1 // SPDX-License-Identifier: GPL-2.0-or-later
3 * net/sched/act_api.c Packet action API.
5 * Author: Jamal Hadi Salim
8 #include <linux/types.h>
9 #include <linux/kernel.h>
10 #include <linux/string.h>
11 #include <linux/errno.h>
12 #include <linux/slab.h>
13 #include <linux/skbuff.h>
14 #include <linux/init.h>
15 #include <linux/kmod.h>
16 #include <linux/err.h>
17 #include <linux/module.h>
18 #include <net/net_namespace.h>
20 #include <net/sch_generic.h>
21 #include <net/pkt_cls.h>
22 #include <net/act_api.h>
23 #include <net/netlink.h>
25 static void tcf_action_goto_chain_exec(const struct tc_action *a,
26 struct tcf_result *res)
28 const struct tcf_chain *chain = rcu_dereference_bh(a->goto_chain);
30 res->goto_tp = rcu_dereference_bh(chain->filter_chain);
33 static void tcf_free_cookie_rcu(struct rcu_head *p)
35 struct tc_cookie *cookie = container_of(p, struct tc_cookie, rcu);
41 static void tcf_set_action_cookie(struct tc_cookie __rcu **old_cookie,
42 struct tc_cookie *new_cookie)
44 struct tc_cookie *old;
46 old = xchg((__force struct tc_cookie **)old_cookie, new_cookie);
48 call_rcu(&old->rcu, tcf_free_cookie_rcu);
51 int tcf_action_check_ctrlact(int action, struct tcf_proto *tp,
52 struct tcf_chain **newchain,
53 struct netlink_ext_ack *extack)
55 int opcode = TC_ACT_EXT_OPCODE(action), ret = -EINVAL;
59 ret = action > TC_ACT_VALUE_MAX ? -EINVAL : 0;
60 else if (opcode <= TC_ACT_EXT_OPCODE_MAX || action == TC_ACT_UNSPEC)
63 NL_SET_ERR_MSG(extack, "invalid control action");
67 if (TC_ACT_EXT_CMP(action, TC_ACT_GOTO_CHAIN)) {
68 chain_index = action & TC_ACT_EXT_VAL_MASK;
69 if (!tp || !newchain) {
71 NL_SET_ERR_MSG(extack,
72 "can't goto NULL proto/chain");
75 *newchain = tcf_chain_get_by_act(tp->chain->block, chain_index);
78 NL_SET_ERR_MSG(extack,
79 "can't allocate goto_chain");
85 EXPORT_SYMBOL(tcf_action_check_ctrlact);
87 struct tcf_chain *tcf_action_set_ctrlact(struct tc_action *a, int action,
88 struct tcf_chain *goto_chain)
90 a->tcfa_action = action;
91 rcu_swap_protected(a->goto_chain, goto_chain, 1);
94 EXPORT_SYMBOL(tcf_action_set_ctrlact);
96 /* XXX: For standalone actions, we don't need a RCU grace period either, because
97 * actions are always connected to filters and filters are already destroyed in
98 * RCU callbacks, so after a RCU grace period actions are already disconnected
99 * from filters. Readers later can not find us.
101 static void free_tcf(struct tc_action *p)
103 struct tcf_chain *chain = rcu_dereference_protected(p->goto_chain, 1);
105 free_percpu(p->cpu_bstats);
106 free_percpu(p->cpu_bstats_hw);
107 free_percpu(p->cpu_qstats);
109 tcf_set_action_cookie(&p->act_cookie, NULL);
111 tcf_chain_put_by_act(chain);
116 static void tcf_action_cleanup(struct tc_action *p)
121 gen_kill_estimator(&p->tcfa_rate_est);
125 static int __tcf_action_put(struct tc_action *p, bool bind)
127 struct tcf_idrinfo *idrinfo = p->idrinfo;
129 if (refcount_dec_and_mutex_lock(&p->tcfa_refcnt, &idrinfo->lock)) {
131 atomic_dec(&p->tcfa_bindcnt);
132 idr_remove(&idrinfo->action_idr, p->tcfa_index);
133 mutex_unlock(&idrinfo->lock);
135 tcf_action_cleanup(p);
140 atomic_dec(&p->tcfa_bindcnt);
145 int __tcf_idr_release(struct tc_action *p, bool bind, bool strict)
149 /* Release with strict==1 and bind==0 is only called through act API
150 * interface (classifiers always bind). Only case when action with
151 * positive reference count and zero bind count can exist is when it was
152 * also created with act API (unbinding last classifier will destroy the
153 * action if it was created by classifier). So only case when bind count
154 * can be changed after initial check is when unbound action is
155 * destroyed by act API while classifier binds to action with same id
156 * concurrently. This result either creation of new action(same behavior
157 * as before), or reusing existing action if concurrent process
158 * increments reference count before action is deleted. Both scenarios
