[mirror_ubuntu-artful-kernel.git] / net / sched / cls_fw.c

/*
 * net/sched/cls_fw.c	Classifier mapping ipchains' fwmark to traffic class.
 *
 *		This program is free software; you can redistribute it and/or
 *		modify it under the terms of the GNU General Public License
 *		as published by the Free Software Foundation; either version
 *		2 of the License, or (at your option) any later version.
 *
 * Authors:	Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru>
 *
 * Changes:
 * Karlis Peisenieks <karlis@mt.lv> : 990415 : fw_walk off by one
 * Karlis Peisenieks <karlis@mt.lv> : 990415 : fw_delete killed all the filter (and kernel).
 * Alex <alex@pilotsoft.com> : 2004xxyy: Added Action extension
 *
 * JHS: We should remove the CONFIG_NET_CLS_IND from here
 * eventually when the meta match extension is made available
 *
 */

#include <linux/module.h>
#include <linux/slab.h>
#include <linux/types.h>
#include <linux/kernel.h>
#include <linux/string.h>
#include <linux/errno.h>
#include <linux/skbuff.h>
#include <net/netlink.h>
#include <net/act_api.h>
#include <net/pkt_cls.h>

#define HTSIZE 256

struct fw_head {
	u32			mask;
	struct fw_filter __rcu	*ht[HTSIZE];
	struct rcu_head		rcu;
};

struct fw_filter {
	struct fw_filter __rcu	*next;
	u32			id;
	struct tcf_result	res;
#ifdef CONFIG_NET_CLS_IND
	int			ifindex;
#endif /* CONFIG_NET_CLS_IND */
	struct tcf_exts		exts;
	struct tcf_proto	*tp;
	struct rcu_head		rcu;
};

static u32 fw_hash(u32 handle)
{
	handle ^= (handle >> 16);
	handle ^= (handle >> 8);
	return handle % HTSIZE;
}

static int fw_classify(struct sk_buff *skb, const struct tcf_proto *tp,
		       struct tcf_result *res)
{
	struct fw_head *head = rcu_dereference_bh(tp->root);
	struct fw_filter *f;
	int r;
	u32 id = skb->mark;

	if (head != NULL) {
		id &= head->mask;

		for (f = rcu_dereference_bh(head->ht[fw_hash(id)]); f;
		     f = rcu_dereference_bh(f->next)) {
			if (f->id == id) {
				*res = f->res;
#ifdef CONFIG_NET_CLS_IND
				if (!tcf_match_indev(skb, f->ifindex))
					continue;
#endif /* CONFIG_NET_CLS_IND */
				r = tcf_exts_exec(skb, &f->exts, res);
				if (r < 0)
					continue;

				return r;
			}
		}
	} else {
		/* Old method: classify the packet using its skb mark. */
		if (id && (TC_H_MAJ(id) == 0 ||
			   !(TC_H_MAJ(id ^ tp->q->handle)))) {
			res->classid = id;
			res->class = 0;
			return 0;
		}
	}

	return -1;
}

static unsigned long fw_get(struct tcf_proto *tp, u32 handle)
{
	struct fw_head *head = rtnl_dereference(tp->root);
	struct fw_filter *f;

	if (head == NULL)
		return 0;

	f = rtnl_dereference(head->ht[fw_hash(handle)]);
	for (; f; f = rtnl_dereference(f->next)) {
		if (f->id == handle)
			return (unsigned long)f;
	}
	return 0;
}

static int fw_init(struct tcf_proto *tp)
{
	/* We don't allocate fw_head here, because in the old method
	 * we don't need it at all.
	 */
	return 0;
}

static void fw_delete_filter(struct rcu_head *head)
{
	struct fw_filter *f = container_of(head, struct fw_filter, rcu);

	tcf_exts_destroy(&f->exts);
	kfree(f);
}

static void fw_destroy(struct tcf_proto *tp)
{
	struct fw_head *head = rtnl_dereference(tp->root);
	struct fw_filter *f;
	int h;

	if (head == NULL)
		return;

	for (h = 0; h < HTSIZE; h++) {
		while ((f = rtnl_dereference(head->ht[h])) != NULL) {
			RCU_INIT_POINTER(head->ht[h],
					 rtnl_dereference(f->next));
			tcf_unbind_filter(tp, &f->res);
			call_rcu(&f->rcu, fw_delete_filter);
		}
	}
	kfree_rcu(head, rcu);
}

