Blame - net/sched/cls_flower.c - kernel/msm-4.9

blob: 0080fc0730198c8d6fe95836be34445afbcc7c46 [file] [log] [blame]

Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	1	/*
				2	* net/sched/cls_flower.c Flower classifier
				3	*
				4	* Copyright (c) 2015 Jiri Pirko <jiri@resnulli.us>
				5	*
				6	* This program is free software; you can redistribute it and/or modify
				7	* it under the terms of the GNU General Public License as published by
				8	* the Free Software Foundation; either version 2 of the License, or
				9	* (at your option) any later version.
				10	*/
				11
				12	#include <linux/kernel.h>
				13	#include <linux/init.h>
				14	#include <linux/module.h>
				15	#include <linux/rhashtable.h>
				16
				17	#include <linux/if_ether.h>
				18	#include <linux/in6.h>
				19	#include <linux/ip.h>
				20
				21	#include <net/sch_generic.h>
				22	#include <net/pkt_cls.h>
				23	#include <net/ip.h>
				24	#include <net/flow_dissector.h>
				25
				26	struct fl_flow_key {
				27	int indev_ifindex;
Tom Herbert	42aecaa	2015-06-04 09:16:39 -0700	[diff] [blame]	28	struct flow_dissector_key_control control;
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	29	struct flow_dissector_key_basic basic;
				30	struct flow_dissector_key_eth_addrs eth;
Tom Herbert	c3f8324	2015-06-04 09:16:40 -0700	[diff] [blame]	31	struct flow_dissector_key_addrs ipaddrs;
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	32	union {
Tom Herbert	c3f8324	2015-06-04 09:16:40 -0700	[diff] [blame]	33	struct flow_dissector_key_ipv4_addrs ipv4;
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	34	struct flow_dissector_key_ipv6_addrs ipv6;
				35	};
				36	struct flow_dissector_key_ports tp;
				37	} __aligned(BITS_PER_LONG / 8); /* Ensure that we can do comparisons as longs. */
				38
				39	struct fl_flow_mask_range {
				40	unsigned short int start;
				41	unsigned short int end;
				42	};
				43
				44	struct fl_flow_mask {
				45	struct fl_flow_key key;
				46	struct fl_flow_mask_range range;
				47	struct rcu_head rcu;
				48	};
				49
				50	struct cls_fl_head {
				51	struct rhashtable ht;
				52	struct fl_flow_mask mask;
				53	struct flow_dissector dissector;
				54	u32 hgen;
				55	bool mask_assigned;
				56	struct list_head filters;
				57	struct rhashtable_params ht_params;
				58	struct rcu_head rcu;
				59	};
				60
				61	struct cls_fl_filter {
				62	struct rhash_head ht_node;
				63	struct fl_flow_key mkey;
				64	struct tcf_exts exts;
				65	struct tcf_result res;
				66	struct fl_flow_key key;
				67	struct list_head list;
				68	u32 handle;
Amir Vadai	e69985c	2016-06-05 17:11:18 +0300	[diff] [blame]	69	u32 flags;
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	70	struct rcu_head rcu;
				71	};
				72
				73	static unsigned short int fl_mask_range(const struct fl_flow_mask *mask)
				74	{
				75	return mask->range.end - mask->range.start;
				76	}
				77
				78	static void fl_mask_update_range(struct fl_flow_mask *mask)
				79	{
				80	const u8 bytes = (const u8 ) &mask->key;
				81	size_t size = sizeof(mask->key);
				82	size_t i, first = 0, last = size - 1;
				83
				84	for (i = 0; i < sizeof(mask->key); i++) {
				85	if (bytes[i]) {
				86	if (!first && i)
				87	first = i;
				88	last = i;
				89	}
				90	}
				91	mask->range.start = rounddown(first, sizeof(long));
				92	mask->range.end = roundup(last + 1, sizeof(long));
				93	}
				94
				95	static void fl_key_get_start(struct fl_flow_key key,
				96	const struct fl_flow_mask *mask)
				97	{
				98	return (u8 *) key + mask->range.start;
				99	}
				100
				101	static void fl_set_masked_key(struct fl_flow_key mkey, struct fl_flow_key key,
				102	struct fl_flow_mask *mask)
				103	{
				104	const long *lkey = fl_key_get_start(key, mask);
				105	const long *lmask = fl_key_get_start(&mask->key, mask);
				106	long *lmkey = fl_key_get_start(mkey, mask);
				107	int i;
				108
				109	for (i = 0; i < fl_mask_range(mask); i += sizeof(long))
				110	lmkey++ = lkey++ & *lmask++;
				111	}
				112
				113	static void fl_clear_masked_range(struct fl_flow_key *key,
				114	struct fl_flow_mask *mask)
				115	{
				116	memset(fl_key_get_start(key, mask), 0, fl_mask_range(mask));
				117	}
				118
				119	static int fl_classify(struct sk_buff skb, const struct tcf_proto tp,
				120	struct tcf_result *res)
				121	{
				122	struct cls_fl_head *head = rcu_dereference_bh(tp->root);
				123	struct cls_fl_filter *f;
				124	struct fl_flow_key skb_key;
				125	struct fl_flow_key skb_mkey;
				126
Amir Vadai	e69985c	2016-06-05 17:11:18 +0300	[diff] [blame]	127	if (!atomic_read(&head->ht.nelems))
				128	return -1;
				129
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	130	fl_clear_masked_range(&skb_key, &head->mask);
				131	skb_key.indev_ifindex = skb->skb_iif;
				132	/* skb_flow_dissect() does not set n_proto in case an unknown protocol,
				133	* so do it rather here.