162 if (!bind && strict && atomic_read(&p->tcfa_bindcnt) > 0)
165 if (__tcf_action_put(p, bind))
171 EXPORT_SYMBOL(__tcf_idr_release);
173 static size_t tcf_action_shared_attrs_size(const struct tc_action *act)
175 struct tc_cookie *act_cookie;
179 act_cookie = rcu_dereference(act->act_cookie);
182 cookie_len = nla_total_size(act_cookie->len);
185 return nla_total_size(0) /* action number nested */
186 + nla_total_size(IFNAMSIZ) /* TCA_ACT_KIND */
187 + cookie_len /* TCA_ACT_COOKIE */
188 + nla_total_size(0) /* TCA_ACT_STATS nested */
189 /* TCA_STATS_BASIC */
190 + nla_total_size_64bit(sizeof(struct gnet_stats_basic))
191 /* TCA_STATS_QUEUE */
192 + nla_total_size_64bit(sizeof(struct gnet_stats_queue))
193 + nla_total_size(0) /* TCA_OPTIONS nested */
194 + nla_total_size(sizeof(struct tcf_t)); /* TCA_GACT_TM */
197 static size_t tcf_action_full_attrs_size(size_t sz)
199 return NLMSG_HDRLEN /* struct nlmsghdr */
200 + sizeof(struct tcamsg)
201 + nla_total_size(0) /* TCA_ACT_TAB nested */
205 static size_t tcf_action_fill_size(const struct tc_action *act)
207 size_t sz = tcf_action_shared_attrs_size(act);
209 if (act->ops->get_fill_size)
210 return act->ops->get_fill_size(act) + sz;
214 static int tcf_dump_walker(struct tcf_idrinfo *idrinfo, struct sk_buff *skb,
215 struct netlink_callback *cb)
217 int err = 0, index = -1, s_i = 0, n_i = 0;
218 u32 act_flags = cb->args[2];
219 unsigned long jiffy_since = cb->args[3];
221 struct idr *idr = &idrinfo->action_idr;
223 unsigned long id = 1;
225 mutex_lock(&idrinfo->lock);
229 idr_for_each_entry_ul(idr, p, id) {
235 time_after(jiffy_since,
236 (unsigned long)p->tcfa_tm.lastuse))
239 nest = nla_nest_start_noflag(skb, n_i);
242 goto nla_put_failure;
244 err = tcf_action_dump_1(skb, p, 0, 0);
247 nlmsg_trim(skb, nest);
250 nla_nest_end(skb, nest);
252 if (!(act_flags & TCA_FLAG_LARGE_DUMP_ON) &&
253 n_i >= TCA_ACT_MAX_PRIO)
258 cb->args[0] = index + 1;
260 mutex_unlock(&idrinfo->lock);
262 if (act_flags & TCA_FLAG_LARGE_DUMP_ON)
268 nla_nest_cancel(skb, nest);
272 static int tcf_idr_release_unsafe(struct tc_action *p)
274 if (atomic_read(&p->tcfa_bindcnt) > 0)
277 if (refcount_dec_and_test(&p->tcfa_refcnt)) {
278 idr_remove(&p->idrinfo->action_idr, p->tcfa_index);
279 tcf_action_cleanup(p);
280 return ACT_P_DELETED;
286 static int tcf_del_walker(struct tcf_idrinfo *idrinfo, struct sk_buff *skb,
287 const struct tc_action_ops *ops)
292 struct idr *idr = &idrinfo->action_idr;
294 unsigned long id = 1;
296 nest = nla_nest_start_noflag(skb, 0);
298 goto nla_put_failure;
299 if (nla_put_string(skb, TCA_KIND, ops->kind))
300 goto nla_put_failure;
302 mutex_lock(&idrinfo->lock);
303 idr_for_each_entry_ul(idr, p, id) {
304 ret = tcf_idr_release_unsafe(p);
305 if (ret == ACT_P_DELETED) {
306 module_put(ops->owner);
308 } else if (ret < 0) {
309 mutex_unlock(&idrinfo->lock);
310 goto nla_put_failure;
313 mutex_unlock(&idrinfo->lock);
315 if (nla_put_u32(skb, TCA_FCNT, n_i))
316 goto nla_put_failure;
317 nla_nest_end(skb, nest);
321 nla_nest_cancel(skb, nest);
325 int tcf_generic_walker(struct tc_action_net *tn, struct sk_buff *skb,
326 struct netlink_callback *cb, int type,
327 const struct tc_action_ops *ops,
328 struct netlink_ext_ack *extack)
330 struct tcf_idrinfo *idrinfo = tn->idrinfo;
332 if (type == RTM_DELACTION) {
333 return tcf_del_walker(idrinfo, skb, ops);
334 } else if (type == RTM_GETACTION) {
335 return tcf_dump_walker(idrinfo, skb, cb);
337 WARN(1, "tcf_generic_walker: unknown command %d\n", type);
338 NL_SET_ERR_MSG(extack, "tcf_generic_walker: unknown command");
342 EXPORT_SYMBOL(tcf_generic_walker);
344 int tcf_idr_search(struct tc_action_net *tn, struct tc_action **a, u32 index)
346 struct tcf_idrinfo *idrinfo = tn->idrinfo;
349 mutex_lock(&idrinfo->lock);
350 p = idr_find(&idrinfo->action_idr, index);
354 refcount_inc(&p->tcfa_refcnt);
355 mutex_unlock(&idrinfo->lock);