static int fw_delete(struct tcf_proto *tp, unsigned long arg, bool *last)
{
	struct fw_head *head = rtnl_dereference(tp->root);
	struct fw_filter *f = (struct fw_filter *)arg;
	struct fw_filter __rcu **fp;
	struct fw_filter *pfp;
	int ret = -EINVAL;
	int h;

	if (head == NULL || f == NULL)
		goto out;

	fp = &head->ht[fw_hash(f->id)];

	for (pfp = rtnl_dereference(*fp); pfp;
	     fp = &pfp->next, pfp = rtnl_dereference(*fp)) {
		if (pfp == f) {
			RCU_INIT_POINTER(*fp, rtnl_dereference(f->next));
			tcf_unbind_filter(tp, &f->res);
			call_rcu(&f->rcu, fw_delete_filter);
			ret = 0;
			break;
		}
	}

	*last = true;
	for (h = 0; h < HTSIZE; h++) {
		if (rcu_access_pointer(head->ht[h])) {
			*last = false;
			break;
		}
	}

out:
	return ret;
}

static const struct nla_policy fw_policy[TCA_FW_MAX + 1] = {
	[TCA_FW_CLASSID]	= { .type = NLA_U32 },
	[TCA_FW_INDEV]		= { .type = NLA_STRING, .len = IFNAMSIZ },
	[TCA_FW_MASK]		= { .type = NLA_U32 },
};

static int
fw_change_attrs(struct net *net, struct tcf_proto *tp, struct fw_filter *f,
		struct nlattr **tb, struct nlattr **tca, unsigned long base,
		bool ovr)
{
	struct fw_head *head = rtnl_dereference(tp->root);
	struct tcf_exts e;
	u32 mask;
	int err;

	err = tcf_exts_init(&e, TCA_FW_ACT, TCA_FW_POLICE);
	if (err < 0)
		return err;
	err = tcf_exts_validate(net, tp, tb, tca[TCA_RATE], &e, ovr);
	if (err < 0)
		goto errout;

	if (tb[TCA_FW_CLASSID]) {
		f->res.classid = nla_get_u32(tb[TCA_FW_CLASSID]);
		tcf_bind_filter(tp, &f->res, base);
	}

#ifdef CONFIG_NET_CLS_IND
	if (tb[TCA_FW_INDEV]) {
		int ret;
		ret = tcf_change_indev(net, tb[TCA_FW_INDEV]);
		if (ret < 0) {
			err = ret;
			goto errout;
		}
		f->ifindex = ret;
	}
#endif /* CONFIG_NET_CLS_IND */

	err = -EINVAL;
	if (tb[TCA_FW_MASK]) {
		mask = nla_get_u32(tb[TCA_FW_MASK]);
		if (mask != head->mask)
			goto errout;
	} else if (head->mask != 0xFFFFFFFF)
		goto errout;

	tcf_exts_change(tp, &f->exts, &e);

	return 0;
errout:
	tcf_exts_destroy(&e);
	return err;
}

static int fw_change(struct net *net, struct sk_buff *in_skb,
		     struct tcf_proto *tp, unsigned long base,
		     u32 handle, struct nlattr **tca, unsigned long *arg,
		     bool ovr)
{
	struct fw_head *head = rtnl_dereference(tp->root);
	struct fw_filter *f = (struct fw_filter *) *arg;
	struct nlattr *opt = tca[TCA_OPTIONS];
	struct nlattr *tb[TCA_FW_MAX + 1];
	int err;

	if (!opt)
		return handle ? -EINVAL : 0; /* Succeed if it is old method. */

	err = nla_parse_nested(tb, TCA_FW_MAX, opt, fw_policy, NULL);
	if (err < 0)
		return err;

	if (f) {
		struct fw_filter *pfp, *fnew;
		struct fw_filter __rcu **fp;

		if (f->id != handle && handle)
			return -EINVAL;

		fnew = kzalloc(sizeof(struct fw_filter), GFP_KERNEL);
		if (!fnew)
			return -ENOBUFS;

		fnew->id = f->id;
		fnew->res = f->res;
#ifdef CONFIG_NET_CLS_IND
		fnew->ifindex = f->ifindex;
#endif /* CONFIG_NET_CLS_IND */
		fnew->tp = f->tp;

