]> git.proxmox.com Git - mirror_ubuntu-bionic-kernel.git/blame - net/sched/cls_api.c
projects / mirror_ubuntu-bionic-kernel.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
ipv4: Return EINVAL when ping_group_range sysctl doesn't map to user ns
[mirror_ubuntu-bionic-kernel.git] / net / sched / cls_api.c
CommitLineData
1da177e4
LT		 1/*
2 * net/sched/cls_api.c Packet classifier API.
3 *
4 * This program is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU General Public License
6 * as published by the Free Software Foundation; either version
7 * 2 of the License, or (at your option) any later version.
8 *
9 * Authors: Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru>
10 *
11 * Changes:
12 *
13 * Eduardo J. Blanco <ejbs@netlabs.com.uy> :990222: kmod support
14 *
15 */
16
1da177e4
LT		 17#include <linux/module.h>
18#include <linux/types.h>
19#include <linux/kernel.h>
1da177e4 20#include <linux/string.h>
1da177e4 21#include <linux/errno.h>
33a48927 22#include <linux/err.h>
1da177e4 23#include <linux/skbuff.h>
1da177e4
LT		 24#include <linux/init.h>
25#include <linux/kmod.h>
5a0e3ad6 26#include <linux/slab.h>
b854272b
DL		 27#include <net/net_namespace.h>
28#include <net/sock.h>
dc5fc579 29#include <net/netlink.h>
1da177e4
LT		 30#include <net/pkt_sched.h>
31#include <net/pkt_cls.h>
32
1da177e4 33/* The list of all installed classifier types */
36272874 34static LIST_HEAD(tcf_proto_base);
1da177e4
LT		 35
36/* Protects list of registered TC modules. It is pure SMP lock. */
37static DEFINE_RWLOCK(cls_mod_lock);
38
39/* Find classifier type by string name */
40
33a48927 41static const struct tcf_proto_ops *tcf_proto_lookup_ops(const char *kind)
1da177e4 42{
dcd76081 43 const struct tcf_proto_ops *t, *res = NULL;
1da177e4
LT		 44
45 if (kind) {
46 read_lock(&cls_mod_lock);
36272874 47 list_for_each_entry(t, &tcf_proto_base, head) {
33a48927 48 if (strcmp(kind, t->kind) == 0) {
dcd76081
ED		 49 if (try_module_get(t->owner))
50 res = t;
1da177e4
LT		 51 break;
52 }
53 }
54 read_unlock(&cls_mod_lock);
55 }
dcd76081 56 return res;
1da177e4
LT		 57}
58
59/* Register(unregister) new classifier type */
60
61int register_tcf_proto_ops(struct tcf_proto_ops *ops)
62{
36272874 63 struct tcf_proto_ops *t;
1da177e4
LT		 64 int rc = -EEXIST;
65
66 write_lock(&cls_mod_lock);
36272874 67 list_for_each_entry(t, &tcf_proto_base, head)
1da177e4
LT		 68 if (!strcmp(ops->kind, t->kind))
69 goto out;
70
36272874 71 list_add_tail(&ops->head, &tcf_proto_base);
1da177e4
LT		 72 rc = 0;
73out:
74 write_unlock(&cls_mod_lock);
75 return rc;
76}
aa767bfe 77EXPORT_SYMBOL(register_tcf_proto_ops);
1da177e4 78
7aa0045d
CW		 79static struct workqueue_struct *tc_filter_wq;
80
1da177e4
LT		 81int unregister_tcf_proto_ops(struct tcf_proto_ops *ops)
82{
36272874 83 struct tcf_proto_ops *t;
1da177e4
LT		 84 int rc = -ENOENT;
85
c78e1746
DB		 86 /* Wait for outstanding call_rcu()s, if any, from a
87 * tcf_proto_ops's destroy() handler.
88 */
89 rcu_barrier();
7aa0045d 90 flush_workqueue(tc_filter_wq);
c78e1746 91
1da177e4 92 write_lock(&cls_mod_lock);
dcd76081
ED		 93 list_for_each_entry(t, &tcf_proto_base, head) {
94 if (t == ops) {
95 list_del(&t->head);
96 rc = 0;
1da177e4 97 break;
dcd76081
ED		 98 }
99 }
1da177e4
LT		 100 write_unlock(&cls_mod_lock);
101 return rc;
102}
aa767bfe 103EXPORT_SYMBOL(unregister_tcf_proto_ops);
1da177e4 104
7aa0045d
CW		 105bool tcf_queue_work(struct work_struct *work)
106{
107 return queue_work(tc_filter_wq, work);
108}
109EXPORT_SYMBOL(tcf_queue_work);
110
1da177e4
LT		 111/* Select new prio value from the range, managed by kernel. */
112
aa767bfe 113static inline u32 tcf_auto_prio(struct tcf_proto *tp)
1da177e4 114{
aa767bfe 115 u32 first = TC_H_MAKE(0xC0000000U, 0U);
1da177e4
LT		 116
117 if (tp)
cc7ec456 118 first = tp->prio - 1;
1da177e4 119
7961973a 120 return TC_H_MAJ(first);
1da177e4
LT		 121}
122
33a48927 123static struct tcf_proto *tcf_proto_create(const char *kind, u32 protocol,
6529eaba 124 u32 prio, u32 parent, struct Qdisc *q,
5bc17018 125 struct tcf_chain *chain)
33a48927
JP		 126{
127 struct tcf_proto *tp;
128 int err;
129
130 tp = kzalloc(sizeof(*tp), GFP_KERNEL);
131 if (!tp)
132 return ERR_PTR(-ENOBUFS);
133
134 err = -ENOENT;
135 tp->ops = tcf_proto_lookup_ops(kind);
136 if (!tp->ops) {
137#ifdef CONFIG_MODULES
138 rtnl_unlock();
139 request_module("cls_%s", kind);
140 rtnl_lock();
141 tp->ops = tcf_proto_lookup_ops(kind);
142 /* We dropped the RTNL semaphore in order to perform
143 * the module load. So, even if we succeeded in loading
144 * the module we have to replay the request. We indicate
145 * this using -EAGAIN.
