]> git.proxmox.com Git - mirror_ovs.git/blame - lib/tc.c
projects / mirror_ovs.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
OVN: add static IP support to IPAM
[mirror_ovs.git] / lib / tc.c
CommitLineData
c1c5c723 1/*
ef3767f5 2 * Copyright (c) 2009-2017 Nicira, Inc.
f98e418f 3 * Copyright (c) 2016 Mellanox Technologies, Ltd.
c1c5c723
PB		 4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 */
17
18#include <config.h>
19#include "tc.h"
ef3767f5 20
c1c5c723 21#include <errno.h>
f98e418f
RD		 22#include <linux/if_ether.h>
23#include <linux/rtnetlink.h>
8ada482b 24#include <linux/tc_act/tc_csum.h>
f98e418f
RD		 25#include <linux/tc_act/tc_gact.h>
26#include <linux/tc_act/tc_mirred.h>
8ada482b 27#include <linux/tc_act/tc_pedit.h>
f98e418f
RD		 28#include <linux/tc_act/tc_tunnel_key.h>
29#include <linux/tc_act/tc_vlan.h>
30#include <linux/gen_stats.h>
31#include <net/if.h>
8c1e74d1 32#include <unistd.h>
ef3767f5 33
f98e418f 34#include "byte-order.h"
c1c5c723
PB		 35#include "netlink-socket.h"
36#include "netlink.h"
37#include "openvswitch/ofpbuf.h"
8ada482b 38#include "openvswitch/util.h"
c1c5c723 39#include "openvswitch/vlog.h"
f98e418f
RD		 40#include "packets.h"
41#include "timeval.h"
ef3767f5 42#include "unaligned.h"
c1c5c723 43
8ada482b
PB		 44#define MAX_PEDIT_OFFSETS 32
45
093c9458
JH		 46#ifndef TCM_IFINDEX_MAGIC_BLOCK
47#define TCM_IFINDEX_MAGIC_BLOCK (0xFFFFFFFFU)
48#endif
49
50#if TCA_MAX < 14
51#define TCA_INGRESS_BLOCK 13
52#endif
53
c1c5c723
PB		 54VLOG_DEFINE_THIS_MODULE(tc);
55
f98e418f
RD		 56static struct vlog_rate_limit error_rl = VLOG_RATE_LIMIT_INIT(60, 5);
57
691d20cb
PB		 58enum tc_offload_policy {
59 TC_POLICY_NONE,
60 TC_POLICY_SKIP_SW,
61 TC_POLICY_SKIP_HW
62};
63
64static enum tc_offload_policy tc_policy = TC_POLICY_NONE;
65
8ada482b
PB		 66struct tc_pedit_key_ex {
67 enum pedit_header_type htype;
68 enum pedit_cmd cmd;
69};
70
71struct flower_key_to_pedit {
72 enum pedit_header_type htype;
8ada482b 73 int offset;
fbaf1bf9 74 int flower_offset;
8ada482b
PB		 75 int size;
76};
77
78static struct flower_key_to_pedit flower_pedit_map[] = {
79 {
80 TCA_PEDIT_KEY_EX_HDR_TYPE_IP4,
81 12,
82 offsetof(struct tc_flower_key, ipv4.ipv4_src),
83 MEMBER_SIZEOF(struct tc_flower_key, ipv4.ipv4_src)
84 }, {
85 TCA_PEDIT_KEY_EX_HDR_TYPE_IP4,
86 16,
87 offsetof(struct tc_flower_key, ipv4.ipv4_dst),
88 MEMBER_SIZEOF(struct tc_flower_key, ipv4.ipv4_dst)
89 }, {
90 TCA_PEDIT_KEY_EX_HDR_TYPE_IP4,
91 8,
92 offsetof(struct tc_flower_key, ipv4.rewrite_ttl),
93 MEMBER_SIZEOF(struct tc_flower_key, ipv4.rewrite_ttl)
94 }, {
95 TCA_PEDIT_KEY_EX_HDR_TYPE_IP6,
96 8,
97 offsetof(struct tc_flower_key, ipv6.ipv6_src),
98 MEMBER_SIZEOF(struct tc_flower_key, ipv6.ipv6_src)
99 }, {
100 TCA_PEDIT_KEY_EX_HDR_TYPE_IP6,
101 24,
102 offsetof(struct tc_flower_key, ipv6.ipv6_dst),
103 MEMBER_SIZEOF(struct tc_flower_key, ipv6.ipv6_dst)
104 }, {
105 TCA_PEDIT_KEY_EX_HDR_TYPE_ETH,
106 6,
107 offsetof(struct tc_flower_key, src_mac),
108 MEMBER_SIZEOF(struct tc_flower_key, src_mac)
109 }, {
110 TCA_PEDIT_KEY_EX_HDR_TYPE_ETH,
111 0,
112 offsetof(struct tc_flower_key, dst_mac),
113 MEMBER_SIZEOF(struct tc_flower_key, dst_mac)
114 }, {
115 TCA_PEDIT_KEY_EX_HDR_TYPE_ETH,
116 12,
117 offsetof(struct tc_flower_key, eth_type),
118 MEMBER_SIZEOF(struct tc_flower_key, eth_type)
119 }, {
120 TCA_PEDIT_KEY_EX_HDR_TYPE_TCP,
121 0,
122 offsetof(struct tc_flower_key, tcp_src),
123 MEMBER_SIZEOF(struct tc_flower_key, tcp_src)
124 }, {
125 TCA_PEDIT_KEY_EX_HDR_TYPE_TCP,
126 2,
127 offsetof(struct tc_flower_key, tcp_dst),
128 MEMBER_SIZEOF(struct tc_flower_key, tcp_dst)
129 }, {
130 TCA_PEDIT_KEY_EX_HDR_TYPE_UDP,
131 0,
132 offsetof(struct tc_flower_key, udp_src),
133 MEMBER_SIZEOF(struct tc_flower_key, udp_src)
134 }, {
135 TCA_PEDIT_KEY_EX_HDR_TYPE_UDP,
136 2,
137 offsetof(struct tc_flower_key, udp_dst),
138 MEMBER_SIZEOF(struct tc_flower_key, udp_dst)
139 },
140};
141
d6118e62
PB		 142static inline int
143csum_update_flag(struct tc_flower *flower,
144 enum pedit_header_type htype);
145
c1c5c723
PB		 146struct tcmsg *
147tc_make_request(int ifindex, int type, unsigned int flags,
148 struct ofpbuf *request)
149{
150 struct tcmsg *tcmsg;
151
152 ofpbuf_init(request, 512);
153 nl_msg_put_nlmsghdr(request, sizeof *tcmsg, type, NLM_F_REQUEST | flags);
154 tcmsg = ofpbuf_put_zeros(request, sizeof *tcmsg);
155 tcmsg->tcm_family = AF_UNSPEC;
156 tcmsg->tcm_ifindex = ifindex;
157 /* Caller should fill in tcmsg->tcm_handle. */
158 /* Caller should fill in tcmsg->tcm_parent. */
159
160 return tcmsg;
161}
162
163int
164tc_transact(struct ofpbuf *request, struct ofpbuf **replyp)
165{
166 int error = nl_transact(NETLINK_ROUTE, request, replyp);
167 ofpbuf_uninit(request);
168 return error;
169}
170
171/* Adds or deletes a root ingress qdisc on device with specified ifindex.
172 *
173 * This function is equivalent to running the following when 'add' is true:
174 * /sbin/tc qdisc add dev <devname> handle ffff: ingress
175 *
176 * This function is equivalent to running the following when 'add' is false:
177 * /sbin/tc qdisc del dev <devname> handle ffff: ingress
178 *
179 * Where dev <devname> is the device with specified ifindex name.
180 *
181 * The configuration and stats may be seen with the following command:
182 * /sbin/tc -s qdisc show dev <devname>
183 *
093c9458
JH		 184 * If block_id is greater than 0, then the ingress qdisc is added to a block.
185 * In this case, it is equivalent to running (when 'add' is true):
186 * /sbin/tc qdisc add dev <devname> ingress_block <block_id> ingress
187 *
c1c5c723
PB		 188 * Returns 0 if successful, otherwise a positive errno value.
189 */
190int
093c9458 191tc_add_del_ingress_qdisc(int ifindex, bool add, uint32_t block_id)
c1c5c723
PB		 192{
193 struct ofpbuf request;
194 struct tcmsg *tcmsg;
195 int error;
196 int type = add ? RTM_NEWQDISC : RTM_DELQDISC;
197 int flags = add ? NLM_F_EXCL | NLM_F_CREATE : 0;
198
199 tcmsg = tc_make_request(ifindex, type, flags, &request);
209832d5 200 tcmsg->tcm_handle = TC_H_MAKE(TC_H_INGRESS, 0);
c1c5c723
PB		 201 tcmsg->tcm_parent = TC_H_INGRESS;
202 nl_msg_put_string(&request, TCA_KIND, "ingress");
203 nl_msg_put_unspec(&request, TCA_OPTIONS, NULL, 0);
093c9458
JH		 204 if (block_id) {
205 nl_msg_put_u32(&request, TCA_INGRESS_BLOCK, block_id);
206 }
c1c5c723
PB		 207
208 error = tc_transact(&request, NULL);
209 if (error) {
210 /* If we're deleting the qdisc, don't worry about some of the
211 * error conditions. */
212 if (!add && (error == ENOENT || error == EINVAL)) {
213 return 0;
214 }
215 return error;
216 }
217
218 return 0;
219}
f98e418f
RD		 220
221static const struct nl_policy tca_policy[] = {
222 [TCA_KIND] = { .type = NL_A_STRING, .optional = false, },
223 [TCA_OPTIONS] = { .type = NL_A_NESTED, .optional = false, },
224 [TCA_STATS] = { .type = NL_A_UNSPEC,
225 .min_len = sizeof(struct tc_stats), .optional = true, },
226 [TCA_STATS2] = { .type = NL_A_NESTED, .optional = true, },
227};
228
229static const struct nl_policy tca_flower_policy[] = {
230 [TCA_FLOWER_CLASSID] = { .type = NL_A_U32, .optional = true, },
231 [TCA_FLOWER_INDEV] = { .type = NL_A_STRING, .max_len = IFNAMSIZ,
232 .optional = true, },
233 [TCA_FLOWER_KEY_ETH_SRC] = { .type = NL_A_UNSPEC,
234 .min_len = ETH_ALEN, .optional = true, },
235 [TCA_FLOWER_KEY_ETH_DST] = { .type = NL_A_UNSPEC,
236 .min_len = ETH_ALEN, .optional = true, },
237 [TCA_FLOWER_KEY_ETH_SRC_MASK] = { .type = NL_A_UNSPEC,
238 .min_len = ETH_ALEN,
239 .optional = true, },
240 [TCA_FLOWER_KEY_ETH_DST_MASK] = { .type = NL_A_UNSPEC,
241 .min_len = ETH_ALEN,
242 .optional = true, },
243 [TCA_FLOWER_KEY_ETH_TYPE] = { .type = NL_A_U16, .optional = false, },
244 [TCA_FLOWER_FLAGS] = { .type = NL_A_U32, .optional = false, },
245 [TCA_FLOWER_ACT] = { .type = NL_A_NESTED, .optional = false, },
246 [TCA_FLOWER_KEY_IP_PROTO] = { .type = NL_A_U8, .optional = true, },
247 [TCA_FLOWER_KEY_IPV4_SRC] = { .type = NL_A_U32, .optional = true, },
248 [TCA_FLOWER_KEY_IPV4_DST] = {.type = NL_A_U32, .optional = true, },
249 [TCA_FLOWER_KEY_IPV4_SRC_MASK] = { .type = NL_A_U32, .optional = true, },
250 [TCA_FLOWER_KEY_IPV4_DST_MASK] = { .type = NL_A_U32, .optional = true, },
251 [TCA_FLOWER_KEY_IPV6_SRC] = { .type = NL_A_UNSPEC,
252 .min_len = sizeof(struct in6_addr),
253 .optional = true, },
254 [TCA_FLOWER_KEY_IPV6_DST] = { .type = NL_A_UNSPEC,
255 .min_len = sizeof(struct in6_addr),
256 .optional = true, },
257 [TCA_FLOWER_KEY_IPV6_SRC_MASK] = { .type = NL_A_UNSPEC,
258 .min_len = sizeof(struct in6_addr),
259 .optional = true, },
260 [TCA_FLOWER_KEY_IPV6_DST_MASK] = { .type = NL_A_UNSPEC,
261 .min_len = sizeof(struct in6_addr),
262 .optional = true, },
263 [TCA_FLOWER_KEY_TCP_SRC] = { .type = NL_A_U16, .optional = true, },
264 [TCA_FLOWER_KEY_TCP_DST] = { .type = NL_A_U16, .optional = true, },
265 [TCA_FLOWER_KEY_TCP_SRC_MASK] = { .type = NL_A_U16, .optional = true, },
266 [TCA_FLOWER_KEY_TCP_DST_MASK] = { .type = NL_A_U16, .optional = true, },
267 [TCA_FLOWER_KEY_UDP_SRC] = { .type = NL_A_U16, .optional = true, },
268 [TCA_FLOWER_KEY_UDP_DST] = { .type = NL_A_U16, .optional = true, },
269 [TCA_FLOWER_KEY_UDP_SRC_MASK] = { .type = NL_A_U16, .optional = true, },
270 [TCA_FLOWER_KEY_UDP_DST_MASK] = { .type = NL_A_U16, .optional = true, },
4862b4e5
VB		 271 [TCA_FLOWER_KEY_SCTP_SRC] = { .type = NL_A_U16, .optional = true, },
272 [TCA_FLOWER_KEY_SCTP_DST] = { .type = NL_A_U16, .optional = true, },
273 [TCA_FLOWER_KEY_SCTP_SRC_MASK] = { .type = NL_A_U16, .optional = true, },
274 [TCA_FLOWER_KEY_SCTP_DST_MASK] = { .type = NL_A_U16, .optional = true, },
34b16955
PJV		 275 [TCA_FLOWER_KEY_MPLS_TTL] = { .type = NL_A_U8, .optional = true, },
276 [TCA_FLOWER_KEY_MPLS_TC] = { .type = NL_A_U8, .optional = true, },