				134	*/
				135	skb_key.basic.n_proto = skb->protocol;
Tom Herbert	cd79a23	2015-09-01 09:24:27 -0700	[diff] [blame]	136	skb_flow_dissect(skb, &head->dissector, &skb_key, 0);
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	137
				138	fl_set_masked_key(&skb_mkey, &skb_key, &head->mask);
				139
				140	f = rhashtable_lookup_fast(&head->ht,
				141	fl_key_get_start(&skb_mkey, &head->mask),
				142	head->ht_params);
Amir Vadai	e8eb36c	2016-06-13 12:06:39 +0300	[diff] [blame]	143	if (f && !tc_skip_sw(f->flags)) {
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	144	*res = f->res;
				145	return tcf_exts_exec(skb, &f->exts, res);
				146	}
				147	return -1;
				148	}
				149
				150	static int fl_init(struct tcf_proto *tp)
				151	{
				152	struct cls_fl_head *head;
				153
				154	head = kzalloc(sizeof(*head), GFP_KERNEL);
				155	if (!head)
				156	return -ENOBUFS;
				157
				158	INIT_LIST_HEAD_RCU(&head->filters);
				159	rcu_assign_pointer(tp->root, head);
				160
				161	return 0;
				162	}
				163
				164	static void fl_destroy_filter(struct rcu_head *head)
				165	{
				166	struct cls_fl_filter *f = container_of(head, struct cls_fl_filter, rcu);
				167
				168	tcf_exts_destroy(&f->exts);
				169	kfree(f);
				170	}
				171
Amir Vadai	8208d21	2016-03-11 11:08:45 +0200	[diff] [blame]	172	static void fl_hw_destroy_filter(struct tcf_proto *tp, unsigned long cookie)
Amir Vadai	5b33f48	2016-03-08 12:42:29 +0200	[diff] [blame]	173	{
				174	struct net_device *dev = tp->q->dev_queue->dev;
				175	struct tc_cls_flower_offload offload = {0};
				176	struct tc_to_netdev tc;
				177
Daniel Borkmann	92c075d	2016-06-06 22:50:39 +0200	[diff] [blame]	178	if (!tc_should_offload(dev, tp, 0))
Amir Vadai	5b33f48	2016-03-08 12:42:29 +0200	[diff] [blame]	179	return;
				180
				181	offload.command = TC_CLSFLOWER_DESTROY;
				182	offload.cookie = cookie;
				183
				184	tc.type = TC_SETUP_CLSFLOWER;
				185	tc.cls_flower = &offload;
				186
				187	dev->netdev_ops->ndo_setup_tc(dev, tp->q->handle, tp->protocol, &tc);
				188	}
				189
Amir Vadai	e8eb36c	2016-06-13 12:06:39 +0300	[diff] [blame]	190	static int fl_hw_replace_filter(struct tcf_proto *tp,
				191	struct flow_dissector *dissector,
				192	struct fl_flow_key *mask,
				193	struct fl_flow_key *key,
				194	struct tcf_exts *actions,
				195	unsigned long cookie, u32 flags)
Amir Vadai	5b33f48	2016-03-08 12:42:29 +0200	[diff] [blame]	196	{
				197	struct net_device *dev = tp->q->dev_queue->dev;
				198	struct tc_cls_flower_offload offload = {0};
				199	struct tc_to_netdev tc;
Amir Vadai	e8eb36c	2016-06-13 12:06:39 +0300	[diff] [blame]	200	int err;
Amir Vadai	5b33f48	2016-03-08 12:42:29 +0200	[diff] [blame]	201
Daniel Borkmann	92c075d	2016-06-06 22:50:39 +0200	[diff] [blame]	202	if (!tc_should_offload(dev, tp, flags))
Amir Vadai	e8eb36c	2016-06-13 12:06:39 +0300	[diff] [blame]	203	return tc_skip_sw(flags) ? -EINVAL : 0;
Amir Vadai	5b33f48	2016-03-08 12:42:29 +0200	[diff] [blame]	204
				205	offload.command = TC_CLSFLOWER_REPLACE;
				206	offload.cookie = cookie;
				207	offload.dissector = dissector;
				208	offload.mask = mask;
				209	offload.key = key;
				210	offload.exts = actions;
				211
				212	tc.type = TC_SETUP_CLSFLOWER;
				213	tc.cls_flower = &offload;
				214
Amir Vadai	e8eb36c	2016-06-13 12:06:39 +0300	[diff] [blame]	215	err = dev->netdev_ops->ndo_setup_tc(dev, tp->q->handle, tp->protocol, &tc);
				216
				217	if (tc_skip_sw(flags))
				218	return err;
				219
				220	return 0;
Amir Vadai	5b33f48	2016-03-08 12:42:29 +0200	[diff] [blame]	221	}
				222
Amir Vadai	10cbc68	2016-05-13 12:55:37 +0000	[diff] [blame]	223	static void fl_hw_update_stats(struct tcf_proto tp, struct cls_fl_filter f)
