blob: 861b03ccfed0a55007ceb001a297b05906b36ed3 [file] [log] [blame]
Linus Torvalds1da177e2005-04-16 15:20:36 -07001/*
2 * net/sched/cls_fw.c Classifier mapping ipchains' fwmark to traffic class.
3 *
4 * This program is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU General Public License
6 * as published by the Free Software Foundation; either version
7 * 2 of the License, or (at your option) any later version.
8 *
9 * Authors: Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru>
10 *
11 * Changes:
12 * Karlis Peisenieks <karlis@mt.lv> : 990415 : fw_walk off by one
13 * Karlis Peisenieks <karlis@mt.lv> : 990415 : fw_delete killed all the filter (and kernel).
14 * Alex <alex@pilotsoft.com> : 2004xxyy: Added Action extension
15 *
16 * JHS: We should remove the CONFIG_NET_CLS_IND from here
17 * eventually when the meta match extension is made available
18 *
19 */
20
Linus Torvalds1da177e2005-04-16 15:20:36 -070021#include <linux/module.h>
Tejun Heo5a0e3ad2010-03-24 17:04:11 +090022#include <linux/slab.h>
Linus Torvalds1da177e2005-04-16 15:20:36 -070023#include <linux/types.h>
24#include <linux/kernel.h>
Linus Torvalds1da177e2005-04-16 15:20:36 -070025#include <linux/string.h>
Linus Torvalds1da177e2005-04-16 15:20:36 -070026#include <linux/errno.h>
Linus Torvalds1da177e2005-04-16 15:20:36 -070027#include <linux/skbuff.h>
Patrick McHardy0ba48052007-07-02 22:49:07 -070028#include <net/netlink.h>
Linus Torvalds1da177e2005-04-16 15:20:36 -070029#include <net/act_api.h>
30#include <net/pkt_cls.h>
31
Eric Dumazetd37d8ac2014-03-17 20:20:49 -070032#define HTSIZE 256
Thomas Grafc5c13fa2005-04-24 20:19:54 -070033
Eric Dumazetcc7ec452011-01-19 19:26:56 +000034struct fw_head {
Eric Dumazetd37d8ac2014-03-17 20:20:49 -070035 u32 mask;
36 struct fw_filter *ht[HTSIZE];
Linus Torvalds1da177e2005-04-16 15:20:36 -070037};
38
Eric Dumazetcc7ec452011-01-19 19:26:56 +000039struct fw_filter {
Linus Torvalds1da177e2005-04-16 15:20:36 -070040 struct fw_filter *next;
41 u32 id;
42 struct tcf_result res;
43#ifdef CONFIG_NET_CLS_IND
WANG Cong2519a602014-01-09 16:14:02 -080044 int ifindex;
Linus Torvalds1da177e2005-04-16 15:20:36 -070045#endif /* CONFIG_NET_CLS_IND */
46 struct tcf_exts exts;
47};
48
Eric Dumazetd37d8ac2014-03-17 20:20:49 -070049static u32 fw_hash(u32 handle)
Linus Torvalds1da177e2005-04-16 15:20:36 -070050{
Eric Dumazetd37d8ac2014-03-17 20:20:49 -070051 handle ^= (handle >> 16);
52 handle ^= (handle >> 8);
53 return handle % HTSIZE;
Linus Torvalds1da177e2005-04-16 15:20:36 -070054}
55
Eric Dumazetdc7f9f62011-07-05 23:25:42 +000056static int fw_classify(struct sk_buff *skb, const struct tcf_proto *tp,
Linus Torvalds1da177e2005-04-16 15:20:36 -070057 struct tcf_result *res)
58{
WANG Conga8701a62014-01-09 16:14:03 -080059 struct fw_head *head = tp->root;
Linus Torvalds1da177e2005-04-16 15:20:36 -070060 struct fw_filter *f;
61 int r;
Patrick McHardy5c804bf2006-12-05 13:46:13 -080062 u32 id = skb->mark;
Linus Torvalds1da177e2005-04-16 15:20:36 -070063
64 if (head != NULL) {
Patrick McHardy5c804bf2006-12-05 13:46:13 -080065 id &= head->mask;
Eric Dumazetcc7ec452011-01-19 19:26:56 +000066 for (f = head->ht[fw_hash(id)]; f; f = f->next) {