		err = tcf_exts_init(&fnew->exts, TCA_FW_ACT, TCA_FW_POLICE);
		if (err < 0) {
			kfree(fnew);
			return err;
		}

		err = fw_change_attrs(net, tp, fnew, tb, tca, base, ovr);
		if (err < 0) {
			tcf_exts_destroy(&fnew->exts);
			kfree(fnew);
			return err;
		}

		fp = &head->ht[fw_hash(fnew->id)];
		for (pfp = rtnl_dereference(*fp); pfp;
		     fp = &pfp->next, pfp = rtnl_dereference(*fp))
			if (pfp == f)
				break;

		RCU_INIT_POINTER(fnew->next, rtnl_dereference(pfp->next));
		rcu_assign_pointer(*fp, fnew);
		tcf_unbind_filter(tp, &f->res);
		call_rcu(&f->rcu, fw_delete_filter);

		*arg = (unsigned long)fnew;
		return err;
	}

	if (!handle)
		return -EINVAL;

	if (!head) {
		u32 mask = 0xFFFFFFFF;
		if (tb[TCA_FW_MASK])
			mask = nla_get_u32(tb[TCA_FW_MASK]);

		head = kzalloc(sizeof(*head), GFP_KERNEL);
		if (!head)
			return -ENOBUFS;
		head->mask = mask;

		rcu_assign_pointer(tp->root, head);
	}

	f = kzalloc(sizeof(struct fw_filter), GFP_KERNEL);
	if (f == NULL)
		return -ENOBUFS;

	err = tcf_exts_init(&f->exts, TCA_FW_ACT, TCA_FW_POLICE);
	if (err < 0)
		goto errout;
	f->id = handle;
	f->tp = tp;

	err = fw_change_attrs(net, tp, f, tb, tca, base, ovr);
	if (err < 0)
		goto errout;

	RCU_INIT_POINTER(f->next, head->ht[fw_hash(handle)]);
	rcu_assign_pointer(head->ht[fw_hash(handle)], f);

	*arg = (unsigned long)f;
	return 0;

errout:
	tcf_exts_destroy(&f->exts);
	kfree(f);
	return err;
}

static void fw_walk(struct tcf_proto *tp, struct tcf_walker *arg)
{
	struct fw_head *head = rtnl_dereference(tp->root);
	int h;

	if (head == NULL)
		arg->stop = 1;

	if (arg->stop)
		return;

	for (h = 0; h < HTSIZE; h++) {
		struct fw_filter *f;

		for (f = rtnl_dereference(head->ht[h]); f;
		     f = rtnl_dereference(f->next)) {
			if (arg->count < arg->skip) {
				arg->count++;
				continue;
			}
			if (arg->fn(tp, (unsigned long)f, arg) < 0) {
				arg->stop = 1;
				return;
			}
			arg->count++;
		}
	}
}

static int fw_dump(struct net *net, struct tcf_proto *tp, unsigned long fh,
		   struct sk_buff *skb, struct tcmsg *t)
{
	struct fw_head *head = rtnl_dereference(tp->root);
	struct fw_filter *f = (struct fw_filter *)fh;
	struct nlattr *nest;

	if (f == NULL)
		return skb->len;

	t->tcm_handle = f->id;

	if (!f->res.classid && !tcf_exts_is_available(&f->exts))
		return skb->len;

	nest = nla_nest_start(skb, TCA_OPTIONS);
	if (nest == NULL)
		goto nla_put_failure;

	if (f->res.classid &&
	    nla_put_u32(skb, TCA_FW_CLASSID, f->res.classid))
		goto nla_put_failure;
#ifdef CONFIG_NET_CLS_IND
	if (f->ifindex) {
		struct net_device *dev;
		dev = __dev_get_by_index(net, f->ifindex);
		if (dev && nla_put_string(skb, TCA_FW_INDEV, dev->name))
			goto nla_put_failure;
	}
#endif /* CONFIG_NET_CLS_IND */
	if (head->mask != 0xFFFFFFFF &&
	    nla_put_u32(skb, TCA_FW_MASK, head->mask))
		goto nla_put_failure;

	if (tcf_exts_dump(skb, &f->exts) < 0)
		goto nla_put_failure;

