */
583 static struct tc_action_ops *tc_lookup_action_n(char *kind)
584 {
585         struct tc_action_ops *a, *res = NULL;
586 
587         if (kind) {
588                 read_lock(&act_mod_lock);
589                 list_for_each_entry(a, &act_base, head) {
590                         if (strcmp(kind, a->kind) == 0) {
591                                 if (try_module_get(a->owner))
592                                         res = a;
593                                 break;
594                         }
595                 }
596                 read_unlock(&act_mod_lock);
597         }
598         return res;
599 }
600 
601 /* lookup by nlattr */
602 static struct tc_action_ops *tc_lookup_action(struct nlattr *kind)
603 {
604         struct tc_action_ops *a, *res = NULL;
605 
606         if (kind) {
607                 read_lock(&act_mod_lock);
608                 list_for_each_entry(a, &act_base, head) {
609                         if (nla_strcmp(kind, a->kind) == 0) {
610                                 if (try_module_get(a->owner))
611                                         res = a;
612                                 break;
613                         }
614                 }
615                 read_unlock(&act_mod_lock);
616         }
617         return res;
618 }
619 
620 /*TCA_ACT_MAX_PRIO is 32, there count upto 32 */
621 #define TCA_ACT_MAX_PRIO_MASK 0x1FF
622 int tcf_action_exec(struct sk_buff *skb, struct tc_action **actions,
623                     int nr_actions, struct tcf_result *res)
624 {
625         u32 jmp_prgcnt = 0;
626         u32 jmp_ttl = TCA_ACT_MAX_PRIO; /*matches actions per filter */
627         int i;
628         int ret = TC_ACT_OK;
629 
630         if (skb_skip_tc_classify(skb))
631                 return TC_ACT_OK;
632 
633 restart_act_graph:
634         for (i = 0; i < nr_actions; i++) {
635                 const struct tc_action *a = actions[i];
636 
637                 if (jmp_prgcnt > 0) {
638                         jmp_prgcnt -= 1;
639                         continue;
640                 }
641 repeat:
642                 ret = a->ops->act(skb, a, res);
643                 if (ret == TC_ACT_REPEAT)
644                         goto repeat;    /* we need a ttl - JHS */
645 
646                 if (TC_ACT_EXT_CMP(ret, TC_ACT_JUMP)) {
647                         jmp_prgcnt = ret & TCA_ACT_MAX_PRIO_MASK;
648                         if (!jmp_prgcnt || (jmp_prgcnt > nr_actions)) {
649                                 /* faulty opcode, stop pipeline */
650                                 return TC_ACT_OK;
651                         } else {
652                                 jmp_ttl -= 1;
653                                 if (jmp_ttl > 0)
654                                         goto restart_act_graph;
655                                 else /* faulty graph, stop pipeline */
656                                         return TC_ACT_OK;
657                         }
658                 } else if (TC_ACT_EXT_CMP(ret, TC_ACT_GOTO_CHAIN)) {
659                         tcf_action_goto_chain_exec(a, res);
660                 }
661 
662                 if (ret != TC_ACT_PIPE)
663                         break;
664         }
665 
666         return ret;
667 }
668 EXPORT_SYMBOL(tcf_action_exec);
669 
670 int tcf_action_destroy(struct tc_action *actions[], int bind)
671 {
672         const struct tc_action_ops *ops;
673         struct tc_action *a;
674         int ret = 0, i;
675 
676         for (i = 0; i < TCA_ACT_MAX_PRIO && actions[i]; i++) {
677                 a = actions[i];
678                 actions[i] = NULL;
679                 ops = a->ops;
680                 ret = __tcf_idr_release(a, bind, true);
681                 if (ret == ACT_P_DELETED)
682                         module_put(ops->owner);
683                 else if (ret < 0)
684                         return ret;
685         }
686         return ret;
687 }
688 
689 static int tcf_action_destroy_1(struct tc_action *a, int bind)
690 {
691         struct tc_action *actions[] = { a, NULL };
692 
693         return tcf_action_destroy(actions, bind);
694 }
695 
696 static int tcf_action_put(struct tc_action *p)
697 {
698         return __tcf_action_put(p, false);
699 }
700 
701 /* Put all actions in this array, skip those NULL's. */
702 static void tcf_action_put_many(struct tc_action *actions[])
703 {
704         int i;
705 
706         for (i = 0; i < TCA_ACT_MAX_PRIO; i++) {
707                 struct tc_action *a = actions[i];
708                 const struct tc_action_ops *ops;
709 
710                 if (!a)
711                         continue;
712                 ops = a->ops;
713                 if (tcf_action_put(a))
714                         module_put(ops->owner);
715         }
716 }
717 
718 int
719 tcf_action_dump_old(struct sk_buff *skb, struct tc_action *a, int bind, int ref)
720 {
721         return a->ops->dump(skb, a, bind, ref);
722 }
723 
724 int
725 tcf_action_dump_1(struct sk_buff *skb, struct tc_action *a, int bind, int ref)
726 {
727         int err = -EINVAL;
728         unsigned char *b = skb_tail_pointer(skb);
729         struct nlattr *nest;
730         struct tc_cookie *cookie;
731 
732         if (nla_put_string(skb, TCA_KIND, a->ops->kind))
733                 goto nla_put_failure;
734         if (tcf_action_copy_stats(skb, a, 0))
735                 goto nla_put_failure;
736 
737         rcu_read_lock();
738         cookie = rcu_dereference(a->act_cookie);
739         if (cookie) {
740                 if (nla_put(skb, TCA_ACT_COOKIE, cookie->len, cookie->data)) {
741                         rcu_read_unlock();
742                         goto nla_put_failure;
743                 }
744         }
745         rcu_read_unlock();
746 
747         nest = nla_nest_start(skb, TCA_OPTIONS);
748         if (nest == NULL)
749                 goto nla_put_failure;
750         err = tcf_action_dump_old(skb, a, bind, ref);