277 [TCA_FLOWER_KEY_MPLS_BOS] = { .type = NL_A_U8, .optional = true, },
278 [TCA_FLOWER_KEY_MPLS_LABEL] = { .type = NL_A_U32, .optional = true, },
f98e418f
RD		 279 [TCA_FLOWER_KEY_VLAN_ID] = { .type = NL_A_U16, .optional = true, },
280 [TCA_FLOWER_KEY_VLAN_PRIO] = { .type = NL_A_U8, .optional = true, },
281 [TCA_FLOWER_KEY_VLAN_ETH_TYPE] = { .type = NL_A_U16, .optional = true, },
282 [TCA_FLOWER_KEY_ENC_KEY_ID] = { .type = NL_A_U32, .optional = true, },
283 [TCA_FLOWER_KEY_ENC_IPV4_SRC] = { .type = NL_A_U32, .optional = true, },
284 [TCA_FLOWER_KEY_ENC_IPV4_DST] = { .type = NL_A_U32, .optional = true, },
285 [TCA_FLOWER_KEY_ENC_IPV4_SRC_MASK] = { .type = NL_A_U32,
286 .optional = true, },
287 [TCA_FLOWER_KEY_ENC_IPV4_DST_MASK] = { .type = NL_A_U32,
288 .optional = true, },
289 [TCA_FLOWER_KEY_ENC_IPV6_SRC] = { .type = NL_A_UNSPEC,
290 .min_len = sizeof(struct in6_addr),
291 .optional = true, },
292 [TCA_FLOWER_KEY_ENC_IPV6_DST] = { .type = NL_A_UNSPEC,
293 .min_len = sizeof(struct in6_addr),
294 .optional = true, },
295 [TCA_FLOWER_KEY_ENC_IPV6_SRC_MASK] = { .type = NL_A_UNSPEC,
296 .min_len = sizeof(struct in6_addr),
297 .optional = true, },
298 [TCA_FLOWER_KEY_ENC_IPV6_DST_MASK] = { .type = NL_A_UNSPEC,
299 .min_len = sizeof(struct in6_addr),
300 .optional = true, },
301 [TCA_FLOWER_KEY_ENC_UDP_DST_PORT] = { .type = NL_A_U16,
302 .optional = true, },
83e86606
RD		 303 [TCA_FLOWER_KEY_FLAGS] = { .type = NL_A_BE32, .optional = true, },
304 [TCA_FLOWER_KEY_FLAGS_MASK] = { .type = NL_A_BE32, .optional = true, },
0b4b5203
PB		 305 [TCA_FLOWER_KEY_IP_TTL] = { .type = NL_A_U8,
306 .optional = true, },
307 [TCA_FLOWER_KEY_IP_TTL_MASK] = { .type = NL_A_U8,
308 .optional = true, },
dfa2ccdb
OG		 309 [TCA_FLOWER_KEY_IP_TOS] = { .type = NL_A_U8,
310 .optional = true, },
311 [TCA_FLOWER_KEY_IP_TOS_MASK] = { .type = NL_A_U8,
312 .optional = true, },
cd081043
PB		 313 [TCA_FLOWER_KEY_TCP_FLAGS] = { .type = NL_A_U16,
314 .optional = true, },
315 [TCA_FLOWER_KEY_TCP_FLAGS_MASK] = { .type = NL_A_U16,
316 .optional = true, },
f9885dc5
JL		 317 [TCA_FLOWER_KEY_CVLAN_ID] = { .type = NL_A_U16, .optional = true, },
318 [TCA_FLOWER_KEY_CVLAN_PRIO] = { .type = NL_A_U8, .optional = true, },
319 [TCA_FLOWER_KEY_CVLAN_ETH_TYPE] = { .type = NL_A_U16, .optional = true, },
dd83253e
OG		 320 [TCA_FLOWER_KEY_ENC_IP_TOS] = { .type = NL_A_U8,
321 .optional = true, },
322 [TCA_FLOWER_KEY_ENC_IP_TOS_MASK] = { .type = NL_A_U8,
323 .optional = true, },
324 [TCA_FLOWER_KEY_ENC_IP_TTL] = { .type = NL_A_U8,
325 .optional = true, },
326 [TCA_FLOWER_KEY_ENC_IP_TTL_MASK] = { .type = NL_A_U8,
327 .optional = true, },
a468645c
PJV		 328 [TCA_FLOWER_KEY_ENC_OPTS] = { .type = NL_A_NESTED, .optional = true, },
329 [TCA_FLOWER_KEY_ENC_OPTS_MASK] = { .type = NL_A_NESTED,
330 .optional = true, },
f98e418f
RD		 331};
332
333static void
334nl_parse_flower_eth(struct nlattr **attrs, struct tc_flower *flower)
335{
336 const struct eth_addr *eth;
337
338 if (attrs[TCA_FLOWER_KEY_ETH_SRC_MASK]) {
339 eth = nl_attr_get_unspec(attrs[TCA_FLOWER_KEY_ETH_SRC], ETH_ALEN);
340 memcpy(&flower->key.src_mac, eth, sizeof flower->key.src_mac);
341
342 eth = nl_attr_get_unspec(attrs[TCA_FLOWER_KEY_ETH_SRC_MASK], ETH_ALEN);
343 memcpy(&flower->mask.src_mac, eth, sizeof flower->mask.src_mac);
344 }
345 if (attrs[TCA_FLOWER_KEY_ETH_DST_MASK]) {
346 eth = nl_attr_get_unspec(attrs[TCA_FLOWER_KEY_ETH_DST], ETH_ALEN);
347 memcpy(&flower->key.dst_mac, eth, sizeof flower->key.dst_mac);
348
349 eth = nl_attr_get_unspec(attrs[TCA_FLOWER_KEY_ETH_DST_MASK], ETH_ALEN);
350 memcpy(&flower->mask.dst_mac, eth, sizeof flower->mask.dst_mac);
351 }
352}
353
34b16955
PJV		 354static void
355nl_parse_flower_mpls(struct nlattr **attrs, struct tc_flower *flower)
356{
357 uint8_t ttl, tc, bos;
358 uint32_t label;
359
360 if (!eth_type_mpls(flower->key.eth_type)) {
361 return;
362 }
363
364 flower->key.encap_eth_type[0] =
365 nl_attr_get_be16(attrs[TCA_FLOWER_KEY_ETH_TYPE]);
366 flower->key.mpls_lse = 0;
367 flower->mask.mpls_lse = 0;
368
369 if (attrs[TCA_FLOWER_KEY_MPLS_TTL]) {
370 ttl = nl_attr_get_u8(attrs[TCA_FLOWER_KEY_MPLS_TTL]);
371 set_mpls_lse_ttl(&flower->key.mpls_lse, ttl);
372 set_mpls_lse_ttl(&flower->mask.mpls_lse, 0xff);
373 }
374
375 if (attrs[TCA_FLOWER_KEY_MPLS_BOS]) {
376 bos = nl_attr_get_u8(attrs[TCA_FLOWER_KEY_MPLS_BOS]);
377 set_mpls_lse_bos(&flower->key.mpls_lse, bos);
378 set_mpls_lse_ttl(&flower->mask.mpls_lse, 0xff);
379 }
380
381 if (attrs[TCA_FLOWER_KEY_MPLS_TC]) {
382 tc = nl_attr_get_u8(attrs[TCA_FLOWER_KEY_MPLS_TC]);
383 set_mpls_lse_tc(&flower->key.mpls_lse, tc);
384 set_mpls_lse_tc(&flower->mask.mpls_lse, 0xff);
385 }
386
387 if (attrs[TCA_FLOWER_KEY_MPLS_LABEL]) {
388 label = nl_attr_get_u32(attrs[TCA_FLOWER_KEY_MPLS_LABEL]);
389 set_mpls_lse_label(&flower->key.mpls_lse, htonl(label));
390 set_mpls_lse_label(&flower->mask.mpls_lse, OVS_BE32_MAX);
391 }
392}
393
f98e418f
RD		 394static void
395nl_parse_flower_vlan(struct nlattr **attrs, struct tc_flower *flower)
396{
f9885dc5
JL		 397 ovs_be16 encap_ethtype;
398
b5ad40a9 399 if (!eth_type_vlan(flower->key.eth_type)) {
f98e418f
RD		 400 return;
401 }
402
f9885dc5 403 flower->key.encap_eth_type[0] =
f98e418f
RD		 404 nl_attr_get_be16(attrs[TCA_FLOWER_KEY_ETH_TYPE]);
405
406 if (attrs[TCA_FLOWER_KEY_VLAN_ID]) {
f9885dc5 407 flower->key.vlan_id[0] =
f98e418f 408 nl_attr_get_u16(attrs[TCA_FLOWER_KEY_VLAN_ID]);
7f02f26c 409 flower->mask.vlan_id[0] = 0xffff;
f98e418f
RD		 410 }
411 if (attrs[TCA_FLOWER_KEY_VLAN_PRIO]) {
f9885dc5 412 flower->key.vlan_prio[0] =
f98e418f 413 nl_attr_get_u8(attrs[TCA_FLOWER_KEY_VLAN_PRIO]);
7f02f26c 414 flower->mask.vlan_prio[0] = 0xff;
f98e418f 415 }
f9885dc5
JL		 416
417 if (!attrs[TCA_FLOWER_KEY_VLAN_ETH_TYPE]) {
418 return;
419 }
420
421 encap_ethtype = nl_attr_get_be16(attrs[TCA_FLOWER_KEY_VLAN_ETH_TYPE]);
422 if (!eth_type_vlan(encap_ethtype)) {
423 return;
424 }
425
426 flower->key.encap_eth_type[1] = flower->key.encap_eth_type[0];
427 flower->key.encap_eth_type[0] = encap_ethtype;
428
429 if (attrs[TCA_FLOWER_KEY_CVLAN_ID]) {
430 flower->key.vlan_id[1] =
431 nl_attr_get_u16(attrs[TCA_FLOWER_KEY_CVLAN_ID]);
7f02f26c 432 flower->mask.vlan_id[1] = 0xffff;
f9885dc5
JL		 433 }
434 if (attrs[TCA_FLOWER_KEY_CVLAN_PRIO]) {
435 flower->key.vlan_prio[1] =
436 nl_attr_get_u8(attrs[TCA_FLOWER_KEY_CVLAN_PRIO]);
7f02f26c 437 flower->mask.vlan_prio[1] = 0xff;
f9885dc5 438 }
f98e418f
RD		 439}
440
a468645c
PJV		 441static int
442nl_parse_geneve_key(const struct nlattr *in_nlattr,
443 struct tun_metadata *metadata)
444{
445 struct geneve_opt *opt = NULL;
446 const struct ofpbuf *msg;
447 uint16_t last_opt_type;
448 struct nlattr *nla;
449 struct ofpbuf buf;
450 size_t left;
451 int cnt;
452
453 nl_attr_get_nested(in_nlattr, &buf);
454 msg = &buf;
455
456 last_opt_type = TCA_FLOWER_KEY_ENC_OPT_GENEVE_UNSPEC;
457 cnt = 0;
458 NL_ATTR_FOR_EACH (nla, left, ofpbuf_at(msg, 0, 0), msg->size) {
459 uint16_t type = nl_attr_type(nla);
460
461 switch (type) {
462 case TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS:
463 if (cnt && last_opt_type != TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA) {
464 VLOG_ERR_RL(&error_rl, "failed to parse tun options class");
465 return EINVAL;
466 }
467
468 opt = &metadata->opts.gnv[cnt];
469 opt->opt_class = nl_attr_get_be16(nla);
470 cnt += sizeof(struct geneve_opt) / 4;
471 metadata->present.len += sizeof(struct geneve_opt);
472 last_opt_type = TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS;
473 break;
474 case TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE:
475 if (last_opt_type != TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS) {
476 VLOG_ERR_RL(&error_rl, "failed to parse tun options type");
477 return EINVAL;
478 }
479
480 opt->type = nl_attr_get_u8(nla);
481 last_opt_type = TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE;
482 break;
483 case TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA:
484 if (last_opt_type != TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE) {
485 VLOG_ERR_RL(&error_rl, "failed to parse tun options data");
486 return EINVAL;
487 }
488
489 opt->length = nl_attr_get_size(nla) / 4;
490 memcpy(opt + 1, nl_attr_get_unspec(nla, 1), opt->length * 4);
491 cnt += opt->length;
492 metadata->present.len += opt->length * 4;
493 last_opt_type = TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA;
494 break;
495 }
496 }
497
498 if (last_opt_type != TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA) {
499 VLOG_ERR_RL(&error_rl, "failed to parse tun options without data");
500 return EINVAL;
501 }
502
503 return 0;
504}
505
506static int
507nl_parse_flower_tunnel_opts(struct nlattr *options,
508 struct tun_metadata *metadata)
509{
510 const struct ofpbuf *msg;
511 struct nlattr *nla;
512 struct ofpbuf buf;
513 size_t left;
514 int err;
515
516 nl_attr_get_nested(options, &buf);
517 msg = &buf;
518
519 NL_ATTR_FOR_EACH (nla, left, ofpbuf_at(msg, 0, 0), msg->size) {
520 uint16_t type = nl_attr_type(nla);
521 switch (type) {
522 case TCA_FLOWER_KEY_ENC_OPTS_GENEVE:
523 err = nl_parse_geneve_key(nla, metadata);
524 if (err) {
525 return err;
526 }
527
528 break;
529 }
530 }
531
532 return 0;
533}
534
535static int
536flower_tun_geneve_opt_check_len(struct tun_metadata *key,
537 struct tun_metadata *mask)
538{
539 const struct geneve_opt *opt, *opt_mask;
540 int len, cnt = 0;
541
542 len = key->present.len;
543 while (len) {
544 opt = &key->opts.gnv[cnt];
545 opt_mask = &mask->opts.gnv[cnt];
546
547 if (opt->length != opt_mask->length) {
548 VLOG_ERR_RL(&error_rl,
549 "failed to parse tun options; key/mask length differ");
550 return EINVAL;
551 }
552
553 cnt += sizeof(struct geneve_opt) / 4 + opt->length;
554 len -= sizeof(struct geneve_opt) + opt->length * 4;
555 }
556
557 return 0;
558}
559
560static int
f98e418f
