1 /* 2 * net/sched/act_api.c Packet action API. 3 * 4 * This program is free software; you can redistribute it and/or 5 * modify it under the terms of the GNU General Public License 6 * as published by the Free Software Foundation; either version 7 * 2 of the License, or (at your option) any later version. 8 * 9 * Author: Jamal Hadi Salim 10 * 11 * 12 */ 13 14 #include <linux/types.h> 15 #include <linux/kernel.h> 16 #include <linux/string.h> 17 #include <linux/errno.h> 18 #include <linux/slab.h> 19 #include <linux/skbuff.h> 20 #include <linux/init.h> 21 #include <linux/kmod.h> 22 #include <linux/err.h> 23 #include <linux/module.h> 24 #include <net/net_namespace.h> 25 #include <net/sock.h> 26 #include <net/sch_generic.h> 27 #include <net/pkt_cls.h> 28 #include <net/act_api.h> 29 #include <net/netlink.h> 30 31 static void free_tcf(struct rcu_head *head) 32 { 33 struct tc_action *p = container_of(head, struct tc_action, tcfa_rcu); 34 35 free_percpu(p->cpu_bstats); 36 free_percpu(p->cpu_qstats); 37 38 if (p->act_cookie) { 39 kfree(p->act_cookie->data); 40 kfree(p->act_cookie); 41 } 42 43 kfree(p); 44 } 45 46 static void tcf_hash_destroy(struct tcf_hashinfo *hinfo, struct tc_action *p) 47 { 48 spin_lock_bh(&hinfo->lock); 49 hlist_del(&p->tcfa_head); 50 spin_unlock_bh(&hinfo->lock); 51 gen_kill_estimator(&p->tcfa_rate_est); 52 /* 53 * gen_estimator est_timer() might access p->tcfa_lock 54 * or bstats, wait a RCU grace period before freeing p 55 */ 56 call_rcu(&p->tcfa_rcu, free_tcf); 57 } 58 59 int __tcf_hash_release(struct tc_action *p, bool bind, bool strict) 60 { 61 int ret = 0; 62 63 if (p) { 64 if (bind) 65 p->tcfa_bindcnt--; 66 else if (strict && p->tcfa_bindcnt > 0) 67 return -EPERM; 68 69 p->tcfa_refcnt--; 70 if (p->tcfa_bindcnt <= 0 && p->tcfa_refcnt <= 0) { 71 if (p->ops->cleanup) 72 p->ops->cleanup(p, bind); 73 tcf_hash_destroy(p->hinfo, p); 74 ret = ACT_P_DELETED; 75 } 76 } 77 78 return ret; 79 } 80 EXPORT_SYMBOL(__tcf_hash_release); 81 82 static int tcf_dump_walker(struct tcf_hashinfo *hinfo, struct sk_buff *skb, 83 struct netlink_callback *cb) 84 { 85 int err = 0, index = -1, i = 0, s_i = 0, n_i = 0; 86 struct nlattr *nest; 87 88 spin_lock_bh(&hinfo->lock); 89 90 s_i = cb->args[0]; 91 92 for (i = 0; i < (hinfo->hmask + 1); i++) { 93 struct hlist_head *head; 94 struct tc_action *p; 95 96 head = &hinfo->htab[tcf_hash(i, hinfo->hmask)]; 97 98 hlist_for_each_entry_rcu(p, head, tcfa_head) { 99 index++; 100 if (index < s_i) 101 continue; 102 103 nest = nla_nest_start(skb, n_i); 104 if (nest == NULL) 105 goto nla_put_failure; 106 err = tcf_action_dump_1(skb, p, 0, 0); 107 if (err < 0) { 108 index--; 109 nlmsg_trim(skb, nest); 110 goto done; 111 } 112 nla_nest_end(skb, nest); 113 n_i++; 114 if (n_i >= TCA_ACT_MAX_PRIO) 115 goto done; 116 } 117 } 118 done: 119 spin_unlock_bh(&hinfo->lock); 120 if (n_i) 121 cb->args[0] += n_i; 122 return n_i; 123 124 nla_put_failure: 125 nla_nest_cancel(skb, nest); 126 goto done; 127 } 128 129 static int tcf_del_walker(struct tcf_hashinfo *hinfo, struct sk_buff *skb, 130 const struct tc_action_ops *ops) 131 { 132 struct nlattr *nest; 133 int i = 0, n_i = 0; 134 int ret = -EINVAL; 135 136 nest = nla_nest_start(skb, 0); 137 if (nest == NULL) 138 goto nla_put_failure; 139 if (nla_put_string(skb, TCA_KIND, ops->kind)) 140 goto nla_put_failure; 141 for (i = 0; i < (hinfo->hmask + 1); i++) { 142 struct hlist_head *head; 143 struct hlist_node *n; 144 struct tc_action *p; 145 146 head = &hinfo->htab[tcf_hash(i, hinfo->hmask)]; 147 hlist_for_each_entry_safe(p, n, head, tcfa_head) { 148 ret = __tcf_hash_release(p, false, true); 149 if (ret == ACT_P_DELETED) { 150 module_put(p->ops->owner); 151 n_i++; 152 } else if (ret < 0) 153 goto nla_put_failure; 154 } 155 } 156 if (nla_put_u32(skb, TCA_FCNT, n_i)) 157 goto nla_put_failure; 158 nla_nest_end(skb, nest); 159 160 return n_i; 161 nla_put_failure: 162 nla_nest_cancel(skb, nest); 163 return ret; 164 } 165 166 int tcf_generic_walker(struct tc_action_net *tn, struct sk_buff *skb, 167 struct netlink_callback *cb, int type, 168 const struct tc_action_ops *ops) 169 { 170 struct tcf_hashinfo *hinfo = tn->hinfo; 171 172 if (type == RTM_DELACTION) { 173 return tcf_del_walker(hinfo, skb, ops); 174 } else if (type == RTM_GETACTION) { 175 return tcf_dump_walker(hinfo, skb, cb); 176 } else { 177 WARN(1, "tcf_generic_walker: unknown action %d\n", type); 178 return -EINVAL; 179 } 180 } 181 EXPORT_SYMBOL(tcf_generic_walker); 182 183 static struct tc_action *tcf_hash_lookup(u32 index, struct tcf_hashinfo *hinfo) 184 { 185 struct tc_action *p = NULL; 186 struct hlist_head *head; 187 188 spin_lock_bh(&hinfo->lock); 189 head = &hinfo->htab[tcf_hash(index, hinfo->hmask)]; 190 hlist_for_each_entry_rcu(p, head, tcfa_head) 191 if (p->tcfa_index == index) 192 break; 193 spin_unlock_bh(&hinfo->lock); 194 195 return p; 196 } 197 198 u32 tcf_hash_new_index(struct tc_action_net *tn) 199 { 200 struct tcf_hashinfo *hinfo = tn->hinfo; 201 u32 val = hinfo->index; 202 203 do { 204 if (++val == 0) 205 val = 1; 206 } while (tcf_hash_lookup(val, hinfo)); 207 208 hinfo->index = val; 209 return val; 210 } 211 EXPORT_SYMBOL(tcf_hash_new_index); 212 213 int tcf_hash_search(struct tc_action_net *tn, struct tc_action **a, u32 index) 214 { 215 struct tcf_hashinfo *hinfo = tn->hinfo; 216 struct tc_action *p = tcf_hash_lookup(index, hinfo); 217 218 if (p) { 219 *a = p; 220 return 1; 221 } 222 return 0; 223 } 224 EXPORT_SYMBOL(tcf_hash_search); 225 226 bool tcf_hash_check(struct tc_action_net *tn, u32 index, struct tc_action **a, 227 int bind) 228 { 229 struct tcf_hashinfo *hinfo = tn->hinfo; 230 struct tc_action *p = NULL; 231 232 if (index && (p = tcf_hash_lookup(index, hinfo)) != NULL) { 233 if (bind) 234 p->tcfa_bindcnt++; 235 p->tcfa_refcnt++; 236 *a = p; 237 return true; 238 } 239 return false; 240 } 241 EXPORT_SYMBOL(tcf_hash_check); 242 243 void tcf_hash_cleanup(struct tc_action *a, struct nlattr *est) 244 { 245 if (est) 246 gen_kill_estimator(&a->tcfa_rate_est); 247 call_rcu(&a->tcfa_rcu, free_tcf); 248 } 249 EXPORT_SYMBOL(tcf_hash_cleanup); 250 251 int tcf_hash_create(struct tc_action_net *tn, u32 index, struct nlattr *est, 252 struct tc_action **a, const struct tc_action_ops *ops, 253 int bind, bool cpustats) 254 { 255 struct tc_action *p = kzalloc(ops->size, GFP_KERNEL); 256 struct tcf_hashinfo *hinfo = tn->hinfo; 257 int err = -ENOMEM; 258 259 if (unlikely(!p)) 260 return -ENOMEM; 261 p->tcfa_refcnt = 1; 262 if (bind) 263 p->tcfa_bindcnt = 1; 264 265 if (cpustats) { 266 p->cpu_bstats = netdev_alloc_pcpu_stats(struct gnet_stats_basic_cpu); 267 if (!p->cpu_bstats) { 268 err1: 269 kfree(p); 270 return err; 271 } 272 p->cpu_qstats = alloc_percpu(struct gnet_stats_queue); 273 if (!p->cpu_qstats) { 274 err2: 275 free_percpu(p->cpu_bstats); 276 goto err1; 277 } 278 } 279 spin_lock_init(&p->tcfa_lock); 280 INIT_HLIST_NODE(&p->tcfa_head); 281 p->tcfa_index = index ? index : tcf_hash_new_index(tn); 282 p->tcfa_tm.install = jiffies; 283 p->tcfa_tm.lastuse = jiffies; 284 p->tcfa_tm.firstuse = 0; 285 if (est) { 286 err = gen_new_estimator(&p->tcfa_bstats, p->cpu_bstats, 287 &p->tcfa_rate_est, 288 &p->tcfa_lock, NULL, est); 289 if (err) { 290 free_percpu(p->cpu_qstats); 291 goto err2; 