	nla_nest_end(skb, nest);

	if (tcf_exts_dump_stats(skb, &f->exts) < 0)
		goto nla_put_failure;

	return skb->len;

nla_put_failure:
	nla_nest_cancel(skb, nest);
	return -1;
}

static struct tcf_proto_ops cls_fw_ops __read_mostly = {
	.kind		=	"fw",
	.classify	=	fw_classify,
	.init		=	fw_init,
	.destroy	=	fw_destroy,
	.get		=	fw_get,
	.change		=	fw_change,
	.delete		=	fw_delete,
	.walk		=	fw_walk,
	.dump		=	fw_dump,
	.owner		=	THIS_MODULE,
};

static int __init init_fw(void)
{
	return register_tcf_proto_ops(&cls_fw_ops);
}

static void __exit exit_fw(void)
{
	unregister_tcf_proto_ops(&cls_fw_ops);
}

module_init(init_fw)
module_exit(exit_fw)
MODULE_LICENSE("GPL");
Commit	Line	Data
1da177e4 LT	1	/*
	2	* net/sched/cls_fw.c Classifier mapping ipchains' fwmark to traffic class.
	3	*
	4	* This program is free software; you can redistribute it and/or
	5	* modify it under the terms of the GNU General Public License
	6	* as published by the Free Software Foundation; either version
	7	* 2 of the License, or (at your option) any later version.
	8	*
	9	* Authors: Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru>
	10	*
	11	* Changes:
	12	* Karlis Peisenieks <karlis@mt.lv> : 990415 : fw_walk off by one
	13	* Karlis Peisenieks <karlis@mt.lv> : 990415 : fw_delete killed all the filter (and kernel).
	14	* Alex <alex@pilotsoft.com> : 2004xxyy: Added Action extension
	15	*
	16	* JHS: We should remove the CONFIG_NET_CLS_IND from here
	17	* eventually when the meta match extension is made available
	18	*
	19	*/
	20
1da177e4	21	#include <linux/module.h>
5a0e3ad6	22	#include <linux/slab.h>
1da177e4 LT	23	#include <linux/types.h>
1da177e4 LT	24	#include <linux/kernel.h>
1da177e4	25	#include <linux/string.h>
1da177e4	26	#include <linux/errno.h>
1da177e4	27	#include <linux/skbuff.h>
0ba48053	28	#include <net/netlink.h>
1da177e4 LT	29	#include <net/act_api.h>
	30	#include <net/pkt_cls.h>
	31
d37d8ac1	32	#define HTSIZE 256
c5c13faf	33
cc7ec456	34	struct fw_head {
d37d8ac1	35	u32 mask;
e35a8ee5 JF	36	struct fw_filter __rcu *ht[HTSIZE];
e35a8ee5 JF	37	struct rcu_head rcu;
1da177e4 LT	38	};
1da177e4 LT	39
cc7ec456	40	struct fw_filter {
e35a8ee5	41	struct fw_filter __rcu *next;
1da177e4 LT	42	u32 id;
	43	struct tcf_result res;
	44	#ifdef CONFIG_NET_CLS_IND
2519a602	45	int ifindex;
1da177e4 LT	46	#endif /* CONFIG_NET_CLS_IND */
1da177e4 LT	47	struct tcf_exts exts;
e35a8ee5 JF	48	struct tcf_proto *tp;
e35a8ee5 JF	49	struct rcu_head rcu;
1da177e4 LT	50	};
1da177e4 LT	51
d37d8ac1	52	static u32 fw_hash(u32 handle)
1da177e4	53	{
d37d8ac1 ED	54	handle ^= (handle >> 16);
	55	handle ^= (handle >> 8);
	56	return handle % HTSIZE;
1da177e4 LT	57	}
1da177e4 LT	58
dc7f9f6e	59	static int fw_classify(struct sk_buff skb, const struct tcf_proto tp,
5a7a5555	60	struct tcf_result *res)
1da177e4	61	{
e35a8ee5	62	struct fw_head *head = rcu_dereference_bh(tp->root);