751         if (err > 0) {
752                 nla_nest_end(skb, nest);
753                 return err;
754         }
755 
756 nla_put_failure:
757         nlmsg_trim(skb, b);
758         return -1;
759 }
760 EXPORT_SYMBOL(tcf_action_dump_1);
761 
762 int tcf_action_dump(struct sk_buff *skb, struct tc_action *actions[],
763                     int bind, int ref)
764 {
765         struct tc_action *a;
766         int err = -EINVAL, i;
767         struct nlattr *nest;
768 
769         for (i = 0; i < TCA_ACT_MAX_PRIO && actions[i]; i++) {
770                 a = actions[i];
771                 nest = nla_nest_start(skb, a->order);
772                 if (nest == NULL)
773                         goto nla_put_failure;
774                 err = tcf_action_dump_1(skb, a, bind, ref);
775                 if (err < 0)
776                         goto errout;
777                 nla_nest_end(skb, nest);
778         }
779 
780         return 0;
781 
782 nla_put_failure:
783         err = -EINVAL;
784 errout:
785         nla_nest_cancel(skb, nest);
786         return err;
787 }
788 
789 static struct tc_cookie *nla_memdup_cookie(struct nlattr **tb)
790 {
791         struct tc_cookie *c = kzalloc(sizeof(*c), GFP_KERNEL);
792         if (!c)
793                 return NULL;
794 
795         c->data = nla_memdup(tb[TCA_ACT_COOKIE], GFP_KERNEL);
796         if (!c->data) {
797                 kfree(c);
798                 return NULL;
799         }
800         c->len = nla_len(tb[TCA_ACT_COOKIE]);
801 
802         return c;
803 }
804 
805 static bool tcf_action_valid(int action)
806 {
807         int opcode = TC_ACT_EXT_OPCODE(action);
808 
809         if (!opcode)
810                 return action <= TC_ACT_VALUE_MAX;
811         return opcode <= TC_ACT_EXT_OPCODE_MAX || action == TC_ACT_UNSPEC;
812 }
813 
814 struct tc_action *tcf_action_init_1(struct net *net, struct tcf_proto *tp,
815                                     struct nlattr *nla, struct nlattr *est,
816                                     char *name, int ovr, int bind,
817                                     bool rtnl_held,
818                                     struct netlink_ext_ack *extack)
819 {
820         struct tc_action *a;
821         struct tc_action_ops *a_o;
822         struct tc_cookie *cookie = NULL;
823         char act_name[IFNAMSIZ];
824         struct nlattr *tb[TCA_ACT_MAX + 1];
825         struct nlattr *kind;
826         int err;
827 
828         if (name == NULL) {
829                 err = nla_parse_nested(tb, TCA_ACT_MAX, nla, NULL, extack);
830                 if (err < 0)
831                         goto err_out;
832                 err = -EINVAL;
833                 kind = tb[TCA_ACT_KIND];
834                 if (!kind) {
835                         NL_SET_ERR_MSG(extack, "TC action kind must be specified");
836                         goto err_out;
837                 }
838                 if (nla_strlcpy(act_name, kind, IFNAMSIZ) >= IFNAMSIZ) {
839                         NL_SET_ERR_MSG(extack, "TC action name too long");
840                         goto err_out;
841                 }
842                 if (tb[TCA_ACT_COOKIE]) {
843                         int cklen = nla_len(tb[TCA_ACT_COOKIE]);
844 
845                         if (cklen > TC_COOKIE_MAX_SIZE) {
846                                 NL_SET_ERR_MSG(extack, "TC cookie size above the maximum");
847                                 goto err_out;
848                         }
849 
850                         cookie = nla_memdup_cookie(tb);
851                         if (!cookie) {
852                                 NL_SET_ERR_MSG(extack, "No memory to generate TC cookie");
853                                 err = -ENOMEM;
854                                 goto err_out;
855                         }
856                 }
857         } else {
858                 if (strlcpy(act_name, name, IFNAMSIZ) >= IFNAMSIZ) {
859                         NL_SET_ERR_MSG(extack, "TC action name too long");
860                         err = -EINVAL;
861                         goto err_out;
862                 }
863         }
864 
865         a_o = tc_lookup_action_n(act_name);
866         if (a_o == NULL) {
867 #ifdef CONFIG_MODULES
868                 if (rtnl_held)
869                         rtnl_unlock();
870                 request_module("act_%s", act_name);
871                 if (rtnl_held)
872                         rtnl_lock();
873 
874                 a_o = tc_lookup_action_n(act_name);
875 
876                 /* We dropped the RTNL semaphore in order to
877                  * perform the module load.  So, even if we
878                  * succeeded in loading the module we have to
879                  * tell the caller to replay the request.  We
880                  * indicate this using -EAGAIN.
881                  */
882                 if (a_o != NULL) {
883                         err = -EAGAIN;
884                         goto err_mod;
885                 }
886 #endif
887                 NL_SET_ERR_MSG(extack, "Failed to load TC action module");
888                 err = -ENOENT;
889                 goto err_out;
890         }
891 
892         /* backward compatibility for policer */
893         if (name == NULL)
894                 err = a_o->init(net, tb[TCA_ACT_OPTIONS], est, &a, ovr, bind,
895                                 rtnl_held, extack);
896         else
897                 err = a_o->init(net, nla, est, &a, ovr, bind, rtnl_held,
898                                 extack);
899         if (err < 0)
900                 goto err_mod;
901 
902         if (!name && tb[TCA_ACT_COOKIE])
903                 tcf_set_action_cookie(&a->act_cookie, cookie);
904 
905         /* module count goes up only when brand new policy is created
906          * if it exists and is only bound to in a_o->init() then
907          * ACT_P_CREATED is not returned (a zero is).