Linus Torvalds1da177e2005-04-16 15:20:36 -070067 if (f->id == id) {
68 *res = f->res;
69#ifdef CONFIG_NET_CLS_IND
WANG Cong2519a602014-01-09 16:14:02 -080070 if (!tcf_match_indev(skb, f->ifindex))
Linus Torvalds1da177e2005-04-16 15:20:36 -070071 continue;
72#endif /* CONFIG_NET_CLS_IND */
73 r = tcf_exts_exec(skb, &f->exts, res);
74 if (r < 0)
75 continue;
76
77 return r;
78 }
79 }
80 } else {
81 /* old method */
Eric Dumazetcc7ec452011-01-19 19:26:56 +000082 if (id && (TC_H_MAJ(id) == 0 ||
83 !(TC_H_MAJ(id ^ tp->q->handle)))) {
Linus Torvalds1da177e2005-04-16 15:20:36 -070084 res->classid = id;
85 res->class = 0;
86 return 0;
87 }
88 }
89
90 return -1;
91}
92
93static unsigned long fw_get(struct tcf_proto *tp, u32 handle)
94{
WANG Conga8701a62014-01-09 16:14:03 -080095 struct fw_head *head = tp->root;
Linus Torvalds1da177e2005-04-16 15:20:36 -070096 struct fw_filter *f;
97
98 if (head == NULL)
99 return 0;
100
Eric Dumazetcc7ec452011-01-19 19:26:56 +0000101 for (f = head->ht[fw_hash(handle)]; f; f = f->next) {
Linus Torvalds1da177e2005-04-16 15:20:36 -0700102 if (f->id == handle)
103 return (unsigned long)f;
104 }
105 return 0;
106}
107
108static void fw_put(struct tcf_proto *tp, unsigned long f)
109{
110}
111
112static int fw_init(struct tcf_proto *tp)
113{
114 return 0;
115}
116
Eric Dumazetcc7ec452011-01-19 19:26:56 +0000117static void fw_delete_filter(struct tcf_proto *tp, struct fw_filter *f)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700118{
119 tcf_unbind_filter(tp, &f->res);
120 tcf_exts_destroy(tp, &f->exts);
121 kfree(f);
122}
123
124static void fw_destroy(struct tcf_proto *tp)
125{
Patrick McHardy47a1a1d2008-11-19 08:03:09 +0000126 struct fw_head *head = tp->root;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700127 struct fw_filter *f;
128 int h;
129
130 if (head == NULL)
131 return;
132
Eric Dumazetcc7ec452011-01-19 19:26:56 +0000133 for (h = 0; h < HTSIZE; h++) {
134 while ((f = head->ht[h]) != NULL) {
Linus Torvalds1da177e2005-04-16 15:20:36 -0700135 head->ht[h] = f->next;
136 fw_delete_filter(tp, f);
137 }
138 }
139 kfree(head);
140}
141
142static int fw_delete(struct tcf_proto *tp, unsigned long arg)
143{
WANG Conga8701a62014-01-09 16:14:03 -0800144 struct fw_head *head = tp->root;
Eric Dumazetcc7ec452011-01-19 19:26:56 +0000145 struct fw_filter *f = (struct fw_filter *)arg;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700146 struct fw_filter **fp;
147
148 if (head == NULL || f == NULL)
149 goto out;
150
Eric Dumazetcc7ec452011-01-19 19:26:56 +0000151 for (fp = &head->ht[fw_hash(f->id)]; *fp; fp = &(*fp)->next) {
Linus Torvalds1da177e2005-04-16 15:20:36 -0700152 if (*fp == f) {
153 tcf_tree_lock(tp);
154 *fp = f->next;
155 tcf_tree_unlock(tp);
156 fw_delete_filter(tp, f);
157 return 0;
158 }
159 }
160out:
161 return -EINVAL;
162}
163
Patrick McHardy6fa8c012008-01-23 20:36:12 -0800164static const struct nla_policy fw_policy[TCA_FW_MAX + 1] = {
165 [TCA_FW_CLASSID] = { .type = NLA_U32 },
166 [TCA_FW_INDEV] = { .type = NLA_STRING, .len = IFNAMSIZ },
167 [TCA_FW_MASK] = { .type = NLA_U32 },
168};
169
Linus Torvalds1da177e2005-04-16 15:20:36 -0700170static int