1da177e4 LT	63	struct fw_filter *f;
1da177e4 LT	64	int r;
5c804bfd	65	u32 id = skb->mark;
1da177e4 LT	66
1da177e4 LT	67	if (head != NULL) {
5c804bfd	68	id &= head->mask;
e35a8ee5 JF	69
	70	for (f = rcu_dereference_bh(head->ht[fw_hash(id)]); f;
	71	f = rcu_dereference_bh(f->next)) {
1da177e4 LT	72	if (f->id == id) {
	73	*res = f->res;
	74	#ifdef CONFIG_NET_CLS_IND
2519a602	75	if (!tcf_match_indev(skb, f->ifindex))
1da177e4 LT	76	continue;
	77	#endif /* CONFIG_NET_CLS_IND */
	78	r = tcf_exts_exec(skb, &f->exts, res);
	79	if (r < 0)
	80	continue;
	81
	82	return r;
	83	}
	84	}
	85	} else {
d8aecb10	86	/* Old method: classify the packet using its skb mark. */
cc7ec456 ED	87	if (id && (TC_H_MAJ(id) == 0 \|\|
cc7ec456 ED	88	!(TC_H_MAJ(id ^ tp->q->handle)))) {
1da177e4 LT	89	res->classid = id;
	90	res->class = 0;
	91	return 0;
	92	}
	93	}
	94
	95	return -1;
	96	}
	97
	98	static unsigned long fw_get(struct tcf_proto *tp, u32 handle)
	99	{
e35a8ee5	100	struct fw_head *head = rtnl_dereference(tp->root);
1da177e4 LT	101	struct fw_filter *f;
	102
	103	if (head == NULL)
	104	return 0;
	105
e35a8ee5 JF	106	f = rtnl_dereference(head->ht[fw_hash(handle)]);
e35a8ee5 JF	107	for (; f; f = rtnl_dereference(f->next)) {
1da177e4 LT	108	if (f->id == handle)
	109	return (unsigned long)f;
	110	}
	111	return 0;
	112	}
	113
1da177e4 LT	114	static int fw_init(struct tcf_proto *tp)
1da177e4 LT	115	{
d8aecb10 WC	116	/* We don't allocate fw_head here, because in the old method
	117	* we don't need it at all.
	118	*/
1da177e4 LT	119	return 0;
	120	}
	121
e35a8ee5	122	static void fw_delete_filter(struct rcu_head *head)
1da177e4	123	{
e35a8ee5	124	struct fw_filter *f = container_of(head, struct fw_filter, rcu);
e35a8ee5	125
18d0264f	126	tcf_exts_destroy(&f->exts);
1da177e4 LT	127	kfree(f);
	128	}
	129
763dbf63	130	static void fw_destroy(struct tcf_proto *tp)
1da177e4	131	{
e35a8ee5	132	struct fw_head *head = rtnl_dereference(tp->root);
1da177e4 LT	133	struct fw_filter *f;
	134	int h;
	135
	136	if (head == NULL)
763dbf63	137	return;
1da177e4	138
cc7ec456	139	for (h = 0; h < HTSIZE; h++) {
e35a8ee5 JF	140	while ((f = rtnl_dereference(head->ht[h])) != NULL) {
	141	RCU_INIT_POINTER(head->ht[h],
	142	rtnl_dereference(f->next));
18cdb37e	143	tcf_unbind_filter(tp, &f->res);
e35a8ee5	144	call_rcu(&f->rcu, fw_delete_filter);
1da177e4 LT	145	}
1da177e4 LT	146	}
e35a8ee5	147	kfree_rcu(head, rcu);
1da177e4 LT	148	}
1da177e4 LT	149
763dbf63	150	static int fw_delete(struct tcf_proto tp, unsigned long arg, bool last)
1da177e4	151	{
e35a8ee5	152	struct fw_head *head = rtnl_dereference(tp->root);
cc7ec456	153	struct fw_filter f = (struct fw_filter )arg;
e35a8ee5 JF	154	struct fw_filter __rcu **fp;
e35a8ee5 JF	155	struct fw_filter *pfp;
763dbf63 WC	156	int ret = -EINVAL;
763dbf63 WC	157	int h;
1da177e4 LT	158