363 EXPORT_SYMBOL(tcf_idr_search);
365 static int tcf_idr_delete_index(struct tcf_idrinfo *idrinfo, u32 index)
370 mutex_lock(&idrinfo->lock);
371 p = idr_find(&idrinfo->action_idr, index);
373 mutex_unlock(&idrinfo->lock);
377 if (!atomic_read(&p->tcfa_bindcnt)) {
378 if (refcount_dec_and_test(&p->tcfa_refcnt)) {
379 struct module *owner = p->ops->owner;
381 WARN_ON(p != idr_remove(&idrinfo->action_idr,
383 mutex_unlock(&idrinfo->lock);
385 tcf_action_cleanup(p);
394 mutex_unlock(&idrinfo->lock);
398 int tcf_idr_create(struct tc_action_net *tn, u32 index, struct nlattr *est,
399 struct tc_action **a, const struct tc_action_ops *ops,
400 int bind, bool cpustats)
402 struct tc_action *p = kzalloc(ops->size, GFP_KERNEL);
403 struct tcf_idrinfo *idrinfo = tn->idrinfo;
408 refcount_set(&p->tcfa_refcnt, 1);
410 atomic_set(&p->tcfa_bindcnt, 1);
413 p->cpu_bstats = netdev_alloc_pcpu_stats(struct gnet_stats_basic_cpu);
416 p->cpu_bstats_hw = netdev_alloc_pcpu_stats(struct gnet_stats_basic_cpu);
417 if (!p->cpu_bstats_hw)
419 p->cpu_qstats = alloc_percpu(struct gnet_stats_queue);
423 spin_lock_init(&p->tcfa_lock);
424 p->tcfa_index = index;
425 p->tcfa_tm.install = jiffies;
426 p->tcfa_tm.lastuse = jiffies;
427 p->tcfa_tm.firstuse = 0;
429 err = gen_new_estimator(&p->tcfa_bstats, p->cpu_bstats,
431 &p->tcfa_lock, NULL, est);
436 p->idrinfo = idrinfo;
441 free_percpu(p->cpu_qstats);
443 free_percpu(p->cpu_bstats_hw);
445 free_percpu(p->cpu_bstats);
450 EXPORT_SYMBOL(tcf_idr_create);
452 void tcf_idr_insert(struct tc_action_net *tn, struct tc_action *a)
454 struct tcf_idrinfo *idrinfo = tn->idrinfo;
456 mutex_lock(&idrinfo->lock);
457 /* Replace ERR_PTR(-EBUSY) allocated by tcf_idr_check_alloc */
458 WARN_ON(!IS_ERR(idr_replace(&idrinfo->action_idr, a, a->tcfa_index)));
459 mutex_unlock(&idrinfo->lock);
461 EXPORT_SYMBOL(tcf_idr_insert);
463 /* Cleanup idr index that was allocated but not initialized. */
465 void tcf_idr_cleanup(struct tc_action_net *tn, u32 index)
467 struct tcf_idrinfo *idrinfo = tn->idrinfo;
469 mutex_lock(&idrinfo->lock);
470 /* Remove ERR_PTR(-EBUSY) allocated by tcf_idr_check_alloc */
471 WARN_ON(!IS_ERR(idr_remove(&idrinfo->action_idr, index)));
472 mutex_unlock(&idrinfo->lock);
474 EXPORT_SYMBOL(tcf_idr_cleanup);
476 /* Check if action with specified index exists. If actions is found, increments
477 * its reference and bind counters, and return 1. Otherwise insert temporary
478 * error pointer (to prevent concurrent users from inserting actions with same
479 * index) and return 0.
482 int tcf_idr_check_alloc(struct tc_action_net *tn, u32 *index,
483 struct tc_action **a, int bind)
485 struct tcf_idrinfo *idrinfo = tn->idrinfo;
490 mutex_lock(&idrinfo->lock);
492 p = idr_find(&idrinfo->action_idr, *index);
494 /* This means that another process allocated
495 * index but did not assign the pointer yet.
497 mutex_unlock(&idrinfo->lock);
502 refcount_inc(&p->tcfa_refcnt);
504 atomic_inc(&p->tcfa_bindcnt);
509 ret = idr_alloc_u32(&idrinfo->action_idr, NULL, index,
512 idr_replace(&idrinfo->action_idr,
513 ERR_PTR(-EBUSY), *index);
518 ret = idr_alloc_u32(&idrinfo->action_idr, NULL, index,
519 UINT_MAX, GFP_KERNEL);
521 idr_replace(&idrinfo->action_idr, ERR_PTR(-EBUSY),
524 mutex_unlock(&idrinfo->lock);
527 EXPORT_SYMBOL(tcf_idr_check_alloc);
529 void tcf_idrinfo_destroy(const struct tc_action_ops *ops,
530 struct tcf_idrinfo *idrinfo)
532 struct idr *idr = &idrinfo->action_idr;
535 unsigned long id = 1;
537 idr_for_each_entry_ul(idr, p, id) {
538 ret = __tcf_idr_release(p, false, true);
539 if (ret == ACT_P_DELETED)
540 module_put(ops->owner);
544 idr_destroy(&idrinfo->action_idr);
546 EXPORT_SYMBOL(tcf_idrinfo_destroy);
548 static LIST_HEAD(act_base);
549 static DEFINE_RWLOCK(act_mod_lock);
551 int tcf_register_action(struct tc_action_ops *act,
552 struct pernet_operations *ops)
554 struct tc_action_ops *a;
557 if (!act->act || !act->dump || !act->init || !act->walk || !act->lookup)