				224	{
				225	struct net_device *dev = tp->q->dev_queue->dev;
				226	struct tc_cls_flower_offload offload = {0};
				227	struct tc_to_netdev tc;
				228
Daniel Borkmann	92c075d	2016-06-06 22:50:39 +0200	[diff] [blame]	229	if (!tc_should_offload(dev, tp, 0))
Amir Vadai	10cbc68	2016-05-13 12:55:37 +0000	[diff] [blame]	230	return;
				231
				232	offload.command = TC_CLSFLOWER_STATS;
				233	offload.cookie = (unsigned long)f;
				234	offload.exts = &f->exts;
				235
				236	tc.type = TC_SETUP_CLSFLOWER;
				237	tc.cls_flower = &offload;
				238
				239	dev->netdev_ops->ndo_setup_tc(dev, tp->q->handle, tp->protocol, &tc);
				240	}
				241
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	242	static bool fl_destroy(struct tcf_proto *tp, bool force)
				243	{
				244	struct cls_fl_head *head = rtnl_dereference(tp->root);
				245	struct cls_fl_filter f, next;
				246
				247	if (!force && !list_empty(&head->filters))
				248	return false;
				249
				250	list_for_each_entry_safe(f, next, &head->filters, list) {
Amir Vadai	8208d21	2016-03-11 11:08:45 +0200	[diff] [blame]	251	fl_hw_destroy_filter(tp, (unsigned long)f);
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	252	list_del_rcu(&f->list);
				253	call_rcu(&f->rcu, fl_destroy_filter);
				254	}
				255	RCU_INIT_POINTER(tp->root, NULL);
				256	if (head->mask_assigned)
				257	rhashtable_destroy(&head->ht);
				258	kfree_rcu(head, rcu);
				259	return true;
				260	}
				261
				262	static unsigned long fl_get(struct tcf_proto *tp, u32 handle)
				263	{
				264	struct cls_fl_head *head = rtnl_dereference(tp->root);
				265	struct cls_fl_filter *f;
				266
				267	list_for_each_entry(f, &head->filters, list)
				268	if (f->handle == handle)
				269	return (unsigned long) f;
				270	return 0;
				271	}
				272
				273	static const struct nla_policy fl_policy[TCA_FLOWER_MAX + 1] = {
				274	[TCA_FLOWER_UNSPEC] = { .type = NLA_UNSPEC },
				275	[TCA_FLOWER_CLASSID] = { .type = NLA_U32 },
				276	[TCA_FLOWER_INDEV] = { .type = NLA_STRING,
				277	.len = IFNAMSIZ },
				278	[TCA_FLOWER_KEY_ETH_DST] = { .len = ETH_ALEN },
				279	[TCA_FLOWER_KEY_ETH_DST_MASK] = { .len = ETH_ALEN },
				280	[TCA_FLOWER_KEY_ETH_SRC] = { .len = ETH_ALEN },
				281	[TCA_FLOWER_KEY_ETH_SRC_MASK] = { .len = ETH_ALEN },
				282	[TCA_FLOWER_KEY_ETH_TYPE] = { .type = NLA_U16 },
				283	[TCA_FLOWER_KEY_IP_PROTO] = { .type = NLA_U8 },
				284	[TCA_FLOWER_KEY_IPV4_SRC] = { .type = NLA_U32 },
				285	[TCA_FLOWER_KEY_IPV4_SRC_MASK] = { .type = NLA_U32 },
				286	[TCA_FLOWER_KEY_IPV4_DST] = { .type = NLA_U32 },
				287	[TCA_FLOWER_KEY_IPV4_DST_MASK] = { .type = NLA_U32 },
				288	[TCA_FLOWER_KEY_IPV6_SRC] = { .len = sizeof(struct in6_addr) },
				289	[TCA_FLOWER_KEY_IPV6_SRC_MASK] = { .len = sizeof(struct in6_addr) },
				290	[TCA_FLOWER_KEY_IPV6_DST] = { .len = sizeof(struct in6_addr) },
				291	[TCA_FLOWER_KEY_IPV6_DST_MASK] = { .len = sizeof(struct in6_addr) },
				292	[TCA_FLOWER_KEY_TCP_SRC] = { .type = NLA_U16 },
				293	[TCA_FLOWER_KEY_TCP_DST] = { .type = NLA_U16 },
Jamal Hadi Salim	b175c3a	2015-06-25 06:55:27 -0400	[diff] [blame]	294	[TCA_FLOWER_KEY_UDP_SRC] = { .type = NLA_U16 },
				295	[TCA_FLOWER_KEY_UDP_DST] = { .type = NLA_U16 },
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	296	};
				297
				298	static void fl_set_key_val(struct nlattr **tb,
				299	void *val, int val_type,
				300	void *mask, int mask_type, int len)
				301	{
				302	if (!tb[val_type])
				303	return;
				304	memcpy(val, nla_data(tb[val_type]), len);
				305	if (mask_type == TCA_FLOWER_UNSPEC \|\| !tb[mask_type])
				306	memset(mask, 0xff, len);