146 */
147 if (tp->ops) {
148 module_put(tp->ops->owner);
149 err = -EAGAIN;
150 } else {
151 err = -ENOENT;
152 }
33a48927 153#endif
86634952 154 goto errout;
33a48927
JP		 155 }
156 tp->classify = tp->ops->classify;
157 tp->protocol = protocol;
158 tp->prio = prio;
159 tp->classid = parent;
160 tp->q = q;
5bc17018 161 tp->chain = chain;
33a48927
JP		 162
163 err = tp->ops->init(tp);
164 if (err) {
165 module_put(tp->ops->owner);
166 goto errout;
167 }
168 return tp;
169
170errout:
171 kfree(tp);
172 return ERR_PTR(err);
173}
174
763dbf63 175static void tcf_proto_destroy(struct tcf_proto *tp)
cf1facda 176{
763dbf63
WC		 177 tp->ops->destroy(tp);
178 module_put(tp->ops->owner);
179 kfree_rcu(tp, rcu);
cf1facda
JP		 180}
181
5bc17018
JP		 182static struct tcf_chain *tcf_chain_create(struct tcf_block *block,
183 u32 chain_index)
2190d1d0 184{
5bc17018
JP		 185 struct tcf_chain *chain;
186
187 chain = kzalloc(sizeof(*chain), GFP_KERNEL);
188 if (!chain)
189 return NULL;
190 list_add_tail(&chain->list, &block->chain_list);
191 chain->block = block;
192 chain->index = chain_index;
e2ef7544 193 chain->refcnt = 1;
5bc17018 194 return chain;
2190d1d0
JP		 195}
196
c7eb7d72
JP		 197static void tcf_chain_head_change(struct tcf_chain *chain,
198 struct tcf_proto *tp_head)
199{
200 if (chain->chain_head_change)
201 chain->chain_head_change(tp_head,
202 chain->chain_head_change_priv);
203}
204
f93e1cdc 205static void tcf_chain_flush(struct tcf_chain *chain)
cf1facda 206{
d7aa04a5 207 struct tcf_proto *tp = rtnl_dereference(chain->filter_chain);
cf1facda 208
c7eb7d72 209 tcf_chain_head_change(chain, NULL);
d7aa04a5 210 while (tp) {
2190d1d0 211 RCU_INIT_POINTER(chain->filter_chain, tp->next);
763dbf63 212 tcf_proto_destroy(tp);
d7aa04a5
RK		 213 tp = rtnl_dereference(chain->filter_chain);
214 tcf_chain_put(chain);
cf1facda 215 }
f93e1cdc
JP		 216}
217
218static void tcf_chain_destroy(struct tcf_chain *chain)
219{
314fab2e
CW		 220 struct tcf_block *block = chain->block;
221
e2ef7544
CW		 222 list_del(&chain->list);
223 kfree(chain);
314fab2e
CW		 224 if (list_empty(&block->chain_list))
225 kfree(block);
e2ef7544 226}
744a4cf6 227
e2ef7544
CW		 228static void tcf_chain_hold(struct tcf_chain *chain)
229{
230 ++chain->refcnt;
2190d1d0
JP		 231}
232
367a8ce8
WC		 233struct tcf_chain *tcf_chain_get(struct tcf_block *block, u32 chain_index,
234 bool create)
5bc17018
JP		 235{
236 struct tcf_chain *chain;
237
238 list_for_each_entry(chain, &block->chain_list, list) {
e2ef7544
CW		 239 if (chain->index == chain_index) {
240 tcf_chain_hold(chain);
241 return chain;
242 }
5bc17018 243 }
80532384 244
e2ef7544 245 return create ? tcf_chain_create(block, chain_index) : NULL;
5bc17018
JP		 246}
247EXPORT_SYMBOL(tcf_chain_get);
248
249void tcf_chain_put(struct tcf_chain *chain)
250{
e2ef7544 251 if (--chain->refcnt == 0)
5bc17018
JP		 252 tcf_chain_destroy(chain);
253}
254EXPORT_SYMBOL(tcf_chain_put);
255
8c4083b3
JP		 256static void tcf_block_offload_cmd(struct tcf_block *block, struct Qdisc *q,
257 struct tcf_block_ext_info *ei,
258 enum tc_block_command command)
259{
260 struct net_device *dev = q->dev_queue->dev;
261 struct tc_block_offload bo = {};
262
44ae12a7 263 if (!dev->netdev_ops->ndo_setup_tc)
8c4083b3
JP		 264 return;
265 bo.command = command;
266 bo.binder_type = ei->binder_type;
267 bo.block = block;
268 dev->netdev_ops->ndo_setup_tc(dev, TC_SETUP_BLOCK, &bo);
269}
270
271static void tcf_block_offload_bind(struct tcf_block *block, struct Qdisc *q,
272 struct tcf_block_ext_info *ei)
273{
274 tcf_block_offload_cmd(block, q, ei, TC_BLOCK_BIND);
275}
276
277static void tcf_block_offload_unbind(struct tcf_block *block, struct Qdisc *q,
278 struct tcf_block_ext_info *ei)
279{
280 tcf_block_offload_cmd(block, q, ei, TC_BLOCK_UNBIND);
281}
282
c7eb7d72 283int tcf_block_get_ext(struct tcf_block **p_block, struct Qdisc *q,
8c4083b3 284 struct tcf_block_ext_info *ei)
6529eaba
JP		 285{
286 struct tcf_block *block = kzalloc(sizeof(*block), GFP_KERNEL);
5bc17018 287 struct tcf_chain *chain;
2190d1d0 288 int err;
6529eaba
JP		 289
290 if (!block)
291 return -ENOMEM;
5bc17018 292 INIT_LIST_HEAD(&block->chain_list);
acb67442
JP		 293 INIT_LIST_HEAD(&block->cb_list);
294
5bc17018
JP		 295 /* Create chain 0 by default, it has to be always present. */
296 chain = tcf_chain_create(block, 0);
297 if (!chain) {
2190d1d0
JP		 298 err = -ENOMEM;
299 goto err_chain_create;
300 }
c7eb7d72
JP		 301 WARN_ON(!ei->chain_head_change);
302 chain->chain_head_change = ei->chain_head_change;
303 chain->chain_head_change_priv = ei->chain_head_change_priv;
855319be 304 block->net = qdisc_net(q);
69d78ef2 305 block->q = q;
8c4083b3 306 tcf_block_offload_bind(block, q, ei);
6529eaba
JP		 307 *p_block = block;
308 return 0;
2190d1d0
JP		 309
310err_chain_create:
311 kfree(block);
312 return err;
6529eaba 313}
8c4083b3
JP		 314EXPORT_SYMBOL(tcf_block_get_ext);
315
c7eb7d72
JP		 316static void tcf_chain_head_change_dflt(struct tcf_proto *tp_head, void *priv)
317{
318 struct tcf_proto __rcu **p_filter_chain = priv;
319
320 rcu_assign_pointer(*p_filter_chain, tp_head);
321}
322
8c4083b3
JP		 323int tcf_block_get(struct tcf_block **p_block,
324 struct tcf_proto __rcu **p_filter_chain, struct Qdisc *q)
325{
c7eb7d72
JP		 326 struct tcf_block_ext_info ei = {
327 .chain_head_change = tcf_chain_head_change_dflt,
328 .chain_head_change_priv = p_filter_chain,
329 };
8c4083b3 330
c7eb7d72
JP		 331 WARN_ON(!p_filter_chain);
332 return tcf_block_get_ext(p_block, q, &ei);
8c4083b3 333}
6529eaba
JP		 334EXPORT_SYMBOL(tcf_block_get);
335
7aa0045d 336/* XXX: Standalone actions are not allowed to jump to any chain, and bound
a60b3f51 337 * actions should be all removed after flushing.