908          */
909         if (err != ACT_P_CREATED)
910                 module_put(a_o->owner);
911 
912         if (TC_ACT_EXT_CMP(a->tcfa_action, TC_ACT_GOTO_CHAIN)) {
913                 err = tcf_action_goto_chain_init(a, tp);
914                 if (err) {
915                         tcf_action_destroy_1(a, bind);
916                         NL_SET_ERR_MSG(extack, "Failed to init TC action chain");
917                         return ERR_PTR(err);
918                 }
919         }
920 
921         if (!tcf_action_valid(a->tcfa_action)) {
922                 tcf_action_destroy_1(a, bind);
923                 NL_SET_ERR_MSG(extack, "Invalid control action value");
924                 return ERR_PTR(-EINVAL);
925         }
926 
927         return a;
928 
929 err_mod:
930         module_put(a_o->owner);
931 err_out:
932         if (cookie) {
933                 kfree(cookie->data);
934                 kfree(cookie);
935         }
936         return ERR_PTR(err);
937 }
938 
939 /* Returns numbers of initialized actions or negative error. */
940 
941 int tcf_action_init(struct net *net, struct tcf_proto *tp, struct nlattr *nla,
942                     struct nlattr *est, char *name, int ovr, int bind,
943                     struct tc_action *actions[], size_t *attr_size,
944                     bool rtnl_held, struct netlink_ext_ack *extack)
945 {
946         struct nlattr *tb[TCA_ACT_MAX_PRIO + 1];
947         struct tc_action *act;
948         size_t sz = 0;
949         int err;
950         int i;
951 
952         err = nla_parse_nested(tb, TCA_ACT_MAX_PRIO, nla, NULL, extack);
953         if (err < 0)
954                 return err;
955 
956         for (i = 1; i <= TCA_ACT_MAX_PRIO && tb[i]; i++) {
957                 act = tcf_action_init_1(net, tp, tb[i], est, name, ovr, bind,
958                                         rtnl_held, extack);
959                 if (IS_ERR(act)) {
960                         err = PTR_ERR(act);
961                         goto err;
962                 }
963                 act->order = i;
964                 sz += tcf_action_fill_size(act);
965                 /* Start from index 0 */
966                 actions[i - 1] = act;
967         }
968 
969         *attr_size = tcf_action_full_attrs_size(sz);
970         return i - 1;
971 
972 err:
973         tcf_action_destroy(actions, bind);
974         return err;
975 }
976 
977 int tcf_action_copy_stats(struct sk_buff *skb, struct tc_action *p,
978                           int compat_mode)
979 {
980         int err = 0;
981         struct gnet_dump d;
982 
983         if (p == NULL)
984                 goto errout;
985 
986         /* compat_mode being true specifies a call that is supposed
987          * to add additional backward compatibility statistic TLVs.
988          */
989         if (compat_mode) {
990                 if (p->type == TCA_OLD_COMPAT)
991                         err = gnet_stats_start_copy_compat(skb, 0,
992                                                            TCA_STATS,
993                                                            TCA_XSTATS,
994                                                            &p->tcfa_lock, &d,
995                                                            TCA_PAD);
996                 else
997                         return 0;
998         } else
999                 err = gnet_stats_start_copy(skb, TCA_ACT_STATS,
1000                                             &p->tcfa_lock, &d, TCA_ACT_PAD);
1001 
1002         if (err < 0)
1003                 goto errout;
1004 
1005         if (gnet_stats_copy_basic(NULL, &d, p->cpu_bstats, &p->tcfa_bstats) < 0 ||
1006             gnet_stats_copy_basic_hw(NULL, &d, p->cpu_bstats_hw,
1007                                      &p->tcfa_bstats_hw) < 0 ||
1008             gnet_stats_copy_rate_est(&d, &p->tcfa_rate_est) < 0 ||
1009             gnet_stats_copy_queue(&d, p->cpu_qstats,
1010                                   &p->tcfa_qstats,
1011                                   p->tcfa_qstats.qlen) < 0)
1012                 goto errout;
1013 
1014         if (gnet_stats_finish_copy(&d) < 0)
1015                 goto errout;
1016 
1017         return 0;
1018 
1019 errout:
1020         return -1;
1021 }
1022 
1023 static int tca_get_fill(struct sk_buff *skb, struct tc_action *actions[],
1024                         u32 portid, u32 seq, u16 flags, int event, int bind,
1025                         int ref)
1026 {
1027         struct tcamsg *t;
1028         struct nlmsghdr *nlh;
1029         unsigned char *b = skb_tail_pointer(skb);
1030         struct nlattr *nest;
1031 
1032         nlh = nlmsg_put(skb, portid, seq, event, sizeof(*t), flags);
1033         if (!nlh)
1034                 goto out_nlmsg_trim;
1035         t = nlmsg_data(nlh);
1036         t->tca_family = AF_UNSPEC;
1037         t->tca__pad1 = 0;
1038         t->tca__pad2 = 0;
1039 
1040         nest = nla_nest_start(skb, TCA_ACT_TAB);
1041         if (!nest)
1042                 goto out_nlmsg_trim;
1043 
1044         if (tcf_action_dump(skb, actions, bind, ref) < 0)
1045                 goto out_nlmsg_trim;
1046 
1047         nla_nest_end(skb, nest);
1048 
1049         nlh->nlmsg_len = skb_tail_pointer(skb) - b;
1050         return skb->len;
1051 
1052 out_nlmsg_trim:
1053         nlmsg_trim(skb, b);
1054         return -1;
1055 }
1056 
1057 static int
1058 tcf_get_notify(struct net *net, u32 portid, struct nlmsghdr *n,