				307	else
				308	memcpy(mask, nla_data(tb[mask_type]), len);
				309	}
				310
				311	static int fl_set_key(struct net net, struct nlattr *tb,
				312	struct fl_flow_key key, struct fl_flow_key mask)
				313	{
Brian Haley	dd3aa3b	2015-05-14 13:20:15 -0400	[diff] [blame]	314	#ifdef CONFIG_NET_CLS_IND
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	315	if (tb[TCA_FLOWER_INDEV]) {
Brian Haley	dd3aa3b	2015-05-14 13:20:15 -0400	[diff] [blame]	316	int err = tcf_change_indev(net, tb[TCA_FLOWER_INDEV]);
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	317	if (err < 0)
				318	return err;
				319	key->indev_ifindex = err;
				320	mask->indev_ifindex = 0xffffffff;
				321	}
Brian Haley	dd3aa3b	2015-05-14 13:20:15 -0400	[diff] [blame]	322	#endif
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	323
				324	fl_set_key_val(tb, key->eth.dst, TCA_FLOWER_KEY_ETH_DST,
				325	mask->eth.dst, TCA_FLOWER_KEY_ETH_DST_MASK,
				326	sizeof(key->eth.dst));
				327	fl_set_key_val(tb, key->eth.src, TCA_FLOWER_KEY_ETH_SRC,
				328	mask->eth.src, TCA_FLOWER_KEY_ETH_SRC_MASK,
				329	sizeof(key->eth.src));
Jamal Hadi Salim	66530bd	2016-01-10 11:47:01 -0500	[diff] [blame]	330
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	331	fl_set_key_val(tb, &key->basic.n_proto, TCA_FLOWER_KEY_ETH_TYPE,
				332	&mask->basic.n_proto, TCA_FLOWER_UNSPEC,
				333	sizeof(key->basic.n_proto));
Jamal Hadi Salim	66530bd	2016-01-10 11:47:01 -0500	[diff] [blame]	334
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	335	if (key->basic.n_proto == htons(ETH_P_IP) \|\|
				336	key->basic.n_proto == htons(ETH_P_IPV6)) {
				337	fl_set_key_val(tb, &key->basic.ip_proto, TCA_FLOWER_KEY_IP_PROTO,
				338	&mask->basic.ip_proto, TCA_FLOWER_UNSPEC,
				339	sizeof(key->basic.ip_proto));
				340	}
Jamal Hadi Salim	66530bd	2016-01-10 11:47:01 -0500	[diff] [blame]	341
				342	if (tb[TCA_FLOWER_KEY_IPV4_SRC] \|\| tb[TCA_FLOWER_KEY_IPV4_DST]) {
				343	key->control.addr_type = FLOW_DISSECTOR_KEY_IPV4_ADDRS;
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	344	fl_set_key_val(tb, &key->ipv4.src, TCA_FLOWER_KEY_IPV4_SRC,
				345	&mask->ipv4.src, TCA_FLOWER_KEY_IPV4_SRC_MASK,
				346	sizeof(key->ipv4.src));
				347	fl_set_key_val(tb, &key->ipv4.dst, TCA_FLOWER_KEY_IPV4_DST,
				348	&mask->ipv4.dst, TCA_FLOWER_KEY_IPV4_DST_MASK,
				349	sizeof(key->ipv4.dst));
Jamal Hadi Salim	66530bd	2016-01-10 11:47:01 -0500	[diff] [blame]	350	} else if (tb[TCA_FLOWER_KEY_IPV6_SRC] \|\| tb[TCA_FLOWER_KEY_IPV6_DST]) {
				351	key->control.addr_type = FLOW_DISSECTOR_KEY_IPV6_ADDRS;
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	352	fl_set_key_val(tb, &key->ipv6.src, TCA_FLOWER_KEY_IPV6_SRC,
				353	&mask->ipv6.src, TCA_FLOWER_KEY_IPV6_SRC_MASK,
				354	sizeof(key->ipv6.src));
				355	fl_set_key_val(tb, &key->ipv6.dst, TCA_FLOWER_KEY_IPV6_DST,
				356	&mask->ipv6.dst, TCA_FLOWER_KEY_IPV6_DST_MASK,
				357	sizeof(key->ipv6.dst));
				358	}
Jamal Hadi Salim	66530bd	2016-01-10 11:47:01 -0500	[diff] [blame]	359
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	360	if (key->basic.ip_proto == IPPROTO_TCP) {
				361	fl_set_key_val(tb, &key->tp.src, TCA_FLOWER_KEY_TCP_SRC,
				362	&mask->tp.src, TCA_FLOWER_UNSPEC,
				363	sizeof(key->tp.src));
				364	fl_set_key_val(tb, &key->tp.dst, TCA_FLOWER_KEY_TCP_DST,
				365	&mask->tp.dst, TCA_FLOWER_UNSPEC,
				366	sizeof(key->tp.dst));
				367	} else if (key->basic.ip_proto == IPPROTO_UDP) {
				368	fl_set_key_val(tb, &key->tp.src, TCA_FLOWER_KEY_UDP_SRC,
				369	&mask->tp.src, TCA_FLOWER_UNSPEC,
				370	sizeof(key->tp.src));
				371	fl_set_key_val(tb, &key->tp.dst, TCA_FLOWER_KEY_UDP_DST,
