Blame - net/sched/cls_flower.c - kernel/msm-4.9

blob: 532ab67513437400983f1007dcea89c79ede64cc [file] [log] [blame]

Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	1	/*
				2	* net/sched/cls_flower.c Flower classifier
				3	*
				4	* Copyright (c) 2015 Jiri Pirko <jiri@resnulli.us>
				5	*
				6	* This program is free software; you can redistribute it and/or modify
				7	* it under the terms of the GNU General Public License as published by
				8	* the Free Software Foundation; either version 2 of the License, or
				9	* (at your option) any later version.
				10	*/
				11
				12	#include <linux/kernel.h>
				13	#include <linux/init.h>
				14	#include <linux/module.h>
				15	#include <linux/rhashtable.h>
				16
				17	#include <linux/if_ether.h>
				18	#include <linux/in6.h>
				19	#include <linux/ip.h>
				20
				21	#include <net/sch_generic.h>
				22	#include <net/pkt_cls.h>
				23	#include <net/ip.h>
				24	#include <net/flow_dissector.h>
				25
				26	struct fl_flow_key {
				27	int indev_ifindex;
Tom Herbert	42aecaa	2015-06-04 09:16:39 -0700	[diff] [blame]	28	struct flow_dissector_key_control control;
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	29	struct flow_dissector_key_basic basic;
				30	struct flow_dissector_key_eth_addrs eth;
Hadar Hen Zion	9399ae9	2016-08-17 13:36:13 +0300	[diff] [blame]	31	struct flow_dissector_key_vlan vlan;
Tom Herbert	c3f8324	2015-06-04 09:16:40 -0700	[diff] [blame]	32	struct flow_dissector_key_addrs ipaddrs;
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	33	union {
Tom Herbert	c3f8324	2015-06-04 09:16:40 -0700	[diff] [blame]	34	struct flow_dissector_key_ipv4_addrs ipv4;
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	35	struct flow_dissector_key_ipv6_addrs ipv6;
				36	};
				37	struct flow_dissector_key_ports tp;
				38	} __aligned(BITS_PER_LONG / 8); /* Ensure that we can do comparisons as longs. */
				39
				40	struct fl_flow_mask_range {
				41	unsigned short int start;
				42	unsigned short int end;
				43	};
				44
				45	struct fl_flow_mask {
				46	struct fl_flow_key key;
				47	struct fl_flow_mask_range range;
				48	struct rcu_head rcu;
				49	};
				50
				51	struct cls_fl_head {
				52	struct rhashtable ht;
				53	struct fl_flow_mask mask;
				54	struct flow_dissector dissector;
				55	u32 hgen;
				56	bool mask_assigned;
				57	struct list_head filters;
				58	struct rhashtable_params ht_params;
				59	struct rcu_head rcu;
				60	};
				61
				62	struct cls_fl_filter {
				63	struct rhash_head ht_node;
				64	struct fl_flow_key mkey;
				65	struct tcf_exts exts;
				66	struct tcf_result res;
				67	struct fl_flow_key key;
				68	struct list_head list;
				69	u32 handle;
Amir Vadai	e69985c	2016-06-05 17:11:18 +0300	[diff] [blame]	70	u32 flags;
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	71	struct rcu_head rcu;
				72	};
				73
				74	static unsigned short int fl_mask_range(const struct fl_flow_mask *mask)
				75	{
				76	return mask->range.end - mask->range.start;
				77	}
				78
				79	static void fl_mask_update_range(struct fl_flow_mask *mask)
				80	{
				81	const u8 bytes = (const u8 ) &mask->key;
				82	size_t size = sizeof(mask->key);
				83	size_t i, first = 0, last = size - 1;
				84
				85	for (i = 0; i < sizeof(mask->key); i++) {
				86	if (bytes[i]) {
				87	if (!first && i)
				88	first = i;
				89	last = i;
				90	}
				91	}
				92	mask->range.start = rounddown(first, sizeof(long));
				93	mask->range.end = roundup(last + 1, sizeof(long));
				94	}
				95
				96	static void fl_key_get_start(struct fl_flow_key key,
				97	const struct fl_flow_mask *mask)
				98	{
				99	return (u8 *) key + mask->range.start;
				100	}
				101
				102	static void fl_set_masked_key(struct fl_flow_key mkey, struct fl_flow_key key,
				103	struct fl_flow_mask *mask)
				104	{
				105	const long *lkey = fl_key_get_start(key, mask);
				106	const long *lmask = fl_key_get_start(&mask->key, mask);
				107	long *lmkey = fl_key_get_start(mkey, mask);
				108	int i;
				109
				110	for (i = 0; i < fl_mask_range(mask); i += sizeof(long))
				111	lmkey++ = lkey++ & *lmask++;
				112	}
				113
				114	static void fl_clear_masked_range(struct fl_flow_key *key,
				115	struct fl_flow_mask *mask)
				116	{
				117	memset(fl_key_get_start(key, mask), 0, fl_mask_range(mask));
				118	}
				119
				120	static int fl_classify(struct sk_buff skb, const struct tcf_proto tp,
				121	struct tcf_result *res)
				122	{
				123	struct cls_fl_head *head = rcu_dereference_bh(tp->root);
				124	struct cls_fl_filter *f;
				125	struct fl_flow_key skb_key;
				126	struct fl_flow_key skb_mkey;
				127
Amir Vadai	e69985c	2016-06-05 17:11:18 +0300	[diff] [blame]	128	if (!atomic_read(&head->ht.nelems))
				129	return -1;
				130
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	131	fl_clear_masked_range(&skb_key, &head->mask);
				132	skb_key.indev_ifindex = skb->skb_iif;
				133	/* skb_flow_dissect() does not set n_proto in case an unknown protocol,
				134	* so do it rather here.