560 /* We have to register pernet ops before making the action ops visible,
561 * otherwise tcf_action_init_1() could get a partially initialized
564 ret = register_pernet_subsys(ops);
568 write_lock(&act_mod_lock);
569 list_for_each_entry(a, &act_base, head) {
570 if (act->id == a->id || (strcmp(act->kind, a->kind) == 0)) {
571 write_unlock(&act_mod_lock);
572 unregister_pernet_subsys(ops);
576 list_add_tail(&act->head, &act_base);
577 write_unlock(&act_mod_lock);
581 EXPORT_SYMBOL(tcf_register_action);
583 int tcf_unregister_action(struct tc_action_ops *act,
584 struct pernet_operations *ops)
586 struct tc_action_ops *a;
589 write_lock(&act_mod_lock);
590 list_for_each_entry(a, &act_base, head) {
592 list_del(&act->head);
597 write_unlock(&act_mod_lock);
599 unregister_pernet_subsys(ops);
602 EXPORT_SYMBOL(tcf_unregister_action);
605 static struct tc_action_ops *tc_lookup_action_n(char *kind)
607 struct tc_action_ops *a, *res = NULL;
610 read_lock(&act_mod_lock);
611 list_for_each_entry(a, &act_base, head) {
612 if (strcmp(kind, a->kind) == 0) {
613 if (try_module_get(a->owner))
618 read_unlock(&act_mod_lock);
623 /* lookup by nlattr */
624 static struct tc_action_ops *tc_lookup_action(struct nlattr *kind)
626 struct tc_action_ops *a, *res = NULL;
629 read_lock(&act_mod_lock);
630 list_for_each_entry(a, &act_base, head) {
631 if (nla_strcmp(kind, a->kind) == 0) {
632 if (try_module_get(a->owner))
637 read_unlock(&act_mod_lock);
642 /*TCA_ACT_MAX_PRIO is 32, there count upto 32 */
643 #define TCA_ACT_MAX_PRIO_MASK 0x1FF
644 int tcf_action_exec(struct sk_buff *skb, struct tc_action **actions,
645 int nr_actions, struct tcf_result *res)
648 u32 jmp_ttl = TCA_ACT_MAX_PRIO; /*matches actions per filter */
652 if (skb_skip_tc_classify(skb))
656 for (i = 0; i < nr_actions; i++) {
657 const struct tc_action *a = actions[i];
659 if (jmp_prgcnt > 0) {
664 ret = a->ops->act(skb, a, res);
665 if (ret == TC_ACT_REPEAT)
666 goto repeat; /* we need a ttl - JHS */
668 if (TC_ACT_EXT_CMP(ret, TC_ACT_JUMP)) {
669 jmp_prgcnt = ret & TCA_ACT_MAX_PRIO_MASK;
670 if (!jmp_prgcnt || (jmp_prgcnt > nr_actions)) {
671 /* faulty opcode, stop pipeline */
676 goto restart_act_graph;
677 else /* faulty graph, stop pipeline */
680 } else if (TC_ACT_EXT_CMP(ret, TC_ACT_GOTO_CHAIN)) {
681 if (unlikely(!rcu_access_pointer(a->goto_chain))) {
682 net_warn_ratelimited("can't go to NULL chain!\n");
685 tcf_action_goto_chain_exec(a, res);
688 if (ret != TC_ACT_PIPE)
694 EXPORT_SYMBOL(tcf_action_exec);
696 int tcf_action_destroy(struct tc_action *actions[], int bind)
698 const struct tc_action_ops *ops;
702 for (i = 0; i < TCA_ACT_MAX_PRIO && actions[i]; i++) {
706 ret = __tcf_idr_release(a, bind, true);
707 if (ret == ACT_P_DELETED)
708 module_put(ops->owner);
715 static int tcf_action_destroy_1(struct tc_action *a, int bind)
717 struct tc_action *actions[] = { a, NULL };
719 return tcf_action_destroy(actions, bind);
722 static int tcf_action_put(struct tc_action *p)
724 return __tcf_action_put(p, false);
727 /* Put all actions in this array, skip those NULL's. */
728 static void tcf_action_put_many(struct tc_action *actions[])
732 for (i = 0; i < TCA_ACT_MAX_PRIO; i++) {
733 struct tc_action *a = actions[i];
734 const struct tc_action_ops *ops;
739 if (tcf_action_put(a))
740 module_put(ops->owner);
745 tcf_action_dump_old(struct sk_buff *skb, struct tc_action *a, int bind, int ref)
747 return a->ops->dump(skb, a, bind, ref);
751 tcf_action_dump_1(struct sk_buff *skb, struct tc_action *a, int bind, int ref)
754 unsigned char *b = skb_tail_pointer(skb);
756 struct tc_cookie *cookie;
758 if (nla_put_string(skb, TCA_KIND, a->ops->kind))
759 goto nla_put_failure;
760 if (tcf_action_copy_stats(skb, a, 0))
761 goto nla_put_failure;
764 cookie = rcu_dereference(a->act_cookie);
766 if (nla_put(skb, TCA_ACT_COOKIE, cookie->len, cookie->data)) {
768 goto nla_put_failure;