1059                struct tc_action *actions[], int event,
1060                struct netlink_ext_ack *extack)
1061 {
1062         struct sk_buff *skb;
1063 
1064         skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL);
1065         if (!skb)
1066                 return -ENOBUFS;
1067         if (tca_get_fill(skb, actions, portid, n->nlmsg_seq, 0, event,
1068                          0, 1) <= 0) {
1069                 NL_SET_ERR_MSG(extack, "Failed to fill netlink attributes while adding TC action");
1070                 kfree_skb(skb);
1071                 return -EINVAL;
1072         }
1073 
1074         return rtnl_unicast(skb, net, portid);
1075 }
1076 
1077 static struct tc_action *tcf_action_get_1(struct net *net, struct nlattr *nla,
1078                                           struct nlmsghdr *n, u32 portid,
1079                                           struct netlink_ext_ack *extack)
1080 {
1081         struct nlattr *tb[TCA_ACT_MAX + 1];
1082         const struct tc_action_ops *ops;
1083         struct tc_action *a;
1084         int index;
1085         int err;
1086 
1087         err = nla_parse_nested(tb, TCA_ACT_MAX, nla, NULL, extack);
1088         if (err < 0)
1089                 goto err_out;
1090 
1091         err = -EINVAL;
1092         if (tb[TCA_ACT_INDEX] == NULL ||
1093             nla_len(tb[TCA_ACT_INDEX]) < sizeof(index)) {
1094                 NL_SET_ERR_MSG(extack, "Invalid TC action index value");
1095                 goto err_out;
1096         }
1097         index = nla_get_u32(tb[TCA_ACT_INDEX]);
1098 
1099         err = -EINVAL;
1100         ops = tc_lookup_action(tb[TCA_ACT_KIND]);
1101         if (!ops) { /* could happen in batch of actions */
1102                 NL_SET_ERR_MSG(extack, "Specified TC action kind not found");
1103                 goto err_out;
1104         }
1105         err = -ENOENT;
1106         if (ops->lookup(net, &a, index) == 0) {
1107                 NL_SET_ERR_MSG(extack, "TC action with specified index not found");
1108                 goto err_mod;
1109         }
1110 
1111         module_put(ops->owner);
1112         return a;
1113 
1114 err_mod:
1115         module_put(ops->owner);
1116 err_out:
1117         return ERR_PTR(err);
1118 }
1119 
1120 static int tca_action_flush(struct net *net, struct nlattr *nla,
1121                             struct nlmsghdr *n, u32 portid,
1122                             struct netlink_ext_ack *extack)
1123 {
1124         struct sk_buff *skb;
1125         unsigned char *b;
1126         struct nlmsghdr *nlh;
1127         struct tcamsg *t;
1128         struct netlink_callback dcb;
1129         struct nlattr *nest;
1130         struct nlattr *tb[TCA_ACT_MAX + 1];
1131         const struct tc_action_ops *ops;
1132         struct nlattr *kind;
1133         int err = -ENOMEM;
1134 
1135         skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL);
1136         if (!skb)
1137                 return err;
1138 
1139         b = skb_tail_pointer(skb);
1140 
1141         err = nla_parse_nested(tb, TCA_ACT_MAX, nla, NULL, extack);
1142         if (err < 0)
1143                 goto err_out;
1144 
1145         err = -EINVAL;
1146         kind = tb[TCA_ACT_KIND];
1147         ops = tc_lookup_action(kind);
1148         if (!ops) { /*some idjot trying to flush unknown action */
1149                 NL_SET_ERR_MSG(extack, "Cannot flush unknown TC action");
1150                 goto err_out;
1151         }
1152 
1153         nlh = nlmsg_put(skb, portid, n->nlmsg_seq, RTM_DELACTION,
1154                         sizeof(*t), 0);
1155         if (!nlh) {
1156                 NL_SET_ERR_MSG(extack, "Failed to create TC action flush notification");
1157                 goto out_module_put;
1158         }
1159         t = nlmsg_data(nlh);
1160         t->tca_family = AF_UNSPEC;
1161         t->tca__pad1 = 0;
1162         t->tca__pad2 = 0;
1163 
1164         nest = nla_nest_start(skb, TCA_ACT_TAB);
1165         if (!nest) {
1166                 NL_SET_ERR_MSG(extack, "Failed to add new netlink message");
1167                 goto out_module_put;
1168         }
1169 
1170         err = ops->walk(net, skb, &dcb, RTM_DELACTION, ops, extack);
1171         if (err <= 0) {
1172                 nla_nest_cancel(skb, nest);
1173                 goto out_module_put;
1174         }
1175 
1176         nla_nest_end(skb, nest);
1177 
1178         nlh->nlmsg_len = skb_tail_pointer(skb) - b;
1179         nlh->nlmsg_flags |= NLM_F_ROOT;
1180         module_put(ops->owner);
1181         err = rtnetlink_send(skb, net, portid, RTNLGRP_TC,
1182                              n->nlmsg_flags & NLM_F_ECHO);
1183         if (err > 0)
1184                 return 0;
1185         if (err < 0)
1186                 NL_SET_ERR_MSG(extack, "Failed to send TC action flush notification");
1187 
1188         return err;
1189 
1190 out_module_put:
1191         module_put(ops->owner);
1192 err_out:
1193         kfree_skb(skb);
1194         return err;
1195 }
1196 
1197 static int tcf_action_delete(struct net *net, struct tc_action *actions[])
1198 {
1199         int i;
1200 
1201         for (i = 0; i < TCA_ACT_MAX_PRIO && actions[i]; i++) {
1202                 struct tc_action *a = actions[i];
1203                 const struct tc_action_ops *ops = a->ops;
1204                 /* Actions can be deleted concurrently so we must save their
1205                  * type and id to search again after reference is released.