292 } 293 } 294 295 p->hinfo = hinfo; 296 p->ops = ops; 297 INIT_LIST_HEAD(&p->list); 298 *a = p; 299 return 0; 300 } 301 EXPORT_SYMBOL(tcf_hash_create); 302 303 void tcf_hash_insert(struct tc_action_net *tn, struct tc_action *a) 304 { 305 struct tcf_hashinfo *hinfo = tn->hinfo; 306 unsigned int h = tcf_hash(a->tcfa_index, hinfo->hmask); 307 308 spin_lock_bh(&hinfo->lock); 309 hlist_add_head(&a->tcfa_head, &hinfo->htab[h]); 310 spin_unlock_bh(&hinfo->lock); 311 } 312 EXPORT_SYMBOL(tcf_hash_insert); 313 314 void tcf_hashinfo_destroy(const struct tc_action_ops *ops, 315 struct tcf_hashinfo *hinfo) 316 { 317 int i; 318 319 for (i = 0; i < hinfo->hmask + 1; i++) { 320 struct tc_action *p; 321 struct hlist_node *n; 322 323 hlist_for_each_entry_safe(p, n, &hinfo->htab[i], tcfa_head) { 324 int ret; 325 326 ret = __tcf_hash_release(p, false, true); 327 if (ret == ACT_P_DELETED) 328 module_put(ops->owner); 329 else if (ret < 0) 330 return; 331 } 332 } 333 kfree(hinfo->htab); 334 } 335 EXPORT_SYMBOL(tcf_hashinfo_destroy); 336 337 static LIST_HEAD(act_base); 338 static DEFINE_RWLOCK(act_mod_lock); 339 340 int tcf_register_action(struct tc_action_ops *act, 341 struct pernet_operations *ops) 342 { 343 struct tc_action_ops *a; 344 int ret; 345 346 if (!act->act || !act->dump || !act->init || !act->walk || !act->lookup) 347 return -EINVAL; 348 349 /* We have to register pernet ops before making the action ops visible, 350 * otherwise tcf_action_init_1() could get a partially initialized 351 * netns. 352 */ 353 ret = register_pernet_subsys(ops); 354 if (ret) 355 return ret; 356 357 write_lock(&act_mod_lock); 358 list_for_each_entry(a, &act_base, head) { 359 if (act->type == a->type || (strcmp(act->kind, a->kind) == 0)) { 360 write_unlock(&act_mod_lock); 361 unregister_pernet_subsys(ops); 362 return -EEXIST; 363 } 364 } 365 list_add_tail(&act->head, &act_base); 366 write_unlock(&act_mod_lock); 367 368 return 0; 369 } 370 EXPORT_SYMBOL(tcf_register_action); 371 372 int tcf_unregister_action(struct tc_action_ops *act, 373 struct pernet_operations *ops) 374 { 375 struct tc_action_ops *a; 376 int err = -ENOENT; 377 378 write_lock(&act_mod_lock); 379 list_for_each_entry(a, &act_base, head) { 380 if (a == act) { 381 list_del(&act->head); 382 err = 0; 383 break; 384 } 385 } 386 write_unlock(&act_mod_lock); 387 if (!err) 388 unregister_pernet_subsys(ops); 389 return err; 390 } 391 EXPORT_SYMBOL(tcf_unregister_action); 392 393 /* lookup by name */ 394 static struct tc_action_ops *tc_lookup_action_n(char *kind) 395 { 396 struct tc_action_ops *a, *res = NULL; 397 398 if (kind) { 399 read_lock(&act_mod_lock); 400 list_for_each_entry(a, &act_base, head) { 401 if (strcmp(kind, a->kind) == 0) { 402 if (try_module_get(a->owner)) 403 res = a; 404 break; 405 } 406 } 407 read_unlock(&act_mod_lock); 408 } 409 return res; 410 } 411 412 /* lookup by nlattr */ 413 static struct tc_action_ops *tc_lookup_action(struct nlattr *kind) 414 { 415 struct tc_action_ops *a, *res = NULL; 416 417 if (kind) { 418 read_lock(&act_mod_lock); 419 list_for_each_entry(a, &act_base, head) { 420 if (nla_strcmp(kind, a->kind) == 0) { 421 if (try_module_get(a->owner)) 422 res = a; 423 break; 424 } 425 } 426 read_unlock(&act_mod_lock); 427 } 428 return res; 429 } 430 431 /*TCA_ACT_MAX_PRIO is 32, there count upto 32 */ 432 #define TCA_ACT_MAX_PRIO_MASK 0x1FF 433 int tcf_action_exec(struct sk_buff *skb, struct tc_action **actions, 434 int nr_actions, struct tcf_result *res) 435 { 436 int ret = -1, i; 437 u32 jmp_prgcnt = 0; 438 u32 jmp_ttl = TCA_ACT_MAX_PRIO; /*matches actions per filter */ 439 440 if (skb_skip_tc_classify(skb)) 