RD		 561nl_parse_flower_tunnel(struct nlattr **attrs, struct tc_flower *flower)
562{
a468645c
PJV		 563 int err;
564
f98e418f
RD		 565 if (attrs[TCA_FLOWER_KEY_ENC_KEY_ID]) {
566 ovs_be32 id = nl_attr_get_be32(attrs[TCA_FLOWER_KEY_ENC_KEY_ID]);
567
105e8179 568 flower->key.tunnel.id = be32_to_be64(id);
f98e418f
RD		 569 }
570 if (attrs[TCA_FLOWER_KEY_ENC_IPV4_SRC_MASK]) {
105e8179 571 flower->key.tunnel.ipv4.ipv4_src =
f98e418f
RD		 572 nl_attr_get_be32(attrs[TCA_FLOWER_KEY_ENC_IPV4_SRC]);
573 }
574 if (attrs[TCA_FLOWER_KEY_ENC_IPV4_DST_MASK]) {
105e8179 575 flower->key.tunnel.ipv4.ipv4_dst =
f98e418f
RD		 576 nl_attr_get_be32(attrs[TCA_FLOWER_KEY_ENC_IPV4_DST]);
577 }
578 if (attrs[TCA_FLOWER_KEY_ENC_IPV6_SRC_MASK]) {
105e8179 579 flower->key.tunnel.ipv6.ipv6_src =
f98e418f
RD		 580 nl_attr_get_in6_addr(attrs[TCA_FLOWER_KEY_ENC_IPV6_SRC]);
581 }
582 if (attrs[TCA_FLOWER_KEY_ENC_IPV6_DST_MASK]) {
105e8179 583 flower->key.tunnel.ipv6.ipv6_dst =
f98e418f
RD		 584 nl_attr_get_in6_addr(attrs[TCA_FLOWER_KEY_ENC_IPV6_DST]);
585 }
586 if (attrs[TCA_FLOWER_KEY_ENC_UDP_DST_PORT]) {
105e8179 587 flower->key.tunnel.tp_dst =
f98e418f
RD		 588 nl_attr_get_be16(attrs[TCA_FLOWER_KEY_ENC_UDP_DST_PORT]);
589 }
49a7961f 590 if (attrs[TCA_FLOWER_KEY_ENC_IP_TOS_MASK]) {
105e8179 591 flower->key.tunnel.tos =
dd83253e 592 nl_attr_get_u8(attrs[TCA_FLOWER_KEY_ENC_IP_TOS]);
49a7961f
OG		 593 flower->mask.tunnel.tos =
594 nl_attr_get_u8(attrs[TCA_FLOWER_KEY_ENC_IP_TOS_MASK]);
dd83253e 595 }
49a7961f 596 if (attrs[TCA_FLOWER_KEY_ENC_IP_TTL_MASK]) {
105e8179 597 flower->key.tunnel.ttl =
dd83253e 598 nl_attr_get_u8(attrs[TCA_FLOWER_KEY_ENC_IP_TTL]);
49a7961f
OG		 599 flower->mask.tunnel.ttl =
600 nl_attr_get_u8(attrs[TCA_FLOWER_KEY_ENC_IP_TTL_MASK]);
dd83253e 601 }
a468645c
PJV		 602 if (attrs[TCA_FLOWER_KEY_ENC_OPTS] &&
603 attrs[TCA_FLOWER_KEY_ENC_OPTS_MASK]) {
604 err = nl_parse_flower_tunnel_opts(attrs[TCA_FLOWER_KEY_ENC_OPTS],
605 &flower->key.tunnel.metadata);
606 if (err) {
607 return err;
608 }
609
610 err = nl_parse_flower_tunnel_opts(attrs[TCA_FLOWER_KEY_ENC_OPTS_MASK],
611 &flower->mask.tunnel.metadata);
612 if (err) {
613 return err;
614 }
615
616 err = flower_tun_geneve_opt_check_len(&flower->key.tunnel.metadata,
617 &flower->mask.tunnel.metadata);
618 if (err) {
619 return err;
620 }
621 } else if (attrs[TCA_FLOWER_KEY_ENC_OPTS]) {
622 VLOG_ERR_RL(&error_rl,
623 "failed to parse tun options; no mask supplied");
624 return EINVAL;
625 } else if (attrs[TCA_FLOWER_KEY_ENC_OPTS_MASK]) {
626 VLOG_ERR_RL(&error_rl, "failed to parse tun options; no key supplied");
627 return EINVAL;
628 }
629
630 return 0;
f98e418f
RD		 631}
632
633static void
634nl_parse_flower_ip(struct nlattr **attrs, struct tc_flower *flower) {
635 uint8_t ip_proto = 0;
636 struct tc_flower_key *key = &flower->key;
637 struct tc_flower_key *mask = &flower->mask;
638
639 if (attrs[TCA_FLOWER_KEY_IP_PROTO]) {
640 ip_proto = nl_attr_get_u8(attrs[TCA_FLOWER_KEY_IP_PROTO]);
641 key->ip_proto = ip_proto;
642 mask->ip_proto = UINT8_MAX;
643 }
644
83e86606 645 if (attrs[TCA_FLOWER_KEY_FLAGS_MASK]) {
7e0f69b5
IS		 646 key->flags = ntohl(nl_attr_get_be32(attrs[TCA_FLOWER_KEY_FLAGS]));
647 mask->flags =
648 ntohl(nl_attr_get_be32(attrs[TCA_FLOWER_KEY_FLAGS_MASK]));
83e86606
RD		 649 }
650
f98e418f
RD		 651 if (attrs[TCA_FLOWER_KEY_IPV4_SRC_MASK]) {
652 key->ipv4.ipv4_src =
653 nl_attr_get_be32(attrs[TCA_FLOWER_KEY_IPV4_SRC]);
654 mask->ipv4.ipv4_src =
655 nl_attr_get_be32(attrs[TCA_FLOWER_KEY_IPV4_SRC_MASK]);
656 }
657 if (attrs[TCA_FLOWER_KEY_IPV4_DST_MASK]) {
658 key->ipv4.ipv4_dst =
659 nl_attr_get_be32(attrs[TCA_FLOWER_KEY_IPV4_DST]);
660 mask->ipv4.ipv4_dst =
661 nl_attr_get_be32(attrs[TCA_FLOWER_KEY_IPV4_DST_MASK]);
662 }
663 if (attrs[TCA_FLOWER_KEY_IPV6_SRC_MASK]) {
664 struct nlattr *attr = attrs[TCA_FLOWER_KEY_IPV6_SRC];
665 struct nlattr *attr_mask = attrs[TCA_FLOWER_KEY_IPV6_SRC_MASK];
666
667 key->ipv6.ipv6_src = nl_attr_get_in6_addr(attr);
668 mask->ipv6.ipv6_src = nl_attr_get_in6_addr(attr_mask);
669 }
670 if (attrs[TCA_FLOWER_KEY_IPV6_DST_MASK]) {
671 struct nlattr *attr = attrs[TCA_FLOWER_KEY_IPV6_DST];
672 struct nlattr *attr_mask = attrs[TCA_FLOWER_KEY_IPV6_DST_MASK];
673
674 key->ipv6.ipv6_dst = nl_attr_get_in6_addr(attr);
675 mask->ipv6.ipv6_dst = nl_attr_get_in6_addr(attr_mask);
676 }
677
678 if (ip_proto == IPPROTO_TCP) {
679 if (attrs[TCA_FLOWER_KEY_TCP_SRC_MASK]) {
2b1d9fa9 680 key->tcp_src =
f98e418f 681 nl_attr_get_be16(attrs[TCA_FLOWER_KEY_TCP_SRC]);
2b1d9fa9 682 mask->tcp_src =
f98e418f
RD		 683 nl_attr_get_be16(attrs[TCA_FLOWER_KEY_TCP_SRC_MASK]);
684 }
685 if (attrs[TCA_FLOWER_KEY_TCP_DST_MASK]) {
2b1d9fa9 686 key->tcp_dst =
f98e418f 687 nl_attr_get_be16(attrs[TCA_FLOWER_KEY_TCP_DST]);
2b1d9fa9 688 mask->tcp_dst =
f98e418f
RD		 689 nl_attr_get_be16(attrs[TCA_FLOWER_KEY_TCP_DST_MASK]);
690 }
cd081043
PB		 691 if (attrs[TCA_FLOWER_KEY_TCP_FLAGS_MASK]) {
692 key->tcp_flags =
693 nl_attr_get_be16(attrs[TCA_FLOWER_KEY_TCP_FLAGS]);
694 mask->tcp_flags =
695 nl_attr_get_be16(attrs[TCA_FLOWER_KEY_TCP_FLAGS_MASK]);
696 }
f98e418f
RD		 697 } else if (ip_proto == IPPROTO_UDP) {
698 if (attrs[TCA_FLOWER_KEY_UDP_SRC_MASK]) {
2b1d9fa9
PB		 699 key->udp_src = nl_attr_get_be16(attrs[TCA_FLOWER_KEY_UDP_SRC]);
700 mask->udp_src =
f98e418f
RD		 701 nl_attr_get_be16(attrs[TCA_FLOWER_KEY_UDP_SRC_MASK]);
702 }
703 if (attrs[TCA_FLOWER_KEY_UDP_DST_MASK]) {
2b1d9fa9
PB		 704 key->udp_dst = nl_attr_get_be16(attrs[TCA_FLOWER_KEY_UDP_DST]);
705 mask->udp_dst =
f98e418f
RD		 706 nl_attr_get_be16(attrs[TCA_FLOWER_KEY_UDP_DST_MASK]);
707 }
4862b4e5
VB		 708 } else if (ip_proto == IPPROTO_SCTP) {
709 if (attrs[TCA_FLOWER_KEY_SCTP_SRC_MASK]) {
2b1d9fa9
PB		 710 key->sctp_src = nl_attr_get_be16(attrs[TCA_FLOWER_KEY_SCTP_SRC]);
711 mask->sctp_src =
4862b4e5
VB		 712 nl_attr_get_be16(attrs[TCA_FLOWER_KEY_SCTP_SRC_MASK]);
713 }
714 if (attrs[TCA_FLOWER_KEY_SCTP_DST_MASK]) {
2b1d9fa9
PB		 715 key->sctp_dst = nl_attr_get_be16(attrs[TCA_FLOWER_KEY_SCTP_DST]);
716 mask->sctp_dst =
4862b4e5
VB		 717 nl_attr_get_be16(attrs[TCA_FLOWER_KEY_SCTP_DST_MASK]);
718 }
f98e418f 719 }
0b4b5203
PB		 720
721 if (attrs[TCA_FLOWER_KEY_IP_TTL_MASK]) {
722 key->ip_ttl = nl_attr_get_u8(attrs[TCA_FLOWER_KEY_IP_TTL]);
723 mask->ip_ttl = nl_attr_get_u8(attrs[TCA_FLOWER_KEY_IP_TTL_MASK]);
724 }
dfa2ccdb
OG		 725
726 if (attrs[TCA_FLOWER_KEY_IP_TOS_MASK]) {
727 key->ip_tos = nl_attr_get_u8(attrs[TCA_FLOWER_KEY_IP_TOS]);
728 mask->ip_tos = nl_attr_get_u8(attrs[TCA_FLOWER_KEY_IP_TOS_MASK]);
729 }
f98e418f
RD		 730}
731
d63ca532
GT		 732static enum tc_offloaded_state
733nl_get_flower_offloaded_state(struct nlattr **attrs)
734{
735 uint32_t flower_flags = 0;
736
737 if (attrs[TCA_FLOWER_FLAGS]) {
738 flower_flags = nl_attr_get_u32(attrs[TCA_FLOWER_FLAGS]);
739 if (flower_flags & TCA_CLS_FLAGS_NOT_IN_HW) {
740 return TC_OFFLOADED_STATE_NOT_IN_HW;
741 } else if (flower_flags & TCA_CLS_FLAGS_IN_HW) {
742 return TC_OFFLOADED_STATE_IN_HW;
743 }
744 }
745 return TC_OFFLOADED_STATE_UNDEFINED;
746}
747
748static void
749nl_parse_flower_flags(struct nlattr **attrs, struct tc_flower *flower)
750{
751 flower->offloaded_state = nl_get_flower_offloaded_state(attrs);
752}
753
8ada482b
PB		 754static const struct nl_policy pedit_policy[] = {
755 [TCA_PEDIT_PARMS_EX] = { .type = NL_A_UNSPEC,
756 .min_len = sizeof(struct tc_pedit),
757 .optional = false, },
758 [TCA_PEDIT_KEYS_EX] = { .type = NL_A_NESTED,
759 .optional = false, },
760};
761
762static int
763nl_parse_act_pedit(struct nlattr *options, struct tc_flower *flower)
764{
0c70132c 765 struct tc_action *action;
8ada482b
PB		 766 struct nlattr *pe_attrs[ARRAY_SIZE(pedit_policy)];
767 const struct tc_pedit *pe;
768 const struct tc_pedit_key *keys;
769 const struct nlattr *nla, *keys_ex, *ex_type;
770 const void *keys_attr;
771 char *rewrite_key = (void *) &flower->rewrite.key;
772 char *rewrite_mask = (void *) &flower->rewrite.mask;
773 size_t keys_ex_size, left;
d6118e62 774 int type, i = 0, err;
8ada482b
PB		 775
776 if (!nl_parse_nested(options, pedit_policy, pe_attrs,
777 ARRAY_SIZE(pedit_policy))) {
778 VLOG_ERR_RL(&error_rl, "failed to parse pedit action options");
779 return EPROTO;
780 }
781
782 pe = nl_attr_get_unspec(pe_attrs[TCA_PEDIT_PARMS_EX], sizeof *pe);
783 keys = pe->keys;
784 keys_attr = pe_attrs[TCA_PEDIT_KEYS_EX];
785 keys_ex = nl_attr_get(keys_attr);
786 keys_ex_size = nl_attr_get_size(keys_attr);
787
788 NL_ATTR_FOR_EACH (nla, left, keys_ex, keys_ex_size) {
789 if (i >= pe->nkeys) {
790 break;
791 }
792
408671c4 793 if (nl_attr_type(nla) != TCA_PEDIT_KEY_EX) {
8ada482b
PB		 794 VLOG_ERR_RL(&error_rl, "unable to parse legacy pedit type: %d",
795 nl_attr_type(nla));
796 return EOPNOTSUPP;
797 }
798
799 ex_type = nl_attr_find_nested(nla, TCA_PEDIT_KEY_EX_HTYPE);
800 type = nl_attr_get_u16(ex_type);
801
d6118e62
PB		 802 err = csum_update_flag(flower, type);
803 if (err) {
804 return err;
805 }
806
8ada482b
PB		 807 for (int j = 0; j < ARRAY_SIZE(flower_pedit_map); j++) {
808 struct flower_key_to_pedit *m = &flower_pedit_map[j];
809 int flower_off = m->flower_offset;
810 int sz = m->size;
811 int mf = m->offset;
812
813 if (m->htype != type) {
814 continue;
815 }
816
817 /* check overlap between current pedit key, which is always
818 * 4 bytes (range [off, off + 3]), and a map entry in
819 * flower_pedit_map (range [mf, mf + sz - 1]) */
820 if ((keys->off >= mf && keys->off < mf + sz)
821 || (keys->off + 3 >= mf && keys->off + 3 < mf + sz)) {
822 int diff = flower_off + (keys->off - mf);
823 uint32_t *dst = (void *) (rewrite_key + diff);
824 uint32_t *dst_m = (void *) (rewrite_mask + diff);
825 uint32_t mask = ~(keys->mask);
826 uint32_t zero_bits;
827
828 if (keys->off < mf) {
829 zero_bits = 8 * (mf - keys->off);
830 mask &= UINT32_MAX << zero_bits;