				135	*/
				136	skb_key.basic.n_proto = skb->protocol;
Tom Herbert	cd79a23	2015-09-01 09:24:27 -0700	[diff] [blame]	137	skb_flow_dissect(skb, &head->dissector, &skb_key, 0);
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	138
				139	fl_set_masked_key(&skb_mkey, &skb_key, &head->mask);
				140
				141	f = rhashtable_lookup_fast(&head->ht,
				142	fl_key_get_start(&skb_mkey, &head->mask),
				143	head->ht_params);
Amir Vadai	e8eb36c	2016-06-13 12:06:39 +0300	[diff] [blame]	144	if (f && !tc_skip_sw(f->flags)) {
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	145	*res = f->res;
				146	return tcf_exts_exec(skb, &f->exts, res);
				147	}
				148	return -1;
				149	}
				150
				151	static int fl_init(struct tcf_proto *tp)
				152	{
				153	struct cls_fl_head *head;
				154
				155	head = kzalloc(sizeof(*head), GFP_KERNEL);
				156	if (!head)
				157	return -ENOBUFS;
				158
				159	INIT_LIST_HEAD_RCU(&head->filters);
				160	rcu_assign_pointer(tp->root, head);
				161
				162	return 0;
				163	}
				164
				165	static void fl_destroy_filter(struct rcu_head *head)
				166	{
				167	struct cls_fl_filter *f = container_of(head, struct cls_fl_filter, rcu);
				168
				169	tcf_exts_destroy(&f->exts);
				170	kfree(f);
				171	}
				172
Amir Vadai	8208d21	2016-03-11 11:08:45 +0200	[diff] [blame]	173	static void fl_hw_destroy_filter(struct tcf_proto *tp, unsigned long cookie)
Amir Vadai	5b33f48	2016-03-08 12:42:29 +0200	[diff] [blame]	174	{
				175	struct net_device *dev = tp->q->dev_queue->dev;
				176	struct tc_cls_flower_offload offload = {0};
				177	struct tc_to_netdev tc;
				178
Daniel Borkmann	92c075d	2016-06-06 22:50:39 +0200	[diff] [blame]	179	if (!tc_should_offload(dev, tp, 0))
Amir Vadai	5b33f48	2016-03-08 12:42:29 +0200	[diff] [blame]	180	return;
				181
				182	offload.command = TC_CLSFLOWER_DESTROY;
				183	offload.cookie = cookie;
				184
				185	tc.type = TC_SETUP_CLSFLOWER;
				186	tc.cls_flower = &offload;
				187
				188	dev->netdev_ops->ndo_setup_tc(dev, tp->q->handle, tp->protocol, &tc);
				189	}
				190
Amir Vadai	e8eb36c	2016-06-13 12:06:39 +0300	[diff] [blame]	191	static int fl_hw_replace_filter(struct tcf_proto *tp,
				192	struct flow_dissector *dissector,
				193	struct fl_flow_key *mask,
				194	struct fl_flow_key *key,
				195	struct tcf_exts *actions,
				196	unsigned long cookie, u32 flags)
Amir Vadai	5b33f48	2016-03-08 12:42:29 +0200	[diff] [blame]	197	{
				198	struct net_device *dev = tp->q->dev_queue->dev;
				199	struct tc_cls_flower_offload offload = {0};
				200	struct tc_to_netdev tc;
Amir Vadai	e8eb36c	2016-06-13 12:06:39 +0300	[diff] [blame]	201	int err;
Amir Vadai	5b33f48	2016-03-08 12:42:29 +0200	[diff] [blame]	202
Daniel Borkmann	92c075d	2016-06-06 22:50:39 +0200	[diff] [blame]	203	if (!tc_should_offload(dev, tp, flags))
Amir Vadai	e8eb36c	2016-06-13 12:06:39 +0300	[diff] [blame]	204	return tc_skip_sw(flags) ? -EINVAL : 0;
Amir Vadai	5b33f48	2016-03-08 12:42:29 +0200	[diff] [blame]	205
				206	offload.command = TC_CLSFLOWER_REPLACE;
				207	offload.cookie = cookie;
				208	offload.dissector = dissector;
				209	offload.mask = mask;
				210	offload.key = key;
				211	offload.exts = actions;
				212
				213	tc.type = TC_SETUP_CLSFLOWER;
				214	tc.cls_flower = &offload;
				215
Amir Vadai	e8eb36c	2016-06-13 12:06:39 +0300	[diff] [blame]	216	err = dev->netdev_ops->ndo_setup_tc(dev, tp->q->handle, tp->protocol, &tc);
				217
				218	if (tc_skip_sw(flags))
				219	return err;
				220
				221	return 0;
Amir Vadai	5b33f48	2016-03-08 12:42:29 +0200	[diff] [blame]	222	}
				223
Amir Vadai	10cbc68	2016-05-13 12:55:37 +0000	[diff] [blame]	224	static void fl_hw_update_stats(struct tcf_proto tp, struct cls_fl_filter f)
				225	{
				226	struct net_device *dev = tp->q->dev_queue->dev;
				227	struct tc_cls_flower_offload offload = {0};
				228	struct tc_to_netdev tc;
				229
Daniel Borkmann	92c075d	2016-06-06 22:50:39 +0200	[diff] [blame]	230	if (!tc_should_offload(dev, tp, 0))
Amir Vadai	10cbc68	2016-05-13 12:55:37 +0000	[diff] [blame]	231	return;