441 return TC_ACT_OK; 442 443 restart_act_graph: 444 for (i = 0; i < nr_actions; i++) { 445 const struct tc_action *a = actions[i]; 446 447 if (jmp_prgcnt > 0) { 448 jmp_prgcnt -= 1; 449 continue; 450 } 451 repeat: 452 ret = a->ops->act(skb, a, res); 453 if (ret == TC_ACT_REPEAT) 454 goto repeat; /* we need a ttl - JHS */ 455 456 if (TC_ACT_EXT_CMP(ret, TC_ACT_JUMP)) { 457 jmp_prgcnt = ret & TCA_ACT_MAX_PRIO_MASK; 458 if (!jmp_prgcnt || (jmp_prgcnt > nr_actions)) { 459 /* faulty opcode, stop pipeline */ 460 return TC_ACT_OK; 461 } else { 462 jmp_ttl -= 1; 463 if (jmp_ttl > 0) 464 goto restart_act_graph; 465 else /* faulty graph, stop pipeline */ 466 return TC_ACT_OK; 467 } 468 } 469 470 if (ret != TC_ACT_PIPE) 471 break; 472 } 473 474 return ret; 475 } 476 EXPORT_SYMBOL(tcf_action_exec); 477 478 int tcf_action_destroy(struct list_head *actions, int bind) 479 { 480 struct tc_action *a, *tmp; 481 int ret = 0; 482 483 list_for_each_entry_safe(a, tmp, actions, list) { 484 ret = __tcf_hash_release(a, bind, true); 485 if (ret == ACT_P_DELETED) 486 module_put(a->ops->owner); 487 else if (ret < 0) 488 return ret; 489 } 490 return ret; 491 } 492 493 int 494 tcf_action_dump_old(struct sk_buff *skb, struct tc_action *a, int bind, int ref) 495 { 496 return a->ops->dump(skb, a, bind, ref); 497 } 498 499 int 500 tcf_action_dump_1(struct sk_buff *skb, struct tc_action *a, int bind, int ref) 501 { 502 int err = -EINVAL; 503 unsigned char *b = skb_tail_pointer(skb); 504 struct nlattr *nest; 505 506 if (nla_put_string(skb, TCA_KIND, a->ops->kind)) 507 goto nla_put_failure; 508 if (tcf_action_copy_stats(skb, a, 0)) 509 goto nla_put_failure; 510 if (a->act_cookie) { 511 if (nla_put(skb, TCA_ACT_COOKIE, a->act_cookie->len, 512 a->act_cookie->data)) 513 goto nla_put_failure; 514 } 515 516 nest = nla_nest_start(skb, TCA_OPTIONS); 517 if (nest == NULL) 518 goto nla_put_failure; 519 err = tcf_action_dump_old(skb, a, bind, ref); 520 if (err > 0) { 521 nla_nest_end(skb, nest); 522 return err; 523 } 524 525 nla_put_failure: 526 nlmsg_trim(skb, b); 527 return -1; 528 } 529 EXPORT_SYMBOL(tcf_action_dump_1); 530 531 int tcf_action_dump(struct sk_buff *skb, struct list_head *actions, 532 int bind, int ref) 533 { 534 struct tc_action *a; 535 int err = -EINVAL; 536 struct nlattr *nest; 537 538 list_for_each_entry(a, actions, list) { 539 nest = nla_nest_start(skb, a->order); 540 if (nest == NULL) 541 goto nla_put_failure; 542 err = tcf_action_dump_1(skb, a, bind, ref); 543 if (err < 0) 544 goto errout; 545 nla_nest_end(skb, nest); 546 } 547 548 return 0; 549 550 nla_put_failure: 551 err = -EINVAL; 552 errout: 553 nla_nest_cancel(skb, nest); 554 return err; 555 } 556 557 static struct tc_cookie *nla_memdup_cookie(struct nlattr **tb) 558 { 559 struct tc_cookie *c = kzalloc(sizeof(*c), GFP_KERNEL); 560 if (!c) 561 return NULL; 562 563 c->data = nla_memdup(tb[TCA_ACT_COOKIE], GFP_KERNEL); 564 if (!c->data) { 565 kfree(c); 566 return NULL; 567 } 568 c->len = nla_len(tb[TCA_ACT_COOKIE]); 569 570 return c; 571 } 572 573 struct tc_action *tcf_action_init_1(struct net *net, struct nlattr *nla, 574 struct nlattr *est, char *name, int ovr, 575 int bind) 576 { 577 struct tc_action *a; 578 struct tc_action_ops *a_o; 579 struct tc_cookie *cookie = NULL; 580 char act_name[IFNAMSIZ]; 581 struct nlattr *tb[TCA_ACT_MAX + 1]; 582 struct nlattr *kind; 583 int err; 584 585 if (name == NULL) { 586 err = nla_parse_nested(tb, TCA_ACT_MAX, nla, NULL, NULL); 587 if (err < 0) 588 goto err_out; 589 err = -EINVAL; 590 kind = tb[TCA_ACT_KIND]; 591 if (kind == NULL) 592 goto err_out; 593 if (nla_strlcpy(act_name, kind, IFNAMSIZ) >= IFNAMSIZ) 594 goto err_out; 595 if (tb[TCA_ACT_COOKIE]) { 596 int cklen = nla_len(tb[TCA_ACT_COOKIE]); 597 598 if (cklen > TC_COOKIE_MAX_SIZE) 599 goto err_out; 600 601 cookie = nla_memdup_cookie(tb); 602 if (!cookie) { 603 err = -ENOMEM; 604 goto err_out; 605 } 606 } 607 } else { 608 err = -EINVAL; 609 if (strlcpy(act_name, name, IFNAMSIZ) >= IFNAMSIZ) 610 goto err_out; 611 } 612 613 a_o = tc_lookup_action_n(act_name); 614 if (a_o == NULL) { 615 #ifdef CONFIG_MODULES 616 rtnl_unlock(); 617 request_module("act_%s", act_name); 618 rtnl_lock(); 619 620 a_o = tc_lookup_action_n(act_name); 621 622 /* We dropped the RTNL semaphore in order to 623 * perform the module load. So, even if we 624 * succeeded in loading the module we have to 625 * tell the caller to replay the request. We 626 * indicate this using -EAGAIN. 627 */ 628 if (a_o != NULL) { 629 err = -EAGAIN; 630 goto err_mod; 631 } 632 #endif 633 err = -ENOENT; 634 goto err_out; 635 } 636 637 /* backward compatibility for policer */ 638 if (name == NULL) 639 err = a_o->init(net, tb[TCA_ACT_OPTIONS], est, &a, ovr, bind); 640 else 641 err = a_o->init(net, nla, est, &a, ovr, bind); 642 if (err < 0) 643 goto err_mod; 644 645 if (name == NULL && tb[TCA_ACT_COOKIE]) { 646 if (a->act_cookie) { 647 kfree(a->act_cookie->data); 648 kfree(a->act_cookie); 649 } 650 a->act_cookie = cookie; 651 } 652 653 /* module count goes up only when brand new policy is created 654 * if it exists and is only bound to in a_o->init() then 655 * ACT_P_CREATED is not returned (a zero is). 656 */ 657 if (err != ACT_P_CREATED) 658 module_put(a_o->owner); 659 660 return a; 661 662 err_mod: 663 module_put(a_o->owner); 664 err_out: 665 if (cookie) { 666 kfree(cookie->data); 667 kfree(cookie); 668 } 669 return ERR_PTR(err); 670 } 671 672 static void cleanup_a(struct list_head *actions, int ovr) 673 { 674 struct tc_action *a; 675 676 if (!ovr) 677 return; 678 679 list_for_each_entry(a, actions, list) 680 a->tcfa_refcnt--; 681 } 682 683 int tcf_action_init(struct net *net, struct nlattr *nla, struct nlattr *est, 684 char *name, int ovr, int bind, struct list_head *actions) 685 { 686 struct nlattr *tb[TCA_ACT_MAX_PRIO + 1]; 687 struct tc_action *act; 688 int err; 689 int i; 690 691 err = nla_parse_nested(tb, TCA_ACT_MAX_PRIO, nla, NULL, NULL); 692 if (err < 0) 693 return err; 694 695 for (i = 1; i <= TCA_ACT_MAX_PRIO && tb[i]; i++) { 696 act = tcf_action_init_1(net, tb[i], est, name, ovr, bind); 697 if (IS_ERR(act)) { 698 err = PTR_ERR(act); 699 goto err; 700 } 701 act->order = i; 702 if (ovr) 703 act->tcfa_refcnt++; 704 list_add_tail(&act->list, actions); 705 } 706 707 /* Remove the temp refcnt which was necessary to protect against 708 * destroying an existing action which was being replaced 709 */ 710 cleanup_a(actions, ovr); 711 return 0; 712 713 err: 714 tcf_action_destroy(actions, bind); 715 return err; 716 } 717 718 int tcf_action_copy_stats(struct sk_buff *skb, struct tc_action *p, 719 int compat_mode) 720 { 721 int err = 0; 722 struct gnet_dump d; 723 724 if (p == NULL) 725 goto errout; 726 727 /* compat_mode being true specifies a call that is supposed 728 * to add additional backward compatibility statistic TLVs. 729 */ 730 if (compat_mode) { 731 if (p->type == TCA_OLD_COMPAT) 732 err = gnet_stats_start_copy_compat(skb, 0, 733 TCA_STATS, 734 TCA_XSTATS, 735 &p->tcfa_lock, &d, 736 TCA_PAD); 737 else 738 return 0; 739 } else 740 err = gnet_stats_start_copy(skb, TCA_ACT_STATS, 741 &p->tcfa_lock, &d, TCA_ACT_PAD); 742 743 if (err < 0) 744 goto errout; 745 746 if (gnet_stats_copy_basic(NULL, &d, p->cpu_bstats, &p->tcfa_bstats) < 