1206                  */
1207                 struct tcf_idrinfo *idrinfo = a->idrinfo;
1208                 u32 act_index = a->tcfa_index;
1209 
1210                 actions[i] = NULL;
1211                 if (tcf_action_put(a)) {
1212                         /* last reference, action was deleted concurrently */
1213                         module_put(ops->owner);
1214                 } else  {
1215                         int ret;
1216 
1217                         /* now do the delete */
1218                         ret = tcf_idr_delete_index(idrinfo, act_index);
1219                         if (ret < 0)
1220                                 return ret;
1221                 }
1222         }
1223         return 0;
1224 }
1225 
1226 static int
1227 tcf_del_notify(struct net *net, struct nlmsghdr *n, struct tc_action *actions[],
1228                u32 portid, size_t attr_size, struct netlink_ext_ack *extack)
1229 {
1230         int ret;
1231         struct sk_buff *skb;
1232 
1233         skb = alloc_skb(attr_size <= NLMSG_GOODSIZE ? NLMSG_GOODSIZE : attr_size,
1234                         GFP_KERNEL);
1235         if (!skb)
1236                 return -ENOBUFS;
1237 
1238         if (tca_get_fill(skb, actions, portid, n->nlmsg_seq, 0, RTM_DELACTION,
1239                          0, 2) <= 0) {
1240                 NL_SET_ERR_MSG(extack, "Failed to fill netlink TC action attributes");
1241                 kfree_skb(skb);
1242                 return -EINVAL;
1243         }
1244 
1245         /* now do the delete */
1246         ret = tcf_action_delete(net, actions);
1247         if (ret < 0) {
1248                 NL_SET_ERR_MSG(extack, "Failed to delete TC action");
1249                 kfree_skb(skb);
1250                 return ret;
1251         }
1252 
1253         ret = rtnetlink_send(skb, net, portid, RTNLGRP_TC,
1254                              n->nlmsg_flags & NLM_F_ECHO);
1255         if (ret > 0)
1256                 return 0;
1257         return ret;
1258 }
1259 
1260 static int
1261 tca_action_gd(struct net *net, struct nlattr *nla, struct nlmsghdr *n,
1262               u32 portid, int event, struct netlink_ext_ack *extack)
1263 {
1264         int i, ret;
1265         struct nlattr *tb[TCA_ACT_MAX_PRIO + 1];
1266         struct tc_action *act;
1267         size_t attr_size = 0;
1268         struct tc_action *actions[TCA_ACT_MAX_PRIO] = {};
1269 
1270         ret = nla_parse_nested(tb, TCA_ACT_MAX_PRIO, nla, NULL, extack);
1271         if (ret < 0)
1272                 return ret;
1273 
1274         if (event == RTM_DELACTION && n->nlmsg_flags & NLM_F_ROOT) {
1275                 if (tb[1])
1276                         return tca_action_flush(net, tb[1], n, portid, extack);
1277 
1278                 NL_SET_ERR_MSG(extack, "Invalid netlink attributes while flushing TC action");
1279                 return -EINVAL;
1280         }
1281 
1282         for (i = 1; i <= TCA_ACT_MAX_PRIO && tb[i]; i++) {
1283                 act = tcf_action_get_1(net, tb[i], n, portid, extack);
1284                 if (IS_ERR(act)) {
1285                         ret = PTR_ERR(act);
1286                         goto err;
1287                 }
1288                 act->order = i;
1289                 attr_size += tcf_action_fill_size(act);
1290                 actions[i - 1] = act;
1291         }
1292 
1293         attr_size = tcf_action_full_attrs_size(attr_size);
1294 
1295         if (event == RTM_GETACTION)
1296                 ret = tcf_get_notify(net, portid, n, actions, event, extack);
1297         else { /* delete */
1298                 ret = tcf_del_notify(net, n, actions, portid, attr_size, extack);
1299                 if (ret)
1300                         goto err;
1301                 return 0;
1302         }
1303 err:
1304         tcf_action_put_many(actions);
1305         return ret;
1306 }
1307 
1308 static int
1309 tcf_add_notify(struct net *net, struct nlmsghdr *n, struct tc_action *actions[],
1310                u32 portid, size_t attr_size, struct netlink_ext_ack *extack)
1311 {
1312         struct sk_buff *skb;
1313         int err = 0;
1314 
1315         skb = alloc_skb(attr_size <= NLMSG_GOODSIZE ? NLMSG_GOODSIZE : attr_size,
1316                         GFP_KERNEL);
1317         if (!skb)
1318                 return -ENOBUFS;
1319 
1320         if (tca_get_fill(skb, actions, portid, n->nlmsg_seq, n->nlmsg_flags,
1321                          RTM_NEWACTION, 0, 0) <= 0) {
1322                 NL_SET_ERR_MSG(extack, "Failed to fill netlink attributes while adding TC action");
1323                 kfree_skb(skb);
1324                 return -EINVAL;
1325         }
1326 
1327         err = rtnetlink_send(skb, net, portid, RTNLGRP_TC,
1328                              n->nlmsg_flags & NLM_F_ECHO);
1329         if (err > 0)
1330                 err = 0;
1331         return err;
1332 }
1333 
1334 static int tcf_action_add(struct net *net, struct nlattr *nla,
1335                           struct nlmsghdr *n, u32 portid, int ovr,
1336                           struct netlink_ext_ack *extack)
1337 {