831 } else if (keys->off + 4 > mf + m->size) {
832 zero_bits = 8 * (keys->off + 4 - mf - m->size);
833 mask &= UINT32_MAX >> zero_bits;
834 }
835
836 *dst_m |= mask;
837 *dst |= keys->val & mask;
838 }
839 }
840
841 keys++;
842 i++;
843 }
844
0c70132c
CM		 845 action = &flower->actions[flower->action_count++];
846 action->type = TC_ACT_PEDIT;
8ada482b
PB		 847
848 return 0;
849}
850
f98e418f
RD		 851static const struct nl_policy tunnel_key_policy[] = {
852 [TCA_TUNNEL_KEY_PARMS] = { .type = NL_A_UNSPEC,
853 .min_len = sizeof(struct tc_tunnel_key),
854 .optional = false, },
855 [TCA_TUNNEL_KEY_ENC_IPV4_SRC] = { .type = NL_A_U32, .optional = true, },
856 [TCA_TUNNEL_KEY_ENC_IPV4_DST] = { .type = NL_A_U32, .optional = true, },
857 [TCA_TUNNEL_KEY_ENC_IPV6_SRC] = { .type = NL_A_UNSPEC,
858 .min_len = sizeof(struct in6_addr),
859 .optional = true, },
860 [TCA_TUNNEL_KEY_ENC_IPV6_DST] = { .type = NL_A_UNSPEC,
861 .min_len = sizeof(struct in6_addr),
862 .optional = true, },
863 [TCA_TUNNEL_KEY_ENC_KEY_ID] = { .type = NL_A_U32, .optional = true, },
864 [TCA_TUNNEL_KEY_ENC_DST_PORT] = { .type = NL_A_U16, .optional = true, },
4b12e454
OG		 865 [TCA_TUNNEL_KEY_ENC_TOS] = { .type = NL_A_U8, .optional = true, },
866 [TCA_TUNNEL_KEY_ENC_TTL] = { .type = NL_A_U8, .optional = true, },
202469aa 867 [TCA_TUNNEL_KEY_ENC_OPTS] = { .type = NL_A_NESTED, .optional = true, },
d9677a1f 868 [TCA_TUNNEL_KEY_NO_CSUM] = { .type = NL_A_U8, .optional = true, },
f98e418f
RD		 869};
870
202469aa
PJV		 871static int
872nl_parse_act_geneve_opts(const struct nlattr *in_nlattr,
873 struct tc_action *action)
874{
875 struct geneve_opt *opt = NULL;
876 const struct ofpbuf *msg;
877 uint16_t last_opt_type;
878 struct nlattr *nla;
879 struct ofpbuf buf;
880 size_t left;
881 int cnt;
882
883 nl_attr_get_nested(in_nlattr, &buf);
884 msg = &buf;
885
886 last_opt_type = TCA_TUNNEL_KEY_ENC_OPT_GENEVE_UNSPEC;
887 cnt = 0;
888 NL_ATTR_FOR_EACH (nla, left, ofpbuf_at(msg, 0, 0), msg->size) {
889 uint16_t type = nl_attr_type(nla);
890
891 switch (type) {
892 case TCA_TUNNEL_KEY_ENC_OPT_GENEVE_CLASS:
893 if (cnt && last_opt_type != TCA_TUNNEL_KEY_ENC_OPT_GENEVE_DATA) {
894 VLOG_ERR_RL(&error_rl,
895 "failed to parse action geneve options class");
896 return EINVAL;
897 }
898
899 opt = &action->encap.data.opts.gnv[cnt];
900 opt->opt_class = nl_attr_get_be16(nla);
901 cnt += sizeof(struct geneve_opt) / 4;
902 action->encap.data.present.len += sizeof(struct geneve_opt);
903 last_opt_type = TCA_TUNNEL_KEY_ENC_OPT_GENEVE_CLASS;
904 break;
905 case TCA_TUNNEL_KEY_ENC_OPT_GENEVE_TYPE:
906 if (last_opt_type != TCA_TUNNEL_KEY_ENC_OPT_GENEVE_CLASS) {
907 VLOG_ERR_RL(&error_rl,
908 "failed to parse action geneve options type");
909 return EINVAL;
910 }
911
912 opt->type = nl_attr_get_u8(nla);
913 last_opt_type = TCA_TUNNEL_KEY_ENC_OPT_GENEVE_TYPE;
914 break;
915 case TCA_TUNNEL_KEY_ENC_OPT_GENEVE_DATA:
916 if (last_opt_type != TCA_TUNNEL_KEY_ENC_OPT_GENEVE_TYPE) {
917 VLOG_ERR_RL(&error_rl,
918 "failed to parse action geneve options data");
919 return EINVAL;
920 }
921
922 opt->length = nl_attr_get_size(nla) / 4;
923 memcpy(opt + 1, nl_attr_get_unspec(nla, 1), opt->length * 4);
924 cnt += opt->length;
925 action->encap.data.present.len += opt->length * 4;
926 last_opt_type = TCA_TUNNEL_KEY_ENC_OPT_GENEVE_DATA;
927 break;
928 }
929 }
930
931 if (last_opt_type != TCA_TUNNEL_KEY_ENC_OPT_GENEVE_DATA) {
932 VLOG_ERR_RL(&error_rl,
933 "failed to parse action geneve options without data");
934 return EINVAL;
935 }
936
937 return 0;
938}
939
940static int
941nl_parse_act_tunnel_opts(struct nlattr *options, struct tc_action *action)
942{
943 const struct ofpbuf *msg;
944 struct nlattr *nla;
945 struct ofpbuf buf;
946 size_t left;
947 int err;
948
949 if (!options) {
950 return 0;
951 }
952
953 nl_attr_get_nested(options, &buf);
954 msg = &buf;
955
956 NL_ATTR_FOR_EACH (nla, left, ofpbuf_at(msg, 0, 0), msg->size) {
957 uint16_t type = nl_attr_type(nla);
958 switch (type) {
959 case TCA_TUNNEL_KEY_ENC_OPTS_GENEVE:
960 err = nl_parse_act_geneve_opts(nla, action);
961 if (err) {
962 return err;
963 }
964
965 break;
966 }
967 }
968
969 return 0;
970}
971
f98e418f
RD		 972static int
973nl_parse_act_tunnel_key(struct nlattr *options, struct tc_flower *flower)
974{
975 struct nlattr *tun_attrs[ARRAY_SIZE(tunnel_key_policy)];
976 const struct nlattr *tun_parms;
977 const struct tc_tunnel_key *tun;
0c70132c 978 struct tc_action *action;
202469aa 979 int err;
f98e418f
RD		 980
981 if (!nl_parse_nested(options, tunnel_key_policy, tun_attrs,
982 ARRAY_SIZE(tunnel_key_policy))) {
983 VLOG_ERR_RL(&error_rl, "failed to parse tunnel_key action options");
984 return EPROTO;
985 }
986
987 tun_parms = tun_attrs[TCA_TUNNEL_KEY_PARMS];
988 tun = nl_attr_get_unspec(tun_parms, sizeof *tun);
989 if (tun->t_action == TCA_TUNNEL_KEY_ACT_SET) {
990 struct nlattr *id = tun_attrs[TCA_TUNNEL_KEY_ENC_KEY_ID];
991 struct nlattr *dst_port = tun_attrs[TCA_TUNNEL_KEY_ENC_DST_PORT];
992 struct nlattr *ipv4_src = tun_attrs[TCA_TUNNEL_KEY_ENC_IPV4_SRC];
993 struct nlattr *ipv4_dst = tun_attrs[TCA_TUNNEL_KEY_ENC_IPV4_DST];
994 struct nlattr *ipv6_src = tun_attrs[TCA_TUNNEL_KEY_ENC_IPV6_SRC];
995 struct nlattr *ipv6_dst = tun_attrs[TCA_TUNNEL_KEY_ENC_IPV6_DST];
4b12e454
OG		 996 struct nlattr *tos = tun_attrs[TCA_TUNNEL_KEY_ENC_TOS];
997 struct nlattr *ttl = tun_attrs[TCA_TUNNEL_KEY_ENC_TTL];
202469aa 998 struct nlattr *tun_opt = tun_attrs[TCA_TUNNEL_KEY_ENC_OPTS];
d9677a1f 999 struct nlattr *no_csum = tun_attrs[TCA_TUNNEL_KEY_NO_CSUM];
f98e418f 1000
0c70132c
CM		 1001 action = &flower->actions[flower->action_count++];
1002 action->type = TC_ACT_ENCAP;
1003 action->encap.ipv4.ipv4_src = ipv4_src ? nl_attr_get_be32(ipv4_src) : 0;
1004 action->encap.ipv4.ipv4_dst = ipv4_dst ? nl_attr_get_be32(ipv4_dst) : 0;
f98e418f 1005 if (ipv6_src) {
0c70132c 1006 action->encap.ipv6.ipv6_src = nl_attr_get_in6_addr(ipv6_src);
f98e418f
RD		 1007 }
1008 if (ipv6_dst) {
0c70132c 1009 action->encap.ipv6.ipv6_dst = nl_attr_get_in6_addr(ipv6_dst);
f98e418f 1010 }
0c70132c
CM		 1011 action->encap.id = id ? be32_to_be64(nl_attr_get_be32(id)) : 0;
1012 action->encap.tp_dst = dst_port ? nl_attr_get_be16(dst_port) : 0;
4b12e454
OG		 1013 action->encap.tos = tos ? nl_attr_get_u8(tos) : 0;
1014 action->encap.ttl = ttl ? nl_attr_get_u8(ttl) : 0;
d9677a1f 1015 action->encap.no_csum = no_csum ? nl_attr_get_u8(no_csum) : 0;
202469aa
PJV		 1016
1017 err = nl_parse_act_tunnel_opts(tun_opt, action);
1018 if (err) {
1019 return err;
1020 }
f98e418f 1021 } else if (tun->t_action == TCA_TUNNEL_KEY_ACT_RELEASE) {
105e8179 1022 flower->tunnel = true;
f98e418f
RD		 1023 } else {
1024 VLOG_ERR_RL(&error_rl, "unknown tunnel actions: %d, %d",
1025 tun->action, tun->t_action);
1026 return EINVAL;
1027 }
1028 return 0;
1029}
1030
1031static const struct nl_policy gact_policy[] = {
1032 [TCA_GACT_PARMS] = { .type = NL_A_UNSPEC,
1033 .min_len = sizeof(struct tc_gact),
1034 .optional = false, },
1035 [TCA_GACT_TM] = { .type = NL_A_UNSPEC,
1036 .min_len = sizeof(struct tcf_t),
1037 .optional = false, },
1038};
1039
8c1e74d1
PB		 1040static int
1041get_user_hz(void)
1042{
1043 static struct ovsthread_once once = OVSTHREAD_ONCE_INITIALIZER;
1044 static int user_hz = 100;
1045
1046 if (ovsthread_once_start(&once)) {
1047 user_hz = sysconf(_SC_CLK_TCK);
1048 ovsthread_once_done(&once);
1049 }
1050
1051 return user_hz;
1052}
f98e418f
RD		 1053
1054static void
1055nl_parse_tcf(const struct tcf_t *tm, struct tc_flower *flower)
1056{
8c1e74d1 1057 flower->lastused = time_msec() - (tm->lastuse * 1000 / get_user_hz());
f98e418f
RD		 1058}
1059
1060static int
1061nl_parse_act_drop(struct nlattr *options, struct tc_flower *flower)
1062{
1063 struct nlattr *gact_attrs[ARRAY_SIZE(gact_policy)];
1064 const struct tc_gact *p;
1065 struct nlattr *gact_parms;
1066 const struct tcf_t *tm;
1067
1068 if (!nl_parse_nested(options, gact_policy, gact_attrs,
1069 ARRAY_SIZE(gact_policy))) {
1070 VLOG_ERR_RL(&error_rl, "failed to parse gact action options");
1071 return EPROTO;
1072 }
1073
1074 gact_parms = gact_attrs[TCA_GACT_PARMS];
1075 p = nl_attr_get_unspec(gact_parms, sizeof *p);
1076
1077 if (p->action != TC_ACT_SHOT) {
1078 VLOG_ERR_RL(&error_rl, "unknown gact action: %d", p->action);
1079 return EINVAL;
1080 }
1081
1082 tm = nl_attr_get_unspec(gact_attrs[TCA_GACT_TM], sizeof *tm);
1083 nl_parse_tcf(tm, flower);
1084
1085 return 0;
1086}
1087
1088static const struct nl_policy mirred_policy[] = {
1089 [TCA_MIRRED_PARMS] = { .type = NL_A_UNSPEC,
1090 .min_len = sizeof(struct tc_mirred),
1091 .optional = false, },
1092 [TCA_MIRRED_TM] = { .type = NL_A_UNSPEC,
1093 .min_len = sizeof(struct tcf_t),
1094 .optional = false, },
1095};
1096
1097static int
1098nl_parse_act_mirred(struct nlattr *options, struct tc_flower *flower)
1099{
1100
1101 struct nlattr *mirred_attrs[ARRAY_SIZE(mirred_policy)];
1102 const struct tc_mirred *m;
1103 const struct nlattr *mirred_parms;
1104 const struct tcf_t *tm;
1105 struct nlattr *mirred_tm;
0c70132c 1106 struct tc_action *action;
f98e418f
RD		 1107
1108 if (!nl_parse_nested(options, mirred_policy, mirred_attrs,
1109 ARRAY_SIZE(mirred_policy))) {
1110 VLOG_ERR_RL(&error_rl, "failed to parse mirred action options");
1111 return EPROTO;
1112 }
1113
1114 mirred_parms = mirred_attrs[TCA_MIRRED_PARMS];
1115 m = nl_attr_get_unspec(mirred_parms, sizeof *m);
1116
0c70132c 1117 if (m->eaction != TCA_EGRESS_REDIR && m->eaction != TCA_EGRESS_MIRROR) {
f98e418f 1118 VLOG_ERR_RL(&error_rl, "unknown mirred action: %d, %d, %d",
0c70132c 1119 m->action, m->eaction, m->ifindex);
f98e418f
RD		 1120 return EINVAL;
1121 }
1122
0c70132c
CM		 1123 action = &flower->actions[flower->action_count++];
1124 action->ifindex_out = m->ifindex;