0 || 747 gnet_stats_copy_rate_est(&d, &p->tcfa_rate_est) < 0 || 748 gnet_stats_copy_queue(&d, p->cpu_qstats, 749 &p->tcfa_qstats, 750 p->tcfa_qstats.qlen) < 0) 751 goto errout; 752 753 if (gnet_stats_finish_copy(&d) < 0) 754 goto errout; 755 756 return 0; 757 758 errout: 759 return -1; 760 } 761 762 static int tca_get_fill(struct sk_buff *skb, struct list_head *actions, 763 u32 portid, u32 seq, u16 flags, int event, int bind, 764 int ref) 765 { 766 struct tcamsg *t; 767 struct nlmsghdr *nlh; 768 unsigned char *b = skb_tail_pointer(skb); 769 struct nlattr *nest; 770 771 nlh = nlmsg_put(skb, portid, seq, event, sizeof(*t), flags); 772 if (!nlh) 773 goto out_nlmsg_trim; 774 t = nlmsg_data(nlh); 775 t->tca_family = AF_UNSPEC; 776 t->tca__pad1 = 0; 777 t->tca__pad2 = 0; 778 779 nest = nla_nest_start(skb, TCA_ACT_TAB); 780 if (nest == NULL) 781 goto out_nlmsg_trim; 782 783 if (tcf_action_dump(skb, actions, bind, ref) < 0) 784 goto out_nlmsg_trim; 785 786 nla_nest_end(skb, nest); 787 788 nlh->nlmsg_len = skb_tail_pointer(skb) - b; 789 return skb->len; 790 791 out_nlmsg_trim: 792 nlmsg_trim(skb, b); 793 return -1; 794 } 795 796 static int 797 act_get_notify(struct net *net, u32 portid, struct nlmsghdr *n, 798 struct list_head *actions, int event) 799 { 800 struct sk_buff *skb; 801 802 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL); 803 if (!skb) 804 return -ENOBUFS; 805 if (tca_get_fill(skb, actions, portid, n->nlmsg_seq, 0, event, 806 0, 0) <= 0) { 807 kfree_skb(skb); 808 return -EINVAL; 809 } 810 811 return rtnl_unicast(skb, net, portid); 812 } 813 814 static struct tc_action *tcf_action_get_1(struct net *net, struct nlattr *nla, 815 struct nlmsghdr *n, u32 portid) 816 { 817 struct nlattr *tb[TCA_ACT_MAX + 1]; 818 const struct tc_action_ops *ops; 819 struct tc_action *a; 820 int index; 821 int err; 822 823 err = nla_parse_nested(tb, TCA_ACT_MAX, nla, NULL, NULL); 824 if (err < 0) 825 goto err_out; 826 827 err = -EINVAL; 828 if (tb[TCA_ACT_INDEX] == NULL || 829 nla_len(tb[TCA_ACT_INDEX]) < sizeof(index)) 830 goto err_out; 831 index = nla_get_u32(tb[TCA_ACT_INDEX]); 832 833 err = -EINVAL; 834 ops = tc_lookup_action(tb[TCA_ACT_KIND]); 835 if (!ops) /* could happen in batch of actions */ 836 goto err_out; 837 err = -ENOENT; 838 if (ops->lookup(net, &a, index) == 0) 839 goto err_mod; 840 841 module_put(ops->owner); 842 return a; 843 844 err_mod: 845 module_put(ops->owner); 846 err_out: 847 return ERR_PTR(err); 848 } 849 850 static int tca_action_flush(struct net *net, struct nlattr *nla, 851 struct nlmsghdr *n, u32 portid) 852 { 853 struct sk_buff *skb; 854 unsigned char *b; 855 struct nlmsghdr *nlh; 856 struct tcamsg *t; 857 struct netlink_callback dcb; 858 struct nlattr *nest; 859 struct nlattr *tb[TCA_ACT_MAX + 1]; 860 const struct tc_action_ops *ops; 861 struct nlattr *kind; 862 int err = -ENOMEM; 863 864 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL); 865 if (!skb) { 866 pr_debug("tca_action_flush: failed skb alloc\n"); 867 return err; 868 } 869 870 b = skb_tail_pointer(skb); 871 872 err = nla_parse_nested(tb, TCA_ACT_MAX, nla, NULL, NULL); 873 if (err < 0) 874 goto err_out; 875 876 err = -EINVAL; 877 kind = tb[TCA_ACT_KIND]; 878 ops = tc_lookup_action(kind); 879 if (!ops) /*some idjot trying to flush unknown action */ 880 goto err_out; 881 882 nlh = nlmsg_put(skb, portid, n->nlmsg_seq, RTM_DELACTION, 883 sizeof(*t), 0); 884 if (!nlh) 885 goto out_module_put; 886 t = nlmsg_data(nlh); 887 t->tca_family = AF_UNSPEC; 888 t->tca__pad1 = 0; 889 t->tca__pad2 = 0; 890 891 nest = nla_nest_start(skb, TCA_ACT_TAB); 892 if (nest == NULL) 893 goto