773 nest = nla_nest_start_noflag(skb, TCA_OPTIONS);
775 goto nla_put_failure;
776 err = tcf_action_dump_old(skb, a, bind, ref);
778 nla_nest_end(skb, nest);
786 EXPORT_SYMBOL(tcf_action_dump_1);
788 int tcf_action_dump(struct sk_buff *skb, struct tc_action *actions[],
792 int err = -EINVAL, i;
795 for (i = 0; i < TCA_ACT_MAX_PRIO && actions[i]; i++) {
797 nest = nla_nest_start_noflag(skb, i + 1);
799 goto nla_put_failure;
800 err = tcf_action_dump_1(skb, a, bind, ref);
803 nla_nest_end(skb, nest);
811 nla_nest_cancel(skb, nest);
815 static struct tc_cookie *nla_memdup_cookie(struct nlattr **tb)
817 struct tc_cookie *c = kzalloc(sizeof(*c), GFP_KERNEL);
821 c->data = nla_memdup(tb[TCA_ACT_COOKIE], GFP_KERNEL);
826 c->len = nla_len(tb[TCA_ACT_COOKIE]);
831 struct tc_action *tcf_action_init_1(struct net *net, struct tcf_proto *tp,
832 struct nlattr *nla, struct nlattr *est,
833 char *name, int ovr, int bind,
835 struct netlink_ext_ack *extack)
838 struct tc_action_ops *a_o;
839 struct tc_cookie *cookie = NULL;
840 char act_name[IFNAMSIZ];
841 struct nlattr *tb[TCA_ACT_MAX + 1];
846 err = nla_parse_nested_deprecated(tb, TCA_ACT_MAX, nla, NULL,
851 kind = tb[TCA_ACT_KIND];
853 NL_SET_ERR_MSG(extack, "TC action kind must be specified");
856 if (nla_strlcpy(act_name, kind, IFNAMSIZ) >= IFNAMSIZ) {
857 NL_SET_ERR_MSG(extack, "TC action name too long");
860 if (tb[TCA_ACT_COOKIE]) {
861 int cklen = nla_len(tb[TCA_ACT_COOKIE]);
863 if (cklen > TC_COOKIE_MAX_SIZE) {
864 NL_SET_ERR_MSG(extack, "TC cookie size above the maximum");
868 cookie = nla_memdup_cookie(tb);
870 NL_SET_ERR_MSG(extack, "No memory to generate TC cookie");
876 if (strlcpy(act_name, name, IFNAMSIZ) >= IFNAMSIZ) {
877 NL_SET_ERR_MSG(extack, "TC action name too long");
883 a_o = tc_lookup_action_n(act_name);
885 #ifdef CONFIG_MODULES
888 request_module("act_%s", act_name);
892 a_o = tc_lookup_action_n(act_name);
894 /* We dropped the RTNL semaphore in order to
895 * perform the module load. So, even if we
896 * succeeded in loading the module we have to
897 * tell the caller to replay the request. We
898 * indicate this using -EAGAIN.
905 NL_SET_ERR_MSG(extack, "Failed to load TC action module");
910 /* backward compatibility for policer */
912 err = a_o->init(net, tb[TCA_ACT_OPTIONS], est, &a, ovr, bind,
913 rtnl_held, tp, extack);
915 err = a_o->init(net, nla, est, &a, ovr, bind, rtnl_held,
920 if (!name && tb[TCA_ACT_COOKIE])
921 tcf_set_action_cookie(&a->act_cookie, cookie);
923 /* module count goes up only when brand new policy is created
924 * if it exists and is only bound to in a_o->init() then
925 * ACT_P_CREATED is not returned (a zero is).
927 if (err != ACT_P_CREATED)
928 module_put(a_o->owner);
930 if (TC_ACT_EXT_CMP(a->tcfa_action, TC_ACT_GOTO_CHAIN) &&
931 !rcu_access_pointer(a->goto_chain)) {
932 tcf_action_destroy_1(a, bind);
933 NL_SET_ERR_MSG(extack, "can't use goto chain with NULL chain");
934 return ERR_PTR(-EINVAL);
940 module_put(a_o->owner);
949 /* Returns numbers of initialized actions or negative error. */
951 int tcf_action_init(struct net *net, struct tcf_proto *tp, struct nlattr *nla,
952 struct nlattr *est, char *name, int ovr, int bind,
953 struct tc_action *actions[], size_t *attr_size,
954 bool rtnl_held, struct netlink_ext_ack *extack)
956 struct nlattr *tb[TCA_ACT_MAX_PRIO + 1];
957 struct tc_action *act;
962 err = nla_parse_nested_deprecated(tb, TCA_ACT_MAX_PRIO, nla, NULL,
967 for (i = 1; i <= TCA_ACT_MAX_PRIO && tb[i]; i++) {
968 act = tcf_action_init_1(net, tp, tb[i], est, name, ovr, bind,
975 sz += tcf_action_fill_size(act);
976 /* Start from index 0 */
977 actions[i - 1] = act;
980 *attr_size = tcf_action_full_attrs_size(sz);
984 tcf_action_destroy(actions, bind);
988 int tcf_action_copy_stats(struct sk_buff *skb, struct tc_action *p,
997 /* compat_mode being true specifies a call that is supposed
998 * to add additional backward compatibility statistic TLVs.