1125 action->type = TC_ACT_OUTPUT;
f98e418f
RD		 1126
1127 mirred_tm = mirred_attrs[TCA_MIRRED_TM];
1128 tm = nl_attr_get_unspec(mirred_tm, sizeof *tm);
1129 nl_parse_tcf(tm, flower);
1130
1131 return 0;
1132}
1133
1134static const struct nl_policy vlan_policy[] = {
1135 [TCA_VLAN_PARMS] = { .type = NL_A_UNSPEC,
1136 .min_len = sizeof(struct tc_vlan),
1137 .optional = false, },
1138 [TCA_VLAN_PUSH_VLAN_ID] = { .type = NL_A_U16, .optional = true, },
1139 [TCA_VLAN_PUSH_VLAN_PROTOCOL] = { .type = NL_A_U16, .optional = true, },
1140 [TCA_VLAN_PUSH_VLAN_PRIORITY] = { .type = NL_A_U8, .optional = true, },
1141};
1142
1143static int
1144nl_parse_act_vlan(struct nlattr *options, struct tc_flower *flower)
1145{
1146 struct nlattr *vlan_attrs[ARRAY_SIZE(vlan_policy)];
1147 const struct tc_vlan *v;
1148 const struct nlattr *vlan_parms;
0c70132c 1149 struct tc_action *action;
f98e418f
RD		 1150
1151 if (!nl_parse_nested(options, vlan_policy, vlan_attrs,
1152 ARRAY_SIZE(vlan_policy))) {
1153 VLOG_ERR_RL(&error_rl, "failed to parse vlan action options");
1154 return EPROTO;
1155 }
1156
0c70132c 1157 action = &flower->actions[flower->action_count++];
f98e418f
RD		 1158 vlan_parms = vlan_attrs[TCA_VLAN_PARMS];
1159 v = nl_attr_get_unspec(vlan_parms, sizeof *v);
1160 if (v->v_action == TCA_VLAN_ACT_PUSH) {
61e8655c 1161 struct nlattr *vlan_tpid = vlan_attrs[TCA_VLAN_PUSH_VLAN_PROTOCOL];
f98e418f
RD		 1162 struct nlattr *vlan_id = vlan_attrs[TCA_VLAN_PUSH_VLAN_ID];
1163 struct nlattr *vlan_prio = vlan_attrs[TCA_VLAN_PUSH_VLAN_PRIORITY];
1164
10097f3f 1165 action->vlan.vlan_push_tpid = nl_attr_get_be16(vlan_tpid);
0c70132c
CM		 1166 action->vlan.vlan_push_id = nl_attr_get_u16(vlan_id);
1167 action->vlan.vlan_push_prio = vlan_prio ? nl_attr_get_u8(vlan_prio) : 0;
1168 action->type = TC_ACT_VLAN_PUSH;
f98e418f 1169 } else if (v->v_action == TCA_VLAN_ACT_POP) {
0c70132c 1170 action->type = TC_ACT_VLAN_POP;
f98e418f
RD		 1171 } else {
1172 VLOG_ERR_RL(&error_rl, "unknown vlan action: %d, %d",
1173 v->action, v->v_action);
1174 return EINVAL;
1175 }
1176 return 0;
1177}
1178
d6118e62
PB		 1179static const struct nl_policy csum_policy[] = {
1180 [TCA_CSUM_PARMS] = { .type = NL_A_UNSPEC,
1181 .min_len = sizeof(struct tc_csum),
1182 .optional = false, },
1183};
1184
1185static int
1186nl_parse_act_csum(struct nlattr *options, struct tc_flower *flower)
1187{
1188 struct nlattr *csum_attrs[ARRAY_SIZE(csum_policy)];
1189 const struct tc_csum *c;
1190 const struct nlattr *csum_parms;
1191
1192 if (!nl_parse_nested(options, csum_policy, csum_attrs,
1193 ARRAY_SIZE(csum_policy))) {
1194 VLOG_ERR_RL(&error_rl, "failed to parse csum action options");
1195 return EPROTO;
1196 }
1197
1198 csum_parms = csum_attrs[TCA_CSUM_PARMS];
1199 c = nl_attr_get_unspec(csum_parms, sizeof *c);
1200
1201 /* sanity checks */
1202 if (c->update_flags != flower->csum_update_flags) {
1203 VLOG_WARN_RL(&error_rl,
1204 "expected different act csum flags: 0x%x != 0x%x",
1205 flower->csum_update_flags, c->update_flags);
1206 return EINVAL;
1207 }
1208 flower->csum_update_flags = 0; /* so we know csum was handled */
1209
1210 if (flower->needs_full_ip_proto_mask
1211 && flower->mask.ip_proto != UINT8_MAX) {
1212 VLOG_WARN_RL(&error_rl, "expected full matching on flower ip_proto");
1213 return EINVAL;
1214 }
1215
1216 return 0;
1217}
1218
f98e418f
RD		 1219static const struct nl_policy act_policy[] = {
1220 [TCA_ACT_KIND] = { .type = NL_A_STRING, .optional = false, },
1221 [TCA_ACT_COOKIE] = { .type = NL_A_UNSPEC, .optional = true, },
1222 [TCA_ACT_OPTIONS] = { .type = NL_A_NESTED, .optional = false, },
1223 [TCA_ACT_STATS] = { .type = NL_A_NESTED, .optional = false, },
1224};
1225
1226static const struct nl_policy stats_policy[] = {
1227 [TCA_STATS_BASIC] = { .type = NL_A_UNSPEC,
1228 .min_len = sizeof(struct gnet_stats_basic),
1229 .optional = false, },
1230};
1231
1232static int
1233nl_parse_single_action(struct nlattr *action, struct tc_flower *flower)
1234{
1235 struct nlattr *act_options;
1236 struct nlattr *act_stats;
1237 struct nlattr *act_cookie;
1238 const char *act_kind;
1239 struct nlattr *action_attrs[ARRAY_SIZE(act_policy)];
1240 struct nlattr *stats_attrs[ARRAY_SIZE(stats_policy)];
1241 struct ovs_flow_stats *stats = &flower->stats;
1242 const struct gnet_stats_basic *bs;
40c5aa11 1243 int err = 0;
f98e418f
RD		 1244
1245 if (!nl_parse_nested(action, act_policy, action_attrs,
1246 ARRAY_SIZE(act_policy))) {
1247 VLOG_ERR_RL(&error_rl, "failed to parse single action options");
1248 return EPROTO;
1249 }
1250
1251 act_kind = nl_attr_get_string(action_attrs[TCA_ACT_KIND]);
1252 act_options = action_attrs[TCA_ACT_OPTIONS];
1253 act_cookie = action_attrs[TCA_ACT_COOKIE];
1254
1255 if (!strcmp(act_kind, "gact")) {
40c5aa11 1256 err = nl_parse_act_drop(act_options, flower);
f98e418f 1257 } else if (!strcmp(act_kind, "mirred")) {
40c5aa11 1258 err = nl_parse_act_mirred(act_options, flower);
f98e418f 1259 } else if (!strcmp(act_kind, "vlan")) {
40c5aa11 1260 err = nl_parse_act_vlan(act_options, flower);
f98e418f 1261 } else if (!strcmp(act_kind, "tunnel_key")) {
40c5aa11 1262 err = nl_parse_act_tunnel_key(act_options, flower);
8ada482b 1263 } else if (!strcmp(act_kind, "pedit")) {
40c5aa11 1264 err = nl_parse_act_pedit(act_options, flower);
8ada482b 1265 } else if (!strcmp(act_kind, "csum")) {
d6118e62 1266 nl_parse_act_csum(act_options, flower);
f98e418f
RD		 1267 } else {
1268 VLOG_ERR_RL(&error_rl, "unknown tc action kind: %s", act_kind);
40c5aa11
RD		 1269 err = EINVAL;
1270 }
1271
1272 if (err) {
1273 return err;
f98e418f
RD		 1274 }
1275
1276 if (act_cookie) {
1277 flower->act_cookie.data = nl_attr_get(act_cookie);
1278 flower->act_cookie.len = nl_attr_get_size(act_cookie);
1279 }
1280
1281 act_stats = action_attrs[TCA_ACT_STATS];
1282
1283 if (!nl_parse_nested(act_stats, stats_policy, stats_attrs,
1284 ARRAY_SIZE(stats_policy))) {
1285 VLOG_ERR_RL(&error_rl, "failed to parse action stats policy");
1286 return EPROTO;
1287 }
1288
1289 bs = nl_attr_get_unspec(stats_attrs[TCA_STATS_BASIC], sizeof *bs);
1290 put_32aligned_u64(&stats->n_packets, bs->packets);
1291 put_32aligned_u64(&stats->n_bytes, bs->bytes);
1292
1293 return 0;
1294}
1295
1296#define TCA_ACT_MIN_PRIO 1
1297
1298static int
1299nl_parse_flower_actions(struct nlattr **attrs, struct tc_flower *flower)
1300{
1301 const struct nlattr *actions = attrs[TCA_FLOWER_ACT];
1302 static struct nl_policy actions_orders_policy[TCA_ACT_MAX_PRIO + 1] = {};
1303 struct nlattr *actions_orders[ARRAY_SIZE(actions_orders_policy)];
1304 const int max_size = ARRAY_SIZE(actions_orders_policy);
1305
1306 for (int i = TCA_ACT_MIN_PRIO; i < max_size; i++) {
1307 actions_orders_policy[i].type = NL_A_NESTED;
1308 actions_orders_policy[i].optional = true;
1309 }
1310
1311 if (!nl_parse_nested(actions, actions_orders_policy, actions_orders,
1312 ARRAY_SIZE(actions_orders_policy))) {
1313 VLOG_ERR_RL(&error_rl, "failed to parse flower order of actions");
1314 return EPROTO;
1315 }
1316
1317 for (int i = TCA_ACT_MIN_PRIO; i < max_size; i++) {
1318 if (actions_orders[i]) {
0c70132c
CM		 1319 int err;
1320
1321 if (flower->action_count >= TCA_ACT_MAX_PRIO) {
1322 VLOG_DBG_RL(&error_rl, "Can only support %d actions", flower->action_count);
1323 return EOPNOTSUPP;
1324 }
1325 err = nl_parse_single_action(actions_orders[i], flower);
f98e418f
RD		 1326
1327 if (err) {
1328 return err;
1329 }
1330 }
1331 }
1332
d6118e62
PB		 1333 if (flower->csum_update_flags) {
1334 VLOG_WARN_RL(&error_rl,
1335 "expected act csum with flags: 0x%x",
1336 flower->csum_update_flags);
1337 return EINVAL;
1338 }
1339
f98e418f
RD		 1340 return 0;
1341}
1342
1343static int
1344nl_parse_flower_options(struct nlattr *nl_options, struct tc_flower *flower)
1345{
1346 struct nlattr *attrs[ARRAY_SIZE(tca_flower_policy)];
a468645c 1347 int err;
f98e418f
RD		 1348
1349 if (!nl_parse_nested(nl_options, tca_flower_policy,
1350 attrs, ARRAY_SIZE(tca_flower_policy))) {
1351 VLOG_ERR_RL(&error_rl, "failed to parse flower classifier options");
1352 return EPROTO;
1353 }
1354
1355 nl_parse_flower_eth(attrs, flower);
34b16955 1356 nl_parse_flower_mpls(attrs, flower);
f98e418f
RD		 1357 nl_parse_flower_vlan(attrs, flower);
1358 nl_parse_flower_ip(attrs, flower);
a468645c
PJV		 1359 err = nl_parse_flower_tunnel(attrs, flower);
1360 if (err) {
1361 return err;
1362 }
1363
d63ca532 1364 nl_parse_flower_flags(attrs, flower);
f98e418f
RD		 1365 return nl_parse_flower_actions(attrs, flower);
1366}
1367
1368int
1369parse_netlink_to_tc_flower(struct ofpbuf *reply, struct tc_flower *flower)
1370{
1371 struct tcmsg *tc;
1372 struct nlattr *ta[ARRAY_SIZE(tca_policy)];
1373 const char *kind;
1374
1375 if (NLMSG_HDRLEN + sizeof *tc > reply->size) {
1376 return EPROTO;
1377 }
1378
1379 memset(flower, 0, sizeof *flower);
1380
1381 tc = ofpbuf_at_assert(reply, NLMSG_HDRLEN, sizeof *tc);
1382 flower->handle = tc->tcm_handle;
1383 flower->key.eth_type = (OVS_FORCE ovs_be16) tc_get_minor(tc->tcm_info);
1384 flower->mask.eth_type = OVS_BE16_MAX;
1385 flower->prio = tc_get_major(tc->tcm_info);
1386
1387 if (!flower->handle) {
1388 return EAGAIN;
1389 }
1390
1391 if (!nl_policy_parse(reply, NLMSG_HDRLEN + sizeof *tc,
1392 tca_policy, ta, ARRAY_SIZE(ta))) {
1393 VLOG_ERR_RL(&error_rl, "failed to parse tca policy");
1394 return EPROTO;
1395 }
1396
1397 kind = nl_attr_get_string(ta[TCA_KIND]);
1398 if (strcmp(kind, "flower")) {
763e120d 1399 VLOG_DBG_ONCE("Unsupported filter: %s", kind);
f98e418f
RD		 1400 return EPROTO;
1401 }
1402
1403 return nl_parse_flower_options(ta[TCA_OPTIONS], flower);
1404}
1405
1406int
093c9458 1407tc_dump_flower_start(int ifindex, struct nl_dump *dump, uint32_t block_id)
f98e418f
RD		 1408{
1409 struct ofpbuf request;
1410 struct tcmsg *tcmsg;
093c9458 1411 int index;