				232
				233	offload.command = TC_CLSFLOWER_STATS;
				234	offload.cookie = (unsigned long)f;
				235	offload.exts = &f->exts;
				236
				237	tc.type = TC_SETUP_CLSFLOWER;
				238	tc.cls_flower = &offload;
				239
				240	dev->netdev_ops->ndo_setup_tc(dev, tp->q->handle, tp->protocol, &tc);
				241	}
				242
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	243	static bool fl_destroy(struct tcf_proto *tp, bool force)
				244	{
				245	struct cls_fl_head *head = rtnl_dereference(tp->root);
				246	struct cls_fl_filter f, next;
				247
				248	if (!force && !list_empty(&head->filters))
				249	return false;
				250
				251	list_for_each_entry_safe(f, next, &head->filters, list) {
Amir Vadai	8208d21	2016-03-11 11:08:45 +0200	[diff] [blame]	252	fl_hw_destroy_filter(tp, (unsigned long)f);
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	253	list_del_rcu(&f->list);
				254	call_rcu(&f->rcu, fl_destroy_filter);
				255	}
				256	RCU_INIT_POINTER(tp->root, NULL);
				257	if (head->mask_assigned)
				258	rhashtable_destroy(&head->ht);
				259	kfree_rcu(head, rcu);
				260	return true;
				261	}
				262
				263	static unsigned long fl_get(struct tcf_proto *tp, u32 handle)
				264	{
				265	struct cls_fl_head *head = rtnl_dereference(tp->root);
				266	struct cls_fl_filter *f;
				267
				268	list_for_each_entry(f, &head->filters, list)
				269	if (f->handle == handle)
				270	return (unsigned long) f;
				271	return 0;
				272	}
				273
				274	static const struct nla_policy fl_policy[TCA_FLOWER_MAX + 1] = {
				275	[TCA_FLOWER_UNSPEC] = { .type = NLA_UNSPEC },
				276	[TCA_FLOWER_CLASSID] = { .type = NLA_U32 },
				277	[TCA_FLOWER_INDEV] = { .type = NLA_STRING,
				278	.len = IFNAMSIZ },
				279	[TCA_FLOWER_KEY_ETH_DST] = { .len = ETH_ALEN },
				280	[TCA_FLOWER_KEY_ETH_DST_MASK] = { .len = ETH_ALEN },
				281	[TCA_FLOWER_KEY_ETH_SRC] = { .len = ETH_ALEN },
				282	[TCA_FLOWER_KEY_ETH_SRC_MASK] = { .len = ETH_ALEN },
				283	[TCA_FLOWER_KEY_ETH_TYPE] = { .type = NLA_U16 },
				284	[TCA_FLOWER_KEY_IP_PROTO] = { .type = NLA_U8 },
				285	[TCA_FLOWER_KEY_IPV4_SRC] = { .type = NLA_U32 },
				286	[TCA_FLOWER_KEY_IPV4_SRC_MASK] = { .type = NLA_U32 },
				287	[TCA_FLOWER_KEY_IPV4_DST] = { .type = NLA_U32 },
				288	[TCA_FLOWER_KEY_IPV4_DST_MASK] = { .type = NLA_U32 },
				289	[TCA_FLOWER_KEY_IPV6_SRC] = { .len = sizeof(struct in6_addr) },
				290	[TCA_FLOWER_KEY_IPV6_SRC_MASK] = { .len = sizeof(struct in6_addr) },
				291	[TCA_FLOWER_KEY_IPV6_DST] = { .len = sizeof(struct in6_addr) },
				292	[TCA_FLOWER_KEY_IPV6_DST_MASK] = { .len = sizeof(struct in6_addr) },
				293	[TCA_FLOWER_KEY_TCP_SRC] = { .type = NLA_U16 },
				294	[TCA_FLOWER_KEY_TCP_DST] = { .type = NLA_U16 },
Jamal Hadi Salim	b175c3a	2015-06-25 06:55:27 -0400	[diff] [blame]	295	[TCA_FLOWER_KEY_UDP_SRC] = { .type = NLA_U16 },
				296	[TCA_FLOWER_KEY_UDP_DST] = { .type = NLA_U16 },
Hadar Hen Zion	9399ae9	2016-08-17 13:36:13 +0300	[diff] [blame]	297	[TCA_FLOWER_KEY_VLAN_ID] = { .type = NLA_U16 },
				298	[TCA_FLOWER_KEY_VLAN_PRIO] = { .type = NLA_U8 },
				299	[TCA_FLOWER_KEY_VLAN_ETH_TYPE] = { .type = NLA_U16 },
				300
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	301	};
				302
				303	static void fl_set_key_val(struct nlattr **tb,
				304	void *val, int val_type,
				305	void *mask, int mask_type, int len)
				306	{
				307	if (!tb[val_type])
				308	return;
				309	memcpy(val, nla_data(tb[val_type]), len);
				310	if (mask_type == TCA_FLOWER_UNSPEC \|\| !tb[mask_type])
				311	memset(mask, 0xff, len);
				312	else
				313	memcpy(mask, nla_data(tb[mask_type]), len);
				314	}
				315
Hadar Hen Zion	9399ae9	2016-08-17 13:36:13 +0300	[diff] [blame]	316	static void fl_set_key_vlan(struct nlattr **tb,
				317	struct flow_dissector_key_vlan *key_val,
				318	struct flow_dissector_key_vlan *key_mask)
				319	{
				320	#define VLAN_PRIORITY_MASK 0x7
				321
				322	if (tb[TCA_FLOWER_KEY_VLAN_ID]) {
				323	key_val->vlan_id =
				324	nla_get_u16(tb[TCA_FLOWER_KEY_VLAN_ID]) & VLAN_VID_MASK;
				325	key_mask->vlan_id = VLAN_VID_MASK;