	159	if (head == NULL \|\| f == NULL)
	160	goto out;
	161
e35a8ee5 JF	162	fp = &head->ht[fw_hash(f->id)];
	163
	164	for (pfp = rtnl_dereference(*fp); pfp;
	165	fp = &pfp->next, pfp = rtnl_dereference(*fp)) {
	166	if (pfp == f) {
	167	RCU_INIT_POINTER(*fp, rtnl_dereference(f->next));
18cdb37e	168	tcf_unbind_filter(tp, &f->res);
e35a8ee5	169	call_rcu(&f->rcu, fw_delete_filter);
763dbf63 WC	170	ret = 0;
763dbf63 WC	171	break;
1da177e4 LT	172	}
1da177e4 LT	173	}
763dbf63 WC	174
	175	*last = true;
	176	for (h = 0; h < HTSIZE; h++) {
	177	if (rcu_access_pointer(head->ht[h])) {
	178	*last = false;
	179	break;
	180	}
	181	}
	182
1da177e4	183	out:
763dbf63	184	return ret;
1da177e4 LT	185	}
1da177e4 LT	186
6fa8c014 PM	187	static const struct nla_policy fw_policy[TCA_FW_MAX + 1] = {
	188	[TCA_FW_CLASSID] = { .type = NLA_U32 },
	189	[TCA_FW_INDEV] = { .type = NLA_STRING, .len = IFNAMSIZ },
	190	[TCA_FW_MASK] = { .type = NLA_U32 },
	191	};
	192
1da177e4	193	static int
c1b52739	194	fw_change_attrs(struct net net, struct tcf_proto tp, struct fw_filter *f,
5a7a5555 JHS	195	struct nlattr tb, struct nlattr tca, unsigned long base,
5a7a5555 JHS	196	bool ovr)
1da177e4	197	{
e35a8ee5	198	struct fw_head *head = rtnl_dereference(tp->root);
1da177e4	199	struct tcf_exts e;
b4e9b520	200	u32 mask;
1da177e4 LT	201	int err;
1da177e4 LT	202
b9a24bb7	203	err = tcf_exts_init(&e, TCA_FW_ACT, TCA_FW_POLICE);
1da177e4 LT	204	if (err < 0)
1da177e4 LT	205	return err;
b9a24bb7 WC	206	err = tcf_exts_validate(net, tp, tb, tca[TCA_RATE], &e, ovr);
	207	if (err < 0)
	208	goto errout;
1da177e4	209
add93b61	210	if (tb[TCA_FW_CLASSID]) {
1587bac4	211	f->res.classid = nla_get_u32(tb[TCA_FW_CLASSID]);
1da177e4 LT	212	tcf_bind_filter(tp, &f->res, base);
	213	}
	214
	215	#ifdef CONFIG_NET_CLS_IND
add93b61	216	if (tb[TCA_FW_INDEV]) {
2519a602 WC	217	int ret;
2519a602 WC	218	ret = tcf_change_indev(net, tb[TCA_FW_INDEV]);
722e47d7 WY	219	if (ret < 0) {
722e47d7 WY	220	err = ret;
1da177e4	221	goto errout;
722e47d7	222	}
2519a602	223	f->ifindex = ret;
1da177e4 LT	224	}
	225	#endif /* CONFIG_NET_CLS_IND */
	226
cb95ec62	227	err = -EINVAL;
add93b61	228	if (tb[TCA_FW_MASK]) {
1587bac4	229	mask = nla_get_u32(tb[TCA_FW_MASK]);
b4e9b520 PM	230	if (mask != head->mask)
	231	goto errout;
	232	} else if (head->mask != 0xFFFFFFFF)
	233	goto errout;
	234
1da177e4 LT	235	tcf_exts_change(tp, &f->exts, &e);
	236
	237	return 0;
	238	errout:
18d0264f	239	tcf_exts_destroy(&e);
1da177e4 LT	240	return err;
	241	}
	242
c1b52739	243	static int fw_change(struct net net, struct sk_buff in_skb,
af4c6641	244	struct tcf_proto *tp, unsigned long base,
5a7a5555 JHS	245	u32 handle, struct nlattr *tca, unsigned long arg,
5a7a5555 JHS	246	bool ovr)
1da177e4	247	{
e35a8ee5	248	struct fw_head *head = rtnl_dereference(tp->root);
1da177e4	249	struct fw_filter f = (struct fw_filter ) *arg;