1338         size_t attr_size = 0;
1339         int ret = 0;
1340         struct tc_action *actions[TCA_ACT_MAX_PRIO] = {};
1341 
1342         ret = tcf_action_init(net, NULL, nla, NULL, NULL, ovr, 0, actions,
1343                               &attr_size, true, extack);
1344         if (ret < 0)
1345                 return ret;
1346         ret = tcf_add_notify(net, n, actions, portid, attr_size, extack);
1347         if (ovr)
1348                 tcf_action_put_many(actions);
1349 
1350         return ret;
1351 }
1352 
1353 static u32 tcaa_root_flags_allowed = TCA_FLAG_LARGE_DUMP_ON;
1354 static const struct nla_policy tcaa_policy[TCA_ROOT_MAX + 1] = {
1355         [TCA_ROOT_FLAGS] = { .type = NLA_BITFIELD32,
1356                              .validation_data = &tcaa_root_flags_allowed },
1357         [TCA_ROOT_TIME_DELTA]      = { .type = NLA_U32 },
1358 };
1359 
1360 static int tc_ctl_action(struct sk_buff *skb, struct nlmsghdr *n,
1361                          struct netlink_ext_ack *extack)
1362 {
1363         struct net *net = sock_net(skb->sk);
1364         struct nlattr *tca[TCA_ROOT_MAX + 1];
1365         u32 portid = skb ? NETLINK_CB(skb).portid : 0;
1366         int ret = 0, ovr = 0;
1367 
1368         if ((n->nlmsg_type != RTM_GETACTION) &&
1369             !netlink_capable(skb, CAP_NET_ADMIN))
1370                 return -EPERM;
1371 
1372         ret = nlmsg_parse(n, sizeof(struct tcamsg), tca, TCA_ROOT_MAX, NULL,
1373                           extack);
1374         if (ret < 0)
1375                 return ret;
1376 
1377         if (tca[TCA_ACT_TAB] == NULL) {
1378                 NL_SET_ERR_MSG(extack, "Netlink action attributes missing");
1379                 return -EINVAL;
1380         }
1381 
1382         /* n->nlmsg_flags & NLM_F_CREATE */
1383         switch (n->nlmsg_type) {
1384         case RTM_NEWACTION:
1385                 /* we are going to assume all other flags
1386                  * imply create only if it doesn't exist
1387                  * Note that CREATE | EXCL implies that
1388                  * but since we want avoid ambiguity (eg when flags
1389                  * is zero) then just set this
1390                  */
1391                 if (n->nlmsg_flags & NLM_F_REPLACE)
1392                         ovr = 1;
1393 replay:
1394                 ret = tcf_action_add(net, tca[TCA_ACT_TAB], n, portid, ovr,
1395                                      extack);
1396                 if (ret == -EAGAIN)
1397                         goto replay;
1398                 break;
1399         case RTM_DELACTION:
1400                 ret = tca_action_gd(net, tca[TCA_ACT_TAB], n,
1401                                     portid, RTM_DELACTION, extack);
1402                 break;
1403         case RTM_GETACTION:
1404                 ret = tca_action_gd(net, tca[TCA_ACT_TAB], n,
1405                                     portid, RTM_GETACTION, extack);
1406                 break;
1407         default:
1408                 BUG();
1409         }
1410 
1411         return ret;
1412 }
1413 
1414 static struct nlattr *find_dump_kind(struct nlattr **nla)
1415 {
1416         struct nlattr *tb1, *tb2[TCA_ACT_MAX + 1];
1417         struct nlattr *tb[TCA_ACT_MAX_PRIO + 1];
1418         struct nlattr *kind;
1419 
1420         tb1 = nla[TCA_ACT_TAB];
1421         if (tb1 == NULL)
1422                 return NULL;
1423 
1424         if (nla_parse(tb, TCA_ACT_MAX_PRIO, nla_data(tb1),
1425                       NLMSG_ALIGN(nla_len(tb1)), NULL, NULL) < 0)
1426                 return NULL;
1427 
1428         if (tb[1] == NULL)
1429                 return NULL;
1430         if (nla_parse_nested(tb2, TCA_ACT_MAX, tb[1], NULL, NULL) < 0)
1431                 return NULL;
1432         kind = tb2[TCA_ACT_KIND];
1433 
1434         return kind;
1435 }
1436 
1437 static int tc_dump_action(struct sk_buff *skb, struct netlink_callback *cb)
1438 {
1439         struct net *net = sock_net(skb->sk);
1440         struct nlmsghdr *nlh;
1441         unsigned char *b = skb_tail_pointer(skb);
1442         struct nlattr *nest;
1443         struct tc_action_ops *a_o;
1444         int ret = 0;
1445         struct tcamsg *t = (struct tcamsg *) nlmsg_data(cb->nlh);
1446         struct nlattr *tb[TCA_ROOT_MAX + 1];
1447         struct nlattr *count_attr = NULL;
1448         unsigned long jiffy_since = 0;
1449         struct nlattr *kind = NULL;
1450         struct nla_bitfield32 bf;
1451         u32 msecs_since = 0;
1452         u32 act_count = 0;
1453 
1454         ret = nlmsg_parse(cb->nlh, sizeof(struct tcamsg), tb, TCA_ROOT_MAX,
1455                           tcaa_policy, cb->extack);
1456         if (ret < 0)
1457                 return ret;
1458 
1459         kind = find_dump_kind(tb);
1460         if (kind == NULL) {
1461                 pr_info("tc_dump_action: action bad kind\n");
1462                 return 0;
1463         }
1464 
1465         a_o = tc_lookup_action(kind);
1466         if (a_o == NULL)
1467                 return 0;
1468 
1469         cb->args[2] = 0;
1470         if (tb[TCA_ROOT_FLAGS]) {