				372	&mask->tp.dst, TCA_FLOWER_UNSPEC,
				373	sizeof(key->tp.dst));
				374	}
				375
				376	return 0;
				377	}
				378
				379	static bool fl_mask_eq(struct fl_flow_mask *mask1,
				380	struct fl_flow_mask *mask2)
				381	{
				382	const long *lmask1 = fl_key_get_start(&mask1->key, mask1);
				383	const long *lmask2 = fl_key_get_start(&mask2->key, mask2);
				384
				385	return !memcmp(&mask1->range, &mask2->range, sizeof(mask1->range)) &&
				386	!memcmp(lmask1, lmask2, fl_mask_range(mask1));
				387	}
				388
				389	static const struct rhashtable_params fl_ht_params = {
				390	.key_offset = offsetof(struct cls_fl_filter, mkey), /* base offset */
				391	.head_offset = offsetof(struct cls_fl_filter, ht_node),
				392	.automatic_shrinking = true,
				393	};
				394
				395	static int fl_init_hashtable(struct cls_fl_head *head,
				396	struct fl_flow_mask *mask)
				397	{
				398	head->ht_params = fl_ht_params;
				399	head->ht_params.key_len = fl_mask_range(mask);
				400	head->ht_params.key_offset += mask->range.start;
				401
				402	return rhashtable_init(&head->ht, &head->ht_params);
				403	}
				404
				405	#define FL_KEY_MEMBER_OFFSET(member) offsetof(struct fl_flow_key, member)
				406	#define FL_KEY_MEMBER_SIZE(member) (sizeof(((struct fl_flow_key *) 0)->member))
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	407
Hadar Hen Zion	339ba87	2016-08-17 13:36:12 +0300	[diff] [blame^]	408	#define FL_KEY_IS_MASKED(mask, member) \
				409	memchr_inv(((char *)mask) + FL_KEY_MEMBER_OFFSET(member), \
				410	0, FL_KEY_MEMBER_SIZE(member)) \
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	411
				412	#define FL_KEY_SET(keys, cnt, id, member) \
				413	do { \
				414	keys[cnt].key_id = id; \
				415	keys[cnt].offset = FL_KEY_MEMBER_OFFSET(member); \
				416	cnt++; \
				417	} while(0);
				418
Hadar Hen Zion	339ba87	2016-08-17 13:36:12 +0300	[diff] [blame^]	419	#define FL_KEY_SET_IF_MASKED(mask, keys, cnt, id, member) \
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	420	do { \
Hadar Hen Zion	339ba87	2016-08-17 13:36:12 +0300	[diff] [blame^]	421	if (FL_KEY_IS_MASKED(mask, member)) \
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	422	FL_KEY_SET(keys, cnt, id, member); \
				423	} while(0);
				424
				425	static void fl_init_dissector(struct cls_fl_head *head,
				426	struct fl_flow_mask *mask)
				427	{
				428	struct flow_dissector_key keys[FLOW_DISSECTOR_KEY_MAX];
				429	size_t cnt = 0;
				430
Tom Herbert	42aecaa	2015-06-04 09:16:39 -0700	[diff] [blame]	431	FL_KEY_SET(keys, cnt, FLOW_DISSECTOR_KEY_CONTROL, control);
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	432	FL_KEY_SET(keys, cnt, FLOW_DISSECTOR_KEY_BASIC, basic);
Hadar Hen Zion	339ba87	2016-08-17 13:36:12 +0300	[diff] [blame^]	433	FL_KEY_SET_IF_MASKED(&mask->key, keys, cnt,
				434	FLOW_DISSECTOR_KEY_ETH_ADDRS, eth);
				435	FL_KEY_SET_IF_MASKED(&mask->key, keys, cnt,
				436	FLOW_DISSECTOR_KEY_IPV4_ADDRS, ipv4);
				437	FL_KEY_SET_IF_MASKED(&mask->key, keys, cnt,
				438	FLOW_DISSECTOR_KEY_IPV6_ADDRS, ipv6);
				439	FL_KEY_SET_IF_MASKED(&mask->key, keys, cnt,
				440	FLOW_DISSECTOR_KEY_PORTS, tp);
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	441
				442	skb_flow_dissector_init(&head->dissector, keys, cnt);
				443	}
				444
				445	static int fl_check_assign_mask(struct cls_fl_head *head,
				446	struct fl_flow_mask *mask)
				447	{
				448	int err;
				449
				450	if (head->mask_assigned) {
				451	if (!fl_mask_eq(&head->mask, mask))
				452	return -EINVAL;
				453	else
				454	return 0;
				455	}
				456
				457	/* Mask is not assigned yet. So assign it and init hashtable
				458	* according to that.