add93b61 PM	250	struct nlattr *opt = tca[TCA_OPTIONS];
add93b61 PM	251	struct nlattr *tb[TCA_FW_MAX + 1];
1da177e4 LT	252	int err;
	253
	254	if (!opt)
d8aecb10	255	return handle ? -EINVAL : 0; /* Succeed if it is old method. */
1da177e4	256
fceb6435	257	err = nla_parse_nested(tb, TCA_FW_MAX, opt, fw_policy, NULL);
cee63723 PM	258	if (err < 0)
cee63723 PM	259	return err;
1da177e4	260
e35a8ee5 JF	261	if (f) {
	262	struct fw_filter pfp, fnew;
	263	struct fw_filter __rcu **fp;
	264
1da177e4 LT	265	if (f->id != handle && handle)
1da177e4 LT	266	return -EINVAL;
e35a8ee5 JF	267
	268	fnew = kzalloc(sizeof(struct fw_filter), GFP_KERNEL);
	269	if (!fnew)
	270	return -ENOBUFS;
	271
	272	fnew->id = f->id;
	273	fnew->res = f->res;
	274	#ifdef CONFIG_NET_CLS_IND
	275	fnew->ifindex = f->ifindex;
	276	#endif /* CONFIG_NET_CLS_IND */
	277	fnew->tp = f->tp;
	278
b9a24bb7 WC	279	err = tcf_exts_init(&fnew->exts, TCA_FW_ACT, TCA_FW_POLICE);
	280	if (err < 0) {
	281	kfree(fnew);
	282	return err;
	283	}
e1f93eb0	284
e35a8ee5 JF	285	err = fw_change_attrs(net, tp, fnew, tb, tca, base, ovr);
e35a8ee5 JF	286	if (err < 0) {
b9a24bb7	287	tcf_exts_destroy(&fnew->exts);
e35a8ee5 JF	288	kfree(fnew);
	289	return err;
	290	}
	291
	292	fp = &head->ht[fw_hash(fnew->id)];
	293	for (pfp = rtnl_dereference(*fp); pfp;
	294	fp = &pfp->next, pfp = rtnl_dereference(*fp))
	295	if (pfp == f)
	296	break;
	297
	298	RCU_INIT_POINTER(fnew->next, rtnl_dereference(pfp->next));
	299	rcu_assign_pointer(*fp, fnew);
18cdb37e	300	tcf_unbind_filter(tp, &f->res);
e35a8ee5 JF	301	call_rcu(&f->rcu, fw_delete_filter);
	302
	303	*arg = (unsigned long)fnew;
	304	return err;
1da177e4 LT	305	}
	306
	307	if (!handle)
	308	return -EINVAL;
	309
d8aecb10 WC	310	if (!head) {
d8aecb10 WC	311	u32 mask = 0xFFFFFFFF;
6fa8c014	312	if (tb[TCA_FW_MASK])
d8aecb10 WC	313	mask = nla_get_u32(tb[TCA_FW_MASK]);
	314
	315	head = kzalloc(sizeof(*head), GFP_KERNEL);
	316	if (!head)
	317	return -ENOBUFS;
	318	head->mask = mask;
	319
	320	rcu_assign_pointer(tp->root, head);
1da177e4 LT	321	}
1da177e4 LT	322
0da974f4	323	f = kzalloc(sizeof(struct fw_filter), GFP_KERNEL);
1da177e4 LT	324	if (f == NULL)
1da177e4 LT	325	return -ENOBUFS;
1da177e4	326
b9a24bb7 WC	327	err = tcf_exts_init(&f->exts, TCA_FW_ACT, TCA_FW_POLICE);
	328	if (err < 0)
	329	goto errout;
1da177e4	330	f->id = handle;
e35a8ee5	331	f->tp = tp;
1da177e4	332
2f7ef2f8	333	err = fw_change_attrs(net, tp, f, tb, tca, base, ovr);
1da177e4 LT	334	if (err < 0)
	335	goto errout;
	336
e35a8ee5 JF	337	RCU_INIT_POINTER(f->next, head->ht[fw_hash(handle)]);
e35a8ee5 JF	338	rcu_assign_pointer(head->ht[fw_hash(handle)], f);
1da177e4 LT	339
	340	*arg = (unsigned long)f;
	341	return 0;
	342
	343	errout:
b9a24bb7	344	tcf_exts_destroy(&f->exts);
a51482bd	345	kfree(f);
1da177e4 LT	346	return err;
	347	}
	348
	349	static void fw_walk(struct tcf_proto tp, struct tcf_walker arg)