out_module_put; 894 895 err = ops->walk(net, skb, &dcb, RTM_DELACTION, ops); 896 if (err <= 0) 897 goto out_module_put; 898 899 nla_nest_end(skb, nest); 900 901 nlh->nlmsg_len = skb_tail_pointer(skb) - b; 902 nlh->nlmsg_flags |= NLM_F_ROOT; 903 module_put(ops->owner); 904 err = rtnetlink_send(skb, net, portid, RTNLGRP_TC, 905 n->nlmsg_flags & NLM_F_ECHO); 906 if (err > 0) 907 return 0; 908 909 return err; 910 911 out_module_put: 912 module_put(ops->owner); 913 err_out: 914 kfree_skb(skb); 915 return err; 916 } 917 918 static int 919 tcf_del_notify(struct net *net, struct nlmsghdr *n, struct list_head *actions, 920 u32 portid) 921 { 922 int ret; 923 struct sk_buff *skb; 924 925 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL); 926 if (!skb) 927 return -ENOBUFS; 928 929 if (tca_get_fill(skb, actions, portid, n->nlmsg_seq, 0, RTM_DELACTION, 930 0, 1) <= 0) { 931 kfree_skb(skb); 932 return -EINVAL; 933 } 934 935 /* now do the delete */ 936 ret = tcf_action_destroy(actions, 0); 937 if (ret < 0) { 938 kfree_skb(skb); 939 return ret; 940 } 941 942 ret = rtnetlink_send(skb, net, portid, RTNLGRP_TC, 943 n->nlmsg_flags & NLM_F_ECHO); 944 if (ret > 0) 945 return 0; 946 return ret; 947 } 948 949 static int 950 tca_action_gd(struct net *net, struct nlattr *nla, struct nlmsghdr *n, 951 u32 portid, int event) 952 { 953 int i, ret; 954 struct nlattr *tb[TCA_ACT_MAX_PRIO + 1]; 955 struct tc_action *act; 956 LIST_HEAD(actions); 957 958 ret = nla_parse_nested(tb, TCA_ACT_MAX_PRIO, nla, NULL, NULL); 959 if (ret < 0) 960 return ret; 961 962 if (event == RTM_DELACTION && n->nlmsg_flags & NLM_F_ROOT) { 963 if (tb[1] != NULL) 964 return tca_action_flush(net, tb[1], n, portid); 965 else 966 return -EINVAL; 967 } 968 969 for (i = 1; i <= TCA_ACT_MAX_PRIO && tb[i]; i++) { 970 act = tcf_action_get_1(net, tb[i], n, portid); 971 if (IS_ERR(act)) { 972 ret = PTR_ERR(act); 973 goto err; 974 } 975 act->order = i; 976 list_add_tail(&act->list, &actions); 977 } 978 979 if (event == RTM_GETACTION) 980 ret = act_get_notify(net, portid, n, &actions, event); 981 else { /* delete */ 982 ret = tcf_del_notify(net, n, &actions, portid); 983 if (ret) 984 goto err; 985 return ret; 986 } 987 err: 988 if (event != RTM_GETACTION) 989 tcf_action_destroy(&actions, 0); 990 return ret; 991 } 992 993 static int 994 tcf_add_notify(struct net *net, struct nlmsghdr *n, struct list_head *actions, 995 u32 portid) 996 { 997 struct sk_buff *skb; 998 int err = 0; 999 1000 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL); 1001 if (!skb) 1002 return -ENOBUFS; 1003 1004 if (tca_get_fill(skb, actions, portid, n->nlmsg_seq, n->nlmsg_flags, 1005 RTM_NEWACTION, 0, 0) <= 0) { 1006 kfree_skb(skb); 1007 return -EINVAL; 1008 } 1009 1010 err = rtnetlink_send(skb, net, portid, RTNLGRP_TC, 1011 n->nlmsg_flags & NLM_F_ECHO); 1012 if (err > 0) 1013 err = 0; 1014 return err; 1015 } 1016 1017 static int tcf_action_add(struct net *net, struct nlattr *nla, 1018 struct nlmsghdr *n, u32 portid, int ovr) 1019 { 1020 int ret = 0; 1021 LIST_HEAD(actions); 1022 1023 ret = tcf_action_init(net, nla, NULL, NULL, ovr, 0, &actions); 1024 if (ret) 1025 return ret; 1026 1027 return tcf_add_notify(net, n, &actions, portid); 1028 } 1029 1030 static int tc_ctl_action(struct sk_buff *skb, struct nlmsghdr *n, 1031 struct netlink_ext_ack *extack) 1032 { 1033 struct net *net = sock_net(skb->sk); 1034 struct nlattr *tca[TCA_ACT_MAX + 1]; 1035 u32 portid = skb ? NETLINK_CB(skb).portid : 0; 1036 int ret = 0, ovr = 0; 1037 1038 if ((n->nlmsg_type != RTM_GETACTION) && 1039 !netlink_capable(skb, CAP_NET_ADMIN)) 1040 return -EPERM; 1041 1042 ret = nlmsg_parse(n, sizeof(struct tcamsg), tca, TCA_ACT_MAX, NULL, 1043 extack); 1044 if (ret < 0) 1045 return ret; 1046 1047 if (tca[TCA_ACT_TAB] == NULL) { 1048 pr_notice("tc_ctl_action: received NO action attribs\n"); 1049 return -EINVAL; 1050 } 1051 1052 /* n->nlmsg_flags & NLM_F_CREATE */ 1053 switch (n->nlmsg_type) { 1054 case RTM_NEWACTION: 1055 /* we are going to assume all other flags 1056 * imply create only if it doesn't exist 1057 * Note that CREATE | EXCL implies that 1058 * but since we want avoid ambiguity (eg when flags 1059 * is zero) then just set this 1060 */ 1061 if (n->nlmsg_flags & NLM_F_REPLACE) 1062 ovr = 1; 1063 replay: 1064 ret = tcf_action_add(net, tca[TCA_ACT_TAB], n, portid, ovr); 1065 if (ret == -EAGAIN) 1066 goto replay; 1067 break; 1068 case RTM_DELACTION: 1069 ret = tca_action_gd(net, tca[TCA_ACT_TAB], n, 1070 portid, RTM_DELACTION); 1071 break; 1072 case RTM_GETACTION: 1073 ret = tca_action_gd(net, tca[TCA_ACT_TAB], n, 1074 portid, RTM_GETACTION); 1075 break; 1076 default: 1077 BUG(); 1078 } 1079 1080 return ret; 1081 } 1082 1083 static struct nlattr *find_dump_kind(const struct nlmsghdr *n) 1084 { 1085 struct nlattr *tb1, *tb2[TCA_ACT_MAX + 1]; 1086 struct nlattr *tb[TCA_ACT_MAX_PRIO + 1]; 1087 struct nlattr *nla[TCAA_MAX + 1]; 1088 struct nlattr *kind; 1089 1090 if (nlmsg_parse(n, sizeof(struct tcamsg), nla, TCAA_MAX, 1091 NULL, NULL) < 0) 1092 return NULL; 1093 tb1 = nla[TCA_ACT_TAB]; 1094 if (tb1 == NULL) 1095 return NULL; 1096 1097 if (nla_parse(tb, TCA_ACT_MAX_PRIO, nla_data(tb1), 1098 NLMSG_ALIGN(nla_len(tb1)), NULL, NULL) < 0) 1099 return NULL; 1100 1101 if (tb[1] == NULL) 1102 return NULL; 1103 if (nla_parse_nested(tb2, TCA_ACT_MAX, tb[1], NULL, NULL) < 0) 1104 return NULL; 1105 kind = tb2[TCA_ACT_KIND]; 1106 1107 return kind; 1108 } 1109 1110 static int tc_dump_action(struct sk_buff *skb, struct netlink_callback *cb) 1111 { 1112 struct net *net = sock_net(skb->sk); 1113 struct nlmsghdr *nlh; 1114 unsigned char *b = skb_tail_pointer(skb); 1115 struct nlattr *nest; 1116 struct tc_action_ops *a_o; 1117 int ret = 0; 1118 struct tcamsg *t = (struct tcamsg *) nlmsg_data(cb->nlh); 1119 struct nlattr *kind = find_dump_kind(cb->nlh); 1120 1121 if (kind == NULL) { 1122 pr_info("tc_dump_action: action bad kind\n"); 1123 return 0; 1124 } 1125 1126 a_o = tc_lookup_action(kind); 1127 if (a_o == NULL) 1128 return 0; 1129 1130 nlh = nlmsg_put(skb, NETLINK_CB(cb->skb).portid, cb->nlh->nlmsg_seq, 1131 cb->nlh->nlmsg_type, sizeof(*t), 0); 1132 if (!nlh) 1133 goto out_module_put; 1134 t = nlmsg_data(nlh); 1135 t->tca_family = AF_UNSPEC; 1136 t->tca__pad1 = 0; 1137 t->tca__pad2 = 0; 1138 1139 nest = nla_nest_start(skb, TCA_ACT_TAB); 1140 if (nest == NULL) 1141 goto out_module_put; 1142 1143 ret = a_o->walk(net, skb, cb, RTM_GETACTION, a_o); 1144 if (ret < 0) 1145 goto out_module_put; 1146 1147 if (ret > 0) { 1148 nla_nest_end(skb, nest); 1149 ret = skb->len; 1150 } else 1151 nlmsg_trim(skb, b); 1152 1153 nlh->nlmsg_len = skb_tail_pointer(skb) - b; 1154 if (NETLINK_CB(cb->skb).portid && ret) 1155 nlh->nlmsg_flags |= NLM_F_MULTI; 1156 module_put(a_o->owner); 1157 return skb->len; 1158 1159 out_module_put: 1160 module_put(a_o->owner); 1161 nlmsg_trim(skb, b); 1162 return skb->len; 1163 } 1164 1165 static int __init tc_action_init(void) 1166 { 1167 rtnl_register(PF_UNSPEC, RTM_NEWACTION, tc_ctl_action, NULL, NULL); 1168 rtnl_register(PF_UNSPEC, RTM_DELACTION, tc_ctl_action, NULL, NULL); 1169 rtnl_register(PF_UNSPEC, RTM_GETACTION, tc_ctl_action, tc_dump_action, 1170 NULL); 1171 1172 return 0; 1173 } 1174 1175 subsys_initcall(tc_action_init); 1176