1001 if (p->type == TCA_OLD_COMPAT)
1002 err = gnet_stats_start_copy_compat(skb, 0,
1010 err = gnet_stats_start_copy(skb, TCA_ACT_STATS,
1011 &p->tcfa_lock, &d, TCA_ACT_PAD);
1016 if (gnet_stats_copy_basic(NULL, &d, p->cpu_bstats, &p->tcfa_bstats) < 0 ||
1017 gnet_stats_copy_basic_hw(NULL, &d, p->cpu_bstats_hw,
1018 &p->tcfa_bstats_hw) < 0 ||
1019 gnet_stats_copy_rate_est(&d, &p->tcfa_rate_est) < 0 ||
1020 gnet_stats_copy_queue(&d, p->cpu_qstats,
1022 p->tcfa_qstats.qlen) < 0)
1025 if (gnet_stats_finish_copy(&d) < 0)
1034 static int tca_get_fill(struct sk_buff *skb, struct tc_action *actions[],
1035 u32 portid, u32 seq, u16 flags, int event, int bind,
1039 struct nlmsghdr *nlh;
1040 unsigned char *b = skb_tail_pointer(skb);
1041 struct nlattr *nest;
1043 nlh = nlmsg_put(skb, portid, seq, event, sizeof(*t), flags);
1045 goto out_nlmsg_trim;
1046 t = nlmsg_data(nlh);
1047 t->tca_family = AF_UNSPEC;
1051 nest = nla_nest_start_noflag(skb, TCA_ACT_TAB);
1053 goto out_nlmsg_trim;
1055 if (tcf_action_dump(skb, actions, bind, ref) < 0)
1056 goto out_nlmsg_trim;
1058 nla_nest_end(skb, nest);
1060 nlh->nlmsg_len = skb_tail_pointer(skb) - b;
1069 tcf_get_notify(struct net *net, u32 portid, struct nlmsghdr *n,
1070 struct tc_action *actions[], int event,
1071 struct netlink_ext_ack *extack)
1073 struct sk_buff *skb;
1075 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL);
1078 if (tca_get_fill(skb, actions, portid, n->nlmsg_seq, 0, event,
1080 NL_SET_ERR_MSG(extack, "Failed to fill netlink attributes while adding TC action");
1085 return rtnl_unicast(skb, net, portid);
1088 static struct tc_action *tcf_action_get_1(struct net *net, struct nlattr *nla,
1089 struct nlmsghdr *n, u32 portid,
1090 struct netlink_ext_ack *extack)
1092 struct nlattr *tb[TCA_ACT_MAX + 1];
1093 const struct tc_action_ops *ops;
1094 struct tc_action *a;
1098 err = nla_parse_nested_deprecated(tb, TCA_ACT_MAX, nla, NULL, extack);
1103 if (tb[TCA_ACT_INDEX] == NULL ||
1104 nla_len(tb[TCA_ACT_INDEX]) < sizeof(index)) {
1105 NL_SET_ERR_MSG(extack, "Invalid TC action index value");
1108 index = nla_get_u32(tb[TCA_ACT_INDEX]);
1111 ops = tc_lookup_action(tb[TCA_ACT_KIND]);
1112 if (!ops) { /* could happen in batch of actions */
1113 NL_SET_ERR_MSG(extack, "Specified TC action kind not found");
1117 if (ops->lookup(net, &a, index) == 0) {
1118 NL_SET_ERR_MSG(extack, "TC action with specified index not found");
1122 module_put(ops->owner);
1126 module_put(ops->owner);
1128 return ERR_PTR(err);
1131 static int tca_action_flush(struct net *net, struct nlattr *nla,
1132 struct nlmsghdr *n, u32 portid,
1133 struct netlink_ext_ack *extack)
1135 struct sk_buff *skb;
1137 struct nlmsghdr *nlh;
1139 struct netlink_callback dcb;
1140 struct nlattr *nest;
1141 struct nlattr *tb[TCA_ACT_MAX + 1];
1142 const struct tc_action_ops *ops;
1143 struct nlattr *kind;
1146 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL);
1150 b = skb_tail_pointer(skb);
1152 err = nla_parse_nested_deprecated(tb, TCA_ACT_MAX, nla, NULL, extack);
1157 kind = tb[TCA_ACT_KIND];
1158 ops = tc_lookup_action(kind);
1159 if (!ops) { /*some idjot trying to flush unknown action */
1160 NL_SET_ERR_MSG(extack, "Cannot flush unknown TC action");
1164 nlh = nlmsg_put(skb, portid, n->nlmsg_seq, RTM_DELACTION,
1167 NL_SET_ERR_MSG(extack, "Failed to create TC action flush notification");
1168 goto out_module_put;
1170 t = nlmsg_data(nlh);
1171 t->tca_family = AF_UNSPEC;
1175 nest = nla_nest_start_noflag(skb, TCA_ACT_TAB);
1177 NL_SET_ERR_MSG(extack, "Failed to add new netlink message");
1178 goto out_module_put;
1181 err = ops->walk(net, skb, &dcb, RTM_DELACTION, ops, extack);
1183 nla_nest_cancel(skb, nest);
1184 goto out_module_put;
1187 nla_nest_end(skb, nest);
1189 nlh->nlmsg_len = skb_tail_pointer(skb) - b;
1190 nlh->nlmsg_flags |= NLM_F_ROOT;
1191 module_put(ops->owner);
1192 err = rtnetlink_send(skb, net, portid, RTNLGRP_TC,
1193 n->nlmsg_flags & NLM_F_ECHO);
1197 NL_SET_ERR_MSG(extack, "Failed to send TC action flush notification");
1202 module_put(ops->owner);
1208 static int tcf_action_delete(struct net *net, struct tc_action *actions[])
1212 for (i = 0; i < TCA_ACT_MAX_PRIO && actions[i]; i++) {
1213 struct tc_action *a = actions[i];
1214 const struct tc_action_ops *ops = a->ops;
1215 /* Actions can be deleted concurrently so we must save their
1216 * type and id to search again after reference is released.