	350	{
e35a8ee5	351	struct fw_head *head = rtnl_dereference(tp->root);
1da177e4 LT	352	int h;
	353
	354	if (head == NULL)
	355	arg->stop = 1;
	356
	357	if (arg->stop)
	358	return;
	359
c5c13faf	360	for (h = 0; h < HTSIZE; h++) {
1da177e4 LT	361	struct fw_filter *f;
1da177e4 LT	362
e35a8ee5 JF	363	for (f = rtnl_dereference(head->ht[h]); f;
e35a8ee5 JF	364	f = rtnl_dereference(f->next)) {
1da177e4 LT	365	if (arg->count < arg->skip) {
	366	arg->count++;
	367	continue;
	368	}
	369	if (arg->fn(tp, (unsigned long)f, arg) < 0) {
	370	arg->stop = 1;
	371	return;
	372	}
	373	arg->count++;
	374	}
	375	}
	376	}
	377
832d1d5b	378	static int fw_dump(struct net net, struct tcf_proto tp, unsigned long fh,
1da177e4 LT	379	struct sk_buff skb, struct tcmsg t)
1da177e4 LT	380	{
e35a8ee5	381	struct fw_head *head = rtnl_dereference(tp->root);
cc7ec456	382	struct fw_filter f = (struct fw_filter )fh;
4b3550ef	383	struct nlattr *nest;
1da177e4 LT	384
	385	if (f == NULL)
	386	return skb->len;
	387
	388	t->tcm_handle = f->id;
	389
	390	if (!f->res.classid && !tcf_exts_is_available(&f->exts))
	391	return skb->len;
	392
4b3550ef PM	393	nest = nla_nest_start(skb, TCA_OPTIONS);
	394	if (nest == NULL)
	395	goto nla_put_failure;
1da177e4	396
1b34ec43 DM	397	if (f->res.classid &&
	398	nla_put_u32(skb, TCA_FW_CLASSID, f->res.classid))
	399	goto nla_put_failure;
1da177e4	400	#ifdef CONFIG_NET_CLS_IND
2519a602 WC	401	if (f->ifindex) {
	402	struct net_device *dev;
	403	dev = __dev_get_by_index(net, f->ifindex);
	404	if (dev && nla_put_string(skb, TCA_FW_INDEV, dev->name))
	405	goto nla_put_failure;
	406	}
1da177e4	407	#endif /* CONFIG_NET_CLS_IND */
1b34ec43 DM	408	if (head->mask != 0xFFFFFFFF &&
	409	nla_put_u32(skb, TCA_FW_MASK, head->mask))
	410	goto nla_put_failure;
1da177e4	411
5da57f42	412	if (tcf_exts_dump(skb, &f->exts) < 0)
add93b61	413	goto nla_put_failure;
1da177e4	414
4b3550ef	415	nla_nest_end(skb, nest);
1da177e4	416
5da57f42	417	if (tcf_exts_dump_stats(skb, &f->exts) < 0)
add93b61	418	goto nla_put_failure;
1da177e4 LT	419
	420	return skb->len;
	421
add93b61	422	nla_put_failure:
6ea3b446	423	nla_nest_cancel(skb, nest);
1da177e4 LT	424	return -1;
	425	}
	426
2eb9d75c	427	static struct tcf_proto_ops cls_fw_ops __read_mostly = {
1da177e4 LT	428	.kind = "fw",
	429	.classify = fw_classify,
	430	.init = fw_init,
	431	.destroy = fw_destroy,
	432	.get = fw_get,
1da177e4 LT	433	.change = fw_change,
	434	.delete = fw_delete,
	435	.walk = fw_walk,
	436	.dump = fw_dump,
	437	.owner = THIS_MODULE,
	438	};
	439
	440	static int __init init_fw(void)
	441	{
	442	return register_tcf_proto_ops(&cls_fw_ops);
	443	}
	444
10297b99	445	static void __exit exit_fw(void)
1da177e4 LT	446	{
	447	unregister_tcf_proto_ops(&cls_fw_ops);
	448	}
	449
	450	module_init(init_fw)
	451	module_exit(exit_fw)
	452	MODULE_LICENSE("GPL");