1471                 bf = nla_get_bitfield32(tb[TCA_ROOT_FLAGS]);
1472                 cb->args[2] = bf.value;
1473         }
1474 
1475         if (tb[TCA_ROOT_TIME_DELTA]) {
1476                 msecs_since = nla_get_u32(tb[TCA_ROOT_TIME_DELTA]);
1477         }
1478 
1479         nlh = nlmsg_put(skb, NETLINK_CB(cb->skb).portid, cb->nlh->nlmsg_seq,
1480                         cb->nlh->nlmsg_type, sizeof(*t), 0);
1481         if (!nlh)
1482                 goto out_module_put;
1483 
1484         if (msecs_since)
1485                 jiffy_since = jiffies - msecs_to_jiffies(msecs_since);
1486 
1487         t = nlmsg_data(nlh);
1488         t->tca_family = AF_UNSPEC;
1489         t->tca__pad1 = 0;
1490         t->tca__pad2 = 0;
1491         cb->args[3] = jiffy_since;
1492         count_attr = nla_reserve(skb, TCA_ROOT_COUNT, sizeof(u32));
1493         if (!count_attr)
1494                 goto out_module_put;
1495 
1496         nest = nla_nest_start(skb, TCA_ACT_TAB);
1497         if (nest == NULL)
1498                 goto out_module_put;
1499 
1500         ret = a_o->walk(net, skb, cb, RTM_GETACTION, a_o, NULL);
1501         if (ret < 0)
1502                 goto out_module_put;
1503 
1504         if (ret > 0) {
1505                 nla_nest_end(skb, nest);
1506                 ret = skb->len;
1507                 act_count = cb->args[1];
1508                 memcpy(nla_data(count_attr), &act_count, sizeof(u32));
1509                 cb->args[1] = 0;
1510         } else
1511                 nlmsg_trim(skb, b);
1512 
1513         nlh->nlmsg_len = skb_tail_pointer(skb) - b;
1514         if (NETLINK_CB(cb->skb).portid && ret)
1515                 nlh->nlmsg_flags |= NLM_F_MULTI;
1516         module_put(a_o->owner);
1517         return skb->len;
1518 
1519 out_module_put:
1520         module_put(a_o->owner);
1521         nlmsg_trim(skb, b);
1522         return skb->len;
1523 }
1524 
1525 struct tcf_action_net {
1526         struct rhashtable egdev_ht;
1527 };
1528 
1529 static unsigned int tcf_action_net_id;
1530 
1531 struct tcf_action_egdev_cb {
1532         struct list_head list;
1533         tc_setup_cb_t *cb;
1534         void *cb_priv;
1535 };
1536 
1537 struct tcf_action_egdev {
1538         struct rhash_head ht_node;
1539         const struct net_device *dev;
1540         unsigned int refcnt;
1541         struct list_head cb_list;
1542 };
1543 
1544 static const struct rhashtable_params tcf_action_egdev_ht_params = {
1545         .key_offset = offsetof(struct tcf_action_egdev, dev),
1546         .head_offset = offsetof(struct tcf_action_egdev, ht_node),
1547         .key_len = sizeof(const struct net_device *),
1548 };
1549 
1550 static struct tcf_action_egdev *
1551 tcf_action_egdev_lookup(const struct net_device *dev)
1552 {
1553         struct net *net = dev_net(dev);
1554         struct tcf_action_net *tan = net_generic(net, tcf_action_net_id);
1555 
1556         return rhashtable_lookup_fast(&tan->egdev_ht, &dev,
1557                                       tcf_action_egdev_ht_params);
1558 }
1559 
1560 static struct tcf_action_egdev *
1561 tcf_action_egdev_get(const struct net_device *dev)
1562 {
1563         struct tcf_action_egdev *egdev;
1564         struct tcf_action_net *tan;
1565 
1566         egdev = tcf_action_egdev_lookup(dev);
1567         if (egdev)
1568                 goto inc_ref;
1569 
1570         egdev = kzalloc(sizeof(*egdev), GFP_KERNEL);
1571         if (!egdev)
1572                 return NULL;
1573         INIT_LIST_HEAD(&egdev->cb_list);
1574         egdev->dev = dev;
1575         tan = net_generic(dev_net(dev), tcf_action_net_id);
1576         rhashtable_insert_fast(&tan->egdev_ht, &egdev->ht_node,
1577                                tcf_action_egdev_ht_params);
1578 
1579 inc_ref:
1580         egdev->refcnt++;
1581         return egdev;
1582 }
1583 
1584 static void tcf_action_egdev_put(struct tcf_action_egdev *egdev)
1585 {
1586         struct tcf_action_net *tan;
1587 
1588         if (--egdev->refcnt)
1589                 return;
1590         tan = net_generic(dev_net(egdev->dev), tcf_action_net_id);
1591         rhashtable_remove_fast(&tan->egdev_ht, &egdev->ht_node,
1592                                tcf_action_egdev_ht_params);
1593         kfree(egdev);
1594 }
1595 
1596 static struct tcf_action_egdev_cb *
1597 tcf_action_egdev_cb_lookup(struct tcf_action_egdev *egdev,
1598                            tc_setup_cb_t *cb, void *cb_priv)
1599 {
1600         struct tcf_action_egdev_cb *egdev_cb;
1601 
1602         list_for_each_entry(egdev_cb, &egdev->cb_list, list)
1603                 if (egdev_cb->cb == cb && egdev_cb->cb_priv == cb_priv)
1604                         return egdev_cb;
1605         return NULL;
1606 }
1607 
1608 static int tcf_action_egdev_cb_call(struct tcf_action_egdev *egdev,
1609                                     enum tc_setup_type type,
1610                                     void *type_data, bool err_stop)
1611 {
1612         struct tcf_action_egdev_cb *egdev_cb;
1613         int ok_count = 0;
1614         int err;
1615 
1616         list_for_each_entry(egdev_cb, &egdev->cb_list, list) {