7aa0045d 338 */
c7eb7d72 339void tcf_block_put_ext(struct tcf_block *block, struct Qdisc *q,
e1ea2f98 340 struct tcf_block_ext_info *ei)
7aa0045d 341{
314fab2e 342 struct tcf_chain *chain, *tmp;
1697c4bb 343
343723dd
JP		 344 if (!block)
345 return;
d4556ddf 346 /* Hold a refcnt for all chains, so that they don't disappear
a60b3f51
RK		 347 * while we are iterating.
348 */
349 list_for_each_entry(chain, &block->chain_list, list)
d4556ddf 350 tcf_chain_hold(chain);
a60b3f51
RK		 351
352 list_for_each_entry(chain, &block->chain_list, list)
30d65e8f 353 tcf_chain_flush(chain);
e2ef7544 354
4bb1b116
JP		 355 tcf_block_offload_unbind(block, q, ei);
356
d4556ddf 357 /* At this point, all the chains should have refcnt >= 1. */
314fab2e
CW		 358 list_for_each_entry_safe(chain, tmp, &block->chain_list, list)
359 tcf_chain_put(chain);
d4556ddf
JP		 360
361 /* Finally, put chain 0 and allow block to be freed. */
362 chain = list_first_entry(&block->chain_list, struct tcf_chain, list);
363 tcf_chain_put(chain);
6529eaba 364}
8c4083b3
JP		 365EXPORT_SYMBOL(tcf_block_put_ext);
366
367void tcf_block_put(struct tcf_block *block)
368{
369 struct tcf_block_ext_info ei = {0, };
370
4853f128
JP		 371 if (!block)
372 return;
c7eb7d72 373 tcf_block_put_ext(block, block->q, &ei);
8c4083b3 374}
e1ea2f98 375
6529eaba 376EXPORT_SYMBOL(tcf_block_put);
cf1facda 377
acb67442
JP		 378struct tcf_block_cb {
379 struct list_head list;
380 tc_setup_cb_t *cb;
381 void *cb_ident;
382 void *cb_priv;
383 unsigned int refcnt;
384};
385
386void *tcf_block_cb_priv(struct tcf_block_cb *block_cb)
387{
388 return block_cb->cb_priv;
389}
390EXPORT_SYMBOL(tcf_block_cb_priv);
391
392struct tcf_block_cb *tcf_block_cb_lookup(struct tcf_block *block,
393 tc_setup_cb_t *cb, void *cb_ident)
394{ struct tcf_block_cb *block_cb;
395
396 list_for_each_entry(block_cb, &block->cb_list, list)
397 if (block_cb->cb == cb && block_cb->cb_ident == cb_ident)
398 return block_cb;
399 return NULL;
400}
401EXPORT_SYMBOL(tcf_block_cb_lookup);
402
403void tcf_block_cb_incref(struct tcf_block_cb *block_cb)
404{
405 block_cb->refcnt++;
406}
407EXPORT_SYMBOL(tcf_block_cb_incref);
408
409unsigned int tcf_block_cb_decref(struct tcf_block_cb *block_cb)
410{
411 return --block_cb->refcnt;
412}
413EXPORT_SYMBOL(tcf_block_cb_decref);
414
415struct tcf_block_cb *__tcf_block_cb_register(struct tcf_block *block,
416 tc_setup_cb_t *cb, void *cb_ident,
417 void *cb_priv)
418{
419 struct tcf_block_cb *block_cb;
420
421 block_cb = kzalloc(sizeof(*block_cb), GFP_KERNEL);
422 if (!block_cb)
423 return NULL;
424 block_cb->cb = cb;
425 block_cb->cb_ident = cb_ident;
426 block_cb->cb_priv = cb_priv;
427 list_add(&block_cb->list, &block->cb_list);
428 return block_cb;
429}
430EXPORT_SYMBOL(__tcf_block_cb_register);
431
432int tcf_block_cb_register(struct tcf_block *block,
433 tc_setup_cb_t *cb, void *cb_ident,
434 void *cb_priv)
435{
436 struct tcf_block_cb *block_cb;
437
438 block_cb = __tcf_block_cb_register(block, cb, cb_ident, cb_priv);
439 return block_cb ? 0 : -ENOMEM;
440}
441EXPORT_SYMBOL(tcf_block_cb_register);
442
443void __tcf_block_cb_unregister(struct tcf_block_cb *block_cb)
444{
445 list_del(&block_cb->list);
446 kfree(block_cb);
447}
448EXPORT_SYMBOL(__tcf_block_cb_unregister);
449
450void tcf_block_cb_unregister(struct tcf_block *block,
451 tc_setup_cb_t *cb, void *cb_ident)
452{
453 struct tcf_block_cb *block_cb;
454
455 block_cb = tcf_block_cb_lookup(block, cb, cb_ident);
456 if (!block_cb)
457 return;
458 __tcf_block_cb_unregister(block_cb);
459}
460EXPORT_SYMBOL(tcf_block_cb_unregister);
461
462static int tcf_block_cb_call(struct tcf_block *block, enum tc_setup_type type,
463 void *type_data, bool err_stop)
464{
465 struct tcf_block_cb *block_cb;
466 int ok_count = 0;
467 int err;
468
469 list_for_each_entry(block_cb, &block->cb_list, list) {
470 err = block_cb->cb(type, type_data, block_cb->cb_priv);
471 if (err) {
472 if (err_stop)
473 return err;
474 } else {
475 ok_count++;
476 }
477 }
478 return ok_count;
479}
480
87d83093
JP		 481/* Main classifier routine: scans classifier chain attached
482 * to this qdisc, (optionally) tests for protocol and asks
483 * specific classifiers.