1218 struct tcf_idrinfo *idrinfo = a->idrinfo;
1219 u32 act_index = a->tcfa_index;
1222 if (tcf_action_put(a)) {
1223 /* last reference, action was deleted concurrently */
1224 module_put(ops->owner);
1228 /* now do the delete */
1229 ret = tcf_idr_delete_index(idrinfo, act_index);
1238 tcf_del_notify(struct net *net, struct nlmsghdr *n, struct tc_action *actions[],
1239 u32 portid, size_t attr_size, struct netlink_ext_ack *extack)
1242 struct sk_buff *skb;
1244 skb = alloc_skb(attr_size <= NLMSG_GOODSIZE ? NLMSG_GOODSIZE : attr_size,
1249 if (tca_get_fill(skb, actions, portid, n->nlmsg_seq, 0, RTM_DELACTION,
1251 NL_SET_ERR_MSG(extack, "Failed to fill netlink TC action attributes");
1256 /* now do the delete */
1257 ret = tcf_action_delete(net, actions);
1259 NL_SET_ERR_MSG(extack, "Failed to delete TC action");
1264 ret = rtnetlink_send(skb, net, portid, RTNLGRP_TC,
1265 n->nlmsg_flags & NLM_F_ECHO);
1272 tca_action_gd(struct net *net, struct nlattr *nla, struct nlmsghdr *n,
1273 u32 portid, int event, struct netlink_ext_ack *extack)
1276 struct nlattr *tb[TCA_ACT_MAX_PRIO + 1];
1277 struct tc_action *act;
1278 size_t attr_size = 0;
1279 struct tc_action *actions[TCA_ACT_MAX_PRIO] = {};
1281 ret = nla_parse_nested_deprecated(tb, TCA_ACT_MAX_PRIO, nla, NULL,
1286 if (event == RTM_DELACTION && n->nlmsg_flags & NLM_F_ROOT) {
1288 return tca_action_flush(net, tb[1], n, portid, extack);
1290 NL_SET_ERR_MSG(extack, "Invalid netlink attributes while flushing TC action");
1294 for (i = 1; i <= TCA_ACT_MAX_PRIO && tb[i]; i++) {
1295 act = tcf_action_get_1(net, tb[i], n, portid, extack);
1300 attr_size += tcf_action_fill_size(act);
1301 actions[i - 1] = act;
1304 attr_size = tcf_action_full_attrs_size(attr_size);
1306 if (event == RTM_GETACTION)
1307 ret = tcf_get_notify(net, portid, n, actions, event, extack);
1309 ret = tcf_del_notify(net, n, actions, portid, attr_size, extack);
1315 tcf_action_put_many(actions);
1320 tcf_add_notify(struct net *net, struct nlmsghdr *n, struct tc_action *actions[],
1321 u32 portid, size_t attr_size, struct netlink_ext_ack *extack)
1323 struct sk_buff *skb;
1326 skb = alloc_skb(attr_size <= NLMSG_GOODSIZE ? NLMSG_GOODSIZE : attr_size,
1331 if (tca_get_fill(skb, actions, portid, n->nlmsg_seq, n->nlmsg_flags,
1332 RTM_NEWACTION, 0, 0) <= 0) {
1333 NL_SET_ERR_MSG(extack, "Failed to fill netlink attributes while adding TC action");
1338 err = rtnetlink_send(skb, net, portid, RTNLGRP_TC,
1339 n->nlmsg_flags & NLM_F_ECHO);
1345 static int tcf_action_add(struct net *net, struct nlattr *nla,
1346 struct nlmsghdr *n, u32 portid, int ovr,
1347 struct netlink_ext_ack *extack)
1349 size_t attr_size = 0;
1351 struct tc_action *actions[TCA_ACT_MAX_PRIO] = {};
1353 ret = tcf_action_init(net, NULL, nla, NULL, NULL, ovr, 0, actions,
1354 &attr_size, true, extack);
1357 ret = tcf_add_notify(net, n, actions, portid, attr_size, extack);
1359 tcf_action_put_many(actions);
1364 static u32 tcaa_root_flags_allowed = TCA_FLAG_LARGE_DUMP_ON;
1365 static const struct nla_policy tcaa_policy[TCA_ROOT_MAX + 1] = {
1366 [TCA_ROOT_FLAGS] = { .type = NLA_BITFIELD32,
1367 .validation_data = &tcaa_root_flags_allowed },
1368 [TCA_ROOT_TIME_DELTA] = { .type = NLA_U32 },
1371 static int tc_ctl_action(struct sk_buff *skb, struct nlmsghdr *n,
1372 struct netlink_ext_ack *extack)
1374 struct net *net = sock_net(skb->sk);
1375 struct nlattr *tca[TCA_ROOT_MAX + 1];
1376 u32 portid = skb ? NETLINK_CB(skb).portid : 0;
1377 int ret = 0, ovr = 0;