				326	}
				327	if (tb[TCA_FLOWER_KEY_VLAN_PRIO]) {
				328	key_val->vlan_priority =
				329	nla_get_u8(tb[TCA_FLOWER_KEY_VLAN_PRIO]) &
				330	VLAN_PRIORITY_MASK;
				331	key_mask->vlan_priority = VLAN_PRIORITY_MASK;
				332	}
				333	}
				334
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	335	static int fl_set_key(struct net net, struct nlattr *tb,
				336	struct fl_flow_key key, struct fl_flow_key mask)
				337	{
Hadar Hen Zion	9399ae9	2016-08-17 13:36:13 +0300	[diff] [blame]	338	__be16 ethertype;
Brian Haley	dd3aa3b	2015-05-14 13:20:15 -0400	[diff] [blame]	339	#ifdef CONFIG_NET_CLS_IND
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	340	if (tb[TCA_FLOWER_INDEV]) {
Brian Haley	dd3aa3b	2015-05-14 13:20:15 -0400	[diff] [blame]	341	int err = tcf_change_indev(net, tb[TCA_FLOWER_INDEV]);
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	342	if (err < 0)
				343	return err;
				344	key->indev_ifindex = err;
				345	mask->indev_ifindex = 0xffffffff;
				346	}
Brian Haley	dd3aa3b	2015-05-14 13:20:15 -0400	[diff] [blame]	347	#endif
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	348
				349	fl_set_key_val(tb, key->eth.dst, TCA_FLOWER_KEY_ETH_DST,
				350	mask->eth.dst, TCA_FLOWER_KEY_ETH_DST_MASK,
				351	sizeof(key->eth.dst));
				352	fl_set_key_val(tb, key->eth.src, TCA_FLOWER_KEY_ETH_SRC,
				353	mask->eth.src, TCA_FLOWER_KEY_ETH_SRC_MASK,
				354	sizeof(key->eth.src));
Jamal Hadi Salim	66530bd	2016-01-10 11:47:01 -0500	[diff] [blame]	355
Hadar Hen Zion	9399ae9	2016-08-17 13:36:13 +0300	[diff] [blame]	356	if (tb[TCA_FLOWER_KEY_ETH_TYPE])
				357	ethertype = nla_get_be16(tb[TCA_FLOWER_KEY_ETH_TYPE]);
				358
				359	if (ethertype == htons(ETH_P_8021Q)) {
				360	fl_set_key_vlan(tb, &key->vlan, &mask->vlan);
				361	fl_set_key_val(tb, &key->basic.n_proto,
				362	TCA_FLOWER_KEY_VLAN_ETH_TYPE,
				363	&mask->basic.n_proto, TCA_FLOWER_UNSPEC,
				364	sizeof(key->basic.n_proto));
				365	} else {
				366	key->basic.n_proto = ethertype;
				367	mask->basic.n_proto = cpu_to_be16(~0);
				368	}
Jamal Hadi Salim	66530bd	2016-01-10 11:47:01 -0500	[diff] [blame]	369
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	370	if (key->basic.n_proto == htons(ETH_P_IP) \|\|
				371	key->basic.n_proto == htons(ETH_P_IPV6)) {
				372	fl_set_key_val(tb, &key->basic.ip_proto, TCA_FLOWER_KEY_IP_PROTO,
				373	&mask->basic.ip_proto, TCA_FLOWER_UNSPEC,
				374	sizeof(key->basic.ip_proto));
				375	}
Jamal Hadi Salim	66530bd	2016-01-10 11:47:01 -0500	[diff] [blame]	376
				377	if (tb[TCA_FLOWER_KEY_IPV4_SRC] \|\| tb[TCA_FLOWER_KEY_IPV4_DST]) {
				378	key->control.addr_type = FLOW_DISSECTOR_KEY_IPV4_ADDRS;
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	379	fl_set_key_val(tb, &key->ipv4.src, TCA_FLOWER_KEY_IPV4_SRC,
				380	&mask->ipv4.src, TCA_FLOWER_KEY_IPV4_SRC_MASK,
				381	sizeof(key->ipv4.src));
				382	fl_set_key_val(tb, &key->ipv4.dst, TCA_FLOWER_KEY_IPV4_DST,
				383	&mask->ipv4.dst, TCA_FLOWER_KEY_IPV4_DST_MASK,
				384	sizeof(key->ipv4.dst));
Jamal Hadi Salim	66530bd	2016-01-10 11:47:01 -0500	[diff] [blame]	385	} else if (tb[TCA_FLOWER_KEY_IPV6_SRC] \|\| tb[TCA_FLOWER_KEY_IPV6_DST]) {
				386	key->control.addr_type = FLOW_DISSECTOR_KEY_IPV6_ADDRS;
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	387	fl_set_key_val(tb, &key->ipv6.src, TCA_FLOWER_KEY_IPV6_SRC,
				388	&mask->ipv6.src, TCA_FLOWER_KEY_IPV6_SRC_MASK,
				389	sizeof(key->ipv6.src));
				390	fl_set_key_val(tb, &key->ipv6.dst, TCA_FLOWER_KEY_IPV6_DST,
				391	&mask->ipv6.dst, TCA_FLOWER_KEY_IPV6_DST_MASK,
				392	sizeof(key->ipv6.dst));
				393	}
Jamal Hadi Salim	66530bd	2016-01-10 11:47:01 -0500	[diff] [blame]	394
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	395	if (key->basic.ip_proto == IPPROTO_TCP) {
				396	fl_set_key_val(tb, &key->tp.src, TCA_FLOWER_KEY_TCP_SRC,
				397	&mask->tp.src, TCA_FLOWER_UNSPEC,
				398	sizeof(key->tp.src));
				399	fl_set_key_val(tb, &key->tp.dst, TCA_FLOWER_KEY_TCP_DST,
				400	&mask->tp.dst, TCA_FLOWER_UNSPEC,
				401	sizeof(key->tp.dst));