484 */
485int tcf_classify(struct sk_buff *skb, const struct tcf_proto *tp,
486 struct tcf_result *res, bool compat_mode)
487{
488 __be16 protocol = tc_skb_protocol(skb);
489#ifdef CONFIG_NET_CLS_ACT
490 const int max_reclassify_loop = 4;
ee538dce
JP		 491 const struct tcf_proto *orig_tp = tp;
492 const struct tcf_proto *first_tp;
87d83093
JP		 493 int limit = 0;
494
495reclassify:
496#endif
497 for (; tp; tp = rcu_dereference_bh(tp->next)) {
498 int err;
499
500 if (tp->protocol != protocol &&
501 tp->protocol != htons(ETH_P_ALL))
502 continue;
503
504 err = tp->classify(skb, tp, res);
505#ifdef CONFIG_NET_CLS_ACT
db50514f 506 if (unlikely(err == TC_ACT_RECLASSIFY && !compat_mode)) {
ee538dce 507 first_tp = orig_tp;
87d83093 508 goto reset;
db50514f 509 } else if (unlikely(TC_ACT_EXT_CMP(err, TC_ACT_GOTO_CHAIN))) {
ee538dce 510 first_tp = res->goto_tp;
db50514f
JP		 511 goto reset;
512 }
87d83093
JP		 513#endif
514 if (err >= 0)
515 return err;
516 }
517
518 return TC_ACT_UNSPEC; /* signal: continue lookup */
519#ifdef CONFIG_NET_CLS_ACT
520reset:
521 if (unlikely(limit++ >= max_reclassify_loop)) {
522 net_notice_ratelimited("%s: reclassify loop, rule prio %u, protocol %02x\n",
523 tp->q->ops->id, tp->prio & 0xffff,
524 ntohs(tp->protocol));
525 return TC_ACT_SHOT;
526 }
527
ee538dce 528 tp = first_tp;
87d83093
JP		 529 protocol = tc_skb_protocol(skb);
530 goto reclassify;
531#endif
532}
533EXPORT_SYMBOL(tcf_classify);
534
2190d1d0
JP		 535struct tcf_chain_info {
536 struct tcf_proto __rcu **pprev;
537 struct tcf_proto __rcu *next;
538};
539
540static struct tcf_proto *tcf_chain_tp_prev(struct tcf_chain_info *chain_info)
541{
542 return rtnl_dereference(*chain_info->pprev);
543}
544
545static void tcf_chain_tp_insert(struct tcf_chain *chain,
546 struct tcf_chain_info *chain_info,
547 struct tcf_proto *tp)
548{
c7eb7d72
JP		 549 if (*chain_info->pprev == chain->filter_chain)
550 tcf_chain_head_change(chain, tp);
2190d1d0
JP		 551 RCU_INIT_POINTER(tp->next, tcf_chain_tp_prev(chain_info));
552 rcu_assign_pointer(*chain_info->pprev, tp);
e2ef7544 553 tcf_chain_hold(chain);
2190d1d0
JP		 554}
555
556static void tcf_chain_tp_remove(struct tcf_chain *chain,
557 struct tcf_chain_info *chain_info,
558 struct tcf_proto *tp)
559{
560 struct tcf_proto *next = rtnl_dereference(chain_info->next);
561
c7eb7d72
JP		 562 if (tp == chain->filter_chain)
563 tcf_chain_head_change(chain, next);
2190d1d0 564 RCU_INIT_POINTER(*chain_info->pprev, next);
e2ef7544 565 tcf_chain_put(chain);
2190d1d0
JP		 566}
567
568static struct tcf_proto *tcf_chain_tp_find(struct tcf_chain *chain,
569 struct tcf_chain_info *chain_info,
570 u32 protocol, u32 prio,
571 bool prio_allocate)
572{
573 struct tcf_proto **pprev;
574 struct tcf_proto *tp;
575
576 /* Check the chain for existence of proto-tcf with this priority */
577 for (pprev = &chain->filter_chain;
578 (tp = rtnl_dereference(*pprev)); pprev = &tp->next) {
579 if (tp->prio >= prio) {
580 if (tp->prio == prio) {
581 if (prio_allocate ||
582 (tp->protocol != protocol && protocol))
583 return ERR_PTR(-EINVAL);
584 } else {
585 tp = NULL;
586 }
587 break;
588 }
589 }
590 chain_info->pprev = pprev;
591 chain_info->next = tp ? tp->next : NULL;
592 return tp;
593}
594
7120371c 595static int tcf_fill_node(struct net *net, struct sk_buff *skb,
a10fa201
JP		 596 struct tcf_proto *tp, struct Qdisc *q, u32 parent,
597 void *fh, u32 portid, u32 seq, u16 flags, int event)
7120371c
WC		 598{
599 struct tcmsg *tcm;
600 struct nlmsghdr *nlh;
601 unsigned char *b = skb_tail_pointer(skb);
602
603 nlh = nlmsg_put(skb, portid, seq, event, sizeof(*tcm), flags);
604 if (!nlh)
605 goto out_nlmsg_trim;
606 tcm = nlmsg_data(nlh);
607 tcm->tcm_family = AF_UNSPEC;
608 tcm->tcm__pad1 = 0;
609 tcm->tcm__pad2 = 0;
a10fa201
JP		 610 tcm->tcm_ifindex = qdisc_dev(q)->ifindex;
611 tcm->tcm_parent = parent;
7120371c
WC		 612 tcm->tcm_info = TC_H_MAKE(tp->prio, tp->protocol);
613 if (nla_put_string(skb, TCA_KIND, tp->ops->kind))
614 goto nla_put_failure;
615 if (nla_put_u32(skb, TCA_CHAIN, tp->chain->index))
616 goto nla_put_failure;
617 if (!fh) {
618 tcm->tcm_handle = 0;
619 } else {
620 if (tp->ops->dump && tp->ops->dump(net, tp, fh, skb, tcm) < 0)
621 goto nla_put_failure;
622 }
623 nlh->nlmsg_len = skb_tail_pointer(skb) - b;
624 return skb->len;
625
626out_nlmsg_trim:
627nla_put_failure:
628 nlmsg_trim(skb, b);
629 return -1;
630}
631
632static int tfilter_notify(struct net *net, struct sk_buff *oskb,
633 struct nlmsghdr *n, struct tcf_proto *tp,
a10fa201 634 struct Qdisc *q, u32 parent,
7120371c
WC		 635 void *fh, int event, bool unicast)
636{
637 struct sk_buff *skb;
638 u32 portid = oskb ? NETLINK_CB(oskb).portid : 0;
639
640 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL);
641 if (!skb)
642 return -ENOBUFS;
643