				459	*/
				460	err = fl_init_hashtable(head, mask);
				461	if (err)
				462	return err;
				463	memcpy(&head->mask, mask, sizeof(head->mask));
				464	head->mask_assigned = true;
				465
				466	fl_init_dissector(head, mask);
				467
				468	return 0;
				469	}
				470
				471	static int fl_set_parms(struct net net, struct tcf_proto tp,
				472	struct cls_fl_filter f, struct fl_flow_mask mask,
				473	unsigned long base, struct nlattr **tb,
				474	struct nlattr *est, bool ovr)
				475	{
				476	struct tcf_exts e;
				477	int err;
				478
				479	tcf_exts_init(&e, TCA_FLOWER_ACT, 0);
				480	err = tcf_exts_validate(net, tp, tb, est, &e, ovr);
				481	if (err < 0)
				482	return err;
				483
				484	if (tb[TCA_FLOWER_CLASSID]) {
				485	f->res.classid = nla_get_u32(tb[TCA_FLOWER_CLASSID]);
				486	tcf_bind_filter(tp, &f->res, base);
				487	}
				488
				489	err = fl_set_key(net, tb, &f->key, &mask->key);
				490	if (err)
				491	goto errout;
				492
				493	fl_mask_update_range(mask);
				494	fl_set_masked_key(&f->mkey, &f->key, mask);
				495
				496	tcf_exts_change(tp, &f->exts, &e);
				497
				498	return 0;
				499	errout:
				500	tcf_exts_destroy(&e);
				501	return err;
				502	}
				503
				504	static u32 fl_grab_new_handle(struct tcf_proto *tp,
				505	struct cls_fl_head *head)
				506	{
				507	unsigned int i = 0x80000000;
				508	u32 handle;
				509
				510	do {
				511	if (++head->hgen == 0x7FFFFFFF)
				512	head->hgen = 1;
				513	} while (--i > 0 && fl_get(tp, head->hgen));
				514
				515	if (unlikely(i == 0)) {
				516	pr_err("Insufficient number of handles\n");
				517	handle = 0;
				518	} else {
				519	handle = head->hgen;
				520	}
				521
				522	return handle;
				523	}
				524
				525	static int fl_change(struct net net, struct sk_buff in_skb,
				526	struct tcf_proto *tp, unsigned long base,
				527	u32 handle, struct nlattr **tca,
				528	unsigned long *arg, bool ovr)
				529	{
				530	struct cls_fl_head *head = rtnl_dereference(tp->root);
				531	struct cls_fl_filter fold = (struct cls_fl_filter ) *arg;
				532	struct cls_fl_filter *fnew;
				533	struct nlattr *tb[TCA_FLOWER_MAX + 1];
				534	struct fl_flow_mask mask = {};
				535	int err;
				536
				537	if (!tca[TCA_OPTIONS])
				538	return -EINVAL;
				539
				540	err = nla_parse_nested(tb, TCA_FLOWER_MAX, tca[TCA_OPTIONS], fl_policy);
				541	if (err < 0)
				542	return err;
				543
				544	if (fold && handle && fold->handle != handle)
				545	return -EINVAL;
				546
				547	fnew = kzalloc(sizeof(*fnew), GFP_KERNEL);
				548	if (!fnew)
				549	return -ENOBUFS;
				550
				551	tcf_exts_init(&fnew->exts, TCA_FLOWER_ACT, 0);
				552
				553	if (!handle) {
				554	handle = fl_grab_new_handle(tp, head);
				555	if (!handle) {
				556	err = -EINVAL;
				557	goto errout;
				558	}
				559	}
				560	fnew->handle = handle;
				561
Amir Vadai	e69985c	2016-06-05 17:11:18 +0300	[diff] [blame]	562	if (tb[TCA_FLOWER_FLAGS]) {
				563	fnew->flags = nla_get_u32(tb[TCA_FLOWER_FLAGS]);
				564
				565	if (!tc_flags_valid(fnew->flags)) {
				566	err = -EINVAL;
				567	goto errout;
				568	}
				569	}
Amir Vadai	5b33f48	2016-03-08 12:42:29 +0200	[diff] [blame]	570
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	571	err = fl_set_parms(net, tp, fnew, &mask, base, tb, tca[TCA_RATE], ovr);
				572	if (err)
				573	goto errout;
				574
				575	err = fl_check_assign_mask(head, &mask);
				576	if (err)
				577	goto errout;
				578
Amir Vadai	e8eb36c	2016-06-13 12:06:39 +0300	[diff] [blame]	579	if (!tc_skip_sw(fnew->flags)) {
Amir Vadai	e69985c	2016-06-05 17:11:18 +0300	[diff] [blame]	580	err = rhashtable_insert_fast(&head->ht, &fnew->ht_node,
				581	head->ht_params);
				582	if (err)
				583	goto errout;
				584	}
Amir Vadai	5b33f48	2016-03-08 12:42:29 +0200	[diff] [blame]	585
Amir Vadai	e8eb36c	2016-06-13 12:06:39 +0300	[diff] [blame]	586	err = fl_hw_replace_filter(tp,