Benjamin LaHaisec1b52732013-01-14 05:15:39 +0000171fw_change_attrs(struct net *net, struct tcf_proto *tp, struct fw_filter *f,
Cong Wang2f7ef2f2014-04-25 13:54:06 -0700172 struct nlattr **tb, struct nlattr **tca, unsigned long base, bool ovr)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700173{
WANG Conga8701a62014-01-09 16:14:03 -0800174 struct fw_head *head = tp->root;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700175 struct tcf_exts e;
Patrick McHardyb4e9b522006-08-25 16:11:42 -0700176 u32 mask;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700177 int err;
178
WANG Cong5da57f42013-12-15 20:15:07 -0800179 tcf_exts_init(&e, TCA_FW_ACT, TCA_FW_POLICE);
Cong Wang2f7ef2f2014-04-25 13:54:06 -0700180 err = tcf_exts_validate(net, tp, tb, tca[TCA_RATE], &e, ovr);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700181 if (err < 0)
182 return err;
183
Patrick McHardyadd93b62008-01-22 22:11:33 -0800184 if (tb[TCA_FW_CLASSID]) {
Patrick McHardy1587bac2008-01-23 20:35:03 -0800185 f->res.classid = nla_get_u32(tb[TCA_FW_CLASSID]);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700186 tcf_bind_filter(tp, &f->res, base);
187 }
188
189#ifdef CONFIG_NET_CLS_IND
Patrick McHardyadd93b62008-01-22 22:11:33 -0800190 if (tb[TCA_FW_INDEV]) {
WANG Cong2519a602014-01-09 16:14:02 -0800191 int ret;
192 ret = tcf_change_indev(net, tb[TCA_FW_INDEV]);
Wei Yongjun722e47d2014-01-17 09:53:20 +0800193 if (ret < 0) {
194 err = ret;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700195 goto errout;
Wei Yongjun722e47d2014-01-17 09:53:20 +0800196 }
WANG Cong2519a602014-01-09 16:14:02 -0800197 f->ifindex = ret;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700198 }
199#endif /* CONFIG_NET_CLS_IND */
200
Wei Yongjuncb95ec62013-04-17 16:49:10 +0000201 err = -EINVAL;
Patrick McHardyadd93b62008-01-22 22:11:33 -0800202 if (tb[TCA_FW_MASK]) {
Patrick McHardy1587bac2008-01-23 20:35:03 -0800203 mask = nla_get_u32(tb[TCA_FW_MASK]);
Patrick McHardyb4e9b522006-08-25 16:11:42 -0700204 if (mask != head->mask)
205 goto errout;
206 } else if (head->mask != 0xFFFFFFFF)
207 goto errout;
208
Linus Torvalds1da177e2005-04-16 15:20:36 -0700209 tcf_exts_change(tp, &f->exts, &e);
210
211 return 0;
212errout:
213 tcf_exts_destroy(tp, &e);
214 return err;
215}
216
Benjamin LaHaisec1b52732013-01-14 05:15:39 +0000217static int fw_change(struct net *net, struct sk_buff *in_skb,
Eric W. Biedermanaf4c6642012-05-25 13:42:45 -0600218 struct tcf_proto *tp, unsigned long base,
Linus Torvalds1da177e2005-04-16 15:20:36 -0700219 u32 handle,
Patrick McHardyadd93b62008-01-22 22:11:33 -0800220 struct nlattr **tca,
Cong Wang2f7ef2f2014-04-25 13:54:06 -0700221 unsigned long *arg, bool ovr)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700222{
WANG Conga8701a62014-01-09 16:14:03 -0800223 struct fw_head *head = tp->root;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700224 struct fw_filter *f = (struct fw_filter *) *arg;
Patrick McHardyadd93b62008-01-22 22:11:33 -0800225 struct nlattr *opt = tca[TCA_OPTIONS];
226 struct nlattr *tb[TCA_FW_MAX + 1];
Linus Torvalds1da177e2005-04-16 15:20:36 -0700227 int err;