a10fa201 644 if (tcf_fill_node(net, skb, tp, q, parent, fh, portid, n->nlmsg_seq,
7120371c
WC		 645 n->nlmsg_flags, event) <= 0) {
646 kfree_skb(skb);
647 return -EINVAL;
648 }
649
650 if (unicast)
651 return netlink_unicast(net->rtnl, skb, portid, MSG_DONTWAIT);
652
653 return rtnetlink_send(skb, net, portid, RTNLGRP_TC,
654 n->nlmsg_flags & NLM_F_ECHO);
655}
656
657static int tfilter_del_notify(struct net *net, struct sk_buff *oskb,
658 struct nlmsghdr *n, struct tcf_proto *tp,
a10fa201 659 struct Qdisc *q, u32 parent,
7120371c
WC		 660 void *fh, bool unicast, bool *last)
661{
662 struct sk_buff *skb;
663 u32 portid = oskb ? NETLINK_CB(oskb).portid : 0;
664 int err;
665
666 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL);
667 if (!skb)
668 return -ENOBUFS;
669
a10fa201 670 if (tcf_fill_node(net, skb, tp, q, parent, fh, portid, n->nlmsg_seq,
7120371c
WC		 671 n->nlmsg_flags, RTM_DELTFILTER) <= 0) {
672 kfree_skb(skb);
673 return -EINVAL;
674 }
675
676 err = tp->ops->delete(tp, fh, last);
677 if (err) {
678 kfree_skb(skb);
679 return err;
680 }
681
682 if (unicast)
683 return netlink_unicast(net->rtnl, skb, portid, MSG_DONTWAIT);
684
685 return rtnetlink_send(skb, net, portid, RTNLGRP_TC,
686 n->nlmsg_flags & NLM_F_ECHO);
687}
688
689static void tfilter_notify_chain(struct net *net, struct sk_buff *oskb,
a10fa201 690 struct Qdisc *q, u32 parent,
7120371c
WC		 691 struct nlmsghdr *n,
692 struct tcf_chain *chain, int event)
693{
694 struct tcf_proto *tp;
695
696 for (tp = rtnl_dereference(chain->filter_chain);
697 tp; tp = rtnl_dereference(tp->next))
a10fa201 698 tfilter_notify(net, oskb, n, tp, q, parent, 0, event, false);
7120371c
WC		 699}
700
1da177e4
LT		 701/* Add/change/delete/get a filter node */
702
c21ef3e3
DA		 703static int tc_ctl_tfilter(struct sk_buff *skb, struct nlmsghdr *n,
704 struct netlink_ext_ack *extack)
1da177e4 705{
3b1e0a65 706 struct net *net = sock_net(skb->sk);
add93b61 707 struct nlattr *tca[TCA_MAX + 1];
1da177e4
LT		 708 struct tcmsg *t;
709 u32 protocol;
710 u32 prio;
9d36d9e5 711 bool prio_allocate;
1da177e4 712 u32 parent;
5bc17018 713 u32 chain_index;
1da177e4
LT		 714 struct net_device *dev;
715 struct Qdisc *q;
2190d1d0 716 struct tcf_chain_info chain_info;
5bc17018 717 struct tcf_chain *chain = NULL;
6529eaba 718 struct tcf_block *block;
1da177e4 719 struct tcf_proto *tp;
20fea08b 720 const struct Qdisc_class_ops *cops;
1da177e4 721 unsigned long cl;
8113c095 722 void *fh;
1da177e4 723 int err;
628185cf 724 int tp_created;
1da177e4 725
4e8bbb81 726 if ((n->nlmsg_type != RTM_GETTFILTER) &&
5f013c9b 727 !netlink_ns_capable(skb, net->user_ns, CAP_NET_ADMIN))
dfc47ef8 728 return -EPERM;
de179c8c 729
1da177e4 730replay:
628185cf
DB		 731 tp_created = 0;
732
c21ef3e3 733 err = nlmsg_parse(n, sizeof(*t), tca, TCA_MAX, NULL, extack);
de179c8c
H		 734 if (err < 0)
735 return err;
736
942b8165 737 t = nlmsg_data(n);
1da177e4
LT		 738 protocol = TC_H_MIN(t->tcm_info);
739 prio = TC_H_MAJ(t->tcm_info);
9d36d9e5 740 prio_allocate = false;
1da177e4
LT		 741 parent = t->tcm_parent;
742 cl = 0;
743
744 if (prio == 0) {
ea7f8277
DB		 745 switch (n->nlmsg_type) {
746 case RTM_DELTFILTER:
9f6ed032 747 if (protocol || t->tcm_handle || tca[TCA_KIND])
ea7f8277
DB		 748 return -ENOENT;
749 break;
750 case RTM_NEWTFILTER:
751 /* If no priority is provided by the user,
752 * we allocate one.
753 */
754 if (n->nlmsg_flags & NLM_F_CREATE) {
755 prio = TC_H_MAKE(0x80000000U, 0U);
9d36d9e5 756 prio_allocate = true;
ea7f8277
DB		 757 break;
758 }
759 /* fall-through */
760 default:
1da177e4 761 return -ENOENT;
ea7f8277 762 }
1da177e4
LT		 763 }
764
765 /* Find head of filter chain. */
766
767 /* Find link */
7316ae88 768 dev = __dev_get_by_index(net, t->tcm_ifindex);
aa767bfe 769 if (dev == NULL)
1da177e4
LT		 770 return -ENODEV;
771
772 /* Find qdisc */
773 if (!parent) {
af356afa 774 q = dev->qdisc;
1da177e4 775 parent = q->handle;
aa767bfe
SH		 776 } else {
777 q = qdisc_lookup(dev, TC_H_MAJ(t->tcm_parent));
778 if (q == NULL)
779 return -EINVAL;
780 }
1da177e4
LT		 781
782 /* Is it classful? */
cc7ec456
ED		 783 cops = q->ops->cl_ops;
784 if (!cops)
1da177e4
LT		 785 return -EINVAL;
786
6529eaba 787 if (!cops->tcf_block)
71ebe5e9
PM		 788 return -EOPNOTSUPP;
789
1da177e4
LT		 790 /* Do we search for filter, attached to class? */
791 if (TC_H_MIN(parent)) {
143976ce 792 cl = cops->find(q, parent);
1da177e4
LT		 793 if (cl == 0)
794 return -ENOENT;
795 }
796
797 /* And the last stroke */
6529eaba
JP		 798 block = cops->tcf_block(q, cl);
799 if (!block) {
6bb16e7a 800 err = -EINVAL;
1da177e4 801 goto errout;
6bb16e7a 802 }
5bc17018
JP		 803
804 chain_index = tca[TCA_CHAIN] ? nla_get_u32(tca[TCA_CHAIN]) : 0;
805 if (chain_index > TC_ACT_EXT_VAL_MASK) {
806 err = -EINVAL;
807 goto errout;
808 }
367a8ce8