f98e418f 1412
093c9458
JH		 1413 index = block_id ? TCM_IFINDEX_MAGIC_BLOCK : ifindex;
1414 tcmsg = tc_make_request(index, RTM_GETTFILTER, NLM_F_DUMP, &request);
1415 tcmsg->tcm_parent = block_id ? : TC_INGRESS_PARENT;
f98e418f
RD		 1416 tcmsg->tcm_info = TC_H_UNSPEC;
1417 tcmsg->tcm_handle = 0;
1418
1419 nl_dump_start(dump, NETLINK_ROUTE, &request);
1420 ofpbuf_uninit(&request);
1421
1422 return 0;
1423}
1424
1425int
093c9458 1426tc_flush(int ifindex, uint32_t block_id)
f98e418f
RD		 1427{
1428 struct ofpbuf request;
1429 struct tcmsg *tcmsg;
093c9458 1430 int index;
f98e418f 1431
093c9458
JH		 1432 index = block_id ? TCM_IFINDEX_MAGIC_BLOCK : ifindex;
1433 tcmsg = tc_make_request(index, RTM_DELTFILTER, NLM_F_ACK, &request);
1434 tcmsg->tcm_parent = block_id ? : TC_INGRESS_PARENT;
f98e418f
RD		 1435 tcmsg->tcm_info = TC_H_UNSPEC;
1436
1437 return tc_transact(&request, NULL);
1438}
1439
1440int
093c9458 1441tc_del_filter(int ifindex, int prio, int handle, uint32_t block_id)
f98e418f
RD		 1442{
1443 struct ofpbuf request;
1444 struct tcmsg *tcmsg;
1445 struct ofpbuf *reply;
1446 int error;
093c9458 1447 int index;
f98e418f 1448
093c9458
JH		 1449 index = block_id ? TCM_IFINDEX_MAGIC_BLOCK : ifindex;
1450 tcmsg = tc_make_request(index, RTM_DELTFILTER, NLM_F_ECHO, &request);
1451 tcmsg->tcm_parent = block_id ? : TC_INGRESS_PARENT;
f98e418f
RD		 1452 tcmsg->tcm_info = tc_make_handle(prio, 0);
1453 tcmsg->tcm_handle = handle;
1454
1455 error = tc_transact(&request, &reply);
1456 if (!error) {
1457 ofpbuf_delete(reply);
1458 }
1459 return error;
1460}
1461
1462int
093c9458
JH		 1463tc_get_flower(int ifindex, int prio, int handle, struct tc_flower *flower,
1464 uint32_t block_id)
f98e418f
RD		 1465{
1466 struct ofpbuf request;
1467 struct tcmsg *tcmsg;
1468 struct ofpbuf *reply;
1469 int error;
093c9458 1470 int index;
f98e418f 1471
093c9458
JH		 1472 index = block_id ? TCM_IFINDEX_MAGIC_BLOCK : ifindex;
1473 tcmsg = tc_make_request(index, RTM_GETTFILTER, NLM_F_ECHO, &request);
1474 tcmsg->tcm_parent = block_id ? : TC_INGRESS_PARENT;
f98e418f
RD		 1475 tcmsg->tcm_info = tc_make_handle(prio, 0);
1476 tcmsg->tcm_handle = handle;
1477
1478 error = tc_transact(&request, &reply);
1479 if (error) {
1480 return error;
1481 }
1482
1483 error = parse_netlink_to_tc_flower(reply, flower);
1484 ofpbuf_delete(reply);
1485 return error;
1486}
1487
691d20cb
PB		 1488static int
1489tc_get_tc_cls_policy(enum tc_offload_policy policy)
1490{
1491 if (policy == TC_POLICY_SKIP_HW) {
1492 return TCA_CLS_FLAGS_SKIP_HW;
1493 } else if (policy == TC_POLICY_SKIP_SW) {
1494 return TCA_CLS_FLAGS_SKIP_SW;
1495 }
1496
1497 return 0;
1498}
1499
8ada482b
PB		 1500static void
1501nl_msg_put_act_csum(struct ofpbuf *request, uint32_t flags)
1502{
1503 size_t offset;
1504
1505 nl_msg_put_string(request, TCA_ACT_KIND, "csum");
1506 offset = nl_msg_start_nested(request, TCA_ACT_OPTIONS);
1507 {
1508 struct tc_csum parm = { .action = TC_ACT_PIPE,
1509 .update_flags = flags };
1510
1511 nl_msg_put_unspec(request, TCA_CSUM_PARMS, &parm, sizeof parm);
1512 }
1513 nl_msg_end_nested(request, offset);
1514}
1515
1516static void
1517nl_msg_put_act_pedit(struct ofpbuf *request, struct tc_pedit *parm,
1518 struct tc_pedit_key_ex *ex)
1519{
e13bbbab 1520 size_t ksize = sizeof *parm + parm->nkeys * sizeof(struct tc_pedit_key);
8ada482b
PB		 1521 size_t offset, offset_keys_ex, offset_key;
1522 int i;
1523
1524 nl_msg_put_string(request, TCA_ACT_KIND, "pedit");
1525 offset = nl_msg_start_nested(request, TCA_ACT_OPTIONS);
1526 {
1527 parm->action = TC_ACT_PIPE;
1528
1529 nl_msg_put_unspec(request, TCA_PEDIT_PARMS_EX, parm, ksize);
1530 offset_keys_ex = nl_msg_start_nested(request, TCA_PEDIT_KEYS_EX);
1531 for (i = 0; i < parm->nkeys; i++, ex++) {
1532 offset_key = nl_msg_start_nested(request, TCA_PEDIT_KEY_EX);
1533 nl_msg_put_u16(request, TCA_PEDIT_KEY_EX_HTYPE, ex->htype);
1534 nl_msg_put_u16(request, TCA_PEDIT_KEY_EX_CMD, ex->cmd);
1535 nl_msg_end_nested(request, offset_key);
1536 }
1537 nl_msg_end_nested(request, offset_keys_ex);
1538 }
1539 nl_msg_end_nested(request, offset);
1540}
1541
f98e418f 1542static void
10097f3f 1543nl_msg_put_act_push_vlan(struct ofpbuf *request, ovs_be16 tpid,
61e8655c 1544 uint16_t vid, uint8_t prio)
f98e418f
RD		 1545{
1546 size_t offset;
1547
1548 nl_msg_put_string(request, TCA_ACT_KIND, "vlan");
1549 offset = nl_msg_start_nested(request, TCA_ACT_OPTIONS);
1550 {
1551 struct tc_vlan parm = { .action = TC_ACT_PIPE,
1552 .v_action = TCA_VLAN_ACT_PUSH };
1553
1554 nl_msg_put_unspec(request, TCA_VLAN_PARMS, &parm, sizeof parm);
10097f3f 1555 nl_msg_put_be16(request, TCA_VLAN_PUSH_VLAN_PROTOCOL, tpid);
f98e418f
RD		 1556 nl_msg_put_u16(request, TCA_VLAN_PUSH_VLAN_ID, vid);
1557 nl_msg_put_u8(request, TCA_VLAN_PUSH_VLAN_PRIORITY, prio);
1558 }
1559 nl_msg_end_nested(request, offset);
1560}
1561
1562static void
1563nl_msg_put_act_pop_vlan(struct ofpbuf *request)
1564{
1565 size_t offset;
1566
1567 nl_msg_put_string(request, TCA_ACT_KIND, "vlan");
1568 offset = nl_msg_start_nested(request, TCA_ACT_OPTIONS);
1569 {
1570 struct tc_vlan parm = { .action = TC_ACT_PIPE,
1571 .v_action = TCA_VLAN_ACT_POP };
1572
1573 nl_msg_put_unspec(request, TCA_VLAN_PARMS, &parm, sizeof parm);
1574 }
1575 nl_msg_end_nested(request, offset);
1576}
1577
1578static void
1579nl_msg_put_act_tunnel_key_release(struct ofpbuf *request)
1580{
1581 size_t offset;
1582
1583 nl_msg_put_string(request, TCA_ACT_KIND, "tunnel_key");
1584 offset = nl_msg_start_nested(request, TCA_ACT_OPTIONS);
1585 {
1586 struct tc_tunnel_key tun = { .action = TC_ACT_PIPE,
1587 .t_action = TCA_TUNNEL_KEY_ACT_RELEASE };
1588
1589 nl_msg_put_unspec(request, TCA_TUNNEL_KEY_PARMS, &tun, sizeof tun);
1590 }
1591 nl_msg_end_nested(request, offset);
1592}
1593
202469aa
PJV		 1594static void
1595nl_msg_put_act_tunnel_geneve_option(struct ofpbuf *request,
1596 struct tun_metadata tun_metadata)
1597{
1598 const struct geneve_opt *opt;
1599 size_t outer, inner;
1600 int len, cnt = 0;
1601
1602 len = tun_metadata.present.len;
1603 if (!len) {
1604 return;
1605 }
1606
1607 outer = nl_msg_start_nested(request, TCA_TUNNEL_KEY_ENC_OPTS);
1608
1609 while (len) {
1610 opt = &tun_metadata.opts.gnv[cnt];
1611 inner = nl_msg_start_nested(request, TCA_TUNNEL_KEY_ENC_OPTS_GENEVE);
1612
1613 nl_msg_put_be16(request, TCA_TUNNEL_KEY_ENC_OPT_GENEVE_CLASS,
1614 opt->opt_class);
1615 nl_msg_put_u8(request, TCA_TUNNEL_KEY_ENC_OPT_GENEVE_TYPE, opt->type);
1616 nl_msg_put_unspec(request, TCA_TUNNEL_KEY_ENC_OPT_GENEVE_DATA, opt + 1,
1617 opt->length * 4);
1618
1619 cnt += sizeof(struct geneve_opt) / 4 + opt->length;
1620 len -= sizeof(struct geneve_opt) + opt->length * 4;
1621
1622 nl_msg_end_nested(request, inner);
1623 }
1624
1625 nl_msg_end_nested(request, outer);
1626}
1627
f98e418f
RD		 1628static void
1629nl_msg_put_act_tunnel_key_set(struct ofpbuf *request, ovs_be64 id,
202469aa
PJV		 1630 ovs_be32 ipv4_src, ovs_be32 ipv4_dst,
1631 struct in6_addr *ipv6_src,
1632 struct in6_addr *ipv6_dst,
1633 ovs_be16 tp_dst, uint8_t tos, uint8_t ttl,
d9677a1f
EB		 1634 struct tun_metadata tun_metadata,
1635 uint8_t no_csum)
f98e418f
RD		 1636{
1637 size_t offset;
1638
1639 nl_msg_put_string(request, TCA_ACT_KIND, "tunnel_key");
1640 offset = nl_msg_start_nested(request, TCA_ACT_OPTIONS);
1641 {
1642 struct tc_tunnel_key tun = { .action = TC_ACT_PIPE,
1643 .t_action = TCA_TUNNEL_KEY_ACT_SET };
1644
1645 nl_msg_put_unspec(request, TCA_TUNNEL_KEY_PARMS, &tun, sizeof tun);
1646
1647 ovs_be32 id32 = be64_to_be32(id);
1648 nl_msg_put_be32(request, TCA_TUNNEL_KEY_ENC_KEY_ID, id32);
1649 if (ipv4_dst) {
1650 nl_msg_put_be32(request, TCA_TUNNEL_KEY_ENC_IPV4_SRC, ipv4_src);
1651 nl_msg_put_be32(request, TCA_TUNNEL_KEY_ENC_IPV4_DST, ipv4_dst);
1652 } else if (!is_all_zeros(ipv6_dst, sizeof *ipv6_dst)) {
1653 nl_msg_put_in6_addr(request, TCA_TUNNEL_KEY_ENC_IPV6_DST,
1654 ipv6_dst);
1655 nl_msg_put_in6_addr(request, TCA_TUNNEL_KEY_ENC_IPV6_SRC,
1656 ipv6_src);
1657 }
4b12e454
OG		 1658 if (tos) {
1659 nl_msg_put_u8(request, TCA_TUNNEL_KEY_ENC_TOS, tos);
1660 }
1661 if (ttl) {
1662 nl_msg_put_u8(request, TCA_TUNNEL_KEY_ENC_TTL, ttl);
1663 }
f98e418f 1664 nl_msg_put_be16(request, TCA_TUNNEL_KEY_ENC_DST_PORT, tp_dst);
202469aa 1665 nl_msg_put_act_tunnel_geneve_option(request, tun_metadata);
d9677a1f 1666 nl_msg_put_u8(request, TCA_TUNNEL_KEY_NO_CSUM, no_csum);
f98e418f
RD		 1667 }
1668 nl_msg_end_nested(request, offset);
1669}
1670
1671static void
1672nl_msg_put_act_drop(struct ofpbuf *request)
1673{
1674 size_t offset;
1675
1676 nl_msg_put_string(request, TCA_ACT_KIND, "gact");
1677 offset = nl_msg_start_nested(request, TCA_ACT_OPTIONS);
1678 {
1679 struct tc_gact p = { .action = TC_ACT_SHOT };
1680
1681 nl_msg_put_unspec(request, TCA_GACT_PARMS, &p, sizeof p);
1682 }
1683 nl_msg_end_nested(request, offset);
1684}
1685
1686static void
00a0a011
CM		 1687nl_msg_put_act_mirred(struct ofpbuf *request, int ifindex, int action,
1688 int eaction)
f98e418f
RD		 1689{
1690 size_t offset;
1691
1692 nl_msg_put_string(request, TCA_ACT_KIND, "mirred");
1693 offset = nl_msg_start_nested(request, TCA_ACT_OPTIONS);
1694 {
00a0a011
CM		 1695 struct tc_mirred m = { .action = action,
1696 .eaction = eaction,
f98e418f
RD		 1697 .ifindex = ifindex };
1698
1699 nl_msg_put_unspec(request, TCA_MIRRED_PARMS, &m, sizeof m);
1700 }
1701 nl_msg_end_nested(request, offset);
1702}
1703
1704static inline void
1705nl_msg_put_act_cookie(struct ofpbuf *request, struct tc_cookie *ck) {
1706 if (ck->len) {
1707 nl_msg_put_unspec(request, TCA_ACT_COOKIE, ck->data, ck->len);
1708 }
1709}
1710
8ada482b
PB		 1711/* Given flower, a key_to_pedit map entry, calculates the rest,
1712 * where:
1713 *
1714 * mask, data - pointers of where read the first word of flower->key/mask.