1617                 err = egdev_cb->cb(type, type_data, egdev_cb->cb_priv);
1618                 if (err) {
1619                         if (err_stop)
1620                                 return err;
1621                 } else {
1622                         ok_count++;
1623                 }
1624         }
1625         return ok_count;
1626 }
1627 
1628 static int tcf_action_egdev_cb_add(struct tcf_action_egdev *egdev,
1629                                    tc_setup_cb_t *cb, void *cb_priv)
1630 {
1631         struct tcf_action_egdev_cb *egdev_cb;
1632 
1633         egdev_cb = tcf_action_egdev_cb_lookup(egdev, cb, cb_priv);
1634         if (WARN_ON(egdev_cb))
1635                 return -EEXIST;
1636         egdev_cb = kzalloc(sizeof(*egdev_cb), GFP_KERNEL);
1637         if (!egdev_cb)
1638                 return -ENOMEM;
1639         egdev_cb->cb = cb;
1640         egdev_cb->cb_priv = cb_priv;
1641         list_add(&egdev_cb->list, &egdev->cb_list);
1642         return 0;
1643 }
1644 
1645 static void tcf_action_egdev_cb_del(struct tcf_action_egdev *egdev,
1646                                     tc_setup_cb_t *cb, void *cb_priv)
1647 {
1648         struct tcf_action_egdev_cb *egdev_cb;
1649 
1650         egdev_cb = tcf_action_egdev_cb_lookup(egdev, cb, cb_priv);
1651         if (WARN_ON(!egdev_cb))
1652                 return;
1653         list_del(&egdev_cb->list);
1654         kfree(egdev_cb);
1655 }
1656 
1657 static int __tc_setup_cb_egdev_register(const struct net_device *dev,
1658                                         tc_setup_cb_t *cb, void *cb_priv)
1659 {
1660         struct tcf_action_egdev *egdev = tcf_action_egdev_get(dev);
1661         int err;
1662 
1663         if (!egdev)
1664                 return -ENOMEM;
1665         err = tcf_action_egdev_cb_add(egdev, cb, cb_priv);
1666         if (err)
1667                 goto err_cb_add;
1668         return 0;
1669 
1670 err_cb_add:
1671         tcf_action_egdev_put(egdev);
1672         return err;
1673 }
1674 int tc_setup_cb_egdev_register(const struct net_device *dev,
1675                                tc_setup_cb_t *cb, void *cb_priv)
1676 {
1677         int err;
1678 
1679         rtnl_lock();
1680         err = __tc_setup_cb_egdev_register(dev, cb, cb_priv);
1681         rtnl_unlock();
1682         return err;
1683 }
1684 EXPORT_SYMBOL_GPL(tc_setup_cb_egdev_register);
1685 
1686 static void __tc_setup_cb_egdev_unregister(const struct net_device *dev,
1687                                            tc_setup_cb_t *cb, void *cb_priv)
1688 {
1689         struct tcf_action_egdev *egdev = tcf_action_egdev_lookup(dev);
1690 
1691         if (WARN_ON(!egdev))
1692                 return;
1693         tcf_action_egdev_cb_del(egdev, cb, cb_priv);
1694         tcf_action_egdev_put(egdev);
1695 }
1696 void tc_setup_cb_egdev_unregister(const struct net_device *dev,
1697                                   tc_setup_cb_t *cb, void *cb_priv)
1698 {
1699         rtnl_lock();
1700         __tc_setup_cb_egdev_unregister(dev, cb, cb_priv);
1701         rtnl_unlock();
1702 }
1703 EXPORT_SYMBOL_GPL(tc_setup_cb_egdev_unregister);
1704 
1705 int tc_setup_cb_egdev_call(const struct net_device *dev,
1706                            enum tc_setup_type type, void *type_data,
1707                            bool err_stop)
1708 {
1709         struct tcf_action_egdev *egdev = tcf_action_egdev_lookup(dev);
1710 
1711         if (!egdev)
1712                 return 0;
1713         return tcf_action_egdev_cb_call(egdev, type, type_data, err_stop);
1714 }
1715 EXPORT_SYMBOL_GPL(tc_setup_cb_egdev_call);
1716 
1717 static __net_init int tcf_action_net_init(struct net *net)
1718 {
1719         struct tcf_action_net *tan = net_generic(net, tcf_action_net_id);
1720 
1721         return rhashtable_init(&tan->egdev_ht, &tcf_action_egdev_ht_params);
1722 }
1723 
1724 static void __net_exit tcf_action_net_exit(struct net *net)
1725 {
1726         struct tcf_action_net *tan = net_generic(net, tcf_action_net_id);
1727 
1728         rhashtable_destroy(&tan->egdev_ht);
1729 }
1730 
1731 static struct pernet_operations tcf_action_net_ops = {
1732         .init = tcf_action_net_init,
1733         .exit = tcf_action_net_exit,
1734         .id = &tcf_action_net_id,
1735         .size = sizeof(struct tcf_action_net),
1736 };
1737 
1738 static int __init tc_action_init(void)
1739 {
1740         int err;
1741 
1742         err = register_pernet_subsys(&tcf_action_net_ops);
1743         if (err)
1744                 return err;
1745 
1746         rtnl_register(PF_UNSPEC, RTM_NEWACTION, tc_ctl_action, NULL, 0);
1747         rtnl_register(PF_UNSPEC, RTM_DELACTION, tc_ctl_action, NULL, 0);
1748         rtnl_register(PF_UNSPEC, RTM_GETACTION, tc_ctl_action, tc_dump_action,
1749                       0);
1750 
1751         return 0;
1752 }
1753 
1754 subsys_initcall(tc_action_init);
1755 

~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

kernel.org | git.kernel.org | LWN.net | Project Home | Wiki (Japanese) | Wiki (English) | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

osdn.jp