WC		 809 chain = tcf_chain_get(block, chain_index,
810 n->nlmsg_type == RTM_NEWTFILTER);
5bc17018 811 if (!chain) {
367a8ce8 812 err = n->nlmsg_type == RTM_NEWTFILTER ? -ENOMEM : -EINVAL;
5bc17018
JP		 813 goto errout;
814 }
6529eaba 815
ea7f8277 816 if (n->nlmsg_type == RTM_DELTFILTER && prio == 0) {
a10fa201
JP		 817 tfilter_notify_chain(net, skb, q, parent, n,
818 chain, RTM_DELTFILTER);
f93e1cdc 819 tcf_chain_flush(chain);
ea7f8277
DB		 820 err = 0;
821 goto errout;
822 }
1da177e4 823
2190d1d0
JP		 824 tp = tcf_chain_tp_find(chain, &chain_info, protocol,
825 prio, prio_allocate);
826 if (IS_ERR(tp)) {
827 err = PTR_ERR(tp);
828 goto errout;
1da177e4
LT		 829 }
830
831 if (tp == NULL) {
832 /* Proto-tcf does not exist, create new one */
833
6bb16e7a
JP		 834 if (tca[TCA_KIND] == NULL || !protocol) {
835 err = -EINVAL;
1da177e4 836 goto errout;
6bb16e7a 837 }
1da177e4 838
cc7ec456 839 if (n->nlmsg_type != RTM_NEWTFILTER ||
6bb16e7a
JP		 840 !(n->nlmsg_flags & NLM_F_CREATE)) {
841 err = -ENOENT;
1da177e4 842 goto errout;
6bb16e7a 843 }
1da177e4 844
9d36d9e5 845 if (prio_allocate)
2190d1d0 846 prio = tcf_auto_prio(tcf_chain_tp_prev(&chain_info));
1da177e4 847
33a48927 848 tp = tcf_proto_create(nla_data(tca[TCA_KIND]),
5bc17018 849 protocol, prio, parent, q, chain);
33a48927
JP		 850 if (IS_ERR(tp)) {
851 err = PTR_ERR(tp);
1da177e4
LT		 852 goto errout;
853 }
12186be7 854 tp_created = 1;
6bb16e7a
JP		 855 } else if (tca[TCA_KIND] && nla_strcmp(tca[TCA_KIND], tp->ops->kind)) {
856 err = -EINVAL;
1da177e4 857 goto errout;
6bb16e7a 858 }
1da177e4
LT		 859
860 fh = tp->ops->get(tp, t->tcm_handle);
861
8113c095 862 if (!fh) {
1da177e4 863 if (n->nlmsg_type == RTM_DELTFILTER && t->tcm_handle == 0) {
2190d1d0 864 tcf_chain_tp_remove(chain, &chain_info, tp);
a10fa201 865 tfilter_notify(net, skb, n, tp, q, parent, fh,
fa59b27c 866 RTM_DELTFILTER, false);
763dbf63 867 tcf_proto_destroy(tp);
1da177e4
LT		 868 err = 0;
869 goto errout;
870 }
871
aa767bfe 872 if (n->nlmsg_type != RTM_NEWTFILTER ||
6bb16e7a
JP		 873 !(n->nlmsg_flags & NLM_F_CREATE)) {
874 err = -ENOENT;
1da177e4 875 goto errout;
6bb16e7a 876 }
1da177e4 877 } else {
763dbf63
WC		 878 bool last;
879
1da177e4 880 switch (n->nlmsg_type) {
10297b99 881 case RTM_NEWTFILTER:
12186be7
MU		 882 if (n->nlmsg_flags & NLM_F_EXCL) {
883 if (tp_created)
763dbf63 884 tcf_proto_destroy(tp);
6bb16e7a 885 err = -EEXIST;
1da177e4 886 goto errout;
12186be7 887 }
1da177e4
LT		 888 break;
889 case RTM_DELTFILTER:
a10fa201
JP		 890 err = tfilter_del_notify(net, skb, n, tp, q, parent,
891 fh, false, &last);
40c81b25
JP		 892 if (err)
893 goto errout;
763dbf63 894 if (last) {
2190d1d0 895 tcf_chain_tp_remove(chain, &chain_info, tp);
763dbf63
WC		 896 tcf_proto_destroy(tp);
897 }
d7cf52c2 898 goto errout;
1da177e4 899 case RTM_GETTFILTER:
a10fa201 900 err = tfilter_notify(net, skb, n, tp, q, parent, fh,
fa59b27c 901 RTM_NEWTFILTER, true);
1da177e4
LT		 902 goto errout;
903 default:
904 err = -EINVAL;
905 goto errout;
906 }
907 }
908
2f7ef2f8
CW		 909 err = tp->ops->change(net, skb, tp, cl, t->tcm_handle, tca, &fh,
910 n->nlmsg_flags & NLM_F_CREATE ? TCA_ACT_NOREPLACE : TCA_ACT_REPLACE);
12186be7 911 if (err == 0) {
2190d1d0
JP		 912 if (tp_created)
913 tcf_chain_tp_insert(chain, &chain_info, tp);
a10fa201
JP		 914 tfilter_notify(net, skb, n, tp, q, parent, fh,
915 RTM_NEWTFILTER, false);
12186be7
MU		 916 } else {
917 if (tp_created)
763dbf63 918 tcf_proto_destroy(tp);
12186be7 919 }
1da177e4
LT		 920
921errout:
5bc17018
JP		 922 if (chain)
923 tcf_chain_put(chain);
1da177e4
LT		 924 if (err == -EAGAIN)
925 /* Replay the request. */
926 goto replay;
927 return err;
928}
929
aa767bfe 930struct tcf_dump_args {
1da177e4
LT		 931 struct tcf_walker w;
932 struct sk_buff *skb;
933 struct netlink_callback *cb;
a10fa201
JP		 934 struct Qdisc *q;
935 u32 parent;
1da177e4
LT		 936};
937
8113c095 938static int tcf_node_dump(struct tcf_proto *tp, void *n, struct tcf_walker *arg)
1da177e4 939{
aa767bfe 940 struct tcf_dump_args *a = (void *)arg;
832d1d5b 941 struct net *net = sock_net(a->skb->sk);
1da177e4 942
a10fa201
JP		 943 return tcf_fill_node(net, a->skb, tp, a->q, a->parent,
944 n, NETLINK_CB(a->cb->skb).portid,
5a7a5555
JHS		 945 a->cb->nlh->nlmsg_seq, NLM_F_MULTI,
946 RTM_NEWTFILTER);
1da177e4
LT		 947}
948
a10fa201
JP		 949static bool tcf_chain_dump(struct tcf_chain *chain, struct Qdisc *q, u32 parent,
950 struct sk_buff *skb, struct netlink_callback *cb,
acb31fae
JP		 951 long index_start, long *p_index)
952{
953 struct net *net = sock_net(skb->sk);
954 struct tcmsg *tcm = nlmsg_data(cb->nlh);
955 struct tcf_dump_args arg;
956 struct tcf_proto *tp;
957
958 for (tp = rtnl_dereference(chain->filter_chain);
959 tp; tp = rtnl_dereference(tp->next), (*p_index)++) {
960 if (*p_index < index_start)