				402	} else if (key->basic.ip_proto == IPPROTO_UDP) {
				403	fl_set_key_val(tb, &key->tp.src, TCA_FLOWER_KEY_UDP_SRC,
				404	&mask->tp.src, TCA_FLOWER_UNSPEC,
				405	sizeof(key->tp.src));
				406	fl_set_key_val(tb, &key->tp.dst, TCA_FLOWER_KEY_UDP_DST,
				407	&mask->tp.dst, TCA_FLOWER_UNSPEC,
				408	sizeof(key->tp.dst));
				409	}
				410
				411	return 0;
				412	}
				413
				414	static bool fl_mask_eq(struct fl_flow_mask *mask1,
				415	struct fl_flow_mask *mask2)
				416	{
				417	const long *lmask1 = fl_key_get_start(&mask1->key, mask1);
				418	const long *lmask2 = fl_key_get_start(&mask2->key, mask2);
				419
				420	return !memcmp(&mask1->range, &mask2->range, sizeof(mask1->range)) &&
				421	!memcmp(lmask1, lmask2, fl_mask_range(mask1));
				422	}
				423
				424	static const struct rhashtable_params fl_ht_params = {
				425	.key_offset = offsetof(struct cls_fl_filter, mkey), /* base offset */
				426	.head_offset = offsetof(struct cls_fl_filter, ht_node),
				427	.automatic_shrinking = true,
				428	};
				429
				430	static int fl_init_hashtable(struct cls_fl_head *head,
				431	struct fl_flow_mask *mask)
				432	{
				433	head->ht_params = fl_ht_params;
				434	head->ht_params.key_len = fl_mask_range(mask);
				435	head->ht_params.key_offset += mask->range.start;
				436
				437	return rhashtable_init(&head->ht, &head->ht_params);
				438	}
				439
				440	#define FL_KEY_MEMBER_OFFSET(member) offsetof(struct fl_flow_key, member)
				441	#define FL_KEY_MEMBER_SIZE(member) (sizeof(((struct fl_flow_key *) 0)->member))
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	442
Hadar Hen Zion	339ba87	2016-08-17 13:36:12 +0300	[diff] [blame]	443	#define FL_KEY_IS_MASKED(mask, member) \
				444	memchr_inv(((char *)mask) + FL_KEY_MEMBER_OFFSET(member), \
				445	0, FL_KEY_MEMBER_SIZE(member)) \
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	446
				447	#define FL_KEY_SET(keys, cnt, id, member) \
				448	do { \
				449	keys[cnt].key_id = id; \
				450	keys[cnt].offset = FL_KEY_MEMBER_OFFSET(member); \
				451	cnt++; \
				452	} while(0);
				453
Hadar Hen Zion	339ba87	2016-08-17 13:36:12 +0300	[diff] [blame]	454	#define FL_KEY_SET_IF_MASKED(mask, keys, cnt, id, member) \
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	455	do { \
Hadar Hen Zion	339ba87	2016-08-17 13:36:12 +0300	[diff] [blame]	456	if (FL_KEY_IS_MASKED(mask, member)) \
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	457	FL_KEY_SET(keys, cnt, id, member); \
				458	} while(0);
				459
				460	static void fl_init_dissector(struct cls_fl_head *head,
				461	struct fl_flow_mask *mask)
				462	{
				463	struct flow_dissector_key keys[FLOW_DISSECTOR_KEY_MAX];
				464	size_t cnt = 0;
				465
Tom Herbert	42aecaa	2015-06-04 09:16:39 -0700	[diff] [blame]	466	FL_KEY_SET(keys, cnt, FLOW_DISSECTOR_KEY_CONTROL, control);
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	467	FL_KEY_SET(keys, cnt, FLOW_DISSECTOR_KEY_BASIC, basic);
Hadar Hen Zion	339ba87	2016-08-17 13:36:12 +0300	[diff] [blame]	468	FL_KEY_SET_IF_MASKED(&mask->key, keys, cnt,
				469	FLOW_DISSECTOR_KEY_ETH_ADDRS, eth);
				470	FL_KEY_SET_IF_MASKED(&mask->key, keys, cnt,
				471	FLOW_DISSECTOR_KEY_IPV4_ADDRS, ipv4);
				472	FL_KEY_SET_IF_MASKED(&mask->key, keys, cnt,
				473	FLOW_DISSECTOR_KEY_IPV6_ADDRS, ipv6);
				474	FL_KEY_SET_IF_MASKED(&mask->key, keys, cnt,
				475	FLOW_DISSECTOR_KEY_PORTS, tp);
Hadar Hen Zion	9399ae9	2016-08-17 13:36:13 +0300	[diff] [blame]	476	FL_KEY_SET_IF_MASKED(&mask->key, keys, cnt,
				477	FLOW_DISSECTOR_KEY_VLAN, vlan);
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	478
				479	skb_flow_dissector_init(&head->dissector, keys, cnt);
				480	}
				481
				482	static int fl_check_assign_mask(struct cls_fl_head *head,
				483	struct fl_flow_mask *mask)
				484	{
				485	int err;
				486
				487	if (head->mask_assigned) {
				488	if (!fl_mask_eq(&head->mask, mask))
				489	return -EINVAL;
				490	else
				491	return 0;
				492	}
				493
				494	/* Mask is not assigned yet. So assign it and init hashtable
				495	* according to that.