228
229 if (!opt)
230 return handle ? -EINVAL : 0;
231
Patrick McHardy6fa8c012008-01-23 20:36:12 -0800232 err = nla_parse_nested(tb, TCA_FW_MAX, opt, fw_policy);
Patrick McHardycee63722008-01-23 20:33:32 -0800233 if (err < 0)
234 return err;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700235
236 if (f != NULL) {
237 if (f->id != handle && handle)
238 return -EINVAL;
Cong Wang2f7ef2f2014-04-25 13:54:06 -0700239 return fw_change_attrs(net, tp, f, tb, tca, base, ovr);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700240 }
241
242 if (!handle)
243 return -EINVAL;
244
245 if (head == NULL) {
Patrick McHardyb4e9b522006-08-25 16:11:42 -0700246 u32 mask = 0xFFFFFFFF;
Patrick McHardy6fa8c012008-01-23 20:36:12 -0800247 if (tb[TCA_FW_MASK])
Patrick McHardy1587bac2008-01-23 20:35:03 -0800248 mask = nla_get_u32(tb[TCA_FW_MASK]);
Patrick McHardyb4e9b522006-08-25 16:11:42 -0700249
Panagiotis Issaris0da974f2006-07-21 14:51:30 -0700250 head = kzalloc(sizeof(struct fw_head), GFP_KERNEL);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700251 if (head == NULL)
252 return -ENOBUFS;
Patrick McHardyb4e9b522006-08-25 16:11:42 -0700253 head->mask = mask;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700254
255 tcf_tree_lock(tp);
256 tp->root = head;
257 tcf_tree_unlock(tp);
258 }
259
Panagiotis Issaris0da974f2006-07-21 14:51:30 -0700260 f = kzalloc(sizeof(struct fw_filter), GFP_KERNEL);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700261 if (f == NULL)
262 return -ENOBUFS;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700263
WANG Cong5da57f42013-12-15 20:15:07 -0800264 tcf_exts_init(&f->exts, TCA_FW_ACT, TCA_FW_POLICE);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700265 f->id = handle;
266
Cong Wang2f7ef2f2014-04-25 13:54:06 -0700267 err = fw_change_attrs(net, tp, f, tb, tca, base, ovr);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700268 if (err < 0)
269 goto errout;
270
271 f->next = head->ht[fw_hash(handle)];
272 tcf_tree_lock(tp);
273 head->ht[fw_hash(handle)] = f;
274 tcf_tree_unlock(tp);
275
276 *arg = (unsigned long)f;
277 return 0;
278
279errout:
Jesper Juhla51482b2005-11-08 09:41:34 -0800280 kfree(f);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700281 return err;
282}
283
284static void fw_walk(struct tcf_proto *tp, struct tcf_walker *arg)
285{
WANG Conga8701a62014-01-09 16:14:03 -0800286 struct fw_head *head = tp->root;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700287 int h;
288
289 if (head == NULL)
290 arg->stop = 1;
291
292 if (arg->stop)
293 return;
294
Thomas Grafc5c13fa2005-04-24 20:19:54 -0700295 for (h = 0; h < HTSIZE; h++) {
Linus Torvalds1da177e2005-04-16 15:20:36 -0700296 struct fw_filter *f;
297
298 for (f = head->ht[h]; f; f = f->next) {
299 if (arg->count < arg->skip) {
300 arg->count++;
301 continue;
302 }
303 if (arg->fn(tp, (unsigned long)f, arg) < 0) {
304 arg->stop = 1;
305 return;
306 }
307 arg->count++;
308 }
309 }
310}
311
WANG Cong832d1d52014-01-09 16:14:01 -0800312static int fw_dump(struct net *net, struct tcf_proto *tp, unsigned long fh,
Linus Torvalds1da177e2005-04-16 15:20:36 -0700313 struct sk_buff *skb, struct tcmsg *t)