961 continue;
962 if (TC_H_MAJ(tcm->tcm_info) &&
963 TC_H_MAJ(tcm->tcm_info) != tp->prio)
964 continue;
965 if (TC_H_MIN(tcm->tcm_info) &&
966 TC_H_MIN(tcm->tcm_info) != tp->protocol)
967 continue;
968 if (*p_index > index_start)
969 memset(&cb->args[1], 0,
970 sizeof(cb->args) - sizeof(cb->args[0]));
971 if (cb->args[1] == 0) {
a10fa201 972 if (tcf_fill_node(net, skb, tp, q, parent, 0,
acb31fae
JP		 973 NETLINK_CB(cb->skb).portid,
974 cb->nlh->nlmsg_seq, NLM_F_MULTI,
975 RTM_NEWTFILTER) <= 0)
5bc17018 976 return false;
acb31fae
JP		 977
978 cb->args[1] = 1;
979 }
980 if (!tp->ops->walk)
981 continue;
982 arg.w.fn = tcf_node_dump;
983 arg.skb = skb;
984 arg.cb = cb;
a10fa201
JP		 985 arg.q = q;
986 arg.parent = parent;
acb31fae
JP		 987 arg.w.stop = 0;
988 arg.w.skip = cb->args[1] - 1;
989 arg.w.count = 0;
990 tp->ops->walk(tp, &arg.w);
991 cb->args[1] = arg.w.count + 1;
992 if (arg.w.stop)
5bc17018 993 return false;
acb31fae 994 }
5bc17018 995 return true;
acb31fae
JP		 996}
997
bd27a875 998/* called with RTNL */
1da177e4
LT		 999static int tc_dump_tfilter(struct sk_buff *skb, struct netlink_callback *cb)
1000{
3b1e0a65 1001 struct net *net = sock_net(skb->sk);
5bc17018 1002 struct nlattr *tca[TCA_MAX + 1];
1da177e4
LT		 1003 struct net_device *dev;
1004 struct Qdisc *q;
6529eaba 1005 struct tcf_block *block;
2190d1d0 1006 struct tcf_chain *chain;
942b8165 1007 struct tcmsg *tcm = nlmsg_data(cb->nlh);
1da177e4 1008 unsigned long cl = 0;
20fea08b 1009 const struct Qdisc_class_ops *cops;
acb31fae
JP		 1010 long index_start;
1011 long index;
a10fa201 1012 u32 parent;
5bc17018 1013 int err;
1da177e4 1014
573ce260 1015 if (nlmsg_len(cb->nlh) < sizeof(*tcm))
1da177e4 1016 return skb->len;
5bc17018
JP		 1017
1018 err = nlmsg_parse(cb->nlh, sizeof(*tcm), tca, TCA_MAX, NULL, NULL);
1019 if (err)
1020 return err;
1021
cc7ec456
ED		 1022 dev = __dev_get_by_index(net, tcm->tcm_ifindex);
1023 if (!dev)
1da177e4
LT		 1024 return skb->len;
1025
a10fa201
JP		 1026 parent = tcm->tcm_parent;
1027 if (!parent) {
af356afa 1028 q = dev->qdisc;
a10fa201
JP		 1029 parent = q->handle;
1030 } else {
1da177e4 1031 q = qdisc_lookup(dev, TC_H_MAJ(tcm->tcm_parent));
a10fa201 1032 }
1da177e4
LT		 1033 if (!q)
1034 goto out;
cc7ec456
ED		 1035 cops = q->ops->cl_ops;
1036 if (!cops)
143976ce 1037 goto out;
6529eaba 1038 if (!cops->tcf_block)
143976ce 1039 goto out;
1da177e4 1040 if (TC_H_MIN(tcm->tcm_parent)) {
143976ce 1041 cl = cops->find(q, tcm->tcm_parent);
1da177e4 1042 if (cl == 0)
143976ce 1043 goto out;
1da177e4 1044 }
6529eaba
JP		 1045 block = cops->tcf_block(q, cl);
1046 if (!block)
143976ce 1047 goto out;
1da177e4 1048
acb31fae
JP		 1049 index_start = cb->args[0];
1050 index = 0;
5bc17018
JP		 1051
1052 list_for_each_entry(chain, &block->chain_list, list) {
1053 if (tca[TCA_CHAIN] &&
1054 nla_get_u32(tca[TCA_CHAIN]) != chain->index)
1055 continue;
a10fa201 1056 if (!tcf_chain_dump(chain, q, parent, skb, cb,
4c7dcb53
RK		 1057 index_start, &index)) {
1058 err = -EMSGSIZE;
5bc17018 1059 break;
4c7dcb53 1060 }
5bc17018
JP		 1061 }
1062
acb31fae 1063 cb->args[0] = index;
1da177e4 1064
1da177e4 1065out:
4c7dcb53
RK		 1066 /* If we did no progress, the error (EMSGSIZE) is real */
1067 if (skb->len == 0 && err)
1068 return err;
1da177e4
LT		 1069 return skb->len;
1070}
1071
18d0264f 1072void tcf_exts_destroy(struct tcf_exts *exts)
1da177e4
LT		 1073{
1074#ifdef CONFIG_NET_CLS_ACT
22dc13c8
WC		 1075 LIST_HEAD(actions);
1076
2d132eba 1077 ASSERT_RTNL();
22dc13c8
WC		 1078 tcf_exts_to_list(exts, &actions);
1079 tcf_action_destroy(&actions, TCA_ACT_UNBIND);
1080 kfree(exts->actions);
1081 exts->nr_actions = 0;
1da177e4
LT		 1082#endif
1083}
aa767bfe 1084EXPORT_SYMBOL(tcf_exts_destroy);
1da177e4 1085
c1b52739 1086int tcf_exts_validate(struct net *net, struct tcf_proto *tp, struct nlattr **tb,
5a7a5555 1087 struct nlattr *rate_tlv, struct tcf_exts *exts, bool ovr)
1da177e4 1088{
1da177e4
LT		 1089#ifdef CONFIG_NET_CLS_ACT
1090 {
1da177e4
LT		 1091 struct tc_action *act;
1092
5da57f42 1093 if (exts->police && tb[exts->police]) {
9fb9f251
JP		 1094 act = tcf_action_init_1(net, tp, tb[exts->police],
1095 rate_tlv, "police", ovr,
1096 TCA_ACT_BIND);
ab27cfb8
PM		 1097 if (IS_ERR(act))
1098 return PTR_ERR(act);
1da177e4 1099
33be6271 1100 act->type = exts->type = TCA_OLD_COMPAT;
22dc13c8
WC		 1101 exts->actions[0] = act;
1102 exts->nr_actions = 1;
5da57f42 1103 } else if (exts->action && tb[exts->action]) {
22dc13c8
WC		 1104 LIST_HEAD(actions);
1105 int err, i = 0;
1106
9fb9f251
JP		 1107 err = tcf_action_init(net, tp, tb[exts->action],
1108 rate_tlv, NULL, ovr, TCA_ACT_BIND,
5a7a5555 1109 &actions);
33be6271
WC		 1110 if (err)
1111 return err;
22dc13c8
WC		 1112 list_for_each_entry(act, &actions, list)
1113 exts->actions[i++] = act;
1114 exts->nr_actions = i;