				496	*/
				497	err = fl_init_hashtable(head, mask);
				498	if (err)
				499	return err;
				500	memcpy(&head->mask, mask, sizeof(head->mask));
				501	head->mask_assigned = true;
				502
				503	fl_init_dissector(head, mask);
				504
				505	return 0;
				506	}
				507
				508	static int fl_set_parms(struct net net, struct tcf_proto tp,
				509	struct cls_fl_filter f, struct fl_flow_mask mask,
				510	unsigned long base, struct nlattr **tb,
				511	struct nlattr *est, bool ovr)
				512	{
				513	struct tcf_exts e;
				514	int err;
				515
WANG Cong	b9a24bb	2016-08-19 12:36:54 -0700	[diff] [blame^]	516	err = tcf_exts_init(&e, TCA_FLOWER_ACT, 0);
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	517	if (err < 0)
				518	return err;
WANG Cong	b9a24bb	2016-08-19 12:36:54 -0700	[diff] [blame^]	519	err = tcf_exts_validate(net, tp, tb, est, &e, ovr);
				520	if (err < 0)
				521	goto errout;
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	522
				523	if (tb[TCA_FLOWER_CLASSID]) {
				524	f->res.classid = nla_get_u32(tb[TCA_FLOWER_CLASSID]);
				525	tcf_bind_filter(tp, &f->res, base);
				526	}
				527
				528	err = fl_set_key(net, tb, &f->key, &mask->key);
				529	if (err)
				530	goto errout;
				531
				532	fl_mask_update_range(mask);
				533	fl_set_masked_key(&f->mkey, &f->key, mask);
				534
				535	tcf_exts_change(tp, &f->exts, &e);
				536
				537	return 0;
				538	errout:
				539	tcf_exts_destroy(&e);
				540	return err;
				541	}
				542
				543	static u32 fl_grab_new_handle(struct tcf_proto *tp,
				544	struct cls_fl_head *head)
				545	{
				546	unsigned int i = 0x80000000;
				547	u32 handle;
				548
				549	do {
				550	if (++head->hgen == 0x7FFFFFFF)
				551	head->hgen = 1;
				552	} while (--i > 0 && fl_get(tp, head->hgen));
				553
				554	if (unlikely(i == 0)) {
				555	pr_err("Insufficient number of handles\n");
				556	handle = 0;
				557	} else {
				558	handle = head->hgen;
				559	}
				560
				561	return handle;
				562	}
				563
				564	static int fl_change(struct net net, struct sk_buff in_skb,
				565	struct tcf_proto *tp, unsigned long base,
				566	u32 handle, struct nlattr **tca,
				567	unsigned long *arg, bool ovr)
				568	{
				569	struct cls_fl_head *head = rtnl_dereference(tp->root);
				570	struct cls_fl_filter fold = (struct cls_fl_filter ) *arg;
				571	struct cls_fl_filter *fnew;
				572	struct nlattr *tb[TCA_FLOWER_MAX + 1];
				573	struct fl_flow_mask mask = {};
				574	int err;
				575
				576	if (!tca[TCA_OPTIONS])
				577	return -EINVAL;
				578
				579	err = nla_parse_nested(tb, TCA_FLOWER_MAX, tca[TCA_OPTIONS], fl_policy);
				580	if (err < 0)
				581	return err;
				582
				583	if (fold && handle && fold->handle != handle)
				584	return -EINVAL;
				585
				586	fnew = kzalloc(sizeof(*fnew), GFP_KERNEL);
				587	if (!fnew)
				588	return -ENOBUFS;
				589
WANG Cong	b9a24bb	2016-08-19 12:36:54 -0700	[diff] [blame^]	590	err = tcf_exts_init(&fnew->exts, TCA_FLOWER_ACT, 0);
				591	if (err < 0)
				592	goto errout;
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	593
				594	if (!handle) {
				595	handle = fl_grab_new_handle(tp, head);
				596	if (!handle) {
				597	err = -EINVAL;
				598	goto errout;
				599	}
				600	}
				601	fnew->handle = handle;
				602
Amir Vadai	e69985c	2016-06-05 17:11:18 +0300	[diff] [blame]	603	if (tb[TCA_FLOWER_FLAGS]) {
				604	fnew->flags = nla_get_u32(tb[TCA_FLOWER_FLAGS]);
				605
				606	if (!tc_flags_valid(fnew->flags)) {
				607	err = -EINVAL;
				608	goto errout;
				609	}
				610	}
Amir Vadai	5b33f48	2016-03-08 12:42:29 +0200	[diff] [blame]	611
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	612	err = fl_set_parms(net, tp, fnew, &mask, base, tb, tca[TCA_RATE], ovr);
				613	if (err)
				614	goto errout;
				615
				616	err = fl_check_assign_mask(head, &mask);
				617	if (err)
				618	goto errout;
				619
Amir Vadai	e8eb36c	2016-06-13 12:06:39 +0300	[diff] [blame]	620	if (!tc_skip_sw(fnew->flags)) {
Amir Vadai	e69985c	2016-06-05 17:11:18 +0300	[diff] [blame]	621	err = rhashtable_insert_fast(&head->ht, &fnew->ht_node,
				622	head->ht_params);
				623	if (err)
				624	goto errout;
				625	}
Amir Vadai	5b33f48	2016-03-08 12:42:29 +0200	[diff] [blame]	626
Amir Vadai	e8eb36c	2016-06-13 12:06:39 +0300	[diff] [blame]	627	err = fl_hw_replace_filter(tp,
				628	&head->dissector,
				629	&mask.key,
				630	&fnew->key,
				631	&fnew->exts,