				587	&head->dissector,
				588	&mask.key,
				589	&fnew->key,
				590	&fnew->exts,
				591	(unsigned long)fnew,
				592	fnew->flags);
				593	if (err)
				594	goto errout;
Amir Vadai	5b33f48	2016-03-08 12:42:29 +0200	[diff] [blame]	595
				596	if (fold) {
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	597	rhashtable_remove_fast(&head->ht, &fold->ht_node,
				598	head->ht_params);
Amir Vadai	8208d21	2016-03-11 11:08:45 +0200	[diff] [blame]	599	fl_hw_destroy_filter(tp, (unsigned long)fold);
Amir Vadai	5b33f48	2016-03-08 12:42:29 +0200	[diff] [blame]	600	}
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	601
				602	*arg = (unsigned long) fnew;
				603
				604	if (fold) {
Daniel Borkmann	ff3532f	2015-07-17 22:38:44 +0200	[diff] [blame]	605	list_replace_rcu(&fold->list, &fnew->list);
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	606	tcf_unbind_filter(tp, &fold->res);
				607	call_rcu(&fold->rcu, fl_destroy_filter);
				608	} else {
				609	list_add_tail_rcu(&fnew->list, &head->filters);
				610	}
				611
				612	return 0;
				613
				614	errout:
				615	kfree(fnew);
				616	return err;
				617	}
				618
				619	static int fl_delete(struct tcf_proto *tp, unsigned long arg)
				620	{
				621	struct cls_fl_head *head = rtnl_dereference(tp->root);
				622	struct cls_fl_filter f = (struct cls_fl_filter ) arg;
				623
				624	rhashtable_remove_fast(&head->ht, &f->ht_node,
				625	head->ht_params);
				626	list_del_rcu(&f->list);
Amir Vadai	8208d21	2016-03-11 11:08:45 +0200	[diff] [blame]	627	fl_hw_destroy_filter(tp, (unsigned long)f);
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	628	tcf_unbind_filter(tp, &f->res);
				629	call_rcu(&f->rcu, fl_destroy_filter);
				630	return 0;
				631	}
				632
				633	static void fl_walk(struct tcf_proto tp, struct tcf_walker arg)
				634	{
				635	struct cls_fl_head *head = rtnl_dereference(tp->root);
				636	struct cls_fl_filter *f;
				637
				638	list_for_each_entry_rcu(f, &head->filters, list) {
				639	if (arg->count < arg->skip)
				640	goto skip;
				641	if (arg->fn(tp, (unsigned long) f, arg) < 0) {
				642	arg->stop = 1;
				643	break;
				644	}
				645	skip:
				646	arg->count++;
				647	}
				648	}
				649
				650	static int fl_dump_key_val(struct sk_buff *skb,
				651	void *val, int val_type,
				652	void *mask, int mask_type, int len)
				653	{
				654	int err;
				655
				656	if (!memchr_inv(mask, 0, len))
				657	return 0;
				658	err = nla_put(skb, val_type, len, val);
				659	if (err)
				660	return err;
				661	if (mask_type != TCA_FLOWER_UNSPEC) {
				662	err = nla_put(skb, mask_type, len, mask);
				663	if (err)
				664	return err;
				665	}
				666	return 0;
				667	}
				668
				669	static int fl_dump(struct net net, struct tcf_proto tp, unsigned long fh,
				670	struct sk_buff skb, struct tcmsg t)
				671	{
				672	struct cls_fl_head *head = rtnl_dereference(tp->root);
				673	struct cls_fl_filter f = (struct cls_fl_filter ) fh;
				674	struct nlattr *nest;
				675	struct fl_flow_key key, mask;
				676
				677	if (!f)
				678	return skb->len;
				679
				680	t->tcm_handle = f->handle;
				681
				682	nest = nla_nest_start(skb, TCA_OPTIONS);
				683	if (!nest)
				684	goto nla_put_failure;
				685
				686	if (f->res.classid &&
				687	nla_put_u32(skb, TCA_FLOWER_CLASSID, f->res.classid))
				688	goto nla_put_failure;
				689
				690	key = &f->key;
				691	mask = &head->mask.key;
				692
				693	if (mask->indev_ifindex) {
				694	struct net_device *dev;
				695
				696	dev = __dev_get_by_index(net, key->indev_ifindex);
				697	if (dev && nla_put_string(skb, TCA_FLOWER_INDEV, dev->name))
				698	goto nla_put_failure;
				699	}
				700
Amir Vadai	10cbc68	2016-05-13 12:55:37 +0000	[diff] [blame]	701	fl_hw_update_stats(tp, f);
				702
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	703	if (fl_dump_key_val(skb, key->eth.dst, TCA_FLOWER_KEY_ETH_DST,