1715 * current_offset - which offset to use for the first pedit action.
1716 * cnt - max pedits actions to use.
1717 * first_word_mask/last_word_mask - the mask to use for the first/last read
1718 * (as we read entire words). */
f98e418f 1719static void
8ada482b
PB		 1720calc_offsets(struct tc_flower *flower, struct flower_key_to_pedit *m,
1721 int *cur_offset, int *cnt, uint32_t *last_word_mask,
1722 uint32_t *first_word_mask, uint32_t **mask, uint32_t **data)
1723{
1724 int start_offset, max_offset, total_size;
1725 int diff, right_zero_bits, left_zero_bits;
1726 char *rewrite_key = (void *) &flower->rewrite.key;
1727 char *rewrite_mask = (void *) &flower->rewrite.mask;
1728
1729 max_offset = m->offset + m->size;
1730 start_offset = ROUND_DOWN(m->offset, 4);
1731 diff = m->offset - start_offset;
1732 total_size = max_offset - start_offset;
1733 right_zero_bits = 8 * (4 - (max_offset % 4));
1734 left_zero_bits = 8 * (m->offset - start_offset);
1735
1736 *cur_offset = start_offset;
1737 *cnt = (total_size / 4) + (total_size % 4 ? 1 : 0);
1738 *last_word_mask = UINT32_MAX >> right_zero_bits;
1739 *first_word_mask = UINT32_MAX << left_zero_bits;
1740 *data = (void *) (rewrite_key + m->flower_offset - diff);
1741 *mask = (void *) (rewrite_mask + m->flower_offset - diff);
1742}
1743
d6118e62 1744static inline int
8ada482b
PB		 1745csum_update_flag(struct tc_flower *flower,
1746 enum pedit_header_type htype) {
d6118e62
PB		 1747 /* Explictily specifiy the csum flags so HW can return EOPNOTSUPP
1748 * if it doesn't support a checksum recalculation of some headers.
1749 * And since OVS allows a flow such as
1750 * eth(dst=<mac>),eth_type(0x0800) actions=set(ipv4(src=<new_ip>))
1751 * we need to force a more specific flow as this can, for example,
1752 * need a recalculation of icmp checksum if the packet that passes
d5ac6458 1753 * is ICMPv6 and tcp checksum if its tcp. */
d6118e62
PB		 1754
1755 switch (htype) {
1756 case TCA_PEDIT_KEY_EX_HDR_TYPE_IP4:
8ada482b 1757 flower->csum_update_flags |= TCA_CSUM_UPDATE_FLAG_IPV4HDR;
eeb0ca88 1758 /* Fall through. */
d6118e62
PB		 1759 case TCA_PEDIT_KEY_EX_HDR_TYPE_IP6:
1760 case TCA_PEDIT_KEY_EX_HDR_TYPE_TCP:
1761 case TCA_PEDIT_KEY_EX_HDR_TYPE_UDP:
8ada482b 1762 if (flower->key.ip_proto == IPPROTO_TCP) {
d6118e62 1763 flower->needs_full_ip_proto_mask = true;
8ada482b
PB		 1764 flower->csum_update_flags |= TCA_CSUM_UPDATE_FLAG_TCP;
1765 } else if (flower->key.ip_proto == IPPROTO_UDP) {
d6118e62 1766 flower->needs_full_ip_proto_mask = true;
8ada482b 1767 flower->csum_update_flags |= TCA_CSUM_UPDATE_FLAG_UDP;
d5ac6458
JL		 1768 } else if (flower->key.ip_proto == IPPROTO_ICMP) {
1769 flower->needs_full_ip_proto_mask = true;
1770 } else if (flower->key.ip_proto == IPPROTO_ICMPV6) {
d6118e62 1771 flower->needs_full_ip_proto_mask = true;
8ada482b 1772 flower->csum_update_flags |= TCA_CSUM_UPDATE_FLAG_ICMP;
d6118e62
PB		 1773 } else {
1774 VLOG_WARN_RL(&error_rl,
1775 "can't offload rewrite of IP/IPV6 with ip_proto: %d",
1776 flower->key.ip_proto);
1777 break;
8ada482b 1778 }
eeb0ca88 1779 /* Fall through. */
d6118e62
PB		 1780 case TCA_PEDIT_KEY_EX_HDR_TYPE_ETH:
1781 return 0; /* success */
1782
1783 case TCA_PEDIT_KEY_EX_HDR_TYPE_NETWORK:
1784 case __PEDIT_HDR_TYPE_MAX:
1785 default:
1786 break;
8ada482b 1787 }
d6118e62
PB		 1788
1789 return EOPNOTSUPP;
8ada482b
PB		 1790}
1791
1792static int
1793nl_msg_put_flower_rewrite_pedits(struct ofpbuf *request,
1794 struct tc_flower *flower)
1795{
1796 struct {
1797 struct tc_pedit sel;
1798 struct tc_pedit_key keys[MAX_PEDIT_OFFSETS];
1799 struct tc_pedit_key_ex keys_ex[MAX_PEDIT_OFFSETS];
1800 } sel = {
1801 .sel = {
1802 .nkeys = 0
1803 }
1804 };
d6118e62 1805 int i, j, err;
8ada482b
PB		 1806
1807 for (i = 0; i < ARRAY_SIZE(flower_pedit_map); i++) {
1808 struct flower_key_to_pedit *m = &flower_pedit_map[i];
1809 struct tc_pedit_key *pedit_key = NULL;
1810 struct tc_pedit_key_ex *pedit_key_ex = NULL;
1811 uint32_t *mask, *data, first_word_mask, last_word_mask;
1812 int cnt = 0, cur_offset = 0;
1813
1814 if (!m->size) {
1815 continue;
1816 }
1817
1818 calc_offsets(flower, m, &cur_offset, &cnt, &last_word_mask,
1819 &first_word_mask, &mask, &data);
1820
1821 for (j = 0; j < cnt; j++, mask++, data++, cur_offset += 4) {
1822 uint32_t mask_word = *mask;
1823
1824 if (j == 0) {
1825 mask_word &= first_word_mask;
1826 }
1827 if (j == cnt - 1) {
1828 mask_word &= last_word_mask;
1829 }
1830 if (!mask_word) {
1831 continue;
1832 }
1833 if (sel.sel.nkeys == MAX_PEDIT_OFFSETS) {
1834 VLOG_WARN_RL(&error_rl, "reached too many pedit offsets: %d",
1835 MAX_PEDIT_OFFSETS);
1836 return EOPNOTSUPP;
1837 }
1838
1839 pedit_key = &sel.keys[sel.sel.nkeys];
1840 pedit_key_ex = &sel.keys_ex[sel.sel.nkeys];
1841 pedit_key_ex->cmd = TCA_PEDIT_KEY_EX_CMD_SET;
1842 pedit_key_ex->htype = m->htype;
1843 pedit_key->off = cur_offset;
1844 pedit_key->mask = ~mask_word;
1845 pedit_key->val = *data & mask_word;
1846 sel.sel.nkeys++;
d6118e62
PB		 1847
1848 err = csum_update_flag(flower, m->htype);
1849 if (err) {
1850 return err;
1851 }
1852
1853 if (flower->needs_full_ip_proto_mask) {
1854 flower->mask.ip_proto = UINT8_MAX;
1855 }
8ada482b
PB		 1856 }
1857 }
1858 nl_msg_put_act_pedit(request, &sel.sel, sel.keys_ex);
1859
1860 return 0;
1861}
1862
1863static int
f98e418f
RD		 1864nl_msg_put_flower_acts(struct ofpbuf *request, struct tc_flower *flower)
1865{
1866 size_t offset;
1867 size_t act_offset;
0c70132c
CM		 1868 uint16_t act_index = 1;
1869 struct tc_action *action;
1870 int i, ifindex = 0;
f98e418f
RD		 1871
1872 offset = nl_msg_start_nested(request, TCA_FLOWER_ACT);
1873 {
8ada482b
PB		 1874 int error;
1875
105e8179 1876 if (flower->tunnel) {
8ada482b 1877 act_offset = nl_msg_start_nested(request, act_index++);
0c70132c 1878 nl_msg_put_act_tunnel_key_release(request);
8ada482b 1879 nl_msg_end_nested(request, act_offset);
0c70132c 1880 }
f98e418f 1881
0c70132c
CM		 1882 action = flower->actions;
1883 for (i = 0; i < flower->action_count; i++, action++) {
1884 switch (action->type) {
1885 case TC_ACT_PEDIT: {
a7ce5b85 1886 act_offset = nl_msg_start_nested(request, act_index++);
0c70132c
CM		 1887 error = nl_msg_put_flower_rewrite_pedits(request, flower);
1888 if (error) {
1889 return error;
1890 }
a7ce5b85 1891 nl_msg_end_nested(request, act_offset);
0c70132c
CM		 1892
1893 if (flower->csum_update_flags) {
1894 act_offset = nl_msg_start_nested(request, act_index++);
1895 nl_msg_put_act_csum(request, flower->csum_update_flags);
1896 nl_msg_end_nested(request, act_offset);
1897 }
1898 }
1899 break;
1900 case TC_ACT_ENCAP: {
1901 act_offset = nl_msg_start_nested(request, act_index++);
1902 nl_msg_put_act_tunnel_key_set(request, action->encap.id,
1903 action->encap.ipv4.ipv4_src,
1904 action->encap.ipv4.ipv4_dst,
1905 &action->encap.ipv6.ipv6_src,
1906 &action->encap.ipv6.ipv6_dst,
4b12e454
OG		 1907 action->encap.tp_dst,
1908 action->encap.tos,
202469aa 1909 action->encap.ttl,
d9677a1f
EB		 1910 action->encap.data,
1911 action->encap.no_csum);
0c70132c
CM		 1912 nl_msg_end_nested(request, act_offset);
1913 }
1914 break;
1915 case TC_ACT_VLAN_POP: {
1916 act_offset = nl_msg_start_nested(request, act_index++);
1917 nl_msg_put_act_pop_vlan(request);
1918 nl_msg_end_nested(request, act_offset);
1919 }
1920 break;
1921 case TC_ACT_VLAN_PUSH: {
1922 act_offset = nl_msg_start_nested(request, act_index++);
1923 nl_msg_put_act_push_vlan(request,
61e8655c 1924 action->vlan.vlan_push_tpid,
0c70132c
CM		 1925 action->vlan.vlan_push_id,
1926 action->vlan.vlan_push_prio);
1927 nl_msg_end_nested(request, act_offset);
1928 }
1929 break;
1930 case TC_ACT_OUTPUT: {
1931 ifindex = action->ifindex_out;
1932 if (ifindex < 1) {
1933 VLOG_ERR_RL(&error_rl, "%s: invalid ifindex: %d, type: %d",
1934 __func__, ifindex, action->type);
1935 return EINVAL;
1936 }
1937 act_offset = nl_msg_start_nested(request, act_index++);
00a0a011
CM		 1938 if (i == flower->action_count - 1) {
1939 nl_msg_put_act_mirred(request, ifindex, TC_ACT_STOLEN,
1940 TCA_EGRESS_REDIR);
1941 } else {
1942 nl_msg_put_act_mirred(request, ifindex, TC_ACT_PIPE,
1943 TCA_EGRESS_MIRROR);
1944 }
0c70132c
CM		 1945 nl_msg_put_act_cookie(request, &flower->act_cookie);
1946 nl_msg_end_nested(request, act_offset);
1947 }
1948 break;
a7ce5b85 1949 }
8ada482b 1950 }
0c70132c
CM		 1951 }
1952 if (!ifindex) {
1953 act_offset = nl_msg_start_nested(request, act_index++);
1954 nl_msg_put_act_drop(request);
1955 nl_msg_put_act_cookie(request, &flower->act_cookie);
1956 nl_msg_end_nested(request, act_offset);
f98e418f
RD		 1957 }
1958 nl_msg_end_nested(request, offset);
8ada482b
PB		 1959
1960 return 0;
f98e418f
RD		 1961}
1962
1963static void
1964nl_msg_put_masked_value(struct ofpbuf *request, uint16_t type,
1965 uint16_t mask_type, const void *data,
1966 const void *mask_data, size_t len)
1967{
1968 if (mask_type != TCA_FLOWER_UNSPEC) {
1969 if (is_all_zeros(mask_data, len)) {
1970 return;
1971 }
1972 nl_msg_put_unspec(request, mask_type, mask_data, len);
1973 }
1974 nl_msg_put_unspec(request, type, data, len);
1975}
1976
a468645c
PJV		 1977static void
1978nl_msg_put_flower_tunnel_opts(struct ofpbuf *request, uint16_t type,
1979 struct tun_metadata metadata)
1980{
1981 struct geneve_opt *opt;
1982 size_t outer, inner;
1983 int len, cnt = 0;
1984
1985 len = metadata.present.len;
1986 if (!len) {
1987 return;
1988 }
1989
1990 outer = nl_msg_start_nested(request, type);
1991 while (len) {
1992 opt = &metadata.opts.gnv[cnt];
1993 inner = nl_msg_start_nested(request, TCA_FLOWER_KEY_ENC_OPTS_GENEVE);
1994