				632	(unsigned long)fnew,
				633	fnew->flags);
				634	if (err)
				635	goto errout;
Amir Vadai	5b33f48	2016-03-08 12:42:29 +0200	[diff] [blame]	636
				637	if (fold) {
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	638	rhashtable_remove_fast(&head->ht, &fold->ht_node,
				639	head->ht_params);
Amir Vadai	8208d21	2016-03-11 11:08:45 +0200	[diff] [blame]	640	fl_hw_destroy_filter(tp, (unsigned long)fold);
Amir Vadai	5b33f48	2016-03-08 12:42:29 +0200	[diff] [blame]	641	}
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	642
				643	*arg = (unsigned long) fnew;
				644
				645	if (fold) {
Daniel Borkmann	ff3532f	2015-07-17 22:38:44 +0200	[diff] [blame]	646	list_replace_rcu(&fold->list, &fnew->list);
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	647	tcf_unbind_filter(tp, &fold->res);
				648	call_rcu(&fold->rcu, fl_destroy_filter);
				649	} else {
				650	list_add_tail_rcu(&fnew->list, &head->filters);
				651	}
				652
				653	return 0;
				654
				655	errout:
WANG Cong	b9a24bb	2016-08-19 12:36:54 -0700	[diff] [blame^]	656	tcf_exts_destroy(&fnew->exts);
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	657	kfree(fnew);
				658	return err;
				659	}
				660
				661	static int fl_delete(struct tcf_proto *tp, unsigned long arg)
				662	{
				663	struct cls_fl_head *head = rtnl_dereference(tp->root);
				664	struct cls_fl_filter f = (struct cls_fl_filter ) arg;
				665
				666	rhashtable_remove_fast(&head->ht, &f->ht_node,
				667	head->ht_params);
				668	list_del_rcu(&f->list);
Amir Vadai	8208d21	2016-03-11 11:08:45 +0200	[diff] [blame]	669	fl_hw_destroy_filter(tp, (unsigned long)f);
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	670	tcf_unbind_filter(tp, &f->res);
				671	call_rcu(&f->rcu, fl_destroy_filter);
				672	return 0;
				673	}
				674
				675	static void fl_walk(struct tcf_proto tp, struct tcf_walker arg)
				676	{
				677	struct cls_fl_head *head = rtnl_dereference(tp->root);
				678	struct cls_fl_filter *f;
				679
				680	list_for_each_entry_rcu(f, &head->filters, list) {
				681	if (arg->count < arg->skip)
				682	goto skip;
				683	if (arg->fn(tp, (unsigned long) f, arg) < 0) {
				684	arg->stop = 1;
				685	break;
				686	}
				687	skip:
				688	arg->count++;
				689	}
				690	}
				691
				692	static int fl_dump_key_val(struct sk_buff *skb,
				693	void *val, int val_type,
				694	void *mask, int mask_type, int len)
				695	{
				696	int err;
				697
				698	if (!memchr_inv(mask, 0, len))
				699	return 0;
				700	err = nla_put(skb, val_type, len, val);
				701	if (err)
				702	return err;
				703	if (mask_type != TCA_FLOWER_UNSPEC) {
				704	err = nla_put(skb, mask_type, len, mask);
				705	if (err)
				706	return err;
				707	}
				708	return 0;
				709	}
				710
Hadar Hen Zion	9399ae9	2016-08-17 13:36:13 +0300	[diff] [blame]	711	static int fl_dump_key_vlan(struct sk_buff *skb,
				712	struct flow_dissector_key_vlan *vlan_key,
				713	struct flow_dissector_key_vlan *vlan_mask)
				714	{
				715	int err;
				716
				717	if (!memchr_inv(vlan_mask, 0, sizeof(*vlan_mask)))
				718	return 0;
				719	if (vlan_mask->vlan_id) {
				720	err = nla_put_u16(skb, TCA_FLOWER_KEY_VLAN_ID,
				721	vlan_key->vlan_id);
				722	if (err)
				723	return err;
				724	}
				725	if (vlan_mask->vlan_priority) {
				726	err = nla_put_u8(skb, TCA_FLOWER_KEY_VLAN_PRIO,
				727	vlan_key->vlan_priority);
				728	if (err)
				729	return err;
				730	}
				731	return 0;
				732	}
				733
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	734	static int fl_dump(struct net net, struct tcf_proto tp, unsigned long fh,
				735	struct sk_buff skb, struct tcmsg t)
				736	{
				737	struct cls_fl_head *head = rtnl_dereference(tp->root);
				738	struct cls_fl_filter f = (struct cls_fl_filter ) fh;
				739	struct nlattr *nest;
				740	struct fl_flow_key key, mask;
				741
				742	if (!f)
				743	return skb->len;
				744
				745	t->tcm_handle = f->handle;
				746
				747	nest = nla_nest_start(skb, TCA_OPTIONS);
				748	if (!nest)
				749	goto nla_put_failure;
				750
				751	if (f->res.classid &&
				752	nla_put_u32(skb, TCA_FLOWER_CLASSID, f->res.classid))
				753	goto nla_put_failure;
				754
				755	key = &f->key;
				756	mask = &head->mask.key;
				757
				758	if (mask->indev_ifindex) {
				759	struct net_device *dev;
				760
				761	dev = __dev_get_by_index(net, key->indev_ifindex);