				704	mask->eth.dst, TCA_FLOWER_KEY_ETH_DST_MASK,
				705	sizeof(key->eth.dst)) \|\|
				706	fl_dump_key_val(skb, key->eth.src, TCA_FLOWER_KEY_ETH_SRC,
				707	mask->eth.src, TCA_FLOWER_KEY_ETH_SRC_MASK,
				708	sizeof(key->eth.src)) \|\|
				709	fl_dump_key_val(skb, &key->basic.n_proto, TCA_FLOWER_KEY_ETH_TYPE,
				710	&mask->basic.n_proto, TCA_FLOWER_UNSPEC,
				711	sizeof(key->basic.n_proto)))
				712	goto nla_put_failure;
				713	if ((key->basic.n_proto == htons(ETH_P_IP) \|\|
				714	key->basic.n_proto == htons(ETH_P_IPV6)) &&
				715	fl_dump_key_val(skb, &key->basic.ip_proto, TCA_FLOWER_KEY_IP_PROTO,
				716	&mask->basic.ip_proto, TCA_FLOWER_UNSPEC,
				717	sizeof(key->basic.ip_proto)))
				718	goto nla_put_failure;
				719
Tom Herbert	c3f8324	2015-06-04 09:16:40 -0700	[diff] [blame]	720	if (key->control.addr_type == FLOW_DISSECTOR_KEY_IPV4_ADDRS &&
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	721	(fl_dump_key_val(skb, &key->ipv4.src, TCA_FLOWER_KEY_IPV4_SRC,
				722	&mask->ipv4.src, TCA_FLOWER_KEY_IPV4_SRC_MASK,
				723	sizeof(key->ipv4.src)) \|\|
				724	fl_dump_key_val(skb, &key->ipv4.dst, TCA_FLOWER_KEY_IPV4_DST,
				725	&mask->ipv4.dst, TCA_FLOWER_KEY_IPV4_DST_MASK,
				726	sizeof(key->ipv4.dst))))
				727	goto nla_put_failure;
Tom Herbert	c3f8324	2015-06-04 09:16:40 -0700	[diff] [blame]	728	else if (key->control.addr_type == FLOW_DISSECTOR_KEY_IPV6_ADDRS &&
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	729	(fl_dump_key_val(skb, &key->ipv6.src, TCA_FLOWER_KEY_IPV6_SRC,
				730	&mask->ipv6.src, TCA_FLOWER_KEY_IPV6_SRC_MASK,
				731	sizeof(key->ipv6.src)) \|\|
				732	fl_dump_key_val(skb, &key->ipv6.dst, TCA_FLOWER_KEY_IPV6_DST,
				733	&mask->ipv6.dst, TCA_FLOWER_KEY_IPV6_DST_MASK,
				734	sizeof(key->ipv6.dst))))
				735	goto nla_put_failure;
				736
				737	if (key->basic.ip_proto == IPPROTO_TCP &&
				738	(fl_dump_key_val(skb, &key->tp.src, TCA_FLOWER_KEY_TCP_SRC,
				739	&mask->tp.src, TCA_FLOWER_UNSPEC,
				740	sizeof(key->tp.src)) \|\|
				741	fl_dump_key_val(skb, &key->tp.dst, TCA_FLOWER_KEY_TCP_DST,
				742	&mask->tp.dst, TCA_FLOWER_UNSPEC,
				743	sizeof(key->tp.dst))))
				744	goto nla_put_failure;
				745	else if (key->basic.ip_proto == IPPROTO_UDP &&
				746	(fl_dump_key_val(skb, &key->tp.src, TCA_FLOWER_KEY_UDP_SRC,
				747	&mask->tp.src, TCA_FLOWER_UNSPEC,
				748	sizeof(key->tp.src)) \|\|
				749	fl_dump_key_val(skb, &key->tp.dst, TCA_FLOWER_KEY_UDP_DST,
				750	&mask->tp.dst, TCA_FLOWER_UNSPEC,
				751	sizeof(key->tp.dst))))
				752	goto nla_put_failure;
				753
Amir Vadai	e69985c	2016-06-05 17:11:18 +0300	[diff] [blame]	754	nla_put_u32(skb, TCA_FLOWER_FLAGS, f->flags);
				755
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	756	if (tcf_exts_dump(skb, &f->exts))
				757	goto nla_put_failure;
				758
				759	nla_nest_end(skb, nest);
				760
				761	if (tcf_exts_dump_stats(skb, &f->exts) < 0)
				762	goto nla_put_failure;
				763
				764	return skb->len;
				765
				766	nla_put_failure:
				767	nla_nest_cancel(skb, nest);
				768	return -1;
				769	}
				770
				771	static struct tcf_proto_ops cls_fl_ops __read_mostly = {
				772	.kind = "flower",
				773	.classify = fl_classify,
				774	.init = fl_init,
				775	.destroy = fl_destroy,
				776	.get = fl_get,
				777	.change = fl_change,
				778	.delete = fl_delete,
				779	.walk = fl_walk,
				780	.dump = fl_dump,
				781	.owner = THIS_MODULE,
				782	};
				783
				784	static int __init cls_fl_init(void)
				785	{
				786	return register_tcf_proto_ops(&cls_fl_ops);
				787	}
				788
				789	static void __exit cls_fl_exit(void)
				790	{
				791	unregister_tcf_proto_ops(&cls_fl_ops);
				792	}
				793
				794	module_init(cls_fl_init);
				795	module_exit(cls_fl_exit);
				796
				797	MODULE_AUTHOR("Jiri Pirko <jiri@resnulli.us>");
				798	MODULE_DESCRIPTION("Flower classifier");
				799	MODULE_LICENSE("GPL v2");