1379 if ((n->nlmsg_type != RTM_GETACTION) &&
1380 !netlink_capable(skb, CAP_NET_ADMIN))
1383 ret = nlmsg_parse_deprecated(n, sizeof(struct tcamsg), tca,
1384 TCA_ROOT_MAX, NULL, extack);
1388 if (tca[TCA_ACT_TAB] == NULL) {
1389 NL_SET_ERR_MSG(extack, "Netlink action attributes missing");
1393 /* n->nlmsg_flags & NLM_F_CREATE */
1394 switch (n->nlmsg_type) {
1396 /* we are going to assume all other flags
1397 * imply create only if it doesn't exist
1398 * Note that CREATE | EXCL implies that
1399 * but since we want avoid ambiguity (eg when flags
1400 * is zero) then just set this
1402 if (n->nlmsg_flags & NLM_F_REPLACE)
1405 ret = tcf_action_add(net, tca[TCA_ACT_TAB], n, portid, ovr,
1411 ret = tca_action_gd(net, tca[TCA_ACT_TAB], n,
1412 portid, RTM_DELACTION, extack);
1415 ret = tca_action_gd(net, tca[TCA_ACT_TAB], n,
1416 portid, RTM_GETACTION, extack);
1425 static struct nlattr *find_dump_kind(struct nlattr **nla)
1427 struct nlattr *tb1, *tb2[TCA_ACT_MAX + 1];
1428 struct nlattr *tb[TCA_ACT_MAX_PRIO + 1];
1429 struct nlattr *kind;
1431 tb1 = nla[TCA_ACT_TAB];
1435 if (nla_parse_deprecated(tb, TCA_ACT_MAX_PRIO, nla_data(tb1), NLMSG_ALIGN(nla_len(tb1)), NULL, NULL) < 0)
1440 if (nla_parse_nested_deprecated(tb2, TCA_ACT_MAX, tb[1], NULL, NULL) < 0)
1442 kind = tb2[TCA_ACT_KIND];
1447 static int tc_dump_action(struct sk_buff *skb, struct netlink_callback *cb)
1449 struct net *net = sock_net(skb->sk);
1450 struct nlmsghdr *nlh;
1451 unsigned char *b = skb_tail_pointer(skb);
1452 struct nlattr *nest;
1453 struct tc_action_ops *a_o;
1455 struct tcamsg *t = (struct tcamsg *) nlmsg_data(cb->nlh);
1456 struct nlattr *tb[TCA_ROOT_MAX + 1];
1457 struct nlattr *count_attr = NULL;
1458 unsigned long jiffy_since = 0;
1459 struct nlattr *kind = NULL;
1460 struct nla_bitfield32 bf;
1461 u32 msecs_since = 0;
1464 ret = nlmsg_parse_deprecated(cb->nlh, sizeof(struct tcamsg), tb,
1465 TCA_ROOT_MAX, tcaa_policy, cb->extack);
1469 kind = find_dump_kind(tb);
1471 pr_info("tc_dump_action: action bad kind\n");
1475 a_o = tc_lookup_action(kind);
1480 if (tb[TCA_ROOT_FLAGS]) {
1481 bf = nla_get_bitfield32(tb[TCA_ROOT_FLAGS]);
1482 cb->args[2] = bf.value;
1485 if (tb[TCA_ROOT_TIME_DELTA]) {
1486 msecs_since = nla_get_u32(tb[TCA_ROOT_TIME_DELTA]);
1489 nlh = nlmsg_put(skb, NETLINK_CB(cb->skb).portid, cb->nlh->nlmsg_seq,
1490 cb->nlh->nlmsg_type, sizeof(*t), 0);
1492 goto out_module_put;
1495 jiffy_since = jiffies - msecs_to_jiffies(msecs_since);
1497 t = nlmsg_data(nlh);
1498 t->tca_family = AF_UNSPEC;
1501 cb->args[3] = jiffy_since;
1502 count_attr = nla_reserve(skb, TCA_ROOT_COUNT, sizeof(u32));
1504 goto out_module_put;
1506 nest = nla_nest_start_noflag(skb, TCA_ACT_TAB);
1508 goto out_module_put;
1510 ret = a_o->walk(net, skb, cb, RTM_GETACTION, a_o, NULL);
1512 goto out_module_put;
1515 nla_nest_end(skb, nest);
1517 act_count = cb->args[1];
1518 memcpy(nla_data(count_attr), &act_count, sizeof(u32));
1523 nlh->nlmsg_len = skb_tail_pointer(skb) - b;
1524 if (NETLINK_CB(cb->skb).portid && ret)
1525 nlh->nlmsg_flags |= NLM_F_MULTI;
1526 module_put(a_o->owner);
1530 module_put(a_o->owner);
1535 static int __init tc_action_init(void)
1537 rtnl_register(PF_UNSPEC, RTM_NEWACTION, tc_ctl_action, NULL, 0);
1538 rtnl_register(PF_UNSPEC, RTM_DELACTION, tc_ctl_action, NULL, 0);
1539 rtnl_register(PF_UNSPEC, RTM_GETACTION, tc_ctl_action, tc_dump_action,
1545 subsys_initcall(tc_action_init);
git.samba.org / sfrench / cifs-2.6.git / blob