314{
WANG Conga8701a62014-01-09 16:14:03 -0800315 struct fw_head *head = tp->root;
Eric Dumazetcc7ec452011-01-19 19:26:56 +0000316 struct fw_filter *f = (struct fw_filter *)fh;
Arnaldo Carvalho de Melo27a884d2007-04-19 20:29:13 -0700317 unsigned char *b = skb_tail_pointer(skb);
Patrick McHardy4b3550ef2008-01-23 20:34:11 -0800318 struct nlattr *nest;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700319
320 if (f == NULL)
321 return skb->len;
322
323 t->tcm_handle = f->id;
324
325 if (!f->res.classid && !tcf_exts_is_available(&f->exts))
326 return skb->len;
327
Patrick McHardy4b3550ef2008-01-23 20:34:11 -0800328 nest = nla_nest_start(skb, TCA_OPTIONS);
329 if (nest == NULL)
330 goto nla_put_failure;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700331
David S. Miller1b34ec42012-03-29 05:11:39 -0400332 if (f->res.classid &&
333 nla_put_u32(skb, TCA_FW_CLASSID, f->res.classid))
334 goto nla_put_failure;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700335#ifdef CONFIG_NET_CLS_IND
WANG Cong2519a602014-01-09 16:14:02 -0800336 if (f->ifindex) {
337 struct net_device *dev;
338 dev = __dev_get_by_index(net, f->ifindex);
339 if (dev && nla_put_string(skb, TCA_FW_INDEV, dev->name))
340 goto nla_put_failure;
341 }
Linus Torvalds1da177e2005-04-16 15:20:36 -0700342#endif /* CONFIG_NET_CLS_IND */
David S. Miller1b34ec42012-03-29 05:11:39 -0400343 if (head->mask != 0xFFFFFFFF &&
344 nla_put_u32(skb, TCA_FW_MASK, head->mask))
345 goto nla_put_failure;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700346
WANG Cong5da57f42013-12-15 20:15:07 -0800347 if (tcf_exts_dump(skb, &f->exts) < 0)
Patrick McHardyadd93b62008-01-22 22:11:33 -0800348 goto nla_put_failure;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700349
Patrick McHardy4b3550ef2008-01-23 20:34:11 -0800350 nla_nest_end(skb, nest);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700351
WANG Cong5da57f42013-12-15 20:15:07 -0800352 if (tcf_exts_dump_stats(skb, &f->exts) < 0)
Patrick McHardyadd93b62008-01-22 22:11:33 -0800353 goto nla_put_failure;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700354
355 return skb->len;
356
Patrick McHardyadd93b62008-01-22 22:11:33 -0800357nla_put_failure:
Arnaldo Carvalho de Melodc5fc572007-03-25 23:06:12 -0700358 nlmsg_trim(skb, b);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700359 return -1;
360}
361
Patrick McHardy2eb9d752008-01-22 22:10:42 -0800362static struct tcf_proto_ops cls_fw_ops __read_mostly = {
Linus Torvalds1da177e2005-04-16 15:20:36 -0700363 .kind = "fw",
364 .classify = fw_classify,
365 .init = fw_init,
366 .destroy = fw_destroy,
367 .get = fw_get,
368 .put = fw_put,
369 .change = fw_change,
370 .delete = fw_delete,
371 .walk = fw_walk,
372 .dump = fw_dump,
373 .owner = THIS_MODULE,
374};
375
376static int __init init_fw(void)
377{
378 return register_tcf_proto_ops(&cls_fw_ops);
379}
380
YOSHIFUJI Hideaki10297b92007-02-09 23:25:16 +0900381static void __exit exit_fw(void)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700382{
383 unregister_tcf_proto_ops(&cls_fw_ops);
384}
385
386module_init(init_fw)
387module_exit(exit_fw)
388MODULE_LICENSE("GPL");