1da177e4 1115 }
e4b95c41 1116 exts->net = net;
1da177e4 1117 }
1da177e4 1118#else
5da57f42
WC		 1119 if ((exts->action && tb[exts->action]) ||
1120 (exts->police && tb[exts->police]))
1da177e4
LT		 1121 return -EOPNOTSUPP;
1122#endif
1123
1124 return 0;
1125}
aa767bfe 1126EXPORT_SYMBOL(tcf_exts_validate);
1da177e4 1127
9b0d4446 1128void tcf_exts_change(struct tcf_exts *dst, struct tcf_exts *src)
1da177e4
LT		 1129{
1130#ifdef CONFIG_NET_CLS_ACT
22dc13c8
WC		 1131 struct tcf_exts old = *dst;
1132
9b0d4446 1133 *dst = *src;
22dc13c8 1134 tcf_exts_destroy(&old);
1da177e4
LT		 1135#endif
1136}
aa767bfe 1137EXPORT_SYMBOL(tcf_exts_change);
1da177e4 1138
22dc13c8
WC		 1139#ifdef CONFIG_NET_CLS_ACT
1140static struct tc_action *tcf_exts_first_act(struct tcf_exts *exts)
1141{
1142 if (exts->nr_actions == 0)
1143 return NULL;
1144 else
1145 return exts->actions[0];
1146}
1147#endif
33be6271 1148
5da57f42 1149int tcf_exts_dump(struct sk_buff *skb, struct tcf_exts *exts)
1da177e4
LT		 1150{
1151#ifdef CONFIG_NET_CLS_ACT
9cc63db5
CW		 1152 struct nlattr *nest;
1153
978dfd8d 1154 if (exts->action && tcf_exts_has_actions(exts)) {
1da177e4
LT		 1155 /*
1156 * again for backward compatible mode - we want
1157 * to work with both old and new modes of entering
1158 * tc data even if iproute2 was newer - jhs
1159 */
33be6271 1160 if (exts->type != TCA_OLD_COMPAT) {
22dc13c8
WC		 1161 LIST_HEAD(actions);
1162
5da57f42 1163 nest = nla_nest_start(skb, exts->action);
4b3550ef
PM		 1164 if (nest == NULL)
1165 goto nla_put_failure;
22dc13c8
WC		 1166
1167 tcf_exts_to_list(exts, &actions);
1168 if (tcf_action_dump(skb, &actions, 0, 0) < 0)
add93b61 1169 goto nla_put_failure;
4b3550ef 1170 nla_nest_end(skb, nest);
5da57f42 1171 } else if (exts->police) {
33be6271 1172 struct tc_action *act = tcf_exts_first_act(exts);
5da57f42 1173 nest = nla_nest_start(skb, exts->police);
63acd680 1174 if (nest == NULL || !act)
4b3550ef 1175 goto nla_put_failure;
33be6271 1176 if (tcf_action_dump_old(skb, act, 0, 0) < 0)
add93b61 1177 goto nla_put_failure;
4b3550ef 1178 nla_nest_end(skb, nest);
1da177e4
LT		 1179 }
1180 }
1da177e4 1181 return 0;
9cc63db5
CW		 1182
1183nla_put_failure:
1184 nla_nest_cancel(skb, nest);
1da177e4 1185 return -1;
9cc63db5
CW		 1186#else
1187 return 0;
1188#endif
1da177e4 1189}
aa767bfe 1190EXPORT_SYMBOL(tcf_exts_dump);
1da177e4 1191
aa767bfe 1192
5da57f42 1193int tcf_exts_dump_stats(struct sk_buff *skb, struct tcf_exts *exts)
1da177e4
LT		 1194{
1195#ifdef CONFIG_NET_CLS_ACT
33be6271 1196 struct tc_action *a = tcf_exts_first_act(exts);
b057df24 1197 if (a != NULL && tcf_action_copy_stats(skb, a, 1) < 0)
33be6271 1198 return -1;
1da177e4
LT		 1199#endif
1200 return 0;
1da177e4 1201}
aa767bfe 1202EXPORT_SYMBOL(tcf_exts_dump_stats);
1da177e4 1203
717503b9
JP		 1204static int tc_exts_setup_cb_egdev_call(struct tcf_exts *exts,
1205 enum tc_setup_type type,
1206 void *type_data, bool err_stop)
b3f55bdd
JP		 1207{
1208 int ok_count = 0;
1209#ifdef CONFIG_NET_CLS_ACT
1210 const struct tc_action *a;
1211 struct net_device *dev;
9d452ceb 1212 int i, ret;
b3f55bdd
JP		 1213
1214 if (!tcf_exts_has_actions(exts))
1215 return 0;
1216
9d452ceb
OG		 1217 for (i = 0; i < exts->nr_actions; i++) {
1218 a = exts->actions[i];
b3f55bdd
JP		 1219 if (!a->ops->get_dev)
1220 continue;
1221 dev = a->ops->get_dev(a);
7612fb03 1222 if (!dev)
b3f55bdd
JP		 1223 continue;
1224 ret = tc_setup_cb_egdev_call(dev, type, type_data, err_stop);
1225 if (ret < 0)
1226 return ret;
1227 ok_count += ret;
1228 }
1229#endif
1230 return ok_count;
1231}
717503b9 1232
208c0f4b
JP		 1233int tc_setup_cb_call(struct tcf_block *block, struct tcf_exts *exts,
1234 enum tc_setup_type type, void *type_data, bool err_stop)
717503b9 1235{
208c0f4b
JP		 1236 int ok_count;
1237 int ret;
1238
1239 ret = tcf_block_cb_call(block, type, type_data, err_stop);
1240 if (ret < 0)
1241 return ret;
1242 ok_count = ret;
1243
4ac3191c 1244 if (!exts || ok_count)
208c0f4b
JP		 1245 return ok_count;
1246 ret = tc_exts_setup_cb_egdev_call(exts, type, type_data, err_stop);
1247 if (ret < 0)
1248 return ret;
1249 ok_count += ret;
1250
1251 return ok_count;
717503b9
JP		 1252}
1253EXPORT_SYMBOL(tc_setup_cb_call);
b3f55bdd 1254
1da177e4
LT		 1255static int __init tc_filter_init(void)
1256{
7aa0045d
CW		 1257 tc_filter_wq = alloc_ordered_workqueue("tc_filter_workqueue", 0);
1258 if (!tc_filter_wq)
1259 return -ENOMEM;
1260
b97bac64
FW		 1261 rtnl_register(PF_UNSPEC, RTM_NEWTFILTER, tc_ctl_tfilter, NULL, 0);
1262 rtnl_register(PF_UNSPEC, RTM_DELTFILTER, tc_ctl_tfilter, NULL, 0);
82623c0d 1263 rtnl_register(PF_UNSPEC, RTM_GETTFILTER, tc_ctl_tfilter,
b97bac64 1264 tc_dump_tfilter, 0);
1da177e4 1265
1da177e4
LT		 1266 return 0;
1267}
1268
1269subsys_initcall(tc_filter_init);
ubuntu-bionic-kernel mirror