				762	if (dev && nla_put_string(skb, TCA_FLOWER_INDEV, dev->name))
				763	goto nla_put_failure;
				764	}
				765
Amir Vadai	10cbc68	2016-05-13 12:55:37 +0000	[diff] [blame]	766	fl_hw_update_stats(tp, f);
				767
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	768	if (fl_dump_key_val(skb, key->eth.dst, TCA_FLOWER_KEY_ETH_DST,
				769	mask->eth.dst, TCA_FLOWER_KEY_ETH_DST_MASK,
				770	sizeof(key->eth.dst)) \|\|
				771	fl_dump_key_val(skb, key->eth.src, TCA_FLOWER_KEY_ETH_SRC,
				772	mask->eth.src, TCA_FLOWER_KEY_ETH_SRC_MASK,
				773	sizeof(key->eth.src)) \|\|
				774	fl_dump_key_val(skb, &key->basic.n_proto, TCA_FLOWER_KEY_ETH_TYPE,
				775	&mask->basic.n_proto, TCA_FLOWER_UNSPEC,
				776	sizeof(key->basic.n_proto)))
				777	goto nla_put_failure;
Hadar Hen Zion	9399ae9	2016-08-17 13:36:13 +0300	[diff] [blame]	778
				779	if (fl_dump_key_vlan(skb, &key->vlan, &mask->vlan))
				780	goto nla_put_failure;
				781
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	782	if ((key->basic.n_proto == htons(ETH_P_IP) \|\|
				783	key->basic.n_proto == htons(ETH_P_IPV6)) &&
				784	fl_dump_key_val(skb, &key->basic.ip_proto, TCA_FLOWER_KEY_IP_PROTO,
				785	&mask->basic.ip_proto, TCA_FLOWER_UNSPEC,
				786	sizeof(key->basic.ip_proto)))
				787	goto nla_put_failure;
				788
Tom Herbert	c3f8324	2015-06-04 09:16:40 -0700	[diff] [blame]	789	if (key->control.addr_type == FLOW_DISSECTOR_KEY_IPV4_ADDRS &&
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	790	(fl_dump_key_val(skb, &key->ipv4.src, TCA_FLOWER_KEY_IPV4_SRC,
				791	&mask->ipv4.src, TCA_FLOWER_KEY_IPV4_SRC_MASK,
				792	sizeof(key->ipv4.src)) \|\|
				793	fl_dump_key_val(skb, &key->ipv4.dst, TCA_FLOWER_KEY_IPV4_DST,
				794	&mask->ipv4.dst, TCA_FLOWER_KEY_IPV4_DST_MASK,
				795	sizeof(key->ipv4.dst))))
				796	goto nla_put_failure;
Tom Herbert	c3f8324	2015-06-04 09:16:40 -0700	[diff] [blame]	797	else if (key->control.addr_type == FLOW_DISSECTOR_KEY_IPV6_ADDRS &&
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	798	(fl_dump_key_val(skb, &key->ipv6.src, TCA_FLOWER_KEY_IPV6_SRC,
				799	&mask->ipv6.src, TCA_FLOWER_KEY_IPV6_SRC_MASK,
				800	sizeof(key->ipv6.src)) \|\|
				801	fl_dump_key_val(skb, &key->ipv6.dst, TCA_FLOWER_KEY_IPV6_DST,
				802	&mask->ipv6.dst, TCA_FLOWER_KEY_IPV6_DST_MASK,
				803	sizeof(key->ipv6.dst))))
				804	goto nla_put_failure;
				805
				806	if (key->basic.ip_proto == IPPROTO_TCP &&
				807	(fl_dump_key_val(skb, &key->tp.src, TCA_FLOWER_KEY_TCP_SRC,
				808	&mask->tp.src, TCA_FLOWER_UNSPEC,
				809	sizeof(key->tp.src)) \|\|
				810	fl_dump_key_val(skb, &key->tp.dst, TCA_FLOWER_KEY_TCP_DST,
				811	&mask->tp.dst, TCA_FLOWER_UNSPEC,
				812	sizeof(key->tp.dst))))
				813	goto nla_put_failure;
				814	else if (key->basic.ip_proto == IPPROTO_UDP &&
				815	(fl_dump_key_val(skb, &key->tp.src, TCA_FLOWER_KEY_UDP_SRC,
				816	&mask->tp.src, TCA_FLOWER_UNSPEC,
				817	sizeof(key->tp.src)) \|\|
				818	fl_dump_key_val(skb, &key->tp.dst, TCA_FLOWER_KEY_UDP_DST,
				819	&mask->tp.dst, TCA_FLOWER_UNSPEC,
				820	sizeof(key->tp.dst))))
				821	goto nla_put_failure;
				822
Amir Vadai	e69985c	2016-06-05 17:11:18 +0300	[diff] [blame]	823	nla_put_u32(skb, TCA_FLOWER_FLAGS, f->flags);
				824
Jiri Pirko	77b9900	2015-05-12 14:56:21 +0200	[diff] [blame]	825	if (tcf_exts_dump(skb, &f->exts))
				826	goto nla_put_failure;
				827
				828	nla_nest_end(skb, nest);
				829
				830	if (tcf_exts_dump_stats(skb, &f->exts) < 0)
				831	goto nla_put_failure;
				832
				833	return skb->len;
				834
				835	nla_put_failure:
				836	nla_nest_cancel(skb, nest);
				837	return -1;
				838	}
				839
				840	static struct tcf_proto_ops cls_fl_ops __read_mostly = {
				841	.kind = "flower",
				842	.classify = fl_classify,
				843	.init = fl_init,
				844	.destroy = fl_destroy,
				845	.get = fl_get,
				846	.change = fl_change,
				847	.delete = fl_delete,
				848	.walk = fl_walk,
				849	.dump = fl_dump,
				850	.owner = THIS_MODULE,
				851	};
				852
				853	static int __init cls_fl_init(void)
				854	{
				855	return register_tcf_proto_ops(&cls_fl_ops);
				856	}
				857
				858	static void __exit cls_fl_exit(void)
				859	{
				860	unregister_tcf_proto_ops(&cls_fl_ops);
				861	}
				862
				863	module_init(cls_fl_init);
				864	module_exit(cls_fl_exit);
				865
				866	MODULE_AUTHOR("Jiri Pirko <jiri@resnulli.us>");
				867	MODULE_DESCRIPTION("Flower classifier");
				868	MODULE_LICENSE("GPL v2");