1995 nl_msg_put_be16(request, TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS,
1996 opt->opt_class);
1997 nl_msg_put_u8(request, TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE, opt->type);
1998 nl_msg_put_unspec(request, TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA, opt + 1,
1999 opt->length * 4);
2000
2001 cnt += sizeof(struct geneve_opt) / 4 + opt->length;
2002 len -= sizeof(struct geneve_opt) + opt->length * 4;
2003
2004 nl_msg_end_nested(request, inner);
2005 }
2006 nl_msg_end_nested(request, outer);
2007}
2008
f98e418f
RD		 2009static void
2010nl_msg_put_flower_tunnel(struct ofpbuf *request, struct tc_flower *flower)
2011{
105e8179
OG		 2012 ovs_be32 ipv4_src = flower->key.tunnel.ipv4.ipv4_src;
2013 ovs_be32 ipv4_dst = flower->key.tunnel.ipv4.ipv4_dst;
2014 struct in6_addr *ipv6_src = &flower->key.tunnel.ipv6.ipv6_src;
2015 struct in6_addr *ipv6_dst = &flower->key.tunnel.ipv6.ipv6_dst;
2016 ovs_be16 tp_dst = flower->key.tunnel.tp_dst;
2017 ovs_be32 id = be64_to_be32(flower->key.tunnel.id);
2018 uint8_t tos = flower->key.tunnel.tos;
2019 uint8_t ttl = flower->key.tunnel.ttl;
49a7961f
OG		 2020 uint8_t tos_mask = flower->mask.tunnel.tos;
2021 uint8_t ttl_mask = flower->mask.tunnel.ttl;
f98e418f 2022
f98e418f
RD		 2023 if (ipv4_dst) {
2024 nl_msg_put_be32(request, TCA_FLOWER_KEY_ENC_IPV4_SRC, ipv4_src);
2025 nl_msg_put_be32(request, TCA_FLOWER_KEY_ENC_IPV4_DST, ipv4_dst);
2026 } else if (!is_all_zeros(ipv6_dst, sizeof *ipv6_dst)) {
2027 nl_msg_put_in6_addr(request, TCA_FLOWER_KEY_ENC_IPV6_SRC, ipv6_src);
2028 nl_msg_put_in6_addr(request, TCA_FLOWER_KEY_ENC_IPV6_DST, ipv6_dst);
2029 }
49a7961f 2030 if (tos_mask) {
dd83253e 2031 nl_msg_put_u8(request, TCA_FLOWER_KEY_ENC_IP_TOS, tos);
49a7961f 2032 nl_msg_put_u8(request, TCA_FLOWER_KEY_ENC_IP_TOS_MASK, tos_mask);
dd83253e 2033 }
49a7961f 2034 if (ttl_mask) {
dd83253e 2035 nl_msg_put_u8(request, TCA_FLOWER_KEY_ENC_IP_TTL, ttl);
49a7961f 2036 nl_msg_put_u8(request, TCA_FLOWER_KEY_ENC_IP_TTL_MASK, ttl_mask);
dd83253e 2037 }
f98e418f 2038 nl_msg_put_be16(request, TCA_FLOWER_KEY_ENC_UDP_DST_PORT, tp_dst);
dd83253e 2039 nl_msg_put_be32(request, TCA_FLOWER_KEY_ENC_KEY_ID, id);
a468645c
PJV		 2040 nl_msg_put_flower_tunnel_opts(request, TCA_FLOWER_KEY_ENC_OPTS,
2041 flower->key.tunnel.metadata);
2042 nl_msg_put_flower_tunnel_opts(request, TCA_FLOWER_KEY_ENC_OPTS_MASK,
2043 flower->mask.tunnel.metadata);
f98e418f
RD		 2044}
2045
bb170644
PB		 2046#define FLOWER_PUT_MASKED_VALUE(member, type) \
2047 nl_msg_put_masked_value(request, type, type##_MASK, &flower->key.member, \
2048 &flower->mask.member, sizeof flower->key.member)
2049
8ada482b 2050static int
f98e418f
RD		 2051nl_msg_put_flower_options(struct ofpbuf *request, struct tc_flower *flower)
2052{
8ada482b 2053
f98e418f 2054 uint16_t host_eth_type = ntohs(flower->key.eth_type);
b5ad40a9 2055 bool is_vlan = eth_type_vlan(flower->key.eth_type);
f9885dc5 2056 bool is_qinq = is_vlan && eth_type_vlan(flower->key.encap_eth_type[0]);
34b16955 2057 bool is_mpls = eth_type_mpls(flower->key.eth_type);
8ada482b
PB		 2058 int err;
2059
d6118e62
PB		 2060 /* need to parse acts first as some acts require changing the matching
2061 * see csum_update_flag() */
8ada482b
PB		 2062 err = nl_msg_put_flower_acts(request, flower);
2063 if (err) {
2064 return err;
2065 }
f98e418f
RD		 2066
2067 if (is_vlan) {
f9885dc5
JL		 2068 if (is_qinq) {
2069 host_eth_type = ntohs(flower->key.encap_eth_type[1]);
2070 } else {
2071 host_eth_type = ntohs(flower->key.encap_eth_type[0]);
2072 }
f98e418f
RD		 2073 }
2074
34b16955
PJV		 2075 if (is_mpls) {
2076 host_eth_type = ntohs(flower->key.encap_eth_type[0]);
2077 }
2078
bb170644
PB		 2079 FLOWER_PUT_MASKED_VALUE(dst_mac, TCA_FLOWER_KEY_ETH_DST);
2080 FLOWER_PUT_MASKED_VALUE(src_mac, TCA_FLOWER_KEY_ETH_SRC);
f98e418f
RD		 2081
2082 if (host_eth_type == ETH_P_IP || host_eth_type == ETH_P_IPV6) {
b4496fc9 2083 FLOWER_PUT_MASKED_VALUE(ip_ttl, TCA_FLOWER_KEY_IP_TTL);
dfa2ccdb 2084 FLOWER_PUT_MASKED_VALUE(ip_tos, TCA_FLOWER_KEY_IP_TOS);
b4496fc9 2085
f98e418f
RD		 2086 if (flower->mask.ip_proto && flower->key.ip_proto) {
2087 nl_msg_put_u8(request, TCA_FLOWER_KEY_IP_PROTO,
2088 flower->key.ip_proto);
2089 }
2090
83e86606 2091 if (flower->mask.flags) {
7e0f69b5 2092 nl_msg_put_be32(request, TCA_FLOWER_KEY_FLAGS,
83e86606 2093 htonl(flower->key.flags));
7e0f69b5 2094 nl_msg_put_be32(request, TCA_FLOWER_KEY_FLAGS_MASK,
83e86606
RD		 2095 htonl(flower->mask.flags));
2096 }
2097
f98e418f 2098 if (flower->key.ip_proto == IPPROTO_UDP) {
2b1d9fa9
PB		 2099 FLOWER_PUT_MASKED_VALUE(udp_src, TCA_FLOWER_KEY_UDP_SRC);
2100 FLOWER_PUT_MASKED_VALUE(udp_dst, TCA_FLOWER_KEY_UDP_DST);
f98e418f 2101 } else if (flower->key.ip_proto == IPPROTO_TCP) {
2b1d9fa9
PB		 2102 FLOWER_PUT_MASKED_VALUE(tcp_src, TCA_FLOWER_KEY_TCP_SRC);
2103 FLOWER_PUT_MASKED_VALUE(tcp_dst, TCA_FLOWER_KEY_TCP_DST);
cd081043 2104 FLOWER_PUT_MASKED_VALUE(tcp_flags, TCA_FLOWER_KEY_TCP_FLAGS);
4862b4e5 2105 } else if (flower->key.ip_proto == IPPROTO_SCTP) {
2b1d9fa9
PB		 2106 FLOWER_PUT_MASKED_VALUE(sctp_src, TCA_FLOWER_KEY_SCTP_SRC);
2107 FLOWER_PUT_MASKED_VALUE(sctp_dst, TCA_FLOWER_KEY_SCTP_DST);
f98e418f
RD		 2108 }
2109 }
2110
2111 if (host_eth_type == ETH_P_IP) {
bb170644
PB		 2112 FLOWER_PUT_MASKED_VALUE(ipv4.ipv4_src, TCA_FLOWER_KEY_IPV4_SRC);
2113 FLOWER_PUT_MASKED_VALUE(ipv4.ipv4_dst, TCA_FLOWER_KEY_IPV4_DST);
f98e418f 2114 } else if (host_eth_type == ETH_P_IPV6) {
bb170644
PB		 2115 FLOWER_PUT_MASKED_VALUE(ipv6.ipv6_src, TCA_FLOWER_KEY_IPV6_SRC);
2116 FLOWER_PUT_MASKED_VALUE(ipv6.ipv6_dst, TCA_FLOWER_KEY_IPV6_DST);
f98e418f
RD		 2117 }
2118
2119 nl_msg_put_be16(request, TCA_FLOWER_KEY_ETH_TYPE, flower->key.eth_type);
2120
34b16955
PJV		 2121 if (is_mpls) {
2122 if (mpls_lse_to_ttl(flower->mask.mpls_lse)) {
2123 nl_msg_put_u8(request, TCA_FLOWER_KEY_MPLS_TTL,
2124 mpls_lse_to_ttl(flower->key.mpls_lse));
2125 }
2126 if (mpls_lse_to_tc(flower->mask.mpls_lse)) {
2127 nl_msg_put_u8(request, TCA_FLOWER_KEY_MPLS_TC,
2128 mpls_lse_to_tc(flower->key.mpls_lse));
2129 }
2130 if (mpls_lse_to_bos(flower->mask.mpls_lse)) {
2131 nl_msg_put_u8(request, TCA_FLOWER_KEY_MPLS_BOS,
2132 mpls_lse_to_bos(flower->key.mpls_lse));
2133 }
2134 if (mpls_lse_to_label(flower->mask.mpls_lse)) {
2135 nl_msg_put_u32(request, TCA_FLOWER_KEY_MPLS_LABEL,
2136 mpls_lse_to_label(flower->key.mpls_lse));
2137 }
2138 }
2139
f98e418f 2140 if (is_vlan) {
7f02f26c 2141 if (flower->mask.vlan_id[0]) {
f98e418f 2142 nl_msg_put_u16(request, TCA_FLOWER_KEY_VLAN_ID,
f9885dc5 2143 flower->key.vlan_id[0]);
7f02f26c
PJV		 2144 }
2145 if (flower->mask.vlan_prio[0]) {
f98e418f 2146 nl_msg_put_u8(request, TCA_FLOWER_KEY_VLAN_PRIO,
f9885dc5 2147 flower->key.vlan_prio[0]);
f98e418f 2148 }
f9885dc5 2149 if (flower->key.encap_eth_type[0]) {
f98e418f 2150 nl_msg_put_be16(request, TCA_FLOWER_KEY_VLAN_ETH_TYPE,
f9885dc5
JL		 2151 flower->key.encap_eth_type[0]);
2152 }
2153
2154 if (is_qinq) {
7f02f26c 2155 if (flower->mask.vlan_id[1]) {
f9885dc5
JL		 2156 nl_msg_put_u16(request, TCA_FLOWER_KEY_CVLAN_ID,
2157 flower->key.vlan_id[1]);
7f02f26c
PJV		 2158 }
2159 if (flower->mask.vlan_prio[1]) {
f9885dc5
JL		 2160 nl_msg_put_u8(request, TCA_FLOWER_KEY_CVLAN_PRIO,
2161 flower->key.vlan_prio[1]);
2162 }
2163 if (flower->key.encap_eth_type[1]) {
2164 nl_msg_put_be16(request, TCA_FLOWER_KEY_CVLAN_ETH_TYPE,
2165 flower->key.encap_eth_type[1]);
2166 }
f98e418f
RD		 2167 }
2168 }
2169
691d20cb 2170 nl_msg_put_u32(request, TCA_FLOWER_FLAGS, tc_get_tc_cls_policy(tc_policy));
f98e418f 2171
105e8179 2172 if (flower->tunnel) {
f98e418f
RD		 2173 nl_msg_put_flower_tunnel(request, flower);
2174 }
2175
8ada482b 2176 return 0;
f98e418f
RD		 2177}
2178
2179int
2180tc_replace_flower(int ifindex, uint16_t prio, uint32_t handle,
093c9458 2181 struct tc_flower *flower, uint32_t block_id)
f98e418f
RD		 2182{
2183 struct ofpbuf request;
2184 struct tcmsg *tcmsg;
2185 struct ofpbuf *reply;
2186 int error = 0;
2187 size_t basic_offset;
2188 uint16_t eth_type = (OVS_FORCE uint16_t) flower->key.eth_type;
093c9458 2189 int index;
f98e418f 2190
093c9458
JH		 2191 index = block_id ? TCM_IFINDEX_MAGIC_BLOCK : ifindex;
2192 tcmsg = tc_make_request(index, RTM_NEWTFILTER, NLM_F_CREATE | NLM_F_ECHO,
2193 &request);
2194 tcmsg->tcm_parent = block_id ? : TC_INGRESS_PARENT;
f98e418f
RD		 2195 tcmsg->tcm_info = tc_make_handle(prio, eth_type);
2196 tcmsg->tcm_handle = handle;
2197
2198 nl_msg_put_string(&request, TCA_KIND, "flower");
2199 basic_offset = nl_msg_start_nested(&request, TCA_OPTIONS);
2200 {
8ada482b
PB		 2201 error = nl_msg_put_flower_options(&request, flower);
2202
2203 if (error) {
2204 ofpbuf_uninit(&request);
2205 return error;
2206 }
f98e418f
RD		 2207 }
2208 nl_msg_end_nested(&request, basic_offset);
2209
2210 error = tc_transact(&request, &reply);
2211 if (!error) {
2212 struct tcmsg *tc =
2213 ofpbuf_at_assert(reply, NLMSG_HDRLEN, sizeof *tc);
2214
2215 flower->prio = tc_get_major(tc->tcm_info);
2216 flower->handle = tc->tcm_handle;
2217 ofpbuf_delete(reply);
2218 }
2219
2220 return error;
2221}
691d20cb
PB		 2222
2223void
2224tc_set_policy(const char *policy)
2225{
2226 if (!policy) {
2227 return;
2228 }
2229
2230 if (!strcmp(policy, "skip_sw")) {
2231 tc_policy = TC_POLICY_SKIP_SW;
2232 } else if (!strcmp(policy, "skip_hw")) {
2233 tc_policy = TC_POLICY_SKIP_HW;
2234 } else if (!strcmp(policy, "none")) {
2235 tc_policy = TC_POLICY_NONE;
2236 } else {
2237 VLOG_WARN("tc: Invalid policy '%s'", policy);
2238 return;
2239 }
2240
2241 VLOG_INFO("tc: Using policy '%s'", policy);
2242}
openvswitch mirror